From f66f7669eb047e75fa8c856d48b8e9e774f05cff Mon Sep 17 00:00:00 2001 From: ShahafBenYakir Date: Tue, 20 Jul 2021 20:48:18 +0300 Subject: [PATCH 001/173] Updated deprecation description. From 8d0f9ef3fdec72ab450910e278a491e85e3e0f7e Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Mon, 23 Aug 2021 15:42:58 +0300 Subject: [PATCH 002/173] [Marketplace Contribution] SplunkCIMFields (#14484) * "pack contribution initial commit" (#14439) * change the scrpt according to the contributor * change the scrpt according to the contributor Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: cshayner --- Packs/SplunkCIMFields/.pack-ignore | 0 Packs/SplunkCIMFields/.secrets-ignore | 0 Packs/SplunkCIMFields/README.md | 0 .../Scripts/SplunkCIMFields/Pipfile | 23 + .../Scripts/SplunkCIMFields/Pipfile.lock | 485 ++++++++++++++++++ .../Scripts/SplunkCIMFields/README.md | 21 + .../SplunkCIMFields/SplunkCIMFields.py | 20 + .../SplunkCIMFields/SplunkCIMFields.yml | 29 ++ Packs/SplunkCIMFields/pack_metadata.json | 17 + 9 files changed, 595 insertions(+) create mode 100644 Packs/SplunkCIMFields/.pack-ignore create mode 100644 Packs/SplunkCIMFields/.secrets-ignore create mode 100644 Packs/SplunkCIMFields/README.md create mode 100644 Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile create mode 100644 Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile.lock create mode 100644 Packs/SplunkCIMFields/Scripts/SplunkCIMFields/README.md create mode 100644 Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.py create mode 100644 Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.yml create mode 100644 Packs/SplunkCIMFields/pack_metadata.json diff --git a/Packs/SplunkCIMFields/.pack-ignore b/Packs/SplunkCIMFields/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/SplunkCIMFields/.secrets-ignore b/Packs/SplunkCIMFields/.secrets-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/SplunkCIMFields/README.md b/Packs/SplunkCIMFields/README.md new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile new file mode 100644 index 000000000000..823ff3a0b49e --- /dev/null +++ b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile @@ -0,0 +1,23 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] +pylint = "*" +pytest = "*" +pytest-mock = "*" +requests-mock = "*" +pytest-asyncio = "*" +pytest-xdist = "*" +pytest-datadir-ng = "*" +freezegun = "*" +pytest-json = "*" +vcrpy = "*" +pytest-cov = "*" +hypothesis = "*" + +[packages] + +[requires] +python_version = "3.9" diff --git a/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile.lock b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile.lock new file mode 100644 index 000000000000..df869d5a58eb --- /dev/null +++ b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/Pipfile.lock @@ -0,0 +1,485 @@ +{ + "_meta": { + "hash": { + "sha256": "0d83517f12d2486ddcc3c59edac8cdb73e0e29f1a5a7d12386ad86b5402b6c37" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.9" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": {}, + "develop": { + "astroid": { + "hashes": [ + "sha256:4db03ab5fc3340cf619dbc25e42c2cc3755154ce6009469766d7143d1fc2ee4e", + "sha256:8a398dfce302c13f14bab13e2b14fe385d32b73f4e4853b9bdfb64598baa1975" + ], + "markers": "python_version ~= '3.6'", + "version": "==2.5.6" + }, + "attrs": { + "hashes": [ + "sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1", + "sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==21.2.0" + }, + "certifi": { + "hashes": [ + "sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee", + "sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8" + ], + "version": "==2021.5.30" + }, + "chardet": { + "hashes": [ + "sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa", + "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==4.0.0" + }, + "coverage": { + "hashes": [ + "sha256:004d1880bed2d97151facef49f08e255a20ceb6f9432df75f4eef018fdd5a78c", + "sha256:01d84219b5cdbfc8122223b39a954820929497a1cb1422824bb86b07b74594b6", + "sha256:040af6c32813fa3eae5305d53f18875bedd079960822ef8ec067a66dd8afcd45", + "sha256:06191eb60f8d8a5bc046f3799f8a07a2d7aefb9504b0209aff0b47298333302a", + "sha256:13034c4409db851670bc9acd836243aeee299949bd5673e11844befcb0149f03", + "sha256:13c4ee887eca0f4c5a247b75398d4114c37882658300e153113dafb1d76de529", + "sha256:184a47bbe0aa6400ed2d41d8e9ed868b8205046518c52464fde713ea06e3a74a", + "sha256:18ba8bbede96a2c3dde7b868de9dcbd55670690af0988713f0603f037848418a", + "sha256:1aa846f56c3d49205c952d8318e76ccc2ae23303351d9270ab220004c580cfe2", + "sha256:217658ec7187497e3f3ebd901afdca1af062b42cfe3e0dafea4cced3983739f6", + "sha256:24d4a7de75446be83244eabbff746d66b9240ae020ced65d060815fac3423759", + "sha256:2910f4d36a6a9b4214bb7038d537f015346f413a975d57ca6b43bf23d6563b53", + "sha256:2949cad1c5208b8298d5686d5a85b66aae46d73eec2c3e08c817dd3513e5848a", + "sha256:2a3859cb82dcbda1cfd3e6f71c27081d18aa251d20a17d87d26d4cd216fb0af4", + "sha256:2cafbbb3af0733db200c9b5f798d18953b1a304d3f86a938367de1567f4b5bff", + "sha256:2e0d881ad471768bf6e6c2bf905d183543f10098e3b3640fc029509530091502", + "sha256:30c77c1dc9f253283e34c27935fded5015f7d1abe83bc7821680ac444eaf7793", + "sha256:3487286bc29a5aa4b93a072e9592f22254291ce96a9fbc5251f566b6b7343cdb", + "sha256:372da284cfd642d8e08ef606917846fa2ee350f64994bebfbd3afb0040436905", + "sha256:41179b8a845742d1eb60449bdb2992196e211341818565abded11cfa90efb821", + "sha256:44d654437b8ddd9eee7d1eaee28b7219bec228520ff809af170488fd2fed3e2b", + "sha256:4a7697d8cb0f27399b0e393c0b90f0f1e40c82023ea4d45d22bce7032a5d7b81", + "sha256:51cb9476a3987c8967ebab3f0fe144819781fca264f57f89760037a2ea191cb0", + "sha256:52596d3d0e8bdf3af43db3e9ba8dcdaac724ba7b5ca3f6358529d56f7a166f8b", + "sha256:53194af30d5bad77fcba80e23a1441c71abfb3e01192034f8246e0d8f99528f3", + "sha256:5fec2d43a2cc6965edc0bb9e83e1e4b557f76f843a77a2496cbe719583ce8184", + "sha256:6c90e11318f0d3c436a42409f2749ee1a115cd8b067d7f14c148f1ce5574d701", + "sha256:74d881fc777ebb11c63736622b60cb9e4aee5cace591ce274fb69e582a12a61a", + "sha256:7501140f755b725495941b43347ba8a2777407fc7f250d4f5a7d2a1050ba8e82", + "sha256:796c9c3c79747146ebd278dbe1e5c5c05dd6b10cc3bcb8389dfdf844f3ead638", + "sha256:869a64f53488f40fa5b5b9dcb9e9b2962a66a87dab37790f3fcfb5144b996ef5", + "sha256:8963a499849a1fc54b35b1c9f162f4108017b2e6db2c46c1bed93a72262ed083", + "sha256:8d0a0725ad7c1a0bcd8d1b437e191107d457e2ec1084b9f190630a4fb1af78e6", + "sha256:900fbf7759501bc7807fd6638c947d7a831fc9fdf742dc10f02956ff7220fa90", + "sha256:92b017ce34b68a7d67bd6d117e6d443a9bf63a2ecf8567bb3d8c6c7bc5014465", + "sha256:970284a88b99673ccb2e4e334cfb38a10aab7cd44f7457564d11898a74b62d0a", + "sha256:972c85d205b51e30e59525694670de6a8a89691186012535f9d7dbaa230e42c3", + "sha256:9a1ef3b66e38ef8618ce5fdc7bea3d9f45f3624e2a66295eea5e57966c85909e", + "sha256:af0e781009aaf59e25c5a678122391cb0f345ac0ec272c7961dc5455e1c40066", + "sha256:b6d534e4b2ab35c9f93f46229363e17f63c53ad01330df9f2d6bd1187e5eaacf", + "sha256:b7895207b4c843c76a25ab8c1e866261bcfe27bfaa20c192de5190121770672b", + "sha256:c0891a6a97b09c1f3e073a890514d5012eb256845c451bd48f7968ef939bf4ae", + "sha256:c2723d347ab06e7ddad1a58b2a821218239249a9e4365eaff6649d31180c1669", + "sha256:d1f8bf7b90ba55699b3a5e44930e93ff0189aa27186e96071fac7dd0d06a1873", + "sha256:d1f9ce122f83b2305592c11d64f181b87153fc2c2bbd3bb4a3dde8303cfb1a6b", + "sha256:d314ed732c25d29775e84a960c3c60808b682c08d86602ec2c3008e1202e3bb6", + "sha256:d636598c8305e1f90b439dbf4f66437de4a5e3c31fdf47ad29542478c8508bbb", + "sha256:deee1077aae10d8fa88cb02c845cfba9b62c55e1183f52f6ae6a2df6a2187160", + "sha256:ebe78fe9a0e874362175b02371bdfbee64d8edc42a044253ddf4ee7d3c15212c", + "sha256:f030f8873312a16414c0d8e1a1ddff2d3235655a2174e3648b4fa66b3f2f1079", + "sha256:f0b278ce10936db1a37e6954e15a3730bea96a0997c26d7fee88e6c396c2086d", + "sha256:f11642dddbb0253cc8853254301b51390ba0081750a8ac03f20ea8103f0c56b6" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", + "version": "==5.5" + }, + "execnet": { + "hashes": [ + "sha256:8f694f3ba9cc92cab508b152dcfe322153975c29bda272e2fd7f3f00f36e47c5", + "sha256:a295f7cc774947aac58dde7fdc85f4aa00c42adf5d8f5468fc630c1acf30a142" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==1.9.0" + }, + "freezegun": { + "hashes": [ + "sha256:177f9dd59861d871e27a484c3332f35a6e3f5d14626f2bf91be37891f18927f3", + "sha256:2ae695f7eb96c62529f03a038461afe3c692db3465e215355e1bb4b0ab408712" + ], + "index": "pypi", + "version": "==1.1.0" + }, + "hypothesis": { + "hashes": [ + "sha256:27aa2af763af06b8b61ce65c09626cf1da6d3a6ff155900f3c581837b453313a", + "sha256:9bdee01ae260329b16117e9b0229a839b4a77747a985922653f595bd2a6a541a" + ], + "index": "pypi", + "version": "==6.14.0" + }, + "idna": { + "hashes": [ + "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6", + "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.10" + }, + "iniconfig": { + "hashes": [ + "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3", + "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32" + ], + "version": "==1.1.1" + }, + "isort": { + "hashes": [ + "sha256:83510593e07e433b77bd5bff0f6f607dbafa06d1a89022616f02d8b699cfcd56", + "sha256:8e2c107091cfec7286bc0f68a547d0ba4c094d460b732075b6fba674f1035c0c" + ], + "markers": "python_version < '4' and python_full_version >= '3.6.1'", + "version": "==5.9.1" + }, + "lazy-object-proxy": { + "hashes": [ + "sha256:17e0967ba374fc24141738c69736da90e94419338fd4c7c7bef01ee26b339653", + "sha256:1fee665d2638491f4d6e55bd483e15ef21f6c8c2095f235fef72601021e64f61", + "sha256:22ddd618cefe54305df49e4c069fa65715be4ad0e78e8d252a33debf00f6ede2", + "sha256:24a5045889cc2729033b3e604d496c2b6f588c754f7a62027ad4437a7ecc4837", + "sha256:410283732af311b51b837894fa2f24f2c0039aa7f220135192b38fcc42bd43d3", + "sha256:4732c765372bd78a2d6b2150a6e99d00a78ec963375f236979c0626b97ed8e43", + "sha256:489000d368377571c6f982fba6497f2aa13c6d1facc40660963da62f5c379726", + "sha256:4f60460e9f1eb632584c9685bccea152f4ac2130e299784dbaf9fae9f49891b3", + "sha256:5743a5ab42ae40caa8421b320ebf3a998f89c85cdc8376d6b2e00bd12bd1b587", + "sha256:85fb7608121fd5621cc4377a8961d0b32ccf84a7285b4f1d21988b2eae2868e8", + "sha256:9698110e36e2df951c7c36b6729e96429c9c32b3331989ef19976592c5f3c77a", + "sha256:9d397bf41caad3f489e10774667310d73cb9c4258e9aed94b9ec734b34b495fd", + "sha256:b579f8acbf2bdd9ea200b1d5dea36abd93cabf56cf626ab9c744a432e15c815f", + "sha256:b865b01a2e7f96db0c5d12cfea590f98d8c5ba64ad222300d93ce6ff9138bcad", + "sha256:bf34e368e8dd976423396555078def5cfc3039ebc6fc06d1ae2c5a65eebbcde4", + "sha256:c6938967f8528b3668622a9ed3b31d145fab161a32f5891ea7b84f6b790be05b", + "sha256:d1c2676e3d840852a2de7c7d5d76407c772927addff8d742b9808fe0afccebdf", + "sha256:d7124f52f3bd259f510651450e18e0fd081ed82f3c08541dffc7b94b883aa981", + "sha256:d900d949b707778696fdf01036f58c9876a0d8bfe116e8d220cfd4b15f14e741", + "sha256:ebfd274dcd5133e0afae738e6d9da4323c3eb021b3e13052d8cbd0e457b1256e", + "sha256:ed361bb83436f117f9917d282a456f9e5009ea12fd6de8742d1a4752c3017e93", + "sha256:f5144c75445ae3ca2057faac03fda5a902eff196702b0a24daf1d6ce0650514b" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==1.6.0" + }, + "mccabe": { + "hashes": [ + "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42", + "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f" + ], + "version": "==0.6.1" + }, + "multidict": { + "hashes": [ + "sha256:018132dbd8688c7a69ad89c4a3f39ea2f9f33302ebe567a879da8f4ca73f0d0a", + "sha256:051012ccee979b2b06be928a6150d237aec75dd6bf2d1eeeb190baf2b05abc93", + "sha256:05c20b68e512166fddba59a918773ba002fdd77800cad9f55b59790030bab632", + "sha256:07b42215124aedecc6083f1ce6b7e5ec5b50047afa701f3442054373a6deb656", + "sha256:0e3c84e6c67eba89c2dbcee08504ba8644ab4284863452450520dad8f1e89b79", + "sha256:0e929169f9c090dae0646a011c8b058e5e5fb391466016b39d21745b48817fd7", + "sha256:1ab820665e67373de5802acae069a6a05567ae234ddb129f31d290fc3d1aa56d", + "sha256:25b4e5f22d3a37ddf3effc0710ba692cfc792c2b9edfb9c05aefe823256e84d5", + "sha256:2e68965192c4ea61fff1b81c14ff712fc7dc15d2bd120602e4a3494ea6584224", + "sha256:2f1a132f1c88724674271d636e6b7351477c27722f2ed789f719f9e3545a3d26", + "sha256:37e5438e1c78931df5d3c0c78ae049092877e5e9c02dd1ff5abb9cf27a5914ea", + "sha256:3a041b76d13706b7fff23b9fc83117c7b8fe8d5fe9e6be45eee72b9baa75f348", + "sha256:3a4f32116f8f72ecf2a29dabfb27b23ab7cdc0ba807e8459e59a93a9be9506f6", + "sha256:46c73e09ad374a6d876c599f2328161bcd95e280f84d2060cf57991dec5cfe76", + "sha256:46dd362c2f045095c920162e9307de5ffd0a1bfbba0a6e990b344366f55a30c1", + "sha256:4b186eb7d6ae7c06eb4392411189469e6a820da81447f46c0072a41c748ab73f", + "sha256:54fd1e83a184e19c598d5e70ba508196fd0bbdd676ce159feb412a4a6664f952", + "sha256:585fd452dd7782130d112f7ddf3473ffdd521414674c33876187e101b588738a", + "sha256:5cf3443199b83ed9e955f511b5b241fd3ae004e3cb81c58ec10f4fe47c7dce37", + "sha256:6a4d5ce640e37b0efcc8441caeea8f43a06addace2335bd11151bc02d2ee31f9", + "sha256:7df80d07818b385f3129180369079bd6934cf70469f99daaebfac89dca288359", + "sha256:806068d4f86cb06af37cd65821554f98240a19ce646d3cd24e1c33587f313eb8", + "sha256:830f57206cc96ed0ccf68304141fec9481a096c4d2e2831f311bde1c404401da", + "sha256:929006d3c2d923788ba153ad0de8ed2e5ed39fdbe8e7be21e2f22ed06c6783d3", + "sha256:9436dc58c123f07b230383083855593550c4d301d2532045a17ccf6eca505f6d", + "sha256:9dd6e9b1a913d096ac95d0399bd737e00f2af1e1594a787e00f7975778c8b2bf", + "sha256:ace010325c787c378afd7f7c1ac66b26313b3344628652eacd149bdd23c68841", + "sha256:b47a43177a5e65b771b80db71e7be76c0ba23cc8aa73eeeb089ed5219cdbe27d", + "sha256:b797515be8743b771aa868f83563f789bbd4b236659ba52243b735d80b29ed93", + "sha256:b7993704f1a4b204e71debe6095150d43b2ee6150fa4f44d6d966ec356a8d61f", + "sha256:d5c65bdf4484872c4af3150aeebe101ba560dcfb34488d9a8ff8dbcd21079647", + "sha256:d81eddcb12d608cc08081fa88d046c78afb1bf8107e6feab5d43503fea74a635", + "sha256:dc862056f76443a0db4509116c5cd480fe1b6a2d45512a653f9a855cc0517456", + "sha256:ecc771ab628ea281517e24fd2c52e8f31c41e66652d07599ad8818abaad38cda", + "sha256:f200755768dc19c6f4e2b672421e0ebb3dd54c38d5a4f262b872d8cfcc9e93b5", + "sha256:f21756997ad8ef815d8ef3d34edd98804ab5ea337feedcd62fb52d22bf531281", + "sha256:fc13a9524bc18b6fb6e0dbec3533ba0496bbed167c56d0aabefd965584557d80" + ], + "markers": "python_version >= '3.6'", + "version": "==5.1.0" + }, + "packaging": { + "hashes": [ + "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5", + "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==20.9" + }, + "pluggy": { + "hashes": [ + "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0", + "sha256:966c145cd83c96502c3c3868f50408687b38434af77734af1e9ca461a4081d2d" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.13.1" + }, + "py": { + "hashes": [ + "sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3", + "sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.10.0" + }, + "pylint": { + "hashes": [ + "sha256:0a049c5d47b629d9070c3932d13bff482b12119b6a241a93bc460b0be16953c8", + "sha256:792b38ff30903884e4a9eab814ee3523731abd3c463f3ba48d7b627e87013484" + ], + "index": "pypi", + "version": "==2.8.3" + }, + "pyparsing": { + "hashes": [ + "sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1", + "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b" + ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.4.7" + }, + "pytest": { + "hashes": [ + "sha256:50bcad0a0b9c5a72c8e4e7c9855a3ad496ca6a881a3641b4260605450772c54b", + "sha256:91ef2131a9bd6be8f76f1f08eac5c5317221d6ad1e143ae03894b862e8976890" + ], + "index": "pypi", + "version": "==6.2.4" + }, + "pytest-asyncio": { + "hashes": [ + "sha256:2564ceb9612bbd560d19ca4b41347b54e7835c2f792c504f698e05395ed63f6f", + "sha256:3042bcdf1c5d978f6b74d96a151c4cfb9dcece65006198389ccd7e6c60eb1eea" + ], + "index": "pypi", + "version": "==0.15.1" + }, + "pytest-cov": { + "hashes": [ + "sha256:261bb9e47e65bd099c89c3edf92972865210c36813f80ede5277dceb77a4a62a", + "sha256:261ceeb8c227b726249b376b8526b600f38667ee314f910353fa318caa01f4d7" + ], + "index": "pypi", + "version": "==2.12.1" + }, + "pytest-datadir-ng": { + "hashes": [ + "sha256:0d9e0212eaa4d0440a4b7c3d2df4b4b7eeebde1854ab383c5aff590764ad8a52", + "sha256:7fec7a4996a12529a935512c128624fa7289495b520fd31b4645c3a71daa394e" + ], + "index": "pypi", + "version": "==1.1.1" + }, + "pytest-forked": { + "hashes": [ + "sha256:6aa9ac7e00ad1a539c41bec6d21011332de671e938c7637378ec9710204e37ca", + "sha256:dc4147784048e70ef5d437951728825a131b81714b398d5d52f17c7c144d8815" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==1.3.0" + }, + "pytest-json": { + "hashes": [ + "sha256:8bf4e1be1691f4416bc12b14785b5ad9e842887b0b2b2d61b37dcb555b208630" + ], + "index": "pypi", + "version": "==0.4.0" + }, + "pytest-mock": { + "hashes": [ + "sha256:30c2f2cc9759e76eee674b81ea28c9f0b94f8f0445a1b87762cadf774f0df7e3", + "sha256:40217a058c52a63f1042f0784f62009e976ba824c418cced42e88d5f40ab0e62" + ], + "index": "pypi", + "version": "==3.6.1" + }, + "pytest-xdist": { + "hashes": [ + "sha256:e8ecde2f85d88fbcadb7d28cb33da0fa29bca5cf7d5967fa89fc0e97e5299ea5", + "sha256:ed3d7da961070fce2a01818b51f6888327fb88df4379edeb6b9d990e789d9c8d" + ], + "index": "pypi", + "version": "==2.3.0" + }, + "python-dateutil": { + "hashes": [ + "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c", + "sha256:75bb3f31ea686f1197762692a9ee6a7550b59fc6ca3a1f4b5d7e32fb98e2da2a" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.8.1" + }, + "pyyaml": { + "hashes": [ + "sha256:08682f6b72c722394747bddaf0aa62277e02557c0fd1c42cb853016a38f8dedf", + "sha256:0f5f5786c0e09baddcd8b4b45f20a7b5d61a7e7e99846e3c799b05c7c53fa696", + "sha256:129def1b7c1bf22faffd67b8f3724645203b79d8f4cc81f674654d9902cb4393", + "sha256:294db365efa064d00b8d1ef65d8ea2c3426ac366c0c4368d930bf1c5fb497f77", + "sha256:3b2b1824fe7112845700f815ff6a489360226a5609b96ec2190a45e62a9fc922", + "sha256:3bd0e463264cf257d1ffd2e40223b197271046d09dadf73a0fe82b9c1fc385a5", + "sha256:4465124ef1b18d9ace298060f4eccc64b0850899ac4ac53294547536533800c8", + "sha256:49d4cdd9065b9b6e206d0595fee27a96b5dd22618e7520c33204a4a3239d5b10", + "sha256:4e0583d24c881e14342eaf4ec5fbc97f934b999a6828693a99157fde912540cc", + "sha256:5accb17103e43963b80e6f837831f38d314a0495500067cb25afab2e8d7a4018", + "sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e", + "sha256:6c78645d400265a062508ae399b60b8c167bf003db364ecb26dcab2bda048253", + "sha256:72a01f726a9c7851ca9bfad6fd09ca4e090a023c00945ea05ba1638c09dc3347", + "sha256:74c1485f7707cf707a7aef42ef6322b8f97921bd89be2ab6317fd782c2d53183", + "sha256:895f61ef02e8fed38159bb70f7e100e00f471eae2bc838cd0f4ebb21e28f8541", + "sha256:8c1be557ee92a20f184922c7b6424e8ab6691788e6d86137c5d93c1a6ec1b8fb", + "sha256:bb4191dfc9306777bc594117aee052446b3fa88737cd13b7188d0e7aa8162185", + "sha256:bfb51918d4ff3d77c1c856a9699f8492c612cde32fd3bcd344af9be34999bfdc", + "sha256:c20cfa2d49991c8b4147af39859b167664f2ad4561704ee74c1de03318e898db", + "sha256:cb333c16912324fd5f769fff6bc5de372e9e7a202247b48870bc251ed40239aa", + "sha256:d2d9808ea7b4af864f35ea216be506ecec180628aced0704e34aca0b040ffe46", + "sha256:d483ad4e639292c90170eb6f7783ad19490e7a8defb3e46f97dfe4bacae89122", + "sha256:dd5de0646207f053eb0d6c74ae45ba98c3395a571a2891858e87df7c9b9bd51b", + "sha256:e1d4970ea66be07ae37a3c2e48b5ec63f7ba6804bdddfdbd3cfd954d25a82e63", + "sha256:e4fac90784481d221a8e4b1162afa7c47ed953be40d31ab4629ae917510051df", + "sha256:fa5ae20527d8e831e8230cbffd9f8fe952815b2b7dae6ffec25318803a7528fc", + "sha256:fd7f6999a8070df521b6384004ef42833b9bd62cfee11a09bda1079b4b704247", + "sha256:fdc842473cd33f45ff6bce46aea678a54e3d21f1b61a7750ce3c498eedfe25d6", + "sha256:fe69978f3f768926cfa37b867e3843918e012cf83f680806599ddce33c2c68b0" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==5.4.1" + }, + "requests": { + "hashes": [ + "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804", + "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==2.25.1" + }, + "requests-mock": { + "hashes": [ + "sha256:0a2d38a117c08bb78939ec163522976ad59a6b7fdd82b709e23bb98004a44970", + "sha256:8d72abe54546c1fc9696fa1516672f1031d72a55a1d66c85184f972a24ba0eba" + ], + "index": "pypi", + "version": "==1.9.3" + }, + "six": { + "hashes": [ + "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", + "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.16.0" + }, + "sortedcontainers": { + "hashes": [ + "sha256:25caa5a06cc30b6b83d11423433f65d1f9d76c4c6a0c90e3379eaa43b9bfdb88", + "sha256:a163dcaede0f1c021485e957a39245190e74249897e2ae4b2aa38595db237ee0" + ], + "version": "==2.4.0" + }, + "toml": { + "hashes": [ + "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b", + "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f" + ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.10.2" + }, + "urllib3": { + "hashes": [ + "sha256:39fb8672126159acb139a7718dd10806104dec1e2f0f6c88aab05d17df10c8d4", + "sha256:f57b4c16c62fa2760b7e3d97c35b255512fb6b59a259730f36ba32ce9f8e342f" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", + "version": "==1.26.6" + }, + "vcrpy": { + "hashes": [ + "sha256:12c3fcdae7b88ecf11fc0d3e6d77586549d4575a2ceee18e82eee75c1f626162", + "sha256:57095bf22fc0a2d99ee9674cdafebed0f3ba763018582450706f7d3a74fff599" + ], + "index": "pypi", + "version": "==4.1.1" + }, + "wrapt": { + "hashes": [ + "sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7" + ], + "version": "==1.12.1" + }, + "yarl": { + "hashes": [ + "sha256:00d7ad91b6583602eb9c1d085a2cf281ada267e9a197e8b7cae487dadbfa293e", + "sha256:0355a701b3998dcd832d0dc47cc5dedf3874f966ac7f870e0f3a6788d802d434", + "sha256:15263c3b0b47968c1d90daa89f21fcc889bb4b1aac5555580d74565de6836366", + "sha256:2ce4c621d21326a4a5500c25031e102af589edb50c09b321049e388b3934eec3", + "sha256:31ede6e8c4329fb81c86706ba8f6bf661a924b53ba191b27aa5fcee5714d18ec", + "sha256:324ba3d3c6fee56e2e0b0d09bf5c73824b9f08234339d2b788af65e60040c959", + "sha256:329412812ecfc94a57cd37c9d547579510a9e83c516bc069470db5f75684629e", + "sha256:4736eaee5626db8d9cda9eb5282028cc834e2aeb194e0d8b50217d707e98bb5c", + "sha256:4953fb0b4fdb7e08b2f3b3be80a00d28c5c8a2056bb066169de00e6501b986b6", + "sha256:4c5bcfc3ed226bf6419f7a33982fb4b8ec2e45785a0561eb99274ebbf09fdd6a", + "sha256:547f7665ad50fa8563150ed079f8e805e63dd85def6674c97efd78eed6c224a6", + "sha256:5b883e458058f8d6099e4420f0cc2567989032b5f34b271c0827de9f1079a424", + "sha256:63f90b20ca654b3ecc7a8d62c03ffa46999595f0167d6450fa8383bab252987e", + "sha256:68dc568889b1c13f1e4745c96b931cc94fdd0defe92a72c2b8ce01091b22e35f", + "sha256:69ee97c71fee1f63d04c945f56d5d726483c4762845400a6795a3b75d56b6c50", + "sha256:6d6283d8e0631b617edf0fd726353cb76630b83a089a40933043894e7f6721e2", + "sha256:72a660bdd24497e3e84f5519e57a9ee9220b6f3ac4d45056961bf22838ce20cc", + "sha256:73494d5b71099ae8cb8754f1df131c11d433b387efab7b51849e7e1e851f07a4", + "sha256:7356644cbed76119d0b6bd32ffba704d30d747e0c217109d7979a7bc36c4d970", + "sha256:8a9066529240171b68893d60dca86a763eae2139dd42f42106b03cf4b426bf10", + "sha256:8aa3decd5e0e852dc68335abf5478a518b41bf2ab2f330fe44916399efedfae0", + "sha256:97b5bdc450d63c3ba30a127d018b866ea94e65655efaf889ebeabc20f7d12406", + "sha256:9ede61b0854e267fd565e7527e2f2eb3ef8858b301319be0604177690e1a3896", + "sha256:b2e9a456c121e26d13c29251f8267541bd75e6a1ccf9e859179701c36a078643", + "sha256:b5dfc9a40c198334f4f3f55880ecf910adebdcb2a0b9a9c23c9345faa9185721", + "sha256:bafb450deef6861815ed579c7a6113a879a6ef58aed4c3a4be54400ae8871478", + "sha256:c49ff66d479d38ab863c50f7bb27dee97c6627c5fe60697de15529da9c3de724", + "sha256:ce3beb46a72d9f2190f9e1027886bfc513702d748047b548b05dab7dfb584d2e", + "sha256:d26608cf178efb8faa5ff0f2d2e77c208f471c5a3709e577a7b3fd0445703ac8", + "sha256:d597767fcd2c3dc49d6eea360c458b65643d1e4dbed91361cf5e36e53c1f8c96", + "sha256:d5c32c82990e4ac4d8150fd7652b972216b204de4e83a122546dce571c1bdf25", + "sha256:d8d07d102f17b68966e2de0e07bfd6e139c7c02ef06d3a0f8d2f0f055e13bb76", + "sha256:e46fba844f4895b36f4c398c5af062a9808d1f26b2999c58909517384d5deda2", + "sha256:e6b5460dc5ad42ad2b36cca524491dfcaffbfd9c8df50508bddc354e787b8dc2", + "sha256:f040bcc6725c821a4c0665f3aa96a4d0805a7aaf2caf266d256b8ed71b9f041c", + "sha256:f0b059678fd549c66b89bed03efcabb009075bd131c248ecdf087bdb6faba24a", + "sha256:fcbb48a93e8699eae920f8d92f7160c03567b421bc17362a9ffbbd706a816f71" + ], + "markers": "python_version >= '3.6'", + "version": "==1.6.3" + } + } +} diff --git a/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/README.md b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/README.md new file mode 100644 index 000000000000..d101704c69df --- /dev/null +++ b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/README.md @@ -0,0 +1,21 @@ +Convert Splunk CIM Fields Dynamic Into Fields Value + +## Script Data +--- + +| **Name** | **Description** | +| --- | --- | +| Script Type | python3 | +| Tags | transformer, string | + +## Inputs +--- + +| **Argument Name** | **Description** | +| --- | --- | +| value | Input string from incident. | +| inc | Incident field values from incident. | + +## Outputs +--- +There are no outputs for this script. diff --git a/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.py b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.py new file mode 100644 index 000000000000..ac24635508e8 --- /dev/null +++ b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.py @@ -0,0 +1,20 @@ +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +import re + +args = demisto.args() +inc = args.get('inc') +data = args.get('value') + + +def splunk_cim_fields(match): + return data.replace('$' + match + '$', inc.get(match)) + + +matches = re.findall("\$([^\$]*)\$", data) + +for match in matches: + data = splunk_cim_fields(match) + +return_results(data) diff --git a/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.yml b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.yml new file mode 100644 index 000000000000..5903ec3c8663 --- /dev/null +++ b/Packs/SplunkCIMFields/Scripts/SplunkCIMFields/SplunkCIMFields.yml @@ -0,0 +1,29 @@ +args: +- description: Input string from incident. + name: value + required: true +- description: Incident field values from incident, If you are using this automation as classification & mapping the recommended value is "${.}". + name: inc + required: true +comment: Convert Splunk CIM Fields Dynamic Into Fields Value +commonfields: + id: SplunkCIMFields + version: -1 +contentitemexportablefields: + contentitemfields: + fromServerVersion: "" +dockerimage: demisto/python3:3.9.6.22912 +enabled: true +name: SplunkCIMFields +runas: DBotWeakRole +runonce: false +script: '' +scripttarget: 0 +subtype: python3 +tags: +- transformer +- string +type: python +fromversion: 6.0.0 +tests: +- No tests (auto formatted) diff --git a/Packs/SplunkCIMFields/pack_metadata.json b/Packs/SplunkCIMFields/pack_metadata.json new file mode 100644 index 000000000000..2bdf4110b7fe --- /dev/null +++ b/Packs/SplunkCIMFields/pack_metadata.json @@ -0,0 +1,17 @@ +{ + "name": "SplunkCIMFields", + "description": "Convert Splunk CIM Dynamic Fields into their values.\n\nExample:\n\nBrute Force Attack On $src$ transformed into Brute Force Attack On 192.168.100.254", + "support": "community", + "currentVersion": "1.0.0", + "author": "Farrukh Ahmed", + "url": "", + "email": "", + "created": "2021-08-19T22:10:45Z", + "categories": [], + "tags": [], + "useCases": [], + "keywords": [], + "githubUser": [ + "linuxpakistan" + ] +} \ No newline at end of file From 056ba712871eb0964ea8f038b22cfea36d7fc950 Mon Sep 17 00:00:00 2001 From: dorschw <81086590+dorschw@users.noreply.github.com> Date: Mon, 23 Aug 2021 15:48:19 +0300 Subject: [PATCH 003/173] setGridField: Allow column names to have underscores (#14469) Grid column names can have underscores in them. Co-authored-by: Dean Arbel --- Packs/CommonScripts/ReleaseNotes/1_4_24.md | 4 +++ .../Scripts/SetGridField/SetGridField.py | 29 +++++++++++++++---- .../Scripts/SetGridField/SetGridField.yml | 2 ++ .../Scripts/SetGridField/SetGridField_test.py | 6 +++- .../expected_list_grid_none_value.json | 6 ++-- Packs/CommonScripts/pack_metadata.json | 2 +- 6 files changed, 39 insertions(+), 10 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_4_24.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_4_24.md b/Packs/CommonScripts/ReleaseNotes/1_4_24.md new file mode 100644 index 000000000000..08f5e687814a --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_4_24.md @@ -0,0 +1,4 @@ +#### Scripts + +##### SetGridField +- **Breaking Change:** Added support for **columns** with underscores (`_`). Previously underscores in **columns** were removed automatically by the automation. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py index 356db63e4fae..06f275b48004 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py @@ -10,7 +10,7 @@ def normalized_string(phrase: str) -> str: - """ Normalize columns or Grid to connected word in lower-case. + """ Normalize a string to flatcase (to match `cli name`). Args: phrase: Phrase to normalize. @@ -22,11 +22,30 @@ def normalized_string(phrase: str) -> str: >>> normalized_string("TestWord") "testword" >>> normalized_string("hello_world") - "hello_world" + "helloworld" """ return phrases_case.camel(phrase).replace("'", "").lower() +def normalized_column_name(phrase: str) -> str: + """ Normalize columns or Grid to connected word in lowercase, to match the logic of stripToClumnName() from + the client's `strings.js` and the server logic. + + Args: + phrase: Phrase to normalize. + + Returns: + str: Normalized phrase. + + Examples: + >>> normalized_string("Test Word!@#$%^&*()-=+") + "testword" + >>> normalized_string("hello🦦_world@") + "hello_world" + """ + return re.sub(r'[^a-zA-Z\d_]', '', phrase[:255]).lower() + + def filter_dict(dict_obj: Dict[Any, Any], keys: List[str], max_keys: Optional[int] = None) -> Dict[Any, Any]: """ Filter keys from Dictionary: 1. Will only save keys which specified in keys parameters. @@ -122,7 +141,7 @@ def get_current_table(grid_id: str) -> pd.DataFrame: @logger -def validate_entry_context(context_path, entry_context: Any, keys: List[str], unpack_nested_elements: bool): +def validate_entry_context(context_path: str, entry_context: Any, keys: List[str], unpack_nested_elements: bool): """ Validate entry context structure is valid, should be: - For unpack_nested_elements==False: 1. List[Dict[str, str/bool/int/float]] @@ -277,8 +296,8 @@ def build_grid_command(grid_id: str, context_path: str, keys: List[str], columns raise DemistoException(f'The number of keys: {len(keys)} should match the number of columns: {len(columns)}.') # Get old Data old_table = get_current_table(grid_id=grid_id) - # Normalize columns to match connected words. - columns = [normalized_string(phrase) for phrase in columns] + # Change columns to all lower case (underscores allowed). + columns = [normalized_column_name(phrase) for phrase in columns] # Create new Table from the given context path. new_table: pd.DataFrame = build_grid(context_path=context_path, keys=keys, diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml index b61fef945126..6d065c8143e2 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.yml @@ -65,3 +65,5 @@ timeout: '0' type: python dockerimage: demisto/pandas:1.0.0.23402 fromversion: 5.0.0 +tests: + - No tests \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py index aa05eb594996..7056f5610b6f 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py @@ -89,9 +89,13 @@ def test_build_grid(datadir, mocker, keys: list, columns: list, dt_response_json ).to_dict() +should_be_removed_by_normalize_col = ' \n &$#%?!*;׳()🦦ץ' * 20 + "this should be truncated, more than 255 chars" + + @pytest.mark.parametrize(argnames="keys, columns, unpack_nested_elements, dt_response_path, expected_results_path", argvalues=[ - (["name", "value"], ["col1", "col2"], False, 'context_entry_list_missing_key.json', + (["name", "value"], [f"col_1{should_be_removed_by_normalize_col}", "COL2"], False, + 'context_entry_list_missing_key.json', 'expected_list_grid_none_value.json') ]) def test_build_grid_command(datadir, mocker, keys: List[str], columns: List[str], unpack_nested_elements: bool, diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json index 570e5223f920..7c7b4febf074 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json @@ -1,14 +1,14 @@ [ { - "col1": "name1", + "col_1": "name1", "col2": "value1" }, { - "col1": "name2", + "col_1": "name2", "col2": "value2" }, { - "col1": "name3", + "col_1": "name3", "col2": "value3" }, { diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index eaa349fc399b..3d1b02289ae9 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.4.23", + "currentVersion": "1.4.24", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 099867152318823d2cd30a634a64d79692a08e03 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Mon, 23 Aug 2021 15:55:52 +0300 Subject: [PATCH 004/173] Add more dates, tags, and TLP to feed integration (#14483) * Add more dates, tags, and TLP to feed integration (#14380) * Add more dates, tags and TLP to feed integration * Add release notes * fixed rn Co-authored-by: EvgeniyMeteliza <81425065+EvgeniyMeteliza@users.noreply.github.com> Co-authored-by: abaumgarten --- .../GroupIB_TIA_Feed/GroupIB_TIA_Feed.py | 214 +++++++++++------- .../GroupIB_TIA_Feed/GroupIB_TIA_Feed_test.py | 3 +- .../GroupIB_TIA_Feed/test_data/results.json | 66 ++++-- .../ReleaseNotes/1_1_2.md | 5 + .../pack_metadata.json | 2 +- 5 files changed, 191 insertions(+), 99 deletions(-) create mode 100644 Packs/GroupIB_ThreatIntelligenceAttribution/ReleaseNotes/1_1_2.md diff --git a/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed.py b/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed.py index f1e963fdd3be..e5cb9e7d6e2b 100644 --- a/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed.py +++ b/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed.py @@ -12,6 +12,9 @@ urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) ''' CONSTANTS ''' DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ' +# todo: add all necessary field types +COMMON_FIELD_TYPES = ['trafficlightprotocol'] +DATE_FIELDS_LIST = ["creationdate", "firstseenbysource", "lastseenbysource", "gibdatecompromised"] MAPPING: dict = { "compromised/mule": { "indicators": @@ -161,12 +164,14 @@ "add_fields": [ 'target_ipv4_asn', 'target_ipv4_countryName', 'target_ipv4_region', 'malware_name', 'threatActor_name', - 'threatActor_isAPT', 'threatActor_id' + 'threatActor_isAPT', 'threatActor_id', + 'dateBegin', 'dateEnd' ], "add_fields_types": [ 'asn', 'geocountry', 'geolocation', 'gibmalwarename', 'gibthreatactorname', - 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] } ] @@ -207,13 +212,15 @@ "main_field": 'phishingDomain_domain', "main_field_type": 'Domain', "add_fields": [ - 'phishingDomain_dateRegistered', 'phishingDomain_registrar', + 'phishingDomain_dateRegistered', 'dateDetected', + 'phishingDomain_registrar', 'phishingDomain_title', 'targetBrand', 'targetCategory', 'targetDomain' ], "add_fields_types": [ - 'creationdate', 'registrarname', + 'creationdate', 'firstseenbysource', + 'registrarname', 'gibphishingtitle', 'gibtargetbrand', 'gibtargetcategory', 'gibtargetdomain' ] @@ -230,6 +237,8 @@ [ { "main_field": 'emails', "main_field_type": 'Email', + "add_fields": ['dateFirstSeen', 'dateLastSeen'], + "add_fields_types": ['firstseenbysource', 'lastseenbysource'] } ] }, @@ -240,33 +249,39 @@ "main_field": 'indicators_params_ipv4', "main_field_type": 'IP', "add_fields": [ 'threatActor_name', - 'threatActor_isAPT', 'threatActor_id' + 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' ], "add_fields_types": [ 'gibthreatactorname', - 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] }, { "main_field": 'indicators_params_domain', "main_field_type": 'Domain', "add_fields": [ 'threatActor_name', - 'threatActor_isAPT', 'threatActor_id' + 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' ], "add_fields_types": [ 'gibthreatactorname', - 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] }, { "main_field": 'indicators_params_url', "main_field_type": 'URL', "add_fields": [ 'threatActor_name', - 'threatActor_isAPT', 'threatActor_id' + 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' ], "add_fields_types": [ 'gibthreatactorname', - 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] }, { @@ -275,11 +290,13 @@ 'indicators_params_name', 'indicators_params_hashes_md5', 'indicators_params_hashes_sha1', 'indicators_params_hashes_sha256', 'indicators_params_size', - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' + 'threatActor_name', 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' ], "add_fields_types": [ 'gibfilename', 'md5', 'sha1', 'sha256', 'size', - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] } ] @@ -287,46 +304,60 @@ "hi/threat": { "indicators": [ - { - "main_field": 'indicators_params_ipv4', "main_field_type": 'IP', - "add_fields": [ - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' - ], - "add_fields_types": [ - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' - ] - }, - { - "main_field": 'indicators_params_domain', "main_field_type": 'Domain', - "add_fields": [ - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' - ], - "add_fields_types": [ - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' - ] - }, - { - "main_field": 'indicators_params_url', "main_field_type": 'URL', - "add_fields": [ - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' - ], - "add_fields_types": [ - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' - ] - }, - { - "main_field": 'indicators_params_hashes_md5', "main_field_type": 'File', - "add_fields": [ - 'indicators_params_name', 'indicators_params_hashes_md5', - 'indicators_params_hashes_sha1', - 'indicators_params_hashes_sha256', 'indicators_params_size', - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' - ], - "add_fields_types": [ - 'gibfilename', 'md5', 'sha1', 'sha256', 'size', - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' - ] - } + { + "main_field": 'indicators_params_ipv4', "main_field_type": 'IP', + "add_fields": [ + 'threatActor_name', + 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' + ], + "add_fields_types": [ + 'gibthreatactorname', + 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' + ] + }, + { + "main_field": 'indicators_params_domain', "main_field_type": 'Domain', + "add_fields": [ + 'threatActor_name', + 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' + ], + "add_fields_types": [ + 'gibthreatactorname', + 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' + ] + }, + { + "main_field": 'indicators_params_url', "main_field_type": 'URL', + "add_fields": [ + 'threatActor_name', + 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' + ], + "add_fields_types": [ + 'gibthreatactorname', + 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' + ] + }, + { + "main_field": 'indicators_params_hashes_md5', "main_field_type": 'File', + "add_fields": [ + 'indicators_params_name', 'indicators_params_hashes_md5', + 'indicators_params_hashes_sha1', + 'indicators_params_hashes_sha256', 'indicators_params_size', + 'threatActor_name', 'threatActor_isAPT', 'threatActor_id', + 'indicators_dateFirstSeen', 'indicators_dateLastSeen' + ], + "add_fields_types": [ + 'gibfilename', 'md5', 'sha1', 'sha256', 'size', + 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' + ] + } ] }, "suspicious_ip/tor_node": { @@ -334,8 +365,8 @@ [ { "main_field": 'ipv4_ip', "main_field_type": 'IP', - "add_fields": ['ipv4_asn', 'ipv4_countryName', 'ipv4_region'], - "add_fields_types": ['asn', 'geocountry', 'geolocation'] + "add_fields": ['ipv4_asn', 'ipv4_countryName', 'ipv4_region', 'dateFirstSeen', 'dateLastSeen'], + "add_fields_types": ['asn', 'geocountry', 'geolocation', 'firstseenbysource', 'lastseenbysource'] } ] }, @@ -347,12 +378,14 @@ "add_fields": [ 'ipv4_asn', 'ipv4_countryName', 'ipv4_region', - 'port', 'anonymous', 'source' + 'port', 'anonymous', 'source', + 'dateFirstSeen', 'dateDetected' ], "add_fields_types": [ 'asn', 'geocountry', 'geolocation', - 'gibproxyport', 'gibproxyanonymous', 'source' + 'gibproxyport', 'gibproxyanonymous', 'source', + 'firstseenbysource', 'lastseenbysource' ] } ] @@ -362,8 +395,8 @@ [ { "main_field": 'ipv4_ip', "main_field_type": 'IP', - "add_fields": ['ipv4_asn', 'ipv4_countryName', 'ipv4_region'], - "add_fields_types": ['asn', 'geocountry', 'geolocation'] + "add_fields": ['ipv4_asn', 'ipv4_countryName', 'ipv4_region', 'dateFirstSeen', 'dateLastSeen'], + "add_fields_types": ['asn', 'geocountry', 'geolocation', 'firstseenbysource', 'lastseenbysource'] } ] }, @@ -373,30 +406,36 @@ { 'main_field': 'url', "main_field_type": 'URL', "add_fields": [ - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' + 'threatActor_name', 'threatActor_isAPT', 'threatActor_id', + 'dateDetected', 'dateLastSeen' ], "add_fields_types": [ - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] }, { 'main_field': 'domain', "main_field_type": 'Domain', "add_fields": [ - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' + 'threatActor_name', 'threatActor_isAPT', 'threatActor_id', + 'dateDetected', 'dateLastSeen' ], "add_fields_types": [ - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] }, { "main_field": 'ipv4_ip', "main_field_type": 'IP', "add_fields": [ 'ipv4_asn', 'ipv4_countryName', 'ipv4_region', - 'threatActor_name', 'threatActor_isAPT', 'threatActor_id' + 'threatActor_name', 'threatActor_isAPT', 'threatActor_id', + 'dateDetected', 'dateLastSeen' ], "add_fields_types": [ 'asn', 'geocountry', 'geolocation', - 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid' + 'gibthreatactorname', 'gibthreatactorisapt', 'gibthreatactorid', + 'firstseenbysource', 'lastseenbysource' ] } ] @@ -540,7 +579,6 @@ def unpack_iocs(iocs, ioc_type, fields, fields_names, collection_name): """ Recursively ties together and transforms indicator data. """ - unpacked = [] if isinstance(iocs, list): for i, ioc in enumerate(iocs): @@ -551,10 +589,9 @@ def unpack_iocs(iocs, ioc_type, fields, fields_names, collection_name): else: buf_fields.append(field) unpacked.extend(unpack_iocs(ioc, ioc_type, buf_fields, fields_names, collection_name)) - return unpacked else: if iocs in ['255.255.255.255', '0.0.0.0', '', None]: - return [] + return unpacked fields_dict = {fields_names[i]: fields[i] for i in range(len(fields_names)) if fields[i] is not None} @@ -577,22 +614,24 @@ def unpack_iocs(iocs, ioc_type, fields, fields_names, collection_name): del fields_dict["gibsoftwaremixed"] # Transforming into correct date format - if collection_name == 'attacks/phishing': - if fields_dict.get('creationdate'): - fields_dict['creationdate'] = \ - dateparser.parse(fields_dict['creationdate']).strftime('%Y-%m-%dT%H:%M:%SZ') + for date_field in DATE_FIELDS_LIST: + if fields_dict.get(date_field): + fields_dict[date_field] = dateparser.parse(fields_dict.get(date_field)).strftime('%Y-%m-%dT%H:%M:%SZ') fields_dict.update({'gibcollection': collection_name}) - return [{'value': iocs, 'type': ioc_type, - 'rawJSON': {'value': iocs, 'type': ioc_type, **fields_dict}, 'fields': fields_dict}] + unpacked.append({'value': iocs, 'type': ioc_type, + 'rawJSON': {'value': iocs, 'type': ioc_type, **fields_dict}, 'fields': fields_dict}) + return unpacked -def find_iocs_in_feed(feed: Dict, collection_name: str) -> List: + +def find_iocs_in_feed(feed: Dict, collection_name: str, common_fields: Dict) -> List: """ Finds IOCs in the feed and transform them to the appropriate format to ingest them into Demisto. :param feed: feed from GIB TI&A. :param collection_name: which collection this feed belongs to. + :param common_fields: fields defined by user. """ indicators = [] @@ -605,6 +644,10 @@ def find_iocs_in_feed(feed: Dict, collection_name: str) -> List: for j in add_fields_list: add_fields.append(find_element_by_key(feed, j)) add_fields_types = i.get('add_fields_types', []) + ['gibid'] + for field_type in COMMON_FIELD_TYPES: + if common_fields.get(field_type): + add_fields.append(common_fields.get(field_type)) + add_fields_types.append(field_type) if collection_name in ['apt/threat', 'hi/threat', 'malware/cnc']: add_fields.append(', '.join(find_element_by_key(feed, "malwareList_name"))) add_fields_types = add_fields_types + ['gibmalwarename'] @@ -643,7 +686,8 @@ def format_result_for_manual(indicators: List) -> Dict: def fetch_indicators_command(client: Client, last_run: Dict, first_fetch_time: str, - indicator_collections: List, requests_count: int) -> Tuple[Dict, List]: + indicator_collections: List, requests_count: int, + common_fields: Dict) -> Tuple[Dict, List]: """ This function will execute each interval (default is 1 minute). @@ -652,11 +696,13 @@ def fetch_indicators_command(client: Client, last_run: Dict, first_fetch_time: s :param first_fetch_time: if last_run is None then fetch all incidents since first_fetch_time. :param indicator_collections: list of collections enabled by client. :param requests_count: count of requests to API per collection. + :param common_fields: fields defined by user. :return: next_run will be last_run in the next fetch-indicators; indicators will be created in Demisto. """ indicators = [] next_run: Dict[str, Dict[str, Union[int, Any]]] = {"last_fetch": {}} + tags = common_fields.pop("tags", []) for collection_name in indicator_collections: last_fetch = last_run.get('last_fetch', {}).get(collection_name) @@ -678,11 +724,16 @@ def fetch_indicators_command(client: Client, last_run: Dict, first_fetch_time: s for portion in portions: for feed in portion: seq_update = feed.get('seqUpdate') - indicators.extend(find_iocs_in_feed(feed, collection_name)) + indicators.extend(find_iocs_in_feed(feed, collection_name, common_fields)) k += 1 if k >= requests_count: break + if tags: + for indicator in indicators: + indicator["fields"].update({"tags": tags}) + indicator["rawJSON"].update({"tags": tags}) + next_run['last_fetch'][collection_name] = seq_update return next_run, indicators @@ -713,7 +764,7 @@ def get_indicators_command(client: Client, args: Dict[str, str]): portions = client.create_search_generator(collection_name=collection_name, limit=limit) for portion in portions: for feed in portion: - indicators.extend(find_iocs_in_feed(feed, collection_name)) + indicators.extend(find_iocs_in_feed(feed, collection_name, {})) if len(indicators) >= limit: indicators = indicators[:limit] break @@ -721,7 +772,7 @@ def get_indicators_command(client: Client, args: Dict[str, str]): break else: raw_json = client.search_feed_by_id(collection_name=collection_name, feed_id=id_) - indicators.extend(find_iocs_in_feed(raw_json, collection_name)) + indicators.extend(find_iocs_in_feed(raw_json, collection_name, {})) if len(indicators) >= limit: indicators = indicators[:limit] @@ -771,10 +822,15 @@ def main(): elif command == 'fetch-indicators': # Set and define the fetch incidents command to run after activated via integration settings. + common_fields = { + 'trafficlightprotocol': params.get("tlp_color"), + 'tags': argToList(params.get("feedTags")), + } next_run, indicators = fetch_indicators_command(client=client, last_run=get_integration_context(), first_fetch_time=indicators_first_fetch, indicator_collections=indicator_collections, - requests_count=requests_count) + requests_count=requests_count, + common_fields=common_fields) set_integration_context(next_run) for b in batch(indicators, batch_size=2000): demisto.createIndicators(b) diff --git a/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed_test.py b/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed_test.py index 37d74834dd27..fbc919dc4311 100644 --- a/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed_test.py +++ b/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/GroupIB_TIA_Feed_test.py @@ -24,5 +24,6 @@ def test_fetch_indicators_command(mocker, session_fixture): collection_name, client = session_fixture mocker.patch.object(client, 'create_update_generator', return_value=[[RAW_JSON[collection_name]]]) result = fetch_indicators_command(client=client, last_run={}, first_fetch_time='3 days', - indicator_collections=[collection_name], requests_count=1) + indicator_collections=[collection_name], requests_count=1, + common_fields={}) assert result == tuple(RESULTS[collection_name]) diff --git a/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/results.json b/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/results.json index f1f563a27359..410e56a2a816 100644 --- a/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/results.json +++ b/Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/results.json @@ -12,7 +12,7 @@ "rawJSON": { "value": "3765123456411567", "type": "GIB Compromised Mule", - "creationdate": "2020-11-11T16:09:00+00:00", + "creationdate": "2020-11-11T16:09:00Z", "source": "Botnet", "gibcollection": "compromised/mule", "gibid": "50a3b4abbfca5dcbec9c8b3a110598f61ba93r33", @@ -22,7 +22,7 @@ "gibthreatactorname": "FRK48" }, "fields": { - "creationdate": "2020-11-11T16:09:00+00:00", + "creationdate": "2020-11-11T16:09:00Z", "source": "Botnet", "gibcollection": "compromised/mule", "gibid": "50a3b4abbfca5dcbec9c8b3a110598f61ba93r33", @@ -183,7 +183,7 @@ "rawJSON": { "value": "359223056231009", "type": "GIB Compromised IMEI", - "creationdate": "2018-01-11T01:18:43+00:00", + "creationdate": "2018-01-11T01:18:43Z", "devicemodel": "Nexus S/2.3.7 ($$$Flexnet v.5.5)", "asn": "AS22222 Some Company", "geocountry": "Netherlands", @@ -196,7 +196,7 @@ "gibthreatactorname": "FRK48" }, "fields": { - "creationdate": "2018-01-11T01:18:43+00:00", + "creationdate": "2018-01-11T01:18:43Z", "devicemodel": "Nexus S/2.3.7 ($$$Flexnet v.5.5)", "asn": "AS22222 Some Company", "geocountry": "Netherlands", @@ -262,14 +262,18 @@ "geocountry": "United States", "geolocation": "Washington", "gibcollection": "attacks/ddos", - "gibid": "26a05baa4025edff367b058b13c6b43e820538a5" + "gibid": "26a05baa4025edff367b058b13c6b43e820538a5", + "firstseenbysource": "2020-10-16T02:58:53Z", + "lastseenbysource": "2020-10-16T02:58:55Z" }, "fields": { "asn": "AS1298 Comcast Cable Communications", "geocountry": "United States", "geolocation": "Washington", "gibcollection": "attacks/ddos", - "gibid": "26a05baa4025edff367b058b13c6b43e820538a5" + "gibid": "26a05baa4025edff367b058b13c6b43e820538a5", + "firstseenbysource": "2020-10-16T02:58:53Z", + "lastseenbysource": "2020-10-16T02:58:55Z" } } ] @@ -369,6 +373,7 @@ { "fields": { "creationdate": "2013-11-15T13:41:30Z", + "firstseenbysource": "2021-01-14T11:21:34Z", "gibcollection": "attacks/phishing", "gibid": "fce7f92d0b64946cf890842d083953649b259952", "gibphishingtitle": "", @@ -379,6 +384,7 @@ }, "rawJSON": { "creationdate": "2013-11-15T13:41:30Z", + "firstseenbysource": "2021-01-14T11:21:34Z", "gibcollection": "attacks/phishing", "gibid": "fce7f92d0b64946cf890842d083953649b259952", "gibphishingtitle": "", @@ -549,13 +555,17 @@ { "fields": { "gibcollection": "suspicious_ip/tor_node", - "gibid": "11.11.11.11" + "gibid": "11.11.11.11", + "firstseenbysource": "2020-09-03T14:15:25Z", + "lastseenbysource": "2021-01-20T22:07:33Z" }, "rawJSON": { "gibcollection": "suspicious_ip/tor_node", "gibid": "11.11.11.11", "type": "IP", - "value": "11.11.11.11" + "value": "11.11.11.11", + "firstseenbysource": "2020-09-03T14:15:25Z", + "lastseenbysource": "2021-01-20T22:07:33Z" }, "type": "IP", "value": "11.11.11.11" @@ -576,7 +586,9 @@ "gibid": "cc6a2856da2806b03839f81aa214f22dbcfd7369", "gibproxyanonymous": "High anonymous / Elite proxy", "gibproxyport": 80, - "source": "free-proxy-list.net" + "source": "free-proxy-list.net", + "firstseenbysource": "2020-03-19T23:01:01Z", + "lastseenbysource": "2021-01-21T11:01:02Z" }, "rawJSON": { "geocountry": "Czech Republic", @@ -586,7 +598,9 @@ "gibproxyport": 80, "source": "free-proxy-list.net", "type": "IP", - "value": "11.11.11.11" + "value": "11.11.11.11", + "firstseenbysource": "2020-03-19T23:01:01Z", + "lastseenbysource": "2021-01-21T11:01:02Z" }, "type": "IP", "value": "11.11.11.11" @@ -605,7 +619,9 @@ "asn": "AS60999 Libatech SAL", "geocountry": "Lebanon", "gibcollection": "suspicious_ip/socks_proxy", - "gibid": "02e385600dfc5bf9b3b3656df8e0e20f5fc5c86e" + "gibid": "02e385600dfc5bf9b3b3656df8e0e20f5fc5c86e", + "firstseenbysource": "2021-01-19T07:41:11Z", + "lastseenbysource": "2021-01-21T08:35:46Z" }, "rawJSON": { "asn": "AS60999 Libatech SAL", @@ -613,7 +629,9 @@ "gibcollection": "suspicious_ip/socks_proxy", "gibid": "02e385600dfc5bf9b3b3656df8e0e20f5fc5c86e", "type": "IP", - "value": "11.11.11.11" + "value": "11.11.11.11", + "firstseenbysource": "2021-01-19T07:41:11Z", + "lastseenbysource": "2021-01-21T08:35:46Z" }, "type": "IP", "value": "11.11.11.11" @@ -631,14 +649,18 @@ "fields": { "gibcollection": "malware/cnc", "gibid": "aeed277396e27e375d030a91533aa232444d0089", - "gibmalwarename": "JS Sniffer - Poter" + "gibmalwarename": "JS Sniffer - Poter", + "firstseenbysource": "2021-01-21T10:35:21Z", + "lastseenbysource": "2021-01-21T10:35:21Z" }, "rawJSON": { "gibcollection": "malware/cnc", "gibid": "aeed277396e27e375d030a91533aa232444d0089", "type": "URL", "value": "https://some.ru", - "gibmalwarename": "JS Sniffer - Poter" + "gibmalwarename": "JS Sniffer - Poter", + "firstseenbysource": "2021-01-21T10:35:21Z", + "lastseenbysource": "2021-01-21T10:35:21Z" }, "type": "URL", "value": "https://some.ru" @@ -647,14 +669,18 @@ "fields": { "gibcollection": "malware/cnc", "gibid": "aeed277396e27e375d030a91533aa232444d0089", - "gibmalwarename": "JS Sniffer - Poter" + "gibmalwarename": "JS Sniffer - Poter", + "firstseenbysource": "2021-01-21T10:35:21Z", + "lastseenbysource": "2021-01-21T10:35:21Z" }, "rawJSON": { "gibcollection": "malware/cnc", "gibid": "aeed277396e27e375d030a91533aa232444d0089", "type": "Domain", "value": "some.ru", - "gibmalwarename": "JS Sniffer - Poter" + "gibmalwarename": "JS Sniffer - Poter", + "firstseenbysource": "2021-01-21T10:35:21Z", + "lastseenbysource": "2021-01-21T10:35:21Z" }, "type": "Domain", "value": "some.ru" @@ -665,7 +691,9 @@ "geocountry": "United States", "gibcollection": "malware/cnc", "gibid": "aeed277396e27e375d030a91533aa232444d0089", - "gibmalwarename": "JS Sniffer - Poter" + "gibmalwarename": "JS Sniffer - Poter", + "firstseenbysource": "2021-01-21T10:35:21Z", + "lastseenbysource": "2021-01-21T10:35:21Z" }, "rawJSON": { "asn": "AS3356 Level 3 Communications, Inc.", @@ -674,7 +702,9 @@ "gibid": "aeed277396e27e375d030a91533aa232444d0089", "type": "IP", "value": "11.11.11.11", - "gibmalwarename": "JS Sniffer - Poter" + "gibmalwarename": "JS Sniffer - Poter", + "firstseenbysource": "2021-01-21T10:35:21Z", + "lastseenbysource": "2021-01-21T10:35:21Z" }, "type": "IP", "value": "11.11.11.11" diff --git a/Packs/GroupIB_ThreatIntelligenceAttribution/ReleaseNotes/1_1_2.md b/Packs/GroupIB_ThreatIntelligenceAttribution/ReleaseNotes/1_1_2.md new file mode 100644 index 000000000000..a39b071bbb02 --- /dev/null +++ b/Packs/GroupIB_ThreatIntelligenceAttribution/ReleaseNotes/1_1_2.md @@ -0,0 +1,5 @@ + +#### Integrations +##### Group-IB Threat Intelligence & Attribution Feed +- Fixed an issue where the **tags** and the **TLP** integration parameters were not handled correctly. +- Added both **first seen** and **last seen** indicator fields. \ No newline at end of file diff --git a/Packs/GroupIB_ThreatIntelligenceAttribution/pack_metadata.json b/Packs/GroupIB_ThreatIntelligenceAttribution/pack_metadata.json index 76d1e036e866..d1f6da48e881 100644 --- a/Packs/GroupIB_ThreatIntelligenceAttribution/pack_metadata.json +++ b/Packs/GroupIB_ThreatIntelligenceAttribution/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Group-IB Threat Intelligence & Attribution", "description": "Group-IB Threat Intelligence & Attribution is a system for analyzing and attributing cyberattacks, threat hunting, and protecting network infrastructure based on data relating to adversary tactics, tools, and activity. Use this pack to fast receive incidents related to you, attribute them to adversaries to do instant response, enrich your security with an enormous IOCs collection, and provide possibilities for manual investigation through Group-IB data via Cortex XSOAR interface.", "support": "partner", - "currentVersion": "1.1.1", + "currentVersion": "1.1.2", "author": "Group-IB", "url": "https://www.group-ib.com/", "email": "presale@group-ib.com", From f87b38fcd7e64a67f46a4831f88dedcf85f972aa Mon Sep 17 00:00:00 2001 From: Raz Weinstock <79846533+PA-Rweins@users.noreply.github.com> Date: Mon, 23 Aug 2021 16:16:45 +0300 Subject: [PATCH 005/173] Fixed Custom Indicator context value key (#14422) * Fixed context value key * Fixed customIndicator test * Fixed customIndicator test * Merge branch 'master' into custom-indicator-value # Conflicts: # Packs/Base/ReleaseNotes/1_13_22.md * Update 1_13_23.md Done. Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- Packs/Base/ReleaseNotes/1_13_23.md | 4 ++++ Packs/Base/Scripts/CommonServerPython/CommonServerPython.py | 2 +- .../Scripts/CommonServerPython/CommonServerPython_test.py | 2 +- Packs/Base/pack_metadata.json | 2 +- 4 files changed, 7 insertions(+), 3 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_13_23.md diff --git a/Packs/Base/ReleaseNotes/1_13_23.md b/Packs/Base/ReleaseNotes/1_13_23.md new file mode 100644 index 000000000000..c2013fd32cff --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_13_23.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CommonServerPython +Changed the CustomIndicator *Value* field name to *value*. diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py index 62bf8922e75b..81b3dcb9f144 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py @@ -2532,7 +2532,7 @@ def __init__(self, indicator_type, value, dbot_score, data, context_prefix): def to_context(self): custom_context = { - 'Value': self.value + 'value': self.value } custom_context.update(self.data) diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py index c15508f80af1..729f76bb191c 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py @@ -5563,7 +5563,7 @@ def test_custom_indicator_to_context(self): assert context['DBotScore(val.Indicator &&' ' val.Indicator == obj.Indicator &&' ' val.Vendor == obj.Vendor && val.Type == obj.Type)']['Indicator'] == 'test' - assert context['prefix(val.value && val.value == obj.value)']['Value'] == 'test_value' + assert context['prefix(val.value && val.value == obj.value)']['value'] == 'test_value' assert context['prefix(val.value && val.value == obj.value)']['param'] == 'value' def test_custom_indicator_no_params(self): diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index 2b39216acf65..49a4e51c4068 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.13.22", + "currentVersion": "1.13.23", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", From 0c2081f4761bc16cbb9126f4983fdb448bdad6ff Mon Sep 17 00:00:00 2001 From: Darya Koval <72339940+daryakoval@users.noreply.github.com> Date: Mon, 23 Aug 2021 16:52:30 +0300 Subject: [PATCH 006/173] added ignore BA113,BA112 (#14465) --- Packs/Armis/.pack-ignore | 2 +- Packs/Compliance/.pack-ignore | 2 +- Packs/CortexXDR/.pack-ignore | 3 +++ Packs/DigitalGuardian/.pack-ignore | 5 ++++- Packs/F5Silverline/.pack-ignore | 10 ++++++++-- Packs/MicrosoftAdvancedThreatAnalytics/.pack-ignore | 5 ++++- Packs/ShiftManagement/.pack-ignore | 6 ++++++ 7 files changed, 27 insertions(+), 6 deletions(-) diff --git a/Packs/Armis/.pack-ignore b/Packs/Armis/.pack-ignore index 8076b415e11f..9d4ef7cd6b2a 100755 --- a/Packs/Armis/.pack-ignore +++ b/Packs/Armis/.pack-ignore @@ -9,7 +9,7 @@ ignore=IF100 ignore=IF100 [file:incidentfields_Armis_Alert_Status.json] -ignore=IF100 +ignore=IF100,BA113 [file:incidentfields_Armis_Alert_Type.json] ignore=IF100 diff --git a/Packs/Compliance/.pack-ignore b/Packs/Compliance/.pack-ignore index 93a5e553a471..a1eaecb37bf5 100644 --- a/Packs/Compliance/.pack-ignore +++ b/Packs/Compliance/.pack-ignore @@ -38,7 +38,7 @@ ignore=IF107 ignore=IF107 [file:incidentfield-isthedatasubjecttodpia.json] -ignore=IF107 +ignore=IF107,BA113 [file:incidentfield-possiblecauseofthebreach.json] ignore=IF107 diff --git a/Packs/CortexXDR/.pack-ignore b/Packs/CortexXDR/.pack-ignore index 1ecfac190082..1b71b1afd445 100644 --- a/Packs/CortexXDR/.pack-ignore +++ b/Packs/CortexXDR/.pack-ignore @@ -38,3 +38,6 @@ ignore=IF100 [file:incidentfield-XDR_Similar_Incidents.json] ignore=IF100 + +[file:widget-Cortex_XDR_Disconnected_Endpoints.json] +ignore=BA113 diff --git a/Packs/DigitalGuardian/.pack-ignore b/Packs/DigitalGuardian/.pack-ignore index f91e70e32558..5b7f9b8515d7 100644 --- a/Packs/DigitalGuardian/.pack-ignore +++ b/Packs/DigitalGuardian/.pack-ignore @@ -5,4 +5,7 @@ ignore=IN126 ignore=RM104 [file:DigitalGuardian_Demo.yml] -ignore=BA110 \ No newline at end of file +ignore=BA110 + +[file:incidentfield-Digital_Guardian_Computer_Name.json] +ignore=BA113 \ No newline at end of file diff --git a/Packs/F5Silverline/.pack-ignore b/Packs/F5Silverline/.pack-ignore index 71f166a690e5..72e4fb9c71e2 100644 --- a/Packs/F5Silverline/.pack-ignore +++ b/Packs/F5Silverline/.pack-ignore @@ -1,5 +1,5 @@ [file:incident_f5silverlinealertgeneratedtimestamp.json] -ignore=IF100 +ignore=IF100,BA113 [file:incident_f5silverlinealerttype.json] ignore=IF100 @@ -8,4 +8,10 @@ ignore=IF100 ignore=IF100 [file:classifier-F5Silverline_mapper.json] -ignore=BA101 \ No newline at end of file +ignore=BA101 + +[file:incident_f5silverlineactionreason.json] +ignore=BA113 + +[file:incident_f5silverlinemessageoriginatorsourceip.json] +ignore=BA113 \ No newline at end of file diff --git a/Packs/MicrosoftAdvancedThreatAnalytics/.pack-ignore b/Packs/MicrosoftAdvancedThreatAnalytics/.pack-ignore index 719b9adb7343..5fbc8a81c0b2 100644 --- a/Packs/MicrosoftAdvancedThreatAnalytics/.pack-ignore +++ b/Packs/MicrosoftAdvancedThreatAnalytics/.pack-ignore @@ -2,4 +2,7 @@ ignore=RM104 [file:classifier-mapper-incoming-MicrosoftAdvancedThreatAnalytics.json] -ignore=BA101 \ No newline at end of file +ignore=BA101,BA113 + +[file:classifier-MicrosoftAdvancedThreatAnalytics.json] +ignore=BA113 \ No newline at end of file diff --git a/Packs/ShiftManagement/.pack-ignore b/Packs/ShiftManagement/.pack-ignore index 4643b8c52db5..58a14a628221 100644 --- a/Packs/ShiftManagement/.pack-ignore +++ b/Packs/ShiftManagement/.pack-ignore @@ -1,3 +1,9 @@ [file:incidentfield-Shift_open_incidents.json] ignore=IF100 + +[file:dashboard-Shift_Management_.json] +ignore=BA113,BA112 + +[file:incidentfield-Shift_manager_briefing.json] +ignore=BA113 \ No newline at end of file From ca6a30bd698fb5d9345f2199135bf81cd6362f39 Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Mon, 23 Aug 2021 17:19:28 +0300 Subject: [PATCH 007/173] GetFailedTasks - improve err msg of failure to retrieve tasks (#14442) * improve err msg of failure to retrieve tasks * rm new line * Update Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> --- .../ReleaseNotes/1_2_4.md | 5 +++++ .../Scripts/GetFailedTasks/GetFailedTasks.py | 5 ++++- .../Scripts/GetFailedTasks/GetFailedTasks.yml | 2 +- .../Scripts/GetFailedTasks/README.md | 3 +++ Packs/IntegrationsAndIncidentsHealthCheck/pack_metadata.json | 2 +- 5 files changed, 14 insertions(+), 3 deletions(-) create mode 100644 Packs/IntegrationsAndIncidentsHealthCheck/ReleaseNotes/1_2_4.md diff --git a/Packs/IntegrationsAndIncidentsHealthCheck/ReleaseNotes/1_2_4.md b/Packs/IntegrationsAndIncidentsHealthCheck/ReleaseNotes/1_2_4.md new file mode 100644 index 000000000000..13d35606af02 --- /dev/null +++ b/Packs/IntegrationsAndIncidentsHealthCheck/ReleaseNotes/1_2_4.md @@ -0,0 +1,5 @@ + +#### Scripts +##### GetFailedTasks +- Improved the error message returned in case of failure to retrieve the incident tasks. +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.py b/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.py index fc940987e13e..22fbc6396ae4 100644 --- a/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.py +++ b/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.py @@ -110,7 +110,10 @@ def get_incident_data(incident: dict, tenant_name: str, rest_api_instance_to_use ) if is_error(response): - raise Exception(get_error(response)) + error = f'Failed retrieving tasks for incident ID {incident["id"]}.\n \ + Make sure that the API key configured in the Demisto REST API integration \ +is one with sufficient permissions to access that incident.\n' + get_error(response) + raise Exception(error) tasks = response[0]["Contents"]["response"] diff --git a/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.yml b/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.yml index 4246c893b5be..da7f5be977d3 100644 --- a/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.yml +++ b/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/GetFailedTasks.yml @@ -31,7 +31,7 @@ subtype: python3 system: false timeout: '0' type: python -dockerimage: demisto/python3:3.9.5.21272 +dockerimage: demisto/python3:3.9.6.22912 runas: DBotRole runonce: false tests: diff --git a/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md b/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md index 2b581cfb88bf..b3c5ef94a5ed 100644 --- a/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md +++ b/Packs/IntegrationsAndIncidentsHealthCheck/Scripts/GetFailedTasks/README.md @@ -25,3 +25,6 @@ This script is used in the following playbooks and scripts. ## Outputs --- There are no outputs for this script. + +## Troubleshooting +In order for the automation script to be able to retrieve the failed tasks, the API key configured in the Demisto REST API integration, need to be of a user with *Read* permissions to the queried incident. \ No newline at end of file diff --git a/Packs/IntegrationsAndIncidentsHealthCheck/pack_metadata.json b/Packs/IntegrationsAndIncidentsHealthCheck/pack_metadata.json index 99322e6a4f01..3010a5434c2b 100644 --- a/Packs/IntegrationsAndIncidentsHealthCheck/pack_metadata.json +++ b/Packs/IntegrationsAndIncidentsHealthCheck/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Integrations & Incidents Health Check", "description": "Do you know which of your integrations or open incidents failed? With this content, you can view your failed integrations and open incidents", "support": "xsoar", - "currentVersion": "1.2.3", + "currentVersion": "1.2.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 17c09e6b22364354d434a19030f90afe7d48ff2b Mon Sep 17 00:00:00 2001 From: Adi Daud <46249224+adi88d@users.noreply.github.com> Date: Mon, 23 Aug 2021 22:24:19 +0300 Subject: [PATCH 008/173] Fix generic APIModule feeds (#14490) --- Packs/ApiModules/ReleaseNotes/2_2_3.md | 6 ++++++ .../HTTPFeedApiModule/HTTPFeedApiModule.py | 14 +++++++++++--- .../JSONFeedApiModule/JSONFeedApiModule.py | 19 +++++++++++++++---- Packs/ApiModules/pack_metadata.json | 2 +- Packs/FeedAWS/ReleaseNotes/1_1_7.md | 4 ++++ Packs/FeedAWS/pack_metadata.json | 2 +- Packs/FeedBlocklist_de/ReleaseNotes/1_1_6.md | 3 +++ Packs/FeedBlocklist_de/pack_metadata.json | 2 +- .../ReleaseNotes/1_1_6.md | 3 +++ .../FeedBruteForceBlocker/pack_metadata.json | 2 +- Packs/FeedCloudflare/ReleaseNotes/1_1_6.md | 3 +++ Packs/FeedCloudflare/pack_metadata.json | 2 +- Packs/FeedDShield/ReleaseNotes/1_1_6.md | 3 +++ Packs/FeedDShield/pack_metadata.json | 2 +- Packs/FeedFastly/ReleaseNotes/1_1_6.md | 4 ++++ Packs/FeedFastly/pack_metadata.json | 2 +- Packs/FeedFeodoTracker/ReleaseNotes/1_1_7.md | 3 +++ Packs/FeedFeodoTracker/pack_metadata.json | 2 +- Packs/FeedIntel471/ReleaseNotes/2_0_3.md | 8 ++++++++ Packs/FeedIntel471/pack_metadata.json | 2 +- Packs/FeedJSON/ReleaseNotes/1_1_6.md | 4 ++++ Packs/FeedJSON/pack_metadata.json | 2 +- .../ReleaseNotes/1_1_5.md | 4 ++++ .../FeedMalwareDomainList/pack_metadata.json | 2 +- Packs/FeedPlainText/ReleaseNotes/1_1_4.md | 4 ++++ Packs/FeedPlainText/pack_metadata.json | 2 +- Packs/FeedSpamhaus/ReleaseNotes/1_1_6.md | 3 +++ Packs/FeedSpamhaus/pack_metadata.json | 2 +- Packs/iDefense/ReleaseNotes/3_1_0.md | 3 +++ Packs/iDefense/pack_metadata.json | 2 +- Tests/demistomock/demistomock.py | 2 +- 31 files changed, 96 insertions(+), 22 deletions(-) create mode 100644 Packs/ApiModules/ReleaseNotes/2_2_3.md create mode 100644 Packs/FeedAWS/ReleaseNotes/1_1_7.md create mode 100644 Packs/FeedBlocklist_de/ReleaseNotes/1_1_6.md create mode 100644 Packs/FeedBruteForceBlocker/ReleaseNotes/1_1_6.md create mode 100644 Packs/FeedCloudflare/ReleaseNotes/1_1_6.md create mode 100644 Packs/FeedDShield/ReleaseNotes/1_1_6.md create mode 100644 Packs/FeedFastly/ReleaseNotes/1_1_6.md create mode 100644 Packs/FeedFeodoTracker/ReleaseNotes/1_1_7.md create mode 100644 Packs/FeedIntel471/ReleaseNotes/2_0_3.md create mode 100644 Packs/FeedJSON/ReleaseNotes/1_1_6.md create mode 100644 Packs/FeedMalwareDomainList/ReleaseNotes/1_1_5.md create mode 100644 Packs/FeedPlainText/ReleaseNotes/1_1_4.md create mode 100644 Packs/FeedSpamhaus/ReleaseNotes/1_1_6.md create mode 100644 Packs/iDefense/ReleaseNotes/3_1_0.md diff --git a/Packs/ApiModules/ReleaseNotes/2_2_3.md b/Packs/ApiModules/ReleaseNotes/2_2_3.md new file mode 100644 index 000000000000..c2f545519f42 --- /dev/null +++ b/Packs/ApiModules/ReleaseNotes/2_2_3.md @@ -0,0 +1,6 @@ + +#### Scripts +##### JSONFeedApiModule +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. +##### HTTPFeedApiModule +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/ApiModules/Scripts/HTTPFeedApiModule/HTTPFeedApiModule.py b/Packs/ApiModules/Scripts/HTTPFeedApiModule/HTTPFeedApiModule.py index c55d494a355b..d3a9788988b7 100644 --- a/Packs/ApiModules/Scripts/HTTPFeedApiModule/HTTPFeedApiModule.py +++ b/Packs/ApiModules/Scripts/HTTPFeedApiModule/HTTPFeedApiModule.py @@ -508,9 +508,17 @@ def feed_main(feed_name, params=None, prefix=''): params.get('indicator_type'), params.get('auto_detect_type'), params.get('create_relationships')) - # we submit the indicators in batches - for b in batch(indicators, batch_size=2000): - demisto.createIndicators(b, noUpdate=no_update) + + # check if the version is higher than 6.5.0 so we can use noUpdate parameter + if is_demisto_version_ge('6.5.0'): + # we submit the indicators in batches + for b in batch(indicators, batch_size=2000): + demisto.createIndicators(b, noUpdate=no_update) + else: + # call createIndicators without noUpdate arg + for b in batch(indicators, batch_size=2000): + demisto.createIndicators(b) + else: args = demisto.args() args['feed_name'] = feed_name diff --git a/Packs/ApiModules/Scripts/JSONFeedApiModule/JSONFeedApiModule.py b/Packs/ApiModules/Scripts/JSONFeedApiModule/JSONFeedApiModule.py index 09460b61adea..950b1fdfa1b7 100644 --- a/Packs/ApiModules/Scripts/JSONFeedApiModule/JSONFeedApiModule.py +++ b/Packs/ApiModules/Scripts/JSONFeedApiModule/JSONFeedApiModule.py @@ -375,11 +375,22 @@ def feed_main(params, feed_name, prefix): create_relationships = params.get('create_relationships') indicators, no_update = fetch_indicators_command(client, indicator_type, feedTags, auto_detect, create_relationships) - if not len(indicators): - demisto.createIndicators(indicators, noUpdate=no_update) + + # check if the version is higher than 6.5.0 so we can use noUpdate parameter + if is_demisto_version_ge('6.5.0'): + if not indicators: + demisto.createIndicators(indicators, noUpdate=no_update) + else: + for b in batch(indicators, batch_size=2000): + demisto.createIndicators(b, noUpdate=no_update) + else: - for b in batch(indicators, batch_size=2000): - demisto.createIndicators(b, noUpdate=no_update) + # call createIndicators without noUpdate arg + if not indicators: + demisto.createIndicators(indicators) + else: + for b in batch(indicators, batch_size=2000): + demisto.createIndicators(b) elif command == f'{prefix}get-indicators': # dummy command for testing diff --git a/Packs/ApiModules/pack_metadata.json b/Packs/ApiModules/pack_metadata.json index 998a0c873e20..fc8846ad93fc 100644 --- a/Packs/ApiModules/pack_metadata.json +++ b/Packs/ApiModules/pack_metadata.json @@ -2,7 +2,7 @@ "name": "ApiModules", "description": "API Modules", "support": "xsoar", - "currentVersion": "2.2.2", + "currentVersion": "2.2.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedAWS/ReleaseNotes/1_1_7.md b/Packs/FeedAWS/ReleaseNotes/1_1_7.md new file mode 100644 index 000000000000..4ee76a5d41bf --- /dev/null +++ b/Packs/FeedAWS/ReleaseNotes/1_1_7.md @@ -0,0 +1,4 @@ + +#### Integrations +##### AWS Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. \ No newline at end of file diff --git a/Packs/FeedAWS/pack_metadata.json b/Packs/FeedAWS/pack_metadata.json index dcabe26705f2..f5b8ccf2baec 100644 --- a/Packs/FeedAWS/pack_metadata.json +++ b/Packs/FeedAWS/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AWS Feed", "description": "Indicators feed from AWS", "support": "xsoar", - "currentVersion": "1.1.6", + "currentVersion": "1.1.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedBlocklist_de/ReleaseNotes/1_1_6.md b/Packs/FeedBlocklist_de/ReleaseNotes/1_1_6.md new file mode 100644 index 000000000000..a8b0a51f4d0d --- /dev/null +++ b/Packs/FeedBlocklist_de/ReleaseNotes/1_1_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### Blocklist_de Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedBlocklist_de/pack_metadata.json b/Packs/FeedBlocklist_de/pack_metadata.json index 8b0728473890..34a5e6cfba82 100644 --- a/Packs/FeedBlocklist_de/pack_metadata.json +++ b/Packs/FeedBlocklist_de/pack_metadata.json @@ -2,7 +2,7 @@ "name": "BlockList DE Feed", "description": "Indicators feed from BlockList DE", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "1.1.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedBruteForceBlocker/ReleaseNotes/1_1_6.md b/Packs/FeedBruteForceBlocker/ReleaseNotes/1_1_6.md new file mode 100644 index 000000000000..0e39ff1574b5 --- /dev/null +++ b/Packs/FeedBruteForceBlocker/ReleaseNotes/1_1_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### BruteForceBlocker Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedBruteForceBlocker/pack_metadata.json b/Packs/FeedBruteForceBlocker/pack_metadata.json index ce9e2100ed98..5ecb8cc28b96 100644 --- a/Packs/FeedBruteForceBlocker/pack_metadata.json +++ b/Packs/FeedBruteForceBlocker/pack_metadata.json @@ -2,7 +2,7 @@ "name": "BruteForce Feed", "description": "Indicators feed from BruteForceBlocker", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "1.1.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedCloudflare/ReleaseNotes/1_1_6.md b/Packs/FeedCloudflare/ReleaseNotes/1_1_6.md new file mode 100644 index 000000000000..e9de72012ae0 --- /dev/null +++ b/Packs/FeedCloudflare/ReleaseNotes/1_1_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cloudflare Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedCloudflare/pack_metadata.json b/Packs/FeedCloudflare/pack_metadata.json index 9e30a935e4d0..7f441dfd4581 100644 --- a/Packs/FeedCloudflare/pack_metadata.json +++ b/Packs/FeedCloudflare/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cloudflare Feed", "description": "Indicators feed from Cloudflare", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "1.1.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedDShield/ReleaseNotes/1_1_6.md b/Packs/FeedDShield/ReleaseNotes/1_1_6.md new file mode 100644 index 000000000000..3fea5d9aeb31 --- /dev/null +++ b/Packs/FeedDShield/ReleaseNotes/1_1_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### DShield Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedDShield/pack_metadata.json b/Packs/FeedDShield/pack_metadata.json index 1bc030af1f4e..a056861e1a20 100644 --- a/Packs/FeedDShield/pack_metadata.json +++ b/Packs/FeedDShield/pack_metadata.json @@ -2,7 +2,7 @@ "name": "DShield Feed", "description": "Indicators feed from DShield", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "1.1.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedFastly/ReleaseNotes/1_1_6.md b/Packs/FeedFastly/ReleaseNotes/1_1_6.md new file mode 100644 index 000000000000..85aa40e0c41e --- /dev/null +++ b/Packs/FeedFastly/ReleaseNotes/1_1_6.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Fastly Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedFastly/pack_metadata.json b/Packs/FeedFastly/pack_metadata.json index 93c8187f2da9..4520838c0a78 100644 --- a/Packs/FeedFastly/pack_metadata.json +++ b/Packs/FeedFastly/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Fastly Feed", "description": "Indicators feed from Fastly", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "1.1.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedFeodoTracker/ReleaseNotes/1_1_7.md b/Packs/FeedFeodoTracker/ReleaseNotes/1_1_7.md new file mode 100644 index 000000000000..e1a9860f5ee4 --- /dev/null +++ b/Packs/FeedFeodoTracker/ReleaseNotes/1_1_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### Feodo Tracker IP Blocklist Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedFeodoTracker/pack_metadata.json b/Packs/FeedFeodoTracker/pack_metadata.json index eaba93f5163c..e18d4e172f41 100644 --- a/Packs/FeedFeodoTracker/pack_metadata.json +++ b/Packs/FeedFeodoTracker/pack_metadata.json @@ -2,7 +2,7 @@ "name": "FeodoTracker Feed", "description": "Indicators feed from FeodoTracker", "support": "xsoar", - "currentVersion": "1.1.6", + "currentVersion": "1.1.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedIntel471/ReleaseNotes/2_0_3.md b/Packs/FeedIntel471/ReleaseNotes/2_0_3.md new file mode 100644 index 000000000000..c249abf1dc68 --- /dev/null +++ b/Packs/FeedIntel471/ReleaseNotes/2_0_3.md @@ -0,0 +1,8 @@ + +#### Integrations + +##### Intel471 Actors Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. + +##### Intel471 Malware Indicator Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedIntel471/pack_metadata.json b/Packs/FeedIntel471/pack_metadata.json index df1d2c5eb1a5..d683e1bbfb40 100644 --- a/Packs/FeedIntel471/pack_metadata.json +++ b/Packs/FeedIntel471/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Intel471 Feed", "description": "This content pack fetches actor and malware related indicators from Intel 471.", "support": "partner", - "currentVersion": "2.0.2", + "currentVersion": "2.0.3", "author": "Intel 471", "url": "https://www.intel471.com", "email": "support@intel471.com", diff --git a/Packs/FeedJSON/ReleaseNotes/1_1_6.md b/Packs/FeedJSON/ReleaseNotes/1_1_6.md new file mode 100644 index 000000000000..f2a03cc0fc83 --- /dev/null +++ b/Packs/FeedJSON/ReleaseNotes/1_1_6.md @@ -0,0 +1,4 @@ + +#### Integrations +##### JSON Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedJSON/pack_metadata.json b/Packs/FeedJSON/pack_metadata.json index 18299d611553..f4e00892317a 100644 --- a/Packs/FeedJSON/pack_metadata.json +++ b/Packs/FeedJSON/pack_metadata.json @@ -2,7 +2,7 @@ "name": "JSON Feed", "description": "Indicators feed from a JSON file", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "1.1.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedMalwareDomainList/ReleaseNotes/1_1_5.md b/Packs/FeedMalwareDomainList/ReleaseNotes/1_1_5.md new file mode 100644 index 000000000000..32efd53b0e9a --- /dev/null +++ b/Packs/FeedMalwareDomainList/ReleaseNotes/1_1_5.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Malware Domain List Active IPs Feed (Deprecated) +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedMalwareDomainList/pack_metadata.json b/Packs/FeedMalwareDomainList/pack_metadata.json index 33113cdfdf88..aa084058a4fa 100644 --- a/Packs/FeedMalwareDomainList/pack_metadata.json +++ b/Packs/FeedMalwareDomainList/pack_metadata.json @@ -2,7 +2,7 @@ "name": "MalwareDomainList Feed", "description": "Indicators feed from MalwareDomainList", "support": "xsoar", - "currentVersion": "1.1.4", + "currentVersion": "1.1.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedPlainText/ReleaseNotes/1_1_4.md b/Packs/FeedPlainText/ReleaseNotes/1_1_4.md new file mode 100644 index 000000000000..e01865e82dae --- /dev/null +++ b/Packs/FeedPlainText/ReleaseNotes/1_1_4.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Plain Text Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedPlainText/pack_metadata.json b/Packs/FeedPlainText/pack_metadata.json index dae72fbeae3a..4c16713c66b3 100644 --- a/Packs/FeedPlainText/pack_metadata.json +++ b/Packs/FeedPlainText/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Plain Text Feed", "description": "Fetches indicators from a plain text feed.", "support": "xsoar", - "currentVersion": "1.1.3", + "currentVersion": "1.1.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/FeedSpamhaus/ReleaseNotes/1_1_6.md b/Packs/FeedSpamhaus/ReleaseNotes/1_1_6.md new file mode 100644 index 000000000000..32e08e1149c6 --- /dev/null +++ b/Packs/FeedSpamhaus/ReleaseNotes/1_1_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### Spamhaus Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/FeedSpamhaus/pack_metadata.json b/Packs/FeedSpamhaus/pack_metadata.json index cb3e66897009..8a7a98579414 100644 --- a/Packs/FeedSpamhaus/pack_metadata.json +++ b/Packs/FeedSpamhaus/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Spamhaus Feed", "description": "Use the Spamhaus feed integration to fetch indicators from the feed.", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "1.1.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/iDefense/ReleaseNotes/3_1_0.md b/Packs/iDefense/ReleaseNotes/3_1_0.md new file mode 100644 index 000000000000..419659c02081 --- /dev/null +++ b/Packs/iDefense/ReleaseNotes/3_1_0.md @@ -0,0 +1,3 @@ +#### Integrations +##### iDefense Feed +Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail. diff --git a/Packs/iDefense/pack_metadata.json b/Packs/iDefense/pack_metadata.json index f77b718f42fd..ed81814bbe71 100644 --- a/Packs/iDefense/pack_metadata.json +++ b/Packs/iDefense/pack_metadata.json @@ -2,7 +2,7 @@ "name": "iDefense", "description": "Accenture Security", "support": "xsoar", - "currentVersion": "3.0.9", + "currentVersion": "3.1.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/demistomock/demistomock.py b/Tests/demistomock/demistomock.py index 54509beabb39..3d411d9f6591 100644 --- a/Tests/demistomock/demistomock.py +++ b/Tests/demistomock/demistomock.py @@ -996,7 +996,7 @@ def createIndicators(indicators_batch, noUpdate=False): Args: indicators_batch (list): List of indicators objects to create - noUpdate (bool): No update on fetched feed (no new indicators to fetch) + noUpdate (bool): No update on fetched feed (no new indicators to fetch), Available from Server version 6.5.0. Returns: None: No data returned From 118971125645f2ce4ca66d1bd104a5ded0461ef3 Mon Sep 17 00:00:00 2001 From: dorschw <81086590+dorschw@users.noreply.github.com> Date: Mon, 23 Aug 2021 23:03:50 +0300 Subject: [PATCH 009/173] setGridField: undo column name truncation (#14492) allow column name truncation Co-authored-by: Dean Arbel --- Packs/CommonScripts/ReleaseNotes/1_4_25.md | 4 ++++ Packs/CommonScripts/Scripts/SetGridField/SetGridField.py | 2 +- .../Scripts/SetGridField/SetGridField_test.py | 4 ++-- .../SetGridField_test/expected_list_grid_none_value.json | 8 ++++---- Packs/CommonScripts/pack_metadata.json | 2 +- 5 files changed, 12 insertions(+), 8 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_4_25.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_4_25.md b/Packs/CommonScripts/ReleaseNotes/1_4_25.md new file mode 100644 index 000000000000..00f42bc8625a --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_4_25.md @@ -0,0 +1,4 @@ +#### Scripts + +##### SetGridField +- Add back support for column names with more than 255 chars (support was removed in v1.4.24). \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py index 06f275b48004..b2415222552e 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField.py @@ -43,7 +43,7 @@ def normalized_column_name(phrase: str) -> str: >>> normalized_string("hello🦦_world@") "hello_world" """ - return re.sub(r'[^a-zA-Z\d_]', '', phrase[:255]).lower() + return re.sub(r'[^a-zA-Z\d_]', '', phrase).lower() def filter_dict(dict_obj: Dict[Any, Any], keys: List[str], max_keys: Optional[int] = None) -> Dict[Any, Any]: diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py index 7056f5610b6f..85160ff3fc7c 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test.py @@ -89,12 +89,12 @@ def test_build_grid(datadir, mocker, keys: list, columns: list, dt_response_json ).to_dict() -should_be_removed_by_normalize_col = ' \n &$#%?!*;׳()🦦ץ' * 20 + "this should be truncated, more than 255 chars" +very_long_column_name = 11 * "column_name_OF_LEN_264__" @pytest.mark.parametrize(argnames="keys, columns, unpack_nested_elements, dt_response_path, expected_results_path", argvalues=[ - (["name", "value"], [f"col_1{should_be_removed_by_normalize_col}", "COL2"], False, + (["name", "value"], ["col!@#$%^&*()ע_1", very_long_column_name], False, 'context_entry_list_missing_key.json', 'expected_list_grid_none_value.json') ]) diff --git a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json index 7c7b4febf074..e13898ccb5b8 100644 --- a/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json +++ b/Packs/CommonScripts/Scripts/SetGridField/SetGridField_test/expected_list_grid_none_value.json @@ -1,17 +1,17 @@ [ { "col_1": "name1", - "col2": "value1" + "column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__": "value1" }, { "col_1": "name2", - "col2": "value2" + "column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__": "value2" }, { "col_1": "name3", - "col2": "value3" + "column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__": "value3" }, { - "col2": "value4" + "column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__column_name_of_len_264__": "value4" } ] diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 3d1b02289ae9..0c5a980477b8 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.4.24", + "currentVersion": "1.4.25", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 97c87fc29ab672094f7524af4e20d10a9f74679e Mon Sep 17 00:00:00 2001 From: Bar Hochman <11165655+jochman@users.noreply.github.com> Date: Tue, 24 Aug 2021 09:02:15 +0300 Subject: [PATCH 010/173] fixed bug in pop ranks (#14493) * fixed bug in pop ranks * fixed bug in pop ranks --- Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py | 2 +- .../Integrations/VirusTotalV3/VirusTotalV3_test.py | 6 +++--- Packs/VirusTotal/ReleaseNotes/2_1_7.md | 6 ++++++ Packs/VirusTotal/pack_metadata.json | 2 +- 4 files changed, 11 insertions(+), 5 deletions(-) create mode 100644 Packs/VirusTotal/ReleaseNotes/2_1_7.md diff --git a/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py b/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py index 218c77ae9f74..ce8d6c6be9c3 100644 --- a/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py +++ b/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py @@ -642,7 +642,7 @@ def is_good_by_popularity_ranks(self, popularity_ranks: dict) -> Optional[bool]: self.logs.append( f'The average of the ranks is {average} and the threshold is {self.domain_popularity_ranking}' ) - if average >= self.domain_popularity_ranking: + if average <= self.domain_popularity_ranking: self.logs.append('Indicator is good by popularity ranks.') return True else: diff --git a/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3_test.py b/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3_test.py index 2244fe913853..5db172188c86 100644 --- a/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3_test.py +++ b/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3_test.py @@ -70,10 +70,10 @@ def test_is_malicious_by_threshold(self, malicious: int, threshold: int, result: assert self.score_calculator.is_malicious_by_threshold(analysis_results, threshold) is result @pytest.mark.parametrize('ranks, result', [ - ({'vendor1': {'rank': 10000}}, True), + ({'vendor1': {'rank': 10000}}, False), ({'vendor1': {'rank': 3000}, 'vendor2': {'rank': 7000}}, True), - ({'vendor1': {'rank': 0}}, False), - ({'vendor1': {'rank': 300}, 'vendor2': {'rank': 300}}, False), + ({'vendor1': {'rank': 0}}, True), + ({'vendor1': {'rank': 300}, 'vendor2': {'rank': 300}}, True), ({}, None) ]) def test_is_good_by_popularity_ranks(self, ranks: Dict[str, dict], result: bool): diff --git a/Packs/VirusTotal/ReleaseNotes/2_1_7.md b/Packs/VirusTotal/ReleaseNotes/2_1_7.md new file mode 100644 index 000000000000..173fa0ca2022 --- /dev/null +++ b/Packs/VirusTotal/ReleaseNotes/2_1_7.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### VirusTotal (API v3) + +- Fixed an issue in the **domain** command where popularity ranks were miscalculated. diff --git a/Packs/VirusTotal/pack_metadata.json b/Packs/VirusTotal/pack_metadata.json index 41b185124a51..1a9047a78c82 100644 --- a/Packs/VirusTotal/pack_metadata.json +++ b/Packs/VirusTotal/pack_metadata.json @@ -2,7 +2,7 @@ "name": "VirusTotal", "description": "Analyze suspicious hashes, URLs, domains and IP addresses", "support": "xsoar", - "currentVersion": "2.1.6", + "currentVersion": "2.1.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 4ea4ac4b8a6e487e6a1c03b6e723190b91d2d1f6 Mon Sep 17 00:00:00 2001 From: avidan-H <46294017+avidan-H@users.noreply.github.com> Date: Tue, 24 Aug 2021 10:07:19 +0300 Subject: [PATCH 011/173] Migrate bucket upload workflow to GitLab (#14130) * Remove upload dev rules and env variable dev value assignment * Show that it works with fixed demisto-sdk * Revert "Show that it works with fixed demisto-sdk" This reverts commit 0a813cdbe92fcd4c2840fb92d091661853e8339c. * Enable bucket-upload trigger script to work against production bucket Co-authored-by: ikeren --- .circleci/config.yml | 12 ------------ .gitlab/ci/.gitlab-ci.yml | 2 +- .gitlab/ci/bucket-upload.yml | 15 --------------- .../gitlab_triggers/trigger_upload_flow_build.sh | 9 +-------- 4 files changed, 2 insertions(+), 36 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index a08e5b80757d..f3eeb6d189ce 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1610,18 +1610,6 @@ workflows: jobs: *sdk_nightly_jobs - bucket_upload: - triggers: - - schedule: - # should trigger every day at 9 AM & 9 PM UTC (11:00 PM & 11:00 AM Israel Time) - cron: "0 9,21 * * *" - filters: - branches: - only: - - master - jobs: - *bucket_upload_jobs - bucket_upload_trigger: # will initiate when using the trigger script. when: << pipeline.parameters.bucket_upload>> diff --git a/.gitlab/ci/.gitlab-ci.yml b/.gitlab/ci/.gitlab-ci.yml index 7e153e635197..394abfb7cfca 100644 --- a/.gitlab/ci/.gitlab-ci.yml +++ b/.gitlab/ci/.gitlab-ci.yml @@ -17,7 +17,7 @@ stages: variables: DONT_CACHE_LAST_RESPONSE: "true" - GCS_MARKET_BUCKET: "marketplace-dist-dev" + GCS_MARKET_BUCKET: "marketplace-dist" SLACK_CHANNEL: "dmst-content-team" DEMISTO_README_VALIDATION: "true" ARTIFACTS_FOLDER: "/builds/xsoar/content/artifacts" diff --git a/.gitlab/ci/bucket-upload.yml b/.gitlab/ci/bucket-upload.yml index 42f9649be04f..e2e904a98e42 100644 --- a/.gitlab/ci/bucket-upload.yml +++ b/.gitlab/ci/bucket-upload.yml @@ -1,23 +1,15 @@ .bucket-upload-rule: rules: - - if: '$GCS_MARKET_BUCKET == "marketplace-dist"' # remove this after testing period - when: never # remove this after testing period - if: '$CI_COMMIT_BRANCH =~ /pull\/[0-9]+/' when: never - if: '$BUCKET_UPLOAD == "true"' - variables: - GCS_PRODUCTION_BUCKET: "marketplace-dist-dev" # remove this after testing period .bucket-upload-rule-always: rules: - - if: '$GCS_MARKET_BUCKET == "marketplace-dist"' # remove this after testing period - when: never # remove this after testing period - if: '$CI_COMMIT_BRANCH =~ /pull\/[0-9]+/' when: never - if: '$BUCKET_UPLOAD == "true"' when: always - variables: - GCS_PRODUCTION_BUCKET: "marketplace-dist-dev" # remove this after testing period .check_user_permissions_to_upload_packs: &check_user_permissions_to_upload_packs @@ -55,10 +47,7 @@ create-instances-upload-flow: - create-instances variables: IFRA_ENV_TYPE: "Bucket-Upload" - GCS_PRODUCTION_BUCKET: "marketplace-dist-dev" # remove this after testing period rules: - - if: '$GCS_MARKET_BUCKET == "marketplace-dist"' # remove this after testing period - when: never # remove this after testing period - if: '$CI_COMMIT_BRANCH =~ /pull\/[0-9]+/' when: never - if: '$BUCKET_UPLOAD == "true"' @@ -179,13 +168,9 @@ force-pack-upload: stage: upload-to-marketplace needs: ["create-instances-upload-flow"] rules: - - if: '$GCS_MARKET_BUCKET == "marketplace-dist"' # remove this after testing period - when: never # remove this after testing period - if: '$FORCE_BUCKET_UPLOAD == "true"' extends: - .default-job-settings - variables: - GCS_PRODUCTION_BUCKET: "marketplace-dist-dev" # remove this after testing period script: - *check_user_permissions_to_upload_packs - EXTRACT_FOLDER=$(mktemp -d) diff --git a/Utils/gitlab_triggers/trigger_upload_flow_build.sh b/Utils/gitlab_triggers/trigger_upload_flow_build.sh index a1acacac73bb..8eccc6d485d1 100755 --- a/Utils/gitlab_triggers/trigger_upload_flow_build.sh +++ b/Utils/gitlab_triggers/trigger_upload_flow_build.sh @@ -32,12 +32,7 @@ while [[ "$#" -gt 0 ]]; do shift shift;; - -gb|--bucket) - if [ "$(echo "$2" | tr '[:upper:]' '[:lower:]')" == "marketplace-dist" ]; then - echo "Only test buckets are allowed to use. Using marketplace-dist-dev instead." - else - _bucket=$2 - fi + -gb|--bucket) _bucket="$2" shift shift;; @@ -69,8 +64,6 @@ if [ -n "$_force" ] && [ -z "$_packs" ]; then exit 1 fi -source Utils/gitlab_triggers/trigger_build_url.sh - _variables="variables[BUCKET_UPLOAD]=true" if [ -n "$_force" ]; then _variables="variables[FORCE_BUCKET_UPLOAD]=true" From 40fbe511d0efa73ae064a414b40b8dec4b3368ca Mon Sep 17 00:00:00 2001 From: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> Date: Tue, 24 Aug 2021 10:40:37 +0300 Subject: [PATCH 012/173] Added Iron Bank approved tag (#14489) --- Tests/Marketplace/approved_tags.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Tests/Marketplace/approved_tags.json b/Tests/Marketplace/approved_tags.json index c48945c677b2..7f58b4bebc74 100644 --- a/Tests/Marketplace/approved_tags.json +++ b/Tests/Marketplace/approved_tags.json @@ -40,6 +40,7 @@ "New", "Trending", "Relationship", - "Elasticsearch" + "Elasticsearch", + "Iron Bank" ] } From 105aeb16ad1d03a9b8949449599923dc6e8c023f Mon Sep 17 00:00:00 2001 From: Darya Koval <72339940+daryakoval@users.noreply.github.com> Date: Tue, 24 Aug 2021 11:11:26 +0300 Subject: [PATCH 013/173] Crowdstrike datetime bug (#14382) * added test * added test that fails * fix for test * added release notes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> --- .../CrowdStrikeIndicatorFeed.py | 3 ++- .../CrowdStrikeIndicatorFeed_test.py | 11 ++++++++++- .../FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md | 4 ++++ Packs/FeedCrowdstrikeFalconIntel/pack_metadata.json | 2 +- 4 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md diff --git a/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed.py b/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed.py index c11a9068e06f..ce888f9a4621 100644 --- a/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed.py +++ b/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed.py @@ -290,7 +290,8 @@ def main() -> None: credentials = params.get('credentials') proxy = params.get('proxy', False) insecure = params.get('insecure', False) - first_fetch_datetime = arg_to_datetime(params.get('first_fetch')) + first_fetch_param = params.get('first_fetch') + first_fetch_datetime = arg_to_datetime(first_fetch_param) if first_fetch_param else None first_fetch = first_fetch_datetime.timestamp() if first_fetch_datetime else None base_url = params.get('base_url') diff --git a/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed_test.py b/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed_test.py index 192c5ced7f24..0a4869d3fb7b 100644 --- a/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed_test.py +++ b/Packs/FeedCrowdstrikeFalconIntel/Integrations/CrowdStrikeIndicatorFeed/CrowdStrikeIndicatorFeed_test.py @@ -1,6 +1,6 @@ import json import io - +import demistomock as demisto import pytest @@ -81,3 +81,12 @@ def test_create_indicators_from_response(): expected_result = util_load_json('test_data/create_indicators_from_response.json') res = Client.create_indicators_from_response(raw_response) assert res == expected_result + + +def test_empty_first_fetch(mocker, requests_mock): + mocker.patch.object(demisto, 'params', return_value={'first_fetch': ''}) + mocker.patch.object(demisto, 'command', return_value='') + requests_mock.post('https://api.crowdstrike.com/oauth2/token', json={'access_token': '12345'}) + from CrowdStrikeIndicatorFeed import main + main() + assert True diff --git a/Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md b/Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md new file mode 100644 index 000000000000..6fc0be729692 --- /dev/null +++ b/Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_0_4.md @@ -0,0 +1,4 @@ + +#### Integrations +##### CrowdStrike Indicator Feed +- Fixed an issue where ***fetch-indicators*** failed when the *First fetch time* integration parameter was not entered. diff --git a/Packs/FeedCrowdstrikeFalconIntel/pack_metadata.json b/Packs/FeedCrowdstrikeFalconIntel/pack_metadata.json index aaf5128ca1cf..19c8a8546147 100644 --- a/Packs/FeedCrowdstrikeFalconIntel/pack_metadata.json +++ b/Packs/FeedCrowdstrikeFalconIntel/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Crowdstrike Falcon Intel Feed", "description": "Tracks the activities of threat actor groups and advanced persistent threats (APTs) to understand as much as possible about their known aliases, targets, methods, and more.", "support": "xsoar", - "currentVersion": "2.0.3", + "currentVersion": "2.0.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From d8dc2d8559820b305e5a274cf257955629cad8a0 Mon Sep 17 00:00:00 2001 From: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> Date: Tue, 24 Aug 2021 11:23:06 +0300 Subject: [PATCH 014/173] Qss new pr (#14502) * update README.md * update README.md --- Packs/QSS/README.md | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/Packs/QSS/README.md b/Packs/QSS/README.md index 6b001d3a20da..74eb60c05d1a 100644 --- a/Packs/QSS/README.md +++ b/Packs/QSS/README.md @@ -1,3 +1,20 @@ -Q-SCMP provides advanced SIEM events lifecycle management. It achieves this by streamlining all core Security Operations Center (SOC) as well as cyber incident response processes. -In combination with automated threat intelligence, incident response would be taken a step further by providing more insights about cyber threats. By automating and streamlining SOC -processes for the effective management of the complete lifecycle of security alerts, Q-SCMP ensures SOC consistent efficiency and effectiveness. +Q-SCMP pack integration with Cortex provides SOC Team to fetch Cases with their related information such as Assets, IoCs, Taken Actions, Custom Attributes, and more. + +#### What does this pack do? +Q-SCMP pack fetches most recent cases with their supporting info such as: +- Impacted Assets +- Associated IoCs +- Custom Attributes +- Notes +- Classification +- Tags + +#### More information about Q-SCMP product: +https://www.qss.com.sa/products/q-scmp + + +#### Q-SCMP datasheet can be found here: +https://www.qss.com.sa/products/q-scmp + +#### If you need more support about this integration pack, please contact us at: +support@qss.com.sa \ No newline at end of file From 44acc84642d67fd0f849b377fb5d6ad370f25d6b Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 24 Aug 2021 11:38:13 +0300 Subject: [PATCH 015/173] Rasterize improvements (#14124) (#14482) * Added support for different filename * Update the release notes * fix mypy error * Changed the naming from "filename" to "file_name" * Rename 1_0_10.md to 1_0_11.md * Update pack_metadata.json Co-authored-by: Paul <32433511+blestemee@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Paul D <88715381+nb-pdragoi@users.noreply.github.com> Co-authored-by: Paul <32433511+blestemee@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> --- .../Integrations/rasterize/README.md | 4 + .../Integrations/rasterize/rasterize.py | 20 +-- .../Integrations/rasterize/rasterize.yml | 132 ++++++++++++------ Packs/rasterize/ReleaseNotes/1_0_11.md | 4 + Packs/rasterize/pack_metadata.json | 4 +- 5 files changed, 110 insertions(+), 54 deletions(-) create mode 100644 Packs/rasterize/ReleaseNotes/1_0_11.md diff --git a/Packs/rasterize/Integrations/rasterize/README.md b/Packs/rasterize/Integrations/rasterize/README.md index eeee3b90ec70..2dc8069c752f 100644 --- a/Packs/rasterize/Integrations/rasterize/README.md +++ b/Packs/rasterize/Integrations/rasterize/README.md @@ -44,6 +44,7 @@ Converts the contents of a URL to an image file or a PDF file. | width | The page width, for example, 1024px. Specify with or without the px suffix. | Optional | | height | The page height, for example, 800px. Specify with or without the px suffix. | Optional | | type | The file type to which to convert the contents of the URL. Can be "pdf" or "png". Default is "png". | Optional | +| file_name | The name the file will be saved as. Default is "url". | Optional | #### Context Output @@ -88,6 +89,7 @@ Converts the body of an email to an image file or a PDF file. | height | The HTML page height, for example, 800px. Specify with or without the px suffix. | Optional | | type | The file type to which to convert the email body. Can be "pdf" or "png". Default is "png". | Optional | | offline | If "true", will block all outgoing communication. | Optional | +| file_name | The name the file will be saved as. Default is "email". | Optional | #### Context Output @@ -131,6 +133,7 @@ Converts an image file to a PDF file. | EntryID | The entry ID of the image file. | Required | | width | The image width, for example, 600px. Specify with or without the px suffix. | Optional | | height | The image height, for example, 800px. Specify with or without the px suffix. If empty, the height is the entire image. | Optional | +| file_name | The name the file will be saved as. Default is the EntryID. | Optional | #### Context Output @@ -174,6 +177,7 @@ Converts a PDF file to an image file. | maxPages | The maximum number of pages to render. Default is "3". | Optional | | pdfPassword | The password to access the PDF. | Optional | | horizontal | Whether to stack the pages horizontally. If "true", will stack the pages horizontally. If "false", will stack the pages vertically. Default is "false". | Optional | +| file_name | The name the file will be saved as. Default is "image". | Optional | #### Context Output diff --git a/Packs/rasterize/Integrations/rasterize/rasterize.py b/Packs/rasterize/Integrations/rasterize/rasterize.py index 2109ca6ee120..6e24d0afe63b 100644 --- a/Packs/rasterize/Integrations/rasterize/rasterize.py +++ b/Packs/rasterize/Integrations/rasterize/rasterize.py @@ -296,17 +296,18 @@ def rasterize_command(): r_type = demisto.args().get('type', 'png') wait_time = int(demisto.args().get('wait_time', 0)) page_load = int(demisto.args().get('max_page_load_time', DEFAULT_PAGE_LOAD_TIME)) + file_name = demisto.args().get('file_name', 'url') if not (url.startswith('http')): url = f'http://{url}' - filename = f'url.{"pdf" if r_type == "pdf" else "png"}' # type: ignore + file_name = f'{file_name}.{"pdf" if r_type == "pdf" else "png"}' # type: ignore output = rasterize(path=url, r_type=r_type, width=w, height=h, wait_time=wait_time, max_page_load_time=page_load) if r_type == 'json': return_results(CommandResults(raw_response=output, readable_output="Successfully load image for url: " + url)) return - res = fileResult(filename=filename, data=output) + res = fileResult(filename=file_name, data=output) if r_type == 'png': res['Type'] = entryTypes['image'] @@ -318,13 +319,14 @@ def rasterize_image_command(): entry_id = args.get('EntryID') w = args.get('width', DEFAULT_W).rstrip('px') h = args.get('height', DEFAULT_H).rstrip('px') + file_name = args.get('file_name', entry_id) file_path = demisto.getFilePath(entry_id).get('path') - filename = f'{entry_id}.pdf' + file_name = f'{file_name}.pdf' with open(file_path, 'rb') as f: output = rasterize(path=f'file://{os.path.realpath(f.name)}', width=w, height=h, r_type='pdf') - res = fileResult(filename=filename, data=output, file_type=entryTypes['entryInfoFile']) + res = fileResult(filename=file_name, data=output, file_type=entryTypes['entryInfoFile']) demisto.results(res) @@ -334,14 +336,15 @@ def rasterize_email_command(): h = demisto.args().get('height', DEFAULT_H).rstrip('px') offline = demisto.args().get('offline', 'false') == 'true' r_type = demisto.args().get('type', 'png') + file_name = demisto.args().get('file_name', 'email') - filename = f'email.{"pdf" if r_type.lower() == "pdf" else "png"}' # type: ignore + file_name = f'{file_name}.{"pdf" if r_type.lower() == "pdf" else "png"}' # type: ignore with open('htmlBody.html', 'w') as f: f.write(f'{html_body}') path = f'file://{os.path.realpath(f.name)}' output = rasterize(path=path, r_type=r_type, width=w, height=h, offline_mode=offline) - res = fileResult(filename=filename, data=output) + res = fileResult(filename=file_name, data=output) if r_type == 'png': res['Type'] = entryTypes['image'] @@ -353,15 +356,16 @@ def rasterize_pdf_command(): password = demisto.args().get('pdfPassword') max_pages = int(demisto.args().get('maxPages', 30)) horizontal = demisto.args().get('horizontal', 'false') == 'true' + file_name = demisto.args().get('file_name', 'image') file_path = demisto.getFilePath(entry_id).get('path') - filename = 'image.jpeg' # type: ignore + file_name = f'{file_name}.jpeg' # type: ignore with open(file_path, 'rb') as f: output = convert_pdf_to_jpeg(path=os.path.realpath(f.name), max_pages=max_pages, password=password, horizontal=horizontal) - res = fileResult(filename=filename, data=output) + res = fileResult(filename=file_name, data=output) res['Type'] = entryTypes['image'] demisto.results(res) diff --git a/Packs/rasterize/Integrations/rasterize/rasterize.yml b/Packs/rasterize/Integrations/rasterize/rasterize.yml index 7609b315de49..780e2f1a50be 100644 --- a/Packs/rasterize/Integrations/rasterize/rasterize.yml +++ b/Packs/rasterize/Integrations/rasterize/rasterize.yml @@ -3,26 +3,25 @@ commonfields: id: Rasterize version: -1 configuration: -- display: Return Errors +- defaultvalue: 'false' + display: Return Errors name: with_error - defaultvalue: "false" - type: 8 required: false -- display: 'Time to wait before taking a screen shot (in seconds)' + type: 8 +- defaultvalue: '0' + display: Time to wait before taking a screen shot (in seconds) name: wait_time - defaultvalue: "0" - type: 0 required: false -- display: 'Maximum time to wait for a page to load (in seconds)' - name: max_page_load_time - defaultvalue: "180" type: 0 +- defaultvalue: '180' + display: Maximum time to wait for a page to load (in seconds) + name: max_page_load_time required: false -- display: 'Chrome options (Advanced. See [?])' - name: chrome_options - defaultvalue: "" type: 0 +- display: Chrome options (Advanced. See [?]) + name: chrome_options required: false + type: 0 - display: Use system proxy settings name: proxy required: false @@ -30,7 +29,6 @@ configuration: description: Converts URLs, PDF files, and emails to an image file or PDF file. display: Rasterize name: Rasterize -fromversion: '5.0.0' script: commands: - arguments: @@ -47,33 +45,44 @@ script: required: false secret: false - default: true - description: The URL to rasterize. Must be the full URL, including the http prefix. + description: The URL to rasterize. Must be the full URL, including the http + prefix. isArray: false name: url required: true secret: false - default: false - description: The page width, for example, 1024px. Specify with or without the px suffix. + defaultValue: 1024px + description: The page width, for example, 1024px. Specify with or without the + px suffix. isArray: false name: width required: false secret: false - defaultValue: "1024px" - default: false - description: The page height, for example, 800px. Specify with or without the px suffix. + defaultValue: 800px + description: The page height, for example, 800px. Specify with or without the + px suffix. isArray: false name: height required: false secret: false - defaultValue: "800px" - default: false - description: The file type to which to convert the contents of the URL. Can be "pdf" or "png". Default is "png". + description: The file type to which to convert the contents of the URL. Can + be "pdf" or "png". Default is "png". isArray: false name: type predefined: - - pdf - - png - - json + - pdf + - png + - json + required: false + secret: false + - default: false + defaultValue: url + description: The name the file will be saved as. + isArray: false + name: file_name required: false secret: false deprecated: false @@ -88,31 +97,45 @@ script: required: true secret: false - default: false - description: The html page width, for example, 600px. Specify with or without the px suffix. + defaultValue: 600px + description: The html page width, for example, 600px. Specify with or without + the px suffix. isArray: false name: width required: false secret: false - defaultValue: "600px" - default: false - description: The html page height, for example, 800px. Specify with or without the px suffix. + defaultValue: 800px + description: The html page height, for example, 800px. Specify with or without + the px suffix. isArray: false name: height required: false secret: false - defaultValue: "800px" - default: false - description: The file type to which to convert the email body. Can be "pdf" or "png". Default is "png". + description: The file type to which to convert the email body. Can be "pdf" + or "png". Default is "png". isArray: false name: type required: false secret: false - - name: offline - auto: PREDEFINED - predefined: - - "true" - - "false" + - auto: PREDEFINED + default: false description: If "true", will block all outgoing communication. + isArray: false + name: offline + predefined: + - 'true' + - 'false' + required: false + secret: false + - default: false + defaultValue: email + description: The name the file will be saved as. + isArray: false + name: file_name + required: false + secret: false deprecated: false description: Converts the body of an email to an image file or a PDF file. execution: false @@ -125,19 +148,27 @@ script: required: true secret: false - default: false - description: The image width, for example, 600px. Specify with or without the px suffix. + defaultValue: 600px + description: The image width, for example, 600px. Specify with or without the + px suffix. isArray: false name: width required: false secret: false - defaultValue: "600px" - default: false - description: The image height, for example, 800px. If empty, the height is the entire image. + defaultValue: 800px + description: The image height, for example, 800px. If empty, the height is the + entire image. isArray: false name: height required: false secret: false - defaultValue: "800px" + - default: false + description: The name the file will be saved as. + isArray: false + name: file_name + required: false + secret: false deprecated: false description: Converts an image file to a PDF file. execution: false @@ -150,8 +181,8 @@ script: required: true secret: false - default: false + defaultValue: '3' description: The maximum number of pages to render. Default is "3". - defaultValue: "3" isArray: false name: maxPages required: false @@ -164,13 +195,22 @@ script: secret: false - auto: PREDEFINED default: false - description: Whether to stack the pages horizontally. If "true", will stack the pages horizontally. If "false", will stack the pages vertically. Default is "false". - defaultValue: "false" + defaultValue: 'false' + description: Whether to stack the pages horizontally. If "true", will stack + the pages horizontally. If "false", will stack the pages vertically. Default + is "false". isArray: false name: horizontal predefined: - - 'true' - - 'false' + - 'true' + - 'false' + required: false + secret: false + - default: false + defaultValue: image + description: The name the file will be saved as. + isArray: false + name: file_name required: false secret: false deprecated: false @@ -178,11 +218,15 @@ script: execution: false name: rasterize-pdf dockerimage: demisto/chromium:1.0.0.23161 + feed: false isfetch: false + longRunning: false + longRunningPort: false runonce: false - script: '' - type: python + script: '-' subtype: python3 + type: python defaultEnabled: true tests: - - Rasterize Test +- Rasterize Test +fromversion: 5.0.0 diff --git a/Packs/rasterize/ReleaseNotes/1_0_11.md b/Packs/rasterize/ReleaseNotes/1_0_11.md new file mode 100644 index 000000000000..47605ccce9bd --- /dev/null +++ b/Packs/rasterize/ReleaseNotes/1_0_11.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Rasterize +- Added the *file_name* argument in all the commands to have support for modifying the saved file name. diff --git a/Packs/rasterize/pack_metadata.json b/Packs/rasterize/pack_metadata.json index 29a8fe4ea1f4..1720f1a81ada 100644 --- a/Packs/rasterize/pack_metadata.json +++ b/Packs/rasterize/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Rasterize", "description": "Converts URLs, PDF files, and emails to an image file or PDF file.", "support": "xsoar", - "currentVersion": "1.0.10", + "currentVersion": "1.0.11", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", @@ -14,4 +14,4 @@ "useCases": [], "keywords": [], "dependencies": {} -} \ No newline at end of file +} From a61ff0bc4f6b054d7591bc40be559be6c6ccf975 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 24 Aug 2021 11:44:23 +0300 Subject: [PATCH 016/173] [Sixgill-195] dve bug (#14503) * [Sixgill-195] dve bug (#14499) * fixed tests * fixed tests * fixed tags * fixed tags * rn Co-authored-by: tamarsix <72441754+tamarsix@users.noreply.github.com> Co-authored-by: abaumgarten --- .../Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.py | 4 ++-- .../Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.yml | 2 +- Packs/Cybersixgill-DVE/ReleaseNotes/1_0_1.md | 5 +++++ Packs/Cybersixgill-DVE/pack_metadata.json | 2 +- 4 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 Packs/Cybersixgill-DVE/ReleaseNotes/1_0_1.md diff --git a/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.py b/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.py index 5287c9c4f402..ed9c018c650b 100644 --- a/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.py +++ b/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.py @@ -135,7 +135,7 @@ def stix_to_indicator(stix_obj, tags: list = [], tlp_color: Optional[str] = None if tlp_color: indicator["fields"]["trafficlightprotocol"] = str(tlp_color) if tags: - indicator["fields"]["tags"] = ",".join(list(set(tags))) + indicator["fields"]["tags"] = tags except Exception as err: err_msg = f'Error in {INTEGRATION_NAME} Integration [{err}]\nTrace:\n{traceback.format_exc()}' raise DemistoException(err_msg) @@ -151,7 +151,6 @@ def fetch_indicators_command( records = records.get("objects", []) for rec in records: if is_indicator(rec): - # if not rec.get("type", "") == "marking-definition": ind = stix_to_indicator(rec, tags, tlp_color) indicators_list.append(ind) if get_indicators_mode and len(indicators_list) == limit: @@ -188,6 +187,7 @@ def main(): FeedStream.DVEFEED, bulk_size=max_indicators, session=SESSION, + logger=demisto, verify=VERIFY ) command = demisto.command() diff --git a/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.yml b/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.yml index 7beb49a5f50b..0a3198ba6af0 100644 --- a/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.yml +++ b/Packs/Cybersixgill-DVE/Integrations/CybersixgillDVEFeed/CybersixgillDVEFeed.yml @@ -128,7 +128,7 @@ script: description: Fetching Sixgill DVE Feed indicators execution: false name: cybersixgill-get-indicators - dockerimage: demisto/sixgill:1.0.0.20925 + dockerimage: demisto/sixgill:1.0.0.23434 feed: true isfetch: false longRunning: false diff --git a/Packs/Cybersixgill-DVE/ReleaseNotes/1_0_1.md b/Packs/Cybersixgill-DVE/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..ba83e7cc4d00 --- /dev/null +++ b/Packs/Cybersixgill-DVE/ReleaseNotes/1_0_1.md @@ -0,0 +1,5 @@ + +#### Integrations +##### Cybersixgill DVE Feed Threat Intelligence v2 +- Fixed an issue where the **tags** integration parameters were not handled correctly. +- Updated the Docker image to: *demisto/sixgill:1.0.0.20925*. diff --git a/Packs/Cybersixgill-DVE/pack_metadata.json b/Packs/Cybersixgill-DVE/pack_metadata.json index 1951c74c65ae..7cf81b32edf7 100644 --- a/Packs/Cybersixgill-DVE/pack_metadata.json +++ b/Packs/Cybersixgill-DVE/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cybersixgill-DVE", "description": "Powered by the broadest automated collection from the deep and dark web, Cybersixgill’s Dynamic Vulnerability Exploit (DVE) Score is a feed of common known vulnerabilities, scored by their probability of getting exploited. The DVE Score feed enables Cortex XSOAR users to track threats from vulnerabilities that others define as irrelevant, but have a higher probability of being exploited. It is the only solution that predicts the immediate risks of a vulnerability based on threat actors’ intent. \n\nDVE Score is also the most comprehensive CVE enrichment solution on the market: Cortex XSOAR users gain unparalleled context and can accelerate threat response and decision making, effectively giving security teams a head start on vulnerability management. \n", "support": "partner", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "Cybersixgill", "url": "https://www.cybersixgill.com/", "email": "getstarted@cybersixgill.com", From 7a6158206c4b59799ebe617172c14e26969dbaaa Mon Sep 17 00:00:00 2001 From: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Date: Tue, 24 Aug 2021 12:43:10 +0300 Subject: [PATCH 017/173] metadata constants (#14466) * metadata constants * metadata constants * metadata constants * fix name * typo fix * typo fix --- Tests/Marketplace/marketplace_constants.py | 35 ++++++ Tests/Marketplace/marketplace_services.py | 134 ++++++++++----------- 2 files changed, 102 insertions(+), 67 deletions(-) diff --git a/Tests/Marketplace/marketplace_constants.py b/Tests/Marketplace/marketplace_constants.py index 12223008f103..d53aa179f72b 100644 --- a/Tests/Marketplace/marketplace_constants.py +++ b/Tests/Marketplace/marketplace_constants.py @@ -84,6 +84,41 @@ class Metadata(object): CURRENT_VERSION = 'currentVersion' SERVER_MIN_VERSION = 'serverMinVersion' HIDDEN = 'hidden' + NAME = 'name' + ID = 'id' + DESCRIPTION = 'description' + CREATED = 'created' + UPDATED = 'updated' + LEGACY = 'legacy' + SUPPORT = 'support' + SUPPORT_DETAILS = 'supportDetails' + EULA_LINK = 'eulaLink' + AUTHOR = 'author' + AUTHOR_IMAGE = 'authorImage' + CERTIFICATION = 'certification' + PRICE = 'price' + VERSION_INFO = 'versionInfo' + COMMIT = 'commit' + DOWNLOADS = 'downloads' + TAGS = 'tags' + CATEGORIES = 'categories' + CONTENT_ITEMS = 'contentItems' + SEARCH_RANK = 'searchRank' + INTEGRATIONS = 'integrations' + USE_CASES = 'useCases' + KEY_WORDS = 'keywords' + DEPENDENCIES = 'dependencies' + PREMIUM = 'premium' + VERNDOR_ID = 'vendorId' + PARTNER_ID = 'partnerId' + PARTNER_NAME = 'partnerName' + CONTENT_COMMIT_HASH = 'contentCommitHash' + PREVIEW_ONLY = 'previewOnly' + MANDATORY = 'mandatory' + + DISPLAYED_IMAGES = 'displayedImages' + EMAIL = 'email' + URL = 'url' class PackFolders(enum.Enum): diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index 67c26b7a20e4..42263b85fefb 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -568,42 +568,42 @@ def _parse_pack_metadata(self, build_number, commit_hash): """ pack_metadata = { - 'name': self._display_name or self._pack_name, - 'id': self._pack_name, - 'description': self._description or self._pack_name, - 'created': self._create_date, - 'updated': self._update_date, - 'legacy': self._legacy, - 'support': self._support_type, - 'supportDetails': self._support_details, - 'eulaLink': self.eula_link, - 'author': self._author, - 'authorImage': self._author_image, - 'certification': self._certification, - 'price': self._price, + Metadata.NAME: self._display_name or self._pack_name, + Metadata.ID: self._pack_name, + Metadata.DESCRIPTION: self._description or self._pack_name, + Metadata.CREATED: self._create_date, + Metadata.UPDATED: self._update_date, + Metadata.LEGACY: self._legacy, + Metadata.SUPPORT: self._support_type, + Metadata.SUPPORT_DETAILS: self._support_details, + Metadata.EULA_LINK: self.eula_link, + Metadata.AUTHOR: self._author, + Metadata.AUTHOR_IMAGE: self._author_image, + Metadata.CERTIFICATION: self._certification, + Metadata.PRICE: self._price, Metadata.SERVER_MIN_VERSION: self.user_metadata.get(Metadata.SERVER_MIN_VERSION) or self.server_min_version, Metadata.CURRENT_VERSION: self.user_metadata.get(Metadata.CURRENT_VERSION, ''), - 'versionInfo': build_number, - 'commit': commit_hash, - 'downloads': self._downloads_count, - 'tags': list(self._tags), - 'categories': self._categories, - 'contentItems': self._content_items, - 'searchRank': self._search_rank, - 'integrations': self._related_integration_images, - 'useCases': self._use_cases, - 'keywords': self._keywords, - 'dependencies': self._dependencies + Metadata.VERSION_INFO: build_number, + Metadata.COMMIT: commit_hash, + Metadata.DOWNLOADS: self._downloads_count, + Metadata.TAGS: list(self._tags), + Metadata.CATEGORIES: self._categories, + Metadata.CONTENT_ITEMS: self._content_items, + Metadata.SEARCH_RANK: self._search_rank, + Metadata.INTEGRATIONS: self._related_integration_images, + Metadata.USE_CASES: self._use_cases, + Metadata.KEY_WORDS: self._keywords, + Metadata.DEPENDENCIES: self._dependencies } if self._is_private_pack: pack_metadata.update({ - 'premium': self._is_premium, - 'vendorId': self._vendor_id, - 'partnerId': self._partner_id, - 'partnerName': self._partner_name, - 'contentCommitHash': self._content_commit_hash, - 'previewOnly': self._preview_only + Metadata.PREMIUM: self._is_premium, + Metadata.VENDOR_ID: self._vendor_id, + Metadata.PARTNER_ID: self._partner_id, + Metadata.PARTNER_NAME: self._partner_name, + Metadata.CONTENT_COMMIT_HASH: self._content_commit_hash, + Metadata.PREVIEW_ONLY: self._preview_only }) return pack_metadata @@ -620,8 +620,8 @@ def _load_pack_dependencies(self, index_folder_path, pack_names): """ dependencies_data_result = {} - first_level_dependencies = self.user_metadata.get('dependencies', {}) - all_level_displayed_dependencies = self.user_metadata.get('displayedImages', []) + first_level_dependencies = self.user_metadata.get(Metadata.DEPENDENCIES, {}) + all_level_displayed_dependencies = self.user_metadata.get(Metadata.DISPLAYED_IMAGES, []) dependencies_ids = {d for d in first_level_dependencies.keys()} dependencies_ids.update(all_level_displayed_dependencies) @@ -931,7 +931,7 @@ def detect_modified(self, content_repo, index_folder_path, current_commit_hash, with open(pack_index_metadata_path, 'r') as metadata_file: downloaded_metadata = json.load(metadata_file) - previous_commit_hash = downloaded_metadata.get('commit', previous_commit_hash) + previous_commit_hash = downloaded_metadata.get(Metadata.COMMIT, previous_commit_hash) # set 2 commits by hash value in order to check the modified files of the diff current_commit = content_repo.commit(current_commit_hash) previous_commit = content_repo.commit(previous_commit_hash) @@ -1671,13 +1671,13 @@ def load_user_metadata(self): # part of old packs are initialized with empty list user_metadata = {} if isinstance(user_metadata, list) else user_metadata # store important user metadata fields - self.support_type = user_metadata.get('support', Metadata.XSOAR_SUPPORT) + self.support_type = user_metadata.get(Metadata.SUPPORT, Metadata.XSOAR_SUPPORT) self.current_version = user_metadata.get(Metadata.CURRENT_VERSION, '') self.hidden = user_metadata.get(Metadata.HIDDEN, False) - self.description = user_metadata.get('description', False) - self.display_name = user_metadata.get('name', '') + self.description = user_metadata.get(Metadata.DESCRIPTION, False) + self.display_name = user_metadata.get(Metadata.NAME, '') self._user_metadata = user_metadata - self.eula_link = user_metadata.get('eulaLink', Metadata.EULA_URL) + self.eula_link = user_metadata.get(Metadata.EULA_LINK, Metadata.EULA_URL) logging.info(f"Finished loading {self._pack_name} pack user metadata") task_status = True @@ -1723,41 +1723,41 @@ def _enhance_pack_attributes(self, index_folder_path, pack_was_modified, """ landing_page_sections = mp_statistics.StatisticsHandler.get_landing_page_sections() - displayed_dependencies = self.user_metadata.get('displayedImages', []) + displayed_dependencies = self.user_metadata.get(Metadata.DISPLAYED_IMAGES, []) trending_packs = None pack_dependencies_by_download_count = displayed_dependencies if not format_dependencies_only: # ===== Pack Regular Attributes ===== - self._support_type = self.user_metadata.get('support', Metadata.XSOAR_SUPPORT) + self._support_type = self.user_metadata.get(Metadata.SUPPORT, Metadata.XSOAR_SUPPORT) self._support_details = self._create_support_section( - support_type=self._support_type, support_url=self.user_metadata.get('url'), - support_email=self.user_metadata.get('email') + support_type=self._support_type, support_url=self.user_metadata.get(Metadata.URL), + support_email=self.user_metadata.get(Metadata.EMAIL) ) self._author = self._get_author( - support_type=self._support_type, author=self.user_metadata.get('author', '')) + support_type=self._support_type, author=self.user_metadata.get(Metadata.AUTHOR, '')) self._certification = self._get_certification( - support_type=self._support_type, certification=self.user_metadata.get('certification') + support_type=self._support_type, certification=self.user_metadata.get(Metadata.CERTIFICATION) ) - self._legacy = self.user_metadata.get('legacy', True) + self._legacy = self.user_metadata.get(Metadata.LEGACY, True) self._create_date = self._get_pack_creation_date(index_folder_path) self._update_date = self._get_pack_update_date(index_folder_path, pack_was_modified) - self._use_cases = input_to_list(input_data=self.user_metadata.get('useCases'), capitalize_input=True) - self._categories = input_to_list(input_data=self.user_metadata.get('categories'), capitalize_input=True) - self._keywords = input_to_list(self.user_metadata.get('keywords')) + self._use_cases = input_to_list(input_data=self.user_metadata.get(Metadata.USE_CASES), capitalize_input=True) + self._categories = input_to_list(input_data=self.user_metadata.get(Metadata.CATEGORIES), capitalize_input=True) + self._keywords = input_to_list(self.user_metadata.get(Metadata.KEY_WORDS)) self._dependencies = self._parse_pack_dependencies( - self.user_metadata.get('dependencies', {}), dependencies_data) + self.user_metadata.get(Metadata.DEPENDENCIES, {}), dependencies_data) # ===== Pack Private Attributes ===== if not format_dependencies_only: - self._is_private_pack = 'partnerId' in self.user_metadata + self._is_private_pack = Metadata.PARTNER_ID in self.user_metadata self._is_premium = self._is_private_pack - self._preview_only = get_valid_bool(self.user_metadata.get('previewOnly', False)) + self._preview_only = get_valid_bool(self.user_metadata.get(Metadata.PREVIEW_ONLY, False)) self._price = convert_price(pack_id=self._pack_name, price_value_input=self.user_metadata.get('price')) if self._is_private_pack: - self._vendor_id = self.user_metadata.get('vendorId', "") - self._partner_id = self.user_metadata.get('partnerId', "") - self._partner_name = self.user_metadata.get('partnerName', "") - self._content_commit_hash = self.user_metadata.get('contentCommitHash', "") + self._vendor_id = self.user_metadata.get(Metadata.VERNDOR_ID, "") + self._partner_id = self.user_metadata.get(Metadata.PARTNER_ID, "") + self._partner_name = self.user_metadata.get(Metadata.PARTNER_NAME, "") + self._content_commit_hash = self.user_metadata.get(Metadata.CONTENT_COMMIT_HASH, "") # Currently all content packs are legacy. # Since premium packs cannot be legacy, we directly set this attribute to false. self._legacy = False @@ -1804,9 +1804,9 @@ def format_metadata(self, index_folder_path, packs_dependencies_mapping, build_n try: self.set_pack_dependencies(packs_dependencies_mapping) - if 'displayedImages' not in self.user_metadata: - self._user_metadata['displayedImages'] = packs_dependencies_mapping.get( - self._pack_name, {}).get('displayedImages', []) + if Metadata.DISPLAYED_IMAGES not in self.user_metadata: + self._user_metadata[Metadata.DISPLAYED_IMAGES] = packs_dependencies_mapping.get( + self._pack_name, {}).get(Metadata.DISPLAYED_IMAGES, []) logging.info(f"Adding auto generated display images for {self._pack_name} pack") dependencies_data, is_missing_dependencies = \ self._load_pack_dependencies(index_folder_path, pack_names) @@ -1859,10 +1859,10 @@ def _calculate_pack_creation_date(pack_name, index_folder_path): metadata = load_json(os.path.join(index_folder_path, pack_name, Pack.METADATA)) if metadata: - if metadata.get('created'): - created_time = metadata.get('created') + if metadata.get(Metadata.CREATED): + created_time = metadata.get(Metadata.CREATED) else: - raise Exception(f'The metadata file of the {pack_name} pack does not contain "created" time') + raise Exception(f'The metadata file of the {pack_name} pack does not contain "{Metadata.CREATED}" time') return created_time @@ -1885,23 +1885,23 @@ def _get_pack_update_date(self, index_folder_path, pack_was_modified): return latest_changelog_released_date def set_pack_dependencies(self, packs_dependencies_mapping): - pack_dependencies = packs_dependencies_mapping.get(self._pack_name, {}).get('dependencies', {}) - if 'dependencies' not in self.user_metadata: - self._user_metadata['dependencies'] = {} + pack_dependencies = packs_dependencies_mapping.get(self._pack_name, {}).get(Metadata.DEPENDENCIES, {}) + if Metadata.DEPENDENCIES not in self.user_metadata: + self._user_metadata[Metadata.DEPENDENCIES] = {} # If it is a core pack, check that no new mandatory packs (that are not core packs) were added # They can be overridden in the user metadata to be not mandatory so we need to check there as well if self._pack_name in GCPConfig.CORE_PACKS_LIST: mandatory_dependencies = [k for k, v in pack_dependencies.items() - if v.get('mandatory', False) is True + if v.get(Metadata.MANDATORY, False) is True and k not in GCPConfig.CORE_PACKS_LIST - and k not in self.user_metadata['dependencies'].keys()] + and k not in self.user_metadata[Metadata.DEPENDENCIES].keys()] if mandatory_dependencies: raise Exception(f'New mandatory dependencies {mandatory_dependencies} were ' f'found in the core pack {self._pack_name}') - pack_dependencies.update(self.user_metadata['dependencies']) - self._user_metadata['dependencies'] = pack_dependencies + pack_dependencies.update(self.user_metadata[Metadata.DEPENDENCIES]) + self._user_metadata[Metadata.DEPENDENCIES] = pack_dependencies def prepare_for_index_upload(self): """ Removes and leaves only necessary files in pack folder. From 63e82be8f7903038b2efbc20dfa419a245eb434d Mon Sep 17 00:00:00 2001 From: Raz Weinstock <79846533+PA-Rweins@users.noreply.github.com> Date: Tue, 24 Aug 2021 12:43:57 +0300 Subject: [PATCH 018/173] Zip content packs step optimization (#12770) * Testing download packs from gcs * Deleting Skip Zip content packs so it can be tested * Changed file download to gsutil * Fixed bucket path * Fixed gsutil flag * Added dest path prints * Old download * Different url * Changed gcp path * Changed gcp path * Created a bash script for gcp command * Rerun * Added newline * Changed path and error message * Added shell statement to file * Added prints * Changed os.walk * Changed zip path * Changed gcp path * Changed gcp path * added prints * print entries * print entries * print entries * print entries * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * prints subprocess * Changed set and added exception handler * removed unnecessary mkdir * print path of pack * test * test * fixes * fixes * fixes * fixes * testing old step * checks and prints * checks and prints * Added copy to other dir * Added some comments * removed script communication * Added testing, changed parameters to general build * Added docstring to tests * Fixed flake8 issues * Added packs list print - will be removed * Removed print * Added dir entries print * Added check for circle_build * Added src and dest path prints * Added src path prints and check_output * Added src path prints and check_output * Removed trailing / * Fixed zip path * Added storage_base_path, bucket_name args. Removed prints, added logging. Added try except clause. * Added missing arguments * Moved to upload flow only * Removed skip for non master branches - testing * Moved sys.exit(1) to end of script, refactored search in blobs. * Updated comment * Fixed tests * Added looseversion * Added master check back * Removed unnecessary bash script. * Fixed PR comments * Changed copy to artifacts to use the script's arguement * Added gitlab support * Testing gitlab's upload * Added check back * Fixed readme error * Added back the upload check * Fixed some todos * Added todos * Moved download to job * Fixed tests * Todo * removing conditions for testing * Added needed conditions * Removed todo and added env var * Changed packs src * Removed conditions * Updated sbp when bucket is dist-dev * Changed to default storage_base_path * Removed unnecessary conditions * updated path * Sharing variable between steps * Added step to bucket-upload.yml * Fixed flake8 issues * commented out failing tests - for testing gitlab flow * Fixed problem in unittest * Fixed problem in unittest * Changed bucket condition name * Fixed yml file * Removed unnecessary packs dir * Added echo * Added default storage_base_path value * Fixed yml structure * Fixing yml structure * test * Revert "test" This reverts commit a340bfce * Removed run validations * Changed upload-to-marketplace rules * Added gcloud login * Added rule back, removed private zip folder creation * Removed run validations * Added requirement back * Added run validations back --- .circleci/config.yml | 28 ++-- .gitlab/ci/bucket-upload.yml | 19 +++ .gitlab/ci/on-push.yml | 10 -- Tests/Marketplace/Tests/zip_packs_test.py | 152 +++++++++++------ Tests/Marketplace/zip_packs.py | 191 ++++++++-------------- 5 files changed, 209 insertions(+), 191 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index f3eeb6d189ce..59a92554e096 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -853,17 +853,6 @@ jobs: exit 0 fi ./Tests/scripts/prepare_content_packs_for_testing.sh "$GCS_MARKET_BUCKET" - - run: - name: Zip Content Packs From GCS - command: | - if [[ $CIRCLE_BRANCH != master ]] && [[ $CIRCLE_BRANCH != 20\.* ]] && [[ $CIRCLE_BRANCH != 21\.* ]]; then - echo "Skipping packs download to artifact on non master or release branch" - exit 0 - fi - - ZIP_FOLDER=$(mktemp -d) - python3 ./Tests/Marketplace/zip_packs.py -b 'marketplace-dist' -z $ZIP_FOLDER -a $CIRCLE_ARTIFACTS -s $GCS_MARKET_KEY - when: always - run: name: Store Artifacts to GCS command: ./Tests/scripts/upload_artifacts.sh @@ -1256,6 +1245,23 @@ jobs: fi python3 ./Tests/Marketplace/copy_and_upload_packs.py -a $PACK_ARTIFACTS -e $EXTRACT_FOLDER -pb "$GCS_MARKET_BUCKET" -bb "$GCS_BUILD_BUCKET" -s $GCS_MARKET_KEY -n $CI_PIPELINE_ID -c $CIRCLE_BRANCH -pbp "$STORAGE_BASE_PATH" + - run: + name: Download packs from GCP + command: | + if [[ $GCS_MARKET_BUCKET != "marketplace-dist" ]]; then + STORAGE_BASE_PATH="upload-flow/builds/$CIRCLE_BRANCH/$CI_PIPELINE_ID/content/packs" + fi + + PACKS_SRC="gs://$GCS_MARKET_BUCKET/$STORAGE_BASE_PATH" + ZIP_FOLDER=$(mktemp -d) + echo "export ZIP_FOLDER=$ZIP_FOLDER" >> $BASH_ENV + gsutil -m cp -r $PACKS_SRC $ZIP_FOLDER + when: always + - run: + name: Zip Content Packs From GCS + command: | + python3 ./Tests/Marketplace/zip_packs.py -z $ZIP_FOLDER -a $CIRCLE_ARTIFACTS -s $GCS_MARKET_KEY + when: always - run: name: Validate Premium Packs shell: /bin/bash diff --git a/.gitlab/ci/bucket-upload.yml b/.gitlab/ci/bucket-upload.yml index e2e904a98e42..95ccebf02ad2 100644 --- a/.gitlab/ci/bucket-upload.yml +++ b/.gitlab/ci/bucket-upload.yml @@ -152,6 +152,25 @@ upload-packs-to-marketplace: python3 ./Tests/Marketplace/copy_and_upload_packs.py -a $PACK_ARTIFACTS -e $EXTRACT_FOLDER -pb "$GCS_MARKET_BUCKET" -bb "$GCS_BUILD_BUCKET" -s $GCS_MARKET_KEY -n $CI_PIPELINE_ID -c $CI_COMMIT_BRANCH -pbp "$STORAGE_BASE_PATH" fi - section_end "Upload Packs To Marketplace Storage" + - section_start "Download packs from GCP" + - | + if [[ $GCS_MARKET_BUCKET != $GCS_PRODUCTION_BUCKET ]]; then + STORAGE_BASE_PATH="upload-flow/builds/$CI_COMMIT_BRANCH/$CI_PIPELINE_ID/content/packs" + else + STORAGE_BASE_PATH="content/packs" + fi + PACKS_SRC="gs://$GCS_MARKET_BUCKET/$STORAGE_BASE_PATH" + ZIP_FOLDER=$(mktemp -d) + gcloud auth activate-service-account --key-file="$GCS_MARKET_KEY" >> $ARTIFACTS_FOLDER/logs/auth.out + echo "successfully activated google cloud service account" + gsutil -m cp -r $PACKS_SRC $ZIP_FOLDER + echo "successfully downloaded index.zip" + gcloud auth revoke $GCS_ARTIFACTS_ACCOUNT_NAME + - section_end "Download packs from GCP" + - section_start "Zip Content Packs From GCS" + - | + python3 ./Tests/Marketplace/zip_packs.py -z $ZIP_FOLDER -a $ARTIFACTS_FOLDER -s $GCS_MARKET_KEY + - section_end "Zip Content Packs From GCS" - section_start "Validate Premium Packs" - | if [[ "$CI_COMMIT_BRANCH" == "master" ]] || [[ $GCS_MARKET_BUCKET != $GCS_PRODUCTION_BUCKET ]]; then diff --git a/.gitlab/ci/on-push.yml b/.gitlab/ci/on-push.yml index a4e03ab8cef6..1c844c31164d 100644 --- a/.gitlab/ci/on-push.yml +++ b/.gitlab/ci/on-push.yml @@ -85,16 +85,6 @@ create-instances: - section_start "Prepare Content Packs for Testing" - ./Tests/scripts/prepare_content_packs_for_testing.sh "$GCS_MARKET_BUCKET" - section_end "Prepare Content Packs for Testing" - - section_start "Zip Marketplace Packs" - - | - if [[ $CI_COMMIT_BRANCH != master ]] && [[ $CI_COMMIT_BRANCH != 21\.* ]] && [[ $CI_COMMIT_BRANCH != 22\.* ]]; then - echo "Skipping packs download to artifact on branch that is not master or a release branch" - echo "CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH" - else - ZIP_FOLDER=$(mktemp -d) - python3 ./Tests/Marketplace/zip_packs.py -b 'marketplace-dist' -z $ZIP_FOLDER -a $ARTIFACTS_FOLDER -s $GCS_MARKET_KEY - fi - - section_end "Zip Marketplace Packs" - section_start "Create Instances" - | [ -n "${TIME_TO_LIVE}" ] && TTL=${TIME_TO_LIVE} || TTL=300 diff --git a/Tests/Marketplace/Tests/zip_packs_test.py b/Tests/Marketplace/Tests/zip_packs_test.py index 37d5071bec36..8451d075d6b4 100644 --- a/Tests/Marketplace/Tests/zip_packs_test.py +++ b/Tests/Marketplace/Tests/zip_packs_test.py @@ -1,31 +1,24 @@ -from Tests.Marketplace.zip_packs import download_packs_from_gcp, get_latest_pack_zip_from_blob, zip_packs,\ - remove_test_playbooks_if_exist, remove_test_playbooks_from_signatures +import pytest + +from Tests.Marketplace.zip_packs import get_latest_pack_zip_from_pack_files, zip_packs,\ + remove_test_playbooks_if_exist, remove_test_playbooks_from_signatures, get_zipped_packs_names,\ + copy_zipped_packs_to_artifacts class TestZipPacks: - class FakeBlob: - def __init__(self, name): - self.name = name - - def download_to_filename(self, dest): - pass - - class FakeDirEntry: - def __init__(self, name, path): - self.name = name - self.path = path - - class FakeBucket: - @staticmethod - def list_blobs(prefix): - return TestZipPacks.BLOBS - - BLOBS = [ - FakeBlob('content/packs/Slack/1.0.0/Slack.zip'), - FakeBlob('content/packs/Slack/1.0.1/Slack.zip'), - FakeBlob('content/packs/SlackSheker/2.0.0/SlackSheker.zip'), - FakeBlob('content/packs/Slack/Slack.png'), - FakeBlob('content/packs/SlackSheker/SlackSheker.png') + BLOB_NAMES = [ + 'content/packs/Slack/1.0.0/Slack.zip', + 'content/packs/Slack/1.0.2/Slack.zip', + 'content/packs/Slack/1.0.1/Slack.zip', + 'content/packs/SlackSheker/2.0.0/SlackSheker.zip', + 'content/packs/Slack/Slack.png', + 'content/packs/SlackSheker/SlackSheker.png' + ] + + BLOB_NAMES_NO_ZIP = [ + 'content/packs/SlackSheker/2.0.0/SlackSheker.zip', + 'content/packs/Slack/Slack.png', + 'content/packs/SlackSheker/SlackSheker.png' ] def test_get_latest_pack_zip_from_blob(self): @@ -40,40 +33,101 @@ def test_get_latest_pack_zip_from_blob(self): Return the correct pack zip blob """ - blob = get_latest_pack_zip_from_blob('Slack', TestZipPacks.BLOBS) - - assert blob.name == 'content/packs/Slack/1.0.1/Slack.zip' + blob_name = get_latest_pack_zip_from_pack_files('Slack', TestZipPacks.BLOB_NAMES) + assert blob_name == 'content/packs/Slack/1.0.2/Slack.zip' - def test_download_packs_from_gcp(self, mocker): - from Tests.Marketplace import zip_packs + def test_get_zipped_packs_name(self, mocker): """ Given: - Packs in the content repo and a GCP bucket - + Some general path information of the packs and the build When: - Downloading the packs from the bucket + There is a valid pack which should be stored in the created dictionary + Then: + Create a dict which has one dictionary of the found pack + """ + from Tests.Marketplace import zip_packs + list_dir_result = ['Slack', 'ApiModules', 'python_file.py'] + pack_files = TestZipPacks.BLOB_NAMES + mocker.patch.object(zip_packs, 'get_files_in_dir', return_value=pack_files) + mocker.patch('os.listdir', return_value=list_dir_result) + mocker.patch('os.path.isdir', return_value=True) + zipped_packs = get_zipped_packs_names('content') + + assert zipped_packs == {'Slack': 'content/packs/Slack/1.0.2/Slack.zip'} + def test_get_zipped_packs_name_no_zipped_packs(self, mocker): + """ + Given: + Some general path information of the packs and the build + When: + There are no valid packs in the packs directory Then: - Download the packs correctly + exit since no packs were found + """ + with pytest.raises(Exception): + from Tests.Marketplace import zip_packs + list_dir_result = ['ApiModules', 'python_file.py'] + pack_files = TestZipPacks.BLOB_NAMES + mocker.patch.object(zip_packs, 'get_files_in_dir', return_value=pack_files) + mocker.patch('os.listdir', return_value=list_dir_result) + mocker.patch('os.path.isdir', return_value=True) + get_zipped_packs_names('content') + + def test_get_zipped_packs_name_no_latest_zip(self, mocker): """ - packs = [ - TestZipPacks.FakeDirEntry('Slack', 'Packs/Slack'), - TestZipPacks.FakeDirEntry('SlackFake', 'Packs/SlackFake'), - TestZipPacks.FakeDirEntry('ApiModules', 'Packs/ApiModules'), - ] + Given: + Some general path information of the packs and the build + When: + There are is one valid pack but it has no valid zip files + Then: + exit since no zipped packs were found + """ + with pytest.raises(Exception): + from Tests.Marketplace import zip_packs + list_dir_result = ['Slack', 'ApiModules', 'python_file.py'] + pack_files = TestZipPacks.BLOB_NAMES_NO_ZIP + mocker.patch.object(zip_packs, 'get_files_in_dir', return_value=pack_files) + mocker.patch('os.listdir', return_value=list_dir_result) + mocker.patch('os.path.isdir', return_value=True) + get_zipped_packs_names('content') + + def test_copy_zipped_packs_to_artifacts(self, mocker): + """ + Given: + A dict containing information about a single pack + When: + The information is valid + Then: + make a single call to the copy function + """ + import shutil + zipped_packs = {'Slack': 'content/packs/Slack/1.0.1/Slack.zip'} + artifacts_path = 'dummy_path' + mocker.patch.object(shutil, 'copy', side_effect=None) + mocker.patch('os.path.exists', return_value=True) - bucket = TestZipPacks.FakeBucket() + copy_zipped_packs_to_artifacts(zipped_packs, artifacts_path) - mocker.patch('os.scandir', return_value=packs) - mocker.patch.object(bucket, 'list_blobs', side_effect=TestZipPacks.FakeBucket.list_blobs) - mocker.patch.object(zip_packs, 'executor_submit') + assert shutil.copy.call_count == 1 + + def test_copy_zipped_packs_to_artifacts_no_zipped_packs(self, mocker): + """ + Given: + A dict containing no information about packs + When: + There are no packs to copy + Then: + make no calls to the copy function + """ + import shutil + zipped_packs = {} + artifacts_path = 'dummy_path' + mocker.patch.object(shutil, 'copy', side_effect=None) + mocker.patch('os.path.exists', return_value=True) - zipped_packs = download_packs_from_gcp(bucket, zip_packs.BUILD_GCP_PATH, 'path', '', '') + copy_zipped_packs_to_artifacts(zipped_packs, artifacts_path) - assert bucket.list_blobs.call_count == 2 - assert zip_packs.executor_submit.call_count == 1 - assert zip_packs.executor_submit.call_args[0][1] == 'path/Slack.zip' - assert zipped_packs == [{'Slack': 'path/Slack.zip'}] + assert shutil.copy.call_count == 0 def test_zip_packs(self, mocker): """ @@ -91,7 +145,7 @@ def test_zip_packs(self, mocker): mocker.patch.object(ZipFile, '__init__', return_value=None) mocker.patch.object(ZipFile, 'write') mocker.patch.object(ZipFile, 'close') - packs = [{'Slack': 'path/Slack.zip'}] + packs = {'Slack': 'path/Slack.zip'} zip_packs(packs, 'oklol') diff --git a/Tests/Marketplace/zip_packs.py b/Tests/Marketplace/zip_packs.py index 13ed24e9761d..7eaf232b2580 100644 --- a/Tests/Marketplace/zip_packs.py +++ b/Tests/Marketplace/zip_packs.py @@ -1,20 +1,16 @@ import argparse import json import os -from concurrent.futures import ThreadPoolExecutor import shutil import sys import logging -from time import sleep from zipfile import ZipFile -from Tests.Marketplace.marketplace_services import init_storage_client from Tests.Marketplace.marketplace_constants import IGNORED_FILES, PACKS_FULL_PATH from Tests.scripts.utils.log_util import install_logging -from demisto_sdk.commands.common.tools import LooseVersion, str2bool +from demisto_sdk.commands.common.tools import LooseVersion, str2bool, get_files_in_dir +from pathlib import Path ARTIFACT_NAME = 'content_marketplace_packs.zip' -MAX_THREADS = 4 -BUILD_GCP_PATH = 'content/builds' def option_handler(): @@ -28,12 +24,7 @@ def option_handler(): # disable-secrets-detection-start parser.add_argument('-a', '--artifacts_path', help="Path of the CircleCI artifacts to save the zip file in", required=False) - parser.add_argument('-gp', '--gcp_path', help="Path of the content packs in the GCP bucket", - required=False) parser.add_argument('-z', '--zip_path', help="Full path of folder to zip packs in", required=True) - parser.add_argument('-b', '--bucket_name', help="Storage bucket name", required=True) - parser.add_argument('-br', '--branch_name', help="Name of the branch", required=False) - parser.add_argument('-n', '--circle_build', help="Number of the circle build", required=False) parser.add_argument('-s', '--service_account', help=("Path to gcloud service account, is for circleCI usage. " "For local development use your personal account and " @@ -45,25 +36,21 @@ def option_handler(): parser.add_argument('-pvt', '--private', type=str2bool, help='Indicates if the tools is running ' 'on a private build.', required=False, default=False) - parser.add_argument('-rt', '--remove_test_playbooks', type=str2bool, - help='Whether to remove test playbooks from content packs or not.', default=True) return parser.parse_args() -def zip_packs(packs, destination_path): +def zip_packs(zipped_packs, destination_path): """ Zips packs to a provided path. Args: - packs: The packs to zip + zipped_packs: A dictionary containing pack name as key and it's latest zip path as value destination_path: The destination path to zip the packs in. """ - with ZipFile(os.path.join(destination_path, ARTIFACT_NAME), mode='w') as zf: - for zip_pack in packs: - for name, path in zip_pack.items(): - logging.info(f'Adding {name} to the zip file') - zf.write(path, f'{name}.zip') + for key, value in zipped_packs.items(): + logging.info(f'Adding {key} to the zip file') + zf.write(value, f'{key}.zip') def remove_test_playbooks_if_exist(zips_path, packs): @@ -82,15 +69,14 @@ def remove_test_playbooks_if_exist(zips_path, packs): if 'TestPlaybooks' in dir_names: remove = True logging.info(f'Removing TestPlaybooks from the pack {name}') - new_path = os.path.join(zips_path, name) - os.mkdir(new_path) - pack_zip.extractall(path=new_path, + pack_path = os.path.join(zips_path, name) + pack_zip.extractall(path=pack_path, members=(member for member in zip_contents if 'TestPlaybooks' not in member)) - remove_test_playbooks_from_signatures(new_path, zip_contents) + remove_test_playbooks_from_signatures(pack_path, zip_contents) if remove: # Remove the current pack zip os.remove(path) - shutil.make_archive(new_path, 'zip', new_path) + shutil.make_archive(pack_path, 'zip', pack_path) def remove_test_playbooks_from_signatures(path, filenames): @@ -114,63 +100,49 @@ def remove_test_playbooks_from_signatures(path, filenames): logging.warning(f'Could not find signatures in the pack {os.path.basename(os.path.dirname(path))}') -def download_packs_from_gcp(storage_bucket, gcp_path, destination_path, circle_build, branch_name): +def get_zipped_packs_names(zip_path): """ - Iterates over the Packs directory in the content repository and downloads each pack (if found) from a GCP bucket - in parallel. + Creates a list of dictionaries containing a pack name as key and the latest zip file path of the pack as value. Args: - storage_bucket: The GCP bucket to download from. - gcp_path: The path of the packs in the GCP bucket. - destination_path: The path to download the packs to. - branch_name: The branch name of the build. - circle_build: The number of the circle ci build. - + zip_path: path containing all the packs copied from the storage bucket Returns: - zipped_packs: A list of the downloaded packs paths and their corresponding pack names. + A dictionary containing each pack name and it's zip path. + {'Slack': 'content/packs/slack/1.3.19/slack.zip', 'qualys': 'content/packs/qualys/2.0/qualys.zip'} """ - zipped_packs = [] - with ThreadPoolExecutor(max_workers=MAX_THREADS) as executor: - for pack in os.scandir(PACKS_FULL_PATH): # Get all the pack names - if pack.name in IGNORED_FILES: + zipped_packs = {} + zip_path = os.path.join(zip_path, 'packs') # directory of the packs + + dir_entries = os.listdir(zip_path) + packs_list = [pack.name for pack in os.scandir(PACKS_FULL_PATH)] # list of all packs from repo + + for entry in dir_entries: + entry_path = os.path.join(zip_path, entry) + if entry not in IGNORED_FILES and entry in packs_list and os.path.isdir(entry_path): + # This is a pack directory, should keep only most recent release zip + pack_files = get_files_in_dir(entry_path, ['zip']) + latest_zip = get_latest_pack_zip_from_pack_files(entry, pack_files) + if not latest_zip: + logging.warning(f'Failed to get the zip of the pack {entry} from GCP') continue - - if gcp_path == BUILD_GCP_PATH: - pack_prefix = os.path.join(gcp_path, branch_name, circle_build, 'content', 'packs', pack.name) - else: - pack_prefix = os.path.join(gcp_path, branch_name, circle_build, pack.name) - - if not branch_name or not circle_build: - pack_prefix = pack_prefix.replace('/builds/content', '') - - # Search for the pack in the bucket - blobs = list(storage_bucket.list_blobs(prefix=pack_prefix)) - if blobs: - blob = get_latest_pack_zip_from_blob(pack.name, blobs) - if not blob: - logging.warning(f'Failed to get the zip of the pack {pack.name} from GCP') - continue - download_path = os.path.join(destination_path, f"{pack.name}.zip") - zipped_packs.append({pack.name: download_path}) - logging.info(f'Downloading pack from GCP: {pack.name}') - executor_submit(executor, download_path, blob) - sleep(1) - if os.path.exists('/home/runner/work/content-private/content-private/content/artifacts/'): - logging.info(f"Copying pack from {download_path} to /home/runner/work/content-private/" - f"content-private/content/artifacts/packs/{pack.name}.zip") - shutil.copy(download_path, - f'/home/runner/work/content-private/content-private/content/artifacts/' - f'packs/{pack.name}.zip') - else: - logging.warning(f'Did not find a pack to download with the prefix: {pack_prefix}') + logging.info(f"Found latest zip of {entry}, which is {latest_zip}") + zipped_packs[Path(latest_zip).stem] = latest_zip if not zipped_packs: - logging.critical('Did not find any pack to download from GCP.') - sys.exit(1) + raise Exception('No zip files were found') return zipped_packs -def executor_submit(executor, download_path, blob): - executor.submit(blob.download_to_filename, download_path) +def copy_zipped_packs_to_artifacts(zipped_packs, artifacts_path): + """ + Copies zip files if needed + Args: + zipped_packs: A dictionary containing pack name as key and it's latest zip path as value + artifacts_path: Path of the artifacts folder + """ + if os.path.exists(artifacts_path): + for key, value in zipped_packs.items(): + logging.info(f"Copying pack from {value} to {artifacts_path}/packs/{key}.zip") + shutil.copy(value, f'{artifacts_path}/packs/{key}.zip') def cleanup(destination_path): @@ -187,73 +159,48 @@ def cleanup(destination_path): os.remove(file_) -def get_latest_pack_zip_from_blob(pack, blobs): +def get_latest_pack_zip_from_pack_files(pack, pack_files): """ Returns the latest zip of a pack from a list of blobs. Args: pack: The pack name - blobs: The blob list - + pack_files: A list of string which are paths of the pack's files Returns: - blob: The zip blob of the pack with the latest version. + latest_zip_path: The zip path of the pack with the latest version. """ - blob = None - blobs = [b for b in blobs if os.path.splitext(os.path.basename(b.name))[0] == pack and b.name.endswith('.zip')] - if blobs: - blobs = sorted(blobs, key=lambda b: LooseVersion(os.path.basename(os.path.dirname(b.name))), reverse=True) - blob = blobs[0] + latest_zip_path = None + latest_zip_version = None + for current_file_path in pack_files: + current_pack_name = os.path.splitext(os.path.basename(current_file_path))[0] + if current_pack_name == pack and current_file_path.endswith('.zip'): + current_pack_zip_version = LooseVersion(os.path.basename(os.path.dirname(current_file_path))) + if not latest_zip_version or latest_zip_version < current_pack_zip_version: + latest_zip_version = current_pack_zip_version + latest_zip_path = current_file_path - return blob + return latest_zip_path def main(): install_logging('Zip_Content_Packs_From_GCS.log') option = option_handler() - storage_bucket_name = option.bucket_name zip_path = option.zip_path artifacts_path = option.artifacts_path - service_account = option.service_account - circle_build = option.circle_build - branch_name = option.branch_name - gcp_path = option.gcp_path - remove_test_playbooks = option.remove_test_playbooks private_build = option.private - if private_build: - packs_dir = '/home/runner/work/content-private/content-private/content/artifacts/packs' - zip_path = '/home/runner/work/content-private/content-private/content/temp-dir' - if not os.path.exists(packs_dir): - logging.debug("Packs dir not found. Creating.") - os.mkdir(packs_dir) - if not os.path.exists(zip_path): - logging.debug("Temp dir not found. Creating.") - os.mkdir(zip_path) - artifacts_path = '/home/runner/work/content-private/content-private/content/artifacts' - - # google cloud storage client initialized - storage_client = init_storage_client(service_account) - storage_bucket = storage_client.bucket(storage_bucket_name) - - if not circle_build or not branch_name: - # Ignore build properties - circle_build = '' - branch_name = '' - - if not gcp_path: - gcp_path = BUILD_GCP_PATH - - zipped_packs = [] + + zipped_packs = {} success = True try: - zipped_packs = download_packs_from_gcp(storage_bucket, gcp_path, zip_path, circle_build, branch_name) - except Exception: - logging.exception('Failed downloading packs') + zipped_packs = get_zipped_packs_names(zip_path) + except Exception as e: + logging.exception(f'Failed to get zipped packs names, {e}') success = False - if remove_test_playbooks: + if private_build: try: - remove_test_playbooks_if_exist(zip_path, zipped_packs) - except Exception: - logging.exception('Failed removing test playbooks from packs') + copy_zipped_packs_to_artifacts(zipped_packs, artifacts_path) + except Exception as e: + logging.exception(f'Failed to copy to artifacts, {e}') success = False if zipped_packs and success: @@ -270,12 +217,14 @@ def main(): shutil.copy(os.path.join(zip_path, ARTIFACT_NAME), os.path.join(artifacts_path, ARTIFACT_NAME)) else: logging.critical('Failed zipping packs.') - sys.exit(1) else: - logging.warning('Did not find any packs to zip.') + logging.warning('Failed to perform zip content packs from GCS step.') cleanup(zip_path) + if not success: + sys.exit(1) + if __name__ == '__main__': main() From 5eb1dfa4b51b5d1e76f23878f781c04e3cb12feb Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Tue, 24 Aug 2021 13:09:17 +0300 Subject: [PATCH 019/173] StixParser - skip SSDEEP (#14501) * add ssdeep to stix1 test file * trigger ut * skip ssdeep values * Update Packs/Base/ReleaseNotes/1_13_24.md Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> --- Packs/Base/ReleaseNotes/1_13_24.md | 5 +++++ Packs/Base/Scripts/StixParser/StixParser.py | 2 +- Packs/Base/Scripts/StixParser/StixParser.yml | 2 +- .../Base/Scripts/StixParser/TestData/stix1/file-stix-ioc.xml | 4 ++++ Packs/Base/pack_metadata.json | 2 +- 5 files changed, 12 insertions(+), 3 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_13_24.md diff --git a/Packs/Base/ReleaseNotes/1_13_24.md b/Packs/Base/ReleaseNotes/1_13_24.md new file mode 100644 index 000000000000..f69664bbb354 --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_13_24.md @@ -0,0 +1,5 @@ + +#### Scripts +##### StixParser +- Fixed an issue where the automation script failed to parse SSDEEP values. +- Updated the Docker image to: *demisto/stix:1.0.0.23135*. \ No newline at end of file diff --git a/Packs/Base/Scripts/StixParser/StixParser.py b/Packs/Base/Scripts/StixParser/StixParser.py index 073c3a20bbba..ab50ad1a95a4 100644 --- a/Packs/Base/Scripts/StixParser/StixParser.py +++ b/Packs/Base/Scripts/StixParser/StixParser.py @@ -363,7 +363,7 @@ def main(): if hasattr(obs.object_.properties, "hashes"): # File object for digest in obs.object_.properties.hashes: - if hasattr(digest, "simple_hash_value"): + if hasattr(digest, "simple_hash_value") and digest.simple_hash_value: if isinstance(digest.simple_hash_value.value, list): for hash in digest.simple_hash_value.value: create_new_ioc( diff --git a/Packs/Base/Scripts/StixParser/StixParser.yml b/Packs/Base/Scripts/StixParser/StixParser.yml index de6c80d52d45..7f3683c5932a 100644 --- a/Packs/Base/Scripts/StixParser/StixParser.yml +++ b/Packs/Base/Scripts/StixParser/StixParser.yml @@ -19,7 +19,7 @@ tags: timeout: 0s type: python subtype: python2 -dockerimage: demisto/stix:1.0.0.19265 +dockerimage: demisto/stix:1.0.0.23135 tests: - STIXParserTest dependson: {} diff --git a/Packs/Base/Scripts/StixParser/TestData/stix1/file-stix-ioc.xml b/Packs/Base/Scripts/StixParser/TestData/stix1/file-stix-ioc.xml index 24b114017d64..93b3eafcafa3 100644 --- a/Packs/Base/Scripts/StixParser/TestData/stix1/file-stix-ioc.xml +++ b/Packs/Base/Scripts/StixParser/TestData/stix1/file-stix-ioc.xml @@ -19,6 +19,10 @@ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 + + SSDEEP + 193:iAklVz3fzvBk5oFblLPBN1iXf2bCRErwyN4aEbwyiNwyiQwNeDAi4XMG:iAklVzfzvBTFblLpN1iXOYpyuapyiWym + diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index 49a4e51c4068..f6c7b1225a74 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.13.23", + "currentVersion": "1.13.24", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", From 197d1b07cb94dbd7c88cb722174ac12ab4bc4d52 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 24 Aug 2021 14:06:37 +0300 Subject: [PATCH 020/173] Ansible Integration Quality Improvements (#14375) * Ansible Integration Quality Improvements (#12795) * Ansible API Module * Refactored Ansible Integrations using API Module * HCloud Documentation * Default values of [] and {} are invalid in Ansible * Linux README. Work in progress. * spelling * Alibaba Cloud Readme * typo * typo * commands for doco * better acme banner * better description * ACME README WIP * commands from debian server * Windows ReadMe WIP * docker tag bump * docker version bump and displayname spacing * remove commands with error outputs * Release notes / Metadata * validation issue resolution * linting and formating corrections * trimmed package listing * MS Readme WIP * aligning names in note to integrations * MS Readme WIP * get_md5 argument no longer exists on module * More README WIP * remove pester example, looks like it failed tests * mypy and flake8 lint fixes * docker image bump * ignoring pylint errpr for specialised import * typo * pylint and pep8 errors use different ignore syntax * dict2md revisions and unit tests * rec_ansible_key_strip unit test * Correct docker image for Ansible * linting * clean up loose demisto calls and add type hinting * Inventory unit tests * incorrect indentation * remove unused value * tidy up demisto calls * generic_ansible unit test * remove global var host_type * linting * mypy fixes, output_key field, and context camelCase * regenerated integrations * id/name prefixed with ansible * removed whitespace on descriptions * camelcase context * corrected predefined args for bools * outputs_key_field for targetbased integrations * context path updated * better error messages * test-command functionality * fix templating error * correct logic for test-module * version bump and linting * linting * docstring for generic_ansible * Deprecating old pack Adding new packs * Alibaba Cloud Polish * Documenetation for Alibaba Cloud * Documentation for Azure Compute * remove problematic module * Documentation for Hetzner Cloud * Partial documentation for Windows * hcloud test playbook * kubernetes documentation * remove empty command example headings * better explaination around ansible usage * Linux doco * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Ansible naming Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Better description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * remove todo * Ansible branding + description clean up * Ansible DNS Doco * Formating * Linux doco * formating * moved dns back to linux pack * Cisco NXOS * typo * IOS requires a seperate become/enable password * Cisco IOS documentation * Azure Networking Doco * VMware Doco * deprecated notice * deprecated notices * ACME deprecated notice * min version * removed erronious output * merge azure packages * corrected context case * Case corrections in Context * Added privilege escalation options for Linux * Documentation about complex command inputs * Update Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * Update Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> * editing azure readme * editing azure readme * editing ciscos readmes * editing ciscos readmes * Update Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md * editing hcloud readme * Update Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/README.md * editing kubernetes readme * editing linux readme * editing windows readme * editing windows readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * editing vmware readme * changing command examples * fixing secrets * fixing secrets and validations * fixing secrets * fixing secrets * fixing secrets * fixing rm108 * use title case for context * fixing validations * host argument collision fix * whitespace * revised doco for collided arg * title case without underscores * fix title case in documentation * Title case in context path * titlecase context paths * correct display * priv escalation details * Capital letter in description Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> Co-authored-by: rsagi * reverting wrong changes * fixing same playbook name * skipping all integrations via conf.json * fixing dependencies * updating playbook-Windows_Application_Deployment_v2.yml * updating playbook-Windows_Application_Deployment_v2.yml * fixing names * updating playbook-Wait_Until_Windows_Host_Online_v2.yml * adding creds support * adding creds support * Merge branch 'master' into contrib/SergeBakharev_ansible_documentation&ApiModule # Conflicts: # Tests/conf.json * disabling guardrails false positive * adding creds support for hcould Co-authored-by: SergeBakharev Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> Co-authored-by: rsagi --- Packs/AnsibleAlibabaCloud/.pack-ignore | 0 Packs/AnsibleAlibabaCloud/.secrets-ignore | 2 + .../AnsibleAlibabaCloud.py | 59 + .../AnsibleAlibabaCloud.yml | 191 + .../AnsibleAlibabaCloud_description.md | 9 + .../AnsibleAlibabaCloud_image.png | Bin 0 -> 2431 bytes .../AnsibleAlibabaCloud/README.md | 347 + .../AnsibleAlibabaCloud/command_examples | 2 + Packs/AnsibleAlibabaCloud/README.md | 8 + .../TestPlaybooks/Test-AlibabaCloud.yml | 388 + Packs/AnsibleAlibabaCloud/pack_metadata.json | 15 + Packs/AnsibleAzure/.pack-ignore | 0 Packs/AnsibleAzure/.secrets-ignore | 4 + .../Integrations/AnsibleAzure/AnsibleAzure.py | 231 + .../AnsibleAzure/AnsibleAzure.yml | 3345 ++++++ .../AnsibleAzure/AnsibleAzure_description.md | 10 + .../AnsibleAzure/AnsibleAzure_image.png | Bin 0 -> 2356 bytes .../Integrations/AnsibleAzure/README.md | 6126 +++++++++++ .../AnsibleAzure/command_examples | 66 + Packs/AnsibleAzure/README.md | 39 + Packs/AnsibleAzure/pack_metadata.json | 15 + Packs/AnsibleCiscoIOS/.pack-ignore | 0 Packs/AnsibleCiscoIOS/.secrets-ignore | 3 + .../AnsibleCiscoIOS/AnsibleCiscoIOS.py | 96 + .../AnsibleCiscoIOS/AnsibleCiscoIOS.yml | 1176 +++ .../AnsibleCiscoIOS_description.md | 21 + .../AnsibleCiscoIOS/AnsibleCiscoIOS_image.png | Bin 0 -> 2315 bytes .../Integrations/AnsibleCiscoIOS/README.md | 1891 ++++ .../AnsibleCiscoIOS/command_examples | 23 + Packs/AnsibleCiscoIOS/README.md | 18 + Packs/AnsibleCiscoIOS/pack_metadata.json | 15 + Packs/AnsibleCiscoNXOS/.pack-ignore | 0 Packs/AnsibleCiscoNXOS/.secrets-ignore | 4 + .../AnsibleCiscoNXOS/AnsibleCiscoNXOS.py | 198 + .../AnsibleCiscoNXOS/AnsibleCiscoNXOS.yml | 3878 +++++++ .../AnsibleCiscoNXOS_description.md | 18 + .../AnsibleCiscoNXOS_image.png | Bin 0 -> 2315 bytes .../Integrations/AnsibleCiscoNXOS/README.md | 4289 ++++++++ .../AnsibleCiscoNXOS/command_examples | 74 + Packs/AnsibleCiscoNXOS/README.md | 35 + Packs/AnsibleCiscoNXOS/pack_metadata.json | 15 + Packs/AnsibleHetznerCloud/.pack-ignore | 0 Packs/AnsibleHetznerCloud/.secrets-ignore | 4 + .../AnsibleHCloud/AnsibleHCloud.py | 92 + .../AnsibleHCloud/AnsibleHCloud.yml | 438 + .../AnsibleHCloud_description.md | 13 + .../AnsibleHCloud/AnsibleHCloud_image.png | Bin 0 -> 1073 bytes .../Integrations/AnsibleHCloud/README.md | 1134 ++ .../AnsibleHCloud/command_examples | 17 + Packs/AnsibleHetznerCloud/README.md | 21 + .../TestPlaybooks/Test-AnsibleHCloud.yml | 1929 ++++ Packs/AnsibleHetznerCloud/pack_metadata.json | 15 + Packs/AnsibleKubernetes/.pack-ignore | 0 Packs/AnsibleKubernetes/.secrets-ignore | 0 .../AnsibleKubernetes/AnsibleKubernetes.py | 58 + .../AnsibleKubernetes/AnsibleKubernetes.yml | 317 + .../AnsibleKubernetes_description.md | 49 + .../AnsibleKubernetes_image.png | Bin 0 -> 1618 bytes .../Integrations/AnsibleKubernetes/README.md | 827 ++ .../AnsibleKubernetes/command_examples | 4 + Packs/AnsibleKubernetes/README.md | 10 + Packs/AnsibleKubernetes/pack_metadata.json | 15 + Packs/AnsibleLinux/.pack-ignore | 2 + Packs/AnsibleLinux/.secrets-ignore | 9 + .../Integrations/AnsibleACME/ACME_image.png | Bin 0 -> 4590 bytes .../Integrations/AnsibleACME/AnsibleACME.py | 58 + .../Integrations/AnsibleACME/AnsibleACME.yml | 759 ++ .../AnsibleACME/AnsibleACME_description.md | 30 + .../Integrations/AnsibleACME/README.md | 550 + .../Integrations/AnsibleACME/command_examples | 6 + .../Integrations/AnsibleDNS/AnsibleDNS.py | 52 + .../Integrations/AnsibleDNS/AnsibleDNS.yml | 110 + .../AnsibleDNS/AnsibleDNS_description.md | 35 + .../AnsibleDNS/AnsibleDNS_image.png | Bin 0 -> 4149 bytes .../Integrations/AnsibleDNS/README.md | 146 + .../Integrations/AnsibleDNS/command_examples | 1 + .../Integrations/AnsibleLinux/AnsibleLinux.py | 260 + .../AnsibleLinux/AnsibleLinux.yml | 7407 +++++++++++++ .../AnsibleLinux/AnsibleLinux_description.md | 30 + .../AnsibleLinux/AnsibleLinux_image.png | Bin 0 -> 3779 bytes .../Integrations/AnsibleLinux/README.md | 8272 +++++++++++++++ .../AnsibleLinux/command_examples | 49 + .../AnsibleOpenSSL/AnsibleOpenSSL.py | 68 + .../AnsibleOpenSSL/AnsibleOpenSSL.yml | 1744 ++++ .../AnsibleOpenSSL_description.md | 27 + .../AnsibleOpenSSL/AnsibleOpenSSL_image.png | Bin 0 -> 1957 bytes .../Integrations/AnsibleOpenSSL/README.md | 1185 +++ .../AnsibleOpenSSL/command_examples | 12 + Packs/AnsibleLinux/README.md | 38 + Packs/AnsibleLinux/pack_metadata.json | 15 + Packs/AnsibleMicrosoftWindows/.pack-ignore | 0 Packs/AnsibleMicrosoftWindows/.secrets-ignore | 4 + .../AnsibleMicrosoftWindows.py | 254 + .../AnsibleMicrosoftWindows.yml | 6025 +++++++++++ .../AnsibleMicrosoftWindows_description.md | 30 + .../AnsibleMicrosoftWindows_image.png | Bin 0 -> 2156 bytes .../AnsibleMicrosoftWindows/README.md | 7075 +++++++++++++ .../AnsibleMicrosoftWindows/command_examples | 78 + ...book-Wait_Until_Windows_Host_Online_v2.yml | 190 + ...book-Windows_Application_Deployment_v2.yml | 689 ++ Packs/AnsibleMicrosoftWindows/README.md | 36 + .../pack_metadata.json | 20 + Packs/AnsibleVMware/.pack-ignore | 0 Packs/AnsibleVMware/.secrets-ignore | 4 + .../AnsibleVMware/AnsibleVMware.py | 357 + .../AnsibleVMware/AnsibleVMware.yml | 4711 +++++++++ .../AnsibleVMware_description.md | 23 + .../AnsibleVMware/AnsibleVMware_image.png | Bin 0 -> 4007 bytes .../Integrations/AnsibleVMware/README.md | 9190 +++++++++++++++++ .../AnsibleVMware/command_examples | 142 + Packs/AnsibleVMware/README.md | 21 + Packs/AnsibleVMware/pack_metadata.json | 15 + .../Integrations/ACME/ACME.yml | 7 +- .../AlibabaCloud/AlibabaCloud.yml | 7 +- .../AzureComputeV3/AzureComputeV3.yml | 7 +- .../AzureNetworking/AzureNetworking.yml | 9 +- .../Integrations/CiscoIOS/CiscoIOS.yml | 7 +- .../Integrations/CiscoNXOS/CiscoNXOS.yml | 7 +- .../Integrations/DNS/DNS.yml | 7 +- .../Integrations/HCloud/HCloud.yml | 7 +- .../Integrations/Kubernetes/Kubernetes.yml | 7 +- .../Integrations/Linux/Linux.yml | 7 +- .../MicrosoftWindows/MicrosoftWindows.yml | 5 +- .../Integrations/OpenSSL/OpenSSL.yml | 7 +- .../Integrations/VMwareV2/VMwareV2.yml | 7 +- ...laybook-Wait_Until_Windows_Host_Online.yml | 3 +- ...laybook-Windows_Application_Deployment.yml | 3 +- .../ReleaseNotes/2_0_0.md | 35 + .../pack_metadata.json | 2 +- Packs/ApiModules/.secrets-ignore | 1 + .../AnsibleApiModule/AnsibleApiModule.py | 349 + .../AnsibleApiModule/AnsibleApiModule.yml | 16 + .../AnsibleApiModule/AnsibleApiModule_test.py | 212 + .../TestsInput/ansible_inventory.py | 5 + .../TestsInput/ansible_keys.py | 23 + .../AnsibleApiModule/TestsInput/markdown.py | 96 + Tests/conf.json | 20 +- 137 files changed, 78093 insertions(+), 46 deletions(-) create mode 100644 Packs/AnsibleAlibabaCloud/.pack-ignore create mode 100644 Packs/AnsibleAlibabaCloud/.secrets-ignore create mode 100644 Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py create mode 100644 Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.yml create mode 100644 Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud_description.md create mode 100644 Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud_image.png create mode 100644 Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/README.md create mode 100644 Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/command_examples create mode 100644 Packs/AnsibleAlibabaCloud/README.md create mode 100644 Packs/AnsibleAlibabaCloud/TestPlaybooks/Test-AlibabaCloud.yml create mode 100644 Packs/AnsibleAlibabaCloud/pack_metadata.json create mode 100644 Packs/AnsibleAzure/.pack-ignore create mode 100644 Packs/AnsibleAzure/.secrets-ignore create mode 100644 Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.py create mode 100644 Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.yml create mode 100644 Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure_description.md create mode 100644 Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure_image.png create mode 100644 Packs/AnsibleAzure/Integrations/AnsibleAzure/README.md create mode 100644 Packs/AnsibleAzure/Integrations/AnsibleAzure/command_examples create mode 100644 Packs/AnsibleAzure/README.md create mode 100644 Packs/AnsibleAzure/pack_metadata.json create mode 100644 Packs/AnsibleCiscoIOS/.pack-ignore create mode 100644 Packs/AnsibleCiscoIOS/.secrets-ignore create mode 100644 Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.py create mode 100644 Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.yml create mode 100644 Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS_description.md create mode 100644 Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS_image.png create mode 100644 Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/README.md create mode 100644 Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/command_examples create mode 100644 Packs/AnsibleCiscoIOS/README.md create mode 100644 Packs/AnsibleCiscoIOS/pack_metadata.json create mode 100644 Packs/AnsibleCiscoNXOS/.pack-ignore create mode 100644 Packs/AnsibleCiscoNXOS/.secrets-ignore create mode 100644 Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.py create mode 100644 Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.yml create mode 100644 Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS_description.md create mode 100644 Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS_image.png create mode 100644 Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/README.md create mode 100644 Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/command_examples create mode 100644 Packs/AnsibleCiscoNXOS/README.md create mode 100644 Packs/AnsibleCiscoNXOS/pack_metadata.json create mode 100644 Packs/AnsibleHetznerCloud/.pack-ignore create mode 100644 Packs/AnsibleHetznerCloud/.secrets-ignore create mode 100644 Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.py create mode 100644 Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.yml create mode 100644 Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud_description.md create mode 100644 Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud_image.png create mode 100644 Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md create mode 100644 Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/command_examples create mode 100644 Packs/AnsibleHetznerCloud/README.md create mode 100644 Packs/AnsibleHetznerCloud/TestPlaybooks/Test-AnsibleHCloud.yml create mode 100644 Packs/AnsibleHetznerCloud/pack_metadata.json create mode 100644 Packs/AnsibleKubernetes/.pack-ignore create mode 100644 Packs/AnsibleKubernetes/.secrets-ignore create mode 100644 Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.py create mode 100644 Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.yml create mode 100644 Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes_description.md create mode 100644 Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes_image.png create mode 100644 Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/README.md create mode 100644 Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/command_examples create mode 100644 Packs/AnsibleKubernetes/README.md create mode 100644 Packs/AnsibleKubernetes/pack_metadata.json create mode 100644 Packs/AnsibleLinux/.pack-ignore create mode 100644 Packs/AnsibleLinux/.secrets-ignore create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleACME/ACME_image.png create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.py create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME_description.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleACME/README.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleACME/command_examples create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.py create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.yml create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS_description.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS_image.png create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleDNS/README.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleDNS/command_examples create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.py create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.yml create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux_description.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux_image.png create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleLinux/README.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleLinux/command_examples create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.py create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.yml create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL_description.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL_image.png create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/README.md create mode 100644 Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/command_examples create mode 100644 Packs/AnsibleLinux/README.md create mode 100644 Packs/AnsibleLinux/pack_metadata.json create mode 100644 Packs/AnsibleMicrosoftWindows/.pack-ignore create mode 100644 Packs/AnsibleMicrosoftWindows/.secrets-ignore create mode 100644 Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.py create mode 100644 Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.yml create mode 100644 Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows_description.md create mode 100644 Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows_image.png create mode 100644 Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/README.md create mode 100644 Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/command_examples create mode 100644 Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Wait_Until_Windows_Host_Online_v2.yml create mode 100644 Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Windows_Application_Deployment_v2.yml create mode 100644 Packs/AnsibleMicrosoftWindows/README.md create mode 100644 Packs/AnsibleMicrosoftWindows/pack_metadata.json create mode 100644 Packs/AnsibleVMware/.pack-ignore create mode 100644 Packs/AnsibleVMware/.secrets-ignore create mode 100644 Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.py create mode 100644 Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.yml create mode 100644 Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware_description.md create mode 100644 Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware_image.png create mode 100644 Packs/AnsibleVMware/Integrations/AnsibleVMware/README.md create mode 100644 Packs/AnsibleVMware/Integrations/AnsibleVMware/command_examples create mode 100644 Packs/AnsibleVMware/README.md create mode 100644 Packs/AnsibleVMware/pack_metadata.json create mode 100644 Packs/Ansible_Powered_Integrations/ReleaseNotes/2_0_0.md create mode 100644 Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.py create mode 100644 Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.yml create mode 100644 Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule_test.py create mode 100644 Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_inventory.py create mode 100644 Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_keys.py create mode 100644 Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/markdown.py diff --git a/Packs/AnsibleAlibabaCloud/.pack-ignore b/Packs/AnsibleAlibabaCloud/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleAlibabaCloud/.secrets-ignore b/Packs/AnsibleAlibabaCloud/.secrets-ignore new file mode 100644 index 000000000000..d7ef94595875 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/.secrets-ignore @@ -0,0 +1,2 @@ +https://ram.console.aliyun.com +123.123.123.123 diff --git a/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py new file mode 100644 index 000000000000..b9eea6fde876 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.py @@ -0,0 +1,59 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'local' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + creds_mapping = { + "identifier": "alicloud_access_key", + "password": "alicloud_secret_key" # guardrails-disable-line + } + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + result = generic_ansible('AlibabaCloud', 'ali_instance_info', args, int_params, host_type, creds_mapping) + + if result: + return_results('ok') + else: + return_results(result) + + elif command == 'ali-instance': + return_results(generic_ansible('AlibabaCloud', 'ali_instance', args, int_params, host_type, creds_mapping)) + elif command == 'ali-instance-info': + return_results(generic_ansible('AlibabaCloud', 'ali_instance_info', args, int_params, host_type, + creds_mapping)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.yml b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.yml new file mode 100644 index 000000000000..defbfb800cf0 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud.yml @@ -0,0 +1,191 @@ +category: IT Services +commonfields: + id: AnsibleAlibabaCloud + version: -1 +configuration: +- additionalinfo: Aliyun Cloud access key + display: Access Key + displaypassword: Access Secret Key + name: creds + required: true + type: 9 +- additionalinfo: Aliyun Cloud region + display: Region + name: alicloud_region + required: true + type: 0 +description: Manage Alibaba Cloud Elastic Compute Instances +display: Ansible Alibaba Cloud +fromversion: 6.0.0 +name: AnsibleAlibabaCloud +script: + commands: + - arguments: + - auto: PREDEFINED + defaultValue: present + description: The state of the instance after operating. + name: state + predefined: + - present + - running + - stopped + - restarted + - absent + - description: Aliyun availability zone ID in which to launch the instance. If + it is not specified, it will be allocated by system automatically. + name: availability_zone + - description: Image ID used to launch instances. Required when `state=present` + and creating new ECS instances. + name: image_id + - description: Instance type used to launch instances. Required when `state=present` + and creating new ECS instances. + name: instance_type + - description: A list of security group IDs. + name: security_groups + - description: The subnet ID in which to launch the instances (VPC). + name: vswitch_id + - description: The name of ECS instance, which is a string of 2 to 128 Chinese + or English characters. It must begin with an uppercase/lowercase letter or + a Chinese character and can contain numerals, ".", "_" or "-". It cannot begin + with http:// or https://. + name: instance_name + - description: The description of ECS instance, which is a string of 2 to 256 + characters. It cannot begin with http:// or https://. + name: description + - auto: PREDEFINED + defaultValue: PayByBandwidth + description: Internet charge type of ECS instance. + name: internet_charge_type + predefined: + - PayByBandwidth + - PayByTraffic + - defaultValue: '200' + description: Maximum incoming bandwidth from the public network, measured in + Mbps (Megabits per second). + name: max_bandwidth_in + - defaultValue: '0' + description: Maximum outgoing bandwidth to the public network, measured in Mbps + (Megabits per second). + name: max_bandwidth_out + - description: Instance host name. + name: host_name + - description: The password to login instance. After rebooting instances, modified + password will take effect. + name: password + - auto: PREDEFINED + defaultValue: cloud_efficiency + description: Category of the system disk. + name: system_disk_category + predefined: + - cloud_efficiency + - cloud_ssd + - defaultValue: '40' + description: Size of the system disk, in GB. The valid values are 40~500. + name: system_disk_size + - description: Name of the system disk. + name: system_disk_name + - description: Description of the system disk. + name: system_disk_description + - defaultValue: '1' + description: The number of the new instance. An integer value which indicates + how many instances that match `count_tag` should be running. Instances are + either created or terminated based on this value. + name: count + - description: '`count` determines how many instances based on a specific tag + criteria should be present. This can be expressed in multiple ways and is + shown in the EXAMPLES section. The specified count_tag must already exist + or be passed in as the `instance_tags` option. If it is not specified, it + will be replaced by `instance_name`.' + name: count_tag + - auto: PREDEFINED + defaultValue: 'No' + description: Whether allocate a public ip for the new instance. + name: allocate_public_ip + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: PostPaid + description: The charge type of the instance. + name: instance_charge_type + predefined: + - PrePaid + - PostPaid + - defaultValue: '1' + description: 'The charge duration of the instance, in month. Required when `instance_charge_type=PrePaid`. + + The valid value are [1-9, 12, 24, 36].' + name: period + - auto: PREDEFINED + defaultValue: 'No' + description: Whether automate renew the charge of the instance. + name: auto_renew + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: The duration of the automatic renew the charge of the instance. + Required when `auto_renew=True`. + name: auto_renew_period + predefined: + - '1' + - '2' + - '3' + - '6' + - '12' + - description: A list of instance ids. It is required when need to operate existing + instances. If it is specified, `count` will lose efficacy. + name: instance_ids + - auto: PREDEFINED + defaultValue: 'No' + description: Whether the current operation needs to be execute forcibly. + name: force + predefined: + - 'Yes' + - 'No' + - description: A hash/dictionaries of instance tags, to add to the new instance + or for starting/stopping instance by tag. `{"key":"value"}` + name: instance_tags + - description: The name of key pair which is used to access ECS instance in SSH. + name: key_name + - description: User-defined data to customize the startup behaviors of an ECS + instance and to pass data into an ECS instance. It only will take effect when + launching the new ECS instances. + name: user_data + description: "Create, Start, Stop, Restart or Terminate an Instance in ECS. Add\ + \ or Remove Instance to/from a Security Group.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/ali_instance_module.html" + name: ali-instance + outputs: + - contextPath: AlibabaCloud.AliInstance.instances + description: List of ECS instances + type: unknown + - contextPath: AlibabaCloud.AliInstance.ids + description: List of ECS instance IDs + type: unknown + - arguments: + - description: Aliyun availability zone ID in which to launch the instance + name: availability_zone + - description: A list of ECS instance names. + name: instance_names + - description: A list of ECS instance ids. + name: instance_ids + - description: A hash/dictionaries of instance tags. `{"key":"value"}` + name: instance_tags + description: "Gather information on instances of Alibaba Cloud ECS.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/ali_instance_info_module.html" + name: ali-instance-info + outputs: + - contextPath: AlibabaCloud.AliInstanceInfo.instances + description: List of ECS instances + type: unknown + - contextPath: AlibabaCloud.AliInstanceInfo.ids + description: List of ECS instance IDs + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud_description.md b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud_description.md new file mode 100644 index 000000000000..0be8ce33b2e6 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud_description.md @@ -0,0 +1,9 @@ +# Ansible Alibaba Cloud +Manage Alibaba Cloud Elastic Compute Instances. + +To use this integration you must generate an Access/Secret token for your Alibaba tenancy. +1. Navigate to the [Resource Access Management](https://ram.console.aliyun.com/users) +2. Create a service account dedicated for XSOAR with Programmatic Access enabled +3. Record the Access and Secret tokens +4. Navigate to [Permmions > Grants](https://ram.console.aliyun.com/permissions) +4. Grant the service account principal either `AliyunECSFullAccess` or `AliyunECSReadOnlyAccess` permissions. diff --git a/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud_image.png b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/AnsibleAlibabaCloud_image.png new file mode 100644 index 0000000000000000000000000000000000000000..01f1ad2054b7b9a063d5364706fa30cfeb2c92d0 GIT binary patch literal 2431 zcmbW3XFnSX1I0t_t*BC?M%`YyMU(2KV#X|D#NLXu1R-|K7*%Q{8nw3=)e!0`u4{Fn zw4y=Ota0sDqmiifc)q~%;(2k-|98&$0w=>7X2Q=S$pZiY_{~fWZO<8fE)W;Txfj&S zQqRE>W@};qX#Oa*c^=sA>s#sr0Ij*a$KLGcnLEVPISc?082qnT#ID~>I`2fy4E61z zJ$6fYvCrU_-+yvO!VNO>w5~~XgFra*3`O}G+u*gSM_96#+NhVBN|oJ%!VJl*>#1(l z=vliVcLPQD7q#Ku4Ej+8BfjtC%SlIX(C3hUkH^lm)*`7O*v+&r$m}V0 zYS`R^DM}ad_N94(nS2yEHR*(+%TbORvO28xUeS5Ms}m*ZF?-t@-G2Rrkx5(AAm)t| zH`uTJ2iO_17^x22w@-Hav*7ekFH7kJ-4rlfJYJl#Wh(dDY;#>0Iryb_%q$F`&@}fE zuk~!tsA00i02pR0HO4~Jo6NQ`>~32(-PzgW?7@78Nc{GSt8KPLz1qC&ULwXtvEuXe zHdi0!2Kg&1jgU*sr1Yad{O(cX6QSl7rje8Xx0HCNjdd{pTAfI_0os+yS$9_4@;lfG zNKzgdyLtRv&{O|_`?LA7TjlQLUSuy=PWXf&R0KREa+-`!JN%@>j3@KjmHeQzBavYH zT8`$D)V1(xS?MF7+4N;Ti)ap&h}P)*Rgd4Ne!}jdKT2_o`e)2Gv#w?@xy>+o`?U=fl7rJMDh`Vnb^CJl$*~ zN$1(1K{P^sBq?%rmy(c3Wyvv7SX8i@j{*7yDQ_CBmvs!Sq&a&j30Lq5rmR~>a@z)p zYx29X$Gza(DSG;L4^&K)E5v~c59V?=)3P9(0agnFQ*2MHk=iZ|@B4jsE>uD=d<^9u zx>bm9ADWiXw;afkTP5*pOx;Q(WqgaCX88O~7`tuHSK&9HBI((hXw`u$VOoHVy9y|;_fEYkma-8Sc? zS+|RneV0NBeU~kW$N9rz{Za$=qqk1^Cl81!jvh4~k4J5eFA3?Go-I_LO#U=>P1;Ay z1ji_7u-?s`u6~~%$p=@TBJ5WlN>Gcz4dM6HAsNSGGcQ|`Y$-br07%kk9JUsfbU0Xz z%{OyvRQKoeBVLP>cIHJKmV|UawrFy0(xTt7L1S(n$cPUO1(-8@EFbxkz!9F0T7(jZ z*QVw^uNw3?e#vZdv3qwnD;u8PN{D|UGc{xV@Uw%c0(v&^lmk(Tsw6c|qHB-z7W8b= z!Yv%RVBkDO$bIJmHW8HbL1GF+n->(76Gd&ZBJ z&`_;G@eQ*O9x50GS5SDE*~};j$$cP&A&B`4`Uay^Zm3WrKj>HIUYk{_?V?spJk$4|Yq{({0uh%>PpbOv)HSm+@<@@^in#wkB z|Bkaq&CZ)mUpxKd$EU|p@_6!E0KMHMCz0ISm)UtR;E&&go~pc|cc>J7E0p{|-(#m% zfM#v~y|GNJTF9f~SJe-3?Bp@ZjiL*m{ShtkvyG&CP$v}n%L4O$-Y(A9o z)|z14+)M|39IlP{Gm&k^nzoj&lRVL)^r()wu=m$`$9-S(LY|t83b_~v@P))+%L0tu z9v`b+Ox;c;+=|12&=`Rsz^|0#g^0CMzbs0pq+NkxIllyh5xBx*Ay0@Pk+0Iy4kpv$ zZ1ADF2rQiYw*jlK149MSuEcpLP?pOtD`$24TZ34G*w0(GyNh>h%rV`M@V3Tx(7C)_ zN&1(BhbjZ$f&u|PqLk!KgM?qqm42o@3^hT!=u;I=y_A5#HOq_tyom@@cW%4iCgw;b9=QX;x^ey|#7KGnOq22>nRtad2f1|L1Z3 zZ2jFb{ZawmxeITsR_$Xp>MbQa!SNis0UhGxFSqJS9jt!yB~XqYqd{&WcJ*4jUDmlw z5u0jyEmkHqo!RD^}*e)X@S;BX3>s*bM4YFM`M8dir zODj5+%bT|CNi}NC{FVHTnYnpGFHwv__m5}F_G_C23Bp; Grants](https://ram.console.aliyun.com/permissions) +4. Grant the service account principal either `AliyunECSFullAccess` or `AliyunECSReadOnlyAccess` permissions. + +## Configure Ansible Alibaba Cloud on Cortex XSOAR +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible Alibaba Cloud. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Access Key | Aliyun Cloud access key | True | + | Access Secret Key | Aliyun Cloud secret key | True | + | Region | Aliyun Cloud region | True | + +4. Click **Test** to validate the URLs, token, and connection. + +## Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +## State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. + +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### ali-instance +*** +Create, Start, Stop, Restart or Terminate an Instance in ECS. Add or Remove Instance to/from a Security Group. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ali_instance_module.html + + +#### Base Command + +`ali-instance` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | The state of the instance after operating. Possible values are: present, running, stopped, restarted, absent. Default is present. | Optional | +| availability_zone | Aliyun availability zone ID in which to launch the instance. If it is not specified, it will be allocated by system automatically. | Optional | +| image_id | Image ID used to launch instances. Required when `state=present` and creating new ECS instances. | Optional | +| instance_type | Instance type used to launch instances. Required when `state=present` and creating new ECS instances. | Optional | +| security_groups | A list of security group IDs. | Optional | +| vswitch_id | The subnet ID in which to launch the instances (VPC). | Optional | +| instance_name | The name of ECS instance, which is a string of 2 to 128 Chinese or English characters. It must begin with an uppercase/lowercase letter or a Chinese character and can contain numerals, ".", "_" or "-". It cannot begin with http:// or https://. | Optional | +| description | The description of ECS instance, which is a string of 2 to 256 characters. It cannot begin with http:// or https://. | Optional | +| internet_charge_type | Internet charge type of ECS instance. Possible values are: PayByBandwidth, PayByTraffic. Default is PayByBandwidth. | Optional | +| max_bandwidth_in | Maximum incoming bandwidth from the public network, measured in Mbps (Megabits per second). Default is 200. | Optional | +| max_bandwidth_out | Maximum outgoing bandwidth to the public network, measured in Mbps (Megabits per second). Default is 0. | Optional | +| host_name | Instance host name. | Optional | +| password | The password to login instance. After rebooting instances, modified password will take effect. | Optional | +| system_disk_category | Category of the system disk. Possible values are: cloud_efficiency, cloud_ssd. Default is cloud_efficiency. | Optional | +| system_disk_size | Size of the system disk, in GB. The valid values are 40~500. Default is 40. | Optional | +| system_disk_name | Name of the system disk. | Optional | +| system_disk_description | Description of the system disk. | Optional | +| count | The number of the new instance. An integer value which indicates how many instances that match `count_tag` should be running. Instances are either created or terminated based on this value. Default is 1. | Optional | +| count_tag | `count` determines how many instances based on a specific tag criteria should be present. This can be expressed in multiple ways and is shown in the EXAMPLES section. The specified count_tag must already exist or be passed in as the `instance_tags` option. If it is not specified, it will be replaced by `instance_name`. | Optional | +| allocate_public_ip | Whether allocate a public ip for the new instance. Possible values are: Yes, No. Default is No. | Optional | +| instance_charge_type | The charge type of the instance. Possible values are: PrePaid, PostPaid. Default is PostPaid. | Optional | +| period | The charge duration of the instance, in month. Required when `instance_charge_type=PrePaid`.
The valid value are [1-9, 12, 24, 36]. Default is 1. | Optional | +| auto_renew | Whether automate renew the charge of the instance. Possible values are: Yes, No. Default is No. | Optional | +| auto_renew_period | The duration of the automatic renew the charge of the instance. Required when `auto_renew=True`. Possible values are: 1, 2, 3, 6, 12. | Optional | +| instance_ids | A list of instance ids. It is required when need to operate existing instances. If it is specified, `count` will lose efficacy. | Optional | +| force | Whether the current operation needs to be execute forcibly. Possible values are: Yes, No. Default is No. | Optional | +| instance_tags | A hash/dictionaries of instance tags, to add to the new instance or for starting/stopping instance by tag. `{"key":"value"}`. | Optional | +| key_name | The name of key pair which is used to access ECS instance in SSH. | Optional | +| user_data | User-defined data to customize the startup behaviors of an ECS instance and to pass data into an ECS instance. It only will take effect when launching the new ECS instances. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| AlibabaCloud.AliInstance.instances | unknown | List of ECS instances | +| AlibabaCloud.AliInstance.ids | unknown | List of ECS instance IDs | + + +#### Command Example +```!ali-instance image_id=ubuntu_20_04_x64_20G_alibase_20210420.vhd instance_type=ecs.n4.small vswitch_id=vsw-bp1aclhyjkdy98ujfzspt host_name=testserver security_groups=sg-bp1fy1o431n7m0hta5tt ``` + +#### Context Example +```json +{ + "AlibabaCloud": { + "AliInstance": [ + { + "changed": true, + "instances": [], + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Instances + + +### ali-instance-info +*** +Gather information on instances of Alibaba Cloud ECS. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ali_instance_info_module.html + + +#### Base Command + +`ali-instance-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| availability_zone | Aliyun availability zone ID in which to launch the instance. | Optional | +| instance_names | A list of ECS instance names. | Optional | +| instance_ids | A list of ECS instance ids. | Optional | +| instance_tags | A hash/dictionaries of instance tags. `{"key":"value"}`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| AlibabaCloud.AliInstanceInfo.instances | unknown | List of ECS instances | +| AlibabaCloud.AliInstanceInfo.ids | unknown | List of ECS instance IDs | + + +#### Command Example +```!ali-instance-info ``` + +#### Context Example +```json +{ + "AlibabaCloud": { + "AliInstanceInfo": [ + { + "changed": false, + "ids": [ + "i-bp17uguykg2l5jkktagl" + ], + "instances": [ + { + "auto_release_time": "", + "availability_zone": "cn-hangzhou-b", + "block_device_mappings": [ + { + "attach_time": "2021-06-14T00:11:06Z", + "delete_on_termination": true, + "device_name": "/dev/xvda", + "status": "in_use", + "volume_id": "d-bp12fxlqjtnmbzluop4s" + } + ], + "cpu": 1, + "cpu_options": { + "core_count": 1, + "numa": "", + "threads_per_core": 1 + }, + "creation_time": "2021-06-14T00:11Z", + "credit_specification": "", + "dedicated_instance_attribute": { + "affinity": "", + "tenancy": "" + }, + "deletion_protection": false, + "deployment_set_id": "", + "description": "", + "ecs_capacity_reservation_attr": { + "capacity_reservation_id": "", + "capacity_reservation_preference": "" + }, + "eip": { + "allocation_id": "", + "internet_charge_type": "", + "ip_address": "" + }, + "expired_time": "2099-12-31T15:59Z", + "gpu": { + "amount": 0, + "spec": "", + "specification": "" + }, + "hibernation_options": { + "configured": false + }, + "host_name": "testserver", + "id": "i-bp17uguykg2l5jkktagl", + "image_id": "ubuntu_20_04_x64_20G_alibase_20210420.vhd", + "inner_ip_address": "", + "instance_charge_type": "PostPaid", + "instance_id": "i-bp17uguykg2l5jkktagl", + "instance_name": "testserver", + "instance_type": "ecs.n4.small", + "instance_type_family": "ecs.n4", + "internet_charge_type": "PayByBandwidth", + "internet_max_bandwidth_in": -1, + "internet_max_bandwidth_out": 0, + "io_optimized": true, + "memory": 2048, + "metadata_options": { + "http_endpoint": "", + "http_tokens": "" + }, + "network_interfaces": [ + { + "mac_address": "00:16:3e:11:bb:a2", + "network_interface_id": "eni-bp129akowq29d0ocv18q", + "primary_ip_address": "1.1.1.1", + "private_ip_sets": { + "private_ip_set": [ + { + "primary": true, + "private_ip_address": "1.1.1.1" + } + ] + }, + "type": "Primary" + } + ], + "osname": "Ubuntu 20.04 64\u4f4d", + "osname_en": "Ubuntu 20.04 64 bit", + "ostype": "linux", + "private_ip_address": "1.1.1.1", + "public_ip_address": "", + "resource_group_id": "", + "status": "running", + "tags": {}, + "user_data": "", + "vpc_id": "vpc-bp179mi6isco5xen2wojd", + "vswitch_id": "vsw-bp1aclhyjkdy98ujfzspt" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Ids +> * 0: i-bp17uguykg2l5jkktagl +> * ## Instances +> * ## Testserver +> * auto_release_time: +> * availability_zone: cn-hangzhou-b +> * cpu: 1 +> * creation_time: 2021-06-14T00:11Z +> * credit_specification: +> * deletion_protection: False +> * deployment_set_id: +> * description: +> * expired_time: 2099-12-31T15:59Z +> * host_name: testserver +> * id: i-bp17uguykg2l5jkktagl +> * image_id: ubuntu_20_04_x64_20G_alibase_20210420.vhd +> * inner_ip_address: +> * instance_charge_type: PostPaid +> * instance_id: i-bp17uguykg2l5jkktagl +> * instance_name: testserver +> * instance_type: ecs.n4.small +> * instance_type_family: ecs.n4 +> * internet_charge_type: PayByBandwidth +> * internet_max_bandwidth_in: -1 +> * internet_max_bandwidth_out: 0 +> * io_optimized: True +> * memory: 2048 +> * osname: Ubuntu 20.04 64位 +> * osname_en: Ubuntu 20.04 64 bit +> * ostype: linux +> * private_ip_address: 1.1.1.1 +> * public_ip_address: +> * resource_group_id: +> * status: running +> * user_data: +> * vpc_id: vpc-bp179mi6isco5xen2wojd +> * vswitch_id: vsw-bp1aclhyjkdy98ujfzspt +> * ### Block_Device_Mappings +> * ### /Dev/Xvda +> * attach_time: 2021-06-14T00:11:06Z +> * delete_on_termination: True +> * device_name: /dev/xvda +> * status: in_use +> * volume_id: d-bp12fxlqjtnmbzluop4s +> * ### Cpu_Options +> * core_count: 1 +> * numa: +> * threads_per_core: 1 +> * ### Dedicated_Instance_Attribute +> * affinity: +> * tenancy: +> * ### Ecs_Capacity_Reservation_Attr +> * capacity_reservation_id: +> * capacity_reservation_preference: +> * ### Eip +> * allocation_id: +> * internet_charge_type: +> * ip_address: +> * ### Gpu +> * amount: 0 +> * spec: +> * specification: +> * ### Hibernation_Options +> * configured: False +> * ### Metadata_Options +> * http_endpoint: +> * http_tokens: +> * ### Network_Interfaces +> * ### Eni-Bp129Akowq29D0Ocv18Q +> * mac_address: 00:16:3e:11:bb:a2 +> * network_interface_id: eni-bp129akowq29d0ocv18q +> * primary_ip_address: 1.1.1.1 +> * type: Primary +> * #### Private_Ip_Sets +> * ##### Private_Ip_Set +> * ##### List +> * primary: True +> * private_ip_address: 1.1.1.1 +> * ### Tags diff --git a/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/command_examples b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/command_examples new file mode 100644 index 000000000000..e52cd0a259b4 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/Integrations/AnsibleAlibabaCloud/command_examples @@ -0,0 +1,2 @@ +!ali-instance image_id=ubuntu_20_04_x64_20G_alibase_20210420.vhd instance_type=ecs.n4.small vswitch_id=vsw-bp1aclhyjkdy98ujfzspt host_name=testserver security_groups=sg-bp1fy1o431n7m0hta5tt +!ali-instance-info diff --git a/Packs/AnsibleAlibabaCloud/README.md b/Packs/AnsibleAlibabaCloud/README.md new file mode 100644 index 000000000000..4f17919b9021 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/README.md @@ -0,0 +1,8 @@ +This pack enables you to integrate with Alibaba Cloud, the largest cloud computing company in China, and in Asia Pacific. Alibaba Cloud operates data centers in 24 regions and 74 availability zones around the globe. Alibaba Cloud offers cloud services that are available on a pay-as-you-go basis, and include Elastic Compute, Data Storage, Relational Databases, Big-Data Processing, Anti-DDoS protection and Content Delivery Networks (CDN). + +This integration enables the management of Alibaba Cloud Elastic Compute Service using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack do? +* Gather information about instances running in Alibaba Cloud Elastic Compute Service (ECS) +* Create, Start, Stop, Restart or Terminate an instance in ECS. +* Modify a ECS instance settings such as add or remove an instance to/from a Security Group. diff --git a/Packs/AnsibleAlibabaCloud/TestPlaybooks/Test-AlibabaCloud.yml b/Packs/AnsibleAlibabaCloud/TestPlaybooks/Test-AlibabaCloud.yml new file mode 100644 index 000000000000..86ae41f6d048 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/TestPlaybooks/Test-AlibabaCloud.yml @@ -0,0 +1,388 @@ +id: a60ae34e-7a00-4a06-81ca-2ca6ea1d58ba +version: -1 +vcShouldKeepItemLegacyProdMachine: false +name: Test-AlibabaCloud +fromversion: 6.0.0 +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 4d75f2de-9a4a-4c4c-8f14-34e5598c5d72 + type: start + task: + id: 4d75f2de-9a4a-4c4c-8f14-34e5598c5d72 + version: -1 + name: "" + iscommand: false + brand: "" + nexttasks: + '#none#': + - "1" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "1": + id: "1" + taskid: eb2c99d3-26c4-49b1-8253-2415e9f70b60 + type: regular + task: + id: eb2c99d3-26c4-49b1-8253-2415e9f70b60 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "8" + scriptarguments: + all: + simple: "yes" + index: {} + key: {} + keysToKeep: {} + subplaybook: {} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "2": + id: "2" + taskid: da986d0f-edf7-406a-82df-ad01156f59c9 + type: title + task: + id: da986d0f-edf7-406a-82df-ad01156f59c9 + version: -1 + name: ECS Instance + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "3" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "3": + id: "3" + taskid: 643d1613-3229-48d5-8b9a-32d83559b798 + type: regular + task: + id: 643d1613-3229-48d5-8b9a-32d83559b798 + version: -1 + name: ali-instance (present) + description: |- + Create, Start, Stop, Restart or Terminate an Instance in ECS. Add or Remove Instance to/from a Security Group. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ali_instance_module.html + script: '|||ali-instance' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "4" + scriptarguments: + allocate_public_ip: {} + auto_renew: {} + auto_renew_period: {} + availability_zone: {} + count: {} + count_tag: {} + description: {} + force: {} + host_name: + simple: testserver + image_id: + simple: ubuntu_20_04_x64_20G_alibase_20210420.vhd + instance_charge_type: {} + instance_ids: {} + instance_name: {} + instance_tags: {} + instance_type: + simple: ecs.n4.small + internet_charge_type: {} + key_name: {} + max_bandwidth_in: {} + max_bandwidth_out: {} + password: {} + period: {} + security_groups: + simple: sg-bp1fy1o431n7m0hta5tt + state: + simple: present + system_disk_category: {} + system_disk_description: {} + system_disk_name: {} + system_disk_size: {} + user_data: {} + vswitch_id: + simple: vsw-bp1aclhyjkdy98ujfzspt + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 690 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "4": + id: "4" + taskid: 7996e720-7e77-4f20-86e0-584f41afc9b2 + type: condition + task: + id: 7996e720-7e77-4f20-86e0-584f41afc9b2 + version: -1 + name: check ali-instance + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "5" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: AlibabaCloud.AliInstance.status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 50, + "y": 865 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "5": + id: "5" + taskid: 8ca6b1dd-4561-4bd3-8999-1136aacdc588 + type: regular + task: + id: 8ca6b1dd-4561-4bd3-8999-1136aacdc588 + version: -1 + name: ali-instance-info + description: |- + Gather information on instances of Alibaba Cloud ECS. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ali_instance_info_module.html + script: '|||ali-instance-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "6" + scriptarguments: + availability_zone: {} + instance_ids: {} + instance_names: + simple: xsoar_testserver + instance_tags: {} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 1040 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "6": + id: "6" + taskid: 93e05d74-3283-404b-8ac6-d9c9437bb003 + type: condition + task: + id: 93e05d74-3283-404b-8ac6-d9c9437bb003 + version: -1 + name: check ali-instance-info + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "7" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: AlibabaCloud.AliInstanceInfo.status + iscontext: true + right: + value: + simple: SUCCESS + - - operator: isNotEmpty + left: + value: + simple: AlibabaCloud.AliInstanceInfo.instances + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 1215 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "7": + id: "7" + taskid: 8c40b68a-e77a-4104-8761-76e09cc97472 + type: title + task: + id: 8c40b68a-e77a-4104-8761-76e09cc97472 + version: -1 + name: Done + type: title + iscommand: false + brand: "" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 1390 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "8": + id: "8" + taskid: 58206c38-a9ff-4a5b-820f-6dd382371921 + type: regular + task: + id: 58206c38-a9ff-4a5b-820f-6dd382371921 + version: -1 + name: ali-instance (absent) + description: |- + Create, Start, Stop, Restart or Terminate an Instance in ECS. Add or Remove Instance to/from a Security Group. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ali_instance_module.html + script: '|||ali-instance' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "2" + scriptarguments: + allocate_public_ip: {} + auto_renew: {} + auto_renew_period: {} + availability_zone: {} + count: {} + count_tag: {} + description: {} + force: + simple: "Yes" + host_name: {} + ignore-outputs: + simple: "true" + image_id: {} + instance_charge_type: {} + instance_ids: {} + instance_name: + simple: testserver + instance_tags: {} + instance_type: {} + internet_charge_type: {} + key_name: {} + max_bandwidth_in: {} + max_bandwidth_out: {} + password: {} + period: {} + security_groups: {} + state: + simple: absent + system_disk_category: {} + system_disk_description: {} + system_disk_name: {} + system_disk_size: {} + user_data: {} + vswitch_id: {} + continueonerror: true + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": { + "4_5_yes": 0.58 + }, + "paper": { + "dimensions": { + "height": 1405, + "width": 380, + "x": 50, + "y": 50 + } + } + } +inputs: [] +outputs: [] diff --git a/Packs/AnsibleAlibabaCloud/pack_metadata.json b/Packs/AnsibleAlibabaCloud/pack_metadata.json new file mode 100644 index 000000000000..1b7d1cf8ad49 --- /dev/null +++ b/Packs/AnsibleAlibabaCloud/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible Alibaba Cloud", + "description": "Manage and control Alibaba Cloud Compute services.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT"], + "useCases": ["IT Services", "Asset Management"], + "keywords": ["Aliyun", "Alicloud"] +} \ No newline at end of file diff --git a/Packs/AnsibleAzure/.pack-ignore b/Packs/AnsibleAzure/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleAzure/.secrets-ignore b/Packs/AnsibleAzure/.secrets-ignore new file mode 100644 index 000000000000..633bfbf4f16b --- /dev/null +++ b/Packs/AnsibleAzure/.secrets-ignore @@ -0,0 +1,4 @@ +https://test +1.1.1.4 +11:11:11:11:11:11:11:11 +11:11:11:11:11:11:11:12 diff --git a/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.py b/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.py new file mode 100644 index 000000000000..ae033fa1e6c9 --- /dev/null +++ b/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.py @@ -0,0 +1,231 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'local' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + creds_mapping = { + "identifier": "client_id", + "password": "secret" + } + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + result = generic_ansible('Azure', 'azure_rm_resource_info', args, int_params, host_type, creds_mapping) + + if result: + return_results('ok') + else: + return_results(result) + + elif command == 'azure-rm-autoscale': + return_results(generic_ansible('Azure', 'azure_rm_autoscale', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-autoscale-info': + return_results(generic_ansible('Azure', 'azure_rm_autoscale_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-availabilityset': + return_results(generic_ansible('Azure', 'azure_rm_availabilityset', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-availabilityset-info': + return_results(generic_ansible('Azure', 'azure_rm_availabilityset_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-deployment': + return_results(generic_ansible('Azure', 'azure_rm_deployment', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-deployment-info': + return_results(generic_ansible('Azure', 'azure_rm_deployment_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-functionapp': + return_results(generic_ansible('Azure', 'azure_rm_functionapp', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-functionapp-info': + return_results(generic_ansible('Azure', 'azure_rm_functionapp_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-gallery': + return_results(generic_ansible('Azure', 'azure_rm_gallery', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-gallery-info': + return_results(generic_ansible('Azure', 'azure_rm_gallery_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-galleryimage': + return_results(generic_ansible('Azure', 'azure_rm_galleryimage', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-galleryimage-info': + return_results(generic_ansible('Azure', 'azure_rm_galleryimage_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-galleryimageversion': + return_results(generic_ansible('Azure', 'azure_rm_galleryimageversion', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-galleryimageversion-info': + return_results(generic_ansible('Azure', 'azure_rm_galleryimageversion_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-image': + return_results(generic_ansible('Azure', 'azure_rm_image', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-image-info': + return_results(generic_ansible('Azure', 'azure_rm_image_info', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-loadbalancer': + return_results(generic_ansible('Azure', 'azure_rm_loadbalancer', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-loadbalancer-info': + return_results(generic_ansible('Azure', 'azure_rm_loadbalancer_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-manageddisk': + return_results(generic_ansible('Azure', 'azure_rm_manageddisk', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-manageddisk-info': + return_results(generic_ansible('Azure', 'azure_rm_manageddisk_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-resource-info': + return_results(generic_ansible('Azure', 'azure_rm_resource_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-resourcegroup': + return_results(generic_ansible('Azure', 'azure_rm_resourcegroup', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-resourcegroup-info': + return_results(generic_ansible('Azure', 'azure_rm_resourcegroup_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-snapshot': + return_results(generic_ansible('Azure', 'azure_rm_snapshot', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualmachine': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachine', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualmachine-info': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachine_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualmachineextension': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachineextension', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachineextension-info': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachineextension_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachineimage-info': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachineimage_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachinescaleset': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachinescaleset', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachinescaleset-info': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachinescaleset_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachinescalesetextension': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachinescalesetextension', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachinescalesetextension-info': + return_results(generic_ansible( + 'Azure', 'azure_rm_virtualmachinescalesetextension_info', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachinescalesetinstance': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachinescalesetinstance', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-virtualmachinescalesetinstance-info': + return_results(generic_ansible('Azure', 'azure_rm_virtualmachinescalesetinstance_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-webapp': + return_results(generic_ansible('Azure', 'azure_rm_webapp', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-webapp-info': + return_results(generic_ansible('Azure', 'azure_rm_webapp_info', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-webappslot': + return_results(generic_ansible('Azure', 'azure_rm_webappslot', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-azurefirewall': + return_results(generic_ansible('Azure', 'azure_rm_azurefirewall', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-azurefirewall-info': + return_results(generic_ansible('Azure', 'azure_rm_azurefirewall_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualnetwork': + return_results(generic_ansible('Azure', 'azure_rm_virtualnetwork', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualnetwork-info': + return_results(generic_ansible('Azure', 'azure_rm_virtualnetwork_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualnetworkgateway': + return_results(generic_ansible('Azure', 'azure_rm_virtualnetworkgateway', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualnetworkpeering': + return_results(generic_ansible('Azure', 'azure_rm_virtualnetworkpeering', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-virtualnetworkpeering-info': + return_results(generic_ansible('Azure', 'azure_rm_virtualnetworkpeering_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-subnet': + return_results(generic_ansible('Azure', 'azure_rm_subnet', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-subnet-info': + return_results(generic_ansible('Azure', 'azure_rm_subnet_info', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-trafficmanagerendpoint': + return_results(generic_ansible('Azure', 'azure_rm_trafficmanagerendpoint', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-trafficmanagerendpoint-info': + return_results(generic_ansible('Azure', 'azure_rm_trafficmanagerendpoint_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-trafficmanagerprofile': + return_results(generic_ansible('Azure', 'azure_rm_trafficmanagerprofile', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-trafficmanagerprofile-info': + return_results(generic_ansible('Azure', 'azure_rm_trafficmanagerprofile_info', + args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-networkinterface': + return_results(generic_ansible('Azure', 'azure_rm_networkinterface', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-networkinterface-info': + return_results(generic_ansible('Azure', 'azure_rm_networkinterface_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-publicipaddress': + return_results(generic_ansible('Azure', 'azure_rm_publicipaddress', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-publicipaddress-info': + return_results(generic_ansible('Azure', 'azure_rm_publicipaddress_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-route': + return_results(generic_ansible('Azure', 'azure_rm_route', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-routetable': + return_results(generic_ansible('Azure', 'azure_rm_routetable', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-routetable-info': + return_results(generic_ansible('Azure', 'azure_rm_routetable_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-securitygroup': + return_results(generic_ansible('Azure', 'azure_rm_securitygroup', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-securitygroup-info': + return_results(generic_ansible('Azure', 'azure_rm_securitygroup_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-dnsrecordset': + return_results(generic_ansible('Azure', 'azure_rm_dnsrecordset', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-dnsrecordset-info': + return_results(generic_ansible('Azure', 'azure_rm_dnsrecordset_info', args, int_params, host_type, + creds_mapping)) + elif command == 'azure-rm-dnszone': + return_results(generic_ansible('Azure', 'azure_rm_dnszone', args, int_params, host_type, creds_mapping)) + elif command == 'azure-rm-dnszone-info': + return_results(generic_ansible('Azure', 'azure_rm_dnszone_info', args, int_params, host_type, + creds_mapping)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.yml b/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.yml new file mode 100644 index 000000000000..8c416b79a178 --- /dev/null +++ b/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure.yml @@ -0,0 +1,3345 @@ +category: IT Services +commonfields: + id: AnsibleAzure + version: -1 +configuration: +- additionalinfo: Your Azure subscription Id. + display: Subscription ID + name: subscription_id + required: true + type: 0 +- additionalinfo: Azure client ID + display: Client ID + displaypassword: Access Secret + name: creds + required: true + type: 9 +- additionalinfo: Azure tenant ID + display: Tenant ID + name: tenant + required: true + type: 0 +- additionalinfo: For cloud environments other than the US public cloud, the environment + name (as defined by Azure Python SDK, eg, `AzureChinaCloud`, `AzureUSGovernment`), + or a metadata discovery endpoint URL (required for Azure Stack). + defaultvalue: AzureCloud + display: Azure Cloud Environment + name: cloud_environment + required: true + type: 0 +- additionalinfo: Controls the certificate validation behavior for Azure endpoints. + By default, all modules will validate the server certificate, but when an HTTPS + proxy is in use, or against Azure Stack, it may be necessary to disable this behavior + by passing `ignore`. + defaultvalue: validate + display: Certificate Validation Mode + name: cert_validation_mode + options: + - ignore + - validate + required: true + type: 15 +- additionalinfo: Selects an API profile to use when communicating with Azure services. + Default value of `latest` is appropriate for public clouds; future values will + allow use with Azure Stack. + defaultvalue: latest + display: API Profile + name: api_profile + required: true + type: 0 +description: Manage Azure resources +display: Ansible Azure +fromversion: 6.0.0 +name: AnsibleAzure +script: + commands: + - arguments: + - description: 'The identifier of the resource to apply autoscale setting. + It could be the resource id string. + It also could be a dict contains the `name`, `subscription_id`, `namespace`, + `types`, `resource_group` of the resource.' + name: target + - description: Resource group of the resource. + name: resource_group + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: Specifies whether automatic scaling is enabled for the resource. + name: enabled + predefined: + - 'Yes' + - 'No' + - description: 'The collection of automatic scaling profiles that specify different + scaling parameters for different time periods. + A maximum of 20 profiles can be specified.' + name: profiles + - description: The collection of notifications. + name: notifications + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the virtual network. Use `present` to create + or update and `absent` to delete. + name: state + predefined: + - present + - absent + - description: location of the resource. + name: location + - description: name of the resource. + name: name + required: true + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: "Use to control if tags field is canonical or just appends to existing + tags. When canonical, any tags not found in the tags parameter will be removed from + the object's metadata." + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure autoscale setting\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_autoscale_module.html" + name: azure-rm-autoscale + outputs: + - contextPath: Azure.AzureRmAutoscale.state + description: Current state of the resource. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the Auto Scale Setting. + name: name + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Auto Scale Setting facts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_autoscale_info_module.html" + name: azure-rm-autoscale-info + outputs: + - contextPath: Azure.AzureRmAutoscaleInfo.autoscales + description: List of Azure Scale Settings dicts. + type: unknown + - arguments: + - description: Name of a resource group where the availability set exists or will + be created. + name: resource_group + required: true + - description: Name of the availability set. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the availability set. + Use `present` to create or update an availability set and `absent` to delete + an availability set.' + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - defaultValue: '5' + description: Update domains indicate groups of virtual machines and underlying + physical hardware that can be rebooted at the same time. + name: platform_update_domain_count + - defaultValue: '3' + description: 'Fault domains define the group of virtual machines that share + a common power source and network switch. + Should be between `1` and `3`.' + name: platform_fault_domain_count + - auto: PREDEFINED + defaultValue: Classic + description: Define if the availability set supports managed disks. + name: sku + predefined: + - Classic + - Aligned + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: "Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object's metadata." + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Availability Set\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_availabilityset_module.html" + name: azure-rm-availabilityset + outputs: + - contextPath: Azure.AzureRmAvailabilityset.state + description: Current state of the availability set. + type: unknown + - contextPath: Azure.AzureRmAvailabilityset.changed + description: Whether or not the resource has changed + type: boolean + - arguments: + - description: Limit results to a specific availability set. + name: name + - description: The resource group to search for the desired availability set. + name: resource_group + - description: List of tags to be matched. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Availability Set facts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_availabilityset_info_module.html" + name: azure-rm-availabilityset-info + outputs: + - contextPath: Azure.AzureRmAvailabilitysetInfo.azure_availabilityset + description: List of availability sets dicts. + type: unknown + - arguments: + - description: The resource group name to use or create to host the deployed template. + name: resource_group + required: true + - defaultValue: ansible-arm + description: "The name of the deployment to be tracked in the resource group + deployment history. + Re-using a deployment name will overwrite the previous value in the resource + group's deployment history." + name: name + - defaultValue: westus + description: The geo-locations in which the resource group will be located. + name: location + - auto: PREDEFINED + defaultValue: incremental + description: 'In incremental mode, resources are deployed without deleting existing + resources that are not included in the template. + In complete mode resources are deployed and existing resources in the resource + group not included in the template are deleted.' + name: deployment_mode + predefined: + - complete + - incremental + - description: 'A hash containing the templates inline. This parameter is mutually + exclusive with `template_link`. + Either `template` or `template_link` is required if `state=present`.' + isArray: true + name: template + - description: 'Uri of file containing the template body. This parameter is mutually + exclusive with `template`. + Either `template` or `template_link` is required if `state=present`.' + name: template_link + - description: 'A hash of all the required template variables for the deployment + template. This parameter is mutually exclusive with `parameters_link`. + Either `parameters_link` or `parameters` is required if `state=present`.' + isArray: true + name: parameters + - description: 'Uri of file containing the parameters body. This parameter is + mutually exclusive with `parameters`. + Either `parameters_link` or `parameters` is required if `state=present`.' + name: parameters_link + - defaultValue: 'yes' + description: Whether or not to block until the deployment has completed. + name: wait_for_deployment_completion + - defaultValue: '10' + description: Time (in seconds) to wait between polls when waiting for deployment + completion. + name: wait_for_deployment_polling_period + - auto: PREDEFINED + defaultValue: present + description: 'If `state=present`, template will be created. + If `state=present` and deployment exists, it will be updated. + If `state=absent`, stack will be removed.' + name: state + predefined: + - present + - absent + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: "Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object's metadata." + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Create or destroy Azure Resource Manager template deployments\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_deployment_module.html" + name: azure-rm-deployment + outputs: + - contextPath: Azure.AzureRmDeployment.deployment + description: Deployment details. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the deployment. + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Deployment facts\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/azure_rm_deployment_info_module.html" + name: azure-rm-deployment-info + outputs: + - contextPath: Azure.AzureRmDeploymentInfo.deployments + description: A list of dictionaries containing facts for deployments. + type: unknown + - arguments: + - description: Name of resource group. + name: resource_group + required: true + - description: Name of the Azure Function App. + name: name + required: true + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - description: 'App service plan. + It can be name of existing app service plan in same resource group as function + app. + It can be resource id of existing app service plan. + Resource id. For example /subscriptions//resourceGroups//providers/Microsoft.Web/serverFarms/. + It can be a dict which contains `name`, `resource_group`. + `name`. Name of app service plan. + `resource_group`. Resource group name of app service plan.' + name: plan + - description: Web app container settings. + name: container_settings + - description: Name of the storage account to use. + name: storage_account + required: true + - description: Dictionary containing application settings. + name: app_settings + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the Function App. Use `present` to create or + update a Function App and `absent` to delete. + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: "Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object's metadata." + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Function Apps\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/azure_rm_functionapp_module.html" + name: azure-rm-functionapp + outputs: + - contextPath: Azure.AzureRmFunctionapp.state + description: Current state of the Azure Function App. + type: unknown + - arguments: + - description: Only show results for a specific Function App. + name: name + - description: Limit results to a resource group. Required when filtering by name. + name: resource_group + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Function App facts\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/azure_rm_functionapp_info_module.html" + name: azure-rm-functionapp-info + outputs: + - contextPath: Azure.AzureRmFunctionappInfo.azure_functionapps + description: List of Azure Function Apps dicts. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the Shared Image Gallery. Valid names consist of less + than 80 alphanumeric characters, underscores and periods. + name: name + required: true + - description: Resource location + name: location + - description: The description of this Shared Image Gallery resource. This property + is updatable. + name: description + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the Gallery. + Use `present` to create or update a Gallery and `absent` to delete it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: "Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object's metadata." + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Shared Image Gallery instance.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_gallery_module.html" + name: azure-rm-gallery + outputs: + - contextPath: Azure.AzureRmGallery.id + description: Resource Id + type: string + - arguments: + - description: The name of the resource group. + name: resource_group + - description: Resource name + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Shared Image Gallery info.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_gallery_info_module.html" + name: azure-rm-gallery-info + outputs: + - contextPath: Azure.AzureRmGalleryInfo.galleries + description: A list of dict results where the key is the name of the gallery + and the values are the info for that gallery. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the Shared Image Gallery in which the Image Definition + is to be created. + name: gallery_name + required: true + - description: The name of the gallery Image Definition to be created or updated. + The allowed characters are alphabets and numbers with dots, dashes, and periods + allowed in the middle. The maximum length is 80 characters. + name: name + required: true + - description: Resource location + name: location + - description: The description of this gallery Image Definition resource. This + property is updatable. + name: description + - description: The Eula agreement for the gallery Image Definition. + name: eula + - description: The privacy statement uri. + name: privacy_statement_uri + - description: The release note uri. + name: release_note_uri + - auto: PREDEFINED + description: This property allows you to specify the type of the OS that is + included in the disk when creating a VM from a managed image. + name: os_type + predefined: + - windows + - linux + required: true + - auto: PREDEFINED + description: The allowed values for OS State are 'Generalized'. + name: os_state + predefined: + - generalized + - specialized + required: true + - description: The end of life date of the gallery Image Definition. This property + can be used for decommissioning purposes. This property is updatable. Format + should be according to ISO-8601, for instance "2019-06-26". + name: end_of_life_date + - description: Image identifier. + isArray: true + name: identifier + required: true + - description: Recommended parameter values. + isArray: true + name: recommended + - description: Disallowed parameter values. + isArray: true + name: disallowed + - description: Purchase plan. + isArray: true + name: purchase_plan + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the GalleryImage. + Use `present` to create or update a GalleryImage and `absent` to delete it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: "Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object's metadata." + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure SIG Image instance.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimage_module.html" + name: azure-rm-galleryimage + outputs: + - contextPath: Azure.AzureRmGalleryimage.id + description: Resource Id + type: string + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the shared image gallery from which the image definitions + are to be retrieved. + name: gallery_name + required: true + - description: Resource name + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure SIG Image info.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimage_info_module.html" + name: azure-rm-galleryimage-info + outputs: + - contextPath: Azure.AzureRmGalleryimageInfo.images + description: A list of dict results where the key is the name of the image and + the values are the info for that image. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the Shared Image Gallery in which the Image Definition + resides. + name: gallery_name + required: true + - description: The name of the gallery Image Definition in which the Image Version + is to be created. + name: gallery_image_name + required: true + - description: 'The name of the gallery Image Version to be created. Needs to + follow semantic version name pattern: The allowed characters are digit and + period. Digits must be within the range of a 32-bit integer. Format: ..' + name: name + required: true + - description: Resource location + name: location + - description: Publishing profile. + isArray: true + name: publishing_profile + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the GalleryImageVersion. + Use `present` to create or update an GalleryImageVersion and `absent` to delete + it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure SIG Image Version instance.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimageversion_module.html" + name: azure-rm-galleryimageversion + outputs: + - contextPath: Azure.AzureRmGalleryimageversion.id + description: Resource Id + type: string + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the Shared Image Gallery in which the Image Definition + resides. + name: gallery_name + required: true + - description: The name of the gallery Image Definition in which the Image Version + resides. + name: gallery_image_name + required: true + - description: Resource name + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure SIG Image Version info.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimageversion_info_module.html" + name: azure-rm-galleryimageversion-info + outputs: + - contextPath: Azure.AzureRmGalleryimageversionInfo.versions + description: A list of dict results where the key is the name of the version + and the values are the info for that version. + type: unknown + - arguments: + - description: Name of resource group. + name: resource_group + required: true + - description: Name of the image. + name: name + required: true + - description: 'OS disk source from the same region. + It can be a virtual machine, OS disk blob URI, managed OS disk, or OS snapshot. + Each type of source except for blob URI can be given as resource id, name + or a dict contains `resource_group`, `name` and `type`. + If source type is blob URI, the source should be the full URI of the blob + in string type. + If you specify the `type` in a dict, acceptable value contains `disks`, `virtual_machines` + and `snapshots`.' + name: source + required: true + - description: List of data disk sources, including unmanaged blob URI, managed + disk id or name, or snapshot id or name. + isArray: true + name: data_disk_sources + - description: Location of the image. Derived from `resource_group` if not specified. + name: location + - auto: PREDEFINED + description: The OS type of image. + name: os_type + predefined: + - Windows + - Linux + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the image. Use `present` to create or update + a image and `absent` to delete an image. + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure image\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_image_module.html" + name: azure-rm-image + outputs: + - contextPath: Azure.AzureRmImage.id + description: Image resource path. + type: string + - arguments: + - description: Name of resource group. + name: resource_group + - description: Name of the image to filter from existing images. + name: name + - description: List of tags to be matched. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get facts about azure custom images\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_image_info_module.html" + name: azure-rm-image-info + outputs: + - contextPath: Azure.AzureRmImageInfo.images + description: List of image dicts. + type: unknown + - arguments: + - description: Name of a resource group where the load balancer exists or will + be created. + name: resource_group + required: true + - description: Name of the load balancer. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the load balancer. Use `present` to create/update + a load balancer, or `absent` to delete one. + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - auto: PREDEFINED + description: The load balancer SKU. + name: sku + predefined: + - Basic + - Standard + - description: List of frontend IPs to be used. + name: frontend_ip_configurations + - description: List of backend address pools. + name: backend_address_pools + - description: List of probe definitions used to check endpoint health. + name: probes + - description: 'Defines an external port range for inbound NAT to a single backend + port on NICs associated with a load balancer. + Inbound NAT rules are created automatically for each NIC associated with the + Load Balancer using an external port from this range. + Defining an Inbound NAT pool on your Load Balancer is mutually exclusive with + defining inbound Nat rules. + Inbound NAT pools are referenced from virtual machine scale sets. + NICs that are associated with individual virtual machines cannot reference + an inbound NAT pool. + They have to reference individual inbound NAT rules.' + name: inbound_nat_pools + - description: Object collection representing the load balancing rules Gets the + provisioning. + name: load_balancing_rules + - description: 'Collection of inbound NAT Rules used by a load balancer. + Defining inbound NAT rules on your load balancer is mutually exclusive with + defining an inbound NAT pool. + Inbound NAT pools are referenced from virtual machine scale sets. + NICs that are associated with individual virtual machines cannot reference + an Inbound NAT pool. + They have to reference individual inbound NAT rules.' + name: inbound_nat_rules + - description: '(deprecated) Name of an existing public IP address object to associate + with the security group. + This option has been deprecated, and will be removed in 2.9. Use `frontend_ip_configurations` + instead.' + name: public_ip_address_name + - description: '(deprecated) The port that the health probe will use. + This option has been deprecated, and will be removed in 2.9. Use `probes` + instead.' + name: probe_port + - auto: PREDEFINED + description: '(deprecated) The protocol to use for the health probe. + This option has been deprecated, and will be removed in 2.9. Use `probes` + instead.' + name: probe_protocol + predefined: + - Tcp + - Http + - Https + - defaultValue: '15' + description: '(deprecated) Time (in seconds) between endpoint health probes. + This option has been deprecated, and will be removed in 2.9. Use `probes` + instead.' + name: probe_interval + - defaultValue: '3' + description: '(deprecated) The amount of probe failures for the load balancer + to make a health determination. + This option has been deprecated, and will be removed in 2.9. Use `probes` + instead.' + name: probe_fail_count + - description: '(deprecated) The URL that an HTTP probe or HTTPS probe will use + (only relevant if `probe_protocol=Http` or `probe_protocol=Https`). + This option has been deprecated, and will be removed in 2.9. Use `probes` + instead.' + name: probe_request_path + - auto: PREDEFINED + description: '(deprecated) The protocol (TCP or UDP) that the load balancer + will use. + This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` + instead.' + name: protocol + predefined: + - Tcp + - Udp + - auto: PREDEFINED + description: '(deprecated) The type of load distribution that the load balancer + will employ. + This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` + instead.' + name: load_distribution + predefined: + - Default + - SourceIP + - SourceIPProtocol + - description: '(deprecated) Frontend port that will be exposed for the load balancer. + This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` + instead.' + name: frontend_port + - description: '(deprecated) Backend port that will be exposed for the load balancer. + This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` + instead.' + name: backend_port + - defaultValue: '4' + description: '(deprecated) Timeout for TCP idle connection in minutes. + This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` + instead.' + name: idle_timeout + - description: '(deprecated) Start of the port range for a NAT pool. + This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` + instead.' + name: natpool_frontend_port_start + - description: '(deprecated) End of the port range for a NAT pool. + This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` + instead.' + name: natpool_frontend_port_end + - description: '(deprecated) Backend port used by the NAT pool. + This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` + instead.' + name: natpool_backend_port + - description: '(deprecated) The protocol for the NAT pool. + This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` + instead.' + name: natpool_protocol + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure load balancers\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/azure_rm_loadbalancer_module.html" + name: azure-rm-loadbalancer + outputs: + - contextPath: Azure.AzureRmLoadbalancer.state + description: Current state of the load balancer. + type: unknown + - contextPath: Azure.AzureRmLoadbalancer.changed + description: Whether or not the resource has changed. + type: boolean + - arguments: + - description: Limit results to a specific resource group. + name: name + - description: The resource group to search for the desired load balancer. + name: resource_group + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get load balancer facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_loadbalancer_info_module.html" + name: azure-rm-loadbalancer-info + outputs: + - contextPath: Azure.AzureRmLoadbalancerInfo.azure_loadbalancers + description: List of load balancer dicts. + type: unknown + - arguments: + - description: Name of a resource group where the managed disk exists or will + be created. + name: resource_group + required: true + - description: Name of the managed disk. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the managed disk. Use `present` to create or + update a managed disk and `absent` to delete a managed disk. + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - auto: PREDEFINED + description: 'Type of storage for the managed disk. + If not specified, the disk is created as `Standard_LRS`. + `Standard_LRS` is for Standard HDD. + `StandardSSD_LRS` (added in 2.8) is for Standard SSD. + `Premium_LRS` is for Premium SSD. + `UltraSSD_LRS` (added in 2.8) is for Ultra SSD, which is in preview mode, + and only available on select instance types. + See `https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disks-types` + for more information about disk types.' + name: storage_account_type + predefined: + - Standard_LRS + - StandardSSD_LRS + - Premium_LRS + - UltraSSD_LRS + - auto: PREDEFINED + description: '`import` from a VHD file in `source_uri` and `copy` from previous + managed disk `source_uri`.' + name: create_option + predefined: + - empty + - import + - copy + - description: URI to a valid VHD file to be used or the resource ID of the managed + disk to copy. + name: source_uri + - auto: PREDEFINED + description: 'Type of Operating System. + Used when `create_option=copy` or `create_option=import` and the source is + an OS disk. + If omitted during creation, no value is set. + If omitted during an update, no change is made. + Once set, this value cannot be cleared.' + name: os_type + predefined: + - linux + - windows + - description: 'Size in GB of the managed disk to be created. + If `create_option=copy` then the value must be greater than or equal to the + source''s size.' + name: disk_size_gb + - description: 'Name of an existing virtual machine with which the disk is or + will be associated, this VM should be in the same resource group. + To detach a disk from a vm, explicitly set to ''''. + If this option is unset, the value will not be changed.' + name: managed_by + - auto: PREDEFINED + description: 'Disk caching policy controlled by VM. Will be used when attached + to the VM defined by `managed_by`. + If this option is different from the current caching policy, the managed disk + will be deattached and attached with current caching option again.' + name: attach_caching + predefined: + - '' + - read_only + - read_write + - description: 'Tags to assign to the managed disk. + + Format tags as ''key'' or ''key:value''.' + isArray: true + name: tags + - auto: PREDEFINED + description: 'The Azure managed disk''s zone. + Allowed values are `1`, `2`, `3` and `'' ''`.' + name: zone + predefined: + - '1' + - '2' + - '3' + - '' + - description: Your Azure subscription Id. + name: subscription_id + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Manage Disks\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_manageddisk_module.html" + name: azure-rm-manageddisk + outputs: + - contextPath: Azure.AzureRmManageddisk.id + description: The managed disk resource ID. + type: unknown + - contextPath: Azure.AzureRmManageddisk.state + description: Current state of the managed disk. + type: unknown + - contextPath: Azure.AzureRmManageddisk.changed + description: Whether or not the resource has changed. + type: boolean + - arguments: + - description: Limit results to a specific managed disk. + name: name + - description: Limit results to a specific resource group. + name: resource_group + - description: 'Limit results by providing a list of tags. + Format tags as ''key'' or ''key:value''.' + isArray: true + name: tags + - description: Your Azure subscription Id. + name: subscription_id + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Get managed disk facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_manageddisk_info_module.html" + name: azure-rm-manageddisk-info + outputs: + - contextPath: Azure.AzureRmManageddiskInfo.azure_managed_disk + description: List of managed disk dicts. + type: unknown + - arguments: + - description: Azure RM Resource URL. + name: url + - description: Specific API version to be used. + name: api_version + - description: Provider type, should be specified in no URL is given. + name: provider + - description: 'Resource group to be used. + Required if URL is not specified.' + name: resource_group + - description: Resource type. + name: resource_type + - description: Resource name. + name: resource_name + - description: List of subresources. + name: subresource + - description: Your Azure subscription Id. + name: subscription_id + description: "Generic facts of Azure resources\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_resource_info_module.html" + name: azure-rm-resource-info + outputs: + - contextPath: Azure.AzureRmResourceInfo.response + description: Response specific to resource type. + type: unknown + - arguments: + - defaultValue: 'no' + description: 'Remove a resource group and all associated resources. + Use with `state=absent` to delete a resource group that contains resources.' + name: force_delete_nonempty + - description: 'Azure location for the resource group. Required when creating + a new resource group. + Cannot be changed once resource group is created.' + name: location + - description: Name of the resource group. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the resource group. Use `present` to create + or update and `absent` to delete. + When `absent` a resource group containing resources will not be removed unless + the `force` option is used.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure resource groups\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/azure_rm_resourcegroup_module.html" + name: azure-rm-resourcegroup + outputs: + - contextPath: Azure.AzureRmResourcegroup.contains_resources + description: Whether or not the resource group contains associated resources. + type: boolean + - contextPath: Azure.AzureRmResourcegroup.state + description: Current state of the resource group. + type: unknown + - arguments: + - description: Limit results to a specific resource group. + name: name + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: 'List all resources under the resource group. + Note this will cost network overhead for each resource group. Suggest use + this when `name` set.' + name: list_resources + - description: Your Azure subscription Id. + name: subscription_id + description: "Get resource group facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_resourcegroup_info_module.html" + name: azure-rm-resourcegroup-info + outputs: + - contextPath: Azure.AzureRmResourcegroupInfo.azure_resourcegroups + description: List of resource group dicts. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: Resource name + name: name + - description: Resource location + name: location + - description: SKU + isArray: true + name: sku + - auto: PREDEFINED + description: The Operating System type. + name: os_type + predefined: + - Linux + - Windows + - description: Disk source information. CreationData information cannot be changed + after the disk has been created. + isArray: true + name: creation_data + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the Snapshot. + Use `present` to create or update an Snapshot and `absent` to delete it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Snapshot instance.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_snapshot_module.html" + name: azure-rm-snapshot + outputs: + - contextPath: Azure.AzureRmSnapshot.id + description: Resource Id + type: string + - arguments: + - description: Name of the resource group containing the VM. + name: resource_group + required: true + - description: Name of the VM. + name: name + required: true + - description: 'Data made available to the VM and used by `cloud-init`. + Only used on Linux images with `cloud-init` enabled. + Consult `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/using-cloud-init#cloud-init-overview` + for cloud-init ready images. + To enable cloud-init on a Linux image, follow `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/cloudinit-prepare-custom-image`.' + name: custom_data + - auto: PREDEFINED + defaultValue: present + description: 'State of the VM. + Set to `present` to create a VM with the configuration specified by other + options, or to update the configuration of an existing VM. + Set to `absent` to remove a VM. + Does not affect power state. Use `started`/`allocated`/`restarted` parameters + to change the power state of a VM.' + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether the VM is started or stopped. + Set to (true) with `state=present` to start the VM. + Set to `false` to stop the VM.' + name: started + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether the VM is allocated or deallocated, only useful with `state=present`. + name: allocated + predefined: + - 'Yes' + - 'No' + - description: 'Whether the VM is generalized or not. + Set to `true` with `state=present` to generalize the VM. + Generalizing a VM is irreversible.' + name: generalized + - description: Set to `true` with `state=present` to restart a running VM. + name: restarted + - description: Valid Azure location for the VM. Defaults to location of the resource + group. + name: location + - description: 'Name assigned internally to the host. On a Linux VM this is the + name returned by the `hostname` command. + When creating a VM, short_hostname defaults to `name`.' + name: short_hostname + - description: 'A valid Azure VM size value. For example, `Standard_D4`. + Choices vary depending on the subscription and location. Check your subscription + for available choices. + Required when creating a VM.' + name: vm_size + - description: 'Admin username used to access the VM after it is created. + Required when creating a VM.' + name: admin_username + - description: 'Password for the admin username. + Not required if the `os_type=Linux` and SSH password authentication is disabled + by setting `ssh_password_enabled=false`.' + name: admin_password + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether to enable or disable SSH passwords. + When `os_type=Linux`, set to `false` to disable SSH password authentication + and require use of SSH keys.' + name: ssh_password_enabled + predefined: + - 'Yes' + - 'No' + - description: 'For `os_type=Linux` provide a list of SSH keys. + Accepts a list of dicts where each dictionary contains two keys, `path` and + `key_data`. + Set `path` to the default location of the authorized_keys files. For example, + `path=/home//.ssh/authorized_keys`. + Set `key_data` to the actual value of the public key.' + name: ssh_public_keys + - description: 'The image used to build the VM. + For custom images, the name of the image. To narrow the search to a specific + resource group, a dict with the keys `name` and `resource_group`. + For Marketplace images, a dict with the keys `publisher`, `offer`, `sku`, + and `version`. + Set `version=latest` to get the most recent version of a given image.' + name: image + required: true + - description: Name or ID of an existing availability set to add the VM to. The + `availability_set` should be in the same resource group as VM. + name: availability_set + - description: 'Name of a storage account that supports creation of VHD blobs. + If not specified for a new VM, a new storage account named 01 will + be created using storage type `Standard_LRS`.' + name: storage_account_name + - defaultValue: vhds + description: 'Name of the container to use within the storage account to store + VHD blobs. + If not specified, a default container will be created.' + name: storage_container_name + - description: 'Name of the storage blob used to hold the OS disk image of the + VM. + Must end with ''.vhd''. + If not specified, defaults to the VM name + ''.vhd''.' + name: storage_blob_name + - auto: PREDEFINED + description: 'Managed OS disk type. + Create OS disk with managed disk if defined. + If not defined, the OS disk will be created with virtual hard disk (VHD).' + name: managed_disk_type + predefined: + - Standard_LRS + - StandardSSD_LRS + - Premium_LRS + - description: OS disk name. + name: os_disk_name + - auto: PREDEFINED + defaultValue: ReadOnly + description: Type of OS disk caching. + name: os_disk_caching + predefined: + - ReadOnly + - ReadWrite + - description: Type of OS disk size in GB. + name: os_disk_size_gb + - auto: PREDEFINED + defaultValue: Linux + description: Base type of operating system. + name: os_type + predefined: + - Windows + - Linux + - description: 'Describes list of data disks. + Use `azure_rm_mangeddisk` to manage the specific disk.' + name: data_disks + - auto: PREDEFINED + defaultValue: Static + description: 'Allocation method for the public IP of the VM. + Used only if a network interface is not specified. + When set to `Dynamic`, the public IP address may change any time the VM is + rebooted or power cycled. + The `Disabled` choice was added in Ansible 2.6.' + name: public_ip_allocation_method + predefined: + - Dynamic + - Static + - Disabled + - description: 'List of ports to open in the security group for the VM, when a + security group and network interface are created with a VM. + For Linux hosts, defaults to allowing inbound TCP connections to port 22. + For Windows hosts, defaults to opening ports 3389 and 5986.' + name: open_ports + - description: 'Network interface names to add to the VM. + Can be a string of name or resource ID of the network interface. + Can be a dict containing `resource_group` and `name` of the network interface. + If a network interface name is not provided when the VM is created, a default + network interface will be created. + To create a new network interface, at least one Virtual Network with one Subnet + must exist.' + isArray: true + name: network_interface_names + - description: The resource group to use when creating a VM with another resource + group's virtual network. + name: virtual_network_resource_group + - description: 'The virtual network to use when creating a VM. + If not specified, a new network interface will be created and assigned to + the first virtual network found in the resource group. + Use with `virtual_network_resource_group` to place the virtual network in + another resource group.' + name: virtual_network_name + - description: 'Subnet for the VM. + Defaults to the first subnet found in the virtual network or the subnet of + the `network_interface_name`, if provided. + If the subnet is in another resource group, specify the resource group with + `virtual_network_resource_group`.' + name: subnet_name + - defaultValue: '[''all'']' + description: 'Associated resources to remove when removing a VM using `state=absent`. + To remove all resources related to the VM being removed, including auto-created + resources, set to `all`. + To remove only resources that were automatically created while provisioning + the VM being removed, set to `all_autocreated`. + To remove only specific resources, set to `network_interfaces`, `virtual_storage` + or `public_ips`. + Any other input will be ignored.' + isArray: true + name: remove_on_absent + - description: Third-party billing plan for the VM. + isArray: true + name: plan + - auto: PREDEFINED + defaultValue: 'No' + description: 'Accept terms for Marketplace images that require it. + Only Azure service admin/account admin users can purchase images from the + Marketplace. + Only valid when a `plan` is specified.' + name: accept_terms + predefined: + - 'Yes' + - 'No' + - description: A list of Availability Zones for your VM. + isArray: true + name: zones + - auto: PREDEFINED + description: 'On-premise license for the image or disk. + Only used for images that contain the Windows Server operating system. + To remove all license type settings, set to the string `None`.' + name: license_type + predefined: + - Windows_Server + - Windows_Client + - auto: PREDEFINED + description: Identity for the VM. + name: vm_identity + predefined: + - SystemAssigned + - description: List of Windows Remote Management configurations of the VM. + name: winrm + - description: 'Manage boot diagnostics settings for a VM. + Boot diagnostics includes a serial console and remote console screenshots.' + name: boot_diagnostics + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure virtual machines\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachine_module.html" + name: azure-rm-virtualmachine + outputs: + - contextPath: Azure.AzureRmVirtualmachine.powerstate + description: Indicates if the state is `running`, `stopped`, `deallocated`, + `generalized`. + type: string + - contextPath: Azure.AzureRmVirtualmachine.deleted_vhd_uris + description: List of deleted Virtual Hard Disk URIs. + type: unknown + - contextPath: Azure.AzureRmVirtualmachine.deleted_network_interfaces + description: List of deleted NICs. + type: unknown + - contextPath: Azure.AzureRmVirtualmachine.deleted_public_ips + description: List of deleted public IP address names. + type: unknown + - contextPath: Azure.AzureRmVirtualmachine.azure_vm + description: Facts about the current state of the object. Note that facts are + not part of the registered output but available directly. + type: unknown + - arguments: + - description: Name of the resource group containing the virtual machines (required + when filtering by vm name). + name: resource_group + - description: Name of the virtual machine. + name: name + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get virtual machine facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachine_info_module.html" + name: azure-rm-virtualmachine-info + outputs: + - contextPath: Azure.AzureRmVirtualmachineInfo.vms + description: List of virtual machines. + type: unknown + - arguments: + - description: Name of a resource group where the vm extension exists or will + be created. + name: resource_group + required: true + - description: Name of the vm extension. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the vm extension. Use `present` to create or update a + vm extension and `absent` to delete a vm extension. + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - description: The name of the virtual machine where the extension should be create + or updated. + name: virtual_machine_name + - description: The name of the extension handler publisher. + name: publisher + - description: The type of the extension handler. + name: virtual_machine_extension_type + - description: The type version of the extension handler. + name: type_handler_version + - description: Json formatted public settings for the extension. + name: settings + - description: Json formatted protected settings for the extension. + name: protected_settings + - description: Whether the extension handler should be automatically upgraded + across minor versions. + name: auto_upgrade_minor_version + - description: Your Azure subscription Id. + name: subscription_id + description: "Managed Azure Virtual Machine extension\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachineextension_module.html" + name: azure-rm-virtualmachineextension + outputs: + - contextPath: Azure.AzureRmVirtualmachineextension.state + description: Current state of the vm extension. + type: unknown + - contextPath: Azure.AzureRmVirtualmachineextension.changed + description: Whether or not the resource has changed. + type: boolean + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the virtual machine containing the extension. + name: virtual_machine_name + required: true + - description: The name of the virtual machine extension. + name: name + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Virtual Machine Extension facts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachineextension_info_module.html" + name: azure-rm-virtualmachineextension-info + outputs: + - contextPath: Azure.AzureRmVirtualmachineextensionInfo.extensions + description: A list of dictionaries containing facts for Virtual Machine Extension. + type: unknown + - arguments: + - description: 'Azure location value, for example `westus`, `eastus`, `eastus2`, + `northcentralus`, etc. + Supplying only a location value will yield a list of available publishers + for the location.' + name: location + required: true + - description: Name of an image publisher. List image offerings associated with + a particular publisher. + name: publisher + - description: Name of an image offering. Combine with SKU to see a list of available + image versions. + name: offer + - description: Image offering SKU. Combine with offer to see a list of available + versions. + name: sku + - description: Specific version number of an image. + name: version + - description: Your Azure subscription Id. + name: subscription_id + description: "Get virtual machine image facts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachineimage_info_module.html" + name: azure-rm-virtualmachineimage-info + outputs: + - contextPath: Azure.AzureRmVirtualmachineimageInfo.azure_vmimages + description: List of image dicts. + type: unknown + - arguments: + - description: Name of the resource group containing the virtual machine scale + set. + name: resource_group + required: true + - description: Name of the virtual machine. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the virtual machine scale set. + State `present` will check that the machine exists with the requested configuration. + If the configuration of the existing machine does not match, the machine will + be updated. + State `absent` will remove the virtual machine scale set.' + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - description: Short host name. + name: short_hostname + - description: 'A valid Azure VM size value. For example, `Standard_D4`. + The list of choices varies depending on the subscription and location. Check + your subscription for available choices.' + name: vm_size + - defaultValue: '1' + description: Capacity of VMSS. + name: capacity + - auto: PREDEFINED + description: SKU Tier. + name: tier + predefined: + - Basic + - Standard + - auto: PREDEFINED + description: 'Upgrade policy. + Required when creating the Azure virtual machine scale sets.' + name: upgrade_policy + predefined: + - Manual + - Automatic + - description: Admin username used to access the host after it is created. Required + when creating a VM. + name: admin_username + - description: 'Password for the admin username. + Not required if the os_type is Linux and SSH password authentication is disabled + by setting `ssh_password_enabled=false`.' + name: admin_password + - auto: PREDEFINED + defaultValue: 'Yes' + description: When the os_type is Linux, setting `ssh_password_enabled=false` + will disable SSH password authentication and require use of SSH keys. + name: ssh_password_enabled + predefined: + - 'Yes' + - 'No' + - description: 'For `os_type=Linux` provide a list of SSH keys. + Each item in the list should be a dictionary where the dictionary contains + two keys, `path` and `key_data`. + Set the `path` to the default location of the authorized_keys files. + On an Enterprise Linux host, for example, the `path=/home//.ssh/authorized_keys`. + Set `key_data` to the actual value of the public key.' + name: ssh_public_keys + - description: 'Specifies the image used to build the VM. + If a string, the image is sourced from a custom image based on the name. + If a dict with the keys `publisher`, `offer`, `sku`, and `version`, the image + is sourced from a Marketplace image. Note that set `version=latest` to get + the most recent version of a given image. + If a dict with the keys `name` and `resource_group`, the image is sourced + from a custom image based on the `name` and `resource_group` set. Note that + the key `resource_group` is optional and if omitted, all images in the subscription + will be searched for by `name`. + Custom image support was added in Ansible 2.5.' + name: image + required: true + - auto: PREDEFINED + defaultValue: ReadOnly + description: Type of OS disk caching. + name: os_disk_caching + predefined: + - ReadOnly + - ReadWrite + - auto: PREDEFINED + defaultValue: Linux + description: Base type of operating system. + name: os_type + predefined: + - Windows + - Linux + - auto: PREDEFINED + description: Managed disk type. + name: managed_disk_type + predefined: + - Standard_LRS + - Premium_LRS + - description: Describes list of data disks. + name: data_disks + - description: 'When creating a virtual machine, if a specific virtual network + from another resource group should be used. + Use this parameter to specify the resource group to use.' + name: virtual_network_resource_group + - description: Virtual Network name. + name: virtual_network_name + - description: Subnet name. + name: subnet_name + - description: Load balancer name. + name: load_balancer + - description: Application gateway name. + name: application_gateway + - defaultValue: '[''all'']' + description: 'When removing a VM using `state=absent`, also remove associated + resources. + It can be `all` or a list with any of the following [''network_interfaces'', + ''virtual_storage'', ''public_ips'']. + Any other input will be ignored.' + name: remove_on_absent + - description: Indicates whether user wants to allow accelerated networking for + virtual machines in scaleset being created. + name: enable_accelerated_networking + - description: 'Existing security group with which to associate the subnet. + It can be the security group name which is in the same resource group. + It can be the resource ID. + It can be a dict which contains `name` and `resource_group` of the security + group.' + name: security_group + - auto: PREDEFINED + defaultValue: 'Yes' + description: Specifies whether the Virtual Machine Scale Set should be overprovisioned. + name: overprovision + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: When true this limits the scale set to a single placement group, + of max size 100 virtual machines. + name: single_placement_group + predefined: + - 'Yes' + - 'No' + - description: A list of Availability Zones for your virtual machine scale set. + isArray: true + name: zones + - description: 'Data which is made available to the virtual machine and used by + e.g., `cloud-init`. + Many images in the marketplace are not cloud-init ready. Thus, data sent to + `custom_data` would be ignored. + If the image you are attempting to use is not listed in `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/using-cloud-init#cloud-init-overview`, + follow these steps `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/cloudinit-prepare-custom-image`.' + name: custom_data + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure virtual machine scale sets\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescaleset_module.html" + name: azure-rm-virtualmachinescaleset + outputs: + - contextPath: Azure.AzureRmVirtualmachinescaleset.azure_vmss + description: 'Facts about the current state of the object. + Note that facts are not part of the registered output but available directly.' + type: unknown + - arguments: + - description: Limit results to a specific virtual machine scale set. + name: name + - description: The resource group to search for the desired virtual machine scale + set. + name: resource_group + - description: List of tags to be matched. + name: tags + - auto: PREDEFINED + defaultValue: raw + description: 'Format of the data returned. + If `raw` is selected information will be returned in raw format from Azure + Python SDK. + If `curated` is selected the structure will be identical to input parameters + of `azure_rm_virtualmachinescaleset` module. + In Ansible 2.5 and lower facts are always returned in raw format. + Please note that this option will be deprecated in 2.10 when curated format + will become the only supported format.' + name: format + predefined: + - curated + - raw + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Virtual Machine Scale Set facts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescaleset_info_module.html" + name: azure-rm-virtualmachinescaleset-info + outputs: + - contextPath: Azure.AzureRmVirtualmachinescalesetInfo.vmss + description: List of virtual machine scale sets. + type: unknown + - arguments: + - description: Name of a resource group where the VMSS extension exists or will + be created. + name: resource_group + required: true + - description: The name of the virtual machine where the extension should be create + or updated. + name: vmss_name + required: true + - description: Name of the VMSS extension. + name: name + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - description: The name of the extension handler publisher. + name: publisher + - description: The type of the extension handler. + name: type + - description: The type version of the extension handler. + name: type_handler_version + - description: 'A dictionary containing extension settings. + Settings depend on extension type. + Refer to `https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/overview` + for more information.' + name: settings + - description: 'A dictionary containing protected extension settings. + Settings depend on extension type. + Refer to `https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/overview` + for more information.' + name: protected_settings + - description: Whether the extension handler should be automatically upgraded + across minor versions. + name: auto_upgrade_minor_version + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the extension. + Use `present` to create or update an extension and `absent` to delete it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + description: "Manage Azure Virtual Machine Scale Set (VMSS) extensions\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetextension_module.html" + name: azure-rm-virtualmachinescalesetextension + outputs: + - contextPath: Azure.AzureRmVirtualmachinescalesetextension.id + description: VMSS extension resource ID. + type: string + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of VMSS containing the extension. + name: vmss_name + required: true + - description: The name of the virtual machine extension. + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Virtual Machine Scale Set Extension facts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetextension_info_module.html" + name: azure-rm-virtualmachinescalesetextension-info + outputs: + - contextPath: Azure.AzureRmVirtualmachinescalesetextensionInfo.extensions + description: A list of dictionaries containing facts for Virtual Machine Extension. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the VM scale set. + name: vmss_name + required: true + - description: The instance ID of the virtual machine. + name: instance_id + required: true + - description: Set to `yes` to upgrade to the latest model. + name: latest_model + - auto: PREDEFINED + description: Use this option to change power state of the instance. + name: power_state + predefined: + - running + - stopped + - deallocated + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the VMSS instance. Use `present` to update an instance + and `absent` to delete an instance. + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Virtual Machine Scale Set Instance facts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetinstance_module.html" + name: azure-rm-virtualmachinescalesetinstance + outputs: + - contextPath: Azure.AzureRmVirtualmachinescalesetinstance.instances + description: A list of instances. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the VM scale set. + name: vmss_name + required: true + - description: The instance ID of the virtual machine. + name: instance_id + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Virtual Machine Scale Set Instance facts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetinstance_info_module.html" + name: azure-rm-virtualmachinescalesetinstance-info + outputs: + - contextPath: Azure.AzureRmVirtualmachinescalesetinstanceInfo.instances + description: A list of dictionaries containing facts for Virtual Machine Scale + Set VM. + type: unknown + - arguments: + - description: Name of the resource group to which the resource belongs. + name: resource_group + required: true + - description: Unique name of the app to create or update. To create or update + a deployment slot, use the {slot} parameter. + name: name + required: true + - description: Resource location. If not set, location from the resource group + will be used as default. + name: location + - description: 'App service plan. Required for creation. + Can be name of existing app service plan in same resource group as web app. + Can be the resource ID of an existing app service plan. For example /subscriptions//resourceGroups//providers/Microsoft.Web/serverFarms/. + Can be a dict containing five parameters, defined below. + `name`, name of app service plan. + `resource_group`, resource group of the app service plan. + `sku`, SKU of app service plan, allowed values listed on `https://azure.microsoft.com/en-us/pricing/details/app-service/linux/`. + `is_linux`, whether or not the app service plan is Linux. defaults to `False`. + `number_of_workers`, number of workers for app service plan.' + name: plan + - description: 'Set of run time framework settings. Each setting is a dictionary. + See `https://docs.microsoft.com/en-us/azure/app-service/app-service-web-overview` + for more info.' + name: frameworks + - description: Web app container settings. + name: container_settings + - description: 'Repository type of deployment source, for example `LocalGit`, + `GitHub`. + List of supported values maintained at `https://docs.microsoft.com/en-us/rest/api/appservice/webapps/createorupdate#scmtype`.' + name: scm_type + - description: Deployment source for git. + name: deployment_source + - description: 'The web''s startup file. + Used only for Linux web apps.' + name: startup_file + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether or not to send session affinity cookies, which route client + requests in the same session to the same instance. + name: client_affinity_enabled + predefined: + - 'Yes' + - 'No' + - description: Configures web site to accept only https requests. + name: https_only + - description: Whether or not the web app hostname is registered with DNS on creation. + Set to `false` to register. + name: dns_registration + - description: Whether or not to skip verification of custom (non *.azurewebsites.net) + domains associated with web app. Set to `true` to skip. + name: skip_custom_domain_verification + - description: Time to live in seconds for web app default domain name. + name: ttl_in_seconds + - description: Configure web app application settings. Suboptions are in key value + pair format. + name: app_settings + - description: Purge any existing application settings. Replace web app application + settings with app_settings. + name: purge_app_settings + - auto: PREDEFINED + defaultValue: started + description: Start/Stop/Restart the web app. + name: app_state + predefined: + - started + - stopped + - restarted + - auto: PREDEFINED + defaultValue: present + description: 'State of the Web App. + Use `present` to create or update a Web App and `absent` to delete it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Web App instances\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_webapp_module.html" + name: azure-rm-webapp + outputs: + - contextPath: Azure.AzureRmWebapp.azure_webapp + description: ID of current web app. + type: string + - arguments: + - description: Only show results for a specific web app. + name: name + - description: Limit results by resource group. + name: resource_group + - auto: PREDEFINED + defaultValue: 'No' + description: Indicate whether to return publishing profile of the web app. + name: return_publish_profile + predefined: + - 'Yes' + - 'No' + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure web app facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_webapp_info_module.html" + name: azure-rm-webapp-info + outputs: + - contextPath: Azure.AzureRmWebappInfo.webapps + description: List of web apps. + type: unknown + - arguments: + - description: Name of the resource group to which the resource belongs. + name: resource_group + required: true + - description: Unique name of the deployment slot to create or update. + name: name + required: true + - description: Web app name which this deployment slot belongs to. + name: webapp_name + required: true + - description: Resource location. If not set, location from the resource group + will be used as default. + name: location + - description: Source slot to clone configurations from when creating slot. Use + webapp's name to refer to the production slot. + name: configuration_source + - description: 'Used to configure target slot name to auto swap, or disable auto + swap. + Set it target slot name to auto swap. + Set it to False to disable auto slot swap.' + name: auto_swap_slot_name + - description: Swap deployment slots of a web app. + name: swap + - description: 'Set of run time framework settings. Each setting is a dictionary. + See `https://docs.microsoft.com/en-us/azure/app-service/app-service-web-overview` + for more info.' + name: frameworks + - description: Web app slot container settings. + name: container_settings + - description: 'The slot startup file. + This only applies for Linux web app slot.' + name: startup_file + - description: Configure web app slot application settings. Suboptions are in + key value pair format. + name: app_settings + - description: Purge any existing application settings. Replace slot application + settings with app_settings. + name: purge_app_settings + - description: Deployment source for git. + name: deployment_source + - auto: PREDEFINED + defaultValue: started + description: Start/Stop/Restart the slot. + name: app_state + predefined: + - started + - stopped + - restarted + - auto: PREDEFINED + defaultValue: present + description: 'State of the Web App deployment slot. + Use `present` to create or update a slot and `absent` to delete it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Web App slot\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_webappslot_module.html" + name: azure-rm-webappslot + outputs: + - contextPath: Azure.AzureRmWebappslot.id + description: ID of current slot. + type: string + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the Azure Firewall. + name: name + required: true + - description: Resource location. + name: location + - description: Collection of application rule collections used by Azure Firewall. + isArray: true + name: application_rule_collections + - description: Collection of NAT rule collections used by Azure Firewall. + isArray: true + name: nat_rule_collections + - description: Collection of network rule collections used by Azure Firewall. + isArray: true + name: network_rule_collections + - description: IP configuration of the Azure Firewall resource. + isArray: true + name: ip_configurations + - auto: PREDEFINED + defaultValue: present + description: 'Assert the state of the AzureFirewall. + Use `present` to create or update an AzureFirewall and `absent` to delete + it.' + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Firewall instance.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_azurefirewall_module.html" + name: azure-rm-azurefirewall + outputs: + - contextPath: Azure.AzureRmAzurefirewall.id + description: Resource ID. + type: string + - arguments: + - description: The name of the resource group. + name: resource_group + - description: Resource name. + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get AzureFirewall info.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_azurefirewall_info_module.html" + name: azure-rm-azurefirewall-info + outputs: + - contextPath: Azure.AzureRmAzurefirewallInfo.firewalls + description: A list of dict results where the key is the name of the AzureFirewall + and the values are the facts for that AzureFirewall. + type: unknown + - arguments: + - description: Name of resource group. + name: resource_group + required: true + - description: 'List of IPv4 address ranges where each is formatted using CIDR + notation. + Required when creating a new virtual network or using `purge_address_prefixes`.' + name: address_prefixes_cidr + - description: 'Custom list of DNS servers. Maximum length of two. + The first server in the list will be treated as the Primary server. This is + an explicit list. + Existing DNS servers will be replaced with the specified list. + Use the `purge_dns_servers` option to remove all custom DNS servers and revert + to default Azure servers.' + name: dns_servers + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - description: Name of the virtual network. + name: name + required: true + - defaultValue: 'no' + description: Use with `state=present` to remove any existing `address_prefixes`. + name: purge_address_prefixes + - description: Use with `state=present` to remove existing DNS servers, reverting + to default Azure servers. Mutually exclusive with DNS servers. + name: purge_dns_servers + - auto: PREDEFINED + defaultValue: present + description: State of the virtual network. Use `present` to create or update + and `absent` to delete. + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure virtual networks\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetwork_module.html" + name: azure-rm-virtualnetwork + outputs: + - contextPath: Azure.AzureRmVirtualnetwork.state + description: Current state of the virtual network. + type: unknown + - arguments: + - description: Only show results for a specific security group. + name: name + - description: Limit results by resource group. Required when filtering by name. + name: resource_group + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get virtual network facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetwork_info_module.html" + name: azure-rm-virtualnetwork-info + outputs: + - contextPath: Azure.AzureRmVirtualnetworkInfo.azure_virtualnetworks + description: List of virtual network dicts. + type: unknown + - contextPath: Azure.AzureRmVirtualnetworkInfo.virtualnetworks + description: List of virtual network dicts with same format as `azure_rm_virtualnetwork` + module parameters. + type: unknown + - arguments: + - description: Name of a resource group where VPN Gateway exists or will be created. + name: resource_group + required: true + - description: Name of VPN Gateway. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the VPN Gateway. Use `present` to create or update VPN + gateway and `absent` to delete VPN gateway. + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - description: 'An existing virtual network with which the VPN Gateway will be + associated. + Required when creating a VPN Gateway. + Can be the name of the virtual network. + Must be in the same resource group as VPN gateway when specified by name. + Can be the resource ID of the virtual network. + Can be a dict which contains `name` and `resource_group` of the virtual network.' + name: virtual_network + required: true + - description: List of IP configurations. + name: ip_configurations + - auto: PREDEFINED + defaultValue: vpn + description: The type of this virtual network gateway. + name: gateway_type + predefined: + - vpn + - express_route + - auto: PREDEFINED + defaultValue: route_based + description: The type of this virtual private network. + name: vpn_type + predefined: + - route_based + - policy_based + - auto: PREDEFINED + defaultValue: 'No' + description: Whether BGP is enabled for this virtual network gateway or not. + name: enable_bgp + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: VpnGw1 + description: The reference of the VirtualNetworkGatewaySku resource which represents + the SKU selected for Virtual network gateway. + name: sku + predefined: + - VpnGw1 + - VpnGw2 + - VpnGw3 + - description: Virtual network gateway's BGP speaker settings. + name: bgp_settings + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure virtual network gateways\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetworkgateway_module.html" + name: azure-rm-virtualnetworkgateway + outputs: + - contextPath: Azure.AzureRmVirtualnetworkgateway.id + description: Virtual Network Gateway resource ID. + type: string + - arguments: + - description: Name of a resource group where the vnet exists. + name: resource_group + required: true + - description: Name of the virtual network peering. + name: name + required: true + - description: Name or resource ID of the virtual network to be peered. + name: virtual_network + required: true + - description: 'Remote virtual network to be peered. + It can be name of remote virtual network in same resource group. + It can be remote virtual network resource ID. + It can be a dict which contains `name` and `resource_group` of remote virtual + network. + Required when creating.' + name: remote_virtual_network + - auto: PREDEFINED + defaultValue: 'No' + description: Allows VMs in the remote VNet to access all VMs in the local VNet. + name: allow_virtual_network_access + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Allows forwarded traffic from the VMs in the remote VNet. + name: allow_forwarded_traffic + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: If remote gateways can be used on this virtual network. + name: use_remote_gateways + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Allows VNet to use the remote VNet''s gateway. Remote VNet gateway + must have --allow-gateway-transit enabled for remote peering. + Only 1 peering can have this flag enabled. Cannot be set if the VNet already + has a gateway.' + name: allow_gateway_transit + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: State of the virtual network peering. Use `present` to create or + update a peering and `absent` to delete it. + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + description: "Manage Azure Virtual Network Peering\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetworkpeering_module.html" + name: azure-rm-virtualnetworkpeering + outputs: + - contextPath: Azure.AzureRmVirtualnetworkpeering.id + description: ID of the Azure virtual network peering. + type: string + - arguments: + - description: Name of a resource group where the vnet exists. + name: resource_group + required: true + - description: Name or resource ID of a virtual network. + name: virtual_network + required: true + - description: Name of the virtual network peering. + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get facts of Azure Virtual Network Peering\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetworkpeering_info_module.html" + name: azure-rm-virtualnetworkpeering-info + outputs: + - contextPath: Azure.AzureRmVirtualnetworkpeeringInfo.vnetpeerings + description: A list of Virtual Network Peering facts. + type: unknown + - arguments: + - description: Name of resource group. + name: resource_group + required: true + - description: Name of the subnet. + name: name + required: true + - description: CIDR defining the IPv4 address space of the subnet. Must be valid + within the context of the virtual network. + name: address_prefix_cidr + - description: 'Existing security group with which to associate the subnet. + It can be the security group name which is in the same resource group. + Can be the resource ID of the security group. + Can be a dict containing the `name` and `resource_group` of the security group.' + name: security_group + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the subnet. Use `present` to create or update + a subnet and use `absent` to delete a subnet. + name: state + predefined: + - absent + - present + - description: Name of an existing virtual network with which the subnet is or + will be associated. + name: virtual_network_name + required: true + - description: 'The reference of the RouteTable resource. + Can be the name or resource ID of the route table. + Can be a dict containing the `name` and `resource_group` of the route table.' + name: route_table + - description: An array of service endpoints. + isArray: true + name: service_endpoints + - description: Your Azure subscription Id. + name: subscription_id + description: "Manage Azure subnets\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_subnet_module.html" + name: azure-rm-subnet + outputs: + - contextPath: Azure.AzureRmSubnet.state + description: Current state of the subnet. + type: unknown + - arguments: + - description: The name of the resource group. + name: resource_group + required: true + - description: The name of the virtual network. + name: virtual_network_name + required: true + - description: The name of the subnet. + name: name + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Subnet facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_subnet_info_module.html" + name: azure-rm-subnet-info + outputs: + - contextPath: Azure.AzureRmSubnetInfo.subnets + description: A list of dictionaries containing facts for subnet. + type: unknown + - arguments: + - description: Name of a resource group where the Traffic Manager endpoint exists + or will be created. + name: resource_group + required: true + - description: The name of the endpoint. + name: name + required: true + - description: Name of Traffic Manager profile where this endpoints attaches to. + name: profile_name + required: true + - auto: PREDEFINED + description: The type of the endpoint. + name: type + predefined: + - azure_endpoints + - external_endpoints + - nested_endpoints + required: true + - description: 'The Azure Resource URI of the of the endpoint. + Not applicable to endpoints of `type=external_endpoints`.' + name: target_resource_id + - description: The fully-qualified DNS name of the endpoint. + name: target + - auto: PREDEFINED + defaultValue: 'Yes' + description: The status of the endpoint. + name: enabled + predefined: + - 'Yes' + - 'No' + - description: 'The weight of this endpoint when traffic manager profile has routing_method + of `weighted`. + Possible values are from 1 to 1000.' + name: weight + - description: 'The priority of this endpoint when traffic manager profile has + routing_method of `priority`. + Possible values are from 1 to 1000, lower values represent higher priority. + This is an optional parameter. If specified, it must be specified on all endpoints. + No two endpoints can share the same priority value.' + name: priority + - description: Specifies the location of the external or nested endpoints when + using the 'Performance' traffic routing method. + name: location + - description: 'The minimum number of endpoints that must be available in the + child profile in order for the parent profile to be considered available. + Only applicable to endpoint of `type=nested_endpoints`.' + name: min_child_endpoints + - description: The list of countries/regions mapped to this endpoint when traffic + manager profile has routing_method of `geographic`. + isArray: true + name: geo_mapping + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the Traffic Manager endpoint. Use `present` + to create or update a Traffic Manager endpoint and `absent` to delete it. + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + description: "Manage Azure Traffic Manager endpoint\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerendpoint_module.html" + name: azure-rm-trafficmanagerendpoint + outputs: + - contextPath: Azure.AzureRmTrafficmanagerendpoint.id + description: The ID of the traffic manager endpoint. + type: string + - arguments: + - description: Limit results to a specific Traffic Manager endpoint. + name: name + - description: The resource group to search for the desired Traffic Manager profile. + name: resource_group + required: true + - description: Name of Traffic Manager Profile. + name: profile_name + required: true + - auto: PREDEFINED + description: Type of endpoint. + name: type + predefined: + - azure_endpoints + - external_endpoints + - nested_endpoints + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Traffic Manager endpoint facts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerendpoint_info_module.html" + name: azure-rm-trafficmanagerendpoint-info + outputs: + - contextPath: Azure.AzureRmTrafficmanagerendpointInfo.endpoints + description: List of Traffic Manager endpoints. + type: unknown + - arguments: + - description: Name of a resource group where the Traffic Manager profile exists + or will be created. + name: resource_group + required: true + - description: Name of the Traffic Manager profile. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the Traffic Manager profile. Use `present` + to create or update a Traffic Manager profile and `absent` to delete it. + name: state + predefined: + - absent + - present + - defaultValue: global + description: 'Valid Azure location. Defaults to `global` because in default + public Azure cloud, Traffic Manager profile can only be deployed globally. + Reference `https://docs.microsoft.com/en-us/azure/traffic-manager/quickstart-create-traffic-manager-profile#create-a-traffic-manager-profile`.' + name: location + - auto: PREDEFINED + defaultValue: enabled + description: The status of the Traffic Manager profile. + name: profile_status + predefined: + - enabled + - disabled + - auto: PREDEFINED + defaultValue: performance + description: The traffic routing method of the Traffic Manager profile. + name: routing_method + predefined: + - performance + - priority + - weighted + - geographic + - description: The DNS settings of the Traffic Manager profile. + name: dns_config + - defaultValue: '{''protocol'': ''HTTP'', ''port'': 80, ''path'': ''/''}' + description: The endpoint monitoring settings of the Traffic Manager profile. + name: monitor_config + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Traffic Manager profile\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerprofile_module.html" + name: azure-rm-trafficmanagerprofile + outputs: + - contextPath: Azure.AzureRmTrafficmanagerprofile.id + description: The ID of the traffic manager profile. + type: string + - contextPath: Azure.AzureRmTrafficmanagerprofile.endpoints + description: List of endpoint IDs attached to the profile. + type: unknown + - arguments: + - description: Limit results to a specific Traffic Manager profile. + name: name + - description: The resource group to search for the desired Traffic Manager profile. + name: resource_group + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get Azure Traffic Manager profile facts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerprofile_info_module.html" + name: azure-rm-trafficmanagerprofile-info + outputs: + - contextPath: Azure.AzureRmTrafficmanagerprofileInfo.tms + description: List of Traffic Manager profiles. + type: unknown + - arguments: + - description: Name of a resource group where the network interface exists or + will be created. + name: resource_group + required: true + - description: Name of the network interface. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the network interface. Use `present` to create + or update an interface and `absent` to delete an interface. + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - description: 'An existing virtual network with which the network interface will + be associated. Required when creating a network interface. + It can be the virtual network''s name. + Make sure your virtual network is in the same resource group as NIC when you + give only the name. + It can be the virtual network''s resource id. + It can be a dict which contains `name` and `resource_group` of the virtual + network.' + name: virtual_network + required: true + - description: 'Name of an existing subnet within the specified virtual network. + Required when creating a network interface. + Use the `virtual_network`''s resource group.' + name: subnet_name + required: true + - auto: PREDEFINED + defaultValue: Linux + description: 'Determines any rules to be added to a default security group. + When creating a network interface, if no security group name is provided, + a default security group will be created. + If the `os_type=Windows`, a rule allowing RDP access will be added. + If the `os_type=Linux`, a rule allowing SSH access will be added.' + name: os_type + predefined: + - Windows + - Linux + - description: '(Deprecate) Valid IPv4 address that falls within the specified + subnet. + This option will be deprecated in 2.9, use `ip_configurations` instead.' + name: private_ip_address + - auto: PREDEFINED + defaultValue: Dynamic + description: '(Deprecate) Whether or not the assigned IP address is permanent. + When creating a network interface, if you specify `private_ip_address=Static`, + you must provide a value for `private_ip_address`. + You can update the allocation method to `Static` after a dynamic private IP + address has been assigned. + This option will be deprecated in 2.9, use `ip_configurations` instead.' + name: private_ip_allocation_method + predefined: + - Dynamic + - Static + - defaultValue: 'yes' + description: '(Deprecate) When creating a network interface, if no public IP + address name is provided a default public IP address will be created. + Set to `false` if you do not want a public IP address automatically created. + This option will be deprecated in 2.9, use `ip_configurations` instead.' + name: public_ip + - description: '(Deprecate) Name of an existing public IP address object to associate + with the security group. + This option will be deprecated in 2.9, use `ip_configurations` instead.' + name: public_ip_address_name + - auto: PREDEFINED + defaultValue: Dynamic + description: '(Deprecate) If a `public_ip_address_name` is not provided, a default + public IP address will be created. + The allocation method determines whether or not the public IP address assigned + to the network interface is permanent. + This option will be deprecated in 2.9, use `ip_configurations` instead.' + name: public_ip_allocation_method + predefined: + - Dynamic + - Static + - description: List of IP configurations. Each configuration object should include + field `private_ip_address`, `private_ip_allocation_method`, `public_ip_address_name`, + `public_ip`, `public_ip_allocation_method`, `name`. + name: ip_configurations + - auto: PREDEFINED + defaultValue: 'No' + description: Whether the network interface should be created with the accelerated + networking feature or not. + name: enable_accelerated_networking + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether a security group should be be created with the NIC. + If this flag set to `True` and no `security_group` set, a default security + group will be created.' + name: create_with_security_group + predefined: + - 'Yes' + - 'No' + - description: 'An existing security group with which to associate the network + interface. + If not provided, a default security group will be created when `create_with_security_group=true`. + It can be the name of security group. + Make sure the security group is in the same resource group when you only give + its name. + It can be the resource id. + It can be a dict contains security_group''s `name` and `resource_group`.' + name: security_group + - description: When a default security group is created for a Linux host a rule + will be added allowing inbound TCP connections to the default SSH port `22`, + and for a Windows host rules will be added allowing inbound access to RDP + ports `3389` and `5986`. Override the default ports by providing a list of + open ports. + name: open_ports + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to enable IP forwarding. + name: enable_ip_forwarding + predefined: + - 'Yes' + - 'No' + - description: 'Which DNS servers should the NIC lookup. + List of IP addresses.' + isArray: true + name: dns_servers + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure network interfaces\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_networkinterface_module.html" + name: azure-rm-networkinterface + outputs: + - contextPath: Azure.AzureRmNetworkinterface.state + description: The current state of the network interface. + type: unknown + - arguments: + - description: Only show results for a specific network interface. + name: name + - description: Name of the resource group containing the network interface(s). + Required when searching by name. + name: resource_group + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get network interface facts\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/azure_rm_networkinterface_info_module.html" + name: azure-rm-networkinterface-info + outputs: + - contextPath: Azure.AzureRmNetworkinterfaceInfo.azure_networkinterfaces + description: List of network interface dicts. + type: unknown + - contextPath: Azure.AzureRmNetworkinterfaceInfo.networkinterfaces + description: List of network interface dicts. Each dict contains parameters + can be passed to `azure_rm_networkinterface` module. + type: unknown + - arguments: + - description: Name of resource group with which the Public IP is associated. + name: resource_group + required: true + - auto: PREDEFINED + defaultValue: dynamic + description: 'Control whether the assigned Public IP remains permanently assigned + to the object. + If not set to `Static`, the IP address my changed anytime an associated virtual + machine is power cycled.' + name: allocation_method + predefined: + - dynamic + - static + - Static + - Dynamic + - description: 'The customizable portion of the FQDN assigned to public IP address. + This is an explicit setting. + If no value is provided, any existing value will be removed on an existing + public IP.' + name: domain_name + - description: Name of the Public IP. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the Public IP. Use `present` to create or update + a and `absent` to delete. + name: state + predefined: + - absent + - present + - description: Valid Azure location. Defaults to location of the resource group. + name: location + - auto: PREDEFINED + description: The public IP address SKU. + name: sku + predefined: + - basic + - standard + - Basic + - Standard + - description: 'List of IpTag associated with the public IP address. + Each element should contain type:value pair.' + name: ip_tags + - description: Idle timeout in minutes. + name: idle_timeout + - auto: PREDEFINED + defaultValue: ipv4 + description: The public IP address version. + name: version + predefined: + - ipv4 + - ipv6 + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure Public IP Addresses\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_publicipaddress_module.html" + name: azure-rm-publicipaddress + outputs: + - contextPath: Azure.AzureRmPublicipaddress.state + description: Facts about the current state of the object. + type: unknown + - arguments: + - description: Only show results for a specific Public IP. + name: name + - description: Limit results by resource group. Required when using name parameter. + name: resource_group + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get public IP facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_publicipaddress_info_module.html" + name: azure-rm-publicipaddress-info + outputs: + - contextPath: Azure.AzureRmPublicipaddressInfo.azure_publicipaddresses + description: 'List of public IP address dicts. + Please note that this option will be deprecated in 2.10 when curated format + will become the only supported format.' + type: unknown + - contextPath: Azure.AzureRmPublicipaddressInfo.publicipaddresses + description: 'List of publicipaddress. + Contains the detail which matches azure_rm_publicipaddress parameters. + Returned when the format parameter set to curated.' + type: unknown + - arguments: + - description: Name of resource group. + name: resource_group + required: true + - description: Name of the route. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the route. Use `present` to create or update + and `absent` to delete. + name: state + predefined: + - absent + - present + - description: The destination CIDR to which the route applies. + name: address_prefix + - auto: PREDEFINED + defaultValue: none + description: The type of Azure hop the packet should be sent to. + name: next_hop_type + predefined: + - virtual_network_gateway + - vnet_local + - internet + - virtual_appliance + - none + - description: 'The IP address packets should be forwarded to. + Next hop values are only allowed in routes where the next hop type is VirtualAppliance.' + name: next_hop_ip_address + - description: The name of the route table. + name: route_table_name + required: true + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure route resource\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/azure_rm_route_module.html" + name: azure-rm-route + outputs: + - contextPath: Azure.AzureRmRoute.id + description: Current state of the route. + type: string + - arguments: + - description: Name of resource group. + name: resource_group + required: true + - description: Name of the route table. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the route table. Use `present` to create or + update and `absent` to delete. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: Specified whether to disable the routes learned by BGP on that + route table. + name: disable_bgp_route_propagation + predefined: + - 'Yes' + - 'No' + - description: 'Region of the resource. + Derived from `resource_group` if not specified.' + name: location + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure route table resource\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_routetable_module.html" + name: azure-rm-routetable + outputs: + - contextPath: Azure.AzureRmRoutetable.changed + description: Whether the resource is changed. + type: boolean + - contextPath: Azure.AzureRmRoutetable.id + description: Resource ID. + type: string + - arguments: + - description: Limit results to a specific route table. + name: name + - description: Limit results in a specific resource group. + name: resource_group + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get route table facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_routetable_info_module.html" + name: azure-rm-routetable-info + outputs: + - contextPath: Azure.AzureRmRoutetableInfo.id + description: Resource ID. + type: string + - contextPath: Azure.AzureRmRoutetableInfo.name + description: Name of the resource. + type: string + - contextPath: Azure.AzureRmRoutetableInfo.resource_group + description: Resource group of the route table. + type: string + - contextPath: Azure.AzureRmRoutetableInfo.disable_bgp_route_propagation + description: Whether the routes learned by BGP on that route table disabled. + type: boolean + - contextPath: Azure.AzureRmRoutetableInfo.tags + description: Tags of the route table. + type: unknown + - contextPath: Azure.AzureRmRoutetableInfo.routes + description: Current routes of the route table. + type: unknown + - arguments: + - description: 'The set of default rules automatically added to a security group + at creation. + In general default rules will not be modified. Modify rules to shape the flow + of traffic to or from a subnet or NIC. + See rules below for the makeup of a rule dict.' + name: default_rules + - description: Valid azure location. Defaults to location of the resource group. + name: location + - description: Name of the security group to operate on. + name: name + - defaultValue: 'no' + description: Remove any existing rules not matching those defined in the default_rules + parameter. + name: purge_default_rules + - defaultValue: 'no' + description: Remove any existing rules not matching those defined in the rules + parameters. + name: purge_rules + - description: Name of the resource group the security group belongs to. + name: resource_group + required: true + - description: Set of rules shaping traffic flow to or from a subnet or NIC. Each + rule is a dictionary. + name: rules + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the security group. Set to `present` to create + or update a security group. Set to `absent` to remove a security group. + name: state + predefined: + - absent + - present + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure network security groups\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/azure_rm_securitygroup_module.html" + name: azure-rm-securitygroup + outputs: + - contextPath: Azure.AzureRmSecuritygroup.state + description: Current state of the security group. + type: unknown + - arguments: + - description: Only show results for a specific security group. + name: name + - description: Name of the resource group to use. + name: resource_group + required: true + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + name: tags + - description: Your Azure subscription Id. + name: subscription_id + description: "Get security group facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_securitygroup_info_module.html" + name: azure-rm-securitygroup-info + outputs: + - contextPath: Azure.AzureRmSecuritygroupInfo.securitygroups + description: List containing security group dicts. + type: unknown + - arguments: + - description: Name of resource group. + name: resource_group + required: true + - description: Name of the existing DNS zone in which to manage the record set. + name: zone_name + required: true + - description: Relative name of the record set. + name: relative_name + required: true + - auto: PREDEFINED + description: The type of record set to create or delete. + name: record_type + predefined: + - A + - AAAA + - CNAME + - MX + - NS + - SRV + - TXT + - PTR + - CAA + - SOA + required: true + - auto: PREDEFINED + defaultValue: purge + description: Whether existing record values not sent to the module should be + purged. + name: record_mode + predefined: + - append + - purge + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the record set. Use `present` to create or + update and `absent` to delete. + name: state + predefined: + - absent + - present + - defaultValue: '3600' + description: Time to live of the record set in seconds. + name: time_to_live + - description: List of records to be created depending on the type of record (set). + name: records + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Create, delete and update DNS record sets and records\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnsrecordset_module.html" + name: azure-rm-dnsrecordset + outputs: + - contextPath: Azure.AzureRmDnsrecordset.state + description: Current state of the DNS record set. + type: unknown + - arguments: + - description: Only show results for a Record Set. + name: relative_name + - description: Limit results by resource group. Required when filtering by name + or type. + name: resource_group + - description: Limit results by zones. Required when filtering by name or type. + name: zone_name + - description: Limit record sets by record type. + name: record_type + - description: Limit the maximum number of record sets to return. + name: top + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Get DNS Record Set facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnsrecordset_info_module.html" + name: azure-rm-dnsrecordset-info + outputs: + - contextPath: Azure.AzureRmDnsrecordsetInfo.azure_dnsrecordset + description: List of record set dicts. + type: unknown + - contextPath: Azure.AzureRmDnsrecordsetInfo.dnsrecordsets + description: List of record set dicts, which shares the same hierarchy as `azure_rm_dnsrecordset` + module's parameter. + type: unknown + - arguments: + - description: name of resource group. + name: resource_group + required: true + - description: Name of the DNS zone. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Assert the state of the zone. Use `present` to create or update + and `absent` to delete. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + description: The type of this DNS zone (`public` or `private`). + name: type + predefined: + - public + - private + - description: 'A list of references to virtual networks that register hostnames + in this DNS zone. + This is a only when `type=private`. + Each element can be the name or resource id, or a dict contains `name`, `resource_group` + information of the virtual network.' + isArray: true + name: registration_virtual_networks + - description: 'A list of references to virtual networks that resolve records + in this DNS zone. + This is a only when `type=private`. + Each element can be the name or resource id, or a dict contains `name`, `resource_group` + information of the virtual network.' + isArray: true + name: resolution_virtual_networks + - description: Your Azure subscription Id. + name: subscription_id + - description: 'Dictionary of string:string pairs to assign as metadata to the + object. + Metadata tags on the object will be updated with any provided values. + To remove tags set append_tags option to false.' + isArray: true + name: tags + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Manage Azure DNS zones\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnszone_module.html" + name: azure-rm-dnszone + outputs: + - contextPath: Azure.AzureRmDnszone.state + description: Current state of the zone. + type: unknown + - arguments: + - description: Limit results by resource group. Required when filtering by name. + name: resource_group + - description: Only show results for a specific zone. + name: name + - description: Limit results by providing a list of tags. Format tags as 'key' + or 'key:value'. + isArray: true + name: tags + - description: Your Azure subscription Id. + name: subscription_id + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use to control if tags field is canonical or just appends to existing + tags. + When canonical, any tags not found in the tags parameter will be removed from + the object''s metadata.' + name: append_tags + predefined: + - 'Yes' + - 'No' + description: "Get DNS zone facts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnszone_info_module.html" + name: azure-rm-dnszone-info + outputs: + - contextPath: Azure.AzureRmDnszoneInfo.azure_dnszones + description: List of zone dicts. + type: unknown + - contextPath: Azure.AzureRmDnszoneInfo.dnszones + description: List of zone dicts, which share the same layout as azure_rm_dnszone + module parameter. + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure_description.md b/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure_description.md new file mode 100644 index 000000000000..69535773b48c --- /dev/null +++ b/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure_description.md @@ -0,0 +1,10 @@ +# Ansible Azure +Manage Azure services. + +To use this integration you must generate a Service Principal for your Azure subscription. Follow [Microsoft's guide](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) on how to create a Azure AD application and associated service principal. + +After stepping through the guide you will have: + +* Your Client ID, which is found in the “client id” box in the “Configure” page of your application in the Azure portal +* Your Secret key, generated when you created the application. You cannot show the key after creation. If you lost the key, you must create a new one in the “Configure” page of your application. +* And finally, a tenant ID. It’s a UUID (e.g. ABCDEFGH-1234-ABCD-1234-ABCDEFGHIJKL) pointing to the AD containing your application. You will find it in the URL from within the Azure portal, or in the “view endpoints” of any given URL. \ No newline at end of file diff --git a/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure_image.png b/Packs/AnsibleAzure/Integrations/AnsibleAzure/AnsibleAzure_image.png new file mode 100644 index 0000000000000000000000000000000000000000..541623408ff6647d7b773187510eb55eecb87c27 GIT binary patch literal 2356 zcmV-43Cs40P)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!T5(L8B5(%(Ly2sd%#4$&>0*NC#&U(7|U)7uKIeNN#c4ro4wm+%5 z{_5%Jqh8gks@JWw)|4~46eQ0XQE~&1IJtpGoZP@8PHx~4CpYkjlN)%{8TvZd^{s_JY46MJNB{y%VBxmWko?;JtGN^866$>A1u#b|*M> zoDF`Clya7d!5Y}}*HT!TCsN9k_1JckTh=1|+RB{eVsHj_{R?2&2ceqhyq&6>9yQAK zFT<9NJ_h|hvoB{^7>t2E|7vvFpGe74&@gxtwO<5x?oW%#Sq9AOLM0w`QFy^Wv3-&) zEYP5eGiKD@phO|rp4>#!5vn?8NhxPYENznI9W0U?{1>XzxJ1Q?aZ$$9q9PQXNwqpA zVL8KQ2`)OEhoK%Pg;pB0>nu#P1VtYc)sEJ8i^>@y{kv$---^E-kWvi#JOx5y=`Glo^7w!5mSdwuu);5i682gckcvRsR zqK1bq+=3STC6kEWWOuF{`ZKUn$3(@WRYwJ?^F{Q=^S>r)@a(CxYbx6UQ0l9qRt(t< z>;_y>=)nn8C%-Ld-U_LbCSoS^(CS# ziu&j+;XNV-i*?H^F2vI8UL(iV?IvF#WHYcETn>X3r4&!axmi?`=SZG~r{Wq<5j_}Y zeRj`w_E>d(Kn49)qlsQ5`HCRhEV}irP#juchuP_SrNravt8nTcN+~N*aAXj80r%7w zBmD{IeV**I&!OpcF#7k6?u6fhX<99%WOU(KG_(03s?D87Vd)=cU)70QI$AvcFYH#J z?!!HuXLky2z+qne9B!w|mIF8zlUaooi{Tm^zf-iO7VN-%ei5oUYyjnP1ap zoJD)SFRB;1&A5zK(OabK6j8bF7d;5rxIn+z=7!tMR?*i@9?t}RUz?hUjv3=J4NM`T z{RyaNV8a2PC!1m`(f_#~jcU| z=p&+fQ*mAx1zeKln-HqZ+G3Vr$Y4zZGFf% zlD3-ZKu=Gq?jFpMo;2e!#X|P=WVOrWQIJmQ@Y2V>G2ImV&c z+j<)WjUUE6Ec*2(kK+ZK2iJqOiffRIrrW^d$}T0632FD{|A@{;|7%=@7W)a&*-*N< zwnbyoCz6wJ`grfLxK{rcw%h>jKqHO9u$^4cyN&dZ>K;})QEG$n6ln>x8+iX=jy3b- zDw&Yl-Ah)KdakIf%$Q!3otK!c)^CHGn@CKgA27!%b(6_Eaf1(I`$VHF&I?VRg?&ep z<~8Z4*de8f^%PoPVe$;L-^_{mT3$#}tQMe&fp z5uRi;^$v~hsjtD6KPsiiOP-BKk6kEgaU{BEZD-L$mrI^XWMI$dSAEIxX3NErFOEw2 zTiD7=fD9;g9*mbIPW?Tz)tWyeN~cPsQPJ?+#nY zMEklk9y<_@sccIhM(diWC@3?3jDreXFI>^v;HrP#Gqn=pSW5|>@L_Zq8)|feSD>=F zk+3J|{dLO%31iaEjU1NTZM0H5aNZMG_rINH;TZP@>rlP|>2L4?M{)ON&SMSi1=nMn zK2s>@!F|)rzkoj4iQcz zrdDR0J5j04PO=(*KY)708kByD@)>p?r4NDHG_2lK%2(l_W=}pH`bHW*!Cj9hz4(ou zh6E1;BLlk*zN*gg&vbS>S$a}BUVR)*{$f1JcC^HcWN#YmJ>rLuTCfG@!o!+l(gQTD zxWTzF0??13I=H8C1!be+bgwu(e;u|nNK?3{lX$)_<2V}@^#Wd6j-l31(sUV1xE5^W zu!wv415G>0U(PgfgUfI({-^-|zaXMqI+=Zr2(7!PwE3*-hKadHEXIJtpGoZP@8PHx~4CpYj& aL-aqjh0~-M_h}da0000 **Integrations** > **Servers & Services**. +2. Search for Ansible Azure. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Subscription ID | Your Azure subscription Id. | True | + | Access Secret | Azure client secret | True | + | Client ID | Azure client ID | True | + | Tenant ID | Azure tenant ID | True | + | Azure Cloud Environment | For cloud environments other than the US public cloud, the environment name \(as defined by Azure Python SDK, eg, \`AzureChinaCloud\`, \`AzureUSGovernment\`\), or a metadata discovery endpoint URL \(required for Azure Stack\). | True | + | Certificate Validation Mode | Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing \`ignore\`. | True | + | API Profile | Selects an API profile to use when communicating with Azure services. Default value of \`latest\` is appropriate for public clouds; future values will allow use with Azure Stack. | True | + +4. Click **Test** to validate the URLs, token, and connection. + +# Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +# State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### azure-rm-autoscale +*** +Manage Azure autoscale setting +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_autoscale_module.html + + +#### Base Command + +`azure-rm-autoscale` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| target | The identifier of the resource to apply autoscale setting.
It could be the resource id string.
It also could be a dict contains the `name`, `subscription_id`, `namespace`, `types`, `resource_group` of the resource. | Optional | +| resource_group | Resource group of the resource. | Required | +| enabled | Specifies whether automatic scaling is enabled for the resource. Possible values are: Yes, No. Default is Yes. | Optional | +| profiles | The collection of automatic scaling profiles that specify different scaling parameters for different time periods.
A maximum of 20 profiles can be specified. | Optional | +| notifications | The collection of notifications. | Optional | +| state | Assert the state of the virtual network. Use `present` to create or update and `absent` to delete. Possible values are: present, absent. Default is present. | Optional | +| location | location of the resource. | Optional | +| name | name of the resource. | Required | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmAutoscale.state | unknown | Current state of the resource. | + + +#### Command Example +```!azure-rm-autoscale target="/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss" enabled="True" profiles="{{ [{\"count\": \"1\", \"recurrence_days\": [\"Monday\"], \"name\": \"Auto created scale condition\", \"recurrence_timezone\": \"China Standard Time\", \"recurrence_mins\": [\"0\"], \"min_count\": \"1\", \"max_count\": \"1\", \"recurrence_frequency\": \"Week\", \"recurrence_hours\": [\"18\"]}] }}" name="auto_scale_name" resource_group="myResourceGroup" location="australiasoutheast"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmAutoscale": [ + { + "changed": true, + "enabled": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/auto_scale_name", + "location": "australiasoutheast", + "name": "auto_scale_name", + "notifications": [], + "profiles": [ + { + "count": "1", + "max_count": "1", + "min_count": "1", + "name": "Auto created scale condition", + "recurrence_days": [ + "Monday" + ], + "recurrence_frequency": "Week", + "recurrence_hours": [ + "18" + ], + "recurrence_mins": [ + "0" + ], + "recurrence_timezone": "China Standard Time" + } + ], + "status": "CHANGED", + "tags": {}, + "target": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * enabled: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/auto_scale_name +> * location: australiasoutheast +> * name: auto_scale_name +> * target: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss +> * ## Notifications +> * ## Profiles +> * ## Auto Created Scale Condition +> * count: 1 +> * max_count: 1 +> * min_count: 1 +> * name: Auto created scale condition +> * recurrence_frequency: Week +> * recurrence_timezone: China Standard Time +> * ### Recurrence_Days +> * 0: Monday +> * ### Recurrence_Hours +> * 0: 18 +> * ### Recurrence_Mins +> * 0: 0 +> * ## Tags + + +### azure-rm-autoscale-info +*** +Get Azure Auto Scale Setting facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_autoscale_info_module.html + + +#### Base Command + +`azure-rm-autoscale-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| name | The name of the Auto Scale Setting. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmAutoscaleInfo.autoscales | unknown | List of Azure Scale Settings dicts. | + + +#### Command Example +```!azure-rm-autoscale-info resource_group="myResourceGroup" name="auto_scale_name" location="australiasoutheast"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmAutoscaleInfo": [ + { + "autoscales": [ + { + "enabled": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/auto_scale_name", + "location": "australiasoutheast", + "name": "auto_scale_name", + "notifications": [], + "profiles": [ + { + "count": "1", + "max_count": "1", + "min_count": "1", + "name": "Auto created scale condition", + "recurrence_days": [ + "Monday" + ], + "recurrence_frequency": "Week", + "recurrence_hours": [ + "18" + ], + "recurrence_mins": [ + "0" + ], + "recurrence_timezone": "China Standard Time" + } + ], + "tags": {}, + "target": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss" + } + ], + "changed": false, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Autoscales +> * ## Auto_Scale_Name +> * enabled: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/microsoft.insights/autoscalesettings/auto_scale_name +> * location: australiasoutheast +> * name: auto_scale_name +> * target: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss +> * ### Notifications +> * ### Profiles +> * ### Auto Created Scale Condition +> * count: 1 +> * max_count: 1 +> * min_count: 1 +> * name: Auto created scale condition +> * recurrence_frequency: Week +> * recurrence_timezone: China Standard Time +> * #### Recurrence_Days +> * 0: Monday +> * #### Recurrence_Hours +> * 0: 18 +> * #### Recurrence_Mins +> * 0: 0 +> * ### Tags + + +### azure-rm-availabilityset +*** +Manage Azure Availability Set +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_availabilityset_module.html + + +#### Base Command + +`azure-rm-availabilityset` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the availability set exists or will be created. | Required | +| name | Name of the availability set. | Required | +| state | Assert the state of the availability set.
Use `present` to create or update a availability set and `absent` to delete a availability set. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| platform_update_domain_count | Update domains indicate groups of virtual machines and underlying physical hardware that can be rebooted at the same time. Default is 5. | Optional | +| platform_fault_domain_count | Fault domains define the group of virtual machines that share a common power source and network switch.
Should be between `1` and `3`. Default is 3. | Optional | +| sku | Define if the availability set supports managed disks. Possible values are: Classic, Aligned. Default is Classic. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmAvailabilityset.state | unknown | Current state of the availability set. | +| Azure.AzureRmAvailabilityset.changed | boolean | Whether or not the resource has changed | + + +#### Command Example +```!azure-rm-availabilityset name="myAvailabilitySet" location="australiasoutheast" resource_group="myResourceGroup" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmAvailabilityset": [ + { + "changed": true, + "state": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/availabilitySets/myAvailabilitySet", + "location": "australiasoutheast", + "name": "myAvailabilitySet", + "platform_fault_domain_count": 3, + "platform_update_domain_count": 5, + "sku": "Classic", + "tags": null + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## State +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/availabilitySets/myAvailabilitySet +> * location: australiasoutheast +> * name: myAvailabilitySet +> * platform_fault_domain_count: 3 +> * platform_update_domain_count: 5 +> * sku: Classic +> * tags: None + + +### azure-rm-availabilityset-info +*** +Get Azure Availability Set facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_availabilityset_info_module.html + + +#### Base Command + +`azure-rm-availabilityset-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific availability set. | Optional | +| resource_group | The resource group to search for the desired availability set. | Optional | +| tags | List of tags to be matched. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmAvailabilitysetInfo.azure_availabilityset | unknown | List of availability sets dicts. | + + +#### Command Example +```!azure-rm-availabilityset-info name="Testing" resource_group="myResourceGroup" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmAvailabilitysetInfo": [ + { + "changed": false, + "info": { + "azure_availabilitysets": [] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Info +> * ### Azure_Availabilitysets + + +### azure-rm-deployment +*** +Create or destroy Azure Resource Manager template deployments +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_deployment_module.html + + +#### Base Command + +`azure-rm-deployment` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The resource group name to use or create to host the deployed template. | Required | +| name | The name of the deployment to be tracked in the resource group deployment history.
Re-using a deployment name will overwrite the previous value in the resource group's deployment history. Default is ansible-arm. | Optional | +| location | The geo-locations in which the resource group will be located. Default is westus. | Optional | +| deployment_mode | In incremental mode, resources are deployed without deleting existing resources that are not included in the template.
In complete mode resources are deployed and existing resources in the resource group not included in the template are deleted. Possible values are: complete, incremental. Default is incremental. | Optional | +| template | A hash containing the templates inline. This parameter is mutually exclusive with `template_link`.
Either `template` or `template_link` is required if `state=present`. | Optional | +| template_link | Uri of file containing the template body. This parameter is mutually exclusive with `template`.
Either `template` or `template_link` is required if `state=present`. | Optional | +| parameters | A hash of all the required template variables for the deployment template. This parameter is mutually exclusive with `parameters_link`.
Either `parameters_link` or `parameters` is required if `state=present`. | Optional | +| parameters_link | Uri of file containing the parameters body. This parameter is mutually exclusive with `parameters`.
Either `parameters_link` or `parameters` is required if `state=present`. | Optional | +| wait_for_deployment_completion | Whether or not to block until the deployment has completed. Default is yes. | Optional | +| wait_for_deployment_polling_period | Time (in seconds) to wait between polls when waiting for deployment completion. Default is 10. | Optional | +| state | If `state=present`, template will be created.
If `state=present` and deployment exists, it will be updated.
If `state=absent`, stack will be removed. Possible values are: present, absent. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmDeployment.deployment | unknown | Deployment details. | + + +#### Command Example +```!azure-rm-deployment resource_group="myResourceGroup" name="myDeployment" location="australiasoutheast" template_link="https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-vm-simple-linux/azuredeploy.json" parameters="{\"vmName\":{\"value\":\"simpleLinuxVM\"},\"adminUsername\":{\"value\":\"exampleadmin\"},\"authenticationType\":{\"value\":\"password\"},\"adminPasswordOrKey\":{\"value\":\"CHANGEME\"},\"dnsLabelPrefix\":{\"value\":\"xsoarexample\"},\"ubuntuOSVersion\":{\"value\":\"18.04-LTS\"},\"VmSize\":{\"value\":\"Standard_B2s\"},\"virtualNetworkName\":{\"value\":\"vNet\"},\"subnetName\":{\"value\":\"Subnet\"},\"networkSecurityGroupName\":{\"value\":\"SecGroupNet\"}}"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmDeployment": [ + { + "changed": true, + "deployment": { + "group_name": "myResourceGroup", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Resources/deployments/myDeployment", + "instances": [ + { + "ips": [ + { + "dns_settings": { + "domain_name_label": "xsoarexample", + "fqdn": "xsoarexample.australiasoutheast.cloudapp.azure.com" + }, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/simpleLinuxVMPublicIP", + "name": "simpleLinuxVMPublicIP", + "public_ip": "1.1.1.1", + "public_ip_allocation_method": "Dynamic" + } + ], + "vm_name": "simpleLinuxVM" + } + ], + "name": "myDeployment", + "outputs": { + "adminUsername": { + "type": "String", + "value": "exampleadmin" + }, + "hostname": { + "type": "String", + "value": "xsoarexample.australiasoutheast.cloudapp.azure.com" + }, + "sshCommand": { + "type": "String", + "value": "ssh exampleadmin@xsoarexample.australiasoutheast.cloudapp.azure.com" + } + } + }, + "msg": "deployment succeeded", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * msg: deployment succeeded +> * ## Deployment +> * group_name: myResourceGroup +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Resources/deployments/myDeployment +> * name: myDeployment +> * ### Instances +> * ### Simplelinuxvm +> * vm_name: simpleLinuxVM +> * #### Ips +> * #### Simplelinuxvmpublicip +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/simpleLinuxVMPublicIP +> * name: simpleLinuxVMPublicIP +> * public_ip: 1.1.1.1 +> * public_ip_allocation_method: Dynamic +> * ##### Dns_Settings +> * domain_name_label: xsoarexample +> * fqdn: xsoarexample.australiasoutheast.cloudapp.azure.com +> * ### Outputs +> * #### Adminusername +> * type: String +> * value: exampleadmin +> * #### Hostname +> * type: String +> * value: xsoarexample.australiasoutheast.cloudapp.azure.com +> * #### Sshcommand +> * type: String +> * value: ssh exampleadmin@xsoarexample.australiasoutheast.cloudapp.azure.com + + +### azure-rm-deployment-info +*** +Get Azure Deployment facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_deployment_info_module.html + + +#### Base Command + +`azure-rm-deployment-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| name | The name of the deployment. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmDeploymentInfo.deployments | unknown | A list of dictionaries containing facts for deployments. | + + +#### Command Example +```!azure-rm-deployment-info resource_group="myResourceGroup" name="myDeployment" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmDeploymentInfo": [ + { + "changed": false, + "deployments": [ + { + "correlation_id": "07a08b8c-9c48-45fe-9f67-53c7eea232b6", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Resources/deployments/myDeployment", + "name": "myDeployment", + "output_resources": [ + { + "depends_on": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/SecGroupNet", + "name": "SecGroupNet", + "type": "Microsoft.Network/networkSecurityGroups" + }, + { + "depends_on": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vNet", + "name": "vNet", + "type": "Microsoft.Network/virtualNetworks" + }, + { + "depends_on": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIpAddresses/simpleLinuxVMPublicIP", + "name": "simpleLinuxVMPublicIP", + "type": "Microsoft.Network/publicIpAddresses" + }, + { + "depends_on": [ + "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/SecGroupNet", + "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vNet", + "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIpAddresses/simpleLinuxVMPublicIP" + ], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/simpleLinuxVMNetInt", + "name": "simpleLinuxVMNetInt", + "type": "Microsoft.Network/networkInterfaces" + }, + { + "depends_on": [ + "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/simpleLinuxVMNetInt" + ], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/simpleLinuxVM", + "name": "simpleLinuxVM", + "type": "Microsoft.Compute/virtualMachines" + } + ], + "outputs": { + "adminUsername": { + "type": "String", + "value": "exampleadmin" + }, + "hostname": { + "type": "String", + "value": "xsoarexample.australiasoutheast.cloudapp.azure.com" + }, + "sshCommand": { + "type": "String", + "value": "ssh exampleadmin@xsoarexample.australiasoutheast.cloudapp.azure.com" + } + }, + "parameters": { + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminUsername": { + "type": "String", + "value": "exampleadmin" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "xsoarexample" + }, + "location": { + "type": "String", + "value": "australiasoutheast" + }, + "networkSecurityGroupName": { + "type": "String", + "value": "SecGroupNet" + }, + "subnetName": { + "type": "String", + "value": "Subnet" + }, + "ubuntuOSVersion": { + "type": "String", + "value": "18.04-LTS" + }, + "virtualNetworkName": { + "type": "String", + "value": "vNet" + }, + "vmName": { + "type": "String", + "value": "simpleLinuxVM" + }, + "vmSize": { + "type": "String", + "value": "Standard_B2s" + } + }, + "provisioning_state": "Succeeded", + "resource_group": "myResourceGroup", + "template_link": "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-vm-simple-linux/azuredeploy.json" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Deployments +> * ## Mydeployment +> * correlation_id: 07a08b8c-9c48-45fe-9f67-53c7eea232b6 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Resources/deployments/myDeployment +> * name: myDeployment +> * provisioning_state: Succeeded +> * resource_group: myResourceGroup +> * template_link: https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-vm-simple-linux/azuredeploy.json +> * ### Output_Resources +> * ### Secgroupnet +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/SecGroupNet +> * name: SecGroupNet +> * type: Microsoft.Network/networkSecurityGroups +> * #### Depends_On +> * ### Vnet +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vNet +> * name: vNet +> * type: Microsoft.Network/virtualNetworks +> * #### Depends_On +> * ### Simplelinuxvmpublicip +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIpAddresses/simpleLinuxVMPublicIP +> * name: simpleLinuxVMPublicIP +> * type: Microsoft.Network/publicIpAddresses +> * #### Depends_On +> * ### Simplelinuxvmnetint +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/simpleLinuxVMNetInt +> * name: simpleLinuxVMNetInt +> * type: Microsoft.Network/networkInterfaces +> * #### Depends_On +> * 0: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/SecGroupNet +> * 1: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vNet +> * 2: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIpAddresses/simpleLinuxVMPublicIP +> * ### Simplelinuxvm +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/simpleLinuxVM +> * name: simpleLinuxVM +> * type: Microsoft.Compute/virtualMachines +> * #### Depends_On +> * 0: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/simpleLinuxVMNetInt +> * ### Outputs +> * #### Adminusername +> * type: String +> * value: exampleadmin +> * #### Hostname +> * type: String +> * value: xsoarexample.australiasoutheast.cloudapp.azure.com +> * #### Sshcommand +> * type: String +> * value: ssh exampleadmin@xsoarexample.australiasoutheast.cloudapp.azure.com +> * ### Parameters +> * #### Adminpasswordorkey +> * type: SecureString +> * #### Adminusername +> * type: String +> * value: exampleadmin +> * #### Authenticationtype +> * type: String +> * value: password +> * #### Dnslabelprefix +> * type: String +> * value: xsoarexample +> * #### Location +> * type: String +> * value: australiasoutheast +> * #### Networksecuritygroupname +> * type: String +> * value: SecGroupNet +> * #### Subnetname +> * type: String +> * value: Subnet +> * #### Ubuntuosversion +> * type: String +> * value: 18.04-LTS +> * #### Virtualnetworkname +> * type: String +> * value: vNet +> * #### Vmname +> * type: String +> * value: simpleLinuxVM +> * #### Vmsize +> * type: String +> * value: Standard_B2s + + +### azure-rm-functionapp +*** +Manage Azure Function Apps +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_functionapp_module.html + + +#### Base Command + +`azure-rm-functionapp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Required | +| name | Name of the Azure Function App. | Required | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| plan | App service plan.
It can be name of existing app service plan in same resource group as function app.
It can be resource id of existing app service plan.
Resource id. For example /subscriptions/<subs_id>/resourceGroups/<resource_group>/providers/Microsoft.Web/serverFarms/<plan_name>.
It can be a dict which contains `name`, `resource_group`.
`name`. Name of app service plan.
`resource_group`. Resource group name of app service plan. | Optional | +| container_settings | Web app container settings. | Optional | +| storage_account | Name of the storage account to use. | Required | +| app_settings | Dictionary containing application settings. | Optional | +| state | Assert the state of the Function App. Use `present` to create or update a Function App and `absent` to delete. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmFunctionapp.state | unknown | Current state of the Azure Function App. | + + +#### Command Example +```!azure-rm-functionapp resource_group="myResourceGroup" name="myxsoarFunctionApp" storage_account="xsoarexamplestorage" state="absent"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmFunctionapp": [ + { + "changed": false, + "state": {}, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## State + + +### azure-rm-functionapp-info +*** +Get Azure Function App facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_functionapp_info_module.html + + +#### Base Command + +`azure-rm-functionapp-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Only show results for a specific Function App. | Optional | +| resource_group | Limit results to a resource group. Required when filtering by name. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmFunctionappInfo.azure_functionapps | unknown | List of Azure Function Apps dicts. | + + +#### Command Example +```!azure-rm-functionapp-info resource_group="myResourceGroup"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmFunctionappInfo": [ + { + "changed": false, + "info": { + "azure_functionapps": [] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Info +> * ### Azure_Functionapps + + +### azure-rm-gallery +*** +Manage Azure Shared Image Gallery instance. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_gallery_module.html + + +#### Base Command + +`azure-rm-gallery` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| name | The name of the Shared Image Gallery. Valid names consist of less than 80 alphanumeric characters, underscores and periods. | Required | +| location | Resource location. | Optional | +| description | The description of this Shared Image Gallery resource. This property is updatable. | Optional | +| state | Assert the state of the Gallery.
Use `present` to create or update an Gallery and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmGallery.id | string | Resource Id | + + +#### Command Example +```!azure-rm-gallery resource_group="myResourceGroup" name="myGallery1283" location="australiasoutheast" description="This is the gallery description." ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmGallery": [ + { + "changed": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283 + + +### azure-rm-gallery-info +*** +Get Azure Shared Image Gallery info. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_gallery_info_module.html + + +#### Base Command + +`azure-rm-gallery-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Optional | +| name | Resource name. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmGalleryInfo.galleries | unknown | A list of dict results where the key is the name of the gallery and the values are the info for that gallery. | + + +#### Command Example +```!azure-rm-gallery-info``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmGalleryInfo": [ + { + "changed": false, + "galleries": [ + { + "description": "This is the gallery description.", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/MYRESOURCEGROUP/providers/Microsoft.Compute/galleries/myGallery1283", + "location": "australiasoutheast", + "name": "myGallery1283", + "provisioning_state": "Succeeded", + "tags": null + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Galleries +> * ## Mygallery1283 +> * description: This is the gallery description. +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/MYRESOURCEGROUP/providers/Microsoft.Compute/galleries/myGallery1283 +> * location: australiasoutheast +> * name: myGallery1283 +> * provisioning_state: Succeeded +> * tags: None + + +### azure-rm-galleryimage +*** +Manage Azure SIG Image instance. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimage_module.html + + +#### Base Command + +`azure-rm-galleryimage` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| gallery_name | The name of the Shared Image Gallery in which the Image Definition is to be created. | Required | +| name | The name of the gallery Image Definition to be created or updated. The allowed characters are alphabets and numbers with dots, dashes, and periods allowed in the middle. The maximum length is 80 characters. | Required | +| location | Resource location. | Optional | +| description | The description of this gallery Image Definition resource. This property is updatable. | Optional | +| eula | The Eula agreement for the gallery Image Definition. | Optional | +| privacy_statement_uri | The privacy statement uri. | Optional | +| release_note_uri | The release note uri. | Optional | +| os_type | This property allows you to specify the type of the OS that is included in the disk when creating a VM from a managed image. Possible values are: windows, linux. | Required | +| os_state | The allowed values for OS State are 'Generalized'. Possible values are: generalized, specialized. | Required | +| end_of_life_date | The end of life date of the gallery Image Definition. This property can be used for decommissioning purposes. This property is updatable. Format should be according to ISO-8601, for instance "2019-06-26". | Optional | +| identifier | Image identifier. | Required | +| recommended | Recommended parameter values. | Optional | +| disallowed | Disallowed parameter values. | Optional | +| purchase_plan | Purchase plan. | Optional | +| state | Assert the state of the GalleryImage.
Use `present` to create or update an GalleryImage and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmGalleryimage.id | string | Resource Id | + + +#### Command Example +```!azure-rm-galleryimage resource_group="myResourceGroup" gallery_name="myGallery1283" name="myImage" location="australiasoutheast" os_type="linux" os_state="generalized" identifier="{\"publisher\": \"myPublisherName\", \"offer\": \"myOfferName\", \"sku\": \"mySkuName\"}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmGalleryimage": [ + { + "changed": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage + + +### azure-rm-galleryimage-info +*** +Get Azure SIG Image info. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimage_info_module.html + + +#### Base Command + +`azure-rm-galleryimage-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| gallery_name | The name of the shared image gallery from which the image definitions are to be retrieved. | Required | +| name | Resource name. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmGalleryimageInfo.images | unknown | A list of dict results where the key is the name of the image and the values are the info for that image. | + + +#### Command Example +```!azure-rm-galleryimage-info resource_group="myResourceGroup" gallery_name="myGallery1283"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmGalleryimageInfo": [ + { + "changed": false, + "images": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage", + "identifier": { + "offer": "myOfferName", + "publisher": "myPublisherName", + "sku": "mySkuName" + }, + "location": "australiasoutheast", + "name": "myImage", + "os_state": "Generalized", + "os_type": "Linux", + "tags": null + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Images +> * ## Myimage +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage +> * location: australiasoutheast +> * name: myImage +> * os_state: Generalized +> * os_type: Linux +> * tags: None +> * ### Identifier +> * offer: myOfferName +> * publisher: myPublisherName +> * sku: mySkuName + + +### azure-rm-galleryimageversion +*** +Manage Azure SIG Image Version instance. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimageversion_module.html + + +#### Base Command + +`azure-rm-galleryimageversion` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| gallery_name | The name of the Shared Image Gallery in which the Image Definition resides. | Required | +| gallery_image_name | The name of the gallery Image Definition in which the Image Version is to be created. | Required | +| name | The name of the gallery Image Version to be created. Needs to follow semantic version name pattern: The allowed characters are digit and period. Digits must be within the range of a 32-bit integer. Format: <MajorVersion>.<MinorVersion>.<Patch>. | Required | +| location | Resource location. | Optional | +| publishing_profile | Publishing profile. | Required | +| state | Assert the state of the GalleryImageVersion.
Use `present` to create or update an GalleryImageVersion and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmGalleryimageversion.id | string | Resource Id | + + +#### Command Example +```!azure-rm-galleryimageversion resource_group="myResourceGroup" gallery_name="myGallery1283" gallery_image_name="myImage" name="10.1.3" location="australiasoutheast" publishing_profile="{{{\"end_of_life_date\": \"2022-10-01t00:00:00+00:00\", \"exclude_from_latest\": True, \"replica_count\": 1, \"storage_account_type\": \"Standard_LRS\", \"target_regions\": [{\"name\": \"australiasoutheast\", \"regional_replica_count\": 1}], \"managed_image\": {\"name\": \"myImage\", \"resource_group\": \"myResourceGroup\"}}}}" execution-timeout=90000000``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmGalleryimageversion": [ + { + "changed": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage/versions/10.1.3", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage/versions/10.1.3 + + +### azure-rm-galleryimageversion-info +*** +Get Azure SIG Image Version info. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_galleryimageversion_info_module.html + + +#### Base Command + +`azure-rm-galleryimageversion-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| gallery_name | The name of the Shared Image Gallery in which the Image Definition resides. | Required | +| gallery_image_name | The name of the gallery Image Definition in which the Image Version resides. | Required | +| name | Resource name. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmGalleryimageversionInfo.versions | unknown | A list of dict results where the key is the name of the version and the values are the info for that version. | + + +#### Command Example +```!azure-rm-galleryimageversion-info resource_group="myResourceGroup" gallery_name="myGallery1283" gallery_image_name="myImage" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmGalleryimageversionInfo": [ + { + "changed": false, + "status": "SUCCESS", + "versions": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage/versions/10.1.3", + "location": "australiasoutheast", + "name": "10.1.3", + "provisioning_state": "Failed", + "publishing_profile": { + "endOfLifeDate": "2022-10-01T00:00:00+00:00", + "excludeFromLatest": true, + "publishedDate": "2021-06-20T15:39:54.9539674+00:00", + "replicaCount": 1, + "source": { + "managedImage": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/images/myImage" + } + }, + "storageAccountType": "Standard_LRS", + "targetRegions": [ + { + "name": "Australia Southeast", + "regionalReplicaCount": 1, + "storageAccountType": "Standard_LRS" + } + ] + }, + "tags": null + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Versions +> * ## 10.1.3 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/galleries/myGallery1283/images/myImage/versions/10.1.3 +> * location: australiasoutheast +> * name: 10.1.3 +> * provisioning_state: Failed +> * tags: None +> * ### Publishing_Profile +> * endOfLifeDate: 2022-10-01T00:00:00+00:00 +> * excludeFromLatest: True +> * publishedDate: 2021-06-20T15:39:54.9539674+00:00 +> * replicaCount: 1 +> * storageAccountType: Standard_LRS +> * #### Source +> * ##### Managedimage +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/images/myImage +> * #### Targetregions +> * #### Australia Southeast +> * name: Australia Southeast +> * regionalReplicaCount: 1 +> * storageAccountType: Standard_LRS + + +### azure-rm-image +*** +Manage Azure image +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_image_module.html + + +#### Base Command + +`azure-rm-image` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Required | +| name | Name of the image. | Required | +| source | OS disk source from the same region.
It can be a virtual machine, OS disk blob URI, managed OS disk, or OS snapshot.
Each type of source except for blob URI can be given as resource id, name or a dict contains `resource_group`, `name` and `type`.
If source type is blob URI, the source should be the full URI of the blob in string type.
If you specify the `type` in a dict, acceptable value contains `disks`, `virtual_machines` and `snapshots`. | Required | +| data_disk_sources | List of data disk sources, including unmanaged blob URI, managed disk id or name, or snapshot id or name. | Optional | +| location | Location of the image. Derived from `resource_group` if not specified. | Optional | +| os_type | The OS type of image. Possible values are: Windows, Linux. | Optional | +| state | Assert the state of the image. Use `present` to create or update a image and `absent` to delete an image. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmImage.id | string | Image resource path. | + + +#### Command Example +```!azure-rm-image resource_group="myResourceGroup" name="myImage" source="testvm10" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmImage": [ + { + "changed": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/images/myImage", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/images/myImage + + + +### azure-rm-image-info +*** +Get facts about azure custom images +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_image_info_module.html + + +#### Base Command + +`azure-rm-image-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Optional | +| name | Name of the image to filter from existing images. | Optional | +| tags | List of tags to be matched. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmImageInfo.images | unknown | List of image dicts. | + + +#### Command Example +```!azure-rm-image-info name="myImage" resource_group="myResourceGroup" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmImageInfo": [ + { + "changed": false, + "images": [ + { + "data_disks": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/images/myImage", + "location": "australiasoutheast", + "name": "myImage", + "os_blob_uri": "https://test/vhds/testvm10.vhd", + "os_disk": null, + "os_disk_caching": "ReadOnly", + "os_state": "Generalized", + "os_storage_account_type": "Standard_LRS", + "os_type": "Linux", + "provisioning_state": "Succeeded", + "resource_group": "myResourceGroup", + "source": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10", + "tags": null + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Images +> * ## Myimage +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/images/myImage +> * location: australiasoutheast +> * name: myImage +> * os_blob_uri: https://test/vhds/testvm10.vhd +> * os_disk: None +> * os_disk_caching: ReadOnly +> * os_state: Generalized +> * os_storage_account_type: Standard_LRS +> * os_type: Linux +> * provisioning_state: Succeeded +> * resource_group: myResourceGroup +> * source: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10 +> * tags: None +> * ### Data_Disks + + +### azure-rm-loadbalancer +*** +Manage Azure load balancers +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_loadbalancer_module.html + + +#### Base Command + +`azure-rm-loadbalancer` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the load balancer exists or will be created. | Required | +| name | Name of the load balancer. | Required | +| state | Assert the state of the load balancer. Use `present` to create/update a load balancer, or `absent` to delete one. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| sku | The load balancer SKU. Possible values are: Basic, Standard. | Optional | +| frontend_ip_configurations | List of frontend IPs to be used. | Optional | +| backend_address_pools | List of backend address pools. | Optional | +| probes | List of probe definitions used to check endpoint health. | Optional | +| inbound_nat_pools | Defines an external port range for inbound NAT to a single backend port on NICs associated with a load balancer.
Inbound NAT rules are created automatically for each NIC associated with the Load Balancer using an external port from this range.
Defining an Inbound NAT pool on your Load Balancer is mutually exclusive with defining inbound Nat rules.
Inbound NAT pools are referenced from virtual machine scale sets.
NICs that are associated with individual virtual machines cannot reference an inbound NAT pool.
They have to reference individual inbound NAT rules. | Optional | +| load_balancing_rules | Object collection representing the load balancing rules Gets the provisioning. | Optional | +| inbound_nat_rules | Collection of inbound NAT Rules used by a load balancer.
Defining inbound NAT rules on your load balancer is mutually exclusive with defining an inbound NAT pool.
Inbound NAT pools are referenced from virtual machine scale sets.
NICs that are associated with individual virtual machines cannot reference an Inbound NAT pool.
They have to reference individual inbound NAT rules. | Optional | +| public_ip_address_name | (deprecated) Name of an existing public IP address object to associate with the security group.
This option has been deprecated, and will be removed in 2.9. Use `frontend_ip_configurations` instead. | Optional | +| probe_port | (deprecated) The port that the health probe will use.
This option has been deprecated, and will be removed in 2.9. Use `probes` instead. | Optional | +| probe_protocol | (deprecated) The protocol to use for the health probe.
This option has been deprecated, and will be removed in 2.9. Use `probes` instead. Possible values are: Tcp, Http, Https. | Optional | +| probe_interval | (deprecated) Time (in seconds) between endpoint health probes.
This option has been deprecated, and will be removed in 2.9. Use `probes` instead. Default is 15. | Optional | +| probe_fail_count | (deprecated) The amount of probe failures for the load balancer to make a health determination.
This option has been deprecated, and will be removed in 2.9. Use `probes` instead. Default is 3. | Optional | +| probe_request_path | (deprecated) The URL that an HTTP probe or HTTPS probe will use (only relevant if `probe_protocol=Http` or `probe_protocol=Https`).
This option has been deprecated, and will be removed in 2.9. Use `probes` instead. | Optional | +| protocol | (deprecated) The protocol (TCP or UDP) that the load balancer will use.
This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` instead. Possible values are: Tcp, Udp. | Optional | +| load_distribution | (deprecated) The type of load distribution that the load balancer will employ.
This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` instead. Possible values are: Default, SourceIP, SourceIPProtocol. | Optional | +| frontend_port | (deprecated) Frontend port that will be exposed for the load balancer.
This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` instead. | Optional | +| backend_port | (deprecated) Backend port that will be exposed for the load balancer.
This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` instead. | Optional | +| idle_timeout | (deprecated) Timeout for TCP idle connection in minutes.
This option has been deprecated, and will be removed in 2.9. Use `load_balancing_rules` instead. Default is 4. | Optional | +| natpool_frontend_port_start | (deprecated) Start of the port range for a NAT pool.
This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` instead. | Optional | +| natpool_frontend_port_end | (deprecated) End of the port range for a NAT pool.
This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` instead. | Optional | +| natpool_backend_port | (deprecated) Backend port used by the NAT pool.
This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` instead. | Optional | +| natpool_protocol | (deprecated) The protocol for the NAT pool.
This option has been deprecated, and will be removed in 2.9. Use `inbound_nat_pools` instead. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmLoadbalancer.state | unknown | Current state of the load balancer. | +| Azure.AzureRmLoadbalancer.changed | boolean | Whether or not the resource has changed. | + + +#### Command Example +```!azure-rm-loadbalancer resource_group="myResourceGroup" name="testloadbalancer1" frontend_ip_configurations="{{ [{\"name\": \"frontendipconf0\", \"public_ip_address\": \"loadbalancerpip\"}] }}" backend_address_pools="{{ [{\"name\": \"backendaddrpool0\"}] }}" probes="{{ [{\"name\": \"prob0\", \"port\": 80}] }}" inbound_nat_pools="{{ [{\"name\": \"inboundnatpool0\", \"frontend_ip_configuration_name\": \"frontendipconf0\", \"protocol\": \"Tcp\", \"frontend_port_range_start\": 80, \"frontend_port_range_end\": 81, \"backend_port\": 8080}] }}" load_balancing_rules="{{ [{\"name\": \"lbrbalancingrule0\", \"frontend_ip_configuration\": \"frontendipconf0\", \"backend_address_pool\": \"backendaddrpool0\", \"frontend_port\": 80, \"backend_port\": 80, \"probe\": \"prob0\"}] }}"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmLoadbalancer": [ + { + "changed": true, + "state": { + "backend_address_pools": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0", + "load_balancing_rules": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0" + } + ], + "name": "backendaddrpool0", + "provisioning_state": "Succeeded", + "type": "Microsoft.Network/loadBalancers/backendAddressPools" + } + ], + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "frontend_ip_configurations": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0", + "inbound_nat_pools": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0" + } + ], + "load_balancing_rules": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0" + } + ], + "name": "frontendipconf0", + "private_ip_allocation_method": "Dynamic", + "provisioning_state": "Succeeded", + "public_ip_address": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/loadbalancerpip" + }, + "type": "Microsoft.Network/loadBalancers/frontendIPConfigurations" + } + ], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1", + "inbound_nat_pools": [ + { + "backend_port": 8080, + "enable_floating_ip": false, + "enable_tcp_reset": false, + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "frontend_ip_configuration": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0" + }, + "frontend_port_range_end": 81, + "frontend_port_range_start": 80, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0", + "idle_timeout_in_minutes": 4, + "name": "inboundnatpool0", + "protocol": "Tcp", + "provisioning_state": "Succeeded", + "type": "Microsoft.Network/loadBalancers/inboundNatPools" + } + ], + "inbound_nat_rules": [], + "load_balancing_rules": [ + { + "backend_address_pool": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0" + }, + "backend_port": 80, + "enable_floating_ip": false, + "enable_tcp_reset": false, + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "frontend_ip_configuration": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0" + }, + "frontend_port": 80, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0", + "idle_timeout_in_minutes": 4, + "load_distribution": "Default", + "name": "lbrbalancingrule0", + "probe": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0" + }, + "protocol": "Tcp", + "provisioning_state": "Succeeded", + "type": "Microsoft.Network/loadBalancers/loadBalancingRules" + } + ], + "location": "australiasoutheast", + "name": "testloadbalancer1", + "probes": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0", + "interval_in_seconds": 15, + "load_balancing_rules": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0" + } + ], + "name": "prob0", + "number_of_probes": 3, + "port": 80, + "protocol": "Tcp", + "provisioning_state": "Succeeded", + "type": "Microsoft.Network/loadBalancers/probes" + } + ], + "provisioning_state": "Succeeded", + "resource_guid": "96a7cea3-982d-4478-b164-c99a2a0ff9a5", + "sku": { + "name": "Basic" + }, + "type": "Microsoft.Network/loadBalancers" + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## State +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1 +> * location: australiasoutheast +> * name: testloadbalancer1 +> * provisioning_state: Succeeded +> * resource_guid: 96a7cea3-982d-4478-b164-c99a2a0ff9a5 +> * type: Microsoft.Network/loadBalancers +> * ### Backend_Address_Pools +> * ### Backendaddrpool0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0 +> * name: backendaddrpool0 +> * provisioning_state: Succeeded +> * type: Microsoft.Network/loadBalancers/backendAddressPools +> * #### Load_Balancing_Rules +> * #### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Loadbalancingrules/Lbrbalancingrule0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * ### Frontend_Ip_Configurations +> * ### Frontendipconf0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0 +> * name: frontendipconf0 +> * private_ip_allocation_method: Dynamic +> * provisioning_state: Succeeded +> * type: Microsoft.Network/loadBalancers/frontendIPConfigurations +> * #### Inbound_Nat_Pools +> * #### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Inboundnatpools/Inboundnatpool0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0 +> * #### Load_Balancing_Rules +> * #### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Loadbalancingrules/Lbrbalancingrule0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * #### Public_Ip_Address +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/loadbalancerpip +> * ### Inbound_Nat_Pools +> * ### Inboundnatpool0 +> * backend_port: 8080 +> * enable_floating_ip: False +> * enable_tcp_reset: False +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * frontend_port_range_end: 81 +> * frontend_port_range_start: 80 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0 +> * idle_timeout_in_minutes: 4 +> * name: inboundnatpool0 +> * protocol: Tcp +> * provisioning_state: Succeeded +> * type: Microsoft.Network/loadBalancers/inboundNatPools +> * #### Frontend_Ip_Configuration +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0 +> * ### Inbound_Nat_Rules +> * ### Load_Balancing_Rules +> * ### Lbrbalancingrule0 +> * backend_port: 80 +> * enable_floating_ip: False +> * enable_tcp_reset: False +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * frontend_port: 80 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * idle_timeout_in_minutes: 4 +> * load_distribution: Default +> * name: lbrbalancingrule0 +> * protocol: Tcp +> * provisioning_state: Succeeded +> * type: Microsoft.Network/loadBalancers/loadBalancingRules +> * #### Backend_Address_Pool +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0 +> * #### Frontend_Ip_Configuration +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0 +> * #### Probe +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0 +> * ### Probes +> * ### Prob0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0 +> * interval_in_seconds: 15 +> * name: prob0 +> * number_of_probes: 3 +> * port: 80 +> * protocol: Tcp +> * provisioning_state: Succeeded +> * type: Microsoft.Network/loadBalancers/probes +> * #### Load_Balancing_Rules +> * #### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Loadbalancingrules/Lbrbalancingrule0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * ### Sku +> * name: Basic + + +### azure-rm-loadbalancer-info +*** +Get load balancer facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_loadbalancer_info_module.html + + +#### Base Command + +`azure-rm-loadbalancer-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific resource group. | Optional | +| resource_group | The resource group to search for the desired load balancer. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmLoadbalancerInfo.azure_loadbalancers | unknown | List of load balancer dicts. | + + +#### Command Example +```!azure-rm-loadbalancer-info name="testloadbalancer1" resource_group="myResourceGroup" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmLoadbalancerInfo": [ + { + "changed": false, + "info": { + "azure_loadbalancers": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1", + "location": "australiasoutheast", + "name": "testloadbalancer1", + "properties": { + "backendAddressPools": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0", + "name": "backendaddrpool0", + "properties": { + "loadBalancingRules": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0" + } + ], + "provisioningState": "Succeeded" + }, + "type": "Microsoft.Network/loadBalancers/backendAddressPools" + } + ], + "frontendIPConfigurations": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0", + "name": "frontendipconf0", + "properties": { + "inboundNatPools": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0" + } + ], + "loadBalancingRules": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0" + } + ], + "privateIPAllocationMethod": "Dynamic", + "provisioningState": "Succeeded", + "publicIPAddress": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/loadbalancerpip" + } + }, + "type": "Microsoft.Network/loadBalancers/frontendIPConfigurations" + } + ], + "inboundNatPools": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0", + "name": "inboundnatpool0", + "properties": { + "backendPort": 8080, + "enableFloatingIP": false, + "enableTcpReset": false, + "frontendIPConfiguration": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0" + }, + "frontendPortRangeEnd": 81, + "frontendPortRangeStart": 80, + "idleTimeoutInMinutes": 4, + "protocol": "Tcp", + "provisioningState": "Succeeded" + }, + "type": "Microsoft.Network/loadBalancers/inboundNatPools" + } + ], + "inboundNatRules": [], + "loadBalancingRules": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0", + "name": "lbrbalancingrule0", + "properties": { + "backendAddressPool": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0" + }, + "backendPort": 80, + "enableFloatingIP": false, + "enableTcpReset": false, + "frontendIPConfiguration": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0" + }, + "frontendPort": 80, + "idleTimeoutInMinutes": 4, + "loadDistribution": "Default", + "probe": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0" + }, + "protocol": "Tcp", + "provisioningState": "Succeeded" + }, + "type": "Microsoft.Network/loadBalancers/loadBalancingRules" + } + ], + "probes": [ + { + "etag": "W/\"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0", + "name": "prob0", + "properties": { + "intervalInSeconds": 15, + "loadBalancingRules": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0" + } + ], + "numberOfProbes": 3, + "port": 80, + "protocol": "Tcp", + "provisioningState": "Succeeded" + }, + "type": "Microsoft.Network/loadBalancers/probes" + } + ], + "provisioningState": "Succeeded", + "resourceGuid": "96a7cea3-982d-4478-b164-c99a2a0ff9a5" + }, + "sku": { + "name": "Basic" + }, + "type": "Microsoft.Network/loadBalancers" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Info +> * ### Azure_Loadbalancers +> * ### Testloadbalancer1 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1 +> * location: australiasoutheast +> * name: testloadbalancer1 +> * type: Microsoft.Network/loadBalancers +> * #### Properties +> * provisioningState: Succeeded +> * resourceGuid: 96a7cea3-982d-4478-b164-c99a2a0ff9a5 +> * ##### Backendaddresspools +> * ##### Backendaddrpool0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0 +> * name: backendaddrpool0 +> * type: Microsoft.Network/loadBalancers/backendAddressPools +> * ###### Properties +> * provisioningState: Succeeded +> * ####### Loadbalancingrules +> * ####### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Loadbalancingrules/Lbrbalancingrule0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * ##### Frontendipconfigurations +> * ##### Frontendipconf0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0 +> * name: frontendipconf0 +> * type: Microsoft.Network/loadBalancers/frontendIPConfigurations +> * ###### Properties +> * privateIPAllocationMethod: Dynamic +> * provisioningState: Succeeded +> * ####### Inboundnatpools +> * ####### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Inboundnatpools/Inboundnatpool0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0 +> * ####### Loadbalancingrules +> * ####### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Loadbalancingrules/Lbrbalancingrule0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * ####### Publicipaddress +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/loadbalancerpip +> * ##### Inboundnatpools +> * ##### Inboundnatpool0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/inboundNatPools/inboundnatpool0 +> * name: inboundnatpool0 +> * type: Microsoft.Network/loadBalancers/inboundNatPools +> * ###### Properties +> * backendPort: 8080 +> * enableFloatingIP: False +> * enableTcpReset: False +> * frontendPortRangeEnd: 81 +> * frontendPortRangeStart: 80 +> * idleTimeoutInMinutes: 4 +> * protocol: Tcp +> * provisioningState: Succeeded +> * ####### Frontendipconfiguration +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0 +> * ##### Inboundnatrules +> * ##### Loadbalancingrules +> * ##### Lbrbalancingrule0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * name: lbrbalancingrule0 +> * type: Microsoft.Network/loadBalancers/loadBalancingRules +> * ###### Properties +> * backendPort: 80 +> * enableFloatingIP: False +> * enableTcpReset: False +> * frontendPort: 80 +> * idleTimeoutInMinutes: 4 +> * loadDistribution: Default +> * protocol: Tcp +> * provisioningState: Succeeded +> * ####### Backendaddresspool +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/backendAddressPools/backendaddrpool0 +> * ####### Frontendipconfiguration +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/frontendIPConfigurations/frontendipconf0 +> * ####### Probe +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0 +> * ##### Probes +> * ##### Prob0 +> * etag: W/"4fcaeb51-9c56-4e98-9fa1-15eca75d0b96" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/probes/prob0 +> * name: prob0 +> * type: Microsoft.Network/loadBalancers/probes +> * ###### Properties +> * intervalInSeconds: 15 +> * numberOfProbes: 3 +> * port: 80 +> * protocol: Tcp +> * provisioningState: Succeeded +> * ####### Loadbalancingrules +> * ####### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Loadbalancers/Testloadbalancer1/Loadbalancingrules/Lbrbalancingrule0 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/testloadbalancer1/loadBalancingRules/lbrbalancingrule0 +> * #### Sku +> * name: Basic + + +### azure-rm-manageddisk +*** +Manage Azure Manage Disks +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_manageddisk_module.html + + +#### Base Command + +`azure-rm-manageddisk` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the managed disk exists or will be created. | Required | +| name | Name of the managed disk. | Required | +| state | Assert the state of the managed disk. Use `present` to create or update a managed disk and `absent` to delete a managed disk. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| storage_account_type | Type of storage for the managed disk.
If not specified, the disk is created as `Standard_LRS`.
`Standard_LRS` is for Standard HDD.
`StandardSSD_LRS` (added in 2.8) is for Standard SSD.
`Premium_LRS` is for Premium SSD.
`UltraSSD_LRS` (added in 2.8) is for Ultra SSD, which is in preview mode, and only available on select instance types.
See `https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disks-types` for more information about disk types. Possible values are: Standard_LRS, StandardSSD_LRS, Premium_LRS, UltraSSD_LRS. | Optional | +| create_option | `import` from a VHD file in `source_uri` and `copy` from previous managed disk `source_uri`. Possible values are: empty, import, copy. | Optional | +| source_uri | URI to a valid VHD file to be used or the resource ID of the managed disk to copy. | Optional | +| os_type | Type of Operating System.
Used when `create_option=copy` or `create_option=import` and the source is an OS disk.
If omitted during creation, no value is set.
If omitted during an update, no change is made.
Once set, this value cannot be cleared. Possible values are: linux, windows. | Optional | +| disk_size_gb | Size in GB of the managed disk to be created.
If `create_option=copy` then the value must be greater than or equal to the source's size. | Optional | +| managed_by | Name of an existing virtual machine with which the disk is or will be associated, this VM should be in the same resource group.
To detach a disk from a vm, explicitly set to ''.
If this option is unset, the value will not be changed. | Optional | +| attach_caching | Disk caching policy controlled by VM. Will be used when attached to the VM defined by `managed_by`.
If this option is different from the current caching policy, the managed disk will be deattached and attached with current caching option again. Possible values are: , read_only, read_write. | Optional | +| tags | Tags to assign to the managed disk.
Format tags as 'key' or 'key:value'. | Optional | +| zone | The Azure managed disk's zone.
Allowed values are `1`, `2`, `3` and `' '`. Possible values are: 1, 2, 3, . | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmManageddisk.id | unknown | The managed disk resource ID. | +| Azure.AzureRmManageddisk.state | unknown | Current state of the managed disk. | +| Azure.AzureRmManageddisk.changed | boolean | Whether or not the resource has changed. | + + +#### Command Example +```!azure-rm-manageddisk name="mymanageddisk" location="australiasoutheast" resource_group="myResourceGroup" disk_size_gb="4" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmManageddisk": [ + { + "changed": true, + "state": { + "create_option": "empty", + "disk_size_gb": 4, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/mymanageddisk", + "location": "australiasoutheast", + "managed_by": null, + "name": "mymanageddisk", + "os_type": null, + "source_uri": null, + "storage_account_type": "Standard_LRS", + "tags": null, + "zone": "" + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## State +> * create_option: empty +> * disk_size_gb: 4 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/mymanageddisk +> * location: australiasoutheast +> * managed_by: None +> * name: mymanageddisk +> * os_type: None +> * source_uri: None +> * storage_account_type: Standard_LRS +> * tags: None +> * zone: + + +### azure-rm-manageddisk-info +*** +Get managed disk facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_manageddisk_info_module.html + + +#### Base Command + +`azure-rm-manageddisk-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific managed disk. | Optional | +| resource_group | Limit results to a specific resource group. | Optional | +| tags | Limit results by providing a list of tags.
Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmManageddiskInfo.azure_managed_disk | unknown | List of managed disk dicts. | + + +#### Command Example +```!azure-rm-manageddisk-info name="mymanageddisk" resource_group="myResourceGroup" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmManageddiskInfo": [ + { + "changed": false, + "info": { + "azure_managed_disk": [ + { + "create_option": "empty", + "disk_size_gb": 4, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/mymanageddisk", + "location": "australiasoutheast", + "managed_by": null, + "name": "mymanageddisk", + "os_type": null, + "source_uri": null, + "storage_account_type": "Standard_LRS", + "tags": null, + "zone": "" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Info +> * ### Azure_Managed_Disk +> * ### Mymanageddisk +> * create_option: empty +> * disk_size_gb: 4 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/disks/mymanageddisk +> * location: australiasoutheast +> * managed_by: None +> * name: mymanageddisk +> * os_type: None +> * source_uri: None +> * storage_account_type: Standard_LRS +> * tags: None +> * zone: + + +### azure-rm-resource-info +*** +Generic facts of Azure resources +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_resource_info_module.html + + +#### Base Command + +`azure-rm-resource-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| url | Azure RM Resource URL. | Optional | +| api_version | Specific API version to be used. | Optional | +| provider | Provider type, should be specified in no URL is given. | Optional | +| resource_group | Resource group to be used.
Required if URL is not specified. | Optional | +| resource_type | Resource type. | Optional | +| resource_name | Resource name. | Optional | +| subresource | List of subresources. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmResourceInfo.response | unknown | Response specific to resource type. | + + +#### Command Example +```!azure-rm-resource-info resource_group="myResourceGroup" provider="compute" resource_type="virtualMachines" resource_name="testvm10"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmResourceInfo": [ + { + "changed": false, + "response": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10", + "location": "australiasoutheast", + "name": "testvm10", + "properties": { + "hardwareProfile": { + "vmSize": "Standard_B2ms" + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/testvm1001", + "properties": { + "primary": true + } + } + ] + }, + "osProfile": { + "adminUsername": "exampleadmin", + "allowExtensionOperations": true, + "computerName": "testvm10", + "linuxConfiguration": { + "disablePasswordAuthentication": false, + "patchSettings": { + "assessmentMode": "ImageDefault", + "patchMode": "ImageDefault" + }, + "provisionVMAgent": true + }, + "requireGuestProvisionSignal": true, + "secrets": [] + }, + "provisioningState": "Succeeded", + "storageProfile": { + "dataDisks": [], + "imageReference": { + "exactVersion": "0.20210329.591", + "offer": "debian-10", + "publisher": "Debian", + "sku": "10", + "version": "0.20210329.591" + }, + "osDisk": { + "caching": "ReadOnly", + "createOption": "FromImage", + "diskSizeGB": 30, + "name": "testvm10.vhd", + "osType": "Linux", + "vhd": { + "uri": "https://testvm103335.blob.core.windows.net/vhds/testvm10.vhd" + } + } + }, + "vmId": "052c538f-3b0a-4c06-9996-8f8a32bb208f" + }, + "resources": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10/extensions/myvmextension", + "location": "australiasoutheast", + "name": "myvmextension", + "properties": { + "autoUpgradeMinorVersion": true, + "provisioningState": "Succeeded", + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "commandToExecute": "hostname" + }, + "type": "CustomScript", + "typeHandlerVersion": "2.0" + }, + "type": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "tags": { + "_own_nic_": "testvm1001", + "_own_nsg_": "testvm1001", + "_own_pip_": "testvm1001", + "_own_sa_": "testvm103335" + }, + "type": "Microsoft.Compute/virtualMachines" + } + ], + "status": "SUCCESS", + "url": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.compute/virtualMachines/testvm10" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * url: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.compute/virtualMachines/testvm10 +> * ## Response +> * ## Testvm10 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10 +> * location: australiasoutheast +> * name: testvm10 +> * type: Microsoft.Compute/virtualMachines +> * ### Properties +> * provisioningState: Succeeded +> * vmId: 052c538f-3b0a-4c06-9996-8f8a32bb208f +> * #### Hardwareprofile +> * vmSize: Standard_B2ms +> * #### Networkprofile +> * ##### Networkinterfaces +> * ##### /Subscriptions/11111111-1111-1111-1111-111111111111/Resourcegroups/Myresourcegroup/Providers/Microsoft.Network/Networkinterfaces/Testvm1001 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/testvm1001 +> * ###### Properties +> * primary: True +> * #### Osprofile +> * adminUsername: exampleadmin +> * allowExtensionOperations: True +> * computerName: testvm10 +> * requireGuestProvisionSignal: True +> * ##### Linuxconfiguration +> * disablePasswordAuthentication: False +> * provisionVMAgent: True +> * ###### Patchsettings +> * assessmentMode: ImageDefault +> * patchMode: ImageDefault +> * ##### Secrets +> * #### Storageprofile +> * ##### Datadisks +> * ##### Imagereference +> * exactVersion: 0.20210329.591 +> * offer: debian-10 +> * publisher: Debian +> * sku: 10 +> * version: 0.20210329.591 +> * ##### Osdisk +> * caching: ReadOnly +> * createOption: FromImage +> * diskSizeGB: 30 +> * name: testvm10.vhd +> * osType: Linux +> * ###### Vhd +> * uri: https://testvm103335.blob.core.windows.net/vhds/testvm10.vhd +> * ### Resources +> * ### Myvmextension +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10/extensions/myvmextension +> * location: australiasoutheast +> * name: myvmextension +> * type: Microsoft.Compute/virtualMachines/extensions +> * #### Properties +> * autoUpgradeMinorVersion: True +> * provisioningState: Succeeded +> * publisher: Microsoft.Azure.Extensions +> * type: CustomScript +> * typeHandlerVersion: 2.0 +> * ##### Settings +> * commandToExecute: hostname +> * ### Tags +> * _own_nic_: testvm1001 +> * _own_nsg_: testvm1001 +> * _own_pip_: testvm1001 +> * _own_sa_: testvm103335 + + +### azure-rm-resourcegroup +*** +Manage Azure resource groups +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_resourcegroup_module.html + + +#### Base Command + +`azure-rm-resourcegroup` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| force_delete_nonempty | Remove a resource group and all associated resources.
Use with `state=absent` to delete a resource group that contains resources. Default is no. | Optional | +| location | Azure location for the resource group. Required when creating a new resource group.
Cannot be changed once resource group is created. | Optional | +| name | Name of the resource group. | Required | +| state | Assert the state of the resource group. Use `present` to create or update and `absent` to delete.
When `absent` a resource group containing resources will not be removed unless the `force` option is used. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmResourcegroup.contains_resources | boolean | Whether or not the resource group contains associated resources. | +| Azure.AzureRmResourcegroup.state | unknown | Current state of the resource group. | + + +#### Command Example +```!azure-rm-resourcegroup name="myResourceGroup" location="australiasoutheast" tags="{\"testing\": \"testing\", \"delete\": \"never\"}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmResourcegroup": [ + { + "changed": true, + "contains_resources": false, + "state": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup", + "location": "australiasoutheast", + "name": "myResourceGroup", + "provisioning_state": "Succeeded", + "tags": { + "delete": "never", + "testing": "testing" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * contains_resources: False +> * ## State +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup +> * location: australiasoutheast +> * name: myResourceGroup +> * provisioning_state: Succeeded +> * ### Tags +> * delete: never +> * testing: testing + + +### azure-rm-resourcegroup-info +*** +Get resource group facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_resourcegroup_info_module.html + + +#### Base Command + +`azure-rm-resourcegroup-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific resource group. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| list_resources | List all resources under the resource group.
Note this will cost network overhead for each resource group. Suggest use this when `name` set. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmResourcegroupInfo.azure_resourcegroups | unknown | List of resource group dicts. | + + +#### Command Example +```!azure-rm-resourcegroup-info name="myResourceGroup" location="australiasoutheast"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmResourcegroupInfo": [ + { + "changed": false, + "resourcegroups": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup", + "location": "australiasoutheast", + "name": "myResourceGroup", + "properties": { + "provisioningState": "Succeeded" + }, + "tags": { + "delete": "never", + "testing": "testing" + } + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Resourcegroups +> * ## Myresourcegroup +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup +> * location: australiasoutheast +> * name: myResourceGroup +> * ### Properties +> * provisioningState: Succeeded +> * ### Tags +> * delete: never +> * testing: testing + + +### azure-rm-snapshot +*** +Manage Azure Snapshot instance. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_snapshot_module.html + + +#### Base Command + +`azure-rm-snapshot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| name | Resource name. | Optional | +| location | Resource location. | Optional | +| sku | SKU. | Optional | +| os_type | The Operating System type. Possible values are: Linux, Windows. | Optional | +| creation_data | Disk source information. CreationData information cannot be changed after the disk has been created. | Optional | +| state | Assert the state of the Snapshot.
Use `present` to create or update an Snapshot and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmSnapshot.id | string | Resource Id | + + +#### Command Example +```!azure-rm-snapshot resource_group="myResourceGroup" name="mySnapshot" creation_data="{\"create_option\": \"Copy\", \"source_uri\": \"/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/MYRESOURCEGROUP/providers/Microsoft.Compute/disks/mymanageddisk\"}" state="present" append_tags="Yes"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmSnapshot": [ + { + "changed": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/snapshots/mySnapshot", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/snapshots/mySnapshot + + + +### azure-rm-virtualmachine +*** +Manage Azure virtual machines +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachine_module.html + + +#### Base Command + +`azure-rm-virtualmachine` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of the resource group containing the VM. | Required | +| name | Name of the VM. | Required | +| custom_data | Data made available to the VM and used by `cloud-init`.
Only used on Linux images with `cloud-init` enabled.
Consult `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/using-cloud-init#cloud-init-overview` for cloud-init ready images.
To enable cloud-init on a Linux image, follow `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/cloudinit-prepare-custom-image`. | Optional | +| state | State of the VM.
Set to `present` to create a VM with the configuration specified by other options, or to update the configuration of an existing VM.
Set to `absent` to remove a VM.
Does not affect power state. Use `started`/`allocated`/`restarted` parameters to change the power state of a VM. Possible values are: absent, present. Default is present. | Optional | +| started | Whether the VM is started or stopped.
Set to (true) with `state=present` to start the VM.
Set to `false` to stop the VM. Possible values are: Yes, No. Default is Yes. | Optional | +| allocated | Whether the VM is allocated or deallocated, only useful with `state=present`. Possible values are: Yes, No. Default is Yes. | Optional | +| generalized | Whether the VM is generalized or not.
Set to `true` with `state=present` to generalize the VM.
Generalizing a VM is irreversible. | Optional | +| restarted | Set to `true` with `state=present` to restart a running VM. | Optional | +| location | Valid Azure location for the VM. Defaults to location of the resource group. | Optional | +| short_hostname | Name assigned internally to the host. On a Linux VM this is the name returned by the `hostname` command.
When creating a VM, short_hostname defaults to `name`. | Optional | +| vm_size | A valid Azure VM size value. For example, `Standard_D4`.
Choices vary depending on the subscription and location. Check your subscription for available choices.
Required when creating a VM. | Optional | +| admin_username | Admin username used to access the VM after it is created.
Required when creating a VM. | Optional | +| admin_password | Password for the admin username.
Not required if the `os_type=Linux` and SSH password authentication is disabled by setting `ssh_password_enabled=false`. | Optional | +| ssh_password_enabled | Whether to enable or disable SSH passwords.
When `os_type=Linux`, set to `false` to disable SSH password authentication and require use of SSH keys. Possible values are: Yes, No. Default is Yes. | Optional | +| ssh_public_keys | For `os_type=Linux` provide a list of SSH keys.
Accepts a list of dicts where each dictionary contains two keys, `path` and `key_data`.
Set `path` to the default location of the authorized_keys files. For example, `path=/home/<admin username>/.ssh/authorized_keys`.
Set `key_data` to the actual value of the public key. | Optional | +| image | The image used to build the VM.
For custom images, the name of the image. To narrow the search to a specific resource group, a dict with the keys `name` and `resource_group`.
For Marketplace images, a dict with the keys `publisher`, `offer`, `sku`, and `version`.
Set `version=latest` to get the most recent version of a given image. | Required | +| availability_set | Name or ID of an existing availability set to add the VM to. The `availability_set` should be in the same resource group as VM. | Optional | +| storage_account_name | Name of a storage account that supports creation of VHD blobs.
If not specified for a new VM, a new storage account named <vm name>01 will be created using storage type `Standard_LRS`. | Optional | +| storage_container_name | Name of the container to use within the storage account to store VHD blobs.
If not specified, a default container will be created. Default is vhds. | Optional | +| storage_blob_name | Name of the storage blob used to hold the OS disk image of the VM.
Must end with '.vhd'.
If not specified, defaults to the VM name + '.vhd'. | Optional | +| managed_disk_type | Managed OS disk type.
Create OS disk with managed disk if defined.
If not defined, the OS disk will be created with virtual hard disk (VHD). Possible values are: Standard_LRS, StandardSSD_LRS, Premium_LRS. | Optional | +| os_disk_name | OS disk name. | Optional | +| os_disk_caching | Type of OS disk caching. Possible values are: ReadOnly, ReadWrite. Default is ReadOnly. | Optional | +| os_disk_size_gb | Type of OS disk size in GB. | Optional | +| os_type | Base type of operating system. Possible values are: Windows, Linux. Default is Linux. | Optional | +| data_disks | Describes list of data disks.
Use `azure_rm_mangeddisk` to manage the specific disk. | Optional | +| public_ip_allocation_method | Allocation method for the public IP of the VM.
Used only if a network interface is not specified.
When set to `Dynamic`, the public IP address may change any time the VM is rebooted or power cycled.
The `Disabled` choice was added in Ansible 2.6. Possible values are: Dynamic, Static, Disabled. Default is Static. | Optional | +| open_ports | List of ports to open in the security group for the VM, when a security group and network interface are created with a VM.
For Linux hosts, defaults to allowing inbound TCP connections to port 22.
For Windows hosts, defaults to opening ports 3389 and 5986. | Optional | +| network_interface_names | Network interface names to add to the VM.
Can be a string of name or resource ID of the network interface.
Can be a dict containing `resource_group` and `name` of the network interface.
If a network interface name is not provided when the VM is created, a default network interface will be created.
To create a new network interface, at least one Virtual Network with one Subnet must exist. | Optional | +| virtual_network_resource_group | The resource group to use when creating a VM with another resource group's virtual network. | Optional | +| virtual_network_name | The virtual network to use when creating a VM.
If not specified, a new network interface will be created and assigned to the first virtual network found in the resource group.
Use with `virtual_network_resource_group` to place the virtual network in another resource group. | Optional | +| subnet_name | Subnet for the VM.
Defaults to the first subnet found in the virtual network or the subnet of the `network_interface_name`, if provided.
If the subnet is in another resource group, specify the resource group with `virtual_network_resource_group`. | Optional | +| remove_on_absent | Associated resources to remove when removing a VM using `state=absent`.
To remove all resources related to the VM being removed, including auto-created resources, set to `all`.
To remove only resources that were automatically created while provisioning the VM being removed, set to `all_autocreated`.
To remove only specific resources, set to `network_interfaces`, `virtual_storage` or `public_ips`.
Any other input will be ignored. Default is ['all']. | Optional | +| plan | Third-party billing plan for the VM. | Optional | +| accept_terms | Accept terms for Marketplace images that require it.
Only Azure service admin/account admin users can purchase images from the Marketplace.
Only valid when a `plan` is specified. Possible values are: Yes, No. Default is No. | Optional | +| zones | A list of Availability Zones for your VM. | Optional | +| license_type | On-premise license for the image or disk.
Only used for images that contain the Windows Server operating system.
To remove all license type settings, set to the string `None`. Possible values are: Windows_Server, Windows_Client. | Optional | +| vm_identity | Identity for the VM. Possible values are: SystemAssigned. | Optional | +| winrm | List of Windows Remote Management configurations of the VM. | Optional | +| boot_diagnostics | Manage boot diagnostics settings for a VM.
Boot diagnostics includes a serial console and remote console screenshots. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachine.powerstate | string | Indicates if the state is \`running\`, \`stopped\`, \`deallocated\`, \`generalized\`. | +| Azure.AzureRmVirtualmachine.deleted_vhd_uris | unknown | List of deleted Virtual Hard Disk URIs. | +| Azure.AzureRmVirtualmachine.deleted_network_interfaces | unknown | List of deleted NICs. | +| Azure.AzureRmVirtualmachine.deleted_public_ips | unknown | List of deleted public IP address names. | +| Azure.AzureRmVirtualmachine.azure_vm | unknown | Facts about the current state of the object. Note that facts are not part of the registered output but available directly. | + + +#### Command Example +```!azure-rm-virtualmachine resource_group="myResourceGroup" name="testvm10" state="present" started="Yes" allocated="No" admin_username="exampleadmin" admin_password="CHANGEME" ssh_password_enabled="Yes" image="{{ {'offer': 'debian-10', 'publisher': 'Debian', 'sku': '10','version': 'latest'} }}" vm_size=Standard_B2ms``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachine": [ + { + "changed": true, + "powerstate_change": null, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * powerstate_change: None + + +### azure-rm-virtualmachine-info +*** +Get virtual machine facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachine_info_module.html + + +#### Base Command + +`azure-rm-virtualmachine-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of the resource group containing the virtual machines (required when filtering by vm name). | Optional | +| name | Name of the virtual machine. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachineInfo.vms | unknown | List of virtual machines. | + + +#### Command Example +```!azure-rm-virtualmachine-info resource_group="myResourceGroup"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachineInfo": [ + { + "changed": false, + "status": "SUCCESS", + "vms": [ + { + "admin_username": "exampleadmin", + "boot_diagnostics": { + "enabled": false, + "storage_uri": false + }, + "data_disks": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/simpleLinuxVM", + "image": { + "offer": "UbuntuServer", + "publisher": "Canonical", + "sku": "18.04-LTS", + "version": "latest" + }, + "location": "australiasoutheast", + "name": "simpleLinuxVM", + "network_interface_names": [ + "simpleLinuxVMNetInt" + ], + "os_disk_caching": "ReadWrite", + "os_type": "Linux", + "power_state": "running", + "resource_group": "myResourceGroup", + "state": "present", + "tags": null, + "vm_size": "Standard_B2s" + }, + { + "admin_username": "exampleadmin", + "boot_diagnostics": { + "enabled": false, + "storage_uri": false + }, + "data_disks": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10", + "image": { + "offer": "debian-10", + "publisher": "Debian", + "sku": "10", + "version": "0.20210329.591" + }, + "location": "australiasoutheast", + "name": "testvm10", + "network_interface_names": [ + "testvm1001" + ], + "os_disk_caching": "ReadOnly", + "os_type": "Linux", + "power_state": "running", + "resource_group": "myResourceGroup", + "state": "present", + "storage_account_name": "testvm103335", + "storage_blob_name": "testvm10.vhd", + "storage_container_name": "vhds", + "tags": { + "_own_nic_": "testvm1001", + "_own_nsg_": "testvm1001", + "_own_pip_": "testvm1001", + "_own_sa_": "testvm103335" + }, + "vm_size": "Standard_B2ms" + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Vms +> * ## Exampleadmin +> * admin_username: exampleadmin +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/simpleLinuxVM +> * location: australiasoutheast +> * name: simpleLinuxVM +> * os_disk_caching: ReadWrite +> * os_type: Linux +> * power_state: running +> * resource_group: myResourceGroup +> * state: present +> * tags: None +> * vm_size: Standard_B2s +> * ### Boot_Diagnostics +> * enabled: False +> * storage_uri: False +> * ### Data_Disks +> * ### Image +> * offer: UbuntuServer +> * publisher: Canonical +> * sku: 18.04-LTS +> * version: latest +> * ### Network_Interface_Names +> * 0: simpleLinuxVMNetInt +> * ## Exampleadmin +> * admin_username: exampleadmin +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10 +> * location: australiasoutheast +> * name: testvm10 +> * os_disk_caching: ReadOnly +> * os_type: Linux +> * power_state: running +> * resource_group: myResourceGroup +> * state: present +> * storage_account_name: testvm103335 +> * storage_blob_name: testvm10.vhd +> * storage_container_name: vhds +> * vm_size: Standard_B2ms +> * ### Boot_Diagnostics +> * enabled: False +> * storage_uri: False +> * ### Data_Disks +> * ### Image +> * offer: debian-10 +> * publisher: Debian +> * sku: 10 +> * version: 0.20210329.591 +> * ### Network_Interface_Names +> * 0: testvm1001 +> * ### Tags +> * _own_nic_: testvm1001 +> * _own_nsg_: testvm1001 +> * _own_pip_: testvm1001 +> * _own_sa_: testvm103335 + + +### azure-rm-virtualmachineextension +*** +Managed Azure Virtual Machine extension +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachineextension_module.html + + +#### Base Command + +`azure-rm-virtualmachineextension` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the vm extension exists or will be created. | Required | +| name | Name of the vm extension. | Required | +| state | State of the vm extension. Use `present` to create or update a vm extension and `absent` to delete a vm extension. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| virtual_machine_name | The name of the virtual machine where the extension should be create or updated. | Optional | +| publisher | The name of the extension handler publisher. | Optional | +| virtual_machine_extension_type | The type of the extension handler. | Optional | +| type_handler_version | The type version of the extension handler. | Optional | +| settings | Json formatted public settings for the extension. | Optional | +| protected_settings | Json formatted protected settings for the extension. | Optional | +| auto_upgrade_minor_version | Whether the extension handler should be automatically upgraded across minor versions. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachineextension.state | unknown | Current state of the vm extension. | +| Azure.AzureRmVirtualmachineextension.changed | boolean | Whether or not the resource has changed. | + + +#### Command Example +```!azure-rm-virtualmachineextension name="myvmextension" location="australiasoutheast" resource_group="myResourceGroup" virtual_machine_name="testvm10" publisher="Microsoft.Azure.Extensions" virtual_machine_extension_type="CustomScript" type_handler_version="2.0" settings="{\"commandToExecute\": \"hostname\"}" auto_upgrade_minor_version="True" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachineextension": [ + { + "changed": true, + "state": { + "auto_upgrade_minor_version": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10/extensions/myvmextension", + "location": "australiasoutheast", + "name": "myvmextension", + "protected_settings": null, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "commandToExecute": "hostname" + }, + "type_handler_version": "2.0", + "virtual_machine_extension_type": "CustomScript" + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## State +> * auto_upgrade_minor_version: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10/extensions/myvmextension +> * location: australiasoutheast +> * name: myvmextension +> * protected_settings: None +> * publisher: Microsoft.Azure.Extensions +> * type_handler_version: 2.0 +> * virtual_machine_extension_type: CustomScript +> * ### Settings +> * commandToExecute: hostname + + +### azure-rm-virtualmachineextension-info +*** +Get Azure Virtual Machine Extension facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachineextension_info_module.html + + +#### Base Command + +`azure-rm-virtualmachineextension-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| virtual_machine_name | The name of the virtual machine containing the extension. | Required | +| name | The name of the virtual machine extension. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachineextensionInfo.extensions | unknown | A list of dictionaries containing facts for Virtual Machine Extension. | + + +#### Command Example +```!azure-rm-virtualmachineextension-info resource_group="myResourceGroup" virtual_machine_name="testvm10" name="myvmextension" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachineextensionInfo": [ + { + "changed": false, + "extensions": [ + { + "auto_upgrade_minor_version": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10/extensions/myvmextension", + "location": "australiasoutheast", + "name": "myvmextension", + "provisioning_state": "Succeeded", + "publisher": "Microsoft.Azure.Extensions", + "resource_group": "myResourceGroup", + "settings": { + "commandToExecute": "hostname" + }, + "tags": null, + "type": "CustomScript", + "virtual_machine_name": "testvm10" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Extensions +> * ## Myvmextension +> * auto_upgrade_minor_version: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/testvm10/extensions/myvmextension +> * location: australiasoutheast +> * name: myvmextension +> * provisioning_state: Succeeded +> * publisher: Microsoft.Azure.Extensions +> * resource_group: myResourceGroup +> * tags: None +> * type: CustomScript +> * virtual_machine_name: testvm10 +> * ### Settings +> * commandToExecute: hostname + + +### azure-rm-virtualmachineimage-info +*** +Get virtual machine image facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachineimage_info_module.html + + +#### Base Command + +`azure-rm-virtualmachineimage-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| location | Azure location value, for example `westus`, `eastus`, `eastus2`, `northcentralus`, etc.
Supplying only a location value will yield a list of available publishers for the location. | Required | +| publisher | Name of an image publisher. List image offerings associated with a particular publisher. | Optional | +| offer | Name of an image offering. Combine with SKU to see a list of available image versions. | Optional | +| sku | Image offering SKU. Combine with offer to see a list of available versions. | Optional | +| version | Specific version number of an image. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachineimageInfo.azure_vmimages | unknown | List of image dicts. | + + +#### Command Example +```!azure-rm-virtualmachineimage-info location="australiasoutheast" publisher="Debian" offer="debian-10" sku="10" version=0.20190705.396``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachineimageInfo": [ + { + "changed": false, + "status": "SUCCESS", + "vmimages": [ + { + "id": "/Subscriptions/11111111-1111-1111-1111-111111111111/Providers/Microsoft.Compute/Locations/australiasoutheast/Publishers/Debian/ArtifactTypes/VMImage/Offers/debian-10/Skus/10/Versions/0.20190705.396", + "location": "australiasoutheast", + "name": "0.20190705.396", + "properties": { + "automaticOSUpgradeProperties": { + "automaticOSUpgradeSupported": false + }, + "dataDiskImages": [], + "hyperVGeneration": "V1", + "osDiskImage": { + "operatingSystem": "Linux" + } + } + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Vmimages +> * ## 0.20190705.396 +> * id: /Subscriptions/11111111-1111-1111-1111-111111111111/Providers/Microsoft.Compute/Locations/australiasoutheast/Publishers/Debian/ArtifactTypes/VMImage/Offers/debian-10/Skus/10/Versions/0.20190705.396 +> * location: australiasoutheast +> * name: 0.20190705.396 +> * ### Properties +> * hyperVGeneration: V1 +> * #### Automaticosupgradeproperties +> * automaticOSUpgradeSupported: False +> * #### Datadiskimages +> * #### Osdiskimage +> * operatingSystem: Linux + + +### azure-rm-virtualmachinescaleset +*** +Manage Azure virtual machine scale sets +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescaleset_module.html + + +#### Base Command + +`azure-rm-virtualmachinescaleset` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of the resource group containing the virtual machine scale set. | Required | +| name | Name of the virtual machine. | Required | +| state | Assert the state of the virtual machine scale set.
State `present` will check that the machine exists with the requested configuration. If the configuration of the existing machine does not match, the machine will be updated.
State `absent` will remove the virtual machine scale set. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| short_hostname | Short host name. | Optional | +| vm_size | A valid Azure VM size value. For example, `Standard_D4`.
The list of choices varies depending on the subscription and location. Check your subscription for available choices. | Optional | +| capacity | Capacity of VMSS. Default is 1. | Optional | +| tier | SKU Tier. Possible values are: Basic, Standard. | Optional | +| upgrade_policy | Upgrade policy.
Required when creating the Azure virtual machine scale sets. Possible values are: Manual, Automatic. | Optional | +| admin_username | Admin username used to access the host after it is created. Required when creating a VM. | Optional | +| admin_password | Password for the admin username.
Not required if the os_type is Linux and SSH password authentication is disabled by setting `ssh_password_enabled=false`. | Optional | +| ssh_password_enabled | When the os_type is Linux, setting `ssh_password_enabled=false` will disable SSH password authentication and require use of SSH keys. Possible values are: Yes, No. Default is Yes. | Optional | +| ssh_public_keys | For `os_type=Linux` provide a list of SSH keys.
Each item in the list should be a dictionary where the dictionary contains two keys, `path` and `key_data`.
Set the `path` to the default location of the authorized_keys files.
On an Enterprise Linux host, for example, the `path=/home/<admin username>/.ssh/authorized_keys`. Set `key_data` to the actual value of the public key. | Optional | +| image | Specifies the image used to build the VM.
If a string, the image is sourced from a custom image based on the name.
If a dict with the keys `publisher`, `offer`, `sku`, and `version`, the image is sourced from a Marketplace image. Note that set `version=latest` to get the most recent version of a given image.
If a dict with the keys `name` and `resource_group`, the image is sourced from a custom image based on the `name` and `resource_group` set. Note that the key `resource_group` is optional and if omitted, all images in the subscription will be searched for by `name`.
Custom image support was added in Ansible 2.5. | Required | +| os_disk_caching | Type of OS disk caching. Possible values are: ReadOnly, ReadWrite. Default is ReadOnly. | Optional | +| os_type | Base type of operating system. Possible values are: Windows, Linux. Default is Linux. | Optional | +| managed_disk_type | Managed disk type. Possible values are: Standard_LRS, Premium_LRS. | Optional | +| data_disks | Describes list of data disks. | Optional | +| virtual_network_resource_group | When creating a virtual machine, if a specific virtual network from another resource group should be used.
Use this parameter to specify the resource group to use. | Optional | +| virtual_network_name | Virtual Network name. | Optional | +| subnet_name | Subnet name. | Optional | +| load_balancer | Load balancer name. | Optional | +| application_gateway | Application gateway name. | Optional | +| remove_on_absent | When removing a VM using `state=absent`, also remove associated resources.
It can be `all` or a list with any of the following ['network_interfaces', 'virtual_storage', 'public_ips'].
Any other input will be ignored. Default is ['all']. | Optional | +| enable_accelerated_networking | Indicates whether user wants to allow accelerated networking for virtual machines in scaleset being created. | Optional | +| security_group | Existing security group with which to associate the subnet.
It can be the security group name which is in the same resource group.
It can be the resource ID.
It can be a dict which contains `name` and `resource_group` of the security group. | Optional | +| overprovision | Specifies whether the Virtual Machine Scale Set should be overprovisioned. Possible values are: Yes, No. Default is Yes. | Optional | +| single_placement_group | When true this limits the scale set to a single placement group, of max size 100 virtual machines. Possible values are: Yes, No. Default is Yes. | Optional | +| zones | A list of Availability Zones for your virtual machine scale set. | Optional | +| custom_data | Data which is made available to the virtual machine and used by e.g., `cloud-init`.
Many images in the marketplace are not cloud-init ready. Thus, data sent to `custom_data` would be ignored.
If the image you are attempting to use is not listed in `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/using-cloud-init#cloud-init-overview`, follow these steps `https://docs.microsoft.com/en-us/azure/virtual-machines/linux/cloudinit-prepare-custom-image`. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachinescaleset.azure_vmss | unknown | Facts about the current state of the object. +Note that facts are not part of the registered output but available directly. | + + +#### Command Example +```!azure-rm-virtualmachinescaleset resource_group="myResourceGroup" name="testvmss" vm_size="Standard_DS1_v2" capacity="2" virtual_network_name="vnet" upgrade_policy="Manual" subnet_name="subnet" admin_username="adminUser" ssh_password_enabled=Yes admin_password="CHANGEME" managed_disk_type="Standard_LRS" image="{{ {'offer': 'debian-10', 'publisher': 'Debian', 'sku': '10','version': 'latest'} }}"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachinescaleset": [ + { + "changed": true, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True + + +### azure-rm-virtualmachinescaleset-info +*** +Get Virtual Machine Scale Set facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescaleset_info_module.html + + +#### Base Command + +`azure-rm-virtualmachinescaleset-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific virtual machine scale set. | Optional | +| resource_group | The resource group to search for the desired virtual machine scale set. | Optional | +| tags | List of tags to be matched. | Optional | +| format | Format of the data returned.
If `raw` is selected information will be returned in raw format from Azure Python SDK.
If `curated` is selected the structure will be identical to input parameters of `azure_rm_virtualmachinescaleset` module.
In Ansible 2.5 and lower facts are always returned in raw format.
Please note that this option will be deprecated in 2.10 when curated format will become the only supported format. Possible values are: curated, raw. Default is raw. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachinescalesetInfo.vmss | unknown | List of virtual machine scale sets. | + + +#### Command Example +```!azure-rm-virtualmachinescaleset-info resource_group="myResourceGroup" name="testvmss" format="curated"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachinescalesetInfo": [ + { + "changed": false, + "status": "SUCCESS", + "vmss": [ + { + "admin_password": null, + "admin_username": "adminUser", + "capacity": 2, + "data_disks": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss", + "image": { + "offer": "debian-10", + "publisher": "Debian", + "sku": "10", + "version": "0.20210329.591" + }, + "load_balancer": null, + "location": "australiasoutheast", + "managed_disk_type": "Standard_LRS", + "name": "testvmss", + "os_disk_caching": "ReadOnly", + "os_type": "Linux", + "overprovision": true, + "resource_group": "myResourceGroup", + "ssh_password_enabled": true, + "state": "present", + "subnet_name": "Subnet", + "tags": null, + "tier": "Standard", + "upgrade_policy": "Manual", + "virtual_network_name": null, + "vm_size": "Standard_DS1_v2" + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Vmss +> * ## Adminuser +> * admin_password: None +> * admin_username: adminUser +> * capacity: 2 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss +> * load_balancer: None +> * location: australiasoutheast +> * managed_disk_type: Standard_LRS +> * name: testvmss +> * os_disk_caching: ReadOnly +> * os_type: Linux +> * overprovision: True +> * resource_group: myResourceGroup +> * ssh_password_enabled: True +> * state: present +> * subnet_name: Subnet +> * tags: None +> * tier: Standard +> * upgrade_policy: Manual +> * virtual_network_name: None +> * vm_size: Standard_DS1_v2 +> * ### Data_Disks +> * ### Image +> * offer: debian-10 +> * publisher: Debian +> * sku: 10 +> * version: 0.20210329.591 + + +### azure-rm-virtualmachinescalesetextension +*** +Manage Azure Virtual Machine Scale Set (VMSS) extensions +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetextension_module.html + + +#### Base Command + +`azure-rm-virtualmachinescalesetextension` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the VMSS extension exists or will be created. | Required | +| vmss_name | The name of the virtual machine where the extension should be create or updated. | Required | +| name | Name of the VMSS extension. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| publisher | The name of the extension handler publisher. | Optional | +| type | The type of the extension handler. | Optional | +| type_handler_version | The type version of the extension handler. | Optional | +| settings | A dictionary containing extension settings.
Settings depend on extension type.
Refer to `https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/overview` for more information. | Optional | +| protected_settings | A dictionary containing protected extension settings.
Settings depend on extension type.
Refer to `https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/overview` for more information. | Optional | +| auto_upgrade_minor_version | Whether the extension handler should be automatically upgraded across minor versions. | Optional | +| state | Assert the state of the extension.
Use `present` to create or update an extension and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachinescalesetextension.id | string | VMSS extension resource ID. | + + +#### Command Example +```!azure-rm-virtualmachinescalesetextension name="myvmssextension" location="australiasoutheast" resource_group="myResourceGroup" vmss_name="testvmss" publisher="Microsoft.Azure.Extensions" type="CustomScript" type_handler_version="2.0" settings="{\"commandToExecute\": \"hostname\"}" auto_upgrade_minor_version="True" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachinescalesetextension": [ + { + "changed": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/extensions/myvmssextension", + "state": {}, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/extensions/myvmssextension +> * ## State + + +### azure-rm-virtualmachinescalesetextension-info +*** +Get Azure Virtual Machine Scale Set Extension facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetextension_info_module.html + + +#### Base Command + +`azure-rm-virtualmachinescalesetextension-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| vmss_name | The name of VMSS containing the extension. | Required | +| name | The name of the virtual machine extension. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachinescalesetextensionInfo.extensions | unknown | A list of dictionaries containing facts for Virtual Machine Extension. | + + +#### Command Example +```!azure-rm-virtualmachinescalesetextension-info resource_group="myResourceGroup" vmss_name="testvmss" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachinescalesetextensionInfo": [ + { + "changed": false, + "extensions": [ + { + "auto_upgrade_minor_version": true, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/extensions/myvmssextension", + "name": "myvmssextension", + "provisioning_state": "Creating", + "publisher": "Microsoft.Azure.Extensions", + "resource_group": "myResourceGroup", + "settings": { + "commandToExecute": "hostname" + }, + "type": "CustomScript", + "vmss_name": "testvmss" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Extensions +> * ## Myvmssextension +> * auto_upgrade_minor_version: True +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/extensions/myvmssextension +> * name: myvmssextension +> * provisioning_state: Creating +> * publisher: Microsoft.Azure.Extensions +> * resource_group: myResourceGroup +> * type: CustomScript +> * vmss_name: testvmss +> * ### Settings +> * commandToExecute: hostname + + +### azure-rm-virtualmachinescalesetinstance +*** +Get Azure Virtual Machine Scale Set Instance facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetinstance_module.html + + +#### Base Command + +`azure-rm-virtualmachinescalesetinstance` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| vmss_name | The name of the VM scale set. | Required | +| instance_id | The instance ID of the virtual machine. | Required | +| latest_model | Set to `yes` to upgrade to the latest model. | Optional | +| power_state | Use this option to change power state of the instance. Possible values are: running, stopped, deallocated. | Required | +| state | State of the VMSS instance. Use `present` to update an instance and `absent` to delete an instance. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachinescalesetinstance.instances | unknown | A list of instances. | + + +#### Command Example +```!azure-rm-virtualmachinescalesetinstance resource_group="myResourceGroup" vmss_name="testvmss" instance_id="2" latest_model="True" power_state=running``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachinescalesetinstance": [ + { + "changed": false, + "instances": [], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Instances + + +### azure-rm-virtualmachinescalesetinstance-info +*** +Get Azure Virtual Machine Scale Set Instance facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualmachinescalesetinstance_info_module.html + + +#### Base Command + +`azure-rm-virtualmachinescalesetinstance-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| vmss_name | The name of the VM scale set. | Required | +| instance_id | The instance ID of the virtual machine. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualmachinescalesetinstanceInfo.instances | unknown | A list of dictionaries containing facts for Virtual Machine Scale Set VM. | + + +#### Command Example +```!azure-rm-virtualmachinescalesetinstance-info resource_group="myResourceGroup" vmss_name="testvmss"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualmachinescalesetinstanceInfo": [ + { + "changed": false, + "instances": [ + { + "computer_name": "testvmss000001", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/virtualMachines/1", + "image_reference": { + "offer": "debian-10", + "publisher": "Debian", + "sku": "10", + "version": "0.20210329.591" + }, + "instance_id": "1", + "latest_model": false, + "name": "testvmss_1", + "power_state": "running", + "provisioning_state": "Succeeded", + "resource_group": "myResourceGroup", + "tags": null, + "vm_id": "a5d531ad-8a0d-4a06-a5ed-e19ab6536177" + }, + { + "computer_name": "testvmss000003", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/virtualMachines/3", + "image_reference": { + "offer": "debian-10", + "publisher": "Debian", + "sku": "10", + "version": "0.20210329.591" + }, + "instance_id": "3", + "latest_model": false, + "name": "testvmss_3", + "power_state": "running", + "provisioning_state": "Succeeded", + "resource_group": "myResourceGroup", + "tags": null, + "vm_id": "cf99d90e-2358-4373-adc3-f2d5d181e9a1" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Instances +> * ## Testvmss000001 +> * computer_name: testvmss000001 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/virtualMachines/1 +> * instance_id: 1 +> * latest_model: False +> * name: testvmss_1 +> * power_state: running +> * provisioning_state: Succeeded +> * resource_group: myResourceGroup +> * tags: None +> * vm_id: a5d531ad-8a0d-4a06-a5ed-e19ab6536177 +> * ### Image_Reference +> * offer: debian-10 +> * publisher: Debian +> * sku: 10 +> * version: 0.20210329.591 +> * ## Testvmss000003 +> * computer_name: testvmss000003 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss/virtualMachines/3 +> * instance_id: 3 +> * latest_model: False +> * name: testvmss_3 +> * power_state: running +> * provisioning_state: Succeeded +> * resource_group: myResourceGroup +> * tags: None +> * vm_id: cf99d90e-2358-4373-adc3-f2d5d181e9a1 +> * ### Image_Reference +> * offer: debian-10 +> * publisher: Debian +> * sku: 10 +> * version: 0.20210329.591 + + +### azure-rm-webapp +*** +Manage Web App instances +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_webapp_module.html + + +#### Base Command + +`azure-rm-webapp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of the resource group to which the resource belongs. | Required | +| name | Unique name of the app to create or update. To create or update a deployment slot, use the {slot} parameter. | Required | +| location | Resource location. If not set, location from the resource group will be used as default. | Optional | +| plan | App service plan. Required for creation.
Can be name of existing app service plan in same resource group as web app.
Can be the resource ID of an existing app service plan. For example /subscriptions/<subs_id>/resourceGroups/<resource_group>/providers/Microsoft.Web/serverFarms/<plan_name>.
Can be a dict containing five parameters, defined below.
`name`, name of app service plan.
`resource_group`, resource group of the app service plan.
`sku`, SKU of app service plan, allowed values listed on `https://azure.microsoft.com/en-us/pricing/details/app-service/linux/`.
`is_linux`, whether or not the app service plan is Linux. defaults to `False`.
`number_of_workers`, number of workers for app service plan. | Optional | +| frameworks | Set of run time framework settings. Each setting is a dictionary.
See `https://docs.microsoft.com/en-us/azure/app-service/app-service-web-overview` for more info. | Optional | +| container_settings | Web app container settings. | Optional | +| scm_type | Repository type of deployment source, for example `LocalGit`, `GitHub`.
List of supported values maintained at `https://docs.microsoft.com/en-us/rest/api/appservice/webapps/createorupdate#scmtype`. | Optional | +| deployment_source | Deployment source for git. | Optional | +| startup_file | The web's startup file.
Used only for Linux web apps. | Optional | +| client_affinity_enabled | Whether or not to send session affinity cookies, which route client requests in the same session to the same instance. Possible values are: Yes, No. Default is Yes. | Optional | +| https_only | Configures web site to accept only https requests. | Optional | +| dns_registration | Whether or not the web app hostname is registered with DNS on creation. Set to `false` to register. | Optional | +| skip_custom_domain_verification | Whether or not to skip verification of custom (non *.azurewebsites.net) domains associated with web app. Set to `true` to skip. | Optional | +| ttl_in_seconds | Time to live in seconds for web app default domain name. | Optional | +| app_settings | Configure web app application settings. Suboptions are in key value pair format. | Optional | +| purge_app_settings | Purge any existing application settings. Replace web app application settings with app_settings. | Optional | +| app_state | Start/Stop/Restart the web app. Possible values are: started, stopped, restarted. Default is started. | Optional | +| state | State of the Web App.
Use `present` to create or update a Web App and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmWebapp.azure_webapp | string | ID of current web app. | + + + +### azure-rm-webapp-info +*** +Get Azure web app facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_webapp_info_module.html + + +#### Base Command + +`azure-rm-webapp-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Only show results for a specific web app. | Optional | +| resource_group | Limit results by resource group. | Optional | +| return_publish_profile | Indicate whether to return publishing profile of the web app. Possible values are: Yes, No. Default is No. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmWebappInfo.webapps | unknown | List of web apps. | + + +#### Command Example +```!azure-rm-webapp-info resource_group="myResourceGroup" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmWebappInfo": [ + { + "changed": false, + "status": "SUCCESS", + "webapps": [] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Webapps + + +### azure-rm-webappslot +*** +Manage Azure Web App slot +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_webappslot_module.html + + +#### Base Command + +`azure-rm-webappslot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of the resource group to which the resource belongs. | Required | +| name | Unique name of the deployment slot to create or update. | Required | +| webapp_name | Web app name which this deployment slot belongs to. | Required | +| location | Resource location. If not set, location from the resource group will be used as default. | Optional | +| configuration_source | Source slot to clone configurations from when creating slot. Use webapp's name to refer to the production slot. | Optional | +| auto_swap_slot_name | Used to configure target slot name to auto swap, or disable auto swap.
Set it target slot name to auto swap.
Set it to False to disable auto slot swap. | Optional | +| swap | Swap deployment slots of a web app. | Optional | +| frameworks | Set of run time framework settings. Each setting is a dictionary.
See `https://docs.microsoft.com/en-us/azure/app-service/app-service-web-overview` for more info. | Optional | +| container_settings | Web app slot container settings. | Optional | +| startup_file | The slot startup file.
This only applies for Linux web app slot. | Optional | +| app_settings | Configure web app slot application settings. Suboptions are in key value pair format. | Optional | +| purge_app_settings | Purge any existing application settings. Replace slot application settings with app_settings. | Optional | +| deployment_source | Deployment source for git. | Optional | +| app_state | Start/Stop/Restart the slot. Possible values are: started, stopped, restarted. Default is started. | Optional | +| state | State of the Web App deployment slot.
Use `present` to create or update a slot and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmWebappslot.id | string | ID of current slot. | + + +### azure-rm-azurefirewall +*** +Manage Azure Firewall instance. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_azurefirewall_module.html + + +#### Base Command + +`azure-rm-azurefirewall` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| name | The name of the Azure Firewall. | Required | +| location | Resource location. | Optional | +| application_rule_collections | Collection of application rule collections used by Azure Firewall. | Optional | +| nat_rule_collections | Collection of NAT rule collections used by Azure Firewall. | Optional | +| network_rule_collections | Collection of network rule collections used by Azure Firewall. | Optional | +| ip_configurations | IP configuration of the Azure Firewall resource. | Optional | +| state | Assert the state of the AzureFirewall. Use `present` to create or update an AzureFirewall and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmAzurefirewall.id | string | Resource ID. | + + +#### Command Example +```!azure-rm-azurefirewall resource_group="myResourceGroup" name="myAzureFirewall" tags="{{ {'key1': 'value1'} }}" ip_configurations="{{ [{'subnet': '/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/AzureFirewallSubnet', 'public_ip_address': '/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/myPublicIpAddress', 'name': 'azureFirewallIpConfiguration'}] }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmAzurefirewall": [ + { + "changed": false, + "compare": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/azureFirewalls/myAzureFirewall", + "modifiers": { + "/location": { + "comparison": "location", + "updatable": false + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/azureFirewalls/myAzureFirewall +> * ## Compare +> * ## Modifiers +> * ### /Location +> * comparison: location +> * updatable: False + + +### azure-rm-azurefirewall-info +*** +Get AzureFirewall info. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_azurefirewall_info_module.html + + +#### Base Command + +`azure-rm-azurefirewall-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Optional | +| name | Resource name. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmAzurefirewallInfo.firewalls | unknown | A list of dict results where the key is the name of the AzureFirewall and the values are the facts for that AzureFirewall. | + + +#### Command Example +```!azure-rm-azurefirewall-info ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmAzurefirewallInfo": [ + { + "changed": false, + "firewalls": [ + { + "etag": "W/\"3c426480-93a2-4db2-93d9-d3f0cbfd45ba\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/azureFirewalls/myAzureFirewall", + "ip_configurations": [ + { + "etag": "W/\"3c426480-93a2-4db2-93d9-d3f0cbfd45ba\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/azureFirewalls/myAzureFirewall/azureFirewallIpConfigurations/azureFirewallIpConfiguration", + "name": "azureFirewallIpConfiguration", + "properties": { + "privateIPAddress": "1.1.1.2", + "privateIPAllocationMethod": "Dynamic", + "provisioningState": "Succeeded", + "publicIPAddress": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/myPublicIpAddress" + }, + "subnet": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/AzureFirewallSubnet" + } + }, + "type": "Microsoft.Network/azureFirewalls/azureFirewallIpConfigurations" + } + ], + "location": "australiasoutheast", + "name": "myAzureFirewall", + "nat_rule_collections": [], + "network_rule_collections": [], + "provisioning_state": "Succeeded", + "tags": { + "key1": "value1" + } + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Firewalls +> * ## Myazurefirewall +> * etag: W/"3c426480-93a2-4db2-93d9-d3f0cbfd45ba" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/azureFirewalls/myAzureFirewall +> * location: australiasoutheast +> * name: myAzureFirewall +> * provisioning_state: Succeeded +> * ### Ip_Configurations +> * ### Azurefirewallipconfiguration +> * etag: W/"3c426480-93a2-4db2-93d9-d3f0cbfd45ba" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/azureFirewalls/myAzureFirewall/azureFirewallIpConfigurations/azureFirewallIpConfiguration +> * name: azureFirewallIpConfiguration +> * type: Microsoft.Network/azureFirewalls/azureFirewallIpConfigurations +> * #### Properties +> * privateIPAddress: 1.1.1.2 +> * privateIPAllocationMethod: Dynamic +> * provisioningState: Succeeded +> * ##### Publicipaddress +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/myPublicIpAddress +> * ##### Subnet +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/AzureFirewallSubnet +> * ### Nat_Rule_Collections +> * ### Network_Rule_Collections +> * ### Tags +> * key1: value1 + + +### azure-rm-virtualnetwork +*** +Manage Azure virtual networks +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetwork_module.html + + +#### Base Command + +`azure-rm-virtualnetwork` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Required | +| address_prefixes_cidr | List of IPv4 address ranges where each is formatted using CIDR notation. Required when creating a new virtual network or using `purge_address_prefixes`. | Optional | +| dns_servers | Custom list of DNS servers. Maximum length of two. The first server in the list will be treated as the Primary server. This is an explicit list. Existing DNS servers will be replaced with the specified list. Use the `purge_dns_servers` option to remove all custom DNS servers and revert to default Azure servers. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| name | Name of the virtual network. | Required | +| purge_address_prefixes | Use with `state=present` to remove any existing `address_prefixes`. Default is no. | Optional | +| purge_dns_servers | Use with `state=present` to remove existing DNS servers, reverting to default Azure servers. Mutually exclusive with DNS servers. | Optional | +| state | State of the virtual network. Use `present` to create or update and `absent` to delete. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualnetwork.state | unknown | Current state of the virtual network. | + + +#### Command Example +```!azure-rm-virtualnetwork resource_group="myResourceGroup" name="myVirtualNetwork" address_prefixes_cidr="{{ ['10.1.0.0/16', '1.1.1.3/16'] }}" dns_servers="{{ ['127.0.0.1', '127.0.0.2'] }}" tags="{{ {'testing': 'testing', 'delete': 'on-exit'} }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualnetwork": [ + { + "changed": false, + "check_mode": false, + "state": { + "address_prefixes": [ + "10.0.0.0/16", + "10.1.0.0/16", + "1.1.1.3/16" + ], + "dns_servers": [ + "127.0.0.1", + "127.0.0.2" + ], + "etag": "W/\"fb7ef035-16d2-4915-80b7-956c42d7a2fb\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork", + "location": "australiasoutheast", + "name": "myVirtualNetwork", + "provisioning_state": "Succeeded", + "tags": { + "delete": "on-exit", + "testing": "testing" + }, + "type": "Microsoft.Network/virtualNetworks" + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * check_mode: False +> * ## State +> * etag: W/"fb7ef035-16d2-4915-80b7-956c42d7a2fb" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork +> * location: australiasoutheast +> * name: myVirtualNetwork +> * provisioning_state: Succeeded +> * type: Microsoft.Network/virtualNetworks +> * ### Address_Prefixes +> * 0: 10.0.0.0/16 +> * 1: 10.1.0.0/16 +> * 2: 1.1.1.3/16 +> * ### Dns_Servers +> * 0: 127.0.0.1 +> * 1: 127.0.0.2 +> * ### Tags +> * delete: on-exit +> * testing: testing + + +### azure-rm-virtualnetwork-info +*** +Get virtual network facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetwork_info_module.html + + +#### Base Command + +`azure-rm-virtualnetwork-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Only show results for a specific security group. | Optional | +| resource_group | Limit results by resource group. Required when filtering by name. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualnetworkInfo.azure_virtualnetworks | unknown | List of virtual network dicts. | +| Azure.AzureRmVirtualnetworkInfo.virtualnetworks | unknown | List of virtual network dicts with same format as \`azure_rm_virtualnetwork\` module parameters. | + + +#### Command Example +```!azure-rm-virtualnetwork-info resource_group="myResourceGroup" name="myVirtualNetwork" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualnetworkInfo": [ + { + "changed": false, + "status": "SUCCESS", + "virtualnetworks": [ + { + "address_prefixes": [ + "10.0.0.0/16", + "10.1.0.0/16", + "1.1.1.3/16" + ], + "dns_servers": [ + "127.0.0.1", + "127.0.0.2" + ], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork", + "location": "australiasoutheast", + "name": "myVirtualNetwork", + "provisioning_state": "Succeeded", + "subnets": [ + { + "address_prefix": "10.0.0.0/24", + "address_prefixes": null, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/default", + "name": "default", + "network_security_group": null, + "provisioning_state": "Succeeded", + "route_table": null + }, + { + "address_prefix": "10.1.0.0/24", + "address_prefixes": null, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet", + "name": "mySubnet", + "network_security_group": null, + "provisioning_state": "Succeeded", + "route_table": null + } + ], + "tags": { + "delete": "on-exit", + "testing": "testing" + } + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Virtualnetworks +> * ## Myvirtualnetwork +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork +> * location: australiasoutheast +> * name: myVirtualNetwork +> * provisioning_state: Succeeded +> * ### Address_Prefixes +> * 0: 10.0.0.0/16 +> * 1: 10.1.0.0/16 +> * 2: 1.1.1.3/16 +> * ### Dns_Servers +> * 0: 127.0.0.1 +> * 1: 127.0.0.2 +> * ### Subnets +> * ### Default +> * address_prefix: 10.0.0.0/24 +> * address_prefixes: None +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/default +> * name: default +> * network_security_group: None +> * provisioning_state: Succeeded +> * route_table: None +> * ### Mysubnet +> * address_prefix: 10.1.0.0/24 +> * address_prefixes: None +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet +> * name: mySubnet +> * network_security_group: None +> * provisioning_state: Succeeded +> * route_table: None +> * ### Tags +> * delete: on-exit +> * testing: testing + + +### azure-rm-virtualnetworkgateway +*** +Manage Azure virtual network gateways +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetworkgateway_module.html + + +#### Base Command + +`azure-rm-virtualnetworkgateway` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where VPN Gateway exists or will be created. | Required | +| name | Name of VPN Gateway. | Required | +| state | State of the VPN Gateway. Use `present` to create or update VPN gateway and `absent` to delete VPN gateway. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| virtual_network | An existing virtual network with which the VPN Gateway will be associated. Required when creating a VPN Gateway. Can be the name of the virtual network. Must be in the same resource group as VPN gateway when specified by name. Can be the resource ID of the virtual network. Can be a dict which contains `name` and `resource_group` of the virtual network. | Required | +| ip_configurations | List of IP configurations. | Optional | +| gateway_type | The type of this virtual network gateway. Possible values are: vpn, express_route. Default is vpn. | Optional | +| vpn_type | The type of this virtual private network. Possible values are: route_based, policy_based. Default is route_based. | Optional | +| enable_bgp | Whether BGP is enabled for this virtual network gateway or not. Possible values are: Yes, No. Default is No. | Optional | +| sku | The reference of the VirtualNetworkGatewaySku resource which represents the SKU selected for Virtual network gateway. Possible values are: VpnGw1, VpnGw2, VpnGw3. Default is VpnGw1. | Optional | +| bgp_settings | Virtual network gateway's BGP speaker settings. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualnetworkgateway.id | string | Virtual Network Gateway resource ID. | + + +#### Command Example +```!azure-rm-virtualnetworkgateway resource_group="myResourceGroup" name="myVirtualNetworkGateway" ip_configurations="{{ [{'name': 'testipconfig', 'private_ip_allocation_method': 'Dynamic', 'public_ip_address_name': 'testipaddr'}] }}" virtual_network="myVirtualNetwork" tags="{{ {'common': 'xyz'} }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualnetworkgateway": [ + { + "changed": false, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworkGateways/myVirtualNetworkGateway", + "state": {}, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworkGateways/myVirtualNetworkGateway +> * ## State + + +### azure-rm-virtualnetworkpeering +*** +Manage Azure Virtual Network Peering +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetworkpeering_module.html + + +#### Base Command + +`azure-rm-virtualnetworkpeering` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the vnet exists. | Required | +| name | Name of the virtual network peering. | Required | +| virtual_network | Name or resource ID of the virtual network to be peered. | Required | +| remote_virtual_network | Remote virtual network to be peered. It can be name of remote virtual network in same resource group. It can be remote virtual network resource ID. It can be a dict which contains `name` and `resource_group` of remote virtual network. Required when creating. | Optional | +| allow_virtual_network_access | Allows VMs in the remote VNet to access all VMs in the local VNet. Possible values are: Yes, No. Default is No. | Optional | +| allow_forwarded_traffic | Allows forwarded traffic from the VMs in the remote VNet. Possible values are: Yes, No. Default is No. | Optional | +| use_remote_gateways | If remote gateways can be used on this virtual network. Possible values are: Yes, No. Default is No. | Optional | +| allow_gateway_transit | Allows VNet to use the remote VNet's gateway. Remote VNet gateway must have --allow-gateway-transit enabled for remote peering. Only 1 peering can have this flag enabled. Cannot be set if the VNet already has a gateway. Possible values are: Yes, No. Default is No. | Optional | +| state | State of the virtual network peering. Use `present` to create or update a peering and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualnetworkpeering.id | string | ID of the Azure virtual network peering. | + + +#### Command Example +```!azure-rm-virtualnetworkpeering resource_group="myResourceGroup" virtual_network="myVirtualNetwork" name="myPeering" remote_virtual_network="{{ {'resource_group': 'mySecondResourceGroup', 'name': 'myRemoteVirtualNetwork'} }}" allow_virtual_network_access="False" allow_forwarded_traffic="True" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualnetworkpeering": [ + { + "changed": false, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False + + +### azure-rm-virtualnetworkpeering-info +*** +Get facts of Azure Virtual Network Peering +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_virtualnetworkpeering_info_module.html + + +#### Base Command + +`azure-rm-virtualnetworkpeering-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the vnet exists. | Required | +| virtual_network | Name or resource ID of a virtual network. | Required | +| name | Name of the virtual network peering. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmVirtualnetworkpeeringInfo.vnetpeerings | unknown | A list of Virtual Network Peering facts. | + + +#### Command Example +```!azure-rm-virtualnetworkpeering-info resource_group="myResourceGroup" virtual_network="myVirtualNetwork" name="myPeering" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmVirtualnetworkpeeringInfo": [ + { + "changed": false, + "status": "SUCCESS", + "vnetpeerings": [ + { + "allow_forwarded_traffic": true, + "allow_gateway_transit": false, + "allow_virtual_network_access": false, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/virtualNetworkPeerings/myPeering", + "name": "myPeering", + "peering_state": "Initiated", + "provisioning_state": "Succeeded", + "remote_address_space": { + "address_prefixes": [ + "1.1.1.3/16" + ] + }, + "remote_virtual_network": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/mySecondResourceGroup/providers/Microsoft.Network/virtualNetworks/myRemoteVirtualNetwork", + "use_remote_gateways": false + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Vnetpeerings +> * ## Mypeering +> * allow_forwarded_traffic: True +> * allow_gateway_transit: False +> * allow_virtual_network_access: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/virtualNetworkPeerings/myPeering +> * name: myPeering +> * peering_state: Initiated +> * provisioning_state: Succeeded +> * remote_virtual_network: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/mySecondResourceGroup/providers/Microsoft.Network/virtualNetworks/myRemoteVirtualNetwork +> * use_remote_gateways: False +> * ### Remote_Address_Space +> * #### Address_Prefixes +> * 0: 1.1.1.3/16 + + +### azure-rm-subnet +*** +Manage Azure subnets +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_subnet_module.html + + +#### Base Command + +`azure-rm-subnet` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Required | +| name | Name of the subnet. | Required | +| address_prefix_cidr | CIDR defining the IPv4 address space of the subnet. Must be valid within the context of the virtual network. | Optional | +| security_group | Existing security group with which to associate the subnet. It can be the security group name which is in the same resource group. Can be the resource ID of the security group. Can be a dict containing the `name` and `resource_group` of the security group. | Optional | +| state | Assert the state of the subnet. Use `present` to create or update a subnet and use `absent` to delete a subnet. Possible values are: absent, present. Default is present. | Optional | +| virtual_network_name | Name of an existing virtual network with which the subnet is or will be associated. | Required | +| route_table | The reference of the RouteTable resource. Can be the name or resource ID of the route table. Can be a dict containing the `name` and `resource_group` of the route table. | Optional | +| service_endpoints | An array of service endpoints. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmSubnet.state | unknown | Current state of the subnet. | + + +#### Command Example +```!azure-rm-subnet resource_group="myResourceGroup" virtual_network_name="myVirtualNetwork" name="mySubnet" address_prefix_cidr="10.1.0.0/24" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmSubnet": [ + { + "changed": false, + "state": { + "address_prefix": "10.1.0.0/24", + "address_prefixes": null, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet", + "name": "mySubnet", + "network_security_group": {}, + "private_endpoint_network_policies": "Enabled", + "private_link_service_network_policies": "Enabled", + "provisioning_state": "Succeeded", + "route_table": {} + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## State +> * address_prefix: 10.1.0.0/24 +> * address_prefixes: None +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet +> * name: mySubnet +> * private_endpoint_network_policies: Enabled +> * private_link_service_network_policies: Enabled +> * provisioning_state: Succeeded +> * ### Network_Security_Group +> * ### Route_Table + + +### azure-rm-subnet-info +*** +Get Azure Subnet facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_subnet_info_module.html + + +#### Base Command + +`azure-rm-subnet-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | The name of the resource group. | Required | +| virtual_network_name | The name of the virtual network. | Required | +| name | The name of the subnet. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmSubnetInfo.subnets | unknown | A list of dictionaries containing facts for subnet. | + + +#### Command Example +```!azure-rm-subnet-info resource_group="myResourceGroup" virtual_network_name="myVirtualNetwork" name="mySubnet" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmSubnetInfo": [ + { + "changed": false, + "status": "SUCCESS", + "subnets": [ + { + "address_prefix_cidr": "10.1.0.0/24", + "address_prefixes_cidr": null, + "delegations": [], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet", + "name": "mySubnet", + "private_endpoint_network_policies": "Enabled", + "private_link_service_network_policies": "Enabled", + "provisioning_state": "Succeeded", + "resource_group": "myResourceGroup", + "route_table": null, + "security_group": null, + "service_endpoints": null, + "virtual_network_name": "myVirtualNetwork" + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Subnets +> * ## Mysubnet +> * address_prefix_cidr: 10.1.0.0/24 +> * address_prefixes_cidr: None +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet +> * name: mySubnet +> * private_endpoint_network_policies: Enabled +> * private_link_service_network_policies: Enabled +> * provisioning_state: Succeeded +> * resource_group: myResourceGroup +> * route_table: None +> * security_group: None +> * service_endpoints: None +> * virtual_network_name: myVirtualNetwork +> * ### Delegations + + +### azure-rm-trafficmanagerendpoint +*** +Manage Azure Traffic Manager endpoint +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerendpoint_module.html + + +#### Base Command + +`azure-rm-trafficmanagerendpoint` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the Traffic Manager endpoint exists or will be created. | Required | +| name | The name of the endpoint. | Required | +| profile_name | Name of Traffic Manager profile where this endpoints attaches to. | Required | +| type | The type of the endpoint. Possible values are: azure_endpoints, external_endpoints, nested_endpoints. | Required | +| target_resource_id | The Azure Resource URI of the of the endpoint. Not applicable to endpoints of `type=external_endpoints`. | Optional | +| target | The fully-qualified DNS name of the endpoint. | Optional | +| enabled | The status of the endpoint. Possible values are: Yes, No. Default is Yes. | Optional | +| weight | The weight of this endpoint when traffic manager profile has routing_method of `weighted`. Possible values are from 1 to 1000. | Optional | +| priority | The priority of this endpoint when traffic manager profile has routing_method of `priority`. Possible values are from 1 to 1000, lower values represent higher priority. This is an optional parameter. If specified, it must be specified on all endpoints. No two endpoints can share the same priority value. | Optional | +| location | Specifies the location of the external or nested endpoints when using the 'Performance' traffic routing method. | Optional | +| min_child_endpoints | The minimum number of endpoints that must be available in the child profile in order for the parent profile to be considered available. Only applicable to endpoint of `type=nested_endpoints`. | Optional | +| geo_mapping | The list of countries/regions mapped to this endpoint when traffic manager profile has routing_method of `geographic`. | Optional | +| state | Assert the state of the Traffic Manager endpoint. Use `present` to create or update a Traffic Manager endpoint and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmTrafficmanagerendpoint.id | string | The ID of the traffic manager endpoint. | + + +#### Command Example +```!azure-rm-trafficmanagerendpoint resource_group="myResourceGroup" profile_name="tmtest" name="testendpoint1" type="external_endpoints" location="westus" priority="2" weight="1" target="1.2.3.4" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmTrafficmanagerendpoint": [ + { + "changed": false, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1 + + +### azure-rm-trafficmanagerendpoint-info +*** +Get Azure Traffic Manager endpoint facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerendpoint_info_module.html + + +#### Base Command + +`azure-rm-trafficmanagerendpoint-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific Traffic Manager endpoint. | Optional | +| resource_group | The resource group to search for the desired Traffic Manager profile. | Required | +| profile_name | Name of Traffic Manager Profile. | Required | +| type | Type of endpoint. Possible values are: azure_endpoints, external_endpoints, nested_endpoints. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmTrafficmanagerendpointInfo.endpoints | unknown | List of Traffic Manager endpoints. | + + +#### Command Example +```!azure-rm-trafficmanagerendpoint-info resource_group="myResourceGroup" profile_name="tmtest" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmTrafficmanagerendpointInfo": [ + { + "changed": false, + "endpoints": [ + { + "enabled": true, + "geo_mapping": null, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1", + "location": "West US", + "min_child_endpoints": null, + "monitor_status": "Degraded", + "name": "testendpoint1", + "priority": 2, + "resource_group": "myResourceGroup", + "target": "1.2.3.4", + "target_resource_id": null, + "type": "external_endpoints", + "weight": 1 + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Endpoints +> * ## Testendpoint1 +> * enabled: True +> * geo_mapping: None +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1 +> * location: West US +> * min_child_endpoints: None +> * monitor_status: Degraded +> * name: testendpoint1 +> * priority: 2 +> * resource_group: myResourceGroup +> * target: 1.2.3.4 +> * target_resource_id: None +> * type: external_endpoints +> * weight: 1 + + +### azure-rm-trafficmanagerprofile +*** +Manage Azure Traffic Manager profile +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerprofile_module.html + + +#### Base Command + +`azure-rm-trafficmanagerprofile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the Traffic Manager profile exists or will be created. | Required | +| name | Name of the Traffic Manager profile. | Required | +| state | Assert the state of the Traffic Manager profile. Use `present` to create or update a Traffic Manager profile and `absent` to delete it. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to `global` because in default public Azure cloud, Traffic Manager profile can only be deployed globally. Reference `https://docs.microsoft.com/en-us/azure/traffic-manager/quickstart-create-traffic-manager-profile#create-a-traffic-manager-profile`. Default is global. | Optional | +| profile_status | The status of the Traffic Manager profile. Possible values are: enabled, disabled. Default is enabled. | Optional | +| routing_method | The traffic routing method of the Traffic Manager profile. Possible values are: performance, priority, weighted, geographic. Default is performance. | Optional | +| dns_config | The DNS settings of the Traffic Manager profile. | Optional | +| monitor_config | The endpoint monitoring settings of the Traffic Manager profile. Default is {'protocol': 'HTTP', 'port': 80, 'path': '/'}. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmTrafficmanagerprofile.id | string | The ID of the traffic manager profile. | +| Azure.AzureRmTrafficmanagerprofile.endpoints | unknown | List of endpoint IDs attached to the profile. | + + +#### Command Example +```!azure-rm-trafficmanagerprofile name="tmtest" resource_group="myResourceGroup" location="global" profile_status="enabled" routing_method="priority" dns_config="{{ {'relative_name': 'xsoartmtest', 'ttl': 60} }}" monitor_config="{{ {'protocol': 'HTTPS', 'port': 80, 'path': '/'} }}" tags="{{ {'Environment': 'Test'} }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmTrafficmanagerprofile": [ + { + "changed": false, + "endpoints": [ + "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1" + ], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest +> * ## Endpoints +> * 0: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1 + + +### azure-rm-trafficmanagerprofile-info +*** +Get Azure Traffic Manager profile facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_trafficmanagerprofile_info_module.html + + +#### Base Command + +`azure-rm-trafficmanagerprofile-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific Traffic Manager profile. | Optional | +| resource_group | The resource group to search for the desired Traffic Manager profile. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmTrafficmanagerprofileInfo.tms | unknown | List of Traffic Manager profiles. | + + +#### Command Example +```!azure-rm-trafficmanagerprofile-info ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmTrafficmanagerprofileInfo": [ + { + "changed": false, + "status": "SUCCESS", + "tms": [ + { + "dns_config": { + "fqdn": "xsoartmtest.trafficmanager.net", + "relative_name": "xsoartmtest", + "ttl": 60 + }, + "endpoints": [ + { + "geo_mapping": null, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1", + "location": "West US", + "min_child_endpoints": null, + "name": "testendpoint1", + "priority": 2, + "status": "Enabled", + "target": "1.2.3.4", + "target_resource_id": null, + "type": "external_endpoints", + "weight": 1 + } + ], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest", + "location": "global", + "monitor_config": { + "interval": 30, + "path": "/", + "port": 80, + "profile_monitor_status": null, + "protocol": "HTTPS", + "timeout": 10, + "tolerated_failures": 3 + }, + "name": "tmtest", + "profile_status": "Enabled", + "resource_group": "myresourcegroup", + "routing_method": "priority", + "state": "present", + "tags": { + "Environment": "Test" + } + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Tms +> * ## Tmtest +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest +> * location: global +> * name: tmtest +> * profile_status: Enabled +> * resource_group: myresourcegroup +> * routing_method: priority +> * state: present +> * ### Dns_Config +> * fqdn: xsoartmtest.trafficmanager.net +> * relative_name: xsoartmtest +> * ttl: 60 +> * ### Endpoints +> * ### Testendpoint1 +> * geo_mapping: None +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/trafficManagerProfiles/tmtest/externalEndpoints/testendpoint1 +> * location: West US +> * min_child_endpoints: None +> * name: testendpoint1 +> * priority: 2 +> * status: Enabled +> * target: 1.2.3.4 +> * target_resource_id: None +> * type: external_endpoints +> * weight: 1 +> * ### Monitor_Config +> * interval: 30 +> * path: / +> * port: 80 +> * profile_monitor_status: None +> * protocol: HTTPS +> * timeout: 10 +> * tolerated_failures: 3 +> * ### Tags +> * Environment: Test + + +### azure-rm-networkinterface +*** +Manage Azure network interfaces +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_networkinterface_module.html + + +#### Base Command + +`azure-rm-networkinterface` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of a resource group where the network interface exists or will be created. | Required | +| name | Name of the network interface. | Required | +| state | Assert the state of the network interface. Use `present` to create or update an interface and `absent` to delete an interface. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| virtual_network | An existing virtual network with which the network interface will be associated. Required when creating a network interface. It can be the virtual network's name. Make sure your virtual network is in the same resource group as NIC when you give only the name. It can be the virtual network's resource id. It can be a dict which contains `name` and `resource_group` of the virtual network. | Required | +| subnet_name | Name of an existing subnet within the specified virtual network. Required when creating a network interface. Use the `virtual_network`'s resource group. | Required | +| os_type | Determines any rules to be added to a default security group. When creating a network interface, if no security group name is provided, a default security group will be created. If the `os_type=Windows`, a rule allowing RDP access will be added. If the `os_type=Linux`, a rule allowing SSH access will be added. Possible values are: Windows, Linux. Default is Linux. | Optional | +| private_ip_address | (Deprecate) Valid IPv4 address that falls within the specified subnet. This option will be deprecated in 2.9, use `ip_configurations` instead. | Optional | +| private_ip_allocation_method | (Deprecate) Whether or not the assigned IP address is permanent. When creating a network interface, if you specify `private_ip_address=Static`, you must provide a value for `private_ip_address`. You can update the allocation method to `Static` after a dynamic private IP address has been assigned. This option will be deprecated in 2.9, use `ip_configurations` instead. Possible values are: Dynamic, Static. Default is Dynamic. | Optional | +| public_ip | (Deprecate) When creating a network interface, if no public IP address name is provided a default public IP address will be created. Set to `false` if you do not want a public IP address automatically created. This option will be deprecated in 2.9, use `ip_configurations` instead. Default is yes. | Optional | +| public_ip_address_name | (Deprecate) Name of an existing public IP address object to associate with the security group. This option will be deprecated in 2.9, use `ip_configurations` instead. | Optional | +| public_ip_allocation_method | (Deprecate) If a `public_ip_address_name` is not provided, a default public IP address will be created. The allocation method determines whether or not the public IP address assigned to the network interface is permanent. This option will be deprecated in 2.9, use `ip_configurations` instead. Possible values are: Dynamic, Static. Default is Dynamic. | Optional | +| ip_configurations | List of IP configurations. Each configuration object should include field `private_ip_address`, `private_ip_allocation_method`, `public_ip_address_name`, `public_ip`, `public_ip_allocation_method`, `name`. | Optional | +| enable_accelerated_networking | Whether the network interface should be created with the accelerated networking feature or not. Possible values are: Yes, No. Default is No. | Optional | +| create_with_security_group | Whether a security group should be be created with the NIC. If this flag set to `True` and no `security_group` set, a default security group will be created. Possible values are: Yes, No. Default is Yes. | Optional | +| security_group | An existing security group with which to associate the network interface. If not provided, a default security group will be created when `create_with_security_group=true`. It can be the name of security group. Make sure the security group is in the same resource group when you only give its name. It can be the resource id. It can be a dict contains security_group's `name` and `resource_group`. | Optional | +| open_ports | When a default security group is created for a Linux host a rule will be added allowing inbound TCP connections to the default SSH port `22`, and for a Windows host rules will be added allowing inbound access to RDP ports `3389` and `5986`. Override the default ports by providing a list of open ports. | Optional | +| enable_ip_forwarding | Whether to enable IP forwarding. Possible values are: Yes, No. Default is No. | Optional | +| dns_servers | Which DNS servers should the NIC lookup. List of IP addresses. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmNetworkinterface.state | unknown | The current state of the network interface. | + + +#### Command Example +```!azure-rm-networkinterface name="nic001" resource_group="myResourceGroup" virtual_network="myVirtualNetwork" subnet_name="mySubnet" ip_configurations="{{ [{'name': 'ipconfig1', 'public_ip_address_name': 'publicip001', 'primary': True}] }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmNetworkinterface": [ + { + "changed": false, + "state": { + "dns_servers": [], + "dns_settings": { + "applied_dns_servers": [], + "dns_servers": [], + "internal_dns_name_label": null, + "internal_fqdn": null + }, + "enable_accelerated_networking": false, + "enable_ip_forwarding": false, + "etag": "W/\"165cdc7d-852f-4e0c-af11-0511290660a3\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/nic001", + "ip_configuration": { + "application_security_groups": null, + "load_balancer_backend_address_pools": null, + "name": "ipconfig1", + "primary": true, + "private_ip_address": "1.1.1.3", + "private_ip_allocation_method": "Dynamic", + "public_ip_address": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicip001", + "name": "publicip001", + "public_ip_allocation_method": null + }, + "subnet": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet", + "name": "mySubnet", + "resource_group": "myResourceGroup", + "virtual_network_name": "myVirtualNetwork" + } + }, + "ip_configurations": [ + { + "application_security_groups": null, + "load_balancer_backend_address_pools": null, + "name": "ipconfig1", + "primary": true, + "private_ip_address": "1.1.1.3", + "private_ip_allocation_method": "Dynamic", + "public_ip_address": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicip001", + "name": "publicip001", + "public_ip_allocation_method": null + }, + "subnet": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet", + "name": "mySubnet", + "resource_group": "myResourceGroup", + "virtual_network_name": "myVirtualNetwork" + } + } + ], + "location": "australiasoutheast", + "mac_address": null, + "name": "nic001", + "network_security_group": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/nic001", + "name": "nic001" + }, + "provisioning_state": "Succeeded", + "tags": {}, + "type": "Microsoft.Network/networkInterfaces" + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## State +> * enable_accelerated_networking: False +> * enable_ip_forwarding: False +> * etag: W/"165cdc7d-852f-4e0c-af11-0511290660a3" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/nic001 +> * location: australiasoutheast +> * mac_address: None +> * name: nic001 +> * provisioning_state: Succeeded +> * type: Microsoft.Network/networkInterfaces +> * ### Dns_Servers +> * ### Dns_Settings +> * internal_dns_name_label: None +> * internal_fqdn: None +> * #### Applied_Dns_Servers +> * #### Dns_Servers +> * ### Ip_Configuration +> * application_security_groups: None +> * load_balancer_backend_address_pools: None +> * name: ipconfig1 +> * primary: True +> * private_ip_address: 1.1.1.3 +> * private_ip_allocation_method: Dynamic +> * #### Public_Ip_Address +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicip001 +> * name: publicip001 +> * public_ip_allocation_method: None +> * #### Subnet +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet +> * name: mySubnet +> * resource_group: myResourceGroup +> * virtual_network_name: myVirtualNetwork +> * ### Ip_Configurations +> * ### Ipconfig1 +> * application_security_groups: None +> * load_balancer_backend_address_pools: None +> * name: ipconfig1 +> * primary: True +> * private_ip_address: 1.1.1.3 +> * private_ip_allocation_method: Dynamic +> * #### Public_Ip_Address +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicip001 +> * name: publicip001 +> * public_ip_allocation_method: None +> * #### Subnet +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet +> * name: mySubnet +> * resource_group: myResourceGroup +> * virtual_network_name: myVirtualNetwork +> * ### Network_Security_Group +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/nic001 +> * name: nic001 +> * ### Tags + + +### azure-rm-networkinterface-info +*** +Get network interface facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_networkinterface_info_module.html + + +#### Base Command + +`azure-rm-networkinterface-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Only show results for a specific network interface. | Optional | +| resource_group | Name of the resource group containing the network interface(s). Required when searching by name. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmNetworkinterfaceInfo.azure_networkinterfaces | unknown | List of network interface dicts. | +| Azure.AzureRmNetworkinterfaceInfo.networkinterfaces | unknown | List of network interface dicts. Each dict contains parameters can be passed to \`azure_rm_networkinterface\` module. | + + +#### Command Example +```!azure-rm-networkinterface-info resource_group="myResourceGroup" name="nic001" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmNetworkinterfaceInfo": [ + { + "changed": false, + "networkinterfaces": [ + { + "dns_servers": [], + "dns_settings": { + "applied_dns_servers": [], + "dns_servers": [], + "internal_dns_name_label": null, + "internal_fqdn": null + }, + "enable_accelerated_networking": false, + "enable_ip_forwarding": false, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/nic001", + "ip_configurations": [ + { + "application_security_groups": null, + "load_balancer_backend_address_pools": null, + "name": "ipconfig1", + "primary": true, + "private_ip_address": "1.1.1.3", + "private_ip_allocation_method": "Dynamic", + "public_ip_address": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicip001", + "public_ip_allocation_method": null + } + ], + "location": "australiasoutheast", + "mac_address": null, + "name": "nic001", + "provisioning_state": "Succeeded", + "resource_group": "myResourceGroup", + "security_group": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/nic001", + "subnet": "mySubnet", + "tags": null, + "virtual_network": { + "name": "myVirtualNetwork", + "resource_group": "myResourceGroup" + } + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Networkinterfaces +> * ## Nic001 +> * enable_accelerated_networking: False +> * enable_ip_forwarding: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/nic001 +> * location: australiasoutheast +> * mac_address: None +> * name: nic001 +> * provisioning_state: Succeeded +> * resource_group: myResourceGroup +> * security_group: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/nic001 +> * subnet: mySubnet +> * tags: None +> * ### Dns_Servers +> * ### Dns_Settings +> * internal_dns_name_label: None +> * internal_fqdn: None +> * #### Applied_Dns_Servers +> * #### Dns_Servers +> * ### Ip_Configurations +> * ### Ipconfig1 +> * application_security_groups: None +> * load_balancer_backend_address_pools: None +> * name: ipconfig1 +> * primary: True +> * private_ip_address: 1.1.1.3 +> * private_ip_allocation_method: Dynamic +> * public_ip_address: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicip001 +> * public_ip_allocation_method: None +> * ### Virtual_Network +> * name: myVirtualNetwork +> * resource_group: myResourceGroup + + +### azure-rm-publicipaddress +*** +Manage Azure Public IP Addresses +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_publicipaddress_module.html + + +#### Base Command + +`azure-rm-publicipaddress` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group with which the Public IP is associated. | Required | +| allocation_method | Control whether the assigned Public IP remains permanently assigned to the object. If not set to `Static`, the IP address my changed anytime an associated virtual machine is power cycled. Possible values are: dynamic, static, Static, Dynamic. Default is dynamic. | Optional | +| domain_name | The customizable portion of the FQDN assigned to public IP address. This is an explicit setting. If no value is provided, any existing value will be removed on an existing public IP. | Optional | +| name | Name of the Public IP. | Required | +| state | Assert the state of the Public IP. Use `present` to create or update a and `absent` to delete. Possible values are: absent, present. Default is present. | Optional | +| location | Valid Azure location. Defaults to location of the resource group. | Optional | +| sku | The public IP address SKU. Possible values are: basic, standard, Basic, Standard. | Optional | +| ip_tags | List of IpTag associated with the public IP address. Each element should contain type:value pair. | Optional | +| idle_timeout | Idle timeout in minutes. | Optional | +| version | The public IP address version. Possible values are: ipv4, ipv6. Default is ipv4. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmPublicipaddress.state | unknown | Facts about the current state of the object. | + + +#### Command Example +```!azure-rm-publicipaddress resource_group="myResourceGroup" name="my_public_ip" allocation_method="static" domain_name="foobar" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmPublicipaddress": [ + { + "changed": false, + "state": { + "dns_settings": { + "domain_name_label": "foobar", + "fqdn": "foobar.australiasoutheast.cloudapp.azure.com", + "reverse_fqdn": null + }, + "etag": "W/\"1bee56b0-3bdb-45c8-b378-ddc94cc8e504\"", + "idle_timeout_in_minutes": 4, + "ip_address": "1.1.1.3", + "location": "australiasoutheast", + "name": "my_public_ip", + "provisioning_state": "Succeeded", + "public_ip_address_version": "ipv4", + "public_ip_allocation_method": "static", + "sku": "Basic", + "tags": {}, + "type": "Microsoft.Network/publicIPAddresses" + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## State +> * etag: W/"1bee56b0-3bdb-45c8-b378-ddc94cc8e504" +> * idle_timeout_in_minutes: 4 +> * ip_address: 1.1.1.3 +> * location: australiasoutheast +> * name: my_public_ip +> * provisioning_state: Succeeded +> * public_ip_address_version: ipv4 +> * public_ip_allocation_method: static +> * sku: Basic +> * type: Microsoft.Network/publicIPAddresses +> * ### Dns_Settings +> * domain_name_label: foobar +> * fqdn: foobar.australiasoutheast.cloudapp.azure.com +> * reverse_fqdn: None +> * ### Tags + + +### azure-rm-publicipaddress-info +*** +Get public IP facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_publicipaddress_info_module.html + + +#### Base Command + +`azure-rm-publicipaddress-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Only show results for a specific Public IP. | Optional | +| resource_group | Limit results by resource group. Required when using name parameter. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmPublicipaddressInfo.azure_publicipaddresses | unknown | List of public IP address dicts. Please note that this option will be deprecated in 2.10 when curated format will become the only supported format. | +| Azure.AzureRmPublicipaddressInfo.publicipaddresses | unknown | List of publicipaddress. Contains the detail which matches azure_rm_publicipaddress parameters. Returned when the format parameter set to curated. | + + +#### Command Example +```!azure-rm-publicipaddress-info resource_group="myResourceGroup" name="my_public_ip" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmPublicipaddressInfo": [ + { + "changed": false, + "publicipaddresses": [ + { + "allocation_method": "static", + "dns_settings": { + "domain_name_label": "foobar", + "fqdn": "foobar.australiasoutheast.cloudapp.azure.com", + "reverse_fqdn": null + }, + "etag": "W/\"1bee56b0-3bdb-45c8-b378-ddc94cc8e504\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/my_public_ip", + "idle_timeout": 4, + "ip_address": "1.1.1.3", + "ip_tags": {}, + "location": "australiasoutheast", + "name": "my_public_ip", + "provisioning_state": "Succeeded", + "sku": "Basic", + "tags": null, + "type": "Microsoft.Network/publicIPAddresses", + "version": "ipv4" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Publicipaddresses +> * ## My_Public_Ip +> * allocation_method: static +> * etag: W/"1bee56b0-3bdb-45c8-b378-ddc94cc8e504" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/my_public_ip +> * idle_timeout: 4 +> * ip_address: 1.1.1.3 +> * location: australiasoutheast +> * name: my_public_ip +> * provisioning_state: Succeeded +> * sku: Basic +> * tags: None +> * type: Microsoft.Network/publicIPAddresses +> * version: ipv4 +> * ### Dns_Settings +> * domain_name_label: foobar +> * fqdn: foobar.australiasoutheast.cloudapp.azure.com +> * reverse_fqdn: None +> * ### Ip_Tags + + +### azure-rm-route +*** +Manage Azure route resource +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_route_module.html + + +#### Base Command + +`azure-rm-route` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Required | +| name | Name of the route. | Required | +| state | Assert the state of the route. Use `present` to create or update and `absent` to delete. Possible values are: absent, present. Default is present. | Optional | +| address_prefix | The destination CIDR to which the route applies. | Optional | +| next_hop_type | The type of Azure hop the packet should be sent to. Possible values are: virtual_network_gateway, vnet_local, internet, virtual_appliance, none. Default is none. | Optional | +| next_hop_ip_address | The IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance. | Optional | +| route_table_name | The name of the route table. | Required | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmRoute.id | string | Current state of the route. | + + +#### Command Example +```!azure-rm-route resource_group="myResourceGroup" name="myRoute" address_prefix="10.1.0.0/16" next_hop_type="virtual_network_gateway" route_table_name="myRouteTable" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmRoute": [ + { + "changed": false, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/routeTables/myRouteTable/routes/myRoute", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/routeTables/myRouteTable/routes/myRoute + + +### azure-rm-routetable +*** +Manage Azure route table resource +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_routetable_module.html + + +#### Base Command + +`azure-rm-routetable` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Required | +| name | Name of the route table. | Required | +| state | Assert the state of the route table. Use `present` to create or update and `absent` to delete. Possible values are: absent, present. Default is present. | Optional | +| disable_bgp_route_propagation | Specified whether to disable the routes learned by BGP on that route table. Possible values are: Yes, No. Default is No. | Optional | +| location | Region of the resource. Derived from `resource_group` if not specified. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmRoutetable.changed | boolean | Whether the resource is changed. | +| Azure.AzureRmRoutetable.id | string | Resource ID. | + + +#### Command Example +```!azure-rm-routetable resource_group="myResourceGroup" name="myRouteTable" disable_bgp_route_propagation="False" tags="{{ {'purpose': 'testing'} }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmRoutetable": [ + { + "changed": false, + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/routeTables/myRouteTable", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/routeTables/myRouteTable + + +### azure-rm-routetable-info +*** +Get route table facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_routetable_info_module.html + + +#### Base Command + +`azure-rm-routetable-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Limit results to a specific route table. | Optional | +| resource_group | Limit results in a specific resource group. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmRoutetableInfo.id | string | Resource ID. | +| Azure.AzureRmRoutetableInfo.name | string | Name of the resource. | +| Azure.AzureRmRoutetableInfo.resource_group | string | Resource group of the route table. | +| Azure.AzureRmRoutetableInfo.disable_bgp_route_propagation | boolean | Whether the routes learned by BGP on that route table disabled. | +| Azure.AzureRmRoutetableInfo.tags | unknown | Tags of the route table. | +| Azure.AzureRmRoutetableInfo.routes | unknown | Current routes of the route table. | + + +#### Command Example +```!azure-rm-routetable-info name="Testing" resource_group="myResourceGroup"``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmRoutetableInfo": [ + { + "changed": false, + "route_tables": [], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Route_Tables + + +### azure-rm-securitygroup +*** +Manage Azure network security groups +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_securitygroup_module.html + + +#### Base Command + +`azure-rm-securitygroup` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| default_rules | The set of default rules automatically added to a security group at creation. In general default rules will not be modified. Modify rules to shape the flow of traffic to or from a subnet or NIC. See rules below for the makeup of a rule dict. | Optional | +| location | Valid azure location. Defaults to location of the resource group. | Optional | +| name | Name of the security group to operate on. | Optional | +| purge_default_rules | Remove any existing rules not matching those defined in the default_rules parameter. Default is no. | Optional | +| purge_rules | Remove any existing rules not matching those defined in the rules parameters. Default is no. | Optional | +| resource_group | Name of the resource group the security group belongs to. | Required | +| rules | Set of rules shaping traffic flow to or from a subnet or NIC. Each rule is a dictionary. | Optional | +| state | Assert the state of the security group. Set to `present` to create or update a security group. Set to `absent` to remove a security group. Possible values are: absent, present. Default is present. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmSecuritygroup.state | unknown | Current state of the security group. | + + +#### Command Example +```!azure-rm-securitygroup resource_group="myResourceGroup" name="mysecgroup" purge_rules="True" rules="{{ [{'name': 'DenySSH', 'protocol': 'Tcp', 'destination_port_range': 22, 'access': 'Deny', 'priority': 100, 'direction': 'Inbound'}, {'name': 'AllowSSH', 'protocol': 'Tcp', 'source_address_prefix': ['1.1.1.3/24', '1.1.1.4/24'], 'destination_port_range': 22, 'access': 'Allow', 'priority': 101, 'direction': 'Inbound'}, {'name': 'AllowMultiplePorts', 'protocol': 'Tcp', 'source_address_prefix': ['1.1.1.1/24', '1.1.1.4/24'], 'destination_port_range': [80, 443], 'access': 'Allow', 'priority': 102}] }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmSecuritygroup": [ + { + "changed": true, + "state": { + "default_rules": [ + { + "access": "Allow", + "description": "Allow inbound traffic from all VMs in VNET", + "destination_address_prefix": "VirtualNetwork", + "destination_address_prefixes": [], + "destination_application_security_groups": null, + "destination_port_range": "*", + "destination_port_ranges": [], + "direction": "Inbound", + "etag": "W/\"eeeac0dc-126e-4b2f-abee-b8247bc16757\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/defaultSecurityRules/AllowVnetInBound", + "name": "AllowVnetInBound", + "priority": 65000, + "protocol": "*", + "provisioning_state": "Succeeded", + "source_address_prefix": "VirtualNetwork", + "source_address_prefixes": [], + "source_application_security_groups": null, + "source_port_range": "*", + "source_port_ranges": [] + } + ], + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup", + "location": "australiasoutheast", + "name": "mysecgroup", + "network_interfaces": [], + "rules": [ + { + "access": "Deny", + "description": null, + "destination_address_prefix": "*", + "destination_address_prefixes": [], + "destination_application_security_groups": null, + "destination_port_range": "22", + "destination_port_ranges": [], + "direction": "Inbound", + "etag": "W/\"eeeac0dc-126e-4b2f-abee-b8247bc16757\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/securityRules/DenySSH", + "name": "DenySSH", + "priority": 100, + "protocol": "Tcp", + "provisioning_state": "Succeeded", + "source_address_prefix": "*", + "source_address_prefixes": [], + "source_application_security_groups": null, + "source_port_range": "*", + "source_port_ranges": [] + } + ], + "subnets": [], + "tags": {}, + "type": "Microsoft.Network/networkSecurityGroups" + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## State +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup +> * location: australiasoutheast +> * name: mysecgroup +> * type: Microsoft.Network/networkSecurityGroups +> * ### Default_Rules +> * ### Allowvnetinbound +> * access: Allow +> * description: Allow inbound traffic from all VMs in VNET +> * destination_address_prefix: VirtualNetwork +> * destination_application_security_groups: None +> * destination_port_range: * +> * direction: Inbound +> * etag: W/"eeeac0dc-126e-4b2f-abee-b8247bc16757" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/defaultSecurityRules/AllowVnetInBound +> * name: AllowVnetInBound +> * priority: 65000 +> * protocol: * +> * provisioning_state: Succeeded +> * source_address_prefix: VirtualNetwork +> * source_application_security_groups: None +> * source_port_range: * +> * #### Destination_Address_Prefixes +> * #### Destination_Port_Ranges +> * #### Source_Address_Prefixes +> * #### Source_Port_Ranges +> * ### Network_Interfaces +> * ### Rules +> * ### Denyssh +> * access: Deny +> * description: None +> * destination_address_prefix: * +> * destination_application_security_groups: None +> * destination_port_range: 22 +> * direction: Inbound +> * etag: W/"eeeac0dc-126e-4b2f-abee-b8247bc16757" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/securityRules/DenySSH +> * name: DenySSH +> * priority: 100 +> * protocol: Tcp +> * provisioning_state: Succeeded +> * source_address_prefix: * +> * source_application_security_groups: None +> * source_port_range: * +> * #### Destination_Address_Prefixes +> * #### Destination_Port_Ranges +> * #### Source_Address_Prefixes +> * #### Source_Port_Ranges +> * ### Subnets +> * ### Tags + + +### azure-rm-securitygroup-info +*** +Get security group facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_securitygroup_info_module.html + + +#### Base Command + +`azure-rm-securitygroup-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Only show results for a specific security group. | Optional | +| resource_group | Name of the resource group to use. | Required | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmSecuritygroupInfo.securitygroups | unknown | List containing security group dicts. | + + +#### Command Example +```!azure-rm-securitygroup-info resource_group="myResourceGroup" name="mysecgroup" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmSecuritygroupInfo": [ + { + "changed": false, + "securitygroups": [ + { + "etag": "W/\"eeeac0dc-126e-4b2f-abee-b8247bc16757\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup", + "location": "australiasoutheast", + "name": "mysecgroup", + "properties": { + "defaultSecurityRules": [ + { + "etag": "W/\"eeeac0dc-126e-4b2f-abee-b8247bc16757\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/defaultSecurityRules/AllowVnetInBound", + "name": "AllowVnetInBound", + "properties": { + "access": "Allow", + "description": "Allow inbound traffic from all VMs in VNET", + "destinationAddressPrefix": "VirtualNetwork", + "destinationAddressPrefixes": [], + "destinationPortRange": "*", + "destinationPortRanges": [], + "direction": "Inbound", + "priority": 65000, + "protocol": "*", + "provisioningState": "Succeeded", + "sourceAddressPrefix": "VirtualNetwork", + "sourceAddressPrefixes": [], + "sourcePortRange": "*", + "sourcePortRanges": [] + } + } + ], + "provisioningState": "Succeeded", + "resourceGuid": "2ceea731-b4fb-4999-8ac6-0b6a74a1df94", + "securityRules": [ + { + "etag": "W/\"eeeac0dc-126e-4b2f-abee-b8247bc16757\"", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/securityRules/DenySSH", + "name": "DenySSH", + "properties": { + "access": "Deny", + "destinationAddressPrefix": "*", + "destinationAddressPrefixes": [], + "destinationPortRange": "22", + "destinationPortRanges": [], + "direction": "Inbound", + "priority": 100, + "protocol": "Tcp", + "provisioningState": "Succeeded", + "sourceAddressPrefix": "*", + "sourceAddressPrefixes": [], + "sourcePortRange": "*", + "sourcePortRanges": [] + } + } + ] + }, + "tags": {}, + "type": "Microsoft.Network/networkSecurityGroups" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Securitygroups +> * ## Mysecgroup +> * etag: W/"eeeac0dc-126e-4b2f-abee-b8247bc16757" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup +> * location: australiasoutheast +> * name: mysecgroup +> * type: Microsoft.Network/networkSecurityGroups +> * ### Properties +> * provisioningState: Succeeded +> * resourceGuid: 2ceea731-b4fb-4999-8ac6-0b6a74a1df94 +> * #### Defaultsecurityrules +> * #### Allowvnetinbound +> * etag: W/"eeeac0dc-126e-4b2f-abee-b8247bc16757" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/defaultSecurityRules/AllowVnetInBound +> * name: AllowVnetInBound +> * ##### Properties +> * access: Allow +> * description: Allow inbound traffic from all VMs in VNET +> * destinationAddressPrefix: VirtualNetwork +> * destinationPortRange: * +> * direction: Inbound +> * priority: 65000 +> * protocol: * +> * provisioningState: Succeeded +> * sourceAddressPrefix: VirtualNetwork +> * sourcePortRange: * +> * ###### Destinationaddressprefixes +> * ###### Destinationportranges +> * ###### Sourceaddressprefixes +> * ###### Sourceportranges +> * #### Securityrules +> * #### Denyssh +> * etag: W/"eeeac0dc-126e-4b2f-abee-b8247bc16757" +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/mysecgroup/securityRules/DenySSH +> * name: DenySSH +> * ##### Properties +> * access: Deny +> * destinationAddressPrefix: * +> * destinationPortRange: 22 +> * direction: Inbound +> * priority: 100 +> * protocol: Tcp +> * provisioningState: Succeeded +> * sourceAddressPrefix: * +> * sourcePortRange: * +> * ###### Destinationaddressprefixes +> * ###### Destinationportranges +> * ###### Sourceaddressprefixes +> * ###### Sourceportranges +> * ### Tags + + +### azure-rm-dnsrecordset +*** +Create, delete and update DNS record sets and records +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnsrecordset_module.html + + +#### Base Command + +`azure-rm-dnsrecordset` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Name of resource group. | Required | +| zone_name | Name of the existing DNS zone in which to manage the record set. | Required | +| relative_name | Relative name of the record set. | Required | +| record_type | The type of record set to create or delete. Possible values are: A, AAAA, CNAME, MX, NS, SRV, TXT, PTR, CAA, SOA. | Required | +| record_mode | Whether existing record values not sent to the module should be purged. Possible values are: append, purge. Default is purge. | Optional | +| state | Assert the state of the record set. Use `present` to create or update and `absent` to delete. Possible values are: absent, present. Default is present. | Optional | +| time_to_live | Time to live of the record set in seconds. Default is 3600. | Optional | +| records | List of records to be created depending on the type of record (set). | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmDnsrecordset.state | unknown | Current state of the DNS record set. | + + +#### Command Example +```!azure-rm-dnsrecordset resource_group="myResourceGroup" relative_name="www" zone_name="xsoarexample.com" record_type="A" records="{{ [{'entry': '192.168.100.101'}, {'entry': '192.168.100.102'}, {'entry': '192.168.100.103'}] }}" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmDnsrecordset": [ + { + "changed": false, + "state": { + "arecords": [ + { + "ipv4_address": "192.168.100.101" + }, + { + "ipv4_address": "192.168.100.102" + }, + { + "ipv4_address": "192.168.100.103" + } + ], + "etag": "97b23b1e-1d39-4340-a97b-325b17725d55", + "fqdn": "www.xsoarexample.com.", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/dnszones/xsoarexample.com/A/www", + "name": "www", + "provisioning_state": "Succeeded", + "target_resource": {}, + "ttl": 3600, + "type": "A" + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## State +> * etag: 97b23b1e-1d39-4340-a97b-325b17725d55 +> * fqdn: www.xsoarexample.com. +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/dnszones/xsoarexample.com/A/www +> * name: www +> * provisioning_state: Succeeded +> * ttl: 3600 +> * type: A +> * ### Arecords +> * ### List +> * ipv4_address: 192.168.100.101 +> * ### List +> * ipv4_address: 192.168.100.102 +> * ### List +> * ipv4_address: 192.168.100.103 +> * ### Target_Resource + + +### azure-rm-dnsrecordset-info +*** +Get DNS Record Set facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnsrecordset_info_module.html + + +#### Base Command + +`azure-rm-dnsrecordset-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| relative_name | Only show results for a Record Set. | Optional | +| resource_group | Limit results by resource group. Required when filtering by name or type. | Optional | +| zone_name | Limit results by zones. Required when filtering by name or type. | Optional | +| record_type | Limit record sets by record type. | Optional | +| top | Limit the maximum number of record sets to return. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmDnsrecordsetInfo.azure_dnsrecordset | unknown | List of record set dicts. | +| Azure.AzureRmDnsrecordsetInfo.dnsrecordsets | unknown | List of record set dicts, which shares the same hierarchy as \`azure_rm_dnsrecordset\` module's parameter. | + + +#### Command Example +```!azure-rm-dnsrecordset-info resource_group="myResourceGroup" zone_name="xsoarexample.com" relative_name="www" record_type="A" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmDnsrecordsetInfo": [ + { + "changed": false, + "dnsrecordsets": [ + { + "fqdn": "www.xsoarexample.com.", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/dnszones/xsoarexample.com/A/www", + "provisioning_state": "Succeeded", + "record_type": "A", + "records": [ + { + "ipv4_address": "192.168.100.101" + }, + { + "ipv4_address": "192.168.100.102" + }, + { + "ipv4_address": "192.168.100.103" + } + ], + "relative_name": "www", + "time_to_live": 3600 + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Dnsrecordsets +> * ## Www +> * fqdn: www.xsoarexample.com. +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/dnszones/xsoarexample.com/A/www +> * provisioning_state: Succeeded +> * record_type: A +> * relative_name: www +> * time_to_live: 3600 +> * ### Records +> * ### List +> * ipv4_address: 192.168.100.101 +> * ### List +> * ipv4_address: 192.168.100.102 +> * ### List +> * ipv4_address: 192.168.100.103 + + +### azure-rm-dnszone +*** +Manage Azure DNS zones +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnszone_module.html + + +#### Base Command + +`azure-rm-dnszone` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | name of resource group. | Required | +| name | Name of the DNS zone. | Required | +| state | Assert the state of the zone. Use `present` to create or update and `absent` to delete. Possible values are: absent, present. Default is present. | Optional | +| type | The type of this DNS zone (`public` or `private`). Possible values are: public, private. | Optional | +| registration_virtual_networks | A list of references to virtual networks that register hostnames in this DNS zone. This is a only when `type=private`. Each element can be the name or resource id, or a dict contains `name`, `resource_group` information of the virtual network. | Optional | +| resolution_virtual_networks | A list of references to virtual networks that resolve records in this DNS zone. This is a only when `type=private`. Each element can be the name or resource id, or a dict contains `name`, `resource_group` information of the virtual network. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| tags | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmDnszone.state | unknown | Current state of the zone. | + + +#### Command Example +```!azure-rm-dnszone resource_group="myResourceGroup" name="xsoarexample.com" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmDnszone": [ + { + "changed": false, + "check_mode": false, + "state": { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/dnszones/xsoarexample.com", + "name": "xsoarexample.com", + "name_servers": [ + "ns1-01.azure-dns.com.", + "ns2-01.azure-dns.net.", + "ns3-01.azure-dns.org.", + "ns4-01.azure-dns.info." + ], + "number_of_record_sets": 3, + "registration_virtual_networks": null, + "resolution_virtual_networks": null, + "tags": {}, + "type": "public" + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * check_mode: False +> * ## State +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/dnszones/xsoarexample.com +> * name: xsoarexample.com +> * number_of_record_sets: 3 +> * registration_virtual_networks: None +> * resolution_virtual_networks: None +> * type: public +> * ### Name_Servers +> * 0: ns1-01.azure-dns.com. +> * 1: ns2-01.azure-dns.net. +> * 2: ns3-01.azure-dns.org. +> * 3: ns4-01.azure-dns.info. +> * ### Tags + + +### azure-rm-dnszone-info +*** +Get DNS zone facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/azure_rm_dnszone_info_module.html + + +#### Base Command + +`azure-rm-dnszone-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_group | Limit results by resource group. Required when filtering by name. | Optional | +| name | Only show results for a specific zone. | Optional | +| tags | Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. | Optional | +| subscription_id | Your Azure subscription Id. | Optional | +| append_tags | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Azure.AzureRmDnszoneInfo.azure_dnszones | unknown | List of zone dicts. | +| Azure.AzureRmDnszoneInfo.dnszones | unknown | List of zone dicts, which share the same layout as azure_rm_dnszone module parameter. | + + +#### Command Example +```!azure-rm-dnszone-info resource_group="myResourceGroup" name="xsoarexample.com" ``` + +#### Context Example +```json +{ + "Azure": { + "AzureRmDnszoneInfo": [ + { + "changed": false, + "dnszones": [ + { + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/dnszones/xsoarexample.com", + "max_number_of_record_sets": 10000, + "name": "xsoarexample.com", + "name_servers": [ + "ns1-01.azure-dns.com.", + "ns2-01.azure-dns.net.", + "ns3-01.azure-dns.org.", + "ns4-01.azure-dns.info." + ], + "number_of_record_sets": 3, + "registration_virtual_networks": null, + "resolution_virtual_networks": null, + "tags": {}, + "type": "public" + } + ], + "info": { + "azure_dnszones": [ + { + "etag": "00000002-0000-0000-2a52-97b25176d701", + "id": "/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/dnszones/xsoarexample.com", + "location": "global", + "name": "xsoarexample.com", + "properties": { + "maxNumberOfRecordSets": 10000, + "nameServers": [ + "ns1-01.azure-dns.com.", + "ns2-01.azure-dns.net.", + "ns3-01.azure-dns.org.", + "ns4-01.azure-dns.info." + ], + "numberOfRecordSets": 3, + "zoneType": "Public" + }, + "tags": {}, + "type": "Microsoft.Network/dnszones" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Info +> * ### Azure_Dnszones +> * ### Xsoarexample.Com +> * etag: 00000002-0000-0000-2a52-97b25176d701 +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/dnszones/xsoarexample.com +> * location: global +> * name: xsoarexample.com +> * type: Microsoft.Network/dnszones +> * #### Properties +> * maxNumberOfRecordSets: 10000 +> * numberOfRecordSets: 3 +> * zoneType: Public +> * ##### Nameservers +> * 0: ns1-01.azure-dns.com. +> * 1: ns2-01.azure-dns.net. +> * 2: ns3-01.azure-dns.org. +> * 3: ns4-01.azure-dns.info. +> * #### Tags +> * ## Dnszones +> * ## Xsoarexample.Com +> * id: /subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myresourcegroup/providers/Microsoft.Network/dnszones/xsoarexample.com +> * max_number_of_record_sets: 10000 +> * name: xsoarexample.com +> * number_of_record_sets: 3 +> * registration_virtual_networks: None +> * resolution_virtual_networks: None +> * type: public +> * ### Name_Servers +> * 0: ns1-01.azure-dns.com. +> * 1: ns2-01.azure-dns.net. +> * 2: ns3-01.azure-dns.org. +> * 3: ns4-01.azure-dns.info. +> * ### Tags + diff --git a/Packs/AnsibleAzure/Integrations/AnsibleAzure/command_examples b/Packs/AnsibleAzure/Integrations/AnsibleAzure/command_examples new file mode 100644 index 000000000000..95868c4005f6 --- /dev/null +++ b/Packs/AnsibleAzure/Integrations/AnsibleAzure/command_examples @@ -0,0 +1,66 @@ +!azure-rm-resourcegroup name="myResourceGroup" location="australiasoutheast" tags="{\"testing\": \"testing\", \"delete\": \"never\"}" +!azure-rm-resourcegroup-info name="myResourceGroup" location="australiasoutheast" +!azure-rm-availabilityset name="myAvailabilitySet" location="australiasoutheast" resource_group="myResourceGroup" +!azure-rm-availabilityset-info name="Testing" resource_group="myResourceGroup" +!azure-rm-deployment resource_group="myResourceGroup" name="myDeployment" location="australiasoutheast" template_link="https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-vm-simple-linux/azuredeploy.json" parameters="{\"vmName\":{\"value\":\"simpleLinuxVM\"},\"adminUsername\":{\"value\":\"exampleadmin\"},\"authenticationType\":{\"value\":\"password\"},\"adminPasswordOrKey\":{\"value\":\"CHANGEME\"},\"dnsLabelPrefix\":{\"value\":\"xsoarexample\"},\"ubuntuOSVersion\":{\"value\":\"18.04-LTS\"},\"VmSize\":{\"value\":\"Standard_B2s\"},\"virtualNetworkName\":{\"value\":\"vNet\"},\"subnetName\":{\"value\":\"Subnet\"},\"networkSecurityGroupName\":{\"value\":\"SecGroupNet\"}}" +!azure-rm-deployment-info resource_group="myResourceGroup" name="myDeployment" +!azure-rm-virtualmachine resource_group="myResourceGroup" name="testvm10" state="present" started="Yes" allocated="No" admin_username="exampleadmin" admin_password="CHANGEME" ssh_password_enabled="Yes" image="{{ {'offer': 'debian-10', 'publisher': 'Debian', 'sku': '10','version': 'latest'} }}" vm_size=Standard_B2ms +!azure-rm-virtualmachine-info resource_group="myResourceGroup" +!azure-rm-snapshot resource_group="myResourceGroup" name="mySnapshot" creation_data="{\"create_option\": \"Copy\", \"source_uri\": \"/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/MYRESOURCEGROUP/providers/Microsoft.Compute/disks/simpleLinuxVM_disk1_ec6c751c094b4cabba5df997cb37b851\"}" state="present" append_tags="Yes" +!azure-rm-virtualmachineimage-info location="australiasoutheast" publisher="Debian" offer="debian-10" sku="10" version=0.20190705.396 +!azure-rm-virtualmachineextension name="myvmextension" location="australiasoutheast" resource_group="myResourceGroup" virtual_machine_name="testvm10" publisher="Microsoft.Azure.Extensions" virtual_machine_extension_type="CustomScript" type_handler_version="2.0" settings="{\"commandToExecute\": \"hostname\"}" auto_upgrade_minor_version="True" +!azure-rm-virtualmachineextension-info resource_group="myResourceGroup" virtual_machine_name="testvm10" name="myvmextension" +!azure-rm-manageddisk name="mymanageddisk" location="australiasoutheast" resource_group="myResourceGroup" disk_size_gb="4" +!azure-rm-manageddisk-info name="mymanageddisk" resource_group="myResourceGroup" +!azure-rm-virtualmachine resource_group="myResourceGroup" name="testvm10" state="present" started="Yes" allocated="No" generalized="true" vm_size="Standard_B2ms" admin_username="exampleadmin" admin_password="CHANGEME" ssh_password_enabled="Yes" image="{{ {'offer': 'debian-10', 'publisher': 'Debian', 'sku': '10','version': 'latest'} }}" storage_container_name="vhds" os_disk_caching="ReadOnly" os_type="Linux" public_ip_allocation_method="Static" remove_on_absent="['all']" accept_terms="No" append_tags="Yes" +!azure-rm-image resource_group="myResourceGroup" name="myImage" source="testvm10" +!azure-rm-image-info name="myImage" resource_group="myResourceGroup" +!azure-rm-virtualmachinescaleset resource_group="myResourceGroup" name="testvmss" vm_size="Standard_DS1_v2" capacity="2" virtual_network_name="vnet" upgrade_policy="Manual" subnet_name="subnet" admin_username="adminUser" ssh_password_enabled=Yes admin_password="CHANGEME" managed_disk_type="Standard_LRS" image="{{ {'offer': 'debian-10', 'publisher': 'Debian', 'sku': '10','version': 'latest'} }}" +!azure-rm-virtualmachinescaleset-info resource_group="myResourceGroup" name="testvmss" format="curated" +!azure-rm-virtualmachinescalesetextension name="myvmssextension" location="australiasoutheast" resource_group="myResourceGroup" vmss_name="testvmss" publisher="Microsoft.Azure.Extensions" type="CustomScript" type_handler_version="2.0" settings="{\"commandToExecute\": \"hostname\"}" auto_upgrade_minor_version="True" +!azure-rm-virtualmachinescalesetextension-info resource_group="myResourceGroup" vmss_name="testvmss" +!azure-rm-virtualmachinescalesetinstance resource_group="myResourceGroup" vmss_name="testvmss" instance_id="2" latest_model="True" power_state=running +!azure-rm-virtualmachinescalesetinstance-info resource_group="myResourceGroup" vmss_name="testvmss" +!azure-rm-autoscale target="/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/testvmss" enabled="True" profiles="{{ [{\"count\": \"1\", \"recurrence_days\": [\"Monday\"], \"name\": \"Auto created scale condition\", \"recurrence_timezone\": \"China Standard Time\", \"recurrence_mins\": [\"0\"], \"min_count\": \"1\", \"max_count\": \"1\", \"recurrence_frequency\": \"Week\", \"recurrence_hours\": [\"18\"]}] }}" name="auto_scale_name" resource_group="myResourceGroup" location="australiasoutheast" +!azure-rm-autoscale-info resource_group="myResourceGroup" name="auto_scale_name" location="australiasoutheast" +!azure-rm-loadbalancer resource_group="myResourceGroup" name="testloadbalancer1" frontend_ip_configurations="{{ [{\"name\": \"frontendipconf0\", \"public_ip_address\": \"loadbalancerpip\"}] }}" backend_address_pools="{{ [{\"name\": \"backendaddrpool0\"}] }}" probes="{{ [{\"name\": \"prob0\", \"port\": 80}] }}" inbound_nat_pools="{{ [{\"name\": \"inboundnatpool0\", \"frontend_ip_configuration_name\": \"frontendipconf0\", \"protocol\": \"Tcp\", \"frontend_port_range_start\": 80, \"frontend_port_range_end\": 81, \"backend_port\": 8080}] }}" load_balancing_rules="{{ [{\"name\": \"lbrbalancingrule0\", \"frontend_ip_configuration\": \"frontendipconf0\", \"backend_address_pool\": \"backendaddrpool0\", \"frontend_port\": 80, \"backend_port\": 80, \"probe\": \"prob0\"}] }}" +!azure-rm-loadbalancer-info name="testloadbalancer1" resource_group="myResourceGroup" +!azure-rm-resource-info resource_group="myResourceGroup" provider="compute" resource_type="virtualMachines" resource_name="testvm10" +!azure-rm-gallery resource_group="myResourceGroup" name="myGallery1283" location="australiasoutheast" description="This is the gallery description." +!azure-rm-gallery-info +!azure-rm-galleryimage resource_group="myResourceGroup" gallery_name="myGallery1283" name="myImage" location="australiasoutheast" os_type="linux" os_state="generalized" identifier="{\"publisher\": \"myPublisherName\", \"offer\": \"myOfferName\", \"sku\": \"mySkuName\"}" +!azure-rm-galleryimage-info resource_group="myResourceGroup" gallery_name="myGallery1283" +!azure-rm-galleryimageversion resource_group="myResourceGroup" gallery_name="myGallery1283" gallery_image_name="myImage" name="10.1.3" location="australiasoutheast" publishing_profile="{{{\"end_of_life_date\": \"2022-10-01t00:00:00+00:00\", \"exclude_from_latest\": True, \"replica_count\": 1, \"storage_account_type\": \"Standard_LRS\", \"target_regions\": [{\"name\": \"australiasoutheast\", \"regional_replica_count\": 1}], \"managed_image\": {\"name\": \"myImage\", \"resource_group\": \"myResourceGroup\"}}}}" execution-timeout=90000000 +!azure-rm-galleryimageversion-info resource_group="myResourceGroup" gallery_name="myGallery1283" gallery_image_name="myImage" +!azure-rm-functionapp resource_group="myResourceGroup" name="myxsoarFunctionApp" storage_account="xsoarexamplestorage" state="absent" +!azure-rm-functionapp-info resource_group="myResourceGroup" +!azure-rm-webapp resource_group="myResourceGroup" name="myWinWebapp5742" plan="ASP-myResourceGroup-9f31" client_affinity_enabled="Yes" app_state="started" state="present" append_tags="Yes" +!azure-rm-webapp-info resource_group="myResourceGroup" +!azure-rm-webappslot resource_group="myResourceGroup" name="stage" webapp_name="myWinWebapp5745" configuration_source="myWinWebapp5745" app_settings="{\"testkey\": \"testvalue\"}" app_state="stopped" state="present" append_tags="Yes" + +!azure-rm-virtualnetwork resource_group="myResourceGroup" name="myVirtualNetwork" address_prefixes_cidr="{{ ['10.1.0.0/16', '1.1.1.1/16'] }}" dns_servers="{{ ['127.0.0.1', '127.0.0.2'] }}" tags="{{ {'testing': 'testing', 'delete': 'on-exit'} }}" +!azure-rm-virtualnetwork-info resource_group="myResourceGroup" name="myVirtualNetwork" +!azure-rm-virtualnetworkgateway resource_group="myResourceGroup" name="myVirtualNetworkGateway" ip_configurations="{{ [{'name': 'testipconfig', 'private_ip_allocation_method': 'Dynamic', 'public_ip_address_name': 'testipaddr'}] }}" virtual_network="myVirtualNetwork" tags="{{ {'common': 'xyz'} }}" +!azure-rm-virtualnetworkpeering resource_group="myResourceGroup" virtual_network="myVirtualNetwork" name="myPeering" remote_virtual_network="{{ {'resource_group': 'mySecondResourceGroup', 'name': 'myRemoteVirtualNetwork'} }}" allow_virtual_network_access="False" allow_forwarded_traffic="True" +!azure-rm-virtualnetworkpeering-info resource_group="myResourceGroup" virtual_network="myVirtualNetwork" name="myPeering" +!azure-rm-subnet resource_group="myResourceGroup" virtual_network_name="myVirtualNetwork" name="mySubnet" address_prefix_cidr="10.1.0.0/24" +!azure-rm-subnet-info resource_group="myResourceGroup" virtual_network_name="myVirtualNetwork" name="mySubnet" +!azure-rm-trafficmanagerprofile name="tmtest" resource_group="myResourceGroup" location="global" profile_status="enabled" routing_method="priority" dns_config="{{ {'relative_name': 'xsoartmtest', 'ttl': 60} }}" monitor_config="{{ {'protocol': 'HTTPS', 'port': 80, 'path': '/'} }}" tags="{{ {'Environment': 'Test'} }}" +!azure-rm-trafficmanagerprofile-info +!azure-rm-trafficmanagerendpoint resource_group="myResourceGroup" profile_name="tmtest" name="testendpoint1" type="external_endpoints" location="westus" priority="2" weight="1" target="1.2.3.4" +!azure-rm-trafficmanagerendpoint-info resource_group="myResourceGroup" profile_name="tmtest" +!azure-rm-networkinterface name="nic001" resource_group="myResourceGroup" virtual_network="myVirtualNetwork" subnet_name="mySubnet" ip_configurations="{{ [{'name': 'ipconfig1', 'public_ip_address_name': 'publicip001', 'primary': True}] }}" +!azure-rm-networkinterface-info resource_group="myResourceGroup" name="nic001" +!azure-rm-publicipaddress resource_group="myResourceGroup" name="my_public_ip" allocation_method="static" domain_name="foobar" +!azure-rm-publicipaddress-info resource_group="myResourceGroup" name="my_public_ip" +!azure-rm-routetable resource_group="myResourceGroup" name="myRouteTable" disable_bgp_route_propagation="False" tags="{{ {'purpose': 'testing'} }}" +!azure-rm-routetable-info name="Testing" resource_group="myResourceGroup" +!azure-rm-route resource_group="myResourceGroup" name="myRoute" address_prefix="10.1.0.0/16" next_hop_type="virtual_network_gateway" route_table_name="myRouteTable" +!azure-rm-securitygroup resource_group="myResourceGroup" name="mysecgroup" purge_rules="True" rules="{{ [{'name': 'DenySSH', 'protocol': 'Tcp', 'destination_port_range': 22, 'access': 'Deny', 'priority': 100, 'direction': 'Inbound'}, {'name': 'AllowSSH', 'protocol': 'Tcp', 'source_address_prefix': ['1.1.1.1/24', '1.1.1.2/24'], 'destination_port_range': 22, 'access': 'Allow', 'priority': 101, 'direction': 'Inbound'}, {'name': 'AllowMultiplePorts', 'protocol': 'Tcp', 'source_address_prefix': ['1.1.1.1/24', '1.1.1.2/24'], 'destination_port_range': [80, 443], 'access': 'Allow', 'priority': 102}] }}" +!azure-rm-securitygroup-info resource_group="myResourceGroup" name="mysecgroup" +!azure-rm-dnszone resource_group="myResourceGroup" name="xsoarexample.com" +!azure-rm-dnszone-info resource_group="myResourceGroup" name="xsoarexample.com" +!azure-rm-dnsrecordset resource_group="myResourceGroup" relative_name="www" zone_name="xsoarexample.com" record_type="A" records="{{ [{'entry': '192.168.100.101'}, {'entry': '192.168.100.102'}, {'entry': '192.168.100.103'}] }}" +!azure-rm-dnsrecordset-info resource_group="myResourceGroup" zone_name="xsoarexample.com" relative_name="www" record_type="A" +!azure-rm-azurefirewall resource_group="myResourceGroup" name="myAzureFirewall" tags="{{ {'key1': 'value1'} }}" ip_configurations="{{ [{'subnet': '/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/AzureFirewallSubnet', 'public_ip_address': '/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/myPublicIpAddress', 'name': 'azureFirewallIpConfiguration'}] }}" +!azure-rm-azurefirewall-info diff --git a/Packs/AnsibleAzure/README.md b/Packs/AnsibleAzure/README.md new file mode 100644 index 000000000000..5e7ba2faf59b --- /dev/null +++ b/Packs/AnsibleAzure/README.md @@ -0,0 +1,39 @@ +This pack enables you to integrate with Microsoft Azure Cloud services. Azure is a public cloud computing platform—with solutions including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) that can be used for services such as analytics, virtual computing, storage, networking, and much more. It can be used to replace or supplement on-premise servers. + +This integration enables the management of Azure Services using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack do? + +Create, delete and management of the following Azure Compute resources: + +* Resource Groups +* Deployments +* Virtual Machines +* Virtual Machine Snapshots +* Virtual Machine Images +* Virtual Machine Extensions +* Virtual Machine Scale Sets +* Virtual Machine Availability Sets +* Managed Disks +* Autoscaling +* Gallery +* Function App +* Web App +* Load Balancer + +Create, delete and management of the following Azure Networking resources: + +* Virtual Network +* Virtual Network Gateway +* Virtual Network Peering +* Subnet +* Traffic Manager Profile +* Traffic Manager Endpoint +* Network Interface +* Public IP Address +* Route Table +* Route +* Security Group +* DNS Zone +* DNS Record Set +* Azure Firewall \ No newline at end of file diff --git a/Packs/AnsibleAzure/pack_metadata.json b/Packs/AnsibleAzure/pack_metadata.json new file mode 100644 index 000000000000..31ce19797b6c --- /dev/null +++ b/Packs/AnsibleAzure/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible Azure", + "description": "Manage and control Azure services.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT"], + "useCases": ["IT Services", "Asset Management"], + "keywords": [] +} \ No newline at end of file diff --git a/Packs/AnsibleCiscoIOS/.pack-ignore b/Packs/AnsibleCiscoIOS/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleCiscoIOS/.secrets-ignore b/Packs/AnsibleCiscoIOS/.secrets-ignore new file mode 100644 index 000000000000..f6793aef723e --- /dev/null +++ b/Packs/AnsibleCiscoIOS/.secrets-ignore @@ -0,0 +1,3 @@ +123.123.123.123 +11:11:11:11:11:11:11:11 +255.255.254.0 diff --git a/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.py b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.py new file mode 100644 index 000000000000..2587212056c4 --- /dev/null +++ b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.py @@ -0,0 +1,96 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'ios' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + result = generic_ansible('CiscoIOS', 'ios_facts', args, int_params, host_type) + + if result: + return_results('ok') + else: + return_results(result) + + elif command == 'ios-banner': + return_results(generic_ansible('CiscoIOS', 'ios_banner', args, int_params, host_type)) + elif command == 'ios-bgp': + return_results(generic_ansible('CiscoIOS', 'ios_bgp', args, int_params, host_type)) + elif command == 'ios-command': + return_results(generic_ansible('CiscoIOS', 'ios_command', args, int_params, host_type)) + elif command == 'ios-config': + return_results(generic_ansible('CiscoIOS', 'ios_config', args, int_params, host_type)) + elif command == 'ios-facts': + return_results(generic_ansible('CiscoIOS', 'ios_facts', args, int_params, host_type)) + elif command == 'ios-interfaces': + return_results(generic_ansible('CiscoIOS', 'ios_interfaces', args, int_params, host_type)) + elif command == 'ios-l2-interfaces': + return_results(generic_ansible('CiscoIOS', 'ios_l2_interfaces', args, int_params, host_type)) + elif command == 'ios-l3-interfaces': + return_results(generic_ansible('CiscoIOS', 'ios_l3_interfaces', args, int_params, host_type)) + elif command == 'ios-lacp': + return_results(generic_ansible('CiscoIOS', 'ios_lacp', args, int_params, host_type)) + elif command == 'ios-lacp-interfaces': + return_results(generic_ansible('CiscoIOS', 'ios_lacp_interfaces', args, int_params, host_type)) + elif command == 'ios-lag-interfaces': + return_results(generic_ansible('CiscoIOS', 'ios_lag_interfaces', args, int_params, host_type)) + elif command == 'ios-linkagg': + return_results(generic_ansible('CiscoIOS', 'ios_linkagg', args, int_params, host_type)) + elif command == 'ios-lldp': + return_results(generic_ansible('CiscoIOS', 'ios_lldp', args, int_params, host_type)) + elif command == 'ios-lldp-global': + return_results(generic_ansible('CiscoIOS', 'ios_lldp_global', args, int_params, host_type)) + elif command == 'ios-lldp-interfaces': + return_results(generic_ansible('CiscoIOS', 'ios_lldp_interfaces', args, int_params, host_type)) + elif command == 'ios-logging': + return_results(generic_ansible('CiscoIOS', 'ios_logging', args, int_params, host_type)) + elif command == 'ios-ntp': + return_results(generic_ansible('CiscoIOS', 'ios_ntp', args, int_params, host_type)) + elif command == 'ios-ping': + return_results(generic_ansible('CiscoIOS', 'ios_ping', args, int_params, host_type)) + elif command == 'ios-static-route': + return_results(generic_ansible('CiscoIOS', 'ios_static_route', args, int_params, host_type)) + elif command == 'ios-system': + return_results(generic_ansible('CiscoIOS', 'ios_system', args, int_params, host_type)) + elif command == 'ios-user': + return_results(generic_ansible('CiscoIOS', 'ios_user', args, int_params, host_type)) + elif command == 'ios-vlans': + return_results(generic_ansible('CiscoIOS', 'ios_vlans', args, int_params, host_type)) + elif command == 'ios-vrf': + return_results(generic_ansible('CiscoIOS', 'ios_vrf', args, int_params, host_type)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.yml b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.yml new file mode 100644 index 000000000000..b1e18bcbd09e --- /dev/null +++ b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS.yml @@ -0,0 +1,1176 @@ +category: IT Services +commonfields: + id: AnsibleCiscoIOS + version: -1 +configuration: +- additionalinfo: The credentials to associate with the instance. SSH keys can be + configured using the credential manager. + display: Username + name: creds + required: true + type: 9 +- display: Enable Password + name: enable_password + required: true + type: 4 +- additionalinfo: The default port to use if one is not specified in the commands + `host` argument. + defaultvalue: 22 + display: Default SSH Port + name: port + required: true + type: 0 +- additionalinfo: If multiple hosts are specified in a command, how many hosts should + be interacted with concurrently. + defaultvalue: '4' + display: Concurrency Factor + name: concurrency + required: true + type: 0 +description: Cisco IOS Platform management over SSH +display: Ansible Cisco IOS +fromversion: 6.0.0 +name: AnsibleCiscoIOS +script: + commands: + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Specifies which banner should be configured on the remote device. + In Ansible 2.4 and earlier only `login` and `motd` were supported. + name: banner + predefined: + - login + - motd + - exec + - incoming + - slip-ppp + required: true + - description: The banner text that should be present in the remote device running + configuration. This argument accepts a multiline string, with no empty lines. + Requires `state=present`. + name: text + - auto: PREDEFINED + defaultValue: present + description: Specifies whether or not the configuration is present in the current + devices active running configuration. + name: state + predefined: + - present + - absent + description: "Manage multiline banners on Cisco IOS devices\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_banner_module.html" + name: ios-banner + outputs: + - contextPath: CiscoIOS.IosBanner.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Specifies the BGP related configuration. + name: config + - auto: PREDEFINED + defaultValue: merge + description: 'Specifies the operation to be performed on the BGP process configured + on the device. In case of merge, the input configuration will be merged with + the existing BGP configuration on the device. In case of replace, if there + is a diff between the existing configuration and the input configuration, + the existing configuration will be replaced by the input configuration for + every option that has the diff. In case of override, all the existing BGP + configuration will be removed from the device and replaced with the input + configuration. In case of delete the existing BGP configuration will be removed + from the device.' + name: operation + predefined: + - merge + - replace + - override + - delete + description: "Configure global BGP protocol settings on Cisco IOS.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_bgp_module.html" + name: ios-bgp + outputs: + - contextPath: CiscoIOS.IosBgp.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: List of commands to send to the remote ios device over the configured + provider. The resulting output from the command is returned. If the `wait_for` + argument is provided, the module is not returned until the condition is satisfied + or the number of retries has expired. If a command sent to the device requires + answering a prompt, it is possible to pass a dict containing `command`, `answer` + and `prompt`. Common answers are 'y' or "\r" (carriage return, must be double + quotes). See examples. + name: commands + required: true + - description: List of conditions to evaluate against the output of the command. + The task will wait for each condition to be true before moving forward. If + the conditional is not true within the configured number of retries, the task + fails. See examples. + name: wait_for + - auto: PREDEFINED + defaultValue: all + description: The `match` argument is used in conjunction with the `wait_for` + argument to specify the match policy. Valid values are `all` or `any`. If + the value is set to `all` then all conditionals in the wait_for must be satisfied. If + the value is set to `any` then only one of the values must be satisfied. + name: match + predefined: + - any + - all + - defaultValue: '10' + description: Specifies the number of retries a command should by tried before + it is considered failed. The command is run on the target device every retry + and evaluated against the `wait_for` conditions. + name: retries + - defaultValue: '1' + description: Configures the interval in seconds to wait between retries of the + command. If the command does not pass the specified conditions, the interval + indicates how long to wait before trying the command again. + name: interval + description: "Run commands on remote devices running Cisco IOS\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_command_module.html" + name: ios-command + outputs: + - contextPath: CiscoIOS.IosCommand.stdout + description: The set of responses from the commands + type: unknown + - contextPath: CiscoIOS.IosCommand.stdout_lines + description: The value of stdout split into a list + type: unknown + - contextPath: CiscoIOS.IosCommand.failed_conditions + description: The list of conditionals that have failed + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The ordered set of commands that should be configured in the section. The + commands must be the exact same commands as found in the device running-config. Be + sure to note the configuration command syntax as some commands are automatically + modified by the device config parser. + name: lines + - description: The ordered set of parents that uniquely identify the section or + hierarchy the commands should be checked against. If the parents argument + is omitted, the commands are checked against the set of top level or global + commands. + name: parents + - description: Specifies the source path to the file that contains the configuration + or configuration template to load. The path to the source file can either + be the full path on the Ansible control host or a relative path from the playbook + or role root directory. This argument is mutually exclusive with `lines`, + `parents`. + name: src + - description: The ordered set of commands to push on to the command stack if + a change needs to be made. This allows the playbook designer the opportunity + to perform configuration commands prior to pushing any changes without affecting + how the set of commands are matched against the system. + name: before + - description: The ordered set of commands to append to the end of the command + stack if a change needs to be made. Just like with `before` this allows the + playbook designer to append a set of commands to be executed after the command + set. + name: after + - auto: PREDEFINED + defaultValue: line + description: Instructs the module on the way to perform the matching of the + set of commands against the current device config. If match is set to `line`, + commands are matched line by line. If match is set to `strict`, command lines + are matched with respect to position. If match is set to `exact`, command + lines must be an equal match. Finally, if match is set to `none`, the module + will not attempt to compare the source configuration with the running configuration + on the remote device. + name: match + predefined: + - line + - strict + - exact + - none + - auto: PREDEFINED + defaultValue: line + description: Instructs the module on the way to perform the configuration on + the device. If the replace argument is set to `line` then the modified lines + are pushed to the device in configuration mode. If the replace argument is + set to `block` then the entire command block is pushed to the device in configuration + mode if any line is not correct. + name: replace + predefined: + - line + - block + - defaultValue: '@' + description: This argument is used when pushing a multiline configuration element + to the IOS device. It specifies the character to use as the delimiting character. This + only applies to the configuration action. + name: multiline_delimiter + - defaultValue: 'no' + description: This argument will cause the module to create a full backup of + the current `running-config` from the remote device before any changes are + made. If the `backup_options` value is not given, the backup file is written + to the `backup` folder in the playbook root directory or role root directory, + if playbook is part of an ansible role. If the directory does not exist, it + is created. + name: backup + - description: The module, by default, will connect to the remote device and retrieve + the current running-config to use as a base for comparing against the contents + of source. There are times when it is not desirable to have the task get the + current running-config for every task in a playbook. The `running_config` + argument allows the implementer to pass in the configuration to use as the + base config for comparison. + name: running_config + - defaultValue: 'no' + description: This argument specifies whether or not to collect all defaults + when getting the remote device running config. When enabled, the module will + get the current config by issuing the command `show running-config all`. + name: defaults + - auto: PREDEFINED + defaultValue: never + description: When changes are made to the device running-configuration, the + changes are not copied to non-volatile storage by default. Using this argument + will change that before. If the argument is set to `always`, then the running-config + will always be copied to the startup-config and the `modified` flag will always + be set to True. If the argument is set to `modified`, then the running-config + will only be copied to the startup-config if it has changed since the last + save to startup-config. If the argument is set to `never`, the running-config + will never be copied to the startup-config. If the argument is set to `changed`, + then the running-config will only be copied to the startup-config if the task + has made a change. `changed` was added in Ansible 2.5. + name: save_when + predefined: + - always + - never + - modified + - changed + - auto: PREDEFINED + description: 'When using the `ansible-playbook --diff` command line argument + the module can generate diffs against different sources. When this option + is configure as `startup`, the module will return the diff of the running-config + against the startup-config. When this option is configured as `intended`, + the module will return the diff of the running-config against the configuration + provided in the `intended_config` argument. When this option is configured + as `running`, the module will return the before and after diff of the running-config + with respect to any changes made to the device configuration.' + name: diff_against + predefined: + - running + - startup + - intended + - description: Use this argument to specify one or more lines that should be ignored + during the diff. This is used for lines in the configuration that are automatically + updated by the system. This argument takes a list of regular expressions + or exact line matches. + name: diff_ignore_lines + - description: The `intended_config` provides the master configuration that the + node should conform to and is used to check the final running-config against. + This argument will not modify any settings on the remote device and is strictly + used to check the compliance of the current device's configuration against. When + specifying this argument, the task should also modify the `diff_against` value + and set it to `intended`. + name: intended_config + - description: This is a dict object containing configurable options related to + backup file path. The value of this option is read only when `backup` is set + to `yes`, if `backup` is set to `no` this option will be silently ignored. + isArray: true + name: backup_options + description: "Manage Cisco IOS configuration sections\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_config_module.html" + name: ios-config + outputs: + - contextPath: CiscoIOS.IosConfig.updates + description: The set of commands that will be pushed to the remote device + type: unknown + - contextPath: CiscoIOS.IosConfig.commands + description: The set of commands that will be pushed to the remote device + type: unknown + - contextPath: CiscoIOS.IosConfig.backup_path + description: The full path to the backup file + type: string + - contextPath: CiscoIOS.IosConfig.filename + description: The name of the backup file + type: string + - contextPath: CiscoIOS.IosConfig.shortname + description: The full path to the backup file excluding the timestamp + type: string + - contextPath: CiscoIOS.IosConfig.date + description: The date extracted from the backup file name + type: string + - contextPath: CiscoIOS.IosConfig.time + description: The time extracted from the backup file name + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '!config' + description: 'When supplied, this argument restricts the facts collected to + a given subset. Possible values for this argument include `all`, `min`, `hardware`, + `config`, and `interfaces`. Specify a list of values to include a larger subset. + Use a value with an initial `!` to collect all facts except that subset.' + name: gather_subset + - description: When supplied, this argument will restrict the facts collected + to a given subset. Possible values for this argument include all and the resources + like interfaces, vlans etc. Can specify a list of values to include a larger + subset. Values can also be used with an initial `M(!`) to specify that a specific + subset should not be collected. Valid subsets are 'all', 'interfaces', 'l2_interfaces', + 'vlans', 'lag_interfaces', 'lacp', 'lacp_interfaces', 'lldp_global', 'lldp_interfaces', + 'l3_interfaces'. + name: gather_network_resources + description: "Collect facts from remote devices running Cisco IOS\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_facts_module.html" + name: ios-facts + outputs: + - contextPath: CiscoIOS.IosFacts.ansible_net_gather_subset + description: The list of fact subsets collected from the device + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_gather_network_resources + description: The list of fact for network resource subsets collected from the + device + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_model + description: The model name returned from the device + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_serialnum + description: The serial number of the remote device + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_version + description: The operating system version running on the remote device + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_iostype + description: The operating system type (IOS or IOS-XE) running on the remote + device + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_hostname + description: The configured hostname of the device + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_image + description: The image file the device is running + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_stacked_models + description: The model names of each device in the stack + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_stacked_serialnums + description: The serial numbers of each device in the stack + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_api + description: The name of the transport + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_python_version + description: The Python version Ansible controller is using + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_filesystems + description: All file system names available on the device + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_filesystems_info + description: A hash of all file systems containing info about each file system + (e.g. free and total space) + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_memfree_mb + description: The available free memory on the remote device in Mb + type: number + - contextPath: CiscoIOS.IosFacts.ansible_net_memtotal_mb + description: The total memory on the remote device in Mb + type: number + - contextPath: CiscoIOS.IosFacts.ansible_net_config + description: The current active config from the device + type: string + - contextPath: CiscoIOS.IosFacts.ansible_net_all_ipv4_addresses + description: All IPv4 addresses configured on the device + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_all_ipv6_addresses + description: All IPv6 addresses configured on the device + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_interfaces + description: A hash of all interfaces running on the system + type: unknown + - contextPath: CiscoIOS.IosFacts.ansible_net_neighbors + description: The list of CDP and LLDP neighbors from the remote device. If both, + CDP and LLDP neighbor data is present on one port, CDP is preferred. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of interface options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manages interface attributes of Cisco IOS network devices\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_interfaces_module.html" + name: ios-interfaces + outputs: + - contextPath: CiscoIOS.IosInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosInterfaces.commands + description: The set of commands pushed to the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of Layer-2 interface options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manage Layer-2 interface on Cisco IOS devices.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_l2_interfaces_module.html" + name: ios-l2-interfaces + outputs: + - contextPath: CiscoIOS.IosL2Interfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosL2Interfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosL2Interfaces.commands + description: The set of commands pushed to the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of Layer-3 interface options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manage Layer-3 interface on Cisco IOS devices.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_l3_interfaces_module.html" + name: ios-l3-interfaces + outputs: + - contextPath: CiscoIOS.IosL3Interfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosL3Interfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosL3Interfaces.commands + description: The set of commands pushed to the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The provided configurations. + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - deleted + description: "Manage Global Link Aggregation Control Protocol (LACP) on Cisco\ + \ IOS devices.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lacp_module.html" + name: ios-lacp + outputs: + - contextPath: CiscoIOS.IosLacp.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosLacp.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosLacp.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of LACP lacp_interfaces option + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manage Link Aggregation Control Protocol (LACP) on Cisco IOS devices\ + \ interface.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lacp_interfaces_module.html" + name: ios-lacp-interfaces + outputs: + - contextPath: CiscoIOS.IosLacpInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosLacpInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosLacpInterfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A list of link aggregation group configurations. + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manage Link Aggregation on Cisco IOS devices.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_lag_interfaces_module.html" + name: ios-lag-interfaces + outputs: + - contextPath: CiscoIOS.IosLagInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosLagInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosLagInterfaces.commands + description: The set of commands pushed to the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Channel-group number for the port-channel Link aggregation group. + Range 1-255. + name: group + - auto: PREDEFINED + description: Mode of the link aggregation group. + name: mode + predefined: + - active + - 'on' + - passive + - auto + - desirable + - description: List of members of the link aggregation group. + name: members + - description: List of link aggregation definitions. + name: aggregate + - auto: PREDEFINED + defaultValue: present + description: State of the link aggregation group. + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: 'No' + description: Purge links not defined in the `aggregate` parameter. + name: purge + predefined: + - 'Yes' + - 'No' + description: "Manage link aggregation groups on Cisco IOS network devices\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_linkagg_module.html" + name: ios-linkagg + outputs: + - contextPath: CiscoIOS.IosLinkagg.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the LLDP configuration. If value is `present` lldp will + be enabled else if it is `absent` it will be disabled. + name: state + predefined: + - present + - absent + description: "Manage LLDP configuration on Cisco IOS network devices.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lldp_module.html" + name: ios-lldp + outputs: + - contextPath: CiscoIOS.IosLldp.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of LLDP options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - deleted + description: "Configure and manage Link Layer Discovery Protocol(LLDP) attributes\ + \ on IOS platforms.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lldp_global_module.html" + name: ios-lldp-global + outputs: + - contextPath: CiscoIOS.IosLldpGlobal.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosLldpGlobal.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosLldpGlobal.commands + description: The set of commands pushed to the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of LLDP options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manage link layer discovery protocol (LLDP) attributes of interfaces\ + \ on Cisco IOS devices.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lldp_interfaces_module.html" + name: ios-lldp-interfaces + outputs: + - contextPath: CiscoIOS.IosLldpInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosLldpInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosLldpInterfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Destination of the logs. + name: dest + predefined: + - 'on' + - host + - console + - monitor + - buffered + - trap + - description: 'The hostname or IP address of the destination. Required when `dest=host`.' + name: name + - defaultValue: '4096' + description: Size of buffer. The acceptable value is in range from 4096 to 4294967295 + bytes. + name: size + - description: Set logging facility. + name: facility + - auto: PREDEFINED + defaultValue: debugging + description: Set logging severity levels. + name: level + predefined: + - emergencies + - alerts + - critical + - errors + - warnings + - notifications + - informational + - debugging + - description: List of logging definitions. + name: aggregate + - auto: PREDEFINED + defaultValue: present + description: State of the logging configuration. + name: state + predefined: + - present + - absent + description: "Manage logging on network devices\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/ios_logging_module.html" + name: ios-logging + outputs: + - contextPath: CiscoIOS.IosLogging.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Network address of NTP server. + name: server + - description: Source interface for NTP packets. + name: source_int + - description: ACL for peer/server access restricition. + name: acl + - auto: PREDEFINED + defaultValue: 'No' + description: Enable NTP logs. Data type boolean. + name: logging + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Enable NTP authentication. Data type boolean. + name: auth + predefined: + - 'Yes' + - 'No' + - description: md5 NTP authentication key of type 7. + name: auth_key + - description: auth_key id. Data type string + name: key_id + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages core NTP configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/ios_ntp_module.html" + name: ios-ntp + outputs: + - contextPath: CiscoIOS.IosNtp.commands + description: command sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '5' + description: Number of packets to send. + name: count + - description: The IP Address or hostname (resolvable by switch) of the remote + node. + name: dest + required: true + - description: The source IP Address. + name: source + - auto: PREDEFINED + defaultValue: present + description: Determines if the expected result is success or fail. + name: state + predefined: + - absent + - present + - defaultValue: default + description: The VRF to use for forwarding. + name: vrf + description: "Tests reachability using ping from Cisco IOS network devices\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_ping_module.html" + name: ios-ping + outputs: + - contextPath: CiscoIOS.IosPing.commands + description: Show the command sent. + type: unknown + - contextPath: CiscoIOS.IosPing.packet_loss + description: Percentage of packets lost. + type: string + - contextPath: CiscoIOS.IosPing.packets_rx + description: Packets successfully received. + type: number + - contextPath: CiscoIOS.IosPing.packets_tx + description: Packets successfully transmitted. + type: number + - contextPath: CiscoIOS.IosPing.rtt + description: Show RTT stats. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Network prefix of the static route. + name: prefix + - description: Network prefix mask of the static route. + name: mask + - description: Next hop IP of the static route. + name: next_hop + - description: VRF of the static route. + name: vrf + - description: Interface of the static route. + name: interface + - description: Name of the static route + name: name + - description: Admin distance of the static route. + name: admin_distance + - description: Set tag of the static route. + name: tag + - description: Tracked item to depend on for the static route. + name: track + - description: List of static route definitions. + name: aggregate + - auto: PREDEFINED + defaultValue: present + description: State of the static route configuration. + name: state + predefined: + - present + - absent + description: "Manage static IP routes on Cisco IOS network devices\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_static_route_module.html" + name: ios-static-route + outputs: + - contextPath: CiscoIOS.IosStaticRoute.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Configure the device hostname parameter. This option takes an ASCII + string value. + name: hostname + - description: Configure the IP domain name on the remote device to the provided + value. Value should be in the dotted name form and will be appended to the + `hostname` to create a fully-qualified domain name. + name: domain_name + - description: Provides the list of domain suffixes to append to the hostname + for the purpose of doing name resolution. This argument accepts a list of + names and will be reconciled with the current active configuration on the + running node. + name: domain_search + - description: Provides one or more source interfaces to use for performing DNS + lookups. The interface provided in `lookup_source` must be a valid interface + configured on the device. + name: lookup_source + - description: Administrative control for enabling or disabling DNS lookups. When + this argument is set to True, lookups are performed and when it is set to + False, lookups are not performed. + name: lookup_enabled + - description: List of DNS name servers by IP address to use to perform name resolution + lookups. This argument accepts either a list of DNS servers See examples. + name: name_servers + - auto: PREDEFINED + defaultValue: present + description: State of the configuration values in the device's current active + configuration. When set to `present`, the values should be configured in + the device active configuration and when set to `absent` the values should + not be in the device active configuration + name: state + predefined: + - present + - absent + description: "Manage the system attributes on Cisco IOS devices\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/ios_system_module.html" + name: ios-system + outputs: + - contextPath: CiscoIOS.IosSystem.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The set of username objects to be configured on the remote Cisco + IOS device. The list entries can either be the username or a hash of username + and properties. This argument is mutually exclusive with the `name` argument. + name: aggregate + - description: The username to be configured on the Cisco IOS device. This argument + accepts a string value and is mutually exclusive with the `aggregate` argument. + Please note that this option is not same as `provider username`. + name: name + - description: The password to be configured on the Cisco IOS device. The password + needs to be provided in clear and it will be encrypted on the device. Please + note that this option is not same as `provider password`. + name: configured_password + - auto: PREDEFINED + defaultValue: always + description: Since passwords are encrypted in the device running config, this + argument will instruct the module when to change the password. When set to + `always`, the password will always be updated in the device and when set to + `on_create` the password will be updated only if the username is created. + name: update_password + predefined: + - on_create + - always + - auto: PREDEFINED + defaultValue: secret + description: This argument determines whether a 'password' or 'secret' will + be configured. + name: password_type + predefined: + - secret + - password + - description: This option allows configuring hashed passwords on Cisco IOS devices. + name: hashed_password + - description: The `privilege` argument configures the privilege level of the + user when logged into the system. This argument accepts integer values in + the range of 1 to 15. + name: privilege + - description: Configures the view for the username in the device running configuration. + The argument accepts a string value defining the view name. This argument + does not check if the view has been configured on the device. + name: view + - description: 'Specifies one or more SSH public key(s) to configure for the given + username. This argument accepts a valid SSH key value.' + name: sshkey + - description: Defines the username without assigning a password. This will allow + the user to login to the system without being authenticated by a password. + name: nopassword + - auto: PREDEFINED + defaultValue: 'No' + description: Instructs the module to consider the resource definition absolute. + It will remove any previously configured usernames on the device with the + exception of the `admin` user (the current defined set of users). + name: purge + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: Configures the state of the username definition as it relates to + the device operational configuration. When set to `present`, the username(s) + should be configured in the device active configuration and when set to `absent` + the username(s) should not be in the device active configuration + name: state + predefined: + - present + - absent + description: "Manage the aggregate of local users on Cisco IOS device\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_user_module.html" + name: ios-user + outputs: + - contextPath: CiscoIOS.IosUser.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of VLANs options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manage VLANs on Cisco IOS devices.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/ios_vlans_module.html" + name: ios-vlans + outputs: + - contextPath: CiscoIOS.IosVlans.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoIOS.IosVlans.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoIOS.IosVlans.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The set of VRF definition objects to be configured on the remote + IOS device. Ths list entries can either be the VRF name or a hash of VRF + definitions and attributes. This argument is mutually exclusive with the + `name` argument. + name: vrfs + - description: The name of the VRF definition to be managed on the remote IOS + device. The VRF definition name is an ASCII string name used to uniquely + identify the VRF. This argument is mutually exclusive with the `vrfs` argument + name: name + - description: Provides a short description of the VRF definition in the current + active configuration. The VRF definition value accepts alphanumeric characters + used to provide additional information about the VRF. + name: description + - description: The router-distinguisher value uniquely identifies the VRF to routing + processes on the remote IOS system. The RD value takes the form of `A:B` + where `A` and `B` are both numeric values. + name: rd + - description: Identifies the set of interfaces that should be configured in the + VRF. Interfaces must be routed interfaces in order to be placed into a VRF. + name: interfaces + - description: This is a intent option and checks the operational state of the + for given vrf `name` for associated interfaces. If the value in the `associated_interfaces` + does not match with the operational state of vrf interfaces on device it will + result in failure. + name: associated_interfaces + - defaultValue: '10' + description: Time in seconds to wait before checking for the operational state + on remote device. + name: delay + - auto: PREDEFINED + defaultValue: 'No' + description: Instructs the module to consider the VRF definition absolute. It + will remove any previously configured VRFs on the device. + name: purge + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: Configures the state of the VRF definition as it relates to the + device operational configuration. When set to `present`, the VRF should be + configured in the device active configuration and when set to `absent` the + VRF should not be in the device active configuration + name: state + predefined: + - present + - absent + - description: Adds an export and import list of extended route target communities + to the VRF. + name: route_both + - description: Adds an export list of extended route target communities to the + VRF. + name: route_export + - description: Adds an import list of extended route target communities to the + VRF. + name: route_import + - description: Adds an export and import list of extended route target communities + in address-family configuration submode to the VRF. + name: route_both_ipv4 + - description: Adds an export list of extended route target communities in address-family + configuration submode to the VRF. + name: route_export_ipv4 + - description: Adds an import list of extended route target communities in address-family + configuration submode to the VRF. + name: route_import_ipv4 + - description: Adds an export and import list of extended route target communities + in address-family configuration submode to the VRF. + name: route_both_ipv6 + - description: Adds an export list of extended route target communities in address-family + configuration submode to the VRF. + name: route_export_ipv6 + - description: Adds an import list of extended route target communities in address-family + configuration submode to the VRF. + name: route_import_ipv6 + description: "Manage the collection of VRF definitions on Cisco IOS devices\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_vrf_module.html" + name: ios-vrf + outputs: + - contextPath: CiscoIOS.IosVrf.commands + description: The list of configuration mode commands to send to the device + type: unknown + - contextPath: CiscoIOS.IosVrf.start + description: The time the job started + type: string + - contextPath: CiscoIOS.IosVrf.end + description: The time the job ended + type: string + - contextPath: CiscoIOS.IosVrf.delta + description: The time elapsed to perform all operations + type: string + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS_description.md b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS_description.md new file mode 100644 index 000000000000..32fc6b97160f --- /dev/null +++ b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS_description.md @@ -0,0 +1,21 @@ +# Ansible Cisco IOS +Manage Cisco IOS Switches and Routers directly from XSOAR using SSH. + +## Credentials + +This integration supports a number of methods of authenticating with the network device: + +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +In addition to the SSH credential, a `enable` password must be also provided. + +## Permissions + +The user account used for initial SSH login access can be level 1, however the enable password must also be provided. + + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!IOS-facts`command providing an example `host` as the command argument. This command will connect to the specified network device with the configured credentials in the integration, and if successful output general information about the device. diff --git a/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS_image.png b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/AnsibleCiscoIOS_image.png new file mode 100644 index 0000000000000000000000000000000000000000..113f4f14ec9ba81b1ab65482828d22815710a4fa GIT binary patch literal 2315 zcmV+m3H0`fP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D2%t$sK~#8N?VNdR z6jdC@X9}epa`XUdCmP!jc5j_9!PvS@M+WQb{olEtD)iRjP~HV5|* z9U<8Mz#m~NJ5SDvOlC=*tb;S0tb;S0v^f}~&Xo73gJxA}17}rBDBKiIxkaq>k`@OS z&8+?!ssm0wFl6dnGtwtTGpi;mrJvB0)`siOmT2GLTDu@^MU_=wNR)4Iz4rj=Vo+oL^A*cS2nN>4EwFbcAWA z0#5(BL;6B~W<LAl3$`{E$!MfIr&l@2N zbv@@NBQAuXpfCv2_rsilfzxuOsr$?$;R91X4j8|Oltb1d@6#FY2R}`;b=`QF=rEEG z>1LY7pzl^O!-vwY7RvyYk&gC7whzv5vJTF0vJTF0Qsv-I(O$HPHqe!77t=5CZf$U$ zXUmTbrJWWl!b#DoBznG;GjF;xKMCWA=s=uyQh($U(I=XKV+b@xANaQimF1qJ*@cX(R7F|=;9WF_cw1eTeS*VI5 zQSAz0NA@OplVdE;O~UzkIQMTe(jT}Er#oCqyaaaCk#R$94bL42a~!_EKkQ%4BW@aN z-)n)&g;Xe&liT#=TSmNJ@SUTe#ww*sV83q0x;e1+eH5qS_fLZ4N`8D1woP}e!BfqU z!7voaUt)&}wsDcs$$)?BT1#zC%_#s~7) z2dW>$$Rnhsyea-XN_yTS^U#VZ-{JD+_`g3E3HvKu4zABHU4X<7!{qzFR+xdqC_pYJ z+CV}50d<}kG8l^UxI4oI&gHA8b&#&rB@3-c$3l+@uJHiWLlABfu);jOBal?EvY?L=``$5cPa1KweL%}}+aTdH6 z?~0DVN--K0!nNxI@!Q3;V%zATG{wPUg>zPbxK$V(-6X*XLA(~@B1i{cCE5VB`l*Vh zt%(f*<3ZP670b#KkY+f!5pug3<;h^t5je_Egejs8(3jsJri=3CZ689}equ!4{Ipzg z5u}4{*G6BL^gt*U<%f+*6YZT;j?P!2Ab-O&%{B_(Fyuli=jb}opZ#q2h$r=Ad9}&_-|+yU&bqF$y*8Be4yp?dNd7wV@!MW<4sK3d+0&lvbQm zC{E1+B}fNz>R{zH(Sd+|yb+G(tEw!-c@XE0i|a*OIU?FbX|bAfFF3vG0!_(EF{3eD zw29JIixn6_I@tNwZ)4F^8k5!_fs?tc_;#o2JmU}XaEN_$t!r}<$s@)U&OzE-q<8&i z7N$g;Z#!T7Rv7Ic7dtQlTdKs3vbl5au_8}HmO(h0=KD=-y4S)f{98a9xCWOht+l=c z=h>DjaZbFOW>tCwt-E^tFO1|1y9V+)+S4cb)!agVJ~3(Sy>=OEmV z%`(^laSrByevcS|66hcc&Ez7KU^@O(v=@YLIF>=iL-?bB^WHqCFmTd*sP$$jaghE6 zs87sLT%1DRP>6J{mID=Y7-Syg8Y7%vHqkiXgFqcTv3a|Oxi4R2=Gv?8*D#W#1C?wx z3Ur->UEtVsoWnndN$Ry4q`wx573EC#xD)5*q3>;yuniph)3nqiIJZn`%J-kZ1nS@j z$oMkUT0UjmvCsY}0;egTbYasyiWiC002ovPDHLkV1h^ZWgh?l literal 0 HcmV?d00001 diff --git a/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/README.md b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/README.md new file mode 100644 index 000000000000..48a7db014e2a --- /dev/null +++ b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/README.md @@ -0,0 +1,1891 @@ +This integration enables the management of Cisco IOS Switches and Routers directly from XSOAR using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server, all you need to do is provide credentials you are ready to use the feature rich commands. This integration functions without any agents or additional software installed on the hosts by utilising SSH. + +To use this integration, configure an instance of this integration. This will associate a credential to be used to access hosts when commands are run. The commands from this integration will take the IOS host address(es) as an input, and use the saved credential associated to the instance to execute. Create separate instances if multiple credentials are required. + +## Credentials +This integration supports a number of methods of authenticating with the network device: + +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +In addition to the SSH credential, a `enable` password must be also provided. +## Permissions +The user account used for initial SSH login access can be level 1, however the enable password must also be provided. +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the IOS host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. +## Configure Ansible Cisco IOS on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible Cisco IOS. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Username | The credentials to associate with the instance. SSH keys can be configured using the credential manager. | True | + | Password | | True | + | Enable Password | | True | + | Default SSH Port | The default port to use if one is not specified in the commands \`host\` argument. | True | + | Concurrency Factor | If multiple hosts are specified in a command, how many hosts should be interacted with concurrently. | True | + +## Testing +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!ios-facts`command providing an example `host` as the command argument. This command will connect to the specified network device with the configured credentials in the integration, and if successful output general information about the device. + +## Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +## State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### ios-banner +*** +Manage multiline banners on Cisco IOS devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_banner_module.html + + +#### Base Command + +`ios-banner` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| banner | Specifies which banner should be configured on the remote device. In Ansible 2.4 and earlier only `login` and `motd` were supported. Possible values are: login, motd, exec, incoming, slip-ppp. | Required | +| text | The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires `state=present`. | Optional | +| state | Specifies whether or not the configuration is present in the current devices active running configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosBanner.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!ios-banner host="123.123.123.123" banner="login" text="this is my login banner" state="present" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosBanner": { + "changed": true, + "commands": [ + "banner login @\nthis is my login banner\n@" + ], + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Commands +> * 0: banner login @ +>this is my login banner +>@ + + +### ios-bgp +*** +Configure global BGP protocol settings on Cisco IOS. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_bgp_module.html + + +#### Base Command + +`ios-bgp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | Specifies the BGP related configuration. | Optional | +| operation | Specifies the operation to be performed on the BGP process configured on the device. In case of merge, the input configuration will be merged with the existing BGP configuration on the device. In case of replace, if there is a diff between the existing configuration and the input configuration, the existing configuration will be replaced by the input configuration for every option that has the diff. In case of override, all the existing BGP configuration will be removed from the device and replaced with the input configuration. In case of delete the existing BGP configuration will be removed from the device. Possible values are: merge, replace, override, delete. Default is merge. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosBgp.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!ios-bgp host="123.123.123.123" config="{{ {'bgp_as': 64496, 'router_id': '192.0.2.1', 'log_neighbor_changes': True, 'neighbors': [{'neighbor': '1.1.1.1', 'remote_as': 64511, 'timers': {'keepalive': 300, 'holdtime': 360, 'min_neighbor_holdtime': 360}}, {'neighbor': '1.1.1.2', 'remote_as': 64498}], 'networks': [{'prefix': '198.51.100.0', 'route_map': 'RMAP_1'}, {'prefix': '192.0.2.0', 'masklen': 23}], 'address_family': [{'afi': 'ipv4', 'safi': 'unicast', 'redistribute': [{'protocol': 'ospf', 'id': 223, 'metric': 10}]}]} }}" operation="merge" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosBgp": { + "changed": false, + "commands": [], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Commands + + +### ios-command +*** +Run commands on remote devices running Cisco IOS +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_command_module.html + + +#### Base Command + +`ios-command` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| commands | List of commands to send to the remote ios device over the configured provider. The resulting output from the command is returned. If the `wait_for` argument is provided, the module is not returned until the condition is satisfied or the number of retries has expired. If a command sent to the device requires answering a prompt, it is possible to pass a dict containing `command`, `answer` and `prompt`. Common answers are 'y' or "\r" (carriage return, must be double quotes). See examples. | Required | +| wait_for | List of conditions to evaluate against the output of the command. The task will wait for each condition to be true before moving forward. If the conditional is not true within the configured number of retries, the task fails. See examples. | Optional | +| match | The `match` argument is used in conjunction with the `wait_for` argument to specify the match policy. Valid values are `all` or `any`. If the value is set to `all` then all conditionals in the wait_for must be satisfied. If the value is set to `any` then only one of the values must be satisfied. Possible values are: any, all. Default is all. | Optional | +| retries | Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the `wait_for` conditions. Default is 10. | Optional | +| interval | Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again. Default is 1. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosCommand.stdout | unknown | The set of responses from the commands | +| CiscoIOS.IosCommand.stdout_lines | unknown | The value of stdout split into a list | +| CiscoIOS.IosCommand.failed_conditions | unknown | The list of conditionals that have failed | + + +#### Command Example +```!ios-command host="123.123.123.123" commands="show version"``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosCommand": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS", + "stdout": [ + "Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.7(3)M3, RELEASE SOFTWARE (fc2)\nTechnical Support: http://www.cisco.com/techsupport\nCopyright (c) 1986-2018 by Cisco Systems, Inc.\nCompiled Wed 01-Aug-18 16:45 by prod_rel_team\n\n\nROM: Bootstrap program is IOSv\n\nIOSv01 uptime is 1 hour, 33 minutes\nSystem returned to ROM by reload\nSystem image file is \"flash0:/vios-adventerprisek9-m\"\nLast reload reason: Unknown reason\n\n\n\nThis product contains cryptographic features and is subject to United\nStates and local country laws governing import, export, transfer and\nuse. Delivery of Cisco cryptographic products does not imply\nthird-party authority to import, export, distribute or use encryption.\nImporters, exporters, distributors and users are responsible for\ncompliance with U.S. and local country laws. By using this product you\nagree to comply with applicable laws and regulations. If you are unable\nto comply with U.S. and local laws, return this product immediately.\n\nA summary of U.S. laws governing Cisco cryptographic products may be found at:\nhttp://www.cisco.com/wwl/export/crypto/tool/stqrg.html\n\nIf you require further assistance please contact us by sending email to\nexport@cisco.com.\n\nCisco IOSv (revision 1.0) with with 460009K/62464K bytes of memory.\nProcessor board ID XXXX\n4 Gigabit Ethernet interfaces\nDRAM configuration is 72 bits wide with parity disabled.\n256K bytes of non-volatile configuration memory.\n2097152K bytes of ATA System CompactFlash 0 (Read/Write)\n0K bytes of ATA CompactFlash 1 (Read/Write)\n1024K bytes of ATA CompactFlash 2 (Read/Write)\n0K bytes of ATA CompactFlash 3 (Read/Write)\n\n\n\nConfiguration register is 0x0" + ], + "stdout_lines": [ + [ + "Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.7(3)M3, RELEASE SOFTWARE (fc2)", + "Technical Support: http://www.cisco.com/techsupport", + "Copyright (c) 1986-2018 by Cisco Systems, Inc.", + "Compiled Wed 01-Aug-18 16:45 by prod_rel_team", + "", + "", + "ROM: Bootstrap program is IOSv", + "", + "IOSv01 uptime is 1 hour, 33 minutes", + "System returned to ROM by reload", + "System image file is \"flash0:/vios-adventerprisek9-m\"", + "Last reload reason: Unknown reason", + "", + "", + "", + "This product contains cryptographic features and is subject to United", + "States and local country laws governing import, export, transfer and", + "use. Delivery of Cisco cryptographic products does not imply", + "third-party authority to import, export, distribute or use encryption.", + "Importers, exporters, distributors and users are responsible for", + "compliance with U.S. and local country laws. By using this product you", + "agree to comply with applicable laws and regulations. If you are unable", + "to comply with U.S. and local laws, return this product immediately.", + "", + "A summary of U.S. laws governing Cisco cryptographic products may be found at:", + "http://www.cisco.com/wwl/export/crypto/tool/stqrg.html", + "", + "If you require further assistance please contact us by sending email to", + "export@cisco.com.", + "", + "Cisco IOSv (revision 1.0) with with 460009K/62464K bytes of memory.", + "Processor board ID XXXX", + "4 Gigabit Ethernet interfaces", + "DRAM configuration is 72 bits wide with parity disabled.", + "256K bytes of non-volatile configuration memory.", + "2097152K bytes of ATA System CompactFlash 0 (Read/Write)", + "0K bytes of ATA CompactFlash 1 (Read/Write)", + "1024K bytes of ATA CompactFlash 2 (Read/Write)", + "0K bytes of ATA CompactFlash 3 (Read/Write)", + "", + "", + "", + "Configuration register is 0x0" + ] + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Stdout +> * 0: Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.7(3)M3, RELEASE SOFTWARE (fc2) +>Technical Support: http://www.cisco.com/techsupport +>Copyright (c) 1986-2018 by Cisco Systems, Inc. +>Compiled Wed 01-Aug-18 16:45 by prod_rel_team +> +> +>ROM: Bootstrap program is IOSv +> +>IOSv01 uptime is 1 hour, 33 minutes +>System returned to ROM by reload +>System image file is "flash0:/vios-adventerprisek9-m" +>Last reload reason: Unknown reason +> +> +> +>This product contains cryptographic features and is subject to United +>States and local country laws governing import, export, transfer and +>use. Delivery of Cisco cryptographic products does not imply +>third-party authority to import, export, distribute or use encryption. +>Importers, exporters, distributors and users are responsible for +>compliance with U.S. and local country laws. By using this product you +>agree to comply with applicable laws and regulations. If you are unable +>to comply with U.S. and local laws, return this product immediately. +> +>A summary of U.S. laws governing Cisco cryptographic products may be found at: +>http://www.cisco.com/wwl/export/crypto/tool/stqrg.html +> +>If you require further assistance please contact us by sending email to +>export@cisco.com. +> +>Cisco IOSv (revision 1.0) with with 460009K/62464K bytes of memory. +>Processor board ID XXXX +>4 Gigabit Ethernet interfaces +>DRAM configuration is 72 bits wide with parity disabled. +>256K bytes of non-volatile configuration memory. +>2097152K bytes of ATA System CompactFlash 0 (Read/Write) +>0K bytes of ATA CompactFlash 1 (Read/Write) +>1024K bytes of ATA CompactFlash 2 (Read/Write) +>0K bytes of ATA CompactFlash 3 (Read/Write) +> +> +> +>Configuration register is 0x0 +> * ## Stdout_Lines +> * ## List +> * 0: Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.7(3)M3, RELEASE SOFTWARE (fc2) +> * 1: Technical Support: http://www.cisco.com/techsupport +> * 2: Copyright (c) 1986-2018 by Cisco Systems, Inc. +> * 3: Compiled Wed 01-Aug-18 16:45 by prod_rel_team +> * 4: +> * 4: +> * 6: ROM: Bootstrap program is IOSv +> * 4: +> * 8: IOSv01 uptime is 1 hour, 33 minutes +> * 9: System returned to ROM by reload +> * 10: System image file is "flash0:/vios-adventerprisek9-m" +> * 11: Last reload reason: Unknown reason +> * 4: +> * 4: +> * 4: +> * 15: This product contains cryptographic features and is subject to United +> * 16: States and local country laws governing import, export, transfer and +> * 17: use. Delivery of Cisco cryptographic products does not imply +> * 18: third-party authority to import, export, distribute or use encryption. +> * 19: Importers, exporters, distributors and users are responsible for +> * 20: compliance with U.S. and local country laws. By using this product you +> * 21: agree to comply with applicable laws and regulations. If you are unable +> * 22: to comply with U.S. and local laws, return this product immediately. +> * 4: +> * 24: A summary of U.S. laws governing Cisco cryptographic products may be found at: +> * 25: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html +> * 4: +> * 27: If you require further assistance please contact us by sending email to +> * 28: export@cisco.com. +> * 4: +> * 30: Cisco IOSv (revision 1.0) with with 460009K/62464K bytes of memory. +> * 31: Processor board ID XXXX +> * 32: 4 Gigabit Ethernet interfaces +> * 33: DRAM configuration is 72 bits wide with parity disabled. +> * 34: 256K bytes of non-volatile configuration memory. +> * 35: 2097152K bytes of ATA System CompactFlash 0 (Read/Write) +> * 36: 0K bytes of ATA CompactFlash 1 (Read/Write) +> * 37: 1024K bytes of ATA CompactFlash 2 (Read/Write) +> * 38: 0K bytes of ATA CompactFlash 3 (Read/Write) +> * 4: +> * 4: +> * 4: +> * 42: Configuration register is 0x0 + + +### ios-config +*** +Manage Cisco IOS configuration sections +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_config_module.html + + +#### Base Command + +`ios-config` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| lines | The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser. | Optional | +| parents | The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands. | Optional | +| src | Specifies the source path to the file that contains the configuration or configuration template to load. The path to the source file can either be the full path on the Ansible control host or a relative path from the playbook or role root directory. This argument is mutually exclusive with `lines`, `parents`. | Optional | +| before | The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system. | Optional | +| after | The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with `before` this allows the playbook designer to append a set of commands to be executed after the command set. | Optional | +| match | Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to `line`, commands are matched line by line. If match is set to `strict`, command lines are matched with respect to position. If match is set to `exact`, command lines must be an equal match. Finally, if match is set to `none`, the module will not attempt to compare the source configuration with the running configuration on the remote device. Possible values are: line, strict, exact, none. Default is line. | Optional | +| replace | Instructs the module on the way to perform the configuration on the device. If the replace argument is set to `line` then the modified lines are pushed to the device in configuration mode. If the replace argument is set to `block` then the entire command block is pushed to the device in configuration mode if any line is not correct. Possible values are: line, block. Default is line. | Optional | +| multiline_delimiter | This argument is used when pushing a multiline configuration element to the IOS device. It specifies the character to use as the delimiting character. This only applies to the configuration action. Default is @. | Optional | +| backup | This argument will cause the module to create a full backup of the current `running-config` from the remote device before any changes are made. If the `backup_options` value is not given, the backup file is written to the `backup` folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created. Default is no. | Optional | +| running_config | The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The `running_config` argument allows the implementer to pass in the configuration to use as the base config for comparison. | Optional | +| defaults | This argument specifies whether or not to collect all defaults when getting the remote device running config. When enabled, the module will get the current config by issuing the command `show running-config all`. Default is no. | Optional | +| save_when | When changes are made to the device running-configuration, the changes are not copied to non-volatile storage by default. Using this argument will change that before. If the argument is set to `always`, then the running-config will always be copied to the startup-config and the `modified` flag will always be set to True. If the argument is set to `modified`, then the running-config will only be copied to the startup-config if it has changed since the last save to startup-config. If the argument is set to `never`, the running-config will never be copied to the startup-config. If the argument is set to `changed`, then the running-config will only be copied to the startup-config if the task has made a change. `changed` was added in Ansible 2.5. Possible values are: always, never, modified, changed. Default is never. | Optional | +| diff_against | When using the `ansible-playbook --diff` command line argument the module can generate diffs against different sources. When this option is configure as `startup`, the module will return the diff of the running-config against the startup-config. When this option is configured as `intended`, the module will return the diff of the running-config against the configuration provided in the `intended_config` argument. When this option is configured as `running`, the module will return the before and after diff of the running-config with respect to any changes made to the device configuration. Possible values are: running, startup, intended. | Optional | +| diff_ignore_lines | Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches. | Optional | +| intended_config | The `intended_config` provides the master configuration that the node should conform to and is used to check the final running-config against. This argument will not modify any settings on the remote device and is strictly used to check the compliance of the current device's configuration against. When specifying this argument, the task should also modify the `diff_against` value and set it to `intended`. | Optional | +| backup_options | This is a dict object containing configurable options related to backup file path. The value of this option is read only when `backup` is set to `yes`, if `backup` is set to `no` this option will be silently ignored. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosConfig.updates | unknown | The set of commands that will be pushed to the remote device | +| CiscoIOS.IosConfig.commands | unknown | The set of commands that will be pushed to the remote device | +| CiscoIOS.IosConfig.backup_path | string | The full path to the backup file | +| CiscoIOS.IosConfig.filename | string | The name of the backup file | +| CiscoIOS.IosConfig.shortname | string | The full path to the backup file excluding the timestamp | +| CiscoIOS.IosConfig.date | string | The date extracted from the backup file name | +| CiscoIOS.IosConfig.time | string | The time extracted from the backup file name | + + +#### Command Example +```!ios-config host="123.123.123.123" lines="hostname IOSv01" backup="yes"``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosConfig": { + "backup_path": "./backup/123.123.123.123_config.2021-07-11@09:08:02", + "changed": true, + "date": "2021-07-11", + "filename": "123.123.123.123_config.2021-07-11@09:08:02", + "host": "123.123.123.123", + "shortname": "./backup/123.123.123.123_config", + "status": "CHANGED", + "time": "09:08:02" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * backup_path: ./backup/123.123.123.123_config.2021-07-11@09:08:02 +> * changed: True +> * date: 2021-07-11 +> * filename: 123.123.123.123_config.2021-07-11@09:08:02 +> * shortname: ./backup/123.123.123.123_config +> * time: 09:08:02 + + +### ios-facts +*** +Collect facts from remote devices running Cisco IOS +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_facts_module.html + + +#### Base Command + +`ios-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| gather_subset | When supplied, this argument restricts the facts collected to a given subset. Possible values for this argument include `all`, `min`, `hardware`, `config`, and `interfaces`. Specify a list of values to include a larger subset. Use a value with an initial `!` to collect all facts except that subset. Default is !config. | Optional | +| gather_network_resources | When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all and the resources like interfaces, vlans etc. Can specify a list of values to include a larger subset. Values can also be used with an initial `M(!`) to specify that a specific subset should not be collected. Valid subsets are 'all', 'interfaces', 'l2_interfaces', 'vlans', 'lag_interfaces', 'lacp', 'lacp_interfaces', 'lldp_global', 'lldp_interfaces', 'l3_interfaces'. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosFacts.ansible_net_gather_subset | unknown | The list of fact subsets collected from the device | +| CiscoIOS.IosFacts.ansible_net_gather_network_resources | unknown | The list of fact for network resource subsets collected from the device | +| CiscoIOS.IosFacts.ansible_net_model | string | The model name returned from the device | +| CiscoIOS.IosFacts.ansible_net_serialnum | string | The serial number of the remote device | +| CiscoIOS.IosFacts.ansible_net_version | string | The operating system version running on the remote device | +| CiscoIOS.IosFacts.ansible_net_iostype | string | The operating system type \(IOS or IOS-XE\) running on the remote device | +| CiscoIOS.IosFacts.ansible_net_hostname | string | The configured hostname of the device | +| CiscoIOS.IosFacts.ansible_net_image | string | The image file the device is running | +| CiscoIOS.IosFacts.ansible_net_stacked_models | unknown | The model names of each device in the stack | +| CiscoIOS.IosFacts.ansible_net_stacked_serialnums | unknown | The serial numbers of each device in the stack | +| CiscoIOS.IosFacts.ansible_net_api | string | The name of the transport | +| CiscoIOS.IosFacts.ansible_net_python_version | string | The Python version Ansible controller is using | +| CiscoIOS.IosFacts.ansible_net_filesystems | unknown | All file system names available on the device | +| CiscoIOS.IosFacts.ansible_net_filesystems_info | unknown | A hash of all file systems containing info about each file system \(e.g. free and total space\) | +| CiscoIOS.IosFacts.ansible_net_memfree_mb | number | The available free memory on the remote device in Mb | +| CiscoIOS.IosFacts.ansible_net_memtotal_mb | number | The total memory on the remote device in Mb | +| CiscoIOS.IosFacts.ansible_net_config | string | The current active config from the device | +| CiscoIOS.IosFacts.ansible_net_all_ipv4_addresses | unknown | All IPv4 addresses configured on the device | +| CiscoIOS.IosFacts.ansible_net_all_ipv6_addresses | unknown | All IPv6 addresses configured on the device | +| CiscoIOS.IosFacts.ansible_net_interfaces | unknown | A hash of all interfaces running on the system | +| CiscoIOS.IosFacts.ansible_net_neighbors | unknown | The list of CDP and LLDP neighbors from the remote device. If both, CDP and LLDP neighbor data is present on one port, CDP is preferred. | + + +#### Command Example +```!ios-facts host="123.123.123.123" gather_subset="all" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosFacts": { + "discovered_interpreter_python": "/usr/local/bin/python", + "host": "123.123.123.123", + "net_all_ipv4_addresses": [ + "123.123.123.123", + "192.168.0.2" + ], + "net_all_ipv6_addresses": [ + "1:11:11:11" + ], + "net_api": "cliconf", + "net_config": "!\n! Last configuration change at 08:56:26 UTC Sun Jul 11 2021 by admin\n!\nversion 15.7\nservice timestamps debug datetime msec\nservice timestamps log datetime msec\nno service password-encryption\n!\nhostname IOSv01\n!\nboot-start-marker\nboot-end-marker\n!\n!\nenable secret 5 $1$abcdefghijklmnopqrstuvwxyz.\n!\nno aaa new-model\n!\n!\n!\nmmi polling-interval 60\nno mmi auto-configure\nno mmi pvc\nmmi snmp-timeout 180\n!\n!\n!\n!\n!\nno ip icmp rate-limit unreachable\n!\n!\n!\n!\n!\n!\nip domain list ansible.com\nip domain list redhat.com\nip domain list cisco.com\nno ip domain lookup\nip domain name test.example.com\nip cef\nno ipv6 cef\n!\nmultilink bundle-name authenticated\n!\n!\n!\n!\nusername admin password 0 abcdef\nusername ansible nopassword\n!\nredundancy\n!\nlldp timer 10\nlldp holdtime 10\nlldp reinit 3\nlldp run\nno cdp log mismatch duplex\n!\nip tcp synwait-time 5\n! \n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\ninterface GigabitEthernet0/0\n ip address 123.123.123.123 255.255.255.0\n duplex auto\n speed auto\n media-type rj45\n!\ninterface GigabitEthernet0/1\n no ip address\n shutdown\n duplex auto\n speed auto\n media-type rj45\n!\ninterface GigabitEthernet0/2\n description Configured and Merged by Ansible Network\n ip address 192.168.0.2 255.255.255.0\n duplex auto\n speed auto\n media-type rj45\n!\ninterface GigabitEthernet0/3\n description Configured and Merged by Ansible Network\n mtu 2800\n no ip address\n shutdown\n duplex full\n speed 100\n media-type rj45\n ipv6 address 1:11:11:11/64\n!\ninterface GigabitEthernet0/3.100\n!\nrouter bgp 64496\n bgp router-id 192.0.2.1\n bgp log-neighbor-changes\n neighbor 1.1.1.2 remote-as 64498\n neighbor 1.1.1.1 remote-as 64511\n neighbor 1.1.1.1 timers 300 360 360\n !\n address-family ipv4\n network 192.0.2.0 mask 255.255.254.0\n network 198.51.100.0 route-map RMAP_1\n redistribute ospf 223 metric 10\n neighbor 1.1.1.2 activate\n neighbor 1.1.1.1 activate\n exit-address-family\n!\nip default-gateway 192.168.1.1\nip forward-protocol nd\n!\n!\nno ip http server\nno ip http secure-server\nip route 192.168.2.0 255.255.255.0 10.0.0.1\nip ssh version 2\nip ssh pubkey-chain\n username ansible\n key-hash ssh-rsa B1E29F17C950E2FEAB5BC3AC2A760208 \nip ssh server algorithm mac hmac-sha2-256\n!\nlogging host 172.16.0.1\nipv6 ioam timestamp\n!\n!\n!\ncontrol-plane\n!\nbanner exec ^C\n**************************************************************************\n* IOSv is strictly limited to use for evaluation, demonstration and IOS *\n* education. IOSv is provided as-is and is not supported by Cisco's *\n* Technical Advisory Center. Any use or disclosure, in whole or in part, *\n* of the IOSv Software or Documentation to any third party for any *\n* purposes is expressly prohibited except as otherwise authorized by *\n* Cisco in writing. *\n**************************************************************************^C\nbanner incoming ^C\n**************************************************************************\n* IOSv is strictly limited to use for evaluation, demonstration and IOS *\n* education. IOSv is provided as-is and is not supported by Cisco's *\n* Technical Advisory Center. Any use or disclosure, in whole or in part, *\n* of the IOSv Software or Documentation to any third party for any *\n* purposes is expressly prohibited except as otherwise authorized by *\n* Cisco in writing. *\n**************************************************************************^C\nbanner login ^C\nthis is my login banner\n^C\n!\nline con 0\n exec-timeout 0 0\n privilege level 15\n logging synchronous\nline aux 0\n exec-timeout 0 0\n privilege level 15\n logging synchronous\nline vty 0 4\n login local\n transport input ssh\n!\nno scheduler allocate\nntp server 1.1.1.3\n!\nend", + "net_filesystems": [ + "flash0:" + ], + "net_filesystems_info": { + "flash0:": { + "spacefree_kb": 1941968, + "spacetotal_kb": 2092496 + } + }, + "net_gather_network_resources": [], + "net_gather_subset": [ + "interfaces", + "default", + "hardware", + "config" + ], + "net_hostname": "IOSv01", + "net_image": "flash0:/vios-adventerprisek9-m", + "net_interfaces": { + "GigabitEthernet0/0": { + "bandwidth": 1000000, + "description": null, + "duplex": "Auto", + "ipv4": [ + { + "address": "123.123.123.123", + "subnet": "24" + } + ], + "lineprotocol": "up", + "macaddress": "0c05.2bf9.3e00", + "mediatype": "RJ45", + "mtu": 1500, + "operstatus": "up", + "type": "iGbE" + }, + "GigabitEthernet0/1": { + "bandwidth": 1000000, + "description": null, + "duplex": "Auto", + "ipv4": [], + "lineprotocol": "down", + "macaddress": "0c05.2bf9.3e01", + "mediatype": "RJ45", + "mtu": 1500, + "operstatus": "administratively down", + "type": "iGbE" + }, + "GigabitEthernet0/2": { + "bandwidth": 1000000, + "description": "Configured and Merged by Ansible Network", + "duplex": "Auto", + "ipv4": [ + { + "address": "192.168.0.2", + "subnet": "24" + } + ], + "lineprotocol": "down", + "macaddress": "0c05.2bf9.3e02", + "mediatype": "RJ45", + "mtu": 1500, + "operstatus": "down", + "type": "iGbE" + }, + "GigabitEthernet0/3": { + "bandwidth": 100000, + "description": "Configured and Merged by Ansible Network", + "duplex": "Full", + "ipv4": [], + "ipv6": [ + { + "address": "1:11:11:11", + "subnet": "11:11:11:11:11:11:11:11/64 [TEN]" + } + ], + "lineprotocol": "down", + "macaddress": "0c05.2bf9.3e03", + "mediatype": "RJ45", + "mtu": 2800, + "operstatus": "administratively down", + "type": "iGbE" + }, + "GigabitEthernet0/3.100": { + "bandwidth": 100000, + "description": null, + "duplex": null, + "ipv4": [], + "lineprotocol": "down", + "macaddress": "0c05.2bf9.3e03", + "mediatype": null, + "mtu": 2800, + "operstatus": "administratively down", + "type": "iGbE" + } + }, + "net_iostype": "IOS", + "net_memfree_mb": 244233.24609375, + "net_memtotal_mb": 310087.16796875, + "net_model": "IOSv", + "net_neighbors": {}, + "net_python_version": "3.9.5", + "net_serialnum": "XXXX", + "net_system": "ios", + "net_version": "15.7(3)M3", + "network_resources": {}, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * net_api: cliconf +> * net_config: ! +>! Last configuration change at 08:56:26 UTC Sun Jul 11 2021 by admin +>! +>version 15.7 +>service timestamps debug datetime msec +>service timestamps log datetime msec +>no service password-encryption +>! +>hostname IOSv01 +>! +>boot-start-marker +>boot-end-marker +>! +>! +>enable secret 5 $1$abcdefghijklmnopqrstuvwxyz. +>! +>no aaa new-model +>! +>! +>! +>mmi polling-interval 60 +>no mmi auto-configure +>no mmi pvc +>mmi snmp-timeout 180 +>! +>no ip icmp rate-limit unreachable +>! +>ip domain list ansible.com +>ip domain list redhat.com +>ip domain list cisco.com +>no ip domain lookup +>ip domain name test.example.com +>ip cef +>no ipv6 cef +>! +>multilink bundle-name authenticated +>! +>! +>! +>! +>username admin password 0 abcdef +>username ansible nopassword +>! +>redundancy +>! +>lldp timer 10 +>lldp holdtime 10 +>lldp reinit 3 +>lldp run +>no cdp log mismatch duplex +>! +>ip tcp synwait-time 5 +>! +>interface GigabitEthernet0/0 +> ip address 123.123.123.123 255.255.255.0 +> duplex auto +> speed auto +> media-type rj45 +>! +>interface GigabitEthernet0/1 +> no ip address +> shutdown +> duplex auto +> speed auto +> media-type rj45 +>! +>interface GigabitEthernet0/2 +> description Configured and Merged by Ansible Network +> ip address 192.168.0.2 255.255.255.0 +> duplex auto +> speed auto +> media-type rj45 +>! +>interface GigabitEthernet0/3 +> description Configured and Merged by Ansible Network +> mtu 2800 +> no ip address +> shutdown +> duplex full +> speed 100 +> media-type rj45 +> ipv6 address 1:11:11:11/64 +>! +>interface GigabitEthernet0/3.100 +>! +>router bgp 64496 +> bgp router-id 192.0.2.1 +> bgp log-neighbor-changes +> neighbor 1.1.1.2 remote-as 64498 +> neighbor 1.1.1.1 remote-as 64511 +> neighbor 1.1.1.1 timers 300 360 360 +> ! +> address-family ipv4 +> network 192.0.2.0 mask 255.255.254.0 +> network 198.51.100.0 route-map RMAP_1 +> redistribute ospf 223 metric 10 +> neighbor 1.1.1.2 activate +> neighbor 1.1.1.1 activate +> exit-address-family +>! +>ip default-gateway 192.168.1.1 +>ip forward-protocol nd +>! +>! +>no ip http server +>no ip http secure-server +>ip route 192.168.2.0 255.255.255.0 10.0.0.1 +>ip ssh version 2 +>ip ssh pubkey-chain +> username ansible +> key-hash ssh-rsa B1E29F17C950E2FEAB5BC3AC2A760208 +>ip ssh server algorithm mac hmac-sha2-256 +>! +>logging host 172.16.0.1 +>ipv6 ioam timestamp +>! +>! +>! +>control-plane +>! +>banner exec ^C +>************************************************************************** +>* IOSv is strictly limited to use for evaluation, demonstration and IOS * +>* education. IOSv is provided as-is and is not supported by Cisco's * +>* Technical Advisory Center. Any use or disclosure, in whole or in part, * +>* of the IOSv Software or Documentation to any third party for any * +>* purposes is expressly prohibited except as otherwise authorized by * +>* Cisco in writing. * +>**************************************************************************^C +>banner incoming ^C +>************************************************************************** +>* IOSv is strictly limited to use for evaluation, demonstration and IOS * +>* education. IOSv is provided as-is and is not supported by Cisco's * +>* Technical Advisory Center. Any use or disclosure, in whole or in part, * +>* of the IOSv Software or Documentation to any third party for any * +>* purposes is expressly prohibited except as otherwise authorized by * +>* Cisco in writing. * +>**************************************************************************^C +>banner login ^C +>this is my login banner +>^C +>! +>line con 0 +> exec-timeout 0 0 +> privilege level 15 +> logging synchronous +>line aux 0 +> exec-timeout 0 0 +> privilege level 15 +> logging synchronous +>line vty 0 4 +> login local +> transport input ssh +>! +>no scheduler allocate +>ntp server 1.1.1.3 +>! +>end +> * net_hostname: IOSv01 +> * net_image: flash0:/vios-adventerprisek9-m +> * net_iostype: IOS +> * net_memfree_mb: 244233.24609375 +> * net_memtotal_mb: 310087.16796875 +> * net_model: IOSv +> * net_python_version: 3.9.5 +> * net_serialnum: XXXX +> * net_system: ios +> * net_version: 15.7(3)M3 +> * discovered_interpreter_python: /usr/local/bin/python +> * ## Net_All_Ipv4_Addresses +> * 0: 123.123.123.123 +> * 1: 192.168.0.2 +> * ## Net_All_Ipv6_Addresses +> * 0: 1:11:11:11 +> * ## Net_Filesystems +> * 0: flash0: +> * ## Net_Filesystems_Info +> * ### Flash0: +> * spacefree_kb: 1941968.0 +> * spacetotal_kb: 2092496.0 +> * ## Net_Gather_Network_Resources +> * ## Net_Gather_Subset +> * 0: interfaces +> * 1: default +> * 2: hardware +> * 3: config +> * ## Net_Interfaces +> * ### Gigabitethernet0/0 +> * bandwidth: 1000000 +> * description: None +> * duplex: Auto +> * lineprotocol: up +> * macaddress: 0c05.2bf9.3e00 +> * mediatype: RJ45 +> * mtu: 1500 +> * operstatus: up +> * type: iGbE +> * #### Ipv4 +> * #### List +> * address: 123.123.123.123 +> * subnet: 24 +> * ### Gigabitethernet0/1 +> * bandwidth: 1000000 +> * description: None +> * duplex: Auto +> * lineprotocol: down +> * macaddress: 0c05.2bf9.3e01 +> * mediatype: RJ45 +> * mtu: 1500 +> * operstatus: administratively down +> * type: iGbE +> * #### Ipv4 +> * ### Gigabitethernet0/2 +> * bandwidth: 1000000 +> * description: Configured and Merged by Ansible Network +> * duplex: Auto +> * lineprotocol: down +> * macaddress: 0c05.2bf9.3e02 +> * mediatype: RJ45 +> * mtu: 1500 +> * operstatus: down +> * type: iGbE +> * #### Ipv4 +> * #### List +> * address: 192.168.0.2 +> * subnet: 24 +> * ### Gigabitethernet0/3 +> * bandwidth: 100000 +> * description: Configured and Merged by Ansible Network +> * duplex: Full +> * lineprotocol: down +> * macaddress: 0c05.2bf9.3e03 +> * mediatype: RJ45 +> * mtu: 2800 +> * operstatus: administratively down +> * type: iGbE +> * #### Ipv4 +> * #### Ipv6 +> * #### List +> * address: 1:11:11:11 +> * subnet: 11:11:11:11:11:11:11:11/64 [TEN] +> * ### Gigabitethernet0/3.100 +> * bandwidth: 100000 +> * description: None +> * duplex: None +> * lineprotocol: down +> * macaddress: 0c05.2bf9.3e03 +> * mediatype: None +> * mtu: 2800 +> * operstatus: administratively down +> * type: iGbE +> * #### Ipv4 +> * ## Net_Neighbors +> * ## Network_Resources + + +### ios-interfaces +*** +Manages interface attributes of Cisco IOS network devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_interfaces_module.html + + +#### Base Command + +`ios-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of interface options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosInterfaces.commands | unknown | The set of commands pushed to the remote device | + + +#### Command Example +```!ios-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/2', 'description': 'Configured and Merged by Ansible Network', 'enabled': True}, {'name': 'GigabitEthernet0/3', 'description': 'Configured and Merged by Ansible Network', 'mtu': 2800, 'enabled': False, 'speed': 100, 'duplex': 'full'}] }}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosInterfaces": { + "before": [ + { + "duplex": "auto", + "enabled": true, + "name": "GigabitEthernet0/0", + "speed": "auto" + }, + { + "duplex": "auto", + "enabled": false, + "name": "GigabitEthernet0/1", + "speed": "auto" + }, + { + "description": "Configured and Merged by Ansible Network", + "duplex": "auto", + "enabled": true, + "name": "GigabitEthernet0/2", + "speed": "auto" + }, + { + "description": "Configured and Merged by Ansible Network", + "duplex": "full", + "enabled": false, + "mtu": 2800, + "name": "GigabitEthernet0/3", + "speed": "100" + }, + { + "enabled": true, + "name": "GigabitEthernet0/3.100" + } + ], + "changed": false, + "commands": [], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Before +> * ## Gigabitethernet0/0 +> * duplex: auto +> * enabled: True +> * name: GigabitEthernet0/0 +> * speed: auto +> * ## Gigabitethernet0/1 +> * duplex: auto +> * enabled: False +> * name: GigabitEthernet0/1 +> * speed: auto +> * ## Gigabitethernet0/2 +> * description: Configured and Merged by Ansible Network +> * duplex: auto +> * enabled: True +> * name: GigabitEthernet0/2 +> * speed: auto +> * ## Gigabitethernet0/3 +> * description: Configured and Merged by Ansible Network +> * duplex: full +> * enabled: False +> * mtu: 2800 +> * name: GigabitEthernet0/3 +> * speed: 100 +> * ## Gigabitethernet0/3.100 +> * enabled: True +> * name: GigabitEthernet0/3.100 +> * ## Commands + + +### ios-l2-interfaces +*** +Manage Layer-2 interface on Cisco IOS devices. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_l2_interfaces_module.html + + +#### Base Command + +`ios-l2-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of Layer-2 interface options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosL2Interfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosL2Interfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosL2Interfaces.commands | unknown | The set of commands pushed to the remote device | + + + +### ios-l3-interfaces +*** +Manage Layer-3 interface on Cisco IOS devices. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_l3_interfaces_module.html + + +#### Base Command + +`ios-l3-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of Layer-3 interface options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosL3Interfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosL3Interfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosL3Interfaces.commands | unknown | The set of commands pushed to the remote device | + + +#### Command Example +```!ios-l3-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/3', 'ipv4': [{'address': '192.168.0.1/24', 'secondary': True}]}, {'name': 'GigabitEthernet0/2', 'ipv4': [{'address': '192.168.0.2/24'}]}, {'name': 'GigabitEthernet0/3', 'ipv6': [{'address': '1:11:11:11/64'}]}, {'name': 'GigabitEthernet0/3.100', 'ipv4': [{'address': '192.168.0.3/24'}]}] }}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosL3Interfaces": { + "after": [ + { + "ipv4": [ + { + "address": "123.123.123.123 255.255.255.0" + } + ], + "name": "GigabitEthernet0/0" + }, + { + "name": "GigabitEthernet0/1" + }, + { + "ipv4": [ + { + "address": "192.168.0.2 255.255.255.0" + } + ], + "name": "GigabitEthernet0/2" + }, + { + "ipv6": [ + { + "address": "1:11:11:11/64" + } + ], + "name": "GigabitEthernet0/3" + }, + { + "name": "GigabitEthernet0/3.100" + } + ], + "before": [ + { + "ipv4": [ + { + "address": "123.123.123.123 255.255.255.0" + } + ], + "name": "GigabitEthernet0/0" + }, + { + "name": "GigabitEthernet0/1" + }, + { + "ipv4": [ + { + "address": "192.168.0.2 255.255.255.0" + } + ], + "name": "GigabitEthernet0/2" + }, + { + "ipv6": [ + { + "address": "1:11:11:11/64" + } + ], + "name": "GigabitEthernet0/3" + }, + { + "name": "GigabitEthernet0/3.100" + } + ], + "changed": true, + "commands": [ + "interface GigabitEthernet0/3", + "ip address 192.168.0.1 255.255.255.0 secondary", + "interface GigabitEthernet0/3.100", + "ip address 192.168.0.3 255.255.255.0" + ], + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## After +> * ## Gigabitethernet0/0 +> * name: GigabitEthernet0/0 +> * ### Ipv4 +> * ### List +> * address: 123.123.123.123 255.255.255.0 +> * ## Gigabitethernet0/1 +> * name: GigabitEthernet0/1 +> * ## Gigabitethernet0/2 +> * name: GigabitEthernet0/2 +> * ### Ipv4 +> * ### List +> * address: 192.168.0.2 255.255.255.0 +> * ## Gigabitethernet0/3 +> * name: GigabitEthernet0/3 +> * ### Ipv6 +> * ### List +> * address: 1:11:11:11/64 +> * ## Gigabitethernet0/3.100 +> * name: GigabitEthernet0/3.100 +> * ## Before +> * ## Gigabitethernet0/0 +> * name: GigabitEthernet0/0 +> * ### Ipv4 +> * ### List +> * address: 123.123.123.123 255.255.255.0 +> * ## Gigabitethernet0/1 +> * name: GigabitEthernet0/1 +> * ## Gigabitethernet0/2 +> * name: GigabitEthernet0/2 +> * ### Ipv4 +> * ### List +> * address: 192.168.0.2 255.255.255.0 +> * ## Gigabitethernet0/3 +> * name: GigabitEthernet0/3 +> * ### Ipv6 +> * ### List +> * address: 1:11:11:11/64 +> * ## Gigabitethernet0/3.100 +> * name: GigabitEthernet0/3.100 +> * ## Commands +> * 0: interface GigabitEthernet0/3 +> * 1: ip address 192.168.0.1 255.255.255.0 secondary +> * 2: interface GigabitEthernet0/3.100 +> * 3: ip address 192.168.0.3 255.255.255.0 + + +### ios-lacp +*** +Manage Global Link Aggregation Control Protocol (LACP) on Cisco IOS devices. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lacp_module.html + + +#### Base Command + +`ios-lacp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | The provided configurations. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLacp.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosLacp.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosLacp.commands | unknown | The set of commands pushed to the remote device. | + + + +### ios-lacp-interfaces +*** +Manage Link Aggregation Control Protocol (LACP) on Cisco IOS devices interface. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lacp_interfaces_module.html + + +#### Base Command + +`ios-lacp-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of LACP lacp_interfaces option. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLacpInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosLacpInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosLacpInterfaces.commands | unknown | The set of commands pushed to the remote device. | + + + +### ios-lag-interfaces +*** +Manage Link Aggregation on Cisco IOS devices. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lag_interfaces_module.html + + +#### Base Command + +`ios-lag-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A list of link aggregation group configurations. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLagInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosLagInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosLagInterfaces.commands | unknown | The set of commands pushed to the remote device | + + + +### ios-linkagg +*** +Manage link aggregation groups on Cisco IOS network devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_linkagg_module.html + + +#### Base Command + +`ios-linkagg` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| group | Channel-group number for the port-channel Link aggregation group. Range 1-255. | Optional | +| mode | Mode of the link aggregation group. Possible values are: active, on, passive, auto, desirable. | Optional | +| members | List of members of the link aggregation group. | Optional | +| aggregate | List of link aggregation definitions. | Optional | +| state | State of the link aggregation group. Possible values are: present, absent. Default is present. | Optional | +| purge | Purge links not defined in the `aggregate` parameter. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLinkagg.commands | unknown | The list of configuration mode commands to send to the device | + + + +### ios-lldp +*** +Manage LLDP configuration on Cisco IOS network devices. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lldp_module.html + + +#### Base Command + +`ios-lldp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | State of the LLDP configuration. If value is `present` lldp will be enabled else if it is `absent` it will be disabled. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLldp.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!ios-lldp host="123.123.123.123" state="present" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosLldp": { + "changed": false, + "commands": [], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Commands + + +### ios-lldp-global +*** +Configure and manage Link Layer Discovery Protocol(LLDP) attributes on IOS platforms. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lldp_global_module.html + + +#### Base Command + +`ios-lldp-global` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of LLDP options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLldpGlobal.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosLldpGlobal.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosLldpGlobal.commands | unknown | The set of commands pushed to the remote device | + + +#### Command Example +```!ios-lldp-global host="123.123.123.123" config="{{ {'holdtime': 10, 'enabled': True, 'reinit': 3, 'timer': 10} }}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosLldpGlobal": { + "before": { + "enabled": true, + "holdtime": 10, + "reinit": 3, + "timer": 10 + }, + "changed": false, + "commands": [], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Before +> * enabled: True +> * holdtime: 10 +> * reinit: 3 +> * timer: 10 +> * ## Commands + + +### ios-lldp-interfaces +*** +Manage link layer discovery protocol (LLDP) attributes of interfaces on Cisco IOS devices. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_lldp_interfaces_module.html + + +#### Base Command + +`ios-lldp-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of LLDP options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLldpInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosLldpInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosLldpInterfaces.commands | unknown | The set of commands pushed to the remote device. | + + +#### Command Example +```!ios-lldp-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/1', 'receive': True, 'transmit': True}, {'name': 'GigabitEthernet0/2', 'receive': True}, {'name': 'GigabitEthernet0/3', 'transmit': True}] }}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosLldpInterfaces": { + "before": [ + { + "name": "GigabitEthernet0/0", + "receive": true, + "transmit": true + }, + { + "name": "GigabitEthernet0/1", + "receive": true, + "transmit": true + }, + { + "name": "GigabitEthernet0/2", + "receive": true, + "transmit": true + }, + { + "name": "GigabitEthernet0/3", + "receive": true, + "transmit": true + }, + { + "name": "GigabitEthernet0/3.100", + "receive": true, + "transmit": true + } + ], + "changed": false, + "commands": [], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Before +> * ## Gigabitethernet0/0 +> * name: GigabitEthernet0/0 +> * receive: True +> * transmit: True +> * ## Gigabitethernet0/1 +> * name: GigabitEthernet0/1 +> * receive: True +> * transmit: True +> * ## Gigabitethernet0/2 +> * name: GigabitEthernet0/2 +> * receive: True +> * transmit: True +> * ## Gigabitethernet0/3 +> * name: GigabitEthernet0/3 +> * receive: True +> * transmit: True +> * ## Gigabitethernet0/3.100 +> * name: GigabitEthernet0/3.100 +> * receive: True +> * transmit: True +> * ## Commands + + +### ios-logging +*** +Manage logging on network devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_logging_module.html + + +#### Base Command + +`ios-logging` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dest | Destination of the logs. Possible values are: on, host, console, monitor, buffered, trap. | Optional | +| name | The hostname or IP address of the destination. Required when `dest=host`. | Optional | +| size | Size of buffer. The acceptable value is in range from 4096 to 4294967295 bytes. Default is 4096. | Optional | +| facility | Set logging facility. | Optional | +| level | Set logging severity levels. Possible values are: emergencies, alerts, critical, errors, warnings, notifications, informational, debugging. Default is debugging. | Optional | +| aggregate | List of logging definitions. | Optional | +| state | State of the logging configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosLogging.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!ios-logging host="123.123.123.123" dest="host" name="172.16.0.1" state="present" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosLogging": { + "changed": false, + "commands": [], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Commands + + +### ios-ntp +*** +Manages core NTP configuration. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_ntp_module.html + + +#### Base Command + +`ios-ntp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| server | Network address of NTP server. | Optional | +| source_int | Source interface for NTP packets. | Optional | +| acl | ACL for peer/server access restricition. | Optional | +| logging | Enable NTP logs. Data type boolean. Possible values are: Yes, No. Default is No. | Optional | +| auth | Enable NTP authentication. Data type boolean. Possible values are: Yes, No. Default is No. | Optional | +| auth_key | md5 NTP authentication key of type 7. | Optional | +| key_id | auth_key id. Data type string. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosNtp.commands | unknown | command sent to the device | + + +#### Command Example +```!ios-ntp host="123.123.123.123" server="1.1.1.3" source_int="GigabitEthernet0/1" logging="False" state="present" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosNtp": { + "changed": true, + "commands": [ + "ntp source GigabitEthernet0/1" + ], + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Commands +> * 0: ntp source GigabitEthernet0/1 + + +### ios-ping +*** +Tests reachability using ping from Cisco IOS network devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_ping_module.html + + +#### Base Command + +`ios-ping` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| count | Number of packets to send. Default is 5. | Optional | +| dest | The IP Address or hostname (resolvable by switch) of the remote node. | Required | +| source | The source IP Address. | Optional | +| state | Determines if the expected result is success or fail. Possible values are: absent, present. Default is present. | Optional | +| vrf | The VRF to use for forwarding. Default is default. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosPing.commands | unknown | Show the command sent. | +| CiscoIOS.IosPing.packet_loss | string | Percentage of packets lost. | +| CiscoIOS.IosPing.packets_rx | number | Packets successfully received. | +| CiscoIOS.IosPing.packets_tx | number | Packets successfully transmitted. | +| CiscoIOS.IosPing.rtt | unknown | Show RTT stats. | + + + +### ios-static-route +*** +Manage static IP routes on Cisco IOS network devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_static_route_module.html + + +#### Base Command + +`ios-static-route` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| prefix | Network prefix of the static route. | Optional | +| mask | Network prefix mask of the static route. | Optional | +| next_hop | Next hop IP of the static route. | Optional | +| vrf | VRF of the static route. | Optional | +| interface | Interface of the static route. | Optional | +| name | Name of the static route. | Optional | +| admin_distance | Admin distance of the static route. | Optional | +| tag | Set tag of the static route. | Optional | +| track | Tracked item to depend on for the static route. | Optional | +| aggregate | List of static route definitions. | Optional | +| state | State of the static route configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosStaticRoute.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!ios-static-route host="123.123.123.123" prefix="192.168.2.0" mask="255.255.255.0" next_hop="10.0.0.1" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosStaticRoute": { + "changed": false, + "commands": [], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Commands + + +### ios-system +*** +Manage the system attributes on Cisco IOS devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_system_module.html + + +#### Base Command + +`ios-system` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| hostname | Configure the device hostname parameter. This option takes an ASCII string value. | Optional | +| domain_name | Configure the IP domain name on the remote device to the provided value. Value should be in the dotted name form and will be appended to the `hostname` to create a fully-qualified domain name. | Optional | +| domain_search | Provides the list of domain suffixes to append to the hostname for the purpose of doing name resolution. This argument accepts a list of names and will be reconciled with the current active configuration on the running node. | Optional | +| lookup_source | Provides one or more source interfaces to use for performing DNS lookups. The interface provided in `lookup_source` must be a valid interface configured on the device. | Optional | +| lookup_enabled | Administrative control for enabling or disabling DNS lookups. When this argument is set to True, lookups are performed and when it is set to False, lookups are not performed. | Optional | +| name_servers | List of DNS name servers by IP address to use to perform name resolution lookups. This argument accepts either a list of DNS servers See examples. | Optional | +| state | State of the configuration values in the device's current active configuration. When set to `present`, the values should be configured in the device active configuration and when set to `absent` the values should not be in the device active configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosSystem.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!ios-system host="123.123.123.123" hostname="ios01" domain_name="test.example.com" domain_search="{{ ['ansible.com', 'redhat.com', 'cisco.com'] }}" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosSystem": { + "changed": true, + "commands": [ + "hostname ios01" + ], + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Commands +> * 0: hostname ios01 + + +### ios-user +*** +Manage the aggregate of local users on Cisco IOS device +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_user_module.html + + +#### Base Command + +`ios-user` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| aggregate | The set of username objects to be configured on the remote Cisco IOS device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the `name` argument. | Optional | +| name | The username to be configured on the Cisco IOS device. This argument accepts a string value and is mutually exclusive with the `aggregate` argument. Please note that this option is not same as `provider username`. | Optional | +| configured_password | The password to be configured on the Cisco IOS device. The password needs to be provided in clear and it will be encrypted on the device. Please note that this option is not same as `provider password`. | Optional | +| update_password | Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to `always`, the password will always be updated in the device and when set to `on_create` the password will be updated only if the username is created. Possible values are: on_create, always. Default is always. | Optional | +| password_type | This argument determines whether a 'password' or 'secret' will be configured. Possible values are: secret, password. Default is secret. | Optional | +| hashed_password | This option allows configuring hashed passwords on Cisco IOS devices. | Optional | +| privilege | The `privilege` argument configures the privilege level of the user when logged into the system. This argument accepts integer values in the range of 1 to 15. | Optional | +| view | Configures the view for the username in the device running configuration. The argument accepts a string value defining the view name. This argument does not check if the view has been configured on the device. | Optional | +| sshkey | Specifies one or more SSH public key(s) to configure for the given username. This argument accepts a valid SSH key value. | Optional | +| nopassword | Defines the username without assigning a password. This will allow the user to login to the system without being authenticated by a password. | Optional | +| purge | Instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user (the current defined set of users). Possible values are: Yes, No. Default is No. | Optional | +| state | Configures the state of the username definition as it relates to the device operational configuration. When set to `present`, the username(s) should be configured in the device active configuration and when set to `absent` the username(s) should not be in the device active configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosUser.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!ios-user host="123.123.123.123" name="ansible" nopassword="True" sshkey="ssh-rsa AAAA...u+DM=" state="present" ``` + +#### Context Example +```json +{ + "CiscoIOS": { + "IosUser": { + "changed": true, + "commands": [ + "ip ssh pubkey-chain", + "username ansible", + "key-hash ssh-rsa B1E29F17C950E2FEAB5BC3AC2A760208", + "exit", + "exit" + ], + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Commands +> * 0: ip ssh pubkey-chain +> * 1: username ansible +> * 2: key-hash ssh-rsa B1E29F17C950E2FEAB5BC3AC2A760208 +> * 3: exit +> * 3: exit + + +### ios-vlans +*** +Manage VLANs on Cisco IOS devices. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_vlans_module.html + + +#### Base Command + +`ios-vlans` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of VLANs options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosVlans.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoIOS.IosVlans.after | unknown | The configuration as structured data after module completion. | +| CiscoIOS.IosVlans.commands | unknown | The set of commands pushed to the remote device. | + + + +### ios-vrf +*** +Manage the collection of VRF definitions on Cisco IOS devices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ios_vrf_module.html + + +#### Base Command + +`ios-vrf` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| vrfs | The set of VRF definition objects to be configured on the remote IOS device. Ths list entries can either be the VRF name or a hash of VRF definitions and attributes. This argument is mutually exclusive with the `name` argument. | Optional | +| name | The name of the VRF definition to be managed on the remote IOS device. The VRF definition name is an ASCII string name used to uniquely identify the VRF. This argument is mutually exclusive with the `vrfs` argument. | Optional | +| description | Provides a short description of the VRF definition in the current active configuration. The VRF definition value accepts alphanumeric characters used to provide additional information about the VRF. | Optional | +| rd | The router-distinguisher value uniquely identifies the VRF to routing processes on the remote IOS system. The RD value takes the form of `A:B` where `A` and `B` are both numeric values. | Optional | +| interfaces | Identifies the set of interfaces that should be configured in the VRF. Interfaces must be routed interfaces in order to be placed into a VRF. | Optional | +| associated_interfaces | This is a intent option and checks the operational state of the for given vrf `name` for associated interfaces. If the value in the `associated_interfaces` does not match with the operational state of vrf interfaces on device it will result in failure. | Optional | +| delay | Time in seconds to wait before checking for the operational state on remote device. Default is 10. | Optional | +| purge | Instructs the module to consider the VRF definition absolute. It will remove any previously configured VRFs on the device. Possible values are: Yes, No. Default is No. | Optional | +| state | Configures the state of the VRF definition as it relates to the device operational configuration. When set to `present`, the VRF should be configured in the device active configuration and when set to `absent` the VRF should not be in the device active configuration. Possible values are: present, absent. Default is present. | Optional | +| route_both | Adds an export and import list of extended route target communities to the VRF. | Optional | +| route_export | Adds an export list of extended route target communities to the VRF. | Optional | +| route_import | Adds an import list of extended route target communities to the VRF. | Optional | +| route_both_ipv4 | Adds an export and import list of extended route target communities in address-family configuration submode to the VRF. | Optional | +| route_export_ipv4 | Adds an export list of extended route target communities in address-family configuration submode to the VRF. | Optional | +| route_import_ipv4 | Adds an import list of extended route target communities in address-family configuration submode to the VRF. | Optional | +| route_both_ipv6 | Adds an export and import list of extended route target communities in address-family configuration submode to the VRF. | Optional | +| route_export_ipv6 | Adds an export list of extended route target communities in address-family configuration submode to the VRF. | Optional | +| route_import_ipv6 | Adds an import list of extended route target communities in address-family configuration submode to the VRF. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoIOS.IosVrf.commands | unknown | The list of configuration mode commands to send to the device | +| CiscoIOS.IosVrf.start | string | The time the job started | +| CiscoIOS.IosVrf.end | string | The time the job ended | +| CiscoIOS.IosVrf.delta | string | The time elapsed to perform all operations | + + diff --git a/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/command_examples b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/command_examples new file mode 100644 index 000000000000..df63e8abecbf --- /dev/null +++ b/Packs/AnsibleCiscoIOS/Integrations/AnsibleCiscoIOS/command_examples @@ -0,0 +1,23 @@ +!ios-banner host="123.123.123.123" banner="login" text="this is my login banner" state="present" +!ios-bgp host="123.123.123.123" config="{{ {'bgp_as': 64496, 'router_id': '192.0.2.1', 'log_neighbor_changes': True, 'neighbors': [{'neighbor': '1.1.1.1', 'remote_as': 64511, 'timers': {'keepalive': 300, 'holdtime': 360, 'min_neighbor_holdtime': 360}}, {'neighbor': '1.1.1.2', 'remote_as': 64498}], 'networks': [{'prefix': '198.51.100.0', 'route_map': 'RMAP_1'}, {'prefix': '192.0.2.0', 'masklen': 23}], 'address_family': [{'afi': 'ipv4', 'safi': 'unicast', 'redistribute': [{'protocol': 'ospf', 'id': 223, 'metric': 10}]}]} }}" operation="merge" +!ios-command host="123.123.123.123" commands="show version" +!ios-config host="123.123.123.123" lines="hostname IOSv01" backup="yes" +!ios-facts host="123.123.123.123" gather_subset="all" +!ios-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/2', 'description': 'Configured and Merged by Ansible Network', 'enabled': True}, {'name': 'GigabitEthernet0/3', 'description': 'Configured and Merged by Ansible Network', 'mtu': 2800, 'enabled': False, 'speed': 100, 'duplex': 'full'}] }}" state="merged" +!ios-l2-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/3', 'access': {'vlan': 10}}, {'name': 'GigabitEthernet0/2'] }}" state="merged" +!ios-l3-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/3', 'ipv4': [{'address': '192.168.0.1/24', 'secondary': True}]}, {'name': 'GigabitEthernet0/2', 'ipv4': [{'address': '192.168.0.2/24'}]}, {'name': 'GigabitEthernet0/3', 'ipv6': [{'address': '11:11:11:11:11:11:11:11/64'}]}, {'name': 'GigabitEthernet0/3.100', 'ipv4': [{'address': '192.168.0.3/24'}]}] }}" state="merged" +!ios-lacp host="123.123.123.123" config="{'system': {'priority': 123}}" state="merged" +!ios-lacp-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/1', 'port_priority': 10}, {'name': 'GigabitEthernet0/2', 'port_priority': 20}, {'name': 'GigabitEthernet0/3', 'port_priority': 30}, {'name': 'Port-channel10', 'fast_switchover': True, 'max_bundle': 5}] }}" state="merged" +!ios-lag-interfaces host="123.123.123.123" config="{{ [{'name': 10, 'members': [{'member': 'GigabitEthernet0/2', 'mode': 'auto'}]}, {'name': 20, 'members': [{'member': 'GigabitEthernet0/3', 'mode': True}]}, {'name': 30, 'members': [{'member': 'GigabitEthernet0/4', 'mode': 'active'}]}] }}" state="merged" +!ios-linkagg host="123.123.123.123" group="10" state="present" +!ios-lldp host="123.123.123.123" state="present" +!ios-lldp-global host="123.123.123.123" config="{{ {'holdtime': 10, 'enabled': True, 'reinit': 3, 'timer': 10} }}" state="merged" +!ios-lldp-interfaces host="123.123.123.123" config="{{ [{'name': 'GigabitEthernet0/1', 'receive': True, 'transmit': True}, {'name': 'GigabitEthernet0/2', 'receive': True}, {'name': 'GigabitEthernet0/3', 'transmit': True}] }}" state="merged" +!ios-logging host="123.123.123.123" dest="host" name="172.16.0.1" state="present" +!ios-ntp host="123.123.123.123" server="10.0.255.10" source_int="GigabitEthernet0/1" logging="False" state="present" +!ios-ping host="123.123.123.123" dest="8.8.8.8" +!ios-static-route host="123.123.123.123" prefix="192.168.2.0" mask="255.255.255.0" next_hop="10.0.0.1" +!ios-system host="123.123.123.123" hostname="ios01" domain_name="test.example.com" domain_search="{{ ['ansible.com', 'redhat.com', 'cisco.com'] }}" +!ios-user host="123.123.123.123" name="ansible" nopassword="True" sshkey="ssh-rsa AAAA...u+DM=" state="present" +!ios-vlans host="123.123.123.123" config="{{ [{'name': 'Vlan_10', 'vlan_id': 10, 'state': 'active', 'shutdown': 'disabled'}, {'name': 'Vlan_20', 'vlan_id': 20, 'mtu': 610, 'state': 'active', 'shutdown': 'enabled'}, {'name': 'Vlan_30', 'vlan_id': 30, 'state': 'suspend', 'shutdown': 'enabled'}] }}" state="merged" +!ios-vrf host="123.123.123.123" name="management" description="oob mgmt vrf" interfaces="GigabitEthernet0/4" diff --git a/Packs/AnsibleCiscoIOS/README.md b/Packs/AnsibleCiscoIOS/README.md new file mode 100644 index 000000000000..ea964edbd8a9 --- /dev/null +++ b/Packs/AnsibleCiscoIOS/README.md @@ -0,0 +1,18 @@ +This pack enables you to manage Cisco IOS switches and routers using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack allow you to manage? + +* Banners +* Border Gateway Protocol (BGP) +* Execute arbitrary commands +* Interfaces +* Link Aggregation Control Protocol (LACP) +* Link Aggregation Group (LAG) +* Link Layer Discovery Protocol (LLDP) +* Logging +* NTP +* Routes +* System settings +* Users +* VLANs +* Virtual Routing and Forwarding (VRF) \ No newline at end of file diff --git a/Packs/AnsibleCiscoIOS/pack_metadata.json b/Packs/AnsibleCiscoIOS/pack_metadata.json new file mode 100644 index 000000000000..9041e95a5900 --- /dev/null +++ b/Packs/AnsibleCiscoIOS/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible Cisco IOS", + "description": "Manage and control Cisco IOS based network devices.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT", "Network"], + "useCases": ["IT Services", "Asset Management", "Network Security"], + "keywords": [] +} \ No newline at end of file diff --git a/Packs/AnsibleCiscoNXOS/.pack-ignore b/Packs/AnsibleCiscoNXOS/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleCiscoNXOS/.secrets-ignore b/Packs/AnsibleCiscoNXOS/.secrets-ignore new file mode 100644 index 000000000000..790edf8b882d --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/.secrets-ignore @@ -0,0 +1,4 @@ +123.123.123.123 +192.168.3.0 +11:11:11:11:11:11:11:11 +1.1.1 diff --git a/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.py b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.py new file mode 100644 index 000000000000..ca9c1a7fff73 --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.py @@ -0,0 +1,198 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'nxos' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + result = generic_ansible('CiscoNXOS', 'nxos_facts', args, int_params, host_type) + + if result: + return_results('ok') + else: + return_results(result) + + elif command == 'nxos-aaa-server': + return_results(generic_ansible('CiscoNXOS', 'nxos_aaa_server', args, int_params, host_type)) + elif command == 'nxos-aaa-server-host': + return_results(generic_ansible('CiscoNXOS', 'nxos_aaa_server_host', args, int_params, host_type)) + elif command == 'nxos-acl': + return_results(generic_ansible('CiscoNXOS', 'nxos_acl', args, int_params, host_type)) + elif command == 'nxos-acl-interface': + return_results(generic_ansible('CiscoNXOS', 'nxos_acl_interface', args, int_params, host_type)) + elif command == 'nxos-banner': + return_results(generic_ansible('CiscoNXOS', 'nxos_banner', args, int_params, host_type)) + elif command == 'nxos-bfd-global': + return_results(generic_ansible('CiscoNXOS', 'nxos_bfd_global', args, int_params, host_type)) + elif command == 'nxos-bfd-interfaces': + return_results(generic_ansible('CiscoNXOS', 'nxos_bfd_interfaces', args, int_params, host_type)) + elif command == 'nxos-bgp': + return_results(generic_ansible('CiscoNXOS', 'nxos_bgp', args, int_params, host_type)) + elif command == 'nxos-bgp-af': + return_results(generic_ansible('CiscoNXOS', 'nxos_bgp_af', args, int_params, host_type)) + elif command == 'nxos-bgp-neighbor': + return_results(generic_ansible('CiscoNXOS', 'nxos_bgp_neighbor', args, int_params, host_type)) + elif command == 'nxos-bgp-neighbor-af': + return_results(generic_ansible('CiscoNXOS', 'nxos_bgp_neighbor_af', args, int_params, host_type)) + elif command == 'nxos-command': + return_results(generic_ansible('CiscoNXOS', 'nxos_command', args, int_params, host_type)) + elif command == 'nxos-config': + return_results(generic_ansible('CiscoNXOS', 'nxos_config', args, int_params, host_type)) + elif command == 'nxos-evpn-global': + return_results(generic_ansible('CiscoNXOS', 'nxos_evpn_global', args, int_params, host_type)) + elif command == 'nxos-evpn-vni': + return_results(generic_ansible('CiscoNXOS', 'nxos_evpn_vni', args, int_params, host_type)) + elif command == 'nxos-facts': + return_results(generic_ansible('CiscoNXOS', 'nxos_facts', args, int_params, host_type)) + elif command == 'nxos-feature': + return_results(generic_ansible('CiscoNXOS', 'nxos_feature', args, int_params, host_type)) + elif command == 'nxos-gir': + return_results(generic_ansible('CiscoNXOS', 'nxos_gir', args, int_params, host_type)) + elif command == 'nxos-gir-profile-management': + return_results(generic_ansible('CiscoNXOS', 'nxos_gir_profile_management', args, int_params, host_type)) + elif command == 'nxos-hsrp': + return_results(generic_ansible('CiscoNXOS', 'nxos_hsrp', args, int_params, host_type)) + elif command == 'nxos-igmp': + return_results(generic_ansible('CiscoNXOS', 'nxos_igmp', args, int_params, host_type)) + elif command == 'nxos-igmp-interface': + return_results(generic_ansible('CiscoNXOS', 'nxos_igmp_interface', args, int_params, host_type)) + elif command == 'nxos-igmp-snooping': + return_results(generic_ansible('CiscoNXOS', 'nxos_igmp_snooping', args, int_params, host_type)) + elif command == 'nxos-install-os': + return_results(generic_ansible('CiscoNXOS', 'nxos_install_os', args, int_params, host_type)) + elif command == 'nxos-interface-ospf': + return_results(generic_ansible('CiscoNXOS', 'nxos_interface_ospf', args, int_params, host_type)) + elif command == 'nxos-interfaces': + return_results(generic_ansible('CiscoNXOS', 'nxos_interfaces', args, int_params, host_type)) + elif command == 'nxos-l2-interfaces': + return_results(generic_ansible('CiscoNXOS', 'nxos_l2_interfaces', args, int_params, host_type)) + elif command == 'nxos-l3-interfaces': + return_results(generic_ansible('CiscoNXOS', 'nxos_l3_interfaces', args, int_params, host_type)) + elif command == 'nxos-lacp': + return_results(generic_ansible('CiscoNXOS', 'nxos_lacp', args, int_params, host_type)) + elif command == 'nxos-lacp-interfaces': + return_results(generic_ansible('CiscoNXOS', 'nxos_lacp_interfaces', args, int_params, host_type)) + elif command == 'nxos-lag-interfaces': + return_results(generic_ansible('CiscoNXOS', 'nxos_lag_interfaces', args, int_params, host_type)) + elif command == 'nxos-lldp': + return_results(generic_ansible('CiscoNXOS', 'nxos_lldp', args, int_params, host_type)) + elif command == 'nxos-lldp-global': + return_results(generic_ansible('CiscoNXOS', 'nxos_lldp_global', args, int_params, host_type)) + elif command == 'nxos-logging': + return_results(generic_ansible('CiscoNXOS', 'nxos_logging', args, int_params, host_type)) + elif command == 'nxos-ntp': + return_results(generic_ansible('CiscoNXOS', 'nxos_ntp', args, int_params, host_type)) + elif command == 'nxos-ntp-auth': + return_results(generic_ansible('CiscoNXOS', 'nxos_ntp_auth', args, int_params, host_type)) + elif command == 'nxos-ntp-options': + return_results(generic_ansible('CiscoNXOS', 'nxos_ntp_options', args, int_params, host_type)) + elif command == 'nxos-nxapi': + return_results(generic_ansible('CiscoNXOS', 'nxos_nxapi', args, int_params, host_type)) + elif command == 'nxos-ospf': + return_results(generic_ansible('CiscoNXOS', 'nxos_ospf', args, int_params, host_type)) + elif command == 'nxos-ospf-vrf': + return_results(generic_ansible('CiscoNXOS', 'nxos_ospf_vrf', args, int_params, host_type)) + elif command == 'nxos-overlay-global': + return_results(generic_ansible('CiscoNXOS', 'nxos_overlay_global', args, int_params, host_type)) + elif command == 'nxos-pim': + return_results(generic_ansible('CiscoNXOS', 'nxos_pim', args, int_params, host_type)) + elif command == 'nxos-pim-interface': + return_results(generic_ansible('CiscoNXOS', 'nxos_pim_interface', args, int_params, host_type)) + elif command == 'nxos-pim-rp-address': + return_results(generic_ansible('CiscoNXOS', 'nxos_pim_rp_address', args, int_params, host_type)) + elif command == 'nxos-ping': + return_results(generic_ansible('CiscoNXOS', 'nxos_ping', args, int_params, host_type)) + elif command == 'nxos-reboot': + return_results(generic_ansible('CiscoNXOS', 'nxos_reboot', args, int_params, host_type)) + elif command == 'nxos-rollback': + return_results(generic_ansible('CiscoNXOS', 'nxos_rollback', args, int_params, host_type)) + elif command == 'nxos-rpm': + return_results(generic_ansible('CiscoNXOS', 'nxos_rpm', args, int_params, host_type)) + elif command == 'nxos-smu': + return_results(generic_ansible('CiscoNXOS', 'nxos_smu', args, int_params, host_type)) + elif command == 'nxos-snapshot': + return_results(generic_ansible('CiscoNXOS', 'nxos_snapshot', args, int_params, host_type)) + elif command == 'nxos-snmp-community': + return_results(generic_ansible('CiscoNXOS', 'nxos_snmp_community', args, int_params, host_type)) + elif command == 'nxos-snmp-contact': + return_results(generic_ansible('CiscoNXOS', 'nxos_snmp_contact', args, int_params, host_type)) + elif command == 'nxos-snmp-host': + return_results(generic_ansible('CiscoNXOS', 'nxos_snmp_host', args, int_params, host_type)) + elif command == 'nxos-snmp-location': + return_results(generic_ansible('CiscoNXOS', 'nxos_snmp_location', args, int_params, host_type)) + elif command == 'nxos-snmp-traps': + return_results(generic_ansible('CiscoNXOS', 'nxos_snmp_traps', args, int_params, host_type)) + elif command == 'nxos-snmp-user': + return_results(generic_ansible('CiscoNXOS', 'nxos_snmp_user', args, int_params, host_type)) + elif command == 'nxos-static-route': + return_results(generic_ansible('CiscoNXOS', 'nxos_static_route', args, int_params, host_type)) + elif command == 'nxos-system': + return_results(generic_ansible('CiscoNXOS', 'nxos_system', args, int_params, host_type)) + elif command == 'nxos-telemetry': + return_results(generic_ansible('CiscoNXOS', 'nxos_telemetry', args, int_params, host_type)) + elif command == 'nxos-udld': + return_results(generic_ansible('CiscoNXOS', 'nxos_udld', args, int_params, host_type)) + elif command == 'nxos-udld-interface': + return_results(generic_ansible('CiscoNXOS', 'nxos_udld_interface', args, int_params, host_type)) + elif command == 'nxos-user': + return_results(generic_ansible('CiscoNXOS', 'nxos_user', args, int_params, host_type)) + elif command == 'nxos-vlans': + return_results(generic_ansible('CiscoNXOS', 'nxos_vlans', args, int_params, host_type)) + elif command == 'nxos-vpc': + return_results(generic_ansible('CiscoNXOS', 'nxos_vpc', args, int_params, host_type)) + elif command == 'nxos-vpc-interface': + return_results(generic_ansible('CiscoNXOS', 'nxos_vpc_interface', args, int_params, host_type)) + elif command == 'nxos-vrf': + return_results(generic_ansible('CiscoNXOS', 'nxos_vrf', args, int_params, host_type)) + elif command == 'nxos-vrf-af': + return_results(generic_ansible('CiscoNXOS', 'nxos_vrf_af', args, int_params, host_type)) + elif command == 'nxos-vrf-interface': + return_results(generic_ansible('CiscoNXOS', 'nxos_vrf_interface', args, int_params, host_type)) + elif command == 'nxos-vrrp': + return_results(generic_ansible('CiscoNXOS', 'nxos_vrrp', args, int_params, host_type)) + elif command == 'nxos-vtp-domain': + return_results(generic_ansible('CiscoNXOS', 'nxos_vtp_domain', args, int_params, host_type)) + elif command == 'nxos-vtp-password': + return_results(generic_ansible('CiscoNXOS', 'nxos_vtp_password', args, int_params, host_type)) + elif command == 'nxos-vtp-version': + return_results(generic_ansible('CiscoNXOS', 'nxos_vtp_version', args, int_params, host_type)) + elif command == 'nxos-vxlan-vtep': + return_results(generic_ansible('CiscoNXOS', 'nxos_vxlan_vtep', args, int_params, host_type)) + elif command == 'nxos-vxlan-vtep-vni': + return_results(generic_ansible('CiscoNXOS', 'nxos_vxlan_vtep_vni', args, int_params, host_type)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.yml b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.yml new file mode 100644 index 000000000000..7f4a47429538 --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS.yml @@ -0,0 +1,3878 @@ +category: IT Services +commonfields: + id: AnsibleCiscoNXOS + version: -1 +configuration: +- additionalinfo: The credentials to associate with the instance. SSH keys can be + configured using the credential manager. + display: Username + name: creds + required: true + type: 9 +- additionalinfo: The default port to use if one is not specified in the commands + `host` argument. + defaultvalue: 22 + display: Default SSH Port + name: port + required: true + type: 0 +- additionalinfo: If multiple hosts are specified in a command, how many hosts should + be interacted with concurrently. + defaultvalue: '4' + display: Concurrency Factor + name: concurrency + required: true + type: 0 +description: Cisco NX-OS Platform management over SSH +display: Ansible Cisco NXOS +fromversion: 6.0.0 +name: AnsibleCiscoNXOS +script: + commands: + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: The server type is either radius or tacacs. + name: server_type + predefined: + - radius + - tacacs + required: true + - description: Global AAA shared secret or keyword 'default'. + name: global_key + - auto: PREDEFINED + description: The state of encryption applied to the entered global key. O clear + text, 7 encrypted. Type-6 encryption is not supported. + name: encrypt_type + predefined: + - '0' + - '7' + - description: Duration for which a non-reachable AAA server is skipped, in minutes + or keyword 'default. Range is 1-1440. Device default is 0. + name: deadtime + - description: Global AAA server timeout period, in seconds or keyword 'default. + Range is 1-60. Device default is 5. + name: server_timeout + - auto: PREDEFINED + description: Enables direct authentication requests to AAA server or keyword + 'default' Device default is disabled. + name: directed_request + predefined: + - enabled + - disabled + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - default + description: "Manages AAA server global configuration.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_aaa_server_module.html" + name: nxos-aaa-server + outputs: + - contextPath: CiscoNXOS.NxosAaaServer.commands + description: command sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: The server type is either radius or tacacs. + name: server_type + predefined: + - radius + - tacacs + required: true + - description: Address or name of the radius or tacacs host. + name: address + required: true + - description: Shared secret for the specified host or keyword 'default'. + name: key + - auto: PREDEFINED + description: The state of encryption applied to the entered key. O for clear + text, 7 for encrypted. Type-6 encryption is not supported. + name: encrypt_type + predefined: + - '0' + - '7' + - description: Timeout period for specified host, in seconds or keyword 'default. + Range is 1-60. + name: host_timeout + - description: Alternate UDP port for RADIUS authentication or keyword 'default'. + name: auth_port + - description: Alternate UDP port for RADIUS accounting or keyword 'default'. + name: acct_port + - description: Alternate TCP port TACACS Server or keyword 'default'. + name: tacacs_port + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages AAA server host-specific configuration.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_aaa_server_host_module.html" + name: nxos-aaa-server-host + outputs: + - contextPath: CiscoNXOS.NxosAaaServerHost.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosAaaServerHost.existing + description: k/v pairs of existing configuration + type: unknown + - contextPath: CiscoNXOS.NxosAaaServerHost.end_state + description: k/v pairs of configuration after module execution + type: unknown + - contextPath: CiscoNXOS.NxosAaaServerHost.updates + description: command sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosAaaServerHost.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Sequence number of the entry (ACE). + name: seq + - description: Case sensitive name of the access list (ACL). + name: name + required: true + - auto: PREDEFINED + description: Action of the ACE. + name: action + predefined: + - permit + - deny + - remark + - description: If action is set to remark, this is the description. + name: remark + - description: Port number or protocol (as supported by the switch). + name: proto + - description: Source ip and mask using IP/MASK notation and supports keyword + 'any'. + name: src + - auto: PREDEFINED + description: Source port operands such as eq, neq, gt, lt, range. + name: src_port_op + predefined: + - any + - eq + - gt + - lt + - neq + - range + - description: Port/protocol and also first (lower) port when using range operand. + name: src_port1 + - description: Second (end) port when using range operand. + name: src_port2 + - description: Destination ip and mask using IP/MASK notation and supports the + keyword 'any'. + name: dest + - auto: PREDEFINED + description: Destination port operands such as eq, neq, gt, lt, range. + name: dest_port_op + predefined: + - any + - eq + - gt + - lt + - neq + - range + - description: Port/protocol and also first (lower) port when using range operand. + name: dest_port1 + - description: Second (end) port when using range operand. + name: dest_port2 + - auto: PREDEFINED + description: Log matches against this entry. + name: log + predefined: + - enable + - auto: PREDEFINED + description: Match on the URG bit. + name: urg + predefined: + - enable + - auto: PREDEFINED + description: Match on the ACK bit. + name: ack + predefined: + - enable + - auto: PREDEFINED + description: Match on the PSH bit. + name: psh + predefined: + - enable + - auto: PREDEFINED + description: Match on the RST bit. + name: rst + predefined: + - enable + - auto: PREDEFINED + description: Match on the SYN bit. + name: syn + predefined: + - enable + - auto: PREDEFINED + description: Match on the FIN bit. + name: fin + predefined: + - enable + - auto: PREDEFINED + description: Match established connections. + name: established + predefined: + - enable + - auto: PREDEFINED + description: Check non-initial fragments. + name: fragments + predefined: + - enable + - description: Name of time-range to apply. + name: time_range + - auto: PREDEFINED + description: Match packets with given precedence. + name: precedence + predefined: + - critical + - flash + - flash-override + - immediate + - internet + - network + - priority + - routine + - auto: PREDEFINED + description: Match packets with given dscp value. + name: dscp + predefined: + - af11 + - af12 + - af13 + - af21 + - af22 + - af23 + - af31 + - af32 + - af33 + - af41 + - af42 + - af43 + - cs1 + - cs2 + - cs3 + - cs4 + - cs5 + - cs6 + - cs7 + - default + - ef + - auto: PREDEFINED + defaultValue: present + description: Specify desired state of the resource. + name: state + predefined: + - present + - absent + - delete_acl + description: "Manages access list entries for ACLs.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_acl_module.html" + name: nxos-acl + outputs: + - contextPath: CiscoNXOS.NxosAcl.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Case sensitive name of the access list (ACL). + name: name + required: true + - description: Full name of interface, e.g. `Ethernet1/1`. + name: interface + required: true + - auto: PREDEFINED + description: Direction ACL to be applied in on the interface. + name: direction + predefined: + - ingress + - egress + required: true + - auto: PREDEFINED + defaultValue: present + description: Specify desired state of the resource. + name: state + predefined: + - present + - absent + description: "Manages applying ACLs to interfaces.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_acl_interface_module.html" + name: nxos-acl-interface + outputs: + - contextPath: CiscoNXOS.NxosAclInterface.acl_applied_to + description: list of interfaces the ACL is applied to + type: unknown + - contextPath: CiscoNXOS.NxosAclInterface.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Specifies which banner that should be configured on the remote + device. + name: banner + predefined: + - exec + - motd + required: true + - description: The banner text that should be present in the remote device running + configuration. This argument accepts a multiline string, with no empty lines. + Requires `state=present`. + name: text + - auto: PREDEFINED + defaultValue: present + description: Specifies whether or not the configuration is present in the current + devices active running configuration. + name: state + predefined: + - present + - absent + description: "Manage multiline banners on Cisco NXOS devices\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_banner_module.html" + name: nxos-banner + outputs: + - contextPath: CiscoNXOS.NxosBanner.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Loopback interface used for echo frames. Valid values are loopback + interface name or ''deleted''. Not supported on N5K/N6K' + name: echo_interface + - description: BFD Echo receive interval in milliseconds. + name: echo_rx_interval + - description: 'BFD interval timer values. Value must be a dict defining values + for keys (tx, min_rx, and multiplier)' + isArray: true + name: interval + - description: BFD slow rate timer in milliseconds. + name: slow_timer + - description: 'BFD delayed startup timer in seconds. Not supported on N5K/N6K/N7K' + name: startup_timer + - description: BFD IPv4 session echo receive interval in milliseconds. + name: ipv4_echo_rx_interval + - description: 'BFD IPv4 interval timer values. Value must be a dict defining + values for keys (tx, min_rx, and multiplier).' + isArray: true + name: ipv4_interval + - description: BFD IPv4 slow rate timer in milliseconds. + name: ipv4_slow_timer + - description: BFD IPv6 session echo receive interval in milliseconds. + name: ipv6_echo_rx_interval + - description: 'BFD IPv6 interval timer values. Value must be a dict defining + values for keys (tx, min_rx, and multiplier).' + isArray: true + name: ipv6_interval + - description: BFD IPv6 slow rate timer in milliseconds. + name: ipv6_slow_timer + - description: 'BFD fabricpath interval timer values. Value must be a dict defining + values for keys (tx, min_rx, and multiplier).' + isArray: true + name: fabricpath_interval + - description: BFD fabricpath slow rate timer in milliseconds. + name: fabricpath_slow_timer + - description: BFD fabricpath control vlan. + name: fabricpath_vlan + description: "Bidirectional Forwarding Detection (BFD) global-level configuration\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bfd_global_module.html" + name: nxos-bfd-global + outputs: + - contextPath: CiscoNXOS.NxosBfdGlobal.cmds + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The provided configuration + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manages BFD attributes of nxos interfaces.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_bfd_interfaces_module.html" + name: nxos-bfd-interfaces + outputs: + - contextPath: CiscoNXOS.NxosBfdInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosBfdInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosBfdInterfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: BGP autonomous system number. Valid values are String, Integer + in ASPLAIN or ASDOT notation. + name: asn + required: true + - description: Name of the VRF. The name 'default' is a valid VRF representing + the global BGP. + name: vrf + - description: Enable/Disable MED comparison on paths from different autonomous + systems. + name: bestpath_always_compare_med + - description: Enable/Disable load sharing across the providers with different + (but equal-length) AS paths. + name: bestpath_aspath_multipath_relax + - description: Enable/Disable comparison of router IDs for identical eBGP paths. + name: bestpath_compare_routerid + - description: Enable/Disable neighborid. Use this when more paths available than + max path config. + name: bestpath_compare_neighborid + - description: Enable/Disable Ignores the cost community for BGP best-path calculations. + name: bestpath_cost_community_ignore + - description: Enable/Disable enforcement of bestpath to do a MED comparison only + between paths originated within a confederation. + name: bestpath_med_confed + - description: Enable/Disable assigns the value of infinity to received routes + that do not carry the MED attribute, making these routes the least desirable. + name: bestpath_med_missing_as_worst + - description: Enable/Disable deterministic selection of the best MED pat from + among the paths from the same autonomous system. + name: bestpath_med_non_deterministic + - description: Route Reflector Cluster-ID. + name: cluster_id + - description: Routing domain confederation AS. + name: confederation_id + - description: AS confederation parameters. + name: confederation_peers + - description: Enable/Disable the batching evaluation of prefix advertisement + to all peers. + name: disable_policy_batching + - description: Enable/Disable the batching evaluation of prefix advertisements + to all peers with prefix list. + name: disable_policy_batching_ipv4_prefix_list + - description: Enable/Disable the batching evaluation of prefix advertisements + to all peers with prefix list. + name: disable_policy_batching_ipv6_prefix_list + - description: Enable/Disable enforces the neighbor autonomous system to be the + first AS number listed in the AS path attribute for eBGP. On NX-OS, this property + is only supported in the global BGP context. + name: enforce_first_as + - auto: PREDEFINED + description: Enable/Disable cli event history buffer. + name: event_history_cli + predefined: + - size_small + - size_medium + - size_large + - size_disable + - default + - auto: PREDEFINED + description: Enable/Disable detail event history buffer. + name: event_history_detail + predefined: + - size_small + - size_medium + - size_large + - size_disable + - default + - auto: PREDEFINED + description: Enable/Disable event history buffer. + name: event_history_events + predefined: + - size_small + - size_medium + - size_large + - size_disable + - default + - auto: PREDEFINED + description: Enable/Disable periodic event history buffer. + name: event_history_periodic + predefined: + - size_small + - size_medium + - size_large + - size_disable + - default + - description: Enable/Disable immediately reset the session if the link to a directly + connected BGP peer goes down. Only supported in the global BGP context. + name: fast_external_fallover + - description: Enable/Disable flush routes in RIB upon controlled restart. On + NX-OS, this property is only supported in the global BGP context. + name: flush_routes + - description: Enable/Disable graceful restart. + name: graceful_restart + - description: Enable/Disable graceful restart helper mode. + name: graceful_restart_helper + - description: Set maximum time for a restart sent to the BGP peer. + name: graceful_restart_timers_restart + - description: Set maximum time that BGP keeps the stale routes from the restarting + BGP peer. + name: graceful_restart_timers_stalepath_time + - description: Enable/Disable isolate this router from BGP perspective. + name: isolate + - description: Local AS number to be used within a VRF instance. + name: local_as + - description: Enable/Disable message logging for neighbor up/down event. + name: log_neighbor_changes + - description: Specify Maximum number of AS numbers allowed in the AS-path attribute. + Valid values are between 1 and 512. + name: maxas_limit + - description: Enable/Disable handle BGP neighbor down event, due to various reasons. + name: neighbor_down_fib_accelerate + - description: The BGP reconnection interval for dropped sessions. Valid values + are between 1 and 60. + name: reconnect_interval + - description: Router Identifier (ID) of the BGP router VRF instance. + name: router_id + - description: Administratively shutdown the BGP protocol. + name: shutdown + - description: Enable/Disable advertise only routes programmed in hardware to + peers. + name: suppress_fib_pending + - description: Specify timeout for the first best path after a restart, in seconds. + name: timer_bestpath_limit + - description: Set BGP hold timer. + name: timer_bgp_hold + - description: Set BGP keepalive timer. + name: timer_bgp_keepalive + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages BGP configuration.\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_module.html" + name: nxos-bgp + outputs: + - contextPath: CiscoNXOS.NxosBgp.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: BGP autonomous system number. Valid values are String, Integer + in ASPLAIN or ASDOT notation. + name: asn + required: true + - description: Name of the VRF. The name 'default' is a valid VRF representing + the global bgp. + name: vrf + required: true + - auto: PREDEFINED + description: Address Family Identifier. + name: afi + predefined: + - ipv4 + - ipv6 + - vpnv4 + - vpnv6 + - l2vpn + required: true + - auto: PREDEFINED + description: Sub Address Family Identifier. + name: safi + predefined: + - unicast + - multicast + - evpn + required: true + - description: Install a backup path into the forwarding table and provide prefix + independent convergence (PIC) in case of a PE-CE link failure. + name: additional_paths_install + - description: Enables the receive capability of additional paths for all of the + neighbors under this address family for which the capability has not been + disabled. + name: additional_paths_receive + - description: Configures the capability of selecting additional paths for a prefix. + Valid values are a string defining the name of the route-map. + name: additional_paths_selection + - description: Enables the send capability of additional paths for all of the + neighbors under this address family for which the capability has not been + disabled. + name: additional_paths_send + - description: Advertise evpn routes. + name: advertise_l2vpn_evpn + - description: Configure client-to-client route reflection. + name: client_to_client + - description: Specify dampen value for IGP metric-related changes, in seconds. + Valid values are integer and keyword 'default'. + name: dampen_igp_metric + - description: Enable/disable route-flap dampening. + name: dampening_state + - description: Specify decay half-life in minutes for route-flap dampening. Valid + values are integer and keyword 'default'. + name: dampening_half_time + - description: Specify max suppress time for route-flap dampening stable route. + Valid values are integer and keyword 'default'. + name: dampening_max_suppress_time + - description: Specify route reuse time for route-flap dampening. Valid values + are integer and keyword 'default'. + name: dampening_reuse_time + - description: Specify route-map for route-flap dampening. Valid values are a + string defining the name of the route-map. + name: dampening_routemap + - description: Specify route suppress time for route-flap dampening. Valid values + are integer and keyword 'default'. + name: dampening_suppress_time + - description: Default information originate. + name: default_information_originate + - description: Sets default metrics for routes redistributed into BGP. Valid values + are Integer or keyword 'default' + name: default_metric + - description: Sets the administrative distance for eBGP routes. Valid values + are Integer or keyword 'default'. + name: distance_ebgp + - description: Sets the administrative distance for iBGP routes. Valid values + are Integer or keyword 'default'. + name: distance_ibgp + - description: Sets the administrative distance for local BGP routes. Valid values + are Integer or keyword 'default'. + name: distance_local + - description: An array of route-map names which will specify prefixes to inject. + Each array entry must first specify the inject-map name, secondly an exist-map + name, and optionally the copy-attributes keyword which indicates that attributes + should be copied from the aggregate. For example [['lax_inject_map', 'lax_exist_map'], + ['nyc_inject_map', 'nyc_exist_map', 'copy-attributes'], ['fsd_inject_map', + 'fsd_exist_map']]. + name: inject_map + - description: Configures the maximum number of equal-cost paths for load sharing. + Valid value is an integer in the range 1-64. + name: maximum_paths + - description: Configures the maximum number of ibgp equal-cost paths for load + sharing. Valid value is an integer in the range 1-64. + name: maximum_paths_ibgp + - description: Networks to configure. Valid value is a list of network prefixes + to advertise. The list must be in the form of an array. Each entry in the + array must include a prefix address and an optional route-map. For example + [['10.0.0.0/16', 'routemap_LA'], ['192.168.1.1', 'Chicago'], ['192.168.2.0/24'], + ['192.168.3.0/24', 'routemap_NYC']]. + name: networks + - description: Configure a route-map for valid nexthops. Valid values are a string + defining the name of the route-map. + name: next_hop_route_map + - description: A list of redistribute directives. Multiple redistribute entries + are allowed. The list must be in the form of a nested array. the first entry + of each array defines the source-protocol to redistribute from; the second + entry defines a route-map name. A route-map is highly advised but may be optional + on some platforms, in which case it may be omitted from the array list. For + example [['direct', 'rm_direct'], ['lisp', 'rm_lisp']]. + name: redistribute + - description: Advertises only active routes to peers. + name: suppress_inactive + - description: Apply table-map to filter routes downloaded into URIB. Valid values + are a string. + name: table_map + - description: Filters routes rejected by the route-map and does not download + them to the RIB. + name: table_map_filter + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages BGP Address-family configuration.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_af_module.html" + name: nxos-bgp-af + outputs: + - contextPath: CiscoNXOS.NxosBgpAf.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: BGP autonomous system number. Valid values are string, Integer + in ASPLAIN or ASDOT notation. + name: asn + required: true + - defaultValue: default + description: Name of the VRF. The name 'default' is a valid VRF representing + the global bgp. + name: vrf + - description: Neighbor Identifier. Valid values are string. Neighbors may use + IPv4 or IPv6 notation, with or without prefix length. + name: neighbor + required: true + - description: Description of the neighbor. + name: description + - auto: PREDEFINED + description: 'Enables/Disables BFD for a given neighbor. Dependency: ''feature + bfd''' + name: bfd + predefined: + - enable + - disable + - description: Configure whether or not to check for directly connected peer. + name: connected_check + - description: Configure whether or not to negotiate capability with this neighbor. + name: capability_negotiation + - description: Configure whether or not to enable dynamic capability. + name: dynamic_capability + - description: Specify multihop TTL for a remote peer. Valid values are integers + between 2 and 255, or keyword 'default' to disable this property. + name: ebgp_multihop + - description: Specify the local-as number for the eBGP neighbor. Valid values + are String or Integer in ASPLAIN or ASDOT notation, or 'default', which means + not to configure it. + name: local_as + - auto: PREDEFINED + description: Specify whether or not to enable log messages for neighbor up/down + event. + name: log_neighbor_changes + predefined: + - enable + - disable + - inherit + - description: Specify whether or not to shut down this neighbor under memory + pressure. + name: low_memory_exempt + - description: Specify Maximum number of peers for this neighbor prefix Valid + values are between 1 and 1000, or 'default', which does not impose the limit. + Note that this parameter is accepted only on neighbors with address/prefix. + name: maximum_peers + - description: Specify the password for neighbor. Valid value is string. + name: pwd + - auto: PREDEFINED + description: Specify the encryption type the password will use. Valid values + are '3des' or 'cisco_type_7' encryption or keyword 'default'. + name: pwd_type + predefined: + - 3des + - cisco_type_7 + - default + - description: Specify Autonomous System Number of the neighbor. Valid values + are String or Integer in ASPLAIN or ASDOT notation, or 'default', which means + not to configure it. + name: remote_as + - auto: PREDEFINED + description: Specify the config to remove private AS number from outbound updates. + Valid values are 'enable' to enable this config, 'disable' to disable this + config, 'all' to remove all private AS number, or 'replace-as', to replace + the private AS number. + name: remove_private_as + predefined: + - enable + - disable + - all + - replace-as + - description: Configure to administratively shutdown this neighbor. + name: shutdown + - description: Configure to suppress 4-byte AS Capability. + name: suppress_4_byte_as + - description: Specify keepalive timer value. Valid values are integers between + 0 and 3600 in terms of seconds, or 'default', which is 60. + name: timers_keepalive + - description: Specify holdtime timer value. Valid values are integers between + 0 and 3600 in terms of seconds, or 'default', which is 180. + name: timers_holdtime + - description: Specify whether or not to only allow passive connection setup. + Valid values are 'true', 'false', and 'default', which defaults to 'false'. + This property can only be configured when the neighbor is in 'ip' address + format without prefix length. + name: transport_passive_only + - description: Specify source interface of BGP session and updates. + name: update_source + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages BGP neighbors configurations.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_neighbor_module.html" + name: nxos-bgp-neighbor + outputs: + - contextPath: CiscoNXOS.NxosBgpNeighbor.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: BGP autonomous system number. Valid values are String, Integer + in ASPLAIN or ASDOT notation. + name: asn + required: true + - defaultValue: default + description: Name of the VRF. The name 'default' is a valid VRF representing + the global bgp. + name: vrf + - description: Neighbor Identifier. Valid values are string. Neighbors may use + IPv4 or IPv6 notation, with or without prefix length. + name: neighbor + required: true + - auto: PREDEFINED + description: Address Family Identifier. + name: afi + predefined: + - ipv4 + - ipv6 + - vpnv4 + - vpnv6 + - l2vpn + required: true + - auto: PREDEFINED + description: Sub Address Family Identifier. + name: safi + predefined: + - unicast + - multicast + - evpn + required: true + - auto: PREDEFINED + description: Valid values are enable for basic command enablement; disable for + disabling the command at the neighbor af level (it adds the disable keyword + to the basic command); and inherit to remove the command at this level (the + command value is inherited from a higher BGP layer). + name: additional_paths_receive + predefined: + - enable + - disable + - inherit + - auto: PREDEFINED + description: Valid values are enable for basic command enablement; disable for + disabling the command at the neighbor af level (it adds the disable keyword + to the basic command); and inherit to remove the command at this level (the + command value is inherited from a higher BGP layer). + name: additional_paths_send + predefined: + - enable + - disable + - inherit + - description: Conditional route advertisement. This property requires two route + maps, an advertise-map and an exist-map. Valid values are an array specifying + both the advertise-map name and the exist-map name, or simply 'default' e.g. + ['my_advertise_map', 'my_exist_map']. This command is mutually exclusive with + the advertise_map_non_exist property. + name: advertise_map_exist + - description: Conditional route advertisement. This property requires two route + maps, an advertise-map and an exist-map. Valid values are an array specifying + both the advertise-map name and the non-exist-map name, or simply 'default' + e.g. ['my_advertise_map', 'my_non_exist_map']. This command is mutually exclusive + with the advertise_map_exist property. + name: advertise_map_non_exist + - description: Activate allowas-in property + name: allowas_in + - description: Max-occurrences value for allowas_in. Valid values are an integer + value or 'default'. This is mutually exclusive with allowas_in. + name: allowas_in_max + - description: Activate the as-override feature. + name: as_override + - description: Activate the default-originate feature. + name: default_originate + - description: Route-map for the default_originate property. Valid values are + a string defining a route-map name, or 'default'. This is mutually exclusive + with default_originate. + name: default_originate_route_map + - description: Disable checking of peer AS-number while advertising + name: disable_peer_as_check + - description: Valid values are a string defining a filter-list name, or 'default'. + name: filter_list_in + - description: Valid values are a string defining a filter-list name, or 'default'. + name: filter_list_out + - description: maximum-prefix limit value. Valid values are an integer value or + 'default'. + name: max_prefix_limit + - description: Optional restart interval. Valid values are an integer. Requires + max_prefix_limit. May not be combined with max_prefix_warning. + name: max_prefix_interval + - description: Optional threshold percentage at which to generate a warning. Valid + values are an integer value. Requires max_prefix_limit. + name: max_prefix_threshold + - description: Optional warning-only keyword. Requires max_prefix_limit. May not + be combined with max_prefix_interval. + name: max_prefix_warning + - description: Activate the next-hop-self feature. + name: next_hop_self + - description: Activate the next-hop-third-party feature. + name: next_hop_third_party + - description: Valid values are a string defining a prefix-list name, or 'default'. + name: prefix_list_in + - description: Valid values are a string defining a prefix-list name, or 'default'. + name: prefix_list_out + - description: Valid values are a string defining a route-map name, or 'default'. + name: route_map_in + - description: Valid values are a string defining a route-map name, or 'default'. + name: route_map_out + - description: Router reflector client. + name: route_reflector_client + - auto: PREDEFINED + description: send-community attribute. + name: send_community + predefined: + - none + - both + - extended + - standard + - default + - auto: PREDEFINED + description: Valid values are 'enable' for basic command enablement; 'always' + to add the always keyword to the basic command; and 'inherit' to remove the + command at this level (the command value is inherited from a higher BGP layer). + name: soft_reconfiguration_in + predefined: + - enable + - always + - inherit + - description: Site-of-origin. Valid values are a string defining a VPN extcommunity + or 'default'. + name: soo + - description: suppress-inactive feature. + name: suppress_inactive + - description: unsuppress-map. Valid values are a string defining a route-map + name or 'default'. + name: unsuppress_map + - description: Weight value. Valid values are an integer value or 'default'. + name: weight + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages BGP address-family's neighbors configuration.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_neighbor_af_module.html" + name: nxos-bgp-neighbor-af + outputs: + - contextPath: CiscoNXOS.NxosBgpNeighborAf.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The commands to send to the remote NXOS device. The resulting + output from the command is returned. If the `wait_for` argument is provided, + the module is not returned until the condition is satisfied or the number + of retires as expired. The `commands` argument also accepts an alternative + form that allows for complex values that specify the command to run and the + output format to return. This can be done on a command by command basis. The + complex argument supports the keywords `command` and `output` where `command` + is the command to run and `output` is one of ''text'' or ''json''.' + name: commands + required: true + - description: Specifies what to evaluate from the output of the command and what + conditionals to apply. This argument will cause the task to wait for a particular + conditional to be true before moving forward. If the conditional is not + true by the configured retries, the task fails. See examples. + name: wait_for + - defaultValue: all + description: The `match` argument is used in conjunction with the `wait_for` + argument to specify the match policy. Valid values are `all` or `any`. If + the value is set to `all` then all conditionals in the `wait_for` must be + satisfied. If the value is set to `any` then only one of the values must + be satisfied. + name: match + - defaultValue: '10' + description: Specifies the number of retries a command should by tried before + it is considered failed. The command is run on the target device every retry + and evaluated against the `wait_for` conditionals. + name: retries + - defaultValue: '1' + description: Configures the interval in seconds to wait between retries of the + command. If the command does not pass the specified conditional, the interval + indicates how to long to wait before trying the command again. + name: interval + description: "Run arbitrary command on Cisco NXOS devices\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_command_module.html" + name: nxos-command + outputs: + - contextPath: CiscoNXOS.NxosCommand.stdout + description: The set of responses from the commands + type: unknown + - contextPath: CiscoNXOS.NxosCommand.stdout_lines + description: The value of stdout split into a list + type: unknown + - contextPath: CiscoNXOS.NxosCommand.failed_conditions + description: The list of conditionals that have failed + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The ordered set of commands that should be configured in the section. The + commands must be the exact same commands as found in the device running-config. Be + sure to note the configuration command syntax as some commands are automatically + modified by the device config parser. + name: lines + - description: The ordered set of parents that uniquely identify the section or + hierarchy the commands should be checked against. If the parents argument + is omitted, the commands are checked against the set of top level or global + commands. + name: parents + - description: The `src` argument provides a path to the configuration file to + load into the remote system. The path can either be a full system path to + the configuration file if the value starts with / or relative to the root + of the implemented role or playbook. This argument is mutually exclusive with + the `lines` and `parents` arguments. + name: src + - description: The `replace_src` argument provides path to the configuration file + to load into the remote system. This argument is used to replace the entire + config with a flat-file. This is used with argument `replace` with value `config`. + This is mutually exclusive with the `lines` and `src` arguments. This argument + is supported on Nexus 9K device. Use `nxos_file_copy` module to copy the flat + file to remote device and then use the path with this argument. + name: replace_src + - description: The ordered set of commands to push on to the command stack if + a change needs to be made. This allows the playbook designer the opportunity + to perform configuration commands prior to pushing any changes without affecting + how the set of commands are matched against the system. + name: before + - description: The ordered set of commands to append to the end of the command + stack if a change needs to be made. Just like with `before` this allows the + playbook designer to append a set of commands to be executed after the command + set. + name: after + - auto: PREDEFINED + defaultValue: line + description: Instructs the module on the way to perform the matching of the + set of commands against the current device config. If match is set to `line`, + commands are matched line by line. If match is set to `strict`, command lines + are matched with respect to position. If match is set to `exact`, command + lines must be an equal match. Finally, if match is set to `none`, the module + will not attempt to compare the source configuration with the running configuration + on the remote device. + name: match + predefined: + - line + - strict + - exact + - none + - auto: PREDEFINED + defaultValue: line + description: Instructs the module on the way to perform the configuration on + the device. If the replace argument is set to `line` then the modified lines + are pushed to the device in configuration mode. If the replace argument is + set to `block` then the entire command block is pushed to the device in configuration + mode if any line is not correct. replace `config` is supported only on Nexus + 9K device. + name: replace + predefined: + - line + - block + - config + - defaultValue: 'no' + description: This argument will cause the module to create a full backup of + the current `running-config` from the remote device before any changes are + made. If the `backup_options` value is not given, the backup file is written + to the `backup` folder in the playbook root directory or role root directory, + if playbook is part of an ansible role. If the directory does not exist, it + is created. + name: backup + - description: The module, by default, will connect to the remote device and retrieve + the current running-config to use as a base for comparing against the contents + of source. There are times when it is not desirable to have the task get + the current running-config for every task in a playbook. The `running_config` + argument allows the implementer to pass in the configuration to use as the + base config for comparison. + name: running_config + - defaultValue: 'no' + description: The `defaults` argument will influence how the running-config is + collected from the device. When the value is set to true, the command used + to collect the running-config is append with the all keyword. When the value + is set to false, the command is issued without the all keyword + name: defaults + - auto: PREDEFINED + defaultValue: never + description: When changes are made to the device running-configuration, the + changes are not copied to non-volatile storage by default. Using this argument + will change that before. If the argument is set to `always`, then the running-config + will always be copied to the startup-config and the `modified` flag will always + be set to True. If the argument is set to `modified`, then the running-config + will only be copied to the startup-config if it has changed since the last + save to startup-config. If the argument is set to `never`, the running-config + will never be copied to the startup-config. If the argument is set to `changed`, + then the running-config will only be copied to the startup-config if the task + has made a change. `changed` was added in Ansible 2.6. + name: save_when + predefined: + - always + - never + - modified + - changed + - auto: PREDEFINED + defaultValue: startup + description: 'When using the `ansible-playbook --diff` command line argument + the module can generate diffs against different sources. When this option + is configure as `startup`, the module will return the diff of the running-config + against the startup-config. When this option is configured as `intended`, + the module will return the diff of the running-config against the configuration + provided in the `intended_config` argument. When this option is configured + as `running`, the module will return the before and after diff of the running-config + with respect to any changes made to the device configuration.' + name: diff_against + predefined: + - startup + - intended + - running + - description: Use this argument to specify one or more lines that should be ignored + during the diff. This is used for lines in the configuration that are automatically + updated by the system. This argument takes a list of regular expressions + or exact line matches. + name: diff_ignore_lines + - description: The `intended_config` provides the master configuration that the + node should conform to and is used to check the final running-config against. This + argument will not modify any settings on the remote device and is strictly + used to check the compliance of the current device's configuration against. When + specifying this argument, the task should also modify the `diff_against` value + and set it to `intended`. + name: intended_config + - description: This is a dict object containing configurable options related to + backup file path. The value of this option is read only when `backup` is set + to `True`, if `backup` is set to `false` this option will be silently ignored. + isArray: true + name: backup_options + description: "Manage Cisco NXOS configuration sections\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_config_module.html" + name: nxos-config + outputs: + - contextPath: CiscoNXOS.NxosConfig.commands + description: The set of commands that will be pushed to the remote device + type: unknown + - contextPath: CiscoNXOS.NxosConfig.updates + description: The set of commands that will be pushed to the remote device + type: unknown + - contextPath: CiscoNXOS.NxosConfig.backup_path + description: The full path to the backup file + type: string + - contextPath: CiscoNXOS.NxosConfig.filename + description: The name of the backup file + type: string + - contextPath: CiscoNXOS.NxosConfig.shortname + description: The full path to the backup file excluding the timestamp + type: string + - contextPath: CiscoNXOS.NxosConfig.date + description: The date extracted from the backup file name + type: string + - contextPath: CiscoNXOS.NxosConfig.time + description: The time extracted from the backup file name + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: EVPN control plane. + name: nv_overlay_evpn + required: true + description: "Handles the EVPN control plane for VXLAN.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_evpn_global_module.html" + name: nxos-evpn-global + outputs: + - contextPath: CiscoNXOS.NxosEvpnGlobal.commands + description: The set of commands to be sent to the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The EVPN VXLAN Network Identifier. + name: vni + required: true + - description: The VPN Route Distinguisher (RD). The RD is combined with the IPv4 + or IPv6 prefix learned by the PE router to create a globally unique address. + name: route_distinguisher + required: true + - description: Enables/Disables route-target settings for both import and export + target communities using a single property. + name: route_target_both + - description: Sets the route-target 'import' extended communities. + name: route_target_import + - description: Sets the route-target 'export' extended communities. + name: route_target_export + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages Cisco EVPN VXLAN Network Identifier (VNI).\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_evpn_vni_module.html" + name: nxos-evpn-vni + outputs: + - contextPath: CiscoNXOS.NxosEvpnVni.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '!config' + description: When supplied, this argument will restrict the facts collected + to a given subset. Possible values for this argument include all, hardware, + config, legacy, and interfaces. Can specify a list of values to include a + larger subset. Values can also be used with an initial `M(!`) to specify + that a specific subset should not be collected. + name: gather_subset + - description: When supplied, this argument will restrict the facts collected + to a given subset. Possible values for this argument include all and the resources + like interfaces, vlans etc. Can specify a list of values to include a larger + subset. Values can also be used with an initial `M(!`) to specify that a specific + subset should not be collected. Valid subsets are 'all', 'bfd_interfaces', + 'lag_interfaces', 'telemetry', 'vlans', 'lacp', 'lacp_interfaces', 'interfaces', + 'l3_interfaces', 'l2_interfaces', 'lldp_global'. + name: gather_network_resources + description: "Gets facts about NX-OS switches\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_facts_module.html" + name: nxos-facts + outputs: + - contextPath: CiscoNXOS.NxosFacts.ansible_net_gather_subset + description: The list of fact subsets collected from the device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.ansible_net_gather_network_resources + description: The list of fact for network resource subsets collected from the + device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.ansible_net_model + description: The model name returned from the device + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_serialnum + description: The serial number of the remote device + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_version + description: The operating system version running on the remote device + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_hostname + description: The configured hostname of the device + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_image + description: The image file the device is running + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_api + description: The name of the transport + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_license_hostid + description: The License host id of the device + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_python_version + description: The Python version Ansible controller is using + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_filesystems + description: All file system names available on the device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.ansible_net_memfree_mb + description: The available free memory on the remote device in Mb + type: number + - contextPath: CiscoNXOS.NxosFacts.ansible_net_memtotal_mb + description: The total memory on the remote device in Mb + type: number + - contextPath: CiscoNXOS.NxosFacts.ansible_net_config + description: The current active config from the device + type: string + - contextPath: CiscoNXOS.NxosFacts.ansible_net_all_ipv4_addresses + description: All IPv4 addresses configured on the device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.ansible_net_all_ipv6_addresses + description: All IPv6 addresses configured on the device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.ansible_net_interfaces + description: A hash of all interfaces running on the system + type: unknown + - contextPath: CiscoNXOS.NxosFacts.ansible_net_neighbors + description: The list of LLDP and CDP neighbors from the device. If both, CDP + and LLDP neighbor data is present on one port, CDP is preferred. + type: unknown + - contextPath: CiscoNXOS.NxosFacts.fan_info + description: A hash of facts about fans in the remote device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.hostname + description: The configured hostname of the remote device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.interfaces_list + description: The list of interface names on the remote device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.kickstart + description: The software version used to boot the system + type: string + - contextPath: CiscoNXOS.NxosFacts.module + description: A hash of facts about the modules in a remote device + type: unknown + - contextPath: CiscoNXOS.NxosFacts.platform + description: The hardware platform reported by the remote device + type: string + - contextPath: CiscoNXOS.NxosFacts.power_supply_info + description: A hash of facts about the power supplies in the remote device + type: string + - contextPath: CiscoNXOS.NxosFacts.vlan_list + description: The list of VLAN IDs configured on the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of feature. + name: feature + required: true + - auto: PREDEFINED + defaultValue: enabled + description: Desired state of the feature. + name: state + predefined: + - enabled + - disabled + description: "Manage features in NX-OS switches.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_feature_module.html" + name: nxos-feature + outputs: + - contextPath: CiscoNXOS.NxosFeature.commands + description: The set of commands to be sent to the remote device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: When `system_mode_maintenance=true` it puts all enabled protocols + in maintenance mode (using the isolate command). When `system_mode_maintenance=false` + it puts all enabled protocols in normal mode (using the no isolate command). + name: system_mode_maintenance + - description: When `system_mode_maintenance_dont_generate_profile=true` it prevents + the dynamic searching of enabled protocols and executes commands configured + in a maintenance-mode profile. Use this option if you want the system to use + a maintenance-mode profile that you have created. When `system_mode_maintenance_dont_generate_profile=false` + it prevents the dynamic searching of enabled protocols and executes commands + configured in a normal-mode profile. Use this option if you want the system + to use a normal-mode profile that you have created. + name: system_mode_maintenance_dont_generate_profile + - description: Keeps the switch in maintenance mode for a specified number of + minutes. Range is 5-65535. + name: system_mode_maintenance_timeout + - description: Shuts down all protocols, vPC domains, and interfaces except the + management interface (using the shutdown command). This option is disruptive + while `system_mode_maintenance` (which uses the isolate command) is not. + name: system_mode_maintenance_shutdown + - auto: PREDEFINED + description: Boots the switch into maintenance mode automatically in the event + of a specified system crash. Note that not all reset reasons are applicable + for all platforms. Also if reset reason is set to match_any, it is not idempotent + as it turns on all reset reasons. If reset reason is match_any and state is + absent, it turns off all the reset reasons. + name: system_mode_maintenance_on_reload_reset_reason + predefined: + - hw_error + - svc_failure + - kern_failure + - wdog_timeout + - fatal_error + - lc_failure + - match_any + - manual_reload + - any_other + - maintenance + - auto: PREDEFINED + defaultValue: present + description: Specify desired state of the resource. + name: state + predefined: + - present + - absent + required: true + description: "Trigger a graceful removal or insertion (GIR) of the switch.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_gir_module.html" + name: nxos-gir + outputs: + - contextPath: CiscoNXOS.NxosGir.final_system_mode + description: describe the last system mode + type: string + - contextPath: CiscoNXOS.NxosGir.updates + description: commands sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosGir.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: List of commands to be included into the profile. + name: commands + - auto: PREDEFINED + description: Configure the profile as Maintenance or Normal mode. + name: mode + predefined: + - maintenance + - normal + required: true + - auto: PREDEFINED + defaultValue: present + description: Specify desired state of the resource. + name: state + predefined: + - present + - absent + description: "Create a maintenance-mode or normal-mode profile for GIR.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_gir_profile_management_module.html" + name: nxos-gir-profile-management + outputs: + - contextPath: CiscoNXOS.NxosGirProfileManagement.proposed + description: list of commands passed into module. + type: unknown + - contextPath: CiscoNXOS.NxosGirProfileManagement.existing + description: list of existing profile commands. + type: unknown + - contextPath: CiscoNXOS.NxosGirProfileManagement.end_state + description: list of profile entries after module execution. + type: unknown + - contextPath: CiscoNXOS.NxosGirProfileManagement.updates + description: commands sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosGirProfileManagement.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: HSRP group number. + name: group + required: true + - description: Full name of interface that is being managed for HSRP. + name: interface + required: true + - auto: PREDEFINED + defaultValue: '1' + description: HSRP version. + name: version + predefined: + - '1' + - '2' + - description: HSRP priority or keyword 'default'. + name: priority + - auto: PREDEFINED + description: Enable/Disable preempt. + name: preempt + predefined: + - enabled + - disabled + - description: HSRP virtual IP address or keyword 'default' + name: vip + - description: Authentication string. If this needs to be hidden(for md5 type), + the string should be 7 followed by the key string. Otherwise, it can be 0 + followed by key string or just key string (for backward compatibility). For + text type, this should be just be a key string. if this is 'default', authentication + is removed. + name: auth_string + - auto: PREDEFINED + description: Authentication type. + name: auth_type + predefined: + - text + - md5 + - auto: PREDEFINED + defaultValue: present + description: Specify desired state of the resource. + name: state + predefined: + - present + - absent + description: "Manages HSRP configuration on NX-OS switches.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_hsrp_module.html" + name: nxos-hsrp + outputs: + - contextPath: CiscoNXOS.NxosHsrp.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Removes routes when the IGMP process is restarted. By default, + routes are not flushed. + name: flush_routes + - description: Enables or disables the enforce router alert option check for IGMPv2 + and IGMPv3 packets. + name: enforce_rtr_alert + - description: Restarts the igmp process (using an exec config command). + name: restart + - auto: PREDEFINED + defaultValue: present + description: Manages desired state of the resource. + name: state + predefined: + - present + - default + description: "Manages IGMP global configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_igmp_module.html" + name: nxos-igmp + outputs: + - contextPath: CiscoNXOS.NxosIgmp.updates + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The full interface name for IGMP configuration. e.g. `Ethernet1/2`. + name: interface + required: true + - auto: PREDEFINED + description: IGMP version. It can be 2 or 3 or keyword 'default'. + name: version + predefined: + - '2' + - '3' + - default + - description: Query interval used when the IGMP process starts up. The range + is from 1 to 18000 or keyword 'default'. The default is 31. + name: startup_query_interval + - description: Query count used when the IGMP process starts up. The range is + from 1 to 10 or keyword 'default'. The default is 2. + name: startup_query_count + - description: Sets the robustness variable. Values can range from 1 to 7 or keyword + 'default'. The default is 2. + name: robustness + - description: Sets the querier timeout that the software uses when deciding to + take over as the querier. Values can range from 1 to 65535 seconds or keyword + 'default'. The default is 255 seconds. + name: querier_timeout + - description: Sets the response time advertised in IGMP queries. Values can range + from 1 to 25 seconds or keyword 'default'. The default is 10 seconds. + name: query_mrt + - description: Sets the frequency at which the software sends IGMP host query + messages. Values can range from 1 to 18000 seconds or keyword 'default'. The + default is 125 seconds. + name: query_interval + - description: Sets the query interval waited after sending membership reports + before the software deletes the group state. Values can range from 1 to 25 + seconds or keyword 'default'. The default is 1 second. + name: last_member_qrt + - description: Sets the number of times that the software sends an IGMP query + in response to a host leave message. Values can range from 1 to 5 or keyword + 'default'. The default is 2. + name: last_member_query_count + - description: Sets the group membership timeout for IGMPv2. Values can range + from 3 to 65,535 seconds or keyword 'default'. The default is 260 seconds. + name: group_timeout + - description: Configures report-link-local-groups. Enables sending reports for + groups in 224.0.0.0/24. Reports are always sent for nonlink local groups. + By default, reports are not sent for link local groups. + name: report_llg + - description: Enables the device to remove the group entry from the multicast + routing table immediately upon receiving a leave message for the group. Use + this command to minimize the leave latency of IGMPv2 group memberships on + a given IGMP interface because the device does not send group-specific queries. + The default is disabled. + name: immediate_leave + - description: Configure a routemap for static outgoing interface (OIF) or keyword + 'default'. + name: oif_routemap + - description: This argument is deprecated, please use oif_ps instead. Configure + a prefix for static outgoing interface (OIF). + name: oif_prefix + - description: This argument is deprecated, please use oif_ps instead. Configure + a source for static outgoing interface (OIF). + name: oif_source + - description: Configure prefixes and sources for static outgoing interface (OIF). + This is a list of dict where each dict has source and prefix defined or just + prefix if source is not needed. The specified values will be configured on + the device and if any previous prefix/sources exist, they will be removed. + Keyword 'default' is also accepted which removes all existing prefix/sources. + name: oif_ps + - auto: PREDEFINED + defaultValue: 'No' + description: Restart IGMP. This is NOT idempotent as this is action only. + name: restart + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: Manages desired state of the resource. + name: state + predefined: + - present + - absent + - default + description: "Manages IGMP interface configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_igmp_interface_module.html" + name: nxos-igmp-interface + outputs: + - contextPath: CiscoNXOS.NxosIgmpInterface.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosIgmpInterface.existing + description: k/v pairs of existing igmp_interface configuration + type: unknown + - contextPath: CiscoNXOS.NxosIgmpInterface.end_state + description: k/v pairs of igmp interface configuration after module execution + type: unknown + - contextPath: CiscoNXOS.NxosIgmpInterface.updates + description: commands sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosIgmpInterface.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Enables/disables IGMP snooping on the switch. + name: snooping + - description: Group membership timeout value for all VLANs on the device. Accepted + values are integer in range 1-10080, `never` and `default`. + name: group_timeout + - description: Global link-local groups suppression. + name: link_local_grp_supp + - description: Global IGMPv1/IGMPv2 Report Suppression. + name: report_supp + - description: Global IGMPv3 Report Suppression and Proxy Reporting. + name: v3_report_supp + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - default + description: "Manages IGMP snooping global configuration.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_igmp_snooping_module.html" + name: nxos-igmp-snooping + outputs: + - contextPath: CiscoNXOS.NxosIgmpSnooping.commands + description: command sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the system (or combined) image file on flash. + name: system_image_file + required: true + - description: Name of the kickstart image file on flash. (Not required on all + Nexus platforms) + name: kickstart_image_file + - auto: PREDEFINED + defaultValue: 'no' + description: 'Upgrade using In Service Software Upgrade (ISSU). (Supported on + N5k, N7k, N9k platforms) Selecting ''required'' or ''yes'' means that upgrades + will only proceed if the switch is capable of ISSU. Selecting ''desired'' + means that upgrades will use ISSU if possible but will fall back to disruptive + upgrade if needed. Selecting ''no'' means do not use ISSU. Forced disruptive.' + name: issu + predefined: + - required + - desired + - 'yes' + - 'no' + description: "Set boot options like boot, kickstart image and issu.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_install_os_module.html" + name: nxos-install-os + outputs: + - contextPath: CiscoNXOS.NxosInstallOs.install_state + description: Boot and install information. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of this cisco_interface resource. Valid value is a string. + name: interface + required: true + - description: Name of the ospf instance. + name: ospf + required: true + - description: Ospf area associated with this cisco_interface_ospf instance. Valid + values are a string, formatted as an IP address (i.e. "0.0.0.0") or as an + integer. + name: area + required: true + - auto: PREDEFINED + description: 'Enables bfd at interface level. This overrides the bfd variable + set at the ospf router level. Valid values are ''enable'', ''disable'' or + ''default''. Dependency: ''feature bfd''' + name: bfd + predefined: + - enable + - disable + - default + - description: The cost associated with this cisco_interface_ospf instance. + name: cost + - description: Time between sending successive hello packets. Valid values are + an integer or the keyword 'default'. + name: hello_interval + - description: Time interval an ospf neighbor waits for a hello packet before + tearing down adjacencies. Valid values are an integer or the keyword 'default'. + name: dead_interval + - description: Enable or disable passive-interface state on this interface. true + - (enable) Prevent OSPF from establishing an adjacency or sending routing + updates on this interface. false - (disable) Override global 'passive-interface + default' for this interface. + name: passive_interface + - auto: PREDEFINED + description: Specifies interface ospf network type. Valid values are 'point-to-point' + or 'broadcast'. + name: network + predefined: + - point-to-point + - broadcast + - description: Enables or disables the usage of message digest authentication. + name: message_digest + - description: Md5 authentication key-id associated with the ospf instance. If + this is present, message_digest_encryption_type, message_digest_algorithm_type + and message_digest_password are mandatory. Valid value is an integer and 'default'. + name: message_digest_key_id + - auto: PREDEFINED + description: Algorithm used for authentication among neighboring routers within + an area. Valid values are 'md5' and 'default'. + name: message_digest_algorithm_type + predefined: + - md5 + - default + - auto: PREDEFINED + description: Specifies the scheme used for encrypting message_digest_password. + Valid values are '3des' or 'cisco_type_7' encryption or 'default'. + name: message_digest_encryption_type + predefined: + - cisco_type_7 + - 3des + - default + - description: Specifies the message_digest password. Valid value is a string. + name: message_digest_password + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages configuration of an OSPF interface instance.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_interface_ospf_module.html" + name: nxos-interface-ospf + outputs: + - contextPath: CiscoNXOS.NxosInterfaceOspf.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of interface options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manages interface attributes of NX-OS Interfaces\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_interfaces_module.html" + name: nxos-interfaces + outputs: + - contextPath: CiscoNXOS.NxosInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosInterfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of Layer-2 interface options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion. + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manages Layer-2 Interfaces attributes of NX-OS Interfaces\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_l2_interfaces_module.html" + name: nxos-l2-interfaces + outputs: + - contextPath: CiscoNXOS.NxosL2Interfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosL2Interfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosL2Interfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of Layer-3 interface options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion. + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manages Layer-3 Interfaces attributes of NX-OS Interfaces\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_l3_interfaces_module.html" + name: nxos-l3-interfaces + outputs: + - contextPath: CiscoNXOS.NxosL3Interfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosL3Interfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosL3Interfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: LACP global options. + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion. + name: state + predefined: + - merged + - replaced + - deleted + description: "Manage Global Link Aggregation Control Protocol (LACP) on Cisco\ + \ NX-OS devices.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lacp_module.html" + name: nxos-lacp + outputs: + - contextPath: CiscoNXOS.NxosLacp.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosLacp.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosLacp.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of LACP interfaces options. + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion. + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manage Link Aggregation Control Protocol (LACP) attributes of interfaces\ + \ on Cisco NX-OS devices.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lacp_interfaces_module.html" + name: nxos-lacp-interfaces + outputs: + - contextPath: CiscoNXOS.NxosLacpInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosLacpInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosLacpInterfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A list of link aggregation group configurations. + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion. + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Manages link aggregation groups of NX-OS Interfaces\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_lag_interfaces_module.html" + name: nxos-lag-interfaces + outputs: + - contextPath: CiscoNXOS.NxosLagInterfaces.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosLagInterfaces.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosLagInterfaces.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the LLDP configuration. If value is `present` lldp will + be enabled else if it is `absent` it will be disabled. + name: state + predefined: + - present + - absent + description: "Manage LLDP configuration on Cisco NXOS network devices.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lldp_module.html" + name: nxos-lldp + outputs: + - contextPath: CiscoNXOS.NxosLldp.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A list of link layer discovery configurations + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion + name: state + predefined: + - merged + - replaced + - deleted + description: "Configure and manage Link Layer Discovery Protocol(LLDP) attributes\ + \ on NX-OS platforms.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lldp_global_module.html" + name: nxos-lldp-global + outputs: + - contextPath: CiscoNXOS.NxosLldpGlobal.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosLldpGlobal.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosLldpGlobal.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Destination of the logs. + name: dest + predefined: + - console + - logfile + - module + - monitor + - server + - description: Hostname or IP Address for remote logging (when dest is 'server'). + name: remote_server + - description: VRF to be used while configuring remote logging (when dest is 'server'). + name: use_vrf + - description: Interface to be used while configuring source-interface for logging + (e.g., 'Ethernet1/2', 'mgmt0') + name: interface + - description: If value of `dest` is `logfile` it indicates file-name. + name: name + - description: Facility name for logging. + name: facility + - description: Set logging severity levels. + name: dest_level + - description: Set logging severity levels for facility based log messages. + name: facility_level + - description: List of logging definitions. + name: aggregate + - auto: PREDEFINED + defaultValue: present + description: State of the logging configuration. + name: state + predefined: + - present + - absent + - auto: PREDEFINED + description: Link/trunk enable/default interface configuration logging + name: event + predefined: + - link-enable + - link-default + - trunk-enable + - trunk-default + - auto: PREDEFINED + description: Add interface description to interface syslogs. Does not work with + version 6.0 images using nxapi as a transport. + name: interface_message + predefined: + - add-interface-description + - description: Set logfile size + name: file_size + - auto: PREDEFINED + description: Set logging facility ethpm link status. Not idempotent with version + 6.0 images. + name: facility_link_status + predefined: + - link-down-notif + - link-down-error + - link-up-notif + - link-up-error + - auto: PREDEFINED + description: Set logging timestamp format + name: timestamp + predefined: + - microseconds + - milliseconds + - seconds + - auto: PREDEFINED + defaultValue: 'No' + description: Remove any switch logging configuration that does not match what + has been configured Not supported for ansible_connection local. All nxos_logging + tasks must use the same ansible_connection type. + name: purge + predefined: + - 'Yes' + - 'No' + description: "Manage logging on network devices\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_logging_module.html" + name: nxos-logging + outputs: + - contextPath: CiscoNXOS.NxosLogging.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Network address of NTP server. + name: server + - description: Network address of NTP peer. + name: peer + - description: Authentication key identifier to use with given NTP server or peer + or keyword 'default'. + name: key_id + - auto: PREDEFINED + description: Makes given NTP server or peer the preferred NTP server or peer + for the device. + name: prefer + predefined: + - enabled + - disabled + - description: Makes the device communicate with the given NTP server or peer + over a specific VRF or keyword 'default'. + name: vrf_name + - description: Local source address from which NTP messages are sent or keyword + 'default' + name: source_addr + - description: Local source interface from which NTP messages are sent. Must be + fully qualified interface name or keyword 'default' + name: source_int + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages core NTP configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_ntp_module.html" + name: nxos-ntp + outputs: + - contextPath: CiscoNXOS.NxosNtp.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosNtp.existing + description: k/v pairs of existing ntp server/peer + type: unknown + - contextPath: CiscoNXOS.NxosNtp.end_state + description: k/v pairs of ntp info after module execution + type: unknown + - contextPath: CiscoNXOS.NxosNtp.updates + description: command sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosNtp.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Authentication key identifier (numeric). + name: key_id + - description: MD5 String. + name: md5string + - auto: PREDEFINED + defaultValue: text + description: Whether the given md5string is in cleartext or has been encrypted. + If in cleartext, the device will encrypt it before storing it. + name: auth_type + predefined: + - text + - encrypt + - auto: PREDEFINED + defaultValue: 'false' + description: Whether the given key is required to be supplied by a time source + for the device to synchronize to the time source. + name: trusted_key + predefined: + - 'false' + - 'true' + - auto: PREDEFINED + description: Turns NTP authentication on or off. + name: authentication + predefined: + - 'on' + - 'off' + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages NTP authentication.\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/nxos_ntp_auth_module.html" + name: nxos-ntp-auth + outputs: + - contextPath: CiscoNXOS.NxosNtpAuth.commands + description: command sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Sets whether the device is an authoritative NTP server. + name: master + - description: If `master=true`, an optional stratum can be supplied (1-15). The + device default is 8. + name: stratum + - description: Sets whether NTP logging is enabled on the device. + name: logging + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages NTP options.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_ntp_options_module.html" + name: nxos-ntp-options + outputs: + - contextPath: CiscoNXOS.NxosNtpOptions.updates + description: command sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '80' + description: Configure the port with which the HTTP server will listen on for + requests. By default, NXAPI will bind the HTTP service to the standard HTTP + port 80. This argument accepts valid port values in the range of 1 to 65535. + name: http_port + - auto: PREDEFINED + defaultValue: 'Yes' + description: Controls the operating state of the HTTP protocol as one of the + underlying transports for NXAPI. By default, NXAPI will enable the HTTP transport + when the feature is first configured. To disable the use of the HTTP transport, + set the value of this argument to False. + name: http + predefined: + - 'Yes' + - 'No' + - defaultValue: '443' + description: Configure the port with which the HTTPS server will listen on for + requests. By default, NXAPI will bind the HTTPS service to the standard HTTPS + port 443. This argument accepts valid port values in the range of 1 to 65535. + name: https_port + - auto: PREDEFINED + defaultValue: 'No' + description: Controls the operating state of the HTTPS protocol as one of the + underlying transports for NXAPI. By default, NXAPI will disable the HTTPS + transport when the feature is first configured. To enable the use of the + HTTPS transport, set the value of this argument to True. + name: https + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: The NXAPI feature provides a web base UI for developers for entering + commands. This feature is initially disabled when the NXAPI feature is configured + for the first time. When the `sandbox` argument is set to True, the developer + sandbox URL will accept requests and when the value is set to False, the sandbox + URL is unavailable. This is supported on NX-OS 7K series. + name: sandbox + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: The `state` argument controls whether or not the NXAPI feature + is configured on the remote device. When the value is `present` the NXAPI + feature configuration is present in the device running-config. When the values + is `absent` the feature configuration is removed from the running-config. + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: 'No' + description: Controls the use of whether strong or weak ciphers are configured. + By default, this feature is disabled and weak ciphers are configured. To + enable the use of strong ciphers, set the value of this argument to True. + name: ssl_strong_ciphers + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Controls the use of the Transport Layer Security version 1.0 is + configured. By default, this feature is enabled. To disable the use of TLSV1.0, + set the value of this argument to True. + name: tlsv1_0 + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Controls the use of the Transport Layer Security version 1.1 is + configured. By default, this feature is disabled. To enable the use of TLSV1.1, + set the value of this argument to True. + name: tlsv1_1 + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Controls the use of the Transport Layer Security version 1.2 is + configured. By default, this feature is disabled. To enable the use of TLSV1.2, + set the value of this argument to True. + name: tlsv1_2 + predefined: + - 'Yes' + - 'No' + description: "Manage NXAPI configuration on an NXOS device.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_nxapi_module.html" + name: nxos-nxapi + outputs: + - contextPath: CiscoNXOS.NxosNxapi.updates + description: Returns the list of commands that need to be pushed into the remote + device to satisfy the arguments + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the ospf instance. + name: ospf + required: true + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages configuration of an ospf instance.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_ospf_module.html" + name: nxos-ospf + outputs: + - contextPath: CiscoNXOS.NxosOspf.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: default + description: Name of the resource instance. Valid value is a string. The name + 'default' is a valid VRF representing the global OSPF. + name: vrf + - description: Name of the OSPF instance. + name: ospf + required: true + - description: Router Identifier (ID) of the OSPF router VRF instance. + name: router_id + - description: Specify the default Metric value. Valid values are an integer or + the keyword 'default'. + name: default_metric + - auto: PREDEFINED + description: Controls the level of log messages generated whenever a neighbor + changes state. Valid values are 'log', 'detail', and 'default'. + name: log_adjacency + predefined: + - log + - detail + - default + - description: Specify the start interval for rate-limiting Link-State Advertisement + (LSA) generation. Valid values are an integer, in milliseconds, or the keyword + 'default'. + name: timer_throttle_lsa_start + - description: Specify the hold interval for rate-limiting Link-State Advertisement + (LSA) generation. Valid values are an integer, in milliseconds, or the keyword + 'default'. + name: timer_throttle_lsa_hold + - description: Specify the max interval for rate-limiting Link-State Advertisement + (LSA) generation. Valid values are an integer, in milliseconds, or the keyword + 'default'. + name: timer_throttle_lsa_max + - description: Specify initial Shortest Path First (SPF) schedule delay. Valid + values are an integer, in milliseconds, or the keyword 'default'. + name: timer_throttle_spf_start + - description: Specify minimum hold time between Shortest Path First (SPF) calculations. + Valid values are an integer, in milliseconds, or the keyword 'default'. + name: timer_throttle_spf_hold + - description: Specify the maximum wait time between Shortest Path First (SPF) + calculations. Valid values are an integer, in milliseconds, or the keyword + 'default'. + name: timer_throttle_spf_max + - description: Specifies the reference bandwidth used to assign OSPF cost. Valid + values are an integer, in Mbps, or the keyword 'default'. + name: auto_cost + - auto: PREDEFINED + description: 'Enables BFD on all OSPF interfaces. Dependency: ''feature bfd''' + name: bfd + predefined: + - enable + - disable + - description: Setting to `yes` will suppress routing update on interface. + name: passive_interface + - auto: PREDEFINED + defaultValue: present + description: State of ospf vrf configuration. + name: state + predefined: + - present + - absent + description: "Manages a VRF for an OSPF router.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_ospf_vrf_module.html" + name: nxos-ospf-vrf + outputs: + - contextPath: CiscoNXOS.NxosOspfVrf.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Anycast gateway mac of the switch. + name: anycast_gateway_mac + required: true + description: "Configures anycast gateway MAC of the switch.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_overlay_global_module.html" + name: nxos-overlay-global + outputs: + - contextPath: CiscoNXOS.NxosOverlayGlobal.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: 'Enables BFD on all PIM interfaces. Dependency: ''feature bfd''' + name: bfd + predefined: + - enable + - disable + - description: Configure group ranges for Source Specific Multicast (SSM). Valid + values are multicast addresses or the keyword `none` or keyword `default`. + `none` removes all SSM group ranges. `default` will set ssm_range to the default + multicast address. If you set multicast address, please ensure that it is + not the same as the `default`, otherwise use the `default` option. + name: ssm_range + required: true + description: "Manages configuration of a PIM instance.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_pim_module.html" + name: nxos-pim + outputs: + - contextPath: CiscoNXOS.NxosPim.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Full name of the interface such as Ethernet1/33. + name: interface + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Enable/disable sparse-mode on the interface. + name: sparse + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: 'Enables BFD for PIM at the interface level. This overrides the + bfd variable set at the pim global level. Valid values are ''enable'', ''disable'' + or ''default''. Dependency: ''feature bfd''' + name: bfd + predefined: + - enable + - disable + - default + - description: Configures priority for PIM DR election on interface. + name: dr_prio + - description: Authentication for hellos on this interface. + name: hello_auth_key + - description: Hello interval in milliseconds for this interface. + name: hello_interval + - description: Policy for join-prune messages (outbound). + name: jp_policy_out + - description: Policy for join-prune messages (inbound). + name: jp_policy_in + - auto: PREDEFINED + description: Type of policy mapped to `jp_policy_out`. + name: jp_type_out + predefined: + - prefix + - routemap + - auto: PREDEFINED + description: Type of policy mapped to `jp_policy_in`. + name: jp_type_in + predefined: + - prefix + - routemap + - auto: PREDEFINED + defaultValue: 'No' + description: Configures interface to be a boundary of a PIM domain. + name: border + predefined: + - 'Yes' + - 'No' + - description: Configures a neighbor policy for filtering adjacencies. + name: neighbor_policy + - auto: PREDEFINED + description: Type of policy mapped to neighbor_policy. + name: neighbor_type + predefined: + - prefix + - routemap + - auto: PREDEFINED + defaultValue: present + description: Manages desired state of the resource. + name: state + predefined: + - present + - default + description: "Manages PIM interface configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_pim_interface_module.html" + name: nxos-pim-interface + outputs: + - contextPath: CiscoNXOS.NxosPimInterface.commands + description: command sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Configures a Protocol Independent Multicast (PIM) static rendezvous + point (RP) address. Valid values are unicast addresses. + name: rp_address + required: true + - description: Group range for static RP. Valid values are multicast addresses. + name: group_list + - description: Prefix list policy for static RP. Valid values are prefix-list + policy names. + name: prefix_list + - description: Route map policy for static RP. Valid values are route-map policy + names. + name: route_map + - description: Group range is treated in PIM bidirectional mode. + name: bidir + - auto: PREDEFINED + defaultValue: present + description: Specify desired state of the resource. + name: state + predefined: + - present + - absent + - default + required: true + description: "Manages configuration of an PIM static RP address instance.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_pim_rp_address_module.html" + name: nxos-pim-rp-address + outputs: + - contextPath: CiscoNXOS.NxosPimRpAddress.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: IP address or hostname (resolvable by switch) of remote node. + name: dest + required: true + - defaultValue: '5' + description: Number of packets to send. + name: count + - description: Source IP Address or hostname (resolvable by switch) + name: source + - description: Outgoing VRF. + name: vrf + - auto: PREDEFINED + defaultValue: present + description: Determines if the expected result is success or fail. + name: state + predefined: + - absent + - present + description: "Tests reachability using ping from Nexus switch.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_ping_module.html" + name: nxos-ping + outputs: + - contextPath: CiscoNXOS.NxosPing.commands + description: Show the command sent + type: unknown + - contextPath: CiscoNXOS.NxosPing.rtt + description: Show RTT stats + type: unknown + - contextPath: CiscoNXOS.NxosPing.packets_rx + description: Packets successfully received + type: number + - contextPath: CiscoNXOS.NxosPing.packets_tx + description: Packets successfully transmitted + type: number + - contextPath: CiscoNXOS.NxosPing.packet_loss + description: Percentage of packets lost + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Safeguard boolean. Set to true if you're sure you want to reboot. + name: confirm + predefined: + - 'Yes' + - 'No' + description: "Reboot a network device.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_reboot_module.html" + name: nxos-reboot + outputs: + - contextPath: CiscoNXOS.NxosReboot.rebooted + description: Whether the device was instructed to reboot. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of checkpoint file to create. Mutually exclusive with rollback_to. + name: checkpoint_file + - description: Name of checkpoint file to rollback to. Mutually exclusive with + checkpoint_file. + name: rollback_to + description: "Set a checkpoint or rollback to a checkpoint.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_rollback_module.html" + name: nxos-rollback + outputs: + - contextPath: CiscoNXOS.NxosRollback.filename + description: The filename of the checkpoint/rollback file. + type: string + - contextPath: CiscoNXOS.NxosRollback.status + description: Which operation took place and whether it was successful. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the RPM package. + name: pkg + required: true + - defaultValue: bootflash + description: The remote file system of the device. If omitted, devices that + support a file_system parameter will use their default values. + name: file_system + - description: List of RPM/patch definitions. + name: aggregate + - auto: PREDEFINED + defaultValue: present + description: If the state is present, the rpm will be installed, If the state + is absent, it will be removed. + name: state + predefined: + - present + - absent + description: "Install patch or feature rpms on Cisco NX-OS devices.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_rpm_module.html" + name: nxos-rpm + outputs: + - contextPath: CiscoNXOS.NxosRpm.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the remote package. + name: pkg + required: true + - description: The remote file system of the device. If omitted, devices that + support a file_system parameter will use their default values. + name: file_system + description: "Perform SMUs on Cisco NX-OS devices.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_smu_module.html" + name: nxos-smu + outputs: + - contextPath: CiscoNXOS.NxosSmu.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Define what snapshot action the module would perform. + name: action + predefined: + - add + - compare + - create + - delete + - delete_all + required: true + - description: Snapshot name, to be used when `action=create` or `action=delete`. + name: snapshot_name + - description: Snapshot description to be used when `action=create`. + name: description + - description: First snapshot to be used when `action=compare`. + name: snapshot1 + - description: Second snapshot to be used when `action=compare`. + name: snapshot2 + - description: Name of the file where snapshots comparison will be stored when + `action=compare`. + name: comparison_results_file + - auto: PREDEFINED + description: Snapshot options to be used when `action=compare`. + name: compare_option + predefined: + - summary + - ipv4routes + - ipv6routes + - description: Used to name the show command output, to be used when `action=add`. + name: section + - description: Specify a new show command, to be used when `action=add`. + name: show_command + - description: Specifies the tag of each row entry of the show command's XML output, + to be used when `action=add`. + name: row_id + - description: Specify the tags used to distinguish among row entries, to be used + when `action=add`. + name: element_key1 + - description: Specify the tags used to distinguish among row entries, to be used + when `action=add`. + name: element_key2 + - defaultValue: 'no' + description: Specify to locally store a new created snapshot, to be used when + `action=create`. + name: save_snapshot_locally + - defaultValue: ./ + description: Specify the path of the file where new created snapshot or snapshots + comparison will be stored, to be used when `action=create` and `save_snapshot_locally=true` + or `action=compare`. + name: path + description: "Manage snapshots of the running states of selected features.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snapshot_module.html" + name: nxos-snapshot + outputs: + - contextPath: CiscoNXOS.NxosSnapshot.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Case-sensitive community string. + name: community + required: true + - auto: PREDEFINED + description: Access type for community. + name: access + predefined: + - ro + - rw + - description: Group to which the community belongs. + name: group + - description: ACL name to filter snmp requests or keyword 'default'. + name: acl + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages SNMP community configs.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_community_module.html" + name: nxos-snmp-community + outputs: + - contextPath: CiscoNXOS.NxosSnmpCommunity.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Contact information. + name: contact + required: true + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + required: true + description: "Manages SNMP contact info.\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_contact_module.html" + name: nxos-snmp-contact + outputs: + - contextPath: CiscoNXOS.NxosSnmpContact.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: IP address of hostname of target host. + name: snmp_host + required: true + - auto: PREDEFINED + description: SNMP version. If this is not specified, v1 is used. + name: version + predefined: + - v1 + - v2c + - v3 + - auto: PREDEFINED + description: Use this when verion is v3. SNMPv3 Security level. + name: v3 + predefined: + - noauth + - auth + - priv + - description: Community string or v3 username. + name: community + - defaultValue: '162' + description: UDP port number (0-65535). + name: udp + - auto: PREDEFINED + description: type of message to send to host. If this is not specified, trap + type is used. + name: snmp_type + predefined: + - trap + - inform + - description: VRF to use to source traffic to source. If state = absent, the + vrf is removed. + name: vrf + - description: Name of VRF to filter. If state = absent, the vrf is removed from + the filter. + name: vrf_filter + - description: Source interface. Must be fully qualified interface name. If state + = absent, the interface is removed. + name: src_intf + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. If state = present, the host + is added to the configuration. If only vrf and/or vrf_filter and/or src_intf + are given, they will be added to the existing host configuration. If state + = absent, the host is removed if community parameter is given. It is possible + to remove only vrf and/or src_int and/or vrf_filter by providing only those + parameters and no community parameter. + name: state + predefined: + - present + - absent + description: "Manages SNMP host configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_host_module.html" + name: nxos-snmp-host + outputs: + - contextPath: CiscoNXOS.NxosSnmpHost.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Location information. + name: location + required: true + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages SNMP location information.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_location_module.html" + name: nxos-snmp-location + outputs: + - contextPath: CiscoNXOS.NxosSnmpLocation.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Case sensitive group. + name: group + predefined: + - aaa + - bfd + - bgp + - bridge + - callhome + - cfs + - config + - eigrp + - entity + - feature-control + - generic + - hsrp + - license + - link + - lldp + - mmode + - ospf + - pim + - rf + - rmon + - snmp + - storm-control + - stpx + - switchfabric + - syslog + - sysmgr + - system + - upgrade + - vtp + - all + required: true + - auto: PREDEFINED + defaultValue: enabled + description: Manage the state of the resource. + name: state + predefined: + - enabled + - disabled + description: "Manages SNMP traps.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_traps_module.html" + name: nxos-snmp-traps + outputs: + - contextPath: CiscoNXOS.NxosSnmpTraps.commands + description: command sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the user. + name: user + required: true + - description: Group to which the user will belong to. If state = present, and + the user is existing, the group is added to the user. If the user is not existing, + user entry is created with this group argument. If state = absent, only the + group is removed from the user entry. However, to maintain backward compatibility, + if the existing user belongs to only one group, and if group argument is same + as the existing user's group, then the user entry also is deleted. + name: group + - auto: PREDEFINED + description: Authentication parameters for the user. + name: authentication + predefined: + - md5 + - sha + - description: Authentication password when using md5 or sha. This is not idempotent + name: pwd + - description: Privacy password for the user. This is not idempotent + name: privacy + - description: Enables AES-128 bit encryption when using privacy password. + name: encrypt + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages SNMP users for monitoring.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_user_module.html" + name: nxos-snmp-user + outputs: + - contextPath: CiscoNXOS.NxosSnmpUser.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Destination prefix of static route. + name: prefix + required: true + - description: Next hop address or interface of static route. If interface, it + must be the fully-qualified interface name. + name: next_hop + required: true + - defaultValue: default + description: VRF for static route. + name: vrf + - description: Route tag value (numeric) or keyword 'default'. + name: tag + - description: Name of the route or keyword 'default'. Used with the name parameter + on the CLI. + name: route_name + - description: Preference or administrative difference of route (range 1-255) + or keyword 'default'. + name: pref + - description: List of static route definitions + name: aggregate + - description: Track value (range 1 - 512). Track must already be configured on + the device before adding the route. + name: track + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages static route configuration\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_static_route_module.html" + name: nxos-static-route + outputs: + - contextPath: CiscoNXOS.NxosStaticRoute.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Configure the device hostname parameter. This option takes an ASCII + string value or keyword 'default' + name: hostname + - description: Configures the default domain name suffix to be used when referencing + this node by its FQDN. This argument accepts either a list of domain names + or a list of dicts that configure the domain name and VRF name or keyword + 'default'. See examples. + name: domain_name + - description: Enables or disables the DNS lookup feature in Cisco NXOS. This + argument accepts boolean values. When enabled, the system will try to resolve + hostnames using DNS and when disabled, hostnames will not be resolved. + name: domain_lookup + - description: Configures a list of domain name suffixes to search when performing + DNS name resolution. This argument accepts either a list of domain names or + a list of dicts that configure the domain name and VRF name or keyword 'default'. + See examples. + name: domain_search + - description: List of DNS name servers by IP address to use to perform name resolution + lookups. This argument accepts either a list of DNS servers or a list of + hashes that configure the name server and VRF name or keyword 'default'. See + examples. + name: name_servers + - description: Specifies the mtu, must be an integer or keyword 'default'. + name: system_mtu + - auto: PREDEFINED + defaultValue: present + description: State of the configuration values in the device's current active + configuration. When set to `present`, the values should be configured in + the device active configuration and when set to `absent` the values should + not be in the device active configuration + name: state + predefined: + - present + - absent + description: "Manage the system attributes on Cisco NXOS devices\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_system_module.html" + name: nxos-system + outputs: + - contextPath: CiscoNXOS.NxosSystem.commands + description: The list of configuration mode commands to send to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The provided configuration + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: Final configuration state + name: state + predefined: + - merged + - replaced + - deleted + description: "Telemetry Monitoring Service (TMS) configuration\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_telemetry_module.html" + name: nxos-telemetry + outputs: + - contextPath: CiscoNXOS.NxosTelemetry.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosTelemetry.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosTelemetry.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Toggles aggressive mode. + name: aggressive + predefined: + - enabled + - disabled + - description: Message time in seconds for UDLD packets or keyword 'default'. + name: msg_time + - defaultValue: 'no' + description: Ability to reset all ports shut down by UDLD. 'state' parameter + cannot be 'absent' when this is present. + name: reset + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. When set to 'absent', aggressive + and msg_time are set to their default values. + name: state + predefined: + - present + - absent + description: "Manages UDLD global configuration params.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_udld_module.html" + name: nxos-udld + outputs: + - contextPath: CiscoNXOS.NxosUdld.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosUdld.existing + description: k/v pairs of existing udld configuration + type: unknown + - contextPath: CiscoNXOS.NxosUdld.end_state + description: k/v pairs of udld configuration after module execution + type: unknown + - contextPath: CiscoNXOS.NxosUdld.updates + description: command sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosUdld.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Manages UDLD mode for an interface. + name: mode + predefined: + - enabled + - disabled + - aggressive + required: true + - description: FULL name of the interface, i.e. Ethernet1/1- + name: interface + required: true + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource. + name: state + predefined: + - present + - absent + description: "Manages UDLD interface configuration params.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_udld_interface_module.html" + name: nxos-udld-interface + outputs: + - contextPath: CiscoNXOS.NxosUdldInterface.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosUdldInterface.existing + description: k/v pairs of existing configuration + type: unknown + - contextPath: CiscoNXOS.NxosUdldInterface.end_state + description: k/v pairs of configuration after module execution + type: unknown + - contextPath: CiscoNXOS.NxosUdldInterface.updates + description: command sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosUdldInterface.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The set of username objects to be configured on the remote Cisco + Nexus device. The list entries can either be the username or a hash of username + and properties. This argument is mutually exclusive with the `name` argument. + name: aggregate + - description: The username to be configured on the remote Cisco Nexus device. This + argument accepts a string value and is mutually exclusive with the `aggregate` + argument. + name: name + - description: The password to be configured on the network device. The password + needs to be provided in cleartext and it will be encrypted on the device. + Please note that this option is not same as `provider password`. + name: configured_password + - auto: PREDEFINED + defaultValue: always + description: Since passwords are encrypted in the device running config, this + argument will instruct the module when to change the password. When set to + `always`, the password will always be updated in the device and when set to + `on_create` the password will be updated only if the username is created. + name: update_password + predefined: + - on_create + - always + - description: The `role` argument configures the role for the username in the + device running configuration. The argument accepts a string value defining + the role name. This argument does not check if the role has been configured + on the device. + name: role + - description: The `sshkey` argument defines the SSH public key to configure for + the username. This argument accepts a valid SSH key value. + name: sshkey + - defaultValue: 'no' + description: The `purge` argument instructs the module to consider the resource + definition absolute. It will remove any previously configured usernames on + the device with the exception of the `admin` user which cannot be deleted + per nxos constraints. + name: purge + - auto: PREDEFINED + defaultValue: present + description: The `state` argument configures the state of the username definition + as it relates to the device operational configuration. When set to `present`, + the username(s) should be configured in the device active configuration and + when set to `absent` the username(s) should not be in the device active configuration + name: state + predefined: + - present + - absent + description: "Manage the collection of local users on Nexus devices\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_user_module.html" + name: nxos-user + outputs: + - contextPath: CiscoNXOS.NxosUser.commands + description: The list of configuration mode commands to send to the device + type: unknown + - contextPath: CiscoNXOS.NxosUser.start + description: The time the job started + type: string + - contextPath: CiscoNXOS.NxosUser.end + description: The time the job ended + type: string + - contextPath: CiscoNXOS.NxosUser.delta + description: The time elapsed to perform all operations + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dictionary of Vlan options + isArray: true + name: config + - auto: PREDEFINED + defaultValue: merged + description: The state of the configuration after module completion. + name: state + predefined: + - merged + - replaced + - overridden + - deleted + description: "Create VLAN and manage VLAN configurations on NX-OS Interfaces\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vlans_module.html" + name: nxos-vlans + outputs: + - contextPath: CiscoNXOS.NxosVlans.before + description: The configuration as structured data prior to module invocation. + type: unknown + - contextPath: CiscoNXOS.NxosVlans.after + description: The configuration as structured data after module completion. + type: unknown + - contextPath: CiscoNXOS.NxosVlans.commands + description: The set of commands pushed to the remote device. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: VPC domain + name: domain + required: true + - description: Role priority for device. Remember lower is better. + name: role_priority + - description: System priority device. Remember they must match between peers. + name: system_priority + - description: Source IP address used for peer keepalive link + name: pkl_src + - description: 'Destination (remote) IP address used for peer keepalive link pkl_dest + is required whenever pkl options are used.' + name: pkl_dest + - defaultValue: management + description: 'VRF used for peer keepalive link The VRF must exist on the device + before using pkl_vrf. (Note) ''default'' is an overloaded term: Default vrf + context for pkl_vrf is ''management''; ''pkl_vrf: default'' refers to the + literal ''default'' rib.' + name: pkl_vrf + - description: Enables/Disables peer gateway + name: peer_gw + - description: 'Enables/Disables auto recovery on platforms that support disable + timers are not modifiable with this attribute mutually exclusive with auto_recovery_reload_delay' + name: auto_recovery + - description: 'Manages auto-recovery reload-delay timer in seconds mutually exclusive + with auto_recovery' + name: auto_recovery_reload_delay + - description: manages delay restore command and config value in seconds + name: delay_restore + - description: 'manages delay restore interface-vlan command and config value + in seconds not supported on all platforms' + name: delay_restore_interface_vlan + - description: 'manages delay restore orphan-port command and config value in + seconds not supported on all platforms' + name: delay_restore_orphan_port + - auto: PREDEFINED + description: Manages desired state of the resource + name: state + predefined: + - present + - absent + required: true + description: "Manages global VPC configuration\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_vpc_module.html" + name: nxos-vpc + outputs: + - contextPath: CiscoNXOS.NxosVpc.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Group number of the portchannel that will be configured. + name: portchannel + required: true + - description: VPC group/id that will be configured on associated portchannel. + name: vpc + - description: Set to true/false for peer link config on associated portchannel. + name: peer_link + - auto: PREDEFINED + defaultValue: present + description: Manages desired state of the resource. + name: state + predefined: + - present + - absent + required: true + description: "Manages interface VPC configuration\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_vpc_interface_module.html" + name: nxos-vpc-interface + outputs: + - contextPath: CiscoNXOS.NxosVpcInterface.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of VRF to be managed. + name: name + required: true + - auto: PREDEFINED + defaultValue: up + description: Administrative state of the VRF. + name: admin_state + predefined: + - up + - down + - description: Specify virtual network identifier. Valid values are Integer or + keyword 'default'. + name: vni + - description: VPN Route Distinguisher (RD). Valid values are a string in one + of the route-distinguisher formats (ASN2:NN, ASN4:NN, or IPV4:NN); the keyword + 'auto', or the keyword 'default'. + name: rd + - description: List of interfaces to check the VRF has been configured correctly + or keyword 'default'. + name: interfaces + - description: This is a intent option and checks the operational state of the + for given vrf `name` for associated interfaces. If the value in the `associated_interfaces` + does not match with the operational state of vrf interfaces on device it will + result in failure. + name: associated_interfaces + - description: List of VRFs definitions. + name: aggregate + - defaultValue: 'no' + description: Purge VRFs not defined in the `aggregate` parameter. + name: purge + - auto: PREDEFINED + defaultValue: present + description: Manages desired state of the resource. + name: state + predefined: + - present + - absent + - description: Description of the VRF or keyword 'default'. + name: description + - defaultValue: '10' + description: Time in seconds to wait before checking for the operational state + on remote device. This wait is applicable for operational state arguments. + name: delay + description: "Manages global VRF configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_vrf_module.html" + name: nxos-vrf + outputs: + - contextPath: CiscoNXOS.NxosVrf.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the VRF. + name: vrf + required: true + - auto: PREDEFINED + description: Address-Family Identifier (AFI). + name: afi + predefined: + - ipv4 + - ipv6 + required: true + - description: Enable/Disable the EVPN route-target 'auto' setting for both import + and export target communities. + name: route_target_both_auto_evpn + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages VRF AF.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vrf_af_module.html" + name: nxos-vrf-af + outputs: + - contextPath: CiscoNXOS.NxosVrfAf.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of VRF to be managed. + name: vrf + required: true + - description: Full name of interface to be managed, i.e. Ethernet1/1. + name: interface + required: true + - auto: PREDEFINED + defaultValue: present + description: Manages desired state of the resource. + name: state + predefined: + - present + - absent + description: "Manages interface specific VRF configuration.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_vrf_interface_module.html" + name: nxos-vrf-interface + outputs: + - contextPath: CiscoNXOS.NxosVrfInterface.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: VRRP group number. + name: group + required: true + - description: Full name of interface that is being managed for VRRP. + name: interface + required: true + - defaultValue: '1' + description: Time interval between advertisement or 'default' keyword + name: interval + - defaultValue: '100' + description: VRRP priority or 'default' keyword + name: priority + - defaultValue: 'yes' + description: Enable/Disable preempt. + name: preempt + - description: VRRP virtual IP address or 'default' keyword + name: vip + - description: Clear text authentication string or 'default' keyword + name: authentication + - auto: PREDEFINED + defaultValue: shutdown + description: Used to enable or disable the VRRP process. + name: admin_state + predefined: + - shutdown + - no shutdown + - default + - auto: PREDEFINED + defaultValue: present + description: Specify desired state of the resource. + name: state + predefined: + - present + - absent + description: "Manages VRRP configuration on NX-OS switches.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_vrrp_module.html" + name: nxos-vrrp + outputs: + - contextPath: CiscoNXOS.NxosVrrp.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: VTP domain name. + name: domain + required: true + description: "Manages VTP domain configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_vtp_domain_module.html" + name: nxos-vtp-domain + outputs: + - contextPath: CiscoNXOS.NxosVtpDomain.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosVtpDomain.existing + description: k/v pairs of existing vtp domain + type: unknown + - contextPath: CiscoNXOS.NxosVtpDomain.end_state + description: k/v pairs of vtp domain after module execution + type: unknown + - contextPath: CiscoNXOS.NxosVtpDomain.updates + description: command sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosVtpDomain.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: VTP password + name: vtp_password + - auto: PREDEFINED + defaultValue: present + description: Manage the state of the resource + name: state + predefined: + - present + - absent + description: "Manages VTP password configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_vtp_password_module.html" + name: nxos-vtp-password + outputs: + - contextPath: CiscoNXOS.NxosVtpPassword.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosVtpPassword.existing + description: k/v pairs of existing vtp + type: unknown + - contextPath: CiscoNXOS.NxosVtpPassword.end_state + description: k/v pairs of vtp after module execution + type: unknown + - contextPath: CiscoNXOS.NxosVtpPassword.updates + description: command sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosVtpPassword.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: VTP version number. + name: version + predefined: + - '1' + - '2' + required: true + description: "Manages VTP version configuration.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/nxos_vtp_version_module.html" + name: nxos-vtp-version + outputs: + - contextPath: CiscoNXOS.NxosVtpVersion.proposed + description: k/v pairs of parameters passed into module + type: unknown + - contextPath: CiscoNXOS.NxosVtpVersion.existing + description: k/v pairs of existing vtp + type: unknown + - contextPath: CiscoNXOS.NxosVtpVersion.end_state + description: k/v pairs of vtp after module execution + type: unknown + - contextPath: CiscoNXOS.NxosVtpVersion.updates + description: command sent to the device + type: unknown + - contextPath: CiscoNXOS.NxosVtpVersion.changed + description: check to see if a change was made on the device + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Interface name for the VXLAN Network Virtualization Endpoint. + name: interface + required: true + - description: Description of the NVE interface. + name: description + - description: Specify mechanism for host reachability advertisement. + name: host_reachability + - description: Administratively shutdown the NVE interface. + name: shutdown + - description: Specify the loopback interface whose IP address should be used + for the NVE interface. + name: source_interface + - description: Suppresses advertisement of the NVE loopback address until the + overlay has converged. + name: source_interface_hold_down_time + - description: Global multicast ip prefix for L3 VNIs or the keyword 'default' + This is available on NX-OS 9K series running 9.2.x or higher. + name: global_mcast_group_L3 + - description: Global multicast ip prefix for L2 VNIs or the keyword 'default' + This is available on NX-OS 9K series running 9.2.x or higher. + name: global_mcast_group_L2 + - description: Enables ARP suppression for all VNIs This is available on NX-OS + 9K series running 9.2.x or higher. + name: global_suppress_arp + - description: Configures ingress replication protocol as bgp for all VNIs This + is available on NX-OS 9K series running 9.2.x or higher. + name: global_ingress_replication_bgp + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Manages VXLAN Network Virtualization Endpoint (NVE).\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_vxlan_vtep_module.html" + name: nxos-vxlan-vtep + outputs: + - contextPath: CiscoNXOS.NxosVxlanVtep.commands + description: commands sent to the device + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Interface name for the VXLAN Network Virtualization Endpoint. + name: interface + required: true + - description: ID of the Virtual Network Identifier. + name: vni + required: true + - description: This attribute is used to identify and separate processing VNIs + that are associated with a VRF and used for routing. The VRF and VNI specified + with this command must match the configuration of the VNI under the VRF. + name: assoc_vrf + - auto: PREDEFINED + description: Specifies mechanism for host reachability advertisement. + name: ingress_replication + predefined: + - bgp + - static + - default + - description: The multicast group (range) of the VNI. Valid values are string + and keyword 'default'. + name: multicast_group + - description: Set the ingress-replication static peer list. Valid values are + an array, a space-separated string of ip addresses, or the keyword 'default'. + name: peer_list + - description: Suppress arp under layer 2 VNI. + name: suppress_arp + - description: Overrides the global ARP suppression config. This is available + on NX-OS 9K series running 9.2.x or higher. + name: suppress_arp_disable + - auto: PREDEFINED + defaultValue: present + description: Determines whether the config should be present or not on the device. + name: state + predefined: + - present + - absent + description: "Creates a Virtual Network Identifier member (VNI)\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/nxos_vxlan_vtep_vni_module.html" + name: nxos-vxlan-vtep-vni + outputs: + - contextPath: CiscoNXOS.NxosVxlanVtepVni.commands + description: commands sent to the device + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS_description.md b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS_description.md new file mode 100644 index 000000000000..9a99527c397b --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS_description.md @@ -0,0 +1,18 @@ +# Ansible Cisco NXOS +Manage Cisco NXOS Switches and Routers directly from XSOAR using SSH. + +## Credentials + +This integration supports a number of methods of authenticating with the network device: + +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions + +Whilst possible to use a `Network-Operator` (read-only) role, most commands require read and write access. It is recommended to use `Network-Admin` or appropriately scoped custom role. + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!nxos-facts`command providing an example `host` as the command argument. This command will connect to the specified network device with the configured credentials in the integration, and if successful output general information about the device. diff --git a/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS_image.png b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/AnsibleCiscoNXOS_image.png new file mode 100644 index 0000000000000000000000000000000000000000..113f4f14ec9ba81b1ab65482828d22815710a4fa GIT binary patch literal 2315 zcmV+m3H0`fP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D2%t$sK~#8N?VNdR z6jdC@X9}epa`XUdCmP!jc5j_9!PvS@M+WQb{olEtD)iRjP~HV5|* z9U<8Mz#m~NJ5SDvOlC=*tb;S0tb;S0v^f}~&Xo73gJxA}17}rBDBKiIxkaq>k`@OS z&8+?!ssm0wFl6dnGtwtTGpi;mrJvB0)`siOmT2GLTDu@^MU_=wNR)4Iz4rj=Vo+oL^A*cS2nN>4EwFbcAWA z0#5(BL;6B~W<LAl3$`{E$!MfIr&l@2N zbv@@NBQAuXpfCv2_rsilfzxuOsr$?$;R91X4j8|Oltb1d@6#FY2R}`;b=`QF=rEEG z>1LY7pzl^O!-vwY7RvyYk&gC7whzv5vJTF0vJTF0Qsv-I(O$HPHqe!77t=5CZf$U$ zXUmTbrJWWl!b#DoBznG;GjF;xKMCWA=s=uyQh($U(I=XKV+b@xANaQimF1qJ*@cX(R7F|=;9WF_cw1eTeS*VI5 zQSAz0NA@OplVdE;O~UzkIQMTe(jT}Er#oCqyaaaCk#R$94bL42a~!_EKkQ%4BW@aN z-)n)&g;Xe&liT#=TSmNJ@SUTe#ww*sV83q0x;e1+eH5qS_fLZ4N`8D1woP}e!BfqU z!7voaUt)&}wsDcs$$)?BT1#zC%_#s~7) z2dW>$$Rnhsyea-XN_yTS^U#VZ-{JD+_`g3E3HvKu4zABHU4X<7!{qzFR+xdqC_pYJ z+CV}50d<}kG8l^UxI4oI&gHA8b&#&rB@3-c$3l+@uJHiWLlABfu);jOBal?EvY?L=``$5cPa1KweL%}}+aTdH6 z?~0DVN--K0!nNxI@!Q3;V%zATG{wPUg>zPbxK$V(-6X*XLA(~@B1i{cCE5VB`l*Vh zt%(f*<3ZP670b#KkY+f!5pug3<;h^t5je_Egejs8(3jsJri=3CZ689}equ!4{Ipzg z5u}4{*G6BL^gt*U<%f+*6YZT;j?P!2Ab-O&%{B_(Fyuli=jb}opZ#q2h$r=Ad9}&_-|+yU&bqF$y*8Be4yp?dNd7wV@!MW<4sK3d+0&lvbQm zC{E1+B}fNz>R{zH(Sd+|yb+G(tEw!-c@XE0i|a*OIU?FbX|bAfFF3vG0!_(EF{3eD zw29JIixn6_I@tNwZ)4F^8k5!_fs?tc_;#o2JmU}XaEN_$t!r}<$s@)U&OzE-q<8&i z7N$g;Z#!T7Rv7Ic7dtQlTdKs3vbl5au_8}HmO(h0=KD=-y4S)f{98a9xCWOht+l=c z=h>DjaZbFOW>tCwt-E^tFO1|1y9V+)+S4cb)!agVJ~3(Sy>=OEmV z%`(^laSrByevcS|66hcc&Ez7KU^@O(v=@YLIF>=iL-?bB^WHqCFmTd*sP$$jaghE6 zs87sLT%1DRP>6J{mID=Y7-Syg8Y7%vHqkiXgFqcTv3a|Oxi4R2=Gv?8*D#W#1C?wx z3Ur->UEtVsoWnndN$Ry4q`wx573EC#xD)5*q3>;yuniph)3nqiIJZn`%J-kZ1nS@j z$oMkUT0UjmvCsY}0;egTbYasyiWiC002ovPDHLkV1h^ZWgh?l literal 0 HcmV?d00001 diff --git a/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/README.md b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/README.md new file mode 100644 index 000000000000..289b9389114b --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/README.md @@ -0,0 +1,4289 @@ +This integration enables the management of Cisco NXOS Switches and Routers directly from XSOAR using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server, all you need to do is provide credentials you are ready to use the feature rich commands. This integration functions without any agents or additional software installed on the hosts by utilising SSH. + +To use this integration, configure an instance of this integration. This will associate a credential to be used to access hosts when commands are run. The commands from this integration will take the NXOS host address(es) as an input, and use the saved credential associated to the instance to execute. Create separate instances if multiple credentials are required. + +## Credentials +This integration supports a number of methods of authenticating with the network device: + +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions +Whilst possible to use a `Network-Operator` (read-only) role, most commands require read and write access. It is recommended to use `Network-Admin` or appropriately scoped custom role. + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the NXOS host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. +## Configure Ansible Cisco NXOS on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible Cisco NXOS. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Username | The credentials to associate with the instance. SSH keys can be configured using the credential manager. | True | + | Password | | True | + | Default SSH Port | The default port to use if one is not specified in the commands \`host\` argument. | True | + | Concurrency Factor | If multiple hosts are specified in a command, how many hosts should be interacted with concurrently. | True | + +## Testing +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!nxos-facts`command providing an example `host` as the command argument. This command will connect to the specified network device with the configured credentials in the integration, and if successful output general information about the device. + +## Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +## State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. + +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### nxos-aaa-server +*** +Manages AAA server global configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_aaa_server_module.html + + +#### Base Command + +`nxos-aaa-server` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| server_type | The server type is either radius or tacacs. Possible values are: radius, tacacs. | Required | +| global_key | Global AAA shared secret or keyword 'default'. | Optional | +| encrypt_type | The state of encryption applied to the entered global key. O clear text, 7 encrypted. Type-6 encryption is not supported. Possible values are: 0, 7. | Optional | +| deadtime | Duration for which a non-reachable AAA server is skipped, in minutes or keyword 'default. Range is 1-1440. Device default is 0. | Optional | +| server_timeout | Global AAA server timeout period, in seconds or keyword 'default. Range is 1-60. Device default is 5. | Optional | +| directed_request | Enables direct authentication requests to AAA server or keyword 'default' Device default is disabled. Possible values are: enabled, disabled. | Optional | +| state | Manage the state of the resource. Possible values are: present, default. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosAaaServer.commands | unknown | command sent to the device | + + +#### Command Example +```!nxos-aaa-server host="192.168.1.19" server_type="radius" server_timeout="9" deadtime="20" directed_request="enabled" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosAaaServer": { + "changed": true, + "commands": [ + "radius-server deadtime 20", + "radius-server timeout 9", + "radius-server directed-request" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: radius-server deadtime 20 +> * 1: radius-server timeout 9 +> * 2: radius-server directed-request + + +### nxos-aaa-server-host +*** +Manages AAA server host-specific configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_aaa_server_host_module.html + + +#### Base Command + +`nxos-aaa-server-host` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| server_type | The server type is either radius or tacacs. Possible values are: radius, tacacs. | Required | +| address | Address or name of the radius or tacacs host. | Required | +| key | Shared secret for the specified host or keyword 'default'. | Optional | +| encrypt_type | The state of encryption applied to the entered key. O for clear text, 7 for encrypted. Type-6 encryption is not supported. Possible values are: 0, 7. | Optional | +| host_timeout | Timeout period for specified host, in seconds or keyword 'default. Range is 1-60. | Optional | +| auth_port | Alternate UDP port for RADIUS authentication or keyword 'default'. | Optional | +| acct_port | Alternate UDP port for RADIUS accounting or keyword 'default'. | Optional | +| tacacs_port | Alternate TCP port TACACS Server or keyword 'default'. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosAaaServerHost.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosAaaServerHost.existing | unknown | k/v pairs of existing configuration | +| CiscoNXOS.NxosAaaServerHost.end_state | unknown | k/v pairs of configuration after module execution | +| CiscoNXOS.NxosAaaServerHost.updates | unknown | command sent to the device | +| CiscoNXOS.NxosAaaServerHost.changed | boolean | check to see if a change was made on the device | + + +#### Command Example +```!nxos-aaa-server-host host="192.168.1.19" state="present" server_type="radius" address="1.2.3.4" acct_port="2084" host_timeout="10" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosAaaServerHost": { + "changed": true, + "end_state": { + "acct_port": "2084", + "address": "1.2.3.4", + "auth_port": null, + "host_timeout": "10", + "key": null, + "server_type": "radius" + }, + "existing": {}, + "host": "192.168.1.19", + "proposed": { + "acct_port": "2084", + "address": "1.2.3.4", + "host_timeout": "10", + "server_type": "radius" + }, + "status": "CHANGED", + "updates": [ + "radius-server host 1.2.3.4 acct-port 2084 timeout 10" + ] + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## End_State +> * acct_port: 2084 +> * address: 1.2.3.4 +> * auth_port: None +> * host_timeout: 10 +> * key: None +> * server_type: radius +> * ## Existing +> * ## Proposed +> * acct_port: 2084 +> * address: 1.2.3.4 +> * host_timeout: 10 +> * server_type: radius +> * ## Updates +> * 0: radius-server host 1.2.3.4 acct-port 2084 timeout 10 + + +### nxos-acl +*** +Manages access list entries for ACLs. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_acl_module.html + + +#### Base Command + +`nxos-acl` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| seq | Sequence number of the entry (ACE). | Optional | +| name | Case sensitive name of the access list (ACL). | Required | +| action | Action of the ACE. Possible values are: permit, deny, remark. | Optional | +| remark | If action is set to remark, this is the description. | Optional | +| proto | Port number or protocol (as supported by the switch). | Optional | +| src | Source ip and mask using IP/MASK notation and supports keyword 'any'. | Optional | +| src_port_op | Source port operands such as eq, neq, gt, lt, range. Possible values are: any, eq, gt, lt, neq, range. | Optional | +| src_port1 | Port/protocol and also first (lower) port when using range operand. | Optional | +| src_port2 | Second (end) port when using range operand. | Optional | +| dest | Destination ip and mask using IP/MASK notation and supports the keyword 'any'. | Optional | +| dest_port_op | Destination port operands such as eq, neq, gt, lt, range. Possible values are: any, eq, gt, lt, neq, range. | Optional | +| dest_port1 | Port/protocol and also first (lower) port when using range operand. | Optional | +| dest_port2 | Second (end) port when using range operand. | Optional | +| log | Log matches against this entry. Possible values are: enable. | Optional | +| urg | Match on the URG bit. Possible values are: enable. | Optional | +| ack | Match on the ACK bit. Possible values are: enable. | Optional | +| psh | Match on the PSH bit. Possible values are: enable. | Optional | +| rst | Match on the RST bit. Possible values are: enable. | Optional | +| syn | Match on the SYN bit. Possible values are: enable. | Optional | +| fin | Match on the FIN bit. Possible values are: enable. | Optional | +| established | Match established connections. Possible values are: enable. | Optional | +| fragments | Check non-initial fragments. Possible values are: enable. | Optional | +| time_range | Name of time-range to apply. | Optional | +| precedence | Match packets with given precedence. Possible values are: critical, flash, flash-override, immediate, internet, network, priority, routine. | Optional | +| dscp | Match packets with given dscp value. Possible values are: af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cs1, cs2, cs3, cs4, cs5, cs6, cs7, default, ef. | Optional | +| state | Specify desired state of the resource. Possible values are: present, absent, delete_acl. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosAcl.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-acl host="192.168.1.19" name="ANSIBLE" seq="10" action="permit" proto="tcp" "src"="192.0.2.1/2" dest="any" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosAcl": { + "changed": true, + "commands": [ + "ip access-list ANSIBLE", + "10 permit tcp 192.0.2.1/24 any" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: ip access-list ANSIBLE +> * 1: 10 permit tcp 192.0.2.1/24 any + + +### nxos-acl-interface +*** +Manages applying ACLs to interfaces. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_acl_interface_module.html + + +#### Base Command + +`nxos-acl-interface` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Case sensitive name of the access list (ACL). | Required | +| interface | Full name of interface, e.g. `Ethernet1/1`. | Required | +| direction | Direction ACL to be applied in on the interface. Possible values are: ingress, egress. | Required | +| state | Specify desired state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosAclInterface.acl_applied_to | unknown | list of interfaces the ACL is applied to | +| CiscoNXOS.NxosAclInterface.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-acl-interface host="192.168.1.19" name="ANSIBLE" interface="ethernet1/41" direction="egress" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosAclInterface": { + "changed": true, + "commands": [ + "interface ethernet1/41", + "ip access-group ANSIBLE out" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: interface ethernet1/41 +> * 1: ip access-group ANSIBLE out + +### nxos-banner +*** +Manage multiline banners on Cisco NXOS devices + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_banner_module.html + + +#### Base Command + +`nxos-banner` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| banner | Specifies which banner that should be configured on the remote device. Possible values are: exec, motd. | Required | +| text | The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires `state=present`. | Optional | +| state | Specifies whether or not the configuration is present in the current devices active running configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosBanner.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!nxos-banner host="192.168.1.19" banner="exec" text="this is my exec banner" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosBanner": { + "changed": true, + "commands": [ + "banner exec @\nthis is my exec banner\n@" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: banner exec @ +>this is my exec banner +>@ + +### nxos-bfd-global +*** +Bidirectional Forwarding Detection (BFD) global-level configuration + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bfd_global_module.html + + +#### Base Command + +`nxos-bfd-global` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| echo_interface | Loopback interface used for echo frames. Valid values are loopback interface name or 'deleted'. Not supported on N5K/N6K. | Optional | +| echo_rx_interval | BFD Echo receive interval in milliseconds. | Optional | +| interval | BFD interval timer values. Value must be a dict defining values for keys (tx, min_rx, and multiplier). | Optional | +| slow_timer | BFD slow rate timer in milliseconds. | Optional | +| startup_timer | BFD delayed startup timer in seconds. Not supported on N5K/N6K/N7K. | Optional | +| ipv4_echo_rx_interval | BFD IPv4 session echo receive interval in milliseconds. | Optional | +| ipv4_interval | BFD IPv4 interval timer values. Value must be a dict defining values for keys (tx, min_rx, and multiplier). | Optional | +| ipv4_slow_timer | BFD IPv4 slow rate timer in milliseconds. | Optional | +| ipv6_echo_rx_interval | BFD IPv6 session echo receive interval in milliseconds. | Optional | +| ipv6_interval | BFD IPv6 interval timer values. Value must be a dict defining values for keys (tx, min_rx, and multiplier). | Optional | +| ipv6_slow_timer | BFD IPv6 slow rate timer in milliseconds. | Optional | +| fabricpath_interval | BFD fabricpath interval timer values. Value must be a dict defining values for keys (tx, min_rx, and multiplier). | Optional | +| fabricpath_slow_timer | BFD fabricpath slow rate timer in milliseconds. | Optional | +| fabricpath_vlan | BFD fabricpath control vlan. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosBfdGlobal.cmds | unknown | commands sent to the device | + + + +#### Command Example +```!nxos-bfd-global host="192.168.1.19" echo_rx_interval="50" interval="{'tx': 50, 'min_rx': 50, 'multiplier': 4}" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosBfdGlobal": { + "changed": false, + "check_mode": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * check_mode: False +> * ## Commands + +### nxos-bfd-interfaces +*** +Manages BFD attributes of nxos interfaces. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bfd_interfaces_module.html + + +#### Base Command + +`nxos-bfd-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | The provided configuration. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosBfdInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosBfdInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosBfdInterfaces.commands | unknown | The set of commands pushed to the remote device. | + + +#### Command Example +```!nxos-bfd-interfaces host="192.168.1.19" state="deleted" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosBfdInterfaces": { + "before": [ + { + "bfd": "enable", + "echo": "enable", + "name": "Ethernet1/1" + }, + { + "bfd": "enable", + "echo": "enable", + "name": "Ethernet1/2" + } + ], + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Before +> * ## Ethernet1/1 +> * bfd: enable +> * echo: enable +> * name: Ethernet1/1 +> * ## Ethernet1/2 +> * bfd: enable +> * echo: enable +> * name: Ethernet1/2 +> * ## Commands + + +### nxos-bgp +*** +Manages BGP configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_module.html + + +#### Base Command + +`nxos-bgp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| asn | BGP autonomous system number. Valid values are String, Integer in ASPLAIN or ASDOT notation. | Required | +| vrf | Name of the VRF. The name 'default' is a valid VRF representing the global BGP. | Optional | +| bestpath_always_compare_med | Enable/Disable MED comparison on paths from different autonomous systems. | Optional | +| bestpath_aspath_multipath_relax | Enable/Disable load sharing across the providers with different (but equal-length) AS paths. | Optional | +| bestpath_compare_routerid | Enable/Disable comparison of router IDs for identical eBGP paths. | Optional | +| bestpath_compare_neighborid | Enable/Disable neighborid. Use this when more paths available than max path config. | Optional | +| bestpath_cost_community_ignore | Enable/Disable Ignores the cost community for BGP best-path calculations. | Optional | +| bestpath_med_confed | Enable/Disable enforcement of bestpath to do a MED comparison only between paths originated within a confederation. | Optional | +| bestpath_med_missing_as_worst | Enable/Disable assigns the value of infinity to received routes that do not carry the MED attribute, making these routes the least desirable. | Optional | +| bestpath_med_non_deterministic | Enable/Disable deterministic selection of the best MED pat from among the paths from the same autonomous system. | Optional | +| cluster_id | Route Reflector Cluster-ID. | Optional | +| confederation_id | Routing domain confederation AS. | Optional | +| confederation_peers | AS confederation parameters. | Optional | +| disable_policy_batching | Enable/Disable the batching evaluation of prefix advertisement to all peers. | Optional | +| disable_policy_batching_ipv4_prefix_list | Enable/Disable the batching evaluation of prefix advertisements to all peers with prefix list. | Optional | +| disable_policy_batching_ipv6_prefix_list | Enable/Disable the batching evaluation of prefix advertisements to all peers with prefix list. | Optional | +| enforce_first_as | Enable/Disable enforces the neighbor autonomous system to be the first AS number listed in the AS path attribute for eBGP. On NX-OS, this property is only supported in the global BGP context. | Optional | +| event_history_cli | Enable/Disable cli event history buffer. Possible values are: size_small, size_medium, size_large, size_disable, default. | Optional | +| event_history_detail | Enable/Disable detail event history buffer. Possible values are: size_small, size_medium, size_large, size_disable, default. | Optional | +| event_history_events | Enable/Disable event history buffer. Possible values are: size_small, size_medium, size_large, size_disable, default. | Optional | +| event_history_periodic | Enable/Disable periodic event history buffer. Possible values are: size_small, size_medium, size_large, size_disable, default. | Optional | +| fast_external_fallover | Enable/Disable immediately reset the session if the link to a directly connected BGP peer goes down. Only supported in the global BGP context. | Optional | +| flush_routes | Enable/Disable flush routes in RIB upon controlled restart. On NX-OS, this property is only supported in the global BGP context. | Optional | +| graceful_restart | Enable/Disable graceful restart. | Optional | +| graceful_restart_helper | Enable/Disable graceful restart helper mode. | Optional | +| graceful_restart_timers_restart | Set maximum time for a restart sent to the BGP peer. | Optional | +| graceful_restart_timers_stalepath_time | Set maximum time that BGP keeps the stale routes from the restarting BGP peer. | Optional | +| isolate | Enable/Disable isolate this router from BGP perspective. | Optional | +| local_as | Local AS number to be used within a VRF instance. | Optional | +| log_neighbor_changes | Enable/Disable message logging for neighbor up/down event. | Optional | +| maxas_limit | Specify Maximum number of AS numbers allowed in the AS-path attribute. Valid values are between 1 and 512. | Optional | +| neighbor_down_fib_accelerate | Enable/Disable handle BGP neighbor down event, due to various reasons. | Optional | +| reconnect_interval | The BGP reconnection interval for dropped sessions. Valid values are between 1 and 60. | Optional | +| router_id | Router Identifier (ID) of the BGP router VRF instance. | Optional | +| shutdown | Administratively shutdown the BGP protocol. | Optional | +| suppress_fib_pending | Enable/Disable advertise only routes programmed in hardware to peers. | Optional | +| timer_bestpath_limit | Specify timeout for the first best path after a restart, in seconds. | Optional | +| timer_bgp_hold | Set BGP hold timer. | Optional | +| timer_bgp_keepalive | Set BGP keepalive timer. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosBgp.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-bgp host="192.168.1.19" asn="65535" vrf="test" router_id="192.0.2.1" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosBgp": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-bgp-af +*** +Manages BGP Address-family configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_af_module.html + + +#### Base Command + +`nxos-bgp-af` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| asn | BGP autonomous system number. Valid values are String, Integer in ASPLAIN or ASDOT notation. | Required | +| vrf | Name of the VRF. The name 'default' is a valid VRF representing the global bgp. | Required | +| afi | Address Family Identifier. Possible values are: ipv4, ipv6, vpnv4, vpnv6, l2vpn. | Required | +| safi | Sub Address Family Identifier. Possible values are: unicast, multicast, evpn. | Required | +| additional_paths_install | Install a backup path into the forwarding table and provide prefix independent convergence (PIC) in case of a PE-CE link failure. | Optional | +| additional_paths_receive | Enables the receive capability of additional paths for all of the neighbors under this address family for which the capability has not been disabled. | Optional | +| additional_paths_selection | Configures the capability of selecting additional paths for a prefix. Valid values are a string defining the name of the route-map. | Optional | +| additional_paths_send | Enables the send capability of additional paths for all of the neighbors under this address family for which the capability has not been disabled. | Optional | +| advertise_l2vpn_evpn | Advertise evpn routes. | Optional | +| client_to_client | Configure client-to-client route reflection. | Optional | +| dampen_igp_metric | Specify dampen value for IGP metric-related changes, in seconds. Valid values are integer and keyword 'default'. | Optional | +| dampening_state | Enable/disable route-flap dampening. | Optional | +| dampening_half_time | Specify decay half-life in minutes for route-flap dampening. Valid values are integer and keyword 'default'. | Optional | +| dampening_max_suppress_time | Specify max suppress time for route-flap dampening stable route. Valid values are integer and keyword 'default'. | Optional | +| dampening_reuse_time | Specify route reuse time for route-flap dampening. Valid values are integer and keyword 'default'. | Optional | +| dampening_routemap | Specify route-map for route-flap dampening. Valid values are a string defining the name of the route-map. | Optional | +| dampening_suppress_time | Specify route suppress time for route-flap dampening. Valid values are integer and keyword 'default'. | Optional | +| default_information_originate | Default information originate. | Optional | +| default_metric | Sets default metrics for routes redistributed into BGP. Valid values are Integer or keyword 'default'. | Optional | +| distance_ebgp | Sets the administrative distance for eBGP routes. Valid values are Integer or keyword 'default'. | Optional | +| distance_ibgp | Sets the administrative distance for iBGP routes. Valid values are Integer or keyword 'default'. | Optional | +| distance_local | Sets the administrative distance for local BGP routes. Valid values are Integer or keyword 'default'. | Optional | +| inject_map | An array of route-map names which will specify prefixes to inject. Each array entry must first specify the inject-map name, secondly an exist-map name, and optionally the copy-attributes keyword which indicates that attributes should be copied from the aggregate. For example [['lax_inject_map', 'lax_exist_map'], ['nyc_inject_map', 'nyc_exist_map', 'copy-attributes'], ['fsd_inject_map', 'fsd_exist_map']]. | Optional | +| maximum_paths | Configures the maximum number of equal-cost paths for load sharing. Valid value is an integer in the range 1-64. | Optional | +| maximum_paths_ibgp | Configures the maximum number of ibgp equal-cost paths for load sharing. Valid value is an integer in the range 1-64. | Optional | +| networks | Networks to configure. Valid value is a list of network prefixes to advertise. The list must be in the form of an array. Each entry in the array must include a prefix address and an optional route-map. For example [['10.0.0.0/16', 'routemap_LA'], ['192.168.1.1', 'Chicago'], ['192.168.2.0/24'], ['1.1.1.1/24', 'routemap_NYC']]. | Optional | +| next_hop_route_map | Configure a route-map for valid nexthops. Valid values are a string defining the name of the route-map. | Optional | +| redistribute | A list of redistribute directives. Multiple redistribute entries are allowed. The list must be in the form of a nested array. the first entry of each array defines the source-protocol to redistribute from; the second entry defines a route-map name. A route-map is highly advised but may be optional on some platforms, in which case it may be omitted from the array list. For example [['direct', 'rm_direct'], ['lisp', 'rm_lisp']]. | Optional | +| suppress_inactive | Advertises only active routes to peers. | Optional | +| table_map | Apply table-map to filter routes downloaded into URIB. Valid values are a string. | Optional | +| table_map_filter | Filters routes rejected by the route-map and does not download them to the RIB. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosBgpAf.commands | unknown | commands sent to the device | + + + +### nxos-bgp-neighbor +*** +Manages BGP neighbors configurations. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_neighbor_module.html + + +#### Base Command + +`nxos-bgp-neighbor` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| asn | BGP autonomous system number. Valid values are string, Integer in ASPLAIN or ASDOT notation. | Required | +| vrf | Name of the VRF. The name 'default' is a valid VRF representing the global bgp. Default is default. | Optional | +| neighbor | Neighbor Identifier. Valid values are string. Neighbors may use IPv4 or IPv6 notation, with or without prefix length. | Required | +| description | Description of the neighbor. | Optional | +| bfd | Enables/Disables BFD for a given neighbor. Dependency: 'feature bfd'. Possible values are: enable, disable. | Optional | +| connected_check | Configure whether or not to check for directly connected peer. | Optional | +| capability_negotiation | Configure whether or not to negotiate capability with this neighbor. | Optional | +| dynamic_capability | Configure whether or not to enable dynamic capability. | Optional | +| ebgp_multihop | Specify multihop TTL for a remote peer. Valid values are integers between 2 and 255, or keyword 'default' to disable this property. | Optional | +| local_as | Specify the local-as number for the eBGP neighbor. Valid values are String or Integer in ASPLAIN or ASDOT notation, or 'default', which means not to configure it. | Optional | +| log_neighbor_changes | Specify whether or not to enable log messages for neighbor up/down event. Possible values are: enable, disable, inherit. | Optional | +| low_memory_exempt | Specify whether or not to shut down this neighbor under memory pressure. | Optional | +| maximum_peers | Specify Maximum number of peers for this neighbor prefix Valid values are between 1 and 1000, or 'default', which does not impose the limit. Note that this parameter is accepted only on neighbors with address/prefix. | Optional | +| pwd | Specify the password for neighbor. Valid value is string. | Optional | +| pwd_type | Specify the encryption type the password will use. Valid values are '3des' or 'cisco_type_7' encryption or keyword 'default'. Possible values are: 3des, cisco_type_7, default. | Optional | +| remote_as | Specify Autonomous System Number of the neighbor. Valid values are String or Integer in ASPLAIN or ASDOT notation, or 'default', which means not to configure it. | Optional | +| remove_private_as | Specify the config to remove private AS number from outbound updates. Valid values are 'enable' to enable this config, 'disable' to disable this config, 'all' to remove all private AS number, or 'replace-as', to replace the private AS number. Possible values are: enable, disable, all, replace-as. | Optional | +| shutdown | Configure to administratively shutdown this neighbor. | Optional | +| suppress_4_byte_as | Configure to suppress 4-byte AS Capability. | Optional | +| timers_keepalive | Specify keepalive timer value. Valid values are integers between 0 and 3600 in terms of seconds, or 'default', which is 60. | Optional | +| timers_holdtime | Specify holdtime timer value. Valid values are integers between 0 and 3600 in terms of seconds, or 'default', which is 180. | Optional | +| transport_passive_only | Specify whether or not to only allow passive connection setup. Valid values are 'true', 'false', and 'default', which defaults to 'false'. This property can only be configured when the neighbor is in 'ip' address format without prefix length. | Optional | +| update_source | Specify source interface of BGP session and updates. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosBgpNeighbor.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-bgp-neighbor host="192.168.1.19" asn="65535" neighbor="1.1.1.1" local_as="20" remote_as="30" bfd="enable" description="just a description" update_source="Ethernet1/3" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosBgpNeighbor": { + "changed": true, + "commands": [ + "router bgp 65535", + "neighbor 1.1.1.1", + "bfd", + "description just a description", + "remote-as 30", + "update-source Ethernet1/3", + "local-as 20" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: router bgp 65535 +> * 1: neighbor 1.1.1.1 +> * 2: bfd +> * 3: description just a description +> * 4: remote-as 30 +> * 5: update-source Ethernet1/3 +> * 6: local-as 20 + +### nxos-bgp-neighbor-af +*** +Manages BGP address-family's neighbors configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_bgp_neighbor_af_module.html + + +#### Base Command + +`nxos-bgp-neighbor-af` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| asn | BGP autonomous system number. Valid values are String, Integer in ASPLAIN or ASDOT notation. | Required | +| vrf | Name of the VRF. The name 'default' is a valid VRF representing the global bgp. Default is default. | Optional | +| neighbor | Neighbor Identifier. Valid values are string. Neighbors may use IPv4 or IPv6 notation, with or without prefix length. | Required | +| afi | Address Family Identifier. Possible values are: ipv4, ipv6, vpnv4, vpnv6, l2vpn. | Required | +| safi | Sub Address Family Identifier. Possible values are: unicast, multicast, evpn. | Required | +| additional_paths_receive | Valid values are enable for basic command enablement; disable for disabling the command at the neighbor af level (it adds the disable keyword to the basic command); and inherit to remove the command at this level (the command value is inherited from a higher BGP layer). Possible values are: enable, disable, inherit. | Optional | +| additional_paths_send | Valid values are enable for basic command enablement; disable for disabling the command at the neighbor af level (it adds the disable keyword to the basic command); and inherit to remove the command at this level (the command value is inherited from a higher BGP layer). Possible values are: enable, disable, inherit. | Optional | +| advertise_map_exist | Conditional route advertisement. This property requires two route maps, an advertise-map and an exist-map. Valid values are an array specifying both the advertise-map name and the exist-map name, or simply 'default' e.g. ['my_advertise_map', 'my_exist_map']. This command is mutually exclusive with the advertise_map_non_exist property. | Optional | +| advertise_map_non_exist | Conditional route advertisement. This property requires two route maps, an advertise-map and an exist-map. Valid values are an array specifying both the advertise-map name and the non-exist-map name, or simply 'default' e.g. ['my_advertise_map', 'my_non_exist_map']. This command is mutually exclusive with the advertise_map_exist property. | Optional | +| allowas_in | Activate allowas-in property. | Optional | +| allowas_in_max | Max-occurrences value for allowas_in. Valid values are an integer value or 'default'. This is mutually exclusive with allowas_in. | Optional | +| as_override | Activate the as-override feature. | Optional | +| default_originate | Activate the default-originate feature. | Optional | +| default_originate_route_map | Route-map for the default_originate property. Valid values are a string defining a route-map name, or 'default'. This is mutually exclusive with default_originate. | Optional | +| disable_peer_as_check | Disable checking of peer AS-number while advertising. | Optional | +| filter_list_in | Valid values are a string defining a filter-list name, or 'default'. | Optional | +| filter_list_out | Valid values are a string defining a filter-list name, or 'default'. | Optional | +| max_prefix_limit | maximum-prefix limit value. Valid values are an integer value or 'default'. | Optional | +| max_prefix_interval | Optional restart interval. Valid values are an integer. Requires max_prefix_limit. May not be combined with max_prefix_warning. | Optional | +| max_prefix_threshold | Optional threshold percentage at which to generate a warning. Valid values are an integer value. Requires max_prefix_limit. | Optional | +| max_prefix_warning | Optional warning-only keyword. Requires max_prefix_limit. May not be combined with max_prefix_interval. | Optional | +| next_hop_self | Activate the next-hop-self feature. | Optional | +| next_hop_third_party | Activate the next-hop-third-party feature. | Optional | +| prefix_list_in | Valid values are a string defining a prefix-list name, or 'default'. | Optional | +| prefix_list_out | Valid values are a string defining a prefix-list name, or 'default'. | Optional | +| route_map_in | Valid values are a string defining a route-map name, or 'default'. | Optional | +| route_map_out | Valid values are a string defining a route-map name, or 'default'. | Optional | +| route_reflector_client | Router reflector client. | Optional | +| send_community | send-community attribute. Possible values are: none, both, extended, standard, default. | Optional | +| soft_reconfiguration_in | Valid values are 'enable' for basic command enablement; 'always' to add the always keyword to the basic command; and 'inherit' to remove the command at this level (the command value is inherited from a higher BGP layer). Possible values are: enable, always, inherit. | Optional | +| soo | Site-of-origin. Valid values are a string defining a VPN extcommunity or 'default'. | Optional | +| suppress_inactive | suppress-inactive feature. | Optional | +| unsuppress_map | unsuppress-map. Valid values are a string defining a route-map name or 'default'. | Optional | +| weight | Weight value. Valid values are an integer value or 'default'. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosBgpNeighborAf.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-bgp-neighbor-af host="192.168.1.19" asn="65535" neighbor="1.1.1.1" afi="ipv4" safi="unicast" route_reflector_client="True" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosBgpNeighborAf": { + "changed": true, + "commands": [ + "router bgp 65535", + "neighbor 1.1.1.1", + "address-family ipv4 unicast", + "route-reflector-client" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: router bgp 65535 +> * 1: neighbor 1.1.1.1 +> * 2: address-family ipv4 unicast +> * 3: route-reflector-client +### nxos-command +*** +Run arbitrary command on Cisco NXOS devices + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_command_module.html + + +#### Base Command + +`nxos-command` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| commands | The commands to send to the remote NXOS device. The resulting output from the command is returned. If the `wait_for` argument is provided, the module is not returned until the condition is satisfied or the number of retires as expired. The `commands` argument also accepts an alternative form that allows for complex values that specify the command to run and the output format to return. This can be done on a command by command basis. The complex argument supports the keywords `command` and `output` where `command` is the command to run and `output` is one of 'text' or 'json'. | Required | +| wait_for | Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured retries, the task fails. See examples. | Optional | +| match | The `match` argument is used in conjunction with the `wait_for` argument to specify the match policy. Valid values are `all` or `any`. If the value is set to `all` then all conditionals in the `wait_for` must be satisfied. If the value is set to `any` then only one of the values must be satisfied. Default is all. | Optional | +| retries | Specifies the number of retries a command should by tried before it is considered failed. The command is run on the target device every retry and evaluated against the `wait_for` conditionals. Default is 10. | Optional | +| interval | Configures the interval in seconds to wait between retries of the command. If the command does not pass the specified conditional, the interval indicates how to long to wait before trying the command again. Default is 1. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosCommand.stdout | unknown | The set of responses from the commands | +| CiscoNXOS.NxosCommand.stdout_lines | unknown | The value of stdout split into a list | +| CiscoNXOS.NxosCommand.failed_conditions | unknown | The list of conditionals that have failed | + + +#### Command Example +```!nxos-command host="192.168.1.19" commands="show version" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosCommand": { + "changed": false, + "host": "192.168.1.19", + "status": "SUCCESS", + "stdout": [ + "Cisco Nexus Operating System (NX-OS) Software\nTAC support: http://www.cisco.com/tac\nDocuments: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html\nCopyright (c) 2002-2019, Cisco Systems, Inc. All rights reserved.\nThe copyrights to certain works contained herein are owned by\nother third parties and are used and distributed under license.\nSome parts of this software are covered under the GNU Public\nLicense. A copy of the license is available at\nhttp://www.gnu.org/licenses/gpl.html.\n\nNexus 9000v is a demo version of the Nexus Operating System\n\nSoftware\n BIOS: version \n NXOS: version 9.3(3)\n BIOS compile time: \n NXOS image file is: bootflash:///nxos.9.3.3.bin\n NXOS compile time: 12/22/2019 2:00:00 [12/22/2019 14:00:37]\n\n\nHardware\n cisco Nexus9000 C9500v Chassis (\"Supervisor Module\")\n with 7837092 kB of memory.\n Processor Board ID 9ESGSKDKPR0\n\n Device name: n9kv01\n bootflash: 4287040 kB\nKernel uptime is 0 day(s), 8 hour(s), 56 minute(s), 55 second(s)\n\nLast reset \n Reason: Unknown\n System version: \n Service: \n\nplugin\n Core Plugin, Ethernet Plugin\n\nActive Package(s):" + ], + "stdout_lines": [ + [ + "Cisco Nexus Operating System (NX-OS) Software", + "TAC support: http://www.cisco.com/tac", + "Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html", + "Copyright (c) 2002-2019, Cisco Systems, Inc. All rights reserved.", + "The copyrights to certain works contained herein are owned by", + "other third parties and are used and distributed under license.", + "Some parts of this software are covered under the GNU Public", + "License. A copy of the license is available at", + "http://www.gnu.org/licenses/gpl.html.", + "", + "Nexus 9000v is a demo version of the Nexus Operating System", + "", + "Software", + " BIOS: version ", + " NXOS: version 9.3(3)", + " BIOS compile time: ", + " NXOS image file is: bootflash:///nxos.9.3.3.bin", + " NXOS compile time: 12/22/2019 2:00:00 [12/22/2019 14:00:37]", + "", + "", + "Hardware", + " cisco Nexus9000 C9500v Chassis (\"Supervisor Module\")", + " with 7837092 kB of memory.", + " Processor Board ID 9ESGSKDKPR0", + "", + " Device name: n9kv01", + " bootflash: 4287040 kB", + "Kernel uptime is 0 day(s), 8 hour(s), 56 minute(s), 55 second(s)", + "", + "Last reset ", + " Reason: Unknown", + " System version: ", + " Service: ", + "", + "plugin", + " Core Plugin, Ethernet Plugin", + "", + "Active Package(s):" + ] + ] + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Stdout +> * 0: Cisco Nexus Operating System (NX-OS) Software +>TAC support: http://www.cisco.com/tac +>Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html +>Copyright (c) 2002-2019, Cisco Systems, Inc. All rights reserved. +>The copyrights to certain works contained herein are owned by +>other third parties and are used and distributed under license. +>Some parts of this software are covered under the GNU Public +>License. A copy of the license is available at +>http://www.gnu.org/licenses/gpl.html. +> +>Nexus 9000v is a demo version of the Nexus Operating System +> +>Software +> BIOS: version +> NXOS: version 9.3(3) +> BIOS compile time: +> NXOS image file is: bootflash:///nxos.9.3.3.bin +> NXOS compile time: 12/22/2019 2:00:00 [12/22/2019 14:00:37] +> +> +>Hardware +> cisco Nexus9000 C9500v Chassis ("Supervisor Module") +> with 7837092 kB of memory. +> Processor Board ID 9ESGSKDKPR0 +> +> Device name: n9kv01 +> bootflash: 4287040 kB +>Kernel uptime is 0 day(s), 8 hour(s), 56 minute(s), 55 second(s) +> +>Last reset +> Reason: Unknown +> System version: +> Service: +> +>plugin +> Core Plugin, Ethernet Plugin +> +>Active Package(s): +> * ## Stdout_Lines +> * ## List +> * 0: Cisco Nexus Operating System (NX-OS) Software +> * 1: TAC support: http://www.cisco.com/tac +> * 2: Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html +> * 3: Copyright (c) 2002-2019, Cisco Systems, Inc. All rights reserved. +> * 4: The copyrights to certain works contained herein are owned by +> * 5: other third parties and are used and distributed under license. +> * 6: Some parts of this software are covered under the GNU Public +> * 7: License. A copy of the license is available at +> * 8: http://www.gnu.org/licenses/gpl.html. +> * 9: +> * 10: Nexus 9000v is a demo version of the Nexus Operating System +> * 9: +> * 12: Software +> * 13: BIOS: version +> * 14: NXOS: version 9.3(3) +> * 15: BIOS compile time: +> * 16: NXOS image file is: bootflash:///nxos.9.3.3.bin +> * 17: NXOS compile time: 12/22/2019 2:00:00 [12/22/2019 14:00:37] +> * 9: +> * 9: +> * 20: Hardware +> * 21: cisco Nexus9000 C9500v Chassis ("Supervisor Module") +> * 22: with 7837092 kB of memory. +> * 23: Processor Board ID 9ESGSKDKPR0 +> * 9: +> * 25: Device name: n9kv01 +> * 26: bootflash: 4287040 kB +> * 27: Kernel uptime is 0 day(s), 8 hour(s), 56 minute(s), 55 second(s) +> * 9: +> * 29: Last reset +> * 30: Reason: Unknown +> * 31: System version: +> * 32: Service: +> * 9: +> * 34: plugin +> * 35: Core Plugin, Ethernet Plugin +> * 9: +> * 37: Active Package(s): + + +### nxos-config +*** +Manage Cisco NXOS configuration sections + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_config_module.html + + +#### Base Command + +`nxos-config` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| lines | The ordered set of commands that should be configured in the section. The commands must be the exact same commands as found in the device running-config. Be sure to note the configuration command syntax as some commands are automatically modified by the device config parser. | Optional | +| parents | The ordered set of parents that uniquely identify the section or hierarchy the commands should be checked against. If the parents argument is omitted, the commands are checked against the set of top level or global commands. | Optional | +| src | The `src` argument provides a path to the configuration file to load into the remote system. The path can either be a full system path to the configuration file if the value starts with / or relative to the root of the implemented role or playbook. This argument is mutually exclusive with the `lines` and `parents` arguments. | Optional | +| replace_src | The `replace_src` argument provides path to the configuration file to load into the remote system. This argument is used to replace the entire config with a flat-file. This is used with argument `replace` with value `config`. This is mutually exclusive with the `lines` and `src` arguments. This argument is supported on Nexus 9K device. Use `nxos_file_copy` module to copy the flat file to remote device and then use the path with this argument. | Optional | +| before | The ordered set of commands to push on to the command stack if a change needs to be made. This allows the playbook designer the opportunity to perform configuration commands prior to pushing any changes without affecting how the set of commands are matched against the system. | Optional | +| after | The ordered set of commands to append to the end of the command stack if a change needs to be made. Just like with `before` this allows the playbook designer to append a set of commands to be executed after the command set. | Optional | +| match | Instructs the module on the way to perform the matching of the set of commands against the current device config. If match is set to `line`, commands are matched line by line. If match is set to `strict`, command lines are matched with respect to position. If match is set to `exact`, command lines must be an equal match. Finally, if match is set to `none`, the module will not attempt to compare the source configuration with the running configuration on the remote device. Possible values are: line, strict, exact, none. Default is line. | Optional | +| replace | Instructs the module on the way to perform the configuration on the device. If the replace argument is set to `line` then the modified lines are pushed to the device in configuration mode. If the replace argument is set to `block` then the entire command block is pushed to the device in configuration mode if any line is not correct. replace `config` is supported only on Nexus 9K device. Possible values are: line, block, config. Default is line. | Optional | +| backup | This argument will cause the module to create a full backup of the current `running-config` from the remote device before any changes are made. If the `backup_options` value is not given, the backup file is written to the `backup` folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created. Default is no. | Optional | +| running_config | The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The `running_config` argument allows the implementer to pass in the configuration to use as the base config for comparison. | Optional | +| defaults | The `defaults` argument will influence how the running-config is collected from the device. When the value is set to true, the command used to collect the running-config is append with the all keyword. When the value is set to false, the command is issued without the all keyword. Default is no. | Optional | +| save_when | When changes are made to the device running-configuration, the changes are not copied to non-volatile storage by default. Using this argument will change that before. If the argument is set to `always`, then the running-config will always be copied to the startup-config and the `modified` flag will always be set to True. If the argument is set to `modified`, then the running-config will only be copied to the startup-config if it has changed since the last save to startup-config. If the argument is set to `never`, the running-config will never be copied to the startup-config. If the argument is set to `changed`, then the running-config will only be copied to the startup-config if the task has made a change. `changed` was added in Ansible 2.6. Possible values are: always, never, modified, changed. Default is never. | Optional | +| diff_against | When using the `ansible-playbook --diff` command line argument the module can generate diffs against different sources. When this option is configure as `startup`, the module will return the diff of the running-config against the startup-config. When this option is configured as `intended`, the module will return the diff of the running-config against the configuration provided in the `intended_config` argument. When this option is configured as `running`, the module will return the before and after diff of the running-config with respect to any changes made to the device configuration. Possible values are: startup, intended, running. Default is startup. | Optional | +| diff_ignore_lines | Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches. | Optional | +| intended_config | The `intended_config` provides the master configuration that the node should conform to and is used to check the final running-config against. This argument will not modify any settings on the remote device and is strictly used to check the compliance of the current device's configuration against. When specifying this argument, the task should also modify the `diff_against` value and set it to `intended`. | Optional | +| backup_options | This is a dict object containing configurable options related to backup file path. The value of this option is read only when `backup` is set to `True`, if `backup` is set to `false` this option will be silently ignored. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosConfig.commands | unknown | The set of commands that will be pushed to the remote device | +| CiscoNXOS.NxosConfig.updates | unknown | The set of commands that will be pushed to the remote device | +| CiscoNXOS.NxosConfig.backup_path | string | The full path to the backup file | +| CiscoNXOS.NxosConfig.filename | string | The name of the backup file | +| CiscoNXOS.NxosConfig.shortname | string | The full path to the backup file excluding the timestamp | +| CiscoNXOS.NxosConfig.date | string | The date extracted from the backup file name | +| CiscoNXOS.NxosConfig.time | string | The time extracted from the backup file name | + + +#### Command Example +```!nxos-config host="192.168.1.19" lines="hostname n9kv01" save_when="modified" backup=yes``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosConfig": { + "backup_path": "./backup/192.168.1.19_config.2021-07-11@00:43:34", + "changed": true, + "commands": [ + "hostname n9kv01" + ], + "date": "2021-07-11", + "filename": "192.168.1.19_config.2021-07-11@00:43:34", + "host": "192.168.1.19", + "shortname": "./backup/192.168.1.19_config", + "status": "CHANGED", + "time": "00:43:34", + "updates": [ + "hostname n9kv01" + ] + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * backup_path: ./backup/192.168.1.19_config.2021-07-11@00:43:34 +> * changed: True +> * date: 2021-07-11 +> * filename: 192.168.1.19_config.2021-07-11@00:43:34 +> * shortname: ./backup/192.168.1.19_config +> * time: 00:43:34 +> * ## Commands +> * 0: hostname n9kv01 +> * ## Updates +> * 0: hostname n9kv01 + +### nxos-evpn-global +*** +Handles the EVPN control plane for VXLAN. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_evpn_global_module.html + + +#### Base Command + +`nxos-evpn-global` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| nv_overlay_evpn | EVPN control plane. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosEvpnGlobal.commands | unknown | The set of commands to be sent to the remote device | + + +#### Command Example +```!nxos-evpn-global host="192.168.1.19" nv_overlay_evpn="True" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosEvpnGlobal": { + "changed": true, + "commands": [ + "nv overlay evpn" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: nv overlay evpn + + +### nxos-evpn-vni +*** +Manages Cisco EVPN VXLAN Network Identifier (VNI). + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_evpn_vni_module.html + + +#### Base Command + +`nxos-evpn-vni` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| vni | The EVPN VXLAN Network Identifier. | Required | +| route_distinguisher | The VPN Route Distinguisher (RD). The RD is combined with the IPv4 or IPv6 prefix learned by the PE router to create a globally unique address. | Required | +| route_target_both | Enables/Disables route-target settings for both import and export target communities using a single property. | Optional | +| route_target_import | Sets the route-target 'import' extended communities. | Optional | +| route_target_export | Sets the route-target 'export' extended communities. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosEvpnVni.commands | unknown | commands sent to the device | + + + +### nxos-facts +*** +Gets facts about NX-OS switches + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_facts_module.html + + +#### Base Command + +`nxos-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| gather_subset | When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, hardware, config, legacy, and interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial `M(!`) to specify that a specific subset should not be collected. Default is !config. | Optional | +| gather_network_resources | When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all and the resources like interfaces, vlans etc. Can specify a list of values to include a larger subset. Values can also be used with an initial `M(!`) to specify that a specific subset should not be collected. Valid subsets are 'all', 'bfd_interfaces', 'lag_interfaces', 'telemetry', 'vlans', 'lacp', 'lacp_interfaces', 'interfaces', 'l3_interfaces', 'l2_interfaces', 'lldp_global'. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosFacts.ansible_net_gather_subset | unknown | The list of fact subsets collected from the device | +| CiscoNXOS.NxosFacts.ansible_net_gather_network_resources | unknown | The list of fact for network resource subsets collected from the device | +| CiscoNXOS.NxosFacts.ansible_net_model | string | The model name returned from the device | +| CiscoNXOS.NxosFacts.ansible_net_serialnum | string | The serial number of the remote device | +| CiscoNXOS.NxosFacts.ansible_net_version | string | The operating system version running on the remote device | +| CiscoNXOS.NxosFacts.ansible_net_hostname | string | The configured hostname of the device | +| CiscoNXOS.NxosFacts.ansible_net_image | string | The image file the device is running | +| CiscoNXOS.NxosFacts.ansible_net_api | string | The name of the transport | +| CiscoNXOS.NxosFacts.ansible_net_license_hostid | string | The License host id of the device | +| CiscoNXOS.NxosFacts.ansible_net_python_version | string | The Python version Ansible controller is using | +| CiscoNXOS.NxosFacts.ansible_net_filesystems | unknown | All file system names available on the device | +| CiscoNXOS.NxosFacts.ansible_net_memfree_mb | number | The available free memory on the remote device in Mb | +| CiscoNXOS.NxosFacts.ansible_net_memtotal_mb | number | The total memory on the remote device in Mb | +| CiscoNXOS.NxosFacts.ansible_net_config | string | The current active config from the device | +| CiscoNXOS.NxosFacts.ansible_net_all_ipv4_addresses | unknown | All IPv4 addresses configured on the device | +| CiscoNXOS.NxosFacts.ansible_net_all_ipv6_addresses | unknown | All IPv6 addresses configured on the device | +| CiscoNXOS.NxosFacts.ansible_net_interfaces | unknown | A hash of all interfaces running on the system | +| CiscoNXOS.NxosFacts.ansible_net_neighbors | unknown | The list of LLDP and CDP neighbors from the device. If both, CDP and LLDP neighbor data is present on one port, CDP is preferred. | +| CiscoNXOS.NxosFacts.fan_info | unknown | A hash of facts about fans in the remote device | +| CiscoNXOS.NxosFacts.hostname | unknown | The configured hostname of the remote device | +| CiscoNXOS.NxosFacts.interfaces_list | unknown | The list of interface names on the remote device | +| CiscoNXOS.NxosFacts.kickstart | string | The software version used to boot the system | +| CiscoNXOS.NxosFacts.module | unknown | A hash of facts about the modules in a remote device | +| CiscoNXOS.NxosFacts.platform | string | The hardware platform reported by the remote device | +| CiscoNXOS.NxosFacts.power_supply_info | string | A hash of facts about the power supplies in the remote device | +| CiscoNXOS.NxosFacts.vlan_list | unknown | The list of VLAN IDs configured on the remote device | + + +#### Command Example +```!nxos-facts host="192.168.1.19" gather_subset="all" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosFacts": { + "discovered_interpreter_python": "/usr/local/bin/python", + "host": "192.168.1.19", + "net__hostname": "192.168.1.19", + "net__os": "9.3(3)", + "net__platform": "Nexus9000 C9500v Chassis", + "net_all_ipv4_addresses": [ + "192.168.1.19" + ], + "net_all_ipv6_addresses": [], + "net_api": "cliconf", + "net_config": "!Command: show running-config\n!Running configuration last done at: Sat Jul 10 23:00:14 2021\n!Time: Sat Jul 10 23:00:57 2021\n\nversion 9.3(3) Bios:version \nhostname 192.168.1.19\nvdc 192.168.1.19 id 1\n limit-resource vlan minimum 16 maximum 4094\n limit-resource vrf minimum 2 maximum 4096\n limit-resource port-channel minimum 0 maximum 511\n limit-resource u4route-mem minimum 248 maximum 248\n limit-resource u6route-mem minimum 96 maximum 96\n limit-resource m4route-mem minimum 58 maximum 58\n limit-resource m6route-mem minimum 8 maximum 8\n\nnv overlay evpn\nfeature bfd\nclock protocol none vdc 1\n\nusername admin password 5 $5$GYWPMp8g$uCosvTBewY0RcsJx/XB4e92DceRU8J4mvDI1JztQtG3 role network-admin\nip domain-lookup\nradius-server timeout 9\nradius-server deadtime 20\nradius-server host 1.2.3.4 acct-port 2084 authentication accounting timeout 10 \nsystem default switchport\nip access-list ANSIBLE\n 10 permit tcp 192.0.2.1/24 any \nbfd interval 50 min_rx 50 multiplier 4\nsnmp-server user admin network-admin auth md5 0x4f14136eab1027c832da1709141f5070 priv 0x4f14136eab1027c832da1709141f5070 localizedkey\nrmon event 1 description FATAL(1) owner PMON@FATAL\nrmon event 2 description CRITICAL(2) owner PMON@CRITICAL\nrmon event 3 description ERROR(3) owner PMON@ERROR\nrmon event 4 description WARNING(4) owner PMON@WARNING\nrmon event 5 description INFORMATION(5) owner PMON@INFO\nradius-server directed-request \n\nvlan 1\n\nvrf context management\n ip domain-name lan\n ip name-server 192.168.1.1\n ip route 0.0.0.0/0 192.168.1.1\n\ninterface Ethernet1/1\n\ninterface Ethernet1/2\n\ninterface Ethernet1/3\n\ninterface Ethernet1/4\n\ninterface Ethernet1/5\n\ninterface Ethernet1/6\n\ninterface Ethernet1/7\n\ninterface Ethernet1/8\n\ninterface Ethernet1/9\n\ninterface Ethernet1/10\n\ninterface Ethernet1/11\n\ninterface Ethernet1/12\n\ninterface Ethernet1/13\n\ninterface Ethernet1/14\n\ninterface Ethernet1/15\n\ninterface Ethernet1/16\n\ninterface Ethernet1/17\n\ninterface Ethernet1/18\n\ninterface Ethernet1/19\n\ninterface Ethernet1/20\n\ninterface Ethernet1/21\n\ninterface Ethernet1/22\n\ninterface Ethernet1/23\n\ninterface Ethernet1/24\n\ninterface Ethernet1/25\n\ninterface Ethernet1/26\n\ninterface Ethernet1/27\n\ninterface Ethernet1/28\n\ninterface Ethernet1/29\n\ninterface Ethernet1/30\n\ninterface Ethernet1/31\n\ninterface Ethernet1/32\n\ninterface Ethernet1/33\n\ninterface Ethernet1/34\n\ninterface Ethernet1/35\n\ninterface Ethernet1/36\n\ninterface Ethernet1/37\n\ninterface Ethernet1/38\n\ninterface Ethernet1/39\n\ninterface Ethernet1/40\n\ninterface Ethernet1/41\n\ninterface Ethernet1/42\n\ninterface Ethernet1/43\n\ninterface Ethernet1/44\n\ninterface Ethernet1/45\n\ninterface Ethernet1/46\n\ninterface Ethernet1/47\n\ninterface Ethernet1/48\n\ninterface Ethernet1/49\n\ninterface Ethernet1/50\n\ninterface Ethernet1/51\n\ninterface Ethernet1/52\n\ninterface Ethernet1/53\n\ninterface Ethernet1/54\n\ninterface Ethernet1/55\n\ninterface Ethernet1/56\n\ninterface Ethernet1/57\n\ninterface Ethernet1/58\n\ninterface Ethernet1/59\n\ninterface Ethernet1/60\n\ninterface Ethernet1/61\n\ninterface Ethernet1/62\n\ninterface Ethernet1/63\n\ninterface Ethernet1/64\n\ninterface mgmt0\n description DHCP Configuration for PnP\n vrf member management\n ip address 192.168.1.19/24\nline console\nline vty\nno system default switchport shutdown\n", + "net_fan_info": [], + "net_features_enabled": [ + "bfd" + ], + "net_filesystems": [ + "bootflash:" + ], + "net_gather_network_resources": [], + "net_gather_subset": [ + "interfaces", + "config", + "hardware", + "legacy", + "default", + "features" + ], + "net_hostname": "192.168.1.19", + "net_image": "bootflash:///nxos.9.3.3.bin", + "net_interfaces": { + "Ethernet1/1": { + "bandwidth": "1000000", + "duplex": "full", + "macaddress": "0cc2.8a00.0101", + "mode": "access", + "mtu": "1500", + "speed": "1000 Mb/s", + "state": "up", + "type": "100/1000/10000 Ethernet" + }, + "mgmt0": { + "bandwidth": "1000000", + "description": "DHCP Configuration for PnP", + "duplex": "full", + "ipv4": { + "address": "192.168.1.19", + "masklen": "24" + }, + "macaddress": "0c05.2bc2.8a00", + "mtu": "1500", + "speed": "1000 Mb/s", + "state": "up", + "type": "GigabitEthernet" + } + }, + "net_interfaces_list": [ + "mgmt0", + "Ethernet1/1", + ], + "net_license_hostid": "91EMAC025KL", + "net_memfree_mb": 3965.3359375, + "net_memtotal_mb": 7653.41015625, + "net_model": "Nexus9000 C9500v Chassis (\"Supervisor Module\")", + "net_module": [ + { + "model": "N9K-X9564v", + "ports": "64", + "status": "ok", + "type": "Nexus 9000v 64 port Ethernet Module" + }, + { + "model": "N9K-vSUP", + "ports": "0", + "status": "active *", + "type": "Virtual Supervisor Module" + } + ], + "net_neighbors": {}, + "net_platform": "N9K-C9500v", + "net_python_version": "3.9.5", + "net_serialnum": "9ESGSKDKPR0", + "net_system": "nxos", + "net_version": "9.3(3)", + "net_vlan_list": [ + "1" + ], + "network_resources": {}, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * net__hostname: 192.168.1.19 +> * net__os: 9.3(3) +> * net__platform: Nexus9000 C9500v Chassis +> * net_api: cliconf +> * net_config: !Command: show running-config +>!Running configuration last done at: Sat Jul 10 23:00:14 2021 +>!Time: Sat Jul 10 23:00:57 2021 +> +>version 9.3(3) Bios:version +>hostname 192.168.1.19 +>vdc 192.168.1.19 id 1 +> limit-resource vlan minimum 16 maximum 4094 +> limit-resource vrf minimum 2 maximum 4096 +> limit-resource port-channel minimum 0 maximum 511 +> limit-resource u4route-mem minimum 248 maximum 248 +> limit-resource u6route-mem minimum 96 maximum 96 +> limit-resource m4route-mem minimum 58 maximum 58 +> limit-resource m6route-mem minimum 8 maximum 8 +> +>nv overlay evpn +>feature bfd +>clock protocol none vdc 1 +> +>username admin password 5 $5$GYWPMp8g$uCosvTBewY0RcsJx/XB4e92DceRU8J4mvDI1JztQtG3 role network-admin +>ip domain-lookup +>radius-server timeout 9 +>radius-server deadtime 20 +>radius-server host 1.2.3.4 acct-port 2084 authentication accounting timeout 10 +>system default switchport +>ip access-list ANSIBLE +> 10 permit tcp 192.0.2.1/24 any +>bfd interval 50 min_rx 50 multiplier 4 +>snmp-server user admin network-admin auth md5 0x4f14136eab1027c832da1709141f5070 priv 0x4f14136eab1027c832da1709141f5070 localizedkey +>rmon event 1 description FATAL(1) owner PMON@FATAL +>rmon event 2 description CRITICAL(2) owner PMON@CRITICAL +>rmon event 3 description ERROR(3) owner PMON@ERROR +>rmon event 4 description WARNING(4) owner PMON@WARNING +>rmon event 5 description INFORMATION(5) owner PMON@INFO +>radius-server directed-request +> +>vlan 1 +> +>vrf context management +> ip domain-name lan +> ip name-server 192.168.1.1 +> ip route 0.0.0.0/0 192.168.1.1 +> +>interface Ethernet1/1 +> +> +>interface mgmt0 +> description DHCP Configuration for PnP +> vrf member management +> ip address 192.168.1.19/24 +>line console +>line vty +>no system default switchport shutdown +> +> * net_hostname: 192.168.1.19 +> * net_image: bootflash:///nxos.9.3.3.bin +> * net_license_hostid: 91EMAC025KL +> * net_memfree_mb: 3965.3359375 +> * net_memtotal_mb: 7653.41015625 +> * net_model: Nexus9000 C9500v Chassis ("Supervisor Module") +> * net_platform: N9K-C9500v +> * net_python_version: 3.9.5 +> * net_serialnum: 9ESGSKDKPR0 +> * net_system: nxos +> * net_version: 9.3(3) +> * discovered_interpreter_python: /usr/local/bin/python +> * ## Net_All_Ipv4_Addresses +> * 0: 192.168.1.19 +> * ## Net_All_Ipv6_Addresses +> * ## Net_Fan_Info +> * ## Net_Features_Enabled +> * 0: bfd +> * ## Net_Filesystems +> * 0: bootflash: +> * ## Net_Gather_Network_Resources +> * ## Net_Gather_Subset +> * 0: interfaces +> * 1: config +> * 2: hardware +> * 3: legacy +> * 4: default +> * 5: features +> * ## Net_Interfaces +> * ### Ethernet1/1 +> * bandwidth: 1000000 +> * duplex: full +> * macaddress: 0cc2.8a00.0101 +> * mode: access +> * mtu: 1500 +> * speed: 1000 Mb/s +> * state: up +> * type: 100/1000/10000 Ethernet +> * ### Mgmt0 +> * bandwidth: 1000000 +> * description: DHCP Configuration for PnP +> * duplex: full +> * macaddress: 0c05.2bc2.8a00 +> * mtu: 1500 +> * speed: 1000 Mb/s +> * state: up +> * type: GigabitEthernet +> * #### Ipv4 +> * address: 192.168.1.19 +> * masklen: 24 +> * ## Net_Interfaces_List +> * 0: mgmt0 +> * 1: Ethernet1/1 +> * ## Net_Module +> * ## List +> * model: N9K-X9564v +> * ports: 64 +> * status: ok +> * type: Nexus 9000v 64 port Ethernet Module +> * ## List +> * model: N9K-vSUP +> * ports: 0 +> * status: active * +> * type: Virtual Supervisor Module +> * ## Net_Neighbors +> * ## Net_Vlan_List +> * 0: 1 +> * ## Network_Resources + + +### nxos-feature +*** +Manage features in NX-OS switches. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_feature_module.html + + +#### Base Command + +`nxos-feature` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| feature | Name of feature. | Required | +| state | Desired state of the feature. Possible values are: enabled, disabled. Default is enabled. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosFeature.commands | unknown | The set of commands to be sent to the remote device | + + +#### Command Example +```!nxos-feature host="192.168.1.19" feature="lacp" state="enabled" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosFeature": { + "changed": true, + "commands": [ + "terminal dont-ask", + "feature lacp" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: terminal dont-ask +> * 1: feature lacp + + +### nxos-gir +*** +Trigger a graceful removal or insertion (GIR) of the switch. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_gir_module.html + + +#### Base Command + +`nxos-gir` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| system_mode_maintenance | When `system_mode_maintenance=true` it puts all enabled protocols in maintenance mode (using the isolate command). When `system_mode_maintenance=false` it puts all enabled protocols in normal mode (using the no isolate command). | Optional | +| system_mode_maintenance_dont_generate_profile | When `system_mode_maintenance_dont_generate_profile=true` it prevents the dynamic searching of enabled protocols and executes commands configured in a maintenance-mode profile. Use this option if you want the system to use a maintenance-mode profile that you have created. When `system_mode_maintenance_dont_generate_profile=false` it prevents the dynamic searching of enabled protocols and executes commands configured in a normal-mode profile. Use this option if you want the system to use a normal-mode profile that you have created. | Optional | +| system_mode_maintenance_timeout | Keeps the switch in maintenance mode for a specified number of minutes. Range is 5-65535. | Optional | +| system_mode_maintenance_shutdown | Shuts down all protocols, vPC domains, and interfaces except the management interface (using the shutdown command). This option is disruptive while `system_mode_maintenance` (which uses the isolate command) is not. | Optional | +| system_mode_maintenance_on_reload_reset_reason | Boots the switch into maintenance mode automatically in the event of a specified system crash. Note that not all reset reasons are applicable for all platforms. Also if reset reason is set to match_any, it is not idempotent as it turns on all reset reasons. If reset reason is match_any and state is absent, it turns off all the reset reasons. Possible values are: hw_error, svc_failure, kern_failure, wdog_timeout, fatal_error, lc_failure, match_any, manual_reload, any_other, maintenance. | Optional | +| state | Specify desired state of the resource. Possible values are: present, absent. Default is present. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosGir.final_system_mode | string | describe the last system mode | +| CiscoNXOS.NxosGir.updates | unknown | commands sent to the device | +| CiscoNXOS.NxosGir.changed | boolean | check to see if a change was made on the device | + + +#### Command Example +```!nxos-gir host="192.168.1.19" system_mode_maintenance="True"``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosGir": { + "changed": true, + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True + + +### nxos-gir-profile-management +*** +Create a maintenance-mode or normal-mode profile for GIR. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_gir_profile_management_module.html + + +#### Base Command + +`nxos-gir-profile-management` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| commands | List of commands to be included into the profile. | Optional | +| mode | Configure the profile as Maintenance or Normal mode. Possible values are: maintenance, normal. | Required | +| state | Specify desired state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosGirProfileManagement.proposed | unknown | list of commands passed into module. | +| CiscoNXOS.NxosGirProfileManagement.existing | unknown | list of existing profile commands. | +| CiscoNXOS.NxosGirProfileManagement.end_state | unknown | list of profile entries after module execution. | +| CiscoNXOS.NxosGirProfileManagement.updates | unknown | commands sent to the device | +| CiscoNXOS.NxosGirProfileManagement.changed | boolean | check to see if a change was made on the device | + + +#### Command Example +```!nxos-gir-profile-management host="192.168.1.19" mode="maintenance" commands="{{ ['router eigrp 11', 'isolate'] }}" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosGirProfileManagement": { + "changed": true, + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True + +### nxos-hsrp +*** +Manages HSRP configuration on NX-OS switches. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_hsrp_module.html + + +#### Base Command + +`nxos-hsrp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| group | HSRP group number. | Required | +| interface | Full name of interface that is being managed for HSRP. | Required | +| version | HSRP version. Possible values are: 1, 2. Default is 1. | Optional | +| priority | HSRP priority or keyword 'default'. | Optional | +| preempt | Enable/Disable preempt. Possible values are: enabled, disabled. | Optional | +| vip | HSRP virtual IP address or keyword 'default'. | Optional | +| auth_string | Authentication string. If this needs to be hidden(for md5 type), the string should be 7 followed by the key string. Otherwise, it can be 0 followed by key string or just key string (for backward compatibility). For text type, this should be just be a key string. if this is 'default', authentication is removed. | Optional | +| auth_type | Authentication type. Possible values are: text, md5. | Optional | +| state | Specify desired state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosHsrp.commands | unknown | commands sent to the device | + + + +### nxos-igmp +*** +Manages IGMP global configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_igmp_module.html + + +#### Base Command + +`nxos-igmp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| flush_routes | Removes routes when the IGMP process is restarted. By default, routes are not flushed. | Optional | +| enforce_rtr_alert | Enables or disables the enforce router alert option check for IGMPv2 and IGMPv3 packets. | Optional | +| restart | Restarts the igmp process (using an exec config command). | Optional | +| state | Manages desired state of the resource. Possible values are: present, default. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosIgmp.updates | unknown | commands sent to the device | + + +#### Command Example +```!nxos-igmp host="192.168.1.19" state="default" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosIgmp": { + "changed": false, + "host": "192.168.1.19", + "status": "SUCCESS", + "updates": [] + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Updates + + +### nxos-igmp-interface +*** +Manages IGMP interface configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_igmp_interface_module.html + + +#### Base Command + +`nxos-igmp-interface` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| interface | The full interface name for IGMP configuration. e.g. `Ethernet1/2`. | Required | +| version | IGMP version. It can be 2 or 3 or keyword 'default'. Possible values are: 2, 3, default. | Optional | +| startup_query_interval | Query interval used when the IGMP process starts up. The range is from 1 to 18000 or keyword 'default'. The default is 31. | Optional | +| startup_query_count | Query count used when the IGMP process starts up. The range is from 1 to 10 or keyword 'default'. The default is 2. | Optional | +| robustness | Sets the robustness variable. Values can range from 1 to 7 or keyword 'default'. The default is 2. | Optional | +| querier_timeout | Sets the querier timeout that the software uses when deciding to take over as the querier. Values can range from 1 to 65535 seconds or keyword 'default'. The default is 255 seconds. | Optional | +| query_mrt | Sets the response time advertised in IGMP queries. Values can range from 1 to 25 seconds or keyword 'default'. The default is 10 seconds. | Optional | +| query_interval | Sets the frequency at which the software sends IGMP host query messages. Values can range from 1 to 18000 seconds or keyword 'default'. The default is 125 seconds. | Optional | +| last_member_qrt | Sets the query interval waited after sending membership reports before the software deletes the group state. Values can range from 1 to 25 seconds or keyword 'default'. The default is 1 second. | Optional | +| last_member_query_count | Sets the number of times that the software sends an IGMP query in response to a host leave message. Values can range from 1 to 5 or keyword 'default'. The default is 2. | Optional | +| group_timeout | Sets the group membership timeout for IGMPv2. Values can range from 3 to 65,535 seconds or keyword 'default'. The default is 260 seconds. | Optional | +| report_llg | Configures report-link-local-groups. Enables sending reports for groups in 224.0.0.0/24. Reports are always sent for nonlink local groups. By default, reports are not sent for link local groups. | Optional | +| immediate_leave | Enables the device to remove the group entry from the multicast routing table immediately upon receiving a leave message for the group. Use this command to minimize the leave latency of IGMPv2 group memberships on a given IGMP interface because the device does not send group-specific queries. The default is disabled. | Optional | +| oif_routemap | Configure a routemap for static outgoing interface (OIF) or keyword 'default'. | Optional | +| oif_prefix | This argument is deprecated, please use oif_ps instead. Configure a prefix for static outgoing interface (OIF). | Optional | +| oif_source | This argument is deprecated, please use oif_ps instead. Configure a source for static outgoing interface (OIF). | Optional | +| oif_ps | Configure prefixes and sources for static outgoing interface (OIF). This is a list of dict where each dict has source and prefix defined or just prefix if source is not needed. The specified values will be configured on the device and if any previous prefix/sources exist, they will be removed. Keyword 'default' is also accepted which removes all existing prefix/sources. | Optional | +| restart | Restart IGMP. This is NOT idempotent as this is action only. Possible values are: Yes, No. Default is No. | Optional | +| state | Manages desired state of the resource. Possible values are: present, absent, default. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosIgmpInterface.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosIgmpInterface.existing | unknown | k/v pairs of existing igmp_interface configuration | +| CiscoNXOS.NxosIgmpInterface.end_state | unknown | k/v pairs of igmp interface configuration after module execution | +| CiscoNXOS.NxosIgmpInterface.updates | unknown | commands sent to the device | +| CiscoNXOS.NxosIgmpInterface.changed | boolean | check to see if a change was made on the device | + + + +### nxos-igmp-snooping +*** +Manages IGMP snooping global configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_igmp_snooping_module.html + + +#### Base Command + +`nxos-igmp-snooping` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| snooping | Enables/disables IGMP snooping on the switch. | Optional | +| group_timeout | Group membership timeout value for all VLANs on the device. Accepted values are integer in range 1-10080, `never` and `default`. | Optional | +| link_local_grp_supp | Global link-local groups suppression. | Optional | +| report_supp | Global IGMPv1/IGMPv2 Report Suppression. | Optional | +| v3_report_supp | Global IGMPv3 Report Suppression and Proxy Reporting. | Optional | +| state | Manage the state of the resource. Possible values are: present, default. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosIgmpSnooping.commands | unknown | command sent to the device | + + +#### Command Example +```!nxos-igmp-snooping host="192.168.1.19" state="default" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosIgmpSnooping": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + + +### nxos-install-os +*** +Set boot options like boot, kickstart image and issu. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_install_os_module.html + + +#### Base Command + +`nxos-install-os` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| system_image_file | Name of the system (or combined) image file on flash. | Required | +| kickstart_image_file | Name of the kickstart image file on flash. (Not required on all Nexus platforms). | Optional | +| issu | Upgrade using In Service Software Upgrade (ISSU). (Supported on N5k, N7k, N9k platforms) Selecting 'required' or 'yes' means that upgrades will only proceed if the switch is capable of ISSU. Selecting 'desired' means that upgrades will use ISSU if possible but will fall back to disruptive upgrade if needed. Selecting 'no' means do not use ISSU. Forced disruptive. Possible values are: required, desired, yes, no. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosInstallOs.install_state | unknown | Boot and install information. | + + + +### nxos-interface-ospf +*** +Manages configuration of an OSPF interface instance. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_interface_ospf_module.html + + +#### Base Command + +`nxos-interface-ospf` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| interface | Name of this cisco_interface resource. Valid value is a string. | Required | +| ospf | Name of the ospf instance. | Required | +| area | Ospf area associated with this cisco_interface_ospf instance. Valid values are a string, formatted as an IP address (i.e. "0.0.0.0") or as an integer. | Required | +| bfd | Enables bfd at interface level. This overrides the bfd variable set at the ospf router level. Valid values are 'enable', 'disable' or 'default'. Dependency: 'feature bfd'. Possible values are: enable, disable, default. | Optional | +| cost | The cost associated with this cisco_interface_ospf instance. | Optional | +| hello_interval | Time between sending successive hello packets. Valid values are an integer or the keyword 'default'. | Optional | +| dead_interval | Time interval an ospf neighbor waits for a hello packet before tearing down adjacencies. Valid values are an integer or the keyword 'default'. | Optional | +| passive_interface | Enable or disable passive-interface state on this interface. true - (enable) Prevent OSPF from establishing an adjacency or sending routing updates on this interface. false - (disable) Override global 'passive-interface default' for this interface. | Optional | +| network | Specifies interface ospf network type. Valid values are 'point-to-point' or 'broadcast'. Possible values are: point-to-point, broadcast. | Optional | +| message_digest | Enables or disables the usage of message digest authentication. | Optional | +| message_digest_key_id | Md5 authentication key-id associated with the ospf instance. If this is present, message_digest_encryption_type, message_digest_algorithm_type and message_digest_password are mandatory. Valid value is an integer and 'default'. | Optional | +| message_digest_algorithm_type | Algorithm used for authentication among neighboring routers within an area. Valid values are 'md5' and 'default'. Possible values are: md5, default. | Optional | +| message_digest_encryption_type | Specifies the scheme used for encrypting message_digest_password. Valid values are '3des' or 'cisco_type_7' encryption or 'default'. Possible values are: cisco_type_7, 3des, default. | Optional | +| message_digest_password | Specifies the message_digest password. Valid value is a string. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosInterfaceOspf.commands | unknown | commands sent to the device | + + + +### nxos-interfaces +*** +Manages interface attributes of NX-OS Interfaces + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_interfaces_module.html + + +#### Base Command + +`nxos-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of interface options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosInterfaces.commands | unknown | The set of commands pushed to the remote device. | + +#### Command Example +```!nxos-interfaces host="192.168.1.19" config="{{ [{'name': 'Ethernet1/1', 'description': 'Configured by Ansible', 'enabled': True}, {'name': 'Ethernet1/2', 'description': 'Configured by Ansible Network', 'enabled': False}] }}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosInterfaces": { + "before": [ + { + "description": "Configured by Ansible", + "name": "Ethernet1/1" + }, + { + "description": "Configured by Ansible Network", + "enabled": false, + "name": "Ethernet1/2" + }, + { + "name": "Ethernet1/3" + }, + { + "name": "Ethernet1/4" + }, + { + "name": "mgmt0" + } + ], + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Before +> * ## Ethernet1/1 +> * description: Configured by Ansible +> * name: Ethernet1/1 +> * ## Ethernet1/2 +> * description: Configured by Ansible Network +> * enabled: False +> * name: Ethernet1/2 +> * ## Ethernet1/3 +> * name: Ethernet1/3 +> * ## Ethernet1/4 +> * name: Ethernet1/4 +> * ## Mgmt0 +> * name: mgmt0 +> * ## Commands + + + +### nxos-l2-interfaces +*** +Manages Layer-2 Interfaces attributes of NX-OS Interfaces + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_l2_interfaces_module.html + + +#### Base Command + +`nxos-l2-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of Layer-2 interface options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosL2Interfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosL2Interfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosL2Interfaces.commands | unknown | The set of commands pushed to the remote device. | + +#### Command Example +```!nxos-l2-interfaces host="192.168.1.19" config="{{ [{'name': 'Ethernet1/1', 'trunk': {'native_vlan': 10, 'allowed_vlans': '2,4,15'}}, {'name': 'Ethernet1/2', 'access': {'vlan': 30}}] }}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosL2Interfaces": { + "before": [ + { + "name": "Ethernet1/1", + "trunk": { + "allowed_vlans": "2,4,15", + "native_vlan": 10 + } + }, + { + "access": { + "vlan": 30 + }, + "name": "Ethernet1/2" + }, + { + "name": "Ethernet1/3" + }, + { + "name": "Ethernet1/4" + }, + { + "name": "Ethernet1/5" + }, + { + "name": "mgmt0" + } + ], + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Before +> * ## Ethernet1/1 +> * name: Ethernet1/1 +> * ### Trunk +> * allowed_vlans: 2,4,15 +> * native_vlan: 10 +> * ## Ethernet1/2 +> * name: Ethernet1/2 +> * ### Access +> * vlan: 30 +> * ## Ethernet1/3 +> * name: Ethernet1/3 +> * ## Ethernet1/4 +> * name: Ethernet1/4 +> * ## Ethernet1/5 +> * name: Ethernet1/5 +> * ## Mgmt0 +> * name: mgmt0 +> * ## Commands + + + +### nxos-l3-interfaces +*** +Manages Layer-3 Interfaces attributes of NX-OS Interfaces + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_l3_interfaces_module.html + + +#### Base Command + +`nxos-l3-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of Layer-3 interface options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosL3Interfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosL3Interfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosL3Interfaces.commands | unknown | The set of commands pushed to the remote device. | + + + +### nxos-lacp +*** +Manage Global Link Aggregation Control Protocol (LACP) on Cisco NX-OS devices. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lacp_module.html + + +#### Base Command + +`nxos-lacp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | LACP global options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosLacp.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosLacp.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosLacp.commands | unknown | The set of commands pushed to the remote device. | + + +#### Command Example +```!nxos-lacp host="192.168.1.19" config="{'system': {'priority': 10, 'mac': {'address': '00c1.4c00.bd15'}}}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosLacp": { + "after": { + "system": { + "mac": { + "address": "00c1.4c00.bd15", + "role": "primary" + }, + "priority": 10 + } + }, + "before": {}, + "changed": true, + "commands": [ + "lacp system-priority 10", + "lacp system-mac 00c1.4c00.bd15" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## After +> * ### System +> * priority: 10 +> * #### Mac +> * address: 00c1.4c00.bd15 +> * role: primary +> * ## Before +> * ## Commands +> * 0: lacp system-priority 10 +> * 1: lacp system-mac 00c1.4c00.bd15 + + +### nxos-lacp-interfaces +*** +Manage Link Aggregation Control Protocol (LACP) attributes of interfaces on Cisco NX-OS devices. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lacp_interfaces_module.html + + +#### Base Command + +`nxos-lacp-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of LACP interfaces options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosLacpInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosLacpInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosLacpInterfaces.commands | unknown | The set of commands pushed to the remote device. | + + + +### nxos-lag-interfaces +*** +Manages link aggregation groups of NX-OS Interfaces + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lag_interfaces_module.html + + +#### Base Command + +`nxos-lag-interfaces` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A list of link aggregation group configurations. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosLagInterfaces.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosLagInterfaces.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosLagInterfaces.commands | unknown | The set of commands pushed to the remote device. | + + +#### Command Example +```!nxos-lag-interfaces host="192.168.1.19" config="{{ [{'name': 'port-channel99', 'members': [{'member': 'Ethernet1/4'}]}] }}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosLagInterfaces": { + "after": [ + { + "members": [ + { + "member": "Ethernet1/4" + } + ], + "name": "port-channel99" + } + ], + "before": [], + "changed": true, + "commands": [ + "interface Ethernet1/4", + "channel-group 99" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## After +> * ## Port-Channel99 +> * name: port-channel99 +> * ### Members +> * ### List +> * member: Ethernet1/4 +> * ## Before +> * ## Commands +> * 0: interface Ethernet1/4 +> * 1: channel-group 99 + + +### nxos-lldp +*** +Manage LLDP configuration on Cisco NXOS network devices. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lldp_module.html + + +#### Base Command + +`nxos-lldp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | State of the LLDP configuration. If value is `present` lldp will be enabled else if it is `absent` it will be disabled. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosLldp.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!nxos-lldp host="192.168.1.19" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosLldp": { + "changed": true, + "commands": [ + "terminal dont-ask", + "feature lldp" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: terminal dont-ask +> * 1: feature lldp + + +### nxos-lldp-global +*** +Configure and manage Link Layer Discovery Protocol(LLDP) attributes on NX-OS platforms. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_lldp_global_module.html + + +#### Base Command + +`nxos-lldp-global` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A list of link layer discovery configurations. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosLldpGlobal.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosLldpGlobal.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosLldpGlobal.commands | unknown | The set of commands pushed to the remote device. | + + +#### Command Example +```!nxos-lldp-global host="192.168.1.19" config="{'timer': 35, 'holdtime': 100}" state="merged" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosLldpGlobal": { + "after": { + "holdtime": 100, + "timer": 35 + }, + "before": {}, + "changed": true, + "commands": [ + "lldp holdtime 100", + "lldp timer 35" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## After +> * holdtime: 100 +> * timer: 35 +> * ## Before +> * ## Commands +> * 0: lldp holdtime 100 +> * 1: lldp timer 35 + + +### nxos-logging +*** +Manage logging on network devices + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_logging_module.html + + +#### Base Command + +`nxos-logging` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dest | Destination of the logs. Possible values are: console, logfile, module, monitor, server. | Optional | +| remote_server | Hostname or IP Address for remote logging (when dest is 'server'). | Optional | +| use_vrf | VRF to be used while configuring remote logging (when dest is 'server'). | Optional | +| interface | Interface to be used while configuring source-interface for logging (e.g., 'Ethernet1/2', 'mgmt0'). | Optional | +| name | If value of `dest` is `logfile` it indicates file-name. | Optional | +| facility | Facility name for logging. | Optional | +| dest_level | Set logging severity levels. | Optional | +| facility_level | Set logging severity levels for facility based log messages. | Optional | +| aggregate | List of logging definitions. | Optional | +| state | State of the logging configuration. Possible values are: present, absent. Default is present. | Optional | +| event | Link/trunk enable/default interface configuration logging. Possible values are: link-enable, link-default, trunk-enable, trunk-default. | Optional | +| interface_message | Add interface description to interface syslogs. Does not work with version 6.0 images using nxapi as a transport. Possible values are: add-interface-description. | Optional | +| file_size | Set logfile size. | Optional | +| facility_link_status | Set logging facility ethpm link status. Not idempotent with version 6.0 images. Possible values are: link-down-notif, link-down-error, link-up-notif, link-up-error. | Optional | +| timestamp | Set logging timestamp format. Possible values are: microseconds, milliseconds, seconds. | Optional | +| purge | Remove any switch logging configuration that does not match what has been configured Not supported for ansible_connection local. All nxos_logging tasks must use the same ansible_connection type. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosLogging.commands | unknown | The list of configuration mode commands to send to the device | + + + +### nxos-ntp +*** +Manages core NTP configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_ntp_module.html + + +#### Base Command + +`nxos-ntp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| server | Network address of NTP server. | Optional | +| peer | Network address of NTP peer. | Optional | +| key_id | Authentication key identifier to use with given NTP server or peer or keyword 'default'. | Optional | +| prefer | Makes given NTP server or peer the preferred NTP server or peer for the device. Possible values are: enabled, disabled. | Optional | +| vrf_name | Makes the device communicate with the given NTP server or peer over a specific VRF or keyword 'default'. | Optional | +| source_addr | Local source address from which NTP messages are sent or keyword 'default'. | Optional | +| source_int | Local source interface from which NTP messages are sent. Must be fully qualified interface name or keyword 'default'. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosNtp.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosNtp.existing | unknown | k/v pairs of existing ntp server/peer | +| CiscoNXOS.NxosNtp.end_state | unknown | k/v pairs of ntp info after module execution | +| CiscoNXOS.NxosNtp.updates | unknown | command sent to the device | +| CiscoNXOS.NxosNtp.changed | boolean | check to see if a change was made on the device | + + +#### Command Example +```!nxos-ntp host="192.168.1.19" server="1.2.3.4" key_id="32" prefer="enabled"``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosNtp": { + "changed": true, + "end_state": { + "address": "1.2.3.4", + "key_id": "32", + "peer_type": "server", + "prefer": "enabled", + "vrf_name": "default" + }, + "existing": {}, + "host": "192.168.1.19", + "peer_server_list": [], + "proposed": { + "address": "1.2.3.4", + "key_id": "32", + "peer_type": "server", + "prefer": "enabled" + }, + "status": "CHANGED", + "updates": [ + "ntp server 1.2.3.4 prefer key 32" + ] + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## End_State +> * address: 1.2.3.4 +> * key_id: 32 +> * peer_type: server +> * prefer: enabled +> * vrf_name: default +> * ## Existing +> * ## Peer_Server_List +> * ## Proposed +> * address: 1.2.3.4 +> * key_id: 32 +> * peer_type: server +> * prefer: enabled +> * ## Updates +> * 0: ntp server 1.2.3.4 prefer key 32 + + +### nxos-ntp-auth +*** +Manages NTP authentication. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_ntp_auth_module.html + + +#### Base Command + +`nxos-ntp-auth` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| key_id | Authentication key identifier (numeric). | Optional | +| md5string | MD5 String. | Optional | +| auth_type | Whether the given md5string is in cleartext or has been encrypted. If in cleartext, the device will encrypt it before storing it. Possible values are: text, encrypt. Default is text. | Optional | +| trusted_key | Whether the given key is required to be supplied by a time source for the device to synchronize to the time source. Possible values are: false, true. Default is false. | Optional | +| authentication | Turns NTP authentication on or off. Possible values are: on, off. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosNtpAuth.commands | unknown | command sent to the device | + + +#### Command Example +```!nxos-ntp-auth host="192.168.1.19" key_id="32" md5string="hello" auth_type="text" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosNtpAuth": { + "changed": true, + "end_state": { + "auth_type": "encrypt", + "authentication": "off", + "key_id": "32", + "md5string": "kapqg", + "trusted_key": "false" + }, + "existing": { + "authentication": "off", + "trusted_key": "false" + }, + "host": "192.168.1.19", + "proposed": { + "auth_type": "text", + "key_id": "32", + "md5string": "hello", + "trusted_key": "false" + }, + "status": "CHANGED", + "updates": [ + "ntp authentication-key 32 md5 hello 0" + ] + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## End_State +> * auth_type: encrypt +> * authentication: off +> * key_id: 32 +> * md5string: kapqg +> * trusted_key: false +> * ## Existing +> * authentication: off +> * trusted_key: false +> * ## Proposed +> * auth_type: text +> * key_id: 32 +> * md5string: hello +> * trusted_key: false +> * ## Updates +> * 0: ntp authentication-key 32 md5 hello 0 + + +### nxos-ntp-options +*** +Manages NTP options. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_ntp_options_module.html + + +#### Base Command + +`nxos-ntp-options` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| master | Sets whether the device is an authoritative NTP server. | Optional | +| stratum | If `master=true`, an optional stratum can be supplied (1-15). The device default is 8. | Optional | +| logging | Sets whether NTP logging is enabled on the device. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosNtpOptions.updates | unknown | command sent to the device | + + +#### Command Example +```!nxos-ntp-options host="192.168.1.19" master="True" stratum="12" logging="False"``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosNtpOptions": { + "changed": true, + "commands": [ + "ntp master", + "ntp master 12" + ], + "host": "192.168.1.19", + "status": "CHANGED", + "updates": [ + "ntp master", + "ntp master 12" + ] + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: ntp master +> * 1: ntp master 12 +> * ## Updates +> * 0: ntp master +> * 1: ntp master 12 + + +### nxos-nxapi +*** +Manage NXAPI configuration on an NXOS device. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_nxapi_module.html + + +#### Base Command + +`nxos-nxapi` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| http_port | Configure the port with which the HTTP server will listen on for requests. By default, NXAPI will bind the HTTP service to the standard HTTP port 80. This argument accepts valid port values in the range of 1 to 65535. Default is 80. | Optional | +| http | Controls the operating state of the HTTP protocol as one of the underlying transports for NXAPI. By default, NXAPI will enable the HTTP transport when the feature is first configured. To disable the use of the HTTP transport, set the value of this argument to False. Possible values are: Yes, No. Default is Yes. | Optional | +| https_port | Configure the port with which the HTTPS server will listen on for requests. By default, NXAPI will bind the HTTPS service to the standard HTTPS port 443. This argument accepts valid port values in the range of 1 to 65535. Default is 443. | Optional | +| https | Controls the operating state of the HTTPS protocol as one of the underlying transports for NXAPI. By default, NXAPI will disable the HTTPS transport when the feature is first configured. To enable the use of the HTTPS transport, set the value of this argument to True. Possible values are: Yes, No. Default is No. | Optional | +| sandbox | The NXAPI feature provides a web base UI for developers for entering commands. This feature is initially disabled when the NXAPI feature is configured for the first time. When the `sandbox` argument is set to True, the developer sandbox URL will accept requests and when the value is set to False, the sandbox URL is unavailable. This is supported on NX-OS 7K series. Possible values are: Yes, No. Default is No. | Optional | +| state | The `state` argument controls whether or not the NXAPI feature is configured on the remote device. When the value is `present` the NXAPI feature configuration is present in the device running-config. When the values is `absent` the feature configuration is removed from the running-config. Possible values are: present, absent. Default is present. | Optional | +| ssl_strong_ciphers | Controls the use of whether strong or weak ciphers are configured. By default, this feature is disabled and weak ciphers are configured. To enable the use of strong ciphers, set the value of this argument to True. Possible values are: Yes, No. Default is No. | Optional | +| tlsv1_0 | Controls the use of the Transport Layer Security version 1.0 is configured. By default, this feature is enabled. To disable the use of TLSV1.0, set the value of this argument to True. Possible values are: Yes, No. Default is Yes. | Optional | +| tlsv1_1 | Controls the use of the Transport Layer Security version 1.1 is configured. By default, this feature is disabled. To enable the use of TLSV1.1, set the value of this argument to True. Possible values are: Yes, No. Default is No. | Optional | +| tlsv1_2 | Controls the use of the Transport Layer Security version 1.2 is configured. By default, this feature is disabled. To enable the use of TLSV1.2, set the value of this argument to True. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosNxapi.updates | unknown | Returns the list of commands that need to be pushed into the remote device to satisfy the arguments | + + +#### Command Example +```!nxos-nxapi host="192.168.1.19" state="present" sandbox=No``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosNxapi": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-ospf +*** +Manages configuration of an ospf instance. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_ospf_module.html + + +#### Base Command + +`nxos-ospf` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| ospf | Name of the ospf instance. | Required | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosOspf.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-ospf host="192.168.1.19" ospf="1" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosOspf": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + + +### nxos-ospf-vrf +*** +Manages a VRF for an OSPF router. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_ospf_vrf_module.html + + +#### Base Command + +`nxos-ospf-vrf` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| vrf | Name of the resource instance. Valid value is a string. The name 'default' is a valid VRF representing the global OSPF. Default is default. | Optional | +| ospf | Name of the OSPF instance. | Required | +| router_id | Router Identifier (ID) of the OSPF router VRF instance. | Optional | +| default_metric | Specify the default Metric value. Valid values are an integer or the keyword 'default'. | Optional | +| log_adjacency | Controls the level of log messages generated whenever a neighbor changes state. Valid values are 'log', 'detail', and 'default'. Possible values are: log, detail, default. | Optional | +| timer_throttle_lsa_start | Specify the start interval for rate-limiting Link-State Advertisement (LSA) generation. Valid values are an integer, in milliseconds, or the keyword 'default'. | Optional | +| timer_throttle_lsa_hold | Specify the hold interval for rate-limiting Link-State Advertisement (LSA) generation. Valid values are an integer, in milliseconds, or the keyword 'default'. | Optional | +| timer_throttle_lsa_max | Specify the max interval for rate-limiting Link-State Advertisement (LSA) generation. Valid values are an integer, in milliseconds, or the keyword 'default'. | Optional | +| timer_throttle_spf_start | Specify initial Shortest Path First (SPF) schedule delay. Valid values are an integer, in milliseconds, or the keyword 'default'. | Optional | +| timer_throttle_spf_hold | Specify minimum hold time between Shortest Path First (SPF) calculations. Valid values are an integer, in milliseconds, or the keyword 'default'. | Optional | +| timer_throttle_spf_max | Specify the maximum wait time between Shortest Path First (SPF) calculations. Valid values are an integer, in milliseconds, or the keyword 'default'. | Optional | +| auto_cost | Specifies the reference bandwidth used to assign OSPF cost. Valid values are an integer, in Mbps, or the keyword 'default'. | Optional | +| bfd | Enables BFD on all OSPF interfaces. Dependency: 'feature bfd'. Possible values are: enable, disable. | Optional | +| passive_interface | Setting to `yes` will suppress routing update on interface. | Optional | +| state | State of ospf vrf configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosOspfVrf.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-ospf-vrf host="192.168.1.19" ospf="1" timer_throttle_spf_start="50" timer_throttle_spf_hold="1000" timer_throttle_spf_max="2000" timer_throttle_lsa_start="60" timer_throttle_lsa_hold="1100" timer_throttle_lsa_max="3000" vrf="test" bfd="enable" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosOspfVrf": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-overlay-global +*** +Configures anycast gateway MAC of the switch. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_overlay_global_module.html + + +#### Base Command + +`nxos-overlay-global` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| anycast_gateway_mac | Anycast gateway mac of the switch. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosOverlayGlobal.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-overlay-global host="192.168.1.19" anycast_gateway_mac="b.b.b" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosOverlayGlobal": { + "changed": true, + "commands": [ + "fabric forwarding anycast-gateway-mac 000B.000B.000B" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: fabric forwarding anycast-gateway-mac 000B.000B.000B + + +### nxos-pim +*** +Manages configuration of a PIM instance. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_pim_module.html + + +#### Base Command + +`nxos-pim` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| bfd | Enables BFD on all PIM interfaces. Dependency: 'feature bfd'. Possible values are: enable, disable. | Optional | +| ssm_range | Configure group ranges for Source Specific Multicast (SSM). Valid values are multicast addresses or the keyword `none` or keyword `default`. `none` removes all SSM group ranges. `default` will set ssm_range to the default multicast address. If you set multicast address, please ensure that it is not the same as the `default`, otherwise use the `default` option. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosPim.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-pim host="192.168.1.19" bfd="enable" ssm_range="224.0.0.0/8"``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosPim": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-pim-interface +*** +Manages PIM interface configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_pim_interface_module.html + + +#### Base Command + +`nxos-pim-interface` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| interface | Full name of the interface such as Ethernet1/33. | Required | +| sparse | Enable/disable sparse-mode on the interface. Possible values are: Yes, No. Default is No. | Optional | +| bfd | Enables BFD for PIM at the interface level. This overrides the bfd variable set at the pim global level. Valid values are 'enable', 'disable' or 'default'. Dependency: 'feature bfd'. Possible values are: enable, disable, default. | Optional | +| dr_prio | Configures priority for PIM DR election on interface. | Optional | +| hello_auth_key | Authentication for hellos on this interface. | Optional | +| hello_interval | Hello interval in milliseconds for this interface. | Optional | +| jp_policy_out | Policy for join-prune messages (outbound). | Optional | +| jp_policy_in | Policy for join-prune messages (inbound). | Optional | +| jp_type_out | Type of policy mapped to `jp_policy_out`. Possible values are: prefix, routemap. | Optional | +| jp_type_in | Type of policy mapped to `jp_policy_in`. Possible values are: prefix, routemap. | Optional | +| border | Configures interface to be a boundary of a PIM domain. Possible values are: Yes, No. Default is No. | Optional | +| neighbor_policy | Configures a neighbor policy for filtering adjacencies. | Optional | +| neighbor_type | Type of policy mapped to neighbor_policy. Possible values are: prefix, routemap. | Optional | +| state | Manages desired state of the resource. Possible values are: present, default. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosPimInterface.commands | unknown | command sent to the device | + + + +### nxos-pim-rp-address +*** +Manages configuration of an PIM static RP address instance. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_pim_rp_address_module.html + + +#### Base Command + +`nxos-pim-rp-address` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| rp_address | Configures a Protocol Independent Multicast (PIM) static rendezvous point (RP) address. Valid values are unicast addresses. | Required | +| group_list | Group range for static RP. Valid values are multicast addresses. | Optional | +| prefix_list | Prefix list policy for static RP. Valid values are prefix-list policy names. | Optional | +| route_map | Route map policy for static RP. Valid values are route-map policy names. | Optional | +| bidir | Group range is treated in PIM bidirectional mode. | Optional | +| state | Specify desired state of the resource. Possible values are: present, absent, default. Default is present. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosPimRpAddress.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-pim-rp-address host="192.168.1.19" rp_address="10.1.1.20" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosPimRpAddress": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-ping +*** +Tests reachability using ping from Nexus switch. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_ping_module.html + + +#### Base Command + +`nxos-ping` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dest | IP address or hostname (resolvable by switch) of remote node. | Required | +| count | Number of packets to send. Default is 5. | Optional | +| source | Source IP Address or hostname (resolvable by switch). | Optional | +| vrf | Outgoing VRF. | Optional | +| state | Determines if the expected result is success or fail. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosPing.commands | unknown | Show the command sent | +| CiscoNXOS.NxosPing.rtt | unknown | Show RTT stats | +| CiscoNXOS.NxosPing.packets_rx | number | Packets successfully received | +| CiscoNXOS.NxosPing.packets_tx | number | Packets successfully transmitted | +| CiscoNXOS.NxosPing.packet_loss | string | Percentage of packets lost | + + +#### Command Example +```!nxos-ping host="192.168.1.19" dest="8.8.8.8" vrf="management"``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosPing": { + "changed": false, + "commands": [ + "ping 8.8.8.8 count 5 vrf management" + ], + "host": "192.168.1.19", + "packet_loss": "0.00%", + "packets_rx": 5, + "packets_tx": 5, + "rtt": { + "avg": 11.171, + "max": 11.845, + "min": 10.811 + }, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * packet_loss: 0.00% +> * packets_rx: 5 +> * packets_tx: 5 +> * ## Commands +> * 0: ping 8.8.8.8 count 5 vrf management +> * ## Rtt +> * avg: 11.171 +> * max: 11.845 +> * min: 10.811 + + +### nxos-reboot +*** +Reboot a network device. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_reboot_module.html + + +#### Base Command + +`nxos-reboot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| confirm | Safeguard boolean. Set to true if you're sure you want to reboot. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosReboot.rebooted | boolean | Whether the device was instructed to reboot. | + + +#### Command Example +```!nxos-reboot host="192.168.1.19" confirm="True" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosReboot": { + "changed": true, + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True + + +### nxos-rollback +*** +Set a checkpoint or rollback to a checkpoint. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_rollback_module.html + + +#### Base Command + +`nxos-rollback` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| checkpoint_file | Name of checkpoint file to create. Mutually exclusive with rollback_to. | Optional | +| rollback_to | Name of checkpoint file to rollback to. Mutually exclusive with checkpoint_file. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosRollback.filename | string | The filename of the checkpoint/rollback file. | +| CiscoNXOS.NxosRollback.status | string | Which operation took place and whether it was successful. | + + +#### Command Example +```!nxos-rollback host="192.168.1.19" checkpoint_file="backup.cfg"``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosRollback": { + "changed": true, + "filename": "backup.cfg", + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * filename: backup.cfg +> * status: checkpoint file created + +### nxos-rpm +*** +Install patch or feature rpms on Cisco NX-OS devices. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_rpm_module.html + + +#### Base Command + +`nxos-rpm` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| pkg | Name of the RPM package. | Required | +| file_system | The remote file system of the device. If omitted, devices that support a file_system parameter will use their default values. Default is bootflash. | Optional | +| aggregate | List of RPM/patch definitions. | Optional | +| state | If the state is present, the rpm will be installed, If the state is absent, it will be removed. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosRpm.commands | unknown | commands sent to the device | + + + +### nxos-smu +*** +Perform SMUs on Cisco NX-OS devices. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_smu_module.html + + +#### Base Command + +`nxos-smu` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| pkg | Name of the remote package. | Required | +| file_system | The remote file system of the device. If omitted, devices that support a file_system parameter will use their default values. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSmu.commands | unknown | commands sent to the device | + + + +### nxos-snapshot +*** +Manage snapshots of the running states of selected features. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snapshot_module.html + + +#### Base Command + +`nxos-snapshot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| action | Define what snapshot action the module would perform. Possible values are: add, compare, create, delete, delete_all. | Required | +| snapshot_name | Snapshot name, to be used when `action=create` or `action=delete`. | Optional | +| description | Snapshot description to be used when `action=create`. | Optional | +| snapshot1 | First snapshot to be used when `action=compare`. | Optional | +| snapshot2 | Second snapshot to be used when `action=compare`. | Optional | +| comparison_results_file | Name of the file where snapshots comparison will be stored when `action=compare`. | Optional | +| compare_option | Snapshot options to be used when `action=compare`. Possible values are: summary, ipv4routes, ipv6routes. | Optional | +| section | Used to name the show command output, to be used when `action=add`. | Optional | +| show_command | Specify a new show command, to be used when `action=add`. | Optional | +| row_id | Specifies the tag of each row entry of the show command's XML output, to be used when `action=add`. | Optional | +| element_key1 | Specify the tags used to distinguish among row entries, to be used when `action=add`. | Optional | +| element_key2 | Specify the tags used to distinguish among row entries, to be used when `action=add`. | Optional | +| save_snapshot_locally | Specify to locally store a new created snapshot, to be used when `action=create`. Default is no. | Optional | +| path | Specify the path of the file where new created snapshot or snapshots comparison will be stored, to be used when `action=create` and `save_snapshot_locally=true` or `action=compare`. Default is ./. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSnapshot.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-snapshot host="192.168.1.19" action="create" snapshot_name="test_snapshot" description="Done with Ansible" save_snapshot_locally="True" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosSnapshot": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-snmp-community +*** +Manages SNMP community configs. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_community_module.html + + +#### Base Command + +`nxos-snmp-community` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| community | Case-sensitive community string. | Required | +| access | Access type for community. Possible values are: ro, rw. | Optional | +| group | Group to which the community belongs. | Optional | +| acl | ACL name to filter snmp requests or keyword 'default'. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSnmpCommunity.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-snmp-community host="192.168.1.19" community="TESTING7" group="network-operator" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosSnmpCommunity": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-snmp-contact +*** +Manages SNMP contact info. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_contact_module.html + + +#### Base Command + +`nxos-snmp-contact` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| contact | Contact information. | Required | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSnmpContact.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-snmp-contact host="192.168.1.19" contact="Test" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosSnmpContact": { + "changed": true, + "commands": [ + "snmp-server contact Test" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: snmp-server contact Test + + +### nxos-snmp-host +*** +Manages SNMP host configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_host_module.html + + +#### Base Command + +`nxos-snmp-host` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| snmp_host | IP address of hostname of target host. | Required | +| version | SNMP version. If this is not specified, v1 is used. Possible values are: v1, v2c, v3. | Optional | +| v3 | Use this when verion is v3. SNMPv3 Security level. Possible values are: noauth, auth, priv. | Optional | +| community | Community string or v3 username. | Optional | +| udp | UDP port number (0-65535). Default is 162. | Optional | +| snmp_type | type of message to send to host. If this is not specified, trap type is used. Possible values are: trap, inform. | Optional | +| vrf | VRF to use to source traffic to source. If state = absent, the vrf is removed. | Optional | +| vrf_filter | Name of VRF to filter. If state = absent, the vrf is removed from the filter. | Optional | +| src_intf | Source interface. Must be fully qualified interface name. If state = absent, the interface is removed. | Optional | +| state | Manage the state of the resource. If state = present, the host is added to the configuration. If only vrf and/or vrf_filter and/or src_intf are given, they will be added to the existing host configuration. If state = absent, the host is removed if community parameter is given. It is possible to remove only vrf and/or src_int and/or vrf_filter by providing only those parameters and no community parameter. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSnmpHost.commands | unknown | commands sent to the device | + +#### Command Example +```!nxos-snmp-host host="192.168.1.19" snmp_host="1.1.1.1" community="TESTING" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosSnmpHost": { + "changed": true, + "commands": [ + "snmp-server host 1.1.1.1 trap version 1 TESTING udp-port 162" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: snmp-server host 1.1.1.1 trap version 1 TESTING udp-port 162 + + + +### nxos-snmp-location +*** +Manages SNMP location information. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_location_module.html + + +#### Base Command + +`nxos-snmp-location` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| location | Location information. | Required | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSnmpLocation.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-snmp-location host="192.168.1.19" location="Test" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosSnmpLocation": { + "changed": true, + "commands": [ + "snmp-server location Test" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: snmp-server location Test + +### nxos-snmp-traps +*** +Manages SNMP traps. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_traps_module.html + + +#### Base Command + +`nxos-snmp-traps` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| group | Case sensitive group. Possible values are: aaa, bfd, bgp, bridge, callhome, cfs, config, eigrp, entity, feature-control, generic, hsrp, license, link, lldp, mmode, ospf, pim, rf, rmon, snmp, storm-control, stpx, switchfabric, syslog, sysmgr, system, upgrade, vtp, all. | Required | +| state | Manage the state of the resource. Possible values are: enabled, disabled. Default is enabled. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSnmpTraps.commands | unknown | command sent to the device | + + + +### nxos-snmp-user +*** +Manages SNMP users for monitoring. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_snmp_user_module.html + + +#### Base Command + +`nxos-snmp-user` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| user | Name of the user. | Required | +| group | Group to which the user will belong to. If state = present, and the user is existing, the group is added to the user. If the user is not existing, user entry is created with this group argument. If state = absent, only the group is removed from the user entry. However, to maintain backward compatibility, if the existing user belongs to only one group, and if group argument is same as the existing user's group, then the user entry also is deleted. | Optional | +| authentication | Authentication parameters for the user. Possible values are: md5, sha. | Optional | +| pwd | Authentication password when using md5 or sha. This is not idempotent. | Optional | +| privacy | Privacy password for the user. This is not idempotent. | Optional | +| encrypt | Enables AES-128 bit encryption when using privacy password. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSnmpUser.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-snmp-user host="192.168.1.19" user="ntc" group="network-operator" authentication="md5" pwd="test_password" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosSnmpUser": { + "changed": true, + "commands": [ + "snmp-server user ntc auth md5 ********" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: snmp-server user ntc auth md5 ******** + + +### nxos-static-route +*** +Manages static route configuration + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_static_route_module.html + + +#### Base Command + +`nxos-static-route` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| prefix | Destination prefix of static route. | Required | +| next_hop | Next hop address or interface of static route. If interface, it must be the fully-qualified interface name. | Required | +| vrf | VRF for static route. Default is default. | Optional | +| tag | Route tag value (numeric) or keyword 'default'. | Optional | +| route_name | Name of the route or keyword 'default'. Used with the name parameter on the CLI. | Optional | +| pref | Preference or administrative difference of route (range 1-255) or keyword 'default'. | Optional | +| aggregate | List of static route definitions. | Optional | +| track | Track value (range 1 - 512). Track must already be configured on the device before adding the route. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosStaticRoute.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-static-route host="192.168.1.19" prefix="1.1.1.2/24" next_hop="1.1.1.1" route_name="testing" pref="100" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosStaticRoute": { + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Commands + +### nxos-system +*** +Manage the system attributes on Cisco NXOS devices + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_system_module.html + + +#### Base Command + +`nxos-system` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| hostname | Configure the device hostname parameter. This option takes an ASCII string value or keyword 'default'. | Optional | +| domain_name | Configures the default domain name suffix to be used when referencing this node by its FQDN. This argument accepts either a list of domain names or a list of dicts that configure the domain name and VRF name or keyword 'default'. See examples. | Optional | +| domain_lookup | Enables or disables the DNS lookup feature in Cisco NXOS. This argument accepts boolean values. When enabled, the system will try to resolve hostnames using DNS and when disabled, hostnames will not be resolved. | Optional | +| domain_search | Configures a list of domain name suffixes to search when performing DNS name resolution. This argument accepts either a list of domain names or a list of dicts that configure the domain name and VRF name or keyword 'default'. See examples. | Optional | +| name_servers | List of DNS name servers by IP address to use to perform name resolution lookups. This argument accepts either a list of DNS servers or a list of hashes that configure the name server and VRF name or keyword 'default'. See examples. | Optional | +| system_mtu | Specifies the mtu, must be an integer or keyword 'default'. | Optional | +| state | State of the configuration values in the device's current active configuration. When set to `present`, the values should be configured in the device active configuration and when set to `absent` the values should not be in the device active configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosSystem.commands | unknown | The list of configuration mode commands to send to the device | + + +#### Command Example +```!nxos-system host="192.168.1.19" hostname="nxos01" domain_name="test.example.com" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosSystem": { + "changed": true, + "commands": [ + "hostname nxos01" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: hostname nxos01 + + +### nxos-telemetry +*** +Telemetry Monitoring Service (TMS) configuration + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_telemetry_module.html + + +#### Base Command + +`nxos-telemetry` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | The provided configuration. | Optional | +| state | Final configuration state. Possible values are: merged, replaced, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosTelemetry.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosTelemetry.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosTelemetry.commands | unknown | The set of commands pushed to the remote device. | + + +#### Command Example +```!nxos-telemetry host="192.168.1.19" state="deleted" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosTelemetry": { + "before": {}, + "changed": false, + "commands": [], + "host": "192.168.1.19", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - SUCCESS +> * changed: False +> * ## Before +> * ## Commands + +### nxos-udld +*** +Manages UDLD global configuration params. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_udld_module.html + + +#### Base Command + +`nxos-udld` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| aggressive | Toggles aggressive mode. Possible values are: enabled, disabled. | Optional | +| msg_time | Message time in seconds for UDLD packets or keyword 'default'. | Optional | +| reset | Ability to reset all ports shut down by UDLD. 'state' parameter cannot be 'absent' when this is present. Default is no. | Optional | +| state | Manage the state of the resource. When set to 'absent', aggressive and msg_time are set to their default values. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosUdld.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosUdld.existing | unknown | k/v pairs of existing udld configuration | +| CiscoNXOS.NxosUdld.end_state | unknown | k/v pairs of udld configuration after module execution | +| CiscoNXOS.NxosUdld.updates | unknown | command sent to the device | +| CiscoNXOS.NxosUdld.changed | boolean | check to see if a change was made on the device | + + + +### nxos-udld-interface +*** +Manages UDLD interface configuration params. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_udld_interface_module.html + + +#### Base Command + +`nxos-udld-interface` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| mode | Manages UDLD mode for an interface. Possible values are: enabled, disabled, aggressive. | Required | +| interface | FULL name of the interface, i.e. Ethernet1/1-. | Required | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosUdldInterface.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosUdldInterface.existing | unknown | k/v pairs of existing configuration | +| CiscoNXOS.NxosUdldInterface.end_state | unknown | k/v pairs of configuration after module execution | +| CiscoNXOS.NxosUdldInterface.updates | unknown | command sent to the device | +| CiscoNXOS.NxosUdldInterface.changed | boolean | check to see if a change was made on the device | + + + +### nxos-user +*** +Manage the collection of local users on Nexus devices + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_user_module.html + + +#### Base Command + +`nxos-user` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| aggregate | The set of username objects to be configured on the remote Cisco Nexus device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the `name` argument. | Optional | +| name | The username to be configured on the remote Cisco Nexus device. This argument accepts a string value and is mutually exclusive with the `aggregate` argument. | Optional | +| configured_password | The password to be configured on the network device. The password needs to be provided in cleartext and it will be encrypted on the device. Please note that this option is not same as `provider password`. | Optional | +| update_password | Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to `always`, the password will always be updated in the device and when set to `on_create` the password will be updated only if the username is created. Possible values are: on_create, always. Default is always. | Optional | +| role | The `role` argument configures the role for the username in the device running configuration. The argument accepts a string value defining the role name. This argument does not check if the role has been configured on the device. | Optional | +| sshkey | The `sshkey` argument defines the SSH public key to configure for the username. This argument accepts a valid SSH key value. | Optional | +| purge | The `purge` argument instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user which cannot be deleted per nxos constraints. Default is no. | Optional | +| state | The `state` argument configures the state of the username definition as it relates to the device operational configuration. When set to `present`, the username(s) should be configured in the device active configuration and when set to `absent` the username(s) should not be in the device active configuration. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosUser.commands | unknown | The list of configuration mode commands to send to the device | +| CiscoNXOS.NxosUser.start | string | The time the job started | +| CiscoNXOS.NxosUser.end | string | The time the job ended | +| CiscoNXOS.NxosUser.delta | string | The time elapsed to perform all operations | + + +#### Command Example +```!nxos-user host="192.168.1.19" name="ansible" sshkey="ssh-rsa AAAAB3...u+DM=" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosUser": { + "changed": true, + "commands": [ + "username ansible", + "username ansible sshkey ssh-rsa AAAAB3...u+DM=" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: username ansible +> * 1: username ansible sshkey ssh-rsa AAAAB3...u+DM= + + +### nxos-vlans +*** +Create VLAN and manage VLAN configurations on NX-OS Interfaces + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vlans_module.html + + +#### Base Command + +`nxos-vlans` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| config | A dictionary of Vlan options. | Optional | +| state | The state of the configuration after module completion. Possible values are: merged, replaced, overridden, deleted. Default is merged. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVlans.before | unknown | The configuration as structured data prior to module invocation. | +| CiscoNXOS.NxosVlans.after | unknown | The configuration as structured data after module completion. | +| CiscoNXOS.NxosVlans.commands | unknown | The set of commands pushed to the remote device. | + + + +### nxos-vpc +*** +Manages global VPC configuration + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vpc_module.html + + +#### Base Command + +`nxos-vpc` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| domain | VPC domain. | Required | +| role_priority | Role priority for device. Remember lower is better. | Optional | +| system_priority | System priority device. Remember they must match between peers. | Optional | +| pkl_src | Source IP address used for peer keepalive link. | Optional | +| pkl_dest | Destination (remote) IP address used for peer keepalive link pkl_dest is required whenever pkl options are used. | Optional | +| pkl_vrf | VRF used for peer keepalive link The VRF must exist on the device before using pkl_vrf. (Note) 'default' is an overloaded term: Default vrf context for pkl_vrf is 'management'; 'pkl_vrf: default' refers to the literal 'default' rib. Default is management. | Optional | +| peer_gw | Enables/Disables peer gateway. | Optional | +| auto_recovery | Enables/Disables auto recovery on platforms that support disable timers are not modifiable with this attribute mutually exclusive with auto_recovery_reload_delay. | Optional | +| auto_recovery_reload_delay | Manages auto-recovery reload-delay timer in seconds mutually exclusive with auto_recovery. | Optional | +| delay_restore | manages delay restore command and config value in seconds. | Optional | +| delay_restore_interface_vlan | manages delay restore interface-vlan command and config value in seconds not supported on all platforms. | Optional | +| delay_restore_orphan_port | manages delay restore orphan-port command and config value in seconds not supported on all platforms. | Optional | +| state | Manages desired state of the resource. Possible values are: present, absent. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVpc.commands | unknown | commands sent to the device | + + + +### nxos-vpc-interface +*** +Manages interface VPC configuration + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vpc_interface_module.html + + +#### Base Command + +`nxos-vpc-interface` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| portchannel | Group number of the portchannel that will be configured. | Required | +| vpc | VPC group/id that will be configured on associated portchannel. | Optional | +| peer_link | Set to true/false for peer link config on associated portchannel. | Optional | +| state | Manages desired state of the resource. Possible values are: present, absent. Default is present. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVpcInterface.commands | unknown | commands sent to the device | + + + +### nxos-vrf +*** +Manages global VRF configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vrf_module.html + + +#### Base Command + +`nxos-vrf` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of VRF to be managed. | Required | +| admin_state | Administrative state of the VRF. Possible values are: up, down. Default is up. | Optional | +| vni | Specify virtual network identifier. Valid values are Integer or keyword 'default'. | Optional | +| rd | VPN Route Distinguisher (RD). Valid values are a string in one of the route-distinguisher formats (ASN2:NN, ASN4:NN, or IPV4:NN); the keyword 'auto', or the keyword 'default'. | Optional | +| interfaces | List of interfaces to check the VRF has been configured correctly or keyword 'default'. | Optional | +| associated_interfaces | This is a intent option and checks the operational state of the for given vrf `name` for associated interfaces. If the value in the `associated_interfaces` does not match with the operational state of vrf interfaces on device it will result in failure. | Optional | +| aggregate | List of VRFs definitions. | Optional | +| purge | Purge VRFs not defined in the `aggregate` parameter. Default is no. | Optional | +| state | Manages desired state of the resource. Possible values are: present, absent. Default is present. | Optional | +| description | Description of the VRF or keyword 'default'. | Optional | +| delay | Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state arguments. Default is 10. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVrf.commands | unknown | commands sent to the device | + + +#### Command Example +```!nxos-vrf host="192.168.1.19" name="ntc" description="testing" state="present" ``` + +#### Context Example +```json +{ + "CiscoNXOS": { + "NxosVrf": { + "changed": true, + "commands": [ + "vrf context ntc", + "description testing", + "no shutdown", + "exit" + ], + "host": "192.168.1.19", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 192.168.1.19 - CHANGED +> * changed: True +> * ## Commands +> * 0: vrf context ntc +> * 1: description testing +> * 2: no shutdown +> * 3: exit + +### nxos-vrf-af +*** +Manages VRF AF. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vrf_af_module.html + + +#### Base Command + +`nxos-vrf-af` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| vrf | Name of the VRF. | Required | +| afi | Address-Family Identifier (AFI). Possible values are: ipv4, ipv6. | Required | +| route_target_both_auto_evpn | Enable/Disable the EVPN route-target 'auto' setting for both import and export target communities. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVrfAf.commands | unknown | commands sent to the device | + + + +### nxos-vrf-interface +*** +Manages interface specific VRF configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vrf_interface_module.html + + +#### Base Command + +`nxos-vrf-interface` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| vrf | Name of VRF to be managed. | Required | +| interface | Full name of interface to be managed, i.e. Ethernet1/1. | Required | +| state | Manages desired state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVrfInterface.commands | unknown | commands sent to the device | + + + +### nxos-vrrp +*** +Manages VRRP configuration on NX-OS switches. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vrrp_module.html + + +#### Base Command + +`nxos-vrrp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| group | VRRP group number. | Required | +| interface | Full name of interface that is being managed for VRRP. | Required | +| interval | Time interval between advertisement or 'default' keyword. Default is 1. | Optional | +| priority | VRRP priority or 'default' keyword. Default is 100. | Optional | +| preempt | Enable/Disable preempt. Default is yes. | Optional | +| vip | VRRP virtual IP address or 'default' keyword. | Optional | +| authentication | Clear text authentication string or 'default' keyword. | Optional | +| admin_state | Used to enable or disable the VRRP process. Possible values are: shutdown, no shutdown, default. Default is shutdown. | Optional | +| state | Specify desired state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVrrp.commands | unknown | commands sent to the device | + + + +### nxos-vtp-domain +*** +Manages VTP domain configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vtp_domain_module.html + + +#### Base Command + +`nxos-vtp-domain` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| domain | VTP domain name. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVtpDomain.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosVtpDomain.existing | unknown | k/v pairs of existing vtp domain | +| CiscoNXOS.NxosVtpDomain.end_state | unknown | k/v pairs of vtp domain after module execution | +| CiscoNXOS.NxosVtpDomain.updates | unknown | command sent to the device | +| CiscoNXOS.NxosVtpDomain.changed | boolean | check to see if a change was made on the device | + + + +### nxos-vtp-password +*** +Manages VTP password configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vtp_password_module.html + + +#### Base Command + +`nxos-vtp-password` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| vtp_password | VTP password. | Optional | +| state | Manage the state of the resource. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVtpPassword.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosVtpPassword.existing | unknown | k/v pairs of existing vtp | +| CiscoNXOS.NxosVtpPassword.end_state | unknown | k/v pairs of vtp after module execution | +| CiscoNXOS.NxosVtpPassword.updates | unknown | command sent to the device | +| CiscoNXOS.NxosVtpPassword.changed | boolean | check to see if a change was made on the device | + + + +### nxos-vtp-version +*** +Manages VTP version configuration. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vtp_version_module.html + + +#### Base Command + +`nxos-vtp-version` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| version | VTP version number. Possible values are: 1, 2. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVtpVersion.proposed | unknown | k/v pairs of parameters passed into module | +| CiscoNXOS.NxosVtpVersion.existing | unknown | k/v pairs of existing vtp | +| CiscoNXOS.NxosVtpVersion.end_state | unknown | k/v pairs of vtp after module execution | +| CiscoNXOS.NxosVtpVersion.updates | unknown | command sent to the device | +| CiscoNXOS.NxosVtpVersion.changed | boolean | check to see if a change was made on the device | + + + +### nxos-vxlan-vtep +*** +Manages VXLAN Network Virtualization Endpoint (NVE). + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vxlan_vtep_module.html + + +#### Base Command + +`nxos-vxlan-vtep` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| interface | Interface name for the VXLAN Network Virtualization Endpoint. | Required | +| description | Description of the NVE interface. | Optional | +| host_reachability | Specify mechanism for host reachability advertisement. | Optional | +| shutdown | Administratively shutdown the NVE interface. | Optional | +| source_interface | Specify the loopback interface whose IP address should be used for the NVE interface. | Optional | +| source_interface_hold_down_time | Suppresses advertisement of the NVE loopback address until the overlay has converged. | Optional | +| global_mcast_group_L3 | Global multicast ip prefix for L3 VNIs or the keyword 'default' This is available on NX-OS 9K series running 9.2.x or higher. | Optional | +| global_mcast_group_L2 | Global multicast ip prefix for L2 VNIs or the keyword 'default' This is available on NX-OS 9K series running 9.2.x or higher. | Optional | +| global_suppress_arp | Enables ARP suppression for all VNIs This is available on NX-OS 9K series running 9.2.x or higher. | Optional | +| global_ingress_replication_bgp | Configures ingress replication protocol as bgp for all VNIs This is available on NX-OS 9K series running 9.2.x or higher. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVxlanVtep.commands | unknown | commands sent to the device | + + + +### nxos-vxlan-vtep-vni +*** +Creates a Virtual Network Identifier member (VNI) + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nxos_vxlan_vtep_vni_module.html + + +#### Base Command + +`nxos-vxlan-vtep-vni` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| interface | Interface name for the VXLAN Network Virtualization Endpoint. | Required | +| vni | ID of the Virtual Network Identifier. | Required | +| assoc_vrf | This attribute is used to identify and separate processing VNIs that are associated with a VRF and used for routing. The VRF and VNI specified with this command must match the configuration of the VNI under the VRF. | Optional | +| ingress_replication | Specifies mechanism for host reachability advertisement. Possible values are: bgp, static, default. | Optional | +| multicast_group | The multicast group (range) of the VNI. Valid values are string and keyword 'default'. | Optional | +| peer_list | Set the ingress-replication static peer list. Valid values are an array, a space-separated string of ip addresses, or the keyword 'default'. | Optional | +| suppress_arp | Suppress arp under layer 2 VNI. | Optional | +| suppress_arp_disable | Overrides the global ARP suppression config. This is available on NX-OS 9K series running 9.2.x or higher. | Optional | +| state | Determines whether the config should be present or not on the device. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CiscoNXOS.NxosVxlanVtepVni.commands | unknown | commands sent to the device | + + diff --git a/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/command_examples b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/command_examples new file mode 100644 index 000000000000..d2dd917dd7a6 --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/Integrations/AnsibleCiscoNXOS/command_examples @@ -0,0 +1,74 @@ +!nxos-aaa-server host="192.168.1.19" server_type="radius" server_timeout="9" deadtime="20" directed_request="enabled" +!nxos-aaa-server-host host="192.168.1.19" state="present" server_type="radius" address="1.2.3.4" acct_port="2084" host_timeout="10" +!nxos-acl host="192.168.1.19" name="ANSIBLE" seq="10" action="permit" proto="tcp" src="192.0.2.1/24" dest="any" state="present" +!nxos-acl-interface host="192.168.1.19" name="ANSIBLE" interface="ethernet1/41" direction="egress" state="present" +!nxos-banner host="192.168.1.19" banner="exec" text="this is my exec banner" state="present" +!nxos-bfd-global host="192.168.1.19" echo_rx_interval="50" interval="{'tx': 50, 'min_rx': 50, 'multiplier': 4}" +!nxos-bfd-interfaces host="192.168.1.19" state="deleted" +!nxos-bgp host="192.168.1.19" asn="65535" vrf="test" router_id="192.0.2.1" state="present" +!nxos-bgp-af host="192.168.1.19" asn="65535" vrf="TESTING" afi="ipv4" safi="unicast" advertise_l2vpn_evpn="True" state="present" +!nxos-bgp-neighbor host="192.168.1.19" asn="65535" neighbor="1.1.1.1" local_as="20" remote_as="30" bfd="enable" description="just a description" update_source="Ethernet1/3" state="present" +!nxos-bgp-neighbor-af host="192.168.1.19" asn="65535" neighbor="1.1.1.1" afi="ipv4" safi="unicast" route_reflector_client="True" state="present" +!nxos-command host="192.168.1.19" commands="show version" +!nxos-config host="192.168.1.19" lines="hostname n9kv01" save_when="modified" backup=yes +!nxos-evpn-global host="192.168.1.19" nv_overlay_evpn="True" +!nxos-evpn-vni host="192.168.1.19" vni="6000" route_distinguisher="60:10" route_target_import="['5000:10', '4100:100']" route_target_export="auto" route_target_both="default" +!nxos-facts host="192.168.1.19" gather_subset="all" +!nxos-feature host="192.168.1.19" feature="lacp" state="enabled" +!nxos-gir host="192.168.1.19" system_mode_maintenance="True" +!nxos-gir-profile-management host="192.168.1.19" mode="maintenance" commands="{{ ['router eigrp 11', 'isolate'] }}" +!nxos-hsrp host="192.168.1.19" group="10" vip="10.1.1.1" priority="150" interface="vlan10" preempt="enabled" host="1.1.1.2" +!nxos-igmp host="192.168.1.19" state="default" +!nxos-igmp-interface host="192.168.1.19" interface="ethernet1/32" startup_query_interval="30" oif_ps="[{'prefix': '1.1.1.3'}, {'source': '192.168.0.1', 'prefix': '1.1.1.4'}]" state="present" +!nxos-igmp-snooping host="192.168.1.19" state="default" +!nxos-install-os host="192.168.1.19" system_image_file="nxos.9.3.3.bin" issu="desired" +!nxos-interface-ospf host="192.168.1.19" interface="ethernet1/32" ospf="1" area="1" bfd="disable" cost="default" +!nxos-interfaces host="192.168.1.19" config="{{ [{'name': 'Ethernet1/1', 'description': 'Configured by Ansible', 'enabled': True}, {'name': 'Ethernet1/2', 'description': 'Configured by Ansible Network', 'enabled': False}] }}" state="merged" +!nxos-l2-interfaces host="192.168.1.19" config="{{ [{'name': 'Ethernet1/1', 'trunk': {'native_vlan': 10, 'allowed_vlans': '2,4,15'}}, {'name': 'Ethernet1/2', 'access': {'vlan': 30}}] }}" state="merged" +!nxos-l3-interfaces host="192.168.1.19" config="{{ [{'name': 'Ethernet1/6', 'ipv4': [{'address': '192.168.1.1/24', 'tag': 5}, {'address': '10.1.1.1/24', 'secondary': True, 'tag': 10}], 'ipv6': [{'address': '11:11:11:11:11:11:11:11/64', 'tag': 6}]}] }}" state="merged" +!nxos-lacp host="192.168.1.19" config="{'system': {'priority': 10, 'mac': {'address': '00c1.4c00.bd15'}}}" state="merged" +!nxos-lacp-interfaces host="192.168.1.19" config="{{ [{'name': 'Ethernet1/3', 'port_priority': 5, 'rate': 'fast'}] }}" state="merged" +!nxos-lag-interfaces host="192.168.1.19" config="{{ [{'name': 'port-channel99', 'members': [{'member': 'Ethernet1/4'}]}] }}" state="merged" +!nxos-lldp host="192.168.1.19" state="present" +!nxos-lldp-global host="192.168.1.19" config="{'timer': 35, 'holdtime': 100}" state="merged" +!nxos-logging host="192.168.1.19" dest="console" level="2" state="present" +!nxos-ntp host="192.168.1.19" server="1.2.3.4" key_id="32" prefer="enabled" +!nxos-ntp-auth host="192.168.1.19" key_id="32" md5string="hello" auth_type="text" +!nxos-ntp-options host="192.168.1.19" master="True" stratum="12" logging="False" +!nxos-nxapi host="192.168.1.19" state="present" sandbox=No +!nxos-ospf host="192.168.1.19" ospf="1" state="present" +!nxos-ospf-vrf host="192.168.1.19" ospf="1" timer_throttle_spf_start="50" timer_throttle_spf_hold="1000" timer_throttle_spf_max="2000" timer_throttle_lsa_start="60" timer_throttle_lsa_hold="1100" timer_throttle_lsa_max="3000" vrf="test" bfd="enable" state="present" +!nxos-overlay-global host="192.168.1.19" anycast_gateway_mac="b.b.b" +!nxos-pim host="192.168.1.19" bfd="enable" ssm_range="224.0.0.0/8" +!nxos-pim-interface host="192.168.1.19" interface="eth1/33" state="absent" +!nxos-pim-rp-address host="192.168.1.19" rp_address="10.1.1.20" state="present" +!nxos-ping host="192.168.1.19" dest="8.8.8.8" vrf="management" host="1.1.1.2" +!nxos-reboot host="192.168.1.19" confirm="True" +!nxos-rollback host="192.168.1.19" checkpoint_file="backup.cfg" +!nxos-rpm host="192.168.1.19" pkg="nxos.sample-n9k_ALL-1.0.0-7.0.3.I7.3.lib32_n9000.rpm" +!nxos-smu host="192.168.1.19" pkg="nxos.CSCuz65185-n9k_EOR-1.0.0-7.0.3.I2.2d.lib32_n9000.rpm" +!nxos-snapshot host="192.168.1.19" action="create" snapshot_name="test_snapshot" description="Done with Ansible" save_snapshot_locally="True" path="/home/user/snapshots/" +!nxos-snmp-community host="192.168.1.19" community="TESTING7" group="network-operator" state="present" +!nxos-snmp-contact host="192.168.1.19" contact="Test" state="present" +!nxos-snmp-host host="192.168.1.19" snmp_host="1.1.1.1" community="TESTING" state="present" +!nxos-snmp-location host="192.168.1.19" location="Test" state="present" +!nxos-snmp-traps host="192.168.1.19" group="lldp" state="enabled" +!nxos-snmp-user host="192.168.1.19" user="ntc" group="network-operator" authentication="md5" pwd="test_password" +!nxos-static-route host="192.168.1.19" prefix="1.1.1.5/24" next_hop="1.1.1.1" route_name="testing" pref="100" +!nxos-system host="192.168.1.19" hostname="nxos01" domain_name="test.example.com" +!nxos-telemetry host="192.168.1.19" state="deleted" +!nxos-udld host="192.168.1.19" aggressive="disabled" msg_time="20" host="{{ inventory_hostname }}" username="{{ un }}" password="{{ pwd }}" +!nxos-udld-interface host="192.168.1.19" interface="Ethernet1/1" mode="aggressive" state="present" host="{{ inventory_hostname }}" username="{{ un }}" password="{{ pwd }}" +!nxos-user host="192.168.1.19" name="ansible" sshkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCz9aExI6bhMhrhN6I03TfLuCyBG1eLWESO0yL4OxbhcG8lv/iGvDTfOEL5QGXEk57JK18PbYG1I/wQ26H4vcf3Uz19CXOlKO2OdwIV5kPIspkVoxAnTniI5puCSZi9HCncGeBwfExPdntL/bEwhocgGSK8NIRBbBZZBWDCNV0psQXt68twteJPZ9i7cP0MPbuBmNkBAgmn3E2XLYGYCs16KwR+leOIKB3FiOQl93AvfOU2lt1mjHsvXMLNM82jLJLhWgLkyVyXvfRhTO03LlVPBHomH+CX3wTVVyEGqGFbIIhJvEMhYjN6hSDc+4UUrDXJE2LSPwhpmEcfDKQz5eNHz9zYb05mBdYoH/kFpAO/R6h7J1u0wXnM/icWCU0mC1CHipqEO60flL1a+T2FT+dgaA0dxRaxRUKJ+H8qjX/i1dz9w+fwWnAp75z61MIcmQQBYvzGWzcarlZ7cwqMHZMwW6xHvLWlLcFnZI1brQLBp0j4iYGINrws0REZ645u+DM=" state="present" +!nxos-vlans host="192.168.1.19" config="{{[{'vlan_id': 5, 'name': 'test-vlan5'}, {'vlan_id': 10, 'enabled': False}] }}" state="merged" +!nxos-vpc host="192.168.1.19" domain="100" role_priority="1000" system_priority="2000" pkl_dest="1.1.1.6" pkl_src="1.1.1.7" peer_gw="True" auto_recovery="True" +!nxos-vpc-interface host="192.168.1.19" portchannel="10" vpc="100" +!nxos-vrf host="192.168.1.19" name="ntc" description="testing" state="present" +!nxos-vrf-af host="192.168.1.19" vrf="ntc" afi="ipv4" route_target_both_auto_evpn="True" state="present" +!nxos-vrf-interface host="192.168.1.19" vrf="ntc" interface="Ethernet1/1" state="present" +!nxos-vrrp host="192.168.1.19" interface="vlan10" group="100" vip="1.1.1.1" +!nxos-vtp-domain host="192.168.1.19" domain="ntc" host="{{ inventory_hostname }}" username="{{ un }}" password="{{ pwd }}" +!nxos-vtp-password host="192.168.1.19" state="present" host="{{ inventory_hostname }}" username="{{ un }}" password="{{ pwd }}" +!nxos-vtp-version host="192.168.1.19" version="2" host="{{ inventory_hostname }}" username="{{ un }}" password="{{ pwd }}" +!nxos-vxlan-vtep host="192.168.1.19" interface="nve1" description="default" host_reachability="default" source_interface="Loopback0" source_interface_hold_down_time="30" shutdown="default" +!nxos-vxlan-vtep-vni host="192.168.1.19" interface="nve1" vni="6000" ingress_replication="default" diff --git a/Packs/AnsibleCiscoNXOS/README.md b/Packs/AnsibleCiscoNXOS/README.md new file mode 100644 index 000000000000..ea7743ea8337 --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/README.md @@ -0,0 +1,35 @@ +This pack enables you to manage Cisco NXOS switches and routers using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack allow you to manage? + +* Authentication, Authorization and Accounting (AAA) +* Access Control Lists (ACLs) +* Banners +* Bidirectional Forwarding Detection (BFD) +* Border Gateway Protocol (BGP) +* Execute arbitrary commands +* Ethernet VPN (EVPN) +* Features +* Graceful Insertion and Removal (GIR) +* ICMP +* Install updates +* Interfaces +* Link Aggregation Control Protocol (LACP) +* Link Aggregation Group (LAG) +* Link Layer Discovery Protocol (LLDP) +* Logging +* NTP +* NXAPI +* Open Shortest Path First (OSPF) Routing +* Protocol Independent Multicast (PIM) +* Configuration Checkpoints +* Snapshots +* Simple Network Management Protocol (SNMP) +* Routes +* System settings +* Unidirectional Link Detection (UDLD) +* VLANs +* Virtual PortChannel (VPC) +* Virtual Routing and Forwarding (VRF) +* VLAN Trunking Protocol (VTP) +* VXLAN \ No newline at end of file diff --git a/Packs/AnsibleCiscoNXOS/pack_metadata.json b/Packs/AnsibleCiscoNXOS/pack_metadata.json new file mode 100644 index 000000000000..791edf7deb4c --- /dev/null +++ b/Packs/AnsibleCiscoNXOS/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible Cisco NXOS", + "description": "Manage and control Cisco NXOS based network devices.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT", "Network"], + "useCases": ["IT Services", "Asset Management", "Network Security"], + "keywords": [] +} \ No newline at end of file diff --git a/Packs/AnsibleHetznerCloud/.pack-ignore b/Packs/AnsibleHetznerCloud/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleHetznerCloud/.secrets-ignore b/Packs/AnsibleHetznerCloud/.secrets-ignore new file mode 100644 index 000000000000..cf9577d59b47 --- /dev/null +++ b/Packs/AnsibleHetznerCloud/.secrets-ignore @@ -0,0 +1,4 @@ +11:11:11:11:11:11:11:12 +123.123.123.123 +10.100.1.0 +10.0.1.1 diff --git a/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.py b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.py new file mode 100644 index 000000000000..79c7c8645b0e --- /dev/null +++ b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.py @@ -0,0 +1,92 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'local' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + creds_mapping = { + "password": "api_token" + } + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + result = generic_ansible('HCloud', 'hcloud_datacenter_info', args, int_params, host_type, creds_mapping) + + if result: + return_results('ok') + else: + return_results(result) + + elif command == 'hcloud-datacenter-info': + return_results(generic_ansible('HCloud', 'hcloud_datacenter_info', args, int_params, host_type, + creds_mapping)) + elif command == 'hcloud-floating-ip-info': + return_results(generic_ansible('HCloud', 'hcloud_floating_ip_info', args, int_params, host_type, + creds_mapping)) + elif command == 'hcloud-image-info': + return_results(generic_ansible('HCloud', 'hcloud_image_info', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-location-info': + return_results(generic_ansible('HCloud', 'hcloud_location_info', args, int_params, host_type, + creds_mapping)) + elif command == 'hcloud-network': + return_results(generic_ansible('HCloud', 'hcloud_network', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-network-info': + return_results(generic_ansible('HCloud', 'hcloud_network_info', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-rdns': + return_results(generic_ansible('HCloud', 'hcloud_rdns', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-route': + return_results(generic_ansible('HCloud', 'hcloud_route', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-server': + return_results(generic_ansible('HCloud', 'hcloud_server', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-server-info': + return_results(generic_ansible('HCloud', 'hcloud_server_info', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-server-network': + return_results(generic_ansible('HCloud', 'hcloud_server_network', args, int_params, host_type, + creds_mapping)) + elif command == 'hcloud-server-type-info': + return_results(generic_ansible('HCloud', 'hcloud_server_type_info', args, int_params, host_type, + creds_mapping)) + elif command == 'hcloud-ssh-key': + return_results(generic_ansible('HCloud', 'hcloud_ssh_key', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-ssh-key-info': + return_results(generic_ansible('HCloud', 'hcloud_ssh_key_info', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-subnetwork': + return_results(generic_ansible('HCloud', 'hcloud_subnetwork', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-volume': + return_results(generic_ansible('HCloud', 'hcloud_volume', args, int_params, host_type, creds_mapping)) + elif command == 'hcloud-volume-info': + return_results(generic_ansible('HCloud', 'hcloud_volume_info', args, int_params, host_type, creds_mapping)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.yml b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.yml new file mode 100644 index 000000000000..557fb950699a --- /dev/null +++ b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud.yml @@ -0,0 +1,438 @@ +category: IT Services +commonfields: + id: AnsibleHCloud + version: -1 +configuration: +- additionalinfo: This is the API Token for the Hetzner Cloud. + display: Username + displaypassword: API Token + hiddenusername: true + name: creds + required: true + type: 9 +- additionalinfo: This is the API Endpoint for the Hetzner Cloud. + defaultvalue: https://api.hetzner.cloud/v1 + display: Endpoint + name: endpoint + required: true + type: 0 +description: Manage your Hetzner Cloud environment +display: Ansible HCloud +fromversion: 6.0.0 +name: AnsibleHCloud +script: + commands: + - arguments: + - description: The ID of the datacenter you want to get. + name: id + - description: The name of the datacenter you want to get. + name: name + description: "Gather info about the Hetzner Cloud datacenters.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_datacenter_info_module.html" + name: hcloud-datacenter-info + outputs: + - contextPath: HCloud.HcloudDatacenterInfo.hcloud_datacenter_info + description: 'The datacenter info as list This module was called `hcloud_datacenter_facts` + before Ansible 2.9, returning `ansible_facts` and `hcloud_datacenter_facts`. + Note that the `hcloud_datacenter_info` module no longer returns `ansible_facts` + and the value was renamed to `hcloud_datacenter_info`!' + type: unknown + - arguments: + - description: The ID of the Floating IP you want to get. + name: id + - description: The label selector for the Floating IP you want to get. + name: label_selector + description: "Gather infos about the Hetzner Cloud Floating IPs.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_floating_ip_info_module.html" + name: hcloud-floating-ip-info + outputs: + - contextPath: HCloud.HcloudFloatingIpInfo.hcloud_floating_ip_info + description: The Floating ip infos as list + type: unknown + - arguments: + - description: The ID of the image you want to get. + name: id + - description: The name of the image you want to get. + name: name + - description: The label selector for the images you want to get. + name: label_selector + - auto: PREDEFINED + defaultValue: system + description: The label selector for the images you want to get. + name: type + predefined: + - system + - snapshot + - backup + description: "Gather infos about your Hetzner Cloud images.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_image_info_module.html" + name: hcloud-image-info + outputs: + - contextPath: HCloud.HcloudImageInfo.hcloud_image_info + description: The image infos as list + type: unknown + - arguments: + - description: The ID of the location you want to get. + name: id + - description: The name of the location you want to get. + name: name + description: "Gather infos about your Hetzner Cloud locations.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_location_info_module.html" + name: hcloud-location-info + outputs: + - contextPath: HCloud.HcloudLocationInfo.hcloud_location_info + description: The location infos as list + type: unknown + - arguments: + - description: 'The ID of the Hetzner Cloud Networks to manage. Only required + if no Network `name` is given.' + name: id + - description: 'The Name of the Hetzner Cloud Network to manage. Only required + if no Network `id` is given or a Network does not exists.' + name: name + - description: 'IP range of the Network. Required if Network does not exists.' + name: ip_range + - description: User-defined labels (key-value pairs). + isArray: true + name: labels + - auto: PREDEFINED + defaultValue: present + description: State of the Network. + name: state + predefined: + - absent + - present + description: "Create and manage cloud Networks on the Hetzner Cloud.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_module.html" + name: hcloud-network + outputs: + - contextPath: HCloud.HcloudNetwork.hcloud_network + description: The Network + type: unknown + - arguments: + - description: The ID of the network you want to get. + name: id + - description: The name of the network you want to get. + name: name + - description: The label selector for the network you want to get. + name: label_selector + description: "Gather info about your Hetzner Cloud networks.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_info_module.html" + name: hcloud-network-info + outputs: + - contextPath: HCloud.HcloudNetworkInfo.hcloud_network_info + description: The network info as list + type: unknown + - arguments: + - description: The name of the Hetzner Cloud server you want to add the reverse + DNS entry to. + name: server + required: true + - description: The IP address that should point to `dns_ptr`. + name: ip_address + required: true + - description: 'The DNS address the `ip_address` should resolve to. Omit the param + to reset the reverse DNS entry to the default value.' + name: dns_ptr + - auto: PREDEFINED + defaultValue: present + description: State of the reverse DNS entry. + name: state + predefined: + - absent + - present + description: "Create and manage reverse DNS entries on the Hetzner Cloud.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_rdns_module.html" + name: hcloud-rdns + outputs: + - contextPath: HCloud.HcloudRdns.hcloud_rdns + description: The reverse DNS entry + type: unknown + - arguments: + - description: The name of the Hetzner Cloud Network. + name: network + required: true + - description: Destination network or host of this route. + name: destination + required: true + - description: Gateway for the route. + name: gateway + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the route. + name: state + predefined: + - absent + - present + description: "Create and delete cloud routes on the Hetzner Cloud.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_route_module.html" + name: hcloud-route + outputs: + - contextPath: HCloud.HcloudRoute.hcloud_route + description: One Route of a Network + type: unknown + - arguments: + - description: 'The ID of the Hetzner Cloud server to manage. Only required if + no server `name` is given' + name: id + - description: 'The Name of the Hetzner Cloud server to manage. Only required + if no server `id` is given or a server does not exists.' + name: name + - description: 'The Server Type of the Hetzner Cloud server to manage. Required + if server does not exists.' + name: server_type + - description: 'List of SSH key names The key names correspond to the SSH keys + configured for your Hetzner Cloud account access.' + isArray: true + name: ssh_keys + - description: List of Volumes IDs that should be attached to the server on server + creation. + isArray: true + name: volumes + - description: 'Image the server should be created from. Required if server does + not exists.' + name: image + - description: 'Location of Server. Required if no `datacenter` is given and server + does not exists.' + name: location + - description: 'Datacenter of Server. Required of no `location` is given and server + does not exists.' + name: datacenter + - auto: PREDEFINED + defaultValue: 'No' + description: Enable or disable Backups for the given Server. + name: backups + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Resize the disk size, when resizing a server. If you want to downgrade + the server later, this value should be False.' + name: upgrade_disk + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Force the upgrade of the server. Power off the server if it is + running on upgrade.' + name: force_upgrade + predefined: + - 'Yes' + - 'No' + - description: 'User Data to be passed to the server on creation. Only used if + server does not exists.' + name: user_data + - description: Add the Hetzner rescue system type you want the server to be booted + into. + name: rescue_mode + - description: User-defined labels (key-value pairs). + isArray: true + name: labels + - auto: PREDEFINED + defaultValue: present + description: State of the server. + name: state + predefined: + - absent + - present + - restarted + - started + - stopped + - rebuild + description: "Create and manage cloud servers on the Hetzner Cloud.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_module.html" + name: hcloud-server + outputs: + - contextPath: HCloud.HcloudServer.hcloud_server + description: The server instance + type: unknown + - arguments: + - description: The ID of the server you want to get. + name: id + - description: The name of the server you want to get. + name: name + - description: The label selector for the server you want to get. + name: label_selector + description: "Gather infos about your Hetzner Cloud servers.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_info_module.html" + name: hcloud-server-info + outputs: + - contextPath: HCloud.HcloudServerInfo.hcloud_server_info + description: The server infos as list + type: unknown + - arguments: + - description: The name of the Hetzner Cloud Networks. + name: network + required: true + - description: The name of the Hetzner Cloud server. + name: server + required: true + - description: The IP the server should have. + name: ip + - description: Alias IPs the server has. + isArray: true + name: alias_ips + - auto: PREDEFINED + defaultValue: present + description: State of the server_network. + name: state + predefined: + - absent + - present + description: "Manage the relationship between Hetzner Cloud Networks and servers\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_network_module.html" + name: hcloud-server-network + outputs: + - contextPath: HCloud.HcloudServerNetwork.hcloud_server_network + description: The relationship between a server and a network + type: unknown + - arguments: + - description: The ID of the server type you want to get. + name: id + - description: The name of the server type you want to get. + name: name + description: "Gather infos about the Hetzner Cloud server types.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_type_info_module.html" + name: hcloud-server-type-info + outputs: + - contextPath: HCloud.HcloudServerTypeInfo.hcloud_server_type_info + description: The server type infos as list + type: unknown + - arguments: + - description: 'The ID of the Hetzner Cloud ssh_key to manage. Only required if + no ssh_key `name` is given' + name: id + - description: 'The Name of the Hetzner Cloud ssh_key to manage. Only required + if no ssh_key `id` is given or a ssh_key does not exists.' + name: name + - description: 'The Fingerprint of the Hetzner Cloud ssh_key to manage. Only required + if no ssh_key `id` or `name` is given.' + name: fingerprint + - description: User-defined labels (key-value pairs) + isArray: true + name: labels + - description: 'The Public Key to add. Required if ssh_key does not exists.' + name: public_key + - auto: PREDEFINED + defaultValue: present + description: State of the ssh_key. + name: state + predefined: + - absent + - present + description: "Create and manage ssh keys on the Hetzner Cloud.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_module.html" + name: hcloud-ssh-key + outputs: + - contextPath: HCloud.HcloudSshKey.hcloud_ssh_key + description: The ssh_key instance + type: unknown + - arguments: + - description: The ID of the ssh key you want to get. + name: id + - description: The name of the ssh key you want to get. + name: name + - description: The fingerprint of the ssh key you want to get. + name: fingerprint + - description: The label selector for the ssh key you want to get. + name: label_selector + description: "Gather infos about your Hetzner Cloud ssh_keys.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_info_module.html" + name: hcloud-ssh-key-info + outputs: + - contextPath: HCloud.HcloudSshKeyInfo.hcloud_ssh_key_info + description: The ssh key instances + type: unknown + - arguments: + - description: The ID or Name of the Hetzner Cloud Networks. + name: network + required: true + - description: IP range of the subnetwork. + name: ip_range + required: true + - description: Type of subnetwork. + name: type + required: true + - description: Name of network zone. + name: network_zone + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the subnetwork. + name: state + predefined: + - absent + - present + description: "Manage cloud subnetworks on the Hetzner Cloud.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_subnetwork_module.html" + name: hcloud-subnetwork + outputs: + - contextPath: HCloud.HcloudSubnetwork.hcloud_subnetwork + description: One Subnet of a Network + type: unknown + - arguments: + - description: 'The ID of the Hetzner Cloud Block Volume to manage. Only required + if no volume `name` is given' + name: id + - description: 'The Name of the Hetzner Cloud Block Volume to manage. Only required + if no volume `id` is given or a volume does not exists.' + name: name + - description: 'The size of the Block Volume in GB. Required if volume does not + yet exists.' + name: size + - description: Automatically mount the Volume. + name: automount + - auto: PREDEFINED + description: 'Automatically Format the volume on creation Can only be used in + case the Volume does not exists.' + name: format + predefined: + - xfs + - ext4 + - description: 'Location of the Hetzner Cloud Volume. Required if no `server` + is given and Volume does not exists.' + name: location + - description: 'Server Name the Volume should be assigned to. Required if no `location` + is given and Volume does not exists.' + name: server + - description: User-defined key-value pairs. + isArray: true + name: labels + - auto: PREDEFINED + defaultValue: present + description: State of the volume. + name: state + predefined: + - absent + - present + description: "Create and manage block volumes on the Hetzner Cloud.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_module.html" + name: hcloud-volume + outputs: + - contextPath: HCloud.HcloudVolume.hcloud_volume + description: The block volume + type: unknown + - arguments: + - description: The ID of the volume you want to get. + name: id + - description: The name of the volume you want to get. + name: name + - description: The label selector for the volume you want to get. + name: label_selector + description: "Gather infos about your Hetzner Cloud volumes.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_info_module.html" + name: hcloud-volume-info + outputs: + - contextPath: HCloud.HcloudVolumeInfo.hcloud_volume_info + description: The volume infos as list + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud_description.md b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud_description.md new file mode 100644 index 000000000000..9485ae07ad2c --- /dev/null +++ b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud_description.md @@ -0,0 +1,13 @@ +# Ansible Hetzner Cloud +Manage Hetzner Cloud resources. + +# Authorize Cortex XSOAR for Hetzner Cloud + +To use this integration you must generate an API token for your HCloud project. + +1. Navigate to the [HCloud Console](https://console.hetzner.cloud/projects) +2. Select the project you wish to manage with XSOAR +3. Navigate to **Security** > **API Tokens** and generate an API token with Read & Write +4. Provide this token when you add a configure a Instance of this integration in XSOAR. + +**NOTE**: If using 6.0.2 or lower version, put your API Token in the **Password** field, leave the **Username** field empty. diff --git a/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud_image.png b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/AnsibleHCloud_image.png new file mode 100644 index 0000000000000000000000000000000000000000..02730a9d256e4e811ec7f5ec76baca4e56ad97e3 GIT binary patch literal 1073 zcmV-11kU@3P)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!T^FP!?aa7wrj+lp14-_*enk`f0-9f-I12*SLQ!p8 zxO9a-cV{23>hR~T)-bEd6UA#B?pf2^T3o#DB+%P3? z05RIFp99*`1m{fKi1zjMRwV|3_xJFH(TRb`N^TLjOS5|)o=hSqQ``(rOVkW5h(fPy z#4c$D%O~KZ{U*Ni+C8%wkjWI?%Qkby+jG5W-`D814-I0`(d<2VPYB zjqCFXv3Luqj~R@C>Vk2T`x9!8OKz1i2jb=_N^Wv_VRA?96PI8%dX%6fc=Zk>=q6NA zklZscS4_$02gKj)w3A8H_jmOeDwTH-SJUUFSmT>49CHh1pDFopAlKvA-=-K(sK1hz zXw;Ru$>PTFsB!(i&KozwVf1my`Wb3=iN@gYe&r^&4+GE+B__8@`HFMzvATdVe;)B^ zTfjwp=bR^im7Kw87{>9z42UGuU)~vvw)bFmno=sd5%&b0P=AxM$+EEDCd3#+jKrTw zXv6)4yL0bCyKC03nixN$2MtSB~!z#Bk$Ao*QN>|JcB1*ZdZ!##fyXT00000NkvXXu0mjfz$x+b literal 0 HcmV?d00001 diff --git a/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md new file mode 100644 index 000000000000..f1250dcbf31f --- /dev/null +++ b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/README.md @@ -0,0 +1,1134 @@ +This integration enables the management of Hetzner Cloud environments using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server, all you need to do is provide credentials you are ready to use the feature rich commands. + +# Authorize Cortex XSOAR for Ansible Hetzner Cloud + +To use this integration you must generate an API token for your HCloud project. + +1. Navigate to the [HCloud Console](https://console.hetzner.cloud/projects) +2. Select the project you wish to manage with XSOAR +3. Navigate to **Security** > **API Tokens** and generate an API token with Read & Write +4. Provide this token when you add a configure a Instance of this integration in XSOAR. + +**NOTE**: If using 6.0.2 or lower version, put your API Token in the **Password** field, leave the **Username** field empty. + +## Configure Ansible HCloud on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible HCloud. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | API Token | This is the API Token for the Hetzner Cloud. | True | + | Endpoint | This is the API Endpoint for the Hetzner Cloud. | True | + +4. Click **Test** to validate the URLs, token, and connection. + + +# Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +# State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. + +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### hcloud-datacenter-info +*** +Gather info about the Hetzner Cloud datacenters. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_datacenter_info_module.html + + +#### Base Command + +`hcloud-datacenter-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the datacenter you want to get. | Optional | +| name | The name of the datacenter you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudDatacenterInfo.hcloud_datacenter_info | unknown | The datacenter info as list +This module was called \`hcloud_datacenter_facts\` before Ansible 2.9, returning \`ansible_facts\` and \`hcloud_datacenter_facts\`. Note that the \`hcloud_datacenter_info\` module no longer returns \`ansible_facts\` and the value was renamed to \`hcloud_datacenter_info\`\! | + + +#### Command Example +```!hcloud-datacenter-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudDatacenterInfo": [ + [ + { + "description": "Nuremberg 1 DC 3", + "id": "2", + "location": "nbg1", + "name": "nbg1-dc3" + }, + { + "description": "Helsinki 1 DC 2", + "id": "3", + "location": "hel1", + "name": "hel1-dc2" + }, + { + "description": "Falkenstein 1 DC14", + "id": "4", + "location": "fsn1", + "name": "fsn1-dc14" + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># Nbg1-Dc3 +> * description: Nuremberg 1 DC 3 +> * id: 2 +> * location: nbg1 +> * name: nbg1-dc3 +># Hel1-Dc2 +> * description: Helsinki 1 DC 2 +> * id: 3 +> * location: hel1 +> * name: hel1-dc2 +># Fsn1-Dc14 +> * description: Falkenstein 1 DC14 +> * id: 4 +> * location: fsn1 +> * name: fsn1-dc14 + + +### hcloud-floating-ip-info +*** +Gather infos about the Hetzner Cloud Floating IPs. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_floating_ip_info_module.html + + +#### Base Command + +`hcloud-floating-ip-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the Floating IP you want to get. | Optional | +| label_selector | The label selector for the Floating IP you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudFloatingIpInfo.hcloud_floating_ip_info | unknown | The Floating ip infos as list | + + +#### Command Example +```!hcloud-floating-ip-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudFloatingIpInfo": [ + [] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS + + +### hcloud-image-info +*** +Gather infos about your Hetzner Cloud images. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_image_info_module.html + + +#### Base Command + +`hcloud-image-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the image you want to get. | Optional | +| name | The name of the image you want to get. | Optional | +| label_selector | The label selector for the images you want to get. | Optional | +| type | The label selector for the images you want to get. Possible values are: system, snapshot, backup. Default is system. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudImageInfo.hcloud_image_info | unknown | The image infos as list | + + +#### Command Example +```!hcloud-image-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudImageInfo": [ + [ + { + "description": "Debian 9", + "id": "2", + "labels": {}, + "name": "debian-9", + "os_flavor": "debian", + "os_version": "9", + "status": "available", + "type": "system" + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># Debian-9 +> * description: Debian 9 +> * id: 2 +> * name: debian-9 +> * os_flavor: debian +> * os_version: 9 +> * status: available +> * type: system +> * ## Labels + + +### hcloud-location-info +*** +Gather infos about your Hetzner Cloud locations. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_location_info_module.html + + +#### Base Command + +`hcloud-location-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the location you want to get. | Optional | +| name | The name of the location you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudLocationInfo.hcloud_location_info | unknown | The location infos as list | + + +#### Command Example +```!hcloud-location-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudLocationInfo": [ + [ + { + "city": "Falkenstein", + "country": "DE", + "description": "Falkenstein DC Park 1", + "id": "1", + "name": "fsn1" + }, + { + "city": "Nuremberg", + "country": "DE", + "description": "Nuremberg DC Park 1", + "id": "2", + "name": "nbg1" + }, + { + "city": "Helsinki", + "country": "FI", + "description": "Helsinki DC Park 1", + "id": "3", + "name": "hel1" + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># Fsn1 +> * city: Falkenstein +> * country: DE +> * description: Falkenstein DC Park 1 +> * id: 1 +> * name: fsn1 +># Nbg1 +> * city: Nuremberg +> * country: DE +> * description: Nuremberg DC Park 1 +> * id: 2 +> * name: nbg1 +># Hel1 +> * city: Helsinki +> * country: FI +> * description: Helsinki DC Park 1 +> * id: 3 +> * name: hel1 + + +### hcloud-network +*** +Create and manage cloud Networks on the Hetzner Cloud. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_module.html + + +#### Base Command + +`hcloud-network` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the Hetzner Cloud Networks to manage.
Only required if no Network `name` is given. | Optional | +| name | The Name of the Hetzner Cloud Network to manage.
Only required if no Network `id` is given or a Network does not exists. | Optional | +| ip_range | IP range of the Network.
Required if Network does not exists. | Optional | +| labels | User-defined labels (key-value pairs). | Optional | +| state | State of the Network. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudNetwork.hcloud_network | unknown | The Network | + + +#### Command Example +```!hcloud-network name="my-network" ip_range="10.0.0.0/8" state="present" ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudNetwork": [ + { + "delete_protection": false, + "id": "1156447", + "ip_range": "10.0.0.0/8", + "labels": {}, + "name": "my-network", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * delete_protection: False +> * id: 1156447 +> * ip_range: 10.0.0.0/8 +> * name: my-network +> * ## Labels + + +### hcloud-network-info +*** +Gather info about your Hetzner Cloud networks. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_info_module.html + + +#### Base Command + +`hcloud-network-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the network you want to get. | Optional | +| name | The name of the network you want to get. | Optional | +| label_selector | The label selector for the network you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudNetworkInfo.hcloud_network_info | unknown | The network info as list | + + +#### Command Example +```!hcloud-network-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudNetworkInfo": [ + [ + { + "delete_protection": false, + "id": "1156447", + "ip_range": "10.0.0.0/8", + "labels": {}, + "name": "my-network", + "routes": [], + "servers": [], + "subnetworks": [] + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># My-Network +> * delete_protection: False +> * id: 1156447 +> * ip_range: 10.0.0.0/8 +> * name: my-network +> * ## Labels +> * ## Routes +> * ## Servers +> * ## Subnetworks + + +### hcloud-rdns +*** +Create and manage reverse DNS entries on the Hetzner Cloud. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_rdns_module.html + + +#### Base Command + +`hcloud-rdns` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| server | The name of the Hetzner Cloud server you want to add the reverse DNS entry to. | Required | +| ip_address | The IP address that should point to `dns_ptr`. | Required | +| dns_ptr | The DNS address the `ip_address` should resolve to.
Omit the param to reset the reverse DNS entry to the default value. | Optional | +| state | State of the reverse DNS entry. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudRdns.hcloud_rdns | unknown | The reverse DNS entry | + + +#### Command Example +```!hcloud-rdns server="my-server" ip_address="1.1.1.1" dns_ptr="example.com" state="present"``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudRdns": [ + { + "dns_ptr": "example.com", + "floating_ip": null, + "ip_address": "1.1.1.1", + "server": "my-server", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * dns_ptr: example.com +> * floating_ip: None +> * ip_address: 1.1.1.1 +> * server: my-server + +### hcloud-route +*** +Create and delete cloud routes on the Hetzner Cloud. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_route_module.html + + +#### Base Command + +`hcloud-route` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| network | The name of the Hetzner Cloud Network. | Required | +| destination | Destination network or host of this route. | Required | +| gateway | Gateway for the route. | Required | +| state | State of the route. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudRoute.hcloud_route | unknown | One Route of a Network | + + +#### Command Example +```!hcloud-route network="my-network" destination="1.1.1.1/24" gateway="1.1.1.1" state="present" ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudRoute": [ + { + "destination": "1.1.1.1/24", + "gateway": "1.1.1.1", + "network": "my-network", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * destination: 1.1.1.1/24 +> * gateway: 1.1.1.1 +> * network: my-network + + +### hcloud-server +*** +Create and manage cloud servers on the Hetzner Cloud. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_module.html + + +#### Base Command + +`hcloud-server` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the Hetzner Cloud server to manage.
Only required if no server `name` is given. | Optional | +| name | The Name of the Hetzner Cloud server to manage.
Only required if no server `id` is given or a server does not exists. | Optional | +| server_type | The Server Type of the Hetzner Cloud server to manage.
Required if server does not exists. | Optional | +| ssh_keys | List of SSH key names
The key names correspond to the SSH keys configured for your Hetzner Cloud account access. | Optional | +| volumes | List of Volumes IDs that should be attached to the server on server creation. | Optional | +| image | Image the server should be created from.
Required if server does not exists. | Optional | +| location | Location of Server.
Required if no `datacenter` is given and server does not exists. | Optional | +| datacenter | Datacenter of Server.
Required of no `location` is given and server does not exists. | Optional | +| backups | Enable or disable Backups for the given Server. Possible values are: Yes, No. Default is No. | Optional | +| upgrade_disk | Resize the disk size, when resizing a server.
If you want to downgrade the server later, this value should be False. Possible values are: Yes, No. Default is No. | Optional | +| force_upgrade | Force the upgrade of the server.
Power off the server if it is running on upgrade. Possible values are: Yes, No. Default is No. | Optional | +| user_data | User Data to be passed to the server on creation.
Only used if server does not exists. | Optional | +| rescue_mode | Add the Hetzner rescue system type you want the server to be booted into. | Optional | +| labels | User-defined labels (key-value pairs). | Optional | +| state | State of the server. Possible values are: absent, present, restarted, started, stopped, rebuild. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudServer.hcloud_server | unknown | The server instance | + + +#### Command Example +```!hcloud-server name="my-server" server_type="cx11" image="ubuntu-18.04" state="present" ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudServer": [ + { + "backup_window": "None", + "datacenter": "hel1-dc2", + "delete_protection": false, + "id": "12829887", + "image": "ubuntu-18.04", + "ipv4_address": "1.1.1.1", + "ipv6": "11:11:11:11:11:11:11:12/64", + "labels": {}, + "location": "hel1", + "name": "my-server", + "rebuild_protection": false, + "rescue_enabled": false, + "server_type": "cx11", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * backup_window: None +> * datacenter: hel1-dc2 +> * delete_protection: False +> * id: 12829887 +> * image: ubuntu-18.04 +> * ipv4_address: 1.1.1.1 +> * ipv6: 11:11:11:11:11:11:11:12/64 +> * location: hel1 +> * name: my-server +> * rebuild_protection: False +> * rescue_enabled: False +> * server_type: cx11 +> * status: running +> * ## Labels + + +### hcloud-server-info +*** +Gather infos about your Hetzner Cloud servers. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_info_module.html + + +#### Base Command + +`hcloud-server-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the server you want to get. | Optional | +| name | The name of the server you want to get. | Optional | +| label_selector | The label selector for the server you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudServerInfo.hcloud_server_info | unknown | The server infos as list | + + +#### Command Example +```!hcloud-server-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudServerInfo": [ + [ + { + "backup_window": "None", + "datacenter": "hel1-dc2", + "delete_protection": false, + "id": "12829887", + "image": "ubuntu-18.04", + "ipv4_address": "1.1.1.1", + "ipv6": "11:11:11:11:11:11:11:12/64", + "labels": {}, + "location": "hel1", + "name": "my-server", + "rebuild_protection": false, + "rescue_enabled": false, + "server_type": "cx11", + "status": "running" + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># My-Server +> * backup_window: None +> * datacenter: hel1-dc2 +> * delete_protection: False +> * id: 12829887 +> * image: ubuntu-18.04 +> * ipv4_address: 1.1.1.1 +> * ipv6: 11:11:11:11:11:11:11:12/64 +> * location: hel1 +> * name: my-server +> * rebuild_protection: False +> * rescue_enabled: False +> * server_type: cx11 +> * status: running +> * ## Labels + + +### hcloud-server-network +*** +Manage the relationship between Hetzner Cloud Networks and servers +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_network_module.html + + +#### Base Command + +`hcloud-server-network` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| network | The name of the Hetzner Cloud Networks. | Required | +| server | The name of the Hetzner Cloud server. | Required | +| ip | The IP the server should have. | Optional | +| alias_ips | Alias IPs the server has. | Optional | +| state | State of the server_network. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudServerNetwork.hcloud_server_network | unknown | The relationship between a server and a network | + + +#### Command Example +```!hcloud-server-network network="my-network" server="my-server" state="present"``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudServerNetwork": [ + { + "alias_ips": [], + "ip": "10.0.0.2", + "network": "my-network", + "server": "my-server", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * ip: 10.0.0.2 +> * network: my-network +> * server: my-server +> * ## Alias_Ips + +### hcloud-server-type-info +*** +Gather infos about the Hetzner Cloud server types. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_type_info_module.html + + +#### Base Command + +`hcloud-server-type-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the server type you want to get. | Optional | +| name | The name of the server type you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudServerTypeInfo.hcloud_server_type_info | unknown | The server type infos as list | + + +#### Command Example +```!hcloud-server-type-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudServerTypeInfo": [ + [ + { + "cores": 1, + "cpu_type": "shared", + "description": "CX11", + "disk": 20, + "id": "1", + "memory": 2, + "name": "cx11", + "storage_type": "local" + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># Cx11 +> * cores: 1 +> * cpu_type: shared +> * description: CX11 +> * disk: 20 +> * id: 1 +> * memory: 2.0 +> * name: cx11 +> * storage_type: local + + +### hcloud-ssh-key +*** +Create and manage ssh keys on the Hetzner Cloud. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_module.html + + +#### Base Command + +`hcloud-ssh-key` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the Hetzner Cloud ssh_key to manage.
Only required if no ssh_key `name` is given. | Optional | +| name | The Name of the Hetzner Cloud ssh_key to manage.
Only required if no ssh_key `id` is given or a ssh_key does not exists. | Optional | +| fingerprint | The Fingerprint of the Hetzner Cloud ssh_key to manage.
Only required if no ssh_key `id` or `name` is given. | Optional | +| labels | User-defined labels (key-value pairs). | Optional | +| public_key | The Public Key to add.
Required if ssh_key does not exists. | Optional | +| state | State of the ssh_key. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudSshKey.hcloud_ssh_key | unknown | The ssh_key instance | + + +#### Command Example +```!hcloud-ssh-key name="my-ssh_key" public_key="ssh-rsa XXXXX" state="present" ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudSshKey": [ + { + "fingerprint": "11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:11", + "id": "3964657", + "labels": {}, + "name": "my-ssh_key", + "public_key": "ssh-rsa XXXXX", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * fingerprint: 11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:11 +> * id: 3964657 +> * name: my-ssh_key +> * public_key: ssh-rsa XXXXX +> * ## Labels + + +### hcloud-ssh-key-info +*** +Gather infos about your Hetzner Cloud ssh_keys. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_info_module.html + + +#### Base Command + +`hcloud-ssh-key-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the ssh key you want to get. | Optional | +| name | The name of the ssh key you want to get. | Optional | +| fingerprint | The fingerprint of the ssh key you want to get. | Optional | +| label_selector | The label selector for the ssh key you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudSshKeyInfo.hcloud_ssh_key_info | unknown | The ssh key instances | + + +#### Command Example +```!hcloud-ssh-key-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudSshKeyInfo": [ + [ + { + "fingerprint": "11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:11", + "id": "3964657", + "labels": {}, + "name": "my-ssh_key", + "public_key": "ssh-rsa XXXXX" + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># My-Ssh_Key +> * fingerprint: 11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:11 +> * id: 3964657 +> * name: my-ssh_key +> * public_key: ssh-rsa XXXXX +> * ## Labels + + +### hcloud-subnetwork +*** +Manage cloud subnetworks on the Hetzner Cloud. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_subnetwork_module.html + + +#### Base Command + +`hcloud-subnetwork` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| network | The ID or Name of the Hetzner Cloud Networks. | Required | +| ip_range | IP range of the subnetwork. | Required | +| type | Type of subnetwork. | Required | +| network_zone | Name of network zone. | Required | +| state | State of the subnetwork. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudSubnetwork.hcloud_subnetwork | unknown | One Subnet of a Network | + + +#### Command Example +```!hcloud-subnetwork network="my-network" ip_range="10.0.0.0/16" network_zone="eu-central" type="server" state="present" ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudSubnetwork": [ + { + "gateway": "10.0.0.1", + "ip_range": "10.0.0.0/16", + "network": "my-network", + "network_zone": "eu-central", + "status": "CHANGED", + "type": "server", + "vswitch_id": null + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * gateway: 10.0.0.1 +> * ip_range: 10.0.0.0/16 +> * network: my-network +> * network_zone: eu-central +> * type: server +> * vswitch_id: None + + +### hcloud-volume +*** +Create and manage block volumes on the Hetzner Cloud. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_module.html + + +#### Base Command + +`hcloud-volume` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the Hetzner Cloud Block Volume to manage.
Only required if no volume `name` is given. | Optional | +| name | The Name of the Hetzner Cloud Block Volume to manage.
Only required if no volume `id` is given or a volume does not exists. | Optional | +| size | The size of the Block Volume in GB.
Required if volume does not yet exists. | Optional | +| automount | Automatically mount the Volume. | Optional | +| format | Automatically Format the volume on creation
Can only be used in case the Volume does not exists. Possible values are: xfs, ext4. | Optional | +| location | Location of the Hetzner Cloud Volume.
Required if no `server` is given and Volume does not exists. | Optional | +| server | Server Name the Volume should be assigned to.
Required if no `location` is given and Volume does not exists. | Optional | +| labels | User-defined key-value pairs. | Optional | +| state | State of the volume. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudVolume.hcloud_volume | unknown | The block volume | + + +#### Command Example +```!hcloud-volume name="my-volume" location="fsn1" size="100" state="present" ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudVolume": [ + { + "delete_protection": false, + "id": "12052962", + "labels": {}, + "linux_device": "/dev/disk/by-id/scsi-0HC_Volume_12052962", + "location": "fsn1", + "name": "my-volume", + "server": "None", + "size": 100, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * delete_protection: False +> * id: 12052962 +> * linux_device: /dev/disk/by-id/scsi-0HC_Volume_12052962 +> * location: fsn1 +> * name: my-volume +> * server: None +> * size: 100 +> * ## Labels + + +### hcloud-volume-info +*** +Gather infos about your Hetzner Cloud volumes. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_info_module.html + + +#### Base Command + +`hcloud-volume-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The ID of the volume you want to get. | Optional | +| name | The name of the volume you want to get. | Optional | +| label_selector | The label selector for the volume you want to get. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| HCloud.HcloudVolumeInfo.hcloud_volume_info | unknown | The volume infos as list | + + +#### Command Example +```!hcloud-volume-info ``` + +#### Context Example +```json +{ + "HCloud": { + "HcloudVolumeInfo": [ + [ + { + "delete_protection": false, + "id": "12052962", + "labels": {}, + "linux_device": "/dev/disk/by-id/scsi-0HC_Volume_12052962", + "location": "fsn1", + "name": "my-volume", + "server": "None", + "size": 100 + } + ] + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +># My-Volume +> * delete_protection: False +> * id: 12052962 +> * linux_device: /dev/disk/by-id/scsi-0HC_Volume_12052962 +> * location: fsn1 +> * name: my-volume +> * server: None +> * size: 100 +> * ## Labels + diff --git a/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/command_examples b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/command_examples new file mode 100644 index 000000000000..e33e18340c54 --- /dev/null +++ b/Packs/AnsibleHetznerCloud/Integrations/AnsibleHCloud/command_examples @@ -0,0 +1,17 @@ +!hcloud-datacenter-info +!hcloud-floating-ip-info +!hcloud-image-info +!hcloud-location-info +!hcloud-network name="my-network" ip_range="123.123.123.123/8" state="present" +!hcloud-network-info +!hcloud-route network="my-network" destination="123.123.123.123/24" gateway="123.123.123.123" state="present" +!hcloud-server name="my-server" server_type="cx11" image="ubuntu-18.04" state="present" +!hcloud-server-type-info +!hcloud-server-info +!hcloud-rdns server="my-server" ip_address="123.123.123.123" dns_ptr="example.com" state="present" +!hcloud-server-network network="my-network" server="my-server" state="present" +!hcloud-ssh-key name="my-ssh_key" public_key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGZkpkqr1WI0IQ45oy0KdGyGFJMxeBvOg47kdFx8s5ie17GY4GMiFAIV8GISt24DD73USBGtaVhHQFSLW47A2/Vla6j3pd4Ny9hFZw9dNp5p0opX1Mk9/WW1dl7nKUbDqT6fJHwvwja2iYD7wcdWtcltmw0ahDNiHgXeuhqDiPkG36zZ9605MLDaM5Jwz23TDGDteIa+LvqQ9QU96j+XCLnj14w1O0DL4PR2tTGQvEe2P7VU7HOgkaT7Ypg/3qUpZRDziVvgyjBgltcm/WtbDbwmJmpIDikufYc/qCKFttu74uUXlGnkM/5zZWHe3y5eTDVTdVYKmuM6toD+VJZRSB1mBsEuMmQeg/IxFiedWSGVTjDyb4FCCKcJcMVNwdgH/rSQWR3WDcXHNeTUev/ehn2ztCsq7Jdd0GOuQskgHCwwoQFLXw/dvIDz3n+c5ug2d8ItxotujsJIJccnYI73UfcAubmYX/VYbrOjVZU3RKHZyoiQEH9O2lBV/xjZJQOJs=" state="present" +!hcloud-ssh-key-info +!hcloud-subnetwork network="my-network" ip_range="123.123.123.123/16" network_zone="eu-central" type="server" state="present" +!hcloud-volume name="my-volume" location="fsn1" size="100" state="present" +!hcloud-volume-info diff --git a/Packs/AnsibleHetznerCloud/README.md b/Packs/AnsibleHetznerCloud/README.md new file mode 100644 index 000000000000..5efd3d526dc0 --- /dev/null +++ b/Packs/AnsibleHetznerCloud/README.md @@ -0,0 +1,21 @@ +This pack enables you to integrate with Hetzner Cloud. Hetzner provides Cloud Compute services based out of their European data centers. + +This integration enables the management of Hetzner Cloud Services using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack do? + +Create, delete and manage the following Hetzner Cloud resources: + +* Server +* Volume +* SSH Key +* Network +* Route +* DNS + +As well as show information about: + +* Floating IPs +* Server Images +* Hetzner Datacenters +* Hetzner Locations diff --git a/Packs/AnsibleHetznerCloud/TestPlaybooks/Test-AnsibleHCloud.yml b/Packs/AnsibleHetznerCloud/TestPlaybooks/Test-AnsibleHCloud.yml new file mode 100644 index 000000000000..591f7a52e5de --- /dev/null +++ b/Packs/AnsibleHetznerCloud/TestPlaybooks/Test-AnsibleHCloud.yml @@ -0,0 +1,1929 @@ +id: 7d8ac1af-2d1e-4ed9-875c-d3257d2c6830 +version: -1 +vcShouldKeepItemLegacyProdMachine: false +name: Test-AnsibleHCloud +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: b9824fa4-7aa0-4d4b-8d41-80f49c40308b + type: start + task: + id: b9824fa4-7aa0-4d4b-8d41-80f49c40308b + version: -1 + name: "" + iscommand: false + brand: "" + nexttasks: + '#none#': + - "61" + separatecontext: false + view: |- + { + "position": { + "x": 930, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "1": + id: "1" + taskid: 58b419af-0712-4fd0-81f5-3edb88a0db27 + type: regular + task: + id: 58b419af-0712-4fd0-81f5-3edb88a0db27 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "2" + - "8" + - "19" + - "33" + - "40" + scriptarguments: + all: + simple: "yes" + index: {} + key: {} + keysToKeep: {} + subplaybook: {} + separatecontext: false + view: |- + { + "position": { + "x": 930, + "y": 895 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "2": + id: "2" + taskid: 4ec08492-a047-49f0-8b10-8e30d2d77d10 + type: title + task: + id: 4ec08492-a047-49f0-8b10-8e30d2d77d10 + version: -1 + name: Server + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "26" + separatecontext: false + view: |- + { + "position": { + "x": 1125, + "y": 1090 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "8": + id: "8" + taskid: da23d269-b111-4dde-89c3-8853096e93dd + type: title + task: + id: da23d269-b111-4dde-89c3-8853096e93dd + version: -1 + name: General Info + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "9" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 1090 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "9": + id: "9" + taskid: 539b90ef-7acd-41db-8403-7ffefab6d2fd + type: regular + task: + id: 539b90ef-7acd-41db-8403-7ffefab6d2fd + version: -1 + name: 'hcloud-datacenter-info ' + description: |- + Gather info about the Hetzner Cloud datacenters. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_datacenter_info_module.html + script: '|||hcloud-datacenter-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "10" + scriptarguments: + id: {} + name: {} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 1215 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "10": + id: "10" + taskid: 582a979d-cf48-437c-813c-d4b79c3a8159 + type: condition + task: + id: 582a979d-cf48-437c-813c-d4b79c3a8159 + version: -1 + name: 'check hcloud-datacenter-info ' + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "11" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudDatacenterInfo.[0] + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 1390 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "11": + id: "11" + taskid: 6f82877f-64b6-4e1e-8bdc-4232290b6e73 + type: regular + task: + id: 6f82877f-64b6-4e1e-8bdc-4232290b6e73 + version: -1 + name: hcloud-floating-ip-info + description: |- + Gather infos about the Hetzner Cloud Floating IPs. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_floating_ip_info_module.html + script: '|||hcloud-floating-ip-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "12" + scriptarguments: + id: {} + label_selector: {} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 1565 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "12": + id: "12" + taskid: 115248ed-8d19-4082-8bbd-a6361df6e5f5 + type: condition + task: + id: 115248ed-8d19-4082-8bbd-a6361df6e5f5 + version: -1 + name: check hcloud-floating-ip-info + description: Until a Ansible module is written to manage floating IPs, this + command will return a empty list + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "13" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isExists + left: + value: + simple: Hcloud.HcloudFloatingIpInfo.[0] + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 1740 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "13": + id: "13" + taskid: 81bc90d0-949b-4764-8b91-3a104fb2dbcb + type: regular + task: + id: 81bc90d0-949b-4764-8b91-3a104fb2dbcb + version: -1 + name: hcloud-image-info + description: |- + Gather infos about your Hetzner Cloud images. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_image_info_module.html + script: '|||hcloud-image-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "14" + scriptarguments: + id: {} + label_selector: {} + name: {} + type: {} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 1915 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "14": + id: "14" + taskid: f3e5386c-e3d0-4d50-8b8d-1496a0926fb5 + type: condition + task: + id: f3e5386c-e3d0-4d50-8b8d-1496a0926fb5 + version: -1 + name: check hcloud-image-info + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "15" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudImageInfo.[0] + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 2090 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "15": + id: "15" + taskid: e863befb-a38c-40f5-8510-a71252e7c89f + type: regular + task: + id: e863befb-a38c-40f5-8510-a71252e7c89f + version: -1 + name: hcloud-location-info + description: |- + Gather infos about your Hetzner Cloud locations. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_location_info_module.html + script: '|||hcloud-location-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "16" + scriptarguments: + id: {} + name: {} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 2320 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "16": + id: "16" + taskid: 0087f21f-a993-40a8-8eda-45a042aadfb5 + type: condition + task: + id: 0087f21f-a993-40a8-8eda-45a042aadfb5 + version: -1 + name: check hcloud-location-info + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "17" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudLocationInfo.[0] + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 2510 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "17": + id: "17" + taskid: 74cdf985-fa3f-46a6-832d-572b37ec6ac0 + type: regular + task: + id: 74cdf985-fa3f-46a6-832d-572b37ec6ac0 + version: -1 + name: hcloud-server-type-info + description: |- + Gather infos about the Hetzner Cloud server types. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_type_info_module.html + script: '|||hcloud-server-type-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "18" + scriptarguments: + id: {} + name: {} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 2725 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "18": + id: "18" + taskid: fce3da3f-fb9a-4c53-8ba5-1c5b6a11dd67 + type: condition + task: + id: fce3da3f-fb9a-4c53-8ba5-1c5b6a11dd67 + version: -1 + name: check hcloud-server-type-info + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "54" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudServerTypeInfo.[0] + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 2930 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "19": + id: "19" + taskid: 418f5259-4900-4ad6-8837-7bf5308b1f62 + type: title + task: + id: 418f5259-4900-4ad6-8837-7bf5308b1f62 + version: -1 + name: Network + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "20" + separatecontext: false + view: |- + { + "position": { + "x": 580, + "y": 1090 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "20": + id: "20" + taskid: 1a77f8bc-6880-4d8f-82dd-599be2c2312c + type: regular + task: + id: 1a77f8bc-6880-4d8f-82dd-599be2c2312c + version: -1 + name: hcloud-network + description: |- + Create and manage cloud Networks on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_module.html + script: '|||hcloud-network' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "21" + scriptarguments: + id: {} + ip_range: + simple: 10.0.0.0/8 + labels: {} + name: + simple: my-network + state: {} + separatecontext: false + view: |- + { + "position": { + "x": 570, + "y": 1215 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "21": + id: "21" + taskid: d99b2b08-6e3c-420e-83a6-4a6f102fe48d + type: condition + task: + id: d99b2b08-6e3c-420e-83a6-4a6f102fe48d + version: -1 + name: check hcloud-network + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "22" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudNetwork.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 570, + "y": 1390 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "22": + id: "22" + taskid: 5bd7da75-0346-44ec-8f07-a3c2814cd692 + type: regular + task: + id: 5bd7da75-0346-44ec-8f07-a3c2814cd692 + version: -1 + name: 'hcloud-network-info ' + description: |- + Gather info about your Hetzner Cloud networks. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_info_module.html + script: '|||hcloud-network-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "23" + scriptarguments: + id: {} + label_selector: {} + name: {} + separatecontext: false + view: |- + { + "position": { + "x": 570, + "y": 1565 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "23": + id: "23" + taskid: ee45e6a6-d97f-4087-8f8a-925e2c870164 + type: condition + task: + id: ee45e6a6-d97f-4087-8f8a-925e2c870164 + version: -1 + name: check hcloud-network-info + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "24" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudNetworkInfo.[0] + iscontext: true + view: |- + { + "position": { + "x": 570, + "y": 1740 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "24": + id: "24" + taskid: d0d6e338-eab5-488f-861d-9a694c6f0a63 + type: regular + task: + id: d0d6e338-eab5-488f-861d-9a694c6f0a63 + version: -1 + name: hcloud-route + description: |- + Create and delete cloud routes on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_route_module.html + script: '|||hcloud-route' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "25" + scriptarguments: + destination: + simple: 10.100.1.0/24 + gateway: + simple: 10.0.1.1 + network: + simple: my-network + state: {} + separatecontext: false + view: |- + { + "position": { + "x": 570, + "y": 1915 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "25": + id: "25" + taskid: 04a1179e-1efe-47d8-87e3-11b4c7a60d57 + type: condition + task: + id: 04a1179e-1efe-47d8-87e3-11b4c7a60d57 + version: -1 + name: check hcloud-route + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "38" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudRoute.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 570, + "y": 2080 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "26": + id: "26" + taskid: 6a521476-1d9c-4029-87a3-6bd24afd202c + type: regular + task: + id: 6a521476-1d9c-4029-87a3-6bd24afd202c + version: -1 + name: hcloud-server + description: |- + Create and manage cloud servers on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_module.html + script: '|||hcloud-server' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "27" + scriptarguments: + backups: {} + datacenter: {} + force_upgrade: {} + id: {} + image: + simple: ubuntu-18.04 + labels: {} + location: {} + name: + simple: my-server + rescue_mode: {} + server_type: + simple: cx11 + ssh_keys: {} + state: {} + upgrade_disk: {} + user_data: {} + volumes: {} + separatecontext: false + view: |- + { + "position": { + "x": 1125, + "y": 1215 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "27": + id: "27" + taskid: 5d2c08cd-bc3a-4bc1-8dce-351043f2df08 + type: condition + task: + id: 5d2c08cd-bc3a-4bc1-8dce-351043f2df08 + version: -1 + name: check hcloud-server + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "28" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudServer.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 1125, + "y": 1390 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "28": + id: "28" + taskid: 77bff8e0-7189-481f-807a-2da96b1a40df + type: regular + task: + id: 77bff8e0-7189-481f-807a-2da96b1a40df + version: -1 + name: hcloud-server-info + description: |- + Gather infos about your Hetzner Cloud servers. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_info_module.html + script: '|||hcloud-server-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "29" + scriptarguments: + id: {} + label_selector: {} + name: + simple: my-server + separatecontext: false + view: |- + { + "position": { + "x": 1125, + "y": 1565 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "29": + id: "29" + taskid: 259ed2b7-f5b2-461b-8814-e31cb8b950b0 + type: condition + task: + id: 259ed2b7-f5b2-461b-8814-e31cb8b950b0 + version: -1 + name: 'check hcloud-server-info ' + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "30" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudServerInfo.[0].status + iscontext: true + right: + value: + simple: running + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudServerInfo.[0].[0] + iscontext: true + view: |- + { + "position": { + "x": 1125, + "y": 1740 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "30": + id: "30" + taskid: e40b13cb-d3c9-4aa7-847a-69877f50ccf2 + type: regular + task: + id: e40b13cb-d3c9-4aa7-847a-69877f50ccf2 + version: -1 + name: hcloud-rdns + description: |- + Create and manage reverse DNS entries on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_rdns_module.html + script: '|||hcloud-rdns' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "31" + scriptarguments: + dns_ptr: + simple: example.com + ip_address: + simple: ${hcloud.hcloudServer.[0].ipv4_address} + server: + simple: my-server + state: {} + separatecontext: false + view: |- + { + "position": { + "x": 1125, + "y": 1915 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "31": + id: "31" + taskid: 3613cf82-3189-42f5-8ebc-4d0ee2a885ee + type: condition + task: + id: 3613cf82-3189-42f5-8ebc-4d0ee2a885ee + version: -1 + name: check hcloud-rdns + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "50" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudRdns.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 1125, + "y": 2090 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "32": + id: "32" + taskid: 608e46e9-69ac-4639-886e-c7322c1bb896 + type: regular + task: + id: 608e46e9-69ac-4639-886e-c7322c1bb896 + version: -1 + name: hcloud-server-network + description: |- + Manage the relationship between Hetzner Cloud Networks and servers + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_network_module.html + script: '|||hcloud-server-network' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "45" + scriptarguments: + alias_ips: {} + ip: {} + network: + simple: my-network + server: + simple: my-server + state: {} + separatecontext: false + view: |- + { + "position": { + "x": 1125, + "y": 2805 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "33": + id: "33" + taskid: 95a9cc82-82ae-4814-8911-f13e66996fc1 + type: title + task: + id: 95a9cc82-82ae-4814-8911-f13e66996fc1 + version: -1 + name: SSH Key + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "34" + separatecontext: false + view: |- + { + "position": { + "x": 1580, + "y": 1090 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "34": + id: "34" + taskid: 1b31b7b0-6924-4a54-8258-6c6b2a4cabe8 + type: regular + task: + id: 1b31b7b0-6924-4a54-8258-6c6b2a4cabe8 + version: -1 + name: hcloud-ssh-key + description: |- + Create and manage ssh keys on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_module.html + script: '|||hcloud-ssh-key' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "35" + scriptarguments: + fingerprint: {} + id: {} + labels: {} + name: + simple: my-ssh-key + public_key: + simple: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGZkpkqr1WI0IQ45oy0KdGyGFJMxeBvOg47kdFx8s5ie17GY4GMiFAIV8GISt24DD73USBGtaVhHQFSLW47A2/Vla6j3pd4Ny9hFZw9dNp5p0opX1Mk9/WW1dl7nKUbDqT6fJHwvwja2iYD7wcdWtcltmw0ahDNiHgXeuhqDiPkG36zZ9605MLDaM5Jwz23TDGDteIa+LvqQ9QU96j+XCLnj14w1O0DL4PR2tTGQvEe2P7VU7HOgkaT7Ypg/3qUpZRDziVvgyjBgltcm/WtbDbwmJmpIDikufYc/qCKFttu74uUXlGnkM/5zZWHe3y5eTDVTdVYKmuM6toD+VJZRSB1mBsEuMmQeg/IxFiedWSGVTjDyb4FCCKcJcMVNwdgH/rSQWR3WDcXHNeTUev/ehn2ztCsq7Jdd0GOuQskgHCwwoQFLXw/dvIDz3n+c5ug2d8ItxotujsJIJccnYI73UfcAubmYX/VYbrOjVZU3RKHZyoiQEH9O2lBV/xjZJQOJs= + state: {} + separatecontext: false + view: |- + { + "position": { + "x": 1585, + "y": 1260 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "35": + id: "35" + taskid: 4029e898-e144-4c48-8127-9d02a00a37df + type: condition + task: + id: 4029e898-e144-4c48-8127-9d02a00a37df + version: -1 + name: check hcloud-ssh-key + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "36" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudSshKey.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 1585, + "y": 1435 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "36": + id: "36" + taskid: fd3bd56b-cab3-4361-8b44-2d1b1162facd + type: regular + task: + id: fd3bd56b-cab3-4361-8b44-2d1b1162facd + version: -1 + name: hcloud-ssh-key-info + description: |- + Gather infos about your Hetzner Cloud ssh_keys. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_info_module.html + script: '|||hcloud-ssh-key-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "37" + scriptarguments: + fingerprint: {} + id: {} + label_selector: {} + name: {} + separatecontext: false + view: |- + { + "position": { + "x": 1585, + "y": 1610 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "37": + id: "37" + taskid: 59f14e23-4945-4771-8f3e-7fb2c88e171f + type: condition + task: + id: 59f14e23-4945-4771-8f3e-7fb2c88e171f + version: -1 + name: check hcloud-ssh-key-info + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "53" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudSshKeyInfo.[0].[0] + iscontext: true + view: |- + { + "position": { + "x": 1585, + "y": 1785 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "38": + id: "38" + taskid: 0f9115f4-483d-470f-8b89-4c46801611c4 + type: regular + task: + id: 0f9115f4-483d-470f-8b89-4c46801611c4 + version: -1 + name: hcloud-subnetwork + description: |- + Manage cloud subnetworks on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_subnetwork_module.html + script: '|||hcloud-subnetwork' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "39" + scriptarguments: + ip_range: + simple: 10.0.0.0/16 + network: + simple: my-network + network_zone: + simple: eu-central + state: {} + type: + simple: server + separatecontext: false + view: |- + { + "position": { + "x": 570, + "y": 2250 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "39": + id: "39" + taskid: 176e97c8-1518-4831-8f67-a85c591f3c0b + type: condition + task: + id: 176e97c8-1518-4831-8f67-a85c591f3c0b + version: -1 + name: check hcloud-subnetwork + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "50" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudSubnetwork.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 570, + "y": 2415 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "40": + id: "40" + taskid: 40d3aadf-89f7-4c52-8678-b4b7b4242b09 + type: title + task: + id: 40d3aadf-89f7-4c52-8678-b4b7b4242b09 + version: -1 + name: Volume + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "41" + separatecontext: false + view: |- + { + "position": { + "x": 2080, + "y": 1090 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "41": + id: "41" + taskid: fd553e10-eb97-4aa2-818f-7c327f779f34 + type: regular + task: + id: fd553e10-eb97-4aa2-818f-7c327f779f34 + version: -1 + name: hcloud-volume + description: |- + Create and manage block volumes on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_module.html + script: '|||hcloud-volume' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "42" + scriptarguments: + automount: {} + format: {} + id: {} + labels: {} + location: + simple: fsn1 + name: + simple: my-volume + server: {} + size: + simple: "100" + state: {} + separatecontext: false + view: |- + { + "position": { + "x": 2080, + "y": 1270 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "42": + id: "42" + taskid: 03239807-929c-436f-885c-8f9cc5c3b25f + type: condition + task: + id: 03239807-929c-436f-885c-8f9cc5c3b25f + version: -1 + name: check hcloud-volume + description: |- + Create and manage block volumes on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_module.html + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "43" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudVolume.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 2080, + "y": 1445 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "43": + id: "43" + taskid: 12c1522e-d610-48a1-8647-7969d83f2768 + type: regular + task: + id: 12c1522e-d610-48a1-8647-7969d83f2768 + version: -1 + name: 'hcloud-volume-info ' + description: |- + Gather infos about your Hetzner Cloud volumes. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_info_module.html + script: '|||hcloud-volume-info' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "44" + scriptarguments: + id: {} + label_selector: {} + name: {} + separatecontext: false + view: |- + { + "position": { + "x": 2080, + "y": 1620 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "44": + id: "44" + taskid: 22b5a4e5-1f13-41bf-825e-772de396e0da + type: condition + task: + id: 22b5a4e5-1f13-41bf-825e-772de396e0da + version: -1 + name: 'check hcloud-volume-info ' + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "53" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: Hcloud.HcloudVolumeInfo.[0].[0] + iscontext: true + view: |- + { + "position": { + "x": 2080, + "y": 1795 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "45": + id: "45" + taskid: 8486e234-e20f-4363-84f7-90acaf8a2068 + type: condition + task: + id: 8486e234-e20f-4363-84f7-90acaf8a2068 + version: -1 + name: check hcloud-server-network + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "53" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Hcloud.HcloudServerNetwork.[0].status + iscontext: true + right: + value: + simple: CHANGED + view: |- + { + "position": { + "x": 1125, + "y": 2980 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "50": + id: "50" + taskid: 65bcb33e-617d-451e-82e5-0436d2472453 + type: title + task: + id: 65bcb33e-617d-451e-82e5-0436d2472453 + version: -1 + name: Server+Networking + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "32" + separatecontext: false + view: |- + { + "position": { + "x": 1125, + "y": 2605 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "52": + id: "52" + taskid: 5523f5ca-c51b-4b4f-8f03-6c2037dafe43 + type: regular + task: + id: 5523f5ca-c51b-4b4f-8f03-6c2037dafe43 + version: -1 + name: hcloud-server (absent) + description: |- + Create and manage cloud servers on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_module.html + script: '|||hcloud-server' + type: regular + iscommand: true + brand: "" + scriptarguments: + backups: {} + datacenter: {} + force_upgrade: {} + id: {} + image: + simple: ubuntu-18.04 + labels: {} + location: {} + name: + simple: my-server + rescue_mode: {} + server_type: + simple: cx11 + ssh_keys: {} + state: + simple: absent + upgrade_disk: {} + user_data: {} + volumes: {} + separatecontext: false + view: |- + { + "position": { + "x": 1495, + "y": 3880 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "53": + id: "53" + taskid: 2509db65-455d-4c9c-8e7f-a2321da4ef16 + type: title + task: + id: 2509db65-455d-4c9c-8e7f-a2321da4ef16 + version: -1 + name: Cleanup + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "55" + separatecontext: false + view: |- + { + "position": { + "x": 1495, + "y": 3195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "54": + id: "54" + taskid: 8f171817-6f68-45b7-8f28-b253af618878 + type: title + task: + id: 8f171817-6f68-45b7-8f28-b253af618878 + version: -1 + name: Done + type: title + iscommand: false + brand: "" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 3155 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "55": + id: "55" + taskid: 993b3d4d-cc3f-424e-8701-bd9059dda64a + type: regular + task: + id: 993b3d4d-cc3f-424e-8701-bd9059dda64a + version: -1 + name: hcloud-ssh-key (absent) + description: |- + Create and manage ssh keys on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_module.html + script: '|||hcloud-ssh-key' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "56" + scriptarguments: + fingerprint: {} + id: {} + labels: {} + name: + simple: my-ssh-key + public_key: + simple: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGZkpkqr1WI0IQ45oy0KdGyGFJMxeBvOg47kdFx8s5ie17GY4GMiFAIV8GISt24DD73USBGtaVhHQFSLW47A2/Vla6j3pd4Ny9hFZw9dNp5p0opX1Mk9/WW1dl7nKUbDqT6fJHwvwja2iYD7wcdWtcltmw0ahDNiHgXeuhqDiPkG36zZ9605MLDaM5Jwz23TDGDteIa+LvqQ9QU96j+XCLnj14w1O0DL4PR2tTGQvEe2P7VU7HOgkaT7Ypg/3qUpZRDziVvgyjBgltcm/WtbDbwmJmpIDikufYc/qCKFttu74uUXlGnkM/5zZWHe3y5eTDVTdVYKmuM6toD+VJZRSB1mBsEuMmQeg/IxFiedWSGVTjDyb4FCCKcJcMVNwdgH/rSQWR3WDcXHNeTUev/ehn2ztCsq7Jdd0GOuQskgHCwwoQFLXw/dvIDz3n+c5ug2d8ItxotujsJIJccnYI73UfcAubmYX/VYbrOjVZU3RKHZyoiQEH9O2lBV/xjZJQOJs= + state: + simple: absent + separatecontext: false + view: |- + { + "position": { + "x": 1495, + "y": 3355 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "56": + id: "56" + taskid: 9d808bda-bd07-4e8d-8fac-89f2c618de5e + type: regular + task: + id: 9d808bda-bd07-4e8d-8fac-89f2c618de5e + version: -1 + name: hcloud-volume (absent) + description: |- + Create and manage block volumes on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_module.html + script: '|||hcloud-volume' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "57" + scriptarguments: + automount: {} + format: {} + id: {} + labels: {} + location: + simple: fsn1 + name: + simple: my-volume + server: {} + size: + simple: "100" + state: + simple: absent + separatecontext: false + view: |- + { + "position": { + "x": 1495, + "y": 3530 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "57": + id: "57" + taskid: 554c0a12-333e-4548-8d0a-84886487ca6e + type: regular + task: + id: 554c0a12-333e-4548-8d0a-84886487ca6e + version: -1 + name: hcloud-network (absent) + description: |- + Create and manage cloud Networks on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_module.html + script: '|||hcloud-network' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "52" + scriptarguments: + id: {} + ip_range: + simple: 10.0.0.0/8 + labels: {} + name: + simple: my-network + state: + simple: absent + separatecontext: false + view: |- + { + "position": { + "x": 1495, + "y": 3695 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "58": + id: "58" + taskid: 23a6ae85-fd7e-4ef8-8428-d380bcbd2eb8 + type: regular + task: + id: 23a6ae85-fd7e-4ef8-8428-d380bcbd2eb8 + version: -1 + name: hcloud-server (absent) + description: |- + Create and manage cloud servers on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_server_module.html + script: '|||hcloud-server' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "59" + scriptarguments: + backups: {} + datacenter: {} + force_upgrade: {} + id: {} + image: + simple: ubuntu-18.04 + labels: {} + location: {} + name: + simple: my-server + rescue_mode: {} + server_type: + simple: cx11 + ssh_keys: {} + state: + simple: absent + upgrade_disk: {} + user_data: {} + volumes: {} + separatecontext: false + view: |- + { + "position": { + "x": 930, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "59": + id: "59" + taskid: 6fd60091-340d-456b-8147-6fa7eb61ce27 + type: regular + task: + id: 6fd60091-340d-456b-8147-6fa7eb61ce27 + version: -1 + name: hcloud-ssh-key (absent) + description: |- + Create and manage ssh keys on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_ssh_key_module.html + script: '|||hcloud-ssh-key' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "60" + scriptarguments: + fingerprint: {} + id: {} + labels: {} + name: + simple: my-ssh-key + public_key: + simple: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGZkpkqr1WI0IQ45oy0KdGyGFJMxeBvOg47kdFx8s5ie17GY4GMiFAIV8GISt24DD73USBGtaVhHQFSLW47A2/Vla6j3pd4Ny9hFZw9dNp5p0opX1Mk9/WW1dl7nKUbDqT6fJHwvwja2iYD7wcdWtcltmw0ahDNiHgXeuhqDiPkG36zZ9605MLDaM5Jwz23TDGDteIa+LvqQ9QU96j+XCLnj14w1O0DL4PR2tTGQvEe2P7VU7HOgkaT7Ypg/3qUpZRDziVvgyjBgltcm/WtbDbwmJmpIDikufYc/qCKFttu74uUXlGnkM/5zZWHe3y5eTDVTdVYKmuM6toD+VJZRSB1mBsEuMmQeg/IxFiedWSGVTjDyb4FCCKcJcMVNwdgH/rSQWR3WDcXHNeTUev/ehn2ztCsq7Jdd0GOuQskgHCwwoQFLXw/dvIDz3n+c5ug2d8ItxotujsJIJccnYI73UfcAubmYX/VYbrOjVZU3RKHZyoiQEH9O2lBV/xjZJQOJs= + state: + simple: absent + separatecontext: false + view: |- + { + "position": { + "x": 930, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "60": + id: "60" + taskid: 6870c3db-772b-4429-88e6-0e09d834576c + type: regular + task: + id: 6870c3db-772b-4429-88e6-0e09d834576c + version: -1 + name: hcloud-volume (absent) + description: |- + Create and manage block volumes on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_volume_module.html + script: '|||hcloud-volume' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "1" + scriptarguments: + automount: {} + format: {} + id: {} + labels: {} + location: + simple: fsn1 + name: + simple: my-volume + server: {} + size: + simple: "100" + state: + simple: absent + separatecontext: false + view: |- + { + "position": { + "x": 930, + "y": 720 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "61": + id: "61" + taskid: 98343abb-00dd-46a0-86c3-49024c8b9419 + type: regular + task: + id: 98343abb-00dd-46a0-86c3-49024c8b9419 + version: -1 + name: hcloud-network (absent) + description: |- + Create and manage cloud Networks on the Hetzner Cloud. + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hcloud_network_module.html + script: '|||hcloud-network' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "58" + scriptarguments: + id: {} + ip_range: + simple: 10.0.0.0/8 + labels: {} + name: + simple: my-network + state: + simple: absent + separatecontext: false + view: |- + { + "position": { + "x": 930, + "y": 195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 3925, + "width": 2410, + "x": 50, + "y": 50 + } + } + } +inputs: [] +outputs: [] +sourceplaybookid: a60ae34e-7a00-4a06-81ca-2ca6ea1d58ba +fromversion: 6.0.0 \ No newline at end of file diff --git a/Packs/AnsibleHetznerCloud/pack_metadata.json b/Packs/AnsibleHetznerCloud/pack_metadata.json new file mode 100644 index 000000000000..10a115fe96c6 --- /dev/null +++ b/Packs/AnsibleHetznerCloud/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible Hetzner Cloud", + "description": "Manage and control Hetzner Cloud services.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT"], + "useCases": ["IT Services", "Asset Management"], + "keywords": ["HCloud"] +} \ No newline at end of file diff --git a/Packs/AnsibleKubernetes/.pack-ignore b/Packs/AnsibleKubernetes/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleKubernetes/.secrets-ignore b/Packs/AnsibleKubernetes/.secrets-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.py b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.py new file mode 100644 index 000000000000..1b6cf480c1da --- /dev/null +++ b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.py @@ -0,0 +1,58 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'local' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + creds_mapping = { + "identifier": "username", + "password": "password" + } + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + return_results('This integration does not support testing from this screen. \ + Please refer to the documentation for details on how to perform \ + configuration tests.') + elif command == 'k8s-k8s': + return_results(generic_ansible('Kubernetes', 'k8s', args, int_params, host_type, creds_mapping)) + elif command == 'k8s-info': + return_results(generic_ansible('Kubernetes', 'k8s_info', args, int_params, host_type, creds_mapping)) + elif command == 'k8s-scale': + return_results(generic_ansible('Kubernetes', 'k8s_scale', args, int_params, host_type, creds_mapping)) + elif command == 'k8s-service': + return_results(generic_ansible('Kubernetes', 'k8s_service', args, int_params, host_type, creds_mapping)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.yml b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.yml new file mode 100644 index 000000000000..d320b9849819 --- /dev/null +++ b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes.yml @@ -0,0 +1,317 @@ +category: IT Services +commonfields: + id: AnsibleKubernetes + version: -1 +configuration: +- additionalinfo: Provide a URL for accessing the API. + display: K8s Host URL + name: host + required: true + type: 0 +- additionalinfo: Provide a username for authenticating with the API. + display: Username + displaypassword: Password + name: creds + required: false + type: 9 +- additionalinfo: Token used to authenticate with the API. + display: API Key + name: api_key + required: false + type: 4 +- additionalinfo: Allows connection when SSL certificates are not valid. Set to `false` + when certificates are not trusted. + defaultvalue: 'False' + display: Validate Certs + name: validate_certs + required: true + type: 15 + options: + - "False" + - "True" +description: Manage Kubernetes +display: Ansible Kubernetes +fromversion: 6.0.0 +name: AnsibleKubernetes +script: + commands: + - arguments: + - auto: PREDEFINED + description: 'Whether to override the default patch merge approach with a specific + type. By default, the strategic merge will typically be used. For example, + Custom Resource Definitions typically aren''t updatable by the usual strategic + merge. You may want to use `merge` if you see "strategic merge patch format + is not supported" See `https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment` + Requires openshift >= 0.6.2 If more than one merge_type is given, the merge_types + will be tried in order If openshift >= 0.6.2, this defaults to `[''strategic-merge'', + ''merge'']`, which is ideal for using the same parameters on resource kinds + that combine Custom Resources and built-in resources. For openshift < 0.6.2, + the default is simply `strategic-merge`. mutually exclusive with `apply`' + isArray: true + name: merge_type + predefined: + - json + - merge + - strategic-merge + - auto: PREDEFINED + defaultValue: 'No' + description: 'Whether to wait for certain resource kinds to end up in the desired + state. By default the module exits once Kubernetes has received the request + Implemented for `state=present` for `Deployment`, `DaemonSet` and `Pod`, and + for `state=absent` for all resource kinds. For resource kinds without an implementation, + `wait` returns immediately unless `wait_condition` is set.' + name: wait + predefined: + - 'Yes' + - 'No' + - defaultValue: '5' + description: Number of seconds to sleep between checks. + name: wait_sleep + - defaultValue: '120' + description: How long in seconds to wait for the resource to end up in the desired + state. Ignored if `wait` is not set. + name: wait_timeout + - description: Specifies a custom condition on the status to wait for. Ignored + if `wait` is not set or is set to False. + name: wait_condition + - description: how (if at all) to validate the resource definition against the + kubernetes schema. Requires the kubernetes-validate python module and openshift + >= 0.8.0 + name: validate + - description: 'Whether to append a hash to a resource name for immutability purposes + Applies only to ConfigMap and Secret resources The parameter will be silently + ignored for other resource kinds The full definition of an object is needed + to generate the hash - this means that deleting an object created with append_hash + will only work if the same object is passed with state=absent (alternatively, + just use state=absent with the name including the generated hash and append_hash=no) + Requires openshift >= 0.7.2' + name: append_hash + - description: '`apply` compares the desired resource definition with the previously + supplied resource definition, ignoring properties that are automatically generated + `apply` works better with Services than ''force=yes'' Requires openshift >= + 0.9.2 mutually exclusive with `merge_type`' + name: apply + - auto: PREDEFINED + defaultValue: present + description: Determines if an object should be created, patched, or deleted. + When set to `present`, an object will be created, if it does not already exist. + If set to `absent`, an existing object will be deleted. If set to `present`, + an existing object will be patched, if its attributes differ from those specified + using `resource_definition` or `src`. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: If set to `yes`, and `state` is `present`, an existing object will + be replaced. + name: force + predefined: + - 'Yes' + - 'No' + - defaultValue: v1 + description: Use to specify the API version. Use to create, delete, or discover + an object without providing a full resource definition. Use in conjunction + with `kind`, `name`, and `namespace` to identify a specific object. If `resource + definition` is provided, the `apiVersion` from the `resource_definition` will + override this option. + name: api_version + - description: Use to specify an object model. Use to create, delete, or discover + an object without providing a full resource definition. Use in conjunction + with `api_version`, `name`, and `namespace` to identify a specific object. + If `resource definition` is provided, the `kind` from the `resource_definition` + will override this option. + name: kind + - description: Use to specify an object name. Use to create, delete, or discover + an object without providing a full resource definition. Use in conjunction + with `api_version`, `kind` and `namespace` to identify a specific object. + If `resource definition` is provided, the `metadata.name` value from the `resource_definition` + will override this option. + name: name + - description: Use to specify an object namespace. Useful when creating, deleting, + or discovering an object without providing a full resource definition. Use + in conjunction with `api_version`, `kind`, and `name` to identify a specfic + object. If `resource definition` is provided, the `metadata.namespace` value + from the `resource_definition` will override this option. + name: namespace + - description: 'Provide a valid YAML definition (either as a string, list, or + dict) for an object when creating or updating. NOTE: `kind`, `api_version`, + `name`, and `namespace` will be overwritten by corresponding values found + in the provided `resource_definition`.' + name: resource_definition + description: "Manage Kubernetes (K8s) objects\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/k8s_module.html" + name: k8s-k8s + outputs: + - contextPath: Kubernetes.K8s.result + description: The created, patched, or otherwise present object. Will be empty + in the case of a deletion. + type: unknown + - arguments: + - defaultValue: v1 + description: Use to specify the API version. in conjunction with `kind`, `name`, + and `namespace` to identify a specific object. + name: api_version + - description: Use to specify an object model. Use in conjunction with `api_version`, + `name`, and `namespace` to identify a specific object. + name: kind + required: true + - description: Use to specify an object name. Use in conjunction with `api_version`, + `kind` and `namespace` to identify a specific object. + name: name + - description: Use to specify an object namespace. Use in conjunction with `api_version`, + `kind`, and `name` to identify a specific object. + name: namespace + - description: List of label selectors to use to filter results + name: label_selectors + - description: List of field selectors to use to filter results + name: field_selectors + description: "Describe Kubernetes (K8s) objects\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/k8s_info_module.html" + name: k8s-info + outputs: + - contextPath: Kubernetes.K8sInfo.resources + description: The object(s) that exists + type: unknown + - arguments: + - defaultValue: v1 + description: Use to specify the API version. Use to create, delete, or discover + an object without providing a full resource definition. Use in conjunction + with `kind`, `name`, and `namespace` to identify a specific object. If `resource + definition` is provided, the `apiVersion` from the `resource_definition` will + override this option. + name: api_version + - description: Use to specify an object model. Use to create, delete, or discover + an object without providing a full resource definition. Use in conjunction + with `api_version`, `name`, and `namespace` to identify a specific object. + If `resource definition` is provided, the `kind` from the `resource_definition` + will override this option. + name: kind + - description: Use to specify an object name. Use to create, delete, or discover + an object without providing a full resource definition. Use in conjunction + with `api_version`, `kind` and `namespace` to identify a specific object. + If `resource definition` is provided, the `metadata.name` value from the `resource_definition` + will override this option. + name: name + - description: Use to specify an object namespace. Useful when creating, deleting, + or discovering an object without providing a full resource definition. Use + in conjunction with `api_version`, `kind`, and `name` to identify a specfic + object. If `resource definition` is provided, the `metadata.namespace` value + from the `resource_definition` will override this option. + name: namespace + - description: 'Provide a valid YAML definition (either as a string, list, or + dict) for an object when creating or updating. NOTE: `kind`, `api_version`, + `name`, and `namespace` will be overwritten by corresponding values found + in the provided `resource_definition`.' + name: resource_definition + - description: The desired number of replicas. + name: replicas + - description: For Deployment, ReplicaSet, Replication Controller, only scale, + if the number of existing replicas matches. In the case of a Job, update parallelism + only if the current parallelism value matches. + name: current_replicas + - description: Only attempt to scale, if the current object version matches. + name: resource_version + - auto: PREDEFINED + defaultValue: 'Yes' + description: For Deployment, ReplicaSet, Replication Controller, wait for the + status value of `ready_replicas` to change to the number of `replicas`. In + the case of a Job, this option is ignored. + name: wait + predefined: + - 'Yes' + - 'No' + - defaultValue: '20' + description: When `wait` is `True`, the number of seconds to wait for the `ready_replicas` + status to equal `replicas`. If the status is not reached within the allotted + time, an error will result. In the case of a Job, this option is ignored. + name: wait_timeout + description: "Set a new size for a Deployment, ReplicaSet, Replication Controller,\ + \ or Job.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/k8s_scale_module.html" + name: k8s-scale + outputs: + - contextPath: Kubernetes.K8sScale.result + description: If a change was made, will return the patched object, otherwise + returns the existing object. + type: unknown + - arguments: + - description: 'A partial YAML definition of the Service object being created/updated. + Here you can define Kubernetes Service Resource parameters not covered by + this module''s parameters. NOTE: `resource_definition` has lower priority + than module parameters. If you try to define e.g. `metadata.namespace` here, + that value will be ignored and `metadata` used instead.' + isArray: true + name: resource_definition + - auto: PREDEFINED + defaultValue: present + description: Determines if an object should be created, patched, or deleted. + When set to `present`, an object will be created, if it does not already exist. + If set to `absent`, an existing object will be deleted. If set to `present`, + an existing object will be patched, if its attributes differ from those specified + using module options and `resource_definition`. + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: 'No' + description: If set to `True`, and `state` is `present`, an existing object + will be replaced. + name: force + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: 'Whether to override the default patch merge approach with a specific + type. By default, the strategic merge will typically be used. For example, + Custom Resource Definitions typically aren''t updatable by the usual strategic + merge. You may want to use `merge` if you see "strategic merge patch format + is not supported" See `https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment` + Requires openshift >= 0.6.2 If more than one merge_type is given, the merge_types + will be tried in order If openshift >= 0.6.2, this defaults to `[''strategic-merge'', + ''merge'']`, which is ideal for using the same parameters on resource kinds + that combine Custom Resources and built-in resources. For openshift < 0.6.2, + the default is simply `strategic-merge`.' + isArray: true + name: merge_type + predefined: + - json + - merge + - strategic-merge + - description: Use to specify a Service object name. + name: name + required: true + - description: Use to specify a Service object namespace. + name: namespace + required: true + - auto: PREDEFINED + description: 'Specifies the type of Service to create. See `https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types`' + name: type + predefined: + - NodePort + - ClusterIP + - LoadBalancer + - ExternalName + - description: 'A list of ports to expose. `https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services`' + isArray: true + name: ports + - description: 'Label selectors identify objects this Service should apply to. + `https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/`' + isArray: true + name: selector + description: "Manage Services on Kubernetes\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/k8s_service_module.html" + name: k8s-service + outputs: + - contextPath: Kubernetes.K8sService.result + description: The created, patched, or otherwise present Service object. Will + be empty in the case of a deletion. + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes_description.md b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes_description.md new file mode 100644 index 000000000000..25d548bc3d9f --- /dev/null +++ b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/AnsibleKubernetes_description.md @@ -0,0 +1,49 @@ +# Ansible Kubernetes +Manage Kubernetes. + +# Authorize Cortex XSOAR for Kubernetes + +This integration supports API Token, and Username/Password authentication. It is recommended to use API tokens. + +To create a service account with API token use the following `kubectl` commands. + +1. Create a service account +``` +kubectl apply -f - <Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!TIW?X7Q+{7S~W2>My*x+fYJDfT4+rZYpQL05iuG~6sl=r zjGt;>HpUo36HT;VYLr3|n`&BZYV87*)`BSIvAdo#GiRAQdoL`oq&UtmIXQFgoSmI} z|94&++E6?m2Zz06DDSWoC$Qx>fi1@gY&lL~%W(o*juY5&oWPdj1hyO}u;n;`EyoFL zIZj}Q<9|U#ePnw@L*yqFI{qVsln(@j{WcVWn^Y)>0}OUFhv%!%F^35h7)R?ER%WU& zkWq+*x|%Olkz=lrByeSYl#Ucce}s+8VT3na#$P3c*$6=#TJ7MDp7=7DGo% z7{v$J`uSfX?a0XyXnl2o$RWsAU!5(=j%jfYZI>*jpTv|_*%0x(L2d7pLI}6dl?~nK z0iIo50JY2W6KgOF%=Jt(2Dfx>4S%CTKim}UCEd@%gBZc(YkyDLEt9xJd$Sa>EIdzm zV*eWpR0*K8$U9wUgkYa4P6fJ2HiqNPB9i#!>FD*T=J@6L<@}6B_|=geLNf`YnR%zt zg3$AHqG)=ZSx&s4uc z7CoF1AH?DNs0bBxEAyf8<9<*Lni{xGfxCg-3ahqaaq%iA< z9m>D1JfY_mi)3^C-LaOZ_JN z`o-5iL#vlX0e_#FN9g@02GQhnI&q(~&_+ZgsYd%=77-Gd45wp3G%5?L8+*m|xAyjn zm>3z0iECBsBJm%N4~uJqLs8+mor;D?uWH&4x*^j(K{MgH$<|;J*t|xVxq2LA499-Q zKCb&wL=t_CWH=780yILuW}?>x8FLiPtXu4v+izUoEk+|x%g4IMgx_#a0gQ~r;l9`Y zfGj#QA@on0uD?7R?tJMq+`O^ZGm2wl(N(ILD)*wTl*J@&RerkAjT0mSLpNcX=UJqY zm(i$g(+1Ec<8S2&zc$F2GBmo6RuM@~h=h17p0ta;{e>PlglAwJ%p$JY&;!SNq~MR- zmM=D2qbPd!S^c>Q;ZJtHe_5LfCxbe~e5t(2a^)6a{_ z^Qa;#q6-R|fr5BKd7=qTZ-b4{pW_{92|W`P74@gq;L*r);J%`C9_)U;1aQKJrk(xJ zHxPrTSIvjAMOi}lYBkbz+MC1rm-)e+A~@IY+D^3lWziST)7M}>^g8`}O#JdvU4!W@ z=h4LNl%o0na4*+OK5blr)+dV|xSdq`{2tmwi@vw(iY7Sa(+e zG(B7dUv~||;S(dU45xFG6vPce--PT@{sFY0nLu`IVrU~`_J?BclrwwK+aI)B)_?jt zgU0vl2lZLsK>6V-E|Qxh2yK#75jNKrilb25(d72U*;re5XCSU)7V#BD7dZ&rG$(%T z!eVAeOL(HS#BqVpcVP)q8I78_JDj+4mkEVj`s6Q3yK9}%F^C`e;7TX1!*QW-{|Srb z_^!bYdvF3 **Integrations** > **Servers & Services**. +2. Search for Ansible Kubernetes. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | K8s Host URL | Provide a URL for accessing the API. | True | + | Username | Provide a username for authenticating with the API. | False | + | Password | Provide a password for authenticating with the API. | False | + | API Key | Token used to authenticate with the API. | False | + | Validate Certs | Allows connection when SSL certificates are not valid. Set to \`false\` when certificates are not trusted. | True | + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!k8s-info` command querying a object `kind` allowed by the RBAC assigned. For example `!k8s-info kind="svc"` +# Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +# State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### k8s-k8s +*** +Manage Kubernetes (K8s) objects +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/k8s_module.html + + +#### Base Command + +`k8s-k8s` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| merge_type | Whether to override the default patch merge approach with a specific type. By default, the strategic merge will typically be used.
For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may want to use `merge` if you see "strategic merge patch format is not supported"
See `https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment`
Requires openshift >= 0.6.2
If more than one merge_type is given, the merge_types will be tried in order
If openshift >= 0.6.2, this defaults to `['strategic-merge', 'merge']`, which is ideal for using the same parameters on resource kinds that combine Custom Resources and built-in resources. For openshift < 0.6.2, the default is simply `strategic-merge`.
mutually exclusive with `apply`. Possible values are: json, merge, strategic-merge. | Optional | +| wait | Whether to wait for certain resource kinds to end up in the desired state. By default the module exits once Kubernetes has received the request
Implemented for `state=present` for `Deployment`, `DaemonSet` and `Pod`, and for `state=absent` for all resource kinds.
For resource kinds without an implementation, `wait` returns immediately unless `wait_condition` is set. Possible values are: Yes, No. Default is No. | Optional | +| wait_sleep | Number of seconds to sleep between checks. Default is 5. | Optional | +| wait_timeout | How long in seconds to wait for the resource to end up in the desired state. Ignored if `wait` is not set. Default is 120. | Optional | +| wait_condition | Specifies a custom condition on the status to wait for. Ignored if `wait` is not set or is set to False. | Optional | +| validate | how (if at all) to validate the resource definition against the kubernetes schema. Requires the kubernetes-validate python module and openshift >= 0.8.0. | Optional | +| append_hash | Whether to append a hash to a resource name for immutability purposes
Applies only to ConfigMap and Secret resources
The parameter will be silently ignored for other resource kinds
The full definition of an object is needed to generate the hash - this means that deleting an object created with append_hash will only work if the same object is passed with state=absent (alternatively, just use state=absent with the name including the generated hash and append_hash=no)
Requires openshift >= 0.7.2. | Optional | +| apply | `apply` compares the desired resource definition with the previously supplied resource definition, ignoring properties that are automatically generated
`apply` works better with Services than 'force=yes'
Requires openshift >= 0.9.2
mutually exclusive with `merge_type`. | Optional | +| state | Determines if an object should be created, patched, or deleted. When set to `present`, an object will be created, if it does not already exist. If set to `absent`, an existing object will be deleted. If set to `present`, an existing object will be patched, if its attributes differ from those specified using `resource_definition` or `src`. Possible values are: absent, present. Default is present. | Optional | +| force | If set to `yes`, and `state` is `present`, an existing object will be replaced. Possible values are: Yes, No. Default is No. | Optional | +| api_version | Use to specify the API version. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with `kind`, `name`, and `namespace` to identify a specific object. If `resource definition` is provided, the `apiVersion` from the `resource_definition` will override this option. Default is v1. | Optional | +| kind | Use to specify an object model. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with `api_version`, `name`, and `namespace` to identify a specific object. If `resource definition` is provided, the `kind` from the `resource_definition` will override this option. | Optional | +| name | Use to specify an object name. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with `api_version`, `kind` and `namespace` to identify a specific object. If `resource definition` is provided, the `metadata.name` value from the `resource_definition` will override this option. | Optional | +| namespace | Use to specify an object namespace. Useful when creating, deleting, or discovering an object without providing a full resource definition. Use in conjunction with `api_version`, `kind`, and `name` to identify a specfic object. If `resource definition` is provided, the `metadata.namespace` value from the `resource_definition` will override this option. | Optional | +| resource_definition | Provide a valid YAML definition (either as a string, list, or dict) for an object when creating or updating. NOTE: `kind`, `api_version`, `name`, and `namespace` will be overwritten by corresponding values found in the provided `resource_definition`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Kubernetes.K8s.result | unknown | The created, patched, or otherwise present object. Will be empty in the case of a deletion. | + + +#### Command Example +```!k8s-k8s name="testing" kind="Namespace" state="present" ``` + +#### Context Example +```json +{ + "Kubernetes": { + "K8S": [ + { + "changed": false, + "method": "patch", + "result": { + "apiVersion": "v1", + "kind": "Namespace", + "metadata": { + "creationTimestamp": "2021-07-04T16:08:41Z", + "managedFields": [ + { + "apiVersion": "v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:phase": {} + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "time": "2021-07-04T16:08:41Z" + } + ], + "name": "testing", + "resourceVersion": "34538", + "uid": "44296a6f-af82-45bf-af3e-e3a7327d7a30" + }, + "spec": { + "finalizers": [ + "Kubernetes" + ] + }, + "status": { + "phase": "Active" + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * method: patch +> * ## Result +> * apiVersion: v1 +> * kind: Namespace +> * ### Metadata +> * creationTimestamp: 2021-07-04T16:08:41Z +> * name: testing +> * resourceVersion: 34538 +> * uid: 44296a6f-af82-45bf-af3e-e3a7327d7a30 +> * #### Managedfields +> * #### List +> * apiVersion: v1 +> * fieldsType: FieldsV1 +> * manager: OpenAPI-Generator +> * operation: Update +> * time: 2021-07-04T16:08:41Z +> * ##### Fieldsv1 +> * ###### F:Status +> * ####### F:Phase +> * ### Spec +> * #### Finalizers +> * 0: kubernetes +> * ### Status +> * phase: Active + + +### k8s-info +*** +Describe Kubernetes (K8s) objects +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/k8s_info_module.html + + +#### Base Command + +`k8s-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| api_version | Use to specify the API version. in conjunction with `kind`, `name`, and `namespace` to identify a specific object. Default is v1. | Optional | +| kind | Use to specify an object model. Use in conjunction with `api_version`, `name`, and `namespace` to identify a specific object. | Required | +| name | Use to specify an object name. Use in conjunction with `api_version`, `kind` and `namespace` to identify a specific object. | Optional | +| namespace | Use to specify an object namespace. Use in conjunction with `api_version`, `kind`, and `name` to identify a specific object. | Optional | +| label_selectors | List of label selectors to use to filter results. | Optional | +| field_selectors | List of field selectors to use to filter results. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Kubernetes.K8sInfo.resources | unknown | The object\(s\) that exists | + + +#### Command Example +```!k8s-info kind="namespace" name="testing"``` + +#### Context Example +```json +{ + "Kubernetes": { + "K8SInfo": [ + { + "changed": false, + "resources": [ + { + "apiVersion": "v1", + "kind": "Namespace", + "metadata": { + "creationTimestamp": "2021-07-04T16:08:41Z", + "managedFields": [ + { + "apiVersion": "v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:phase": {} + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "time": "2021-07-04T16:08:41Z" + } + ], + "name": "testing", + "resourceVersion": "34538", + "uid": "44296a6f-af82-45bf-af3e-e3a7327d7a30" + }, + "spec": { + "finalizers": [ + "Kubernetes" + ] + }, + "status": { + "phase": "Active" + } + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Resources +> * ## List +> * apiVersion: v1 +> * kind: Namespace +> * ### Metadata +> * creationTimestamp: 2021-07-04T16:08:41Z +> * name: testing +> * resourceVersion: 34538 +> * uid: 44296a6f-af82-45bf-af3e-e3a7327d7a30 +> * #### Managedfields +> * #### List +> * apiVersion: v1 +> * fieldsType: FieldsV1 +> * manager: OpenAPI-Generator +> * operation: Update +> * time: 2021-07-04T16:08:41Z +> * ##### Fieldsv1 +> * ###### F:Status +> * ####### F:Phase +> * ### Spec +> * #### Finalizers +> * 0: kubernetes +> * ### Status +> * phase: Active + + +### k8s-scale +*** +Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/k8s_scale_module.html + + +#### Base Command + +`k8s-scale` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| api_version | Use to specify the API version. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with `kind`, `name`, and `namespace` to identify a specific object. If `resource definition` is provided, the `apiVersion` from the `resource_definition` will override this option. Default is v1. | Optional | +| kind | Use to specify an object model. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with `api_version`, `name`, and `namespace` to identify a specific object. If `resource definition` is provided, the `kind` from the `resource_definition` will override this option. | Optional | +| name | Use to specify an object name. Use to create, delete, or discover an object without providing a full resource definition. Use in conjunction with `api_version`, `kind` and `namespace` to identify a specific object. If `resource definition` is provided, the `metadata.name` value from the `resource_definition` will override this option. | Optional | +| namespace | Use to specify an object namespace. Useful when creating, deleting, or discovering an object without providing a full resource definition. Use in conjunction with `api_version`, `kind`, and `name` to identify a specfic object. If `resource definition` is provided, the `metadata.namespace` value from the `resource_definition` will override this option. | Optional | +| resource_definition | Provide a valid YAML definition (either as a string, list, or dict) for an object when creating or updating. NOTE: `kind`, `api_version`, `name`, and `namespace` will be overwritten by corresponding values found in the provided `resource_definition`. | Optional | +| replicas | The desired number of replicas. | Optional | +| current_replicas | For Deployment, ReplicaSet, Replication Controller, only scale, if the number of existing replicas matches. In the case of a Job, update parallelism only if the current parallelism value matches. | Optional | +| resource_version | Only attempt to scale, if the current object version matches. | Optional | +| wait | For Deployment, ReplicaSet, Replication Controller, wait for the status value of `ready_replicas` to change to the number of `replicas`. In the case of a Job, this option is ignored. Possible values are: Yes, No. Default is Yes. | Optional | +| wait_timeout | When `wait` is `True`, the number of seconds to wait for the `ready_replicas` status to equal `replicas`. If the status is not reached within the allotted time, an error will result. In the case of a Job, this option is ignored. Default is 20. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Kubernetes.K8sScale.result | unknown | If a change was made, will return the patched object, otherwise returns the existing object. | + + +#### Command Example +```!k8s-scale kind="Deployment" name="nginx-deployment" namespace="testing" replicas="2" wait_timeout="60"``` + +#### Context Example +```json +{ + "Kubernetes": { + "K8SScale": [ + { + "changed": true, + "duration": 5, + "result": { + "apiVersion": "apps/v1", + "kind": "Deployment", + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1", + "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"apps/v1\",\"kind\":\"Deployment\",\"metadata\":{\"annotations\":{},\"labels\":{\"app\":\"nginx\"},\"name\":\"nginx-deployment\",\"namespace\":\"testing\"},\"spec\":{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app\":\"nginx\"}},\"template\":{\"metadata\":{\"labels\":{\"app\":\"nginx\"}},\"spec\":{\"containers\":[{\"image\":\"nginx:1.14.2\",\"name\":\"nginx\",\"ports\":[{\"containerPort\":80}]}]}}}}\n" + }, + "creationTimestamp": "2021-07-04T16:42:43Z", + "generation": 2, + "labels": { + "app": "nginx" + }, + "managedFields": [ + { + "apiVersion": "apps/v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubectl.kubernetes.io/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app": {} + } + }, + "f:spec": { + "f:progressDeadlineSeconds": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:strategy": { + "f:rollingUpdate": { + ".": {}, + "f:maxSurge": {}, + "f:maxUnavailable": {} + }, + "f:type": {} + }, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"nginx\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":80,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {} + } + } + } + }, + "manager": "kubectl-client-side-apply", + "operation": "Update", + "time": "2021-07-04T16:42:43Z" + } + ], + "name": "nginx-deployment", + "namespace": "testing", + "resourceVersion": "38764", + "uid": "364a24b7-211d-4f9d-8573-9310f5850e50" + }, + "spec": { + "progressDeadlineSeconds": 600, + "replicas": 2, + "revisionHistoryLimit": 10, + "selector": { + "matchLabels": { + "app": "nginx" + } + }, + "strategy": { + "rollingUpdate": { + "maxSurge": "25%", + "maxUnavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "creationTimestamp": null, + "labels": { + "app": "nginx" + } + }, + "spec": { + "containers": [ + { + "image": "nginx:1.14.2", + "imagePullPolicy": "IfNotPresent", + "name": "nginx", + "ports": [ + { + "containerPort": 80, + "protocol": "TCP" + } + ], + "resources": {}, + "terminationMessagePath": "/dev/termination-log", + "terminationMessagePolicy": "File" + } + ], + "dnsPolicy": "ClusterFirst", + "restartPolicy": "Always", + "schedulerName": "default-scheduler", + "securityContext": {}, + "terminationGracePeriodSeconds": 30 + } + } + }, + "status": { + "availableReplicas": 2, + "conditions": [ + { + "lastTransitionTime": "2021-07-04T16:42:52Z", + "lastUpdateTime": "2021-07-04T16:42:52Z", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + } + ], + "observedGeneration": 2, + "readyReplicas": 2, + "replicas": 2, + "updatedReplicas": 2 + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * duration: 5 +> * ## Result +> * apiVersion: apps/v1 +> * kind: Deployment +> * ### Metadata +> * creationTimestamp: 2021-07-04T16:42:43Z +> * generation: 2 +> * name: nginx-deployment +> * namespace: testing +> * resourceVersion: 38764 +> * uid: 364a24b7-211d-4f9d-8573-9310f5850e50 +> * #### Annotations +> * deployment.kubernetes.io/revision: 1 +> * kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"nginx"},"name":"nginx-deployment","namespace":"testing"},"spec":{"replicas":3,"selector":{"matchLabels":{"app":"nginx"}},"template":{"metadata":{"labels":{"app":"nginx"}},"spec":{"containers":[{"image":"nginx:1.14.2","name":"nginx","ports":[{"containerPort":80}]}]}}}} +> +> * #### Labels +> * app: nginx +> * #### Managedfields +> * #### List +> * apiVersion: apps/v1 +> * fieldsType: FieldsV1 +> * manager: kubectl-client-side-apply +> * operation: Update +> * time: 2021-07-04T16:42:43Z +> * ##### Fieldsv1 +> * ###### F:Metadata +> * ####### F:Annotations +> * ######## . +> * ######## F:Kubectl.Kubernetes.Io/Last-Applied-Configuration +> * ####### F:Labels +> * ######## . +> * ######## F:App +> * ###### F:Spec +> * ####### F:Progressdeadlineseconds +> * ####### F:Replicas +> * ####### F:Revisionhistorylimit +> * ####### F:Selector +> * ####### F:Strategy +> * ######## F:Rollingupdate +> * ######### . +> * ######### F:Maxsurge +> * ######### F:Maxunavailable +> * ######## F:Type +> * ####### F:Template +> * ######## F:Metadata +> * ######### F:Labels +> * ########## . +> * ########## F:App +> * ######## F:Spec +> * ######### F:Containers +> * ########## K:{"Name":"Nginx"} +> * ########### . +> * ########### F:Image +> * ########### F:Imagepullpolicy +> * ########### F:Name +> * ########### F:Ports +> * ############ . +> * ############ K:{"Containerport":80,"Protocol":"Tcp"} +> * ############# . +> * ############# F:Containerport +> * ############# F:Protocol +> * ########### F:Resources +> * ########### F:Terminationmessagepath +> * ########### F:Terminationmessagepolicy +> * ######### F:Dnspolicy +> * ######### F:Restartpolicy +> * ######### F:Schedulername +> * ######### F:Securitycontext +> * ######### F:Terminationgraceperiodseconds +> * #### List +> * apiVersion: apps/v1 +> * fieldsType: FieldsV1 +> * manager: kube-controller-manager +> * operation: Update +> * time: 2021-07-04T16:42:52Z +> * ##### Fieldsv1 +> * ###### F:Metadata +> * ####### F:Annotations +> * ######## F:Deployment.Kubernetes.Io/Revision +> * ###### F:Status +> * ####### F:Availablereplicas +> * ####### F:Conditions +> * ######## . +> * ######## K:{"Type":"Available"} +> * ######### . +> * ######### F:Lasttransitiontime +> * ######### F:Lastupdatetime +> * ######### F:Message +> * ######### F:Reason +> * ######### F:Status +> * ######### F:Type +> * ####### F:Observedgeneration +> * ####### F:Readyreplicas +> * ####### F:Replicas +> * ####### F:Updatedreplicas +> * ### Spec +> * progressDeadlineSeconds: 600 +> * replicas: 2 +> * revisionHistoryLimit: 10 +> * #### Selector +> * ##### Matchlabels +> * app: nginx +> * #### Strategy +> * type: RollingUpdate +> * ##### Rollingupdate +> * maxSurge: 25% +> * maxUnavailable: 25% +> * #### Template +> * ##### Metadata +> * creationTimestamp: None +> * ###### Labels +> * app: nginx +> * ##### Spec +> * dnsPolicy: ClusterFirst +> * restartPolicy: Always +> * schedulerName: default-scheduler +> * terminationGracePeriodSeconds: 30 +> * ###### Containers +> * ###### Nginx +> * image: nginx:1.14.2 +> * imagePullPolicy: IfNotPresent +> * name: nginx +> * terminationMessagePath: /dev/termination-log +> * terminationMessagePolicy: File +> * ####### Ports +> * ####### List +> * containerPort: 80 +> * protocol: TCP +> * ####### Resources +> * ###### Securitycontext +> * ### Status +> * availableReplicas: 2 +> * observedGeneration: 2 +> * readyReplicas: 2 +> * replicas: 2 +> * updatedReplicas: 2 +> * #### Conditions +> * #### List +> * lastTransitionTime: 2021-07-04T16:42:52Z +> * lastUpdateTime: 2021-07-04T16:42:52Z +> * message: Deployment has minimum availability. +> * reason: MinimumReplicasAvailable +> * status: True +> * type: Available +> * #### List +> * lastTransitionTime: 2021-07-04T16:42:43Z +> * lastUpdateTime: 2021-07-04T16:42:52Z +> * message: ReplicaSet "nginx-deployment-66b6c48dd5" has successfully progressed. +> * reason: NewReplicaSetAvailable +> * status: True +> * type: Progressing + + +### k8s-service +*** +Manage Services on Kubernetes +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/k8s_service_module.html + + +#### Base Command + +`k8s-service` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| resource_definition | A partial YAML definition of the Service object being created/updated. Here you can define Kubernetes Service Resource parameters not covered by this module's parameters.
NOTE: `resource_definition` has lower priority than module parameters. If you try to define e.g. `metadata.namespace` here, that value will be ignored and `metadata` used instead. | Optional | +| state | Determines if an object should be created, patched, or deleted. When set to `present`, an object will be created, if it does not already exist. If set to `absent`, an existing object will be deleted. If set to `present`, an existing object will be patched, if its attributes differ from those specified using module options and `resource_definition`. Possible values are: present, absent. Default is present. | Optional | +| force | If set to `True`, and `state` is `present`, an existing object will be replaced. Possible values are: Yes, No. Default is No. | Optional | +| merge_type | Whether to override the default patch merge approach with a specific type. By default, the strategic merge will typically be used.
For example, Custom Resource Definitions typically aren't updatable by the usual strategic merge. You may want to use `merge` if you see "strategic merge patch format is not supported"
See `https://kubernetes.io/docs/tasks/run-application/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment`
Requires openshift >= 0.6.2
If more than one merge_type is given, the merge_types will be tried in order
If openshift >= 0.6.2, this defaults to `['strategic-merge', 'merge']`, which is ideal for using the same parameters on resource kinds that combine Custom Resources and built-in resources. For openshift < 0.6.2, the default is simply `strategic-merge`. Possible values are: json, merge, strategic-merge. | Optional | +| name | Use to specify a Service object name. | Required | +| namespace | Use to specify a Service object namespace. | Required | +| type | Specifies the type of Service to create.
See `https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types`. Possible values are: NodePort, ClusterIP, LoadBalancer, ExternalName. | Optional | +| ports | A list of ports to expose.
`https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services`. | Optional | +| selector | Label selectors identify objects this Service should apply to.
`https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Kubernetes.K8sService.result | unknown | The created, patched, or otherwise present Service object. Will be empty in the case of a deletion. | + + +#### Command Example +```!k8s-service state="present" name="test-https" namespace="testing" ports="{{ [{'port': 443, 'protocol': 'TCP'}] }}" selector="{'app': 'nginx'}" ``` + +#### Context Example +```json +{ + "Kubernetes": { + "K8SService": [ + { + "changed": true, + "method": "create", + "result": { + "apiVersion": "v1", + "kind": "Service", + "metadata": { + "creationTimestamp": "2021-07-04T16:49:51Z", + "managedFields": [ + { + "apiVersion": "v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:spec": { + "f:ports": { + ".": {}, + "k:{\"port\":443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": { + ".": {}, + "f:app": {} + }, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "time": "2021-07-04T16:49:51Z" + } + ], + "name": "test-https", + "namespace": "testing", + "resourceVersion": "38785", + "uid": "71dd0d2d-9c84-497f-b900-6ba4357a325d" + }, + "spec": { + "clusterIP": "1.1.1.1", + "clusterIPs": [ + "1.1.1.1" + ], + "ports": [ + { + "port": 443, + "protocol": "TCP", + "targetPort": 443 + } + ], + "selector": { + "app": "nginx" + }, + "sessionAffinity": "None", + "type": "ClusterIP" + }, + "status": { + "loadBalancer": {} + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * method: create +> * ## Result +> * apiVersion: v1 +> * kind: Service +> * ### Metadata +> * creationTimestamp: 2021-07-04T16:49:51Z +> * name: test-https +> * namespace: testing +> * resourceVersion: 38785 +> * uid: 71dd0d2d-9c84-497f-b900-6ba4357a325d +> * #### Managedfields +> * #### List +> * apiVersion: v1 +> * fieldsType: FieldsV1 +> * manager: OpenAPI-Generator +> * operation: Update +> * time: 2021-07-04T16:49:51Z +> * ##### Fieldsv1 +> * ###### F:Spec +> * ####### F:Ports +> * ######## . +> * ######## K:{"Port":443,"Protocol":"Tcp"} +> * ######### . +> * ######### F:Port +> * ######### F:Protocol +> * ######### F:Targetport +> * ####### F:Selector +> * ######## . +> * ######## F:App +> * ####### F:Sessionaffinity +> * ####### F:Type +> * ### Spec +> * clusterIP: 1.1.1.1 +> * sessionAffinity: None +> * type: ClusterIP +> * #### Clusterips +> * 0: 1.1.1.1 +> * #### Ports +> * #### List +> * port: 443 +> * protocol: TCP +> * targetPort: 443 +> * #### Selector +> * app: nginx +> * ### Status +> * #### Loadbalancer + diff --git a/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/command_examples b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/command_examples new file mode 100644 index 000000000000..418d839d38cf --- /dev/null +++ b/Packs/AnsibleKubernetes/Integrations/AnsibleKubernetes/command_examples @@ -0,0 +1,4 @@ +!k8s-k8s name="testing" kind="Namespace" state="present" +!k8s-info kind="namespace" name="testing" +!k8s-scale kind="Deployment" name="nginx-deployment" namespace="testing" replicas="2" wait_timeout="60" +!k8s-service state="present" name="test-https" namespace="testing" ports="{{ [{'port': 443, 'protocol': 'TCP'}] }}" selector="{'app': 'nginx'}" \ No newline at end of file diff --git a/Packs/AnsibleKubernetes/README.md b/Packs/AnsibleKubernetes/README.md new file mode 100644 index 000000000000..8e162edc9006 --- /dev/null +++ b/Packs/AnsibleKubernetes/README.md @@ -0,0 +1,10 @@ +This pack enables you to integrate with Kubernetes. Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. + +This integration enables the management of Kubernetes using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack do? + +* Create, delete and manage resources +* Show information about resources +* Manage scaling of resources +* Manage Services \ No newline at end of file diff --git a/Packs/AnsibleKubernetes/pack_metadata.json b/Packs/AnsibleKubernetes/pack_metadata.json new file mode 100644 index 000000000000..5fbc3887a9f1 --- /dev/null +++ b/Packs/AnsibleKubernetes/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible Kubernetes", + "description": "Manage and control Kubernetes clusters.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT"], + "useCases": ["IT Services", "Asset Management"], + "keywords": [] +} \ No newline at end of file diff --git a/Packs/AnsibleLinux/.pack-ignore b/Packs/AnsibleLinux/.pack-ignore new file mode 100644 index 000000000000..c07f4b561ee3 --- /dev/null +++ b/Packs/AnsibleLinux/.pack-ignore @@ -0,0 +1,2 @@ +[file: README.md] +ignore=RM100 diff --git a/Packs/AnsibleLinux/.secrets-ignore b/Packs/AnsibleLinux/.secrets-ignore new file mode 100644 index 000000000000..8549391b5f3b --- /dev/null +++ b/Packs/AnsibleLinux/.secrets-ignore @@ -0,0 +1,9 @@ +123.123.123.123 +11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:22:33 +https://bind9.readthedocs.io +https://doc.powerdns.com +http://repo1.maven.org +@test.service +11:11:11:11:11:11:11:11 +11:11:11:11:11:11:11:12 diff --git a/Packs/AnsibleLinux/Integrations/AnsibleACME/ACME_image.png b/Packs/AnsibleLinux/Integrations/AnsibleACME/ACME_image.png new file mode 100644 index 0000000000000000000000000000000000000000..b72e98c48c10ae7f28338c31cefdbadf65a9f977 GIT binary patch literal 4590 zcmVb-Nles4V@+Z~ zW1_~EM3*sk?AV@>7)*kZs8PT!f`X!e0@ACrVFreoVdmaB?~ic^g9D6-F5k_V| zoV)kkcW?GR=bi>&#E20iMvNFSV#J6MBS!u%lv2|cu9LjHJhQyKJhLpCrB??4(rB8= z%k$1iQ^@luQ%X5s#H{?KTv{>S)7InIy5Xxo(#j&!B869TZeFcbO8hA(K%jQFc0aWt z=<5#%Au0e!EKanKxc^gJT|-@04;%L{){a=c?L`MJEUD2FBPot0kxa6(mm6(^%I z^TP^hg^N~}T#~XqUy|=%qYy)^kU%V#aMH@tr|gX1`Hog6vm$dsc6Dygiuy{EjOxtq zV{&4;zsO*WJd42zzVYaWRbo-XDgdCA!rsj8v7?1!H2@q-KGr8&l=A^0x*Y-qMQTOb zcLm}CI{p zUrGp}DP<`ZTjRH{prD`>@U(U?8BX@G0b zP!|`MdH|T%bz-WoQ>Vk)?l@mk5OO5>$cUF0iV=OZn&2dw#J^FPxS0V%06=Kr@MQYH z54HfnxvX^%OM-FNoSP46GmdDKd4Q`<5CU|E)vP?EfrQmQitzL0&v zX;ti+83z&%1iZ+=jA&>z!8dN*m{Te#>8!1H6?R(D!?s5a0L128-l$M1tpUJ_Z$)44 zIAnSA`vW}!MX$N_+@!6SNQ!%GzP@EXynsVe~-lbco9-Qj&cLOq_OREX4 zl8W55qhfa(kEAb$ES&EakE|yCi2_aCZ6lRwSu6_S(-{4{ZBb#0e zOWd=lthTh5w%*mD+d6+||0e*DP;_UzSW#n72tiJDPTzdEtPp0 zE^TW9fGOO@epo;VQ8t&9-TcLg5mne2WX04JjzJ&h>hrnk@^Lr0wA$P-fAsj*b4)Su z@Q^o`Jc*5PR>>vSZCNmAnxrMZFkZMf;ovfD-NVW?ZN<>#M_1wtM5IIvKb0CaQM;N& zL6P?4(RU@aCDE?du2lov`+ibfTM{Hw%FLvUlzTDjj}4U4v4oI@-M9CxxsY}7xSFb= zRI?5MxB#9z!DUg~yv$E;xo2KmZEMgCgg}xRbC=SxA%ti~{{SF~{ALWjurG?Mkn#<+ zBTl_~i&FY}(`vSp3IHMgA%z`<9k*&%H417ANAJHAJ_Z05^qc!bFPC2HJZ(L$c699cuD%v!2qu#9 zN!+?>TP^_%Dxlz2iKDh_BY}9=CJo^1-3!{z`HIfU49wEsh1DN)v%@;hR(4r85dZ_kChn zmfuv$5H3~m&2fnvDt8=vpMR>T*^ zoA0?D-neOCN=&GgsbyugqQ;4WqE1!EJD+)RJ%CC6&i>Nvw|1?M&AxOPps1{`@H>3v z=v)9VeA|%W@EF#A5{7>kVs%% zaD6?$Amx+hn=E?m2<-34dX0QrDeNG&tgoZaqUy6_2t05qkcIRSt|s5 z^W@dTR_)U6CqEBrj!Cj`>Z)jcveIkkcJqr;*Kk<_%yN0rjv-5v^@(cIZysikr!C-7 zmZ-Tr3KP?o*VP4<5iW0jmZ!Z{_S5=5=-u;y0Kl~o<~mN_@S9eZ(!7mzUtC|x1tVz7 zJ(g#F)nUT2hb_q)6P%QLZ--P>Z%YV)1e%6Mcz=!}iSAgA z5N}28=YtqST;w%~Cspp4nW*Gh>TSUs063I%sDD;fPKf6FO5q`N+y7pV_mTi0_F8Oc zrL>|e01y!PJNt(E2z?{~@K}_6u%3|#0KkGPXbAHD*9z_K(0JGJvc7KpHfSGIQv0O) zw^ujL1b`6#w=Z?F?|70@fDnQ_apBCUM^S-)I;Ez7W+a|ea(8t}ZHYtMp*9OlVA-qs zajLsMnLPx9i6O1m0PGeVc-LzEB`4bj`#*jm2A>m-Qehz|N#A2zkQk+}a44mmd!_fo z7^>s~fTM+D{e-ULzXpIa8D|_Gl&60VXu9nVLZADggF;UNKzLI48;@&pMrmIPZwK$4 zZ~DEN-t^%M`p@0&W#f^mt(Qrj4AcG&_8z(1k}nVgfJ`OFxr~czDW!Y>=;t|LBbRUi z0HOwoXISFCMb8^Jx4zbz8?pRO&G+xc>y*t?;(51EMRD*C+NC6<#lqR2bZ~Zoq^NNO z>|y7zahZei4#PR2>#SUs)()J@Mm zm(ao9Ll(9ZIM)l!?d0x4_r|VvnD4OS0N0+owDl*_Cqa8}@0|<)9|cVR)!o+Z9H1GA z=T>DeKA#)cxw-weg67L=oJ}h82I`cm!ht+_-9P8hAEjXV0vTgsQLL}#-UUDG|M*(xazpTd1edl(P;JRHxLDFJC(`|d&d8LI8UVNlACkP=_-^q<(WEkTla8A0(LAdG!N&#iNF7XPt?%SFdR@gq@P&*vH zX*)x8Uj=G#Qd>$c0PwUM`QG;47w7ez7d;>I5q|gZ^gK!aAV4$G_po(cJIr@jF#uf1 zj@?|RlsFMWV9GJ20nR-?)lOp$Bpn$bmDhAuvW%)kTBdhY*Ay!=OTWyjtZ_}RW!L0? z5tA7c5!5*-cU+g?b$OzKx1_2%HzlJ)M#Up9g98`XoSw~q>=@rVT^?tb394^%UL*kt#Eq`pNe=iD-qUK%k=65QXI`IR2a-N$_ z`#e5}CmZB7;8Q{fO)5zegx%V^T6+@1&9Z&rXWc*Bw-Fl=oqfUo(Cvd$wG(?++xEvl z?)%{t0N8meY{t3Fvqu;;(|nPpRhq96)Hl>woPKENN-coVRcMo(=%83p)V-7azxdRVA&>pUSi?zpaswCz9Duyv5 z1Q3`A>c{$zUb_q10RZK76@8hfQ$_<8c3MR&7x`#^&+9)g5< zl$2A!dFm@=loid*u_h)BT$KW9!lh;ouC+RGnp@UGE;7h1ou$f{f|w2mZXJ4hdJ^bh z?|F58-}zAsumAus$Z9}TvM@PH#i$1R2)$O0^cvYXvG3;4d3&8oGF+)r>79ETiW;0c zPoewvzjCi#;Iva>N!cK-T;jp?9rO(lr&rH6IJluIeCa19PaaQE+qaJv`Uhq=mDAzx z?`PtU`|#vqOGBQ^0wB(vPFpy7mg?B)JY*FuyeFV$);0Lov zZSbS*eLn|I>)0fn1}uWOB$TzVKWjH|{0$wUU(iP8;YE9%Qr4z_I&E$F`Q@k5Dl;Y# zLcr(o)$ewn{91^ANQxmr8u{;}aW^S4EixdZDz|Yz*T%$}2Dt|1zbeO!ycil=@QIWY z<4&gjd`3GbrU2SoyIfH+4Zni(T>rxKx3S=vGZT7@`|S$wAi7OM=@nQYov#){8r;0qoIUi_g1uyh2{>Q(0eyQ>jsD zleI9bq4r|E90U-ojaCFWb5uPT0 z95sjXn!H9fW;R?N None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + return_results('This integration does not support testing from this screen. \ + Please refer to the documentation for details on how to perform \ + configuration tests.') + elif command == 'acme-account': + return_results(generic_ansible('ACME', 'acme_account', args, int_params, host_type)) + elif command == 'acme-account-info': + return_results(generic_ansible('ACME', 'acme_account_info', args, int_params, host_type)) + elif command == 'acme-certificate': + return_results(generic_ansible('ACME', 'acme_certificate', args, int_params, host_type)) + elif command == 'acme-certificate-revoke': + return_results(generic_ansible('ACME', 'acme_certificate_revoke', args, int_params, host_type)) + elif command == 'acme-challenge-cert-helper': + return_results(generic_ansible('ACME', 'acme_challenge_cert_helper', args, int_params, host_type)) + elif command == 'acme-inspect': + return_results(generic_ansible('ACME', 'acme_inspect', args, int_params, host_type)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml b/Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml new file mode 100644 index 000000000000..139fd5dfb548 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME.yml @@ -0,0 +1,759 @@ +category: IT Services +commonfields: + id: AnsibleACME + version: -1 +configuration: +- additionalinfo: The credentials to associate with the instance. SSH keys can be + configured using the credential manager. + display: Username + name: creds + required: true + type: 9 +- additionalinfo: The default port to use if one is not specified in the commands + `host` argument. + defaultvalue: 22 + display: Default SSH Port + name: port + required: true + type: 0 +- additionalinfo: If multiple hosts are specified in a command, how many hosts should + be interacted with concurrently. + defaultvalue: '4' + display: Concurrency Factor + name: concurrency + required: true + type: 0 +- display: Escalate Privileges + additionalinfo: | + Ansible allows you to ‘become’ another user, different from the user that + logged into the machine (remote user). + name: become + required: true + type: 15 + options: + - "Yes" + - "No" + defaultvalue: 'Yes' +- display: Privilege Escalation Method + additionalinfo: Which privilege escalation method should be used. + name: become_method + required: true + type: 15 + options: + - "sudo" + - "su" + - "doas" + defaultvalue: 'sudo' +- display: Privilege Escalation User + additionalinfo: Set the user you become through privilege escalation + name: become_user + required: false + type: 0 + defaultvalue: 'root' +- display: Privilege Escalation Password + additionalinfo: Set the privilege escalation password. + name: become_password + required: false + type: 4 +description: Control Automatic Certificate Management Environment on Linux hosts +display: Ansible ACME +fromversion: 6.0.0 +name: AnsibleACME +script: + commands: + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: 'The state of the account, to be identified by its account key. + If the state is `absent`, the account will either not exist or be deactivated. + If the state is `changed_key`, the account must exist. The account key will + be changed; no other information will be touched.' + name: state + predefined: + - present + - absent + - changed_key + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether account creation is allowed (when state is `present`). + name: allow_creation + predefined: + - 'Yes' + - 'No' + - description: 'A list of contact URLs. Email addresses must be prefixed with + `mailto:`. See `https://tools.ietf.org/html/rfc8555#section-7.3` for what + is allowed. Must be specified when state is `present`. Will be ignored if + state is `absent` or `changed_key`.' + isArray: true + name: contact + - auto: PREDEFINED + defaultValue: 'No' + description: 'Boolean indicating whether you agree to the terms of service document. + ACME servers can require this to be true.' + name: terms_agreed + predefined: + - 'Yes' + - 'No' + - description: 'Path to a file containing the ACME account RSA or Elliptic Curve + key to change to. Same restrictions apply as to `account_key_src`. Mutually + exclusive with `new_account_key_content`. Required if `new_account_key_content` + is not used and state is `changed_key`.' + name: new_account_key_src + - description: 'Content of the ACME account RSA or Elliptic Curve key to change + to. Same restrictions apply as to `account_key_content`. Mutually exclusive + with `new_account_key_src`. Required if `new_account_key_src` is not used + and state is `changed_key`.' + name: new_account_key_content + - description: 'Path to a file containing the ACME account RSA or Elliptic Curve + key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys + can be created with `openssl ecparam -genkey ...`. Any other tool creating + private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. + Required if `account_key_content` is not used.' + name: account_key_src + - description: "Content of the ACME account RSA or Elliptic Curve key.\nMutually\ + \ exclusive with `account_key_src`.\nRequired if `account_key_src` is not\ + \ used.\n`Warning`: the content will be written into a temporary file, which\ + \ will be deleted by Ansible when the module completes. Since this is an important\ + \ private key — it can be used to change the account key, or to revoke your\ + \ certificates without knowing their private keys —, this might not be acceptable.\n\ + In case `cryptography` is used, the content is not written into a temporary\ + \ file. It can still happen that it is written to disk by Ansible in the process\ + \ of moving the module with its argument to the node where it is executed." + name: account_key_content + - description: If specified, assumes that the account URI is as given. If the + account key does not match this account, or an account with this URI does + not exist, the module fails. + name: account_uri + - auto: PREDEFINED + defaultValue: '1' + description: 'The ACME version of the endpoint. Must be 1 for the classic Let''s + Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints.' + name: acme_version + predefined: + - '1' + - '2' + - defaultValue: https://acme-staging.api.letsencrypt.org/directory + description: 'The ACME directory to use. This is the entry point URL to access + CA server API. For safety reasons the default is set to the Let''s Encrypt + staging server (for the ACME v1 protocol). This will create technically correct, + but untrusted certificates. For Let''s Encrypt, all staging endpoints can + be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, + all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` + For Let''s Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, + and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. + For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. + `Warning`: So far, the module has only been tested against Let''s Encrypt + (staging and production), Buypass (staging and production), and `Pebble testing + server,https://github.com/letsencrypt/Pebble`.' + name: acme_directory + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether calls to the ACME directory will validate TLS certificates. + `Warning`: Should `only ever` be set to `no` for testing purposes, for example + when testing against a local Pebble server.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set + to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - openssl + description: "Create, modify or delete ACME accounts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/acme_account_module.html" + name: acme-account + outputs: + - contextPath: ACME.AcmeAccount.account_uri + description: ACME account URI, or None if account does not exist. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: ignore + description: 'Whether to retrieve the list of order URLs or order objects, if + provided by the ACME server. A value of `ignore` will not fetch the list of + orders. Currently, Let''s Encrypt does not return orders, so the `orders` + result will always be empty.' + name: retrieve_orders + predefined: + - ignore + - url_list + - object_list + - description: 'Path to a file containing the ACME account RSA or Elliptic Curve + key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys + can be created with `openssl ecparam -genkey ...`. Any other tool creating + private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. + Required if `account_key_content` is not used.' + name: account_key_src + - description: "Content of the ACME account RSA or Elliptic Curve key.\nMutually\ + \ exclusive with `account_key_src`.\nRequired if `account_key_src` is not\ + \ used.\n`Warning`: the content will be written into a temporary file, which\ + \ will be deleted by Ansible when the module completes. Since this is an important\ + \ private key — it can be used to change the account key, or to revoke your\ + \ certificates without knowing their private keys —, this might not be acceptable.\n\ + In case `cryptography` is used, the content is not written into a temporary\ + \ file. It can still happen that it is written to disk by Ansible in the process\ + \ of moving the module with its argument to the node where it is executed." + name: account_key_content + - description: If specified, assumes that the account URI is as given. If the + account key does not match this account, or an account with this URI does + not exist, the module fails. + name: account_uri + - auto: PREDEFINED + defaultValue: '1' + description: 'The ACME version of the endpoint. Must be 1 for the classic Let''s + Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints.' + name: acme_version + predefined: + - '1' + - '2' + - defaultValue: https://acme-staging.api.letsencrypt.org/directory + description: 'The ACME directory to use. This is the entry point URL to access + CA server API. For safety reasons the default is set to the Let''s Encrypt + staging server (for the ACME v1 protocol). This will create technically correct, + but untrusted certificates. For Let''s Encrypt, all staging endpoints can + be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, + all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` + For Let''s Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, + and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. + For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. + `Warning`: So far, the module has only been tested against Let''s Encrypt + (staging and production), Buypass (staging and production), and `Pebble testing + server,https://github.com/letsencrypt/Pebble`.' + name: acme_directory + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether calls to the ACME directory will validate TLS certificates. + `Warning`: Should `only ever` be set to `no` for testing purposes, for example + when testing against a local Pebble server.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set + to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - openssl + description: "Retrieves information on ACME accounts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/acme_account_info_module.html" + name: acme-account-info + outputs: + - contextPath: ACME.AcmeAccountInfo.exists + description: Whether the account exists. + type: boolean + - contextPath: ACME.AcmeAccountInfo.account_uri + description: ACME account URI, or None if account does not exist. + type: string + - contextPath: ACME.AcmeAccountInfo.account + description: The account information, as retrieved from the ACME server. + type: unknown + - contextPath: ACME.AcmeAccountInfo.orders + description: 'The list of orders. If `retrieve_orders` is `url_list`, this will + be a list of URLs. If `retrieve_orders` is `object_list`, this will be a list + of objects.' + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The email address associated with this account. It will be used + for certificate expiration warnings. Note that when `modify_account` is not + set to `no` and you also used the `acme_account` module to specify more than + one contact for your account, this module will update your account and restrict + it to the (at most one) contact email address specified here.' + name: account_email + - description: 'URI to a terms of service document you agree to when using the + ACME v1 service at `acme_directory`. Default is latest gathered from `acme_directory` + URL. This option will only be used when `acme_version` is 1.' + name: agreement + - auto: PREDEFINED + defaultValue: 'No' + description: 'Boolean indicating whether you agree to the terms of service document. + ACME servers can require this to be true. This option will only be used when + `acme_version` is not 1.' + name: terms_agreed + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Boolean indicating whether the module should create the account + if necessary, and update its contact data. Set to `no` if you want to use + the `acme_account` module to manage your account instead, and to avoid accidental + creation of a new account using an old key if you changed the account key + with `acme_account`. If set to `no`, `terms_agreed` and `account_email` are + ignored.' + name: modify_account + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: http-01 + description: The challenge to be performed. + name: challenge + predefined: + - http-01 + - dns-01 + - tls-alpn-01 + - description: 'File containing the CSR for the new certificate. Can be created + with `openssl req ...`. The CSR may contain multiple Subject Alternate Names, + but each one will lead to an individual challenge that must be fulfilled for + the CSR to be signed. `Note`: the private key used to create the CSR `must + not` be the account key. This is a bad idea from a security point of view, + and the CA should not accept the CSR. The ACME server should return an error + in this case.' + name: csr + required: true + - description: 'The data to validate ongoing challenges. This must be specified + for the second run of the module only. The value that must be used here will + be provided by a previous use of this module. See the examples for more details. + Note that for ACME v2, only the `order_uri` entry of `data` will be used. + For ACME v1, `data` must be non-empty to indicate the second stage is active; + all needed data will be taken from the CSR. `Note`: the `data` option was + marked as `no_log` up to Ansible 2.5. From Ansible 2.6 on, it is no longer + marked this way as it causes error messages to be come unusable, and `data` + does not contain any information which can be used without having access to + the account key or which are not public anyway.' + isArray: true + name: data + - description: 'The destination file for the certificate. Required if `fullchain_dest` + is not specified.' + name: dest + - description: 'The destination file for the full chain (i.e. certificate followed + by chain of intermediate certificates). Required if `dest` is not specified.' + name: fullchain_dest + - description: If specified, the intermediate certificate will be written to this + file. + name: chain_dest + - defaultValue: '10' + description: 'The number of days the certificate must have left being valid. + If `cert_days < remaining_days`, then it will be renewed. If the certificate + is not renewed, module return values will not include `challenge_data`. To + make sure that the certificate is renewed in any case, you can use the `force` + option.' + name: remaining_days + - auto: PREDEFINED + defaultValue: 'No' + description: 'Deactivate authentication objects (authz) after issuing a certificate, + or when issuing the certificate failed. Authentication objects are bound to + an account key and remain valid for a certain amount of time, and can be used + to issue certificates without having to re-authenticate the domain. This can + be a security concern.' + name: deactivate_authzs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Enforces the execution of the challenge and validation, even if + an existing certificate is still valid for more than `remaining_days`. This + is especially helpful when having an updated CSR e.g. with additional domains + for which a new certificate is desired.' + name: force + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: When set to `yes`, will retrieve all alternate chains offered by + the ACME CA. These will not be written to disk, but will be returned together + with the main chain as `all_chains`. See the documentation for the `all_chains` + return value for details. + name: retrieve_all_alternates + predefined: + - 'Yes' + - 'No' + - description: 'Path to a file containing the ACME account RSA or Elliptic Curve + key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys + can be created with `openssl ecparam -genkey ...`. Any other tool creating + private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. + Required if `account_key_content` is not used.' + name: account_key_src + - description: "Content of the ACME account RSA or Elliptic Curve key.\nMutually\ + \ exclusive with `account_key_src`.\nRequired if `account_key_src` is not\ + \ used.\n`Warning`: the content will be written into a temporary file, which\ + \ will be deleted by Ansible when the module completes. Since this is an important\ + \ private key — it can be used to change the account key, or to revoke your\ + \ certificates without knowing their private keys —, this might not be acceptable.\n\ + In case `cryptography` is used, the content is not written into a temporary\ + \ file. It can still happen that it is written to disk by Ansible in the process\ + \ of moving the module with its argument to the node where it is executed." + name: account_key_content + - description: If specified, assumes that the account URI is as given. If the + account key does not match this account, or an account with this URI does + not exist, the module fails. + name: account_uri + - auto: PREDEFINED + defaultValue: '1' + description: 'The ACME version of the endpoint. Must be 1 for the classic Let''s + Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints.' + name: acme_version + predefined: + - '1' + - '2' + - defaultValue: https://acme-staging.api.letsencrypt.org/directory + description: 'The ACME directory to use. This is the entry point URL to access + CA server API. For safety reasons the default is set to the Let''s Encrypt + staging server (for the ACME v1 protocol). This will create technically correct, + but untrusted certificates. For Let''s Encrypt, all staging endpoints can + be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, + all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` + For Let''s Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, + and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. + For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. + `Warning`: So far, the module has only been tested against Let''s Encrypt + (staging and production), Buypass (staging and production), and `Pebble testing + server,https://github.com/letsencrypt/Pebble`.' + name: acme_directory + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether calls to the ACME directory will validate TLS certificates. + `Warning`: Should `only ever` be set to `no` for testing purposes, for example + when testing against a local Pebble server.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set + to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - openssl + description: "Create SSL/TLS certificates with the ACME protocol\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/acme_certificate_module.html" + name: acme-certificate + outputs: + - contextPath: ACME.AcmeCertificate.cert_days + description: The number of days the certificate remains valid. + type: number + - contextPath: ACME.AcmeCertificate.challenge_data + description: 'Per identifier / challenge type challenge data. Since Ansible + 2.8.5, only challenges which are not yet valid are returned.' + type: unknown + - contextPath: ACME.AcmeCertificate.challenge_data_dns + description: 'List of TXT values per DNS record, in case challenge is `dns-01`. + Since Ansible 2.8.5, only challenges which are not yet valid are returned.' + type: unknown + - contextPath: ACME.AcmeCertificate.authorizations + description: 'ACME authorization data. Maps an identifier to ACME authorization + objects. See `https://tools.ietf.org/html/rfc8555#section-7.1.4`.' + type: unknown + - contextPath: ACME.AcmeCertificate.order_uri + description: ACME order URI. + type: string + - contextPath: ACME.AcmeCertificate.finalization_uri + description: ACME finalization URI. + type: string + - contextPath: ACME.AcmeCertificate.account_uri + description: ACME account URI. + type: string + - contextPath: ACME.AcmeCertificate.all_chains + description: 'When `retrieve_all_alternates` is set to `yes`, the module will + query the ACME server for alternate chains. This return value will contain + a list of all chains returned, the first entry being the main chain returned + by the server. See `Section 7.4.2 of RFC8555,https://tools.ietf.org/html/rfc8555#section-7.4.2` + for details.' + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Path to the certificate to revoke. + name: certificate + required: true + - description: 'Path to a file containing the ACME account RSA or Elliptic Curve + key. RSA keys can be created with `openssl rsa ...`. Elliptic curve keys can + be created with `openssl ecparam -genkey ...`. Any other tool creating private + keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. + Required if `account_key_content` is not used.' + name: account_key_src + - description: "Content of the ACME account RSA or Elliptic Curve key.\nNote that\ + \ exactly one of `account_key_src`, `account_key_content`, `private_key_src`\ + \ or `private_key_content` must be specified.\n`Warning`: the content will\ + \ be written into a temporary file, which will be deleted by Ansible when\ + \ the module completes. Since this is an important private key — it can be\ + \ used to change the account key, or to revoke your certificates without knowing\ + \ their private keys —, this might not be acceptable.\nIn case `cryptography`\ + \ is used, the content is not written into a temporary file. It can still\ + \ happen that it is written to disk by Ansible in the process of moving the\ + \ module with its argument to the node where it is executed." + name: account_key_content + - description: 'Path to the certificate''s private key. Note that exactly one + of `account_key_src`, `account_key_content`, `private_key_src` or `private_key_content` + must be specified.' + name: private_key_src + - description: "Content of the certificate's private key.\nNote that exactly one\ + \ of `account_key_src`, `account_key_content`, `private_key_src` or `private_key_content`\ + \ must be specified.\n`Warning`: the content will be written into a temporary\ + \ file, which will be deleted by Ansible when the module completes. Since\ + \ this is an important private key — it can be used to change the account\ + \ key, or to revoke your certificates without knowing their private keys —,\ + \ this might not be acceptable.\nIn case `cryptography` is used, the content\ + \ is not written into a temporary file. It can still happen that it is written\ + \ to disk by Ansible in the process of moving the module with its argument\ + \ to the node where it is executed." + name: private_key_content + - description: 'One of the revocation reasonCodes defined in `Section 5.3.1 of + RFC5280,https://tools.ietf.org/html/rfc5280#section-5.3.1`. Possible values + are `0` (unspecified), `1` (keyCompromise), `2` (cACompromise), `3` (affiliationChanged), + `4` (superseded), `5` (cessationOfOperation), `6` (certificateHold), `8` (removeFromCRL), + `9` (privilegeWithdrawn), `10` (aACompromise)' + name: revoke_reason + - description: If specified, assumes that the account URI is as given. If the + account key does not match this account, or an account with this URI does + not exist, the module fails. + name: account_uri + - auto: PREDEFINED + defaultValue: '1' + description: 'The ACME version of the endpoint. Must be 1 for the classic Let''s + Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints.' + name: acme_version + predefined: + - '1' + - '2' + - defaultValue: https://acme-staging.api.letsencrypt.org/directory + description: 'The ACME directory to use. This is the entry point URL to access + CA server API. For safety reasons the default is set to the Let''s Encrypt + staging server (for the ACME v1 protocol). This will create technically correct, + but untrusted certificates. For Let''s Encrypt, all staging endpoints can + be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, + all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` + For Let''s Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, + and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. + For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. + `Warning`: So far, the module has only been tested against Let''s Encrypt + (staging and production), Buypass (staging and production), and `Pebble testing + server,https://github.com/letsencrypt/Pebble`.' + name: acme_directory + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether calls to the ACME directory will validate TLS certificates. + `Warning`: Should `only ever` be set to `no` for testing purposes, for example + when testing against a local Pebble server.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set + to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - openssl + description: "Revoke certificates with the ACME protocol\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/acme_certificate_revoke_module.html" + name: acme-certificate-revoke + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: The challenge type. + name: challenge + predefined: + - tls-alpn-01 + required: true + - description: The `challenge_data` entry provided by `acme_certificate` for the + challenge. + isArray: true + name: challenge_data + required: true + - description: 'Path to a file containing the private key file to use for this + challenge certificate. Mutually exclusive with `private_key_content`.' + name: private_key_src + - description: 'Content of the private key to use for this challenge certificate. + Mutually exclusive with `private_key_src`.' + name: private_key_content + description: "Prepare certificates required for ACME challenges such as C(tls-alpn-01)\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acme_challenge_cert_helper_module.html" + name: acme-challenge-cert-helper + outputs: + - contextPath: ACME.AcmeChallengeCertHelper.domain + description: The domain the challenge is for. The certificate should be provided + if this is specified in the request's the `Host` header. + type: string + - contextPath: ACME.AcmeChallengeCertHelper.identifier_type + description: The identifier type for the actual resource identifier. Will be + `dns` or `ip`. + type: string + - contextPath: ACME.AcmeChallengeCertHelper.identifier + description: The identifier for the actual resource. Will be a domain name if + the type is `dns`, or an IP address if the type is `ip`. + type: string + - contextPath: ACME.AcmeChallengeCertHelper.challenge_certificate + description: The challenge certificate in PEM format. + type: string + - contextPath: ACME.AcmeChallengeCertHelper.regular_certificate + description: 'A self-signed certificate for the challenge domain. If no existing + certificate exists, can be used to set-up https in the first place if that + is needed for providing the challenge.' + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The URL to send the request to. Must be specified if `method` + is not `directory-only`.' + name: url + - auto: PREDEFINED + defaultValue: get + description: 'The method to use to access the given URL on the ACME server. + The value `post` executes an authenticated POST request. The content must + be specified in the `content` option. The value `get` executes an authenticated + POST-as-GET request for ACME v2, and a regular GET request for ACME v1. The + value `directory-only` only retrieves the directory, without doing a request.' + name: method + predefined: + - get + - post + - directory-only + - description: 'An encoded JSON object which will be sent as the content if `method` + is `post`. Required when `method` is `post`, and not allowed otherwise.' + name: content + - auto: PREDEFINED + defaultValue: 'Yes' + description: If `method` is `post` or `get`, make the module fail in case an + ACME error is returned. + name: fail_on_acme_error + predefined: + - 'Yes' + - 'No' + - description: 'Path to a file containing the ACME account RSA or Elliptic Curve + key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys + can be created with `openssl ecparam -genkey ...`. Any other tool creating + private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. + Required if `account_key_content` is not used.' + name: account_key_src + - description: "Content of the ACME account RSA or Elliptic Curve key.\nMutually\ + \ exclusive with `account_key_src`.\nRequired if `account_key_src` is not\ + \ used.\n`Warning`: the content will be written into a temporary file, which\ + \ will be deleted by Ansible when the module completes. Since this is an important\ + \ private key — it can be used to change the account key, or to revoke your\ + \ certificates without knowing their private keys —, this might not be acceptable.\n\ + In case `cryptography` is used, the content is not written into a temporary\ + \ file. It can still happen that it is written to disk by Ansible in the process\ + \ of moving the module with its argument to the node where it is executed." + name: account_key_content + - description: If specified, assumes that the account URI is as given. If the + account key does not match this account, or an account with this URI does + not exist, the module fails. + name: account_uri + - auto: PREDEFINED + defaultValue: '1' + description: 'The ACME version of the endpoint. Must be 1 for the classic Let''s + Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints.' + name: acme_version + predefined: + - '1' + - '2' + - defaultValue: https://acme-staging.api.letsencrypt.org/directory + description: 'The ACME directory to use. This is the entry point URL to access + CA server API. For safety reasons the default is set to the Let''s Encrypt + staging server (for the ACME v1 protocol). This will create technically correct, + but untrusted certificates. For Let''s Encrypt, all staging endpoints can + be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, + all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` + For Let''s Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, + and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. + For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. + `Warning`: So far, the module has only been tested against Let''s Encrypt + (staging and production), Buypass (staging and production), and `Pebble testing + server,https://github.com/letsencrypt/Pebble`.' + name: acme_directory + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether calls to the ACME directory will validate TLS certificates. + `Warning`: Should `only ever` be set to `no` for testing purposes, for example + when testing against a local Pebble server.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set + to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - openssl + description: "Send direct requests to an ACME server\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/acme_inspect_module.html" + name: acme-inspect + outputs: + - contextPath: ACME.AcmeInspect.directory + description: The ACME directory's content + type: unknown + - contextPath: ACME.AcmeInspect.headers + description: The request's HTTP headers (with lowercase keys) + type: unknown + - contextPath: ACME.AcmeInspect.output_text + description: The raw text output + type: string + - contextPath: ACME.AcmeInspect.output_json + description: The output parsed as JSON + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME_description.md b/Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME_description.md new file mode 100644 index 000000000000..1aad0f08f294 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleACME/AnsibleACME_description.md @@ -0,0 +1,30 @@ +# Ansible ACME +This integration lets you manage certificate generation on Linux hosts with a CA supporting the ACME protocol, such as Let’s Encrypt. + +## Requirements +This integration requires a linux host to be specified from which the connections to the ACME service will be performed, and where the certificate/key files will be stored. + +The Linux host used for ACME interaction requires: +* python >= 2.6 +* either openssl or cryptography >= 1.5 + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the Linux host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. +## Credentials +This integration supports a number of methods of authenticating with the Linux Host: +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions +Normal Linux user privileges are required, a SuperUser account is not required. +ACME Account management operations require access to the ACME account RSA or Elliptic Curve key file on the Linux host used for management to authenticate with the ACME service. + +## Privilege Escalation +Ansible can use existing privilege escalation systems to allow a user to execute tasks as another. Different from the user that logged into the machine (remote user). This is done using existing privilege escalation tools, which you probably already use or have configured, like sudo, su, or doas. Use the Integration parameters `Escalate Privileges`, `Privilege Escalation Method`, `Privilege Escalation User`, `Privileges Escalation Password` to configure this. + +## Testing +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!acme-inspect`command providing an example `host` as the command argument to connect to a ACME provider like Let's Encrypt. Eg. `!acme-inspect host="123.123.123.123" acme_directory="https://acme-staging-v02.api.letsencrypt.org/directory" acme_version="2" method="directory-only" ` This command will connect to the specified host with the configured credentials in the integration, and if successful output information about the Let's Encrypt ACME directory. + diff --git a/Packs/AnsibleLinux/Integrations/AnsibleACME/README.md b/Packs/AnsibleLinux/Integrations/AnsibleACME/README.md new file mode 100644 index 000000000000..295450fd76dc --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleACME/README.md @@ -0,0 +1,550 @@ +Automatic Certificate Management Environment on Linux hosts management using Ansible modules. +This integration lets you manage certificate generation on Linux hosts with a CA supporting the ACME protocol, such as Let’s Encrypt. +The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server, all you need to do is provide credentials you are ready to use the feature rich commands. This integration functions without any agents or additional software installed on the hosts by utilising SSH combined with Python. + +To use this integration, configure an instance of this integration. This will associate a credential to be used to access hosts when commands are run. The commands from this integration will take the Linux host address(es) as an input, and use the saved credential associated to the instance to execute. Create separate instances if multiple credentials are required. + +This integration was tested with Let's Encrypt and supports the ACME http-01, dns-01 and tls-alpn-01 challenges. + +## Requirements +This integration requires a linux host to be specified from which the connections to the ACME service will be performed, and where the certificate/key files will be stored. + +The Linux host used for ACME interaction requires: +* python >= 2.6 +* either openssl or cryptography >= 1.5 + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the Linux host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. +## Credentials +This integration supports a number of methods of authenticating with the Linux Host: +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions +Normal Linux user privileges are required, a SuperUser account is not required. +ACME Account management operations require access to the ACME account RSA or Elliptic Curve key file on the Linux host used for management to authenticate with the ACME service. + +## Privilege Escalation +Ansible can use existing privilege escalation systems to allow a user to execute tasks as another. Different from the user that logged into the machine (remote user). This is done using existing privilege escalation tools, which you probably already use or have configured, like sudo, su, or doas. Use the Integration parameters `Escalate Privileges`, `Privilege Escalation Method`, `Privilege Escalation User`, `Privileges Escalation Password` to configure this. + +## Further information +This integration is powered by Ansible 2.9. Further information can be found on that the following locations: +* [The Let’s Encrypt documentation](https://letsencrypt.org/docs/) +* [Automatic Certificate Management Environment (ACME)](https://tools.ietf.org/html/rfc8555) +## Configure Ansible ACME on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible ACME. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Username | The credentials to associate with the instance. SSH keys can be configured using the credential manager. | True | + | Password | | True | + | Default SSH Port | The default port to use if one is not specified in the commands \`host\` argument. | True | + | Concurrency Factor | If multiple hosts are specified in a command, how many hosts should be interacted with concurrently. | True | + | Escalate Privileges | Ansible allows you to ‘become’ another user, different from the user that
logged into the machine \(remote user\).
| True | + | Privilege Escalation Method | Which privilege escalation method should be used. | True | + | Privilege Escalation User | Set the user you become through privilege escalation | False | + | Privilege Escalation Password | Set the privilege escalation password. | False | + +## Testing +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!acme-inspect`command providing an example `host` as the command argument to connect to a ACME provider like Let's Encrypt. Eg. `!acme-inspect host="123.123.123.123" acme_directory="https://acme-staging-v02.api.letsencrypt.org/directory" acme_version="2" method="directory-only" ` This command will connect to the specified host with the configured credentials in the integration, and if successful output information about the Let's Encrypt ACME directory. + +## Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +## State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### acme-account +*** +Create, modify or delete ACME accounts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acme_account_module.html + +#### Base Command + +`acme-account` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | The state of the account, to be identified by its account key. If the state is `absent`, the account will either not exist or be deactivated. If the state is `changed_key`, the account must exist. The account key will be changed; no other information will be touched. Possible values are: present, absent, changed_key. | Required | +| allow_creation | Whether account creation is allowed (when state is `present`). Possible values are: Yes, No. Default is Yes. | Optional | +| contact | A list of contact URLs. Email addresses must be prefixed with `mailto:`. See `https://tools.ietf.org/html/rfc8555#section-7.3` for what is allowed. Must be specified when state is `present`. Will be ignored if state is `absent` or `changed_key`. | Optional | +| terms_agreed | Boolean indicating whether you agree to the terms of service document. ACME servers can require this to be true. Possible values are: Yes, No. Default is No. | Optional | +| new_account_key_src | Path to a file containing the ACME account RSA or Elliptic Curve key to change to. Same restrictions apply as to `account_key_src`. Mutually exclusive with `new_account_key_content`. Required if `new_account_key_content` is not used and state is `changed_key`. | Optional | +| new_account_key_content | Content of the ACME account RSA or Elliptic Curve key to change to. Same restrictions apply as to `account_key_content`. Mutually exclusive with `new_account_key_src`. Required if `new_account_key_src` is not used and state is `changed_key`. | Optional | +| account_key_src | Path to a file containing the ACME account RSA or Elliptic Curve key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys can be created with `openssl ecparam -genkey ...`. Any other tool creating private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. Required if `account_key_content` is not used. | Optional | +| account_key_content | Content of the ACME account RSA or Elliptic Curve key.
Mutually exclusive with `account_key_src`.
Required if `account_key_src` is not used.
`Warning`: the content will be written into a temporary file, which will be deleted by Ansible when the module completes. Since this is an important private key — it can be used to change the account key, or to revoke your certificates without knowing their private keys —, this might not be acceptable.
In case `cryptography` is used, the content is not written into a temporary file. It can still happen that it is written to disk by Ansible in the process of moving the module with its argument to the node where it is executed. | Optional | +| account_uri | If specified, assumes that the account URI is as given. If the account key does not match this account, or an account with this URI does not exist, the module fails. | Optional | +| acme_version | The ACME version of the endpoint. Must be 1 for the classic Let's Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints. Possible values are: 1, 2. Default is 1. | Optional | +| acme_directory | The ACME directory to use. This is the entry point URL to access CA server API. For safety reasons the default is set to the Let's Encrypt staging server (for the ACME v1 protocol). This will create technically correct, but untrusted certificates. For Let's Encrypt, all staging endpoints can be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` For Let's Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. `Warning`: So far, the module has only been tested against Let's Encrypt (staging and production), Buypass (staging and production), and `Pebble testing server,https://github.com/letsencrypt/Pebble`. Default is https://acme-staging.api.letsencrypt.org/directory. | Optional | +| validate_certs | Whether calls to the ACME directory will validate TLS certificates. `Warning`: Should `only ever` be set to `no` for testing purposes, for example when testing against a local Pebble server. Possible values are: Yes, No. Default is Yes. | Optional | +| select_crypto_backend | Determines which crypto backend to use. The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library. Possible values are: auto, cryptography, openssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| ACME.AcmeAccount.account_uri | string | ACME account URI, or None if account does not exist. | + + +#### Command Example +```!acme-account host="123.123.123.123" "account_key_src"="/etc/letsencrypt/keys/example.com.key" state="present" terms_agreed="True" contact="mailto:user@example.com" acme_version=2 acme_directory=https://acme-staging-v02.api.letsencrypt.org/directory``` + +#### Context Example +```json +{ + "ACME": { + "AcmeAccount": { + "account_uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/12345678", + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * account_uri: https://acme-staging-v02.api.letsencrypt.org/acme/acct/12345678 +> * changed: False + + +### acme-account-info +*** +Retrieves information on ACME accounts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acme_account_info_module.html + + +#### Base Command + +`acme-account-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| retrieve_orders | Whether to retrieve the list of order URLs or order objects, if provided by the ACME server. A value of `ignore` will not fetch the list of orders. Currently, Let's Encrypt does not return orders, so the `orders` result will always be empty. Possible values are: ignore, url_list, object_list. Default is ignore. | Optional | +| account_key_src | Path to a file containing the ACME account RSA or Elliptic Curve key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys can be created with `openssl ecparam -genkey ...`. Any other tool creating private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. Required if `account_key_content` is not used. | Optional | +| account_key_content | Content of the ACME account RSA or Elliptic Curve key.
Mutually exclusive with `account_key_src`.
Required if `account_key_src` is not used.
`Warning`: the content will be written into a temporary file, which will be deleted by Ansible when the module completes. Since this is an important private key — it can be used to change the account key, or to revoke your certificates without knowing their private keys —, this might not be acceptable.
In case `cryptography` is used, the content is not written into a temporary file. It can still happen that it is written to disk by Ansible in the process of moving the module with its argument to the node where it is executed. | Optional | +| account_uri | If specified, assumes that the account URI is as given. If the account key does not match this account, or an account with this URI does not exist, the module fails. | Optional | +| acme_version | The ACME version of the endpoint. Must be 1 for the classic Let's Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints. Possible values are: 1, 2. Default is 1. | Optional | +| acme_directory | The ACME directory to use. This is the entry point URL to access CA server API. For safety reasons the default is set to the Let's Encrypt staging server (for the ACME v1 protocol). This will create technically correct, but untrusted certificates. For Let's Encrypt, all staging endpoints can be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` For Let's Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. `Warning`: So far, the module has only been tested against Let's Encrypt (staging and production), Buypass (staging and production), and `Pebble testing server,https://github.com/letsencrypt/Pebble`. Default is https://acme-staging.api.letsencrypt.org/directory. | Optional | +| validate_certs | Whether calls to the ACME directory will validate TLS certificates. `Warning`: Should `only ever` be set to `no` for testing purposes, for example when testing against a local Pebble server. Possible values are: Yes, No. Default is Yes. | Optional | +| select_crypto_backend | Determines which crypto backend to use. The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library. Possible values are: auto, cryptography, openssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| ACME.AcmeAccountInfo.exists | boolean | Whether the account exists. | +| ACME.AcmeAccountInfo.account_uri | string | ACME account URI, or None if account does not exist. | +| ACME.AcmeAccountInfo.account | unknown | The account information, as retrieved from the ACME server. | +| ACME.AcmeAccountInfo.orders | unknown | The list of orders. If \`retrieve_orders\` is \`url_list\`, this will be a list of URLs. If \`retrieve_orders\` is \`object_list\`, this will be a list of objects. | + + +#### Command Example +```!acme-account-info host="123.123.123.123" "account_key_src"="/etc/letsencrypt/keys/example.com.key" acme_version=2 acme_directory=https://acme-staging-v02.api.letsencrypt.org/directory``` + +#### Context Example +```json +{ + "ACME": { + "AcmeAccountInfo": { + "account": { + "contact": [ + "mailto:user@example.com" + ], + "createdAt": "2021-07-10T09:53:36Z", + "initialIp": "123.123.123.123", + "key": { + "e": "AQAB", + "kty": "RSA", + "n": "pdq0KgKTw2ih3...AgYk" + }, + "public_account_key": { + "e": "AQAB", + "kty": "RSA", + "n": "pdq0KgKTw2ih3U...97AgYk" + }, + "status": "valid" + }, + "account_uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/12345678", + "changed": false, + "exists": true, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * account_uri: https://acme-staging-v02.api.letsencrypt.org/acme/acct/12345678 +> * changed: False +> * exists: True +> * ## Account +> * createdAt: 2021-07-10T09:56:36Z +> * initialIp: 123.123.123.123 +> * status: valid +> * ### Contact +> * 0: mailto:user@example.com +> * ### Key +> * e: AQAB +> * kty: RSA +> * n: pdq0KgKTw2...97AgYk +> * ### Public_Account_Key +> * e: AQAB +> * kty: RSA +> * n: pdq0KgKTw2ih3...7AgYk + + +### acme-certificate +*** +Create SSL/TLS certificates with the ACME protocol +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acme_certificate_module.html + + +#### Base Command + +`acme-certificate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| account_email | The email address associated with this account. It will be used for certificate expiration warnings. Note that when `modify_account` is not set to `no` and you also used the `acme_account` module to specify more than one contact for your account, this module will update your account and restrict it to the (at most one) contact email address specified here. | Optional | +| agreement | URI to a terms of service document you agree to when using the ACME v1 service at `acme_directory`. Default is latest gathered from `acme_directory` URL. This option will only be used when `acme_version` is 1. | Optional | +| terms_agreed | Boolean indicating whether you agree to the terms of service document. ACME servers can require this to be true. This option will only be used when `acme_version` is not 1. Possible values are: Yes, No. Default is No. | Optional | +| modify_account | Boolean indicating whether the module should create the account if necessary, and update its contact data. Set to `no` if you want to use the `acme_account` module to manage your account instead, and to avoid accidental creation of a new account using an old key if you changed the account key with `acme_account`. If set to `no`, `terms_agreed` and `account_email` are ignored. Possible values are: Yes, No. Default is Yes. | Optional | +| challenge | The challenge to be performed. Possible values are: http-01, dns-01, tls-alpn-01. Default is http-01. | Optional | +| csr | File containing the CSR for the new certificate. Can be created with `openssl req ...`. The CSR may contain multiple Subject Alternate Names, but each one will lead to an individual challenge that must be fulfilled for the CSR to be signed. `Note`: the private key used to create the CSR `must not` be the account key. This is a bad idea from a security point of view, and the CA should not accept the CSR. The ACME server should return an error in this case. | Required | +| data | The data to validate ongoing challenges. This must be specified for the second run of the module only. The value that must be used here will be provided by a previous use of this module. See the examples for more details. Note that for ACME v2, only the `order_uri` entry of `data` will be used. For ACME v1, `data` must be non-empty to indicate the second stage is active; all needed data will be taken from the CSR. `Note`: the `data` option was marked as `no_log` up to Ansible 2.5. From Ansible 2.6 on, it is no longer marked this way as it causes error messages to be come unusable, and `data` does not contain any information which can be used without having access to the account key or which are not public anyway. | Optional | +| dest | The destination file for the certificate. Required if `fullchain_dest` is not specified. | Optional | +| fullchain_dest | The destination file for the full chain (i.e. certificate followed by chain of intermediate certificates). Required if `dest` is not specified. | Optional | +| chain_dest | If specified, the intermediate certificate will be written to this file. | Optional | +| remaining_days | The number of days the certificate must have left being valid. If `cert_days < remaining_days`, then it will be renewed. If the certificate is not renewed, module return values will not include `challenge_data`. To make sure that the certificate is renewed in any case, you can use the `force` option. Default is 10. | Optional | +| deactivate_authzs | Deactivate authentication objects (authz) after issuing a certificate, or when issuing the certificate failed. Authentication objects are bound to an account key and remain valid for a certain amount of time, and can be used to issue certificates without having to re-authenticate the domain. This can be a security concern. Possible values are: Yes, No. Default is No. | Optional | +| force | Enforces the execution of the challenge and validation, even if an existing certificate is still valid for more than `remaining_days`. This is especially helpful when having an updated CSR e.g. with additional domains for which a new certificate is desired. Possible values are: Yes, No. Default is No. | Optional | +| retrieve_all_alternates | When set to `yes`, will retrieve all alternate chains offered by the ACME CA. These will not be written to disk, but will be returned together with the main chain as `all_chains`. See the documentation for the `all_chains` return value for details. Possible values are: Yes, No. Default is No. | Optional | +| account_key_src | Path to a file containing the ACME account RSA or Elliptic Curve key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys can be created with `openssl ecparam -genkey ...`. Any other tool creating private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. Required if `account_key_content` is not used. | Optional | +| account_key_content | Content of the ACME account RSA or Elliptic Curve key.
Mutually exclusive with `account_key_src`.
Required if `account_key_src` is not used.
`Warning`: the content will be written into a temporary file, which will be deleted by Ansible when the module completes. Since this is an important private key — it can be used to change the account key, or to revoke your certificates without knowing their private keys —, this might not be acceptable.
In case `cryptography` is used, the content is not written into a temporary file. It can still happen that it is written to disk by Ansible in the process of moving the module with its argument to the node where it is executed. | Optional | +| account_uri | If specified, assumes that the account URI is as given. If the account key does not match this account, or an account with this URI does not exist, the module fails. | Optional | +| acme_version | The ACME version of the endpoint. Must be 1 for the classic Let's Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints. Possible values are: 1, 2. Default is 1. | Optional | +| acme_directory | The ACME directory to use. This is the entry point URL to access CA server API. For safety reasons the default is set to the Let's Encrypt staging server (for the ACME v1 protocol). This will create technically correct, but untrusted certificates. For Let's Encrypt, all staging endpoints can be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` For Let's Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. `Warning`: So far, the module has only been tested against Let's Encrypt (staging and production), Buypass (staging and production), and `Pebble testing server,https://github.com/letsencrypt/Pebble`. Default is https://acme-staging.api.letsencrypt.org/directory. | Optional | +| validate_certs | Whether calls to the ACME directory will validate TLS certificates. `Warning`: Should `only ever` be set to `no` for testing purposes, for example when testing against a local Pebble server. Possible values are: Yes, No. Default is Yes. | Optional | +| select_crypto_backend | Determines which crypto backend to use. The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library. Possible values are: auto, cryptography, openssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| ACME.AcmeCertificate.cert_days | number | The number of days the certificate remains valid. | +| ACME.AcmeCertificate.challenge_data | unknown | Per identifier / challenge type challenge data. Since Ansible 2.8.5, only challenges which are not yet valid are returned. | +| ACME.AcmeCertificate.challenge_data_dns | unknown | List of TXT values per DNS record, in case challenge is \`dns-01\`. Since Ansible 2.8.5, only challenges which are not yet valid are returned. | +| ACME.AcmeCertificate.authorizations | unknown | ACME authorization data. Maps an identifier to ACME authorization objects. See \`https://tools.ietf.org/html/rfc8555\#section-7.1.4\`. | +| ACME.AcmeCertificate.order_uri | string | ACME order URI. | +| ACME.AcmeCertificate.finalization_uri | string | ACME finalization URI. | +| ACME.AcmeCertificate.account_uri | string | ACME account URI. | +| ACME.AcmeCertificate.all_chains | unknown | When \`retrieve_all_alternates\` is set to \`yes\`, the module will query the ACME server for alternate chains. This return value will contain a list of all chains returned, the first entry being the main chain returned by the server. See \`Section 7.4.2 of RFC8555,https://tools.ietf.org/html/rfc8555\#section-7.4.2\` for details. | + + +#### Command Example +```!acme-certificate host="123.123.123.123" "account_key_src"="/etc/letsencrypt/keys/example.com.key" dest=/etc/letsencrypt/certs/test.example.com.crt csr=/etc/letsencrypt/csrs/example.com.csr acme_directory=https://acme-v02.api.letsencrypt.org/directory acme_version=2 challenge="dns-01" terms_agreed=1``` + +#### Context Example +```json +{ + "ACME": { + "AcmeCertificate": { + "account_uri": "https://acme-v02.api.letsencrypt.org/acme/acct/123456789", + "authorizations": { + "xsoar-example.example.com": { + "challenges": [ + { + "status": "pending", + "token": "UjnalQ...8OEsJw", + "type": "http-01", + "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/12345678901/4cF9Tg" + }, + { + "status": "pending", + "token": "UjnalQ...8OEsJw", + "type": "dns-01", + "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/12345678901/J6Svyw" + }, + { + "status": "pending", + "token": "UjnalQ...8OEsJw", + "type": "tls-alpn-01", + "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/12345678901/Phy50Q" + } + ], + "expires": "2021-07-13T10:05:43Z", + "identifier": { + "type": "dns", + "value": "xsoar-example.example.com" + }, + "status": "pending", + "uri": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/12345678901" + } + }, + "cert_days": -1, + "challenge_data": { + "xsoar-example.example.com": { + "dns-01": { + "record": "_acme-challenge.xsoar-example.example.com", + "resource": "_acme-challenge", + "resource_value": "aIt7...MjsnM" + }, + "http-01": { + "resource": ".well-known/acme-challenge/UjnalQ...8OEsJw", + "resource_value": "UjnalQ...8OEsJw.brMgVl5klrL6Hsd4E1YqcpXU5Mn-jVxqb5MtbbzmMjg" + }, + "tls-alpn-01": { + "resource": "xsoar-example.example.com", + "resource_original": "dns:xsoar-example.example.com", + "resource_value": "aIt7...MjsnM=" + } + } + }, + "challenge_data_dns": { + "_acme-challenge.xsoar-example.example.com": [ + "aIt7...MjsnM" + ] + }, + "changed": true, + "finalize_uri": "https://acme-v02.api.letsencrypt.org/acme/finalize/123456789/12345678901", + "host": "123.123.123.123", + "order_uri": "https://acme-v02.api.letsencrypt.org/acme/order/123456789/12345678901", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * account_uri: https://acme-v02.api.letsencrypt.org/acme/acct/123456789 +> * cert_days: -1 +> * changed: True +> * finalize_uri: https://acme-v02.api.letsencrypt.org/acme/finalize/123456789/12345678901 +> * order_uri: https://acme-v02.api.letsencrypt.org/acme/order/123456789/12345678901 +> * ## Authorizations +> * ### xsoar-example.example.Com +> * expires: 2021-07-13T10:05:43Z +> * status: pending +> * uri: https://acme-v02.api.letsencrypt.org/acme/authz-v3/12345678901 +> * #### Challenges +> * #### List +> * status: pending +> * token: UjnalQ...8OEsJw +> * type: http-01 +> * url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/12345678901/4cF9Tg +> * #### List +> * status: pending +> * token: UjnalQ...8OEsJw +> * type: dns-01 +> * url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/12345678901/J6Svyw +> * #### List +> * status: pending +> * token: UjnalQ...8OEsJw +> * type: tls-alpn-01 +> * url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/12345678901/Phy50Q +> * #### Identifier +> * type: dns +> * value: xsoar-example.example.com +> * ## Challenge_Data +> * ### xsoar-example.example.Com +> * #### Dns-01 +> * record: _acme-challenge.xsoar-example.example.com +> * resource: _acme-challenge +> * resource_value: aIt7...MjsnM +> * #### Http-01 +> * resource: .well-known/acme-challenge/UjnalQ...8OEsJw +> * resource_value: UjnalQ...8OEsJw.brMgVl5klrL6Hsd4E1YqcpXU5Mn-jVxqb5MtbbzmMjg +> * #### Tls-Alpn-01 +> * resource: xsoar-example.example.com +> * resource_original: dns:xsoar-example.example.com +> * resource_value: aIt7...MjsnM= +> * ## Challenge_Data_Dns +> * ### _Acme-Challenge.xsoar-example.example.Com +> * 0: aIt7...MjsnM + + +### acme-certificate-revoke +*** +Revoke certificates with the ACME protocol +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acme_certificate_revoke_module.html + + +#### Base Command + +`acme-certificate-revoke` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| certificate | Path to the certificate to revoke. | Required | +| account_key_src | Path to a file containing the ACME account RSA or Elliptic Curve key. RSA keys can be created with `openssl rsa ...`. Elliptic curve keys can be created with `openssl ecparam -genkey ...`. Any other tool creating private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. Required if `account_key_content` is not used. | Optional | +| account_key_content | Content of the ACME account RSA or Elliptic Curve key.
Note that exactly one of `account_key_src`, `account_key_content`, `private_key_src` or `private_key_content` must be specified.
`Warning`: the content will be written into a temporary file, which will be deleted by Ansible when the module completes. Since this is an important private key — it can be used to change the account key, or to revoke your certificates without knowing their private keys —, this might not be acceptable.
In case `cryptography` is used, the content is not written into a temporary file. It can still happen that it is written to disk by Ansible in the process of moving the module with its argument to the node where it is executed. | Optional | +| private_key_src | Path to the certificate's private key. Note that exactly one of `account_key_src`, `account_key_content`, `private_key_src` or `private_key_content` must be specified. | Optional | +| private_key_content | Content of the certificate's private key.
Note that exactly one of `account_key_src`, `account_key_content`, `private_key_src` or `private_key_content` must be specified.
`Warning`: the content will be written into a temporary file, which will be deleted by Ansible when the module completes. Since this is an important private key — it can be used to change the account key, or to revoke your certificates without knowing their private keys —, this might not be acceptable.
In case `cryptography` is used, the content is not written into a temporary file. It can still happen that it is written to disk by Ansible in the process of moving the module with its argument to the node where it is executed. | Optional | +| revoke_reason | One of the revocation reasonCodes defined in `Section 5.3.1 of RFC5280,https://tools.ietf.org/html/rfc5280#section-5.3.1`. Possible values are `0` (unspecified), `1` (keyCompromise), `2` (cACompromise), `3` (affiliationChanged), `4` (superseded), `5` (cessationOfOperation), `6` (certificateHold), `8` (removeFromCRL), `9` (privilegeWithdrawn), `10` (aACompromise). | Optional | +| account_uri | If specified, assumes that the account URI is as given. If the account key does not match this account, or an account with this URI does not exist, the module fails. | Optional | +| acme_version | The ACME version of the endpoint. Must be 1 for the classic Let's Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints. Possible values are: 1, 2. Default is 1. | Optional | +| acme_directory | The ACME directory to use. This is the entry point URL to access CA server API. For safety reasons the default is set to the Let's Encrypt staging server (for the ACME v1 protocol). This will create technically correct, but untrusted certificates. For Let's Encrypt, all staging endpoints can be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` For Let's Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. `Warning`: So far, the module has only been tested against Let's Encrypt (staging and production), Buypass (staging and production), and `Pebble testing server,https://github.com/letsencrypt/Pebble`. Default is https://acme-staging.api.letsencrypt.org/directory. | Optional | +| validate_certs | Whether calls to the ACME directory will validate TLS certificates. `Warning`: Should `only ever` be set to `no` for testing purposes, for example when testing against a local Pebble server. Possible values are: Yes, No. Default is Yes. | Optional | +| select_crypto_backend | Determines which crypto backend to use. The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library. Possible values are: auto, cryptography, openssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +### acme-challenge-cert-helper +*** +Prepare certificates required for ACME challenges such as C(tls-alpn-01) +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acme_challenge_cert_helper_module.html + + +#### Base Command + +`acme-challenge-cert-helper` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| challenge | The challenge type. Possible values are: tls-alpn-01. | Required | +| challenge_data | The `challenge_data` entry provided by `acme_certificate` for the challenge. | Required | +| private_key_src | Path to a file containing the private key file to use for this challenge certificate. Mutually exclusive with `private_key_content`. | Optional | +| private_key_content | Content of the private key to use for this challenge certificate. Mutually exclusive with `private_key_src`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| ACME.AcmeChallengeCertHelper.domain | string | The domain the challenge is for. The certificate should be provided if this is specified in the request's the \`Host\` header. | +| ACME.AcmeChallengeCertHelper.identifier_type | string | The identifier type for the actual resource identifier. Will be \`dns\` or \`ip\`. | +| ACME.AcmeChallengeCertHelper.identifier | string | The identifier for the actual resource. Will be a domain name if the type is \`dns\`, or an IP address if the type is \`ip\`. | +| ACME.AcmeChallengeCertHelper.challenge_certificate | string | The challenge certificate in PEM format. | +| ACME.AcmeChallengeCertHelper.regular_certificate | string | A self-signed certificate for the challenge domain. If no existing certificate exists, can be used to set-up https in the first place if that is needed for providing the challenge. | + +### acme-inspect +*** +Send direct requests to an ACME server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acme_inspect_module.html + + +#### Base Command + +`acme-inspect` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| url | The URL to send the request to. Must be specified if `method` is not `directory-only`. | Optional | +| method | The method to use to access the given URL on the ACME server. The value `post` executes an authenticated POST request. The content must be specified in the `content` option. The value `get` executes an authenticated POST-as-GET request for ACME v2, and a regular GET request for ACME v1. The value `directory-only` only retrieves the directory, without doing a request. Possible values are: get, post, directory-only. Default is get. | Optional | +| content | An encoded JSON object which will be sent as the content if `method` is `post`. Required when `method` is `post`, and not allowed otherwise. | Optional | +| fail_on_acme_error | If `method` is `post` or `get`, make the module fail in case an ACME error is returned. Possible values are: Yes, No. Default is Yes. | Optional | +| account_key_src | Path to a file containing the ACME account RSA or Elliptic Curve key. RSA keys can be created with `openssl genrsa ...`. Elliptic curve keys can be created with `openssl ecparam -genkey ...`. Any other tool creating private keys in PEM format can be used as well. Mutually exclusive with `account_key_content`. Required if `account_key_content` is not used. | Optional | +| account_key_content | Content of the ACME account RSA or Elliptic Curve key.
Mutually exclusive with `account_key_src`.
Required if `account_key_src` is not used.
`Warning`: the content will be written into a temporary file, which will be deleted by Ansible when the module completes. Since this is an important private key — it can be used to change the account key, or to revoke your certificates without knowing their private keys —, this might not be acceptable.
In case `cryptography` is used, the content is not written into a temporary file. It can still happen that it is written to disk by Ansible in the process of moving the module with its argument to the node where it is executed. | Optional | +| account_uri | If specified, assumes that the account URI is as given. If the account key does not match this account, or an account with this URI does not exist, the module fails. | Optional | +| acme_version | The ACME version of the endpoint. Must be 1 for the classic Let's Encrypt and Buypass ACME endpoints, or 2 for standardized ACME v2 endpoints. Possible values are: 1, 2. Default is 1. | Optional | +| acme_directory | The ACME directory to use. This is the entry point URL to access CA server API. For safety reasons the default is set to the Let's Encrypt staging server (for the ACME v1 protocol). This will create technically correct, but untrusted certificates. For Let's Encrypt, all staging endpoints can be found here: `https://letsencrypt.org/docs/staging-environment/`. For Buypass, all endpoints can be found here: `https://community.buypass.com/t/63d4ay/buypass-go-ssl-endpoints` For Let's Encrypt, the production directory URL for ACME v1 is `https://acme-v01.api.letsencrypt.org/directory`, and the production directory URL for ACME v2 is `https://acme-v02.api.letsencrypt.org/directory`. For Buypass, the production directory URL for ACME v2 and v1 is `https://api.buypass.com/acme/directory`. `Warning`: So far, the module has only been tested against Let's Encrypt (staging and production), Buypass (staging and production), and `Pebble testing server,https://github.com/letsencrypt/Pebble`. Default is https://acme-staging.api.letsencrypt.org/directory. | Optional | +| validate_certs | Whether calls to the ACME directory will validate TLS certificates. `Warning`: Should `only ever` be set to `no` for testing purposes, for example when testing against a local Pebble server. Possible values are: Yes, No. Default is Yes. | Optional | +| select_crypto_backend | Determines which crypto backend to use. The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `openssl`. If set to `openssl`, will try to use the `openssl` binary. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library. Possible values are: auto, cryptography, openssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| ACME.AcmeInspect.directory | unknown | The ACME directory's content | +| ACME.AcmeInspect.headers | unknown | The request's HTTP headers \(with lowercase keys\) | +| ACME.AcmeInspect.output_text | string | The raw text output | +| ACME.AcmeInspect.output_json | unknown | The output parsed as JSON | + + +#### Command Example +```!acme-inspect host="123.123.123.123" acme_directory="https://acme-staging-v02.api.letsencrypt.org/directory" acme_version="2" method="directory-only" ``` + +#### Context Example +```json +{ + "ACME": { + "AcmeInspect": { + "changed": false, + "directory": { + "d3x8YeEROW0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", + "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", + "meta": { + "caaIdentities": [ + "letsencrypt.org" + ], + "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", + "website": "https://letsencrypt.org/docs/staging-environment/" + }, + "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", + "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", + "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", + "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" + }, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Directory +> * d3x8YeEROW0: https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417 +> * keyChange: https://acme-staging-v02.api.letsencrypt.org/acme/key-change +> * newAccount: https://acme-staging-v02.api.letsencrypt.org/acme/new-acct +> * newNonce: https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce +> * newOrder: https://acme-staging-v02.api.letsencrypt.org/acme/new-order +> * revokeCert: https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert +> * ### Meta +> * termsOfService: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf +> * website: https://letsencrypt.org/docs/staging-environment/ +> * #### Caaidentities +> * 0: letsencrypt.org + diff --git a/Packs/AnsibleLinux/Integrations/AnsibleACME/command_examples b/Packs/AnsibleLinux/Integrations/AnsibleACME/command_examples new file mode 100644 index 000000000000..55d2c44be1bc --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleACME/command_examples @@ -0,0 +1,6 @@ +!acme-account host="123.123.123.123" account_key_src="/etc/letsencrypt/keys/example.com.key" state="present" terms_agreed="True" contact="mailto:user@example.com" acme_version=2 acme_directory=https://acme-staging-v02.api.letsencrypt.org/directory +!acme-account-info host="123.123.123.123" account_key_src="/etc/letsencrypt/keys/example.com.key" acme_version=2 acme_directory=https://acme-staging-v02.api.letsencrypt.org/directory +!acme-inspect host="123.123.123.123" acme_directory="https://acme-staging-v02.api.letsencrypt.org/directory" acme_version="2" method="directory-only" +!acme-certificate host="123.123.123.123" account_key_src="/etc/letsencrypt/keys/example.com.key" dest=/etc/letsencrypt/certs/test.example.com.crt csr=/etc/letsencrypt/csrs/example.com.csr acme_directory=https://acme-v02.api.letsencrypt.org/directory acme_version=2 challenge="dns-01" terms_agreed=1 +!acme-challenge-cert-helper host="123.123.123.123" account_key_src="/etc/letsencrypt/keys/example.com.key" csr=/etc/letsencrypt/csrs/example.com.csr dest=/etc/letsencrypt/certs/test.example.com.crt challenge="tls-alpn-01" challenge_data="aIt7p...snM=" private_key_src="/etc/letsencrypt/csrs/example.com.key" +!acme-certificate-revoke host="123.123.123.123" certificate="/etc/letsencrypt/certs/test.example.com.crt" acme_version="2" acme_directory="https://acme-staging-v02.api.letsencrypt.org/directory" account_key_src="/etc/letsencrypt/keys/example.com.key" \ No newline at end of file diff --git a/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.py b/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.py new file mode 100644 index 000000000000..6ed0a82c0f3f --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.py @@ -0,0 +1,52 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'local' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + creds_mapping = { + "identifier": "key_name", + "password": "key_secret" + } + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + return_results('This integration does not support testing from this screen. \ + Please refer to the documentation for details on how to perform \ + configuration tests.') + elif command == 'dns-nsupdate': + return_results(generic_ansible('DNS', 'nsupdate', args, int_params, host_type, creds_mapping)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.yml b/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.yml new file mode 100644 index 000000000000..6f683ef57c7a --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS.yml @@ -0,0 +1,110 @@ +category: IT Services +commonfields: + id: AnsibleDNS + version: -1 +configuration: +- additionalinfo: DNS Server Address + display: Server Address + name: server + required: true + type: 0 +- additionalinfo: Use this port when connecting to the Server + display: DNS Server Port + name: port + required: true + type: 0 + defaultvalue: '53' +- additionalinfo: Use TSIG key name to authenticate against DNS `server' + display: TSIG Key Name + displaypassword: TSIG Key Secret + name: creds + required: true + type: 9 +- additionalinfo: Specify key algorithm used by TSIG Key Secret + defaultvalue: 'hmac-md5' + display: Key Algorithm + name: key_algorithm + required: true + type: 15 + options: + - HMAC-MD5.SIG-ALG.REG.INT + - hmac-md5 + - hmac-sha1 + - hmac-sha224 + - hmac-sha256 + - hmac-sha384 + - hmac-sha512 +- additionalinfo: Sets the transport protocol (TCP or UDP). TCP is the recommended + and a more robust option. + defaultvalue: 'tcp' + display: Protocol + name: protocol + required: true + type: 15 + options: + - tcp + - udp +description: Manage DNS records using NSUpdate +display: Ansible DNS +fromversion: 6.0.0 +name: AnsibleDNS +script: + commands: + - arguments: + - auto: PREDEFINED + defaultValue: present + description: Manage DNS record. + name: state + predefined: + - present + - absent + - description: 'DNS record will be modified on this `zone`. When omitted DNS will + be queried to attempt finding the correct zone. Starting with Ansible 2.7 + this parameter is optional.' + name: zone + - description: Sets the DNS record to modify. When zone is omitted this has to + be absolute (ending with a dot). + name: record + required: true + - defaultValue: A + description: Sets the record type. + name: type + - defaultValue: '3600' + description: Sets the record TTL. + name: ttl + - description: Sets the record value. + name: value + description: "Manage DNS records.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nsupdate_module.html" + name: dns-nsupdate + outputs: + - contextPath: DNS.Nsupdate.changed + description: If module has modified record + type: string + - contextPath: DNS.Nsupdate.record + description: DNS record + type: string + - contextPath: DNS.Nsupdate.ttl + description: DNS record TTL + type: number + - contextPath: DNS.Nsupdate.type + description: DNS record type + type: string + - contextPath: DNS.Nsupdate.value + description: DNS record value(s) + type: unknown + - contextPath: DNS.Nsupdate.zone + description: DNS record zone + type: string + - contextPath: DNS.Nsupdate.dns_rc + description: dnspython return code + type: number + - contextPath: DNS.Nsupdate.dns_rc_str + description: dnspython return code (string representation) + type: string + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS_description.md b/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS_description.md new file mode 100644 index 000000000000..2310824f2727 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS_description.md @@ -0,0 +1,35 @@ +# Ansible DNS + +This integration enables the management of DNS Records directly from XSOAR using Dynamic DNS Updates from the NSUpdate Ansible Module. + +# Requirements +The DNS master server being managed must be configured to accept Dynamic DNS updates using Transaction signatures as described in RFC2845. + +## Network Requirements +By default, TCP port 53 will be used to initiate a connection to the server. However UDP and other ports are supported. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. + +## Credentials + +A TSIG shared secret must be provided during instance configuration. Supported key algorithms are: + +* HMAC-MD5.SIG-ALG.REG.INT +* hmac-md5 +* hmac-sha1 +* hmac-sha224 +* hmac-sha256 +* hmac-sha384 +* hmac-sha512 + +## Server Configuration Instructions +The following articles describe how to configure TSIG on popular DNS servers/services: +* [BIND9](https://bind9.readthedocs.io/en/v9_16_5/advanced.html#tsig) +* [PowerDNS](https://doc.powerdns.com/authoritative/tsig.html) +* [InfoBlox](https://docs.infoblox.com/display/BloxOneDDI/Configuring+TSIG+Keys) + +Note: Microsoft Window DNS Server utilizes the GSS-TSIG protocol which is unsupported by this integration. + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!dns-nsupdate`command providing an non-existent record to remove using the command argument `state=absent`. As an example `!dns-nsupdate state="absent" record="something-none-existent.example.com."`. This command will connect to the dns server with the configured credentials in the integration, and if successful output that it ran successfully, but changed nothing. diff --git a/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS_image.png b/Packs/AnsibleLinux/Integrations/AnsibleDNS/AnsibleDNS_image.png new file mode 100644 index 0000000000000000000000000000000000000000..4a9aeca8027a9f576af5e426438c5b5ef2cc2e81 GIT binary patch literal 4149 zcmV-55X$d~P)P@q78w*!u}!0BhK z9;;*CI1zBuEDBL~MaG~3`_-aX_H9|yGSc-H=$jESaAJOCsX05Bw2v}iUT~b@fHA$K z8=wIhA(}uur^HX=S$lNn*4kYicMFULM`K`4FRwg3z?Or0p`%O!I3#)It<{Lf0N$E9 z_SFV#+!&5Rp8|a_ECV06=!-MF`hQhmaYPm$tr8wSe$Ddf;b>_8Y`@MweJtIckF9qOz6NXdRDled9p%&RE&5!OI?4I{cy)X7Y3 zW04F0w4;9gfl;jI9YJ0OKIwwxMJ+9{dnmk^9C^?CNX%e>)<;<^-nq4Q|7h3umy8US zVb-kG@z%EJP72-<;{pH)g0d(RFzoT;MIjc%y z5?-Y6q^`7%wb496AfrKzZr*&>1(yL)OgDVT%*^kGkIrg-wtB~KWxP}AcZ!aQuK@X1 z9am-{=uRM9YpQe1$pTYd?}LA{&%)k9FuR?UGriMO3_Q=&p29FAR%BEP(SIIJ*>^g9 zj^M=n%2Lw5#3(8Q0QGhNF(y;>)xYjpHc`Ivb0pUHT%WCDn^Ti&Ecqf(rC78&LVcB= za@O(*@px<#h4Y7_sQ3O&#N@O+^|jlFTDCN~@>32ru(L**sqG`=x8ufVe!YEDUHZr@ zCoEb$=FM>MGs43IBN$V=8*A?EOXTt8Uz(gj_DWI>0L<|7=EmCkBV}f_<#aR726b#c z?J*My?fzX2HLnepx6f%-BE8fQB|3ze!RZ~T`gOlflvkb&+IOhfkuHucOJ&F0p3noI zBcfBfEBE$Ba9WKsnq1k~in~=?KEhQqDRt!2rIYBOx?`9K7-c0ykuq$xn(>w?Ve zYo8rO(HK>|7Qo7UI-ys4pjDtdcCdUD!eDl=E%tI*dF9ue8^_-RRB6}!bl6`)iLC_~ z>y{lXlrE_F)9%f+TaT3IwY`*4RMTUktOL+(;L`FH=Nhwr}Db2$l!)nLeAPSd#c~<+wb1;jm7@ z<-G$SNJq}3;?6{}W%ZHw!(sh9@<()VxCL09uXO+biDboDPUL~e@jV#D9ZJp!o|bJp z0npPR-TD&H69GVI4_XL+r$ke{NL~a0BewTCG*TRM$hA${(|+i+vf}X%c<;{_=e`R7 z3^*0+=xj4Ul*?0_*FAg8!c`{={M?j3^x(e6n%fh}6{i9C?2)>OaXQ-dO!OE9L&Xqw zneqG5c`(v3Jk=3$iUoXFB2Mb;87IJ3rYBc!X=Y#^D=w7jgm_2TA6+@Gf!gv!_8 zFyXLXFa&!ZVowkpFicATAuun8GsnQ)ol0F*C#&4 z^5xUa!czo~70Lbxz)~^X1Lhi-5yXrOaWn=FE|uC`ePdtuO3PQg+k*TT9Z&15kp{aF zz~dOmL1ZLq{$Hk^v+A*Y&bp_bvueCbm@8c_kih^v+#Ho$G}1BnoN0x?oFmgB@_3^? znpjZz0av7|<1%Brrljqg>e4ZfPpjdFor+R|e7>x_Wj&TGkuGN?RunA(cs4p6J2lI0 zd+)X&jEzCSIFbNmDwZq}Q{*@}o!SwmXO3L+d$YT7-79o@9n5#HyFoGMn1!oO>MOsg zJ>|{z1Avq0)X4d3@~I~t3q?>IUTO%!@Z@M5u;dt6E!V&R;3A$*vBwXodpVmf`u+6e z!Rx#3?c7@1K6PKorxkiP03f1+^2)@{pF6bJN0MumtA0W9q|DGfnPo*xnlZYb)?&~ z88Ni?Of%>i7=<@%a;Ip+yZXyaG8O^TK)`%hlSo$hR734;0BqZ~s?4let3S1GYKsYQ zIUI^y2*(204FJKU$y76uv$#1|oocAL1)bAgs-gN}01pFTS+a5=U^n!uvD2yj-WwqZ zJP%-I*QJ5)?k}%OdM$L!RS|f+M4ZIHuL1bI^S+42&AMO|qkx-_w1*AG5)I9X-~x(ghXs66F;)lr3CwZ=gL&azbv6o%*R1<=ePnV@UP9 zB<+~~vhJz>cB@nSO4oG|`NwGsD&9A61y$;x-|!ZC>=q&s$HhXaBXRqYKOz1Nu%|q^?WwYFV>ufu`~Skjdq;!GPu0PU`xjz}U| z`5}RB5|Nt;cS!{1wb>s{XwW0B2iyWpd40lt7VJ3yh=}5d{KjAhBux$L9;e8aW`4K9 z@{I6B;v_oN6F*KYsQf@aC2|$lkoWKh0EZ~9hPBfdTz`C5THM=~0Cxbi?nX++)XW)S zk94KYm{(D(2z7MP#Jua%kR6JC!@&fTdR>!m43vM{wyKO0Up82_qkOm^vFo_M9;}|- z^)>fO+|M$@QdPT2E!3!?$1l{V+B#Evwr9Br94mq~$YagUjbw>51O2bVeF_myRdW{t zxE1Ia#fb%<-vK%N5YuH0luSCU-JwPwlerPXsY9tt1*86!2Mx1(cb&aDSef08HBTnW zD;}iqVj_|t;bx=!!(b;YyZ-yOeE|NW^VcUQU9h~Utu4A6luvYPM1T4*$rWXL8`d=q zBtK^aJHbnX=+rkRvwL2WF4qu&ZDp-fx(_I5Iumq5iU84MR8N%3=2xB&7`nY?^9T%< zPoG$j=t~~f4ge9|ED5~aEZ^z3f3|O`OT&0i&oshOESlC|nJ)U6qVeOyV_pqW!!Ro9QKcVu?7}bfIMK?&f^#aI z+1e65=|sBknVAv1b=$V8K4as3LE#z;wv58WKxgL1o_pO?WQt~jGT;a|^`eyX6{zgl zTNbQ&Pr7B$r6Wgy31j`sZ?wd=M~?3qtngcn57=KUu`Nd`kK9oWW`MczBSN?0Gb~2LDGH%_<;>fp#YFxN3uZ~$t~FOy+Iw$ zoFTM*Q(an!2k>Y3If*#;$g7PvzkW0_NU~$y@A^docBFP@F%O@C+8yblqQ%1rAI7ry zff)v#)~VKUiqun=++T-g9mX}l0(=I_Z#J>ywtRHya|%(F4WwQ_P{84>#ykR?<<+R1 zvJ8*G&~LD!12Kag5aaKN*h9^YYk!3!9`f{{n4j^_iS1F$3$|)J%qakqYxh*G6n;6 zQ>vl%`Qa3A-n{Orkx=9HCvJHIz~X%JrW&fB1n^{k_nR8mZ3ghSBcazo^y}sL5WC5n z?Hz3e^1*^XB#vLfpW(9c=T5&~-o7nsb|n_9{1PO5f2e!a5yfB-w`SKfHN)DzU48Y{ z3GeMDzz(STo1Js-Gvi`FHk#>V5uu3vCInl0*Ijqsc*T{Uyonapn#qMC(xj^60Upp8 zUmNS(jyE&m3lmGm)*L+8zRdgf`=Thm>aM%){OYo0SKUC`!+|_Ol;e$;2b0fj`L%`=rrI|bg;A2Llp?H);%#3?TJx7)GBA5x-0_S+ES6nX8seyc0 z6te)7ILB|^amO74o<9%x>T4=0`S&tyJ&(ZB;dJg%W3Zsw5D)m~a7Cnn5+U}|_=HI8 zld3kaeSGn<;zR8}6!Lk6&Q;|LFwR}JY}u(WoM|E#!DNn^{+?o2!0?|?JCyc*r%*oD z+S=M|hO?cEA27q&S6p%RX+}L8#u71}Xv8Zt%m%O_8%4ha05Mr=VvmL3CIfo1s?=G8 zlmrt%{z%$1qx}tmCIHP6+399>rX#Yv{#Jo z6Gm+^v&CHp07h;AvGj0IfX{p5`vCwB7eVZQA-0r;9RQ~rkwWL2KqO=F5ITb<_R|h| z{$c=d&f>@-268fB?^3Z86o<_01OWSJG@3*try5ZWouWqL&q`(n^9 z7IxIHKT!Ii>la%(`UxG*8cN3wA2S7Bj-VfZZOfWnM6KWeb_n0WmD zbUJ&L3HBq{0io?Rlj8tuHM92z*g*iVC~dna=ZkQIno$*V7+ISI+!u?0wUjSuCLh$0A=ONr-AXUQ}&I2Pgi6pQC@ky2-f$OWEMPr4$&pM8`r&( zuYLvkCU55{^=$R-A~*3u3%1t#e!gfpO3W;)h97#L{b0ekBg2rq;~n)?Z#HkP`J!{t zN6hqRuo2j{m>JB>TiB+=CsGY1SM7hU?%+|&EdXG6Cj@A2sD38O;)7~>saJj85OPnB z@ **Integrations** > **Servers & Services**. +2. Search for Ansible DNS. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Server Address | DNS Server Address | True | + | DNS Server Port | Use this port when connecting to the Server | True | + | TSIG Key Name | Use TSIG key name to authenticate against DNS \`server' | True | + | TSIG Key Secret | Use TSIG key secret, associated with \`key_name', to authenticate against \`server' | True | + | Key Algorithm | Specify key algorithm used by TSIG Key Secret | True | + | Protocol | Sets the transport protocol \(TCP or UDP\). TCP is the recommended and a more robust option. | True | + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!dns-nsupdate`command providing an non-existent record to remove using the command argument `state=absent`. As an example `!dns-nsupdate state="absent" record="something-none-existent.example.com."`. This command will connect to the dns server with the configured credentials in the integration, and if successful output that it ran successfully, but changed nothing. + +# Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +# State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### dns-nsupdate +*** +Manage DNS records. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/nsupdate_module.html + + +#### Base Command + +`dns-nsupdate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Manage DNS record. Possible values are: present, absent. Default is present. | Optional | +| zone | DNS record will be modified on this `zone`. When omitted DNS will be queried to attempt finding the correct zone. Starting with Ansible 2.7 this parameter is optional. | Optional | +| record | Sets the DNS record to modify. When zone is omitted this has to be absolute (ending with a dot). | Required | +| type | Sets the record type. Default is A. | Optional | +| ttl | Sets the record TTL. Default is 3600. | Optional | +| value | Sets the record value. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| DNS.Nsupdate.changed | string | If module has modified record | +| DNS.Nsupdate.record | string | DNS record | +| DNS.Nsupdate.ttl | number | DNS record TTL | +| DNS.Nsupdate.type | string | DNS record type | +| DNS.Nsupdate.value | unknown | DNS record value\(s\) | +| DNS.Nsupdate.zone | string | DNS record zone | +| DNS.Nsupdate.dns_rc | number | dnspython return code | +| DNS.Nsupdate.dns_rc_str | string | dnspython return code \(string representation\) | + + +#### Command Example +```!dns-nsupdate record=test.example.com. value=123.123.123.123``` + +#### Context Example +```json +{ + "DNS": { + "Nsupdate": [ + { + "changed": true, + "dns_rc": 0, + "dns_rc_str": "NOERROR", + "record": { + "record": "test.example.com.", + "ttl": 3600, + "type": "A", + "value": [ + "123.123.123.123" + ], + "zone": "example.com." + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * dns_rc: 0 +> * dns_rc_str: NOERROR +> * ## Record +> * record: test.example.com. +> * ttl: 3600 +> * type: A +> * zone: example.com. +> * ### Value +> * 0: 123.123.123.123 + diff --git a/Packs/AnsibleLinux/Integrations/AnsibleDNS/command_examples b/Packs/AnsibleLinux/Integrations/AnsibleDNS/command_examples new file mode 100644 index 000000000000..3436682111be --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleDNS/command_examples @@ -0,0 +1 @@ +!dns-nsupdate record=test.example.com. value=123.123.123.123 \ No newline at end of file diff --git a/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.py b/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.py new file mode 100644 index 000000000000..d41d8cd1948f --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.py @@ -0,0 +1,260 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'ssh' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + return_results('This integration does not support testing from this screen. \ + Please refer to the documentation for details on how to perform \ + configuration tests.') + elif command == 'linux-alternatives': + return_results(generic_ansible('Linux', 'alternatives', args, int_params, host_type)) + elif command == 'linux-at': + return_results(generic_ansible('Linux', 'at', args, int_params, host_type)) + elif command == 'linux-authorized-key': + return_results(generic_ansible('Linux', 'authorized_key', args, int_params, host_type)) + elif command == 'linux-capabilities': + return_results(generic_ansible('Linux', 'capabilities', args, int_params, host_type)) + elif command == 'linux-cron': + return_results(generic_ansible('Linux', 'cron', args, int_params, host_type)) + elif command == 'linux-cronvar': + return_results(generic_ansible('Linux', 'cronvar', args, int_params, host_type)) + elif command == 'linux-dconf': + return_results(generic_ansible('Linux', 'dconf', args, int_params, host_type)) + elif command == 'linux-debconf': + return_results(generic_ansible('Linux', 'debconf', args, int_params, host_type)) + elif command == 'linux-filesystem': + return_results(generic_ansible('Linux', 'filesystem', args, int_params, host_type)) + elif command == 'linux-firewalld': + return_results(generic_ansible('Linux', 'firewalld', args, int_params, host_type)) + elif command == 'linux-gather-facts': + return_results(generic_ansible('Linux', 'gather_facts', args, int_params, host_type)) + elif command == 'linux-gconftool2': + return_results(generic_ansible('Linux', 'gconftool2', args, int_params, host_type)) + elif command == 'linux-getent': + return_results(generic_ansible('Linux', 'getent', args, int_params, host_type)) + elif command == 'linux-group': + return_results(generic_ansible('Linux', 'group', args, int_params, host_type)) + elif command == 'linux-hostname': + return_results(generic_ansible('Linux', 'hostname', args, int_params, host_type)) + elif command == 'linux-interfaces-file': + return_results(generic_ansible('Linux', 'interfaces_file', args, int_params, host_type)) + elif command == 'linux-iptables': + return_results(generic_ansible('Linux', 'iptables', args, int_params, host_type)) + elif command == 'linux-java-cert': + return_results(generic_ansible('Linux', 'java_cert', args, int_params, host_type)) + elif command == 'linux-java-keystore': + return_results(generic_ansible('Linux', 'java_keystore', args, int_params, host_type)) + elif command == 'linux-kernel-blacklist': + return_results(generic_ansible('Linux', 'kernel_blacklist', args, int_params, host_type)) + elif command == 'linux-known-hosts': + return_results(generic_ansible('Linux', 'known_hosts', args, int_params, host_type)) + elif command == 'linux-listen-ports-facts': + return_results(generic_ansible('Linux', 'listen_ports_facts', args, int_params, host_type)) + elif command == 'linux-locale-gen': + return_results(generic_ansible('Linux', 'locale_gen', args, int_params, host_type)) + elif command == 'linux-modprobe': + return_results(generic_ansible('Linux', 'modprobe', args, int_params, host_type)) + elif command == 'linux-mount': + return_results(generic_ansible('Linux', 'mount', args, int_params, host_type)) + elif command == 'linux-open-iscsi': + return_results(generic_ansible('Linux', 'open_iscsi', args, int_params, host_type)) + elif command == 'linux-pam-limits': + return_results(generic_ansible('Linux', 'pam_limits', args, int_params, host_type)) + elif command == 'linux-pamd': + return_results(generic_ansible('Linux', 'pamd', args, int_params, host_type)) + elif command == 'linux-parted': + return_results(generic_ansible('Linux', 'parted', args, int_params, host_type)) + elif command == 'linux-pids': + return_results(generic_ansible('Linux', 'pids', args, int_params, host_type)) + elif command == 'linux-ping': + return_results(generic_ansible('Linux', 'ping', args, int_params, host_type)) + elif command == 'linux-python-requirements-info': + return_results(generic_ansible('Linux', 'python_requirements_info', args, int_params, host_type)) + elif command == 'linux-reboot': + return_results(generic_ansible('Linux', 'reboot', args, int_params, host_type)) + elif command == 'linux-seboolean': + return_results(generic_ansible('Linux', 'seboolean', args, int_params, host_type)) + elif command == 'linux-sefcontext': + return_results(generic_ansible('Linux', 'sefcontext', args, int_params, host_type)) + elif command == 'linux-selinux': + return_results(generic_ansible('Linux', 'selinux', args, int_params, host_type)) + elif command == 'linux-selinux-permissive': + return_results(generic_ansible('Linux', 'selinux_permissive', args, int_params, host_type)) + elif command == 'linux-selogin': + return_results(generic_ansible('Linux', 'selogin', args, int_params, host_type)) + elif command == 'linux-seport': + return_results(generic_ansible('Linux', 'seport', args, int_params, host_type)) + elif command == 'linux-service': + return_results(generic_ansible('Linux', 'service', args, int_params, host_type)) + elif command == 'linux-service-facts': + return_results(generic_ansible('Linux', 'service_facts', args, int_params, host_type)) + elif command == 'linux-setup': + return_results(generic_ansible('Linux', 'setup', args, int_params, host_type)) + elif command == 'linux-sysctl': + return_results(generic_ansible('Linux', 'sysctl', args, int_params, host_type)) + elif command == 'linux-systemd': + return_results(generic_ansible('Linux', 'systemd', args, int_params, host_type)) + elif command == 'linux-sysvinit': + return_results(generic_ansible('Linux', 'sysvinit', args, int_params, host_type)) + elif command == 'linux-timezone': + return_results(generic_ansible('Linux', 'timezone', args, int_params, host_type)) + elif command == 'linux-ufw': + return_results(generic_ansible('Linux', 'ufw', args, int_params, host_type)) + elif command == 'linux-user': + return_results(generic_ansible('Linux', 'user', args, int_params, host_type)) + elif command == 'linux-xfs-quota': + return_results(generic_ansible('Linux', 'xfs_quota', args, int_params, host_type)) + elif command == 'linux-htpasswd': + return_results(generic_ansible('Linux', 'htpasswd', args, int_params, host_type)) + elif command == 'linux-supervisorctl': + return_results(generic_ansible('Linux', 'supervisorctl', args, int_params, host_type)) + elif command == 'linux-openssh-cert': + return_results(generic_ansible('Linux', 'openssh_cert', args, int_params, host_type)) + elif command == 'linux-openssh-keypair': + return_results(generic_ansible('Linux', 'openssh_keypair', args, int_params, host_type)) + elif command == 'linux-acl': + return_results(generic_ansible('Linux', 'acl', args, int_params, host_type)) + elif command == 'linux-archive': + return_results(generic_ansible('Linux', 'archive', args, int_params, host_type)) + elif command == 'linux-assemble': + return_results(generic_ansible('Linux', 'assemble', args, int_params, host_type)) + elif command == 'linux-blockinfile': + return_results(generic_ansible('Linux', 'blockinfile', args, int_params, host_type)) + elif command == 'linux-file': + return_results(generic_ansible('Linux', 'file', args, int_params, host_type)) + elif command == 'linux-find': + return_results(generic_ansible('Linux', 'find', args, int_params, host_type)) + elif command == 'linux-ini-file': + return_results(generic_ansible('Linux', 'ini_file', args, int_params, host_type)) + elif command == 'linux-iso-extract': + return_results(generic_ansible('Linux', 'iso_extract', args, int_params, host_type)) + elif command == 'linux-lineinfile': + return_results(generic_ansible('Linux', 'lineinfile', args, int_params, host_type)) + elif command == 'linux-replace': + return_results(generic_ansible('Linux', 'replace', args, int_params, host_type)) + elif command == 'linux-stat': + return_results(generic_ansible('Linux', 'stat', args, int_params, host_type)) + elif command == 'linux-synchronize': + return_results(generic_ansible('Linux', 'synchronize', args, int_params, host_type)) + elif command == 'linux-tempfile': + return_results(generic_ansible('Linux', 'tempfile', args, int_params, host_type)) + elif command == 'linux-unarchive': + return_results(generic_ansible('Linux', 'unarchive', args, int_params, host_type)) + elif command == 'linux-xml': + return_results(generic_ansible('Linux', 'xml', args, int_params, host_type)) + elif command == 'linux-expect': + return_results(generic_ansible('Linux', 'expect', args, int_params, host_type)) + elif command == 'linux-bower': + return_results(generic_ansible('Linux', 'bower', args, int_params, host_type)) + elif command == 'linux-bundler': + return_results(generic_ansible('Linux', 'bundler', args, int_params, host_type)) + elif command == 'linux-composer': + return_results(generic_ansible('Linux', 'composer', args, int_params, host_type)) + elif command == 'linux-cpanm': + return_results(generic_ansible('Linux', 'cpanm', args, int_params, host_type)) + elif command == 'linux-gem': + return_results(generic_ansible('Linux', 'gem', args, int_params, host_type)) + elif command == 'linux-maven-artifact': + return_results(generic_ansible('Linux', 'maven_artifact', args, int_params, host_type)) + elif command == 'linux-npm': + return_results(generic_ansible('Linux', 'npm', args, int_params, host_type)) + elif command == 'linux-pear': + return_results(generic_ansible('Linux', 'pear', args, int_params, host_type)) + elif command == 'linux-pip': + return_results(generic_ansible('Linux', 'pip', args, int_params, host_type)) + elif command == 'linux-pip-package-info': + return_results(generic_ansible('Linux', 'pip_package_info', args, int_params, host_type)) + elif command == 'linux-yarn': + return_results(generic_ansible('Linux', 'yarn', args, int_params, host_type)) + elif command == 'linux-apk': + return_results(generic_ansible('Linux', 'apk', args, int_params, host_type)) + elif command == 'linux-apt': + return_results(generic_ansible('Linux', 'apt', args, int_params, host_type)) + elif command == 'linux-apt-key': + return_results(generic_ansible('Linux', 'apt_key', args, int_params, host_type)) + elif command == 'linux-apt-repo': + return_results(generic_ansible('Linux', 'apt_repo', args, int_params, host_type)) + elif command == 'linux-apt-repository': + return_results(generic_ansible('Linux', 'apt_repository', args, int_params, host_type)) + elif command == 'linux-apt-rpm': + return_results(generic_ansible('Linux', 'apt_rpm', args, int_params, host_type)) + elif command == 'linux-dpkg-selections': + return_results(generic_ansible('Linux', 'dpkg_selections', args, int_params, host_type)) + elif command == 'linux-flatpak': + return_results(generic_ansible('Linux', 'flatpak', args, int_params, host_type)) + elif command == 'linux-flatpak-remote': + return_results(generic_ansible('Linux', 'flatpak_remote', args, int_params, host_type)) + elif command == 'linux-homebrew': + return_results(generic_ansible('Linux', 'homebrew', args, int_params, host_type)) + elif command == 'linux-homebrew-cask': + return_results(generic_ansible('Linux', 'homebrew_cask', args, int_params, host_type)) + elif command == 'linux-homebrew-tap': + return_results(generic_ansible('Linux', 'homebrew_tap', args, int_params, host_type)) + elif command == 'linux-layman': + return_results(generic_ansible('Linux', 'layman', args, int_params, host_type)) + elif command == 'linux-package': + return_results(generic_ansible('Linux', 'package', args, int_params, host_type)) + elif command == 'linux-package-facts': + return_results(generic_ansible('Linux', 'package_facts', args, int_params, host_type)) + elif command == 'linux-yum': + return_results(generic_ansible('Linux', 'yum', args, int_params, host_type)) + elif command == 'linux-yum-repository': + return_results(generic_ansible('Linux', 'yum_repository', args, int_params, host_type)) + elif command == 'linux-zypper': + return_results(generic_ansible('Linux', 'zypper', args, int_params, host_type)) + elif command == 'linux-zypper-repository': + return_results(generic_ansible('Linux', 'zypper_repository', args, int_params, host_type)) + elif command == 'linux-snap': + return_results(generic_ansible('Linux', 'snap', args, int_params, host_type)) + elif command == 'linux-redhat-subscription': + return_results(generic_ansible('Linux', 'redhat_subscription', args, int_params, host_type)) + elif command == 'linux-rhn-channel': + return_results(generic_ansible('Linux', 'rhn_channel', args, int_params, host_type)) + elif command == 'linux-rhn-register': + return_results(generic_ansible('Linux', 'rhn_register', args, int_params, host_type)) + elif command == 'linux-rhsm-release': + return_results(generic_ansible('Linux', 'rhsm_release', args, int_params, host_type)) + elif command == 'linux-rhsm-repository': + return_results(generic_ansible('Linux', 'rhsm_repository', args, int_params, host_type)) + elif command == 'linux-rpm-key': + return_results(generic_ansible('Linux', 'rpm_key', args, int_params, host_type)) + elif command == 'linux-get-url': + return_results(generic_ansible('Linux', 'get_url', args, int_params, host_type)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.yml b/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.yml new file mode 100644 index 000000000000..8f310b138f05 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux.yml @@ -0,0 +1,7407 @@ +category: IT Services +commonfields: + id: AnsibleLinux + version: -1 +configuration: +- additionalinfo: The credentials to associate with the instance. SSH keys can be + configured using the credential manager. + display: Username + name: creds + required: true + type: 9 +- additionalinfo: The default port to use if one is not specified in the commands + `host` argument. + defaultvalue: 22 + display: Default SSH Port + name: port + required: true + type: 0 +- additionalinfo: If multiple hosts are specified in a command, how many hosts should + be interacted with concurrently. + defaultvalue: '4' + display: Concurrency Factor + name: concurrency + required: true + type: 0 +- display: Escalate Privileges + additionalinfo: | + Ansible allows you to ‘become’ another user, different from the user that + logged into the machine (remote user). + name: become + required: true + type: 15 + options: + - "Yes" + - "No" + defaultvalue: 'Yes' +- display: Privilege Escalation Method + additionalinfo: Which privilege escalation method should be used. + name: become_method + required: true + type: 15 + options: + - "sudo" + - "su" + - "doas" + defaultvalue: 'sudo' +- display: Privilege Escalation User + additionalinfo: Set the user you become through privilege escalation + name: become_user + required: false + type: 0 + defaultvalue: 'root' +- display: Privileges Escalation Password + additionalinfo: Set the privilege escalation password. If not set, will use the + same as SSH password. + name: become_password + required: false + type: 4 +description: Agentlesss Linux host management over SSH +display: Linux +fromversion: 6.0.0 +name: AnsibleLinux +script: + commands: + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The generic name of the link. + name: name + required: true + - description: The path to the real executable that the link should point to. + name: path + required: true + - description: 'The path to the symbolic link that should point to the real executable. + This option is always required on RHEL-based distributions. On Debian-based + distributions this option is required when the alternative `name` is unknown + to the system.' + name: link + - defaultValue: '50' + description: The priority of the alternative. + name: priority + description: "Manages alternative programs for common commands\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/alternatives_module.html" + name: linux-alternatives + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A command to be executed in the future. + name: command + - description: An existing script file to be executed in the future. + name: script_file + - description: The count of units in the future to execute the command or script + file. + name: count + required: true + - auto: PREDEFINED + description: The type of units in the future to execute the command or script + file. + name: units + predefined: + - minutes + - hours + - days + - weeks + required: true + - auto: PREDEFINED + defaultValue: present + description: The state dictates if the command or script file should be evaluated + as present(added) or absent(deleted). + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: If a matching job is present a new job will not be added. + name: unique + predefined: + - 'Yes' + - 'No' + description: "Schedule the execution of a command or script file via the at command\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/at_module.html" + name: linux-at + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The username on the remote host whose authorized_keys file will + be modified. + name: user + required: true + - description: The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys). + name: key + required: true + - description: 'Alternate path to the authorized_keys file. When unset, this value + defaults to `~/.ssh/authorized_keys`.' + name: path + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether this module should manage the directory of the authorized + key file. If set to `yes`, the module will create the directory, as well as + set the owner and permissions of an existing directory. Be sure to set `manage_dir=no` + if you are using an alternate directory for authorized_keys, as set with `path`, + since you could lock yourself out of SSH access. See the example below.' + name: manage_dir + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: Whether the given key (with the given key_options) should or should + not be in the file. + name: state + predefined: + - absent + - present + - description: A string of ssh key options to be prepended to the key in the authorized_keys + file. + name: key_options + - auto: PREDEFINED + defaultValue: 'No' + description: 'Whether to remove all other non-specified keys from the authorized_keys + file. Multiple keys can be specified in a single `key` string value by separating + them by newlines. This option is not loop aware, so if you use `with_` , it + will be exclusive per iteration of the loop. If you want multiple keys in + the file you need to pass them all to `key` in a single batch as mentioned + above.' + name: exclusive + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'This only applies if using a https url as the source of the keys. + If set to `no`, the SSL certificates will not be validated. This should only + set to `no` used on personally controlled sites using self-signed certificates + as it avoids verifying the source site. Prior to 2.1 the code worked as if + this was set to `yes`.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - description: 'Change the comment on the public key. Rewriting the comment is + useful in cases such as fetching it from GitHub or GitLab. If no comment is + specified, the existing comment will be kept.' + name: comment + - auto: PREDEFINED + defaultValue: 'No' + description: Follow path symlink instead of replacing it. + name: follow + predefined: + - 'Yes' + - 'No' + description: "Adds or removes an SSH authorized key\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/authorized_key_module.html" + name: linux-authorized-key + outputs: + - contextPath: Linux.AuthorizedKey.exclusive + description: If the key has been forced to be exclusive or not. + type: boolean + - contextPath: Linux.AuthorizedKey.key + description: The key that the module was running against. + type: string + - contextPath: Linux.AuthorizedKey.key_option + description: Key options related to the key. + type: string + - contextPath: Linux.AuthorizedKey.keyfile + description: Path for authorized key file. + type: string + - contextPath: Linux.AuthorizedKey.manage_dir + description: Whether this module managed the directory of the authorized key + file. + type: boolean + - contextPath: Linux.AuthorizedKey.path + description: Alternate path to the authorized_keys file + type: string + - contextPath: Linux.AuthorizedKey.state + description: Whether the given key (with the given key_options) should or should + not be in the file + type: string + - contextPath: Linux.AuthorizedKey.unique + description: Whether the key is unique + type: boolean + - contextPath: Linux.AuthorizedKey.user + description: The username on the remote host whose authorized_keys file will + be modified + type: string + - contextPath: Linux.AuthorizedKey.validate_certs + description: This only applies if using a https url as the source of the keys. + If set to `no`, the SSL certificates will not be validated. + type: boolean + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Specifies the path to the file to be managed. + name: path + required: true + - description: Desired capability to set (with operator and flags, if state is + `present`) or remove (if state is `absent`) + name: capability + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the entry should be present or absent in the file's capabilities. + name: state + predefined: + - absent + - present + description: "Manage Linux capabilities\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/capabilities_module.html" + name: linux-capabilities + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Description of a crontab entry or, if env is set, the name of + environment variable. Required if `state=absent`. Note that if name is not + set and `state=present`, then a new crontab entry will always be created, + regardless of existing ones. This parameter will always be required in future + releases.' + name: name + - description: 'The specific user whose crontab should be modified. When unset, + this parameter defaults to using `root`.' + name: user + - description: 'The command to execute or, if env is set, the value of environment + variable. The command should not contain line breaks. Required if `state=present`.' + name: job + - auto: PREDEFINED + defaultValue: present + description: Whether to ensure the job or environment variable is present or + absent. + name: state + predefined: + - absent + - present + - description: 'If specified, uses this file instead of an individual user''s + crontab. If this is a relative path, it is interpreted with respect to `/etc/cron.d`. + If it is absolute, it will typically be `/etc/crontab`. Many linux distros + expect (and some require) the filename portion to consist solely of upper- + and lower-case letters, digits, underscores, and hyphens. To use the `cron_file` + parameter you must specify the `user` as well.' + name: cron_file + - auto: PREDEFINED + defaultValue: 'No' + description: If set, create a backup of the crontab before it is modified. The + location of the backup is returned in the `backup_file` variable by this module. + name: backup + predefined: + - 'Yes' + - 'No' + - defaultValue: '*' + description: Minute when the job should run ( 0-59, *, */2, etc ) + name: minute + - defaultValue: '*' + description: Hour when the job should run ( 0-23, *, */2, etc ) + name: hour + - defaultValue: '*' + description: Day of the month the job should run ( 1-31, *, */2, etc ) + name: day + - defaultValue: '*' + description: Month of the year the job should run ( 1-12, *, */2, etc ) + name: month + - defaultValue: '*' + description: Day of the week that the job should run ( 0-6 for Sunday-Saturday, + *, etc ) + name: weekday + - auto: PREDEFINED + defaultValue: 'No' + description: If the job should be run at reboot. This option is deprecated. + Users should use special_time. + name: reboot + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: Special time specification nickname. + name: special_time + predefined: + - annually + - daily + - hourly + - monthly + - reboot + - weekly + - yearly + - auto: PREDEFINED + defaultValue: 'No' + description: 'If the job should be disabled (commented out) in the crontab. + Only has effect if `state=present`.' + name: disabled + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set, manages a crontab''s environment variable. New variables + are added on top of crontab. `name` and `value` parameters are the name and + the value of environment variable.' + name: env + predefined: + - 'Yes' + - 'No' + - description: 'Used with `state=present` and `env`. If specified, the environment + variable will be inserted after the declaration of specified environment variable.' + name: insertafter + - description: 'Used with `state=present` and `env`. If specified, the environment + variable will be inserted before the declaration of specified environment + variable.' + name: insertbefore + description: "Manage cron.d and crontab entries\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/cron_module.html" + name: linux-cron + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the crontab variable. + name: name + required: true + - description: 'The value to set this variable to. Required if `state=present`.' + name: value + - description: 'If specified, the variable will be inserted after the variable + specified. Used with `state=present`.' + name: insertafter + - description: Used with `state=present`. If specified, the variable will be inserted + just before the variable specified. + name: insertbefore + - auto: PREDEFINED + defaultValue: present + description: Whether to ensure that the variable is present or absent. + name: state + predefined: + - absent + - present + - description: 'The specific user whose crontab should be modified. This parameter + defaults to `root` when unset.' + name: user + - description: 'If specified, uses this file instead of an individual user''s + crontab. Without a leading `/`, this is assumed to be in `/etc/cron.d`. With + a leading `/`, this is taken as absolute.' + name: cron_file + - auto: PREDEFINED + defaultValue: 'No' + description: If set, create a backup of the crontab before it is modified. The + location of the backup is returned in the `backup` variable by this module. + name: backup + predefined: + - 'Yes' + - 'No' + description: "Manage variables in crontabs\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/cronvar_module.html" + name: linux-cronvar + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A dconf key to modify or read from the dconf database. + name: key + required: true + - description: Value to set for the specified dconf key. Value should be specified + in GVariant format. Due to complexity of this format, it is best to have a + look at existing values in the dconf database. Required for `state=present`. + name: value + - auto: PREDEFINED + defaultValue: present + description: The action to take upon the key/value. + name: state + predefined: + - read + - present + - absent + description: "Modify and read dconf database\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/dconf_module.html" + name: linux-dconf + outputs: + - contextPath: Linux.Dconf.value + description: value associated with the requested key + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of package to configure. + name: name + required: true + - description: A debconf configuration setting. + name: question + - auto: PREDEFINED + description: 'The type of the value supplied. It is highly recommended to add + `no_log=True` to task while specifying `vtype=password`. `seen` was added + in Ansible 2.2.' + name: vtype + predefined: + - boolean + - error + - multiselect + - note + - password + - seen + - select + - string + - text + - title + - description: Value to set the configuration to. + name: value + - auto: PREDEFINED + defaultValue: 'No' + description: Do not set 'seen' flag when pre-seeding. + name: unseen + predefined: + - 'Yes' + - 'No' + description: "Configure a .deb package\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/debconf_module.html" + name: linux-debconf + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: 'Filesystem type to be created. reiserfs support was added in 2.2. + lvm support was added in 2.5. since 2.5, `dev` can be an image file. vfat + support was added in 2.5 ocfs2 support was added in 2.6 f2fs support was added + in 2.7 swap support was added in 2.8' + name: fstype + predefined: + - btrfs + - ext2 + - ext3 + - ext4 + - ext4dev + - f2fs + - lvm + - ocfs2 + - reiserfs + - xfs + - vfat + - swap + required: true + - description: Target path to device or image file. + name: dev + required: true + - defaultValue: 'no' + description: If `yes`, allows to create new filesystem on devices that already + has filesystem. + name: force + - defaultValue: 'no' + description: 'If `yes`, if the block device and filesystem size differ, grow + the filesystem into the space. Supported for `ext2`, `ext3`, `ext4`, `ext4dev`, + `f2fs`, `lvm`, `xfs`, `vfat`, `swap` filesystems. XFS Will only grow if mounted. + vFAT will likely fail if fatresize < 1.04.' + name: resizefs + - description: List of options to be passed to mkfs command. + name: opts + description: "Makes a filesystem\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/filesystem_module.html" + name: linux-filesystem + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Name of a service to add/remove to/from firewalld. The service + must be listed in output of firewall-cmd --get-services.' + name: service + - description: 'Name of a port or port range to add/remove to/from firewalld. + Must be in the form PORT/PROTOCOL or PORT-PORT/PROTOCOL for port ranges.' + name: port + - description: Rich rule to add/remove to/from firewalld. + name: rich_rule + - description: The source/network you would like to add/remove to/from firewalld. + name: source + - description: The interface you would like to add/remove to/from a zone in firewalld. + name: interface + - description: The ICMP block you would like to add/remove to/from a zone in firewalld. + name: icmp_block + - description: Enable/Disable inversion of ICMP blocks for a zone in firewalld. + name: icmp_block_inversion + - description: 'The firewalld zone to add/remove to/from. Note that the default + zone can be configured per system but `public` is default from upstream. Available + choices can be extended based on per-system configs, listed here are "out + of the box" defaults. Possible values include `block`, `dmz`, `drop`, `external`, + `home`, `internal`, `public`, `trusted`, `work`.' + name: zone + - description: 'Should this configuration be in the running firewalld configuration + or persist across reboots. As of Ansible 2.3, permanent operations can operate + on firewalld configs when it is not running (requires firewalld >= 3.0.9). + Note that if this is `no`, immediate is assumed `yes`.' + name: permanent + - auto: PREDEFINED + defaultValue: 'No' + description: Should this configuration be applied immediately, if set as permanent. + name: immediate + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: 'Enable or disable a setting. For ports: Should this port accept + (enabled) or reject (disabled) connections. The states `present` and `absent` + can only be used in zone level operations (i.e. when no other parameters but + zone and state are set).' + name: state + predefined: + - absent + - disabled + - enabled + - present + required: true + - defaultValue: '0' + description: The amount of time the rule should be in effect for when non-permanent. + name: timeout + - description: The masquerade setting you would like to enable/disable to/from + zones within firewalld. + name: masquerade + - description: Whether to run this module even when firewalld is offline. + name: offline + description: "Manage arbitrary ports/services with firewalld\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/firewalld_module.html" + name: linux-firewalld + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A toggle that controls if the fact modules are executed in parallel + or serially and in order. This can guarantee the merge order of module facts + at the expense of performance. By default it will be true if more than one + fact module is used.' + name: parallel + description: "Gathers facts about remote hosts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/gather_facts_module.html" + name: linux-gather-facts + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A GConf preference key is an element in the GConf repository that + corresponds to an application preference. See man gconftool-2(1) + name: key + required: true + - description: Preference keys typically have simple values such as strings, integers, + or lists of strings and integers. This is ignored if the state is "get". See + man gconftool-2(1) + name: value + - auto: PREDEFINED + description: The type of value being set. This is ignored if the state is "get". + name: value_type + predefined: + - bool + - float + - int + - string + - auto: PREDEFINED + description: The action to take upon the key/value. + name: state + predefined: + - absent + - get + - present + required: true + - description: Specify a configuration source to use rather than the default path. + See man gconftool-2(1) + name: config_source + - defaultValue: 'no' + description: Access the config database directly, bypassing server. If direct + is specified then the config_source must be specified as well. See man gconftool-2(1) + name: direct + description: "Edit GNOME Configurations\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/gconftool2_module.html" + name: linux-gconftool2 + outputs: + - contextPath: Linux.Gconftool2.key + description: The key specified in the module parameters + type: string + - contextPath: Linux.Gconftool2.value_type + description: The type of the value that was changed + type: string + - contextPath: Linux.Gconftool2.value + description: The value of the preference key after executing the module + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of a getent database supported by the target system (passwd, + group, hosts, etc). + name: database + required: true + - defaultValue: '' + description: Key from which to return values from the specified database, otherwise + the full contents are returned. + name: key + - description: 'Override all databases with the specified service The underlying + system must support the service flag which is not always available.' + name: service + - description: "Character used to split the database values into lists/arrays\ + \ such as ':' or '\t', otherwise it will try to pick one depending on the\ + \ database." + name: split + - defaultValue: 'yes' + description: If a supplied key is missing this will make the task fail if `yes`. + name: fail_key + description: "A wrapper to the unix getent utility\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/getent_module.html" + name: linux-getent + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the group to manage. + name: name + required: true + - description: Optional `GID` to set for the group. + name: gid + - auto: PREDEFINED + defaultValue: present + description: Whether the group should be present or not on the remote host. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: If `yes`, indicates that the group created is a system group. + name: system + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Forces the use of "local" command alternatives on platforms that + implement it. This is useful in environments that use centralized authentication + when you want to manipulate the local groups. (e.g. it uses `lgroupadd` instead + of `groupadd`). This requires that these commands exist on the targeted host, + otherwise it will be a fatal error.' + name: local + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'This option allows to change the group ID to a non-unique value. + Requires `gid`. Not supported on macOS or BusyBox distributions.' + name: non_unique + predefined: + - 'Yes' + - 'No' + description: "Add or remove groups\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/group_module.html" + name: linux-group + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the host + name: name + required: true + - auto: PREDEFINED + description: 'Which strategy to use to update the hostname. If not set we try + to autodetect, but this can be problematic, specially with containers as they + can present misleading information.' + name: use + predefined: + - generic + - debian + - sles + - redhat + - alpine + - systemd + - openrc + - openbsd + - solaris + - freebsd + description: "Manage hostname\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hostname_module.html" + name: linux-hostname + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: /etc/network/interfaces + description: Path to the interfaces file + name: dest + - description: Name of the interface, required for value changes or option remove + name: iface + - description: Address family of the interface, useful if same interface name + is used for both inet and inet6 + name: address_family + - description: Name of the option, required for value changes or option remove + name: option + - description: If `option` is not presented for the `interface` and `state` is + `present` option will be added. If `option` already exists and is not `pre-up`, + `up`, `post-up` or `down`, it's value will be updated. `pre-up`, `up`, `post-up` + and `down` options can't be updated, only adding new options, removing existing + ones or cleaning the whole option set are supported + name: value + - defaultValue: 'no' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + - auto: PREDEFINED + defaultValue: present + description: If set to `absent` the option or section will be removed if present + instead of created. + name: state + predefined: + - present + - absent + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Tweak settings in /etc/network/interfaces files\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/interfaces_file_module.html" + name: linux-interfaces-file + outputs: + - contextPath: Linux.InterfacesFile.dest + description: destination file/path + type: string + - contextPath: Linux.InterfacesFile.ifaces + description: interfaces dictionary + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: filter + description: 'This option specifies the packet matching table which the command + should operate on. If the kernel is configured with automatic module loading, + an attempt will be made to load the appropriate module for that table if it + is not already there.' + name: table + predefined: + - filter + - nat + - mangle + - raw + - security + - auto: PREDEFINED + defaultValue: present + description: Whether the rule should be absent or present. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: append + description: 'Whether the rule should be appended at the bottom or inserted + at the top. If the rule already exists the chain will not be modified.' + name: action + predefined: + - append + - insert + - description: 'Insert the rule as the given rule number. This works only with + `action=insert`.' + name: rule_num + - auto: PREDEFINED + defaultValue: ipv4 + description: Which version of the IP protocol this rule should apply to. + name: ip_version + predefined: + - ipv4 + - ipv6 + - description: 'Specify the iptables chain to modify. This could be a user-defined + chain or one of the standard iptables chains, like `INPUT`, `FORWARD`, `OUTPUT`, + `PREROUTING`, `POSTROUTING`, `SECMARK` or `CONNSECMARK`.' + name: chain + - description: 'The protocol of the rule or of the packet to check. The specified + protocol can be one of `tcp`, `udp`, `udplite`, `icmp`, `esp`, `ah`, `sctp` + or the special keyword `all`, or it can be a numeric value, representing one + of these protocols or a different one. A protocol name from `/etc/protocols` + is also allowed. A `!` argument before the protocol inverts the test. The + number zero is equivalent to all. `all` will match with all protocols and + is taken as default when this option is omitted.' + name: protocol + - description: 'Source specification. Address can be either a network name, a + hostname, a network IP address (with /mask), or a plain IP address. Hostnames + will be resolved once only, before the rule is submitted to the kernel. Please + note that specifying any name to be resolved with a remote query such as DNS + is a really bad idea. The mask can be either a network mask or a plain number, + specifying the number of 1''s at the left side of the network mask. Thus, + a mask of 24 is equivalent to 255.255.255.0. A `!` argument before the address + specification inverts the sense of the address.' + name: source + - description: 'Destination specification. Address can be either a network name, + a hostname, a network IP address (with /mask), or a plain IP address. Hostnames + will be resolved once only, before the rule is submitted to the kernel. Please + note that specifying any name to be resolved with a remote query such as DNS + is a really bad idea. The mask can be either a network mask or a plain number, + specifying the number of 1''s at the left side of the network mask. Thus, + a mask of 24 is equivalent to 255.255.255.0. A `!` argument before the address + specification inverts the sense of the address.' + name: destination + - description: 'TCP flags specification. `tcp_flags` expects a dict with the two + keys `flags` and `flags_set`.' + isArray: true + name: tcp_flags + - description: 'Specifies a match to use, that is, an extension module that tests + for a specific property. The set of matches make up the condition under which + a target is invoked. Matches are evaluated first to last if specified as an + array and work in short-circuit fashion, i.e. if one extension yields false, + evaluation will stop.' + isArray: true + name: match + - description: 'This specifies the target of the rule; i.e., what to do if the + packet matches it. The target can be a user-defined chain (other than the + one this rule is in), one of the special builtin targets which decide the + fate of the packet immediately, or an extension (see EXTENSIONS below). If + this option is omitted in a rule (and the goto parameter is not used), then + matching the rule will have no effect on the packet''s fate, but the counters + on the rule will be incremented.' + name: jump + - description: 'This specifies the IP address of host to send the cloned packets. + This option is only valid when `jump` is set to `TEE`.' + name: gateway + - description: Specifies a log text for the rule. Only make sense with a LOG jump. + name: log_prefix + - auto: PREDEFINED + description: 'Logging level according to the syslogd-defined priorities. The + value can be strings or numbers from 1-8. This parameter is only applicable + if `jump` is set to `LOG`.' + name: log_level + predefined: + - '0' + - '1' + - '2' + - '3' + - '4' + - '5' + - '6' + - '7' + - emerg + - alert + - crit + - error + - warning + - notice + - info + - debug + - description: 'This specifies that the processing should continue in a user specified + chain. Unlike the jump argument return will not continue processing in this + chain but instead in the chain that called us via jump.' + name: goto + - description: 'Name of an interface via which a packet was received (only for + packets entering the `INPUT`, `FORWARD` and `PREROUTING` chains). When the + `!` argument is used before the interface name, the sense is inverted. If + the interface name ends in a `+`, then any interface which begins with this + name will match. If this option is omitted, any interface name will match.' + name: in_interface + - description: 'Name of an interface via which a packet is going to be sent (for + packets entering the `FORWARD`, `OUTPUT` and `POSTROUTING` chains). When the + `!` argument is used before the interface name, the sense is inverted. If + the interface name ends in a `+`, then any interface which begins with this + name will match. If this option is omitted, any interface name will match.' + name: out_interface + - description: 'This means that the rule only refers to second and further fragments + of fragmented packets. Since there is no way to tell the source or destination + ports of such a packet (or ICMP type), such a packet will not match any rules + which specify them. When the "!" argument precedes fragment argument, the + rule will only match head fragments, or unfragmented packets.' + name: fragment + - description: This enables the administrator to initialize the packet and byte + counters of a rule (during `INSERT`, `APPEND`, `REPLACE` operations). + name: set_counters + - description: 'Source port or port range specification. This can either be a + service name or a port number. An inclusive range can also be specified, using + the format `first:last`. If the first port is omitted, `0` is assumed; if + the last is omitted, `65535` is assumed. If the first port is greater than + the second one they will be swapped.' + name: source_port + - description: 'Destination port or port range specification. This can either + be a service name or a port number. An inclusive range can also be specified, + using the format first:last. If the first port is omitted, ''0'' is assumed; + if the last is omitted, ''65535'' is assumed. If the first port is greater + than the second one they will be swapped. This is only valid if the rule also + specifies one of the following protocols: tcp, udp, dccp or sctp.' + name: destination_port + - description: 'This specifies a destination port or range of ports to use, without + this, the destination port is never altered. This is only valid if the rule + also specifies one of the protocol `tcp`, `udp`, `dccp` or `sctp`.' + name: to_ports + - description: 'This specifies a destination address to use with `DNAT`. Without + this, the destination address is never altered.' + name: to_destination + - description: 'This specifies a source address to use with `SNAT`. Without this, + the source address is never altered.' + name: to_source + - auto: PREDEFINED + defaultValue: ignore + description: 'This allows matching packets that have the SYN bit set and the + ACK and RST bits unset. When negated, this matches all packets with the RST + or the ACK bits set.' + name: syn + predefined: + - ignore + - match + - negate + - description: 'This allows specifying a DSCP mark to be added to packets. It + takes either an integer or hex value. Mutually exclusive with `set_dscp_mark_class`.' + name: set_dscp_mark + - description: 'This allows specifying a predefined DiffServ class which will + be translated to the corresponding DSCP mark. Mutually exclusive with `set_dscp_mark`.' + name: set_dscp_mark_class + - description: This specifies a comment that will be added to the rule. + name: comment + - description: '`ctstate` is a list of the connection states to match in the conntrack + module. Possible states are `INVALID`, `NEW`, `ESTABLISHED`, `RELATED`, `UNTRACKED`, + `SNAT`, `DNAT`' + isArray: true + name: ctstate + - description: Specifies the source IP range to match in the iprange module. + name: src_range + - description: Specifies the destination IP range to match in the iprange module. + name: dst_range + - description: 'Specifies the maximum average number of matches to allow per second. + The number can specify units explicitly, using `/second'', `/minute'', `/hour'' + or `/day'', or parts of them (so `5/second'' is the same as `5/s'').' + name: limit + - description: Specifies the maximum burst before the above limit kicks in. + name: limit_burst + - description: 'Specifies the UID or username to use in match by owner rule. From + Ansible 2.6 when the `!` argument is prepended then the it inverts the rule + to apply instead to all users except that one specified.' + name: uid_owner + - description: Specifies the GID or group to use in match by owner rule. + name: gid_owner + - description: 'Specifies the error packet type to return while rejecting. It + implies "jump: REJECT"' + name: reject_with + - description: This allows specification of the ICMP type, which can be a numeric + ICMP type, type/code pair, or one of the ICMP type names shown by the command + 'iptables -p icmp -h' + name: icmp_type + - description: 'Flushes the specified table and chain of all rules. If no chain + is specified then the entire table is purged. Ignores all other parameters.' + name: flush + - auto: PREDEFINED + description: 'Set the policy for the chain to the given target. Only built-in + chains can have policies. This parameter requires the `chain` parameter. Ignores + all other parameters.' + name: policy + predefined: + - ACCEPT + - DROP + - QUEUE + - RETURN + description: "Modify iptables rules\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/iptables_module.html" + name: linux-iptables + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Basic URL to fetch SSL certificate from. One of `cert_url` or + `cert_path` is required to load certificate.' + name: cert_url + - defaultValue: '443' + description: 'Port to connect to URL. This will be used to create server URL:PORT.' + name: cert_port + - description: 'Local path to load certificate from. One of `cert_url` or `cert_path` + is required to load certificate.' + name: cert_path + - description: 'Imported certificate alias. The alias is used when checking for + the presence of a certificate in the keystore.' + name: cert_alias + - description: Local path to load PKCS12 keystore from. + name: pkcs12_path + - defaultValue: '' + description: Password for importing from PKCS12 keystore. + name: pkcs12_password + - description: Alias in the PKCS12 keystore. + name: pkcs12_alias + - description: Path to keystore. + name: keystore_path + - description: Keystore password. + name: keystore_pass + required: true + - description: Create keystore if it does not exist. + name: keystore_create + - description: Keystore type (JCEKS, JKS). + name: keystore_type + - defaultValue: keytool + description: Path to keytool binary if not used we search in PATH for it. + name: executable + - auto: PREDEFINED + defaultValue: present + description: Defines action which can be either certificate import or removal. + name: state + predefined: + - absent + - present + description: "Uses keytool to import/remove key from java keystore (cacerts)\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/java_cert_module.html" + name: linux-java-cert + outputs: + - contextPath: Linux.JavaCert.msg + description: Output from stdout of keytool command after execution of given + command. + type: string + - contextPath: Linux.JavaCert.rc + description: Keytool command execution return value. + type: number + - contextPath: Linux.JavaCert.cmd + description: Executed command to get action done. + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the certificate. + name: name + required: true + - description: Certificate that should be used to create the key store. + name: certificate + required: true + - description: Private key that should be used to create the key store. + name: private_key + required: true + - description: Password that should be used to secure the key store. + name: password + required: true + - description: Absolute path where the jks should be generated. + name: dest + required: true + - description: Name of the user that should own jks file. + name: owner + - description: Name of the group that should own jks file. + name: group + - description: Mode the file should be. + name: mode + - defaultValue: 'no' + description: Key store will be created even if it already exists. + name: force + description: "Create or delete a Java keystore in JKS format.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/java_keystore_module.html" + name: linux-java-keystore + outputs: + - contextPath: Linux.JavaKeystore.msg + description: Output from stdout of keytool/openssl command after execution of + given command or an error. + type: string + - contextPath: Linux.JavaKeystore.rc + description: keytool/openssl command execution return value + type: number + - contextPath: Linux.JavaKeystore.cmd + description: Executed command to get action done + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of kernel module to black- or whitelist. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the module should be present in the blacklist or absent. + name: state + predefined: + - absent + - present + - description: If specified, use this blacklist file instead of `/etc/modprobe.d/blacklist-ansible.conf`. + name: blacklist_file + description: "Blacklist kernel modules\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/kernel_blacklist_module.html" + name: linux-kernel-blacklist + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The host to add or remove (must match a host specified in key). + It will be converted to lowercase so that ssh-keygen can find it. Must match + with or present in key attribute.' + name: name + required: true + - description: 'The SSH public host key, as a string (required if state=present, + optional when state=absent, in which case all keys for the host are removed). + The key must be in the right format for ssh (see sshd(8), section "SSH_KNOWN_HOSTS + FILE FORMAT"). Specifically, the key should not match the format that is found + in an SSH pubkey file, but should rather have the hostname prepended to a + line that includes the pubkey, the same way that it would appear in the known_hosts + file. The value prepended to the line must also match the value of the name + parameter. Should be of format ` ssh-rsa `' + name: key + - defaultValue: (homedir)+/.ssh/known_hosts + description: The known_hosts file to edit + name: path + - defaultValue: 'no' + description: Hash the hostname in the known_hosts file + name: hash_host + - auto: PREDEFINED + defaultValue: present + description: '`present` to add the host key, `absent` to remove it.' + name: state + predefined: + - present + - absent + description: "Add or remove a host from the C(known_hosts) file\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/known_hosts_module.html" + name: linux-known-hosts + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + description: "Gather facts on processes listening on TCP and UDP ports.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/listen_ports_facts_module.html" + name: linux-listen-ports-facts + outputs: + - contextPath: Linux.ListenPortsFacts.ansible_facts + description: Dictionary containing details of TCP and UDP ports with listening + servers + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name and encoding of the locale, such as "en_GB.UTF-8". + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the locale shall be present. + name: state + predefined: + - absent + - present + description: "Creates or removes locales\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/locale_gen_module.html" + name: linux-locale-gen + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of kernel module to manage. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the module should be present or absent. + name: state + predefined: + - absent + - present + - defaultValue: '' + description: Modules parameters. + name: params + description: "Load or unload kernel modules\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/modprobe_module.html" + name: linux-modprobe + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Path to the mount point (e.g. `/mnt/files`). Before Ansible 2.3 + this option was only usable as `dest`, `destfile` and `name`.' + name: path + required: true + - description: 'Device to be mounted on `path`. Required when `state` set to `present` + or `mounted`.' + name: src + - description: 'Filesystem type. Required when `state` is `present` or `mounted`.' + name: fstype + - description: Mount options (see fstab(5), or vfstab(4) on Solaris). + name: opts + - defaultValue: '0' + description: 'Dump (see fstab(5)). Note that if set to `null` and `state` set + to `present`, it will cease to work and duplicate entries will be made with + subsequent runs. Has no effect on Solaris systems.' + name: dump + - defaultValue: '0' + description: 'Passno (see fstab(5)). Note that if set to `null` and `state` + set to `present`, it will cease to work and duplicate entries will be made + with subsequent runs. Deprecated on Solaris systems.' + name: passno + - auto: PREDEFINED + description: 'If `mounted`, the device will be actively mounted and appropriately + configured in `fstab`. If the mount point is not present, the mount point + will be created. If `unmounted`, the device will be unmounted without changing + `fstab`. `present` only specifies that the device is to be configured in `fstab` + and does not trigger or require a mount. `absent` specifies that the device + mount''s entry will be removed from `fstab` and will also unmount the device + and remove the mount point. `remounted` specifies that the device will be + remounted for when you want to force a refresh on the mount itself (added + in 2.9). This will always return changed=true.' + name: state + predefined: + - absent + - mounted + - present + - unmounted + - remounted + required: true + - description: 'File to use instead of `/etc/fstab`. You should not use this option + unless you really know what you are doing. This might be useful if you need + to configure mountpoints in a chroot environment. OpenBSD does not allow specifying + alternate fstab files with mount so do not use this on OpenBSD with any state + that operates on the live filesystem. This parameter defaults to /etc/fstab + or /etc/vfstab on Solaris.' + name: fstab + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Determines if the filesystem should be mounted on boot. Only applies + to Solaris systems.' + name: boot + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + description: "Control active and configured mount points\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/mount_module.html" + name: linux-mount + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The IP address of the iSCSI target. + name: portal + - defaultValue: '3260' + description: The port on which the iSCSI target process listens. + name: port + - description: The iSCSI target name. + name: target + - description: Whether the target node should be connected. + name: login + - defaultValue: CHAP + description: The value for `discovery.sendtargets.auth.authmethod`. + name: node_auth + - description: The value for `discovery.sendtargets.auth.username`. + name: node_user + - description: The value for `discovery.sendtargets.auth.password`. + name: node_pass + - description: Whether the target node should be automatically connected at startup. + name: auto_node_startup + - description: 'Whether the list of target nodes on the portal should be (re)discovered + and added to the persistent iSCSI database. Keep in mind that `iscsiadm` discovery + resets configuration, like `node.startup` to manual, hence combined with `auto_node_startup=yes` + will always return a changed state.' + name: discover + - description: Whether the list of nodes in the persistent iSCSI database should + be returned by the module. + name: show_nodes + description: "Manage iSCSI targets with Open-iSCSI\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/open_iscsi_module.html" + name: linux-open-iscsi + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A username, @groupname, wildcard, uid/gid range. + name: domain + required: true + - auto: PREDEFINED + description: Limit type, see `man 5 limits.conf` for an explanation + name: limit_type + predefined: + - hard + - soft + - '-' + required: true + - auto: PREDEFINED + description: The limit to be set + name: limit_item + predefined: + - core + - data + - fsize + - memlock + - nofile + - rss + - stack + - cpu + - nproc + - as + - maxlogins + - maxsyslogins + - priority + - locks + - sigpending + - msgqueue + - nice + - rtprio + - chroot + required: true + - description: The value of the limit. + name: value + required: true + - defaultValue: 'no' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + - defaultValue: 'no' + description: If set to `yes`, the minimal value will be used or conserved. If + the specified value is inferior to the value in the file, file content is + replaced with the new value, else content is not modified. + name: use_min + - defaultValue: 'no' + description: If set to `yes`, the maximal value will be used or conserved. If + the specified value is superior to the value in the file, file content is + replaced with the new value, else content is not modified. + name: use_max + - defaultValue: /etc/security/limits.conf + description: Modify the limits.conf path. + name: dest + - defaultValue: '' + description: Comment associated with the limit. + name: comment + description: "Modify Linux PAM limits\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pam_limits_module.html" + name: linux-pam-limits + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name generally refers to the PAM service file to change, for + example system-auth. + name: name + required: true + - auto: PREDEFINED + description: 'The type of the PAM rule being modified. The `type`, `control` + and `module_path` all must match a rule to be modified.' + name: type + predefined: + - account + - -account + - auth + - -auth + - password + - -password + - session + - -session + required: true + - description: 'The control of the PAM rule being modified. This may be a complicated + control with brackets. If this is the case, be sure to put "[bracketed controls]" + in quotes. The `type`, `control` and `module_path` all must match a rule to + be modified.' + name: control + required: true + - description: 'The module path of the PAM rule being modified. The `type`, `control` + and `module_path` all must match a rule to be modified.' + name: module_path + required: true + - auto: PREDEFINED + description: The new type to assign to the new rule. + name: new_type + predefined: + - account + - -account + - auth + - -auth + - password + - -password + - session + - -session + - description: The new control to assign to the new rule. + name: new_control + - description: The new module path to be assigned to the new rule. + name: new_module_path + - description: 'When state is `updated`, the module_arguments will replace existing + module_arguments. When state is `args_absent` args matching those listed in + module_arguments will be removed. When state is `args_present` any args listed + in module_arguments are added if missing from the existing rule. Furthermore, + if the module argument takes a value denoted by `=`, the value will be changed + to that specified in module_arguments.' + isArray: true + name: module_arguments + - auto: PREDEFINED + defaultValue: updated + description: 'The default of `updated` will modify an existing rule if type, + control and module_path all match an existing rule. With `before`, the new + rule will be inserted before a rule matching type, control and module_path. + Similarly, with `after`, the new rule will be inserted after an existing rulematching + type, control and module_path. With either `before` or `after` new_type, new_control, + and new_module_path must all be specified. If state is `args_absent` or `args_present`, + new_type, new_control, and new_module_path will be ignored. State `absent` + will remove the rule. The ''absent'' state was added in Ansible 2.4.' + name: state + predefined: + - absent + - before + - after + - args_absent + - args_present + - updated + - defaultValue: /etc/pam.d + description: This is the path to the PAM service files. + name: path + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + description: "Manage PAM Modules\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pamd_module.html" + name: linux-pamd + outputs: + - contextPath: Linux.Pamd.change_count + description: How many rules were changed. + type: number + - contextPath: Linux.Pamd.new_rule + description: The changes to the rule. This was available in Ansible 2.4 and + Ansible 2.5. It was removed in Ansible 2.6. + type: string + - contextPath: Linux.Pamd.updated_rule_(n) + description: The rule(s) that was/were changed. This is only available in Ansible + 2.4 and was removed in Ansible 2.5. + type: string + - contextPath: Linux.Pamd.action + description: 'That action that was taken and is one of: update_rule, insert_before_rule, + insert_after_rule, args_present, args_absent, absent. This was available in + Ansible 2.4 and removed in Ansible 2.8' + type: string + - contextPath: Linux.Pamd.dest + description: Path to pam.d service that was changed. This is only available + in Ansible 2.3 and was removed in Ansible 2.4. + type: string + - contextPath: Linux.Pamd.backupdest + description: The file name of the backup file, if created. + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The block device (disk) where to operate. + name: device + required: true + - auto: PREDEFINED + defaultValue: optimal + description: Set alignment for newly created partitions. + name: align + predefined: + - cylinder + - minimal + - none + - optimal + - description: 'The number of the partition to work with or the number of the + partition that will be created. Required when performing any action on the + disk, except fetching information.' + name: number + - auto: PREDEFINED + defaultValue: KiB + description: 'Selects the current default unit that Parted will use to display + locations and capacities on the disk and to interpret those given by the user + if they are not suffixed by an unit. When fetching information about a disk, + it is always recommended to specify a unit.' + name: unit + predefined: + - s + - B + - KB + - KiB + - MB + - MiB + - GB + - GiB + - TB + - TiB + - '%' + - cyl + - chs + - compact + - auto: PREDEFINED + defaultValue: msdos + description: Creates a new disk label. + name: label + predefined: + - aix + - amiga + - bsd + - dvh + - gpt + - loop + - mac + - msdos + - pc98 + - sun + - auto: PREDEFINED + defaultValue: primary + description: 'May be specified only with ''msdos'' or ''dvh'' partition tables. + A `name` must be specified for a ''gpt'' partition table. Neither `part_type` + nor `name` may be used with a ''sun'' partition table.' + name: part_type + predefined: + - extended + - logical + - primary + - defaultValue: 0% + description: 'Where the partition will start as offset from the beginning of + the disk, that is, the "distance" from the start of the disk. The distance + can be specified with all the units supported by parted (except compat) and + it is case sensitive, e.g. `10GiB`, `15%`.' + name: part_start + - defaultValue: 100% + description: 'Where the partition will end as offset from the beginning of the + disk, that is, the "distance" from the start of the disk. The distance can + be specified with all the units supported by parted (except compat) and it + is case sensitive, e.g. `10GiB`, `15%`.' + name: part_end + - description: Sets the name for the partition number (GPT, Mac, MIPS and PC98 + only). + name: name + - description: A list of the flags that has to be set on the partition. + isArray: true + name: flags + - auto: PREDEFINED + defaultValue: info + description: 'Whether to create or delete a partition. If set to `info` the + module will only return the device information.' + name: state + predefined: + - absent + - present + - info + description: "Configure block device partitions\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/parted_module.html" + name: linux-parted + outputs: + - contextPath: Linux.Parted.partition_info + description: Current partition information + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: the name of the process you want to get PID for. + name: name + required: true + description: "Retrieves process IDs list if the process is running otherwise return\ + \ empty list\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pids_module.html" + name: linux-pids + outputs: + - contextPath: Linux.Pids.pids + description: Process IDs of the given process + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: pong + description: 'Data to return for the `ping` return value. If this parameter + is set to `crash`, the module will cause an exception.' + name: data + description: "Try to connect to host, verify a usable python and return C(pong)\ + \ on success\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ping_module.html" + name: linux-ping + outputs: + - contextPath: Linux.Ping.ping + description: value provided with the data parameter + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A list of version-likes or module names to check for installation. + Supported operators: <, >, <=, >=, or ==. The bare module name like I(ansible), + the module with a specific version like I(boto3==1.6.1), or a partial version + like I(requests>2) are all valid specifications. ' + name: dependencies + description: "Show python path and assert dependency versions\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/python_requirements_info_module.html" + name: linux-python-requirements-info + outputs: + - contextPath: Linux.PythonRequirementsInfo.python + description: path to python version used + type: string + - contextPath: Linux.PythonRequirementsInfo.python_version + description: version of python + type: string + - contextPath: Linux.PythonRequirementsInfo.python_system_path + description: List of paths python is looking for modules in + type: unknown + - contextPath: Linux.PythonRequirementsInfo.valid + description: A dictionary of dependencies that matched their desired versions. + If no version was specified, then `desired` will be null + type: unknown + - contextPath: Linux.PythonRequirementsInfo.mismatched + description: A dictionary of dependencies that did not satisfy the desired version + type: unknown + - contextPath: Linux.PythonRequirementsInfo.not_found + description: A list of packages that could not be imported at all, and are not + installed + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '0' + description: 'Seconds to wait before reboot. Passed as a parameter to the reboot + command. On Linux, macOS and OpenBSD, this is converted to minutes and rounded + down. If less than 60, it will be set to 0. On Solaris and FreeBSD, this will + be seconds.' + name: pre_reboot_delay + - defaultValue: '0' + description: 'Seconds to wait after the reboot command was successful before + attempting to validate the system rebooted successfully. This is useful if + you want wait for something to settle despite your connection already working.' + name: post_reboot_delay + - defaultValue: '600' + description: 'Maximum seconds to wait for machine to reboot and respond to a + test command. This timeout is evaluated separately for both reboot verification + and test command success so the maximum execution time for the module is twice + this amount.' + name: reboot_timeout + - description: 'Maximum seconds to wait for a successful connection to the managed + hosts before trying again. If unspecified, the default setting for the underlying + connection plugin is used.' + name: connect_timeout + - defaultValue: whoami + description: Command to run on the rebooted host and expect success from to + determine the machine is ready for further tasks. + name: test_command + - defaultValue: Reboot initiated by Ansible + description: Message to display to users before reboot. + name: msg + - defaultValue: '[''/sbin'', ''/usr/sbin'', ''/usr/local/sbin'']' + description: 'Paths to search on the remote machine for the `shutdown` command. + `Only` these paths will be searched for the `shutdown` command. `PATH` is + ignored in the remote node when searching for the `shutdown` command.' + isArray: true + name: search_paths + description: "Reboot a machine\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/reboot_module.html" + name: linux-reboot + outputs: + - contextPath: Linux.Reboot.rebooted + description: true if the machine was rebooted + type: boolean + - contextPath: Linux.Reboot.elapsed + description: The number of seconds that elapsed waiting for the system to be + rebooted. + type: number + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the boolean to configure. + name: name + required: true + - defaultValue: 'no' + description: Set to `yes` if the boolean setting should survive a reboot. + name: persistent + - description: Desired boolean value + name: state + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Useful for scenarios (chrooted environment) that you can't get + the real SELinux state. + name: ignore_selinux_state + predefined: + - 'Yes' + - 'No' + description: "Toggles SELinux booleans\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/seboolean_module.html" + name: linux-seboolean + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Target path (expression). + name: target + required: true + - auto: PREDEFINED + defaultValue: a + description: 'The file type that should have SELinux contexts applied. The following + file type options are available: `a` for all files, `b` for block devices, + `c` for character devices, `d` for directories, `f` for regular files, `l` + for symbolic links, `p` for named pipes, `s` for socket files.' + name: ftype + predefined: + - a + - b + - c + - d + - f + - l + - p + - s + - description: SELinux type for the specified target. + name: setype + required: true + - description: SELinux user for the specified target. + name: seuser + - description: SELinux range for the specified target. + name: selevel + - auto: PREDEFINED + defaultValue: present + description: Whether the SELinux file context must be `absent` or `present`. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Reload SELinux policy after commit. Note that this does not apply + SELinux file contexts to existing files.' + name: reload + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Useful for scenarios (chrooted environment) that you can't get + the real SELinux state. + name: ignore_selinux_state + predefined: + - 'Yes' + - 'No' + description: "Manages SELinux file context mapping definitions\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/sefcontext_module.html" + name: linux-sefcontext + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of the SELinux policy to use (e.g. `targeted`) will be + required if state is not `disabled`. + name: policy + - auto: PREDEFINED + description: The SELinux mode. + name: state + predefined: + - disabled + - enforcing + - permissive + required: true + - defaultValue: /etc/selinux/config + description: The path to the SELinux configuration file, if non-standard. + name: configfile + description: "Change policy and state of SELinux\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/selinux_module.html" + name: linux-selinux + outputs: + - contextPath: Linux.Selinux.msg + description: Messages that describe changes that were made. + type: string + - contextPath: Linux.Selinux.configfile + description: Path to SELinux configuration file. + type: string + - contextPath: Linux.Selinux.policy + description: Name of the SELinux policy. + type: string + - contextPath: Linux.Selinux.state + description: SELinux mode. + type: string + - contextPath: Linux.Selinux.reboot_required + description: Whether or not an reboot is required for the changes to take effect. + type: boolean + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '' + description: The domain that will be added or removed from the list of permissive + domains. + name: domain + required: true + - description: Indicate if the domain should or should not be set as permissive. + name: permissive + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'Disable reloading of the SELinux policy after making change to + a domain''s permissive setting. The default is `no`, which causes policy to + be reloaded when a domain changes state. Reloading the policy does not work + on older versions of the `policycoreutils-python` library, for example in + EL 6."' + name: no_reload + predefined: + - 'Yes' + - 'No' + - description: Name of the SELinux policy store to use. + name: store + description: "Change permissive domain in SELinux policy\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/selinux_permissive_module.html" + name: linux-selinux-permissive + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: a Linux user + name: login + required: true + - description: SELinux user name + name: seuser + required: true + - defaultValue: s0 + description: MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for + SELinux login mapping defaults to the SELinux user record range. + name: selevel + - auto: PREDEFINED + defaultValue: present + description: Desired mapping value. + name: state + predefined: + - present + - absent + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: Reload SELinux policy after commit. + name: reload + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Run independent of selinux runtime state + name: ignore_selinux_state + predefined: + - 'Yes' + - 'No' + description: "Manages linux user to SELinux user mapping\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/selogin_module.html" + name: linux-selogin + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Ports or port ranges. Can be a list (since 2.6) or comma separated + string.' + isArray: true + name: ports + required: true + - auto: PREDEFINED + description: Protocol for the specified port. + name: proto + predefined: + - tcp + - udp + required: true + - description: SELinux type for the specified port. + name: setype + required: true + - auto: PREDEFINED + defaultValue: present + description: Desired boolean value. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'Yes' + description: Reload SELinux policy after commit. + name: reload + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Run independent of selinux runtime state + name: ignore_selinux_state + predefined: + - 'Yes' + - 'No' + description: "Manages SELinux network port type definitions\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/seport_module.html" + name: linux-seport + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the service. + name: name + required: true + - auto: PREDEFINED + description: '`started`/`stopped` are idempotent actions that will not run commands + unless necessary. `restarted` will always bounce the service. `reloaded` will + always reload. `At least one of state and enabled are required.` Note that + reloaded will start the service if it is not already started, even if your + chosen init system wouldn''t normally.' + name: state + predefined: + - reloaded + - restarted + - started + - stopped + - description: 'If the service is being `restarted` then sleep this many seconds + between the stop and start command. This helps to work around badly-behaving + init scripts that exit immediately after signaling a process to stop. Not + all service managers support sleep, i.e when using systemd this setting will + be ignored.' + name: sleep + - description: 'If the service does not respond to the status command, name a + substring to look for as would be found in the output of the `ps` command + as a stand-in for a status result. If the string is found, the service will + be assumed to be started.' + name: pattern + - description: 'Whether the service should start on boot. `At least one of state + and enabled are required.`' + name: enabled + - defaultValue: default + description: 'For OpenRC init scripts (e.g. Gentoo) only. The runlevel that + this service belongs to.' + name: runlevel + - description: Additional arguments provided on the command line. + name: arguments + - defaultValue: auto + description: 'The service module actually uses system specific modules, normally + through auto detection, this setting can force a specific module. Normally + it uses the value of the ''ansible_service_mgr'' fact and falls back to the + old ''service'' module when none matching is found.' + name: use + description: "Manage services\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/service_module.html" + name: linux-service + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + description: "Return service state information as fact data\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/service_facts_module.html" + name: linux-service-facts + outputs: + - contextPath: Linux.ServiceFacts.ansible_facts + description: Facts to add to ansible_facts about the services on the system + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: all + description: 'If supplied, restrict the additional facts collected to the given + subset. Possible values: `all`, `min`, `hardware`, `network`, `virtual`, `ohai`, + and `facter`. Can specify a list of values to specify a larger subset. Values + can also be used with an initial `!` to specify that that specific subset + should not be collected. For instance: `!hardware,!network,!virtual,!ohai,!facter`. + If `!all` is specified then only the min subset is collected. To avoid collecting + even the min subset, specify `!all,!min`. To collect only specific facts, + use `!all,!min`, and specify the particular fact subsets. Use the filter parameter + if you do not want to display some collected facts.' + name: gather_subset + - defaultValue: '10' + description: Set the default timeout in seconds for individual fact gathering. + name: gather_timeout + - defaultValue: '*' + description: If supplied, only return facts that match this shell-style (fnmatch) + wildcard. + name: filter + - defaultValue: /etc/ansible/facts.d + description: Path used for local ansible facts (`*.fact`) - files in this dir + will be run (if executable) and their results be added to `ansible_local` + facts if a file is not executable it is read. Check notes for Windows options. + (from 2.1 on) File/results format can be JSON or INI-format. The default `fact_path` + can be specified in `ansible.cfg` for when setup is automatically called as + part of `gather_facts`. + name: fact_path + description: "Gathers facts about remote hosts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/setup_module.html" + name: linux-setup + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The dot-separated path (aka `key`) specifying the sysctl variable. + name: name + required: true + - description: Desired value of the sysctl key. + name: value + - auto: PREDEFINED + defaultValue: present + description: Whether the entry should be present or absent in the sysctl file. + name: state + predefined: + - present + - absent + - defaultValue: 'no' + description: Use this option to ignore errors about unknown keys. + name: ignoreerrors + - defaultValue: 'yes' + description: If `yes`, performs a `/sbin/sysctl -p` if the `sysctl_file` is + updated. If `no`, does not reload `sysctl` even if the `sysctl_file` is updated. + name: reload + - defaultValue: /etc/sysctl.conf + description: Specifies the absolute path to `sysctl.conf`, if not `/etc/sysctl.conf`. + name: sysctl_file + - defaultValue: 'no' + description: Verify token value with the sysctl command and set with -w if necessary + name: sysctl_set + description: "Manage entries in sysctl.conf.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/sysctl_module.html" + name: linux-sysctl + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Name of the service. This parameter takes the name of exactly + one service to work with. When using in a chroot environment you always need + to specify the full name i.e. (crond.service).' + name: name + - auto: PREDEFINED + description: '`started`/`stopped` are idempotent actions that will not run commands + unless necessary. `restarted` will always bounce the service. `reloaded` will + always reload.' + name: state + predefined: + - reloaded + - restarted + - started + - stopped + - description: Whether the service should start on boot. `At least one of state + and enabled are required.` + name: enabled + - description: Whether to override existing symlinks. + name: force + - description: Whether the unit should be masked or not, a masked unit is impossible + to start. + name: masked + - auto: PREDEFINED + defaultValue: 'No' + description: 'Run daemon-reload before doing any other operations, to make sure + systemd has read any changes. When set to `yes`, runs daemon-reload even if + the module does not start or stop anything.' + name: daemon_reload + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Run daemon_reexec command before doing any other operations, the + systemd manager will serialize the manager state. + name: daemon_reexec + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: '(deprecated) run ``systemctl`` talking to the service manager + of the calling user, rather than the service manager of the system. This option + is deprecated and will eventually be removed in 2.11. The ``scope`` option + should be used instead.' + name: user + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: 'run systemctl within a given service manager scope, either as + the default system scope (system), the current user''s scope (user), or the + scope of all users (global). For systemd to work with ''user'', the executing + user must have its own instance of dbus started (systemd requirement). The + user dbus process is normally started during normal login, but not during + the run of Ansible tasks. Otherwise you will probably get a ''Failed to connect + to bus: no such file or directory'' error.' + name: scope + predefined: + - system + - user + - global + - auto: PREDEFINED + defaultValue: 'No' + description: Do not synchronously wait for the requested operation to finish. + Enqueued job will continue without Ansible blocking on its completion. + name: no_block + predefined: + - 'Yes' + - 'No' + description: "Manage services\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/systemd_module.html" + name: linux-systemd + outputs: + - contextPath: Linux.Systemd.status + description: A dictionary with the key=value pairs returned from `systemctl + show` + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the service. + name: name + required: true + - auto: PREDEFINED + description: '`started`/`stopped` are idempotent actions that will not run commands + unless necessary. Not all init scripts support `restarted` nor `reloaded` + natively, so these will both trigger a stop and start as needed.' + name: state + predefined: + - started + - stopped + - restarted + - reloaded + - description: Whether the service should start on boot. `At least one of state + and enabled are required.` + name: enabled + - defaultValue: '1' + description: If the service is being `restarted` or `reloaded` then sleep this + many seconds between the stop and start command. This helps to workaround + badly behaving services. + name: sleep + - description: 'A substring to look for as would be found in the output of the + `ps` command as a stand-in for a status result. If the string is found, the + service will be assumed to be running. This option is mainly for use with + init scripts that don''t support the ''status'' option.' + name: pattern + - description: 'The runlevels this script should be enabled/disabled from. Use + this to override the defaults set by the package or init script itself.' + name: runlevels + - description: Additional arguments provided on the command line that some init + scripts accept. + name: arguments + - auto: PREDEFINED + defaultValue: 'No' + description: 'Have the module daemonize as the service itself might not do so + properly. This is useful with badly written init scripts or daemons, which + commonly manifests as the task hanging as it is still holding the tty or the + service dying when the task is over as the connection closes the session.' + name: daemonize + predefined: + - 'Yes' + - 'No' + description: "Manage SysV services.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/sysvinit_module.html" + name: linux-sysvinit + outputs: + - contextPath: Linux.Sysvinit.results + description: results from actions taken + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Name of the timezone for the system clock. Default is to keep + current setting. `At least one of name and hwclock are required.`' + name: name + - auto: PREDEFINED + description: 'Whether the hardware clock is in UTC or in local timezone. Default + is to keep current setting. Note that this option is recommended not to change + and may fail to configure, especially on virtual environments such as AWS. + `At least one of name and hwclock are required.` `Only used on Linux.`' + name: hwclock + predefined: + - local + - UTC + description: "Configure timezone setting\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/timezone_module.html" + name: linux-timezone + outputs: + - contextPath: Linux.Timezone.diff + description: The differences about the given arguments. + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: '`enabled` reloads firewall and enables firewall on boot. `disabled` + unloads firewall and disables firewall on boot. `reloaded` reloads firewall. + `reset` disables and resets firewall to installation defaults.' + name: state + predefined: + - disabled + - enabled + - reloaded + - reset + - auto: PREDEFINED + description: Change the default policy for incoming or outgoing traffic. + name: default + predefined: + - allow + - deny + - reject + - auto: PREDEFINED + description: Select direction for a rule or default policy command. + name: direction + predefined: + - in + - incoming + - out + - outgoing + - routed + - auto: PREDEFINED + description: Toggles logging. Logged packets use the LOG_KERN syslog facility. + name: logging + predefined: + - 'on' + - 'off' + - low + - medium + - high + - full + - description: 'Insert the corresponding rule as rule number NUM. Note that ufw + numbers rules starting with 1.' + name: insert + - auto: PREDEFINED + defaultValue: zero + description: 'Allows to interpret the index in `insert` relative to a position. + `zero` interprets the rule number as an absolute index (i.e. 1 is the first + rule). `first-ipv4` interprets the rule number relative to the index of the + first IPv4 rule, or relative to the position where the first IPv4 rule would + be if there is currently none. `last-ipv4` interprets the rule number relative + to the index of the last IPv4 rule, or relative to the position where the + last IPv4 rule would be if there is currently none. `first-ipv6` interprets + the rule number relative to the index of the first IPv6 rule, or relative + to the position where the first IPv6 rule would be if there is currently none. + `last-ipv6` interprets the rule number relative to the index of the last IPv6 + rule, or relative to the position where the last IPv6 rule would be if there + is currently none.' + name: insert_relative_to + predefined: + - first-ipv4 + - first-ipv6 + - last-ipv4 + - last-ipv6 + - zero + - auto: PREDEFINED + description: Add firewall rule + name: rule + predefined: + - allow + - deny + - limit + - reject + - description: Log new connections matched to this rule + name: log + - defaultValue: any + description: Source IP address. + name: from_ip + - description: Source port. + name: from_port + - defaultValue: any + description: Destination IP address. + name: to_ip + - description: Destination port. + name: to_port + - auto: PREDEFINED + description: TCP/IP protocol. + name: proto + predefined: + - any + - tcp + - udp + - ipv6 + - esp + - ah + - gre + - igmp + - description: Use profile located in `/etc/ufw/applications.d`. + name: name + - description: Delete rule. + name: delete + - description: Specify interface for rule. + name: interface + - description: Apply the rule to routed/forwarded packets. + name: route + - description: Add a comment to the rule. Requires UFW version >=0.35. + name: comment + description: "Manage firewall with UFW\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ufw_module.html" + name: linux-ufw + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the user to create, remove or modify. + name: name + required: true + - description: Optionally sets the `UID` of the user. + name: uid + - description: Optionally sets the description (aka `GECOS`) of user account. + name: comment + - description: 'macOS only, optionally hide the user from the login window and + system preferences. The default will be `yes` if the `system` option is used.' + name: hidden + - auto: PREDEFINED + defaultValue: 'No' + description: Optionally when used with the -u option, this option allows to + change the user ID to a non-unique value. + name: non_unique + predefined: + - 'Yes' + - 'No' + - description: Optionally sets the seuser type (user_u) on selinux enabled systems. + name: seuser + - description: Optionally sets the user's primary group (takes a group name). + name: group + - description: 'List of groups user will be added to. When set to an empty string + `''''`, the user is removed from all groups except the primary group. Before + Ansible 2.3, the only input format allowed was a comma separated string. Mutually + exclusive with `local`' + isArray: true + name: groups + - auto: PREDEFINED + defaultValue: 'No' + description: 'If `yes`, add the user to the groups specified in `groups`. If + `no`, user will only be added to the groups specified in `groups`, removing + them from all other groups. Mutually exclusive with `local`' + name: append + predefined: + - 'Yes' + - 'No' + - description: 'Optionally set the user''s shell. On macOS, before Ansible 2.5, + the default shell for non-system users was `/usr/bin/false`. Since Ansible + 2.5, the default shell for non-system users on macOS is `/bin/bash`. On other + operating systems, the default shell is determined by the underlying tool + being used. See Notes for details.' + name: shell + - description: Optionally set the user's home directory. + name: home + - description: 'Optionally set a home skeleton directory. Requires `create_home` + option!' + name: skeleton + - description: 'Optionally set the user''s password to this crypted value. On + macOS systems, this value has to be cleartext. Beware of security issues. + To create a disabled account on Linux systems, set this to `''!''` or `''*''`. + To create a disabled account on OpenBSD, set this to `''*************''`. + See `https://docs.ansible.com/ansible/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module` + for details on various ways to generate these password values.' + name: password + - auto: PREDEFINED + defaultValue: present + description: Whether the account should exist or not, taking action if the state + is different from what is stated. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Unless set to `no`, a home directory will be made for the user + when the account is created or if the home directory does not exist. Changed + from `createhome` to `create_home` in Ansible 2.5.' + name: create_home + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `yes` when used with `home: `, attempt to move the user''s + old home directory to the specified directory if it isn''t there already and + the old home exists.' + name: move_home + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'When creating an account `state=present`, setting this to `yes` + makes the user a system account. This setting cannot be changed on existing + users.' + name: system + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'This only affects `state=absent`, it forces removal of the user + and associated directories on supported platforms. The behavior is the same + as `userdel --force`, check the man page for `userdel` on your system for + details and support. When used with `generate_ssh_key=yes` this forces an + existing key to be overwritten.' + name: force + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'This only affects `state=absent`, it attempts to remove directories + associated with the user. The behavior is the same as `userdel --remove`, + check the man page for details and support.' + name: remove + predefined: + - 'Yes' + - 'No' + - description: Optionally sets the user's login class, a feature of most BSD OSs. + name: login_class + - auto: PREDEFINED + defaultValue: 'No' + description: 'Whether to generate a SSH key for the user in question. This will + `not` overwrite an existing SSH key unless used with `force=yes`.' + name: generate_ssh_key + predefined: + - 'Yes' + - 'No' + - defaultValue: default set by ssh-keygen + description: Optionally specify number of bits in SSH key to create. + name: ssh_key_bits + - defaultValue: rsa + description: 'Optionally specify the type of SSH key to generate. Available + SSH key types will depend on implementation present on target host.' + name: ssh_key_type + - description: 'Optionally specify the SSH key filename. If this is a relative + filename then it will be relative to the user''s home directory. This parameter + defaults to `.ssh/id_rsa`.' + name: ssh_key_file + - defaultValue: ansible-generated on $HOSTNAME + description: Optionally define the comment for the SSH key. + name: ssh_key_comment + - description: 'Set a passphrase for the SSH key. If no passphrase is provided, + the SSH key will default to having no passphrase.' + name: ssh_key_passphrase + - auto: PREDEFINED + defaultValue: always + description: '`always` will update passwords if they differ. `on_create` will + only set the password for newly created users.' + name: update_password + predefined: + - always + - on_create + - description: 'An expiry time for the user in epoch, it will be ignored on platforms + that do not support this. Currently supported on GNU/Linux, FreeBSD, and DragonFlyBSD. + Since Ansible 2.6 you can remove the expiry time specify a negative value. + Currently supported on GNU/Linux and FreeBSD.' + name: expires + - description: 'Lock the password (`usermod -L`, `usermod -U`, `pw lock`). Implementation + differs by platform. This option does not always mean the user cannot login + using other methods. This option does not disable the user, only lock the + password. This must be set to `False` in order to unlock a currently locked + password. The absence of this parameter will not unlock a password. Currently + supported on Linux, FreeBSD, DragonFlyBSD, NetBSD, OpenBSD.' + name: password_lock + - auto: PREDEFINED + defaultValue: 'No' + description: 'Forces the use of "local" command alternatives on platforms that + implement it. This is useful in environments that use centralized authentification + when you want to manipulate the local users (i.e. it uses `luseradd` instead + of `useradd`). This will check `/etc/passwd` for an existing account before + invoking commands. If the local account database exists somewhere other than + `/etc/passwd`, this setting will not work properly. This requires that the + above commands as well as `/etc/passwd` must exist on the target host, otherwise + it will be a fatal error. Mutually exclusive with `groups` and `append`' + name: local + predefined: + - 'Yes' + - 'No' + - description: 'Sets the profile of the user. Does nothing when used with other + platforms. Can set multiple profiles using comma separation. To delete all + the profiles, use `profile=''''`. Currently supported on Illumos/Solaris.' + name: profile + - description: 'Sets the authorization of the user. Does nothing when used with + other platforms. Can set multiple authorizations using comma separation. To + delete all authorizations, use `authorization=''''`. Currently supported on + Illumos/Solaris.' + name: authorization + - description: 'Sets the role of the user. Does nothing when used with other platforms. + Can set multiple roles using comma separation. To delete all roles, use `role=''''`. + Currently supported on Illumos/Solaris.' + name: role + description: "Manage user accounts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/user_module.html" + name: linux-user + outputs: + - contextPath: Linux.User.append + description: Whether or not to append the user to groups + type: boolean + - contextPath: Linux.User.comment + description: Comment section from passwd file, usually the user name + type: string + - contextPath: Linux.User.create_home + description: Whether or not to create the home directory + type: boolean + - contextPath: Linux.User.force + description: Whether or not a user account was forcibly deleted + type: boolean + - contextPath: Linux.User.group + description: Primary user group ID + type: number + - contextPath: Linux.User.groups + description: List of groups of which the user is a member + type: string + - contextPath: Linux.User.home + description: Path to user's home directory + type: string + - contextPath: Linux.User.move_home + description: Whether or not to move an existing home directory + type: boolean + - contextPath: Linux.User.name + description: User account name + type: string + - contextPath: Linux.User.password + description: Masked value of the password + type: string + - contextPath: Linux.User.remove + description: Whether or not to remove the user account + type: boolean + - contextPath: Linux.User.shell + description: User login shell + type: string + - contextPath: Linux.User.ssh_fingerprint + description: Fingerprint of generated SSH key + type: string + - contextPath: Linux.User.ssh_key_file + description: Path to generated SSH private key file + type: string + - contextPath: Linux.User.ssh_public_key + description: Generated SSH public key file + type: string + - contextPath: Linux.User.stderr + description: Standard error from running commands + type: string + - contextPath: Linux.User.stdout + description: Standard output from running commands + type: string + - contextPath: Linux.User.system + description: Whether or not the account is a system account + type: boolean + - contextPath: Linux.User.uid + description: User ID of the user account + type: number + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: The XFS quota type. + name: type + predefined: + - user + - group + - project + required: true + - description: The name of the user, group or project to apply the quota to, if + other than default. + name: name + - description: The mount point on which to apply the quotas. + name: mountpoint + required: true + - description: 'Hard blocks quota limit. This argument supports human readable + sizes.' + name: bhard + - description: 'Soft blocks quota limit. This argument supports human readable + sizes.' + name: bsoft + - description: Hard inodes quota limit. + name: ihard + - description: Soft inodes quota limit. + name: isoft + - description: 'Hard realtime blocks quota limit. This argument supports human + readable sizes.' + name: rtbhard + - description: 'Soft realtime blocks quota limit. This argument supports human + readable sizes.' + name: rtbsoft + - auto: PREDEFINED + defaultValue: present + description: 'Whether to apply the limits or remove them. When removing limit, + they are set to 0, and not quite removed.' + name: state + predefined: + - present + - absent + description: "Manage quotas on XFS filesystems\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/xfs_quota_module.html" + name: linux-xfs-quota + outputs: + - contextPath: Linux.XfsQuota.bhard + description: the current bhard setting in bytes + type: number + - contextPath: Linux.XfsQuota.bsoft + description: the current bsoft setting in bytes + type: number + - contextPath: Linux.XfsQuota.ihard + description: the current ihard setting in bytes + type: number + - contextPath: Linux.XfsQuota.isoft + description: the current isoft setting in bytes + type: number + - contextPath: Linux.XfsQuota.rtbhard + description: the current rtbhard setting in bytes + type: number + - contextPath: Linux.XfsQuota.rtbsoft + description: the current rtbsoft setting in bytes + type: number + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Path to the file that contains the usernames and passwords + name: path + required: true + - description: User name to add or remove + name: name + required: true + - description: 'Password associated with user. Must be specified if user does + not exist yet.' + name: password + - auto: PREDEFINED + defaultValue: apr_md5_crypt + description: Encryption scheme to be used. As well as the four choices listed + here, you can also use any other hash supported by passlib, such as md5_crypt + and sha256_crypt, which are linux passwd hashes. If you do so the password + file will not be compatible with Apache or Nginx + name: crypt_scheme + predefined: + - apr_md5_crypt + - des_crypt + - ldap_sha1 + - plaintext + - auto: PREDEFINED + defaultValue: present + description: Whether the user entry should be present or not + name: state + predefined: + - present + - absent + - defaultValue: 'yes' + description: Used with `state=present`. If specified, the file will be created + if it does not already exist. If set to "no", will fail if the file does not + exist + name: create + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "manage user files for basic authentication\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/htpasswd_module.html" + name: linux-htpasswd + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of the supervisord program or group to manage. The name + will be taken as group name when it ends with a colon `:` Group support is + only available in Ansible version 1.6 or later.' + name: name + required: true + - description: The supervisor configuration file path + name: config + - description: URL on which supervisord server is listening + name: server_url + - description: username to use for authentication + name: username + - description: password to use for authentication + name: password + - auto: PREDEFINED + description: The desired state of program/group. + name: state + predefined: + - present + - started + - stopped + - restarted + - absent + - signalled + required: true + - description: The signal to send to the program/group, when combined with the + 'signalled' state. Required when l(state=signalled). + name: signal + - description: path to supervisorctl executable + name: supervisorctl_path + description: "Manage the state of a program or group of programs running via supervisord\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/supervisorctl_module.html" + name: linux-supervisorctl + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the host or user certificate should exist or not, taking + action if the state is different from what is stated. + name: state + predefined: + - present + - absent + - auto: PREDEFINED + description: 'Whether the module should generate a host or a user certificate. + Required if `state` is `present`.' + name: type + predefined: + - host + - user + - auto: PREDEFINED + defaultValue: 'No' + description: Should the certificate be regenerated even if it already exists + and is valid. + name: force + predefined: + - 'Yes' + - 'No' + - description: Path of the file containing the certificate. + name: path + required: true + - description: 'The path to the private openssh key that is used for signing the + public key in order to generate the certificate. Required if `state` is `present`.' + name: signing_key + - description: 'The path to the public key that will be signed with the signing + key in order to generate the certificate. Required if `state` is `present`.' + name: public_key + - description: 'The point in time the certificate is valid from. Time can be specified + either as relative time or as absolute timestamp. Time will always be interpreted + as UTC. Valid formats are: `[+-]timespec | YYYY-MM-DD | YYYY-MM-DDTHH:MM:SS + | YYYY-MM-DD HH:MM:SS | always` where timespec can be an integer + `[w | d + | h | m | s]` (e.g. `+32w1d2h`. Note that if using relative time this module + is NOT idempotent. Required if `state` is `present`.' + name: valid_from + - description: 'The point in time the certificate is valid to. Time can be specified + either as relative time or as absolute timestamp. Time will always be interpreted + as UTC. Valid formats are: `[+-]timespec | YYYY-MM-DD | YYYY-MM-DDTHH:MM:SS + | YYYY-MM-DD HH:MM:SS | forever` where timespec can be an integer + `[w | + d | h | m | s]` (e.g. `+32w1d2h`. Note that if using relative time this module + is NOT idempotent. Required if `state` is `present`.' + name: valid_to + - description: Check if the certificate is valid at a certain point in time. If + it is not the certificate will be regenerated. Time will always be interpreted + as UTC. Mainly to be used with relative timespec for `valid_from` and / or + `valid_to`. Note that if using relative time this module is NOT idempotent. + name: valid_at + - description: Certificates may be limited to be valid for a set of principal + (user/host) names. By default, generated certificates are valid for all users + or hosts. + isArray: true + name: principals + - description: 'Specify certificate options when signing a key. The option that + are valid for user certificates are: `clear`: Clear all enabled permissions. This + is useful for clearing the default set of permissions so permissions may be + added individually. `force-command=command`: Forces the execution of command + instead of any shell or command specified by the user when the certificate + is used for authentication. `no-agent-forwarding`: Disable ssh-agent forwarding + (permitted by default). `no-port-forwarding`: Disable port forwarding (permitted + by default). `no-pty Disable`: PTY allocation (permitted by default). `no-user-rc`: + Disable execution of `~/.ssh/rc` by sshd (permitted by default). `no-x11-forwarding`: + Disable X11 forwarding (permitted by default) `permit-agent-forwarding`: Allows + ssh-agent forwarding. `permit-port-forwarding`: Allows port forwarding. `permit-pty`: + Allows PTY allocation. `permit-user-rc`: Allows execution of `~/.ssh/rc` by + sshd. `permit-x11-forwarding`: Allows X11 forwarding. `source-address=address_list`: + Restrict the source addresses from which the certificate is considered valid. + The `address_list` is a comma-separated list of one or more address/netmask + pairs in CIDR format. At present, no options are valid for host keys.' + isArray: true + name: options + - description: Specify the key identity when signing a public key. The identifier + that is logged by the server when the certificate is used for authentication. + name: identifier + - description: 'Specify the certificate serial number. The serial number is logged + by the server when the certificate is used for authentication. The certificate + serial number may be used in a KeyRevocationList. The serial number may be + omitted for checks, but must be specified again for a new certificate. Note: + The default value set by ssh-keygen is 0.' + name: serial_number + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate OpenSSH host or user certificates.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssh_cert_module.html" + name: linux-openssh-cert + outputs: + - contextPath: Linux.OpensshCert.type + description: type of the certificate (host or user) + type: string + - contextPath: Linux.OpensshCert.filename + description: path to the certificate + type: string + - contextPath: Linux.OpensshCert.info + description: Information about the certificate. Output of `ssh-keygen -L -f`. + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the private and public keys should exist or not, taking + action if the state is different from what is stated. + name: state + predefined: + - present + - absent + - description: 'Specifies the number of bits in the private key to create. For + RSA keys, the minimum size is 1024 bits and the default is 4096 bits. Generally, + 2048 bits is considered sufficient. DSA keys must be exactly 1024 bits as + specified by FIPS 186-2. For ECDSA keys, size determines the key length by + selecting from one of three elliptic curve sizes: 256, 384 or 521 bits. Attempting + to use bit lengths other than these three values for ECDSA keys will cause + this module to fail. Ed25519 keys have a fixed length and the size will be + ignored.' + name: size + - auto: PREDEFINED + defaultValue: rsa + description: The algorithm used to generate the SSH private key. `rsa1` is for + protocol version 1. `rsa1` is deprecated and may not be supported by every + version of ssh-keygen. + name: type + predefined: + - rsa + - dsa + - rsa1 + - ecdsa + - ed25519 + - auto: PREDEFINED + defaultValue: 'No' + description: Should the key be regenerated even if it already exists + name: force + predefined: + - 'Yes' + - 'No' + - description: Name of the files containing the public and private key. The file + containing the public key will have the extension `.pub`. + name: path + required: true + - description: Provides a new comment to the public key. When checking if the + key is in the correct state this will be ignored. + name: comment + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate OpenSSH private and public keys.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssh_keypair_module.html" + name: linux-openssh-keypair + outputs: + - contextPath: Linux.OpensshKeypair.size + description: Size (in bits) of the SSH private key + type: number + - contextPath: Linux.OpensshKeypair.type + description: Algorithm used to generate the SSH private key + type: string + - contextPath: Linux.OpensshKeypair.filename + description: Path to the generated SSH private key file + type: string + - contextPath: Linux.OpensshKeypair.fingerprint + description: The fingerprint of the key. + type: string + - contextPath: Linux.OpensshKeypair.public_key + description: The public key of the generated SSH private key + type: string + - contextPath: Linux.OpensshKeypair.comment + description: The comment of the generated key + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The full path of the file or object. + name: path + required: true + - auto: PREDEFINED + defaultValue: query + description: 'Define whether the ACL should be present or not. The `query` state + gets the current ACL without changing it, for use in `register` operations.' + name: state + predefined: + - absent + - present + - query + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether to follow symlinks on the path if a symlink is encountered. + name: follow + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If the target is a directory, setting this to `yes` will make + it the default ACL for entities created inside the directory. Setting `default` + to `yes` causes an error if the path is a file.' + name: default + predefined: + - 'Yes' + - 'No' + - description: The actual user or group that the ACL applies to when matching + entity types user or group are selected. + name: entity + - auto: PREDEFINED + description: The entity type of the ACL to apply, see `setfacl` documentation + for more info. + name: etype + predefined: + - group + - mask + - other + - user + - description: The permissions to apply/remove can be any combination of `r`, + `w` and `x` (read, write and execute respectively) + name: permissions + - description: 'DEPRECATED. The ACL to set or remove. This must always be quoted + in the form of `::`. The qualifier may be empty for + some types, but the type and perms are always required. `-` can be used as + placeholder when you do not care about permissions. This is now superseded + by entity, type and permissions fields.' + name: entry + - auto: PREDEFINED + defaultValue: 'No' + description: 'Recursively sets the specified ACL. Incompatible with `state=query`.' + name: recursive + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Use NFSv4 ACLs instead of POSIX ACLs. + name: use_nfsv4_acls + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: default + description: 'Select if and when to recalculate the effective right masks of + the files. See `setfacl` documentation for more info. Incompatible with `state=query`.' + name: recalculate_mask + predefined: + - default + - mask + - no_mask + description: "Set and retrieve file ACL information.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/acl_module.html" + name: linux-acl + outputs: + - contextPath: Linux.Acl.acl + description: Current ACL on provided path (after changes, if any) + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Remote absolute path, glob, or list of paths or globs for the file + or files to compress or archive. + isArray: true + name: path + required: true + - auto: PREDEFINED + defaultValue: gz + description: 'The type of compression to use. Support for xz was added in Ansible + 2.5.' + name: format + predefined: + - bz2 + - gz + - tar + - xz + - zip + - description: 'The file name of the destination archive. This is required when + `path` refers to multiple files by either specifying a glob, a directory or + multiple paths in a list.' + name: dest + - description: Remote absolute path, glob, or list of paths or globs for the file + or files to exclude from the archive. + isArray: true + name: exclude_path + - auto: PREDEFINED + defaultValue: 'No' + description: 'Allow you to force the module to treat this as an archive even + if only a single file is specified. By default behaviour is maintained. i.e + A when a single file is specified it is compressed only (not archived).' + name: force_archive + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Remove any added source files and trees after adding to archive. + name: remove + predefined: + - 'Yes' + - 'No' + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Creates a compressed archive of one or more files or trees\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/archive_module.html" + name: linux-archive + outputs: + - contextPath: Linux.Archive.state + description: The current state of the archived file. If 'absent', then no source + files were found and the archive does not exist. If 'compress', then the file + source file is in the compressed state. If 'archive', then the source file + or paths are currently archived. If 'incomplete', then an archive was created, + but not all source paths were found. + type: string + - contextPath: Linux.Archive.missing + description: Any files that were missing from the source. + type: unknown + - contextPath: Linux.Archive.archived + description: Any files that were compressed or added to the archive. + type: unknown + - contextPath: Linux.Archive.arcroot + description: The archive root. + type: string + - contextPath: Linux.Archive.expanded_paths + description: The list of matching paths from paths argument. + type: unknown + - contextPath: Linux.Archive.expanded_exclude_paths + description: The list of matching exclude paths from the exclude_path argument. + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: An already existing directory full of source files. + name: src + required: true + - description: A file to create using the concatenation of all of the source files. + name: dest + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file (if `yes`), including the timestamp information + so you can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + - description: A delimiter to separate the file contents. + name: delimiter + - auto: PREDEFINED + defaultValue: 'No' + description: 'If `no`, it will search for src at originating/master machine. + If `yes`, it will go to the remote/target machine for the src.' + name: remote_src + predefined: + - 'Yes' + - 'No' + - description: 'Assemble files only if `regex` matches the filename. If not set, + all files are assembled. Every "\" (backslash) must be escaped as "\\" to + comply to YAML syntax. Uses `Python regular expressions,http://docs.python.org/2/library/re.html`.' + name: regexp + - auto: PREDEFINED + defaultValue: 'No' + description: A boolean that controls if files that start with a '.' will be + included or not. + name: ignore_hidden + predefined: + - 'Yes' + - 'No' + - description: 'The validation command to run before copying into place. The path + to the file to validate is passed in via ''%s'' which must be present as in + the sshd example below. The command is passed securely so shell features like + expansion and pipes won''t work.' + name: validate + - auto: PREDEFINED + defaultValue: 'Yes' + description: This option controls the autodecryption of source files using vault. + name: decrypt + predefined: + - 'Yes' + - 'No' + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Assemble configuration files from fragments\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/assemble_module.html" + name: linux-assemble + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The file to modify. Before Ansible 2.3 this option was only usable + as `dest`, `destfile` and `name`.' + name: path + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the block should be there or not. + name: state + predefined: + - absent + - present + - defaultValue: '# {mark} ANSIBLE MANAGED BLOCK' + description: 'The marker line template. `{mark}` will be replaced with the values + `in marker_begin` (default="BEGIN") and `marker_end` (default="END"). Using + a custom marker without the `{mark}` variable may result in the block being + repeatedly inserted on subsequent playbook runs.' + name: marker + - defaultValue: '' + description: 'The text to insert inside the marker lines. If it is missing or + an empty string, the block will be removed as if `state` were specified to + `absent`.' + name: block + - auto: PREDEFINED + defaultValue: EOF + description: 'If specified, the block will be inserted after the last match + of specified regular expression. A special value is available; `EOF` for inserting + the block at the end of the file. If specified regular expression has no matches, + `EOF` will be used instead.' + name: insertafter + predefined: + - EOF + - '*regex*' + - auto: PREDEFINED + description: 'If specified, the block will be inserted before the last match + of specified regular expression. A special value is available; `BOF` for inserting + the block at the beginning of the file. If specified regular expression has + no matches, the block will be inserted at the end of the file.' + name: insertbefore + predefined: + - BOF + - '*regex*' + - auto: PREDEFINED + defaultValue: 'No' + description: Create a new file if it does not exist. + name: create + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + - defaultValue: BEGIN + description: This will be inserted at `{mark}` in the opening ansible block + marker. + name: marker_begin + - defaultValue: END + description: This will be inserted at `{mark}` in the closing ansible block + marker. + name: marker_end + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + - description: 'The validation command to run before copying into place. The path + to the file to validate is passed in via ''%s'' which must be present as in + the examples below. The command is passed securely so shell features like + expansion and pipes will not work.' + name: validate + description: "Insert/update/remove a text block surrounded by marker lines\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/blockinfile_module.html" + name: linux-blockinfile + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Path to the file being managed. + name: path + required: true + - auto: PREDEFINED + defaultValue: file + description: 'If `absent`, directories will be recursively deleted, and files + or symlinks will be unlinked. In the case of a directory, if `diff` is declared, + you will see the files and folders deleted listed under `path_contents`. Note + that `absent` will not cause `file` to fail if the `path` does not exist as + the state did not change. If `directory`, all intermediate subdirectories + will be created if they do not exist. Since Ansible 1.7 they will be created + with the supplied permissions. If `file`, without any other options this works + mostly as a ''stat'' and will return the current state of `path`. Even with + other options (i.e `mode`), the file will be modified but will NOT be created + if it does not exist; see the `touch` value or the `copy` or `template` module + if you want that behavior. If `hard`, the hard link will be created or changed. + If `link`, the symbolic link will be created or changed. If `touch` (new in + 1.4), an empty file will be created if the `path` does not exist, while an + existing file or directory will receive updated file access and modification + times (similar to the way `touch` works from the command line).' + name: state + predefined: + - absent + - directory + - file + - hard + - link + - touch + - description: 'Path of the file to link to. This applies only to `state=link` + and `state=hard`. For `state=link`, this will also accept a non-existing path. + Relative paths are relative to the file being created (`path`) which is how + the Unix command `ln -s SRC DEST` treats relative paths.' + name: src + - auto: PREDEFINED + defaultValue: 'No' + description: 'Recursively set the specified file attributes on directory contents. + This applies only when `state` is set to `directory`.' + name: recurse + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Force the creation of the symlinks in two cases: the source file + does not exist (but will appear later); the destination exists and is a file + (so, we need to unlink the `path` file and create symlink to the `src` file + in place of it).' + name: force + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'This flag indicates that filesystem links, if they exist, should + be followed. Previous to Ansible 2.5, this was `no` by default.' + name: follow + predefined: + - 'Yes' + - 'No' + - description: 'This parameter indicates the time the file''s modification time + should be set to. Should be `preserve` when no modification is required, `YYYYMMDDHHMM.SS` + when using default time format, or `now`. Default is None meaning that `preserve` + is the default for `state=[file,directory,link,hard]` and `now` is default + for `state=touch`.' + name: modification_time + - defaultValue: '%Y%m%d%H%M.%S' + description: 'When used with `modification_time`, indicates the time format + that must be used. Based on default Python format (see time.strftime doc).' + name: modification_time_format + - description: 'This parameter indicates the time the file''s access time should + be set to. Should be `preserve` when no modification is required, `YYYYMMDDHHMM.SS` + when using default time format, or `now`. Default is `None` meaning that `preserve` + is the default for `state=[file,directory,link,hard]` and `now` is default + for `state=touch`.' + name: access_time + - defaultValue: '%Y%m%d%H%M.%S' + description: 'When used with `access_time`, indicates the time format that must + be used. Based on default Python format (see time.strftime doc).' + name: access_time_format + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Manage files and file properties\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/file_module.html" + name: linux-file + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Select files whose age is equal to or greater than the specified + time. Use a negative age to find files equal to or less than the specified + time. You can choose seconds, minutes, hours, days, or weeks by specifying + the first letter of any of those words (e.g., "1w").' + name: age + - description: 'One or more (shell or regex) patterns, which type is controlled + by `use_regex` option. The patterns restrict the list of files to be returned + to those whose basenames match at least one of the patterns specified. Multiple + patterns can be specified using a list. The pattern is matched against the + file base name, excluding the directory. When using regexen, the pattern MUST + match the ENTIRE file name, not just parts of it. So if you are looking to + match all files ending in .default, you''d need to use ''.*\.default'' as + a regexp and not just ''\.default''. This parameter expects a list, which + can be either comma separated or YAML. If any of the patterns contain a comma, + make sure to put them in a list to avoid splitting the patterns in undesirable + ways. Defaults to ''*'' when `use_regex=False`, or ''.*'' when `use_regex=True`.' + isArray: true + name: patterns + - description: 'One or more (shell or regex) patterns, which type is controlled + by `use_regex` option. Items whose basenames match an `excludes` pattern are + culled from `patterns` matches. Multiple patterns can be specified using a + list.' + isArray: true + name: excludes + - description: A regular expression or pattern which should be matched against + the file content. + name: contains + - description: List of paths of directories to search. All paths must be fully + qualified. + isArray: true + name: paths + required: true + - auto: PREDEFINED + defaultValue: file + description: 'Type of file to select. The ''link'' and ''any'' choices were + added in Ansible 2.3.' + name: file_type + predefined: + - any + - directory + - file + - link + - auto: PREDEFINED + defaultValue: 'No' + description: If target is a directory, recursively descend into the directory + looking for files. + name: recurse + predefined: + - 'Yes' + - 'No' + - description: 'Select files whose size is equal to or greater than the specified + size. Use a negative size to find files equal to or less than the specified + size. Unqualified values are in bytes but b, k, m, g, and t can be appended + to specify bytes, kilobytes, megabytes, gigabytes, and terabytes, respectively. + Size is not evaluated for directories.' + name: size + - auto: PREDEFINED + defaultValue: mtime + description: Choose the file property against which we compare age. + name: age_stamp + predefined: + - atime + - ctime + - mtime + - auto: PREDEFINED + defaultValue: 'No' + description: Set this to `yes` to include hidden files, otherwise they will + be ignored. + name: hidden + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Set this to `yes` to follow symlinks in path for systems with python + 2.6+. + name: follow + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Set this to `yes` to retrieve a file's SHA1 checksum. + name: get_checksum + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If `no`, the patterns are file globs (shell). If `yes`, they are + python regexes.' + name: use_regex + predefined: + - 'Yes' + - 'No' + - description: 'Set the maximum number of levels to descend into. Setting recurse + to `no` will override this value, which is effectively depth 1. Default is + unlimited depth.' + name: depth + description: "Return a list of files based on specific criteria\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/find_module.html" + name: linux-find + outputs: + - contextPath: Linux.Find.files + description: All matches found with the specified criteria (see stat module + for full output of each dictionary) + type: unknown + - contextPath: Linux.Find.matched + description: Number of matches + type: number + - contextPath: Linux.Find.examined + description: Number of filesystem objects looked at + type: number + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Path to the INI-style file; this file is created if required. + Before Ansible 2.3 this option was only usable as `dest`.' + name: path + required: true + - description: 'Section name in INI file. This is added if `state=present` automatically + when a single value is being set. If left empty or set to `null`, the `option` + will be placed before the first `section`. Using `null` is also required if + the config format does not support sections.' + name: section + required: true + - description: 'If set (required for changing a `value`), this is the name of + the option. May be omitted if adding/removing a whole `section`.' + name: option + - description: 'The string value to be associated with an `option`. May be omitted + when removing an `option`.' + name: value + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: If set to `absent` the option or section will be removed if present + instead of created. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: Do not insert spaces before and after '=' symbol. + name: no_extra_spaces + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If set to `no`, the module will fail if the file does not already + exist. By default it will create the file if it is missing.' + name: create + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Allow option without value and without '=' symbol. + name: allow_no_value + predefined: + - 'Yes' + - 'No' + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Tweak settings in INI files\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/ini_file_module.html" + name: linux-ini-file + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The ISO image to extract files from. + name: image + required: true + - description: The destination directory to extract files to. + name: dest + required: true + - description: 'A list of files to extract from the image. Extracting directories + does not work.' + isArray: true + name: files + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If `yes`, which will replace the remote file when contents are + different than the source. If `no`, the file will only be extracted and copied + if the destination does not already exist. Alias `thirsty` has been deprecated + and will be removed in 2.13.' + name: force + predefined: + - 'Yes' + - 'No' + - defaultValue: 7z + description: The path to the `7z` executable to use for extracting files from + the ISO. + name: executable + description: "Extract files from an ISO image\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/iso_extract_module.html" + name: linux-iso-extract + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The file to modify. Before Ansible 2.3 this option was only usable + as `dest`, `destfile` and `name`.' + name: path + required: true + - description: 'The regular expression to look for in every line of the file. + For `state=present`, the pattern to replace if found. Only the last line found + will be replaced. For `state=absent`, the pattern of the line(s) to remove. + If the regular expression is not matched, the line will be added to the file + in keeping with `insertbefore` or `insertafter` settings. When modifying a + line the regexp should typically match both the initial state of the line + as well as its state after replacement by `line` to ensure idempotence. Uses + Python regular expressions. See `http://docs.python.org/2/library/re.html`.' + name: regexp + - auto: PREDEFINED + defaultValue: present + description: Whether the line should be there or not. + name: state + predefined: + - absent + - present + - description: 'The line to insert/replace into the file. Required for `state=present`. + If `backrefs` is set, may contain backreferences that will get expanded with + the `regexp` capture groups if the regexp matches.' + name: line + - auto: PREDEFINED + defaultValue: 'No' + description: 'Used with `state=present`. If set, `line` can contain backreferences + (both positional and named) that will get populated if the `regexp` matches. + This parameter changes the operation of the module slightly; `insertbefore` + and `insertafter` will be ignored, and if the `regexp` does not match anywhere + in the file, the file will be left unchanged. If the `regexp` does match, + the last matching line will be replaced by the expanded line parameter.' + name: backrefs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: EOF + description: 'Used with `state=present`. If specified, the line will be inserted + after the last match of specified regular expression. If the first match is + required, use(firstmatch=yes). A special value is available; `EOF` for inserting + the line at the end of the file. If specified regular expression has no matches, + EOF will be used instead. If `insertbefore` is set, default value `EOF` will + be ignored. If regular expressions are passed to both `regexp` and `insertafter`, + `insertafter` is only honored if no match for `regexp` is found. May not be + used with `backrefs` or `insertbefore`.' + name: insertafter + predefined: + - EOF + - '*regex*' + - auto: PREDEFINED + description: 'Used with `state=present`. If specified, the line will be inserted + before the last match of specified regular expression. If the first match + is required, use `firstmatch=yes`. A value is available; `BOF` for inserting + the line at the beginning of the file. If specified regular expression has + no matches, the line will be inserted at the end of the file. If regular expressions + are passed to both `regexp` and `insertbefore`, `insertbefore` is only honored + if no match for `regexp` is found. May not be used with `backrefs` or `insertafter`.' + name: insertbefore + predefined: + - BOF + - '*regex*' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Used with `state=present`. If specified, the file will be created + if it does not already exist. By default it will fail if the file is missing.' + name: create + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Used with `insertafter` or `insertbefore`. If set, `insertafter` + and `insertbefore` will work with the first line that matches the given regular + expression.' + name: firstmatch + predefined: + - 'Yes' + - 'No' + - description: All arguments accepted by the `file` module also work here. + name: others + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + - description: 'The validation command to run before copying into place. The path + to the file to validate is passed in via ''%s'' which must be present as in + the examples below. The command is passed securely so shell features like + expansion and pipes will not work.' + name: validate + description: "Manage lines in text files\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/lineinfile_module.html" + name: linux-lineinfile + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The file to modify. Before Ansible 2.3 this option was only usable + as `dest`, `destfile` and `name`.' + name: path + required: true + - description: 'The regular expression to look for in the contents of the file. + Uses Python regular expressions; see `http://docs.python.org/2/library/re.html`. + Uses MULTILINE mode, which means `^` and `$` match the beginning and end of + the file, as well as the beginning and end respectively of `each line` of + the file. Does not use DOTALL, which means the `.` special character matches + any character `except newlines`. A common mistake is to assume that a negated + character set like `[^#]` will also not match newlines. In order to exclude + newlines, they must be added to the set like `[^#\n]`. Note that, as of Ansible + 2.0, short form tasks should have any escape sequences backslash-escaped in + order to prevent them being parsed as string literal escapes. See the examples.' + name: regexp + required: true + - description: 'The string to replace regexp matches. May contain backreferences + that will get expanded with the regexp capture groups if the regexp matches. + If not set, matches are removed entirely. Backreferences can be used ambiguously + like `\1`, or explicitly like `\g<1>`.' + name: replace + - description: 'If specified, only content after this match will be replaced/removed. + Can be used in combination with `before`. Uses Python regular expressions; + see `http://docs.python.org/2/library/re.html`. Uses DOTALL, which means the + `.` special character `can match newlines`.' + name: after + - description: 'If specified, only content before this match will be replaced/removed. + Can be used in combination with `after`. Uses Python regular expressions; + see `http://docs.python.org/2/library/re.html`. Uses DOTALL, which means the + `.` special character `can match newlines`.' + name: before + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + - description: All arguments accepted by the `file` module also work here. + name: others + - defaultValue: utf-8 + description: The character encoding for reading and writing the file. + name: encoding + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + - description: 'The validation command to run before copying into place. The path + to the file to validate is passed in via ''%s'' which must be present as in + the examples below. The command is passed securely so shell features like + expansion and pipes will not work.' + name: validate + description: "Replace all instances of a particular string in a file using a back-referenced\ + \ regular expression\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/replace_module.html" + name: linux-replace + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The full path of the file/object to get the facts of. + name: path + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to follow symlinks. + name: follow + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether to return a checksum of the file. + name: get_checksum + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: sha1 + description: 'Algorithm to determine checksum of file. Will throw an error if + the host is unable to use specified algorithm. The remote host has to support + the hashing method specified, `md5` can be unavailable if the host is FIPS-140 + compliant.' + name: checksum_algorithm + predefined: + - md5 + - sha1 + - sha224 + - sha256 + - sha384 + - sha512 + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Use file magic and return data about the nature of the file. this + uses the ''file'' utility found on most Linux/Unix systems. This will add + both `mime_type` and ''charset'' fields to the return, if possible. In Ansible + 2.3 this option changed from ''mime'' to ''get_mime'' and the default changed + to ''Yes''.' + name: get_mime + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Get file attributes using lsattr tool if present. + name: get_attributes + predefined: + - 'Yes' + - 'No' + description: "Retrieve file or file system status\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/stat_module.html" + name: linux-stat + outputs: + - contextPath: Linux.Stat.stat + description: dictionary containing all the stat data, some platforms might add + additional fields + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Path on the source host that will be synchronized to the destination. + The path can be absolute or relative.' + name: src + required: true + - description: 'Path on the destination host that will be synchronized from the + source. The path can be absolute or relative.' + name: dest + required: true + - description: 'Port number for ssh on the destination host. Prior to Ansible + 2.0, the ansible_ssh_port inventory var took precedence over this value. This + parameter defaults to the value of `ansible_ssh_port` or `ansible_port`, the + `remote_port` config setting or the value from ssh client configuration if + none of the former have been set.' + name: dest_port + - auto: PREDEFINED + defaultValue: push + description: 'Specify the direction of the synchronization. In push mode the + localhost or delegate is the source. In pull mode the remote host in context + is the source.' + name: mode + predefined: + - pull + - push + - auto: PREDEFINED + defaultValue: 'Yes' + description: Mirrors the rsync archive flag, enables recursive, links, perms, + times, owner, group flags and -D. + name: archive + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Skip based on checksum, rather than mod-time & size; Note that + that "archive" option is still enabled by default - the "checksum" option + will not disable it. + name: checksum + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Compress file data during the transfer. In most cases, leave this + enabled unless it causes problems.' + name: compress + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Skip creating new files on receiver. + name: existing_only + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Delete files in `dest` that don''t exist (after transfer, not + before) in the `src` path. This option requires `recursive=yes`. This option + ignores excluded files and behaves like the rsync opt --delete-excluded.' + name: delete + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Transfer directories without recursing. + name: dirs + predefined: + - 'Yes' + - 'No' + - description: 'Recurse into directories. This parameter defaults to the value + of the archive option.' + name: recursive + - description: 'Copy symlinks as symlinks. This parameter defaults to the value + of the archive option.' + name: links + - auto: PREDEFINED + defaultValue: 'No' + description: Copy symlinks as the item that they point to (the referent) is + copied, rather than the symlink. + name: copy_links + predefined: + - 'Yes' + - 'No' + - description: 'Preserve permissions. This parameter defaults to the value of + the archive option.' + name: perms + - description: 'Preserve modification times. This parameter defaults to the value + of the archive option.' + name: times + - description: 'Preserve owner (super user only). This parameter defaults to the + value of the archive option.' + name: owner + - description: 'Preserve group. This parameter defaults to the value of the archive + option.' + name: group + - description: 'Specify the rsync command to run on the remote host. See `--rsync-path` + on the rsync man page. To specify the rsync command to run on the local host, + you need to set this your task var `ansible_rsync_path`.' + name: rsync_path + - defaultValue: '0' + description: Specify a `--timeout` for the rsync command in seconds. + name: rsync_timeout + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Put user@ for the remote paths. If you have a custom ssh config + to define the remote user for a host that does not match the inventory user, + you should set this parameter to `no`.' + name: set_remote_user + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Use the ssh_args specified in ansible.cfg. + name: use_ssh_args + predefined: + - 'Yes' + - 'No' + - description: 'Specify additional rsync options by passing in an array. Note + that an empty string in `rsync_opts` will end up transfer the current working + directory.' + isArray: true + name: rsync_opts + - auto: PREDEFINED + defaultValue: 'No' + description: Tells rsync to keep the partial file which should make a subsequent + transfer of the rest of the file much faster. + name: partial + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Verify destination host key. + name: verify_host + predefined: + - 'Yes' + - 'No' + - description: Specify the private key to use for SSH-based rsync connections + (e.g. `~/.ssh/id_rsa`). + name: private_key + - description: Add a destination to hard link against during the rsync. + isArray: true + name: link_dest + description: "A wrapper around rsync to make common tasks in your playbooks quick\ + \ and easy\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/synchronize_module.html" + name: linux-synchronize + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: file + description: Whether to create file or directory. + name: state + predefined: + - directory + - file + - description: 'Location where temporary file or directory should be created. + If path is not specified, the default system temporary directory will be used.' + name: path + - defaultValue: ansible. + description: Prefix of file/directory name created by module. + name: prefix + - defaultValue: '' + description: Suffix of file/directory name created by module. + name: suffix + description: "Creates temporary files and directories\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/tempfile_module.html" + name: linux-tempfile + outputs: + - contextPath: Linux.Tempfile.path + description: Path to created file or directory + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'If `remote_src=no` (default), local path to archive file to copy + to the target server; can be absolute or relative. If `remote_src=yes`, path + on the target server to existing archive file to unpack. If `remote_src=yes` + and `src` contains `://`, the remote machine will download the file from the + URL first. (version_added 2.0). This is only for simple cases, for full download + support use the `get_url` module.' + name: src + required: true + - description: Remote absolute path where the archive should be unpacked. + name: dest + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If true, the file is copied from local ''master'' to the target + machine, otherwise, the plugin will look for src archive at the target machine. + This option has been deprecated in favor of `remote_src`. This option is mutually + exclusive with `remote_src`.' + name: copy + predefined: + - 'Yes' + - 'No' + - description: If the specified absolute path (file or directory) already exists, + this step will `not` be run. + name: creates + - auto: PREDEFINED + defaultValue: 'No' + description: If set to True, return the list of files that are contained in + the tarball. + name: list_files + predefined: + - 'Yes' + - 'No' + - description: List the directory and file entries that you would like to exclude + from the unarchive action. + isArray: true + name: exclude + - auto: PREDEFINED + defaultValue: 'No' + description: Do not replace existing files that are newer than files from the + archive. + name: keep_newer + predefined: + - 'Yes' + - 'No' + - defaultValue: '' + description: 'Specify additional options by passing in an array. Each space-separated + command-line option should be a new element of the array. See examples. Command-line + options with multiple elements must use multiple lines in the array, one for + each element.' + isArray: true + name: extra_opts + - auto: PREDEFINED + defaultValue: 'No' + description: 'Set to `yes` to indicate the archived file is already on the remote + system and not local to the Ansible controller. This option is mutually exclusive + with `copy`.' + name: remote_src + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'This only applies if using a https URL as the source of the file. + This should only set to `no` used on personally controlled sites using self-signed + certificate. Prior to 2.2 the code worked as if this was set to `yes`.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: This option controls the autodecryption of source files using vault. + name: decrypt + predefined: + - 'Yes' + - 'No' + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Unpacks an archive after (optionally) copying it from the local\ + \ machine.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/unarchive_module.html" + name: linux-unarchive + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Path to the file to operate on. This file must exist ahead of + time. This parameter is required, unless `xmlstring` is given.' + name: path + required: true + - description: 'A string containing XML on which to operate. This parameter is + required, unless `path` is given.' + name: xmlstring + required: true + - description: 'A valid XPath expression describing the item(s) you want to manipulate. + Operates on the document root, `/`, by default.' + name: xpath + - description: 'The namespace `prefix:uri` mapping for the XPath expression. Needs + to be a `dict`, not a `list` of items.' + isArray: true + name: namespaces + - auto: PREDEFINED + defaultValue: present + description: Set or remove an xpath selection (node(s), attribute(s)). + name: state + predefined: + - absent + - present + - description: 'The attribute to select when using parameter `value`. This is + a string, not prepended with `@`.' + name: attribute + - description: 'Desired state of the selected attribute. Either a string, or to + unset a value, the Python `None` keyword (YAML Equivalent, `null`). Elements + default to no value (but present). Attributes default to an empty string.' + name: value + - description: 'Add additional child-element(s) to a selected element for a given + `xpath`. Child elements must be given in a list and each item may be either + a string (eg. `children=ansible` to add an empty `` child element), + or a hash where the key is an element name and the value is the element value. + This parameter requires `xpath` to be set.' + isArray: true + name: add_children + - description: 'Set the child-element(s) of a selected element for a given `xpath`. + Removes any existing children. Child elements must be specified as in `add_children`. + This parameter requires `xpath` to be set.' + isArray: true + name: set_children + - auto: PREDEFINED + defaultValue: 'No' + description: 'Search for a given `xpath` and provide the count of any matches. + This parameter requires `xpath` to be set.' + name: count + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Search for a given `xpath` and print out any matches. This parameter + requires `xpath` to be set.' + name: print_match + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Pretty print XML output. + name: pretty_print + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: 'Search for a given `xpath` and get content. This parameter requires + `xpath` to be set.' + name: content + predefined: + - attribute + - text + - auto: PREDEFINED + defaultValue: yaml + description: Type of input for `add_children` and `set_children`. + name: input_type + predefined: + - xml + - yaml + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Remove CDATA tags surrounding text values. Note that this might + break your XML file if text values contain characters that could be interpreted + as XML.' + name: strip_cdata_tags + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Add additional child-element(s) before the first selected element + for a given `xpath`. Child elements must be given in a list and each item + may be either a string (eg. `children=ansible` to add an empty `` + child element), or a hash where the key is an element name and the value is + the element value. This parameter requires `xpath` to be set.' + name: insertbefore + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Add additional child-element(s) after the last selected element + for a given `xpath`. Child elements must be given in a list and each item + may be either a string (eg. `children=ansible` to add an empty `` + child element), or a hash where the key is an element name and the value is + the element value. This parameter requires `xpath` to be set.' + name: insertafter + predefined: + - 'Yes' + - 'No' + description: "Manage bits and pieces of XML files or strings\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/xml_module.html" + name: linux-xml + outputs: + - contextPath: Linux.Xml.actions + description: A dictionary with the original xpath, namespaces and state. + type: unknown + - contextPath: Linux.Xml.backup_file + description: The name of the backup file that was created + type: string + - contextPath: Linux.Xml.count + description: The count of xpath matches. + type: number + - contextPath: Linux.Xml.matches + description: The xpath matches found. + type: unknown + - contextPath: Linux.Xml.msg + description: A message related to the performed action(s). + type: string + - contextPath: Linux.Xml.xmlstring + description: An XML string of the resulting output. + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The command module takes command to run. + name: command + required: true + - description: A filename, when it already exists, this step will `not` be run. + name: creates + - description: A filename, when it does not exist, this step will `not` be run. + name: removes + - description: Change into this directory before running the command. + name: chdir + - description: Mapping of expected string/regex and string to respond with. If + the response is a list, successive matches return successive responses. List + functionality is new in 2.1. + isArray: true + name: responses + required: true + - defaultValue: '30' + description: Amount of time in seconds to wait for the expected strings. Use + `null` to disable timeout. + name: timeout + - auto: PREDEFINED + defaultValue: 'No' + description: Whether or not to echo out your response strings. + name: echo + predefined: + - 'Yes' + - 'No' + description: "Executes a command and responds to prompts.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/expect_module.html" + name: linux-expect + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of a bower package to install + name: name + - defaultValue: 'no' + description: Install packages from local cache, if the packages were installed + before + name: offline + - defaultValue: 'no' + description: Install with --production flag + name: production + - description: The base path where to install the bower packages + name: path + required: true + - description: Relative path to bower executable from install path + name: relative_execpath + - auto: PREDEFINED + defaultValue: present + description: The state of the bower package + name: state + predefined: + - present + - absent + - latest + - description: The version to be installed + name: version + description: "Manage bower packages with bower\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/bower_module.html" + name: linux-bower + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The path to the bundler executable + name: executable + - auto: PREDEFINED + defaultValue: present + description: The desired state of the Gem bundle. `latest` updates gems to the + most recent, acceptable version + name: state + predefined: + - present + - latest + - defaultValue: temporary working directory + description: The directory to execute the bundler commands from. This directory + needs to contain a valid Gemfile or .bundle/ directory + name: chdir + - description: A list of Gemfile groups to exclude during operations. This only + applies when state is `present`. Bundler considers this a 'remembered' property + for the Gemfile and will automatically exclude groups in future operations + even if `exclude_groups` is not set + name: exclude_groups + - defaultValue: 'no' + description: Only applies if state is `present`. If set removes any gems on + the target host that are not in the gemfile + name: clean + - defaultValue: Gemfile in current directory + description: Only applies if state is `present`. The path to the gemfile to + use to install gems. + name: gemfile + - defaultValue: 'no' + description: If set only installs gems from the cache on the target host + name: local + - defaultValue: 'no' + description: Only applies if state is `present`. If set it will install gems + in ./vendor/bundle instead of the default location. Requires a Gemfile.lock + file to have been created prior + name: deployment_mode + - defaultValue: 'yes' + description: Only applies if state is `present`. Installs gems in the local + user's cache or for all users + name: user_install + - defaultValue: RubyGems gem paths + description: Only applies if state is `present`. Specifies the directory to + install the gems into. If `chdir` is set then this path is relative to `chdir` + name: gem_path + - description: Only applies if state is `present`. Specifies the directory to + install any gem bins files to. When executed the bin files will run within + the context of the Gemfile and fail if any required gem dependencies are not + installed. If `chdir` is set then this path is relative to `chdir` + name: binstub_directory + - description: A space separated string of additional commands that can be applied + to the Bundler command. Refer to the Bundler documentation for more information + name: extra_args + description: "Manage Ruby Gem dependencies with Bundler\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/bundler_module.html" + name: linux-bundler + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: install + description: Composer command like "install", "update" and so on. + name: command + - description: Composer arguments like required package, version and so on. + name: arguments + - description: Path to PHP Executable on the remote host, if PHP is not in PATH. + name: executable + - description: 'Directory of your project (see --working-dir). This is required + when the command is not run globally. Will be ignored if `global_command=true`.' + name: working_dir + - auto: PREDEFINED + defaultValue: 'No' + description: Runs the specified command globally. + name: global_command + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Forces installation from package sources when possible (see --prefer-source). + name: prefer_source + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Forces installation from package dist even for dev versions (see + --prefer-dist). + name: prefer_dist + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Disables installation of require-dev packages (see --no-dev). + name: no_dev + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Skips the execution of all scripts defined in composer.json (see + --no-scripts). + name: no_scripts + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Disables all plugins ( see --no-plugins ). + name: no_plugins + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Optimize autoloader during autoloader dump (see --optimize-autoloader). + Convert PSR-0/4 autoloading to classmap to get a faster autoloader. Recommended + especially for production, but can take a bit of time to run.' + name: optimize_autoloader + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Autoload classes from classmap only. Implicitely enable optimize_autoloader. + Recommended especially for production, but can take a bit of time to run.' + name: classmap_authoritative + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Uses APCu to cache found/not-found classes + name: apcu_autoloader + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Ignore php, hhvm, lib-* and ext-* requirements and force the installation + even if the local machine does not fulfill these. + name: ignore_platform_reqs + predefined: + - 'Yes' + - 'No' + description: "Dependency Manager for PHP\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/composer_module.html" + name: linux-composer + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of the Perl library to install. You may use the "full + distribution path", e.g. MIYAGAWA/Plack-0.99_05.tar.gz + name: name + - description: The local directory from where to install + name: from_path + - auto: PREDEFINED + defaultValue: 'No' + description: Do not run unit tests + name: notest + predefined: + - 'Yes' + - 'No' + - description: Specify the install base to install modules + name: locallib + - description: Specifies the base URL for the CPAN mirror to use + name: mirror + - auto: PREDEFINED + defaultValue: 'No' + description: Use the mirror's index file instead of the CPAN Meta DB + name: mirror_only + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Only install dependencies + name: installdeps + predefined: + - 'Yes' + - 'No' + - description: minimum version of perl module to consider acceptable + name: version + - auto: PREDEFINED + defaultValue: 'No' + description: 'Use this if you want to install modules to the system perl include + path. You must be root or have "passwordless" sudo for this to work. This + uses the cpanm commandline option ''--sudo'', which has nothing to do with + ansible privilege escalation.' + name: system_lib + predefined: + - 'Yes' + - 'No' + - description: Override the path to the cpanm executable + name: executable + description: "Manages Perl library dependencies.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/cpanm_module.html" + name: linux-cpanm + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of the gem to be managed. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: The desired state of the gem. `latest` ensures that the latest + version is installed. + name: state + predefined: + - present + - absent + - latest + - description: The path to a local gem used as installation source. + name: gem_source + - defaultValue: 'yes' + description: Whether to include dependencies or not. + name: include_dependencies + - description: The repository from which the gem will be installed + name: repository + - defaultValue: 'yes' + description: Install gem in user's local gems cache or for all users + name: user_install + - description: Override the path to the gem executable + name: executable + - description: Install the gems into a specific directory. These gems will be + independent from the global installed ones. Specifying this requires user_install + to be false. + name: install_dir + - defaultValue: 'no' + description: Rewrite the shebang line on installed scripts to use /usr/bin/env. + name: env_shebang + - description: Version of the gem to be installed/removed. + name: version + - defaultValue: 'no' + description: Allow installation of pre-release versions of the gem. + name: pre_release + - defaultValue: 'no' + description: Install with or without docs. + name: include_doc + - description: Allow adding build flags for gem compilation + name: build_flags + - defaultValue: 'no' + description: Force gem to install, bypassing dependency checks. + name: force + description: "Manage Ruby gems\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/gem_module.html" + name: linux-gem + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The Maven groupId coordinate + name: group_id + required: true + - description: The maven artifactId coordinate + name: artifact_id + required: true + - defaultValue: latest + description: The maven version coordinate + name: version + - description: The maven classifier coordinate + name: classifier + - defaultValue: jar + description: The maven type/extension coordinate + name: extension + - defaultValue: http://repo1.maven.org/maven2 + description: 'The URL of the Maven Repository to download from. Use s3://... + if the repository is hosted on Amazon S3, added in version 2.2. Use file://... + if the repository is local, added in version 2.6' + name: repository_url + - description: The username to authenticate as to the Maven Repository. Use AWS + secret key of the repository is hosted on S3 + name: username + - description: The password to authenticate with to the Maven Repository. Use + AWS secret access key of the repository is hosted on S3 + name: password + - description: Add custom HTTP headers to a request in hash/dict format. + isArray: true + name: headers + - description: 'The path where the artifact should be written to If file mode + or ownerships are specified and destination path already exists, they affect + the downloaded file' + name: dest + required: true + - auto: PREDEFINED + defaultValue: present + description: The desired state of the artifact + name: state + predefined: + - present + - absent + - defaultValue: '10' + description: Specifies a timeout in seconds for the connection attempt + name: timeout + - defaultValue: 'yes' + description: If `no`, SSL certificates will not be validated. This should only + be set to `no` when no other option exists. + name: validate_certs + - defaultValue: 'no' + description: 'If `yes`, the downloaded artifact''s name is preserved, i.e the + version number remains part of it. This option only has effect when `dest` + is a directory and `version` is set to `latest`.' + name: keep_name + - auto: PREDEFINED + defaultValue: download + description: 'If `never`, the md5 checksum will never be downloaded and verified. + If `download`, the md5 checksum will be downloaded and verified only after + artifact download. This is the default. If `change`, the md5 checksum will + be downloaded and verified if the destination already exist, to verify if + they are identical. This was the behaviour before 2.6. Since it downloads + the md5 before (maybe) downloading the artifact, and since some repository + software, when acting as a proxy/cache, return a 404 error if the artifact + has not been cached yet, it may fail unexpectedly. If you still need it, you + should consider using `always` instead - if you deal with a checksum, it is + better to use it to verify integrity after download. `always` combines `download` + and `change`.' + name: verify_checksum + predefined: + - never + - download + - change + - always + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Downloads an Artifact from a Maven Repository\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/maven_artifact_module.html" + name: linux-maven-artifact + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of a node.js library to install + name: name + - description: The base path where to install the node.js libraries + name: path + - description: The version to be installed + name: version + - auto: PREDEFINED + defaultValue: 'No' + description: Install the node.js library globally + name: global + predefined: + - 'Yes' + - 'No' + - description: 'The executable location for npm. This is useful if you are using + a version manager, such as nvm' + name: executable + - auto: PREDEFINED + defaultValue: 'No' + description: Use the `--ignore-scripts` flag when installing. + name: ignore_scripts + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Use the `--unsafe-perm` flag when installing. + name: unsafe_perm + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Install packages based on package-lock file, same as running npm + ci + name: ci + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Install dependencies in production mode, excluding devDependencies + name: production + predefined: + - 'Yes' + - 'No' + - description: The registry to install modules from. + name: registry + - auto: PREDEFINED + defaultValue: present + description: The state of the node.js library + name: state + predefined: + - present + - absent + - latest + description: "Manage node.js packages with npm\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/npm_module.html" + name: linux-npm + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the package to install, upgrade, or remove. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Desired state of the package. + name: state + predefined: + - present + - absent + - latest + - description: Path to the pear executable + name: executable + description: "Manage pear/pecl packages\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pear_module.html" + name: linux-pear + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of a Python library to install or the url(bzr+,hg+,git+,svn+) + of the remote package. This can be a list (since 2.2) and contain version + specifiers (since 2.7).' + isArray: true + name: name + - description: The version number to install of the Python library specified in + the `name` parameter. + name: version + - description: The path to a pip requirements file, which should be local to the + remote system. File can be specified as a relative path if using the chdir + option. + name: requirements + - description: An optional path to a `virtualenv` directory to install into. It + cannot be specified together with the 'executable' parameter (added in 2.1). + If the virtualenv does not exist, it will be created before installing packages. + The optional virtualenv_site_packages, virtualenv_command, and virtualenv_python + options affect the creation of the virtualenv. + name: virtualenv + - defaultValue: 'no' + description: Whether the virtual environment will inherit packages from the + global site-packages directory. Note that if this setting is changed on an + already existing virtual environment it will not have any effect, the environment + must be deleted and newly created. + name: virtualenv_site_packages + - defaultValue: virtualenv + description: The command or a pathname to the command to create the virtual + environment with. For example `pyvenv`, `virtualenv`, `virtualenv2`, `~/bin/virtualenv`, + `/usr/local/bin/virtualenv`. + name: virtualenv_command + - description: The Python executable used for creating the virtual environment. + For example `python3.5`, `python2.7`. When not specified, the Python version + used to run the ansible module is used. This parameter should not be used + when `virtualenv_command` is using `pyvenv` or the `-m venv` module. + name: virtualenv_python + - auto: PREDEFINED + defaultValue: present + description: 'The state of module The ''forcereinstall'' option is only available + in Ansible 2.1 and above.' + name: state + predefined: + - absent + - forcereinstall + - latest + - present + - description: Extra arguments passed to pip. + name: extra_args + - defaultValue: 'no' + description: Pass the editable flag. + name: editable + - description: cd into this directory before running the command + name: chdir + - description: 'The explicit executable or pathname for the pip executable, if + different from the Ansible Python interpreter. For example `pip3.3`, if there + are both Python 2.7 and 3.3 installations in the system and you want to run + pip for the Python 3.3 installation. Mutually exclusive with `virtualenv` + (added in 2.1). Does not affect the Ansible Python interpreter. The setuptools + package must be installed for both the Ansible Python interpreter and for + the version of Python specified by this option.' + name: executable + - description: The system umask to apply before installing the pip package. This + is useful, for example, when installing on systems that have a very restrictive + umask by default (e.g., "0077") and you want to pip install packages which + are to be used by all users. Note that this requires you to specify desired + umask mode as an octal string, (e.g., "0022"). + name: umask + description: "Manages Python library dependencies\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/pip_module.html" + name: linux-pip + outputs: + - contextPath: Linux.Pip.cmd + description: pip command used by the module + type: string + - contextPath: Linux.Pip.name + description: list of python modules targetted by pip + type: unknown + - contextPath: Linux.Pip.requirements + description: Path to the requirements file + type: string + - contextPath: Linux.Pip.version + description: Version of the package specified in 'name' + type: string + - contextPath: Linux.Pip.virtualenv + description: Path to the virtualenv + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '[''pip'']' + description: A list of the pip executables that will be used to get the packages. + They can be supplied with the full path or just the executable name, i.e `pip3.7`. + isArray: true + name: clients + description: "pip package information\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pip_package_info_module.html" + name: linux-pip-package-info + outputs: + - contextPath: Linux.PipPackageInfo.packages + description: a dictionary of installed package data + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of a node.js library to install If omitted all packages + in package.json are installed.' + name: name + - description: 'The base path where Node.js libraries will be installed. This + is where the node_modules folder lives.' + name: path + - description: 'The version of the library to be installed. Must be in semver + format. If "latest" is desired, use "state" arg instead' + name: version + - auto: PREDEFINED + defaultValue: 'No' + description: Install the node.js library globally + name: global + predefined: + - 'Yes' + - 'No' + - description: The executable location for yarn. + name: executable + - auto: PREDEFINED + defaultValue: 'No' + description: Use the --ignore-scripts flag when installing. + name: ignore_scripts + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Install dependencies in production mode. Yarn will ignore any + dependencies under devDependencies in package.json' + name: production + predefined: + - 'Yes' + - 'No' + - description: The registry to install modules from. + name: registry + - auto: PREDEFINED + defaultValue: present + description: 'Installation state of the named node.js library If absent is selected, + a name option must be provided' + name: state + predefined: + - present + - absent + - latest + description: "Manage node.js packages with Yarn\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/yarn_module.html" + name: linux-yarn + outputs: + - contextPath: Linux.Yarn.changed + description: Whether Yarn changed any package data + type: boolean + - contextPath: Linux.Yarn.msg + description: Provides an error message if Yarn syntax was incorrect + type: string + - contextPath: Linux.Yarn.invocation + description: Parameters and values used during execution + type: unknown + - contextPath: Linux.Yarn.out + description: Output generated from Yarn with emojis removed. + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: 'no' + description: During upgrade, reset versioned world dependencies and change logic + to prefer replacing or downgrading packages (instead of holding them) if the + currently installed package is no longer available from any repository. + name: available + - description: A package name, like `foo`, or multiple packages, like `foo, bar`. + name: name + - description: A package repository or multiple repositories. Unlike with the + underlying apk command, this list will override the system repositories rather + than supplement them. + name: repository + - auto: PREDEFINED + defaultValue: present + description: 'Indicates the desired package(s) state. `present` ensures the + package(s) is/are present. `absent` ensures the package(s) is/are absent. + `latest` ensures the package(s) is/are present and the latest version(s).' + name: state + predefined: + - present + - absent + - latest + - defaultValue: 'no' + description: Update repository indexes. Can be run with other steps or on it's + own. + name: update_cache + - defaultValue: 'no' + description: Upgrade all installed packages to their latest version. + name: upgrade + description: "Manages apk packages\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apk_module.html" + name: linux-apk + outputs: + - contextPath: Linux.Apk.packages + description: a list of packages that have been changed + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A list of package names, like `foo`, or package specifier with + version, like `foo=1.0`. Name wildcards (fnmatch) like `apt*` and version + wildcards like `foo=1.0*` are also supported. + name: name + - auto: PREDEFINED + defaultValue: present + description: Indicates the desired package state. `latest` ensures that the + latest version is installed. `build-dep` ensures the package build dependencies + are installed. `fixed` attempt to correct a system with broken dependencies + in place. + name: state + predefined: + - absent + - build-dep + - latest + - present + - fixed + - defaultValue: 'no' + description: Run the equivalent of `apt-get update` before the operation. Can + be run as part of the package installation or as a separate step. + name: update_cache + - defaultValue: '0' + description: 'Update the apt cache if its older than the `cache_valid_time`. + This option is set in seconds. As of Ansible 2.4, if explicitly set, this + sets `update_cache=yes`.' + name: cache_valid_time + - defaultValue: 'no' + description: Will force purging of configuration files if the module state is + set to `absent`. + name: purge + - description: Corresponds to the `-t` option for `apt` and sets pin priorities + name: default_release + - description: Corresponds to the `--no-install-recommends` option for `apt`. + `yes` installs recommended packages. `no` does not install recommended packages. + By default, Ansible will use the same defaults as the operating system. Suggested + packages are never installed. + name: install_recommends + - defaultValue: 'no' + description: 'Corresponds to the `--force-yes` to `apt-get` and implies `allow_unauthenticated: + yes` This option will disable checking both the packages'' signatures and + the certificates of the web servers they are downloaded from. This option + *is not* the equivalent of passing the `-f` flag to `apt-get` on the command + line **This is a destructive operation with the potential to destroy your + system, and it should almost never be used.** Please also see `man apt-get` + for more information.' + name: force + - defaultValue: 'no' + description: 'Ignore if packages cannot be authenticated. This is useful for + bootstrapping environments that manage their own apt-key setup. `allow_unauthenticated` + is only supported with state: `install`/`present`' + name: allow_unauthenticated + - auto: PREDEFINED + defaultValue: 'no' + description: 'If yes or safe, performs an aptitude safe-upgrade. If full, performs + an aptitude full-upgrade. If dist, performs an apt-get dist-upgrade. Note: + This does not upgrade a specific package, use state=latest for that. Note: + Since 2.4, apt-get is used as a fall-back if aptitude is not present.' + name: upgrade + predefined: + - dist + - full + - 'no' + - safe + - 'yes' + - defaultValue: force-confdef,force-confold + description: 'Add dpkg options to apt command. Defaults to ''-o "Dpkg::Options::=--force-confdef" + -o "Dpkg::Options::=--force-confold"'' Options should be supplied as comma + separated list' + name: dpkg_options + - description: 'Path to a .deb package on the remote machine. If :// in the path, + ansible will attempt to download deb before installing. (Version added 2.1) + Requires the `xz-utils` package to extract the control file of the deb package + to install.' + name: deb + - defaultValue: 'no' + description: 'If `yes`, remove unused dependency packages for all module states + except `build-dep`. It can also be used as the only option. Previous to version + 2.4, autoclean was also an alias for autoremove, now it is its own separate + command. See documentation for further information.' + name: autoremove + - defaultValue: 'no' + description: If `yes`, cleans the local repository of retrieved package files + that can no longer be downloaded. + name: autoclean + - description: 'Force the exit code of /usr/sbin/policy-rc.d. For example, if + `policy_rc_d=101` the installed package will not trigger a service start. + If /usr/sbin/policy-rc.d already exist, it is backed up and restored after + the package installation. If `null`, the /usr/sbin/policy-rc.d isn''t created/changed.' + name: policy_rc_d + - defaultValue: 'no' + description: Only upgrade a package if it is already installed. + name: only_upgrade + - defaultValue: 'no' + description: Force usage of apt-get instead of aptitude + name: force_apt_get + description: "Manages apt-packages\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_module.html" + name: linux-apt + outputs: + - contextPath: Linux.Apt.cache_updated + description: if the cache was updated or not + type: boolean + - contextPath: Linux.Apt.cache_update_time + description: time of the last cache update (0 if unknown) + type: number + - contextPath: Linux.Apt.stdout + description: output from apt + type: string + - contextPath: Linux.Apt.stderr + description: error output from apt + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The identifier of the key. Including this allows check mode to + correctly report the changed state. If specifying a subkey''s id be aware + that apt-key does not understand how to remove keys via a subkey id. Specify + the primary key''s id instead. This parameter is required when `state` is + set to `absent`.' + name: id + - description: The keyfile contents to add to the keyring. + name: data + - description: The path to a keyfile on the remote server to add to the keyring. + name: file + - description: The full path to specific keyring file in /etc/apt/trusted.gpg.d/ + name: keyring + - description: The URL to retrieve key from. + name: url + - description: The keyserver to retrieve key from. + name: keyserver + - auto: PREDEFINED + defaultValue: present + description: Ensures that the key is present (added) or absent (revoked). + name: state + predefined: + - absent + - present + - defaultValue: 'yes' + description: If `no`, SSL certificates for the target url will not be validated. + This should only be used on personally controlled sites using self-signed + certificates. + name: validate_certs + description: "Add or remove an apt key\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_key_module.html" + name: linux-apt-key + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the repository to add or remove. + name: repo + required: true + - auto: PREDEFINED + defaultValue: present + description: Indicates the desired repository state. + name: state + predefined: + - absent + - present + - defaultValue: 'no' + description: 'Remove other then added repositories Used if `state=present`' + name: remove_others + - defaultValue: 'no' + description: Update the package database after changing repositories. + name: update + description: "Manage APT repositories via apt-repo\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/apt_repo_module.html" + name: linux-apt-repo + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A source string for the repository. + name: repo + required: true + - auto: PREDEFINED + defaultValue: present + description: A source string state. + name: state + predefined: + - absent + - present + - defaultValue: '0644' + description: The octal mode for newly created files in sources.list.d + name: mode + - defaultValue: 'yes' + description: Run the equivalent of `apt-get update` when a change occurs. Cache + updates are run after making changes. + name: update_cache + - defaultValue: 'yes' + description: If `no`, SSL certificates for the target repo will not be validated. + This should only be used on personally controlled sites using self-signed + certificates. + name: validate_certs + - description: Sets the name of the source list file in sources.list.d. Defaults + to a file name based on the repository source url. The .list extension will + be automatically added. + name: filename + - description: Override the distribution codename to use for PPA repositories. + Should usually only be set when working with a PPA on a non-Ubuntu target + (e.g. Debian or Mint) + name: codename + description: "Add and remove APT repositories\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/apt_repository_module.html" + name: linux-apt-repository + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: name of package to install, upgrade or remove. + name: pkg + required: true + - auto: PREDEFINED + defaultValue: present + description: Indicates the desired package state. + name: state + predefined: + - absent + - present + - defaultValue: 'no' + description: update the package database first `apt-get update`. + name: update_cache + description: "apt_rpm package manager\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_rpm_module.html" + name: linux-apt-rpm + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the package + name: name + required: true + - auto: PREDEFINED + description: The selection state to set the package to. + name: selection + predefined: + - install + - hold + - deinstall + - purge + required: true + description: "Dpkg package selection selections\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/dpkg_selections_module.html" + name: linux-dpkg-selections + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: flatpak + description: 'The path to the `flatpak` executable to use. By default, this + module looks for the `flatpak` executable on the path.' + name: executable + - auto: PREDEFINED + defaultValue: system + description: 'The installation method to use. Defines if the `flatpak` is supposed + to be installed globally for the whole `system` or only for the current `user`.' + name: method + predefined: + - system + - user + - description: 'The name of the flatpak to manage. When used with `state=present`, + `name` can be specified as an `http(s`) URL to a `flatpakref` file or the + unique reverse DNS name that identifies a flatpak. When supplying a reverse + DNS name, you can use the `remote` option to specify on what remote to look + for the flatpak. An example for a reverse DNS name is `org.gnome.gedit`. When + used with `state=absent`, it is recommended to specify the name in the reverse + DNS format. When supplying an `http(s`) URL with `state=absent`, the module + will try to match the installed flatpak based on the name of the flatpakref + to remove it. However, there is no guarantee that the names of the flatpakref + file and the reverse DNS name of the installed flatpak do match.' + name: name + required: true + - defaultValue: flathub + description: 'The flatpak remote (repository) to install the flatpak from. By + default, `flathub` is assumed, but you do need to add the flathub flatpak_remote + before you can use this. See the `flatpak_remote` module for managing flatpak + remotes.' + name: remote + - auto: PREDEFINED + defaultValue: present + description: Indicates the desired package state. + name: state + predefined: + - absent + - present + description: "Manage flatpaks\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/flatpak_module.html" + name: linux-flatpak + outputs: + - contextPath: Linux.Flatpak.command + description: The exact flatpak command that was executed + type: string + - contextPath: Linux.Flatpak.msg + description: Module error message + type: string + - contextPath: Linux.Flatpak.rc + description: Return code from flatpak binary + type: number + - contextPath: Linux.Flatpak.stderr + description: Error output from flatpak binary + type: string + - contextPath: Linux.Flatpak.stdout + description: Output from flatpak binary + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: flatpak + description: 'The path to the `flatpak` executable to use. By default, this + module looks for the `flatpak` executable on the path.' + name: executable + - description: 'The URL to the `flatpakrepo` file representing the repository + remote to add. When used with `state=present`, the flatpak remote specified + under the `flatpakrepo_url` is added using the specified installation `method`. + When used with `state=absent`, this is not required. Required when `state=present`.' + name: flatpakrepo_url + - auto: PREDEFINED + defaultValue: system + description: 'The installation method to use. Defines if the `flatpak` is supposed + to be installed globally for the whole `system` or only for the current `user`.' + name: method + predefined: + - system + - user + - description: 'The desired name for the flatpak remote to be registered under + on the managed host. When used with `state=present`, the remote will be added + to the managed host under the specified `name`. When used with `state=absent` + the remote with that name will be removed.' + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Indicates the desired package state. + name: state + predefined: + - absent + - present + description: "Manage flatpak repository remotes\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/flatpak_remote_module.html" + name: linux-flatpak-remote + outputs: + - contextPath: Linux.FlatpakRemote.command + description: The exact flatpak command that was executed + type: string + - contextPath: Linux.FlatpakRemote.msg + description: Module error message + type: string + - contextPath: Linux.FlatpakRemote.rc + description: Return code from flatpak binary + type: number + - contextPath: Linux.FlatpakRemote.stderr + description: Error output from flatpak binary + type: string + - contextPath: Linux.FlatpakRemote.stdout + description: Output from flatpak binary + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: list of names of packages to install/remove + name: name + - defaultValue: /usr/local/bin + description: A ':' separated list of paths to search for 'brew' executable. + Since a package (`formula` in homebrew parlance) location is prefixed relative + to the actual path of `brew` command, providing an alternative `brew` path + enables managing different set of packages in an alternative location in the + system. + name: path + - auto: PREDEFINED + defaultValue: present + description: state of the package + name: state + predefined: + - head + - latest + - present + - absent + - linked + - unlinked + - defaultValue: 'no' + description: update homebrew itself first + name: update_homebrew + - defaultValue: 'no' + description: upgrade all homebrew packages + name: upgrade_all + - description: options flags to install a package + name: install_options + description: "Package manager for Homebrew\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/homebrew_module.html" + name: linux-homebrew + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: name of cask to install/remove + name: name + required: true + - defaultValue: /usr/local/bin + description: ''':'' separated list of paths to search for ''brew'' executable.' + name: path + - auto: PREDEFINED + defaultValue: present + description: state of the cask + name: state + predefined: + - present + - absent + - upgraded + - description: The sudo password to be passed to SUDO_ASKPASS. + name: sudo_password + - defaultValue: 'no' + description: update homebrew itself first. Note that `brew cask update` is a + synonym for `brew update`. + name: update_homebrew + - description: options flags to install a package + name: install_options + - defaultValue: 'no' + description: allow external apps + name: accept_external_apps + - defaultValue: 'no' + description: upgrade all casks (mutually exclusive with `upgrade`) + name: upgrade_all + - defaultValue: 'no' + description: upgrade all casks (mutually exclusive with `upgrade_all`) + name: upgrade + - defaultValue: 'no' + description: upgrade casks that auto update; passes --greedy to brew cask outdated + when checking if an installed cask has a newer version available + name: greedy + description: "Install/uninstall homebrew casks.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/homebrew_cask_module.html" + name: linux-homebrew-cask + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The GitHub user/organization repository to tap. + name: name + required: true + - description: 'The optional git URL of the repository to tap. The URL is not + assumed to be on GitHub, and the protocol doesn''t have to be HTTP. Any location + and protocol that git can handle is fine. `name` option may not be a list + of multiple taps (but a single tap instead) when this option is provided.' + name: url + - auto: PREDEFINED + defaultValue: present + description: state of the repository. + name: state + predefined: + - present + - absent + description: "Tap a Homebrew repository.\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/homebrew_tap_module.html" + name: linux-homebrew-tap + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The overlay id to install, synchronize, or uninstall. Use 'ALL' + to sync all of the installed overlays (can be used only when `state=updated`). + name: name + required: true + - description: An URL of the alternative overlays list that defines the overlay + to install. This list will be fetched and saved under `${overlay_defs}`/${name}.xml), + where `overlay_defs` is readed from the Layman's configuration. + name: list_url + - auto: PREDEFINED + defaultValue: present + description: Whether to install (`present`), sync (`updated`), or uninstall + (`absent`) the overlay. + name: state + predefined: + - present + - absent + - updated + - defaultValue: 'yes' + description: If `no`, SSL certificates will not be validated. This should only + be set to `no` when no other option exists. Prior to 1.9.3 the code defaulted + to `no`. + name: validate_certs + description: "Manage Gentoo overlays\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/layman_module.html" + name: linux-layman + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Package name, or package specifier with version. Syntax varies + with package manager. For example `name-1.0` or `name=1.0`. Package names + also vary with package manager; this module will not "translate" them per + distro. For example `libyaml-dev`, `libyaml-devel`.' + name: name + required: true + - description: 'Whether to install (`present`), or remove (`absent`) a package. + You can use other states like `latest` ONLY if they are supported by the underlying + package module(s) executed.' + name: state + required: true + - defaultValue: auto + description: 'The required package manager module to use (yum, apt, etc). The + default ''auto'' will use existing facts or try to autodetect it. You should + only use this field if the automatic selection is not working for some reason.' + name: use + description: "Generic OS package manager\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/package_module.html" + name: linux-package + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: '[''auto'']' + description: 'The package manager used by the system so we can query the package + information. Since 2.8 this is a list and can support multiple package managers + per system. The ''portage'' and ''pkg'' options were added in version 2.8.' + isArray: true + name: manager + predefined: + - auto + - rpm + - apt + - portage + - pkg + - auto: PREDEFINED + defaultValue: first + description: This option controls how the module queries the package managers + on the system. `first` means it will return only information for the first + supported package manager available. `all` will return information for all + supported and available package managers on the system. + name: strategy + predefined: + - first + - all + description: "package information as facts\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/package_facts_module.html" + name: linux-package-facts + outputs: + - contextPath: Linux.PackageFacts.ansible_facts + description: facts to add to ansible_facts + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: auto + description: 'This module supports `yum` (as it always has), this is known as + `yum3`/`YUM3`/`yum-deprecated` by upstream yum developers. As of Ansible 2.7+, + this module also supports `YUM4`, which is the "new yum" and it has an `dnf` + backend. By default, this module will select the backend based on the `ansible_pkg_mgr` + fact.' + name: use_backend + predefined: + - auto + - yum + - yum4 + - dnf + - description: 'A package name or package specifier with version, like `name-1.0`. + If a previous version is specified, the task also needs to turn `allow_downgrade` + on. See the `allow_downgrade` documentation for caveats with downgrading packages. + When using state=latest, this can be `''*''` which means run `yum -y update`. + You can also pass a url or a local path to a rpm file (using state=present). + To operate on several packages this can accept a comma separated string of + packages or (as of 2.0) a list of packages.' + isArray: true + name: name + - description: Package name(s) to exclude when state=present, or latest + name: exclude + - description: 'Package name to run the equivalent of yum list --show-duplicates + against. In addition to listing packages, use can also list the + following: `installed`, `updates`, `available` and `repos`. This parameter + is mutually exclusive with `name`.' + name: list + - auto: PREDEFINED + description: 'Whether to install (`present` or `installed`, `latest`), or remove + (`absent` or `removed`) a package. `present` and `installed` will simply ensure + that a desired package is installed. `latest` will update the specified package + if it''s not of the latest available version. `absent` and `removed` will + remove the specified package. Default is `None`, however in effect the default + action is `present` unless the `autoremove` option is enabled for this module, + then `absent` is inferred.' + name: state + predefined: + - absent + - installed + - latest + - present + - removed + - description: '`Repoid` of repositories to enable for the install/update operation. + These repos will not persist beyond the transaction. When specifying multiple + repos, separate them with a `","`. As of Ansible 2.7, this can alternatively + be a list instead of `","` separated string' + name: enablerepo + - description: '`Repoid` of repositories to disable for the install/update operation. + These repos will not persist beyond the transaction. When specifying multiple + repos, separate them with a `","`. As of Ansible 2.7, this can alternatively + be a list instead of `","` separated string' + name: disablerepo + - description: The remote yum configuration file to use for the transaction. + name: conf_file + - defaultValue: 'no' + description: Whether to disable the GPG checking of signatures of packages being + installed. Has an effect only if state is `present` or `latest`. + name: disable_gpg_check + - defaultValue: 'no' + description: Skip packages with broken dependencies(devsolve) and are causing + problems. + name: skip_broken + - defaultValue: 'no' + description: Force yum to check if cache is out of date and redownload if needed. + Has an effect only if state is `present` or `latest`. + name: update_cache + - defaultValue: 'yes' + description: 'This only applies if using a https url as the source of the rpm. + e.g. for localinstall. If set to `no`, the SSL certificates will not be validated. + This should only set to `no` used on personally controlled sites using self-signed + certificates as it avoids verifying the source site. Prior to 2.1 the code + worked as if this was set to `yes`.' + name: validate_certs + - defaultValue: 'no' + description: 'When using latest, only update installed packages. Do not install + packages. Has an effect only if state is `latest`' + name: update_only + - defaultValue: / + description: Specifies an alternative installroot, relative to which all packages + will be installed. + name: installroot + - defaultValue: 'no' + description: If set to `yes`, and `state=latest` then only installs updates + that have been marked security related. + name: security + - defaultValue: 'no' + description: If set to `yes`, and `state=latest` then only installs updates + that have been marked bugfix related. + name: bugfix + - defaultValue: 'no' + description: Specify if the named package and version is allowed to downgrade + a maybe already installed higher version of that package. Note that setting + allow_downgrade=True can make this module behave in a non-idempotent way. + The task could end up with a set of packages that does not match the complete + list of specified packages to install (because dependencies between the downgraded + package and others can cause changes to the packages which were in the earlier + transaction). + name: allow_downgrade + - description: '`Plugin` name to enable for the install/update operation. The + enabled plugin will not persist beyond the transaction.' + name: enable_plugin + - description: '`Plugin` name to disable for the install/update operation. The + disabled plugins will not persist beyond the transaction.' + name: disable_plugin + - description: Specifies an alternative release from which all packages will be + installed. + name: releasever + - defaultValue: 'no' + description: 'If `yes`, removes all "leaf" packages from the system that were + originally installed as dependencies of user-installed packages but which + are no longer required by any such package. Should be used alone or when state + is `absent` NOTE: This feature requires yum >= 3.4.3 (RHEL/CentOS 7+)' + name: autoremove + - description: 'Disable the excludes defined in YUM config files. If set to `all`, + disables all excludes. If set to `main`, disable excludes defined in [main] + in yum.conf. If set to `repoid`, disable excludes defined for given repo id.' + name: disable_excludes + - defaultValue: 'no' + description: Only download the packages, do not install them. + name: download_only + - defaultValue: '30' + description: Amount of time to wait for the yum lockfile to be freed. + name: lock_timeout + - defaultValue: 'yes' + description: 'Will also install all packages linked by a weak dependency relation. + NOTE: This feature requires yum >= 4 (RHEL/CentOS 8+)' + name: install_weak_deps + - description: 'Specifies an alternate directory to store packages. Has an effect + only if `download_only` is specified.' + name: download_dir + description: "Manages packages with the I(yum) package manager\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/yum_module.html" + name: linux-yum + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: 'yes' + description: If set to `yes` Yum will download packages and metadata from this + repo in parallel, if possible. + name: async + - defaultValue: '0' + description: 'Maximum available network bandwidth in bytes/second. Used with + the `throttle` option. If `throttle` is a percentage and bandwidth is `0` + then bandwidth throttling will be disabled. If `throttle` is expressed as + a data rate (bytes/sec) then this option is ignored. Default is `0` (no bandwidth + throttling).' + name: bandwidth + - description: 'URL to the directory where the yum repository''s ''repodata'' + directory lives. It can also be a list of multiple URLs. This, the `metalink` + or `mirrorlist` parameters are required if `state` is set to `present`.' + name: baseurl + - defaultValue: '1000' + description: Relative cost of accessing this repository. Useful for weighing + one repo's packages as greater/less than any other. + name: cost + - defaultValue: '100' + description: When the relative size of deltarpm metadata vs pkgs is larger than + this, deltarpm metadata is not downloaded from the repo. Note that you can + give values over `100`, so `200` means that the metadata is required to be + half the size of the packages. Use `0` to turn off this check, and always + download metadata. + name: deltarpm_metadata_percentage + - defaultValue: '75' + description: When the relative size of delta vs pkg is larger than this, delta + is not used. Use `0` to turn off delta rpm processing. Local repositories + (with file:// `baseurl`) have delta rpms turned off by default. + name: deltarpm_percentage + - description: 'A human readable string describing the repository. This option + corresponds to the "name" property in the repo file. This parameter is only + required if `state` is set to `present`.' + name: description + - defaultValue: 'yes' + description: This tells yum whether or not use this repository. + name: enabled + - defaultValue: 'yes' + description: Determines whether yum will allow the use of package groups for + this repository. + name: enablegroups + - description: 'List of packages to exclude from updates or installs. This should + be a space separated list. Shell globs using wildcards (eg. `*` and `?`) are + allowed. The list can also be a regular YAML array.' + name: exclude + - auto: PREDEFINED + defaultValue: roundrobin + description: '`roundrobin` randomly selects a URL out of the list of URLs to + start with and proceeds through each of them as it encounters a failure contacting + the host. `priority` starts from the first `baseurl` listed and reads through + them sequentially.' + name: failovermethod + predefined: + - roundrobin + - priority + - description: File name without the `.repo` extension to save the repo in. Defaults + to the value of `name`. + name: file + - description: A URL pointing to the ASCII-armored CA key file for the repository. + name: gpgcakey + - description: 'Tells yum whether or not it should perform a GPG signature check + on packages. No default setting. If the value is not set, the system setting + from `/etc/yum.conf` or system default of `no` will be used.' + name: gpgcheck + - description: 'A URL pointing to the ASCII-armored GPG key file for the repository. + It can also be a list of multiple URLs.' + name: gpgkey + - auto: PREDEFINED + defaultValue: all + description: 'Determines how upstream HTTP caches are instructed to handle any + HTTP downloads that Yum does. `all` means that all HTTP downloads should be + cached. `packages` means that only RPM package downloads should be cached + (but not repository metadata downloads). `none` means that no HTTP downloads + should be cached.' + name: http_caching + predefined: + - all + - packages + - none + - description: Include external configuration file. Both, local path and URL is + supported. Configuration file will be inserted at the position of the `include=` + line. Included files may contain further include lines. Yum will abort with + an error if an inclusion loop is detected. + name: include + - description: 'List of packages you want to only use from a repository. This + should be a space separated list. Shell globs using wildcards (eg. `*` and + `?`) are allowed. Substitution variables (e.g. `$releasever`) are honored + here. The list can also be a regular YAML array.' + name: includepkgs + - auto: PREDEFINED + defaultValue: whatever + description: 'Determines how yum resolves host names. `4` or `IPv4` - resolve + to IPv4 addresses only. `6` or `IPv6` - resolve to IPv6 addresses only.' + name: ip_resolve + predefined: + - '4' + - '6' + - IPv4 + - IPv6 + - whatever + - defaultValue: 'no' + description: This tells yum whether or not HTTP/1.1 keepalive should be used + with this repository. This can improve transfer speeds by using one connection + when downloading multiple files from a repository. + name: keepalive + - auto: PREDEFINED + defaultValue: '1' + description: Either `1` or `0`. Determines whether or not yum keeps the cache + of headers and packages after successful installation. + name: keepcache + predefined: + - '0' + - '1' + - defaultValue: '21600' + description: 'Time (in seconds) after which the metadata will expire. Default + value is 6 hours.' + name: metadata_expire + - auto: PREDEFINED + defaultValue: read-only:present + description: 'Filter the `metadata_expire` time, allowing a trade of speed for + accuracy if a command doesn''t require it. Each yum command can specify that + it requires a certain level of timeliness quality from the remote repos. from + "I''m about to install/upgrade, so this better be current" to "Anything that''s + available is good enough". `never` - Nothing is filtered, always obey `metadata_expire`. + `read-only:past` - Commands that only care about past information are filtered + from metadata expiring. Eg. `yum history` info (if history needs to lookup + anything about a previous transaction, then by definition the remote package + was available in the past). `read-only:present` - Commands that are balanced + between past and future. Eg. `yum list yum`. `read-only:future` - Commands + that are likely to result in running other commands which will require the + latest metadata. Eg. `yum check-update`. Note that this option does not override + "yum clean expire-cache".' + name: metadata_expire_filter + predefined: + - never + - read-only:past + - read-only:present + - read-only:future + - description: 'Specifies a URL to a metalink file for the repomd.xml, a list + of mirrors for the entire repository are generated by converting the mirrors + for the repomd.xml file to a `baseurl`. This, the `baseurl` or `mirrorlist` + parameters are required if `state` is set to `present`.' + name: metalink + - description: 'Specifies a URL to a file containing a list of baseurls. This, + the `baseurl` or `metalink` parameters are required if `state` is set to `present`.' + name: mirrorlist + - defaultValue: '21600' + description: 'Time (in seconds) after which the mirrorlist locally cached will + expire. Default value is 6 hours.' + name: mirrorlist_expire + - description: 'Unique repository ID. This option builds the section name of the + repository in the repo file. This parameter is only required if `state` is + set to `present` or `absent`.' + name: name + required: true + - description: Password to use with the username for basic authentication. + name: password + - defaultValue: '99' + description: 'Enforce ordered protection of repositories. The value is an integer + from 1 to 99. This option only works if the YUM Priorities plugin is installed.' + name: priority + - defaultValue: 'no' + description: Protect packages from updates from other repositories. + name: protect + - description: URL to the proxy server that yum should use. Set to `_none_` to + disable the global proxy setting. + name: proxy + - description: Password for this proxy. + name: proxy_password + - description: Username to use for proxy. + name: proxy_username + - defaultValue: 'no' + description: This tells yum whether or not it should perform a GPG signature + check on the repodata from this repository. + name: repo_gpgcheck + - defaultValue: /etc/yum.repos.d + description: Directory where the `.repo` files will be stored. + name: reposdir + - defaultValue: '10' + description: Set the number of times any attempt to retrieve a file should retry + before returning an error. Setting this to `0` makes yum try forever. + name: retries + - defaultValue: 'no' + description: 'Enables support for S3 repositories. This option only works if + the YUM S3 plugin is installed.' + name: s3_enabled + - defaultValue: 'no' + description: If set to `yes` yum will continue running if this repository cannot + be contacted for any reason. This should be set carefully as all repos are + consulted for any given command. + name: skip_if_unavailable + - defaultValue: 'no' + description: 'Whether yum should check the permissions on the paths for the + certificates on the repository (both remote and local). If we can''t read + any of the files then yum will force `skip_if_unavailable` to be `yes`. This + is most useful for non-root processes which use yum on repos that have client + cert files which are readable only by root.' + name: ssl_check_cert_permissions + - description: Path to the directory containing the databases of the certificate + authorities yum should use to verify SSL certificates. + name: sslcacert + - description: Path to the SSL client certificate yum should use to connect to + repos/remote sites. + name: sslclientcert + - description: Path to the SSL client key yum should use to connect to repos/remote + sites. + name: sslclientkey + - defaultValue: 'yes' + description: Defines whether yum should verify SSL certificates/hosts at all. + name: sslverify + - auto: PREDEFINED + defaultValue: present + description: State of the repo file. + name: state + predefined: + - absent + - present + - description: 'Enable bandwidth throttling for downloads. This option can be + expressed as a absolute data rate in bytes/sec. An SI prefix (k, M or G) may + be appended to the bandwidth value.' + name: throttle + - defaultValue: '30' + description: Number of seconds to wait for a connection before timing out. + name: timeout + - defaultValue: releasever basearch + description: When a repository id is displayed, append these yum variables to + the string if they are used in the `baseurl`/etc. Variables are appended in + the order listed (and found). + name: ui_repoid_vars + - description: Username to use for basic authentication to a repo or really any + url. + name: username + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Add or remove YUM repositories\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/yum_repository_module.html" + name: linux-yum-repository + outputs: + - contextPath: Linux.YumRepository.repo + description: repository name + type: string + - contextPath: Linux.YumRepository.state + description: state of the target, after execution + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Package name `name` or package specifier or a list of either. + Can include a version like `name=1.0`, `name>3.4` or `name<=2.7`. If a version + is given, `oldpackage` is implied and zypper is allowed to update the package + within the version range given. You can also pass a url or a local path to + a rpm file. When using state=latest, this can be ''*'', which updates all + installed packages.' + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: '`present` will make sure the package is installed. `latest` will + make sure the latest version of the package is installed. `absent` will make + sure the specified package is not installed. `dist-upgrade` will make sure + the latest version of all installed packages from all enabled repositories + is installed. When using `dist-upgrade`, `name` should be `''*''`.' + name: state + predefined: + - present + - latest + - absent + - dist-upgrade + - auto: PREDEFINED + defaultValue: package + description: The type of package to be operated on. + name: type + predefined: + - package + - patch + - pattern + - product + - srcpackage + - application + - description: 'Add additional global target options to `zypper`. Options should + be supplied in a single line as if given in the command line.' + name: extra_args_precommand + - defaultValue: 'no' + description: Whether to disable to GPG signature checking of the package signature + being installed. Has an effect only if state is `present` or `latest`. + name: disable_gpg_check + - defaultValue: 'yes' + description: Corresponds to the `--no-recommends` option for `zypper`. Default + behavior (`yes`) modifies zypper's default behavior; `no` does install recommended + packages. + name: disable_recommends + - defaultValue: 'no' + description: Adds `--force` option to `zypper`. Allows to downgrade packages + and change vendor or architecture. + name: force + - defaultValue: 'no' + description: Run the equivalent of `zypper refresh` before the operation. Disabled + in check mode. + name: update_cache + - defaultValue: 'no' + description: Adds `--oldpackage` option to `zypper`. Allows to downgrade packages + with less side-effects than force. This is implied as soon as a version is + specified as part of the package name. + name: oldpackage + - description: 'Add additional options to `zypper` command. Options should be + supplied in a single line as if given in the command line.' + name: extra_args + description: "Manage packages on SUSE and openSUSE\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/zypper_module.html" + name: linux-zypper + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: A name for the repository. Not required when adding repofiles. + name: name + - description: URI of the repository or .repo file. Required when state=present. + name: repo + - auto: PREDEFINED + defaultValue: present + description: A source string state. + name: state + predefined: + - absent + - present + - description: A description of the repository + name: description + - defaultValue: 'no' + description: 'Whether to disable GPG signature checking of all packages. Has + an effect only if state is `present`. Needs zypper version >= 1.6.2.' + name: disable_gpg_check + - defaultValue: 'yes' + description: Enable autorefresh of the repository. + name: autorefresh + - description: 'Set priority of repository. Packages will always be installed + from the repository with the smallest priority number. Needs zypper version + >= 1.12.25.' + name: priority + - defaultValue: 'no' + description: Overwrite multiple repository entries, if repositories with both + name and URL already exist. + name: overwrite_multiple + - defaultValue: 'no' + description: 'Automatically import the gpg signing key of the new or changed + repository. Has an effect only if state is `present`. Has no effect on existing + (unchanged) repositories or in combination with `absent`. Implies runrefresh. + Only works with `.repo` files if `name` is given explicitly.' + name: auto_import_keys + - defaultValue: 'no' + description: 'Refresh the package list of the given repository. Can be used + with repo=* to refresh all repositories.' + name: runrefresh + - defaultValue: 'yes' + description: Set repository to enabled (or disabled). + name: enabled + description: "Add and remove Zypper repositories\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/zypper_repository_module.html" + name: linux-zypper-repository + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the snap to install or remove. Can be a list of snaps. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Desired state of the package. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: Confinement policy. The classic confinement allows a snap to have + the same level of access to the system as "classic" packages, like those managed + by APT. This option corresponds to the --classic argument. This option can + only be specified if there is a single snap in the task. + name: classic + predefined: + - 'Yes' + - 'No' + - defaultValue: stable + description: Define which release of a snap is installed and tracked for updates. + This option can only be specified if there is a single snap in the task. + name: channel + description: "Manages snaps\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/snap_module.html" + name: linux-snap + outputs: + - contextPath: Linux.Snap.classic + description: Whether or not the snaps were installed with the classic confinement + type: boolean + - contextPath: Linux.Snap.channel + description: The channel the snaps were installed from + type: string + - contextPath: Linux.Snap.cmd + description: The command that was executed on the host + type: string + - contextPath: Linux.Snap.snaps_installed + description: The list of actually installed snaps + type: unknown + - contextPath: Linux.Snap.snaps_removed + description: The list of actually removed snaps + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: whether to register and subscribe (`present`), or unregister (`absent`) + a system + name: state + predefined: + - present + - absent + - description: access.redhat.com or Sat6 username + name: username + - description: access.redhat.com or Sat6 password + name: password + - description: Specify an alternative Red Hat Subscription Management or Sat6 + server + name: server_hostname + - description: Enable or disable https server certificate verification when connecting + to `server_hostname` + name: server_insecure + - description: Specify CDN baseurl + name: rhsm_baseurl + - description: Specify an alternative location for a CA certificate for CDN + name: rhsm_repo_ca_cert + - description: Specify a HTTP proxy hostname + name: server_proxy_hostname + - description: Specify a HTTP proxy port + name: server_proxy_port + - description: Specify a user for HTTP proxy with basic authentication + name: server_proxy_user + - description: Specify a password for HTTP proxy with basic authentication + name: server_proxy_password + - defaultValue: 'no' + description: 'Upon successful registration, auto-consume available subscriptions + Added in favor of deprecated autosubscribe in 2.5.' + name: auto_attach + - description: supply an activation key for use with registration + name: activationkey + - description: Organization ID to use in conjunction with activationkey + name: org_id + - description: Register with a specific environment in the destination org. Used + with Red Hat Satellite 6.x or Katello + name: environment + - defaultValue: ^$ + description: 'Specify a subscription pool name to consume. Regular expressions + accepted. Use `pool_ids` instead if possible, as it is much faster. Mutually + exclusive with `pool_ids`.' + name: pool + - description: 'Specify subscription pool IDs to consume. Prefer over `pool` when + possible as it is much faster. A pool ID may be specified as a `string` - + just the pool ID (ex. `0123456789abcdef0123456789abcdef`), or as a `dict` + with the pool ID as the key, and a quantity as the value (ex. `0123456789abcdef0123456789abcdef: + 2`. If the quantity is provided, it is used to consume multiple entitlements + from a pool (the pool must support this). Mutually exclusive with `pool`.' + name: pool_ids + - description: The type of unit to register, defaults to system + name: consumer_type + - description: Name of the system to register, defaults to the hostname + name: consumer_name + - description: 'References an existing consumer ID to resume using a previous + registration for this system. If the system''s identity certificate is lost + or corrupted, this option allows it to resume using its previous identity + and subscriptions. The default is to not specify a consumer ID so a new ID + is created.' + name: consumer_id + - defaultValue: 'no' + description: Register the system even if it is already registered + name: force_register + - description: Set a release version + name: release + - description: Set syspurpose attributes in file `/etc/rhsm/syspurpose/syspurpose.json` + and synchronize these attributes with RHSM server. Syspurpose attributes help + attach the most appropriate subscriptions to the system automatically. When + `syspurpose.json` file already contains some attributes, then new attributes + overwrite existing attributes. When some attribute is not listed in the new + list of attributes, the existing attribute will be removed from `syspurpose.json` + file. Unknown attributes are ignored. + isArray: true + name: syspurpose + description: "Manage registration and subscriptions to RHSM using the C(subscription-manager)\ + \ command\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/redhat_subscription_module.html" + name: linux-redhat-subscription + outputs: + - contextPath: Linux.RedhatSubscription.subscribed_pool_ids + description: List of pool IDs to which system is now subscribed + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the software channel. + name: name + required: true + - description: Name of the system as it is known in RHN/Satellite. + name: sysname + required: true + - defaultValue: present + description: Whether the channel should be present or not, taking action if + the state is different from what is stated. + name: state + - description: The full URL to the RHN/Satellite API. + name: url + required: true + - description: RHN/Satellite login. + name: user + required: true + - description: RHN/Satellite password. + name: password + required: true + description: "Adds or removes Red Hat software channels\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/rhn_channel_module.html" + name: linux-rhn-channel + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether to register (`present`), or unregister (`absent`) a system. + name: state + predefined: + - absent + - present + - description: Red Hat Network username. + name: username + - description: Red Hat Network password. + name: password + - description: 'Specify an alternative Red Hat Network server URL. The default + is the current value of `serverURL` from `/etc/sysconfig/rhn/up2date`.' + name: server_url + - description: Supply an activation key for use with registration. + name: activationkey + - description: Supply an profilename for use with registration. + name: profilename + - description: Supply a custom ssl CA certificate file for use with registration. + name: ca_cert + - description: Supply an organizational id for use with registration. + name: systemorgid + - description: Optionally specify a list of channels to subscribe to upon successful + registration. + isArray: true + name: channels + - auto: PREDEFINED + defaultValue: 'No' + description: If `no`, extended update support will be requested. + name: enable_eus + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: If `yes`, the registered node will not upload its installed packages + information to Satellite server. + name: nopackages + predefined: + - 'Yes' + - 'No' + description: "Manage Red Hat Network registration using the C(rhnreg_ks) command\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/rhn_register_module.html" + name: linux-rhn-register + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: RHSM release version to use (use null to unset) + name: release + required: true + description: "Set or Unset RHSM Release version\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/rhsm_release_module.html" + name: linux-rhsm-release + outputs: + - contextPath: Linux.RhsmRelease.current_release + description: The current RHSM release version value + type: string + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: If state is equal to present or disabled, indicates the desired + repository state. + name: state + predefined: + - present + - enabled + - absent + - disabled + required: true + - description: 'The ID of repositories to enable. To operate on several repositories + this can accept a comma separated list or a YAML list.' + name: name + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Disable all currently enabled repositories that are not not specified + in `name`. Only set this to `True` if passing in a list of repositories to + the `name` field. Using this with `loop` will most likely not have the desired + result. + name: purge + predefined: + - 'Yes' + - 'No' + description: "Manage RHSM repositories using the subscription-manager command\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/rhsm_repository_module.html" + name: linux-rhsm-repository + outputs: + - contextPath: Linux.RhsmRepository.repositories + description: 'The list of RHSM repositories with their states. When this module + is used to change the repository states, this list contains the updated states + after the changes.' + type: unknown + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Key that will be modified. Can be a url, a file on the managed + node, or a keyid if the key already exists in the database. + name: key + required: true + - auto: PREDEFINED + defaultValue: present + description: If the key will be imported or removed from the rpm db. + name: state + predefined: + - absent + - present + - defaultValue: 'yes' + description: 'If `no` and the `key` is a url starting with https, SSL certificates + will not be validated. This should only be used on personally controlled sites + using self-signed certificates.' + name: validate_certs + - description: 'The long-form fingerprint of the key being imported. This will + be used to verify the specified key.' + name: fingerprint + description: "Adds or removes a gpg key from the rpm db\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/rpm_key_module.html" + name: linux-rpm-key + outputs: [] + - arguments: + - description: hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path + name: url + required: true + - description: 'Absolute path of where to download the file to. If `dest` is a + directory, either the server provided filename or, if none provided, the base + name of the URL on the remote server will be used. If a directory, `force` + has no effect. If `dest` is a directory, the file will always be downloaded + (regardless of the `force` option), but replaced only if the contents changed..' + name: dest + required: true + - description: 'Absolute path of where temporary file is downloaded to. When run + on Ansible 2.5 or greater, path defaults to ansible''s remote_tmp setting + When run on Ansible prior to 2.5, it defaults to `TMPDIR`, `TEMP` or `TMP` + env variables or a platform specific value. `https://docs.python.org/2/library/tempfile.html#tempfile.tempdir`' + name: tmp_dest + - auto: PREDEFINED + defaultValue: 'No' + description: 'If `yes` and `dest` is not a directory, will download the file + every time and replace the file if the contents change. If `no`, the file + will only be downloaded if the destination does not exist. Generally should + be `yes` only for small local files. Prior to 0.6, this module behaved as + if `yes` was the default. Alias `thirsty` has been deprecated and will be + removed in 2.13.' + name: force + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including the timestamp information so you + can get the original file back if you somehow clobbered it incorrectly. + name: backup + predefined: + - 'Yes' + - 'No' + - defaultValue: '' + description: If a SHA-256 checksum is passed to this parameter, the digest of + the destination file will be calculated after it is downloaded to ensure its + integrity and verify that the transfer completed successfully. This option + is deprecated. Use `checksum` instead. + name: sha256sum + - defaultValue: '' + description: 'If a checksum is passed to this parameter, the digest of the destination + file will be calculated after it is downloaded to ensure its integrity and + verify that the transfer completed successfully. Format: :, + e.g. checksum="sha256:D98291AC[...]B6DC7B97", checksum="sha256:http://example.com/path/sha256sum.txt" + If you worry about portability, only the sha1 algorithm is available on all + platforms and python versions. The third party hashlib library can be installed + for access to additional algorithms. Additionally, if a checksum is passed + to this parameter, and the file exist under the `dest` location, the `destination_checksum` + would be calculated, and if checksum equals `destination_checksum`, the file + download would be skipped (unless `force` is true). If the checksum does not + equal `destination_checksum`, the destination file is deleted.' + name: checksum + - auto: PREDEFINED + defaultValue: 'Yes' + description: if `no`, it will not use a proxy, even if one is defined in an + environment variable on the target hosts. + name: use_proxy + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If `no`, SSL certificates will not be validated. This should only + be used on personally controlled sites using self-signed certificates.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - defaultValue: '10' + description: Timeout in seconds for URL request. + name: timeout + - description: 'Add custom HTTP headers to a request in hash/dict format. The + hash/dict format was added in Ansible 2.6. Previous versions used a `"key:value,key:value"` + string format. The `"key:value,key:value"` string format is deprecated and + will be removed in version 2.10.' + name: headers + - description: 'The username for use in HTTP basic authentication. This parameter + can be used without `url_password` for sites that allow empty passwords. Since + version 2.8 you can also use the `username` alias for this option.' + name: url_username + - description: 'The password for use in HTTP basic authentication. If the `url_username` + parameter is not specified, the `url_password` parameter will not be used. + Since version 2.8 you can also use the ''password'' alias for this option.' + name: url_password + - auto: PREDEFINED + defaultValue: 'No' + description: 'Force the sending of the Basic authentication header upon initial + request. httplib2, the library used by the uri module only sends authentication + information when a webservice responds to an initial request with a 401 status. + Since some basic auth services do not properly send a 401, logins will fail.' + name: force_basic_auth + predefined: + - 'Yes' + - 'No' + - description: 'PEM formatted certificate chain file to be used for SSL client + authentication. This file can also include the key as well, and if the key + is included, `client_key` is not required.' + name: client_cert + - description: 'PEM formatted file that contains your private key to be used for + SSL client authentication. If `client_cert` contains both the certificate + and key, this option is not required.' + name: client_key + - defaultValue: ansible-httpget + description: Header to identify as, generally appears in web server logs. + name: http_agent + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Downloads files from HTTP, HTTPS, or FTP to node\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/get_url_module.html" + name: linux-get-url + outputs: + - contextPath: Linux.GetUrl.backup_file + description: name of backup file created after download + type: string + - contextPath: Linux.GetUrl.checksum_dest + description: sha1 checksum of the file after copy + type: string + - contextPath: Linux.GetUrl.checksum_src + description: sha1 checksum of the file + type: string + - contextPath: Linux.GetUrl.dest + description: destination file/path + type: string + - contextPath: Linux.GetUrl.elapsed + description: The number of seconds that elapsed while performing the download + type: number + - contextPath: Linux.GetUrl.gid + description: group id of the file + type: number + - contextPath: Linux.GetUrl.group + description: group of the file + type: string + - contextPath: Linux.GetUrl.md5sum + description: md5 checksum of the file after download + type: string + - contextPath: Linux.GetUrl.mode + description: permissions of the target + type: string + - contextPath: Linux.GetUrl.msg + description: the HTTP message from the request + type: string + - contextPath: Linux.GetUrl.owner + description: owner of the file + type: string + - contextPath: Linux.GetUrl.secontext + description: the SELinux security context of the file + type: string + - contextPath: Linux.GetUrl.size + description: size of the target + type: number + - contextPath: Linux.GetUrl.src + description: source file used after download + type: string + - contextPath: Linux.GetUrl.state + description: state of the target + type: string + - contextPath: Linux.GetUrl.status_code + description: the HTTP status code from the request + type: number + - contextPath: Linux.GetUrl.uid + description: owner id of the file, after execution + type: number + - contextPath: Linux.GetUrl.url + description: the actual URL used for the request + type: string + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux_description.md b/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux_description.md new file mode 100644 index 000000000000..1e8db0b7b967 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux_description.md @@ -0,0 +1,30 @@ +# Ansible Linux + +This integration enables the management of Linux hosts directly from XSOAR using SSH and Python. + +# Requirements +The Linux host(s) being managed requires Python >= 2.6. Different commands will use different underlying Ansible modules, and may have their own unique package requirements. Refer to the individual command documentation for further information. + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the Linux host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. + +## Credentials + +This integration supports a number of methods of authenticating with the Linux Host: + +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions + +Whilst un-privileged Linux user privileges can be used, a SuperUser account is recommended as most commands will require elevated permissions to execute. + +## Privilege Escalation +Ansible can use existing privilege escalation systems to allow a user to execute tasks as another. Different from the user that logged into the machine (remote user). This is done using existing privilege escalation tools, which you probably already use or have configured, like sudo, su, or doas. Unless you are remoting into the system as root (uid 0) you will need to escalate your privileges to a super user. Use the Integration parameters `Escalate Privileges`, `Privilege Escalation Method`, `Privilege Escalation User`, `Privileges Escalation Password` to configure this. + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!linux-gather-facts`command providing an example `host` as the command argument. This command will connect to the specified host with the configured credentials in the integration, and if successful output general information about the host. diff --git a/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux_image.png b/Packs/AnsibleLinux/Integrations/AnsibleLinux/AnsibleLinux_image.png new file mode 100644 index 0000000000000000000000000000000000000000..f7ab07ff656c41980319ab61c6852335b8435d6e GIT binary patch literal 3779 zcmV;!4m|ORP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!TP&-n`joLN*daAPEo>q9$Sx1k_flfZ#$~(V|iiX+hBxP!4rFdeoz>6vYi$R4Sfg z;nemV+@e(!1fiwij%5h}OafUaliBy%|K9fol8}%|G9xXW@0|bK|Ni&h_g>!j{{Q~> zzBiE=V@Trcg+?utI7{(^dGO3zryu#gsv1^{1y_u}0*ja2pQkn@kw7Gr;A^g)xG5($ z_xf2gXF#vlBOH!EuhU}d)~#5y1*1R)^=FD#p%o12$+M6HtNh7pNGz|X}!nIqu$ zW4>reBCbdX!Iz90$;OVkM6I13FRWZ6%5W%@^x^~{VFYLO z?W@)l@USdNlJMpzY|VE3bN3#hFMI0AltuS0afwP2aYI6uNxQ%J3RN{VI8bp2HOG#l z^6(KMM~;4vs%pi~%P6@V9*^gbs+vSR!96(MqLF1b{iYk(hV`#Au5+UA7q<9 zc$af#e^Tt<`Ew?9r&dM^nH(Rzb{eYW*uq1$W?m~#Czq5ot1R($)-SGb_~ zLRid36qmN0r<3z={E?6lojYitAo9^iAH(nhB{|L?G8hJ(gfG7Q8o#(@2FxZUn@%FJ zNC?6976rwvUX7sP!goYO{$Ig2OB7FQytXTaDj?ui#6Rso@kA#G1S*vADb=8Rc z{+xiiZ)5j|Y7N9dJ zAvxUgcSQUd(CBT*yk#%^0cul`Bsl&^2*K{ZjA8mzKV)MVOrK56X_bbQ3P^S{LLM!& z<`7=mkbwnjwkvIfB*F1V+~?qDmOZt;$0=6+485C%Btyq8gUQNJi+4Sv6^b}VnMrYBFrUqqRqRj2%(7^h0eDu zolP|udfrG;k0Ksnx@dSIYqs0b(AcC}Xl+i{!k22_e7pCw$B$k=$JsDt#FgNSM_zRN zi?6;phu_TO$7)n7-L$Y9VcDYS5f8$W2^!`{ZEY=zN=6BL6b1Q1@$Y^6<8otrLe|+v zaNI)lwUZ}FoLsI?o^T}`wpwTd4e+>KaQVr5Jsvpijc9Ihp~ZF_KA#VvP#E_tC==tO z;I9?0`pFgVs?{GH%bt4j8Y*_3EeT)TJougkceCeKtP=Xydv+p7judKwzjc;n+DgU5X7k9RKV^0tl4<0&n2wVI5pVS&XHIjr#m=YZ}CZk?F20NXyKkn`Kl#*$KklY(sOCx`a|;HS2Ie={V%&=7?8{91HHc z1JA#-8lhmY$DY?+4{qI`qxG190|&68>L;H|Icg&9PxdqhYSw<$hT;cMeW)Z{(r-m$Z59w`=EiwrAH4X16yp zm&?VPn{A}qnb+%KPN(C9t*NO|^o@#6uNUKI+&W#9yuRS>JK4Nn&v~Mw^Tr~rud97q zXL7nRsi~D+uDyCmOr$hBYRY` zvii0e$IEN3o;am-pRS}=bMUyam*9hsKE@-DJt69|XU|5TjBJr12Lb_6ww8`;h36H6 zE=6R|6n4aMOh%I^H-EAf#pe~FU|9Yg!tj5F`uc`8Vf!+=-;{X1rSXpJ| zVLblGgQA|BGYA=JC$nZwSbKD4(`t3%o2@t2trfO)>;H`GtiGr`aul_7^;}kphW`Qh z{j?^GBX0cpPgM<|X!fkxX#?*@y6sieMMrx?$1?tp=!n!MD$v!Hfn2D4WCPk3SVQm)j@El_Z%@>?9FHf_?}f;5%6yB_+zc;%0jbh4vsWzjW+sVTdz2%7i<^nfOTI(BUJW zPM&b(iEqYBiZ6)ydO3PT@VfOIaP<2s@-7*9gY%GjVyGXF@@H| z0V0(z2_ytOc5w{x32l(PoIF{k@XW_^EGWB6gzLImWvi2iX}J09mp6C$(@Xgl zBrmH--dR{S-%B^JTNCEKeW&F^z~k|%+DS~Fc$KOtq(x=u;JiZBdaePwa*oc>qn#}NzVx|S#dv<36Nf2;ZrxlCgI-78>V-yU5MIa0=Oy2! zG#GTyQaI<}bG6xQfS<^fwK7Z*2OMFu=sWYKpW^a~Q$;_H-Mc@>&VTJjzpN}6O~xIR zwYS~0PNGY6n_%0j@#(xsDHsCx;UhTMY{Jbezr*Ga-cmXcbYaSlWwX$EVio=9t~E4~ z03sSa^>tHU3sOER!{WD{*nU8nqd91f66Ks}6R>7O`46AroCWAfh_U?A;U-DK*do?qX4bZj8qdPTBLJwQ;Z5XX@R3+F6P20+qMMjAQ>#sxogPt zWvqH|njkeQ9In4k!Lv7M`GeK{P?JRW2*gDf#3o4IkwCx&=awfhI5!6? z|L`!pAKeEz_h;}mxS&t-@$;+S03{JCVhYimSbc^U`usVN+fv!J@lv7oN+H9weUmX?#Sw#UO!lG5CloJx$A$JR`X2ZdeP)(8V-?X|lvIT0;u% zK+xreug-#uJ3dK<>TaM*59Z_=vjPaYtx9P15(z#Vl?`D27Ezb`je}l$^1d&9=6R%= z`7ik;cmse@C(#lLf^goCdpHLtH@bJAiBwS7wm^zBDZ*^xd@|dENYDXerVo7z$d*L6 z5L1Ybgm|JvOGZyEuh1x3bQ8G<(AqTUqS6Unib4EDC5lad-ziF~j`~yR<-}_Fcmnrg zvtA)vCo2ql>KKLW2D%`dBIM1Qta6GN$Dp$+PlRL)CFkO9A{K&urgLbiLm@hF>^&lj zh;<()qABi%Xw4fY;we)$oU3e;E}wS=EEWru@1gngZOD;> z^BTmCSwU$H| z=rW5AZz*BOQ{D){tL3{G6ryR(6Cy&WWLnY#BocWU{ImyocFSjj($~2s z(>Z=jyTV7^7&gm8SF4HnWA5iv2pnRaa)%S@M4t2LU%n@n*3YrqsbM!9NAqKD`;!SMn; tD8Hpb?1K`qkMlB#-s8W9;3N_O;6L&}naH$adZYjV002ovPDHLkV1k;*Rb~JH literal 0 HcmV?d00001 diff --git a/Packs/AnsibleLinux/Integrations/AnsibleLinux/README.md b/Packs/AnsibleLinux/Integrations/AnsibleLinux/README.md new file mode 100644 index 000000000000..3d93d1473cc5 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleLinux/README.md @@ -0,0 +1,8272 @@ +This integration enables the management of Linux hosts directly from XSOAR using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server, all you need to do is provide credentials you are ready to use the feature rich commands. This integration functions without any agents or additional software installed on the hosts by utilising SSH combined with Python. + +To use this integration, configure an instance of this integration. This will associate a credential to be used to access hosts when commands are run. The commands from this integration will take the Linux host address(es) as an input, and use the saved credential associated to the instance to execute. Create separate instances if multiple credentials are required. + +## Requirements +The Linux host(s) being managed requires Python >= 2.6. Different commands will use different underlying Ansible modules, and may have their own unique package requirements. Refer to the individual command documentation for further information. + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the Linux host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. + +## Credentials +This integration supports a number of methods of authenticating with the Linux Host: +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions +Whilst un-privileged Linux user privileges can be used, a SuperUser account is recommended as most commands will require elevated permissions to execute. + +## Privilege Escalation +Ansible can use existing privilege escalation systems to allow a user to execute tasks as another. Different from the user that logged into the machine (remote user). This is done using existing privilege escalation tools, which you probably already use or have configured, like sudo, su, or doas. Unless you are remoting into the system as root (uid 0) you will need to escalate your privileges to a super user. Use the Integration parameters `Escalate Privileges`, `Privilege Escalation Method`, `Privilege Escalation User`, `Privileges Escalation Password` to configure this. + +## Concurrency +This integration supports execution of commands against multiple hosts concurrently. The `host` parameter accepts a list of addresses, and will run the command in parallel as per the **Concurrency Factor** value. + +## Further information +This integration is powered by Ansible 2.9. Further information can be found on that the following locations: +* [Ansible Getting Started](https://docs.ansible.com/ansible/latest/user_guide/intro_getting_started.html) +* [Module Documentation](https://docs.ansible.com/ansible/2.9/modules/list_of_all_modules.html) + +## Configure Ansible Linux on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible Linux. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Username | The credentials to associate with the instance. SSH keys can be configured using the credential manager. | True | + | Password | | True | + | Default SSH Port | The default port to use if one is not specified in the commands \`host\` argument. | True | + | Concurrency Factor | If multiple hosts are specified in a command, how many hosts should be interacted with concurrently. | True | + | Escalate Privileges | Ansible allows you to ‘become’ another user, different from the user that
logged into the machine \(remote user\).
| True | + | Privilege Escalation Method | Which privilege escalation method should be used. | True | + | Privilege Escalation User | Set the user you become through privilege escalation | False | + | Privilege Escalation Password | Set the privilege escalation password. | False | + +## Testing +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!linux-gather-facts`command providing an example `host` as the command argument. This command will connect to the specified host with the configured credentials in the integration, and if successful output general information about the host. + +## Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +## State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### linux-alternatives +*** +Manages alternative programs for common commands +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/alternatives_module.html + + +#### Base Command + +`linux-alternatives` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The generic name of the link. | Required | +| path | The path to the real executable that the link should point to. | Required | +| link | The path to the symbolic link that should point to the real executable.
This option is always required on RHEL-based distributions. On Debian-based distributions this option is required when the alternative `name` is unknown to the system. | Optional | +| priority | The priority of the alternative. Default is 50. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-alternatives host="123.123.123.123" name="java" path="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.292.b10-0.el8_3.x86_64/jre/bin/java" ``` + +#### Context Example +```json +{ + "Linux": { + "Alternatives": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-at +*** +Schedule the execution of a command or script file via the at command +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/at_module.html + + +#### Base Command + +`linux-at` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| command | A command to be executed in the future. | Optional | +| script_file | An existing script file to be executed in the future. | Optional | +| count | The count of units in the future to execute the command or script file. | Required | +| units | The type of units in the future to execute the command or script file. Possible values are: minutes, hours, days, weeks. | Required | +| state | The state dictates if the command or script file should be evaluated as present(added) or absent(deleted). Possible values are: absent, present. Default is present. | Optional | +| unique | If a matching job is present a new job will not be added. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-at host="123.123.123.123" command="ls -d / >/dev/null" count="20" units="minutes" ``` + +#### Context Example +```json +{ + "Linux": { + "At": { + "changed": true, + "count": 20, + "host": "123.123.123.123", + "script_file": "/tmp/at248vavr9", + "state": "present", + "status": "CHANGED", + "units": "minutes" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * count: 20 +> * script_file: /tmp/at248vavr9 +> * state: present +> * units: minutes + + +### linux-authorized-key +*** +Adds or removes an SSH authorized key +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/authorized_key_module.html + + +#### Base Command + +`linux-authorized-key` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| user | The username on the remote host whose authorized_keys file will be modified. | Required | +| key | The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys). | Required | +| path | Alternate path to the authorized_keys file.
When unset, this value defaults to `~/.ssh/authorized_keys`. | Optional | +| manage_dir | Whether this module should manage the directory of the authorized key file.
If set to `yes`, the module will create the directory, as well as set the owner and permissions of an existing directory.
Be sure to set `manage_dir=no` if you are using an alternate directory for authorized_keys, as set with `path`, since you could lock yourself out of SSH access.
See the example below. Possible values are: Yes, No. Default is Yes. | Optional | +| state | Whether the given key (with the given key_options) should or should not be in the file. Possible values are: absent, present. Default is present. | Optional | +| key_options | A string of ssh key options to be prepended to the key in the authorized_keys file. | Optional | +| exclusive | Whether to remove all other non-specified keys from the authorized_keys file.
Multiple keys can be specified in a single `key` string value by separating them by newlines.
This option is not loop aware, so if you use `with_` , it will be exclusive per iteration of the loop.
If you want multiple keys in the file you need to pass them all to `key` in a single batch as mentioned above. Possible values are: Yes, No. Default is No. | Optional | +| validate_certs | This only applies if using a https url as the source of the keys.
If set to `no`, the SSL certificates will not be validated.
This should only set to `no` used on personally controlled sites using self-signed certificates as it avoids verifying the source site.
Prior to 2.1 the code worked as if this was set to `yes`. Possible values are: Yes, No. Default is Yes. | Optional | +| comment | Change the comment on the public key.
Rewriting the comment is useful in cases such as fetching it from GitHub or GitLab.
If no comment is specified, the existing comment will be kept. | Optional | +| follow | Follow path symlink instead of replacing it. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.AuthorizedKey.exclusive | boolean | If the key has been forced to be exclusive or not. | +| Linux.AuthorizedKey.key | string | The key that the module was running against. | +| Linux.AuthorizedKey.key_option | string | Key options related to the key. | +| Linux.AuthorizedKey.keyfile | string | Path for authorized key file. | +| Linux.AuthorizedKey.manage_dir | boolean | Whether this module managed the directory of the authorized key file. | +| Linux.AuthorizedKey.path | string | Alternate path to the authorized_keys file | +| Linux.AuthorizedKey.state | string | Whether the given key \(with the given key_options\) should or should not be in the file | +| Linux.AuthorizedKey.unique | boolean | Whether the key is unique | +| Linux.AuthorizedKey.user | string | The username on the remote host whose authorized_keys file will be modified | +| Linux.AuthorizedKey.validate_certs | boolean | This only applies if using a https url as the source of the keys. If set to \`no\`, the SSL certificates will not be validated. | + + +#### Command Example +```!linux-authorized-key host="123.123.123.123" user="charlie" state="present" key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/...REDACTED..uH04Ef2RICcn1iCtsqQcMZfoqFftRcGi2MyYFyRQrFs= charlie@web01" ``` + +#### Context Example +```json +{ + "Linux": { + "AuthorizedKey": { + "changed": true, + "comment": null, + "exclusive": false, + "follow": false, + "host": "123.123.123.123", + "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/...REDACTED..uH04Ef2RICcn1iCtsqQcMZfoqFftRcGi2MyYFyRQrFs= charlie@web01", + "key_options": null, + "keyfile": "/home/charlie/.ssh/authorized_keys", + "manage_dir": true, + "path": null, + "state": "present", + "status": "CHANGED", + "user": "charlie", + "validate_certs": true + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * comment: None +> * exclusive: False +> * follow: False +> * key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/...REDACTED..uH04Ef2RICcn1iCtsqQcMZfoqFftRcGi2MyYFyRQrFs= charlie@web01 +> * key_options: None +> * keyfile: /home/charlie/.ssh/authorized_keys +> * manage_dir: True +> * path: None +> * state: present +> * user: charlie +> * validate_certs: True + + +### linux-capabilities +*** +Manage Linux capabilities +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/capabilities_module.html + + +#### Base Command + +`linux-capabilities` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Specifies the path to the file to be managed. | Required | +| capability | Desired capability to set (with operator and flags, if state is `present`) or remove (if state is `absent`). | Required | +| state | Whether the entry should be present or absent in the file's capabilities. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +### linux-cron +*** +Manage cron.d and crontab entries +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/cron_module.html + + +#### Base Command + +`linux-cron` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Description of a crontab entry or, if env is set, the name of environment variable.
Required if `state=absent`.
Note that if name is not set and `state=present`, then a new crontab entry will always be created, regardless of existing ones.
This parameter will always be required in future releases. | Optional | +| user | The specific user whose crontab should be modified.
When unset, this parameter defaults to using `root`. | Optional | +| job | The command to execute or, if env is set, the value of environment variable.
The command should not contain line breaks.
Required if `state=present`. | Optional | +| state | Whether to ensure the job or environment variable is present or absent. Possible values are: absent, present. Default is present. | Optional | +| cron_file | If specified, uses this file instead of an individual user's crontab.
If this is a relative path, it is interpreted with respect to `/etc/cron.d`.
If it is absolute, it will typically be `/etc/crontab`.
Many linux distros expect (and some require) the filename portion to consist solely of upper- and lower-case letters, digits, underscores, and hyphens.
To use the `cron_file` parameter you must specify the `user` as well. | Optional | +| backup | If set, create a backup of the crontab before it is modified. The location of the backup is returned in the `backup_file` variable by this module. Possible values are: Yes, No. Default is No. | Optional | +| minute | Minute when the job should run ( 0-59, *, */2, etc ). Default is *. | Optional | +| hour | Hour when the job should run ( 0-23, *, */2, etc ). Default is *. | Optional | +| day | Day of the month the job should run ( 1-31, *, */2, etc ). Default is *. | Optional | +| month | Month of the year the job should run ( 1-12, *, */2, etc ). Default is *. | Optional | +| weekday | Day of the week that the job should run ( 0-6 for Sunday-Saturday, *, etc ). Default is *. | Optional | +| reboot | If the job should be run at reboot. This option is deprecated. Users should use special_time. Possible values are: Yes, No. Default is No. | Optional | +| special_time | Special time specification nickname. Possible values are: annually, daily, hourly, monthly, reboot, weekly, yearly. | Optional | +| disabled | If the job should be disabled (commented out) in the crontab.
Only has effect if `state=present`. Possible values are: Yes, No. Default is No. | Optional | +| env | If set, manages a crontab's environment variable.
New variables are added on top of crontab.
`name` and `value` parameters are the name and the value of environment variable. Possible values are: Yes, No. Default is No. | Optional | +| insertafter | Used with `state=present` and `env`.
If specified, the environment variable will be inserted after the declaration of specified environment variable. | Optional | +| insertbefore | Used with `state=present` and `env`.
If specified, the environment variable will be inserted before the declaration of specified environment variable. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-cron host="123.123.123.123" name="check dirs" minute="0" hour="5,2" job="ls -alh > /dev/null" ``` + +#### Context Example +```json +{ + "Linux": { + "Cron": { + "changed": false, + "envs": [ + "EMAIL" + ], + "host": "123.123.123.123", + "jobs": [ + "check dirs" + ], + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Envs +> * 0: EMAIL +> * ## Jobs +> * 0: check dirs + + +### linux-cronvar +*** +Manage variables in crontabs +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/cronvar_module.html + + +#### Base Command + +`linux-cronvar` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the crontab variable. | Required | +| value | The value to set this variable to.
Required if `state=present`. | Optional | +| insertafter | If specified, the variable will be inserted after the variable specified.
Used with `state=present`. | Optional | +| insertbefore | Used with `state=present`. If specified, the variable will be inserted just before the variable specified. | Optional | +| state | Whether to ensure that the variable is present or absent. Possible values are: absent, present. Default is present. | Optional | +| user | The specific user whose crontab should be modified.
This parameter defaults to `root` when unset. | Optional | +| cron_file | If specified, uses this file instead of an individual user's crontab.
Without a leading `/`, this is assumed to be in `/etc/cron.d`.
With a leading `/`, this is taken as absolute. | Optional | +| backup | If set, create a backup of the crontab before it is modified. The location of the backup is returned in the `backup` variable by this module. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-cronvar host="123.123.123.123" name="EMAIL" value="doug@ansibmod.con.com" ``` + +#### Context Example +```json +{ + "Linux": { + "Cronvar": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS", + "vars": [ + "EMAIL" + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Vars +> * 0: EMAIL + + +### linux-dconf +*** +Modify and read dconf database +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/dconf_module.html + + +#### Base Command + +`linux-dconf` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| key | A dconf key to modify or read from the dconf database. | Required | +| value | Value to set for the specified dconf key. Value should be specified in GVariant format. Due to complexity of this format, it is best to have a look at existing values in the dconf database. Required for `state=present`. | Optional | +| state | The action to take upon the key/value. Possible values are: read, present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Dconf.value | string | value associated with the requested key | + + +#### Command Example +```!linux-dconf host="123.123.123.123" key="/org/gnome/desktop/input-sources/sources" value="[('xkb', 'us'), ('xkb', 'se')]" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "Dconf": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-debconf +*** +Configure a .deb package +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/debconf_module.html + + +#### Base Command + +`linux-debconf` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of package to configure. | Required | +| question | A debconf configuration setting. | Optional | +| vtype | The type of the value supplied.
It is highly recommended to add `no_log=True` to task while specifying `vtype=password`.
`seen` was added in Ansible 2.2. Possible values are: boolean, error, multiselect, note, password, seen, select, string, text, title. | Optional | +| value | Value to set the configuration to. | Optional | +| unseen | Do not set 'seen' flag when pre-seeding. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-filesystem +*** +Makes a filesystem +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/filesystem_module.html + + +#### Base Command + +`linux-filesystem` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| fstype | Filesystem type to be created.
reiserfs support was added in 2.2.
lvm support was added in 2.5.
since 2.5, `dev` can be an image file.
vfat support was added in 2.5
ocfs2 support was added in 2.6
f2fs support was added in 2.7
swap support was added in 2.8. Possible values are: btrfs, ext2, ext3, ext4, ext4dev, f2fs, lvm, ocfs2, reiserfs, xfs, vfat, swap. | Required | +| dev | Target path to device or image file. | Required | +| force | If `yes`, allows to create new filesystem on devices that already has filesystem. Default is no. | Optional | +| resizefs | If `yes`, if the block device and filesystem size differ, grow the filesystem into the space.
Supported for `ext2`, `ext3`, `ext4`, `ext4dev`, `f2fs`, `lvm`, `xfs`, `vfat`, `swap` filesystems.
XFS Will only grow if mounted.
vFAT will likely fail if fatresize < 1.04. Default is no. | Optional | +| opts | List of options to be passed to mkfs command. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-filesystem host="123.123.123.123" fstype="ext2" dev="/dev/sdb1" ``` + +#### Context Example +```json +{ + "Linux": { + "Filesystem": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-firewalld +*** +Manage arbitrary ports/services with firewalld +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/firewalld_module.html + + +#### Base Command + +`linux-firewalld` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| service | Name of a service to add/remove to/from firewalld.
The service must be listed in output of firewall-cmd --get-services. | Optional | +| port | Name of a port or port range to add/remove to/from firewalld.
Must be in the form PORT/PROTOCOL or PORT-PORT/PROTOCOL for port ranges. | Optional | +| rich_rule | Rich rule to add/remove to/from firewalld. | Optional | +| source | The source/network you would like to add/remove to/from firewalld. | Optional | +| interface | The interface you would like to add/remove to/from a zone in firewalld. | Optional | +| icmp_block | The ICMP block you would like to add/remove to/from a zone in firewalld. | Optional | +| icmp_block_inversion | Enable/Disable inversion of ICMP blocks for a zone in firewalld. | Optional | +| zone | The firewalld zone to add/remove to/from.
Note that the default zone can be configured per system but `public` is default from upstream.
Available choices can be extended based on per-system configs, listed here are "out of the box" defaults.
Possible values include `block`, `dmz`, `drop`, `external`, `home`, `internal`, `public`, `trusted`, `work`. | Optional | +| permanent | Should this configuration be in the running firewalld configuration or persist across reboots.
As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 3.0.9).
Note that if this is `no`, immediate is assumed `yes`. | Optional | +| immediate | Should this configuration be applied immediately, if set as permanent. Possible values are: Yes, No. Default is No. | Optional | +| state | Enable or disable a setting.
For ports: Should this port accept (enabled) or reject (disabled) connections.
The states `present` and `absent` can only be used in zone level operations (i.e. when no other parameters but zone and state are set). Possible values are: absent, disabled, enabled, present. | Required | +| timeout | The amount of time the rule should be in effect for when non-permanent. Default is 0. | Optional | +| masquerade | The masquerade setting you would like to enable/disable to/from zones within firewalld. | Optional | +| offline | Whether to run this module even when firewalld is offline. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-firewalld host="123.123.123.123" service="https" permanent="True" state="enabled" ``` + +#### Context Example +```json +{ + "Linux": { + "Firewalld": { + "changed": false, + "host": "123.123.123.123", + "msg": "Permanent operation", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * msg: Permanent operation + + +### linux-gather-facts +*** +Gathers facts about remote hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/gather_facts_module.html + + +#### Base Command + +`linux-gather-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| parallel | A toggle that controls if the fact modules are executed in parallel or serially and in order. This can guarantee the merge order of module facts at the expense of performance.
By default it will be true if more than one fact module is used. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-gather-facts host="123.123.123.123"``` + +#### Context Example +```json +{ + "Linux": { + "GatherFacts": { + "all_ipv4_addresses": [ + "123.123.123.123" + ], + "all_ipv6_addresses": [ + "11:11:11:11:11:11:11:11", + "11:11:11:11:11:11:11:12" + ], + "apparmor": { + "status": "disabled" + }, + "architecture": "x86_64", + "bios_date": "04/05/2016", + "bios_vendor": "Phoenix Technologies LTD", + "bios_version": "6.00", + "board_asset_tag": "NA", + "board_name": "440BX Desktop Reference Platform", + "board_serial": "None", + "board_vendor": "Intel Corporation", + "board_version": "None", + "chassis_asset_tag": "No Asset Tag", + "chassis_serial": "None", + "chassis_vendor": "No Enclosure", + "chassis_version": "N/A", + "cmdline": { + "BOOT_IMAGE": "(hd0,msdos1)/vmlinuz-4.18.0-193.28.1.el8_2.x86_64", + "quiet": true, + "rd.lvm.lv": "cs/swap", + "resume": "/dev/mapper/cs-swap", + "rhgb": true, + "ro": true, + "root": "/dev/mapper/cs-root" + }, + "date_time": { + "date": "2021-07-08", + "day": "08", + "epoch": "1625721772", + "hour": "14", + "iso8601": "2021-07-08T05:22:52Z", + "iso8601_basic": "20210708T142252659998", + "iso8601_basic_short": "20210708T142252", + "iso8601_micro": "2021-07-08T05:22:52.659998Z", + "minute": "22", + "month": "07", + "second": "52", + "time": "14:22:52", + "tz": "JST", + "tz_offset": "+0900", + "weekday": "Thursday", + "weekday_number": "4", + "weeknumber": "27", + "year": "2021" + }, + "default_ipv4": { + "address": "123.123.123.123", + "alias": "ens192", + "broadcast": "192.168.1.255", + "gateway": "192.168.1.1", + "interface": "ens192", + "macaddress": "00:0c:29:bb:37:cb", + "mtu": 1500, + "netmask": "255.255.255.0", + "network": "192.168.1.0", + "type": "ether" + }, + "default_ipv6": {}, + "device_links": { + "ids": { + "dm-0": [ + "dm-name-cs-root", + "dm-uuid-LVM-YhrXQybKNO1NfDqL2i4yG9N2vQ9W5Ix0PcUDF884ZLUhBT5nET1F2IFZs8MpqFoT" + ] + }, + "labels": {}, + "masters": { + "sda2": [ + "dm-0", + "dm-1" + ] + }, + "uuids": { + "dm-0": [ + "9cf80eb1-50cf-48e5-af07-49d65717fab7" + ] + } + }, + "devices": { + "dm-0": { + "holders": [], + "host": "", + "links": { + "ids": [ + "dm-name-cs-root", + "dm-uuid-LVM-YhrXQybKNO1NfDqL2i4yG9N2vQ9W5Ix0PcUDF884ZLUhBT5nET1F2IFZs8MpqFoT" + ], + "labels": [], + "masters": [], + "uuids": [ + "9cf80eb1-50cf-48e5-af07-49d65717fab7" + ] + }, + "model": null, + "partitions": {}, + "removable": "0", + "rotational": "0", + "sas_address": null, + "sas_device_handle": null, + "scheduler_mode": "", + "sectors": "28090368", + "sectorsize": "512", + "size": "13.39 GB", + "support_discard": "0", + "vendor": null, + "virtual": 1 + } + }, + "discovered_interpreter_python": "/usr/libexec/platform-python", + "distribution": "CentOS", + "distribution_file_parsed": true, + "distribution_file_path": "/etc/redhat-release", + "distribution_file_variety": "RedHat", + "distribution_major_version": "8", + "distribution_release": "Core", + "distribution_version": "8.2", + "dns": { + "nameservers": [ + "192.168.1.1", + "fe80::1213:31ff:fec2:926c%ens192" + ], + "search": [ + "lan" + ] + }, + "domain": "lan", + "effective_group_id": 0, + "effective_user_id": 0, + "ens192": { + "active": true, + "device": "ens192", + "features": { + "esp_hw_offload": "off [fixed]", + "esp_tx_csum_hw_offload": "off [fixed]", + "fcoe_mtu": "off [fixed]", + "generic_receive_offload": "on", + "generic_segmentation_offload": "on", + "highdma": "on", + "hw_tc_offload": "off [fixed]", + "l2_fwd_offload": "off [fixed]", + "large_receive_offload": "on", + "loopback": "off [fixed]", + "netns_local": "off [fixed]", + "ntuple_filters": "off [fixed]", + "receive_hashing": "off [fixed]", + "rx_all": "off [fixed]", + "rx_checksumming": "on", + "rx_fcs": "off [fixed]", + "rx_gro_hw": "off [fixed]", + "rx_udp_tunnel_port_offload": "off [fixed]", + "rx_vlan_filter": "on [fixed]", + "rx_vlan_offload": "on", + "rx_vlan_stag_filter": "off [fixed]", + "rx_vlan_stag_hw_parse": "off [fixed]", + "scatter_gather": "on", + "tcp_segmentation_offload": "on", + "tls_hw_record": "off [fixed]", + "tls_hw_rx_offload": "off [fixed]", + "tls_hw_tx_offload": "off [fixed]", + "tx_checksum_fcoe_crc": "off [fixed]", + "tx_checksum_ip_generic": "on", + "tx_checksum_ipv4": "off [fixed]", + "tx_checksum_ipv6": "off [fixed]", + "tx_checksum_sctp": "off [fixed]", + "tx_checksumming": "on", + "tx_esp_segmentation": "off [fixed]", + "tx_fcoe_segmentation": "off [fixed]", + "tx_gre_csum_segmentation": "off [fixed]", + "tx_gre_segmentation": "off [fixed]", + "tx_gso_partial": "off [fixed]", + "tx_gso_robust": "off [fixed]", + "tx_ipxip4_segmentation": "off [fixed]", + "tx_ipxip6_segmentation": "off [fixed]", + "tx_lockless": "off [fixed]", + "tx_nocache_copy": "off", + "tx_scatter_gather": "on", + "tx_scatter_gather_fraglist": "off [fixed]", + "tx_sctp_segmentation": "off [fixed]", + "tx_tcp6_segmentation": "on", + "tx_tcp_ecn_segmentation": "off [fixed]", + "tx_tcp_mangleid_segmentation": "off", + "tx_tcp_segmentation": "on", + "tx_udp_segmentation": "off [fixed]", + "tx_udp_tnl_csum_segmentation": "off [fixed]", + "tx_udp_tnl_segmentation": "off [fixed]", + "tx_vlan_offload": "on", + "tx_vlan_stag_hw_insert": "off [fixed]", + "vlan_challenged": "off [fixed]" + }, + "hw_timestamp_filters": [], + "ipv4": { + "address": "123.123.123.123", + "broadcast": "192.168.1.255", + "netmask": "255.255.255.0", + "network": "192.168.1.0" + }, + "ipv6": [ + { + "address": "11:11:11:11:11:11:11:11", + "prefix": "64", + "scope": "global" + }, + { + "address": "11:11:11:11:11:11:11:12", + "prefix": "64", + "scope": "link" + } + ], + "macaddress": "00:0c:29:bb:37:cb", + "module": "vmxnet3", + "mtu": 1500, + "pciid": "0000:0b:00.0", + "promisc": false, + "speed": 10000, + "timestamping": [ + "rx_software", + "software" + ], + "type": "ether" + }, + "fibre_channel_wwn": [], + "fips": false, + "form_factor": "Other", + "fqdn": "web01.lan", + "gather_subset": [ + "all" + ], + "host": "123.123.123.123", + "hostname": "web01", + "hostnqn": "", + "interfaces": [ + "lo", + "ens192" + ], + "is_chroot": false, + "iscsi_iqn": "", + "kernel": "4.18.0-193.28.1.el8_2.x86_64", + "kernel_version": "#1 SMP Thu Oct 22 00:20:22 UTC 2020", + "lo": { + "active": true, + "device": "lo", + "features": { + "esp_hw_offload": "off [fixed]", + "esp_tx_csum_hw_offload": "off [fixed]", + "fcoe_mtu": "off [fixed]", + "generic_receive_offload": "on", + "generic_segmentation_offload": "on", + "highdma": "on [fixed]", + "hw_tc_offload": "off [fixed]", + "l2_fwd_offload": "off [fixed]", + "large_receive_offload": "off [fixed]", + "loopback": "on [fixed]", + "netns_local": "on [fixed]", + "ntuple_filters": "off [fixed]", + "receive_hashing": "off [fixed]", + "rx_all": "off [fixed]", + "rx_checksumming": "on [fixed]", + "rx_fcs": "off [fixed]", + "rx_gro_hw": "off [fixed]", + "rx_udp_tunnel_port_offload": "off [fixed]", + "rx_vlan_filter": "off [fixed]", + "rx_vlan_offload": "off [fixed]", + "rx_vlan_stag_filter": "off [fixed]", + "rx_vlan_stag_hw_parse": "off [fixed]", + "scatter_gather": "on", + "tcp_segmentation_offload": "on", + "tls_hw_record": "off [fixed]", + "tls_hw_rx_offload": "off [fixed]", + "tls_hw_tx_offload": "off [fixed]", + "tx_checksum_fcoe_crc": "off [fixed]", + "tx_checksum_ip_generic": "on [fixed]", + "tx_checksum_ipv4": "off [fixed]", + "tx_checksum_ipv6": "off [fixed]", + "tx_checksum_sctp": "on [fixed]", + "tx_checksumming": "on", + "tx_esp_segmentation": "off [fixed]", + "tx_fcoe_segmentation": "off [fixed]", + "tx_gre_csum_segmentation": "off [fixed]", + "tx_gre_segmentation": "off [fixed]", + "tx_gso_partial": "off [fixed]", + "tx_gso_robust": "off [fixed]", + "tx_ipxip4_segmentation": "off [fixed]", + "tx_ipxip6_segmentation": "off [fixed]", + "tx_lockless": "on [fixed]", + "tx_nocache_copy": "off [fixed]", + "tx_scatter_gather": "on [fixed]", + "tx_scatter_gather_fraglist": "on [fixed]", + "tx_sctp_segmentation": "on", + "tx_tcp6_segmentation": "on", + "tx_tcp_ecn_segmentation": "on", + "tx_tcp_mangleid_segmentation": "on", + "tx_tcp_segmentation": "on", + "tx_udp_segmentation": "off [fixed]", + "tx_udp_tnl_csum_segmentation": "off [fixed]", + "tx_udp_tnl_segmentation": "off [fixed]", + "tx_vlan_offload": "off [fixed]", + "tx_vlan_stag_hw_insert": "off [fixed]", + "vlan_challenged": "on [fixed]" + }, + "hw_timestamp_filters": [], + "ipv4": { + "address": "127.0.0.1", + "broadcast": "", + "netmask": "255.0.0.0", + "network": "127.0.0.0" + }, + "ipv6": [ + { + "address": "::1", + "prefix": "128", + "scope": "host" + } + ], + "mtu": 65536, + "promisc": false, + "timestamping": [ + "tx_software", + "rx_software", + "software" + ], + "type": "loopback" + }, + "local": {}, + "lsb": {}, + "lvm": { + "lvs": { + "root": { + "size_g": "13.39", + "vg": "cs" + }, + "swap": { + "size_g": "1.60", + "vg": "cs" + } + }, + "pvs": { + "/dev/sda2": { + "free_g": "0", + "size_g": "15.00", + "vg": "cs" + } + }, + "vgs": { + "cs": { + "free_g": "0", + "num_lvs": "2", + "num_pvs": "1", + "size_g": "15.00" + } + } + }, + "machine": "x86_64", + "machine_id": "c919c21e349f4cbe8cf16333aae4701d", + "memfree_mb": 1412, + "memory_mb": { + "nocache": { + "free": 1709, + "used": 277 + }, + "real": { + "free": 1412, + "total": 1986, + "used": 574 + }, + "swap": { + "cached": 0, + "free": 1639, + "total": 1639, + "used": 0 + } + }, + "memtotal_mb": 1986, + "module_setup": true, + "mounts": [ + { + "block_available": 3057926, + "block_size": 4096, + "block_total": 3508736, + "block_used": 450810, + "device": "/dev/mapper/cs-root", + "fstype": "xfs", + "inode_available": 6985488, + "inode_total": 7022592, + "inode_used": 37104, + "mount": "/", + "options": "rw,seclabel,relatime,attr2,inode64,noquota", + "size_available": 12525264896, + "size_total": 14371782656, + "uuid": "9cf80eb1-50cf-48e5-af07-49d65717fab7" + } + ], + "nodename": "web01", + "os_family": "RedHat", + "pkg_mgr": "dnf", + "proc_cmdline": { + "BOOT_IMAGE": "(hd0,msdos1)/vmlinuz-4.18.0-193.28.1.el8_2.x86_64", + "quiet": true, + "rd.lvm.lv": [ + "cs/root", + "cs/swap" + ], + "resume": "/dev/mapper/cs-swap", + "rhgb": true, + "ro": true, + "root": "/dev/mapper/cs-root" + }, + "processor": [ + "0", + "GenuineIntel", + "Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz" + ], + "processor_cores": 1, + "processor_count": 1, + "processor_nproc": 1, + "processor_threads_per_core": 1, + "processor_vcpus": 1, + "product_name": "VMware Virtual Platform", + "product_serial": "VMware-56 4d d7 77 f1 ba 7c ad-c0 15 39 73 2f bb 37 cb", + "product_uuid": "77d74d56-baf1-ad7c-c015-39732fbb37cb", + "product_version": "None", + "python": { + "executable": "/usr/libexec/platform-python", + "has_sslcontext": true, + "type": "cpython", + "version": { + "major": 3, + "micro": 8, + "minor": 6, + "releaselevel": "final", + "serial": 0 + }, + "version_info": [ + 3, + 6, + 8, + "final", + 0 + ] + }, + "python_version": "3.6.8", + "real_group_id": 0, + "real_user_id": 0, + "selinux": { + "config_mode": "enforcing", + "mode": "enforcing", + "policyvers": 31, + "status": "enabled", + "type": "targeted" + }, + "selinux_python_present": true, + "service_mgr": "systemd", + "ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCjaVzeB+MYtwIxrdDDkNbnVktX/g7yWTJsEKq7ccOVo2JbfnB1rYlVKK52faQvw/W34LG7u3MArRV7mGtll4Gc=", + "ssh_host_key_ecdsa_public_keytype": "ecdsa-sha2-nistp256", + "ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIEqirZU8jupDZ8wJylI4U2fqx3cFNfCUhZB1u4PKnJnW", + "ssh_host_key_ed25519_public_keytype": "ssh-ed25519", + "ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABgQDR3MCoxjeeZzPx+bhSkYBC7naJddiDaKB8v9WNqhDlrdu4AkNK1jqdBgWY4pfTG4+x3ZF//rWgAVVVD2Laih8ErlGmhJOPB4hO9SfB7OBUK5uZaD5jRIl5tvqca9GZboXL4WczjQFTA/0mJJ1uAdGiolkmdyv8tKU92C4OioU4UN9q0bOk+H1yuiwKY3EjRxxrcC3Sxjr63Ojew5SJZsqG+J5dGJI7M63NaePTS3rjrIWcmGjfUQa0vLuZ8uTqsxh3IB2tyNuOlov0ybrKPk5JGmtpvhA2Z6D5TmNOgyHEYqM1CrArcZmCX9EVfly+YQ7NCOLoPKKGOqqKOTuw2ygIZuTOt4IGLDXMiMUgkTECAwUuWykeUwhXOeVSyiMknIuCn/ui1/gQU5JKvhsqNko4hNZKerBGe1wu4upZd7tAsQ63ppEO+tQvy5o4BUudZQtdSQc01WzO0RyRcx1NRIJaezzhGa22naKgaf9zER/hRyypNZNmuLlHhVs6fyXvjPM=", + "ssh_host_key_rsa_public_keytype": "ssh-rsa", + "status": "SUCCESS", + "swapfree_mb": 1639, + "swaptotal_mb": 1639, + "system": "Linux", + "system_capabilities": [ + "cap_chown" + ], + "system_capabilities_enforced": "True", + "system_vendor": "VMware, Inc.", + "uptime_seconds": 331832, + "user_dir": "/root", + "user_gecos": "root", + "user_gid": 0, + "user_id": "root", + "user_shell": "/bin/bash", + "user_uid": 0, + "userspace_architecture": "x86_64", + "userspace_bits": "64", + "virtualization_role": "guest", + "virtualization_type": "VMware" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * architecture: x86_64 +> * bios_date: 04/05/2016 +> * bios_vendor: Phoenix Technologies LTD +> * bios_version: 6.00 +> * board_asset_tag: NA +> * board_name: 440BX Desktop Reference Platform +> * board_serial: None +> * board_vendor: Intel Corporation +> * board_version: None +> * chassis_asset_tag: No Asset Tag +> * chassis_serial: None +> * chassis_vendor: No Enclosure +> * chassis_version: N/A +> * distribution: CentOS +> * distribution_file_parsed: True +> * distribution_file_path: /etc/redhat-release +> * distribution_file_variety: RedHat +> * distribution_major_version: 8 +> * distribution_release: Core +> * distribution_version: 8.2 +> * domain: lan +> * effective_group_id: 0 +> * effective_user_id: 0 +> * fips: False +> * form_factor: Other +> * fqdn: web01.lan +> * hostname: web01 +> * hostnqn: +> * is_chroot: False +> * iscsi_iqn: +> * kernel: 4.18.0-193.28.1.el8_2.x86_64 +> * kernel_version: #1 SMP Thu Oct 22 00:20:22 UTC 2020 +> * machine: x86_64 +> * machine_id: c919c21e349f4cbe8cf16333aae4701d +> * memfree_mb: 1412 +> * memtotal_mb: 1986 +> * nodename: web01 +> * os_family: RedHat +> * pkg_mgr: dnf +> * processor_cores: 1 +> * processor_count: 1 +> * processor_nproc: 1 +> * processor_threads_per_core: 1 +> * processor_vcpus: 1 +> * product_name: VMware Virtual Platform +> * product_serial: VMware-56 4d d7 77 f1 ba 7c ad-c0 15 39 73 2f bb 37 cb +> * product_uuid: 77d74d56-baf1-ad7c-c015-39732fbb37cb +> * product_version: None +> * python_version: 3.6.8 +> * real_group_id: 0 +> * real_user_id: 0 +> * selinux_python_present: True +> * service_mgr: systemd +> * ssh_host_key_ecdsa_public: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCjaVzeB+MYtwIxrdDDkNbnVktX/g7yWTJsEKq7ccOVo2JbfnB1rYlVKK52faQvw/W34LG7u3MArRV7mGtll4Gc= +> * ssh_host_key_ecdsa_public_keytype: ecdsa-sha2-nistp256 +> * ssh_host_key_ed25519_public: AAAAC3NzaC1lZDI1NTE5AAAAIEqirZU8jupDZ8wJylI4U2fqx3cFNfCUhZB1u4PKnJnW +> * ssh_host_key_ed25519_public_keytype: ssh-ed25519 +> * ssh_host_key_rsa_public: AAAAB3NzaC1yc2EAAAADAQABAAABgQDR3MCoxjeeZzPx+bhSkYBC7naJddiDaKB8v9WNqhDlrdu4AkNK1jqdBgWY4pfTG4+x3ZF//rWgAVVVD2Laih8ErlGmhJOPB4hO9SfB7OBUK5uZaD5jRIl5tvqca9GZboXL4WczjQFTA/0mJJ1uAdGiolkmdyv8tKU92C4OioU4UN9q0bOk+H1yuiwKY3EjRxxrcC3Sxjr63Ojew5SJZsqG+J5dGJI7M63NaePTS3rjrIWcmGjfUQa0vLuZ8uTqsxh3IB2tyNuOlov0ybrKPk5JGmtpvhA2Z6D5TmNOgyHEYqM1CrArcZmCX9EVfly+YQ7NCOLoPKKGOqqKOTuw2ygIZuTOt4IGLDXMiMUgkTECAwUuWykeUwhXOeVSyiMknIuCn/ui1/gQU5JKvhsqNko4hNZKerBGe1wu4upZd7tAsQ63ppEO+tQvy5o4BUudZQtdSQc01WzO0RyRcx1NRIJaezzhGa22naKgaf9zER/hRyypNZNmuLlHhVs6fyXvjPM= +> * ssh_host_key_rsa_public_keytype: ssh-rsa +> * swapfree_mb: 1639 +> * swaptotal_mb: 1639 +> * system: Linux +> * system_capabilities_enforced: True +> * system_vendor: VMware, Inc. +> * uptime_seconds: 331832 +> * user_dir: /root +> * user_gecos: root +> * user_gid: 0 +> * user_id: root +> * user_shell: /bin/bash +> * user_uid: 0 +> * userspace_architecture: x86_64 +> * userspace_bits: 64 +> * virtualization_role: guest +> * virtualization_type: VMware +> * discovered_interpreter_python: /usr/libexec/platform-python +> * module_setup: True +> * ## All_Ipv4_Addresses +> * 0: 123.123.123.123 +> * ## All_Ipv6_Addresses +> * 0: 11:11:11:11:11:11:11:11 +> * 1: 11:11:11:11:11:11:11:12 +> * ## Apparmor +> * status: disabled +> * ## Cmdline +> * BOOT_IMAGE: (hd0,msdos1)/vmlinuz-4.18.0-193.28.1.el8_2.x86_64 +> * quiet: True +> * rd.lvm.lv: cs/swap +> * resume: /dev/mapper/cs-swap +> * rhgb: True +> * ro: True +> * root: /dev/mapper/cs-root +> * ## Date_Time +> * date: 2021-07-08 +> * day: 08 +> * epoch: 1625721772 +> * hour: 14 +> * iso8601: 2021-07-08T05:22:52Z +> * iso8601_basic: 20210708T142252659998 +> * iso8601_basic_short: 20210708T142252 +> * iso8601_micro: 2021-07-08T05:22:52.659998Z +> * minute: 22 +> * month: 07 +> * second: 52 +> * time: 14:22:52 +> * tz: JST +> * tz_offset: +0900 +> * weekday: Thursday +> * weekday_number: 4 +> * weeknumber: 27 +> * year: 2021 +> * ## Default_Ipv4 +> * address: 123.123.123.123 +> * alias: ens192 +> * broadcast: 192.168.1.255 +> * gateway: 192.168.1.1 +> * interface: ens192 +> * macaddress: 00:0c:29:bb:37:cb +> * mtu: 1500 +> * netmask: 255.255.255.0 +> * network: 192.168.1.0 +> * type: ether +> * ## Default_Ipv6 +> * ## Device_Links +> * ### Ids +> * #### Dm-0 +> * 0: dm-name-cs-root +> * 1: dm-uuid-LVM-YhrXQybKNO1NfDqL2i4yG9N2vQ9W5Ix0PcUDF884ZLUhBT5nET1F2IFZs8MpqFoT +> * ### Labels +> * ### Masters +> * #### Sda2 +> * 0: dm-0 +> * 1: dm-1 +> * ### Uuids +> * #### Dm-0 +> * 0: 9cf80eb1-50cf-48e5-af07-49d65717fab7 +> * ## Devices +> * ### Dm-0 +> * host: +> * model: None +> * removable: 0 +> * rotational: 0 +> * sas_address: None +> * sas_device_handle: None +> * scheduler_mode: +> * sectors: 28090368 +> * sectorsize: 512 +> * size: 13.39 GB +> * support_discard: 0 +> * vendor: None +> * virtual: 1 +> * #### Holders +> * #### Links +> * ##### Ids +> * 0: dm-name-cs-root +> * 1: dm-uuid-LVM-YhrXQybKNO1NfDqL2i4yG9N2vQ9W5Ix0PcUDF884ZLUhBT5nET1F2IFZs8MpqFoT +> * ##### Labels +> * ##### Masters +> * ##### Uuids +> * 0: 9cf80eb1-50cf-48e5-af07-49d65717fab7 +> * #### Partitions +> * ## Dns +> * ### Nameservers +> * 0: 192.168.1.1 +> * 1: fe80::1213:31ff:fec2:926c%ens192 +> * ### Search +> * 0: lan +> * ## Ens192 +> * active: True +> * device: ens192 +> * macaddress: 00:0c:29:bb:37:cb +> * module: vmxnet3 +> * mtu: 1500 +> * pciid: 0000:0b:00.0 +> * promisc: False +> * speed: 10000 +> * type: ether +> * ### Features +> * esp_hw_offload: off [fixed] +> * esp_tx_csum_hw_offload: off [fixed] +> * fcoe_mtu: off [fixed] +> * generic_receive_offload: on +> * generic_segmentation_offload: on +> * highdma: on +> * hw_tc_offload: off [fixed] +> * l2_fwd_offload: off [fixed] +> * large_receive_offload: on +> * loopback: off [fixed] +> * netns_local: off [fixed] +> * ntuple_filters: off [fixed] +> * receive_hashing: off [fixed] +> * rx_all: off [fixed] +> * rx_checksumming: on +> * rx_fcs: off [fixed] +> * rx_gro_hw: off [fixed] +> * rx_udp_tunnel_port_offload: off [fixed] +> * rx_vlan_filter: on [fixed] +> * rx_vlan_offload: on +> * rx_vlan_stag_filter: off [fixed] +> * rx_vlan_stag_hw_parse: off [fixed] +> * scatter_gather: on +> * tcp_segmentation_offload: on +> * tls_hw_record: off [fixed] +> * tls_hw_rx_offload: off [fixed] +> * tls_hw_tx_offload: off [fixed] +> * tx_checksum_fcoe_crc: off [fixed] +> * tx_checksum_ip_generic: on +> * tx_checksum_ipv4: off [fixed] +> * tx_checksum_ipv6: off [fixed] +> * tx_checksum_sctp: off [fixed] +> * tx_checksumming: on +> * tx_esp_segmentation: off [fixed] +> * tx_fcoe_segmentation: off [fixed] +> * tx_gre_csum_segmentation: off [fixed] +> * tx_gre_segmentation: off [fixed] +> * tx_gso_partial: off [fixed] +> * tx_gso_robust: off [fixed] +> * tx_ipxip4_segmentation: off [fixed] +> * tx_ipxip6_segmentation: off [fixed] +> * tx_lockless: off [fixed] +> * tx_nocache_copy: off +> * tx_scatter_gather: on +> * tx_scatter_gather_fraglist: off [fixed] +> * tx_sctp_segmentation: off [fixed] +> * tx_tcp6_segmentation: on +> * tx_tcp_ecn_segmentation: off [fixed] +> * tx_tcp_mangleid_segmentation: off +> * tx_tcp_segmentation: on +> * tx_udp_segmentation: off [fixed] +> * tx_udp_tnl_csum_segmentation: off [fixed] +> * tx_udp_tnl_segmentation: off [fixed] +> * tx_vlan_offload: on +> * tx_vlan_stag_hw_insert: off [fixed] +> * vlan_challenged: off [fixed] +> * ### Hw_Timestamp_Filters +> * ### Ipv4 +> * address: 123.123.123.123 +> * broadcast: 192.168.1.255 +> * netmask: 255.255.255.0 +> * network: 192.168.1.0 +> * ### Ipv6 +> * ### List +> * address: 11:11:11:11:11:11:11:11 +> * prefix: 64 +> * scope: global +> * ### List +> * address: 11:11:11:11:11:11:11:12 +> * prefix: 64 +> * scope: link +> * ### Timestamping +> * 0: rx_software +> * 1: software +> * ## Fibre_Channel_Wwn +> * ## Interfaces +> * 0: lo +> * 1: ens192 +> * ## Lo +> * active: True +> * device: lo +> * mtu: 65536 +> * promisc: False +> * type: loopback +> * ### Features +> * esp_hw_offload: off [fixed] +> * esp_tx_csum_hw_offload: off [fixed] +> * fcoe_mtu: off [fixed] +> * generic_receive_offload: on +> * generic_segmentation_offload: on +> * highdma: on [fixed] +> * hw_tc_offload: off [fixed] +> * l2_fwd_offload: off [fixed] +> * large_receive_offload: off [fixed] +> * loopback: on [fixed] +> * netns_local: on [fixed] +> * ntuple_filters: off [fixed] +> * receive_hashing: off [fixed] +> * rx_all: off [fixed] +> * rx_checksumming: on [fixed] +> * rx_fcs: off [fixed] +> * rx_gro_hw: off [fixed] +> * rx_udp_tunnel_port_offload: off [fixed] +> * rx_vlan_filter: off [fixed] +> * rx_vlan_offload: off [fixed] +> * rx_vlan_stag_filter: off [fixed] +> * rx_vlan_stag_hw_parse: off [fixed] +> * scatter_gather: on +> * tcp_segmentation_offload: on +> * tls_hw_record: off [fixed] +> * tls_hw_rx_offload: off [fixed] +> * tls_hw_tx_offload: off [fixed] +> * tx_checksum_fcoe_crc: off [fixed] +> * tx_checksum_ip_generic: on [fixed] +> * tx_checksum_ipv4: off [fixed] +> * tx_checksum_ipv6: off [fixed] +> * tx_checksum_sctp: on [fixed] +> * tx_checksumming: on +> * tx_esp_segmentation: off [fixed] +> * tx_fcoe_segmentation: off [fixed] +> * tx_gre_csum_segmentation: off [fixed] +> * tx_gre_segmentation: off [fixed] +> * tx_gso_partial: off [fixed] +> * tx_gso_robust: off [fixed] +> * tx_ipxip4_segmentation: off [fixed] +> * tx_ipxip6_segmentation: off [fixed] +> * tx_lockless: on [fixed] +> * tx_nocache_copy: off [fixed] +> * tx_scatter_gather: on [fixed] +> * tx_scatter_gather_fraglist: on [fixed] +> * tx_sctp_segmentation: on +> * tx_tcp6_segmentation: on +> * tx_tcp_ecn_segmentation: on +> * tx_tcp_mangleid_segmentation: on +> * tx_tcp_segmentation: on +> * tx_udp_segmentation: off [fixed] +> * tx_udp_tnl_csum_segmentation: off [fixed] +> * tx_udp_tnl_segmentation: off [fixed] +> * tx_vlan_offload: off [fixed] +> * tx_vlan_stag_hw_insert: off [fixed] +> * vlan_challenged: on [fixed] +> * ### Hw_Timestamp_Filters +> * ### Ipv4 +> * address: 127.0.0.1 +> * broadcast: +> * netmask: 255.0.0.0 +> * network: 127.0.0.0 +> * ### Ipv6 +> * ### List +> * address: ::1 +> * prefix: 128 +> * scope: host +> * ### Timestamping +> * 0: tx_software +> * 1: rx_software +> * 2: software +> * ## Local +> * ## Lsb +> * ## Lvm +> * ### Lvs +> * #### Root +> * size_g: 13.39 +> * vg: cs +> * #### Swap +> * size_g: 1.60 +> * vg: cs +> * ### Pvs +> * #### /Dev/Sda2 +> * free_g: 0 +> * size_g: 15.00 +> * vg: cs +> * ### Vgs +> * #### Cs +> * free_g: 0 +> * num_lvs: 2 +> * num_pvs: 1 +> * size_g: 15.00 +> * ## Memory_Mb +> * ### Nocache +> * free: 1709 +> * used: 277 +> * ### Real +> * free: 1412 +> * total: 1986 +> * used: 574 +> * ### Swap +> * cached: 0 +> * free: 1639 +> * total: 1639 +> * used: 0 +> * ## Mounts +> * ## 9Cf80Eb1-50Cf-48E5-Af07-49D65717Fab7 +> * block_available: 3057926 +> * block_size: 4096 +> * block_total: 3508736 +> * block_used: 450810 +> * device: /dev/mapper/cs-root +> * fstype: xfs +> * inode_available: 6985488 +> * inode_total: 7022592 +> * inode_used: 37104 +> * mount: / +> * options: rw,seclabel,relatime,attr2,inode64,noquota +> * size_available: 12525264896 +> * size_total: 14371782656 +> * uuid: 9cf80eb1-50cf-48e5-af07-49d65717fab7 +> * ## 99851642-260F-4D7E-83Dd-7Cc990D49126 +> * block_available: 201086 +> * block_size: 4096 +> * block_total: 249830 +> * block_used: 48744 +> * device: /dev/sda1 +> * fstype: ext4 +> * inode_available: 65227 +> * inode_total: 65536 +> * inode_used: 309 +> * mount: /boot +> * options: rw,seclabel,relatime +> * size_available: 823648256 +> * size_total: 1023303680 +> * uuid: 99851642-260f-4d7e-83dd-7cc990d49126 +> * ## Proc_Cmdline +> * BOOT_IMAGE: (hd0,msdos1)/vmlinuz-4.18.0-193.28.1.el8_2.x86_64 +> * quiet: True +> * resume: /dev/mapper/cs-swap +> * rhgb: True +> * ro: True +> * root: /dev/mapper/cs-root +> * ### Rd.Lvm.Lv +> * 0: cs/root +> * 1: cs/swap +> * ## Processor +> * 0: 0 +> * 1: GenuineIntel +> * 2: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz +> * ## Python +> * executable: /usr/libexec/platform-python +> * has_sslcontext: True +> * type: cpython +> * ### Version +> * major: 3 +> * micro: 8 +> * minor: 6 +> * releaselevel: final +> * serial: 0 +> * ### Version_Info +> * 0: 3 +> * 1: 6 +> * 2: 8 +> * 3: final +> * 4: 0 +> * ## Selinux +> * config_mode: enforcing +> * mode: enforcing +> * policyvers: 31 +> * status: enabled +> * type: targeted +> * ## System_Capabilities +> * 0: cap_chown +> * ## Gather_Subset +> * 0: all + + +### linux-gconftool2 +*** +Edit GNOME Configurations +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/gconftool2_module.html + + +#### Base Command + +`linux-gconftool2` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| key | A GConf preference key is an element in the GConf repository that corresponds to an application preference. See man gconftool-2(1). | Required | +| value | Preference keys typically have simple values such as strings, integers, or lists of strings and integers. This is ignored if the state is "get". See man gconftool-2(1). | Optional | +| value_type | The type of value being set. This is ignored if the state is "get". Possible values are: bool, float, int, string. | Optional | +| state | The action to take upon the key/value. Possible values are: absent, get, present. | Required | +| config_source | Specify a configuration source to use rather than the default path. See man gconftool-2(1). | Optional | +| direct | Access the config database directly, bypassing server. If direct is specified then the config_source must be specified as well. See man gconftool-2(1). Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Gconftool2.key | string | The key specified in the module parameters | +| Linux.Gconftool2.value_type | string | The type of the value that was changed | +| Linux.Gconftool2.value | string | The value of the preference key after executing the module | + + +#### Command Example +```!linux-gconftool2 host="123.123.123.123" key="/desktop/gnome/interface/font_name" value_type="string" value="Serif 12" state=present``` + +#### Context Example +```json +{ + "Linux": { + "Gconftool2": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-getent +*** +A wrapper to the unix getent utility +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/getent_module.html + + +#### Base Command + +`linux-getent` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| database | The name of a getent database supported by the target system (passwd, group, hosts, etc). | Required | +| key | Key from which to return values from the specified database, otherwise the full contents are returned. | Optional | +| service | Override all databases with the specified service
The underlying system must support the service flag which is not always available. | Optional | +| split | Character used to split the database values into lists/arrays such as ':' or ' ', otherwise it will try to pick one depending on the database. | Optional | +| fail_key | If a supplied key is missing this will make the task fail if `yes`. Default is yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-getent host="123.123.123.123" database="passwd" key="root" ``` + +#### Context Example +```json +{ + "Linux": { + "Getent": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-group +*** +Add or remove groups +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/group_module.html + + +#### Base Command + +`linux-group` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the group to manage. | Required | +| gid | Optional `GID` to set for the group. | Optional | +| state | Whether the group should be present or not on the remote host. Possible values are: absent, present. Default is present. | Optional | +| system | If `yes`, indicates that the group created is a system group. Possible values are: Yes, No. Default is No. | Optional | +| local | Forces the use of "local" command alternatives on platforms that implement it.
This is useful in environments that use centralized authentication when you want to manipulate the local groups. (e.g. it uses `lgroupadd` instead of `groupadd`).
This requires that these commands exist on the targeted host, otherwise it will be a fatal error. Possible values are: Yes, No. Default is No. | Optional | +| non_unique | This option allows to change the group ID to a non-unique value. Requires `gid`.
Not supported on macOS or BusyBox distributions. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-group host="123.123.123.123" name="somegroup" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "Group": { + "changed": false, + "gid": 1000, + "host": "123.123.123.123", + "name": "somegroup", + "state": "present", + "status": "SUCCESS", + "system": false + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * gid: 1000 +> * name: somegroup +> * state: present +> * system: False + + +### linux-hostname +*** +Manage hostname +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/hostname_module.html + + +#### Base Command + +`linux-hostname` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the host. | Required | +| use | Which strategy to use to update the hostname.
If not set we try to autodetect, but this can be problematic, specially with containers as they can present misleading information. Possible values are: generic, debian, sles, redhat, alpine, systemd, openrc, openbsd, solaris, freebsd. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-hostname host="123.123.123.123" name="web01" ``` + +#### Context Example +```json +{ + "Linux": { + "Hostname": { + "changed": false, + "host": "123.123.123.123", + "name": "web01", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * name: web01 + + +### linux-interfaces-file +*** +Tweak settings in /etc/network/interfaces files +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/interfaces_file_module.html + + +#### Base Command + +`linux-interfaces-file` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dest | Path to the interfaces file. Default is /etc/network/interfaces. | Optional | +| iface | Name of the interface, required for value changes or option remove. | Optional | +| address_family | Address family of the interface, useful if same interface name is used for both inet and inet6. | Optional | +| option | Name of the option, required for value changes or option remove. | Optional | +| value | If `option` is not presented for the `interface` and `state` is `present` option will be added. If `option` already exists and is not `pre-up`, `up`, `post-up` or `down`, it's value will be updated. `pre-up`, `up`, `post-up` and `down` options can't be updated, only adding new options, removing existing ones or cleaning the whole option set are supported. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Default is no. | Optional | +| state | If set to `absent` the option or section will be removed if present instead of created. Possible values are: present, absent. Default is present. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.InterfacesFile.dest | string | destination file/path | +| Linux.InterfacesFile.ifaces | unknown | interfaces dictionary | + + + +### linux-iptables +*** +Modify iptables rules +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/iptables_module.html + + +#### Base Command + +`linux-iptables` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| table | This option specifies the packet matching table which the command should operate on.
If the kernel is configured with automatic module loading, an attempt will be made to load the appropriate module for that table if it is not already there. Possible values are: filter, nat, mangle, raw, security. Default is filter. | Optional | +| state | Whether the rule should be absent or present. Possible values are: absent, present. Default is present. | Optional | +| action | Whether the rule should be appended at the bottom or inserted at the top.
If the rule already exists the chain will not be modified. Possible values are: append, insert. Default is append. | Optional | +| rule_num | Insert the rule as the given rule number.
This works only with `action=insert`. | Optional | +| ip_version | Which version of the IP protocol this rule should apply to. Possible values are: ipv4, ipv6. Default is ipv4. | Optional | +| chain | Specify the iptables chain to modify.
This could be a user-defined chain or one of the standard iptables chains, like `INPUT`, `FORWARD`, `OUTPUT`, `PREROUTING`, `POSTROUTING`, `SECMARK` or `CONNSECMARK`. | Optional | +| protocol | The protocol of the rule or of the packet to check.
The specified protocol can be one of `tcp`, `udp`, `udplite`, `icmp`, `esp`, `ah`, `sctp` or the special keyword `all`, or it can be a numeric value, representing one of these protocols or a different one.
A protocol name from `/etc/protocols` is also allowed.
A `!` argument before the protocol inverts the test.
The number zero is equivalent to all.
`all` will match with all protocols and is taken as default when this option is omitted. | Optional | +| source | Source specification.
Address can be either a network name, a hostname, a network IP address (with /mask), or a plain IP address.
Hostnames will be resolved once only, before the rule is submitted to the kernel. Please note that specifying any name to be resolved with a remote query such as DNS is a really bad idea.
The mask can be either a network mask or a plain number, specifying the number of 1's at the left side of the network mask. Thus, a mask of 24 is equivalent to 255.255.255.0. A `!` argument before the address specification inverts the sense of the address. | Optional | +| destination | Destination specification.
Address can be either a network name, a hostname, a network IP address (with /mask), or a plain IP address.
Hostnames will be resolved once only, before the rule is submitted to the kernel. Please note that specifying any name to be resolved with a remote query such as DNS is a really bad idea.
The mask can be either a network mask or a plain number, specifying the number of 1's at the left side of the network mask. Thus, a mask of 24 is equivalent to 255.255.255.0. A `!` argument before the address specification inverts the sense of the address. | Optional | +| tcp_flags | TCP flags specification.
`tcp_flags` expects a dict with the two keys `flags` and `flags_set`. | Optional | +| match | Specifies a match to use, that is, an extension module that tests for a specific property.
The set of matches make up the condition under which a target is invoked.
Matches are evaluated first to last if specified as an array and work in short-circuit fashion, i.e. if one extension yields false, evaluation will stop. | Optional | +| jump | This specifies the target of the rule; i.e., what to do if the packet matches it.
The target can be a user-defined chain (other than the one this rule is in), one of the special builtin targets which decide the fate of the packet immediately, or an extension (see EXTENSIONS below).
If this option is omitted in a rule (and the goto parameter is not used), then matching the rule will have no effect on the packet's fate, but the counters on the rule will be incremented. | Optional | +| gateway | This specifies the IP address of host to send the cloned packets.
This option is only valid when `jump` is set to `TEE`. | Optional | +| log_prefix | Specifies a log text for the rule. Only make sense with a LOG jump. | Optional | +| log_level | Logging level according to the syslogd-defined priorities.
The value can be strings or numbers from 1-8.
This parameter is only applicable if `jump` is set to `LOG`. Possible values are: 0, 1, 2, 3, 4, 5, 6, 7, emerg, alert, crit, error, warning, notice, info, debug. | Optional | +| goto | This specifies that the processing should continue in a user specified chain.
Unlike the jump argument return will not continue processing in this chain but instead in the chain that called us via jump. | Optional | +| in_interface | Name of an interface via which a packet was received (only for packets entering the `INPUT`, `FORWARD` and `PREROUTING` chains).
When the `!` argument is used before the interface name, the sense is inverted.
If the interface name ends in a `+`, then any interface which begins with this name will match.
If this option is omitted, any interface name will match. | Optional | +| out_interface | Name of an interface via which a packet is going to be sent (for packets entering the `FORWARD`, `OUTPUT` and `POSTROUTING` chains).
When the `!` argument is used before the interface name, the sense is inverted.
If the interface name ends in a `+`, then any interface which begins with this name will match.
If this option is omitted, any interface name will match. | Optional | +| fragment | This means that the rule only refers to second and further fragments of fragmented packets.
Since there is no way to tell the source or destination ports of such a packet (or ICMP type), such a packet will not match any rules which specify them.
When the "!" argument precedes fragment argument, the rule will only match head fragments, or unfragmented packets. | Optional | +| set_counters | This enables the administrator to initialize the packet and byte counters of a rule (during `INSERT`, `APPEND`, `REPLACE` operations). | Optional | +| source_port | Source port or port range specification.
This can either be a service name or a port number.
An inclusive range can also be specified, using the format `first:last`.
If the first port is omitted, `0` is assumed; if the last is omitted, `65535` is assumed.
If the first port is greater than the second one they will be swapped. | Optional | +| destination_port | Destination port or port range specification. This can either be a service name or a port number. An inclusive range can also be specified, using the format first:last. If the first port is omitted, '0' is assumed; if the last is omitted, '65535' is assumed. If the first port is greater than the second one they will be swapped. This is only valid if the rule also specifies one of the following protocols: tcp, udp, dccp or sctp. | Optional | +| to_ports | This specifies a destination port or range of ports to use, without this, the destination port is never altered.
This is only valid if the rule also specifies one of the protocol `tcp`, `udp`, `dccp` or `sctp`. | Optional | +| to_destination | This specifies a destination address to use with `DNAT`.
Without this, the destination address is never altered. | Optional | +| to_source | This specifies a source address to use with `SNAT`.
Without this, the source address is never altered. | Optional | +| syn | This allows matching packets that have the SYN bit set and the ACK and RST bits unset.
When negated, this matches all packets with the RST or the ACK bits set. Possible values are: ignore, match, negate. Default is ignore. | Optional | +| set_dscp_mark | This allows specifying a DSCP mark to be added to packets. It takes either an integer or hex value.
Mutually exclusive with `set_dscp_mark_class`. | Optional | +| set_dscp_mark_class | This allows specifying a predefined DiffServ class which will be translated to the corresponding DSCP mark.
Mutually exclusive with `set_dscp_mark`. | Optional | +| comment | This specifies a comment that will be added to the rule. | Optional | +| ctstate | `ctstate` is a list of the connection states to match in the conntrack module.
Possible states are `INVALID`, `NEW`, `ESTABLISHED`, `RELATED`, `UNTRACKED`, `SNAT`, `DNAT`. | Optional | +| src_range | Specifies the source IP range to match in the iprange module. | Optional | +| dst_range | Specifies the destination IP range to match in the iprange module. | Optional | +| limit | Specifies the maximum average number of matches to allow per second.
The number can specify units explicitly, using `/second', `/minute', `/hour' or `/day', or parts of them (so `5/second' is the same as `5/s'). | Optional | +| limit_burst | Specifies the maximum burst before the above limit kicks in. | Optional | +| uid_owner | Specifies the UID or username to use in match by owner rule.
From Ansible 2.6 when the `!` argument is prepended then the it inverts the rule to apply instead to all users except that one specified. | Optional | +| gid_owner | Specifies the GID or group to use in match by owner rule. | Optional | +| reject_with | Specifies the error packet type to return while rejecting. It implies "jump: REJECT". | Optional | +| icmp_type | This allows specification of the ICMP type, which can be a numeric ICMP type, type/code pair, or one of the ICMP type names shown by the command 'iptables -p icmp -h'. | Optional | +| flush | Flushes the specified table and chain of all rules.
If no chain is specified then the entire table is purged.
Ignores all other parameters. | Optional | +| policy | Set the policy for the chain to the given target.
Only built-in chains can have policies.
This parameter requires the `chain` parameter.
Ignores all other parameters. Possible values are: ACCEPT, DROP, QUEUE, RETURN. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-iptables host="123.123.123.123" chain="INPUT" source="8.8.8.8" jump="DROP" ``` + +#### Context Example +```json +{ + "Linux": { + "Iptables": { + "chain": "INPUT", + "changed": false, + "flush": false, + "host": "123.123.123.123", + "ip_version": "ipv4", + "rule": "-s 8.8.8.8 -j DROP", + "state": "present", + "status": "SUCCESS", + "table": "filter" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * chain: INPUT +> * changed: False +> * flush: False +> * ip_version: ipv4 +> * rule: -s 8.8.8.8 -j DROP +> * state: present +> * table: filter + + +### linux-java-cert +*** +Uses keytool to import/remove key from java keystore (cacerts) +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/java_cert_module.html + + +#### Base Command + +`linux-java-cert` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| cert_url | Basic URL to fetch SSL certificate from.
One of `cert_url` or `cert_path` is required to load certificate. | Optional | +| cert_port | Port to connect to URL.
This will be used to create server URL:PORT. Default is 443. | Optional | +| cert_path | Local path to load certificate from.
One of `cert_url` or `cert_path` is required to load certificate. | Optional | +| cert_alias | Imported certificate alias.
The alias is used when checking for the presence of a certificate in the keystore. | Optional | +| pkcs12_path | Local path to load PKCS12 keystore from. | Optional | +| pkcs12_password | Password for importing from PKCS12 keystore. | Optional | +| pkcs12_alias | Alias in the PKCS12 keystore. | Optional | +| keystore_path | Path to keystore. | Optional | +| keystore_pass | Keystore password. | Required | +| keystore_create | Create keystore if it does not exist. | Optional | +| keystore_type | Keystore type (JCEKS, JKS). | Optional | +| executable | Path to keytool binary if not used we search in PATH for it. Default is keytool. | Optional | +| state | Defines action which can be either certificate import or removal. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.JavaCert.msg | string | Output from stdout of keytool command after execution of given command. | +| Linux.JavaCert.rc | number | Keytool command execution return value. | +| Linux.JavaCert.cmd | string | Executed command to get action done. | + + +#### Command Example +```!linux-java-cert host="123.123.123.123" cert_url="google.com" cert_port="443" keystore_path="/usr/lib/jvm/jre-1.8.0/lib/security/cacerts" keystore_pass="changeit" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "JavaCert": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-java-keystore +*** +Create or delete a Java keystore in JKS format. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/java_keystore_module.html + + +#### Base Command + +`linux-java-keystore` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the certificate. | Required | +| certificate | Certificate that should be used to create the key store. | Required | +| private_key | Private key that should be used to create the key store. | Required | +| password | Password that should be used to secure the key store. | Required | +| dest | Absolute path where the jks should be generated. | Required | +| owner | Name of the user that should own jks file. | Optional | +| group | Name of the group that should own jks file. | Optional | +| mode | Mode the file should be. | Optional | +| force | Key store will be created even if it already exists. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.JavaKeystore.msg | string | Output from stdout of keytool/openssl command after execution of given command or an error. | +| Linux.JavaKeystore.rc | number | keytool/openssl command execution return value | +| Linux.JavaKeystore.cmd | string | Executed command to get action done | + + +#### Command Example +```!linux-java-keystore host="123.123.123.123" name="example" certificate="-----BEGIN CERTIFICATE-----\\nMIIB2zCCAYW...DDejA=\\n-----END CERTIFICATE-----" private_key="-----BEGIN PRIVATE KEY-----\\nMIIBVAIBADANBgkq...NGA56xjg=\\n-----END PRIVATE KEY-----" dest="/etc/security/keystore.jks" password="changeit"``` + +#### Context Example +```json +{ + "Linux": { + "JavaKeystore": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-kernel-blacklist +*** +Blacklist kernel modules +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/kernel_blacklist_module.html + + +#### Base Command + +`linux-kernel-blacklist` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of kernel module to black- or whitelist. | Required | +| state | Whether the module should be present in the blacklist or absent. Possible values are: absent, present. Default is present. | Optional | +| blacklist_file | If specified, use this blacklist file instead of `/etc/modprobe.d/blacklist-ansible.conf`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-kernel-blacklist host="123.123.123.123" name="nouveau" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "KernelBlacklist": { + "changed": false, + "host": "123.123.123.123", + "name": "nouveau", + "state": "present", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * name: nouveau +> * state: present + + +### linux-known-hosts +*** +Add or remove a host from the C(known_hosts) file +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/known_hosts_module.html + + +#### Base Command + +`linux-known-hosts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The host to add or remove (must match a host specified in key). It will be converted to lowercase so that ssh-keygen can find it.
Must match with <hostname> or <ip> present in key attribute. | Required | +| key | The SSH public host key, as a string (required if state=present, optional when state=absent, in which case all keys for the host are removed). The key must be in the right format for ssh (see sshd(8), section "SSH_KNOWN_HOSTS FILE FORMAT").
Specifically, the key should not match the format that is found in an SSH pubkey file, but should rather have the hostname prepended to a line that includes the pubkey, the same way that it would appear in the known_hosts file. The value prepended to the line must also match the value of the name parameter.
Should be of format `<hostname[,IP]> ssh-rsa <pubkey>`. | Optional | +| path | The known_hosts file to edit. Default is (homedir)+/.ssh/known_hosts. | Optional | +| hash_host | Hash the hostname in the known_hosts file. Default is no. | Optional | +| state | `present` to add the host key, `absent` to remove it. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-known-hosts host="123.123.123.123" path="/etc/ssh/ssh_known_hosts" name="host1.example.com" key="host1.example.com,10.9.8.77 ssh-rsa ASDeararAIUHI324324" ``` + +#### Context Example +```json +{ + "Linux": { + "KnownHosts": { + "changed": false, + "gid": 0, + "group": "root", + "hash_host": false, + "host": "123.123.123.123", + "key": "host1.example.com,10.9.8.77 ssh-rsa ASDeararAIUHI324324", + "mode": "0644", + "name": "host1.example.com", + "owner": "root", + "path": "/etc/ssh/ssh_known_hosts", + "secontext": "system_u:object_r:etc_t:s0", + "size": 56, + "state": "file", + "status": "SUCCESS", + "uid": 0 + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * gid: 0 +> * group: root +> * hash_host: False +> * key: host1.example.com,10.9.8.77 ssh-rsa ASDeararAIUHI324324 +> * mode: 0644 +> * name: host1.example.com +> * owner: root +> * path: /etc/ssh/ssh_known_hosts +> * secontext: system_u:object_r:etc_t:s0 +> * size: 56 +> * state: file +> * uid: 0 + + +### linux-listen-ports-facts +*** +Gather facts on processes listening on TCP and UDP ports. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/listen_ports_facts_module.html + + +#### Base Command + +`linux-listen-ports-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.ListenPortsFacts.ansible_facts | unknown | Dictionary containing details of TCP and UDP ports with listening servers | + + +#### Command Example +```!linux-listen-ports-facts host="123.123.123.123" ``` + +#### Context Example +```json +{ + "Linux": { + "ListenPortsFacts": { + "discovered_interpreter_python": "/usr/libexec/platform-python", + "host": "123.123.123.123", + "status": "SUCCESS", + "tcp_listen": [ + { + "address": "0.0.0.0", + "name": "sshd", + "pid": 964, + "port": 22, + "protocol": "tcp", + "stime": "Sun Jul 4 18:12:31 2021", + "user": "root" + } + ], + "udp_listen": [ + { + "address": "127.0.0.1", + "name": "chronyd", + "pid": 890, + "port": 323, + "protocol": "udp", + "stime": "Sun Jul 4 18:12:29 2021", + "user": "chrony" + } + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * discovered_interpreter_python: /usr/libexec/platform-python +> * ## Tcp_Listen +> * ## Sshd +> * address: 0.0.0.0 +> * name: sshd +> * pid: 964 +> * port: 22 +> * protocol: tcp +> * stime: Sun Jul 4 18:12:31 2021 +> * user: root +> * ## Udp_Listen +> * ## Chronyd +> * address: 127.0.0.1 +> * name: chronyd +> * pid: 890 +> * port: 323 +> * protocol: udp +> * stime: Sun Jul 4 18:12:29 2021 +> * user: chrony + +### linux-locale-gen +*** +Creates or removes locales +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/locale_gen_module.html + + +#### Base Command + +`linux-locale-gen` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name and encoding of the locale, such as "en_GB.UTF-8". | Required | +| state | Whether the locale shall be present. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +### linux-modprobe +*** +Load or unload kernel modules +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/modprobe_module.html + + +#### Base Command + +`linux-modprobe` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of kernel module to manage. | Required | +| state | Whether the module should be present or absent. Possible values are: absent, present. Default is present. | Optional | +| params | Modules parameters. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-modprobe host="123.123.123.123" name="8021q" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "Modprobe": { + "changed": false, + "host": "123.123.123.123", + "name": "8021q", + "params": "", + "state": "present", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * name: 8021q +> * params: +> * state: present + + +### linux-mount +*** +Control active and configured mount points +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/mount_module.html + + +#### Base Command + +`linux-mount` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to the mount point (e.g. `/mnt/files`).
Before Ansible 2.3 this option was only usable as `dest`, `destfile` and `name`. | Required | +| src | Device to be mounted on `path`.
Required when `state` set to `present` or `mounted`. | Optional | +| fstype | Filesystem type.
Required when `state` is `present` or `mounted`. | Optional | +| opts | Mount options (see fstab(5), or vfstab(4) on Solaris). | Optional | +| dump | Dump (see fstab(5)).
Note that if set to `null` and `state` set to `present`, it will cease to work and duplicate entries will be made with subsequent runs.
Has no effect on Solaris systems. Default is 0. | Optional | +| passno | Passno (see fstab(5)).
Note that if set to `null` and `state` set to `present`, it will cease to work and duplicate entries will be made with subsequent runs.
Deprecated on Solaris systems. Default is 0. | Optional | +| state | If `mounted`, the device will be actively mounted and appropriately configured in `fstab`. If the mount point is not present, the mount point will be created.
If `unmounted`, the device will be unmounted without changing `fstab`.
`present` only specifies that the device is to be configured in `fstab` and does not trigger or require a mount.
`absent` specifies that the device mount's entry will be removed from `fstab` and will also unmount the device and remove the mount point.
`remounted` specifies that the device will be remounted for when you want to force a refresh on the mount itself (added in 2.9). This will always return changed=true. Possible values are: absent, mounted, present, unmounted, remounted. | Required | +| fstab | File to use instead of `/etc/fstab`.
You should not use this option unless you really know what you are doing.
This might be useful if you need to configure mountpoints in a chroot environment.
OpenBSD does not allow specifying alternate fstab files with mount so do not use this on OpenBSD with any state that operates on the live filesystem.
This parameter defaults to /etc/fstab or /etc/vfstab on Solaris. | Optional | +| boot | Determines if the filesystem should be mounted on boot.
Only applies to Solaris systems. Possible values are: Yes, No. Default is Yes. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-mount host="123.123.123.123" path="/mnt/dvd" "src"="/dev/sr0" fstype="iso9660" opts="ro,noauto" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "Mount": { + "changed": false, + "dump": "0", + "fstab": "/etc/fstab", + "fstype": "iso9660", + "host": "123.123.123.123", + "name": "/mnt/dvd", + "opts": "ro,noauto", + "passno": "0", + "src": "/dev/sr0", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * dump: 0 +> * fstab: /etc/fstab +> * fstype: iso9660 +> * name: /mnt/dvd +> * opts: ro,noauto +> * passno: 0 +> * src: /dev/sr0 + + +### linux-open-iscsi +*** +Manage iSCSI targets with Open-iSCSI +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/open_iscsi_module.html + + +#### Base Command + +`linux-open-iscsi` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| portal | The IP address of the iSCSI target. | Optional | +| port | The port on which the iSCSI target process listens. Default is 3260. | Optional | +| target | The iSCSI target name. | Optional | +| login | Whether the target node should be connected. | Optional | +| node_auth | The value for `discovery.sendtargets.auth.authmethod`. Default is CHAP. | Optional | +| node_user | The value for `discovery.sendtargets.auth.username`. | Optional | +| node_pass | The value for `discovery.sendtargets.auth.password`. | Optional | +| auto_node_startup | Whether the target node should be automatically connected at startup. | Optional | +| discover | Whether the list of target nodes on the portal should be (re)discovered and added to the persistent iSCSI database.
Keep in mind that `iscsiadm` discovery resets configuration, like `node.startup` to manual, hence combined with `auto_node_startup=yes` will always return a changed state. | Optional | +| show_nodes | Whether the list of nodes in the persistent iSCSI database should be returned by the module. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-pam-limits +*** +Modify Linux PAM limits +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pam_limits_module.html + + +#### Base Command + +`linux-pam-limits` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| domain | A username, @groupname, wildcard, uid/gid range. | Required | +| limit_type | Limit type, see `man 5 limits.conf` for an explanation. Possible values are: hard, soft, -. | Required | +| limit_item | The limit to be set. Possible values are: core, data, fsize, memlock, nofile, rss, stack, cpu, nproc, as, maxlogins, maxsyslogins, priority, locks, sigpending, msgqueue, nice, rtprio, chroot. | Required | +| value | The value of the limit. | Required | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Default is no. | Optional | +| use_min | If set to `yes`, the minimal value will be used or conserved. If the specified value is inferior to the value in the file, file content is replaced with the new value, else content is not modified. Default is no. | Optional | +| use_max | If set to `yes`, the maximal value will be used or conserved. If the specified value is superior to the value in the file, file content is replaced with the new value, else content is not modified. Default is no. | Optional | +| dest | Modify the limits.conf path. Default is /etc/security/limits.conf. | Optional | +| comment | Comment associated with the limit. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-pam-limits host="123.123.123.123" domain="joe" limit_type="soft" limit_item="nofile" value="64000" ``` + +#### Context Example +```json +{ + "Linux": { + "PamLimits": { + "changed": false, + "host": "123.123.123.123", + "msg": "joe\tsoft\tnofile\t64000\n", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * msg: joe soft nofile 64000 +> + + +### linux-pamd +*** +Manage PAM Modules +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pamd_module.html + + +#### Base Command + +`linux-pamd` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name generally refers to the PAM service file to change, for example system-auth. | Required | +| type | The type of the PAM rule being modified.
The `type`, `control` and `module_path` all must match a rule to be modified. Possible values are: account, -account, auth, -auth, password, -password, session, -session. | Required | +| control | The control of the PAM rule being modified.
This may be a complicated control with brackets. If this is the case, be sure to put "[bracketed controls]" in quotes.
The `type`, `control` and `module_path` all must match a rule to be modified. | Required | +| module_path | The module path of the PAM rule being modified.
The `type`, `control` and `module_path` all must match a rule to be modified. | Required | +| new_type | The new type to assign to the new rule. Possible values are: account, -account, auth, -auth, password, -password, session, -session. | Optional | +| new_control | The new control to assign to the new rule. | Optional | +| new_module_path | The new module path to be assigned to the new rule. | Optional | +| module_arguments | When state is `updated`, the module_arguments will replace existing module_arguments.
When state is `args_absent` args matching those listed in module_arguments will be removed.
When state is `args_present` any args listed in module_arguments are added if missing from the existing rule.
Furthermore, if the module argument takes a value denoted by `=`, the value will be changed to that specified in module_arguments. | Optional | +| state | The default of `updated` will modify an existing rule if type, control and module_path all match an existing rule.
With `before`, the new rule will be inserted before a rule matching type, control and module_path.
Similarly, with `after`, the new rule will be inserted after an existing rulematching type, control and module_path.
With either `before` or `after` new_type, new_control, and new_module_path must all be specified.
If state is `args_absent` or `args_present`, new_type, new_control, and new_module_path will be ignored.
State `absent` will remove the rule. The 'absent' state was added in Ansible 2.4. Possible values are: absent, before, after, args_absent, args_present, updated. Default is updated. | Optional | +| path | This is the path to the PAM service files. Default is /etc/pam.d. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Pamd.change_count | number | How many rules were changed. | +| Linux.Pamd.new_rule | string | The changes to the rule. This was available in Ansible 2.4 and Ansible 2.5. It was removed in Ansible 2.6. | +| Linux.Pamd.updated_rule_(n) | string | The rule\(s\) that was/were changed. This is only available in Ansible 2.4 and was removed in Ansible 2.5. | +| Linux.Pamd.action | string | That action that was taken and is one of: update_rule, insert_before_rule, insert_after_rule, args_present, args_absent, absent. This was available in Ansible 2.4 and removed in Ansible 2.8 | +| Linux.Pamd.dest | string | Path to pam.d service that was changed. This is only available in Ansible 2.3 and was removed in Ansible 2.4. | +| Linux.Pamd.backupdest | string | The file name of the backup file, if created. | + + +#### Command Example +```!linux-pamd host="123.123.123.123" name="system-auth" type="auth" control="required" module_path="pam_faillock.so" new_control="sufficient" ``` + +#### Context Example +```json +{ + "Linux": { + "Pamd": { + "backupdest": "", + "change_count": 0, + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * backupdest: +> * change_count: 0 +> * changed: False + + +### linux-parted +*** +Configure block device partitions +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/parted_module.html + + +#### Base Command + +`linux-parted` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| device | The block device (disk) where to operate. | Required | +| align | Set alignment for newly created partitions. Possible values are: cylinder, minimal, none, optimal. Default is optimal. | Optional | +| number | The number of the partition to work with or the number of the partition that will be created.
Required when performing any action on the disk, except fetching information. | Optional | +| unit | Selects the current default unit that Parted will use to display locations and capacities on the disk and to interpret those given by the user if they are not suffixed by an unit.
When fetching information about a disk, it is always recommended to specify a unit. Possible values are: s, B, KB, KiB, MB, MiB, GB, GiB, TB, TiB, %, cyl, chs, compact. Default is KiB. | Optional | +| label | Creates a new disk label. Possible values are: aix, amiga, bsd, dvh, gpt, loop, mac, msdos, pc98, sun. Default is msdos. | Optional | +| part_type | May be specified only with 'msdos' or 'dvh' partition tables.
A `name` must be specified for a 'gpt' partition table.
Neither `part_type` nor `name` may be used with a 'sun' partition table. Possible values are: extended, logical, primary. Default is primary. | Optional | +| part_start | Where the partition will start as offset from the beginning of the disk, that is, the "distance" from the start of the disk.
The distance can be specified with all the units supported by parted (except compat) and it is case sensitive, e.g. `10GiB`, `15%`. Default is 0%. | Optional | +| part_end | Where the partition will end as offset from the beginning of the disk, that is, the "distance" from the start of the disk.
The distance can be specified with all the units supported by parted (except compat) and it is case sensitive, e.g. `10GiB`, `15%`. Default is 100%. | Optional | +| name | Sets the name for the partition number (GPT, Mac, MIPS and PC98 only). | Optional | +| flags | A list of the flags that has to be set on the partition. | Optional | +| state | Whether to create or delete a partition.
If set to `info` the module will only return the device information. Possible values are: absent, present, info. Default is info. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Parted.partition_info | unknown | Current partition information | + + +#### Command Example +```!linux-parted host="123.123.123.123" device="/dev/sdb" number="1" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "Parted": { + "changed": false, + "disk": { + "dev": "/dev/sdb", + "logical_block": 512, + "model": "VMware Virtual disk", + "physical_block": 512, + "size": 1048576, + "table": "msdos", + "unit": "kib" + }, + "host": "123.123.123.123", + "partitions": [ + { + "begin": 1024, + "end": 1048576, + "flags": [], + "fstype": "ext2", + "name": "", + "num": 1, + "size": 1047552, + "unit": "kib" + } + ], + "script": "", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * script: +> * ## Disk +> * dev: /dev/sdb +> * logical_block: 512 +> * model: VMware Virtual disk +> * physical_block: 512 +> * size: 1048576.0 +> * table: msdos +> * unit: kib +> * ## Partitions +> * ## +> * begin: 1024.0 +> * end: 1048576.0 +> * fstype: ext2 +> * name: +> * num: 1 +> * size: 1047552.0 +> * unit: kib +> * ### Flags + + +### linux-pids +*** +Retrieves process IDs list if the process is running otherwise return empty list +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pids_module.html + + +#### Base Command + +`linux-pids` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | the name of the process you want to get PID for. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Pids.pids | unknown | Process IDs of the given process | + + +#### Command Example +```!linux-pids host="123.123.123.123" name="python" ``` + +#### Context Example +```json +{ + "Linux": { + "Pids": [ + [] + ] + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS + + +### linux-ping +*** +Try to connect to host, verify a usable python and return C(pong) on success +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ping_module.html + + +#### Base Command + +`linux-ping` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| data | Data to return for the `ping` return value.
If this parameter is set to `crash`, the module will cause an exception. Default is pong. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Ping.ping | string | value provided with the data parameter | + + +#### Command Example +```!linux-ping host="123.123.123.123" ``` + +#### Context Example +```json +{ + "Linux": { + "Ping": [ + "pong" + ] + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS + + +### linux-python-requirements-info +*** +Show python path and assert dependency versions +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/python_requirements_info_module.html + + +#### Base Command + +`linux-python-requirements-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dependencies | A list of version-likes or module names to check for installation. Supported operators: <, >, <=, >=, or ==. The bare module name like I(ansible), the module with a specific version like I(boto3==1.6.1), or a partial version like I(requests>2) are all valid specifications.
. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.PythonRequirementsInfo.python | string | path to python version used | +| Linux.PythonRequirementsInfo.python_version | string | version of python | +| Linux.PythonRequirementsInfo.python_system_path | unknown | List of paths python is looking for modules in | +| Linux.PythonRequirementsInfo.valid | unknown | A dictionary of dependencies that matched their desired versions. If no version was specified, then \`desired\` will be null | +| Linux.PythonRequirementsInfo.mismatched | unknown | A dictionary of dependencies that did not satisfy the desired version | +| Linux.PythonRequirementsInfo.not_found | unknown | A list of packages that could not be imported at all, and are not installed | + + +#### Command Example +```!linux-python-requirements-info host="123.123.123.123" ``` + +#### Context Example +```json +{ + "Linux": { + "PythonRequirementsInfo": { + "changed": false, + "host": "123.123.123.123", + "mismatched": {}, + "not_found": [], + "python": "/usr/libexec/platform-python", + "python_system_path": [ + "/tmp/ansible_python_requirements_info_payload_ppjh5d0o/ansible_python_requirements_info_payload.zip", + "/usr/lib64/python36.zip", + "/usr/lib64/python3.6", + "/usr/lib64/python3.6/lib-dynload", + "/usr/local/lib64/python3.6/site-packages", + "/usr/local/lib/python3.6/site-packages", + "/usr/lib64/python3.6/site-packages", + "/usr/lib/python3.6/site-packages" + ], + "python_version": "3.6.8 (default, Aug 24 2020, 17:57:11) \n[GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]", + "status": "SUCCESS", + "valid": {} + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * python: /usr/libexec/platform-python +> * python_version: 3.6.8 (default, Aug 24 2020, 17:57:11) +>[GCC 8.3.1 20191121 (Red Hat 8.3.1-5)] +> * ## Mismatched +> * ## Not_Found +> * ## Python_System_Path +> * 0: /tmp/ansible_python_requirements_info_payload_ppjh5d0o/ansible_python_requirements_info_payload.zip +> * 1: /usr/lib64/python36.zip +> * 2: /usr/lib64/python3.6 +> * 3: /usr/lib64/python3.6/lib-dynload +> * 4: /usr/local/lib64/python3.6/site-packages +> * 5: /usr/local/lib/python3.6/site-packages +> * 6: /usr/lib64/python3.6/site-packages +> * 7: /usr/lib/python3.6/site-packages +> * ## Valid + + +### linux-reboot +*** +Reboot a machine +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/reboot_module.html + + +#### Base Command + +`linux-reboot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| pre_reboot_delay | Seconds to wait before reboot. Passed as a parameter to the reboot command.
On Linux, macOS and OpenBSD, this is converted to minutes and rounded down. If less than 60, it will be set to 0.
On Solaris and FreeBSD, this will be seconds. Default is 0. | Optional | +| post_reboot_delay | Seconds to wait after the reboot command was successful before attempting to validate the system rebooted successfully.
This is useful if you want wait for something to settle despite your connection already working. Default is 0. | Optional | +| reboot_timeout | Maximum seconds to wait for machine to reboot and respond to a test command.
This timeout is evaluated separately for both reboot verification and test command success so the maximum execution time for the module is twice this amount. Default is 600. | Optional | +| connect_timeout | Maximum seconds to wait for a successful connection to the managed hosts before trying again.
If unspecified, the default setting for the underlying connection plugin is used. | Optional | +| test_command | Command to run on the rebooted host and expect success from to determine the machine is ready for further tasks. Default is whoami. | Optional | +| msg | Message to display to users before reboot. Default is Reboot initiated by Ansible. | Optional | +| search_paths | Paths to search on the remote machine for the `shutdown` command.
`Only` these paths will be searched for the `shutdown` command. `PATH` is ignored in the remote node when searching for the `shutdown` command. Default is ['/sbin', '/usr/sbin', '/usr/local/sbin']. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Reboot.rebooted | boolean | true if the machine was rebooted | +| Linux.Reboot.elapsed | number | The number of seconds that elapsed waiting for the system to be rebooted. | + + + +### linux-seboolean +*** +Toggles SELinux booleans +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/seboolean_module.html + + +#### Base Command + +`linux-seboolean` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the boolean to configure. | Required | +| persistent | Set to `yes` if the boolean setting should survive a reboot. Default is no. | Optional | +| state | Desired boolean value. | Required | +| ignore_selinux_state | Useful for scenarios (chrooted environment) that you can't get the real SELinux state. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-sefcontext +*** +Manages SELinux file context mapping definitions +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/sefcontext_module.html + + +#### Base Command + +`linux-sefcontext` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| target | Target path (expression). | Required | +| ftype | The file type that should have SELinux contexts applied.
The following file type options are available:
`a` for all files,
`b` for block devices,
`c` for character devices,
`d` for directories,
`f` for regular files,
`l` for symbolic links,
`p` for named pipes,
`s` for socket files. Possible values are: a, b, c, d, f, l, p, s. Default is a. | Optional | +| setype | SELinux type for the specified target. | Required | +| seuser | SELinux user for the specified target. | Optional | +| selevel | SELinux range for the specified target. | Optional | +| state | Whether the SELinux file context must be `absent` or `present`. Possible values are: absent, present. Default is present. | Optional | +| reload | Reload SELinux policy after commit.
Note that this does not apply SELinux file contexts to existing files. Possible values are: Yes, No. Default is Yes. | Optional | +| ignore_selinux_state | Useful for scenarios (chrooted environment) that you can't get the real SELinux state. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-selinux +*** +Change policy and state of SELinux +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/selinux_module.html + + +#### Base Command + +`linux-selinux` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| policy | The name of the SELinux policy to use (e.g. `targeted`) will be required if state is not `disabled`. | Optional | +| state | The SELinux mode. Possible values are: disabled, enforcing, permissive. | Required | +| configfile | The path to the SELinux configuration file, if non-standard. Default is /etc/selinux/config. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Selinux.msg | string | Messages that describe changes that were made. | +| Linux.Selinux.configfile | string | Path to SELinux configuration file. | +| Linux.Selinux.policy | string | Name of the SELinux policy. | +| Linux.Selinux.state | string | SELinux mode. | +| Linux.Selinux.reboot_required | boolean | Whether or not an reboot is required for the changes to take effect. | + + +#### Command Example +```!linux-selinux host="123.123.123.123" policy="targeted" state="enforcing" ``` + +#### Context Example +```json +{ + "Linux": { + "Selinux": { + "changed": false, + "configfile": "/etc/selinux/config", + "host": "123.123.123.123", + "msg": "", + "policy": "targeted", + "reboot_required": false, + "state": "enforcing", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * configfile: /etc/selinux/config +> * msg: +> * policy: targeted +> * reboot_required: False +> * state: enforcing + + +### linux-selinux-permissive +*** +Change permissive domain in SELinux policy +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/selinux_permissive_module.html + + +#### Base Command + +`linux-selinux-permissive` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| domain | The domain that will be added or removed from the list of permissive domains. | Required | +| permissive | Indicate if the domain should or should not be set as permissive. | Required | +| no_reload | Disable reloading of the SELinux policy after making change to a domain's permissive setting.
The default is `no`, which causes policy to be reloaded when a domain changes state.
Reloading the policy does not work on older versions of the `policycoreutils-python` library, for example in EL 6.". Possible values are: Yes, No. Default is No. | Optional | +| store | Name of the SELinux policy store to use. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-selogin +*** +Manages linux user to SELinux user mapping +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/selogin_module.html + + +#### Base Command + +`linux-selogin` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| login | a Linux user. | Required | +| seuser | SELinux user name. | Required | +| selevel | MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. Default is s0. | Optional | +| state | Desired mapping value. Possible values are: present, absent. Default is present. | Required | +| reload | Reload SELinux policy after commit. Possible values are: Yes, No. Default is Yes. | Optional | +| ignore_selinux_state | Run independent of selinux runtime state. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-seport +*** +Manages SELinux network port type definitions +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/seport_module.html + + +#### Base Command + +`linux-seport` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| ports | Ports or port ranges.
Can be a list (since 2.6) or comma separated string. | Required | +| proto | Protocol for the specified port. Possible values are: tcp, udp. | Required | +| setype | SELinux type for the specified port. | Required | +| state | Desired boolean value. Possible values are: absent, present. Default is present. | Optional | +| reload | Reload SELinux policy after commit. Possible values are: Yes, No. Default is Yes. | Optional | +| ignore_selinux_state | Run independent of selinux runtime state. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-service +*** +Manage services +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/service_module.html + + +#### Base Command + +`linux-service` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the service. | Required | +| state | `started`/`stopped` are idempotent actions that will not run commands unless necessary.
`restarted` will always bounce the service.
`reloaded` will always reload.
`At least one of state and enabled are required.`
Note that reloaded will start the service if it is not already started, even if your chosen init system wouldn't normally. Possible values are: reloaded, restarted, started, stopped. | Optional | +| sleep | If the service is being `restarted` then sleep this many seconds between the stop and start command.
This helps to work around badly-behaving init scripts that exit immediately after signaling a process to stop.
Not all service managers support sleep, i.e when using systemd this setting will be ignored. | Optional | +| pattern | If the service does not respond to the status command, name a substring to look for as would be found in the output of the `ps` command as a stand-in for a status result.
If the string is found, the service will be assumed to be started. | Optional | +| enabled | Whether the service should start on boot.
`At least one of state and enabled are required.`. | Optional | +| runlevel | For OpenRC init scripts (e.g. Gentoo) only.
The runlevel that this service belongs to. Default is default. | Optional | +| arguments | Additional arguments provided on the command line. | Optional | +| use | The service module actually uses system specific modules, normally through auto detection, this setting can force a specific module.
Normally it uses the value of the 'ansible_service_mgr' fact and falls back to the old 'service' module when none matching is found. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-service host="123.123.123.123" name="httpd" state="started" ``` + +#### Context Example +```json +{ + "Linux": { + "Service": { + "changed": false, + "host": "123.123.123.123", + "name": "httpd", + "state": "started", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * name: httpd +> * state: started +> * ## Status +> * ActiveEnterTimestamp: Thu 2021-07-08 14:12:41 JST +> * ActiveEnterTimestampMonotonic: 331222117201 +> * ActiveExitTimestampMonotonic: 0 +> * ActiveState: active +> * After: system.slice basic.target systemd-journald.socket systemd-tmpfiles-setup.service -.mount nss-lookup.target remote-fs.target httpd-init.service sysinit.target network.target tmp.mount +> * AllowIsolate: no +> * AllowedCPUs: +> * AllowedMemoryNodes: +> * AmbientCapabilities: +> * AssertResult: yes +> * AssertTimestamp: Thu 2021-07-08 14:12:41 JST +> * AssertTimestampMonotonic: 331221986103 +> * Before: shutdown.target +> * BlockIOAccounting: no +> * BlockIOWeight: [not set] +> * CPUAccounting: no +> * CPUAffinity: +> * CPUQuotaPerSecUSec: infinity +> * CPUSchedulingPolicy: 0 +> * CPUSchedulingPriority: 0 +> * CPUSchedulingResetOnFork: no +> * CPUShares: [not set] +> * CPUUsageNSec: [not set] +> * CPUWeight: [not set] +> * CacheDirectoryMode: 0755 +> * CanIsolate: no +> * CanReload: yes +> * CanStart: yes +> * CanStop: yes +> * CapabilityBoundingSet: cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend +> * CollectMode: inactive +> * ConditionResult: yes +> * ConditionTimestamp: Thu 2021-07-08 14:12:41 JST +> * ConditionTimestampMonotonic: 331221986102 +> * ConfigurationDirectoryMode: 0755 +> * Conflicts: shutdown.target +> * ControlGroup: /system.slice/httpd.service +> * ControlPID: 0 +> * DefaultDependencies: yes +> * Delegate: no +> * Description: The Apache HTTP Server +> * DevicePolicy: auto +> * Documentation: man:httpd.service(8) +> * DynamicUser: no +> * EffectiveCPUs: +> * EffectiveMemoryNodes: +> * Environment: LANG=C +> * ExecMainCode: 0 +> * ExecMainExitTimestampMonotonic: 0 +> * ExecMainPID: 7626 +> * ExecMainStartTimestamp: Thu 2021-07-08 14:12:41 JST +> * ExecMainStartTimestampMonotonic: 331221988640 +> * ExecMainStatus: 0 +> * ExecReload: { path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 } +> * ExecStart: { path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[Thu 2021-07-08 14:12:41 JST] ; stop_time=[n/a] ; pid=7626 ; code=(null) ; status=0/0 } +> * FailureAction: none +> * FileDescriptorStoreMax: 0 +> * FragmentPath: /usr/lib/systemd/system/httpd.service +> * GID: [not set] +> * GuessMainPID: yes +> * IOAccounting: no +> * IOSchedulingClass: 0 +> * IOSchedulingPriority: 0 +> * IOWeight: [not set] +> * IPAccounting: no +> * IPEgressBytes: 18446744073709551615 +> * IPEgressPackets: 18446744073709551615 +> * IPIngressBytes: 18446744073709551615 +> * IPIngressPackets: 18446744073709551615 +> * Id: httpd.service +> * IgnoreOnIsolate: no +> * IgnoreSIGPIPE: yes +> * InactiveEnterTimestampMonotonic: 0 +> * InactiveExitTimestamp: Thu 2021-07-08 14:12:41 JST +> * InactiveExitTimestampMonotonic: 331221988825 +> * InvocationID: 7bb9f1e196514d5f87dfb3602a1c9e32 +> * JobRunningTimeoutUSec: infinity +> * JobTimeoutAction: none +> * JobTimeoutUSec: infinity +> * KeyringMode: private +> * KillMode: mixed +> * KillSignal: 28 +> * LimitAS: infinity +> * LimitASSoft: infinity +> * LimitCORE: infinity +> * LimitCORESoft: infinity +> * LimitCPU: infinity +> * LimitCPUSoft: infinity +> * LimitDATA: infinity +> * LimitDATASoft: infinity +> * LimitFSIZE: infinity +> * LimitFSIZESoft: infinity +> * LimitLOCKS: infinity +> * LimitLOCKSSoft: infinity +> * LimitMEMLOCK: 65536 +> * LimitMEMLOCKSoft: 65536 +> * LimitMSGQUEUE: 819200 +> * LimitMSGQUEUESoft: 819200 +> * LimitNICE: 0 +> * LimitNICESoft: 0 +> * LimitNOFILE: 262144 +> * LimitNOFILESoft: 1024 +> * LimitNPROC: 7805 +> * LimitNPROCSoft: 7805 +> * LimitRSS: infinity +> * LimitRSSSoft: infinity +> * LimitRTPRIO: 0 +> * LimitRTPRIOSoft: 0 +> * LimitRTTIME: infinity +> * LimitRTTIMESoft: infinity +> * LimitSIGPENDING: 7805 +> * LimitSIGPENDINGSoft: 7805 +> * LimitSTACK: infinity +> * LimitSTACKSoft: 8388608 +> * LoadState: loaded +> * LockPersonality: no +> * LogLevelMax: -1 +> * LogRateLimitBurst: 0 +> * LogRateLimitIntervalUSec: 0 +> * LogsDirectoryMode: 0755 +> * MainPID: 7626 +> * MemoryAccounting: yes +> * MemoryCurrent: 30425088 +> * MemoryDenyWriteExecute: no +> * MemoryHigh: infinity +> * MemoryLimit: infinity +> * MemoryLow: 0 +> * MemoryMax: infinity +> * MemorySwapMax: infinity +> * MountAPIVFS: no +> * MountFlags: +> * NFileDescriptorStore: 0 +> * NRestarts: 0 +> * NUMAMask: +> * NUMAPolicy: n/a +> * Names: httpd.service +> * NeedDaemonReload: no +> * Nice: 0 +> * NoNewPrivileges: no +> * NonBlocking: no +> * NotifyAccess: main +> * OOMScoreAdjust: 0 +> * OnFailureJobMode: replace +> * PermissionsStartOnly: no +> * Perpetual: no +> * PrivateDevices: no +> * PrivateMounts: no +> * PrivateNetwork: no +> * PrivateTmp: yes +> * PrivateUsers: no +> * ProtectControlGroups: no +> * ProtectHome: no +> * ProtectKernelModules: no +> * ProtectKernelTunables: no +> * ProtectSystem: no +> * RefuseManualStart: no +> * RefuseManualStop: no +> * RemainAfterExit: no +> * RemoveIPC: no +> * Requires: system.slice sysinit.target -.mount +> * RequiresMountsFor: /var/tmp +> * Restart: no +> * RestartUSec: 100ms +> * RestrictNamespaces: no +> * RestrictRealtime: no +> * RestrictSUIDSGID: no +> * Result: success +> * RootDirectoryStartOnly: no +> * RuntimeDirectoryMode: 0755 +> * RuntimeDirectoryPreserve: no +> * RuntimeMaxUSec: infinity +> * SameProcessGroup: no +> * SecureBits: 0 +> * SendSIGHUP: no +> * SendSIGKILL: yes +> * Slice: system.slice +> * StandardError: inherit +> * StandardInput: null +> * StandardInputData: +> * StandardOutput: journal +> * StartLimitAction: none +> * StartLimitBurst: 5 +> * StartLimitIntervalUSec: 10s +> * StartupBlockIOWeight: [not set] +> * StartupCPUShares: [not set] +> * StartupCPUWeight: [not set] +> * StartupIOWeight: [not set] +> * StateChangeTimestamp: Thu 2021-07-08 14:12:41 JST +> * StateChangeTimestampMonotonic: 331222165344 +> * StateDirectoryMode: 0755 +> * StatusErrno: 0 +> * StatusText: Running, listening on: port 80 +> * StopWhenUnneeded: no +> * SubState: running +> * SuccessAction: none +> * SyslogFacility: 3 +> * SyslogLevel: 6 +> * SyslogLevelPrefix: yes +> * SyslogPriority: 30 +> * SystemCallErrorNumber: 0 +> * TTYReset: no +> * TTYVHangup: no +> * TTYVTDisallocate: no +> * TasksAccounting: yes +> * TasksCurrent: 213 +> * TasksMax: 12488 +> * TimeoutStartUSec: 1min 30s +> * TimeoutStopUSec: 1min 30s +> * TimerSlackNSec: 50000 +> * Transient: no +> * Type: notify +> * UID: [not set] +> * UMask: 0022 +> * UnitFilePreset: disabled +> * UnitFileState: disabled +> * UtmpMode: init +> * Wants: httpd-init.service +> * WatchdogTimestamp: Thu 2021-07-08 14:12:41 JST +> * WatchdogTimestampMonotonic: 331222117198 +> * WatchdogUSec: 0 + + +### linux-service-facts +*** +Return service state information as fact data +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/service_facts_module.html + + +#### Base Command + +`linux-service-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.ServiceFacts.ansible_facts | unknown | Facts to add to ansible_facts about the services on the system | + + +#### Command Example +```!linux-service-facts host="123.123.123.123" ``` + +#### Context Example +```json +{ + "Linux": { + "ServiceFacts": { + "discovered_interpreter_python": "/usr/libexec/platform-python", + "host": "123.123.123.123", + "services": { + "NetworkManager-dispatcher.service": { + "name": "NetworkManager-dispatcher.service", + "source": "systemd", + "state": "inactive", + "status": "enabled" + }, + "NetworkManager-wait-online.service": { + "name": "NetworkManager-wait-online.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "NetworkManager.service": { + "name": "NetworkManager.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "arp-ethers.service": { + "name": "arp-ethers.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "atd.service": { + "name": "atd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "auditd.service": { + "name": "auditd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "autovt@.service": { + "name": "autovt@.service", + "source": "systemd", + "state": "unknown", + "status": "enabled" + }, + "blk-availability.service": { + "name": "blk-availability.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "chrony-dnssrv@.service": { + "name": "chrony-dnssrv@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "chrony-wait.service": { + "name": "chrony-wait.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "chronyd.service": { + "name": "chronyd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "console-getty.service": { + "name": "console-getty.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "container-getty@.service": { + "name": "container-getty@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "cpupower.service": { + "name": "cpupower.service", + "source": "systemd", + "state": "stopped", + "status": "disabled" + }, + "crond.service": { + "name": "crond.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "dbus-org.fedoraproject.FirewallD1.service": { + "name": "dbus-org.fedoraproject.FirewallD1.service", + "source": "systemd", + "state": "active", + "status": "enabled" + }, + "dbus-org.freedesktop.hostname1.service": { + "name": "dbus-org.freedesktop.hostname1.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "dbus-org.freedesktop.locale1.service": { + "name": "dbus-org.freedesktop.locale1.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "dbus-org.freedesktop.login1.service": { + "name": "dbus-org.freedesktop.login1.service", + "source": "systemd", + "state": "active", + "status": "static" + }, + "dbus-org.freedesktop.nm-dispatcher.service": { + "name": "dbus-org.freedesktop.nm-dispatcher.service", + "source": "systemd", + "state": "inactive", + "status": "enabled" + }, + "dbus-org.freedesktop.portable1.service": { + "name": "dbus-org.freedesktop.portable1.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "dbus-org.freedesktop.timedate1.service": { + "name": "dbus-org.freedesktop.timedate1.service", + "source": "systemd", + "state": "inactive", + "status": "enabled" + }, + "dbus.service": { + "name": "dbus.service", + "source": "systemd", + "state": "running", + "status": "static" + }, + "debug-shell.service": { + "name": "debug-shell.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "dm-event.service": { + "name": "dm-event.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dnf-makecache.service": { + "name": "dnf-makecache.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-cmdline.service": { + "name": "dracut-cmdline.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-initqueue.service": { + "name": "dracut-initqueue.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-mount.service": { + "name": "dracut-mount.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-pre-mount.service": { + "name": "dracut-pre-mount.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-pre-pivot.service": { + "name": "dracut-pre-pivot.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-pre-trigger.service": { + "name": "dracut-pre-trigger.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-pre-udev.service": { + "name": "dracut-pre-udev.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "dracut-shutdown.service": { + "name": "dracut-shutdown.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "ebtables.service": { + "name": "ebtables.service", + "source": "systemd", + "state": "stopped", + "status": "disabled" + }, + "emergency.service": { + "name": "emergency.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "firewalld.service": { + "name": "firewalld.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "fstrim.service": { + "name": "fstrim.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "getty@.service": { + "name": "getty@.service", + "source": "systemd", + "state": "unknown", + "status": "enabled" + }, + "test@test.service": { + "name": "test@test.service", + "source": "systemd", + "state": "running", + "status": "unknown" + }, + "grub-boot-indeterminate.service": { + "name": "grub-boot-indeterminate.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "halt-local.service": { + "name": "halt-local.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "htcacheclean.service": { + "name": "htcacheclean.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "httpd.service": { + "name": "httpd.service", + "source": "systemd", + "state": "running", + "status": "disabled" + }, + "httpd@.service": { + "name": "httpd@.service", + "source": "systemd", + "state": "unknown", + "status": "disabled" + }, + "import-state.service": { + "name": "import-state.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "initrd-cleanup.service": { + "name": "initrd-cleanup.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "initrd-parse-etc.service": { + "name": "initrd-parse-etc.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "initrd-switch-root.service": { + "name": "initrd-switch-root.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "initrd-udevadm-cleanup-db.service": { + "name": "initrd-udevadm-cleanup-db.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "iprdump.service": { + "name": "iprdump.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "iprinit.service": { + "name": "iprinit.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "iprupdate.service": { + "name": "iprupdate.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "irqbalance.service": { + "name": "irqbalance.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "kdump.service": { + "name": "kdump.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "kmod-static-nodes.service": { + "name": "kmod-static-nodes.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "ldconfig.service": { + "name": "ldconfig.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "loadmodules.service": { + "name": "loadmodules.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "lvm2-lvmpolld.service": { + "name": "lvm2-lvmpolld.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "lvm2-monitor.service": { + "name": "lvm2-monitor.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "lvm2-pvscan@.service": { + "name": "lvm2-pvscan@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "lvm2-pvscan@8:2.service": { + "name": "lvm2-pvscan@8:2.service", + "source": "systemd", + "state": "stopped", + "status": "unknown" + }, + "man-db-cache-update.service": { + "name": "man-db-cache-update.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "messagebus.service": { + "name": "messagebus.service", + "source": "systemd", + "state": "active", + "status": "static" + }, + "microcode.service": { + "name": "microcode.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "nftables.service": { + "name": "nftables.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "nis-domainname.service": { + "name": "nis-domainname.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "plymouth-halt.service": { + "name": "plymouth-halt.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "plymouth-kexec.service": { + "name": "plymouth-kexec.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "plymouth-poweroff.service": { + "name": "plymouth-poweroff.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "plymouth-quit-wait.service": { + "name": "plymouth-quit-wait.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "plymouth-quit.service": { + "name": "plymouth-quit.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "plymouth-read-write.service": { + "name": "plymouth-read-write.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "plymouth-reboot.service": { + "name": "plymouth-reboot.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "plymouth-start.service": { + "name": "plymouth-start.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "plymouth-switch-root.service": { + "name": "plymouth-switch-root.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "polkit.service": { + "name": "polkit.service", + "source": "systemd", + "state": "running", + "status": "static" + }, + "quotaon.service": { + "name": "quotaon.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "rc-local.service": { + "name": "rc-local.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "rdisc.service": { + "name": "rdisc.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "rescue.service": { + "name": "rescue.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "rngd-wake-threshold.service": { + "name": "rngd-wake-threshold.service", + "source": "systemd", + "state": "stopped", + "status": "disabled" + }, + "rngd.service": { + "name": "rngd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "rsyslog.service": { + "name": "rsyslog.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "selinux-autorelabel-mark.service": { + "name": "selinux-autorelabel-mark.service", + "source": "systemd", + "state": "stopped", + "status": "enabled" + }, + "selinux-autorelabel.service": { + "name": "selinux-autorelabel.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "serial-getty@.service": { + "name": "serial-getty@.service", + "source": "systemd", + "state": "unknown", + "status": "disabled" + }, + "sshd-keygen@.service": { + "name": "sshd-keygen@.service", + "source": "systemd", + "state": "unknown", + "status": "disabled" + }, + "test1@test.service": { + "name": "test1@test.service", + "source": "systemd", + "state": "stopped", + "status": "unknown" + }, + "test2@test.service": { + "name": "test2@test.service", + "source": "systemd", + "state": "stopped", + "status": "unknown" + }, + "test3@test.service": { + "name": "test3@test.service", + "source": "systemd", + "state": "stopped", + "status": "unknown" + }, + "sshd.service": { + "name": "sshd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "sshd@.service": { + "name": "sshd@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "sssd-autofs.service": { + "name": "sssd-autofs.service", + "source": "systemd", + "state": "inactive", + "status": "indirect" + }, + "sssd-kcm.service": { + "name": "sssd-kcm.service", + "source": "systemd", + "state": "stopped", + "status": "indirect" + }, + "sssd-nss.service": { + "name": "sssd-nss.service", + "source": "systemd", + "state": "inactive", + "status": "indirect" + }, + "sssd-pac.service": { + "name": "sssd-pac.service", + "source": "systemd", + "state": "inactive", + "status": "indirect" + }, + "sssd-pam.service": { + "name": "sssd-pam.service", + "source": "systemd", + "state": "inactive", + "status": "indirect" + }, + "sssd-ssh.service": { + "name": "sssd-ssh.service", + "source": "systemd", + "state": "inactive", + "status": "indirect" + }, + "sssd-sudo.service": { + "name": "sssd-sudo.service", + "source": "systemd", + "state": "inactive", + "status": "indirect" + }, + "sssd.service": { + "name": "sssd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "syslog.service": { + "name": "syslog.service", + "source": "systemd", + "state": "active", + "status": "enabled" + }, + "system-update-cleanup.service": { + "name": "system-update-cleanup.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-ask-password-console.service": { + "name": "systemd-ask-password-console.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-ask-password-plymouth.service": { + "name": "systemd-ask-password-plymouth.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-ask-password-wall.service": { + "name": "systemd-ask-password-wall.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-backlight@.service": { + "name": "systemd-backlight@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "systemd-binfmt.service": { + "name": "systemd-binfmt.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-coredump@.service": { + "name": "systemd-coredump@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "test4@test.service": { + "name": "test4@test.service", + "source": "systemd", + "state": "stopped", + "status": "unknown" + }, + "systemd-exit.service": { + "name": "systemd-exit.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-firstboot.service": { + "name": "systemd-firstboot.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-fsck-root.service": { + "name": "systemd-fsck-root.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-fsck@.service": { + "name": "systemd-fsck@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "systemd-fsck@dev-disk-by\\x2duuid-99851642\\x2d260f\\x2d4d7e\\x2d83dd\\x2d7cc990d49126.service": { + "name": "systemd-fsck@dev-disk-by\\x2duuid-99851642\\x2d260f\\x2d4d7e\\x2d83dd\\x2d7cc990d49126.service", + "source": "systemd", + "state": "stopped", + "status": "unknown" + }, + "systemd-halt.service": { + "name": "systemd-halt.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-hibernate-resume@.service": { + "name": "systemd-hibernate-resume@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "systemd-hibernate.service": { + "name": "systemd-hibernate.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-hostnamed.service": { + "name": "systemd-hostnamed.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-hwdb-update.service": { + "name": "systemd-hwdb-update.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-hybrid-sleep.service": { + "name": "systemd-hybrid-sleep.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-initctl.service": { + "name": "systemd-initctl.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-journal-catalog-update.service": { + "name": "systemd-journal-catalog-update.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-journal-flush.service": { + "name": "systemd-journal-flush.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-journald.service": { + "name": "systemd-journald.service", + "source": "systemd", + "state": "running", + "status": "static" + }, + "systemd-kexec.service": { + "name": "systemd-kexec.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-localed.service": { + "name": "systemd-localed.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-logind.service": { + "name": "systemd-logind.service", + "source": "systemd", + "state": "running", + "status": "static" + }, + "systemd-machine-id-commit.service": { + "name": "systemd-machine-id-commit.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-modules-load.service": { + "name": "systemd-modules-load.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-portabled.service": { + "name": "systemd-portabled.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-poweroff.service": { + "name": "systemd-poweroff.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-quotacheck.service": { + "name": "systemd-quotacheck.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-random-seed.service": { + "name": "systemd-random-seed.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-reboot.service": { + "name": "systemd-reboot.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-remount-fs.service": { + "name": "systemd-remount-fs.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-resolved.service": { + "name": "systemd-resolved.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "systemd-rfkill.service": { + "name": "systemd-rfkill.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-suspend-then-hibernate.service": { + "name": "systemd-suspend-then-hibernate.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-suspend.service": { + "name": "systemd-suspend.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-sysctl.service": { + "name": "systemd-sysctl.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-sysusers.service": { + "name": "systemd-sysusers.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-timedated.service": { + "name": "systemd-timedated.service", + "source": "systemd", + "state": "inactive", + "status": "masked" + }, + "systemd-tmpfiles-clean.service": { + "name": "systemd-tmpfiles-clean.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-tmpfiles-setup-dev.service": { + "name": "systemd-tmpfiles-setup-dev.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-tmpfiles-setup.service": { + "name": "systemd-tmpfiles-setup.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-udev-settle.service": { + "name": "systemd-udev-settle.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "systemd-udev-trigger.service": { + "name": "systemd-udev-trigger.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-udevd.service": { + "name": "systemd-udevd.service", + "source": "systemd", + "state": "running", + "status": "static" + }, + "systemd-update-done.service": { + "name": "systemd-update-done.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-update-utmp-runlevel.service": { + "name": "systemd-update-utmp-runlevel.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-update-utmp.service": { + "name": "systemd-update-utmp.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-user-sessions.service": { + "name": "systemd-user-sessions.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-vconsole-setup.service": { + "name": "systemd-vconsole-setup.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "systemd-volatile-root.service": { + "name": "systemd-volatile-root.service", + "source": "systemd", + "state": "inactive", + "status": "static" + }, + "tcsd.service": { + "name": "tcsd.service", + "source": "systemd", + "state": "inactive", + "status": "disabled" + }, + "teamd@.service": { + "name": "teamd@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "timedatex.service": { + "name": "timedatex.service", + "source": "systemd", + "state": "inactive", + "status": "enabled" + }, + "tuned.service": { + "name": "tuned.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "unbound-anchor.service": { + "name": "unbound-anchor.service", + "source": "systemd", + "state": "stopped", + "status": "static" + }, + "user-runtime-dir@.service": { + "name": "user-runtime-dir@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "test5@test.service": { + "name": "test5@test.service", + "source": "systemd", + "state": "stopped", + "status": "unknown" + }, + "user@.service": { + "name": "user@.service", + "source": "systemd", + "state": "unknown", + "status": "static" + }, + "test6@test.service": { + "name": "test6@test.service", + "source": "systemd", + "state": "running", + "status": "unknown" + }, + "vgauthd.service": { + "name": "vgauthd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + }, + "vmtoolsd.service": { + "name": "vmtoolsd.service", + "source": "systemd", + "state": "running", + "status": "enabled" + } + }, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * discovered_interpreter_python: /usr/libexec/platform-python +> * ## Services +> * ### Networkmanager-Dispatcher.Service +> * name: NetworkManager-dispatcher.service +> * source: systemd +> * state: inactive +> * status: enabled +> * ### Networkmanager-Wait-Online.Service +> * name: NetworkManager-wait-online.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Networkmanager.Service +> * name: NetworkManager.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Arp-Ethers.Service +> * name: arp-ethers.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Atd.Service +> * name: atd.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Auditd.Service +> * name: auditd.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Autovt@.Service +> * name: autovt@.service +> * source: systemd +> * state: unknown +> * status: enabled +> * ### Blk-Availability.Service +> * name: blk-availability.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Chrony-Dnssrv@.Service +> * name: chrony-dnssrv@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Chrony-Wait.Service +> * name: chrony-wait.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Chronyd.Service +> * name: chronyd.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Console-Getty.Service +> * name: console-getty.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Container-Getty@.Service +> * name: container-getty@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Cpupower.Service +> * name: cpupower.service +> * source: systemd +> * state: stopped +> * status: disabled +> * ### Crond.Service +> * name: crond.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Dbus-Org.Fedoraproject.Firewalld1.Service +> * name: dbus-org.fedoraproject.FirewallD1.service +> * source: systemd +> * state: active +> * status: enabled +> * ### Dbus-Org.Freedesktop.Hostname1.Service +> * name: dbus-org.freedesktop.hostname1.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Dbus-Org.Freedesktop.Locale1.Service +> * name: dbus-org.freedesktop.locale1.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Dbus-Org.Freedesktop.Login1.Service +> * name: dbus-org.freedesktop.login1.service +> * source: systemd +> * state: active +> * status: static +> * ### Dbus-Org.Freedesktop.Nm-Dispatcher.Service +> * name: dbus-org.freedesktop.nm-dispatcher.service +> * source: systemd +> * state: inactive +> * status: enabled +> * ### Dbus-Org.Freedesktop.Portable1.Service +> * name: dbus-org.freedesktop.portable1.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Dbus-Org.Freedesktop.Timedate1.Service +> * name: dbus-org.freedesktop.timedate1.service +> * source: systemd +> * state: inactive +> * status: enabled +> * ### Dbus.Service +> * name: dbus.service +> * source: systemd +> * state: running +> * status: static +> * ### Debug-Shell.Service +> * name: debug-shell.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Dm-Event.Service +> * name: dm-event.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dnf-Makecache.Service +> * name: dnf-makecache.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Cmdline.Service +> * name: dracut-cmdline.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Initqueue.Service +> * name: dracut-initqueue.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Mount.Service +> * name: dracut-mount.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Pre-Mount.Service +> * name: dracut-pre-mount.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Pre-Pivot.Service +> * name: dracut-pre-pivot.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Pre-Trigger.Service +> * name: dracut-pre-trigger.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Pre-Udev.Service +> * name: dracut-pre-udev.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Dracut-Shutdown.Service +> * name: dracut-shutdown.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Ebtables.Service +> * name: ebtables.service +> * source: systemd +> * state: stopped +> * status: disabled +> * ### Emergency.Service +> * name: emergency.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Firewalld.Service +> * name: firewalld.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Fstrim.Service +> * name: fstrim.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Getty@.Service +> * name: getty@.service +> * source: systemd +> * state: unknown +> * status: enabled +> * ### test@test.service +> * name: test@test.service +> * source: systemd +> * state: running +> * status: unknown +> * ### Grub-Boot-Indeterminate.Service +> * name: grub-boot-indeterminate.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Halt-Local.Service +> * name: halt-local.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Htcacheclean.Service +> * name: htcacheclean.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Httpd.Service +> * name: httpd.service +> * source: systemd +> * state: running +> * status: disabled +> * ### Httpd@.Service +> * name: httpd@.service +> * source: systemd +> * state: unknown +> * status: disabled +> * ### Import-State.Service +> * name: import-state.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Initrd-Cleanup.Service +> * name: initrd-cleanup.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Initrd-Parse-Etc.Service +> * name: initrd-parse-etc.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Initrd-Switch-Root.Service +> * name: initrd-switch-root.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Initrd-Udevadm-Cleanup-Db.Service +> * name: initrd-udevadm-cleanup-db.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Iprdump.Service +> * name: iprdump.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Iprinit.Service +> * name: iprinit.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Iprupdate.Service +> * name: iprupdate.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Irqbalance.Service +> * name: irqbalance.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Kdump.Service +> * name: kdump.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Kmod-Static-Nodes.Service +> * name: kmod-static-nodes.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Ldconfig.Service +> * name: ldconfig.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Loadmodules.Service +> * name: loadmodules.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Lvm2-Lvmpolld.Service +> * name: lvm2-lvmpolld.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Lvm2-Monitor.Service +> * name: lvm2-monitor.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Lvm2-Pvscan@.Service +> * name: lvm2-pvscan@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Lvm2-Pvscan@8:2.Service +> * name: lvm2-pvscan@8:2.service +> * source: systemd +> * state: stopped +> * status: unknown +> * ### Man-Db-Cache-Update.Service +> * name: man-db-cache-update.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Messagebus.Service +> * name: messagebus.service +> * source: systemd +> * state: active +> * status: static +> * ### Microcode.Service +> * name: microcode.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Nftables.Service +> * name: nftables.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Nis-Domainname.Service +> * name: nis-domainname.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Plymouth-Halt.Service +> * name: plymouth-halt.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Plymouth-Kexec.Service +> * name: plymouth-kexec.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Plymouth-Poweroff.Service +> * name: plymouth-poweroff.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Plymouth-Quit-Wait.Service +> * name: plymouth-quit-wait.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Plymouth-Quit.Service +> * name: plymouth-quit.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Plymouth-Read-Write.Service +> * name: plymouth-read-write.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Plymouth-Reboot.Service +> * name: plymouth-reboot.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Plymouth-Start.Service +> * name: plymouth-start.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Plymouth-Switch-Root.Service +> * name: plymouth-switch-root.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Polkit.Service +> * name: polkit.service +> * source: systemd +> * state: running +> * status: static +> * ### Quotaon.Service +> * name: quotaon.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Rc-Local.Service +> * name: rc-local.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Rdisc.Service +> * name: rdisc.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Rescue.Service +> * name: rescue.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Rngd-Wake-Threshold.Service +> * name: rngd-wake-threshold.service +> * source: systemd +> * state: stopped +> * status: disabled +> * ### Rngd.Service +> * name: rngd.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Rsyslog.Service +> * name: rsyslog.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Selinux-Autorelabel-Mark.Service +> * name: selinux-autorelabel-mark.service +> * source: systemd +> * state: stopped +> * status: enabled +> * ### Selinux-Autorelabel.Service +> * name: selinux-autorelabel.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Serial-Getty@.Service +> * name: serial-getty@.service +> * source: systemd +> * state: unknown +> * status: disabled +> * ### Sshd-Keygen@.Service +> * name: sshd-keygen@.service +> * source: systemd +> * state: unknown +> * status: disabled +> * ### test1@test.service +> * name: test1@test.service +> * source: systemd +> * state: stopped +> * status: unknown +> * ### test2@test.service +> * name: test2@test.service +> * source: systemd +> * state: stopped +> * status: unknown +> * ### test3@test.service +> * name: test3@test.service +> * source: systemd +> * state: stopped +> * status: unknown +> * ### Sshd.Service +> * name: sshd.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Sshd@.Service +> * name: sshd@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Sssd-Autofs.Service +> * name: sssd-autofs.service +> * source: systemd +> * state: inactive +> * status: indirect +> * ### Sssd-Kcm.Service +> * name: sssd-kcm.service +> * source: systemd +> * state: stopped +> * status: indirect +> * ### Sssd-Nss.Service +> * name: sssd-nss.service +> * source: systemd +> * state: inactive +> * status: indirect +> * ### Sssd-Pac.Service +> * name: sssd-pac.service +> * source: systemd +> * state: inactive +> * status: indirect +> * ### Sssd-Pam.Service +> * name: sssd-pam.service +> * source: systemd +> * state: inactive +> * status: indirect +> * ### Sssd-Ssh.Service +> * name: sssd-ssh.service +> * source: systemd +> * state: inactive +> * status: indirect +> * ### Sssd-Sudo.Service +> * name: sssd-sudo.service +> * source: systemd +> * state: inactive +> * status: indirect +> * ### Sssd.Service +> * name: sssd.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Syslog.Service +> * name: syslog.service +> * source: systemd +> * state: active +> * status: enabled +> * ### System-Update-Cleanup.Service +> * name: system-update-cleanup.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Ask-Password-Console.Service +> * name: systemd-ask-password-console.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Ask-Password-Plymouth.Service +> * name: systemd-ask-password-plymouth.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Ask-Password-Wall.Service +> * name: systemd-ask-password-wall.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Backlight@.Service +> * name: systemd-backlight@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Systemd-Binfmt.Service +> * name: systemd-binfmt.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Coredump@.Service +> * name: systemd-coredump@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### test4@test.service +> * name: test4@test.service +> * source: systemd +> * state: stopped +> * status: unknown +> * ### Systemd-Exit.Service +> * name: systemd-exit.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Firstboot.Service +> * name: systemd-firstboot.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Fsck-Root.Service +> * name: systemd-fsck-root.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Fsck@.Service +> * name: systemd-fsck@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Systemd-Fsck@Dev-Disk-By\X2Duuid-99851642\X2D260F\X2D4D7E\X2D83Dd\X2D7Cc990D49126.Service +> * name: systemd-fsck@dev-disk-by\x2duuid-99851642\x2d260f\x2d4d7e\x2d83dd\x2d7cc990d49126.service +> * source: systemd +> * state: stopped +> * status: unknown +> * ### Systemd-Halt.Service +> * name: systemd-halt.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Hibernate-Resume@.Service +> * name: systemd-hibernate-resume@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Systemd-Hibernate.Service +> * name: systemd-hibernate.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Hostnamed.Service +> * name: systemd-hostnamed.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Hwdb-Update.Service +> * name: systemd-hwdb-update.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Hybrid-Sleep.Service +> * name: systemd-hybrid-sleep.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Initctl.Service +> * name: systemd-initctl.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Journal-Catalog-Update.Service +> * name: systemd-journal-catalog-update.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Journal-Flush.Service +> * name: systemd-journal-flush.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Journald.Service +> * name: systemd-journald.service +> * source: systemd +> * state: running +> * status: static +> * ### Systemd-Kexec.Service +> * name: systemd-kexec.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Localed.Service +> * name: systemd-localed.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Logind.Service +> * name: systemd-logind.service +> * source: systemd +> * state: running +> * status: static +> * ### Systemd-Machine-Id-Commit.Service +> * name: systemd-machine-id-commit.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Modules-Load.Service +> * name: systemd-modules-load.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Portabled.Service +> * name: systemd-portabled.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Poweroff.Service +> * name: systemd-poweroff.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Quotacheck.Service +> * name: systemd-quotacheck.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Random-Seed.Service +> * name: systemd-random-seed.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Reboot.Service +> * name: systemd-reboot.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Remount-Fs.Service +> * name: systemd-remount-fs.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Resolved.Service +> * name: systemd-resolved.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Systemd-Rfkill.Service +> * name: systemd-rfkill.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Suspend-Then-Hibernate.Service +> * name: systemd-suspend-then-hibernate.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Suspend.Service +> * name: systemd-suspend.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Sysctl.Service +> * name: systemd-sysctl.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Sysusers.Service +> * name: systemd-sysusers.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Timedated.Service +> * name: systemd-timedated.service +> * source: systemd +> * state: inactive +> * status: masked +> * ### Systemd-Tmpfiles-Clean.Service +> * name: systemd-tmpfiles-clean.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Tmpfiles-Setup-Dev.Service +> * name: systemd-tmpfiles-setup-dev.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Tmpfiles-Setup.Service +> * name: systemd-tmpfiles-setup.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Udev-Settle.Service +> * name: systemd-udev-settle.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Systemd-Udev-Trigger.Service +> * name: systemd-udev-trigger.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Udevd.Service +> * name: systemd-udevd.service +> * source: systemd +> * state: running +> * status: static +> * ### Systemd-Update-Done.Service +> * name: systemd-update-done.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Update-Utmp-Runlevel.Service +> * name: systemd-update-utmp-runlevel.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Update-Utmp.Service +> * name: systemd-update-utmp.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-User-Sessions.Service +> * name: systemd-user-sessions.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Vconsole-Setup.Service +> * name: systemd-vconsole-setup.service +> * source: systemd +> * state: stopped +> * status: static +> * ### Systemd-Volatile-Root.Service +> * name: systemd-volatile-root.service +> * source: systemd +> * state: inactive +> * status: static +> * ### Tcsd.Service +> * name: tcsd.service +> * source: systemd +> * state: inactive +> * status: disabled +> * ### Teamd@.Service +> * name: teamd@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### Timedatex.Service +> * name: timedatex.service +> * source: systemd +> * state: inactive +> * status: enabled +> * ### Tuned.Service +> * name: tuned.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Unbound-Anchor.Service +> * name: unbound-anchor.service +> * source: systemd +> * state: stopped +> * status: static +> * ### User-Runtime-Dir@.Service +> * name: user-runtime-dir@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### test5@test.service +> * name: test5@test.service +> * source: systemd +> * state: stopped +> * status: unknown +> * ### User@.Service +> * name: user@.service +> * source: systemd +> * state: unknown +> * status: static +> * ### test6@test.service +> * name: test6@test.service +> * source: systemd +> * state: running +> * status: unknown +> * ### Vgauthd.Service +> * name: vgauthd.service +> * source: systemd +> * state: running +> * status: enabled +> * ### Vmtoolsd.Service +> * name: vmtoolsd.service +> * source: systemd +> * state: running +> * status: enabled + + +### linux-setup +*** +Gathers facts about remote hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/setup_module.html + + +#### Base Command + +`linux-setup` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| gather_subset | If supplied, restrict the additional facts collected to the given subset. Possible values: `all`, `min`, `hardware`, `network`, `virtual`, `ohai`, and `facter`. Can specify a list of values to specify a larger subset. Values can also be used with an initial `!` to specify that that specific subset should not be collected. For instance: `!hardware,!network,!virtual,!ohai,!facter`. If `!all` is specified then only the min subset is collected. To avoid collecting even the min subset, specify `!all,!min`. To collect only specific facts, use `!all,!min`, and specify the particular fact subsets. Use the filter parameter if you do not want to display some collected facts. Default is all. | Optional | +| gather_timeout | Set the default timeout in seconds for individual fact gathering. Default is 10. | Optional | +| filter | If supplied, only return facts that match this shell-style (fnmatch) wildcard. Default is *. | Optional | +| fact_path | Path used for local ansible facts (`*.fact`) - files in this dir will be run (if executable) and their results be added to `ansible_local` facts if a file is not executable it is read. Check notes for Windows options. (from 2.1 on) File/results format can be JSON or INI-format. The default `fact_path` can be specified in `ansible.cfg` for when setup is automatically called as part of `gather_facts`. Default is /etc/ansible/facts.d. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-sysctl +*** +Manage entries in sysctl.conf. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/sysctl_module.html + + +#### Base Command + +`linux-sysctl` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The dot-separated path (aka `key`) specifying the sysctl variable. | Required | +| value | Desired value of the sysctl key. | Optional | +| state | Whether the entry should be present or absent in the sysctl file. Possible values are: present, absent. Default is present. | Optional | +| ignoreerrors | Use this option to ignore errors about unknown keys. Default is no. | Optional | +| reload | If `yes`, performs a `/sbin/sysctl -p` if the `sysctl_file` is updated. If `no`, does not reload `sysctl` even if the `sysctl_file` is updated. Default is yes. | Optional | +| sysctl_file | Specifies the absolute path to `sysctl.conf`, if not `/etc/sysctl.conf`. Default is /etc/sysctl.conf. | Optional | +| sysctl_set | Verify token value with the sysctl command and set with -w if necessary. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-sysctl host="123.123.123.123" name="vm.swappiness" value="5" state="present" ``` + +#### Context Example +```json +{ + "Linux": { + "Sysctl": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-systemd +*** +Manage services +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/systemd_module.html + + +#### Base Command + +`linux-systemd` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the service. This parameter takes the name of exactly one service to work with.
When using in a chroot environment you always need to specify the full name i.e. (crond.service). | Optional | +| state | `started`/`stopped` are idempotent actions that will not run commands unless necessary. `restarted` will always bounce the service. `reloaded` will always reload. Possible values are: reloaded, restarted, started, stopped. | Optional | +| enabled | Whether the service should start on boot. `At least one of state and enabled are required.`. | Optional | +| force | Whether to override existing symlinks. | Optional | +| masked | Whether the unit should be masked or not, a masked unit is impossible to start. | Optional | +| daemon_reload | Run daemon-reload before doing any other operations, to make sure systemd has read any changes.
When set to `yes`, runs daemon-reload even if the module does not start or stop anything. Possible values are: Yes, No. Default is No. | Optional | +| daemon_reexec | Run daemon_reexec command before doing any other operations, the systemd manager will serialize the manager state. Possible values are: Yes, No. Default is No. | Optional | +| user | (deprecated) run ``systemctl`` talking to the service manager of the calling user, rather than the service manager of the system.
This option is deprecated and will eventually be removed in 2.11. The ``scope`` option should be used instead. Possible values are: Yes, No. Default is No. | Optional | +| scope | run systemctl within a given service manager scope, either as the default system scope (system), the current user's scope (user), or the scope of all users (global).
For systemd to work with 'user', the executing user must have its own instance of dbus started (systemd requirement). The user dbus process is normally started during normal login, but not during the run of Ansible tasks. Otherwise you will probably get a 'Failed to connect to bus: no such file or directory' error. Possible values are: system, user, global. | Optional | +| no_block | Do not synchronously wait for the requested operation to finish. Enqueued job will continue without Ansible blocking on its completion. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Systemd.status | unknown | A dictionary with the key=value pairs returned from \`systemctl show\` | + + +#### Command Example +```!linux-systemd host="123.123.123.123" state="started" name="httpd" ``` + +#### Context Example +```json +{ + "Linux": { + "Systemd": { + "changed": false, + "host": "123.123.123.123", + "name": "httpd", + "state": "started", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * name: httpd +> * state: started +> * ## Status +> * ActiveEnterTimestamp: Thu 2021-07-08 14:12:41 JST +> * ActiveEnterTimestampMonotonic: 331222117201 +> * ActiveExitTimestampMonotonic: 0 +> * ActiveState: active +> * After: system.slice basic.target systemd-journald.socket systemd-tmpfiles-setup.service -.mount nss-lookup.target remote-fs.target httpd-init.service sysinit.target network.target tmp.mount +> * AllowIsolate: no +> * AllowedCPUs: +> * AllowedMemoryNodes: +> * AmbientCapabilities: +> * AssertResult: yes +> * AssertTimestamp: Thu 2021-07-08 14:12:41 JST +> * AssertTimestampMonotonic: 331221986103 +> * Before: shutdown.target +> * BlockIOAccounting: no +> * BlockIOWeight: [not set] +> * CPUAccounting: no +> * CPUAffinity: +> * CPUQuotaPerSecUSec: infinity +> * CPUSchedulingPolicy: 0 +> * CPUSchedulingPriority: 0 +> * CPUSchedulingResetOnFork: no +> * CPUShares: [not set] +> * CPUUsageNSec: [not set] +> * CPUWeight: [not set] +> * CacheDirectoryMode: 0755 +> * CanIsolate: no +> * CanReload: yes +> * CanStart: yes +> * CanStop: yes +> * CapabilityBoundingSet: cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend +> * CollectMode: inactive +> * ConditionResult: yes +> * ConditionTimestamp: Thu 2021-07-08 14:12:41 JST +> * ConditionTimestampMonotonic: 331221986102 +> * ConfigurationDirectoryMode: 0755 +> * Conflicts: shutdown.target +> * ControlGroup: /system.slice/httpd.service +> * ControlPID: 0 +> * DefaultDependencies: yes +> * Delegate: no +> * Description: The Apache HTTP Server +> * DevicePolicy: auto +> * Documentation: man:httpd.service(8) +> * DynamicUser: no +> * EffectiveCPUs: +> * EffectiveMemoryNodes: +> * Environment: LANG=C +> * ExecMainCode: 0 +> * ExecMainExitTimestampMonotonic: 0 +> * ExecMainPID: 7626 +> * ExecMainStartTimestamp: Thu 2021-07-08 14:12:41 JST +> * ExecMainStartTimestampMonotonic: 331221988640 +> * ExecMainStatus: 0 +> * ExecReload: { path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 } +> * ExecStart: { path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[Thu 2021-07-08 14:12:41 JST] ; stop_time=[n/a] ; pid=7626 ; code=(null) ; status=0/0 } +> * FailureAction: none +> * FileDescriptorStoreMax: 0 +> * FragmentPath: /usr/lib/systemd/system/httpd.service +> * GID: [not set] +> * GuessMainPID: yes +> * IOAccounting: no +> * IOSchedulingClass: 0 +> * IOSchedulingPriority: 0 +> * IOWeight: [not set] +> * IPAccounting: no +> * IPEgressBytes: 18446744073709551615 +> * IPEgressPackets: 18446744073709551615 +> * IPIngressBytes: 18446744073709551615 +> * IPIngressPackets: 18446744073709551615 +> * Id: httpd.service +> * IgnoreOnIsolate: no +> * IgnoreSIGPIPE: yes +> * InactiveEnterTimestampMonotonic: 0 +> * InactiveExitTimestamp: Thu 2021-07-08 14:12:41 JST +> * InactiveExitTimestampMonotonic: 331221988825 +> * InvocationID: 7bb9f1e196514d5f87dfb3602a1c9e32 +> * JobRunningTimeoutUSec: infinity +> * JobTimeoutAction: none +> * JobTimeoutUSec: infinity +> * KeyringMode: private +> * KillMode: mixed +> * KillSignal: 28 +> * LimitAS: infinity +> * LimitASSoft: infinity +> * LimitCORE: infinity +> * LimitCORESoft: infinity +> * LimitCPU: infinity +> * LimitCPUSoft: infinity +> * LimitDATA: infinity +> * LimitDATASoft: infinity +> * LimitFSIZE: infinity +> * LimitFSIZESoft: infinity +> * LimitLOCKS: infinity +> * LimitLOCKSSoft: infinity +> * LimitMEMLOCK: 65536 +> * LimitMEMLOCKSoft: 65536 +> * LimitMSGQUEUE: 819200 +> * LimitMSGQUEUESoft: 819200 +> * LimitNICE: 0 +> * LimitNICESoft: 0 +> * LimitNOFILE: 262144 +> * LimitNOFILESoft: 1024 +> * LimitNPROC: 7805 +> * LimitNPROCSoft: 7805 +> * LimitRSS: infinity +> * LimitRSSSoft: infinity +> * LimitRTPRIO: 0 +> * LimitRTPRIOSoft: 0 +> * LimitRTTIME: infinity +> * LimitRTTIMESoft: infinity +> * LimitSIGPENDING: 7805 +> * LimitSIGPENDINGSoft: 7805 +> * LimitSTACK: infinity +> * LimitSTACKSoft: 8388608 +> * LoadState: loaded +> * LockPersonality: no +> * LogLevelMax: -1 +> * LogRateLimitBurst: 0 +> * LogRateLimitIntervalUSec: 0 +> * LogsDirectoryMode: 0755 +> * MainPID: 7626 +> * MemoryAccounting: yes +> * MemoryCurrent: 30425088 +> * MemoryDenyWriteExecute: no +> * MemoryHigh: infinity +> * MemoryLimit: infinity +> * MemoryLow: 0 +> * MemoryMax: infinity +> * MemorySwapMax: infinity +> * MountAPIVFS: no +> * MountFlags: +> * NFileDescriptorStore: 0 +> * NRestarts: 0 +> * NUMAMask: +> * NUMAPolicy: n/a +> * Names: httpd.service +> * NeedDaemonReload: no +> * Nice: 0 +> * NoNewPrivileges: no +> * NonBlocking: no +> * NotifyAccess: main +> * OOMScoreAdjust: 0 +> * OnFailureJobMode: replace +> * PermissionsStartOnly: no +> * Perpetual: no +> * PrivateDevices: no +> * PrivateMounts: no +> * PrivateNetwork: no +> * PrivateTmp: yes +> * PrivateUsers: no +> * ProtectControlGroups: no +> * ProtectHome: no +> * ProtectKernelModules: no +> * ProtectKernelTunables: no +> * ProtectSystem: no +> * RefuseManualStart: no +> * RefuseManualStop: no +> * RemainAfterExit: no +> * RemoveIPC: no +> * Requires: system.slice sysinit.target -.mount +> * RequiresMountsFor: /var/tmp +> * Restart: no +> * RestartUSec: 100ms +> * RestrictNamespaces: no +> * RestrictRealtime: no +> * RestrictSUIDSGID: no +> * Result: success +> * RootDirectoryStartOnly: no +> * RuntimeDirectoryMode: 0755 +> * RuntimeDirectoryPreserve: no +> * RuntimeMaxUSec: infinity +> * SameProcessGroup: no +> * SecureBits: 0 +> * SendSIGHUP: no +> * SendSIGKILL: yes +> * Slice: system.slice +> * StandardError: inherit +> * StandardInput: null +> * StandardInputData: +> * StandardOutput: journal +> * StartLimitAction: none +> * StartLimitBurst: 5 +> * StartLimitIntervalUSec: 10s +> * StartupBlockIOWeight: [not set] +> * StartupCPUShares: [not set] +> * StartupCPUWeight: [not set] +> * StartupIOWeight: [not set] +> * StateChangeTimestamp: Thu 2021-07-08 14:12:41 JST +> * StateChangeTimestampMonotonic: 331222165344 +> * StateDirectoryMode: 0755 +> * StatusErrno: 0 +> * StatusText: Running, listening on: port 80 +> * StopWhenUnneeded: no +> * SubState: running +> * SuccessAction: none +> * SyslogFacility: 3 +> * SyslogLevel: 6 +> * SyslogLevelPrefix: yes +> * SyslogPriority: 30 +> * SystemCallErrorNumber: 0 +> * TTYReset: no +> * TTYVHangup: no +> * TTYVTDisallocate: no +> * TasksAccounting: yes +> * TasksCurrent: 213 +> * TasksMax: 12488 +> * TimeoutStartUSec: 1min 30s +> * TimeoutStopUSec: 1min 30s +> * TimerSlackNSec: 50000 +> * Transient: no +> * Type: notify +> * UID: [not set] +> * UMask: 0022 +> * UnitFilePreset: disabled +> * UnitFileState: disabled +> * UtmpMode: init +> * Wants: httpd-init.service +> * WatchdogTimestamp: Thu 2021-07-08 14:12:41 JST +> * WatchdogTimestampMonotonic: 331222117198 +> * WatchdogUSec: 0 + + +### linux-sysvinit +*** +Manage SysV services. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/sysvinit_module.html + + +#### Base Command + +`linux-sysvinit` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the service. | Required | +| state | `started`/`stopped` are idempotent actions that will not run commands unless necessary. Not all init scripts support `restarted` nor `reloaded` natively, so these will both trigger a stop and start as needed. Possible values are: started, stopped, restarted, reloaded. | Optional | +| enabled | Whether the service should start on boot. `At least one of state and enabled are required.`. | Optional | +| sleep | If the service is being `restarted` or `reloaded` then sleep this many seconds between the stop and start command. This helps to workaround badly behaving services. Default is 1. | Optional | +| pattern | A substring to look for as would be found in the output of the `ps` command as a stand-in for a status result.
If the string is found, the service will be assumed to be running.
This option is mainly for use with init scripts that don't support the 'status' option. | Optional | +| runlevels | The runlevels this script should be enabled/disabled from.
Use this to override the defaults set by the package or init script itself. | Optional | +| arguments | Additional arguments provided on the command line that some init scripts accept. | Optional | +| daemonize | Have the module daemonize as the service itself might not do so properly.
This is useful with badly written init scripts or daemons, which commonly manifests as the task hanging as it is still holding the tty or the service dying when the task is over as the connection closes the session. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Sysvinit.results | unknown | results from actions taken | + + + +### linux-timezone +*** +Configure timezone setting +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/timezone_module.html + + +#### Base Command + +`linux-timezone` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the timezone for the system clock.
Default is to keep current setting.
`At least one of name and hwclock are required.`. | Optional | +| hwclock | Whether the hardware clock is in UTC or in local timezone.
Default is to keep current setting.
Note that this option is recommended not to change and may fail to configure, especially on virtual environments such as AWS.
`At least one of name and hwclock are required.`
`Only used on Linux.`. Possible values are: local, UTC. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Timezone.diff | unknown | The differences about the given arguments. | + + +#### Command Example +```!linux-timezone host="123.123.123.123" name="Asia/Tokyo" ``` + +#### Context Example +```json +{ + "Linux": { + "Timezone": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### linux-ufw +*** +Manage firewall with UFW +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ufw_module.html + + +#### Base Command + +`linux-ufw` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | `enabled` reloads firewall and enables firewall on boot.
`disabled` unloads firewall and disables firewall on boot.
`reloaded` reloads firewall.
`reset` disables and resets firewall to installation defaults. Possible values are: disabled, enabled, reloaded, reset. | Optional | +| default | Change the default policy for incoming or outgoing traffic. Possible values are: allow, deny, reject. | Optional | +| direction | Select direction for a rule or default policy command. Possible values are: in, incoming, out, outgoing, routed. | Optional | +| logging | Toggles logging. Logged packets use the LOG_KERN syslog facility. Possible values are: on, off, low, medium, high, full. | Optional | +| insert | Insert the corresponding rule as rule number NUM.
Note that ufw numbers rules starting with 1. | Optional | +| insert_relative_to | Allows to interpret the index in `insert` relative to a position.
`zero` interprets the rule number as an absolute index (i.e. 1 is the first rule).
`first-ipv4` interprets the rule number relative to the index of the first IPv4 rule, or relative to the position where the first IPv4 rule would be if there is currently none.
`last-ipv4` interprets the rule number relative to the index of the last IPv4 rule, or relative to the position where the last IPv4 rule would be if there is currently none.
`first-ipv6` interprets the rule number relative to the index of the first IPv6 rule, or relative to the position where the first IPv6 rule would be if there is currently none.
`last-ipv6` interprets the rule number relative to the index of the last IPv6 rule, or relative to the position where the last IPv6 rule would be if there is currently none. Possible values are: first-ipv4, first-ipv6, last-ipv4, last-ipv6, zero. Default is zero. | Optional | +| rule | Add firewall rule. Possible values are: allow, deny, limit, reject. | Optional | +| log | Log new connections matched to this rule. | Optional | +| from_ip | Source IP address. Default is any. | Optional | +| from_port | Source port. | Optional | +| to_ip | Destination IP address. Default is any. | Optional | +| to_port | Destination port. | Optional | +| proto | TCP/IP protocol. Possible values are: any, tcp, udp, ipv6, esp, ah, gre, igmp. | Optional | +| name | Use profile located in `/etc/ufw/applications.d`. | Optional | +| delete | Delete rule. | Optional | +| interface | Specify interface for rule. | Optional | +| route | Apply the rule to routed/forwarded packets. | Optional | +| comment | Add a comment to the rule. Requires UFW version >=0.35. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-user +*** +Manage user accounts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/user_module.html + + +#### Base Command + +`linux-user` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the user to create, remove or modify. | Required | +| uid | Optionally sets the `UID` of the user. | Optional | +| comment | Optionally sets the description (aka `GECOS`) of user account. | Optional | +| hidden | macOS only, optionally hide the user from the login window and system preferences.
The default will be `yes` if the `system` option is used. | Optional | +| non_unique | Optionally when used with the -u option, this option allows to change the user ID to a non-unique value. Possible values are: Yes, No. Default is No. | Optional | +| seuser | Optionally sets the seuser type (user_u) on selinux enabled systems. | Optional | +| group | Optionally sets the user's primary group (takes a group name). | Optional | +| groups | List of groups user will be added to. When set to an empty string `''`, the user is removed from all groups except the primary group.
Before Ansible 2.3, the only input format allowed was a comma separated string.
Mutually exclusive with `local`. | Optional | +| append | If `yes`, add the user to the groups specified in `groups`.
If `no`, user will only be added to the groups specified in `groups`, removing them from all other groups.
Mutually exclusive with `local`. Possible values are: Yes, No. Default is No. | Optional | +| shell | Optionally set the user's shell.
On macOS, before Ansible 2.5, the default shell for non-system users was `/usr/bin/false`. Since Ansible 2.5, the default shell for non-system users on macOS is `/bin/bash`.
On other operating systems, the default shell is determined by the underlying tool being used. See Notes for details. | Optional | +| home | Optionally set the user's home directory. | Optional | +| skeleton | Optionally set a home skeleton directory.
Requires `create_home` option!. | Optional | +| password | Optionally set the user's password to this crypted value.
On macOS systems, this value has to be cleartext. Beware of security issues.
To create a disabled account on Linux systems, set this to `'!'` or `'*'`.
To create a disabled account on OpenBSD, set this to `'*************'`.
See `https://docs.ansible.com/ansible/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module` for details on various ways to generate these password values. | Optional | +| state | Whether the account should exist or not, taking action if the state is different from what is stated. Possible values are: absent, present. Default is present. | Optional | +| create_home | Unless set to `no`, a home directory will be made for the user when the account is created or if the home directory does not exist.
Changed from `createhome` to `create_home` in Ansible 2.5. Possible values are: Yes, No. Default is Yes. | Optional | +| move_home | If set to `yes` when used with `home: `, attempt to move the user's old home directory to the specified directory if it isn't there already and the old home exists. Possible values are: Yes, No. Default is No. | Optional | +| system | When creating an account `state=present`, setting this to `yes` makes the user a system account.
This setting cannot be changed on existing users. Possible values are: Yes, No. Default is No. | Optional | +| force | This only affects `state=absent`, it forces removal of the user and associated directories on supported platforms.
The behavior is the same as `userdel --force`, check the man page for `userdel` on your system for details and support.
When used with `generate_ssh_key=yes` this forces an existing key to be overwritten. Possible values are: Yes, No. Default is No. | Optional | +| remove | This only affects `state=absent`, it attempts to remove directories associated with the user.
The behavior is the same as `userdel --remove`, check the man page for details and support. Possible values are: Yes, No. Default is No. | Optional | +| login_class | Optionally sets the user's login class, a feature of most BSD OSs. | Optional | +| generate_ssh_key | Whether to generate a SSH key for the user in question.
This will `not` overwrite an existing SSH key unless used with `force=yes`. Possible values are: Yes, No. Default is No. | Optional | +| ssh_key_bits | Optionally specify number of bits in SSH key to create. Default is default set by ssh-keygen. | Optional | +| ssh_key_type | Optionally specify the type of SSH key to generate.
Available SSH key types will depend on implementation present on target host. Default is rsa. | Optional | +| ssh_key_file | Optionally specify the SSH key filename.
If this is a relative filename then it will be relative to the user's home directory.
This parameter defaults to `.ssh/id_rsa`. | Optional | +| ssh_key_comment | Optionally define the comment for the SSH key. Default is ansible-generated on $HOSTNAME. | Optional | +| ssh_key_passphrase | Set a passphrase for the SSH key.
If no passphrase is provided, the SSH key will default to having no passphrase. | Optional | +| update_password | `always` will update passwords if they differ.
`on_create` will only set the password for newly created users. Possible values are: always, on_create. Default is always. | Optional | +| expires | An expiry time for the user in epoch, it will be ignored on platforms that do not support this.
Currently supported on GNU/Linux, FreeBSD, and DragonFlyBSD.
Since Ansible 2.6 you can remove the expiry time specify a negative value. Currently supported on GNU/Linux and FreeBSD. | Optional | +| password_lock | Lock the password (`usermod -L`, `usermod -U`, `pw lock`).
Implementation differs by platform. This option does not always mean the user cannot login using other methods.
This option does not disable the user, only lock the password.
This must be set to `False` in order to unlock a currently locked password. The absence of this parameter will not unlock a password.
Currently supported on Linux, FreeBSD, DragonFlyBSD, NetBSD, OpenBSD. | Optional | +| local | Forces the use of "local" command alternatives on platforms that implement it.
This is useful in environments that use centralized authentification when you want to manipulate the local users (i.e. it uses `luseradd` instead of `useradd`).
This will check `/etc/passwd` for an existing account before invoking commands. If the local account database exists somewhere other than `/etc/passwd`, this setting will not work properly.
This requires that the above commands as well as `/etc/passwd` must exist on the target host, otherwise it will be a fatal error.
Mutually exclusive with `groups` and `append`. Possible values are: Yes, No. Default is No. | Optional | +| profile | Sets the profile of the user.
Does nothing when used with other platforms.
Can set multiple profiles using comma separation.
To delete all the profiles, use `profile=''`.
Currently supported on Illumos/Solaris. | Optional | +| authorization | Sets the authorization of the user.
Does nothing when used with other platforms.
Can set multiple authorizations using comma separation.
To delete all authorizations, use `authorization=''`.
Currently supported on Illumos/Solaris. | Optional | +| role | Sets the role of the user.
Does nothing when used with other platforms.
Can set multiple roles using comma separation.
To delete all roles, use `role=''`.
Currently supported on Illumos/Solaris. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.User.append | boolean | Whether or not to append the user to groups | +| Linux.User.comment | string | Comment section from passwd file, usually the user name | +| Linux.User.create_home | boolean | Whether or not to create the home directory | +| Linux.User.force | boolean | Whether or not a user account was forcibly deleted | +| Linux.User.group | number | Primary user group ID | +| Linux.User.groups | string | List of groups of which the user is a member | +| Linux.User.home | string | Path to user's home directory | +| Linux.User.move_home | boolean | Whether or not to move an existing home directory | +| Linux.User.name | string | User account name | +| Linux.User.password | string | Masked value of the password | +| Linux.User.remove | boolean | Whether or not to remove the user account | +| Linux.User.shell | string | User login shell | +| Linux.User.ssh_fingerprint | string | Fingerprint of generated SSH key | +| Linux.User.ssh_key_file | string | Path to generated SSH private key file | +| Linux.User.ssh_public_key | string | Generated SSH public key file | +| Linux.User.stderr | string | Standard error from running commands | +| Linux.User.stdout | string | Standard output from running commands | +| Linux.User.system | boolean | Whether or not the account is a system account | +| Linux.User.uid | number | User ID of the user account | + + + +### linux-xfs-quota +*** +Manage quotas on XFS filesystems +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/xfs_quota_module.html + + +#### Base Command + +`linux-xfs-quota` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| type | The XFS quota type. Possible values are: user, group, project. | Required | +| name | The name of the user, group or project to apply the quota to, if other than default. | Optional | +| mountpoint | The mount point on which to apply the quotas. | Required | +| bhard | Hard blocks quota limit.
This argument supports human readable sizes. | Optional | +| bsoft | Soft blocks quota limit.
This argument supports human readable sizes. | Optional | +| ihard | Hard inodes quota limit. | Optional | +| isoft | Soft inodes quota limit. | Optional | +| rtbhard | Hard realtime blocks quota limit.
This argument supports human readable sizes. | Optional | +| rtbsoft | Soft realtime blocks quota limit.
This argument supports human readable sizes. | Optional | +| state | Whether to apply the limits or remove them.
When removing limit, they are set to 0, and not quite removed. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.XfsQuota.bhard | number | the current bhard setting in bytes | +| Linux.XfsQuota.bsoft | number | the current bsoft setting in bytes | +| Linux.XfsQuota.ihard | number | the current ihard setting in bytes | +| Linux.XfsQuota.isoft | number | the current isoft setting in bytes | +| Linux.XfsQuota.rtbhard | number | the current rtbhard setting in bytes | +| Linux.XfsQuota.rtbsoft | number | the current rtbsoft setting in bytes | + + + +### linux-htpasswd +*** +manage user files for basic authentication +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/htpasswd_module.html + + +#### Base Command + +`linux-htpasswd` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to the file that contains the usernames and passwords. | Required | +| name | User name to add or remove. | Required | +| password | Password associated with user.
Must be specified if user does not exist yet. | Optional | +| crypt_scheme | Encryption scheme to be used. As well as the four choices listed here, you can also use any other hash supported by passlib, such as md5_crypt and sha256_crypt, which are linux passwd hashes. If you do so the password file will not be compatible with Apache or Nginx. Possible values are: apr_md5_crypt, des_crypt, ldap_sha1, plaintext. Default is apr_md5_crypt. | Optional | +| state | Whether the user entry should be present or not. Possible values are: present, absent. Default is present. | Optional | +| create | Used with `state=present`. If specified, the file will be created if it does not already exist. If set to "no", will fail if the file does not exist. Default is yes. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-supervisorctl +*** +Manage the state of a program or group of programs running via supervisord +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/supervisorctl_module.html + + +#### Base Command + +`linux-supervisorctl` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the supervisord program or group to manage.
The name will be taken as group name when it ends with a colon `:`
Group support is only available in Ansible version 1.6 or later. | Required | +| config | The supervisor configuration file path. | Optional | +| server_url | URL on which supervisord server is listening. | Optional | +| username | username to use for authentication. | Optional | +| password | password to use for authentication. | Optional | +| state | The desired state of program/group. Possible values are: present, started, stopped, restarted, absent, signalled. | Required | +| signal | The signal to send to the program/group, when combined with the 'signalled' state. Required when l(state=signalled). | Optional | +| supervisorctl_path | path to supervisorctl executable. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-openssh-cert +*** +Generate OpenSSH host or user certificates. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssh_cert_module.html + + +#### Base Command + +`linux-openssh-cert` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the host or user certificate should exist or not, taking action if the state is different from what is stated. Possible values are: present, absent. Default is present. | Optional | +| type | Whether the module should generate a host or a user certificate.
Required if `state` is `present`. Possible values are: host, user. | Optional | +| force | Should the certificate be regenerated even if it already exists and is valid. Possible values are: Yes, No. Default is No. | Optional | +| path | Path of the file containing the certificate. | Required | +| signing_key | The path to the private openssh key that is used for signing the public key in order to generate the certificate.
Required if `state` is `present`. | Optional | +| public_key | The path to the public key that will be signed with the signing key in order to generate the certificate.
Required if `state` is `present`. | Optional | +| valid_from | The point in time the certificate is valid from. Time can be specified either as relative time or as absolute timestamp. Time will always be interpreted as UTC. Valid formats are: `[+-]timespec \| YYYY-MM-DD \| YYYY-MM-DDTHH:MM:SS \| YYYY-MM-DD HH:MM:SS \| always` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`. Note that if using relative time this module is NOT idempotent.
Required if `state` is `present`. | Optional | +| valid_to | The point in time the certificate is valid to. Time can be specified either as relative time or as absolute timestamp. Time will always be interpreted as UTC. Valid formats are: `[+-]timespec \| YYYY-MM-DD \| YYYY-MM-DDTHH:MM:SS \| YYYY-MM-DD HH:MM:SS \| forever` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`. Note that if using relative time this module is NOT idempotent.
Required if `state` is `present`. | Optional | +| valid_at | Check if the certificate is valid at a certain point in time. If it is not the certificate will be regenerated. Time will always be interpreted as UTC. Mainly to be used with relative timespec for `valid_from` and / or `valid_to`. Note that if using relative time this module is NOT idempotent. | Optional | +| principals | Certificates may be limited to be valid for a set of principal (user/host) names. By default, generated certificates are valid for all users or hosts. | Optional | +| options | Specify certificate options when signing a key. The option that are valid for user certificates are:
`clear`: Clear all enabled permissions. This is useful for clearing the default set of permissions so permissions may be added individually.
`force-command=command`: Forces the execution of command instead of any shell or command specified by the user when the certificate is used for authentication.
`no-agent-forwarding`: Disable ssh-agent forwarding (permitted by default).
`no-port-forwarding`: Disable port forwarding (permitted by default).
`no-pty Disable`: PTY allocation (permitted by default).
`no-user-rc`: Disable execution of `~/.ssh/rc` by sshd (permitted by default).
`no-x11-forwarding`: Disable X11 forwarding (permitted by default)
`permit-agent-forwarding`: Allows ssh-agent forwarding.
`permit-port-forwarding`: Allows port forwarding.
`permit-pty`: Allows PTY allocation.
`permit-user-rc`: Allows execution of `~/.ssh/rc` by sshd.
`permit-x11-forwarding`: Allows X11 forwarding.
`source-address=address_list`: Restrict the source addresses from which the certificate is considered valid. The `address_list` is a comma-separated list of one or more address/netmask pairs in CIDR format.
At present, no options are valid for host keys. | Optional | +| identifier | Specify the key identity when signing a public key. The identifier that is logged by the server when the certificate is used for authentication. | Optional | +| serial_number | Specify the certificate serial number. The serial number is logged by the server when the certificate is used for authentication. The certificate serial number may be used in a KeyRevocationList. The serial number may be omitted for checks, but must be specified again for a new certificate. Note: The default value set by ssh-keygen is 0. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.OpensshCert.type | string | type of the certificate \(host or user\) | +| Linux.OpensshCert.filename | string | path to the certificate | +| Linux.OpensshCert.info | unknown | Information about the certificate. Output of \`ssh-keygen -L -f\`. | + + + +### linux-openssh-keypair +*** +Generate OpenSSH private and public keys. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssh_keypair_module.html + + +#### Base Command + +`linux-openssh-keypair` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the private and public keys should exist or not, taking action if the state is different from what is stated. Possible values are: present, absent. Default is present. | Optional | +| size | Specifies the number of bits in the private key to create. For RSA keys, the minimum size is 1024 bits and the default is 4096 bits. Generally, 2048 bits is considered sufficient. DSA keys must be exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, size determines the key length by selecting from one of three elliptic curve sizes: 256, 384 or 521 bits. Attempting to use bit lengths other than these three values for ECDSA keys will cause this module to fail. Ed25519 keys have a fixed length and the size will be ignored. | Optional | +| type | The algorithm used to generate the SSH private key. `rsa1` is for protocol version 1. `rsa1` is deprecated and may not be supported by every version of ssh-keygen. Possible values are: rsa, dsa, rsa1, ecdsa, ed25519. Default is rsa. | Optional | +| force | Should the key be regenerated even if it already exists. Possible values are: Yes, No. Default is No. | Optional | +| path | Name of the files containing the public and private key. The file containing the public key will have the extension `.pub`. | Required | +| comment | Provides a new comment to the public key. When checking if the key is in the correct state this will be ignored. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.OpensshKeypair.size | number | Size \(in bits\) of the SSH private key | +| Linux.OpensshKeypair.type | string | Algorithm used to generate the SSH private key | +| Linux.OpensshKeypair.filename | string | Path to the generated SSH private key file | +| Linux.OpensshKeypair.fingerprint | string | The fingerprint of the key. | +| Linux.OpensshKeypair.public_key | string | The public key of the generated SSH private key | +| Linux.OpensshKeypair.comment | string | The comment of the generated key | + + +#### Command Example +```!linux-openssh-keypair host="123.123.123.123" path="/tmp/id_ssh_rsa" ``` + +#### Context Example +```json +{ + "Linux": { + "OpensshKeypair": { + "changed": false, + "comment": "", + "filename": "/tmp/id_ssh_rsa", + "fingerprint": "SHA256:vlhiKW0d9Ud7gFGnUOFCEYl3c3B/XcFtEiz2JggpXnw", + "host": "123.123.123.123", + "public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDI5EKvHE4IhXqNA5zgWqbmYXxGdTKLuU0UQ4THQCnvMGR1BnfikSK+kT33Iq9wi3btoKoeqrgE8TMPb4On69akaPNnOgi2Dk+l0OoQBzIvn9m3RqvrtUFUDLTNckt/lrNIeIk3KXu22fcp0qoIgMNJmjYcY6Qbm8pCcVbXp6X3nbqk3glI2sTkM25UxbOLnbbyGrUMfUfAWGWC1wyyQktSc/5j41aZlvUhv/x54DBL8ASa/OeMxn9DboIm2flp+JgqDIm8rZXIucZjT6tool3XYseNJ0UxykQsAx36Gw2HGOXJbukiDlS0X5ifuj412uSh+g+UDvlaEjDhYasW2m7geDlZEJkSduELPar8pDP7RAqN3YIbv+zD+bOfZeSrxSzfIF103hcv+pAVXWqCwMSN1mSVdnuI9FLmTQ6a2TGE9OBwjbn+k2Vlxn0+aMZrT6R+M6rNsfUGLZRQviN+y8tvYDhsXmJhkhHo4XmdYRJmnHzWEETvboakATbTsqUVheyLS3tPgn7guDAQw67RBc/D7zPw6fuf9Xw9IhwqwH/MySskqsz3B7leuiYPqBaijAKw3Wdn1VmhszHC8kJL2RaEmTp4gNmMMp1H4V2zfH1f+jSG4gfwqJe/3xeNlBsKDvKDik5TRt6fzSlNbgvEOfijlABRU3rjg+kEUFvzHPcp1Q==", + "size": 4096, + "status": "SUCCESS", + "type": "rsa" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * comment: +> * filename: /tmp/id_ssh_rsa +> * fingerprint: SHA256:vlhiKW0d9Ud7gFGnUOFCEYl3c3B/XcFtEiz2JggpXnw +> * public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDI5EKvHE4IhXqNA5zgWqbmYXxGdTKLuU0UQ4THQCnvMGR1BnfikSK+kT33Iq9wi3btoKoeqrgE8TMPb4On69akaPNnOgi2Dk+l0OoQBzIvn9m3RqvrtUFUDLTNckt/lrNIeIk3KXu22fcp0qoIgMNJmjYcY6Qbm8pCcVbXp6X3nbqk3glI2sTkM25UxbOLnbbyGrUMfUfAWGWC1wyyQktSc/5j41aZlvUhv/x54DBL8ASa/OeMxn9DboIm2flp+JgqDIm8rZXIucZjT6tool3XYseNJ0UxykQsAx36Gw2HGOXJbukiDlS0X5ifuj412uSh+g+UDvlaEjDhYasW2m7geDlZEJkSduELPar8pDP7RAqN3YIbv+zD+bOfZeSrxSzfIF103hcv+pAVXWqCwMSN1mSVdnuI9FLmTQ6a2TGE9OBwjbn+k2Vlxn0+aMZrT6R+M6rNsfUGLZRQviN+y8tvYDhsXmJhkhHo4XmdYRJmnHzWEETvboakATbTsqUVheyLS3tPgn7guDAQw67RBc/D7zPw6fuf9Xw9IhwqwH/MySskqsz3B7leuiYPqBaijAKw3Wdn1VmhszHC8kJL2RaEmTp4gNmMMp1H4V2zfH1f+jSG4gfwqJe/3xeNlBsKDvKDik5TRt6fzSlNbgvEOfijlABRU3rjg+kEUFvzHPcp1Q== +> * size: 4096 +> * type: rsa + + +### linux-acl +*** +Set and retrieve file ACL information. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/acl_module.html + + +#### Base Command + +`linux-acl` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The full path of the file or object. | Required | +| state | Define whether the ACL should be present or not.
The `query` state gets the current ACL without changing it, for use in `register` operations. Possible values are: absent, present, query. Default is query. | Optional | +| follow | Whether to follow symlinks on the path if a symlink is encountered. Possible values are: Yes, No. Default is Yes. | Optional | +| default | If the target is a directory, setting this to `yes` will make it the default ACL for entities created inside the directory.
Setting `default` to `yes` causes an error if the path is a file. Possible values are: Yes, No. Default is No. | Optional | +| entity | The actual user or group that the ACL applies to when matching entity types user or group are selected. | Optional | +| etype | The entity type of the ACL to apply, see `setfacl` documentation for more info. Possible values are: group, mask, other, user. | Optional | +| permissions | The permissions to apply/remove can be any combination of `r`, `w` and `x` (read, write and execute respectively). | Optional | +| entry | DEPRECATED.
The ACL to set or remove.
This must always be quoted in the form of `<etype>:<qualifier>:<perms>`.
The qualifier may be empty for some types, but the type and perms are always required.
`-` can be used as placeholder when you do not care about permissions.
This is now superseded by entity, type and permissions fields. | Optional | +| recursive | Recursively sets the specified ACL.
Incompatible with `state=query`. Possible values are: Yes, No. Default is No. | Optional | +| use_nfsv4_acls | Use NFSv4 ACLs instead of POSIX ACLs. Possible values are: Yes, No. Default is No. | Optional | +| recalculate_mask | Select if and when to recalculate the effective right masks of the files.
See `setfacl` documentation for more info.
Incompatible with `state=query`. Possible values are: default, mask, no_mask. Default is default. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Acl.acl | unknown | Current ACL on provided path \(after changes, if any\) | + + + +### linux-archive +*** +Creates a compressed archive of one or more files or trees +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/archive_module.html + + +#### Base Command + +`linux-archive` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Remote absolute path, glob, or list of paths or globs for the file or files to compress or archive. | Required | +| format | The type of compression to use.
Support for xz was added in Ansible 2.5. Possible values are: bz2, gz, tar, xz, zip. Default is gz. | Optional | +| dest | The file name of the destination archive.
This is required when `path` refers to multiple files by either specifying a glob, a directory or multiple paths in a list. | Optional | +| exclude_path | Remote absolute path, glob, or list of paths or globs for the file or files to exclude from the archive. | Optional | +| force_archive | Allow you to force the module to treat this as an archive even if only a single file is specified.
By default behaviour is maintained. i.e A when a single file is specified it is compressed only (not archived). Possible values are: Yes, No. Default is No. | Optional | +| remove | Remove any added source files and trees after adding to archive. Possible values are: Yes, No. Default is No. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Archive.state | string | The current state of the archived file. If 'absent', then no source files were found and the archive does not exist. If 'compress', then the file source file is in the compressed state. If 'archive', then the source file or paths are currently archived. If 'incomplete', then an archive was created, but not all source paths were found. | +| Linux.Archive.missing | unknown | Any files that were missing from the source. | +| Linux.Archive.archived | unknown | Any files that were compressed or added to the archive. | +| Linux.Archive.arcroot | string | The archive root. | +| Linux.Archive.expanded_paths | unknown | The list of matching paths from paths argument. | +| Linux.Archive.expanded_exclude_paths | unknown | The list of matching exclude paths from the exclude_path argument. | + + +### linux-assemble +*** +Assemble configuration files from fragments +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/assemble_module.html + + +#### Base Command + +`linux-assemble` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| src | An already existing directory full of source files. | Required | +| dest | A file to create using the concatenation of all of the source files. | Required | +| backup | Create a backup file (if `yes`), including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| delimiter | A delimiter to separate the file contents. | Optional | +| remote_src | If `no`, it will search for src at originating/master machine.
If `yes`, it will go to the remote/target machine for the src. Possible values are: Yes, No. Default is No. | Optional | +| regexp | Assemble files only if `regex` matches the filename.
If not set, all files are assembled.
Every "\" (backslash) must be escaped as "\\" to comply to YAML syntax.
Uses `Python regular expressions,http://docs.python.org/2/library/re.html`. | Optional | +| ignore_hidden | A boolean that controls if files that start with a '.' will be included or not. Possible values are: Yes, No. Default is No. | Optional | +| validate | The validation command to run before copying into place.
The path to the file to validate is passed in via '%s' which must be present as in the sshd example below.
The command is passed securely so shell features like expansion and pipes won't work. | Optional | +| decrypt | This option controls the autodecryption of source files using vault. Possible values are: Yes, No. Default is Yes. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-blockinfile +*** +Insert/update/remove a text block surrounded by marker lines +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/blockinfile_module.html + + +#### Base Command + +`linux-blockinfile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The file to modify.
Before Ansible 2.3 this option was only usable as `dest`, `destfile` and `name`. | Required | +| state | Whether the block should be there or not. Possible values are: absent, present. Default is present. | Optional | +| marker | The marker line template.
`{mark}` will be replaced with the values `in marker_begin` (default="BEGIN") and `marker_end` (default="END").
Using a custom marker without the `{mark}` variable may result in the block being repeatedly inserted on subsequent playbook runs. Default is # {mark} ANSIBLE MANAGED BLOCK. | Optional | +| block | The text to insert inside the marker lines.
If it is missing or an empty string, the block will be removed as if `state` were specified to `absent`. | Optional | +| insertafter | If specified, the block will be inserted after the last match of specified regular expression.
A special value is available; `EOF` for inserting the block at the end of the file.
If specified regular expression has no matches, `EOF` will be used instead. Possible values are: EOF, *regex*. Default is EOF. | Optional | +| insertbefore | If specified, the block will be inserted before the last match of specified regular expression.
A special value is available; `BOF` for inserting the block at the beginning of the file.
If specified regular expression has no matches, the block will be inserted at the end of the file. Possible values are: BOF, *regex*. | Optional | +| create | Create a new file if it does not exist. Possible values are: Yes, No. Default is No. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| marker_begin | This will be inserted at `{mark}` in the opening ansible block marker. Default is BEGIN. | Optional | +| marker_end | This will be inserted at `{mark}` in the closing ansible block marker. Default is END. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | +| validate | The validation command to run before copying into place.
The path to the file to validate is passed in via '%s' which must be present as in the examples below.
The command is passed securely so shell features like expansion and pipes will not work. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-file +*** +Manage files and file properties +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/file_module.html + + +#### Base Command + +`linux-file` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to the file being managed. | Required | +| state | If `absent`, directories will be recursively deleted, and files or symlinks will be unlinked. In the case of a directory, if `diff` is declared, you will see the files and folders deleted listed under `path_contents`. Note that `absent` will not cause `file` to fail if the `path` does not exist as the state did not change.
If `directory`, all intermediate subdirectories will be created if they do not exist. Since Ansible 1.7 they will be created with the supplied permissions.
If `file`, without any other options this works mostly as a 'stat' and will return the current state of `path`. Even with other options (i.e `mode`), the file will be modified but will NOT be created if it does not exist; see the `touch` value or the `copy` or `template` module if you want that behavior.
If `hard`, the hard link will be created or changed.
If `link`, the symbolic link will be created or changed.
If `touch` (new in 1.4), an empty file will be created if the `path` does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way `touch` works from the command line). Possible values are: absent, directory, file, hard, link, touch. Default is file. | Optional | +| src | Path of the file to link to.
This applies only to `state=link` and `state=hard`.
For `state=link`, this will also accept a non-existing path.
Relative paths are relative to the file being created (`path`) which is how the Unix command `ln -s SRC DEST` treats relative paths. | Optional | +| recurse | Recursively set the specified file attributes on directory contents.
This applies only when `state` is set to `directory`. Possible values are: Yes, No. Default is No. | Optional | +| force | Force the creation of the symlinks in two cases: the source file does not exist (but will appear later); the destination exists and is a file (so, we need to unlink the `path` file and create symlink to the `src` file in place of it). Possible values are: Yes, No. Default is No. | Optional | +| follow | This flag indicates that filesystem links, if they exist, should be followed.
Previous to Ansible 2.5, this was `no` by default. Possible values are: Yes, No. Default is Yes. | Optional | +| modification_time | This parameter indicates the time the file's modification time should be set to.
Should be `preserve` when no modification is required, `YYYYMMDDHHMM.SS` when using default time format, or `now`.
Default is None meaning that `preserve` is the default for `state=[file,directory,link,hard]` and `now` is default for `state=touch`. | Optional | +| modification_time_format | When used with `modification_time`, indicates the time format that must be used.
Based on default Python format (see time.strftime doc). Default is %Y%m%d%H%M.%S. | Optional | +| access_time | This parameter indicates the time the file's access time should be set to.
Should be `preserve` when no modification is required, `YYYYMMDDHHMM.SS` when using default time format, or `now`.
Default is `None` meaning that `preserve` is the default for `state=[file,directory,link,hard]` and `now` is default for `state=touch`. | Optional | +| access_time_format | When used with `access_time`, indicates the time format that must be used.
Based on default Python format (see time.strftime doc). Default is %Y%m%d%H%M.%S. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-find +*** +Return a list of files based on specific criteria +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/find_module.html + + +#### Base Command + +`linux-find` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| age | Select files whose age is equal to or greater than the specified time.
Use a negative age to find files equal to or less than the specified time.
You can choose seconds, minutes, hours, days, or weeks by specifying the first letter of any of those words (e.g., "1w"). | Optional | +| patterns | One or more (shell or regex) patterns, which type is controlled by `use_regex` option.
The patterns restrict the list of files to be returned to those whose basenames match at least one of the patterns specified. Multiple patterns can be specified using a list.
The pattern is matched against the file base name, excluding the directory.
When using regexen, the pattern MUST match the ENTIRE file name, not just parts of it. So if you are looking to match all files ending in .default, you'd need to use '.*\.default' as a regexp and not just '\.default'.
This parameter expects a list, which can be either comma separated or YAML. If any of the patterns contain a comma, make sure to put them in a list to avoid splitting the patterns in undesirable ways.
Defaults to '*' when `use_regex=False`, or '.*' when `use_regex=True`. | Optional | +| excludes | One or more (shell or regex) patterns, which type is controlled by `use_regex` option.
Items whose basenames match an `excludes` pattern are culled from `patterns` matches. Multiple patterns can be specified using a list. | Optional | +| contains | A regular expression or pattern which should be matched against the file content. | Optional | +| paths | List of paths of directories to search. All paths must be fully qualified. | Required | +| file_type | Type of file to select.
The 'link' and 'any' choices were added in Ansible 2.3. Possible values are: any, directory, file, link. Default is file. | Optional | +| recurse | If target is a directory, recursively descend into the directory looking for files. Possible values are: Yes, No. Default is No. | Optional | +| size | Select files whose size is equal to or greater than the specified size.
Use a negative size to find files equal to or less than the specified size.
Unqualified values are in bytes but b, k, m, g, and t can be appended to specify bytes, kilobytes, megabytes, gigabytes, and terabytes, respectively.
Size is not evaluated for directories. | Optional | +| age_stamp | Choose the file property against which we compare age. Possible values are: atime, ctime, mtime. Default is mtime. | Optional | +| hidden | Set this to `yes` to include hidden files, otherwise they will be ignored. Possible values are: Yes, No. Default is No. | Optional | +| follow | Set this to `yes` to follow symlinks in path for systems with python 2.6+. Possible values are: Yes, No. Default is No. | Optional | +| get_checksum | Set this to `yes` to retrieve a file's SHA1 checksum. Possible values are: Yes, No. Default is No. | Optional | +| use_regex | If `no`, the patterns are file globs (shell).
If `yes`, they are python regexes. Possible values are: Yes, No. Default is No. | Optional | +| depth | Set the maximum number of levels to descend into.
Setting recurse to `no` will override this value, which is effectively depth 1.
Default is unlimited depth. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Find.files | unknown | All matches found with the specified criteria \(see stat module for full output of each dictionary\) | +| Linux.Find.matched | number | Number of matches | +| Linux.Find.examined | number | Number of filesystem objects looked at | + + +#### Command Example +```!linux-find host="123.123.123.123" paths="/tmp" age="2d" recurse="True" ``` + +#### Context Example +```json +{ + "Linux": { + "Find": { + "changed": false, + "examined": 18, + "files": [], + "host": "123.123.123.123", + "matched": 0, + "msg": "", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * examined: 18 +> * matched: 0 +> * msg: +> * ## Files + + +### linux-ini-file +*** +Tweak settings in INI files +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/ini_file_module.html + + +#### Base Command + +`linux-ini-file` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to the INI-style file; this file is created if required.
Before Ansible 2.3 this option was only usable as `dest`. | Required | +| section | Section name in INI file. This is added if `state=present` automatically when a single value is being set.
If left empty or set to `null`, the `option` will be placed before the first `section`.
Using `null` is also required if the config format does not support sections. | Required | +| option | If set (required for changing a `value`), this is the name of the option.
May be omitted if adding/removing a whole `section`. | Optional | +| value | The string value to be associated with an `option`.
May be omitted when removing an `option`. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| state | If set to `absent` the option or section will be removed if present instead of created. Possible values are: absent, present. Default is present. | Optional | +| no_extra_spaces | Do not insert spaces before and after '=' symbol. Possible values are: Yes, No. Default is No. | Optional | +| create | If set to `no`, the module will fail if the file does not already exist.
By default it will create the file if it is missing. Possible values are: Yes, No. Default is Yes. | Optional | +| allow_no_value | Allow option without value and without '=' symbol. Possible values are: Yes, No. Default is No. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-ini-file host="123.123.123.123" path="/etc/conf" section="drinks" option="fav" value="lemonade" mode="0600" backup="True" ``` + +#### Context Example +```json +{ + "Linux": { + "IniFile": { + "changed": false, + "gid": 0, + "group": "root", + "host": "123.123.123.123", + "mode": "0600", + "msg": "OK", + "owner": "root", + "path": "/etc/conf", + "secontext": "system_u:object_r:etc_t:s0", + "size": 25, + "state": "file", + "status": "SUCCESS", + "uid": 0 + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * gid: 0 +> * group: root +> * mode: 0600 +> * msg: OK +> * owner: root +> * path: /etc/conf +> * secontext: system_u:object_r:etc_t:s0 +> * size: 25 +> * state: file +> * uid: 0 + + +### linux-iso-extract +*** +Extract files from an ISO image +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/iso_extract_module.html + + +#### Base Command + +`linux-iso-extract` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| image | The ISO image to extract files from. | Required | +| dest | The destination directory to extract files to. | Required | +| files | A list of files to extract from the image.
Extracting directories does not work. | Required | +| force | If `yes`, which will replace the remote file when contents are different than the source.
If `no`, the file will only be extracted and copied if the destination does not already exist.
Alias `thirsty` has been deprecated and will be removed in 2.13. Possible values are: Yes, No. Default is Yes. | Optional | +| executable | The path to the `7z` executable to use for extracting files from the ISO. Default is 7z. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-lineinfile +*** +Manage lines in text files +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/lineinfile_module.html + + +#### Base Command + +`linux-lineinfile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The file to modify.
Before Ansible 2.3 this option was only usable as `dest`, `destfile` and `name`. | Required | +| regexp | The regular expression to look for in every line of the file.
For `state=present`, the pattern to replace if found. Only the last line found will be replaced.
For `state=absent`, the pattern of the line(s) to remove.
If the regular expression is not matched, the line will be added to the file in keeping with `insertbefore` or `insertafter` settings.
When modifying a line the regexp should typically match both the initial state of the line as well as its state after replacement by `line` to ensure idempotence.
Uses Python regular expressions. See `http://docs.python.org/2/library/re.html`. | Optional | +| state | Whether the line should be there or not. Possible values are: absent, present. Default is present. | Optional | +| line | The line to insert/replace into the file.
Required for `state=present`.
If `backrefs` is set, may contain backreferences that will get expanded with the `regexp` capture groups if the regexp matches. | Optional | +| backrefs | Used with `state=present`.
If set, `line` can contain backreferences (both positional and named) that will get populated if the `regexp` matches.
This parameter changes the operation of the module slightly; `insertbefore` and `insertafter` will be ignored, and if the `regexp` does not match anywhere in the file, the file will be left unchanged.
If the `regexp` does match, the last matching line will be replaced by the expanded line parameter. Possible values are: Yes, No. Default is No. | Optional | +| insertafter | Used with `state=present`.
If specified, the line will be inserted after the last match of specified regular expression.
If the first match is required, use(firstmatch=yes).
A special value is available; `EOF` for inserting the line at the end of the file.
If specified regular expression has no matches, EOF will be used instead.
If `insertbefore` is set, default value `EOF` will be ignored.
If regular expressions are passed to both `regexp` and `insertafter`, `insertafter` is only honored if no match for `regexp` is found.
May not be used with `backrefs` or `insertbefore`. Possible values are: EOF, *regex*. Default is EOF. | Optional | +| insertbefore | Used with `state=present`.
If specified, the line will be inserted before the last match of specified regular expression.
If the first match is required, use `firstmatch=yes`.
A value is available; `BOF` for inserting the line at the beginning of the file.
If specified regular expression has no matches, the line will be inserted at the end of the file.
If regular expressions are passed to both `regexp` and `insertbefore`, `insertbefore` is only honored if no match for `regexp` is found.
May not be used with `backrefs` or `insertafter`. Possible values are: BOF, *regex*. | Optional | +| create | Used with `state=present`.
If specified, the file will be created if it does not already exist.
By default it will fail if the file is missing. Possible values are: Yes, No. Default is No. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| firstmatch | Used with `insertafter` or `insertbefore`.
If set, `insertafter` and `insertbefore` will work with the first line that matches the given regular expression. Possible values are: Yes, No. Default is No. | Optional | +| others | All arguments accepted by the `file` module also work here. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | +| validate | The validation command to run before copying into place.
The path to the file to validate is passed in via '%s' which must be present as in the examples below.
The command is passed securely so shell features like expansion and pipes will not work. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-lineinfile host="123.123.123.123" path="/etc/selinux/config" regexp="^SELINUX=" line="SELINUX=enforcing" ``` + +#### Context Example +```json +{ + "Linux": { + "Lineinfile": { + "backup": "", + "changed": false, + "host": "123.123.123.123", + "msg": "", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * backup: +> * changed: False +> * msg: + + +### linux-replace +*** +Replace all instances of a particular string in a file using a back-referenced regular expression +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/replace_module.html + + +#### Base Command + +`linux-replace` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The file to modify.
Before Ansible 2.3 this option was only usable as `dest`, `destfile` and `name`. | Required | +| regexp | The regular expression to look for in the contents of the file.
Uses Python regular expressions; see `http://docs.python.org/2/library/re.html`.
Uses MULTILINE mode, which means `^` and `$` match the beginning and end of the file, as well as the beginning and end respectively of `each line` of the file.
Does not use DOTALL, which means the `.` special character matches any character `except newlines`. A common mistake is to assume that a negated character set like `[^#]` will also not match newlines.
In order to exclude newlines, they must be added to the set like `[^#\n]`.
Note that, as of Ansible 2.0, short form tasks should have any escape sequences backslash-escaped in order to prevent them being parsed as string literal escapes. See the examples. | Required | +| replace | The string to replace regexp matches.
May contain backreferences that will get expanded with the regexp capture groups if the regexp matches.
If not set, matches are removed entirely.
Backreferences can be used ambiguously like `\1`, or explicitly like `\g<1>`. | Optional | +| after | If specified, only content after this match will be replaced/removed.
Can be used in combination with `before`.
Uses Python regular expressions; see `http://docs.python.org/2/library/re.html`.
Uses DOTALL, which means the `.` special character `can match newlines`. | Optional | +| before | If specified, only content before this match will be replaced/removed.
Can be used in combination with `after`.
Uses Python regular expressions; see `http://docs.python.org/2/library/re.html`.
Uses DOTALL, which means the `.` special character `can match newlines`. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| others | All arguments accepted by the `file` module also work here. | Optional | +| encoding | The character encoding for reading and writing the file. Default is utf-8. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | +| validate | The validation command to run before copying into place.
The path to the file to validate is passed in via '%s' which must be present as in the examples below.
The command is passed securely so shell features like expansion and pipes will not work. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-replace host="123.123.123.123" path="/etc/hosts" regexp="(\\s+)old\\.host\\.name(\\s+.*)?$" replace="\\1new.host.name\\2" ``` + +#### Context Example +```json +{ + "Linux": { + "Replace": { + "changed": false, + "host": "123.123.123.123", + "msg": "", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * msg: + + +### linux-stat +*** +Retrieve file or file system status +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/stat_module.html + + +#### Base Command + +`linux-stat` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The full path of the file/object to get the facts of. | Required | +| follow | Whether to follow symlinks. Possible values are: Yes, No. Default is No. | Optional | +| get_checksum | Whether to return a checksum of the file. Possible values are: Yes, No. Default is Yes. | Optional | +| checksum_algorithm | Algorithm to determine checksum of file.
Will throw an error if the host is unable to use specified algorithm.
The remote host has to support the hashing method specified, `md5` can be unavailable if the host is FIPS-140 compliant. Possible values are: md5, sha1, sha224, sha256, sha384, sha512. Default is sha1. | Optional | +| get_mime | Use file magic and return data about the nature of the file. this uses the 'file' utility found on most Linux/Unix systems.
This will add both `mime_type` and 'charset' fields to the return, if possible.
In Ansible 2.3 this option changed from 'mime' to 'get_mime' and the default changed to 'Yes'. Possible values are: Yes, No. Default is Yes. | Optional | +| get_attributes | Get file attributes using lsattr tool if present. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Stat.stat | unknown | dictionary containing all the stat data, some platforms might add additional fields | + + +#### Command Example +```!linux-stat host="123.123.123.123" path="/etc/foo.conf" ``` + +#### Context Example +```json +{ + "Linux": { + "Stat": { + "exists": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * exists: False + + +### linux-synchronize +*** +A wrapper around rsync to make common tasks in your playbooks quick and easy +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/synchronize_module.html + + +#### Base Command + +`linux-synchronize` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| src | Path on the source host that will be synchronized to the destination.
The path can be absolute or relative. | Required | +| dest | Path on the destination host that will be synchronized from the source.
The path can be absolute or relative. | Required | +| dest_port | Port number for ssh on the destination host.
Prior to Ansible 2.0, the ansible_ssh_port inventory var took precedence over this value.
This parameter defaults to the value of `ansible_ssh_port` or `ansible_port`, the `remote_port` config setting or the value from ssh client configuration if none of the former have been set. | Optional | +| mode | Specify the direction of the synchronization.
In push mode the localhost or delegate is the source.
In pull mode the remote host in context is the source. Possible values are: pull, push. Default is push. | Optional | +| archive | Mirrors the rsync archive flag, enables recursive, links, perms, times, owner, group flags and -D. Possible values are: Yes, No. Default is Yes. | Optional | +| checksum | Skip based on checksum, rather than mod-time & size; Note that that "archive" option is still enabled by default - the "checksum" option will not disable it. Possible values are: Yes, No. Default is No. | Optional | +| compress | Compress file data during the transfer.
In most cases, leave this enabled unless it causes problems. Possible values are: Yes, No. Default is Yes. | Optional | +| existing_only | Skip creating new files on receiver. Possible values are: Yes, No. Default is No. | Optional | +| delete | Delete files in `dest` that don't exist (after transfer, not before) in the `src` path.
This option requires `recursive=yes`.
This option ignores excluded files and behaves like the rsync opt --delete-excluded. Possible values are: Yes, No. Default is No. | Optional | +| dirs | Transfer directories without recursing. Possible values are: Yes, No. Default is No. | Optional | +| recursive | Recurse into directories.
This parameter defaults to the value of the archive option. | Optional | +| links | Copy symlinks as symlinks.
This parameter defaults to the value of the archive option. | Optional | +| copy_links | Copy symlinks as the item that they point to (the referent) is copied, rather than the symlink. Possible values are: Yes, No. Default is No. | Optional | +| perms | Preserve permissions.
This parameter defaults to the value of the archive option. | Optional | +| times | Preserve modification times.
This parameter defaults to the value of the archive option. | Optional | +| owner | Preserve owner (super user only).
This parameter defaults to the value of the archive option. | Optional | +| group | Preserve group.
This parameter defaults to the value of the archive option. | Optional | +| rsync_path | Specify the rsync command to run on the remote host. See `--rsync-path` on the rsync man page.
To specify the rsync command to run on the local host, you need to set this your task var `ansible_rsync_path`. | Optional | +| rsync_timeout | Specify a `--timeout` for the rsync command in seconds. Default is 0. | Optional | +| set_remote_user | Put user@ for the remote paths.
If you have a custom ssh config to define the remote user for a host that does not match the inventory user, you should set this parameter to `no`. Possible values are: Yes, No. Default is Yes. | Optional | +| use_ssh_args | Use the ssh_args specified in ansible.cfg. Possible values are: Yes, No. Default is No. | Optional | +| rsync_opts | Specify additional rsync options by passing in an array.
Note that an empty string in `rsync_opts` will end up transfer the current working directory. | Optional | +| partial | Tells rsync to keep the partial file which should make a subsequent transfer of the rest of the file much faster. Possible values are: Yes, No. Default is No. | Optional | +| verify_host | Verify destination host key. Possible values are: Yes, No. Default is No. | Optional | +| private_key | Specify the private key to use for SSH-based rsync connections (e.g. `~/.ssh/id_rsa`). | Optional | +| link_dest | Add a destination to hard link against during the rsync. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-tempfile +*** +Creates temporary files and directories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/tempfile_module.html + + +#### Base Command + +`linux-tempfile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether to create file or directory. Possible values are: directory, file. Default is file. | Optional | +| path | Location where temporary file or directory should be created.
If path is not specified, the default system temporary directory will be used. | Optional | +| prefix | Prefix of file/directory name created by module. Default is ansible.. | Optional | +| suffix | Suffix of file/directory name created by module. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Tempfile.path | string | Path to created file or directory | + + +#### Command Example +```!linux-tempfile host="123.123.123.123" state="directory" suffix="build" ``` + +#### Context Example +```json +{ + "Linux": { + "Tempfile": { + "changed": true, + "gid": 0, + "group": "root", + "host": "123.123.123.123", + "mode": "0700", + "owner": "root", + "path": "/tmp/ansible.eehilh3tbuild", + "secontext": "unconfined_u:object_r:user_tmp_t:s0", + "size": 6, + "state": "directory", + "status": "CHANGED", + "uid": 0 + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * gid: 0 +> * group: root +> * mode: 0700 +> * owner: root +> * path: /tmp/ansible.eehilh3tbuild +> * secontext: unconfined_u:object_r:user_tmp_t:s0 +> * size: 6 +> * state: directory +> * uid: 0 + + +### linux-unarchive +*** +Unpacks an archive after (optionally) copying it from the local machine. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/unarchive_module.html + + +#### Base Command + +`linux-unarchive` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| src | If `remote_"src"=no` (default), local path to archive file to copy to the target server; can be absolute or relative. If `remote_"src"=yes`, path on the target server to existing archive file to unpack.
If `remote_"src"=yes` and `src` contains `://`, the remote machine will download the file from the URL first. (version_added 2.0). This is only for simple cases, for full download support use the `get_url` module. | Required | +| dest | Remote absolute path where the archive should be unpacked. | Required | +| copy | If true, the file is copied from local 'master' to the target machine, otherwise, the plugin will look for src archive at the target machine.
This option has been deprecated in favor of `remote_src`.
This option is mutually exclusive with `remote_src`. Possible values are: Yes, No. Default is Yes. | Optional | +| creates | If the specified absolute path (file or directory) already exists, this step will `not` be run. | Optional | +| list_files | If set to True, return the list of files that are contained in the tarball. Possible values are: Yes, No. Default is No. | Optional | +| exclude | List the directory and file entries that you would like to exclude from the unarchive action. | Optional | +| keep_newer | Do not replace existing files that are newer than files from the archive. Possible values are: Yes, No. Default is No. | Optional | +| extra_opts | Specify additional options by passing in an array.
Each space-separated command-line option should be a new element of the array. See examples.
Command-line options with multiple elements must use multiple lines in the array, one for each element. | Optional | +| remote_src | Set to `yes` to indicate the archived file is already on the remote system and not local to the Ansible controller.
This option is mutually exclusive with `copy`. Possible values are: Yes, No. Default is No. | Optional | +| validate_certs | This only applies if using a https URL as the source of the file.
This should only set to `no` used on personally controlled sites using self-signed certificate.
Prior to 2.2 the code worked as if this was set to `yes`. Possible values are: Yes, No. Default is Yes. | Optional | +| decrypt | This option controls the autodecryption of source files using vault. Possible values are: Yes, No. Default is Yes. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-xml +*** +Manage bits and pieces of XML files or strings +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/xml_module.html + + +#### Base Command + +`linux-xml` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to the file to operate on.
This file must exist ahead of time.
This parameter is required, unless `xmlstring` is given. | Required | +| xmlstring | A string containing XML on which to operate.
This parameter is required, unless `path` is given. | Required | +| xpath | A valid XPath expression describing the item(s) you want to manipulate.
Operates on the document root, `/`, by default. | Optional | +| namespaces | The namespace `prefix:uri` mapping for the XPath expression.
Needs to be a `dict`, not a `list` of items. | Optional | +| state | Set or remove an xpath selection (node(s), attribute(s)). Possible values are: absent, present. Default is present. | Optional | +| attribute | The attribute to select when using parameter `value`.
This is a string, not prepended with `@`. | Optional | +| value | Desired state of the selected attribute.
Either a string, or to unset a value, the Python `None` keyword (YAML Equivalent, `null`).
Elements default to no value (but present).
Attributes default to an empty string. | Optional | +| add_children | Add additional child-element(s) to a selected element for a given `xpath`.
Child elements must be given in a list and each item may be either a string (eg. `children=ansible` to add an empty `<ansible/>` child element), or a hash where the key is an element name and the value is the element value.
This parameter requires `xpath` to be set. | Optional | +| set_children | Set the child-element(s) of a selected element for a given `xpath`.
Removes any existing children.
Child elements must be specified as in `add_children`.
This parameter requires `xpath` to be set. | Optional | +| count | Search for a given `xpath` and provide the count of any matches.
This parameter requires `xpath` to be set. Possible values are: Yes, No. Default is No. | Optional | +| print_match | Search for a given `xpath` and print out any matches.
This parameter requires `xpath` to be set. Possible values are: Yes, No. Default is No. | Optional | +| pretty_print | Pretty print XML output. Possible values are: Yes, No. Default is No. | Optional | +| content | Search for a given `xpath` and get content.
This parameter requires `xpath` to be set. Possible values are: attribute, text. | Optional | +| input_type | Type of input for `add_children` and `set_children`. Possible values are: xml, yaml. Default is yaml. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| strip_cdata_tags | Remove CDATA tags surrounding text values.
Note that this might break your XML file if text values contain characters that could be interpreted as XML. Possible values are: Yes, No. Default is No. | Optional | +| insertbefore | Add additional child-element(s) before the first selected element for a given `xpath`.
Child elements must be given in a list and each item may be either a string (eg. `children=ansible` to add an empty `<ansible/>` child element), or a hash where the key is an element name and the value is the element value.
This parameter requires `xpath` to be set. Possible values are: Yes, No. Default is No. | Optional | +| insertafter | Add additional child-element(s) after the last selected element for a given `xpath`.
Child elements must be given in a list and each item may be either a string (eg. `children=ansible` to add an empty `<ansible/>` child element), or a hash where the key is an element name and the value is the element value.
This parameter requires `xpath` to be set. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Xml.actions | unknown | A dictionary with the original xpath, namespaces and state. | +| Linux.Xml.backup_file | string | The name of the backup file that was created | +| Linux.Xml.count | number | The count of xpath matches. | +| Linux.Xml.matches | unknown | The xpath matches found. | +| Linux.Xml.msg | string | A message related to the performed action\(s\). | +| Linux.Xml.xmlstring | string | An XML string of the resulting output. | + + + +### linux-expect +*** +Executes a command and responds to prompts. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/expect_module.html + + +#### Base Command + +`linux-expect` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| command | The command module takes command to run. | Required | +| creates | A filename, when it already exists, this step will `not` be run. | Optional | +| removes | A filename, when it does not exist, this step will `not` be run. | Optional | +| chdir | Change into this directory before running the command. | Optional | +| responses | Mapping of expected string/regex and string to respond with. If the response is a list, successive matches return successive responses. List functionality is new in 2.1. | Required | +| timeout | Amount of time in seconds to wait for the expected strings. Use `null` to disable timeout. Default is 30. | Optional | +| echo | Whether or not to echo out your response strings. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-bower +*** +Manage bower packages with bower +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/bower_module.html + + +#### Base Command + +`linux-bower` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of a bower package to install. | Optional | +| offline | Install packages from local cache, if the packages were installed before. Default is no. | Optional | +| production | Install with --production flag. Default is no. | Optional | +| path | The base path where to install the bower packages. | Required | +| relative_execpath | Relative path to bower executable from install path. | Optional | +| state | The state of the bower package. Possible values are: present, absent, latest. Default is present. | Optional | +| version | The version to be installed. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-bundler +*** +Manage Ruby Gem dependencies with Bundler +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/bundler_module.html + + +#### Base Command + +`linux-bundler` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| executable | The path to the bundler executable. | Optional | +| state | The desired state of the Gem bundle. `latest` updates gems to the most recent, acceptable version. Possible values are: present, latest. Default is present. | Optional | +| chdir | The directory to execute the bundler commands from. This directory needs to contain a valid Gemfile or .bundle/ directory. Default is temporary working directory. | Optional | +| exclude_groups | A list of Gemfile groups to exclude during operations. This only applies when state is `present`. Bundler considers this a 'remembered' property for the Gemfile and will automatically exclude groups in future operations even if `exclude_groups` is not set. | Optional | +| clean | Only applies if state is `present`. If set removes any gems on the target host that are not in the gemfile. Default is no. | Optional | +| gemfile | Only applies if state is `present`. The path to the gemfile to use to install gems. Default is Gemfile in current directory. | Optional | +| local | If set only installs gems from the cache on the target host. Default is no. | Optional | +| deployment_mode | Only applies if state is `present`. If set it will install gems in ./vendor/bundle instead of the default location. Requires a Gemfile.lock file to have been created prior. Default is no. | Optional | +| user_install | Only applies if state is `present`. Installs gems in the local user's cache or for all users. Default is yes. | Optional | +| gem_path | Only applies if state is `present`. Specifies the directory to install the gems into. If `chdir` is set then this path is relative to `chdir`. Default is RubyGems gem paths. | Optional | +| binstub_directory | Only applies if state is `present`. Specifies the directory to install any gem bins files to. When executed the bin files will run within the context of the Gemfile and fail if any required gem dependencies are not installed. If `chdir` is set then this path is relative to `chdir`. | Optional | +| extra_args | A space separated string of additional commands that can be applied to the Bundler command. Refer to the Bundler documentation for more information. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-composer +*** +Dependency Manager for PHP +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/composer_module.html + + +#### Base Command + +`linux-composer` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| command | Composer command like "install", "update" and so on. Default is install. | Optional | +| arguments | Composer arguments like required package, version and so on. | Optional | +| executable | Path to PHP Executable on the remote host, if PHP is not in PATH. | Optional | +| working_dir | Directory of your project (see --working-dir). This is required when the command is not run globally.
Will be ignored if `global_command=true`. | Optional | +| global_command | Runs the specified command globally. Possible values are: Yes, No. Default is No. | Optional | +| prefer_source | Forces installation from package sources when possible (see --prefer-source). Possible values are: Yes, No. Default is No. | Optional | +| prefer_dist | Forces installation from package dist even for dev versions (see --prefer-dist). Possible values are: Yes, No. Default is No. | Optional | +| no_dev | Disables installation of require-dev packages (see --no-dev). Possible values are: Yes, No. Default is Yes. | Optional | +| no_scripts | Skips the execution of all scripts defined in composer.json (see --no-scripts). Possible values are: Yes, No. Default is No. | Optional | +| no_plugins | Disables all plugins ( see --no-plugins ). Possible values are: Yes, No. Default is No. | Optional | +| optimize_autoloader | Optimize autoloader during autoloader dump (see --optimize-autoloader).
Convert PSR-0/4 autoloading to classmap to get a faster autoloader.
Recommended especially for production, but can take a bit of time to run. Possible values are: Yes, No. Default is Yes. | Optional | +| classmap_authoritative | Autoload classes from classmap only.
Implicitely enable optimize_autoloader.
Recommended especially for production, but can take a bit of time to run. Possible values are: Yes, No. Default is No. | Optional | +| apcu_autoloader | Uses APCu to cache found/not-found classes. Possible values are: Yes, No. Default is No. | Optional | +| ignore_platform_reqs | Ignore php, hhvm, lib-* and ext-* requirements and force the installation even if the local machine does not fulfill these. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-cpanm +*** +Manages Perl library dependencies. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/cpanm_module.html + + +#### Base Command + +`linux-cpanm` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the Perl library to install. You may use the "full distribution path", e.g. MIYAGAWA/Plack-0.99_05.tar.gz. | Optional | +| from_path | The local directory from where to install. | Optional | +| notest | Do not run unit tests. Possible values are: Yes, No. Default is No. | Optional | +| locallib | Specify the install base to install modules. | Optional | +| mirror | Specifies the base URL for the CPAN mirror to use. | Optional | +| mirror_only | Use the mirror's index file instead of the CPAN Meta DB. Possible values are: Yes, No. Default is No. | Optional | +| installdeps | Only install dependencies. Possible values are: Yes, No. Default is No. | Optional | +| version | minimum version of perl module to consider acceptable. | Optional | +| system_lib | Use this if you want to install modules to the system perl include path. You must be root or have "passwordless" sudo for this to work.
This uses the cpanm commandline option '--sudo', which has nothing to do with ansible privilege escalation. Possible values are: Yes, No. Default is No. | Optional | +| executable | Override the path to the cpanm executable. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-gem +*** +Manage Ruby gems +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/gem_module.html + + +#### Base Command + +`linux-gem` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the gem to be managed. | Required | +| state | The desired state of the gem. `latest` ensures that the latest version is installed. Possible values are: present, absent, latest. Default is present. | Optional | +| gem_source | The path to a local gem used as installation source. | Optional | +| include_dependencies | Whether to include dependencies or not. Default is yes. | Optional | +| repository | The repository from which the gem will be installed. | Optional | +| user_install | Install gem in user's local gems cache or for all users. Default is yes. | Optional | +| executable | Override the path to the gem executable. | Optional | +| install_dir | Install the gems into a specific directory. These gems will be independent from the global installed ones. Specifying this requires user_install to be false. | Optional | +| env_shebang | Rewrite the shebang line on installed scripts to use /usr/bin/env. Default is no. | Optional | +| version | Version of the gem to be installed/removed. | Optional | +| pre_release | Allow installation of pre-release versions of the gem. Default is no. | Optional | +| include_doc | Install with or without docs. Default is no. | Optional | +| build_flags | Allow adding build flags for gem compilation. | Optional | +| force | Force gem to install, bypassing dependency checks. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-maven-artifact +*** +Downloads an Artifact from a Maven Repository +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/maven_artifact_module.html + + +#### Base Command + +`linux-maven-artifact` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| group_id | The Maven groupId coordinate. | Required | +| artifact_id | The maven artifactId coordinate. | Required | +| version | The maven version coordinate. Default is latest. | Optional | +| classifier | The maven classifier coordinate. | Optional | +| extension | The maven type/extension coordinate. Default is jar. | Optional | +| repository_url | The URL of the Maven Repository to download from.
Use s3://... if the repository is hosted on Amazon S3, added in version 2.2.
Use file://... if the repository is local, added in version 2.6. Default is http://repo1.maven.org/maven2. | Optional | +| username | The username to authenticate as to the Maven Repository. Use AWS secret key of the repository is hosted on S3. | Optional | +| password | The password to authenticate with to the Maven Repository. Use AWS secret access key of the repository is hosted on S3. | Optional | +| headers | Add custom HTTP headers to a request in hash/dict format. | Optional | +| dest | The path where the artifact should be written to
If file mode or ownerships are specified and destination path already exists, they affect the downloaded file. | Required | +| state | The desired state of the artifact. Possible values are: present, absent. Default is present. | Optional | +| timeout | Specifies a timeout in seconds for the connection attempt. Default is 10. | Optional | +| validate_certs | If `no`, SSL certificates will not be validated. This should only be set to `no` when no other option exists. Default is yes. | Optional | +| keep_name | If `yes`, the downloaded artifact's name is preserved, i.e the version number remains part of it.
This option only has effect when `dest` is a directory and `version` is set to `latest`. Default is no. | Optional | +| verify_checksum | If `never`, the md5 checksum will never be downloaded and verified.
If `download`, the md5 checksum will be downloaded and verified only after artifact download. This is the default.
If `change`, the md5 checksum will be downloaded and verified if the destination already exist, to verify if they are identical. This was the behaviour before 2.6. Since it downloads the md5 before (maybe) downloading the artifact, and since some repository software, when acting as a proxy/cache, return a 404 error if the artifact has not been cached yet, it may fail unexpectedly. If you still need it, you should consider using `always` instead - if you deal with a checksum, it is better to use it to verify integrity after download.
`always` combines `download` and `change`. Possible values are: never, download, change, always. Default is download. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-npm +*** +Manage node.js packages with npm +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/npm_module.html + + +#### Base Command + +`linux-npm` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of a node.js library to install. | Optional | +| path | The base path where to install the node.js libraries. | Optional | +| version | The version to be installed. | Optional | +| global | Install the node.js library globally. Possible values are: Yes, No. Default is No. | Optional | +| executable | The executable location for npm.
This is useful if you are using a version manager, such as nvm. | Optional | +| ignore_scripts | Use the `--ignore-scripts` flag when installing. Possible values are: Yes, No. Default is No. | Optional | +| unsafe_perm | Use the `--unsafe-perm` flag when installing. Possible values are: Yes, No. Default is No. | Optional | +| ci | Install packages based on package-lock file, same as running npm ci. Possible values are: Yes, No. Default is No. | Optional | +| production | Install dependencies in production mode, excluding devDependencies. Possible values are: Yes, No. Default is No. | Optional | +| registry | The registry to install modules from. | Optional | +| state | The state of the node.js library. Possible values are: present, absent, latest. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-pear +*** +Manage pear/pecl packages +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pear_module.html + + +#### Base Command + +`linux-pear` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the package to install, upgrade, or remove. | Required | +| state | Desired state of the package. Possible values are: present, absent, latest. Default is present. | Optional | +| executable | Path to the pear executable. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-pip +*** +Manages Python library dependencies +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pip_module.html + + +#### Base Command + +`linux-pip` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of a Python library to install or the url(bzr+,hg+,git+,svn+) of the remote package.
This can be a list (since 2.2) and contain version specifiers (since 2.7). | Optional | +| version | The version number to install of the Python library specified in the `name` parameter. | Optional | +| requirements | The path to a pip requirements file, which should be local to the remote system. File can be specified as a relative path if using the chdir option. | Optional | +| virtualenv | An optional path to a `virtualenv` directory to install into. It cannot be specified together with the 'executable' parameter (added in 2.1). If the virtualenv does not exist, it will be created before installing packages. The optional virtualenv_site_packages, virtualenv_command, and virtualenv_python options affect the creation of the virtualenv. | Optional | +| virtualenv_site_packages | Whether the virtual environment will inherit packages from the global site-packages directory. Note that if this setting is changed on an already existing virtual environment it will not have any effect, the environment must be deleted and newly created. Default is no. | Optional | +| virtualenv_command | The command or a pathname to the command to create the virtual environment with. For example `pyvenv`, `virtualenv`, `virtualenv2`, `~/bin/virtualenv`, `/usr/local/bin/virtualenv`. Default is virtualenv. | Optional | +| virtualenv_python | The Python executable used for creating the virtual environment. For example `python3.5`, `python2.7`. When not specified, the Python version used to run the ansible module is used. This parameter should not be used when `virtualenv_command` is using `pyvenv` or the `-m venv` module. | Optional | +| state | The state of module
The 'forcereinstall' option is only available in Ansible 2.1 and above. Possible values are: absent, forcereinstall, latest, present. Default is present. | Optional | +| extra_args | Extra arguments passed to pip. | Optional | +| editable | Pass the editable flag. Default is no. | Optional | +| chdir | cd into this directory before running the command. | Optional | +| executable | The explicit executable or pathname for the pip executable, if different from the Ansible Python interpreter. For example `pip3.3`, if there are both Python 2.7 and 3.3 installations in the system and you want to run pip for the Python 3.3 installation.
Mutually exclusive with `virtualenv` (added in 2.1).
Does not affect the Ansible Python interpreter.
The setuptools package must be installed for both the Ansible Python interpreter and for the version of Python specified by this option. | Optional | +| umask | The system umask to apply before installing the pip package. This is useful, for example, when installing on systems that have a very restrictive umask by default (e.g., "0077") and you want to pip install packages which are to be used by all users. Note that this requires you to specify desired umask mode as an octal string, (e.g., "0022"). | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Pip.cmd | string | pip command used by the module | +| Linux.Pip.name | unknown | list of python modules targetted by pip | +| Linux.Pip.requirements | string | Path to the requirements file | +| Linux.Pip.version | string | Version of the package specified in 'name' | +| Linux.Pip.virtualenv | string | Path to the virtualenv | + + +#### Command Example +```!linux-pip host="123.123.123.123" name="bottle" ``` + +#### Context Example +```json +{ + "Linux": { + "Pip": { + "changed": false, + "cmd": [ + "/usr/bin/pip3", + "install", + "bottle" + ], + "host": "123.123.123.123", + "name": [ + "bottle" + ], + "requirements": null, + "state": "present", + "status": "SUCCESS", + "stderr": "WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.\n", + "stderr_lines": [ + "WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead." + ], + "stdout": "Requirement already satisfied: bottle in /usr/local/lib/python3.6/site-packages\n", + "stdout_lines": [ + "Requirement already satisfied: bottle in /usr/local/lib/python3.6/site-packages" + ], + "version": null, + "virtualenv": null + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * requirements: None +> * state: present +> * stderr: WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead. +> +> * stdout: Requirement already satisfied: bottle in /usr/local/lib/python3.6/site-packages +> +> * version: None +> * virtualenv: None +> * ## Cmd +> * 0: /usr/bin/pip3 +> * 1: install +> * 2: bottle +> * ## Name +> * 0: bottle +> * ## Stderr_Lines +> * 0: WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead. +> * ## Stdout_Lines +> * 0: Requirement already satisfied: bottle in /usr/local/lib/python3.6/site-packages + + +### linux-pip-package-info +*** +pip package information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/pip_package_info_module.html + + +#### Base Command + +`linux-pip-package-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| clients | A list of the pip executables that will be used to get the packages. They can be supplied with the full path or just the executable name, i.e `pip3.7`. Default is ['pip']. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.PipPackageInfo.packages | unknown | a dictionary of installed package data | + + + +### linux-yarn +*** +Manage node.js packages with Yarn +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/yarn_module.html + + +#### Base Command + +`linux-yarn` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of a node.js library to install
If omitted all packages in package.json are installed. | Optional | +| path | The base path where Node.js libraries will be installed.
This is where the node_modules folder lives. | Optional | +| version | The version of the library to be installed.
Must be in semver format. If "latest" is desired, use "state" arg instead. | Optional | +| global | Install the node.js library globally. Possible values are: Yes, No. Default is No. | Optional | +| executable | The executable location for yarn. | Optional | +| ignore_scripts | Use the --ignore-scripts flag when installing. Possible values are: Yes, No. Default is No. | Optional | +| production | Install dependencies in production mode.
Yarn will ignore any dependencies under devDependencies in package.json. Possible values are: Yes, No. Default is No. | Optional | +| registry | The registry to install modules from. | Optional | +| state | Installation state of the named node.js library
If absent is selected, a name option must be provided. Possible values are: present, absent, latest. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Yarn.changed | boolean | Whether Yarn changed any package data | +| Linux.Yarn.msg | string | Provides an error message if Yarn syntax was incorrect | +| Linux.Yarn.invocation | unknown | Parameters and values used during execution | +| Linux.Yarn.out | string | Output generated from Yarn with emojis removed. | + + + +### linux-apk +*** +Manages apk packages +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apk_module.html + + +#### Base Command + +`linux-apk` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| available | During upgrade, reset versioned world dependencies and change logic to prefer replacing or downgrading packages (instead of holding them) if the currently installed package is no longer available from any repository. Default is no. | Optional | +| name | A package name, like `foo`, or multiple packages, like `foo, bar`. | Optional | +| repository | A package repository or multiple repositories. Unlike with the underlying apk command, this list will override the system repositories rather than supplement them. | Optional | +| state | Indicates the desired package(s) state.
`present` ensures the package(s) is/are present.
`absent` ensures the package(s) is/are absent.
`latest` ensures the package(s) is/are present and the latest version(s). Possible values are: present, absent, latest. Default is present. | Optional | +| update_cache | Update repository indexes. Can be run with other steps or on it's own. Default is no. | Optional | +| upgrade | Upgrade all installed packages to their latest version. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Apk.packages | unknown | a list of packages that have been changed | + + + +### linux-apt +*** +Manages apt-packages +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_module.html + + +#### Base Command + +`linux-apt` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | A list of package names, like `foo`, or package specifier with version, like `foo=1.0`. Name wildcards (fnmatch) like `apt*` and version wildcards like `foo=1.0*` are also supported. | Optional | +| state | Indicates the desired package state. `latest` ensures that the latest version is installed. `build-dep` ensures the package build dependencies are installed. `fixed` attempt to correct a system with broken dependencies in place. Possible values are: absent, build-dep, latest, present, fixed. Default is present. | Optional | +| update_cache | Run the equivalent of `apt-get update` before the operation. Can be run as part of the package installation or as a separate step. Default is no. | Optional | +| cache_valid_time | Update the apt cache if its older than the `cache_valid_time`. This option is set in seconds.
As of Ansible 2.4, if explicitly set, this sets `update_cache=yes`. Default is 0. | Optional | +| purge | Will force purging of configuration files if the module state is set to `absent`. Default is no. | Optional | +| default_release | Corresponds to the `-t` option for `apt` and sets pin priorities. | Optional | +| install_recommends | Corresponds to the `--no-install-recommends` option for `apt`. `yes` installs recommended packages. `no` does not install recommended packages. By default, Ansible will use the same defaults as the operating system. Suggested packages are never installed. | Optional | +| force | Corresponds to the `--force-yes` to `apt-get` and implies `allow_unauthenticated: yes`
This option will disable checking both the packages' signatures and the certificates of the web servers they are downloaded from.
This option *is not* the equivalent of passing the `-f` flag to `apt-get` on the command line
**This is a destructive operation with the potential to destroy your system, and it should almost never be used.** Please also see `man apt-get` for more information. Default is no. | Optional | +| allow_unauthenticated | Ignore if packages cannot be authenticated. This is useful for bootstrapping environments that manage their own apt-key setup.
`allow_unauthenticated` is only supported with state: `install`/`present`. Default is no. | Optional | +| upgrade | If yes or safe, performs an aptitude safe-upgrade.
If full, performs an aptitude full-upgrade.
If dist, performs an apt-get dist-upgrade.
Note: This does not upgrade a specific package, use state=latest for that.
Note: Since 2.4, apt-get is used as a fall-back if aptitude is not present. Possible values are: dist, full, no, safe, yes. Default is no. | Optional | +| dpkg_options | Add dpkg options to apt command. Defaults to '-o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold"'
Options should be supplied as comma separated list. Default is force-confdef,force-confold. | Optional | +| deb | Path to a .deb package on the remote machine.
If :// in the path, ansible will attempt to download deb before installing. (Version added 2.1)
Requires the `xz-utils` package to extract the control file of the deb package to install. | Optional | +| autoremove | If `yes`, remove unused dependency packages for all module states except `build-dep`. It can also be used as the only option.
Previous to version 2.4, autoclean was also an alias for autoremove, now it is its own separate command. See documentation for further information. Default is no. | Optional | +| autoclean | If `yes`, cleans the local repository of retrieved package files that can no longer be downloaded. Default is no. | Optional | +| policy_rc_d | Force the exit code of /usr/sbin/policy-rc.d.
For example, if `policy_rc_d=101` the installed package will not trigger a service start.
If /usr/sbin/policy-rc.d already exist, it is backed up and restored after the package installation.
If `null`, the /usr/sbin/policy-rc.d isn't created/changed. | Optional | +| only_upgrade | Only upgrade a package if it is already installed. Default is no. | Optional | +| force_apt_get | Force usage of apt-get instead of aptitude. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Apt.cache_updated | boolean | if the cache was updated or not | +| Linux.Apt.cache_update_time | number | time of the last cache update \(0 if unknown\) | +| Linux.Apt.stdout | string | output from apt | +| Linux.Apt.stderr | string | error output from apt | + + + +### linux-apt-key +*** +Add or remove an apt key +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_key_module.html + + +#### Base Command + +`linux-apt-key` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| id | The identifier of the key.
Including this allows check mode to correctly report the changed state.
If specifying a subkey's id be aware that apt-key does not understand how to remove keys via a subkey id. Specify the primary key's id instead.
This parameter is required when `state` is set to `absent`. | Optional | +| data | The keyfile contents to add to the keyring. | Optional | +| file | The path to a keyfile on the remote server to add to the keyring. | Optional | +| keyring | The full path to specific keyring file in /etc/apt/trusted.gpg.d/. | Optional | +| url | The URL to retrieve key from. | Optional | +| keyserver | The keyserver to retrieve key from. | Optional | +| state | Ensures that the key is present (added) or absent (revoked). Possible values are: absent, present. Default is present. | Optional | +| validate_certs | If `no`, SSL certificates for the target url will not be validated. This should only be used on personally controlled sites using self-signed certificates. Default is yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-apt-repo +*** +Manage APT repositories via apt-repo +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_repo_module.html + + +#### Base Command + +`linux-apt-repo` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| repo | Name of the repository to add or remove. | Required | +| state | Indicates the desired repository state. Possible values are: absent, present. Default is present. | Optional | +| remove_others | Remove other then added repositories
Used if `state=present`. Default is no. | Optional | +| update | Update the package database after changing repositories. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-apt-repository +*** +Add and remove APT repositories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_repository_module.html + + +#### Base Command + +`linux-apt-repository` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| repo | A source string for the repository. | Required | +| state | A source string state. Possible values are: absent, present. Default is present. | Optional | +| mode | The octal mode for newly created files in sources.list.d. Default is 0644. | Optional | +| update_cache | Run the equivalent of `apt-get update` when a change occurs. Cache updates are run after making changes. Default is yes. | Optional | +| validate_certs | If `no`, SSL certificates for the target repo will not be validated. This should only be used on personally controlled sites using self-signed certificates. Default is yes. | Optional | +| filename | Sets the name of the source list file in sources.list.d. Defaults to a file name based on the repository source url. The .list extension will be automatically added. | Optional | +| codename | Override the distribution codename to use for PPA repositories. Should usually only be set when working with a PPA on a non-Ubuntu target (e.g. Debian or Mint). | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-apt-rpm +*** +apt_rpm package manager +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/apt_rpm_module.html + + +#### Base Command + +`linux-apt-rpm` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| pkg | name of package to install, upgrade or remove. | Required | +| state | Indicates the desired package state. Possible values are: absent, present. Default is present. | Optional | +| update_cache | update the package database first `apt-get update`. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-dpkg-selections +*** +Dpkg package selection selections +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/dpkg_selections_module.html + + +#### Base Command + +`linux-dpkg-selections` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the package. | Required | +| selection | The selection state to set the package to. Possible values are: install, hold, deinstall, purge. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +### linux-flatpak +*** +Manage flatpaks +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/flatpak_module.html + + +#### Base Command + +`linux-flatpak` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| executable | The path to the `flatpak` executable to use.
By default, this module looks for the `flatpak` executable on the path. Default is flatpak. | Optional | +| method | The installation method to use.
Defines if the `flatpak` is supposed to be installed globally for the whole `system` or only for the current `user`. Possible values are: system, user. Default is system. | Optional | +| name | The name of the flatpak to manage.
When used with `state=present`, `name` can be specified as an `http(s`) URL to a `flatpakref` file or the unique reverse DNS name that identifies a flatpak.
When supplying a reverse DNS name, you can use the `remote` option to specify on what remote to look for the flatpak. An example for a reverse DNS name is `org.gnome.gedit`.
When used with `state=absent`, it is recommended to specify the name in the reverse DNS format.
When supplying an `http(s`) URL with `state=absent`, the module will try to match the installed flatpak based on the name of the flatpakref to remove it. However, there is no guarantee that the names of the flatpakref file and the reverse DNS name of the installed flatpak do match. | Required | +| remote | The flatpak remote (repository) to install the flatpak from.
By default, `flathub` is assumed, but you do need to add the flathub flatpak_remote before you can use this.
See the `flatpak_remote` module for managing flatpak remotes. Default is flathub. | Optional | +| state | Indicates the desired package state. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Flatpak.command | string | The exact flatpak command that was executed | +| Linux.Flatpak.msg | string | Module error message | +| Linux.Flatpak.rc | number | Return code from flatpak binary | +| Linux.Flatpak.stderr | string | Error output from flatpak binary | +| Linux.Flatpak.stdout | string | Output from flatpak binary | + + + +### linux-flatpak-remote +*** +Manage flatpak repository remotes +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/flatpak_remote_module.html + + +#### Base Command + +`linux-flatpak-remote` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| executable | The path to the `flatpak` executable to use.
By default, this module looks for the `flatpak` executable on the path. Default is flatpak. | Optional | +| flatpakrepo_url | The URL to the `flatpakrepo` file representing the repository remote to add.
When used with `state=present`, the flatpak remote specified under the `flatpakrepo_url` is added using the specified installation `method`.
When used with `state=absent`, this is not required.
Required when `state=present`. | Optional | +| method | The installation method to use.
Defines if the `flatpak` is supposed to be installed globally for the whole `system` or only for the current `user`. Possible values are: system, user. Default is system. | Optional | +| name | The desired name for the flatpak remote to be registered under on the managed host.
When used with `state=present`, the remote will be added to the managed host under the specified `name`.
When used with `state=absent` the remote with that name will be removed. | Required | +| state | Indicates the desired package state. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.FlatpakRemote.command | string | The exact flatpak command that was executed | +| Linux.FlatpakRemote.msg | string | Module error message | +| Linux.FlatpakRemote.rc | number | Return code from flatpak binary | +| Linux.FlatpakRemote.stderr | string | Error output from flatpak binary | +| Linux.FlatpakRemote.stdout | string | Output from flatpak binary | + + + +### linux-homebrew +*** +Package manager for Homebrew +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/homebrew_module.html + + +#### Base Command + +`linux-homebrew` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | list of names of packages to install/remove. | Optional | +| path | A ':' separated list of paths to search for 'brew' executable. Since a package (`formula` in homebrew parlance) location is prefixed relative to the actual path of `brew` command, providing an alternative `brew` path enables managing different set of packages in an alternative location in the system. Default is /usr/local/bin. | Optional | +| state | state of the package. Possible values are: head, latest, present, absent, linked, unlinked. Default is present. | Optional | +| update_homebrew | update homebrew itself first. Default is no. | Optional | +| upgrade_all | upgrade all homebrew packages. Default is no. | Optional | +| install_options | options flags to install a package. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-homebrew-cask +*** +Install/uninstall homebrew casks. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/homebrew_cask_module.html + + +#### Base Command + +`linux-homebrew-cask` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | name of cask to install/remove. | Required | +| path | ':' separated list of paths to search for 'brew' executable. Default is /usr/local/bin. | Optional | +| state | state of the cask. Possible values are: present, absent, upgraded. Default is present. | Optional | +| sudo_password | The sudo password to be passed to SUDO_ASKPASS. | Optional | +| update_homebrew | update homebrew itself first. Note that `brew cask update` is a synonym for `brew update`. Default is no. | Optional | +| install_options | options flags to install a package. | Optional | +| accept_external_apps | allow external apps. Default is no. | Optional | +| upgrade_all | upgrade all casks (mutually exclusive with `upgrade`). Default is no. | Optional | +| upgrade | upgrade all casks (mutually exclusive with `upgrade_all`). Default is no. | Optional | +| greedy | upgrade casks that auto update; passes --greedy to brew cask outdated when checking if an installed cask has a newer version available. Default is no. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-homebrew-tap +*** +Tap a Homebrew repository. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/homebrew_tap_module.html + + +#### Base Command + +`linux-homebrew-tap` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The GitHub user/organization repository to tap. | Required | +| url | The optional git URL of the repository to tap. The URL is not assumed to be on GitHub, and the protocol doesn't have to be HTTP. Any location and protocol that git can handle is fine.
`name` option may not be a list of multiple taps (but a single tap instead) when this option is provided. | Optional | +| state | state of the repository. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-layman +*** +Manage Gentoo overlays +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/layman_module.html + + +#### Base Command + +`linux-layman` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The overlay id to install, synchronize, or uninstall. Use 'ALL' to sync all of the installed overlays (can be used only when `state=updated`). | Required | +| list_url | An URL of the alternative overlays list that defines the overlay to install. This list will be fetched and saved under `${overlay_defs}`/${name}.xml), where `overlay_defs` is readed from the Layman's configuration. | Optional | +| state | Whether to install (`present`), sync (`updated`), or uninstall (`absent`) the overlay. Possible values are: present, absent, updated. Default is present. | Optional | +| validate_certs | If `no`, SSL certificates will not be validated. This should only be set to `no` when no other option exists. Prior to 1.9.3 the code defaulted to `no`. Default is yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-package +*** +Generic OS package manager +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/package_module.html + + +#### Base Command + +`linux-package` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Package name, or package specifier with version.
Syntax varies with package manager. For example `name-1.0` or `name=1.0`.
Package names also vary with package manager; this module will not "translate" them per distro. For example `libyaml-dev`, `libyaml-devel`. | Required | +| state | Whether to install (`present`), or remove (`absent`) a package.
You can use other states like `latest` ONLY if they are supported by the underlying package module(s) executed. | Required | +| use | The required package manager module to use (yum, apt, etc). The default 'auto' will use existing facts or try to autodetect it.
You should only use this field if the automatic selection is not working for some reason. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-package-facts +*** +package information as facts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/package_facts_module.html + + +#### Base Command + +`linux-package-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| manager | The package manager used by the system so we can query the package information.
Since 2.8 this is a list and can support multiple package managers per system.
The 'portage' and 'pkg' options were added in version 2.8. Possible values are: auto, rpm, apt, portage, pkg. Default is ['auto']. | Optional | +| strategy | This option controls how the module queries the package managers on the system. `first` means it will return only information for the first supported package manager available. `all` will return information for all supported and available package managers on the system. Possible values are: first, all. Default is first. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.PackageFacts.ansible_facts | unknown | facts to add to ansible_facts | + + +#### Command Example +```!linux-package-facts host="123.123.123.123" manager="auto" ``` + +#### Context Example +```json +{ + "Linux": { + "PackageFacts": { + "discovered_interpreter_python": "/usr/libexec/platform-python", + "host": "123.123.123.123", + "packages": { + "GConf2": [ + { + "arch": "x86_64", + "epoch": null, + "name": "GConf2", + "release": "22.el8", + "source": "rpm", + "version": "3.2.6" + } + ], + "NetworkManager": [ + { + "arch": "x86_64", + "epoch": 1, + "name": "NetworkManager", + "release": "5.el8_2", + "source": "rpm", + "version": "1.22.8" + } + ], + "NetworkManager-libnm": [ + { + "arch": "x86_64", + "epoch": 1, + "name": "NetworkManager-libnm", + "release": "5.el8_2", + "source": "rpm", + "version": "1.22.8" + } + ] + }, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * discovered_interpreter_python: /usr/libexec/platform-python +> * ## Packages +> * ### Gconf2 +> * ### Gconf2 +> * arch: x86_64 +> * epoch: None +> * name: GConf2 +> * release: 22.el8 +> * source: rpm +> * version: 3.2.6 +> * ### Networkmanager +> * ### Networkmanager +> * arch: x86_64 +> * epoch: 1 +> * name: NetworkManager +> * release: 5.el8_2 +> * source: rpm +> * version: 1.22.8 +> * ### Networkmanager-Libnm +> * ### Networkmanager-Libnm +> * arch: x86_64 +> * epoch: 1 +> * name: NetworkManager-libnm +> * release: 5.el8_2 +> * source: rpm +> * version: 1.22.8 + + + +### linux-yum +*** +Manages packages with the I(yum) package manager +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/yum_module.html + + +#### Base Command + +`linux-yum` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| use_backend | This module supports `yum` (as it always has), this is known as `yum3`/`YUM3`/`yum-deprecated` by upstream yum developers. As of Ansible 2.7+, this module also supports `YUM4`, which is the "new yum" and it has an `dnf` backend.
By default, this module will select the backend based on the `ansible_pkg_mgr` fact. Possible values are: auto, yum, yum4, dnf. Default is auto. | Optional | +| name | A package name or package specifier with version, like `name-1.0`.
If a previous version is specified, the task also needs to turn `allow_downgrade` on. See the `allow_downgrade` documentation for caveats with downgrading packages.
When using state=latest, this can be `'*'` which means run `yum -y update`.
You can also pass a url or a local path to a rpm file (using state=present). To operate on several packages this can accept a comma separated string of packages or (as of 2.0) a list of packages. | Optional | +| exclude | Package name(s) to exclude when state=present, or latest. | Optional | +| list | Package name to run the equivalent of yum list --show-duplicates <package> against. In addition to listing packages, use can also list the following: `installed`, `updates`, `available` and `repos`.
This parameter is mutually exclusive with `name`. | Optional | +| state | Whether to install (`present` or `installed`, `latest`), or remove (`absent` or `removed`) a package.
`present` and `installed` will simply ensure that a desired package is installed.
`latest` will update the specified package if it's not of the latest available version.
`absent` and `removed` will remove the specified package.
Default is `None`, however in effect the default action is `present` unless the `autoremove` option is enabled for this module, then `absent` is inferred. Possible values are: absent, installed, latest, present, removed. | Optional | +| enablerepo | `Repoid` of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a `","`.
As of Ansible 2.7, this can alternatively be a list instead of `","` separated string. | Optional | +| disablerepo | `Repoid` of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a `","`.
As of Ansible 2.7, this can alternatively be a list instead of `","` separated string. | Optional | +| conf_file | The remote yum configuration file to use for the transaction. | Optional | +| disable_gpg_check | Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is `present` or `latest`. Default is no. | Optional | +| skip_broken | Skip packages with broken dependencies(devsolve) and are causing problems. Default is no. | Optional | +| update_cache | Force yum to check if cache is out of date and redownload if needed. Has an effect only if state is `present` or `latest`. Default is no. | Optional | +| validate_certs | This only applies if using a https url as the source of the rpm. e.g. for localinstall. If set to `no`, the SSL certificates will not be validated.
This should only set to `no` used on personally controlled sites using self-signed certificates as it avoids verifying the source site.
Prior to 2.1 the code worked as if this was set to `yes`. Default is yes. | Optional | +| update_only | When using latest, only update installed packages. Do not install packages.
Has an effect only if state is `latest`. Default is no. | Optional | +| installroot | Specifies an alternative installroot, relative to which all packages will be installed. Default is /. | Optional | +| security | If set to `yes`, and `state=latest` then only installs updates that have been marked security related. Default is no. | Optional | +| bugfix | If set to `yes`, and `state=latest` then only installs updates that have been marked bugfix related. Default is no. | Optional | +| allow_downgrade | Specify if the named package and version is allowed to downgrade a maybe already installed higher version of that package. Note that setting allow_downgrade=True can make this module behave in a non-idempotent way. The task could end up with a set of packages that does not match the complete list of specified packages to install (because dependencies between the downgraded package and others can cause changes to the packages which were in the earlier transaction). Default is no. | Optional | +| enable_plugin | `Plugin` name to enable for the install/update operation. The enabled plugin will not persist beyond the transaction. | Optional | +| disable_plugin | `Plugin` name to disable for the install/update operation. The disabled plugins will not persist beyond the transaction. | Optional | +| releasever | Specifies an alternative release from which all packages will be installed. | Optional | +| autoremove | If `yes`, removes all "leaf" packages from the system that were originally installed as dependencies of user-installed packages but which are no longer required by any such package. Should be used alone or when state is `absent`
NOTE: This feature requires yum >= 3.4.3 (RHEL/CentOS 7+). Default is no. | Optional | +| disable_excludes | Disable the excludes defined in YUM config files.
If set to `all`, disables all excludes.
If set to `main`, disable excludes defined in [main] in yum.conf.
If set to `repoid`, disable excludes defined for given repo id. | Optional | +| download_only | Only download the packages, do not install them. Default is no. | Optional | +| lock_timeout | Amount of time to wait for the yum lockfile to be freed. Default is 30. | Optional | +| install_weak_deps | Will also install all packages linked by a weak dependency relation.
NOTE: This feature requires yum >= 4 (RHEL/CentOS 8+). Default is yes. | Optional | +| download_dir | Specifies an alternate directory to store packages.
Has an effect only if `download_only` is specified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-yum-repository +*** +Add or remove YUM repositories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/yum_repository_module.html + + +#### Base Command + +`linux-yum-repository` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| async | If set to `yes` Yum will download packages and metadata from this repo in parallel, if possible. Default is yes. | Optional | +| bandwidth | Maximum available network bandwidth in bytes/second. Used with the `throttle` option.
If `throttle` is a percentage and bandwidth is `0` then bandwidth throttling will be disabled. If `throttle` is expressed as a data rate (bytes/sec) then this option is ignored. Default is `0` (no bandwidth throttling). Default is 0. | Optional | +| baseurl | URL to the directory where the yum repository's 'repodata' directory lives.
It can also be a list of multiple URLs.
This, the `metalink` or `mirrorlist` parameters are required if `state` is set to `present`. | Optional | +| cost | Relative cost of accessing this repository. Useful for weighing one repo's packages as greater/less than any other. Default is 1000. | Optional | +| deltarpm_metadata_percentage | When the relative size of deltarpm metadata vs pkgs is larger than this, deltarpm metadata is not downloaded from the repo. Note that you can give values over `100`, so `200` means that the metadata is required to be half the size of the packages. Use `0` to turn off this check, and always download metadata. Default is 100. | Optional | +| deltarpm_percentage | When the relative size of delta vs pkg is larger than this, delta is not used. Use `0` to turn off delta rpm processing. Local repositories (with file:// `baseurl`) have delta rpms turned off by default. Default is 75. | Optional | +| description | A human readable string describing the repository. This option corresponds to the "name" property in the repo file.
This parameter is only required if `state` is set to `present`. | Optional | +| enabled | This tells yum whether or not use this repository. Default is yes. | Optional | +| enablegroups | Determines whether yum will allow the use of package groups for this repository. Default is yes. | Optional | +| exclude | List of packages to exclude from updates or installs. This should be a space separated list. Shell globs using wildcards (eg. `*` and `?`) are allowed.
The list can also be a regular YAML array. | Optional | +| failovermethod | `roundrobin` randomly selects a URL out of the list of URLs to start with and proceeds through each of them as it encounters a failure contacting the host.
`priority` starts from the first `baseurl` listed and reads through them sequentially. Possible values are: roundrobin, priority. Default is roundrobin. | Optional | +| file | File name without the `.repo` extension to save the repo in. Defaults to the value of `name`. | Optional | +| gpgcakey | A URL pointing to the ASCII-armored CA key file for the repository. | Optional | +| gpgcheck | Tells yum whether or not it should perform a GPG signature check on packages.
No default setting. If the value is not set, the system setting from `/etc/yum.conf` or system default of `no` will be used. | Optional | +| gpgkey | A URL pointing to the ASCII-armored GPG key file for the repository.
It can also be a list of multiple URLs. | Optional | +| http_caching | Determines how upstream HTTP caches are instructed to handle any HTTP downloads that Yum does.
`all` means that all HTTP downloads should be cached.
`packages` means that only RPM package downloads should be cached (but not repository metadata downloads).
`none` means that no HTTP downloads should be cached. Possible values are: all, packages, none. Default is all. | Optional | +| include | Include external configuration file. Both, local path and URL is supported. Configuration file will be inserted at the position of the `include=` line. Included files may contain further include lines. Yum will abort with an error if an inclusion loop is detected. | Optional | +| includepkgs | List of packages you want to only use from a repository. This should be a space separated list. Shell globs using wildcards (eg. `*` and `?`) are allowed. Substitution variables (e.g. `$releasever`) are honored here.
The list can also be a regular YAML array. | Optional | +| ip_resolve | Determines how yum resolves host names.
`4` or `IPv4` - resolve to IPv4 addresses only.
`6` or `IPv6` - resolve to IPv6 addresses only. Possible values are: 4, 6, IPv4, IPv6, whatever. Default is whatever. | Optional | +| keepalive | This tells yum whether or not HTTP/1.1 keepalive should be used with this repository. This can improve transfer speeds by using one connection when downloading multiple files from a repository. Default is no. | Optional | +| keepcache | Either `1` or `0`. Determines whether or not yum keeps the cache of headers and packages after successful installation. Possible values are: 0, 1. Default is 1. | Optional | +| metadata_expire | Time (in seconds) after which the metadata will expire.
Default value is 6 hours. Default is 21600. | Optional | +| metadata_expire_filter | Filter the `metadata_expire` time, allowing a trade of speed for accuracy if a command doesn't require it. Each yum command can specify that it requires a certain level of timeliness quality from the remote repos. from "I'm about to install/upgrade, so this better be current" to "Anything that's available is good enough".
`never` - Nothing is filtered, always obey `metadata_expire`.
`read-only:past` - Commands that only care about past information are filtered from metadata expiring. Eg. `yum history` info (if history needs to lookup anything about a previous transaction, then by definition the remote package was available in the past).
`read-only:present` - Commands that are balanced between past and future. Eg. `yum list yum`.
`read-only:future` - Commands that are likely to result in running other commands which will require the latest metadata. Eg. `yum check-update`.
Note that this option does not override "yum clean expire-cache". Possible values are: never, read-only:past, read-only:present, read-only:future. Default is read-only:present. | Optional | +| metalink | Specifies a URL to a metalink file for the repomd.xml, a list of mirrors for the entire repository are generated by converting the mirrors for the repomd.xml file to a `baseurl`.
This, the `baseurl` or `mirrorlist` parameters are required if `state` is set to `present`. | Optional | +| mirrorlist | Specifies a URL to a file containing a list of baseurls.
This, the `baseurl` or `metalink` parameters are required if `state` is set to `present`. | Optional | +| mirrorlist_expire | Time (in seconds) after which the mirrorlist locally cached will expire.
Default value is 6 hours. Default is 21600. | Optional | +| name | Unique repository ID. This option builds the section name of the repository in the repo file.
This parameter is only required if `state` is set to `present` or `absent`. | Required | +| password | Password to use with the username for basic authentication. | Optional | +| priority | Enforce ordered protection of repositories. The value is an integer from 1 to 99.
This option only works if the YUM Priorities plugin is installed. Default is 99. | Optional | +| protect | Protect packages from updates from other repositories. Default is no. | Optional | +| proxy | URL to the proxy server that yum should use. Set to `_none_` to disable the global proxy setting. | Optional | +| proxy_password | Password for this proxy. | Optional | +| proxy_username | Username to use for proxy. | Optional | +| repo_gpgcheck | This tells yum whether or not it should perform a GPG signature check on the repodata from this repository. Default is no. | Optional | +| reposdir | Directory where the `.repo` files will be stored. Default is /etc/yum.repos.d. | Optional | +| retries | Set the number of times any attempt to retrieve a file should retry before returning an error. Setting this to `0` makes yum try forever. Default is 10. | Optional | +| s3_enabled | Enables support for S3 repositories.
This option only works if the YUM S3 plugin is installed. Default is no. | Optional | +| skip_if_unavailable | If set to `yes` yum will continue running if this repository cannot be contacted for any reason. This should be set carefully as all repos are consulted for any given command. Default is no. | Optional | +| ssl_check_cert_permissions | Whether yum should check the permissions on the paths for the certificates on the repository (both remote and local).
If we can't read any of the files then yum will force `skip_if_unavailable` to be `yes`. This is most useful for non-root processes which use yum on repos that have client cert files which are readable only by root. Default is no. | Optional | +| sslcacert | Path to the directory containing the databases of the certificate authorities yum should use to verify SSL certificates. | Optional | +| sslclientcert | Path to the SSL client certificate yum should use to connect to repos/remote sites. | Optional | +| sslclientkey | Path to the SSL client key yum should use to connect to repos/remote sites. | Optional | +| sslverify | Defines whether yum should verify SSL certificates/hosts at all. Default is yes. | Optional | +| state | State of the repo file. Possible values are: absent, present. Default is present. | Optional | +| throttle | Enable bandwidth throttling for downloads.
This option can be expressed as a absolute data rate in bytes/sec. An SI prefix (k, M or G) may be appended to the bandwidth value. | Optional | +| timeout | Number of seconds to wait for a connection before timing out. Default is 30. | Optional | +| ui_repoid_vars | When a repository id is displayed, append these yum variables to the string if they are used in the `baseurl`/etc. Variables are appended in the order listed (and found). Default is releasever basearch. | Optional | +| username | Username to use for basic authentication to a repo or really any url. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.YumRepository.repo | string | repository name | +| Linux.YumRepository.state | string | state of the target, after execution | + + +#### Command Example +```!linux-yum-repository host="123.123.123.123" name="epel" description="EPEL YUM repo" baseurl="https://download.fedoraproject.org/pub/epel/$releasever/$basearch/" ``` + +#### Context Example +```json +{ + "Linux": { + "YumRepository": { + "changed": false, + "host": "123.123.123.123", + "repo": "epel", + "state": "present", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * repo: epel +> * state: present + + +### linux-zypper +*** +Manage packages on SUSE and openSUSE +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/zypper_module.html + + +#### Base Command + +`linux-zypper` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Package name `name` or package specifier or a list of either.
Can include a version like `name=1.0`, `name>3.4` or `name<=2.7`. If a version is given, `oldpackage` is implied and zypper is allowed to update the package within the version range given.
You can also pass a url or a local path to a rpm file.
When using state=latest, this can be '*', which updates all installed packages. | Required | +| state | `present` will make sure the package is installed. `latest` will make sure the latest version of the package is installed. `absent` will make sure the specified package is not installed. `dist-upgrade` will make sure the latest version of all installed packages from all enabled repositories is installed.
When using `dist-upgrade`, `name` should be `'*'`. Possible values are: present, latest, absent, dist-upgrade. Default is present. | Optional | +| type | The type of package to be operated on. Possible values are: package, patch, pattern, product, srcpackage, application. Default is package. | Optional | +| extra_args_precommand | Add additional global target options to `zypper`.
Options should be supplied in a single line as if given in the command line. | Optional | +| disable_gpg_check | Whether to disable to GPG signature checking of the package signature being installed. Has an effect only if state is `present` or `latest`. Default is no. | Optional | +| disable_recommends | Corresponds to the `--no-recommends` option for `zypper`. Default behavior (`yes`) modifies zypper's default behavior; `no` does install recommended packages. Default is yes. | Optional | +| force | Adds `--force` option to `zypper`. Allows to downgrade packages and change vendor or architecture. Default is no. | Optional | +| update_cache | Run the equivalent of `zypper refresh` before the operation. Disabled in check mode. Default is no. | Optional | +| oldpackage | Adds `--oldpackage` option to `zypper`. Allows to downgrade packages with less side-effects than force. This is implied as soon as a version is specified as part of the package name. Default is no. | Optional | +| extra_args | Add additional options to `zypper` command.
Options should be supplied in a single line as if given in the command line. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-zypper-repository +*** +Add and remove Zypper repositories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/zypper_repository_module.html + + +#### Base Command + +`linux-zypper-repository` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | A name for the repository. Not required when adding repofiles. | Optional | +| repo | URI of the repository or .repo file. Required when state=present. | Optional | +| state | A source string state. Possible values are: absent, present. Default is present. | Optional | +| description | A description of the repository. | Optional | +| disable_gpg_check | Whether to disable GPG signature checking of all packages. Has an effect only if state is `present`.
Needs zypper version >= 1.6.2. Default is no. | Optional | +| autorefresh | Enable autorefresh of the repository. Default is yes. | Optional | +| priority | Set priority of repository. Packages will always be installed from the repository with the smallest priority number.
Needs zypper version >= 1.12.25. | Optional | +| overwrite_multiple | Overwrite multiple repository entries, if repositories with both name and URL already exist. Default is no. | Optional | +| auto_import_keys | Automatically import the gpg signing key of the new or changed repository.
Has an effect only if state is `present`. Has no effect on existing (unchanged) repositories or in combination with `absent`.
Implies runrefresh.
Only works with `.repo` files if `name` is given explicitly. Default is no. | Optional | +| runrefresh | Refresh the package list of the given repository.
Can be used with repo=* to refresh all repositories. Default is no. | Optional | +| enabled | Set repository to enabled (or disabled). Default is yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-snap +*** +Manages snaps +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/snap_module.html + + +#### Base Command + +`linux-snap` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the snap to install or remove. Can be a list of snaps. | Required | +| state | Desired state of the package. Possible values are: absent, present. Default is present. | Optional | +| classic | Confinement policy. The classic confinement allows a snap to have the same level of access to the system as "classic" packages, like those managed by APT. This option corresponds to the --classic argument. This option can only be specified if there is a single snap in the task. Possible values are: Yes, No. Default is No. | Optional | +| channel | Define which release of a snap is installed and tracked for updates. This option can only be specified if there is a single snap in the task. Default is stable. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.Snap.classic | boolean | Whether or not the snaps were installed with the classic confinement | +| Linux.Snap.channel | string | The channel the snaps were installed from | +| Linux.Snap.cmd | string | The command that was executed on the host | +| Linux.Snap.snaps_installed | unknown | The list of actually installed snaps | +| Linux.Snap.snaps_removed | unknown | The list of actually removed snaps | + + + +### linux-redhat-subscription +*** +Manage registration and subscriptions to RHSM using the C(subscription-manager) command +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/redhat_subscription_module.html + + +#### Base Command + +`linux-redhat-subscription` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | whether to register and subscribe (`present`), or unregister (`absent`) a system. Possible values are: present, absent. Default is present. | Optional | +| username | access.Redhat.com or Sat6 username. | Optional | +| password | access.Redhat.com or Sat6 password. | Optional | +| server_hostname | Specify an alternative Red Hat Subscription Management or Sat6 server. | Optional | +| server_insecure | Enable or disable https server certificate verification when connecting to `server_hostname`. | Optional | +| rhsm_baseurl | Specify CDN baseurl. | Optional | +| rhsm_repo_ca_cert | Specify an alternative location for a CA certificate for CDN. | Optional | +| server_proxy_hostname | Specify a HTTP proxy hostname. | Optional | +| server_proxy_port | Specify a HTTP proxy port. | Optional | +| server_proxy_user | Specify a user for HTTP proxy with basic authentication. | Optional | +| server_proxy_password | Specify a password for HTTP proxy with basic authentication. | Optional | +| auto_attach | Upon successful registration, auto-consume available subscriptions
Added in favor of deprecated autosubscribe in 2.5. Default is no. | Optional | +| activationkey | supply an activation key for use with registration. | Optional | +| org_id | Organization ID to use in conjunction with activationkey. | Optional | +| environment | Register with a specific environment in the destination org. Used with Red Hat Satellite 6.x or Katello. | Optional | +| pool | Specify a subscription pool name to consume. Regular expressions accepted. Use `pool_ids` instead if
possible, as it is much faster. Mutually exclusive with `pool_ids`. Default is ^$. | Optional | +| pool_ids | Specify subscription pool IDs to consume. Prefer over `pool` when possible as it is much faster.
A pool ID may be specified as a `string` - just the pool ID (ex. `0123456789abcdef0123456789abcdef`),
or as a `dict` with the pool ID as the key, and a quantity as the value (ex.
`0123456789abcdef0123456789abcdef: 2`. If the quantity is provided, it is used to consume multiple
entitlements from a pool (the pool must support this). Mutually exclusive with `pool`. | Optional | +| consumer_type | The type of unit to register, defaults to system. | Optional | +| consumer_name | Name of the system to register, defaults to the hostname. | Optional | +| consumer_id | References an existing consumer ID to resume using a previous registration
for this system. If the system's identity certificate is lost or corrupted,
this option allows it to resume using its previous identity and subscriptions.
The default is to not specify a consumer ID so a new ID is created. | Optional | +| force_register | Register the system even if it is already registered. Default is no. | Optional | +| release | Set a release version. | Optional | +| syspurpose | Set syspurpose attributes in file `/etc/rhsm/syspurpose/syspurpose.json` and synchronize these attributes with RHSM server. Syspurpose attributes help attach the most appropriate subscriptions to the system automatically. When `syspurpose.json` file already contains some attributes, then new attributes overwrite existing attributes. When some attribute is not listed in the new list of attributes, the existing attribute will be removed from `syspurpose.json` file. Unknown attributes are ignored. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.RedhatSubscription.subscribed_pool_ids | unknown | List of pool IDs to which system is now subscribed | + + + +### linux-rhn-channel +*** +Adds or removes Red Hat software channels +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/rhn_channel_module.html + + +#### Base Command + +`linux-rhn-channel` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the software channel. | Required | +| sysname | Name of the system as it is known in RHN/Satellite. | Required | +| state | Whether the channel should be present or not, taking action if the state is different from what is stated. Default is present. | Optional | +| url | The full URL to the RHN/Satellite API. | Required | +| user | RHN/Satellite login. | Required | +| password | RHN/Satellite password. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-rhn-register +*** +Manage Red Hat Network registration using the C(rhnreg_ks) command +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/rhn_register_module.html + + +#### Base Command + +`linux-rhn-register` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether to register (`present`), or unregister (`absent`) a system. Possible values are: absent, present. Default is present. | Optional | +| username | Red Hat Network username. | Optional | +| password | Red Hat Network password. | Optional | +| server_url | Specify an alternative Red Hat Network server URL.
The default is the current value of `serverURL` from `/etc/sysconfig/rhn/up2date`. | Optional | +| activationkey | Supply an activation key for use with registration. | Optional | +| profilename | Supply an profilename for use with registration. | Optional | +| ca_cert | Supply a custom ssl CA certificate file for use with registration. | Optional | +| systemorgid | Supply an organizational id for use with registration. | Optional | +| channels | Optionally specify a list of channels to subscribe to upon successful registration. | Optional | +| enable_eus | If `no`, extended update support will be requested. Possible values are: Yes, No. Default is No. | Optional | +| nopackages | If `yes`, the registered node will not upload its installed packages information to Satellite server. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!linux-rhn-register host="123.123.123.123" state="absent" username="joe_user" password="somepass" ``` + +#### Context Example +```json +{ + "Linux": { + "RhnRegister": { + "changed": false, + "host": "123.123.123.123", + "msg": "System already unregistered.", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * msg: System already unregistered. + + +### linux-rhsm-release +*** +Set or Unset RHSM Release version +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/rhsm_release_module.html + + +#### Base Command + +`linux-rhsm-release` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| release | RHSM release version to use (use null to unset). | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.RhsmRelease.current_release | string | The current RHSM release version value | + + + +### linux-rhsm-repository +*** +Manage RHSM repositories using the subscription-manager command +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/rhsm_repository_module.html + + +#### Base Command + +`linux-rhsm-repository` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | If state is equal to present or disabled, indicates the desired repository state. Possible values are: present, enabled, absent, disabled. Default is present. | Required | +| name | The ID of repositories to enable.
To operate on several repositories this can accept a comma separated list or a YAML list. | Required | +| purge | Disable all currently enabled repositories that are not not specified in `name`. Only set this to `True` if passing in a list of repositories to the `name` field. Using this with `loop` will most likely not have the desired result. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.RhsmRepository.repositories | unknown | The list of RHSM repositories with their states. +When this module is used to change the repository states, this list contains the updated states after the changes. | + + + +### linux-rpm-key +*** +Adds or removes a gpg key from the rpm db +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/rpm_key_module.html + + +#### Base Command + +`linux-rpm-key` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| key | Key that will be modified. Can be a url, a file on the managed node, or a keyid if the key already exists in the database. | Required | +| state | If the key will be imported or removed from the rpm db. Possible values are: absent, present. Default is present. | Optional | +| validate_certs | If `no` and the `key` is a url starting with https, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates. Default is yes. | Optional | +| fingerprint | The long-form fingerprint of the key being imported.
This will be used to verify the specified key. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + +### linux-get-url +*** +Downloads files from HTTP, HTTPS, or FTP to node +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/get_url_module.html + + +#### Base Command + +`linux-get-url` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| url | HTTP, HTTPS, or FTP URL in the form (http\|https\|ftp)://[user[:pass]]@host.domain[:port]/path. | Required | +| dest | Absolute path of where to download the file to.
If `dest` is a directory, either the server provided filename or, if none provided, the base name of the URL on the remote server will be used. If a directory, `force` has no effect.
If `dest` is a directory, the file will always be downloaded (regardless of the `force` option), but replaced only if the contents changed.. | Required | +| tmp_dest | Absolute path of where temporary file is downloaded to.
When run on Ansible 2.5 or greater, path defaults to ansible's remote_tmp setting
When run on Ansible prior to 2.5, it defaults to `TMPDIR`, `TEMP` or `TMP` env variables or a platform specific value.
`https://docs.python.org/2/library/tempfile.html#tempfile.tempdir`. | Optional | +| force | If `yes` and `dest` is not a directory, will download the file every time and replace the file if the contents change. If `no`, the file will only be downloaded if the destination does not exist. Generally should be `yes` only for small local files.
Prior to 0.6, this module behaved as if `yes` was the default.
Alias `thirsty` has been deprecated and will be removed in 2.13. Possible values are: Yes, No. Default is No. | Optional | +| backup | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| sha256sum | If a SHA-256 checksum is passed to this parameter, the digest of the destination file will be calculated after it is downloaded to ensure its integrity and verify that the transfer completed successfully. This option is deprecated. Use `checksum` instead. | Optional | +| checksum | If a checksum is passed to this parameter, the digest of the destination file will be calculated after it is downloaded to ensure its integrity and verify that the transfer completed successfully. Format: <algorithm>:<checksum\|url>, e.g. checksum="sha256:D98291AC[...]B6DC7B97", checksum="sha256:http://example.com/path/sha256sum.txt"
If you worry about portability, only the sha1 algorithm is available on all platforms and python versions.
The third party hashlib library can be installed for access to additional algorithms.
Additionally, if a checksum is passed to this parameter, and the file exist under the `dest` location, the `destination_checksum` would be calculated, and if checksum equals `destination_checksum`, the file download would be skipped (unless `force` is true). If the checksum does not equal `destination_checksum`, the destination file is deleted. | Optional | +| use_proxy | if `no`, it will not use a proxy, even if one is defined in an environment variable on the target hosts. Possible values are: Yes, No. Default is Yes. | Optional | +| validate_certs | If `no`, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates. Possible values are: Yes, No. Default is Yes. | Optional | +| timeout | Timeout in seconds for URL request. Default is 10. | Optional | +| headers | Add custom HTTP headers to a request in hash/dict format.
The hash/dict format was added in Ansible 2.6.
Previous versions used a `"key:value,key:value"` string format.
The `"key:value,key:value"` string format is deprecated and will be removed in version 2.10. | Optional | +| url_username | The username for use in HTTP basic authentication.
This parameter can be used without `url_password` for sites that allow empty passwords.
Since version 2.8 you can also use the `username` alias for this option. | Optional | +| url_password | The password for use in HTTP basic authentication.
If the `url_username` parameter is not specified, the `url_password` parameter will not be used.
Since version 2.8 you can also use the 'password' alias for this option. | Optional | +| force_basic_auth | Force the sending of the Basic authentication header upon initial request.
httplib2, the library used by the uri module only sends authentication information when a webservice responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail. Possible values are: Yes, No. Default is No. | Optional | +| client_cert | PEM formatted certificate chain file to be used for SSL client authentication.
This file can also include the key as well, and if the key is included, `client_key` is not required. | Optional | +| client_key | PEM formatted file that contains your private key to be used for SSL client authentication.
If `client_cert` contains both the certificate and key, this option is not required. | Optional | +| http_agent | Header to identify as, generally appears in web server logs. Default is ansible-httpget. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Linux.GetUrl.backup_file | string | name of backup file created after download | +| Linux.GetUrl.checksum_dest | string | sha1 checksum of the file after copy | +| Linux.GetUrl.checksum_src | string | sha1 checksum of the file | +| Linux.GetUrl.dest | string | destination file/path | +| Linux.GetUrl.elapsed | number | The number of seconds that elapsed while performing the download | +| Linux.GetUrl.gid | number | group id of the file | +| Linux.GetUrl.group | string | group of the file | +| Linux.GetUrl.md5sum | string | md5 checksum of the file after download | +| Linux.GetUrl.mode | string | permissions of the target | +| Linux.GetUrl.msg | string | the HTTP message from the request | +| Linux.GetUrl.owner | string | owner of the file | +| Linux.GetUrl.secontext | string | the SELinux security context of the file | +| Linux.GetUrl.size | number | size of the target | +| Linux.GetUrl.src | string | source file used after download | +| Linux.GetUrl.state | string | state of the target | +| Linux.GetUrl.status_code | number | the HTTP status code from the request | +| Linux.GetUrl.uid | number | owner id of the file, after execution | +| Linux.GetUrl.url | string | the actual URL used for the request | + + diff --git a/Packs/AnsibleLinux/Integrations/AnsibleLinux/command_examples b/Packs/AnsibleLinux/Integrations/AnsibleLinux/command_examples new file mode 100644 index 000000000000..42708edb1126 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleLinux/command_examples @@ -0,0 +1,49 @@ +!linux-alternatives host="123.123.123.123" name="java" path="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.292.b10-0.el8_3.x86_64/jre/bin/java" +!linux-at host="123.123.123.123" command="ls -d / >/dev/null" count="20" units="minutes" +!linux-authorized-key host="123.123.123.123" user="charlie" state="present" key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/...REDACTED..uH04Ef2RICcn1iCtsqQcMZfoqFftRcGi2MyYFyRQrFs= charlie@web01" +!linux-capabilities host="123.123.123.123" path="/tmp/foo" capability="cap_sys_chroot+ep" state="present" +!linux-cron host="123.123.123.123" name="check dirs" minute="0" hour="5,2" job="ls -alh > /dev/null" +!linux-cronvar host="123.123.123.123" name="EMAIL" value="doug@ansibmod.con.com" +!linux-dconf host="123.123.123.123" key="/org/gnome/desktop/input-sources/sources" value="[('xkb', 'us'), ('xkb', 'se')]" state="present" +!linux-filesystem host="123.123.123.123" fstype="ext2" dev="/dev/sdb1" +!linux-firewalld host="123.123.123.123" service="https" permanent="True" state="enabled" +!linux-gather-facts host="123.123.123.123" +!linux-gconftool2 host="123.123.123.123" key="/desktop/gnome/interface/font_name" value_type="string" value="Serif 12" state=present +!linux-getent host="123.123.123.123" database="passwd" key="root" +!linux-group host="123.123.123.123" name="somegroup" state="present" +!linux-hostname host="123.123.123.123" name="web01" +!linux-iptables host="123.123.123.123" chain="INPUT" source="8.8.8.8" jump="DROP" +!linux-java-cert host="123.123.123.123" cert_url="google.com" cert_port="443" keystore_path="/usr/lib/jvm/jre-1.8.0/lib/security/cacerts" keystore_pass="changeit" state="present" +!linux-java-keystore host="123.123.123.123" name="example" certificate="-----BEGIN CERTIFICATE-----\\nMIIB2zCCAYW...iR12l6jQoaDDejA=\\n-----END CERTIFICATE-----" private_key="-----BEGIN PRIVATE KEY-----\\nMIIBVAIBADANBg....9D3w3+Tkt1lOnH8\\nO20WlYSmkiSdi8Nrz7Av8nOKSedoKiIqoZjg1ZhdGfaZP0D8nSpuiwYmyQe+L4Uq\\nf3Z1IQIDAQABAkBlMPjyLTL9pcIOhG0wq/acgWGaCWfW7k1mrhkADPFJwyGYILrk\\nPiK8ZLaXtuBo5ILj+RDKCHP9y0ApIm0kD0UJAiEA5U+LF3NBnPgpc99pfUc7PpG7\\nrRU4hYiHQSG+HmCuSXMCIQDjic1CgW6DrwyquWISY0SbcEgOZdp8TZ2RZY+b9ELy\\nGwIhAL03W7Cn/FZIN/xTN7qWUn6YxmJWBmO5etH1w+lRIb+dAiB0/GGjIubOH48U\\nq9GngJBClr0FYgquRD2SBrSKS1CsJwIgBMgtKPpt6XNhpVu1rBh9/jARP8azzaHh\\nYXyNGA56xjg=\\n-----END PRIVATE KEY-----" dest="/etc/security/keystore.jks" password="changeit" +!linux-kernel-blacklist host="123.123.123.123" name="nouveau" state="present" +!linux-known-hosts host="123.123.123.123" path="/etc/ssh/ssh_known_hosts" name="host1.example.com" key="host1.example.com,10.9.8.77 ssh-rsa ASDeararAIUHI324324" +!linux-listen-ports-facts host="123.123.123.123" +!linux-modprobe host="123.123.123.123" name="8021q" state="present" +!linux-mount host="123.123.123.123" path="/mnt/dvd" src="/dev/sr0" fstype="iso9660" opts="ro,noauto" state="present" +!linux-pam-limits host="123.123.123.123" domain="joe" limit_type="soft" limit_item="nofile" value="64000" +!linux-pamd host="123.123.123.123" name="system-auth" type="auth" control="required" module_path="pam_faillock.so" new_control="sufficient" +!linux-parted host="123.123.123.123" device="/dev/sdb" number="1" state="present" +!linux-pids host="123.123.123.123" name="python" +!linux-ping host="123.123.123.123" +!linux-python-requirements-info host="123.123.123.123" +!linux-selinux host="123.123.123.123" policy="targeted" state="enforcing" +!linux-service host="123.123.123.123" name="httpd" state="started" +!linux-service-facts host="123.123.123.123" +!linux-sysctl host="123.123.123.123" name="vm.swappiness" value="5" state="present" +!linux-systemd host="123.123.123.123" state="started" name="httpd" +!linux-timezone host="123.123.123.123" name="Asia/Tokyo" +!linux-openssh-keypair host="123.123.123.123" path="/tmp/id_ssh_rsa" +!linux-find host="123.123.123.123" paths="/tmp" age="2d" recurse="True" +!linux-ini-file host="123.123.123.123" path="/etc/conf" section="drinks" option="fav" value="lemonade" mode="0600" backup="True" +!linux-lineinfile host="123.123.123.123" path="/etc/selinux/config" regexp="^SELINUX=" line="SELINUX=enforcing" +!linux-replace host="123.123.123.123" path="/etc/hosts" regexp="(\\s+)old\\.host\\.name(\\s+.*)?$" replace="\\1new.host.name\\2" +!linux-stat host="123.123.123.123" path="/etc/foo.conf" +!linux-tempfile host="123.123.123.123" state="directory" suffix="build" +!linux-pip host="123.123.123.123" name="bottle" +!linux-package-facts host="123.123.123.123" manager="auto" +!linux-yum-repository host="123.123.123.123" name="epel" description="EPEL YUM repo" baseurl="https://download.fedoraproject.org/pub/epel/$releasever/$basearch/" +!linux-rhn-register host="123.123.123.123" state="absent" username="joe_user" password="somepass" +!linux-locale-gen host="123.123.123.123" name="de_CH.UTF-8" state="present" +!linux-dpkg-selections host="123.123.123.123" name="python" selection="hold" +!linux-archive host="123.123.123.123" path="/path/to/foo" dest="/path/to/foo.tgz" +!linux-package host="123.123.123.123" name="ntpdate" state="present" \ No newline at end of file diff --git a/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.py b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.py new file mode 100644 index 000000000000..2c373191acc7 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.py @@ -0,0 +1,68 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'ssh' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + return_results('This integration does not support testing from this screen. \ + Please refer to the documentation for details on how to perform \ + configuration tests.') + elif command == 'openssl-certificate': + return_results(generic_ansible('OpenSSL', 'openssl_certificate', args, int_params, host_type)) + elif command == 'openssl-certificate-info': + return_results(generic_ansible('OpenSSL', 'openssl_certificate_info', args, int_params, host_type)) + elif command == 'openssl-csr': + return_results(generic_ansible('OpenSSL', 'openssl_csr', args, int_params, host_type)) + elif command == 'openssl-csr-info': + return_results(generic_ansible('OpenSSL', 'openssl_csr_info', args, int_params, host_type)) + elif command == 'openssl-dhparam': + return_results(generic_ansible('OpenSSL', 'openssl_dhparam', args, int_params, host_type)) + elif command == 'openssl-pkcs12': + return_results(generic_ansible('OpenSSL', 'openssl_pkcs12', args, int_params, host_type)) + elif command == 'openssl-privatekey': + return_results(generic_ansible('OpenSSL', 'openssl_privatekey', args, int_params, host_type)) + elif command == 'openssl-privatekey-info': + return_results(generic_ansible('OpenSSL', 'openssl_privatekey_info', args, int_params, host_type)) + elif command == 'openssl-publickey': + return_results(generic_ansible('OpenSSL', 'openssl_publickey', args, int_params, host_type)) + elif command == 'openssl-certificate-complete-chain': + return_results(generic_ansible('OpenSSL', 'certificate_complete_chain', args, int_params, host_type)) + elif command == 'openssl-get-certificate': + return_results(generic_ansible('OpenSSL', 'get_certificate', args, int_params, host_type)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.yml b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.yml new file mode 100644 index 000000000000..4c7786b16d47 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL.yml @@ -0,0 +1,1744 @@ +category: IT Services +commonfields: + id: AnsibleOpenSSL + version: -1 +configuration: +- additionalinfo: The credentials to associate with the instance. SSH keys can be + configured using the credential manager. + display: Username + name: creds + required: true + type: 9 +- additionalinfo: The default port to use if one is not specified in the commands + `host` argument. + defaultvalue: 22 + display: Default SSH Port + name: port + required: true + type: 0 +- additionalinfo: If multiple hosts are specified in a command, how many hosts should + be interacted with concurrently. + defaultvalue: '4' + display: Concurrency Factor + name: concurrency + required: true + type: 0 +- display: Escalate Privileges + additionalinfo: | + Ansible allows you to ‘become’ another user, different from the user that + logged into the machine (remote user). + name: become + required: true + type: 15 + options: + - "Yes" + - "No" + defaultvalue: 'Yes' +- display: Privilege Escalation Method + additionalinfo: Which privilege escalation method should be used. + name: become_method + required: true + type: 15 + options: + - "sudo" + - "su" + - "doas" + defaultvalue: 'sudo' +- display: Privilege Escalation User + additionalinfo: Set the user you become through privilege escalation + name: become_user + required: false + type: 0 + defaultvalue: 'root' +- display: Privileges Escalation Password + additionalinfo: Set the privilege escalation password. If not set, will use the + same as SSH password. + name: become_password + required: false + type: 4 +description: Control OpenSSL on a remote Linux hosts +display: Ansible OpenSSL +fromversion: 6.0.0 +name: AnsibleOpenSSL +script: + commands: + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the certificate should exist or not, taking action if the + state is different from what is stated. + name: state + predefined: + - absent + - present + - description: Remote absolute path where the generated certificate file should + be created or is already located. + name: path + required: true + - auto: PREDEFINED + description: 'Name of the provider to use to generate/retrieve the OpenSSL certificate. + The `assertonly` provider will not generate files and fail if the certificate + file is missing. The `assertonly` provider has been deprecated in Ansible + 2.9 and will be removed in Ansible 2.13. Please see the examples on how to + emulate it with `openssl_certificate_info`, `openssl_csr_info`, `openssl_privatekey_info` + and `assert`. The `entrust` provider was added for Ansible 2.9 and requires + credentials for the `https://www.entrustdatacard.com/products/categories/ssl-certificates,Entrust + Certificate Services` (ECS) API. Required if `state` is `present`.' + name: provider + predefined: + - acme + - assertonly + - entrust + - ownca + - selfsigned + - auto: PREDEFINED + defaultValue: 'No' + description: Generate the certificate, even if it already exists. + name: force + predefined: + - 'Yes' + - 'No' + - description: 'Path to the Certificate Signing Request (CSR) used to generate + this certificate. This is not required in `assertonly` mode.' + name: csr_path + - description: Path to the private key to use when signing the certificate. + name: privatekey_path + - description: 'The passphrase for the `privatekey_path`. This is required if + the private key is password protected.' + name: privatekey_passphrase + - defaultValue: '3' + description: 'Version of the `selfsigned` certificate. Nowadays it should almost + always be `3`. This is only used by the `selfsigned` provider.' + name: selfsigned_version + - defaultValue: sha256 + description: 'Digest algorithm to be used when self-signing the certificate. + This is only used by the `selfsigned` provider.' + name: selfsigned_digest + - defaultValue: +0s + description: 'The point in time the certificate is valid from. Time can be specified + either as relative time or as absolute timestamp. Time will always be interpreted + as UTC. Valid format is `[+-]timespec | ASN.1 TIME` where timespec can be + an integer + `[w | d | h | m | s]` (e.g. `+32w1d2h`. Note that if using relative + time this module is NOT idempotent. If this value is not specified, the certificate + will start being valid from now. This is only used by the `selfsigned` provider.' + name: selfsigned_not_before + - defaultValue: +3650d + description: 'The point in time at which the certificate stops being valid. + Time can be specified either as relative time or as absolute timestamp. Time + will always be interpreted as UTC. Valid format is `[+-]timespec | ASN.1 TIME` + where timespec can be an integer + `[w | d | h | m | s]` (e.g. `+32w1d2h`. + Note that if using relative time this module is NOT idempotent. If this value + is not specified, the certificate will stop being valid 10 years from now. + This is only used by the `selfsigned` provider.' + name: selfsigned_not_after + - auto: PREDEFINED + defaultValue: create_if_not_provided + description: 'Whether to create the Subject Key Identifier (SKI) from the public + key. A value of `create_if_not_provided` (default) only creates a SKI when + the CSR does not provide one. A value of `always_create` always creates a + SKI. If the CSR provides one, that one is ignored. A value of `never_create` + never creates a SKI. If the CSR provides one, that one is used. This is only + used by the `selfsigned` provider. Note that this is only supported if the + `cryptography` backend is used!' + name: selfsigned_create_subject_key_identifier + predefined: + - create_if_not_provided + - always_create + - never_create + - description: 'Remote absolute path of the CA (Certificate Authority) certificate. + This is only used by the `ownca` provider.' + name: ownca_path + - description: 'Path to the CA (Certificate Authority) private key to use when + signing the certificate. This is only used by the `ownca` provider.' + name: ownca_privatekey_path + - description: 'The passphrase for the `ownca_privatekey_path`. This is only used + by the `ownca` provider.' + name: ownca_privatekey_passphrase + - defaultValue: sha256 + description: 'The digest algorithm to be used for the `ownca` certificate. This + is only used by the `ownca` provider.' + name: ownca_digest + - defaultValue: '3' + description: 'The version of the `ownca` certificate. Nowadays it should almost + always be `3`. This is only used by the `ownca` provider.' + name: ownca_version + - defaultValue: +0s + description: 'The point in time the certificate is valid from. Time can be specified + either as relative time or as absolute timestamp. Time will always be interpreted + as UTC. Valid format is `[+-]timespec | ASN.1 TIME` where timespec can be + an integer + `[w | d | h | m | s]` (e.g. `+32w1d2h`. Note that if using relative + time this module is NOT idempotent. If this value is not specified, the certificate + will start being valid from now. This is only used by the `ownca` provider.' + name: ownca_not_before + - defaultValue: +3650d + description: 'The point in time at which the certificate stops being valid. + Time can be specified either as relative time or as absolute timestamp. Time + will always be interpreted as UTC. Valid format is `[+-]timespec | ASN.1 TIME` + where timespec can be an integer + `[w | d | h | m | s]` (e.g. `+32w1d2h`. + Note that if using relative time this module is NOT idempotent. If this value + is not specified, the certificate will stop being valid 10 years from now. + This is only used by the `ownca` provider.' + name: ownca_not_after + - auto: PREDEFINED + defaultValue: create_if_not_provided + description: 'Whether to create the Subject Key Identifier (SKI) from the public + key. A value of `create_if_not_provided` (default) only creates a SKI when + the CSR does not provide one. A value of `always_create` always creates a + SKI. If the CSR provides one, that one is ignored. A value of `never_create` + never creates a SKI. If the CSR provides one, that one is used. This is only + used by the `ownca` provider. Note that this is only supported if the `cryptography` + backend is used!' + name: ownca_create_subject_key_identifier + predefined: + - create_if_not_provided + - always_create + - never_create + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Create a Authority Key Identifier from the CA''s certificate. + If the CSR provided a authority key identifier, it is ignored. The Authority + Key Identifier is generated from the CA certificate''s Subject Key Identifier, + if available. If it is not available, the CA certificate''s public key will + be used. This is only used by the `ownca` provider. Note that this is only + supported if the `cryptography` backend is used!' + name: ownca_create_authority_key_identifier + predefined: + - 'Yes' + - 'No' + - description: 'The path to the accountkey for the `acme` provider. This is only + used by the `acme` provider.' + name: acme_accountkey_path + - description: 'The path to the ACME challenge directory that is served on `http://:80/.well-known/acme-challenge/` + This is only used by the `acme` provider.' + name: acme_challenge_path + - auto: PREDEFINED + defaultValue: 'No' + description: 'Include the intermediate certificate to the generated certificate + This is only used by the `acme` provider. Note that this is only available + for older versions of `acme-tiny`. New versions include the chain automatically, + and setting `acme_chain` to `yes` results in an error.' + name: acme_chain + predefined: + - 'Yes' + - 'No' + - description: 'A list of algorithms that you would accept the certificate to + be signed with (e.g. [''sha256WithRSAEncryption'', ''sha512WithRSAEncryption'']). + This is only used by the `assertonly` provider. This option is deprecated + since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + isArray: true + name: signature_algorithms + - description: 'The key/value pairs that must be present in the issuer name field + of the certificate. If you need to specify more than one value with the same + key, use a list as value. This is only used by the `assertonly` provider. + This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + isArray: true + name: issuer + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `yes`, the `issuer` field must contain only these values. + This is only used by the `assertonly` provider. This option is deprecated + since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + name: issuer_strict + predefined: + - 'Yes' + - 'No' + - description: 'The key/value pairs that must be present in the subject name field + of the certificate. If you need to specify more than one value with the same + key, use a list as value. This is only used by the `assertonly` provider. + This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + isArray: true + name: subject + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `yes`, the `subject` field must contain only these values. + This is only used by the `assertonly` provider. This option is deprecated + since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + name: subject_strict + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Checks if the certificate is expired/not expired at the time the + module is executed. This is only used by the `assertonly` provider. This option + is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + name: has_expired + predefined: + - 'Yes' + - 'No' + - description: 'The version of the certificate. Nowadays it should almost always + be 3. This is only used by the `assertonly` provider. This option is deprecated + since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + name: version + - description: 'The certificate must be valid at this point in time. The timestamp + is formatted as an ASN.1 TIME. This is only used by the `assertonly` provider. + This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + name: valid_at + - description: 'The certificate must be invalid at this point in time. The timestamp + is formatted as an ASN.1 TIME. This is only used by the `assertonly` provider. + This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + name: invalid_at + - description: 'The certificate must start to become valid at this point in time. + The timestamp is formatted as an ASN.1 TIME. This is only used by the `assertonly` + provider. This option is deprecated since Ansible 2.9 and will be removed + with the `assertonly` provider in Ansible 2.13. For alternatives, see the + example on replacing `assertonly`.' + name: not_before + - description: 'The certificate must expire at this point in time. The timestamp + is formatted as an ASN.1 TIME. This is only used by the `assertonly` provider. + This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + name: not_after + - description: 'The certificate must still be valid at this relative time offset + from now. Valid format is `[+-]timespec | number_of_seconds` where timespec + can be an integer + `[w | d | h | m | s]` (e.g. `+32w1d2h`. Note that if using + this parameter, this module is NOT idempotent. This is only used by the `assertonly` + provider. This option is deprecated since Ansible 2.9 and will be removed + with the `assertonly` provider in Ansible 2.13. For alternatives, see the + example on replacing `assertonly`.' + name: valid_in + - description: 'The `key_usage` extension field must contain all these values. + This is only used by the `assertonly` provider. This option is deprecated + since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + isArray: true + name: key_usage + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `yes`, the `key_usage` extension field must contain + only these values. This is only used by the `assertonly` provider. This option + is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + name: key_usage_strict + predefined: + - 'Yes' + - 'No' + - description: 'The `extended_key_usage` extension field must contain all these + values. This is only used by the `assertonly` provider. This option is deprecated + since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + isArray: true + name: extended_key_usage + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `yes`, the `extended_key_usage` extension field must + contain only these values. This is only used by the `assertonly` provider. + This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + name: extended_key_usage_strict + predefined: + - 'Yes' + - 'No' + - description: 'The `subject_alt_name` extension field must contain these values. + This is only used by the `assertonly` provider. This option is deprecated + since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + isArray: true + name: subject_alt_name + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `yes`, the `subject_alt_name` extension field must contain + only these values. This is only used by the `assertonly` provider. This option + is deprecated since Ansible 2.9 and will be removed with the `assertonly` + provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`.' + name: subject_alt_name_strict + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library. Please note that the `pyopenssl` backend has been deprecated in Ansible + 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` + backend will be available.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + - auto: PREDEFINED + defaultValue: 'No' + description: 'Create a backup file including a timestamp so you can get the + original certificate back if you overwrote it with a new one by accident. + This is not used by the `assertonly` provider. This option is deprecated since + Ansible 2.9 and will be removed with the `assertonly` provider in Ansible + 2.13. For alternatives, see the example on replacing `assertonly`.' + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: STANDARD_SSL + description: 'Specify the type of certificate requested. This is only used by + the `entrust` provider.' + name: entrust_cert_type + predefined: + - STANDARD_SSL + - ADVANTAGE_SSL + - UC_SSL + - EV_SSL + - WILDCARD_SSL + - PRIVATE_SSL + - PD_SSL + - CDS_ENT_LITE + - CDS_ENT_PRO + - SMIME_ENT + - description: 'The email of the requester of the certificate (for tracking purposes). + This is only used by the `entrust` provider. This is required if the provider + is `entrust`.' + name: entrust_requester_email + - description: 'The name of the requester of the certificate (for tracking purposes). + This is only used by the `entrust` provider. This is required if the provider + is `entrust`.' + name: entrust_requester_name + - description: 'The phone number of the requester of the certificate (for tracking + purposes). This is only used by the `entrust` provider. This is required if + the provider is `entrust`.' + name: entrust_requester_phone + - description: 'The username for authentication to the Entrust Certificate Services + (ECS) API. This is only used by the `entrust` provider. This is required if + the provider is `entrust`.' + name: entrust_api_user + - description: 'The key (password) for authentication to the Entrust Certificate + Services (ECS) API. This is only used by the `entrust` provider. This is required + if the provider is `entrust`.' + name: entrust_api_key + - description: 'The path to the client certificate used to authenticate to the + Entrust Certificate Services (ECS) API. This is only used by the `entrust` + provider. This is required if the provider is `entrust`.' + name: entrust_api_client_cert_path + - description: 'The path to the private key of the client certificate used to + authenticate to the Entrust Certificate Services (ECS) API. This is only used + by the `entrust` provider. This is required if the provider is `entrust`.' + name: entrust_api_client_cert_key_path + - defaultValue: +365d + description: 'The point in time at which the certificate stops being valid. + Time can be specified either as relative time or as an absolute timestamp. + A valid absolute time format is `ASN.1 TIME` such as `2019-06-18`. A valid + relative time format is `[+-]timespec` where timespec can be an integer + + `[w | d | h | m | s]`, such as `+365d` or `+32w1d2h`). Time will always be + interpreted as UTC. Note that only the date (day, month, year) is supported + for specifying the expiry date of the issued certificate. The full date-time + is adjusted to EST (GMT -5:00) before issuance, which may result in a certificate + with an expiration date one day earlier than expected if a relative time is + used. The minimum certificate lifetime is 90 days, and maximum is three years. + If this value is not specified, the certificate will stop being valid 365 + days the date of issue. This is only used by the `entrust` provider.' + name: entrust_not_after + - defaultValue: https://cloud.entrust.net/EntrustCloud/documentation/cms-api-2.1.0.yaml + description: 'The path to the specification file defining the Entrust Certificate + Services (ECS) API configuration. You can use this to keep a local copy of + the specification to avoid downloading it every time the module is used. This + is only used by the `entrust` provider.' + name: entrust_api_specification_path + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate and/or check OpenSSL certificates\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssl_certificate_module.html" + name: openssl-certificate + outputs: + - contextPath: OpenSSL.OpensslCertificate.filename + description: Path to the generated Certificate + type: string + - contextPath: OpenSSL.OpensslCertificate.backup_file + description: Name of backup file created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Remote absolute path where the certificate file is loaded from. + name: path + required: true + - description: 'A dict of names mapping to time specifications. Every time specified + here will be checked whether the certificate is valid at this point. See the + `valid_at` return value for informations on the result. Time can be specified + either as relative time or as absolute timestamp. Time will always be interpreted + as UTC. Valid format is `[+-]timespec | ASN.1 TIME` where timespec can be + an integer + `[w | d | h | m | s]` (e.g. `+32w1d2h`, and ASN.1 TIME (i.e. + pattern `YYYYMMDDHHMMSSZ`). Note that all timestamps will be treated as being + in UTC.' + isArray: true + name: valid_at + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library. Please note that the `pyopenssl` backend has been deprecated in Ansible + 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` + backend will be available.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + description: "Provide information of OpenSSL X.509 certificates\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssl_certificate_info_module.html" + name: openssl-certificate-info + outputs: + - contextPath: OpenSSL.OpensslCertificateInfo.expired + description: Whether the certificate is expired (i.e. `notAfter` is in the past) + type: boolean + - contextPath: OpenSSL.OpensslCertificateInfo.basic_constraints + description: Entries in the `basic_constraints` extension, or `none` if extension + is not present. + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.basic_constraints_critical + description: Whether the `basic_constraints` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCertificateInfo.extended_key_usage + description: Entries in the `extended_key_usage` extension, or `none` if extension + is not present. + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.extended_key_usage_critical + description: Whether the `extended_key_usage` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCertificateInfo.extensions_by_oid + description: Returns a dictionary for every extension OID + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.key_usage + description: Entries in the `key_usage` extension, or `none` if extension is + not present. + type: string + - contextPath: OpenSSL.OpensslCertificateInfo.key_usage_critical + description: Whether the `key_usage` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCertificateInfo.subject_alt_name + description: Entries in the `subject_alt_name` extension, or `none` if extension + is not present. + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.subject_alt_name_critical + description: Whether the `subject_alt_name` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCertificateInfo.ocsp_must_staple + description: '`yes` if the OCSP Must Staple extension is present, `none` otherwise.' + type: boolean + - contextPath: OpenSSL.OpensslCertificateInfo.ocsp_must_staple_critical + description: Whether the `ocsp_must_staple` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCertificateInfo.issuer + description: 'The certificate''s issuer. Note that for repeated values, only + the last one will be returned.' + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.issuer_ordered + description: The certificate's issuer as an ordered list of tuples. + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.subject + description: 'The certificate''s subject as a dictionary. Note that for repeated + values, only the last one will be returned.' + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.subject_ordered + description: The certificate's subject as an ordered list of tuples. + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.not_after + description: '`notAfter` date as ASN.1 TIME' + type: string + - contextPath: OpenSSL.OpensslCertificateInfo.not_before + description: '`notBefore` date as ASN.1 TIME' + type: string + - contextPath: OpenSSL.OpensslCertificateInfo.public_key + description: Certificate's public key in PEM format + type: string + - contextPath: OpenSSL.OpensslCertificateInfo.public_key_fingerprints + description: 'Fingerprints of certificate''s public key. For every hash algorithm + available, the fingerprint is computed.' + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.signature_algorithm + description: The signature algorithm used to sign the certificate. + type: string + - contextPath: OpenSSL.OpensslCertificateInfo.serial_number + description: The certificate's serial number. + type: number + - contextPath: OpenSSL.OpensslCertificateInfo.version + description: The certificate version. + type: number + - contextPath: OpenSSL.OpensslCertificateInfo.valid_at + description: For every time stamp provided in the `valid_at` option, a boolean + whether the certificate is valid at that point in time or not. + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.subject_key_identifier + description: 'The certificate''s subject key identifier. The identifier is returned + in hexadecimal, with `:` used to separate bytes. Is `none` if the `SubjectKeyIdentifier` + extension is not present.' + type: string + - contextPath: OpenSSL.OpensslCertificateInfo.authority_key_identifier + description: 'The certificate''s authority key identifier. The identifier is + returned in hexadecimal, with `:` used to separate bytes. Is `none` if the + `AuthorityKeyIdentifier` extension is not present.' + type: string + - contextPath: OpenSSL.OpensslCertificateInfo.authority_cert_issuer + description: 'The certificate''s authority cert issuer as a list of general + names. Is `none` if the `AuthorityKeyIdentifier` extension is not present.' + type: unknown + - contextPath: OpenSSL.OpensslCertificateInfo.authority_cert_serial_number + description: 'The certificate''s authority cert serial number. Is `none` if + the `AuthorityKeyIdentifier` extension is not present.' + type: number + - contextPath: OpenSSL.OpensslCertificateInfo.ocsp_uri + description: The OCSP responder URI, if included in the certificate. Will be + `none` if no OCSP responder URI is included. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the certificate signing request should exist or not, taking + action if the state is different from what is stated. + name: state + predefined: + - absent + - present + - defaultValue: sha256 + description: The digest used when signing the certificate signing request with + the private key. + name: digest + - description: 'The path to the private key to use when signing the certificate + signing request. Required if `state` is `present`.' + name: privatekey_path + - description: 'The passphrase for the private key. This is required if the private + key is password protected.' + name: privatekey_passphrase + - defaultValue: '1' + description: 'The version of the certificate signing request. The only allowed + value according to `RFC 2986,https://tools.ietf.org/html/rfc2986#section-4.1` + is 1.' + name: version + - auto: PREDEFINED + defaultValue: 'No' + description: Should the certificate signing request be forced regenerated by + this ansible module. + name: force + predefined: + - 'Yes' + - 'No' + - description: The name of the file into which the generated OpenSSL certificate + signing request will be written. + name: path + required: true + - description: 'Key/value pairs that will be present in the subject name field + of the certificate signing request. If you need to specify more than one value + with the same key, use a list as value.' + isArray: true + name: subject + - description: The countryName field of the certificate signing request subject. + name: country_name + - description: The stateOrProvinceName field of the certificate signing request + subject. + name: state_or_province_name + - description: The localityName field of the certificate signing request subject. + name: locality_name + - description: The organizationName field of the certificate signing request subject. + name: organization_name + - description: The organizationalUnitName field of the certificate signing request + subject. + name: organizational_unit_name + - description: The commonName field of the certificate signing request subject. + name: common_name + - description: The emailAddress field of the certificate signing request subject. + name: email_address + - description: 'SAN extension to attach to the certificate signing request. This + can either be a ''comma separated string'' or a YAML list. Values must be + prefixed by their options. (i.e., `email`, `URI`, `DNS`, `RID`, `IP`, `dirName`, + `otherName` and the ones specific to your CA) Note that if no SAN is specified, + but a common name, the common name will be added as a SAN except if `useCommonNameForSAN` + is set to `false`. More at `https://tools.ietf.org/html/rfc5280#section-4.2.1.6`.' + isArray: true + name: subject_alt_name + - description: Should the subjectAltName extension be considered as critical. + name: subject_alt_name_critical + - auto: PREDEFINED + defaultValue: 'Yes' + description: If set to `yes`, the module will fill the common name in for `subject_alt_name` + with `DNS:` prefix if no SAN is specified. + name: use_common_name_for_san + predefined: + - 'Yes' + - 'No' + - description: This defines the purpose (e.g. encipherment, signature, certificate + signing) of the key contained in the certificate. + isArray: true + name: key_usage + - description: Should the keyUsage extension be considered as critical. + name: key_usage_critical + - description: Additional restrictions (e.g. client authentication, server authentication) + on the allowed purposes for which the public key may be used. + isArray: true + name: extended_key_usage + - description: Should the extkeyUsage extension be considered as critical. + name: extended_key_usage_critical + - description: Indicates basic constraints, such as if the certificate is a CA. + isArray: true + name: basic_constraints + - description: Should the basicConstraints extension be considered as critical. + name: basic_constraints_critical + - description: Indicates that the certificate should contain the OCSP Must Staple + extension (`https://tools.ietf.org/html/rfc7633`). + name: ocsp_must_staple + - description: 'Should the OCSP Must Staple extension be considered as critical + Note that according to the RFC, this extension should not be marked as critical, + as old clients not knowing about OCSP Must Staple are required to reject such + certificates (see `https://tools.ietf.org/html/rfc7633#section-4`).' + name: ocsp_must_staple_critical + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library. Please note that the `pyopenssl` backend has been deprecated in Ansible + 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` + backend will be available.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including a timestamp so you can get the original + CSR back if you overwrote it with a new one by accident. + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Create the Subject Key Identifier from the public key. Please + note that commercial CAs can ignore the value, respectively use a value of + their own choice instead. Specifying this option is mostly useful for self-signed + certificates or for own CAs. Note that this is only supported if the `cryptography` + backend is used!' + name: create_subject_key_identifier + predefined: + - 'Yes' + - 'No' + - description: 'The subject key identifier as a hex string, where two bytes are + separated by colons. Example: `00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:22:33` + Please note that commercial CAs ignore this value, respectively use a value + of their own choice. Specifying this option is mostly useful for self-signed + certificates or for own CAs. Note that this option can only be used if `create_subject_key_identifier` + is `no`. Note that this is only supported if the `cryptography` backend is + used!' + name: subject_key_identifier + - description: 'The authority key identifier as a hex string, where two bytes + are separated by colons. Example: `00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:22:33` + If specified, `authority_cert_issuer` must also be specified. Please note + that commercial CAs ignore this value, respectively use a value of their own + choice. Specifying this option is mostly useful for self-signed certificates + or for own CAs. Note that this is only supported if the `cryptography` backend + is used! The `AuthorityKeyIdentifier` will only be added if at least one of + `authority_key_identifier`, `authority_cert_issuer` and `authority_cert_serial_number` + is specified.' + name: authority_key_identifier + - description: 'Names that will be present in the authority cert issuer field + of the certificate signing request. Values must be prefixed by their options. + (i.e., `email`, `URI`, `DNS`, `RID`, `IP`, `dirName`, `otherName` and the + ones specific to your CA) Example: `DNS:ca.example.org` If specified, `authority_key_identifier` + must also be specified. Please note that commercial CAs ignore this value, + respectively use a value of their own choice. Specifying this option is mostly + useful for self-signed certificates or for own CAs. Note that this is only + supported if the `cryptography` backend is used! The `AuthorityKeyIdentifier` + will only be added if at least one of `authority_key_identifier`, `authority_cert_issuer` + and `authority_cert_serial_number` is specified.' + isArray: true + name: authority_cert_issuer + - description: 'The authority cert serial number. Note that this is only supported + if the `cryptography` backend is used! Please note that commercial CAs ignore + this value, respectively use a value of their own choice. Specifying this + option is mostly useful for self-signed certificates or for own CAs. The `AuthorityKeyIdentifier` + will only be added if at least one of `authority_key_identifier`, `authority_cert_issuer` + and `authority_cert_serial_number` is specified.' + name: authority_cert_serial_number + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate OpenSSL Certificate Signing Request (CSR)\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssl_csr_module.html" + name: openssl-csr + outputs: + - contextPath: OpenSSL.OpensslCsr.privatekey + description: Path to the TLS/SSL private key the CSR was generated for + type: string + - contextPath: OpenSSL.OpensslCsr.filename + description: Path to the generated Certificate Signing Request + type: string + - contextPath: OpenSSL.OpensslCsr.subject + description: A list of the subject tuples attached to the CSR + type: unknown + - contextPath: OpenSSL.OpensslCsr.subjectAltName + description: The alternative names this CSR is valid for + type: unknown + - contextPath: OpenSSL.OpensslCsr.keyUsage + description: Purpose for which the public key may be used + type: unknown + - contextPath: OpenSSL.OpensslCsr.extendedKeyUsage + description: Additional restriction on the public key purposes + type: unknown + - contextPath: OpenSSL.OpensslCsr.basicConstraints + description: Indicates if the certificate belongs to a CA + type: unknown + - contextPath: OpenSSL.OpensslCsr.ocsp_must_staple + description: Indicates whether the certificate has the OCSP Must Staple feature + enabled + type: boolean + - contextPath: OpenSSL.OpensslCsr.backup_file + description: Name of backup file created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Remote absolute path where the CSR file is loaded from. + name: path + required: true + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library. Please note that the `pyopenssl` backend has been deprecated in Ansible + 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` + backend will be available.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + description: "Provide information of OpenSSL Certificate Signing Requests (CSR)\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_csr_info_module.html" + name: openssl-csr-info + outputs: + - contextPath: OpenSSL.OpensslCsrInfo.signature_valid + description: 'Whether the CSR''s signature is valid. In case the check returns + `no`, the module will fail.' + type: boolean + - contextPath: OpenSSL.OpensslCsrInfo.basic_constraints + description: Entries in the `basic_constraints` extension, or `none` if extension + is not present. + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.basic_constraints_critical + description: Whether the `basic_constraints` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCsrInfo.extended_key_usage + description: Entries in the `extended_key_usage` extension, or `none` if extension + is not present. + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.extended_key_usage_critical + description: Whether the `extended_key_usage` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCsrInfo.extensions_by_oid + description: Returns a dictionary for every extension OID + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.key_usage + description: Entries in the `key_usage` extension, or `none` if extension is + not present. + type: string + - contextPath: OpenSSL.OpensslCsrInfo.key_usage_critical + description: Whether the `key_usage` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCsrInfo.subject_alt_name + description: Entries in the `subject_alt_name` extension, or `none` if extension + is not present. + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.subject_alt_name_critical + description: Whether the `subject_alt_name` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCsrInfo.ocsp_must_staple + description: '`yes` if the OCSP Must Staple extension is present, `none` otherwise.' + type: boolean + - contextPath: OpenSSL.OpensslCsrInfo.ocsp_must_staple_critical + description: Whether the `ocsp_must_staple` extension is critical. + type: boolean + - contextPath: OpenSSL.OpensslCsrInfo.subject + description: 'The CSR''s subject as a dictionary. Note that for repeated values, + only the last one will be returned.' + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.subject_ordered + description: The CSR's subject as an ordered list of tuples. + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.public_key + description: CSR's public key in PEM format + type: string + - contextPath: OpenSSL.OpensslCsrInfo.public_key_fingerprints + description: 'Fingerprints of CSR''s public key. For every hash algorithm available, + the fingerprint is computed.' + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.subject_key_identifier + description: 'The CSR''s subject key identifier. The identifier is returned + in hexadecimal, with `:` used to separate bytes. Is `none` if the `SubjectKeyIdentifier` + extension is not present.' + type: string + - contextPath: OpenSSL.OpensslCsrInfo.authority_key_identifier + description: 'The CSR''s authority key identifier. The identifier is returned + in hexadecimal, with `:` used to separate bytes. Is `none` if the `AuthorityKeyIdentifier` + extension is not present.' + type: string + - contextPath: OpenSSL.OpensslCsrInfo.authority_cert_issuer + description: 'The CSR''s authority cert issuer as a list of general names. Is + `none` if the `AuthorityKeyIdentifier` extension is not present.' + type: unknown + - contextPath: OpenSSL.OpensslCsrInfo.authority_cert_serial_number + description: 'The CSR''s authority cert serial number. Is `none` if the `AuthorityKeyIdentifier` + extension is not present.' + type: number + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the parameters should exist or not, taking action if the + state is different from what is stated. + name: state + predefined: + - absent + - present + - defaultValue: '4096' + description: Size (in bits) of the generated DH-params. + name: size + - auto: PREDEFINED + defaultValue: 'No' + description: Should the parameters be regenerated even it it already exists. + name: force + predefined: + - 'Yes' + - 'No' + - description: Name of the file in which the generated parameters will be saved. + name: path + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including a timestamp so you can get the original + DH params back if you overwrote them with new ones by accident. + name: backup + predefined: + - 'Yes' + - 'No' + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate OpenSSL Diffie-Hellman Parameters\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssl_dhparam_module.html" + name: openssl-dhparam + outputs: + - contextPath: OpenSSL.OpensslDhparam.size + description: Size (in bits) of the Diffie-Hellman parameters. + type: number + - contextPath: OpenSSL.OpensslDhparam.filename + description: Path to the generated Diffie-Hellman parameters. + type: string + - contextPath: OpenSSL.OpensslDhparam.backup_file + description: Name of backup file created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: export + description: '`export` or `parse` a PKCS#12.' + name: action + predefined: + - export + - parse + - description: List of other certificates to include. Pre 2.8 this parameter was + called `ca_certificates` + isArray: true + name: other_certificates + - description: 'The path to read certificates and private keys from. Must be in + PEM format.' + name: certificate_path + - auto: PREDEFINED + defaultValue: 'No' + description: Should the file be regenerated even if it already exists. + name: force + predefined: + - 'Yes' + - 'No' + - description: Specifies the friendly name for the certificate and private key. + name: friendly_name + - defaultValue: '2048' + description: Number of times to repeat the encryption step. + name: iter_size + - defaultValue: '1' + description: Number of times to repeat the MAC step. + name: maciter_size + - description: The PKCS#12 password. + name: passphrase + - description: Filename to write the PKCS#12 file to. + name: path + required: true + - description: Passphrase source to decrypt any input private keys with. + name: privatekey_passphrase + - description: File to read private key from. + name: privatekey_path + - auto: PREDEFINED + defaultValue: present + description: Whether the file should exist or not. All parameters except `path` + are ignored when state is `absent`. + name: state + predefined: + - absent + - present + - description: PKCS#12 file path to parse. + name: src + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including a timestamp so you can get the original + output file back if you overwrote it with a new one by accident. + name: backup + predefined: + - 'Yes' + - 'No' + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate OpenSSL PKCS#12 archive\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/openssl_pkcs12_module.html" + name: openssl-pkcs12 + outputs: + - contextPath: OpenSSL.OpensslPkcs12.filename + description: Path to the generate PKCS#12 file. + type: string + - contextPath: OpenSSL.OpensslPkcs12.privatekey + description: Path to the TLS/SSL private key the public key was generated from. + type: string + - contextPath: OpenSSL.OpensslPkcs12.backup_file + description: Name of backup file created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the private key should exist or not, taking action if the + state is different from what is stated. + name: state + predefined: + - absent + - present + - defaultValue: '4096' + description: Size (in bits) of the TLS/SSL key to generate. + name: size + - auto: PREDEFINED + defaultValue: RSA + description: 'The algorithm used to generate the TLS/SSL private key. Note that + `ECC`, `X25519`, `X448`, `Ed25519` and `Ed448` require the `cryptography` + backend. `X25519` needs cryptography 2.5 or newer, while `X448`, `Ed25519` + and `Ed448` require cryptography 2.6 or newer. For `ECC`, the minimal cryptography + version required depends on the `curve` option.' + name: type + predefined: + - DSA + - ECC + - Ed25519 + - Ed448 + - RSA + - X25519 + - X448 + - auto: PREDEFINED + description: 'Note that not all curves are supported by all versions of `cryptography`. + For maximal interoperability, `secp384r1` or `secp256r1` should be used. We + use the curve names as defined in the `IANA registry for TLS,https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8`.' + name: curve + predefined: + - secp384r1 + - secp521r1 + - secp224r1 + - secp192r1 + - secp256r1 + - secp256k1 + - brainpoolP256r1 + - brainpoolP384r1 + - brainpoolP512r1 + - sect571k1 + - sect409k1 + - sect283k1 + - sect233k1 + - sect163k1 + - sect571r1 + - sect409r1 + - sect283r1 + - sect233r1 + - sect163r2 + - auto: PREDEFINED + defaultValue: 'No' + description: Should the key be regenerated even if it already exists. + name: force + predefined: + - 'Yes' + - 'No' + - description: Name of the file in which the generated TLS/SSL private key will + be written. It will have 0600 mode. + name: path + required: true + - description: The passphrase for the private key. + name: passphrase + - description: 'The cipher to encrypt the private key. (Valid values can be found + by running `openssl list -cipher-algorithms` or `openssl list-cipher-algorithms`, + depending on your OpenSSL version.) When using the `cryptography` backend, + use `auto`.' + name: cipher + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library. Please note that the `pyopenssl` backend has been deprecated in Ansible + 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` + backend will be available.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including a timestamp so you can get the original + private key back if you overwrote it with a new one by accident. + name: backup + predefined: + - 'Yes' + - 'No' + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate OpenSSL private keys\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/openssl_privatekey_module.html" + name: openssl-privatekey + outputs: + - contextPath: OpenSSL.OpensslPrivatekey.size + description: Size (in bits) of the TLS/SSL private key. + type: number + - contextPath: OpenSSL.OpensslPrivatekey.type + description: Algorithm used to generate the TLS/SSL private key. + type: string + - contextPath: OpenSSL.OpensslPrivatekey.curve + description: Elliptic curve used to generate the TLS/SSL private key. + type: string + - contextPath: OpenSSL.OpensslPrivatekey.filename + description: Path to the generated TLS/SSL private key file. + type: string + - contextPath: OpenSSL.OpensslPrivatekey.fingerprint + description: 'The fingerprint of the public key. Fingerprint will be generated + for each `hashlib.algorithms` available. The PyOpenSSL backend requires PyOpenSSL + >= 16.0 for meaningful output.' + type: unknown + - contextPath: OpenSSL.OpensslPrivatekey.backup_file + description: Name of backup file created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Remote absolute path where the private key file is loaded from. + name: path + required: true + - description: The passphrase for the private key. + name: passphrase + - auto: PREDEFINED + defaultValue: 'No' + description: 'Whether to return private key data. Only set this to `yes` when + you want private information about this key to leave the remote machine. WARNING: + you have to make sure that private key data isn''t accidentally logged!' + name: return_private_key_data + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library. Please note that the `pyopenssl` backend has been deprecated in Ansible + 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` + backend will be available.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + description: "Provide information for OpenSSL private keys\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssl_privatekey_info_module.html" + name: openssl-privatekey-info + outputs: + - contextPath: OpenSSL.OpensslPrivatekeyInfo.can_load_key + description: Whether the module was able to load the private key from disk + type: boolean + - contextPath: OpenSSL.OpensslPrivatekeyInfo.can_parse_key + description: Whether the module was able to parse the private key + type: boolean + - contextPath: OpenSSL.OpensslPrivatekeyInfo.key_is_consistent + description: 'Whether the key is consistent. Can also return `none` next to + `yes` and `no`, to indicate that consistency couldn''t be checked. In case + the check returns `no`, the module will fail.' + type: boolean + - contextPath: OpenSSL.OpensslPrivatekeyInfo.public_key + description: Private key's public key in PEM format + type: string + - contextPath: OpenSSL.OpensslPrivatekeyInfo.public_key_fingerprints + description: 'Fingerprints of private key''s public key. For every hash algorithm + available, the fingerprint is computed.' + type: unknown + - contextPath: OpenSSL.OpensslPrivatekeyInfo.type + description: 'The key''s type. One of `RSA`, `DSA`, `ECC`, `Ed25519`, `X25519`, + `Ed448`, or `X448`. Will start with `unknown` if the key type cannot be determined.' + type: string + - contextPath: OpenSSL.OpensslPrivatekeyInfo.public_data + description: Public key data. Depends on key type. + type: unknown + - contextPath: OpenSSL.OpensslPrivatekeyInfo.private_data + description: Private key data. Depends on key type. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the public key should exist or not, taking action if the + state is different from what is stated. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: Should the key be regenerated even it it already exists. + name: force + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: PEM + description: The format of the public key. + name: format + predefined: + - OpenSSH + - PEM + - description: Name of the file in which the generated TLS/SSL public key will + be written. + name: path + required: true + - description: 'Path to the TLS/SSL private key from which to generate the public + key. Required if `state` is `present`.' + name: privatekey_path + - description: The passphrase for the private key. + name: privatekey_passphrase + - auto: PREDEFINED + defaultValue: 'No' + description: Create a backup file including a timestamp so you can get the original + public key back if you overwrote it with a different one by accident. + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + - description: 'The permissions the resulting file or directory should have. For + those used to `/usr/bin/chmod` remember that modes are actually octal numbers. + You must either add a leading zero so that Ansible''s YAML parser knows it + is an octal number (like `0644` or `01777`) or quote it (like `''644''` or + `''1777''`) so Ansible receives a string and can do its own conversion from + string into number. Giving Ansible a number without following one of these + rules will end up with a decimal number which will have unexpected results. + As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, + `u+rwx` or `u=rw,g=r,o=r`).' + name: mode + - description: Name of the user that should own the file/directory, as would be + fed to `chown`. + name: owner + - description: Name of the group that should own the file/directory, as would + be fed to `chown`. + name: group + - description: 'The user part of the SELinux file context. By default it uses + the `system` policy, where applicable. When set to `_default`, it will use + the `user` portion of the policy if available.' + name: seuser + - description: 'The role part of the SELinux file context. When set to `_default`, + it will use the `role` portion of the policy if available.' + name: serole + - description: 'The type part of the SELinux file context. When set to `_default`, + it will use the `type` portion of the policy if available.' + name: setype + - defaultValue: s0 + description: 'The level part of the SELinux file context. This is the MLS/MCS + attribute, sometimes known as the `range`. When set to `_default`, it will + use the `level` portion of the policy if available.' + name: selevel + - auto: PREDEFINED + defaultValue: 'No' + description: 'Influence when to use atomic operation to prevent data corruption + or inconsistent reads from the target file. By default this module uses atomic + operations to prevent data corruption or inconsistent reads from the target + files, but sometimes systems are configured or just broken in ways that prevent + this. One example is docker mounted files, which cannot be updated atomically + from inside the container and can only be written in an unsafe manner. This + option allows Ansible to fall back to unsafe methods of updating files when + atomic operations fail (however, it doesn''t force Ansible to perform unsafe + writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead + to data corruption.' + name: unsafe_writes + predefined: + - 'Yes' + - 'No' + - description: 'The attributes the resulting file or directory should have. To + get supported flags look at the man page for `chattr` on the target system. + This string should contain the attributes in the same order as the one displayed + by `lsattr`. The `=` operator is assumed as default, otherwise `+` or `-` + operators need to be included in the string.' + name: attributes + description: "Generate an OpenSSL public key from its private key.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/openssl_publickey_module.html" + name: openssl-publickey + outputs: + - contextPath: OpenSSL.OpensslPublickey.privatekey + description: Path to the TLS/SSL private key the public key was generated from. + type: string + - contextPath: OpenSSL.OpensslPublickey.format + description: The format of the public key (PEM, OpenSSH, ...). + type: string + - contextPath: OpenSSL.OpensslPublickey.filename + description: Path to the generated TLS/SSL public key file. + type: string + - contextPath: OpenSSL.OpensslPublickey.fingerprint + description: 'The fingerprint of the public key. Fingerprint will be generated + for each hashlib.algorithms available. Requires PyOpenSSL >= 16.0 for meaningful + output.' + type: unknown + - contextPath: OpenSSL.OpensslPublickey.backup_file + description: Name of backup file created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A concatenated set of certificates in PEM format forming a chain. + The module will try to complete this chain.' + name: input_chain + required: true + - description: 'A list of filenames or directories. A filename is assumed to point + to a file containing one or more certificates in PEM format. All certificates + in this file will be added to the set of root certificates. If a directory + name is given, all files in the directory and its subdirectories will be scanned + and tried to be parsed as concatenated certificates in PEM format. Symbolic + links will be followed.' + isArray: true + name: root_certificates + required: true + - description: 'A list of filenames or directories. A filename is assumed to point + to a file containing one or more certificates in PEM format. All certificates + in this file will be added to the set of root certificates. If a directory + name is given, all files in the directory and its subdirectories will be scanned + and tried to be parsed as concatenated certificates in PEM format. Symbolic + links will be followed.' + isArray: true + name: intermediate_certificates + description: "Complete certificate chain given a set of untrusted and root certificates\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/certificate_complete_chain_module.html" + name: openssl-certificate-complete-chain + outputs: + - contextPath: OpenSSL.CertificateCompleteChain.root + description: The root certificate in PEM format. + type: string + - contextPath: OpenSSL.CertificateCompleteChain.chain + description: 'The chain added to the given input chain. Includes the root certificate. + Returned as a list of PEM certificates.' + type: unknown + - contextPath: OpenSSL.CertificateCompleteChain.complete_chain + description: 'The completed chain, including leaf, all intermediates, and root. + Returned as a list of PEM certificates.' + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The host to get the cert for (IP is fine) + name: ansible-module-host + required: true + - description: 'A PEM file containing one or more root certificates; if present, + the cert will be validated against these root certs. Note that this only validates + the certificate is signed by the chain; not that the cert is valid for the + host presenting it.' + name: ca_cert + - description: The port to connect to + name: port + required: true + - description: Proxy host used when get a certificate. + name: proxy_host + - defaultValue: '8080' + description: Proxy port used when get a certificate. + name: proxy_port + - defaultValue: '10' + description: The timeout in seconds + name: timeout + - auto: PREDEFINED + defaultValue: auto + description: 'Determines which crypto backend to use. The default choice is + `auto`, which tries to use `cryptography` if available, and falls back to + `pyopenssl`. If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` + library. If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` + library.' + name: select_crypto_backend + predefined: + - auto + - cryptography + - pyopenssl + description: "Get a certificate from a host:port\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/get_certificate_module.html" + name: openssl-get-certificate + outputs: + - contextPath: OpenSSL.GetCertificate.cert + description: The certificate retrieved from the port + type: string + - contextPath: OpenSSL.GetCertificate.expired + description: Boolean indicating if the cert is expired + type: boolean + - contextPath: OpenSSL.GetCertificate.extensions + description: Extensions applied to the cert + type: unknown + - contextPath: OpenSSL.GetCertificate.issuer + description: Information about the issuer of the cert + type: unknown + - contextPath: OpenSSL.GetCertificate.not_after + description: Expiration date of the cert + type: string + - contextPath: OpenSSL.GetCertificate.not_before + description: Issue date of the cert + type: string + - contextPath: OpenSSL.GetCertificate.serial_number + description: The serial number of the cert + type: string + - contextPath: OpenSSL.GetCertificate.signature_algorithm + description: The algorithm used to sign the cert + type: string + - contextPath: OpenSSL.GetCertificate.subject + description: Information about the subject of the cert (OU, CN, etc) + type: unknown + - contextPath: OpenSSL.GetCertificate.version + description: The version number of the certificate + type: string + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL_description.md b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL_description.md new file mode 100644 index 000000000000..6c0a9e42a2a0 --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL_description.md @@ -0,0 +1,27 @@ +# Ansible OpenSSL + +This integration enables the management of certificates on Linux hosts directly from XSOAR using SSH and Python. + +# Requirements +The Linux host(s) being managed requires Python >= 2.6. Different commands will use different underlying Ansible modules, and may have their own unique package requirements. Refer to the individual command documentation for further information. + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the Linux host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. + +## Credentials + +This integration supports a number of methods of authenticating with the Linux Host: + +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions + +Whilst un-privileged Linux user privileges can be used, a SuperUser account is recommended as most commands will require elevated permissions to execute. + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!openssl-certificate-info` command providing an example `host` and `path` to a certificate as the command argument. This command will connect to the specified host with the configured credentials in the integration, and if successful output information about the certificate at the path. diff --git a/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL_image.png b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/AnsibleOpenSSL_image.png new file mode 100644 index 0000000000000000000000000000000000000000..3fcf2ddfe6e4de0049f0d905ab9814e350eff241 GIT binary patch literal 1957 zcmV;W2U_@vP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!TC9;kS%J_x}$Io3@1|95@eTiw$=#~uSV^<%%SullI&sec_`)hw&D z)}AA~^hxT-C{Eyv;{?t)PT-8=1kN~4;Edx0&NxosjN=4$I2;a#!{L|$l%%PYOZlqu z)N08_&{|ik^^rlzW|gI|4`7G+xn{P&mKnDt&%kalZX#E}UNdeJ_E&zF!QL=#dr}1+ zEalhZ^!1W$350$YLbrPP|0@kx+fE?d4tvzN5gvryZ`_VZdfwy;JXk9Hh~yZPqk!JR zYJK<{$@-Lwg+)qvUrQF~9hKV136jYINnez+UaGM3VAt|MjOnmZfxQW4H{vHUdeJkeI$l+9Q-P7UqrTi^&I18{+1ACVT5?BtiulpTl z!x6wfpEerU*U;kF=Pu=ePHB1|g)*KVMUP~QYzu__7e(bvu1{5JHRFPyyh?4@e^$Ae zA5uy^K;NLh$8%1UOd{oh{5++-5jkxFKZcZSdLsdfX4&1Y-{iu;ifc*wzS$wBsVeH`nb~#=3 z;K)uEDq^v?5TrA4$$m9$nz(qCMp%YTd7vM5${U zUPEK5SSUxDK%sL6i-q@N;u4m10FCW(lWof)Nt57bXXBm?v&D^boTN$YhEWUFIfrLk z+zAoes#IT!(-rIX>=6$r?+fvwG`!FFn>{%&C=fOx2xZS*J_z0d;YW2&hxgHN>J^@V z?AsyKSOc@bxg~g?W!h`ZweQ7q|1#&*tNw-U`3iQOal3*;bO0L_dvUa(PBDpl(Wtzx zg~mNW5SI7>P}vJnxiX9!Fno@BeGNaL!1;(sSe}J*4epy>-Gvd_0#W-_NDi4Chwntz z!e&=%d;c_91D?y^r(2$fvBA+cz)pp=qabMjdvP!?GhiEnO(}^2L!ytx>l~#vikC*v z8zWS9?`72JgP@L4r4QELFEhnWpZEuoIhViC6XQ{52pY#f;&uxgYT`SCt6_XEo~K}p zij!c_wbHmvaFxR8ie=EO70Kk0C@?Y%FMA<>%i0uq`iQn!qG5_#K<`=YF^TI za1G5MljXz%)1M`sFcE?ArVoibezZ>8?1%(diHrqm7K*`He+Txf+|WxnzsEbt&60Kl zM@)N)OI#ILYj&?Ju&iY`Fv?FYr&apgeybTbtR^#PX_A zV;Ko3^^$n0XiwiOE{gJ(5hN`Nok}i*1tZRtu+%6WaQS3Yk#rYqu5o>Sk~9r_-eu#O z6q@E>2vii8B7e8K)W1ryO`riRR)=yyprFw}mWZFo>Oz6@O@zT>VY9eiwKft~LbX0@ zc7BxVLjc9Vqlt2*D?$SQ}rg8jYQeoLUN> zQK(PDQ@O`#^-yFhx?Y1a?-D;ka1G9<)dBYcPB(7HB$X9bc873!xX8F6-IhW8cWLUu z0qDs&h;g4}3G{)mO7RQuF>yV8Q<}IoxOXEieiFhALD(Ad7{ZLWC}TrhTvDwKFNd&q z(8u-1T&)jLAY0r?gv&mTBArz3Td=f-!sDIBGXt==xDz7nrJ5+0`WGp$ zZyD9V&!%d9nJdmHIwBlxdKc2r8!+EP6 zuBm|YDH|k3=P>*cY&^S99G2O5xFqD>H2)$bvXwfSbS&_ANfOx6J5q<}sQ|;RvmRSd z1$OivCve8;g~0r)LYn_2yQ8;Ed5~qpIl<9e+z_2{oWL2!37m19z!}H=E5nTAdT_>Z r0%sg2aK>>0XB;PR#&H5?8qfO={JU-4TB= 2.6. Different commands will use different underlying Ansible modules, and may have their own unique package requirements. Refer to the individual command documentation for further information. + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the Linux host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. + +## Credentials +This integration supports a number of methods of authenticating with the Linux Host: +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions +Whilst un-privileged Linux user privileges can be used, a SuperUser account is recommended as most commands will require elevated permissions to execute. + +## Privilege Escalation +Ansible can use existing privilege escalation systems to allow a user to execute tasks as another. Different from the user that logged into the machine (remote user). This is done using existing privilege escalation tools, which you probably already use or have configured, like sudo, su, or doas. Unless you are remoting into the system as root (uid 0) you will need to escalate your privileges to a super user. Use the Integration parameters `Escalate Privileges`, `Privilege Escalation Method`, `Privilege Escalation User`, `Privileges Escalation Password` to configure this. + + +## Concurrency +This integration supports execution of commands against multiple hosts concurrently. The `host` parameter accepts a list of addresses, and will run the command in parallel as per the **Concurrency Factor** value. + +## Further information +This integration is powered by Ansible 2.9. Further information can be found on that the following locations: +* [Ansible Getting Started](https://docs.ansible.com/ansible/latest/user_guide/intro_getting_started.html) +* [Module Documentation](https://docs.ansible.com/ansible/2.9/modules/list_of_all_modules.html) + +## Configure Ansible OpenSSL on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible OpenSSL . +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Username | The credentials to associate with the instance. SSH keys can be configured using the credential manager. | True | + | Password | | True | + | Default SSH Port | The default port to use if one is not specified in the commands \`host\` argument. | True | + | Concurrency Factor | If multiple hosts are specified in a command, how many hosts should be interacted with concurrently. | True | + | Escalate Privileges | Ansible allows you to ‘become’ another user, different from the user that
logged into the machine \(remote user\).
| True | + | Privilege Escalation Method | Which privilege escalation method should be used. | True | + | Privilege Escalation User | Set the user you become through privilege escalation | False | + | Privilege Escalation Password | Set the privilege escalation password. | False | + +## Testing +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!openssl-certificate-info` command providing an example `host` and `path` to a certificate as the command argument. This command will connect to the specified host with the configured credentials in the integration, and if successful output information about the certificate at the path. + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. + +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### openssl-certificate +*** +Generate and/or check OpenSSL certificates +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_certificate_module.html + + +#### Base Command + +`openssl-certificate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the certificate should exist or not, taking action if the state is different from what is stated. Possible values are: absent, present. Default is present. | Optional | +| path | Remote absolute path where the generated certificate file should be created or is already located. | Required | +| provider | Name of the provider to use to generate/retrieve the OpenSSL certificate.
The `assertonly` provider will not generate files and fail if the certificate file is missing.
The `assertonly` provider has been deprecated in Ansible 2.9 and will be removed in Ansible 2.13. Please see the examples on how to emulate it with `openssl_certificate_info`, `openssl_csr_info`, `openssl_privatekey_info` and `assert`.
The `entrust` provider was added for Ansible 2.9 and requires credentials for the `https://www.entrustdatacard.com/products/categories/ssl-certificates,Entrust Certificate Services` (ECS) API.
Required if `state` is `present`. Possible values are: acme, assertonly, entrust, ownca, selfsigned. | Optional | +| force | Generate the certificate, even if it already exists. Possible values are: Yes, No. Default is No. | Optional | +| csr_path | Path to the Certificate Signing Request (CSR) used to generate this certificate.
This is not required in `assertonly` mode. | Optional | +| privatekey_path | Path to the private key to use when signing the certificate. | Optional | +| privatekey_passphrase | The passphrase for the `privatekey_path`.
This is required if the private key is password protected. | Optional | +| selfsigned_version | Version of the `selfsigned` certificate.
Nowadays it should almost always be `3`.
This is only used by the `selfsigned` provider. Default is 3. | Optional | +| selfsigned_digest | Digest algorithm to be used when self-signing the certificate.
This is only used by the `selfsigned` provider. Default is sha256. | Optional | +| selfsigned_not_before | The point in time the certificate is valid from.
Time can be specified either as relative time or as absolute timestamp.
Time will always be interpreted as UTC.
Valid format is `[+-]timespec \| ASN.1 TIME` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`.
Note that if using relative time this module is NOT idempotent.
If this value is not specified, the certificate will start being valid from now.
This is only used by the `selfsigned` provider. Default is +0s. | Optional | +| selfsigned_not_after | The point in time at which the certificate stops being valid.
Time can be specified either as relative time or as absolute timestamp.
Time will always be interpreted as UTC.
Valid format is `[+-]timespec \| ASN.1 TIME` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`.
Note that if using relative time this module is NOT idempotent.
If this value is not specified, the certificate will stop being valid 10 years from now.
This is only used by the `selfsigned` provider. Default is +3650d. | Optional | +| selfsigned_create_subject_key_identifier | Whether to create the Subject Key Identifier (SKI) from the public key.
A value of `create_if_not_provided` (default) only creates a SKI when the CSR does not provide one.
A value of `always_create` always creates a SKI. If the CSR provides one, that one is ignored.
A value of `never_create` never creates a SKI. If the CSR provides one, that one is used.
This is only used by the `selfsigned` provider.
Note that this is only supported if the `cryptography` backend is used!. Possible values are: create_if_not_provided, always_create, never_create. Default is create_if_not_provided. | Optional | +| ownca_path | Remote absolute path of the CA (Certificate Authority) certificate.
This is only used by the `ownca` provider. | Optional | +| ownca_privatekey_path | Path to the CA (Certificate Authority) private key to use when signing the certificate.
This is only used by the `ownca` provider. | Optional | +| ownca_privatekey_passphrase | The passphrase for the `ownca_privatekey_path`.
This is only used by the `ownca` provider. | Optional | +| ownca_digest | The digest algorithm to be used for the `ownca` certificate.
This is only used by the `ownca` provider. Default is sha256. | Optional | +| ownca_version | The version of the `ownca` certificate.
Nowadays it should almost always be `3`.
This is only used by the `ownca` provider. Default is 3. | Optional | +| ownca_not_before | The point in time the certificate is valid from.
Time can be specified either as relative time or as absolute timestamp.
Time will always be interpreted as UTC.
Valid format is `[+-]timespec \| ASN.1 TIME` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`.
Note that if using relative time this module is NOT idempotent.
If this value is not specified, the certificate will start being valid from now.
This is only used by the `ownca` provider. Default is +0s. | Optional | +| ownca_not_after | The point in time at which the certificate stops being valid.
Time can be specified either as relative time or as absolute timestamp.
Time will always be interpreted as UTC.
Valid format is `[+-]timespec \| ASN.1 TIME` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`.
Note that if using relative time this module is NOT idempotent.
If this value is not specified, the certificate will stop being valid 10 years from now.
This is only used by the `ownca` provider. Default is +3650d. | Optional | +| ownca_create_subject_key_identifier | Whether to create the Subject Key Identifier (SKI) from the public key.
A value of `create_if_not_provided` (default) only creates a SKI when the CSR does not provide one.
A value of `always_create` always creates a SKI. If the CSR provides one, that one is ignored.
A value of `never_create` never creates a SKI. If the CSR provides one, that one is used.
This is only used by the `ownca` provider.
Note that this is only supported if the `cryptography` backend is used!. Possible values are: create_if_not_provided, always_create, never_create. Default is create_if_not_provided. | Optional | +| ownca_create_authority_key_identifier | Create a Authority Key Identifier from the CA's certificate. If the CSR provided a authority key identifier, it is ignored.
The Authority Key Identifier is generated from the CA certificate's Subject Key Identifier, if available. If it is not available, the CA certificate's public key will be used.
This is only used by the `ownca` provider.
Note that this is only supported if the `cryptography` backend is used!. Possible values are: Yes, No. Default is Yes. | Optional | +| acme_accountkey_path | The path to the accountkey for the `acme` provider.
This is only used by the `acme` provider. | Optional | +| acme_challenge_path | The path to the ACME challenge directory that is served on `http://<HOST>:80/.well-known/acme-challenge/`
This is only used by the `acme` provider. | Optional | +| acme_chain | Include the intermediate certificate to the generated certificate
This is only used by the `acme` provider.
Note that this is only available for older versions of `acme-tiny`. New versions include the chain automatically, and setting `acme_chain` to `yes` results in an error. Possible values are: Yes, No. Default is No. | Optional | +| signature_algorithms | A list of algorithms that you would accept the certificate to be signed with (e.g. ['sha256WithRSAEncryption', 'sha512WithRSAEncryption']).
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| issuer | The key/value pairs that must be present in the issuer name field of the certificate.
If you need to specify more than one value with the same key, use a list as value.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| issuer_strict | If set to `yes`, the `issuer` field must contain only these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. Possible values are: Yes, No. Default is No. | Optional | +| subject | The key/value pairs that must be present in the subject name field of the certificate.
If you need to specify more than one value with the same key, use a list as value.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| subject_strict | If set to `yes`, the `subject` field must contain only these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. Possible values are: Yes, No. Default is No. | Optional | +| has_expired | Checks if the certificate is expired/not expired at the time the module is executed.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. Possible values are: Yes, No. Default is No. | Optional | +| version | The version of the certificate.
Nowadays it should almost always be 3.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| valid_at | The certificate must be valid at this point in time.
The timestamp is formatted as an ASN.1 TIME.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| invalid_at | The certificate must be invalid at this point in time.
The timestamp is formatted as an ASN.1 TIME.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| not_before | The certificate must start to become valid at this point in time.
The timestamp is formatted as an ASN.1 TIME.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| not_after | The certificate must expire at this point in time.
The timestamp is formatted as an ASN.1 TIME.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| valid_in | The certificate must still be valid at this relative time offset from now.
Valid format is `[+-]timespec \| number_of_seconds` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`.
Note that if using this parameter, this module is NOT idempotent.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| key_usage | The `key_usage` extension field must contain all these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| key_usage_strict | If set to `yes`, the `key_usage` extension field must contain only these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. Possible values are: Yes, No. Default is No. | Optional | +| extended_key_usage | The `extended_key_usage` extension field must contain all these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| extended_key_usage_strict | If set to `yes`, the `extended_key_usage` extension field must contain only these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. Possible values are: Yes, No. Default is No. | Optional | +| subject_alt_name | The `subject_alt_name` extension field must contain these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. | Optional | +| subject_alt_name_strict | If set to `yes`, the `subject_alt_name` extension field must contain only these values.
This is only used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. Possible values are: Yes, No. Default is No. | Optional | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library.
Please note that the `pyopenssl` backend has been deprecated in Ansible 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` backend will be available. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | +| backup | Create a backup file including a timestamp so you can get the original certificate back if you overwrote it with a new one by accident.
This is not used by the `assertonly` provider.
This option is deprecated since Ansible 2.9 and will be removed with the `assertonly` provider in Ansible 2.13. For alternatives, see the example on replacing `assertonly`. Possible values are: Yes, No. Default is No. | Optional | +| entrust_cert_type | Specify the type of certificate requested.
This is only used by the `entrust` provider. Possible values are: STANDARD_SSL, ADVANTAGE_SSL, UC_SSL, EV_SSL, WILDCARD_SSL, PRIVATE_SSL, PD_SSL, CDS_ENT_LITE, CDS_ENT_PRO, SMIME_ENT. Default is STANDARD_SSL. | Optional | +| entrust_requester_email | The email of the requester of the certificate (for tracking purposes).
This is only used by the `entrust` provider.
This is required if the provider is `entrust`. | Optional | +| entrust_requester_name | The name of the requester of the certificate (for tracking purposes).
This is only used by the `entrust` provider.
This is required if the provider is `entrust`. | Optional | +| entrust_requester_phone | The phone number of the requester of the certificate (for tracking purposes).
This is only used by the `entrust` provider.
This is required if the provider is `entrust`. | Optional | +| entrust_api_user | The username for authentication to the Entrust Certificate Services (ECS) API.
This is only used by the `entrust` provider.
This is required if the provider is `entrust`. | Optional | +| entrust_api_key | The key (password) for authentication to the Entrust Certificate Services (ECS) API.
This is only used by the `entrust` provider.
This is required if the provider is `entrust`. | Optional | +| entrust_api_client_cert_path | The path to the client certificate used to authenticate to the Entrust Certificate Services (ECS) API.
This is only used by the `entrust` provider.
This is required if the provider is `entrust`. | Optional | +| entrust_api_client_cert_key_path | The path to the private key of the client certificate used to authenticate to the Entrust Certificate Services (ECS) API.
This is only used by the `entrust` provider.
This is required if the provider is `entrust`. | Optional | +| entrust_not_after | The point in time at which the certificate stops being valid.
Time can be specified either as relative time or as an absolute timestamp.
A valid absolute time format is `ASN.1 TIME` such as `2019-06-18`.
A valid relative time format is `[+-]timespec` where timespec can be an integer + `[w \| d \| h \| m \| s]`, such as `+365d` or `+32w1d2h`).
Time will always be interpreted as UTC.
Note that only the date (day, month, year) is supported for specifying the expiry date of the issued certificate.
The full date-time is adjusted to EST (GMT -5:00) before issuance, which may result in a certificate with an expiration date one day earlier than expected if a relative time is used.
The minimum certificate lifetime is 90 days, and maximum is three years.
If this value is not specified, the certificate will stop being valid 365 days the date of issue.
This is only used by the `entrust` provider. Default is +365d. | Optional | +| entrust_api_specification_path | The path to the specification file defining the Entrust Certificate Services (ECS) API configuration.
You can use this to keep a local copy of the specification to avoid downloading it every time the module is used.
This is only used by the `entrust` provider. Default is https://cloud.entrust.net/EntrustCloud/documentation/cms-api-2.1.0.yaml. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslCertificate.filename | string | Path to the generated Certificate | +| OpenSSL.OpensslCertificate.backup_file | string | Name of backup file created. | + + +#### Command Example +```!openssl-certificate host="123.123.123.123" path="/etc/ssl/crt/ansible.com.crt" privatekey_path="/etc/ssl/private/ansible.com.pem" csr_path="/etc/ssl/csr/www.ansible.com.csr" provider="selfsigned" ``` + +#### Context Example +```json +{ + "OpenSSL": { + "OpensslCertificate": { + "changed": false, + "csr": "/etc/ssl/csr/www.ansible.com.csr", + "filename": "/etc/ssl/crt/ansible.com.crt", + "host": "123.123.123.123", + "notAfter": "20310706075859Z", + "notBefore": "20210708075859Z", + "privatekey": "/etc/ssl/private/ansible.com.pem", + "serial_number": 7.301123280537633e+46, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * csr: /etc/ssl/csr/www.ansible.com.csr +> * filename: /etc/ssl/crt/ansible.com.crt +> * notAfter: 20310706075859Z +> * notBefore: 20210708075859Z +> * privatekey: /etc/ssl/private/ansible.com.pem +> * serial_number: 73011232805376328985612064552790767398333247880 + + +### openssl-certificate-info +*** +Provide information of OpenSSL X.509 certificates +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_certificate_info_module.html + + +#### Base Command + +`openssl-certificate-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Remote absolute path where the certificate file is loaded from. | Required | +| valid_at | A dict of names mapping to time specifications. Every time specified here will be checked whether the certificate is valid at this point. See the `valid_at` return value for informations on the result.
Time can be specified either as relative time or as absolute timestamp.
Time will always be interpreted as UTC.
Valid format is `[+-]timespec \| ASN.1 TIME` where timespec can be an integer + `[w \| d \| h \| m \| s]` (e.g. `+32w1d2h`, and ASN.1 TIME (i.e. pattern `YYYYMMDDHHMMSSZ`). Note that all timestamps will be treated as being in UTC. | Optional | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library.
Please note that the `pyopenssl` backend has been deprecated in Ansible 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` backend will be available. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslCertificateInfo.expired | boolean | Whether the certificate is expired \(i.e. \`notAfter\` is in the past\) | +| OpenSSL.OpensslCertificateInfo.basic_constraints | unknown | Entries in the \`basic_constraints\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCertificateInfo.basic_constraints_critical | boolean | Whether the \`basic_constraints\` extension is critical. | +| OpenSSL.OpensslCertificateInfo.extended_key_usage | unknown | Entries in the \`extended_key_usage\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCertificateInfo.extended_key_usage_critical | boolean | Whether the \`extended_key_usage\` extension is critical. | +| OpenSSL.OpensslCertificateInfo.extensions_by_oid | unknown | Returns a dictionary for every extension OID | +| OpenSSL.OpensslCertificateInfo.key_usage | string | Entries in the \`key_usage\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCertificateInfo.key_usage_critical | boolean | Whether the \`key_usage\` extension is critical. | +| OpenSSL.OpensslCertificateInfo.subject_alt_name | unknown | Entries in the \`subject_alt_name\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCertificateInfo.subject_alt_name_critical | boolean | Whether the \`subject_alt_name\` extension is critical. | +| OpenSSL.OpensslCertificateInfo.ocsp_must_staple | boolean | \`yes\` if the OCSP Must Staple extension is present, \`none\` otherwise. | +| OpenSSL.OpensslCertificateInfo.ocsp_must_staple_critical | boolean | Whether the \`ocsp_must_staple\` extension is critical. | +| OpenSSL.OpensslCertificateInfo.issuer | unknown | The certificate's issuer. +Note that for repeated values, only the last one will be returned. | +| OpenSSL.OpensslCertificateInfo.issuer_ordered | unknown | The certificate's issuer as an ordered list of tuples. | +| OpenSSL.OpensslCertificateInfo.subject | unknown | The certificate's subject as a dictionary. +Note that for repeated values, only the last one will be returned. | +| OpenSSL.OpensslCertificateInfo.subject_ordered | unknown | The certificate's subject as an ordered list of tuples. | +| OpenSSL.OpensslCertificateInfo.not_after | string | \`notAfter\` date as ASN.1 TIME | +| OpenSSL.OpensslCertificateInfo.not_before | string | \`notBefore\` date as ASN.1 TIME | +| OpenSSL.OpensslCertificateInfo.public_key | string | Certificate's public key in PEM format | +| OpenSSL.OpensslCertificateInfo.public_key_fingerprints | unknown | Fingerprints of certificate's public key. +For every hash algorithm available, the fingerprint is computed. | +| OpenSSL.OpensslCertificateInfo.signature_algorithm | string | The signature algorithm used to sign the certificate. | +| OpenSSL.OpensslCertificateInfo.serial_number | number | The certificate's serial number. | +| OpenSSL.OpensslCertificateInfo.version | number | The certificate version. | +| OpenSSL.OpensslCertificateInfo.valid_at | unknown | For every time stamp provided in the \`valid_at\` option, a boolean whether the certificate is valid at that point in time or not. | +| OpenSSL.OpensslCertificateInfo.subject_key_identifier | string | The certificate's subject key identifier. +The identifier is returned in hexadecimal, with \`:\` used to separate bytes. +Is \`none\` if the \`SubjectKeyIdentifier\` extension is not present. | +| OpenSSL.OpensslCertificateInfo.authority_key_identifier | string | The certificate's authority key identifier. +The identifier is returned in hexadecimal, with \`:\` used to separate bytes. +Is \`none\` if the \`AuthorityKeyIdentifier\` extension is not present. | +| OpenSSL.OpensslCertificateInfo.authority_cert_issuer | unknown | The certificate's authority cert issuer as a list of general names. +Is \`none\` if the \`AuthorityKeyIdentifier\` extension is not present. | +| OpenSSL.OpensslCertificateInfo.authority_cert_serial_number | number | The certificate's authority cert serial number. +Is \`none\` if the \`AuthorityKeyIdentifier\` extension is not present. | +| OpenSSL.OpensslCertificateInfo.ocsp_uri | string | The OCSP responder URI, if included in the certificate. Will be \`none\` if no OCSP responder URI is included. | + + +#### Command Example +```!openssl-certificate-info host="123.123.123.123" path="/etc/ssl/crt/ansible.com.crt"``` + +#### Context Example +```json +{ + "OpenSSL": { + "OpensslCertificateInfo": { + "authority_cert_issuer": null, + "authority_cert_serial_number": null, + "authority_key_identifier": null, + "basic_constraints": null, + "basic_constraints_critical": false, + "changed": false, + "expired": false, + "extended_key_usage": null, + "extended_key_usage_critical": false, + "extensions_by_oid": { + "1.1.1.1": { + "critical": false, + "value": "BBRtlXuXV61dCrNybX135iGY0y8Yxg==" + }, + "1.1.1.2": { + "critical": false, + "value": "MBGCD3d3dy5hbnNpYmxlLmNvbQ==" + } + }, + "fingerprints": { + "blake2b": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14:11:11:11:11:11:11:11:15:11:11:11:11:11:11:11:16:11:11:11:11:11:11:11:17:11:11:11:11:11:11:11:18", + "blake2s": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "md5": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha1": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_128": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14" + }, + "host": "123.123.123.123", + "issuer": { + "commonName": "www.ansible.com" + }, + "issuer_ordered": [ + [ + "commonName", + "www.ansible.com" + ] + ], + "key_usage": null, + "key_usage_critical": false, + "not_after": "20310706075859Z", + "not_before": "20210708075859Z", + "ocsp_must_staple": null, + "ocsp_must_staple_critical": false, + "ocsp_uri": null, + "public_key": "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2JSDcBy4bxZU7jC5I0p6\n550ylJDYog5bb60it9bK0QZ9N9pGbCSAaWf1untaYr3zrZysFcmeaQKS75utx7Mc\nUgzbiGwTgLJk2fya5cdiMTzQEAwjbnDnmOPviPabXxuR7ZImitD9HF3UkLbpoBAl\nPBPz8h0/kzfvkx+tTiZ+jbFzGqxaV1/5+4VAiaTJ30pNU3Sqk2VeuZJOfllPBYT7\njcJF113bvl/NdhkFaOwMwLwhh4R6Q44UR5aW9zZWREXm+ku46QMbfM3KWNcH0Zfn\n+mgRcFI38jxGe3oWQFgS1lW6ftcCMkobDgA618CGz1OM1QRX7h2qN+9gLCqmcPwg\nQXghLUharRdKXN7Oj9wFBXpiDPNlRyVT5WDBBmxGbZT3GTL2GyI3wButKQuD0rpm\n59+665QuQWWRxdi/bUzQjO70zcw0sMvvnoQBEVSdJPn6NabSiuooiN9barcAdBOP\nN0T27qrZkhgWPO3Cyb+wZV9NxG8PMBFp1jfDlG5mD9lUsUsitJFoS8wfWiouyaIk\n6DG301+bpxSWHxYkEMZg7D5grrq5Ziut7gC+va/Vm49KXrmheLSOI42n/LOWHYoy\nPgTOPJTDB0/S2vR2SUmtDOCs8ENpSQfg8Jl0xepK68bMEDpBlWypz+7y155iJBSp\n0c404Rh6Mlq65yD+C8l30y8CAwEAAQ==\n-----END PUBLIC KEY-----\n", + "public_key_fingerprints": { + "blake2b": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "blake2s": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "md5": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha1": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_128": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14" + }, + "serial_number": 7.301123280537633e+46, + "signature_algorithm": "sha256WithRSAEncryption", + "status": "SUCCESS", + "subject": { + "commonName": "www.ansible.com" + }, + "subject_alt_name": [ + "DNS:www.ansible.com" + ], + "subject_alt_name_critical": false, + "subject_key_identifier": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "subject_ordered": [ + [ + "commonName", + "www.ansible.com" + ] + ], + "valid_at": {}, + "version": 3 + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * authority_cert_issuer: None +> * authority_cert_serial_number: None +> * authority_key_identifier: None +> * basic_constraints: None +> * basic_constraints_critical: False +> * changed: False +> * expired: False +> * extended_key_usage: None +> * extended_key_usage_critical: False +> * key_usage: None +> * key_usage_critical: False +> * not_after: 20310706075859Z +> * not_before: 20210708075859Z +> * ocsp_must_staple: None +> * ocsp_must_staple_critical: False +> * ocsp_uri: None +> * public_key: -----BEGIN PUBLIC KEY----- +>MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2JSDcBy4bxZU7jC5I0p6 +>550ylJDYog5bb60it9bK0QZ9N9pGbCSAaWf1untaYr3zrZysFcmeaQKS75utx7Mc +>UgzbiGwTgLJk2fya5cdiMTzQEAwjbnDnmOPviPabXxuR7ZImitD9HF3UkLbpoBAl +>PBPz8h0/kzfvkx+tTiZ+jbFzGqxaV1/5+4VAiaTJ30pNU3Sqk2VeuZJOfllPBYT7 +>jcJF113bvl/NdhkFaOwMwLwhh4R6Q44UR5aW9zZWREXm+ku46QMbfM3KWNcH0Zfn +>+mgRcFI38jxGe3oWQFgS1lW6ftcCMkobDgA618CGz1OM1QRX7h2qN+9gLCqmcPwg +>QXghLUharRdKXN7Oj9wFBXpiDPNlRyVT5WDBBmxGbZT3GTL2GyI3wButKQuD0rpm +>59+665QuQWWRxdi/bUzQjO70zcw0sMvvnoQBEVSdJPn6NabSiuooiN9barcAdBOP +>N0T27qrZkhgWPO3Cyb+wZV9NxG8PMBFp1jfDlG5mD9lUsUsitJFoS8wfWiouyaIk +>6DG301+bpxSWHxYkEMZg7D5grrq5Ziut7gC+va/Vm49KXrmheLSOI42n/LOWHYoy +>PgTOPJTDB0/S2vR2SUmtDOCs8ENpSQfg8Jl0xepK68bMEDpBlWypz+7y155iJBSp +>0c404Rh6Mlq65yD+C8l30y8CAwEAAQ== +>-----END PUBLIC KEY----- +> +> * serial_number: 73011232805376328985612064552790767398333247880 +> * signature_algorithm: sha256WithRSAEncryption +> * subject_alt_name_critical: False +> * subject_key_identifier: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * version: 3 +> * ## Extensions_By_Oid +> * ### 1.1.1.1 +> * critical: False +> * value: BBRtlXuXV61dCrNybX135iGY0y8Yxg== +> * ### 1.1.1.2 +> * critical: False +> * value: MBGCD3d3dy5hbnNpYmxlLmNvbQ== +> * ## Fingerprints +> * blake2b: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14:11:11:11:11:11:11:11:15:11:11:11:11:11:11:11:16:11:11:11:11:11:11:11:17:11:11:11:11:11:11:11:18 +> * blake2s: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * md5: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha1: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_128: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * ## Issuer +> * commonName: www.ansible.com +> * ## Issuer_Ordered +> * ## List +> * 0: commonName +> * 1: www.ansible.com +> * ## Public_Key_Fingerprints +> * blake2b: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * blake2s: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * md5: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha1: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_128: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * ## Subject +> * commonName: www.ansible.com +> * ## Subject_Alt_Name +> * 0: DNS:www.ansible.com +> * ## Subject_Ordered +> * ## List +> * 0: commonName +> * 1: www.ansible.com +> * ## Valid_At + + +### openssl-csr +*** +Generate OpenSSL Certificate Signing Request (CSR) +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_csr_module.html + + +#### Base Command + +`openssl-csr` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the certificate signing request should exist or not, taking action if the state is different from what is stated. Possible values are: absent, present. Default is present. | Optional | +| digest | The digest used when signing the certificate signing request with the private key. Default is sha256. | Optional | +| privatekey_path | The path to the private key to use when signing the certificate signing request.
Required if `state` is `present`. | Optional | +| privatekey_passphrase | The passphrase for the private key.
This is required if the private key is password protected. | Optional | +| version | The version of the certificate signing request.
The only allowed value according to `RFC 2986,https://tools.ietf.org/html/rfc2986#section-4.1` is 1. Default is 1. | Optional | +| force | Should the certificate signing request be forced regenerated by this ansible module. Possible values are: Yes, No. Default is No. | Optional | +| path | The name of the file into which the generated OpenSSL certificate signing request will be written. | Required | +| subject | Key/value pairs that will be present in the subject name field of the certificate signing request.
If you need to specify more than one value with the same key, use a list as value. | Optional | +| country_name | The countryName field of the certificate signing request subject. | Optional | +| state_or_province_name | The stateOrProvinceName field of the certificate signing request subject. | Optional | +| locality_name | The localityName field of the certificate signing request subject. | Optional | +| organization_name | The organizationName field of the certificate signing request subject. | Optional | +| organizational_unit_name | The organizationalUnitName field of the certificate signing request subject. | Optional | +| common_name | The commonName field of the certificate signing request subject. | Optional | +| email_address | The emailAddress field of the certificate signing request subject. | Optional | +| subject_alt_name | SAN extension to attach to the certificate signing request.
This can either be a 'comma separated string' or a YAML list.
Values must be prefixed by their options. (i.e., `email`, `URI`, `DNS`, `RID`, `IP`, `dirName`, `otherName` and the ones specific to your CA)
Note that if no SAN is specified, but a common name, the common name will be added as a SAN except if `useCommonNameForSAN` is set to `false`.
More at `https://tools.ietf.org/html/rfc5280#section-4.2.1.6`. | Optional | +| subject_alt_name_critical | Should the subjectAltName extension be considered as critical. | Optional | +| use_common_name_for_san | If set to `yes`, the module will fill the common name in for `subject_alt_name` with `DNS:` prefix if no SAN is specified. Possible values are: Yes, No. Default is Yes. | Optional | +| key_usage | This defines the purpose (e.g. encipherment, signature, certificate signing) of the key contained in the certificate. | Optional | +| key_usage_critical | Should the keyUsage extension be considered as critical. | Optional | +| extended_key_usage | Additional restrictions (e.g. client authentication, server authentication) on the allowed purposes for which the public key may be used. | Optional | +| extended_key_usage_critical | Should the extkeyUsage extension be considered as critical. | Optional | +| basic_constraints | Indicates basic constraints, such as if the certificate is a CA. | Optional | +| basic_constraints_critical | Should the basicConstraints extension be considered as critical. | Optional | +| ocsp_must_staple | Indicates that the certificate should contain the OCSP Must Staple extension (`https://tools.ietf.org/html/rfc7633`). | Optional | +| ocsp_must_staple_critical | Should the OCSP Must Staple extension be considered as critical
Note that according to the RFC, this extension should not be marked as critical, as old clients not knowing about OCSP Must Staple are required to reject such certificates (see `https://tools.ietf.org/html/rfc7633#section-4`). | Optional | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library.
Please note that the `pyopenssl` backend has been deprecated in Ansible 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` backend will be available. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | +| backup | Create a backup file including a timestamp so you can get the original CSR back if you overwrote it with a new one by accident. Possible values are: Yes, No. Default is No. | Optional | +| create_subject_key_identifier | Create the Subject Key Identifier from the public key.
Please note that commercial CAs can ignore the value, respectively use a value of their own choice instead. Specifying this option is mostly useful for self-signed certificates or for own CAs.
Note that this is only supported if the `cryptography` backend is used!. Possible values are: Yes, No. Default is No. | Optional | +| subject_key_identifier | The subject key identifier as a hex string, where two bytes are separated by colons.
Example: `00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:22:33`
Please note that commercial CAs ignore this value, respectively use a value of their own choice. Specifying this option is mostly useful for self-signed certificates or for own CAs.
Note that this option can only be used if `create_subject_key_identifier` is `no`.
Note that this is only supported if the `cryptography` backend is used!. | Optional | +| authority_key_identifier | The authority key identifier as a hex string, where two bytes are separated by colons.
Example: `00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff:00:11:22:33`
If specified, `authority_cert_issuer` must also be specified.
Please note that commercial CAs ignore this value, respectively use a value of their own choice. Specifying this option is mostly useful for self-signed certificates or for own CAs.
Note that this is only supported if the `cryptography` backend is used!
The `AuthorityKeyIdentifier` will only be added if at least one of `authority_key_identifier`, `authority_cert_issuer` and `authority_cert_serial_number` is specified. | Optional | +| authority_cert_issuer | Names that will be present in the authority cert issuer field of the certificate signing request.
Values must be prefixed by their options. (i.e., `email`, `URI`, `DNS`, `RID`, `IP`, `dirName`, `otherName` and the ones specific to your CA)
Example: `DNS:ca.example.org`
If specified, `authority_key_identifier` must also be specified.
Please note that commercial CAs ignore this value, respectively use a value of their own choice. Specifying this option is mostly useful for self-signed certificates or for own CAs.
Note that this is only supported if the `cryptography` backend is used!
The `AuthorityKeyIdentifier` will only be added if at least one of `authority_key_identifier`, `authority_cert_issuer` and `authority_cert_serial_number` is specified. | Optional | +| authority_cert_serial_number | The authority cert serial number.
Note that this is only supported if the `cryptography` backend is used!
Please note that commercial CAs ignore this value, respectively use a value of their own choice. Specifying this option is mostly useful for self-signed certificates or for own CAs.
The `AuthorityKeyIdentifier` will only be added if at least one of `authority_key_identifier`, `authority_cert_issuer` and `authority_cert_serial_number` is specified. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslCsr.privatekey | string | Path to the TLS/SSL private key the CSR was generated for | +| OpenSSL.OpensslCsr.filename | string | Path to the generated Certificate Signing Request | +| OpenSSL.OpensslCsr.subject | unknown | A list of the subject tuples attached to the CSR | +| OpenSSL.OpensslCsr.subjectAltName | unknown | The alternative names this CSR is valid for | +| OpenSSL.OpensslCsr.keyUsage | unknown | Purpose for which the public key may be used | +| OpenSSL.OpensslCsr.extendedKeyUsage | unknown | Additional restriction on the public key purposes | +| OpenSSL.OpensslCsr.basicConstraints | unknown | Indicates if the certificate belongs to a CA | +| OpenSSL.OpensslCsr.ocsp_must_staple | boolean | Indicates whether the certificate has the OCSP Must Staple feature enabled | +| OpenSSL.OpensslCsr.backup_file | string | Name of backup file created. | + + +#### Command Example +```!openssl-csr host="123.123.123.123" path="/etc/ssl/csr/www.ansible.com.csr" privatekey_path="/etc/ssl/private/ansible.com.pem" common_name="www.ansible.com" ``` + +#### Context Example +```json +{ + "OpenSSL": { + "OpensslCsr": { + "basicConstraints": null, + "changed": false, + "extendedKeyUsage": null, + "filename": "/etc/ssl/csr/www.ansible.com.csr", + "host": "123.123.123.123", + "keyUsage": null, + "name_constraints_excluded": [], + "name_constraints_permitted": [], + "ocspMustStaple": false, + "privatekey": "/etc/ssl/private/ansible.com.pem", + "status": "SUCCESS", + "subject": [ + [ + "CN", + "www.ansible.com" + ] + ], + "subjectAltName": [ + "DNS:www.ansible.com" + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * basicConstraints: None +> * changed: False +> * extendedKeyUsage: None +> * filename: /etc/ssl/csr/www.ansible.com.csr +> * keyUsage: None +> * ocspMustStaple: False +> * privatekey: /etc/ssl/private/ansible.com.pem +> * ## Name_Constraints_Excluded +> * ## Name_Constraints_Permitted +> * ## Subject +> * ## List +> * 0: CN +> * 1: www.ansible.com +> * ## Subjectaltname +> * 0: DNS:www.ansible.com + + +### openssl-csr-info +*** +Provide information of OpenSSL Certificate Signing Requests (CSR) +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_csr_info_module.html + + +#### Base Command + +`openssl-csr-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Remote absolute path where the CSR file is loaded from. | Required | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library.
Please note that the `pyopenssl` backend has been deprecated in Ansible 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` backend will be available. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslCsrInfo.signature_valid | boolean | Whether the CSR's signature is valid. +In case the check returns \`no\`, the module will fail. | +| OpenSSL.OpensslCsrInfo.basic_constraints | unknown | Entries in the \`basic_constraints\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCsrInfo.basic_constraints_critical | boolean | Whether the \`basic_constraints\` extension is critical. | +| OpenSSL.OpensslCsrInfo.extended_key_usage | unknown | Entries in the \`extended_key_usage\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCsrInfo.extended_key_usage_critical | boolean | Whether the \`extended_key_usage\` extension is critical. | +| OpenSSL.OpensslCsrInfo.extensions_by_oid | unknown | Returns a dictionary for every extension OID | +| OpenSSL.OpensslCsrInfo.key_usage | string | Entries in the \`key_usage\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCsrInfo.key_usage_critical | boolean | Whether the \`key_usage\` extension is critical. | +| OpenSSL.OpensslCsrInfo.subject_alt_name | unknown | Entries in the \`subject_alt_name\` extension, or \`none\` if extension is not present. | +| OpenSSL.OpensslCsrInfo.subject_alt_name_critical | boolean | Whether the \`subject_alt_name\` extension is critical. | +| OpenSSL.OpensslCsrInfo.ocsp_must_staple | boolean | \`yes\` if the OCSP Must Staple extension is present, \`none\` otherwise. | +| OpenSSL.OpensslCsrInfo.ocsp_must_staple_critical | boolean | Whether the \`ocsp_must_staple\` extension is critical. | +| OpenSSL.OpensslCsrInfo.subject | unknown | The CSR's subject as a dictionary. +Note that for repeated values, only the last one will be returned. | +| OpenSSL.OpensslCsrInfo.subject_ordered | unknown | The CSR's subject as an ordered list of tuples. | +| OpenSSL.OpensslCsrInfo.public_key | string | CSR's public key in PEM format | +| OpenSSL.OpensslCsrInfo.public_key_fingerprints | unknown | Fingerprints of CSR's public key. +For every hash algorithm available, the fingerprint is computed. | +| OpenSSL.OpensslCsrInfo.subject_key_identifier | string | The CSR's subject key identifier. +The identifier is returned in hexadecimal, with \`:\` used to separate bytes. +Is \`none\` if the \`SubjectKeyIdentifier\` extension is not present. | +| OpenSSL.OpensslCsrInfo.authority_key_identifier | string | The CSR's authority key identifier. +The identifier is returned in hexadecimal, with \`:\` used to separate bytes. +Is \`none\` if the \`AuthorityKeyIdentifier\` extension is not present. | +| OpenSSL.OpensslCsrInfo.authority_cert_issuer | unknown | The CSR's authority cert issuer as a list of general names. +Is \`none\` if the \`AuthorityKeyIdentifier\` extension is not present. | +| OpenSSL.OpensslCsrInfo.authority_cert_serial_number | number | The CSR's authority cert serial number. +Is \`none\` if the \`AuthorityKeyIdentifier\` extension is not present. | + + +#### Command Example +```!openssl-csr-info host="123.123.123.123" path="/etc/ssl/csr/www.ansible.com.csr"``` + +#### Context Example +```json +{ + "OpenSSL": { + "OpensslCsrInfo": { + "authority_cert_issuer": null, + "authority_cert_serial_number": null, + "authority_key_identifier": null, + "basic_constraints": null, + "basic_constraints_critical": false, + "changed": false, + "extended_key_usage": null, + "extended_key_usage_critical": false, + "extensions_by_oid": { + "1.1.1.2": { + "critical": false, + "value": "MBGCD3d3dy5hbnNpYmxlLmNvbQ==" + } + }, + "host": "123.123.123.123", + "key_usage": null, + "key_usage_critical": false, + "name_constraints_critical": false, + "name_constraints_excluded": null, + "name_constraints_permitted": null, + "ocsp_must_staple": null, + "ocsp_must_staple_critical": false, + "public_key": "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2JSDcBy4bxZU7jC5I0p6\n550ylJDYog5bb60it9bK0QZ9N9pGbCSAaWf1untaYr3zrZysFcmeaQKS75utx7Mc\nUgzbiGwTgLJk2fya5cdiMTzQEAwjbnDnmOPviPabXxuR7ZImitD9HF3UkLbpoBAl\nPBPz8h0/kzfvkx+tTiZ+jbFzGqxaV1/5+4VAiaTJ30pNU3Sqk2VeuZJOfllPBYT7\njcJF113bvl/NdhkFaOwMwLwhh4R6Q44UR5aW9zZWREXm+ku46QMbfM3KWNcH0Zfn\n+mgRcFI38jxGe3oWQFgS1lW6ftcCMkobDgA618CGz1OM1QRX7h2qN+9gLCqmcPwg\nQXghLUharRdKXN7Oj9wFBXpiDPNlRyVT5WDBBmxGbZT3GTL2GyI3wButKQuD0rpm\n59+665QuQWWRxdi/bUzQjO70zcw0sMvvnoQBEVSdJPn6NabSiuooiN9barcAdBOP\nN0T27qrZkhgWPO3Cyb+wZV9NxG8PMBFp1jfDlG5mD9lUsUsitJFoS8wfWiouyaIk\n6DG301+bpxSWHxYkEMZg7D5grrq5Ziut7gC+va/Vm49KXrmheLSOI42n/LOWHYoy\nPgTOPJTDB0/S2vR2SUmtDOCs8ENpSQfg8Jl0xepK68bMEDpBlWypz+7y155iJBSp\n0c404Rh6Mlq65yD+C8l30y8CAwEAAQ==\n-----END PUBLIC KEY-----\n", + "public_key_fingerprints": { + "blake2b": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "blake2s": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "md5": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha1": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_128": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14" + }, + "signature_valid": true, + "status": "SUCCESS", + "subject": { + "commonName": "www.ansible.com" + }, + "subject_alt_name": [ + "DNS:www.ansible.com" + ], + "subject_alt_name_critical": false, + "subject_key_identifier": null, + "subject_ordered": [ + [ + "commonName", + "www.ansible.com" + ] + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * authority_cert_issuer: None +> * authority_cert_serial_number: None +> * authority_key_identifier: None +> * basic_constraints: None +> * basic_constraints_critical: False +> * changed: False +> * extended_key_usage: None +> * extended_key_usage_critical: False +> * key_usage: None +> * key_usage_critical: False +> * name_constraints_critical: False +> * name_constraints_excluded: None +> * name_constraints_permitted: None +> * ocsp_must_staple: None +> * ocsp_must_staple_critical: False +> * public_key: -----BEGIN PUBLIC KEY----- +>MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2JSDcBy4bxZU7jC5I0p6 +>550ylJDYog5bb60it9bK0QZ9N9pGbCSAaWf1untaYr3zrZysFcmeaQKS75utx7Mc +>UgzbiGwTgLJk2fya5cdiMTzQEAwjbnDnmOPviPabXxuR7ZImitD9HF3UkLbpoBAl +>PBPz8h0/kzfvkx+tTiZ+jbFzGqxaV1/5+4VAiaTJ30pNU3Sqk2VeuZJOfllPBYT7 +>jcJF113bvl/NdhkFaOwMwLwhh4R6Q44UR5aW9zZWREXm+ku46QMbfM3KWNcH0Zfn +>+mgRcFI38jxGe3oWQFgS1lW6ftcCMkobDgA618CGz1OM1QRX7h2qN+9gLCqmcPwg +>QXghLUharRdKXN7Oj9wFBXpiDPNlRyVT5WDBBmxGbZT3GTL2GyI3wButKQuD0rpm +>59+665QuQWWRxdi/bUzQjO70zcw0sMvvnoQBEVSdJPn6NabSiuooiN9barcAdBOP +>N0T27qrZkhgWPO3Cyb+wZV9NxG8PMBFp1jfDlG5mD9lUsUsitJFoS8wfWiouyaIk +>6DG301+bpxSWHxYkEMZg7D5grrq5Ziut7gC+va/Vm49KXrmheLSOI42n/LOWHYoy +>PgTOPJTDB0/S2vR2SUmtDOCs8ENpSQfg8Jl0xepK68bMEDpBlWypz+7y155iJBSp +>0c404Rh6Mlq65yD+C8l30y8CAwEAAQ== +>-----END PUBLIC KEY----- +> +> * signature_valid: True +> * subject_alt_name_critical: False +> * subject_key_identifier: None +> * ## Extensions_By_Oid +> * ### 1.1.1.2 +> * critical: False +> * value: MBGCD3d3dy5hbnNpYmxlLmNvbQ== +> * ## Public_Key_Fingerprints +> * blake2b: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * blake2s: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * md5: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha1: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_128: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * ## Subject +> * commonName: www.ansible.com +> * ## Subject_Alt_Name +> * 0: DNS:www.ansible.com +> * ## Subject_Ordered +> * ## List +> * 0: commonName +> * 1: www.ansible.com + + +### openssl-dhparam +*** +Generate OpenSSL Diffie-Hellman Parameters +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_dhparam_module.html + + +#### Base Command + +`openssl-dhparam` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the parameters should exist or not, taking action if the state is different from what is stated. Possible values are: absent, present. Default is present. | Optional | +| size | Size (in bits) of the generated DH-params. Default is 4096. | Optional | +| force | Should the parameters be regenerated even it it already exists. Possible values are: Yes, No. Default is No. | Optional | +| path | Name of the file in which the generated parameters will be saved. | Required | +| backup | Create a backup file including a timestamp so you can get the original DH params back if you overwrote them with new ones by accident. Possible values are: Yes, No. Default is No. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslDhparam.size | number | Size \(in bits\) of the Diffie-Hellman parameters. | +| OpenSSL.OpensslDhparam.filename | string | Path to the generated Diffie-Hellman parameters. | +| OpenSSL.OpensslDhparam.backup_file | string | Name of backup file created. | + + + + +### openssl-pkcs12 +*** +Generate OpenSSL PKCS#12 archive +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_pkcs12_module.html + + +#### Base Command + +`openssl-pkcs12` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| action | `export` or `parse` a PKCS#12. Possible values are: export, parse. Default is export. | Optional | +| other_certificates | List of other certificates to include. Pre 2.8 this parameter was called `ca_certificates`. | Optional | +| certificate_path | The path to read certificates and private keys from.
Must be in PEM format. | Optional | +| force | Should the file be regenerated even if it already exists. Possible values are: Yes, No. Default is No. | Optional | +| friendly_name | Specifies the friendly name for the certificate and private key. | Optional | +| iter_size | Number of times to repeat the encryption step. Default is 2048. | Optional | +| maciter_size | Number of times to repeat the MAC step. Default is 1. | Optional | +| passphrase | The PKCS#12 password. | Optional | +| path | Filename to write the PKCS#12 file to. | Required | +| privatekey_passphrase | Passphrase source to decrypt any input private keys with. | Optional | +| privatekey_path | File to read private key from. | Optional | +| state | Whether the file should exist or not. All parameters except `path` are ignored when state is `absent`. Possible values are: absent, present. Default is present. | Optional | +| src | PKCS#12 file path to parse. | Optional | +| backup | Create a backup file including a timestamp so you can get the original output file back if you overwrote it with a new one by accident. Possible values are: Yes, No. Default is No. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslPkcs12.filename | string | Path to the generate PKCS\#12 file. | +| OpenSSL.OpensslPkcs12.privatekey | string | Path to the TLS/SSL private key the public key was generated from. | +| OpenSSL.OpensslPkcs12.backup_file | string | Name of backup file created. | + + +#### Command Example +```!openssl-pkcs12 host="123.123.123.123" action="export" path="/opt/certs/ansible.p12" friendly_name="raclette" privatekey_path="/etc/ssl/private/ansible.com.pem" certificate_path="/etc/ssl/crt/ansible.com.crt" other_certificates="/etc/ssl/crt/ca.crt" state="present" ``` + +#### Context Example +```json +{ + "OpenSSL": { + "OpensslPkcs12": { + "changed": false, + "filename": "/opt/certs/ansible.p12", + "host": "123.123.123.123", + "mode": "0400", + "privatekey_path": "/etc/ssl/private/ansible.com.pem", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * filename: /opt/certs/ansible.p12 +> * mode: 0400 +> * privatekey_path: /etc/ssl/private/ansible.com.pem + + +### openssl-privatekey +*** +Generate OpenSSL private keys +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_privatekey_module.html + + +#### Base Command + +`openssl-privatekey` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the private key should exist or not, taking action if the state is different from what is stated. Possible values are: absent, present. Default is present. | Optional | +| size | Size (in bits) of the TLS/SSL key to generate. Default is 4096. | Optional | +| type | The algorithm used to generate the TLS/SSL private key.
Note that `ECC`, `X25519`, `X448`, `Ed25519` and `Ed448` require the `cryptography` backend. `X25519` needs cryptography 2.5 or newer, while `X448`, `Ed25519` and `Ed448` require cryptography 2.6 or newer. For `ECC`, the minimal cryptography version required depends on the `curve` option. Possible values are: DSA, ECC, Ed25519, Ed448, RSA, X25519, X448. Default is RSA. | Optional | +| curve | Note that not all curves are supported by all versions of `cryptography`.
For maximal interoperability, `secp384r1` or `secp256r1` should be used.
We use the curve names as defined in the `IANA registry for TLS,https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8`. Possible values are: secp384r1, secp521r1, secp224r1, secp192r1, secp256r1, secp256k1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, sect571k1, sect409k1, sect283k1, sect233k1, sect163k1, sect571r1, sect409r1, sect283r1, sect233r1, sect163r2. | Optional | +| force | Should the key be regenerated even if it already exists. Possible values are: Yes, No. Default is No. | Optional | +| path | Name of the file in which the generated TLS/SSL private key will be written. It will have 0600 mode. | Required | +| passphrase | The passphrase for the private key. | Optional | +| cipher | The cipher to encrypt the private key. (Valid values can be found by running `openssl list -cipher-algorithms` or `openssl list-cipher-algorithms`, depending on your OpenSSL version.)
When using the `cryptography` backend, use `auto`. | Optional | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library.
Please note that the `pyopenssl` backend has been deprecated in Ansible 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` backend will be available. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | +| backup | Create a backup file including a timestamp so you can get the original private key back if you overwrote it with a new one by accident. Possible values are: Yes, No. Default is No. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslPrivatekey.size | number | Size \(in bits\) of the TLS/SSL private key. | +| OpenSSL.OpensslPrivatekey.type | string | Algorithm used to generate the TLS/SSL private key. | +| OpenSSL.OpensslPrivatekey.curve | string | Elliptic curve used to generate the TLS/SSL private key. | +| OpenSSL.OpensslPrivatekey.filename | string | Path to the generated TLS/SSL private key file. | +| OpenSSL.OpensslPrivatekey.fingerprint | unknown | The fingerprint of the public key. Fingerprint will be generated for each \`hashlib.algorithms\` available. +The PyOpenSSL backend requires PyOpenSSL >= 16.0 for meaningful output. | +| OpenSSL.OpensslPrivatekey.backup_file | string | Name of backup file created. | + + +#### Command Example +```!openssl-privatekey host="123.123.123.123" path="/etc/ssl/private/ansible.com.pem" ``` + +#### Context Example +```json +{ + "OpenSSL": { + "OpensslPrivatekey": { + "changed": false, + "filename": "/etc/ssl/private/ansible.com.pem", + "fingerprint": { + "blake2b": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "blake2s": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "md5": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha1": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_128": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14" + }, + "host": "123.123.123.123", + "size": 4096, + "status": "SUCCESS", + "type": "RSA" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * filename: /etc/ssl/private/ansible.com.pem +> * size: 4096 +> * type: RSA +> * ## Fingerprint +> * blake2b: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * blake2s: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * md5: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha1: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_128: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 + + +### openssl-privatekey-info +*** +Provide information for OpenSSL private keys +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_privatekey_info_module.html + + +#### Base Command + +`openssl-privatekey-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Remote absolute path where the private key file is loaded from. | Required | +| passphrase | The passphrase for the private key. | Optional | +| return_private_key_data | Whether to return private key data.
Only set this to `yes` when you want private information about this key to leave the remote machine.
WARNING: you have to make sure that private key data isn't accidentally logged!. Possible values are: Yes, No. Default is No. | Optional | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library.
Please note that the `pyopenssl` backend has been deprecated in Ansible 2.9, and will be removed in Ansible 2.13. From that point on, only the `cryptography` backend will be available. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslPrivatekeyInfo.can_load_key | boolean | Whether the module was able to load the private key from disk | +| OpenSSL.OpensslPrivatekeyInfo.can_parse_key | boolean | Whether the module was able to parse the private key | +| OpenSSL.OpensslPrivatekeyInfo.key_is_consistent | boolean | Whether the key is consistent. Can also return \`none\` next to \`yes\` and \`no\`, to indicate that consistency couldn't be checked. +In case the check returns \`no\`, the module will fail. | +| OpenSSL.OpensslPrivatekeyInfo.public_key | string | Private key's public key in PEM format | +| OpenSSL.OpensslPrivatekeyInfo.public_key_fingerprints | unknown | Fingerprints of private key's public key. +For every hash algorithm available, the fingerprint is computed. | +| OpenSSL.OpensslPrivatekeyInfo.type | string | The key's type. +One of \`RSA\`, \`DSA\`, \`ECC\`, \`Ed25519\`, \`X25519\`, \`Ed448\`, or \`X448\`. +Will start with \`unknown\` if the key type cannot be determined. | +| OpenSSL.OpensslPrivatekeyInfo.public_data | unknown | Public key data. Depends on key type. | +| OpenSSL.OpensslPrivatekeyInfo.private_data | unknown | Private key data. Depends on key type. | + + +### openssl-publickey +*** +Generate an OpenSSL public key from its private key. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/openssl_publickey_module.html + + +#### Base Command + +`openssl-publickey` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the public key should exist or not, taking action if the state is different from what is stated. Possible values are: absent, present. Default is present. | Optional | +| force | Should the key be regenerated even it it already exists. Possible values are: Yes, No. Default is No. | Optional | +| format | The format of the public key. Possible values are: OpenSSH, PEM. Default is PEM. | Optional | +| path | Name of the file in which the generated TLS/SSL public key will be written. | Required | +| privatekey_path | Path to the TLS/SSL private key from which to generate the public key.
Required if `state` is `present`. | Optional | +| privatekey_passphrase | The passphrase for the private key. | Optional | +| backup | Create a backup file including a timestamp so you can get the original public key back if you overwrote it with a different one by accident. Possible values are: Yes, No. Default is No. | Optional | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | +| mode | The permissions the resulting file or directory should have.
For those used to `/usr/bin/chmod` remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like `0644` or `01777`) or quote it (like `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). | Optional | +| owner | Name of the user that should own the file/directory, as would be fed to `chown`. | Optional | +| group | Name of the group that should own the file/directory, as would be fed to `chown`. | Optional | +| seuser | The user part of the SELinux file context.
By default it uses the `system` policy, where applicable.
When set to `_default`, it will use the `user` portion of the policy if available. | Optional | +| serole | The role part of the SELinux file context.
When set to `_default`, it will use the `role` portion of the policy if available. | Optional | +| setype | The type part of the SELinux file context.
When set to `_default`, it will use the `type` portion of the policy if available. | Optional | +| selevel | The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the `range`.
When set to `_default`, it will use the `level` portion of the policy if available. Default is s0. | Optional | +| unsafe_writes | Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Possible values are: Yes, No. Default is No. | Optional | +| attributes | The attributes the resulting file or directory should have.
To get supported flags look at the man page for `chattr` on the target system.
This string should contain the attributes in the same order as the one displayed by `lsattr`.
The `=` operator is assumed as default, otherwise `+` or `-` operators need to be included in the string. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.OpensslPublickey.privatekey | string | Path to the TLS/SSL private key the public key was generated from. | +| OpenSSL.OpensslPublickey.format | string | The format of the public key \(PEM, OpenSSH, ...\). | +| OpenSSL.OpensslPublickey.filename | string | Path to the generated TLS/SSL public key file. | +| OpenSSL.OpensslPublickey.fingerprint | unknown | The fingerprint of the public key. Fingerprint will be generated for each hashlib.algorithms available. +Requires PyOpenSSL >= 16.0 for meaningful output. | +| OpenSSL.OpensslPublickey.backup_file | string | Name of backup file created. | + + +#### Command Example +```!openssl-publickey host="123.123.123.123" path="/etc/ssl/public/ansible.com.pem" privatekey_path="/etc/ssl/private/ansible.com.pem" ``` + +#### Context Example +```json +{ + "OpenSSL": { + "OpensslPublickey": { + "changed": false, + "filename": "/etc/ssl/public/ansible.com.pem", + "fingerprint": { + "blake2b": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "blake2s": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "md5": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha1": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_224": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_384": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha3_512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "sha512": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_128": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14", + "shake_256": "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14" + }, + "format": "PEM", + "host": "123.123.123.123", + "privatekey": "/etc/ssl/private/ansible.com.pem", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * filename: /etc/ssl/public/ansible.com.pem +> * format: PEM +> * privatekey: /etc/ssl/private/ansible.com.pem +> * ## Fingerprint +> * blake2b: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * blake2s: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * md5: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha1: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_224: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_384: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha3_512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * sha512: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_128: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 +> * shake_256: 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:12:11:11:11:11:11:11:11:13:11:11:11:11:11:11:11:14 + + +### openssl-certificate-complete-chain +*** +Complete certificate chain given a set of untrusted and root certificates +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/certificate_complete_chain_module.html + + +#### Base Command + +`openssl-certificate-complete-chain` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| input_chain | A concatenated set of certificates in PEM format forming a chain.
The module will try to complete this chain. | Required | +| root_certificates | A list of filenames or directories.
A filename is assumed to point to a file containing one or more certificates in PEM format. All certificates in this file will be added to the set of root certificates.
If a directory name is given, all files in the directory and its subdirectories will be scanned and tried to be parsed as concatenated certificates in PEM format.
Symbolic links will be followed. | Required | +| intermediate_certificates | A list of filenames or directories.
A filename is assumed to point to a file containing one or more certificates in PEM format. All certificates in this file will be added to the set of root certificates.
If a directory name is given, all files in the directory and its subdirectories will be scanned and tried to be parsed as concatenated certificates in PEM format.
Symbolic links will be followed. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.CertificateCompleteChain.root | string | The root certificate in PEM format. | +| OpenSSL.CertificateCompleteChain.chain | unknown | The chain added to the given input chain. Includes the root certificate. +Returned as a list of PEM certificates. | +| OpenSSL.CertificateCompleteChain.complete_chain | unknown | The completed chain, including leaf, all intermediates, and root. +Returned as a list of PEM certificates. | + + + +### openssl-get-certificate +*** +Get a certificate from a host:port +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/get_certificate_module.html + + +#### Base Command + +`openssl-get-certificate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| ansible-module-host | The host to get the cert for (IP is fine). | Required | +| ca_cert | A PEM file containing one or more root certificates; if present, the cert will be validated against these root certs.
Note that this only validates the certificate is signed by the chain; not that the cert is valid for the host presenting it. | Optional | +| port | The port to connect to. | Required | +| proxy_host | Proxy host used when get a certificate. | Optional | +| proxy_port | Proxy port used when get a certificate. Default is 8080. | Optional | +| timeout | The timeout in seconds. Default is 10. | Optional | +| select_crypto_backend | Determines which crypto backend to use.
The default choice is `auto`, which tries to use `cryptography` if available, and falls back to `pyopenssl`.
If set to `pyopenssl`, will try to use the `pyOpenSSL,https://pypi.org/project/pyOpenSSL/` library.
If set to `cryptography`, will try to use the `cryptography,https://cryptography.io/` library. Possible values are: auto, cryptography, pyopenssl. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| OpenSSL.GetCertificate.cert | string | The certificate retrieved from the port | +| OpenSSL.GetCertificate.expired | boolean | Boolean indicating if the cert is expired | +| OpenSSL.GetCertificate.extensions | unknown | Extensions applied to the cert | +| OpenSSL.GetCertificate.issuer | unknown | Information about the issuer of the cert | +| OpenSSL.GetCertificate.not_after | string | Expiration date of the cert | +| OpenSSL.GetCertificate.not_before | string | Issue date of the cert | +| OpenSSL.GetCertificate.serial_number | string | The serial number of the cert | +| OpenSSL.GetCertificate.signature_algorithm | string | The algorithm used to sign the cert | +| OpenSSL.GetCertificate.subject | unknown | Information about the subject of the cert \(OU, CN, etc\) | +| OpenSSL.GetCertificate.version | string | The version number of the certificate | diff --git a/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/command_examples b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/command_examples new file mode 100644 index 000000000000..7e6e2f0b5e5e --- /dev/null +++ b/Packs/AnsibleLinux/Integrations/AnsibleOpenSSL/command_examples @@ -0,0 +1,12 @@ +!openssl-privatekey host="192.168.1.125" path="/etc/ssl/private/ansible.com.pem" +!openssl-privatekey-info host="192.168.1.125" path="/etc/ssl/private/ansible.com.pem" + +!openssl-csr host="192.168.1.125" path="/etc/ssl/csr/www.ansible.com.csr" privatekey_path="/etc/ssl/private/ansible.com.pem" common_name="www.ansible.com" +!openssl-csr-info host="192.168.1.125" path="/etc/ssl/csr/www.ansible.com.csr" +!openssl-certificate host="192.168.1.125" path="/etc/ssl/crt/ansible.com.crt" privatekey_path="/etc/ssl/private/ansible.com.pem" csr_path="/etc/ssl/csr/www.ansible.com.csr" provider="selfsigned" +!openssl-certificate-info host="192.168.1.125" path="/etc/ssl/crt/ansible.com.crt" +!openssl-dhparam host="192.168.1.125" path="/etc/ssl/dhparams.pem" +!openssl-pkcs12 host="192.168.1.125" action="export" path="/opt/certs/ansible.p12" friendly_name="raclette" privatekey_path="/etc/ssl/private/ansible.com.pem" certificate_path="/etc/ssl/crt/ansible.com.crt" other_certificates="/etc/ssl/crt/ca.crt" state="present" +!openssl-publickey host="192.168.1.125" path="/etc/ssl/public/ansible.com.pem" privatekey_path="/etc/ssl/private/ansible.com.pem" +!openssl-certificate-complete-chain host="192.168.1.125" input_chain="-----BEGIN CERTIFICATE-----MIIEmTCCBECgAwIBAgIQBb+HDNhpTsl6VafIgFviVzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMXQ2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjAwODE2MDAwMDAwWhcNMjEwODE2MTIwMDAwWjBnMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xGDAWBgNVBAMTD3d3dy5hbnNpYmxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLNxR1crbReMrKQnJEj+Dv6g45tMwpl2atPHrECAKOrVZYtTnN9ok4JvAcsXqpxxZaBKiT6bhA30Jm9DWbVvt76jggLpMIIC5TAfBgNVHSMEGDAWgBSlzjfq67B1DpRniLRF+tkkEIeWHzAdBgNVHQ4EFgQUKcrrSnm3sd0RGzXNTUF4CHBI0PMwGgYDVR0RBBMwEYIPd3d3LmFuc2libGUuY29tMA4GA1UdDwEB//wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG//WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNydDAMBgNVHRMBAf8EAjAAMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAFz97nM8QAABAMARzBFAiBSjQs5wu83zzZCtiBUWtqMRX11DxEWPOP4W04vRjjnNQIhAPzxnZE2jJehJ6JX2mXbLS2YN6Zf2xCekHGZ5+mv76+aAHcAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbHDsoAAAFz97nNFgAABAMASDBGAiEAwfcEcqj9q//XDE1A+S5OAyGjxAqcfJBT6Wi48w1hN6ZwCIQCQpOj//KpUNTc0dZz+lQhCvQxcyv//gCcgVqmCdiDf0igDAKBggqhkjOPQQDAgNHADBEAiAjgO8BSA88qM76KLZEB6p5PoTbhbOKPyhZ3k4730kHNgIgArO0jx9S5oYPmCgcZxPlt0m03nyKflpValvh+IogsLI=-----END CERTIFICATE-----" root_certificates="['/etc/ca-certificates/']" +!openssl-get-certificate host="192.168.1.125" host="1.2.3.4" port="3389" \ No newline at end of file diff --git a/Packs/AnsibleLinux/README.md b/Packs/AnsibleLinux/README.md new file mode 100644 index 000000000000..a40cb7a80aec --- /dev/null +++ b/Packs/AnsibleLinux/README.md @@ -0,0 +1,38 @@ +This pack enables you to manage Linux hosts using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack allow you to manage? + +* Users, Groups +* Hostname +* Shares +* Firewalld/iptables/UFW +* Processes +* Files/Folders, ACLs, Disks, Partitions, mounts +* Install software using package managers +* Services +* Download files +* Issue URI requests +* Time +* File contents +* Cron +* ACME Certificates +* OpenSSL +* Java +* SSH Known hosts +* Kernel modules +* PAM +* Python/Pip +* SELinux +* XML +* ISOs +* Archives +* NPM +* Interfaces +* Interactive CLI applications +* DNS Records via NSUpdate + +In addition to this the Linux Integration can be used to retrieve information about: + +* General system info +* Hardware +* Services diff --git a/Packs/AnsibleLinux/pack_metadata.json b/Packs/AnsibleLinux/pack_metadata.json new file mode 100644 index 000000000000..76989328053e --- /dev/null +++ b/Packs/AnsibleLinux/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible Linux", + "description": "Manage and control Linux hosts.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT"], + "useCases": ["IT Services", "Asset Management"], + "keywords": ["Ubuntu", "Debian", "CentOS", "Red Hat", "FreeBSD"] +} \ No newline at end of file diff --git a/Packs/AnsibleMicrosoftWindows/.pack-ignore b/Packs/AnsibleMicrosoftWindows/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleMicrosoftWindows/.secrets-ignore b/Packs/AnsibleMicrosoftWindows/.secrets-ignore new file mode 100644 index 000000000000..9049102efb80 --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/.secrets-ignore @@ -0,0 +1,4 @@ +123.123.123.123 +https://docs.ansible.com +https://chocolatey.org +0.9.9.9 diff --git a/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.py b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.py new file mode 100644 index 000000000000..54d095ba2724 --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.py @@ -0,0 +1,254 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'winrm' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + return_results('This integration does not support testing from this screen. \ + Please refer to the documentation for details on how to perform \ + configuration tests.') + elif command == 'win-gather-facts': + return_results(generic_ansible('MicrosoftWindows', 'gather_facts', args, int_params, host_type)) + elif command == 'win-acl': + return_results(generic_ansible('MicrosoftWindows', 'win_acl', args, int_params, host_type)) + elif command == 'win-acl-inheritance': + return_results(generic_ansible('MicrosoftWindows', 'win_acl_inheritance', args, int_params, host_type)) + elif command == 'win-audit-policy-system': + return_results(generic_ansible('MicrosoftWindows', 'win_audit_policy_system', args, int_params, host_type)) + elif command == 'win-audit-rule': + return_results(generic_ansible('MicrosoftWindows', 'win_audit_rule', args, int_params, host_type)) + elif command == 'win-certificate-store': + return_results(generic_ansible('MicrosoftWindows', 'win_certificate_store', args, int_params, host_type)) + elif command == 'win-chocolatey': + return_results(generic_ansible('MicrosoftWindows', 'win_chocolatey', args, int_params, host_type)) + elif command == 'win-chocolatey-config': + return_results(generic_ansible('MicrosoftWindows', 'win_chocolatey_config', args, int_params, host_type)) + elif command == 'win-chocolatey-facts': + return_results(generic_ansible('MicrosoftWindows', 'win_chocolatey_facts', args, int_params, host_type)) + elif command == 'win-chocolatey-feature': + return_results(generic_ansible('MicrosoftWindows', 'win_chocolatey_feature', args, int_params, host_type)) + elif command == 'win-chocolatey-source': + return_results(generic_ansible('MicrosoftWindows', 'win_chocolatey_source', args, int_params, host_type)) + elif command == 'win-copy': + return_results(generic_ansible('MicrosoftWindows', 'win_copy', args, int_params, host_type)) + elif command == 'win-credential': + return_results(generic_ansible('MicrosoftWindows', 'win_credential', args, int_params, host_type)) + elif command == 'win-defrag': + return_results(generic_ansible('MicrosoftWindows', 'win_defrag', args, int_params, host_type)) + elif command == 'win-disk-facts': + return_results(generic_ansible('MicrosoftWindows', 'win_disk_facts', args, int_params, host_type)) + elif command == 'win-disk-image': + return_results(generic_ansible('MicrosoftWindows', 'win_disk_image', args, int_params, host_type)) + elif command == 'win-dns-client': + return_results(generic_ansible('MicrosoftWindows', 'win_dns_client', args, int_params, host_type)) + elif command == 'win-dns-record': + return_results(generic_ansible('MicrosoftWindows', 'win_dns_record', args, int_params, host_type)) + elif command == 'win-domain': + return_results(generic_ansible('MicrosoftWindows', 'win_domain', args, int_params, host_type)) + elif command == 'win-domain-computer': + return_results(generic_ansible('MicrosoftWindows', 'win_domain_computer', args, int_params, host_type)) + elif command == 'win-domain-controller': + return_results(generic_ansible('MicrosoftWindows', 'win_domain_controller', args, int_params, host_type)) + elif command == 'win-domain-group': + return_results(generic_ansible('MicrosoftWindows', 'win_domain_group', args, int_params, host_type)) + elif command == 'win-domain-group-membership': + return_results(generic_ansible('MicrosoftWindows', 'win_domain_group_membership', args, int_params, host_type)) + elif command == 'win-domain-membership': + return_results(generic_ansible('MicrosoftWindows', 'win_domain_membership', args, int_params, host_type)) + elif command == 'win-domain-user': + return_results(generic_ansible('MicrosoftWindows', 'win_domain_user', args, int_params, host_type)) + elif command == 'win-dotnet-ngen': + return_results(generic_ansible('MicrosoftWindows', 'win_dotnet_ngen', args, int_params, host_type)) + elif command == 'win-dsc': + return_results(generic_ansible('MicrosoftWindows', 'win_dsc', args, int_params, host_type)) + elif command == 'win-environment': + return_results(generic_ansible('MicrosoftWindows', 'win_environment', args, int_params, host_type)) + elif command == 'win-eventlog': + return_results(generic_ansible('MicrosoftWindows', 'win_eventlog', args, int_params, host_type)) + elif command == 'win-eventlog-entry': + return_results(generic_ansible('MicrosoftWindows', 'win_eventlog_entry', args, int_params, host_type)) + elif command == 'win-feature': + return_results(generic_ansible('MicrosoftWindows', 'win_feature', args, int_params, host_type)) + elif command == 'win-file': + return_results(generic_ansible('MicrosoftWindows', 'win_file', args, int_params, host_type)) + elif command == 'win-file-version': + return_results(generic_ansible('MicrosoftWindows', 'win_file_version', args, int_params, host_type)) + elif command == 'win-find': + return_results(generic_ansible('MicrosoftWindows', 'win_find', args, int_params, host_type)) + elif command == 'win-firewall': + return_results(generic_ansible('MicrosoftWindows', 'win_firewall', args, int_params, host_type)) + elif command == 'win-firewall-rule': + return_results(generic_ansible('MicrosoftWindows', 'win_firewall_rule', args, int_params, host_type)) + elif command == 'win-format': + return_results(generic_ansible('MicrosoftWindows', 'win_format', args, int_params, host_type)) + elif command == 'win-get-url': + return_results(generic_ansible('MicrosoftWindows', 'win_get_url', args, int_params, host_type)) + elif command == 'win-group': + return_results(generic_ansible('MicrosoftWindows', 'win_group', args, int_params, host_type)) + elif command == 'win-group-membership': + return_results(generic_ansible('MicrosoftWindows', 'win_group_membership', args, int_params, host_type)) + elif command == 'win-hostname': + return_results(generic_ansible('MicrosoftWindows', 'win_hostname', args, int_params, host_type)) + elif command == 'win-hosts': + return_results(generic_ansible('MicrosoftWindows', 'win_hosts', args, int_params, host_type)) + elif command == 'win-hotfix': + return_results(generic_ansible('MicrosoftWindows', 'win_hotfix', args, int_params, host_type)) + elif command == 'win-http-proxy': + return_results(generic_ansible('MicrosoftWindows', 'win_http_proxy', args, int_params, host_type)) + elif command == 'win-iis-virtualdirectory': + return_results(generic_ansible('MicrosoftWindows', 'win_iis_virtualdirectory', args, int_params, host_type)) + elif command == 'win-iis-webapplication': + return_results(generic_ansible('MicrosoftWindows', 'win_iis_webapplication', args, int_params, host_type)) + elif command == 'win-iis-webapppool': + return_results(generic_ansible('MicrosoftWindows', 'win_iis_webapppool', args, int_params, host_type)) + elif command == 'win-iis-webbinding': + return_results(generic_ansible('MicrosoftWindows', 'win_iis_webbinding', args, int_params, host_type)) + elif command == 'win-iis-website': + return_results(generic_ansible('MicrosoftWindows', 'win_iis_website', args, int_params, host_type)) + elif command == 'win-inet-proxy': + return_results(generic_ansible('MicrosoftWindows', 'win_inet_proxy', args, int_params, host_type)) + elif command == 'win-lineinfile': + return_results(generic_ansible('MicrosoftWindows', 'win_lineinfile', args, int_params, host_type)) + elif command == 'win-mapped-drive': + return_results(generic_ansible('MicrosoftWindows', 'win_mapped_drive', args, int_params, host_type)) + elif command == 'win-msg': + return_results(generic_ansible('MicrosoftWindows', 'win_msg', args, int_params, host_type)) + elif command == 'win-netbios': + return_results(generic_ansible('MicrosoftWindows', 'win_netbios', args, int_params, host_type)) + elif command == 'win-nssm': + return_results(generic_ansible('MicrosoftWindows', 'win_nssm', args, int_params, host_type)) + elif command == 'win-optional-feature': + return_results(generic_ansible('MicrosoftWindows', 'win_optional_feature', args, int_params, host_type)) + elif command == 'win-owner': + return_results(generic_ansible('MicrosoftWindows', 'win_owner', args, int_params, host_type)) + elif command == 'win-package': + return_results(generic_ansible('MicrosoftWindows', 'win_package', args, int_params, host_type)) + elif command == 'win-pagefile': + return_results(generic_ansible('MicrosoftWindows', 'win_pagefile', args, int_params, host_type)) + elif command == 'win-partition': + return_results(generic_ansible('MicrosoftWindows', 'win_partition', args, int_params, host_type)) + elif command == 'win-path': + return_results(generic_ansible('MicrosoftWindows', 'win_path', args, int_params, host_type)) + elif command == 'win-pester': + return_results(generic_ansible('MicrosoftWindows', 'win_pester', args, int_params, host_type)) + elif command == 'win-ping': + return_results(generic_ansible('MicrosoftWindows', 'win_ping', args, int_params, host_type)) + elif command == 'win-power-plan': + return_results(generic_ansible('MicrosoftWindows', 'win_power_plan', args, int_params, host_type)) + elif command == 'win-product-facts': + return_results(generic_ansible('MicrosoftWindows', 'win_product_facts', args, int_params, host_type)) + elif command == 'win-psexec': + return_results(generic_ansible('MicrosoftWindows', 'win_psexec', args, int_params, host_type)) + elif command == 'win-psmodule': + return_results(generic_ansible('MicrosoftWindows', 'win_psmodule', args, int_params, host_type)) + elif command == 'win-psrepository': + return_results(generic_ansible('MicrosoftWindows', 'win_psrepository', args, int_params, host_type)) + elif command == 'win-rabbitmq-plugin': + return_results(generic_ansible('MicrosoftWindows', 'win_rabbitmq_plugin', args, int_params, host_type)) + elif command == 'win-rds-cap': + return_results(generic_ansible('MicrosoftWindows', 'win_rds_cap', args, int_params, host_type)) + elif command == 'win-rds-rap': + return_results(generic_ansible('MicrosoftWindows', 'win_rds_rap', args, int_params, host_type)) + elif command == 'win-rds-settings': + return_results(generic_ansible('MicrosoftWindows', 'win_rds_settings', args, int_params, host_type)) + elif command == 'win-reboot': + return_results(generic_ansible('MicrosoftWindows', 'win_reboot', args, int_params, host_type)) + elif command == 'win-reg-stat': + return_results(generic_ansible('MicrosoftWindows', 'win_reg_stat', args, int_params, host_type)) + elif command == 'win-regedit': + return_results(generic_ansible('MicrosoftWindows', 'win_regedit', args, int_params, host_type)) + elif command == 'win-region': + return_results(generic_ansible('MicrosoftWindows', 'win_region', args, int_params, host_type)) + elif command == 'win-regmerge': + return_results(generic_ansible('MicrosoftWindows', 'win_regmerge', args, int_params, host_type)) + elif command == 'win-robocopy': + return_results(generic_ansible('MicrosoftWindows', 'win_robocopy', args, int_params, host_type)) + elif command == 'win-route': + return_results(generic_ansible('MicrosoftWindows', 'win_route', args, int_params, host_type)) + elif command == 'win-say': + return_results(generic_ansible('MicrosoftWindows', 'win_say', args, int_params, host_type)) + elif command == 'win-scheduled-task': + return_results(generic_ansible('MicrosoftWindows', 'win_scheduled_task', args, int_params, host_type)) + elif command == 'win-scheduled-task-stat': + return_results(generic_ansible('MicrosoftWindows', 'win_scheduled_task_stat', args, int_params, host_type)) + elif command == 'win-security-policy': + return_results(generic_ansible('MicrosoftWindows', 'win_security_policy', args, int_params, host_type)) + elif command == 'win-service': + return_results(generic_ansible('MicrosoftWindows', 'win_service', args, int_params, host_type)) + elif command == 'win-share': + return_results(generic_ansible('MicrosoftWindows', 'win_share', args, int_params, host_type)) + elif command == 'win-shortcut': + return_results(generic_ansible('MicrosoftWindows', 'win_shortcut', args, int_params, host_type)) + elif command == 'win-snmp': + return_results(generic_ansible('MicrosoftWindows', 'win_snmp', args, int_params, host_type)) + elif command == 'win-stat': + return_results(generic_ansible('MicrosoftWindows', 'win_stat', args, int_params, host_type)) + elif command == 'win-tempfile': + return_results(generic_ansible('MicrosoftWindows', 'win_tempfile', args, int_params, host_type)) + elif command == 'win-template': + return_results(generic_ansible('MicrosoftWindows', 'win_template', args, int_params, host_type)) + elif command == 'win-timezone': + return_results(generic_ansible('MicrosoftWindows', 'win_timezone', args, int_params, host_type)) + elif command == 'win-toast': + return_results(generic_ansible('MicrosoftWindows', 'win_toast', args, int_params, host_type)) + elif command == 'win-unzip': + return_results(generic_ansible('MicrosoftWindows', 'win_unzip', args, int_params, host_type)) + elif command == 'win-updates': + return_results(generic_ansible('MicrosoftWindows', 'win_updates', args, int_params, host_type)) + elif command == 'win-uri': + return_results(generic_ansible('MicrosoftWindows', 'win_uri', args, int_params, host_type)) + elif command == 'win-user': + return_results(generic_ansible('MicrosoftWindows', 'win_user', args, int_params, host_type)) + elif command == 'win-user-profile': + return_results(generic_ansible('MicrosoftWindows', 'win_user_profile', args, int_params, host_type)) + elif command == 'win-user-right': + return_results(generic_ansible('MicrosoftWindows', 'win_user_right', args, int_params, host_type)) + elif command == 'win-wait-for': + return_results(generic_ansible('MicrosoftWindows', 'win_wait_for', args, int_params, host_type)) + elif command == 'win-wait-for-process': + return_results(generic_ansible('MicrosoftWindows', 'win_wait_for_process', args, int_params, host_type)) + elif command == 'win-wakeonlan': + return_results(generic_ansible('MicrosoftWindows', 'win_wakeonlan', args, int_params, host_type)) + elif command == 'win-webpicmd': + return_results(generic_ansible('MicrosoftWindows', 'win_webpicmd', args, int_params, host_type)) + elif command == 'win-whoami': + return_results(generic_ansible('MicrosoftWindows', 'win_whoami', args, int_params, host_type)) + elif command == 'win-xml': + return_results(generic_ansible('MicrosoftWindows', 'win_xml', args, int_params, host_type)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.yml b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.yml new file mode 100644 index 000000000000..10cd36cc63e3 --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows.yml @@ -0,0 +1,6025 @@ +category: IT Services +commonfields: + id: AnsibleMicrosoftWindows + version: -1 +configuration: +- additionalinfo: The credentials to associate with the instance. + display: Username + name: creds + required: true + type: 9 +- additionalinfo: The default port to use if one is not specified in the commands + `host` argument. If 5985 is specified the HTTP transport method will be used. + Otherwise HTTPS will be used for all other ports + defaultvalue: 5985 + display: Default WinRM Port + name: port + required: true + type: 0 +- additionalinfo: If multiple hosts are specified in a command, how many hosts should + be interacted with concurrently. + defaultvalue: '4' + display: Concurrency Factor + name: concurrency + required: true + type: 0 +description: Agentless Windows host management over WinRM +display: Ansible Microsoft Windows +fromversion: 6.0.0 +name: AnsibleMicrosoftWindows +script: + commands: + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A toggle that controls if the fact modules are executed in parallel + or serially and in order. This can guarantee the merge order of module facts + at the expense of performance. By default it will be true if more than one + fact module is used.' + name: parallel + description: "Gathers facts about remote hosts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/gather_facts_module.html" + name: win-gather-facts + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The path to the file or directory. + name: path + required: true + - description: User or Group to add specified rights to act on src file/folder + or registry key. + name: user + required: true + - auto: PREDEFINED + defaultValue: present + description: Specify whether to add `present` or remove `absent` the specified + access rule. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + description: Specify whether to allow or deny the rights specified. + name: type + predefined: + - allow + - deny + required: true + - description: 'The rights/permissions that are to be allowed/denied for the specified + user or group for the item at `path`. If `path` is a file or directory, rights + can be any right under MSDN FileSystemRights `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx`. + If `path` is a registry key, rights can be any right under MSDN RegistryRights + `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.registryrights.aspx`.' + name: rights + required: true + - auto: PREDEFINED + description: 'Inherit flags on the ACL rules. Can be specified as a comma separated + list, e.g. `ContainerInherit`, `ObjectInherit`. For more information on the + choices see MSDN InheritanceFlags enumeration at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.inheritanceflags.aspx`. + Defaults to `ContainerInherit, ObjectInherit` for Directories.' + name: inherit + predefined: + - ContainerInherit + - ObjectInherit + - auto: PREDEFINED + defaultValue: None + description: 'Propagation flag on the ACL rules. For more information on the + choices see MSDN PropagationFlags enumeration at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.propagationflags.aspx`.' + name: propagation + predefined: + - InheritOnly + - None + - NoPropagateInherit + description: "Set file/directory/registry permissions for a system user or group\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_acl_module.html" + name: win-acl + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Path to be used for changing inheritance + name: path + required: true + - auto: PREDEFINED + defaultValue: absent + description: Specify whether to enable `present` or disable `absent` ACL inheritance. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: 'For P(state) = `absent`, indicates if the inherited ACE''s should + be copied from the parent directory. This is necessary (in combination with + removal) for a simple ACL instead of using multiple ACE deny entries. For + P(state) = `present`, indicates if the inherited ACE''s should be deduplicated + compared to the parent directory. This removes complexity of the ACL structure.' + name: reorganize + predefined: + - 'Yes' + - 'No' + description: "Change ACL inheritance\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_acl_inheritance_module.html" + name: win-acl-inheritance + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Single string value for the category you would like to adjust + the policy on. Cannot be used with `subcategory`. You must define one or the + other. Changing this setting causes all subcategories to be adjusted to the + defined `audit_type`.' + name: category + - description: 'Single string value for the subcategory you would like to adjust + the policy on. Cannot be used with `category`. You must define one or the + other.' + name: subcategory + - auto: PREDEFINED + description: 'The type of event you would like to audit for. Accepts a list. + See examples.' + isArray: true + name: audit_type + predefined: + - failure + - none + - success + required: true + description: "Used to make changes to the system wide Audit Policy\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_audit_policy_system_module.html" + name: win-audit-policy-system + outputs: + - contextPath: MicrosoftWindows.WinAuditPolicySystem.current_audit_policy + description: details on the policy being targetted + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Path to the file, folder, or registry key. Registry paths should + be in Powershell format, beginning with an abbreviation for the root such + as, `HKLM:\Software`.' + name: path + required: true + - description: The user or group to adjust rules for. + name: user + required: true + - description: 'Comma separated list of the rights desired. Only required for + adding a rule. If `path` is a file or directory, rights can be any right under + MSDN FileSystemRights `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx`. + If `path` is a registry key, rights can be any right under MSDN RegistryRights + `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.registryrights.aspx`.' + isArray: true + name: rights + required: true + - auto: PREDEFINED + defaultValue: ContainerInherit,ObjectInherit + description: 'Defines what objects inside of a folder or registry key will inherit + the settings. If you are setting a rule on a file, this value has to be changed + to `none`. For more information on the choices see MSDN PropagationFlags enumeration + at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.inheritanceflags.aspx`.' + isArray: true + name: inheritance_flags + predefined: + - ContainerInherit + - ObjectInherit + - auto: PREDEFINED + defaultValue: None + description: 'Propagation flag on the audit rules. This value is ignored when + the path type is a file. For more information on the choices see MSDN PropagationFlags + enumeration at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.propagationflags.aspx`.' + name: propagation_flags + predefined: + - None + - InherityOnly + - NoPropagateInherit + - auto: PREDEFINED + description: 'Defines whether to log on failure, success, or both. To log both + define as comma separated list "Success, Failure".' + isArray: true + name: audit_flags + predefined: + - Failure + - Success + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Whether the rule should be `present` or `absent`. For absent, + only `path`, `user`, and `state` are required. Specifying `absent` will remove + all rules matching the defined `user`.' + name: state + predefined: + - absent + - present + description: "Adds an audit rule to files, folders, or registry keys\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_audit_rule_module.html" + name: win-audit-rule + outputs: + - contextPath: MicrosoftWindows.WinAuditRule.current_audit_rules + description: 'The current rules on the defined `path` Will return "No audit + rules defined on `path`"' + type: unknown + - contextPath: MicrosoftWindows.WinAuditRule.path_type + description: 'The type of `path` being targetted. Will be one of file, directory, + registry.' + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: 'If `present`, will ensure that the certificate at `path` is imported + into the certificate store specified. If `absent`, will ensure that the certificate + specified by `thumbprint` or the thumbprint of the cert at `path` is removed + from the store specified. If `exported`, will ensure the file at `path` is + a certificate specified by `thumbprint`. When exporting a certificate, if + `path` is a directory then the module will fail, otherwise the file will be + replaced if needed.' + name: state + predefined: + - absent + - exported + - present + - description: 'The path to a certificate file. This is required when `state` + is `present` or `exported`. When `state` is `absent` and `thumbprint` is not + specified, the thumbprint is derived from the certificate at this path.' + name: path + - description: 'The thumbprint as a hex string to either export or remove. See + the examples for how to specify the thumbprint.' + name: thumbprint + - auto: PREDEFINED + defaultValue: My + description: 'The store name to use when importing a certificate or searching + for a certificate. `AddressBook`: The X.509 certificate store for other users + `AuthRoot`: The X.509 certificate store for third-party certificate authorities + (CAs) `CertificateAuthority`: The X.509 certificate store for intermediate + certificate authorities (CAs) `Disallowed`: The X.509 certificate store for + revoked certificates `My`: The X.509 certificate store for personal certificates + `Root`: The X.509 certificate store for trusted root certificate authorities + (CAs) `TrustedPeople`: The X.509 certificate store for directly trusted people + and resources `TrustedPublisher`: The X.509 certificate store for directly + trusted publishers' + name: store_name + predefined: + - AddressBook + - AuthRoot + - CertificateAuthority + - Disallowed + - My + - Root + - TrustedPeople + - TrustedPublisher + - auto: PREDEFINED + defaultValue: LocalMachine + description: The store location to use when importing a certificate or searching + for a certificate. + name: store_location + predefined: + - CurrentUser + - LocalMachine + - description: 'The password of the pkcs12 certificate key. This is used when + reading a pkcs12 certificate file or the password to set when `state=exported` + and `file_type=pkcs12`. If the pkcs12 file has no password set or no password + should be set on the exported file, do not set this option.' + name: password + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether to allow the private key to be exported. If `no`, then + this module and other process will only be able to export the certificate + and the private key cannot be exported. Used when `state=present` only.' + name: key_exportable + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: default + description: 'Specifies where Windows will store the private key when it is + imported. When set to `default`, the default option as set by Windows is used, + typically `user`. When set to `machine`, the key is stored in a path accessible + by various users. When set to `user`, the key is stored in a path only accessible + by the current user. Used when `state=present` only and cannot be changed + once imported. See `https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags.aspx` + for more details.' + name: key_storage + predefined: + - default + - machine + - user + - auto: PREDEFINED + defaultValue: der + description: 'The file type to export the certificate as when `state=exported`. + `der` is a binary ASN.1 encoded file. `pem` is a base64 encoded file of a + der file in the OpenSSL form. `pkcs12` (also known as pfx) is a binary container + that contains both the certificate and private key unlike the other options. + When `pkcs12` is set and the private key is not exportable or accessible by + the current user, it will throw an exception.' + name: file_type + predefined: + - der + - pem + - pkcs12 + description: "Manages the certificate store\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_certificate_store_module.html" + name: win-certificate-store + outputs: + - contextPath: MicrosoftWindows.WinCertificateStore.thumbprints + description: A list of certificate thumbprints that were touched by the module. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'Allow empty checksums to be used for downloaded resource from + non-secure locations. Use `win_chocolatey_feature` with the name `allowEmptyChecksums` + to control this option globally.' + name: allow_empty_checksums + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Allow the installation of multiple packages when `version` is + specified. Having multiple packages at different versions can cause issues + if the package doesn''t support this. Use at your own risk.' + name: allow_multiple + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Allow the installation of pre-release packages. If `state` is + `latest`, the latest pre-release package will be installed.' + name: allow_prerelease + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: default + description: 'Force Chocolatey to install the package of a specific process + architecture. When setting `x86`, will ensure Chocolatey installs the x86 + package even when on an x64 bit OS.' + name: architecture + predefined: + - default + - x86 + - auto: PREDEFINED + defaultValue: 'No' + description: 'Forces the install of a package, even if it already is installed. + Using `force` will cause Ansible to always report that a change was made.' + name: force + predefined: + - 'Yes' + - 'No' + - description: 'Arguments to pass to the native installer. These are arguments + that are passed directly to the installer the Chocolatey package runs, this + is generally an advanced option.' + name: install_args + - auto: PREDEFINED + defaultValue: 'No' + description: 'Ignore the checksums provided by the package. Use `win_chocolatey_feature` + with the name `checksumFiles` to control this option globally.' + name: ignore_checksums + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Ignore dependencies, only install/upgrade the package itself. + name: ignore_dependencies + predefined: + - 'Yes' + - 'No' + - description: 'Name of the package(s) to be installed. Set to `all` to run the + action on all the installed packages.' + isArray: true + name: name + required: true + - description: 'Parameters to pass to the package. These are parameters specific + to the Chocolatey package and are generally documented by the package itself. + Before Ansible 2.7, this option was just `params`.' + name: package_params + - description: 'Whether to pin the Chocolatey package or not. If omitted then + no checks on package pins are done. Will pin/unpin the specific version if + `version` is set. Will pin the latest version of a package if `yes`, `version` + is not set and and no pin already exists. Will unpin all versions of a package + if `no` and `version` is not set. This is ignored when `state=absent`.' + name: pinned + - description: 'Proxy URL used to install chocolatey and the package. Use `win_chocolatey_config` + with the name `proxy` to control this option globally.' + name: proxy_url + - description: 'Proxy username used to install Chocolatey and the package. Before + Ansible 2.7, users with double quote characters `"` would need to be escaped + with `\` beforehand. This is no longer necessary. Use `win_chocolatey_config` + with the name `proxyUser` to control this option globally.' + name: proxy_username + - description: 'Proxy password used to install Chocolatey and the package. This + value is exposed as a command argument and any privileged account can see + this value when the module is running Chocolatey, define the password on the + global config level with `win_chocolatey_config` with name `proxyPassword` + to avoid this.' + name: proxy_password + - auto: PREDEFINED + defaultValue: 'No' + description: Do not run `chocolateyInstall.ps1` or `chocolateyUninstall.ps1` + scripts when installing a package. + name: skip_scripts + predefined: + - 'Yes' + - 'No' + - description: 'Specify the source to retrieve the package from. Use `win_chocolatey_source` + to manage global sources. This value can either be the URL to a Chocolatey + feed, a path to a folder containing `.nupkg` packages or the name of a source + defined by `win_chocolatey_source`. This value is also used when Chocolatey + is not installed as the location of the install.ps1 script and only supports + URLs for this case.' + name: source + - description: 'A username to use with `source` when accessing a feed that requires + authentication. It is recommended you define the credentials on a source with + `win_chocolatey_source` instead of passing it per task.' + name: source_username + - description: 'The password for `source_username`. This value is exposed as a + command argument and any privileged account can see this value when the module + is running Chocolatey, define the credentials with a source with `win_chocolatey_source` + to avoid this.' + name: source_password + - auto: PREDEFINED + defaultValue: present + description: 'State of the package on the system. When `absent`, will ensure + the package is not installed. When `present`, will ensure the package is installed. + When `downgrade`, will allow Chocolatey to downgrade a package if `version` + is older than the installed version. When `latest`, will ensure the package + is installed to the latest available version. When `reinstalled`, will uninstall + and reinstall the package.' + name: state + predefined: + - absent + - downgrade + - latest + - present + - reinstalled + - defaultValue: '2700' + description: The time to allow chocolatey to finish before timing out. + name: timeout + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Used when downloading the Chocolatey install script if Chocolatey + is not already installed, this does not affect the Chocolatey package install + process. When `no`, no SSL certificates will be validated. This should only + be used on personally controlled sites using self-signed certificate.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - description: 'Specific version of the package to be installed. When `state` + is set to `absent`, will uninstall the specific version otherwise all versions + of that package will be removed. If a different version of package is installed, + `state` must be `latest` or `force` set to `yes` to install the desired version. + Provide as a string (e.g. `''6.1''`), otherwise it is considered to be a floating-point + number and depending on the locale could become `6,1`, which will cause a + failure. If `name` is set to `chocolatey` and Chocolatey is not installed + on the host, this will be the version of Chocolatey that is installed. You + can also set the `chocolateyVersion` environment var.' + name: version + description: "Manage packages using chocolatey\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_module.html" + name: win-chocolatey + outputs: + - contextPath: MicrosoftWindows.WinChocolatey.command + description: The full command used in the chocolatey task. + type: string + - contextPath: MicrosoftWindows.WinChocolatey.rc + description: The return code from the chocolatey task. + type: number + - contextPath: MicrosoftWindows.WinChocolatey.stdout + description: The stdout from the chocolatey task. The verbosity level of the + messages are affected by Ansible verbosity setting, see notes for more details. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of the config setting to manage. See `https://chocolatey.org/docs/chocolatey-configuration` + for a list of valid configuration settings that can be changed. Any config + values that contain encrypted values like a password are not idempotent as + the plaintext value cannot be read.' + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'When `absent`, it will ensure the setting is unset or blank. When + `present`, it will ensure the setting is set to the value of `value`.' + name: state + predefined: + - absent + - present + - description: 'Used when `state=present` that contains the value to set for the + config setting. Cannot be null or an empty string, use `state=absent` to unset + a config value instead.' + name: value + description: "Manages Chocolatey config settings\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_config_module.html" + name: win-chocolatey-config + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + description: "Create a facts collection for Chocolatey\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_facts_module.html" + name: win-chocolatey-facts + outputs: + - contextPath: MicrosoftWindows.WinChocolateyFacts.ansible_facts + description: Detailed information about the Chocolatey installation + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of the feature to manage. Run `choco.exe feature list` + to get a list of features that can be managed.' + name: name + required: true + - auto: PREDEFINED + defaultValue: enabled + description: 'When `disabled` then the feature will be disabled. When `enabled` + then the feature will be enabled.' + name: state + predefined: + - disabled + - enabled + description: "Manages Chocolatey features\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_feature_module.html" + name: win-chocolatey-feature + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Makes the source visible to Administrators only. Requires Chocolatey + >= 0.10.8. When creating a new source, this defaults to `no`.' + name: admin_only + - description: 'Allow the source to be used with self-service Requires Chocolatey + >= 0.10.4. When creating a new source, this defaults to `no`.' + name: allow_self_service + - description: 'Bypass the proxy when using this source. Requires Chocolatey >= + 0.10.4. When creating a new source, this defaults to `no`.' + name: bypass_proxy + - description: 'The path to a .pfx file to use for X509 authenticated feeds. Requires + Chocolatey >= 0.9.10.' + name: certificate + - description: 'The password for `certificate` if required. Requires Chocolatey + >= 0.9.10.' + name: certificate_password + - description: The name of the source to configure. + name: name + required: true + - description: 'The priority order of this source compared to other sources, lower + is better. All priorities above `0` will be evaluated first, then zero-based + values will be evaluated in config file order. Requires Chocolatey >= 0.9.9.9. + When creating a new source, this defaults to `0`.' + name: priority + - description: 'The file/folder/url of the source. Required when `state` is `present` + or `disabled` and the source does not already exist.' + name: source + - description: The username used to access `source`. + name: source_username + - description: 'The password for `source_username`. Required if `source_username` + is set.' + name: source_password + - auto: PREDEFINED + defaultValue: present + description: 'When `absent`, will remove the source. When `disabled`, will ensure + the source exists but is disabled. When `present`, will ensure the source + exists and is enabled.' + name: state + predefined: + - absent + - disabled + - present + - auto: PREDEFINED + defaultValue: always + description: 'When `always`, the module will always set the password and report + a change if `certificate_password` or `source_password` is set. When `on_create`, + the module will only set the password if the source is being created.' + name: update_password + predefined: + - always + - on_create + description: "Manages Chocolatey sources\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_source_module.html" + name: win-chocolatey-source + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'When used instead of `src`, sets the contents of a file directly + to the specified value. This is for simple values, for anything complex or + with formatting please switch to the `template` module.' + name: content + - auto: PREDEFINED + defaultValue: 'Yes' + description: This option controls the autodecryption of source files using vault. + name: decrypt + predefined: + - 'Yes' + - 'No' + - description: 'Remote absolute path where the file should be copied to. If `src` + is a directory, this must be a directory too. Use \ for path separators or + \\ when in "double quotes". If `dest` ends with \ then source or the contents + of source will be copied to the directory without renaming. If `dest` is a + nonexistent path, it will only be created if `dest` ends with "/" or "\", + or `src` is a directory. If `src` and `dest` are files and if the parent directory + of `dest` doesn''t exist, then the task will fail.' + name: dest + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'Determine whether a backup should be created. When set to `yes`, + create a backup file including the timestamp information so you can get the + original file back if you somehow clobbered it incorrectly. No backup is taken + when `remote_src=False` and multiple files are being copied.' + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If set to `yes`, the file will only be transferred if the content + is different than destination. If set to `no`, the file will only be transferred + if the destination does not exist. If set to `no`, no checksuming of the content + is performed which can help improve performance on larger files.' + name: force + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: This flag indicates that filesystem links in the source tree, if + they exist, should be followed. + name: local_follow + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If `no`, it will search for src at originating/master machine. + If `yes`, it will go to the remote/target machine for the src.' + name: remote_src + predefined: + - 'Yes' + - 'No' + - description: 'Local path to a file to copy to the remote server; can be absolute + or relative. If path is a directory, it is copied (including the source folder + name) recursively to `dest`. If path is a directory and ends with "/", only + the inside contents of that directory are copied to the destination. Otherwise, + if it does not end with "/", the directory itself with all contents is copied. + If path is a file and dest ends with "\", the file is copied to the folder + with the same filename. Required unless using `content`.' + name: src + description: "Copies files to remote locations on windows hosts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_copy_module.html" + name: win-copy + outputs: + - contextPath: MicrosoftWindows.WinCopy.backup_file + description: Name of the backup file that was created. + type: string + - contextPath: MicrosoftWindows.WinCopy.dest + description: Destination file/path. + type: string + - contextPath: MicrosoftWindows.WinCopy.src + description: Source file used for the copy on the target machine. + type: string + - contextPath: MicrosoftWindows.WinCopy.checksum + description: SHA1 checksum of the file after running copy. + type: string + - contextPath: MicrosoftWindows.WinCopy.size + description: Size of the target, after execution. + type: number + - contextPath: MicrosoftWindows.WinCopy.operation + description: Whether a single file copy took place or a folder copy. + type: string + - contextPath: MicrosoftWindows.WinCopy.original_basename + description: Basename of the copied file. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Adds an alias for the credential. Typically this is the NetBIOS + name of a host if `name` is set to the DNS name.' + name: alias + - description: 'A list of dicts that set application specific attributes for a + credential. When set, existing attributes will be compared to the list as + a whole, any differences means all attributes will be replaced.' + name: attributes + - description: A user defined comment for the credential. + name: comment + - description: 'The target that identifies the server or servers that the credential + is to be used for. If the value can be a NetBIOS name, DNS server name, DNS + host name suffix with a wildcard character (`*`), a NetBIOS of DNS domain + name that contains a wildcard character sequence, or an asterisk. See `TargetName` + in `https://docs.microsoft.com/en-us/windows/desktop/api/wincred/ns-wincred-_credentiala` + for more details on what this value can be. This is used with `type` to produce + a unique credential.' + name: name + required: true + - auto: PREDEFINED + defaultValue: local + description: 'Defines the persistence of the credential. If `local`, the credential + will persist for all logons of the same user on the same host. `enterprise` + is the same as `local` but the credential is visible to the same domain user + when running on other hosts and not just localhost.' + name: persistence + predefined: + - enterprise + - local + - description: 'The secret for the credential. When omitted, then no secret is + used for the credential if a new credentials is created. When `type` is a + password type, this is the password for `username`. When `type` is a certificate + type, this is the pin for the certificate.' + name: secret + - auto: PREDEFINED + defaultValue: text + description: 'Controls the input type for `secret`. If `text`, `secret` is a + text string that is UTF-16LE encoded to bytes. If `base64`, `secret` is a + base64 string that is base64 decoded to bytes.' + name: secret_format + predefined: + - base64 + - text + - auto: PREDEFINED + defaultValue: present + description: 'When `absent`, the credential specified by `name` and `type` is + removed. When `present`, the credential specified by `name` and `type` is + removed.' + name: state + predefined: + - absent + - present + - auto: PREDEFINED + description: 'The type of credential to store. This is used with `name` to produce + a unique credential. When the type is a `domain` type, the credential is used + by Microsoft authentication packages like Negotiate. When the type is a `generic` + type, the credential is not used by any particular authentication package. + It is recommended to use a `domain` type as only authentication providers + can access the secret.' + name: type + predefined: + - domain_certificate + - domain_password + - generic_certificate + - generic_password + required: true + - auto: PREDEFINED + defaultValue: always + description: 'When `always`, the secret will always be updated if they differ. + When `on_create`, the secret will only be checked/updated when it is first + created. If the secret cannot be retrieved and this is set to `always`, the + module will always result in a change.' + name: update_secret + predefined: + - always + - on_create + - description: 'When `type` is a password type, then this is the username to store + for the credential. When `type` is a credential type, then this is the thumbprint + as a hex string of the certificate to use. When `type=domain_password`, this + should be in the form of a Netlogon (DOMAIN\Username) or a UPN (username@DOMAIN). + If using a certificate thumbprint, the certificate must exist in the `CurrentUser\My` + certificate store for the executing user.' + name: username + description: "Manages Windows Credentials in the Credential Manager\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_credential_module.html" + name: win-credential + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A list of drive letters or mount point paths of the volumes to + be defragmented. If this parameter is omitted, all volumes (not excluded) + will be fragmented.' + isArray: true + name: include_volumes + - description: A list of drive letters or mount point paths to exclude from defragmentation. + isArray: true + name: exclude_volumes + - auto: PREDEFINED + defaultValue: 'No' + description: Perform free space consolidation on the specified volumes. + name: freespace_consolidation + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: low + description: Run the operation at low or normal priority. + name: priority + predefined: + - low + - normal + - auto: PREDEFINED + defaultValue: 'No' + description: Run the operation on each volume in parallel in the background. + name: parallel + predefined: + - 'Yes' + - 'No' + description: "Consolidate fragmented files on local volumes\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_defrag_module.html" + name: win-defrag + outputs: + - contextPath: MicrosoftWindows.WinDefrag.cmd + description: The complete command line used by the module. + type: string + - contextPath: MicrosoftWindows.WinDefrag.rc + description: The return code for the command. + type: number + - contextPath: MicrosoftWindows.WinDefrag.stdout + description: The standard output from the command. + type: string + - contextPath: MicrosoftWindows.WinDefrag.stderr + description: The error output from the command. + type: string + - contextPath: MicrosoftWindows.WinDefrag.msg + description: Possible error message on failure. + type: string + - contextPath: MicrosoftWindows.WinDefrag.changed + description: Whether or not any changes were made. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + description: "Show the attached disks and disk information of the target host\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_disk_facts_module.html" + name: win-disk-facts + outputs: + - contextPath: MicrosoftWindows.WinDiskFacts.ansible_facts + description: Dictionary containing all the detailed information about the disks + of the target. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Path to an ISO, VHD, or VHDX image on the target Windows host (the + file cannot reside on a network share) + name: image_path + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the image should be present as a drive-letter mount or + not. + name: state + predefined: + - absent + - present + description: "Manage ISO/VHD/VHDX mounts on Windows hosts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_disk_image_module.html" + name: win-disk-image + outputs: + - contextPath: MicrosoftWindows.WinDiskImage.mount_path + description: Filesystem path where the target image is mounted, this has been + deprecated in favour of `mount_paths`. + type: string + - contextPath: MicrosoftWindows.WinDiskImage.mount_paths + description: A list of filesystem paths mounted from the target image. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Adapter name or list of adapter names for which to manage DNS + settings (''*'' is supported as a wildcard value). The adapter name used is + the connection caption in the Network Control Panel or via `Get-NetAdapter`, + eg `Local Area Connection`.' + name: adapter_names + required: true + - description: Single or ordered list of DNS server IPv4 addresses to configure + for lookup. An empty list will configure the adapter to use the DHCP-assigned + values on connections where DHCP is enabled, or disable DNS lookup on statically-configured + connections. + name: ipv4_addresses + required: true + description: "Configures DNS lookup on Windows hosts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_dns_client_module.html" + name: win-dns-client + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of the record. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether the record should exist or not. + name: state + predefined: + - absent + - present + - defaultValue: '3600' + description: 'The "time to live" of the record, in seconds. Ignored when `state=absent`. + Valid range is 1 - 31557600. Note that an Active Directory forest can specify + a minimum TTL, and will dynamically "round up" other values to that minimum.' + name: ttl + - auto: PREDEFINED + description: The type of DNS record to manage. + name: type + predefined: + - A + - AAAA + - CNAME + - PTR + required: true + - description: 'The value(s) to specify. Required when `state=present`. When c(type=PTR) + only the partial part of the IP should be given.' + isArray: true + name: value + - description: 'The name of the zone to manage (eg `example.com`). The zone must + already exist.' + name: zone + required: true + - description: 'Specifies a DNS server. You can specify an IP address or any value + that resolves to an IP address, such as a fully qualified domain name (FQDN), + host name, or NETBIOS name.' + name: computer_name + description: "Manage Windows Server DNS records\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_dns_record_module.html" + name: win-dns-record + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The DNS name of the domain which should exist and be reachable + or reside on the target Windows host. + name: dns_domain_name + required: true + - description: 'The NetBIOS name for the root domain in the new forest. For NetBIOS + names to be valid for use with this parameter they must be single label names + of 15 characters or less, if not it will fail. If this parameter is not set, + then the default is automatically computed from the value of the `domain_name` + parameter.' + name: domain_netbios_name + - description: Safe mode password for the domain controller. + name: safe_mode_password + required: true + - description: 'The path to a directory on a fixed disk of the Windows host where + the domain database will be created. If not set then the default path is `%SYSTEMROOT%\NTDS`.' + name: database_path + - description: 'The path to a directory on a fixed disk of the Windows host where + the Sysvol file will be created. If not set then the default path is `%SYSTEMROOT%\SYSVOL`.' + name: sysvol_path + - description: 'Whether to create a DNS delegation that references the new DNS + server that you install along with the domain controller. Valid for Active + Directory-integrated DNS only. The default is computed automatically based + on the environment.' + name: create_dns_delegation + - auto: PREDEFINED + description: 'Specifies the domain functional level of the first domain in the + creation of a new forest. The domain functional level cannot be lower than + the forest functional level, but it can be higher. The default is automatically + computed and set.' + name: domain_mode + predefined: + - Win2003 + - Win2008 + - Win2008R2 + - Win2012 + - Win2012R2 + - WinThreshold + - auto: PREDEFINED + description: 'Specifies the forest functional level for the new forest. The + default forest functional level in Windows Server is typically the same as + the version you are running.' + name: forest_mode + predefined: + - Win2003 + - Win2008 + - Win2008R2 + - Win2012 + - Win2012R2 + - WinThreshold + description: "Ensures the existence of a Windows domain\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_domain_module.html" + name: win-domain + outputs: + - contextPath: MicrosoftWindows.WinDomain.reboot_required + description: True if changes were made that require a reboot. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Specifies the name of the object. This parameter sets the Name + property of the Active Directory object. The LDAP display name (ldapDisplayName) + of this property is name.' + name: name + required: true + - description: 'Specifies the Security Account Manager (SAM) account name of the + computer. It maximum is 256 characters, 15 is advised for older operating + systems compatibility. The LDAP display name (ldapDisplayName) for this property + is sAMAccountName. If ommitted the value is the same as `name`. Note that + all computer SAMAccountNames need to end with a $.' + name: sam_account_name + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Specifies if an account is enabled. An enabled account requires + a password. This parameter sets the Enabled property for an account object. + This parameter also sets the ADS_UF_ACCOUNTDISABLE flag of the Active Directory + User Account Control (UAC) attribute.' + name: enabled + predefined: + - 'Yes' + - 'No' + - description: Specifies the X.500 path of the Organizational Unit (OU) or container + where the new object is created. Required when `state=present`. + name: ou + - defaultValue: '' + description: 'Specifies a description of the object. This parameter sets the + value of the Description property for the object. The LDAP display name (ldapDisplayName) + for this property is description.' + name: description + - description: 'Specifies the fully qualified domain name (FQDN) of the computer. + This parameter sets the DNSHostName property for a computer object. The LDAP + display name for this property is dNSHostName. Required when `state=present`.' + name: dns_hostname + - description: 'The username to use when interacting with AD. If this is not set + then the user Ansible used to log in with will be used instead when using + CredSSP or Kerberos with credential delegation.' + name: domain_username + - description: The password for `username`. + name: domain_password + - description: 'Specifies the Active Directory Domain Services instance to connect + to. Can be in the form of an FQDN or NetBIOS name. If not specified then the + value is based on the domain of the computer running PowerShell.' + name: domain_server + - auto: PREDEFINED + defaultValue: present + description: Specified whether the computer should be `present` or `absent` + in Active Directory. + name: state + predefined: + - absent + - present + description: "Manage computers in Active Directory\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_domain_computer_module.html" + name: win-domain-computer + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: When `state` is `domain_controller`, the DNS name of the domain + for which the targeted Windows host should be a DC. + name: dns_domain_name + - description: Username of a domain admin for the target domain (necessary to + promote or demote a domain controller). + name: domain_admin_user + required: true + - description: Password for the specified `domain_admin_user`. + name: domain_admin_password + required: true + - description: Safe mode password for the domain controller (required when `state` + is `domain_controller`). + name: safe_mode_password + - description: Password to be assigned to the local `Administrator` user (required + when `state` is `member_server`). + name: local_admin_password + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to install the domain controller as a read only replica + for an existing domain. + name: read_only + predefined: + - 'Yes' + - 'No' + - description: 'Specifies the name of an existing site where you can place the + new domain controller. This option is required when `read_only` is `yes`.' + name: site_name + - auto: PREDEFINED + description: Whether the target host should be a domain controller or a member + server. + name: state + predefined: + - domain_controller + - member_server + - description: 'The path to a directory on a fixed disk of the Windows host where + the domain database will be created.. If not set then the default path is + `%SYSTEMROOT%\NTDS`.' + name: database_path + - description: 'The path to a directory on a fixed disk of the Windows host where + the Sysvol folder will be created. If not set then the default path is `%SYSTEMROOT%\SYSVOL`.' + name: sysvol_path + description: "Manage domain controller/member server state for a Windows host\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_controller_module.html" + name: win-domain-controller + outputs: + - contextPath: MicrosoftWindows.WinDomainController.reboot_required + description: True if changes were made that require a reboot. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A dict of custom LDAP attributes to set on the group. This can + be used to set custom attributes that are not exposed as module parameters, + e.g. `mail`. See the examples on how to format this parameter.' + isArray: true + name: attributes + - auto: PREDEFINED + description: 'The category of the group, this is the value to assign to the + LDAP `groupType` attribute. If a new group is created then `security` will + be used by default.' + name: category + predefined: + - distribution + - security + - description: The value to be assigned to the LDAP `description` attribute. + name: description + - description: The value to assign to the LDAP `displayName` attribute. + name: display_name + - description: 'The username to use when interacting with AD. If this is not set + then the user Ansible used to log in with will be used instead.' + name: domain_username + - description: The password for `username`. + name: domain_password + - description: 'Specifies the Active Directory Domain Services instance to connect + to. Can be in the form of an FQDN or NetBIOS name. If not specified then the + value is based on the domain of the computer running PowerShell.' + name: domain_server + - auto: PREDEFINED + defaultValue: 'No' + description: 'Will ignore the `ProtectedFromAccidentalDeletion` flag when deleting + or moving a group. The module will fail if one of these actions need to occur + and this value is set to `no`.' + name: ignore_protection + predefined: + - 'Yes' + - 'No' + - description: 'The value to be assigned to the LDAP `managedBy` attribute. This + value can be in the forms `Distinguished Name`, `objectGUID`, `objectSid` + or `sAMAccountName`, see examples for more details.' + name: managed_by + - description: 'The name of the group to create, modify or remove. This value + can be in the forms `Distinguished Name`, `objectGUID`, `objectSid` or `sAMAccountName`, + see examples for more details.' + name: name + required: true + - description: 'The full LDAP path to create or move the group to. This should + be the path to the parent object to create or move the group to. See examples + for details of how this path is formed.' + name: organizational_unit + - description: 'Will set the `ProtectedFromAccidentalDeletion` flag based on this + value. This flag stops a user from deleting or moving a group to a different + path.' + name: protect + - auto: PREDEFINED + description: 'The scope of the group. If `state=present` and the group doesn''t + exist then this must be set.' + name: scope + predefined: + - domainlocal + - global + - universal + - auto: PREDEFINED + defaultValue: present + description: 'If `state=present` this module will ensure the group is created + and is configured accordingly. If `state=absent` this module will delete the + group if it exists' + name: state + predefined: + - absent + - present + description: "Creates, modifies or removes domain groups\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_domain_group_module.html" + name: win-domain-group + outputs: + - contextPath: MicrosoftWindows.WinDomainGroup.attributes + description: Custom attributes that were set by the module. This does not show + all the custom attributes rather just the ones that were set by the module. + type: unknown + - contextPath: MicrosoftWindows.WinDomainGroup.canonical_name + description: The canonical name of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.category + description: The Group type value of the group, i.e. Security or Distribution. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.description + description: The Description of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.display_name + description: The Display name of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.distinguished_name + description: The full Distinguished Name of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.group_scope + description: The Group scope value of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.guid + description: The guid of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.managed_by + description: The full Distinguished Name of the AD object that is set on the + managedBy attribute. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.name + description: The name of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.protected_from_accidental_deletion + description: Whether the group is protected from accidental deletion. + type: boolean + - contextPath: MicrosoftWindows.WinDomainGroup.sid + description: The Security ID of the group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroup.created + description: Whether a group was created + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the domain group to manage membership on. + name: name + required: true + - description: 'A list of members to ensure are present/absent from the group. + The given names must be a SamAccountName of a user, group, service account, + or computer. For computers, you must add "$" after the name; for example, + to add "Mycomputer" to a group, use "Mycomputer$" as the member.' + isArray: true + name: members + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Desired state of the members in the group. When `state` is `pure`, + only the members specified will exist, and all other existing members not + specified are removed.' + name: state + predefined: + - absent + - present + - pure + - description: 'The username to use when interacting with AD. If this is not set + then the user Ansible used to log in with will be used instead when using + CredSSP or Kerberos with credential delegation.' + name: domain_username + - description: The password for `username`. + name: domain_password + - description: 'Specifies the Active Directory Domain Services instance to connect + to. Can be in the form of an FQDN or NetBIOS name. If not specified then the + value is based on the domain of the computer running PowerShell.' + name: domain_server + description: "Manage Windows domain group membership\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_domain_group_membership_module.html" + name: win-domain-group-membership + outputs: + - contextPath: MicrosoftWindows.WinDomainGroupMembership.name + description: The name of the target domain group. + type: string + - contextPath: MicrosoftWindows.WinDomainGroupMembership.added + description: A list of members added when `state` is `present` or `pure`; this + is empty if no members are added. + type: unknown + - contextPath: MicrosoftWindows.WinDomainGroupMembership.removed + description: A list of members removed when `state` is `absent` or `pure`; this + is empty if no members are removed. + type: unknown + - contextPath: MicrosoftWindows.WinDomainGroupMembership.members + description: A list of all domain group members at completion; this is empty + if the group contains no members. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: When `state` is `domain`, the DNS name of the domain to which the + targeted Windows host should be joined. + name: dns_domain_name + - description: Username of a domain admin for the target domain (required to join + or leave the domain). + name: domain_admin_user + required: true + - description: Password for the specified `domain_admin_user`. + name: domain_admin_password + - description: The desired hostname for the Windows host. + name: hostname + - description: 'The desired OU path for adding the computer object. This is only + used when adding the target host to a domain, if it is already a member then + it is ignored.' + name: domain_ou_path + - auto: PREDEFINED + description: Whether the target host should be a member of a domain or workgroup. + name: state + predefined: + - domain + - workgroup + - description: When `state` is `workgroup`, the name of the workgroup that the + Windows host should be in. + name: workgroup_name + description: "Manage domain/workgroup membership for a Windows host\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_membership_module.html" + name: win-domain-membership + outputs: + - contextPath: MicrosoftWindows.WinDomainMembership.reboot_required + description: True if changes were made that require a reboot. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the user to create, remove or modify. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'When `present`, creates or updates the user account. When `absent`, + removes the user account if it exists. When `query`, retrieves the user account + details without making any changes.' + name: state + predefined: + - absent + - present + - query + - auto: PREDEFINED + defaultValue: 'Yes' + description: '`yes` will enable the user account. `no` will disable the account.' + name: enabled + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: '`no` will unlock the user account if locked. Note that there is + not a way to lock an account as an administrator. Accounts are locked due + to user actions; as an admin, you may only unlock a locked account. If you + wish to administratively disable an account, set `enabled` to `no`.' + name: account_locked + predefined: + - 'False' + - description: Description of the user + name: description + - description: 'Adds or removes the user from this list of groups, depending on + the value of `groups_action`. To remove all but the Principal Group, set `groups=` and `groups_action=replace`. Note that users cannot be removed + from their principal group (for example, "Domain Users").' + isArray: true + name: groups + - auto: PREDEFINED + defaultValue: replace + description: 'If `add`, the user is added to each group in `groups` where not + already a member. If `remove`, the user is removed from each group in `groups`. + If `replace`, the user is added as a member of each group in `groups` and + removed from any other groups.' + name: groups_action + predefined: + - add + - remove + - replace + - description: 'Optionally set the user''s password to this (plain text) value. + To enable an account - `enabled` - a password must already be configured on + the account, or you must provide a password here.' + name: password + - auto: PREDEFINED + defaultValue: always + description: '`always` will always update passwords. `on_create` will only set + the password for newly created users. `when_changed` will only set the password + when changed (added in ansible 2.9).' + name: update_password + predefined: + - always + - on_create + - when_changed + - description: '`yes` will require the user to change their password at next login. + `no` will clear the expired password flag. This is mutually exclusive with + `password_never_expires`.' + name: password_expired + - description: '`yes` will set the password to never expire. `no` will allow the + password to expire. This is mutually exclusive with `password_expired`.' + name: password_never_expires + - description: '`yes` will prevent the user from changing their password. `no` + will allow the user to change their password.' + name: user_cannot_change_password + - description: Configures the user's first name (given name). + name: firstname + - description: Configures the user's last name (surname). + name: surname + - description: Configures the user's company name. + name: company + - description: 'Configures the User Principal Name (UPN) for the account. This + is not required, but is best practice to configure for modern versions of + Active Directory. The format is `@`.' + name: upn + - description: 'Configures the user''s email address. This is a record in AD and + does not do anything to configure any email servers or systems.' + name: email + - description: Configures the user's street address. + name: street + - description: Configures the user's city. + name: city + - description: Configures the user's state or province. + name: state_province + - description: Configures the user's postal code / zip code. + name: postal_code + - description: 'Configures the user''s country code. Note that this is a two-character + ISO 3166 code.' + name: country + - description: 'Container or OU for the new user; if you do not specify this, + the user will be placed in the default container for users in the domain. + Setting the path is only available when a new user is created; if you specify + a path on an existing user, the user''s path will not be updated - you must + delete (e.g., `state=absent`) the user and then re-add the user with the appropriate + path.' + name: path + - description: 'A dict of custom LDAP attributes to set on the user. This can + be used to set custom attributes that are not exposed as module parameters, + e.g. `telephoneNumber`. See the examples on how to format this parameter.' + name: attributes + - description: 'The username to use when interacting with AD. If this is not set + then the user Ansible used to log in with will be used instead when using + CredSSP or Kerberos with credential delegation.' + name: domain_username + - description: The password for `username`. + name: domain_password + - description: 'Specifies the Active Directory Domain Services instance to connect + to. Can be in the form of an FQDN or NetBIOS name. If not specified then the + value is based on the domain of the computer running PowerShell.' + name: domain_server + description: "Manages Windows Active Directory user accounts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_domain_user_module.html" + name: win-domain-user + outputs: + - contextPath: MicrosoftWindows.WinDomainUser.account_locked + description: true if the account is locked + type: boolean + - contextPath: MicrosoftWindows.WinDomainUser.changed + description: true if the account changed during execution + type: boolean + - contextPath: MicrosoftWindows.WinDomainUser.city + description: The user city + type: string + - contextPath: MicrosoftWindows.WinDomainUser.company + description: The user company + type: string + - contextPath: MicrosoftWindows.WinDomainUser.country + description: The user country + type: string + - contextPath: MicrosoftWindows.WinDomainUser.description + description: A description of the account + type: string + - contextPath: MicrosoftWindows.WinDomainUser.distinguished_name + description: DN of the user account + type: string + - contextPath: MicrosoftWindows.WinDomainUser.email + description: The user email address + type: string + - contextPath: MicrosoftWindows.WinDomainUser.enabled + description: true if the account is enabled and false if disabled + type: string + - contextPath: MicrosoftWindows.WinDomainUser.firstname + description: The user first name + type: string + - contextPath: MicrosoftWindows.WinDomainUser.groups + description: AD Groups to which the account belongs + type: unknown + - contextPath: MicrosoftWindows.WinDomainUser.msg + description: Summary message of whether the user is present or absent + type: string + - contextPath: MicrosoftWindows.WinDomainUser.name + description: The username on the account + type: string + - contextPath: MicrosoftWindows.WinDomainUser.password_expired + description: true if the account password has expired + type: boolean + - contextPath: MicrosoftWindows.WinDomainUser.password_updated + description: true if the password changed during this execution + type: boolean + - contextPath: MicrosoftWindows.WinDomainUser.postal_code + description: The user postal code + type: string + - contextPath: MicrosoftWindows.WinDomainUser.sid + description: The SID of the account + type: string + - contextPath: MicrosoftWindows.WinDomainUser.state + description: The state of the user account + type: string + - contextPath: MicrosoftWindows.WinDomainUser.state_province + description: The user state or province + type: string + - contextPath: MicrosoftWindows.WinDomainUser.street + description: The user street address + type: string + - contextPath: MicrosoftWindows.WinDomainUser.surname + description: The user last name + type: string + - contextPath: MicrosoftWindows.WinDomainUser.upn + description: The User Principal Name of the account + type: string + - contextPath: MicrosoftWindows.WinDomainUser.user_cannot_change_password + description: true if the user is not allowed to change password + type: string + - contextPath: MicrosoftWindows.WinDomainUser.created + description: Whether a user was created + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + description: "Runs ngen to recompile DLLs after .NET updates\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_dotnet_ngen_module.html" + name: win-dotnet-ngen + outputs: + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen_update_exit_code + description: The exit code after running the 32-bit ngen.exe update /force command. + type: number + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen_update_output + description: The stdout after running the 32-bit ngen.exe update /force command. + type: string + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen_eqi_exit_code + description: The exit code after running the 32-bit ngen.exe executeQueuedItems + command. + type: number + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen_eqi_output + description: The stdout after running the 32-bit ngen.exe executeQueuedItems + command. + type: string + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_update_exit_code + description: The exit code after running the 64-bit ngen.exe update /force command. + type: number + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_update_output + description: The stdout after running the 64-bit ngen.exe update /force command. + type: string + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_eqi_exit_code + description: The exit code after running the 64-bit ngen.exe executeQueuedItems + command. + type: number + - contextPath: MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_eqi_output + description: The stdout after running the 64-bit ngen.exe executeQueuedItems + command. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of the DSC Resource to use. Must be accessible to PowerShell + using any of the default paths.' + name: resource_name + required: true + - defaultValue: latest + description: 'Can be used to configure the exact version of the DSC resource + to be invoked. Useful if the target node has multiple versions installed of + the module containing the DSC resource. If not specified, the module will + follow standard PowerShell convention and use the highest version available.' + name: module_version + - description: 'The `win_dsc` module takes in multiple free form options based + on the DSC resource being invoked by `resource_name`. There is no option actually + named `free_form` so see the examples. This module will try and convert the + option to the correct type required by the DSC resource and throw a warning + if it fails. If the type of the DSC resource option is a `CimInstance` or + `CimInstance[]`, this means the value should be a dictionary or list of dictionaries + based on the values required by that option. If the type of the DSC resource + option is a `PSCredential` then there needs to be 2 options set in the Ansible + task definition suffixed with `_username` and `_password`. If the type of + the DSC resource option is an array, then a list should be provided but a + comma separated string also work. Use a list where possible as no escaping + is required and it works with more complex types list `CimInstance[]`. If + the type of the DSC resource option is a `DateTime`, you should use a string + in the form of an ISO 8901 string to ensure the exact date is used. Since + Ansible 2.8, Ansible will now validate the input fields against the DSC resource + definition automatically. Older versions will silently ignore invalid fields.' + name: free_form + required: true + description: "Invokes a PowerShell DSC configuration\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_dsc_module.html" + name: win-dsc + outputs: + - contextPath: MicrosoftWindows.WinDsc.module_version + description: The version of the dsc resource/module used. + type: string + - contextPath: MicrosoftWindows.WinDsc.reboot_required + description: Flag returned from the DSC engine indicating whether or not the + machine requires a reboot for the invoked changes to take effect. + type: boolean + - contextPath: MicrosoftWindows.WinDsc.verbose_test + description: The verbose output as a list from executing the DSC test method. + type: unknown + - contextPath: MicrosoftWindows.WinDsc.verbose_set + description: The verbose output as a list from executing the DSC Set method. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Set to `present` to ensure environment variable is set. Set to + `absent` to ensure it is removed.' + name: state + predefined: + - absent + - present + - description: The name of the environment variable. + name: name + required: true + - description: 'The value to store in the environment variable. Must be set when + `state=present` and cannot be an empty string. Can be omitted for `state=absent`.' + name: value + - auto: PREDEFINED + description: 'The level at which to set the environment variable. Use `machine` + to set for all users. Use `user` to set for the current user that ansible + is connected as. Use `process` to set for the current process. Probably not + that useful.' + name: level + predefined: + - machine + - process + - user + required: true + description: "Modify environment variables on windows hosts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_environment_module.html" + name: win-environment + outputs: + - contextPath: MicrosoftWindows.WinEnvironment.before_value + description: the value of the environment key before a change, this is null + if it didn't exist + type: string + - contextPath: MicrosoftWindows.WinEnvironment.value + description: the value the environment key has been set to, this is null if + removed + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the event log to manage. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Desired state of the log and/or sources. When `sources` is populated, + state is checked for sources. When `sources` is not populated, state is checked + for the specified log itself. If `state` is `clear`, event log entries are + cleared for the target log.' + name: state + predefined: + - absent + - clear + - present + - description: 'A list of one or more sources to ensure are present/absent in + the log. When `category_file`, `message_file` and/or `parameter_file` are + specified, these values are applied across all sources.' + isArray: true + name: sources + - description: For one or more sources specified, the path to a custom category + resource file. + name: category_file + - description: For one or more sources specified, the path to a custom event message + resource file. + name: message_file + - description: For one or more sources specified, the path to a custom parameter + resource file. + name: parameter_file + - description: 'The maximum size of the event log. Value must be between 64KB + and 4GB, and divisible by 64KB. Size can be specified in KB, MB or GB (e.g. + 128KB, 16MB, 2.5GB).' + name: maximum_size + - auto: PREDEFINED + description: 'The action for the log to take once it reaches its maximum size. + For `DoNotOverwrite`, all existing entries are kept and new entries are not + retained. For `OverwriteAsNeeded`, each new entry overwrites the oldest entry. + For `OverwriteOlder`, new log entries overwrite those older than the `retention_days` + value.' + name: overflow_action + predefined: + - DoNotOverwrite + - OverwriteAsNeeded + - OverwriteOlder + - description: 'The minimum number of days event entries must remain in the log. + This option is only used when `overflow_action` is `OverwriteOlder`.' + name: retention_days + description: "Manage Windows event logs\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_eventlog_module.html" + name: win-eventlog + outputs: + - contextPath: MicrosoftWindows.WinEventlog.name + description: The name of the event log. + type: string + - contextPath: MicrosoftWindows.WinEventlog.exists + description: Whether the event log exists or not. + type: boolean + - contextPath: MicrosoftWindows.WinEventlog.entries + description: The count of entries present in the event log. + type: number + - contextPath: MicrosoftWindows.WinEventlog.maximum_size_kb + description: Maximum size of the log in KB. + type: number + - contextPath: MicrosoftWindows.WinEventlog.overflow_action + description: The action the log takes once it reaches its maximum size. + type: string + - contextPath: MicrosoftWindows.WinEventlog.retention_days + description: The minimum number of days entries are retained in the log. + type: number + - contextPath: MicrosoftWindows.WinEventlog.sources + description: A list of the current sources for the log. + type: unknown + - contextPath: MicrosoftWindows.WinEventlog.sources_changed + description: A list of sources changed (e.g. re/created, removed) for the log; + this is empty if no sources are changed. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the event log to write an entry to. + name: log + required: true + - description: Name of the log source to indicate where the entry is from. + name: source + required: true + - description: 'The numeric event identifier for the entry. Value must be between + 0 and 65535.' + name: event_id + required: true + - description: The message for the given log entry. + name: message + required: true + - auto: PREDEFINED + description: Indicates the entry being written to the log is of a specific type. + name: entry_type + predefined: + - Error + - FailureAudit + - Information + - SuccessAudit + - Warning + - description: A numeric task category associated with the category message file + for the log source. + name: category + - description: 'Binary data associated with the log entry. Value must be a comma-separated + array of 8-bit unsigned integers (0 to 255).' + name: raw_data + description: "Write entries to Windows event logs\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_eventlog_entry_module.html" + name: win-eventlog-entry + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Names of roles or features to install as a single feature or a + comma-separated list of features. To list all available features use the PowerShell + command `Get-WindowsFeature`.' + isArray: true + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the features or roles on the system. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: Adds all subfeatures of the specified feature. + name: include_sub_features + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Adds the corresponding management tools to the specified feature. + Not supported in Windows 2008 R2 and will be ignored.' + name: include_management_tools + predefined: + - 'Yes' + - 'No' + - description: 'Specify a source to install the feature from. Not supported in + Windows 2008 R2 and will be ignored. Can either be `{driveletter}:\sources\sxs` + or `\\{IP}\share\sources\sxs`.' + name: source + description: "Installs and uninstalls Windows Features on Windows Server\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_feature_module.html" + name: win-feature + outputs: + - contextPath: MicrosoftWindows.WinFeature.exitcode + description: The stringified exit code from the feature installation/removal + command. + type: string + - contextPath: MicrosoftWindows.WinFeature.feature_result + description: List of features that were installed or removed. + type: unknown + - contextPath: MicrosoftWindows.WinFeature.reboot_required + description: True when the target server requires a reboot to complete updates + (no further updates can be installed until after a reboot). + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Path to the file being managed. + name: path + required: true + - auto: PREDEFINED + description: 'If `directory`, all immediate subdirectories will be created if + they do not exist. If `file`, the file will NOT be created if it does not + exist, see the `copy` or `template` module if you want that behavior. If + `absent`, directories will be recursively deleted, and files will be removed. + If `touch`, an empty file will be created if the `path` does not exist, while + an existing file or directory will receive updated file access and modification + times (similar to the way `touch` works from the command line).' + name: state + predefined: + - absent + - directory + - file + - touch + description: "Creates, touches or removes files or directories\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_file_module.html" + name: win-file + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'File to get version. Always provide absolute path.' + name: path + required: true + description: "Get DLL or EXE file build version\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_file_version_module.html" + name: win-file-version + outputs: + - contextPath: MicrosoftWindows.WinFileVersion.path + description: file path + type: string + - contextPath: MicrosoftWindows.WinFileVersion.file_version + description: File version number.. + type: string + - contextPath: MicrosoftWindows.WinFileVersion.product_version + description: The version of the product this file is distributed with. + type: string + - contextPath: MicrosoftWindows.WinFileVersion.file_major_part + description: the major part of the version number. + type: string + - contextPath: MicrosoftWindows.WinFileVersion.file_minor_part + description: the minor part of the version number of the file. + type: string + - contextPath: MicrosoftWindows.WinFileVersion.file_build_part + description: build number of the file. + type: string + - contextPath: MicrosoftWindows.WinFileVersion.file_private_part + description: file private part number. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Select files or folders whose age is equal to or greater than + the specified time. Use a negative age to find files equal to or less than + the specified time. You can choose seconds, minutes, hours, days or weeks + by specifying the first letter of an of those words (e.g., "2s", "10d", 1w").' + name: age + - auto: PREDEFINED + defaultValue: mtime + description: 'Choose the file property against which we compare `age`. The default + attribute we compare with is the last modification time.' + name: age_stamp + predefined: + - atime + - ctime + - mtime + - auto: PREDEFINED + defaultValue: sha1 + description: 'Algorithm to determine the checksum of a file. Will throw an error + if the host is unable to use specified algorithm.' + name: checksum_algorithm + predefined: + - md5 + - sha1 + - sha256 + - sha384 + - sha512 + - auto: PREDEFINED + defaultValue: file + description: Type of file to search for. + name: file_type + predefined: + - directory + - file + - auto: PREDEFINED + defaultValue: 'No' + description: 'Set this to `yes` to follow symlinks in the path. This needs to + be used in conjunction with `recurse`.' + name: follow + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether to return a checksum of the file in the return info (default + sha1), use `checksum_algorithm` to change from the default. + name: get_checksum + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Set this to include hidden files or folders. + name: hidden + predefined: + - 'Yes' + - 'No' + - description: 'List of paths of directories to search for files or folders in. + This can be supplied as a single path or a list of paths.' + isArray: true + name: paths + required: true + - description: 'One or more (powershell or regex) patterns to compare filenames + with. The type of pattern matching is controlled by `use_regex` option. The + patterns restrict the list of files or folders to be returned based on the + filenames. For a file to be matched it only has to match with one pattern + in a list provided.' + isArray: true + name: patterns + - auto: PREDEFINED + defaultValue: 'No' + description: Will recursively descend into the directory looking for files or + folders. + name: recurse + predefined: + - 'Yes' + - 'No' + - description: 'Select files or folders whose size is equal to or greater than + the specified size. Use a negative value to find files equal to or less than + the specified size. You can specify the size with a suffix of the byte type + i.e. kilo = k, mega = m... Size is not evaluated for symbolic links.' + name: size + - auto: PREDEFINED + defaultValue: 'No' + description: Will set patterns to run as a regex check if set to `yes`. + name: use_regex + predefined: + - 'Yes' + - 'No' + description: "Return a list of files based on specific criteria\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_find_module.html" + name: win-find + outputs: + - contextPath: MicrosoftWindows.WinFind.examined + description: The number of files/folders that was checked. + type: number + - contextPath: MicrosoftWindows.WinFind.matched + description: The number of files/folders that match the criteria. + type: number + - contextPath: MicrosoftWindows.WinFind.files + description: Information on the files/folders that match the criteria returned + as a list of dictionary elements for each file matched. The entries are sorted + by the path value alphabetically. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: '[''Domain'', ''Private'', ''Public'']' + description: Specify one or more profiles to change. + isArray: true + name: profiles + predefined: + - Domain + - Private + - Public + - auto: PREDEFINED + description: Set state of firewall for given profile. + name: state + predefined: + - disabled + - enabled + description: "Enable or disable the Windows Firewall\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_firewall_module.html" + name: win-firewall + outputs: + - contextPath: MicrosoftWindows.WinFirewall.enabled + description: Current firewall status for chosen profile (after any potential + change). + type: boolean + - contextPath: MicrosoftWindows.WinFirewall.profiles + description: Chosen profile. + type: string + - contextPath: MicrosoftWindows.WinFirewall.state + description: Desired state of the given firewall profile(s). + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Whether this firewall rule is enabled or disabled. Defaults to + `true` when creating a new rule.' + name: enabled + - auto: PREDEFINED + defaultValue: present + description: Should this rule be added or removed. + name: state + predefined: + - absent + - present + - description: The rule's display name. + name: name + required: true + - description: The group name for the rule. + name: group + - auto: PREDEFINED + description: 'Whether this rule is for inbound or outbound traffic. Defaults + to `in` when creating a new rule.' + name: direction + predefined: + - in + - out + - auto: PREDEFINED + description: 'What to do with the items this rule is for. Defaults to `allow` + when creating a new rule.' + name: action + predefined: + - allow + - block + - description: Description for the firewall rule. + name: description + - description: 'The local ip address this rule applies to. Set to `any` to apply + to all local ip addresses. Defaults to `any` when creating a new rule.' + name: localip + - description: 'The remote ip address/range this rule applies to. Set to `any` + to apply to all remote ip addresses. Defaults to `any` when creating a new + rule.' + name: remoteip + - description: 'The local port this rule applies to. Set to `any` to apply to + all local ports. Defaults to `any` when creating a new rule. Must have `protocol` + set' + name: localport + - description: 'The remote port this rule applies to. Set to `any` to apply to + all remote ports. Defaults to `any` when creating a new rule. Must have `protocol` + set' + name: remoteport + - description: 'The program this rule applies to. Set to `any` to apply to all + programs. Defaults to `any` when creating a new rule.' + name: program + - description: 'The service this rule applies to. Set to `any` to apply to all + services. Defaults to `any` when creating a new rule.' + name: service + - description: 'The protocol this rule applies to. Set to `any` to apply to all + services. Defaults to `any` when creating a new rule.' + name: protocol + - description: 'The profile this rule applies to. Defaults to `domain,private,public` + when creating a new rule.' + isArray: true + name: profiles + description: "Windows firewall automation\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_firewall_rule_module.html" + name: win-firewall-rule + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Used to specify the drive letter of the volume to be formatted. + name: drive_letter + - description: Used to specify the path to the volume to be formatted. + name: path + - description: Used to specify the label of the volume to be formatted. + name: label + - description: Used to specify the new file system label of the formatted volume. + name: new_label + - auto: PREDEFINED + description: Used to specify the file system to be used when formatting the + target volume. + name: file_system + predefined: + - ntfs + - refs + - exfat + - fat32 + - fat + - description: 'Specifies the cluster size to use when formatting the volume. + If no cluster size is specified when you format a partition, defaults are + selected based on the size of the partition.' + name: allocation_unit_size + - description: Specifies that large File Record System (FRS) should be used. + name: large_frs + - description: 'Enable compression on the resulting NTFS volume. NTFS compression + is not supported where `allocation_unit_size` is more than 4096.' + name: compress + - description: Enable integrity streams on the resulting ReFS volume. + name: integrity_streams + - description: 'A full format writes to every sector of the disk, takes much longer + to perform than the default (quick) format, and is not recommended on storage + that is thinly provisioned. Specify `true` for full format.' + name: full + - description: Specify if formatting should be forced for volumes that are not + created from new partitions or if the source and target file system are different. + name: force + description: "Formats an existing volume or a new volume on an existing partition\ + \ on Windows\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_format_module.html" + name: win-format + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The full URL of a file to download. + name: url + required: true + - description: 'The location to save the file at the URL. Be sure to include a + filename and extension as appropriate.' + name: dest + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If `yes`, will download the file every time and replace the file + if the contents change. If `no`, will only download the file if it does not + exist or the remote file has been modified more recently than the local file. + This works by sending an http HEAD request to retrieve last modified time + of the requested resource, so for this to work, the remote web server must + support HEAD requests.' + name: force + predefined: + - 'Yes' + - 'No' + - description: 'If a `checksum` is passed to this parameter, the digest of the + destination file will be calculated after it is downloaded to ensure its integrity + and verify that the transfer completed successfully. This option cannot be + set with `checksum_url`.' + name: checksum + - auto: PREDEFINED + defaultValue: sha1 + description: Specifies the hashing algorithm used when calculating the checksum + of the remote and destination file. + name: checksum_algorithm + predefined: + - md5 + - sha1 + - sha256 + - sha384 + - sha512 + - description: 'Specifies a URL that contains the checksum values for the resource + at `url`. Like `checksum`, this is used to verify the integrity of the remote + transfer. This option cannot be set with `checksum`.' + name: checksum_url + - description: 'An explicit proxy to use for the request. By default, the request + will use the IE defined proxy unless `use_proxy` is set to `no`.' + name: proxy_url + - description: The username to use for proxy authentication. + name: proxy_username + - description: The password for `proxy_username`. + name: proxy_password + - description: 'Extra headers to set on the request. This should be a dictionary + where the key is the header name and the value is the value for that header.' + isArray: true + name: headers + - auto: PREDEFINED + defaultValue: 'Yes' + description: If `no`, it will not use the proxy defined in IE for the current + user. + name: use_proxy + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: safe + description: 'Whether or the module should follow redirects. `all` will follow + all redirect. `none` will not follow any redirect. `safe` will follow only + "safe" redirects, where "safe" means that the client is only doing a `GET` + or `HEAD` on the URI to which it is being redirected.' + name: follow_redirects + predefined: + - all + - none + - safe + - defaultValue: '50' + description: 'Specify how many times the module will redirect a connection to + an alternative URI before the connection fails. If set to `0` or `follow_redirects` + is set to `none`, or `safe` when not doing a `GET` or `HEAD` it prevents all + redirection.' + name: maximum_redirection + - description: 'The path to the client certificate (.pfx) that is used for X509 + authentication. This path can either be the path to the `pfx` on the filesystem + or the PowerShell certificate path `Cert:\CurrentUser\My\`. The + WinRM connection must be authenticated with `CredSSP` or `become` is used + on the task if the certificate file is not password protected. Other authentication + types can set `client_cert_password` when the cert is password protected.' + name: client_cert + - description: The password for `client_cert` if the cert is password protected. + name: client_cert_password + - description: This option is not for use with `win_get_url` and should be ignored. + name: method + - defaultValue: ansible-httpget + description: 'Header to identify as, generally appears in web server logs. This + is set to the `User-Agent` header on a HTTP request.' + name: http_agent + - defaultValue: '30' + description: 'Specifies how long the request can be pending before it times + out (in seconds). Set to `0` to specify an infinite timeout.' + name: timeout + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If `no`, SSL certificates will not be validated. This should only + be used on personally controlled sites using self-signed certificates.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'By default the authentication header is only sent when a webservice + responses to an initial request with a 401 status. Since some basic auth services + do not properly send a 401, logins will fail. This option forces the sending + of the Basic authentication header upon the original request.' + name: force_basic_auth + predefined: + - 'Yes' + - 'No' + - description: The username to use for authentication. + name: url_username + - description: The password for `url_username`. + name: url_password + - auto: PREDEFINED + defaultValue: 'No' + description: 'Uses the current user''s credentials when authenticating with + a server protected with `NTLM`, `Kerberos`, or `Negotiate` authentication. + Sites that use `Basic` auth will still require explicit credentials through + the `url_username` and `url_password` options. The module will only have access + to the user''s credentials if using `become` with a password, you are connecting + with SSH using a password, or connecting with WinRM using `CredSSP` or `Kerberos + with delegation`. If not using `become` or a different auth method to the + ones stated above, there will be no default credentials available and no authentication + will occur.' + name: use_default_credential + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Uses the current user''s credentials when authenticating with + a proxy host protected with `NTLM`, `Kerberos`, or `Negotiate` authentication. + Proxies that use `Basic` auth will still require explicit credentials through + the `proxy_username` and `proxy_password` options. The module will only have + access to the user''s credentials if using `become` with a password, you are + connecting with SSH using a password, or connecting with WinRM using `CredSSP` + or `Kerberos with delegation`. If not using `become` or a different auth method + to the ones stated above, there will be no default credentials available and + no proxy authentication will occur.' + name: proxy_use_default_credential + predefined: + - 'Yes' + - 'No' + description: "Downloads file from HTTP, HTTPS, or FTP to node\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_get_url_module.html" + name: win-get-url + outputs: + - contextPath: MicrosoftWindows.WinGetUrl.dest + description: destination file/path + type: string + - contextPath: MicrosoftWindows.WinGetUrl.checksum_dest + description: checksum of the file after the download + type: string + - contextPath: MicrosoftWindows.WinGetUrl.checksum_src + description: checksum of the remote resource + type: string + - contextPath: MicrosoftWindows.WinGetUrl.elapsed + description: The elapsed seconds between the start of poll and the end of the + module. + type: unknown + - contextPath: MicrosoftWindows.WinGetUrl.size + description: size of the dest file + type: number + - contextPath: MicrosoftWindows.WinGetUrl.url + description: requested url + type: string + - contextPath: MicrosoftWindows.WinGetUrl.msg + description: Error message, or HTTP status message from web-server + type: string + - contextPath: MicrosoftWindows.WinGetUrl.status_code + description: HTTP status code + type: number + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the group. + name: name + required: true + - description: Description of the group. + name: description + - auto: PREDEFINED + defaultValue: present + description: Create or remove the group. + name: state + predefined: + - absent + - present + description: "Add and remove local groups\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_group_module.html" + name: win-group + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the local group to manage membership on. + name: name + required: true + - description: 'A list of members to ensure are present/absent from the group. + Accepts local users as .\username, and SERVERNAME\username. Accepts domain + users and groups as DOMAIN\username and username@DOMAIN. Accepts service users + as NT AUTHORITY\username. Accepts all local, domain and service user types + as username, favoring domain lookups when in a domain.' + isArray: true + name: members + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Desired state of the members in the group. `pure` was added in + Ansible 2.8. When `state` is `pure`, only the members specified will exist, + and all other existing members not specified are removed.' + name: state + predefined: + - absent + - present + - pure + description: "Manage Windows local group membership\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_group_membership_module.html" + name: win-group-membership + outputs: + - contextPath: MicrosoftWindows.WinGroupMembership.name + description: The name of the target local group. + type: string + - contextPath: MicrosoftWindows.WinGroupMembership.added + description: A list of members added when `state` is `present` or `pure`; this + is empty if no members are added. + type: unknown + - contextPath: MicrosoftWindows.WinGroupMembership.removed + description: A list of members removed when `state` is `absent` or `pure`; this + is empty if no members are removed. + type: unknown + - contextPath: MicrosoftWindows.WinGroupMembership.members + description: A list of all local group members at completion; this is empty + if the group contains no members. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The hostname to set for the computer. + name: name + required: true + description: "Manages local Windows computer name\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_hostname_module.html" + name: win-hostname + outputs: + - contextPath: MicrosoftWindows.WinHostname.old_name + description: The original hostname that was set before it was changed. + type: string + - contextPath: MicrosoftWindows.WinHostname.reboot_required + description: Whether a reboot is required to complete the hostname change. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Whether the entry should be present or absent. If only `canonical_name` + is provided when `state=absent`, then all hosts entries with the canonical + name of `canonical_name` will be removed. If only `ip_address` is provided + when `state=absent`, then all hosts entries with the ip address of `ip_address` + will be removed. If `ip_address` and `canonical_name` are both omitted when + `state=absent`, then all hosts entries will be removed.' + name: state + predefined: + - absent + - present + - description: 'A canonical name for the host entry. required for `state=present`.' + name: canonical_name + - description: 'The ip address for the host entry. Can be either IPv4 (A record) + or IPv6 (AAAA record). Required for `state=present`.' + name: ip_address + - description: 'A list of additional names (cname records) for the host entry. + Only applicable when `state=present`.' + isArray: true + name: aliases + - auto: PREDEFINED + defaultValue: set + description: 'Controls the behavior of `aliases`. Only applicable when `state=present`. + If `add`, each alias in `aliases` will be added to the host entry. If `set`, + each alias in `aliases` will be added to the host entry, and other aliases + will be removed from the entry.' + name: action + predefined: + - add + - remove + - set + description: "Manages hosts file entries on Windows.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_hosts_module.html" + name: win-hosts + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of the hotfix as shown in DISM, see examples for details. + This or `hotfix_kb` MUST be set when `state=absent`. If `state=present` then + the hotfix at `source` will be validated against this value, if it does not + match an error will occur. You can get the identifier by running ''Get-WindowsPackage + -Online -PackagePath path-to-cab-in-msu'' after expanding the msu file.' + name: hotfix_identifier + - description: 'The name of the KB the hotfix relates to, see examples for details. + This or `hotfix_identifier` MUST be set when `state=absent`. If `state=present` + then the hotfix at `source` will be validated against this value, if it does + not match an error will occur. Because DISM uses the identifier as a key and + doesn''t refer to a KB in all cases it is recommended to use `hotfix_identifier` + instead.' + name: hotfix_kb + - auto: PREDEFINED + defaultValue: present + description: 'Whether to install or uninstall the hotfix. When `present`, `source` + MUST be set. When `absent`, `hotfix_identifier` or `hotfix_kb` MUST be set.' + name: state + predefined: + - absent + - present + - description: 'The path to the downloaded hotfix .msu file. This MUST be set + if `state=present` and MUST be a .msu hotfix file.' + name: source + description: "Install and uninstalls Windows hotfixes\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_hotfix_module.html" + name: win-hotfix + outputs: + - contextPath: MicrosoftWindows.WinHotfix.identifier + description: The DISM identifier for the hotfix. + type: string + - contextPath: MicrosoftWindows.WinHotfix.kb + description: The KB the hotfix relates to. + type: string + - contextPath: MicrosoftWindows.WinHotfix.reboot_required + description: Whether a reboot is required for the install or uninstall to finalise. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A list of hosts that will bypass the set proxy when being accessed. + Use `` to match hostnames that are not fully qualified domain names. + This is useful when needing to connect to intranet sites using just the hostname. + Omit, set to null or an empty string/list to remove the bypass list. If this + is set then `proxy` must also be set.' + isArray: true + name: bypass + - description: 'A string or dict that specifies the proxy to be set. If setting + a string, should be in the form `hostname`, `hostname:port`, or `protocol=hostname:port`. + If the port is undefined, the default port for the protocol in use is used. + If setting a dict, the keys should be the protocol and the values should be + the hostname and/or port for that protocol. Valid protocols are `http`, `https`, + `ftp`, and `socks`. Omit, set to null or an empty string to remove the proxy + settings.' + name: proxy + - auto: PREDEFINED + description: 'Instead of manually specifying the `proxy` and/or `bypass`, set + this to import the proxy from a set source like Internet Explorer. Using `ie` + will import the Internet Explorer proxy settings for the current active network + connection of the current user. Only IE''s proxy URL and bypass list will + be imported into WinHTTP. This is like running `netsh winhttp import proxy + source=ie`. The value is imported when the module runs and will not automatically + be updated if the IE configuration changes in the future. The module will + have to be run again to sync the latest changes.' + name: source + predefined: + - ie + description: "Manages proxy settings for WinHTTP\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_http_proxy_module.html" + name: win-http-proxy + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of the virtual directory to create or remove. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'Whether to add or remove the specified virtual directory. Removing + will remove the virtual directory and all under it (Recursively).' + name: state + predefined: + - absent + - present + - description: The site name under which the virtual directory is created or exists. + name: site + required: true + - description: The application under which the virtual directory is created or + exists. + name: application + - description: 'The physical path to the folder in which the new virtual directory + is created. The specified folder must already exist.' + name: physical_path + description: "Configures a virtual directory in IIS\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_iis_virtualdirectory_module.html" + name: win-iis-virtualdirectory + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the web application. + name: name + required: true + - description: Name of the site on which the application is created. + name: site + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the web application. + name: state + predefined: + - absent + - present + - description: 'The physical path on the remote host to use for the new application. + The specified folder must already exist.' + name: physical_path + - description: The application pool in which the new site executes. + name: application_pool + description: "Configures IIS web applications\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_iis_webapplication_module.html" + name: win-iis-webapplication + outputs: + - contextPath: MicrosoftWindows.WinIisWebapplication.application_pool + description: The used/implemented application_pool value. + type: string + - contextPath: MicrosoftWindows.WinIisWebapplication.physical_path + description: The used/implemented physical_path value. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'This field is a free form dictionary value for the application + pool attributes. These attributes are based on the naming standard at `https://www.iis.net/configreference/system.applicationhost/applicationpools/add#005`, + see the examples section for more details on how to set this. You can also + set the attributes of child elements like cpu and processModel, see the examples + to see how it is done. While you can use the numeric values for enums it is + recommended to use the enum name itself, e.g. use SpecificUser instead of + 3 for processModel.identityType. managedPipelineMode may be either "Integrated" + or "Classic". startMode may be either "OnDemand" or "AlwaysRunning". Use `state` + module parameter to modify the state of the app pool. When trying to set ''processModel.password'' + and you receive a ''Value does fall within the expected range'' error, you + have a corrupted keystore. Please follow `http://structuredsight.com/2014/10/26/im-out-of-range-youre-out-of-range/` + to help fix your host.' + name: attributes + - description: Name of the application pool. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'The state of the application pool. If `absent` will ensure the + app pool is removed. If `present` will ensure the app pool is configured and + exists. If `restarted` will ensure the app pool exists and will restart, this + is never idempotent. If `started` will ensure the app pool exists and is started. + If `stopped` will ensure the app pool exists and is stopped.' + name: state + predefined: + - absent + - present + - restarted + - started + - stopped + description: "Configure IIS Web Application Pools\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_iis_webapppool_module.html" + name: win-iis-webapppool + outputs: + - contextPath: MicrosoftWindows.WinIisWebapppool.attributes + description: Application Pool attributes that were set and processed by this + module invocation. + type: unknown + - contextPath: MicrosoftWindows.WinIisWebapppool.info + description: Information on current state of the Application Pool. See https://www.iis.net/configreference/system.applicationhost/applicationpools/add#005 + for the full list of return attributes based on your IIS version. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Names of web site. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: State of the binding. + name: state + predefined: + - absent + - present + - defaultValue: '80' + description: The port to bind to / use for the new site. + name: port + - defaultValue: '*' + description: The IP address to bind to / use for the new site. + name: ip + - description: 'The host header to bind to / use for the new site. If you are + creating/removing a catch-all binding, omit this parameter rather than defining + it as ''*''.' + name: host_header + - defaultValue: http + description: The protocol to be used for the Web binding (usually HTTP, HTTPS, + or FTP). + name: protocol + - description: Certificate hash (thumbprint) for the SSL binding. The certificate + hash is the unique identifier for the certificate. + name: certificate_hash + - defaultValue: my + description: Name of the certificate store where the certificate for the binding + is located. + name: certificate_store_name + - description: 'This parameter is only valid on Server 2012 and newer. Primarily + used for enabling and disabling server name indication (SNI). Set to c(0) + to disable SNI. Set to c(1) to enable SNI.' + name: ssl_flags + description: "Configures a IIS Web site binding\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_iis_webbinding_module.html" + name: win-iis-webbinding + outputs: + - contextPath: MicrosoftWindows.WinIisWebbinding.website_state + description: 'The state of the website being targetted Can be helpful in case + you accidentally cause a binding collision which can result in the targetted + site being stopped' + type: string + - contextPath: MicrosoftWindows.WinIisWebbinding.operation_type + description: 'The type of operation performed Can be removed, updated, matched, + or added' + type: string + - contextPath: MicrosoftWindows.WinIisWebbinding.binding_info + description: Information on the binding being manipulated + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Names of web site. + name: name + required: true + - description: 'Explicitly set the IIS numeric ID for a site. Note that this value + cannot be changed after the website has been created.' + name: site_id + - auto: PREDEFINED + description: State of the web site + name: state + predefined: + - absent + - started + - stopped + - restarted + - description: 'The physical path on the remote host to use for the new site. + The specified folder must already exist.' + name: physical_path + - description: The application pool in which the new site executes. + name: application_pool + - description: The port to bind to / use for the new site. + name: port + - description: The IP address to bind to / use for the new site. + name: ip + - description: The host header to bind to / use for the new site. + name: hostname + - description: Enables HTTPS binding on the site.. + name: ssl + - description: Custom site Parameters from string where properties are separated + by a pipe and property name/values by colon Ex. "foo:1|bar:2" + name: parameters + description: "Configures a IIS Web site\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_iis_website_module.html" + name: win-iis-website + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether to configure WinINet to automatically detect proxy settings + through Web Proxy Auto-Detection `WPAD`. This corresponds to the checkbox + `Automatically detect settings` in the connection settings window.' + name: auto_detect + predefined: + - 'Yes' + - 'No' + - description: 'The URL of a proxy configuration script. Proxy configuration scripts + are typically JavaScript files with the `.pac` extension that implement the + `FindProxyForURL(url, host` function. Omit, set to null or an empty string + to remove the auto config URL. This corresponds to the checkbox `Use automatic + configuration script` in the connection settings window.' + name: auto_config_url + - description: 'A list of hosts that will bypass the set proxy when being accessed. + Use `` to match hostnames that are not fully qualified domain names. + This is useful when needing to connect to intranet sites using just the hostname. + If defined, this should be the last entry in the bypass list. Use `<-loopback>` + to stop automatically bypassing the proxy when connecting through any loopback + address like `127.0.0.1`, `localhost`, or the local hostname. Omit, set to + null or an empty string/list to remove the bypass list. If this is set then + `proxy` must also be set.' + isArray: true + name: bypass + - description: 'The name of the IE connection to set the proxy settings for. These + are the connections under the `Dial-up and Virtual Private Network` header + in the IE settings. When omitted, the default LAN connection is used.' + name: connection + - description: 'A string or dict that specifies the proxy to be set. If setting + a string, should be in the form `hostname`, `hostname:port`, or `protocol=hostname:port`. + If the port is undefined, the default port for the protocol in use is used. + If setting a dict, the keys should be the protocol and the values should be + the hostname and/or port for that protocol. Valid protocols are `http`, `https`, + `ftp`, and `socks`. Omit, set to null or an empty string to remove the proxy + settings.' + name: proxy + description: "Manages proxy settings for WinINet and Internet Explorer\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_inet_proxy_module.html" + name: win-inet-proxy + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The path of the file to modify. Note that the Windows path delimiter + `\` must be escaped as `\\` when the line is double quoted. Before Ansible + 2.3 this option was only usable as `dest`, `destfile` and `name`.' + name: path + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'Determine whether a backup should be created. When set to `yes`, + create a backup file including the timestamp information so you can get the + original file back if you somehow clobbered it incorrectly.' + name: backup + predefined: + - 'Yes' + - 'No' + - description: The regular expression to look for in every line of the file. For + `state=present`, the pattern to replace if found; only the last line found + will be replaced. For `state=absent`, the pattern of the line to remove. Uses + .NET compatible regular expressions; see `https://msdn.microsoft.com/en-us/library/hs600312%28v=vs.110%29.aspx`. + name: regex + - auto: PREDEFINED + defaultValue: present + description: Whether the line should be there or not. + name: state + predefined: + - absent + - present + - description: 'Required for `state=present`. The line to insert/replace into + the file. If `backrefs` is set, may contain backreferences that will get expanded + with the `regexp` capture groups if the regexp matches. Be aware that the + line is processed first on the controller and thus is dependent on yaml quoting + rules. Any double quoted line will have control characters, such as ''\r\n'', + expanded. To print such characters literally, use single or no quotes.' + name: line + - auto: PREDEFINED + defaultValue: 'No' + description: 'Used with `state=present`. If set, line can contain backreferences + (both positional and named) that will get populated if the `regexp` matches. + This flag changes the operation of the module slightly; `insertbefore` and + `insertafter` will be ignored, and if the `regexp` doesn''t match anywhere + in the file, the file will be left unchanged. If the `regexp` does match, + the last matching line will be replaced by the expanded line parameter.' + name: backrefs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: EOF + description: 'Used with `state=present`. If specified, the line will be inserted + after the last match of specified regular expression. A special value is available; + `EOF` for inserting the line at the end of the file. If specified regular + expression has no matches, EOF will be used instead. May not be used with + `backrefs`.' + name: insertafter + predefined: + - EOF + - '*regex*' + - auto: PREDEFINED + description: 'Used with `state=present`. If specified, the line will be inserted + before the last match of specified regular expression. A value is available; + `BOF` for inserting the line at the beginning of the file. If specified regular + expression has no matches, the line will be inserted at the end of the file. + May not be used with `backrefs`.' + name: insertbefore + predefined: + - BOF + - '*regex*' + - auto: PREDEFINED + defaultValue: 'No' + description: Used with `state=present`. If specified, the file will be created + if it does not already exist. By default it will fail if the file is missing. + name: create + predefined: + - 'Yes' + - 'No' + - description: 'Validation to run before copying into place. Use %s in the command + to indicate the current file to validate. The command is passed securely so + shell features like expansion and pipes won''t work.' + name: validate + - defaultValue: auto + description: 'Specifies the encoding of the source text file to operate on (and + thus what the output encoding will be). The default of `auto` will cause the + module to auto-detect the encoding of the source file and ensure that the + modified file is written with the same encoding. An explicit encoding can + be passed as a string that is a valid value to pass to the .NET framework + System.Text.Encoding.GetEncoding() method - see `https://msdn.microsoft.com/en-us/library/system.text.encoding%28v=vs.110%29.aspx`. + This is mostly useful with `create=yes` if you want to create a new file with + a specific encoding. If `create=yes` is specified without a specific encoding, + the default encoding (UTF-8, no BOM) will be used.' + name: encoding + - auto: PREDEFINED + defaultValue: windows + description: Specifies the line separator style to use for the modified file. + This defaults to the windows line separator (`\r\n`). Note that the indicated + line separator will be used for file output regardless of the original line + separator that appears in the input file. + name: newline + predefined: + - unix + - windows + description: "Ensure a particular line is in a file, or replace an existing line\ + \ using a back-referenced regular expression\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_lineinfile_module.html" + name: win-lineinfile + outputs: + - contextPath: MicrosoftWindows.WinLineinfile.backup + description: 'Name of the backup file that was created. This is now deprecated, + use `backup_file` instead.' + type: string + - contextPath: MicrosoftWindows.WinLineinfile.backup_file + description: Name of the backup file that was created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The letter of the network path to map to. This letter must not + already be in use with Windows.' + name: letter + required: true + - description: 'The password for `username` that is used when testing the initial + connection. This is never saved with a mapped drive, use the `win_credential` + module to persist a username and password for a host.' + name: password + - description: 'The UNC path to map the drive to. If pointing to a WebDAV location + this must still be in a UNC path in the format `\\hostname\path` and not a + URL, see examples for more details. To specify a `https` WebDAV path, add + `@SSL` after the hostname. To specify a custom WebDAV port add `@` + after the `@SSL` or hostname portion of the UNC path, e.g. `\\server@SSL@1234` + or `\\server@1234`. This is required if `state=present`. If `state=absent` + and `path` is not set, the module will delete the mapped drive regardless + of the target. If `state=absent` and the `path` is set, the module will throw + an error if path does not match the target of the mapped drive.' + name: path + - auto: PREDEFINED + defaultValue: present + description: 'If `present` will ensure the mapped drive exists. If `absent` + will ensure the mapped drive does not exist.' + name: state + predefined: + - absent + - present + - description: 'The username that is used when testing the initial connection. + This is never saved with a mapped drive, the the `win_credential` module to + persist a username and password for a host. This is required if the mapped + drive requires authentication with custom credentials and become, or CredSSP + cannot be used. If become or CredSSP is used, any credentials saved with `win_credential` + will automatically be used instead.' + name: username + description: "Map network drives for users\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_mapped_drive_module.html" + name: win-mapped-drive + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '*' + description: Who to send the message to. Can be a username, sessionname or sessionid. + name: to + - defaultValue: '10' + description: How long to wait for receiver to acknowledge message, in seconds. + name: display_seconds + - defaultValue: 'no' + description: Whether to wait for users to respond. Module will only wait for + the number of seconds specified in display_seconds or 10 seconds if not specified. + However, if `wait` is `yes`, the message is sent to each logged on user in + turn, waiting for the user to either press 'ok' or for the timeout to elapse + before moving on to the next user. + name: wait + - defaultValue: Hello world! + description: 'The text of the message to be displayed. The message must be less + than 256 characters.' + name: msg + description: "Sends a message to logged in users on Windows hosts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_msg_module.html" + name: win-msg + outputs: + - contextPath: MicrosoftWindows.WinMsg.msg + description: Test of the message that was sent. + type: string + - contextPath: MicrosoftWindows.WinMsg.display_seconds + description: Value of display_seconds module parameter. + type: string + - contextPath: MicrosoftWindows.WinMsg.rc + description: The return code of the API call. + type: number + - contextPath: MicrosoftWindows.WinMsg.runtime_seconds + description: How long the module took to run on the remote windows host. + type: string + - contextPath: MicrosoftWindows.WinMsg.sent_localtime + description: local time from windows host when the message was sent. + type: string + - contextPath: MicrosoftWindows.WinMsg.wait + description: Value of wait module parameter. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + description: Whether NetBIOS should be enabled, disabled, or default (use setting + from DHCP server or if static IP address is assigned enable NetBIOS). + name: state + predefined: + - enabled + - disabled + - default + required: true + - description: 'List of adapter names for which to manage NetBIOS settings. If + this option is omitted then configuration is applied to all adapters on the + system. The adapter name used is the connection caption in the Network Control + Panel or via `Get-NetAdapter`, eg `Ethernet 2`.' + isArray: true + name: adapter_names + description: "Manage NetBIOS over TCP/IP settings on Windows.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_netbios_module.html" + name: win-netbios + outputs: + - contextPath: MicrosoftWindows.WinNetbios.reboot_required + description: Boolean value stating whether a system reboot is required. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the service to operate on. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'State of the service on the system. Values `started`, `stopped`, + and `restarted` are deprecated since v2.8, please use the `win_service` module + instead to start, stop or restart the service.' + name: state + predefined: + - absent + - present + - started + - stopped + - restarted + - description: 'The application binary to run as a service Required when `state` + is `present`, `started`, `stopped`, or `restarted`.' + name: application + - defaultValue: nssm.exe + description: The location of the NSSM utility (in case it is not located in + your PATH). + name: executable + - description: The description to set for the service. + name: description + - description: The display name to set for the service. + name: display_name + - description: The working directory to run the service executable from (defaults + to the directory containing the application binary) + name: working_directory + - description: Path to receive output. + name: stdout_file + - description: Path to receive error output. + name: stderr_file + - description: 'A string representing a dictionary of parameters to be passed + to the application when it starts. DEPRECATED since v2.8, please use `arguments` + instead. This is mutually exclusive with `arguments`.' + name: app_parameters + - description: 'Parameters to be passed to the application when it starts. This + can be either a simple string or a list. This parameter was renamed from `app_parameters_free_form` + in 2.8. This is mutually exclusive with `app_parameters`.' + name: arguments + - description: 'Service dependencies that has to be started to trigger startup, + separated by comma. DEPRECATED since v2.8, please use the `win_service` module + instead.' + isArray: true + name: dependencies + - description: 'User to be used for service startup. DEPRECATED since v2.8, please + use the `win_service` module instead.' + name: user + - description: 'Password to be used for service startup. DEPRECATED since v2.8, + please use the `win_service` module instead.' + name: password + - auto: PREDEFINED + defaultValue: auto + description: 'If `auto` is selected, the service will start at bootup. `delayed` + causes a delayed but automatic start after boot (added in version 2.5). `manual` + means that the service will start only when another service needs it. `disabled` + means that the service will stay off, regardless if it is needed or not. DEPRECATED + since v2.8, please use the `win_service` module instead.' + name: start_mode + predefined: + - auto + - delayed + - disabled + - manual + description: "Install a service using NSSM\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_nssm_module.html" + name: win-nssm + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name(s) of the feature to install. This relates to `FeatureName` + in the Powershell cmdlet. To list all available features use the PowerShell + command `Get-WindowsOptionalFeature`.' + isArray: true + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether to ensure the feature is absent or present on the system. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to enable the parent feature and the parent's dependencies. + name: include_parent + predefined: + - 'Yes' + - 'No' + - description: 'Specify a source to install the feature from. Can either be `{driveletter}:\sources\sxs` + or `\\{IP}\share\sources\sxs`.' + name: source + description: "Manage optional Windows features\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_optional_feature_module.html" + name: win-optional-feature + outputs: + - contextPath: MicrosoftWindows.WinOptionalFeature.reboot_required + description: True when the target server requires a reboot to complete updates + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Path to be used for changing owner. + name: path + required: true + - description: Name to be used for changing owner. + name: user + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Indicates if the owner should be changed recursively. + name: recurse + predefined: + - 'Yes' + - 'No' + description: "Set owner\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_owner_module.html" + name: win-owner + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Any arguments the installer needs to either install or uninstall + the package. If the package is an MSI do not supply the `/qn`, `/log` or `/norestart` + arguments. As of Ansible 2.5, this parameter can be a list of arguments and + the module will escape the arguments as necessary, it is recommended to use + a string when dealing with MSI packages due to the unique escaping issues + with msiexec.' + name: arguments + - description: Set the specified path as the current working directory before + installing or uninstalling a package. + name: chdir + - description: 'Will check the existence of the path specified and use the result + to determine whether the package is already installed. You can use this in + conjunction with `product_id` and other `creates_*`.' + name: creates_path + - description: 'Will check the existing of the service specified and use the result + to determine whether the package is already installed. You can use this in + conjunction with `product_id` and other `creates_*`.' + name: creates_service + - description: 'Will check the file version property of the file at `creates_path` + and use the result to determine whether the package is already installed. + `creates_path` MUST be set and is a file. You can use this in conjunction + with `product_id` and other `creates_*`.' + name: creates_version + - defaultValue: '[0, 3010]' + description: 'One or more return codes from the package installation that indicates + success. Before Ansible 2.4 this was just 0 but since Ansible 2.4 this is + both `0` and `3010`. A return code of `3010` usually means that a reboot is + required, the `reboot_required` return value is set if the return code is + `3010`.' + isArray: true + name: expected_return_code + - description: The password for `user_name`, must be set when `user_name` is. + name: password + - description: 'Location of the package to be installed or uninstalled. This package + can either be on the local file system, network share or a url. If the path + is on a network share and the current WinRM transport doesn''t support credential + delegation, then `user_name` and `user_password` must be set to access the + file. There are cases where this file will be copied locally to the server + so it can access it, see the notes for more info. If `state=present` then + this value MUST be set. If `state=absent` then this value does not need to + be set if `product_id` is.' + name: path + - description: 'The product id of the installed packaged. This is used for checking + whether the product is already installed and getting the uninstall information + if `state=absent`. You can find product ids for installed programs in the + Windows registry editor either at `HKLM:Software\Microsoft\Windows\CurrentVersion\Uninstall` + or for 32 bit programs at `HKLM:Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall`. + This SHOULD be set when the package is not an MSI, or the path is a url or + a network share and credential delegation is not being used. The `creates_*` + options can be used instead but is not recommended.' + name: product_id + - auto: PREDEFINED + defaultValue: present + description: 'Whether to install or uninstall the package. The module uses `product_id` + and whether it exists at the registry path to see whether it needs to install + or uninstall the package.' + name: state + predefined: + - absent + - present + - description: 'Username of an account with access to the package if it is located + on a file share. This is only needed if the WinRM transport is over an auth + method that does not support credential delegation like Basic or NTLM.' + name: username + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If `no`, SSL certificates will not be validated. This should only + be used on personally controlled sites using self-signed certificates. Before + Ansible 2.4 this defaulted to `no`.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - description: 'Specifies the path to a log file that is persisted after an MSI + package is installed or uninstalled. When omitted, a temporary log file is + used for MSI packages. This is only valid for MSI files, use `arguments` for + other package types.' + name: log_path + description: "Installs/uninstalls an installable package\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_package_module.html" + name: win-package + outputs: + - contextPath: MicrosoftWindows.WinPackage.log + description: The contents of the MSI log. + type: string + - contextPath: MicrosoftWindows.WinPackage.rc + description: The return code of the package process. + type: number + - contextPath: MicrosoftWindows.WinPackage.reboot_required + description: Whether a reboot is required to finalise package. This is set to + true if the executable return code is 3010. + type: boolean + - contextPath: MicrosoftWindows.WinPackage.stdout + description: The stdout stream of the package process. + type: string + - contextPath: MicrosoftWindows.WinPackage.stderr + description: The stderr stream of the package process. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The drive of the pagefile. + name: drive + - description: The initial size of the pagefile in megabytes. + name: initial_size + - description: The maximum size of the pagefile in megabytes. + name: maximum_size + - auto: PREDEFINED + defaultValue: 'Yes' + description: Override the current pagefile on the drive. + name: override + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Configures current pagefile to be managed by the system. + name: system_managed + predefined: + - 'Yes' + - 'No' + - description: Configures AutomaticManagedPagefile for the entire system. + name: automatic + - auto: PREDEFINED + defaultValue: 'No' + description: Remove all pagefiles in the system, not including automatic managed. + name: remove_all + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Use Test-Path on the drive to make sure the drive is accessible + before creating the pagefile. + name: test_path + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: query + description: State of the pagefile. + name: state + predefined: + - absent + - present + - query + description: "Query or change pagefile configuration\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_pagefile_module.html" + name: win-pagefile + outputs: + - contextPath: MicrosoftWindows.WinPagefile.automatic_managed_pagefiles + description: Whether the pagefiles is automatically managed. + type: boolean + - contextPath: MicrosoftWindows.WinPagefile.pagefiles + description: Contains caption, description, initial_size, maximum_size and name + for each pagefile in the system. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: present + description: Used to specify the state of the partition. Use `absent` to specify + if a partition should be removed and `present` to specify if the partition + should be created or updated. + name: state + predefined: + - absent + - present + - description: 'Used for accessing partitions if `disk_number` and `partition_number` + are not provided. Use `auto` for automatically assigning a drive letter, or + a letter A-Z for manually assigning a drive letter to a new partition. If + not specified, no drive letter is assigned when creating a new partition.' + name: drive_letter + - description: 'Disk number is mandatory for creating new partitions. A combination + of `disk_number` and `partition_number` can be used to specify the partition + instead of `drive_letter` if required.' + name: disk_number + - description: Used in conjunction with `disk_number` to uniquely identify a partition. + name: partition_number + - description: 'Specify size of the partition in B, KB, KiB, MB, MiB, GB, GiB, + TB or TiB. Use -1 to specify maximum supported size. Partition size is mandatory + for creating a new partition but not for updating or deleting a partition. + The decimal SI prefixes kilo, mega, giga, tera, etc., are powers of 10^3 = + 1000. The binary prefixes kibi, mebi, gibi, tebi, etc. respectively refer + to the corresponding power of 2^10 = 1024. Thus, a gigabyte (GB) is 1000000000 + (1000^3) bytes while 1 gibibyte (GiB) is 1073741824 (1024^3) bytes.' + name: partition_size + - description: Make the partition read only, restricting changes from being made + to the partition. + name: read_only + - description: Specifies if the partition is active and can be used to start the + system. This property is only valid when the disk's partition style is MBR. + name: active + - description: Hides the target partition, making it undetectable by the mount + manager. + name: hidden + - description: 'Sets the partition offline. Adding a mount point (such as a drive + letter) will cause the partition to go online again.' + name: offline + - auto: PREDEFINED + description: 'Specify the partition''s MBR type if the disk''s partition style + is MBR. This only applies to new partitions. This does not relate to the partitions + file system formatting.' + name: mbr_type + predefined: + - fat12 + - fat16 + - extended + - huge + - ifs + - fat32 + - auto: PREDEFINED + description: 'Specify the partition''s GPT type if the disk''s partition style + is GPT. This only applies to new partitions. This does not relate to the partitions + file system formatting.' + name: gpt_type + predefined: + - system_partition + - microsoft_reserved + - basic_data + - microsoft_recovery + description: "Creates, changes and removes partitions on Windows Server\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_partition_module.html" + name: win-partition + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: PATH + description: Target path environment variable name. + name: name + - description: 'A single path element, or a list of path elements (ie, directories) + to add or remove. When multiple elements are included in the list (and `state` + is `present`), the elements are guaranteed to appear in the same relative + order in the resultant path value. Variable expansions (eg, `%VARNAME%`) are + allowed, and are stored unexpanded in the target path element. Any existing + path elements not mentioned in `elements` are always preserved in their current + order. New path elements are appended to the path, and existing path elements + may be moved closer to the end to satisfy the requested ordering. Paths are + compared in a case-insensitive fashion, and trailing backslashes are ignored + for comparison purposes. However, note that trailing backslashes in YAML require + quotes.' + isArray: true + name: elements + required: true + - auto: PREDEFINED + description: Whether the path elements specified in `elements` should be present + or absent. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: machine + description: The level at which the environment variable specified by `name` + should be managed (either for the current user or global machine scope). + name: scope + predefined: + - machine + - user + description: "Manage Windows path environment variables\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_path_module.html" + name: win-path + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Path to a pester test file or a folder where tests can be found. + If the path is a folder, the module will consider all ps1 files as Pester + tests.' + name: path + required: true + - description: 'Runs only tests in Describe blocks with specified Tags values. + Accepts multiple comma separated tags.' + isArray: true + name: tags + - description: Allows to specify parameters to the test script. + isArray: true + name: test_parameters + - description: Minimum version of the pester module that has to be available on + the remote host. + name: version + description: "Run Pester tests on Windows hosts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_pester_module.html" + name: win-pester + outputs: + - contextPath: MicrosoftWindows.WinPester.pester_version + description: Version of the pester module found on the remote host. + type: string + - contextPath: MicrosoftWindows.WinPester.output + description: Results of the Pester tests. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: pong + description: 'Alternate data to return instead of ''pong''. If this parameter + is set to `crash`, the module will cause an exception.' + name: data + description: "A windows version of the classic ping module\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_ping_module.html" + name: win-ping + outputs: + - contextPath: MicrosoftWindows.WinPing.ping + description: Value provided with the data parameter. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'String value that indicates the desired power plan. The power + plan must already be present on the system. Commonly there will be options + for `balanced` and `high performance`.' + name: name + required: true + description: "Changes the power plan of a Windows system\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_power_plan_module.html" + name: win-power-plan + outputs: + - contextPath: MicrosoftWindows.WinPowerPlan.power_plan_name + description: Value of the intended power plan. + type: string + - contextPath: MicrosoftWindows.WinPowerPlan.power_plan_enabled + description: State of the intended power plan. + type: boolean + - contextPath: MicrosoftWindows.WinPowerPlan.all_available_plans + description: The name and enabled state of all power plans. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + description: "Provides Windows product and license information\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_product_facts_module.html" + name: win-product-facts + outputs: + - contextPath: MicrosoftWindows.WinProductFacts.ansible_facts + description: Dictionary containing all the detailed information about the Windows + product and license. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The command line to run through PsExec (limited to 260 characters). + name: command + required: true + - defaultValue: psexec.exe + description: The location of the PsExec utility (in case it is not located in + your PATH). + name: executable + - description: 'Specify additional options to add onto the PsExec invocation. + This module was undocumented in older releases and will be removed in Ansible + 2.10.' + isArray: true + name: extra_opts + - description: 'The hostnames to run the command. If not provided, the command + is run locally.' + isArray: true + name: hostnames + - description: 'The (remote) user to run the command as. If not provided, the + current user is used.' + name: username + - description: 'The password for the (remote) user to run the command as. This + is mandatory in order authenticate yourself.' + name: password + - description: Run the command from this (remote) directory. + name: chdir + - auto: PREDEFINED + defaultValue: 'No' + description: 'Do not display the startup banner and copyright message. This + only works for specific versions of the PsExec binary.' + name: nobanner + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Run the command without loading the account's profile. + name: noprofile + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Run the command with elevated privileges. + name: elevated + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Run the program so that it interacts with the desktop on the remote + system. + name: interactive + predefined: + - 'Yes' + - 'No' + - description: 'Specifies the session ID to use. This parameter works in conjunction + with `interactive`. It has no effect when `interactive` is set to `no`.' + name: session + - auto: PREDEFINED + defaultValue: 'No' + description: Run the command as limited user (strips the Administrators group + and allows only privileges assigned to the Users group). + name: limited + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Run the remote command in the System account. + name: system + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + description: Used to run the command at a different priority. + name: priority + predefined: + - abovenormal + - background + - belownormal + - high + - low + - realtime + - description: The connection timeout in seconds + name: timeout + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Wait for the application to terminate. Only use for non-interactive + applications.' + name: wait + predefined: + - 'Yes' + - 'No' + description: "Runs commands (remotely) as another (privileged) user\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_psexec_module.html" + name: win-psexec + outputs: + - contextPath: MicrosoftWindows.WinPsexec.cmd + description: The complete command line used by the module, including PsExec + call and additional options. + type: string + - contextPath: MicrosoftWindows.WinPsexec.pid + description: The PID of the async process created by PsExec. + type: number + - contextPath: MicrosoftWindows.WinPsexec.rc + description: The return code for the command. + type: number + - contextPath: MicrosoftWindows.WinPsexec.stdout + description: The standard output from the command. + type: string + - contextPath: MicrosoftWindows.WinPsexec.stderr + description: The error output from the command. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the Windows PowerShell module that has to be installed. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'If `present` a new module is installed. If `absent` a module is + removed. If `latest` a module is updated to the newest version. This option + was added in version 2.8.' + name: state + predefined: + - absent + - latest + - present + - description: The exact version of the PowerShell module that has to be installed. + name: required_version + - description: The minimum version of the PowerShell module that has to be installed. + name: minimum_version + - description: The maximum version of the PowerShell module that has to be installed. + name: maximum_version + - auto: PREDEFINED + defaultValue: 'No' + description: If `yes` allows install modules that contains commands those have + the same names as commands that already exists. + name: allow_clobber + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: If `yes`, allows you to install a different version of a module + that already exists on your computer in the case when a different one is not + digitally signed by a trusted publisher and the newest existing module is + digitally signed by a trusted publisher. + name: skip_publisher_check + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If `yes` installs modules marked as prereleases. It doesn''t work + with the parameters `minimum_version` and/or `maximum_version`. It doesn''t + work with the `state` set to absent.' + name: allow_prerelease + predefined: + - 'Yes' + - 'No' + - description: Name of the custom repository to use. + name: repository + - description: 'URL of the custom repository to register. This option is deprecated + and will be removed in Ansible 2.12. Use the `win_psrepository` module instead.' + name: url + description: "Adds or removes a Windows PowerShell module\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_psmodule_module.html" + name: win-psmodule + outputs: + - contextPath: MicrosoftWindows.WinPsmodule.output + description: A message describing the task result. + type: string + - contextPath: MicrosoftWindows.WinPsmodule.nuget_changed + description: True when Nuget package provider is installed. + type: boolean + - contextPath: MicrosoftWindows.WinPsmodule.repository_changed + description: True when a custom repository is installed or removed. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the repository to work with. + name: name + required: true + - description: 'Specifies the URI for discovering and installing modules from + this repository. A URI can be a NuGet server feed (most common situation), + HTTP, HTTPS, FTP or file location.' + name: source + - auto: PREDEFINED + defaultValue: present + description: 'If `present` a new repository is added or updated. If `absent` + a repository is removed.' + name: state + predefined: + - absent + - present + - auto: PREDEFINED + description: 'Sets the `InstallationPolicy` of a repository. Will default to + `trusted` when creating a new repository.' + name: installation_policy + predefined: + - trusted + - untrusted + description: "Adds, removes or updates a Windows PowerShell repository.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_psrepository_module.html" + name: win-psrepository + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Comma-separated list of plugin names. + name: names + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'Only enable missing plugins. Does not disable plugins that are + not in the names list.' + name: new_only + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: enabled + description: Specify if plugins are to be enabled or disabled. + name: state + predefined: + - disabled + - enabled + - description: Specify a custom install prefix to a Rabbit. + name: prefix + description: "Manage RabbitMQ plugins\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rabbitmq_plugin_module.html" + name: win-rabbitmq-plugin + outputs: + - contextPath: MicrosoftWindows.WinRabbitmqPlugin.enabled + description: List of plugins enabled during task run. + type: unknown + - contextPath: MicrosoftWindows.WinRabbitmqPlugin.disabled + description: List of plugins disabled during task run. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the connection authorization policy. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'The state of connection authorization policy. If `absent` will + ensure the policy is removed. If `present` will ensure the policy is configured + and exists. If `enabled` will ensure the policy is configured, exists and + enabled. If `disabled` will ensure the policy is configured, exists, but disabled.' + name: state + predefined: + - absent + - enabled + - disabled + - present + - auto: PREDEFINED + description: 'Specifies how the RD Gateway server authenticates users. When + a new CAP is created, the default value is `password`.' + name: auth_method + predefined: + - both + - none + - password + - smartcard + - description: 'Evaluation order of the policy. The CAP in which `order` is set + to a value of ''1'' is evaluated first. By default, a newly created CAP will + take the first position. If the given value exceed the total number of existing + policies, the policy will take the last position but the evaluation order + will be capped to this number.' + name: order + - description: 'The maximum time, in minutes, that a session can be idle. A value + of zero disables session timeout.' + name: session_timeout + - auto: PREDEFINED + defaultValue: disconnect + description: 'The action the server takes when a session times out. `disconnect`: + disconnect the session. `reauth`: silently reauthenticate and reauthorize + the session.' + name: session_timeout_action + predefined: + - disconnect + - reauth + - description: 'Specifies the time interval, in minutes, after which an idle session + is disconnected. A value of zero disables idle timeout.' + name: idle_timeout + - description: Specifies whether connections are allowed only to Remote Desktop + Session Host servers that enforce Remote Desktop Gateway redirection policy. + name: allow_only_sdrts_servers + - description: 'A list of user groups that is allowed to connect to the Remote + Gateway server. Required when a new CAP is created.' + isArray: true + name: user_groups + - description: A list of computer groups that is allowed to connect to the Remote + Gateway server. + isArray: true + name: computer_groups + - description: Allow clipboard redirection. + name: redirect_clipboard + - description: Allow disk drive redirection. + name: redirect_drives + - description: Allow printers redirection. + name: redirect_printers + - description: Allow serial port redirection. + name: redirect_serial + - description: Allow Plug and Play devices redirection. + name: redirect_pnp + description: "Manage Connection Authorization Policies (CAP) on a Remote Desktop\ + \ Gateway server\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rds_cap_module.html" + name: win-rds-cap + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the resource authorization policy. + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'The state of resource authorization policy. If `absent` will ensure + the policy is removed. If `present` will ensure the policy is configured and + exists. If `enabled` will ensure the policy is configured, exists and enabled. + If `disabled` will ensure the policy is configured, exists, but disabled.' + name: state + predefined: + - absent + - disabled + - enabled + - present + - description: Optional description of the resource authorization policy. + name: description + - description: 'List of user groups that are associated with this resource authorization + policy (RAP). A user must belong to one of these groups to access the RD Gateway + server. Required when a new RAP is created.' + isArray: true + name: user_groups + - description: 'List of port numbers through which connections are allowed for + this policy. To allow connections through any port, specify ''any''.' + isArray: true + name: allowed_ports + - auto: PREDEFINED + description: 'The computer group type: `rdg_group`: RD Gateway-managed group + `ad_network_resource_group`: Active Directory Domain Services network resource + group `allow_any`: Allow users to connect to any network resource.' + name: computer_group_type + predefined: + - rdg_group + - ad_network_resource_group + - allow_any + - description: 'The computer group name that is associated with this resource + authorization policy (RAP). This is required when `computer_group_type` is + `rdg_group` or `ad_network_resource_group`.' + name: computer_group + description: "Manage Resource Authorization Policies (RAP) on a Remote Desktop\ + \ Gateway server\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rds_rap_module.html" + name: win-rds-rap + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Certificate hash (thumbprint) for the Remote Desktop Gateway server. + The certificate hash is the unique identifier for the certificate. + name: certificate_hash + - description: 'The maximum number of connections allowed. If set to `0`, no new + connections are allowed. If set to `-1`, the number of connections is unlimited.' + name: max_connections + - auto: PREDEFINED + description: 'Specifies whether to use SSL Bridging. `none`: no SSL bridging. + `https_http`: HTTPS-HTTP bridging. `https_https`: HTTPS-HTTPS bridging.' + name: ssl_bridging + predefined: + - https_http + - https_https + - none + - description: If enabled, only clients that support logon messages and administrator + messages can connect. + name: enable_only_messaging_capable_clients + description: "Manage main settings of a Remote Desktop Gateway server\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rds_settings_module.html" + name: win-rds-settings + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '2' + description: Seconds to wait before reboot. Passed as a parameter to the reboot + command. + name: pre_reboot_delay + - defaultValue: '0' + description: 'Seconds to wait after the reboot command was successful before + attempting to validate the system rebooted successfully. This is useful if + you want wait for something to settle despite your connection already working.' + name: post_reboot_delay + - defaultValue: '600' + description: 'Maximum seconds to wait for shutdown to occur. Increase this timeout + for very slow hardware, large update applications, etc. This option has been + removed since Ansible 2.5 as the win_reboot behavior has changed.' + name: shutdown_timeout + - defaultValue: '600' + description: 'Maximum seconds to wait for machine to re-appear on the network + and respond to a test command. This timeout is evaluated separately for both + reboot verification and test command success so maximum clock time is actually + twice this value.' + name: reboot_timeout + - defaultValue: '5' + description: Maximum seconds to wait for a single successful TCP connection + to the WinRM endpoint before trying again. + name: connect_timeout + - defaultValue: whoami + description: Command to expect success for to determine the machine is ready + for management. + name: test_command + - defaultValue: Reboot initiated by Ansible + description: Message to display to users. + name: msg + description: "Reboot a windows machine\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_reboot_module.html" + name: win-reboot + outputs: + - contextPath: MicrosoftWindows.WinReboot.rebooted + description: True if the machine was rebooted. + type: boolean + - contextPath: MicrosoftWindows.WinReboot.elapsed + description: The number of seconds that elapsed waiting for the system to be + rebooted. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The full registry key path including the hive to search for. + name: path + required: true + - description: 'The registry property name to get information for, the return + json will not include the sub_keys and properties entries for the `key` specified. + Set to an empty string to target the registry key''s `(Default`) property + value.' + name: name + description: "Get information about Windows registry keys\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_reg_stat_module.html" + name: win-reg-stat + outputs: + - contextPath: MicrosoftWindows.WinRegStat.changed + description: Whether anything was changed. + type: boolean + - contextPath: MicrosoftWindows.WinRegStat.exists + description: States whether the registry key/property exists. + type: boolean + - contextPath: MicrosoftWindows.WinRegStat.properties + description: A dictionary containing all the properties and their values in + the registry key. + type: unknown + - contextPath: MicrosoftWindows.WinRegStat.sub_keys + description: A list of all the sub keys of the key specified. + type: unknown + - contextPath: MicrosoftWindows.WinRegStat.raw_value + description: Returns the raw value of the registry property, REG_EXPAND_SZ has + no string expansion, REG_BINARY or REG_NONE is in hex 0x format. REG_NONE, + this value is a hex string in the 0x format. + type: string + - contextPath: MicrosoftWindows.WinRegStat.type + description: The property type. + type: string + - contextPath: MicrosoftWindows.WinRegStat.value + description: The value of the property. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Name of the registry path. Should be in one of the following registry + hives: HKCC, HKCR, HKCU, HKLM, HKU.' + name: path + required: true + - description: 'Name of the registry entry in the above `path` parameters. If + not provided, or empty then the ''(Default)'' property for the key will be + used.' + name: name + - description: 'Value of the registry entry `name` in `path`. If not specified + then the value for the property will be null for the corresponding `type`. + Binary and None data should be expressed in a yaml byte array or as comma + separated hex values. An easy way to generate this is to run `regedit.exe` + and use the `export` option to save the registry values to a file. In the + exported file, binary value will look like `hex:be,ef,be,ef`, the `hex:` prefix + is optional. DWORD and QWORD values should either be represented as a decimal + number or a hex value. Multistring values should be passed in as a list. See + the examples for more details on how to format this data.' + name: data + - auto: PREDEFINED + defaultValue: string + description: The registry value data type. + name: type + predefined: + - binary + - dword + - expandstring + - multistring + - string + - qword + - auto: PREDEFINED + defaultValue: present + description: The state of the registry entry. + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'When `state` is ''absent'' then this will delete the entire key. + If `no` then it will only clear out the ''(Default)'' property for that key.' + name: delete_key + predefined: + - 'Yes' + - 'No' + - description: 'A path to a hive key like C:\Users\Default\NTUSER.DAT to load + in the registry. This hive is loaded under the HKLM:\ANSIBLE key which can + then be used in `name` like any other path. This can be used to load the default + user profile registry hive or any other hive saved as a file. Using this function + requires the user to have the `SeRestorePrivilege` and `SeBackupPrivilege` + privileges enabled.' + name: hive + description: "Add, change, or remove registry keys and values\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_regedit_module.html" + name: win-regedit + outputs: + - contextPath: MicrosoftWindows.WinRegedit.data_changed + description: Whether this invocation changed the data in the registry value. + type: boolean + - contextPath: MicrosoftWindows.WinRegedit.data_type_changed + description: Whether this invocation changed the datatype of the registry value. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The location to set for the current user, see `https://msdn.microsoft.com/en-us/library/dd374073.aspx` + for a list of GeoIDs you can use and what location it relates to. This needs + to be set if `format` or `unicode_language` is not set.' + name: location + - description: 'The language format to set for the current user, see `https://msdn.microsoft.com/en-us/library/system.globalization.cultureinfo.aspx` + for a list of culture names to use. This needs to be set if `location` or + `unicode_language` is not set.' + name: format + - description: 'The unicode language format to set for all users, see `https://msdn.microsoft.com/en-us/library/system.globalization.cultureinfo.aspx` + for a list of culture names to use. This needs to be set if `location` or + `format` is not set. After setting this value a reboot is required for it + to take effect.' + name: unicode_language + - auto: PREDEFINED + defaultValue: 'No' + description: This will copy the current format and location values to new user + profiles and the welcome screen. This will only run if `location`, `format` + or `unicode_language` has resulted in a change. If this process runs then + it will always result in a change. + name: copy_settings + predefined: + - 'Yes' + - 'No' + description: "Set the region and format settings\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_region_module.html" + name: win-region + outputs: + - contextPath: MicrosoftWindows.WinRegion.restart_required + description: Whether a reboot is required for the change to take effect. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The full path including file name to the registry file on the remote + machine to be merged + name: path + required: true + - description: The parent key to use when comparing the contents of the registry + to the contents of the file. Needs to be in HKLM or HKCU part of registry. + Use a PS-Drive style path for example HKLM:\SOFTWARE not HKEY_LOCAL_MACHINE\SOFTWARE + If not supplied, or the registry key is not found, no comparison will be made, + and the module will report changed. + name: compare_key + description: "Merges the contents of a registry file into the Windows registry\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_regmerge_module.html" + name: win-regmerge + outputs: + - contextPath: MicrosoftWindows.WinRegmerge.compare_to_key_found + description: whether the parent registry key has been found for comparison + type: boolean + - contextPath: MicrosoftWindows.WinRegmerge.difference_count + description: number of differences between the registry and the file + type: number + - contextPath: MicrosoftWindows.WinRegmerge.compared + description: whether a comparison has taken place between the registry and the + file + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Source file/directory to sync. + name: src + required: true + - description: Destination file/directory to sync (Will receive contents of src). + name: dest + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'Includes all subdirectories (Toggles the `/e` flag to RoboCopy). + If `flags` is set, this will be ignored.' + name: recurse + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Deletes any files/directories found in the destination that do + not exist in the source. Toggles the `/purge` flag to RoboCopy. If `flags` + is set, this will be ignored.' + name: purge + predefined: + - 'Yes' + - 'No' + - description: 'Directly supply Robocopy flags. If set, `purge` and `recurse` + will be ignored.' + name: flags + description: "Synchronizes the contents of two directories using Robocopy\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_robocopy_module.html" + name: win-robocopy + outputs: + - contextPath: MicrosoftWindows.WinRobocopy.cmd + description: The used command line. + type: string + - contextPath: MicrosoftWindows.WinRobocopy.src + description: The Source file/directory of the sync. + type: string + - contextPath: MicrosoftWindows.WinRobocopy.dest + description: The Destination file/directory of the sync. + type: string + - contextPath: MicrosoftWindows.WinRobocopy.recurse + description: Whether or not the recurse flag was toggled. + type: boolean + - contextPath: MicrosoftWindows.WinRobocopy.purge + description: Whether or not the purge flag was toggled. + type: boolean + - contextPath: MicrosoftWindows.WinRobocopy.flags + description: Any flags passed in by the user. + type: string + - contextPath: MicrosoftWindows.WinRobocopy.rc + description: The return code returned by robocopy. + type: number + - contextPath: MicrosoftWindows.WinRobocopy.output + description: The output of running the robocopy command. + type: string + - contextPath: MicrosoftWindows.WinRobocopy.msg + description: Output interpreted into a concise message. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Destination IP address in CIDR format (ip address/prefix length). + name: destination + required: true + - description: 'The gateway used by the static route. If `gateway` is not provided + it will be set to `0.0.0.0`.' + name: gateway + - defaultValue: '1' + description: Metric used by the static route. + name: metric + - auto: PREDEFINED + defaultValue: present + description: 'If `absent`, it removes a network static route. If `present`, + it adds a network static route.' + name: state + predefined: + - absent + - present + description: "Add or remove a static route\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_route_module.html" + name: win-route + outputs: + - contextPath: MicrosoftWindows.WinRoute.output + description: A message describing the task result. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The text to be spoken. Use either `msg` or `msg_file`. Optional + so that you can use this module just to play sounds.' + name: msg + - description: 'Full path to a windows format text file containing the text to + be spoken. Use either `msg` or `msg_file`. Optional so that you can use this + module just to play sounds.' + name: msg_file + - description: 'Which voice to use. See notes for how to discover installed voices. + If the requested voice is not available the default voice will be used. Example + voice names from Windows 10 are `Microsoft Zira Desktop` and `Microsoft Hazel + Desktop`.' + name: voice + - defaultValue: '0' + description: 'How fast or slow to speak the text. Must be an integer value in + the range -10 to 10. -10 is slowest, 10 is fastest.' + name: speech_speed + - description: 'Full path to a `.wav` file containing a sound to play before the + text is spoken. Useful on conference calls to alert other speakers that ansible + has something to say.' + name: start_sound_path + - description: 'Full path to a `.wav` file containing a sound to play after the + text has been spoken. Useful on conference calls to alert other speakers that + ansible has finished speaking.' + name: end_sound_path + description: "Text to speech module for Windows to speak messages and optionally\ + \ play sounds\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_say_module.html" + name: win-say + outputs: + - contextPath: MicrosoftWindows.WinSay.message_text + description: The text that the module attempted to speak. + type: string + - contextPath: MicrosoftWindows.WinSay.voice + description: The voice used to speak the text. + type: string + - contextPath: MicrosoftWindows.WinSay.voice_info + description: The voice used to speak the text. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of the scheduled task without the path. + name: name + required: true + - defaultValue: \ + description: 'Task folder in which this task will be stored. Will create the + folder when `state=present` and the folder does not already exist. Will remove + the folder when `state=absent` and there are no tasks left in the folder.' + name: path + - auto: PREDEFINED + defaultValue: present + description: 'When `state=present` will ensure the task exists. When `state=absent` + will ensure the task does not exist.' + name: state + predefined: + - absent + - present + - description: 'A list of action to configure for the task. See suboptions for + details on how to construct each list entry. When creating a task there MUST + be at least one action but when deleting a task this can be a null or an empty + list. The ordering of this list is important, the module will ensure the order + is kept when modifying the task. This module only supports the `ExecAction` + type but can still delete the older legacy types.' + isArray: true + name: actions + - description: 'A list of triggers to configure for the task. See suboptions for + details on how to construct each list entry. The ordering of this list is + important, the module will ensure the order is kept when modifying the task. + There are multiple types of triggers, see `https://msdn.microsoft.com/en-us/library/windows/desktop/aa383868.aspx` + for a list of trigger types and their options. The suboption options listed + below are not required for all trigger types, read the description for more + details.' + isArray: true + name: triggers + - description: The name of the user/group that is displayed in the Task Scheduler + UI. + name: display_name + - description: 'The group that will run the task. `group` and `username` are exclusive + to each other and cannot be set at the same time. `logon_type` can either + be not set or equal `group`.' + name: group + - auto: PREDEFINED + description: 'The logon method that the task will run with. `password` means + the password will be stored and the task has access to network resources. + `s4u` means the existing token will be used to run the task and no password + will be stored with the task. Means no network or encrypted files access. + `interactive_token` means the user must already be logged on interactively + and will run in an existing interactive session. `group` means that the task + will run as a group. `service_account` means that a service account like System, + Local Service or Network Service will run the task.' + name: logon_type + predefined: + - none + - password + - s4u + - interactive_token + - group + - service_account + - token_or_password + - auto: PREDEFINED + description: 'The level of user rights used to run the task. If not specified + the task will be created with limited rights.' + name: run_level + predefined: + - limited + - highest + - description: 'The user to run the scheduled task as. Will default to the current + user under an interactive token if not specified during creation.' + name: username + - description: 'The password for the user account to run the scheduled task as. + This is required when running a task without the user being logged in, excluding + the builtin service accounts and Group Managed Service Accounts (gMSA). If + set, will always result in a change unless `update_password` is set to `no` + and no other changes are required for the service.' + name: password + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether to update the password even when not other changes have + occurred. When `yes` will always result in a change when executing the module.' + name: update_password + predefined: + - 'Yes' + - 'No' + - description: The author of the task. + name: author + - description: The date when the task was registered. + name: date + - description: The description of the task. + name: description + - description: The source of the task. + name: source + - description: The version number of the task. + name: version + - description: Whether the task can be started by using either the Run command + or the Context menu. + name: allow_demand_start + - description: Whether the task can be terminated by using TerminateProcess. + name: allow_hard_terminate + - auto: PREDEFINED + description: 'The integer value with indicates which version of Task Scheduler + a task is compatible with. `0` means the task is compatible with the AT command. + `1` means the task is compatible with Task Scheduler 1.0. `2` means the task + is compatible with Task Scheduler 2.0.' + name: compatibility + predefined: + - '0' + - '1' + - '2' + - description: 'The amount of time that the Task Scheduler will wait before deleting + the task after it expires. A task expires after the end_boundary has been + exceeded for all triggers associated with the task. This is in the ISO 8601 + Duration format `P[n]Y[n]M[n]DT[n]H[n]M[n]S`.' + name: delete_expired_task_after + - description: Whether the task will not be started if the computer is running + on battery power. + name: disallow_start_if_on_batteries + - description: Whether the task is enabled, the task can only run when `yes`. + name: enabled + - description: 'The amount of time allowed to complete the task. When not set, + the time limit is infinite. This is in the ISO 8601 Duration format `P[n]Y[n]M[n]DT[n]H[n]M[n]S`.' + name: execution_time_limit + - description: Whether the task will be hidden in the UI. + name: hidden + - auto: PREDEFINED + description: 'An integer that indicates the behaviour when starting a task that + is already running. `0` will start a new instance in parallel with existing + instances of that task. `1` will wait until other instances of that task to + finish running before starting itself. `2` will not start a new instance if + another is running. `3` will stop other instances of the task and start the + new one.' + name: multiple_instances + predefined: + - '0' + - '1' + - '2' + - '3' + - description: 'The priority level (0-10) of the task. When creating a new task + the default is `7`. See `https://msdn.microsoft.com/en-us/library/windows/desktop/aa383512.aspx` + for details on the priority levels.' + name: priority + - description: The number of times that the Task Scheduler will attempt to restart + the task. + name: restart_count + - description: 'How long the Task Scheduler will attempt to restart the task. + If this is set then `restart_count` must also be set. The maximum allowed + time is 31 days. The minimum allowed time is 1 minute. This is in the ISO + 8601 Duration format `P[n]Y[n]M[n]DT[n]H[n]M[n]S`.' + name: restart_interval + - description: Whether the task will run the task only if the computer is in an + idle state. + name: run_only_if_idle + - description: Whether the task will run only when a network is available. + name: run_only_if_network_available + - description: Whether the task can start at any time after its scheduled time + has passed. + name: start_when_available + - description: Whether the task will be stopped if the computer begins to run + on battery power. + name: stop_if_going_on_batteries + - description: Whether the task will wake the computer when it is time to run + the task. + name: wake_to_run + description: "Manage scheduled tasks\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_scheduled_task_module.html" + name: win-scheduled-task + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: \ + description: The folder path where the task lives. + name: path + - description: 'The name of the scheduled task to get information for. If `name` + is set and exists, will return information on the task itself.' + name: name + description: "Get information about Windows Scheduled Tasks\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_scheduled_task_stat_module.html" + name: win-scheduled-task-stat + outputs: + - contextPath: MicrosoftWindows.WinScheduledTaskStat.actions + description: A list of actions. + type: unknown + - contextPath: MicrosoftWindows.WinScheduledTaskStat.folder_exists + description: Whether the folder set at path exists. + type: boolean + - contextPath: MicrosoftWindows.WinScheduledTaskStat.folder_task_count + description: The number of tasks that exist in the folder. + type: number + - contextPath: MicrosoftWindows.WinScheduledTaskStat.folder_task_names + description: A list of tasks that exist in the folder. + type: unknown + - contextPath: MicrosoftWindows.WinScheduledTaskStat.principal + description: Details on the principal configured to run the task. + type: unknown + - contextPath: MicrosoftWindows.WinScheduledTaskStat.registration_info + description: Details on the task registration info. + type: unknown + - contextPath: MicrosoftWindows.WinScheduledTaskStat.settings + description: Details on the task settings. + type: unknown + - contextPath: MicrosoftWindows.WinScheduledTaskStat.state + description: Details on the state of the task + type: unknown + - contextPath: MicrosoftWindows.WinScheduledTaskStat.task_exists + description: Whether the task at the folder exists. + type: boolean + - contextPath: MicrosoftWindows.WinScheduledTaskStat.triggers + description: A list of triggers. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The ini section the key exists in. If the section does not exist + then the module will return an error. Example sections to use are ''Account + Policies'', ''Local Policies'', ''Event Log'', ''Restricted Groups'', ''System + Services'', ''Registry'' and ''File System'' If wanting to edit the `Privilege + Rights` section, use the `win_user_right` module instead.' + name: section + required: true + - description: 'The ini key of the section or policy name to modify. The module + will return an error if this key is invalid.' + name: key + required: true + - description: 'The value for the ini key or policy name. If the key takes in + a boolean value then 0 = False and 1 = True.' + name: value + required: true + description: "Change local security policy settings\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_security_policy_module.html" + name: win-security-policy + outputs: + - contextPath: MicrosoftWindows.WinSecurityPolicy.rc + description: The return code after a failure when running SecEdit.exe. + type: number + - contextPath: MicrosoftWindows.WinSecurityPolicy.stdout + description: The output of the STDOUT buffer after a failure when running SecEdit.exe. + type: string + - contextPath: MicrosoftWindows.WinSecurityPolicy.stderr + description: The output of the STDERR buffer after a failure when running SecEdit.exe. + type: string + - contextPath: MicrosoftWindows.WinSecurityPolicy.import_log + description: The log of the SecEdit.exe /configure job that configured the local + policies. This is used for debugging purposes on failures. + type: string + - contextPath: MicrosoftWindows.WinSecurityPolicy.key + description: The key in the section passed to the module to modify. + type: string + - contextPath: MicrosoftWindows.WinSecurityPolicy.section + description: The section passed to the module to modify. + type: string + - contextPath: MicrosoftWindows.WinSecurityPolicy.value + description: The value passed to the module to modify to. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A list of service dependencies to set for this particular service. + This should be a list of service names and not the display name of the service. + This works by `dependency_action` to either add/remove or set the services + in this list.' + isArray: true + name: dependencies + - auto: PREDEFINED + defaultValue: set + description: 'Used in conjunction with `dependency` to either add the dependencies + to the existing service dependencies. Remove the dependencies to the existing + dependencies. Set the dependencies to only the values in the list replacing + the existing dependencies.' + name: dependency_action + predefined: + - add + - remove + - set + - auto: PREDEFINED + defaultValue: 'No' + description: 'Whether to allow the service user to interact with the desktop. + This should only be set to `yes` when using the `LocalSystem` username.' + name: desktop_interact + predefined: + - 'Yes' + - 'No' + - description: The description to set for the service. + name: description + - description: The display name to set for the service. + name: display_name + - auto: PREDEFINED + defaultValue: 'No' + description: 'If `yes`, stopping or restarting a service with dependent services + will force the dependent services to stop or restart also. If `no`, stopping + or restarting a service with dependent services may fail.' + name: force_dependent_services + predefined: + - 'Yes' + - 'No' + - description: 'Name of the service. If only the name parameter is specified, + the module will report on whether the service exists or not without making + any changes.' + name: name + required: true + - description: The path to the executable to set for the service. + name: path + - description: 'The password to set the service to start as. This and the `username` + argument must be supplied together. If specifying `LocalSystem`, `NetworkService` + or `LocalService` this field must be an empty string and not null.' + name: password + - auto: PREDEFINED + description: 'Set the startup type for the service. A newly created service + will default to `auto`. `delayed` added in Ansible 2.3' + name: start_mode + predefined: + - auto + - delayed + - disabled + - manual + - auto: PREDEFINED + description: 'The desired state of the service. `started`/`stopped`/`absent`/`paused` + are idempotent actions that will not run commands unless necessary. `restarted` + will always bounce the service. `absent` was added in Ansible 2.3 `paused` + was added in Ansible 2.4 Only services that support the paused state can be + paused, you can check the return value `can_pause_and_continue`. You can only + pause a service that is already started. A newly created service will default + to `stopped`.' + name: state + predefined: + - absent + - paused + - started + - stopped + - restarted + - description: 'The username to set the service to start as. This and the `password` + argument must be supplied together when using a local or domain account. Set + to `LocalSystem` to use the SYSTEM account. A newly created service will default + to `LocalSystem`. If using a custom user account, it must have the `SeServiceLogonRight` + granted to be able to start up. You can use the `win_user_right` module to + grant this user right for you.' + name: username + description: "Manage and query Windows services\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_service_module.html" + name: win-service + outputs: + - contextPath: MicrosoftWindows.WinService.exists + description: Whether the service exists or not. + type: boolean + - contextPath: MicrosoftWindows.WinService.name + description: The service name or id of the service. + type: string + - contextPath: MicrosoftWindows.WinService.display_name + description: The display name of the installed service. + type: string + - contextPath: MicrosoftWindows.WinService.state + description: The current running status of the service. + type: string + - contextPath: MicrosoftWindows.WinService.start_mode + description: The startup type of the service. + type: string + - contextPath: MicrosoftWindows.WinService.path + description: The path to the service executable. + type: string + - contextPath: MicrosoftWindows.WinService.can_pause_and_continue + description: Whether the service can be paused and unpaused. + type: boolean + - contextPath: MicrosoftWindows.WinService.description + description: The description of the service. + type: string + - contextPath: MicrosoftWindows.WinService.username + description: The username that runs the service. + type: string + - contextPath: MicrosoftWindows.WinService.desktop_interact + description: Whether the current user is allowed to interact with the desktop. + type: boolean + - contextPath: MicrosoftWindows.WinService.dependencies + description: A list of services that is depended by this service. + type: unknown + - contextPath: MicrosoftWindows.WinService.depended_by + description: A list of services that depend on this service. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Share name. + name: name + required: true + - description: Share directory. + name: path + required: true + - auto: PREDEFINED + defaultValue: present + description: Specify whether to add `present` or remove `absent` the specified + share. + name: state + predefined: + - absent + - present + - description: Share description. + name: description + - auto: PREDEFINED + defaultValue: 'No' + description: Specify whether to allow or deny file listing, in case user has + no permission on share. Also known as Access-Based Enumeration. + name: list + predefined: + - 'Yes' + - 'No' + - description: Specify user list that should get read access on share, separated + by comma. + name: read + - description: Specify user list that should get read and write access on share, + separated by comma. + name: change + - description: Specify user list that should get full access on share, separated + by comma. + name: full + - description: Specify user list that should get no access, regardless of implied + access on share, separated by comma. + name: deny + - auto: PREDEFINED + defaultValue: Manual + description: Set the CachingMode for this share. + name: caching_mode + predefined: + - BranchCache + - Documents + - Manual + - None + - Programs + - Unknown + - auto: PREDEFINED + defaultValue: 'No' + description: Sets whether to encrypt the traffic to the share or not. + name: encrypt + predefined: + - 'Yes' + - 'No' + description: "Manage Windows shares\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_share_module.html" + name: win-share + outputs: + - contextPath: MicrosoftWindows.WinShare.actions + description: A list of action cmdlets that were run by the module. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Executable or URL the shortcut points to. The executable needs + to be in your PATH, or has to be an absolute path to the executable.' + name: src + - description: 'Description for the shortcut. This is usually shown when hoovering + the icon.' + name: description + - description: 'Destination file for the shortcuting file. File name should have + a `.lnk` or `.url` extension.' + name: dest + required: true + - description: 'Additional arguments for the executable defined in `src`. Was + originally just `args` but renamed in Ansible 2.8.' + name: arguments + - description: Working directory for executable defined in `src`. + name: directory + - description: 'Icon used for the shortcut. File name should have a `.ico` extension. + The file name is followed by a comma and the number in the library file (.dll) + or use 0 for an image file.' + name: icon + - description: 'Key combination for the shortcut. This is a combination of one + or more modifiers and a key. Possible modifiers are Alt, Ctrl, Shift, Ext. + Possible keys are [A-Z] and [0-9].' + name: hotkey + - auto: PREDEFINED + description: Influences how the application is displayed when it is launched. + name: windowstyle + predefined: + - maximized + - minimized + - normal + - auto: PREDEFINED + defaultValue: present + description: 'When `absent`, removes the shortcut if it exists. When `present`, + creates or updates the shortcut.' + name: state + predefined: + - absent + - present + - auto: PREDEFINED + defaultValue: 'No' + description: When `src` is an executable, this can control whether the shortcut + will be opened as an administrator or not. + name: run_as_admin + predefined: + - 'Yes' + - 'No' + description: "Manage shortcuts on Windows\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_shortcut_module.html" + name: win-shortcut + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The list of permitted SNMP managers. + isArray: true + name: permitted_managers + - description: The list of read-only SNMP community strings. + isArray: true + name: community_strings + - auto: PREDEFINED + defaultValue: set + description: '`add` will add new SNMP community strings and/or SNMP managers + `set` will replace SNMP community strings and/or SNMP managers. An empty list + for either `community_strings` or `permitted_managers` will result in the + respective lists being removed entirely. `remove` will remove SNMP community + strings and/or SNMP managers' + name: action + predefined: + - add + - set + - remove + description: "Configures the Windows SNMP service\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_snmp_module.html" + name: win-snmp + outputs: + - contextPath: MicrosoftWindows.WinSnmp.community_strings + description: The list of community strings for this machine. + type: unknown + - contextPath: MicrosoftWindows.WinSnmp.permitted_managers + description: The list of permitted managers for this machine. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The full path of the file/object to get the facts of; both forward + and back slashes are accepted. + name: path + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether to return a checksum of the file (default sha1) + name: get_checksum + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: sha1 + description: 'Algorithm to determine checksum of file. Will throw an error if + the host is unable to use specified algorithm.' + name: checksum_algorithm + predefined: + - md5 + - sha1 + - sha256 + - sha384 + - sha512 + - auto: PREDEFINED + defaultValue: 'No' + description: 'Whether to follow symlinks or junction points. In the case of + `path` pointing to another link, then that will be followed until no more + links are found.' + name: follow + predefined: + - 'Yes' + - 'No' + description: "Get information about Windows files\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_stat_module.html" + name: win-stat + outputs: + - contextPath: MicrosoftWindows.WinStat.changed + description: Whether anything was changed + type: boolean + - contextPath: MicrosoftWindows.WinStat.stat + description: dictionary containing all the stat data + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: file + description: Whether to create file or directory. + name: state + predefined: + - directory + - file + - defaultValue: '%TEMP%' + description: 'Location where temporary file or directory should be created. + If path is not specified default system temporary directory (%TEMP%) will + be used.' + name: path + - defaultValue: ansible. + description: Prefix of file/directory name created by module. + name: prefix + - defaultValue: '' + description: Suffix of file/directory name created by module. + name: suffix + description: "Creates temporary files and directories\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_tempfile_module.html" + name: win-tempfile + outputs: + - contextPath: MicrosoftWindows.WinTempfile.path + description: The absolute path to the created file or directory. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'Determine whether a backup should be created. When set to `yes`, + create a backup file including the timestamp information so you can get the + original file back if you somehow clobbered it incorrectly.' + name: backup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: \r\n + description: Specify the newline sequence to use for templating files. + name: newline_sequence + predefined: + - \n + - \r + - \r\n + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Determine when the file is being transferred if the destination + already exists. When set to `yes`, replace the remote file when contents are + different than the source. When set to `no`, the file will only be transferred + if the destination does not exist.' + name: force + predefined: + - 'Yes' + - 'No' + - description: 'Path of a Jinja2 formatted template on the Ansible controller. + This can be a relative or an absolute path. The file must be encoded with + `utf-8` but `output_encoding` can be used to control the encoding of the output + template.' + name: src + required: true + - description: Location to render the template to on the remote machine. + name: dest + required: true + - defaultValue: '{%' + description: The string marking the beginning of a block. + name: block_start_string + - defaultValue: '%}' + description: The string marking the end of a block. + name: block_end_string + - defaultValue: '{{' + description: The string marking the beginning of a print statement. + name: variable_start_string + - defaultValue: '}}' + description: The string marking the end of a print statement. + name: variable_end_string + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Determine when newlines should be removed from blocks. When set + to `yes` the first newline after a block is removed (block, not variable tag!).' + name: trim_blocks + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Determine when leading spaces and tabs should be stripped. When + set to `yes` leading spaces and tabs are stripped from the start of a line + to a block. This functionality requires Jinja 2.7 or newer.' + name: lstrip_blocks + predefined: + - 'Yes' + - 'No' + - defaultValue: utf-8 + description: 'Overrides the encoding used to write the template file defined + by `dest`. It defaults to `utf-8`, but any encoding supported by python can + be used. The source template file must always be encoded using `utf-8`, for + homogeneity.' + name: output_encoding + description: "Template a file out to a remote server\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_template_module.html" + name: win-template + outputs: + - contextPath: MicrosoftWindows.WinTemplate.backup_file + description: Name of the backup file that was created. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Timezone to set to. Example: Central Standard Time' + name: timezone + required: true + description: "Sets Windows machine timezone\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_timezone_module.html" + name: win-timezone + outputs: + - contextPath: MicrosoftWindows.WinTimezone.previous_timezone + description: The previous timezone if it was changed, otherwise the existing + timezone. + type: string + - contextPath: MicrosoftWindows.WinTimezone.timezone + description: The current timezone (possibly changed). + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '45' + description: How long in seconds before the notification expires. + name: expire + - defaultValue: Powershell + description: Which notification group to add the notification to. + name: group + - defaultValue: Hello, World! + description: 'The message to appear inside the notification. May include \n + to format the message to appear within the Action Center.' + name: msg + - auto: PREDEFINED + defaultValue: 'Yes' + description: If `no`, the notification will not pop up and will only appear + in the Action Center. + name: popup + predefined: + - 'Yes' + - 'No' + - defaultValue: Ansible + description: The tag to add to the notification. + name: tag + - defaultValue: Notification HH:mm + description: The notification title, which appears in the pop up.. + name: title + description: "Sends Toast windows notification to logged in users on Windows 10\ + \ or later hosts\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_toast_module.html" + name: win-toast + outputs: + - contextPath: MicrosoftWindows.WinToast.expire_at_utc + description: Calculated utc date time when the notification expires. + type: string + - contextPath: MicrosoftWindows.WinToast.no_toast_sent_reason + description: Text containing the reason why a notification was not sent. + type: string + - contextPath: MicrosoftWindows.WinToast.sent_localtime + description: local date time when the notification was sent. + type: string + - contextPath: MicrosoftWindows.WinToast.time_taken + description: How long the module took to run on the remote windows host in seconds. + type: unknown + - contextPath: MicrosoftWindows.WinToast.toast_sent + description: Whether the module was able to send a toast notification or not. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: File to be unzipped (provide absolute path). + name: src + required: true + - description: Destination of zip file (provide absolute path of directory). If + it does not exist, the directory will be created. + name: dest + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Remove the zip file, after unzipping. + name: delete_archive + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Recursively expand zipped files within the src file. Setting to + a value of `yes` requires the PSCX module to be installed.' + name: recurse + predefined: + - 'Yes' + - 'No' + - description: If this file or directory exists the specified src will not be + extracted. + name: creates + description: "Unzips compressed files and archives on the Windows node\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_unzip_module.html" + name: win-unzip + outputs: + - contextPath: MicrosoftWindows.WinUnzip.dest + description: The provided destination path + type: string + - contextPath: MicrosoftWindows.WinUnzip.removed + description: Whether the module did remove any files during task run + type: boolean + - contextPath: MicrosoftWindows.WinUnzip.src + description: The provided source path + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'A list of update titles or KB numbers that can be used to specify + which updates are to be excluded from installation. If an available update + does match one of the entries, then it is skipped and not installed. Each + entry can either be the KB article or Update title as a regex according to + the PowerShell regex rules.' + isArray: true + name: blacklist + - defaultValue: '[''CriticalUpdates'', ''SecurityUpdates'', ''UpdateRollups'']' + description: 'A scalar or list of categories to install updates from. To get + the list of categories, run the module with `state=searched`. The category + must be the full category string, but is case insensitive. Some possible categories + are Application, Connectors, Critical Updates, Definition Updates, Developer + Kits, Feature Packs, Guidance, Security Updates, Service Packs, Tools, Update + Rollups and Updates.' + isArray: true + name: category_names + - auto: PREDEFINED + defaultValue: 'No' + description: 'Ansible will automatically reboot the remote host if it is required + and continue to install updates after the reboot. This can be used instead + of using a `win_reboot` task after this one and ensures all updates for that + category is installed in one go. Async does not work when `reboot=yes`.' + name: reboot + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: default + description: 'Defines the Windows Update source catalog. `default` Use the default + search source. For many systems default is set to the Microsoft Windows Update + catalog. Systems participating in Windows Server Update Services (WSUS), Systems + Center Configuration Manager (SCCM), or similar corporate update server environments + may default to those managed update sources instead of the Windows Update + catalog. `managed_server` Use a managed server catalog. For environments utilizing + Windows Server Update Services (WSUS), Systems Center Configuration Manager + (SCCM), or similar corporate update servers, this option selects the defined + corporate update source. `windows_update` Use the Microsoft Windows Update + catalog.' + name: server_selection + predefined: + - default + - managed_server + - windows_update + - auto: PREDEFINED + defaultValue: installed + description: 'Controls whether found updates are downloaded or installed or + listed This module also supports Ansible check mode, which has the same effect + as setting state=searched' + name: state + predefined: + - installed + - searched + - downloaded + - description: If set, `win_updates` will append update progress to the specified + file. The directory must already exist. + name: log_path + - description: 'A list of update titles or KB numbers that can be used to specify + which updates are to be searched or installed. If an available update does + not match one of the entries, then it is skipped and not installed. Each entry + can either be the KB article or Update title as a regex according to the PowerShell + regex rules. The whitelist is only validated on updates that were found based + on `category_names`. It will not force the module to install an update if + it was not in the category specified.' + isArray: true + name: whitelist + - auto: PREDEFINED + defaultValue: 'No' + description: 'Will not auto elevate the remote process with `become` and use + a scheduled task instead. Set this to `yes` when using this module with async + on Server 2008, 2008 R2, or Windows 7, or on Server 2008 that is not authenticated + with basic or credssp. Can also be set to `yes` on newer hosts where become + does not work due to further privilege restrictions from the OS defaults.' + name: use_scheduled_task + predefined: + - 'Yes' + - 'No' + description: "Download and install Windows updates\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_updates_module.html" + name: win-updates + outputs: + - contextPath: MicrosoftWindows.WinUpdates.reboot_required + description: True when the target server requires a reboot to complete updates + (no further updates can be installed until after a reboot). + type: boolean + - contextPath: MicrosoftWindows.WinUpdates.updates + description: List of updates that were found/installed. + type: unknown + - contextPath: MicrosoftWindows.WinUpdates.filtered_updates + description: List of updates that were found but were filtered based on `blacklist`, + `whitelist` or `category_names`. The return value is in the same form as `updates`, + along with `filtered_reason`. + type: unknown + - contextPath: MicrosoftWindows.WinUpdates.found_update_count + description: The number of updates found needing to be applied. + type: number + - contextPath: MicrosoftWindows.WinUpdates.installed_update_count + description: The number of updates successfully installed or downloaded. + type: number + - contextPath: MicrosoftWindows.WinUpdates.failed_update_count + description: The number of updates that failed to install. + type: number + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Supports FTP, HTTP or HTTPS URLs in the form of (ftp|http|https)://host.domain:port/path. + name: url + required: true + - defaultValue: GET + description: The HTTP Method of the request or response. + name: method + - description: Sets the "Content-Type" header. + name: content_type + - description: The body of the HTTP request/response to the web service. + name: body + - description: Output the response body to a file. + name: dest + - description: A filename, when it already exists, this step will be skipped. + name: creates + - description: A filename, when it does not exist, this step will be skipped. + name: removes + - auto: PREDEFINED + defaultValue: 'No' + description: Whether or not to return the body of the response as a "content" + key in the dictionary result. If the reported Content-type is "application/json", + then the JSON is additionally loaded into a key called `json` in the dictionary + results. + name: return_content + predefined: + - 'Yes' + - 'No' + - defaultValue: '[200]' + description: 'A valid, numeric, HTTP status code that signifies success of the + request. Can also be comma separated list of status codes.' + isArray: true + name: status_code + - description: 'The username to use for authentication. Was originally called + `user` but was changed to `url_username` in Ansible 2.9.' + name: url_username + - description: 'The password for `url_username`. Was originally called `password` + but was changed to `url_password` in Ansible 2.9.' + name: url_password + - auto: PREDEFINED + defaultValue: safe + description: 'Whether or the module should follow redirects. `all` will follow + all redirect. `none` will not follow any redirect. `safe` will follow only + "safe" redirects, where "safe" means that the client is only doing a `GET` + or `HEAD` on the URI to which it is being redirected.' + name: follow_redirects + predefined: + - all + - none + - safe + - defaultValue: '50' + description: 'Specify how many times the module will redirect a connection to + an alternative URI before the connection fails. If set to `0` or `follow_redirects` + is set to `none`, or `safe` when not doing a `GET` or `HEAD` it prevents all + redirection.' + name: maximum_redirection + - description: 'The path to the client certificate (.pfx) that is used for X509 + authentication. This path can either be the path to the `pfx` on the filesystem + or the PowerShell certificate path `Cert:\CurrentUser\My\`. The + WinRM connection must be authenticated with `CredSSP` or `become` is used + on the task if the certificate file is not password protected. Other authentication + types can set `client_cert_password` when the cert is password protected.' + name: client_cert + - description: The password for `client_cert` if the cert is password protected. + name: client_cert_password + - auto: PREDEFINED + defaultValue: 'Yes' + description: If `no`, it will not use the proxy defined in IE for the current + user. + name: use_proxy + predefined: + - 'Yes' + - 'No' + - description: 'An explicit proxy to use for the request. By default, the request + will use the IE defined proxy unless `use_proxy` is set to `no`.' + name: proxy_url + - description: The username to use for proxy authentication. + name: proxy_username + - description: The password for `proxy_username`. + name: proxy_password + - description: 'Extra headers to set on the request. This should be a dictionary + where the key is the header name and the value is the value for that header.' + isArray: true + name: headers + - defaultValue: ansible-httpget + description: 'Header to identify as, generally appears in web server logs. This + is set to the `User-Agent` header on a HTTP request.' + name: http_agent + - defaultValue: '30' + description: 'Specifies how long the request can be pending before it times + out (in seconds). Set to `0` to specify an infinite timeout.' + name: timeout + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If `no`, SSL certificates will not be validated. This should only + be used on personally controlled sites using self-signed certificates.' + name: validate_certs + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'By default the authentication header is only sent when a webservice + responses to an initial request with a 401 status. Since some basic auth services + do not properly send a 401, logins will fail. This option forces the sending + of the Basic authentication header upon the original request.' + name: force_basic_auth + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Uses the current user''s credentials when authenticating with + a server protected with `NTLM`, `Kerberos`, or `Negotiate` authentication. + Sites that use `Basic` auth will still require explicit credentials through + the `url_username` and `url_password` options. The module will only have access + to the user''s credentials if using `become` with a password, you are connecting + with SSH using a password, or connecting with WinRM using `CredSSP` or `Kerberos + with delegation`. If not using `become` or a different auth method to the + ones stated above, there will be no default credentials available and no authentication + will occur.' + name: use_default_credential + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Uses the current user''s credentials when authenticating with + a proxy host protected with `NTLM`, `Kerberos`, or `Negotiate` authentication. + Proxies that use `Basic` auth will still require explicit credentials through + the `proxy_username` and `proxy_password` options. The module will only have + access to the user''s credentials if using `become` with a password, you are + connecting with SSH using a password, or connecting with WinRM using `CredSSP` + or `Kerberos with delegation`. If not using `become` or a different auth method + to the ones stated above, there will be no default credentials available and + no proxy authentication will occur.' + name: proxy_use_default_credential + predefined: + - 'Yes' + - 'No' + description: "Interacts with webservices\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_uri_module.html" + name: win-uri + outputs: + - contextPath: MicrosoftWindows.WinUri.elapsed + description: The number of seconds that elapsed while performing the download. + type: unknown + - contextPath: MicrosoftWindows.WinUri.url + description: The Target URL. + type: string + - contextPath: MicrosoftWindows.WinUri.status_code + description: The HTTP Status Code of the response. + type: number + - contextPath: MicrosoftWindows.WinUri.status_description + description: A summary of the status. + type: string + - contextPath: MicrosoftWindows.WinUri.content + description: The raw content of the HTTP response. + type: string + - contextPath: MicrosoftWindows.WinUri.content_length + description: The byte size of the response. + type: number + - contextPath: MicrosoftWindows.WinUri.json + description: The json structure returned under content as a dictionary. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the user to create, remove or modify. + name: name + required: true + - description: Full name of the user. + name: fullname + - description: Description of the user. + name: description + - description: Optionally set the user's password to this (plain text) value. + name: password + - auto: PREDEFINED + defaultValue: always + description: '`always` will update passwords if they differ. `on_create` will + only set the password for newly created users.' + name: update_password + predefined: + - always + - on_create + - description: '`yes` will require the user to change their password at next login. + `no` will clear the expired password flag.' + name: password_expired + - description: '`yes` will set the password to never expire. `no` will allow the + password to expire.' + name: password_never_expires + - description: '`yes` will prevent the user from changing their password. `no` + will allow the user to change their password.' + name: user_cannot_change_password + - description: '`yes` will disable the user account. `no` will clear the disabled + flag.' + name: account_disabled + - auto: PREDEFINED + description: '`no` will unlock the user account if locked.' + name: account_locked + predefined: + - 'no' + - description: 'Adds or removes the user from this comma-separated list of groups, + depending on the value of `groups_action`. When `groups_action` is `replace` + and `groups` is set to the empty string (''groups=''), the user is removed + from all groups.' + name: groups + - auto: PREDEFINED + defaultValue: replace + description: 'If `add`, the user is added to each group in `groups` where not + already a member. If `replace`, the user is added as a member of each group + in `groups` and removed from any other groups. If `remove`, the user is removed + from each group in `groups`.' + name: groups_action + predefined: + - add + - replace + - remove + - auto: PREDEFINED + defaultValue: present + description: 'When `absent`, removes the user account if it exists. When `present`, + creates or updates the user account. When `query` (new in 1.9), retrieves + the user account details without making any changes.' + name: state + predefined: + - absent + - present + - query + description: "Manages local Windows user accounts\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_user_module.html" + name: win-user + outputs: + - contextPath: MicrosoftWindows.WinUser.account_disabled + description: Whether the user is disabled. + type: boolean + - contextPath: MicrosoftWindows.WinUser.account_locked + description: Whether the user is locked. + type: boolean + - contextPath: MicrosoftWindows.WinUser.description + description: The description set for the user. + type: string + - contextPath: MicrosoftWindows.WinUser.fullname + description: The full name set for the user. + type: string + - contextPath: MicrosoftWindows.WinUser.groups + description: A list of groups and their ADSI path the user is a member of. + type: unknown + - contextPath: MicrosoftWindows.WinUser.name + description: The name of the user + type: string + - contextPath: MicrosoftWindows.WinUser.password_expired + description: Whether the password is expired. + type: boolean + - contextPath: MicrosoftWindows.WinUser.password_never_expires + description: Whether the password is set to never expire. + type: boolean + - contextPath: MicrosoftWindows.WinUser.path + description: The ADSI path for the user. + type: string + - contextPath: MicrosoftWindows.WinUser.sid + description: The SID for the user. + type: string + - contextPath: MicrosoftWindows.WinUser.user_cannot_change_password + description: Whether the user can change their own password. + type: boolean + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'Specifies the base name for the profile path. When `state` is + `present` this is used to create the profile for `username` at a specific + path within the profile directory. This cannot be used to specify a path outside + of the profile directory but rather it specifies a folder(s) within this directory. + If a profile for another user already exists at the same path, then a 3 digit + incremental number is appended by Windows automatically. When `state` is `absent` + and `username` is not set, then the module will remove all profiles that point + to the profile path derived by this value. This is useful if the account no + longer exists but the profile still remains.' + name: name + - auto: PREDEFINED + defaultValue: 'No' + description: 'When `state` is `absent` and the value for `name` matches multiple + profiles the module will fail. Set this value to `yes` to force the module + to delete all the profiles found.' + name: remove_multiple + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: 'Will ensure the profile exists when set to `present`. When creating + a profile the `username` option must be set to a valid account. Will remove + the profile(s) when set to `absent`. When removing a profile either `username` + must be set to a valid account, or `name` is set to the profile''s base name.' + name: state + predefined: + - absent + - present + - description: 'The account name of security identifier (SID) for the profile. + This must be set when `state` is `present` and must be a valid account or + the SID of a valid account. When `state` is `absent` then this must still + be a valid account number but the SID can be a deleted user''s SID.' + name: username + description: "Manages the Windows user profiles.\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/win_user_profile_module.html" + name: win-user-profile + outputs: + - contextPath: MicrosoftWindows.WinUserProfile.path + description: The full path to the profile for the account. This will be null + if `state=absent` and no profile was deleted. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The name of the User Right as shown by the `Constant Name` value + from `https://technet.microsoft.com/en-us/library/dd349804.aspx`. The module + will return an error if the right is invalid.' + name: name + required: true + - description: 'A list of users or groups to add/remove on the User Right. These + can be in the form DOMAIN\user-group, user-group@DOMAIN.COM for domain users/groups. + For local users/groups it can be in the form user-group, .\user-group, SERVERNAME\user-group + where SERVERNAME is the name of the remote server. You can also add special + local accounts like SYSTEM and others. Can be set to an empty list with `action=set` + to remove all accounts from the right.' + isArray: true + name: users + required: true + - auto: PREDEFINED + defaultValue: set + description: '`add` will add the users/groups to the existing right. `remove` + will remove the users/groups from the existing right. `set` will replace the + users/groups of the existing right.' + name: action + predefined: + - add + - remove + - set + description: "Manage Windows User Rights\n Further documentation available at\ + \ https://docs.ansible.com/ansible/2.9/modules/win_user_right_module.html" + name: win-user-right + outputs: + - contextPath: MicrosoftWindows.WinUserRight.added + description: A list of accounts that were added to the right, this is empty + if no accounts were added. + type: unknown + - contextPath: MicrosoftWindows.WinUserRight.removed + description: A list of accounts that were removed from the right, this is empty + if no accounts were removed. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - defaultValue: '5' + description: The maximum number of seconds to wait for a connection to happen + before closing and retrying. + name: connect_timeout + - description: The number of seconds to wait before starting to poll. + name: delay + - description: The list of hosts or IPs to ignore when looking for active TCP + connections when `state=drained`. + isArray: true + name: exclude_hosts + - description: 'The path to a file on the filesystem to check. If `state` is present + or started then it will wait until the file exists. If `state` is absent then + it will wait until the file does not exist.' + name: path + - description: The port number to poll on `host`. + name: port + - description: 'Can be used to match a string in a file. If `state` is present + or started then it will wait until the regex matches. If `state` is absent + then it will wait until the regex does not match. Defaults to a multiline + regex.' + name: regex + - defaultValue: '1' + description: Number of seconds to sleep between checks. + name: sleep + - auto: PREDEFINED + defaultValue: started + description: 'When checking a port, `started` will ensure the port is open, + `stopped` will check that is it closed and `drained` will check for active + connections. When checking for a file or a search string `present` or `started` + will ensure that the file or string is present, `absent` will check that the + file or search string is absent or removed.' + name: state + predefined: + - absent + - drained + - present + - started + - stopped + - defaultValue: '300' + description: The maximum number of seconds to wait for. + name: timeout + description: "Waits for a condition before continuing\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_wait_for_module.html" + name: win-wait-for + outputs: + - contextPath: MicrosoftWindows.WinWaitFor.wait_attempts + description: The number of attempts to poll the file or port before module finishes. + type: number + - contextPath: MicrosoftWindows.WinWaitFor.elapsed + description: The elapsed seconds between the start of poll and the end of the + module. This includes the delay if the option is set. + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: The name of the process(es) for which to wait. The name of the + process(es) should not include the file extension suffix. + isArray: true + name: process_name_exact + - description: RegEx pattern matching desired process(es). + name: process_name_pattern + - defaultValue: '1' + description: 'Number of seconds to sleep between checks. Only applies when waiting + for a process to start. Waiting for a process to start does not have a native + non-polling mechanism. Waiting for a stop uses native PowerShell and does + not require polling.' + name: sleep + - defaultValue: '1' + description: 'Minimum number of process matching the supplied pattern to satisfy + `present` condition. Only applies to `present`.' + name: process_min_count + - description: The PID of the process. + name: pid + - description: 'The owner of the process. Requires PowerShell version 4.0 or newer.' + name: owner + - defaultValue: '0' + description: Seconds to wait before checking processes. + name: pre_wait_delay + - defaultValue: '0' + description: Seconds to wait after checking for processes. + name: post_wait_delay + - auto: PREDEFINED + defaultValue: present + description: 'When checking for a running process `present` will block execution + until the process exists, or until the timeout has been reached. `absent` + will block execution until the process no longer exists, or until the timeout + has been reached. When waiting for `present`, the module will return changed + only if the process was not present on the initial check but became present + on subsequent checks. If, while waiting for `absent`, new processes matching + the supplied pattern are started, these new processes will not be included + in the action.' + name: state + predefined: + - absent + - present + - defaultValue: '300' + description: The maximum number of seconds to wait for a for a process to start + or stop before erroring out. + name: timeout + description: "Waits for a process to exist or not exist before continuing.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_wait_for_process_module.html" + name: win-wait-for-process + outputs: + - contextPath: MicrosoftWindows.WinWaitForProcess.elapsed + description: The elapsed seconds between the start of poll and the end of the + module. + type: unknown + - contextPath: MicrosoftWindows.WinWaitForProcess.matched_processes + description: List of matched processes (either stopped or started). + type: unknown + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: ansible-module-host + required: true + - description: MAC address to send Wake-on-LAN broadcast packet for. + name: mac + required: true + - defaultValue: 255.255.255.255 + description: Network broadcast address to use for broadcasting magic Wake-on-LAN + packet. + name: broadcast + - defaultValue: '7' + description: UDP port to use for magic Wake-on-LAN packet. + name: port + description: "Send a magic Wake-on-LAN (WoL) broadcast packet\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_wakeonlan_module.html" + name: win-wakeonlan + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: Name of the package to be installed. + name: name + required: true + description: "Installs packages using Web Platform Installer command-line\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/win_webpicmd_module.html" + name: win-webpicmd + outputs: [] + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + description: "Get information about the current user and process\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_whoami_module.html" + name: win-whoami + outputs: + - contextPath: MicrosoftWindows.WinWhoami.authentication_package + description: The name of the authentication package used to authenticate the + user in the session. + type: string + - contextPath: MicrosoftWindows.WinWhoami.user_flags + description: The user flags for the logon session, see UserFlags in `https://msdn.microsoft.com/en-us/library/windows/desktop/aa380128`. + type: string + - contextPath: MicrosoftWindows.WinWhoami.upn + description: The user principal name of the current user. + type: string + - contextPath: MicrosoftWindows.WinWhoami.logon_type + description: The logon type that identifies the logon method, see `https://msdn.microsoft.com/en-us/library/windows/desktop/aa380129.aspx`. + type: string + - contextPath: MicrosoftWindows.WinWhoami.privileges + description: A dictionary of privileges and their state on the logon token. + type: unknown + - contextPath: MicrosoftWindows.WinWhoami.label + description: The mandatory label set to the logon session. + type: unknown + - contextPath: MicrosoftWindows.WinWhoami.impersonation_level + description: The impersonation level of the token, only valid if `token_type` + is `TokenImpersonation`, see `https://msdn.microsoft.com/en-us/library/windows/desktop/aa379572.aspx`. + type: string + - contextPath: MicrosoftWindows.WinWhoami.login_time + description: The logon time in ISO 8601 format + type: string + - contextPath: MicrosoftWindows.WinWhoami.groups + description: A list of groups and attributes that the user is a member of. + type: unknown + - contextPath: MicrosoftWindows.WinWhoami.account + description: The running account SID details. + type: unknown + - contextPath: MicrosoftWindows.WinWhoami.login_domain + description: The name of the domain used to authenticate the owner of the session. + type: string + - contextPath: MicrosoftWindows.WinWhoami.rights + description: A list of logon rights assigned to the logon. + type: unknown + - contextPath: MicrosoftWindows.WinWhoami.logon_server + description: The name of the server used to authenticate the owner of the logon + session. + type: string + - contextPath: MicrosoftWindows.WinWhoami.logon_id + description: The unique identifier of the logon session. + type: number + - contextPath: MicrosoftWindows.WinWhoami.dns_domain_name + description: The DNS name of the logon session, this is an empty string if this + is not set. + type: string + - contextPath: MicrosoftWindows.WinWhoami.token_type + description: The token type to indicate whether it is a primary or impersonation + token. + type: string + - arguments: + - description: Hostname or IP of target. Optionally the port can be specified + using :PORT. If multiple targets are specified using an array, the integration + will use the configured concurrency factor for high performance. + isArray: true + name: host + required: true + - description: 'The attribute name if the type is ''attribute''. Required if `type=attribute`.' + name: attribute + - auto: PREDEFINED + defaultValue: 'No' + description: When set to `yes`, return the number of nodes matched by `xpath`. + name: count + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Determine whether a backup should be created. When set to `yes`, + create a backup file including the timestamp information so you can get the + original file back if you somehow clobbered it incorrectly.' + name: backup + predefined: + - 'Yes' + - 'No' + - description: The string representation of the XML fragment expected at xpath. Since + ansible 2.9 not required when `state=absent`, or when `count=yes`. + name: fragment + - description: Path to the file to operate on. + name: path + required: true + - auto: PREDEFINED + defaultValue: present + description: Set or remove the nodes (or attributes) matched by `xpath`. + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: element + description: The type of XML node you are working with. + name: type + predefined: + - attribute + - element + - text + required: true + - description: Xpath to select the node or nodes to operate on. + name: xpath + required: true + description: "Manages XML file content on Windows hosts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/win_xml_module.html" + name: win-xml + outputs: + - contextPath: MicrosoftWindows.WinXml.backup_file + description: Name of the backup file that was created. + type: string + - contextPath: MicrosoftWindows.WinXml.count + description: Number of nodes matched by xpath. + type: number + - contextPath: MicrosoftWindows.WinXml.msg + description: What was done. + type: string + - contextPath: MicrosoftWindows.WinXml.err + description: XML comparison exceptions. + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows_description.md b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows_description.md new file mode 100644 index 000000000000..204b4a541f5d --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows_description.md @@ -0,0 +1,30 @@ +# Ansible Microsoft Windows + +This integration enables the management of Microsoft Windows hosts directly from XSOAR using WinRM. + +WinRM is enabled by default on all Windows Server operating systems since Windows Server 2012 and above, but disabled on all client operating systems like Windows 10, Windows 8 and Windows 7. WinRM can be enabled on Windows client OSes [using Group Policy](https://docs.microsoft.com/en-us/windows/win32/winrm/installation-and-configuration-for-windows-remote-management#configuring-winrm-with-group-policy). + +This integration uses NTLM for authentication. This ensures that actual credentials are never sent over the network, instead relying on hashing methods. By default, the initial authentication phase is performed unencrypted over HTTP, after which all communication is encrypted using a symmetric 256-bit key. If it is desired to use HTTPS from the onset, [additional configuration on the Windows host is required](https://docs.microsoft.com/en-US/troubleshoot/windows-client/system-management-components/configure-winrm-for-https). After WinRM is configured for HTTPS, update the port setting on the integration. Any port other than the default 5985 will use HTTPS communication. + +## Network Requirements + +By default, TCP port 5985 will be used. If WinRM is configured for HTTPS, update the port setting on the integration. + +Please also note that the default Windows Firewall Policy (Windows Remote Management (HTTP-In)) allows WinRM connections only from the private networks. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. + +## Credentials + +A Windows Domain Account is recommended; however local accounts are also supported. +The username syntax can be in Pre-Windows2000 style (domain.local/account) or in newer UPN format (account@domain.local) + +## Permissions + +While Administrative privileges are not strictly required, WinRM is configured by default to only allow connections from accounts in the local Administrators group. + +Non-administrative accounts can be used with WinRM, however most typical server administration tasks require some level of administrative access, so the utility is usually limited. + +## Testing + +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!win-gather-facts`command providing an example `host` as the command argument. This command will connect to the specified host with the configured credentials in the integration, and if successful output general information about the host. \ No newline at end of file diff --git a/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows_image.png b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/AnsibleMicrosoftWindows_image.png new file mode 100644 index 0000000000000000000000000000000000000000..3325363e6077f9d28ad851ace78b1319f2fee17d GIT binary patch literal 2156 zcmZve=Q|sU0>(p=*s-@-EfP}4I9A07LZqnGrZ!ch_UP51ZPW@Hsamm1m2k{zdTQ2; z*{V^5qngt6*n6}%?se{SKb_}(c;EN={RO`_)z-#>hf{(R008hQ77)m3W#mo+803Yd0^~mxwd_U0r}b z$4K^t7>GYKJ+4&oHV|o>4GjH+gTI!SC$qYoy{i}Z^Sv+PmgBSWiTuE=;kTNanzfFY zttl(dIxXoTR9n!>Gg}-;Ny@#OgMba|`6^r#_J0s%bOVgc$U$VXb|wfy8W@SaD!N~{ zIc;>?;{{20GK#R&Oz&t}=Tc!vWLe^^R>sY@XE<$88`hpts5zdfWJ1>xC!OQFnl$K3 zZjQkmpg>u-b|dAU#MGp>^Q0)~7mG9Tn>CU_5clq2ZkoC-@tqmIQ?`TMqU)^cb&>sF zFXD-rDaYUfTA;oo%vz01DMU9>fL4>a*h zzT*bRtO!93)0_VzC#%|8vpUu-b|hSDeloQ#PVKkk5yp|C|IsBMx5H7J0n%ITK#_<# zlfi+2KwjqDvpltVtvIy_*Kb-SeIGvR@E~;@jIO?$s^mAvsQuaVs!=i$+Y~JjBnTyS z3okt?U0w}9-2%@T(-<3Nce!m)#XB4a=$!czcnDW{N)3X>&g~iM@O%O7a)0%C&jp4e zJ?l)xpIpPULXk3-GZl32>F|JE?5UEx>2NowF=_5(e>|2{_VMlPi9z$>qNM`S<5EN7 zMMn4j&y)!{B8hPf3YN^!GUA@BjccDeq*!@nJF|7*RVqqW25#tKK*6n8Vp>&^AKUgO zXUWv@BXlRYB&%BneWGk`#OXwND*egmw!!{INQljI)4J4!sba&x=T zSA0QKsaJL}i4K*8*%n>QFjFX#)5Me4384}-U+vcl0*-vopY16vS zTq3j*;hE2=Uh03@XE(ek8rpVUovhv}hd^#(PA-ysxs#d^`*qWZf%(e4^`F%D1n`SDFeQ+U`?Jz%!ban5KOT1TDaLDUmNN#id;Coo(RT09T zE?oOrhYH+EKGF$Lq2)IU^>=ygut`QiFza_M=aR7XpgJ(%tsu)5fOKWOXWvakpIqr5$jVlkW$e z4g;V}NW9YImi*ishLx_^p!`FEtMv(H?x6d+ELPrw=$h~VuHa2Gst@`$VZrL!t(8Qf zC$ICF$B2e}6p*=a#Z{?fhBVc2=sH8omCnQpZI4i^difNI%h^N-v;@X2_7hMyYzQ^%81i?WY@&v2&`Z;Dn+u~lOJX1t&Y;*PpB?1)q z7HMfuB_-T|yR+-RzL(|^7*`rZg=#n5MfBtv=k$64&CjEG!iq z?kE;Gl9AlRItgHiU`JS^DroQ}HvD1X4#9ZCnJLbdUuXl&6!wes9*Tsu2xoG%kkH<#g$@7(_Vk=~AKYwlaK~*ZVBU4Bm z=mV`84SFLpW^dl<09CpTP5W19WT;q0J4v(Fs#RLqZ0I$kr!E4>Cfc?)*r!M6&mnlR zv1zEaTpuXyz`#267%cEj`U2q;@X#k+1Ht6n&6o|Z9iCWt38*XgB(Qz;tb%KVwoC_P zM(8y39puWI9&Rk2!9`kS5K_?^j{1Rt)Qqc@)_z#X-~yg|RAK4t{V4*o^&HiiN`(v^6t+V5v3X*l^2? z#NXfkz0YVzXrAv{Tke`gx?kxrR2;#pd^4C){6}eKUOv=rh)@z+K!#`>XsMz>cbZkz z?Z6Gu%3L!KHi>K6B~RK%rK)yfCoKkYrS4H3qH4bx4?C2M7aM*tPEu%bj%LpmUj8{h z>(M{sID2rHw(i0}mta-P^r|;xtFn5f-uVdZO$;Ue1QoWlW?)&7<(C7sL8&IEf11dh z{nVp-Q%dh;=2%98sl%K1%rf-tbEB^mfsGQI2HR0MYP8T6qjL`*CI(BI(If3ID7VPP zLYka@-FXj;$bk`2A(P%pa+H}|75WnX@r3H!rSSh*@o!0%Lx*anAMwj#{UOv5CfI~ literal 0 HcmV?d00001 diff --git a/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/README.md b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/README.md new file mode 100644 index 000000000000..46feafbd916a --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/README.md @@ -0,0 +1,7075 @@ +This integration enables the management of Microsoft Windows hosts directly from XSOAR using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server, all you need to do is provide credentials you are ready to use the feature rich commands. This integration functions without any agents or additional software installed on the Windows hosts by utilising the Windows Remote Management (WinRM) API interface present in Windows 2008 and above combined with PowerShell. + +To use this integration, configure an instance of this integration. This will associate a credential to be used to access hosts when commands are run. The commands from this integration will take the Windows host address(es) as an input, and use the saved credential associated to the instance to execute. Create separate instances if multiple credentials are required. + +This integration uses NTLM for authentication. This ensures that actual credentials are never sent over the network, instead relying on hashing methods. By default, the initial authentication phase is performed unencrypted over HTTP, after which all communication is encrypted using a symmetric 256-bit key. If it is desired to use HTTPS from the onset, [additional configuration on the Windows host is required](https://docs.microsoft.com/en-US/troubleshoot/windows-client/system-management-components/configure-winrm-for-https). After WinRM is configured for HTTPS, update the port setting on the integration. Any port other than the default 5985 will use HTTPS communication. + +## Host Requirements +WinRM is enabled by default on all Windows Server operating systems since Windows Server 2012 and above, but disabled on all client operating systems like Windows 10, Windows 8 and Windows 7. + +WinRM can be enabled on Windows client OSes [using Group Policy](https://docs.microsoft.com/en-us/windows/win32/winrm/installation-and-configuration-for-windows-remote-management#configuring-winrm-with-group-policy). + +PowerShell 3.0 or newer and at least .NET 4.0 to be installed on the Windows host. + +## Network Requirements +By default, TCP port 5985 will be used. If WinRM is configured for HTTPS, update the port setting on the integration. + +Please also note that the default Windows Firewall Policy (Windows Remote Management (HTTP-In)) allows WinRM connections only from the private networks. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. +## Credentials +A Windows Domain Account is recommended; however local accounts are also supported. +The username syntax can be in Pre-Windows2000 style (domain.local/account) or in newer UPN format (account@domain.local) +## Permissions +While Administrative privileges are not strictly required, WinRM is configured by default to only allow connections from accounts in the local Administrators group. + +Non-administrative accounts can be used with WinRM, however most typical server administration tasks require some level of administrative access, so the utility is usually limited. +## Concurrency +This integration supports execution of commands against multiple hosts concurrently. The `host` parameter accepts a list of addresses, and will run the command in parallel as per the **Concurrency Factor** value. + +## Further information +This integration is powered by Ansible 2.9. Further information can be found on that the following locations: +* [Ansible Windows Guide](https://docs.ansible.com/ansible/2.9/user_guide/windows_setup.html) +* [Windows Module Index](https://docs.ansible.com/ansible/2.9/modules/list_of_windows_modules.html) + + +## Configure Ansible Microsoft Windows on Cortex XSOAR +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Ansible Microsoft Windows. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Username | The credentials to associate with the instance. | True | + | Default WinRM Port | The default port to use if one is not specified in the commands \`host\` argument. If 5985 is specified the HTTP transport method will be used. Otherwise HTTPS will be used for all other ports | True | + | Concurrency Factor | If multiple hosts are specified in a command, how many hosts should be interacted with concurrently. | True | + +## Testing +This integration does not support testing from the integration management screen. Instead it is recommended to use the `!win-gather-facts`command providing an example `host` as the command argument. This command will connect to the specified host with the configured credentials in the integration, and if successful output general information about the host. + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. + +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### win-gather-facts +*** +Gathers facts about remote hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/gather_facts_module.html + + +#### Base Command + +`win-gather-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| parallel | A toggle that controls if the fact modules are executed in parallel or serially and in order. This can guarantee the merge order of module facts at the expense of performance.
By default it will be true if more than one fact module is used. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +### win-acl +*** +Set file/directory/registry permissions for a system user or group +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_acl_module.html + + +#### Base Command + +`win-acl` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The path to the file or directory. | Required | +| user | User or Group to add specified rights to act on src file/folder or registry key. | Required | +| state | Specify whether to add `present` or remove `absent` the specified access rule. Possible values are: absent, present. Default is present. | Optional | +| type | Specify whether to allow or deny the rights specified. Possible values are: allow, deny. | Required | +| rights | The rights/permissions that are to be allowed/denied for the specified user or group for the item at `path`.
If `path` is a file or directory, rights can be any right under MSDN FileSystemRights `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx`.
If `path` is a registry key, rights can be any right under MSDN RegistryRights `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.registryrights.aspx`. | Required | +| inherit | Inherit flags on the ACL rules.
Can be specified as a comma separated list, e.g. `ContainerInherit`, `ObjectInherit`.
For more information on the choices see MSDN InheritanceFlags enumeration at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.inheritanceflags.aspx`.
Defaults to `ContainerInherit, ObjectInherit` for Directories. Possible values are: ContainerInherit, ObjectInherit. | Optional | +| propagation | Propagation flag on the ACL rules.
For more information on the choices see MSDN PropagationFlags enumeration at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.propagationflags.aspx`. Possible values are: InheritOnly, None, NoPropagateInherit. Default is None. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-acl host="123.123.123.123" user="fed-phil" path="C:\\Important\\Executable.exe" type="deny" rights="ExecuteFile,Write" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinAcl": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + + +### win-acl-inheritance +*** +Change ACL inheritance +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_acl_inheritance_module.html + + +#### Base Command + +`win-acl-inheritance` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to be used for changing inheritance. | Required | +| state | Specify whether to enable `present` or disable `absent` ACL inheritance. Possible values are: absent, present. Default is absent. | Optional | +| reorganize | For P(state) = `absent`, indicates if the inherited ACE's should be copied from the parent directory. This is necessary (in combination with removal) for a simple ACL instead of using multiple ACE deny entries.
For P(state) = `present`, indicates if the inherited ACE's should be deduplicated compared to the parent directory. This removes complexity of the ACL structure. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-acl-inheritance host="123.123.123.123" path="C://apache" state="absent"``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinAclInheritance": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + + +### win-audit-policy-system +*** +Used to make changes to the system wide Audit Policy +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_audit_policy_system_module.html + + +#### Base Command + +`win-audit-policy-system` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| category | Single string value for the category you would like to adjust the policy on.
Cannot be used with `subcategory`. You must define one or the other.
Changing this setting causes all subcategories to be adjusted to the defined `audit_type`. | Optional | +| subcategory | Single string value for the subcategory you would like to adjust the policy on.
Cannot be used with `category`. You must define one or the other. | Optional | +| audit_type | The type of event you would like to audit for.
Accepts a list. See examples. Possible values are: failure, none, success. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinAuditPolicySystem.current_audit_policy | unknown | details on the policy being targetted | + + +#### Command Example +```!win-audit-policy-system host="123.123.123.123" subcategory="File System" audit_type="failure" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinAuditPolicySystem": { + "changed": false, + "current_audit_policy": { + "file system": "failure" + }, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Current_Audit_Policy +> * file system: failure + + +### win-audit-rule +*** +Adds an audit rule to files, folders, or registry keys +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_audit_rule_module.html + + +#### Base Command + +`win-audit-rule` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to the file, folder, or registry key.
Registry paths should be in Powershell format, beginning with an abbreviation for the root such as, `HKLM:\Software`. | Required | +| user | The user or group to adjust rules for. | Required | +| rights | Comma separated list of the rights desired. Only required for adding a rule.
If `path` is a file or directory, rights can be any right under MSDN FileSystemRights `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx`.
If `path` is a registry key, rights can be any right under MSDN RegistryRights `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.registryrights.aspx`. | Required | +| inheritance_flags | Defines what objects inside of a folder or registry key will inherit the settings.
If you are setting a rule on a file, this value has to be changed to `none`.
For more information on the choices see MSDN PropagationFlags enumeration at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.inheritanceflags.aspx`. Possible values are: ContainerInherit, ObjectInherit. Default is ContainerInherit,ObjectInherit. | Optional | +| propagation_flags | Propagation flag on the audit rules.
This value is ignored when the path type is a file.
For more information on the choices see MSDN PropagationFlags enumeration at `https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.propagationflags.aspx`. Possible values are: None, InherityOnly, NoPropagateInherit. Default is None. | Optional | +| audit_flags | Defines whether to log on failure, success, or both.
To log both define as comma separated list "Success, Failure". Possible values are: Failure, Success. | Required | +| state | Whether the rule should be `present` or `absent`.
For absent, only `path`, `user`, and `state` are required.
Specifying `absent` will remove all rules matching the defined `user`. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinAuditRule.current_audit_rules | unknown | The current rules on the defined \`path\` +Will return "No audit rules defined on \`path\`" | +| MicrosoftWindows.WinAuditRule.path_type | string | The type of \`path\` being targetted. +Will be one of file, directory, registry. | + + +#### Command Example +```!win-audit-rule host="123.123.123.123" path="C:\\inetpub\\wwwroot\\website" user="BUILTIN\\Users" rights="write,delete,changepermissions" audit_flags="success,failure" inheritance_flags="ContainerInherit,ObjectInherit" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinAuditRule": { + "changed": true, + "current_audit_rules": { + "audit_flags": "Success, Failure", + "inheritance_flags": "ContainerInherit, ObjectInherit", + "is_inherited": "False", + "propagation_flags": "None", + "rights": "Write, Delete, ChangePermissions", + "user": "BUILTIN\\Users" + }, + "host": "123.123.123.123", + "path_type": "directory", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * path_type: directory +> * ## Current_Audit_Rules +> * audit_flags: Success, Failure +> * inheritance_flags: ContainerInherit, ObjectInherit +> * is_inherited: False +> * propagation_flags: None +> * rights: Write, Delete, ChangePermissions +> * user: BUILTIN\Users + + +### win-certificate-store +*** +Manages the certificate store +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_certificate_store_module.html + + +#### Base Command + +`win-certificate-store` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | If `present`, will ensure that the certificate at `path` is imported into the certificate store specified.
If `absent`, will ensure that the certificate specified by `thumbprint` or the thumbprint of the cert at `path` is removed from the store specified.
If `exported`, will ensure the file at `path` is a certificate specified by `thumbprint`.
When exporting a certificate, if `path` is a directory then the module will fail, otherwise the file will be replaced if needed. Possible values are: absent, exported, present. Default is present. | Optional | +| path | The path to a certificate file.
This is required when `state` is `present` or `exported`.
When `state` is `absent` and `thumbprint` is not specified, the thumbprint is derived from the certificate at this path. | Optional | +| thumbprint | The thumbprint as a hex string to either export or remove.
See the examples for how to specify the thumbprint. | Optional | +| store_name | The store name to use when importing a certificate or searching for a certificate.
`AddressBook`: The X.509 certificate store for other users
`AuthRoot`: The X.509 certificate store for third-party certificate authorities (CAs)
`CertificateAuthority`: The X.509 certificate store for intermediate certificate authorities (CAs)
`Disallowed`: The X.509 certificate store for revoked certificates
`My`: The X.509 certificate store for personal certificates
`Root`: The X.509 certificate store for trusted root certificate authorities (CAs)
`TrustedPeople`: The X.509 certificate store for directly trusted people and resources
`TrustedPublisher`: The X.509 certificate store for directly trusted publishers. Possible values are: AddressBook, AuthRoot, CertificateAuthority, Disallowed, My, Root, TrustedPeople, TrustedPublisher. Default is My. | Optional | +| store_location | The store location to use when importing a certificate or searching for a certificate. Possible values are: CurrentUser, LocalMachine. Default is LocalMachine. | Optional | +| password | The password of the pkcs12 certificate key.
This is used when reading a pkcs12 certificate file or the password to set when `state=exported` and `file_type=pkcs12`.
If the pkcs12 file has no password set or no password should be set on the exported file, do not set this option. | Optional | +| key_exportable | Whether to allow the private key to be exported.
If `no`, then this module and other process will only be able to export the certificate and the private key cannot be exported.
Used when `state=present` only. Possible values are: Yes, No. Default is Yes. | Optional | +| key_storage | Specifies where Windows will store the private key when it is imported.
When set to `default`, the default option as set by Windows is used, typically `user`.
When set to `machine`, the key is stored in a path accessible by various users.
When set to `user`, the key is stored in a path only accessible by the current user.
Used when `state=present` only and cannot be changed once imported.
See `https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags.aspx` for more details. Possible values are: default, machine, user. Default is default. | Optional | +| file_type | The file type to export the certificate as when `state=exported`.
`der` is a binary ASN.1 encoded file.
`pem` is a base64 encoded file of a der file in the OpenSSL form.
`pkcs12` (also known as pfx) is a binary container that contains both the certificate and private key unlike the other options.
When `pkcs12` is set and the private key is not exportable or accessible by the current user, it will throw an exception. Possible values are: der, pem, pkcs12. Default is der. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinCertificateStore.thumbprints | unknown | A list of certificate thumbprints that were touched by the module. | + + +#### Command Example +```!win-certificate-store host="123.123.123.123" path="C:\\Temp\\cert.pem" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinCertificateStore": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED", + "thumbprints": [ + "58288A1E834AD6E157688226A7206914CBD28519" + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Thumbprints +> * 0: 58288A1E834AD6E157688226A7206914CBD28519 + + +### win-chocolatey +*** +Manage packages using chocolatey +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_module.html + + +#### Base Command + +`win-chocolatey` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| allow_empty_checksums | Allow empty checksums to be used for downloaded resource from non-secure locations.
Use `win_chocolatey_feature` with the name `allowEmptyChecksums` to control this option globally. Possible values are: Yes, No. Default is No. | Optional | +| allow_multiple | Allow the installation of multiple packages when `version` is specified.
Having multiple packages at different versions can cause issues if the package doesn't support this. Use at your own risk. Possible values are: Yes, No. Default is No. | Optional | +| allow_prerelease | Allow the installation of pre-release packages.
If `state` is `latest`, the latest pre-release package will be installed. Possible values are: Yes, No. Default is No. | Optional | +| architecture | Force Chocolatey to install the package of a specific process architecture.
When setting `x86`, will ensure Chocolatey installs the x86 package even when on an x64 bit OS. Possible values are: default, x86. Default is default. | Optional | +| force | Forces the install of a package, even if it already is installed.
Using `force` will cause Ansible to always report that a change was made. Possible values are: Yes, No. Default is No. | Optional | +| install_args | Arguments to pass to the native installer.
These are arguments that are passed directly to the installer the Chocolatey package runs, this is generally an advanced option. | Optional | +| ignore_checksums | Ignore the checksums provided by the package.
Use `win_chocolatey_feature` with the name `checksumFiles` to control this option globally. Possible values are: Yes, No. Default is No. | Optional | +| ignore_dependencies | Ignore dependencies, only install/upgrade the package itself. Possible values are: Yes, No. Default is No. | Optional | +| name | Name of the package(s) to be installed.
Set to `all` to run the action on all the installed packages. | Required | +| package_params | Parameters to pass to the package.
These are parameters specific to the Chocolatey package and are generally documented by the package itself.
Before Ansible 2.7, this option was just `params`. | Optional | +| pinned | Whether to pin the Chocolatey package or not.
If omitted then no checks on package pins are done.
Will pin/unpin the specific version if `version` is set.
Will pin the latest version of a package if `yes`, `version` is not set and and no pin already exists.
Will unpin all versions of a package if `no` and `version` is not set.
This is ignored when `state=absent`. | Optional | +| proxy_url | Proxy URL used to install chocolatey and the package.
Use `win_chocolatey_config` with the name `proxy` to control this option globally. | Optional | +| proxy_username | Proxy username used to install Chocolatey and the package.
Before Ansible 2.7, users with double quote characters `"` would need to be escaped with `\` beforehand. This is no longer necessary.
Use `win_chocolatey_config` with the name `proxyUser` to control this option globally. | Optional | +| proxy_password | Proxy password used to install Chocolatey and the package.
This value is exposed as a command argument and any privileged account can see this value when the module is running Chocolatey, define the password on the global config level with `win_chocolatey_config` with name `proxyPassword` to avoid this. | Optional | +| skip_scripts | Do not run `chocolateyInstall.ps1` or `chocolateyUninstall.ps1` scripts when installing a package. Possible values are: Yes, No. Default is No. | Optional | +| source | Specify the source to retrieve the package from.
Use `win_chocolatey_source` to manage global sources.
This value can either be the URL to a Chocolatey feed, a path to a folder containing `.nupkg` packages or the name of a source defined by `win_chocolatey_source`.
This value is also used when Chocolatey is not installed as the location of the install.ps1 script and only supports URLs for this case. | Optional | +| source_username | A username to use with `source` when accessing a feed that requires authentication.
It is recommended you define the credentials on a source with `win_chocolatey_source` instead of passing it per task. | Optional | +| source_password | The password for `source_username`.
This value is exposed as a command argument and any privileged account can see this value when the module is running Chocolatey, define the credentials with a source with `win_chocolatey_source` to avoid this. | Optional | +| state | State of the package on the system.
When `absent`, will ensure the package is not installed.
When `present`, will ensure the package is installed.
When `downgrade`, will allow Chocolatey to downgrade a package if `version` is older than the installed version.
When `latest`, will ensure the package is installed to the latest available version.
When `reinstalled`, will uninstall and reinstall the package. Possible values are: absent, downgrade, latest, present, reinstalled. Default is present. | Optional | +| timeout | The time to allow chocolatey to finish before timing out. Default is 2700. | Optional | +| validate_certs | Used when downloading the Chocolatey install script if Chocolatey is not already installed, this does not affect the Chocolatey package install process.
When `no`, no SSL certificates will be validated.
This should only be used on personally controlled sites using self-signed certificate. Possible values are: Yes, No. Default is Yes. | Optional | +| version | Specific version of the package to be installed.
When `state` is set to `absent`, will uninstall the specific version otherwise all versions of that package will be removed.
If a different version of package is installed, `state` must be `latest` or `force` set to `yes` to install the desired version.
Provide as a string (e.g. `'6.1'`), otherwise it is considered to be a floating-point number and depending on the locale could become `6,1`, which will cause a failure.
If `name` is set to `chocolatey` and Chocolatey is not installed on the host, this will be the version of Chocolatey that is installed. You can also set the `chocolateyVersion` environment var. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinChocolatey.command | string | The full command used in the chocolatey task. | +| MicrosoftWindows.WinChocolatey.rc | number | The return code from the chocolatey task. | +| MicrosoftWindows.WinChocolatey.stdout | string | The stdout from the chocolatey task. The verbosity level of the messages are affected by Ansible verbosity setting, see notes for more details. | + + +#### Command Example +```!win-chocolatey host="123.123.123.123" name="git" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinChocolatey": { + "changed": true, + "host": "123.123.123.123", + "rc": 0, + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * rc: 0 + + +### win-chocolatey-config +*** +Manages Chocolatey config settings +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_config_module.html + + +#### Base Command + +`win-chocolatey-config` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the config setting to manage.
See `https://chocolatey.org/docs/chocolatey-configuration` for a list of valid configuration settings that can be changed.
Any config values that contain encrypted values like a password are not idempotent as the plaintext value cannot be read. | Required | +| state | When `absent`, it will ensure the setting is unset or blank.
When `present`, it will ensure the setting is set to the value of `value`. Possible values are: absent, present. Default is present. | Optional | +| value | Used when `state=present` that contains the value to set for the config setting.
Cannot be null or an empty string, use `state=absent` to unset a config value instead. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-chocolatey-config host="123.123.123.123" name="cacheLocation" state="present" value="D:\\chocolatey_temp" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinChocolateyConfig": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + + +### win-chocolatey-facts +*** +Create a facts collection for Chocolatey +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_facts_module.html + + +#### Base Command + +`win-chocolatey-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinChocolateyFacts.ansible_facts | unknown | Detailed information about the Chocolatey installation | + + +#### Command Example +```!win-chocolatey-facts host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinChocolateyFacts": { + "chocolatey": { + "config": { + "cacheLocation": "D:\\chocolatey_temp", + "commandExecutionTimeoutSeconds": 2700, + "containsLegacyPackageInstalls": true, + "proxy": "", + "proxyBypassList": "", + "proxyBypassOnLocal": true, + "proxyPassword": "", + "proxyUser": "", + "upgradeAllExceptions": "", + "webRequestTimeoutSeconds": 30 + }, + "feature": { + "allowEmptyChecksums": false, + "allowEmptyChecksumsSecure": true, + "allowGlobalConfirmation": false, + "autoUninstaller": true, + "checksumFiles": true, + "exitOnRebootDetected": false, + "failOnAutoUninstaller": false, + "failOnInvalidOrMissingLicense": false, + "failOnStandardError": false, + "ignoreInvalidOptionsSwitches": true, + "ignoreUnfoundPackagesOnUpgradeOutdated": false, + "logEnvironmentValues": false, + "logValidationResultsOnWarnings": true, + "logWithoutColor": false, + "powershellHost": true, + "removePackageInformationOnUninstall": false, + "scriptsCheckLastExitCode": false, + "showDownloadProgress": true, + "showNonElevatedWarnings": true, + "skipPackageUpgradesWhenNotInstalled": false, + "stopOnFirstPackageFailure": false, + "useEnhancedExitCodes": false, + "useFipsCompliantChecksums": false, + "usePackageExitCodes": true, + "usePackageRepositoryOptimizations": true, + "useRememberedArgumentsForUpgrades": false, + "virusCheck": false + }, + "packages": [ + { + "package": "chocolatey", + "version": "0.10.15" + }, + { + "package": "chocolatey-core.extension", + "version": "1.1.1.1" + }, + { + "package": "git", + "version": "2.32.0" + }, + { + "package": "git.install", + "version": "2.32.0" + }, + { + "package": "nssm", + "version": "2.24.101.20180116" + } + ], + "sources": [ + { + "admin_only": false, + "allow_self_service": false, + "bypass_proxy": false, + "certificate": null, + "disabled": false, + "name": "chocolatey", + "priority": 0, + "source": "https://chocolatey.org/api/v2/", + "source_username": null + } + ] + }, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * ## Chocolatey +> * ### Config +> * cacheLocation: D:\chocolatey_temp +> * commandExecutionTimeoutSeconds: 2700 +> * containsLegacyPackageInstalls: True +> * proxy: +> * proxyBypassList: +> * proxyBypassOnLocal: True +> * proxyPassword: +> * proxyUser: +> * upgradeAllExceptions: +> * webRequestTimeoutSeconds: 30 +> * ### Feature +> * allowEmptyChecksums: False +> * allowEmptyChecksumsSecure: True +> * allowGlobalConfirmation: False +> * autoUninstaller: True +> * checksumFiles: True +> * exitOnRebootDetected: False +> * failOnAutoUninstaller: False +> * failOnInvalidOrMissingLicense: False +> * failOnStandardError: False +> * ignoreInvalidOptionsSwitches: True +> * ignoreUnfoundPackagesOnUpgradeOutdated: False +> * logEnvironmentValues: False +> * logValidationResultsOnWarnings: True +> * logWithoutColor: False +> * powershellHost: True +> * removePackageInformationOnUninstall: False +> * scriptsCheckLastExitCode: False +> * showDownloadProgress: True +> * showNonElevatedWarnings: True +> * skipPackageUpgradesWhenNotInstalled: False +> * stopOnFirstPackageFailure: False +> * useEnhancedExitCodes: False +> * useFipsCompliantChecksums: False +> * usePackageExitCodes: True +> * usePackageRepositoryOptimizations: True +> * useRememberedArgumentsForUpgrades: False +> * virusCheck: False +> * ### Packages +> * ### List +> * package: chocolatey +> * version: 0.10.15 +> * ### List +> * package: chocolatey-core.extension +> * version: 1.1.1.1 +> * ### List +> * package: git +> * version: 2.32.0 +> * ### List +> * package: git.install +> * version: 2.32.0 +> * ### List +> * package: nssm +> * version: 2.24.101.20180116 +> * ### Sources +> * ### Chocolatey +> * admin_only: False +> * allow_self_service: False +> * bypass_proxy: False +> * certificate: None +> * disabled: False +> * name: chocolatey +> * priority: 0 +> * source: https://chocolatey.org/api/v2/ +> * source_username: None + + +### win-chocolatey-feature +*** +Manages Chocolatey features +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_feature_module.html + + +#### Base Command + +`win-chocolatey-feature` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the feature to manage.
Run `choco.exe feature list` to get a list of features that can be managed. | Required | +| state | When `disabled` then the feature will be disabled.
When `enabled` then the feature will be enabled. Possible values are: disabled, enabled. Default is enabled. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-chocolatey-feature host="123.123.123.123" name="checksumFiles" state="disabled" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinChocolateyFeature": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + + +### win-chocolatey-source +*** +Manages Chocolatey sources +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_source_module.html + + +#### Base Command + +`win-chocolatey-source` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| admin_only | Makes the source visible to Administrators only.
Requires Chocolatey >= 0.10.8.
When creating a new source, this defaults to `no`. | Optional | +| allow_self_service | Allow the source to be used with self-service
Requires Chocolatey >= 0.10.4.
When creating a new source, this defaults to `no`. | Optional | +| bypass_proxy | Bypass the proxy when using this source.
Requires Chocolatey >= 0.10.4.
When creating a new source, this defaults to `no`. | Optional | +| certificate | The path to a .pfx file to use for X509 authenticated feeds.
Requires Chocolatey >= 0.9.10. | Optional | +| certificate_password | The password for `certificate` if required.
Requires Chocolatey >= 0.9.10. | Optional | +| name | The name of the source to configure. | Required | +| priority | The priority order of this source compared to other sources, lower is better.
All priorities above `0` will be evaluated first, then zero-based values will be evaluated in config file order.
Requires Chocolatey >= 1.1.1.1.
When creating a new source, this defaults to `0`. | Optional | +| source | The file/folder/url of the source.
Required when `state` is `present` or `disabled` and the source does not already exist. | Optional | +| source_username | The username used to access `source`. | Optional | +| source_password | The password for `source_username`.
Required if `source_username` is set. | Optional | +| state | When `absent`, will remove the source.
When `disabled`, will ensure the source exists but is disabled.
When `present`, will ensure the source exists and is enabled. Possible values are: absent, disabled, present. Default is present. | Optional | +| update_password | When `always`, the module will always set the password and report a change if `certificate_password` or `source_password` is set.
When `on_create`, the module will only set the password if the source is being created. Possible values are: always, on_create. Default is always. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-chocolatey-source host="123.123.123.123" name="chocolatey" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinChocolateySource": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### win-copy +*** +Copies files to remote locations on windows hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_copy_module.html + + +#### Base Command + +`win-copy` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| content | When used instead of `src`, sets the contents of a file directly to the specified value.
This is for simple values, for anything complex or with formatting please switch to the `template` module. | Optional | +| decrypt | This option controls the autodecryption of source files using vault. Possible values are: Yes, No. Default is Yes. | Optional | +| dest | Remote absolute path where the file should be copied to.
If `src` is a directory, this must be a directory too.
Use \ for path separators or \\ when in "double quotes".
If `dest` ends with \ then source or the contents of source will be copied to the directory without renaming.
If `dest` is a nonexistent path, it will only be created if `dest` ends with "/" or "\", or `src` is a directory.
If `src` and `dest` are files and if the parent directory of `dest` doesn't exist, then the task will fail. | Required | +| backup | Determine whether a backup should be created.
When set to `yes`, create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
No backup is taken when `remote_"src"=False` and multiple files are being copied. Possible values are: Yes, No. Default is No. | Optional | +| force | If set to `yes`, the file will only be transferred if the content is different than destination.
If set to `no`, the file will only be transferred if the destination does not exist.
If set to `no`, no checksuming of the content is performed which can help improve performance on larger files. Possible values are: Yes, No. Default is Yes. | Optional | +| local_follow | This flag indicates that filesystem links in the source tree, if they exist, should be followed. Possible values are: Yes, No. Default is Yes. | Optional | +| remote_src | If `no`, it will search for src at originating/master machine.
If `yes`, it will go to the remote/target machine for the src. Possible values are: Yes, No. Default is No. | Optional | +| src | Local path to a file to copy to the remote server; can be absolute or relative.
If path is a directory, it is copied (including the source folder name) recursively to `dest`.
If path is a directory and ends with "/", only the inside contents of that directory are copied to the destination. Otherwise, if it does not end with "/", the directory itself with all contents is copied.
If path is a file and dest ends with "\", the file is copied to the folder with the same filename.
Required unless using `content`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinCopy.backup_file | string | Name of the backup file that was created. | +| MicrosoftWindows.WinCopy.dest | string | Destination file/path. | +| MicrosoftWindows.WinCopy.src | string | Source file used for the copy on the target machine. | +| MicrosoftWindows.WinCopy.checksum | string | SHA1 checksum of the file after running copy. | +| MicrosoftWindows.WinCopy.size | number | Size of the target, after execution. | +| MicrosoftWindows.WinCopy.operation | string | Whether a single file copy took place or a folder copy. | +| MicrosoftWindows.WinCopy.original_basename | string | Basename of the copied file. | + + +#### Command Example +```!win-copy host="123.123.123.123" "src"="C:\\Important\\Executable.exe" dest="C:\\Temp" remote_"src"=yes``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinCopy": { + "changed": true, + "checksum": "4a2446ee9651d90ac6c5613bddf416df197f6401", + "dest": "C:\\Temp\\Executable.exe", + "host": "123.123.123.123", + "operation": "file_copy", + "original_basename": "Executable.exe", + "size": 32256, + "src": "C:\\Important\\Executable.exe", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * checksum: 4a2446ee9651d90ac6c5613bddf416df197f6401 +> * dest: C:\Temp\Executable.exe +> * operation: file_copy +> * original_basename: Executable.exe +> * size: 32256 +> * src: C:\Important\Executable.exe + + +### win-credential +*** +Manages Windows Credentials in the Credential Manager +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_credential_module.html + + +#### Base Command + +`win-credential` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| alias | Adds an alias for the credential.
Typically this is the NetBIOS name of a host if `name` is set to the DNS name. | Optional | +| attributes | A list of dicts that set application specific attributes for a credential.
When set, existing attributes will be compared to the list as a whole, any differences means all attributes will be replaced. | Optional | +| comment | A user defined comment for the credential. | Optional | +| name | The target that identifies the server or servers that the credential is to be used for.
If the value can be a NetBIOS name, DNS server name, DNS host name suffix with a wildcard character (`*`), a NetBIOS of DNS domain name that contains a wildcard character sequence, or an asterisk.
See `TargetName` in `https://docs.microsoft.com/en-us/windows/desktop/api/wincred/ns-wincred-_credentiala` for more details on what this value can be.
This is used with `type` to produce a unique credential. | Required | +| persistence | Defines the persistence of the credential.
If `local`, the credential will persist for all logons of the same user on the same host.
`enterprise` is the same as `local` but the credential is visible to the same domain user when running on other hosts and not just localhost. Possible values are: enterprise, local. Default is local. | Optional | +| secret | The secret for the credential.
When omitted, then no secret is used for the credential if a new credentials is created.
When `type` is a password type, this is the password for `username`.
When `type` is a certificate type, this is the pin for the certificate. | Optional | +| secret_format | Controls the input type for `secret`.
If `text`, `secret` is a text string that is UTF-16LE encoded to bytes.
If `base64`, `secret` is a base64 string that is base64 decoded to bytes. Possible values are: base64, text. Default is text. | Optional | +| state | When `absent`, the credential specified by `name` and `type` is removed.
When `present`, the credential specified by `name` and `type` is removed. Possible values are: absent, present. Default is present. | Optional | +| type | The type of credential to store.
This is used with `name` to produce a unique credential.
When the type is a `domain` type, the credential is used by Microsoft authentication packages like Negotiate.
When the type is a `generic` type, the credential is not used by any particular authentication package.
It is recommended to use a `domain` type as only authentication providers can access the secret. Possible values are: domain_certificate, domain_password, generic_certificate, generic_password. | Required | +| update_secret | When `always`, the secret will always be updated if they differ.
When `on_create`, the secret will only be checked/updated when it is first created.
If the secret cannot be retrieved and this is set to `always`, the module will always result in a change. Possible values are: always, on_create. Default is always. | Optional | +| username | When `type` is a password type, then this is the username to store for the credential.
When `type` is a credential type, then this is the thumbprint as a hex string of the certificate to use.
When `type=domain_password`, this should be in the form of a Netlogon (DOMAIN\Username) or a UPN (username@DOMAIN).
If using a certificate thumbprint, the certificate must exist in the `CurrentUser\My` certificate store for the executing user. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +### win-defrag +*** +Consolidate fragmented files on local volumes +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_defrag_module.html + + +#### Base Command + +`win-defrag` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| include_volumes | A list of drive letters or mount point paths of the volumes to be defragmented.
If this parameter is omitted, all volumes (not excluded) will be fragmented. | Optional | +| exclude_volumes | A list of drive letters or mount point paths to exclude from defragmentation. | Optional | +| freespace_consolidation | Perform free space consolidation on the specified volumes. Possible values are: Yes, No. Default is No. | Optional | +| priority | Run the operation at low or normal priority. Possible values are: low, normal. Default is low. | Optional | +| parallel | Run the operation on each volume in parallel in the background. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDefrag.cmd | string | The complete command line used by the module. | +| MicrosoftWindows.WinDefrag.rc | number | The return code for the command. | +| MicrosoftWindows.WinDefrag.stdout | string | The standard output from the command. | +| MicrosoftWindows.WinDefrag.stderr | string | The error output from the command. | +| MicrosoftWindows.WinDefrag.msg | string | Possible error message on failure. | +| MicrosoftWindows.WinDefrag.changed | boolean | Whether or not any changes were made. | + + +#### Command Example +```!win-defrag host="123.123.123.123" parallel="True" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinDefrag": { + "changed": true, + "cmd": "defrag.exe /C /M /V", + "delta": "0:00:00.062484", + "end": "2021-06-29 03:14:21.017314", + "host": "123.123.123.123", + "rc": 0, + "start": "2021-06-29 03:14:20.954829", + "status": "CHANGED", + "stderr": "", + "stderr_lines": [], + "stdout": "Microsoft Drive Optimizer\r\nCopyright (c) 2013 Microsoft Corp.\r\n\r\nAn invalid command line option was specified. (0x89000008)\r\n\r\nDescription:\r\n\r\n\tOptimizes and defragments files on local volumes to\r\n\timprove system performance.\r\n\r\nSyntax:\r\n\r\n\tdefrag | /C | /E [] [/H] [/M [n] | [/U] [/V]] [/I n]\r\n\r\n\tWhere is omitted (traditional defrag), or as follows:\r\n\t\t/A | [/D] [/K] [/L] | /O | /X\r\n\r\n\tOr, to track an operation already in progress on a volume:\r\n\tdefrag /T\r\n\r\nParameters:\r\n\r\n\tValue\tDescription\r\n\r\n\t/A\tPerform analysis on the specified volumes.\r\n\r\n\t/C\tPerform the operation on all volumes.\r\n\r\n\t/D\tPerform traditional defrag (this is the default).\r\n\r\n\t/E\tPerform the operation on all volumes except those specified.\r\n\r\n\t/G\tOptimize the storage tiers on the specified volumes.\r\n\r\n\t/H\tRun the operation at normal priority (default is low).\r\n\r\n\t/I n\tTier optimization would run for at most n seconds on each volume.\r\n\r\n\t/K\tPerform slab consolidation on the specified volumes.\r\n\r\n\t/L\tPerform retrim on the specified volumes.\r\n\r\n\t/M [n]\tRun the operation on each volume in parallel in the background.\r\n\t\tAt most n threads optimize the storage tiers in parallel.\r\n\r\n\t/O\tPerform the proper optimization for each media type.\r\n\r\n\t/T\tTrack an operation already in progress on the specified volume.\r\n\r\n\t/U\tPrint the progress of the operation on the screen.\r\n\r\n\t/V\tPrint verbose output containing the fragmentation statistics.\r\n\r\n\t/X\tPerform free space consolidation on the specified volumes.\r\n\r\nExamples:\r\n\r\n\tdefrag C: /U /V\r\n\tdefrag C: D: /M\r\n\tdefrag C:\\mountpoint /A /U\r\n\tdefrag /C /H /V\r\n", + "stdout_lines": [ + "Microsoft Drive Optimizer", + "Copyright (c) 2013 Microsoft Corp.", + "", + "An invalid command line option was specified. (0x89000008)", + "", + "Description:", + "", + "\tOptimizes and defragments files on local volumes to", + "\timprove system performance.", + "", + "Syntax:", + "", + "\tdefrag | /C | /E [] [/H] [/M [n] | [/U] [/V]] [/I n]", + "", + "\tWhere is omitted (traditional defrag), or as follows:", + "\t\t/A | [/D] [/K] [/L] | /O | /X", + "", + "\tOr, to track an operation already in progress on a volume:", + "\tdefrag /T", + "", + "Parameters:", + "", + "\tValue\tDescription", + "", + "\t/A\tPerform analysis on the specified volumes.", + "", + "\t/C\tPerform the operation on all volumes.", + "", + "\t/D\tPerform traditional defrag (this is the default).", + "", + "\t/E\tPerform the operation on all volumes except those specified.", + "", + "\t/G\tOptimize the storage tiers on the specified volumes.", + "", + "\t/H\tRun the operation at normal priority (default is low).", + "", + "\t/I n\tTier optimization would run for at most n seconds on each volume.", + "", + "\t/K\tPerform slab consolidation on the specified volumes.", + "", + "\t/L\tPerform retrim on the specified volumes.", + "", + "\t/M [n]\tRun the operation on each volume in parallel in the background.", + "\t\tAt most n threads optimize the storage tiers in parallel.", + "", + "\t/O\tPerform the proper optimization for each media type.", + "", + "\t/T\tTrack an operation already in progress on the specified volume.", + "", + "\t/U\tPrint the progress of the operation on the screen.", + "", + "\t/V\tPrint verbose output containing the fragmentation statistics.", + "", + "\t/X\tPerform free space consolidation on the specified volumes.", + "", + "Examples:", + "", + "\tdefrag C: /U /V", + "\tdefrag C: D: /M", + "\tdefrag C:\\mountpoint /A /U", + "\tdefrag /C /H /V" + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * cmd: defrag.exe /C /M /V +> * delta: 0:00:00.062484 +> * end: 2021-06-29 03:14:21.017314 +> * rc: 0 +> * start: 2021-06-29 03:14:20.954829 +> * stderr: +> * stdout: Microsoft Drive Optimizer +>Copyright (c) 2013 Microsoft Corp. +> +>An invalid command line option was specified. (0x89000008) +> +>Description: +> +> Optimizes and defragments files on local volumes to +> improve system performance. +> +>Syntax: +> +> defrag | /C | /E [] [/H] [/M [n] | [/U] [/V]] [/I n] +> +> Where is omitted (traditional defrag), or as follows: +> /A | [/D] [/K] [/L] | /O | /X +> +> Or, to track an operation already in progress on a volume: +> defrag /T +> +>Parameters: +> +> Value Description +> +> /A Perform analysis on the specified volumes. +> +> /C Perform the operation on all volumes. +> +> /D Perform traditional defrag (this is the default). +> +> /E Perform the operation on all volumes except those specified. +> +> /G Optimize the storage tiers on the specified volumes. +> +> /H Run the operation at normal priority (default is low). +> +> /I n Tier optimization would run for at most n seconds on each volume. +> +> /K Perform slab consolidation on the specified volumes. +> +> /L Perform retrim on the specified volumes. +> +> /M [n] Run the operation on each volume in parallel in the background. +> At most n threads optimize the storage tiers in parallel. +> +> /O Perform the proper optimization for each media type. +> +> /T Track an operation already in progress on the specified volume. +> +> /U Print the progress of the operation on the screen. +> +> /V Print verbose output containing the fragmentation statistics. +> +> /X Perform free space consolidation on the specified volumes. +> +>Examples: +> +> defrag C: /U /V +> defrag C: D: /M +> defrag C:\mountpoint /A /U +> defrag /C /H /V +> +> * ## Stderr_Lines +> * ## Stdout_Lines +> * 0: Microsoft Drive Optimizer +> * 1: Copyright (c) 2013 Microsoft Corp. +> * 2: +> * 3: An invalid command line option was specified. (0x89000008) +> * 2: +> * 5: Description: +> * 2: +> * 7: Optimizes and defragments files on local volumes to +> * 8: improve system performance. +> * 2: +> * 10: Syntax: +> * 2: +> * 12: defrag | /C | /E [] [/H] [/M [n] | [/U] [/V]] [/I n] +> * 2: +> * 14: Where is omitted (traditional defrag), or as follows: +> * 15: /A | [/D] [/K] [/L] | /O | /X +> * 2: +> * 17: Or, to track an operation already in progress on a volume: +> * 18: defrag /T +> * 2: +> * 20: Parameters: +> * 2: +> * 22: Value Description +> * 2: +> * 24: /A Perform analysis on the specified volumes. +> * 2: +> * 26: /C Perform the operation on all volumes. +> * 2: +> * 28: /D Perform traditional defrag (this is the default). +> * 2: +> * 30: /E Perform the operation on all volumes except those specified. +> * 2: +> * 32: /G Optimize the storage tiers on the specified volumes. +> * 2: +> * 34: /H Run the operation at normal priority (default is low). +> * 2: +> * 36: /I n Tier optimization would run for at most n seconds on each volume. +> * 2: +> * 38: /K Perform slab consolidation on the specified volumes. +> * 2: +> * 40: /L Perform retrim on the specified volumes. +> * 2: +> * 42: /M [n] Run the operation on each volume in parallel in the background. +> * 43: At most n threads optimize the storage tiers in parallel. +> * 2: +> * 45: /O Perform the proper optimization for each media type. +> * 2: +> * 47: /T Track an operation already in progress on the specified volume. +> * 2: +> * 49: /U Print the progress of the operation on the screen. +> * 2: +> * 51: /V Print verbose output containing the fragmentation statistics. +> * 2: +> * 53: /X Perform free space consolidation on the specified volumes. +> * 2: +> * 55: Examples: +> * 2: +> * 57: defrag C: /U /V +> * 58: defrag C: D: /M +> * 59: defrag C:\mountpoint /A /U +> * 60: defrag /C /H /V + + +### win-disk-facts +*** +Show the attached disks and disk information of the target host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_disk_facts_module.html + + +#### Base Command + +`win-disk-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDiskFacts.ansible_facts | unknown | Dictionary containing all the detailed information about the disks of the target. | + + +#### Command Example +```!win-disk-facts host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinDiskFacts": { + "disks": [ + { + "bootable": true, + "bus_type": "SAS", + "clustered": false, + "firmware_version": "2.0 ", + "friendly_name": "VMware Virtual disk", + "guid": null, + "location": "SCSI0", + "manufacturer": "VMware ", + "model": "Virtual disk ", + "number": 0, + "operational_status": "Online", + "partition_count": 2, + "partition_style": "MBR", + "partitions": [ + { + "access_paths": [ + "\\\\?\\Volume{da4b1e8a-0000-0000-0000-100000000000}\\" + ], + "active": true, + "drive_letter": null, + "guid": null, + "hidden": false, + "mbr_type": 7, + "number": 1, + "offset": 1048576, + "shadow_copy": false, + "size": 524288000, + "transition_state": 1, + "type": "IFS", + "volumes": [ + { + "allocation_unit_size": 4096, + "drive_type": "Fixed", + "health_status": "Healthy", + "label": "System Reserved", + "object_id": "{1}\\\\WIN-U425UI0HPP7\\root/Microsoft/Windows/Storage/Providers_v2\\WSP_Volume.ObjectId=\"{65f97678-bd69-11eb-88d8-806e6f6e6963}:VO:\\\\?\\Volume{da4b1e8a-0000-0000-0000-100000000000}\\\"", + "path": "\\\\?\\Volume{da4b1e8a-0000-0000-0000-100000000000}\\", + "size": 524283904, + "size_remaining": 179843072, + "type": "NTFS" + } + ] + }, + { + "access_paths": [ + "C:\\", + "\\\\?\\Volume{da4b1e8a-0000-0000-0000-501f00000000}\\" + ], + "active": false, + "drive_letter": "C", + "guid": null, + "hidden": false, + "mbr_type": 7, + "number": 2, + "offset": 525336576, + "shadow_copy": false, + "size": 15579742208, + "transition_state": 1, + "type": "IFS", + "volumes": [ + { + "allocation_unit_size": 4096, + "drive_type": "Fixed", + "health_status": "Healthy", + "label": "", + "object_id": "{1}\\\\WIN-U425UI0HPP7\\root/Microsoft/Windows/Storage/Providers_v2\\WSP_Volume.ObjectId=\"{65f97678-bd69-11eb-88d8-806e6f6e6963}:VO:\\\\?\\Volume{da4b1e8a-0000-0000-0000-501f00000000}\\\"", + "path": "\\\\?\\Volume{da4b1e8a-0000-0000-0000-501f00000000}\\", + "size": 15579738112, + "size_remaining": 1943584768, + "type": "NTFS" + } + ] + } + ], + "path": "\\\\?\\scsi#disk&ven_vmware&prod_virtual_disk#5&1ec51bf7&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}", + "physical_disk": { + "allocated_size": 16106127360, + "bus_type": "SAS", + "can_pool": false, + "cannot_pool_reason": "Insufficient Capacity", + "device_id": "0", + "firmware_version": "2.0", + "friendly_name": "VMware Virtual disk", + "health_status": "Healthy", + "indication_enabled": null, + "manufacturer": "VMware", + "media_type": "SSD", + "model": "Virtual disk", + "object_id": "{1}\\\\WIN-U425UI0HPP7\\root/Microsoft/Windows/Storage/Providers_v2\\SPACES_PhysicalDisk.ObjectId=\"{65f97678-bd69-11eb-88d8-806e6f6e6963}:PD:{2ab9f649-d867-11eb-88db-806e6f6e6963}\"", + "operational_status": "OK", + "partial": true, + "physical_location": "SCSI0", + "serial_number": null, + "size": 16106127360, + "spindle_speed": 0, + "supported_usages": { + "Count": 5, + "value": [ + "Auto-Select", + "Manual-Select", + "Hot Spare", + "Retired", + "Journal" + ] + }, + "unique_id": "{2ab9f649-d867-11eb-88db-806e6f6e6963}", + "usage_type": "Auto-Select" + }, + "read_only": false, + "sector_size": 512, + "serial_number": null, + "size": 16106127360, + "system_disk": true, + "unique_id": "SCSI\\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\\5&1EC51BF7&0&000000:WIN-U425UI0HPP7", + "win32_disk_drive": { + "availability": null, + "bytes_per_sector": 512, + "capabilities": [ + 3, + 4 + ], + "capability_descriptions": [ + "Random Access", + "Supports Writing" + ], + "caption": "VMware Virtual disk SCSI Disk Device", + "compression_method": null, + "config_manager_error_code": 0, + "config_manager_user_config": false, + "creation_class_name": "Win32_DiskDrive", + "default_block_size": null, + "description": "Disk drive", + "device_id": "\\\\.\\PHYSICALDRIVE0", + "error_cleared": null, + "error_description": null, + "error_methodology": null, + "firmware_revision": "2.0 ", + "index": 0, + "install_date": null, + "interface_type": "SCSI", + "last_error_code": null, + "manufacturer": "(Standard disk drives)", + "max_block_size": null, + "max_media_size": null, + "media_loaded": true, + "media_type": "Fixed hard disk media", + "min_block_size": null, + "model": "VMware Virtual disk SCSI Disk Device", + "name": "\\\\.\\PHYSICALDRIVE0", + "needs_cleaning": null, + "number_of_media_supported": null, + "partitions": 4, + "pnp_device_id": "SCSI\\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\\5&1EC51BF7&0&000000", + "power_management_capabilities": null, + "power_management_supported": null, + "scsi_bus": 0, + "scsi_logical_unit": 0, + "scsi_port": 0, + "scsi_target_id": 0, + "sectors_per_track": 63, + "serial_number": null, + "signature": 3662356106, + "size": 16105098240, + "status": "OK", + "status_info": null, + "system_creation_class_name": "Win32_ComputerSystem", + "system_name": "WIN-U425UI0HPP7", + "total_cylinders": 1958, + "total_heads": 255, + "total_sectors": 31455270, + "total_tracks": 499290, + "tracks_per_cylinder": 255 + } + }, + { + "bootable": false, + "bus_type": "SAS", + "clustered": false, + "firmware_version": "2.0 ", + "friendly_name": "VMware Virtual disk", + "guid": null, + "location": "SCSI0", + "manufacturer": "VMware ", + "model": "Virtual disk ", + "number": 1, + "operational_status": "Online", + "partition_count": 1, + "partition_style": "MBR", + "partitions": [ + { + "access_paths": [ + "F:\\", + "\\\\?\\Volume{75516713-0000-0000-0000-010000000000}\\" + ], + "active": false, + "drive_letter": "F", + "guid": null, + "hidden": false, + "mbr_type": 7, + "number": 1, + "offset": 65536, + "shadow_copy": false, + "size": 16777216, + "transition_state": 1, + "type": "IFS", + "volumes": [ + { + "allocation_unit_size": 4096, + "drive_type": "Fixed", + "health_status": "Healthy", + "label": "New Volume", + "object_id": "{1}\\\\WIN-U425UI0HPP7\\root/Microsoft/Windows/Storage/Providers_v2\\WSP_Volume.ObjectId=\"{65f97678-bd69-11eb-88d8-806e6f6e6963}:VO:\\\\?\\Volume{75516713-0000-0000-0000-010000000000}\\\"", + "path": "\\\\?\\Volume{75516713-0000-0000-0000-010000000000}\\", + "size": 16773120, + "size_remaining": 6569984, + "type": "NTFS" + } + ] + } + ], + "path": "\\\\?\\scsi#disk&ven_vmware&prod_virtual_disk#5&1ec51bf7&0&000100#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}", + "physical_disk": { + "allocated_size": 2097152, + "bus_type": "SAS", + "can_pool": false, + "cannot_pool_reason": "Insufficient Capacity", + "device_id": "1", + "firmware_version": "2.0", + "friendly_name": "VMware Virtual disk", + "health_status": "Healthy", + "indication_enabled": null, + "manufacturer": "VMware", + "media_type": "SSD", + "model": "Virtual disk", + "object_id": "{1}\\\\WIN-U425UI0HPP7\\root/Microsoft/Windows/Storage/Providers_v2\\SPACES_PhysicalDisk.ObjectId=\"{65f97678-bd69-11eb-88d8-806e6f6e6963}:PD:{2aba10d3-d867-11eb-88db-000c29740042}\"", + "operational_status": "OK", + "partial": false, + "physical_location": "SCSI0", + "serial_number": null, + "size": 19922944, + "spindle_speed": 0, + "supported_usages": { + "Count": 5, + "value": [ + "Auto-Select", + "Manual-Select", + "Hot Spare", + "Retired", + "Journal" + ] + }, + "unique_id": "{2aba10d3-d867-11eb-88db-000c29740042}", + "usage_type": "Auto-Select" + }, + "read_only": false, + "sector_size": 512, + "serial_number": null, + "size": 19922944, + "system_disk": false, + "unique_id": "SCSI\\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\\5&1EC51BF7&0&000100:WIN-U425UI0HPP7", + "win32_disk_drive": { + "availability": null, + "bytes_per_sector": 512, + "capabilities": [ + 3, + 4 + ], + "capability_descriptions": [ + "Random Access", + "Supports Writing" + ], + "caption": "VMware Virtual disk SCSI Disk Device", + "compression_method": null, + "config_manager_error_code": 0, + "config_manager_user_config": false, + "creation_class_name": "Win32_DiskDrive", + "default_block_size": null, + "description": "Disk drive", + "device_id": "\\\\.\\PHYSICALDRIVE1", + "error_cleared": null, + "error_description": null, + "error_methodology": null, + "firmware_revision": "2.0 ", + "index": 1, + "install_date": null, + "interface_type": "SCSI", + "last_error_code": null, + "manufacturer": "(Standard disk drives)", + "max_block_size": null, + "max_media_size": null, + "media_loaded": true, + "media_type": "Fixed hard disk media", + "min_block_size": null, + "model": "VMware Virtual disk SCSI Disk Device", + "name": "\\\\.\\PHYSICALDRIVE1", + "needs_cleaning": null, + "number_of_media_supported": null, + "partitions": 4, + "pnp_device_id": "SCSI\\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\\5&1EC51BF7&0&000100", + "power_management_capabilities": null, + "power_management_supported": null, + "scsi_bus": 0, + "scsi_logical_unit": 0, + "scsi_port": 0, + "scsi_target_id": 1, + "sectors_per_track": 63, + "serial_number": null, + "signature": 1968269075, + "size": 16450560, + "status": "OK", + "status_info": null, + "system_creation_class_name": "Win32_ComputerSystem", + "system_name": "WIN-U425UI0HPP7", + "total_cylinders": 2, + "total_heads": 255, + "total_sectors": 32130, + "total_tracks": 510, + "tracks_per_cylinder": 255 + } + } + ], + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * ## Disks +> * ## Vmware Virtual Disk +> * bootable: True +> * bus_type: SAS +> * clustered: False +> * firmware_version: 2.0 +> * friendly_name: VMware Virtual disk +> * guid: None +> * location: SCSI0 +> * manufacturer: VMware +> * model: Virtual disk +> * number: 0 +> * operational_status: Online +> * partition_count: 2 +> * partition_style: MBR +> * path: \\?\scsi#disk&ven_vmware&prod_virtual_disk#5&1ec51bf7&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} +> * read_only: False +> * sector_size: 512 +> * serial_number: None +> * size: 16106127360 +> * system_disk: True +> * unique_id: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\5&1EC51BF7&0&000000:WIN-U425UI0HPP7 +> * ### Partitions +> * ### List +> * active: True +> * drive_letter: None +> * guid: None +> * hidden: False +> * mbr_type: 7 +> * number: 1 +> * offset: 1048576 +> * shadow_copy: False +> * size: 524288000 +> * transition_state: 1 +> * type: IFS +> * #### Access_Paths +> * 0: \\?\Volume{da4b1e8a-0000-0000-0000-100000000000}\ +> * #### Volumes +> * #### {1}\\Win-U425Ui0Hpp7\Root/Microsoft/Windows/Storage/Providers_V2\Wsp_Volume.Objectid="{65F97678-Bd69-11Eb-88D8-806E6F6E6963}:Vo:\\?\Volume{Da4B1E8A-0000-0000-0000-100000000000}\" +> * allocation_unit_size: 4096 +> * drive_type: Fixed +> * health_status: Healthy +> * label: System Reserved +> * object_id: {1}\\WIN-U425UI0HPP7\root/Microsoft/Windows/Storage/Providers_v2\WSP_Volume.ObjectId="{65f97678-bd69-11eb-88d8-806e6f6e6963}:VO:\\?\Volume{da4b1e8a-0000-0000-0000-100000000000}\" +> * path: \\?\Volume{da4b1e8a-0000-0000-0000-100000000000}\ +> * size: 524283904 +> * size_remaining: 179843072 +> * type: NTFS +> * ### List +> * active: False +> * drive_letter: C +> * guid: None +> * hidden: False +> * mbr_type: 7 +> * number: 2 +> * offset: 525336576 +> * shadow_copy: False +> * size: 15579742208 +> * transition_state: 1 +> * type: IFS +> * #### Access_Paths +> * 0: C:\ +> * 1: \\?\Volume{da4b1e8a-0000-0000-0000-501f00000000}\ +> * #### Volumes +> * #### {1}\\Win-U425Ui0Hpp7\Root/Microsoft/Windows/Storage/Providers_V2\Wsp_Volume.Objectid="{65F97678-Bd69-11Eb-88D8-806E6F6E6963}:Vo:\\?\Volume{Da4B1E8A-0000-0000-0000-501F00000000}\" +> * allocation_unit_size: 4096 +> * drive_type: Fixed +> * health_status: Healthy +> * label: +> * object_id: {1}\\WIN-U425UI0HPP7\root/Microsoft/Windows/Storage/Providers_v2\WSP_Volume.ObjectId="{65f97678-bd69-11eb-88d8-806e6f6e6963}:VO:\\?\Volume{da4b1e8a-0000-0000-0000-501f00000000}\" +> * path: \\?\Volume{da4b1e8a-0000-0000-0000-501f00000000}\ +> * size: 15579738112 +> * size_remaining: 1943584768 +> * type: NTFS +> * ### Physical_Disk +> * allocated_size: 16106127360 +> * bus_type: SAS +> * can_pool: False +> * cannot_pool_reason: Insufficient Capacity +> * device_id: 0 +> * firmware_version: 2.0 +> * friendly_name: VMware Virtual disk +> * health_status: Healthy +> * indication_enabled: None +> * manufacturer: VMware +> * media_type: SSD +> * model: Virtual disk +> * object_id: {1}\\WIN-U425UI0HPP7\root/Microsoft/Windows/Storage/Providers_v2\SPACES_PhysicalDisk.ObjectId="{65f97678-bd69-11eb-88d8-806e6f6e6963}:PD:{2ab9f649-d867-11eb-88db-806e6f6e6963}" +> * operational_status: OK +> * partial: True +> * physical_location: SCSI0 +> * serial_number: None +> * size: 16106127360 +> * spindle_speed: 0 +> * unique_id: {2ab9f649-d867-11eb-88db-806e6f6e6963} +> * usage_type: Auto-Select +> * #### Supported_Usages +> * Count: 5 +> * ##### Value +> * 0: Auto-Select +> * 1: Manual-Select +> * 2: Hot Spare +> * 3: Retired +> * 4: Journal +> * ### Win32_Disk_Drive +> * availability: None +> * bytes_per_sector: 512 +> * caption: VMware Virtual disk SCSI Disk Device +> * compression_method: None +> * config_manager_error_code: 0 +> * config_manager_user_config: False +> * creation_class_name: Win32_DiskDrive +> * default_block_size: None +> * description: Disk drive +> * device_id: \\.\PHYSICALDRIVE0 +> * error_cleared: None +> * error_description: None +> * error_methodology: None +> * firmware_revision: 2.0 +> * index: 0 +> * install_date: None +> * interface_type: SCSI +> * last_error_code: None +> * manufacturer: (Standard disk drives) +> * max_block_size: None +> * max_media_size: None +> * media_loaded: True +> * media_type: Fixed hard disk media +> * min_block_size: None +> * model: VMware Virtual disk SCSI Disk Device +> * name: \\.\PHYSICALDRIVE0 +> * needs_cleaning: None +> * number_of_media_supported: None +> * partitions: 4 +> * pnp_device_id: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\5&1EC51BF7&0&000000 +> * power_management_capabilities: None +> * power_management_supported: None +> * scsi_bus: 0 +> * scsi_logical_unit: 0 +> * scsi_port: 0 +> * scsi_target_id: 0 +> * sectors_per_track: 63 +> * serial_number: None +> * signature: 3662356106 +> * size: 16105098240 +> * status: OK +> * status_info: None +> * system_creation_class_name: Win32_ComputerSystem +> * system_name: WIN-U425UI0HPP7 +> * total_cylinders: 1958 +> * total_heads: 255 +> * total_sectors: 31455270 +> * total_tracks: 499290 +> * tracks_per_cylinder: 255 +> * #### Capabilities +> * 0: 3 +> * 1: 4 +> * #### Capability_Descriptions +> * 0: Random Access +> * 1: Supports Writing +> * ## Vmware Virtual Disk +> * bootable: False +> * bus_type: SAS +> * clustered: False +> * firmware_version: 2.0 +> * friendly_name: VMware Virtual disk +> * guid: None +> * location: SCSI0 +> * manufacturer: VMware +> * model: Virtual disk +> * number: 1 +> * operational_status: Online +> * partition_count: 1 +> * partition_style: MBR +> * path: \\?\scsi#disk&ven_vmware&prod_virtual_disk#5&1ec51bf7&0&000100#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} +> * read_only: False +> * sector_size: 512 +> * serial_number: None +> * size: 19922944 +> * system_disk: False +> * unique_id: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\5&1EC51BF7&0&000100:WIN-U425UI0HPP7 +> * ### Partitions +> * ### List +> * active: False +> * drive_letter: F +> * guid: None +> * hidden: False +> * mbr_type: 7 +> * number: 1 +> * offset: 65536 +> * shadow_copy: False +> * size: 16777216 +> * transition_state: 1 +> * type: IFS +> * #### Access_Paths +> * 0: F:\ +> * 1: \\?\Volume{75516713-0000-0000-0000-010000000000}\ +> * #### Volumes +> * #### {1}\\Win-U425Ui0Hpp7\Root/Microsoft/Windows/Storage/Providers_V2\Wsp_Volume.Objectid="{65F97678-Bd69-11Eb-88D8-806E6F6E6963}:Vo:\\?\Volume{75516713-0000-0000-0000-010000000000}\" +> * allocation_unit_size: 4096 +> * drive_type: Fixed +> * health_status: Healthy +> * label: New Volume +> * object_id: {1}\\WIN-U425UI0HPP7\root/Microsoft/Windows/Storage/Providers_v2\WSP_Volume.ObjectId="{65f97678-bd69-11eb-88d8-806e6f6e6963}:VO:\\?\Volume{75516713-0000-0000-0000-010000000000}\" +> * path: \\?\Volume{75516713-0000-0000-0000-010000000000}\ +> * size: 16773120 +> * size_remaining: 6569984 +> * type: NTFS +> * ### Physical_Disk +> * allocated_size: 2097152 +> * bus_type: SAS +> * can_pool: False +> * cannot_pool_reason: Insufficient Capacity +> * device_id: 1 +> * firmware_version: 2.0 +> * friendly_name: VMware Virtual disk +> * health_status: Healthy +> * indication_enabled: None +> * manufacturer: VMware +> * media_type: SSD +> * model: Virtual disk +> * object_id: {1}\\WIN-U425UI0HPP7\root/Microsoft/Windows/Storage/Providers_v2\SPACES_PhysicalDisk.ObjectId="{65f97678-bd69-11eb-88d8-806e6f6e6963}:PD:{2aba10d3-d867-11eb-88db-000c29740042}" +> * operational_status: OK +> * partial: False +> * physical_location: SCSI0 +> * serial_number: None +> * size: 19922944 +> * spindle_speed: 0 +> * unique_id: {2aba10d3-d867-11eb-88db-000c29740042} +> * usage_type: Auto-Select +> * #### Supported_Usages +> * Count: 5 +> * ##### Value +> * 0: Auto-Select +> * 1: Manual-Select +> * 2: Hot Spare +> * 3: Retired +> * 4: Journal +> * ### Win32_Disk_Drive +> * availability: None +> * bytes_per_sector: 512 +> * caption: VMware Virtual disk SCSI Disk Device +> * compression_method: None +> * config_manager_error_code: 0 +> * config_manager_user_config: False +> * creation_class_name: Win32_DiskDrive +> * default_block_size: None +> * description: Disk drive +> * device_id: \\.\PHYSICALDRIVE1 +> * error_cleared: None +> * error_description: None +> * error_methodology: None +> * firmware_revision: 2.0 +> * index: 1 +> * install_date: None +> * interface_type: SCSI +> * last_error_code: None +> * manufacturer: (Standard disk drives) +> * max_block_size: None +> * max_media_size: None +> * media_loaded: True +> * media_type: Fixed hard disk media +> * min_block_size: None +> * model: VMware Virtual disk SCSI Disk Device +> * name: \\.\PHYSICALDRIVE1 +> * needs_cleaning: None +> * number_of_media_supported: None +> * partitions: 4 +> * pnp_device_id: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\5&1EC51BF7&0&000100 +> * power_management_capabilities: None +> * power_management_supported: None +> * scsi_bus: 0 +> * scsi_logical_unit: 0 +> * scsi_port: 0 +> * scsi_target_id: 1 +> * sectors_per_track: 63 +> * serial_number: None +> * signature: 1968269075 +> * size: 16450560 +> * status: OK +> * status_info: None +> * system_creation_class_name: Win32_ComputerSystem +> * system_name: WIN-U425UI0HPP7 +> * total_cylinders: 2 +> * total_heads: 255 +> * total_sectors: 32130 +> * total_tracks: 510 +> * tracks_per_cylinder: 255 +> * #### Capabilities +> * 0: 3 +> * 1: 4 +> * #### Capability_Descriptions +> * 0: Random Access +> * 1: Supports Writing + + +### win-disk-image +*** +Manage ISO/VHD/VHDX mounts on Windows hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_disk_image_module.html + + +#### Base Command + +`win-disk-image` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| image_path | Path to an ISO, VHD, or VHDX image on the target Windows host (the file cannot reside on a network share). | Required | +| state | Whether the image should be present as a drive-letter mount or not. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDiskImage.mount_path | string | Filesystem path where the target image is mounted, this has been deprecated in favour of \`mount_paths\`. | +| MicrosoftWindows.WinDiskImage.mount_paths | unknown | A list of filesystem paths mounted from the target image. | + + +#### Command Example +```!win-disk-image host="123.123.123.123" image_path="C:/install.iso" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinDiskImage": { + "changed": true, + "host": "123.123.123.123", + "mount_paths": [ + "D:\\" + ], + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Mount_Paths +> * 0: D:\ + + +### win-dns-client +*** +Configures DNS lookup on Windows hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_dns_client_module.html + + +#### Base Command + +`win-dns-client` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| adapter_names | Adapter name or list of adapter names for which to manage DNS settings ('*' is supported as a wildcard value).
The adapter name used is the connection caption in the Network Control Panel or via `Get-NetAdapter`, eg `Local Area Connection`. | Required | +| ipv4_addresses | Single or ordered list of DNS server IPv4 addresses to configure for lookup. An empty list will configure the adapter to use the DHCP-assigned values on connections where DHCP is enabled, or disable DNS lookup on statically-configured connections. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-dns-record +*** +Manage Windows Server DNS records +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_dns_record_module.html + + +#### Base Command + +`win-dns-record` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the record. | Required | +| state | Whether the record should exist or not. Possible values are: absent, present. Default is present. | Optional | +| ttl | The "time to live" of the record, in seconds.
Ignored when `state=absent`.
Valid range is 1 - 31557600.
Note that an Active Directory forest can specify a minimum TTL, and will dynamically "round up" other values to that minimum. Default is 3600. | Optional | +| type | The type of DNS record to manage. Possible values are: A, AAAA, CNAME, PTR. | Required | +| value | The value(s) to specify. Required when `state=present`.
When c(type=PTR) only the partial part of the IP should be given. | Optional | +| zone | The name of the zone to manage (eg `example.com`).
The zone must already exist. | Required | +| computer_name | Specifies a DNS server.
You can specify an IP address or any value that resolves to an IP address, such as a fully qualified domain name (FQDN), host name, or NETBIOS name. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-domain +*** +Ensures the existence of a Windows domain +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_module.html + + +#### Base Command + +`win-domain` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dns_domain_name | The DNS name of the domain which should exist and be reachable or reside on the target Windows host. | Required | +| domain_netbios_name | The NetBIOS name for the root domain in the new forest.
For NetBIOS names to be valid for use with this parameter they must be single label names of 15 characters or less, if not it will fail.
If this parameter is not set, then the default is automatically computed from the value of the `domain_name` parameter. | Optional | +| safe_mode_password | Safe mode password for the domain controller. | Required | +| database_path | The path to a directory on a fixed disk of the Windows host where the domain database will be created.
If not set then the default path is `%SYSTEMROOT%\NTDS`. | Optional | +| sysvol_path | The path to a directory on a fixed disk of the Windows host where the Sysvol file will be created.
If not set then the default path is `%SYSTEMROOT%\SYSVOL`. | Optional | +| create_dns_delegation | Whether to create a DNS delegation that references the new DNS server that you install along with the domain controller.
Valid for Active Directory-integrated DNS only.
The default is computed automatically based on the environment. | Optional | +| domain_mode | Specifies the domain functional level of the first domain in the creation of a new forest.
The domain functional level cannot be lower than the forest functional level, but it can be higher.
The default is automatically computed and set. Possible values are: Win2003, Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold. | Optional | +| forest_mode | Specifies the forest functional level for the new forest.
The default forest functional level in Windows Server is typically the same as the version you are running. Possible values are: Win2003, Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDomain.reboot_required | boolean | True if changes were made that require a reboot. | + + +#### Command Example +```!win-domain host="123.123.123.123" dns_domain_name="ansible.vagrant" safe_mode_password="password123!" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinDomain": { + "changed": true, + "host": "123.123.123.123", + "reboot_required": true, + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * reboot_required: True + + +### win-domain-computer +*** +Manage computers in Active Directory +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_computer_module.html + + +#### Base Command + +`win-domain-computer` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Specifies the name of the object.
This parameter sets the Name property of the Active Directory object.
The LDAP display name (ldapDisplayName) of this property is name. | Required | +| sam_account_name | Specifies the Security Account Manager (SAM) account name of the computer.
It maximum is 256 characters, 15 is advised for older operating systems compatibility.
The LDAP display name (ldapDisplayName) for this property is sAMAccountName.
If ommitted the value is the same as `name`.
Note that all computer SAMAccountNames need to end with a $. | Optional | +| enabled | Specifies if an account is enabled.
An enabled account requires a password.
This parameter sets the Enabled property for an account object.
This parameter also sets the ADS_UF_ACCOUNTDISABLE flag of the Active Directory User Account Control (UAC) attribute. Possible values are: Yes, No. Default is Yes. | Optional | +| ou | Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created. Required when `state=present`. | Optional | +| description | Specifies a description of the object.
This parameter sets the value of the Description property for the object.
The LDAP display name (ldapDisplayName) for this property is description. | Optional | +| dns_hostname | Specifies the fully qualified domain name (FQDN) of the computer.
This parameter sets the DNSHostName property for a computer object.
The LDAP display name for this property is dNSHostName.
Required when `state=present`. | Optional | +| domain_username | The username to use when interacting with AD.
If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation. | Optional | +| domain_password | The password for `username`. | Optional | +| domain_server | Specifies the Active Directory Domain Services instance to connect to.
Can be in the form of an FQDN or NetBIOS name.
If not specified then the value is based on the domain of the computer running PowerShell. | Optional | +| state | Specified whether the computer should be `present` or `absent` in Active Directory. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-domain-controller +*** +Manage domain controller/member server state for a Windows host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_controller_module.html + + +#### Base Command + +`win-domain-controller` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dns_domain_name | When `state` is `domain_controller`, the DNS name of the domain for which the targeted Windows host should be a DC. | Optional | +| domain_admin_user | Username of a domain admin for the target domain (necessary to promote or demote a domain controller). | Required | +| domain_admin_password | Password for the specified `domain_admin_user`. | Required | +| safe_mode_password | Safe mode password for the domain controller (required when `state` is `domain_controller`). | Optional | +| local_admin_password | Password to be assigned to the local `Administrator` user (required when `state` is `member_server`). | Optional | +| read_only | Whether to install the domain controller as a read only replica for an existing domain. Possible values are: Yes, No. Default is No. | Optional | +| site_name | Specifies the name of an existing site where you can place the new domain controller.
This option is required when `read_only` is `yes`. | Optional | +| state | Whether the target host should be a domain controller or a member server. Possible values are: domain_controller, member_server. | Optional | +| database_path | The path to a directory on a fixed disk of the Windows host where the domain database will be created..
If not set then the default path is `%SYSTEMROOT%\NTDS`. | Optional | +| sysvol_path | The path to a directory on a fixed disk of the Windows host where the Sysvol folder will be created.
If not set then the default path is `%SYSTEMROOT%\SYSVOL`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDomainController.reboot_required | boolean | True if changes were made that require a reboot. | + + + + +### win-domain-group +*** +Creates, modifies or removes domain groups +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_group_module.html + + +#### Base Command + +`win-domain-group` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| attributes | A dict of custom LDAP attributes to set on the group.
This can be used to set custom attributes that are not exposed as module parameters, e.g. `mail`.
See the examples on how to format this parameter. | Optional | +| category | The category of the group, this is the value to assign to the LDAP `groupType` attribute.
If a new group is created then `security` will be used by default. Possible values are: distribution, security. | Optional | +| description | The value to be assigned to the LDAP `description` attribute. | Optional | +| display_name | The value to assign to the LDAP `displayName` attribute. | Optional | +| domain_username | The username to use when interacting with AD.
If this is not set then the user Ansible used to log in with will be used instead. | Optional | +| domain_password | The password for `username`. | Optional | +| domain_server | Specifies the Active Directory Domain Services instance to connect to.
Can be in the form of an FQDN or NetBIOS name.
If not specified then the value is based on the domain of the computer running PowerShell. | Optional | +| ignore_protection | Will ignore the `ProtectedFromAccidentalDeletion` flag when deleting or moving a group.
The module will fail if one of these actions need to occur and this value is set to `no`. Possible values are: Yes, No. Default is No. | Optional | +| managed_by | The value to be assigned to the LDAP `managedBy` attribute.
This value can be in the forms `Distinguished Name`, `objectGUID`, `objectSid` or `sAMAccountName`, see examples for more details. | Optional | +| name | The name of the group to create, modify or remove.
This value can be in the forms `Distinguished Name`, `objectGUID`, `objectSid` or `sAMAccountName`, see examples for more details. | Required | +| organizational_unit | The full LDAP path to create or move the group to.
This should be the path to the parent object to create or move the group to.
See examples for details of how this path is formed. | Optional | +| protect | Will set the `ProtectedFromAccidentalDeletion` flag based on this value.
This flag stops a user from deleting or moving a group to a different path. | Optional | +| scope | The scope of the group.
If `state=present` and the group doesn't exist then this must be set. Possible values are: domainlocal, global, universal. | Optional | +| state | If `state=present` this module will ensure the group is created and is configured accordingly.
If `state=absent` this module will delete the group if it exists. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDomainGroup.attributes | unknown | Custom attributes that were set by the module. This does not show all the custom attributes rather just the ones that were set by the module. | +| MicrosoftWindows.WinDomainGroup.canonical_name | string | The canonical name of the group. | +| MicrosoftWindows.WinDomainGroup.category | string | The Group type value of the group, i.e. Security or Distribution. | +| MicrosoftWindows.WinDomainGroup.description | string | The Description of the group. | +| MicrosoftWindows.WinDomainGroup.display_name | string | The Display name of the group. | +| MicrosoftWindows.WinDomainGroup.distinguished_name | string | The full Distinguished Name of the group. | +| MicrosoftWindows.WinDomainGroup.group_scope | string | The Group scope value of the group. | +| MicrosoftWindows.WinDomainGroup.guid | string | The guid of the group. | +| MicrosoftWindows.WinDomainGroup.managed_by | string | The full Distinguished Name of the AD object that is set on the managedBy attribute. | +| MicrosoftWindows.WinDomainGroup.name | string | The name of the group. | +| MicrosoftWindows.WinDomainGroup.protected_from_accidental_deletion | boolean | Whether the group is protected from accidental deletion. | +| MicrosoftWindows.WinDomainGroup.sid | string | The Security ID of the group. | +| MicrosoftWindows.WinDomainGroup.created | boolean | Whether a group was created | + + + + +### win-domain-group-membership +*** +Manage Windows domain group membership +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_group_membership_module.html + + +#### Base Command + +`win-domain-group-membership` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the domain group to manage membership on. | Required | +| members | A list of members to ensure are present/absent from the group.
The given names must be a SamAccountName of a user, group, service account, or computer.
For computers, you must add "$" after the name; for example, to add "Mycomputer" to a group, use "Mycomputer$" as the member. | Required | +| state | Desired state of the members in the group.
When `state` is `pure`, only the members specified will exist, and all other existing members not specified are removed. Possible values are: absent, present, pure. Default is present. | Optional | +| domain_username | The username to use when interacting with AD.
If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation. | Optional | +| domain_password | The password for `username`. | Optional | +| domain_server | Specifies the Active Directory Domain Services instance to connect to.
Can be in the form of an FQDN or NetBIOS name.
If not specified then the value is based on the domain of the computer running PowerShell. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDomainGroupMembership.name | string | The name of the target domain group. | +| MicrosoftWindows.WinDomainGroupMembership.added | unknown | A list of members added when \`state\` is \`present\` or \`pure\`; this is empty if no members are added. | +| MicrosoftWindows.WinDomainGroupMembership.removed | unknown | A list of members removed when \`state\` is \`absent\` or \`pure\`; this is empty if no members are removed. | +| MicrosoftWindows.WinDomainGroupMembership.members | unknown | A list of all domain group members at completion; this is empty if the group contains no members. | + + + + +### win-domain-membership +*** +Manage domain/workgroup membership for a Windows host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_membership_module.html + + +#### Base Command + +`win-domain-membership` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dns_domain_name | When `state` is `domain`, the DNS name of the domain to which the targeted Windows host should be joined. | Optional | +| domain_admin_user | Username of a domain admin for the target domain (required to join or leave the domain). | Required | +| domain_admin_password | Password for the specified `domain_admin_user`. | Optional | +| hostname | The desired hostname for the Windows host. | Optional | +| domain_ou_path | The desired OU path for adding the computer object.
This is only used when adding the target host to a domain, if it is already a member then it is ignored. | Optional | +| state | Whether the target host should be a member of a domain or workgroup. Possible values are: domain, workgroup. | Optional | +| workgroup_name | When `state` is `workgroup`, the name of the workgroup that the Windows host should be in. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDomainMembership.reboot_required | boolean | True if changes were made that require a reboot. | + + + + +### win-domain-user +*** +Manages Windows Active Directory user accounts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_domain_user_module.html + + +#### Base Command + +`win-domain-user` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the user to create, remove or modify. | Required | +| state | When `present`, creates or updates the user account.
When `absent`, removes the user account if it exists.
When `query`, retrieves the user account details without making any changes. Possible values are: absent, present, query. Default is present. | Optional | +| enabled | `yes` will enable the user account.
`no` will disable the account. Possible values are: Yes, No. Default is Yes. | Optional | +| account_locked | `no` will unlock the user account if locked.
Note that there is not a way to lock an account as an administrator.
Accounts are locked due to user actions; as an admin, you may only unlock a locked account.
If you wish to administratively disable an account, set `enabled` to `no`. Possible values are: False. | Optional | +| description | Description of the user. | Optional | +| groups | Adds or removes the user from this list of groups, depending on the value of `groups_action`.
To remove all but the Principal Group, set `groups=<principal group name>` and `groups_action=replace`.
Note that users cannot be removed from their principal group (for example, "Domain Users"). | Optional | +| groups_action | If `add`, the user is added to each group in `groups` where not already a member.
If `remove`, the user is removed from each group in `groups`.
If `replace`, the user is added as a member of each group in `groups` and removed from any other groups. Possible values are: add, remove, replace. Default is replace. | Optional | +| password | Optionally set the user's password to this (plain text) value.
To enable an account - `enabled` - a password must already be configured on the account, or you must provide a password here. | Optional | +| update_password | `always` will always update passwords.
`on_create` will only set the password for newly created users.
`when_changed` will only set the password when changed (added in ansible 2.9). Possible values are: always, on_create, when_changed. Default is always. | Optional | +| password_expired | `yes` will require the user to change their password at next login.
`no` will clear the expired password flag.
This is mutually exclusive with `password_never_expires`. | Optional | +| password_never_expires | `yes` will set the password to never expire.
`no` will allow the password to expire.
This is mutually exclusive with `password_expired`. | Optional | +| user_cannot_change_password | `yes` will prevent the user from changing their password.
`no` will allow the user to change their password. | Optional | +| firstname | Configures the user's first name (given name). | Optional | +| surname | Configures the user's last name (surname). | Optional | +| company | Configures the user's company name. | Optional | +| upn | Configures the User Principal Name (UPN) for the account.
This is not required, but is best practice to configure for modern versions of Active Directory.
The format is `<username>@<domain>`. | Optional | +| email | Configures the user's email address.
This is a record in AD and does not do anything to configure any email servers or systems. | Optional | +| street | Configures the user's street address. | Optional | +| city | Configures the user's city. | Optional | +| state_province | Configures the user's state or province. | Optional | +| postal_code | Configures the user's postal code / zip code. | Optional | +| country | Configures the user's country code.
Note that this is a two-character ISO 3166 code. | Optional | +| path | Container or OU for the new user; if you do not specify this, the user will be placed in the default container for users in the domain.
Setting the path is only available when a new user is created; if you specify a path on an existing user, the user's path will not be updated - you must delete (e.g., `state=absent`) the user and then re-add the user with the appropriate path. | Optional | +| attributes | A dict of custom LDAP attributes to set on the user.
This can be used to set custom attributes that are not exposed as module parameters, e.g. `telephoneNumber`.
See the examples on how to format this parameter. | Optional | +| domain_username | The username to use when interacting with AD.
If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation. | Optional | +| domain_password | The password for `username`. | Optional | +| domain_server | Specifies the Active Directory Domain Services instance to connect to.
Can be in the form of an FQDN or NetBIOS name.
If not specified then the value is based on the domain of the computer running PowerShell. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDomainUser.account_locked | boolean | true if the account is locked | +| MicrosoftWindows.WinDomainUser.changed | boolean | true if the account changed during execution | +| MicrosoftWindows.WinDomainUser.city | string | The user city | +| MicrosoftWindows.WinDomainUser.company | string | The user company | +| MicrosoftWindows.WinDomainUser.country | string | The user country | +| MicrosoftWindows.WinDomainUser.description | string | A description of the account | +| MicrosoftWindows.WinDomainUser.distinguished_name | string | DN of the user account | +| MicrosoftWindows.WinDomainUser.email | string | The user email address | +| MicrosoftWindows.WinDomainUser.enabled | string | true if the account is enabled and false if disabled | +| MicrosoftWindows.WinDomainUser.firstname | string | The user first name | +| MicrosoftWindows.WinDomainUser.groups | unknown | AD Groups to which the account belongs | +| MicrosoftWindows.WinDomainUser.msg | string | Summary message of whether the user is present or absent | +| MicrosoftWindows.WinDomainUser.name | string | The username on the account | +| MicrosoftWindows.WinDomainUser.password_expired | boolean | true if the account password has expired | +| MicrosoftWindows.WinDomainUser.password_updated | boolean | true if the password changed during this execution | +| MicrosoftWindows.WinDomainUser.postal_code | string | The user postal code | +| MicrosoftWindows.WinDomainUser.sid | string | The SID of the account | +| MicrosoftWindows.WinDomainUser.state | string | The state of the user account | +| MicrosoftWindows.WinDomainUser.state_province | string | The user state or province | +| MicrosoftWindows.WinDomainUser.street | string | The user street address | +| MicrosoftWindows.WinDomainUser.surname | string | The user last name | +| MicrosoftWindows.WinDomainUser.upn | string | The User Principal Name of the account | +| MicrosoftWindows.WinDomainUser.user_cannot_change_password | string | true if the user is not allowed to change password | +| MicrosoftWindows.WinDomainUser.created | boolean | Whether a user was created | + + + + +### win-dotnet-ngen +*** +Runs ngen to recompile DLLs after .NET updates +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_dotnet_ngen_module.html + + +#### Base Command + +`win-dotnet-ngen` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen_update_exit_code | number | The exit code after running the 32-bit ngen.exe update /force command. | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen_update_output | string | The stdout after running the 32-bit ngen.exe update /force command. | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen_eqi_exit_code | number | The exit code after running the 32-bit ngen.exe executeQueuedItems command. | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen_eqi_output | string | The stdout after running the 32-bit ngen.exe executeQueuedItems command. | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_update_exit_code | number | The exit code after running the 64-bit ngen.exe update /force command. | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_update_output | string | The stdout after running the 64-bit ngen.exe update /force command. | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_eqi_exit_code | number | The exit code after running the 64-bit ngen.exe executeQueuedItems command. | +| MicrosoftWindows.WinDotnetNgen.dotnet_ngen64_eqi_output | string | The stdout after running the 64-bit ngen.exe executeQueuedItems command. | + + + + +### win-dsc +*** +Invokes a PowerShell DSC configuration +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_dsc_module.html + + +#### Base Command + +`win-dsc` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| resource_name | The name of the DSC Resource to use.
Must be accessible to PowerShell using any of the default paths. | Required | +| module_version | Can be used to configure the exact version of the DSC resource to be invoked.
Useful if the target node has multiple versions installed of the module containing the DSC resource.
If not specified, the module will follow standard PowerShell convention and use the highest version available. Default is latest. | Optional | +| free_form | The `win_dsc` module takes in multiple free form options based on the DSC resource being invoked by `resource_name`.
There is no option actually named `free_form` so see the examples.
This module will try and convert the option to the correct type required by the DSC resource and throw a warning if it fails.
If the type of the DSC resource option is a `CimInstance` or `CimInstance[]`, this means the value should be a dictionary or list of dictionaries based on the values required by that option.
If the type of the DSC resource option is a `PSCredential` then there needs to be 2 options set in the Ansible task definition suffixed with `_username` and `_password`.
If the type of the DSC resource option is an array, then a list should be provided but a comma separated string also work. Use a list where possible as no escaping is required and it works with more complex types list `CimInstance[]`.
If the type of the DSC resource option is a `DateTime`, you should use a string in the form of an ISO 8901 string to ensure the exact date is used.
Since Ansible 2.8, Ansible will now validate the input fields against the DSC resource definition automatically. Older versions will silently ignore invalid fields. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinDsc.module_version | string | The version of the dsc resource/module used. | +| MicrosoftWindows.WinDsc.reboot_required | boolean | Flag returned from the DSC engine indicating whether or not the machine requires a reboot for the invoked changes to take effect. | +| MicrosoftWindows.WinDsc.verbose_test | unknown | The verbose output as a list from executing the DSC test method. | +| MicrosoftWindows.WinDsc.verbose_set | unknown | The verbose output as a list from executing the DSC Set method. | + + + + +### win-environment +*** +Modify environment variables on windows hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_environment_module.html + + +#### Base Command + +`win-environment` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Set to `present` to ensure environment variable is set.
Set to `absent` to ensure it is removed. Possible values are: absent, present. Default is present. | Optional | +| name | The name of the environment variable. | Required | +| value | The value to store in the environment variable.
Must be set when `state=present` and cannot be an empty string.
Can be omitted for `state=absent`. | Optional | +| level | The level at which to set the environment variable.
Use `machine` to set for all users.
Use `user` to set for the current user that ansible is connected as.
Use `process` to set for the current process. Probably not that useful. Possible values are: machine, process, user. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinEnvironment.before_value | string | the value of the environment key before a change, this is null if it didn't exist | +| MicrosoftWindows.WinEnvironment.value | string | the value the environment key has been set to, this is null if removed | + + +#### Command Example +```!win-environment host="123.123.123.123" state="present" name="TestVariable" value="Test value" level="machine" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinEnvironment": { + "before_value": "Test value", + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS", + "value": "Test value", + "values": { + "TestVariable": { + "after": "Test value", + "before": "Test value", + "changed": false + } + } + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * before_value: Test value +> * changed: False +> * value: Test value +> * ## Values +> * ### Testvariable +> * after: Test value +> * before: Test value +> * changed: False + + +### win-eventlog +*** +Manage Windows event logs +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_eventlog_module.html + + +#### Base Command + +`win-eventlog` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the event log to manage. | Required | +| state | Desired state of the log and/or sources.
When `sources` is populated, state is checked for sources.
When `sources` is not populated, state is checked for the specified log itself.
If `state` is `clear`, event log entries are cleared for the target log. Possible values are: absent, clear, present. Default is present. | Optional | +| sources | A list of one or more sources to ensure are present/absent in the log.
When `category_file`, `message_file` and/or `parameter_file` are specified, these values are applied across all sources. | Optional | +| category_file | For one or more sources specified, the path to a custom category resource file. | Optional | +| message_file | For one or more sources specified, the path to a custom event message resource file. | Optional | +| parameter_file | For one or more sources specified, the path to a custom parameter resource file. | Optional | +| maximum_size | The maximum size of the event log.
Value must be between 64KB and 4GB, and divisible by 64KB.
Size can be specified in KB, MB or GB (e.g. 128KB, 16MB, 2.5GB). | Optional | +| overflow_action | The action for the log to take once it reaches its maximum size.
For `DoNotOverwrite`, all existing entries are kept and new entries are not retained.
For `OverwriteAsNeeded`, each new entry overwrites the oldest entry.
For `OverwriteOlder`, new log entries overwrite those older than the `retention_days` value. Possible values are: DoNotOverwrite, OverwriteAsNeeded, OverwriteOlder. | Optional | +| retention_days | The minimum number of days event entries must remain in the log.
This option is only used when `overflow_action` is `OverwriteOlder`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinEventlog.name | string | The name of the event log. | +| MicrosoftWindows.WinEventlog.exists | boolean | Whether the event log exists or not. | +| MicrosoftWindows.WinEventlog.entries | number | The count of entries present in the event log. | +| MicrosoftWindows.WinEventlog.maximum_size_kb | number | Maximum size of the log in KB. | +| MicrosoftWindows.WinEventlog.overflow_action | string | The action the log takes once it reaches its maximum size. | +| MicrosoftWindows.WinEventlog.retention_days | number | The minimum number of days entries are retained in the log. | +| MicrosoftWindows.WinEventlog.sources | unknown | A list of the current sources for the log. | +| MicrosoftWindows.WinEventlog.sources_changed | unknown | A list of sources changed \(e.g. re/created, removed\) for the log; this is empty if no sources are changed. | + + +#### Command Example +```!win-eventlog host="123.123.123.123" name="MyNewLog" sources="['NewLogSource1', 'NewLogSource2']" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinEventlog": { + "changed": false, + "entries": 0, + "exists": true, + "host": "123.123.123.123", + "maximum_size_kb": 512, + "name": "MyNewLog", + "overflow_action": "OverwriteOlder", + "retention_days": 7, + "sources": [ + "'NewLogSource2']", + "MyNewLog", + "['NewLogSource1'" + ], + "sources_changed": [], + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * entries: 0 +> * exists: True +> * maximum_size_kb: 512 +> * name: MyNewLog +> * overflow_action: OverwriteOlder +> * retention_days: 7 +> * ## Sources +> * 0: 'NewLogSource2'] +> * 1: MyNewLog +> * 2: ['NewLogSource1' +> * ## Sources_Changed + + +### win-eventlog-entry +*** +Write entries to Windows event logs +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_eventlog_entry_module.html + + +#### Base Command + +`win-eventlog-entry` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| log | Name of the event log to write an entry to. | Required | +| source | Name of the log source to indicate where the entry is from. | Required | +| event_id | The numeric event identifier for the entry.
Value must be between 0 and 65535. | Required | +| message | The message for the given log entry. | Required | +| entry_type | Indicates the entry being written to the log is of a specific type. Possible values are: Error, FailureAudit, Information, SuccessAudit, Warning. | Optional | +| category | A numeric task category associated with the category message file for the log source. | Optional | +| raw_data | Binary data associated with the log entry.
Value must be a comma-separated array of 8-bit unsigned integers (0 to 255). | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-eventlog-entry host="123.123.123.123" log="System" source="System" event_id="1234" message="This is a test log entry."``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinEventlogEntry": { + "changed": true, + "host": "123.123.123.123", + "msg": "Entry added to log System from source System", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * msg: Entry added to log System from source System + + +### win-feature +*** +Installs and uninstalls Windows Features on Windows Server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_feature_module.html + + +#### Base Command + +`win-feature` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Names of roles or features to install as a single feature or a comma-separated list of features.
To list all available features use the PowerShell command `Get-WindowsFeature`. | Required | +| state | State of the features or roles on the system. Possible values are: absent, present. Default is present. | Optional | +| include_sub_features | Adds all subfeatures of the specified feature. Possible values are: Yes, No. Default is No. | Optional | +| include_management_tools | Adds the corresponding management tools to the specified feature.
Not supported in Windows 2008 R2 and will be ignored. Possible values are: Yes, No. Default is No. | Optional | +| source | Specify a source to install the feature from.
Not supported in Windows 2008 R2 and will be ignored.
Can either be `{driveletter}:\sources\sxs` or `\\{IP}\share\sources\sxs`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinFeature.exitcode | string | The stringified exit code from the feature installation/removal command. | +| MicrosoftWindows.WinFeature.feature_result | unknown | List of features that were installed or removed. | +| MicrosoftWindows.WinFeature.reboot_required | boolean | True when the target server requires a reboot to complete updates \(no further updates can be installed until after a reboot\). | + + +#### Command Example +```!win-feature host="123.123.123.123" name="Web-Server" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinFeature": { + "changed": false, + "exitcode": "NoChangeNeeded", + "feature_result": [], + "host": "123.123.123.123", + "reboot_required": false, + "status": "SUCCESS", + "success": true + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * exitcode: NoChangeNeeded +> * reboot_required: False +> * success: True +> * ## Feature_Result + + +### win-file +*** +Creates, touches or removes files or directories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_file_module.html + + +#### Base Command + +`win-file` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to the file being managed. | Required | +| state | If `directory`, all immediate subdirectories will be created if they do not exist.
If `file`, the file will NOT be created if it does not exist, see the `copy` or `template` module if you want that behavior. If `absent`, directories will be recursively deleted, and files will be removed.
If `touch`, an empty file will be created if the `path` does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way `touch` works from the command line). Possible values are: absent, directory, file, touch. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-file host="123.123.123.123" path="C:/Temp/foo.conf" state="touch"``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinFile": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + + +### win-file-version +*** +Get DLL or EXE file build version +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_file_version_module.html + + +#### Base Command + +`win-file-version` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | File to get version.
Always provide absolute path. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinFileVersion.path | string | file path | +| MicrosoftWindows.WinFileVersion.file_version | string | File version number.. | +| MicrosoftWindows.WinFileVersion.product_version | string | The version of the product this file is distributed with. | +| MicrosoftWindows.WinFileVersion.file_major_part | string | the major part of the version number. | +| MicrosoftWindows.WinFileVersion.file_minor_part | string | the minor part of the version number of the file. | +| MicrosoftWindows.WinFileVersion.file_build_part | string | build number of the file. | +| MicrosoftWindows.WinFileVersion.file_private_part | string | file private part number. | + + +#### Command Example +```!win-file-version host="123.123.123.123" path="C:\\Windows\\System32\\cmd.exe" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinFileVersion": { + "file_build_part": "14393", + "file_major_part": "10", + "file_minor_part": "0", + "file_private_part": "0", + "file_version": "10.0.14393.0 (rs1_release.160715-1616)", + "host": "123.123.123.123", + "path": "C:\\Windows\\System32\\cmd.exe", + "product_version": "10.0.14393.0", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * file_build_part: 14393 +> * file_major_part: 10 +> * file_minor_part: 0 +> * file_private_part: 0 +> * file_version: 10.0.14393.0 (rs1_release.160715-1616) +> * path: C:\Windows\System32\cmd.exe +> * product_version: 10.0.14393.0 + + +### win-find +*** +Return a list of files based on specific criteria +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_find_module.html + + +#### Base Command + +`win-find` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| age | Select files or folders whose age is equal to or greater than the specified time.
Use a negative age to find files equal to or less than the specified time.
You can choose seconds, minutes, hours, days or weeks by specifying the first letter of an of those words (e.g., "2s", "10d", 1w"). | Optional | +| age_stamp | Choose the file property against which we compare `age`.
The default attribute we compare with is the last modification time. Possible values are: atime, ctime, mtime. Default is mtime. | Optional | +| checksum_algorithm | Algorithm to determine the checksum of a file.
Will throw an error if the host is unable to use specified algorithm. Possible values are: md5, sha1, sha256, sha384, sha512. Default is sha1. | Optional | +| file_type | Type of file to search for. Possible values are: directory, file. Default is file. | Optional | +| follow | Set this to `yes` to follow symlinks in the path.
This needs to be used in conjunction with `recurse`. Possible values are: Yes, No. Default is No. | Optional | +| get_checksum | Whether to return a checksum of the file in the return info (default sha1), use `checksum_algorithm` to change from the default. Possible values are: Yes, No. Default is Yes. | Optional | +| hidden | Set this to include hidden files or folders. Possible values are: Yes, No. Default is No. | Optional | +| paths | List of paths of directories to search for files or folders in.
This can be supplied as a single path or a list of paths. | Required | +| patterns | One or more (powershell or regex) patterns to compare filenames with.
The type of pattern matching is controlled by `use_regex` option.
The patterns restrict the list of files or folders to be returned based on the filenames.
For a file to be matched it only has to match with one pattern in a list provided. | Optional | +| recurse | Will recursively descend into the directory looking for files or folders. Possible values are: Yes, No. Default is No. | Optional | +| size | Select files or folders whose size is equal to or greater than the specified size.
Use a negative value to find files equal to or less than the specified size.
You can specify the size with a suffix of the byte type i.e. kilo = k, mega = m...
Size is not evaluated for symbolic links. | Optional | +| use_regex | Will set patterns to run as a regex check if set to `yes`. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinFind.examined | number | The number of files/folders that was checked. | +| MicrosoftWindows.WinFind.matched | number | The number of files/folders that match the criteria. | +| MicrosoftWindows.WinFind.files | unknown | Information on the files/folders that match the criteria returned as a list of dictionary elements for each file matched. The entries are sorted by the path value alphabetically. | + + +#### Command Example +```!win-find host="123.123.123.123" paths="c:\\Temp" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinFind": { + "changed": false, + "examined": 2, + "files": [ + { + "attributes": "Archive", + "checksum": "40c7d97574e7c791d649582912620f7d816829e4", + "creationtime": 1624943905.9269967, + "exists": true, + "extension": ".jpg", + "filename": "earthrise.jpg", + "hlnk_targets": [], + "isarchive": true, + "isdir": false, + "ishidden": false, + "isjunction": false, + "islnk": false, + "isreadonly": false, + "isreg": true, + "isshared": false, + "lastaccesstime": 1624943905.9269967, + "lastwritetime": 1624943905.8957422, + "lnk_source": null, + "lnk_target": null, + "nlink": 1, + "owner": "BUILTIN\\Administrators", + "path": "C:\\Temp\\earthrise.jpg", + "sharename": null, + "size": 45108 + } + ], + "host": "123.123.123.123", + "matched": 1, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * examined: 2 +> * matched: 1 +> * ## Files +> * ## Earthrise.Jpg +> * attributes: Archive +> * checksum: 40c7d97574e7c791d649582912620f7d816829e4 +> * creationtime: 1624943905.9269967 +> * exists: True +> * extension: .jpg +> * filename: earthrise.jpg +> * isarchive: True +> * isdir: False +> * ishidden: False +> * isjunction: False +> * islnk: False +> * isreadonly: False +> * isreg: True +> * isshared: False +> * lastaccesstime: 1624943905.9269967 +> * lastwritetime: 1624943905.8957422 +> * lnk_source: None +> * lnk_target: None +> * nlink: 1 +> * owner: BUILTIN\Administrators +> * path: C:\Temp\earthrise.jpg +> * sharename: None +> * size: 45108 +> * ### Hlnk_Targets + + +### win-firewall +*** +Enable or disable the Windows Firewall +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_firewall_module.html + + +#### Base Command + +`win-firewall` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| profiles | Specify one or more profiles to change. Possible values are: Domain, Private, Public. Default is ['Domain', 'Private', 'Public']. | Optional | +| state | Set state of firewall for given profile. Possible values are: disabled, enabled. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinFirewall.enabled | boolean | Current firewall status for chosen profile \(after any potential change\). | +| MicrosoftWindows.WinFirewall.profiles | string | Chosen profile. | +| MicrosoftWindows.WinFirewall.state | unknown | Desired state of the given firewall profile\(s\). | + + +#### Command Example +```!win-firewall host="123.123.123.123" state="enabled" profiles="['Domain', 'Private', 'Public']" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinFirewall": { + "Domain": { + "considered": false, + "currentstate": 1, + "enabled": true + }, + "Private": { + "considered": false, + "currentstate": 1, + "enabled": true + }, + "Public": { + "considered": false, + "currentstate": 1, + "enabled": true + }, + "changed": false, + "host": "123.123.123.123", + "profiles": [ + "['Domain'", + "'Private'", + "'Public']" + ], + "state": "enabled", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * state: enabled +> * ## Domain +> * considered: False +> * currentstate: 1 +> * enabled: True +> * ## Private +> * considered: False +> * currentstate: 1 +> * enabled: True +> * ## Public +> * considered: False +> * currentstate: 1 +> * enabled: True +> * ## Profiles +> * 0: ['Domain' +> * 1: 'Private' +> * 2: 'Public'] + + +### win-firewall-rule +*** +Windows firewall automation +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_firewall_rule_module.html + + +#### Base Command + +`win-firewall-rule` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| enabled | Whether this firewall rule is enabled or disabled.
Defaults to `true` when creating a new rule. | Optional | +| state | Should this rule be added or removed. Possible values are: absent, present. Default is present. | Optional | +| name | The rule's display name. | Required | +| group | The group name for the rule. | Optional | +| direction | Whether this rule is for inbound or outbound traffic.
Defaults to `in` when creating a new rule. Possible values are: in, out. | Optional | +| action | What to do with the items this rule is for.
Defaults to `allow` when creating a new rule. Possible values are: allow, block. | Optional | +| description | Description for the firewall rule. | Optional | +| localip | The local ip address this rule applies to.
Set to `any` to apply to all local ip addresses.
Defaults to `any` when creating a new rule. | Optional | +| remoteip | The remote ip address/range this rule applies to.
Set to `any` to apply to all remote ip addresses.
Defaults to `any` when creating a new rule. | Optional | +| localport | The local port this rule applies to.
Set to `any` to apply to all local ports.
Defaults to `any` when creating a new rule.
Must have `protocol` set. | Optional | +| remoteport | The remote port this rule applies to.
Set to `any` to apply to all remote ports.
Defaults to `any` when creating a new rule.
Must have `protocol` set. | Optional | +| program | The program this rule applies to.
Set to `any` to apply to all programs.
Defaults to `any` when creating a new rule. | Optional | +| service | The service this rule applies to.
Set to `any` to apply to all services.
Defaults to `any` when creating a new rule. | Optional | +| protocol | The protocol this rule applies to.
Set to `any` to apply to all services.
Defaults to `any` when creating a new rule. | Optional | +| profiles | The profile this rule applies to.
Defaults to `domain,private,public` when creating a new rule. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-firewall-rule host="123.123.123.123" name="SMTP" localport="25" action="allow" direction="in" protocol="tcp" state="present" enabled="True" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinFirewallRule": { + "changed": false, + "host": "123.123.123.123", + "msg": "Firewall rule(s) changed '' - unchanged 'SMTP'", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * msg: Firewall rule(s) changed '' - unchanged 'SMTP' + + +### win-format +*** +Formats an existing volume or a new volume on an existing partition on Windows +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_format_module.html + + +#### Base Command + +`win-format` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| drive_letter | Used to specify the drive letter of the volume to be formatted. | Optional | +| path | Used to specify the path to the volume to be formatted. | Optional | +| label | Used to specify the label of the volume to be formatted. | Optional | +| new_label | Used to specify the new file system label of the formatted volume. | Optional | +| file_system | Used to specify the file system to be used when formatting the target volume. Possible values are: ntfs, refs, exfat, fat32, fat. | Optional | +| allocation_unit_size | Specifies the cluster size to use when formatting the volume.
If no cluster size is specified when you format a partition, defaults are selected based on the size of the partition. | Optional | +| large_frs | Specifies that large File Record System (FRS) should be used. | Optional | +| compress | Enable compression on the resulting NTFS volume.
NTFS compression is not supported where `allocation_unit_size` is more than 4096. | Optional | +| integrity_streams | Enable integrity streams on the resulting ReFS volume. | Optional | +| full | A full format writes to every sector of the disk, takes much longer to perform than the default (quick) format, and is not recommended on storage that is thinly provisioned.
Specify `true` for full format. | Optional | +| force | Specify if formatting should be forced for volumes that are not created from new partitions or if the source and target file system are different. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-format host="123.123.123.123" drive_letter=f``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinFormat": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### win-get-url +*** +Downloads file from HTTP, HTTPS, or FTP to node +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_get_url_module.html + + +#### Base Command + +`win-get-url` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| url | The full URL of a file to download. | Required | +| dest | The location to save the file at the URL.
Be sure to include a filename and extension as appropriate. | Required | +| force | If `yes`, will download the file every time and replace the file if the contents change. If `no`, will only download the file if it does not exist or the remote file has been modified more recently than the local file.
This works by sending an http HEAD request to retrieve last modified time of the requested resource, so for this to work, the remote web server must support HEAD requests. Possible values are: Yes, No. Default is Yes. | Optional | +| checksum | If a `checksum` is passed to this parameter, the digest of the destination file will be calculated after it is downloaded to ensure its integrity and verify that the transfer completed successfully.
This option cannot be set with `checksum_url`. | Optional | +| checksum_algorithm | Specifies the hashing algorithm used when calculating the checksum of the remote and destination file. Possible values are: md5, sha1, sha256, sha384, sha512. Default is sha1. | Optional | +| checksum_url | Specifies a URL that contains the checksum values for the resource at `url`.
Like `checksum`, this is used to verify the integrity of the remote transfer.
This option cannot be set with `checksum`. | Optional | +| proxy_url | An explicit proxy to use for the request.
By default, the request will use the IE defined proxy unless `use_proxy` is set to `no`. | Optional | +| proxy_username | The username to use for proxy authentication. | Optional | +| proxy_password | The password for `proxy_username`. | Optional | +| headers | Extra headers to set on the request.
This should be a dictionary where the key is the header name and the value is the value for that header. | Optional | +| use_proxy | If `no`, it will not use the proxy defined in IE for the current user. Possible values are: Yes, No. Default is Yes. | Optional | +| follow_redirects | Whether or the module should follow redirects.
`all` will follow all redirect.
`none` will not follow any redirect.
`safe` will follow only "safe" redirects, where "safe" means that the client is only doing a `GET` or `HEAD` on the URI to which it is being redirected. Possible values are: all, none, safe. Default is safe. | Optional | +| maximum_redirection | Specify how many times the module will redirect a connection to an alternative URI before the connection fails.
If set to `0` or `follow_redirects` is set to `none`, or `safe` when not doing a `GET` or `HEAD` it prevents all redirection. Default is 50. | Optional | +| client_cert | The path to the client certificate (.pfx) that is used for X509 authentication. This path can either be the path to the `pfx` on the filesystem or the PowerShell certificate path `Cert:\CurrentUser\My\<thumbprint>`.
The WinRM connection must be authenticated with `CredSSP` or `become` is used on the task if the certificate file is not password protected.
Other authentication types can set `client_cert_password` when the cert is password protected. | Optional | +| client_cert_password | The password for `client_cert` if the cert is password protected. | Optional | +| method | This option is not for use with `win_get_url` and should be ignored. | Optional | +| http_agent | Header to identify as, generally appears in web server logs.
This is set to the `User-Agent` header on a HTTP request. Default is ansible-httpget. | Optional | +| timeout | Specifies how long the request can be pending before it times out (in seconds).
Set to `0` to specify an infinite timeout. Default is 30. | Optional | +| validate_certs | If `no`, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates. Possible values are: Yes, No. Default is Yes. | Optional | +| force_basic_auth | By default the authentication header is only sent when a webservice responses to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail.
This option forces the sending of the Basic authentication header upon the original request. Possible values are: Yes, No. Default is No. | Optional | +| url_username | The username to use for authentication. | Optional | +| url_password | The password for `url_username`. | Optional | +| use_default_credential | Uses the current user's credentials when authenticating with a server protected with `NTLM`, `Kerberos`, or `Negotiate` authentication.
Sites that use `Basic` auth will still require explicit credentials through the `url_username` and `url_password` options.
The module will only have access to the user's credentials if using `become` with a password, you are connecting with SSH using a password, or connecting with WinRM using `CredSSP` or `Kerberos with delegation`.
If not using `become` or a different auth method to the ones stated above, there will be no default credentials available and no authentication will occur. Possible values are: Yes, No. Default is No. | Optional | +| proxy_use_default_credential | Uses the current user's credentials when authenticating with a proxy host protected with `NTLM`, `Kerberos`, or `Negotiate` authentication.
Proxies that use `Basic` auth will still require explicit credentials through the `proxy_username` and `proxy_password` options.
The module will only have access to the user's credentials if using `become` with a password, you are connecting with SSH using a password, or connecting with WinRM using `CredSSP` or `Kerberos with delegation`.
If not using `become` or a different auth method to the ones stated above, there will be no default credentials available and no proxy authentication will occur. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinGetUrl.dest | string | destination file/path | +| MicrosoftWindows.WinGetUrl.checksum_dest | string | <algorithm> checksum of the file after the download | +| MicrosoftWindows.WinGetUrl.checksum_src | string | <algorithm> checksum of the remote resource | +| MicrosoftWindows.WinGetUrl.elapsed | unknown | The elapsed seconds between the start of poll and the end of the module. | +| MicrosoftWindows.WinGetUrl.size | number | size of the dest file | +| MicrosoftWindows.WinGetUrl.url | string | requested url | +| MicrosoftWindows.WinGetUrl.msg | string | Error message, or HTTP status message from web-server | +| MicrosoftWindows.WinGetUrl.status_code | number | HTTP status code | + + +#### Command Example +```!win-get-url host="123.123.123.123" url="https://www.nasa.gov/sites/default/files/styles/full_width_feature/public/images/297755main_GPN-2001-000009_full.jpg" dest="C:\\Temp\\earthrise.jpg" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinGetUrl": { + "changed": true, + "checksum_dest": "40c7d97574e7c791d649582912620f7d816829e4", + "checksum_src": "40c7d97574e7c791d649582912620f7d816829e4", + "dest": "C:\\Temp\\earthrise.jpg", + "elapsed": 1.4999867, + "host": "123.123.123.123", + "msg": "OK", + "size": 45108, + "status": "CHANGED", + "status_code": 200, + "url": "https://www.nasa.gov/sites/default/files/styles/full_width_feature/public/images/297755main_GPN-2001-000009_full.jpg" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * checksum_dest: 40c7d97574e7c791d649582912620f7d816829e4 +> * checksum_src: 40c7d97574e7c791d649582912620f7d816829e4 +> * dest: C:\Temp\earthrise.jpg +> * elapsed: 1.4999867 +> * msg: OK +> * size: 45108 +> * status_code: 200 +> * url: https://www.nasa.gov/sites/default/files/styles/full_width_feature/public/images/297755main_GPN-2001-000009_full.jpg + + +### win-group +*** +Add and remove local groups +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_group_module.html + + +#### Base Command + +`win-group` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the group. | Required | +| description | Description of the group. | Optional | +| state | Create or remove the group. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-group host="123.123.123.123" name="deploy" description="Deploy Group" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinGroup": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### win-group-membership +*** +Manage Windows local group membership +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_group_membership_module.html + + +#### Base Command + +`win-group-membership` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the local group to manage membership on. | Required | +| members | A list of members to ensure are present/absent from the group.
Accepts local users as .\username, and SERVERNAME\username.
Accepts domain users and groups as DOMAIN\username and username@DOMAIN.
Accepts service users as NT AUTHORITY\username.
Accepts all local, domain and service user types as username, favoring domain lookups when in a domain. | Required | +| state | Desired state of the members in the group.
`pure` was added in Ansible 2.8.
When `state` is `pure`, only the members specified will exist, and all other existing members not specified are removed. Possible values are: absent, present, pure. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinGroupMembership.name | string | The name of the target local group. | +| MicrosoftWindows.WinGroupMembership.added | unknown | A list of members added when \`state\` is \`present\` or \`pure\`; this is empty if no members are added. | +| MicrosoftWindows.WinGroupMembership.removed | unknown | A list of members removed when \`state\` is \`absent\` or \`pure\`; this is empty if no members are removed. | +| MicrosoftWindows.WinGroupMembership.members | unknown | A list of all local group members at completion; this is empty if the group contains no members. | + + +#### Command Example +```!win-group-membership host="123.123.123.123" name="Remote Desktop Users" members="fed-phil" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinGroupMembership": { + "added": [ + "WIN-U425UI0HPP7\\fed-phil" + ], + "changed": true, + "host": "123.123.123.123", + "members": [ + "WIN-U425UI0HPP7\\fed-phil" + ], + "name": "Remote Desktop Users", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * name: Remote Desktop Users +> * ## Added +> * 0: WIN-U425UI0HPP7\fed-phil +> * ## Members +> * 0: WIN-U425UI0HPP7\fed-phil + + +### win-hostname +*** +Manages local Windows computer name +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_hostname_module.html + + +#### Base Command + +`win-hostname` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The hostname to set for the computer. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinHostname.old_name | string | The original hostname that was set before it was changed. | +| MicrosoftWindows.WinHostname.reboot_required | boolean | Whether a reboot is required to complete the hostname change. | + + +#### Command Example +```!win-hostname host="123.123.123.123" name="sample-hostname" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinHostname": { + "changed": true, + "host": "123.123.123.123", + "old_name": "WIN-U425UI0HPP7", + "reboot_required": true, + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * old_name: WIN-U425UI0HPP7 +> * reboot_required: True + + +### win-hosts +*** +Manages hosts file entries on Windows. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_hosts_module.html + + +#### Base Command + +`win-hosts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether the entry should be present or absent.
If only `canonical_name` is provided when `state=absent`, then all hosts entries with the canonical name of `canonical_name` will be removed.
If only `ip_address` is provided when `state=absent`, then all hosts entries with the ip address of `ip_address` will be removed.
If `ip_address` and `canonical_name` are both omitted when `state=absent`, then all hosts entries will be removed. Possible values are: absent, present. Default is present. | Optional | +| canonical_name | A canonical name for the host entry.
required for `state=present`. | Optional | +| ip_address | The ip address for the host entry.
Can be either IPv4 (A record) or IPv6 (AAAA record).
Required for `state=present`. | Optional | +| aliases | A list of additional names (cname records) for the host entry.
Only applicable when `state=present`. | Optional | +| action | Controls the behavior of `aliases`.
Only applicable when `state=present`.
If `add`, each alias in `aliases` will be added to the host entry.
If `set`, each alias in `aliases` will be added to the host entry, and other aliases will be removed from the entry. Possible values are: add, remove, set. Default is set. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-hosts host="123.123.123.123" state="present" canonical_name="localhost" ip_address="127.0.0.1" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinHosts": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### win-hotfix +*** +Install and uninstalls Windows hotfixes +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_hotfix_module.html + + +#### Base Command + +`win-hotfix` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| hotfix_identifier | The name of the hotfix as shown in DISM, see examples for details.
This or `hotfix_kb` MUST be set when `state=absent`.
If `state=present` then the hotfix at `source` will be validated against this value, if it does not match an error will occur.
You can get the identifier by running 'Get-WindowsPackage -Online -PackagePath path-to-cab-in-msu' after expanding the msu file. | Optional | +| hotfix_kb | The name of the KB the hotfix relates to, see examples for details.
This or `hotfix_identifier` MUST be set when `state=absent`.
If `state=present` then the hotfix at `source` will be validated against this value, if it does not match an error will occur.
Because DISM uses the identifier as a key and doesn't refer to a KB in all cases it is recommended to use `hotfix_identifier` instead. | Optional | +| state | Whether to install or uninstall the hotfix.
When `present`, `source` MUST be set.
When `absent`, `hotfix_identifier` or `hotfix_kb` MUST be set. Possible values are: absent, present. Default is present. | Optional | +| source | The path to the downloaded hotfix .msu file.
This MUST be set if `state=present` and MUST be a .msu hotfix file. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinHotfix.identifier | string | The DISM identifier for the hotfix. | +| MicrosoftWindows.WinHotfix.kb | string | The KB the hotfix relates to. | +| MicrosoftWindows.WinHotfix.reboot_required | string | Whether a reboot is required for the install or uninstall to finalise. | + + + + +### win-http-proxy +*** +Manages proxy settings for WinHTTP +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_http_proxy_module.html + + +#### Base Command + +`win-http-proxy` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| bypass | A list of hosts that will bypass the set proxy when being accessed.
Use `<local>` to match hostnames that are not fully qualified domain names. This is useful when needing to connect to intranet sites using just the hostname.
Omit, set to null or an empty string/list to remove the bypass list.
If this is set then `proxy` must also be set. | Optional | +| proxy | A string or dict that specifies the proxy to be set.
If setting a string, should be in the form `hostname`, `hostname:port`, or `protocol=hostname:port`.
If the port is undefined, the default port for the protocol in use is used.
If setting a dict, the keys should be the protocol and the values should be the hostname and/or port for that protocol.
Valid protocols are `http`, `https`, `ftp`, and `socks`.
Omit, set to null or an empty string to remove the proxy settings. | Optional | +| source | Instead of manually specifying the `proxy` and/or `bypass`, set this to import the proxy from a set source like Internet Explorer.
Using `ie` will import the Internet Explorer proxy settings for the current active network connection of the current user.
Only IE's proxy URL and bypass list will be imported into WinHTTP.
This is like running `netsh winhttp import proxy source=ie`.
The value is imported when the module runs and will not automatically be updated if the IE configuration changes in the future. The module will have to be run again to sync the latest changes. Possible values are: ie. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-http-proxy host="123.123.123.123" proxy="hostname" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinHttpProxy": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### win-iis-virtualdirectory +*** +Configures a virtual directory in IIS +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_iis_virtualdirectory_module.html + + +#### Base Command + +`win-iis-virtualdirectory` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the virtual directory to create or remove. | Required | +| state | Whether to add or remove the specified virtual directory.
Removing will remove the virtual directory and all under it (Recursively). Possible values are: absent, present. Default is present. | Optional | +| site | The site name under which the virtual directory is created or exists. | Required | +| application | The application under which the virtual directory is created or exists. | Optional | +| physical_path | The physical path to the folder in which the new virtual directory is created.
The specified folder must already exist. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-iis-webapplication +*** +Configures IIS web applications +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_iis_webapplication_module.html + + +#### Base Command + +`win-iis-webapplication` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the web application. | Required | +| site | Name of the site on which the application is created. | Required | +| state | State of the web application. Possible values are: absent, present. Default is present. | Optional | +| physical_path | The physical path on the remote host to use for the new application.
The specified folder must already exist. | Optional | +| application_pool | The application pool in which the new site executes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinIisWebapplication.application_pool | string | The used/implemented application_pool value. | +| MicrosoftWindows.WinIisWebapplication.physical_path | string | The used/implemented physical_path value. | + + + + +### win-iis-webapppool +*** +Configure IIS Web Application Pools +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_iis_webapppool_module.html + + +#### Base Command + +`win-iis-webapppool` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| attributes | This field is a free form dictionary value for the application pool attributes.
These attributes are based on the naming standard at `https://www.iis.net/configreference/system.applicationhost/applicationpools/add#005`, see the examples section for more details on how to set this.
You can also set the attributes of child elements like cpu and processModel, see the examples to see how it is done.
While you can use the numeric values for enums it is recommended to use the enum name itself, e.g. use SpecificUser instead of 3 for processModel.identityType.
managedPipelineMode may be either "Integrated" or "Classic".
startMode may be either "OnDemand" or "AlwaysRunning".
Use `state` module parameter to modify the state of the app pool.
When trying to set 'processModel.password' and you receive a 'Value does fall within the expected range' error, you have a corrupted keystore. Please follow `http://structuredsight.com/2014/10/26/im-out-of-range-youre-out-of-range/` to help fix your host. | Optional | +| name | Name of the application pool. | Required | +| state | The state of the application pool.
If `absent` will ensure the app pool is removed.
If `present` will ensure the app pool is configured and exists.
If `restarted` will ensure the app pool exists and will restart, this is never idempotent.
If `started` will ensure the app pool exists and is started.
If `stopped` will ensure the app pool exists and is stopped. Possible values are: absent, present, restarted, started, stopped. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinIisWebapppool.attributes | unknown | Application Pool attributes that were set and processed by this module invocation. | +| MicrosoftWindows.WinIisWebapppool.info | unknown | Information on current state of the Application Pool. See https://www.iis.net/configreference/system.applicationhost/applicationpools/add\#005 for the full list of return attributes based on your IIS version. | + + + + +### win-iis-webbinding +*** +Configures a IIS Web site binding +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_iis_webbinding_module.html + + +#### Base Command + +`win-iis-webbinding` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Names of web site. | Required | +| state | State of the binding. Possible values are: absent, present. Default is present. | Optional | +| port | The port to bind to / use for the new site. Default is 80. | Optional | +| ip | The IP address to bind to / use for the new site. Default is *. | Optional | +| host_header | The host header to bind to / use for the new site.
If you are creating/removing a catch-all binding, omit this parameter rather than defining it as '*'. | Optional | +| protocol | The protocol to be used for the Web binding (usually HTTP, HTTPS, or FTP). Default is http. | Optional | +| certificate_hash | Certificate hash (thumbprint) for the SSL binding. The certificate hash is the unique identifier for the certificate. | Optional | +| certificate_store_name | Name of the certificate store where the certificate for the binding is located. Default is my. | Optional | +| ssl_flags | This parameter is only valid on Server 2012 and newer.
Primarily used for enabling and disabling server name indication (SNI).
Set to c(0) to disable SNI.
Set to c(1) to enable SNI. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinIisWebbinding.website_state | string | The state of the website being targetted +Can be helpful in case you accidentally cause a binding collision which can result in the targetted site being stopped | +| MicrosoftWindows.WinIisWebbinding.operation_type | string | The type of operation performed +Can be removed, updated, matched, or added | +| MicrosoftWindows.WinIisWebbinding.binding_info | unknown | Information on the binding being manipulated | + + + + +### win-iis-website +*** +Configures a IIS Web site +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_iis_website_module.html + + +#### Base Command + +`win-iis-website` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Names of web site. | Required | +| site_id | Explicitly set the IIS numeric ID for a site.
Note that this value cannot be changed after the website has been created. | Optional | +| state | State of the web site. Possible values are: absent, started, stopped, restarted. | Optional | +| physical_path | The physical path on the remote host to use for the new site.
The specified folder must already exist. | Optional | +| application_pool | The application pool in which the new site executes. | Optional | +| port | The port to bind to / use for the new site. | Optional | +| ip | The IP address to bind to / use for the new site. | Optional | +| hostname | The host header to bind to / use for the new site. | Optional | +| ssl | Enables HTTPS binding on the site.. | Optional | +| parameters | Custom site Parameters from string where properties are separated by a pipe and property name/values by colon Ex. "foo:1\|bar:2". | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-inet-proxy +*** +Manages proxy settings for WinINet and Internet Explorer +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_inet_proxy_module.html + + +#### Base Command + +`win-inet-proxy` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| auto_detect | Whether to configure WinINet to automatically detect proxy settings through Web Proxy Auto-Detection `WPAD`.
This corresponds to the checkbox `Automatically detect settings` in the connection settings window. Possible values are: Yes, No. Default is Yes. | Optional | +| auto_config_url | The URL of a proxy configuration script.
Proxy configuration scripts are typically JavaScript files with the `.pac` extension that implement the `FindProxyForURL(url, host` function.
Omit, set to null or an empty string to remove the auto config URL.
This corresponds to the checkbox `Use automatic configuration script` in the connection settings window. | Optional | +| bypass | A list of hosts that will bypass the set proxy when being accessed.
Use `<local>` to match hostnames that are not fully qualified domain names. This is useful when needing to connect to intranet sites using just the hostname. If defined, this should be the last entry in the bypass list.
Use `<-loopback>` to stop automatically bypassing the proxy when connecting through any loopback address like `127.0.0.1`, `localhost`, or the local hostname.
Omit, set to null or an empty string/list to remove the bypass list.
If this is set then `proxy` must also be set. | Optional | +| connection | The name of the IE connection to set the proxy settings for.
These are the connections under the `Dial-up and Virtual Private Network` header in the IE settings.
When omitted, the default LAN connection is used. | Optional | +| proxy | A string or dict that specifies the proxy to be set.
If setting a string, should be in the form `hostname`, `hostname:port`, or `protocol=hostname:port`.
If the port is undefined, the default port for the protocol in use is used.
If setting a dict, the keys should be the protocol and the values should be the hostname and/or port for that protocol.
Valid protocols are `http`, `https`, `ftp`, and `socks`.
Omit, set to null or an empty string to remove the proxy settings. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-inet-proxy host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinInetProxy": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### win-lineinfile +*** +Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_lineinfile_module.html + + +#### Base Command + +`win-lineinfile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The path of the file to modify.
Note that the Windows path delimiter `\` must be escaped as `\\` when the line is double quoted.
Before Ansible 2.3 this option was only usable as `dest`, `destfile` and `name`. | Required | +| backup | Determine whether a backup should be created.
When set to `yes`, create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| regex | The regular expression to look for in every line of the file. For `state=present`, the pattern to replace if found; only the last line found will be replaced. For `state=absent`, the pattern of the line to remove. Uses .NET compatible regular expressions; see `https://msdn.microsoft.com/en-us/library/hs600312%28v=vs.110%29.aspx`. | Optional | +| state | Whether the line should be there or not. Possible values are: absent, present. Default is present. | Optional | +| line | Required for `state=present`. The line to insert/replace into the file. If `backrefs` is set, may contain backreferences that will get expanded with the `regexp` capture groups if the regexp matches.
Be aware that the line is processed first on the controller and thus is dependent on yaml quoting rules. Any double quoted line will have control characters, such as '\r\n', expanded. To print such characters literally, use single or no quotes. | Optional | +| backrefs | Used with `state=present`. If set, line can contain backreferences (both positional and named) that will get populated if the `regexp` matches. This flag changes the operation of the module slightly; `insertbefore` and `insertafter` will be ignored, and if the `regexp` doesn't match anywhere in the file, the file will be left unchanged.
If the `regexp` does match, the last matching line will be replaced by the expanded line parameter. Possible values are: Yes, No. Default is No. | Optional | +| insertafter | Used with `state=present`. If specified, the line will be inserted after the last match of specified regular expression. A special value is available; `EOF` for inserting the line at the end of the file.
If specified regular expression has no matches, EOF will be used instead. May not be used with `backrefs`. Possible values are: EOF, *regex*. Default is EOF. | Optional | +| insertbefore | Used with `state=present`. If specified, the line will be inserted before the last match of specified regular expression. A value is available; `BOF` for inserting the line at the beginning of the file.
If specified regular expression has no matches, the line will be inserted at the end of the file. May not be used with `backrefs`. Possible values are: BOF, *regex*. | Optional | +| create | Used with `state=present`. If specified, the file will be created if it does not already exist. By default it will fail if the file is missing. Possible values are: Yes, No. Default is No. | Optional | +| validate | Validation to run before copying into place. Use %s in the command to indicate the current file to validate.
The command is passed securely so shell features like expansion and pipes won't work. | Optional | +| encoding | Specifies the encoding of the source text file to operate on (and thus what the output encoding will be). The default of `auto` will cause the module to auto-detect the encoding of the source file and ensure that the modified file is written with the same encoding.
An explicit encoding can be passed as a string that is a valid value to pass to the .NET framework System.Text.Encoding.GetEncoding() method - see `https://msdn.microsoft.com/en-us/library/system.text.encoding%28v=vs.110%29.aspx`.
This is mostly useful with `create=yes` if you want to create a new file with a specific encoding. If `create=yes` is specified without a specific encoding, the default encoding (UTF-8, no BOM) will be used. Default is auto. | Optional | +| newline | Specifies the line separator style to use for the modified file. This defaults to the windows line separator (`\r\n`). Note that the indicated line separator will be used for file output regardless of the original line separator that appears in the input file. Possible values are: unix, windows. Default is windows. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinLineinfile.backup | string | Name of the backup file that was created. +This is now deprecated, use \`backup_file\` instead. | +| MicrosoftWindows.WinLineinfile.backup_file | string | Name of the backup file that was created. | + + +#### Command Example +```!win-lineinfile host="123.123.123.123" path="c:/temp/file.txt" line="c:/temp/new" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinLineinfile": { + "backup": "", + "changed": true, + "encoding": "utf-8", + "host": "123.123.123.123", + "msg": "line added", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * backup: +> * changed: True +> * encoding: utf-8 +> * msg: line added + + +### win-mapped-drive +*** +Map network drives for users +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_mapped_drive_module.html + + +#### Base Command + +`win-mapped-drive` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| letter | The letter of the network path to map to.
This letter must not already be in use with Windows. | Required | +| password | The password for `username` that is used when testing the initial connection.
This is never saved with a mapped drive, use the `win_credential` module to persist a username and password for a host. | Optional | +| path | The UNC path to map the drive to.
If pointing to a WebDAV location this must still be in a UNC path in the format `\\hostname\path` and not a URL, see examples for more details.
To specify a `https` WebDAV path, add `@SSL` after the hostname. To specify a custom WebDAV port add `@<port num>` after the `@SSL` or hostname portion of the UNC path, e.g. `\\server@SSL@1234` or `\\server@1234`.
This is required if `state=present`.
If `state=absent` and `path` is not set, the module will delete the mapped drive regardless of the target.
If `state=absent` and the `path` is set, the module will throw an error if path does not match the target of the mapped drive. | Optional | +| state | If `present` will ensure the mapped drive exists.
If `absent` will ensure the mapped drive does not exist. Possible values are: absent, present. Default is present. | Optional | +| username | The username that is used when testing the initial connection.
This is never saved with a mapped drive, the the `win_credential` module to persist a username and password for a host.
This is required if the mapped drive requires authentication with custom credentials and become, or CredSSP cannot be used.
If become or CredSSP is used, any credentials saved with `win_credential` will automatically be used instead. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-msg +*** +Sends a message to logged in users on Windows hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_msg_module.html + + +#### Base Command + +`win-msg` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| to | Who to send the message to. Can be a username, sessionname or sessionid. Default is *. | Optional | +| display_seconds | How long to wait for receiver to acknowledge message, in seconds. Default is 10. | Optional | +| wait | Whether to wait for users to respond. Module will only wait for the number of seconds specified in display_seconds or 10 seconds if not specified. However, if `wait` is `yes`, the message is sent to each logged on user in turn, waiting for the user to either press 'ok' or for the timeout to elapse before moving on to the next user. Default is no. | Optional | +| msg | The text of the message to be displayed.
The message must be less than 256 characters. Default is Hello world!. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinMsg.msg | string | Test of the message that was sent. | +| MicrosoftWindows.WinMsg.display_seconds | string | Value of display_seconds module parameter. | +| MicrosoftWindows.WinMsg.rc | number | The return code of the API call. | +| MicrosoftWindows.WinMsg.runtime_seconds | string | How long the module took to run on the remote windows host. | +| MicrosoftWindows.WinMsg.sent_localtime | string | local time from windows host when the message was sent. | +| MicrosoftWindows.WinMsg.wait | boolean | Value of wait module parameter. | + + +#### Command Example +```!win-msg host="123.123.123.123" display_seconds="60" msg="Automated upgrade about to start. Please save your work and log off before 6pm" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinMsg": { + "changed": true, + "display_seconds": 60, + "host": "123.123.123.123", + "msg": "Automated upgrade about to start. Please save your work and log off before 6pm", + "rc": 0, + "runtime_seconds": 0.10118519999999999, + "sent_localtime": "Tuesday, June 29, 2021 5:19:08 AM", + "status": "CHANGED", + "wait": false + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * display_seconds: 60 +> * msg: Automated upgrade about to start. Please save your work and log off before 6pm +> * rc: 0 +> * runtime_seconds: 0.10118519999999999 +> * sent_localtime: Tuesday, June 29, 2021 5:19:08 AM +> * wait: False + + +### win-netbios +*** +Manage NetBIOS over TCP/IP settings on Windows. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_netbios_module.html + + +#### Base Command + +`win-netbios` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether NetBIOS should be enabled, disabled, or default (use setting from DHCP server or if static IP address is assigned enable NetBIOS). Possible values are: enabled, disabled, default. | Required | +| adapter_names | List of adapter names for which to manage NetBIOS settings. If this option is omitted then configuration is applied to all adapters on the system.
The adapter name used is the connection caption in the Network Control Panel or via `Get-NetAdapter`, eg `Ethernet 2`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinNetbios.reboot_required | boolean | Boolean value stating whether a system reboot is required. | + + +#### Command Example +```!win-netbios host="123.123.123.123" state="disabled" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinNetbios": { + "changed": false, + "host": "123.123.123.123", + "reboot_required": false, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * reboot_required: False + + +### win-nssm +*** +Install a service using NSSM +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_nssm_module.html + + +#### Base Command + +`win-nssm` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the service to operate on. | Required | +| state | State of the service on the system.
Values `started`, `stopped`, and `restarted` are deprecated since v2.8, please use the `win_service` module instead to start, stop or restart the service. Possible values are: absent, present, started, stopped, restarted. Default is present. | Optional | +| application | The application binary to run as a service
Required when `state` is `present`, `started`, `stopped`, or `restarted`. | Optional | +| executable | The location of the NSSM utility (in case it is not located in your PATH). Default is nssm.exe. | Optional | +| description | The description to set for the service. | Optional | +| display_name | The display name to set for the service. | Optional | +| working_directory | The working directory to run the service executable from (defaults to the directory containing the application binary). | Optional | +| stdout_file | Path to receive output. | Optional | +| stderr_file | Path to receive error output. | Optional | +| app_parameters | A string representing a dictionary of parameters to be passed to the application when it starts.
DEPRECATED since v2.8, please use `arguments` instead.
This is mutually exclusive with `arguments`. | Optional | +| arguments | Parameters to be passed to the application when it starts.
This can be either a simple string or a list.
This parameter was renamed from `app_parameters_free_form` in 2.8.
This is mutually exclusive with `app_parameters`. | Optional | +| dependencies | Service dependencies that has to be started to trigger startup, separated by comma.
DEPRECATED since v2.8, please use the `win_service` module instead. | Optional | +| user | User to be used for service startup.
DEPRECATED since v2.8, please use the `win_service` module instead. | Optional | +| password | Password to be used for service startup.
DEPRECATED since v2.8, please use the `win_service` module instead. | Optional | +| start_mode | If `auto` is selected, the service will start at bootup.
`delayed` causes a delayed but automatic start after boot (added in version 2.5).
`manual` means that the service will start only when another service needs it.
`disabled` means that the service will stay off, regardless if it is needed or not.
DEPRECATED since v2.8, please use the `win_service` module instead. Possible values are: auto, delayed, disabled, manual. Default is auto. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-nssm host="123.123.123.123" name="foo" application="C:/windows/system32/calc.exe" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinNssm": { + "changed": true, + "changed_by": "AppRotateBytes", + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * changed_by: AppRotateBytes + + +### win-optional-feature +*** +Manage optional Windows features +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_optional_feature_module.html + + +#### Base Command + +`win-optional-feature` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name(s) of the feature to install.
This relates to `FeatureName` in the Powershell cmdlet.
To list all available features use the PowerShell command `Get-WindowsOptionalFeature`. | Required | +| state | Whether to ensure the feature is absent or present on the system. Possible values are: absent, present. Default is present. | Optional | +| include_parent | Whether to enable the parent feature and the parent's dependencies. Possible values are: Yes, No. Default is No. | Optional | +| source | Specify a source to install the feature from.
Can either be `{driveletter}:\sources\sxs` or `\\{IP}\share\sources\sxs`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinOptionalFeature.reboot_required | boolean | True when the target server requires a reboot to complete updates | + + +#### Command Example +```!win-optional-feature host="123.123.123.123" name="TelnetClient" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinOptionalFeature": { + "changed": false, + "host": "123.123.123.123", + "reboot_required": false, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * reboot_required: False + + +### win-owner +*** +Set owner +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_owner_module.html + + +#### Base Command + +`win-owner` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to be used for changing owner. | Required | +| user | Name to be used for changing owner. | Required | +| recurse | Indicates if the owner should be changed recursively. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-owner host="123.123.123.123" path="C:/apache" user="fed-phil" recurse="True" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinOwner": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + + +### win-package +*** +Installs/uninstalls an installable package +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_package_module.html + + +#### Base Command + +`win-package` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| arguments | Any arguments the installer needs to either install or uninstall the package.
If the package is an MSI do not supply the `/qn`, `/log` or `/norestart` arguments.
As of Ansible 2.5, this parameter can be a list of arguments and the module will escape the arguments as necessary, it is recommended to use a string when dealing with MSI packages due to the unique escaping issues with msiexec. | Optional | +| chdir | Set the specified path as the current working directory before installing or uninstalling a package. | Optional | +| creates_path | Will check the existence of the path specified and use the result to determine whether the package is already installed.
You can use this in conjunction with `product_id` and other `creates_*`. | Optional | +| creates_service | Will check the existing of the service specified and use the result to determine whether the package is already installed.
You can use this in conjunction with `product_id` and other `creates_*`. | Optional | +| creates_version | Will check the file version property of the file at `creates_path` and use the result to determine whether the package is already installed.
`creates_path` MUST be set and is a file.
You can use this in conjunction with `product_id` and other `creates_*`. | Optional | +| expected_return_code | One or more return codes from the package installation that indicates success.
Before Ansible 2.4 this was just 0 but since Ansible 2.4 this is both `0` and `3010`.
A return code of `3010` usually means that a reboot is required, the `reboot_required` return value is set if the return code is `3010`. Default is [0, 3010]. | Optional | +| password | The password for `user_name`, must be set when `user_name` is. | Optional | +| path | Location of the package to be installed or uninstalled.
This package can either be on the local file system, network share or a url.
If the path is on a network share and the current WinRM transport doesn't support credential delegation, then `user_name` and `user_password` must be set to access the file.
There are cases where this file will be copied locally to the server so it can access it, see the notes for more info.
If `state=present` then this value MUST be set.
If `state=absent` then this value does not need to be set if `product_id` is. | Optional | +| product_id | The product id of the installed packaged.
This is used for checking whether the product is already installed and getting the uninstall information if `state=absent`.
You can find product ids for installed programs in the Windows registry editor either at `HKLM:Software\Microsoft\Windows\CurrentVersion\Uninstall` or for 32 bit programs at `HKLM:Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall`.
This SHOULD be set when the package is not an MSI, or the path is a url or a network share and credential delegation is not being used. The `creates_*` options can be used instead but is not recommended. | Optional | +| state | Whether to install or uninstall the package.
The module uses `product_id` and whether it exists at the registry path to see whether it needs to install or uninstall the package. Possible values are: absent, present. Default is present. | Optional | +| username | Username of an account with access to the package if it is located on a file share.
This is only needed if the WinRM transport is over an auth method that does not support credential delegation like Basic or NTLM. | Optional | +| validate_certs | If `no`, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
Before Ansible 2.4 this defaulted to `no`. Possible values are: Yes, No. Default is Yes. | Optional | +| log_path | Specifies the path to a log file that is persisted after an MSI package is installed or uninstalled.
When omitted, a temporary log file is used for MSI packages.
This is only valid for MSI files, use `arguments` for other package types. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinPackage.log | string | The contents of the MSI log. | +| MicrosoftWindows.WinPackage.rc | number | The return code of the package process. | +| MicrosoftWindows.WinPackage.reboot_required | boolean | Whether a reboot is required to finalise package. This is set to true if the executable return code is 3010. | +| MicrosoftWindows.WinPackage.stdout | string | The stdout stream of the package process. | +| MicrosoftWindows.WinPackage.stderr | string | The stderr stream of the package process. | + + + + +### win-pagefile +*** +Query or change pagefile configuration +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_pagefile_module.html + + +#### Base Command + +`win-pagefile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| drive | The drive of the pagefile. | Optional | +| initial_size | The initial size of the pagefile in megabytes. | Optional | +| maximum_size | The maximum size of the pagefile in megabytes. | Optional | +| override | Override the current pagefile on the drive. Possible values are: Yes, No. Default is Yes. | Optional | +| system_managed | Configures current pagefile to be managed by the system. Possible values are: Yes, No. Default is No. | Optional | +| automatic | Configures AutomaticManagedPagefile for the entire system. | Optional | +| remove_all | Remove all pagefiles in the system, not including automatic managed. Possible values are: Yes, No. Default is No. | Optional | +| test_path | Use Test-Path on the drive to make sure the drive is accessible before creating the pagefile. Possible values are: Yes, No. Default is Yes. | Optional | +| state | State of the pagefile. Possible values are: absent, present, query. Default is query. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinPagefile.automatic_managed_pagefiles | boolean | Whether the pagefiles is automatically managed. | +| MicrosoftWindows.WinPagefile.pagefiles | unknown | Contains caption, description, initial_size, maximum_size and name for each pagefile in the system. | + + +#### Command Example +```!win-pagefile host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPagefile": { + "automatic_managed_pagefiles": true, + "changed": false, + "host": "123.123.123.123", + "pagefiles": [], + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * automatic_managed_pagefiles: True +> * changed: False +> * ## Pagefiles + + +### win-partition +*** +Creates, changes and removes partitions on Windows Server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_partition_module.html + + +#### Base Command + +`win-partition` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Used to specify the state of the partition. Use `absent` to specify if a partition should be removed and `present` to specify if the partition should be created or updated. Possible values are: absent, present. Default is present. | Optional | +| drive_letter | Used for accessing partitions if `disk_number` and `partition_number` are not provided.
Use `auto` for automatically assigning a drive letter, or a letter A-Z for manually assigning a drive letter to a new partition. If not specified, no drive letter is assigned when creating a new partition. | Optional | +| disk_number | Disk number is mandatory for creating new partitions.
A combination of `disk_number` and `partition_number` can be used to specify the partition instead of `drive_letter` if required. | Optional | +| partition_number | Used in conjunction with `disk_number` to uniquely identify a partition. | Optional | +| partition_size | Specify size of the partition in B, KB, KiB, MB, MiB, GB, GiB, TB or TiB. Use -1 to specify maximum supported size.
Partition size is mandatory for creating a new partition but not for updating or deleting a partition.
The decimal SI prefixes kilo, mega, giga, tera, etc., are powers of 10^3 = 1000. The binary prefixes kibi, mebi, gibi, tebi, etc. respectively refer to the corresponding power of 2^10 = 1024. Thus, a gigabyte (GB) is 1000000000 (1000^3) bytes while 1 gibibyte (GiB) is 1073741824 (1024^3) bytes. | Optional | +| read_only | Make the partition read only, restricting changes from being made to the partition. | Optional | +| active | Specifies if the partition is active and can be used to start the system. This property is only valid when the disk's partition style is MBR. | Optional | +| hidden | Hides the target partition, making it undetectable by the mount manager. | Optional | +| offline | Sets the partition offline.
Adding a mount point (such as a drive letter) will cause the partition to go online again. | Optional | +| mbr_type | Specify the partition's MBR type if the disk's partition style is MBR.
This only applies to new partitions.
This does not relate to the partitions file system formatting. Possible values are: fat12, fat16, extended, huge, ifs, fat32. | Optional | +| gpt_type | Specify the partition's GPT type if the disk's partition style is GPT.
This only applies to new partitions.
This does not relate to the partitions file system formatting. Possible values are: system_partition, microsoft_reserved, basic_data, microsoft_recovery. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-partition host="123.123.123.123" drive_letter="F" partition_size="10 MB" disk_number="1"``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPartition": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + +### win-path +*** +Manage Windows path environment variables +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_path_module.html + + +#### Base Command + +`win-path` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Target path environment variable name. Default is PATH. | Optional | +| elements | A single path element, or a list of path elements (ie, directories) to add or remove.
When multiple elements are included in the list (and `state` is `present`), the elements are guaranteed to appear in the same relative order in the resultant path value.
Variable expansions (eg, `%VARNAME%`) are allowed, and are stored unexpanded in the target path element.
Any existing path elements not mentioned in `elements` are always preserved in their current order.
New path elements are appended to the path, and existing path elements may be moved closer to the end to satisfy the requested ordering.
Paths are compared in a case-insensitive fashion, and trailing backslashes are ignored for comparison purposes. However, note that trailing backslashes in YAML require quotes. | Required | +| state | Whether the path elements specified in `elements` should be present or absent. Possible values are: absent, present. | Optional | +| scope | The level at which the environment variable specified by `name` should be managed (either for the current user or global machine scope). Possible values are: machine, user. Default is machine. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-path host="123.123.123.123" elements="['%SystemRoot%\\\\system32', '%SystemRoot%\\\\system32\\\\WindowsPowerShell\\\\v1.0']" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPath": { + "changed": false, + "host": "123.123.123.123", + "path_value": "%SystemRoot%\\system32;%SystemRoot%;%SystemRoot%\\System32\\Wbem;%SYSTEMROOT%\\System32\\WindowsPowerShell\\v1.0\\;C:\\ProgramData\\chocolatey\\bin;['%SystemRoot%\\system32', '%SystemRoot%\\system32\\WindowsPowerShell\\v1.0'];C:\\Program Files\\Git\\cmd", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * path_value: %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\ProgramData\chocolatey\bin;['%SystemRoot%\system32', '%SystemRoot%\system32\WindowsPowerShell\v1.0'];C:\Program Files\Git\cmd + + +### win-pester +*** +Run Pester tests on Windows hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_pester_module.html + + +#### Base Command + +`win-pester` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Path to a pester test file or a folder where tests can be found.
If the path is a folder, the module will consider all ps1 files as Pester tests. | Required | +| tags | Runs only tests in Describe blocks with specified Tags values.
Accepts multiple comma separated tags. | Optional | +| test_parameters | Allows to specify parameters to the test script. | Optional | +| version | Minimum version of the pester module that has to be available on the remote host. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinPester.pester_version | string | Version of the pester module found on the remote host. | +| MicrosoftWindows.WinPester.output | unknown | Results of the Pester tests. | + + + + +### win-ping +*** +A windows version of the classic ping module +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_ping_module.html + + +#### Base Command + +`win-ping` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| data | Alternate data to return instead of 'pong'.
If this parameter is set to `crash`, the module will cause an exception. Default is pong. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinPing.ping | string | Value provided with the data parameter. | + + +#### Command Example +```!win-ping host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPing": { + "changed": false, + "host": "123.123.123.123", + "ping": "pong", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ping: pong + + +### win-power-plan +*** +Changes the power plan of a Windows system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_power_plan_module.html + + +#### Base Command + +`win-power-plan` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | String value that indicates the desired power plan.
The power plan must already be present on the system.
Commonly there will be options for `balanced` and `high performance`. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinPowerPlan.power_plan_name | string | Value of the intended power plan. | +| MicrosoftWindows.WinPowerPlan.power_plan_enabled | boolean | State of the intended power plan. | +| MicrosoftWindows.WinPowerPlan.all_available_plans | unknown | The name and enabled state of all power plans. | + + +#### Command Example +```!win-power-plan host="123.123.123.123" name="high performance" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPowerPlan": { + "all_available_plans": { + "Balanced": false, + "High performance": true, + "Power saver": false + }, + "changed": false, + "host": "123.123.123.123", + "power_plan_enabled": true, + "power_plan_name": "high performance", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * power_plan_enabled: True +> * power_plan_name: high performance +> * ## All_Available_Plans +> * Balanced: False +> * High performance: True +> * Power saver: False + + +### win-product-facts +*** +Provides Windows product and license information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_product_facts_module.html + + +#### Base Command + +`win-product-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinProductFacts.ansible_facts | unknown | Dictionary containing all the detailed information about the Windows product and license. | + + +#### Command Example +```!win-product-facts host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinProductFacts": { + "host": "123.123.123.123", + "os_license_channel": "Retail:TB:Eval", + "os_license_edition": "Windows(R), ServerStandardEval edition", + "os_license_status": "Licensed", + "os_product_id": "00378-00000-00000-AA739", + "os_product_key": "WD6GH-2TH8C-77QD4-8WVRH-9BVYG", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * os_license_channel: Retail:TB:Eval +> * os_license_edition: Windows(R), ServerStandardEval edition +> * os_license_status: Licensed +> * os_product_id: 00378-00000-00000-AA739 +> * os_product_key: WD6GH-2TH8C-77QD4-8WVRH-9BVYG + + +### win-psexec +*** +Runs commands (remotely) as another (privileged) user +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_psexec_module.html + + +#### Base Command + +`win-psexec` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| command | The command line to run through PsExec (limited to 260 characters). | Required | +| executable | The location of the PsExec utility (in case it is not located in your PATH). Default is psexec.exe. | Optional | +| extra_opts | Specify additional options to add onto the PsExec invocation.
This module was undocumented in older releases and will be removed in Ansible 2.10. | Optional | +| hostnames | The hostnames to run the command.
If not provided, the command is run locally. | Optional | +| username | The (remote) user to run the command as.
If not provided, the current user is used. | Optional | +| password | The password for the (remote) user to run the command as.
This is mandatory in order authenticate yourself. | Optional | +| chdir | Run the command from this (remote) directory. | Optional | +| nobanner | Do not display the startup banner and copyright message.
This only works for specific versions of the PsExec binary. Possible values are: Yes, No. Default is No. | Optional | +| noprofile | Run the command without loading the account's profile. Possible values are: Yes, No. Default is No. | Optional | +| elevated | Run the command with elevated privileges. Possible values are: Yes, No. Default is No. | Optional | +| interactive | Run the program so that it interacts with the desktop on the remote system. Possible values are: Yes, No. Default is No. | Optional | +| session | Specifies the session ID to use.
This parameter works in conjunction with `interactive`.
It has no effect when `interactive` is set to `no`. | Optional | +| limited | Run the command as limited user (strips the Administrators group and allows only privileges assigned to the Users group). Possible values are: Yes, No. Default is No. | Optional | +| system | Run the remote command in the System account. Possible values are: Yes, No. Default is No. | Optional | +| priority | Used to run the command at a different priority. Possible values are: abovenormal, background, belownormal, high, low, realtime. | Optional | +| timeout | The connection timeout in seconds. | Optional | +| wait | Wait for the application to terminate.
Only use for non-interactive applications. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinPsexec.cmd | string | The complete command line used by the module, including PsExec call and additional options. | +| MicrosoftWindows.WinPsexec.pid | number | The PID of the async process created by PsExec. | +| MicrosoftWindows.WinPsexec.rc | number | The return code for the command. | +| MicrosoftWindows.WinPsexec.stdout | string | The standard output from the command. | +| MicrosoftWindows.WinPsexec.stderr | string | The error output from the command. | + + +#### Command Example +```!win-psexec host="123.123.123.123" command="whoami.exe" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPsexec": { + "changed": true, + "delta": "0:00:01.375000", + "end": "2021-06-29 04:18:35.671487", + "host": "123.123.123.123", + "psexec_command": "psexec.exe -accepteula whoami.exe", + "rc": 0, + "start": "2021-06-29 04:18:34.296487", + "status": "CHANGED", + "stderr": "whoami.exe exited with error code 0.\r\n", + "stderr_lines": [ + "whoami.exe exited with error code 0." + ], + "stdout": "\r\nPsExec v2.34 - Execute processes remotely\r\nCopyright (C) 2001-2021 Mark Russinovich\r\nSysinternals - www.sysinternals.com\r\n\r\n", + "stdout_lines": [ + "", + "PsExec v2.34 - Execute processes remotely", + "Copyright (C) 2001-2021 Mark Russinovich", + "Sysinternals - www.sysinternals.com", + "" + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * delta: 0:00:01.375000 +> * end: 2021-06-29 04:18:35.671487 +> * psexec_command: psexec.exe -accepteula whoami.exe +> * rc: 0 +> * start: 2021-06-29 04:18:34.296487 +> * stderr: whoami.exe exited with error code 0. +> +> * stdout: +>PsExec v2.34 - Execute processes remotely +>Copyright (C) 2001-2021 Mark Russinovich +>Sysinternals - www.sysinternals.com +> +> +> * ## Stderr_Lines +> * 0: whoami.exe exited with error code 0. +> * ## Stdout_Lines +> * 0: +> * 1: PsExec v2.34 - Execute processes remotely +> * 2: Copyright (C) 2001-2021 Mark Russinovich +> * 3: Sysinternals - www.sysinternals.com +> * 0: + +### win-psmodule +*** +Adds or removes a Windows PowerShell module +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_psmodule_module.html + + +#### Base Command + +`win-psmodule` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the Windows PowerShell module that has to be installed. | Required | +| state | If `present` a new module is installed.
If `absent` a module is removed.
If `latest` a module is updated to the newest version. This option was added in version 2.8. Possible values are: absent, latest, present. Default is present. | Optional | +| required_version | The exact version of the PowerShell module that has to be installed. | Optional | +| minimum_version | The minimum version of the PowerShell module that has to be installed. | Optional | +| maximum_version | The maximum version of the PowerShell module that has to be installed. | Optional | +| allow_clobber | If `yes` allows install modules that contains commands those have the same names as commands that already exists. Possible values are: Yes, No. Default is No. | Optional | +| skip_publisher_check | If `yes`, allows you to install a different version of a module that already exists on your computer in the case when a different one is not digitally signed by a trusted publisher and the newest existing module is digitally signed by a trusted publisher. Possible values are: Yes, No. Default is No. | Optional | +| allow_prerelease | If `yes` installs modules marked as prereleases.
It doesn't work with the parameters `minimum_version` and/or `maximum_version`.
It doesn't work with the `state` set to absent. Possible values are: Yes, No. Default is No. | Optional | +| repository | Name of the custom repository to use. | Optional | +| url | URL of the custom repository to register.
This option is deprecated and will be removed in Ansible 2.12. Use the `win_psrepository` module instead. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinPsmodule.output | string | A message describing the task result. | +| MicrosoftWindows.WinPsmodule.nuget_changed | boolean | True when Nuget package provider is installed. | +| MicrosoftWindows.WinPsmodule.repository_changed | boolean | True when a custom repository is installed or removed. | + + +#### Command Example +```!win-psmodule host="123.123.123.123" name="PowerShellModule" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPsmodule": { + "changed": false, + "host": "123.123.123.123", + "nuget_changed": false, + "output": "Module PowerShellModule already present", + "repository_changed": false, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * nuget_changed: False +> * output: Module PowerShellModule already present +> * repository_changed: False + + +### win-psrepository +*** +Adds, removes or updates a Windows PowerShell repository. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_psrepository_module.html + + +#### Base Command + +`win-psrepository` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the repository to work with. | Required | +| source | Specifies the URI for discovering and installing modules from this repository.
A URI can be a NuGet server feed (most common situation), HTTP, HTTPS, FTP or file location. | Optional | +| state | If `present` a new repository is added or updated.
If `absent` a repository is removed. Possible values are: absent, present. Default is present. | Optional | +| installation_policy | Sets the `InstallationPolicy` of a repository.
Will default to `trusted` when creating a new repository. Possible values are: trusted, untrusted. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-psrepository host="123.123.123.123" name="PSGallery" state="present"``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPsrepository": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + + +### win-rabbitmq-plugin +*** +Manage RabbitMQ plugins +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rabbitmq_plugin_module.html + + +#### Base Command + +`win-rabbitmq-plugin` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| names | Comma-separated list of plugin names. | Required | +| new_only | Only enable missing plugins.
Does not disable plugins that are not in the names list. Possible values are: Yes, No. Default is No. | Optional | +| state | Specify if plugins are to be enabled or disabled. Possible values are: disabled, enabled. Default is enabled. | Optional | +| prefix | Specify a custom install prefix to a Rabbit. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinRabbitmqPlugin.enabled | unknown | List of plugins enabled during task run. | +| MicrosoftWindows.WinRabbitmqPlugin.disabled | unknown | List of plugins disabled during task run. | + + + + +### win-rds-cap +*** +Manage Connection Authorization Policies (CAP) on a Remote Desktop Gateway server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rds_cap_module.html + + +#### Base Command + +`win-rds-cap` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the connection authorization policy. | Required | +| state | The state of connection authorization policy.
If `absent` will ensure the policy is removed.
If `present` will ensure the policy is configured and exists.
If `enabled` will ensure the policy is configured, exists and enabled.
If `disabled` will ensure the policy is configured, exists, but disabled. Possible values are: absent, enabled, disabled, present. Default is present. | Optional | +| auth_method | Specifies how the RD Gateway server authenticates users.
When a new CAP is created, the default value is `password`. Possible values are: both, none, password, smartcard. | Optional | +| order | Evaluation order of the policy.
The CAP in which `order` is set to a value of '1' is evaluated first.
By default, a newly created CAP will take the first position.
If the given value exceed the total number of existing policies, the policy will take the last position but the evaluation order will be capped to this number. | Optional | +| session_timeout | The maximum time, in minutes, that a session can be idle.
A value of zero disables session timeout. | Optional | +| session_timeout_action | The action the server takes when a session times out.
`disconnect`: disconnect the session.
`reauth`: silently reauthenticate and reauthorize the session. Possible values are: disconnect, reauth. Default is disconnect. | Optional | +| idle_timeout | Specifies the time interval, in minutes, after which an idle session is disconnected.
A value of zero disables idle timeout. | Optional | +| allow_only_sdrts_servers | Specifies whether connections are allowed only to Remote Desktop Session Host servers that enforce Remote Desktop Gateway redirection policy. | Optional | +| user_groups | A list of user groups that is allowed to connect to the Remote Gateway server.
Required when a new CAP is created. | Optional | +| computer_groups | A list of computer groups that is allowed to connect to the Remote Gateway server. | Optional | +| redirect_clipboard | Allow clipboard redirection. | Optional | +| redirect_drives | Allow disk drive redirection. | Optional | +| redirect_printers | Allow printers redirection. | Optional | +| redirect_serial | Allow serial port redirection. | Optional | +| redirect_pnp | Allow Plug and Play devices redirection. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-rds-rap +*** +Manage Resource Authorization Policies (RAP) on a Remote Desktop Gateway server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rds_rap_module.html + + +#### Base Command + +`win-rds-rap` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the resource authorization policy. | Required | +| state | The state of resource authorization policy.
If `absent` will ensure the policy is removed.
If `present` will ensure the policy is configured and exists.
If `enabled` will ensure the policy is configured, exists and enabled.
If `disabled` will ensure the policy is configured, exists, but disabled. Possible values are: absent, disabled, enabled, present. Default is present. | Optional | +| description | Optional description of the resource authorization policy. | Optional | +| user_groups | List of user groups that are associated with this resource authorization policy (RAP). A user must belong to one of these groups to access the RD Gateway server.
Required when a new RAP is created. | Optional | +| allowed_ports | List of port numbers through which connections are allowed for this policy.
To allow connections through any port, specify 'any'. | Optional | +| computer_group_type | The computer group type:
`rdg_group`: RD Gateway-managed group
`ad_network_resource_group`: Active Directory Domain Services network resource group
`allow_any`: Allow users to connect to any network resource. Possible values are: rdg_group, ad_network_resource_group, allow_any. | Optional | +| computer_group | The computer group name that is associated with this resource authorization policy (RAP).
This is required when `computer_group_type` is `rdg_group` or `ad_network_resource_group`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-rds-settings +*** +Manage main settings of a Remote Desktop Gateway server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_rds_settings_module.html + + +#### Base Command + +`win-rds-settings` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| certificate_hash | Certificate hash (thumbprint) for the Remote Desktop Gateway server. The certificate hash is the unique identifier for the certificate. | Optional | +| max_connections | The maximum number of connections allowed.
If set to `0`, no new connections are allowed.
If set to `-1`, the number of connections is unlimited. | Optional | +| ssl_bridging | Specifies whether to use SSL Bridging.
`none`: no SSL bridging.
`https_http`: HTTPS-HTTP bridging.
`https_https`: HTTPS-HTTPS bridging. Possible values are: https_http, https_https, none. | Optional | +| enable_only_messaging_capable_clients | If enabled, only clients that support logon messages and administrator messages can connect. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-reboot +*** +Reboot a windows machine +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_reboot_module.html + + +#### Base Command + +`win-reboot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| pre_reboot_delay | Seconds to wait before reboot. Passed as a parameter to the reboot command. Default is 2. | Optional | +| post_reboot_delay | Seconds to wait after the reboot command was successful before attempting to validate the system rebooted successfully.
This is useful if you want wait for something to settle despite your connection already working. Default is 0. | Optional | +| shutdown_timeout | Maximum seconds to wait for shutdown to occur.
Increase this timeout for very slow hardware, large update applications, etc.
This option has been removed since Ansible 2.5 as the win_reboot behavior has changed. Default is 600. | Optional | +| reboot_timeout | Maximum seconds to wait for machine to re-appear on the network and respond to a test command.
This timeout is evaluated separately for both reboot verification and test command success so maximum clock time is actually twice this value. Default is 600. | Optional | +| connect_timeout | Maximum seconds to wait for a single successful TCP connection to the WinRM endpoint before trying again. Default is 5. | Optional | +| test_command | Command to expect success for to determine the machine is ready for management. Default is whoami. | Optional | +| msg | Message to display to users. Default is Reboot initiated by Ansible. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinReboot.rebooted | boolean | True if the machine was rebooted. | +| MicrosoftWindows.WinReboot.elapsed | unknown | The number of seconds that elapsed waiting for the system to be rebooted. | + + +#### Command Example +```!win-reboot host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinPsrepository": { + "changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False + +### win-reg-stat +*** +Get information about Windows registry keys +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_reg_stat_module.html + + +#### Base Command + +`win-reg-stat` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The full registry key path including the hive to search for. | Required | +| name | The registry property name to get information for, the return json will not include the sub_keys and properties entries for the `key` specified.
Set to an empty string to target the registry key's `(Default`) property value. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinRegStat.changed | boolean | Whether anything was changed. | +| MicrosoftWindows.WinRegStat.exists | boolean | States whether the registry key/property exists. | +| MicrosoftWindows.WinRegStat.properties | unknown | A dictionary containing all the properties and their values in the registry key. | +| MicrosoftWindows.WinRegStat.sub_keys | unknown | A list of all the sub keys of the key specified. | +| MicrosoftWindows.WinRegStat.raw_value | string | Returns the raw value of the registry property, REG_EXPAND_SZ has no string expansion, REG_BINARY or REG_NONE is in hex 0x format. REG_NONE, this value is a hex string in the 0x format. | +| MicrosoftWindows.WinRegStat.type | string | The property type. | +| MicrosoftWindows.WinRegStat.value | string | The value of the property. | + + +#### Command Example +```!win-reg-stat host="123.123.123.123" path="HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinRegStat": { + "changed": false, + "exists": true, + "host": "123.123.123.123", + "properties": { + "CommonFilesDir": { + "raw_value": "C:\\Program Files\\Common Files", + "type": "REG_SZ", + "value": "C:\\Program Files\\Common Files" + }, + "CommonFilesDir (x86)": { + "raw_value": "C:\\Program Files (x86)\\Common Files", + "type": "REG_SZ", + "value": "C:\\Program Files (x86)\\Common Files" + }, + "CommonW6432Dir": { + "raw_value": "C:\\Program Files\\Common Files", + "type": "REG_SZ", + "value": "C:\\Program Files\\Common Files" + }, + "DevicePath": { + "raw_value": "%SystemRoot%\\inf", + "type": "REG_EXPAND_SZ", + "value": "C:\\Windows\\inf" + }, + "MediaPathUnexpanded": { + "raw_value": "%SystemRoot%\\Media", + "type": "REG_EXPAND_SZ", + "value": "C:\\Windows\\Media" + }, + "ProgramFilesDir": { + "raw_value": "C:\\Program Files", + "type": "REG_SZ", + "value": "C:\\Program Files" + }, + "ProgramFilesDir (x86)": { + "raw_value": "C:\\Program Files (x86)", + "type": "REG_SZ", + "value": "C:\\Program Files (x86)" + }, + "ProgramFilesPath": { + "raw_value": "%ProgramFiles%", + "type": "REG_EXPAND_SZ", + "value": "C:\\Program Files" + }, + "ProgramW6432Dir": { + "raw_value": "C:\\Program Files", + "type": "REG_SZ", + "value": "C:\\Program Files" + }, + "SM_ConfigureProgramsName": { + "raw_value": "Set Program Access and Defaults", + "type": "REG_SZ", + "value": "Set Program Access and Defaults" + }, + "SM_GamesName": { + "raw_value": "Games", + "type": "REG_SZ", + "value": "Games" + } + }, + "status": "SUCCESS", + "sub_keys": [ + "AccountPicture", + "ActionCenter" + ] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * exists: True +> * ## Properties +> * ### Commonfilesdir +> * raw_value: C:\Program Files\Common Files +> * type: REG_SZ +> * value: C:\Program Files\Common Files +> * ### Commonfilesdir (X86) +> * raw_value: C:\Program Files (x86)\Common Files +> * type: REG_SZ +> * value: C:\Program Files (x86)\Common Files +> * ### Commonw6432Dir +> * raw_value: C:\Program Files\Common Files +> * type: REG_SZ +> * value: C:\Program Files\Common Files +> * ### Devicepath +> * raw_value: %SystemRoot%\inf +> * type: REG_EXPAND_SZ +> * value: C:\Windows\inf +> * ### Mediapathunexpanded +> * raw_value: %SystemRoot%\Media +> * type: REG_EXPAND_SZ +> * value: C:\Windows\Media +> * ### Programfilesdir +> * raw_value: C:\Program Files +> * type: REG_SZ +> * value: C:\Program Files +> * ### Programfilesdir (X86) +> * raw_value: C:\Program Files (x86) +> * type: REG_SZ +> * value: C:\Program Files (x86) +> * ### Programfilespath +> * raw_value: %ProgramFiles% +> * type: REG_EXPAND_SZ +> * value: C:\Program Files +> * ### Programw6432Dir +> * raw_value: C:\Program Files +> * type: REG_SZ +> * value: C:\Program Files +> * ### Sm_Configureprogramsname +> * raw_value: Set Program Access and Defaults +> * type: REG_SZ +> * value: Set Program Access and Defaults +> * ### Sm_Gamesname +> * raw_value: Games +> * type: REG_SZ +> * value: Games +> * ## Sub_Keys +> * 0: AccountPicture +> * 1: ActionCenter + + +### win-regedit +*** +Add, change, or remove registry keys and values +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_regedit_module.html + + +#### Base Command + +`win-regedit` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | Name of the registry path.
Should be in one of the following registry hives: HKCC, HKCR, HKCU, HKLM, HKU. | Required | +| name | Name of the registry entry in the above `path` parameters.
If not provided, or empty then the '(Default)' property for the key will be used. | Optional | +| data | Value of the registry entry `name` in `path`.
If not specified then the value for the property will be null for the corresponding `type`.
Binary and None data should be expressed in a yaml byte array or as comma separated hex values.
An easy way to generate this is to run `regedit.exe` and use the `export` option to save the registry values to a file.
In the exported file, binary value will look like `hex:be,ef,be,ef`, the `hex:` prefix is optional.
DWORD and QWORD values should either be represented as a decimal number or a hex value.
Multistring values should be passed in as a list.
See the examples for more details on how to format this data. | Optional | +| type | The registry value data type. Possible values are: binary, dword, expandstring, multistring, string, qword. Default is string. | Optional | +| state | The state of the registry entry. Possible values are: absent, present. Default is present. | Optional | +| delete_key | When `state` is 'absent' then this will delete the entire key.
If `no` then it will only clear out the '(Default)' property for that key. Possible values are: Yes, No. Default is Yes. | Optional | +| hive | A path to a hive key like C:\Users\Default\NTUSER.DAT to load in the registry.
This hive is loaded under the HKLM:\ANSIBLE key which can then be used in `name` like any other path.
This can be used to load the default user profile registry hive or any other hive saved as a file.
Using this function requires the user to have the `SeRestorePrivilege` and `SeBackupPrivilege` privileges enabled. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinRegedit.data_changed | boolean | Whether this invocation changed the data in the registry value. | +| MicrosoftWindows.WinRegedit.data_type_changed | boolean | Whether this invocation changed the datatype of the registry value. | + + +#### Command Example +```!win-regedit host="123.123.123.123" path="HKCU:\\Software\\MyCompany" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinRegedit": { + "changed": false, + "data_changed": false, + "data_type_changed": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * data_changed: False +> * data_type_changed: False + + +### win-region +*** +Set the region and format settings +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_region_module.html + + +#### Base Command + +`win-region` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| location | The location to set for the current user, see `https://msdn.microsoft.com/en-us/library/dd374073.aspx` for a list of GeoIDs you can use and what location it relates to.
This needs to be set if `format` or `unicode_language` is not set. | Optional | +| format | The language format to set for the current user, see `https://msdn.microsoft.com/en-us/library/system.globalization.cultureinfo.aspx` for a list of culture names to use.
This needs to be set if `location` or `unicode_language` is not set. | Optional | +| unicode_language | The unicode language format to set for all users, see `https://msdn.microsoft.com/en-us/library/system.globalization.cultureinfo.aspx` for a list of culture names to use.
This needs to be set if `location` or `format` is not set. After setting this value a reboot is required for it to take effect. | Optional | +| copy_settings | This will copy the current format and location values to new user profiles and the welcome screen. This will only run if `location`, `format` or `unicode_language` has resulted in a change. If this process runs then it will always result in a change. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinRegion.restart_required | boolean | Whether a reboot is required for the change to take effect. | + + +#### Command Example +```!win-region host="123.123.123.123" format="en-US" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinRegion": { + "changed": false, + "host": "123.123.123.123", + "restart_required": false, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * restart_required: False + + +### win-regmerge +*** +Merges the contents of a registry file into the Windows registry +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_regmerge_module.html + + +#### Base Command + +`win-regmerge` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The full path including file name to the registry file on the remote machine to be merged. | Required | +| compare_key | The parent key to use when comparing the contents of the registry to the contents of the file. Needs to be in HKLM or HKCU part of registry. Use a PS-Drive style path for example HKLM:\SOFTWARE not HKEY_LOCAL_MACHINE\SOFTWARE If not supplied, or the registry key is not found, no comparison will be made, and the module will report changed. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinRegmerge.compare_to_key_found | boolean | whether the parent registry key has been found for comparison | +| MicrosoftWindows.WinRegmerge.difference_count | number | number of differences between the registry and the file | +| MicrosoftWindows.WinRegmerge.compared | boolean | whether a comparison has taken place between the registry and the file | + + +#### Command Example +```!win-regmerge host="123.123.123.123" path="C:/temp/firefox.reg" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinRegmerge": { + "changed": true, + "compared": false, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * compared: False + + +### win-robocopy +*** +Synchronizes the contents of two directories using Robocopy +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_robocopy_module.html + + +#### Base Command + +`win-robocopy` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| src | Source file/directory to sync. | Required | +| dest | Destination file/directory to sync (Will receive contents of src). | Required | +| recurse | Includes all subdirectories (Toggles the `/e` flag to RoboCopy).
If `flags` is set, this will be ignored. Possible values are: Yes, No. Default is No. | Optional | +| purge | Deletes any files/directories found in the destination that do not exist in the source.
Toggles the `/purge` flag to RoboCopy.
If `flags` is set, this will be ignored. Possible values are: Yes, No. Default is No. | Optional | +| flags | Directly supply Robocopy flags.
If set, `purge` and `recurse` will be ignored. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinRobocopy.cmd | string | The used command line. | +| MicrosoftWindows.WinRobocopy.src | string | The Source file/directory of the sync. | +| MicrosoftWindows.WinRobocopy.dest | string | The Destination file/directory of the sync. | +| MicrosoftWindows.WinRobocopy.recurse | boolean | Whether or not the recurse flag was toggled. | +| MicrosoftWindows.WinRobocopy.purge | boolean | Whether or not the purge flag was toggled. | +| MicrosoftWindows.WinRobocopy.flags | string | Any flags passed in by the user. | +| MicrosoftWindows.WinRobocopy.rc | number | The return code returned by robocopy. | +| MicrosoftWindows.WinRobocopy.output | string | The output of running the robocopy command. | +| MicrosoftWindows.WinRobocopy.msg | string | Output interpreted into a concise message. | + + +#### Command Example +```!win-robocopy host="123.123.123.123" "src"="C:/temp" dest="C:/temp2" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinRobocopy": { + "changed": true, + "cmd": " C:/temp C:/temp2", + "dest": "C:/temp2", + "flags": null, + "host": "123.123.123.123", + "msg": "Files copied successfully!", + "output": [ + "", + "-------------------------------------------------------------------------------", + " ROBOCOPY :: Robust File Copy for Windows ", + "-------------------------------------------------------------------------------", + "", + " Started : Tuesday, June 29, 2021 5:22:01 AM", + " Source : C:\\temp\\", + " Dest : C:\\temp2\\", + "", + " Files : *.*", + "\t ", + " Options : *.* /DCOPY:DA /COPY:DAT /R:1000000 /W:30 ", + "", + "------------------------------------------------------------------------------", + "", + "\t 6\tC:\\temp\\", + "\t New File \t\t 4708\tcert.pem", + " 0% ", + "100% ", + "\t New File \t\t 45108\tearthrise.jpg", + " 0% ", + "100% ", + "\t New File \t\t 32256\tExecutable.exe", + " 0% ", + "100% ", + "\t New File \t\t 11\tfile.txt", + " 0% ", + "100% ", + "\t New File \t\t 446\tfirefox.reg", + " 0% ", + "100% ", + "\t New File \t\t 0\tfoo.conf", + "100% ", + "", + "------------------------------------------------------------------------------", + "", + " Total Copied Skipped Mismatch FAILED Extras", + " Dirs : 1 0 1 0 0 0", + " Files : 6 6 0 0 0 0", + " Bytes : 80.5 k 80.5 k 0 0 0 0", + " Times : 0:00:00 0:00:00 0:00:00 0:00:00", + "", + "", + " Speed : 5894928 Bytes/sec.", + " Speed : 337.310 MegaBytes/min.", + " Ended : Tuesday, June 29, 2021 5:22:01 AM", + "" + ], + "purge": false, + "rc": 1, + "recurse": false, + "return_code": 1, + "src": "C:/temp", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * cmd: C:/temp C:/temp2 +> * dest: C:/temp2 +> * flags: None +> * msg: Files copied successfully! +> * purge: False +> * rc: 1 +> * recurse: False +> * return_code: 1 +> * src: C:/temp +> * ## Output +> * 0: +> * 1: ------------------------------------------------------------------------------- +> * 2: ROBOCOPY :: Robust File Copy for Windows +> * 1: ------------------------------------------------------------------------------- +> * 0: +> * 5: Started : Tuesday, June 29, 2021 5:22:01 AM +> * 6: Source : C:\temp\ +> * 7: Dest : C:\temp2\ +> * 0: +> * 9: Files : *.* +> * 10: +> * 11: Options : *.* /DCOPY:DA /COPY:DAT /R:1000000 /W:30 +> * 0: +> * 13: ------------------------------------------------------------------------------ +> * 0: +> * 15: 6 C:\temp\ +> * 16: New File 4708 cert.pem +> * 17: 0% +> * 18: 100% +> * 19: New File 45108 earthrise.jpg +> * 17: 0% +> * 18: 100% +> * 22: New File 32256 Executable.exe +> * 17: 0% +> * 18: 100% +> * 25: New File 11 file.txt +> * 17: 0% +> * 18: 100% +> * 28: New File 446 firefox.reg +> * 17: 0% +> * 18: 100% +> * 31: New File 0 foo.conf +> * 18: 100% +> * 0: +> * 13: ------------------------------------------------------------------------------ +> * 0: +> * 36: Total Copied Skipped Mismatch FAILED Extras +> * 37: Dirs : 1 0 1 0 0 0 +> * 38: Files : 6 6 0 0 0 0 +> * 39: Bytes : 80.5 k 80.5 k 0 0 0 0 +> * 40: Times : 0:00:00 0:00:00 0:00:00 0:00:00 +> * 0: +> * 0: +> * 43: Speed : 5894928 Bytes/sec. +> * 44: Speed : 337.310 MegaBytes/min. +> * 45: Ended : Tuesday, June 29, 2021 5:22:01 AM +> * 0: + + +### win-route +*** +Add or remove a static route +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_route_module.html + + +#### Base Command + +`win-route` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| destination | Destination IP address in CIDR format (ip address/prefix length). | Required | +| gateway | The gateway used by the static route.
If `gateway` is not provided it will be set to `0.0.0.0`. | Optional | +| metric | Metric used by the static route. Default is 1. | Optional | +| state | If `absent`, it removes a network static route.
If `present`, it adds a network static route. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinRoute.output | string | A message describing the task result. | + + +#### Command Example +```!win-route host="123.123.123.123" destination="192.168.2.10/32" gateway="192.168.1.1" metric="1" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinRoute": { + "changed": false, + "host": "123.123.123.123", + "output": "Static route already exists", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * output: Static route already exists + + +### win-say +*** +Text to speech module for Windows to speak messages and optionally play sounds +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_say_module.html + + +#### Base Command + +`win-say` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| msg | The text to be spoken.
Use either `msg` or `msg_file`.
Optional so that you can use this module just to play sounds. | Optional | +| msg_file | Full path to a windows format text file containing the text to be spoken.
Use either `msg` or `msg_file`.
Optional so that you can use this module just to play sounds. | Optional | +| voice | Which voice to use. See notes for how to discover installed voices.
If the requested voice is not available the default voice will be used. Example voice names from Windows 10 are `Microsoft Zira Desktop` and `Microsoft Hazel Desktop`. | Optional | +| speech_speed | How fast or slow to speak the text.
Must be an integer value in the range -10 to 10.
-10 is slowest, 10 is fastest. Default is 0. | Optional | +| start_sound_path | Full path to a `.wav` file containing a sound to play before the text is spoken.
Useful on conference calls to alert other speakers that ansible has something to say. | Optional | +| end_sound_path | Full path to a `.wav` file containing a sound to play after the text has been spoken.
Useful on conference calls to alert other speakers that ansible has finished speaking. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinSay.message_text | string | The text that the module attempted to speak. | +| MicrosoftWindows.WinSay.voice | string | The voice used to speak the text. | +| MicrosoftWindows.WinSay.voice_info | string | The voice used to speak the text. | + + +#### Command Example +```!win-say host="123.123.123.123" msg="Warning, deployment commencing in 5 minutes, please log out." ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinSay": { + "changed": false, + "host": "123.123.123.123", + "message_text": "Warning, deployment commencing in 5 minutes, please log out.", + "status": "SUCCESS", + "voice": "Microsoft Zira Desktop" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * message_text: Warning, deployment commencing in 5 minutes, please log out. +> * voice: Microsoft Zira Desktop + + +### win-scheduled-task +*** +Manage scheduled tasks +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_scheduled_task_module.html + + +#### Base Command + +`win-scheduled-task` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the scheduled task without the path. | Required | +| path | Task folder in which this task will be stored.
Will create the folder when `state=present` and the folder does not already exist.
Will remove the folder when `state=absent` and there are no tasks left in the folder. Default is \. | Optional | +| state | When `state=present` will ensure the task exists.
When `state=absent` will ensure the task does not exist. Possible values are: absent, present. Default is present. | Optional | +| actions | A list of action to configure for the task.
See suboptions for details on how to construct each list entry.
When creating a task there MUST be at least one action but when deleting a task this can be a null or an empty list.
The ordering of this list is important, the module will ensure the order is kept when modifying the task.
This module only supports the `ExecAction` type but can still delete the older legacy types. | Optional | +| triggers | A list of triggers to configure for the task.
See suboptions for details on how to construct each list entry.
The ordering of this list is important, the module will ensure the order is kept when modifying the task.
There are multiple types of triggers, see `https://msdn.microsoft.com/en-us/library/windows/desktop/aa383868.aspx` for a list of trigger types and their options.
The suboption options listed below are not required for all trigger types, read the description for more details. | Optional | +| display_name | The name of the user/group that is displayed in the Task Scheduler UI. | Optional | +| group | The group that will run the task.
`group` and `username` are exclusive to each other and cannot be set at the same time.
`logon_type` can either be not set or equal `group`. | Optional | +| logon_type | The logon method that the task will run with.
`password` means the password will be stored and the task has access to network resources.
`s4u` means the existing token will be used to run the task and no password will be stored with the task. Means no network or encrypted files access.
`interactive_token` means the user must already be logged on interactively and will run in an existing interactive session.
`group` means that the task will run as a group.
`service_account` means that a service account like System, Local Service or Network Service will run the task. Possible values are: none, password, s4u, interactive_token, group, service_account, token_or_password. | Optional | +| run_level | The level of user rights used to run the task.
If not specified the task will be created with limited rights. Possible values are: limited, highest. | Optional | +| username | The user to run the scheduled task as.
Will default to the current user under an interactive token if not specified during creation. | Optional | +| password | The password for the user account to run the scheduled task as.
This is required when running a task without the user being logged in, excluding the builtin service accounts and Group Managed Service Accounts (gMSA).
If set, will always result in a change unless `update_password` is set to `no` and no other changes are required for the service. | Optional | +| update_password | Whether to update the password even when not other changes have occurred.
When `yes` will always result in a change when executing the module. Possible values are: Yes, No. Default is Yes. | Optional | +| author | The author of the task. | Optional | +| date | The date when the task was registered. | Optional | +| description | The description of the task. | Optional | +| source | The source of the task. | Optional | +| version | The version number of the task. | Optional | +| allow_demand_start | Whether the task can be started by using either the Run command or the Context menu. | Optional | +| allow_hard_terminate | Whether the task can be terminated by using TerminateProcess. | Optional | +| compatibility | The integer value with indicates which version of Task Scheduler a task is compatible with.
`0` means the task is compatible with the AT command.
`1` means the task is compatible with Task Scheduler 1.0.
`2` means the task is compatible with Task Scheduler 2.0. Possible values are: 0, 1, 2. | Optional | +| delete_expired_task_after | The amount of time that the Task Scheduler will wait before deleting the task after it expires.
A task expires after the end_boundary has been exceeded for all triggers associated with the task.
This is in the ISO 8601 Duration format `P[n]Y[n]M[n]DT[n]H[n]M[n]S`. | Optional | +| disallow_start_if_on_batteries | Whether the task will not be started if the computer is running on battery power. | Optional | +| enabled | Whether the task is enabled, the task can only run when `yes`. | Optional | +| execution_time_limit | The amount of time allowed to complete the task.
When not set, the time limit is infinite.
This is in the ISO 8601 Duration format `P[n]Y[n]M[n]DT[n]H[n]M[n]S`. | Optional | +| hidden | Whether the task will be hidden in the UI. | Optional | +| multiple_instances | An integer that indicates the behaviour when starting a task that is already running.
`0` will start a new instance in parallel with existing instances of that task.
`1` will wait until other instances of that task to finish running before starting itself.
`2` will not start a new instance if another is running.
`3` will stop other instances of the task and start the new one. Possible values are: 0, 1, 2, 3. | Optional | +| priority | The priority level (0-10) of the task.
When creating a new task the default is `7`.
See `https://msdn.microsoft.com/en-us/library/windows/desktop/aa383512.aspx` for details on the priority levels. | Optional | +| restart_count | The number of times that the Task Scheduler will attempt to restart the task. | Optional | +| restart_interval | How long the Task Scheduler will attempt to restart the task.
If this is set then `restart_count` must also be set.
The maximum allowed time is 31 days.
The minimum allowed time is 1 minute.
This is in the ISO 8601 Duration format `P[n]Y[n]M[n]DT[n]H[n]M[n]S`. | Optional | +| run_only_if_idle | Whether the task will run the task only if the computer is in an idle state. | Optional | +| run_only_if_network_available | Whether the task will run only when a network is available. | Optional | +| start_when_available | Whether the task can start at any time after its scheduled time has passed. | Optional | +| stop_if_going_on_batteries | Whether the task will be stopped if the computer begins to run on battery power. | Optional | +| wake_to_run | Whether the task will wake the computer when it is time to run the task. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-scheduled-task host="123.123.123.123" name="TaskName" description="open command prompt" actions="[{'path': 'cmd.exe', 'arguments': '/c hostname'}, {'path': 'cmd.exe', 'arguments': '/c whoami'}]" triggers="[{'type': 'daily', 'start_boundary': '2017-10-09T09:00:00'}]" username="SYSTEM" state="present" enabled="True" ``` + +#### Human Readable Output + +>null + +### win-scheduled-task-stat +*** +Get information about Windows Scheduled Tasks +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_scheduled_task_stat_module.html + + +#### Base Command + +`win-scheduled-task-stat` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The folder path where the task lives. Default is \. | Optional | +| name | The name of the scheduled task to get information for.
If `name` is set and exists, will return information on the task itself. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinScheduledTaskStat.actions | unknown | A list of actions. | +| MicrosoftWindows.WinScheduledTaskStat.folder_exists | boolean | Whether the folder set at path exists. | +| MicrosoftWindows.WinScheduledTaskStat.folder_task_count | number | The number of tasks that exist in the folder. | +| MicrosoftWindows.WinScheduledTaskStat.folder_task_names | unknown | A list of tasks that exist in the folder. | +| MicrosoftWindows.WinScheduledTaskStat.principal | unknown | Details on the principal configured to run the task. | +| MicrosoftWindows.WinScheduledTaskStat.registration_info | unknown | Details on the task registration info. | +| MicrosoftWindows.WinScheduledTaskStat.settings | unknown | Details on the task settings. | +| MicrosoftWindows.WinScheduledTaskStat.state | unknown | Details on the state of the task | +| MicrosoftWindows.WinScheduledTaskStat.task_exists | boolean | Whether the task at the folder exists. | +| MicrosoftWindows.WinScheduledTaskStat.triggers | unknown | A list of triggers. | + + +#### Command Example +```!win-scheduled-task-stat host="123.123.123.123" path="\\folder name" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinScheduledTaskStat": { + "changed": false, + "folder_exists": false, + "host": "123.123.123.123", + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * folder_exists: False + + +### win-security-policy +*** +Change local security policy settings +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_security_policy_module.html + + +#### Base Command + +`win-security-policy` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| section | The ini section the key exists in.
If the section does not exist then the module will return an error.
Example sections to use are 'Account Policies', 'Local Policies', 'Event Log', 'Restricted Groups', 'System Services', 'Registry' and 'File System'
If wanting to edit the `Privilege Rights` section, use the `win_user_right` module instead. | Required | +| key | The ini key of the section or policy name to modify.
The module will return an error if this key is invalid. | Required | +| value | The value for the ini key or policy name.
If the key takes in a boolean value then 0 = False and 1 = True. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinSecurityPolicy.rc | number | The return code after a failure when running SecEdit.exe. | +| MicrosoftWindows.WinSecurityPolicy.stdout | string | The output of the STDOUT buffer after a failure when running SecEdit.exe. | +| MicrosoftWindows.WinSecurityPolicy.stderr | string | The output of the STDERR buffer after a failure when running SecEdit.exe. | +| MicrosoftWindows.WinSecurityPolicy.import_log | string | The log of the SecEdit.exe /configure job that configured the local policies. This is used for debugging purposes on failures. | +| MicrosoftWindows.WinSecurityPolicy.key | string | The key in the section passed to the module to modify. | +| MicrosoftWindows.WinSecurityPolicy.section | string | The section passed to the module to modify. | +| MicrosoftWindows.WinSecurityPolicy.value | string | The value passed to the module to modify to. | + + +#### Command Example +```!win-security-policy host="123.123.123.123" section="System Access" key="NewGuestName" value="Guest Account" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinSecurityPolicy": { + "changed": false, + "host": "123.123.123.123", + "key": "NewGuestName", + "section": "System Access", + "status": "SUCCESS", + "value": "Guest Account" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * key: NewGuestName +> * section: System Access +> * value: Guest Account + + +### win-service +*** +Manage and query Windows services +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_service_module.html + + +#### Base Command + +`win-service` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| dependencies | A list of service dependencies to set for this particular service.
This should be a list of service names and not the display name of the service.
This works by `dependency_action` to either add/remove or set the services in this list. | Optional | +| dependency_action | Used in conjunction with `dependency` to either add the dependencies to the existing service dependencies.
Remove the dependencies to the existing dependencies.
Set the dependencies to only the values in the list replacing the existing dependencies. Possible values are: add, remove, set. Default is set. | Optional | +| desktop_interact | Whether to allow the service user to interact with the desktop.
This should only be set to `yes` when using the `LocalSystem` username. Possible values are: Yes, No. Default is No. | Optional | +| description | The description to set for the service. | Optional | +| display_name | The display name to set for the service. | Optional | +| force_dependent_services | If `yes`, stopping or restarting a service with dependent services will force the dependent services to stop or restart also.
If `no`, stopping or restarting a service with dependent services may fail. Possible values are: Yes, No. Default is No. | Optional | +| name | Name of the service.
If only the name parameter is specified, the module will report on whether the service exists or not without making any changes. | Required | +| path | The path to the executable to set for the service. | Optional | +| password | The password to set the service to start as.
This and the `username` argument must be supplied together.
If specifying `LocalSystem`, `NetworkService` or `LocalService` this field must be an empty string and not null. | Optional | +| start_mode | Set the startup type for the service.
A newly created service will default to `auto`.
`delayed` added in Ansible 2.3. Possible values are: auto, delayed, disabled, manual. | Optional | +| state | The desired state of the service.
`started`/`stopped`/`absent`/`paused` are idempotent actions that will not run commands unless necessary.
`restarted` will always bounce the service.
`absent` was added in Ansible 2.3
`paused` was added in Ansible 2.4
Only services that support the paused state can be paused, you can check the return value `can_pause_and_continue`.
You can only pause a service that is already started.
A newly created service will default to `stopped`. Possible values are: absent, paused, started, stopped, restarted. | Optional | +| username | The username to set the service to start as.
This and the `password` argument must be supplied together when using a local or domain account.
Set to `LocalSystem` to use the SYSTEM account.
A newly created service will default to `LocalSystem`.
If using a custom user account, it must have the `SeServiceLogonRight` granted to be able to start up. You can use the `win_user_right` module to grant this user right for you. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinService.exists | boolean | Whether the service exists or not. | +| MicrosoftWindows.WinService.name | string | The service name or id of the service. | +| MicrosoftWindows.WinService.display_name | string | The display name of the installed service. | +| MicrosoftWindows.WinService.state | string | The current running status of the service. | +| MicrosoftWindows.WinService.start_mode | string | The startup type of the service. | +| MicrosoftWindows.WinService.path | string | The path to the service executable. | +| MicrosoftWindows.WinService.can_pause_and_continue | boolean | Whether the service can be paused and unpaused. | +| MicrosoftWindows.WinService.description | string | The description of the service. | +| MicrosoftWindows.WinService.username | string | The username that runs the service. | +| MicrosoftWindows.WinService.desktop_interact | boolean | Whether the current user is allowed to interact with the desktop. | +| MicrosoftWindows.WinService.dependencies | unknown | A list of services that is depended by this service. | +| MicrosoftWindows.WinService.depended_by | unknown | A list of services that depend on this service. | + + +#### Command Example +```!win-service host="123.123.123.123" name="spooler" state="restarted" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinService": { + "can_pause_and_continue": false, + "changed": true, + "depended_by": [], + "dependencies": [ + "RPCSS", + "http" + ], + "description": "This service spools print jobs and handles interaction with the printer. If you turn off this service, you won\u2019t be able to print or see your printers.", + "desktop_interact": false, + "display_name": "Print Spooler", + "exists": true, + "host": "123.123.123.123", + "name": "Spooler", + "path": "C:\\Windows\\System32\\spoolsv.exe", + "start_mode": "auto", + "state": "running", + "status": "CHANGED", + "username": "LocalSystem" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * can_pause_and_continue: False +> * changed: True +> * description: This service spools print jobs and handles interaction with the printer. If you turn off this service, you won’t be able to print or see your printers. +> * desktop_interact: False +> * display_name: Print Spooler +> * exists: True +> * name: Spooler +> * path: C:\Windows\System32\spoolsv.exe +> * start_mode: auto +> * state: running +> * username: LocalSystem +> * ## Depended_By +> * ## Dependencies +> * 0: RPCSS +> * 1: http + + +### win-share +*** +Manage Windows shares +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_share_module.html + + +#### Base Command + +`win-share` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Share name. | Required | +| path | Share directory. | Required | +| state | Specify whether to add `present` or remove `absent` the specified share. Possible values are: absent, present. Default is present. | Optional | +| description | Share description. | Optional | +| list | Specify whether to allow or deny file listing, in case user has no permission on share. Also known as Access-Based Enumeration. Possible values are: Yes, No. Default is No. | Optional | +| read | Specify user list that should get read access on share, separated by comma. | Optional | +| change | Specify user list that should get read and write access on share, separated by comma. | Optional | +| full | Specify user list that should get full access on share, separated by comma. | Optional | +| deny | Specify user list that should get no access, regardless of implied access on share, separated by comma. | Optional | +| caching_mode | Set the CachingMode for this share. Possible values are: BranchCache, Documents, Manual, None, Programs, Unknown. Default is Manual. | Optional | +| encrypt | Sets whether to encrypt the traffic to the share or not. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinShare.actions | unknown | A list of action cmdlets that were run by the module. | + + +#### Command Example +```!win-share host="123.123.123.123" name="internal" description="top secret share" path="C:/temp" list="False" full="Administrators,fed-phil" read="fed-phil" deny="Guest" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinShare": { + "actions": [ + "New-SmbShare -Name internal -Path C:\\temp", + "Set-SmbShare -Force -Name internal -Description top secret share", + "Set-SmbShare -Force -Name internal -FolderEnumerationMode AccessBased", + "Revoke-SmbShareAccess -Force -Name internal -AccountName Everyone", + "Grant-SmbShareAccess -Force -Name internal -AccountName BUILTIN\\Administrators -AccessRight Full", + "Grant-SmbShareAccess -Force -Name internal -AccountName WIN-U425UI0HPP7\\fed-phil -AccessRight Full", + "Block-SmbShareAccess -Force -Name internal -AccountName WIN-U425UI0HPP7\\Guest" + ], + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Actions +> * 0: New-SmbShare -Name internal -Path C:\temp +> * 1: Set-SmbShare -Force -Name internal -Description top secret share +> * 2: Set-SmbShare -Force -Name internal -FolderEnumerationMode AccessBased +> * 3: Revoke-SmbShareAccess -Force -Name internal -AccountName Everyone +> * 4: Grant-SmbShareAccess -Force -Name internal -AccountName BUILTIN\Administrators -AccessRight Full +> * 5: Grant-SmbShareAccess -Force -Name internal -AccountName WIN-U425UI0HPP7\fed-phil -AccessRight Full +> * 6: Block-SmbShareAccess -Force -Name internal -AccountName WIN-U425UI0HPP7\Guest + + +### win-shortcut +*** +Manage shortcuts on Windows +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_shortcut_module.html + + +#### Base Command + +`win-shortcut` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| src | Executable or URL the shortcut points to.
The executable needs to be in your PATH, or has to be an absolute path to the executable. | Optional | +| description | Description for the shortcut.
This is usually shown when hoovering the icon. | Optional | +| dest | Destination file for the shortcuting file.
File name should have a `.lnk` or `.url` extension. | Required | +| arguments | Additional arguments for the executable defined in `src`.
Was originally just `args` but renamed in Ansible 2.8. | Optional | +| directory | Working directory for executable defined in `src`. | Optional | +| icon | Icon used for the shortcut.
File name should have a `.ico` extension.
The file name is followed by a comma and the number in the library file (.dll) or use 0 for an image file. | Optional | +| hotkey | Key combination for the shortcut.
This is a combination of one or more modifiers and a key.
Possible modifiers are Alt, Ctrl, Shift, Ext.
Possible keys are [A-Z] and [0-9]. | Optional | +| windowstyle | Influences how the application is displayed when it is launched. Possible values are: maximized, minimized, normal. | Optional | +| state | When `absent`, removes the shortcut if it exists.
When `present`, creates or updates the shortcut. Possible values are: absent, present. Default is present. | Optional | +| run_as_admin | When `src` is an executable, this can control whether the shortcut will be opened as an administrator or not. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-shortcut host="123.123.123.123" "src"="C:\\Program Files\\Mozilla Firefox\\Firefox.exe" dest="C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk" icon="C:\\Program Files\\Mozilla Firefox\\Firefox.exe,0" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinShortcut": { + "args": "", + "changed": false, + "description": "", + "dest": "C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk", + "directory": "", + "host": "123.123.123.123", + "hotkey": "", + "icon": "C:\\Program Files\\Mozilla Firefox\\Firefox.exe,0", + "src": "C:\\Program Files\\Mozilla Firefox\\Firefox.exe", + "state": "present", + "status": "SUCCESS", + "windowstyle": "normal" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * args: +> * changed: False +> * description: +> * dest: C:\Users\Public\Desktop\Mozilla Firefox.lnk +> * directory: +> * hotkey: +> * icon: C:\Program Files\Mozilla Firefox\Firefox.exe,0 +> * src: C:\Program Files\Mozilla Firefox\Firefox.exe +> * state: present +> * windowstyle: normal + + +### win-snmp +*** +Configures the Windows SNMP service +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_snmp_module.html + + +#### Base Command + +`win-snmp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| permitted_managers | The list of permitted SNMP managers. | Optional | +| community_strings | The list of read-only SNMP community strings. | Optional | +| action | `add` will add new SNMP community strings and/or SNMP managers
`set` will replace SNMP community strings and/or SNMP managers. An empty list for either `community_strings` or `permitted_managers` will result in the respective lists being removed entirely.
`remove` will remove SNMP community strings and/or SNMP managers. Possible values are: add, set, remove. Default is set. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinSnmp.community_strings | unknown | The list of community strings for this machine. | +| MicrosoftWindows.WinSnmp.permitted_managers | unknown | The list of permitted managers for this machine. | + + + + +### win-stat +*** +Get information about Windows files +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_stat_module.html + + +#### Base Command + +`win-stat` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| path | The full path of the file/object to get the facts of; both forward and back slashes are accepted. | Required | +| get_md5 | Whether to return the checksum sum of the file. Between Ansible 1.9 and Ansible 2.2 this is no longer an MD5, but a SHA1 instead. As of Ansible 2.3 this is back to an MD5. Will return None if host is unable to use specified algorithm.
The default of this option changed from `yes` to `no` in Ansible 2.5 and will be removed altogether in Ansible 2.9.
Use `get_checksum=yes` with `checksum_algorithm=md5` to return an md5 hash under the `checksum` return value. Possible values are: Yes, No. Default is No. | Optional | +| get_checksum | Whether to return a checksum of the file (default sha1). Possible values are: Yes, No. Default is Yes. | Optional | +| checksum_algorithm | Algorithm to determine checksum of file.
Will throw an error if the host is unable to use specified algorithm. Possible values are: md5, sha1, sha256, sha384, sha512. Default is sha1. | Optional | +| follow | Whether to follow symlinks or junction points.
In the case of `path` pointing to another link, then that will be followed until no more links are found. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinStat.changed | boolean | Whether anything was changed | +| MicrosoftWindows.WinStat.stat | unknown | dictionary containing all the stat data | + + +#### Command Example +```!win-stat host="123.123.123.123" path="C:/logs.zip" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinStat": { + "changed": false, + "host": "123.123.123.123", + "stat": { + "attributes": "Archive", + "checksum": "386bcb29bec1df41bde1cb0324b609338337b893", + "creationtime": 1624942389.4979205, + "exists": true, + "extension": ".zip", + "filename": "logs.zip", + "hlnk_targets": [], + "isarchive": true, + "isdir": false, + "ishidden": false, + "isjunction": false, + "islnk": false, + "isreadonly": false, + "isreg": true, + "isshared": false, + "lastaccesstime": 1624942389.4979205, + "lastwritetime": 1624942389.5135438, + "nlink": 1, + "owner": "BUILTIN\\Administrators", + "path": "C:\\logs.zip", + "size": 354 + }, + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * ## Stat +> * attributes: Archive +> * checksum: 386bcb29bec1df41bde1cb0324b609338337b893 +> * creationtime: 1624942389.4979205 +> * exists: True +> * extension: .zip +> * filename: logs.zip +> * isarchive: True +> * isdir: False +> * ishidden: False +> * isjunction: False +> * islnk: False +> * isreadonly: False +> * isreg: True +> * isshared: False +> * lastaccesstime: 1624942389.4979205 +> * lastwritetime: 1624942389.5135438 +> * nlink: 1 +> * owner: BUILTIN\Administrators +> * path: C:\logs.zip +> * size: 354 +> * ### Hlnk_Targets + + + +### win-tempfile +*** +Creates temporary files and directories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_tempfile_module.html + + +#### Base Command + +`win-tempfile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| state | Whether to create file or directory. Possible values are: directory, file. Default is file. | Optional | +| path | Location where temporary file or directory should be created.
If path is not specified default system temporary directory (%TEMP%) will be used. Default is %TEMP%. | Optional | +| prefix | Prefix of file/directory name created by module. Default is ansible.. | Optional | +| suffix | Suffix of file/directory name created by module. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinTempfile.path | string | The absolute path to the created file or directory. | + + +#### Command Example +```!win-tempfile host="123.123.123.123" state="directory" suffix="build" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinTempfile": { + "changed": true, + "host": "123.123.123.123", + "path": "C:\\Users\\Administrator\\AppData\\Local\\Temp\\ansible.orvo45xg.ldhbuild", + "state": "directory", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * path: C:\Users\Administrator\AppData\Local\Temp\ansible.orvo45xg.ldhbuild +> * state: directory + + +### win-template +*** +Template a file out to a remote server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_template_module.html + + +#### Base Command + +`win-template` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| backup | Determine whether a backup should be created.
When set to `yes`, create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| newline_sequence | Specify the newline sequence to use for templating files. Possible values are: \n, \r, \r\n. Default is \r\n. | Optional | +| force | Determine when the file is being transferred if the destination already exists.
When set to `yes`, replace the remote file when contents are different than the source.
When set to `no`, the file will only be transferred if the destination does not exist. Possible values are: Yes, No. Default is Yes. | Optional | +| src | Path of a Jinja2 formatted template on the Ansible controller.
This can be a relative or an absolute path.
The file must be encoded with `utf-8` but `output_encoding` can be used to control the encoding of the output template. | Required | +| dest | Location to render the template to on the remote machine. | Required | +| block_start_string | The string marking the beginning of a block. Default is {%. | Optional | +| block_end_string | The string marking the end of a block. Default is %}. | Optional | +| variable_start_string | The string marking the beginning of a print statement. Default is {{. | Optional | +| variable_end_string | The string marking the end of a print statement. Default is }}. | Optional | +| trim_blocks | Determine when newlines should be removed from blocks.
When set to `yes` the first newline after a block is removed (block, not variable tag!). Possible values are: Yes, No. Default is Yes. | Optional | +| lstrip_blocks | Determine when leading spaces and tabs should be stripped.
When set to `yes` leading spaces and tabs are stripped from the start of a line to a block.
This functionality requires Jinja 2.7 or newer. Possible values are: Yes, No. Default is No. | Optional | +| output_encoding | Overrides the encoding used to write the template file defined by `dest`.
It defaults to `utf-8`, but any encoding supported by python can be used.
The source template file must always be encoded using `utf-8`, for homogeneity. Default is utf-8. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinTemplate.backup_file | string | Name of the backup file that was created. | + + +#### Command Example +```!win-template host="123.123.123.123" "src"="/mytemplates/file.conf.j2" dest="C:\\Temp\\file.conf" ``` + +#### Human Readable Output + +>null + +### win-timezone +*** +Sets Windows machine timezone +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_timezone_module.html + + +#### Base Command + +`win-timezone` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| timezone | Timezone to set to.
Example: Central Standard Time. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinTimezone.previous_timezone | string | The previous timezone if it was changed, otherwise the existing timezone. | +| MicrosoftWindows.WinTimezone.timezone | string | The current timezone \(possibly changed\). | + + +#### Command Example +```!win-timezone host="123.123.123.123" timezone="Romance Standard Time" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinTimezone": { + "changed": false, + "host": "123.123.123.123", + "previous_timezone": "Romance Standard Time", + "status": "SUCCESS", + "timezone": "Romance Standard Time" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * previous_timezone: Romance Standard Time +> * timezone: Romance Standard Time + + +### win-toast +*** +Sends Toast windows notification to logged in users on Windows 10 or later hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_toast_module.html + + +#### Base Command + +`win-toast` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| expire | How long in seconds before the notification expires. Default is 45. | Optional | +| group | Which notification group to add the notification to. Default is Powershell. | Optional | +| msg | The message to appear inside the notification.
May include \n to format the message to appear within the Action Center. Default is Hello, World!. | Optional | +| popup | If `no`, the notification will not pop up and will only appear in the Action Center. Possible values are: Yes, No. Default is Yes. | Optional | +| tag | The tag to add to the notification. Default is Ansible. | Optional | +| title | The notification title, which appears in the pop up.. Default is Notification HH:mm. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinToast.expire_at_utc | string | Calculated utc date time when the notification expires. | +| MicrosoftWindows.WinToast.no_toast_sent_reason | string | Text containing the reason why a notification was not sent. | +| MicrosoftWindows.WinToast.sent_localtime | string | local date time when the notification was sent. | +| MicrosoftWindows.WinToast.time_taken | unknown | How long the module took to run on the remote windows host in seconds. | +| MicrosoftWindows.WinToast.toast_sent | boolean | Whether the module was able to send a toast notification or not. | + + +#### Command Example +```!win-toast host="123.123.123.123" expire="60" title="System Upgrade Notification" msg="Automated upgrade about to start. Please save your work and log off before 6pm" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinToast": { + "changed": false, + "expire_at": "6/29/2021 5:21:50 AM", + "expire_at_utc": "Tuesday, June 29, 2021 3:21:50 AM", + "host": "123.123.123.123", + "sent_localtime": "Tuesday, June 29, 2021 5:21:50 AM", + "status": "SUCCESS", + "time_taken": 60.2358145, + "toast_sent": true + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * expire_at: 6/29/2021 5:21:50 AM +> * expire_at_utc: Tuesday, June 29, 2021 3:21:50 AM +> * sent_localtime: Tuesday, June 29, 2021 5:21:50 AM +> * time_taken: 60.2358145 +> * toast_sent: True + + +### win-unzip +*** +Unzips compressed files and archives on the Windows node +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_unzip_module.html + + +#### Base Command + +`win-unzip` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| src | File to be unzipped (provide absolute path). | Required | +| dest | Destination of zip file (provide absolute path of directory). If it does not exist, the directory will be created. | Required | +| delete_archive | Remove the zip file, after unzipping. Possible values are: Yes, No. Default is No. | Optional | +| recurse | Recursively expand zipped files within the src file.
Setting to a value of `yes` requires the PSCX module to be installed. Possible values are: Yes, No. Default is No. | Optional | +| creates | If this file or directory exists the specified src will not be extracted. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinUnzip.dest | string | The provided destination path | +| MicrosoftWindows.WinUnzip.removed | boolean | Whether the module did remove any files during task run | +| MicrosoftWindows.WinUnzip.src | string | The provided source path | + + +#### Command Example +```!win-unzip host="123.123.123.123" "src"="C:/logs.zip" dest="C:/temp/OldLogs" creates="C:/temp/OldLogs" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinUnzip": { + "changed": true, + "dest": "C:/temp/OldLogs", + "host": "123.123.123.123", + "removed": false, + "src": "C:/logs.zip", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * dest: C:/temp/OldLogs +> * removed: False +> * src: C:/logs.zip + + +### win-updates +*** +Download and install Windows updates +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_updates_module.html + + +#### Base Command + +`win-updates` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| blacklist | A list of update titles or KB numbers that can be used to specify which updates are to be excluded from installation.
If an available update does match one of the entries, then it is skipped and not installed.
Each entry can either be the KB article or Update title as a regex according to the PowerShell regex rules. | Optional | +| category_names | A scalar or list of categories to install updates from. To get the list of categories, run the module with `state=searched`. The category must be the full category string, but is case insensitive.
Some possible categories are Application, Connectors, Critical Updates, Definition Updates, Developer Kits, Feature Packs, Guidance, Security Updates, Service Packs, Tools, Update Rollups and Updates. Default is ['CriticalUpdates', 'SecurityUpdates', 'UpdateRollups']. | Optional | +| reboot | Ansible will automatically reboot the remote host if it is required and continue to install updates after the reboot.
This can be used instead of using a `win_reboot` task after this one and ensures all updates for that category is installed in one go.
Async does not work when `reboot=yes`. Possible values are: Yes, No. Default is No. | Optional | +| reboot_timeout | The time in seconds to wait until the host is back online from a reboot.
This is only used if `reboot=yes` and a reboot is required. Default is 1200. | Optional | +| server_selection | Defines the Windows Update source catalog.
`default` Use the default search source. For many systems default is set to the Microsoft Windows Update catalog. Systems participating in Windows Server Update Services (WSUS), Systems Center Configuration Manager (SCCM), or similar corporate update server environments may default to those managed update sources instead of the Windows Update catalog.
`managed_server` Use a managed server catalog. For environments utilizing Windows Server Update Services (WSUS), Systems Center Configuration Manager (SCCM), or similar corporate update servers, this option selects the defined corporate update source.
`windows_update` Use the Microsoft Windows Update catalog. Possible values are: default, managed_server, windows_update. Default is default. | Optional | +| state | Controls whether found updates are downloaded or installed or listed
This module also supports Ansible check mode, which has the same effect as setting state=searched. Possible values are: installed, searched, downloaded. Default is installed. | Optional | +| log_path | If set, `win_updates` will append update progress to the specified file. The directory must already exist. | Optional | +| whitelist | A list of update titles or KB numbers that can be used to specify which updates are to be searched or installed.
If an available update does not match one of the entries, then it is skipped and not installed.
Each entry can either be the KB article or Update title as a regex according to the PowerShell regex rules.
The whitelist is only validated on updates that were found based on `category_names`. It will not force the module to install an update if it was not in the category specified. | Optional | +| use_scheduled_task | Will not auto elevate the remote process with `become` and use a scheduled task instead.
Set this to `yes` when using this module with async on Server 2008, 2008 R2, or Windows 7, or on Server 2008 that is not authenticated with basic or credssp.
Can also be set to `yes` on newer hosts where become does not work due to further privilege restrictions from the OS defaults. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinUpdates.reboot_required | boolean | True when the target server requires a reboot to complete updates \(no further updates can be installed until after a reboot\). | +| MicrosoftWindows.WinUpdates.updates | unknown | List of updates that were found/installed. | +| MicrosoftWindows.WinUpdates.filtered_updates | unknown | List of updates that were found but were filtered based on \`blacklist\`, \`whitelist\` or \`category_names\`. The return value is in the same form as \`updates\`, along with \`filtered_reason\`. | +| MicrosoftWindows.WinUpdates.found_update_count | number | The number of updates found needing to be applied. | +| MicrosoftWindows.WinUpdates.installed_update_count | number | The number of updates successfully installed or downloaded. | +| MicrosoftWindows.WinUpdates.failed_update_count | number | The number of updates that failed to install. | + + +#### Command Example +```!win-updates host="123.123.123.123" category_names="['SecurityUpdates', 'CriticalUpdates', 'UpdateRollups']" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinUpdates": { + "changed": false, + "filtered_updates": { + "95335a9a-923a-47b2-abb1-7584d685de6a": { + "categories": [ + "Security Updates", + "Windows Server 2016" + ], + "filtered_reason": "category_names", + "id": "95335a9a-923a-47b2-abb1-7584d685de6a", + "installed": false, + "kb": [ + "5001402" + ], + "title": "2021-04 Servicing Stack Update for Windows Server 2016 for x64-based Systems (KB5001402)" + }, + "a711f6a5-5bf3-4392-95d0-686f748789dd": { + "categories": [ + "Updates", + "Windows Server 2016" + ], + "filtered_reason": "category_names", + "id": "a711f6a5-5bf3-4392-95d0-686f748789dd", + "installed": false, + "kb": [ + "4103720" + ], + "title": "2018-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4103720)" + }, + "e0fa0562-d5bf-451f-a63c-1ea947b6eb27": { + "categories": [ + "Update Rollups", + "Windows Server 2016", + "Windows Server 2019" + ], + "filtered_reason": "category_names", + "id": "e0fa0562-d5bf-451f-a63c-1ea947b6eb27", + "installed": false, + "kb": [ + "890830" + ], + "title": "Windows Malicious Software Removal Tool x64 - v5.90 (KB890830)" + } + }, + "found_update_count": 0, + "host": "123.123.123.123", + "installed_update_count": 0, + "reboot_required": false, + "status": "SUCCESS", + "updates": {} + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * found_update_count: 0 +> * installed_update_count: 0 +> * reboot_required: False +> * ## Filtered_Updates +> * ### 95335A9A-923A-47B2-Abb1-7584D685De6A +> * filtered_reason: category_names +> * id: 95335a9a-923a-47b2-abb1-7584d685de6a +> * installed: False +> * title: 2021-04 Servicing Stack Update for Windows Server 2016 for x64-based Systems (KB5001402) +> * #### Categories +> * 0: Security Updates +> * 1: Windows Server 2016 +> * #### Kb +> * 0: 5001402 +> * ### A711F6A5-5Bf3-4392-95D0-686F748789Dd +> * filtered_reason: category_names +> * id: a711f6a5-5bf3-4392-95d0-686f748789dd +> * installed: False +> * title: 2018-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4103720) +> * #### Categories +> * 0: Updates +> * 1: Windows Server 2016 +> * #### Kb +> * 0: 4103720 +> * ### E0Fa0562-D5Bf-451F-A63C-1Ea947B6Eb27 +> * filtered_reason: category_names +> * id: e0fa0562-d5bf-451f-a63c-1ea947b6eb27 +> * installed: False +> * title: Windows Malicious Software Removal Tool x64 - v5.90 (KB890830) +> * #### Categories +> * 0: Update Rollups +> * 1: Windows Server 2016 +> * 2: Windows Server 2019 +> * #### Kb +> * 0: 890830 +> * ## Updates + +### win-uri +*** +Interacts with webservices +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_uri_module.html + + +#### Base Command + +`win-uri` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| url | Supports FTP, HTTP or HTTPS URLs in the form of (ftp\|http\|https)://host.domain:port/path. | Required | +| method | The HTTP Method of the request or response. Default is GET. | Optional | +| content_type | Sets the "Content-Type" header. | Optional | +| body | The body of the HTTP request/response to the web service. | Optional | +| dest | Output the response body to a file. | Optional | +| creates | A filename, when it already exists, this step will be skipped. | Optional | +| removes | A filename, when it does not exist, this step will be skipped. | Optional | +| return_content | Whether or not to return the body of the response as a "content" key in the dictionary result. If the reported Content-type is "application/json", then the JSON is additionally loaded into a key called `json` in the dictionary results. Possible values are: Yes, No. Default is No. | Optional | +| status_code | A valid, numeric, HTTP status code that signifies success of the request.
Can also be comma separated list of status codes. Default is [200]. | Optional | +| url_username | The username to use for authentication.
Was originally called `user` but was changed to `url_username` in Ansible 2.9. | Optional | +| url_password | The password for `url_username`.
Was originally called `password` but was changed to `url_password` in Ansible 2.9. | Optional | +| follow_redirects | Whether or the module should follow redirects.
`all` will follow all redirect.
`none` will not follow any redirect.
`safe` will follow only "safe" redirects, where "safe" means that the client is only doing a `GET` or `HEAD` on the URI to which it is being redirected. Possible values are: all, none, safe. Default is safe. | Optional | +| maximum_redirection | Specify how many times the module will redirect a connection to an alternative URI before the connection fails.
If set to `0` or `follow_redirects` is set to `none`, or `safe` when not doing a `GET` or `HEAD` it prevents all redirection. Default is 50. | Optional | +| client_cert | The path to the client certificate (.pfx) that is used for X509 authentication. This path can either be the path to the `pfx` on the filesystem or the PowerShell certificate path `Cert:\CurrentUser\My\<thumbprint>`.
The WinRM connection must be authenticated with `CredSSP` or `become` is used on the task if the certificate file is not password protected.
Other authentication types can set `client_cert_password` when the cert is password protected. | Optional | +| client_cert_password | The password for `client_cert` if the cert is password protected. | Optional | +| use_proxy | If `no`, it will not use the proxy defined in IE for the current user. Possible values are: Yes, No. Default is Yes. | Optional | +| proxy_url | An explicit proxy to use for the request.
By default, the request will use the IE defined proxy unless `use_proxy` is set to `no`. | Optional | +| proxy_username | The username to use for proxy authentication. | Optional | +| proxy_password | The password for `proxy_username`. | Optional | +| headers | Extra headers to set on the request.
This should be a dictionary where the key is the header name and the value is the value for that header. | Optional | +| http_agent | Header to identify as, generally appears in web server logs.
This is set to the `User-Agent` header on a HTTP request. Default is ansible-httpget. | Optional | +| timeout | Specifies how long the request can be pending before it times out (in seconds).
Set to `0` to specify an infinite timeout. Default is 30. | Optional | +| validate_certs | If `no`, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates. Possible values are: Yes, No. Default is Yes. | Optional | +| force_basic_auth | By default the authentication header is only sent when a webservice responses to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail.
This option forces the sending of the Basic authentication header upon the original request. Possible values are: Yes, No. Default is No. | Optional | +| use_default_credential | Uses the current user's credentials when authenticating with a server protected with `NTLM`, `Kerberos`, or `Negotiate` authentication.
Sites that use `Basic` auth will still require explicit credentials through the `url_username` and `url_password` options.
The module will only have access to the user's credentials if using `become` with a password, you are connecting with SSH using a password, or connecting with WinRM using `CredSSP` or `Kerberos with delegation`.
If not using `become` or a different auth method to the ones stated above, there will be no default credentials available and no authentication will occur. Possible values are: Yes, No. Default is No. | Optional | +| proxy_use_default_credential | Uses the current user's credentials when authenticating with a proxy host protected with `NTLM`, `Kerberos`, or `Negotiate` authentication.
Proxies that use `Basic` auth will still require explicit credentials through the `proxy_username` and `proxy_password` options.
The module will only have access to the user's credentials if using `become` with a password, you are connecting with SSH using a password, or connecting with WinRM using `CredSSP` or `Kerberos with delegation`.
If not using `become` or a different auth method to the ones stated above, there will be no default credentials available and no proxy authentication will occur. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinUri.elapsed | unknown | The number of seconds that elapsed while performing the download. | +| MicrosoftWindows.WinUri.url | string | The Target URL. | +| MicrosoftWindows.WinUri.status_code | number | The HTTP Status Code of the response. | +| MicrosoftWindows.WinUri.status_description | string | A summary of the status. | +| MicrosoftWindows.WinUri.content | string | The raw content of the HTTP response. | +| MicrosoftWindows.WinUri.content_length | number | The byte size of the response. | +| MicrosoftWindows.WinUri.json | unknown | The json structure returned under content as a dictionary. | + + +#### Command Example +```!win-uri host="123.123.123.123" url="http://google.com/" status_code=200``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinUri": { + "accept_ranges": "none", + "cache_control": "private, max-age=0", + "changed": false, + "character_set": "ISO-8859-1", + "content_encoding": "", + "content_length": -1, + "content_type": "text/html; charset=ISO-8859-1", + "cookies": [], + "date": "Tue, 29 Jun 2021 03:20:39 GMT", + "elapsed": 0.5468812, + "expires": "-1", + "headers": [ + "X-XSS-Protection", + "X-Frame-Options", + "Cache-Control", + "Content-Type", + "Date", + "Expires", + "P3P", + "Set-Cookie", + "Server", + "Accept-Ranges", + "Vary", + "Transfer-Encoding" + ], + "host": "123.123.123.123", + "is_from_cache": false, + "is_mutually_authenticated": false, + "last_modified": "2021-06-29T05:20:39.5210399+02:00", + "method": "GET", + "msg": "OK", + "p3_p": "CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"", + "protocol_version": { + "Build": -1, + "Major": 1, + "MajorRevision": -1, + "Minor": 1, + "MinorRevision": -1, + "Revision": -1 + }, + "response_uri": "http://www.google.com/", + "server": "gws", + "set_cookie": "1P_JAR=2021-06-29-03; expires=Thu, 29-Jul-2021 03:20:39 GMT; path=/; domain=.google.com; Secure,NID=218=k9gPfV-dyDTDIEhr83SQqx1tn5-dypVUGdmaL2MChbc_cpeIBSkBxku2aaIgbuc-JQabdIkGeaydImnAa1dTmtSQTj3MhjzGBCuFUY-5erUZ9GkrAFuvcSwS0KrismDc-Y8n0bBg15L4nTx5JJC0OrlhGH-Hofb9xrGAT0A3Qdo; expires=Wed, 29-Dec-2021 03:20:39 GMT; path=/; domain=.google.com; HttpOnly", + "status": "SUCCESS", + "status_code": 200, + "status_description": "OK", + "supports_headers": true, + "transfer_encoding": "chunked", + "url": "http://google.com/", + "vary": "Accept-Encoding", + "x_frame_options": "SAMEORIGIN", + "xxss_protection": "0" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * accept_ranges: none +> * cache_control: private, max-age=0 +> * changed: False +> * character_set: ISO-8859-1 +> * content_encoding: +> * content_length: -1 +> * content_type: text/html; charset=ISO-8859-1 +> * date: Tue, 29 Jun 2021 03:20:39 GMT +> * elapsed: 0.5468812 +> * expires: -1 +> * is_from_cache: False +> * is_mutually_authenticated: False +> * last_modified: 2021-06-29T05:20:39.5210399+02:00 +> * method: GET +> * msg: OK +> * p3_p: CP="This is not a P3P policy! See g.co/p3phelp for more info." +> * response_uri: http://www.google.com/ +> * server: gws +> * set_cookie: 1P_JAR=2021-06-29-03; expires=Thu, 29-Jul-2021 03:20:39 GMT; path=/; domain=.google.com; Secure,NID=218=k9gPfV-dyDTDIEhr83SQqx1tn5-dypVUGdmaL2MChbc_cpeIBSkBxku2aaIgbuc-JQabdIkGeaydImnAa1dTmtSQTj3MhjzGBCuFUY-5erUZ9GkrAFuvcSwS0KrismDc-Y8n0bBg15L4nTx5JJC0OrlhGH-Hofb9xrGAT0A3Qdo; expires=Wed, 29-Dec-2021 03:20:39 GMT; path=/; domain=.google.com; HttpOnly +> * status_code: 200 +> * status_description: OK +> * supports_headers: True +> * transfer_encoding: chunked +> * url: http://google.com/ +> * vary: Accept-Encoding +> * x_frame_options: SAMEORIGIN +> * xxss_protection: 0 +> * ## Cookies +> * ## Headers +> * 0: X-XSS-Protection +> * 1: X-Frame-Options +> * 2: Cache-Control +> * 3: Content-Type +> * 4: Date +> * 5: Expires +> * 6: P3P +> * 7: Set-Cookie +> * 8: Server +> * 9: Accept-Ranges +> * 10: Vary +> * 11: Transfer-Encoding +> * ## Protocol_Version +> * Build: -1 +> * Major: 1 +> * MajorRevision: -1 +> * Minor: 1 +> * MinorRevision: -1 +> * Revision: -1 + + +### win-user +*** +Manages local Windows user accounts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_user_module.html + + +#### Base Command + +`win-user` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the user to create, remove or modify. | Required | +| fullname | Full name of the user. | Optional | +| description | Description of the user. | Optional | +| password | Optionally set the user's password to this (plain text) value. | Optional | +| update_password | `always` will update passwords if they differ. `on_create` will only set the password for newly created users. Possible values are: always, on_create. Default is always. | Optional | +| password_expired | `yes` will require the user to change their password at next login.
`no` will clear the expired password flag. | Optional | +| password_never_expires | `yes` will set the password to never expire.
`no` will allow the password to expire. | Optional | +| user_cannot_change_password | `yes` will prevent the user from changing their password.
`no` will allow the user to change their password. | Optional | +| account_disabled | `yes` will disable the user account.
`no` will clear the disabled flag. | Optional | +| account_locked | `no` will unlock the user account if locked. Possible values are: no. | Optional | +| groups | Adds or removes the user from this comma-separated list of groups, depending on the value of `groups_action`.
When `groups_action` is `replace` and `groups` is set to the empty string ('groups='), the user is removed from all groups. | Optional | +| groups_action | If `add`, the user is added to each group in `groups` where not already a member.
If `replace`, the user is added as a member of each group in `groups` and removed from any other groups.
If `remove`, the user is removed from each group in `groups`. Possible values are: add, replace, remove. Default is replace. | Optional | +| state | When `absent`, removes the user account if it exists.
When `present`, creates or updates the user account.
When `query` (new in 1.9), retrieves the user account details without making any changes. Possible values are: absent, present, query. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinUser.account_disabled | boolean | Whether the user is disabled. | +| MicrosoftWindows.WinUser.account_locked | boolean | Whether the user is locked. | +| MicrosoftWindows.WinUser.description | string | The description set for the user. | +| MicrosoftWindows.WinUser.fullname | string | The full name set for the user. | +| MicrosoftWindows.WinUser.groups | unknown | A list of groups and their ADSI path the user is a member of. | +| MicrosoftWindows.WinUser.name | string | The name of the user | +| MicrosoftWindows.WinUser.password_expired | boolean | Whether the password is expired. | +| MicrosoftWindows.WinUser.password_never_expires | boolean | Whether the password is set to never expire. | +| MicrosoftWindows.WinUser.path | string | The ADSI path for the user. | +| MicrosoftWindows.WinUser.sid | string | The SID for the user. | +| MicrosoftWindows.WinUser.user_cannot_change_password | boolean | Whether the user can change their own password. | + + +#### Command Example +```!win-user host="123.123.123.123" name="fed-phil" password="B0bP4ssw0rd" state="present" groups="Users" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinUser": { + "account_disabled": false, + "account_locked": false, + "changed": true, + "description": "", + "fullname": "fed-phil", + "groups": [ + { + "name": "Users", + "path": "WinNT://WORKGROUP/WIN-U425UI0HPP7/Users" + } + ], + "host": "123.123.123.123", + "name": "fed-phil", + "password_expired": false, + "password_never_expires": false, + "path": "WinNT://WORKGROUP/WIN-U425UI0HPP7/fed-phil", + "sid": "S-1-5-21-4202888923-410868521-3023024269-1003", + "state": "present", + "status": "CHANGED", + "user_cannot_change_password": false + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * account_disabled: False +> * account_locked: False +> * changed: True +> * description: +> * fullname: fed-phil +> * name: fed-phil +> * password_expired: False +> * password_never_expires: False +> * path: WinNT://WORKGROUP/WIN-U425UI0HPP7/fed-phil +> * sid: S-1-5-21-4202888923-410868521-3023024269-1003 +> * state: present +> * user_cannot_change_password: False +> * ## Groups +> * ## Users +> * name: Users +> * path: WinNT://WORKGROUP/WIN-U425UI0HPP7/Users + + +### win-user-profile +*** +Manages the Windows user profiles. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_user_profile_module.html + + +#### Base Command + +`win-user-profile` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Specifies the base name for the profile path.
When `state` is `present` this is used to create the profile for `username` at a specific path within the profile directory.
This cannot be used to specify a path outside of the profile directory but rather it specifies a folder(s) within this directory.
If a profile for another user already exists at the same path, then a 3 digit incremental number is appended by Windows automatically.
When `state` is `absent` and `username` is not set, then the module will remove all profiles that point to the profile path derived by this value.
This is useful if the account no longer exists but the profile still remains. | Optional | +| remove_multiple | When `state` is `absent` and the value for `name` matches multiple profiles the module will fail.
Set this value to `yes` to force the module to delete all the profiles found. Possible values are: Yes, No. Default is No. | Optional | +| state | Will ensure the profile exists when set to `present`.
When creating a profile the `username` option must be set to a valid account.
Will remove the profile(s) when set to `absent`.
When removing a profile either `username` must be set to a valid account, or `name` is set to the profile's base name. Possible values are: absent, present. Default is present. | Optional | +| username | The account name of security identifier (SID) for the profile.
This must be set when `state` is `present` and must be a valid account or the SID of a valid account.
When `state` is `absent` then this must still be a valid account number but the SID can be a deleted user's SID. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinUserProfile.path | string | The full path to the profile for the account. This will be null if \`state=absent\` and no profile was deleted. | + + +#### Command Example +```!win-user-profile host="123.123.123.123" username="fed-phil" state="present" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinUserProfile": { + "changed": true, + "host": "123.123.123.123", + "path": "C:\\Users\\fed-phil", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * path: C:\Users\fed-phil + + +### win-user-right +*** +Manage Windows User Rights +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_user_right_module.html + + +#### Base Command + +`win-user-right` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | The name of the User Right as shown by the `Constant Name` value from `https://technet.microsoft.com/en-us/library/dd349804.aspx`.
The module will return an error if the right is invalid. | Required | +| users | A list of users or groups to add/remove on the User Right.
These can be in the form DOMAIN\user-group, user-group@DOMAIN.COM for domain users/groups.
For local users/groups it can be in the form user-group, .\user-group, SERVERNAME\user-group where SERVERNAME is the name of the remote server.
You can also add special local accounts like SYSTEM and others.
Can be set to an empty list with `action=set` to remove all accounts from the right. | Required | +| action | `add` will add the users/groups to the existing right.
`remove` will remove the users/groups from the existing right.
`set` will replace the users/groups of the existing right. Possible values are: add, remove, set. Default is set. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinUserRight.added | unknown | A list of accounts that were added to the right, this is empty if no accounts were added. | +| MicrosoftWindows.WinUserRight.removed | unknown | A list of accounts that were removed from the right, this is empty if no accounts were removed. | + + +#### Command Example +```!win-user-right host="123.123.123.123" name="SeDenyInteractiveLogonRight" users="Guest" action="set" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinUserRight": { + "added": [ + "WIN-U425UI0HPP7\\Guest" + ], + "changed": true, + "host": "123.123.123.123", + "removed": [], + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True +> * ## Added +> * 0: WIN-U425UI0HPP7\Guest +> * ## Removed + + +### win-wait-for +*** +Waits for a condition before continuing +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_wait_for_module.html + + +#### Base Command + +`win-wait-for` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| connect_timeout | The maximum number of seconds to wait for a connection to happen before closing and retrying. Default is 5. | Optional | +| delay | The number of seconds to wait before starting to poll. | Optional | +| exclude_hosts | The list of hosts or IPs to ignore when looking for active TCP connections when `state=drained`. | Optional | +| ansible-module-host | A resolvable hostname or IP address to wait for.
If `state=drained` then it will only check for connections on the IP specified, you can use '0.0.0.0' to use all host IPs. Default is 127.0.0.1. | Optional | +| path | The path to a file on the filesystem to check.
If `state` is present or started then it will wait until the file exists.
If `state` is absent then it will wait until the file does not exist. | Optional | +| port | The port number to poll on `host`. | Optional | +| regex | Can be used to match a string in a file.
If `state` is present or started then it will wait until the regex matches.
If `state` is absent then it will wait until the regex does not match.
Defaults to a multiline regex. | Optional | +| sleep | Number of seconds to sleep between checks. Default is 1. | Optional | +| state | When checking a port, `started` will ensure the port is open, `stopped` will check that is it closed and `drained` will check for active connections.
When checking for a file or a search string `present` or `started` will ensure that the file or string is present, `absent` will check that the file or search string is absent or removed. Possible values are: absent, drained, present, started, stopped. Default is started. | Optional | +| timeout | The maximum number of seconds to wait for. Default is 300. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinWaitFor.wait_attempts | number | The number of attempts to poll the file or port before module finishes. | +| MicrosoftWindows.WinWaitFor.elapsed | unknown | The elapsed seconds between the start of poll and the end of the module. This includes the delay if the option is set. | + + +#### Command Example +```!win-wait-for host="123.123.123.123" port="3389" delay="10" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinWaitFor": { + "changed": false, + "elapsed": 10.031336099999999, + "host": "123.123.123.123", + "status": "SUCCESS", + "wait_attempts": 1 + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * elapsed: 10.031336099999999 +> * wait_attempts: 1 + + +### win-wait-for-process +*** +Waits for a process to exist or not exist before continuing. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_wait_for_process_module.html + + +#### Base Command + +`win-wait-for-process` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| process_name_exact | The name of the process(es) for which to wait. The name of the process(es) should not include the file extension suffix. | Optional | +| process_name_pattern | RegEx pattern matching desired process(es). | Optional | +| sleep | Number of seconds to sleep between checks.
Only applies when waiting for a process to start. Waiting for a process to start does not have a native non-polling mechanism. Waiting for a stop uses native PowerShell and does not require polling. Default is 1. | Optional | +| process_min_count | Minimum number of process matching the supplied pattern to satisfy `present` condition.
Only applies to `present`. Default is 1. | Optional | +| pid | The PID of the process. | Optional | +| owner | The owner of the process.
Requires PowerShell version 4.0 or newer. | Optional | +| pre_wait_delay | Seconds to wait before checking processes. Default is 0. | Optional | +| post_wait_delay | Seconds to wait after checking for processes. Default is 0. | Optional | +| state | When checking for a running process `present` will block execution until the process exists, or until the timeout has been reached. `absent` will block execution until the process no longer exists, or until the timeout has been reached.
When waiting for `present`, the module will return changed only if the process was not present on the initial check but became present on subsequent checks.
If, while waiting for `absent`, new processes matching the supplied pattern are started, these new processes will not be included in the action. Possible values are: absent, present. Default is present. | Optional | +| timeout | The maximum number of seconds to wait for a for a process to start or stop before erroring out. Default is 300. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinWaitForProcess.elapsed | unknown | The elapsed seconds between the start of poll and the end of the module. | +| MicrosoftWindows.WinWaitForProcess.matched_processes | unknown | List of matched processes \(either stopped or started\). | + + +#### Command Example +```!win-wait-for-process host="123.123.123.123" process_name_pattern="v(irtual)?box(headless|svc)?" state="absent" timeout="500" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinWaitForProcess": { + "changed": false, + "elapsed": 0.0468785, + "host": "123.123.123.123", + "matched_processes": [], + "status": "SUCCESS" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * changed: False +> * elapsed: 0.0468785 +> * ## Matched_Processes + + +### win-wakeonlan +*** +Send a magic Wake-on-LAN (WoL) broadcast packet +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_wakeonlan_module.html + + +#### Base Command + +`win-wakeonlan` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| mac | MAC address to send Wake-on-LAN broadcast packet for. | Required | +| broadcast | Network broadcast address to use for broadcasting magic Wake-on-LAN packet. Default is 255.255.255.255. | Optional | +| port | UDP port to use for magic Wake-on-LAN packet. Default is 7. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!win-wakeonlan host="123.123.123.123" mac="00:00:5E:00:53:66" broadcast="192.0.2.23" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinWakeonlan": { + "changed": true, + "host": "123.123.123.123", + "status": "CHANGED" + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - CHANGED +> * changed: True + + +### win-webpicmd +*** +Installs packages using Web Platform Installer command-line +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_webpicmd_module.html + + +#### Base Command + +`win-webpicmd` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| name | Name of the package to be installed. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### win-whoami +*** +Get information about the current user and process +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_whoami_module.html + + +#### Base Command + +`win-whoami` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinWhoami.authentication_package | string | The name of the authentication package used to authenticate the user in the session. | +| MicrosoftWindows.WinWhoami.user_flags | string | The user flags for the logon session, see UserFlags in \`https://msdn.microsoft.com/en-us/library/windows/desktop/aa380128\`. | +| MicrosoftWindows.WinWhoami.upn | string | The user principal name of the current user. | +| MicrosoftWindows.WinWhoami.logon_type | string | The logon type that identifies the logon method, see \`https://msdn.microsoft.com/en-us/library/windows/desktop/aa380129.aspx\`. | +| MicrosoftWindows.WinWhoami.privileges | unknown | A dictionary of privileges and their state on the logon token. | +| MicrosoftWindows.WinWhoami.label | unknown | The mandatory label set to the logon session. | +| MicrosoftWindows.WinWhoami.impersonation_level | string | The impersonation level of the token, only valid if \`token_type\` is \`TokenImpersonation\`, see \`https://msdn.microsoft.com/en-us/library/windows/desktop/aa379572.aspx\`. | +| MicrosoftWindows.WinWhoami.login_time | string | The logon time in ISO 8601 format | +| MicrosoftWindows.WinWhoami.groups | unknown | A list of groups and attributes that the user is a member of. | +| MicrosoftWindows.WinWhoami.account | unknown | The running account SID details. | +| MicrosoftWindows.WinWhoami.login_domain | string | The name of the domain used to authenticate the owner of the session. | +| MicrosoftWindows.WinWhoami.rights | unknown | A list of logon rights assigned to the logon. | +| MicrosoftWindows.WinWhoami.logon_server | string | The name of the server used to authenticate the owner of the logon session. | +| MicrosoftWindows.WinWhoami.logon_id | number | The unique identifier of the logon session. | +| MicrosoftWindows.WinWhoami.dns_domain_name | string | The DNS name of the logon session, this is an empty string if this is not set. | +| MicrosoftWindows.WinWhoami.token_type | string | The token type to indicate whether it is a primary or impersonation token. | + + +#### Command Example +```!win-whoami host="123.123.123.123" ``` + +#### Context Example +```json +{ + "MicrosoftWindows": { + "WinWhoami": { + "account": { + "account_name": "Administrator", + "domain_name": "WIN-U425UI0HPP7", + "sid": "S-1-5-21-4202888923-410868521-3023024269-500", + "type": "User" + }, + "authentication_package": "NTLM", + "changed": false, + "dns_domain_name": "", + "groups": [ + { + "account_name": "None", + "attributes": [ + "Mandatory", + "Enabled by default", + "Enabled" + ], + "domain_name": "WIN-U425UI0HPP7", + "sid": "S-1-5-21-4202888923-410868521-3023024269-513", + "type": "Group" + } + ], + "host": "123.123.123.123", + "impersonation_level": "SecurityAnonymous", + "label": { + "account_name": "High Mandatory Level", + "domain_name": "Mandatory Label", + "sid": "S-1-16-12288", + "type": "Label" + }, + "login_domain": "WIN-U425UI0HPP7", + "login_time": "2021-06-29T05:17:41.3808413+02:00", + "logon_id": 17293435, + "logon_server": "WIN-U425UI0HPP7", + "logon_type": "Network", + "privileges": { + "SeBackupPrivilege": "enabled-by-default", + "SeChangeNotifyPrivilege": "enabled-by-default", + "SeCreateGlobalPrivilege": "enabled-by-default", + "SeCreatePagefilePrivilege": "enabled-by-default", + "SeCreateSymbolicLinkPrivilege": "enabled-by-default", + "SeDebugPrivilege": "enabled-by-default", + "SeDelegateSessionUserImpersonatePrivilege": "enabled-by-default", + "SeImpersonatePrivilege": "enabled-by-default", + "SeIncreaseBasePriorityPrivilege": "enabled-by-default", + "SeIncreaseQuotaPrivilege": "enabled-by-default", + "SeIncreaseWorkingSetPrivilege": "enabled-by-default", + "SeLoadDriverPrivilege": "enabled-by-default", + "SeManageVolumePrivilege": "enabled-by-default", + "SeProfileSingleProcessPrivilege": "enabled-by-default", + "SeRemoteShutdownPrivilege": "enabled-by-default", + "SeRestorePrivilege": "enabled-by-default", + "SeSecurityPrivilege": "enabled-by-default", + "SeShutdownPrivilege": "enabled-by-default", + "SeSystemEnvironmentPrivilege": "enabled-by-default", + "SeSystemProfilePrivilege": "enabled-by-default", + "SeSystemtimePrivilege": "enabled-by-default", + "SeTakeOwnershipPrivilege": "enabled-by-default", + "SeTimeZonePrivilege": "enabled-by-default", + "SeUndockPrivilege": "enabled-by-default" + }, + "rights": [ + "SeNetworkLogonRight", + "SeInteractiveLogonRight", + "SeBatchLogonRight", + "SeRemoteInteractiveLogonRight" + ], + "status": "SUCCESS", + "token_type": "TokenPrimary", + "upn": "", + "user_flags": [] + } + } +} +``` + +#### Human Readable Output + +># 123.123.123.123 - SUCCESS +> * authentication_package: NTLM +> * changed: False +> * dns_domain_name: +> * impersonation_level: SecurityAnonymous +> * login_domain: WIN-U425UI0HPP7 +> * login_time: 2021-06-29T05:17:41.3808413+02:00 +> * logon_id: 17293435 +> * logon_server: WIN-U425UI0HPP7 +> * logon_type: Network +> * token_type: TokenPrimary +> * upn: +> * ## Account +> * account_name: Administrator +> * domain_name: WIN-U425UI0HPP7 +> * sid: S-1-5-21-4202888923-410868521-3023024269-500 +> * type: User +> * ## Groups +> * ## None +> * account_name: None +> * domain_name: WIN-U425UI0HPP7 +> * sid: S-1-5-21-4202888923-410868521-3023024269-513 +> * type: Group +> * ### Attributes +> * 0: Mandatory +> * 1: Enabled by default +> * 2: Enabled +> * ## Privileges +> * SeBackupPrivilege: enabled-by-default +> * SeChangeNotifyPrivilege: enabled-by-default +> * SeCreateGlobalPrivilege: enabled-by-default +> * SeCreatePagefilePrivilege: enabled-by-default +> * SeCreateSymbolicLinkPrivilege: enabled-by-default +> * SeDebugPrivilege: enabled-by-default +> * SeDelegateSessionUserImpersonatePrivilege: enabled-by-default +> * SeImpersonatePrivilege: enabled-by-default +> * SeIncreaseBasePriorityPrivilege: enabled-by-default +> * SeIncreaseQuotaPrivilege: enabled-by-default +> * SeIncreaseWorkingSetPrivilege: enabled-by-default +> * SeLoadDriverPrivilege: enabled-by-default +> * SeManageVolumePrivilege: enabled-by-default +> * SeProfileSingleProcessPrivilege: enabled-by-default +> * SeRemoteShutdownPrivilege: enabled-by-default +> * SeRestorePrivilege: enabled-by-default +> * SeSecurityPrivilege: enabled-by-default +> * SeShutdownPrivilege: enabled-by-default +> * SeSystemEnvironmentPrivilege: enabled-by-default +> * SeSystemProfilePrivilege: enabled-by-default +> * SeSystemtimePrivilege: enabled-by-default +> * SeTakeOwnershipPrivilege: enabled-by-default +> * SeTimeZonePrivilege: enabled-by-default +> * SeUndockPrivilege: enabled-by-default +> * ## Rights +> * 0: SeNetworkLogonRight +> * 1: SeInteractiveLogonRight +> * 2: SeBatchLogonRight +> * 3: SeRemoteInteractiveLogonRight +> * ## User_Flags + + +### win-xml +*** +Manages XML file content on Windows hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_xml_module.html + + +#### Base Command + +`win-xml` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | hostname or IP of target. Optionally the port can be specified using :PORT. If multiple targets are specified using an array, the integration will use the configured concurrency factor for high performance. | Required | +| attribute | The attribute name if the type is 'attribute'.
Required if `type=attribute`. | Optional | +| count | When set to `yes`, return the number of nodes matched by `xpath`. Possible values are: Yes, No. Default is No. | Optional | +| backup | Determine whether a backup should be created.
When set to `yes`, create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Possible values are: Yes, No. Default is No. | Optional | +| fragment | The string representation of the XML fragment expected at xpath. Since ansible 2.9 not required when `state=absent`, or when `count=yes`. | Optional | +| path | Path to the file to operate on. | Required | +| state | Set or remove the nodes (or attributes) matched by `xpath`. Possible values are: present, absent. Default is present. | Optional | +| type | The type of XML node you are working with. Possible values are: attribute, element, text. Default is element. | Required | +| xpath | Xpath to select the node or nodes to operate on. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| MicrosoftWindows.WinXml.backup_file | string | Name of the backup file that was created. | +| MicrosoftWindows.WinXml.count | number | Number of nodes matched by xpath. | +| MicrosoftWindows.WinXml.msg | string | What was done. | +| MicrosoftWindows.WinXml.err | unknown | XML comparison exceptions. | + + + diff --git a/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/command_examples b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/command_examples new file mode 100644 index 000000000000..77a5ad6ebefa --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/Integrations/AnsibleMicrosoftWindows/command_examples @@ -0,0 +1,78 @@ +!win-audit-policy-system host="123.123.123.123" subcategory="File System" audit_type="failure" +!win-chocolatey host="123.123.123.123" name="git" state="present" +!win-chocolatey-config host="123.123.123.123" name="cacheLocation" state="present" value="D:\\chocolatey_temp" +!win-chocolatey-facts host="123.123.123.123" +!win-chocolatey-feature host="123.123.123.123" name="checksumFiles" state="disabled" +!win-chocolatey-source host="123.123.123.123" name="chocolatey" state="present" +!win-defrag host="123.123.123.123" parallel="True" +!win-disk-facts host="123.123.123.123" +!win-domain host="123.123.123.123" dns_domain_name="ansible.vagrant" safe_mode_password="password123!" +!win-environment host="123.123.123.123" state="present" name="TestVariable" value="Test value" level="machine" +!win-eventlog host="123.123.123.123" name="MyNewLog" sources="['NewLogSource1', 'NewLogSource2']" state="present" +!win-feature host="123.123.123.123" name="Web-Server" state="present" +!win-file-version host="123.123.123.123" path="C:\\Windows\\System32\\cmd.exe" +!win-find host="123.123.123.123" paths="D:\\Temp" +!win-firewall host="123.123.123.123" state="enabled" profiles="['Domain', 'Private', 'Public']" +!win-firewall-rule host="123.123.123.123" name="SMTP" localport="25" action="allow" direction="in" protocol="tcp" state="present" enabled="True" +!win-hosts host="123.123.123.123" state="present" canonical_name="localhost" ip_address="127.0.0.1" +!win-http-proxy host="123.123.123.123" proxy="hostname" +!win-inet-proxy host="123.123.123.123" +!win-netbios host="123.123.123.123" state="disabled" +!win-pagefile host="123.123.123.123" +!win-path host="123.123.123.123" elements="['%SystemRoot%\\\\system32', '%SystemRoot%\\\\system32\\\\WindowsPowerShell\\\\v1.0']" +!win-ping host="123.123.123.123" +!win-power-plan host="123.123.123.123" name="high performance" +!win-product-facts host="123.123.123.123" +!win-psmodule host="123.123.123.123" name="PowerShellModule" state="present" +!win-reg-stat host="123.123.123.123" path="HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion" +!win-regedit host="123.123.123.123" path="HKCU:\\Software\\MyCompany" +!win-region host="123.123.123.123" format="en-US" +!win-route host="123.123.123.123" destination="192.168.2.10/32" gateway="192.168.1.1" metric="1" state="present" +!win-scheduled-task host="123.123.123.123" name="TaskName" description="open command prompt" actions="[{'path': 'cmd.exe', 'arguments': '/c hostname'}, {'path': 'cmd.exe', 'arguments': '/c whoami'}]" triggers="[{'type': 'daily', 'start_boundary': '2017-10-09T09:00:00'}]" username="SYSTEM" state="present" enabled="True" +!win-scheduled-task-stat host="123.123.123.123" path="\\folder name" +!win-security-policy host="123.123.123.123" section="System Access" key="NewGuestName" value="Guest Account" +!win-service host="123.123.123.123" name="spooler" state="restarted" +!win-shortcut host="123.123.123.123" src="C:\\Program Files\\Mozilla Firefox\\Firefox.exe" dest="C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk" icon="C:\\Program Files\\Mozilla Firefox\\Firefox.exe,0" +!win-tempfile host="123.123.123.123" state="directory" suffix="build" +!win-template host="123.123.123.123" src="/mytemplates/file.conf.j2" dest="C:\\Temp\\file.conf" +!win-timezone host="123.123.123.123" timezone="Romance Standard Time" +!win-wait-for-process host="123.123.123.123" process_name_pattern="v(irtual)?box(headless|svc)?" state="absent" timeout="500" +!win-wakeonlan host="123.123.123.123" mac="00:00:5E:00:53:66" broadcast="192.0.2.23" +!win-whoami host="123.123.123.123" +!win-user host="123.123.123.123" name="fed-phil" password="B0bP4ssw0rd" state="present" groups="Users" +!win-acl host="123.123.123.123" user="fed-phil" path="C:\\Important\\Executable.exe" type="deny" rights="ExecuteFile,Write" +!win-audit-rule host="123.123.123.123" path="C:\\inetpub\\wwwroot\\website" user="BUILTIN\\Users" rights="write,delete,changepermissions" audit_flags="success,failure" inheritance_flags="ContainerInherit,ObjectInherit" +!win-certificate-store host="123.123.123.123" path="C:\\Temp\\cert.pem" state="present" +!win-copy host="123.123.123.123" src="C:\\Important\\Executable.exe" dest="C:\\Temp" remote_src=yes +!win-acl-inheritance host="123.123.123.123" path="C://apache" state="absent" +!win-get-url host="123.123.123.123" url="https://www.nasa.gov/sites/default/files/styles/full_width_feature/public/images/297755main_GPN-2001-000009_full.jpg" dest="C:\\Temp\\earthrise.jpg" +!win-group host="123.123.123.123" name="deploy" description="Deploy Group" state="present" +!win-disk-image host="123.123.123.123" image_path="C:/install.iso" state="present" +!win-file host="123.123.123.123" path="C:/Temp/foo.conf" state="touch" +!win-eventlog-entry host="123.123.123.123" log="System" source="System" event_id="1234" message="This is a test log entry." +!win-group-membership host="123.123.123.123" name="Remote Desktop Users" members="fed-phil" state="present" +!win-hostname host="123.123.123.123" name="sample-hostname" +!win-msg host="123.123.123.123" display_seconds="60" msg="Automated upgrade about to start. Please save your work and log off before 6pm" +!win-format host="123.123.123.123" drive_letter=f +!win-chocolatey-facts host="123.123.123.123" +!win-defrag host="123.123.123.123" +!win-lineinfile host="123.123.123.123" path="c:/temp/file.txt" line="c:/temp/new" +!win-owner host="123.123.123.123" path="C:/apache" user="fed-phil" recurse="True" +!win-optional-feature host="123.123.123.123" name="TelnetClient" state="present" +!win-partition host="123.123.123.123" drive_letter="F" partition_size="10 MB" disk_number="1" +!win-nssm host="123.123.123.123" name="foo" application="C:/windows/system32/calc.exe" +!win-user-right host="123.123.123.123" name="SeDenyInteractiveLogonRight" users="Guest" action="set" +!win-wait-for host="123.123.123.123" port="3389" delay="10" +!win-user-profile host="123.123.123.123" username="fed-phil" state="present" +!win-uri host="123.123.123.123" url="http://google.com/" status_code=200 +!win-unzip host="123.123.123.123" src="C:/logs.zip" dest="C:/temp/OldLogs" creates="C:/temp/OldLogs" +!win-toast host="123.123.123.123" expire="60" title="System Upgrade Notification" msg="Automated upgrade about to start. Please save your work and log off before 6pm" +!win-stat host="123.123.123.123" path="C:/logs.zip" +!win-robocopy host="123.123.123.123" src="C:/temp" dest="C:/temp2" +!win-regmerge host="123.123.123.123" path="C:/temp/firefox.reg" +!win-say host="123.123.123.123" msg="Warning, deployment commencing in 5 minutes, please log out." +!win-share host="123.123.123.123" name="internal" description="top secret share" path="C:/temp" list="False" full="Administrators,fed-phil" read="fed-phil" deny="Guest" +!win-psexec host="123.123.123.123" command="whoami.exe" +!win-psrepository host="123.123.123.123" name="PSGallery" state="present" +!win-updates host="123.123.123.123" category_names="['SecurityUpdates', 'CriticalUpdates', 'UpdateRollups']" +!win-reboot host="123.123.123.123" \ No newline at end of file diff --git a/Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Wait_Until_Windows_Host_Online_v2.yml b/Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Wait_Until_Windows_Host_Online_v2.yml new file mode 100644 index 000000000000..45402392ce09 --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Wait_Until_Windows_Host_Online_v2.yml @@ -0,0 +1,190 @@ +id: Wait Until Windows Host Online v2 +version: -1 +name: Wait Until Windows Host Online v2 +description: Pauses execution until the Windows host responds to a ping over WinRM. +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 004bfde8-3273-4c70-868a-84f5afa034fb + type: start + task: + id: 004bfde8-3273-4c70-868a-84f5afa034fb + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "1" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "1": + id: "1" + taskid: 3433f21a-7c6b-466d-894b-5c74278c1362 + type: regular + task: + id: 3433f21a-7c6b-466d-894b-5c74278c1362 + version: -1 + name: Try to connect to host + description: |- + A windows version of the classic ping module + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_ping_module.html + script: '|||win-ping' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "2" + scriptarguments: + data: {} + host: + simple: ${inputs.host} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "2": + id: "2" + taskid: f3b8dd0e-2742-43f1-8a62-6222d608a25f + type: condition + task: + id: f3b8dd0e-2742-43f1-8a62-6222d608a25f + version: -1 + name: Host ready? + type: condition + iscommand: false + brand: "" + description: '' + nexttasks: + '#default#': + - "3" + "yes": + - "4" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: MicrosoftWindows.WinPing.ping + iscontext: true + right: + value: + simple: pong + view: |- + { + "position": { + "x": 265, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "3": + id: "3" + taskid: 11da9d88-805b-4407-8928-2651967ebbe4 + type: title + task: + id: 11da9d88-805b-4407-8928-2651967ebbe4 + version: -1 + name: Re-run + type: title + iscommand: false + brand: "" + description: '' + separatecontext: false + view: |- + { + "position": { + "x": 40, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "4": + id: "4" + taskid: 39cdcf8b-3af2-4b4c-858c-4b3c77df81d6 + type: regular + task: + id: 39cdcf8b-3af2-4b4c-858c-4b3c77df81d6 + version: -1 + name: Exit Loop + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + scriptarguments: + append: {} + key: + simple: exitloop + stringify: {} + value: + simple: "true" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 590, + "width": 820, + "x": 40, + "y": 50 + } + } + } +inputs: +- key: host + value: {} + required: true + description: "" + playbookInputQuery: +outputs: [] +tests: +- No tests (auto formatted) +fromversion: 6.0.0 + diff --git a/Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Windows_Application_Deployment_v2.yml b/Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Windows_Application_Deployment_v2.yml new file mode 100644 index 000000000000..4e573c00a4c3 --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/Playbooks/playbook-Windows_Application_Deployment_v2.yml @@ -0,0 +1,689 @@ +id: Windows Application Deployment v2 +version: -1 +name: Windows Application Deployment v2 +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: c629dd12-7ff8-494f-8fd8-21f6064a7c91 + type: start + task: + id: c629dd12-7ff8-494f-8fd8-21f6064a7c91 + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "1" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "1": + id: "1" + taskid: a5a65b45-50af-4cf8-8b88-50c3b9d2557e + type: collection + task: + id: a5a65b45-50af-4cf8-8b88-50c3b9d2557e + version: -1 + name: 'Prompt: Which package(s) and host?' + description: Prompt for which packages to deploy + type: collection + iscommand: false + brand: "" + nexttasks: + '#none#': + - "2" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 195 + } + } + note: false + timertriggers: [] + ignoreworker: false + message: + to: + subject: + body: + methods: [] + format: "" + bcc: + cc: + timings: + retriescount: 2 + retriesinterval: 360 + completeafterreplies: 1 + form: + questions: + - id: "0" + label: "" + labelarg: + simple: Which Packages to Deploy? + required: true + gridcolumns: [] + defaultrows: [] + type: multiSelect + options: [] + optionsarg: + - simple: AdobeReader + - simple: O365Business + - simple: GoogleChrome + - simple: jre8 + - simple: Firefox + - simple: 7zip.install + - simple: VLC + - simple: notepadplusplus.install + - simple: git.install + - simple: python + - simple: vscode + fieldassociated: "" + placeholder: "" + tooltip: "" + readonly: false + - id: "1" + label: "" + labelarg: + simple: Which host? + required: true + gridcolumns: [] + defaultrows: [] + type: longText + options: [] + optionsarg: [] + fieldassociated: "" + placeholder: dns name or ip address + tooltip: "" + readonly: false + title: Package Selection + description: Prompt for which packages to deploy + sender: "" + expired: false + totalanswers: 0 + skipunavailable: false + quietmode: 0 + "2": + id: "2" + taskid: d752b7e5-8a70-44ce-894c-132ed64a058b + type: regular + task: + id: d752b7e5-8a70-44ce-894c-132ed64a058b + version: -1 + name: Test connectivity to endpoint + description: |- + A windows version of the classic ping module + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_ping_module.html + script: '|||win-ping' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "3" + scriptarguments: + data: {} + host: + simple: ${Package Selection.Answers.1} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "3": + id: "3" + taskid: 9a087d26-7e18-46c0-8b5a-07764823c1f7 + type: condition + task: + id: 9a087d26-7e18-46c0-8b5a-07764823c1f7 + version: -1 + name: Is Workstation currently Online? + description: Check if workstation is online + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "4" + "yes": + - "9" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: MicrosoftWindows.WinPing.ping + iscontext: true + right: + value: + simple: pong + view: |- + { + "position": { + "x": 265, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "4": + id: "4" + taskid: 3f831c8e-5d31-4f1f-8440-8d945c471aaf + type: condition + task: + id: 3f831c8e-5d31-4f1f-8440-8d945c471aaf + version: -1 + name: Keep retrying or allow user to trigger install? + description: Prompt for retry behaviour + type: condition + iscommand: false + brand: "" + nexttasks: + Keep Retrying: + - "5" + User to Trigger: + - "6" + separatecontext: false + view: |- + { + "position": { + "x": 570, + "y": 700 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "5": + id: "5" + taskid: 55d578b4-606f-4d73-8080-e380a84bfc1a + type: playbook + task: + id: 55d578b4-606f-4d73-8080-e380a84bfc1a + version: -1 + name: Wait Until Windows Host Online v2 + playbookName: Wait Until Windows Host Online v2 + type: playbook + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "9" + scriptarguments: + host: + simple: ${Package Selection.Answers.1} + separatecontext: true + loop: + iscommand: false + builtincondition: + - - operator: isExists + left: + value: + simple: exitloop + iscontext: true + exitCondition: "" + wait: 300 + max: 10000 + view: |- + { + "position": { + "x": 520, + "y": 1440 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "6": + id: "6" + taskid: e6490ad5-6d53-40dc-8175-0989508d4e25 + type: collection + task: + id: e6490ad5-6d53-40dc-8175-0989508d4e25 + version: -1 + name: What is the users email? + description: Prompt for end users email + type: collection + iscommand: false + brand: "" + nexttasks: + '#none#': + - "7" + separatecontext: false + view: |- + { + "position": { + "x": 750, + "y": 870 + } + } + note: false + timertriggers: [] + ignoreworker: false + message: + to: + subject: + body: + methods: [] + format: "" + bcc: + cc: + timings: + retriescount: 2 + retriesinterval: 360 + completeafterreplies: 1 + form: + questions: + - id: "0" + label: "" + labelarg: + simple: What is the users email address? + required: false + gridcolumns: [] + defaultrows: [] + type: shortText + options: [] + optionsarg: [] + fieldassociated: "" + placeholder: "" + tooltip: "" + readonly: false + title: What is the users email? + description: Prompt for end users email address + sender: "" + expired: false + totalanswers: 0 + skipunavailable: false + quietmode: 0 + "7": + id: "7" + taskid: ea9782c1-5250-43ef-85a4-bb94e622ea85 + type: regular + task: + id: ea9782c1-5250-43ef-85a4-bb94e622ea85 + version: -1 + name: Ask user by email + description: Ask a user a question via email and process the reply directly + into the investigation. + scriptName: EmailAskUser + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "8" + scriptarguments: + additionalOptions: {} + attachIds: {} + bcc: {} + bodyType: {} + cc: {} + email: + simple: ${What is the users email?.Answers.0} + message: + complex: + root: Package Selection.Questions + accessor: "0" + transformers: + - operator: join + args: + separator: + value: + simple: "\n* " + - operator: concat + args: + prefix: + value: + simple: "Your IT department attempted to install new software packages\ + \ on your workstation but the machine was not accessible at the\ + \ time. \n\nThe software package(s) they are attempting to install\ + \ are:\n* " + suffix: {} + - operator: concat + args: + prefix: {} + suffix: + value: + simple: Package Selection.Answers.1 + iscontext: true + - operator: concat + args: + prefix: {} + suffix: + value: + simple: |2- + + + When it is convenient to install this software, ensure your workstation is powered on, connected to the network. To start the install reply to this email with word "ready" + option1: + simple: ready + option2: {} + persistent: {} + playbookTaskID: {} + replyAddress: {} + replyEntriesTag: {} + retries: {} + roles: {} + subject: + simple: Software Install Pending + task: + simple: UserFeedback + separatecontext: false + view: |- + { + "position": { + "x": 750, + "y": 1060 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "8": + id: "8" + taskid: 019d509a-929a-4fe9-8aca-03f8f9dad572 + type: condition + task: + id: 019d509a-929a-4fe9-8aca-03f8f9dad572 + version: -1 + name: Waiting for User to say they are ready + description: Wait for ready email + tags: + - UserFeedback + type: condition + iscommand: false + brand: "" + nexttasks: + Ready: + - "5" + separatecontext: false + view: |- + { + "position": { + "x": 750, + "y": 1215 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "9": + id: "9" + taskid: ddf5de77-1202-4c9c-88c7-45bd59f3ab9e + type: regular + task: + id: ddf5de77-1202-4c9c-88c7-45bd59f3ab9e + version: -1 + name: Choco Install + description: |- + Manage packages using chocolatey + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_chocolatey_module.html + script: '|||win-chocolatey' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "10" + scriptarguments: + allow_empty_checksums: {} + allow_multiple: {} + allow_prerelease: {} + architecture: {} + force: {} + host: + simple: ${Package Selection.Answers.1} + ignore_checksums: {} + ignore_dependencies: {} + install_args: {} + name: + complex: + root: Package Selection.Answers + accessor: "0" + transformers: + - operator: join + args: + separator: + value: + simple: ',' + package_params: {} + pinned: {} + proxy_password: {} + proxy_url: {} + proxy_username: {} + skip_scripts: {} + source: {} + source_password: {} + source_username: {} + state: {} + timeout: {} + validate_certs: {} + version: {} + separatecontext: false + view: |- + { + "position": { + "x": 520, + "y": 1610 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "10": + id: "10" + taskid: 11aad3a1-a686-45c4-880f-df4635e2b390 + type: title + task: + id: 11aad3a1-a686-45c4-880f-df4635e2b390 + version: -1 + name: Post Install Review + type: title + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "11" + separatecontext: false + view: |- + { + "position": { + "x": 520, + "y": 1800 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "11": + id: "11" + taskid: 3f99c3d7-0596-4c96-8ca8-55fdc8410890 + type: condition + task: + id: 3f99c3d7-0596-4c96-8ca8-55fdc8410890 + version: -1 + name: Software installed successfully? + description: Check if the software was installed successfully + type: condition + iscommand: false + brand: "" + nexttasks: + "No": + - "13" + "yes": + - "12" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: MicrosoftWindows.WinChocolatey(val.rc==0).host + iscontext: true + - label: "No" + condition: + - - operator: isNotEmpty + left: + value: + simple: MicrosoftWindows.WinChocolatey(val.rc!=0).host + iscontext: true + view: |- + { + "position": { + "x": 520, + "y": 1935 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "12": + id: "12" + taskid: dbba151c-e5e7-4ff6-8b99-847d62d4826e + type: regular + task: + id: dbba151c-e5e7-4ff6-8b99-847d62d4826e + version: -1 + name: Notify end user of Success via popup + description: |- + Sends a message to logged in users on Windows hosts + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/win_msg_module.html + script: '|||win-msg' + type: regular + iscommand: true + brand: "" + scriptarguments: + display_seconds: {} + host: + complex: + root: MicrosoftWindows.WinChocolatey(val.rc==0) + accessor: host + msg: + complex: + root: Package Selection.Answers + accessor: "0" + transformers: + - operator: join + args: + separator: + value: + simple: |2- + + * + - operator: concat + args: + prefix: + value: + simple: |- + New software has been installed on your machine: + * + suffix: {} + to: {} + wait: {} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 2110 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "13": + id: "13" + taskid: 3e706765-6ebf-4e2d-837e-7577a2ca5ca6 + type: regular + task: + id: 3e706765-6ebf-4e2d-837e-7577a2ca5ca6 + version: -1 + name: Gather System Facts for troubleshooting + description: |- + Gathers facts about remote hosts + Further documentation available at https://docs.ansible.com/ansible/2.9/modules/gather_facts_module.html + script: '|||win-gather-facts' + type: regular + iscommand: true + brand: "" + scriptarguments: + host: + simple: MicrosoftWindows.WinChocolatey(val.rc!=0).host + parallel: {} + separatecontext: false + view: |- + { + "position": { + "x": 790, + "y": 2110 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 2155, + "width": 905, + "x": 265, + "y": 50 + } + } + } +inputs: [] +outputs: [] +tests: +- No tests (auto formatted) +fromversion: 6.0.0 +description: This playbook helps an operator install Windows applications to workstations + using the Chocolatey package manager. diff --git a/Packs/AnsibleMicrosoftWindows/README.md b/Packs/AnsibleMicrosoftWindows/README.md new file mode 100644 index 000000000000..705d72151d90 --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/README.md @@ -0,0 +1,36 @@ +This pack enables the management of Microsoft Windows hosts using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack allow you to manage? + +* Users, Groups +* Event/Audit Logs +* Hostname +* Shares +* User profiles +* Windows Firewall +* Processes +* Files/Folders, ACLs, Disks, Partitions +* Interact with User using Messages, Toasts, and Text to Speech +* Install software using Chocolatey +* Services +* Windows Features +* Power State and Plan +* Download files +* Issue URI requests +* Create wakeonlan packets +* Time +* File contents +* Scheduling +* Proxy +* Hosts file +* Domain +* Shortcuts +* Pagefile +* IIS + +In addition to this the Windows Integration can be used to retrieve information about: + +* General system info +* Hardware +* Services +* Installed software and licensing diff --git a/Packs/AnsibleMicrosoftWindows/pack_metadata.json b/Packs/AnsibleMicrosoftWindows/pack_metadata.json new file mode 100644 index 000000000000..072d9d7052ff --- /dev/null +++ b/Packs/AnsibleMicrosoftWindows/pack_metadata.json @@ -0,0 +1,20 @@ +{ + "name": "Ansible Microsoft Windows", + "description": "Manage and control Windows hosts.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": [ + "IT" + ], + "useCases": [ + "IT Services", + "Asset Management" + ], + "keywords": [] +} diff --git a/Packs/AnsibleVMware/.pack-ignore b/Packs/AnsibleVMware/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/AnsibleVMware/.secrets-ignore b/Packs/AnsibleVMware/.secrets-ignore new file mode 100644 index 000000000000..d60529627fb2 --- /dev/null +++ b/Packs/AnsibleVMware/.secrets-ignore @@ -0,0 +1,4 @@ +http://partnerweb.vmware.com +1.3.6.1 +4.1.1.0 +4.1.1.1 diff --git a/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.py b/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.py new file mode 100644 index 000000000000..42f12c069111 --- /dev/null +++ b/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.py @@ -0,0 +1,357 @@ +import traceback +import ssh_agent_setup +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +# Import Generated code +from AnsibleApiModule import * # noqa: E402 + +host_type = 'local' + +# MAIN FUNCTION + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + # SSH Key integration requires ssh_agent to be running in the background + ssh_agent_setup.setup() + + # Common Inputs + command = demisto.command() + args = demisto.args() + int_params = demisto.params() + creds_mapping = { + "identifier": "username", + "password": "password" + } + + try: + + if command == 'test-module': + # This is the call made when pressing the integration Test button. + result = generic_ansible('VMware', 'vmware_about_info', args, int_params, host_type, creds_mapping) + + if result: + return_results('ok') + else: + return_results(result) + + elif command == 'vmware-about-info': + return_results(generic_ansible('VMware', 'vmware_about_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-category': + return_results(generic_ansible('VMware', 'vmware_category', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-category-info': + return_results(generic_ansible('VMware', 'vmware_category_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-cfg-backup': + return_results(generic_ansible('VMware', 'vmware_cfg_backup', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-cluster': + return_results(generic_ansible('VMware', 'vmware_cluster', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-cluster-drs': + return_results(generic_ansible('VMware', 'vmware_cluster_drs', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-cluster-ha': + return_results(generic_ansible('VMware', 'vmware_cluster_ha', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-cluster-info': + return_results(generic_ansible('VMware', 'vmware_cluster_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-cluster-vsan': + return_results(generic_ansible('VMware', 'vmware_cluster_vsan', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-content-deploy-template': + return_results(generic_ansible('VMware', 'vmware_content_deploy_template', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-content-library-info': + return_results(generic_ansible('VMware', 'vmware_content_library_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-content-library-manager': + return_results(generic_ansible('VMware', 'vmware_content_library_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-datacenter': + return_results(generic_ansible('VMware', 'vmware_datacenter', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-datastore-cluster': + return_results(generic_ansible('VMware', 'vmware_datastore_cluster', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-datastore-info': + return_results(generic_ansible('VMware', 'vmware_datastore_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-datastore-maintenancemode': + return_results(generic_ansible('VMware', 'vmware_datastore_maintenancemode', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-dns-config': + return_results(generic_ansible('VMware', 'vmware_dns_config', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-drs-group': + return_results(generic_ansible('VMware', 'vmware_drs_group', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-drs-group-info': + return_results(generic_ansible('VMware', 'vmware_drs_group_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-drs-rule-info': + return_results(generic_ansible('VMware', 'vmware_drs_rule_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-dvs-host': + return_results(generic_ansible('VMware', 'vmware_dvs_host', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-dvs-portgroup': + return_results(generic_ansible('VMware', 'vmware_dvs_portgroup', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-dvs-portgroup-find': + return_results(generic_ansible('VMware', 'vmware_dvs_portgroup_find', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-dvs-portgroup-info': + return_results(generic_ansible('VMware', 'vmware_dvs_portgroup_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-dvswitch': + return_results(generic_ansible('VMware', 'vmware_dvswitch', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-dvswitch-lacp': + return_results(generic_ansible('VMware', 'vmware_dvswitch_lacp', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-dvswitch-nioc': + return_results(generic_ansible('VMware', 'vmware_dvswitch_nioc', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-dvswitch-pvlans': + return_results(generic_ansible('VMware', 'vmware_dvswitch_pvlans', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-dvswitch-uplink-pg': + return_results(generic_ansible('VMware', 'vmware_dvswitch_uplink_pg', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-evc-mode': + return_results(generic_ansible('VMware', 'vmware_evc_mode', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-folder-info': + return_results(generic_ansible('VMware', 'vmware_folder_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-guest': + return_results(generic_ansible('VMware', 'vmware_guest', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-guest-boot-info': + return_results(generic_ansible('VMware', 'vmware_guest_boot_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-boot-manager': + return_results(generic_ansible('VMware', 'vmware_guest_boot_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-custom-attribute-defs': + return_results(generic_ansible('VMware', 'vmware_guest_custom_attribute_defs', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-custom-attributes': + return_results(generic_ansible('VMware', 'vmware_guest_custom_attributes', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-customization-info': + return_results(generic_ansible('VMware', 'vmware_guest_customization_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-disk': + return_results(generic_ansible('VMware', 'vmware_guest_disk', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-guest-disk-info': + return_results(generic_ansible('VMware', 'vmware_guest_disk_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-find': + return_results(generic_ansible('VMware', 'vmware_guest_find', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-guest-info': + return_results(generic_ansible('VMware', 'vmware_guest_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-guest-move': + return_results(generic_ansible('VMware', 'vmware_guest_move', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-guest-network': + return_results(generic_ansible('VMware', 'vmware_guest_network', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-powerstate': + return_results(generic_ansible('VMware', 'vmware_guest_powerstate', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-screenshot': + return_results(generic_ansible('VMware', 'vmware_guest_screenshot', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-sendkey': + return_results(generic_ansible('VMware', 'vmware_guest_sendkey', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-snapshot': + return_results(generic_ansible('VMware', 'vmware_guest_snapshot', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-snapshot-info': + return_results(generic_ansible('VMware', 'vmware_guest_snapshot_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-tools-upgrade': + return_results(generic_ansible('VMware', 'vmware_guest_tools_upgrade', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-tools-wait': + return_results(generic_ansible('VMware', 'vmware_guest_tools_wait', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-guest-video': + return_results(generic_ansible('VMware', 'vmware_guest_video', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-guest-vnc': + return_results(generic_ansible('VMware', 'vmware_guest_vnc', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-host': + return_results(generic_ansible('VMware', 'vmware_host', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-host-acceptance': + return_results(generic_ansible('VMware', 'vmware_host_acceptance', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-active-directory': + return_results(generic_ansible('VMware', 'vmware_host_active_directory', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-capability-info': + return_results(generic_ansible('VMware', 'vmware_host_capability_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-config-info': + return_results(generic_ansible('VMware', 'vmware_host_config_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-config-manager': + return_results(generic_ansible('VMware', 'vmware_host_config_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-datastore': + return_results(generic_ansible('VMware', 'vmware_host_datastore', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-dns-info': + return_results(generic_ansible('VMware', 'vmware_host_dns_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-facts': + return_results(generic_ansible('VMware', 'vmware_host_facts', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-host-feature-info': + return_results(generic_ansible('VMware', 'vmware_host_feature_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-firewall-info': + return_results(generic_ansible('VMware', 'vmware_host_firewall_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-firewall-manager': + return_results(generic_ansible('VMware', 'vmware_host_firewall_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-hyperthreading': + return_results(generic_ansible('VMware', 'vmware_host_hyperthreading', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-ipv6': + return_results(generic_ansible('VMware', 'vmware_host_ipv6', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-host-kernel-manager': + return_results(generic_ansible('VMware', 'vmware_host_kernel_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-lockdown': + return_results(generic_ansible('VMware', 'vmware_host_lockdown', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-ntp': + return_results(generic_ansible('VMware', 'vmware_host_ntp', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-host-ntp-info': + return_results(generic_ansible('VMware', 'vmware_host_ntp_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-package-info': + return_results(generic_ansible('VMware', 'vmware_host_package_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-powermgmt-policy': + return_results(generic_ansible('VMware', 'vmware_host_powermgmt_policy', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-powerstate': + return_results(generic_ansible('VMware', 'vmware_host_powerstate', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-scanhba': + return_results(generic_ansible('VMware', 'vmware_host_scanhba', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-host-service-info': + return_results(generic_ansible('VMware', 'vmware_host_service_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-service-manager': + return_results(generic_ansible('VMware', 'vmware_host_service_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-snmp': + return_results(generic_ansible('VMware', 'vmware_host_snmp', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-host-ssl-info': + return_results(generic_ansible('VMware', 'vmware_host_ssl_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-vmhba-info': + return_results(generic_ansible('VMware', 'vmware_host_vmhba_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-host-vmnic-info': + return_results(generic_ansible('VMware', 'vmware_host_vmnic_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-local-role-info': + return_results(generic_ansible('VMware', 'vmware_local_role_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-local-role-manager': + return_results(generic_ansible('VMware', 'vmware_local_role_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-local-user-info': + return_results(generic_ansible('VMware', 'vmware_local_user_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-local-user-manager': + return_results(generic_ansible('VMware', 'vmware_local_user_manager', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-maintenancemode': + return_results(generic_ansible('VMware', 'vmware_maintenancemode', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-migrate-vmk': + return_results(generic_ansible('VMware', 'vmware_migrate_vmk', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-object-role-permission': + return_results(generic_ansible('VMware', 'vmware_object_role_permission', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-portgroup': + return_results(generic_ansible('VMware', 'vmware_portgroup', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-portgroup-info': + return_results(generic_ansible('VMware', 'vmware_portgroup_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-resource-pool': + return_results(generic_ansible('VMware', 'vmware_resource_pool', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-resource-pool-info': + return_results(generic_ansible('VMware', 'vmware_resource_pool_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-tag': + return_results(generic_ansible('VMware', 'vmware_tag', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-tag-info': + return_results(generic_ansible('VMware', 'vmware_tag_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-tag-manager': + return_results(generic_ansible('VMware', 'vmware_tag_manager', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-target-canonical-info': + return_results(generic_ansible('VMware', 'vmware_target_canonical_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vcenter-settings': + return_results(generic_ansible('VMware', 'vmware_vcenter_settings', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vcenter-statistics': + return_results(generic_ansible('VMware', 'vmware_vcenter_statistics', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vm-host-drs-rule': + return_results(generic_ansible('VMware', 'vmware_vm_host_drs_rule', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vm-info': + return_results(generic_ansible('VMware', 'vmware_vm_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vm-shell': + return_results(generic_ansible('VMware', 'vmware_vm_shell', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vm-storage-policy-info': + return_results(generic_ansible('VMware', 'vmware_vm_storage_policy_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vm-vm-drs-rule': + return_results(generic_ansible('VMware', 'vmware_vm_vm_drs_rule', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vm-vss-dvs-migrate': + return_results(generic_ansible('VMware', 'vmware_vm_vss_dvs_migrate', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vmkernel': + return_results(generic_ansible('VMware', 'vmware_vmkernel', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vmkernel-info': + return_results(generic_ansible('VMware', 'vmware_vmkernel_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vmkernel-ip-config': + return_results(generic_ansible('VMware', 'vmware_vmkernel_ip_config', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vmotion': + return_results(generic_ansible('VMware', 'vmware_vmotion', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vsan-cluster': + return_results(generic_ansible('VMware', 'vmware_vsan_cluster', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vspan-session': + return_results(generic_ansible('VMware', 'vmware_vspan_session', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vswitch': + return_results(generic_ansible('VMware', 'vmware_vswitch', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vswitch-info': + return_results(generic_ansible('VMware', 'vmware_vswitch_info', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vsphere-file': + return_results(generic_ansible('VMware', 'vsphere_file', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vcenter-extension': + return_results(generic_ansible('VMware', 'vcenter_extension', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vcenter-extension-info': + return_results(generic_ansible('VMware', 'vcenter_extension_info', args, int_params, host_type, + creds_mapping)) + elif command == 'vmware-vcenter-folder': + return_results(generic_ansible('VMware', 'vcenter_folder', args, int_params, host_type, creds_mapping)) + elif command == 'vmware-vcenter-license': + return_results(generic_ansible('VMware', 'vcenter_license', args, int_params, host_type, creds_mapping)) + # Log exceptions and return errors + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +# ENTRY POINT + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.yml b/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.yml new file mode 100644 index 000000000000..ffca6cc127ed --- /dev/null +++ b/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware.yml @@ -0,0 +1,4711 @@ +category: IT Services +commonfields: + id: AnsibleVMware + version: -1 +configuration: +- additionalinfo: The hostname or IP address of the vSphere vCenter or ESXi server. + display: Hostname + name: hostname + required: true + type: 0 +- additionalinfo: The port of the vSphere vCenter or ESXi server. + defaultvalue: '443' + display: Port + name: port + required: true + type: 0 +- additionalinfo: The username to access the vSphere vCenter or ESXi server. + display: Username + displaypassword: Password + name: creds + required: true + type: 9 +- additionalinfo: Allows connection when SSL certificates are not valid. Set to `false` + when certificates are not trusted. + defaultvalue: 'True' + display: Validate Certs + name: validate_certs + required: true + type: 15 + options: + - "False" + - "True" +description: Manage VMware vSphere Server, Guests, and ESXi Hosts +display: Ansible VMware +fromversion: 6.0.0 +name: AnsibleVMware +script: + commands: + - arguments: [] + description: "Provides information about VMware server to which user is connecting\ + \ to\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_about_info_module.html" + name: vmware-about-info + outputs: + - contextPath: VMware.VmwareAboutInfo.about_info + description: dict about VMware server + type: string + - arguments: + - description: The name of category to manage. + name: category_name + required: true + - defaultValue: '' + description: 'The category description. This is required only if `state` is + set to `present`. This parameter is ignored, when `state` is set to `absent`.' + name: category_description + - auto: PREDEFINED + defaultValue: multiple + description: 'The category cardinality. This parameter is ignored, when updating + existing category.' + name: category_cardinality + predefined: + - multiple + - single + - description: 'The new name for an existing category. This value is used while + updating an existing category.' + name: new_category_name + - auto: PREDEFINED + defaultValue: present + description: 'The state of category. If set to `present` and category does not + exists, then category is created. If set to `present` and category exists, + then category is updated. If set to `absent` and category exists, then category + is deleted. If set to `absent` and category does not exists, no action is + taken. Process of updating category only allows name, description change.' + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Manage VMware categories\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_category_module.html" + name: vmware-category + outputs: + - contextPath: VMware.VmwareCategory.category_results + description: dictionary of category metadata + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Gather info about VMware tag categories\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_category_info_module.html" + name: vmware-category-info + outputs: + - contextPath: VMware.VmwareCategoryInfo.tag_category_info + description: metadata of tag categories + type: unknown + - arguments: + - description: Name of ESXi server. This is required only if authentication against + a vCenter is done. + name: esxi_hostname + - description: 'The destination where the ESXi configuration bundle will be saved. + The `dest` can be a folder or a file. If `dest` is a folder, the backup file + will be saved in the folder with the default filename generated from the ESXi + server. If `dest` is a file, the backup file will be saved with that filename. + The file extension will always be .tgz.' + name: dest + - description: The file containing the ESXi configuration that will be restored. + name: src + - auto: PREDEFINED + description: 'If `saved`, the .tgz backup bundle will be saved in `dest`. If + `absent`, the host configuration will be reset to default values. If `loaded`, + the backup file in `src` will be loaded to the ESXi host rewriting the hosts + settings.' + name: state + predefined: + - saved + - absent + - loaded + description: "Backup / Restore / Reset ESXi host configuration\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_cfg_backup_module.html" + name: vmware-cfg-backup + outputs: + - contextPath: VMware.VmwareCfgBackup.dest_file + description: The full path of where the file holding the ESXi configurations + was stored + type: string + - arguments: + - description: The name of the cluster to be managed. + name: cluster_name + required: true + - description: The name of the datacenter. + name: datacenter + required: true + - defaultValue: 'no' + description: If set to `yes`, DRS will not be configured; all explicit and default + DRS related configurations will be ignored. + name: ignore_drs + - defaultValue: 'no' + description: If set to `yes`, HA will not be configured; all explicit and default + HA related configurations will be ignored. + name: ignore_ha + - defaultValue: 'no' + description: If set to `yes`, VSAN will not be configured; all explicit and + default VSAN related configurations will be ignored. + name: ignore_vsan + - defaultValue: 'no' + description: 'If set to `yes`, will enable DRS when the cluster is created. + Use `enable_drs` of `vmware_cluster_drs` instead. Deprecated option, will + be removed in version 2.12.' + name: enable_drs + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Determines whether DRS Behavior overrides for individual virtual + machines are enabled. If set to `True`, overrides `drs_default_vm_behavior`. + Use `drs_enable_vm_behavior_overrides` of `vmware_cluster_drs` instead. Deprecated + option, will be removed in version 2.12.' + name: drs_enable_vm_behavior_overrides + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: fullyAutomated + description: 'Specifies the cluster-wide default DRS behavior for virtual machines. + If set to `partiallyAutomated`, then vCenter generate recommendations for + virtual machine migration and for the placement with a host. vCenter automatically + implement placement at power on. If set to `manual`, then vCenter generate + recommendations for virtual machine migration and for the placement with a + host. vCenter should not implement the recommendations automatically. If set + to `fullyAutomated`, then vCenter should automate both the migration of virtual + machines and their placement with a host at power on. Use `drs_default_vm_behavior` + of `vmware_cluster_drs` instead. Deprecated option, will be removed in version + 2.12.' + name: drs_default_vm_behavior + predefined: + - fullyAutomated + - manual + - partiallyAutomated + - auto: PREDEFINED + defaultValue: '3' + description: 'Threshold for generated ClusterRecommendations. Use `drs_vmotion_rate` + of `vmware_cluster_drs` instead. Deprecated option, will be removed in version + 2.12.' + name: drs_vmotion_rate + predefined: + - '1' + - '2' + - '3' + - '4' + - '5' + - defaultValue: 'no' + description: 'If set to `yes` will enable HA when the cluster is created. Use + `enable_ha` of `vmware_cluster_ha` instead. Deprecated option, will be removed + in version 2.12.' + name: enable_ha + - auto: PREDEFINED + defaultValue: enabled + description: 'Indicates whether HA restarts virtual machines after a host fails. + If set to `enabled`, HA restarts virtual machines after a host fails. If set + to `disabled`, HA does not restart virtual machines after a host fails. If + `enable_ha` is set to `no`, then this value is ignored. Use `ha_host_monitoring` + of `vmware_cluster_ha` instead. Deprecated option, will be removed in version + 2.12.' + name: ha_host_monitoring + predefined: + - enabled + - disabled + - auto: PREDEFINED + defaultValue: vmMonitoringDisabled + description: 'Indicates the state of virtual machine health monitoring service. + If set to `vmAndAppMonitoring`, HA response to both virtual machine and application + heartbeat failure. If set to `vmMonitoringDisabled`, virtual machine health + monitoring is disabled. If set to `vmMonitoringOnly`, HA response to virtual + machine heartbeat failure. If `enable_ha` is set to `no`, then this value + is ignored. Use `ha_vm_monitoring` of `vmware_cluster_ha` instead. Deprecated + option, will be removed in version 2.12.' + name: ha_vm_monitoring + predefined: + - vmAndAppMonitoring + - vmMonitoringOnly + - vmMonitoringDisabled + - defaultValue: '2' + description: 'Number of host failures that should be tolerated, still guaranteeing + sufficient resources to restart virtual machines on available hosts. Accepts + integer values only. Use `slot_based_admission_control`, `reservation_based_admission_control` + or `failover_host_admission_control` of `vmware_cluster_ha` instead. Deprecated + option, will be removed in version 2.12.' + name: ha_failover_level + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Determines if strict admission control is enabled. It is recommended + to set this parameter to `True`, please refer documentation for more details. + Use `slot_based_admission_control`, `reservation_based_admission_control` + or `failover_host_admission_control` of `vmware_cluster_ha` instead. Deprecated + option, will be removed in version 2.12.' + name: ha_admission_control_enabled + predefined: + - 'Yes' + - 'No' + - defaultValue: '30' + description: 'The number of seconds after which virtual machine is declared + as failed if no heartbeat has been received. This setting is only valid if + `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. + Unit is seconds. Use `ha_vm_failure_interval` of `vmware_cluster_ha` instead. + Deprecated option, will be removed in version 2.12.' + name: ha_vm_failure_interval + - defaultValue: '120' + description: 'The number of seconds for the virtual machine''s heartbeats to + stabilize after the virtual machine has been powered on. This setting is only + valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. + Unit is seconds. Use `ha_vm_min_up_time` of `vmware_cluster_ha` instead. Deprecated + option, will be removed in version 2.12.' + name: ha_vm_min_up_time + - defaultValue: '3' + description: 'Maximum number of failures and automated resets allowed during + the time that `ha_vm_max_failure_window` specifies. This setting is only valid + if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. + Use `ha_vm_max_failures` of `vmware_cluster_ha` instead. Deprecated option, + will be removed in version 2.12.' + name: ha_vm_max_failures + - defaultValue: '-1' + description: 'The number of seconds for the window during which up to `ha_vm_max_failures` + resets can occur before automated responses stop. This setting is only valid + if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. + Unit is seconds. Default specifies no failure window. Use `ha_vm_max_failure_window` + of `vmware_cluster_ha` instead. Deprecated option, will be removed in version + 2.12.' + name: ha_vm_max_failure_window + - auto: PREDEFINED + defaultValue: medium + description: 'Determines the preference that HA gives to a virtual machine if + sufficient capacity is not available to power on all failed virtual machines. + This setting is only valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` + or `vmMonitoringOnly`. If set to `disabled`, then HA is disabled for this + virtual machine. If set to `high`, then virtual machine with this priority + have a higher chance of powering on after a failure, when there is insufficient + capacity on hosts to meet all virtual machine needs. If set to `medium`, then + virtual machine with this priority have an intermediate chance of powering + on after a failure, when there is insufficient capacity on hosts to meet all + virtual machine needs. If set to `low`, then virtual machine with this priority + have a lower chance of powering on after a failure, when there is insufficient + capacity on hosts to meet all virtual machine needs. Use `ha_restart_priority` + of `vmware_cluster_ha` instead. Deprecated option, will be removed in version + 2.12.' + name: ha_restart_priority + predefined: + - disabled + - high + - low + - medium + - defaultValue: 'no' + description: 'If set to `yes` will enable vSAN when the cluster is created. + Use `enable_vsan` of `vmware_cluster_vsan` instead. Deprecated option, will + be removed in version 2.12.' + name: enable_vsan + - auto: PREDEFINED + defaultValue: 'No' + description: 'Determines whether the VSAN service is configured to automatically + claim local storage on VSAN-enabled hosts in the cluster. Use `vsan_auto_claim_storage` + of `vmware_cluster_vsan` instead. Deprecated option, will be removed in version + 2.12.' + name: vsan_auto_claim_storage + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: Create `present` or remove `absent` a VMware vSphere cluster. + name: state + predefined: + - absent + - present + description: "Manage VMware vSphere clusters\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_module.html" + name: vmware-cluster + outputs: [] + - arguments: + - description: The name of the cluster to be managed. + name: cluster_name + required: true + - description: The name of the datacenter. + name: datacenter + required: true + - defaultValue: 'no' + description: Whether to enable DRS. + name: enable_drs + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Whether DRS Behavior overrides for individual virtual machines + are enabled. If set to `True`, overrides `drs_default_vm_behavior`.' + name: drs_enable_vm_behavior_overrides + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: fullyAutomated + description: 'Specifies the cluster-wide default DRS behavior for virtual machines. + If set to `partiallyAutomated`, vCenter generates recommendations for virtual + machine migration and for the placement with a host, then automatically implements + placement recommendations at power on. If set to `manual`, then vCenter generates + recommendations for virtual machine migration and for the placement with a + host, but does not implement the recommendations automatically. If set to + `fullyAutomated`, then vCenter automates both the migration of virtual machines + and their placement with a host at power on.' + name: drs_default_vm_behavior + predefined: + - fullyAutomated + - manual + - partiallyAutomated + - auto: PREDEFINED + defaultValue: '3' + description: Threshold for generated ClusterRecommendations. + name: drs_vmotion_rate + predefined: + - '1' + - '2' + - '3' + - '4' + - '5' + description: "Manage Distributed Resource Scheduler (DRS) on VMware vSphere clusters\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_drs_module.html" + name: vmware-cluster-drs + outputs: [] + - arguments: + - description: The name of the cluster to be managed. + name: cluster_name + required: true + - description: The name of the datacenter. + name: datacenter + required: true + - defaultValue: 'no' + description: Whether to enable HA. + name: enable_ha + - auto: PREDEFINED + defaultValue: enabled + description: 'Whether HA restarts virtual machines after a host fails. If set + to `enabled`, HA restarts virtual machines after a host fails. If set to `disabled`, + HA does not restart virtual machines after a host fails. If `enable_ha` is + set to `no`, then this value is ignored.' + name: ha_host_monitoring + predefined: + - enabled + - disabled + - auto: PREDEFINED + defaultValue: vmMonitoringDisabled + description: 'State of virtual machine health monitoring service. If set to + `vmAndAppMonitoring`, HA response to both virtual machine and application + heartbeat failure. If set to `vmMonitoringDisabled`, virtual machine health + monitoring is disabled. If set to `vmMonitoringOnly`, HA response to virtual + machine heartbeat failure. If `enable_ha` is set to `no`, then this value + is ignored.' + name: ha_vm_monitoring + predefined: + - vmAndAppMonitoring + - vmMonitoringOnly + - vmMonitoringDisabled + - auto: PREDEFINED + defaultValue: none + description: 'Indicates whether or VMs should be powered off if a host determines + that it is isolated from the rest of the compute resource. If set to `none`, + do not power off VMs in the event of a host network isolation. If set to `powerOff`, + power off VMs in the event of a host network isolation. If set to `shutdown`, + shut down VMs guest operating system in the event of a host network isolation.' + name: host_isolation_response + predefined: + - none + - powerOff + - shutdown + - description: 'Configure slot based admission control policy. `slot_based_admission_control`, + `reservation_based_admission_control` and `failover_host_admission_control` + are mutually exclusive.' + isArray: true + name: slot_based_admission_control + - description: 'Configure reservation based admission control policy. `slot_based_admission_control`, + `reservation_based_admission_control` and `failover_host_admission_control` + are mutually exclusive.' + isArray: true + name: reservation_based_admission_control + - description: 'Configure dedicated failover hosts. `slot_based_admission_control`, + `reservation_based_admission_control` and `failover_host_admission_control` + are mutually exclusive.' + isArray: true + name: failover_host_admission_control + - defaultValue: '30' + description: 'The number of seconds after which virtual machine is declared + as failed if no heartbeat has been received. This setting is only valid if + `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. + Unit is seconds.' + name: ha_vm_failure_interval + - defaultValue: '120' + description: 'The number of seconds for the virtual machine''s heartbeats to + stabilize after the virtual machine has been powered on. Valid only when `ha_vm_monitoring` + is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds.' + name: ha_vm_min_up_time + - defaultValue: '3' + description: 'Maximum number of failures and automated resets allowed during + the time that `ha_vm_max_failure_window` specifies. Valid only when `ha_vm_monitoring` + is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`.' + name: ha_vm_max_failures + - defaultValue: '-1' + description: 'The number of seconds for the window during which up to `ha_vm_max_failures` + resets can occur before automated responses stop. Valid only when `ha_vm_monitoring` + is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds. + Default specifies no failure window.' + name: ha_vm_max_failure_window + - auto: PREDEFINED + defaultValue: medium + description: 'Priority HA gives to a virtual machine if sufficient capacity + is not available to power on all failed virtual machines. Valid only if `ha_vm_monitoring` + is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`. If set to `disabled`, + then HA is disabled for this virtual machine. If set to `high`, then virtual + machine with this priority have a higher chance of powering on after a failure, + when there is insufficient capacity on hosts to meet all virtual machine needs. + If set to `medium`, then virtual machine with this priority have an intermediate + chance of powering on after a failure, when there is insufficient capacity + on hosts to meet all virtual machine needs. If set to `low`, then virtual + machine with this priority have a lower chance of powering on after a failure, + when there is insufficient capacity on hosts to meet all virtual machine needs.' + name: ha_restart_priority + predefined: + - disabled + - high + - low + - medium + description: "Manage High Availability (HA) on VMware vSphere clusters\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_ha_module.html" + name: vmware-cluster-ha + outputs: [] + - arguments: + - description: 'Datacenter to search for cluster/s. This parameter is required, + if `cluster_name` is not supplied.' + name: datacenter + - description: 'Name of the cluster. If set, information of this cluster will + be returned. This parameter is required, if `datacenter` is not supplied.' + name: cluster_name + - auto: PREDEFINED + defaultValue: 'No' + description: Tags related to cluster are shown if set to `True`. + name: show_tag + predefined: + - 'Yes' + - 'No' + description: "Gather info about clusters available in given vCenter\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_info_module.html" + name: vmware-cluster-info + outputs: + - contextPath: VMware.VmwareClusterInfo.clusters + description: metadata about the available clusters + type: unknown + - arguments: + - description: The name of the cluster to be managed. + name: cluster_name + required: true + - description: The name of the datacenter. + name: datacenter + required: true + - defaultValue: 'no' + description: Whether to enable vSAN. + name: enable_vsan + - auto: PREDEFINED + defaultValue: 'No' + description: Whether the VSAN service is configured to automatically claim local + storage on VSAN-enabled hosts in the cluster. + name: vsan_auto_claim_storage + predefined: + - 'Yes' + - 'No' + description: "Manages virtual storage area network (vSAN) configuration on VMware\ + \ vSphere clusters\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_vsan_module.html" + name: vmware-cluster-vsan + outputs: [] + - arguments: + - description: The name of template from which VM to be deployed. + name: template + required: true + - description: The name of the VM to be deployed. + name: name + required: true + - description: Name of the datacenter, where VM to be deployed. + name: datacenter + required: true + - description: Name of the datastore to store deployed VM and disk. + name: datastore + required: true + - description: Name of the folder in datacenter in which to place deployed VM. + name: folder + required: true + - description: Name of the ESX Host in datacenter in which to place deployed VM. + name: host + required: true + - description: Name of the resourcepool in datacenter in which to place deployed + VM. + name: resource_pool + - description: Name of the cluster in datacenter in which to place deployed VM. + name: cluster + - auto: PREDEFINED + defaultValue: present + description: 'The state of Virtual Machine deployed from template in content + library. If set to `present` and VM does not exists, then VM is created. If + set to `present` and VM exists, no action is taken. If set to `poweredon` + and VM does not exists, then VM is created with powered on state. If set to + `poweredon` and VM exists, no action is taken.' + name: state + predefined: + - present + - poweredon + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Deploy Virtual Machine from template stored in content library.\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_content_deploy_template_module.html" + name: vmware-content-deploy-template + outputs: + - contextPath: VMware.VmwareContentDeployTemplate.vm_deploy_info + description: Virtual machine deployment message and vm_id + type: unknown + - arguments: + - description: content library id for which details needs to be fetched. + name: library_id + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Gather information about VMware Content Library\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_content_library_info_module.html" + name: vmware-content-library-info + outputs: + - contextPath: VMware.VmwareContentLibraryInfo.content_lib_details + description: list of content library metadata + type: unknown + - contextPath: VMware.VmwareContentLibraryInfo.content_libs + description: list of content libraries + type: unknown + - arguments: + - description: The name of VMware content library to manage. + name: library_name + required: true + - defaultValue: '' + description: 'The content library description. This is required only if `state` + is set to `present`. This parameter is ignored, when `state` is set to `absent`. + Process of updating content library only allows description change.' + name: library_description + - auto: PREDEFINED + defaultValue: local + description: 'The content library type. This is required only if `state` is + set to `present`. This parameter is ignored, when `state` is set to `absent`.' + name: library_type + predefined: + - local + - subscribed + - description: 'Name of the datastore on which backing content library is created. + This is required only if `state` is set to `present`. This parameter is ignored, + when `state` is set to `absent`. Currently only datastore backing creation + is supported.' + name: datastore_name + - auto: PREDEFINED + defaultValue: present + description: 'The state of content library. If set to `present` and library + does not exists, then content library is created. If set to `present` and + library exists, then content library is updated. If set to `absent` and library + exists, then content library is deleted. If set to `absent` and library does + not exists, no action is taken.' + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Create, update and delete VMware content library\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_content_library_manager_module.html" + name: vmware-content-library-manager + outputs: + - contextPath: VMware.VmwareContentLibraryManager.content_library_info + description: library creation success and library_id + type: unknown + - arguments: + - description: The name of the datacenter the cluster will be created in. + name: datacenter_name + required: true + - auto: PREDEFINED + defaultValue: present + description: If the datacenter should be present or absent. + name: state + predefined: + - present + - absent + description: "Manage VMware vSphere Datacenters\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_datacenter_module.html" + name: vmware-datacenter + outputs: [] + - arguments: + - description: 'The name of the datacenter. You must specify either a `datacenter_name` + or a `folder`. Mutually exclusive with `folder` parameter.' + name: datacenter_name + - description: The name of the datastore cluster. + name: datastore_cluster_name + required: true + - auto: PREDEFINED + defaultValue: present + description: If the datastore cluster should be present or absent. + name: state + predefined: + - present + - absent + - description: 'Destination folder, absolute path to place datastore cluster in. + The folder should include the datacenter. This parameter is case sensitive. + You must specify either a `folder` or a `datacenter_name`. Examples: folder: + /datacenter1/datastore folder: datacenter1/datastore folder: /datacenter1/datastore/folder1 + folder: datacenter1/datastore/folder1 folder: /folder1/datacenter1/datastore + folder: folder1/datacenter1/datastore folder: /folder1/datacenter1/datastore/folder2' + name: folder + description: "Manage VMware vSphere datastore clusters\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_datastore_cluster_module.html" + name: vmware-datastore-cluster + outputs: + - contextPath: VMware.VmwareDatastoreCluster.result + description: information about datastore cluster operation + type: string + - arguments: + - description: 'Name of the datastore to match. If set, information of specific + datastores are returned.' + name: name + - description: 'Datacenter to search for datastores. This parameter is required, + if `cluster` is not supplied.' + name: datacenter + - description: 'Cluster to search for datastores. If set, information of datastores + belonging this clusters will be returned. This parameter is required, if `datacenter` + is not supplied.' + name: cluster + - auto: PREDEFINED + defaultValue: 'No' + description: 'Gather mount information of NFS datastores. Disabled per default + because this slows down the execution if you have a lot of datastores.' + name: gather_nfs_mount_info + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Gather mount information of VMFS datastores. Disabled per default + because this slows down the execution if you have a lot of datastores.' + name: gather_vmfs_mount_info + predefined: + - 'Yes' + - 'No' + description: "Gather info about datastores available in given vCenter\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_datastore_info_module.html" + name: vmware-datastore-info + outputs: + - contextPath: VMware.VmwareDatastoreInfo.datastores + description: metadata about the available datastores + type: unknown + - arguments: + - description: 'Name of datastore to manage. If `datastore_cluster` or `cluster_name` + are not set, this parameter is required.' + name: datastore + - description: 'Name of the datastore cluster from all child datastores to be + managed. If `datastore` or `cluster_name` are not set, this parameter is required.' + name: datastore_cluster + - description: 'Name of the cluster where datastore is connected to. If multiple + datastores are connected to the given cluster, then all datastores will be + managed by `state`. If `datastore` or `datastore_cluster` are not set, this + parameter is required.' + name: cluster_name + - auto: PREDEFINED + defaultValue: present + description: 'If set to `present`, then enter datastore into maintenance mode. + If set to `present` and datastore is already in maintenance mode, then no + action will be taken. If set to `absent` and datastore is in maintenance mode, + then exit maintenance mode. If set to `absent` and datastore is not in maintenance + mode, then no action will be taken.' + name: state + predefined: + - present + - absent + description: "Place a datastore into maintenance mode\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_datastore_maintenancemode_module.html" + name: vmware-datastore-maintenancemode + outputs: + - contextPath: VMware.VmwareDatastoreMaintenancemode.results + description: Action taken for datastore + type: unknown + - arguments: + - description: The hostname that an ESXi host should be changed to. + name: change_hostname_to + required: true + - description: The domain the ESXi host should be apart of. + name: domainname + required: true + - description: The DNS servers that the host should be configured to use. + isArray: true + name: dns_servers + required: true + description: "Manage VMware ESXi DNS Configuration\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_dns_config_module.html" + name: vmware-dns-config + outputs: [] + - arguments: + - description: Cluster to create vm/host group. + name: cluster_name + required: true + - description: Datacenter to search for given cluster. If not set, we use first + cluster we encounter with `cluster_name`. + name: datacenter + - description: The name of the group to create or remove. + name: group_name + required: true + - description: 'List of hosts to create in group. Required only if `vms` is not + set.' + isArray: true + name: hosts + - auto: PREDEFINED + defaultValue: present + description: 'If set to `present` and the group doesn''t exists then the group + will be created. If set to `absent` and the group exists then the group will + be deleted.' + name: state + predefined: + - present + - absent + required: true + - description: 'List of vms to create in group. Required only if `hosts` is not + set.' + isArray: true + name: vms + description: "Creates vm/host group in a given cluster.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_drs_group_module.html" + name: vmware-drs-group + outputs: + - contextPath: VMware.VmwareDrsGroup.drs_group_facts + description: Metadata about DRS group created + type: unknown + - arguments: + - description: 'Cluster to search for VM/Host groups. If set, information of DRS + groups belonging this cluster will be returned. Not needed if `datacenter` + is set.' + name: cluster_name + - description: Datacenter to search for DRS VM/Host groups. + name: datacenter + required: true + description: "Gathers info about DRS VM/Host groups on the given cluster\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_drs_group_info_module.html" + name: vmware-drs-group-info + outputs: + - contextPath: VMware.VmwareDrsGroupInfo.drs_group_info + description: Metadata about DRS group from given cluster / datacenter + type: unknown + - arguments: + - description: 'Name of the cluster. DRS information for the given cluster will + be returned. This is required parameter if `datacenter` parameter is not provided.' + name: cluster_name + - description: 'Name of the datacenter. DRS information for all the clusters from + the given datacenter will be returned. This is required parameter if `cluster_name` + parameter is not provided.' + name: datacenter + description: "Gathers info about DRS rule on the given cluster\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_drs_rule_info_module.html" + name: vmware-drs-rule-info + outputs: + - contextPath: VMware.VmwareDrsRuleInfo.drs_rule_info + description: metadata about DRS rule from given cluster / datacenter + type: unknown + - arguments: + - description: The ESXi hostname. + name: esxi_hostname + required: true + - description: The name of the Distributed vSwitch. + name: switch_name + required: true + - description: The ESXi hosts vmnics to use with the Distributed vSwitch. + isArray: true + name: vmnics + required: true + - auto: PREDEFINED + defaultValue: present + description: If the host should be present or absent attached to the vSwitch. + name: state + predefined: + - present + - absent + required: true + - description: 'List of key,value dictionaries for the Vendor Specific Configuration. + Element attributes are: - `key` (str): Key of setting. (default: None) - `value` + (str): Value of setting. (default: None)' + isArray: true + name: vendor_specific_config + description: "Add or remove a host from distributed virtual switch\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_host_module.html" + name: vmware-dvs-host + outputs: [] + - arguments: + - description: The name of the portgroup that is to be created or deleted. + name: portgroup_name + required: true + - description: The name of the distributed vSwitch the port group should be created + on. + name: switch_name + required: true + - description: 'The VLAN ID that should be configured with the portgroup, use + 0 for no VLAN. If `vlan_trunk` is configured to be `true`, this can be a combination + of multiple ranges and numbers, example: 1-200, 205, 400-4094. The valid `vlan_id` + range is from 0 to 4094. Overlapping ranges are allowed.' + name: vlan_id + required: true + - description: The number of ports the portgroup should contain. + name: num_ports + required: true + - auto: PREDEFINED + description: See VMware KB 1022312 regarding portgroup types. + name: portgroup_type + predefined: + - earlyBinding + - lateBinding + - ephemeral + required: true + - auto: PREDEFINED + description: Determines if the portgroup should be present or not. + name: state + predefined: + - present + - absent + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Indicates whether this is a VLAN trunk or not. + name: vlan_trunk + predefined: + - 'Yes' + - 'No' + - defaultValue: '{''promiscuous'': False, ''forged_transmits'': False, ''mac_changes'': + False}' + description: 'Dictionary which configures the different security values for + portgroup. Valid attributes are: - `promiscuous` (bool): indicates whether + promiscuous mode is allowed. (default: false) - `forged_transmits` (bool): + indicates whether forged transmits are allowed. (default: false) - `mac_changes` + (bool): indicates whether mac changes are allowed. (default: false)' + isArray: true + name: network_policy + - defaultValue: '{''notify_switches'': True, ''load_balance_policy'': ''loadbalance_srcid'', + ''inbound_policy'': False, ''rolling_order'': False}' + description: 'Dictionary which configures the different teaming values for portgroup. + Valid attributes are: - `load_balance_policy` (string): Network adapter teaming + policy. (default: loadbalance_srcid) - choices: [ loadbalance_ip, loadbalance_srcmac, + loadbalance_srcid, loadbalance_loadbased, failover_explicit] - "loadbalance_loadbased" + is available from version 2.6 and onwards - `inbound_policy` (bool): Indicate + whether or not the teaming policy is applied to inbound frames as well. (default: + False) - `notify_switches` (bool): Indicate whether or not to notify the physical + switch if a link fails. (default: True) - `rolling_order` (bool): Indicate + whether or not to use a rolling policy when restoring links. (default: False)' + isArray: true + name: teaming_policy + - defaultValue: '{''traffic_filter_override'': False, ''network_rp_override'': + False, ''live_port_move'': False, ''security_override'': False, ''vendor_config_override'': + False, ''port_config_reset_at_disconnect'': True, ''uplink_teaming_override'': + False, ''block_override'': True, ''shaping_override'': False, ''vlan_override'': + False, ''ipfix_override'': False}' + description: 'Dictionary which configures the advanced policy settings for the + portgroup. Valid attributes are: - `block_override` (bool): indicates if the + block policy can be changed per port. (default: true) - `ipfix_override` (bool): + indicates if the ipfix policy can be changed per port. (default: false) - + `live_port_move` (bool): indicates if a live port can be moved in or out of + the portgroup. (default: false) - `network_rp_override` (bool): indicates + if the network resource pool can be changed per port. (default: false) - `port_config_reset_at_disconnect` + (bool): indicates if the configuration of a port is reset automatically after + disconnect. (default: true) - `security_override` (bool): indicates if the + security policy can be changed per port. (default: false) - `shaping_override` + (bool): indicates if the shaping policy can be changed per port. (default: + false) - `traffic_filter_override` (bool): indicates if the traffic filter + can be changed per port. (default: false) - `uplink_teaming_override` (bool): + indicates if the uplink teaming policy can be changed per port. (default: + false) - `vendor_config_override` (bool): indicates if the vendor config can + be changed per port. (default: false) - `vlan_override` (bool): indicates + if the vlan can be changed per port. (default: false)' + isArray: true + name: port_policy + description: "Create or remove a Distributed vSwitch portgroup.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_portgroup_module.html" + name: vmware-dvs-portgroup + outputs: [] + - arguments: + - description: Name of a distributed vSwitch to look for. + name: dvswitch + - description: 'VLAN id can be any number between 1 and 4094. This search criteria + will looks into VLAN ranges to find possible matches.' + name: vlanid + - description: 'string to check inside the name of the portgroup. Basic containment + check using python `in` operation.' + name: name + - auto: PREDEFINED + defaultValue: 'No' + description: 'Show or hide uplink portgroups. Only relevant when `vlanid` is + supplied.' + name: show_uplink + predefined: + - 'Yes' + - 'No' + description: "Find portgroup(s) in a VMware environment\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_portgroup_find_module.html" + name: vmware-dvs-portgroup-find + outputs: + - contextPath: VMware.VmwareDvsPortgroupFind.dvs_portgroups + description: basic details of portgroups found + type: unknown + - arguments: + - description: Name of the datacenter. + name: datacenter + required: true + - description: Name of a dvswitch to look for. + name: dvswitch + - auto: PREDEFINED + defaultValue: 'Yes' + description: Show or hide network policies of DVS portgroup. + name: show_network_policy + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Show or hide port policies of DVS portgroup. + name: show_port_policy + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Show or hide teaming policies of DVS portgroup. + name: show_teaming_policy + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Show or hide vlan information of the DVS portgroup. + name: show_vlan_info + predefined: + - 'Yes' + - 'No' + description: "Gathers info DVS portgroup configurations\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_portgroup_info_module.html" + name: vmware-dvs-portgroup-info + outputs: + - contextPath: VMware.VmwareDvsPortgroupInfo.dvs_portgroup_info + description: metadata about DVS portgroup configuration + type: unknown + - arguments: + - description: 'The name of the datacenter that will contain the Distributed Switch. + This parameter is optional, if `folder` is provided. Mutually exclusive with + `folder` parameter.' + name: datacenter_name + - description: The name of the distribute vSwitch to create or remove. + name: switch_name + required: true + - auto: PREDEFINED + description: 'The version of the Distributed Switch to create. Can be 6.0.0, + 5.5.0, 5.1.0, 5.0.0 with a vCenter running vSphere 6.0 and 6.5. Can be 6.6.0, + 6.5.0, 6.0.0 with a vCenter running vSphere 6.7. The version must match the + version of the ESXi hosts you want to connect. The version of the vCenter + server is used if not specified. Required only if `state` is set to `present`.' + name: switch_version + predefined: + - 5.0.0 + - 5.1.0 + - 5.5.0 + - 6.0.0 + - 6.5.0 + - 6.6.0 + - defaultValue: '1500' + description: 'The switch maximum transmission unit. Required parameter for `state` + both `present` and `absent`, before Ansible 2.6 version. Required only if + `state` is set to `present`, for Ansible 2.6 and onwards. Accepts value between + 1280 to 9000 (both inclusive).' + name: mtu + - auto: PREDEFINED + defaultValue: basic + description: 'The multicast filtering mode. `basic` mode: multicast traffic + for virtual machines is forwarded according to the destination MAC address + of the multicast group. `snooping` mode: the Distributed Switch provides IGMP + and MLD snooping according to RFC 4541.' + name: multicast_filtering_mode + predefined: + - basic + - snooping + - description: 'Quantity of uplink per ESXi host added to the Distributed Switch. + The uplink quantity can be increased or decreased, but a decrease will only + be successfull if the uplink isn''t used by a portgroup. Required parameter + for `state` both `present` and `absent`, before Ansible 2.6 version. Required + only if `state` is set to `present`, for Ansible 2.6 and onwards.' + name: uplink_quantity + - defaultValue: 'Uplink ' + description: 'The prefix used for the naming of the uplinks. Only valid if the + Distributed Switch will be created. Not used if the Distributed Switch is + already present. Uplinks are created as Uplink 1, Uplink 2, etc. pp. by default.' + name: uplink_prefix + - auto: PREDEFINED + defaultValue: cdp + description: 'Link discovery protocol between Cisco and Link Layer discovery. + Required parameter for `state` both `present` and `absent`, before Ansible + 2.6 version. Required only if `state` is set to `present`, for Ansible 2.6 + and onwards. `cdp`: Use Cisco Discovery Protocol (CDP). `lldp`: Use Link Layer + Discovery Protocol (LLDP). `disabled`: Do not use a discovery protocol.' + name: discovery_proto + predefined: + - cdp + - lldp + - disabled + - auto: PREDEFINED + defaultValue: listen + description: 'Select the discovery operation. Required parameter for `state` + both `present` and `absent`, before Ansible 2.6 version. Required only if + `state` is set to `present`, for Ansible 2.6 and onwards.' + name: discovery_operation + predefined: + - both + - advertise + - listen + - description: 'Dictionary which configures administrator contact name and description + for the Distributed Switch. Valid attributes are: - `name` (str): Administrator + name. - `description` (str): Description or other details.' + isArray: true + name: contact + - description: Description of the Distributed Switch. + name: description + - defaultValue: '{''vlan_mtu'': False, ''teaming_failover'': False, ''vlan_mtu_interval'': + 0, ''teaming_failover_interval'': 0}' + description: 'Dictionary which configures Health Check for the Distributed Switch. + Valid attributes are: - `vlan_mtu` (bool): VLAN and MTU health check. (default: + False) - `teaming_failover` (bool): Teaming and failover health check. (default: + False) - `vlan_mtu_interval` (int): VLAN and MTU health check interval (minutes). + (default: 0) - The default for `vlan_mtu_interval` is 1 in the vSphere Client + if the VLAN and MTU health check is enabled. - `teaming_failover_interval` + (int): Teaming and failover health check interval (minutes). (default: 0) + - The default for `teaming_failover_interval` is 1 in the vSphere Client if + the Teaming and failover health check is enabled.' + isArray: true + name: health_check + - auto: PREDEFINED + defaultValue: present + description: 'If set to `present` and the Distributed Switch doesn''t exists + then the Distributed Switch will be created. If set to `absent` and the Distributed + Switch exists then the Distributed Switch will be deleted.' + name: state + predefined: + - present + - absent + - description: 'Destination folder, absolute path to place dvswitch in. The folder + should include the datacenter. This parameter is case sensitive. This parameter + is optional, if `datacenter` is provided. Examples: folder: /datacenter1/network + folder: datacenter1/network folder: /datacenter1/network/folder1 folder: datacenter1/network/folder1 + folder: /folder1/datacenter1/network folder: folder1/datacenter1/network folder: + /folder1/datacenter1/network/folder2' + name: folder + description: "Create or remove a Distributed Switch\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_module.html" + name: vmware-dvswitch + outputs: + - contextPath: VMware.VmwareDvswitch.result + description: information about performed operation + type: string + - arguments: + - description: The name of the Distributed Switch to manage. + name: switch + required: true + - auto: PREDEFINED + defaultValue: basic + description: 'The LACP support mode. `basic`: One Link Aggregation Control Protocol + group in the switch (singleLag). `enhanced`: Multiple Link Aggregation Control + Protocol groups in the switch (multipleLag).' + name: support_mode + predefined: + - basic + - enhanced + - description: 'Can only be used if `lacp_support` is set to `enhanced`. The following + parameters are required: - `name` (string): Name of the LAG. - `uplink_number` + (int): Number of uplinks. Can 1 to 30. - `mode` (string): The negotiating + state of the uplinks/ports. - choices: [ active, passive ] - `load_balancing_mode` + (string): Load balancing algorithm. - Valid attributes are: - srcTcpUdpPort: + Source TCP/UDP port number. - srcDestIpTcpUdpPortVlan: Source and destination + IP, source and destination TCP/UDP port number and VLAN. - srcIpVlan: Source + IP and VLAN. - srcDestTcpUdpPort: Source and destination TCP/UDP port number. + - srcMac: Source MAC address. - destIp: Destination IP. - destMac: Destination + MAC address. - vlan: VLAN only. - srcDestIp: Source and Destination IP. - + srcIpTcpUdpPortVlan: Source IP, TCP/UDP port number and VLAN. - srcDestIpTcpUdpPort: + Source and destination IP and TCP/UDP port number. - srcDestMac: Source and + destination MAC address. - destIpTcpUdpPort: Destination IP and TCP/UDP port + number. - srcPortId: Source Virtual Port Id. - srcIp: Source IP. - srcIpTcpUdpPort: + Source IP and TCP/UDP port number. - destIpTcpUdpPortVlan: Destination IP, + TCP/UDP port number and VLAN. - destTcpUdpPort: Destination TCP/UDP port number. + - destIpVlan: Destination IP and VLAN. - srcDestIpVlan: Source and destination + IP and VLAN. - The default load balancing mode in the vSphere Client is srcDestIpTcpUdpPortVlan. + Please see examples for more information.' + isArray: true + name: link_aggregation_groups + description: "Manage LACP configuration on a Distributed Switch\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_lacp_module.html" + name: vmware-dvswitch-lacp + outputs: + - contextPath: VMware.VmwareDvswitchLacp.result + description: information about performed operation + type: string + - arguments: + - description: The name of the distributed switch. + name: switch + required: true + - auto: PREDEFINED + description: Network IO control version. + name: version + predefined: + - version2 + - version3 + - auto: PREDEFINED + defaultValue: present + description: Enable or disable NIOC on the distributed switch. + name: state + predefined: + - present + - absent + - description: 'List of dicts containing { name: Resource name is one of the following: + "faultTolerance", "hbr", "iSCSI", "management", "nfs", "vdp", "virtualMachine", + "vmotion", "vsan" limit: The maximum allowed usage for a traffic class belonging + to this resource pool per host physical NIC. reservation: (Ignored if NIOC + version is set to version2) Amount of bandwidth resource that is guaranteed + available to the host infrastructure traffic class. If the utilization is + less than the reservation, the extra bandwidth is used for other host infrastructure + traffic class types. Reservation is not allowed to exceed the value of limit, + if limit is set. Unit is Mbits/sec. shares_level: The allocation level ("low", + "normal", "high", "custom"). The level is a simplified view of shares. Levels + map to a pre-determined set of numeric values for shares. shares: Ignored + unless shares_level is "custom". The number of shares allocated. reservation: + Ignored unless version is "version3". Amount of bandwidth resource that is + guaranteed available to the host infrastructure traffic class. }' + isArray: true + name: resources + description: "Manage distributed switch Network IO Control\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_nioc_module.html" + name: vmware-dvswitch-nioc + outputs: + - contextPath: VMware.VmwareDvswitchNioc.dvswitch_nioc_status + description: result of the changes + type: string + - contextPath: VMware.VmwareDvswitchNioc.resources_changed + description: list of resources which were changed + type: unknown + - arguments: + - description: The name of the Distributed Switch. + name: switch + required: true + - description: 'A list of VLAN IDs that should be configured as Primary PVLANs. + If `primary_pvlans` isn''t specified, all PVLANs will be deleted if present. + Each member of the list requires primary_pvlan_id (int) set. The secondary + promiscuous PVLAN will be created automatically. If `secondary_pvlans` isn''t + specified, the primary PVLANs and each secondary promiscuous PVLAN will be + created. Please see examples for more information.' + isArray: true + name: primary_pvlans + - description: 'A list of VLAN IDs that should be configured as Secondary PVLANs. + `primary_pvlans` need to be specified to create any Secondary PVLAN. If `primary_pvlans` + isn''t specified, all PVLANs will be deleted if present. Each member of the + list requires primary_pvlan_id (int), secondary_pvlan_id (int), and pvlan_type + (str) to be set. The type of the secondary PVLAN can be isolated or community. + The secondary promiscuous PVLAN will be created automatically. Please see + examples for more information.' + isArray: true + name: secondary_pvlans + description: "Manage Private VLAN configuration of a Distributed Switch\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_pvlans_module.html" + name: vmware-dvswitch-pvlans + outputs: + - contextPath: VMware.VmwareDvswitchPvlans.result + description: information about performed operation + type: string + - arguments: + - description: The name of the Distributed Switch. + name: switch + required: true + - description: 'The name of the uplink portgroup. The current name will be used + if not specified.' + name: name + - description: The description of the uplink portgroup. + name: description + - defaultValue: '{''port_config_reset_at_disconnect'': True, ''block_override'': + True, ''vendor_config_override'': False, ''vlan_override'': False, ''netflow_override'': + False, ''traffic_filter_override'': False}' + description: 'Dictionary which configures the advanced policy settings for the + uplink portgroup. Valid attributes are: - `port_config_reset_at_disconnect` + (bool): indicates if the configuration of a port is reset automatically after + disconnect. (default: true) - `block_override` (bool): indicates if the block + policy can be changed per port. (default: true) - `netflow_override` (bool): + indicates if the NetFlow policy can be changed per port. (default: false) + - `traffic_filter_override` (bool): indicates if the traffic filter can be + changed per port. (default: false) - `vendor_config_override` (bool): indicates + if the vendor config can be changed per port. (default: false) - `vlan_override` + (bool): indicates if the vlan can be changed per port. (default: false)' + isArray: true + name: advanced + - defaultValue: '[''0-4094'']' + description: 'The VLAN trunk range that should be configured with the uplink + portgroup. This can be a combination of multiple ranges and numbers, example: + [ 2-3967, 4049-4092 ].' + isArray: true + name: vlan_trunk_range + - defaultValue: '{''status'': ''disabled'', ''mode'': ''passive''}' + description: 'Dictionary which configures the LACP settings for the uplink portgroup. + The options are only used if the LACP support mode is set to ''basic''. The + following parameters are required: - `status` (str): Indicates if LACP is + enabled. (default: disabled) - `mode` (str): The negotiating state of the + uplinks/ports. (default: passive)' + isArray: true + name: lacp + - auto: PREDEFINED + defaultValue: 'No' + description: Indicates if NetFlow is enabled on the uplink portgroup. + name: netflow_enabled + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Indicates if all ports are blocked on the uplink portgroup. + name: block_all_ports + predefined: + - 'Yes' + - 'No' + description: "Manage uplink portproup configuration of a Distributed Switch\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_uplink_pg_module.html" + name: vmware-dvswitch-uplink-pg + outputs: + - contextPath: VMware.VmwareDvswitchUplinkPg.result + description: information about performed operation + type: string + - arguments: + - description: The name of the datacenter the cluster belongs to that you want + to enable or disable EVC mode on. + name: datacenter_name + required: true + - description: The name of the cluster to enable or disable EVC mode on. + name: cluster_name + required: true + - description: 'Required for `state=present`. The EVC mode to enable or disable + on the cluster. (intel-broadwell, intel-nehalem, intel-merom, etc.).' + name: evc_mode + required: true + - auto: PREDEFINED + defaultValue: present + description: Add or remove EVC mode. + name: state + predefined: + - absent + - present + description: "Enable/Disable EVC mode on vCenter\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_evc_mode_module.html" + name: vmware-evc-mode + outputs: + - contextPath: VMware.VmwareEvcMode.result + description: information about performed operation + type: string + - arguments: + - description: Name of the datacenter. + name: datacenter + required: true + description: "Provides information about folders in a datacenter\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_folder_info_module.html" + name: vmware-folder-info + outputs: + - contextPath: VMware.VmwareFolderInfo.folder_info + description: dict about folders + type: string + - arguments: + - auto: PREDEFINED + defaultValue: present + description: 'Specify the state the virtual machine should be in. If `state` + is set to `present` and virtual machine exists, ensure the virtual machine + configurations conforms to task arguments. If `state` is set to `absent` and + virtual machine exists, then the specified virtual machine is removed with + its associated components. If `state` is set to one of the following `poweredon`, + `poweredoff`, `present`, `restarted`, `suspended` and virtual machine does + not exists, then virtual machine is deployed with given parameters. If `state` + is set to `poweredon` and virtual machine exists with powerstate other than + powered on, then the specified virtual machine is powered on. If `state` is + set to `poweredoff` and virtual machine exists with powerstate other than + powered off, then the specified virtual machine is powered off. If `state` + is set to `restarted` and virtual machine exists, then the virtual machine + is restarted. If `state` is set to `suspended` and virtual machine exists, + then the virtual machine is set to suspended mode. If `state` is set to `shutdownguest` + and virtual machine exists, then the virtual machine is shutdown. If `state` + is set to `rebootguest` and virtual machine exists, then the virtual machine + is rebooted.' + name: state + predefined: + - present + - absent + - poweredon + - poweredoff + - restarted + - suspended + - shutdownguest + - rebootguest + - description: 'Name of the virtual machine to work with. Virtual machine names + in vCenter are not necessarily unique, which may be problematic, see `name_match`. + If multiple virtual machines with same name exists, then `folder` is required + parameter to identify uniqueness of the virtual machine. This parameter is + required, if `state` is set to `poweredon`, `poweredoff`, `present`, `restarted`, + `suspended` and virtual machine does not exists. This parameter is case sensitive.' + name: name + required: true + - auto: PREDEFINED + defaultValue: first + description: If multiple virtual machines matching the name, use the first or + last found. + name: name_match + predefined: + - first + - last + - description: 'UUID of the virtual machine to manage if known, this is VMware''s + unique identifier. This is required if `name` is not supplied. If virtual + machine does not exists, then this parameter is ignored. Please note that + a supplied UUID will be ignored on virtual machine creation, as VMware creates + the UUID internally.' + name: uuid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Template or existing virtual machine used to create new virtual + machine. If this value is not set, virtual machine is created without using + a template. If the virtual machine already exists, this parameter will be + ignored. This parameter is case sensitive. You can also specify template or + VM UUID for identifying source. version_added 2.8. Use `hw_product_uuid` from + `vmware_guest_facts` as UUID value. From version 2.8 onwards, absolute path + to virtual machine or template can be used.' + name: template + - defaultValue: 'no' + description: 'Flag the instance as a template. This will mark the given virtual + machine as template.' + name: is_template + - description: 'Destination folder, absolute path to find an existing guest or + create the new guest. The folder should include the datacenter. ESX''s datacenter + is ha-datacenter. This parameter is case sensitive. This parameter is required, + while deploying new virtual machine. version_added 2.5. If multiple machines + are found with same name, this parameter is used to identify uniqueness of + the virtual machine. version_added 2.5 Examples: folder: /ha-datacenter/vm + folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: + /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm + folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: 'Manage virtual machine''s hardware attributes. All parameters + case sensitive. Valid attributes are: - `hotadd_cpu` (boolean): Allow virtual + CPUs to be added while the virtual machine is running. - `hotremove_cpu` (boolean): + Allow virtual CPUs to be removed while the virtual machine is running. version_added: + 2.5 - `hotadd_memory` (boolean): Allow memory to be added while the virtual + machine is running. - `memory_mb` (integer): Amount of memory in MB. - `nested_virt` + (bool): Enable nested virtualization. version_added: 2.5 - `num_cpus` (integer): + Number of CPUs. - `num_cpu_cores_per_socket` (integer): Number of Cores Per + Socket. `num_cpus` must be a multiple of `num_cpu_cores_per_socket`. For example + to create a VM with 2 sockets of 4 cores, specify `num_cpus`: 8 and `num_cpu_cores_per_socket`: + 4 - `scsi` (string): Valid values are `buslogic`, `lsilogic`, `lsilogicsas` + and `paravirtual` (default). - `memory_reservation_lock` (boolean): If set + true, memory resource reservation for the virtual machine will always be equal + to the virtual machine''s memory size. version_added: 2.5 - `max_connections` + (integer): Maximum number of active remote display connections for the virtual + machines. version_added: 2.5. - `mem_limit` (integer): The memory utilization + of a virtual machine will not exceed this limit. Unit is MB. version_added: + 2.5 - `mem_reservation` (integer): The amount of memory resource that is guaranteed + available to the virtual machine. Unit is MB. `memory_reservation` is alias + to this. version_added: 2.5 - `cpu_limit` (integer): The CPU utilization of + a virtual machine will not exceed this limit. Unit is MHz. version_added: + 2.5 - `cpu_reservation` (integer): The amount of CPU resource that is guaranteed + available to the virtual machine. Unit is MHz. version_added: 2.5 - `version` + (integer): The Virtual machine hardware versions. Default is 10 (ESXi 5.5 + and onwards). Please check VMware documentation for correct virtual machine + hardware version. Incorrect hardware version may lead to failure in deployment. + If hardware version is already equal to the given version then no action is + taken. version_added: 2.6 - `boot_firmware` (string): Choose which firmware + should be used to boot the virtual machine. Allowed values are "bios" and + "efi". version_added: 2.7 - `virt_based_security` (bool): Enable Virtualization + Based Security feature for Windows 10. (Support from Virtual machine hardware + version 14, Guest OS Windows 10 64 bit, Windows Server 2016)' + name: hardware + - description: 'Set the guest ID. This parameter is case sensitive. Examples: + virtual machine with RHEL7 64 bit, will be ''rhel7_64Guest'' virtual machine + with CentOS 64 bit, will be ''centos64Guest'' virtual machine with Ubuntu + 64 bit, will be ''ubuntu64Guest'' This field is required when creating a virtual + machine, not required when creating from the template. Valid values are referenced + here: `https://code.vmware.com/apis/358/doc/vim.vm.GuestOsDescriptor.GuestOsIdentifier.html`' + name: guest_id + - description: 'A list of disks to add. This parameter is case sensitive. Shrinking + disks is not supported. Removing existing disks of the virtual machine is + not supported. Valid attributes are: - `size_[tb,gb,mb,kb]` (integer): Disk + storage size in specified unit. - `type` (string): Valid values are: - `thin` + thin disk - `eagerzeroedthick` eagerzeroedthick disk, added in version 2.5 + Default: `None` thick disk, no eagerzero. - `datastore` (string): The name + of datastore which will be used for the disk. If `autoselect_datastore` is + set to True, then will select the less used datastore whose name contains + this "disk.datastore" string. - `filename` (string): Existing disk image to + be used. Filename must already exist on the datastore. Specify filename string + in `[datastore_name] path/to/file.vmdk` format. Added in version 2.8. - `autoselect_datastore` + (bool): select the less used datastore. "disk.datastore" and "disk.autoselect_datastore" + will not be used if `datastore` is specified outside this `disk` configuration. + - `disk_mode` (string): Type of disk mode. Added in version 2.6 - Available + options are : - `persistent`: Changes are immediately and permanently written + to the virtual disk. This is default. - `independent_persistent`: Same as + persistent, but not affected by snapshots. - `independent_nonpersistent`: + Changes to virtual disk are made to a redo log and discarded at power off, + but not affected by snapshots.' + name: disk + - description: 'A CD-ROM configuration for the virtual machine. Or a list of CD-ROMs + configuration for the virtual machine. Added in version 2.9. Parameters `controller_type`, + `controller_number`, `unit_number`, `state` are added for a list of CD-ROMs + configuration support. Valid attributes are: - `type` (string): The type of + CD-ROM, valid options are `none`, `client` or `iso`. With `none` the CD-ROM + will be disconnected but present. - `iso_path` (string): The datastore path + to the ISO file to use, in the form of `[datastore1] path/to/file.iso`. Required + if type is set `iso`. - `controller_type` (string): Default value is `ide`. + Only `ide` controller type for CD-ROM is supported for now, will add SATA + controller type in the future. - `controller_number` (int): For `ide` controller, + valid value is 0 or 1. - `unit_number` (int): For CD-ROM device attach to + `ide` controller, valid value is 0 or 1. `controller_number` and `unit_number` + are mandatory attributes. - `state` (string): Valid value is `present` or + `absent`. Default is `present`. If set to `absent`, then the specified CD-ROM + will be removed. For `ide` controller, hot-add or hot-remove CD-ROM is not + supported.' + name: cdrom + - description: 'Use the given resource pool for virtual machine operation. This + parameter is case sensitive. Resource pool should be child of the selected + host parent.' + name: resource_pool + - defaultValue: 'no' + description: 'Wait until vCenter detects an IP address for the virtual machine. + This requires vmware-tools (vmtoolsd) to properly work after creation. vmware-tools + needs to be installed on the given virtual machine in order to work with this + parameter.' + name: wait_for_ip_address + - defaultValue: 'no' + description: 'Wait until vCenter detects all guest customizations as successfully + completed. When enabled, the VM will automatically be powered on.' + name: wait_for_customization + - defaultValue: '0' + description: 'If the `state` is set to `shutdownguest`, by default the module + will return immediately after sending the shutdown signal. If this argument + is set to a positive integer, the module will instead wait for the virtual + machine to reach the poweredoff state. The value sets a timeout in seconds + for the module to wait for the state change.' + name: state_change_timeout + - description: 'Name of the existing snapshot to use to create a clone of a virtual + machine. This parameter is case sensitive. While creating linked clone using + `linked_clone` parameter, this parameter is required.' + name: snapshot_src + - defaultValue: 'no' + description: 'Whether to create a linked clone from the snapshot specified. + If specified, then `snapshot_src` is required parameter.' + name: linked_clone + - defaultValue: 'no' + description: 'Ignore warnings and complete the actions. This parameter is useful + while removing virtual machine which is powered on state. This module reflects + the VMware vCenter API and UI workflow, as such, in some cases the `force` + flag will be mandatory to perform the action to ensure you are certain the + action has to be taken, no matter what the consequence. This is specifically + the case for removing a powered on the virtual machine when `state` is set + to `absent`.' + name: force + - defaultValue: ha-datacenter + description: 'Destination datacenter for the deploy operation. This parameter + is case sensitive.' + name: datacenter + - description: 'The cluster name where the virtual machine will run. This is a + required parameter, if `esxi_hostname` is not set. `esxi_hostname` and `cluster` + are mutually exclusive parameters. This parameter is case sensitive.' + name: cluster + - description: 'The ESXi hostname where the virtual machine will run. This is + a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` + are mutually exclusive parameters. This parameter is case sensitive.' + name: esxi_hostname + - description: A note or annotation to include in the virtual machine. + name: annotation + - description: 'Define a list of custom values to set on virtual machine. A custom + value object takes two fields `key` and `value`. Incorrect key and values + will be ignored.' + name: customvalues + - description: 'A list of networks (in the order of the NICs). Removing NICs is + not allowed, while reconfiguring the virtual machine. All parameters and VMware + object names are case sensitive. One of the below parameters is required per + entry: - `name` (string): Name of the portgroup or distributed virtual portgroup + for this interface. When specifying distributed virtual portgroup make sure + given `esxi_hostname` or `cluster` is associated with it. - `vlan` (integer): + VLAN number for this interface. Optional parameters per entry (used for virtual + hardware): - `device_type` (string): Virtual network device (one of `e1000`, + `e1000e`, `pcnet32`, `vmxnet2`, `vmxnet3` (default), `sriov`). - `mac` (string): + Customize MAC address. - `dvswitch_name` (string): Name of the distributed + vSwitch. This value is required if multiple distributed portgroups exists + with the same name. version_added 2.7 - `start_connected` (bool): Indicates + that virtual network adapter starts with associated virtual machine powers + on. version_added: 2.5 Optional parameters per entry (used for OS customization): + - `type` (string): Type of IP assignment (either `dhcp` or `static`). `dhcp` + is default. - `ip` (string): Static IP address (implies `type: static`). - + `netmask` (string): Static netmask required for `ip`. - `gateway` (string): + Static gateway. - `dns_servers` (string): DNS servers for this network interface + (Windows). - `domain` (string): Domain name for this network interface (Windows). + - `wake_on_lan` (bool): Indicates if wake-on-LAN is enabled on this virtual + network adapter. version_added: 2.5 - `allow_guest_control` (bool): Enables + guest control over whether the connectable device is connected. version_added: + 2.5' + name: networks + - description: 'Parameters for OS customization when cloning from the template + or the virtual machine, or apply to the existing virtual machine directly. + Not all operating systems are supported for customization with respective + vCenter version, please check VMware documentation for respective OS customization. + For supported customization operating system matrix, (see `http://partnerweb.vmware.com/programs/guestOS/guest-os-customization-matrix.pdf`) + All parameters and VMware object names are case sensitive. Linux based OSes + requires Perl package to be installed for OS customizations. Common parameters + (Linux/Windows): - `existing_vm` (bool): If set to `True`, do OS customization + on the specified virtual machine directly. If set to `False` or not specified, + do OS customization when cloning from the template or the virtual machine. + version_added: 2.8 - `dns_servers` (list): List of DNS servers to configure. + - `dns_suffix` (list): List of domain suffixes, also known as DNS search path + (default: `domain` parameter). - `domain` (string): DNS domain name to use. + - `hostname` (string): Computer hostname (default: shorted `name` parameter). + Allowed characters are alphanumeric (uppercase and lowercase) and minus, rest + of the characters are dropped as per RFC 952. Parameters related to Linux + customization: - `timezone` (string): Timezone (See List of supported time + zones for different vSphere versions in Linux/Unix systems (2145518) `https://kb.vmware.com/s/article/2145518`). + version_added: 2.9 - `hwclockUTC` (bool): Specifies whether the hardware clock + is in UTC or local time. True when the hardware clock is in UTC, False when + the hardware clock is in local time. version_added: 2.9 Parameters related + to Windows customization: - `autologon` (bool): Auto logon after virtual machine + customization (default: False). - `autologoncount` (int): Number of autologon + after reboot (default: 1). - `domainadmin` (string): User used to join in + AD domain (mandatory with `joindomain`). - `domainadminpassword` (string): + Password used to join in AD domain (mandatory with `joindomain`). - `fullname` + (string): Server owner name (default: Administrator). - `joindomain` (string): + AD domain to join (Not compatible with `joinworkgroup`). - `joinworkgroup` + (string): Workgroup to join (Not compatible with `joindomain`, default: WORKGROUP). + - `orgname` (string): Organisation name (default: ACME). - `password` (string): + Local administrator password. - `productid` (string): Product ID. - `runonce` + (list): List of commands to run at first user logon. - `timezone` (int): Timezone + (See `https://msdn.microsoft.com/en-us/library/ms912391.aspx`).' + name: customization + - description: 'A list of vApp properties For full list of attributes and types + refer to: `https://github.com/vmware/pyvmomi/blob/master/docs/vim/vApp/PropertyInfo.rst` + Basic attributes are: - `id` (string): Property id - required. - `value` (string): + Property value. - `type` (string): Value type, string type by default. - `operation`: + `remove`: This attribute is required only when removing properties.' + name: vapp_properties + - description: 'Unique name identifying the requested customization specification. + This parameter is case sensitive. If set, then overrides `customization` parameter + values.' + name: customization_spec + - description: 'Specify datastore or datastore cluster to provision virtual machine. + This parameter takes precedence over "disk.datastore" parameter. This parameter + can be used to override datastore or datastore cluster setting of the virtual + machine when deployed from the template. Please see example for more usage.' + name: datastore + - auto: PREDEFINED + description: Specify convert disk type while cloning template or virtual machine. + name: convert + predefined: + - thin + - thick + - eagerzeroedthick + description: "Manages virtual machines in vCenter\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_module.html" + name: vmware-guest + outputs: + - contextPath: VMware.VmwareGuest.instance + description: metadata about the new virtual machine + type: unknown + - arguments: + - description: 'Name of the VM to work with. This is required if `uuid` or `moid` + parameter is not supplied.' + name: name + - description: 'UUID of the instance to manage if known, this is VMware''s BIOS + UUID by default. This is required if `name` or `moid` parameter is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: first + description: If multiple virtual machines matching the name, use the first or + last found. + name: name_match + predefined: + - first + - last + description: "Gather info about boot options for the given virtual machine\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_boot_info_module.html" + name: vmware-guest-boot-info + outputs: + - contextPath: VMware.VmwareGuestBootInfo.vm_boot_info + description: metadata about boot order of virtual machine + type: unknown + - arguments: + - description: 'Name of the VM to work with. This is required if `uuid` or `moid` + parameter is not supplied.' + name: name + - description: 'UUID of the instance to manage if known, this is VMware''s BIOS + UUID by default. This is required if `name` or `moid` parameter is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: List of the boot devices. + isArray: true + name: boot_order + - auto: PREDEFINED + defaultValue: first + description: If multiple virtual machines matching the name, use the first or + last found. + name: name_match + predefined: + - first + - last + - defaultValue: '0' + description: Delay in milliseconds before starting the boot sequence. + name: boot_delay + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `True`, the virtual machine automatically enters BIOS + setup the next time it boots. The virtual machine resets this flag, so that + the machine boots proceeds normally.' + name: enter_bios_setup + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `True`, the virtual machine that fails to boot, will + try to boot again after `boot_retry_delay` is expired. If set to `False`, + the virtual machine waits indefinitely for user intervention.' + name: boot_retry_enabled + predefined: + - 'Yes' + - 'No' + - defaultValue: '0' + description: 'Specify the time in milliseconds between virtual machine boot + failure and subsequent attempt to boot again. If set, will automatically set + `boot_retry_enabled` to `True` as this parameter is required.' + name: boot_retry_delay + - auto: PREDEFINED + description: Choose which firmware should be used to boot the virtual machine. + name: boot_firmware + predefined: + - bios + - efi + - auto: PREDEFINED + defaultValue: 'No' + description: Choose if EFI secure boot should be enabled. EFI secure boot can + only be enabled with boot_firmware = efi + name: secure_boot_enabled + predefined: + - 'Yes' + - 'No' + description: "Manage boot options for the given virtual machine\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_boot_manager_module.html" + name: vmware-guest-boot-manager + outputs: + - contextPath: VMware.VmwareGuestBootManager.vm_boot_status + description: metadata about boot order of virtual machine + type: unknown + - arguments: + - description: 'Name of the custom attribute definition. This is required parameter, + if `state` is set to `present` or `absent`.' + name: attribute_key + - auto: PREDEFINED + defaultValue: present + description: 'Manage definition of custom attributes. If set to `present` and + definition not present, then custom attribute definition is created. If set + to `present` and definition is present, then no action taken. If set to `absent` + and definition is present, then custom attribute definition is removed. If + set to `absent` and definition is absent, then no action taken.' + name: state + predefined: + - present + - absent + required: true + description: "Manage custom attributes definitions for virtual machine from VMware\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_custom_attribute_defs_module.html" + name: vmware-guest-custom-attribute-defs + outputs: + - contextPath: VMware.VmwareGuestCustomAttributeDefs.custom_attribute_defs + description: list of all current attribute definitions + type: unknown + - arguments: + - description: 'Name of the virtual machine to work with. This is required parameter, + if `uuid` or `moid` is not supplied.' + name: name + required: true + - auto: PREDEFINED + defaultValue: present + description: 'The action to take. If set to `present`, then custom attribute + is added or updated. If set to `absent`, then custom attribute is removed.' + name: state + predefined: + - present + - absent + - description: 'UUID of the virtual machine to manage if known. This is VMware''s + unique identifier. This is required parameter, if `name` or `moid` is not + supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Absolute path to find an existing guest. This is required parameter, + if `name` is supplied and multiple virtual machines with same name are found.' + name: folder + - description: Datacenter name where the virtual machine is located in. + name: datacenter + required: true + - description: 'A list of name and value of custom attributes that needs to be + manage. Value of custom attribute is not required and will be ignored, if + `state` is set to `absent`.' + isArray: true + name: attributes + description: "Manage custom attributes from VMware for the given virtual machine\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_custom_attributes_module.html" + name: vmware-guest-custom-attributes + outputs: + - contextPath: VMware.VmwareGuestCustomAttributes.custom_attributes + description: metadata about the virtual machine attributes + type: unknown + - arguments: + - description: Name of customization specification to find. + name: spec_name + description: "Gather info about VM customization specifications\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_customization_info_module.html" + name: vmware-guest-customization-info + outputs: + - contextPath: VMware.VmwareGuestCustomizationInfo.custom_spec_info + description: metadata about the customization specification + type: unknown + - arguments: + - description: 'Name of the virtual machine. This is a required parameter, if + parameter `uuid` or `moid` is not supplied.' + name: name + - description: 'UUID of the instance to gather facts if known, this is VMware''s + unique identifier. This is a required parameter, if parameter `name` or `moid` + is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is a required parameter, only if multiple VMs are found with same + name. The folder should include the datacenter. ESX''s datacenter is ha-datacenter + Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm + folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 + folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: The datacenter name to which virtual machine belongs to. + name: datacenter + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'A list of disks to add. The virtual disk related information is + provided using this list. All values and parameters are case sensitive. Valid + attributes are: - `size[_tb,_gb,_mb,_kb]` (integer): Disk storage size in + specified unit. If `size` specified then unit must be specified. There is + no space allowed in between size number and unit. Only first occurrence in + disk element will be considered, even if there are multiple size* parameters + available. - `type` (string): Valid values are: - `thin` thin disk - `eagerzeroedthick` + eagerzeroedthick disk - `thick` thick disk Default: `thick` thick disk, no + eagerzero. - `datastore` (string): Name of datastore or datastore cluster + to be used for the disk. - `autoselect_datastore` (bool): Select the less + used datastore. Specify only if `datastore` is not specified. - `scsi_controller` + (integer): SCSI controller number. Valid value range from 0 to 3. Only 4 SCSI + controllers are allowed per VM. Care should be taken while specifying `scsi_controller` + is 0 and `unit_number` as 0 as this disk may contain OS. - `unit_number` (integer): + Disk Unit Number. Valid value range from 0 to 15. Only 15 disks are allowed + per SCSI Controller. - `scsi_type` (string): Type of SCSI controller. This + value is required only for the first occurrence of SCSI Controller. This value + is ignored, if SCSI Controller is already present or `state` is `absent`. + Valid values are `buslogic`, `lsilogic`, `lsilogicsas` and `paravirtual`. + `paravirtual` is default value for this parameter. - `state` (string): State + of disk. This is either "absent" or "present". If `state` is set to `absent`, + disk will be removed permanently from virtual machine configuration and from + VMware storage. If `state` is set to `present`, disk will be added if not + present at given SCSI Controller and Unit Number. If `state` is set to `present` + and disk exists with different size, disk size is increased. Reducing disk + size is not allowed.' + isArray: true + name: disk + description: "Manage disks related to virtual machine in given vCenter infrastructure\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_disk_module.html" + name: vmware-guest-disk + outputs: + - contextPath: VMware.VmwareGuestDisk.disk_status + description: metadata about the virtual machine's disks after managing them + type: unknown + - arguments: + - description: 'Name of the virtual machine. This is required parameter, if parameter + `uuid` or `moid` is not supplied.' + name: name + - description: 'UUID of the instance to gather information if known, this is VMware''s + unique identifier. This is required parameter, if parameter `name` or `moid` + is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is required parameter, only if multiple VMs are found with same + name. The folder should include the datacenter. ESX''s datacenter is ha-datacenter + Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm + folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 + folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: The datacenter name to which virtual machine belongs to. + name: datacenter + required: true + description: "Gather info about disks of given virtual machine\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_disk_info_module.html" + name: vmware-guest-disk-info + outputs: + - contextPath: VMware.VmwareGuestDiskInfo.guest_disk_info + description: metadata about the virtual machine's disks + type: unknown + - arguments: + - description: 'Name of the VM to work with. This is required if `uuid` parameter + is not supplied.' + name: name + - description: 'UUID of the instance to manage if known, this is VMware''s BIOS + UUID by default. This is required if `name` parameter is not supplied.' + name: uuid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Destination datacenter for the find operation. Deprecated in 2.5, + will be removed in 2.9 release.' + name: datacenter + description: "Find the folder path(s) for a virtual machine by name or UUID\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_find_module.html" + name: vmware-guest-find + outputs: + - contextPath: VMware.VmwareGuestFind.folders + description: List of folders for user specified virtual machine + type: unknown + - arguments: + - description: 'Name of the VM to work with This is required if `uuid` or `moid` + is not supplied.' + name: name + - auto: PREDEFINED + defaultValue: first + description: If multiple VMs matching the name, use the first or last found + name: name_match + predefined: + - first + - last + - description: 'UUID of the instance to manage if known, this is VMware''s unique + identifier. This is required if `name` or `moid` is not supplied.' + name: uuid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is required if name is supplied. The folder should include the + datacenter. ESX''s datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm + folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: + /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm + folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: Destination datacenter for the deploy operation + name: datacenter + required: true + - defaultValue: 'no' + description: 'Whether to show tags or not. If set `True`, shows tag information. + If set `False`, hides tags information. vSphere Automation SDK and vCloud + Suite SDK is required.' + name: tags + - auto: PREDEFINED + defaultValue: summary + description: 'Specify the output schema desired. The ''summary'' output schema + is the legacy output from the module The ''vsphere'' output schema is the + vSphere API class definition which requires pyvmomi>6.7.1' + name: schema + predefined: + - summary + - vsphere + - description: 'Specify the properties to retrieve. If not specified, all properties + are retrieved (deeply). Results are returned in a structure identical to the + vsphere API. Example: properties: [ "config.hardware.memoryMB", "config.hardware.numCPU", + "guest.disk", "overallStatus" ] Only valid when `schema` is `vsphere`.' + isArray: true + name: properties + description: "Gather info about a single VM\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_info_module.html" + name: vmware-guest-info + outputs: + - contextPath: VMware.VmwareGuestInfo.instance + description: metadata about the virtual machine + type: unknown + - arguments: + - description: 'Name of the existing virtual machine to move. This is required + if `uuid` or `moid` is not supplied.' + name: name + - description: 'UUID of the virtual machine to manage if known, this is VMware''s + unique identifier. This is required if `name` or `moid` is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: first + description: If multiple virtual machines matching the name, use the first or + last found. + name: name_match + predefined: + - first + - last + - description: 'Absolute path to move an existing guest The dest_folder should + include the datacenter. ESX''s datacenter is ha-datacenter. This parameter + is case sensitive. Examples: dest_folder: /ha-datacenter/vm dest_folder: ha-datacenter/vm + dest_folder: /datacenter1/vm dest_folder: datacenter1/vm dest_folder: /datacenter1/vm/folder1 + dest_folder: datacenter1/vm/folder1 dest_folder: /folder1/datacenter1/vm dest_folder: + folder1/datacenter1/vm dest_folder: /folder1/datacenter1/vm/folder2' + name: dest_folder + required: true + - description: Destination datacenter for the move operation + name: datacenter + required: true + description: "Moves virtual machines in vCenter\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_move_module.html" + name: vmware-guest-move + outputs: + - contextPath: VMware.VmwareGuestMove.instance + description: metadata about the virtual machine + type: unknown + - arguments: + - description: 'Name of the virtual machine. This is a required parameter, if + parameter `uuid` or `moid` is not supplied.' + name: name + - description: 'UUID of the instance to gather info if known, this is VMware''s + unique identifier. This is a required parameter, if parameter `name` or `moid` + is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is a required parameter, only if multiple VMs are found with same + name. The folder should include the datacenter. ESXi server''s datacenter + is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm + folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 + folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm + folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: 'The name of cluster where the virtual machine will run. This is + a required parameter, if `esxi_hostname` is not set. `esxi_hostname` and `cluster` + are mutually exclusive parameters.' + name: cluster + - description: 'The ESXi hostname where the virtual machine will run. This is + a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` + are mutually exclusive parameters.' + name: esxi_hostname + - defaultValue: ha-datacenter + description: The datacenter name to which virtual machine belongs to. + name: datacenter + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `True`, return settings of all network adapters, other + parameters are ignored. If set to `False`, will add, reconfigure or remove + network adapters according to the parameters in `networks`.' + name: gather_network_info + predefined: + - 'Yes' + - 'No' + - description: 'A list of network adapters. `mac` or `label` or `device_type` + is required to reconfigure or remove an existing network adapter. If there + are multiple network adapters with the same `device_type`, you should set + `label` or `mac` to match one of them, or will apply changes on all network + adapters with the `device_type` specified. `mac`, `label`, `device_type` is + the order of precedence from greatest to least if all set. Valid attributes + are: - `mac` (string): MAC address of the existing network adapter to be reconfigured + or removed. - `label` (string): Label of the existing network adapter to be + reconfigured or removed, e.g., "Network adapter 1". - `device_type` (string): + Valid virtual network device types are: `e1000`, `e1000e`, `pcnet32`, `vmxnet2`, + `vmxnet3` (default), `sriov`. Used to add new network adapter, reconfigure + or remove the existing network adapter with this type. If `mac` and `label` + not specified or not find network adapter by `mac` or `label` will use this + parameter. - `name` (string): Name of the portgroup or distributed virtual + portgroup for this interface. When specifying distributed virtual portgroup + make sure given `esxi_hostname` or `cluster` is associated with it. - `vlan` + (integer): VLAN number for this interface. - `dvswitch_name` (string): Name + of the distributed vSwitch. This value is required if multiple distributed + portgroups exists with the same name. - `state` (string): State of the network + adapter. If set to `present`, then will do reconfiguration for the specified + network adapter. If set to `new`, then will add the specified network adapter. + If set to `absent`, then will remove this network adapter. - `manual_mac` + (string): Manual specified MAC address of the network adapter when creating, + or reconfiguring. If not specified when creating new network adapter, mac + address will be generated automatically. When reconfigure MAC address, VM + should be in powered off state. - `connected` (bool): Indicates that virtual + network adapter connects to the associated virtual machine. - `start_connected` + (bool): Indicates that virtual network adapter starts with associated virtual + machine powers on.' + isArray: true + name: networks + description: "Manage network adapters of specified virtual machine in given vCenter\ + \ infrastructure\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_network_module.html" + name: vmware-guest-network + outputs: + - contextPath: VMware.VmwareGuestNetwork.network_data + description: metadata about the virtual machine's network adapter after managing + them + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: present + description: Set the state of the virtual machine. + name: state + predefined: + - powered-off + - powered-on + - reboot-guest + - restarted + - shutdown-guest + - suspended + - present + - description: 'Name of the virtual machine to work with. Virtual machine names + in vCenter are not necessarily unique, which may be problematic, see `name_match`.' + name: name + - auto: PREDEFINED + defaultValue: first + description: If multiple virtual machines matching the name, use the first or + last found. + name: name_match + predefined: + - first + - last + - description: 'UUID of the instance to manage if known, this is VMware''s unique + identifier. This is required if `name` or `moid` is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Destination folder, absolute or relative path to find an existing + guest. The folder should include the datacenter. ESX''s datacenter is ha-datacenter + Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm + folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 + folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: 'Date and time in string format at which specified task needs to + be performed. The required format for date and time - ''dd/mm/yyyy hh:mm''. + Scheduling task requires vCenter server. A standalone ESXi server does not + support this option.' + name: scheduled_at + - description: 'Name of schedule task. Valid only if `scheduled_at` is specified.' + name: schedule_task_name + - description: 'Description of schedule task. Valid only if `scheduled_at` is + specified.' + name: schedule_task_description + - auto: PREDEFINED + defaultValue: 'Yes' + description: Flag to indicate whether the scheduled task is enabled or disabled. + name: schedule_task_enabled + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'Ignore warnings and complete the actions. This parameter is useful + while forcing virtual machine state.' + name: force + predefined: + - 'Yes' + - 'No' + - defaultValue: '0' + description: 'If the `state` is set to `shutdown-guest`, by default the module + will return immediately after sending the shutdown signal. If this argument + is set to a positive integer, the module will instead wait for the VM to reach + the poweredoff state. The value sets a timeout in seconds for the module to + wait for the state change.' + name: state_change_timeout + description: "Manages power states of virtual machines in vCenter\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_powerstate_module.html" + name: vmware-guest-powerstate + outputs: [] + - arguments: + - description: 'Name of the virtual machine. This is a required parameter, if + parameter `uuid` or `moid` is not supplied.' + name: name + - description: 'UUID of the instance to gather facts if known, this is VMware''s + unique identifier. This is a required parameter, if parameter `name` or `moid` + is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is a required parameter, only if multiple VMs are found with same + name. The folder should include the datacenter. ESXi server''s datacenter + is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm + folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 + folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm + folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: 'The name of cluster where the virtual machine is running. This + is a required parameter, if `esxi_hostname` is not set. `esxi_hostname` and + `cluster` are mutually exclusive parameters.' + name: cluster + - description: 'The ESXi hostname where the virtual machine is running. This is + a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` + are mutually exclusive parameters.' + name: esxi_hostname + - description: The datacenter name to which virtual machine belongs to. + name: datacenter + - description: 'If `local_path` is not set, the created screenshot file will be + kept in the directory of the virtual machine on ESXi host. If `local_path` + is set to a valid path on local machine, then the screenshot file will be + downloaded from ESXi host to the local directory. If not download screenshot + file to local machine, you can open it through the returned file URL in screenshot + facts manually.' + name: local_path + description: "Create a screenshot of the Virtual Machine console.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_screenshot_module.html" + name: vmware-guest-screenshot + outputs: + - contextPath: VMware.VmwareGuestScreenshot.screenshot_info + description: display the facts of captured virtual machine screenshot file + type: unknown + - arguments: + - description: 'Name of the virtual machine. This is a required parameter, if + parameter `uuid` or `moid` is not supplied.' + name: name + - description: 'UUID of the instance to gather facts if known, this is VMware''s + unique identifier. This is a required parameter, if parameter `name` or `moid` + is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is a required parameter, only if multiple VMs are found with same + name. The folder should include the datacenter. ESXi server''s datacenter + is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm + folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 + folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm + folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: 'The name of cluster where the virtual machine is running. This + is a required parameter, if `esxi_hostname` is not set. `esxi_hostname` and + `cluster` are mutually exclusive parameters.' + name: cluster + - description: 'The ESXi hostname where the virtual machine is running. This is + a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` + are mutually exclusive parameters.' + name: esxi_hostname + - description: The datacenter name to which virtual machine belongs to. + name: datacenter + - description: 'The string will be sent to the virtual machine. This string can + contain valid special character, alphabet and digit on the keyboard.' + name: string_send + - description: 'The list of the keys will be sent to the virtual machine. Valid + values are `ENTER`, `ESC`, `BACKSPACE`, `TAB`, `SPACE`, `CAPSLOCK`, `DELETE`, + `CTRL_ALT_DEL`, `CTRL_C` and `F1` to `F12`, `RIGHTARROW`, `LEFTARROW`, `DOWNARROW`, + `UPARROW`. If both `keys_send` and `string_send` are specified, keys in `keys_send` + list will be sent in front of the `string_send`.' + isArray: true + name: keys_send + description: "Send USB HID codes to the Virtual Machine's keyboard.\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_sendkey_module.html" + name: vmware-guest-sendkey + outputs: + - contextPath: VMware.VmwareGuestSendkey.sendkey_info + description: display the keys and the number of keys sent to the virtual machine + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: present + description: 'Manage snapshot(s) attached to a specific virtual machine. If + set to `present` and snapshot absent, then will create a new snapshot with + the given name. If set to `present` and snapshot present, then no changes + are made. If set to `absent` and snapshot present, then snapshot with the + given name is removed. If set to `absent` and snapshot absent, then no changes + are made. If set to `revert` and snapshot present, then virtual machine state + is reverted to the given snapshot. If set to `revert` and snapshot absent, + then no changes are made. If set to `remove_all` and snapshot(s) present, + then all snapshot(s) will be removed. If set to `remove_all` and snapshot(s) + absent, then no changes are made.' + name: state + predefined: + - present + - absent + - revert + - remove_all + required: true + - description: 'Name of the virtual machine to work with. This is required parameter, + if `uuid` or `moid` is not supplied.' + name: name + - auto: PREDEFINED + defaultValue: first + description: If multiple VMs matching the name, use the first or last found. + name: name_match + predefined: + - first + - last + - description: 'UUID of the instance to manage if known, this is VMware''s BIOS + UUID by default. This is required if `name` or `moid` parameter is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is required parameter, if `name` is supplied. The folder should + include the datacenter. ESX''s datacenter is ha-datacenter. Examples: folder: + /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: + datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 + folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: Destination datacenter for the deploy operation. + name: datacenter + required: true + - description: 'Sets the snapshot name to manage. This param is required only + if state is not `remove_all`' + name: snapshot_name + - defaultValue: '' + description: Define an arbitrary description to attach to snapshot. + name: description + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `true` and virtual machine is powered on, it will quiesce + the file system in virtual machine. Note that VMware Tools are required for + this flag. If virtual machine is powered off or VMware Tools are not available, + then this flag is set to `false`. If virtual machine does not provide capability + to take quiesce snapshot, then this flag is set to `false`.' + name: quiesce + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `true`, memory dump of virtual machine is also included + in snapshot. Note that memory snapshots take time and resources, this will + take longer time to create. If virtual machine does not provide capability + to take memory snapshot, then this flag is set to `false`.' + name: memory_dump + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: If set to `true` and state is set to `absent`, then entire snapshot + subtree is set for removal. + name: remove_children + predefined: + - 'Yes' + - 'No' + - description: Value to rename the existing snapshot to. + name: new_snapshot_name + - description: Value to change the description of an existing snapshot to. + name: new_description + description: "Manages virtual machines snapshots in vCenter\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_snapshot_module.html" + name: vmware-guest-snapshot + outputs: + - contextPath: VMware.VmwareGuestSnapshot.snapshot_results + description: metadata about the virtual machine snapshots + type: unknown + - arguments: + - description: 'Name of the VM to work with. This is required if `uuid` or `moid` + is not supplied.' + name: name + - description: 'UUID of the instance to manage if known, this is VMware''s BIOS + UUID by default. This is required if `name` or `moid` parameter is not supplied. + The `folder` is ignored, if `uuid` is provided.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is required only, if multiple virtual machines with same name + are found on given vCenter. The folder should include the datacenter. ESX''s + datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm + folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 + folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm + folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: Name of the datacenter. + name: datacenter + required: true + description: "Gather info about virtual machine's snapshots in vCenter\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_snapshot_info_module.html" + name: vmware-guest-snapshot-info + outputs: + - contextPath: VMware.VmwareGuestSnapshotInfo.guest_snapshots + description: metadata about the snapshot information + type: unknown + - arguments: + - description: 'Name of the virtual machine to work with. This is required if + `uuid` or `moid` is not supplied.' + name: name + - auto: PREDEFINED + defaultValue: first + description: If multiple virtual machines matching the name, use the first or + last found. + name: name_match + predefined: + - first + - last + - description: 'UUID of the instance to manage if known, this is VMware''s unique + identifier. This is required if `name` or `moid` is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is required, if `name` is supplied. The folder should include + the datacenter. ESX''s datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm + folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: + /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm + folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: Destination datacenter where the virtual machine exists. + name: datacenter + required: true + description: "Module to upgrade VMTools\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_tools_upgrade_module.html" + name: vmware-guest-tools-upgrade + outputs: [] + - arguments: + - description: 'Name of the VM for which to wait until the tools become available. + This is required if `uuid` or `moid` is not supplied.' + name: name + - auto: PREDEFINED + defaultValue: first + description: If multiple VMs match the name, use the first or last found. + name: name_match + predefined: + - first + - last + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is required only, if multiple VMs with same `name` is found. The + folder should include the datacenter. ESX''s datacenter is `ha-datacenter`. + Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm + folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 + folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: 'UUID of the VM for which to wait until the tools become available, + if known. This is VMware''s unique identifier. This is required, if `name` + or `moid` is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + description: "Wait for VMware tools to become available\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_tools_wait_module.html" + name: vmware-guest-tools-wait + outputs: + - contextPath: VMware.VmwareGuestToolsWait.instance + description: metadata about the virtual machine + type: unknown + - arguments: + - description: 'Name of the virtual machine. This is a required parameter, if + parameter `uuid` or `moid` is not supplied.' + name: name + - description: 'UUID of the instance to gather facts if known, this is VMware''s + unique identifier. This is a required parameter, if parameter `name` or `moid` + is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. This is a required parameter, only if multiple VMs are found with same + name. The folder should include the datacenter. ESXi server''s datacenter + is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm + folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 + folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm + folder: /folder1/datacenter1/vm/folder2' + name: folder + - defaultValue: ha-datacenter + description: 'The datacenter name to which virtual machine belongs to. This + parameter is case sensitive.' + name: datacenter + - defaultValue: 'no' + description: 'If set to True, return settings of the video card, other attributes + are ignored. If set to False, will do reconfiguration and return video card + settings.' + name: gather_video_facts + - description: 'If set to True, applies common video settings to the guest operating + system, attributes `display_number` and `video_memory_mb` are ignored. If + set to False, the number of display and the total video memory will be reconfigured + using `display_number` and `video_memory_mb`.' + name: use_auto_detect + - description: The number of display. Valid value from 1 to 10. The maximum display + number is 4 on vCenter 6.0, 6.5 web UI. + name: display_number + - description: 'Valid total MB of video memory range of virtual machine is from + 1.172 MB to 256 MB on ESXi 6.7U1, from 1.172 MB to 128 MB on ESXi 6.7 and + previous versions. For specific guest OS, supported minimum and maximum video + memory are different, please be careful on setting this.' + name: video_memory_mb + - description: Enable 3D for guest operating systems on which VMware supports + 3D. + name: enable_3D + - auto: PREDEFINED + description: 'If set to `automatic`, selects the appropriate option (software + or hardware) for this virtual machine automatically. If set to `software`, + uses normal CPU processing for 3D calculations. If set to `hardware`, requires + graphics hardware (GPU) for faster 3D calculations.' + name: renderer_3D + predefined: + - automatic + - software + - hardware + - description: The value of 3D Memory must be power of 2 and valid value is from + 32 MB to 2048 MB. + name: memory_3D_mb + description: "Modify video card configurations of specified virtual machine in\ + \ given vCenter infrastructure\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_video_module.html" + name: vmware-guest-video + outputs: + - contextPath: VMware.VmwareGuestVideo.video_status + description: metadata about the virtual machine's video card after managing + them + type: unknown + - arguments: + - defaultValue: ha-datacenter + description: 'Destination datacenter for the deploy operation. This parameter + is case sensitive.' + name: datacenter + - auto: PREDEFINED + defaultValue: present + description: Set the state of VNC on virtual machine. + name: state + predefined: + - present + - absent + - description: 'Name of the virtual machine to work with. Virtual machine names + in vCenter are not necessarily unique, which may be problematic, see `name_match`.' + name: name + - auto: PREDEFINED + defaultValue: first + description: If multiple virtual machines matching the name, use the first or + last found. + name: name_match + predefined: + - first + - last + - description: 'UUID of the instance to manage if known, this is VMware''s unique + identifier. This is required, if `name` or `moid` is not supplied.' + name: uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `name` or `uuid` is not supplied.' + name: moid + - description: 'Destination folder, absolute or relative path to find an existing + guest. The folder should include the datacenter. ESX''s datacenter is ha-datacenter' + name: folder + - defaultValue: 0.0.0.0 + description: 'Sets an IP for VNC on virtual machine. This is required only when + `state` is set to present and will be ignored if `state` is absent.' + name: vnc_ip + - defaultValue: '0' + description: 'The port that VNC listens on. Usually a number between 5900 and + 7000 depending on your config. This is required only when `state` is set to + present and will be ignored if `state` is absent.' + name: vnc_port + - defaultValue: '' + description: 'Sets a password for VNC on virtual machine. This is required only + when `state` is set to present and will be ignored if `state` is absent.' + name: vnc_password + description: "Manages VNC remote display on virtual machines in vCenter\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_vnc_module.html" + name: vmware-guest-vnc + outputs: + - contextPath: VMware.VmwareGuestVnc.changed + description: If anything changed on VM's extraConfig. + type: boolean + - contextPath: VMware.VmwareGuestVnc.failed + description: If changes failed. + type: boolean + - contextPath: VMware.VmwareGuestVnc.instance + description: Dictionary describing the VM, including VNC info. + type: unknown + - arguments: + - description: 'Name of the datacenter to add the host. Aliases added in version + 2.6.' + name: datacenter_name + required: true + - description: 'Name of the cluster to add the host. If `folder` is not set, then + this parameter is required. Aliases added in version 2.6.' + name: cluster_name + - description: 'Name of the folder under which host to add. If `cluster_name` + is not set, then this parameter is required. For example, if there is a datacenter + ''dc1'' under folder called ''Site1'' then, this value will be ''/Site1/dc1/host''. + Here ''host'' is an invisible folder under VMware Web Client. Another example, + if there is a nested folder structure like ''/myhosts/india/pune'' under datacenter + ''dc2'', then `folder` value will be ''/dc2/host/myhosts/india/pune''. Other + Examples: - ''/Site2/dc2/Asia-Cluster/host'' - ''/dc3/Asia-Cluster/host''' + name: folder + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If set to `True`, then the host should be connected as soon as + it is added. This parameter is ignored if state is set to a value other than + `present`.' + name: add_connected + predefined: + - 'Yes' + - 'No' + - description: ESXi hostname to manage. + name: esxi_hostname + required: true + - description: 'ESXi username. Required for adding a host. Optional for reconnect. + If both `esxi_username` and `esxi_password` are used Unused for removing. + No longer a required parameter from version 2.5.' + name: esxi_username + - description: 'ESXi password. Required for adding a host. Optional for reconnect. + Unused for removing. No longer a required parameter from version 2.5.' + name: esxi_password + - auto: PREDEFINED + defaultValue: present + description: 'If set to `present`, add the host if host is absent. If set to + `present`, update the location of the host if host already exists. If set + to `absent`, remove the host if host is present. If set to `absent`, do nothing + if host already does not exists. If set to `add_or_reconnect`, add the host + if it''s absent else reconnect it and update the location. If set to `reconnect`, + then reconnect the host if it''s present and update the location.' + name: state + predefined: + - present + - absent + - add_or_reconnect + - reconnect + - defaultValue: '' + description: 'Specifying the hostsystem certificate''s thumbprint. Use following + command to get hostsystem certificate''s thumbprint - # openssl x509 -in /etc/vmware/ssl/rui.crt + -fingerprint -sha1 -noout Only used if `fetch_thumbprint` isn''t set to `true`.' + name: esxi_ssl_thumbprint + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Fetch the thumbprint of the host''s SSL certificate. This basically + disables the host certificate verification (check if it was signed by a recognized + CA). Disable this option if you want to allow only hosts with valid certificates + to be added to vCenter. If this option is set to `false` and the certificate + can''t be verified, an add or reconnect will fail. Unused when `esxi_ssl_thumbprint` + is set. Optional for reconnect, but only used if `esxi_username` and `esxi_password` + are used. Unused for removing.' + name: fetch_ssl_thumbprint + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: Force the connection if the host is already being managed by another + vCenter server. + name: force_connection + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'Reconnect disconnected hosts. This is only used if `state` is + set to `present` and if the host already exists.' + name: reconnect_disconnected + predefined: + - 'Yes' + - 'No' + description: "Add, remove, or move an ESXi host to, from, or within vCenter\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_module.html" + name: vmware-host + outputs: + - contextPath: VMware.VmwareHost.result + description: metadata about the new host system added + type: string + - arguments: + - description: 'Name of the cluster. Acceptance level of all ESXi host system + in the given cluster will be managed. If `esxi_hostname` is not given, this + parameter is required.' + name: cluster_name + - description: 'ESXi hostname. Acceptance level of this ESXi host system will + be managed. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + - auto: PREDEFINED + defaultValue: list + description: 'Set or list acceptance level of the given ESXi host. If set to + `list`, then will return current acceptance level of given host system/s. + If set to `present`, then will set given acceptance level.' + name: state + predefined: + - list + - present + - auto: PREDEFINED + description: 'Name of acceptance level. If set to `partner`, then accept only + partner and VMware signed and certified VIBs. If set to `vmware_certified`, + then accept only VIBs that are signed and certified by VMware. If set to `vmware_accepted`, + then accept VIBs that have been accepted by VMware. If set to `community`, + then accept all VIBs, even those that are not signed.' + name: acceptance_level + predefined: + - community + - partner + - vmware_accepted + - vmware_certified + description: "Manage the host acceptance level of an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_acceptance_module.html" + name: vmware-host-acceptance + outputs: + - contextPath: VMware.VmwareHostAcceptance.facts + description: dict with hostname as key and dict with acceptance level facts, + error as value + type: unknown + - arguments: + - description: AD Domain to join. + name: ad_domain + - description: Username for AD domain join. + name: ad_user + - description: Password for AD domain join. + name: ad_password + - auto: PREDEFINED + defaultValue: absent + description: Whether the ESXi host is joined to an AD domain or not. + name: ad_state + predefined: + - present + - absent + - description: 'Name of the host system to work with. This parameter is required + if `cluster_name` is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + This parameter is required if `esxi_hostname` is not specified.' + name: cluster_name + description: "Joins an ESXi host system to an Active Directory domain or leaves\ + \ it\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_active_directory_module.html" + name: vmware-host-active-directory + outputs: + - contextPath: VMware.VmwareHostActiveDirectory.results + description: metadata about host system's AD domain join state + type: unknown + - arguments: + - description: 'Name of the cluster from all host systems to be used for information + gathering. If `esxi_hostname` is not given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname to gather information from. If `cluster_name` is + not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's capability information\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_capability_info_module.html" + name: vmware-host-capability-info + outputs: + - contextPath: VMware.VmwareHostCapabilityInfo.hosts_capability_info + description: metadata about host's capability info + type: unknown + - arguments: + - description: 'Name of the cluster from which the ESXi host belong to. If `esxi_hostname` + is not given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname to gather information from. If `cluster_name` is + not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's advance configuration information\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_config_info_module.html" + name: vmware-host-config-info + outputs: + - contextPath: VMware.VmwareHostConfigInfo.hosts_info + description: dict with hostname as key and dict with host config information + type: unknown + - arguments: + - description: 'Name of the cluster. Settings are applied to every ESXi host in + given cluster. If `esxi_hostname` is not given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname. Settings are applied to this ESXi host. If `cluster_name` + is not given, this parameter is required.' + name: esxi_hostname + - description: 'A dictionary of advanced system settings. Invalid options will + cause module to error. Note that the list of advanced options (with description + and values) can be found by running `vim-cmd hostsvc/advopt/options`.' + isArray: true + name: options + description: "Manage advanced system settings of an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_config_manager_module.html" + name: vmware-host-config-manager + outputs: [] + - arguments: + - description: 'Name of the datacenter to add the datastore. The datacenter isn''t + used by the API to create a datastore. Will be removed in 2.11.' + name: datacenter_name + - description: Name of the datastore to add/remove. + name: datastore_name + required: true + - auto: PREDEFINED + description: Type of the datastore to configure (nfs/nfs41/vmfs). + name: datastore_type + predefined: + - nfs + - nfs41 + - vmfs + required: true + - description: 'NFS host serving nfs datastore. Required if datastore type is + set to `nfs`/`nfs41` and state is set to `present`, else unused. Two or more + servers can be defined if datastore type is set to `nfs41`' + name: nfs_server + - description: 'Resource path on NFS host. Required if datastore type is set to + `nfs`/`nfs41` and state is set to `present`, else unused.' + name: nfs_path + - auto: PREDEFINED + defaultValue: 'No' + description: 'ReadOnly or ReadWrite mount. Unused if datastore type is not set + to `nfs`/`nfs41` and state is not set to `present`.' + name: nfs_ro + predefined: + - 'Yes' + - 'No' + - description: 'Name of the device to be used as VMFS datastore. Required for + VMFS datastore type and state is set to `present`, else unused.' + name: vmfs_device_name + - description: 'VMFS version to use for datastore creation. Unused if datastore + type is not set to `vmfs` and state is not set to `present`.' + name: vmfs_version + - description: 'ESXi hostname to manage the datastore. Required when used with + a vcenter' + name: esxi_hostname + - auto: PREDEFINED + defaultValue: present + description: 'present: Mount datastore on host if datastore is absent else do + nothing. absent: Umount datastore if datastore is present else do nothing.' + name: state + predefined: + - present + - absent + description: "Manage a datastore on ESXi host\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_host_datastore_module.html" + name: vmware-host-datastore + outputs: [] + - arguments: + - description: 'Name of the cluster from which the ESXi host belong to. If `esxi_hostname` + is not given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname to gather information from. If `cluster_name` is + not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's DNS configuration information\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_dns_info_module.html" + name: vmware-host-dns-info + outputs: + - contextPath: VMware.VmwareHostDnsInfo.hosts_dns_info + description: metadata about DNS config from given cluster / host system + type: unknown + - arguments: + - description: 'ESXi hostname. Host facts about the specified ESXi server will + be returned. By specifying this option, you can select which ESXi hostsystem + is returned if connecting to a vCenter.' + name: esxi_hostname + - auto: PREDEFINED + defaultValue: 'No' + description: Tags related to Host are shown if set to `True`. + name: show_tag + predefined: + - 'Yes' + - 'No' + description: "Gathers facts about remote ESXi hostsystem\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_facts_module.html" + name: vmware-host-facts + outputs: + - contextPath: VMware.VmwareHostFacts.ansible_facts + description: system info about the host machine + type: unknown + - arguments: + - description: 'Name of the cluster from all host systems to be used for information + gathering. If `esxi_hostname` is not given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname to gather information from. If `cluster_name` is + not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's feature capability information\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_feature_info_module.html" + name: vmware-host-feature-info + outputs: + - contextPath: VMware.VmwareHostFeatureInfo.hosts_feature_info + description: metadata about host's feature capability information + type: unknown + - arguments: + - description: 'Name of the cluster from which the ESXi host belong to. If `esxi_hostname` + is not given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname to gather information from. If `cluster_name` is + not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's firewall configuration information\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_firewall_info_module.html" + name: vmware-host-firewall-info + outputs: + - contextPath: VMware.VmwareHostFirewallInfo.hosts_firewall_info + description: metadata about host's firewall configuration + type: unknown + - arguments: + - description: 'Name of the cluster. Firewall settings are applied to every ESXi + host system in given cluster. If `esxi_hostname` is not given, this parameter + is required.' + name: cluster_name + - description: 'ESXi hostname. Firewall settings are applied to this ESXi host + system. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + - description: 'A list of Rule set which needs to be managed. Each member of list + is rule set name and state to be set the rule. Both rule name and rule state + are required parameters. Additional IPs and networks can also be specified + Please see examples for more information.' + isArray: true + name: rules + description: "Manage firewall configurations about an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_firewall_manager_module.html" + name: vmware-host-firewall-manager + outputs: + - contextPath: VMware.VmwareHostFirewallManager.rule_set_state + description: dict with hostname as key and dict with firewall rule set facts + as value + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: enabled + description: 'Enable or disable Hyperthreading. You need to reboot the ESXi + host if you change the configuration. Make sure that Hyperthreading is enabled + in the BIOS. Otherwise, it will be enabled, but never activated.' + name: state + predefined: + - enabled + - disabled + - description: 'Name of the host system to work with. This parameter is required + if `cluster_name` is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + This parameter is required if `esxi_hostname` is not specified.' + name: cluster_name + description: "Enables/Disables Hyperthreading optimization for an ESXi host system\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_hyperthreading_module.html" + name: vmware-host-hyperthreading + outputs: + - contextPath: VMware.VmwareHostHyperthreading.results + description: metadata about host system's Hyperthreading configuration + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: enabled + description: 'Enable or disable IPv6 support. You need to reboot the ESXi host + if you change the configuration.' + name: state + predefined: + - enabled + - disabled + - description: 'Name of the host system to work with. This is required parameter + if `cluster_name` is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + This is required parameter if `esxi_hostname` is not specified.' + name: cluster_name + description: "Enables/Disables IPv6 support for an ESXi host system\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ipv6_module.html" + name: vmware-host-ipv6 + outputs: + - contextPath: VMware.VmwareHostIpv6.result + description: metadata about host system's IPv6 configuration + type: unknown + - arguments: + - description: 'Name of the ESXi host to work on. This parameter is required if + `cluster_name` is not specified.' + name: esxi_hostname + - description: 'Name of the VMware cluster to work on. All ESXi hosts in this + cluster will be configured. This parameter is required if `esxi_hostname` + is not specified.' + name: cluster_name + - description: Name of the kernel module to be configured. + name: kernel_module_name + required: true + - description: 'Specified configurations will be applied to the given module. + These values are specified in key=value pairs and separated by a space when + there are multiple options.' + name: kernel_module_option + required: true + description: "Manage kernel module options on ESXi hosts\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_kernel_manager_module.html" + name: vmware-host-kernel-manager + outputs: + - contextPath: VMware.VmwareHostKernelManager.results + description: dict with information on what was changed, by ESXi host in scope. + type: unknown + - arguments: + - description: 'Name of cluster. All host systems from given cluster used to manage + lockdown. Required parameter, if `esxi_hostname` is not set.' + name: cluster_name + - description: 'List of ESXi hostname to manage lockdown. Required parameter, + if `cluster_name` is not set. See examples for specifications.' + isArray: true + name: esxi_hostname + - auto: PREDEFINED + defaultValue: present + description: 'State of hosts system If set to `present`, all host systems will + be set in lockdown mode. If host system is already in lockdown mode and set + to `present`, no action will be taken. If set to `absent`, all host systems + will be removed from lockdown mode. If host system is already out of lockdown + mode and set to `absent`, no action will be taken.' + name: state + predefined: + - present + - absent + description: "Manage administrator permission for the local administrative account\ + \ for the ESXi host\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_lockdown_module.html" + name: vmware-host-lockdown + outputs: + - contextPath: VMware.VmwareHostLockdown.results + description: metadata about state of Host system lock down + type: unknown + - arguments: + - description: 'Name of the host system to work with. This parameter is required + if `cluster_name` is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + This parameter is required if `esxi_hostname` is not specified.' + name: cluster_name + - description: 'IP or FQDN of NTP server(s). This accepts a list of NTP servers. + For multiple servers, please look at the examples.' + isArray: true + name: ntp_servers + required: true + - auto: PREDEFINED + description: 'present: Add NTP server(s), if specified server(s) are absent + else do nothing. absent: Remove NTP server(s), if specified server(s) are + present else do nothing. Specified NTP server(s) will be configured if `state` + isn''t specified.' + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: 'No' + description: 'Verbose output of the configuration change. Explains if an NTP + server was added, removed, or if the NTP server sequence was changed.' + name: verbose + predefined: + - 'Yes' + - 'No' + description: "Manage NTP server configuration of an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ntp_module.html" + name: vmware-host-ntp + outputs: + - contextPath: VMware.VmwareHostNtp.results + description: metadata about host system's NTP configuration + type: unknown + - arguments: + - description: 'Name of the cluster. NTP config information about each ESXi server + will be returned for the given cluster. If `esxi_hostname` is not given, this + parameter is required.' + name: cluster_name + - description: 'ESXi hostname. NTP config information about this ESXi server will + be returned. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about NTP configuration on an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ntp_info_module.html" + name: vmware-host-ntp-info + outputs: + - contextPath: VMware.VmwareHostNtpInfo.hosts_ntp_info + description: dict with hostname as key and dict with NTP infos as value + type: unknown + - arguments: + - description: 'Name of the cluster. Package information about each ESXi server + will be returned for given cluster. If `esxi_hostname` is not given, this + parameter is required.' + name: cluster_name + - description: 'ESXi hostname. Package information about this ESXi server will + be returned. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about available packages on an ESXi host\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_package_info_module.html" + name: vmware-host-package-info + outputs: + - contextPath: VMware.VmwareHostPackageInfo.hosts_package_info + description: dict with hostname as key and dict with package information as + value + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: balanced + description: Set the Power Management Policy of the host system. + name: policy + predefined: + - high-performance + - balanced + - low-power + - custom + - description: 'Name of the host system to work with. This is required parameter + if `cluster_name` is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + This is required parameter if `esxi_hostname` is not specified.' + name: cluster_name + description: "Manages the Power Management Policy of an ESXI host system\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_powermgmt_policy_module.html" + name: vmware-host-powermgmt-policy + outputs: + - contextPath: VMware.VmwareHostPowermgmtPolicy.result + description: metadata about host system's Power Management Policy + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: shutdown-host + description: Set the state of the host system. + name: state + predefined: + - power-down-to-standby + - power-up-from-standby + - shutdown-host + - reboot-host + - description: 'Name of the host system to work with. This is required parameter + if `cluster_name` is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + This is required parameter if `esxi_hostname` is not specified.' + name: cluster_name + - auto: PREDEFINED + defaultValue: 'No' + description: 'This parameter specify if the host should be proceeding with user + defined powerstate regardless of whether it is in maintenance mode. If `state` + set to `reboot-host` and `force` as `true`, then host system is rebooted regardless + of whether it is in maintenance mode. If `state` set to `shutdown-host` and + `force` as `true`, then host system is shutdown regardless of whether it is + in maintenance mode. If `state` set to `power-down-to-standby` and `force` + to `true`, then all powered off VMs will evacuated. Not applicable if `state` + set to `power-up-from-standby`.' + name: force + predefined: + - 'Yes' + - 'No' + - defaultValue: '600' + description: 'This parameter defines timeout for `state` set to `power-down-to-standby` + or `power-up-from-standby`. Ignored if `state` set to `reboot-host` or `shutdown-host`. + This parameter is defined in seconds.' + name: timeout + description: "Manages power states of host systems in vCenter\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_powerstate_module.html" + name: vmware-host-powerstate + outputs: + - contextPath: VMware.VmwareHostPowerstate.result + description: metadata about host system's state + type: unknown + - arguments: + - description: ESXi hostname to Rescan the storage subsystem on. + name: esxi_hostname + - description: Cluster name to Rescan the storage subsystem on (this will run + the rescan task on each host in the cluster). + name: cluster_name + - auto: PREDEFINED + defaultValue: 'No' + description: Refresh the storage system in vCenter/ESXi Web Client for each + host found + name: refresh_storage + predefined: + - 'Yes' + - 'No' + description: "Rescan host HBA's and optionally refresh the storage system\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_scanhba_module.html" + name: vmware-host-scanhba + outputs: + - contextPath: VMware.VmwareHostScanhba.result + description: return confirmation of requested host and updated / refreshed storage + system + type: unknown + - arguments: + - description: 'Name of the cluster. Service information about each ESXi server + will be returned for given cluster. If `esxi_hostname` is not given, this + parameter is required.' + name: cluster_name + - description: 'ESXi hostname. Service information about this ESXi server will + be returned. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's services\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_service_info_module.html" + name: vmware-host-service-info + outputs: + - contextPath: VMware.VmwareHostServiceInfo.host_service_info + description: dict with hostname as key and dict with host service config information + type: unknown + - arguments: + - description: 'Name of the cluster. Service settings are applied to every ESXi + host system/s in given cluster. If `esxi_hostname` is not given, this parameter + is required.' + name: cluster_name + - description: 'ESXi hostname. Service settings are applied to this ESXi host + system. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + - auto: PREDEFINED + defaultValue: start + description: 'Desired state of service. State value ''start'' and ''present'' + has same effect. State value ''stop'' and ''absent'' has same effect.' + name: state + predefined: + - absent + - present + - restart + - start + - stop + - auto: PREDEFINED + description: 'Set of valid service policy strings. If set `on`, then service + should be started when the host starts up. If set `automatic`, then service + should run if and only if it has open firewall ports. If set `off`, then Service + should not be started when the host starts up.' + name: service_policy + predefined: + - automatic + - 'off' + - 'on' + - description: 'Name of Service to be managed. This is a brief identifier for + the service, for example, ntpd, vxsyslogd etc. This value should be a valid + ESXi service name.' + name: service_name + required: true + description: "Manage services on a given ESXi host\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_host_service_manager_module.html" + name: vmware-host-service-manager + outputs: [] + - arguments: + - auto: PREDEFINED + defaultValue: disabled + description: Enable, disable, or reset the SNMP agent. + name: state + predefined: + - disabled + - enabled + - reset + - description: List of SNMP community strings. + isArray: true + name: community + - defaultValue: '161' + description: Port used by the SNMP agent. + name: snmp_port + - description: 'A list of trap targets. You need to use `hostname`, `port`, and + `community` for each trap target.' + isArray: true + name: trap_targets + - description: 'A list of trap oids for traps not to be sent by agent, e.g. [ + 1.3.6.1.4.1.6876.4.1.1.0, 1.3.6.1.4.1.6876.4.1.1.1 ] Use value `reset` to + clear settings.' + isArray: true + name: trap_filter + - auto: PREDEFINED + defaultValue: 'No' + description: Send a test trap to validate the configuration. + name: send_trap + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: indications + description: 'Source hardware events from IPMI sensors or CIM Indications. The + embedded SNMP agent receives hardware events either from IPMI sensors `sensors` + or CIM indications `indications`.' + name: hw_source + predefined: + - indications + - sensors + - auto: PREDEFINED + defaultValue: info + description: Syslog logging level. + name: log_level + predefined: + - debug + - info + - warning + - error + description: "Configures SNMP on an ESXi host system\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_host_snmp_module.html" + name: vmware-host-snmp + outputs: + - contextPath: VMware.VmwareHostSnmp.results + description: metadata about host system's SNMP configuration + type: unknown + - arguments: + - description: 'Name of the cluster. SSL thumbprint information about all ESXi + host system in the given cluster will be reported. If `esxi_hostname` is not + given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname. SSL thumbprint information of this ESXi host system + will be reported. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + description: "Gather info of ESXi host system about SSL\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ssl_info_module.html" + name: vmware-host-ssl-info + outputs: + - contextPath: VMware.VmwareHostSslInfo.host_ssl_info + description: dict with hostname as key and dict with SSL thumbprint related + info + type: unknown + - arguments: + - description: 'Name of the host system to work with. Vmhba information about + this ESXi server will be returned. This parameter is required if `cluster_name` + is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + Vmhba information about each ESXi server will be returned for the given cluster. + This parameter is required if `esxi_hostname` is not specified.' + name: cluster_name + description: "Gathers info about vmhbas available on the given ESXi host\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_vmhba_info_module.html" + name: vmware-host-vmhba-info + outputs: + - contextPath: VMware.VmwareHostVmhbaInfo.hosts_vmhbas_info + description: dict with hostname as key and dict with vmhbas information as value. + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: 'No' + description: Gather information about general capabilities (Auto negotiation, + Wake On LAN, and Network I/O Control). + name: capabilities + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Gather information about DirectPath I/O capabilities and configuration. + name: directpath_io + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: Gather information about SR-IOV capabilities and configuration. + name: sriov + predefined: + - 'Yes' + - 'No' + - description: 'Name of the host system to work with. Vmnic information about + this ESXi server will be returned. This parameter is required if `cluster_name` + is not specified.' + name: esxi_hostname + - description: 'Name of the cluster from which all host systems will be used. + Vmnic information about each ESXi server will be returned for the given cluster. + This parameter is required if `esxi_hostname` is not specified.' + name: cluster_name + description: "Gathers info about vmnics available on the given ESXi host\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_vmnic_info_module.html" + name: vmware-host-vmnic-info + outputs: + - contextPath: VMware.VmwareHostVmnicInfo.hosts_vmnics_info + description: 'dict with hostname as key and dict with vmnics information as + value. for `num_vmnics`, only NICs starting with vmnic are counted. NICs like + vusb* are not counted. details about vswitch and dvswitch was added in version + 2.7. details about vmnics was added in version 2.8.' + type: unknown + - arguments: [] + description: "Gather info about local roles on an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_local_role_info_module.html" + name: vmware-local-role-info + outputs: + - contextPath: VMware.VmwareLocalRoleInfo.local_role_info + description: Info about role present on ESXi host + type: unknown + - arguments: + - description: The local role name to be managed. + name: local_role_name + required: true + - description: 'The list of privileges that role needs to have. Please see `https://docs.vmware.com/en/VMware-vSphere/6.0/com.vmware.vsphere.security.doc/GUID-ED56F3C4-77D0-49E3-88B6-B99B8B437B62.html`' + isArray: true + name: local_privilege_ids + - auto: PREDEFINED + defaultValue: present + description: 'Indicate desired state of the role. If the role already exists + when `state=present`, the role info is updated.' + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: 'No' + description: If set to `False` then prevents the role from being removed if + any permissions are using it. + name: force_remove + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: set + description: 'This parameter is only valid while updating an existing role with + privileges. `add` will add the privileges to the existing privilege list. + `remove` will remove the privileges from the existing privilege list. `set` + will replace the privileges of the existing privileges with user defined list + of privileges.' + name: action + predefined: + - add + - remove + - set + description: "Manage local roles on an ESXi host\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_local_role_manager_module.html" + name: vmware-local-role-manager + outputs: + - contextPath: VMware.VmwareLocalRoleManager.role_name + description: Name of local role + type: string + - contextPath: VMware.VmwareLocalRoleManager.role_id + description: ESXi generated local role id + type: number + - contextPath: VMware.VmwareLocalRoleManager.privileges + description: List of privileges + type: unknown + - contextPath: VMware.VmwareLocalRoleManager.privileges_previous + description: List of privileges of role before the update + type: unknown + - contextPath: VMware.VmwareLocalRoleManager.local_role_name + description: Name of local role + type: string + - contextPath: VMware.VmwareLocalRoleManager.new_privileges + description: List of privileges + type: unknown + - contextPath: VMware.VmwareLocalRoleManager.old_privileges + description: List of privileges of role before the update + type: unknown + - arguments: [] + description: "Gather info about users on the given ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_local_user_info_module.html" + name: vmware-local-user-info + outputs: + - contextPath: VMware.VmwareLocalUserInfo.local_user_info + description: metadata about all local users + type: unknown + - arguments: + - description: The local user name to be changed. + name: local_user_name + required: true + - description: The password to be set. + name: local_user_password + - description: Description for the user. + name: local_user_description + - auto: PREDEFINED + defaultValue: present + description: Indicate desired state of the user. If the user already exists + when `state=present`, the user info is updated + name: state + predefined: + - present + - absent + description: "Manage local users on an ESXi host\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_local_user_manager_module.html" + name: vmware-local-user-manager + outputs: [] + - arguments: + - description: Name of the host as defined in vCenter. + name: esxi_hostname + required: true + - auto: PREDEFINED + description: Specify which VSAN compliant mode to enter. + name: vsan + predefined: + - ensureObjectAccessibility + - evacuateAllData + - noAction + - auto: PREDEFINED + defaultValue: 'No' + description: If set to `True`, evacuate all powered off VMs. + name: evacuate + predefined: + - 'Yes' + - 'No' + - defaultValue: '0' + description: Specify a timeout for the operation. + name: timeout + - auto: PREDEFINED + defaultValue: present + description: Enter or exit maintenance mode. + name: state + predefined: + - present + - absent + description: "Place a host into maintenance mode\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_maintenancemode_module.html" + name: vmware-maintenancemode + outputs: + - contextPath: VMware.VmwareMaintenancemode.hostsystem + description: Name of vim reference + type: string + - contextPath: VMware.VmwareMaintenancemode.hostname + description: Name of host in vCenter + type: string + - contextPath: VMware.VmwareMaintenancemode.status + description: Action taken + type: string + - arguments: + - description: ESXi hostname to be managed + name: esxi_hostname + required: true + - description: VMK interface name + name: device + required: true + - description: Switch VMK interface is currently on + name: current_switch_name + required: true + - description: Portgroup name VMK interface is currently on + name: current_portgroup_name + required: true + - description: Switch name to migrate VMK interface to + name: migrate_switch_name + required: true + - description: Portgroup name to migrate VMK interface to + name: migrate_portgroup_name + required: true + description: "Migrate a VMK interface from VSS to VDS\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_migrate_vmk_module.html" + name: vmware-migrate-vmk + outputs: [] + - arguments: + - description: The role to be assigned permission. + name: role + required: true + - description: 'The user to be assigned permission. Required if `group` is not + specified.' + name: principal + - description: 'The group to be assigned permission. Required if `principal` is + not specified.' + name: group + - description: The object name to assigned permission. + name: object_name + required: true + - auto: PREDEFINED + defaultValue: Folder + description: The object type being targeted. + name: object_type + predefined: + - Folder + - VirtualMachine + - Datacenter + - ResourcePool + - Datastore + - Network + - HostSystem + - ComputeResource + - ClusterComputeResource + - DistributedVirtualSwitch + - auto: PREDEFINED + defaultValue: 'Yes' + description: Should the permissions be recursively applied. + name: recursive + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: 'Indicate desired state of the object''s permission. When `state=present`, + the permission will be added if it doesn''t already exist. When `state=absent`, + the permission is removed if it exists.' + name: state + predefined: + - present + - absent + description: "Manage local roles on an ESXi host\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_object_role_permission_module.html" + name: vmware-object-role-permission + outputs: + - contextPath: VMware.VmwareObjectRolePermission.changed + description: whether or not a change was made to the object's role + type: boolean + - arguments: + - description: vSwitch to modify. + name: switch + required: true + - description: Portgroup name to add. + name: portgroup + required: true + - defaultValue: '0' + description: 'VLAN ID to assign to portgroup. Set to 0 (no VLAN tagging) by + default.' + name: vlan_id + - description: 'Network policy specifies layer 2 security settings for a portgroup + such as promiscuous mode, where guest adapter listens to all the packets, + MAC address changes and forged transmits. Dict which configures the different + security values for portgroup. Valid attributes are: - `promiscuous_mode` + (bool): indicates whether promiscuous mode is allowed. (default: None) - `forged_transmits` + (bool): indicates whether forged transmits are allowed. (default: None) - + `mac_changes` (bool): indicates whether mac changes are allowed. (default: + None)' + isArray: true + name: security + - description: 'Dictionary which configures the different teaming values for portgroup. + Valid attributes are: - `load_balancing` (string): Network adapter teaming + policy. `load_balance_policy` is also alias to this option. (default: loadbalance_srcid) + - choices: [ loadbalance_ip, loadbalance_srcmac, loadbalance_srcid, failover_explicit + ] - `network_failure_detection` (string): Network failure detection. (default: + link_status_only) - choices: [ link_status_only, beacon_probing ] - `notify_switches` + (bool): Indicate whether or not to notify the physical switch if a link fails. + (default: None) - `failback` (bool): Indicate whether or not to use a failback + when restoring links. (default: None) - `active_adapters` (list): List of + active adapters used for load balancing. - `standby_adapters` (list): List + of standby adapters used for failover. - All vmnics are used as active adapters + if `active_adapters` and `standby_adapters` are not defined. - `inbound_policy` + (bool): Indicate whether or not the teaming policy is applied to inbound frames + as well. Deprecated. (default: False) - `rolling_order` (bool): Indicate whether + or not to use a rolling policy when restoring links. Deprecated. (default: + False)' + isArray: true + name: teaming + - description: 'Dictionary which configures traffic shaping for the switch. Valid + attributes are: - `enabled` (bool): Status of Traffic Shaping Policy. (default: + None) - `average_bandwidth` (int): Average bandwidth (kbit/s). (default: None) + - `peak_bandwidth` (int): Peak bandwidth (kbit/s). (default: None) - `burst_size` + (int): Burst size (KB). (default: None)' + isArray: true + name: traffic_shaping + - description: 'Name of cluster name for host membership. Portgroup will be created + on all hosts of the given cluster. This option is required if `hosts` is not + specified.' + name: cluster_name + - description: 'List of name of host or hosts on which portgroup needs to be added. + This option is required if `cluster_name` is not specified.' + isArray: true + name: hosts + - auto: PREDEFINED + defaultValue: present + description: Determines if the portgroup should be present or not. + name: state + predefined: + - present + - absent + description: "Create a VMware portgroup\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_portgroup_module.html" + name: vmware-portgroup + outputs: + - contextPath: VMware.VmwarePortgroup.result + description: metadata about the portgroup + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: 'No' + description: 'Gather information about Security, Traffic Shaping, as well as + Teaming and failover. The property `ts` stands for Traffic Shaping and `lb` + for Load Balancing.' + name: policies + predefined: + - 'Yes' + - 'No' + - description: 'Name of the cluster. Info will be returned for all hostsystem + belonging to this cluster name. If `esxi_hostname` is not given, this parameter + is required.' + name: cluster_name + - description: 'ESXi hostname to gather information from. If `cluster_name` is + not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's Port Group configuration\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_portgroup_info_module.html" + name: vmware-portgroup-info + outputs: + - contextPath: VMware.VmwarePortgroupInfo.hosts_portgroup_info + description: metadata about host's portgroup configuration + type: unknown + - arguments: + - description: Name of the datacenter to add the host. + name: datacenter + required: true + - description: Name of the cluster to add the host. + name: cluster + required: true + - description: Resource pool name to manage. + name: resource_pool + required: true + - auto: PREDEFINED + defaultValue: 'Yes' + description: In a resource pool with an expandable reservation, the reservation + on a resource pool can grow beyond the specified value. + name: cpu_expandable_reservations + predefined: + - 'Yes' + - 'No' + - defaultValue: '0' + description: Amount of resource that is guaranteed available to the virtual + machine or resource pool. + name: cpu_reservation + - defaultValue: '-1' + description: 'The utilization of a virtual machine/resource pool will not exceed + this limit, even if there are available resources. The default value -1 indicates + no limit.' + name: cpu_limit + - auto: PREDEFINED + defaultValue: normal + description: Memory shares are used in case of resource contention. + name: cpu_shares + predefined: + - high + - custom + - low + - normal + - auto: PREDEFINED + defaultValue: 'Yes' + description: In a resource pool with an expandable reservation, the reservation + on a resource pool can grow beyond the specified value. + name: mem_expandable_reservations + predefined: + - 'Yes' + - 'No' + - defaultValue: '0' + description: Amount of resource that is guaranteed available to the virtual + machine or resource pool. + name: mem_reservation + - defaultValue: '-1' + description: 'The utilization of a virtual machine/resource pool will not exceed + this limit, even if there are available resources. The default value -1 indicates + no limit.' + name: mem_limit + - auto: PREDEFINED + defaultValue: normal + description: Memory shares are used in case of resource contention. + name: mem_shares + predefined: + - high + - custom + - low + - normal + - auto: PREDEFINED + defaultValue: present + description: Add or remove the resource pool + name: state + predefined: + - present + - absent + description: "Add/remove resource pools to/from vCenter\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_resource_pool_module.html" + name: vmware-resource-pool + outputs: + - contextPath: VMware.VmwareResourcePool.instance + description: metadata about the new resource pool + type: unknown + - arguments: [] + description: "Gathers info about resource pool information\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_resource_pool_info_module.html" + name: vmware-resource-pool-info + outputs: + - contextPath: VMware.VmwareResourcePoolInfo.resource_pool_info + description: metadata about resource pool configuration + type: unknown + - arguments: + - description: The name of tag to manage. + name: tag_name + required: true + - defaultValue: '' + description: 'The tag description. This is required only if `state` is set to + `present`. This parameter is ignored, when `state` is set to `absent`. Process + of updating tag only allows description change.' + name: tag_description + - description: 'The unique ID generated by vCenter should be used to. User can + get this unique ID from facts module.' + name: category_id + - auto: PREDEFINED + defaultValue: present + description: 'The state of tag. If set to `present` and tag does not exists, + then tag is created. If set to `present` and tag exists, then tag is updated. + If set to `absent` and tag exists, then tag is deleted. If set to `absent` + and tag does not exists, no action is taken.' + name: state + predefined: + - present + - absent + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Manage VMware tags\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_tag_module.html" + name: vmware-tag + outputs: + - contextPath: VMware.VmwareTag.results + description: dictionary of tag metadata + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Manage VMware tag info\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_tag_info_module.html" + name: vmware-tag-info + outputs: + - contextPath: VMware.VmwareTagInfo.results + description: dictionary of tag metadata + type: unknown + - arguments: + - description: 'List of tag(s) to be managed. You can also specify category name + by specifying colon separated value. For example, "category_name:tag_name". + You can skip category name if you have unique tag names.' + isArray: true + name: tag_names + required: true + - auto: PREDEFINED + defaultValue: add + description: 'If `state` is set to `add` or `present` will add the tags to the + existing tag list of the given object. If `state` is set to `remove` or `absent` + will remove the tags from the existing tag list of the given object. If `state` + is set to `set` will replace the tags of the given objects with the user defined + list of tags.' + name: state + predefined: + - present + - absent + - add + - remove + - set + - auto: PREDEFINED + description: Type of object to work with. + name: object_type + predefined: + - VirtualMachine + - Datacenter + - ClusterComputeResource + - HostSystem + - DistributedVirtualSwitch + - DistributedVirtualPortgroup + required: true + - description: 'Name of the object to work with. For DistributedVirtualPortgroups + the format should be "switch_name:portgroup_name"' + name: object_name + required: true + - auto: PREDEFINED + defaultValue: https + description: The connection to protocol. + name: protocol + predefined: + - http + - https + description: "Manage association of VMware tags with VMware objects\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_tag_manager_module.html" + name: vmware-tag-manager + outputs: + - contextPath: VMware.VmwareTagManager.tag_status + description: metadata about tags related to object configuration + type: unknown + - arguments: + - description: 'The target id based on order of scsi device. version 2.6 onwards, + this parameter is optional.' + name: target_id + - description: 'Name of the cluster. Info about all SCSI devices for all host + system in the given cluster is returned. This parameter is required, if `esxi_hostname` + is not provided.' + name: cluster_name + - description: 'Name of the ESXi host system. Info about all SCSI devices for + the given ESXi host system is returned. This parameter is required, if `cluster_name` + is not provided.' + name: esxi_hostname + description: "Return canonical (NAA) from an ESXi host system\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_target_canonical_info_module.html" + name: vmware-target-canonical-info + outputs: + - contextPath: VMware.VmwareTargetCanonicalInfo.canonical + description: metadata about SCSI Target device + type: string + - contextPath: VMware.VmwareTargetCanonicalInfo.scsi_tgt_info + description: metadata about all SCSI Target devices + type: unknown + - arguments: + - defaultValue: '{''max_connections'': 50, ''task_cleanup'': True, ''task_retention'': + 30, ''event_cleanup'': True, ''event_retention'': 30}' + description: 'The database settings for vCenter server. Valid attributes are: + - `max_connections` (int): Maximum connections. (default: 50) - `task_cleanup` + (bool): Task cleanup. (default: true) - `task_retention` (int): Task retention + (days). (default: 30) - `event_cleanup` (bool): Event cleanup. (default: true) + - `event_retention` (int): Event retention (days). (default: 30)' + isArray: true + name: database + - description: 'The unique runtime settings for vCenter server. Valid attributes + are: - `unique_id` (int): vCenter server unique ID. - `managed_address` (str): + vCenter server managed address. - `vcenter_server_name` (str): vCenter server + name. (default: FQDN)' + isArray: true + name: runtime_settings + - defaultValue: '{''timeout'': 60, ''query_limit'': True, ''query_limit_size'': + 5000, ''validation'': True, ''validation_period'': 1440}' + description: 'The user directory settings for the vCenter server installation. + Valid attributes are: - `timeout` (int): User directory timeout. (default: + 60) - `query_limit` (bool): Query limit. (default: true) - `query_limit_size` + (int): Query limit size. (default: 5000) - `validation` (bool): Mail Validation. + (default: true) - `validation_period` (int): Validation period. (default: + 1440)' + isArray: true + name: user_directory + - description: 'The settings vCenter server uses to send email alerts. Valid attributes + are: - `server` (str): Mail server - `sender` (str): Mail sender address' + isArray: true + name: mail + - defaultValue: '{''snmp_receiver_1_url'': ''localhost'', ''snmp_receiver_1_enabled'': + True, ''snmp_receiver_1_port'': 162, ''snmp_receiver_1_community'': ''public'', + ''snmp_receiver_2_url'': '''', ''snmp_receiver_2_enabled'': False, ''snmp_receiver_2_port'': + 162, ''snmp_receiver_2_community'': '''', ''snmp_receiver_3_url'': '''', ''snmp_receiver_3_enabled'': + False, ''snmp_receiver_3_port'': 162, ''snmp_receiver_3_community'': '''', + ''snmp_receiver_4_url'': '''', ''snmp_receiver_4_enabled'': False, ''snmp_receiver_4_port'': + 162, ''snmp_receiver_4_community'': ''''}' + description: 'SNMP trap destinations for vCenter server alerts. Valid attributes + are: - `snmp_receiver_1_url` (str): Primary Receiver ULR. (default: "localhost") + - `snmp_receiver_1_enabled` (bool): Enable receiver. (default: True) - `snmp_receiver_1_port` + (int): Receiver port. (default: 162) - `snmp_receiver_1_community` (str): + Community string. (default: "public") - `snmp_receiver_2_url` (str): Receiver + 2 ULR. (default: "") - `snmp_receiver_2_enabled` (bool): Enable receiver. + (default: False) - `snmp_receiver_2_port` (int): Receiver port. (default: + 162) - `snmp_receiver_2_community` (str): Community string. (default: "") + - `snmp_receiver_3_url` (str): Receiver 3 ULR. (default: "") - `snmp_receiver_3_enabled` + (bool): Enable receiver. (default: False) - `snmp_receiver_3_port` (int): + Receiver port. (default: 162) - `snmp_receiver_3_community` (str): Community + string. (default: "") - `snmp_receiver_4_url` (str): Receiver 4 ULR. (default: + "") - `snmp_receiver_4_enabled` (bool): Enable receiver. (default: False) + - `snmp_receiver_4_port` (int): Receiver port. (default: 162) - `snmp_receiver_4_community` + (str): Community string. (default: "")' + isArray: true + name: snmp_receivers + - defaultValue: '{''normal_operations'': 30, ''long_operations'': 120}' + description: 'The vCenter server connection timeout for normal and long operations. + Valid attributes are: - `normal_operations` (int) (default: 30) - `long_operations` + (int) (default: 120)' + isArray: true + name: timeout_settings + - auto: PREDEFINED + defaultValue: info + description: The level of detail that vCenter server usesfor log files. + name: logging_options + predefined: + - none + - error + - warning + - info + - verbose + - trivia + description: "Configures general settings on a vCenter server\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vcenter_settings_module.html" + name: vmware-vcenter-settings + outputs: + - contextPath: VMware.VmwareVcenterSettings.results + description: metadata about vCenter settings + type: unknown + - arguments: + - description: 'Settings for vCenter server past day statistic collection. Valid + attributes are: - `enabled` (bool): Past day statistics collection enabled. + (default: True) - `interval_minutes` (int): Interval duration (minutes). (choices: + [1, 2, 3, 4, 5]) (default: 5) - `save_for_days` (int): Save for (days). (choices: + [1, 2, 3, 4, 5]) (default: 1) - `level` (int): Statistics level. (choices: + [1, 2, 3, 4]) (default: 1)' + isArray: true + name: interval_past_day + - description: 'Settings for vCenter server past week statistic collection. Valid + attributes are: - `enabled` (bool): Past week statistics collection enabled. + (default: True) - `interval_minutes` (int): Interval duration (minutes). (choices: + [30]) (default: 30) - `save_for_weeks` (int): Save for (weeks). (choices: + [1]) (default: 1) - `level` (int): Statistics level. (choices: [1, 2, 3, 4]) + (default: 1)' + isArray: true + name: interval_past_week + - description: 'Settings for vCenter server past month statistic collection. Valid + attributes are: - `enabled` (bool): Past month statistics collection enabled. + (default: True) - `interval_hours` (int): Interval duration (hours). (choices: + [2]) (default: 2) - `save_for_months` (int): Save for (months). (choices: + [1]) (default: 1) - `level` (int): Statistics level. (choices: [1, 2, 3, 4]) + (default: 1)' + isArray: true + name: interval_past_month + - description: 'Settings for vCenter server past month statistic collection. Valid + attributes are: - `enabled` (bool): Past month statistics collection enabled. + (default: True) - `interval_days` (int): Interval duration (days). (choices: + [1]) (default: 1) - `save_for_years` (int): Save for (years). (choices: [1, + 2, 3, 4, 5]) (default: 1) - `level` (int): Statistics level. (choices: [1, + 2, 3, 4]) (default: 1)' + isArray: true + name: interval_past_year + description: "Configures statistics on a vCenter server\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vcenter_statistics_module.html" + name: vmware-vcenter-statistics + outputs: + - contextPath: VMware.VmwareVcenterStatistics.results + description: metadata about vCenter statistics settings + type: unknown + - arguments: + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If set to `True`, the DRS rule will be an Affinity rule. If set + to `False`, the DRS rule will be an Anti-Affinity rule. Effective only if + `state` is set to `present`.' + name: affinity_rule + predefined: + - 'Yes' + - 'No' + - description: Datacenter to search for given cluster. If not set, we use first + cluster we encounter with `cluster_name`. + name: datacenter + - description: Cluster to create VM-Host rule. + name: cluster_name + required: true + - description: Name of rule to create or remove. + name: drs_rule_name + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `True`, the DRS rule will be enabled. Effective only + if `state` is set to `present`.' + name: enabled + predefined: + - 'Yes' + - 'No' + - description: 'Name of Host group to use with rule. Effective only if `state` + is set to `present`.' + name: host_group_name + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `True`, the DRS rule will be mandatory. Effective only + if `state` is set to `present`.' + name: mandatory + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: 'If set to `present` and the rule doesn''t exists then the rule + will be created. If set to `absent` and the rule exists then the rule will + be deleted.' + name: state + predefined: + - present + - absent + required: true + - description: 'Name of VM group to use with rule. Effective only if `state` is + set to `present`.' + name: vm_group_name + required: true + description: "Creates vm/host group in a given cluster\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_host_drs_rule_module.html" + name: vmware-vm-host-drs-rule + outputs: [] + - arguments: + - auto: PREDEFINED + defaultValue: all + description: 'If set to `vm`, then information are gathered for virtual machines + only. If set to `template`, then information are gathered for virtual machine + templates only. If set to `all`, then information are gathered for all virtual + machines and virtual machine templates.' + name: vm_type + predefined: + - all + - vm + - template + - auto: PREDEFINED + defaultValue: 'No' + description: Attributes related to VM guest shown in information only when this + is set `true`. + name: show_attribute + predefined: + - 'Yes' + - 'No' + - description: 'Specify a folder location of VMs to gather information from. Examples: + folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm + folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 + folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2' + name: folder + - auto: PREDEFINED + defaultValue: 'No' + description: Tags related to virtual machine are shown if set to `True`. + name: show_tag + predefined: + - 'Yes' + - 'No' + description: "Return basic info pertaining to a VMware machine guest\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_info_module.html" + name: vmware-vm-info + outputs: + - contextPath: VMware.VmwareVmInfo.virtual_machines + description: list of dictionary of virtual machines and their information + type: unknown + - arguments: + - description: 'The datacenter hosting the virtual machine. If set, it will help + to speed up virtual machine search.' + name: datacenter + - description: 'The cluster hosting the virtual machine. If set, it will help + to speed up virtual machine search.' + name: cluster + - description: 'Destination folder, absolute or relative path to find an existing + guest or create the new guest. The folder should include the datacenter. ESX''s + datacenter is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm + folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 + folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm + folder: /folder1/datacenter1/vm/folder2' + name: folder + - description: Name of the virtual machine to work with. + name: vm_id + required: true + - auto: PREDEFINED + defaultValue: vm_name + description: The VMware identification method by which the virtual machine will + be identified. + name: vm_id_type + predefined: + - uuid + - instance_uuid + - dns_name + - inventory_path + - vm_name + - description: The user to login-in to the virtual machine. + name: vm_username + required: true + - description: The password used to login-in to the virtual machine. + name: vm_password + required: true + - description: 'The absolute path to the program to start. On Linux, shell is + executed via bash.' + name: vm_shell + required: true + - defaultValue: ' ' + description: 'The argument to the program. The characters which must be escaped + to the shell also be escaped on the command line provided.' + name: vm_shell_args + - description: Comma separated list of environment variable, specified in the + guest OS notation. + isArray: true + name: vm_shell_env + - description: The current working directory of the application from which it + will be run. + name: vm_shell_cwd + - auto: PREDEFINED + defaultValue: 'No' + description: If set to `True`, module will wait for process to complete in the + given virtual machine. + name: wait_for_process + predefined: + - 'Yes' + - 'No' + - defaultValue: '3600' + description: 'Timeout in seconds. If set to positive integers, then `wait_for_process` + will honor this parameter and will exit after this timeout.' + name: timeout + description: "Run commands in a VMware guest operating system\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_shell_module.html" + name: vmware-vm-shell + outputs: + - contextPath: VMware.VmwareVmShell.results + description: metadata about the new process after completion with wait_for_process + type: unknown + - arguments: [] + description: "Gather information about vSphere storage profile defined storage\ + \ policy information.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_storage_policy_info_module.html" + name: vmware-vm-storage-policy-info + outputs: + - contextPath: VMware.VmwareVmStoragePolicyInfo.spbm_profiles + description: list of dictionary of SPBM info + type: unknown + - arguments: + - description: Desired cluster name where virtual machines are present for the + DRS rule. + name: cluster_name + required: true + - description: 'List of virtual machines name for which DRS rule needs to be applied. + Required if `state` is set to `present`.' + isArray: true + name: vms + - description: The name of the DRS rule to manage. + name: drs_rule_name + required: true + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `True`, the DRS rule will be enabled. Effective only + if `state` is set to `present`.' + name: enabled + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'No' + description: 'If set to `True`, the DRS rule will be mandatory. Effective only + if `state` is set to `present`.' + name: mandatory + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: 'Yes' + description: 'If set to `True`, the DRS rule will be an Affinity rule. If set + to `False`, the DRS rule will be an Anti-Affinity rule. Effective only if + `state` is set to `present`.' + name: affinity_rule + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: 'If set to `present`, then the DRS rule is created if not present. + If set to `present`, then the DRS rule is already present, it updates to the + given configurations. If set to `absent`, then the DRS rule is deleted if + present.' + name: state + predefined: + - present + - absent + description: "Configure VMware DRS Affinity rule for virtual machine in given\ + \ cluster\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_vm_drs_rule_module.html" + name: vmware-vm-vm-drs-rule + outputs: + - contextPath: VMware.VmwareVmVmDrsRule.result + description: metadata about DRS VM and VM rule + type: unknown + - arguments: + - description: Name of the virtual machine to migrate to a dvSwitch + name: vm_name + required: true + - description: Name of the portgroup to migrate to the virtual machine to + name: dvportgroup_name + required: true + description: "Migrates a virtual machine from a standard vswitch to distributed\n\ + \ Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_vss_dvs_migrate_module.html" + name: vmware-vm-vss-dvs-migrate + outputs: [] + - arguments: + - description: 'The name of the vSwitch where to add the VMKernel interface. Required + parameter only if `state` is set to `present`. Optional parameter from version + 2.5 and onwards.' + name: vswitch_name + - description: 'The name of the vSphere Distributed Switch (vDS) where to add + the VMKernel interface. Required parameter only if `state` is set to `present`. + Optional parameter from version 2.8 and onwards.' + name: dvswitch_name + - description: The name of the port group for the VMKernel interface. + name: portgroup_name + required: true + - defaultValue: '{''type'': ''static'', ''tcpip_stack'': ''default''}' + description: 'A dictionary of network details. The following parameter is required: + - `type` (string): Type of IP assignment (either `dhcp` or `static`). The + following parameters are required in case of `type` is set to `static`: - + `ip_address` (string): Static IP address (implies `type: static`). - `subnet_mask` + (string): Static netmask required for `ip_address`. The following parameter + is optional in case of `type` is set to `static`: - `default_gateway` (string): + Default gateway (Override default gateway for this adapter). The following + parameter is optional: - `tcpip_stack` (string): The TCP/IP stack for the + VMKernel interface. Can be default, provisioning, vmotion, or vxlan. (default: + default)' + isArray: true + name: network + - description: 'The IP Address for the VMKernel interface. Use `network` parameter + with `ip_address` instead. Deprecated option, will be removed in version 2.9.' + name: ip_address + - description: 'The Subnet Mask for the VMKernel interface. Use `network` parameter + with `subnet_mask` instead. Deprecated option, will be removed in version + 2.9.' + name: subnet_mask + - defaultValue: '1500' + description: 'The MTU for the VMKernel interface. The default value of 1500 + is valid from version 2.5 and onwards.' + name: mtu + - description: 'Search VMkernel adapter by device name. The parameter is required + only in case of `type` is set to `dhcp`.' + name: device + - description: 'Enable VSAN traffic on the VMKernel adapter. This option is only + allowed if the default TCP/IP stack is used.' + name: enable_vsan + - description: 'Enable vMotion traffic on the VMKernel adapter. This option is + only allowed if the default TCP/IP stack is used. You cannot enable vMotion + on an additional adapter if you already have an adapter with the vMotion TCP/IP + stack configured.' + name: enable_vmotion + - description: 'Enable Management traffic on the VMKernel adapter. This option + is only allowed if the default TCP/IP stack is used.' + name: enable_mgmt + - description: 'Enable Fault Tolerance traffic on the VMKernel adapter. This option + is only allowed if the default TCP/IP stack is used.' + name: enable_ft + - description: 'Enable Provisioning traffic on the VMKernel adapter. This option + is only allowed if the default TCP/IP stack is used.' + name: enable_provisioning + - description: 'Enable vSphere Replication traffic on the VMKernel adapter. This + option is only allowed if the default TCP/IP stack is used.' + name: enable_replication + - description: 'Enable vSphere Replication NFC traffic on the VMKernel adapter. + This option is only allowed if the default TCP/IP stack is used.' + name: enable_replication_nfc + - auto: PREDEFINED + defaultValue: present + description: 'If set to `present`, the VMKernel adapter will be created with + the given specifications. If set to `absent`, the VMKernel adapter will be + removed. If set to `present` and VMKernel adapter exists, the configurations + will be updated.' + name: state + predefined: + - present + - absent + - description: 'Name of ESXi host to which VMKernel is to be managed. From version + 2.5 onwards, this parameter is required.' + name: esxi_hostname + required: true + description: "Manages a VMware VMkernel Adapter of an ESXi host.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vmkernel_module.html" + name: vmware-vmkernel + outputs: + - contextPath: VMware.VmwareVmkernel.result + description: metadata about VMKernel name + type: unknown + - arguments: + - description: 'Name of the cluster. VMKernel information about each ESXi server + will be returned for the given cluster. If `esxi_hostname` is not given, this + parameter is required.' + name: cluster_name + - description: 'ESXi hostname. VMKernel information about this ESXi server will + be returned. If `cluster_name` is not given, this parameter is required.' + name: esxi_hostname + description: "Gathers VMKernel info about an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vmkernel_info_module.html" + name: vmware-vmkernel-info + outputs: + - contextPath: VMware.VmwareVmkernelInfo.host_vmk_info + description: metadata about VMKernel present on given host system + type: unknown + - arguments: + - description: VMkernel interface name + name: vmk_name + required: true + - description: IP address to assign to VMkernel interface + name: ip_address + required: true + - description: Subnet Mask to assign to VMkernel interface + name: subnet_mask + required: true + description: "Configure the VMkernel IP Address\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vmware_vmkernel_ip_config_module.html" + name: vmware-vmkernel-ip-config + outputs: [] + - arguments: + - description: 'Name of the VM to perform a vMotion on. This is required parameter, + if `vm_uuid` is not set. Version 2.6 onwards, this parameter is not a required + parameter, unlike the previous versions.' + name: vm_name + - description: 'UUID of the virtual machine to perform a vMotion operation on. + This is a required parameter, if `vm_name` or `moid` is not set.' + name: vm_uuid + - description: 'Managed Object ID of the instance to manage if known, this is + a unique identifier only within a single vCenter instance. This is required + if `vm_name` or `vm_uuid` is not supplied.' + name: moid + - auto: PREDEFINED + defaultValue: 'No' + description: Whether to use the VMware instance UUID rather than the BIOS UUID. + name: use_instance_uuid + predefined: + - 'Yes' + - 'No' + - description: 'Name of the destination host the virtual machine should be running + on. Version 2.6 onwards, this parameter is not a required parameter, unlike + the previous versions.' + name: destination_host + - description: Name of the destination datastore the virtual machine's vmdk should + be moved on. + name: destination_datastore + description: "Move a virtual machine using vMotion, and/or its vmdks using storage\ + \ vMotion.\n Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vmotion_module.html" + name: vmware-vmotion + outputs: + - contextPath: VMware.VmwareVmotion.running_host + description: List the host the virtual machine is registered to + type: string + - arguments: + - description: Desired cluster UUID + name: cluster_uuid + description: "Configure VSAN clustering on an ESXi host\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vsan_cluster_module.html" + name: vmware-vsan-cluster + outputs: [] + - arguments: + - description: The name of the distributed vSwitch on which to add or remove the + mirroring session. + name: switch + required: true + - description: Name of the session. + name: name + required: true + - auto: PREDEFINED + description: Create or remove the session. + name: state + predefined: + - present + - absent + required: true + - auto: PREDEFINED + defaultValue: dvPortMirror + description: 'Select the mirroring type. - `encapsulatedRemoteMirrorSource` + (str): In encapsulatedRemoteMirrorSource session, Distributed Ports can be + used as source entities, and Ip address can be used as destination entities. + - `remoteMirrorDest` (str): In remoteMirrorDest session, vlan Ids can be used + as source entities, and Distributed Ports can be used as destination entities. + - `remoteMirrorSource` (str): In remoteMirrorSource session, Distributed Ports + can be used as source entities, and uplink ports name can be used as destination + entities. - `dvPortMirror` (str): In dvPortMirror session, Distributed Ports + can be used as both source and destination entities.' + name: session_type + predefined: + - encapsulatedRemoteMirrorSource + - remoteMirrorDest + - remoteMirrorSource + - dvPortMirror + - auto: PREDEFINED + defaultValue: 'Yes' + description: Whether the session is enabled. + name: enabled + predefined: + - 'Yes' + - 'No' + - description: The description for the session. + name: description + - description: Source port for which transmitted packets are mirrored. + name: source_port_transmitted + - description: Source port for which received packets are mirrored. + name: source_port_received + - description: Destination port that received the mirrored packets. Also any port + designated in the value of this property can not match the source port in + any of the Distributed Port Mirroring session. + name: destination_port + - description: VLAN ID used to encapsulate the mirrored traffic. + name: encapsulation_vlan_id + - description: Whether to strip the original VLAN tag. if false, the original + VLAN tag will be preserved on the mirrored traffic. If encapsulationVlanId + has been set and this property is false, the frames will be double tagged + with the original VLAN ID as the inner tag. + name: strip_original_vlan + - description: An integer that describes how much of each frame to mirror. If + unset, all of the frame would be mirrored. Setting this property to a smaller + value is useful when the consumer will look only at the headers. The value + cannot be less than 60. + name: mirrored_packet_length + - description: Whether or not destination ports can send and receive "normal" + traffic. Setting this to false will make mirror ports be used solely for mirroring + and not double as normal access ports. + name: normal_traffic_allowed + - description: Sampling rate of the session. If its value is n, one of every n + packets is mirrored. Valid values are between 1 to 65535, and default value + is 1. + name: sampling_rate + - description: 'With this parameter it is possible, to add a NIC of a VM to a + port mirroring session. Valid attributes are: - `name` (str): Name of the + VM - `nic_label` (bool): Label of the Network Interface Card to use.' + isArray: true + name: source_vm_transmitted + - description: 'With this parameter it is possible, to add a NIC of a VM to a + port mirroring session. Valid attributes are: - `name` (str): Name of the + VM - `nic_label` (bool): Label of the Network Interface Card to use.' + isArray: true + name: source_vm_received + - description: 'With this parameter it is possible, to add a NIC of a VM to a + port mirroring session. Valid attributes are: - `name` (str): Name of the + VM - `nic_label` (bool): Label of the Network Interface Card to use.' + isArray: true + name: destination_vm + description: "Create or remove a Port Mirroring session.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vspan_session_module.html" + name: vmware-vspan-session + outputs: [] + - arguments: + - description: 'vSwitch name to add. Alias `switch` is added in version 2.4.' + name: switch + required: true + - description: 'A list of vmnic names or vmnic name to attach to vSwitch. Alias + `nics` is added in version 2.4.' + isArray: true + name: nics + - defaultValue: '128' + description: Number of port to configure on vSwitch. + name: number_of_ports + - defaultValue: '1500' + description: MTU to configure on vSwitch. + name: mtu + - auto: PREDEFINED + defaultValue: present + description: Add or remove the switch. + name: state + predefined: + - absent + - present + - description: Manage the vSwitch using this ESXi host system. + name: esxi_hostname + description: "Manage a VMware Standard Switch to an ESXi host.\n Further documentation\ + \ available at https://docs.ansible.com/ansible/2.9/modules/vmware_vswitch_module.html" + name: vmware-vswitch + outputs: + - contextPath: VMware.VmwareVswitch.result + description: information about performed operation + type: string + - arguments: + - description: 'Name of the cluster. Info about vswitch belonging to every ESXi + host systems under this cluster will be returned. If `esxi_hostname` is not + given, this parameter is required.' + name: cluster_name + - description: 'ESXi hostname to gather information from. If `cluster_name` is + not given, this parameter is required.' + name: esxi_hostname + description: "Gathers info about an ESXi host's vswitch configurations\n Further\ + \ documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vswitch_info_module.html" + name: vmware-vswitch-info + outputs: + - contextPath: VMware.VmwareVswitchInfo.hosts_vswitch_info + description: metadata about host's vswitch configuration + type: unknown + - arguments: + - description: The vCenter server on which the datastore is available. + name: host + required: true + - description: The datacenter on the vCenter server that holds the datastore. + name: datacenter + required: true + - description: The datastore on the vCenter server to push files to. + name: datastore + required: true + - description: The file or directory on the datastore on the vCenter server. + name: path + required: true + - defaultValue: '10' + description: The timeout in seconds for the upload to the datastore. + name: timeout + - auto: PREDEFINED + defaultValue: file + description: 'The state of or the action on the provided path. If `absent`, + the file will be removed. If `directory`, the directory will be created. If + `file`, more information of the (existing) file will be returned. If `touch`, + an empty file will be created if the path does not exist.' + name: state + predefined: + - absent + - directory + - file + - touch + description: "Manage files on a vCenter datastore\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vsphere_file_module.html" + name: vmware-vsphere-file + outputs: [] + - arguments: + - description: The extension key of the extension to install or uninstall. + name: extension_key + required: true + - description: The version of the extension you are installing or uninstalling. + name: version + required: true + - description: Required for `state=present`. The name of the extension you are + installing. + name: name + - description: Required for `state=present`. The name of the company that makes + the extension. + name: company + - description: Required for `state=present`. A short description of the extension. + name: description + - description: Required for `state=present`. Administrator email to use for extension. + name: email + - description: Required for `state=present`. Link to server hosting extension + zip file to install. + name: url + - description: Required for `state=present`. SSL thumbprint of the extension hosting + server. + name: ssl_thumbprint + - defaultValue: vsphere-client-serenity + description: Required for `state=present`. Type of server being used to install + the extension (SOAP, REST, HTTP, etc.). + name: server_type + - defaultValue: vsphere-client-serenity + description: Required for `state=present`. Type of client the extension is (win32, + .net, linux, etc.). + name: client_type + - auto: PREDEFINED + defaultValue: 'Yes' + description: Show the extension in solution manager inside vCenter. + name: visible + predefined: + - 'Yes' + - 'No' + - auto: PREDEFINED + defaultValue: present + description: Add or remove vCenter Extension. + name: state + predefined: + - absent + - present + description: "Register/deregister vCenter Extensions\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vcenter_extension_module.html" + name: vmware-vcenter-extension + outputs: + - contextPath: VMware.VcenterExtension.result + description: information about performed operation + type: string + - arguments: [] + description: "Gather info vCenter extensions\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vcenter_extension_info_module.html" + name: vmware-vcenter-extension-info + outputs: + - contextPath: VMware.VcenterExtensionInfo.extension_info + description: List of extensions + type: unknown + - arguments: + - description: Name of the datacenter. + name: datacenter + required: true + - description: 'Name of folder to be managed. This is case sensitive parameter. + Folder name should be under 80 characters. This is a VMware restriction.' + name: folder_name + required: true + - description: 'Name of the parent folder under which new folder needs to be created. + This is case sensitive parameter. Please specify unique folder name as there + is no way to detect duplicate names. If user wants to create a folder under + ''/DC0/vm/vm_folder'', this value will be ''vm_folder''.' + name: parent_folder + - auto: PREDEFINED + defaultValue: vm + description: 'This is type of folder. If set to `vm`, then ''VM and Template + Folder'' is created under datacenter. If set to `host`, then ''Host and Cluster + Folder'' is created under datacenter. If set to `datastore`, then ''Storage + Folder'' is created under datacenter. If set to `network`, then ''Network + Folder'' is created under datacenter. This parameter is required, if `state` + is set to `present` and parent_folder is absent. This option is ignored, if + `parent_folder` is set.' + name: folder_type + predefined: + - datastore + - host + - network + - vm + - auto: PREDEFINED + defaultValue: present + description: 'State of folder. If set to `present` without parent folder parameter, + then folder with `folder_type` is created. If set to `present` with parent + folder parameter, then folder in created under parent folder. `folder_type` + is ignored. If set to `absent`, then folder is unregistered and destroyed.' + name: state + predefined: + - present + - absent + description: "Manage folders on given datacenter\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vcenter_folder_module.html" + name: vmware-vcenter-folder + outputs: + - contextPath: VMware.VcenterFolder.result + description: The detail about the new folder + type: unknown + - arguments: + - defaultValue: '{''source'': ''ansible''}' + description: 'The optional labels of the license key to manage in vSphere vCenter. + This is dictionary with key/value pair.' + isArray: true + name: labels + - description: The license key to manage in vSphere vCenter. + name: license + required: true + - auto: PREDEFINED + defaultValue: present + description: Whether to add (`present`) or remove (`absent`) the license key. + name: state + predefined: + - absent + - present + - description: 'The hostname of the ESXi server to which the specified license + will be assigned. This parameter is optional.' + name: esxi_hostname + - description: The datacenter name to use for the operation. + name: datacenter + - description: Name of the cluster to apply vSAN license. + name: cluster_name + description: "Manage VMware vCenter license keys\n Further documentation available\ + \ at https://docs.ansible.com/ansible/2.9/modules/vcenter_license_module.html" + name: vmware-vcenter-license + outputs: + - contextPath: VMware.VcenterLicense.licenses + description: list of license keys after module executed + type: unknown + dockerimage: demisto/ansible-runner:1.0.0.23806 + runonce: false + script: '' + subtype: python3 + type: python +tests: +- No tests (auto formatted) diff --git a/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware_description.md b/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware_description.md new file mode 100644 index 000000000000..b95705acd440 --- /dev/null +++ b/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware_description.md @@ -0,0 +1,23 @@ +# Ansible VMware + +This integration enables the management of VMware vCenter and ESXi hosts directly from XSOAR. + +# Requirements +The Linux host(s) being managed requires Python >= 2.6. Different commands will use different underlying Ansible modules, and may have their own unique package requirements. Refer to the individual command documentation for further information. + +## Network Requirements +By default, TCP port 22 will be used to initiate a SSH connection to the Linux host. + +The connection will be initiated from the XSOAR engine/server specified in the instance settings. + +## Credentials + +This integration supports a number of methods of authenticating with the Linux Host: + +1. Username & Password entered into the integration +2. Username & Password credential from the XSOAR credential manager +3. Username and SSH Key from the XSOAR credential manager + +## Permissions + +Whilst un-privileged Linux user privileges can be used, a SuperUser account is recommended as most commands will require elevated permissions to execute. \ No newline at end of file diff --git a/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware_image.png b/Packs/AnsibleVMware/Integrations/AnsibleVMware/AnsibleVMware_image.png new file mode 100644 index 0000000000000000000000000000000000000000..4801780deeffed2546c807c8c737fb7781daf005 GIT binary patch literal 4007 zcmV;Y4_NStP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!TTP0dFN7J&%9iSY8ca=G`;{{Lsr3^RA;UM>c1(fxipp8t8wnVIvO z^FQazT;h11CoZ}#Iu^U=rnm&|=C}mz=C}mz=C}mz=C}mz=C}mz=5Q>QxFa=Hey#X>619wDdqZc$x>i_Syp+~g-0^S-_Ggwx&rLH+%iBjnib^)8{i0NSYu z)8_Lb{YMdwVI3M)zp`54hI;kxEtLfY1uGU8+1c5XA);loX3eUgnKFL=_~UjLBe}V` z{)vf+ce134xVSj?smW8lSds$Q<_}TNH{N)IkByDB+xCk56=lqnqgnsC=blR}C@A2I zii%X_+=!$szJKf(>Yf!qTBqTz6A~{Izk6y}stpS~6ILrv%&k^p1p&=17Gi-+ODim> z%#de+IwmV=HCsSnLRt)Fa^XNSJGza37G}sV1UsIxaN)w#!otEGENP2WPsHEfzdj(K zXXS+pRU=rIEqET)aSZVq#BzI6htuVQ1`XoRojb>pn%K6%XJ%%8yLt2GL1+tEgv@$k z7I|y?TejC{3oWmzs^WFtKHgxWTUL)+E39;FN1Huyv7QBmWa46)ifUmoh>K;|oYl+| z&V!I2FPF0x+6TlfVWusbH)${!0vw2o*y|jGmW>{L&yyJEAuKEmB8uvIOePaXG#>^aJyt_pMSGY5@Zeee;d~r7 z{;>soNW|SNA8K&wQLA%vV-`=67awJ|0E&y?$Tiaui=!3nRvgVJIs_1xj%FC)^g%$e z!TvP2k_=4zgU|p&K7!Y;U%zht{P}-mNkl3`yuH0Wnwy(xFEFrN(NUqHp`@m!hRb;B zsWIEOZavJhIHvK(DC#l%T=c~Ub{YS|4Q@LowQAcW( z*{vTC5U{hpzJ3}@B96{Q%iP`Fd9&FprDgDefq?|(Sag|~w%3+zzCHN7yu7UZ{QSR* zX%=f8kLUiluCDH3mR2x)#E553eEoG1m`q9PI@|6I-L*W8U>aSv9K*HyoE8`H?HMA8 z>nvNhZoR-vhh$}Csa=l^Nl8h}avl(ucCd$s$0sxc@bU4Xt{*yBa+#ASPriXM0`B`Y zj5lrCq*#Ex@WKnV5Mjqk!OhK$hk9>=w6wIH#l^)P8o>-P-}W5N zrV*Ow?dwaXrKGG#PEN)L0M`o3PMkPFE99@tCwaMf@;1JOfQu}Nkt0X)$B!RpDaZ8a z(W9C6y0pNOjbslGGkIoJB?x+)OkDzD@iB$CIG>8($c~FSLv*HQqBCA6x*JtQ*9dV# zEs6ENLY?lOD{>I1H{E`hAr}rvY4=G0`0&yh**t60V6uRtz$bXF0yp#(g0?P zbi5G&+$^&?MpIMM9Tnat;nmxWp_aC@!6gVLOD?;V4!Dn3;&J4MN-w_#AYEsmaOe z{h5H%9oeG?ZV7LlD_5?NlP6DxvZMl>%B)taTS-aDM3&VNG#^+mPqn}zuvmPEnVL+W zKAmn)bWKg-XhV^itJa|YhZb_Jx`{M5w$jj4-?lsP^@QWB;^?I-P60dPtfS&0pX}Z( zZ5VGAH_;8<0^t#nQ<#Z!=TK%!z=JP6XwlKpdCa7Mi>Gl^RFvu=g?Z9WFF8a!7atcF z7tCx*-m<(eA>w!L+_@gp^p5KdMj8-Xk@vq=Lw2niMhlG@8( zksl8$b1b6eibq;5v`FazxB$t0D_yzB^+u@EiX&HD=7@%ya6Tu56{)EBektq~gJ#dp z#H41Yl$Msp!VLz2%M7}B@uI3uK|w*#+_`hn)H-)JN^8gJ6TSzrOl8$iHjb_{5NV!}v7Pd#(Z6dF?3PKNLxNhzF2 zrW8yd{sSgSBUKdF#qB}4>W~SH@0G=&1gk@4F*tC?d?Sor*dAJ8)!cfSj%-77D-8`s zGYuxQT1Zh`**5xT2e|0L%>2be1(tvRrQ0AJ&0w2anF^R^^O}TFCCp~YXkxzW{uG&fkhUWU$G7ki!uDQ&>F zZpx7x5H9?Zq?5pwxf3T&#IIPfBL3>ttLT6@SQH8GQh%jLE?PeSn(&h!=x#CD+0&TW z2K;7|B(4CAbhZyRi>??H)pE-%b*&_7q}})B3W9@!XE9U3UEz_M`Eqh|bD4`FWYA!} z^b%smj2Zm2Y13p^q$YlB{QB|Z$MZQk3zSnC1KLi8Z5glA=~UMNTO4_ws(iwPiF{gG zn#1#V20E*Sy_k>*jNTZ<#c#YS=*k!dM>8B}X?sQ6tg+KUaghUSD`?nPaE%=LYa=;Z z+@I8+`5i5DhT7WN?aWkgxw=X--yY}6O80Hrw5fK>mMtIe*s+8A;DZmi(6I2NzJ2>j z4}nN*Y^>q%mxt#cI&_FTcGwn=A|k>R85I?H;J|*axVV^$j*00~krhv-I2WV1IO_0Yy$RnrGfo{d2_qIS$pWKS z1l;nN45Pveh+tmKs6{mB6XubaaTz2ya)h)ca}o~b)X$ksf%I-@TiyrA zrStGVW?v(bBOZmC@=uA7)WM<(9*DMIdjMDm^2eopL8>oZrw<8!alZ85->?c;g(Es> zhJ$~wH5}wT{3G6>gMBbok(b$~wcx=md%(zLZp!{K=xT8^qMeeG!tdI(OHuEUlt=jw zcl}$;v)7J1UscD)$0xt3sY&q~6UolbHWU>VX?-R8$!H4vz@o2&pWA?oHe5H6Z%XbL z3T#A1Fm3x=>afWlN%JmNzqIc$YKtRWr*ngVFXx4{97iuYV5E(#tE)RcbLPya-+S*p z`cd5p9Co^hpPwJ!(9l53Qd3iT7{!WuwgQ8DO=GqKm{-MVLv^mnNlAQ0dU|`ubt>G@ z#MyjL5LhnU#GE5kTnqlL$_(xrM;Lf-`in`lK`3CbW+a0SCug zKwSI30%_+>7B-CKV(bj^x|+wWS+nNlva+(*H*VZmiRtzPo-}C^|Ji4swRe8ab45o- z$CsCvYyCE?OMq<>UWalqB??G?CnRx=ERuR{*svjrrRB)3NFXaKD?KA4gQX-?^%g8x@VqFlGca*g?EqSN3P4=^+G9(* z$K5JAV}tMx8Aq1b>HF7?p{Jy2_)ioY#iIhs6mcZ(r9<^($fT!*1c2udVyu7<3kXdu z=Yd7iwR!XAoo7io9Bf+#yScm5Ccz`|AljSTwr#V0ez=7T7ZyWI>x~{gdO7A{fe6gU zpE6To=#abjGE;;bH*VYy5Yu+j)6=m{XP#A#)fI2u+2d{rE-QNpUs@~vARgz~w)qtI zw8n<3u&S2-G8NY=_Fb&b-JN)NdXqc+f{B|4EIir#EKUI&=SGDUMzV#*I<%qehYM%O zvE4;ocC!GUrYqb3*+FkMe%haTFCY1@Vw6Hl;DSmvS0k!FR%3Nk_2jE1=i8$C!!%og8LB^ff#Z1F4;C **Integrations** > **Servers & Services**. +2. Search for Ansible VMware. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Hostname | The hostname or IP address of the vSphere vCenter or ESXi server. | True | + | Port | The port of the vSphere vCenter or ESXi server. | True | + | Username | The username to access the vSphere vCenter or ESXi server. | True | + | Password | The password to access the vSphere vCenter or ESXi server. | True | + | Validate Certs | Allows connection when SSL certificates are not valid. Set to \`false\` when certificates are not trusted. | True | + +4. Click **Test** to validate the URLs, token, and connection. + +## Idempotence +The action commands in this integration are idempotent. This means that the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions. + +## State Arguement +Some of the commands in this integration take a state argument. These define the desired end state of the object being managed. As a result these commands are able to perform multiple management operations depending on the desired state value. Common state values are: +| **State** | **Result** | +| --- | --- | +| present | Object should exist. If not present, the object will be created with the provided parameters. If present but not with correct parameters, it will be modified to met provided parameters. | +| running | Object should be running not stopped. | +| stopped | Object should be stopped not running. | +| restarted | Object will be restarted. | +| absent | Object should not exist. If it it exists it will be deleted. | + +## Complex Command Inputs +Some commands may require structured input arguments such as `lists` or `dictionary`, these can be provided in standard JSON notation wrapped in double curly braces. For example a argument called `dns_servers` that accepts a list of server IPs 8.8.8.8 and 8.8.4.4 would be entered as `dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}"`. + +Other more advanced data manipulation tools such as [Ansible](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html)/[Jinja2 filters](https://jinja.palletsprojects.com/en/3.0.x/templates/#builtin-filters) can also be used in-line. For example to get a [random number](https://docs.ansible.com/ansible/2.9/user_guide/playbooks_filters.html#random-number-filter) between 0 and 60 you can use `{{ 60 | random }}`. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### vmware-about-info +*** +Provides information about VMware server to which user is connecting to +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_about_info_module.html + + +#### Base Command + +`vmware-about-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareAboutInfo.about_info | string | dict about VMware server | + + +#### Command Example +```!vmware-about-info ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareAboutInfo": [ + { + "about_info": { + "api_type": "VirtualCenter", + "api_version": "6.5", + "build": "8024368", + "instance_uuid": "a2ed9f62-9d30-4ee8-90d0-0f8f830448b4", + "license_product_name": "VMware VirtualCenter Server", + "license_product_version": "6.0", + "locale_build": "000", + "locale_version": "INTL", + "os_type": "linux-x64", + "product_full_name": "VMware vCenter Server 6.5.0 build-8024368", + "product_line_id": "vpx", + "product_name": "VMware vCenter Server", + "vendor": "VMware, Inc.", + "version": "6.5.0" + }, + "changed": false, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## About_Info +> * api_type: VirtualCenter +> * api_version: 6.5 +> * build: 8024368 +> * instance_uuid: a2ed9f62-9d30-4ee8-90d0-0f8f830448b4 +> * license_product_name: VMware VirtualCenter Server +> * license_product_version: 6.0 +> * locale_build: 000 +> * locale_version: INTL +> * os_type: linux-x64 +> * product_full_name: VMware vCenter Server 6.5.0 build-8024368 +> * product_line_id: vpx +> * product_name: VMware vCenter Server +> * vendor: VMware, Inc. +> * version: 6.5.0 + + +### vmware-category +*** +Manage VMware categories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_category_module.html + + +#### Base Command + +`vmware-category` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| category_name | The name of category to manage. | Required | +| category_description | The category description. This is required only if `state` is set to `present`. This parameter is ignored, when `state` is set to `absent`. | Optional | +| category_cardinality | The category cardinality. This parameter is ignored, when updating existing category. Possible values are: multiple, single. Default is multiple. | Optional | +| new_category_name | The new name for an existing category. This value is used while updating an existing category. | Optional | +| state | The state of category. If set to `present` and category does not exists, then category is created. If set to `present` and category exists, then category is updated. If set to `absent` and category exists, then category is deleted. If set to `absent` and category does not exists, no action is taken. Process of updating category only allows name, description change. Possible values are: present, absent. Default is present. | Optional | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareCategory.category_results | unknown | dictionary of category metadata | + + + + +### vmware-category-info +*** +Gather info about VMware tag categories +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_category_info_module.html + + +#### Base Command + +`vmware-category-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareCategoryInfo.tag_category_info | unknown | metadata of tag categories | + + + + +### vmware-cfg-backup +*** +Backup / Restore / Reset ESXi host configuration +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cfg_backup_module.html + + +#### Base Command + +`vmware-cfg-backup` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | Name of ESXi server. This is required only if authentication against a vCenter is done. | Optional | +| dest | The destination where the ESXi configuration bundle will be saved. The `dest` can be a folder or a file. If `dest` is a folder, the backup file will be saved in the folder with the default filename generated from the ESXi server. If `dest` is a file, the backup file will be saved with that filename. The file extension will always be .tgz. | Optional | +| src | The file containing the ESXi configuration that will be restored. | Optional | +| state | If `saved`, the .tgz backup bundle will be saved in `dest`. If `absent`, the host configuration will be reset to default values. If `loaded`, the backup file in `src` will be loaded to the ESXi host rewriting the hosts settings. Possible values are: saved, absent, loaded. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareCfgBackup.dest_file | string | The full path of where the file holding the ESXi configurations was stored | + + +#### Command Example +```!vmware-cfg-backup state="saved" dest="/tmp/" esxi_hostname="esxi01"``` + +#### Context Example +```json +{ + "VMware": { + "VmwareCfgBackup": [ + { + "changed": true, + "dest_file": "/tmp/configBundle-esxi01.tgz", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * dest_file: /tmp/configBundle-esxi01.tgz + + +### vmware-cluster +*** +Manage VMware vSphere clusters +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_module.html + + +#### Base Command + +`vmware-cluster` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | The name of the cluster to be managed. | Required | +| datacenter | The name of the datacenter. | Required | +| ignore_drs | If set to `yes`, DRS will not be configured; all explicit and default DRS related configurations will be ignored. Default is no. | Optional | +| ignore_ha | If set to `yes`, HA will not be configured; all explicit and default HA related configurations will be ignored. Default is no. | Optional | +| ignore_vsan | If set to `yes`, VSAN will not be configured; all explicit and default VSAN related configurations will be ignored. Default is no. | Optional | +| enable_drs | If set to `yes`, will enable DRS when the cluster is created. Use `enable_drs` of `vmware_cluster_drs` instead. Deprecated option, will be removed in version 2.12. Default is no. | Optional | +| drs_enable_vm_behavior_overrides | Determines whether DRS Behavior overrides for individual virtual machines are enabled. If set to `True`, overrides `drs_default_vm_behavior`. Use `drs_enable_vm_behavior_overrides` of `vmware_cluster_drs` instead. Deprecated option, will be removed in version 2.12. Possible values are: Yes, No. Default is Yes. | Optional | +| drs_default_vm_behavior | Specifies the cluster-wide default DRS behavior for virtual machines. If set to `partiallyAutomated`, then vCenter generate recommendations for virtual machine migration and for the placement with a host. vCenter automatically implement placement at power on. If set to `manual`, then vCenter generate recommendations for virtual machine migration and for the placement with a host. vCenter should not implement the recommendations automatically. If set to `fullyAutomated`, then vCenter should automate both the migration of virtual machines and their placement with a host at power on. Use `drs_default_vm_behavior` of `vmware_cluster_drs` instead. Deprecated option, will be removed in version 2.12. Possible values are: fullyAutomated, manual, partiallyAutomated. Default is fullyAutomated. | Optional | +| drs_vmotion_rate | Threshold for generated ClusterRecommendations. Use `drs_vmotion_rate` of `vmware_cluster_drs` instead. Deprecated option, will be removed in version 2.12. Possible values are: 1, 2, 3, 4, 5. Default is 3. | Optional | +| enable_ha | If set to `yes` will enable HA when the cluster is created. Use `enable_ha` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Default is no. | Optional | +| ha_host_monitoring | Indicates whether HA restarts virtual machines after a host fails. If set to `enabled`, HA restarts virtual machines after a host fails. If set to `disabled`, HA does not restart virtual machines after a host fails. If `enable_ha` is set to `no`, then this value is ignored. Use `ha_host_monitoring` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Possible values are: enabled, disabled. Default is enabled. | Optional | +| ha_vm_monitoring | Indicates the state of virtual machine health monitoring service. If set to `vmAndAppMonitoring`, HA response to both virtual machine and application heartbeat failure. If set to `vmMonitoringDisabled`, virtual machine health monitoring is disabled. If set to `vmMonitoringOnly`, HA response to virtual machine heartbeat failure. If `enable_ha` is set to `no`, then this value is ignored. Use `ha_vm_monitoring` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Possible values are: vmAndAppMonitoring, vmMonitoringOnly, vmMonitoringDisabled. Default is vmMonitoringDisabled. | Optional | +| ha_failover_level | Number of host failures that should be tolerated, still guaranteeing sufficient resources to restart virtual machines on available hosts. Accepts integer values only. Use `slot_based_admission_control`, `reservation_based_admission_control` or `failover_host_admission_control` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Default is 2. | Optional | +| ha_admission_control_enabled | Determines if strict admission control is enabled. It is recommended to set this parameter to `True`, please refer documentation for more details. Use `slot_based_admission_control`, `reservation_based_admission_control` or `failover_host_admission_control` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Possible values are: Yes, No. Default is Yes. | Optional | +| ha_vm_failure_interval | The number of seconds after which virtual machine is declared as failed if no heartbeat has been received. This setting is only valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds. Use `ha_vm_failure_interval` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Default is 30. | Optional | +| ha_vm_min_up_time | The number of seconds for the virtual machine's heartbeats to stabilize after the virtual machine has been powered on. This setting is only valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds. Use `ha_vm_min_up_time` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Default is 120. | Optional | +| ha_vm_max_failures | Maximum number of failures and automated resets allowed during the time that `ha_vm_max_failure_window` specifies. This setting is only valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. Use `ha_vm_max_failures` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Default is 3. | Optional | +| ha_vm_max_failure_window | The number of seconds for the window during which up to `ha_vm_max_failures` resets can occur before automated responses stop. This setting is only valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds. Default specifies no failure window. Use `ha_vm_max_failure_window` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Default is -1. | Optional | +| ha_restart_priority | Determines the preference that HA gives to a virtual machine if sufficient capacity is not available to power on all failed virtual machines. This setting is only valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. If set to `disabled`, then HA is disabled for this virtual machine. If set to `high`, then virtual machine with this priority have a higher chance of powering on after a failure, when there is insufficient capacity on hosts to meet all virtual machine needs. If set to `medium`, then virtual machine with this priority have an intermediate chance of powering on after a failure, when there is insufficient capacity on hosts to meet all virtual machine needs. If set to `low`, then virtual machine with this priority have a lower chance of powering on after a failure, when there is insufficient capacity on hosts to meet all virtual machine needs. Use `ha_restart_priority` of `vmware_cluster_ha` instead. Deprecated option, will be removed in version 2.12. Possible values are: disabled, high, low, medium. Default is medium. | Optional | +| enable_vsan | If set to `yes` will enable vSAN when the cluster is created. Use `enable_vsan` of `vmware_cluster_vsan` instead. Deprecated option, will be removed in version 2.12. Default is no. | Optional | +| vsan_auto_claim_storage | Determines whether the VSAN service is configured to automatically claim local storage on VSAN-enabled hosts in the cluster. Use `vsan_auto_claim_storage` of `vmware_cluster_vsan` instead. Deprecated option, will be removed in version 2.12. Possible values are: Yes, No. Default is No. | Optional | +| state | Create `present` or remove `absent` a VMware vSphere cluster. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-cluster datacenter="DC1" cluster_name="cluster" enable_ha="False" enable_drs="False" enable_vsan="False" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareCluster": [ + { + "changed": false, + "result": null, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * result: None + + +### vmware-cluster-drs +*** +Manage Distributed Resource Scheduler (DRS) on VMware vSphere clusters +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_drs_module.html + + +#### Base Command + +`vmware-cluster-drs` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | The name of the cluster to be managed. | Required | +| datacenter | The name of the datacenter. | Required | +| enable_drs | Whether to enable DRS. Default is no. | Optional | +| drs_enable_vm_behavior_overrides | Whether DRS Behavior overrides for individual virtual machines are enabled. If set to `True`, overrides `drs_default_vm_behavior`. Possible values are: Yes, No. Default is Yes. | Optional | +| drs_default_vm_behavior | Specifies the cluster-wide default DRS behavior for virtual machines. If set to `partiallyAutomated`, vCenter generates recommendations for virtual machine migration and for the placement with a host, then automatically implements placement recommendations at power on. If set to `manual`, then vCenter generates recommendations for virtual machine migration and for the placement with a host, but does not implement the recommendations automatically. If set to `fullyAutomated`, then vCenter automates both the migration of virtual machines and their placement with a host at power on. Possible values are: fullyAutomated, manual, partiallyAutomated. Default is fullyAutomated. | Optional | +| drs_vmotion_rate | Threshold for generated ClusterRecommendations. Possible values are: 1, 2, 3, 4, 5. Default is 3. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-cluster-drs datacenter="DC1" cluster_name="cluster" enable_drs="False" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareClusterDrs": [ + { + "changed": false, + "result": null, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * result: None + + +### vmware-cluster-ha +*** +Manage High Availability (HA) on VMware vSphere clusters +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_ha_module.html + + +#### Base Command + +`vmware-cluster-ha` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | The name of the cluster to be managed. | Required | +| datacenter | The name of the datacenter. | Required | +| enable_ha | Whether to enable HA. Default is no. | Optional | +| ha_host_monitoring | Whether HA restarts virtual machines after a host fails. If set to `enabled`, HA restarts virtual machines after a host fails. If set to `disabled`, HA does not restart virtual machines after a host fails. If `enable_ha` is set to `no`, then this value is ignored. Possible values are: enabled, disabled. Default is enabled. | Optional | +| ha_vm_monitoring | State of virtual machine health monitoring service. If set to `vmAndAppMonitoring`, HA response to both virtual machine and application heartbeat failure. If set to `vmMonitoringDisabled`, virtual machine health monitoring is disabled. If set to `vmMonitoringOnly`, HA response to virtual machine heartbeat failure. If `enable_ha` is set to `no`, then this value is ignored. Possible values are: vmAndAppMonitoring, vmMonitoringOnly, vmMonitoringDisabled. Default is vmMonitoringDisabled. | Optional | +| host_isolation_response | Indicates whether or VMs should be powered off if a host determines that it is isolated from the rest of the compute resource. If set to `none`, do not power off VMs in the event of a host network isolation. If set to `powerOff`, power off VMs in the event of a host network isolation. If set to `shutdown`, shut down VMs guest operating system in the event of a host network isolation. Possible values are: none, powerOff, shutdown. Default is none. | Optional | +| slot_based_admission_control | Configure slot based admission control policy. `slot_based_admission_control`, `reservation_based_admission_control` and `failover_host_admission_control` are mutually exclusive. | Optional | +| reservation_based_admission_control | Configure reservation based admission control policy. `slot_based_admission_control`, `reservation_based_admission_control` and `failover_host_admission_control` are mutually exclusive. | Optional | +| failover_host_admission_control | Configure dedicated failover hosts. `slot_based_admission_control`, `reservation_based_admission_control` and `failover_host_admission_control` are mutually exclusive. | Optional | +| ha_vm_failure_interval | The number of seconds after which virtual machine is declared as failed if no heartbeat has been received. This setting is only valid if `ha_vm_monitoring` is set to, either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds. Default is 30. | Optional | +| ha_vm_min_up_time | The number of seconds for the virtual machine's heartbeats to stabilize after the virtual machine has been powered on. Valid only when `ha_vm_monitoring` is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds. Default is 120. | Optional | +| ha_vm_max_failures | Maximum number of failures and automated resets allowed during the time that `ha_vm_max_failure_window` specifies. Valid only when `ha_vm_monitoring` is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`. Default is 3. | Optional | +| ha_vm_max_failure_window | The number of seconds for the window during which up to `ha_vm_max_failures` resets can occur before automated responses stop. Valid only when `ha_vm_monitoring` is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`. Unit is seconds. Default specifies no failure window. Default is -1. | Optional | +| ha_restart_priority | Priority HA gives to a virtual machine if sufficient capacity is not available to power on all failed virtual machines. Valid only if `ha_vm_monitoring` is set to either `vmAndAppMonitoring` or `vmMonitoringOnly`. If set to `disabled`, then HA is disabled for this virtual machine. If set to `high`, then virtual machine with this priority have a higher chance of powering on after a failure, when there is insufficient capacity on hosts to meet all virtual machine needs. If set to `medium`, then virtual machine with this priority have an intermediate chance of powering on after a failure, when there is insufficient capacity on hosts to meet all virtual machine needs. If set to `low`, then virtual machine with this priority have a lower chance of powering on after a failure, when there is insufficient capacity on hosts to meet all virtual machine needs. Possible values are: disabled, high, low, medium. Default is medium. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-cluster-ha datacenter="DC1" cluster_name="cluster" enable_ha="False" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareClusterHa": [ + { + "changed": false, + "result": null, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * result: None + + +### vmware-cluster-info +*** +Gather info about clusters available in given vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_info_module.html + + +#### Base Command + +`vmware-cluster-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter | Datacenter to search for cluster/s. This parameter is required, if `cluster_name` is not supplied. | Optional | +| cluster_name | Name of the cluster. If set, information of this cluster will be returned. This parameter is required, if `datacenter` is not supplied. | Optional | +| show_tag | Tags related to cluster are shown if set to `True`. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareClusterInfo.clusters | unknown | metadata about the available clusters | + + +#### Command Example +```!vmware-cluster-info datacenter="DC1" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareClusterInfo": [ + { + "changed": false, + "clusters": { + "cluster": { + "datacenter": "DC1", + "drs_default_vm_behavior": "fullyAutomated", + "drs_enable_vm_behavior_overrides": true, + "drs_vmotion_rate": 3, + "enable_ha": false, + "enabled_drs": false, + "enabled_vsan": false, + "ha_admission_control_enabled": true, + "ha_failover_level": 2, + "ha_host_monitoring": "enabled", + "ha_restart_priority": [ + "medium" + ], + "ha_vm_failure_interval": [ + 30 + ], + "ha_vm_max_failure_window": [ + -1 + ], + "ha_vm_max_failures": [ + 3 + ], + "ha_vm_min_up_time": [ + 120 + ], + "ha_vm_monitoring": "vmMonitoringDisabled", + "ha_vm_tools_monitoring": [ + "vmMonitoringDisabled" + ], + "hosts": [ + { + "folder": "/DC1/host/cluster", + "name": "esxi01" + } + ], + "moid": "domain-c7", + "resource_summary": { + "cpuCapacityMHz": 5330, + "cpuUsedMHz": 32, + "memCapacityMB": 6143, + "memUsedMB": 1487, + "pMemAvailableMB": null, + "pMemCapacityMB": null, + "storageCapacityMB": 7936, + "storageUsedMB": 1439 + }, + "tags": [], + "vsan_auto_claim_storage": false + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Clusters +> * ### Cluster +> * datacenter: DC1 +> * drs_default_vm_behavior: fullyAutomated +> * drs_enable_vm_behavior_overrides: True +> * drs_vmotion_rate: 3 +> * enable_ha: False +> * enabled_drs: False +> * enabled_vsan: False +> * ha_admission_control_enabled: True +> * ha_failover_level: 2 +> * ha_host_monitoring: enabled +> * ha_vm_monitoring: vmMonitoringDisabled +> * moid: domain-c7 +> * vsan_auto_claim_storage: False +> * #### Ha_Restart_Priority +> * 0: medium +> * #### Ha_Vm_Failure_Interval +> * 0: 30 +> * #### Ha_Vm_Max_Failure_Window +> * 0: -1 +> * #### Ha_Vm_Max_Failures +> * 0: 3 +> * #### Ha_Vm_Min_Up_Time +> * 0: 120 +> * #### Ha_Vm_Tools_Monitoring +> * 0: vmMonitoringDisabled +> * #### Hosts +> * #### esxi01 +> * folder: /DC1/host/cluster +> * name: esxi01 +> * #### Resource_Summary +> * cpuCapacityMHz: 5330 +> * cpuUsedMHz: 32 +> * memCapacityMB: 6143 +> * memUsedMB: 1487 +> * pMemAvailableMB: None +> * pMemCapacityMB: None +> * storageCapacityMB: 7936 +> * storageUsedMB: 1439 +> * #### Tags + + +### vmware-cluster-vsan +*** +Manages virtual storage area network (vSAN) configuration on VMware vSphere clusters +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_cluster_vsan_module.html + + +#### Base Command + +`vmware-cluster-vsan` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | The name of the cluster to be managed. | Required | +| datacenter | The name of the datacenter. | Required | +| enable_vsan | Whether to enable vSAN. Default is no. | Optional | +| vsan_auto_claim_storage | Whether the VSAN service is configured to automatically claim local storage on VSAN-enabled hosts in the cluster. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-content-deploy-template +*** +Deploy Virtual Machine from template stored in content library. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_content_deploy_template_module.html + + +#### Base Command + +`vmware-content-deploy-template` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| template | The name of template from which VM to be deployed. | Required | +| name | The name of the VM to be deployed. | Required | +| datacenter | Name of the datacenter, where VM to be deployed. | Required | +| datastore | Name of the datastore to store deployed VM and disk. | Required | +| folder | Name of the folder in datacenter in which to place deployed VM. | Required | +| host | Name of the ESX Host in datacenter in which to place deployed VM. | Required | +| resource_pool | Name of the resourcepool in datacenter in which to place deployed VM. | Optional | +| cluster | Name of the cluster in datacenter in which to place deployed VM. | Optional | +| state | The state of Virtual Machine deployed from template in content library. If set to `present` and VM does not exists, then VM is created. If set to `present` and VM exists, no action is taken. If set to `poweredon` and VM does not exists, then VM is created with powered on state. If set to `poweredon` and VM exists, no action is taken. Possible values are: present, poweredon. Default is present. | Optional | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareContentDeployTemplate.vm_deploy_info | unknown | Virtual machine deployment message and vm_id | + + + + +### vmware-content-library-info +*** +Gather information about VMware Content Library +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_content_library_info_module.html + + +#### Base Command + +`vmware-content-library-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| library_id | content library id for which details needs to be fetched. | Optional | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareContentLibraryInfo.content_lib_details | unknown | list of content library metadata | +| VMware.VmwareContentLibraryInfo.content_libs | unknown | list of content libraries | + + + + +### vmware-content-library-manager +*** +Create, update and delete VMware content library +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_content_library_manager_module.html + + +#### Base Command + +`vmware-content-library-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| library_name | The name of VMware content library to manage. | Required | +| library_description | The content library description. This is required only if `state` is set to `present`. This parameter is ignored, when `state` is set to `absent`. Process of updating content library only allows description change. | Optional | +| library_type | The content library type. This is required only if `state` is set to `present`. This parameter is ignored, when `state` is set to `absent`. Possible values are: local, subscribed. Default is local. | Optional | +| datastore_name | Name of the datastore on which backing content library is created. This is required only if `state` is set to `present`. This parameter is ignored, when `state` is set to `absent`. Currently only datastore backing creation is supported. | Optional | +| state | The state of content library. If set to `present` and library does not exists, then content library is created. If set to `present` and library exists, then content library is updated. If set to `absent` and library exists, then content library is deleted. If set to `absent` and library does not exists, no action is taken. Possible values are: present, absent. Default is present. | Optional | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareContentLibraryManager.content_library_info | unknown | library creation success and library_id | + + + + +### vmware-datacenter +*** +Manage VMware vSphere Datacenters +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_datacenter_module.html + + +#### Base Command + +`vmware-datacenter` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter_name | The name of the datacenter the cluster will be created in. | Required | +| state | If the datacenter should be present or absent. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-datacenter datacenter_name="DC1" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDatacenter": [ + { + "changed": false, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False + + +### vmware-datastore-cluster +*** +Manage VMware vSphere datastore clusters +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_datastore_cluster_module.html + + +#### Base Command + +`vmware-datastore-cluster` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter_name | The name of the datacenter. You must specify either a `datacenter_name` or a `folder`. Mutually exclusive with `folder` parameter. | Optional | +| datastore_cluster_name | The name of the datastore cluster. | Required | +| state | If the datastore cluster should be present or absent. Possible values are: present, absent. Default is present. | Optional | +| folder | Destination folder, absolute path to place datastore cluster in. The folder should include the datacenter. This parameter is case sensitive. You must specify either a `folder` or a `datacenter_name`. Examples: folder: /datacenter1/datastore folder: datacenter1/datastore folder: /datacenter1/datastore/folder1 folder: datacenter1/datastore/folder1 folder: /folder1/datacenter1/datastore folder: folder1/datacenter1/datastore folder: /folder1/datacenter1/datastore/folder2. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDatastoreCluster.result | string | information about datastore cluster operation | + + +#### Command Example +```!vmware-datastore-cluster datacenter_name="DC1" datastore_cluster_name="Storage_Cluster" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDatastoreCluster": [ + { + "changed": true, + "result": "Datastore cluster 'Storage_Cluster' created successfully.", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * result: Datastore cluster 'Storage_Cluster' created successfully. + + +### vmware-datastore-info +*** +Gather info about datastores available in given vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_datastore_info_module.html + + +#### Base Command + +`vmware-datastore-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the datastore to match. If set, information of specific datastores are returned. | Optional | +| datacenter | Datacenter to search for datastores. This parameter is required, if `cluster` is not supplied. | Optional | +| cluster | Cluster to search for datastores. If set, information of datastores belonging this clusters will be returned. This parameter is required, if `datacenter` is not supplied. | Optional | +| gather_nfs_mount_info | Gather mount information of NFS datastores. Disabled per default because this slows down the execution if you have a lot of datastores. Possible values are: Yes, No. Default is No. | Optional | +| gather_vmfs_mount_info | Gather mount information of VMFS datastores. Disabled per default because this slows down the execution if you have a lot of datastores. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDatastoreInfo.datastores | unknown | metadata about the available datastores | + + +#### Command Example +```!vmware-datastore-info datacenter_name="DC1" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDatastoreInfo": [ + { + "changed": false, + "datastores": [ + { + "accessible": true, + "capacity": 8321499136, + "datastore_cluster": "N/A", + "freeSpace": 6812598272, + "maintenanceMode": "normal", + "multipleHostAccess": false, + "name": "datastore1", + "provisioned": 1508900864, + "type": "VMFS", + "uncommitted": 0, + "url": "ds:///vmfs/volumes/60eafb85-4b6578d0-c0a8-000c29d92704/" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Datastores +> * ## Datastore1 +> * accessible: True +> * capacity: 8321499136 +> * datastore_cluster: N/A +> * freeSpace: 6812598272 +> * maintenanceMode: normal +> * multipleHostAccess: False +> * name: datastore1 +> * provisioned: 1508900864 +> * type: VMFS +> * uncommitted: 0 +> * url: ds:///vmfs/volumes/60eafb85-4b6578d0-c0a8-000c29d92704/ + + +### vmware-datastore-maintenancemode +*** +Place a datastore into maintenance mode +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_datastore_maintenancemode_module.html + + +#### Base Command + +`vmware-datastore-maintenancemode` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datastore | Name of datastore to manage. If `datastore_cluster` or `cluster_name` are not set, this parameter is required. | Optional | +| datastore_cluster | Name of the datastore cluster from all child datastores to be managed. If `datastore` or `cluster_name` are not set, this parameter is required. | Optional | +| cluster_name | Name of the cluster where datastore is connected to. If multiple datastores are connected to the given cluster, then all datastores will be managed by `state`. If `datastore` or `datastore_cluster` are not set, this parameter is required. | Optional | +| state | If set to `present`, then enter datastore into maintenance mode. If set to `present` and datastore is already in maintenance mode, then no action will be taken. If set to `absent` and datastore is in maintenance mode, then exit maintenance mode. If set to `absent` and datastore is not in maintenance mode, then no action will be taken. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDatastoreMaintenancemode.results | unknown | Action taken for datastore | + + +#### Command Example +```!vmware-datastore-maintenancemode datastore="datastore1" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDatastoreMaintenancemode": [ + { + "changed": true, + "datastore_status": { + "datastore1": "Datastore 'datastore1' entered in maintenance mode." + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Datastore_Status +> * datastore1: Datastore 'datastore1' entered in maintenance mode. + + +### vmware-dns-config +*** +Manage VMware ESXi DNS Configuration +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dns_config_module.html + + +#### Base Command + +`vmware-dns-config` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| change_hostname_to | The hostname that an ESXi host should be changed to. | Required | +| domainname | The domain the ESXi host should be apart of. | Required | +| dns_servers | The DNS servers that the host should be configured to use. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-dns-config change_hostname_to="esxi01" domainname="foo.org" dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDnsConfig": [ + { + "changed": false, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False + +### vmware-drs-group +*** +Creates vm/host group in a given cluster. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_drs_group_module.html + + +#### Base Command + +`vmware-drs-group` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Cluster to create vm/host group. | Required | +| datacenter | Datacenter to search for given cluster. If not set, we use first cluster we encounter with `cluster_name`. | Optional | +| group_name | The name of the group to create or remove. | Required | +| hosts | List of hosts to create in group. Required only if `vms` is not set. | Optional | +| state | If set to `present` and the group doesn't exists then the group will be created. If set to `absent` and the group exists then the group will be deleted. Possible values are: present, absent. Default is present. | Required | +| vms | List of vms to create in group. Required only if `hosts` is not set. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDrsGroup.drs_group_facts | unknown | Metadata about DRS group created | + + +#### Command Example +```!vmware-drs-group cluster_name="cluster" datacenter_name="DC1" group_name="TEST_VM_01" vms="Sample_VM" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDrsGroup": [ + { + "changed": false, + "msg": "Updated vm group TEST_VM_01 successfully", + "result": { + "cluster": [ + { + "group_name": "TEST_VM_01", + "type": "vm", + "vms": [ + "Sample_VM" + ] + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * msg: Updated vm group TEST_VM_01 successfully +> * ## Result +> * ### Cluster +> * ### Test_Vm_01 +> * group_name: TEST_VM_01 +> * type: vm +> * #### Vms +> * 0: Sample_VM + + +### vmware-drs-group-info +*** +Gathers info about DRS VM/Host groups on the given cluster +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_drs_group_info_module.html + + +#### Base Command + +`vmware-drs-group-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Cluster to search for VM/Host groups. If set, information of DRS groups belonging this cluster will be returned. Not needed if `datacenter` is set. | Optional | +| datacenter | Datacenter to search for DRS VM/Host groups. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDrsGroupInfo.drs_group_info | unknown | Metadata about DRS group from given cluster / datacenter | + + +#### Command Example +```!vmware-drs-group-info datacenter="DC1" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDrsGroupInfo": [ + { + "changed": false, + "drs_group_info": { + "cluster": [ + { + "group_name": "TEST_VM_01", + "type": "vm", + "vms": [ + "Sample_VM" + ] + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Drs_Group_Info +> * ### Cluster +> * ### Test_Vm_01 +> * group_name: TEST_VM_01 +> * type: vm +> * #### Vms +> * 0: Sample_VM + +### vmware-drs-rule-info +*** +Gathers info about DRS rule on the given cluster +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_drs_rule_info_module.html + + +#### Base Command + +`vmware-drs-rule-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. DRS information for the given cluster will be returned. This is required parameter if `datacenter` parameter is not provided. | Optional | +| datacenter | Name of the datacenter. DRS information for all the clusters from the given datacenter will be returned. This is required parameter if `cluster_name` parameter is not provided. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDrsRuleInfo.drs_rule_info | unknown | metadata about DRS rule from given cluster / datacenter | + + +#### Command Example +```!vmware-drs-rule-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDrsRuleInfo": [ + { + "changed": false, + "drs_rule_info": { + "cluster": [] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Drs_Rule_Info +> * ### Cluster + + +### vmware-dvs-host +*** +Add or remove a host from distributed virtual switch +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_host_module.html + + +#### Base Command + +`vmware-dvs-host` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | The ESXi hostname. | Required | +| switch_name | The name of the Distributed vSwitch. | Required | +| vmnics | The ESXi hosts vmnics to use with the Distributed vSwitch. | Required | +| state | If the host should be present or absent attached to the vSwitch. Possible values are: present, absent. Default is present. | Required | +| vendor_specific_config | List of key,value dictionaries for the Vendor Specific Configuration. Element attributes are: - `key` (str): Key of setting. (default: None) - `value` (str): Value of setting. (default: None). | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-dvs-portgroup +*** +Create or remove a Distributed vSwitch portgroup. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_portgroup_module.html + + +#### Base Command + +`vmware-dvs-portgroup` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| portgroup_name | The name of the portgroup that is to be created or deleted. | Required | +| switch_name | The name of the distributed vSwitch the port group should be created on. | Required | +| vlan_id | The VLAN ID that should be configured with the portgroup, use 0 for no VLAN. If `vlan_trunk` is configured to be `true`, this can be a combination of multiple ranges and numbers, example: 1-200, 205, 400-4094. The valid `vlan_id` range is from 0 to 4094. Overlapping ranges are allowed. | Required | +| num_ports | The number of ports the portgroup should contain. | Required | +| portgroup_type | See VMware KB 1022312 regarding portgroup types. Possible values are: earlyBinding, lateBinding, ephemeral. | Required | +| state | Determines if the portgroup should be present or not. Possible values are: present, absent. | Required | +| vlan_trunk | Indicates whether this is a VLAN trunk or not. Possible values are: Yes, No. Default is No. | Optional | +| network_policy | Dictionary which configures the different security values for portgroup. Valid attributes are: - `promiscuous` (bool): indicates whether promiscuous mode is allowed. (default: false) - `forged_transmits` (bool): indicates whether forged transmits are allowed. (default: false) - `mac_changes` (bool): indicates whether mac changes are allowed. (default: false). Default is {'promiscuous': False, 'forged_transmits': False, 'mac_changes': False}. | Optional | +| teaming_policy | Dictionary which configures the different teaming values for portgroup. Valid attributes are: - `load_balance_policy` (string): Network adapter teaming policy. (default: loadbalance_srcid) - choices: [ loadbalance_ip, loadbalance_srcmac, loadbalance_srcid, loadbalance_loadbased, failover_explicit] - "loadbalance_loadbased" is available from version 2.6 and onwards - `inbound_policy` (bool): Indicate whether or not the teaming policy is applied to inbound frames as well. (default: False) - `notify_switches` (bool): Indicate whether or not to notify the physical switch if a link fails. (default: True) - `rolling_order` (bool): Indicate whether or not to use a rolling policy when restoring links. (default: False). Default is {'notify_switches': True, 'load_balance_policy': 'loadbalance_srcid', 'inbound_policy': False, 'rolling_order': False}. | Optional | +| port_policy | Dictionary which configures the advanced policy settings for the portgroup. Valid attributes are: - `block_override` (bool): indicates if the block policy can be changed per port. (default: true) - `ipfix_override` (bool): indicates if the ipfix policy can be changed per port. (default: false) - `live_port_move` (bool): indicates if a live port can be moved in or out of the portgroup. (default: false) - `network_rp_override` (bool): indicates if the network resource pool can be changed per port. (default: false) - `port_config_reset_at_disconnect` (bool): indicates if the configuration of a port is reset automatically after disconnect. (default: true) - `security_override` (bool): indicates if the security policy can be changed per port. (default: false) - `shaping_override` (bool): indicates if the shaping policy can be changed per port. (default: false) - `traffic_filter_override` (bool): indicates if the traffic filter can be changed per port. (default: false) - `uplink_teaming_override` (bool): indicates if the uplink teaming policy can be changed per port. (default: false) - `vendor_config_override` (bool): indicates if the vendor config can be changed per port. (default: false) - `vlan_override` (bool): indicates if the vlan can be changed per port. (default: false). Default is {'traffic_filter_override': False, 'network_rp_override': False, 'live_port_move': False, 'security_override': False, 'vendor_config_override': False, 'port_config_reset_at_disconnect': True, 'uplink_teaming_override': False, 'block_override': True, 'shaping_override': False, 'vlan_override': False, 'ipfix_override': False}. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-dvs-portgroup portgroup_name="vlan-123-portrgoup" switch_name="dvSwitch" vlan_id="123" num_ports="120" portgroup_type="earlyBinding" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDvsPortgroup": [ + { + "changed": true, + "result": "None", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * result: None + +### vmware-dvs-portgroup-find +*** +Find portgroup(s) in a VMware environment +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_portgroup_find_module.html + + +#### Base Command + +`vmware-dvs-portgroup-find` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| dvswitch | Name of a distributed vSwitch to look for. | Optional | +| vlanid | VLAN id can be any number between 1 and 4094. This search criteria will looks into VLAN ranges to find possible matches. | Optional | +| name | string to check inside the name of the portgroup. Basic containment check using python `in` operation. | Optional | +| show_uplink | Show or hide uplink portgroups. Only relevant when `vlanid` is supplied. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDvsPortgroupFind.dvs_portgroups | unknown | basic details of portgroups found | + + +#### Command Example +```!vmware-dvs-portgroup-find dvswitch="dvSwitch" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDvsPortgroupFind": [ + { + "changed": false, + "dvs_portgroups": [ + { + "dvswitch": "dvSwitch", + "name": "vlan-123-portrgoup", + "pvlan": false, + "trunk": false, + "vlan_id": "123" + }, + { + "dvswitch": "dvSwitch", + "name": "dvSwitch-DVUplinks-23", + "pvlan": false, + "trunk": true, + "vlan_id": "0-4094" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Dvs_Portgroups +> * ## Vlan-123-Portrgoup +> * dvswitch: dvSwitch +> * name: vlan-123-portrgoup +> * pvlan: False +> * trunk: False +> * vlan_id: 123 +> * ## Dvswitch-Dvuplinks-23 +> * dvswitch: dvSwitch +> * name: dvSwitch-DVUplinks-23 +> * pvlan: False +> * trunk: True +> * vlan_id: 0-4094 + + +### vmware-dvs-portgroup-info +*** +Gathers info DVS portgroup configurations +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvs_portgroup_info_module.html + + +#### Base Command + +`vmware-dvs-portgroup-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter | Name of the datacenter. | Required | +| dvswitch | Name of a dvswitch to look for. | Optional | +| show_network_policy | Show or hide network policies of DVS portgroup. Possible values are: Yes, No. Default is Yes. | Optional | +| show_port_policy | Show or hide port policies of DVS portgroup. Possible values are: Yes, No. Default is Yes. | Optional | +| show_teaming_policy | Show or hide teaming policies of DVS portgroup. Possible values are: Yes, No. Default is Yes. | Optional | +| show_vlan_info | Show or hide vlan information of the DVS portgroup. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDvsPortgroupInfo.dvs_portgroup_info | unknown | metadata about DVS portgroup configuration | + + +#### Command Example +```!vmware-dvs-portgroup-info datacenter="DC1"``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDvsPortgroupInfo": [ + { + "changed": false, + "dvs_portgroup_info": { + "dvSwitch": [ + { + "description": null, + "dvswitch_name": "dvSwitch", + "key": "dvportgroup-25", + "network_policy": { + "forged_transmits": false, + "mac_changes": false, + "promiscuous": false + }, + "num_ports": 120, + "port_policy": { + "block_override": true, + "ipfix_override": false, + "live_port_move": false, + "network_rp_override": false, + "port_config_reset_at_disconnect": true, + "security_override": false, + "shaping_override": false, + "traffic_filter_override": false, + "uplink_teaming_override": false, + "vendor_config_override": false, + "vlan_override": false + }, + "portgroup_name": "vlan-123-portrgoup", + "teaming_policy": { + "inbound_policy": false, + "notify_switches": true, + "policy": "loadbalance_srcid", + "rolling_order": false + }, + "type": "earlyBinding", + "vlan_info": {} + }, + { + "description": null, + "dvswitch_name": "dvSwitch", + "key": "dvportgroup-24", + "network_policy": { + "forged_transmits": true, + "mac_changes": false, + "promiscuous": false + }, + "num_ports": 0, + "port_policy": { + "block_override": true, + "ipfix_override": false, + "live_port_move": false, + "network_rp_override": false, + "port_config_reset_at_disconnect": true, + "security_override": false, + "shaping_override": false, + "traffic_filter_override": false, + "uplink_teaming_override": false, + "vendor_config_override": false, + "vlan_override": false + }, + "portgroup_name": "dvSwitch-DVUplinks-23", + "teaming_policy": { + "inbound_policy": true, + "notify_switches": true, + "policy": "loadbalance_srcid", + "rolling_order": false + }, + "type": "earlyBinding", + "vlan_info": {} + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Dvs_Portgroup_Info +> * ### Dvswitch +> * ### Dvswitch +> * description: None +> * dvswitch_name: dvSwitch +> * key: dvportgroup-25 +> * num_ports: 120 +> * portgroup_name: vlan-123-portrgoup +> * type: earlyBinding +> * #### Network_Policy +> * forged_transmits: False +> * mac_changes: False +> * promiscuous: False +> * #### Port_Policy +> * block_override: True +> * ipfix_override: False +> * live_port_move: False +> * network_rp_override: False +> * port_config_reset_at_disconnect: True +> * security_override: False +> * shaping_override: False +> * traffic_filter_override: False +> * uplink_teaming_override: False +> * vendor_config_override: False +> * vlan_override: False +> * #### Teaming_Policy +> * inbound_policy: False +> * notify_switches: True +> * policy: loadbalance_srcid +> * rolling_order: False +> * #### Vlan_Info +> * ### Dvswitch +> * description: None +> * dvswitch_name: dvSwitch +> * key: dvportgroup-24 +> * num_ports: 0 +> * portgroup_name: dvSwitch-DVUplinks-23 +> * type: earlyBinding +> * #### Network_Policy +> * forged_transmits: True +> * mac_changes: False +> * promiscuous: False +> * #### Port_Policy +> * block_override: True +> * ipfix_override: False +> * live_port_move: False +> * network_rp_override: False +> * port_config_reset_at_disconnect: True +> * security_override: False +> * shaping_override: False +> * traffic_filter_override: False +> * uplink_teaming_override: False +> * vendor_config_override: False +> * vlan_override: False +> * #### Teaming_Policy +> * inbound_policy: True +> * notify_switches: True +> * policy: loadbalance_srcid +> * rolling_order: False +> * #### Vlan_Info + + +### vmware-dvswitch +*** +Create or remove a Distributed Switch +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_module.html + + +#### Base Command + +`vmware-dvswitch` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter_name | The name of the datacenter that will contain the Distributed Switch. This parameter is optional, if `folder` is provided. Mutually exclusive with `folder` parameter. | Optional | +| switch_name | The name of the distribute vSwitch to create or remove. | Required | +| switch_version | The version of the Distributed Switch to create. Can be 6.0.0, 5.5.0, 5.1.0, 5.0.0 with a vCenter running vSphere 6.0 and 6.5. Can be 6.6.0, 6.5.0, 6.0.0 with a vCenter running vSphere 6.7. The version must match the version of the ESXi hosts you want to connect. The version of the vCenter server is used if not specified. Required only if `state` is set to `present`. Possible values are: 5.0.0, 5.1.0, 5.5.0, 6.0.0, 6.5.0, 6.6.0. | Optional | +| mtu | The switch maximum transmission unit. Required parameter for `state` both `present` and `absent`, before Ansible 2.6 version. Required only if `state` is set to `present`, for Ansible 2.6 and onwards. Accepts value between 1280 to 9000 (both inclusive). Default is 1500. | Optional | +| multicast_filtering_mode | The multicast filtering mode. `basic` mode: multicast traffic for virtual machines is forwarded according to the destination MAC address of the multicast group. `snooping` mode: the Distributed Switch provides IGMP and MLD snooping according to RFC 4541. Possible values are: basic, snooping. Default is basic. | Optional | +| uplink_quantity | Quantity of uplink per ESXi host added to the Distributed Switch. The uplink quantity can be increased or decreased, but a decrease will only be successfull if the uplink isn't used by a portgroup. Required parameter for `state` both `present` and `absent`, before Ansible 2.6 version. Required only if `state` is set to `present`, for Ansible 2.6 and onwards. | Optional | +| uplink_prefix | The prefix used for the naming of the uplinks. Only valid if the Distributed Switch will be created. Not used if the Distributed Switch is already present. Uplinks are created as Uplink 1, Uplink 2, etc. pp. by default. Default is Uplink . | Optional | +| discovery_proto | Link discovery protocol between Cisco and Link Layer discovery. Required parameter for `state` both `present` and `absent`, before Ansible 2.6 version. Required only if `state` is set to `present`, for Ansible 2.6 and onwards. `cdp`: Use Cisco Discovery Protocol (CDP). `lldp`: Use Link Layer Discovery Protocol (LLDP). `disabled`: Do not use a discovery protocol. Possible values are: cdp, lldp, disabled. Default is cdp. | Optional | +| discovery_operation | Select the discovery operation. Required parameter for `state` both `present` and `absent`, before Ansible 2.6 version. Required only if `state` is set to `present`, for Ansible 2.6 and onwards. Possible values are: both, advertise, listen. Default is listen. | Optional | +| contact | Dictionary which configures administrator contact name and description for the Distributed Switch. Valid attributes are: - `name` (str): Administrator name. - `description` (str): Description or other details. | Optional | +| description | Description of the Distributed Switch. | Optional | +| health_check | Dictionary which configures Health Check for the Distributed Switch. Valid attributes are: - `vlan_mtu` (bool): VLAN and MTU health check. (default: False) - `teaming_failover` (bool): Teaming and failover health check. (default: False) - `vlan_mtu_interval` (int): VLAN and MTU health check interval (minutes). (default: 0) - The default for `vlan_mtu_interval` is 1 in the vSphere Client if the VLAN and MTU health check is enabled. - `teaming_failover_interval` (int): Teaming and failover health check interval (minutes). (default: 0) - The default for `teaming_failover_interval` is 1 in the vSphere Client if the Teaming and failover health check is enabled. Default is {'vlan_mtu': False, 'teaming_failover': False, 'vlan_mtu_interval': 0, 'teaming_failover_interval': 0}. | Optional | +| state | If set to `present` and the Distributed Switch doesn't exists then the Distributed Switch will be created. If set to `absent` and the Distributed Switch exists then the Distributed Switch will be deleted. Possible values are: present, absent. Default is present. | Optional | +| folder | Destination folder, absolute path to place dvswitch in. The folder should include the datacenter. This parameter is case sensitive. This parameter is optional, if `datacenter` is provided. Examples: folder: /datacenter1/network folder: datacenter1/network folder: /datacenter1/network/folder1 folder: datacenter1/network/folder1 folder: /folder1/datacenter1/network folder: folder1/datacenter1/network folder: /folder1/datacenter1/network/folder2. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDvswitch.result | string | information about performed operation | + + +#### Command Example +```!vmware-dvswitch datacenter="DC1" switch_name="dvSwitch" version="6.0.0" mtu="9000" uplink_quantity="2" discovery_protocol="lldp" discovery_operation="both" state="present" datacenter_name="DC1"``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDvswitch": [ + { + "changed": true, + "result": "DVS created", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * result: DVS created + +### vmware-dvswitch-lacp +*** +Manage LACP configuration on a Distributed Switch +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_lacp_module.html + + +#### Base Command + +`vmware-dvswitch-lacp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| switch | The name of the Distributed Switch to manage. | Required | +| support_mode | The LACP support mode. `basic`: One Link Aggregation Control Protocol group in the switch (singleLag). `enhanced`: Multiple Link Aggregation Control Protocol groups in the switch (multipleLag). Possible values are: basic, enhanced. Default is basic. | Optional | +| link_aggregation_groups | Can only be used if `lacp_support` is set to `enhanced`. The following parameters are required: - `name` (string): Name of the LAG. - `uplink_number` (int): Number of uplinks. Can 1 to 30. - `mode` (string): The negotiating state of the uplinks/ports. - choices: [ active, passive ] - `load_balancing_mode` (string): Load balancing algorithm. - Valid attributes are: - srcTcpUdpPort: Source TCP/UDP port number. - srcDestIpTcpUdpPortVlan: Source and destination IP, source and destination TCP/UDP port number and VLAN. - srcIpVlan: Source IP and VLAN. - srcDestTcpUdpPort: Source and destination TCP/UDP port number. - srcMac: Source MAC address. - destIp: Destination IP. - destMac: Destination MAC address. - vlan: VLAN only. - srcDestIp: Source and Destination IP. - srcIpTcpUdpPortVlan: Source IP, TCP/UDP port number and VLAN. - srcDestIpTcpUdpPort: Source and destination IP and TCP/UDP port number. - srcDestMac: Source and destination MAC address. - destIpTcpUdpPort: Destination IP and TCP/UDP port number. - srcPortId: Source Virtual Port Id. - srcIp: Source IP. - srcIpTcpUdpPort: Source IP and TCP/UDP port number. - destIpTcpUdpPortVlan: Destination IP, TCP/UDP port number and VLAN. - destTcpUdpPort: Destination TCP/UDP port number. - destIpVlan: Destination IP and VLAN. - srcDestIpVlan: Source and destination IP and VLAN. - The default load balancing mode in the vSphere Client is srcDestIpTcpUdpPortVlan. Please see examples for more information. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDvswitchLacp.result | string | information about performed operation | + + +#### Command Example +```!vmware-dvswitch-lacp switch="dvSwitch" support_mode="enhanced" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDvswitchLacp": [ + { + "changed": true, + "dvswitch": "dvSwitch", + "link_aggregation_groups": [], + "result": "support mode changed", + "status": "CHANGED", + "support_mode": "enhanced", + "support_mode_previous": "basic" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * dvswitch: dvSwitch +> * result: support mode changed +> * support_mode: enhanced +> * support_mode_previous: basic +> * ## Link_Aggregation_Groups + +### vmware-dvswitch-nioc +*** +Manage distributed switch Network IO Control +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_nioc_module.html + + +#### Base Command + +`vmware-dvswitch-nioc` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| switch | The name of the distributed switch. | Required | +| version | Network IO control version. Possible values are: version2, version3. | Optional | +| state | Enable or disable NIOC on the distributed switch. Possible values are: present, absent. Default is present. | Optional | +| resources | List of dicts containing { name: Resource name is one of the following: "faultTolerance", "hbr", "iSCSI", "management", "nfs", "vdp", "virtualMachine", "vmotion", "vsan" limit: The maximum allowed usage for a traffic class belonging to this resource pool per host physical NIC. reservation: (Ignored if NIOC version is set to version2) Amount of bandwidth resource that is guaranteed available to the host infrastructure traffic class. If the utilization is less than the reservation, the extra bandwidth is used for other host infrastructure traffic class types. Reservation is not allowed to exceed the value of limit, if limit is set. Unit is Mbits/sec. shares_level: The allocation level ("low", "normal", "high", "custom"). The level is a simplified view of shares. Levels map to a pre-determined set of numeric values for shares. shares: Ignored unless shares_level is "custom". The number of shares allocated. reservation: Ignored unless version is "version3". Amount of bandwidth resource that is guaranteed available to the host infrastructure traffic class. }. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDvswitchNioc.dvswitch_nioc_status | string | result of the changes | +| VMware.VmwareDvswitchNioc.resources_changed | unknown | list of resources which were changed | + + +#### Command Example +```!vmware-dvswitch-nioc switch="dvSwitch" version="version3" resources="{{ [{'name': 'vmotion', 'limit': -1, 'reservation': 128, 'shares_level': 'normal'}, {'name': 'vsan', 'limit': -1, 'shares_level': 'custom', 'shares': 99, 'reservation': 256}] }}" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDvswitchNioc": [ + { + "changed": true, + "dvswitch_nioc_status": "Enabled NIOC with version version3", + "resources_changed": [ + "vmotion", + "vsan" + ], + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * dvswitch_nioc_status: Enabled NIOC with version version3 +> * ## Resources_Changed +> * 0: vmotion +> * 1: vsan + +### vmware-dvswitch-pvlans +*** +Manage Private VLAN configuration of a Distributed Switch +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_pvlans_module.html + + +#### Base Command + +`vmware-dvswitch-pvlans` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| switch | The name of the Distributed Switch. | Required | +| primary_pvlans | A list of VLAN IDs that should be configured as Primary PVLANs. If `primary_pvlans` isn't specified, all PVLANs will be deleted if present. Each member of the list requires primary_pvlan_id (int) set. The secondary promiscuous PVLAN will be created automatically. If `secondary_pvlans` isn't specified, the primary PVLANs and each secondary promiscuous PVLAN will be created. Please see examples for more information. | Optional | +| secondary_pvlans | A list of VLAN IDs that should be configured as Secondary PVLANs. `primary_pvlans` need to be specified to create any Secondary PVLAN. If `primary_pvlans` isn't specified, all PVLANs will be deleted if present. Each member of the list requires primary_pvlan_id (int), secondary_pvlan_id (int), and pvlan_type (str) to be set. The type of the secondary PVLAN can be isolated or community. The secondary promiscuous PVLAN will be created automatically. Please see examples for more information. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDvswitchPvlans.result | string | information about performed operation | + + + + +### vmware-dvswitch-uplink-pg +*** +Manage uplink portproup configuration of a Distributed Switch +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_dvswitch_uplink_pg_module.html + + +#### Base Command + +`vmware-dvswitch-uplink-pg` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| switch | The name of the Distributed Switch. | Required | +| name | The name of the uplink portgroup. The current name will be used if not specified. | Optional | +| description | The description of the uplink portgroup. | Optional | +| advanced | Dictionary which configures the advanced policy settings for the uplink portgroup. Valid attributes are: - `port_config_reset_at_disconnect` (bool): indicates if the configuration of a port is reset automatically after disconnect. (default: true) - `block_override` (bool): indicates if the block policy can be changed per port. (default: true) - `netflow_override` (bool): indicates if the NetFlow policy can be changed per port. (default: false) - `traffic_filter_override` (bool): indicates if the traffic filter can be changed per port. (default: false) - `vendor_config_override` (bool): indicates if the vendor config can be changed per port. (default: false) - `vlan_override` (bool): indicates if the vlan can be changed per port. (default: false). Default is {'port_config_reset_at_disconnect': True, 'block_override': True, 'vendor_config_override': False, 'vlan_override': False, 'netflow_override': False, 'traffic_filter_override': False}. | Optional | +| vlan_trunk_range | The VLAN trunk range that should be configured with the uplink portgroup. This can be a combination of multiple ranges and numbers, example: [ 2-3967, 4049-4092 ]. Default is ['0-4094']. | Optional | +| lacp | Dictionary which configures the LACP settings for the uplink portgroup. The options are only used if the LACP support mode is set to 'basic'. The following parameters are required: - `status` (str): Indicates if LACP is enabled. (default: disabled) - `mode` (str): The negotiating state of the uplinks/ports. (default: passive). Default is {'status': 'disabled', 'mode': 'passive'}. | Optional | +| netflow_enabled | Indicates if NetFlow is enabled on the uplink portgroup. Possible values are: Yes, No. Default is No. | Optional | +| block_all_ports | Indicates if all ports are blocked on the uplink portgroup. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareDvswitchUplinkPg.result | string | information about performed operation | + + +#### Command Example +```!vmware-dvswitch-uplink-pg switch="dvSwitch" name="dvSwitch-DVUplinks" advanced="{{ {'port_config_reset_at_disconnect': True, 'block_override': True, 'vendor_config_override': False, 'vlan_override': False, 'netflow_override': False, 'traffic_filter_override': False} }}" vlan_trunk_range="0-4094" netflow_enabled="False" block_all_ports="False" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareDvswitchUplinkPg": [ + { + "adv_block_ports": true, + "adv_netflow": false, + "adv_reset_at_disconnect": true, + "adv_traffic_filtering": false, + "adv_vendor_conf": false, + "adv_vlan": false, + "block_all_ports": false, + "changed": true, + "description": null, + "dvswitch": "dvSwitch", + "name": "dvSwitch-DVUplinks", + "name_previous": "dvSwitch-DVUplinks-23", + "netflow_enabled": false, + "result": "name changed", + "status": "CHANGED", + "vlan_trunk_range": [ + "0-4094" + ] + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * adv_block_ports: True +> * adv_netflow: False +> * adv_reset_at_disconnect: True +> * adv_traffic_filtering: False +> * adv_vendor_conf: False +> * adv_vlan: False +> * block_all_ports: False +> * changed: True +> * description: None +> * dvswitch: dvSwitch +> * name: dvSwitch-DVUplinks +> * name_previous: dvSwitch-DVUplinks-23 +> * netflow_enabled: False +> * result: name changed +> * ## Vlan_Trunk_Range +> * 0: 0-4094 + +### vmware-evc-mode +*** +Enable/Disable EVC mode on vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_evc_mode_module.html + + +#### Base Command + +`vmware-evc-mode` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter_name | The name of the datacenter the cluster belongs to that you want to enable or disable EVC mode on. | Required | +| cluster_name | The name of the cluster to enable or disable EVC mode on. | Required | +| evc_mode | Required for `state=present`. The EVC mode to enable or disable on the cluster. (intel-broadwell, intel-nehalem, intel-merom, etc.). | Required | +| state | Add or remove EVC mode. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareEvcMode.result | string | information about performed operation | + + +#### Command Example +```!vmware-evc-mode datacenter_name="DC1" cluster_name="cluster" evc_mode="intel-merom" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareEvcMode": [ + { + "changed": false, + "msg": "EVC Mode is already set to 'intel-merom' on 'cluster'.", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * msg: EVC Mode is already set to 'intel-merom' on 'cluster'. + + + +### vmware-folder-info +*** +Provides information about folders in a datacenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_folder_info_module.html + + +#### Base Command + +`vmware-folder-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter | Name of the datacenter. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareFolderInfo.folder_info | string | dict about folders | + + +#### Command Example +```!vmware-folder-info datacenter="DC1" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareFolderInfo": [ + { + "changed": false, + "flat_folder_info": [ + { + "moid": "group-v3", + "path": "/DC1/vm" + } + ], + "folder_info": { + "datastoreFolders": { + "moid": "group-s5", + "path": "/DC1/datastore", + "subfolders": { + "Storage_Cluster": { + "moid": "group-p13", + "path": "/DC1/datastore/Storage_Cluster", + "subfolders": {} + } + } + }, + "hostFolders": { + "moid": "group-h4", + "path": "/DC1/host", + "subfolders": {} + }, + "networkFolders": { + "moid": "group-n6", + "path": "/DC1/network", + "subfolders": {} + }, + "vmFolders": { + "moid": "group-v3", + "path": "/DC1/vm", + "subfolders": { + "Discovered virtual machine": { + "moid": "group-v9", + "path": "/DC1/vm/Discovered virtual machine", + "subfolders": {} + } + } + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Flat_Folder_Info +> * ## Group-V3 +> * moid: group-v3 +> * path: /DC1/vm +> * ## Folder_Info +> * ### Datastorefolders +> * moid: group-s5 +> * path: /DC1/datastore +> * #### Subfolders +> * ##### Storage_Cluster +> * moid: group-p13 +> * path: /DC1/datastore/Storage_Cluster +> * ###### Subfolders +> * ### Hostfolders +> * moid: group-h4 +> * path: /DC1/host +> * #### Subfolders +> * ### Networkfolders +> * moid: group-n6 +> * path: /DC1/network +> * #### Subfolders +> * ### Vmfolders +> * moid: group-v3 +> * path: /DC1/vm +> * #### Subfolders +> * ##### Discovered Virtual Machine +> * moid: group-v9 +> * path: /DC1/vm/Discovered virtual machine +> * ###### Subfolders + + +### vmware-guest +*** +Manages virtual machines in vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_module.html + + +#### Base Command + +`vmware-guest` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Specify the state the virtual machine should be in. If `state` is set to `present` and virtual machine exists, ensure the virtual machine configurations conforms to task arguments. If `state` is set to `absent` and virtual machine exists, then the specified virtual machine is removed with its associated components. If `state` is set to one of the following `poweredon`, `poweredoff`, `present`, `restarted`, `suspended` and virtual machine does not exists, then virtual machine is deployed with given parameters. If `state` is set to `poweredon` and virtual machine exists with powerstate other than powered on, then the specified virtual machine is powered on. If `state` is set to `poweredoff` and virtual machine exists with powerstate other than powered off, then the specified virtual machine is powered off. If `state` is set to `restarted` and virtual machine exists, then the virtual machine is restarted. If `state` is set to `suspended` and virtual machine exists, then the virtual machine is set to suspended mode. If `state` is set to `shutdownguest` and virtual machine exists, then the virtual machine is shutdown. If `state` is set to `rebootguest` and virtual machine exists, then the virtual machine is rebooted. Possible values are: present, absent, poweredon, poweredoff, restarted, suspended, shutdownguest, rebootguest. Default is present. | Optional | +| name | Name of the virtual machine to work with. Virtual machine names in vCenter are not necessarily unique, which may be problematic, see `name_match`. If multiple virtual machines with same name exists, then `folder` is required parameter to identify uniqueness of the virtual machine. This parameter is required, if `state` is set to `poweredon`, `poweredoff`, `present`, `restarted`, `suspended` and virtual machine does not exists. This parameter is case sensitive. | Required | +| name_match | If multiple virtual machines matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| uuid | UUID of the virtual machine to manage if known, this is VMware's unique identifier. This is required if `name` is not supplied. If virtual machine does not exists, then this parameter is ignored. Please note that a supplied UUID will be ignored on virtual machine creation, as VMware creates the UUID internally. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| template | Template or existing virtual machine used to create new virtual machine. If this value is not set, virtual machine is created without using a template. If the virtual machine already exists, this parameter will be ignored. This parameter is case sensitive. You can also specify template or VM UUID for identifying source. version_added 2.8. Use `hw_product_uuid` from `vmware_guest_facts` as UUID value. From version 2.8 onwards, absolute path to virtual machine or template can be used. | Optional | +| is_template | Flag the instance as a template. This will mark the given virtual machine as template. Default is no. | Optional | +| folder | Destination folder, absolute path to find an existing guest or create the new guest. The folder should include the datacenter. ESX's datacenter is ha-datacenter. This parameter is case sensitive. This parameter is required, while deploying new virtual machine. version_added 2.5. If multiple machines are found with same name, this parameter is used to identify uniqueness of the virtual machine. version_added 2.5 Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| hardware | Manage virtual machine's hardware attributes. All parameters case sensitive. Valid attributes are: - `hotadd_cpu` (boolean): Allow virtual CPUs to be added while the virtual machine is running. - `hotremove_cpu` (boolean): Allow virtual CPUs to be removed while the virtual machine is running. version_added: 2.5 - `hotadd_memory` (boolean): Allow memory to be added while the virtual machine is running. - `memory_mb` (integer): Amount of memory in MB. - `nested_virt` (bool): Enable nested virtualization. version_added: 2.5 - `num_cpus` (integer): Number of CPUs. - `num_cpu_cores_per_socket` (integer): Number of Cores Per Socket. `num_cpus` must be a multiple of `num_cpu_cores_per_socket`. For example to create a VM with 2 sockets of 4 cores, specify `num_cpus`: 8 and `num_cpu_cores_per_socket`: 4 - `scsi` (string): Valid values are `buslogic`, `lsilogic`, `lsilogicsas` and `paravirtual` (default). - `memory_reservation_lock` (boolean): If set true, memory resource reservation for the virtual machine will always be equal to the virtual machine's memory size. version_added: 2.5 - `max_connections` (integer): Maximum number of active remote display connections for the virtual machines. version_added: 2.5. - `mem_limit` (integer): The memory utilization of a virtual machine will not exceed this limit. Unit is MB. version_added: 2.5 - `mem_reservation` (integer): The amount of memory resource that is guaranteed available to the virtual machine. Unit is MB. `memory_reservation` is alias to this. version_added: 2.5 - `cpu_limit` (integer): The CPU utilization of a virtual machine will not exceed this limit. Unit is MHz. version_added: 2.5 - `cpu_reservation` (integer): The amount of CPU resource that is guaranteed available to the virtual machine. Unit is MHz. version_added: 2.5 - `version` (integer): The Virtual machine hardware versions. Default is 10 (ESXi 5.5 and onwards). Please check VMware documentation for correct virtual machine hardware version. Incorrect hardware version may lead to failure in deployment. If hardware version is already equal to the given version then no action is taken. version_added: 2.6 - `boot_firmware` (string): Choose which firmware should be used to boot the virtual machine. Allowed values are "bios" and "efi". version_added: 2.7 - `virt_based_security` (bool): Enable Virtualization Based Security feature for Windows 10. (Support from Virtual machine hardware version 14, Guest OS Windows 10 64 bit, Windows Server 2016). | Optional | +| guest_id | Set the guest ID. This parameter is case sensitive. Examples: virtual machine with RHEL7 64 bit, will be 'rhel7_64Guest' virtual machine with CentOS 64 bit, will be 'centos64Guest' virtual machine with Ubuntu 64 bit, will be 'ubuntu64Guest' This field is required when creating a virtual machine, not required when creating from the template. Valid values are referenced here: `https://code.vmware.com/apis/358/doc/vim.vm.GuestOsDescriptor.GuestOsIdentifier.html`. | Optional | +| disk | A list of disks to add. This parameter is case sensitive. Shrinking disks is not supported. Removing existing disks of the virtual machine is not supported. Valid attributes are: - `size_[tb,gb,mb,kb]` (integer): Disk storage size in specified unit. - `type` (string): Valid values are: - `thin` thin disk - `eagerzeroedthick` eagerzeroedthick disk, added in version 2.5 Default: `None` thick disk, no eagerzero. - `datastore` (string): The name of datastore which will be used for the disk. If `autoselect_datastore` is set to True, then will select the less used datastore whose name contains this "disk.datastore" string. - `filename` (string): Existing disk image to be used. Filename must already exist on the datastore. Specify filename string in `[datastore_name] path/to/file.vmdk` format. Added in version 2.8. - `autoselect_datastore` (bool): select the less used datastore. "disk.datastore" and "disk.autoselect_datastore" will not be used if `datastore` is specified outside this `disk` configuration. - `disk_mode` (string): Type of disk mode. Added in version 2.6 - Available options are : - `persistent`: Changes are immediately and permanently written to the virtual disk. This is default. - `independent_persistent`: Same as persistent, but not affected by snapshots. - `independent_nonpersistent`: Changes to virtual disk are made to a redo log and discarded at power off, but not affected by snapshots. | Optional | +| cdrom | A CD-ROM configuration for the virtual machine. Or a list of CD-ROMs configuration for the virtual machine. Added in version 2.9. Parameters `controller_type`, `controller_number`, `unit_number`, `state` are added for a list of CD-ROMs configuration support. Valid attributes are: - `type` (string): The type of CD-ROM, valid options are `none`, `client` or `iso`. With `none` the CD-ROM will be disconnected but present. - `iso_path` (string): The datastore path to the ISO file to use, in the form of `[datastore1] path/to/file.iso`. Required if type is set `iso`. - `controller_type` (string): Default value is `ide`. Only `ide` controller type for CD-ROM is supported for now, will add SATA controller type in the future. - `controller_number` (int): For `ide` controller, valid value is 0 or 1. - `unit_number` (int): For CD-ROM device attach to `ide` controller, valid value is 0 or 1. `controller_number` and `unit_number` are mandatory attributes. - `state` (string): Valid value is `present` or `absent`. Default is `present`. If set to `absent`, then the specified CD-ROM will be removed. For `ide` controller, hot-add or hot-remove CD-ROM is not supported. | Optional | +| resource_pool | Use the given resource pool for virtual machine operation. This parameter is case sensitive. Resource pool should be child of the selected host parent. | Optional | +| wait_for_ip_address | Wait until vCenter detects an IP address for the virtual machine. This requires vmware-tools (vmtoolsd) to properly work after creation. vmware-tools needs to be installed on the given virtual machine in order to work with this parameter. Default is no. | Optional | +| wait_for_customization | Wait until vCenter detects all guest customizations as successfully completed. When enabled, the VM will automatically be powered on. Default is no. | Optional | +| state_change_timeout | If the `state` is set to `shutdownguest`, by default the module will return immediately after sending the shutdown signal. If this argument is set to a positive integer, the module will instead wait for the virtual machine to reach the poweredoff state. The value sets a timeout in seconds for the module to wait for the state change. Default is 0. | Optional | +| snapshot_src | Name of the existing snapshot to use to create a clone of a virtual machine. This parameter is case sensitive. While creating linked clone using `linked_clone` parameter, this parameter is required. | Optional | +| linked_clone | Whether to create a linked clone from the snapshot specified. If specified, then `snapshot_src` is required parameter. Default is no. | Optional | +| force | Ignore warnings and complete the actions. This parameter is useful while removing virtual machine which is powered on state. This module reflects the VMware vCenter API and UI workflow, as such, in some cases the `force` flag will be mandatory to perform the action to ensure you are certain the action has to be taken, no matter what the consequence. This is specifically the case for removing a powered on the virtual machine when `state` is set to `absent`. Default is no. | Optional | +| datacenter | Destination datacenter for the deploy operation. This parameter is case sensitive. Default is ha-datacenter. | Optional | +| cluster | The cluster name where the virtual machine will run. This is a required parameter, if `esxi_hostname` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. This parameter is case sensitive. | Optional | +| esxi_hostname | The ESXi hostname where the virtual machine will run. This is a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. This parameter is case sensitive. | Optional | +| annotation | A note or annotation to include in the virtual machine. | Optional | +| customvalues | Define a list of custom values to set on virtual machine. A custom value object takes two fields `key` and `value`. Incorrect key and values will be ignored. | Optional | +| networks | A list of networks (in the order of the NICs). Removing NICs is not allowed, while reconfiguring the virtual machine. All parameters and VMware object names are case sensitive. One of the below parameters is required per entry: - `name` (string): Name of the portgroup or distributed virtual portgroup for this interface. When specifying distributed virtual portgroup make sure given `esxi_hostname` or `cluster` is associated with it. - `vlan` (integer): VLAN number for this interface. Optional parameters per entry (used for virtual hardware): - `device_type` (string): Virtual network device (one of `e1000`, `e1000e`, `pcnet32`, `vmxnet2`, `vmxnet3` (default), `sriov`). - `mac` (string): Customize MAC address. - `dvswitch_name` (string): Name of the distributed vSwitch. This value is required if multiple distributed portgroups exists with the same name. version_added 2.7 - `start_connected` (bool): Indicates that virtual network adapter starts with associated virtual machine powers on. version_added: 2.5 Optional parameters per entry (used for OS customization): - `type` (string): Type of IP assignment (either `dhcp` or `static`). `dhcp` is default. - `ip` (string): Static IP address (implies `type: static`). - `netmask` (string): Static netmask required for `ip`. - `gateway` (string): Static gateway. - `dns_servers` (string): DNS servers for this network interface (Windows). - `domain` (string): Domain name for this network interface (Windows). - `wake_on_lan` (bool): Indicates if wake-on-LAN is enabled on this virtual network adapter. version_added: 2.5 - `allow_guest_control` (bool): Enables guest control over whether the connectable device is connected. version_added: 2.5. | Optional | +| customization | Parameters for OS customization when cloning from the template or the virtual machine, or apply to the existing virtual machine directly. Not all operating systems are supported for customization with respective vCenter version, please check VMware documentation for respective OS customization. For supported customization operating system matrix, (see `http://partnerweb.vmware.com/programs/guestOS/guest-os-customization-matrix.pdf`) All parameters and VMware object names are case sensitive. Linux based OSes requires Perl package to be installed for OS customizations. Common parameters (Linux/Windows): - `existing_vm` (bool): If set to `True`, do OS customization on the specified virtual machine directly. If set to `False` or not specified, do OS customization when cloning from the template or the virtual machine. version_added: 2.8 - `dns_servers` (list): List of DNS servers to configure. - `dns_suffix` (list): List of domain suffixes, also known as DNS search path (default: `domain` parameter). - `domain` (string): DNS domain name to use. - `hostname` (string): Computer hostname (default: shorted `name` parameter). Allowed characters are alphanumeric (uppercase and lowercase) and minus, rest of the characters are dropped as per RFC 952. Parameters related to Linux customization: - `timezone` (string): Timezone (See List of supported time zones for different vSphere versions in Linux/Unix systems (2145518) `https://kb.vmware.com/s/article/2145518`). version_added: 2.9 - `hwclockUTC` (bool): Specifies whether the hardware clock is in UTC or local time. True when the hardware clock is in UTC, False when the hardware clock is in local time. version_added: 2.9 Parameters related to Windows customization: - `autologon` (bool): Auto logon after virtual machine customization (default: False). - `autologoncount` (int): Number of autologon after reboot (default: 1). - `domainadmin` (string): User used to join in AD domain (mandatory with `joindomain`). - `domainadminpassword` (string): Password used to join in AD domain (mandatory with `joindomain`). - `fullname` (string): Server owner name (default: Administrator). - `joindomain` (string): AD domain to join (Not compatible with `joinworkgroup`). - `joinworkgroup` (string): Workgroup to join (Not compatible with `joindomain`, default: WORKGROUP). - `orgname` (string): Organisation name (default: ACME). - `password` (string): Local administrator password. - `productid` (string): Product ID. - `runonce` (list): List of commands to run at first user logon. - `timezone` (int): Timezone (See `https://msdn.microsoft.com/en-us/library/ms912391.aspx`). | Optional | +| vapp_properties | A list of vApp properties For full list of attributes and types refer to: `https://github.com/vmware/pyvmomi/blob/master/docs/vim/vApp/PropertyInfo.rst` Basic attributes are: - `id` (string): Property id - required. - `value` (string): Property value. - `type` (string): Value type, string type by default. - `operation`: `remove`: This attribute is required only when removing properties. | Optional | +| customization_spec | Unique name identifying the requested customization specification. This parameter is case sensitive. If set, then overrides `customization` parameter values. | Optional | +| datastore | Specify datastore or datastore cluster to provision virtual machine. This parameter takes precedence over "disk.datastore" parameter. This parameter can be used to override datastore or datastore cluster setting of the virtual machine when deployed from the template. Please see example for more usage. | Optional | +| convert | Specify convert disk type while cloning template or virtual machine. Possible values are: thin, thick, eagerzeroedthick. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuest.instance | unknown | metadata about the new virtual machine | + + + + +### vmware-guest-boot-info +*** +Gather info about boot options for the given virtual machine +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_boot_info_module.html + + +#### Base Command + +`vmware-guest-boot-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the VM to work with. This is required if `uuid` or `moid` parameter is not supplied. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's BIOS UUID by default. This is required if `name` or `moid` parameter is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| name_match | If multiple virtual machines matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestBootInfo.vm_boot_info | unknown | metadata about boot order of virtual machine | + + + + +### vmware-guest-boot-manager +*** +Manage boot options for the given virtual machine +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_boot_manager_module.html + + +#### Base Command + +`vmware-guest-boot-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the VM to work with. This is required if `uuid` or `moid` parameter is not supplied. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's BIOS UUID by default. This is required if `name` or `moid` parameter is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| boot_order | List of the boot devices. | Optional | +| name_match | If multiple virtual machines matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| boot_delay | Delay in milliseconds before starting the boot sequence. Default is 0. | Optional | +| enter_bios_setup | If set to `True`, the virtual machine automatically enters BIOS setup the next time it boots. The virtual machine resets this flag, so that the machine boots proceeds normally. Possible values are: Yes, No. Default is No. | Optional | +| boot_retry_enabled | If set to `True`, the virtual machine that fails to boot, will try to boot again after `boot_retry_delay` is expired. If set to `False`, the virtual machine waits indefinitely for user intervention. Possible values are: Yes, No. Default is No. | Optional | +| boot_retry_delay | Specify the time in milliseconds between virtual machine boot failure and subsequent attempt to boot again. If set, will automatically set `boot_retry_enabled` to `True` as this parameter is required. Default is 0. | Optional | +| boot_firmware | Choose which firmware should be used to boot the virtual machine. Possible values are: bios, efi. | Optional | +| secure_boot_enabled | Choose if EFI secure boot should be enabled. EFI secure boot can only be enabled with boot_firmware = efi. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestBootManager.vm_boot_status | unknown | metadata about boot order of virtual machine | + + + + +### vmware-guest-custom-attribute-defs +*** +Manage custom attributes definitions for virtual machine from VMware +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_custom_attribute_defs_module.html + + +#### Base Command + +`vmware-guest-custom-attribute-defs` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| attribute_key | Name of the custom attribute definition. This is required parameter, if `state` is set to `present` or `absent`. | Optional | +| state | Manage definition of custom attributes. If set to `present` and definition not present, then custom attribute definition is created. If set to `present` and definition is present, then no action taken. If set to `absent` and definition is present, then custom attribute definition is removed. If set to `absent` and definition is absent, then no action taken. Possible values are: present, absent. Default is present. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestCustomAttributeDefs.custom_attribute_defs | unknown | list of all current attribute definitions | + + +#### Command Example +```!vmware-guest-custom-attribute-defs state="present" attribute_key="custom_attr_def_1" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestCustomAttributeDefs": [ + { + "changed": true, + "custom_attribute_defs": [ + "AutoDeploy.MachineIdentity", + "com.vmware.vcIntegrity.customField.scheduledTask.action", + "com.vmware.vcIntegrity.customField.scheduledTask.signature", + "com.vmware.vcIntegrity.customField.scheduledTask.target", + "custom_attr_def_1" + ], + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Custom_Attribute_Defs +> * 0: AutoDeploy.MachineIdentity +> * 1: com.vmware.vcIntegrity.customField.scheduledTask.action +> * 2: com.vmware.vcIntegrity.customField.scheduledTask.signature +> * 3: com.vmware.vcIntegrity.customField.scheduledTask.target +> * 4: custom_attr_def_1 + + +### vmware-guest-custom-attributes +*** +Manage custom attributes from VMware for the given virtual machine +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_custom_attributes_module.html + + +#### Base Command + +`vmware-guest-custom-attributes` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine to work with. This is required parameter, if `uuid` or `moid` is not supplied. | Required | +| state | The action to take. If set to `present`, then custom attribute is added or updated. If set to `absent`, then custom attribute is removed. Possible values are: present, absent. Default is present. | Optional | +| uuid | UUID of the virtual machine to manage if known. This is VMware's unique identifier. This is required parameter, if `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| folder | Absolute path to find an existing guest. This is required parameter, if `name` is supplied and multiple virtual machines with same name are found. | Optional | +| datacenter | Datacenter name where the virtual machine is located in. | Required | +| attributes | A list of name and value of custom attributes that needs to be manage. Value of custom attribute is not required and will be ignored, if `state` is set to `absent`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestCustomAttributes.custom_attributes | unknown | metadata about the virtual machine attributes | + + + + +### vmware-guest-customization-info +*** +Gather info about VM customization specifications +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_customization_info_module.html + + +#### Base Command + +`vmware-guest-customization-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| spec_name | Name of customization specification to find. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestCustomizationInfo.custom_spec_info | unknown | metadata about the customization specification | + + +#### Command Example +```!vmware-guest-customization-info ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestCustomizationInfo": [ + { + "changed": false, + "custom_spec_info": {}, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Custom_Spec_Info + + +### vmware-guest-disk +*** +Manage disks related to virtual machine in given vCenter infrastructure +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_disk_module.html + + +#### Base Command + +`vmware-guest-disk` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine. This is a required parameter, if parameter `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the instance to gather facts if known, this is VMware's unique identifier. This is a required parameter, if parameter `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is a required parameter, only if multiple VMs are found with same name. The folder should include the datacenter. ESX's datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| datacenter | The datacenter name to which virtual machine belongs to. | Required | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| disk | A list of disks to add. The virtual disk related information is provided using this list. All values and parameters are case sensitive. Valid attributes are: - `size[_tb,_gb,_mb,_kb]` (integer): Disk storage size in specified unit. If `size` specified then unit must be specified. There is no space allowed in between size number and unit. Only first occurrence in disk element will be considered, even if there are multiple size* parameters available. - `type` (string): Valid values are: - `thin` thin disk - `eagerzeroedthick` eagerzeroedthick disk - `thick` thick disk Default: `thick` thick disk, no eagerzero. - `datastore` (string): Name of datastore or datastore cluster to be used for the disk. - `autoselect_datastore` (bool): Select the less used datastore. Specify only if `datastore` is not specified. - `scsi_controller` (integer): SCSI controller number. Valid value range from 0 to 3. Only 4 SCSI controllers are allowed per VM. Care should be taken while specifying `scsi_controller` is 0 and `unit_number` as 0 as this disk may contain OS. - `unit_number` (integer): Disk Unit Number. Valid value range from 0 to 15. Only 15 disks are allowed per SCSI Controller. - `scsi_type` (string): Type of SCSI controller. This value is required only for the first occurrence of SCSI Controller. This value is ignored, if SCSI Controller is already present or `state` is `absent`. Valid values are `buslogic`, `lsilogic`, `lsilogicsas` and `paravirtual`. `paravirtual` is default value for this parameter. - `state` (string): State of disk. This is either "absent" or "present". If `state` is set to `absent`, disk will be removed permanently from virtual machine configuration and from VMware storage. If `state` is set to `present`, disk will be added if not present at given SCSI Controller and Unit Number. If `state` is set to `present` and disk exists with different size, disk size is increased. Reducing disk size is not allowed. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestDisk.disk_status | unknown | metadata about the virtual machine's disks after managing them | + + + + +### vmware-guest-disk-info +*** +Gather info about disks of given virtual machine +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_disk_info_module.html + + +#### Base Command + +`vmware-guest-disk-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine. This is required parameter, if parameter `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the instance to gather information if known, this is VMware's unique identifier. This is required parameter, if parameter `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is required parameter, only if multiple VMs are found with same name. The folder should include the datacenter. ESX's datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| datacenter | The datacenter name to which virtual machine belongs to. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestDiskInfo.guest_disk_info | unknown | metadata about the virtual machine's disks | + + +#### Command Example +```!vmware-guest-disk-info datacenter="DC1" name="test_vm_0001" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestDiskInfo": [ + { + "changed": false, + "guest_disk_info": { + "0": { + "backing_datastore": "datastore1", + "backing_disk_mode": "persistent", + "backing_diskmode": "persistent", + "backing_eagerlyscrub": false, + "backing_filename": "[datastore1] test_vm_0001/test_vm_0001.vmdk", + "backing_thinprovisioned": true, + "backing_type": "FlatVer2", + "backing_uuid": "6000C294-3cd2-f966-9fb7-556870ae6bdf", + "backing_writethrough": false, + "capacity_in_bytes": 1073741824, + "capacity_in_kb": 1048576, + "controller_bus_number": 0, + "controller_key": 1000, + "controller_type": "paravirtual", + "key": 2000, + "label": "Hard disk 1", + "summary": "1,048,576 KB", + "unit_number": 0 + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Guest_Disk_Info +> * ### 0 +> * backing_datastore: datastore1 +> * backing_disk_mode: persistent +> * backing_diskmode: persistent +> * backing_eagerlyscrub: False +> * backing_filename: [datastore1] test_vm_0001/test_vm_0001.vmdk +> * backing_thinprovisioned: True +> * backing_type: FlatVer2 +> * backing_uuid: 6000C294-3cd2-f966-9fb7-556870ae6bdf +> * backing_writethrough: False +> * capacity_in_bytes: 1073741824 +> * capacity_in_kb: 1048576 +> * controller_bus_number: 0 +> * controller_key: 1000 +> * controller_type: paravirtual +> * key: 2000 +> * label: Hard disk 1 +> * summary: 1,048,576 KB +> * unit_number: 0 + + +### vmware-guest-find +*** +Find the folder path(s) for a virtual machine by name or UUID +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_find_module.html + + +#### Base Command + +`vmware-guest-find` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the VM to work with. This is required if `uuid` parameter is not supplied. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's BIOS UUID by default. This is required if `name` parameter is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| datacenter | Destination datacenter for the find operation. Deprecated in 2.5, will be removed in 2.9 release. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestFind.folders | unknown | List of folders for user specified virtual machine | + + +#### Command Example +```!vmware-guest-find name="test_vm_0001" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestFind": [ + { + "changed": false, + "folders": [ + "/DC1/vm" + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Folders +> * 0: /DC1/vm + + +### vmware-guest-info +*** +Gather info about a single VM +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_info_module.html + + +#### Base Command + +`vmware-guest-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the VM to work with This is required if `uuid` or `moid` is not supplied. | Optional | +| name_match | If multiple VMs matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's unique identifier. This is required if `name` or `moid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is required if name is supplied. The folder should include the datacenter. ESX's datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| datacenter | Destination datacenter for the deploy operation. | Required | +| tags | Whether to show tags or not. If set `True`, shows tag information. If set `False`, hides tags information. vSphere Automation SDK and vCloud Suite SDK is required. Default is no. | Optional | +| schema | Specify the output schema desired. The 'summary' output schema is the legacy output from the module The 'vsphere' output schema is the vSphere API class definition which requires pyvmomi>6.7.1. Possible values are: summary, vsphere. Default is summary. | Optional | +| properties | Specify the properties to retrieve. If not specified, all properties are retrieved (deeply). Results are returned in a structure identical to the vsphere API. Example: properties: [ "config.hardware.memoryMB", "config.hardware.numCPU", "guest.disk", "overallStatus" ] Only valid when `schema` is `vsphere`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestInfo.instance | unknown | metadata about the virtual machine | + + +#### Command Example +```!vmware-guest-info datacenter="DC1" name="test_vm_0001" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestInfo": [ + { + "changed": false, + "instance": { + "annotation": "", + "current_snapshot": null, + "customvalues": {}, + "guest_consolidation_needed": false, + "guest_question": null, + "guest_tools_status": "guestToolsNotRunning", + "guest_tools_version": "0", + "hw_cluster": "cluster", + "hw_cores_per_socket": 1, + "hw_datastores": [ + "datastore1" + ], + "hw_esxi_host": "esxi01", + "hw_eth0": { + "addresstype": "manual", + "ipaddresses": null, + "label": "Network adapter 1", + "macaddress": "aa:bb:dd:aa:00:14", + "macaddress_dash": "aa-bb-dd-aa-00-14", + "portgroup_key": null, + "portgroup_portkey": null, + "summary": "VM Network" + }, + "hw_files": [ + "[datastore1] test_vm_0001/test_vm_0001.vmx", + "[datastore1] test_vm_0001/test_vm_0001.vmsd", + "[datastore1] test_vm_0001/test_vm_0001.vmdk" + ], + "hw_folder": "/DC1/vm", + "hw_guest_full_name": null, + "hw_guest_ha_state": null, + "hw_guest_id": null, + "hw_interfaces": [ + "eth0" + ], + "hw_is_template": false, + "hw_memtotal_mb": 512, + "hw_name": "test_vm_0001", + "hw_power_status": "poweredOff", + "hw_processor_count": 4, + "hw_product_uuid": "42166c31-2bd1-6ac0-1ebb-a6db907f529e", + "hw_version": "vmx-13", + "instance_uuid": "5016ea58-ccce-5688-f16b-82ca0b25e513", + "ipv4": null, + "ipv6": null, + "module_hw": true, + "moid": "vm-21", + "snapshots": [], + "vimref": "vim.VirtualMachine:vm-21", + "vnc": {} + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Instance +> * annotation: +> * current_snapshot: None +> * guest_consolidation_needed: False +> * guest_question: None +> * guest_tools_status: guestToolsNotRunning +> * guest_tools_version: 0 +> * hw_cluster: cluster +> * hw_cores_per_socket: 1 +> * hw_esxi_host: esxi01 +> * hw_folder: /DC1/vm +> * hw_guest_full_name: None +> * hw_guest_ha_state: None +> * hw_guest_id: None +> * hw_is_template: False +> * hw_memtotal_mb: 512 +> * hw_name: test_vm_0001 +> * hw_power_status: poweredOff +> * hw_processor_count: 4 +> * hw_product_uuid: 42166c31-2bd1-6ac0-1ebb-a6db907f529e +> * hw_version: vmx-13 +> * instance_uuid: 5016ea58-ccce-5688-f16b-82ca0b25e513 +> * ipv4: None +> * ipv6: None +> * module_hw: True +> * moid: vm-21 +> * vimref: vim.VirtualMachine:vm-21 +> * ### Customvalues +> * ### Hw_Datastores +> * 0: datastore1 +> * ### Hw_Eth0 +> * addresstype: manual +> * ipaddresses: None +> * label: Network adapter 1 +> * macaddress: aa:bb:dd:aa:00:14 +> * macaddress_dash: aa-bb-dd-aa-00-14 +> * portgroup_key: None +> * portgroup_portkey: None +> * summary: VM Network +> * ### Hw_Files +> * 0: [datastore1] test_vm_0001/test_vm_0001.vmx +> * 1: [datastore1] test_vm_0001/test_vm_0001.vmsd +> * 2: [datastore1] test_vm_0001/test_vm_0001.vmdk +> * ### Hw_Interfaces +> * 0: eth0 +> * ### Snapshots +> * ### Vnc + +### vmware-guest-move +*** +Moves virtual machines in vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_move_module.html + + +#### Base Command + +`vmware-guest-move` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the existing virtual machine to move. This is required if `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the virtual machine to manage if known, this is VMware's unique identifier. This is required if `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| name_match | If multiple virtual machines matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| dest_folder | Absolute path to move an existing guest The dest_folder should include the datacenter. ESX's datacenter is ha-datacenter. This parameter is case sensitive. Examples: dest_folder: /ha-datacenter/vm dest_folder: ha-datacenter/vm dest_folder: /datacenter1/vm dest_folder: datacenter1/vm dest_folder: /datacenter1/vm/folder1 dest_folder: datacenter1/vm/folder1 dest_folder: /folder1/datacenter1/vm dest_folder: folder1/datacenter1/vm dest_folder: /folder1/datacenter1/vm/folder2. | Required | +| datacenter | Destination datacenter for the move operation. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestMove.instance | unknown | metadata about the virtual machine | + + +#### Command Example +```!vmware-guest-move datacenter="DC1" name="test_vm_0001" dest_folder="/DC1/vm" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestMove": [ + { + "changed": false, + "instance": { + "annotation": "", + "current_snapshot": null, + "customvalues": {}, + "guest_consolidation_needed": false, + "guest_question": null, + "guest_tools_status": "guestToolsNotRunning", + "guest_tools_version": "0", + "hw_cluster": "cluster", + "hw_cores_per_socket": 1, + "hw_datastores": [ + "datastore1" + ], + "hw_esxi_host": "esxi01", + "hw_eth0": { + "addresstype": "manual", + "ipaddresses": null, + "label": "Network adapter 1", + "macaddress": "aa:bb:dd:aa:00:14", + "macaddress_dash": "aa-bb-dd-aa-00-14", + "portgroup_key": null, + "portgroup_portkey": null, + "summary": "VM Network" + }, + "hw_files": [ + "[datastore1] test_vm_0001/test_vm_0001.vmx", + "[datastore1] test_vm_0001/test_vm_0001.vmsd", + "[datastore1] test_vm_0001/test_vm_0001.vmdk" + ], + "hw_folder": "/DC1/vm", + "hw_guest_full_name": null, + "hw_guest_ha_state": null, + "hw_guest_id": null, + "hw_interfaces": [ + "eth0" + ], + "hw_is_template": false, + "hw_memtotal_mb": 512, + "hw_name": "test_vm_0001", + "hw_power_status": "poweredOff", + "hw_processor_count": 4, + "hw_product_uuid": "42166c31-2bd1-6ac0-1ebb-a6db907f529e", + "hw_version": "vmx-13", + "instance_uuid": "5016ea58-ccce-5688-f16b-82ca0b25e513", + "ipv4": null, + "ipv6": null, + "module_hw": true, + "moid": "vm-21", + "snapshots": [], + "vimref": "vim.VirtualMachine:vm-21", + "vnc": {} + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Instance +> * annotation: +> * current_snapshot: None +> * guest_consolidation_needed: False +> * guest_question: None +> * guest_tools_status: guestToolsNotRunning +> * guest_tools_version: 0 +> * hw_cluster: cluster +> * hw_cores_per_socket: 1 +> * hw_esxi_host: esxi01 +> * hw_folder: /DC1/vm +> * hw_guest_full_name: None +> * hw_guest_ha_state: None +> * hw_guest_id: None +> * hw_is_template: False +> * hw_memtotal_mb: 512 +> * hw_name: test_vm_0001 +> * hw_power_status: poweredOff +> * hw_processor_count: 4 +> * hw_product_uuid: 42166c31-2bd1-6ac0-1ebb-a6db907f529e +> * hw_version: vmx-13 +> * instance_uuid: 5016ea58-ccce-5688-f16b-82ca0b25e513 +> * ipv4: None +> * ipv6: None +> * module_hw: True +> * moid: vm-21 +> * vimref: vim.VirtualMachine:vm-21 +> * ### Customvalues +> * ### Hw_Datastores +> * 0: datastore1 +> * ### Hw_Eth0 +> * addresstype: manual +> * ipaddresses: None +> * label: Network adapter 1 +> * macaddress: aa:bb:dd:aa:00:14 +> * macaddress_dash: aa-bb-dd-aa-00-14 +> * portgroup_key: None +> * portgroup_portkey: None +> * summary: VM Network +> * ### Hw_Files +> * 0: [datastore1] test_vm_0001/test_vm_0001.vmx +> * 1: [datastore1] test_vm_0001/test_vm_0001.vmsd +> * 2: [datastore1] test_vm_0001/test_vm_0001.vmdk +> * ### Hw_Interfaces +> * 0: eth0 +> * ### Snapshots +> * ### Vnc + + +### vmware-guest-network +*** +Manage network adapters of specified virtual machine in given vCenter infrastructure +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_network_module.html + + +#### Base Command + +`vmware-guest-network` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine. This is a required parameter, if parameter `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the instance to gather info if known, this is VMware's unique identifier. This is a required parameter, if parameter `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is a required parameter, only if multiple VMs are found with same name. The folder should include the datacenter. ESXi server's datacenter is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| cluster | The name of cluster where the virtual machine will run. This is a required parameter, if `esxi_hostname` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. | Optional | +| esxi_hostname | The ESXi hostname where the virtual machine will run. This is a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. | Optional | +| datacenter | The datacenter name to which virtual machine belongs to. Default is ha-datacenter. | Optional | +| gather_network_info | If set to `True`, return settings of all network adapters, other parameters are ignored. If set to `False`, will add, reconfigure or remove network adapters according to the parameters in `networks`. Possible values are: Yes, No. Default is No. | Optional | +| networks | A list of network adapters. `mac` or `label` or `device_type` is required to reconfigure or remove an existing network adapter. If there are multiple network adapters with the same `device_type`, you should set `label` or `mac` to match one of them, or will apply changes on all network adapters with the `device_type` specified. `mac`, `label`, `device_type` is the order of precedence from greatest to least if all set. Valid attributes are: - `mac` (string): MAC address of the existing network adapter to be reconfigured or removed. - `label` (string): Label of the existing network adapter to be reconfigured or removed, e.g., "Network adapter 1". - `device_type` (string): Valid virtual network device types are: `e1000`, `e1000e`, `pcnet32`, `vmxnet2`, `vmxnet3` (default), `sriov`. Used to add new network adapter, reconfigure or remove the existing network adapter with this type. If `mac` and `label` not specified or not find network adapter by `mac` or `label` will use this parameter. - `name` (string): Name of the portgroup or distributed virtual portgroup for this interface. When specifying distributed virtual portgroup make sure given `esxi_hostname` or `cluster` is associated with it. - `vlan` (integer): VLAN number for this interface. - `dvswitch_name` (string): Name of the distributed vSwitch. This value is required if multiple distributed portgroups exists with the same name. - `state` (string): State of the network adapter. If set to `present`, then will do reconfiguration for the specified network adapter. If set to `new`, then will add the specified network adapter. If set to `absent`, then will remove this network adapter. - `manual_mac` (string): Manual specified MAC address of the network adapter when creating, or reconfiguring. If not specified when creating new network adapter, mac address will be generated automatically. When reconfigure MAC address, VM should be in powered off state. - `connected` (bool): Indicates that virtual network adapter connects to the associated virtual machine. - `start_connected` (bool): Indicates that virtual network adapter starts with associated virtual machine powers on. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestNetwork.network_data | unknown | metadata about the virtual machine's network adapter after managing them | + + + + +### vmware-guest-powerstate +*** +Manages power states of virtual machines in vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_powerstate_module.html + + +#### Base Command + +`vmware-guest-powerstate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Set the state of the virtual machine. Possible values are: powered-off, powered-on, reboot-guest, restarted, shutdown-guest, suspended, present. Default is present. | Optional | +| name | Name of the virtual machine to work with. Virtual machine names in vCenter are not necessarily unique, which may be problematic, see `name_match`. | Optional | +| name_match | If multiple virtual machines matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's unique identifier. This is required if `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. The folder should include the datacenter. ESX's datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| scheduled_at | Date and time in string format at which specified task needs to be performed. The required format for date and time - 'dd/mm/yyyy hh:mm'. Scheduling task requires vCenter server. A standalone ESXi server does not support this option. | Optional | +| schedule_task_name | Name of schedule task. Valid only if `scheduled_at` is specified. | Optional | +| schedule_task_description | Description of schedule task. Valid only if `scheduled_at` is specified. | Optional | +| schedule_task_enabled | Flag to indicate whether the scheduled task is enabled or disabled. Possible values are: Yes, No. Default is Yes. | Optional | +| force | Ignore warnings and complete the actions. This parameter is useful while forcing virtual machine state. Possible values are: Yes, No. Default is No. | Optional | +| state_change_timeout | If the `state` is set to `shutdown-guest`, by default the module will return immediately after sending the shutdown signal. If this argument is set to a positive integer, the module will instead wait for the VM to reach the poweredoff state. The value sets a timeout in seconds for the module to wait for the state change. Default is 0. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-guest-screenshot +*** +Create a screenshot of the Virtual Machine console. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_screenshot_module.html + + +#### Base Command + +`vmware-guest-screenshot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine. This is a required parameter, if parameter `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the instance to gather facts if known, this is VMware's unique identifier. This is a required parameter, if parameter `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is a required parameter, only if multiple VMs are found with same name. The folder should include the datacenter. ESXi server's datacenter is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| cluster | The name of cluster where the virtual machine is running. This is a required parameter, if `esxi_hostname` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. | Optional | +| esxi_hostname | The ESXi hostname where the virtual machine is running. This is a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. | Optional | +| datacenter | The datacenter name to which virtual machine belongs to. | Optional | +| local_path | If `local_path` is not set, the created screenshot file will be kept in the directory of the virtual machine on ESXi host. If `local_path` is set to a valid path on local machine, then the screenshot file will be downloaded from ESXi host to the local directory. If not download screenshot file to local machine, you can open it through the returned file URL in screenshot facts manually. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestScreenshot.screenshot_info | unknown | display the facts of captured virtual machine screenshot file | + + + + +### vmware-guest-sendkey +*** +Send USB HID codes to the Virtual Machine's keyboard. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_sendkey_module.html + + +#### Base Command + +`vmware-guest-sendkey` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine. This is a required parameter, if parameter `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the instance to gather facts if known, this is VMware's unique identifier. This is a required parameter, if parameter `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is a required parameter, only if multiple VMs are found with same name. The folder should include the datacenter. ESXi server's datacenter is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| cluster | The name of cluster where the virtual machine is running. This is a required parameter, if `esxi_hostname` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. | Optional | +| esxi_hostname | The ESXi hostname where the virtual machine is running. This is a required parameter, if `cluster` is not set. `esxi_hostname` and `cluster` are mutually exclusive parameters. | Optional | +| datacenter | The datacenter name to which virtual machine belongs to. | Optional | +| string_send | The string will be sent to the virtual machine. This string can contain valid special character, alphabet and digit on the keyboard. | Optional | +| keys_send | The list of the keys will be sent to the virtual machine. Valid values are `ENTER`, `ESC`, `BACKSPACE`, `TAB`, `SPACE`, `CAPSLOCK`, `DELETE`, `CTRL_ALT_DEL`, `CTRL_C` and `F1` to `F12`, `RIGHTARROW`, `LEFTARROW`, `DOWNARROW`, `UPARROW`. If both `keys_send` and `string_send` are specified, keys in `keys_send` list will be sent in front of the `string_send`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestSendkey.sendkey_info | unknown | display the keys and the number of keys sent to the virtual machine | + + + + +### vmware-guest-snapshot +*** +Manages virtual machines snapshots in vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_snapshot_module.html + + +#### Base Command + +`vmware-guest-snapshot` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Manage snapshot(s) attached to a specific virtual machine. If set to `present` and snapshot absent, then will create a new snapshot with the given name. If set to `present` and snapshot present, then no changes are made. If set to `absent` and snapshot present, then snapshot with the given name is removed. If set to `absent` and snapshot absent, then no changes are made. If set to `revert` and snapshot present, then virtual machine state is reverted to the given snapshot. If set to `revert` and snapshot absent, then no changes are made. If set to `remove_all` and snapshot(s) present, then all snapshot(s) will be removed. If set to `remove_all` and snapshot(s) absent, then no changes are made. Possible values are: present, absent, revert, remove_all. Default is present. | Required | +| name | Name of the virtual machine to work with. This is required parameter, if `uuid` or `moid` is not supplied. | Optional | +| name_match | If multiple VMs matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's BIOS UUID by default. This is required if `name` or `moid` parameter is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is required parameter, if `name` is supplied. The folder should include the datacenter. ESX's datacenter is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| datacenter | Destination datacenter for the deploy operation. | Required | +| snapshot_name | Sets the snapshot name to manage. This param is required only if state is not `remove_all`. | Optional | +| description | Define an arbitrary description to attach to snapshot. | Optional | +| quiesce | If set to `true` and virtual machine is powered on, it will quiesce the file system in virtual machine. Note that VMware Tools are required for this flag. If virtual machine is powered off or VMware Tools are not available, then this flag is set to `false`. If virtual machine does not provide capability to take quiesce snapshot, then this flag is set to `false`. Possible values are: Yes, No. Default is No. | Optional | +| memory_dump | If set to `true`, memory dump of virtual machine is also included in snapshot. Note that memory snapshots take time and resources, this will take longer time to create. If virtual machine does not provide capability to take memory snapshot, then this flag is set to `false`. Possible values are: Yes, No. Default is No. | Optional | +| remove_children | If set to `true` and state is set to `absent`, then entire snapshot subtree is set for removal. Possible values are: Yes, No. Default is No. | Optional | +| new_snapshot_name | Value to rename the existing snapshot to. | Optional | +| new_description | Value to change the description of an existing snapshot to. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestSnapshot.snapshot_results | unknown | metadata about the virtual machine snapshots | + + +#### Command Example +```!vmware-guest-snapshot datacenter="DC1" folder="/DC1/vm/" name="test_vm_0001" state="present" snapshot_name="snap1" description="snap1_description" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestSnapshot": [ + { + "changed": true, + "snapshot_results": { + "current_snapshot": { + "creation_time": "2021-07-11T17:02:28.131433+00:00", + "description": "snap1_description", + "id": 1, + "name": "snap1", + "state": "poweredOff" + }, + "snapshots": [ + { + "creation_time": "2021-07-11T17:02:28.131433+00:00", + "description": "snap1_description", + "id": 1, + "name": "snap1", + "state": "poweredOff" + } + ] + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Snapshot_Results +> * ### Current_Snapshot +> * creation_time: 2021-07-11T17:02:28.131433+00:00 +> * description: snap1_description +> * id: 1 +> * name: snap1 +> * state: poweredOff +> * ### Snapshots +> * ### Snap1 +> * creation_time: 2021-07-11T17:02:28.131433+00:00 +> * description: snap1_description +> * id: 1 +> * name: snap1 +> * state: poweredOff + +### vmware-guest-snapshot-info +*** +Gather info about virtual machine's snapshots in vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_snapshot_info_module.html + + +#### Base Command + +`vmware-guest-snapshot-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the VM to work with. This is required if `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's BIOS UUID by default. This is required if `name` or `moid` parameter is not supplied. The `folder` is ignored, if `uuid` is provided. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is required only, if multiple virtual machines with same name are found on given vCenter. The folder should include the datacenter. ESX's datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| datacenter | Name of the datacenter. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestSnapshotInfo.guest_snapshots | unknown | metadata about the snapshot information | + + + + +### vmware-guest-tools-upgrade +*** +Module to upgrade VMTools +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_tools_upgrade_module.html + + +#### Base Command + +`vmware-guest-tools-upgrade` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine to work with. This is required if `uuid` or `moid` is not supplied. | Optional | +| name_match | If multiple virtual machines matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's unique identifier. This is required if `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is required, if `name` is supplied. The folder should include the datacenter. ESX's datacenter is ha-datacenter Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| datacenter | Destination datacenter where the virtual machine exists. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-guest-tools-wait +*** +Wait for VMware tools to become available +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_tools_wait_module.html + + +#### Base Command + +`vmware-guest-tools-wait` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the VM for which to wait until the tools become available. This is required if `uuid` or `moid` is not supplied. | Optional | +| name_match | If multiple VMs match the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is required only, if multiple VMs with same `name` is found. The folder should include the datacenter. ESX's datacenter is `ha-datacenter`. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| uuid | UUID of the VM for which to wait until the tools become available, if known. This is VMware's unique identifier. This is required, if `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestToolsWait.instance | unknown | metadata about the virtual machine | + + + + +### vmware-guest-video +*** +Modify video card configurations of specified virtual machine in given vCenter infrastructure +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_video_module.html + + +#### Base Command + +`vmware-guest-video` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name of the virtual machine. This is a required parameter, if parameter `uuid` or `moid` is not supplied. | Optional | +| uuid | UUID of the instance to gather facts if known, this is VMware's unique identifier. This is a required parameter, if parameter `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. This is a required parameter, only if multiple VMs are found with same name. The folder should include the datacenter. ESXi server's datacenter is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| datacenter | The datacenter name to which virtual machine belongs to. This parameter is case sensitive. Default is ha-datacenter. | Optional | +| gather_video_facts | If set to True, return settings of the video card, other attributes are ignored. If set to False, will do reconfiguration and return video card settings. Default is no. | Optional | +| use_auto_detect | If set to True, applies common video settings to the guest operating system, attributes `display_number` and `video_memory_mb` are ignored. If set to False, the number of display and the total video memory will be reconfigured using `display_number` and `video_memory_mb`. | Optional | +| display_number | The number of display. Valid value from 1 to 10. The maximum display number is 4 on vCenter 6.0, 6.5 web UI. | Optional | +| video_memory_mb | Valid total MB of video memory range of virtual machine is from 1.172 MB to 256 MB on ESXi 6.7U1, from 1.172 MB to 128 MB on ESXi 6.7 and previous versions. For specific guest OS, supported minimum and maximum video memory are different, please be careful on setting this. | Optional | +| enable_3D | Enable 3D for guest operating systems on which VMware supports 3D. | Optional | +| renderer_3D | If set to `automatic`, selects the appropriate option (software or hardware) for this virtual machine automatically. If set to `software`, uses normal CPU processing for 3D calculations. If set to `hardware`, requires graphics hardware (GPU) for faster 3D calculations. Possible values are: automatic, software, hardware. | Optional | +| memory_3D_mb | The value of 3D Memory must be power of 2 and valid value is from 32 MB to 2048 MB. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestVideo.video_status | unknown | metadata about the virtual machine's video card after managing them | + + + + +### vmware-guest-vnc +*** +Manages VNC remote display on virtual machines in vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_guest_vnc_module.html + + +#### Base Command + +`vmware-guest-vnc` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter | Destination datacenter for the deploy operation. This parameter is case sensitive. Default is ha-datacenter. | Optional | +| state | Set the state of VNC on virtual machine. Possible values are: present, absent. Default is present. | Optional | +| name | Name of the virtual machine to work with. Virtual machine names in vCenter are not necessarily unique, which may be problematic, see `name_match`. | Optional | +| name_match | If multiple virtual machines matching the name, use the first or last found. Possible values are: first, last. Default is first. | Optional | +| uuid | UUID of the instance to manage if known, this is VMware's unique identifier. This is required, if `name` or `moid` is not supplied. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `name` or `uuid` is not supplied. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest. The folder should include the datacenter. ESX's datacenter is ha-datacenter. | Optional | +| vnc_ip | Sets an IP for VNC on virtual machine. This is required only when `state` is set to present and will be ignored if `state` is absent. Default is 0.0.0.0. | Optional | +| vnc_port | The port that VNC listens on. Usually a number between 5900 and 7000 depending on your config. This is required only when `state` is set to present and will be ignored if `state` is absent. Default is 0. | Optional | +| vnc_password | Sets a password for VNC on virtual machine. This is required only when `state` is set to present and will be ignored if `state` is absent. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareGuestVnc.changed | boolean | If anything changed on VM's extraConfig. | +| VMware.VmwareGuestVnc.failed | boolean | If changes failed. | +| VMware.VmwareGuestVnc.instance | unknown | Dictionary describing the VM, including VNC info. | + + +#### Command Example +```!vmware-guest-vnc folder="/DC1/vm" name="test_vm_0001" vnc_port="5990" vnc_password="vNc5ecr3t" datacenter="DC1" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareGuestVnc": [ + { + "changed": true, + "instance": { + "annotation": "", + "current_snapshot": { + "creation_time": "2021-07-11T17:02:28.131433+00:00", + "description": "snap1_description", + "id": 1, + "name": "snap1", + "state": "poweredOff" + }, + "customvalues": {}, + "guest_consolidation_needed": false, + "guest_question": null, + "guest_tools_status": "guestToolsNotRunning", + "guest_tools_version": "0", + "hw_cluster": "cluster", + "hw_cores_per_socket": 1, + "hw_datastores": [ + "datastore1" + ], + "hw_esxi_host": "esxi01", + "hw_eth0": { + "addresstype": "manual", + "ipaddresses": null, + "label": "Network adapter 1", + "macaddress": "aa:bb:dd:aa:00:14", + "macaddress_dash": "aa-bb-dd-aa-00-14", + "portgroup_key": null, + "portgroup_portkey": null, + "summary": "VM Network" + }, + "hw_files": [ + "[datastore1] test_vm_0001/test_vm_0001.vmx", + "[datastore1] test_vm_0001/test_vm_0001-Snapshot1.vmsn", + "[datastore1] test_vm_0001/test_vm_0001.vmsd", + "[datastore1] test_vm_0001/test_vm_0001.vmdk", + "[datastore1] test_vm_0001/test_vm_0001-000001.vmdk" + ], + "hw_folder": "/DC1/vm", + "hw_guest_full_name": null, + "hw_guest_ha_state": null, + "hw_guest_id": null, + "hw_interfaces": [ + "eth0" + ], + "hw_is_template": false, + "hw_memtotal_mb": 512, + "hw_name": "test_vm_0001", + "hw_power_status": "poweredOff", + "hw_processor_count": 4, + "hw_product_uuid": "42166c31-2bd1-6ac0-1ebb-a6db907f529e", + "hw_version": "vmx-13", + "instance_uuid": "5016ea58-ccce-5688-f16b-82ca0b25e513", + "ipv4": null, + "ipv6": null, + "module_hw": true, + "moid": "vm-21", + "snapshots": [ + { + "creation_time": "2021-07-11T17:02:28.131433+00:00", + "description": "snap1_description", + "id": 1, + "name": "snap1", + "state": "poweredOff" + } + ], + "vimref": "vim.VirtualMachine:vm-21", + "vnc": { + "enabled": "TRUE", + "ip": "0.0.0.0", + "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + "port": "5990" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Instance +> * annotation: +> * guest_consolidation_needed: False +> * guest_question: None +> * guest_tools_status: guestToolsNotRunning +> * guest_tools_version: 0 +> * hw_cluster: cluster +> * hw_cores_per_socket: 1 +> * hw_esxi_host: esxi01 +> * hw_folder: /DC1/vm +> * hw_guest_full_name: None +> * hw_guest_ha_state: None +> * hw_guest_id: None +> * hw_is_template: False +> * hw_memtotal_mb: 512 +> * hw_name: test_vm_0001 +> * hw_power_status: poweredOff +> * hw_processor_count: 4 +> * hw_product_uuid: 42166c31-2bd1-6ac0-1ebb-a6db907f529e +> * hw_version: vmx-13 +> * instance_uuid: 5016ea58-ccce-5688-f16b-82ca0b25e513 +> * ipv4: None +> * ipv6: None +> * module_hw: True +> * moid: vm-21 +> * vimref: vim.VirtualMachine:vm-21 +> * ### Current_Snapshot +> * creation_time: 2021-07-11T17:02:28.131433+00:00 +> * description: snap1_description +> * id: 1 +> * name: snap1 +> * state: poweredOff +> * ### Customvalues +> * ### Hw_Datastores +> * 0: datastore1 +> * ### Hw_Eth0 +> * addresstype: manual +> * ipaddresses: None +> * label: Network adapter 1 +> * macaddress: aa:bb:dd:aa:00:14 +> * macaddress_dash: aa-bb-dd-aa-00-14 +> * portgroup_key: None +> * portgroup_portkey: None +> * summary: VM Network +> * ### Hw_Files +> * 0: [datastore1] test_vm_0001/test_vm_0001.vmx +> * 1: [datastore1] test_vm_0001/test_vm_0001-Snapshot1.vmsn +> * 2: [datastore1] test_vm_0001/test_vm_0001.vmsd +> * 3: [datastore1] test_vm_0001/test_vm_0001.vmdk +> * 4: [datastore1] test_vm_0001/test_vm_0001-000001.vmdk +> * ### Hw_Interfaces +> * 0: eth0 +> * ### Snapshots +> * ### Snap1 +> * creation_time: 2021-07-11T17:02:28.131433+00:00 +> * description: snap1_description +> * id: 1 +> * name: snap1 +> * state: poweredOff +> * ### Vnc +> * enabled: TRUE +> * ip: 0.0.0.0 +> * password: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER +> * port: 5990 + +### vmware-host +*** +Add, remove, or move an ESXi host to, from, or within vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_module.html + + +#### Base Command + +`vmware-host` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter_name | Name of the datacenter to add the host. Aliases added in version 2.6. | Required | +| cluster_name | Name of the cluster to add the host. If `folder` is not set, then this parameter is required. Aliases added in version 2.6. | Optional | +| folder | Name of the folder under which host to add. If `cluster_name` is not set, then this parameter is required. For example, if there is a datacenter 'dc1' under folder called 'Site1' then, this value will be '/Site1/dc1/host'. Here 'host' is an invisible folder under VMware Web Client. Another example, if there is a nested folder structure like '/myhosts/india/pune' under datacenter 'dc2', then `folder` value will be '/dc2/host/myhosts/india/pune'. Other Examples: - '/Site2/dc2/Asia-Cluster/host' - '/dc3/Asia-Cluster/host'. | Optional | +| add_connected | If set to `True`, then the host should be connected as soon as it is added. This parameter is ignored if state is set to a value other than `present`. Possible values are: Yes, No. Default is Yes. | Optional | +| esxi_hostname | ESXi hostname to manage. | Required | +| esxi_username | ESXi username. Required for adding a host. Optional for reconnect. If both `esxi_username` and `esxi_password` are used Unused for removing. No longer a required parameter from version 2.5. | Optional | +| esxi_password | ESXi password. Required for adding a host. Optional for reconnect. Unused for removing. No longer a required parameter from version 2.5. | Optional | +| state | If set to `present`, add the host if host is absent. If set to `present`, update the location of the host if host already exists. If set to `absent`, remove the host if host is present. If set to `absent`, do nothing if host already does not exists. If set to `add_or_reconnect`, add the host if it's absent else reconnect it and update the location. If set to `reconnect`, then reconnect the host if it's present and update the location. Possible values are: present, absent, add_or_reconnect, reconnect. Default is present. | Optional | +| esxi_ssl_thumbprint | Specifying the hostsystem certificate's thumbprint. Use following command to get hostsystem certificate's thumbprint - # openssl x509 -in /etc/vmware/ssl/rui.crt -fingerprint -sha1 -noout Only used if `fetch_thumbprint` isn't set to `true`. | Optional | +| fetch_ssl_thumbprint | Fetch the thumbprint of the host's SSL certificate. This basically disables the host certificate verification (check if it was signed by a recognized CA). Disable this option if you want to allow only hosts with valid certificates to be added to vCenter. If this option is set to `false` and the certificate can't be verified, an add or reconnect will fail. Unused when `esxi_ssl_thumbprint` is set. Optional for reconnect, but only used if `esxi_username` and `esxi_password` are used. Unused for removing. Possible values are: Yes, No. Default is Yes. | Optional | +| force_connection | Force the connection if the host is already being managed by another vCenter server. Possible values are: Yes, No. Default is Yes. | Optional | +| reconnect_disconnected | Reconnect disconnected hosts. This is only used if `state` is set to `present` and if the host already exists. Possible values are: Yes, No. Default is Yes. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHost.result | string | metadata about the new host system added | + + +#### Command Example +```!vmware-host datacenter_name="DC1" cluster_name="cluster" esxi_hostname="esxi01" esxi_username="root" esxi_password="PASSWORD" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHost": [ + { + "changed": false, + "result": "Host already connected to vCenter 'vcenter' in cluster 'cluster'", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * result: Host already connected to vCenter 'vcenter' in cluster 'cluster' + + +### vmware-host-acceptance +*** +Manage the host acceptance level of an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_acceptance_module.html + + +#### Base Command + +`vmware-host-acceptance` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. Acceptance level of all ESXi host system in the given cluster will be managed. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. Acceptance level of this ESXi host system will be managed. If `cluster_name` is not given, this parameter is required. | Optional | +| state | Set or list acceptance level of the given ESXi host. If set to `list`, then will return current acceptance level of given host system/s. If set to `present`, then will set given acceptance level. Possible values are: list, present. Default is list. | Optional | +| acceptance_level | Name of acceptance level. If set to `partner`, then accept only partner and VMware signed and certified VIBs. If set to `vmware_certified`, then accept only VIBs that are signed and certified by VMware. If set to `vmware_accepted`, then accept VIBs that have been accepted by VMware. If set to `community`, then accept all VIBs, even those that are not signed. Possible values are: community, partner, vmware_accepted, vmware_certified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostAcceptance.facts | unknown | dict with hostname as key and dict with acceptance level facts, error as value | + + +#### Command Example +```!vmware-host-acceptance cluster_name="cluster" acceptance_level="community" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostAcceptance": [ + { + "changed": true, + "facts": { + "esxi01": { + "error": "NA", + "level": "community" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Facts +> * ### esxi01 +> * error: NA +> * level: community + + +### vmware-host-active-directory +*** +Joins an ESXi host system to an Active Directory domain or leaves it +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_active_directory_module.html + + +#### Base Command + +`vmware-host-active-directory` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| ad_domain | AD Domain to join. | Optional | +| ad_user | Username for AD domain join. | Optional | +| ad_password | Password for AD domain join. | Optional | +| ad_state | Whether the ESXi host is joined to an AD domain or not. Possible values are: present, absent. Default is absent. | Optional | +| esxi_hostname | Name of the host system to work with. This parameter is required if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. This parameter is required if `esxi_hostname` is not specified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostActiveDirectory.results | unknown | metadata about host system's AD domain join state | + + + + +### vmware-host-capability-info +*** +Gathers info about an ESXi host's capability information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_capability_info_module.html + + +#### Base Command + +`vmware-host-capability-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster from all host systems to be used for information gathering. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname to gather information from. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostCapabilityInfo.hosts_capability_info | unknown | metadata about host's capability info | + + +#### Command Example +```!vmware-host-capability-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostCapabilityInfo": [ + { + "changed": false, + "hosts_capability_info": { + "esxi01": { + "accel3dSupported": false, + "backgroundSnapshotsSupported": false, + "checkpointFtCompatibilityIssues": [ + "haAgentIssue", + "missingFTLoggingNic", + "missingVMotionNic" + ], + "checkpointFtSupported": false, + "cloneFromSnapshotSupported": true, + "cpuHwMmuSupported": true, + "cpuMemoryResourceConfigurationSupported": true, + "cryptoSupported": true, + "datastorePrincipalSupported": false, + "deltaDiskBackingsSupported": true, + "eightPlusHostVmfsSharedAccessSupported": true, + "encryptedVMotionSupported": true, + "encryptionCBRCSupported": false, + "encryptionChangeOnAddRemoveSupported": false, + "encryptionFaultToleranceSupported": false, + "encryptionHBRSupported": false, + "encryptionHotOperationSupported": false, + "encryptionMemorySaveSupported": false, + "encryptionRDMSupported": false, + "encryptionVFlashSupported": false, + "encryptionWithSnapshotsSupported": false, + "featureCapabilitiesSupported": true, + "firewallIpRulesSupported": true, + "ftCompatibilityIssues": [ + "haAgentIssue", + "incompatibleCpu", + "missingFTLoggingNic", + "missingVMotionNic" + ], + "ftSupported": false, + "gatewayOnNicSupported": true, + "hbrNicSelectionSupported": true, + "highGuestMemSupported": true, + "hostAccessManagerSupported": true, + "interVMCommunicationThroughVMCISupported": false, + "ipmiSupported": true, + "iscsiSupported": true, + "latencySensitivitySupported": true, + "localSwapDatastoreSupported": true, + "loginBySSLThumbprintSupported": true, + "maintenanceModeSupported": true, + "markAsLocalSupported": true, + "markAsSsdSupported": true, + "maxHostRunningVms": 19, + "maxHostSupportedVcpus": 64, + "maxNumDisksSVMotion": 248, + "maxRegisteredVMs": 76, + "maxRunningVMs": 0, + "maxSupportedVMs": null, + "maxSupportedVcpus": null, + "maxVcpusPerFtVm": 4, + "messageBusProxySupported": true, + "multipleNetworkStackInstanceSupported": true, + "nestedHVSupported": true, + "nfs41Krb5iSupported": true, + "nfs41Supported": true, + "nfsSupported": true, + "nicTeamingSupported": true, + "oneKVolumeAPIsSupported": true, + "perVMNetworkTrafficShapingSupported": false, + "perVmSwapFiles": true, + "preAssignedPCIUnitNumbersSupported": true, + "provisioningNicSelectionSupported": true, + "rebootSupported": true, + "recordReplaySupported": false, + "recursiveResourcePoolsSupported": true, + "reliableMemoryAware": true, + "replayCompatibilityIssues": [], + "replayUnsupportedReason": "incompatibleCpu", + "restrictedSnapshotRelocateSupported": true, + "sanSupported": true, + "scaledScreenshotSupported": true, + "scheduledHardwareUpgradeSupported": true, + "screenshotSupported": true, + "servicePackageInfoSupported": true, + "shutdownSupported": true, + "smartCardAuthenticationSupported": true, + "smpFtCompatibilityIssues": [ + "haAgentIssue", + "missingFTLoggingNic", + "missingVMotionNic" + ], + "smpFtSupported": false, + "snapshotRelayoutSupported": true, + "standbySupported": true, + "storageIORMSupported": true, + "storagePolicySupported": true, + "storageVMotionSupported": true, + "supportedVmfsMajorVersion": [ + 5, + 6 + ], + "suspendedRelocateSupported": true, + "tpmSupported": false, + "turnDiskLocatorLedSupported": true, + "unsharedSwapVMotionSupported": true, + "upitSupported": null, + "vFlashSupported": true, + "vPMCSupported": false, + "vStorageCapable": true, + "virtualExecUsageSupported": true, + "virtualVolumeDatastoreSupported": true, + "vlanTaggingSupported": true, + "vmDirectPathGen2Supported": false, + "vmDirectPathGen2UnsupportedReason": [ + "hostNptIncompatibleHardware" + ], + "vmDirectPathGen2UnsupportedReasonExtended": null, + "vmfsDatastoreMountCapable": true, + "vmotionAcrossNetworkSupported": true, + "vmotionSupported": true, + "vmotionWithStorageVMotionSupported": true, + "vrNfcNicSelectionSupported": true, + "vsanSupported": true + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Capability_Info +> * ### esxi01 +> * accel3dSupported: False +> * backgroundSnapshotsSupported: False +> * checkpointFtSupported: False +> * cloneFromSnapshotSupported: True +> * cpuHwMmuSupported: True +> * cpuMemoryResourceConfigurationSupported: True +> * cryptoSupported: True +> * datastorePrincipalSupported: False +> * deltaDiskBackingsSupported: True +> * eightPlusHostVmfsSharedAccessSupported: True +> * encryptedVMotionSupported: True +> * encryptionCBRCSupported: False +> * encryptionChangeOnAddRemoveSupported: False +> * encryptionFaultToleranceSupported: False +> * encryptionHBRSupported: False +> * encryptionHotOperationSupported: False +> * encryptionMemorySaveSupported: False +> * encryptionRDMSupported: False +> * encryptionVFlashSupported: False +> * encryptionWithSnapshotsSupported: False +> * featureCapabilitiesSupported: True +> * firewallIpRulesSupported: True +> * ftSupported: False +> * gatewayOnNicSupported: True +> * hbrNicSelectionSupported: True +> * highGuestMemSupported: True +> * hostAccessManagerSupported: True +> * interVMCommunicationThroughVMCISupported: False +> * ipmiSupported: True +> * iscsiSupported: True +> * latencySensitivitySupported: True +> * localSwapDatastoreSupported: True +> * loginBySSLThumbprintSupported: True +> * maintenanceModeSupported: True +> * markAsLocalSupported: True +> * markAsSsdSupported: True +> * maxHostRunningVms: 19 +> * maxHostSupportedVcpus: 64 +> * maxNumDisksSVMotion: 248 +> * maxRegisteredVMs: 76 +> * maxRunningVMs: 0 +> * maxSupportedVMs: None +> * maxSupportedVcpus: None +> * maxVcpusPerFtVm: 4 +> * messageBusProxySupported: True +> * multipleNetworkStackInstanceSupported: True +> * nestedHVSupported: True +> * nfs41Krb5iSupported: True +> * nfs41Supported: True +> * nfsSupported: True +> * nicTeamingSupported: True +> * oneKVolumeAPIsSupported: True +> * perVMNetworkTrafficShapingSupported: False +> * perVmSwapFiles: True +> * preAssignedPCIUnitNumbersSupported: True +> * provisioningNicSelectionSupported: True +> * rebootSupported: True +> * recordReplaySupported: False +> * recursiveResourcePoolsSupported: True +> * reliableMemoryAware: True +> * replayUnsupportedReason: incompatibleCpu +> * restrictedSnapshotRelocateSupported: True +> * sanSupported: True +> * scaledScreenshotSupported: True +> * scheduledHardwareUpgradeSupported: True +> * screenshotSupported: True +> * servicePackageInfoSupported: True +> * shutdownSupported: True +> * smartCardAuthenticationSupported: True +> * smpFtSupported: False +> * snapshotRelayoutSupported: True +> * standbySupported: True +> * storageIORMSupported: True +> * storagePolicySupported: True +> * storageVMotionSupported: True +> * suspendedRelocateSupported: True +> * tpmSupported: False +> * turnDiskLocatorLedSupported: True +> * unsharedSwapVMotionSupported: True +> * upitSupported: None +> * vFlashSupported: True +> * vPMCSupported: False +> * vStorageCapable: True +> * virtualExecUsageSupported: True +> * virtualVolumeDatastoreSupported: True +> * vlanTaggingSupported: True +> * vmDirectPathGen2Supported: False +> * vmDirectPathGen2UnsupportedReasonExtended: None +> * vmfsDatastoreMountCapable: True +> * vmotionAcrossNetworkSupported: True +> * vmotionSupported: True +> * vmotionWithStorageVMotionSupported: True +> * vrNfcNicSelectionSupported: True +> * vsanSupported: True +> * #### Checkpointftcompatibilityissues +> * 0: haAgentIssue +> * 1: missingFTLoggingNic +> * 2: missingVMotionNic +> * #### Ftcompatibilityissues +> * 0: haAgentIssue +> * 1: incompatibleCpu +> * 2: missingFTLoggingNic +> * 3: missingVMotionNic +> * #### Replaycompatibilityissues +> * #### Smpftcompatibilityissues +> * 0: haAgentIssue +> * 1: missingFTLoggingNic +> * 2: missingVMotionNic +> * #### Supportedvmfsmajorversion +> * 0: 5 +> * 1: 6 +> * #### Vmdirectpathgen2Unsupportedreason +> * 0: hostNptIncompatibleHardware + + +### vmware-host-config-info +*** +Gathers info about an ESXi host's advance configuration information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_config_info_module.html + + +#### Base Command + +`vmware-host-config-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster from which the ESXi host belong to. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname to gather information from. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostConfigInfo.hosts_info | unknown | dict with hostname as key and dict with host config information | + + +#### Command Example +```!vmware-host-config-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostConfigInfo": [ + { + "changed": false, + "hosts_info": { + "esxi01": { + "Annotations.WelcomeMessage": "", + "BufferCache.FlushInterval": 30000, + "BufferCache.HardMaxDirty": 95, + "BufferCache.PerFileHardMaxDirty": 50, + "BufferCache.SoftMaxDirty": 15, + "CBRC.DCacheMemReserved": 400, + "CBRC.DCacheSize": 32768, + "CBRC.DigestJournalBootInterval": 10, + "CBRC.Enable": false, + "COW.COWMaxHeapSizeMB": 192, + "COW.COWMaxREPageCacheszMB": 256, + "COW.COWMinREPageCacheszMB": 0, + "COW.COWREPageCacheEviction": 1, + "Config.Defaults.cpuidMask.mode.0.eax": "disable", + "Config.Defaults.cpuidMask.mode.0.ebx": "disable", + "Config.Defaults.cpuidMask.mode.0.ecx": "disable", + "Config.Defaults.cpuidMask.mode.0.edx": "disable", + "Config.Defaults.cpuidMask.mode.1.eax": "disable", + "Config.Defaults.cpuidMask.mode.1.ebx": "disable", + "Config.Defaults.cpuidMask.mode.1.ecx": "disable", + "Config.Defaults.cpuidMask.mode.1.edx": "disable", + "Config.Defaults.cpuidMask.mode.80000000.eax": "disable", + "Config.Defaults.cpuidMask.mode.80000000.ebx": "disable", + "Config.Defaults.cpuidMask.mode.80000000.ecx": "disable", + "Config.Defaults.cpuidMask.mode.80000000.edx": "disable", + "Config.Defaults.cpuidMask.mode.80000001.eax": "disable", + "Config.Defaults.cpuidMask.mode.80000001.ebx": "disable", + "Config.Defaults.cpuidMask.mode.80000001.ecx": "disable", + "Config.Defaults.cpuidMask.mode.80000001.edx": "disable", + "Config.Defaults.cpuidMask.mode.80000008.eax": "disable", + "Config.Defaults.cpuidMask.mode.80000008.ebx": "disable", + "Config.Defaults.cpuidMask.mode.80000008.ecx": "disable", + "Config.Defaults.cpuidMask.mode.80000008.edx": "disable", + "Config.Defaults.cpuidMask.mode.8000000A.eax": "disable", + "Config.Defaults.cpuidMask.mode.8000000A.ebx": "disable", + "Config.Defaults.cpuidMask.mode.8000000A.ecx": "disable", + "Config.Defaults.cpuidMask.mode.8000000A.edx": "disable", + "Config.Defaults.cpuidMask.mode.d.eax": "disable", + "Config.Defaults.cpuidMask.mode.d.ebx": "disable", + "Config.Defaults.cpuidMask.mode.d.ecx": "disable", + "Config.Defaults.cpuidMask.mode.d.edx": "disable", + "Config.Defaults.cpuidMask.val.0.eax": "", + "Config.Defaults.cpuidMask.val.0.ebx": "", + "Config.Defaults.cpuidMask.val.0.ecx": "", + "Config.Defaults.cpuidMask.val.0.edx": "", + "Config.Defaults.cpuidMask.val.1.eax": "", + "Config.Defaults.cpuidMask.val.1.ebx": "", + "Config.Defaults.cpuidMask.val.1.ecx": "", + "Config.Defaults.cpuidMask.val.1.edx": "", + "Config.Defaults.cpuidMask.val.80000000.eax": "", + "Config.Defaults.cpuidMask.val.80000000.ebx": "", + "Config.Defaults.cpuidMask.val.80000000.ecx": "", + "Config.Defaults.cpuidMask.val.80000000.edx": "", + "Config.Defaults.cpuidMask.val.80000001.eax": "", + "Config.Defaults.cpuidMask.val.80000001.ebx": "", + "Config.Defaults.cpuidMask.val.80000001.ecx": "", + "Config.Defaults.cpuidMask.val.80000001.edx": "", + "Config.Defaults.cpuidMask.val.80000008.eax": "", + "Config.Defaults.cpuidMask.val.80000008.ebx": "", + "Config.Defaults.cpuidMask.val.80000008.ecx": "", + "Config.Defaults.cpuidMask.val.80000008.edx": "", + "Config.Defaults.cpuidMask.val.8000000A.eax": "", + "Config.Defaults.cpuidMask.val.8000000A.ebx": "", + "Config.Defaults.cpuidMask.val.8000000A.ecx": "", + "Config.Defaults.cpuidMask.val.8000000A.edx": "", + "Config.Defaults.cpuidMask.val.d.eax": "", + "Config.Defaults.cpuidMask.val.d.ebx": "", + "Config.Defaults.cpuidMask.val.d.ecx": "", + "Config.Defaults.cpuidMask.val.d.edx": "", + "Config.Defaults.security.host.ruissl": true, + "Config.Defaults.vGPU.consolidation": false, + "Config.Etc.issue": "", + "Config.Etc.motd": "The time and date of this login have been sent to the system logs.\n\nWARNING:\n All commands run on the ESXi shell are logged and may be included in\n support bundles. Do not provide passwords directly on the command line.\n Most tools can prompt for secrets or accept them from standard input.\n\n%1b[00mVMware offers supported, powerful system administration tools. Please\nsee www.vmware.com/go/sysadmintools for details.\n\nThe ESXi Shell can be disabled by an administrative user. See the\nvSphere Security documentation for more information.\n", + "Config.GlobalSettings.guest.commands.sharedPolicyRefCount": 0, + "Config.HostAgent.level[Hbrsvc].logLevel": "", + "Config.HostAgent.level[Hostsvc].logLevel": "", + "Config.HostAgent.level[Proxysvc].logLevel": "", + "Config.HostAgent.level[Snmpsvc].logLevel": "", + "Config.HostAgent.level[Statssvc].logLevel": "", + "Config.HostAgent.level[Vcsvc].logLevel": "", + "Config.HostAgent.level[Vimsvc].logLevel": "", + "Config.HostAgent.level[Vmsvc].logLevel": "", + "Config.HostAgent.log.level": "info", + "Config.HostAgent.plugins.hostsvc.esxAdminsGroup": "ESX Admins", + "Config.HostAgent.plugins.hostsvc.esxAdminsGroupAutoAdd": true, + "Config.HostAgent.plugins.hostsvc.esxAdminsGroupUpdateInterval": 1, + "Config.HostAgent.plugins.solo.enableMob": false, + "Config.HostAgent.plugins.solo.webServer.enableWebscriptLauncher": true, + "Config.HostAgent.plugins.vimsvc.authValidateInterval": 1440, + "Config.HostAgent.plugins.vimsvc.userSearch.maxResults": 100, + "Config.HostAgent.plugins.vimsvc.userSearch.maxTimeSeconds": 20, + "Config.HostAgent.plugins.vmsvc.enforceMaxRegisteredVms": true, + "Config.HostAgent.plugins.vmsvc.productLockerWatchInterval": 300, + "Cpu.ActionLoadThreshold": 10, + "Cpu.AllowWideVsmp": 0, + "Cpu.BoundLagQuanta": 8, + "Cpu.CommRateThreshold": 500, + "Cpu.CoschedCostartThreshold": 2000, + "Cpu.CoschedCostopThreshold": 3000, + "Cpu.CoschedCrossCall": 1, + "Cpu.CoschedExclusiveAffinity": 0, + "Cpu.CoschedHandoffLLC": 1, + "Cpu.CoschedHandoffSkip": 10, + "Cpu.CoschedPollUsec": 1000, + "Cpu.CreditAgePeriod": 3000, + "Cpu.FairnessRebalancePcpus": 4, + "Cpu.HTRebalancePeriod": 5, + "Cpu.HTStolenAgeThreshold": 8, + "Cpu.HTWholeCoreThreshold": 800, + "Cpu.HostRebalancePeriod": 100, + "Cpu.L2RebalancePeriod": 10, + "Cpu.L3RebalancePeriod": 20, + "Cpu.LimitEnforcementThreshold": 200, + "Cpu.MaxSampleRateLg": 7, + "Cpu.MoveCurrentRunnerPcpus": 4, + "Cpu.NonTimerWakeupRate": 500, + "Cpu.PackageRebalancePeriod": 20, + "Cpu.PcpuMigrateIdlePcpus": 4, + "Cpu.Quantum": 200, + "Cpu.UseMwait": 2, + "Cpu.VMAdmitCheckPerVcpuMin": 1, + "Cpu.WakeupMigrateIdlePcpus": 4, + "DCUI.Access": "root", + "DataMover.HardwareAcceleratedInit": 1, + "DataMover.HardwareAcceleratedMove": 1, + "DataMover.MaxHeapSize": 64, + "Digest.AlgoType": 1, + "Digest.BlockSize": 1, + "Digest.CollisionEnabled": 0, + "Digest.JournalCoverage": 8, + "Digest.UpdateOnClose": 0, + "DirentryCache.MaxDentryPerObj": 15000, + "Disk.AllowUsbClaimedAsSSD": 0, + "Disk.ApdTokenRetryCount": 25, + "Disk.AutoremoveOnPDL": 1, + "Disk.BandwidthCap": 4294967294, + "Disk.DelayOnBusy": 400, + "Disk.DeviceReclaimTime": 300, + "Disk.DisableVSCSIPollInBH": 1, + "Disk.DiskDelayPDLHelper": 10, + "Disk.DiskMaxIOSize": 32767, + "Disk.DiskReservationThreshold": 45, + "Disk.DiskRetryPeriod": 2000, + "Disk.DumpMaxRetries": 10, + "Disk.DumpPollDelay": 1000, + "Disk.DumpPollMaxRetries": 10000, + "Disk.EnableNaviReg": 1, + "Disk.FailDiskRegistration": 0, + "Disk.FastPathRestoreInterval": 100, + "Disk.IdleCredit": 32, + "Disk.MaxLUN": 1024, + "Disk.MaxResetLatency": 2000, + "Disk.NmpMaxCmdExtension": 0, + "Disk.PathEvalTime": 300, + "Disk.PreventVMFSOverwrite": 1, + "Disk.QFullSampleSize": 0, + "Disk.QFullThreshold": 8, + "Disk.ReqCallThreshold": 8, + "Disk.ResetLatency": 1000, + "Disk.ResetMaxRetries": 0, + "Disk.ResetOverdueLogPeriod": 60, + "Disk.ResetPeriod": 30, + "Disk.ResetThreadExpires": 1800, + "Disk.ResetThreadMax": 16, + "Disk.ResetThreadMin": 1, + "Disk.RetryUnitAttention": 1, + "Disk.ReturnCCForNoSpace": 0, + "Disk.SchedCostUnit": 32768, + "Disk.SchedQCleanupInterval": 300, + "Disk.SchedQControlSeqReqs": 128, + "Disk.SchedQControlVMSwitches": 6, + "Disk.SchedQPriorityPercentage": 80, + "Disk.SchedQuantum": 8, + "Disk.SchedReservationBurst": 1, + "Disk.SchedulerWithReservation": 1, + "Disk.SectorMaxDiff": 2000, + "Disk.SharesHigh": 2000, + "Disk.SharesLow": 500, + "Disk.SharesNormal": 1000, + "Disk.SupportSparseLUN": 1, + "Disk.ThroughputCap": 4294967294, + "Disk.UseDeviceReset": 1, + "Disk.UseIOWorlds": 1, + "Disk.UseIoPool": 0, + "Disk.UseLunReset": 1, + "Disk.UseReportLUN": 1, + "Disk.VSCSICoalesceCount": 1000, + "Disk.VSCSIPollPeriod": 1000, + "Disk.VSCSIResvCmdRetryInSecs": 1, + "Disk.VSCSIWriteSameBurstSize": 4, + "FSS.FSSLightWeightProbe": 1, + "FT.AckIntervalMax": 1000000, + "FT.AckIntervalMin": 0, + "FT.BackupConnectTimeout": 8000, + "FT.BackupExtraTimeout": 100, + "FT.BadExecLatency": 800, + "FT.BindToVmknic": 0, + "FT.ChargeVMXForFlush": 1, + "FT.CheckFCPathState": 1, + "FT.CheckForProgress": 0, + "FT.CoreDumpNoProgressMS": 0, + "FT.ExecLatencyKill": 0, + "FT.ExtraLogTimeout": 10000, + "FT.FTCptConcurrentSend": 1, + "FT.FTCptDelayCheckpoint": 2, + "FT.FTCptDiffCap": 100, + "FT.FTCptDiffThreads": 6, + "FT.FTCptDisableFailover": 0, + "FT.FTCptDiskWriteTimeout": 3000, + "FT.FTCptDontDelayPkts": 0, + "FT.FTCptDontSendPages": 0, + "FT.FTCptEpochList": "5,10,20,100", + "FT.FTCptEpochSample": 1000, + "FT.FTCptEpochWait": 8000, + "FT.FTCptIORetryExtraInterval": 200, + "FT.FTCptIORetryInterval": 10, + "FT.FTCptIORetryTimes": 15, + "FT.FTCptLogTimeout": 8000, + "FT.FTCptMaxPktsDelay": 0, + "FT.FTCptMinInterval": 4, + "FT.FTCptNetDelayNoCpt": 0, + "FT.FTCptNumConnections": 2, + "FT.FTCptNumaIndex": 0, + "FT.FTCptPagePolicy": 65538, + "FT.FTCptPoweroff": 0, + "FT.FTCptRcvBufSize": 562140, + "FT.FTCptSndBufSize": 562140, + "FT.FTCptStartTimeout": 90000, + "FT.FTCptStatsInterval": 30, + "FT.FTCptThreadPolicy": 65536, + "FT.FTCptVcpuMinUsage": 40, + "FT.FTCptWaitOnSocket": 1, + "FT.FillAffinity": 1, + "FT.FillWorldlet": 1, + "FT.FlushReservationMax": 25, + "FT.FlushReservationMin": 5, + "FT.FlushSleep": 0, + "FT.FlushWorldlet": 1, + "FT.GlobalFlushWorld": 0, + "FT.GoodExecLatency": 200, + "FT.HeartbeatCount": 10, + "FT.HostTimeout": 2000, + "FT.IORetryExtraInterval": 200, + "FT.IORetryInterval": 10, + "FT.IORetryTimes": 15, + "FT.LogBufferStallSleep": 1, + "FT.LogTimeout": 8000, + "FT.LongFlushDebugMS": 500, + "FT.MaxFlushInterval": 0, + "FT.MinWriteSize": 0, + "FT.NoWaitOnSocket": 0, + "FT.PanicNoProgressMS": 0, + "FT.PrimaryConnectTimeout": 8000, + "FT.ShortFlushDebugMS": 100, + "FT.TCPNoDelayBackup": 1, + "FT.TCPNoDelayPrimary": 1, + "FT.TCPPersistTimer": 500, + "FT.TCPRcvBufSize": 131072, + "FT.TCPSndBufSize": 131072, + "FT.UseHostMonitor": 0, + "FT.Vmknic": "", + "FT.XmitSyncQueueLen": 64, + "FT.adjDownInt": 10, + "FT.adjDownPct": 10, + "FT.adjUpInt": 200, + "FT.adjUpPct": 10, + "FT.execLatExtra": 500, + "FT.maxLowerBound": 20, + "FT.slowdownPctMax": 60, + "FT.slowdownTimeMax": 600, + "HBR.ChecksumIoSize": 8, + "HBR.ChecksumMaxIo": 8, + "HBR.ChecksumPerSlice": 2, + "HBR.ChecksumRegionSize": 256, + "HBR.ChecksumUseAllocInfo": 1, + "HBR.ChecksumUseChecksumInfo": 1, + "HBR.ChecksumZoneSize": 32768, + "HBR.CopySnapDiskMaxExtentCount": 16, + "HBR.CopySnapFidHashBuckets": 256, + "HBR.DemandlogCompletedHashBuckets": 8, + "HBR.DemandlogExtentHashBuckets": 512, + "HBR.DemandlogIoTimeoutSecs": 120, + "HBR.DemandlogReadRetries": 20, + "HBR.DemandlogRetryDelayMs": 10, + "HBR.DemandlogSendHashBuckets": 8, + "HBR.DemandlogTransferIoSize": 8, + "HBR.DemandlogTransferMaxIo": 4, + "HBR.DemandlogTransferMaxNetwork": 8, + "HBR.DemandlogTransferPerSlice": 2, + "HBR.DemandlogWriteRetries": 20, + "HBR.DisableChecksumOffload": 0, + "HBR.DisconnectedEventDelayMs": 60000, + "HBR.ErrThrottleChecksumIO": 1, + "HBR.ErrThrottleDceRead": 1, + "HBR.HbrBitmapAllocTimeoutMS": 3000, + "HBR.HbrBitmapVMMaxStorageGB": 65536, + "HBR.HbrBitmapVMMinStorageGB": 500, + "HBR.HbrDemandLogIOPerVM": 64, + "HBR.HbrDisableNetCompression": 1, + "HBR.HbrLowerExtentBreakGB": 8192, + "HBR.HbrLowerExtentSizeKB": 16, + "HBR.HbrMaxExtentSizeKB": 64, + "HBR.HbrMaxGuestXferWhileDeltaMB": 1024, + "HBR.HbrMaxUnmapExtents": 10, + "HBR.HbrMaxUnmapsInFlight": 128, + "HBR.HbrMinExtentBreakGB": 2048, + "HBR.HbrMinExtentSizeKB": 8, + "HBR.HbrOptimizeFullSync": 1, + "HBR.HbrResourceHeapPerVMSizeKB": 128, + "HBR.HbrResourceHeapSizeMB": 2, + "HBR.HbrResourceHeapUtilization": 95, + "HBR.HbrResourceMaxDiskContexts": 512, + "HBR.HbrRuntimeHeapMaxBaseMB": 1, + "HBR.HbrRuntimeHeapMinBaseMB": 1, + "HBR.HbrStaticHeapMaxBaseMB": 1, + "HBR.HbrStaticHeapMinBaseMB": 1, + "HBR.HbrUpperExtentBreakGB": 32768, + "HBR.HbrUpperExtentSizeKB": 32, + "HBR.HelperQueueMaxRequests": 8192, + "HBR.HelperQueueMaxWorlds": 8, + "HBR.LocalReadIoTimeoutSecs": 120, + "HBR.MigrateFlushTimerSecs": 3, + "HBR.NetworkUseCubic": 1, + "HBR.NetworkerRecvHashBuckets": 64, + "HBR.OpportunisticBlockListSize": 4000, + "HBR.ProgressReportIntervalMs": 5000, + "HBR.PsfIoTimeoutSecs": 300, + "HBR.ReconnectFailureDelaySecs": 10, + "HBR.ReconnectMaxDelaySecs": 90, + "HBR.ResourceServerHashBuckets": 8, + "HBR.RetryMaxDelaySecs": 60, + "HBR.RetryMinDelaySecs": 1, + "HBR.SyncTransferRetrySleepSecs": 5, + "HBR.TransferDiskMaxIo": 32, + "HBR.TransferDiskMaxNetwork": 64, + "HBR.TransferDiskPerSlice": 16, + "HBR.TransferFileExtentSize": 8192, + "HBR.TransferMaxContExtents": 8, + "HBR.WireChecksum": 1, + "HBR.XferBitmapCheckIntervalSecs": 10, + "ISCSI.MaxIoSizeKB": 128, + "Irq.BestVcpuRouting": 0, + "Irq.IRQActionAffinityWeight": 5, + "Irq.IRQAvoidExclusive": 1, + "Irq.IRQBHConflictWeight": 5, + "Irq.IRQRebalancePeriod": 50, + "Irq.IRQVcpuConflictWeight": 3, + "LPage.LPageAlwaysTryForNPT": 1, + "LPage.LPageDefragEnable": 1, + "LPage.LPageMarkLowNodes": 1, + "LPage.MaxSharedPages": 512, + "LPage.MaxSwappedPagesInitVal": 10, + "LPage.freePagesThresholdForRemote": 2048, + "LSOM.blkAttrCacheSizePercent": 0, + "Mem.AllocGuestLargePage": 1, + "Mem.CtlMaxPercent": 65, + "Mem.IdleTax": 75, + "Mem.IdleTaxType": 1, + "Mem.MemDefragClientsPerDir": 2, + "Mem.MemMinFreePct": 0, + "Mem.MemZipEnable": 1, + "Mem.MemZipMaxAllocPct": 50, + "Mem.MemZipMaxPct": 10, + "Mem.SampleActivePctMin": 1, + "Mem.SampleDirtiedPctMin": 0, + "Mem.ShareForceSalting": 2, + "Mem.ShareRateMax": 1024, + "Mem.ShareScanGHz": 4, + "Mem.ShareScanTime": 60, + "Mem.VMOverheadGrowthLimit": 4294967295, + "Migrate.AutoBindVmknic": 1, + "Migrate.BindToVmknic": 3, + "Migrate.CptCacheMaxSizeMB": 544, + "Migrate.DebugChecksumMismatch": 0, + "Migrate.DetectZeroPages": 1, + "Migrate.DisableResumeDuringPageIn": 0, + "Migrate.DiskOpsChunkSize": 131072, + "Migrate.DiskOpsEnabled": 0, + "Migrate.DiskOpsMaxRetries": 20, + "Migrate.DiskOpsStreamChunks": 40, + "Migrate.Enabled": 1, + "Migrate.GetPageSysAlertThresholdMS": 10000, + "Migrate.LowBandwidthSysAlertThreshold": 0, + "Migrate.LowMemWaitSysAlertThresholdMS": 10000, + "Migrate.MigrateCpuMinPctDefault": 30, + "Migrate.MigrateCpuPctPerGb": 10, + "Migrate.MigrateCpuSharesHighPriority": 60000, + "Migrate.MigrateCpuSharesRegular": 30000, + "Migrate.MonActionWaitSysAlertThresholdMS": 2000, + "Migrate.NetExpectedLineRateMBps": 133, + "Migrate.NetLatencyModeThreshold": 4, + "Migrate.NetTimeout": 20, + "Migrate.OutstandingReadKBMax": 128, + "Migrate.PanicOnChecksumMismatch": 0, + "Migrate.PreCopyCountDelay": 10, + "Migrate.PreCopyMinProgressPerc": 130, + "Migrate.PreCopyPagesPerSend": 32, + "Migrate.PreCopySwitchoverTimeGoal": 500, + "Migrate.PreallocLPages": 1, + "Migrate.ProhibitFork": 0, + "Migrate.RcvBufSize": 562540, + "Migrate.RdpiTransitionTimeMs": 1, + "Migrate.SdpsDynamicDelaySec": 30, + "Migrate.SdpsEnabled": 2, + "Migrate.SdpsTargetRate": 500, + "Migrate.SndBufSize": 562540, + "Migrate.TSMaster": 0, + "Migrate.TcpTsoDeferTx": 0, + "Migrate.TryToUseDefaultHeap": 1, + "Migrate.VASpaceReserveCount": 128, + "Migrate.VASpaceReserveSize": 768, + "Migrate.VMotionLatencySensitivity": 1, + "Migrate.VMotionResolveSwapType": 1, + "Migrate.VMotionStreamDisable": 0, + "Migrate.VMotionStreamHelpers": 0, + "Migrate.Vmknic": "", + "Misc.APDHandlingEnable": 1, + "Misc.APDTimeout": 140, + "Misc.BHTimeout": 0, + "Misc.BhTimeBound": 2000, + "Misc.BlueScreenTimeout": 0, + "Misc.ConsolePort": "none", + "Misc.DebugBuddyEnable": 0, + "Misc.DebugLogToSerial": 0, + "Misc.DefaultHardwareVersion": "", + "Misc.DsNsMgrTimeout": 1200000, + "Misc.EnableHighDMA": 1, + "Misc.GDBPort": "none", + "Misc.GuestLibAllowHostInfo": 0, + "Misc.HeapMgrGuardPages": 1, + "Misc.HeapPanicDestroyNonEmpty": 0, + "Misc.HeartbeatInterval": 1000, + "Misc.HeartbeatPanicTimeout": 900, + "Misc.HeartbeatTimeout": 90, + "Misc.HordeEnabled": 0, + "Misc.HostAgentUpdateLevel": "3", + "Misc.IntTimeout": 0, + "Misc.IoFilterWatchdogTimeout": 120, + "Misc.LogPort": "none", + "Misc.LogTimestampUptime": 0, + "Misc.LogToFile": 1, + "Misc.LogToSerial": 1, + "Misc.LogWldPrefix": 1, + "Misc.MCEMonitorInterval": 250, + "Misc.MetadataUpdateTimeoutMsec": 30000, + "Misc.MinimalPanic": 0, + "Misc.NMILint1IntAction": 0, + "Misc.PowerButton": 1, + "Misc.PowerOffEnable": 1, + "Misc.PreferredHostName": "", + "Misc.ProcVerbose": "", + "Misc.SIOControlFlag1": 0, + "Misc.SIOControlFlag2": 0, + "Misc.SIOControlLoglevel": 0, + "Misc.SIOControlOptions": "", + "Misc.ScreenSaverDelay": 0, + "Misc.ShaperStatsEnabled": 1, + "Misc.ShellPort": "none", + "Misc.TimerMaxHardPeriod": 500000, + "Misc.TimerTolerance": 2000, + "Misc.UsbArbitratorAutoStartDisabled": 0, + "Misc.UserDuctDynBufferSize": 16384, + "Misc.UserSocketUnixMaxBufferSize": 65536, + "Misc.WatchdogBacktrace": 0, + "Misc.WorldletActivationUS": 500, + "Misc.WorldletActivationsLimit": 8, + "Misc.WorldletGreedySampleMCycles": 10, + "Misc.WorldletGreedySampleRun": 256, + "Misc.WorldletIRQPenalty": 10, + "Misc.WorldletLoadThreshold": 90, + "Misc.WorldletLoadType": "medium", + "Misc.WorldletLocalityBonus": 10, + "Misc.WorldletLoosePenalty": 30, + "Misc.WorldletMigOverheadLLC": 4, + "Misc.WorldletMigOverheadRemote": 16, + "Misc.WorldletPreemptOverhead": 30, + "Misc.WorldletRemoteActivateOverhead": 0, + "Misc.WorldletWorldOverheadLLC": 0, + "Misc.WorldletWorldOverheadRemote": 10, + "Misc.vmmDisableL1DFlush": 0, + "Misc.vsanWitnessVirtualAppliance": 0, + "NFS.ApdStartCount": 3, + "NFS.DiskFileLockUpdateFreq": 10, + "NFS.HeartbeatDelta": 5, + "NFS.HeartbeatFrequency": 12, + "NFS.HeartbeatMaxFailures": 10, + "NFS.HeartbeatTimeout": 5, + "NFS.LockRenewMaxFailureNumber": 3, + "NFS.LockUpdateTimeout": 5, + "NFS.LogNfsStat3": 0, + "NFS.MaxQueueDepth": 4294967295, + "NFS.MaxVolumes": 8, + "NFS.ReceiveBufferSize": 1024, + "NFS.SendBufferSize": 1024, + "NFS.SyncRetries": 25, + "NFS.VolumeRemountFrequency": 30, + "NFS41.EOSDelay": 30, + "NFS41.IOTaskRetry": 25, + "NFS41.MaxRead": 4294967295, + "NFS41.MaxVolumes": 8, + "NFS41.MaxWrite": 4294967295, + "NFS41.MountTimeout": 30, + "NFS41.RecvBufSize": 1024, + "NFS41.SendBufSize": 1024, + "Net.AdvertisementDuration": 60, + "Net.AllowPT": 1, + "Net.BlockGuestBPDU": 0, + "Net.CoalesceDefaultOn": 1, + "Net.CoalesceFavorNoVmmVmkTx": 1, + "Net.CoalesceFineTimeoutCPU": 2, + "Net.CoalesceFineTxTimeout": 1000, + "Net.CoalesceFlexMrq": 1, + "Net.CoalesceLowRxRate": 4, + "Net.CoalesceLowTxRate": 4, + "Net.CoalesceMatchedQs": 1, + "Net.CoalesceMrqLt": 1, + "Net.CoalesceMrqMetricAllowTxOnly": 1, + "Net.CoalesceMrqMetricRxOnly": 0, + "Net.CoalesceMrqOverallStop": 0, + "Net.CoalesceMrqRatioMetric": 1, + "Net.CoalesceMrqTriggerReCalib": 1, + "Net.CoalesceMultiRxQCalib": 1, + "Net.CoalesceNoVmmVmkTx": 1, + "Net.CoalesceParams": "", + "Net.CoalesceRBCRate": 4000, + "Net.CoalesceRxLtStopCalib": 0, + "Net.CoalesceRxQDepthCap": 40, + "Net.CoalesceScheme": "rbc", + "Net.CoalesceTimeoutType": 2, + "Net.CoalesceTxAlwaysPoll": 1, + "Net.CoalesceTxQDepthCap": 40, + "Net.CoalesceTxTimeout": 4000, + "Net.DCBEnable": 1, + "Net.DVFilterBindIpAddress": "", + "Net.DVFilterPriorityRdLockEnable": 1, + "Net.DVSLargeHeapMaxSize": 80, + "Net.DontOffloadInnerIPv6": 0, + "Net.E1000IntrCoalesce": 1, + "Net.E1000TxCopySize": 2048, + "Net.E1000TxZeroCopy": 1, + "Net.EnableDMASgCons": 1, + "Net.EnableOuterCsum": 1, + "Net.EtherswitchAllowFastPath": 0, + "Net.EtherswitchHashSize": 1, + "Net.EtherswitchHeapMax": 512, + "Net.EtherswitchNumPerPCPUDispatchData": 3, + "Net.FollowHardwareMac": 1, + "Net.GuestIPHack": 0, + "Net.GuestTxCopyBreak": 64, + "Net.IGMPQueries": 2, + "Net.IGMPQueryInterval": 125, + "Net.IGMPRouterIP": "0.0.0.0", + "Net.IGMPV3MaxSrcIPNum": 10, + "Net.IGMPVersion": 3, + "Net.IOControlPnicOptOut": "", + "Net.LRODefBackoffPeriod": 8, + "Net.LRODefMaxLength": 65535, + "Net.LRODefThreshold": 4000, + "Net.LRODefUseRatioDenom": 3, + "Net.LRODefUseRatioNumer": 1, + "Net.LinkFlappingThreshold": 60, + "Net.LinkStatePollTimeout": 500, + "Net.MLDRouterIP": "FE80::FFFF:FFFF:FFFF:FFFF", + "Net.MLDV2MaxSrcIPNum": 10, + "Net.MLDVersion": 2, + "Net.MaxBeaconVlans": 100, + "Net.MaxBeaconsAtOnce": 100, + "Net.MaxGlobalRxQueueCount": 100000, + "Net.MaxNetifTxQueueLen": 2000, + "Net.MaxPageInQueueLen": 75, + "Net.MaxPktRxListQueue": 3500, + "Net.MaxPortRxQueueLen": 80, + "Net.MinEtherLen": 60, + "Net.NcpLlcSap": 0, + "Net.NetBHRxStormThreshold": 320, + "Net.NetDebugRARPTimerInter": 30000, + "Net.NetDeferTxCompletion": 1, + "Net.NetDiscUpdateIntrvl": 300, + "Net.NetEnableSwCsumForLro": 1, + "Net.NetEsxfwPassOutboundGRE": 1, + "Net.NetInStressTest": 0, + "Net.NetLatencyAwareness": 1, + "Net.NetMaxRarpsPerInterval": 128, + "Net.NetNetqMaxDefQueueFilters": 4096, + "Net.NetNetqNumaIOCpuPinThreshold": 0, + "Net.NetNetqRxRebalRSSLoadThresholdPerc": 10, + "Net.NetNetqTxPackKpps": 300, + "Net.NetNetqTxUnpackKpps": 600, + "Net.NetNiocAllowOverCommit": 1, + "Net.NetPTMgrWakeupInterval": 6, + "Net.NetPktAllocTries": 5, + "Net.NetPktSlabFreePercentThreshold": 2, + "Net.NetPortFlushIterLimit": 2, + "Net.NetPortFlushPktLimit": 64, + "Net.NetPortTrackTxRace": 0, + "Net.NetRmDistMacFilter": 1, + "Net.NetRmDistSamplingRate": 0, + "Net.NetRxCopyInTx": 0, + "Net.NetSchedCoalesceTxUsecs": 33, + "Net.NetSchedDefaultResPoolSharesPct": 5, + "Net.NetSchedDefaultSchedName": "fifo", + "Net.NetSchedECNEnabled": 1, + "Net.NetSchedECNThreshold": 70, + "Net.NetSchedHClkLeafQueueDepthPkt": 500, + "Net.NetSchedHClkMQ": 0, + "Net.NetSchedHClkMaxHwQueue": 2, + "Net.NetSchedHeapMaxSizeMB": 64, + "Net.NetSchedInFlightMaxBytesDefault": 20000, + "Net.NetSchedInFlightMaxBytesInsane": 1500000, + "Net.NetSchedMaxPktSend": 256, + "Net.NetSchedQoSSchedName": "hclk", + "Net.NetSchedSpareBasedShares": 1, + "Net.NetSendRARPOnPortEnablement": 1, + "Net.NetShaperQueuePerL3L4Flow": 1, + "Net.NetSplitRxMode": 1, + "Net.NetTraceEnable": 0, + "Net.NetTuneHostMode": "default", + "Net.NetTuneInterval": 60, + "Net.NetTuneThreshold": "1n 2n 50", + "Net.NetTxDontClusterSize": 0, + "Net.NetVMTxType": 2, + "Net.NetVmxnet3TxHangTimeout": 0, + "Net.NetpollSwLRO": 1, + "Net.NoLocalCSum": 0, + "Net.NotifySwitch": 1, + "Net.PTSwitchingTimeout": 20000, + "Net.PVRDMAVmknic": "", + "Net.PortDisableTimeout": 5000, + "Net.ReversePathFwdCheck": 1, + "Net.ReversePathFwdCheckPromisc": 0, + "Net.TcpipCopySmallTx": 1, + "Net.TcpipDefLROEnabled": 1, + "Net.TcpipDefLROMaxLength": 32768, + "Net.TcpipDgramRateLimiting": 1, + "Net.TcpipEnableABC": 1, + "Net.TcpipEnableFlowtable": 1, + "Net.TcpipEnableSendScaling": 1, + "Net.TcpipHWLRONoDelayAck": 1, + "Net.TcpipHeapMax": 1024, + "Net.TcpipHeapSize": 0, + "Net.TcpipIGMPDefaultVersion": 3, + "Net.TcpipIGMPRejoinInterval": 60, + "Net.TcpipLODispatchQueueMaxLen": 128, + "Net.TcpipLRONoDelayAck": 1, + "Net.TcpipLogPackets": 0, + "Net.TcpipLogPacketsCount": 24570, + "Net.TcpipMaxNetstackInstances": 48, + "Net.TcpipNoBcopyRx": 1, + "Net.TcpipPendPktSocketFreeTimeout": 300, + "Net.TcpipRxDispatchQueueMaxLen": 2000, + "Net.TcpipRxDispatchQueues": 1, + "Net.TcpipRxDispatchQuota": 200, + "Net.TcpipRxVmknicWorldletAffinityType": 0, + "Net.TcpipTxDispatchQuota": 100, + "Net.TcpipTxqBackoffTimeoutMs": 70, + "Net.TcpipTxqMaxUsageThreshold": 80, + "Net.TeamPolicyUpDelay": 100, + "Net.TrafficFilterIpAddress": "", + "Net.TsoDumpPkt": 0, + "Net.UplinkAbortDisconnectTimeout": 5000, + "Net.UplinkKillAsyncTimeout": 10000, + "Net.UplinkTxQueuesDispEnabled": 1, + "Net.UseHwCsumForIPv6Csum": 1, + "Net.UseHwIPv6Csum": 1, + "Net.UseHwTSO": 1, + "Net.UseHwTSO6": 1, + "Net.UseLegacyProc": 0, + "Net.UseProc": 0, + "Net.VLANMTUCheckMode": 1, + "Net.VmklnxLROEnabled": 0, + "Net.VmklnxLROMaxAggr": 6, + "Net.VmknicDoLroSplit": 0, + "Net.VmknicLroSplitBnd": 12, + "Net.Vmxnet2HwLRO": 1, + "Net.Vmxnet2PinRxBuf": 0, + "Net.Vmxnet2SwLRO": 1, + "Net.Vmxnet3HwLRO": 1, + "Net.Vmxnet3PageInBound": 32, + "Net.Vmxnet3RSSHashCache": 1, + "Net.Vmxnet3RxPollBound": 256, + "Net.Vmxnet3SwLRO": 1, + "Net.Vmxnet3WinIntrHints": 1, + "Net.Vmxnet3usePNICHash": 0, + "Net.VmxnetBiDirNeedsTsoTx": 1, + "Net.VmxnetBiDirNoTsoSplit": 1, + "Net.VmxnetCopyTxRunLimit": 16, + "Net.VmxnetDoLroSplit": 1, + "Net.VmxnetDoTsoSplit": 1, + "Net.VmxnetLROBackoffPeriod": 8, + "Net.VmxnetLROMaxLength": 32000, + "Net.VmxnetLROThreshold": 4000, + "Net.VmxnetLROUseRatioDenom": 3, + "Net.VmxnetLROUseRatioNumer": 2, + "Net.VmxnetLroSplitBnd": 64, + "Net.VmxnetPromDisableLro": 1, + "Net.VmxnetSwLROSL": 1, + "Net.VmxnetTsoSplitBnd": 12, + "Net.VmxnetTsoSplitSize": 17500, + "Net.VmxnetTxCopySize": 256, + "Net.VmxnetWinCopyTxRunLimit": 65535, + "Net.VmxnetWinUDPTxFullCopy": 1, + "Net.vNicNumDeferredReset": 12, + "Net.vNicTxPollBound": 192, + "Net.vmxnetThroughputWeight": 0, + "Nmp.NmpPReservationCmdRetryTime": 1, + "Nmp.NmpSatpAluaCmdRetryTime": 10, + "Numa.CoreCapRatioPct": 90, + "Numa.CostopSkewAdjust": 1, + "Numa.FollowCoresPerSocket": 0, + "Numa.LTermFairnessInterval": 5, + "Numa.LTermMigImbalThreshold": 10, + "Numa.LargeInterleave": 1, + "Numa.LocalityWeightActionAffinity": 130, + "Numa.LocalityWeightMem": 1, + "Numa.MigImbalanceThreshold": 10, + "Numa.MigPreventLTermThresh": 0, + "Numa.MigThrashThreshold": 50, + "Numa.MigThreshold": 2, + "Numa.MonMigEnable": 1, + "Numa.PageMigEnable": 1, + "Numa.PageMigLinearRun": 95, + "Numa.PageMigRandomRun": 5, + "Numa.PageMigRateMax": 8000, + "Numa.PreferHT": 0, + "Numa.RebalanceCoresNode": 2, + "Numa.RebalanceCoresTotal": 4, + "Numa.RebalanceEnable": 1, + "Numa.RebalancePeriod": 2000, + "Numa.SwapConsiderPeriod": 15, + "Numa.SwapInterval": 3, + "Numa.SwapLoadEnable": 1, + "Numa.SwapLocalityEnable": 1, + "Numa.SwapMigrateOnly": 2, + "Power.CStateMaxLatency": 500, + "Power.CStatePredictionCoef": 110479, + "Power.CStateResidencyCoef": 5, + "Power.ChargeMemoryPct": 20, + "Power.MaxCpuLoad": 60, + "Power.MaxFreqPct": 100, + "Power.MinFreqPct": 0, + "Power.PerfBias": 17, + "Power.PerfBiasEnable": 1, + "Power.TimerHz": 100, + "Power.UseCStates": 1, + "Power.UsePStates": 1, + "RdmFilter.HbaIsShared": true, + "ScratchConfig.ConfiguredScratchLocation": "", + "ScratchConfig.CurrentScratchLocation": "/tmp/scratch", + "Scsi.ChangeQErrSetting": 1, + "Scsi.CompareLUNNumber": 1, + "Scsi.ExtendAPDCondition": 0, + "Scsi.FailVMIOonAPD": 0, + "Scsi.LogCmdErrors": 1, + "Scsi.LogCmdRCErrorsFreq": 0, + "Scsi.LogMPCmdErrors": 1, + "Scsi.LogScsiAborts": 0, + "Scsi.LunCleanupInterval": 7, + "Scsi.MaxReserveBacktrace": 0, + "Scsi.MaxReserveTime": 200, + "Scsi.MaxReserveTotalTime": 250, + "Scsi.PassthroughLocking": 1, + "Scsi.ReserveBacktrace": 0, + "Scsi.SCSIEnableDescToFixedConv": 1, + "Scsi.SCSIEnableIOLatencyMsgs": 0, + "Scsi.SCSIStrictSPCVersionChecksForPEs": 0, + "Scsi.SCSITimeout_ReabortTime": 5000, + "Scsi.SCSITimeout_ScanTime": 1000, + "Scsi.SCSIioTraceBufSizeMB": 1, + "Scsi.ScanOnDriverLoad": 1, + "Scsi.ScanSync": 0, + "Scsi.ScsiRestartStalledQueueLatency": 500, + "Scsi.ScsiVVolPESNRO": 128, + "Scsi.TimeoutTMThreadExpires": 1800, + "Scsi.TimeoutTMThreadLatency": 2000, + "Scsi.TimeoutTMThreadMax": 16, + "Scsi.TimeoutTMThreadMin": 1, + "Scsi.TimeoutTMThreadRetry": 2000, + "Scsi.TransFailLogPct": 20, + "Scsi.UseAdaptiveRetries": 1, + "Security.AccountLockFailures": 5, + "Security.AccountUnlockTime": 900, + "Security.PasswordQualityControl": "retry=3 min=disabled,disabled,disabled,7,7", + "SunRPC.MaxConnPerIP": 4, + "SunRPC.SendLowat": 25, + "SunRPC.WorldletAffinity": 2, + "SvMotion.SvMotionAvgDisksPerVM": 8, + "Syslog.global.defaultRotate": 8, + "Syslog.global.defaultSize": 1024, + "Syslog.global.logDir": "[] /scratch/log", + "Syslog.global.logDirUnique": false, + "Syslog.global.logHost": "192.168.1.200", + "Syslog.loggers.Xorg.rotate": 8, + "Syslog.loggers.Xorg.size": 1024, + "Syslog.loggers.auth.rotate": 8, + "Syslog.loggers.auth.size": 1024, + "Syslog.loggers.clomd.rotate": 8, + "Syslog.loggers.clomd.size": 1024, + "Syslog.loggers.cmmdsTimeMachine.rotate": 8, + "Syslog.loggers.cmmdsTimeMachine.size": 1024, + "Syslog.loggers.cmmdsTimeMachineDump.rotate": 20, + "Syslog.loggers.cmmdsTimeMachineDump.size": 10240, + "Syslog.loggers.ddecomd.rotate": 8, + "Syslog.loggers.ddecomd.size": 1024, + "Syslog.loggers.dhclient.rotate": 8, + "Syslog.loggers.dhclient.size": 1024, + "Syslog.loggers.epd.rotate": 8, + "Syslog.loggers.epd.size": 1024, + "Syslog.loggers.esxupdate.rotate": 8, + "Syslog.loggers.esxupdate.size": 1024, + "Syslog.loggers.fdm.rotate": 8, + "Syslog.loggers.fdm.size": 1024, + "Syslog.loggers.hbrca.rotate": 8, + "Syslog.loggers.hbrca.size": 1024, + "Syslog.loggers.hostd-probe.rotate": 8, + "Syslog.loggers.hostd-probe.size": 1024, + "Syslog.loggers.hostd.rotate": 8, + "Syslog.loggers.hostd.size": 1024, + "Syslog.loggers.hostdCgiServer.rotate": 8, + "Syslog.loggers.hostdCgiServer.size": 1024, + "Syslog.loggers.hostprofiletrace.rotate": 8, + "Syslog.loggers.hostprofiletrace.size": 1024, + "Syslog.loggers.iofiltervpd.rotate": 8, + "Syslog.loggers.iofiltervpd.size": 1024, + "Syslog.loggers.lacp.rotate": 8, + "Syslog.loggers.lacp.size": 1024, + "Syslog.loggers.nfcd.rotate": 8, + "Syslog.loggers.nfcd.size": 1024, + "Syslog.loggers.osfsd.rotate": 8, + "Syslog.loggers.osfsd.size": 1024, + "Syslog.loggers.rabbitmqproxy.rotate": 8, + "Syslog.loggers.rabbitmqproxy.size": 1024, + "Syslog.loggers.rhttpproxy.rotate": 8, + "Syslog.loggers.rhttpproxy.size": 1024, + "Syslog.loggers.sdrsInjector.rotate": 8, + "Syslog.loggers.sdrsInjector.size": 1024, + "Syslog.loggers.shell.rotate": 8, + "Syslog.loggers.shell.size": 1024, + "Syslog.loggers.storageRM.rotate": 8, + "Syslog.loggers.storageRM.size": 1024, + "Syslog.loggers.swapobjd.rotate": 8, + "Syslog.loggers.swapobjd.size": 1024, + "Syslog.loggers.syslog.rotate": 8, + "Syslog.loggers.syslog.size": 1024, + "Syslog.loggers.upitd.rotate": 8, + "Syslog.loggers.upitd.size": 1024, + "Syslog.loggers.usb.rotate": 8, + "Syslog.loggers.usb.size": 1024, + "Syslog.loggers.vitd.rotate": 8, + "Syslog.loggers.vitd.size": 10240, + "Syslog.loggers.vmauthd.rotate": 8, + "Syslog.loggers.vmauthd.size": 1024, + "Syslog.loggers.vmkdevmgr.rotate": 8, + "Syslog.loggers.vmkdevmgr.size": 1024, + "Syslog.loggers.vmkernel.rotate": 8, + "Syslog.loggers.vmkernel.size": 1024, + "Syslog.loggers.vmkeventd.rotate": 8, + "Syslog.loggers.vmkeventd.size": 1024, + "Syslog.loggers.vmksummary.rotate": 8, + "Syslog.loggers.vmksummary.size": 1024, + "Syslog.loggers.vmkwarning.rotate": 8, + "Syslog.loggers.vmkwarning.size": 1024, + "Syslog.loggers.vobd.rotate": 8, + "Syslog.loggers.vobd.size": 1024, + "Syslog.loggers.vprobe.rotate": 8, + "Syslog.loggers.vprobe.size": 1024, + "Syslog.loggers.vpxa.rotate": 8, + "Syslog.loggers.vpxa.size": 1024, + "Syslog.loggers.vsanSoapServer.rotate": 8, + "Syslog.loggers.vsanSoapServer.size": 5120, + "Syslog.loggers.vsanmgmt.rotate": 8, + "Syslog.loggers.vsanmgmt.size": 10240, + "Syslog.loggers.vsansystem.rotate": 10, + "Syslog.loggers.vsansystem.size": 10240, + "Syslog.loggers.vsantraceUrgent.rotate": 8, + "Syslog.loggers.vsantraceUrgent.size": 1024, + "Syslog.loggers.vvold.rotate": 16, + "Syslog.loggers.vvold.size": 8192, + "User.PTEDisableNX": 0, + "User.ReaddirRetries": 10, + "UserVars.ActiveDirectoryPreferredDomainControllers": "", + "UserVars.ActiveDirectoryVerifyCAMCertificate": 1, + "UserVars.DcuiTimeOut": 600, + "UserVars.ESXiShellInteractiveTimeOut": 0, + "UserVars.ESXiShellTimeOut": 0, + "UserVars.ESXiVPsAllowedCiphers": "!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES", + "UserVars.ESXiVPsDisabledProtocols": "sslv3", + "UserVars.EsximageNetRateLimit": 0, + "UserVars.EsximageNetRetries": 10, + "UserVars.EsximageNetTimeout": 60, + "UserVars.HardwareHealthIgnoredSensors": "", + "UserVars.HardwareHealthSyncTime": 360, + "UserVars.HostClientCEIPOptIn": 2, + "UserVars.HostClientDefaultConsole": "webmks", + "UserVars.HostClientEnableMOTDNotification": 1, + "UserVars.HostClientEnableVisualEffects": 1, + "UserVars.HostClientSessionTimeout": 900, + "UserVars.HostClientShowOnlyRecentObjects": 1, + "UserVars.HostClientWelcomeMessage": "Welcome to {{hostname}}", + "UserVars.HostdStatsstoreRamdiskSize": 0, + "UserVars.ProductLockerLocation": "/locker/packages/6.5.0/", + "UserVars.SuppressCoredumpWarning": 0, + "UserVars.SuppressHyperthreadWarning": 0, + "UserVars.SuppressShellWarning": 1, + "UserVars.ToolsRamdisk": 0, + "UserVars.vGhettoSetup": 1, + "VFLASH.CacheStatsEnable": 1, + "VFLASH.CacheStatsFromVFC": 1, + "VFLASH.MaxCacheFileSizeMB": 409600, + "VFLASH.MaxDiskFileSizeGB": 16384, + "VFLASH.MaxHeapSizeMB": 32, + "VFLASH.MaxResourceGBForVmCache": 2048, + "VFLASH.ResourceUsageThreshold": 80, + "VMFS.UnresolvedVolumeLiveCheck": true, + "VMFS3.EnableBlockDelete": 0, + "VMFS3.FailVolumeOpenIfAPD": 0, + "VMFS3.HardwareAcceleratedLocking": 1, + "VMFS3.LFBCSlabSizeMaxMB": 8, + "VMFS3.MaxAddressableSpaceTB": 32, + "VMFS3.MaxHeapSizeMB": 256, + "VMFS3.MaxextendedTxnsUsingfs3Heap": 20, + "VMFS3.MinAddressableSpaceTB": 0, + "VMFS3.OpenWithoutJournal": 1, + "VMFS3.PBCapMissRatioIntervalSec": 60, + "VMFS3.StAtExclLockEnd": 0, + "VMFS3.UseATSForHBOnVMFS5": 1, + "VMkernel.Boot.allowNonNX": false, + "VMkernel.Boot.autoCreateDumpFile": true, + "VMkernel.Boot.autoPartition": false, + "VMkernel.Boot.autoPartitionCreateUSBCoreDumpPartition": false, + "VMkernel.Boot.autoPartitionDiskDumpPartitionSize": 2560, + "VMkernel.Boot.bootDeviceRescanTimeout": 1, + "VMkernel.Boot.busSpeedMayVary": false, + "VMkernel.Boot.cacheFlushImmOnAllHalt": false, + "VMkernel.Boot.checkCPUIDLimit": true, + "VMkernel.Boot.checkPages": false, + "VMkernel.Boot.com1_baud": 115200, + "VMkernel.Boot.com2_baud": 115200, + "VMkernel.Boot.coresPerPkg": 0, + "VMkernel.Boot.debugBreak": false, + "VMkernel.Boot.debugLogToSerial": 2, + "VMkernel.Boot.disableACSCheck": false, + "VMkernel.Boot.disableCFOH": false, + "VMkernel.Boot.disableHwrng": false, + "VMkernel.Boot.diskDumpSlotSize": 0, + "VMkernel.Boot.dmaEngineExposeIdentityMapping": true, + "VMkernel.Boot.dmaMapperPolicy": "disabled", + "VMkernel.Boot.enableACSCheckForRP": false, + "VMkernel.Boot.execInstalledOnly": false, + "VMkernel.Boot.fsCheck": false, + "VMkernel.Boot.gdbPort": "default", + "VMkernel.Boot.generalCriticalMemory": 0, + "VMkernel.Boot.heapCheckTimerInterval": 10, + "VMkernel.Boot.heapFreeOwnerCheck": false, + "VMkernel.Boot.heapFreePoisonByte": 255, + "VMkernel.Boot.heapMetaPoisonByte": 90, + "VMkernel.Boot.heapMetadataProtect": false, + "VMkernel.Boot.heapMgrTotalVASpaceGB": 512, + "VMkernel.Boot.heapPoisonFreeMem": false, + "VMkernel.Boot.heapPoisonTimerChecks": false, + "VMkernel.Boot.hyperthreading": true, + "VMkernel.Boot.hyperthreadingMitigation": false, + "VMkernel.Boot.ignoreMsrFaults": false, + "VMkernel.Boot.intrBalancingEnabled": true, + "VMkernel.Boot.ioAbilityChecks": false, + "VMkernel.Boot.iovDisableIR": false, + "VMkernel.Boot.ipmiEnabled": true, + "VMkernel.Boot.isPerFileSchedModelActive": true, + "VMkernel.Boot.leaveWakeGPEsDisabled": true, + "VMkernel.Boot.logPort": "default", + "VMkernel.Boot.maxLogEntries": 0, + "VMkernel.Boot.maxPCPUS": 576, + "VMkernel.Boot.maxPCPUsNUMAInterleaving": true, + "VMkernel.Boot.maxVMs": 0, + "VMkernel.Boot.memCheckEveryWord": false, + "VMkernel.Boot.memLowReservedMB": 0, + "VMkernel.Boot.memmapMaxEarlyPoisonMemMB": 65536, + "VMkernel.Boot.memmapMaxPhysicalMemMB": 16777216, + "VMkernel.Boot.memmapMaxRAMMB": 12582912, + "VMkernel.Boot.microcodeUpdate": true, + "VMkernel.Boot.microcodeUpdateForce": false, + "VMkernel.Boot.netCoalesceTimerHdlrPcpu": 0, + "VMkernel.Boot.netGPHeapMaxMBPerGB": 4, + "VMkernel.Boot.netMaxPktsToProcess": 64, + "VMkernel.Boot.netNetqueueEnabled": true, + "VMkernel.Boot.netPagePoolLimitCap": 98304, + "VMkernel.Boot.netPagePoolLimitPerGB": 5120, + "VMkernel.Boot.netPagePoolResvCap": 0, + "VMkernel.Boot.netPagePoolResvPerGB": 0, + "VMkernel.Boot.netPktHeapMaxMBPerGB": 6, + "VMkernel.Boot.netPktHeapMinMBPerGB": 0, + "VMkernel.Boot.netPktPoolMaxMBPerGB": 75, + "VMkernel.Boot.netPktPoolMinMBPerGB": 0, + "VMkernel.Boot.netPreemptionEnabled": false, + "VMkernel.Boot.nmiAction": 0, + "VMkernel.Boot.numaLatencyRemoteThresholdPct": 10, + "VMkernel.Boot.overrideDuplicateImageDetection": false, + "VMkernel.Boot.pciBarAllocPolicy": 0, + "VMkernel.Boot.pcipDisablePciErrReporting": true, + "VMkernel.Boot.poisonMarker": -6148914691236517000, + "VMkernel.Boot.poisonPagePool": false, + "VMkernel.Boot.preferVmklinux": false, + "VMkernel.Boot.preventFreePageMapping": false, + "VMkernel.Boot.rdmaRoceIPBasedGidGeneration": true, + "VMkernel.Boot.rtcEnableEFI": true, + "VMkernel.Boot.rtcEnableLegacy": true, + "VMkernel.Boot.rtcEnableTAD": true, + "VMkernel.Boot.scrubIgnoredPages": false, + "VMkernel.Boot.scrubMemoryAfterModuleLoad": false, + "VMkernel.Boot.serialUntrusted": true, + "VMkernel.Boot.skipPartitioningSsds": false, + "VMkernel.Boot.storageHeapMaxSize": 0, + "VMkernel.Boot.storageHeapMinSize": 0, + "VMkernel.Boot.storageMaxDevices": 512, + "VMkernel.Boot.storageMaxPaths": 2048, + "VMkernel.Boot.storageMaxVMsPerDevice": 32, + "VMkernel.Boot.terminateVMOnPDL": false, + "VMkernel.Boot.timerEnableACPI": true, + "VMkernel.Boot.timerEnableHPET": true, + "VMkernel.Boot.timerEnableTSC": true, + "VMkernel.Boot.timerForceTSC": false, + "VMkernel.Boot.tscSpeedMayVary": false, + "VMkernel.Boot.tty1Port": "default", + "VMkernel.Boot.tty2Port": "default", + "VMkernel.Boot.updateBusIRQ": false, + "VMkernel.Boot.useNUMAInfo": true, + "VMkernel.Boot.useReliableMem": true, + "VMkernel.Boot.useSLIT": true, + "VMkernel.Boot.vmkATKeyboard": false, + "VMkernel.Boot.vmkacEnable": 1, + "VMkernel.Boot.vtdSuperPages": true, + "VSAN-iSCSI.iscsiPingTimeout": 5, + "VSAN.AutoTerminateGhostVm": 1, + "VSAN.ClomMaxComponentSizeGB": 255, + "VSAN.ClomMaxDiskUsageRepairComps": 95, + "VSAN.ClomRebalanceThreshold": 80, + "VSAN.ClomRepairDelay": 60, + "VSAN.DedupScope": 0, + "VSAN.DefaultHostDecommissionMode": "ensureAccessibility", + "VSAN.DomBriefIoTraces": 0, + "VSAN.DomFullIoTraces": 0, + "VSAN.DomLongOpTraceMS": 1000, + "VSAN.DomLongOpUrgentTraceMS": 10000, + "VSAN.ObjectScrubsPerYear": 1, + "VSAN.PerTraceBandwidthLimit": 0, + "VSAN.PerTraceBandwidthLimitPeriodMs": 10000, + "VSAN.PerTraceMaxRolloverPeriods": 360, + "VSAN.SwapThickProvisionDisabled": 1, + "VSAN.TraceEnableCmmds": 1, + "VSAN.TraceEnableDom": 1, + "VSAN.TraceEnableDomIo": 0, + "VSAN.TraceEnableLchk": 1, + "VSAN.TraceEnableLsom": 1, + "VSAN.TraceEnablePlog": 1, + "VSAN.TraceEnableRdt": 1, + "VSAN.TraceEnableSsdLog": 1, + "VSAN.TraceEnableVirsto": 1, + "VSAN.TraceEnableVsanSparse": 1, + "VSAN.TraceEnableVsanSparseIO": 0, + "VSAN.TraceEnableVsanSparseVerbose": 0, + "VSAN.TraceGlobalBandwidthLimit": 0, + "VSAN.TraceGlobalBandwidthLimitPeriodMs": 10000, + "VSAN.TraceGlobalMaxRolloverPeriods": 360, + "VSAN.VsanSparseCacheOverEvict": 5, + "VSAN.VsanSparseCacheThreshold": 1024, + "VSAN.VsanSparseEnabled": 1, + "VSAN.VsanSparseHeapSize": 65536, + "VSAN.VsanSparseMaxExtentsPrefetch": 64, + "VSAN.VsanSparseParallelLookup": 1, + "VSAN.VsanSparseRetainCacheOnSnapshots": 1, + "VSAN.VsanSparseRetainCacheTTL": 20, + "VSAN.VsanSparseSpeculativePrefetch": 4194304, + "Virsto.DiskFormatVersion": 5, + "Virsto.Enabled": 1, + "Virsto.FlusherRegistryThreshold": 50, + "Virsto.GweFetchExtentsFactor": 3, + "Virsto.InstanceHeapLimit": 130, + "Virsto.MapBlocksFlushThreshold": 90, + "Virsto.MapBlocksMin": 16384, + "Virsto.MaxMFRetryCount": 3, + "Virsto.MsecBeforeMetaFlush": 10000, + "Virsto.RecordsPerFormatWrite": 16, + "Virsto.SharedHeapLimit": 4, + "Vpx.Vpxa.config.httpNfc.accessMode": "proxyAuto", + "Vpx.Vpxa.config.httpNfc.enabled": "true", + "Vpx.Vpxa.config.level[SoapAdapter.HTTPService.HttpConnection].logLevel": "info", + "Vpx.Vpxa.config.level[SoapAdapter.HTTPService.HttpConnection].logName": "SoapAdapter.HTTPService.HttpConnection", + "Vpx.Vpxa.config.level[SoapAdapter.HTTPService].logLevel": "info", + "Vpx.Vpxa.config.level[SoapAdapter.HTTPService].logName": "SoapAdapter.HTTPService", + "Vpx.Vpxa.config.log.level": "verbose", + "Vpx.Vpxa.config.log.maxFileNum": "10", + "Vpx.Vpxa.config.log.maxFileSize": "1048576", + "Vpx.Vpxa.config.log.memoryLevel": "verbose", + "Vpx.Vpxa.config.log.outputToConsole": "false", + "Vpx.Vpxa.config.log.outputToFiles": "false", + "Vpx.Vpxa.config.log.outputToSyslog": "true", + "Vpx.Vpxa.config.log.syslog.facility": "local4", + "Vpx.Vpxa.config.log.syslog.ident": "Vpxa", + "Vpx.Vpxa.config.log.syslog.logHeaderFile": "/var/run/vmware/vpxaLogHeader.txt", + "Vpx.Vpxa.config.nfc.loglevel": "error", + "Vpx.Vpxa.config.task.completedMaxEntries": "1000", + "Vpx.Vpxa.config.task.maxThreads": "98", + "Vpx.Vpxa.config.task.minCompletedLifetime": "120", + "Vpx.Vpxa.config.trace.mutex.profiledMutexes": "InvtLock", + "Vpx.Vpxa.config.trace.vmomi.calls": "false", + "Vpx.Vpxa.config.vmacore.http.defaultClientPoolConnectionsPerServer": "300", + "Vpx.Vpxa.config.vmacore.soap.sessionTimeout": "1440", + "Vpx.Vpxa.config.vmacore.ssl.doVersionCheck": "false", + "Vpx.Vpxa.config.vmacore.threadPool.IoMax": "9", + "Vpx.Vpxa.config.vmacore.threadPool.TaskMax": "4", + "Vpx.Vpxa.config.vmacore.threadPool.ThreadStackSizeKb": "128", + "Vpx.Vpxa.config.vmacore.threadPool.threadNamePrefix": "vpxa", + "Vpx.Vpxa.config.vpxa.bundleVersion": "1000000", + "Vpx.Vpxa.config.vpxa.datastorePrincipal": "root", + "Vpx.Vpxa.config.vpxa.hostIp": "esxi01", + "Vpx.Vpxa.config.vpxa.hostPort": "443", + "Vpx.Vpxa.config.vpxa.licenseExpiryNotificationThreshold": "15", + "Vpx.Vpxa.config.vpxa.memoryCheckerTimeInSecs": "30", + "Vpx.Vpxa.config.workingDir": "/var/log/vmware/vpx", + "XvMotion.VMFSOptimizations": 1 + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Info +> * ### esxi01 +> * Annotations.WelcomeMessage: +> * BufferCache.FlushInterval: 30000 +> * BufferCache.HardMaxDirty: 95 +> * BufferCache.PerFileHardMaxDirty: 50 +> * BufferCache.SoftMaxDirty: 15 +> * CBRC.DCacheMemReserved: 400 +> * CBRC.DCacheSize: 32768 +> * CBRC.DigestJournalBootInterval: 10 +> * CBRC.Enable: False +> * COW.COWMaxHeapSizeMB: 192 +> * COW.COWMaxREPageCacheszMB: 256 +> * COW.COWMinREPageCacheszMB: 0 +> * COW.COWREPageCacheEviction: 1 +> * Config.Defaults.cpuidMask.mode.0.eax: disable +> * Config.Defaults.cpuidMask.mode.0.ebx: disable +> * Config.Defaults.cpuidMask.mode.0.ecx: disable +> * Config.Defaults.cpuidMask.mode.0.edx: disable +> * Config.Defaults.cpuidMask.mode.1.eax: disable +> * Config.Defaults.cpuidMask.mode.1.ebx: disable +> * Config.Defaults.cpuidMask.mode.1.ecx: disable +> * Config.Defaults.cpuidMask.mode.1.edx: disable +> * Config.Defaults.cpuidMask.mode.80000000.eax: disable +> * Config.Defaults.cpuidMask.mode.80000000.ebx: disable +> * Config.Defaults.cpuidMask.mode.80000000.ecx: disable +> * Config.Defaults.cpuidMask.mode.80000000.edx: disable +> * Config.Defaults.cpuidMask.mode.80000001.eax: disable +> * Config.Defaults.cpuidMask.mode.80000001.ebx: disable +> * Config.Defaults.cpuidMask.mode.80000001.ecx: disable +> * Config.Defaults.cpuidMask.mode.80000001.edx: disable +> * Config.Defaults.cpuidMask.mode.80000008.eax: disable +> * Config.Defaults.cpuidMask.mode.80000008.ebx: disable +> * Config.Defaults.cpuidMask.mode.80000008.ecx: disable +> * Config.Defaults.cpuidMask.mode.80000008.edx: disable +> * Config.Defaults.cpuidMask.mode.8000000A.eax: disable +> * Config.Defaults.cpuidMask.mode.8000000A.ebx: disable +> * Config.Defaults.cpuidMask.mode.8000000A.ecx: disable +> * Config.Defaults.cpuidMask.mode.8000000A.edx: disable +> * Config.Defaults.cpuidMask.mode.d.eax: disable +> * Config.Defaults.cpuidMask.mode.d.ebx: disable +> * Config.Defaults.cpuidMask.mode.d.ecx: disable +> * Config.Defaults.cpuidMask.mode.d.edx: disable +> * Config.Defaults.cpuidMask.val.0.eax: +> * Config.Defaults.cpuidMask.val.0.ebx: +> * Config.Defaults.cpuidMask.val.0.ecx: +> * Config.Defaults.cpuidMask.val.0.edx: +> * Config.Defaults.cpuidMask.val.1.eax: +> * Config.Defaults.cpuidMask.val.1.ebx: +> * Config.Defaults.cpuidMask.val.1.ecx: +> * Config.Defaults.cpuidMask.val.1.edx: +> * Config.Defaults.cpuidMask.val.80000000.eax: +> * Config.Defaults.cpuidMask.val.80000000.ebx: +> * Config.Defaults.cpuidMask.val.80000000.ecx: +> * Config.Defaults.cpuidMask.val.80000000.edx: +> * Config.Defaults.cpuidMask.val.80000001.eax: +> * Config.Defaults.cpuidMask.val.80000001.ebx: +> * Config.Defaults.cpuidMask.val.80000001.ecx: +> * Config.Defaults.cpuidMask.val.80000001.edx: +> * Config.Defaults.cpuidMask.val.80000008.eax: +> * Config.Defaults.cpuidMask.val.80000008.ebx: +> * Config.Defaults.cpuidMask.val.80000008.ecx: +> * Config.Defaults.cpuidMask.val.80000008.edx: +> * Config.Defaults.cpuidMask.val.8000000A.eax: +> * Config.Defaults.cpuidMask.val.8000000A.ebx: +> * Config.Defaults.cpuidMask.val.8000000A.ecx: +> * Config.Defaults.cpuidMask.val.8000000A.edx: +> * Config.Defaults.cpuidMask.val.d.eax: +> * Config.Defaults.cpuidMask.val.d.ebx: +> * Config.Defaults.cpuidMask.val.d.ecx: +> * Config.Defaults.cpuidMask.val.d.edx: +> * Config.Defaults.security.host.ruissl: True +> * Config.Defaults.vGPU.consolidation: False +> * Config.Etc.issue: +> * Config.Etc.motd: The time and date of this login have been sent to the system logs. +> +>WARNING: +> All commands run on the ESXi shell are logged and may be included in +> support bundles. Do not provide passwords directly on the command line. +> Most tools can prompt for secrets or accept them from standard input. +> +>%1b[00mVMware offers supported, powerful system administration tools. Please +>see www.vmware.com/go/sysadmintools for details. +> +>The ESXi Shell can be disabled by an administrative user. See the +>vSphere Security documentation for more information. +> +> * Config.GlobalSettings.guest.commands.sharedPolicyRefCount: 0 +> * Config.HostAgent.level[Hbrsvc].logLevel: +> * Config.HostAgent.level[Hostsvc].logLevel: +> * Config.HostAgent.level[Proxysvc].logLevel: +> * Config.HostAgent.level[Snmpsvc].logLevel: +> * Config.HostAgent.level[Statssvc].logLevel: +> * Config.HostAgent.level[Vcsvc].logLevel: +> * Config.HostAgent.level[Vimsvc].logLevel: +> * Config.HostAgent.level[Vmsvc].logLevel: +> * Config.HostAgent.log.level: info +> * Config.HostAgent.plugins.hostsvc.esxAdminsGroup: ESX Admins +> * Config.HostAgent.plugins.hostsvc.esxAdminsGroupAutoAdd: True +> * Config.HostAgent.plugins.hostsvc.esxAdminsGroupUpdateInterval: 1 +> * Config.HostAgent.plugins.solo.enableMob: False +> * Config.HostAgent.plugins.solo.webServer.enableWebscriptLauncher: True +> * Config.HostAgent.plugins.vimsvc.authValidateInterval: 1440 +> * Config.HostAgent.plugins.vimsvc.userSearch.maxResults: 100 +> * Config.HostAgent.plugins.vimsvc.userSearch.maxTimeSeconds: 20 +> * Config.HostAgent.plugins.vmsvc.enforceMaxRegisteredVms: True +> * Config.HostAgent.plugins.vmsvc.productLockerWatchInterval: 300 +> * Cpu.ActionLoadThreshold: 10 +> * Cpu.AllowWideVsmp: 0 +> * Cpu.BoundLagQuanta: 8 +> * Cpu.CommRateThreshold: 500 +> * Cpu.CoschedCostartThreshold: 2000 +> * Cpu.CoschedCostopThreshold: 3000 +> * Cpu.CoschedCrossCall: 1 +> * Cpu.CoschedExclusiveAffinity: 0 +> * Cpu.CoschedHandoffLLC: 1 +> * Cpu.CoschedHandoffSkip: 10 +> * Cpu.CoschedPollUsec: 1000 +> * Cpu.CreditAgePeriod: 3000 +> * Cpu.FairnessRebalancePcpus: 4 +> * Cpu.HTRebalancePeriod: 5 +> * Cpu.HTStolenAgeThreshold: 8 +> * Cpu.HTWholeCoreThreshold: 800 +> * Cpu.HostRebalancePeriod: 100 +> * Cpu.L2RebalancePeriod: 10 +> * Cpu.L3RebalancePeriod: 20 +> * Cpu.LimitEnforcementThreshold: 200 +> * Cpu.MaxSampleRateLg: 7 +> * Cpu.MoveCurrentRunnerPcpus: 4 +> * Cpu.NonTimerWakeupRate: 500 +> * Cpu.PackageRebalancePeriod: 20 +> * Cpu.PcpuMigrateIdlePcpus: 4 +> * Cpu.Quantum: 200 +> * Cpu.UseMwait: 2 +> * Cpu.VMAdmitCheckPerVcpuMin: 1 +> * Cpu.WakeupMigrateIdlePcpus: 4 +> * DCUI.Access: root +> * DataMover.HardwareAcceleratedInit: 1 +> * DataMover.HardwareAcceleratedMove: 1 +> * DataMover.MaxHeapSize: 64 +> * Digest.AlgoType: 1 +> * Digest.BlockSize: 1 +> * Digest.CollisionEnabled: 0 +> * Digest.JournalCoverage: 8 +> * Digest.UpdateOnClose: 0 +> * DirentryCache.MaxDentryPerObj: 15000 +> * Disk.AllowUsbClaimedAsSSD: 0 +> * Disk.ApdTokenRetryCount: 25 +> * Disk.AutoremoveOnPDL: 1 +> * Disk.BandwidthCap: 4294967294 +> * Disk.DelayOnBusy: 400 +> * Disk.DeviceReclaimTime: 300 +> * Disk.DisableVSCSIPollInBH: 1 +> * Disk.DiskDelayPDLHelper: 10 +> * Disk.DiskMaxIOSize: 32767 +> * Disk.DiskReservationThreshold: 45 +> * Disk.DiskRetryPeriod: 2000 +> * Disk.DumpMaxRetries: 10 +> * Disk.DumpPollDelay: 1000 +> * Disk.DumpPollMaxRetries: 10000 +> * Disk.EnableNaviReg: 1 +> * Disk.FailDiskRegistration: 0 +> * Disk.FastPathRestoreInterval: 100 +> * Disk.IdleCredit: 32 +> * Disk.MaxLUN: 1024 +> * Disk.MaxResetLatency: 2000 +> * Disk.NmpMaxCmdExtension: 0 +> * Disk.PathEvalTime: 300 +> * Disk.PreventVMFSOverwrite: 1 +> * Disk.QFullSampleSize: 0 +> * Disk.QFullThreshold: 8 +> * Disk.ReqCallThreshold: 8 +> * Disk.ResetLatency: 1000 +> * Disk.ResetMaxRetries: 0 +> * Disk.ResetOverdueLogPeriod: 60 +> * Disk.ResetPeriod: 30 +> * Disk.ResetThreadExpires: 1800 +> * Disk.ResetThreadMax: 16 +> * Disk.ResetThreadMin: 1 +> * Disk.RetryUnitAttention: 1 +> * Disk.ReturnCCForNoSpace: 0 +> * Disk.SchedCostUnit: 32768 +> * Disk.SchedQCleanupInterval: 300 +> * Disk.SchedQControlSeqReqs: 128 +> * Disk.SchedQControlVMSwitches: 6 +> * Disk.SchedQPriorityPercentage: 80 +> * Disk.SchedQuantum: 8 +> * Disk.SchedReservationBurst: 1 +> * Disk.SchedulerWithReservation: 1 +> * Disk.SectorMaxDiff: 2000 +> * Disk.SharesHigh: 2000 +> * Disk.SharesLow: 500 +> * Disk.SharesNormal: 1000 +> * Disk.SupportSparseLUN: 1 +> * Disk.ThroughputCap: 4294967294 +> * Disk.UseDeviceReset: 1 +> * Disk.UseIOWorlds: 1 +> * Disk.UseIoPool: 0 +> * Disk.UseLunReset: 1 +> * Disk.UseReportLUN: 1 +> * Disk.VSCSICoalesceCount: 1000 +> * Disk.VSCSIPollPeriod: 1000 +> * Disk.VSCSIResvCmdRetryInSecs: 1 +> * Disk.VSCSIWriteSameBurstSize: 4 +> * FSS.FSSLightWeightProbe: 1 +> * FT.AckIntervalMax: 1000000 +> * FT.AckIntervalMin: 0 +> * FT.BackupConnectTimeout: 8000 +> * FT.BackupExtraTimeout: 100 +> * FT.BadExecLatency: 800 +> * FT.BindToVmknic: 0 +> * FT.ChargeVMXForFlush: 1 +> * FT.CheckFCPathState: 1 +> * FT.CheckForProgress: 0 +> * FT.CoreDumpNoProgressMS: 0 +> * FT.ExecLatencyKill: 0 +> * FT.ExtraLogTimeout: 10000 +> * FT.FTCptConcurrentSend: 1 +> * FT.FTCptDelayCheckpoint: 2 +> * FT.FTCptDiffCap: 100 +> * FT.FTCptDiffThreads: 6 +> * FT.FTCptDisableFailover: 0 +> * FT.FTCptDiskWriteTimeout: 3000 +> * FT.FTCptDontDelayPkts: 0 +> * FT.FTCptDontSendPages: 0 +> * FT.FTCptEpochList: 5,10,20,100 +> * FT.FTCptEpochSample: 1000 +> * FT.FTCptEpochWait: 8000 +> * FT.FTCptIORetryExtraInterval: 200 +> * FT.FTCptIORetryInterval: 10 +> * FT.FTCptIORetryTimes: 15 +> * FT.FTCptLogTimeout: 8000 +> * FT.FTCptMaxPktsDelay: 0 +> * FT.FTCptMinInterval: 4 +> * FT.FTCptNetDelayNoCpt: 0 +> * FT.FTCptNumConnections: 2 +> * FT.FTCptNumaIndex: 0 +> * FT.FTCptPagePolicy: 65538 +> * FT.FTCptPoweroff: 0 +> * FT.FTCptRcvBufSize: 562140 +> * FT.FTCptSndBufSize: 562140 +> * FT.FTCptStartTimeout: 90000 +> * FT.FTCptStatsInterval: 30 +> * FT.FTCptThreadPolicy: 65536 +> * FT.FTCptVcpuMinUsage: 40 +> * FT.FTCptWaitOnSocket: 1 +> * FT.FillAffinity: 1 +> * FT.FillWorldlet: 1 +> * FT.FlushReservationMax: 25 +> * FT.FlushReservationMin: 5 +> * FT.FlushSleep: 0 +> * FT.FlushWorldlet: 1 +> * FT.GlobalFlushWorld: 0 +> * FT.GoodExecLatency: 200 +> * FT.HeartbeatCount: 10 +> * FT.HostTimeout: 2000 +> * FT.IORetryExtraInterval: 200 +> * FT.IORetryInterval: 10 +> * FT.IORetryTimes: 15 +> * FT.LogBufferStallSleep: 1 +> * FT.LogTimeout: 8000 +> * FT.LongFlushDebugMS: 500 +> * FT.MaxFlushInterval: 0 +> * FT.MinWriteSize: 0 +> * FT.NoWaitOnSocket: 0 +> * FT.PanicNoProgressMS: 0 +> * FT.PrimaryConnectTimeout: 8000 +> * FT.ShortFlushDebugMS: 100 +> * FT.TCPNoDelayBackup: 1 +> * FT.TCPNoDelayPrimary: 1 +> * FT.TCPPersistTimer: 500 +> * FT.TCPRcvBufSize: 131072 +> * FT.TCPSndBufSize: 131072 +> * FT.UseHostMonitor: 0 +> * FT.Vmknic: +> * FT.XmitSyncQueueLen: 64 +> * FT.adjDownInt: 10 +> * FT.adjDownPct: 10 +> * FT.adjUpInt: 200 +> * FT.adjUpPct: 10 +> * FT.execLatExtra: 500 +> * FT.maxLowerBound: 20 +> * FT.slowdownPctMax: 60 +> * FT.slowdownTimeMax: 600 +> * HBR.ChecksumIoSize: 8 +> * HBR.ChecksumMaxIo: 8 +> * HBR.ChecksumPerSlice: 2 +> * HBR.ChecksumRegionSize: 256 +> * HBR.ChecksumUseAllocInfo: 1 +> * HBR.ChecksumUseChecksumInfo: 1 +> * HBR.ChecksumZoneSize: 32768 +> * HBR.CopySnapDiskMaxExtentCount: 16 +> * HBR.CopySnapFidHashBuckets: 256 +> * HBR.DemandlogCompletedHashBuckets: 8 +> * HBR.DemandlogExtentHashBuckets: 512 +> * HBR.DemandlogIoTimeoutSecs: 120 +> * HBR.DemandlogReadRetries: 20 +> * HBR.DemandlogRetryDelayMs: 10 +> * HBR.DemandlogSendHashBuckets: 8 +> * HBR.DemandlogTransferIoSize: 8 +> * HBR.DemandlogTransferMaxIo: 4 +> * HBR.DemandlogTransferMaxNetwork: 8 +> * HBR.DemandlogTransferPerSlice: 2 +> * HBR.DemandlogWriteRetries: 20 +> * HBR.DisableChecksumOffload: 0 +> * HBR.DisconnectedEventDelayMs: 60000 +> * HBR.ErrThrottleChecksumIO: 1 +> * HBR.ErrThrottleDceRead: 1 +> * HBR.HbrBitmapAllocTimeoutMS: 3000 +> * HBR.HbrBitmapVMMaxStorageGB: 65536 +> * HBR.HbrBitmapVMMinStorageGB: 500 +> * HBR.HbrDemandLogIOPerVM: 64 +> * HBR.HbrDisableNetCompression: 1 +> * HBR.HbrLowerExtentBreakGB: 8192 +> * HBR.HbrLowerExtentSizeKB: 16 +> * HBR.HbrMaxExtentSizeKB: 64 +> * HBR.HbrMaxGuestXferWhileDeltaMB: 1024 +> * HBR.HbrMaxUnmapExtents: 10 +> * HBR.HbrMaxUnmapsInFlight: 128 +> * HBR.HbrMinExtentBreakGB: 2048 +> * HBR.HbrMinExtentSizeKB: 8 +> * HBR.HbrOptimizeFullSync: 1 +> * HBR.HbrResourceHeapPerVMSizeKB: 128 +> * HBR.HbrResourceHeapSizeMB: 2 +> * HBR.HbrResourceHeapUtilization: 95 +> * HBR.HbrResourceMaxDiskContexts: 512 +> * HBR.HbrRuntimeHeapMaxBaseMB: 1 +> * HBR.HbrRuntimeHeapMinBaseMB: 1 +> * HBR.HbrStaticHeapMaxBaseMB: 1 +> * HBR.HbrStaticHeapMinBaseMB: 1 +> * HBR.HbrUpperExtentBreakGB: 32768 +> * HBR.HbrUpperExtentSizeKB: 32 +> * HBR.HelperQueueMaxRequests: 8192 +> * HBR.HelperQueueMaxWorlds: 8 +> * HBR.LocalReadIoTimeoutSecs: 120 +> * HBR.MigrateFlushTimerSecs: 3 +> * HBR.NetworkUseCubic: 1 +> * HBR.NetworkerRecvHashBuckets: 64 +> * HBR.OpportunisticBlockListSize: 4000 +> * HBR.ProgressReportIntervalMs: 5000 +> * HBR.PsfIoTimeoutSecs: 300 +> * HBR.ReconnectFailureDelaySecs: 10 +> * HBR.ReconnectMaxDelaySecs: 90 +> * HBR.ResourceServerHashBuckets: 8 +> * HBR.RetryMaxDelaySecs: 60 +> * HBR.RetryMinDelaySecs: 1 +> * HBR.SyncTransferRetrySleepSecs: 5 +> * HBR.TransferDiskMaxIo: 32 +> * HBR.TransferDiskMaxNetwork: 64 +> * HBR.TransferDiskPerSlice: 16 +> * HBR.TransferFileExtentSize: 8192 +> * HBR.TransferMaxContExtents: 8 +> * HBR.WireChecksum: 1 +> * HBR.XferBitmapCheckIntervalSecs: 10 +> * ISCSI.MaxIoSizeKB: 128 +> * Irq.BestVcpuRouting: 0 +> * Irq.IRQActionAffinityWeight: 5 +> * Irq.IRQAvoidExclusive: 1 +> * Irq.IRQBHConflictWeight: 5 +> * Irq.IRQRebalancePeriod: 50 +> * Irq.IRQVcpuConflictWeight: 3 +> * LPage.LPageAlwaysTryForNPT: 1 +> * LPage.LPageDefragEnable: 1 +> * LPage.LPageMarkLowNodes: 1 +> * LPage.MaxSharedPages: 512 +> * LPage.MaxSwappedPagesInitVal: 10 +> * LPage.freePagesThresholdForRemote: 2048 +> * LSOM.blkAttrCacheSizePercent: 0 +> * Mem.AllocGuestLargePage: 1 +> * Mem.CtlMaxPercent: 65 +> * Mem.IdleTax: 75 +> * Mem.IdleTaxType: 1 +> * Mem.MemDefragClientsPerDir: 2 +> * Mem.MemMinFreePct: 0 +> * Mem.MemZipEnable: 1 +> * Mem.MemZipMaxAllocPct: 50 +> * Mem.MemZipMaxPct: 10 +> * Mem.SampleActivePctMin: 1 +> * Mem.SampleDirtiedPctMin: 0 +> * Mem.ShareForceSalting: 2 +> * Mem.ShareRateMax: 1024 +> * Mem.ShareScanGHz: 4 +> * Mem.ShareScanTime: 60 +> * Mem.VMOverheadGrowthLimit: 4294967295 +> * Migrate.AutoBindVmknic: 1 +> * Migrate.BindToVmknic: 3 +> * Migrate.CptCacheMaxSizeMB: 544 +> * Migrate.DebugChecksumMismatch: 0 +> * Migrate.DetectZeroPages: 1 +> * Migrate.DisableResumeDuringPageIn: 0 +> * Migrate.DiskOpsChunkSize: 131072 +> * Migrate.DiskOpsEnabled: 0 +> * Migrate.DiskOpsMaxRetries: 20 +> * Migrate.DiskOpsStreamChunks: 40 +> * Migrate.Enabled: 1 +> * Migrate.GetPageSysAlertThresholdMS: 10000 +> * Migrate.LowBandwidthSysAlertThreshold: 0 +> * Migrate.LowMemWaitSysAlertThresholdMS: 10000 +> * Migrate.MigrateCpuMinPctDefault: 30 +> * Migrate.MigrateCpuPctPerGb: 10 +> * Migrate.MigrateCpuSharesHighPriority: 60000 +> * Migrate.MigrateCpuSharesRegular: 30000 +> * Migrate.MonActionWaitSysAlertThresholdMS: 2000 +> * Migrate.NetExpectedLineRateMBps: 133 +> * Migrate.NetLatencyModeThreshold: 4 +> * Migrate.NetTimeout: 20 +> * Migrate.OutstandingReadKBMax: 128 +> * Migrate.PanicOnChecksumMismatch: 0 +> * Migrate.PreCopyCountDelay: 10 +> * Migrate.PreCopyMinProgressPerc: 130 +> * Migrate.PreCopyPagesPerSend: 32 +> * Migrate.PreCopySwitchoverTimeGoal: 500 +> * Migrate.PreallocLPages: 1 +> * Migrate.ProhibitFork: 0 +> * Migrate.RcvBufSize: 562540 +> * Migrate.RdpiTransitionTimeMs: 1 +> * Migrate.SdpsDynamicDelaySec: 30 +> * Migrate.SdpsEnabled: 2 +> * Migrate.SdpsTargetRate: 500 +> * Migrate.SndBufSize: 562540 +> * Migrate.TSMaster: 0 +> * Migrate.TcpTsoDeferTx: 0 +> * Migrate.TryToUseDefaultHeap: 1 +> * Migrate.VASpaceReserveCount: 128 +> * Migrate.VASpaceReserveSize: 768 +> * Migrate.VMotionLatencySensitivity: 1 +> * Migrate.VMotionResolveSwapType: 1 +> * Migrate.VMotionStreamDisable: 0 +> * Migrate.VMotionStreamHelpers: 0 +> * Migrate.Vmknic: +> * Misc.APDHandlingEnable: 1 +> * Misc.APDTimeout: 140 +> * Misc.BHTimeout: 0 +> * Misc.BhTimeBound: 2000 +> * Misc.BlueScreenTimeout: 0 +> * Misc.ConsolePort: none +> * Misc.DebugBuddyEnable: 0 +> * Misc.DebugLogToSerial: 0 +> * Misc.DefaultHardwareVersion: +> * Misc.DsNsMgrTimeout: 1200000 +> * Misc.EnableHighDMA: 1 +> * Misc.GDBPort: none +> * Misc.GuestLibAllowHostInfo: 0 +> * Misc.HeapMgrGuardPages: 1 +> * Misc.HeapPanicDestroyNonEmpty: 0 +> * Misc.HeartbeatInterval: 1000 +> * Misc.HeartbeatPanicTimeout: 900 +> * Misc.HeartbeatTimeout: 90 +> * Misc.HordeEnabled: 0 +> * Misc.HostAgentUpdateLevel: 3 +> * Misc.IntTimeout: 0 +> * Misc.IoFilterWatchdogTimeout: 120 +> * Misc.LogPort: none +> * Misc.LogTimestampUptime: 0 +> * Misc.LogToFile: 1 +> * Misc.LogToSerial: 1 +> * Misc.LogWldPrefix: 1 +> * Misc.MCEMonitorInterval: 250 +> * Misc.MetadataUpdateTimeoutMsec: 30000 +> * Misc.MinimalPanic: 0 +> * Misc.NMILint1IntAction: 0 +> * Misc.PowerButton: 1 +> * Misc.PowerOffEnable: 1 +> * Misc.PreferredHostName: +> * Misc.ProcVerbose: +> * Misc.SIOControlFlag1: 0 +> * Misc.SIOControlFlag2: 0 +> * Misc.SIOControlLoglevel: 0 +> * Misc.SIOControlOptions: +> * Misc.ScreenSaverDelay: 0 +> * Misc.ShaperStatsEnabled: 1 +> * Misc.ShellPort: none +> * Misc.TimerMaxHardPeriod: 500000 +> * Misc.TimerTolerance: 2000 +> * Misc.UsbArbitratorAutoStartDisabled: 0 +> * Misc.UserDuctDynBufferSize: 16384 +> * Misc.UserSocketUnixMaxBufferSize: 65536 +> * Misc.WatchdogBacktrace: 0 +> * Misc.WorldletActivationUS: 500 +> * Misc.WorldletActivationsLimit: 8 +> * Misc.WorldletGreedySampleMCycles: 10 +> * Misc.WorldletGreedySampleRun: 256 +> * Misc.WorldletIRQPenalty: 10 +> * Misc.WorldletLoadThreshold: 90 +> * Misc.WorldletLoadType: medium +> * Misc.WorldletLocalityBonus: 10 +> * Misc.WorldletLoosePenalty: 30 +> * Misc.WorldletMigOverheadLLC: 4 +> * Misc.WorldletMigOverheadRemote: 16 +> * Misc.WorldletPreemptOverhead: 30 +> * Misc.WorldletRemoteActivateOverhead: 0 +> * Misc.WorldletWorldOverheadLLC: 0 +> * Misc.WorldletWorldOverheadRemote: 10 +> * Misc.vmmDisableL1DFlush: 0 +> * Misc.vsanWitnessVirtualAppliance: 0 +> * NFS.ApdStartCount: 3 +> * NFS.DiskFileLockUpdateFreq: 10 +> * NFS.HeartbeatDelta: 5 +> * NFS.HeartbeatFrequency: 12 +> * NFS.HeartbeatMaxFailures: 10 +> * NFS.HeartbeatTimeout: 5 +> * NFS.LockRenewMaxFailureNumber: 3 +> * NFS.LockUpdateTimeout: 5 +> * NFS.LogNfsStat3: 0 +> * NFS.MaxQueueDepth: 4294967295 +> * NFS.MaxVolumes: 8 +> * NFS.ReceiveBufferSize: 1024 +> * NFS.SendBufferSize: 1024 +> * NFS.SyncRetries: 25 +> * NFS.VolumeRemountFrequency: 30 +> * NFS41.EOSDelay: 30 +> * NFS41.IOTaskRetry: 25 +> * NFS41.MaxRead: 4294967295 +> * NFS41.MaxVolumes: 8 +> * NFS41.MaxWrite: 4294967295 +> * NFS41.MountTimeout: 30 +> * NFS41.RecvBufSize: 1024 +> * NFS41.SendBufSize: 1024 +> * Net.AdvertisementDuration: 60 +> * Net.AllowPT: 1 +> * Net.BlockGuestBPDU: 0 +> * Net.CoalesceDefaultOn: 1 +> * Net.CoalesceFavorNoVmmVmkTx: 1 +> * Net.CoalesceFineTimeoutCPU: 2 +> * Net.CoalesceFineTxTimeout: 1000 +> * Net.CoalesceFlexMrq: 1 +> * Net.CoalesceLowRxRate: 4 +> * Net.CoalesceLowTxRate: 4 +> * Net.CoalesceMatchedQs: 1 +> * Net.CoalesceMrqLt: 1 +> * Net.CoalesceMrqMetricAllowTxOnly: 1 +> * Net.CoalesceMrqMetricRxOnly: 0 +> * Net.CoalesceMrqOverallStop: 0 +> * Net.CoalesceMrqRatioMetric: 1 +> * Net.CoalesceMrqTriggerReCalib: 1 +> * Net.CoalesceMultiRxQCalib: 1 +> * Net.CoalesceNoVmmVmkTx: 1 +> * Net.CoalesceParams: +> * Net.CoalesceRBCRate: 4000 +> * Net.CoalesceRxLtStopCalib: 0 +> * Net.CoalesceRxQDepthCap: 40 +> * Net.CoalesceScheme: rbc +> * Net.CoalesceTimeoutType: 2 +> * Net.CoalesceTxAlwaysPoll: 1 +> * Net.CoalesceTxQDepthCap: 40 +> * Net.CoalesceTxTimeout: 4000 +> * Net.DCBEnable: 1 +> * Net.DVFilterBindIpAddress: +> * Net.DVFilterPriorityRdLockEnable: 1 +> * Net.DVSLargeHeapMaxSize: 80 +> * Net.DontOffloadInnerIPv6: 0 +> * Net.E1000IntrCoalesce: 1 +> * Net.E1000TxCopySize: 2048 +> * Net.E1000TxZeroCopy: 1 +> * Net.EnableDMASgCons: 1 +> * Net.EnableOuterCsum: 1 +> * Net.EtherswitchAllowFastPath: 0 +> * Net.EtherswitchHashSize: 1 +> * Net.EtherswitchHeapMax: 512 +> * Net.EtherswitchNumPerPCPUDispatchData: 3 +> * Net.FollowHardwareMac: 1 +> * Net.GuestIPHack: 0 +> * Net.GuestTxCopyBreak: 64 +> * Net.IGMPQueries: 2 +> * Net.IGMPQueryInterval: 125 +> * Net.IGMPRouterIP: 0.0.0.0 +> * Net.IGMPV3MaxSrcIPNum: 10 +> * Net.IGMPVersion: 3 +> * Net.IOControlPnicOptOut: +> * Net.LRODefBackoffPeriod: 8 +> * Net.LRODefMaxLength: 65535 +> * Net.LRODefThreshold: 4000 +> * Net.LRODefUseRatioDenom: 3 +> * Net.LRODefUseRatioNumer: 1 +> * Net.LinkFlappingThreshold: 60 +> * Net.LinkStatePollTimeout: 500 +> * Net.MLDRouterIP: FE80::FFFF:FFFF:FFFF:FFFF +> * Net.MLDV2MaxSrcIPNum: 10 +> * Net.MLDVersion: 2 +> * Net.MaxBeaconVlans: 100 +> * Net.MaxBeaconsAtOnce: 100 +> * Net.MaxGlobalRxQueueCount: 100000 +> * Net.MaxNetifTxQueueLen: 2000 +> * Net.MaxPageInQueueLen: 75 +> * Net.MaxPktRxListQueue: 3500 +> * Net.MaxPortRxQueueLen: 80 +> * Net.MinEtherLen: 60 +> * Net.NcpLlcSap: 0 +> * Net.NetBHRxStormThreshold: 320 +> * Net.NetDebugRARPTimerInter: 30000 +> * Net.NetDeferTxCompletion: 1 +> * Net.NetDiscUpdateIntrvl: 300 +> * Net.NetEnableSwCsumForLro: 1 +> * Net.NetEsxfwPassOutboundGRE: 1 +> * Net.NetInStressTest: 0 +> * Net.NetLatencyAwareness: 1 +> * Net.NetMaxRarpsPerInterval: 128 +> * Net.NetNetqMaxDefQueueFilters: 4096 +> * Net.NetNetqNumaIOCpuPinThreshold: 0 +> * Net.NetNetqRxRebalRSSLoadThresholdPerc: 10 +> * Net.NetNetqTxPackKpps: 300 +> * Net.NetNetqTxUnpackKpps: 600 +> * Net.NetNiocAllowOverCommit: 1 +> * Net.NetPTMgrWakeupInterval: 6 +> * Net.NetPktAllocTries: 5 +> * Net.NetPktSlabFreePercentThreshold: 2 +> * Net.NetPortFlushIterLimit: 2 +> * Net.NetPortFlushPktLimit: 64 +> * Net.NetPortTrackTxRace: 0 +> * Net.NetRmDistMacFilter: 1 +> * Net.NetRmDistSamplingRate: 0 +> * Net.NetRxCopyInTx: 0 +> * Net.NetSchedCoalesceTxUsecs: 33 +> * Net.NetSchedDefaultResPoolSharesPct: 5 +> * Net.NetSchedDefaultSchedName: fifo +> * Net.NetSchedECNEnabled: 1 +> * Net.NetSchedECNThreshold: 70 +> * Net.NetSchedHClkLeafQueueDepthPkt: 500 +> * Net.NetSchedHClkMQ: 0 +> * Net.NetSchedHClkMaxHwQueue: 2 +> * Net.NetSchedHeapMaxSizeMB: 64 +> * Net.NetSchedInFlightMaxBytesDefault: 20000 +> * Net.NetSchedInFlightMaxBytesInsane: 1500000 +> * Net.NetSchedMaxPktSend: 256 +> * Net.NetSchedQoSSchedName: hclk +> * Net.NetSchedSpareBasedShares: 1 +> * Net.NetSendRARPOnPortEnablement: 1 +> * Net.NetShaperQueuePerL3L4Flow: 1 +> * Net.NetSplitRxMode: 1 +> * Net.NetTraceEnable: 0 +> * Net.NetTuneHostMode: default +> * Net.NetTuneInterval: 60 +> * Net.NetTuneThreshold: 1n 2n 50 +> * Net.NetTxDontClusterSize: 0 +> * Net.NetVMTxType: 2 +> * Net.NetVmxnet3TxHangTimeout: 0 +> * Net.NetpollSwLRO: 1 +> * Net.NoLocalCSum: 0 +> * Net.NotifySwitch: 1 +> * Net.PTSwitchingTimeout: 20000 +> * Net.PVRDMAVmknic: +> * Net.PortDisableTimeout: 5000 +> * Net.ReversePathFwdCheck: 1 +> * Net.ReversePathFwdCheckPromisc: 0 +> * Net.TcpipCopySmallTx: 1 +> * Net.TcpipDefLROEnabled: 1 +> * Net.TcpipDefLROMaxLength: 32768 +> * Net.TcpipDgramRateLimiting: 1 +> * Net.TcpipEnableABC: 1 +> * Net.TcpipEnableFlowtable: 1 +> * Net.TcpipEnableSendScaling: 1 +> * Net.TcpipHWLRONoDelayAck: 1 +> * Net.TcpipHeapMax: 1024 +> * Net.TcpipHeapSize: 0 +> * Net.TcpipIGMPDefaultVersion: 3 +> * Net.TcpipIGMPRejoinInterval: 60 +> * Net.TcpipLODispatchQueueMaxLen: 128 +> * Net.TcpipLRONoDelayAck: 1 +> * Net.TcpipLogPackets: 0 +> * Net.TcpipLogPacketsCount: 24570 +> * Net.TcpipMaxNetstackInstances: 48 +> * Net.TcpipNoBcopyRx: 1 +> * Net.TcpipPendPktSocketFreeTimeout: 300 +> * Net.TcpipRxDispatchQueueMaxLen: 2000 +> * Net.TcpipRxDispatchQueues: 1 +> * Net.TcpipRxDispatchQuota: 200 +> * Net.TcpipRxVmknicWorldletAffinityType: 0 +> * Net.TcpipTxDispatchQuota: 100 +> * Net.TcpipTxqBackoffTimeoutMs: 70 +> * Net.TcpipTxqMaxUsageThreshold: 80 +> * Net.TeamPolicyUpDelay: 100 +> * Net.TrafficFilterIpAddress: +> * Net.TsoDumpPkt: 0 +> * Net.UplinkAbortDisconnectTimeout: 5000 +> * Net.UplinkKillAsyncTimeout: 10000 +> * Net.UplinkTxQueuesDispEnabled: 1 +> * Net.UseHwCsumForIPv6Csum: 1 +> * Net.UseHwIPv6Csum: 1 +> * Net.UseHwTSO: 1 +> * Net.UseHwTSO6: 1 +> * Net.UseLegacyProc: 0 +> * Net.UseProc: 0 +> * Net.VLANMTUCheckMode: 1 +> * Net.VmklnxLROEnabled: 0 +> * Net.VmklnxLROMaxAggr: 6 +> * Net.VmknicDoLroSplit: 0 +> * Net.VmknicLroSplitBnd: 12 +> * Net.Vmxnet2HwLRO: 1 +> * Net.Vmxnet2PinRxBuf: 0 +> * Net.Vmxnet2SwLRO: 1 +> * Net.Vmxnet3HwLRO: 1 +> * Net.Vmxnet3PageInBound: 32 +> * Net.Vmxnet3RSSHashCache: 1 +> * Net.Vmxnet3RxPollBound: 256 +> * Net.Vmxnet3SwLRO: 1 +> * Net.Vmxnet3WinIntrHints: 1 +> * Net.Vmxnet3usePNICHash: 0 +> * Net.VmxnetBiDirNeedsTsoTx: 1 +> * Net.VmxnetBiDirNoTsoSplit: 1 +> * Net.VmxnetCopyTxRunLimit: 16 +> * Net.VmxnetDoLroSplit: 1 +> * Net.VmxnetDoTsoSplit: 1 +> * Net.VmxnetLROBackoffPeriod: 8 +> * Net.VmxnetLROMaxLength: 32000 +> * Net.VmxnetLROThreshold: 4000 +> * Net.VmxnetLROUseRatioDenom: 3 +> * Net.VmxnetLROUseRatioNumer: 2 +> * Net.VmxnetLroSplitBnd: 64 +> * Net.VmxnetPromDisableLro: 1 +> * Net.VmxnetSwLROSL: 1 +> * Net.VmxnetTsoSplitBnd: 12 +> * Net.VmxnetTsoSplitSize: 17500 +> * Net.VmxnetTxCopySize: 256 +> * Net.VmxnetWinCopyTxRunLimit: 65535 +> * Net.VmxnetWinUDPTxFullCopy: 1 +> * Net.vNicNumDeferredReset: 12 +> * Net.vNicTxPollBound: 192 +> * Net.vmxnetThroughputWeight: 0 +> * Nmp.NmpPReservationCmdRetryTime: 1 +> * Nmp.NmpSatpAluaCmdRetryTime: 10 +> * Numa.CoreCapRatioPct: 90 +> * Numa.CostopSkewAdjust: 1 +> * Numa.FollowCoresPerSocket: 0 +> * Numa.LTermFairnessInterval: 5 +> * Numa.LTermMigImbalThreshold: 10 +> * Numa.LargeInterleave: 1 +> * Numa.LocalityWeightActionAffinity: 130 +> * Numa.LocalityWeightMem: 1 +> * Numa.MigImbalanceThreshold: 10 +> * Numa.MigPreventLTermThresh: 0 +> * Numa.MigThrashThreshold: 50 +> * Numa.MigThreshold: 2 +> * Numa.MonMigEnable: 1 +> * Numa.PageMigEnable: 1 +> * Numa.PageMigLinearRun: 95 +> * Numa.PageMigRandomRun: 5 +> * Numa.PageMigRateMax: 8000 +> * Numa.PreferHT: 0 +> * Numa.RebalanceCoresNode: 2 +> * Numa.RebalanceCoresTotal: 4 +> * Numa.RebalanceEnable: 1 +> * Numa.RebalancePeriod: 2000 +> * Numa.SwapConsiderPeriod: 15 +> * Numa.SwapInterval: 3 +> * Numa.SwapLoadEnable: 1 +> * Numa.SwapLocalityEnable: 1 +> * Numa.SwapMigrateOnly: 2 +> * Power.CStateMaxLatency: 500 +> * Power.CStatePredictionCoef: 110479 +> * Power.CStateResidencyCoef: 5 +> * Power.ChargeMemoryPct: 20 +> * Power.MaxCpuLoad: 60 +> * Power.MaxFreqPct: 100 +> * Power.MinFreqPct: 0 +> * Power.PerfBias: 17 +> * Power.PerfBiasEnable: 1 +> * Power.TimerHz: 100 +> * Power.UseCStates: 1 +> * Power.UsePStates: 1 +> * RdmFilter.HbaIsShared: True +> * ScratchConfig.ConfiguredScratchLocation: +> * ScratchConfig.CurrentScratchLocation: /tmp/scratch +> * Scsi.ChangeQErrSetting: 1 +> * Scsi.CompareLUNNumber: 1 +> * Scsi.ExtendAPDCondition: 0 +> * Scsi.FailVMIOonAPD: 0 +> * Scsi.LogCmdErrors: 1 +> * Scsi.LogCmdRCErrorsFreq: 0 +> * Scsi.LogMPCmdErrors: 1 +> * Scsi.LogScsiAborts: 0 +> * Scsi.LunCleanupInterval: 7 +> * Scsi.MaxReserveBacktrace: 0 +> * Scsi.MaxReserveTime: 200 +> * Scsi.MaxReserveTotalTime: 250 +> * Scsi.PassthroughLocking: 1 +> * Scsi.ReserveBacktrace: 0 +> * Scsi.SCSIEnableDescToFixedConv: 1 +> * Scsi.SCSIEnableIOLatencyMsgs: 0 +> * Scsi.SCSIStrictSPCVersionChecksForPEs: 0 +> * Scsi.SCSITimeout_ReabortTime: 5000 +> * Scsi.SCSITimeout_ScanTime: 1000 +> * Scsi.SCSIioTraceBufSizeMB: 1 +> * Scsi.ScanOnDriverLoad: 1 +> * Scsi.ScanSync: 0 +> * Scsi.ScsiRestartStalledQueueLatency: 500 +> * Scsi.ScsiVVolPESNRO: 128 +> * Scsi.TimeoutTMThreadExpires: 1800 +> * Scsi.TimeoutTMThreadLatency: 2000 +> * Scsi.TimeoutTMThreadMax: 16 +> * Scsi.TimeoutTMThreadMin: 1 +> * Scsi.TimeoutTMThreadRetry: 2000 +> * Scsi.TransFailLogPct: 20 +> * Scsi.UseAdaptiveRetries: 1 +> * Security.AccountLockFailures: 5 +> * Security.AccountUnlockTime: 900 +> * Security.PasswordQualityControl: retry=3 min=disabled,disabled,disabled,7,7 +> * SunRPC.MaxConnPerIP: 4 +> * SunRPC.SendLowat: 25 +> * SunRPC.WorldletAffinity: 2 +> * SvMotion.SvMotionAvgDisksPerVM: 8 +> * Syslog.global.defaultRotate: 8 +> * Syslog.global.defaultSize: 1024 +> * Syslog.global.logDir: [] /scratch/log +> * Syslog.global.logDirUnique: False +> * Syslog.global.logHost: 192.168.1.200 +> * Syslog.loggers.Xorg.rotate: 8 +> * Syslog.loggers.Xorg.size: 1024 +> * Syslog.loggers.auth.rotate: 8 +> * Syslog.loggers.auth.size: 1024 +> * Syslog.loggers.clomd.rotate: 8 +> * Syslog.loggers.clomd.size: 1024 +> * Syslog.loggers.cmmdsTimeMachine.rotate: 8 +> * Syslog.loggers.cmmdsTimeMachine.size: 1024 +> * Syslog.loggers.cmmdsTimeMachineDump.rotate: 20 +> * Syslog.loggers.cmmdsTimeMachineDump.size: 10240 +> * Syslog.loggers.ddecomd.rotate: 8 +> * Syslog.loggers.ddecomd.size: 1024 +> * Syslog.loggers.dhclient.rotate: 8 +> * Syslog.loggers.dhclient.size: 1024 +> * Syslog.loggers.epd.rotate: 8 +> * Syslog.loggers.epd.size: 1024 +> * Syslog.loggers.esxupdate.rotate: 8 +> * Syslog.loggers.esxupdate.size: 1024 +> * Syslog.loggers.fdm.rotate: 8 +> * Syslog.loggers.fdm.size: 1024 +> * Syslog.loggers.hbrca.rotate: 8 +> * Syslog.loggers.hbrca.size: 1024 +> * Syslog.loggers.hostd-probe.rotate: 8 +> * Syslog.loggers.hostd-probe.size: 1024 +> * Syslog.loggers.hostd.rotate: 8 +> * Syslog.loggers.hostd.size: 1024 +> * Syslog.loggers.hostdCgiServer.rotate: 8 +> * Syslog.loggers.hostdCgiServer.size: 1024 +> * Syslog.loggers.hostprofiletrace.rotate: 8 +> * Syslog.loggers.hostprofiletrace.size: 1024 +> * Syslog.loggers.iofiltervpd.rotate: 8 +> * Syslog.loggers.iofiltervpd.size: 1024 +> * Syslog.loggers.lacp.rotate: 8 +> * Syslog.loggers.lacp.size: 1024 +> * Syslog.loggers.nfcd.rotate: 8 +> * Syslog.loggers.nfcd.size: 1024 +> * Syslog.loggers.osfsd.rotate: 8 +> * Syslog.loggers.osfsd.size: 1024 +> * Syslog.loggers.rabbitmqproxy.rotate: 8 +> * Syslog.loggers.rabbitmqproxy.size: 1024 +> * Syslog.loggers.rhttpproxy.rotate: 8 +> * Syslog.loggers.rhttpproxy.size: 1024 +> * Syslog.loggers.sdrsInjector.rotate: 8 +> * Syslog.loggers.sdrsInjector.size: 1024 +> * Syslog.loggers.shell.rotate: 8 +> * Syslog.loggers.shell.size: 1024 +> * Syslog.loggers.storageRM.rotate: 8 +> * Syslog.loggers.storageRM.size: 1024 +> * Syslog.loggers.swapobjd.rotate: 8 +> * Syslog.loggers.swapobjd.size: 1024 +> * Syslog.loggers.syslog.rotate: 8 +> * Syslog.loggers.syslog.size: 1024 +> * Syslog.loggers.upitd.rotate: 8 +> * Syslog.loggers.upitd.size: 1024 +> * Syslog.loggers.usb.rotate: 8 +> * Syslog.loggers.usb.size: 1024 +> * Syslog.loggers.vitd.rotate: 8 +> * Syslog.loggers.vitd.size: 10240 +> * Syslog.loggers.vmauthd.rotate: 8 +> * Syslog.loggers.vmauthd.size: 1024 +> * Syslog.loggers.vmkdevmgr.rotate: 8 +> * Syslog.loggers.vmkdevmgr.size: 1024 +> * Syslog.loggers.vmkernel.rotate: 8 +> * Syslog.loggers.vmkernel.size: 1024 +> * Syslog.loggers.vmkeventd.rotate: 8 +> * Syslog.loggers.vmkeventd.size: 1024 +> * Syslog.loggers.vmksummary.rotate: 8 +> * Syslog.loggers.vmksummary.size: 1024 +> * Syslog.loggers.vmkwarning.rotate: 8 +> * Syslog.loggers.vmkwarning.size: 1024 +> * Syslog.loggers.vobd.rotate: 8 +> * Syslog.loggers.vobd.size: 1024 +> * Syslog.loggers.vprobe.rotate: 8 +> * Syslog.loggers.vprobe.size: 1024 +> * Syslog.loggers.vpxa.rotate: 8 +> * Syslog.loggers.vpxa.size: 1024 +> * Syslog.loggers.vsanSoapServer.rotate: 8 +> * Syslog.loggers.vsanSoapServer.size: 5120 +> * Syslog.loggers.vsanmgmt.rotate: 8 +> * Syslog.loggers.vsanmgmt.size: 10240 +> * Syslog.loggers.vsansystem.rotate: 10 +> * Syslog.loggers.vsansystem.size: 10240 +> * Syslog.loggers.vsantraceUrgent.rotate: 8 +> * Syslog.loggers.vsantraceUrgent.size: 1024 +> * Syslog.loggers.vvold.rotate: 16 +> * Syslog.loggers.vvold.size: 8192 +> * User.PTEDisableNX: 0 +> * User.ReaddirRetries: 10 +> * UserVars.ActiveDirectoryPreferredDomainControllers: +> * UserVars.ActiveDirectoryVerifyCAMCertificate: 1 +> * UserVars.DcuiTimeOut: 600 +> * UserVars.ESXiShellInteractiveTimeOut: 0 +> * UserVars.ESXiShellTimeOut: 0 +> * UserVars.ESXiVPsAllowedCiphers: !aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES +> * UserVars.ESXiVPsDisabledProtocols: sslv3 +> * UserVars.EsximageNetRateLimit: 0 +> * UserVars.EsximageNetRetries: 10 +> * UserVars.EsximageNetTimeout: 60 +> * UserVars.HardwareHealthIgnoredSensors: +> * UserVars.HardwareHealthSyncTime: 360 +> * UserVars.HostClientCEIPOptIn: 2 +> * UserVars.HostClientDefaultConsole: webmks +> * UserVars.HostClientEnableMOTDNotification: 1 +> * UserVars.HostClientEnableVisualEffects: 1 +> * UserVars.HostClientSessionTimeout: 900 +> * UserVars.HostClientShowOnlyRecentObjects: 1 +> * UserVars.HostClientWelcomeMessage: Welcome to {{hostname}} +> * UserVars.HostdStatsstoreRamdiskSize: 0 +> * UserVars.ProductLockerLocation: /locker/packages/6.5.0/ +> * UserVars.SuppressCoredumpWarning: 0 +> * UserVars.SuppressHyperthreadWarning: 0 +> * UserVars.SuppressShellWarning: 1 +> * UserVars.ToolsRamdisk: 0 +> * UserVars.vGhettoSetup: 1 +> * VFLASH.CacheStatsEnable: 1 +> * VFLASH.CacheStatsFromVFC: 1 +> * VFLASH.MaxCacheFileSizeMB: 409600 +> * VFLASH.MaxDiskFileSizeGB: 16384 +> * VFLASH.MaxHeapSizeMB: 32 +> * VFLASH.MaxResourceGBForVmCache: 2048 +> * VFLASH.ResourceUsageThreshold: 80 +> * VMFS.UnresolvedVolumeLiveCheck: True +> * VMFS3.EnableBlockDelete: 0 +> * VMFS3.FailVolumeOpenIfAPD: 0 +> * VMFS3.HardwareAcceleratedLocking: 1 +> * VMFS3.LFBCSlabSizeMaxMB: 8 +> * VMFS3.MaxAddressableSpaceTB: 32 +> * VMFS3.MaxHeapSizeMB: 256 +> * VMFS3.MaxextendedTxnsUsingfs3Heap: 20 +> * VMFS3.MinAddressableSpaceTB: 0 +> * VMFS3.OpenWithoutJournal: 1 +> * VMFS3.PBCapMissRatioIntervalSec: 60 +> * VMFS3.StAtExclLockEnd: 0 +> * VMFS3.UseATSForHBOnVMFS5: 1 +> * VMkernel.Boot.allowNonNX: False +> * VMkernel.Boot.autoCreateDumpFile: True +> * VMkernel.Boot.autoPartition: False +> * VMkernel.Boot.autoPartitionCreateUSBCoreDumpPartition: False +> * VMkernel.Boot.autoPartitionDiskDumpPartitionSize: 2560 +> * VMkernel.Boot.bootDeviceRescanTimeout: 1 +> * VMkernel.Boot.busSpeedMayVary: False +> * VMkernel.Boot.cacheFlushImmOnAllHalt: False +> * VMkernel.Boot.checkCPUIDLimit: True +> * VMkernel.Boot.checkPages: False +> * VMkernel.Boot.com1_baud: 115200 +> * VMkernel.Boot.com2_baud: 115200 +> * VMkernel.Boot.coresPerPkg: 0 +> * VMkernel.Boot.debugBreak: False +> * VMkernel.Boot.debugLogToSerial: 2 +> * VMkernel.Boot.disableACSCheck: False +> * VMkernel.Boot.disableCFOH: False +> * VMkernel.Boot.disableHwrng: False +> * VMkernel.Boot.diskDumpSlotSize: 0 +> * VMkernel.Boot.dmaEngineExposeIdentityMapping: True +> * VMkernel.Boot.dmaMapperPolicy: disabled +> * VMkernel.Boot.enableACSCheckForRP: False +> * VMkernel.Boot.execInstalledOnly: False +> * VMkernel.Boot.fsCheck: False +> * VMkernel.Boot.gdbPort: default +> * VMkernel.Boot.generalCriticalMemory: 0 +> * VMkernel.Boot.heapCheckTimerInterval: 10 +> * VMkernel.Boot.heapFreeOwnerCheck: False +> * VMkernel.Boot.heapFreePoisonByte: 255 +> * VMkernel.Boot.heapMetaPoisonByte: 90 +> * VMkernel.Boot.heapMetadataProtect: False +> * VMkernel.Boot.heapMgrTotalVASpaceGB: 512 +> * VMkernel.Boot.heapPoisonFreeMem: False +> * VMkernel.Boot.heapPoisonTimerChecks: False +> * VMkernel.Boot.hyperthreading: True +> * VMkernel.Boot.hyperthreadingMitigation: False +> * VMkernel.Boot.ignoreMsrFaults: False +> * VMkernel.Boot.intrBalancingEnabled: True +> * VMkernel.Boot.ioAbilityChecks: False +> * VMkernel.Boot.iovDisableIR: False +> * VMkernel.Boot.ipmiEnabled: True +> * VMkernel.Boot.isPerFileSchedModelActive: True +> * VMkernel.Boot.leaveWakeGPEsDisabled: True +> * VMkernel.Boot.logPort: default +> * VMkernel.Boot.maxLogEntries: 0 +> * VMkernel.Boot.maxPCPUS: 576 +> * VMkernel.Boot.maxPCPUsNUMAInterleaving: True +> * VMkernel.Boot.maxVMs: 0 +> * VMkernel.Boot.memCheckEveryWord: False +> * VMkernel.Boot.memLowReservedMB: 0 +> * VMkernel.Boot.memmapMaxEarlyPoisonMemMB: 65536 +> * VMkernel.Boot.memmapMaxPhysicalMemMB: 16777216 +> * VMkernel.Boot.memmapMaxRAMMB: 12582912 +> * VMkernel.Boot.microcodeUpdate: True +> * VMkernel.Boot.microcodeUpdateForce: False +> * VMkernel.Boot.netCoalesceTimerHdlrPcpu: 0 +> * VMkernel.Boot.netGPHeapMaxMBPerGB: 4 +> * VMkernel.Boot.netMaxPktsToProcess: 64 +> * VMkernel.Boot.netNetqueueEnabled: True +> * VMkernel.Boot.netPagePoolLimitCap: 98304 +> * VMkernel.Boot.netPagePoolLimitPerGB: 5120 +> * VMkernel.Boot.netPagePoolResvCap: 0 +> * VMkernel.Boot.netPagePoolResvPerGB: 0 +> * VMkernel.Boot.netPktHeapMaxMBPerGB: 6 +> * VMkernel.Boot.netPktHeapMinMBPerGB: 0 +> * VMkernel.Boot.netPktPoolMaxMBPerGB: 75 +> * VMkernel.Boot.netPktPoolMinMBPerGB: 0 +> * VMkernel.Boot.netPreemptionEnabled: False +> * VMkernel.Boot.nmiAction: 0 +> * VMkernel.Boot.numaLatencyRemoteThresholdPct: 10 +> * VMkernel.Boot.overrideDuplicateImageDetection: False +> * VMkernel.Boot.pciBarAllocPolicy: 0 +> * VMkernel.Boot.pcipDisablePciErrReporting: True +> * VMkernel.Boot.poisonMarker: -6148914691236517206 +> * VMkernel.Boot.poisonPagePool: False +> * VMkernel.Boot.preferVmklinux: False +> * VMkernel.Boot.preventFreePageMapping: False +> * VMkernel.Boot.rdmaRoceIPBasedGidGeneration: True +> * VMkernel.Boot.rtcEnableEFI: True +> * VMkernel.Boot.rtcEnableLegacy: True +> * VMkernel.Boot.rtcEnableTAD: True +> * VMkernel.Boot.scrubIgnoredPages: False +> * VMkernel.Boot.scrubMemoryAfterModuleLoad: False +> * VMkernel.Boot.serialUntrusted: True +> * VMkernel.Boot.skipPartitioningSsds: False +> * VMkernel.Boot.storageHeapMaxSize: 0 +> * VMkernel.Boot.storageHeapMinSize: 0 +> * VMkernel.Boot.storageMaxDevices: 512 +> * VMkernel.Boot.storageMaxPaths: 2048 +> * VMkernel.Boot.storageMaxVMsPerDevice: 32 +> * VMkernel.Boot.terminateVMOnPDL: False +> * VMkernel.Boot.timerEnableACPI: True +> * VMkernel.Boot.timerEnableHPET: True +> * VMkernel.Boot.timerEnableTSC: True +> * VMkernel.Boot.timerForceTSC: False +> * VMkernel.Boot.tscSpeedMayVary: False +> * VMkernel.Boot.tty1Port: default +> * VMkernel.Boot.tty2Port: default +> * VMkernel.Boot.updateBusIRQ: False +> * VMkernel.Boot.useNUMAInfo: True +> * VMkernel.Boot.useReliableMem: True +> * VMkernel.Boot.useSLIT: True +> * VMkernel.Boot.vmkATKeyboard: False +> * VMkernel.Boot.vmkacEnable: 1 +> * VMkernel.Boot.vtdSuperPages: True +> * VSAN-iSCSI.iscsiPingTimeout: 5 +> * VSAN.AutoTerminateGhostVm: 1 +> * VSAN.ClomMaxComponentSizeGB: 255 +> * VSAN.ClomMaxDiskUsageRepairComps: 95 +> * VSAN.ClomRebalanceThreshold: 80 +> * VSAN.ClomRepairDelay: 60 +> * VSAN.DedupScope: 0 +> * VSAN.DefaultHostDecommissionMode: ensureAccessibility +> * VSAN.DomBriefIoTraces: 0 +> * VSAN.DomFullIoTraces: 0 +> * VSAN.DomLongOpTraceMS: 1000 +> * VSAN.DomLongOpUrgentTraceMS: 10000 +> * VSAN.ObjectScrubsPerYear: 1 +> * VSAN.PerTraceBandwidthLimit: 0 +> * VSAN.PerTraceBandwidthLimitPeriodMs: 10000 +> * VSAN.PerTraceMaxRolloverPeriods: 360 +> * VSAN.SwapThickProvisionDisabled: 1 +> * VSAN.TraceEnableCmmds: 1 +> * VSAN.TraceEnableDom: 1 +> * VSAN.TraceEnableDomIo: 0 +> * VSAN.TraceEnableLchk: 1 +> * VSAN.TraceEnableLsom: 1 +> * VSAN.TraceEnablePlog: 1 +> * VSAN.TraceEnableRdt: 1 +> * VSAN.TraceEnableSsdLog: 1 +> * VSAN.TraceEnableVirsto: 1 +> * VSAN.TraceEnableVsanSparse: 1 +> * VSAN.TraceEnableVsanSparseIO: 0 +> * VSAN.TraceEnableVsanSparseVerbose: 0 +> * VSAN.TraceGlobalBandwidthLimit: 0 +> * VSAN.TraceGlobalBandwidthLimitPeriodMs: 10000 +> * VSAN.TraceGlobalMaxRolloverPeriods: 360 +> * VSAN.VsanSparseCacheOverEvict: 5 +> * VSAN.VsanSparseCacheThreshold: 1024 +> * VSAN.VsanSparseEnabled: 1 +> * VSAN.VsanSparseHeapSize: 65536 +> * VSAN.VsanSparseMaxExtentsPrefetch: 64 +> * VSAN.VsanSparseParallelLookup: 1 +> * VSAN.VsanSparseRetainCacheOnSnapshots: 1 +> * VSAN.VsanSparseRetainCacheTTL: 20 +> * VSAN.VsanSparseSpeculativePrefetch: 4194304 +> * Virsto.DiskFormatVersion: 5 +> * Virsto.Enabled: 1 +> * Virsto.FlusherRegistryThreshold: 50 +> * Virsto.GweFetchExtentsFactor: 3 +> * Virsto.InstanceHeapLimit: 130 +> * Virsto.MapBlocksFlushThreshold: 90 +> * Virsto.MapBlocksMin: 16384 +> * Virsto.MaxMFRetryCount: 3 +> * Virsto.MsecBeforeMetaFlush: 10000 +> * Virsto.RecordsPerFormatWrite: 16 +> * Virsto.SharedHeapLimit: 4 +> * Vpx.Vpxa.config.httpNfc.accessMode: proxyAuto +> * Vpx.Vpxa.config.httpNfc.enabled: true +> * Vpx.Vpxa.config.level[SoapAdapter.HTTPService.HttpConnection].logLevel: info +> * Vpx.Vpxa.config.level[SoapAdapter.HTTPService.HttpConnection].logName: SoapAdapter.HTTPService.HttpConnection +> * Vpx.Vpxa.config.level[SoapAdapter.HTTPService].logLevel: info +> * Vpx.Vpxa.config.level[SoapAdapter.HTTPService].logName: SoapAdapter.HTTPService +> * Vpx.Vpxa.config.log.level: verbose +> * Vpx.Vpxa.config.log.maxFileNum: 10 +> * Vpx.Vpxa.config.log.maxFileSize: 1048576 +> * Vpx.Vpxa.config.log.memoryLevel: verbose +> * Vpx.Vpxa.config.log.outputToConsole: false +> * Vpx.Vpxa.config.log.outputToFiles: false +> * Vpx.Vpxa.config.log.outputToSyslog: true +> * Vpx.Vpxa.config.log.syslog.facility: local4 +> * Vpx.Vpxa.config.log.syslog.ident: Vpxa +> * Vpx.Vpxa.config.log.syslog.logHeaderFile: /var/run/vmware/vpxaLogHeader.txt +> * Vpx.Vpxa.config.nfc.loglevel: error +> * Vpx.Vpxa.config.task.completedMaxEntries: 1000 +> * Vpx.Vpxa.config.task.maxThreads: 98 +> * Vpx.Vpxa.config.task.minCompletedLifetime: 120 +> * Vpx.Vpxa.config.trace.mutex.profiledMutexes: InvtLock +> * Vpx.Vpxa.config.trace.vmomi.calls: false +> * Vpx.Vpxa.config.vmacore.http.defaultClientPoolConnectionsPerServer: 300 +> * Vpx.Vpxa.config.vmacore.soap.sessionTimeout: 1440 +> * Vpx.Vpxa.config.vmacore.ssl.doVersionCheck: false +> * Vpx.Vpxa.config.vmacore.threadPool.IoMax: 9 +> * Vpx.Vpxa.config.vmacore.threadPool.TaskMax: 4 +> * Vpx.Vpxa.config.vmacore.threadPool.ThreadStackSizeKb: 128 +> * Vpx.Vpxa.config.vmacore.threadPool.threadNamePrefix: vpxa +> * Vpx.Vpxa.config.vpxa.bundleVersion: 1000000 +> * Vpx.Vpxa.config.vpxa.datastorePrincipal: root +> * Vpx.Vpxa.config.vpxa.hostIp: esxi01 +> * Vpx.Vpxa.config.vpxa.hostPort: 443 +> * Vpx.Vpxa.config.vpxa.licenseExpiryNotificationThreshold: 15 +> * Vpx.Vpxa.config.vpxa.memoryCheckerTimeInSecs: 30 +> * Vpx.Vpxa.config.workingDir: /var/log/vmware/vpx +> * XvMotion.VMFSOptimizations: 1 + + +### vmware-host-config-manager +*** +Manage advanced system settings of an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_config_manager_module.html + + +#### Base Command + +`vmware-host-config-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. Settings are applied to every ESXi host in given cluster. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. Settings are applied to this ESXi host. If `cluster_name` is not given, this parameter is required. | Optional | +| options | A dictionary of advanced system settings. Invalid options will cause module to error. Note that the list of advanced options (with description and values) can be found by running `vim-cmd hostsvc/advopt/options`. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-host-config-manager cluster_name="cluster" options="{'Config.HostAgent.log.level': 'info'}" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostConfigManager": [ + { + "changed": false, + "msg": "All settings are already configured.", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * msg: All settings are already configured. + + +### vmware-host-datastore +*** +Manage a datastore on ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_datastore_module.html + + +#### Base Command + +`vmware-host-datastore` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter_name | Name of the datacenter to add the datastore. The datacenter isn't used by the API to create a datastore. Will be removed in 2.11. | Optional | +| datastore_name | Name of the datastore to add/remove. | Required | +| datastore_type | Type of the datastore to configure (nfs/nfs41/vmfs). Possible values are: nfs, nfs41, vmfs. | Required | +| nfs_server | NFS host serving nfs datastore. Required if datastore type is set to `nfs`/`nfs41` and state is set to `present`, else unused. Two or more servers can be defined if datastore type is set to `nfs41`. | Optional | +| nfs_path | Resource path on NFS host. Required if datastore type is set to `nfs`/`nfs41` and state is set to `present`, else unused. | Optional | +| nfs_ro | ReadOnly or ReadWrite mount. Unused if datastore type is not set to `nfs`/`nfs41` and state is not set to `present`. Possible values are: Yes, No. Default is No. | Optional | +| vmfs_device_name | Name of the device to be used as VMFS datastore. Required for VMFS datastore type and state is set to `present`, else unused. | Optional | +| vmfs_version | VMFS version to use for datastore creation. Unused if datastore type is not set to `vmfs` and state is not set to `present`. | Optional | +| esxi_hostname | ESXi hostname to manage the datastore. Required when used with a vcenter. | Optional | +| state | present: Mount datastore on host if datastore is absent else do nothing. absent: Umount datastore if datastore is present else do nothing. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-host-datastore datastore_name="datastore1" datastore_type="vmfs" vmfs_device_name="naa.6000c29d140dea19fc681e3e1b190c46" vmfs_version="6" esxi_hostname="esxi01" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostDatastore": [ + { + "changed": false, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False + +### vmware-host-dns-info +*** +Gathers info about an ESXi host's DNS configuration information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_dns_info_module.html + + +#### Base Command + +`vmware-host-dns-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster from which the ESXi host belong to. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname to gather information from. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostDnsInfo.hosts_dns_info | unknown | metadata about DNS config from given cluster / host system | + + +#### Command Example +```!vmware-host-dns-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostDnsInfo": [ + { + "changed": false, + "hosts_dns_info": { + "esxi01": { + "dhcp": false, + "domain_name": "", + "host_name": "esxi01", + "ip_address": [], + "search_domain": [ + "null" + ], + "virtual_nic_device": null + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Dns_Info +> * ### esxi01 +> * dhcp: False +> * domain_name: +> * host_name: esxi01 +> * virtual_nic_device: None +> * #### Ip_Address +> * #### Search_Domain +> * 0: null + + +### vmware-host-facts +*** +Gathers facts about remote ESXi hostsystem +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_facts_module.html + + +#### Base Command + +`vmware-host-facts` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | ESXi hostname. Host facts about the specified ESXi server will be returned. By specifying this option, you can select which ESXi hostsystem is returned if connecting to a vCenter. | Optional | +| show_tag | Tags related to Host are shown if set to `True`. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostFacts.ansible_facts | unknown | system info about the host machine | + + + + +### vmware-host-feature-info +*** +Gathers info about an ESXi host's feature capability information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_feature_info_module.html + + +#### Base Command + +`vmware-host-feature-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster from all host systems to be used for information gathering. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname to gather information from. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostFeatureInfo.hosts_feature_info | unknown | metadata about host's feature capability information | + + +#### Command Example +```!vmware-host-feature-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostFeatureInfo": [ + { + "changed": false, + "hosts_feature_info": { + "esxi01": [ + { + "feature_name": "cpuid.3DNOW", + "key": "cpuid.3DNOW", + "value": "0" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Feature_Info +> * ### esxi01 +> * ### Cpuid.3Dnow +> * feature_name: cpuid.3DNOW +> * key: cpuid.3DNOW +> * value: 0 + + +### vmware-host-firewall-info +*** +Gathers info about an ESXi host's firewall configuration information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_firewall_info_module.html + + +#### Base Command + +`vmware-host-firewall-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster from which the ESXi host belong to. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname to gather information from. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostFirewallInfo.hosts_firewall_info | unknown | metadata about host's firewall configuration | + + +#### Command Example +```!vmware-host-firewall-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostFirewallInfo": [ + { + "changed": false, + "hosts_firewall_info": { + "esxi01": [ + { + "allowed_hosts": { + "all_ip": true, + "ip_address": [], + "ip_network": [] + }, + "enabled": true, + "key": "CIMHttpServer", + "rule": [ + { + "direction": "inbound", + "end_port": null, + "port": 5988, + "port_type": "dst", + "protocol": "tcp" + } + ], + "service": "sfcbd-watchdog" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Firewall_Info +> * ### esxi01 +> * ### List +> * enabled: True +> * key: CIMHttpServer +> * service: sfcbd-watchdog +> * #### Allowed_Hosts +> * all_ip: True +> * ##### Ip_Address +> * ##### Ip_Network +> * #### Rule +> * #### List +> * direction: inbound +> * end_port: None +> * port: 5988 +> * port_type: dst +> * protocol: tcp +> * ### List +> * enabled: True +> * key: CIMHttpsServer +> * service: sfcbd-watchdog + + +### vmware-host-firewall-manager +*** +Manage firewall configurations about an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_firewall_manager_module.html + + +#### Base Command + +`vmware-host-firewall-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. Firewall settings are applied to every ESXi host system in given cluster. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. Firewall settings are applied to this ESXi host system. If `cluster_name` is not given, this parameter is required. | Optional | +| rules | A list of Rule set which needs to be managed. Each member of list is rule set name and state to be set the rule. Both rule name and rule state are required parameters. Additional IPs and networks can also be specified Please see examples for more information. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostFirewallManager.rule_set_state | unknown | dict with hostname as key and dict with firewall rule set facts as value | + + +#### Command Example +```!vmware-host-firewall-manager cluster_name="cluster" rules="{{ [{'name': 'vvold', 'enabled': True}] }}" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostFirewallManager": [ + { + "changed": true, + "rule_set_state": { + "esxi01": { + "vvold": { + "allowed_hosts": { + "current_allowed_all": false, + "current_allowed_ip": [], + "current_allowed_networks": [], + "desired_allowed_all": false, + "desired_allowed_ip": [], + "desired_allowed_networks": [], + "previous_allowed_all": true, + "previous_allowed_ip": [], + "previous_allowed_networks": [] + }, + "current_state": true, + "desired_state": true, + "previous_state": false + } + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Rule_Set_State +> * ### esxi01 +> * #### Vvold +> * current_state: True +> * desired_state: True +> * previous_state: False +> * ##### Allowed_Hosts +> * current_allowed_all: False +> * desired_allowed_all: False +> * previous_allowed_all: True +> * ###### Current_Allowed_Ip +> * ###### Current_Allowed_Networks +> * ###### Desired_Allowed_Ip +> * ###### Desired_Allowed_Networks +> * ###### Previous_Allowed_Ip +> * ###### Previous_Allowed_Networks + + +### vmware-host-hyperthreading +*** +Enables/Disables Hyperthreading optimization for an ESXi host system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_hyperthreading_module.html + + +#### Base Command + +`vmware-host-hyperthreading` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Enable or disable Hyperthreading. You need to reboot the ESXi host if you change the configuration. Make sure that Hyperthreading is enabled in the BIOS. Otherwise, it will be enabled, but never activated. Possible values are: enabled, disabled. Default is enabled. | Optional | +| esxi_hostname | Name of the host system to work with. This parameter is required if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. This parameter is required if `esxi_hostname` is not specified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostHyperthreading.results | unknown | metadata about host system's Hyperthreading configuration | + + +#### Command Example +```!vmware-host-hyperthreading esxi_hostname="esxi01" state="enabled" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostHyperthreading": [ + { + "changed": true, + "result": { + "esxi01": { + "changed": true, + "msg": "Hyperthreading is enabled, but not active. A reboot is required!", + "state": "enabled", + "state_current": "enabled" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Result +> * ### esxi01 +> * changed: True +> * msg: Hyperthreading is enabled, but not active. A reboot is required! +> * state: enabled +> * state_current: enabled + + +### vmware-host-ipv6 +*** +Enables/Disables IPv6 support for an ESXi host system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ipv6_module.html + + +#### Base Command + +`vmware-host-ipv6` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Enable or disable IPv6 support. You need to reboot the ESXi host if you change the configuration. Possible values are: enabled, disabled. Default is enabled. | Optional | +| esxi_hostname | Name of the host system to work with. This is required parameter if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. This is required parameter if `esxi_hostname` is not specified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostIpv6.result | unknown | metadata about host system's IPv6 configuration | + + +#### Command Example +```!vmware-host-ipv6 esxi_hostname="esxi01" state="enabled" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostIpv6": [ + { + "changed": false, + "result": { + "esxi01": { + "msg": "IPv6 is already enabled and active for host 'esxi01'" + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Result +> * ### esxi01 +> * msg: IPv6 is already enabled and active for host 'esxi01' + + +### vmware-host-kernel-manager +*** +Manage kernel module options on ESXi hosts +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_kernel_manager_module.html + + +#### Base Command + +`vmware-host-kernel-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | Name of the ESXi host to work on. This parameter is required if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the VMware cluster to work on. All ESXi hosts in this cluster will be configured. This parameter is required if `esxi_hostname` is not specified. | Optional | +| kernel_module_name | Name of the kernel module to be configured. | Required | +| kernel_module_option | Specified configurations will be applied to the given module. These values are specified in key=value pairs and separated by a space when there are multiple options. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostKernelManager.results | unknown | dict with information on what was changed, by ESXi host in scope. | + + +#### Command Example +```!vmware-host-kernel-manager esxi_hostname="esxi01" kernel_module_name="tcpip4" kernel_module_option="ipv6=0" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostKernelManager": [ + { + "changed": true, + "host_kernel_status": { + "esxi01": { + "changed": true, + "configured_options": "ipv6=0", + "msg": "Options have been changed on the kernel module", + "original_options": "ipv6=1" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Host_Kernel_Status +> * ### esxi01 +> * changed: True +> * configured_options: ipv6=0 +> * msg: Options have been changed on the kernel module +> * original_options: ipv6=1 + + +### vmware-host-lockdown +*** +Manage administrator permission for the local administrative account for the ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_lockdown_module.html + + +#### Base Command + +`vmware-host-lockdown` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of cluster. All host systems from given cluster used to manage lockdown. Required parameter, if `esxi_hostname` is not set. | Optional | +| esxi_hostname | List of ESXi hostname to manage lockdown. Required parameter, if `cluster_name` is not set. See examples for specifications. | Optional | +| state | State of hosts system If set to `present`, all host systems will be set in lockdown mode. If host system is already in lockdown mode and set to `present`, no action will be taken. If set to `absent`, all host systems will be removed from lockdown mode. If host system is already out of lockdown mode and set to `absent`, no action will be taken. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostLockdown.results | unknown | metadata about state of Host system lock down | + + +#### Command Example +```!vmware-host-lockdown esxi_hostname="esxi01" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostLockdown": [ + { + "changed": true, + "host_lockdown_state": { + "esxi01": { + "current_state": "present", + "desired_state": "present", + "previous_state": "absent" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Host_Lockdown_State +> * ### esxi01 +> * current_state: present +> * desired_state: present +> * previous_state: absent + + +### vmware-host-ntp +*** +Manage NTP server configuration of an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ntp_module.html + + +#### Base Command + +`vmware-host-ntp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | Name of the host system to work with. This parameter is required if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. This parameter is required if `esxi_hostname` is not specified. | Optional | +| ntp_servers | IP or FQDN of NTP server(s). This accepts a list of NTP servers. For multiple servers, please look at the examples. | Required | +| state | present: Add NTP server(s), if specified server(s) are absent else do nothing. absent: Remove NTP server(s), if specified server(s) are present else do nothing. Specified NTP server(s) will be configured if `state` isn't specified. Possible values are: present, absent. | Optional | +| verbose | Verbose output of the configuration change. Explains if an NTP server was added, removed, or if the NTP server sequence was changed. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostNtp.results | unknown | metadata about host system's NTP configuration | + + +#### Command Example +```!vmware-host-ntp esxi_hostname="esxi01" ntp_servers="{{ ['0.pool.ntp.org', '1.pool.ntp.org'] }}" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostNtp": [ + { + "changed": false, + "host_ntp_status": { + "esxi01": { + "changed": false, + "ntp_servers": [ + "0.pool.ntp.org", + "1.pool.ntp.org" + ] + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Host_Ntp_Status +> * ### esxi01 +> * changed: False +> * #### Ntp_Servers +> * 0: 0.pool.ntp.org +> * 1: 1.pool.ntp.org + +### vmware-host-ntp-info +*** +Gathers info about NTP configuration on an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ntp_info_module.html + + +#### Base Command + +`vmware-host-ntp-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. NTP config information about each ESXi server will be returned for the given cluster. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. NTP config information about this ESXi server will be returned. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostNtpInfo.hosts_ntp_info | unknown | dict with hostname as key and dict with NTP infos as value | + + +#### Command Example +```!vmware-host-ntp-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostNtpInfo": [ + { + "changed": false, + "hosts_ntp_info": { + "esxi01": [ + { + "ntp_servers": [ + "0.pool.ntp.org", + "1.pool.ntp.org" + ], + "time_zone_description": "UTC", + "time_zone_gmt_offset": 0, + "time_zone_identifier": "UTC", + "time_zone_name": "UTC" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Ntp_Info +> * ### esxi01 +> * ### Utc +> * time_zone_description: UTC +> * time_zone_gmt_offset: 0 +> * time_zone_identifier: UTC +> * time_zone_name: UTC +> * #### Ntp_Servers +> * 0: 0.pool.ntp.org +> * 1: 1.pool.ntp.org + + +### vmware-host-package-info +*** +Gathers info about available packages on an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_package_info_module.html + + +#### Base Command + +`vmware-host-package-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. Package information about each ESXi server will be returned for given cluster. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. Package information about this ESXi server will be returned. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostPackageInfo.hosts_package_info | unknown | dict with hostname as key and dict with package information as value | + + +#### Command Example +```!vmware-host-package-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostPackageInfo": [ + { + "changed": false, + "hosts_package_info": { + "esxi01": [ + { + "acceptance_level": "vmware_certified", + "creation_date": "2019-07-04T20:27:48.211267+00:00", + "description": "Driver for HP/Compaq Smart Array Controllers", + "maintenance_mode_required": true, + "name": "block-cciss", + "summary": "cciss: block driver for VMware ESX", + "vendor": "VMW", + "version": "3.6.14-10vmw.650.0.0.4564106" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Package_Info +> * ### esxi01 +> * ### Block-Cciss +> * acceptance_level: vmware_certified +> * creation_date: 2019-07-04T20:27:48.211267+00:00 +> * description: Driver for HP/Compaq Smart Array Controllers +> * maintenance_mode_required: True +> * name: block-cciss +> * summary: cciss: block driver for VMware ESX +> * vendor: VMW +> * version: 3.6.14-10vmw.650.0.0.4564106 + + +### vmware-host-powermgmt-policy +*** +Manages the Power Management Policy of an ESXI host system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_powermgmt_policy_module.html + + +#### Base Command + +`vmware-host-powermgmt-policy` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| policy | Set the Power Management Policy of the host system. Possible values are: high-performance, balanced, low-power, custom. Default is balanced. | Optional | +| esxi_hostname | Name of the host system to work with. This is required parameter if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. This is required parameter if `esxi_hostname` is not specified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostPowermgmtPolicy.result | unknown | metadata about host system's Power Management Policy | + + +#### Command Example +```!vmware-host-powermgmt-policy esxi_hostname="esxi01" policy="high-performance" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostPowermgmtPolicy": [ + { + "changed": true, + "result": { + "esxi01": { + "changed": true, + "current_state": "high-performance", + "desired_state": "high-performance", + "msg": "Power policy changed", + "previous_state": "balanced" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Result +> * ### esxi01 +> * changed: True +> * current_state: high-performance +> * desired_state: high-performance +> * msg: Power policy changed +> * previous_state: balanced + + +### vmware-host-powerstate +*** +Manages power states of host systems in vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_powerstate_module.html + + +#### Base Command + +`vmware-host-powerstate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Set the state of the host system. Possible values are: power-down-to-standby, power-up-from-standby, shutdown-host, reboot-host. Default is shutdown-host. | Optional | +| esxi_hostname | Name of the host system to work with. This is required parameter if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. This is required parameter if `esxi_hostname` is not specified. | Optional | +| force | This parameter specify if the host should be proceeding with user defined powerstate regardless of whether it is in maintenance mode. If `state` set to `reboot-host` and `force` as `true`, then host system is rebooted regardless of whether it is in maintenance mode. If `state` set to `shutdown-host` and `force` as `true`, then host system is shutdown regardless of whether it is in maintenance mode. If `state` set to `power-down-to-standby` and `force` to `true`, then all powered off VMs will evacuated. Not applicable if `state` set to `power-up-from-standby`. Possible values are: Yes, No. Default is No. | Optional | +| timeout | This parameter defines timeout for `state` set to `power-down-to-standby` or `power-up-from-standby`. Ignored if `state` set to `reboot-host` or `shutdown-host`. This parameter is defined in seconds. Default is 600. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostPowerstate.result | unknown | metadata about host system's state | + + + + +### vmware-host-scanhba +*** +Rescan host HBA's and optionally refresh the storage system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_scanhba_module.html + + +#### Base Command + +`vmware-host-scanhba` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | ESXi hostname to Rescan the storage subsystem on. | Optional | +| cluster_name | Cluster name to Rescan the storage subsystem on (this will run the rescan task on each host in the cluster). | Optional | +| refresh_storage | Refresh the storage system in vCenter/ESXi Web Client for each host found. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostScanhba.result | unknown | return confirmation of requested host and updated / refreshed storage system | + + +#### Command Example +```!vmware-host-scanhba esxi_hostname="esxi01" refresh_storage="True" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostScanhba": [ + { + "changed": true, + "result": { + "esxi01": { + "refreshed_storage": true, + "rescaned_hba": true + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Result +> * ### esxi01 +> * refreshed_storage: True +> * rescaned_hba: True + + +### vmware-host-service-info +*** +Gathers info about an ESXi host's services +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_service_info_module.html + + +#### Base Command + +`vmware-host-service-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. Service information about each ESXi server will be returned for given cluster. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. Service information about this ESXi server will be returned. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostServiceInfo.host_service_info | unknown | dict with hostname as key and dict with host service config information | + + +#### Command Example +```!vmware-host-service-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostServiceInfo": [ + { + "changed": false, + "host_service_info": { + "esxi01": [ + { + "key": "DCUI", + "label": "Direct Console UI", + "policy": "on", + "required": false, + "running": true, + "source_package_desc": "This VIB contains all of the base functionality of vSphere ESXi.", + "source_package_name": "esx-base", + "uninstallable": false + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Host_Service_Info +> * ### esxi01 +> * ### Esx-Base +> * key: DCUI +> * label: Direct Console UI +> * policy: on +> * required: False +> * running: True +> * source_package_desc: This VIB contains all of the base functionality of vSphere ESXi. +> * source_package_name: esx-base +> * uninstallable: False + + +### vmware-host-service-manager +*** +Manage services on a given ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_service_manager_module.html + + +#### Base Command + +`vmware-host-service-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. Service settings are applied to every ESXi host system/s in given cluster. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. Service settings are applied to this ESXi host system. If `cluster_name` is not given, this parameter is required. | Optional | +| state | Desired state of service. State value 'start' and 'present' has same effect. State value 'stop' and 'absent' has same effect. Possible values are: absent, present, restart, start, stop. Default is start. | Optional | +| service_policy | Set of valid service policy strings. If set `on`, then service should be started when the host starts up. If set `automatic`, then service should run if and only if it has open firewall ports. If set `off`, then Service should not be started when the host starts up. Possible values are: automatic, off, on. | Optional | +| service_name | Name of Service to be managed. This is a brief identifier for the service, for example, ntpd, vxsyslogd etc. This value should be a valid ESXi service name. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-host-service-manager cluster_name="cluster" service_name="ntpd" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostServiceManager": [ + { + "changed": true, + "host_service_status": { + "esxi01": { + "actual_service_policy": "off", + "actual_service_state": "stopped", + "changed": true, + "desired_service_policy": null, + "desired_service_state": "present", + "error": "", + "service_name": "ntpd" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Host_Service_Status +> * ### esxi01 +> * actual_service_policy: off +> * actual_service_state: stopped +> * changed: True +> * desired_service_policy: None +> * desired_service_state: present +> * error: +> * service_name: ntpd + + +### vmware-host-snmp +*** +Configures SNMP on an ESXi host system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_snmp_module.html + + +#### Base Command + +`vmware-host-snmp` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| state | Enable, disable, or reset the SNMP agent. Possible values are: disabled, enabled, reset. Default is disabled. | Optional | +| community | List of SNMP community strings. | Optional | +| snmp_port | Port used by the SNMP agent. Default is 161. | Optional | +| trap_targets | A list of trap targets. You need to use `hostname`, `port`, and `community` for each trap target. | Optional | +| trap_filter | A list of trap oids for traps not to be sent by agent, e.g. [ 1.1.1.1.4.1.6876.1.1.1.2, 1.1.1.1.4.1.6876.4.1.1.1 ] Use value `reset` to clear settings. | Optional | +| send_trap | Send a test trap to validate the configuration. Possible values are: Yes, No. Default is No. | Optional | +| hw_source | Source hardware events from IPMI sensors or CIM Indications. The embedded SNMP agent receives hardware events either from IPMI sensors `sensors` or CIM indications `indications`. Possible values are: indications, sensors. Default is indications. | Optional | +| log_level | Syslog logging level. Possible values are: debug, info, warning, error. Default is info. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostSnmp.results | unknown | metadata about host system's SNMP configuration | + + + + +### vmware-host-ssl-info +*** +Gather info of ESXi host system about SSL +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_ssl_info_module.html + + +#### Base Command + +`vmware-host-ssl-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. SSL thumbprint information about all ESXi host system in the given cluster will be reported. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. SSL thumbprint information of this ESXi host system will be reported. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostSslInfo.host_ssl_info | unknown | dict with hostname as key and dict with SSL thumbprint related info | + + +#### Command Example +```!vmware-host-ssl-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostSslInfo": [ + { + "changed": false, + "host_ssl_info": { + "esxi01": { + "owner_tag": "", + "principal": "", + "ssl_thumbprints": [] + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Host_Ssl_Info +> * ### esxi01 +> * owner_tag: +> * principal: +> * #### Ssl_Thumbprints + + +### vmware-host-vmhba-info +*** +Gathers info about vmhbas available on the given ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_vmhba_info_module.html + + +#### Base Command + +`vmware-host-vmhba-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | Name of the host system to work with. Vmhba information about this ESXi server will be returned. This parameter is required if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. Vmhba information about each ESXi server will be returned for the given cluster. This parameter is required if `esxi_hostname` is not specified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostVmhbaInfo.hosts_vmhbas_info | unknown | dict with hostname as key and dict with vmhbas information as value. | + + +#### Command Example +```!vmware-host-vmhba-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostVmhbaInfo": [ + { + "changed": false, + "hosts_vmhbas_info": { + "esxi01": { + "vmhba_details": [ + { + "adapter": "VMware Inc. PVSCSI SCSI Controller", + "bus": 3, + "device": "vmhba0", + "driver": "pvscsi", + "location": "0000:03:00.0", + "model": "PVSCSI SCSI Controller", + "status": "unknown", + "type": "ParallelScsiHba" + } + ] + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Vmhbas_Info +> * ### esxi01 +> * #### Vmhba_Details +> * #### List +> * adapter: VMware Inc. PVSCSI SCSI Controller +> * bus: 3 +> * device: vmhba0 +> * driver: pvscsi +> * location: 0000:03:00.0 +> * model: PVSCSI SCSI Controller +> * status: unknown +> * type: ParallelScsiHba + + +### vmware-host-vmnic-info +*** +Gathers info about vmnics available on the given ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_host_vmnic_info_module.html + + +#### Base Command + +`vmware-host-vmnic-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| capabilities | Gather information about general capabilities (Auto negotiation, Wake On LAN, and Network I/O Control). Possible values are: Yes, No. Default is No. | Optional | +| directpath_io | Gather information about DirectPath I/O capabilities and configuration. Possible values are: Yes, No. Default is No. | Optional | +| sriov | Gather information about SR-IOV capabilities and configuration. Possible values are: Yes, No. Default is No. | Optional | +| esxi_hostname | Name of the host system to work with. Vmnic information about this ESXi server will be returned. This parameter is required if `cluster_name` is not specified. | Optional | +| cluster_name | Name of the cluster from which all host systems will be used. Vmnic information about each ESXi server will be returned for the given cluster. This parameter is required if `esxi_hostname` is not specified. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareHostVmnicInfo.hosts_vmnics_info | unknown | dict with hostname as key and dict with vmnics information as value. for \`num_vmnics\`, only NICs starting with vmnic are counted. NICs like vusb\* are not counted. details about vswitch and dvswitch was added in version 2.7. details about vmnics was added in version 2.8. | + + +#### Command Example +```!vmware-host-vmnic-info cluster_name="cluster"``` + +#### Context Example +```json +{ + "VMware": { + "VmwareHostVmnicInfo": [ + { + "changed": false, + "hosts_vmnics_info": { + "esxi01": { + "all": [ + "vmnic0", + "vmnic1" + ], + "available": [ + "vmnic1" + ], + "dvswitch": {}, + "num_vmnics": 2, + "used": [ + "vmnic0" + ], + "vmnic_details": [ + { + "actual_duplex": "Full Duplex", + "actual_speed": 10000, + "adapter": "VMware Inc. vmxnet3 Virtual Ethernet Controller", + "configured_duplex": "Full Duplex", + "configured_speed": 10000, + "device": "vmnic0", + "driver": "nvmxnet3", + "location": "0000:0b:00.0", + "mac": "00:0c:29:d9:27:04", + "status": "Connected" + }, + { + "actual_duplex": "Full Duplex", + "actual_speed": 10000, + "adapter": "VMware Inc. vmxnet3 Virtual Ethernet Controller", + "configured_duplex": "Full Duplex", + "configured_speed": 10000, + "device": "vmnic1", + "driver": "nvmxnet3", + "location": "0000:13:00.0", + "mac": "00:0c:29:d9:27:0e", + "status": "Connected" + } + ], + "vswitch": { + "vSwitch0": [ + "vmnic0" + ] + } + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Vmnics_Info +> * ### esxi01 +> * num_vmnics: 2 +> * #### All +> * 0: vmnic0 +> * 1: vmnic1 +> * #### Available +> * 0: vmnic1 +> * #### Dvswitch +> * #### Used +> * 0: vmnic0 +> * #### Vmnic_Details +> * #### List +> * actual_duplex: Full Duplex +> * actual_speed: 10000 +> * adapter: VMware Inc. vmxnet3 Virtual Ethernet Controller +> * configured_duplex: Full Duplex +> * configured_speed: 10000 +> * device: vmnic0 +> * driver: nvmxnet3 +> * location: 0000:0b:00.0 +> * mac: 00:0c:29:d9:27:04 +> * status: Connected +> * #### List +> * actual_duplex: Full Duplex +> * actual_speed: 10000 +> * adapter: VMware Inc. vmxnet3 Virtual Ethernet Controller +> * configured_duplex: Full Duplex +> * configured_speed: 10000 +> * device: vmnic1 +> * driver: nvmxnet3 +> * location: 0000:13:00.0 +> * mac: 00:0c:29:d9:27:0e +> * status: Connected +> * #### Vswitch +> * ##### Vswitch0 +> * 0: vmnic0 + + +### vmware-local-role-info +*** +Gather info about local roles on an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_local_role_info_module.html + + +#### Base Command + +`vmware-local-role-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareLocalRoleInfo.local_role_info | unknown | Info about role present on ESXi host | + + +#### Command Example +```!vmware-local-role-info ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareLocalRoleInfo": [ + { + "changed": false, + "local_role_info": [ + { + "privileges": [ + "Alarm.Acknowledge", + "Alarm.Create" + ], + "role_id": -6, + "role_info_label": "No cryptography administrator", + "role_info_summary": "Full access without Cryptographic operations privileges", + "role_name": "NoCryptoAdmin", + "role_system": true + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Local_Role_Info +> * ## Nocryptoadmin +> * role_id: -6 +> * role_info_label: No cryptography administrator +> * role_info_summary: Full access without Cryptographic operations privileges +> * role_name: NoCryptoAdmin +> * role_system: True +> * ### Privileges +> * 0: Alarm.Acknowledge +> * 1: Alarm.Create + + +### vmware-local-role-manager +*** +Manage local roles on an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_local_role_manager_module.html + + +#### Base Command + +`vmware-local-role-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| local_role_name | The local role name to be managed. | Required | +| local_privilege_ids | The list of privileges that role needs to have. Please see `https://docs.vmware.com/en/VMware-vSphere/6.0/com.vmware.vsphere.security.doc/GUID-ED56F3C4-77D0-49E3-88B6-B99B8B437B62.html`. | Optional | +| state | Indicate desired state of the role. If the role already exists when `state=present`, the role info is updated. Possible values are: present, absent. Default is present. | Optional | +| force_remove | If set to `False` then prevents the role from being removed if any permissions are using it. Possible values are: Yes, No. Default is No. | Optional | +| action | This parameter is only valid while updating an existing role with privileges. `add` will add the privileges to the existing privilege list. `remove` will remove the privileges from the existing privilege list. `set` will replace the privileges of the existing privileges with user defined list of privileges. Possible values are: add, remove, set. Default is set. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareLocalRoleManager.role_name | string | Name of local role | +| VMware.VmwareLocalRoleManager.role_id | number | ESXi generated local role id | +| VMware.VmwareLocalRoleManager.privileges | unknown | List of privileges | +| VMware.VmwareLocalRoleManager.privileges_previous | unknown | List of privileges of role before the update | +| VMware.VmwareLocalRoleManager.local_role_name | string | Name of local role | +| VMware.VmwareLocalRoleManager.new_privileges | unknown | List of privileges | +| VMware.VmwareLocalRoleManager.old_privileges | unknown | List of privileges of role before the update | + + +#### Command Example +```!vmware-local-role-manager local_role_name="vmware_qa" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareLocalRoleManager": [ + { + "changed": true, + "result": { + "local_role_name": "vmware_qa", + "msg": "Role created", + "new_privileges": [], + "privileges": [], + "role_id": 55981884, + "role_name": "vmware_qa" + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Result +> * local_role_name: vmware_qa +> * msg: Role created +> * role_id: 55981884 +> * role_name: vmware_qa +> * ### New_Privileges +> * ### Privileges + + +### vmware-local-user-info +*** +Gather info about users on the given ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_local_user_info_module.html + + +#### Base Command + +`vmware-local-user-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareLocalUserInfo.local_user_info | unknown | metadata about all local users | + + + + +### vmware-local-user-manager +*** +Manage local users on an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_local_user_manager_module.html + + +#### Base Command + +`vmware-local-user-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| local_user_name | The local user name to be changed. | Required | +| local_user_password | The password to be set. | Optional | +| local_user_description | Description for the user. | Optional | +| state | Indicate desired state of the user. If the user already exists when `state=present`, the user info is updated. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-maintenancemode +*** +Place a host into maintenance mode +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_maintenancemode_module.html + + +#### Base Command + +`vmware-maintenancemode` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | Name of the host as defined in vCenter. | Required | +| vsan | Specify which VSAN compliant mode to enter. Possible values are: ensureObjectAccessibility, evacuateAllData, noAction. | Optional | +| evacuate | If set to `True`, evacuate all powered off VMs. Possible values are: Yes, No. Default is No. | Optional | +| timeout | Specify a timeout for the operation. Default is 0. | Optional | +| state | Enter or exit maintenance mode. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareMaintenancemode.hostsystem | string | Name of vim reference | +| VMware.VmwareMaintenancemode.hostname | string | Name of host in vCenter | +| VMware.VmwareMaintenancemode.status | string | Action taken | + + +#### Command Example +```!vmware-maintenancemode esxi_hostname="esxi01" vsan="ensureObjectAccessibility" evacuate="True" timeout="3600" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareMaintenancemode": [ + { + "changed": true, + "hostname": "esxi01", + "hostsystem": "'vim.HostSystem:host-10'", + "msg": "Host esxi01 entered maintenance mode", + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * hostname: esxi01 +> * hostsystem: 'vim.HostSystem:host-10' +> * msg: Host esxi01 entered maintenance mode +> * status: ENTER + + +### vmware-migrate-vmk +*** +Migrate a VMK interface from VSS to VDS +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_migrate_vmk_module.html + + +#### Base Command + +`vmware-migrate-vmk` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| esxi_hostname | ESXi hostname to be managed. | Required | +| device | VMK interface name. | Required | +| current_switch_name | Switch VMK interface is currently on. | Required | +| current_portgroup_name | Portgroup name VMK interface is currently on. | Required | +| migrate_switch_name | Switch name to migrate VMK interface to. | Required | +| migrate_portgroup_name | Portgroup name to migrate VMK interface to. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-object-role-permission +*** +Manage local roles on an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_object_role_permission_module.html + + +#### Base Command + +`vmware-object-role-permission` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| role | The role to be assigned permission. | Required | +| principal | The user to be assigned permission. Required if `group` is not specified. | Optional | +| group | The group to be assigned permission. Required if `principal` is not specified. | Optional | +| object_name | The object name to assigned permission. | Required | +| object_type | The object type being targeted. Possible values are: Folder, VirtualMachine, Datacenter, ResourcePool, Datastore, Network, HostSystem, ComputeResource, ClusterComputeResource, DistributedVirtualSwitch. Default is Folder. | Optional | +| recursive | Should the permissions be recursively applied. Possible values are: Yes, No. Default is Yes. | Optional | +| state | Indicate desired state of the object's permission. When `state=present`, the permission will be added if it doesn't already exist. When `state=absent`, the permission is removed if it exists. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareObjectRolePermission.changed | boolean | whether or not a change was made to the object's role | + + + + +### vmware-portgroup +*** +Create a VMware portgroup +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_portgroup_module.html + + +#### Base Command + +`vmware-portgroup` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| switch | vSwitch to modify. | Required | +| portgroup | Portgroup name to add. | Required | +| vlan_id | VLAN ID to assign to portgroup. Set to 0 (no VLAN tagging) by default. Default is 0. | Optional | +| security | Network policy specifies layer 2 security settings for a portgroup such as promiscuous mode, where guest adapter listens to all the packets, MAC address changes and forged transmits. Dict which configures the different security values for portgroup. Valid attributes are: - `promiscuous_mode` (bool): indicates whether promiscuous mode is allowed. (default: None) - `forged_transmits` (bool): indicates whether forged transmits are allowed. (default: None) - `mac_changes` (bool): indicates whether mac changes are allowed. (default: None). | Optional | +| teaming | Dictionary which configures the different teaming values for portgroup. Valid attributes are: - `load_balancing` (string): Network adapter teaming policy. `load_balance_policy` is also alias to this option. (default: loadbalance_srcid) - choices: [ loadbalance_ip, loadbalance_srcmac, loadbalance_srcid, failover_explicit ] - `network_failure_detection` (string): Network failure detection. (default: link_status_only) - choices: [ link_status_only, beacon_probing ] - `notify_switches` (bool): Indicate whether or not to notify the physical switch if a link fails. (default: None) - `failback` (bool): Indicate whether or not to use a failback when restoring links. (default: None) - `active_adapters` (list): List of active adapters used for load balancing. - `standby_adapters` (list): List of standby adapters used for failover. - All vmnics are used as active adapters if `active_adapters` and `standby_adapters` are not defined. - `inbound_policy` (bool): Indicate whether or not the teaming policy is applied to inbound frames as well. Deprecated. (default: False) - `rolling_order` (bool): Indicate whether or not to use a rolling policy when restoring links. Deprecated. (default: False). | Optional | +| traffic_shaping | Dictionary which configures traffic shaping for the switch. Valid attributes are: - `enabled` (bool): Status of Traffic Shaping Policy. (default: None) - `average_bandwidth` (int): Average bandwidth (kbit/s). (default: None) - `peak_bandwidth` (int): Peak bandwidth (kbit/s). (default: None) - `burst_size` (int): Burst size (KB). (default: None). | Optional | +| cluster_name | Name of cluster name for host membership. Portgroup will be created on all hosts of the given cluster. This option is required if `hosts` is not specified. | Optional | +| hosts | List of name of host or hosts on which portgroup needs to be added. This option is required if `cluster_name` is not specified. | Optional | +| state | Determines if the portgroup should be present or not. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwarePortgroup.result | unknown | metadata about the portgroup | + + +#### Command Example +```!vmware-portgroup switch="vSwitch0" portgroup="test" vlan_id="123" cluster_name=cluster``` + +#### Context Example +```json +{ + "VMware": { + "VmwarePortgroup": [ + { + "changed": true, + "result": { + "esxi01": { + "changed": true, + "msg": "Security changed", + "portgroup": "test", + "sec_forged_transmits": "No override", + "sec_forged_transmits_previous": "No override", + "sec_mac_changes": "No override", + "sec_mac_changes_previous": "No override", + "sec_promiscuous_mode": "No override", + "sec_promiscuous_mode_previous": "No override", + "traffic_shaping": "No override", + "vlan_id": 123, + "vswitch": "vSwitch0" + } + }, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * ## Result +> * ### esxi01 +> * changed: True +> * msg: Security changed +> * portgroup: test +> * sec_forged_transmits: No override +> * sec_forged_transmits_previous: No override +> * sec_mac_changes: No override +> * sec_mac_changes_previous: No override +> * sec_promiscuous_mode: No override +> * sec_promiscuous_mode_previous: No override +> * traffic_shaping: No override +> * vlan_id: 123 +> * vswitch: vSwitch0 + + +### vmware-portgroup-info +*** +Gathers info about an ESXi host's Port Group configuration +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_portgroup_info_module.html + + +#### Base Command + +`vmware-portgroup-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| policies | Gather information about Security, Traffic Shaping, as well as Teaming and failover. The property `ts` stands for Traffic Shaping and `lb` for Load Balancing. Possible values are: Yes, No. Default is No. | Optional | +| cluster_name | Name of the cluster. Info will be returned for all hostsystem belonging to this cluster name. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname to gather information from. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwarePortgroupInfo.hosts_portgroup_info | unknown | metadata about host's portgroup configuration | + + + + +### vmware-resource-pool +*** +Add/remove resource pools to/from vCenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_resource_pool_module.html + + +#### Base Command + +`vmware-resource-pool` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter | Name of the datacenter to add the host. | Required | +| cluster | Name of the cluster to add the host. | Required | +| resource_pool | Resource pool name to manage. | Required | +| cpu_expandable_reservations | In a resource pool with an expandable reservation, the reservation on a resource pool can grow beyond the specified value. Possible values are: Yes, No. Default is Yes. | Optional | +| cpu_reservation | Amount of resource that is guaranteed available to the virtual machine or resource pool. Default is 0. | Optional | +| cpu_limit | The utilization of a virtual machine/resource pool will not exceed this limit, even if there are available resources. The default value -1 indicates no limit. Default is -1. | Optional | +| cpu_shares | Memory shares are used in case of resource contention. Possible values are: high, custom, low, normal. Default is normal. | Optional | +| mem_expandable_reservations | In a resource pool with an expandable reservation, the reservation on a resource pool can grow beyond the specified value. Possible values are: Yes, No. Default is Yes. | Optional | +| mem_reservation | Amount of resource that is guaranteed available to the virtual machine or resource pool. Default is 0. | Optional | +| mem_limit | The utilization of a virtual machine/resource pool will not exceed this limit, even if there are available resources. The default value -1 indicates no limit. Default is -1. | Optional | +| mem_shares | Memory shares are used in case of resource contention. Possible values are: high, custom, low, normal. Default is normal. | Optional | +| state | Add or remove the resource pool. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareResourcePool.instance | unknown | metadata about the new resource pool | + + + + +### vmware-resource-pool-info +*** +Gathers info about resource pool information +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_resource_pool_info_module.html + + +#### Base Command + +`vmware-resource-pool-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareResourcePoolInfo.resource_pool_info | unknown | metadata about resource pool configuration | + + +#### Command Example +```!vmware-resource-pool-info ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareResourcePoolInfo": [ + { + "changed": false, + "resource_pool_info": [ + { + "cpu_allocation_expandable_reservation": true, + "cpu_allocation_limit": 0, + "cpu_allocation_overhead_limit": null, + "cpu_allocation_reservation": 0, + "cpu_allocation_shares": 4000, + "cpu_allocation_shares_level": "normal", + "mem_allocation_expandable_reservation": true, + "mem_allocation_limit": 0, + "mem_allocation_overhead_limit": null, + "mem_allocation_reservation": 0, + "mem_allocation_shares": 163840, + "mem_allocation_shares_level": "normal", + "name": "Resources", + "overall_status": "green", + "owner": "cluster", + "runtime_cpu_max_usage": 0, + "runtime_cpu_overall_usage": 0, + "runtime_cpu_reservation_used": 0, + "runtime_cpu_reservation_used_vm": 0, + "runtime_cpu_unreserved_for_pool": 0, + "runtime_cpu_unreserved_for_vm": 0, + "runtime_memory_max_usage": 0, + "runtime_memory_overall_usage": 0, + "runtime_memory_reservation_used": 0, + "runtime_memory_reservation_used_vm": 0, + "runtime_memory_unreserved_for_pool": 0, + "runtime_memory_unreserved_for_vm": 0 + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Resource_Pool_Info +> * ## Resources +> * cpu_allocation_expandable_reservation: True +> * cpu_allocation_limit: 0 +> * cpu_allocation_overhead_limit: None +> * cpu_allocation_reservation: 0 +> * cpu_allocation_shares: 4000 +> * cpu_allocation_shares_level: normal +> * mem_allocation_expandable_reservation: True +> * mem_allocation_limit: 0 +> * mem_allocation_overhead_limit: None +> * mem_allocation_reservation: 0 +> * mem_allocation_shares: 163840 +> * mem_allocation_shares_level: normal +> * name: Resources +> * overall_status: green +> * owner: cluster +> * runtime_cpu_max_usage: 0 +> * runtime_cpu_overall_usage: 0 +> * runtime_cpu_reservation_used: 0 +> * runtime_cpu_reservation_used_vm: 0 +> * runtime_cpu_unreserved_for_pool: 0 +> * runtime_cpu_unreserved_for_vm: 0 +> * runtime_memory_max_usage: 0 +> * runtime_memory_overall_usage: 0 +> * runtime_memory_reservation_used: 0 +> * runtime_memory_reservation_used_vm: 0 +> * runtime_memory_unreserved_for_pool: 0 +> * runtime_memory_unreserved_for_vm: 0 + + +### vmware-tag +*** +Manage VMware tags +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_tag_module.html + + +#### Base Command + +`vmware-tag` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| tag_name | The name of tag to manage. | Required | +| tag_description | The tag description. This is required only if `state` is set to `present`. This parameter is ignored, when `state` is set to `absent`. Process of updating tag only allows description change. | Optional | +| category_id | The unique ID generated by vCenter should be used to. User can get this unique ID from facts module. | Optional | +| state | The state of tag. If set to `present` and tag does not exists, then tag is created. If set to `present` and tag exists, then tag is updated. If set to `absent` and tag exists, then tag is deleted. If set to `absent` and tag does not exists, no action is taken. Possible values are: present, absent. Default is present. | Optional | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareTag.results | unknown | dictionary of tag metadata | + + + + +### vmware-tag-info +*** +Manage VMware tag info +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_tag_info_module.html + + +#### Base Command + +`vmware-tag-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareTagInfo.results | unknown | dictionary of tag metadata | + + + + +### vmware-tag-manager +*** +Manage association of VMware tags with VMware objects +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_tag_manager_module.html + + +#### Base Command + +`vmware-tag-manager` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| tag_names | List of tag(s) to be managed. You can also specify category name by specifying colon separated value. For example, "category_name:tag_name". You can skip category name if you have unique tag names. | Required | +| state | If `state` is set to `add` or `present` will add the tags to the existing tag list of the given object. If `state` is set to `remove` or `absent` will remove the tags from the existing tag list of the given object. If `state` is set to `set` will replace the tags of the given objects with the user defined list of tags. Possible values are: present, absent, add, remove, set. Default is add. | Optional | +| object_type | Type of object to work with. Possible values are: VirtualMachine, Datacenter, ClusterComputeResource, HostSystem, DistributedVirtualSwitch, DistributedVirtualPortgroup. | Required | +| object_name | Name of the object to work with. For DistributedVirtualPortgroups the format should be "switch_name:portgroup_name". | Required | +| protocol | The connection to protocol. Possible values are: http, https. Default is https. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareTagManager.tag_status | unknown | metadata about tags related to object configuration | + + + + +### vmware-target-canonical-info +*** +Return canonical (NAA) from an ESXi host system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_target_canonical_info_module.html + + +#### Base Command + +`vmware-target-canonical-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| target_id | The target id based on order of scsi device. version 2.6 onwards, this parameter is optional. | Optional | +| cluster_name | Name of the cluster. Info about all SCSI devices for all host system in the given cluster is returned. This parameter is required, if `esxi_hostname` is not provided. | Optional | +| esxi_hostname | Name of the ESXi host system. Info about all SCSI devices for the given ESXi host system is returned. This parameter is required, if `cluster_name` is not provided. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareTargetCanonicalInfo.canonical | string | metadata about SCSI Target device | +| VMware.VmwareTargetCanonicalInfo.scsi_tgt_info | unknown | metadata about all SCSI Target devices | + + +#### Command Example +```!vmware-target-canonical-info target_id="7" esxi_hostname="esxi01" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareTargetCanonicalInfo": [ + { + "canonical": "", + "changed": false, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * canonical: +> * changed: False + +### vmware-vcenter-settings +*** +Configures general settings on a vCenter server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vcenter_settings_module.html + + +#### Base Command + +`vmware-vcenter-settings` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| database | The database settings for vCenter server. Valid attributes are: - `max_connections` (int): Maximum connections. (default: 50) - `task_cleanup` (bool): Task cleanup. (default: true) - `task_retention` (int): Task retention (days). (default: 30) - `event_cleanup` (bool): Event cleanup. (default: true) - `event_retention` (int): Event retention (days). (default: 30). Default is {'max_connections': 50, 'task_cleanup': True, 'task_retention': 30, 'event_cleanup': True, 'event_retention': 30}. | Optional | +| runtime_settings | The unique runtime settings for vCenter server. Valid attributes are: - `unique_id` (int): vCenter server unique ID. - `managed_address` (str): vCenter server managed address. - `vcenter_server_name` (str): vCenter server name. (default: FQDN). | Optional | +| user_directory | The user directory settings for the vCenter server installation. Valid attributes are: - `timeout` (int): User directory timeout. (default: 60) - `query_limit` (bool): Query limit. (default: true) - `query_limit_size` (int): Query limit size. (default: 5000) - `validation` (bool): Mail Validation. (default: true) - `validation_period` (int): Validation period. (default: 1440). Default is {'timeout': 60, 'query_limit': True, 'query_limit_size': 5000, 'validation': True, 'validation_period': 1440}. | Optional | +| mail | The settings vCenter server uses to send email alerts. Valid attributes are: - `server` (str): Mail server - `sender` (str): Mail sender address. | Optional | +| snmp_receivers | SNMP trap destinations for vCenter server alerts. Valid attributes are: - `snmp_receiver_1_url` (str): Primary Receiver ULR. (default: "localhost") - `snmp_receiver_1_enabled` (bool): Enable receiver. (default: True) - `snmp_receiver_1_port` (int): Receiver port. (default: 162) - `snmp_receiver_1_community` (str): Community string. (default: "public") - `snmp_receiver_2_url` (str): Receiver 2 ULR. (default: "") - `snmp_receiver_2_enabled` (bool): Enable receiver. (default: False) - `snmp_receiver_2_port` (int): Receiver port. (default: 162) - `snmp_receiver_2_community` (str): Community string. (default: "") - `snmp_receiver_3_url` (str): Receiver 3 ULR. (default: "") - `snmp_receiver_3_enabled` (bool): Enable receiver. (default: False) - `snmp_receiver_3_port` (int): Receiver port. (default: 162) - `snmp_receiver_3_community` (str): Community string. (default: "") - `snmp_receiver_4_url` (str): Receiver 4 ULR. (default: "") - `snmp_receiver_4_enabled` (bool): Enable receiver. (default: False) - `snmp_receiver_4_port` (int): Receiver port. (default: 162) - `snmp_receiver_4_community` (str): Community string. (default: ""). Default is {'snmp_receiver_1_url': 'localhost', 'snmp_receiver_1_enabled': True, 'snmp_receiver_1_port': 162, 'snmp_receiver_1_community': 'public', 'snmp_receiver_2_url': '', 'snmp_receiver_2_enabled': False, 'snmp_receiver_2_port': 162, 'snmp_receiver_2_community': '', 'snmp_receiver_3_url': '', 'snmp_receiver_3_enabled': False, 'snmp_receiver_3_port': 162, 'snmp_receiver_3_community': '', 'snmp_receiver_4_url': '', 'snmp_receiver_4_enabled': False, 'snmp_receiver_4_port': 162, 'snmp_receiver_4_community': ''}. | Optional | +| timeout_settings | The vCenter server connection timeout for normal and long operations. Valid attributes are: - `normal_operations` (int) (default: 30) - `long_operations` (int) (default: 120). Default is {'normal_operations': 30, 'long_operations': 120}. | Optional | +| logging_options | The level of detail that vCenter server usesfor log files. Possible values are: none, error, warning, info, verbose, trivia. Default is info. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVcenterSettings.results | unknown | metadata about vCenter settings | + + + + +### vmware-vcenter-statistics +*** +Configures statistics on a vCenter server +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vcenter_statistics_module.html + + +#### Base Command + +`vmware-vcenter-statistics` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| interval_past_day | Settings for vCenter server past day statistic collection. Valid attributes are: - `enabled` (bool): Past day statistics collection enabled. (default: True) - `interval_minutes` (int): Interval duration (minutes). (choices: [1, 2, 3, 4, 5]) (default: 5) - `save_for_days` (int): Save for (days). (choices: [1, 2, 3, 4, 5]) (default: 1) - `level` (int): Statistics level. (choices: [1, 2, 3, 4]) (default: 1). | Optional | +| interval_past_week | Settings for vCenter server past week statistic collection. Valid attributes are: - `enabled` (bool): Past week statistics collection enabled. (default: True) - `interval_minutes` (int): Interval duration (minutes). (choices: [30]) (default: 30) - `save_for_weeks` (int): Save for (weeks). (choices: [1]) (default: 1) - `level` (int): Statistics level. (choices: [1, 2, 3, 4]) (default: 1). | Optional | +| interval_past_month | Settings for vCenter server past month statistic collection. Valid attributes are: - `enabled` (bool): Past month statistics collection enabled. (default: True) - `interval_hours` (int): Interval duration (hours). (choices: [2]) (default: 2) - `save_for_months` (int): Save for (months). (choices: [1]) (default: 1) - `level` (int): Statistics level. (choices: [1, 2, 3, 4]) (default: 1). | Optional | +| interval_past_year | Settings for vCenter server past month statistic collection. Valid attributes are: - `enabled` (bool): Past month statistics collection enabled. (default: True) - `interval_days` (int): Interval duration (days). (choices: [1]) (default: 1) - `save_for_years` (int): Save for (years). (choices: [1, 2, 3, 4, 5]) (default: 1) - `level` (int): Statistics level. (choices: [1, 2, 3, 4]) (default: 1). | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVcenterStatistics.results | unknown | metadata about vCenter statistics settings | + + +#### Command Example +```!vmware-vcenter-statistics interval_past_day="{'enabled': True, 'interval_minutes': 5, 'save_for_days': 1, 'level': 1}" interval_past_week="{'enabled': True, 'level': 1}" interval_past_month="{'enabled': True, 'level': 1}" interval_past_year="{'enabled': True, 'save_for_years': 1, 'level': 1}" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareVcenterStatistics": [ + { + "changed": false, + "msg": "vCenter statistics already configured properly", + "past_day_enabled": true, + "past_day_interval": 5, + "past_day_level": 1, + "past_day_save_for": 1, + "past_month_enabled": true, + "past_month_interval": 2, + "past_month_level": 1, + "past_month_save_for": 1, + "past_week_enabled": true, + "past_week_interval": 30, + "past_week_level": 1, + "past_week_save_for": 1, + "past_year_enabled": true, + "past_year_interval": 1, + "past_year_level": 1, + "past_year_save_for": 1, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * msg: vCenter statistics already configured properly +> * past_day_enabled: True +> * past_day_interval: 5 +> * past_day_level: 1 +> * past_day_save_for: 1 +> * past_month_enabled: True +> * past_month_interval: 2 +> * past_month_level: 1 +> * past_month_save_for: 1 +> * past_week_enabled: True +> * past_week_interval: 30 +> * past_week_level: 1 +> * past_week_save_for: 1 +> * past_year_enabled: True +> * past_year_interval: 1 +> * past_year_level: 1 +> * past_year_save_for: 1 + + +### vmware-vm-host-drs-rule +*** +Creates vm/host group in a given cluster +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_host_drs_rule_module.html + + +#### Base Command + +`vmware-vm-host-drs-rule` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| affinity_rule | If set to `True`, the DRS rule will be an Affinity rule. If set to `False`, the DRS rule will be an Anti-Affinity rule. Effective only if `state` is set to `present`. Possible values are: Yes, No. Default is Yes. | Optional | +| datacenter | Datacenter to search for given cluster. If not set, we use first cluster we encounter with `cluster_name`. | Optional | +| cluster_name | Cluster to create VM-Host rule. | Required | +| drs_rule_name | Name of rule to create or remove. | Required | +| enabled | If set to `True`, the DRS rule will be enabled. Effective only if `state` is set to `present`. Possible values are: Yes, No. Default is No. | Optional | +| host_group_name | Name of Host group to use with rule. Effective only if `state` is set to `present`. | Required | +| mandatory | If set to `True`, the DRS rule will be mandatory. Effective only if `state` is set to `present`. Possible values are: Yes, No. Default is No. | Optional | +| state | If set to `present` and the rule doesn't exists then the rule will be created. If set to `absent` and the rule exists then the rule will be deleted. Possible values are: present, absent. Default is present. | Required | +| vm_group_name | Name of VM group to use with rule. Effective only if `state` is set to `present`. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-vm-info +*** +Return basic info pertaining to a VMware machine guest +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_info_module.html + + +#### Base Command + +`vmware-vm-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| vm_type | If set to `vm`, then information are gathered for virtual machines only. If set to `template`, then information are gathered for virtual machine templates only. If set to `all`, then information are gathered for all virtual machines and virtual machine templates. Possible values are: all, vm, template. Default is all. | Optional | +| show_attribute | Attributes related to VM guest shown in information only when this is set `true`. Possible values are: Yes, No. Default is No. | Optional | +| folder | Specify a folder location of VMs to gather information from. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| show_tag | Tags related to virtual machine are shown if set to `True`. Possible values are: Yes, No. Default is No. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVmInfo.virtual_machines | unknown | list of dictionary of virtual machines and their information | + + +#### Command Example +```!vmware-vm-info``` + +#### Context Example +```json +{ + "VMware": { + "VmwareVmInfo": [ + { + "changed": false, + "status": "SUCCESS", + "virtual_machines": [ + { + "attributes": {}, + "cluster": "cluster", + "datacenter": "DC1", + "esxi_hostname": "esxi01", + "folder": "/DC1/vm", + "guest_fullname": "CentOS 4/5 or later (64-bit)", + "guest_name": "test_vm_0001", + "ip_address": "", + "mac_address": [ + "aa:bb:dd:aa:00:14" + ], + "moid": "vm-21", + "power_state": "poweredOff", + "tags": [], + "uuid": "42166c31-2bd1-6ac0-1ebb-a6db907f529e", + "vm_network": {} + } + ] + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Virtual_Machines +> * ## esxi01 +> * cluster: cluster +> * datacenter: DC1 +> * esxi_hostname: esxi01 +> * folder: /DC1/vm +> * guest_fullname: CentOS 4/5 or later (64-bit) +> * guest_name: test_vm_0001 +> * ip_address: +> * moid: vm-21 +> * power_state: poweredOff +> * uuid: 42166c31-2bd1-6ac0-1ebb-a6db907f529e +> * ### Attributes +> * ### Mac_Address +> * 0: aa:bb:dd:aa:00:14 +> * ### Tags +> * ### Vm_Network + + +### vmware-vm-shell +*** +Run commands in a VMware guest operating system +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_shell_module.html + + +#### Base Command + +`vmware-vm-shell` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter | The datacenter hosting the virtual machine. If set, it will help to speed up virtual machine search. | Optional | +| cluster | The cluster hosting the virtual machine. If set, it will help to speed up virtual machine search. | Optional | +| folder | Destination folder, absolute or relative path to find an existing guest or create the new guest. The folder should include the datacenter. ESX's datacenter is ha-datacenter. Examples: folder: /ha-datacenter/vm folder: ha-datacenter/vm folder: /datacenter1/vm folder: datacenter1/vm folder: /datacenter1/vm/folder1 folder: datacenter1/vm/folder1 folder: /folder1/datacenter1/vm folder: folder1/datacenter1/vm folder: /folder1/datacenter1/vm/folder2. | Optional | +| vm_id | Name of the virtual machine to work with. | Required | +| vm_id_type | The VMware identification method by which the virtual machine will be identified. Possible values are: uuid, instance_uuid, dns_name, inventory_path, vm_name. Default is vm_name. | Optional | +| vm_username | The user to login-in to the virtual machine. | Required | +| vm_password | The password used to login-in to the virtual machine. | Required | +| vm_shell | The absolute path to the program to start. On Linux, shell is executed via bash. | Required | +| vm_shell_args | The argument to the program. The characters which must be escaped to the shell also be escaped on the command line provided. Default is . | Optional | +| vm_shell_env | Comma separated list of environment variable, specified in the guest OS notation. | Optional | +| vm_shell_cwd | The current working directory of the application from which it will be run. | Optional | +| wait_for_process | If set to `True`, module will wait for process to complete in the given virtual machine. Possible values are: Yes, No. Default is No. | Optional | +| timeout | Timeout in seconds. If set to positive integers, then `wait_for_process` will honor this parameter and will exit after this timeout. Default is 3600. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVmShell.results | unknown | metadata about the new process after completion with wait_for_process | + + + + +### vmware-vm-storage-policy-info +*** +Gather information about vSphere storage profile defined storage policy information. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_storage_policy_info_module.html + + +#### Base Command + +`vmware-vm-storage-policy-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVmStoragePolicyInfo.spbm_profiles | unknown | list of dictionary of SPBM info | + + +#### Command Example +```!vmware-vm-storage-policy-info ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareVmStoragePolicyInfo": [ + { + "changed": false, + "spbm_profiles": [ + { + "constraints_sub_profiles": [ + { + "rule_set_info": [ + { + "id": "hostFailuresToTolerate", + "value": 1 + }, + { + "id": "stripeWidth", + "value": 1 + }, + { + "id": "forceProvisioning", + "value": false + }, + { + "id": "proportionalCapacity", + "value": 0 + }, + { + "id": "cacheReservation", + "value": 0 + } + ], + "rule_set_name": "VSAN sub-profile" + } + ], + "description": "Storage policy used as default for vSAN datastores", + "id": "aa6d5a82-1c88-45da-85d3-3d74b91a5bad", + "name": "vSAN Default Storage Policy" + }, + { + "constraints_sub_profiles": [ + { + "rule_set_info": [ + { + "id": "ad5a249d-cbc2-43af-9366-694d7664fa52", + "value": "ad5a249d-cbc2-43af-9366-694d7664fa52" + } + ], + "rule_set_name": "sp-1" + } + ], + "description": "Sample storage policy for VMware's VM and virtual disk encryption", + "id": "4d5f673c-536f-11e6-beb8-9e71128cae77", + "name": "VM Encryption Policy" + }, + { + "constraints_sub_profiles": [], + "description": "Allow the datastore to determine the best placement strategy for storage objects", + "id": "f4e5bade-15a2-4805-bf8e-52318c4ce443", + "name": "VVol No Requirements Policy" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Spbm_Profiles +> * ## Vsan Default Storage Policy +> * description: Storage policy used as default for vSAN datastores +> * id: aa6d5a82-1c88-45da-85d3-3d74b91a5bad +> * name: vSAN Default Storage Policy +> * ### Constraints_Sub_Profiles +> * ### Vsan Sub-Profile +> * rule_set_name: VSAN sub-profile +> * #### Rule_Set_Info +> * #### Hostfailurestotolerate +> * id: hostFailuresToTolerate +> * value: 1 +> * #### Stripewidth +> * id: stripeWidth +> * value: 1 +> * #### Forceprovisioning +> * id: forceProvisioning +> * value: False +> * #### Proportionalcapacity +> * id: proportionalCapacity +> * value: 0 +> * #### Cachereservation +> * id: cacheReservation +> * value: 0 +> * ## Vm Encryption Policy +> * description: Sample storage policy for VMware's VM and virtual disk encryption +> * id: 4d5f673c-536f-11e6-beb8-9e71128cae77 +> * name: VM Encryption Policy +> * ### Constraints_Sub_Profiles +> * ### Sp-1 +> * rule_set_name: sp-1 +> * #### Rule_Set_Info +> * #### Ad5A249D-Cbc2-43Af-9366-694D7664Fa52 +> * id: ad5a249d-cbc2-43af-9366-694d7664fa52 +> * value: ad5a249d-cbc2-43af-9366-694d7664fa52 +> * ## Vvol No Requirements Policy +> * description: Allow the datastore to determine the best placement strategy for storage objects +> * id: f4e5bade-15a2-4805-bf8e-52318c4ce443 +> * name: VVol No Requirements Policy +> * ### Constraints_Sub_Profiles + + +### vmware-vm-vm-drs-rule +*** +Configure VMware DRS Affinity rule for virtual machine in given cluster +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_vm_drs_rule_module.html + + +#### Base Command + +`vmware-vm-vm-drs-rule` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Desired cluster name where virtual machines are present for the DRS rule. | Required | +| vms | List of virtual machines name for which DRS rule needs to be applied. Required if `state` is set to `present`. | Optional | +| drs_rule_name | The name of the DRS rule to manage. | Required | +| enabled | If set to `True`, the DRS rule will be enabled. Effective only if `state` is set to `present`. Possible values are: Yes, No. Default is No. | Optional | +| mandatory | If set to `True`, the DRS rule will be mandatory. Effective only if `state` is set to `present`. Possible values are: Yes, No. Default is No. | Optional | +| affinity_rule | If set to `True`, the DRS rule will be an Affinity rule. If set to `False`, the DRS rule will be an Anti-Affinity rule. Effective only if `state` is set to `present`. Possible values are: Yes, No. Default is Yes. | Optional | +| state | If set to `present`, then the DRS rule is created if not present. If set to `present`, then the DRS rule is already present, it updates to the given configurations. If set to `absent`, then the DRS rule is deleted if present. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVmVmDrsRule.result | unknown | metadata about DRS VM and VM rule | + + + + +### vmware-vm-vss-dvs-migrate +*** +Migrates a virtual machine from a standard vswitch to distributed +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vm_vss_dvs_migrate_module.html + + +#### Base Command + +`vmware-vm-vss-dvs-migrate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| vm_name | Name of the virtual machine to migrate to a dvSwitch. | Required | +| dvportgroup_name | Name of the portgroup to migrate to the virtual machine to. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-vmkernel +*** +Manages a VMware VMkernel Adapter of an ESXi host. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vmkernel_module.html + + +#### Base Command + +`vmware-vmkernel` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| vswitch_name | The name of the vSwitch where to add the VMKernel interface. Required parameter only if `state` is set to `present`. Optional parameter from version 2.5 and onwards. | Optional | +| dvswitch_name | The name of the vSphere Distributed Switch (vDS) where to add the VMKernel interface. Required parameter only if `state` is set to `present`. Optional parameter from version 2.8 and onwards. | Optional | +| portgroup_name | The name of the port group for the VMKernel interface. | Required | +| network | A dictionary of network details. The following parameter is required: - `type` (string): Type of IP assignment (either `dhcp` or `static`). The following parameters are required in case of `type` is set to `static`: - `ip_address` (string): Static IP address (implies `type: static`). - `subnet_mask` (string): Static netmask required for `ip_address`. The following parameter is optional in case of `type` is set to `static`: - `default_gateway` (string): Default gateway (Override default gateway for this adapter). The following parameter is optional: - `tcpip_stack` (string): The TCP/IP stack for the VMKernel interface. Can be default, provisioning, vmotion, or vxlan. (default: default). Default is {'type': 'static', 'tcpip_stack': 'default'}. | Optional | +| ip_address | The IP Address for the VMKernel interface. Use `network` parameter with `ip_address` instead. Deprecated option, will be removed in version 2.9. | Optional | +| subnet_mask | The Subnet Mask for the VMKernel interface. Use `network` parameter with `subnet_mask` instead. Deprecated option, will be removed in version 2.9. | Optional | +| mtu | The MTU for the VMKernel interface. The default value of 1500 is valid from version 2.5 and onwards. Default is 1500. | Optional | +| device | Search VMkernel adapter by device name. The parameter is required only in case of `type` is set to `dhcp`. | Optional | +| enable_vsan | Enable VSAN traffic on the VMKernel adapter. This option is only allowed if the default TCP/IP stack is used. | Optional | +| enable_vmotion | Enable vMotion traffic on the VMKernel adapter. This option is only allowed if the default TCP/IP stack is used. You cannot enable vMotion on an additional adapter if you already have an adapter with the vMotion TCP/IP stack configured. | Optional | +| enable_mgmt | Enable Management traffic on the VMKernel adapter. This option is only allowed if the default TCP/IP stack is used. | Optional | +| enable_ft | Enable Fault Tolerance traffic on the VMKernel adapter. This option is only allowed if the default TCP/IP stack is used. | Optional | +| enable_provisioning | Enable Provisioning traffic on the VMKernel adapter. This option is only allowed if the default TCP/IP stack is used. | Optional | +| enable_replication | Enable vSphere Replication traffic on the VMKernel adapter. This option is only allowed if the default TCP/IP stack is used. | Optional | +| enable_replication_nfc | Enable vSphere Replication NFC traffic on the VMKernel adapter. This option is only allowed if the default TCP/IP stack is used. | Optional | +| state | If set to `present`, the VMKernel adapter will be created with the given specifications. If set to `absent`, the VMKernel adapter will be removed. If set to `present` and VMKernel adapter exists, the configurations will be updated. Possible values are: present, absent. Default is present. | Optional | +| esxi_hostname | Name of ESXi host to which VMKernel is to be managed. From version 2.5 onwards, this parameter is required. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVmkernel.result | unknown | metadata about VMKernel name | + + + + +### vmware-vmkernel-info +*** +Gathers VMKernel info about an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vmkernel_info_module.html + + +#### Base Command + +`vmware-vmkernel-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. VMKernel information about each ESXi server will be returned for the given cluster. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname. VMKernel information about this ESXi server will be returned. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVmkernelInfo.host_vmk_info | unknown | metadata about VMKernel present on given host system | + + +#### Command Example +```!vmware-vmkernel-info cluster_name="cluster" ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareVmkernelInfo": [ + { + "changed": false, + "host_vmk_info": { + "esxi01": [ + { + "device": "vmk0", + "dhcp": true, + "enable_ft": false, + "enable_management": true, + "enable_vmotion": false, + "enable_vsan": false, + "ipv4_address": "esxi01", + "ipv4_subnet_mask": "255.255.255.0", + "key": "key-vim.host.VirtualNic-vmk0", + "mac": "00:0c:29:d9:27:04", + "mtu": 1500, + "portgroup": "Management Network", + "stack": "defaultTcpipStack" + } + ] + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Host_Vmk_Info +> * ### esxi01 +> * ### List +> * device: vmk0 +> * dhcp: True +> * enable_ft: False +> * enable_management: True +> * enable_vmotion: False +> * enable_vsan: False +> * ipv4_address: esxi01 +> * ipv4_subnet_mask: 255.255.255.0 +> * key: key-vim.host.VirtualNic-vmk0 +> * mac: 00:0c:29:d9:27:04 +> * mtu: 1500 +> * portgroup: Management Network +> * stack: defaultTcpipStack + + +### vmware-vmkernel-ip-config +*** +Configure the VMkernel IP Address +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vmkernel_ip_config_module.html + + +#### Base Command + +`vmware-vmkernel-ip-config` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| vmk_name | VMkernel interface name. | Required | +| ip_address | IP address to assign to VMkernel interface. | Required | +| subnet_mask | Subnet Mask to assign to VMkernel interface. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-vmotion +*** +Move a virtual machine using vMotion, and/or its vmdks using storage vMotion. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vmotion_module.html + + +#### Base Command + +`vmware-vmotion` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| vm_name | Name of the VM to perform a vMotion on. This is required parameter, if `vm_uuid` is not set. Version 2.6 onwards, this parameter is not a required parameter, unlike the previous versions. | Optional | +| vm_uuid | UUID of the virtual machine to perform a vMotion operation on. This is a required parameter, if `vm_name` or `moid` is not set. | Optional | +| moid | Managed Object ID of the instance to manage if known, this is a unique identifier only within a single vCenter instance. This is required if `vm_name` or `vm_uuid` is not supplied. | Optional | +| use_instance_uuid | Whether to use the VMware instance UUID rather than the BIOS UUID. Possible values are: Yes, No. Default is No. | Optional | +| destination_host | Name of the destination host the virtual machine should be running on. Version 2.6 onwards, this parameter is not a required parameter, unlike the previous versions. | Optional | +| destination_datastore | Name of the destination datastore the virtual machine's vmdk should be moved on. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVmotion.running_host | string | List the host the virtual machine is registered to | + + + + +### vmware-vsan-cluster +*** +Configure VSAN clustering on an ESXi host +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vsan_cluster_module.html + + +#### Base Command + +`vmware-vsan-cluster` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_uuid | Desired cluster UUID. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + +#### Command Example +```!vmware-vsan-cluster ``` + +#### Context Example +```json +{ + "VMware": { + "VmwareVsanCluster": [ + { + "changed": true, + "cluster_uuid": "525e42db-3df5-4184-b178-874f4ef18006", + "result": null, + "status": "CHANGED" + } + ] + } +} +``` + +#### Human Readable Output + +># CHANGED +> * changed: True +> * cluster_uuid: 525e42db-3df5-4184-b178-874f4ef18006 +> * result: None + + +### vmware-vspan-session +*** +Create or remove a Port Mirroring session. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vspan_session_module.html + + +#### Base Command + +`vmware-vspan-session` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| switch | The name of the distributed vSwitch on which to add or remove the mirroring session. | Required | +| name | Name of the session. | Required | +| state | Create or remove the session. Possible values are: present, absent. | Required | +| session_type | Select the mirroring type. - `encapsulatedRemoteMirrorSource` (str): In encapsulatedRemoteMirrorSource session, Distributed Ports can be used as source entities, and Ip address can be used as destination entities. - `remoteMirrorDest` (str): In remoteMirrorDest session, vlan Ids can be used as source entities, and Distributed Ports can be used as destination entities. - `remoteMirrorSource` (str): In remoteMirrorSource session, Distributed Ports can be used as source entities, and uplink ports name can be used as destination entities. - `dvPortMirror` (str): In dvPortMirror session, Distributed Ports can be used as both source and destination entities. Possible values are: encapsulatedRemoteMirrorSource, remoteMirrorDest, remoteMirrorSource, dvPortMirror. Default is dvPortMirror. | Optional | +| enabled | Whether the session is enabled. Possible values are: Yes, No. Default is Yes. | Optional | +| description | The description for the session. | Optional | +| source_port_transmitted | Source port for which transmitted packets are mirrored. | Optional | +| source_port_received | Source port for which received packets are mirrored. | Optional | +| destination_port | Destination port that received the mirrored packets. Also any port designated in the value of this property can not match the source port in any of the Distributed Port Mirroring session. | Optional | +| encapsulation_vlan_id | VLAN ID used to encapsulate the mirrored traffic. | Optional | +| strip_original_vlan | Whether to strip the original VLAN tag. if false, the original VLAN tag will be preserved on the mirrored traffic. If encapsulationVlanId has been set and this property is false, the frames will be double tagged with the original VLAN ID as the inner tag. | Optional | +| mirrored_packet_length | An integer that describes how much of each frame to mirror. If unset, all of the frame would be mirrored. Setting this property to a smaller value is useful when the consumer will look only at the headers. The value cannot be less than 60. | Optional | +| normal_traffic_allowed | Whether or not destination ports can send and receive "normal" traffic. Setting this to false will make mirror ports be used solely for mirroring and not double as normal access ports. | Optional | +| sampling_rate | Sampling rate of the session. If its value is n, one of every n packets is mirrored. Valid values are between 1 to 65535, and default value is 1. | Optional | +| source_vm_transmitted | With this parameter it is possible, to add a NIC of a VM to a port mirroring session. Valid attributes are: - `name` (str): Name of the VM - `nic_label` (bool): Label of the Network Interface Card to use. | Optional | +| source_vm_received | With this parameter it is possible, to add a NIC of a VM to a port mirroring session. Valid attributes are: - `name` (str): Name of the VM - `nic_label` (bool): Label of the Network Interface Card to use. | Optional | +| destination_vm | With this parameter it is possible, to add a NIC of a VM to a port mirroring session. Valid attributes are: - `name` (str): Name of the VM - `nic_label` (bool): Label of the Network Interface Card to use. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-vswitch +*** +Manage a VMware Standard Switch to an ESXi host. +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vswitch_module.html + + +#### Base Command + +`vmware-vswitch` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| switch | vSwitch name to add. Alias `switch` is added in version 2.4. | Required | +| nics | A list of vmnic names or vmnic name to attach to vSwitch. Alias `nics` is added in version 2.4. | Optional | +| number_of_ports | Number of port to configure on vSwitch. Default is 128. | Optional | +| mtu | MTU to configure on vSwitch. Default is 1500. | Optional | +| state | Add or remove the switch. Possible values are: absent, present. Default is present. | Optional | +| esxi_hostname | Manage the vSwitch using this ESXi host system. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVswitch.result | string | information about performed operation | + + +#### Command Example +```!vmware-vswitch switch="vswitch_name" nics="vmnic1" mtu="9000" esxi_hostname="esxi01"``` + +#### Context Example +```json +{ + "VMware": { + "VmwareVswitch": [ + { + "changed": false, + "result": "No change in vSwitch 'vswitch_name'", + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * result: No change in vSwitch 'vswitch_name' + + +### vmware-vswitch-info +*** +Gathers info about an ESXi host's vswitch configurations +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vmware_vswitch_info_module.html + + +#### Base Command + +`vmware-vswitch-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cluster_name | Name of the cluster. Info about vswitch belonging to every ESXi host systems under this cluster will be returned. If `esxi_hostname` is not given, this parameter is required. | Optional | +| esxi_hostname | ESXi hostname to gather information from. If `cluster_name` is not given, this parameter is required. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VmwareVswitchInfo.hosts_vswitch_info | unknown | metadata about host's vswitch configuration | + + +#### Command Example +```!vmware-vswitch-info cluster_name="cluster"``` + +#### Context Example +```json +{ + "VMware": { + "VmwareVswitchInfo": [ + { + "changed": false, + "hosts_vswitch_info": { + "esxi01": { + "vSwitch0": { + "mtu": 1500, + "num_ports": 128, + "pnics": [ + "vmnic0" + ] + }, + "vswitch_name": { + "mtu": 9000, + "num_ports": 128, + "pnics": [ + "vmnic1" + ] + } + } + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Hosts_Vswitch_Info +> * ### esxi01 +> * #### Vswitch0 +> * mtu: 1500 +> * num_ports: 128 +> * ##### Pnics +> * 0: vmnic0 +> * #### Vswitch_Name +> * mtu: 9000 +> * num_ports: 128 +> * ##### Pnics +> * 0: vmnic1 + + +### vmware-vsphere-file +*** +Manage files on a vCenter datastore +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vsphere_file_module.html + + +#### Base Command + +`vmware-vsphere-file` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host | The vCenter server on which the datastore is available. | Required | +| datacenter | The datacenter on the vCenter server that holds the datastore. | Required | +| datastore | The datastore on the vCenter server to push files to. | Required | +| path | The file or directory on the datastore on the vCenter server. | Required | +| timeout | The timeout in seconds for the upload to the datastore. Default is 10. | Optional | +| state | The state of or the action on the provided path. If `absent`, the file will be removed. If `directory`, the directory will be created. If `file`, more information of the (existing) file will be returned. If `touch`, an empty file will be created if the path does not exist. Possible values are: absent, directory, file, touch. Default is file. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | + + + + +### vmware-vcenter-extension +*** +Register/deregister vCenter Extensions +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vcenter_extension_module.html + + +#### Base Command + +`vmware-vcenter-extension` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| extension_key | The extension key of the extension to install or uninstall. | Required | +| version | The version of the extension you are installing or uninstalling. | Required | +| name | Required for `state=present`. The name of the extension you are installing. | Optional | +| company | Required for `state=present`. The name of the company that makes the extension. | Optional | +| description | Required for `state=present`. A short description of the extension. | Optional | +| email | Required for `state=present`. Administrator email to use for extension. | Optional | +| url | Required for `state=present`. Link to server hosting extension zip file to install. | Optional | +| ssl_thumbprint | Required for `state=present`. SSL thumbprint of the extension hosting server. | Optional | +| server_type | Required for `state=present`. Type of server being used to install the extension (SOAP, REST, HTTP, etc.). Default is vsphere-client-serenity. | Optional | +| client_type | Required for `state=present`. Type of client the extension is (win32, .net, linux, etc.). Default is vsphere-client-serenity. | Optional | +| visible | Show the extension in solution manager inside vCenter. Possible values are: Yes, No. Default is Yes. | Optional | +| state | Add or remove vCenter Extension. Possible values are: absent, present. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VcenterExtension.result | string | information about performed operation | + + + + +### vmware-vcenter-extension-info +*** +Gather info vCenter extensions +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vcenter_extension_info_module.html + + +#### Base Command + +`vmware-vcenter-extension-info` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VcenterExtensionInfo.extension_info | unknown | List of extensions | + + +#### Command Example +```!vmware-vcenter-extension-info ``` + +#### Context Example +```json +{ + "VMware": { + "VcenterExtensionInfo": [ + { + "changed": false, + "extension_info": [ + { + "extension_company": "VMware Inc.", + "extension_key": "com.vmware.vim.sms", + "extension_label": "VMware vCenter Storage Monitoring Service", + "extension_last_heartbeat_time": "2021-07-11T15:21:08.666734+00:00", + "extension_subject_name": "", + "extension_summary": "Storage Monitoring and Reporting", + "extension_type": "", + "extension_version": "5.5" + } + ], + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Extension_Info +> * ## +> * extension_company: VMware Inc. +> * extension_key: com.vmware.vim.sms +> * extension_label: VMware vCenter Storage Monitoring Service +> * extension_last_heartbeat_time: 2021-07-11T15:21:08.666734+00:00 +> * extension_subject_name: +> * extension_summary: Storage Monitoring and Reporting +> * extension_type: +> * extension_version: 5.5 + + +### vmware-vcenter-folder +*** +Manage folders on given datacenter +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vcenter_folder_module.html + + +#### Base Command + +`vmware-vcenter-folder` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| datacenter | Name of the datacenter. | Required | +| folder_name | Name of folder to be managed. This is case sensitive parameter. Folder name should be under 80 characters. This is a VMware restriction. | Required | +| parent_folder | Name of the parent folder under which new folder needs to be created. This is case sensitive parameter. Please specify unique folder name as there is no way to detect duplicate names. If user wants to create a folder under '/DC0/vm/vm_folder', this value will be 'vm_folder'. | Optional | +| folder_type | This is type of folder. If set to `vm`, then 'VM and Template Folder' is created under datacenter. If set to `host`, then 'Host and Cluster Folder' is created under datacenter. If set to `datastore`, then 'Storage Folder' is created under datacenter. If set to `network`, then 'Network Folder' is created under datacenter. This parameter is required, if `state` is set to `present` and parent_folder is absent. This option is ignored, if `parent_folder` is set. Possible values are: datastore, host, network, vm. Default is vm. | Optional | +| state | State of folder. If set to `present` without parent folder parameter, then folder with `folder_type` is created. If set to `present` with parent folder parameter, then folder in created under parent folder. `folder_type` is ignored. If set to `absent`, then folder is unregistered and destroyed. Possible values are: present, absent. Default is present. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VcenterFolder.result | unknown | The detail about the new folder | + + +#### Command Example +```!vmware-vcenter-folder datacenter="DC1" folder_name="sample_vm_folder" folder_type="vm" state="present" ``` + +#### Context Example +```json +{ + "VMware": { + "VcenterFolder": [ + { + "changed": false, + "result": { + "msg": "Folder sample_vm_folder already exists", + "path": "/DC1/vm/sample_vm_folder" + }, + "status": "SUCCESS" + } + ] + } +} +``` + +#### Human Readable Output + +># SUCCESS +> * changed: False +> * ## Result +> * msg: Folder sample_vm_folder already exists +> * path: /DC1/vm/sample_vm_folder + +### vmware-vcenter-license +*** +Manage VMware vCenter license keys +Further documentation available at https://docs.ansible.com/ansible/2.9/modules/vcenter_license_module.html + + +#### Base Command + +`vmware-vcenter-license` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| labels | The optional labels of the license key to manage in vSphere vCenter. This is dictionary with key/value pair. Default is {'source': 'ansible'}. | Optional | +| license | The license key to manage in vSphere vCenter. | Required | +| state | Whether to add (`present`) or remove (`absent`) the license key. Possible values are: absent, present. Default is present. | Optional | +| esxi_hostname | The hostname of the ESXi server to which the specified license will be assigned. This parameter is optional. | Optional | +| datacenter | The datacenter name to use for the operation. | Optional | +| cluster_name | Name of the cluster to apply vSAN license. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| VMware.VcenterLicense.licenses | unknown | list of license keys after module executed | + + + diff --git a/Packs/AnsibleVMware/Integrations/AnsibleVMware/command_examples b/Packs/AnsibleVMware/Integrations/AnsibleVMware/command_examples new file mode 100644 index 000000000000..0bf48445467e --- /dev/null +++ b/Packs/AnsibleVMware/Integrations/AnsibleVMware/command_examples @@ -0,0 +1,142 @@ +!vmware-about-info + +!vmware-datacenter datacenter_name="DC1" state="present" + +!vmware-cluster datacenter="DC1" cluster_name="cluster" enable_ha="False" enable_drs="False" enable_vsan="False" +!vmware-cluster-drs datacenter="DC1" cluster_name="cluster" enable_drs="False" +!vmware-cluster-ha datacenter="DC1" cluster_name="cluster" enable_ha="False" +!vmware-cluster-vsan datacenter="DC1" cluster_name="cluster" enable_vsan="False" +!vmware-cluster-info datacenter="DC1" + +!vmware-host datacenter_name="DC1" cluster_name="cluster" esxi_hostname="esxi01" esxi_username="root" esxi_password="PASSWORD" state="present" +!vmware-host-acceptance cluster_name="cluster" acceptance_level="community" state="present" +!vmware-host-active-directory esxi_hostname="esxi01" ad_domain="example.local" ad_user="adjoin" ad_password="Password123$" ad_state="present" +!vmware-host-capability-info cluster_name="cluster" +!vmware-host-config-info cluster_name="cluster" +!vmware-host-config-manager cluster_name="cluster" options="{'Config.HostAgent.log.level': 'info'}" +!vmware-host-datastore datastore_name="datastore1" datastore_type="vmfs" vmfs_device_name="naa.6000c29d140dea19fc681e3e1b190c46" vmfs_version="6" esxi_hostname="esxi01" state="present" +!vmware-host-dns-info cluster_name="cluster" +!vmware-host-facts +!vmware-host-feature-info cluster_name="cluster" +!vmware-host-firewall-info cluster_name="cluster" +!vmware-host-firewall-manager cluster_name="cluster" rules="{{ [{'name': 'vvold', 'enabled': True}] }}" +!vmware-host-hyperthreading esxi_hostname="esxi01" state="enabled" +!vmware-host-ipv6 esxi_hostname="esxi01" state="enabled" +!vmware-host-kernel-manager esxi_hostname="esxi01" kernel_module_name="tcpip4" kernel_module_option="ipv6=0" +!vmware-host-lockdown esxi_hostname="esxi01" state="present" +!vmware-host-ntp esxi_hostname="esxi01" ntp_servers="{{ ['0.pool.ntp.org', '1.pool.ntp.org'] }}" +!vmware-host-ntp-info cluster_name="cluster" +!vmware-host-package-info cluster_name="cluster" +!vmware-host-powermgmt-policy esxi_hostname="esxi01" policy="high-performance" +!vmware-host-powerstate esxi_hostname="esxi01" state="power-up-from-standby" +!vmware-host-scanhba esxi_hostname="esxi01" refresh_storage="True" +!vmware-host-service-info cluster_name="cluster" +!vmware-host-service-manager cluster_name="cluster" service_name="ntpd" state="present" +!vmware-host-snmp community="test" state="enabled" +!vmware-host-ssl-info cluster_name="cluster" +!vmware-host-vmhba-info cluster_name="cluster" +!vmware-host-vmnic-info cluster_name="cluster" +!vmware-cfg-backup state="saved" dest="/tmp/" esxi_hostname="esxi01" + +!vmware-datastore-cluster datacenter_name="DC1" datastore_cluster_name="Storage_Cluster" state="present" +!vmware-datastore-info datacenter_name="DC1" +!vmware-datastore-maintenancemode datastore="datastore1" state="present" + +!vmware-dns-config change_hostname_to="esxi01" domainname="foo.org" dns_servers="{{ ['8.8.8.8', '8.8.4.4'] }}" + +!vmware-drs-group cluster_name="cluster" datacenter_name="DC1" group_name="TEST_VM_01" vms="Sample_VM" state="present" +!vmware-drs-group-info datacenter="DC1" +!vmware-drs-rule-info cluster_name="cluster" + +!vmware-dvswitch datacenter="DC1" switch="dvSwitch" version="6.0.0" mtu="9000" uplink_quantity="2" discovery_protocol="lldp" discovery_operation="both" state="present" +!vmware-dvs-host esxi_hostname="esxi01" switch_name="dvSwitch" vmnics="vmnic1" state="present" +!vmware-dvs-portgroup portgroup_name="vlan-123-portrgoup" switch_name="dvSwitch" vlan_id="123" num_ports="120" portgroup_type="earlyBinding" state="present" +!vmware-dvs-portgroup-find dvswitch="dvSwitch" +!vmware-dvs-portgroup-info datacenter="DC1" + +!vmware-dvswitch-lacp switch="dvSwitch" support_mode="enhanced" +!vmware-dvswitch-nioc switch="dvSwitch" version="version3" resources="{{ [{'name': 'vmotion', 'limit': -1, 'reservation': 128, 'shares_level': 'normal'}, {'name': 'vsan', 'limit': -1, 'shares_level': 'custom', 'shares': 99, 'reservation': 256}] }}" state="present" +!vmware-dvswitch-pvlans switch="dvSwitch" primary_pvlans="{{ [{'primary_pvlan_id': 1}, {'primary_pvlan_id': 4}] }}" secondary_pvlans="{{ [{'primary_pvlan_id': 1, 'secondary_pvlan_id': 2, 'pvlan_type': 'isolated'}, {'primary_pvlan_id': 1, 'secondary_pvlan_id': 3, 'pvlan_type': 'community'}, {'primary_pvlan_id': 4, 'secondary_pvlan_id': 5, 'pvlan_type': 'community'}] }}" +!vmware-dvswitch-uplink-pg switch="dvSwitch" name="dvSwitch-DVUplinks" advanced="{{ {'port_config_reset_at_disconnect': True, 'block_override': True, 'vendor_config_override': False, 'vlan_override': False, 'netflow_override': False, 'traffic_filter_override': False} }}" vlan_trunk_range="0-4094" netflow_enabled="False" block_all_ports="False" + +!vmware-evc-mode datacenter_name="DC1" cluster_name="cluster" evc_mode="intel-merom" state="present" + +!vmware-folder-info datacenter="DC1" + + +!vmware-guest folder="/DC1/vm/" name="test_vm_0001" state="poweredon" guest_id="centos64Guest" esxi_hostname="esxi01" disk="{{ [{'size_gb': 1, 'type': 'thin', 'datastore': 'datastore1'}] }}" hardware="{{ {'memory_mb': 512, 'num_cpus': 1, 'scsi': 'paravirtual'} }}" networks="{{ [{'name': 'VM Network', 'mac': 'aa:bb:dd:aa:00:14', 'ip': '10.10.10.100', 'netmask': '255.255.255.0', 'device_type': 'vmxnet3'}] }}" datacenter="DC1" +!vmware-guest-boot-info name="test_vm_0001" +!vmware-guest-boot-manager name="test_vm_0001" boot_delay="2000" enter_bios_setup="True" boot_retry_enabled="True" boot_retry_delay="22300" boot_firmware="bios" secure_boot_enabled="False" boot_order="['floppy', 'cdrom', 'ethernet', 'disk']" +!vmware-guest-custom-attribute-defs state="present" attribute_key="custom_attr_def_1" +!vmware-guest-custom-attributes name="test_vm_0001" state="present" attributes="[{'name': 'MyAttribute', 'value': 'MyValue'}]" +!vmware-guest-customization-info +!vmware-guest-disk datacenter="DC1" name="test_vm_0001" disk="{{ [{'size_mb': 10, 'type': 'thin', 'datastore': 'datacluster0', 'state': 'present', 'scsi_controller': 1, 'unit_number': 1, 'scsi_type': 'paravirtual'}, {'size_gb': 1, 'type': 'eagerzeroedthick', 'state': 'present', 'autoselect_datastore': True, 'scsi_controller': 2, 'scsi_type': 'buslogic', 'unit_number': 12}, {'size': '10Gb', 'type': 'eagerzeroedthick', 'state': 'present', 'autoselect_datastore': True, 'scsi_controller': 2, 'scsi_type': 'buslogic', 'unit_number': 1}] }}" +!vmware-guest-disk-info datacenter="DC1" name="test_vm_0001" +!vmware-guest-find name="test_vm_0001" +!vmware-guest-info datacenter="DC1" name="test_vm_0001" +!vmware-guest-move datacenter="DC1" name="test_vm_0001" dest_folder="/DC1/vm" +!vmware-guest-network datacenter="DC1" name="test-vm" gather_network_info="False" networks="{{ [{'name': 'VM Network', 'state': 'new', 'manual_mac': '00:50:56:11:22:33'}, {'state': 'present', 'device_type': 'e1000e', 'manual_mac': '00:50:56:44:55:66'}, {'state': 'present', 'label': 'Network adapter 3', 'connected': False}, {'state': 'absent', 'mac': '00:50:56:44:55:77'}] }}" +!vmware-guest-powerstate folder="/DC1/vm/my_folder" name="test_vm_0001" state="powered-off" +!vmware-guest-screenshot datacenter="DC1" folder="my_folder" name="test_vm_0001" local_path="/tmp/" +!vmware-guest-sendkey datacenter="DC1" folder="my_folder" name="test_vm_0001" keys_send="{{ ['TAB', 'TAB', 'ENTER'] }}" +!vmware-guest-snapshot datacenter="DC1" folder="/DC1/vm/" name="test_vm_0001" state="present" snapshot_name="snap1" description="snap1_description" +!vmware-guest-snapshot-info datacenter="DC1" name="test_vm_0001" +!vmware-guest-tools-upgrade datacenter="DC1" name="test_vm_0001" +!vmware-guest-tools-wait +!vmware-guest-video datacenter="DC1" name="test-vm" gather_video_facts="False" use_auto_detect="False" display_number="2" video_memory_mb="8.0" enable_3D="True" renderer_3D="automatic" memory_3D_mb="512" +!vmware-guest-vnc folder="/DC1/vm" name="test_vm_0001" vnc_port="5990" vnc_password="vNc5ecr3t" datacenter="DC1" state="present" + +!vmware-vm-info + +!vmware-local-role-info +!vmware-local-role-manager local_role_name="vmware_qa" state="present" +!vmware-local-user-info +!vmware-local-user-manager local_user_name="foo" + +!vmware-maintenancemode esxi_hostname="esxi01" vsan="ensureObjectAccessibility" evacuate="True" timeout="3600" state="present" +!vmware-migrate-vmk esxi_hostname="esxi01" device="vmk1" current_switch_name="temp_vswitch" current_portgroup_name="esx-mgmt" migrate_switch_name="dvSwitch" migrate_portgroup_name="Management" +!vmware-object-role-permission role="Admin" principal="user_bob" object_name="services" state="present" + +!vmware-portgroup switch="vSwitch0" portgroup="test" vlan_id="123" cluster_name="cluster" +!vmware-portgroup-info cluster_name="cluster" + +!vmware-resource-pool datacenter="DC1" cluster="cluster" resource_pool="rp" mem_shares="normal" mem_limit="-1" mem_reservation="0" mem_expandable_reservations="True" cpu_shares="normal" cpu_limit="-1" cpu_reservation="0" cpu_expandable_reservations="True" state="present" +!vmware-resource-pool-info + +!vmware-tag category_id="urn:vmomi:InventoryServiceCategory:e785088d-6981-4b1c-9fb8-1100c3e1f742:GLOBAL" tag_name="Sample_Tag_0002" tag_description="Sample Description" state="present" +!vmware-tag-info + +!vmware-tag-manager tag_names="{{ ['Sample_Tag_0002', 'Category_0001:Sample_Tag_0003'] }}" object_name="Fedora_VM" object_type="VirtualMachine" state="add" +!vmware-target-canonical-info target_id="7" esxi_hostname="esxi_hostname" +!vmware-vcenter-settings database="{'max_connections': 50, 'task_cleanup': True, 'task_retention': 30, 'event_cleanup': True, 'event_retention': 30}" runtime_settings="{'unique_id': 1, 'managed_address': '{{ ansible_default_ipv4.address }}', 'vcenter_server_name': '192.168.1.107'}" user_directory="{'timeout': 60, 'query_limit': True, 'query_limit_size': 5000, 'validation': True, 'validation_period': 1440}" mail="{'server': 'mail.example.com', 'sender': 'vcenter@192.168.1.107'}" snmp_receivers="{'snmp_receiver_1_url': 'localhost', 'snmp_receiver_1_enabled': True, 'snmp_receiver_1_port': 162, 'snmp_receiver_1_community': 'public'}" timeout_settings="{'normal_operations': 30, 'long_operations': 120}" logging_options="info" +!vmware-vcenter-statistics interval_past_day="{'enabled': True, 'interval_minutes': 5, 'save_for_days': 1, 'level': 1}" interval_past_week="{'enabled': True, 'level': 1}" interval_past_month="{'enabled': True, 'level': 1}" interval_past_year="{'enabled': True, 'save_for_years': 1, 'level': 1}" + +!vmware-vm-host-drs-rule cluster_name="cluster" drs_rule_name="drs_rule_host_aff_0001" host_group_name="DC0_C0_HOST_GR1" vm_group_name="DC0_C0_VM_GR1" mandatory="True" enabled="True" affinity_rule="True" + + +!vmware-content-library-manager library_name="test-content-lib" library_description="Library with Datastore Backing" library_type="local" datastore_name="datastore" state="present" +!vmware-content-library-info +!vmware-content-deploy-template template="rhel_test_template" datastore="datastore1" folder="vm" datacenter="DC1" name="Sample_VM" state="present" + +!vmware-category category_name="Sample_Cat_0001" category_description="Sample Description" category_cardinality="multiple" state="present" +!vmware-category-info + +!vmware-vm-shell datacenter="DC1" folder="/DC1/vm" vm_id="test_vm_0001" vm_username="root" vm_password="superSecret" vm_shell="/bin/echo" vm_shell_args=" $var >> myFile " vm_shell_env="['PATH=/bin', 'VAR=test']" vm_shell_cwd="/tmp" +!vmware-vm-storage-policy-info +!vmware-vm-vm-drs-rule cluster_name="cluster" vms="['vm1', 'vm2']" drs_rule_name="vm1-vm2-affinity-rule-001" enabled="True" mandatory="True" affinity_rule="True" +!vmware-vm-vss-dvs-migrate vm_name="test_vm_0001" dvportgroup_name="{{ distributed_portgroup_name }}" +!vmware-vmkernel esxi_hostname="esxi01" vswitch_name="vSwitch0" portgroup_name="PG_0001" network="{'type': 'static', 'ip_address': '1.1.1.1', 'subnet_mask': '255.255.255.0'}" state="present" enable_mgmt="True" +!vmware-vmkernel-info cluster_name="cluster" +!vmware-vmkernel-ip-config vmk_name="vmk0" ip_address="10.0.0.10" subnet_mask="255.255.255.0" +!vmware-vmotion vm_name="vm_name_as_per_vcenter" destination_host="destination_host_as_per_vcenter" +!vmware-vsan-cluster +!vmware-vspan-session switch_name="dvSwitch" state="present" name="Basic Session" enabled="True" description="Example description" source_port_transmitted="817" source_port_received="817" destination_port="815" + +!vmware-vswitch switch="vswitch_name" nics="vmnic1" mtu="9000" esxi_hostname="esxi01" +!vmware-vswitch-info cluster_name="cluster" + +!vmware-vsphere-file host="esxi01" datacenter="DC1 Someplace" datastore="datastore1" path="some/remote/file" state="touch" +!vmware-vcenter-extension extension_key="{{ extension_key }}" version="1.0" company="Acme" name="Acme Extension" description="acme management" email="user@example.com" url="https://10.0.0.1/ACME-vSphere-web-plugin-1.0.zip" ssl_thumbprint="{{ ssl_thumbprint }}" state="present" +!vmware-vcenter-extension-info +!vmware-vcenter-folder datacenter_name="DC1" folder_name="sample_vm_folder" folder_type="vm" state="present" +!vmware-vcenter-license license="f600d-21ae3-5592b-249e0-cc341" state="present" diff --git a/Packs/AnsibleVMware/README.md b/Packs/AnsibleVMware/README.md new file mode 100644 index 000000000000..25e23c70630b --- /dev/null +++ b/Packs/AnsibleVMware/README.md @@ -0,0 +1,21 @@ +This pack enables you to manage VMware vCenter and ESXi using Ansible modules. The Ansible engine is self-contained and pre-configured as part of this pack onto your XSOAR server. The Ansible modules have been exposed as XSOAR commands, and allow you to use them without needing to know Ansible. + +# What does this pack allow you to manage? + +* Datacenter +* Cluster +* ESXi Hosts +* Datastores +* DRS Groups/Rules +* DVS +* Folders +* Guests +* Users +* PortGroups +* vSwitches +* Resource Pools +* Tags +* Content Library +* vMotion +* Licenses +* Files in Datastores \ No newline at end of file diff --git a/Packs/AnsibleVMware/pack_metadata.json b/Packs/AnsibleVMware/pack_metadata.json new file mode 100644 index 000000000000..430ceb1fb28e --- /dev/null +++ b/Packs/AnsibleVMware/pack_metadata.json @@ -0,0 +1,15 @@ +{ + "name": "Ansible VMware", + "description": "Manage and control VMware virtualisation hosts.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "categories": [ + "IT Services" + ], + "tags": ["IT"], + "useCases": ["IT Services", "Asset Management"], + "keywords": ["vSphere", "ESXi"] +} \ No newline at end of file diff --git a/Packs/Ansible_Powered_Integrations/Integrations/ACME/ACME.yml b/Packs/Ansible_Powered_Integrations/Integrations/ACME/ACME.yml index 4cd5382f9e60..7e4aceabe801 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/ACME/ACME.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/ACME/ACME.yml @@ -23,8 +23,8 @@ configuration: name: concurrency required: true type: 0 -description: Automatic Certificate Management Environment of Linux hosts -display: ACME +description: Automatic Certificate Management Environment of Linux hosts. Deprecated. Use Ansible ACME (in the Ansible Linux pack) instead. +display: Ansible ACME (Deprecated) name: ACME script: commands: @@ -604,7 +604,7 @@ script: - openssl description: Send direct requests to an ACME server name: acme-inspect - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -612,3 +612,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/AlibabaCloud/AlibabaCloud.yml b/Packs/Ansible_Powered_Integrations/Integrations/AlibabaCloud/AlibabaCloud.yml index a1750b12e1e9..53d0e0cd42a0 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/AlibabaCloud/AlibabaCloud.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/AlibabaCloud/AlibabaCloud.yml @@ -18,8 +18,8 @@ configuration: name: alicloud_region required: true type: 0 -description: Manage Alibaba Cloud Elastic Compute Instances -display: Alibaba Cloud +description: Manage Alibaba Cloud Elastic Compute Instances. Deprecated. Use Ansible Alibaba Cloud (from the Ansible Alibaba Cloud Pack) instead. +display: Ansible Alibaba Cloud (Deprecated) name: AlibabaCloud script: commands: @@ -337,7 +337,7 @@ script: type: string - contextPath: AlibabaCloud.instances.vpc_id description: The ID of the VPC the instance is in. - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -345,3 +345,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/AzureComputeV3/AzureComputeV3.yml b/Packs/Ansible_Powered_Integrations/Integrations/AzureComputeV3/AzureComputeV3.yml index 19e3a41ced79..dd83f1d762f1 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/AzureComputeV3/AzureComputeV3.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/AzureComputeV3/AzureComputeV3.yml @@ -51,8 +51,8 @@ configuration: name: api_profile required: true type: 0 -description: Manage Azure Compute resources -display: Azure Compute v3 +description: Manage Azure Compute resources. Deprecated. Use Ansible Azure (from the Ansible Azure pack) instead. +display: Ansible Azure Compute (Deprecated) name: AzureComputeV3 script: commands: @@ -2300,7 +2300,7 @@ script: name: append_tags description: Manage Azure Web App slot name: azure-rm-webappslot - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -2308,3 +2308,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/AzureNetworking/AzureNetworking.yml b/Packs/Ansible_Powered_Integrations/Integrations/AzureNetworking/AzureNetworking.yml index cd3487f4902d..02f51dc25367 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/AzureNetworking/AzureNetworking.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/AzureNetworking/AzureNetworking.yml @@ -27,7 +27,7 @@ configuration: name (as defined by Azure Python SDK, eg, `AzureChinaCloud`, `AzureUSGovernment`), or a metadata discovery endpoint URL (required for Azure Stack). defaultvalue: AzureCloud - display: Azure Cloud Environment + display: Ansible Azure Cloud Environment (Deprecated) name: cloud_environment required: true type: 0 @@ -51,8 +51,8 @@ configuration: name: api_profile required: true type: 0 -description: Manage Azure Networking resources -display: Azure Networking +description: Manage Azure Networking resources. Deprecated. Use Ansible Azure (from the Ansible Azure pack) instead. +display: Ansible Azure Networking (Deprecated) name: AzureNetworking script: commands: @@ -1571,7 +1571,7 @@ script: type: number - contextPath: AzureNetworking.dnszones.name_servers description: '[''The name servers for this DNS zone.'']' - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -1579,3 +1579,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/CiscoIOS/CiscoIOS.yml b/Packs/Ansible_Powered_Integrations/Integrations/CiscoIOS/CiscoIOS.yml index a2a053c9c87f..14a08d0a6884 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/CiscoIOS/CiscoIOS.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/CiscoIOS/CiscoIOS.yml @@ -23,8 +23,8 @@ configuration: name: concurrency required: true type: 0 -description: Cisco IOS Platform management over SSH -display: Cisco IOS +description: Cisco IOS Platform management over SSH. Deprecated. Use Ansible Cisco IOS (from the Ansible Cisco IOS pack) instead. +display: Ansible Cisco IOS (Deprecated) name: CiscoIOS script: commands: @@ -908,7 +908,7 @@ script: name: route_import_ipv6 description: Manage the collection of VRF definitions on Cisco IOS devices name: ios-vrf - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -916,3 +916,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/CiscoNXOS/CiscoNXOS.yml b/Packs/Ansible_Powered_Integrations/Integrations/CiscoNXOS/CiscoNXOS.yml index 23fdcf90eea5..98b9bb3ec2db 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/CiscoNXOS/CiscoNXOS.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/CiscoNXOS/CiscoNXOS.yml @@ -23,8 +23,8 @@ configuration: name: concurrency required: true type: 0 -description: Cisco NX-OS Platform management over SSH -display: Cisco NX-OS +description: Cisco NXOS Platform management over SSH. Deprecated. Use Ansible Cisco NXOS (from the Ansible Cisco NXOS pack) instead. +display: Ansible Cisco NXOS (Deprecated) name: CiscoNX-OS script: commands: @@ -3274,7 +3274,7 @@ script: - absent description: Creates a Virtual Network Identifier member (VNI) name: nxos-vxlan-vtep-vni - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -3282,3 +3282,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/DNS/DNS.yml b/Packs/Ansible_Powered_Integrations/Integrations/DNS/DNS.yml index 6ddbce5918d8..02df5b350f64 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/DNS/DNS.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/DNS/DNS.yml @@ -19,8 +19,8 @@ configuration: name: key_secret required: false type: 4 -description: Manage DNS records using NSUpdate -display: DNS +description: Manage DNS records using NSUpdate. Deprecated. Use Ansible DNS (in the Ansible Linux pack) instead. +display: Ansible DNS (Deprecated) name: DNS script: commands: @@ -74,7 +74,7 @@ script: - udp description: Manage DNS records. name: dns-nsupdate - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -82,3 +82,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/HCloud/HCloud.yml b/Packs/Ansible_Powered_Integrations/Integrations/HCloud/HCloud.yml index ecbc08845bdd..c4e0b3f06247 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/HCloud/HCloud.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/HCloud/HCloud.yml @@ -14,8 +14,8 @@ configuration: name: endpoint required: true type: 0 -description: Manage your Hetzner Cloud environment -display: HCloud +description: Manage your Hetzner Cloud environment. Deprecated. Use the Ansible HCloud (from the Ansible Hetzner Cloud Pack) instead. +display: Ansible HCloud (Deprecated) name: HCloud script: commands: @@ -681,7 +681,7 @@ script: type: string - contextPath: HCloud.hcloud_volume_info.labels description: User-defined labels (key-value pairs) - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -689,3 +689,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/Kubernetes/Kubernetes.yml b/Packs/Ansible_Powered_Integrations/Integrations/Kubernetes/Kubernetes.yml index 36d4c65ad544..151b42688f58 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/Kubernetes/Kubernetes.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/Kubernetes/Kubernetes.yml @@ -30,8 +30,8 @@ configuration: name: validate_certs required: true type: 4 -description: Manage Kubernetes -display: Kubernetes +description: Manage Kubernetes. Deprecated. Use Ansible Kubernetes (from the Ansible Kubernetes pack) instead. +display: Ansible Kubernetes (Deprecated) name: Kubernetes script: commands: @@ -389,7 +389,7 @@ script: and I(kind). - contextPath: Kubernetes.result.status description: Current status details for the object. - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -397,3 +397,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/Linux/Linux.yml b/Packs/Ansible_Powered_Integrations/Integrations/Linux/Linux.yml index a222c6d12a1f..9d4a813e6892 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/Linux/Linux.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/Linux/Linux.yml @@ -23,8 +23,8 @@ configuration: name: concurrency required: true type: 0 -description: Agentlesss Linux host management over SSH -display: Linux +description: Agentlesss Linux host management over SSH. Deprecated. Use Ansible Linux (in the Ansible Linux pack) instead. +display: Ansible Linux (Deprecated) name: Linux script: commands: @@ -6743,7 +6743,7 @@ script: name: attributes description: Downloads files from HTTP, HTTPS, or FTP to node name: linux-get-url - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -6751,3 +6751,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/MicrosoftWindows/MicrosoftWindows.yml b/Packs/Ansible_Powered_Integrations/Integrations/MicrosoftWindows/MicrosoftWindows.yml index bf6e22285d38..bca74019f3f2 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/MicrosoftWindows/MicrosoftWindows.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/MicrosoftWindows/MicrosoftWindows.yml @@ -23,8 +23,8 @@ configuration: name: concurrency required: true type: 0 -description: Agentless Windows host management over WinRM -display: Microsoft Windows +description: Agentless Windows host management over WinRM. Deprecated. Use Ansible Microsoft Windows (from the Ansible Microsoft Windows pack) instead. +display: Ansible Microsoft Windows (Deprecated) name: MicrosoftWindows script: commands: @@ -5314,3 +5314,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/OpenSSL/OpenSSL.yml b/Packs/Ansible_Powered_Integrations/Integrations/OpenSSL/OpenSSL.yml index eeb5a39f469d..fd0991b73456 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/OpenSSL/OpenSSL.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/OpenSSL/OpenSSL.yml @@ -23,8 +23,8 @@ configuration: name: concurrency required: true type: 0 -description: Control OpenSSL on a remote Linux hosts -display: OpenSSL +description: Control OpenSSL on a remote Linux hosts. Deprecated. Use Ansible OpenSSL (in the Ansible Linux pack) instead. +display: Ansible OpenSSL (Deprecated) name: OpenSSL script: commands: @@ -1316,7 +1316,7 @@ script: - contextPath: OpenSSL.extensions.name description: The extension's name. type: string - dockerimage: demisto/ansible-runner:1.0.0.19562 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -1324,3 +1324,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Integrations/VMwareV2/VMwareV2.yml b/Packs/Ansible_Powered_Integrations/Integrations/VMwareV2/VMwareV2.yml index 269cca4b6f3b..48ac5f5216a1 100644 --- a/Packs/Ansible_Powered_Integrations/Integrations/VMwareV2/VMwareV2.yml +++ b/Packs/Ansible_Powered_Integrations/Integrations/VMwareV2/VMwareV2.yml @@ -31,8 +31,8 @@ configuration: name: validate_certs required: true type: 4 -description: Manage VMware vSphere Server, Guests, and ESXi Hosts -display: VMware v2 +description: Manage VMware vSphere Server, Guests, and ESXi Hosts. Deprecated. Use Ansible VMware (from the Ansible VMware pack) instead. +display: Ansible VMware (Deprecated) name: VMwareV2 script: commands: @@ -4541,7 +4541,7 @@ script: name: cluster_name description: Manage VMware vCenter license keys name: vmware-vcenter-license - dockerimage: demisto/ansible-runner:1.0.0.16542 + dockerimage: demisto/ansible-runner:1.0.0.21184 runonce: false script: '' subtype: python3 @@ -4549,3 +4549,4 @@ script: fromversion: 6.0.0 tests: - No tests (auto formatted) +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Wait_Until_Windows_Host_Online.yml b/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Wait_Until_Windows_Host_Online.yml index c65c9b8a468f..5e45f2690fc0 100644 --- a/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Wait_Until_Windows_Host_Online.yml +++ b/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Wait_Until_Windows_Host_Online.yml @@ -189,4 +189,5 @@ view: |- tests: - No tests (auto formatted) fromversion: 6.0.0 -description: Pauses execution until the Windows host responds to a ping over WinRM. +description: Deprecated. Use "Wait Until Windows Host Online v2" playbook from the Ansible Microsoft Windows Pack instead. +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Windows_Application_Deployment.yml b/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Windows_Application_Deployment.yml index abb1c1b3178e..82aa980c2927 100644 --- a/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Windows_Application_Deployment.yml +++ b/Packs/Ansible_Powered_Integrations/Playbooks/playbook-Windows_Application_Deployment.yml @@ -690,4 +690,5 @@ view: |- tests: - No tests (auto formatted) fromversion: 6.0.0 -description: This playbook helps an operator install Windows applications to workstations using the Chocolatey package manager. \ No newline at end of file +description: Deprecated. Use "Windows Application Deployment v2" playbook from the Ansible Microsoft Windows Pack instead. +deprecated: true diff --git a/Packs/Ansible_Powered_Integrations/ReleaseNotes/2_0_0.md b/Packs/Ansible_Powered_Integrations/ReleaseNotes/2_0_0.md new file mode 100644 index 000000000000..9158b92d5135 --- /dev/null +++ b/Packs/Ansible_Powered_Integrations/ReleaseNotes/2_0_0.md @@ -0,0 +1,35 @@ + +#### Integrations +##### Ansible Cisco IOS (Deprecated) +- Cisco IOS Platform management over SSH. Deprecated. Use Ansible Cisco IOS (from the Ansible Cisco IOS pack) instead. +##### Ansible Azure Compute (Deprecated) +- Manage Azure Compute resources. Deprecated. Use Ansible Azure (from the Ansible Azure pack) instead. +##### Ansible VMware (Deprecated) +- Manage VMware vSphere Server, Guests, and ESXi Hosts. Deprecated. Use Ansible VMware (from the Ansible VMware pack) instead. +##### Ansible DNS (Deprecated) +- Manage DNS records using NSUpdate. Deprecated. Use Ansible DNS (in the Ansible Linux pack) instead. +##### Ansible Microsoft Windows (Deprecated) +- Agentless Windows host management over WinRM. Deprecated. Use Ansible Microsoft Windows (from the Ansible Microsoft Windows pack) instead. +##### Ansible Kubernetes (Deprecated) +- Manage Kubernetes. Deprecated. Use Ansible Kubernetes (from the Ansible Kubernetes pack) instead. +##### Ansible Azure Networking (Deprecated) +- Manage Azure Networking resources. Deprecated. Use Ansible Azure (from the Ansible Azure pack) instead. +##### Ansible Cisco NXOS (Deprecated) +- Cisco NXOS Platform management over SSH. Deprecated. Use Ansible Cisco NXOS (from the Ansible Cisco NXOS pack) instead. +##### Ansible HCloud (Deprecated) +- Manage your Hetzner Cloud environment. Deprecated. Use the Ansible HCloud (from the Ansible Hetzner Cloud Pack) instead. +##### Ansible Alibaba Cloud (Deprecated) +- Manage Alibaba Cloud Elastic Compute Instances. Deprecated. Use Ansible Alibaba Cloud (from the Ansible Alibaba Cloud Pack) instead. +##### Ansible Linux (Deprecated) +- Agentlesss Linux host management over SSH. Deprecated. Use Ansible Linux (in the Ansible Linux pack) instead. +##### Ansible OpenSSL (Deprecated) +- Control OpenSSL on a remote Linux hosts. Deprecated. Use Ansible OpenSSL (in the Ansible Linux pack) instead. + +##### Ansible ACME (Deprecated) +- Automatic Certificate Management Environment of Linux hosts. Deprecated. Use Ansible ACME (in the Ansible Linux pack) instead. + +#### Playbooks +##### Wait Until Windows Host Online +- Deprecated use the playbook `Wait Until Windows Host Online` from Ansible Microsoft Windows pack. +##### Windows Application Deployment +- Deprecated use the playbook `Windows Application Deployment` from Ansible Microsoft Windows pack. diff --git a/Packs/Ansible_Powered_Integrations/pack_metadata.json b/Packs/Ansible_Powered_Integrations/pack_metadata.json index 4a721a7cd6a0..59cc5b67c567 100644 --- a/Packs/Ansible_Powered_Integrations/pack_metadata.json +++ b/Packs/Ansible_Powered_Integrations/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Ansible Powered Integrations", "description": "Run Ansible modules as native XSOAR commands with these agent-less integrations:\nMicrosoft Windows Host\nLinux Host\nCisco IOS\nCisco NX-OS\nOpenSSL\nACME\nDNS\nKubernetes\nVMware vSphere\nAzure Compute\nAzure Networking\nHetzner Cloud\nAlibaba Cloud\n", "support": "community", - "currentVersion": "1.0.2", + "currentVersion": "2.0.0", "author": "Serge Bakharev", "url": "https://github.com/SergeBakharev/Ansible-for-XSOAR", "email": "serge.bakharev@gmail.com", diff --git a/Packs/ApiModules/.secrets-ignore b/Packs/ApiModules/.secrets-ignore index 8b55e4d0eb47..5e08d76479dc 100644 --- a/Packs/ApiModules/.secrets-ignore +++ b/Packs/ApiModules/.secrets-ignore @@ -1737,3 +1737,4 @@ https://docs..org 172.217.7.163 https://us-cert.cisa.gov/tlp test@org.com +123.123.123.123 diff --git a/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.py b/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.py new file mode 100644 index 000000000000..48fb49c9edcf --- /dev/null +++ b/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.py @@ -0,0 +1,349 @@ +from CommonServerPython import * # noqa: F403 +from CommonServerUserPython import * # noqa: F403 +import ansible_runner # pylint: disable=E0401 +import json +from typing import Dict, cast, List, Union, Any + + +# Dict to Markdown Converter adapted from https://github.com/PolBaladas/torsimany/ + + +def dict2md(json_block: Union[Dict[str, Union[dict, list]], List[Union[str, dict, list, float]], float], depth: int = 0): + markdown = "" + + if isinstance(json_block, dict): + markdown = parse_dict(json_block, depth) + if isinstance(json_block, list): + markdown += parse_list(json_block, depth) + return markdown + + +def parse_dict(d: Dict[str, Union[dict, list]], depth: int): + markdown = "" + + # In the case of a dict of dicts/lists, we want to show the "leaves" of the tree first. + # This will improve readability by avoiding the scenario where "leaves" are shown in between + # "branches", resulting in their relation to the header to become unclear to the reader. + + for k in d: + if not isinstance(d[k], (dict, list)): + markdown += build_value_chain(k, d.get(k), depth + 1) + + for k in d: + if isinstance(d[k], (dict, list)): + markdown += add_header(k, depth + 1) + markdown += dict2md(d[k], depth + 1) + return markdown + + +def parse_list(rawlist: List[Union[str, dict, list, float]], depth: int): + markdown = "" + default_header_value = "list" + for value in rawlist: + if not isinstance(value, (dict, list)): + index = rawlist.index(value) + item_depth = depth + 1 # since a header was added previously items should be idented one + markdown += build_value_chain(index, value, item_depth) + else: + # It makes list more readable to have a header of some sort + header_value = find_header_in_dict(value) + if header_value is None: + header_value = default_header_value + markdown += add_header(header_value, depth) + if isinstance(value, dict): + markdown += parse_dict(value, depth) + if isinstance(value, list): + markdown += parse_list(value, depth) + return markdown + + +def find_header_in_dict(rawdict: Union[Dict[Any, Any], List[Any]]): + header = None + # Finds a suitible value to use as a header + if not isinstance(rawdict, dict): + return header # Not a dict, nothing to do + + id_search = [val for key, val in rawdict.items() if 'id' in key] + name_search = [val for key, val in rawdict.items() if 'name' in key] + + if id_search: + header = id_search[0] + if name_search: + header = name_search[0] + + return header + + +def build_header_chain(depth: int): + list_tag = '* ' + htag = '#' + tab = " " + + chain = (tab * depth) + list_tag * (bool(depth)) + htag * (depth + 1) + ' value\n' + return chain + + +def build_value_chain(key: Union[int, str], value: Union[str, int, float, Dict[Any, Any], List[Any], None], depth: int): + tab = ' ' + list_tag = '* ' + + chain = (tab * depth) + list_tag + str(key) + ": " + str(value) + "\n" + return chain + + +def add_header(value: str, depth: int): + chain = build_header_chain(depth) + chain = chain.replace('value', value.title()) + return chain + + +# Remove ansible branding from results +def rec_ansible_key_strip(obj: Dict[Any, Any]): + if isinstance(obj, dict): + return {key.replace('ansible_', ''): rec_ansible_key_strip(val) for key, val in obj.items()} + return obj + + +# Convert to TitleCase, like .title() but only letters/numbers. +def title_case(st: str): + output = ''.join(x for x in st.title() if x.isalnum()) + return output + + +def generate_ansible_inventory(args: Dict[str, Any], int_params: Dict[str, Any], host_type: str = "local"): + host_types = ['ssh', 'winrm', 'nxos', 'ios', 'local'] + if host_type not in host_types: + raise ValueError("Invalid host type. Expected one of: %s" % host_types) + + sshkey = "" + + inventory: Dict[str, dict] = {} + inventory['all'] = {} + inventory['all']['hosts'] = {} + + # local + if host_type == 'local': + inventory['all']['hosts']['localhost'] = {} + inventory['all']['hosts']['localhost']['ansible_connection'] = 'local' + + # All other host types are remote + elif host_type in ['ssh', 'winrm', 'nxos', 'ios']: + hosts = args.get('host') + if type(hosts) is str: + # host arg could be csv + hosts = [host.strip() for host in hosts.split(',')] # type: ignore[union-attr] + + for host in hosts: # type: ignore[union-attr] + new_host = {} + new_host['ansible_host'] = host + + if ":" in host: + address = host.split(':') + new_host['ansible_port'] = address[1] + new_host['ansible_host'] = address[0] + else: + new_host['ansible_host'] = host + if int_params.get('port'): + new_host['ansible_port'] = int_params.get('port') + + # Common SSH based auth options + if host_type in ['ssh', 'nxos', 'ios']: + # SSH Key saved in credential manager selection + if int_params.get('creds', {}).get('credentials').get('sshkey'): + username = int_params.get('creds', {}).get('credentials').get('user') + sshkey = int_params.get('creds', {}).get('credentials').get('sshkey') + + new_host['ansible_user'] = username + + # Password saved in credential manager selection + elif int_params.get('creds', {}).get('credentials').get('password'): + username = int_params.get('creds', {}).get('credentials').get('user') + password = int_params.get('creds', {}).get('credentials').get('password') + + new_host['ansible_user'] = username + new_host['ansible_password'] = password + + # username/password individually entered + else: + username = int_params.get('creds', {}).get('identifier') + password = int_params.get('creds', {}).get('password') + + new_host['ansible_user'] = username + new_host['ansible_password'] = password + + # ssh specific become options + if host_type == 'ssh': + new_host['ansible_become'] = int_params.get('become') + new_host['ansible_become_method'] = int_params.get('become_method') + if int_params.get('become_user'): + new_host['ansible_become_user'] = int_params.get('become_user') + if int_params.get('become_password'): + new_host['ansible_become_pass'] = int_params.get('become_password') + + # ios specific + if host_type == 'ios': + new_host['ansible_connection'] = 'network_cli' + new_host['ansible_network_os'] = 'ios' + new_host['ansible_become'] = 'yes' + new_host['ansible_become_method'] = 'enable' + new_host['ansible_become_password'] = int_params.get('enable_password') + inventory['all']['hosts'][host] = new_host + + # nxos specific + elif host_type == 'nxos': + new_host['ansible_connection'] = 'network_cli' + new_host['ansible_network_os'] = 'nxos' + new_host['ansible_become'] = 'yes' + new_host['ansible_become_method'] = 'enable' + inventory['all']['hosts'][host] = new_host + + # winrm + elif host_type == 'winrm': + # Only two credential options + # Password saved in credential manager selection + if int_params.get('creds', {}).get('credentials').get('password'): + username = int_params.get('creds', {}).get('credentials').get('user') + password = int_params.get('creds', {}).get('credentials').get('password') + + new_host['ansible_user'] = username + new_host['ansible_password'] = password + + # username/password individually entered + else: + username = int_params.get('creds', {}).get('identifier') + password = int_params.get('creds', {}).get('password') + + new_host['ansible_user'] = username + new_host['ansible_password'] = password + + new_host['ansible_connection'] = "winrm" + new_host['ansible_winrm_transport'] = "ntlm" + new_host['ansible_winrm_server_cert_validation'] = "ignore" + + inventory['all']['hosts'][host] = new_host + + return inventory, sshkey + + +def generic_ansible(integration_name: str, command: str, + args: Dict[str, Any], int_params: Dict[str, Any], host_type: str, + creds_mapping: Dict[str, str] = None) -> CommandResults: + """Run a Ansible module and return the results as a CommandResult. + + Keyword arguments: + integration_name -- the name of the XSOAR integration. Used for context output structure + command -- the ansible module to run + args -- the XSOAR command args. Literally the demisto.args(). The args provided need to match the + ansible module args, as well as include the arg "host" if the module is one that connects + to a host. + int_params -- the integration parameters. These will contain args that are integration wide. + They will passed to the the ansible module as args, with exception of credentials, + these will be used to build the ansible inventory. + host_type -- the type of host that is being managed. The following host types are supported: + * ssh -- Linux or Unix variant managed over ssh + * winrm -- Windows + * nxos -- Cisco NX-OS based network device + * ios -- Cisco IOS based network device + * local -- this indicates that the command should be executed locally. + Mostly used by modules that connect out to cloud services. + creds_mapping -- A mapping for the 'creds' param names to expected ansible param names + """ + + readable_output = "" + sshkey = "" + fork_count = 1 # default to executing against 1 host at a time + + if args.get('concurrency'): + fork_count = cast(int, args.get('concurrency')) + + # generate ansible host inventory + inventory, sshkey = generate_ansible_inventory(args=args, host_type=host_type, int_params=int_params) + + module_args = "" + # build module args list + for arg_key, arg_value in args.items(): + # skip hardcoded host arg, as it doesn't related to module + if arg_key == 'host': + continue + # special condition for if there is a collision between the host argument used for ansible inventory + # and the host argument used by a module + if arg_key == 'ansible-module-host': + arg_key = 'host' + + module_args += "%s=\"%s\" " % (arg_key, arg_value) + + # If this isn't host based, then all the integration params will be used as command args + if host_type == 'local': + for arg_key, arg_value in int_params.items(): + + # if given creds param and a cred mapping - use the naming mapping to correct the arg names + if arg_key == 'creds' and creds_mapping: + if arg_value.get('identifier') and 'identifier' in creds_mapping: + module_args += "%s=\"%s\" " % (creds_mapping.get('identifier'), arg_value.get('identifier')) + + if arg_value.get('password') and 'password' in creds_mapping: + module_args += "%s=\"%s\" " % (creds_mapping.get('password'), arg_value.get('password')) + + else: + module_args += "%s=\"%s\" " % (arg_key, arg_value) + + r = ansible_runner.run(inventory=inventory, host_pattern='all', module=command, quiet=True, + omit_event_data=True, ssh_key=sshkey, module_args=module_args, forks=fork_count) + + results = [] + outputs_key_field = '' + for each_host_event in r.events: + # Troubleshooting + # demisto.log("%s: %s\n" % (each_host_event['event'], each_host_event)) + if each_host_event['event'] in ["runner_on_ok", "runner_on_unreachable", "runner_on_failed"]: + + # parse results + + result = json.loads('{' + each_host_event['stdout'].split('{', 1)[1]) + host = each_host_event['stdout'].split('|', 1)[0].strip() + status = each_host_event['stdout'].replace('=>', '|').split('|', 3)[1] + + # if successful build outputs + if each_host_event['event'] == "runner_on_ok": + if 'fact' in command: + result = result['ansible_facts'] + else: + if result.get(command) is not None: + result = result[command] + else: + result.pop("ansible_facts", None) + + result = rec_ansible_key_strip(result) + + if host != "localhost": + readable_output += "# %s - %s\n" % (host, status) + else: + # This is integration is not host based + readable_output += "# %s\n" % status + + readable_output += dict2md(result) + + # add host and status to result if it is a dict. Some ansible modules return a list + if (type(result) == dict) and (host != 'localhost'): + result['host'] = host + outputs_key_field = 'host' # updates previous outputs that share this key, neat! + + if (type(result) == dict): + result['status'] = status.strip() + + results.append(result) + if each_host_event['event'] == "runner_on_unreachable": + msg = "Host %s unreachable\nError Details: %s" % (host, result.get('msg')) + + if each_host_event['event'] == "runner_on_failed": + msg = "Host %s failed running command\nError Details: %s" % (host, result.get('msg')) + + if each_host_event['event'] in ["runner_on_failed", "runner_on_unreachable"]: + return_error(msg) + + return CommandResults( + readable_output=readable_output, + outputs_prefix=integration_name + '.' + title_case(command), + outputs_key_field=outputs_key_field, + outputs=results + ) diff --git a/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.yml b/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.yml new file mode 100644 index 000000000000..4b74a18821dc --- /dev/null +++ b/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule.yml @@ -0,0 +1,16 @@ +commonfields: + id: AnsibleApiModule + version: -1 +name: AnsibleApiModule +script: '' +type: python +subtype: python3 +tags: + - infra + - server +comment: Common Ansible code that will be appended to each Ansible integration +scripttarget: 0 +dependson: {} +timeout: 0s +dockerimage: demisto/ansible-runner:1.0.0.20884 +fromversion: 6.0.0 \ No newline at end of file diff --git a/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule_test.py b/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule_test.py new file mode 100644 index 000000000000..d56e1c40b982 --- /dev/null +++ b/Packs/ApiModules/Scripts/AnsibleApiModule/AnsibleApiModule_test.py @@ -0,0 +1,212 @@ +from AnsibleApiModule import dict2md, rec_ansible_key_strip, generate_ansible_inventory, generic_ansible +from TestsInput.markdown import MOCK_SINGLE_LEVEL_LIST, EXPECTED_MD_LIST, MOCK_SINGLE_LEVEL_DICT, EXPECTED_MD_DICT +from TestsInput.markdown import MOCK_MULTI_LEVEL_DICT, EXPECTED_MD_MULTI_DICT, MOCK_MULTI_LEVEL_LIST +from TestsInput.markdown import EXPECTED_MD_MULTI_LIST, MOCK_MULTI_LEVEL_LIST_ID_NAMES, EXPECTED_MD_MULTI_LIST_ID_NAMES +from TestsInput.ansible_keys import MOCK_ANSIBLE_DICT, EXPECTED_ANSIBLE_DICT, MOCK_ANSIBLELESS_DICT, EXPECTED_ANSIBLELESS_DICT +from TestsInput.ansible_inventory import ANSIBLE_INVENTORY_HOSTS_LIST, ANSIBLE_INVENTORY_HOSTS_CSV_LIST +from TestsInput.ansible_inventory import ANSIBLE_INVENTORY_HOST_w_PORT, ANSIBLE_INVENTORY_INT_PARAMS +from unittest.mock import patch + + +def test_dict2md_simple_lists(): + """ + Scenario: Given a simple single level dict or list, dict2md should output a dot point list equivalent + + Given: + - List of strings + - Single level dict + + When: + - Convert to markdownMOCK_ANSIBLE_DICT + - Validate that the returned text is converted to a markdown list correctly + + """ + markdown_list = dict2md(MOCK_SINGLE_LEVEL_LIST) + markdown_dict = dict2md(MOCK_SINGLE_LEVEL_DICT) + + assert markdown_list == EXPECTED_MD_LIST + assert markdown_dict == EXPECTED_MD_DICT + + +def test_dict2md_complex_lists(): + """ + Scenario: Given a complex multi level dict dict2md should output the markdown equivalent with appropriate level headings + + Given: + - Multi-level dict + - List of dicts + - List of dicts including id and name keys + + When: + - Convert to markdown + + Then: + - Validate that the returned text is converted to a markdown correctly + + """ + markdown_multi_dict = dict2md(MOCK_MULTI_LEVEL_DICT) + markdown_multi_list = dict2md(MOCK_MULTI_LEVEL_LIST) + markdown_multi_list_id_name = dict2md(MOCK_MULTI_LEVEL_LIST_ID_NAMES) + + assert markdown_multi_dict == EXPECTED_MD_MULTI_DICT + assert markdown_multi_list == EXPECTED_MD_MULTI_LIST + assert markdown_multi_list_id_name == EXPECTED_MD_MULTI_LIST_ID_NAMES + + +def test_rec_ansible_key_strip(): + """ + Scenario: Given a multi level dict rec_ansible_key_strip should recursively remove the string 'ansible_' from any keys + + Given: + - Multi-level dict with some keys starting with ansible_ + - Multi-level dict with no keys starting with ansible_ + + When: + - rec_ansible_key_strip is used to santise the value + + Then: + - Return de-branded result + + """ + ansible_dict = rec_ansible_key_strip(MOCK_ANSIBLE_DICT) + ansibleless_dict = rec_ansible_key_strip(MOCK_ANSIBLELESS_DICT) + + assert ansible_dict == EXPECTED_ANSIBLE_DICT + assert ansibleless_dict == EXPECTED_ANSIBLELESS_DICT + + +def test_generate_ansible_inventory_hosts(): + """ + Scenario: Given different types of host input a valid ansible inventory should be generated + + Given: + A. hosts as a python list + B. comma seperated list of hosts + C. host with port specified in args overriding integration port config + D. host with type of local + + When: + - credentials are valid + + Then: + A. Valid Ansible inventory dict is generated with correct number of hosts + B. Valid Ansible inventory dict is generated with correct number of hosts + C. Correct port should be present if integration default overridden by command args + D. host address should not be recorded if host type is local + """ + + # A + list_inv, _ = generate_ansible_inventory(ANSIBLE_INVENTORY_HOSTS_LIST, ANSIBLE_INVENTORY_INT_PARAMS, host_type="ssh") + assert len(list_inv.get('all').get('hosts')) == 3 + + # B + comma_inv, _ = generate_ansible_inventory(ANSIBLE_INVENTORY_HOSTS_CSV_LIST, ANSIBLE_INVENTORY_INT_PARAMS, host_type="ssh") + assert len(comma_inv.get('all').get('hosts')) == 2 + + # C + port_override_inv, _ = generate_ansible_inventory( + ANSIBLE_INVENTORY_HOST_w_PORT, ANSIBLE_INVENTORY_INT_PARAMS, host_type="ssh") + assert port_override_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_port') == '45678' + assert port_override_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_host') == '123.123.123.123' + + # D + local_inv, _ = generate_ansible_inventory(ANSIBLE_INVENTORY_HOST_w_PORT, ANSIBLE_INVENTORY_INT_PARAMS, host_type="local") + assert local_inv == {'all': {'hosts': {'localhost': {'ansible_connection': 'local'}}}} + + +def test_generate_ansible_inventory_creds(): + """ + Scenario: Given different types of credentials the appropriate one should be selected + + Given: + A. username / sshkey for NXOS host + B. SSH credential for Linux host + C. windows winrm credentials + + When: + - valid host address + + Then: + - Valid Ansible Inventory dict is generated as appropriate for host type + """ + + # A + nxos_inv, nxos_sshkey = generate_ansible_inventory( + ANSIBLE_INVENTORY_HOST_w_PORT, ANSIBLE_INVENTORY_INT_PARAMS, host_type="nxos") + assert nxos_sshkey == 'aaaaaaaaaaaaaa' + assert nxos_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_network_os') == 'nxos' + assert nxos_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_become_method') == 'enable' + assert nxos_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_user') == 'joe' + + # B + ssh_inv, ssh_sshkey = generate_ansible_inventory(ANSIBLE_INVENTORY_HOST_w_PORT, ANSIBLE_INVENTORY_INT_PARAMS, host_type="ssh") + assert ssh_sshkey == 'aaaaaaaaaaaaaa' + assert ssh_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_network_os') is None + assert ssh_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_user') == 'joe' + + # C + winrm_inv, winrm_sshkey = generate_ansible_inventory( + ANSIBLE_INVENTORY_HOST_w_PORT, ANSIBLE_INVENTORY_INT_PARAMS, host_type="winrm") + assert winrm_sshkey == '' + assert winrm_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_user') == 'joe' + assert winrm_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_winrm_transport') == 'ntlm' + assert winrm_inv.get('all').get('hosts').get('123.123.123.123:45678').get('ansible_connection') == 'winrm' + + +class Object(object): + pass + + +def test_generic_ansible(): + """ + Scenario: Given valid arguments, mock events from ansible-runner, ensure context/readable output matches expectations + + Given: + - valid host args for single windows host 123.123.123.123 + - valid username / password + - command win-audit-policy-system + - args subcategory="File System" audit_type="failure" + + When: + - mock events from ansible-runner show that a change to policy was made successfully + + Then: + - Valid context/readable output + """ + + # Inputs + args = {'host': "123.123.123.123", 'subcategory': 'File System', 'audit_type': 'failure'} + int_params = {'port': 5985, 'creds': {'identifier': 'bill', 'password': 'xyz321', 'credentials': {}}} + host_type = "winrm" + + # Mock results from Ansible run + mock_ansible_results = Object() + mock_ansible_results.events = [{'uuid': 'cf26f7c4-6eca-48b2-8294-4bd263cfb2e0', 'counter': 1, 'stdout': '', + 'start_line': 0, 'end_line': 0, 'runner_ident': 'd5a00f7c-7fb6-424a-a8f9-83556bdb2360', + 'event': 'playbook_on_start', 'pid': 674619, 'created': '2021-06-01T15:57:37.638813', + 'event_data': {}}, + {'uuid': 'cc29d328-9d35-4193-ba18-e82e98eaf0c6', 'counter': 2, 'stdout': '', + 'start_line': 0, 'end_line': 0, 'runner_ident': 'd5a00f7c-7fb6-424a-a8f9-83556bdb2360', + 'event': 'runner_on_start', 'pid': 674619, 'created': '2021-06-01T15:57:37.668136', + 'parent_uuid': 'a736a224-f5d0-0add-444b-000000000009', 'event_data': {}}, + {'uuid': '4770effd-5088-430c-aee2-621bee4f3f00', 'counter': 3, + 'stdout': '123.123.123.123 | SUCCESS => {\r\n "changed": false,\r\n\ + "current_audit_policy": {\r\n "file system": "failure"\r\n }\r\n}', + 'start_line': 0, 'end_line': 6, + 'runner_ident': 'd5a00f7c-7fb6-424a-a8f9-83556bdb2360', 'event': 'runner_on_ok', + 'pid': 674619, 'created': '2021-06-01T15:57:40.592040', + 'parent_uuid': 'a736a224-f5d0-0add-444b-000000000009', 'event_data': {}}] + + # Expected results + expected_readable = """# 123.123.123.123 - SUCCESS \n * changed: False + * ## Current_Audit_Policy + * file system: failure +""" + expected_outputs = [{'changed': False, 'current_audit_policy': { + 'file system': 'failure'}, 'host': '123.123.123.123', 'status': 'SUCCESS'}] + + with patch('ansible_runner.run', return_value=mock_ansible_results): + CommandResults = generic_ansible('microsoftwindows', 'win_audit_policy_system', args, int_params, host_type) + + assert CommandResults.readable_output == expected_readable + assert CommandResults.outputs == expected_outputs diff --git a/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_inventory.py b/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_inventory.py new file mode 100644 index 000000000000..0c9c5d97bd5f --- /dev/null +++ b/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_inventory.py @@ -0,0 +1,5 @@ +ANSIBLE_INVENTORY_HOSTS_LIST = {'host': ['123.123.123.123', 'example-host1', 'host.example.com']} +ANSIBLE_INVENTORY_HOSTS_CSV_LIST = {'host': "123.123.123.123, host.example.com"} +ANSIBLE_INVENTORY_HOST_w_PORT = {'host': "123.123.123.123:45678"} +ANSIBLE_INVENTORY_INT_PARAMS = {'port': 22, 'creds': {'credentials': { + 'user': 'joe', 'password': 'pass123', 'sshkey': 'aaaaaaaaaaaaaa'}, 'identifier': 'bill', 'password': 'xyz321'}} diff --git a/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_keys.py b/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_keys.py new file mode 100644 index 000000000000..e3c02dee5986 --- /dev/null +++ b/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/ansible_keys.py @@ -0,0 +1,23 @@ +MOCK_ANSIBLE_DICT = { + 'ansible_result': '0', + 'test': 'string', + 'lvl2': {'ansible_facts': 'long list of data'} +} + +EXPECTED_ANSIBLE_DICT = { + 'result': '0', + 'test': 'string', + 'lvl2': {'facts': 'long list of data'} +} + +MOCK_ANSIBLELESS_DICT = { + 'result': '0', + 'test': 'string', + 'lvl2': {'facts': 'long list of data'} +} + +EXPECTED_ANSIBLELESS_DICT = { + 'result': '0', + 'test': 'string', + 'lvl2': {'facts': 'long list of data'} +} \ No newline at end of file diff --git a/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/markdown.py b/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/markdown.py new file mode 100644 index 000000000000..796109fc9715 --- /dev/null +++ b/Packs/ApiModules/Scripts/AnsibleApiModule/TestsInput/markdown.py @@ -0,0 +1,96 @@ +MOCK_SINGLE_LEVEL_LIST = [ + 1, + 'b', + 3, + 'x' +] + +EXPECTED_MD_LIST = """ * 0: 1 + * 1: b + * 2: 3 + * 3: x +""" + +MOCK_SINGLE_LEVEL_DICT = { + 'Server': 'abc', + 'IP': '123.123.123.123', + 'Changed': 'Yes' +} + +EXPECTED_MD_DICT = """ * Server: abc + * IP: 123.123.123.123 + * Changed: Yes +""" + +MOCK_MULTI_LEVEL_DICT = { + 'rc': '0', + 'result': { + 'something': 'Something happend', + 'items changed': { + 'item1': 'A', + 'item2': 'B', + 'item3': 'C' + }, + }, + 'backTolvl1':'text' +} + +EXPECTED_MD_MULTI_DICT = """ * rc: 0 + * backTolvl1: text + * ## Result + * something: Something happend + * ### Items Changed + * item1: A + * item2: B + * item3: C +""" + +MOCK_MULTI_LEVEL_LIST = [ + {'level1a': 'A', + 'level1b': 'B', + 'level1c': 'C' + }, + {'1': ['a', 'b', 'c'], 'text': "audit log"}, + ["x", "y", "z"] +] + +EXPECTED_MD_MULTI_LIST = """# List + * level1a: A + * level1b: B + * level1c: C +# List + * text: audit log + * ## 1 + * 0: a + * 1: b + * 2: c +# List + * 0: x + * 1: y + * 2: z +""" + +MOCK_MULTI_LEVEL_LIST_ID_NAMES = [ + {'level1a': 'A', + 'level1b': 'B', + 'level1c': 'C' + }, + {'1': ['a', 'b', 'c'], 'id': "id12345"}, + {'item1': 'abc', + 'name': 'xyz'} +] + +EXPECTED_MD_MULTI_LIST_ID_NAMES = """# List + * level1a: A + * level1b: B + * level1c: C +# Id12345 + * id: id12345 + * ## 1 + * 0: a + * 1: b + * 2: c +# Xyz + * item1: abc + * name: xyz +""" diff --git a/Tests/conf.json b/Tests/conf.json index 19765915d254..ddc9bbd2b2e1 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -3605,9 +3605,21 @@ "MicrosoftGraphMail-Test_prod": "Issue 40125" }, "skipped_integrations": { - + "_comment1": "~~~ NO INSTANCE ~~~", "Ipstack": "Usage limit reached (Issue 38063)", + "AnsibleAlibabaCloud": "No instance - issue 40447", + "AnsibleAzure": "No instance - issue 40447", + "AnsibleCiscoIOS": "No instance - issue 40447", + "AnsibleCiscoNXOS": "No instance - issue 40447", + "AnsibleHCloud": "No instance - issue 40447", + "AnsibleKubernetes": "No instance - issue 40447", + "AnsibleACME": "No instance - issue 40447", + "AnsibleDNS": "No instance - issue 40447", + "AnsibleLinux": "No instance - issue 40447", + "AnsibleOpenSSL": "No instance - issue 40447", + "AnsibleMicrosoftWindows": "No instance - issue 40447", + "AnsibleVMware": "No instance - issue 40447", "SolarWinds": "No instance - developed by Crest", "SOCRadarIncidents": "No instance - developed by partner", "SOCRadarThreatFusion": "No instance - developed by partner", @@ -3686,7 +3698,7 @@ "FraudWatch": "Issue 34299", "Cisco Stealthwatch": "No instance - developed by Qmasters", "Armis": "No instance - developed by SOAR Experts", - + "_comment2": "~~~ UNSTABLE ~~~", "Tenable.sc": "unstable instance", "ThreatConnect v2": "unstable instance", @@ -3695,7 +3707,7 @@ "Lastline": "issue 20323", "Google Resource Manager": "Cannot create projects because have reached allowed quota.", "Looker": "Warehouse 'DEMO_WH' cannot be resumed because resource monitor 'LIMITER' has exceeded its quota.", - + "_comment4": "~~~ OTHER ~~~", "AlienVault OTX TAXII Feed": "Issue 29197", "EclecticIQ Platform": "Issue 8821", @@ -3872,7 +3884,7 @@ "HelloWorldPremium_Scan-Test" ], "docker_thresholds": { - + "_comment": "Add here docker images which are specific to an integration and require a non-default threshold (such as rasterize or ews). That way there is no need to define this multiple times. You can specify full image name with version or without.", "images": { "demisto/chromium": { From a7edef19862e0101bba0b0a1cb9f3952c1aca8b0 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 24 Aug 2021 14:28:56 +0300 Subject: [PATCH 021/173] [Marketplace Contribution] SendGrid - Content Pack Update (#14350) (#14507) * "contribution update to pack "SendGrid"" * pack resubmitted * pack resubmitted * pack resubmitted * fix cr * fix cr * Update RN Co-authored-by: bachen Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: bachen --- .../SendGrid/Integrations/SendGrid/README.md | 26 +++++- .../Integrations/SendGrid/SendGrid.py | 87 +++++++++++-------- .../Integrations/SendGrid/SendGrid.yml | 35 +++++++- .../SendGrid/SendGrid_description.md | 1 + Packs/SendGrid/ReleaseNotes/1_0_2.md | 5 ++ Packs/SendGrid/pack_metadata.json | 2 +- 6 files changed, 113 insertions(+), 43 deletions(-) create mode 100644 Packs/SendGrid/ReleaseNotes/1_0_2.md diff --git a/Packs/SendGrid/Integrations/SendGrid/README.md b/Packs/SendGrid/Integrations/SendGrid/README.md index 8c9c1e812461..8be4dc9800f3 100644 --- a/Packs/SendGrid/Integrations/SendGrid/README.md +++ b/Packs/SendGrid/Integrations/SendGrid/README.md @@ -77,7 +77,7 @@ Retrieves all of your global email statistics between a given date range. | aggregated_by | How to group the statistics. Must be either "day", "week", or "month". Possible values are: day, week, month. | Optional | | start_date | The starting date of the statistics to retrieve. Must follow format YYYY-MM-DD. | Required | | end_date | The end date of the statistics to retrieve. Defaults to today. Must follow format YYYY-MM-DD. | Optional | - +| headers | Table headers to use the human readable output (if none provided, will show all table headers). Available headers: blocks,bounce_drops,bounces,clicks,date,deferred,delivered,invalid_emails,opens,processed,requests,spam_report_drops,spam_reports,unique_clicks,unique_opens,unsubscribe_drops,unsubscribes. | Optional | #### Context Output @@ -103,7 +103,7 @@ Retrieves all of your email statistics for each of your categories. | aggregated_by | How to group the statistics. Must be either "day", "week", or "month". Possible values are: day, week, month. | Optional | | limit | The number of results to include. default: 500 maximum: 500. | Optional | | offset | The number of results to skip. | Optional | - +| headers | Table headers to use the human readable output (if none provided, will show all table headers). Available headers: blocks,bounce_drops,bounces,clicks,date,deferred,delivered,invalid_emails,opens,processed,requests,spam_report_drops,spam_reports,unique_clicks,unique_opens,unsubscribe_drops,unsubscribes. | Optional | #### Context Output @@ -131,7 +131,7 @@ Retrieves the total sum of each email statistic for every category over the give | sort_by_direction | The direction you want to sort. Allowed Values: desc, asc default: desc. Possible values are: asc, desc. | Optional | | limit | The number of results to return. | Optional | | offset | The point in the list to begin retrieving results. | Optional | - +| headers | Table headers to use the human readable output (if none provided, will show all table headers). Available headers: blocks,bounce_drops,bounces,clicks,date,deferred,delivered,invalid_emails,opens,processed,requests,spam_report_drops,spam_reports,unique_clicks,unique_opens,unsubscribe_drops,unsubscribes. | Optional | #### Context Output @@ -286,3 +286,23 @@ Delete the cancellation/pause of a scheduled send. #### Context Output There is no context output for this command. + + +## sg-get-email-activity-list +*** +Retrieves the email activity list associated with the messages matching your query. If no query provided, it returns a list of most recent emails you've sent. NOTE: This Email Activity API returns email list up to last 30 days. +#### Base Command +`sg-get-email-activity-list` +#### Input +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| limit | The number of messages returned. This parameter must be greater than 0 and less than or equal to 1000. Default is 10. | Required | +| query | Use the query syntax to filter your email activity. For example: query to get email list for category - "Last Login": query=`(Contains(categories,"Last Login"))` Document link for query samples: https://docs.sendgrid.com/for-developers/sending-email/getting-started-email-activity-api#query-reference. | Optional | +| headers | Table headers to use the human readable output (if none provided, will show all table headers). Available headers: clicks_count,from_email,last_event_time,msg_id,opens_count,status,subject,to_email. | Optional | +#### Context Output +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| endgrid.EmailList | unknown | email activity list associated with the messages matching your query. | +#### Command Example +``` ``` +#### Human Readable Output \ No newline at end of file diff --git a/Packs/SendGrid/Integrations/SendGrid/SendGrid.py b/Packs/SendGrid/Integrations/SendGrid/SendGrid.py index d08859f869c9..204ee7ebeb64 100644 --- a/Packs/SendGrid/Integrations/SendGrid/SendGrid.py +++ b/Packs/SendGrid/Integrations/SendGrid/SendGrid.py @@ -62,6 +62,38 @@ def test_module(sg): return 'ok' +"""Retrieve an Email list based on the query""" + + +def get_email_activity_list(args: dict, sg): + params = {} + limit = args.get('limit') + query = args.get('query') + headers = args.get('headers') + if limit: + params['limit'] = int(limit) + if query: + params['query'] = query + response = sg.client.messages.get(query_params=params) + if response.status_code == 200: + rBody = response.body + body = json.loads(rBody.decode("utf-8")) + ec = {'Sendgrid.EmailList': body['messages']} + if headers: + if isinstance(headers, str): + headers = headers.split(",") + md = tableToMarkdown('Email List: ', body['messages'], headers) + return { + 'ContentsFormat': formats['json'], + 'Type': entryTypes['note'], + 'Contents': body, + 'HumanReadable': md, + 'EntryContext': ec + } + else: + return 'Email list fetch is failed: ' + str(response.body) + + """Create a Batch ID""" @@ -206,6 +238,7 @@ def get_global_email_stats(args: dict, sg): end_date = args.get('end_date') if end_date: params['end_date'] = end_date + headers = args.get('headers') response = sg.client.stats.get(query_params=params) if response.status_code == 200: @@ -234,13 +267,10 @@ def get_global_email_stats(args: dict, sg): res['unsubscribes'] = metrics['unsubscribes'] mail_stats.append(res) - md = tableToMarkdown("Global Email Statistics", mail_stats, ['date', 'blocks', - 'bounce_drops', 'bounces', 'clicks', 'deferred', - 'delivered', 'invalid_emails', - 'opens', 'processed', 'requests', - 'spam_report_drops', 'spam_reports', - 'unique_clicks', 'unique_opens', - 'unsubscribe_drops', 'unsubscribes']) + if headers: + if isinstance(headers, str): + headers = headers.split(",") + md = tableToMarkdown("Global Email Statistics", mail_stats, headers) ec = {'Sendgrid.GlobalEmailStats': mail_stats} return { 'ContentsFormat': formats['json'], @@ -277,6 +307,7 @@ def get_category_stats(args: dict, sg): category = args.get('category') if category: params['categories'] = category + headers = args.get('headers') response = sg.client.categories.stats.get(query_params=params) if response.status_code == 200: @@ -306,19 +337,10 @@ def get_category_stats(args: dict, sg): res['unsubscribes'] = metrics['unsubscribes'] cat_stats.append(res) - md = tableToMarkdown("Statistics for the Category: " + res['category'], cat_stats, ['date', - 'blocks', 'bounce_drops', - 'bounces', 'clicks', - 'deferred', 'delivered', - 'invalid_emails', - 'opens', 'processed', - 'requests', - 'spam_report_drops', - 'spam_reports', - 'unique_clicks', - 'unique_opens', - 'unsubscribe_drops', - 'unsubscribes']) + if headers: + if isinstance(headers, str): + headers = headers.split(",") + md = tableToMarkdown("Statistics for the Category: " + res['category'], cat_stats, headers) ec = {'Sendgrid.CategoryStats': cat_stats} return { 'ContentsFormat': formats['json'], @@ -358,6 +380,7 @@ def get_all_categories_stats(args: dict, sg): sort_by_metric = args.get('sort_by_metric') if sort_by_metric: params['sort_by_metric'] = sort_by_metric + headers = args.get('headers') response = sg.client.categories.stats.sums.get(query_params=params) if response.status_code == 200: @@ -390,23 +413,10 @@ def get_all_categories_stats(args: dict, sg): res['unsubscribes'] = metrics['unsubscribes'] cat_stats.append(res) - md = tableToMarkdown("Sum of All Categories Statistics from " + body['date'], cat_stats, ['category', - 'blocks', - 'bounce_drops', - 'bounces', - 'clicks', - 'deferred', - 'delivered', - 'invalid_emails', - 'opens', - 'processed', - 'requests', - 'spam_report_drops', - 'spam_reports', - 'unique_clicks', - 'unique_opens', - 'unsubscribe_drops', - 'unsubscribes']) + if headers: + if isinstance(headers, str): + headers = headers.split(",") + md = tableToMarkdown("Sum of All Categories Statistics from " + body['date'], cat_stats, headers) ec = {'Sendgrid.AllCategoriesStats': body} return { 'ContentsFormat': formats['json'], @@ -680,6 +690,9 @@ def main(): elif demisto.command() == 'sg-delete-scheduled-send': result = delete_scheduled_send(args, sg) + elif demisto.command() == 'sg-get-email-activity-list': + result = get_email_activity_list(args, sg) + demisto.results(result) # Log exceptions diff --git a/Packs/SendGrid/Integrations/SendGrid/SendGrid.yml b/Packs/SendGrid/Integrations/SendGrid/SendGrid.yml index 55e15c30062c..1d9cab0a80a9 100644 --- a/Packs/SendGrid/Integrations/SendGrid/SendGrid.yml +++ b/Packs/SendGrid/Integrations/SendGrid/SendGrid.yml @@ -147,6 +147,9 @@ script: - description: The end date of the statistics to retrieve. Defaults to today. Must follow format YYYY-MM-DD. name: end_date + - description: 'Table headers to use the human readable output (if none provided, + will show all table headers). Available headers: blocks,bounce_drops,bounces,clicks,date,deferred,delivered,invalid_emails,opens,processed,requests,spam_report_drops,spam_reports,unique_clicks,unique_opens,unsubscribe_drops,unsubscribes' + name: headers description: Retrieves all of your global email statistics between a given date range. name: sg-get-global-email-stats @@ -175,6 +178,9 @@ script: name: limit - description: The number of results to skip. name: offset + - description: 'Table headers to use the human readable output (if none provided, + will show all table headers). Available headers: blocks,bounce_drops,bounces,clicks,date,deferred,delivered,invalid_emails,opens,processed,requests,spam_report_drops,spam_reports,unique_clicks,unique_opens,unsubscribe_drops,unsubscribes' + name: headers description: Retrieves all of your email statistics for each of your categories. name: sg-get-category-stats outputs: @@ -227,6 +233,9 @@ script: name: limit - description: The point in the list to begin retrieving results. name: offset + - description: 'Table headers to use the human readable output (if none provided, + will show all table headers). Available headers: blocks,bounce_drops,bounces,clicks,date,deferred,delivered,invalid_emails,opens,processed,requests,spam_report_drops,spam_reports,unique_clicks,unique_opens,unsubscribe_drops,unsubscribes' + name: headers description: Retrieves the total sum of each email statistic for every category over the given date range. name: sg-get-all-categories-stats @@ -306,11 +315,33 @@ script: required: true description: Delete the cancellation/pause of a scheduled send. name: sg-delete-scheduled-send - dockerimage: demisto/sendgrid:1.0.0.19425 + - arguments: + - defaultValue: '10' + description: The number of messages returned. This parameter must be greater + than 0 and less than or equal to 1000 + name: limit + required: true + - description: 'Use the query syntax to filter your email activity. For example: + query to get email list for category - "Last Login": query=`(Contains(categories,"Last + Login"))` Document link for query samples: https://docs.sendgrid.com/for-developers/sending-email/getting-started-email-activity-api#query-reference' + name: query + - description: 'Table headers to use the human readable output (if none provided, + will show all table headers). Available headers: clicks_count,from_email,last_event_time,msg_id,opens_count,status,subject,to_email' + name: headers + description: "Retrieves the email activity list associated with the messages matching\ + \ your query. If no query provided, it returns a list of most recent emails\ + \ you've sent. NOTE: This Email Activity API returns email list up to last 30\ + \ days." + name: sg-get-email-activity-list + outputs: + - contextPath: Sendgrid.EmailList + description: Email activity list associated with the messages matching your + query. + dockerimage: demisto/sendgrid:1.0.0.23423 runonce: false script: '' subtype: python3 type: python fromversion: 6.0.0 tests: -- No tests (auto formatted) +- No tests (auto formatted) \ No newline at end of file diff --git a/Packs/SendGrid/Integrations/SendGrid/SendGrid_description.md b/Packs/SendGrid/Integrations/SendGrid/SendGrid_description.md index e69de29bb2d1..d9ca7a495f22 100644 --- a/Packs/SendGrid/Integrations/SendGrid/SendGrid_description.md +++ b/Packs/SendGrid/Integrations/SendGrid/SendGrid_description.md @@ -0,0 +1 @@ +[View Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/send-grid) diff --git a/Packs/SendGrid/ReleaseNotes/1_0_2.md b/Packs/SendGrid/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..2b5c98c212f5 --- /dev/null +++ b/Packs/SendGrid/ReleaseNotes/1_0_2.md @@ -0,0 +1,5 @@ + +#### Integrations +##### SendGrid +- Added ***sg-get-email-activity-list*** command which will retrieve the email activity list associated with the messages matching the user query. +- Upgraded the Docker image to: *demisto/sendgrid:1.0.0.23423*. \ No newline at end of file diff --git a/Packs/SendGrid/pack_metadata.json b/Packs/SendGrid/pack_metadata.json index c68738bb3ef5..4c6e51a82dc7 100644 --- a/Packs/SendGrid/pack_metadata.json +++ b/Packs/SendGrid/pack_metadata.json @@ -2,7 +2,7 @@ "name": "SendGrid", "description": "SendGrid provides a cloud-based service that assists businesses with email delivery. It allows companies to track email opens, unsubscribes, bounces, and spam reports. Our SendGrid pack utilize these SendGrid use cases to help you send and manage your emails.", "support": "community", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "Sharat Patil", "url": "", "email": "", From 6483e24ec0b98659e396490295b1d2fc1b0cb96a Mon Sep 17 00:00:00 2001 From: Darya Koval <72339940+daryakoval@users.noreply.github.com> Date: Tue, 24 Aug 2021 14:59:22 +0300 Subject: [PATCH 022/173] Incidents test playbook (#13848) * adding scripts * changes * adding test * adding using instance * fixed test * changed health ckeck script * new playbook * changing the playbook * new playbook * new playbook * changed playbook and added new scripts from indicators pr * fixed typo * added one more fetch incidents integraion * changes from demo * fixes from cr * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * added release notes * adding test to test-conf * added readme * Update VerifyEnoughIncidents.yml * Update 1_2_2.md * Update VerifyEnoughIncidents.yml * changed test conf * changed VerifyContextFieldsList to VerifyObjectFieldsList * save little changes * Update README.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: Richard Bluestone <53567272+richardbluestone@users.noreply.github.com> --- Packs/DeveloperTools/ReleaseNotes/1_2_2.md | 4 + .../Scripts/VerifyEnoughIncidents/README.md | 50 + .../VerifyEnoughIncidents.py | 25 + .../VerifyEnoughIncidents.yml | 34 + .../playbook-Fetch_Incidents_Test.yml | 864 ++++++++++++++++++ Packs/DeveloperTools/pack_metadata.json | 2 +- Tests/conf.json | 8 + 7 files changed, 986 insertions(+), 1 deletion(-) create mode 100644 Packs/DeveloperTools/ReleaseNotes/1_2_2.md create mode 100644 Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/README.md create mode 100644 Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.py create mode 100644 Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.yml create mode 100644 Packs/DeveloperTools/TestPlaybooks/playbook-Fetch_Incidents_Test.yml diff --git a/Packs/DeveloperTools/ReleaseNotes/1_2_2.md b/Packs/DeveloperTools/ReleaseNotes/1_2_2.md new file mode 100644 index 000000000000..bf2e1427214a --- /dev/null +++ b/Packs/DeveloperTools/ReleaseNotes/1_2_2.md @@ -0,0 +1,4 @@ + +#### Scripts +##### New: VerifyEnoughIncidents +- Checks whether a given query returns sufficient incidents. (Available from Cortex XSOAR 6.0.0). diff --git a/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/README.md b/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/README.md new file mode 100644 index 000000000000..737e657c3374 --- /dev/null +++ b/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/README.md @@ -0,0 +1,50 @@ +Check whether a given query returns enough incidents. + +## Script Data +--- + +| **Name** | **Description** | +| --- | --- | +| Script Type | python3 | +| Tags | | +| Cortex XSOAR Version | 6.0.0 | + +## Inputs +--- + +| **Argument Name** | **Description** | +| --- | --- | +| query | Query used to check whether there are sufficient incidents in Cortex XSOAR. | +| size | The amount of incidents in which to check. | + +## Outputs +--- + +| **Path** | **Description** | **Type** | +| --- | --- | --- | +| IncidentsCheck.Size | The number of incidents in Cortex XSOAR that is expected to match the query. | number | +| IncidentsCheck.ConditionMet | Whether there are sufficient incidents in Cortex XSOAR that match the query. | boolean | +| IncidentsCheck.Query | The incidents query which was used to check if the condition was met. | boolean | + + +## Script Example +```!VerifyEnoughIncidents query="sourceInstance:Some_Integration_instance_1" size="1"``` + +## Context Example +```json +{ + "IncidentsCheck": { + "ConditionMet": true, + "Query": "sourceInstance:Some_Integration_instance_1", + "Size": 1 + } +} +``` + +## Human Readable Output + +>### Results +>|ConditionMet|Query|Size| +>|---|---|---| +>| true | sourceInstance:Some_Integration_instance_1 | 1 | + diff --git a/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.py b/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.py new file mode 100644 index 000000000000..d206bfa940d6 --- /dev/null +++ b/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.py @@ -0,0 +1,25 @@ +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + + +def main(): + args = demisto.args() + query = args.get('query') + size = int(args.get('size')) + + try: + raw_result = demisto.executeCommand("SearchIncidentsV2", {"query": query, + "size": size}) + incidents_len = len(raw_result[0].get("Contents", [{}])[0].get("Contents", {}).get("data")) + except Exception: + incidents_len = 0 + outputs = { + 'Query': query, + 'Size': incidents_len, + 'ConditionMet': incidents_len >= size + } + return_results(CommandResults(outputs=outputs, outputs_key_field='Query', outputs_prefix='IncidentsCheck')) + + +if __name__ in ['__main__', 'builtin', 'builtins']: + main() diff --git a/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.yml b/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.yml new file mode 100644 index 000000000000..e663c4c55b2d --- /dev/null +++ b/Packs/DeveloperTools/Scripts/VerifyEnoughIncidents/VerifyEnoughIncidents.yml @@ -0,0 +1,34 @@ +commonfields: + id: VerifyEnoughIncidents + version: -1 +name: VerifyEnoughIncidents +fromversion: 6.0.0 +script: '' +type: python +tags: [] +comment: Check whether a given query returns enough incidents. +enabled: true +args: +- name: query + required: true + description: The query used to check whether there are sufficient incidents in Cortex XSOAR. +- name: size + required: true + description: The amount of incidents in which to check. +outputs: +- contextPath: IncidentsCheck.Size + description: The number of incidents in Cortex XSOAR that is expected to match the query. + type: number +- contextPath: IncidentsCheck.ConditionMet + description: Whether there are enough incidents in Cortex XSOAR that match the query. + type: boolean +- contextPath: IncidentsCheck.Query + description: The incidents query used to check whether the condition was met. + type: boolean +scripttarget: 0 +subtype: python3 +runonce: false +dockerimage: demisto/python3:3.9.6.22912 +runas: DBotWeakRole +tests: +- No test diff --git a/Packs/DeveloperTools/TestPlaybooks/playbook-Fetch_Incidents_Test.yml b/Packs/DeveloperTools/TestPlaybooks/playbook-Fetch_Incidents_Test.yml new file mode 100644 index 000000000000..60107f921362 --- /dev/null +++ b/Packs/DeveloperTools/TestPlaybooks/playbook-Fetch_Incidents_Test.yml @@ -0,0 +1,864 @@ +id: Fetch Incidents Test +version: -1 +vcShouldKeepItemLegacyProdMachine: false +name: Fetch Incidents Test +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 2d04959b-053b-449c-8504-0bda1fe27354 + type: start + task: + id: 2d04959b-053b-449c-8504-0bda1fe27354 + version: -1 + name: "" + iscommand: false + brand: "" + nexttasks: + '#none#': + - "4" + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "2": + id: "2" + taskid: 06a7596c-6db0-4ecb-8da5-c0bf9f43df49 + type: condition + task: + id: 06a7596c-6db0-4ecb-8da5-c0bf9f43df49 + version: -1 + name: Check If Incidents exist + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "10" + "yes": + - "20" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isTrue + left: + value: + simple: IncidentsCheck.ConditionMet + iscontext: true + view: |- + { + "position": { + "x": 162.5, + "y": 1770 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "4": + id: "4" + taskid: 26074e49-6b29-4d6a-8fd9-ded45f989e06 + type: regular + task: + id: 26074e49-6b29-4d6a-8fd9-ded45f989e06 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "26" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "6": + id: "6" + taskid: db3eb6fa-f009-46b0-87ff-76eb33a13804 + type: title + task: + id: db3eb6fa-f009-46b0-87ff-76eb33a13804 + version: -1 + name: Done + type: title + iscommand: false + brand: "" + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 3345 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "8": + id: "8" + taskid: e0ea2027-5364-4b49-86f5-6aed5c35a5b7 + type: regular + task: + id: e0ea2027-5364-4b49-86f5-6aed5c35a5b7 + version: -1 + name: Check If Fields Exist + description: Receive fields and context. Verifies that these field exists in + context. + scriptName: VerifyObjectFieldsList + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "9" + scriptarguments: + object: + simple: ${foundIncidents} + fields_to_search: + simple: ${searchField} + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 2470 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "9": + id: "9" + taskid: 2509bb5a-c256-4d7e-8845-19baa61833b1 + type: condition + task: + id: 2509bb5a-c256-4d7e-8845-19baa61833b1 + version: -1 + name: Do all the indicator fields exist? + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "23" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isTrue + left: + value: + simple: CheckIfFieldsExists.FieldsExists + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 2645 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "10": + id: "10" + taskid: 5eae02de-ef1b-44dc-8b0b-7df129f33d21 + type: playbook + task: + id: 5eae02de-ef1b-44dc-8b0b-7df129f33d21 + version: -1 + name: GenericPolling - waiting to fetch Incidents. + description: |- + Use this playbook as a sub-playbook to block execution of the master playbook until a remote action is complete. + This playbook implements polling by continuously running the command in Step \#2 until the operation completes. + The remote action should have the following structure: + + 1. Initiate the operation. + 2. Poll to check if the operation completed. + 3. (optional) Get the results of the operation. + playbookName: GenericPolling + type: playbook + iscommand: false + brand: "" + nexttasks: + '#none#': + - "20" + scriptarguments: + AdditionalPollingCommandArgNames: + simple: size + AdditionalPollingCommandArgValues: + simple: "1" + Ids: + simple: ${searchQuery} + Interval: + simple: "1" + PollingCommandArgName: + simple: query + PollingCommandName: + simple: VerifyEnoughIncidents + Timeout: + simple: "5" + dt: + simple: IncidentsCheck(val.ConditionMet==false).Query + separatecontext: true + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 100 + view: |- + { + "position": { + "x": 275, + "y": 1945 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "17": + id: "17" + taskid: 1b979897-97c5-413a-8cdf-e23a787a61d4 + type: regular + task: + id: 1b979897-97c5-413a-8cdf-e23a787a61d4 + version: -1 + name: VerifyIntegrationHealth + description: Heath check for integration + scriptName: VerifyIntegrationHealth + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "18" + scriptarguments: + integration_name: + simple: ${sourceBrand} + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 2995 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "18": + id: "18" + taskid: 78296bae-dc0b-4e35-818d-9e6fed2bd671 + type: condition + task: + id: 78296bae-dc0b-4e35-818d-9e6fed2bd671 + version: -1 + name: Check Health status + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "6" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isTrue + left: + value: + simple: IntegrationHealth.isHealthy + iscontext: true + view: |- + { + "position": { + "x": 162.5, + "y": 3170 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "19": + id: "19" + taskid: 6a5736c1-0bfc-48f8-80e3-13f2fc6fa536 + type: regular + task: + id: 6a5736c1-0bfc-48f8-80e3-13f2fc6fa536 + version: -1 + name: Set Incidents Search Query + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "21" + scriptarguments: + key: + simple: searchQuery + value: + simple: sourceInstance:${Instances.instanceName}* + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 1420 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "20": + id: "20" + taskid: 3fa9cbf7-480f-48b5-8c4d-49192c0b704c + type: regular + task: + id: 3fa9cbf7-480f-48b5-8c4d-49192c0b704c + version: -1 + name: SearchIncidentsV2 + description: Searches Demisto incidents + scriptName: SearchIncidentsV2 + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "22" + scriptarguments: + extend-context: + simple: Incidents= + query: + simple: ${searchQuery} + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 2120 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "21": + id: "21" + taskid: a3329f63-f23a-439e-81de-919adb7b3f8d + type: regular + task: + id: a3329f63-f23a-439e-81de-919adb7b3f8d + version: -1 + name: VerifyEnoughIncidents + description: Returns whether there are enough incidents in the system. + scriptName: VerifyEnoughIncidents + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "2" + scriptarguments: + query: + simple: ${searchQuery} + size: + simple: "1" + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 1595 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "22": + id: "22" + taskid: a6c3f60e-51d9-4394-8553-ef51e95f93c9 + type: condition + task: + id: a6c3f60e-51d9-4394-8553-ef51e95f93c9 + version: -1 + name: Check If Incidents exists + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "23" + "yes": + - "8" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: foundIncidents + iscontext: true + view: |- + { + "position": { + "x": 162.5, + "y": 2295 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "23": + id: "23" + taskid: 4b950e3f-635e-4660-87bb-d86d53cc419c + type: playbook + task: + id: 4b950e3f-635e-4660-87bb-d86d53cc419c + version: -1 + name: GenericPolling - Waiting to finish fetch. + description: |- + Use this playbook as a sub-playbook to block execution of the master playbook until a remote action is complete. + This playbook implements polling by continuously running the command in Step \#2 until the operation completes. + The remote action should have the following structure: + + 1. Initiate the operation. + 2. Poll to check if the operation completed. + 3. (optional) Get the results of the operation. + playbookName: GenericPolling + type: playbook + iscommand: false + brand: "" + nexttasks: + '#none#': + - "17" + scriptarguments: + Ids: + simple: ${sourceBrand} + Interval: + simple: "1" + PollingCommandArgName: + simple: integration_name + PollingCommandName: + simple: VerifyIntegrationHealth + Timeout: + simple: "10" + dt: + simple: IntegrationHealth(val.fetchDone==false).integrationName + separatecontext: true + loop: + iscommand: false + exitCondition: "" + wait: 1 + max: 100 + view: |- + { + "position": { + "x": 162.5, + "y": 2820 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "24": + id: "24" + taskid: 2540385f-49bf-4cb3-8f83-7a82da8d0d3d + type: regular + task: + id: 2540385f-49bf-4cb3-8f83-7a82da8d0d3d + version: -1 + name: GetInstanceName + description: Given an integration name, returns the instance name. + scriptName: GetInstanceName + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "25" + scriptarguments: + integration_name: + simple: ${sourceBrand} + separatecontext: false + view: |- + { + "position": { + "x": 162.5, + "y": 1070 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "25": + id: "25" + taskid: 365d402b-b893-4bd9-89ed-869edb7ae7cc + type: condition + task: + id: 365d402b-b893-4bd9-89ed-869edb7ae7cc + version: -1 + name: Instance name should not contain spaces. + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "19" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: notContainsString + left: + value: + simple: Instances.instanceName + iscontext: true + right: + value: + simple: ' ' + view: |- + { + "position": { + "x": 162.5, + "y": 1245 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "26": + id: "26" + taskid: 1fc1c12a-a2de-45e8-8761-6b9330559448 + type: condition + task: + id: 1fc1c12a-a2de-45e8-8761-6b9330559448 + version: -1 + name: Check if there are playbook inputs + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "27" + "yes": + - "30" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: inputs.sourcebrand + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: inputs.searchfield + iscontext: true + view: |- + { + "position": { + "x": 162.5, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "27": + id: "27" + taskid: faaf3d57-ebcc-4923-8d73-ac8eab39679f + type: regular + task: + id: faaf3d57-ebcc-4923-8d73-ac8eab39679f + version: -1 + name: Get Incident Fields to search + description: send HTTP GET requests + script: '|||demisto-api-get' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "29" + scriptarguments: + extend-context: + simple: serverConfig= + uri: + simple: /system/config + separatecontext: false + view: |- + { + "position": { + "x": 275, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "28": + id: "28" + taskid: 4df6d543-fcd0-41b9-8770-6b80d48266b0 + type: regular + task: + id: 4df6d543-fcd0-41b9-8770-6b80d48266b0 + version: -1 + name: Set sourcebrand + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "24" + scriptarguments: + key: + simple: sourceBrand + value: + simple: ${serverConfig.response.sysConf.sourcebrand} + separatecontext: false + view: |- + { + "position": { + "x": 275, + "y": 895 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "29": + id: "29" + taskid: 8e6f08cc-8631-4b87-857c-87866eb30492 + type: regular + task: + id: 8e6f08cc-8631-4b87-857c-87866eb30492 + version: -1 + name: Set searchField + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "28" + scriptarguments: + key: + simple: searchField + value: + simple: ${serverConfig.response.sysConf.searchfield} + separatecontext: false + view: |- + { + "position": { + "x": 275, + "y": 720 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "30": + id: "30" + taskid: a74f3249-4ef1-49dd-865c-1b97f7152c7f + type: regular + task: + id: a74f3249-4ef1-49dd-865c-1b97f7152c7f + version: -1 + name: Set searchField + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "31" + scriptarguments: + key: + simple: searchField + value: + simple: ${inputs.searchfield} + separatecontext: false + view: |- + { + "position": { + "x": -180, + "y": 660 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "31": + id: "31" + taskid: 2641e1a7-6786-42a2-8477-258305e216d8 + type: regular + task: + id: 2641e1a7-6786-42a2-8477-258305e216d8 + version: -1 + name: Set sourcebrand + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "24" + scriptarguments: + key: + simple: sourceBrand + value: + simple: ${inputs.sourcebrand} + separatecontext: false + view: |- + { + "position": { + "x": -180, + "y": 835 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 3360, + "width": 835, + "x": -180, + "y": 50 + } + } + } +inputs: +- key: sourceBrand + value: {} + required: false + description: Id of Integration that we want to test. + playbookInputQuery: null +- key: searchfield + value: {} + required: false + description: Comma separated list of fields to confirm that exists in al indicators. + playbookInputQuery: null +outputs: [] +fromversion: 6.0.0 diff --git a/Packs/DeveloperTools/pack_metadata.json b/Packs/DeveloperTools/pack_metadata.json index 39f41fded9d1..4fad44e67da7 100644 --- a/Packs/DeveloperTools/pack_metadata.json +++ b/Packs/DeveloperTools/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Developer Tools", "description": "Basic tools for content development.", "support": "xsoar", - "currentVersion": "1.2.1", + "currentVersion": "1.2.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index ddc9bbd2b2e1..3c6d8115245e 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -3507,6 +3507,14 @@ { "integrations": "SOCRadarThreatFusion", "playbookID": "SOCRadarThreatFusion-Test" + }, + { + "integrations": ["ServiceNow v2", "Demisto REST API"], + "playbookID": "Fetch Incidents Test", + "instance_names": "snow_basic_auth", + "fromversion": "6.0.0", + "is_mockable": false, + "timeout": 2400 } ], "skipped_tests": { From ff7ebda2fe1a333ed0018128b2d021eabf635c1a Mon Sep 17 00:00:00 2001 From: altmannyarden <61933087+altmannyarden@users.noreply.github.com> Date: Tue, 24 Aug 2021 15:51:36 +0300 Subject: [PATCH 023/173] Deprecated microsoft policy and compliance playbooks (#14378) * Deprecated Azure and office365 playbooks, moving them to other pack. * Updated release notes * Updated release notes --- ...ST_Hunting_and_Response_Playbook_5_9_9.yml | 8 +- ...NBURST_Hunting_and_Response_Playbook_6.yml | 8 +- .../ReleaseNotes/1_6_18.md | 4 + .../pack_metadata.json | 2 +- .../playbook-Azure_Configuration_Analysis.yml | 3 +- .../playbook-Azure_Hunting_playbook.yml | 5 +- .../ReleaseNotes/1_0_1.md | 7 + .../pack_metadata.json | 2 +- ...e_365_and_Azure_Configuration_Analysis.yml | 697 +++++++++++++++ ...-Office_365_and_Azure_Hunting_playbook.yml | 804 ++++++++++++++++++ .../ReleaseNotes/1_0_2.md | 6 + .../pack_metadata.json | 2 +- 12 files changed, 1534 insertions(+), 14 deletions(-) create mode 100644 Packs/MajorBreachesInvestigationandResponse/ReleaseNotes/1_6_18.md create mode 100644 Packs/MicrosoftPolicyAndCompliance/ReleaseNotes/1_0_1.md create mode 100644 Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Configuration_Analysis.yml create mode 100644 Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Hunting_playbook.yml create mode 100644 Packs/Office365AndAzureAuditLog/ReleaseNotes/1_0_2.md diff --git a/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_5_9_9.yml b/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_5_9_9.yml index 91e3bf521512..08d2ab7e7f9a 100644 --- a/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_5_9_9.yml +++ b/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_5_9_9.yml @@ -2084,10 +2084,10 @@ tasks: task: id: 664e0282-f996-408a-81d4-7e3958b125cc version: -1 - name: Azure Hunting playbook + name: Office 365 and Azure Hunting description: 'This playbook helps you collect and investigate suspicious security events from the Azure AD environment. ' - playbookName: Azure Hunting playbook + playbookName: Office 365 and Azure Hunting type: playbook iscommand: false brand: "" @@ -2149,10 +2149,10 @@ tasks: task: id: 3db165c4-baa0-4aaa-88ba-3206e8797b7b version: -1 - name: Azure Configuration Analysis + name: Office 365 and Azure Configuration Analysis description: This playbook helps you collect, review, and find misconfigurations with the Azure environment. - playbookName: Azure Configuration Analysis + playbookName: Office 365 and Azure Configuration Analysis type: playbook iscommand: false brand: "" diff --git a/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_6.yml b/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_6.yml index 8205cf58eb7b..46eb6ebffa7e 100644 --- a/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_6.yml +++ b/Packs/MajorBreachesInvestigationandResponse/Playbooks/playbook-SolarStorm_and_SUNBURST_Hunting_and_Response_Playbook_6.yml @@ -2914,8 +2914,8 @@ tasks: task: id: c4833080-27d3-49be-8720-409614f5c265 version: -1 - name: Azure Hunting playbook - playbookName: Azure Hunting playbook + name: Office 365 and Azure Hunting + playbookName: Office 365 and Azure Hunting type: playbook iscommand: false brand: "" @@ -2943,10 +2943,10 @@ tasks: task: id: 730fc061-b36a-4810-8e3b-c3755849cc79 version: -1 - name: Azure Configuration Analysis + name: Office 365 and Azure Configuration Analysis description: This playbook helps you collect, review, and find misconfigurations with the Azure environment. - playbookName: Azure Configuration Analysis + playbookName: Office 365 and Azure Configuration Analysis type: playbook iscommand: false brand: "" diff --git a/Packs/MajorBreachesInvestigationandResponse/ReleaseNotes/1_6_18.md b/Packs/MajorBreachesInvestigationandResponse/ReleaseNotes/1_6_18.md new file mode 100644 index 000000000000..8f2077e9bd4e --- /dev/null +++ b/Packs/MajorBreachesInvestigationandResponse/ReleaseNotes/1_6_18.md @@ -0,0 +1,4 @@ + +#### Playbooks +##### SolarStorm and SUNBURST Hunting and Response Playbook +- Updated Office 365 and Azure sub-playbooks \ No newline at end of file diff --git a/Packs/MajorBreachesInvestigationandResponse/pack_metadata.json b/Packs/MajorBreachesInvestigationandResponse/pack_metadata.json index 7af2f61cfa05..f6e1794a1fa4 100644 --- a/Packs/MajorBreachesInvestigationandResponse/pack_metadata.json +++ b/Packs/MajorBreachesInvestigationandResponse/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Rapid Breach Response", "description": "This content Pack helps you collect, investigate, and remediate incidents related to major breaches.", "support": "xsoar", - "currentVersion": "1.6.17", + "currentVersion": "1.6.18", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Configuration_Analysis.yml b/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Configuration_Analysis.yml index c8aa5fa844bf..8c9dfe48061e 100644 --- a/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Configuration_Analysis.yml +++ b/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Configuration_Analysis.yml @@ -1,8 +1,9 @@ id: Azure Configuration Analysis version: -1 name: Azure Configuration Analysis -description: This playbook helps you collect, review, and find misconfigurations with +description: Deprecated. Use 'Office 365 and Azure Configuration Analysis' instead. This playbook helps you collect, review, and find misconfigurations with the Azure environment. +deprecated: true starttaskid: "0" tasks: "0": diff --git a/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Hunting_playbook.yml b/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Hunting_playbook.yml index 0106775cbc73..6125cbc5e8e7 100644 --- a/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Hunting_playbook.yml +++ b/Packs/MicrosoftPolicyAndCompliance/Playbooks/playbook-Azure_Hunting_playbook.yml @@ -1,8 +1,9 @@ id: Azure Hunting playbook version: -1 name: Azure Hunting playbook -description: 'This playbook enables you to collect and investigate suspicious security - events from Azure AD environment. ' +description: "Deprecated. Use 'Office 365 and Azure Hunting' instead. This playbook enables you to collect and investigate suspicious security + events from Azure AD environment." +deprecated: true starttaskid: "0" tasks: "0": diff --git a/Packs/MicrosoftPolicyAndCompliance/ReleaseNotes/1_0_1.md b/Packs/MicrosoftPolicyAndCompliance/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..fdc5e3f36287 --- /dev/null +++ b/Packs/MicrosoftPolicyAndCompliance/ReleaseNotes/1_0_1.md @@ -0,0 +1,7 @@ + +#### Playbooks +##### Azure Configuration Analysis +- Deprecated. We recommend using "Office 365 and Azure Configuration Analysis" playbook instead. + +##### Azure Hunting playbook +- Deprecated. We recommend using "Office 365 and Azure Hunting" playbook instead. diff --git a/Packs/MicrosoftPolicyAndCompliance/pack_metadata.json b/Packs/MicrosoftPolicyAndCompliance/pack_metadata.json index 16cf1c162f9d..6dfec6317f37 100644 --- a/Packs/MicrosoftPolicyAndCompliance/pack_metadata.json +++ b/Packs/MicrosoftPolicyAndCompliance/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Policy And Compliance", "description": "An integration for Microsoft's management using PowerShell\",", "support": "xsoar", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Configuration_Analysis.yml b/Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Configuration_Analysis.yml new file mode 100644 index 000000000000..9a5e1fa43495 --- /dev/null +++ b/Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Configuration_Analysis.yml @@ -0,0 +1,697 @@ +id: Office 365 and Azure Configuration Analysis +version: -1 +name: Office 365 and Azure Configuration Analysis +description: This playbook helps you collect, review, and find misconfigurations with + the Azure environment. +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: e12ceb8c-018b-4a48-806a-4443ee22b71e + type: start + task: + id: e12ceb8c-018b-4a48-806a-4443ee22b71e + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "54" + separatecontext: false + view: |- + { + "position": { + "x": 1430, + "y": 1740 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "28": + id: "28" + taskid: c8d75c55-e9f1-4808-8272-4c027f784e3b + type: title + task: + id: c8d75c55-e9f1-4808-8272-4c027f784e3b + version: -1 + name: Done + type: title + iscommand: false + brand: "" + description: '' + separatecontext: false + view: |- + { + "position": { + "x": 1430, + "y": 3520 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "33": + id: "33" + taskid: be4e7bb9-7041-4895-85f3-4741814d6641 + type: regular + task: + id: be4e7bb9-7041-4895-85f3-4741814d6641 + version: -1 + name: Delegation on MailBoxes + description: |- + Attackers may exploit the following mailboxes delegations. + Search for mailboxes that delegated: + - 'Full Access' Permission Granted. + - 'Any' Permissions Granted. + - 'Send As' or 'SendOnBehalf' Permissions. + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "28" + separatecontext: false + view: |- + { + "position": { + "x": 1710, + "y": 3340 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "39": + id: "39" + taskid: b1b431ae-cd59-476b-8af4-67ea4eace243 + type: title + task: + id: b1b431ae-cd59-476b-8af4-67ea4eace243 + version: -1 + name: Azure AD Key Credentials + description: Get and review key credentials for all service principals. + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "51" + - "53" + separatecontext: false + view: |- + { + "position": { + "x": 2980, + "y": 2140 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "41": + id: "41" + taskid: 323b4ae9-3c22-4578-8102-8ac7de36c169 + type: regular + task: + id: 323b4ae9-3c22-4578-8102-8ac7de36c169 + version: -1 + name: Review Federation Trust Information + description: Use the ews-federation-trust-get command to view the federation + trust configured for the Exchange organization. + script: '|||ews-federation-trust-get' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "42" + scriptarguments: + domain_controller: {} + extend-context: + simple: FederationTrustInformation= + identity: {} + ignore-outputs: + simple: "false" + separatecontext: false + view: |- + { + "position": { + "x": 1710, + "y": 2300 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "42": + id: "42" + taskid: c4006844-e576-4ee6-842e-21139859b069 + type: regular + task: + id: c4006844-e576-4ee6-842e-21139859b069 + version: -1 + name: Client Access Settings Configured on Mailboxes + description: Displays Client Access settings that are configured on mailboxes. + script: '|||ews-cas-mailbox-list' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "43" + scriptarguments: + extend-context: + simple: CASSettingsConfigured= + identity: {} + ignore-outputs: + simple: "false" + limit: + complex: + root: inputs.Limit + organizational_unit: {} + primary_smtp_address: {} + user_principal_name: {} + separatecontext: false + view: |- + { + "position": { + "x": 1710, + "y": 2500 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "43": + id: "43" + taskid: 95ac373f-62ef-4c40-8cab-248e06b4a23f + type: regular + task: + id: 95ac373f-62ef-4c40-8cab-248e06b4a23f + version: -1 + name: Mail Forwarding Rules for Remote Domains + description: View the configuration information for the remote domains configured + in your organization. This command is available only in the Exchange Online + PowerShell V2 module. + script: '|||ews-remote-domain-get' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "44" + scriptarguments: + domain_controller: {} + extend-context: + simple: AdminMailForwardingRules= + identity: {} + ignore-outputs: + simple: "false" + separatecontext: false + view: |- + { + "position": { + "x": 1710, + "y": 2700 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "44": + id: "44" + taskid: d07d378f-2714-4e25-87ae-74115d0885c0 + type: regular + task: + id: d07d378f-2714-4e25-87ae-74115d0885c0 + version: -1 + name: Mailbox SMTP Forwarding for All Mailboxes + description: Displays mailbox objects and attributes, populate property pages, + or supplies mailbox information to other tasks. + script: '|||ews-mailbox-list' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "47" + scriptarguments: + extend-context: + simple: MailboxSMTPForwarding= + identity: {} + ignore-outputs: + simple: "false" + limit: + complex: + root: inputs.Limit + organizational_unit: {} + primary_smtp_address: {} + property_sets: + simple: Minimum,Delivery + user_principal_name: {} + separatecontext: false + view: |- + { + "position": { + "x": 1710, + "y": 2910 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "47": + id: "47" + taskid: 6d7242da-9c61-47d3-8df7-4d7d3a948634 + type: regular + task: + id: 6d7242da-9c61-47d3-8df7-4d7d3a948634 + version: -1 + name: Users with 'Audit Bypass' Enabled + description: Use the Get-User command to view existing user objects in your + organization. + script: '|||ews-mailbox-audit-bypass-association-list' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "33" + scriptarguments: + domain_controller: {} + extend-context: + simple: AuditBypassEnabledUsers= + identity: {} + ignore-outputs: + simple: "false" + limit: + complex: + root: inputs.Limit + separatecontext: false + view: |- + { + "position": { + "x": 1710, + "y": 3120 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "48": + id: "48" + taskid: 47a63884-0a8b-4ff0-8c56-7f78fdded14c + type: regular + task: + id: 47a63884-0a8b-4ff0-8c56-7f78fdded14c + version: -1 + name: Get Azure roles list + description: Lists roles in the directory. + script: '|||msgraph-identity-directory-roles-list' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "49" + scriptarguments: + limit: + complex: + root: inputs.Limit + separatecontext: false + view: |- + { + "position": { + "x": 2710, + "y": 2500 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "49": + id: "49" + taskid: 74befa57-f3d7-4898-8b6c-357b06a6182b + type: regular + task: + id: 74befa57-f3d7-4898-8b6c-357b06a6182b + version: -1 + name: Get members for admin roles + description: Gets all members in the role ID. + script: '|||msgraph-identity-directory-role-members-list' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "28" + scriptarguments: + extend-context: + simple: AdminRolesMembers= + ignore-outputs: + simple: "false" + limit: + complex: + root: inputs.Limit + role_id: + complex: + root: MSGraphIdentity.Role + filters: + - - operator: containsGeneral + left: + value: + simple: MSGraphIdentity.Role.displayName + iscontext: true + right: + value: + simple: ${adminRoles} + iscontext: true + accessor: id + separatecontext: false + view: |- + { + "position": { + "x": 2710, + "y": 2690 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "50": + id: "50" + taskid: 2fe04752-b4d6-44e6-86f0-06c89dc93099 + type: title + task: + id: 2fe04752-b4d6-44e6-86f0-06c89dc93099 + version: -1 + name: Microsoft Exchange + type: title + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "41" + separatecontext: false + view: |- + { + "position": { + "x": 1710, + "y": 2140 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "51": + id: "51" + taskid: c088252e-731b-400e-885e-5415d2eae779 + type: regular + task: + id: c088252e-731b-400e-885e-5415d2eae779 + version: -1 + name: Get service principal list + description: Retrieve a list of service principals. + script: '|||msgraph-apps-service-principal-list' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "52" + scriptarguments: + limit: + complex: + root: inputs.Limit + separatecontext: false + view: |- + { + "position": { + "x": 3210, + "y": 2300 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "52": + id: "52" + taskid: 73ee02fb-94d1-43aa-8d74-7300617bcbe9 + type: regular + task: + id: 73ee02fb-94d1-43aa-8d74-7300617bcbe9 + version: -1 + name: Set service principal with key credentials + description: Set a value in context under the key you entered. If no value is + entered, the script doesn't do anything. + scriptName: SetAndHandleEmpty + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "28" + scriptarguments: + append: {} + key: + simple: ServicePrincipalKeyCredentials + stringify: {} + value: + complex: + root: MSGraphApplication + filters: + - - operator: isNotEmpty + left: + value: + simple: MSGraphApplication.keyCredentials + iscontext: true + separatecontext: false + view: |- + { + "position": { + "x": 3210, + "y": 2500 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "53": + id: "53" + taskid: 71974047-a66c-4d1a-8b4f-3d70c9278d2e + type: regular + task: + id: 71974047-a66c-4d1a-8b4f-3d70c9278d2e + version: -1 + name: Set admin roles input to context + description: Set admin roles input to context. + scriptName: SetAndHandleEmpty + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "48" + scriptarguments: + append: + simple: "true" + key: + simple: adminRoles + stringify: {} + value: + complex: + root: inputs.O365_AdminRolesList + transformers: + - operator: splitAndTrim + args: + delimiter: + value: + simple: ',' + separatecontext: false + view: |- + { + "position": { + "x": 2710, + "y": 2300 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "54": + id: "54" + taskid: 1692898c-26b1-4e71-8d6e-b3502d11ffd3 + type: condition + task: + id: 1692898c-26b1-4e71-8d6e-b3502d11ffd3 + version: -1 + name: 'Are Azure integrations enabled? ' + description: Checks if the supported integrations are enabled. + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "28" + "yes": + - "50" + - "39" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: containsGeneral + left: + value: + complex: + root: modules + filters: + - - operator: isEqualString + left: + value: + simple: modules.state + iscontext: true + right: + value: + simple: active + ignorecase: true + accessor: brand + iscontext: true + right: + value: + simple: MicrosoftGraphIdentityandAccess + - - operator: containsGeneral + left: + value: + complex: + root: modules + filters: + - - operator: isEqualString + left: + value: + simple: modules.state + iscontext: true + right: + value: + simple: active + ignorecase: true + accessor: brand + iscontext: true + right: + value: + simple: MicrosoftGraphApplications + - - operator: containsGeneral + left: + value: + complex: + root: modules + filters: + - - operator: isEqualString + left: + value: + simple: modules.state + iscontext: true + right: + value: + simple: active + ignorecase: true + accessor: brand + iscontext: true + right: + value: + simple: EwsExtension + - - operator: isEqualString + left: + value: + complex: + root: modules + filters: + - - operator: isEqualString + left: + value: + simple: modules.state + iscontext: true + right: + value: + simple: active + ignorecase: true + accessor: brand + iscontext: true + right: + value: + simple: EWS Extension Online Powershell v2 + view: |- + { + "position": { + "x": 1430, + "y": 1880 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": { + "54_28_#default#": 0.12 + }, + "paper": { + "dimensions": { + "height": 1845, + "width": 2160, + "x": 1430, + "y": 1740 + } + } + } +inputs: +- key: O365_AdminRolesList + value: {} + required: false + description: Comma-separated list of Service O365 admin roles. + playbookInputQuery: +- key: Limit + value: {} + required: false + description: The maximum number of results to retrieve. Default is 10. + playbookInputQuery: +outputs: [] +tests: +- No tests +fromversion: 5.5.0 diff --git a/Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Hunting_playbook.yml b/Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Hunting_playbook.yml new file mode 100644 index 000000000000..d88f2390f08f --- /dev/null +++ b/Packs/Office365AndAzureAuditLog/Playbooks/playbook-Office_365_and_Azure_Hunting_playbook.yml @@ -0,0 +1,804 @@ +id: Office 365 and Azure Hunting +version: -1 +name: Office 365 and Azure Hunting +description: 'This playbook enables you to collect and investigate suspicious security + events from Azure AD environment. ' +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: e12ceb8c-018b-4a48-806a-4443ee22b71e + type: start + task: + id: e12ceb8c-018b-4a48-806a-4443ee22b71e + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "35" + separatecontext: false + view: |- + { + "position": { + "x": 610, + "y": 1830 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "28": + id: "28" + taskid: c8d75c55-e9f1-4808-8272-4c027f784e3b + type: title + task: + id: c8d75c55-e9f1-4808-8272-4c027f784e3b + version: -1 + name: Done + type: title + iscommand: false + brand: "" + description: '' + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 3810 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "29": + id: "29" + taskid: 9b9c34a8-15c4-46c8-83b9-5a15e108b370 + type: regular + task: + id: 9b9c34a8-15c4-46c8-83b9-5a15e108b370 + version: -1 + name: Search for Azure AD service account created or modified + description: "Hunt for a Azure AD new or modified service account.\nXDR example\ + \ query:\npreset = msft_azure_ad_audit // go over azure ad audit logs\n| filter\ + \ activityDisplayName IN (\"Add service principal credentials\", \"Add service\ + \ principal\")\nAND result = \"success\" // find cases where someone adds\ + \ SPNs to an account\n\nSplunk example queries:\nsourcetype=\"azure:aad:audit\"\ + \ activityDisplayName=\"Add service principal\" \n| stats values(activityDisplayName)\ + \ AS Action, values(initiatedBy.user.userPrincipalName) \nAS UPN, values(targetResources{}.displayName)\ + \ AS Target,\nvalues(targetResources{}.modifiedProperties{}.displayName) AS\ + \ \"Modified Resources\",\nvalues(targetResources{}.modifiedProperties{}.oldValue)\ + \ AS \"Old Values\",\nvalues(targetResources{}.modifiedProperties{}.newValue)\ + \ AS \"New Values\" by correlationId \n| fields - correlationId\n---------\n\ + sourcetype=\"azure:aad:audit\" activityDisplayName=\"Add service principal\ + \ credentials\"\n" + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "30" + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 2280 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "30": + id: "30" + taskid: 6240c9dc-c4d0-4e19-8055-d90a16ed5bec + type: regular + task: + id: 6240c9dc-c4d0-4e19-8055-d90a16ed5bec + version: -1 + name: Search for Azure AD application sharing with additional tenants + description: "Hunt for Azure AD application sharing with additional tenants.\n\ + **XDR example query:**\npreset = msft_azure_ad_audit  // go over azure ad\ + \ audit logs\n| filter activityDisplayName = \"Update application\"\nAND operationType=\"\ + Update\"\nand result=\"success\"\nand modifiedDisplayName = \"AvailableToOtherTenants\"\ +   // find cases where someone grants permission to access an app from another\ + \ azure ad tenant\n\n**Splunk example query:**\nsourcetype=\"azure:aad:audit\"\ + \ activityDisplayName=\"Update application\" operationType=Update \nresult=success\ + \ targetResources{}.modifiedProperties{}.displayName=AvailableToOtherTenants\ + \ \n| table activityDateTime initiatedBy.user.userPrincipalName, \ntargetResources{}.displayName\ + \ additionalDetails{}.value" + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "31" + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 2480 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "31": + id: "31" + taskid: dd13bebb-ebc9-4d62-85ef-38574f7aaac7 + type: regular + task: + id: dd13bebb-ebc9-4d62-85ef-38574f7aaac7 + version: -1 + name: Search for an added Azure AD custom unverified domain + description: |- + Hunt for an added Azure AD custom unverified domain. + XDR example query: + preset = msft_azure_ad_audit // go over azure ad audit logs + | filter activityDisplayName = "Add unverified domain" AND result = "success"  // find cases where someone added a custom domain to the azure ad env + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "32" + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 2670 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "32": + id: "32" + taskid: 11ce5bed-ede5-4263-8bfe-5b46d0a44463 + type: regular + task: + id: 11ce5bed-ede5-4263-8bfe-5b46d0a44463 + version: -1 + name: Search for SSO being disabled for a domain + description: |- + Hunt for SSO being disabled for a domain. + XDR example query: + preset = msft_azure_ad_audit // go over azure ad audit logs + | filter activityDisplayName = "Disable Desktop Sso for a specific domain" AND result = + "success" // remove need for SSO on desktop devices + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "33" + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 2870 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "33": + id: "33" + taskid: f43f3472-e999-4839-8c7d-b55bdc08f0f7 + type: regular + task: + id: f43f3472-e999-4839-8c7d-b55bdc08f0f7 + version: -1 + name: Search for modified domain federation settings + description: |- + Hunt for modified domain federation settings. + XDR example query: + preset = msft_azure_ad_audit // go over azure ad audit logs + | filter activityDisplayName = "Set federation settings on domain" + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "34" + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 3070 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "34": + id: "34" + taskid: 1d40b042-db29-4326-8c51-16d499af1680 + type: regular + task: + id: 1d40b042-db29-4326-8c51-16d499af1680 + version: -1 + name: Search mail permissions that were added to a service principal + description: |- + Hunt for cases where mail permissions were added to a service principal. + XDR example query: + preset = msft_azure_ad_audit // go over azure ad audit logs + | filter activityDisplayName IN ("Add app role assignment to service + principal", "Add delegated permission grant", "Add application" ) and + modifiedPropertyNewValue ~= "(Mail.Read|Mail.ReadWrite)" and + modifiedPropertyOldValue not contains "Mail.Read" // find + cases where mail read was added as a permission to another account. + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "28" + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 3260 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "35": + id: "35" + taskid: 32bb1304-61c7-4d72-8535-c086a3a10bed + type: condition + task: + id: 32bb1304-61c7-4d72-8535-c086a3a10bed + version: -1 + name: Is Microsoft Policy And Compliance enabled? + description: Checks if Microsoft Policy And Compliance is enabled. + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "36" + "yes": + - "37" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: modules + filters: + - - operator: isEqualString + left: + value: + simple: modules.state + iscontext: true + right: + value: + simple: active + ignorecase: true + accessor: brand + iscontext: true + right: + value: + simple: MicrosoftPolicyAndComplianceAuditLog + view: |- + { + "position": { + "x": 610, + "y": 1980 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "36": + id: "36" + taskid: 97175d0a-c968-4297-82f9-ca62ba28e4cd + type: title + task: + id: 97175d0a-c968-4297-82f9-ca62ba28e4cd + version: -1 + name: Manual Hunt + type: title + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "29" + separatecontext: false + view: |- + { + "position": { + "x": 890, + "y": 2150 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "37": + id: "37" + taskid: ca015250-4fb1-42ce-8516-c708d86f1053 + type: title + task: + id: ca015250-4fb1-42ce-8516-c708d86f1053 + version: -1 + name: 'Automatic Hunt ' + type: title + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "38" + separatecontext: false + view: |- + { + "position": { + "x": 300, + "y": 2150 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "38": + id: "38" + taskid: 8b9ad15d-f0e2-43b9-84fb-b0684357c75f + type: regular + task: + id: 8b9ad15d-f0e2-43b9-84fb-b0684357c75f + version: -1 + name: Search for Azure AD service account created or modified + description: Use the o365-search-auditlog command to search the unified audit + log. This log contains events from Exchange Online, SharePoint Online, OneDrive + for Business, Azure Active Directory, Microsoft Teams, Power BI, and other + Microsoft 365 services. You can search for all events in a specified date + range, or you can filter the results based on specific criteria, such as the + action, the user who performed the action, or the target object. + script: '|||o365-auditlog-search' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "39" + scriptarguments: + end_date: {} + free_text: {} + ip_addresses: {} + operations: + simple: Add service principal credentials,Add service principal + record_type: + simple: AzureActiveDirectory + result_size: {} + start_date: {} + user_ids: {} + separatecontext: false + view: |- + { + "position": { + "x": 300, + "y": 2280 + } + } + note: false + evidencedata: + description: + simple: Azure AD service account created or modified + customfields: {} + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "39": + id: "39" + taskid: b33e2258-dd01-4a54-86ae-f38c1ad0f045 + type: regular + task: + id: b33e2258-dd01-4a54-86ae-f38c1ad0f045 + version: -1 + name: Search for Azure AD application sharing with additional tenants + description: Use the o365-search-auditlog command to search the unified audit + log. This log contains events from Exchange Online, SharePoint Online, OneDrive + for Business, Azure Active Directory, Microsoft Teams, Power BI, and other + Microsoft 365 services. You can search for all events in a specified date + range, or you can filter the results based on specific criteria, such as the + action, the user who performed the action, or the target object. + script: '|||o365-auditlog-search' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "40" + scriptarguments: + end_date: {} + free_text: + simple: AvailableToOtherTenants + ip_addresses: {} + operations: + simple: Update application + record_type: + simple: AzureActiveDirectory + result_size: {} + start_date: {} + user_ids: {} + separatecontext: false + view: |- + { + "position": { + "x": 300, + "y": 2480 + } + } + note: false + evidencedata: + description: + simple: Azure AD application sharing with additional tenants + customfields: {} + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "40": + id: "40" + taskid: 11863f50-65fe-4b12-80da-72551d2f44fe + type: regular + task: + id: 11863f50-65fe-4b12-80da-72551d2f44fe + version: -1 + name: Search for Azure AD custom unverified domain was added + description: Use the o365-search-auditlog command to search the unified audit + log. This log contains events from Exchange Online, SharePoint Online, OneDrive + for Business, Azure Active Directory, Microsoft Teams, Power BI, and other + Microsoft 365 services. You can search for all events in a specified date + range, or you can filter the results based on specific criteria, such as the + action, the user who performed the action, or the target object. + script: '|||o365-auditlog-search' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "41" + scriptarguments: + end_date: {} + free_text: + simple: Add unverified domain + ip_addresses: {} + operations: {} + record_type: + simple: AzureActiveDirectory + result_size: {} + start_date: {} + user_ids: {} + separatecontext: false + view: |- + { + "position": { + "x": 300, + "y": 2670 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "41": + id: "41" + taskid: 12bff9a6-df8e-40e4-8f3c-eaca767a7c40 + type: regular + task: + id: 12bff9a6-df8e-40e4-8f3c-eaca767a7c40 + version: -1 + name: Search for SSO being disabled for a domain + description: Use the o365-search-auditlog command to search the unified audit + log. This log contains events from Exchange Online, SharePoint Online, OneDrive + for Business, Azure Active Directory, Microsoft Teams, Power BI, and other + Microsoft 365 services. You can search for all events in a specified date + range, or you can filter the results based on specific criteria, such as the + action, the user who performed the action, or the target object. + script: '|||o365-auditlog-search' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "42" + scriptarguments: + end_date: {} + free_text: + simple: Disable Desktop SSO for a specific domain + ip_addresses: {} + operations: {} + record_type: + simple: AzureActiveDirectory + result_size: {} + start_date: {} + user_ids: {} + separatecontext: false + view: |- + { + "position": { + "x": 300, + "y": 2870 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "42": + id: "42" + taskid: a18788f3-0bf4-4372-8541-927a7b9936cf + type: regular + task: + id: a18788f3-0bf4-4372-8541-927a7b9936cf + version: -1 + name: Search for domain federation settings modified + description: Use the o365-search-auditlog command to search the unified audit + log. This log contains events from Exchange Online, SharePoint Online, OneDrive + for Business, Azure Active Directory, Microsoft Teams, Power BI, and other + Microsoft 365 services. You can search for all events in a specified date + range, or you can filter the results based on specific criteria, such as the + action, the user who performed the action, or the target object. + script: '|||o365-auditlog-search' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "43" + scriptarguments: + end_date: {} + free_text: {} + ip_addresses: {} + operations: + simple: Set domain authentication,Set federation settings on domain + record_type: + simple: AzureActiveDirectory + result_size: {} + start_date: {} + user_ids: {} + separatecontext: false + view: |- + { + "position": { + "x": 300, + "y": 3070 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "43": + id: "43" + taskid: 841b04e8-ecab-460f-898d-54710a044b8a + type: regular + task: + id: 841b04e8-ecab-460f-898d-54710a044b8a + version: -1 + name: Search whether mail permissions were added to a service principal + description: Use the o365-search-auditlog command to search the unified audit + log. This log contains events from Exchange Online, SharePoint Online, OneDrive + for Business, Azure Active Directory, Microsoft Teams, Power BI, and other + Microsoft 365 services. You can search for all events in a specified date + range, or you can filter the results based on specific criteria, such as the + action, the user who performed the action, or the target object. + script: '|||o365-auditlog-search' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "45" + scriptarguments: + end_date: {} + free_text: + simple: Add app role assignment to service principal,Add delegated permission + grant,Add application + ip_addresses: {} + operations: {} + record_type: + simple: AzureActiveDirectory + result_size: {} + start_date: {} + user_ids: {} + separatecontext: false + view: |- + { + "position": { + "x": 300, + "y": 3260 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "44": + id: "44" + taskid: 8e96920a-4cd6-490f-8974-8d57e7ec0762 + type: regular + task: + id: 8e96920a-4cd6-490f-8974-8d57e7ec0762 + version: -1 + name: Set added mail permissions to a service principal + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "28" + scriptarguments: + append: {} + key: + simple: MailPermissionsAdded + stringify: {} + value: + complex: + root: O365AuditLog + filters: + - - operator: containsGeneral + left: + value: + simple: O365AuditLog.ModifiedProperties.NewValue + iscontext: true + right: + value: + simple: Mail.Read + - operator: containsGeneral + left: + value: + simple: O365AuditLog.ModifiedProperties.NewValue + iscontext: true + right: + value: + simple: Mail.ReadWrite + - - operator: notContainsGeneral + left: + value: + simple: O365AuditLog.ModifiedProperties.OldValue + iscontext: true + right: + value: + simple: Mail.Read + separatecontext: false + view: |- + { + "position": { + "x": 70, + "y": 3640 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "45": + id: "45" + taskid: 5ce1ba8d-8292-476c-8a58-70f3248c1296 + type: condition + task: + id: 5ce1ba8d-8292-476c-8a58-70f3248c1296 + version: -1 + name: Found mail permissions were added to a service principal? + description: Checks for cases where mail permissions were added to a service principal. + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "28" + "yes": + - "44" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isExists + left: + value: + complex: + root: O365AuditLog + filters: + - - operator: isEqualString + left: + value: + simple: O365AuditLog.ModifiedProperties.NewValue + iscontext: true + right: + value: + simple: Mail.Read + - operator: isEqualString + left: + value: + simple: O365AuditLog.ModifiedProperties.NewValue + iscontext: true + right: + value: + simple: Mail.ReadWrite + - - operator: notContainsGeneral + left: + value: + simple: O365AuditLog.ModifiedProperties.OldValue + iscontext: true + right: + value: + simple: Mail.Read + iscontext: true + view: |- + { + "position": { + "x": 300, + "y": 3460 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": { + "45_28_#default#": 0.19, + "45_44_yes": 0.53 + }, + "paper": { + "dimensions": { + "height": 2045, + "width": 1200, + "x": 70, + "y": 1830 + } + } + } +inputs: [] +outputs: [] +tests: +- No tests +fromversion: 5.5.0 diff --git a/Packs/Office365AndAzureAuditLog/ReleaseNotes/1_0_2.md b/Packs/Office365AndAzureAuditLog/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..ad23e8ebb13c --- /dev/null +++ b/Packs/Office365AndAzureAuditLog/ReleaseNotes/1_0_2.md @@ -0,0 +1,6 @@ + +#### Playbooks +##### New: Office 365 and Azure Hunting +- This playbook enables you to collect and investigate suspicious security events from Azure AD environment. (Available from Cortex XSOAR 5.5.0). +##### New: Office 365 and Azure Configuration Analysis +- This playbook helps you collect, review, and find misconfigurations with the Azure environment. (Available from Cortex XSOAR 5.5.0). diff --git a/Packs/Office365AndAzureAuditLog/pack_metadata.json b/Packs/Office365AndAzureAuditLog/pack_metadata.json index a411ca2a3d4d..6c2b487cf0c8 100644 --- a/Packs/Office365AndAzureAuditLog/pack_metadata.json +++ b/Packs/Office365AndAzureAuditLog/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Office 365 and Azure (Audit Log)", "description": "Search the unified audit log to view user and administrator activity in your organization.", "support": "xsoar", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 3777d72d997cd2327aec7bac7785ec547d1105c8 Mon Sep 17 00:00:00 2001 From: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Date: Tue, 24 Aug 2021 17:06:41 +0300 Subject: [PATCH 024/173] Wildfire polling enhancement (#13857) * polling command * report context * report context * report context * report context * report context * report context * UT * UT * Common Objects * Common Objects * deprecated: true * upload assertment * upload assertment * TPB * rn * UT * lint * validtae * validtae * Delete lolo.xml * Update Palo_Alto_Networks_WildFire_v2.yml Done. * Update 1_4_0.md Done. * RN * yml fix * Update Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * RN * server logs * server logs * server logs * server logs * TPB * TPB * TPB * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * added toversion to playbook * fix sha256 * fix sha256 * fix sha256 * fix sha256 * fix sha256 * Merge branch 'master' into upload_list_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * fstring fix Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Co-authored-by: yaakovi --- .../Palo_Alto_Networks_WildFire_v2.py | 532 +++-- .../Palo_Alto_Networks_WildFire_v2.yml | 452 ++++- .../Palo_Alto_Networks_WildFire_v2_test.py | 126 +- .../Palo_Alto_Networks_WildFire_v2/README.md | 524 ++--- .../expected_outputs_upload_url_success.json | 126 ++ .../report_url_response_pending.json | 1 + .../report_url_response_success.json | 127 ++ .../tests_data/upload_url_response.json | 9 + .../ReleaseNotes/1_4_0.md | 10 + .../TestPlaybooks/playbook-Wildfire_Test.yml | 1 + .../playbook-Wildfire_Test_With_Polling.yml | 1775 +++++++++++++++++ .../pack_metadata.json | 2 +- Tests/conf.json | 11 +- 13 files changed, 3079 insertions(+), 617 deletions(-) create mode 100644 Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/expected_outputs_upload_url_success.json create mode 100644 Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_pending.json create mode 100644 Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_success.json create mode 100644 Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/upload_url_response.json create mode 100644 Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/1_4_0.md create mode 100644 Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test_With_Polling.yml diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py index b7f61b1a2127..8aecccf48823 100644 --- a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.py @@ -1,4 +1,5 @@ import shutil +from typing import Callable, Tuple from CommonServerPython import * @@ -14,6 +15,8 @@ RELIABILITY = PARAMS.get('integrationReliability', DBotScoreReliability.B) or DBotScoreReliability.B DEFAULT_HEADERS = {'Content-Type': 'application/x-www-form-urlencoded'} MULTIPART_HEADERS = {'Content-Type': "multipart/form-data; boundary=upload_boundry"} +WILDFIRE_REPORT_DT_FILE = "WildFire.Report(val.SHA256 && val.SHA256 == obj.SHA256 || val.MD5 && val.MD5 == obj.MD5 ||" \ + " val.URL && val.URL == obj.URL)" if URL and not URL.endswith('/publicapi'): if URL[-1] != '/': @@ -122,7 +125,8 @@ def http_request(url: str, method: str, headers: dict = None, body=None, params= try: json_res = json.loads(xml2json(result.text)) return json_res - except Exception: + except Exception as exc: + demisto.error(f'Failed to parse response to json. Error: {exc}') raise Exception(f'Failed to parse response to json. response: {result.text}') @@ -245,24 +249,6 @@ def create_dbot_score_from_verdicts(pretty_verdicts): return dbot_score_arr -def create_upload_entry(upload_body, title, result): - pretty_upload_body = prettify_upload(upload_body) - human_readable = tableToMarkdown(title, pretty_upload_body, removeNull=True) - entry_context = { - "WildFire.Report" - "(val.SHA256 && val.SHA256 == obj.SHA256 || val.MD5 && val.MD5 == obj.MD5 || val.URL && val.URL == obj.URL)": - pretty_upload_body - } - demisto.results({ - 'Type': entryTypes['note'], - 'Contents': result, - 'ContentsFormat': formats['json'], - 'HumanReadable': human_readable, - 'ReadableContentsFormat': formats['markdown'], - 'EntryContext': entry_context - }) - - def hash_args_handler(sha256=None, md5=None): # hash argument used in wildfire-report, wildfire-verdict commands inputs = argToList(sha256) if sha256 else argToList(md5) @@ -319,7 +305,8 @@ def wildfire_upload_file(upload): try: shutil.copy(file_path, file_name) - except Exception: + except Exception as exc: + demisto.error(f'Failed to prepare file for upload. Error: {exc}') raise Exception('Failed to prepare file for upload.') try: @@ -338,11 +325,24 @@ def wildfire_upload_file(upload): return result, upload_file_data -def wildfire_upload_file_command(): - uploads = argToList(demisto.args().get('upload')) +def wildfire_upload_file_with_polling_command(args): + return run_polling_command(args, 'wildfire-upload', wildfire_upload_file_command, + wildfire_get_report_command, 'FILE') + + +def wildfire_upload_file_command(args) -> list: + assert_upload_argument(args) + uploads = argToList(args.get('upload')) + command_results_list = [] for upload in uploads: - result, upload_file_data = wildfire_upload_file(upload) - create_upload_entry(upload_file_data, 'WildFire Upload File', result) + result, upload_body = wildfire_upload_file(upload) + pretty_upload_body = prettify_upload(upload_body) + human_readable = tableToMarkdown('WildFire Upload File', pretty_upload_body, removeNull=True) + command_results = (CommandResults(outputs_prefix=WILDFIRE_REPORT_DT_FILE, + outputs=pretty_upload_body, readable_output=human_readable, + raw_response=result)) + command_results_list.append(command_results) + return command_results_list @logger @@ -370,11 +370,23 @@ def wildfire_upload_file_url(upload): return result, upload_file_url_data -def wildfire_upload_file_url_command(): - uploads = argToList(demisto.args().get('upload')) +def wildfire_upload_file_url_with_polling_command(args) -> list: + return run_polling_command(args, 'wildfire-upload-file-url', wildfire_upload_file_url_command, + wildfire_get_report_command, 'URL') + + +def wildfire_upload_file_url_command(args) -> list: + assert_upload_argument(args) + command_results_list = [] + uploads = argToList(args.get('upload')) for upload in uploads: - result, upload_file_url_data = wildfire_upload_file_url(upload) - create_upload_entry(upload_file_url_data, 'WildFire Upload File URL', result) + result, upload_body = wildfire_upload_file_url(upload) + pretty_upload_body = prettify_upload(upload_body) + human_readable = tableToMarkdown('WildFire Upload File URL', pretty_upload_body, removeNull=True) + command_results = CommandResults(outputs_prefix=WILDFIRE_REPORT_DT_FILE, outputs=pretty_upload_body, + readable_output=human_readable, raw_response=result) + command_results_list.append(command_results) + return command_results_list @logger @@ -402,11 +414,115 @@ def wildfire_upload_url(upload): return result, upload_url_data -def wildfire_upload_url_command(): - uploads = argToList(demisto.args().get('upload')) +def wildfire_upload_url_command(args) -> list: + assert_upload_argument(args) + command_results_list = [] + uploads = argToList(args.get('upload')) for upload in uploads: result, upload_url_data = wildfire_upload_url(upload) - create_upload_entry(upload_url_data, 'WildFire Upload URL', result) + pretty_upload_body = prettify_upload(upload_url_data) + human_readable = tableToMarkdown('WildFire Upload URL', pretty_upload_body, removeNull=True) + command_results = CommandResults(outputs_prefix=WILDFIRE_REPORT_DT_FILE, + outputs=pretty_upload_body, readable_output=human_readable, + raw_response=result) + command_results_list.append(command_results) + return command_results_list + + +def wildfire_upload_url_with_polling_command(args): + return run_polling_command(args, 'wildfire-upload-url', wildfire_upload_url_command, + wildfire_get_report_command, 'URL') + + +def get_results_function_args(outputs, uploaded_item, args): + """ + This function is used for the polling flow. After calling a upload command on a url\file, in order to check the + status of the call, we need to retrieve the suitable identifier to call the results command on. for uploading a url, + the identifier is the url itself, but for a file we need to extract the file hash from the results of the initial + upload call. Therefore, this function extract that identifier from the data inserted to the context data by the + upload command. The function also adds the 'verbose' and 'format' arguments that were given priorly to the upload + command. + Args: + outputs: the context data from the search command + uploaded_item: 'FILE' or 'URL' + args: the args initially inserted to the upload function that initiated the polling sequence + + Returns: + + """ + results_function_args = {} + if uploaded_item == 'FILE': + identifier = {'md5': outputs.get('MD5')} + else: + identifier = {'url': outputs.get('URL')} + results_function_args.update(identifier) + + results_function_args.update({key: value for key, value in args.items() if key in ['verbose', 'format']}) + return results_function_args + + +def run_polling_command(args: dict, cmd: str, upload_function: Callable, results_function: Callable, uploaded_item): + """ + This function is generically handling the polling flow. In the polling flow, there is always an initial call that + starts the uploading to the API (referred here as the 'upload' function) and another call that retrieves the status + of that upload (referred here as the 'results' function). + The run_polling_command function runs the 'upload' function and returns a ScheduledCommand object that schedules + the next 'results' function, until the polling is complete. + Args: + args: the arguments required to the command being called, under cmd + cmd: the command to schedule by after the current command + upload_function: the function that initiates the uploading to the API + results_function: the function that retrieves the status of the previously initiated upload process + uploaded_item: the type of item being uploaded + + Returns: + + """ + ScheduledCommand.raise_error_if_not_supported() + command_results_list = [] + interval_in_secs = int(args.get('interval_in_seconds', 60)) + # distinguish between the initial run, which is the upload run, and the results run + is_new_search = 'url' not in args and 'md5' not in args and 'sha256' not in args and 'hash' not in args + if is_new_search: + assert_upload_argument(args) + for upload in argToList(args['upload']): + # narrow the args to the current single url or file + args['upload'] = upload + # create new search + command_results = upload_function(args)[0] + outputs = command_results.outputs + results_function_args = get_results_function_args(outputs, uploaded_item, args) + # schedule next poll + polling_args = { + 'interval_in_seconds': interval_in_secs, + 'polling': True, + **results_function_args, + } + scheduled_command = ScheduledCommand( + command=cmd, + next_run_in_seconds=interval_in_secs, + args=polling_args, + timeout_in_seconds=600) + command_results.scheduled_command = scheduled_command + command_results_list.append(command_results) + return command_results_list + # not a new search, get search status + command_results_list, status = results_function(args) + if status != 'Success': + # schedule next poll + polling_args = { + 'interval_in_seconds': interval_in_secs, + 'polling': True, + **args + } + scheduled_command = ScheduledCommand( + command=cmd, + next_run_in_seconds=interval_in_secs, + args=polling_args, + timeout_in_seconds=600) + + command_results_list = [CommandResults(scheduled_command=scheduled_command)] + return command_results_list @logger @@ -532,11 +648,12 @@ def wildfire_get_url_webartifacts_command(): result = wildfire_get_webartifacts(url, types) file_entry = fileResult(f'{url}_webartifacts.tgz', result.content, entryTypes['entryInfoFile']) demisto.results(file_entry) - except NotFoundError: + except NotFoundError as exc: + demisto.error(f'Webartifacts were not found. Error: {exc}') return_results('Webartifacts were not found. For more info contact your WildFire representative.') -def create_file_report(file_hash: str, reports, file_info, format_: str = 'xml', verbose: bool = False): +def parse_file_report(reports, file_info): udp_ip = [] udp_port = [] tcp_ip = [] @@ -597,7 +714,8 @@ def create_file_report(file_hash: str, reports, file_info, format_: str = 'xml', for domain in report["elf_info"]["Domains"]["entry"]: feed_related_indicators.append({'value': domain, 'type': 'Domain'}) if 'IP_Addresses' in report["elf_info"]: - if isinstance(report["elf_info"]["IP_Addresses"], dict) and 'entry' in report["elf_info"]["IP_Addresses"]: + if isinstance(report["elf_info"]["IP_Addresses"], dict) and 'entry' in\ + report["elf_info"]["IP_Addresses"]: for ip in report["elf_info"]["IP_Addresses"]["entry"]: feed_related_indicators.append({'value': ip, 'type': 'IP'}) if 'suspicious' in report["elf_info"]: @@ -647,33 +765,46 @@ def create_file_report(file_hash: str, reports, file_info, format_: str = 'xml', if len(evidence_text) > 0: outputs["Evidence"]["Text"] = evidence_text - entry_context = {} # type: Dict[str, Any] - dbot_score_file = 0 - - entry_context["WildFire.Report(val.SHA256 === obj.SHA256)"] = outputs - - if file_info: - if file_info["malware"] == 'yes': - dbot_score_file = 3 - entry_context[outputPaths['file']] = { - 'Type': file_info["filetype"], - 'MD5': file_info["md5"], - 'SHA1': file_info["sha1"], - 'SHA256': file_info["sha256"], - 'Size': file_info["size"], - 'Name': file_info["filename"] if 'filename' in file_info else None, - 'Malicious': {'Vendor': 'WildFire'}, - 'FeedRelatedIndicators': feed_related_indicators, - 'Tags': ['malware'], - 'Behavior': behavior - } - else: - dbot_score_file = 1 - dbot = [{'Indicator': file_hash, 'Type': 'hash', 'Vendor': 'WildFire', 'Score': dbot_score_file, - 'Reliability': RELIABILITY}, - {'Indicator': file_hash, 'Type': 'file', 'Vendor': 'WildFire', 'Score': dbot_score_file, - 'Reliability': RELIABILITY}] - entry_context["DBotScore"] = dbot + feed_related_indicators = create_feed_related_indicators_object(feed_related_indicators) + behavior = create_behaviors_object(behavior) + return outputs, feed_related_indicators, behavior + + +def create_feed_related_indicators_object(feed_related_indicators): + """ + This function is used while enhancing the integration, enabling the use of Common.FeedRelatedIndicators object + + """ + feed_related_indicators_objects_list = [] + for item in feed_related_indicators: + feed_related_indicators_objects_list.append(Common.FeedRelatedIndicators(value=item['value'], + indicator_type=item['type'])) + return feed_related_indicators_objects_list + + +def create_behaviors_object(behaviors): + """ + This function is used while enhancing the integration, enabling the use of Common.Behaviors object + + """ + behaviors_objects_list = [] + for item in behaviors: + behaviors_objects_list.append(Common.Behaviors(details=item['details'], action=item['action'])) + return behaviors_objects_list + + +def create_file_report(file_hash: str, reports, file_info, format_: str = 'xml', verbose: bool = False): + + outputs, feed_related_indicators, behavior = parse_file_report(reports, file_info) + + dbot_score = 3 if file_info["malware"] == 'yes' else 1 + + dbot_score_object = Common.DBotScore(indicator=file_hash, indicator_type=DBotScoreType.FILE, + integration_name='WildFire', score=dbot_score) + file = Common.File(dbot_score=dbot_score_object, name=file_info.get('filename'), + file_type=file_info.get('filetype'), md5=file_info.get('md5'), sha1=file_info.get('sha1'), + sha256=file_info.get('sha256'), size=file_info.get('size'), + feed_related_indicators=feed_related_indicators, tags=['malware'], behaviors=behavior) if format_ == 'pdf': get_report_uri = URL + URL_DICT["report"] @@ -687,11 +818,9 @@ def create_file_report(file_hash: str, reports, file_info, format_: str = 'xml', file_name = 'wildfire_report_' + file_hash + '.pdf' file_type = entryTypes['entryInfoFile'] - result = fileResult(file_name, res_pdf.content, - file_type) # will be saved under 'InfoFile' in the context. - result['EntryContext'] = entry_context - + result = fileResult(file_name, res_pdf.content, file_type) # will be saved under 'InfoFile' in the context. demisto.results(result) + human_readable = tableToMarkdown('WildFire File Report - PDF format', prettify_report_entry(file_info)) else: human_readable = tableToMarkdown('WildFire File Report', prettify_report_entry(file_info)) @@ -700,152 +829,149 @@ def create_file_report(file_hash: str, reports, file_info, format_: str = 'xml', if isinstance(report, dict): human_readable += tableToMarkdown('Report ', report, list(report), removeNull=True) - demisto.results({ - 'Type': entryTypes['note'], - 'Contents': reports, - 'ContentsFormat': formats['json'], - 'HumanReadable': human_readable, - 'ReadableContentsFormat': formats['markdown'], - 'EntryContext': entry_context - }) + return human_readable, outputs, file + + +def get_sha256_of_file_from_report(report): + if maec_packages := report.get('maec_packages'): + for item in maec_packages: + if hashes := item.get('hashes'): + return hashes.get('SHA256') + return None @logger -def wildfire_get_url_report(url: str): +def wildfire_get_url_report(url: str) -> Tuple: + """ + This functions is used for retrieving the results of a previously uploaded url. + Args: + url: The url of interest. + + Returns: + A CommandResults object with the results of the request and the status of that upload (Pending/Success/NotFound). + + """ + get_report_uri = f"{URL}{URL_DICT['report']}" - params = { - 'apikey': TOKEN, - 'url': url - } + params = {'apikey': TOKEN, 'url': url} entry_context = {'URL': url} + try: - result = http_request(get_report_uri, 'POST', headers=DEFAULT_HEADERS, params=params, resp_type='json').get( - 'result') - except NotFoundError: - entry_context['Status'] = 'NotFound' - demisto.results({ - 'Type': entryTypes['note'], - 'HumanReadable': 'Report not found.', - 'Contents': None, - 'ContentsFormat': formats['json'], - 'ReadableContentsFormat': formats['text'], - 'EntryContext': { - "WildFire.Report(val.URL == obj.URL)": entry_context - } - }) - return None, None + response = http_request(get_report_uri, 'POST', headers=DEFAULT_HEADERS, params=params, resp_type='json') + report = response.get('result').get('report') - report = result.get('report', None) - if not report: - entry_context['Status'] = 'Pending' - demisto.results({ - 'Type': entryTypes['note'], - 'Contents': result, - 'ContentsFormat': formats['json'], - 'HumanReadable': 'The sample is still being analyzed. Please wait to download the report.', - 'ReadableContentsFormat': formats['text'], - 'EntryContext': { - "WildFire.Report(val.URL == obj.URL)": entry_context - } - }) - return None, None + if not report: + entry_context['Status'] = 'Pending' + human_readable = 'The sample is still being analyzed. Please wait to download the report.' + + else: + entry_context['Status'] = 'Success' + report = json.loads(report) if type(report) is not dict else report + report.update(entry_context) + sha256_of_file_in_url = get_sha256_of_file_from_report(report) + human_readable_dict = {'SHA256': sha256_of_file_in_url, 'URL': url, 'Status': 'Success'} + human_readable = tableToMarkdown(f'Wildfire URL report for {url}', t=human_readable_dict, removeNull=True) - j_report = json.loads(report) - entry_context['Status'] = 'Success' - j_report.update(entry_context) + except NotFoundError: + entry_context['Status'] = 'NotFound' + human_readable = 'Report not found.' + report = '' + except Exception as e: + entry_context['Status'] = '' + human_readable = f'Error while requesting the report: {e}.' + report = '' + demisto.error(f'Error while requesting the given report. Error: {e}') - return url, j_report + finally: + command_results = CommandResults(outputs_prefix='WildFire.Report', outputs_key_field='url', + outputs=report, readable_output=human_readable, raw_response=report) + return command_results, entry_context['Status'] @logger -def wildfire_get_file_report(file_hash: str): +def wildfire_get_file_report(file_hash: str, args: dict): get_report_uri = URL + URL_DICT["report"] - params = { - 'apikey': TOKEN, - 'format': 'xml', - 'hash': file_hash - } + params = {'apikey': TOKEN, 'format': 'xml', 'hash': file_hash} + # necessarily one of them as passed the hash_args_handler - hash_type = 'SHA256' if sha256Regex.match(file_hash) else 'MD5' - entry_context = {hash_type: file_hash} + sha256 = file_hash if sha256Regex.match(file_hash) else None + md5 = file_hash if md5Regex.match(file_hash) else None + entry_context = {key: value for key, value in (['MD5', md5], ['SHA256', sha256]) if value} try: json_res = http_request(get_report_uri, 'POST', headers=DEFAULT_HEADERS, params=params) - except NotFoundError: - entry_context['Status'] = 'NotFound' - dbot_score_file = 0 - dbot = [{'Indicator': file_hash, 'Type': 'hash', 'Vendor': 'WildFire', 'Score': dbot_score_file}, - {'Indicator': file_hash, 'Type': 'file', 'Vendor': 'WildFire', 'Score': dbot_score_file}] - demisto.results({ - 'Type': entryTypes['note'], - 'HumanReadable': 'Report not found.', - 'Contents': None, - 'ContentsFormat': formats['json'], - 'ReadableContentsFormat': formats['text'], - 'EntryContext': { - "WildFire.Report(val.SHA256 && val.SHA256 == obj.SHA256 || val.MD5 && val.MD5 == obj.MD5)": - entry_context, - 'DBotScore': dbot - } - }) - return None, None, None + reports = json_res.get('wildfire', {}).get('task_info', {}).get('report') + file_info = json_res.get('wildfire').get('file_info') - task_info = json_res["wildfire"].get('task_info', None) - reports = task_info.get('report', None) if task_info else None - file_info = json_res["wildfire"].get('file_info', None) + verbose = args.get('verbose', 'false').lower() == 'true' + format_ = args.get('format', 'xml') - if not reports or not file_info: - entry_context['Status'] = 'Pending' - demisto.results({ - 'Type': entryTypes['note'], - 'Contents': json_res, - 'ContentsFormat': formats['json'], - 'HumanReadable': 'The sample is still being analyzed. Please wait to download the report.', - 'ReadableContentsFormat': formats['text'], - 'EntryContext': { - "WildFire.Report(val.SHA256 && val.SHA256 == obj.SHA256 || val.MD5 && val.MD5 == obj.MD5)": - entry_context - } - }) - return None, None, None - return file_hash, reports, file_info + if reports and file_info: + human_readable, entry_context, indicator = create_file_report(file_hash, + reports, file_info, format_, verbose) + else: + entry_context['Status'] = 'Pending' + human_readable = 'The sample is still being analyzed. Please wait to download the report.' + indicator = None -def wildfire_get_report_command(): - urls = argToList(demisto.args().get('url', '')) - if 'sha256' in demisto.args(): - sha256 = demisto.args().get('sha256', None) - elif 'hash' in demisto.args(): - sha256 = demisto.args().get('hash', None) + except NotFoundError as exc: + entry_context['Status'] = 'NotFound' + human_readable = 'Report not found.' + dbot_score_file = 0 + json_res = '' + dbot_score_object = Common.DBotScore( + indicator=file_hash, + indicator_type=DBotScoreType.FILE, + integration_name='WildFire', + score=dbot_score_file, + reliability=RELIABILITY) + indicator = Common.File(dbot_score=dbot_score_object, md5=md5, sha256=sha256) + demisto.error(f'Report not found. Error: {exc}') + + finally: + try: + command_results = CommandResults(outputs_prefix=WILDFIRE_REPORT_DT_FILE, + outputs=remove_empty_elements(entry_context), + readable_output=human_readable, indicator=indicator, raw_response=json_res) + return command_results, entry_context['Status'] + except Exception: + raise DemistoException('Error while trying to get the report from the API.') + + +def wildfire_get_report_command(args): + """ + Args: + args: the command arguments from demisto.args(), including url or file hash (sha256 or md5) to query on + + Returns: + A single or list of CommandResults, and the status of the reports of the url or file of interest. + Note that the status is only used for the polling sequence, where the command will always receive a single + file or url. Hence, when running this command via the polling sequence, the CommandResults list will contain a + single item, and the status will represent that result's status. + + """ + command_results_list = [] + urls = argToList(args.get('url', '')) + if 'sha256' in args: + sha256 = args.get('sha256') + elif 'hash' in args: + sha256 = args.get('hash') else: sha256 = None - md5 = demisto.args().get('md5', None) - if urls: - inputs = urls - url_report = True - else: - inputs = hash_args_handler(sha256, md5) - url_report = False + md5 = args.get('md5') + inputs = urls if urls else hash_args_handler(sha256, md5) - verbose = demisto.args().get('verbose', 'false').lower() == 'true' - format_ = demisto.args().get('format', 'xml') for element in inputs: - if url_report: - url, report = wildfire_get_url_report(element) - if url is not None: - headers = ['sha256', 'type', 'verdict', 'iocs'] - human_readable = tableToMarkdown(f'Wildfire URL report for {url}', t=report, headers=headers, - removeNull=True) - entry_context = {"WildFire.Report(val.URL == obj.URL)": report} - return_outputs(human_readable, entry_context, report) - else: - ioc, report, file_info = wildfire_get_file_report(element) - if ioc is not None: - create_file_report(ioc, report, file_info, format_, verbose) + command_results, status = wildfire_get_url_report(element) if urls else wildfire_get_file_report(element, args) + command_results_list.append(command_results) + + return command_results_list, status -def wildfire_file_command(): - inputs = file_args_handler(demisto.args().get('file'), demisto.args().get('md5'), demisto.args().get('sha256')) +def wildfire_file_command(args): + inputs = file_args_handler(args.get('file'), args.get('md5'), args.get('sha256')) + command_results_list = [] for element in inputs: if sha1Regex.match(element): demisto.results({ @@ -854,9 +980,9 @@ def wildfire_file_command(): 'ContentsFormat': formats['text'] }) else: - file_hash, report, file_info = wildfire_get_file_report(element) - if file_hash is not None: - create_file_report(file_hash, report, file_info, 'xml', False) + command_results = wildfire_get_file_report(element, args)[0] + command_results_list.append(command_results) + return command_results def wildfire_get_sample(file_hash): @@ -890,15 +1016,26 @@ def wildfire_get_sample_command(): # will be saved under 'File' in the context, can be further investigated. file_entry = fileResult(file_name, result.content) demisto.results(file_entry) - except NotFoundError: + except NotFoundError as exc: + demisto.error(f'Sample was not found. Error: {exc}') demisto.results( 'Sample was not found. ' 'Please note that grayware and benign samples are available for 14 days only. ' 'For more info contact your WildFire representative.') +def assert_upload_argument(args): + """ + Assert the upload argument is inserted when running the command without the builtin polling flow. + The upload argument is only required when polling is false. + """ + if not args.get('upload'): + raise ValueError('Please specify the item you wish to upload using the \'upload\' argument.') + + def main(): command = demisto.command() + args = demisto.args() LOG(f'command is {command}') try: @@ -909,19 +1046,28 @@ def main(): test_module() elif command == 'wildfire-upload': - wildfire_upload_file_command() + if args.get('polling') == 'true': + return_results(wildfire_upload_file_with_polling_command(args)) + else: + return_results(wildfire_upload_file_command(args)) elif command in ['wildfire-upload-file-remote', 'wildfire-upload-file-url']: - wildfire_upload_file_url_command() + if args.get('polling') == 'true': + return_results(wildfire_upload_file_url_with_polling_command(args)) + else: + return_results(wildfire_upload_file_url_command(args)) elif command == 'wildfire-upload-url': - wildfire_upload_url_command() + if args.get('polling') == 'true': + return_results(wildfire_upload_url_with_polling_command(args)) + else: + return_results(wildfire_upload_url_command(args)) elif command == 'wildfire-report': - wildfire_get_report_command() + return_results(wildfire_get_report_command(args)[0]) elif command == 'file': - wildfire_file_command() + return_results(wildfire_file_command(args)) elif command == 'wildfire-get-sample': wildfire_get_sample_command() diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.yml b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.yml index 2e60f879acde..456557118fc8 100644 --- a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.yml +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2.yml @@ -144,12 +144,60 @@ script: description: ID of the entry containing the file to upload isArray: true name: upload - required: true + required: false + secret: false + - auto: PREDEFINED + default: false + description: Use XSOAR built-in polling to retrieve the result when it's ready. + isArray: false + name: polling + predefined: + - 'true' + - 'false' + - default: false + description: Interval in seconds between each poll. + isArray: false + name: interval_in_seconds + required: false + secret: false + defaultValue: '60' + - default: false + description: Used for the inner polling flow, for uploading a file use the 'upload' + argument instead + isArray: true + name: md5 + required: false + secret: false + deprecated: true + - auto: PREDEFINED + default: false + defaultValue: pdf + description: Request a structured report. Possible values are "XML" and "PDF". + Only relevant when polling=true. + isArray: false + name: format + predefined: + - xml + - pdf + required: false + secret: false + - auto: PREDEFINED + default: false + defaultValue: 'false' + description: Receive extended information from WildFire. Only relevant when + polling=true. + isArray: false + name: verbose + predefined: + - 'true' + - 'false' + required: false secret: false deprecated: false description: Uploads a file to WildFire for analysis. execution: false name: wildfire-upload + polling: true outputs: - contextPath: WildFire.Report.MD5 description: MD5 hash of the submission. @@ -166,17 +214,161 @@ script: - contextPath: WildFire.Report.Status description: The status of the submission. type: string + - contextPath: File.Name + description: Name of the file. + type: string + - contextPath: File.Type + description: 'File type, for example: "PE"' + type: string + - contextPath: File.Size + description: Size of the file. + type: number + - contextPath: File.MD5 + description: MD5 hash of the file. + type: string + - contextPath: File.SHA1 + description: SHA1 hash of the file. + type: string + - contextPath: File.SHA256 + description: SHA256 hash of the file. + type: string + - contextPath: File.Malicious.Vendor + description: For malicious files, the vendor that made the decision. + type: string + - contextPath: DBotScore.Indicator + description: The indicator that was tested. + type: string + - contextPath: DBotScore.Type + description: The indicator type. + type: string + - contextPath: DBotScore.Vendor + description: Vendor used to calculate the score. + type: string + - contextPath: DBotScore.Score + description: The actual score. + type: number + - contextPath: InfoFile.EntryID + description: The EntryID of the report file. + type: string + - contextPath: InfoFile.Extension + description: The extension of the report file. + type: string + - contextPath: InfoFile.Name + description: The name of the report file. + type: string + - contextPath: InfoFile.Info + description: Details of the report file. + type: string + - contextPath: InfoFile.Size + description: The size of the report file. + type: number + - contextPath: InfoFile.Type + description: The report file type. + type: string + - contextPath: WildFire.Report.Network.UDP.IP + description: Submission related IPs, in UDP protocol. + type: string + - contextPath: WildFire.Report.Network.UDP.Port + description: Submission related ports, in UDP protocol. + type: string + - contextPath: WildFire.Report.Network.TCP.IP + description: Submission related IPs, in TCP protocol. + type: string + - contextPath: WildFire.Report.Network.TCP.Port + description: Submission related ports, in TCP protocol. + type: string + - contextPath: WildFire.Report.Network.DNS.Query + description: Submission DNS queries. + type: string + - contextPath: WildFire.Report.Network.DNS.Response + description: Submission DNS responses. + type: string + - contextPath: WildFire.Report.Evidence.md5 + description: Submission evidence MD5 hash. + type: string + - contextPath: WildFire.Report.Evidence.Text + description: Submission evidence text. + type: string + - contextPath: WildFire.Report.detection_reasons.description + description: Reason for the detection verdict. + type: string + - contextPath: WildFire.Report.detection_reasons.name + description: Name of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.type + description: Type of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.verdict + description: Verdict of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.artifacts + description: Artifacts of the detection reasons. + type: unknown + - contextPath: WildFire.Report.iocs + description: Associated IOCs. + type: unknown + - contextPath: WildFire.Report.verdict + description: The verdict of the report. + type: string - arguments: - default: false description: URL of the remote file to upload. isArray: false name: upload - required: true + required: false + secret: false + - default: false + description: Used for the inner polling flow, for uploading a url use the 'upload' + argument instead. + isArray: false + name: url + required: false + secret: false + deprecated: true + - auto: PREDEFINED + default: false + description: Use XSOAR built-in polling to retrieve the result when it's ready. + isArray: false + name: polling + predefined: + - 'true' + - 'false' + - default: false + description: Interval in seconds between each poll. + isArray: false + name: interval_in_seconds + required: false + secret: false + defaultValue: '60' + - auto: PREDEFINED + default: false + defaultValue: pdf + description: Request a structured report (XML or PDF). Only relevant for when + using polling=true. + isArray: false + name: format + predefined: + - xml + - pdf + required: false + secret: false + - auto: PREDEFINED + default: false + defaultValue: 'false' + description: Receive extended information from WildFire. Only relevant for when + using polling=true. + isArray: false + name: verbose + predefined: + - 'true' + - 'false' + required: false secret: false deprecated: false description: Uploads the URL of a remote file to WildFire for analysis. execution: false name: wildfire-upload-file-url + polling: true outputs: - contextPath: WildFire.Report.MD5 description: MD5 hash of the submission. @@ -190,6 +382,102 @@ script: - contextPath: WildFire.Report.URL description: URL of the submission. type: string + - contextPath: File.Name + description: Name of the file. + type: string + - contextPath: File.Type + description: 'File type, for example: "PE"' + type: string + - contextPath: File.Size + description: Size of the file. + type: number + - contextPath: File.MD5 + description: MD5 hash of the file. + type: string + - contextPath: File.SHA1 + description: SHA1 hash of the file. + type: string + - contextPath: File.SHA256 + description: SHA256 hash of the file. + type: string + - contextPath: File.Malicious.Vendor + description: For malicious files, the vendor that made the decision. + type: string + - contextPath: DBotScore.Indicator + description: The indicator that was tested. + type: string + - contextPath: DBotScore.Type + description: The indicator type. + type: string + - contextPath: DBotScore.Vendor + description: Vendor used to calculate the score. + type: string + - contextPath: DBotScore.Score + description: The actual score. + type: number + - contextPath: InfoFile.EntryID + description: The EntryID of the report file. + type: string + - contextPath: InfoFile.Extension + description: The extension of the report file. + type: string + - contextPath: InfoFile.Name + description: The name of the report file. + type: string + - contextPath: InfoFile.Info + description: Details of the report file. + type: string + - contextPath: InfoFile.Size + description: The size of the report file. + type: number + - contextPath: InfoFile.Type + description: The report file type. + type: string + - contextPath: WildFire.Report.Network.UDP.IP + description: Submission related IPs, in UDP protocol. + type: string + - contextPath: WildFire.Report.Network.UDP.Port + description: Submission related ports, in UDP protocol. + type: string + - contextPath: WildFire.Report.Network.TCP.IP + description: Submission related IPs, in TCP protocol. + type: string + - contextPath: WildFire.Report.Network.TCP.Port + description: Submission related ports, in TCP protocol. + type: string + - contextPath: WildFire.Report.Network.DNS.Query + description: Submission DNS queries. + type: string + - contextPath: WildFire.Report.Network.DNS.Response + description: Submission DNS responses. + type: string + - contextPath: WildFire.Report.Evidence.md5 + description: Submission evidence MD5 hash. + type: string + - contextPath: WildFire.Report.Evidence.Text + description: Submission evidence text. + type: string + - contextPath: WildFire.Report.detection_reasons.description + description: Reason for the detection verdict. + type: string + - contextPath: WildFire.Report.detection_reasons.name + description: Name of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.type + description: Type of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.verdict + description: Verdict of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.artifacts + description: Artifacts of the detection reasons. + type: unknown + - contextPath: WildFire.Report.iocs + description: Associated IOCs. + type: unknown + - contextPath: WildFire.Report.verdict + description: The verdict of the report. + type: string - arguments: - default: false description: MD5 hash to check. @@ -383,7 +671,8 @@ script: type: number - arguments: - default: false - description: EntryID of the text file that contains multiple hashes. Limit is 500 hashes. + description: EntryID of the text file that contains multiple hashes. Limit is + 500 hashes. isArray: true name: EntryID required: false @@ -395,7 +684,8 @@ script: required: false secret: false deprecated: false - description: Returns a verdict regarding multiple hashes, stored in a TXT file or given as list. + description: Returns a verdict regarding multiple hashes, stored in a TXT file + or given as list. execution: false name: wildfire-get-verdicts outputs: @@ -428,18 +718,66 @@ script: description: URL to submit to WildFire. isArray: true name: upload - required: true + required: false + secret: false + - default: false + description: Used for the inner polling flow, for uploading a url use the 'upload' + argument instead. + isArray: true + name: url + required: false + secret: false + deprecated: true + - auto: PREDEFINED + default: false + description: Use XSOAR built-in polling to retrieve the result when it's ready. + isArray: false + name: polling + predefined: + - 'true' + - 'false' + - default: false + description: Interval in seconds between each poll. + isArray: false + name: interval_in_seconds + required: false + secret: false + defaultValue: '60' + - auto: PREDEFINED + default: false + defaultValue: pdf + description: Request a structured report (XML or PDF). Only relevant for when + using polling=true. + isArray: false + name: format + predefined: + - xml + - pdf + required: false + secret: false + - auto: PREDEFINED + default: false + defaultValue: 'false' + description: Receive extended information from WildFire. Only relevant for when + using polling=true. + isArray: false + name: verbose + predefined: + - 'true' + - 'false' + required: false secret: false deprecated: false description: Uploads a URL of a webpage to WildFire for analysis. execution: false name: wildfire-upload-url + polling: true outputs: - contextPath: WildFire.Report.MD5 description: MD5 of the submission. type: string - contextPath: WildFire.Report.SHA256 - description: SHA256 of the submission. + description: SHA256 of the report. type: string - contextPath: WildFire.Report.Status description: The status of the submission. @@ -447,6 +785,102 @@ script: - contextPath: WildFire.Report.URL description: URL of the submission. type: string + - contextPath: File.Name + description: Name of the file. + type: string + - contextPath: File.Type + description: 'File type, for example: "PE"' + type: string + - contextPath: File.Size + description: Size of the file. + type: number + - contextPath: File.MD5 + description: MD5 hash of the file. + type: string + - contextPath: File.SHA1 + description: SHA1 hash of the file. + type: string + - contextPath: File.SHA256 + description: SHA256 hash of the file. + type: string + - contextPath: File.Malicious.Vendor + description: For malicious files, the vendor that made the decision. + type: string + - contextPath: DBotScore.Indicator + description: The indicator that was tested. + type: string + - contextPath: DBotScore.Type + description: The indicator type. + type: string + - contextPath: DBotScore.Vendor + description: Vendor used to calculate the score. + type: string + - contextPath: DBotScore.Score + description: The actual score. + type: number + - contextPath: InfoFile.EntryID + description: The EntryID of the report file. + type: string + - contextPath: InfoFile.Extension + description: The extension of the report file. + type: string + - contextPath: InfoFile.Name + description: The name of the report file. + type: string + - contextPath: InfoFile.Info + description: Details of the report file. + type: string + - contextPath: InfoFile.Size + description: The size of the report file. + type: number + - contextPath: InfoFile.Type + description: The report file type. + type: string + - contextPath: WildFire.Report.Network.UDP.IP + description: Submission related IPs, in UDP protocol. + type: string + - contextPath: WildFire.Report.Network.UDP.Port + description: Submission related ports, in UDP protocol. + type: string + - contextPath: WildFire.Report.Network.TCP.IP + description: Submission related IPs, in TCP protocol. + type: string + - contextPath: WildFire.Report.Network.TCP.Port + description: Submission related ports, in TCP protocol. + type: string + - contextPath: WildFire.Report.Network.DNS.Query + description: Submission DNS queries. + type: string + - contextPath: WildFire.Report.Network.DNS.Response + description: Submission DNS responses. + type: string + - contextPath: WildFire.Report.Evidence.md5 + description: Submission evidence MD5 hash. + type: string + - contextPath: WildFire.Report.Evidence.Text + description: Submission evidence text. + type: string + - contextPath: WildFire.Report.detection_reasons.description + description: Reason for the detection verdict. + type: string + - contextPath: WildFire.Report.detection_reasons.name + description: Name of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.type + description: Type of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.verdict + description: Verdict of the detection. + type: string + - contextPath: WildFire.Report.detection_reasons.artifacts + description: Artifacts of the detection reasons. + type: unknown + - contextPath: WildFire.Report.iocs + description: Associated IOCs. + type: unknown + - contextPath: WildFire.Report.verdict + description: The verdict of the report. + type: string - arguments: - default: false description: MD5 hash of the sample. @@ -473,7 +907,8 @@ script: secret: false - auto: PREDEFINED default: false - description: Whether to download as screenshots or as downloadable files. if not specified, both will be downloaded. + description: Whether to download as screenshots or as downloadable files. if + not specified, both will be downloaded. isArray: false name: types required: false @@ -482,7 +917,8 @@ script: - 'screenshot' secret: false deprecated: false - description: Get web artifacts for a URL webpage. An empty tgz will be returned, no matter what the verdict, or even if the URL is malformed. + description: Get web artifacts for a URL webpage. An empty tgz will be returned, + no matter what the verdict, or even if the URL is malformed. execution: false name: wildfire-get-url-webartifacts outputs: diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2_test.py b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2_test.py index 0a89997501a9..99bde374fea0 100644 --- a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2_test.py +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/Palo_Alto_Networks_WildFire_v2_test.py @@ -1,9 +1,13 @@ +import json +import io + from requests import Response import demistomock as demisto from Palo_Alto_Networks_WildFire_v2 import prettify_upload, prettify_report_entry, prettify_verdict, \ create_dbot_score_from_verdict, prettify_verdicts, create_dbot_score_from_verdicts, hash_args_handler, \ - file_args_handler, wildfire_get_sample_command, wildfire_get_report_command + file_args_handler, wildfire_get_sample_command, wildfire_get_report_command, run_polling_command, \ + wildfire_upload_url_command def test_will_return_ok(): @@ -165,26 +169,100 @@ def test_report_chunked_response(mocker): return_value={'hash': '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51', 'format': 'xml'}) mocker.patch("Palo_Alto_Networks_WildFire_v2.URL", "https://wildfire.paloaltonetworks.com/publicapi") - wildfire_get_report_command() - result = {'Type': 1, - 'Contents': [{'version': '2.0', 'platform': '100', 'software': 'PDF Static Analyzer', - 'sha256': '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51', - 'md5': '4b41a3475132bd861b30a878e30aa56a', 'malware': 'no', 'summary': None}], - 'ContentsFormat': 'json', - 'HumanReadable': '### WildFire File Report\n|FileType|MD5|SHA256|Size|Status|\n|---|---|---|---|---|\n' - '| PDF | 4b41a3475132bd861b30a878e30aa56a | ' - '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51 | 3028 ' - '| Completed |\n', - 'ReadableContentsFormat': 'markdown', - 'EntryContext': - {'WildFire.Report(val.SHA256 === obj.SHA256)': { - 'Status': 'Success', - 'SHA256': '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51'}, - 'DBotScore': [ - {'Indicator': '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51', - 'Type': 'hash', - 'Vendor': 'WildFire', 'Score': 1, 'Reliability': 'B - Usually reliable'}, - {'Indicator': '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51', - 'Type': 'file', - 'Vendor': 'WildFire', 'Score': 1, 'Reliability': 'B - Usually reliable'}]}} - assert demisto.results.call_args[0][0] == result + command_results, status = wildfire_get_report_command( + {'hash': '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51', + 'format': 'xml'}) + hr = '### WildFire File Report\n|FileType|MD5|SHA256|Size|Status|\n|---|---|---|---|---|\n|' \ + ' PDF | 4b41a3475132bd861b30a878e30aa56a | 8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51 |' \ + ' 3028 | Completed |\n' + context = {'Status': 'Success', 'SHA256': '8decc8571946d4cd70a024949e033a2a2a54377fe9f1c1b944c20f9ee11a9e51'} + + assert command_results[0].outputs == context + assert command_results[0].readable_output == hr + + +def util_load_json(path): + with io.open(path, mode='r', encoding='utf-8') as f: + return json.loads(f.read()) + + +def test_running_polling_command_success(mocker): + """ + Given: + An upload request of a url or a file using the polling flow, that was already initiated priorly and is now + complete. + When: + When, while in the polling flow, we are checking the status of on an upload that was initiated earlier and is + already complete. + Then: + Return a command results object, without scheduling a new command. + """ + args = {'url': 'www.google.com'} + response_upload = util_load_json('./tests_data/upload_url_response.json') + upload_url_data = {'url': 'https://www.demisto.com', + 'sha256': 'c51a8231d1be07a2545ac99e86a25c5d68f88380b7ebf7ac91501661e6d678bb', + 'md5': '67632f32e6af123aa8ffd1fe8765a783'} + mocker.patch('CommonServerPython.ScheduledCommand.raise_error_if_not_supported') + mocker.patch('Palo_Alto_Networks_WildFire_v2.wildfire_upload_url', return_value=(response_upload, upload_url_data)) + response_report = util_load_json('./tests_data/report_url_response_success.json') + mocker.patch('Palo_Alto_Networks_WildFire_v2.http_request', return_value=response_report) + expected_outputs = util_load_json('./tests_data/expected_outputs_upload_url_success.json') + command_results = run_polling_command(args, 'wildfire-upload-url', wildfire_upload_url_command, + wildfire_get_report_command, 'URL') + assert command_results[0].outputs.get('detection_reasons') == expected_outputs.get('detection_reasons') + assert command_results[0].scheduled_command is None + + +def test_running_polling_command_pending(mocker): + """ + Given: + An upload request of a url or a file using the polling flow, that was already initiated priorly and is not + completed yet. + When: + When, while in the polling flow, we are checking the status of on an upload that was initiated earlier and is + not complete yet. + Then: + Return a command results object, with scheduling a new command. + """ + args = {'url': 'wwwdom'} + response_upload = util_load_json('./tests_data/upload_url_response.json') + upload_url_data = {'url': 'https://www.demisto.com', + 'sha256': 'c51a8231d1be07a2545ac99e86a25c5d68f88380b7ebf7ac91501661e6d678bb', + 'md5': '67632f32e6af123aa8ffd1fe8765a783'} + mocker.patch('CommonServerPython.ScheduledCommand.raise_error_if_not_supported') + mocker.patch('Palo_Alto_Networks_WildFire_v2.wildfire_upload_url', return_value=(response_upload, upload_url_data)) + response_report = util_load_json('./tests_data/report_url_response_pending.json') + mocker.patch('Palo_Alto_Networks_WildFire_v2.http_request', return_value=response_report) + command_results = run_polling_command(args, 'wildfire-upload-url', wildfire_upload_url_command, + wildfire_get_report_command, 'URL') + assert command_results[0].outputs is None + assert command_results[0].scheduled_command is not None + + +def test_running_polling_command_new_search(mocker): + """ + Given: + An upload request of a url or a file using the polling flow, that was already initiated priorly and is not + completed yet. + When: + When, while in the polling flow, we are checking the status of on an upload that was initiated earlier and is + not complete yet. + Then: + Return a command results object, with scheduling a new command. + """ + args = {'upload': 'https://www.demisto.com'} + mocker.patch('CommonServerPython.ScheduledCommand.raise_error_if_not_supported') + response_upload = util_load_json('./tests_data/upload_url_response.json') + upload_url_data = {'url': 'https://www.demisto.com', + 'sha256': 'c51a8231d1be07a2545ac99e86a25c5d68f88380b7ebf7ac91501661e6d678bb', + 'md5': '67632f32e6af123aa8ffd1fe8765a783'} + mocker.patch('Palo_Alto_Networks_WildFire_v2.wildfire_upload_url', return_value=(response_upload, upload_url_data)) + response_report = util_load_json('./tests_data/report_url_response_pending.json') + mocker.patch('Palo_Alto_Networks_WildFire_v2.http_request', return_value=response_report) + command_results = run_polling_command(args, 'wildfire-upload-url', wildfire_upload_url_command, + wildfire_get_report_command, 'URL') + expected_outputs = {'MD5': '67632f32e6af123aa8ffd1fe8765a783', + 'SHA256': 'c51a8231d1be07a2545ac99e86a25c5d68f88380b7ebf7ac91501661e6d678bb', + 'Status': 'Pending', 'URL': 'https://www.demisto.com'} + assert command_results[0].outputs == expected_outputs + assert command_results[0].scheduled_command is not None diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/README.md b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/README.md index 66709d3451c6..68d74ee8962e 100644 --- a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/README.md +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/README.md @@ -17,17 +17,17 @@ Use the Palo Alto Networks Wildfire integration to automatically identify unknow ## Configure WildFire v2 on Cortex XSOAR 1. Navigate to **Settings** > **Integrations** > **Servers & Services**. -2. Search for WildFire v2. +2. Search for WildFire-v2. 3. Click **Add instance** to create and configure a new integration instance. - | **Parameter** | **Required** | - | --- | --- | - | Server base URL (e.g. https://192.168.0.1/publicapi) | True | - | API Key | True | - | Source Reliability | Reliability of the source providing the intelligence data. | B - Usually reliable | - | Trust any certificate (not secure) | False | - | Use system proxy settings | False | - | Return warning entry for unsupported file types | False | + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Server base URL (e.g. https://192.168.0.1/publicapi) | | True | + | API Key | | True | + | Source Reliability | Reliability of the source providing the intelligence data. | True | + | Trust any certificate (not secure) | | False | + | Use system proxy settings | | False | + | Return warning entry for unsupported file types | | False | 4. Click **Test** to validate the URLs, token, and connection. ## Commands @@ -61,11 +61,6 @@ Retrieve results for a file hash using WildFire | File.SHA1 | string | SHA1 hash of the file. | | File.SHA256 | string | SHA256 hash of the file. | | File.Malicious.Vendor | string | For malicious files, the vendor that made the decision. | -| File.FeedRelatedIndicators.value | string | Indicators that are associated with the File. | -| File.FeedRelatedIndicators.type | string | The type of the indicators that are associated with the File. | -| File.Tags | string | Tags that are associated with the File. | -| File.Behavior.details | string | File behavior details. | -| File.Behavior.action | string | File behavior action. | | DBotScore.Indicator | string | The indicator that was tested. | | DBotScore.Type | string | The indicator type. | | DBotScore.Vendor | string | The vendor used to calculate the score. | @@ -78,37 +73,16 @@ Retrieve results for a file hash using WildFire | InfoFile.Info | string | Details of the report file. | | InfoFile.Size | number | Size of the report file. | | InfoFile.Type | string | The report file type. | +| File.FeedRelatedIndicators.value | String | Indicators that are associated with the File. | +| File.FeedRelatedIndicators.type | String | The type of the indicators that are associated with the File. | +| File.Tags | String | Tags that are associated with the File. | +| File.Behavior.details | String | File behavior details. | +| File.Behavior.action | String | File behavior action. | #### Command Example ```!file file=735bcfa56930d824f9091188eeaac2a1d68bc64a21f90a49c5ff836ed6ea723f``` -#### Context Example -```json -{ - "DBotScore": [ - { - "Indicator": "735bcfa56930d824f9091188eeaac2a1d68bc64a21f90a49c5ff836ed6ea723f", - "Score": 1, - "Type": "hash", - "Vendor": "WildFire" - }, - { - "Indicator": "735bcfa56930d824f9091188eeaac2a1d68bc64a21f90a49c5ff836ed6ea723f", - "Score": 1, - "Type": "file", - "Vendor": "WildFire" - } - ], - "WildFire": { - "Report": { - "SHA256": "735bcfa56930d824f9091188eeaac2a1d68bc64a21f90a49c5ff836ed6ea723f", - "Status": "Success" - } - } -} -``` - #### Human Readable Output >### WildFire File Report @@ -129,7 +103,12 @@ Uploads a file to WildFire for analysis. | **Argument Name** | **Description** | **Required** | | --- | --- | --- | -| upload | ID of the entry containing the file to upload. | Required | +| upload | ID of the entry containing the file to upload. | Optional | +| polling | Use XSOAR built-in polling to retrieve the result when it's ready. Possible values are: true, false. | Optional | +| interval_in_seconds | Interval in seconds between each poll. Default is 60. | Optional | +| md5 | Used for the inner polling flow, for uploading a file use the 'upload' argument instead. | Optional | +| format | Request a structured report (XML or PDF). Only relevant for when using polling=true. Possible values are: xml, pdf. Default is pdf. | Optional | +| verbose | Receive extended information from WildFire. Only relevant for when using polling=true. Possible values are: true, false. Default is false. | Optional | #### Context Output @@ -141,27 +120,43 @@ Uploads a file to WildFire for analysis. | WildFire.Report.FileType | string | The submission type. | | WildFire.Report.Size | number | The size of the submission. | | WildFire.Report.Status | string | The status of the submission. | +| File.Name | string | Name of the file. | +| File.Type | string | File type, for example: "PE" | +| File.Size | number | Size of the file. | +| File.MD5 | string | MD5 hash of the file. | +| File.SHA1 | string | SHA1 hash of the file. | +| File.SHA256 | string | SHA256 hash of the file. | +| File.Malicious.Vendor | string | For malicious files, the vendor that made the decision. | +| DBotScore.Indicator | string | The indicator that was tested. | +| DBotScore.Type | string | The indicator type. | +| DBotScore.Vendor | string | Vendor used to calculate the score. | +| DBotScore.Score | number | The actual score. | +| InfoFile.EntryID | string | The EntryID of the report file. | +| InfoFile.Extension | string | The extension of the report file. | +| InfoFile.Name | string | The name of the report file. | +| InfoFile.Info | string | Details of the report file. | +| InfoFile.Size | number | The size of the report file. | +| InfoFile.Type | string | The report file type. | +| WildFire.Report.Network.UDP.IP | string | Submission related IPs, in UDP protocol. | +| WildFire.Report.Network.UDP.Port | string | Submission related ports, in UDP protocol. | +| WildFire.Report.Network.TCP.IP | string | Submission related IPs, in TCP protocol. | +| WildFire.Report.Network.TCP.Port | string | Submission related ports, in TCP protocol. | +| WildFire.Report.Network.DNS.Query | string | Submission DNS queries. | +| WildFire.Report.Network.DNS.Response | string | Submission DNS responses. | +| WildFire.Report.Evidence.md5 | string | Submission evidence MD5 hash. | +| WildFire.Report.Evidence.Text | string | Submission evidence text. | +| WildFire.Report.detection_reasons.description | string | Reason for the detection verdict. | +| WildFire.Report.detection_reasons.name | string | Name of the detection. | +| WildFire.Report.detection_reasons.type | string | Type of the detection. | +| WildFire.Report.detection_reasons.verdict | string | Verdict of the detection. | +| WildFire.Report.detection_reasons.artifacts | unknown | Artifacts of the detection reasons. | +| WildFire.Report.iocs | unknown | Associated IOCs. | +| WildFire.Report.verdict | string | The verdict of the report. | #### Command Example ```!wildfire-upload upload=294@675f238c-ed75-4cae-83d2-02b6b820168b``` -#### Context Example -```json -{ - "WildFire": { - "Report": { - "FileType": "Jscript for WSH", - "MD5": "ccdb1053f56a2d297906746bc720ef2a", - "SHA256": "735bcfa56930d824f9091188eeaac2a1d68bc64a21f90a49c5ff836ed6ea723f", - "Size": "12", - "Status": "Pending", - "URL": null - } - } -} -``` - #### Human Readable Output >### WildFire Upload File @@ -182,7 +177,12 @@ Uploads the URL of a remote file to WildFire for analysis. | **Argument Name** | **Description** | **Required** | | --- | --- | --- | -| upload | URL of the remote file to upload. | Required | +| upload | URL of the remote file to upload. | Optional | +| url | Used for the inner polling flow, for uploading a url use the 'upload' argument instead. | Optional | +| polling | Use XSOAR built-in polling to retrieve the result when it's ready. Possible values are: true, false. | Optional | +| interval_in_seconds | Interval in seconds between each poll. Default is 60. | Optional | +| format | Request a structured report (XML or PDF). Only relevant for when using polling=true. Possible values are: xml, pdf. Default is pdf. | Optional | +| verbose | Receive extended information from WildFire. Only relevant for when using polling=true. Possible values are: true, false. Default is false. | Optional | #### Context Output @@ -193,27 +193,43 @@ Uploads the URL of a remote file to WildFire for analysis. | WildFire.Report.SHA256 | string | SHA256 hash of the submission. | | WildFire.Report.Status | string | The status of the submission. | | WildFire.Report.URL | string | URL of the submission. | +| File.Name | string | Name of the file. | +| File.Type | string | File type, for example: "PE" | +| File.Size | number | Size of the file. | +| File.MD5 | string | MD5 hash of the file. | +| File.SHA1 | string | SHA1 hash of the file. | +| File.SHA256 | string | SHA256 hash of the file. | +| File.Malicious.Vendor | string | For malicious files, the vendor that made the decision. | +| DBotScore.Indicator | string | The indicator that was tested. | +| DBotScore.Type | string | The indicator type. | +| DBotScore.Vendor | string | Vendor used to calculate the score. | +| DBotScore.Score | number | The actual score. | +| InfoFile.EntryID | string | The EntryID of the report file. | +| InfoFile.Extension | string | The extension of the report file. | +| InfoFile.Name | string | The name of the report file. | +| InfoFile.Info | string | Details of the report file. | +| InfoFile.Size | number | The size of the report file. | +| InfoFile.Type | string | The report file type. | +| WildFire.Report.Network.UDP.IP | string | Submission related IPs, in UDP protocol. | +| WildFire.Report.Network.UDP.Port | string | Submission related ports, in UDP protocol. | +| WildFire.Report.Network.TCP.IP | string | Submission related IPs, in TCP protocol. | +| WildFire.Report.Network.TCP.Port | string | Submission related ports, in TCP protocol. | +| WildFire.Report.Network.DNS.Query | string | Submission DNS queries. | +| WildFire.Report.Network.DNS.Response | string | Submission DNS responses. | +| WildFire.Report.Evidence.md5 | string | Submission evidence MD5 hash. | +| WildFire.Report.Evidence.Text | string | Submission evidence text. | +| WildFire.Report.detection_reasons.description | string | Reason for the detection verdict. | +| WildFire.Report.detection_reasons.name | string | Name of the detection. | +| WildFire.Report.detection_reasons.type | string | Type of the detection. | +| WildFire.Report.detection_reasons.verdict | string | Verdict of the detection. | +| WildFire.Report.detection_reasons.artifacts | unknown | Artifacts of the detection reasons. | +| WildFire.Report.iocs | unknown | Associated IOCs. | +| WildFire.Report.verdict | string | The verdict of the report. | #### Command Example ```!wildfire-upload-file-url upload=http://www.software995.net/bin/pdf995s.exe``` -#### Context Example -```json -{ - "WildFire": { - "Report": { - "FileType": "PE32 executable", - "MD5": "891b77e864c88881ea98be867e74177f", - "SHA256": "555092d994b8838b8fa18d59df4fdb26289d146e071e831fcf0c6851b5fb04f8", - "Size": "5958304", - "Status": "Pending", - "URL": "http://www.software995.net/bin/pdf995s.exe" - } - } -} -``` - #### Human Readable Output >### WildFire Upload File URL @@ -285,245 +301,6 @@ Retrieves results for a file hash using WildFire. #### Command Example ```!wildfire-report url=https://www.demisto.com``` -#### Context Example -```json -{ - "WildFire": { - "Report": { - "Status": "Success", - "URL": "https://www.demisto.com", - "da_packages": [ - "package--5420f34e-5eb9-499b-c6a3-5f34abd73232", - "package--36e99aa9-abc1-468a-7035-e43756ce9250" - ], - "detection_reasons": [ - { - "artifacts": [ - { - "entity_id": "malware-instance--4c958c0e-0cd1-4749-c887-a0372acfe8fc", - "package": "package--903b10d4-d6b9-4a99-f09f-576dd0b36d51", - "type": "artifact-ref" - } - ], - "description": "Known benign by a trusted source", - "name": "trusted_list", - "type": "detection-reason", - "verdict": "benign" - } - ], - "iocs": [], - "maec_packages": [ - { - "id": "package--5420f34e-5eb9-499b-c6a3-5f34abd73232", - "maec_objects": [ - { - "analysis_metadata": [ - { - "analysis_type": "combination", - "conclusion": "unknown", - "description": "Automated analysis inside a web browser", - "end_time": "2021-03-10T16:59:49.910871563Z", - "is_automated": true, - "start_time": "2021-03-10T16:58:50.614000082Z", - "tool_refs": [ - "382" - ] - } - ], - "id": "malware-instance--df22b5b9-22b5-490a-9535-4f5ba7663455", - "instance_object_refs": [ - "381" - ], - "type": "malware-instance" - } - ], - "observable_objects": { - "0": { - "type": "ipv4-addr", - "value": "1.1.1.1" - }, - "1": { - "resolves_to_refs": [ - "0" - ], - "type": "domain-name", - "value": "www.demisto.com" - }, - "10": { - "global_variable_refs": [ - "7" - ], - "is_main": true, - "observed_alert_refs": [ - "8" - ], - "request_ref": "6", - "type": "x-wf-url-page-frame", - "url_ref": "9" - }, - "100": { - "artifact_ref": "99", - "type": "x-wf-url-resource" - }, - "148": { - "extensions": { - "x-wf-content-description": { - "content_size_bytes": 86, - "sniffed_mime_type": "text/plain" - } - }, - "hashes": { - "SHA-256": "56006cc15834ed33e0e22a69039a4c8f61502a536d05986e455680456686ca52" - }, - "type": "artifact" - }, - "149": { - "dst_ref": "4", - "end": "2021-03-10T16:58:32.855999Z", - "extensions": { - "http-request-ext": { - "request_header": { - "Accept-Language": "en-US,en;q=0.9", - "Referer": "https://www.paloaltonetworks.com/cortex/xsoar", - "Sec-Fetch-Mode": "no-cors", - "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.71 Safari/537.36" - }, - "request_method": "get", - "request_value": "/apps/pan/public/singlePageReactModel?pageId=/content/pan/en_US/cortex/xsoar" - }, - "x-wf-http-response-ext": { - "message_body_data_ref": "148", - "response_code": 200, - "response_header": { - "access-control-allow-credentials": "true", - "cache-control": "max-age=0, no-cache, no-store", - "content-encoding": "gzip", - "content-length": "91", - "content-type": "application/javascript;charset=iso-8859-1", - "date": "Wed, 10 Mar 2021 16:58:32 GMT", - "expires": "Wed, 10 Mar 2021 16:58:32 GMT", - "pragma": "no-cache", - "server": "Apache", - "server-timing": "edge; dur=1, origin; dur=50, cdn-cache; desc=MISS", - "status": "200", - "strict-transport-security": "max-age=15811200", - "vary": "Accept-Encoding", - "x-content-type-options": "nosniff", - "x-frame-options": "SAMEORIGIN", - "x-robots-tag": "noindex" - } - } - }, - "protocols": [ - "ipv4", - "tcp", - "https" - ], - "type": "network-traffic" - } - - }, - "schema_version": "5.0", - "type": "package" - }, - { - "id": "package--36e99aa9-abc1-468a-7035-e43756ce9250", - "maec_objects": [ - { - "analysis_metadata": [ - { - "analysis_type": "combined", - "conclusion": "unknown", - "description": "Automated phishing analysis inside a custom web browser", - "end_time": "2021-03-10T01:20:37.126363Z", - "is_automated": true, - "tool_refs": [ - "1" - ] - } - ], - "id": "malware-instance--b9bcff27-b691-4040-55bb-a3620f2231ce", - "instance_object_refs": [ - "0" - ], - "type": "malware-instance" - } - ], - "observable_objects": { - "0": { - "type": "url", - "value": "https://www.demisto.com" - }, - "1": { - "name": "HtmlUnit v2.35", - "type": "software", - "vendor": "SourceForge Media, LLC dba Slashdot Media" - } - }, - "schema_version": "5.0", - "type": "package" - }, - { - "id": "package--903b10d4-d6b9-4a99-f09f-576dd0b36d51", - "maec_objects": [ - { - "analysis_metadata": [ - { - "analysis_type": "static", - "conclusion": "unknown", - "description": "Automated static URL analysis", - "end_time": "2021-03-10T15:43:25.604059Z", - "is_automated": true - }, - { - "analysis_type": "static", - "conclusion": "benign", - "is_automated": true - } - ], - "dynamic_features": { - "behavior_refs": [ - "behavior--77aa4e6e-d9d1-46d6-1fc7-86ec1b24cd84" - ] - }, - "id": "malware-instance--4c958c0e-0cd1-4749-c887-a0372acfe8fc", - "instance_object_refs": [ - "0" - ], - "type": "malware-instance" - }, - { - "description": "Known benign by a trusted source", - "id": "behavior--77aa4e6e-d9d1-46d6-1fc7-86ec1b24cd84", - "name": "trusted_list", - "type": "behavior" - } - ], - "observable_objects": { - "0": { - "type": "url", - "value": "https://www.demisto.com" - } - }, - "schema_version": "5.0", - "type": "package" - } - ], - "primary_malware_instances": { - "package--36e99aa9-abc1-468a-7035-e43756ce9250": "malware-instance--b9bcff27-b691-4040-55bb-a3620f2231ce", - "package--5420f34e-5eb9-499b-c6a3-5f34abd73232": "malware-instance--df22b5b9-22b5-490a-9535-4f5ba7663455", - "package--903b10d4-d6b9-4a99-f09f-576dd0b36d51": "malware-instance--4c958c0e-0cd1-4749-c887-a0372acfe8fc" - }, - "sa_package": "package--903b10d4-d6b9-4a99-f09f-576dd0b36d51", - "schema_version": "1.0", - "sha256": "288cd35401e334a2defc0b428d709f58d4ea28c8e9c6e47fdba88da2d6bc88a7", - "type": "wf-report", - "verdict": "benign" - } - } -} -``` - #### Human Readable Output >### Wildfire URL report for https://www.demisto.com @@ -564,34 +341,6 @@ Returns a verdict for a hash. #### Command Example ```!wildfire-get-verdict hash=afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc``` -#### Context Example -```json -{ - "DBotScore": [ - { - "Indicator": "afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc", - "Score": 3, - "Type": "hash", - "Vendor": "WildFire" - }, - { - "Indicator": "afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc", - "Score": 3, - "Type": "file", - "Vendor": "WildFire" - } - ], - "WildFire": { - "Verdicts": { - "MD5": "0e4e3c2d84a9bc726a50b3c91346fbb1", - "SHA256": "afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc", - "Verdict": "1", - "VerdictDescription": "malware" - } - } -} -``` - #### Human Readable Output >### WildFire Verdict @@ -649,7 +398,12 @@ Uploads a URL of a webpage to WildFire for analysis. | **Argument Name** | **Description** | **Required** | | --- | --- | --- | -| upload | URL to submit to WildFire. | Required | +| upload | URL to submit to WildFire. | Optional | +| url | Used for the inner polling flow, for uploading a url use the 'upload' argument instead. | Optional | +| polling | Use XSOAR built-in polling to retrieve the result when it's ready. Possible values are: true, false. | Optional | +| interval_in_seconds | Interval in seconds between each poll. Default is 60. | Optional | +| format | Request a structured report (XML or PDF). Only relevant for when using polling=true. Possible values are: xml, pdf. Default is pdf. | Optional | +| verbose | Receive extended information from WildFire. Only relevant for when using polling=true. Possible values are: true, false. Default is false. | Optional | #### Context Output @@ -660,25 +414,43 @@ Uploads a URL of a webpage to WildFire for analysis. | WildFire.Report.SHA256 | string | SHA256 of the submission. | | WildFire.Report.Status | string | The status of the submission. | | WildFire.Report.URL | string | URL of the submission. | +| File.Name | string | Name of the file. | +| File.Type | string | File type, for example: "PE" | +| File.Size | number | Size of the file. | +| File.MD5 | string | MD5 hash of the file. | +| File.SHA1 | string | SHA1 hash of the file. | +| File.SHA256 | string | SHA256 hash of the file. | +| File.Malicious.Vendor | string | For malicious files, the vendor that made the decision. | +| DBotScore.Indicator | string | The indicator that was tested. | +| DBotScore.Type | string | The indicator type. | +| DBotScore.Vendor | string | Vendor used to calculate the score. | +| DBotScore.Score | number | The actual score. | +| InfoFile.EntryID | string | The EntryID of the report file. | +| InfoFile.Extension | string | The extension of the report file. | +| InfoFile.Name | string | The name of the report file. | +| InfoFile.Info | string | Details of the report file. | +| InfoFile.Size | number | The size of the report file. | +| InfoFile.Type | string | The report file type. | +| WildFire.Report.Network.UDP.IP | string | Submission related IPs, in UDP protocol. | +| WildFire.Report.Network.UDP.Port | string | Submission related ports, in UDP protocol. | +| WildFire.Report.Network.TCP.IP | string | Submission related IPs, in TCP protocol. | +| WildFire.Report.Network.TCP.Port | string | Submission related ports, in TCP protocol. | +| WildFire.Report.Network.DNS.Query | string | Submission DNS queries. | +| WildFire.Report.Network.DNS.Response | string | Submission DNS responses. | +| WildFire.Report.Evidence.md5 | string | Submission evidence MD5 hash. | +| WildFire.Report.Evidence.Text | string | Submission evidence text. | +| WildFire.Report.detection_reasons.description | string | Reason for the detection verdict. | +| WildFire.Report.detection_reasons.name | string | Name of the detection. | +| WildFire.Report.detection_reasons.type | string | Type of the detection. | +| WildFire.Report.detection_reasons.verdict | string | Verdict of the detection. | +| WildFire.Report.detection_reasons.artifacts | unknown | Artifacts of the detection reasons. | +| WildFire.Report.iocs | unknown | Associated IOCs. | +| WildFire.Report.verdict | string | The verdict of the report. | #### Command Example ```!wildfire-upload-url upload=https://www.demisto.com``` -#### Context Example -```json -{ - "WildFire": { - "Report": { - "MD5": "67632f32e6af123aa8ffd1fe8765a783", - "SHA256": "c51a8231d1be07a2545ac99e86a25c5d68f88380b7ebf7ac91501661e6d678bb", - "Status": "Pending", - "URL": "https://www.demisto.com" - } - } -} -``` - #### Human Readable Output >### WildFire Upload URL @@ -710,27 +482,10 @@ There is no context output for this command. #### Command Example ```!wildfire-get-sample sha256=afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc``` -#### Context Example -```json -{ - "File": { - "EntryID": "318@675f238c-ed75-4cae-83d2-02b6b820168b", - "Extension": "xls", - "Info": "application/vnd.ms-excel", - "MD5": "0e4e3c2d84a9bc726a50b3c91346fbb1", - "Name": "afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc.xls", - "SHA1": "52eb16966670b76f8728fda28c48bc6c49f20e07", - "SHA256": "afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc", - "SHA512": "4634c1e7ae6526527167682a8b5f0aa6d0e5a17c7bd3b8ee6ac81b9f306577e543a89afbcbfe2a5a6178e7225fe35aa01a49ab814dc5d4917b2312787bb3c165", - "SSDeep": "1536:zeeeqopd5TCMWNo/QXo3VjgvRjha2wnLW8W:odpCMW6QIFAf8W", - "Size": 86016, - "Type": "Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.2, Code page: 936, Name of Creating Application: Microsoft Excel, Create Time/Date: Tue Dec 17 01:32:42 1996, Last Saved Time/Date: Mon May 11 03:39:41 2009, Security: 0" - } -} -``` - #### Human Readable Output +There is no human-readable output for this command. + ### wildfire-get-url-webartifacts @@ -753,30 +508,19 @@ Get web artifacts for a URL webpage. An empty tgz will be returned, no matter wh | **Path** | **Type** | **Description** | | --- | --- | --- | -| InfoFile.EntryID | Unknown | The EntryID of the webartifacts. | +| InfoFile.EntryID | String | The EntryID of the webartifacts. | | InfoFile.Extension | string | Extension of the webartifacts. | | InfoFile.Name | string | Name of the webartifacts. | | InfoFile.Info | string | Details of the webartifacts. | | InfoFile.Size | number | Size of the webartifacts. | | InfoFile.Type | string | The webartifacts file type. | + #### Command Example ```!wildfire-get-url-webartifacts url=http://royalmail-login.com``` -#### Context Example -```json -{ - "InfoFile": { - "EntryID": "326@675f238c-ed75-4cae-83d2-02b6b820168b", - "Extension": "tgz", - "Info": "tgz", - "Name": "http://royalmail-login.com_webartifacts.tgz", - "Size": 619775, - "Type": "gzip compressed data, original size modulo 2^32 1828864" - } -} -``` - #### Human Readable Output +There is no human-readable output for this command. + diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/expected_outputs_upload_url_success.json b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/expected_outputs_upload_url_success.json new file mode 100644 index 000000000000..a1d1515eed9a --- /dev/null +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/expected_outputs_upload_url_success.json @@ -0,0 +1,126 @@ +{ + "da_packages": [ + "package--19a68e1d-2594-4184-b69d-81af2877a4ce" + ], + "detection_reasons": [ + { + "artifacts": [ + { + "entity_id": "malware-instance--ea309560-a4f5-4488-3686-fe10b552ce31", + "package": "package--28379977-652c-4811-816e-203d0ea98258", + "type": "artifact-ref" + } + ], + "description": "Known benign by a trusted source", + "name": "trusted_list", + "type": "detection-reason", + "verdict": "benign" + } + ], + "iocs": [], + "maec_packages": [ + { + "id": "package--19a68e1d-2594-4184-b69d-81af2877a4ce", + "maec_objects": [ + { + "analysis_metadata": [ + { + "analysis_type": "combined", + "conclusion": "unknown", + "description": "Automated phishing analysis inside a custom web browser", + "end_time": "2021-07-26T19:44:07.208930Z", + "is_automated": "True", + "tool_refs": [ + "1" + ] + } + ], + "id": "malware-instance--ef824738-0fd3-4994-3fee-d07ef0125704", + "instance_object_refs": [ + "0" + ], + "type": "malware-instance" + } + ], + "observable_objects": { + "0": { + "type": "url", + "value": "http://www.google.com/" + }, + "1": { + "name": "HtmlUnit v2.35", + "type": "software", + "vendor": "SourceForge Media, LLC dba Slashdot Media" + } + }, + "schema_version": "5.0", + "type": "package" + }, + { + "id": "package--28379977-652c-4811-816e-203d0ea98258", + "maec_objects": [ + { + "attributes": { + "reason": "url or hostname in no-crawl list" + }, + "description": "Dynamic analysis was restricted", + "id": "behavior--b337ee1f-8923-45d8-9c3e-39ce2964ded4", + "name": "no_crawl", + "type": "behavior" + }, + { + "analysis_metadata": [ + { + "analysis_type": "static", + "conclusion": "unknown", + "description": "Automated static URL analysis", + "end_time": "2021-07-27T08:12:16.578008Z", + "is_automated": "True" + }, + { + "analysis_type": "static", + "conclusion": "benign", + "is_automated": "True" + } + ], + "dynamic_features": { + "behavior_refs": [ + "behavior--b337ee1f-8923-45d8-9c3e-39ce2964ded4", + "behavior--229cbcd6-9717-4c0e-ba9b-47f6f835cfcc" + ] + }, + "id": "malware-instance--ea309560-a4f5-4488-3686-fe10b552ce31", + "instance_object_refs": [ + "0" + ], + "type": "malware-instance" + }, + { + "description": "Known benign by a trusted source", + "id": "behavior--229cbcd6-9717-4c0e-ba9b-47f6f835cfcc", + "name": "trusted_list", + "type": "behavior" + } + ], + "observable_objects": { + "0": { + "type": "url", + "value": "http://www.google.com/" + } + }, + "schema_version": "5.0", + "type": "package" + } + ], + "primary_malware_instances": { + "package--19a68e1d-2594-4184-b69d-81af2877a4ce": "malware-instance--ef824738-0fd3-4994-3fee-d07ef0125704", + "package--28379977-652c-4811-816e-203d0ea98258": "malware-instance--ea309560-a4f5-4488-3686-fe10b552ce31" + }, + "sa_package": "package--28379977-652c-4811-816e-203d0ea98258", + "schema_version": "1.0", + "sha256": "191347bfe55d0ca9a574db77bc8648275ce258461450e793528e0cc6d2dcf8f5", + "type": "wf-report", + "verdict": "benign", + "URL": "www.google.com", + "Status": "Success" +} \ No newline at end of file diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_pending.json b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_pending.json new file mode 100644 index 000000000000..98f51892caaf --- /dev/null +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_pending.json @@ -0,0 +1 @@ +{"success": "True", "result": {"analysis_time": "", "report": "", "url_type": ""}} \ No newline at end of file diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_success.json b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_success.json new file mode 100644 index 000000000000..a20b2de14d69 --- /dev/null +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/report_url_response_success.json @@ -0,0 +1,127 @@ +{"success": "True", "result": + { + "analysis_time": "2021-07-26T20:12:35Z", + "url_type": "original", + "report":{ + "da_packages": ["package--19a68e1d-2594-4184-b69d-81af2877a4ce"], + "detection_reasons": [ + { + "artifacts": [ + { + "entity_id": "malware-instance--ea309560-a4f5-4488-3686-fe10b552ce31", + "package": "package--28379977-652c-4811-816e-203d0ea98258", + "type": "artifact-ref" + } + ], + "description": "Known benign by a trusted source", + "name": "trusted_list", + "type": "detection-reason", + "verdict": "benign" + } + ], + "iocs": [], + "maec_packages": [ + { + "id": "package--19a68e1d-2594-4184-b69d-81af2877a4ce", + "maec_objects": [ + { + "analysis_metadata": [ + { + "analysis_type": "combined", + "conclusion": "unknown", + "description": "Automated phishing analysis inside a custom web browser", + "end_time": "2021-07-26T19:44:07.208930Z", + "is_automated": true, + "tool_refs": [ + "1" + ] + } + ], + "id": "malware-instance--ef824738-0fd3-4994-3fee-d07ef0125704", + "instance_object_refs": [ + "0" + ], + "type": "malware-instance" + } + ], + "observable_objects": { + "0": { + "type": "url", + "value": "http://www.google.com/" + }, + "1": { + "name": "HtmlUnit v2.35", + "type": "software", + "vendor": "SourceForge Media, LLC dba Slashdot Media" + } + }, + "schema_version": "5.0", + "type": "package" + }, + { + "id": "package--28379977-652c-4811-816e-203d0ea98258", + "maec_objects": [ + { + "attributes": { + "reason": "url or hostname in no-crawl list" + }, + "description": "Dynamic analysis was restricted", + "id": "behavior--b337ee1f-8923-45d8-9c3e-39ce2964ded4", + "name": "no_crawl", + "type": "behavior" + }, + { + "analysis_metadata": [ + { + "analysis_type": "static", + "conclusion": "unknown", + "description": "Automated static URL analysis", + "end_time": "2021-07-27T08:12:16.578008Z", + "is_automated": true + }, + { + "analysis_type": "static", + "conclusion": "benign", + "is_automated": true + } + ], + "dynamic_features": { + "behavior_refs": [ + "behavior--b337ee1f-8923-45d8-9c3e-39ce2964ded4", + "behavior--229cbcd6-9717-4c0e-ba9b-47f6f835cfcc" + ] + }, + "id": "malware-instance--ea309560-a4f5-4488-3686-fe10b552ce31", + "instance_object_refs": [ + "0" + ], + "type": "malware-instance" + }, + { + "description": "Known benign by a trusted source", + "id": "behavior--229cbcd6-9717-4c0e-ba9b-47f6f835cfcc", + "name": "trusted_list", + "type": "behavior" + } + ], + "observable_objects": { + "0": { + "type": "url", + "value": "http://www.google.com/" + } + }, + "schema_version": "5.0", + "type": "package" + } + ], + "primary_malware_instances": { + "package--19a68e1d-2594-4184-b69d-81af2877a4ce": "malware-instance--ef824738-0fd3-4994-3fee-d07ef0125704", + "package--28379977-652c-4811-816e-203d0ea98258": "malware-instance--ea309560-a4f5-4488-3686-fe10b552ce31" + }, + "sa_package": "package--28379977-652c-4811-816e-203d0ea98258", + "schema_version": "1.0", + "sha256": "191347bfe55d0ca9a574db77bc8648275ce258461450e793528e0cc6d2dcf8f5", + "type": "wf-report", + "verdict": "benign" + }, + "url_type": "original"}} \ No newline at end of file diff --git a/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/upload_url_response.json b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/upload_url_response.json new file mode 100644 index 000000000000..04c318f352e4 --- /dev/null +++ b/Packs/Palo_Alto_Networks_WildFire/Integrations/Palo_Alto_Networks_WildFire_v2/tests_data/upload_url_response.json @@ -0,0 +1,9 @@ +{ + "wildfire": { + "submit-link-info": { + "url": "http://www.google.com", + "sha256": "253d142703041dd25197550a0fc11d6ac03befc1e64a1320009f1edf400c39ad", + "md5": "ed646a3334ca891fd3467db131372140" + } + } +} \ No newline at end of file diff --git a/Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/1_4_0.md b/Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/1_4_0.md new file mode 100644 index 000000000000..fed4ac7095bd --- /dev/null +++ b/Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/1_4_0.md @@ -0,0 +1,10 @@ + +#### Integrations +##### Palo Alto Networks WildFire v2 +Added the *polling* argument to the following commands: +- ***wildfire-upload*** +- ***wildfire-upload-url*** +- ***wildfire-upload-file-remote*** +- ***wildfire-upload-file-url*** +When *polling* is set to true, the command will try to return the results. +The *polling* argument enables users to search WildFire using a single command, that doesn't require **GenericPolling Playbook**. diff --git a/Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test.yml b/Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test.yml index 318bc9db51fc..699c6f26acbd 100644 --- a/Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test.yml +++ b/Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test.yml @@ -1644,3 +1644,4 @@ view: |- inputs: [] outputs: [] fromversion: 5.0.0 +toversion: 6.1.9 \ No newline at end of file diff --git a/Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test_With_Polling.yml b/Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test_With_Polling.yml new file mode 100644 index 000000000000..c8ef9391953c --- /dev/null +++ b/Packs/Palo_Alto_Networks_WildFire/TestPlaybooks/playbook-Wildfire_Test_With_Polling.yml @@ -0,0 +1,1775 @@ +id: Wildfire Test With Polling +version: -1 +name: Wildfire Test With Polling +description: |- + A test playbook for Wild Fire. + Does not test the deprecated detonate commands. +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 3d5a7840-2f87-47f2-8f1c-1d595b89f105 + type: start + task: + id: 3d5a7840-2f87-47f2-8f1c-1d595b89f105 + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "10" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "6": + id: "6" + taskid: b6c02432-a3ed-47ca-85a4-161aab5e5016 + type: regular + task: + id: b6c02432-a3ed-47ca-85a4-161aab5e5016 + version: -1 + name: wildfire-upload-file-url + description: Upload a URL of remote file to WildFire for analysis + script: '|||wildfire-upload-file-url' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "7" + scriptarguments: + upload: + simple: http://www.pdf995.com/samples/pdf.pdf + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "7": + id: "7" + taskid: ac75c3be-ccd4-4708-8636-70927225756b + type: regular + task: + id: ac75c3be-ccd4-4708-8636-70927225756b + version: -1 + name: wildfire-report + description: Retrieve results for a file hash using WildFire + script: '|||wildfire-report' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "9" + scriptarguments: + hash: + simple: ebb031c3945e884e695dbc63c52a5efcd075375046c49729980073585ee13c52 + verbose: + simple: "true" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "9": + id: "9" + taskid: dd8ae0a5-39c5-4903-84f5-7634af18066e + type: condition + task: + id: dd8ae0a5-39c5-4903-84f5-7634af18066e + version: -1 + name: test wildfire-report + description: Verifies context + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "53" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualNumber + left: + value: + complex: + root: DBotScore + accessor: Score + iscontext: true + right: + value: + simple: "1" + view: |- + { + "position": { + "x": 265, + "y": 720 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "10": + id: "10" + taskid: 594ba7dc-6492-46e7-8eac-8737570e4c38 + type: regular + task: + id: 594ba7dc-6492-46e7-8eac-8737570e4c38 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "6" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "13": + id: "13" + taskid: f0449e5a-7e50-4ce7-8fc7-9d193d32accf + type: regular + task: + id: f0449e5a-7e50-4ce7-8fc7-9d193d32accf + version: -1 + name: wildfire-upload + description: Upload file to WildFire for analysis. + script: '|||wildfire-upload' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "18" + scriptarguments: + upload: + simple: ${InfoFile.EntryID} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 1245 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "15": + id: "15" + taskid: 24df2aee-7e09-4b53-8d20-229166f1fd46 + type: regular + task: + id: 24df2aee-7e09-4b53-8d20-229166f1fd46 + version: -1 + name: wildfire-report + description: Retrieve results for a file hash using WildFire + script: '|||wildfire-report' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "20" + scriptarguments: + format: + simple: xml + hash: + complex: + root: WildFire + accessor: Report.SHA256 + verbose: + simple: "true" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 1595 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "17": + id: "17" + taskid: 03590a46-09fc-4e91-83df-54329befac49 + type: title + task: + id: 03590a46-09fc-4e91-83df-54329befac49 + version: -1 + name: Done + type: title + iscommand: false + brand: "" + description: '' + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 7895 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "18": + id: "18" + taskid: 3cba9964-61e7-4915-83ee-25315e2a0651 + type: condition + task: + id: 3cba9964-61e7-4915-83ee-25315e2a0651 + version: -1 + name: Search for hashes for report download + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "15" + "yes": + - "19" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isExists + left: + value: + complex: + root: WildFire + accessor: Report.SHA256 + transformers: + - operator: atIndex + args: + index: + value: + simple: "0" + iscontext: true + view: |- + { + "position": { + "x": 265, + "y": 1420 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "19": + id: "19" + taskid: 5cc21618-cee0-4f5f-846d-379406adab7b + type: regular + task: + id: 5cc21618-cee0-4f5f-846d-379406adab7b + version: -1 + name: wildfire-report + description: Retrieve results for a file hash using WildFire + script: '|||wildfire-report' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "20" + scriptarguments: + hash: + complex: + root: WildFire + accessor: Report.SHA256 + transformers: + - operator: atIndex + args: + index: + value: + simple: "0" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 1595 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "20": + id: "20" + taskid: 24754380-5dd7-441c-8fcc-3601bdea6b68 + type: regular + task: + id: 24754380-5dd7-441c-8fcc-3601bdea6b68 + version: -1 + name: wildfire-report - no network data + description: Retrieve results for a file hash using WildFire + script: '|||wildfire-report' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "41" + scriptarguments: + format: + simple: xml + hash: + simple: bf31789a028bfbc44e5c1ae05d8e412dd521bedc7f0c7ec6df3dc4078210a25e + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 1770 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "21": + id: "21" + taskid: bfa997ee-eaee-479b-875c-904bf7291261 + type: regular + task: + id: bfa997ee-eaee-479b-875c-904bf7291261 + version: -1 + name: http download test data file + description: Sends http request. Returns the response as json. + scriptName: http + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "22" + scriptarguments: + filename: + simple: my_verdicts + method: + simple: GET + saveAsFile: + simple: "yes" + url: + simple: https://raw.githubusercontent.com/demisto/content/master/TestData/verdicts_for_wildfire_test_pb.txt + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 3520 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "22": + id: "22" + taskid: f27575b3-eeca-4765-88e2-fe3a2e707e1e + type: regular + task: + id: f27575b3-eeca-4765-88e2-fe3a2e707e1e + version: -1 + name: wildfire-get-verdicts + description: Get a verdict regarding multiple hashes + script: '|||wildfire-get-verdicts' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "24" + scriptarguments: + EntryID: + simple: ${File.EntryID} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 3695 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "23": + id: "23" + taskid: 24f9b182-904e-4d49-819d-54388d5a27fe + type: regular + task: + id: 24f9b182-904e-4d49-819d-54388d5a27fe + version: -1 + name: Delete Context + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "21" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 3345 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "24": + id: "24" + taskid: 33a8076d-f1de-4949-8be4-5631feabe6d4 + type: condition + task: + id: 33a8076d-f1de-4949-8be4-5631feabe6d4 + version: -1 + name: test wildfire-get-verdicts + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "30" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isExists + left: + value: + complex: + root: WildFire + accessor: Verdicts + iscontext: true + view: |- + { + "position": { + "x": 265, + "y": 3870 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "25": + id: "25" + taskid: fae3c455-bb09-4044-8e2c-735382a80e94 + type: regular + task: + id: fae3c455-bb09-4044-8e2c-735382a80e94 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "56" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 2120 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "26": + id: "26" + taskid: 5d8833e1-5fa3-4326-81d9-f9e70247d4aa + type: regular + task: + id: 5d8833e1-5fa3-4326-81d9-f9e70247d4aa + version: -1 + name: wildfire-get-verdict + description: Get a verdict regarding a hash + script: '|||wildfire-get-verdict' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "27" + scriptarguments: + hash: + simple: afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 2995 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "27": + id: "27" + taskid: 52a84bab-ab88-4d12-8fff-33c2241eada9 + type: condition + task: + id: 52a84bab-ab88-4d12-8fff-33c2241eada9 + version: -1 + name: test wildfire-get-verdict + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "23" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualNumber + left: + value: + complex: + root: DBotScore + accessor: Score + iscontext: true + right: + value: + simple: "3" + view: |- + { + "position": { + "x": 265, + "y": 3170 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "28": + id: "28" + taskid: dbead002-c565-4a4f-8dff-2933290dd096 + type: regular + task: + id: dbead002-c565-4a4f-8dff-2933290dd096 + version: -1 + name: file - with sha1 value in the argument file + description: Retrieve results for a file hash using WildFire + script: WildFire-v2|||file + type: regular + iscommand: true + brand: WildFire-v2 + nexttasks: + '#none#': + - "29" + scriptarguments: + file: + simple: a31986a65068af86dbfeddad3e63e05f759b2b32 + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 4220 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "29": + id: "29" + taskid: 0dd8f500-8da2-4bbe-891a-71f928165508 + type: regular + task: + id: 0dd8f500-8da2-4bbe-891a-71f928165508 + version: -1 + name: commentsToContext + description: "Takes the comments of a given entry ID and stores them in the\ + \ incident context, under a provided context key. \nFor accessing the last\ + \ executed task's comments, provide ${lastCompletedTaskEntries.[0]} as the\ + \ value for the entryId input parameter." + scriptName: commentsToContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "31" + scriptarguments: + contextKey: + simple: checkFile + entryId: + simple: ${lastCompletedTaskEntries.[0]} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 4395 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "30": + id: "30" + taskid: 229b494f-9062-4fc3-899a-42da706436d7 + type: regular + task: + id: 229b494f-9062-4fc3-899a-42da706436d7 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "28" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 4045 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "31": + id: "31" + taskid: 7e81e70a-b285-48bd-8d23-476ad7f5db47 + type: condition + task: + id: 7e81e70a-b285-48bd-8d23-476ad7f5db47 + version: -1 + name: test file with sha1 input + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "32" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: containsString + left: + value: + simple: checkFile + iscontext: true + right: + value: + simple: WildFire file hash reputation supports only MD5, SHA256 + view: |- + { + "position": { + "x": 265, + "y": 4570 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "32": + id: "32" + taskid: 2c07c60b-f1b1-4d2c-8716-d66f55df3343 + type: regular + task: + id: 2c07c60b-f1b1-4d2c-8716-d66f55df3343 + version: -1 + name: file_command_enrichment_test_script_helper + scriptName: file_command_enrichment_test_script_helper + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "33" + reputationcalc: 2 + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 4745 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "33": + id: "33" + taskid: b972ef7e-21c8-468c-82b9-35c488d0d7ca + type: condition + task: + id: b972ef7e-21c8-468c-82b9-35c488d0d7ca + version: -1 + name: Test enrichment of md5 or sha 256 does exist + description: Test enrichment of md5 or sha 256 does exist + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "34" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + complex: + root: DBotScore + filters: + - - operator: stringHasLength + left: + value: + simple: DBotScore.Indicator + iscontext: true + right: + value: + simple: "32" + accessor: Indicator + transformers: + - operator: uniq + iscontext: true + right: + value: + simple: 8cbf90aeab2c93b2819fcfd6262b2cdb + - operator: isEqualString + left: + value: + complex: + root: DBotScore + filters: + - - operator: stringHasLength + left: + value: + simple: DBotScore.Indicator + iscontext: true + right: + value: + simple: "64" + accessor: Indicator + transformers: + - operator: uniq + iscontext: true + right: + value: + simple: fa5953e0c34a4bbf69ac31f3a1360024101c1232bb45cccaad3611b682c92387 + view: |- + { + "position": { + "x": 265, + "y": 4920 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "34": + id: "34" + taskid: a96a40fc-43bb-45ae-8e68-202c306082d8 + type: condition + task: + id: a96a40fc-43bb-45ae-8e68-202c306082d8 + version: -1 + name: Test enrichment of sha1 does not exist + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "35" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotExists + left: + value: + complex: + root: DBotScore + filters: + - - operator: isEqualString + left: + value: + simple: DBotScore.Indicator + iscontext: true + right: + value: + simple: 74eb807ea392650562b43a0e326e5d14b86f43ce + - - operator: isEqualString + left: + value: + simple: DBotScore.Vendor + iscontext: true + right: + value: + simple: WildFire + iscontext: true + view: |- + { + "position": { + "x": 265, + "y": 5095 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "35": + id: "35" + taskid: 0205e6ed-649e-446f-88b4-677ddba3cc40 + type: regular + task: + id: 0205e6ed-649e-446f-88b4-677ddba3cc40 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "36" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 5270 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "36": + id: "36" + taskid: 479b58cf-583a-4e5b-88f6-1b28668404d1 + type: regular + task: + id: 479b58cf-583a-4e5b-88f6-1b28668404d1 + version: -1 + name: wildfire-get-sample + description: Retrieve a sample from WildFire + script: '|||wildfire-get-sample' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "37" + scriptarguments: + md5: + simple: 0e4e3c2d84a9bc726a50b3c91346fbb1 + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 5445 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "37": + id: "37" + taskid: 4e7222c4-88bd-4a25-8a25-d4b9f7dfd6ae + type: condition + task: + id: 4e7222c4-88bd-4a25-8a25-d4b9f7dfd6ae + version: -1 + name: Test wildfire-get-sample + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "38" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: containsString + left: + value: + complex: + root: File + accessor: Name + iscontext: true + right: + value: + simple: afe6b95ad95bc689c356f34ec8d9094c495e4af57c932ac413b65ef132063acc.xls + view: |- + { + "position": { + "x": 265, + "y": 5620 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "38": + id: "38" + taskid: ccfcef45-fca9-4e3a-855e-dae624499339 + type: regular + task: + id: ccfcef45-fca9-4e3a-855e-dae624499339 + version: -1 + name: wildfire-get-sample benign + description: Retrieve a sample + script: '|||wildfire-get-sample' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "39" + scriptarguments: + sha256: + simple: 4b4f3e336514eedf8c8a1f9d929b97e42921f757056eb640706bd17e096ddad0 + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 5795 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "39": + id: "39" + taskid: 662a3337-4f73-428c-8aaa-c3cd38bc3d1e + type: regular + task: + id: 662a3337-4f73-428c-8aaa-c3cd38bc3d1e + version: -1 + name: comments to context + description: "Takes the comments of a given entry ID and stores them in the\ + \ incident context, under a provided context key. \nFor accessing the last\ + \ executed task's comments, provide ${lastCompletedTaskEntries.[0]} as the\ + \ value for the entryId input parameter." + scriptName: commentsToContext + type: regular + iscommand: false + brand: Builtin + nexttasks: + '#none#': + - "40" + scriptarguments: + contextKey: + simple: benignSample + entryId: + simple: ${lastCompletedTaskEntries.[0]} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 5970 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "40": + id: "40" + taskid: a427daea-2f7d-4fa4-8e25-bb099c277f1a + type: condition + task: + id: a427daea-2f7d-4fa4-8e25-bb099c277f1a + version: -1 + name: info message of sample not found + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "42" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: containsString + left: + value: + complex: + root: benignSample + iscontext: true + right: + value: + simple: Sample was not found. + view: |- + { + "position": { + "x": 265, + "y": 6145 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "41": + id: "41" + taskid: 255ec039-688c-4613-8ae0-c6077087a692 + type: regular + task: + id: 255ec039-688c-4613-8ae0-c6077087a692 + version: -1 + name: file - no network data + description: Retrieve results for a file hash using WildFire + script: WildFire-v2|||file + type: regular + iscommand: true + brand: WildFire-v2 + nexttasks: + '#none#': + - "25" + scriptarguments: + file: + simple: 458464b0d08e76020f65f0c5fe8cfb4259dfb39161c1ed8d7fcb164ce49ab50c + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 1945 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "42": + id: "42" + taskid: 42a32ed5-9bfe-4c3d-83f5-53e4fddb27a7 + type: regular + task: + id: 42a32ed5-9bfe-4c3d-83f5-53e4fddb27a7 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "47" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 6320 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "47": + id: "47" + taskid: 08ac2297-3b52-48e5-8e09-5c4c0425c078 + type: regular + task: + id: 08ac2297-3b52-48e5-8e09-5c4c0425c078 + version: -1 + name: file - with no report found + description: Retrieve results for a file hash using WildFire + script: WildFire-v2|||file + type: regular + iscommand: true + brand: WildFire-v2 + nexttasks: + '#none#': + - "48" + scriptarguments: + sha256: + simple: 684d9d89b9de8178dcd80b7b4d018103 + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 6495 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "48": + id: "48" + taskid: 3904edc0-336f-431d-8286-98b2abeecc5d + type: condition + task: + id: 3904edc0-336f-431d-8286-98b2abeecc5d + version: -1 + name: Check outputs + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "51" + "yes": + - "50" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: DBotScore.Score + iscontext: true + right: + value: + simple: "0" + - - operator: isEqualString + left: + value: + simple: DBotScore.Indicator + iscontext: true + right: + value: + simple: 684d9d89b9de8178dcd80b7b4d018103 + - - operator: isEqualString + left: + value: + simple: WildFire.Report.Status + iscontext: true + right: + value: + simple: NotFound + view: |- + { + "position": { + "x": 265, + "y": 6670 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "49": + id: "49" + taskid: 6ef63f6d-b2d3-42e0-8687-102340cc9f88 + type: regular + task: + id: 6ef63f6d-b2d3-42e0-8687-102340cc9f88 + version: -1 + name: FileCreateAndUpload - js file + description: | + Will create a file (using the given data input or entry ID) and upload it to current investigation war room. + scriptName: FileCreateAndUpload + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "52" + scriptarguments: + data: + simple: var a='b'; + filename: + simple: test.js + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 7020 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "50": + id: "50" + taskid: dd98f91e-cf45-4283-802a-5707aae5bd02 + type: regular + task: + id: dd98f91e-cf45-4283-802a-5707aae5bd02 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "49" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 6845 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "51": + id: "51" + taskid: 76a01211-2522-49aa-84f7-7d90f8eb1e0c + type: regular + task: + id: 76a01211-2522-49aa-84f7-7d90f8eb1e0c + version: -1 + name: Check outputs failed + description: Prints an error entry with a given message + scriptName: PrintErrorEntry + type: regular + iscommand: false + brand: "" + scriptarguments: + message: + simple: file with no report produced an unexpected message. + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 6845 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "52": + id: "52" + taskid: b8eff081-8008-4d78-811a-5868aa806b42 + type: regular + task: + id: b8eff081-8008-4d78-811a-5868aa806b42 + version: -1 + name: wildfire-upload js file + description: Uploads a file to WildFire for analysis. + script: '|||wildfire-upload' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "62" + scriptarguments: + upload: + complex: + root: File + accessor: EntryID + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 7195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "53": + id: "53" + taskid: 7ad262c9-b8f9-4e88-8e34-9a58d853cc4b + type: regular + task: + id: 7ad262c9-b8f9-4e88-8e34-9a58d853cc4b + version: -1 + name: wildfire-upload-file-url with polling + description: Uploads the URL of a remote file to WildFire for analysis. + script: WildFire-v2|||wildfire-upload-file-url + type: regular + iscommand: true + brand: WildFire-v2 + nexttasks: + '#none#': + - "54" + scriptarguments: + polling: + simple: "true" + upload: + simple: http://www.pdf995.com/samples/pdf.pdf + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 895 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "54": + id: "54" + taskid: 2b13cbbf-8bc2-4c7f-8228-022fe42a38ca + type: condition + task: + id: 2b13cbbf-8bc2-4c7f-8228-022fe42a38ca + version: -1 + name: test wildfire-upload-file-url with polling + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "13" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isExists + left: + value: + simple: WildFire.Report.SHA256 + iscontext: true + - - operator: isExists + left: + value: + simple: WildFire.Report.Status + iscontext: true + - - operator: isEqualString + left: + value: + simple: DBotScore.Score + iscontext: true + right: + value: + simple: "1" + view: |- + { + "position": { + "x": 265, + "y": 1070 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "56": + id: "56" + taskid: fd8b7a43-f156-437a-8fe4-45b886c362d2 + type: regular + task: + id: fd8b7a43-f156-437a-8fe4-45b886c362d2 + version: -1 + name: Create File + description: Sends http request. Returns the response as json. + scriptName: http + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "57" + scriptarguments: + method: + simple: GET + saveAsFile: + simple: "yes" + url: + simple: https://raw.githubusercontent.com/demisto/content/master/TestData/pdfworking.pdf + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 2295 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "57": + id: "57" + taskid: ca6646ae-025e-4463-841e-c5ef5434bb7b + type: regular + task: + id: ca6646ae-025e-4463-841e-c5ef5434bb7b + version: -1 + name: wildfire-upload with polling + description: Uploads a file to WildFire for analysis. + script: WildFire-v2|||wildfire-upload + type: regular + iscommand: true + brand: WildFire-v2 + nexttasks: + '#none#': + - "58" + scriptarguments: + polling: + simple: "true" + upload: + simple: ${File.EntryID} + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 2470 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "58": + id: "58" + taskid: 18ff4946-b202-42c6-8bef-44e029e8c809 + type: condition + task: + id: 18ff4946-b202-42c6-8bef-44e029e8c809 + version: -1 + name: test wildfire-upload-file-url with polling + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "59" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isExists + left: + value: + simple: WildFire.Report.SHA256 + iscontext: true + - - operator: isExists + left: + value: + simple: WildFire.Report.Status + iscontext: true + - - operator: isEqualString + left: + value: + simple: DBotScore.Score + iscontext: true + right: + value: + simple: "1" + view: |- + { + "position": { + "x": 265, + "y": 2645 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "59": + id: "59" + taskid: 35ea01b2-28dc-4103-8be9-fd2a6886ea5f + type: regular + task: + id: 35ea01b2-28dc-4103-8be9-fd2a6886ea5f + version: -1 + name: Delete Context + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "26" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 265, + "y": 2820 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "60": + id: "60" + taskid: 3bd7a809-1a50-4732-8dc4-e4df6abfd7e0 + type: regular + task: + id: 3bd7a809-1a50-4732-8dc4-e4df6abfd7e0 + version: -1 + name: wildfire-upload-url with polling + description: Uploads a URL of a webpage to WildFire for analysis. + script: WildFire-v2|||wildfire-upload-url + type: regular + iscommand: true + brand: WildFire-v2 + nexttasks: + '#none#': + - "61" + scriptarguments: + polling: + simple: "true" + upload: + simple: http://www.pdf995.com/samples/pdf + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 7545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "61": + id: "61" + taskid: bb2ed83a-862f-47ea-85fd-ab8eacdb9cd5 + type: condition + task: + id: bb2ed83a-862f-47ea-85fd-ab8eacdb9cd5 + version: -1 + name: test wildfire-upload-file-url with polling + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "17" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isExists + left: + value: + simple: WildFire.Report.Status + iscontext: true + - - operator: isExists + left: + value: + simple: WildFire.Report.URL + iscontext: true + view: |- + { + "position": { + "x": 50, + "y": 7720 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "62": + id: "62" + taskid: fe9d67be-5a70-4e25-8c13-5e5354e717b2 + type: regular + task: + id: fe9d67be-5a70-4e25-8c13-5e5354e717b2 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "60" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 7370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": { + "31_32_yes": 0.9, + "40_42_yes": 0.85 + }, + "paper": { + "dimensions": { + "height": 7910, + "width": 810, + "x": 50, + "y": 50 + } + } + } +inputs: [] +outputs: [] +fromversion: 6.2.0 diff --git a/Packs/Palo_Alto_Networks_WildFire/pack_metadata.json b/Packs/Palo_Alto_Networks_WildFire/pack_metadata.json index 8650e93f8c83..87a713fa2ddc 100644 --- a/Packs/Palo_Alto_Networks_WildFire/pack_metadata.json +++ b/Packs/Palo_Alto_Networks_WildFire/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Palo Alto Networks WildFire", "description": "Perform malware dynamic analysis", "support": "xsoar", - "currentVersion": "1.3.9", + "currentVersion": "1.4.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index 3c6d8115245e..ec02f2cab9a8 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -1214,7 +1214,16 @@ { "integrations": "WildFire-v2", "playbookID": "Wildfire Test", - "is_mockable": false + "is_mockable": false, + "fromversion": "5.0.0", + "toversion": "6.1.9" + }, + { + "integrations": "WildFire-v2", + "playbookID": "Wildfire Test With Polling", + "is_mockable": false, + "fromversion": "6.2.0", + "timeout": 1100 }, { "integrations": "WildFire-v2", From 90a5202212e1c4711ab0b9a2c2a640b2911bae42 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 24 Aug 2021 17:09:08 +0300 Subject: [PATCH 025/173] [Marketplace Contribution] ConvertTimezoneFromUTC (#14512) * "pack contribution initial commit" (#14384) * fixed validate & lint * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py * Update Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: cshayner Co-authored-by: ChanochShayner <57212002+ChanochShayner@users.noreply.github.com> --- Packs/ConvertTimezoneFromUTC/.pack-ignore | 0 Packs/ConvertTimezoneFromUTC/.secrets-ignore | 0 Packs/ConvertTimezoneFromUTC/README.md | 0 .../ConvertTimezoneFromUTC.py | 54 ++ .../ConvertTimezoneFromUTC.yml | 38 ++ .../Scripts/ConvertTimezoneFromUTC/Pipfile | 23 + .../ConvertTimezoneFromUTC/Pipfile.lock | 485 ++++++++++++++++++ .../Scripts/ConvertTimezoneFromUTC/README.md | 22 + .../ConvertTimezoneFromUTC/pack_metadata.json | 17 + 9 files changed, 639 insertions(+) create mode 100644 Packs/ConvertTimezoneFromUTC/.pack-ignore create mode 100644 Packs/ConvertTimezoneFromUTC/.secrets-ignore create mode 100644 Packs/ConvertTimezoneFromUTC/README.md create mode 100644 Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py create mode 100644 Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.yml create mode 100644 Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile create mode 100644 Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile.lock create mode 100644 Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/README.md create mode 100644 Packs/ConvertTimezoneFromUTC/pack_metadata.json diff --git a/Packs/ConvertTimezoneFromUTC/.pack-ignore b/Packs/ConvertTimezoneFromUTC/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/ConvertTimezoneFromUTC/.secrets-ignore b/Packs/ConvertTimezoneFromUTC/.secrets-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/ConvertTimezoneFromUTC/README.md b/Packs/ConvertTimezoneFromUTC/README.md new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py new file mode 100644 index 000000000000..54384813ba46 --- /dev/null +++ b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.py @@ -0,0 +1,54 @@ +import demistomock as demisto # noqa: F401 +from CommonServerPython import * # noqa: F401 + +''' IMPORTS ''' + +import pytz + +''' GLOBAL VARIABLES ''' +args = demisto.args() + +''' Helper Code ''' + + +def determine_correct_format(time, fmt): + time = datetime.strptime(time, fmt) + + return time + + +def convert_UTC_Timezone(time, convert_to_timezone, fmt): + # set two timezones we want to work with + desired_timezone = pytz.timezone(f'{convert_to_timezone}') + + # convert me to desired timezone + desired_time = time.astimezone(desired_timezone).strftime(fmt) + + return desired_time + + +''' MAIN ''' + + +def main(): + try: + # Get Args + time = args.get('value') + convert_to_timezone = args.get('timezone') + fmt = args.get('format') + + # Convert UTC to correct format + utc_time = determine_correct_format(time, fmt) + + # Convert to desired Timezone from UTC + desired_time = convert_UTC_Timezone(utc_time, convert_to_timezone, fmt) + + return_results(str(desired_time)) + + except Exception as e: + return_error(f'Error: {e}') + + +''' Script Starts Here''' +if __name__ == "__builtin__" or __name__ == "builtins": + main() diff --git a/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.yml b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.yml new file mode 100644 index 000000000000..b2fe2878c3ff --- /dev/null +++ b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/ConvertTimezoneFromUTC.yml @@ -0,0 +1,38 @@ +args: +- default: true + description: Time in UTC in the format specified + name: value + required: true +- defaultValue: '%Y-%m-%d %H:%M:%S' + description: Format that the input expects, and output will format to (i.e "%Y-%m-%d + %H:%M:%S") + name: format +- description: Timezone to be converted to (i.e. 'US/Eastern', 'Etc/Greenwich','Canada/Eastern'). + Review documentation on http://pytz.sourceforge.net/#helpers for what timezones + are available. + name: timezone + required: true +comment: Takes UTC and converts it to the specified timezone. Format must match the + UTC date's format and output will be the same format. Can use in conjunction with + ConvertDateToString +commonfields: + id: ConvertTimezoneFromUTC + version: -1 +contentitemexportablefields: + contentitemfields: + fromServerVersion: "" +dockerimage: demisto/python3:3.9.6.22912 +enabled: true +name: ConvertTimezoneFromUTC +runas: DBotWeakRole +runonce: false +script: '' +scripttarget: 0 +subtype: python3 +tags: +- transformer +- date +type: python +fromversion: 6.0.0 +tests: +- No tests (auto formatted) diff --git a/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile new file mode 100644 index 000000000000..823ff3a0b49e --- /dev/null +++ b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile @@ -0,0 +1,23 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] +pylint = "*" +pytest = "*" +pytest-mock = "*" +requests-mock = "*" +pytest-asyncio = "*" +pytest-xdist = "*" +pytest-datadir-ng = "*" +freezegun = "*" +pytest-json = "*" +vcrpy = "*" +pytest-cov = "*" +hypothesis = "*" + +[packages] + +[requires] +python_version = "3.9" diff --git a/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile.lock b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile.lock new file mode 100644 index 000000000000..df869d5a58eb --- /dev/null +++ b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/Pipfile.lock @@ -0,0 +1,485 @@ +{ + "_meta": { + "hash": { + "sha256": "0d83517f12d2486ddcc3c59edac8cdb73e0e29f1a5a7d12386ad86b5402b6c37" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.9" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": {}, + "develop": { + "astroid": { + "hashes": [ + "sha256:4db03ab5fc3340cf619dbc25e42c2cc3755154ce6009469766d7143d1fc2ee4e", + "sha256:8a398dfce302c13f14bab13e2b14fe385d32b73f4e4853b9bdfb64598baa1975" + ], + "markers": "python_version ~= '3.6'", + "version": "==2.5.6" + }, + "attrs": { + "hashes": [ + "sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1", + "sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==21.2.0" + }, + "certifi": { + "hashes": [ + "sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee", + "sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8" + ], + "version": "==2021.5.30" + }, + "chardet": { + "hashes": [ + "sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa", + "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==4.0.0" + }, + "coverage": { + "hashes": [ + "sha256:004d1880bed2d97151facef49f08e255a20ceb6f9432df75f4eef018fdd5a78c", + "sha256:01d84219b5cdbfc8122223b39a954820929497a1cb1422824bb86b07b74594b6", + "sha256:040af6c32813fa3eae5305d53f18875bedd079960822ef8ec067a66dd8afcd45", + "sha256:06191eb60f8d8a5bc046f3799f8a07a2d7aefb9504b0209aff0b47298333302a", + "sha256:13034c4409db851670bc9acd836243aeee299949bd5673e11844befcb0149f03", + "sha256:13c4ee887eca0f4c5a247b75398d4114c37882658300e153113dafb1d76de529", + "sha256:184a47bbe0aa6400ed2d41d8e9ed868b8205046518c52464fde713ea06e3a74a", + "sha256:18ba8bbede96a2c3dde7b868de9dcbd55670690af0988713f0603f037848418a", + "sha256:1aa846f56c3d49205c952d8318e76ccc2ae23303351d9270ab220004c580cfe2", + "sha256:217658ec7187497e3f3ebd901afdca1af062b42cfe3e0dafea4cced3983739f6", + "sha256:24d4a7de75446be83244eabbff746d66b9240ae020ced65d060815fac3423759", + "sha256:2910f4d36a6a9b4214bb7038d537f015346f413a975d57ca6b43bf23d6563b53", + "sha256:2949cad1c5208b8298d5686d5a85b66aae46d73eec2c3e08c817dd3513e5848a", + "sha256:2a3859cb82dcbda1cfd3e6f71c27081d18aa251d20a17d87d26d4cd216fb0af4", + "sha256:2cafbbb3af0733db200c9b5f798d18953b1a304d3f86a938367de1567f4b5bff", + "sha256:2e0d881ad471768bf6e6c2bf905d183543f10098e3b3640fc029509530091502", + "sha256:30c77c1dc9f253283e34c27935fded5015f7d1abe83bc7821680ac444eaf7793", + "sha256:3487286bc29a5aa4b93a072e9592f22254291ce96a9fbc5251f566b6b7343cdb", + "sha256:372da284cfd642d8e08ef606917846fa2ee350f64994bebfbd3afb0040436905", + "sha256:41179b8a845742d1eb60449bdb2992196e211341818565abded11cfa90efb821", + "sha256:44d654437b8ddd9eee7d1eaee28b7219bec228520ff809af170488fd2fed3e2b", + "sha256:4a7697d8cb0f27399b0e393c0b90f0f1e40c82023ea4d45d22bce7032a5d7b81", + "sha256:51cb9476a3987c8967ebab3f0fe144819781fca264f57f89760037a2ea191cb0", + "sha256:52596d3d0e8bdf3af43db3e9ba8dcdaac724ba7b5ca3f6358529d56f7a166f8b", + "sha256:53194af30d5bad77fcba80e23a1441c71abfb3e01192034f8246e0d8f99528f3", + "sha256:5fec2d43a2cc6965edc0bb9e83e1e4b557f76f843a77a2496cbe719583ce8184", + "sha256:6c90e11318f0d3c436a42409f2749ee1a115cd8b067d7f14c148f1ce5574d701", + "sha256:74d881fc777ebb11c63736622b60cb9e4aee5cace591ce274fb69e582a12a61a", + "sha256:7501140f755b725495941b43347ba8a2777407fc7f250d4f5a7d2a1050ba8e82", + "sha256:796c9c3c79747146ebd278dbe1e5c5c05dd6b10cc3bcb8389dfdf844f3ead638", + "sha256:869a64f53488f40fa5b5b9dcb9e9b2962a66a87dab37790f3fcfb5144b996ef5", + "sha256:8963a499849a1fc54b35b1c9f162f4108017b2e6db2c46c1bed93a72262ed083", + "sha256:8d0a0725ad7c1a0bcd8d1b437e191107d457e2ec1084b9f190630a4fb1af78e6", + "sha256:900fbf7759501bc7807fd6638c947d7a831fc9fdf742dc10f02956ff7220fa90", + "sha256:92b017ce34b68a7d67bd6d117e6d443a9bf63a2ecf8567bb3d8c6c7bc5014465", + "sha256:970284a88b99673ccb2e4e334cfb38a10aab7cd44f7457564d11898a74b62d0a", + "sha256:972c85d205b51e30e59525694670de6a8a89691186012535f9d7dbaa230e42c3", + "sha256:9a1ef3b66e38ef8618ce5fdc7bea3d9f45f3624e2a66295eea5e57966c85909e", + "sha256:af0e781009aaf59e25c5a678122391cb0f345ac0ec272c7961dc5455e1c40066", + "sha256:b6d534e4b2ab35c9f93f46229363e17f63c53ad01330df9f2d6bd1187e5eaacf", + "sha256:b7895207b4c843c76a25ab8c1e866261bcfe27bfaa20c192de5190121770672b", + "sha256:c0891a6a97b09c1f3e073a890514d5012eb256845c451bd48f7968ef939bf4ae", + "sha256:c2723d347ab06e7ddad1a58b2a821218239249a9e4365eaff6649d31180c1669", + "sha256:d1f8bf7b90ba55699b3a5e44930e93ff0189aa27186e96071fac7dd0d06a1873", + "sha256:d1f9ce122f83b2305592c11d64f181b87153fc2c2bbd3bb4a3dde8303cfb1a6b", + "sha256:d314ed732c25d29775e84a960c3c60808b682c08d86602ec2c3008e1202e3bb6", + "sha256:d636598c8305e1f90b439dbf4f66437de4a5e3c31fdf47ad29542478c8508bbb", + "sha256:deee1077aae10d8fa88cb02c845cfba9b62c55e1183f52f6ae6a2df6a2187160", + "sha256:ebe78fe9a0e874362175b02371bdfbee64d8edc42a044253ddf4ee7d3c15212c", + "sha256:f030f8873312a16414c0d8e1a1ddff2d3235655a2174e3648b4fa66b3f2f1079", + "sha256:f0b278ce10936db1a37e6954e15a3730bea96a0997c26d7fee88e6c396c2086d", + "sha256:f11642dddbb0253cc8853254301b51390ba0081750a8ac03f20ea8103f0c56b6" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", + "version": "==5.5" + }, + "execnet": { + "hashes": [ + "sha256:8f694f3ba9cc92cab508b152dcfe322153975c29bda272e2fd7f3f00f36e47c5", + "sha256:a295f7cc774947aac58dde7fdc85f4aa00c42adf5d8f5468fc630c1acf30a142" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==1.9.0" + }, + "freezegun": { + "hashes": [ + "sha256:177f9dd59861d871e27a484c3332f35a6e3f5d14626f2bf91be37891f18927f3", + "sha256:2ae695f7eb96c62529f03a038461afe3c692db3465e215355e1bb4b0ab408712" + ], + "index": "pypi", + "version": "==1.1.0" + }, + "hypothesis": { + "hashes": [ + "sha256:27aa2af763af06b8b61ce65c09626cf1da6d3a6ff155900f3c581837b453313a", + "sha256:9bdee01ae260329b16117e9b0229a839b4a77747a985922653f595bd2a6a541a" + ], + "index": "pypi", + "version": "==6.14.0" + }, + "idna": { + "hashes": [ + "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6", + "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.10" + }, + "iniconfig": { + "hashes": [ + "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3", + "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32" + ], + "version": "==1.1.1" + }, + "isort": { + "hashes": [ + "sha256:83510593e07e433b77bd5bff0f6f607dbafa06d1a89022616f02d8b699cfcd56", + "sha256:8e2c107091cfec7286bc0f68a547d0ba4c094d460b732075b6fba674f1035c0c" + ], + "markers": "python_version < '4' and python_full_version >= '3.6.1'", + "version": "==5.9.1" + }, + "lazy-object-proxy": { + "hashes": [ + "sha256:17e0967ba374fc24141738c69736da90e94419338fd4c7c7bef01ee26b339653", + "sha256:1fee665d2638491f4d6e55bd483e15ef21f6c8c2095f235fef72601021e64f61", + "sha256:22ddd618cefe54305df49e4c069fa65715be4ad0e78e8d252a33debf00f6ede2", + "sha256:24a5045889cc2729033b3e604d496c2b6f588c754f7a62027ad4437a7ecc4837", + "sha256:410283732af311b51b837894fa2f24f2c0039aa7f220135192b38fcc42bd43d3", + "sha256:4732c765372bd78a2d6b2150a6e99d00a78ec963375f236979c0626b97ed8e43", + "sha256:489000d368377571c6f982fba6497f2aa13c6d1facc40660963da62f5c379726", + "sha256:4f60460e9f1eb632584c9685bccea152f4ac2130e299784dbaf9fae9f49891b3", + "sha256:5743a5ab42ae40caa8421b320ebf3a998f89c85cdc8376d6b2e00bd12bd1b587", + "sha256:85fb7608121fd5621cc4377a8961d0b32ccf84a7285b4f1d21988b2eae2868e8", + "sha256:9698110e36e2df951c7c36b6729e96429c9c32b3331989ef19976592c5f3c77a", + "sha256:9d397bf41caad3f489e10774667310d73cb9c4258e9aed94b9ec734b34b495fd", + "sha256:b579f8acbf2bdd9ea200b1d5dea36abd93cabf56cf626ab9c744a432e15c815f", + "sha256:b865b01a2e7f96db0c5d12cfea590f98d8c5ba64ad222300d93ce6ff9138bcad", + "sha256:bf34e368e8dd976423396555078def5cfc3039ebc6fc06d1ae2c5a65eebbcde4", + "sha256:c6938967f8528b3668622a9ed3b31d145fab161a32f5891ea7b84f6b790be05b", + "sha256:d1c2676e3d840852a2de7c7d5d76407c772927addff8d742b9808fe0afccebdf", + "sha256:d7124f52f3bd259f510651450e18e0fd081ed82f3c08541dffc7b94b883aa981", + "sha256:d900d949b707778696fdf01036f58c9876a0d8bfe116e8d220cfd4b15f14e741", + "sha256:ebfd274dcd5133e0afae738e6d9da4323c3eb021b3e13052d8cbd0e457b1256e", + "sha256:ed361bb83436f117f9917d282a456f9e5009ea12fd6de8742d1a4752c3017e93", + "sha256:f5144c75445ae3ca2057faac03fda5a902eff196702b0a24daf1d6ce0650514b" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==1.6.0" + }, + "mccabe": { + "hashes": [ + "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42", + "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f" + ], + "version": "==0.6.1" + }, + "multidict": { + "hashes": [ + "sha256:018132dbd8688c7a69ad89c4a3f39ea2f9f33302ebe567a879da8f4ca73f0d0a", + "sha256:051012ccee979b2b06be928a6150d237aec75dd6bf2d1eeeb190baf2b05abc93", + "sha256:05c20b68e512166fddba59a918773ba002fdd77800cad9f55b59790030bab632", + "sha256:07b42215124aedecc6083f1ce6b7e5ec5b50047afa701f3442054373a6deb656", + "sha256:0e3c84e6c67eba89c2dbcee08504ba8644ab4284863452450520dad8f1e89b79", + "sha256:0e929169f9c090dae0646a011c8b058e5e5fb391466016b39d21745b48817fd7", + "sha256:1ab820665e67373de5802acae069a6a05567ae234ddb129f31d290fc3d1aa56d", + "sha256:25b4e5f22d3a37ddf3effc0710ba692cfc792c2b9edfb9c05aefe823256e84d5", + "sha256:2e68965192c4ea61fff1b81c14ff712fc7dc15d2bd120602e4a3494ea6584224", + "sha256:2f1a132f1c88724674271d636e6b7351477c27722f2ed789f719f9e3545a3d26", + "sha256:37e5438e1c78931df5d3c0c78ae049092877e5e9c02dd1ff5abb9cf27a5914ea", + "sha256:3a041b76d13706b7fff23b9fc83117c7b8fe8d5fe9e6be45eee72b9baa75f348", + "sha256:3a4f32116f8f72ecf2a29dabfb27b23ab7cdc0ba807e8459e59a93a9be9506f6", + "sha256:46c73e09ad374a6d876c599f2328161bcd95e280f84d2060cf57991dec5cfe76", + "sha256:46dd362c2f045095c920162e9307de5ffd0a1bfbba0a6e990b344366f55a30c1", + "sha256:4b186eb7d6ae7c06eb4392411189469e6a820da81447f46c0072a41c748ab73f", + "sha256:54fd1e83a184e19c598d5e70ba508196fd0bbdd676ce159feb412a4a6664f952", + "sha256:585fd452dd7782130d112f7ddf3473ffdd521414674c33876187e101b588738a", + "sha256:5cf3443199b83ed9e955f511b5b241fd3ae004e3cb81c58ec10f4fe47c7dce37", + "sha256:6a4d5ce640e37b0efcc8441caeea8f43a06addace2335bd11151bc02d2ee31f9", + "sha256:7df80d07818b385f3129180369079bd6934cf70469f99daaebfac89dca288359", + "sha256:806068d4f86cb06af37cd65821554f98240a19ce646d3cd24e1c33587f313eb8", + "sha256:830f57206cc96ed0ccf68304141fec9481a096c4d2e2831f311bde1c404401da", + "sha256:929006d3c2d923788ba153ad0de8ed2e5ed39fdbe8e7be21e2f22ed06c6783d3", + "sha256:9436dc58c123f07b230383083855593550c4d301d2532045a17ccf6eca505f6d", + "sha256:9dd6e9b1a913d096ac95d0399bd737e00f2af1e1594a787e00f7975778c8b2bf", + "sha256:ace010325c787c378afd7f7c1ac66b26313b3344628652eacd149bdd23c68841", + "sha256:b47a43177a5e65b771b80db71e7be76c0ba23cc8aa73eeeb089ed5219cdbe27d", + "sha256:b797515be8743b771aa868f83563f789bbd4b236659ba52243b735d80b29ed93", + "sha256:b7993704f1a4b204e71debe6095150d43b2ee6150fa4f44d6d966ec356a8d61f", + "sha256:d5c65bdf4484872c4af3150aeebe101ba560dcfb34488d9a8ff8dbcd21079647", + "sha256:d81eddcb12d608cc08081fa88d046c78afb1bf8107e6feab5d43503fea74a635", + "sha256:dc862056f76443a0db4509116c5cd480fe1b6a2d45512a653f9a855cc0517456", + "sha256:ecc771ab628ea281517e24fd2c52e8f31c41e66652d07599ad8818abaad38cda", + "sha256:f200755768dc19c6f4e2b672421e0ebb3dd54c38d5a4f262b872d8cfcc9e93b5", + "sha256:f21756997ad8ef815d8ef3d34edd98804ab5ea337feedcd62fb52d22bf531281", + "sha256:fc13a9524bc18b6fb6e0dbec3533ba0496bbed167c56d0aabefd965584557d80" + ], + "markers": "python_version >= '3.6'", + "version": "==5.1.0" + }, + "packaging": { + "hashes": [ + "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5", + "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==20.9" + }, + "pluggy": { + "hashes": [ + "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0", + "sha256:966c145cd83c96502c3c3868f50408687b38434af77734af1e9ca461a4081d2d" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.13.1" + }, + "py": { + "hashes": [ + "sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3", + "sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.10.0" + }, + "pylint": { + "hashes": [ + "sha256:0a049c5d47b629d9070c3932d13bff482b12119b6a241a93bc460b0be16953c8", + "sha256:792b38ff30903884e4a9eab814ee3523731abd3c463f3ba48d7b627e87013484" + ], + "index": "pypi", + "version": "==2.8.3" + }, + "pyparsing": { + "hashes": [ + "sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1", + "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b" + ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.4.7" + }, + "pytest": { + "hashes": [ + "sha256:50bcad0a0b9c5a72c8e4e7c9855a3ad496ca6a881a3641b4260605450772c54b", + "sha256:91ef2131a9bd6be8f76f1f08eac5c5317221d6ad1e143ae03894b862e8976890" + ], + "index": "pypi", + "version": "==6.2.4" + }, + "pytest-asyncio": { + "hashes": [ + "sha256:2564ceb9612bbd560d19ca4b41347b54e7835c2f792c504f698e05395ed63f6f", + "sha256:3042bcdf1c5d978f6b74d96a151c4cfb9dcece65006198389ccd7e6c60eb1eea" + ], + "index": "pypi", + "version": "==0.15.1" + }, + "pytest-cov": { + "hashes": [ + "sha256:261bb9e47e65bd099c89c3edf92972865210c36813f80ede5277dceb77a4a62a", + "sha256:261ceeb8c227b726249b376b8526b600f38667ee314f910353fa318caa01f4d7" + ], + "index": "pypi", + "version": "==2.12.1" + }, + "pytest-datadir-ng": { + "hashes": [ + "sha256:0d9e0212eaa4d0440a4b7c3d2df4b4b7eeebde1854ab383c5aff590764ad8a52", + "sha256:7fec7a4996a12529a935512c128624fa7289495b520fd31b4645c3a71daa394e" + ], + "index": "pypi", + "version": "==1.1.1" + }, + "pytest-forked": { + "hashes": [ + "sha256:6aa9ac7e00ad1a539c41bec6d21011332de671e938c7637378ec9710204e37ca", + "sha256:dc4147784048e70ef5d437951728825a131b81714b398d5d52f17c7c144d8815" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==1.3.0" + }, + "pytest-json": { + "hashes": [ + "sha256:8bf4e1be1691f4416bc12b14785b5ad9e842887b0b2b2d61b37dcb555b208630" + ], + "index": "pypi", + "version": "==0.4.0" + }, + "pytest-mock": { + "hashes": [ + "sha256:30c2f2cc9759e76eee674b81ea28c9f0b94f8f0445a1b87762cadf774f0df7e3", + "sha256:40217a058c52a63f1042f0784f62009e976ba824c418cced42e88d5f40ab0e62" + ], + "index": "pypi", + "version": "==3.6.1" + }, + "pytest-xdist": { + "hashes": [ + "sha256:e8ecde2f85d88fbcadb7d28cb33da0fa29bca5cf7d5967fa89fc0e97e5299ea5", + "sha256:ed3d7da961070fce2a01818b51f6888327fb88df4379edeb6b9d990e789d9c8d" + ], + "index": "pypi", + "version": "==2.3.0" + }, + "python-dateutil": { + "hashes": [ + "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c", + "sha256:75bb3f31ea686f1197762692a9ee6a7550b59fc6ca3a1f4b5d7e32fb98e2da2a" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.8.1" + }, + "pyyaml": { + "hashes": [ + "sha256:08682f6b72c722394747bddaf0aa62277e02557c0fd1c42cb853016a38f8dedf", + "sha256:0f5f5786c0e09baddcd8b4b45f20a7b5d61a7e7e99846e3c799b05c7c53fa696", + "sha256:129def1b7c1bf22faffd67b8f3724645203b79d8f4cc81f674654d9902cb4393", + "sha256:294db365efa064d00b8d1ef65d8ea2c3426ac366c0c4368d930bf1c5fb497f77", + "sha256:3b2b1824fe7112845700f815ff6a489360226a5609b96ec2190a45e62a9fc922", + "sha256:3bd0e463264cf257d1ffd2e40223b197271046d09dadf73a0fe82b9c1fc385a5", + "sha256:4465124ef1b18d9ace298060f4eccc64b0850899ac4ac53294547536533800c8", + "sha256:49d4cdd9065b9b6e206d0595fee27a96b5dd22618e7520c33204a4a3239d5b10", + "sha256:4e0583d24c881e14342eaf4ec5fbc97f934b999a6828693a99157fde912540cc", + "sha256:5accb17103e43963b80e6f837831f38d314a0495500067cb25afab2e8d7a4018", + "sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e", + "sha256:6c78645d400265a062508ae399b60b8c167bf003db364ecb26dcab2bda048253", + "sha256:72a01f726a9c7851ca9bfad6fd09ca4e090a023c00945ea05ba1638c09dc3347", + "sha256:74c1485f7707cf707a7aef42ef6322b8f97921bd89be2ab6317fd782c2d53183", + "sha256:895f61ef02e8fed38159bb70f7e100e00f471eae2bc838cd0f4ebb21e28f8541", + "sha256:8c1be557ee92a20f184922c7b6424e8ab6691788e6d86137c5d93c1a6ec1b8fb", + "sha256:bb4191dfc9306777bc594117aee052446b3fa88737cd13b7188d0e7aa8162185", + "sha256:bfb51918d4ff3d77c1c856a9699f8492c612cde32fd3bcd344af9be34999bfdc", + "sha256:c20cfa2d49991c8b4147af39859b167664f2ad4561704ee74c1de03318e898db", + "sha256:cb333c16912324fd5f769fff6bc5de372e9e7a202247b48870bc251ed40239aa", + "sha256:d2d9808ea7b4af864f35ea216be506ecec180628aced0704e34aca0b040ffe46", + "sha256:d483ad4e639292c90170eb6f7783ad19490e7a8defb3e46f97dfe4bacae89122", + "sha256:dd5de0646207f053eb0d6c74ae45ba98c3395a571a2891858e87df7c9b9bd51b", + "sha256:e1d4970ea66be07ae37a3c2e48b5ec63f7ba6804bdddfdbd3cfd954d25a82e63", + "sha256:e4fac90784481d221a8e4b1162afa7c47ed953be40d31ab4629ae917510051df", + "sha256:fa5ae20527d8e831e8230cbffd9f8fe952815b2b7dae6ffec25318803a7528fc", + "sha256:fd7f6999a8070df521b6384004ef42833b9bd62cfee11a09bda1079b4b704247", + "sha256:fdc842473cd33f45ff6bce46aea678a54e3d21f1b61a7750ce3c498eedfe25d6", + "sha256:fe69978f3f768926cfa37b867e3843918e012cf83f680806599ddce33c2c68b0" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==5.4.1" + }, + "requests": { + "hashes": [ + "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804", + "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==2.25.1" + }, + "requests-mock": { + "hashes": [ + "sha256:0a2d38a117c08bb78939ec163522976ad59a6b7fdd82b709e23bb98004a44970", + "sha256:8d72abe54546c1fc9696fa1516672f1031d72a55a1d66c85184f972a24ba0eba" + ], + "index": "pypi", + "version": "==1.9.3" + }, + "six": { + "hashes": [ + "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", + "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.16.0" + }, + "sortedcontainers": { + "hashes": [ + "sha256:25caa5a06cc30b6b83d11423433f65d1f9d76c4c6a0c90e3379eaa43b9bfdb88", + "sha256:a163dcaede0f1c021485e957a39245190e74249897e2ae4b2aa38595db237ee0" + ], + "version": "==2.4.0" + }, + "toml": { + "hashes": [ + "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b", + "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f" + ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.10.2" + }, + "urllib3": { + "hashes": [ + "sha256:39fb8672126159acb139a7718dd10806104dec1e2f0f6c88aab05d17df10c8d4", + "sha256:f57b4c16c62fa2760b7e3d97c35b255512fb6b59a259730f36ba32ce9f8e342f" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", + "version": "==1.26.6" + }, + "vcrpy": { + "hashes": [ + "sha256:12c3fcdae7b88ecf11fc0d3e6d77586549d4575a2ceee18e82eee75c1f626162", + "sha256:57095bf22fc0a2d99ee9674cdafebed0f3ba763018582450706f7d3a74fff599" + ], + "index": "pypi", + "version": "==4.1.1" + }, + "wrapt": { + "hashes": [ + "sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7" + ], + "version": "==1.12.1" + }, + "yarl": { + "hashes": [ + "sha256:00d7ad91b6583602eb9c1d085a2cf281ada267e9a197e8b7cae487dadbfa293e", + "sha256:0355a701b3998dcd832d0dc47cc5dedf3874f966ac7f870e0f3a6788d802d434", + "sha256:15263c3b0b47968c1d90daa89f21fcc889bb4b1aac5555580d74565de6836366", + "sha256:2ce4c621d21326a4a5500c25031e102af589edb50c09b321049e388b3934eec3", + "sha256:31ede6e8c4329fb81c86706ba8f6bf661a924b53ba191b27aa5fcee5714d18ec", + "sha256:324ba3d3c6fee56e2e0b0d09bf5c73824b9f08234339d2b788af65e60040c959", + "sha256:329412812ecfc94a57cd37c9d547579510a9e83c516bc069470db5f75684629e", + "sha256:4736eaee5626db8d9cda9eb5282028cc834e2aeb194e0d8b50217d707e98bb5c", + "sha256:4953fb0b4fdb7e08b2f3b3be80a00d28c5c8a2056bb066169de00e6501b986b6", + "sha256:4c5bcfc3ed226bf6419f7a33982fb4b8ec2e45785a0561eb99274ebbf09fdd6a", + "sha256:547f7665ad50fa8563150ed079f8e805e63dd85def6674c97efd78eed6c224a6", + "sha256:5b883e458058f8d6099e4420f0cc2567989032b5f34b271c0827de9f1079a424", + "sha256:63f90b20ca654b3ecc7a8d62c03ffa46999595f0167d6450fa8383bab252987e", + "sha256:68dc568889b1c13f1e4745c96b931cc94fdd0defe92a72c2b8ce01091b22e35f", + "sha256:69ee97c71fee1f63d04c945f56d5d726483c4762845400a6795a3b75d56b6c50", + "sha256:6d6283d8e0631b617edf0fd726353cb76630b83a089a40933043894e7f6721e2", + "sha256:72a660bdd24497e3e84f5519e57a9ee9220b6f3ac4d45056961bf22838ce20cc", + "sha256:73494d5b71099ae8cb8754f1df131c11d433b387efab7b51849e7e1e851f07a4", + "sha256:7356644cbed76119d0b6bd32ffba704d30d747e0c217109d7979a7bc36c4d970", + "sha256:8a9066529240171b68893d60dca86a763eae2139dd42f42106b03cf4b426bf10", + "sha256:8aa3decd5e0e852dc68335abf5478a518b41bf2ab2f330fe44916399efedfae0", + "sha256:97b5bdc450d63c3ba30a127d018b866ea94e65655efaf889ebeabc20f7d12406", + "sha256:9ede61b0854e267fd565e7527e2f2eb3ef8858b301319be0604177690e1a3896", + "sha256:b2e9a456c121e26d13c29251f8267541bd75e6a1ccf9e859179701c36a078643", + "sha256:b5dfc9a40c198334f4f3f55880ecf910adebdcb2a0b9a9c23c9345faa9185721", + "sha256:bafb450deef6861815ed579c7a6113a879a6ef58aed4c3a4be54400ae8871478", + "sha256:c49ff66d479d38ab863c50f7bb27dee97c6627c5fe60697de15529da9c3de724", + "sha256:ce3beb46a72d9f2190f9e1027886bfc513702d748047b548b05dab7dfb584d2e", + "sha256:d26608cf178efb8faa5ff0f2d2e77c208f471c5a3709e577a7b3fd0445703ac8", + "sha256:d597767fcd2c3dc49d6eea360c458b65643d1e4dbed91361cf5e36e53c1f8c96", + "sha256:d5c32c82990e4ac4d8150fd7652b972216b204de4e83a122546dce571c1bdf25", + "sha256:d8d07d102f17b68966e2de0e07bfd6e139c7c02ef06d3a0f8d2f0f055e13bb76", + "sha256:e46fba844f4895b36f4c398c5af062a9808d1f26b2999c58909517384d5deda2", + "sha256:e6b5460dc5ad42ad2b36cca524491dfcaffbfd9c8df50508bddc354e787b8dc2", + "sha256:f040bcc6725c821a4c0665f3aa96a4d0805a7aaf2caf266d256b8ed71b9f041c", + "sha256:f0b059678fd549c66b89bed03efcabb009075bd131c248ecdf087bdb6faba24a", + "sha256:fcbb48a93e8699eae920f8d92f7160c03567b421bc17362a9ffbbd706a816f71" + ], + "markers": "python_version >= '3.6'", + "version": "==1.6.3" + } + } +} diff --git a/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/README.md b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/README.md new file mode 100644 index 000000000000..e6cbb22d8d58 --- /dev/null +++ b/Packs/ConvertTimezoneFromUTC/Scripts/ConvertTimezoneFromUTC/README.md @@ -0,0 +1,22 @@ +Takes UTC and converts it to the specified timezone. Format must match the UTC date's format and output will be the same format. Can use in conjunction with ConvertDateToString + +## Script Data +--- + +| **Name** | **Description** | +| --- | --- | +| Script Type | python3 | +| Tags | transformer, date | + +## Inputs +--- + +| **Argument Name** | **Description** | +| --- | --- | +| value | Time in UTC in the format specified | +| format | Format that the input expects, and output will format to \(i.e "%Y-%m-%d %H:%M:%S"\) | +| timezone | Timezone to be converted to \(i.e. 'US/Eastern', 'Etc/Greenwich','Canada/Eastern'\). Review documentation on http://pytz.sourceforge.net/\#helpers for what timezones are available. | + +## Outputs +--- +There are no outputs for this script. diff --git a/Packs/ConvertTimezoneFromUTC/pack_metadata.json b/Packs/ConvertTimezoneFromUTC/pack_metadata.json new file mode 100644 index 000000000000..dee81f8134a2 --- /dev/null +++ b/Packs/ConvertTimezoneFromUTC/pack_metadata.json @@ -0,0 +1,17 @@ +{ + "name": "ConvertTimezoneFromUTC", + "description": "Transformer (Date) to Convert UTC to another Timezone", + "support": "community", + "currentVersion": "1.0.0", + "author": "Synthanee Humbert", + "url": "", + "email": "", + "created": "2021-08-18T19:49:38Z", + "categories": [], + "tags": [], + "useCases": [], + "keywords": [], + "githubUser": [ + "synth-humbert" + ] +} \ No newline at end of file From 8e3b9e8b79d5d39554c883c59165214f563b1554 Mon Sep 17 00:00:00 2001 From: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Date: Tue, 24 Aug 2021 17:54:10 +0300 Subject: [PATCH 026/173] fix typo (#14516) --- Tests/Marketplace/marketplace_constants.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/Marketplace/marketplace_constants.py b/Tests/Marketplace/marketplace_constants.py index d53aa179f72b..50d99bfd12d1 100644 --- a/Tests/Marketplace/marketplace_constants.py +++ b/Tests/Marketplace/marketplace_constants.py @@ -109,7 +109,7 @@ class Metadata(object): KEY_WORDS = 'keywords' DEPENDENCIES = 'dependencies' PREMIUM = 'premium' - VERNDOR_ID = 'vendorId' + VENDOR_ID = 'vendorId' PARTNER_ID = 'partnerId' PARTNER_NAME = 'partnerName' CONTENT_COMMIT_HASH = 'contentCommitHash' From eb73f426ac3ff4ac70a6f01c954a81108a7f01c4 Mon Sep 17 00:00:00 2001 From: tomneeman151293 <70005542+tomneeman151293@users.noreply.github.com> Date: Tue, 24 Aug 2021 17:55:47 +0300 Subject: [PATCH 027/173] QRadar enhance ip commands (#14500) * added support for ip arguments * added args to readme * Added rn * small fixes to filter query * reverted commenting * Update Packs/QRadar/ReleaseNotes/2_0_22.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> --- Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py | 8 ++++++++ Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml | 12 ++++++++++++ Packs/QRadar/Integrations/QRadar_v3/README.md | 2 ++ Packs/QRadar/ReleaseNotes/2_0_22.md | 5 +++++ Packs/QRadar/pack_metadata.json | 4 ++-- 5 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 Packs/QRadar/ReleaseNotes/2_0_22.md diff --git a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py index 0e6bae032225..1e5267279134 100644 --- a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py +++ b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.py @@ -2517,6 +2517,14 @@ def perform_ips_command_request(client: Client, args: Dict[str, Any], is_destina fields: Optional[str] = args.get('fields') address_type = 'local_destination' if is_destination_addresses else 'source' + ips_arg_name: str = f'{address_type}_ip' + ips: List[str] = argToList(args.get(ips_arg_name, [])) + + if ips and filter_: + raise DemistoException(f'Both filter and {ips_arg_name} have been supplied. Please supply only one.') + + if ips: + filter_ = ' OR '.join([f'{ips_arg_name}="{ip_}"' for ip_ in ips]) url_suffix = f'{address_type}_addresses' response = client.get_addresses(url_suffix, filter_, fields, range_) diff --git a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml index 7f537f89da6b..95a24f6ad716 100644 --- a/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml +++ b/Packs/QRadar/Integrations/QRadar_v3/QRadar_v3.yml @@ -2813,6 +2813,12 @@ script: hidden: true name: qradar-upload-indicators - arguments: + - default: false + description: Comma separated list. Source IPs to retrieve their data, E.g "192.168.0.1,192.160.0.2". + isArray: true + name: source_ip + required: false + secret: false - default: false description: 'Query to filter IPs. E.g, filter=`source_ip="192.168.0.1"`. For reference please consult: https://www.ibm.com/support/knowledgecenter/SS42VS_SHR/com.ibm.qradarapi.doc/c_rest_api_filtering.html' isArray: false @@ -2872,6 +2878,12 @@ script: description: List of local destination address IDs associated with the source address. type: Unknown - arguments: + - default: false + description: Comma separated list. Local destination IPs to retrieve their data, E.g "192.168.0.1,192.160.0.2". + isArray: true + name: local_destination_ip + required: false + secret: false - default: false description: 'Query to filter IPs. E.g, filter=`local_destination_ip="192.168.0.1"` For reference please consult: https://www.ibm.com/support/knowledgecenter/SS42VS_SHR/com.ibm.qradarapi.doc/c_rest_api_filtering.html' isArray: false diff --git a/Packs/QRadar/Integrations/QRadar_v3/README.md b/Packs/QRadar/Integrations/QRadar_v3/README.md index 0839ff4bdc32..8ae79ab4ec20 100644 --- a/Packs/QRadar/Integrations/QRadar_v3/README.md +++ b/Packs/QRadar/Integrations/QRadar_v3/README.md @@ -2364,6 +2364,7 @@ Get Source IPs | **Argument Name** | **Description** | **Required** | | --- | --- | --- | +| source_ip | Comma separated list. Source IPs to retrieve their data, E.g "192.168.0.1,192.160.0.2". | Optional | | filter | Query to filter IPs. E.g, filter=`source_ip="192.168.0.1"`. For reference please consult: https://www.ibm.com/support/knowledgecenter/SS42VS_SHR/com.ibm.qradarapi.doc/c_rest_api_filtering.html. | Optional | | fields | If used, will filter all fields except for the ones specified. Use this argument to specify which fields should be returned in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object separated by commas. The filter uses QRadar's field names, for reference, consult: https://www.ibm.com/docs/en/qradar-common?topic=endpoints-get-siemsource-addresses | Optional | | range | Range of results to return. e.g.: 0-20. | Optional | @@ -2441,6 +2442,7 @@ Get Source IPs | **Argument Name** | **Description** | **Required** | | --- | --- | --- | +| local_destination_ip | Comma separated list. Local destination IPs to retrieve their data, E.g "192.168.0.1,192.160.0.2". | Optional | | filter | If used, will filter all fields except for the ones specified. Use this argument to specify which fields should be returned in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object separated by commas. The filter uses QRadar's field names, for reference, consult: https://www.ibm.com/docs/en/qradar-common?topic=endpoints-get-siemlocal-destination-addresses | Optional | | fields | If used, will filter all fields except for the specified ones. Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object separated by commas. The filter uses QRadar's field names, for reference, consult: https://www.ibm.com/docs/en/qradar-common?topic=endpoints-get-siemlocal-destination-addresses. | Optional | | range | Range of results to return. e.g.: 0-20. | Optional | diff --git a/Packs/QRadar/ReleaseNotes/2_0_22.md b/Packs/QRadar/ReleaseNotes/2_0_22.md new file mode 100644 index 000000000000..7ffdf513d065 --- /dev/null +++ b/Packs/QRadar/ReleaseNotes/2_0_22.md @@ -0,0 +1,5 @@ + +#### Integrations +##### IBM QRadar v3 +- Added the *source_ip* array argument to the ***qradar-ips-source-get*** command. +- Added the *local_destination_ip* array argument to the ***qradar-ips-local-destination-get*** command. diff --git a/Packs/QRadar/pack_metadata.json b/Packs/QRadar/pack_metadata.json index b09ca1bff410..96508760adb3 100644 --- a/Packs/QRadar/pack_metadata.json +++ b/Packs/QRadar/pack_metadata.json @@ -2,7 +2,7 @@ "name": "IBM QRadar", "description": "Fetch offenses as incidents and search QRadar", "support": "xsoar", - "currentVersion": "2.0.21", + "currentVersion": "2.0.22", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", @@ -42,4 +42,4 @@ "CommonPlaybooks", "CommonTypes" ] -} +} \ No newline at end of file From faa695ddde1a3e1d50d78ab151a176934f27155d Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 24 Aug 2021 18:00:55 +0300 Subject: [PATCH 028/173] Update Docker Image To demisto/python3 (#14481) * Updated Metadata Of Pack KasperskySecurityCenter * Added release notes to pack KasperskySecurityCenter * Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml Docker image update * Updated Metadata Of Pack Shodan * Added release notes to pack Shodan * Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml Docker image update * Adding TPB of Kaspersky Security Center * Updated Metadata Of Pack KasperskySecurityCenter * Fixed build * Added dbotscore to ip command + added readme file that was missing * added dbotscore outputs to readme * deleted use-case empty section * removed unnecessary ignore * Fixed cr comments * added response_type to login Co-authored-by: sberman --- .../KasperskySecurityCenter.py | 1 + .../KasperskySecurityCenter.yml | 4 +- .../ReleaseNotes/1_0_3.md | 3 + .../pack_metadata.json | 2 +- Packs/Shodan/Integrations/Shodan_v2/README.md | 433 +++++++++++++++++ .../Integrations/Shodan_v2/Shodan_v2.py | 8 + .../Integrations/Shodan_v2/Shodan_v2.yml | 104 +++-- .../Shodan_v2/Shodan_v2_description.md | 437 ------------------ Packs/Shodan/ReleaseNotes/1_0_4.md | 3 + Packs/Shodan/pack_metadata.json | 2 +- Tests/conf.json | 5 + 11 files changed, 535 insertions(+), 467 deletions(-) create mode 100644 Packs/KasperskySecurityCenter/ReleaseNotes/1_0_3.md create mode 100644 Packs/Shodan/Integrations/Shodan_v2/README.md create mode 100644 Packs/Shodan/ReleaseNotes/1_0_4.md diff --git a/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.py b/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.py index 670c37db5458..ee3397971eb1 100644 --- a/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.py +++ b/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.py @@ -98,6 +98,7 @@ def login(self, username: str, password: str) -> None: 'Authorization': f'KSCBasic user="{encoded_username}", pass="{encoded_password}"', 'Content-Type': 'application/json', }, + resp_type='response' ) def _raise_for_error(self, res: Dict): diff --git a/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml b/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml index db7c3d7e78e7..1b1b0f9c956d 100644 --- a/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml +++ b/Packs/KasperskySecurityCenter/Integrations/KasperskySecurityCenter/KasperskySecurityCenter.yml @@ -441,7 +441,7 @@ script: - contextPath: KasperskySecurityCenter.Policy.KLPOL_ID description: Policy ID. type: Number - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: false longRunning: false @@ -452,3 +452,5 @@ script: type: python fromversion: 5.5.0 beta: true +tests: + - Kaspersky Security Center - Test \ No newline at end of file diff --git a/Packs/KasperskySecurityCenter/ReleaseNotes/1_0_3.md b/Packs/KasperskySecurityCenter/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..e91482b963a6 --- /dev/null +++ b/Packs/KasperskySecurityCenter/ReleaseNotes/1_0_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### Kaspersky Security Center (Beta) +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/KasperskySecurityCenter/pack_metadata.json b/Packs/KasperskySecurityCenter/pack_metadata.json index caf464c7891d..0221fdf2e8c4 100644 --- a/Packs/KasperskySecurityCenter/pack_metadata.json +++ b/Packs/KasperskySecurityCenter/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Kaspersky Security Center", "description": "Manage endpoints and groups through the Kaspersky Security Center.", "support": "xsoar", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Shodan/Integrations/Shodan_v2/README.md b/Packs/Shodan/Integrations/Shodan_v2/README.md new file mode 100644 index 000000000000..55cd1dbeb2ca --- /dev/null +++ b/Packs/Shodan/Integrations/Shodan_v2/README.md @@ -0,0 +1,433 @@ +## Overview +--- + +Search engine for Internet-connected devices + +## Configure Shodan_v2 on Cortex XSOAR +--- + +1. Navigate to __Settings__ > __Integrations__ > __Servers & Services__. +2. Search for Shodan_v2. +3. Click __Add instance__ to create and configure a new integration instance. + * __Name__: a textual name for the integration instance. + * __Api Key__ + * __Base url to Shodan API__ + * __Trust self-signed certificate (insecure)__ + * __Use system proxy settings__ +4. Click __Test__ to validate the URLs, token, and connection. + +## Commands +--- +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +1. search +2. ip +3. shodan-search-count +4. shodan-scan-ip +5. shodan-scan-internet +6. shodan-scan-status +7. shodan-create-network-alert +8. shodan-network-get-alert-by-id +9. shodan-network-get-alerts +10. shodan-network-delete-alert +11. shodan-network-alert-set-trigger +12. shodan-network-alert-remove-trigger +13. shodan-network-alert-whitelist-service +14. shodan-network-alert-remove-service-from-whitelist +### 1. search +--- +Search Shodan using the same query syntax as the website and use facets to get summary information for different properties. +##### Base Command + +`search` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| query | Shodan search query. The provided string is used to search the database of banners in Shodan, with the additional option to provide filters inside the search query using a "filter:value" format. For example, the following search query would find Apache webservers located in Germany: "apache country:DE" | Required | +| facets | A comma-separated list of properties to get summary information on. Property names can also be in the format of "property:count", where "count" is the number of facets that will be returned for a property (i.e. "country:100" to get the top 100 countries for a search query) | Optional | +| page | Result page number to be fetched. Each page contains up to 100 results. | Optional | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Banner.Org | String | The name of the organization that is assigned the IP space for this device | +| Shodan.Banner.Isp | String | The ISP that is providing the organization with the IP space for this device. Consider this the "parent" of the organization in terms of IP ownership | +| Shodan.Banner.Transport | String | Either "udp" or "tcp" to indicate which IP transport protocol was used to fetch the information | +| Shodan.Banner.Asn | String | The autonomous system number (ex. "AS4837"). | +| Shodan.Banner.IP | String | The IP address of the host as a string | +| Shodan.Banner.Port | Number | The port number that the service is operating on | +| Shodan.Banner.Ssl.versions | String | list of SSL versions that are supported by the server. If a version isnt supported the value is prefixed with a "-". Example: ["TLSv1", "-SSLv2"] means that the server supports TLSv1 but doesnt support SSLv2. | +| Shodan.Banner.Hostnames | String | An array of strings containing all of the hostnames that have been assigned to the IP address for this device. | +| Shodan.Banner.Location.City | String | The name of the city where the device is located | +| Shodan.Banner.Location.Longitude | Number | The longitude for the geolocation of the device | +| Shodan.Banner.Location.Latitude | Number | The latitude for the geolocation of the device | +| Shodan.Banner.Location.Country | String | The name of the country where the device is located | +| Shodan.Banner.Timestamp | Date | The timestamp for when the banner was fetched from the device in the UTC timezone | +| Shodan.Banner.Domains | String | An array of strings containing the top-level domains for the hostnames of the device. This is a utility property in case you want to filter by TLD instead of subdomain. It is smart enough to handle global TLDs with several dots in the domain (ex. "co.uk") | +| Shodan.Banner.OS | String | The operating system that powers the device | + + +##### Command Example +```!search query="country:HK product:Apache"``` + +##### Human Readable Output + + +### 2. ip +--- +Returns all services that have been found on the given host IP. +##### Base Command + +`ip` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| ip | Host IP address | Required | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| IP.ASN | Unknown | Autonomous System Number (ASN) such as IP owner | +| IP.Address | Unknown | IP Address | +| IP.Geo.Country | Unknown | Country of given IP | +| IP.Geo.Description | Unknown | Description of location | +| IP.Geo.Location | Unknown | Latitude and longitude of given IP | +| IP.Hostname | Unknown | Hostname | +| Shodan.IP.Tags | String | The tags related to the IP | +| Shodan.IP.Latitude | Number | The latitude for the geolocation of the device | +| Shodan.IP.Org | String | The name of the organization that is assigned the IP space for this device | +| Shodan.IP.ASN | String | The autonomous system number (ex. "AS4837"). | +| Shodan.IP.ISP | String | The ISP that is providing the organization with the IP space for this device. Consider this the "parent" of the organization in terms of IP ownership | +| Shodan.IP.Longitude | Number | The Longitude for the geolocation of the device | +| Shodan.IP.LastUpdate | Date | The timestamp for when the banner was fetched from the device in the UTC timezone | +| Shodan.IP.CountryName | String | The name of the country where the device is located | +| Shodan.IP.OS | String | The operating system that powers the device | +| Shodan.IP.Port | Number | The port number that the service is operating on | +| Shodan.IP.Address | String | The IP address of the host as a string | +| DBotScore.Indicator | String | The indicator value. | +| DBotScore.Score | Number | The indicator score according to the vendor. | +| DBotScore.Type | String | The indicator type. | +| DBotScore.Vendor | String | The vendor name. | + + +##### Command Example +```!ip ip="8.8.8.8"``` + +##### Human Readable Output + + +### 3. shodan-search-count +--- +This method behaves identical to "shodan-search" with the only difference that this method does not return any host results, it only returns the total number of results that matched the query and any facet information that was requested. As a result this method does not consume query credits. +##### Base Command + +`shodan-search-count` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| query | Shodan search query. The provided string is used to search the database of banners in Shodan, with the additional option to provide filters inside the search query using a "filter:value" format. | Required | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Search.ResultCount | Number | Number of results generated by the search query | + + +##### Command Example +```!shodan-search-count query="country:HK product:Apache"``` + +##### Human Readable Output + + +### 4. shodan-scan-ip +--- +Use this method to request Shodan to crawl a network. +##### Base Command + +`shodan-scan-ip` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| ips | A comma-separated list of IPs or netblocks (in CIDR notation) that should get crawled. | Required | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Scan.ID | String | The unique scan ID that was returned by shodan-scan-ip. | +| Shodan.Scan.Status | String | The status of the scan job | + + +##### Command Example +```!shodan-scan-ip ips="1.1.1.69"``` + +##### Human Readable Output + + +### 5. shodan-scan-internet +--- +This method is restricted to security researchers and companies with a Shodan Enterprise Data license +##### Base Command + +`shodan-scan-internet` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| port | The port that Shodan should crawl the Internet for | Required | +| protocol | The name of the protocol that should be used to interrogate the port. | Required | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Scan.ID | String | The id of the scan job | + + +##### Command Example +```!shodan-scan-internet port="80" protocol="http"``` + +##### Human Readable Output + + +### 6. shodan-scan-status +--- +Check the progress of a previously submitted scan request +##### Base Command + +`shodan-scan-status` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| scanID | The unique scan ID that was returned by shodan-scan. | Required | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Scan.Id | String | The unique scan ID that was returned by shodan-scan | +| Shodan.Scan.Status | String | The status of the scan job | + + +##### Command Example +```!shodan-scan-status scanID="fnFNYGzNGJFNE8lQ"``` + +##### Human Readable Output + + +### 7. shodan-create-network-alert +--- +Use this method to create a network alert for a defined IP/ netblock which can be used to subscribe to changes/ events that are discovered within that range. +##### Base Command + +`shodan-create-network-alert` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| alertName | The name to describe the network alert | Required | +| ip | A list of IPs or network ranges defined using CIDR notation | Required | +| expires | Number of seconds that the alert should be active | Optional | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Alert.ID | String | The id of the alert subscription | +| Shodan.Alert.Expires | String | Number of seconds that the alert should be active | + + +##### Command Example +```!shodan-create-network-alert alertName="test_alert" ip="1.1.1.1"``` + +##### Human Readable Output + + +### 8. shodan-network-get-alert-by-id +--- +Get the details for a network alert +##### Base Command + +`shodan-network-get-alert-by-id` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| alertID | AlertID | Required | + + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Alert.ID | String | The id of the alert subscription | +| Shodan.Alert.Expires | String | Number of seconds that the alert should be active | + + +##### Command Example +```!shodan-network-get-alert-by-id alertID="Y6KRMXWQ8FPNSHHY``` + +##### Human Readable Output + + +### 9. shodan-network-get-alerts +--- +Get a list of all the created alerts +##### Base Command + +`shodan-network-get-alerts` +##### Input + +There are no input arguments for this command. + +##### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Shodan.Alert.ID | String | The id of the alert subscription | +| Shodan.Alert.Expires | String | Number of seconds that the alert should be active | + + +##### Command Example +```!shodan-network-get-alerts``` + +##### Human Readable Output + + +### 10. shodan-network-delete-alert +--- +Remove the specified network alert. +##### Base Command + +`shodan-network-delete-alert` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| alertID | AlertID | Required | + + +##### Context Output + +There is no context output for this command. + +##### Command Example +```!shodan-network-delete-alert alertID="Y6KRMXWQ8FPNSHHY"``` + +##### Human Readable Output + + +### 11. shodan-network-alert-set-trigger +--- +Get notifications when the specified trigger is met. +##### Base Command + +`shodan-network-alert-set-trigger` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| alertID | AlertID | Required | +| Trigger | Trigger name | Required | + + +##### Context Output + +There is no context output for this command. + +##### Command Example +```!shodan-network-alert-set-trigger alertID="Y6KRMXWQ8FPNSHHY" Trigger="any"``` + +##### Human Readable Output + + +### 12. shodan-network-alert-remove-trigger +--- +Stop getting notifications for the specified trigger. +##### Base Command + +`shodan-network-alert-remove-trigger` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| alertID | AlertID | Required | +| Trigger | Trigger name | Required | + + +##### Context Output + +There is no context output for this command. + +##### Command Example +```!shodan-network-alert-remove-trigger alertID="Y6KRMXWQ8FPNSHHY" Trigger="any"``` + +##### Human Readable Output + + +### 13. shodan-network-alert-whitelist-service +--- +Ignore the specified service when it is matched for the trigger. +##### Base Command + +`shodan-network-alert-whitelist-service` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| alertID | AlertID | Required | +| trigger | Trigger name | Required | +| service | Service specified in the format "ip:port" (ex. "1.1.1.1:80") | Required | + + +##### Context Output + +There is no context output for this command. + +##### Command Example +```!shodan-network-alert-whitelist-service alertID="Y6KRMXWQ8FPNSHHY" trigger="any" service="1.1.1.1:80"``` + +##### Human Readable Output + + +### 14. shodan-network-alert-remove-service-from-whitelist +--- +Start getting notifications again for the specified trigger +##### Base Command + +`shodan-network-alert-remove-service-from-whitelist` +##### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| alertID | AlertID | Required | +| trigger | Trigger name | Required | +| service | Service specified in the format "ip:port" (ex. "1.1.1.1:80") | Required | + + +##### Context Output + +There is no context output for this command. + +##### Command Example +```!shodan-network-alert-remove-service-from-whitelist alertID="Y6KRMXWQ8FPNSHHY" trigger="any" service="1.1.1.1:80"``` + +##### Human Readable Output + + + diff --git a/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.py b/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.py index 41ce5e06c074..80456229edcc 100644 --- a/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.py +++ b/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.py @@ -198,6 +198,13 @@ def ip_command(): } } + dbot_score = { + 'Indicator': ip, + 'Type': 'ip', + 'Vendor': 'Shodan_v2', + 'Score': 0, + } + shodan_ip_details = { 'Tag': res.get('tags', []), 'Latitude': res.get('latitude', 0.0), @@ -214,6 +221,7 @@ def ip_command(): ec = { outputPaths['ip']: ip_details, + 'DBotScore': dbot_score, 'Shodan': { 'IP': shodan_ip_details } diff --git a/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml b/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml index b71170b35181..991eb95efe09 100644 --- a/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml +++ b/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml @@ -27,20 +27,27 @@ script: commands: - arguments: - default: true - description: The query for searching the database of banners. The search query supports filtering using the "filter:value" format to narrow your search. For example, the query "apache country:DE" returns Apache web servers located in Germany. + description: The query for searching the database of banners. The search query + supports filtering using the "filter:value" format to narrow your search. + For example, the query "apache country:DE" returns Apache web servers located + in Germany. isArray: false name: query required: true secret: false - default: false - description: A CSV list of properties on which to get summary information. The search query supports filtering using the "property:count" format to define the number of facets to return for a property. For example, the query "country:100" returns the top 100 countries. + description: A CSV list of properties on which to get summary information. The + search query supports filtering using the "property:count" format to define + the number of facets to return for a property. For example, the query "country:100" + returns the top 100 countries. isArray: false name: facets required: false secret: false - default: false defaultValue: '1' - description: The page number of the fetched results. Each page contains a maximum of 100 results. + description: The page number of the fetched results. Each page contains a maximum + of 100 results. isArray: false name: page required: false @@ -51,13 +58,16 @@ script: name: search outputs: - contextPath: Shodan.Banner.Org - description: The name of the organization to which the space of the IP address space for the searched device is assigned. + description: The name of the organization to which the space of the IP address + space for the searched device is assigned. type: String - contextPath: Shodan.Banner.Isp - description: The Internet Service Provider that provides the organization with the IP address space for the searched device. + description: The Internet Service Provider that provides the organization with + the IP address space for the searched device. type: String - contextPath: Shodan.Banner.Transport - description: The IP address transport protocol used to fetch the summary information. Can be "UDP" or "TCP". + description: The IP address transport protocol used to fetch the summary information. + Can be "UDP" or "TCP". type: String - contextPath: Shodan.Banner.Asn description: The Autonomous System Number. For example, "AS4837". @@ -69,10 +79,13 @@ script: description: The port number on which the service is operating. type: Number - contextPath: Shodan.Banner.Ssl.versions - description: The list of SSL versions that are supported by the server. Unsupported versions are prefixed with a "-". For example, ["TLSv1", "-SSLv2"] means that the server supports TLSv1, but does not support SSLv2. + description: The list of SSL versions that are supported by the server. Unsupported + versions are prefixed with a "-". For example, ["TLSv1", "-SSLv2"] means that + the server supports TLSv1, but does not support SSLv2. type: String - contextPath: Shodan.Banner.Hostnames - description: An array of strings containing all of the host names that have been assigned to the IP address for the searched device. + description: An array of strings containing all of the host names that have + been assigned to the IP address for the searched device. type: String - contextPath: Shodan.Banner.Location.City description: The city in which the searched device is located. @@ -87,10 +100,14 @@ script: description: The country in which the searched device is located. type: String - contextPath: Shodan.Banner.Timestamp - description: The timestamp in UTC format indicating when the banner was fetched from the searched device. + description: The timestamp in UTC format indicating when the banner was fetched + from the searched device. type: Date - contextPath: Shodan.Banner.Domains - description: An array of strings containing the top-level domains for the host names of the searched device. It is a utility property for filtering by a top-level domain instead of a subdomain. It supports handling global top-level domains that have several dots in the domain. For example, "co.uk". + description: An array of strings containing the top-level domains for the host + names of the searched device. It is a utility property for filtering by a + top-level domain instead of a subdomain. It supports handling global top-level + domains that have several dots in the domain. For example, "co.uk". type: String - contextPath: Shodan.Banner.OS description: The operating system that powers the searched device. @@ -103,7 +120,8 @@ script: required: true secret: false deprecated: false - description: Returns all services that have been found on the IP address of the searched host. + description: Returns all services that have been found on the IP address of the + searched host. execution: false name: ip outputs: @@ -132,19 +150,22 @@ script: description: The latitude of the geolocation of the searched device. type: Number - contextPath: Shodan.IP.Org - description: The name of the organization to which the IP space for the searched device is assigned. + description: The name of the organization to which the IP space for the searched + device is assigned. type: String - contextPath: Shodan.IP.ASN description: The Autonomous System Number. For example, "AS4837". type: String - contextPath: Shodan.IP.ISP - description: The Internet Service Provider that provides the organization with the IP space for the searched device. + description: The Internet Service Provider that provides the organization with + the IP space for the searched device. type: String - contextPath: Shodan.IP.Longitude description: The longitude of the geolocation of the searched device. type: Number - contextPath: Shodan.IP.LastUpdate - description: The timestamp in UTC format indicating when the banner was fetched from the searched device. + description: The timestamp in UTC format indicating when the banner was fetched + from the searched device. type: Date - contextPath: Shodan.IP.CountryName description: The country in which the searched device is located. @@ -158,15 +179,32 @@ script: - contextPath: Shodan.IP.Address description: The IP address of the host as a string. type: String + - contextPath: DBotScore.Indicator + description: The indicator value. + type: String + - contextPath: DBotScore.Score + description: The indicator score according to the vendor. + type: Number + - contextPath: DBotScore.Type + description: The indicator type. + type: String + - contextPath: DBotScore.Vendor + description: The vendor name. + type: String - arguments: - default: false - description: The query for searching the database of banners. The search query supports filtering using the "filter:value" format to narrow your search. For example, the query "apache country:DE" returns Apache web servers located in Germany. + description: The query for searching the database of banners. The search query + supports filtering using the "filter:value" format to narrow your search. + For example, the query "apache country:DE" returns Apache web servers located + in Germany. isArray: false name: query required: true secret: false deprecated: false - description: Returns the total number of results that match only the specified query or facet settings. This command does not return host results. This command does not consume query credits. + description: Returns the total number of results that match only the specified + query or facet settings. This command does not return host results. This command + does not consume query credits. execution: false name: shodan-search-count outputs: @@ -175,7 +213,8 @@ script: type: Number - arguments: - default: false - description: A CSV list of IP addresses or netblocks for Shodan to crawl defined in CIDR notation. + description: A CSV list of IP addresses or netblocks for Shodan to crawl defined + in CIDR notation. isArray: false name: ips required: true @@ -220,7 +259,8 @@ script: required: true secret: false deprecated: false - description: Checks the progress of a previously submitted scan request on the specified port and protocol. + description: Checks the progress of a previously submitted scan request on the + specified port and protocol. execution: false name: shodan-scan-status outputs: @@ -250,7 +290,9 @@ script: required: false secret: false deprecated: false - description: Creates a network alert for a defined IP address or netblock used for subscribing to changes or events that are discovered within the netblock's range. + description: Creates a network alert for a defined IP address or netblock used + for subscribing to changes or events that are discovered within the netblock's + range. execution: false name: shodan-create-network-alert outputs: @@ -258,7 +300,8 @@ script: description: The ID of the subscription of the specified network alert. type: String - contextPath: Shodan.Alert.Expires - description: The number of seconds that the specified network alert remains active. + description: The number of seconds that the specified network alert remains + active. type: String - arguments: - default: false @@ -314,7 +357,8 @@ script: required: true secret: false deprecated: false - description: Enables receiving notifications for network alerts that are set off by the specified triggers. + description: Enables receiving notifications for network alerts that are set off + by the specified triggers. execution: false name: shodan-network-alert-set-trigger - arguments: @@ -331,7 +375,8 @@ script: required: true secret: false deprecated: false - description: Disables receiving notifications for network alerts that are set off by the specified triggers. + description: Disables receiving notifications for network alerts that are set + off by the specified triggers. execution: false name: shodan-network-alert-remove-trigger - arguments: @@ -354,7 +399,8 @@ script: required: true secret: false deprecated: false - description: Ignores the specified services for network alerts that are set off by the specified triggers. + description: Ignores the specified services for network alerts that are set off + by the specified triggers. execution: false name: shodan-network-alert-whitelist-service - arguments: @@ -377,15 +423,19 @@ script: required: true secret: false deprecated: false - description: Resumes receiving notifications for network alerts that are set off by the specified triggers. + description: Resumes receiving notifications for network alerts that are set off + by the specified triggers. execution: false name: shodan-network-alert-remove-service-from-whitelist - dockerimage: demisto/python3:3.8.3.9324 - subtype: python3 + dockerimage: demisto/python3:3.9.6.22912 + feed: false isfetch: false + longRunning: false + longRunningPort: false runonce: false script: '-' + subtype: python3 type: python tests: -- "Test-Shodan_v2" +- Test-Shodan_v2 fromversion: 5.0.0 diff --git a/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2_description.md b/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2_description.md index f94d1a396af7..e69de29bb2d1 100644 --- a/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2_description.md +++ b/Packs/Shodan/Integrations/Shodan_v2/Shodan_v2_description.md @@ -1,437 +0,0 @@ -## Overview ---- - -search engine for Internet-connected devices -This integration was integrated and tested with version xx of Shodan_v2 -## Shodan_v2 Playbook ---- - -## Use Cases ---- - -## Configure Shodan_v2 on Cortex XSOAR ---- - -1. Navigate to __Settings__ > __Integrations__ > __Servers & Services__. -2. Search for Shodan_v2. -3. Click __Add instance__ to create and configure a new integration instance. - * __Name__: a textual name for the integration instance. - * __Api Key__ - * __Base url to Shodan API__ - * __Trust self-signed certificate (insecure)__ - * __Use system proxy settings__ -4. Click __Test__ to validate the URLs, token, and connection. -## Fetched Incidents Data ---- - -## Commands ---- -You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. -After you successfully execute a command, a DBot message appears in the War Room with the command details. -1. search -2. ip -3. shodan-search-count -4. shodan-scan-ip -5. shodan-scan-internet -6. shodan-scan-status -7. shodan-create-network-alert -8. shodan-network-get-alert-by-id -9. shodan-network-get-alerts -10. shodan-network-delete-alert -11. shodan-network-alert-set-trigger -12. shodan-network-alert-remove-trigger -13. shodan-network-alert-whitelist-service -14. shodan-network-alert-remove-service-from-whitelist -### 1. search ---- -Search Shodan using the same query syntax as the website and use facets to get summary information for different properties. -##### Base Command - -`search` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| query | Shodan search query. The provided string is used to search the database of banners in Shodan, with the additional option to provide filters inside the search query using a "filter:value" format. For example, the following search query would find Apache webservers located in Germany: "apache country:DE" | Required | -| facets | A comma-separated list of properties to get summary information on. Property names can also be in the format of "property:count", where "count" is the number of facets that will be returned for a property (i.e. "country:100" to get the top 100 countries for a search query) | Optional | -| page | Result page number to be fetched. Each page contains up to 100 results. | Optional | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Banner.Org | String | The name of the organization that is assigned the IP space for this device | -| Shodan.Banner.Isp | String | The ISP that is providing the organization with the IP space for this device. Consider this the "parent" of the organization in terms of IP ownership | -| Shodan.Banner.Transport | String | Either "udp" or "tcp" to indicate which IP transport protocol was used to fetch the information | -| Shodan.Banner.Asn | String | The autonomous system number (ex. "AS4837"). | -| Shodan.Banner.IP | String | The IP address of the host as a string | -| Shodan.Banner.Port | Number | The port number that the service is operating on | -| Shodan.Banner.Ssl.versions | String | list of SSL versions that are supported by the server. If a version isnt supported the value is prefixed with a "-". Example: ["TLSv1", "-SSLv2"] means that the server supports TLSv1 but doesnt support SSLv2. | -| Shodan.Banner.Hostnames | String | An array of strings containing all of the hostnames that have been assigned to the IP address for this device. | -| Shodan.Banner.Location.City | String | The name of the city where the device is located | -| Shodan.Banner.Location.Longitude | Number | The longitude for the geolocation of the device | -| Shodan.Banner.Location.Latitude | Number | The latitude for the geolocation of the device | -| Shodan.Banner.Location.Country | String | The name of the country where the device is located | -| Shodan.Banner.Timestamp | Date | The timestamp for when the banner was fetched from the device in the UTC timezone | -| Shodan.Banner.Domains | String | An array of strings containing the top-level domains for the hostnames of the device. This is a utility property in case you want to filter by TLD instead of subdomain. It is smart enough to handle global TLDs with several dots in the domain (ex. "co.uk") | -| Shodan.Banner.OS | String | The operating system that powers the device | - - -##### Command Example -```!search query="country:HK product:Apache"``` - -##### Human Readable Output - - -### 2. ip ---- -Returns all services that have been found on the given host IP. -##### Base Command - -`ip` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| ip | Host IP address | Required | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| IP.ASN | Unknown | Autonomous System Number (ASN) such as IP owner | -| IP.Address | Unknown | IP Address | -| IP.Geo.Country | Unknown | Country of given IP | -| IP.Geo.Description | Unknown | Description of location | -| IP.Geo.Location | Unknown | Latitude and longitude of given IP | -| IP.Hostname | Unknown | Hostname | -| Shodan.IP.Tags | String | The tags related to the IP | -| Shodan.IP.Latitude | Number | The latitude for the geolocation of the device | -| Shodan.IP.Org | String | The name of the organization that is assigned the IP space for this device | -| Shodan.IP.ASN | String | The autonomous system number (ex. "AS4837"). | -| Shodan.IP.ISP | String | The ISP that is providing the organization with the IP space for this device. Consider this the "parent" of the organization in terms of IP ownership | -| Shodan.IP.Longitude | Number | The Longitude for the geolocation of the device | -| Shodan.IP.LastUpdate | Date | The timestamp for when the banner was fetched from the device in the UTC timezone | -| Shodan.IP.CountryName | String | The name of the country where the device is located | -| Shodan.IP.OS | String | The operating system that powers the device | -| Shodan.IP.Port | Number | The port number that the service is operating on | -| Shodan.IP.Address | String | The IP address of the host as a string | - - -##### Command Example -```!ip ip="8.8.8.8"``` - -##### Human Readable Output - - -### 3. shodan-search-count ---- -This method behaves identical to "shodan-search" with the only difference that this method does not return any host results, it only returns the total number of results that matched the query and any facet information that was requested. As a result this method does not consume query credits. -##### Base Command - -`shodan-search-count` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| query | Shodan search query. The provided string is used to search the database of banners in Shodan, with the additional option to provide filters inside the search query using a "filter:value" format. | Required | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Search.ResultCount | Number | Number of results generated by the search query | - - -##### Command Example -```!shodan-search-count query="country:HK product:Apache"``` - -##### Human Readable Output - - -### 4. shodan-scan-ip ---- -Use this method to request Shodan to crawl a network. -##### Base Command - -`shodan-scan-ip` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| ips | A comma-separated list of IPs or netblocks (in CIDR notation) that should get crawled. | Required | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Scan.ID | String | The unique scan ID that was returned by shodan-scan-ip. | -| Shodan.Scan.Status | String | The status of the scan job | - - -##### Command Example -```!shodan-scan-ip ips="1.1.1.69"``` - -##### Human Readable Output - - -### 5. shodan-scan-internet ---- -This method is restricted to security researchers and companies with a Shodan Enterprise Data license -##### Base Command - -`shodan-scan-internet` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| port | The port that Shodan should crawl the Internet for | Required | -| protocol | The name of the protocol that should be used to interrogate the port. | Required | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Scan.ID | String | The id of the scan job | - - -##### Command Example -```!shodan-scan-internet port="80" protocol="http"``` - -##### Human Readable Output - - -### 6. shodan-scan-status ---- -Check the progress of a previously submitted scan request -##### Base Command - -`shodan-scan-status` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| scanID | The unique scan ID that was returned by shodan-scan. | Required | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Scan.Id | String | The unique scan ID that was returned by shodan-scan | -| Shodan.Scan.Status | String | The status of the scan job | - - -##### Command Example -```!shodan-scan-status scanID="fnFNYGzNGJFNE8lQ"``` - -##### Human Readable Output - - -### 7. shodan-create-network-alert ---- -Use this method to create a network alert for a defined IP/ netblock which can be used to subscribe to changes/ events that are discovered within that range. -##### Base Command - -`shodan-create-network-alert` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| alertName | The name to describe the network alert | Required | -| ip | A list of IPs or network ranges defined using CIDR notation | Required | -| expires | Number of seconds that the alert should be active | Optional | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Alert.ID | String | The id of the alert subscription | -| Shodan.Alert.Expires | String | Number of seconds that the alert should be active | - - -##### Command Example -```!shodan-create-network-alert alertName="test_alert" ip="1.1.1.1"``` - -##### Human Readable Output - - -### 8. shodan-network-get-alert-by-id ---- -Get the details for a network alert -##### Base Command - -`shodan-network-get-alert-by-id` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| alertID | AlertID | Required | - - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Alert.ID | String | The id of the alert subscription | -| Shodan.Alert.Expires | String | Number of seconds that the alert should be active | - - -##### Command Example -```!shodan-network-get-alert-by-id alertID="Y6KRMXWQ8FPNSHHY``` - -##### Human Readable Output - - -### 9. shodan-network-get-alerts ---- -Get a list of all the created alerts -##### Base Command - -`shodan-network-get-alerts` -##### Input - -There are no input arguments for this command. - -##### Context Output - -| **Path** | **Type** | **Description** | -| --- | --- | --- | -| Shodan.Alert.ID | String | The id of the alert subscription | -| Shodan.Alert.Expires | String | Number of seconds that the alert should be active | - - -##### Command Example -```!shodan-network-get-alerts``` - -##### Human Readable Output - - -### 10. shodan-network-delete-alert ---- -Remove the specified network alert. -##### Base Command - -`shodan-network-delete-alert` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| alertID | AlertID | Required | - - -##### Context Output - -There is no context output for this command. - -##### Command Example -```!shodan-network-delete-alert alertID="Y6KRMXWQ8FPNSHHY"``` - -##### Human Readable Output - - -### 11. shodan-network-alert-set-trigger ---- -Get notifications when the specified trigger is met. -##### Base Command - -`shodan-network-alert-set-trigger` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| alertID | AlertID | Required | -| Trigger | Trigger name | Required | - - -##### Context Output - -There is no context output for this command. - -##### Command Example -```!shodan-network-alert-set-trigger alertID="Y6KRMXWQ8FPNSHHY" Trigger="any"``` - -##### Human Readable Output - - -### 12. shodan-network-alert-remove-trigger ---- -Stop getting notifications for the specified trigger. -##### Base Command - -`shodan-network-alert-remove-trigger` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| alertID | AlertID | Required | -| Trigger | Trigger name | Required | - - -##### Context Output - -There is no context output for this command. - -##### Command Example -```!shodan-network-alert-remove-trigger alertID="Y6KRMXWQ8FPNSHHY" Trigger="any"``` - -##### Human Readable Output - - -### 13. shodan-network-alert-whitelist-service ---- -Ignore the specified service when it is matched for the trigger. -##### Base Command - -`shodan-network-alert-whitelist-service` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| alertID | AlertID | Required | -| trigger | Trigger name | Required | -| service | Service specified in the format "ip:port" (ex. "1.1.1.1:80") | Required | - - -##### Context Output - -There is no context output for this command. - -##### Command Example -```!shodan-network-alert-whitelist-service alertID="Y6KRMXWQ8FPNSHHY" trigger="any" service="1.1.1.1:80"``` - -##### Human Readable Output - - -### 14. shodan-network-alert-remove-service-from-whitelist ---- -Start getting notifications again for the specified trigger -##### Base Command - -`shodan-network-alert-remove-service-from-whitelist` -##### Input - -| **Argument Name** | **Description** | **Required** | -| --- | --- | --- | -| alertID | AlertID | Required | -| trigger | Trigger name | Required | -| service | Service specified in the format "ip:port" (ex. "1.1.1.1:80") | Required | - - -##### Context Output - -There is no context output for this command. - -##### Command Example -```!shodan-network-alert-remove-service-from-whitelist alertID="Y6KRMXWQ8FPNSHHY" trigger="any" service="1.1.1.1:80"``` - -##### Human Readable Output - - - diff --git a/Packs/Shodan/ReleaseNotes/1_0_4.md b/Packs/Shodan/ReleaseNotes/1_0_4.md new file mode 100644 index 000000000000..3d03bdc16738 --- /dev/null +++ b/Packs/Shodan/ReleaseNotes/1_0_4.md @@ -0,0 +1,3 @@ +#### Integrations +##### Shodan v2 +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Shodan/pack_metadata.json b/Packs/Shodan/pack_metadata.json index d62c50267d0c..20cdd2166421 100644 --- a/Packs/Shodan/pack_metadata.json +++ b/Packs/Shodan/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Shodan", "description": "A search engine used for searching Internet-connected devices", "support": "xsoar", - "currentVersion": "1.0.3", + "currentVersion": "1.0.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index ec02f2cab9a8..16e8209c202a 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -2749,6 +2749,11 @@ "playbookID": "Request Debugging - Test", "fromversion": "5.0.0" }, + { + "integrations": "Kaspersky Security Center", + "playbookID": "Kaspersky Security Center - Test", + "fromversion": "5.5.0" + }, { "playbookID": "Test Convert file hash to corresponding hashes", "fromversion": "4.5.0", From db5e0f586bc981e50b1620382d9ddc6f060f8f64 Mon Sep 17 00:00:00 2001 From: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Date: Wed, 25 Aug 2021 09:35:40 +0300 Subject: [PATCH 029/173] Upload list content item (#14464) * removed the gke tag from run-validations job * adding list item * adding list item * widget fix * testing * testing * testing * testing * typo fix * revert testing changes * revert testing changes * revert testing changes --- Tests/Marketplace/marketplace_constants.py | 5 +++-- Tests/Marketplace/marketplace_services.py | 7 ++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/Tests/Marketplace/marketplace_constants.py b/Tests/Marketplace/marketplace_constants.py index 50d99bfd12d1..0648bbbf78e0 100644 --- a/Tests/Marketplace/marketplace_constants.py +++ b/Tests/Marketplace/marketplace_constants.py @@ -143,6 +143,7 @@ class PackFolders(enum.Enum): GENERIC_FIELDS = "GenericFields" GENERIC_MODULES = "GenericModules" GENERIC_TYPES = "GenericTypes" + LISTS = 'Lists' @classmethod def pack_displayed_items(cls): @@ -152,7 +153,7 @@ def pack_displayed_items(cls): PackFolders.INDICATOR_FIELDS.value, PackFolders.REPORTS.value, PackFolders.INDICATOR_TYPES.value, PackFolders.LAYOUTS.value, PackFolders.CLASSIFIERS.value, PackFolders.WIDGETS.value, PackFolders.GENERIC_DEFINITIONS.value, PackFolders.GENERIC_FIELDS.value, PackFolders.GENERIC_MODULES.value, - PackFolders.GENERIC_TYPES.value + PackFolders.GENERIC_TYPES.value, PackFolders.LISTS.value } @classmethod @@ -167,7 +168,7 @@ def json_supported_folders(cls): PackFolders.INCIDENT_FIELDS.value, PackFolders.INCIDENT_TYPES.value, PackFolders.INDICATOR_FIELDS.value, PackFolders.LAYOUTS.value, PackFolders.INDICATOR_TYPES.value, PackFolders.REPORTS.value, PackFolders.WIDGETS.value, PackFolders.GENERIC_DEFINITIONS.value, PackFolders.GENERIC_FIELDS.value, - PackFolders.GENERIC_MODULES.value, PackFolders.GENERIC_TYPES.value + PackFolders.GENERIC_MODULES.value, PackFolders.GENERIC_TYPES.value, PackFolders.LISTS.value } diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index 42263b85fefb..b6cac2336981 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -1476,7 +1476,8 @@ def collect_content_items(self): PackFolders.GENERIC_DEFINITIONS.value: "GenericDefinitions", PackFolders.GENERIC_FIELDS.value: "GenericFields", PackFolders.GENERIC_MODULES.value: "GenericModules", - PackFolders.GENERIC_TYPES.value: "GenericTypes" + PackFolders.GENERIC_TYPES.value: "GenericTypes", + PackFolders.LISTS.value: "list" } for root, pack_dirs, pack_files_names in os.walk(self._pack_path, topdown=False): @@ -1616,6 +1617,10 @@ def collect_content_items(self): 'dataType': content_item.get('dataType', ""), 'widgetType': content_item.get('widgetType', "") }) + elif current_directory == PackFolders.LISTS.value: + folder_collected_items.append({ + 'name': content_item.get('name', "") + }) elif current_directory == PackFolders.GENERIC_DEFINITIONS.value: folder_collected_items.append({ 'name': content_item.get('name', ""), From 58aea05f3f4ab79931fd928a94d15c2d7a2dd34e Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 25 Aug 2021 10:13:50 +0300 Subject: [PATCH 030/173] Update Docker Image To demisto/python3 (#14522) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml Docker image update --- Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml | 2 +- Packs/ExpanseV2/ReleaseNotes/1_8_1.md | 3 +++ Packs/ExpanseV2/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/ExpanseV2/ReleaseNotes/1_8_1.md diff --git a/Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml b/Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml index 4f2497b7f758..b051a0fdcefa 100644 --- a/Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml +++ b/Packs/ExpanseV2/Integrations/FeedExpanse/FeedExpanse.yml @@ -157,7 +157,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 fromversion: 6.0.0 tests: - Feed Expanse Test diff --git a/Packs/ExpanseV2/ReleaseNotes/1_8_1.md b/Packs/ExpanseV2/ReleaseNotes/1_8_1.md new file mode 100644 index 000000000000..8eab5d82a22d --- /dev/null +++ b/Packs/ExpanseV2/ReleaseNotes/1_8_1.md @@ -0,0 +1,3 @@ +#### Integrations +##### Expanse Expander Feed +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/ExpanseV2/pack_metadata.json b/Packs/ExpanseV2/pack_metadata.json index 2041790dadb7..a8cd751a7ab2 100644 --- a/Packs/ExpanseV2/pack_metadata.json +++ b/Packs/ExpanseV2/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Expanse v2", "description": "Automate Attack Surface Management to identify Internet assets and quickly remediate misconfigurations with Expanse, a Palo Alto Networks company.", "support": "xsoar", - "currentVersion": "1.8.0", + "currentVersion": "1.8.1", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From ab415746b233dc9835e516acbcf28a7bba3793fe Mon Sep 17 00:00:00 2001 From: Timor Eizenman <50326704+teizenman@users.noreply.github.com> Date: Wed, 25 Aug 2021 10:36:20 +0300 Subject: [PATCH 031/173] Content mgmt bug fixes (#14459) * bug fixes * bug fixes * rn * metadata * Update pack_metadata.json * Update Packs/ContentManagement/ReleaseNotes/1_0_3.md Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> --- Packs/ContentManagement/ReleaseNotes/1_0_3.md | 4 ++++ .../MarketplacePackInstaller/MarketplacePackInstaller.py | 5 ++--- .../MarketplacePackInstaller/MarketplacePackInstaller.yml | 2 +- Packs/ContentManagement/pack_metadata.json | 4 ++-- 4 files changed, 9 insertions(+), 6 deletions(-) create mode 100644 Packs/ContentManagement/ReleaseNotes/1_0_3.md diff --git a/Packs/ContentManagement/ReleaseNotes/1_0_3.md b/Packs/ContentManagement/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..73c919cd995b --- /dev/null +++ b/Packs/ContentManagement/ReleaseNotes/1_0_3.md @@ -0,0 +1,4 @@ + +#### Scripts +##### MarketplacePackInstaller + - Fixed an issue where the script failed due to incorrect response parsing. \ No newline at end of file diff --git a/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.py b/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.py index 94d2439083c7..0d2f38728b5a 100644 --- a/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.py +++ b/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.py @@ -36,7 +36,7 @@ def get_installed_packs(self) -> None: demisto.debug(error_message) return - packs_data: List[Dict[str, str]] = res[0].get('Contents', {}).get('response', []) + packs_data: List[Dict[str, str]] = res.get('response', []) for pack in packs_data: self.installed_packs[pack['id']] = parse(pack['currentVersion']) self.already_on_machine_packs[pack['id']] = parse(pack['currentVersion']) @@ -119,8 +119,7 @@ def get_latest_version_for_pack(self, pack_id: str) -> str: str. The latest version of the pack. """ res = self.get_pack_data_from_marketplace(pack_id) - return res.get('Contents', {}).get('response', {}).get( # type: ignore[call-overload, union-attr] - 'currentVersion') + return res.get('response', {}).get('currentVersion') # type: ignore[call-overload, union-attr] def get_packs_data_for_installation(self, packs_to_install: List[Dict[str, str]]) -> List[Dict[str, str]]: """Creates a list of packs' data for the installation request. diff --git a/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.yml b/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.yml index 5305df72d29a..3334aecc12d9 100644 --- a/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.yml +++ b/Packs/ContentManagement/Scripts/MarketplacePackInstaller/MarketplacePackInstaller.yml @@ -40,7 +40,7 @@ system: false tags: - configuration - Content Management -timeout: '0' +timeout: 600ns type: python dockerimage: demisto/xsoar-tools:1.0.0.23423 tests: diff --git a/Packs/ContentManagement/pack_metadata.json b/Packs/ContentManagement/pack_metadata.json index 4b15bad69ac7..3c223a2b20bb 100644 --- a/Packs/ContentManagement/pack_metadata.json +++ b/Packs/ContentManagement/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Content Management (Alpha)", "description": "This pack enables you to orchestrate your XSOAR system configuration.", "support": "xsoar", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", @@ -11,4 +11,4 @@ "tags": [], "useCases": [], "keywords": [] -} \ No newline at end of file +} From bb9b72942666bf9608f04952e39a1895ff5ee08f Mon Sep 17 00:00:00 2001 From: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Date: Wed, 25 Aug 2021 10:47:57 +0300 Subject: [PATCH 032/173] Typo fix constnats upload (#14525) * fix typo * fix typo * fix typo --- Tests/Marketplace/marketplace_services.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index b6cac2336981..2ef6afdeb874 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -1759,7 +1759,7 @@ def _enhance_pack_attributes(self, index_folder_path, pack_was_modified, self._preview_only = get_valid_bool(self.user_metadata.get(Metadata.PREVIEW_ONLY, False)) self._price = convert_price(pack_id=self._pack_name, price_value_input=self.user_metadata.get('price')) if self._is_private_pack: - self._vendor_id = self.user_metadata.get(Metadata.VERNDOR_ID, "") + self._vendor_id = self.user_metadata.get(Metadata.VENDOR_ID, "") self._partner_id = self.user_metadata.get(Metadata.PARTNER_ID, "") self._partner_name = self.user_metadata.get(Metadata.PARTNER_NAME, "") self._content_commit_hash = self.user_metadata.get(Metadata.CONTENT_COMMIT_HASH, "") From 4886549a5321b9b00834d176c8ce2c685238bb63 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 25 Aug 2021 11:01:41 +0300 Subject: [PATCH 033/173] Update Docker Image To demisto/chromium (#14523) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Fixed conflicts Co-authored-by: sberman Co-authored-by: Shelly Berman <45915502+Shellyber@users.noreply.github.com> --- Packs/ExpanseV2/ReleaseNotes/1_8_1.md | 1 + Packs/ExpanseV2/ReleaseNotes/1_8_2.md | 4 ++++ .../ExpanseGenerateIssueMapWidgetScript.yml | 2 +- Packs/ExpanseV2/pack_metadata.json | 2 +- 4 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 Packs/ExpanseV2/ReleaseNotes/1_8_2.md diff --git a/Packs/ExpanseV2/ReleaseNotes/1_8_1.md b/Packs/ExpanseV2/ReleaseNotes/1_8_1.md index 8eab5d82a22d..641dc4288397 100644 --- a/Packs/ExpanseV2/ReleaseNotes/1_8_1.md +++ b/Packs/ExpanseV2/ReleaseNotes/1_8_1.md @@ -1,3 +1,4 @@ + #### Integrations ##### Expanse Expander Feed - Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/ExpanseV2/ReleaseNotes/1_8_2.md b/Packs/ExpanseV2/ReleaseNotes/1_8_2.md new file mode 100644 index 000000000000..a9be7f73e108 --- /dev/null +++ b/Packs/ExpanseV2/ReleaseNotes/1_8_2.md @@ -0,0 +1,4 @@ + +#### Scripts +##### ExpanseGenerateIssueMapWidgetScript +- Upgraded the Docker image to: *demisto/chromium:1.0.0.23161*. \ No newline at end of file diff --git a/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml b/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml index 0e78cc080910..04c0b78de442 100644 --- a/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml +++ b/Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml @@ -18,7 +18,7 @@ args: commonfields: id: ExpanseGenerateIssueMapWidgetScript version: -1 -dockerimage: demisto/chromium:1.0.0.22261 +dockerimage: demisto/chromium:1.0.0.23161 enabled: true name: ExpanseGenerateIssueMapWidgetScript runas: DBotRole diff --git a/Packs/ExpanseV2/pack_metadata.json b/Packs/ExpanseV2/pack_metadata.json index a8cd751a7ab2..4e374a4ac656 100644 --- a/Packs/ExpanseV2/pack_metadata.json +++ b/Packs/ExpanseV2/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Expanse v2", "description": "Automate Attack Surface Management to identify Internet assets and quickly remediate misconfigurations with Expanse, a Palo Alto Networks company.", "support": "xsoar", - "currentVersion": "1.8.1", + "currentVersion": "1.8.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From f9a3d0979cf4434a9b8130032b5a20d8a02684cd Mon Sep 17 00:00:00 2001 From: Tal Lieber <72691467+tallieber@users.noreply.github.com> Date: Wed, 25 Aug 2021 11:20:35 +0300 Subject: [PATCH 034/173] ParseEmailFiles - added code for multiple mime encoding (#14076) * added code for multiple encoding * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * added code for multiple encoding - rn tests * docker * rn * add replace logic * add replace logic * meta data * fix test * lint * fix * rn * added default and force arguments, added a verification null bytes not on encoded string * rn * change debug * add debug * update * update --- Packs/CommonScripts/ReleaseNotes/1_4_26.md | 5 ++ .../ParseEmailFiles/ParseEmailFiles.py | 79 ++++++++++++++----- .../ParseEmailFiles/ParseEmailFiles.yml | 6 ++ .../ParseEmailFiles/ParseEmailFiles_test.py | 13 ++- Packs/CommonScripts/pack_metadata.json | 2 +- 5 files changed, 80 insertions(+), 25 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_4_26.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_4_26.md b/Packs/CommonScripts/ReleaseNotes/1_4_26.md new file mode 100644 index 000000000000..1f8b38e951d8 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_4_26.md @@ -0,0 +1,5 @@ +#### Scripts +##### ParseEmailFiles +- Fixed an issue where multiple MIME encoded words were not decoded. +- Added **default_encoding** argument to use while message parsing where encoding fails. +- Added **forced_encoding** argument to force use that encoding while message parsing. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py index 4a7351ca75de..17d49104eaeb 100644 --- a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py +++ b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py @@ -181,21 +181,35 @@ def PtypString8(data_value): def PtypString(data_value): if data_value: try: + if USER_ENCODING: + demisto.debug('Using argument user_encoding: {} to decode parsed message.'.format(USER_ENCODING)) + return data_value.decode(USER_ENCODING, errors="ignore") res = chardet.detect(data_value) enc = res['encoding'] or 'ascii' # in rare cases chardet fails to detect and return None as encoding if enc != 'ascii': if enc.lower() == 'windows-1252' and res['confidence'] < 0.9: - demisto.debug('encoding detection confidence below threshold {}, ' - 'switching encoding to "windows-1250"'.format(res)) - enc = 'windows-1250' - data_value = data_value.decode(enc, errors='ignore').replace('\x00', '') - elif '\x00' not in data_value: - data_value = data_value.decode("ascii", errors="ignore").replace('\x00', '') + + enc = DEFAULT_ENCODING if DEFAULT_ENCODING else 'windows-1250' + demisto.debug('Encoding detection confidence below threshold {}, ' + 'switching encoding to "{}"'.format(res, enc)) + + temp = data_value + data_value = temp.decode(enc, errors='ignore') + if '\x00' in data_value: + demisto.debug('None bytes found on encoded string, will try use utf-16-le ' + 'encoding instead') + data_value = temp.decode("utf-16-le", errors="ignore") + + elif b'\x00' not in data_value: + data_value = data_value.decode("ascii", errors="ignore") else: - data_value = data_value.decode("utf-16-le", errors="ignore").replace('\x00', '') + data_value = data_value.decode("utf-16-le", errors="ignore") except UnicodeDecodeError: - data_value = data_value.decode("utf-16-le", errors="ignore").replace('\x00', '') + data_value = data_value.decode("utf-16-le", errors="ignore") + + if isinstance(data_value, (bytes, bytearray)): + data_value = data_value.decode('utf-8') return data_value @@ -2659,6 +2673,8 @@ def recursive_convert_to_unicode(replace_to_utf): EMBEDDED_MSG_HEADER_SIZE = 24 CONTROL_CHARS = re.compile(r'[\n\r\t]') MIME_ENCODED_WORD = re.compile(r'(.*)=\?(.+)\?([B|Q])\?(.+)\?=(.*)') # guardrails-disable-line +USER_ENCODING = demisto.args().get('forced_encoding', '') +DEFAULT_ENCODING = demisto.args().get('default_encoding', '') class Message(object): @@ -3387,13 +3403,21 @@ def get_utf_string(text, field): return utf_string -def mime_decode(word_mime_encoded): - prefix, charset, encoding, encoded_text, suffix = word_mime_encoded.groups() - if encoding.lower() == 'b': - byte_string = base64.b64decode(encoded_text) - elif encoding.lower() == 'q': - byte_string = quopri.decodestring(encoded_text) - return prefix + byte_string.decode(charset) + suffix +def mime_decode(encoded_string): + word_mime_encoded = MIME_ENCODED_WORD.search(encoded_string) + if word_mime_encoded: + prefix, charset, encoding, encoded_text, suffix = word_mime_encoded.groups() + if encoding.lower() == 'b': + byte_string = base64.b64decode(encoded_text) + elif encoding.lower() == 'q': + byte_string = quopri.decodestring(encoded_text) + try: + return prefix + byte_string.decode(charset) + suffix + except UnicodeDecodeError: + demisto.debug('Failed to decode encoded_string: {}. charset: {}, ' + 'encoding: {}, encoded_text: {}'.format(encoded_string, charset, encoding, encoded_text)) + return prefix + byte_string.decode(charset, errors='replace') + suffix + return '' def convert_to_unicode(s, is_msg_header=True): @@ -3401,13 +3425,25 @@ def convert_to_unicode(s, is_msg_header=True): try: res = '' # utf encoded result if is_msg_header: # Mime encoded words used on message headers only + encode_decode_phrase = s try: - word_mime_encoded = s and MIME_ENCODED_WORD.search(s) + word_mime_encoded = MIME_ENCODED_WORD.search(encode_decode_phrase) if word_mime_encoded: - word_mime_decoded = mime_decode(word_mime_encoded) - if word_mime_decoded and not MIME_ENCODED_WORD.search(word_mime_decoded): - # ensure decoding was successful - return word_mime_decoded + if '?= =?' in encode_decode_phrase: + encode_decode_phrase = encode_decode_phrase.replace('?= =?', '?==?') + while word_mime_encoded: + # encoded-word" is a sequence of printable ASCII characters that begins with "=?", + # ends with "?=", and has two "?"s in between. + start_encoding_index = encode_decode_phrase.index('=?') + end_encoding_index = encode_decode_phrase.index('?=') + 2 + # index return the index where "?=" starts, need to include it on the substring + encoded_substring = encode_decode_phrase[start_encoding_index:end_encoding_index] + decoded_substring = mime_decode(encoded_substring) + encode_decode_phrase = encode_decode_phrase[:start_encoding_index] + decoded_substring + \ + encode_decode_phrase[end_encoding_index:] # noqa: E127 + word_mime_encoded = MIME_ENCODED_WORD.search(encode_decode_phrase) + return encode_decode_phrase + except Exception as e: # in case we failed to mine-decode, we continue and try to decode demisto.debug('Failed decoding mime-encoded string: {}. Will try regular decoding.'.format(str(e))) @@ -3770,7 +3806,8 @@ def main(): output = create_email_output(email_data, attached_emails) elif any(eml_candidate in file_type_lower for eml_candidate in - ['rfc 822 mail', 'smtp mail', 'multipart/signed', 'multipart/alternative', 'multipart/mixed', 'message/rfc822', + ['rfc 822 mail', 'smtp mail', 'multipart/signed', 'multipart/alternative', 'multipart/mixed', + 'message/rfc822', 'application/pkcs7-mime', 'multipart/related']): if 'unicode (with bom) text' in file_type_lower: email_data, attached_emails = handle_eml( diff --git a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml index c6402a67e22c..112b28b07644 100644 --- a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml +++ b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml @@ -15,6 +15,12 @@ args: contains an emails contains an email). Default depth level is 3. Minimum level is 1, if set to 1 the script will parse only the first level email name: max_depth +- required: false + name: forced_encoding + description: Use only the force encoding when parsing the message, e.g 'iso-2022-jp'. Relevant to msg files only. +- required: false + name: default_encoding + description: Use only the default encoding when parsing the message with the detected encoding fails, e.g 'utf-8'. Relevant to msg files only. comment: Parse an email from an eml or msg file and populate all relevant context data to investigate the email. Also extracts inner attachments and returns them to the war room. The incident labels themselves are preserved and not modified - diff --git a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py index 0cf65a4b9e4b..0acb6f2fbb62 100644 --- a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py +++ b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py @@ -402,7 +402,9 @@ def executeCommand(name, args=None): @pytest.mark.parametrize('encoded_subject, decoded_subject', [ ( - '[TESTING] =?utf-8?q?=F0=9F=94=92_=E2=9C=94_Votre_colis_est_disponible_chez_votre_co?= =?utf-8?q?mmer=C3=A7ant_Pickup_!?=', # noqa E501 + '[TESTING] =?utf-8?q?=F0=9F=94=92_=E2=9C=94_Votre_colis_est_disponible_chez_votre_co?= ' + '=?utf-8?q?mmer=C3=A7ant_Pickup_!?=', + # noqa E501 '[TESTING]\xf0\x9f\x94\x92 \xe2\x9c\x94 Votre colis est disponible chez votre commer\xc3\xa7ant Pickup !' ), ( @@ -410,9 +412,14 @@ def executeCommand(name, args=None): 'This Test® passes' ), ( - '=?utf-8?B?44CQ?= =?utf-8?B?4pGg?=', # test case: double utf-8 byte encoded - '\xe3\x80\x90\xe2\x91\xa0' # 【① + '=?utf-8?B?44CQ?= =?utf-8?B?4pGg?=', # test case: double utf-8 byte encoded + '\xe3\x80\x90\xe2\x91\xa0' # 【① ), + ( + 'This is test =?iso-2022-jp?B?GyRCJWEhPCVrLSEkSHxxGyhC?= ' + '=?iso-2022-jp?B?GyRCRnxLXDhsSjg7eiQsST08KCQ1JGwkSiQkSjg7eiROJUYlOSVIGyhC?=', + 'This is test メール�と�日本語文字が表示されない文字のテスト' + ) ]) def test_utf_subject_convert(encoded_subject, decoded_subject): decoded = convert_to_unicode(encoded_subject) diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 0c5a980477b8..4829b026f9ac 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.4.25", + "currentVersion": "1.4.26", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 7369880dcdf6e2a0085561f4923cd9b34e8bbf80 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 25 Aug 2021 12:53:18 +0300 Subject: [PATCH 035/173] Update Docker Image To demisto/python3 (#14532) * Updated Metadata Of Pack Armis * Added release notes to pack Armis * Packs/Armis/Integrations/Armis/Armis.yml Docker image update * Updated Metadata Of Pack AttackIQFireDrill * Added release notes to pack AttackIQFireDrill * Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml Docker image update * Updated Metadata Of Pack BPA * Added release notes to pack BPA * Packs/BPA/Integrations/BPA/BPA.yml Docker image update * Updated Metadata Of Pack Barracuda * Added release notes to pack Barracuda * Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml Docker image update * Updated Metadata Of Pack BastilleNetworks * Added release notes to pack BastilleNetworks * Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml Docker image update * Updated Metadata Of Pack BitDam * Added release notes to pack BitDam * Packs/BitDam/Integrations/BitDam/BitDam.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack BluelivThreatCompass * Added release notes to pack BluelivThreatCompass * Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml Docker image update * Updated Metadata Of Pack BluelivThreatContext * Added release notes to pack BluelivThreatContext * Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml Docker image update * Updated Metadata Of Pack Bonusly * Added release notes to pack Bonusly * Packs/Bonusly/Integrations/Bonusly/Bonusly.yml Docker image update --- Packs/Armis/Integrations/Armis/Armis.yml | 2 +- Packs/Armis/ReleaseNotes/1_0_3.md | 3 +++ Packs/Armis/pack_metadata.json | 2 +- .../Integrations/AttackIQFireDrill/AttackIQFireDrill.yml | 2 +- Packs/AttackIQFireDrill/ReleaseNotes/1_0_5.md | 3 +++ Packs/AttackIQFireDrill/pack_metadata.json | 2 +- Packs/BPA/Integrations/BPA/BPA.yml | 2 +- Packs/BPA/ReleaseNotes/1_2_9.md | 3 +++ Packs/BPA/pack_metadata.json | 2 +- .../BarracudaReputationBlockListBRBL.yml | 2 +- Packs/Barracuda/ReleaseNotes/1_0_2.md | 3 +++ Packs/Barracuda/pack_metadata.json | 2 +- .../Integrations/BastilleNetworks/BastilleNetworks.yml | 2 +- Packs/BastilleNetworks/ReleaseNotes/1_0_5.md | 3 +++ Packs/BastilleNetworks/pack_metadata.json | 2 +- Packs/BitDam/Integrations/BitDam/BitDam.yml | 2 +- Packs/BitDam/ReleaseNotes/1_0_3.md | 3 +++ Packs/BitDam/pack_metadata.json | 2 +- .../BitSightForSecurityPerformanceManagement.yml | 2 +- Packs/BitSight/ReleaseNotes/1_0_6.md | 3 +++ Packs/BitSight/pack_metadata.json | 2 +- .../Integrations/BluelivThreatCompass/BluelivThreatCompass.yml | 2 +- Packs/BluelivThreatCompass/ReleaseNotes/1_0_4.md | 3 +++ Packs/BluelivThreatCompass/pack_metadata.json | 2 +- .../Integrations/BluelivThreatContext/BluelivThreatContext.yml | 2 +- Packs/BluelivThreatContext/ReleaseNotes/1_0_3.md | 3 +++ Packs/BluelivThreatContext/pack_metadata.json | 2 +- Packs/Bonusly/Integrations/Bonusly/Bonusly.yml | 2 +- Packs/Bonusly/ReleaseNotes/1_0_4.md | 3 +++ Packs/Bonusly/pack_metadata.json | 2 +- 30 files changed, 50 insertions(+), 20 deletions(-) create mode 100644 Packs/Armis/ReleaseNotes/1_0_3.md create mode 100644 Packs/AttackIQFireDrill/ReleaseNotes/1_0_5.md create mode 100644 Packs/BPA/ReleaseNotes/1_2_9.md create mode 100644 Packs/Barracuda/ReleaseNotes/1_0_2.md create mode 100644 Packs/BastilleNetworks/ReleaseNotes/1_0_5.md create mode 100644 Packs/BitDam/ReleaseNotes/1_0_3.md create mode 100644 Packs/BitSight/ReleaseNotes/1_0_6.md create mode 100644 Packs/BluelivThreatCompass/ReleaseNotes/1_0_4.md create mode 100644 Packs/BluelivThreatContext/ReleaseNotes/1_0_3.md create mode 100644 Packs/Bonusly/ReleaseNotes/1_0_4.md diff --git a/Packs/Armis/Integrations/Armis/Armis.yml b/Packs/Armis/Integrations/Armis/Armis.yml index 329be513e5a3..9749975e852d 100644 --- a/Packs/Armis/Integrations/Armis/Armis.yml +++ b/Packs/Armis/Integrations/Armis/Armis.yml @@ -475,7 +475,7 @@ script: - contextPath: Armis.Device.visibility description: The visibility of the device. type: String - dockerimage: demisto/python3:3.9.5.20958 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: true longRunning: false diff --git a/Packs/Armis/ReleaseNotes/1_0_3.md b/Packs/Armis/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..be5127cca8e4 --- /dev/null +++ b/Packs/Armis/ReleaseNotes/1_0_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### Armis +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Armis/pack_metadata.json b/Packs/Armis/pack_metadata.json index 0bcea90c8e1a..1bc5f1333160 100755 --- a/Packs/Armis/pack_metadata.json +++ b/Packs/Armis/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Armis", "description": "Agentless and passive security platform that sees, identifies, and classifies every device, tracks behavior, identifies threats, and takes action automatically to protect critical information and systems", "support": "xsoar", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml b/Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml index 74492363d05b..7d30277518ec 100644 --- a/Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml +++ b/Packs/AttackIQFireDrill/Integrations/AttackIQFireDrill/AttackIQFireDrill.yml @@ -679,7 +679,7 @@ script: description: Deletes an assessment. execution: false name: attackiq-delete-assessment - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 isfetch: false runonce: false script: '-' diff --git a/Packs/AttackIQFireDrill/ReleaseNotes/1_0_5.md b/Packs/AttackIQFireDrill/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..076df816036c --- /dev/null +++ b/Packs/AttackIQFireDrill/ReleaseNotes/1_0_5.md @@ -0,0 +1,3 @@ +#### Integrations +##### AttackIQ Platform +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/AttackIQFireDrill/pack_metadata.json b/Packs/AttackIQFireDrill/pack_metadata.json index 7793d4a8a7ba..70ba33c10f8b 100644 --- a/Packs/AttackIQFireDrill/pack_metadata.json +++ b/Packs/AttackIQFireDrill/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AttackIQ Platform", "description": "An attack simulation platform that provides validations for security controls, responses, and remediation exercises.", "support": "xsoar", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/BPA/Integrations/BPA/BPA.yml b/Packs/BPA/Integrations/BPA/BPA.yml index 5c850da5a1a5..5879d29e9874 100644 --- a/Packs/BPA/Integrations/BPA/BPA.yml +++ b/Packs/BPA/Integrations/BPA/BPA.yml @@ -180,7 +180,7 @@ script: - contextPath: InfoFile.Extension description: File extension. type: string - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: false longRunning: false diff --git a/Packs/BPA/ReleaseNotes/1_2_9.md b/Packs/BPA/ReleaseNotes/1_2_9.md new file mode 100644 index 000000000000..05b12a5277ae --- /dev/null +++ b/Packs/BPA/ReleaseNotes/1_2_9.md @@ -0,0 +1,3 @@ +#### Integrations +##### Palo Alto Networks BPA +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/BPA/pack_metadata.json b/Packs/BPA/pack_metadata.json index 0249eb4ad038..dd5d4dcc7bbc 100644 --- a/Packs/BPA/pack_metadata.json +++ b/Packs/BPA/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Palo Alto Networks BPA", "description": "Palo Alto Networks Best Practice Assessment (BPA) analyzes NGFW and Panorama configurations and compares them to the best practices.", "support": "xsoar", - "currentVersion": "1.2.8", + "currentVersion": "1.2.9", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml b/Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml index cf10bc3e5388..c1cca780ef6b 100644 --- a/Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml +++ b/Packs/Barracuda/Integrations/BarracudaReputationBlockListBRBL/BarracudaReputationBlockListBRBL.yml @@ -47,7 +47,7 @@ script: description: A description explaining why the IP address was reported as malicious. type: String description: Get IP Reputation - dockerimage: demisto/python3:3.8.6.13358 + dockerimage: demisto/python3:3.9.6.22912 runonce: false subtype: python3 fromversion: 6.0.0 diff --git a/Packs/Barracuda/ReleaseNotes/1_0_2.md b/Packs/Barracuda/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..fd3cc12b62c0 --- /dev/null +++ b/Packs/Barracuda/ReleaseNotes/1_0_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### Barracuda Reputation Block List (BRBL) +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Barracuda/pack_metadata.json b/Packs/Barracuda/pack_metadata.json index 0eaa3a00e907..8d16fddc08fb 100644 --- a/Packs/Barracuda/pack_metadata.json +++ b/Packs/Barracuda/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Barracuda", "description": "Barracuda Reputation Block List (BRBL)", "support": "community", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "Harri Ruuttila", "url": "https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/bd-p/Cortex_XSOAR_Discussions", "email": "", diff --git a/Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml b/Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml index 46b2289237d9..6149036d9e4c 100644 --- a/Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml +++ b/Packs/BastilleNetworks/Integrations/BastilleNetworks/BastilleNetworks.yml @@ -339,7 +339,7 @@ script: description: Command to remove tag from an existing device execution: false name: bastille-remove-device-tag - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: true longRunning: false diff --git a/Packs/BastilleNetworks/ReleaseNotes/1_0_5.md b/Packs/BastilleNetworks/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..bd7c2eacd332 --- /dev/null +++ b/Packs/BastilleNetworks/ReleaseNotes/1_0_5.md @@ -0,0 +1,3 @@ +#### Integrations +##### Bastille Networks +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/BastilleNetworks/pack_metadata.json b/Packs/BastilleNetworks/pack_metadata.json index 479e2d40dd36..0186e5413cb5 100644 --- a/Packs/BastilleNetworks/pack_metadata.json +++ b/Packs/BastilleNetworks/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Bastille Networks", "description": "RF monitoring for wireless intrusion detection and policy enforcement. Visit https://www.bastille.net for details.", "support": "partner", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "author": "Bastille Networks", "url": "https://www.bastille.net/support", "email": "ask-customer-support@bastille.io", diff --git a/Packs/BitDam/Integrations/BitDam/BitDam.yml b/Packs/BitDam/Integrations/BitDam/BitDam.yml index 7eb90fb25a72..2e24de5ff78e 100644 --- a/Packs/BitDam/Integrations/BitDam/BitDam.yml +++ b/Packs/BitDam/Integrations/BitDam/BitDam.yml @@ -79,7 +79,7 @@ script: type: string description: Returns the verdict for a scanned file. runonce: false - dockerimage: demisto/python3:3.9.5.22665 + dockerimage: demisto/python3:3.9.6.22912 tests: - Detonate File - BitDam Test fromversion: 5.0.0 diff --git a/Packs/BitDam/ReleaseNotes/1_0_3.md b/Packs/BitDam/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..4f40813da96b --- /dev/null +++ b/Packs/BitDam/ReleaseNotes/1_0_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### BitDam +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/BitDam/pack_metadata.json b/Packs/BitDam/pack_metadata.json index 27a076da6a52..a88bed1ae4e4 100644 --- a/Packs/BitDam/pack_metadata.json +++ b/Packs/BitDam/pack_metadata.json @@ -2,7 +2,7 @@ "name": "BitDam", "description": "BitDam secure email gateway protects from advanced content-borne threats with the most accurate prevention of known and unknown threats, at their source.", "support": "community", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "BitDam", "url": "https://www.bitdam.com", "email": "support@bitdam.com", diff --git a/Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml b/Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml index 5edecc15ef68..e69b168a92fe 100644 --- a/Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml +++ b/Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml @@ -397,7 +397,7 @@ script: description: Error Message in case API fails type: String description: BitSight command to get list of companies and GUID - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 isfetch: true runonce: false subtype: python3 diff --git a/Packs/BitSight/ReleaseNotes/1_0_6.md b/Packs/BitSight/ReleaseNotes/1_0_6.md new file mode 100644 index 000000000000..ff0aa573fcf3 --- /dev/null +++ b/Packs/BitSight/ReleaseNotes/1_0_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### BitSight for Security Performance Management +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/BitSight/pack_metadata.json b/Packs/BitSight/pack_metadata.json index d7ac251e400b..88979c09e8b6 100644 --- a/Packs/BitSight/pack_metadata.json +++ b/Packs/BitSight/pack_metadata.json @@ -2,7 +2,7 @@ "name": "BitSight", "description": "Bitsight Integration will allow you visibility into BitSight findings for remediation in your security program.", "support": "partner", - "currentVersion": "1.0.5", + "currentVersion": "1.0.6", "author": "BitSight", "url": "https://service.bitsighttech.com/", "email": "support@bitsight.com", diff --git a/Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml b/Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml index 3bf9ecbef5c2..eb07890400b9 100644 --- a/Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml +++ b/Packs/BluelivThreatCompass/Integrations/BluelivThreatCompass/BluelivThreatCompass.yml @@ -354,7 +354,7 @@ script: - contextPath: BluelivThreatCompass.Label.TextColor description: Hexadecimal color of the label text in the GUI. type: String - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: true longRunning: false diff --git a/Packs/BluelivThreatCompass/ReleaseNotes/1_0_4.md b/Packs/BluelivThreatCompass/ReleaseNotes/1_0_4.md new file mode 100644 index 000000000000..953d11d0393f --- /dev/null +++ b/Packs/BluelivThreatCompass/ReleaseNotes/1_0_4.md @@ -0,0 +1,3 @@ +#### Integrations +##### Blueliv ThreatCompass +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/BluelivThreatCompass/pack_metadata.json b/Packs/BluelivThreatCompass/pack_metadata.json index dcaf316ce112..507724306db2 100644 --- a/Packs/BluelivThreatCompass/pack_metadata.json +++ b/Packs/BluelivThreatCompass/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Blueliv ThreatCompass", "description": "Blueliv ThreatCompass systematically looks for information about companies,products, people, brands, logos, assets, technology and other information, depending on your needs. Blueliv ThreatCompass allows you to monitor and track all this information to keep your data, your organization and its employees safe", "support": "community", - "currentVersion": "1.0.3", + "currentVersion": "1.0.4", "author": "Oriol Campderrós", "url": "https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/bd-p/Cortex_XSOAR_Discussions", "email": "", diff --git a/Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml b/Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml index 6ca10ab5e92e..0d3beb99a1bd 100644 --- a/Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml +++ b/Packs/BluelivThreatContext/Integrations/BluelivThreatContext/BluelivThreatContext.yml @@ -742,7 +742,7 @@ script: - contextPath: BluelivThreatContext.signature.type description: Signature type. type: String - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: false longRunning: false diff --git a/Packs/BluelivThreatContext/ReleaseNotes/1_0_3.md b/Packs/BluelivThreatContext/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..91c44c00f5b4 --- /dev/null +++ b/Packs/BluelivThreatContext/ReleaseNotes/1_0_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### Blueliv ThreatContext +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/BluelivThreatContext/pack_metadata.json b/Packs/BluelivThreatContext/pack_metadata.json index 57cf185c282d..3c1df0569259 100644 --- a/Packs/BluelivThreatContext/pack_metadata.json +++ b/Packs/BluelivThreatContext/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Blueliv ThreatContext", "description": "The Threat Context module provides SOC, Incident Response and Threat Intelligence teams with continuously updated and intuitive information around threat actors, campaigns, malware indicators, attack patterns, tools, signatures and CVEs. Analysts can rapidly gather enriched, contextualized information to enhance cybersecurity processes before, during and after an attack.", "support": "community", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "Oriol Campderrós", "url": " ", "email": "", diff --git a/Packs/Bonusly/Integrations/Bonusly/Bonusly.yml b/Packs/Bonusly/Integrations/Bonusly/Bonusly.yml index f7cdab7206a3..cdde2279b895 100644 --- a/Packs/Bonusly/Integrations/Bonusly/Bonusly.yml +++ b/Packs/Bonusly/Integrations/Bonusly/Bonusly.yml @@ -634,7 +634,7 @@ script: - contextPath: Bonusly.Bonus.message description: Message type: Unknown - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: true longRunning: false diff --git a/Packs/Bonusly/ReleaseNotes/1_0_4.md b/Packs/Bonusly/ReleaseNotes/1_0_4.md new file mode 100644 index 000000000000..575e846f8c7d --- /dev/null +++ b/Packs/Bonusly/ReleaseNotes/1_0_4.md @@ -0,0 +1,3 @@ +#### Integrations +##### Bonusly +- Upgraded the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Bonusly/pack_metadata.json b/Packs/Bonusly/pack_metadata.json index 6e6623339639..c82757fc386e 100644 --- a/Packs/Bonusly/pack_metadata.json +++ b/Packs/Bonusly/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Bonusly", "description": "Bonus.ly is an employee recognition platform which enterprises use to for employee recognition. We're building tools to help people feel a sense of purpose and progress at work. The platform which also has an API enables employees to recognize each other by providing a point based bonus system. Bonus.ly helps your employees feel connected, engaged, and aligned is mission critical right now. Bonusly makes employee recognition easy and fun, fostering community and creating company-wide alignment. It also provides employees with positive feedback in the work that they are doing. ", "support": "community", - "currentVersion": "1.0.3", + "currentVersion": "1.0.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 4bad8d612fd2afae3a2e6ed0a05040a831b0cffe Mon Sep 17 00:00:00 2001 From: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Date: Wed, 25 Aug 2021 14:53:25 +0300 Subject: [PATCH 036/173] Updated the Microsoft Graph API README (#14368) * Updated the Microsoft Graph API README Added the authorization process commands - msgraph-api-auth-start, msgraph-api-auth-complete, msgraph-api-test * Update Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md Co-authored-by: Itay Keren Co-authored-by: Itay Keren Co-authored-by: ikeren --- .../Integrations/MicrosoftGraphAPI/README.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md b/Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md index b4a0bc7436c9..47fc3f7c868d 100644 --- a/Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md +++ b/Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/README.md @@ -65,6 +65,20 @@ The integration supports only Application permission type, and does not support ## Commands You can execute the command from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details. + +### msgraph-api-auth-start +*** +Run this command to start the authorization process and follow the instructions in the command results. + +### msgraph-api-auth-complete +*** +Run this command to complete the authorization process. +Should be used after running the ***msgraph-api-auth-start*** command. + +### msgraph-api-test +*** +Tests connectivity to Microsoft when using Cortex XSOAR Azure app. + ### msgraph-api-request *** Run a Microsoft Graph API query. @@ -105,4 +119,4 @@ So in order to list all the applications using the integration, we would run the - In order to limit the number of results returned from Microsoft Graph API, the default value of the *odata* command argument is `$top=10`. Some of the Graph APIs do not support the `top` resource, and in that case the following error message will be returned: `This resource does not support custom page sizes. Please retry without a page size argument.` In this case, you can modify the *odata* command argument to not include the `top` resource. -For example, run the command with the *odata* command argument set to `$count=true` to include a count of the total number of items in a collection alongside the page of data values returned from Microsoft Graph. \ No newline at end of file +For example, run the command with the *odata* command argument set to `$count=true` to include a count of the total number of items in a collection alongside the page of data values returned from Microsoft Graph. From 49729ddb6a5e1a7f676d6990b1907f6c0bab146e Mon Sep 17 00:00:00 2001 From: iyeshaya <81752898+iyeshaya@users.noreply.github.com> Date: Wed, 25 Aug 2021 16:51:52 +0300 Subject: [PATCH 037/173] Whois integration connectivity issue (#14519) * test to recreate the bug * bug fixed * validate fix * RN * Update Packs/Whois/ReleaseNotes/1_2_4.md Co-authored-by: Itay Keren * fixed proxy params in test. Added more info to the proxy section in additional info * Update Packs/Whois/Integrations/Whois/Whois.yml Co-authored-by: Itay Keren * skip tests * Revert "skip tests (#14455)" This reverts commit 61bfafb9 * Indian domain test * Indian domain fix * rn * Update Packs/Whois/ReleaseNotes/1_2_5.md Co-authored-by: Itay Keren * checking for in tld in playbook-Whois-Test.yml Co-authored-by: Itay Keren --- Packs/Whois/Integrations/Whois/Whois.py | 2 +- Packs/Whois/Integrations/Whois/Whois_test.py | 16 ++++ Packs/Whois/ReleaseNotes/1_2_5.md | 4 + .../TestPlaybooks/playbook-Whois-Test.yml | 96 +++++++++++++++++-- Packs/Whois/pack_metadata.json | 2 +- 5 files changed, 109 insertions(+), 11 deletions(-) create mode 100644 Packs/Whois/ReleaseNotes/1_2_5.md diff --git a/Packs/Whois/Integrations/Whois/Whois.py b/Packs/Whois/Integrations/Whois/Whois.py index 80cfede36fe5..6de8965a57f1 100644 --- a/Packs/Whois/Integrations/Whois/Whois.py +++ b/Packs/Whois/Integrations/Whois/Whois.py @@ -2913,7 +2913,7 @@ "host": "whois.nic.immobilien" }, "in": { - "host": "whois.inregistry.net" + "host": "in.whois-servers.net" }, "inc": { "_group": "uniregistry", diff --git a/Packs/Whois/Integrations/Whois/Whois_test.py b/Packs/Whois/Integrations/Whois/Whois_test.py index 027f020c1583..9db398781b16 100644 --- a/Packs/Whois/Integrations/Whois/Whois_test.py +++ b/Packs/Whois/Integrations/Whois/Whois_test.py @@ -218,3 +218,19 @@ def test_get_whois_ip_proxy_param(mocker): mocker.patch.object(demisto, 'params', return_value={"proxy": True}) result = get_whois_ip('1.1.1.1') assert result + + +def test_indian_tld(): + """ + Given: + - indian domain + + When: + - running the get_root_server function + + Then: + - Verify the function returns the correct Whois server + """ + from Whois import get_root_server + result = get_root_server("google.in") + assert result == "in.whois-servers.net" diff --git a/Packs/Whois/ReleaseNotes/1_2_5.md b/Packs/Whois/ReleaseNotes/1_2_5.md new file mode 100644 index 000000000000..a2c17408e9ac --- /dev/null +++ b/Packs/Whois/ReleaseNotes/1_2_5.md @@ -0,0 +1,4 @@ + +#### Integrations +##### WhoisFix +- Fixed an issue where ***domain*** command would fail on *.in* domains. diff --git a/Packs/Whois/TestPlaybooks/playbook-Whois-Test.yml b/Packs/Whois/TestPlaybooks/playbook-Whois-Test.yml index b4e1cd7a10c5..15c5cb5d70c6 100644 --- a/Packs/Whois/TestPlaybooks/playbook-Whois-Test.yml +++ b/Packs/Whois/TestPlaybooks/playbook-Whois-Test.yml @@ -1,7 +1,7 @@ id: whois_test version: -1 name: whois_test -description: This is a test playbook for Whois. It will retrieve details for google.com +description: This is a test playbook for Whois. It will retrieve details for google.com/uk/in and confirm the domain name is the same. starttaskid: "0" tasks: @@ -417,7 +417,7 @@ tasks: '#default#': - "12" "yes": - - "15" + - "19" separatecontext: false conditions: - label: "yes" @@ -437,7 +437,7 @@ tasks: iscontext: true right: value: - simple: 14-02-2021 + simple: 13-09-2028 view: |- { "position": { @@ -531,7 +531,7 @@ tasks: brand: "" nexttasks: "yes": - - "15" + - "19" separatecontext: false conditions: - label: "yes" @@ -588,7 +588,7 @@ tasks: { "position": { "x": 50, - "y": 2750 + "y": 3090 } } note: false @@ -620,7 +620,7 @@ tasks: { "position": { "x": 50, - "y": 2940 + "y": 3260 } } note: false @@ -666,7 +666,7 @@ tasks: { "position": { "x": 50, - "y": 3120 + "y": 3440 } } note: false @@ -691,7 +691,83 @@ tasks: { "position": { "x": 50, - "y": 3300 + "y": 3680 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "19": + id: "19" + taskid: b66b8745-0109-48f7-82bb-0de72b81534d + type: regular + task: + id: b66b8745-0109-48f7-82bb-0de72b81534d + version: -1 + name: domain + description: Provides data enrichment for domains. + script: Whois|||domain + type: regular + iscommand: true + brand: Whois + nexttasks: + '#none#': + - "20" + scriptarguments: + domain: + simple: google.in + retry-count: + simple: "5" + retry-interval: + simple: "30" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 2700 + } + } + note: false + timertriggers: [ ] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "20": + id: "20" + taskid: 6b626e5b-2bd7-4402-8cce-ec2332d5a9e2 + type: condition + task: + id: 6b626e5b-2bd7-4402-8cce-ec2332d5a9e2 + version: -1 + name: Check results + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "15" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Domain.Whois.QueryStatus + iscontext: true + right: + value: + simple: Success + view: |- + { + "position": { + "x": 50, + "y": 2880 } } note: false @@ -699,12 +775,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": {}, "paper": { "dimensions": { - "height": 3315, + "height": 3695, "width": 760, "x": 50, "y": 50 diff --git a/Packs/Whois/pack_metadata.json b/Packs/Whois/pack_metadata.json index f800446084d7..225d1d09b44e 100644 --- a/Packs/Whois/pack_metadata.json +++ b/Packs/Whois/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Whois", "description": "This Content Pack helps you run Whois commands as playbook tasks or real-time actions within Cortex XSOAR to obtain valuable domain metadata.", "support": "xsoar", - "currentVersion": "1.2.4", + "currentVersion": "1.2.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From a7161ac51692ee3830e191e4842d8f11361c19b7 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 25 Aug 2021 18:01:06 +0300 Subject: [PATCH 038/173] Added several commands to Darktrace integration (#13905) (#14537) * Added several commands to darktrace * Update Darktrace.yml * lint fixes * Update Darktrace.py * lint fixes * Added readme, and changed some details on the outp * Added example commands * Added additional details in readme-file * lint fix * Updated command argument desc. * upgrade the docker image * upgrade docker image * bump version * Added release notes * added outputs * Added tests for alle commends with output * Added a single iteration to skip the first result * removed all instances of add-comment * Added outputs_key_field * Added secrets to ignore * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * Update Packs/Darktrace/Integrations/Darktrace/README.md Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> * fix test * lint fix * Updated docs * lint fix * lint fix Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Solli <59604718+simmyno@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> --- Packs/Darktrace/.secrets-ignore | 4 +- .../Integrations/Darktrace/Darktrace.py | 106 +++++++ .../Integrations/Darktrace/Darktrace.yml | 46 ++- .../Integrations/Darktrace/Darktrace_test.py | 97 +++++++ .../Integrations/Darktrace/README.md | 58 ++++ .../Darktrace/command_examples.txt | 3 + .../Darktrace/test_data/breach_details.json | 81 ++++++ .../Darktrace/test_data/component.json | 94 +++++++ .../test_data/formatted_breach_details.json | 57 ++++ .../test_data/formatted_component.json | 94 +++++++ .../Darktrace/test_data/formatted_model.json | 261 ++++++++++++++++++ .../Darktrace/test_data/model.json | 261 ++++++++++++++++++ Packs/Darktrace/ReleaseNotes/1_0_5.md | 7 + Packs/Darktrace/pack_metadata.json | 4 +- 14 files changed, 1169 insertions(+), 4 deletions(-) create mode 100644 Packs/Darktrace/Integrations/Darktrace/test_data/breach_details.json create mode 100644 Packs/Darktrace/Integrations/Darktrace/test_data/component.json create mode 100644 Packs/Darktrace/Integrations/Darktrace/test_data/formatted_breach_details.json create mode 100644 Packs/Darktrace/Integrations/Darktrace/test_data/formatted_component.json create mode 100644 Packs/Darktrace/Integrations/Darktrace/test_data/formatted_model.json create mode 100644 Packs/Darktrace/Integrations/Darktrace/test_data/model.json create mode 100644 Packs/Darktrace/ReleaseNotes/1_0_5.md diff --git a/Packs/Darktrace/.secrets-ignore b/Packs/Darktrace/.secrets-ignore index 1557cb144b44..a1f863e942f8 100644 --- a/Packs/Darktrace/.secrets-ignore +++ b/Packs/Darktrace/.secrets-ignore @@ -20,4 +20,6 @@ CQ2IiA2afFDfBc5301 CJDfGwAT7fVxNJd01 CQ4hu824CoXul9KV01 CWYWpz2KmHrsjNGO01 -CMEAtvytG16vv0X01 \ No newline at end of file +CMEAtvytG16vv0X01 +10.18.45.52 +10.18.25.51 \ No newline at end of file diff --git a/Packs/Darktrace/Integrations/Darktrace/Darktrace.py b/Packs/Darktrace/Integrations/Darktrace/Darktrace.py index 7505d8f51fd4..193917fe6675 100644 --- a/Packs/Darktrace/Integrations/Darktrace/Darktrace.py +++ b/Packs/Darktrace/Integrations/Darktrace/Darktrace.py @@ -67,6 +67,36 @@ def get_modelbreach(self, pbid): headers=http_headers ) + def get_modelbreach_details(self, pbid, endtime, count, offset): + + request = f"/details?endTime={endtime}&order=desc&includetotalbytes=true&offset={offset}&count={count}&pbid={pbid}" + http_headers = get_headers(self._auth, request) + return self._http_request( + method='GET', + url_suffix=request, + headers=http_headers + ) + + def get_model(self, uuid): + + request = "/models?uuid=" + uuid + http_headers = get_headers(self._auth, request) + return self._http_request( + method='GET', + url_suffix=request, + headers=http_headers + ) + + def get_component(self, cid): + + request = "/components/" + cid + http_headers = get_headers(self._auth, request) + return self._http_request( + method='GET', + url_suffix=request, + headers=http_headers + ) + def get_modelbreach_comments(self, pbid): """Searches for comments on a modelbreach using '/modelbreaches//comments' :type pbid: ``str`` @@ -643,6 +673,73 @@ def get_breach_command(client: Client, args: Dict[str, Any]) -> CommandResults: ) +def get_breach_details_command(client: Client, args: Dict[str, Any]) -> CommandResults: + + pbid = str(args.get('pbid', None)) + if not pbid: + raise ValueError('Darktrace Model Breach ID not specified') + + endtime = str(args.get('endtime', None)) + count = str(int(args.get('count', None)) + 1) + offset = str(args.get('offset', None)) + + model_breach = (client.get_modelbreach_details(pbid=pbid, endtime=endtime, count=count, offset=offset))[1:] + + if 'time' in model_breach: + created_time = int(model_breach.get('time', '0')) + model_breach['time'] = timestamp_to_datestring(created_time) + + headers = [] + for event in model_breach: + for head in event.keys(): + headers.append(head) + + headers = list(set(headers)) + headers = sorted(headers) + + readable_output = tableToMarkdown(f'Darktrace Model Breach {pbid} Details', model_breach, headers=headers, + removeNull=True) + + return CommandResults( + readable_output=readable_output, + outputs_prefix='Darktrace.ModelBreach', + outputs_key_field='pid', + outputs=model_breach + ) + + +def get_model_command(client: Client, args: Dict[str, Any]) -> CommandResults: + uuid = str(args.get('uuid', None)) + if not uuid: + raise ValueError('Darktrace Model UUID not specified') + + res = client.get_model(uuid=uuid) + readable_output = tableToMarkdown(f'Darktrace Model {uuid}', res) + + return CommandResults( + readable_output=readable_output, + outputs_prefix='Darktrace.Model', + outputs_key_field='uuid', + outputs=res + ) + + +def get_component_command(client: Client, args: Dict[str, Any]) -> CommandResults: + cid = str(args.get('cid', None)) + if not cid: + raise ValueError('Darktrace Component CID not specified') + + res = client.get_component(cid=cid) + readable_output = tableToMarkdown(f'Darktrace Component {cid}', res) + + return CommandResults( + readable_output=readable_output, + outputs_prefix='Darktrace.Component', + outputs_key_field='cid', + outputs=res + ) + + def get_comments_command(client: Client, args: Dict[str, Any]) -> CommandResults: """darktrace-get-comments command: Returns the comments on the model breach @@ -1076,6 +1173,15 @@ def main() -> None: elif demisto.command() == 'darktrace-get-breach': return_results(get_breach_command(client, demisto.args())) + elif demisto.command() == 'darktrace-get-breach-details': + return_results(get_breach_details_command(client, demisto.args())) + + elif demisto.command() == 'darktrace-get-model': + return_results(get_model_command(client, demisto.args())) + + elif demisto.command() == 'darktrace-get-component': + return_results(get_component_command(client, demisto.args())) + elif demisto.command() == 'darktrace-get-comments': return_results(get_comments_command(client, demisto.args())) diff --git a/Packs/Darktrace/Integrations/Darktrace/Darktrace.yml b/Packs/Darktrace/Integrations/Darktrace/Darktrace.yml index 0bf5d5464e06..c672cc3b6ab3 100644 --- a/Packs/Darktrace/Integrations/Darktrace/Darktrace.yml +++ b/Packs/Darktrace/Integrations/Darktrace/Darktrace.yml @@ -478,7 +478,51 @@ script: keys. It is recommended to run the command once to check the relevant outputs in context. type: Unknown - dockerimage: demisto/python3:3.9.5.21272 + - name: darktrace-get-breach-details + arguments: + - name: pbid + required: true + description: Darktrace modelbreach ID + - name: endtime + description: End time of data to return in millisecond format, relative to midnight January 1st 1970 UTC + - name: count + defaultValue: "100" + description: Specifies the maximum number of items to return. Default 100 + - name: offset + defaultValue: "0" + description: Offset of starting point for fetching details of the modelbreach + description: Retrieve additional details on a modelbreach + outputs: + - contextPath: Darktrace.ModelBreach + description: List of events from the modelbreach and their details. Each event might have different + keys. It is recommended to run the command once to check the relevant outputs + in context + type: Unknown + - name: darktrace-get-model + arguments: + - name: uuid + required: true + description: All models have a uuid and a pid. The uuid (universally unique identifier) is a 128-bit hexadecimal number + description: Get the details of a model given the UUID + outputs: + - contextPath: Darktrace.Model + description: A dictionary of the details of the model. Each model might have different + keys. It is recommended to run the command once to check the relevant outputs + in context + type: Unknown + - name: darktrace-get-component + arguments: + - name: cid + required: true + description: ID of the component. The cid is referenced in the data attribute for model breaches. + description: Get details of a component given the CID + outputs: + - contextPath: Darktrace.Component + description: A dictionary of the details of the model. Each model might have different + keys. It is recommended to run the command once to check the relevant outputs + in context + type: Unknown + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: true longRunning: false diff --git a/Packs/Darktrace/Integrations/Darktrace/Darktrace_test.py b/Packs/Darktrace/Integrations/Darktrace/Darktrace_test.py index 7c4e18ad70b3..4d3a2d53b95b 100644 --- a/Packs/Darktrace/Integrations/Darktrace/Darktrace_test.py +++ b/Packs/Darktrace/Integrations/Darktrace/Darktrace_test.py @@ -361,3 +361,100 @@ def test_get_entity_details(requests_mock): assert integration_response.outputs == expected_response assert integration_response.outputs_prefix == 'Darktrace.EntityDetails' + + +def test_get_modelbreach_details(mocker): + """Tests the get-modelbreach-details command function. + Configures requests_mock instance to generate the appropriate + get_alert API response, loaded from a local JSON file. Checks + the output of the command function with the expected output. + """ + from Darktrace import Client, get_breach_details_command + + # GIVEN an integration is configured and you would like to find similar devices + mock_api_response = util_load_json('test_data/breach_details.json') + mocker.patch.object(Client, 'get_modelbreach_details', return_value=mock_api_response) + + client = Client( + base_url='https://mock.darktrace.com', + verify=False, + auth=('examplepub', 'examplepri') + ) + + # WHEN the specified device id is 1 and there are 2 results max desired + args = { + 'pbid': '123', + 'count': '2', + 'endtime': 1629803362 + } + + # THEN the context will be updated and information about similar devices will be fetched and pulled + integration_response = get_breach_details_command(client, args) + expected_response = util_load_json('test_data/formatted_breach_details.json') + + assert integration_response.outputs == expected_response + assert integration_response.outputs_prefix == 'Darktrace.ModelBreach' + + +def test_get_component(requests_mock): + """Tests the get-component command function. + Configures requests_mock instance to generate the appropriate + get_alert API response, loaded from a local JSON file. Checks + the output of the command function with the expected output. + """ + from Darktrace import Client, get_component_command + + # GIVEN an integration is configured and you would like to find similar devices + mock_api_response = util_load_json('test_data/component.json') + requests_mock.get('https://mock.darktrace.com/components/254503', + json=mock_api_response) + + client = Client( + base_url='https://mock.darktrace.com', + verify=False, + auth=('examplepub', 'examplepri') + ) + + # WHEN the specified device id is 1 and there are 2 results max desired + args = { + 'cid': '254503' + } + + # THEN the context will be updated and information about similar devices will be fetched and pulled + integration_response = get_component_command(client, args) + expected_response = util_load_json('test_data/formatted_component.json') + + assert integration_response.outputs == expected_response + assert integration_response.outputs_prefix == 'Darktrace.Component' + + +def test_get_model(requests_mock): + """Tests the get-model command function. + Configures requests_mock instance to generate the appropriate + get_alert API response, loaded from a local JSON file. Checks + the output of the command function with the expected output. + """ + from Darktrace import Client, get_model_command + + # GIVEN an integration is configured and you would like to find similar devices + mock_api_response = util_load_json('test_data/model.json') + requests_mock.get('https://mock.darktrace.com/models?uuid=80010119-6d7f-0000-0305-5e0000000325', + json=mock_api_response) + + client = Client( + base_url='https://mock.darktrace.com', + verify=False, + auth=('examplepub', 'examplepri') + ) + + # WHEN the specified device id is 1 and there are 2 results max desired + args = { + 'uuid': '80010119-6d7f-0000-0305-5e0000000325' + } + + # THEN the context will be updated and information about similar devices will be fetched and pulled + integration_response = get_model_command(client, args) + expected_response = util_load_json('test_data/formatted_model.json') + + assert integration_response.outputs == expected_response + assert integration_response.outputs_prefix == 'Darktrace.Model' diff --git a/Packs/Darktrace/Integrations/Darktrace/README.md b/Packs/Darktrace/Integrations/Darktrace/README.md index 76a492a1c9eb..c9462c8bf5c7 100644 --- a/Packs/Darktrace/Integrations/Darktrace/README.md +++ b/Packs/Darktrace/Integrations/Darktrace/README.md @@ -251,6 +251,64 @@ Unacknowledges a model breach as specified by Model Breach ID >|---| >| Successfully unacknowledged. | +### darktrace-get-breach-details +*** +Returns details on a modelbreach + +#### Base Command +`darktrace-get-breach-details` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| pbid | Darktrace model breach ID | Required | +| endtime | Endtime of data retrieved | Not Required | +| count | The amount of lines returned | Not Required | +| offset | The offset of data pulled | Not Required | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Darktrace.ModelBreach| Dictionary | Details of the model breach | + +### darktrace-get-model +*** +Returns a model given a UUID + +#### Base Command +`darktrace-get-model` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| uuid | Darktrace model ID | Required | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Darktrace.Model | Dictionary | Details of the model | + + +### darktrace-get-component +*** +Returns the details of a component given a CID + +#### Base Command +`darktrace-get-component` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| cid | Darktrace components ID | Required | + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Darktrace.Component | Dictionary | Details of the component | + ### darktrace-list-similar-devices *** diff --git a/Packs/Darktrace/Integrations/Darktrace/command_examples.txt b/Packs/Darktrace/Integrations/Darktrace/command_examples.txt index 9845643b0f4e..079594389e23 100644 --- a/Packs/Darktrace/Integrations/Darktrace/command_examples.txt +++ b/Packs/Darktrace/Integrations/Darktrace/command_examples.txt @@ -1,5 +1,8 @@ !darktrace-get-breach pbid=95 !darktrace-get-comments pbid=46 +!darktrace-get-breach-details pbid=111 +!darktrace-get-model uuid="80010119-6d7f-0000-0305-5e0000000325" +!darktrace-get-component cid="254036" !darktrace-acknowledge pbid=111 !darktrace-unacknowledge pbid=111 !darktrace-list-similar-devices did=1 max_results=2 diff --git a/Packs/Darktrace/Integrations/Darktrace/test_data/breach_details.json b/Packs/Darktrace/Integrations/Darktrace/test_data/breach_details.json new file mode 100644 index 000000000000..a893d2ce590e --- /dev/null +++ b/Packs/Darktrace/Integrations/Darktrace/test_data/breach_details.json @@ -0,0 +1,81 @@ +[ + { + "commentCount": 0, + "device": { + "devicelabel": "No device label in Darktrace", + "did": "1272", + "hostname": "ftp.test.com", + "ip": "10.18.45.52", + "macaddress": "No MAC address in Darktrace", + "vendor": "VMware, Inc." + }, + "model": { + "description": "A device is writing suspicious terms to network file shares that may indicate a threat. This is particularly relevant for ransomware infections that overwrite internal data.\\n\\nAction: Investigate the file writes that are occurring to see if they are overwriting important internal data.", + "name": "Compromise::Ransomware::Ransom or Offensive Words Written to SMB", + "pid": 287, + "priority": 4, + "tags": [ + "AP: Exploit" + ], + "uuid": "80010119-6d7f-0000-0305-5e0000000325" + }, + "pbid": 99972, + "score": 0.653, + "time": "2021-08-24T11:08:22.000Z" + }, + { + "action": "notice", + "destination": "ftp.test.com", + "destinationDevice": { + "did": 257, + "hostname": "ftp.test.com", + "id": 257, + "ip": "10.18.25.51", + "ips": [ + { + "ip": "10.18.25.51", + "sid": 47, + "time": "2021-08-24 11:00:00", + "timems": 1621802800000 + } + ], + "os": "Windows NT kernel", + "sid": 47, + "time": "1550154684000", + "typelabel": "Desktop", + "typename": "desktop" + }, + "destinationPort": 445, + "details": "reason=The operation completed successfully. mimeType=text/plain details=Initial_transfer share_type= version=smb2 result=success, size=4096B", + "direction": "out", + "eventType": "notice", + "mlid": 275, + "msg": "share= file=EDIDATA\\testfile version=smb2", + "nid": 2505345800, + "size": 4096, + "source": "ftp.test.com", + "sourceDevice": { + "did": 1276, + "hostname": "ftp.test.com", + "id": 1276, + "ip": "10.18.45.52", + "ips": [ + { + "ip": "10.18.45.52", + "sid": 9, + "time": "2021-08-24 11:00:00", + "timems": 1621802800000 + } + ], + "os": "Windows 7, 8 or 10", + "sid": 9, + "time": "1552479504000", + "typelabel": "Desktop", + "typename": "desktop" + }, + "time": "2021-08-24 11:08:21", + "timems": 1621803301000, + "type": "SMB::ReadSuccess", + "uid": "C3ITTD4AhWjMDDOvP101" + } +] \ No newline at end of file diff --git a/Packs/Darktrace/Integrations/Darktrace/test_data/component.json b/Packs/Darktrace/Integrations/Darktrace/test_data/component.json new file mode 100644 index 000000000000..86d94d05d314 --- /dev/null +++ b/Packs/Darktrace/Integrations/Darktrace/test_data/component.json @@ -0,0 +1,94 @@ +{ + "active": true, + "chid": 502996, + "cid": 254503, + "filters": [ + { + "arguments": { + "value": "/.*\\.\\w{1,10}\\.(?:ecc|ezz|exx|zzz|xyz|aaa|abc|ccc|vvv|xxx|ttt|micro|encrypted|locked|crypto|_crypt|crinf|r5a|XRNT|XTBL|crypt|R16M01D05|pzdc|good|LOL!|OMG!|RDM|RRK|encryptedRSA|crjoker|EnCiPhErEd|LeChiffre|keybtc@inbox_com|0x0|bleep|1999|vault|HA3|toxcrypt|magic|SUPERCRYPT|CTBL|CTB2|locky|gryphon|fun|ykcol|lukitus|EMPTY|ryk|pr(0|o)L(0|o)ck|lockbit|ragnar_[a-zA-Z0-9]{5,10}|sthd2|crypted|WNCRY|[^\\.]+wasted(_info)?|pysa)($|\\sversion.*)/i" + }, + "cfhid": 4474200, + "cfid": 2500525, + "comparator": "matches regular expression", + "filtertype": "Message", + "id": "A" + }, + { + "arguments": { + "value": "/^(?!.*\\s\\[[^\\]]*@[^\\]]*\\].*).+\\[\\w+(\\.onion|\\@\\w+\\.\\w+)\\].*/i" + }, + "cfhid": 4474201, + "cfid": 2500526, + "comparator": "matches regular expression", + "filtertype": "Message", + "id": "B" + }, + { + "arguments": { + "value": "out" + }, + "cfhid": 4474202, + "cfid": 2500527, + "comparator": "is", + "filtertype": "Direction", + "id": "C" + }, + { + "arguments": { + "value": "BackupData.dat.locked" + }, + "cfhid": 4474203, + "cfid": 2500528, + "comparator": "does not contain", + "filtertype": "Message", + "id": "D" + }, + { + "arguments": {}, + "cfhid": 4474204, + "cfid": 2500529, + "comparator": "is", + "filtertype": "Unique message fields", + "id": "E" + }, + { + "arguments": {}, + "cfhid": 4474205, + "cfid": 2500530, + "comparator": "display", + "filtertype": "Message", + "id": "d1" + } + ], + "interval": 300, + "logic": { + "data": { + "left": { + "left": "A", + "operator": "AND", + "right": { + "left": "C", + "operator": "AND", + "right": { + "left": "D", + "operator": "AND", + "right": "E" + } + } + }, + "operator": "OR", + "right": { + "left": "B", + "operator": "AND", + "right": { + "left": "C", + "operator": "AND", + "right": "E" + } + } + }, + "version": "v0.1" + }, + "mlid": 276, + "threshold": 4 +} \ No newline at end of file diff --git a/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_breach_details.json b/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_breach_details.json new file mode 100644 index 000000000000..d0de6e8dfabc --- /dev/null +++ b/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_breach_details.json @@ -0,0 +1,57 @@ +[ + { + "action": "notice", + "destination": "ftp.test.com", + "destinationDevice": { + "did": 257, + "hostname": "ftp.test.com", + "id": 257, + "ip": "10.18.25.51", + "ips": [ + { + "ip": "10.18.25.51", + "sid": 47, + "time": "2021-08-24 11:00:00", + "timems": 1621802800000 + } + ], + "os": "Windows NT kernel", + "sid": 47, + "time": "1550154684000", + "typelabel": "Desktop", + "typename": "desktop" + }, + "destinationPort": 445, + "details": "reason=The operation completed successfully. mimeType=text/plain details=Initial_transfer share_type= version=smb2 result=success, size=4096B", + "direction": "out", + "eventType": "notice", + "mlid": 275, + "msg": "share= file=EDIDATA\\testfile version=smb2", + "nid": 2505345800, + "size": 4096, + "source": "ftp.test.com", + "sourceDevice": { + "did": 1276, + "hostname": "ftp.test.com", + "id": 1276, + "ip": "10.18.45.52", + "ips": [ + { + "ip": "10.18.45.52", + "sid": 9, + "time": "2021-08-24 11:00:00", + "timems": 1621802800000 + } + ], + "os": "Windows 7, 8 or 10", + "sid": 9, + "time": "1552479504000", + "typelabel": "Desktop", + "typename": "desktop" + }, + "time": "2021-08-24 11:08:21", + "timems": 1621803301000, + "type": "SMB::ReadSuccess", + "uid": "C3ITTD4AhWjMDDOvP101" + } +] \ No newline at end of file diff --git a/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_component.json b/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_component.json new file mode 100644 index 000000000000..86d94d05d314 --- /dev/null +++ b/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_component.json @@ -0,0 +1,94 @@ +{ + "active": true, + "chid": 502996, + "cid": 254503, + "filters": [ + { + "arguments": { + "value": "/.*\\.\\w{1,10}\\.(?:ecc|ezz|exx|zzz|xyz|aaa|abc|ccc|vvv|xxx|ttt|micro|encrypted|locked|crypto|_crypt|crinf|r5a|XRNT|XTBL|crypt|R16M01D05|pzdc|good|LOL!|OMG!|RDM|RRK|encryptedRSA|crjoker|EnCiPhErEd|LeChiffre|keybtc@inbox_com|0x0|bleep|1999|vault|HA3|toxcrypt|magic|SUPERCRYPT|CTBL|CTB2|locky|gryphon|fun|ykcol|lukitus|EMPTY|ryk|pr(0|o)L(0|o)ck|lockbit|ragnar_[a-zA-Z0-9]{5,10}|sthd2|crypted|WNCRY|[^\\.]+wasted(_info)?|pysa)($|\\sversion.*)/i" + }, + "cfhid": 4474200, + "cfid": 2500525, + "comparator": "matches regular expression", + "filtertype": "Message", + "id": "A" + }, + { + "arguments": { + "value": "/^(?!.*\\s\\[[^\\]]*@[^\\]]*\\].*).+\\[\\w+(\\.onion|\\@\\w+\\.\\w+)\\].*/i" + }, + "cfhid": 4474201, + "cfid": 2500526, + "comparator": "matches regular expression", + "filtertype": "Message", + "id": "B" + }, + { + "arguments": { + "value": "out" + }, + "cfhid": 4474202, + "cfid": 2500527, + "comparator": "is", + "filtertype": "Direction", + "id": "C" + }, + { + "arguments": { + "value": "BackupData.dat.locked" + }, + "cfhid": 4474203, + "cfid": 2500528, + "comparator": "does not contain", + "filtertype": "Message", + "id": "D" + }, + { + "arguments": {}, + "cfhid": 4474204, + "cfid": 2500529, + "comparator": "is", + "filtertype": "Unique message fields", + "id": "E" + }, + { + "arguments": {}, + "cfhid": 4474205, + "cfid": 2500530, + "comparator": "display", + "filtertype": "Message", + "id": "d1" + } + ], + "interval": 300, + "logic": { + "data": { + "left": { + "left": "A", + "operator": "AND", + "right": { + "left": "C", + "operator": "AND", + "right": { + "left": "D", + "operator": "AND", + "right": "E" + } + } + }, + "operator": "OR", + "right": { + "left": "B", + "operator": "AND", + "right": { + "left": "C", + "operator": "AND", + "right": "E" + } + } + }, + "version": "v0.1" + }, + "mlid": 276, + "threshold": 4 +} \ No newline at end of file diff --git a/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_model.json b/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_model.json new file mode 100644 index 000000000000..0538fbc8f265 --- /dev/null +++ b/Packs/Darktrace/Integrations/Darktrace/test_data/formatted_model.json @@ -0,0 +1,261 @@ +{ + "actions": { + "alert": true, + "antigena": {}, + "breach": true, + "model": true, + "setPriority": false, + "setTag": false, + "setType": false + }, + "active": true, + "activeTimes": { + "devices": {}, + "tags": {}, + "type": "exclusions", + "version": 2 + }, + "autoSuppress": true, + "autoUpdatable": true, + "autoUpdate": true, + "behaviour": "decreasing", + "created": { + "by": "Unknown" + }, + "description": "A device is writing suspicious terms to network file shares that may indicate a threat. This is particularly relevant for ransomware infections that overwrite internal data.\\n\\nAction: Investigate the file writes that are occurring to see if they are overwriting important internal data.", + "edited": { + "by": "System" + }, + "history": [ + { + "active": true, + "by": "System", + "message": "Excluding a commonly seen, non-malicious filename that has a similar pattern to ransom notes, README_DO_NOT_TOUCH_FILES.txt", + "modified": "2021-08-13 20:59:30", + "phid": 69331 + }, + { + "active": false, + "by": "System", + "message": "Updated regex string in SMB Write component", + "modified": "2021-07-16 19:14:20", + "phid": 69039 + }, + { + "active": false, + "by": "System", + "message": "Removing components that are now covered by the new model Possible Ransom Note Write", + "modified": "2021-07-08 00:47:21", + "phid": 68975 + }, + { + "active": false, + "by": "System", + "message": "Adding new regex to detect ransom notes", + "modified": "2021-05-26 13:07:05", + "phid": 68573 + }, + { + "active": false, + "by": "System", + "message": "Updated regex string in SMB Write and Move components", + "modified": "2021-03-26 19:08:25", + "phid": 67901 + }, + { + "active": false, + "by": "System", + "message": "Modified regex strings in SMB Write and Move components to detect wasted and wasted_info in filenames", + "modified": "2021-03-20 15:14:30", + "phid": 67852 + }, + { + "active": false, + "by": "System", + "message": "Updated regex string in SMB Write and Move components", + "modified": "2020-10-08 23:28:04", + "phid": 65995 + }, + { + "active": false, + "by": "System", + "message": "add back lockbit ransomware extension", + "modified": "2020-09-02 20:26:25", + "phid": 65510 + }, + { + "active": false, + "by": "System", + "message": "Added AgeLocker and Thanos to regex in the last three components", + "modified": "2020-07-27 13:49:06", + "phid": 64836 + }, + { + "active": false, + "by": "System", + "message": "Updating regex", + "modified": "2020-07-11 04:58:25", + "phid": 64625 + }, + { + "active": false, + "by": "System", + "message": "Adding unique messages filter to the components for multiple writes/moves", + "modified": "2020-06-24 18:15:45", + "phid": 64408 + }, + { + "active": false, + "by": "System", + "message": "Updating regex", + "modified": "2020-06-23 07:10:05", + "phid": 64389 + }, + { + "active": false, + "by": "System", + "message": "Added Ragnar ransom note and file extension", + "modified": "2020-06-19 07:13:01", + "phid": 64361 + }, + { + "active": false, + "by": "System", + "message": "add maze ransom note, update prolock extensions", + "modified": "2020-05-26 12:27:18", + "phid": 64176 + }, + { + "active": false, + "by": "System", + "message": "add lockbit ransomware detection", + "modified": "2020-05-06 00:08:23", + "phid": 63911 + }, + { + "active": false, + "by": "System", + "message": "add proLock ransomware detection", + "modified": "2020-04-21 15:59:04", + "phid": 63792 + }, + { + "active": false, + "by": "System", + "message": "Adding Sodbinki and Petya to regex, and excluding common paths", + "modified": "2020-03-26 16:43:44", + "phid": 63562 + }, + { + "active": false, + "by": "System", + "message": "Improved regex for .onion and email addresses in filenames", + "modified": "2020-02-10 16:43:11", + "phid": 63190 + }, + { + "active": false, + "by": "System", + "message": "Reducing the scoring of the Bitcoin component to 1", + "modified": "2020-02-07 23:16:58", + "phid": 63174 + }, + { + "active": false, + "by": "System", + "message": "Added a new component for a commonly seen ransom note string", + "modified": "2019-11-29 14:25:58", + "phid": 13633 + }, + { + "active": false, + "by": "System", + "message": "Added additional ransom notes to the regex string of the final component", + "modified": "2019-11-21 16:26:40", + "phid": 2157 + }, + { + "active": false, + "by": "System", + "message": "Removing a deprecated filter from the SMB Move component, and adding the .ryk extension", + "modified": "2019-11-04 23:41:11", + "phid": 2065 + }, + { + "active": false, + "by": "System", + "message": "Reducing priority to 4, as this is included in the higher priority Suspicious SMB Activity meta-model", + "modified": "2019-08-05 12:23:08", + "phid": 1661 + }, + { + "active": false, + "by": "System", + "message": "Moving folder and adding in a Ryuk ransomware note filename", + "modified": "2019-07-09 00:36:33", + "phid": 1560 + }, + { + "active": false, + "by": "System", + "message": "Adding a new LockerGoga ransom note string to the regex", + "modified": "2019-03-21 23:23:54", + "phid": 857 + }, + { + "active": false, + "by": "System", + "message": "Removing read.txt from ransom note regex", + "modified": "2019-03-13 06:47:50", + "phid": 787 + }, + { + "active": false, + "by": "System", + "message": "Updated component regex", + "modified": "2019-03-12 02:26:36", + "phid": 686 + }, + { + "active": false, + "by": "Nobody", + "message": "updated description and display filters", + "modified": "2019-02-08 14:13:46", + "phid": 287 + } + ], + "interval": 300, + "logic": { + "data": [ + { + "cid": 254503, + "weight": 1 + }, + { + "cid": 254504, + "weight": 1 + }, + { + "cid": 254502, + "weight": 1 + } + ], + "targetScore": 1, + "type": "weightedComponentList", + "version": 1 + }, + "message": "Excluding a commonly seen, non-malicious filename that has a similar pattern to ransom notes, README_DO_NOT_TOUCH_FILES.txt", + "modified": "2021-08-13 20:59:30", + "name": "Compromise::Ransomware::Ransom or Offensive Words Written to SMB", + "phid": 69331, + "pid": 287, + "priority": 4, + "sequenced": false, + "sharedEndpoints": true, + "tags": [ + "AP: Exploit" + ], + "throttle": 3600, + "uuid": "80010119-6d7f-0000-0305-5e0000000325", + "version": 75 +} \ No newline at end of file diff --git a/Packs/Darktrace/Integrations/Darktrace/test_data/model.json b/Packs/Darktrace/Integrations/Darktrace/test_data/model.json new file mode 100644 index 000000000000..0538fbc8f265 --- /dev/null +++ b/Packs/Darktrace/Integrations/Darktrace/test_data/model.json @@ -0,0 +1,261 @@ +{ + "actions": { + "alert": true, + "antigena": {}, + "breach": true, + "model": true, + "setPriority": false, + "setTag": false, + "setType": false + }, + "active": true, + "activeTimes": { + "devices": {}, + "tags": {}, + "type": "exclusions", + "version": 2 + }, + "autoSuppress": true, + "autoUpdatable": true, + "autoUpdate": true, + "behaviour": "decreasing", + "created": { + "by": "Unknown" + }, + "description": "A device is writing suspicious terms to network file shares that may indicate a threat. This is particularly relevant for ransomware infections that overwrite internal data.\\n\\nAction: Investigate the file writes that are occurring to see if they are overwriting important internal data.", + "edited": { + "by": "System" + }, + "history": [ + { + "active": true, + "by": "System", + "message": "Excluding a commonly seen, non-malicious filename that has a similar pattern to ransom notes, README_DO_NOT_TOUCH_FILES.txt", + "modified": "2021-08-13 20:59:30", + "phid": 69331 + }, + { + "active": false, + "by": "System", + "message": "Updated regex string in SMB Write component", + "modified": "2021-07-16 19:14:20", + "phid": 69039 + }, + { + "active": false, + "by": "System", + "message": "Removing components that are now covered by the new model Possible Ransom Note Write", + "modified": "2021-07-08 00:47:21", + "phid": 68975 + }, + { + "active": false, + "by": "System", + "message": "Adding new regex to detect ransom notes", + "modified": "2021-05-26 13:07:05", + "phid": 68573 + }, + { + "active": false, + "by": "System", + "message": "Updated regex string in SMB Write and Move components", + "modified": "2021-03-26 19:08:25", + "phid": 67901 + }, + { + "active": false, + "by": "System", + "message": "Modified regex strings in SMB Write and Move components to detect wasted and wasted_info in filenames", + "modified": "2021-03-20 15:14:30", + "phid": 67852 + }, + { + "active": false, + "by": "System", + "message": "Updated regex string in SMB Write and Move components", + "modified": "2020-10-08 23:28:04", + "phid": 65995 + }, + { + "active": false, + "by": "System", + "message": "add back lockbit ransomware extension", + "modified": "2020-09-02 20:26:25", + "phid": 65510 + }, + { + "active": false, + "by": "System", + "message": "Added AgeLocker and Thanos to regex in the last three components", + "modified": "2020-07-27 13:49:06", + "phid": 64836 + }, + { + "active": false, + "by": "System", + "message": "Updating regex", + "modified": "2020-07-11 04:58:25", + "phid": 64625 + }, + { + "active": false, + "by": "System", + "message": "Adding unique messages filter to the components for multiple writes/moves", + "modified": "2020-06-24 18:15:45", + "phid": 64408 + }, + { + "active": false, + "by": "System", + "message": "Updating regex", + "modified": "2020-06-23 07:10:05", + "phid": 64389 + }, + { + "active": false, + "by": "System", + "message": "Added Ragnar ransom note and file extension", + "modified": "2020-06-19 07:13:01", + "phid": 64361 + }, + { + "active": false, + "by": "System", + "message": "add maze ransom note, update prolock extensions", + "modified": "2020-05-26 12:27:18", + "phid": 64176 + }, + { + "active": false, + "by": "System", + "message": "add lockbit ransomware detection", + "modified": "2020-05-06 00:08:23", + "phid": 63911 + }, + { + "active": false, + "by": "System", + "message": "add proLock ransomware detection", + "modified": "2020-04-21 15:59:04", + "phid": 63792 + }, + { + "active": false, + "by": "System", + "message": "Adding Sodbinki and Petya to regex, and excluding common paths", + "modified": "2020-03-26 16:43:44", + "phid": 63562 + }, + { + "active": false, + "by": "System", + "message": "Improved regex for .onion and email addresses in filenames", + "modified": "2020-02-10 16:43:11", + "phid": 63190 + }, + { + "active": false, + "by": "System", + "message": "Reducing the scoring of the Bitcoin component to 1", + "modified": "2020-02-07 23:16:58", + "phid": 63174 + }, + { + "active": false, + "by": "System", + "message": "Added a new component for a commonly seen ransom note string", + "modified": "2019-11-29 14:25:58", + "phid": 13633 + }, + { + "active": false, + "by": "System", + "message": "Added additional ransom notes to the regex string of the final component", + "modified": "2019-11-21 16:26:40", + "phid": 2157 + }, + { + "active": false, + "by": "System", + "message": "Removing a deprecated filter from the SMB Move component, and adding the .ryk extension", + "modified": "2019-11-04 23:41:11", + "phid": 2065 + }, + { + "active": false, + "by": "System", + "message": "Reducing priority to 4, as this is included in the higher priority Suspicious SMB Activity meta-model", + "modified": "2019-08-05 12:23:08", + "phid": 1661 + }, + { + "active": false, + "by": "System", + "message": "Moving folder and adding in a Ryuk ransomware note filename", + "modified": "2019-07-09 00:36:33", + "phid": 1560 + }, + { + "active": false, + "by": "System", + "message": "Adding a new LockerGoga ransom note string to the regex", + "modified": "2019-03-21 23:23:54", + "phid": 857 + }, + { + "active": false, + "by": "System", + "message": "Removing read.txt from ransom note regex", + "modified": "2019-03-13 06:47:50", + "phid": 787 + }, + { + "active": false, + "by": "System", + "message": "Updated component regex", + "modified": "2019-03-12 02:26:36", + "phid": 686 + }, + { + "active": false, + "by": "Nobody", + "message": "updated description and display filters", + "modified": "2019-02-08 14:13:46", + "phid": 287 + } + ], + "interval": 300, + "logic": { + "data": [ + { + "cid": 254503, + "weight": 1 + }, + { + "cid": 254504, + "weight": 1 + }, + { + "cid": 254502, + "weight": 1 + } + ], + "targetScore": 1, + "type": "weightedComponentList", + "version": 1 + }, + "message": "Excluding a commonly seen, non-malicious filename that has a similar pattern to ransom notes, README_DO_NOT_TOUCH_FILES.txt", + "modified": "2021-08-13 20:59:30", + "name": "Compromise::Ransomware::Ransom or Offensive Words Written to SMB", + "phid": 69331, + "pid": 287, + "priority": 4, + "sequenced": false, + "sharedEndpoints": true, + "tags": [ + "AP: Exploit" + ], + "throttle": 3600, + "uuid": "80010119-6d7f-0000-0305-5e0000000325", + "version": 75 +} \ No newline at end of file diff --git a/Packs/Darktrace/ReleaseNotes/1_0_5.md b/Packs/Darktrace/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..07563f146850 --- /dev/null +++ b/Packs/Darktrace/ReleaseNotes/1_0_5.md @@ -0,0 +1,7 @@ +#### Integrations +##### Darktrace +- Added the following commands: + - **darktrace-get-breach-details** + - **darktrace-get-model** + - **darktrace-get-component** +- Upgraded the Docker image to: *demisto/python3:3.9.5.21272*. diff --git a/Packs/Darktrace/pack_metadata.json b/Packs/Darktrace/pack_metadata.json index d3e658e0465e..5e479f67cac8 100644 --- a/Packs/Darktrace/pack_metadata.json +++ b/Packs/Darktrace/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Darktrace", "description": "Populates Darktrace Model Breaches in Cortex XSOAR, allowing for cross-platform automated investigation and response.", "support": "partner", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "fromVersion": "6.0.0", "author": "Darktrace", "githubUser": "", @@ -20,4 +20,4 @@ "Darktrace" ], "certification": "certified" -} \ No newline at end of file +} From 7989404efcc82da21bd80b505f0af4804f6c2873 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 25 Aug 2021 19:16:26 +0300 Subject: [PATCH 039/173] Update README.md (#14540) * Update README.md (#14538) * update README.md Co-authored-by: Dorin-PM <89532307+Dorin-PM@users.noreply.github.com> Co-authored-by: abaumgarten --- Packs/Cyberint/.secrets-ignore | 3 ++- Packs/Cyberint/README.md | 18 ++++++++++++++++-- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/Packs/Cyberint/.secrets-ignore b/Packs/Cyberint/.secrets-ignore index 14f8a9c8cd80..df351708b5e7 100644 --- a/Packs/Cyberint/.secrets-ignore +++ b/Packs/Cyberint/.secrets-ignore @@ -7,4 +7,5 @@ https://chaseonline.chase.com goktug__kaya@outlook.com. hadas@cyberint.com https://test.cyberint.io -http://website.com \ No newline at end of file +http://website.com +https://cyberint.com \ No newline at end of file diff --git a/Packs/Cyberint/README.md b/Packs/Cyberint/README.md index fb1c0f41ee42..e609510d150b 100644 --- a/Packs/Cyberint/README.md +++ b/Packs/Cyberint/README.md @@ -1,5 +1,19 @@ - # Cyberint Cyberint provides intelligence-driven digital risk protection. -Cyberint help you identify emerging threats, verify your security posture, and respond effectively to reduce their impact +Cyberint helps you identify emerging threats, verifies your security posture, and responds effectively to reduce their impact. +#### Visit our site at [cyberint.com](https://cyberint.com/) + +### What does this pack do? +Cyberint and XSOAR integration is here to simplify and streamline Digital Risk Protection for Cortex XSOAR users, bring enriched threat intelligence from the Argos Edge™ Digital Risk Protection Platform into Cortex XSOAR and automatically implement playbooks and incident processes. + +- Leverages enriched and contextualized data from the Argos™ Digital Risk Protection platform to maximize your security posture within Cortex XSOAR. +- Easily exposes attack tools, phishing sites, fraud incidents, and more. +- Automatically blocks IOCs, resets account credentials, changes access tokens, and more. +- Optimizes your security team’s performance for faster Mean Time to Acknowledge (MTTA) and Mean Time to Remediate (MTTR). +- Tracks the status of tickets with automatic sync updates across systems for instant visibility and comprehensive performance metrics. + +### Additional useful links +- Link to our [blog](https://www.paloaltonetworks.com/blog/security-operations/cyberint-cortex-xsoar-extending-automated-digital-risk-protection/) +- [Running commands](https://share.vidyard.com/watch/asKRoMZAhkLpmUZS1DB8Zh) - How to run commands with Argos Edge™ XSOAR Integration. +- [How to set up the integration](https://share.vidyard.com/watch/iLezJVJk2m74fcEt41sNus) - Step by step installation and configuration guide of the application. From 4518a28e7846075b8ff89a7753b6d414dc6dd21d Mon Sep 17 00:00:00 2001 From: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Date: Wed, 25 Aug 2021 19:30:21 +0300 Subject: [PATCH 040/173] Add Edit and Pin commands to SlackV3 (#14372) * Add Edit and Pin commands to SlackV3 --- Packs/Slack/Integrations/SlackV3/README.md | 77 +++ Packs/Slack/Integrations/SlackV3/SlackV3.py | 108 ++++ Packs/Slack/Integrations/SlackV3/SlackV3.yml | 76 ++- .../Integrations/SlackV3/SlackV3_test.py | 191 ++++++ Packs/Slack/ReleaseNotes/2_1_4.md | 4 + .../playbook-SlackV3_TestPlaybook.yml | 592 ++++++++++-------- Packs/Slack/pack_metadata.json | 2 +- 7 files changed, 800 insertions(+), 250 deletions(-) create mode 100644 Packs/Slack/ReleaseNotes/2_1_4.md diff --git a/Packs/Slack/Integrations/SlackV3/README.md b/Packs/Slack/Integrations/SlackV3/README.md index addc25536ae1..ce68025a38fa 100644 --- a/Packs/Slack/Integrations/SlackV3/README.md +++ b/Packs/Slack/Integrations/SlackV3/README.md @@ -442,3 +442,80 @@ Get details about a specified user. >|---|---|---| >| U0XXXXXXXX | demisto_integration | cortex_xsoar | + +### slack-edit-message +*** +Edit an existing Slack message. + + +#### Base Command + +`slack-edit-message` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| channel | The channel the message is posted in. | Optional | +| threadID | The ID of the thread of which to edit - can be retrieved from a previous send-notification command. | Required | +| message | The updated message. | Optional | +| blocks | A JSON string of the block to send. | Optional | +| ignore_add_url | Whether to include a URL to the relevant component in XSOAR. Can be "true" or "false". Default value is "false". | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Slack.Thread.ID | String | The timestamp identifier for the message. | +| Slack.Thread.Channel | String | The channel ID the message was posted in. | +| Slack.Thread.Text | String | The text the message was updated with. | + + +#### Command Example +```!slack-edit-message channel="random" threadID="1629281551.001000" message="Eyy"``` + +#### Context Example +```json +{ + "Slack": { + "Thread": { + "ID": "1629281551.001000", + "Channel": "C0XXXXXXXX", + "Text": "Eyy" + } + } +} +``` + +#### Human Readable Output + +>The message was successfully edited. + + +### slack-pin-message +*** +Pins a selected message to the given channel. + + +#### Base Command + +`slack-pin-message` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| channel | The channel the message is posted in. | Optional | +| threadID | The ID of the thread of which to pin - can be retrieved from a previous send-notification command. | Required | + + +#### Context Output + +There is no context output for this command. + + +#### Command Example +```!slack-pin-message channel=random threadID=1629281551.001000``` + +#### Human Readable Output + +>The message was successfully pinned. diff --git a/Packs/Slack/Integrations/SlackV3/SlackV3.py b/Packs/Slack/Integrations/SlackV3/SlackV3.py index be9618c6db5a..f0eda408b25b 100644 --- a/Packs/Slack/Integrations/SlackV3/SlackV3.py +++ b/Packs/Slack/Integrations/SlackV3/SlackV3.py @@ -1045,6 +1045,9 @@ async def listen(client: SocketModeClient, req: SocketModeRequest): if len(actions) == 0: demisto.debug("Received bot_message event type. Ignoring.") return + if event.get('subtype') == 'message_changed': + demisto.debug("Received message_changed event type. Ignoring.") + return if len(actions) > 0: channel = data.get('channel', {}).get('id', '') @@ -1908,6 +1911,109 @@ def get_user(): return_outputs(hr, context, slack_user) +def slack_edit_message(): + args = demisto.args() + channel = args.get('channel') + thread_id = demisto.args().get('threadID') + message = args.get('message') + blocks = args.get('blocks') + ignore_add_url = args.get('ignore_add_url') + entry = args.get('entry') + + channel_id = '' + + if not channel: + mirror = find_mirror_by_investigation() + if mirror: + channel_id = mirror['channel_id'] + else: + channel = get_conversation_by_name(channel) + channel_id = channel.get('id') + + if not channel_id: + return_error('Channel was not found - Either the Slack app is not a member of the channel, ' + 'or the slack app does not have permission to find the channel.') + if not thread_id: + return_error('The timestamp of the message to edit is required.') + + if message and not blocks: + if ignore_add_url and isinstance(ignore_add_url, str): + ignore_add_url = bool(strtobool(ignore_add_url)) + if not ignore_add_url: + investigation = demisto.investigation() + server_links = demisto.demistoUrls() + if investigation: + if investigation.get('type') != PLAYGROUND_INVESTIGATION_TYPE: + link = server_links.get('warRoom') + if link: + if entry: + link += '/' + entry + message += f'\nView it on: {link}' + else: + link = server_links.get('server', '') + if link: + message += f'\nView it on: {link}#/home' + + body = { + 'channel': channel_id, + 'ts': thread_id + } + if message: + clean_message = handle_tags_in_message_sync(message) + body['text'] = clean_message + if blocks: + block_list = json.loads(blocks, strict=False) + body['blocks'] = block_list + try: + response = send_slack_request_sync(CLIENT, 'chat.update', body=body) + + hr = "The message was successfully edited." + result_edit = { + 'ID': response.get('ts', None), + 'Channel': response.get('channel', None), + 'Text': response.get('text', None) + } + context = { + 'Slack.Thread(val.ID === obj.ID)': result_edit + } + return_results(CommandResults( + readable_output=hr, + outputs=context, + raw_response=json.dumps(response.data))) + + except SlackApiError as slack_error: + return_error(f"{slack_error}") + + +def pin_message(): + channel = demisto.args().get('channel') + thread_id = demisto.args().get('threadID') + + channel_id = '' + + if not channel: + mirror = find_mirror_by_investigation() + if mirror: + channel_id = mirror['channel_id'] + else: + channel = get_conversation_by_name(channel) + channel_id = channel.get('id') + + if not channel_id: + return_error('Channel was not found - Either the Slack app is not a member of the channel, ' + 'or the slack app does not have permission to find the channel.') + body = { + 'channel': channel_id, + 'timestamp': thread_id + } + try: + send_slack_request_sync(CLIENT, 'pins.add', body=body) + return_results('The message was successfully pinned.') + + except SlackApiError as slack_error: + return_error(f"{slack_error}") + + def long_running_main(): """ Starts the long running thread. @@ -2011,6 +2117,8 @@ def main() -> None: 'slack-rename-channel': rename_channel, 'slack-get-user-details': get_user, 'slack-get-integration-context': slack_get_integration_context, + 'slack-edit-message': slack_edit_message, + 'slack-pin-message': pin_message } command_name: str = demisto.command() diff --git a/Packs/Slack/Integrations/SlackV3/SlackV3.yml b/Packs/Slack/Integrations/SlackV3/SlackV3.yml index 4a27446653a1..5f49adb8a514 100644 --- a/Packs/Slack/Integrations/SlackV3/SlackV3.yml +++ b/Packs/Slack/Integrations/SlackV3/SlackV3.yml @@ -425,11 +425,79 @@ script: - contextPath: Slack.User.Email description: The email address of the user. type: String - - arguments: [ ] - name: slack-get-integration-context - description: Returns the integration context as a file. Use this command for debug purposes only. + - deprecated: false + description: Returns the integration context as a file. Use this command for debug + purposes only. execution: false hidden: true + name: slack-get-integration-context + - arguments: + - default: false + description: The channel containing the message. + isArray: false + name: channel + required: true + secret: false + - default: false + description: The ID of the thread of which to pin - can be retrieved from + a previous send-notification command. + isArray: false + name: threadID + required: true + secret: false + deprecated: false + description: Pins a selected message to the given channel. + execution: false + hidden: false + name: slack-pin-message + - arguments: + - default: false + description: The channel the message is posted in. + isArray: false + name: channel + required: false + secret: false + - default: false + description: The ID of the thread of which to edit - can be retrieved from + a previous send-notification command. + isArray: false + name: threadID + required: true + secret: false + - default: false + description: The updated message. + isArray: false + name: message + required: false + secret: false + - default: false + description: A JSON string of the block to send. + isArray: false + name: blocks + required: false + secret: false + - default: false + isArray: false + name: ignore_add_url + required: false + secret: false + description: Whether to include a URL to the relevant component in XSOAR. + Can be "true" or "false". Default value is "false". + deprecated: false + description: Edit an existing Slack message. + execution: false + hidden: false + name: slack-edit-message + outputs: + - contextPath: Slack.Thread.ID + description: The timestamp identifier for the message. + type: String + - contextPath: Slack.Thread.Channel + description: The channel ID the message was posted in. + type: String + - contextPath: Slack.Thread.Text + description: The text the message was updated with. + type: String dockerimage: demisto/slackv3:1.0.0.23423 feed: false isfetch: false @@ -441,4 +509,4 @@ script: type: python fromversion: 5.5.0 tests: -- SlackV3 TestPB \ No newline at end of file +- SlackV3 TestPB diff --git a/Packs/Slack/Integrations/SlackV3/SlackV3_test.py b/Packs/Slack/Integrations/SlackV3/SlackV3_test.py index ce08c8ad1da3..5134e17bda3f 100644 --- a/Packs/Slack/Integrations/SlackV3/SlackV3_test.py +++ b/Packs/Slack/Integrations/SlackV3/SlackV3_test.py @@ -5,6 +5,7 @@ import pytest import slack_sdk from slack_sdk.web.slack_response import SlackResponse +from slack_sdk.errors import SlackApiError from unittest.mock import MagicMock @@ -3724,3 +3725,193 @@ def test_get_poll_minutes(sent, expected_minutes): # Assert assert minutes == expected_minutes + + +def test_edit_message(mocker): + """ + Given: + The text 'Boom', a threadID and known channel. + + When: + Editing a message + + Then: + Send a request to slack where the text includes the url footer, and valid channel ID. + """ + import SlackV3 + # Set + + slack_response_mock = SlackResponse( + client=None, + http_verb='', + api_url='', + req_args={}, + headers={}, + status_code=200, + data={ + 'ok': True, + 'channel': 'C061EG9T2', + 'ts': '1629281551.001000', + 'text': 'Boom\nView it on: ', + 'message': { + 'type': 'message', + 'subtype': 'bot_message', + 'text': 'Boom\nView it on: ', + 'username': 'Cortex XSOAR', + 'icons': { + 'image_48': 'https://s3-us-west-2.amazonaws.com/slack-files2/bot_icons/2021-06-29/2227534346388_48.png' + }, + 'bot_id': 'B01UZHGMQ9G' + } + } + ) + + expected_body = { + 'body': { + 'channel': 'C061EG9T2', + 'ts': '1629281551.001000', + 'text': 'Boom\nView it on: https://www.eizelulz.com:8443/#/WarRoom/727' + } + } + + link = 'https://www.eizelulz.com:8443/#/WarRoom/727' + mocker.patch.object(demisto, 'investigation', return_value={'type': 1}) + mocker.patch.object(demisto, 'demistoUrls', return_value={'warRoom': link}) + mocker.patch.object(demisto, 'args', return_value={'channel': "random", "threadID": "1629281551.001000", "message": "Boom"}) + mocker.patch.object(demisto, 'getIntegrationContext', side_effect=get_integration_context) + mocker.patch.object(SlackV3, 'send_slack_request_sync', return_value=slack_response_mock) + + # Arrange + SlackV3.slack_edit_message() + + args = SlackV3.send_slack_request_sync.call_args.kwargs + + # Assert + assert SlackV3.send_slack_request_sync.call_count == 1 + + assert args == expected_body + + +def test_edit_message_not_valid_thread_id(mocker): + """ + Given: + The text 'Boom', an incorrect threadID and known channel. + + When: + Editing a message + + Then: + Send a request to slack where the text includes the url footer, and valid channel ID. + """ + import SlackV3 + # Set + + err_response: SlackResponse = SlackResponse(api_url='', client=None, http_verb='POST', + req_args={}, + data={'ok': False, 'error': 'message_not_found'}, + status_code=429, + headers={}) + api_call = SlackApiError('The request to the Slack API failed.', err_response) + + expected_body = ('The request to the Slack API failed.\n'"The server responded with: {'ok': " + "False, 'error': 'message_not_found'}") + + link = 'https://www.eizelulz.com:8443/#/WarRoom/727' + mocker.patch.object(demisto, 'investigation', return_value={'type': 1}) + mocker.patch.object(demisto, 'demistoUrls', return_value={'warRoom': link}) + mocker.patch.object(demisto, 'args', return_value={'channel': "random", "threadID": "162928", "message": "Boom"}) + mocker.patch.object(demisto, 'getIntegrationContext', side_effect=get_integration_context) + mocker.patch.object(slack_sdk.WebClient, 'api_call', side_effect=api_call) + return_error_mock = mocker.patch(RETURN_ERROR_TARGET, side_effect=InterruptedError()) + + # Arrange + with pytest.raises(InterruptedError): + SlackV3.slack_edit_message() + + err_msg = return_error_mock.call_args[0][0] + + # Assert + assert err_msg == expected_body + + +def test_pin_message(mocker): + """ + Given: + The a valid threadID and known channel. + + When: + Pinning a message + + Then: + Send a request to slack where message is successfully pinned. + """ + import SlackV3 + # Set + + slack_response_mock = { + 'ok': True + } + + expected_body = { + 'body': { + 'channel': 'C061EG9T2', + 'timestamp': '1629281551.001000' + } + } + + mocker.patch.object(demisto, 'investigation', return_value={'type': 1}) + mocker.patch.object(demisto, 'args', return_value={'channel': "random", "threadID": "1629281551.001000"}) + mocker.patch.object(demisto, 'getIntegrationContext', side_effect=get_integration_context) + mocker.patch.object(SlackV3, 'send_slack_request_sync', return_value=slack_response_mock) + + # Arrange + SlackV3.pin_message() + + args = SlackV3.send_slack_request_sync.call_args.kwargs + + # Assert + assert SlackV3.send_slack_request_sync.call_count == 1 + + assert args == expected_body + + +def test_pin_message_invalid_thread_id(mocker): + """ + Given: + The an invalid threadID and known channel. + + When: + Pinning a message. + + Then: + Send a request to slack where an error message is returned indicating the message could not + be found. + """ + import SlackV3 + # Set + + err_response: SlackResponse = SlackResponse(api_url='', client=None, http_verb='POST', + req_args={}, + data={'ok': False, 'error': 'message_not_found'}, + status_code=429, + headers={}) + api_call = SlackApiError('The request to the Slack API failed.', err_response) + + expected_body = ( + 'The request to the Slack API failed.\n'"The server responded with: {'ok': False, " + "'error': 'message_not_found'}") + + mocker.patch.object(demisto, 'investigation', return_value={'type': 1}) + mocker.patch.object(demisto, 'args', return_value={'channel': "random", "threadID": "1629281551.001000"}) + mocker.patch.object(demisto, 'getIntegrationContext', side_effect=get_integration_context) + mocker.patch.object(slack_sdk.WebClient, 'api_call', side_effect=api_call) + return_error_mock = mocker.patch(RETURN_ERROR_TARGET, side_effect=InterruptedError()) + + # Arrange + with pytest.raises(InterruptedError): + SlackV3.pin_message() + + err_msg = return_error_mock.call_args[0][0] + + # Assert + assert err_msg == expected_body diff --git a/Packs/Slack/ReleaseNotes/2_1_4.md b/Packs/Slack/ReleaseNotes/2_1_4.md new file mode 100644 index 000000000000..694d5b589130 --- /dev/null +++ b/Packs/Slack/ReleaseNotes/2_1_4.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Slack v3 (beta) +Added the ***slack-pin-message*** and ***slack-edit-message*** commands. diff --git a/Packs/Slack/TestPlaybooks/playbook-SlackV3_TestPlaybook.yml b/Packs/Slack/TestPlaybooks/playbook-SlackV3_TestPlaybook.yml index 7c6ea40d856c..f19adb4e6907 100644 --- a/Packs/Slack/TestPlaybooks/playbook-SlackV3_TestPlaybook.yml +++ b/Packs/Slack/TestPlaybooks/playbook-SlackV3_TestPlaybook.yml @@ -5,22 +5,22 @@ starttaskid: "0" tasks: "0": id: "0" - taskid: d36973f6-abf3-4fb1-883c-52afcfecb0f7 + taskid: 14229d05-7018-47c0-8488-bbf890f47f56 type: start task: - id: d36973f6-abf3-4fb1-883c-52afcfecb0f7 + id: 14229d05-7018-47c0-8488-bbf890f47f56 version: -1 name: "" iscommand: false brand: "" nexttasks: '#none#': - - "9" + - "1" separatecontext: false view: |- { "position": { - "x": 50, + "x": 450, "y": 50 } } @@ -29,33 +29,33 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "1": id: "1" - taskid: 8e1932d6-185c-459d-82f4-3d1796e337f1 + taskid: bcfea214-19e4-41cb-891c-056a10cce033 type: regular task: - id: 8e1932d6-185c-459d-82f4-3d1796e337f1 + id: bcfea214-19e4-41cb-891c-056a10cce033 version: -1 - name: Mirror investigation - description: Mirrors the investigation between Slack and the Demisto War Room. - script: SlackV3|||mirror-investigation + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext type: regular - iscommand: true - brand: SlackV3 + iscommand: false + brand: "" nexttasks: '#none#': - "2" scriptarguments: - channelName: - simple: ${TimeNowUnix} - direction: - simple: FromDemisto + all: + simple: "yes" separatecontext: false view: |- { "position": { - "x": 50, - "y": 545 + "x": 450, + "y": 190 } } note: false @@ -63,31 +63,31 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "2": id: "2" - taskid: 7b3de297-c5f1-4f3a-8e58-c0ce0d136741 + taskid: 7fdd213a-de40-4f6c-8020-ed1abd0d16e9 type: regular task: - id: 7b3de297-c5f1-4f3a-8e58-c0ce0d136741 + id: 7fdd213a-de40-4f6c-8020-ed1abd0d16e9 version: -1 - name: Send a message - description: Sends a message to a user, group, or channel. - script: SlackV3|||send-notification + name: GetTime + description: | + Retrieves the current date and time. + scriptName: GetTime type: regular - iscommand: true - brand: SlackV3 + iscommand: false + brand: "" nexttasks: '#none#': - - "21" - scriptarguments: - channel: - simple: incident-${incident.id} + - "3" separatecontext: false view: |- { "position": { - "x": 50, - "y": 720 + "x": 450, + "y": 370 } } note: false @@ -95,34 +95,38 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "3": id: "3" - taskid: 89e8cfeb-f75c-48c8-8b25-00898b94bfff + taskid: 1697210f-0371-4813-81d7-208431fa6902 type: regular task: - id: 89e8cfeb-f75c-48c8-8b25-00898b94bfff + id: 1697210f-0371-4813-81d7-208431fa6902 version: -1 - name: FileCreateAndUpload - description: | - Will create a file (using the given data input or entry ID) and upload it to current investigation war room. - scriptName: FileCreateAndUpload + name: mirror-investigation + description: Mirrors the investigation between Slack and the Demisto War Room. + script: SlackV3|||mirror-investigation type: regular - iscommand: false - brand: "" + iscommand: true + brand: SlackV3 nexttasks: '#none#': - "4" scriptarguments: - data: - simple: this is a test - filename: - simple: test + channelName: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify + direction: + simple: FromDemisto separatecontext: false view: |- { "position": { - "x": 50, - "y": 1245 + "x": 450, + "y": 550 } } note: false @@ -130,32 +134,38 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "4": id: "4" - taskid: c0abb0a0-3acd-40bb-802b-551bc168f765 + taskid: c2ca3b80-1539-485a-8769-3fd41eb32692 type: regular task: - id: c0abb0a0-3acd-40bb-802b-551bc168f765 + id: c2ca3b80-1539-485a-8769-3fd41eb32692 version: -1 - name: Send a file - description: Sends a file to a user, channel, or group. If not specified, the - file is sent to the mirrored investigation channel (if the channel exists). - script: SlackV3|||slack-send-file + name: send-notification + description: Sends a message to a user, group, or channel. + script: SlackV3|||send-notification type: regular iscommand: true brand: SlackV3 nexttasks: '#none#': - - "7" + - "5" scriptarguments: - file: - simple: ${File.EntryID} + channel: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify + message: + simple: Hey hey heeeeeeyyyyy separatecontext: false view: |- { "position": { - "x": 50, - "y": 1420 + "x": 450, + "y": 730 } } note: false @@ -163,28 +173,40 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "5": id: "5" - taskid: 6cc8f086-7c06-4492-846d-9bac44445d25 + taskid: 969c48c2-3761-4cca-8eeb-b0b39e24cdd0 type: regular task: - id: 6cc8f086-7c06-4492-846d-9bac44445d25 + id: 969c48c2-3761-4cca-8eeb-b0b39e24cdd0 version: -1 - name: Close the channel - description: Archives a Slack channel. - script: SlackV3|||close-channel + name: slack-edit-message + description: Edit an existing slack message. + script: SlackV3|||slack-edit-message type: regular iscommand: true brand: SlackV3 nexttasks: '#none#': - - "13" + - "6" + scriptarguments: + channel: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify + message: + simple: This is changed + threadID: + simple: ${Slack.Thread.ID} separatecontext: false view: |- { "position": { - "x": 50, - "y": 1770 + "x": 450, + "y": 910 } } note: false @@ -192,33 +214,38 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "6": id: "6" - taskid: 5541f553-1497-493e-84c3-179470944ca8 + taskid: c854d2bd-f211-4315-84d8-4e4954678020 type: regular task: - id: 5541f553-1497-493e-84c3-179470944ca8 + id: c854d2bd-f211-4315-84d8-4e4954678020 version: -1 - name: VerifyHumanReadableContains - description: Verify given entry contains a string - scriptName: VerifyHumanReadableContains + name: slack-pin-message + description: Pins a selected message to the given channel. + script: SlackV3|||slack-pin-message type: regular - iscommand: false - brand: "" + iscommand: true + brand: SlackV3 nexttasks: '#none#': - - "3" + - "7" scriptarguments: - humanReadableEntryId: - simple: ${lastCompletedTaskEntries} - substring: - simple: Message sent to Slack successfully + channel: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify + threadID: + simple: ${Slack.Thread.ID} separatecontext: false view: |- { "position": { - "x": 50, - "y": 1070 + "x": 450, + "y": 1090 } } note: false @@ -226,33 +253,42 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "7": id: "7" - taskid: 35967fb3-db88-404f-8992-121958df1251 + taskid: fdd95f48-f590-4354-8b2c-c032ff190c1d type: regular task: - id: 35967fb3-db88-404f-8992-121958df1251 + id: fdd95f48-f590-4354-8b2c-c032ff190c1d version: -1 - name: VerifyHumanReadableContains - description: Verify given entry contains a string - scriptName: VerifyHumanReadableContains + name: send-notification + description: Sends a message to a user, group, or channel. + script: SlackV3|||send-notification type: regular - iscommand: false - brand: "" + iscommand: true + brand: SlackV3 nexttasks: '#none#': - - "5" + - "8" scriptarguments: - humanReadableEntryId: - simple: ${lastCompletedTaskEntries} - substring: - simple: File sent to Slack successfully. + blocks: + simple: "[\n\t\t{\n\t\t\t\"type\": \"section\",\n\t\t\t\"text\": {\n\t\t\t\t\"type\": + \"mrkdwn\",\n\t\t\t\t\"text\": \"This is a test. \"\n\t\t\t},\n\t\t\t\"accessory\": + {\n\t\t\t\t\"type\": \"button\",\n\t\t\t\t\"text\": {\n\t\t\t\t\t\"type\": + \"plain_text\",\n\t\t\t\t\t\"text\": \"Button\",\n\t\t\t\t\t\"emoji\": true\n\t\t\t\t},\n\t\t\t\t\"value\": + \"testing\"\n\t\t\t}\n\t\t}\n\t]" + channel: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify separatecontext: false view: |- { "position": { - "x": 50, - "y": 1595 + "x": 450, + "y": 1270 } } note: false @@ -260,29 +296,35 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "8": id: "8" - taskid: a7de0ad7-eefa-4c0a-8e4b-e971e9d4d501 + taskid: 51e83618-1cd3-406a-830c-759cf2a21f46 type: regular task: - id: a7de0ad7-eefa-4c0a-8e4b-e971e9d4d501 + id: 51e83618-1cd3-406a-830c-759cf2a21f46 version: -1 - name: GetTime - description: | - Retrieves the current date and time. - scriptName: GetTime + name: VerifyHumanReadableContains + description: Verify given entry contains a string + scriptName: VerifyHumanReadableContains type: regular iscommand: false brand: "" nexttasks: '#none#': - - "1" + - "9" + scriptarguments: + humanReadableEntryId: + simple: ${lastCompletedTaskEntries} + substring: + simple: Message sent to Slack successfully separatecontext: false view: |- { "position": { - "x": 50, - "y": 370 + "x": 450, + "y": 1450 } } note: false @@ -290,31 +332,36 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "9": id: "9" - taskid: a7de0ad7-eefa-4c0a-8e4b-e971e9d4d502 + taskid: 95fb53e2-220d-49ab-8f02-2ec034f52496 type: regular task: - id: a7de0ad7-eefa-4c0a-8e4b-e971e9d4d502 + id: 95fb53e2-220d-49ab-8f02-2ec034f52496 version: -1 - name: DeleteContext - description: Delete field from context - scriptName: DeleteContext + name: FileCreateAndUpload + description: | + Will create a file (using the given data input or entry ID) and upload it to current investigation war room. + scriptName: FileCreateAndUpload type: regular iscommand: false brand: "" nexttasks: '#none#': - - "8" + - "10" scriptarguments: - all: - simple: "yes" + data: + simple: This is a test + filename: + simple: test separatecontext: false view: |- { "position": { - "x": 50, - "y": 195 + "x": 450, + "y": 1630 } } note: false @@ -322,29 +369,39 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "10": id: "10" - taskid: e3195b07-39f9-4a82-892d-d55a6ee71318 + taskid: 9463ccd7-0fd3-460a-8ee0-71ebd6f33f37 type: regular task: - id: e3195b07-39f9-4a82-892d-d55a6ee71318 + id: 9463ccd7-0fd3-460a-8ee0-71ebd6f33f37 version: -1 - name: GetTime - description: | - Retrieves the current date and time. - scriptName: GetTime + name: slack-send-file + description: Sends a file to a user, channel, or group. If not specified, the + file is sent to the mirrored investigation channel (if the channel exists). + script: SlackV3|||slack-send-file type: regular - iscommand: false - brand: "" + iscommand: true + brand: SlackV3 nexttasks: '#none#': - "11" + scriptarguments: + channel: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify + file: + simple: ${File.EntryID} separatecontext: false view: |- { "position": { - "x": 50, - "y": 2120 + "x": 450, + "y": 1810 } } note: false @@ -352,33 +409,72 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "11": id: "11" - taskid: 57f1ecac-05b3-4ef7-8328-626c06161473 + taskid: 6e241b47-2bf5-489b-86f9-0e8c10cb8b67 type: regular task: - id: 57f1ecac-05b3-4ef7-8328-626c06161473 + id: 6e241b47-2bf5-489b-86f9-0e8c10cb8b67 version: -1 - name: Create a channel - description: Creates a channel in Slack. - script: SlackV3|||slack-create-channel + name: VerifyHumanReadableContains + description: Verify given entry contains a string + scriptName: VerifyHumanReadableContains + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "12" + scriptarguments: + humanReadableEntryId: + simple: ${lastCompletedTaskEntries} + substring: + simple: File sent to Slack successfully. + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 1990 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "12": + id: "12" + taskid: a8e810a1-9afb-403c-8a80-d368c9ece48d + type: regular + task: + id: a8e810a1-9afb-403c-8a80-d368c9ece48d + version: -1 + name: close-channel + description: Archives a Slack channel. + script: SlackV3|||close-channel type: regular iscommand: true brand: SlackV3 nexttasks: '#none#': - - "19" + - "13" scriptarguments: - name: - simple: ${TimeNowUnix} - users: - simple: cortex_xsoar + channel: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify separatecontext: false view: |- { "position": { - "x": 50, - "y": 2295 + "x": 450, + "y": 2170 } } note: false @@ -386,12 +482,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "13": id: "13" - taskid: 5c319dca-6c11-4539-8014-4e5b3e7fac7f + taskid: dd55494e-2a0b-4dda-8f53-723e3856d79e type: regular task: - id: 5c319dca-6c11-4539-8014-4e5b3e7fac7f + id: dd55494e-2a0b-4dda-8f53-723e3856d79e version: -1 name: DeleteContext description: Delete field from context @@ -401,7 +499,7 @@ tasks: brand: "" nexttasks: '#none#': - - "10" + - "14" scriptarguments: all: simple: "yes" @@ -409,8 +507,8 @@ tasks: view: |- { "position": { - "x": 50, - "y": 1945 + "x": 450, + "y": 2350 } } note: false @@ -418,36 +516,31 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "14": id: "14" - taskid: 119a583c-66ff-4afd-8650-64d8000ce939 + taskid: 65a50010-08e4-4640-8cef-027c883ed28c type: regular task: - id: 119a583c-66ff-4afd-8650-64d8000ce939 + id: 65a50010-08e4-4640-8cef-027c883ed28c version: -1 - name: Invite to the channel - description: Invites users to join a channel. - script: SlackV3|||slack-invite-to-channel + name: GetTime + description: | + Retrieves the current date and time. + scriptName: GetTime type: regular - iscommand: true - brand: SlackV3 + iscommand: false + brand: "" nexttasks: '#none#': - - "17" - scriptarguments: - channel: - complex: - root: TimeNowUnix - transformers: - - operator: Stringify - users: - simple: ${Slack.User.Username} + - "15" separatecontext: false view: |- { "position": { - "x": 50, - "y": 2645 + "x": 450, + "y": 2530 } } note: false @@ -455,36 +548,38 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "15": id: "15" - taskid: 5e2a3ddb-3773-4c15-89d5-4db825aa18a9 + taskid: 6ec7da54-4342-4e14-80fe-e3a0035b7e39 type: regular task: - id: 5e2a3ddb-3773-4c15-89d5-4db825aa18a9 + id: 6ec7da54-4342-4e14-80fe-e3a0035b7e39 version: -1 - name: Kick from the channel - description: Removes users from the specified channel. - script: SlackV3|||slack-kick-from-channel + name: slack-create-channel + description: Creates a channel in Slack. + script: SlackV3|||slack-create-channel type: regular iscommand: true brand: SlackV3 nexttasks: '#none#': - - "12" + - "16" scriptarguments: - channel: + name: complex: - root: TimeNow2TimeNowUnix + root: TimeNowUnix transformers: - operator: Stringify users: - simple: TestingUser + simple: cortex_xsoar separatecontext: false view: |- { "position": { - "x": 50, - "y": 3345 + "x": 450, + "y": 2710 } } note: false @@ -492,32 +587,33 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 - "17": - id: "17" - taskid: c323bb87-787c-45a1-8dab-f07fe5e00f43 + isoversize: false + isautoswitchedtoquietmode: false + "16": + id: "16" + taskid: 5b56ce73-dc34-4460-882b-fd7fcd0a2b6c type: regular task: - id: c323bb87-787c-45a1-8dab-f07fe5e00f43 + id: 5b56ce73-dc34-4460-882b-fd7fcd0a2b6c version: -1 - name: GetTime - description: | - Retrieves the current date and time. - scriptName: GetTime + name: slack-get-user-details + description: Get details about a specified user. + script: SlackV3|||slack-get-user-details type: regular - iscommand: false - brand: "" + iscommand: true + brand: SlackV3 nexttasks: '#none#': - - "18" + - "17" scriptarguments: - contextKey: - simple: TimeNow2 + user: + simple: TestingUser separatecontext: false view: |- { "position": { - "x": 50, - "y": 2820 + "x": 450, + "y": 2890 } } note: false @@ -525,39 +621,38 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 - "18": - id: "18" - taskid: 8c1a4202-077a-40d2-8808-d782fdf252fc + isoversize: false + isautoswitchedtoquietmode: false + "17": + id: "17" + taskid: 4aed847e-67fe-4309-809a-e65052562e1b type: regular task: - id: 8c1a4202-077a-40d2-8808-d782fdf252fc + id: 4aed847e-67fe-4309-809a-e65052562e1b version: -1 - name: Rename the channel - description: Renames a channel in Slack. - script: SlackV3|||slack-rename-channel + name: slack-invite-to-channel + description: Invites users to join a channel. + script: SlackV3|||slack-invite-to-channel type: regular iscommand: true brand: SlackV3 nexttasks: '#none#': - - "20" + - "18" scriptarguments: channel: complex: root: TimeNowUnix transformers: - operator: Stringify - name: - complex: - root: TimeNow2TimeNowUnix - transformers: - - operator: Stringify + users: + simple: ${Slack.User.Username} separatecontext: false view: |- { "position": { - "x": 50, - "y": 2995 + "x": 450, + "y": 3070 } } note: false @@ -565,31 +660,34 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 - "19": - id: "19" - taskid: 1376011c-11d4-4df3-8ba2-273ed66fe4f2 + isoversize: false + isautoswitchedtoquietmode: false + "18": + id: "18" + taskid: 8a9be988-6810-4edc-8838-4aef36021387 type: regular task: - id: 1376011c-11d4-4df3-8ba2-273ed66fe4f2 + id: 8a9be988-6810-4edc-8838-4aef36021387 version: -1 - name: Get user - description: Get details about a specified user. - script: SlackV3|||slack-get-user-details + name: GetTime + description: | + Retrieves the current date and time. + scriptName: GetTime type: regular - iscommand: true - brand: SlackV3 + iscommand: false + brand: "" nexttasks: '#none#': - - "14" + - "19" scriptarguments: - user: - simple: TestingUser + contextKey: + simple: TimeNow2 separatecontext: false view: |- { "position": { - "x": 50, - "y": 2470 + "x": 450, + "y": 3250 } } note: false @@ -597,36 +695,41 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 - "20": - id: "20" - taskid: 60c39319-fb4d-4885-81ad-ce8001df8025 + isoversize: false + isautoswitchedtoquietmode: false + "19": + id: "19" + taskid: 59fe9d8f-0ff3-42be-8d43-cc8fbd5ded94 type: regular task: - id: 60c39319-fb4d-4885-81ad-ce8001df8025 + id: 59fe9d8f-0ff3-42be-8d43-cc8fbd5ded94 version: -1 - name: Invite to the channel - description: Invites users to join a channel. - script: SlackV3|||slack-invite-to-channel + name: slack-rename-channel + description: Renames a channel in Slack. + script: SlackV3|||slack-rename-channel type: regular iscommand: true brand: SlackV3 nexttasks: '#none#': - - "15" + - "20" scriptarguments: channel: + complex: + root: TimeNowUnix + transformers: + - operator: Stringify + name: complex: root: TimeNow2TimeNowUnix transformers: - operator: Stringify - users: - simple: TestingUser separatecontext: false view: |- { "position": { - "x": 50, - "y": 3170 + "x": 450, + "y": 3430 } } note: false @@ -634,37 +737,35 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 - "21": - id: "21" - taskid: a7de0ad7-eefa-4c0a-8e4b-e971e9d4d503 + isoversize: false + isautoswitchedtoquietmode: false + "20": + id: "20" + taskid: cabf2dea-0d09-4bd1-8f08-cf5eebb7e6c3 type: regular task: - id: a7de0ad7-eefa-4c0a-8e4b-e971e9d4d503 + id: cabf2dea-0d09-4bd1-8f08-cf5eebb7e6c3 version: -1 - name: Send a message with blocks - description: Sends a message to a user, group, or channel. - script: SlackV3|||send-notification + name: slack-kick-from-channel + description: Removes users from the specified channel. + script: SlackV3|||slack-kick-from-channel type: regular iscommand: true brand: SlackV3 - nexttasks: - '#none#': - - "6" scriptarguments: - blocks: - simple: "[\n\t\t{\n\t\t\t\"type\": \"section\",\n\t\t\t\"text\": {\n\t\t\t\t\"type\": - \"mrkdwn\",\n\t\t\t\t\"text\": \"This is a test. \"\n\t\t\t},\n\t\t\t\"accessory\": - {\n\t\t\t\t\"type\": \"button\",\n\t\t\t\t\"text\": {\n\t\t\t\t\t\"type\": - \"plain_text\",\n\t\t\t\t\t\"text\": \"Button\",\n\t\t\t\t\t\"emoji\": true\n\t\t\t\t},\n\t\t\t\t\"value\": - \"testing\"\n\t\t\t}\n\t\t}\n\t]" channel: - simple: incident-${incident.id} + complex: + root: TimeNow2TimeNowUnix + transformers: + - operator: Stringify + users: + simple: TestingUser separatecontext: false view: |- { "position": { - "x": 50, - "y": 895 + "x": 450, + "y": 3580 } } note: false @@ -672,19 +773,20 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 -system: true -fromversion: 5.0.0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": {}, "paper": { "dimensions": { - "height": 3565, + "height": 3625, "width": 380, - "x": 50, + "x": 450, "y": 50 } } } +fromversion: 5.0.0 inputs: [] outputs: [] diff --git a/Packs/Slack/pack_metadata.json b/Packs/Slack/pack_metadata.json index 78b7f5bc8c6f..68f692ff43f8 100644 --- a/Packs/Slack/pack_metadata.json +++ b/Packs/Slack/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Slack", "description": "Send messages and notifications to your Slack team.", "support": "xsoar", - "currentVersion": "2.1.3", + "currentVersion": "2.1.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From d46f980d641a890d39a53e7d5a1aaf087c782062 Mon Sep 17 00:00:00 2001 From: ilaner <88267954+ilaner@users.noreply.github.com> Date: Thu, 26 Aug 2021 09:22:19 +0300 Subject: [PATCH 041/173] Alexa v2 (#14072) Added alexa v2 intgeration --- Packs/Alexa/Integrations/AlexaV2/AlexaV2.py | 191 ++ Packs/Alexa/Integrations/AlexaV2/AlexaV2.yml | 102 + .../AlexaV2/AlexaV2_description.md | 9 + .../Integrations/AlexaV2/AlexaV2_image.png | Bin 0 -> 4622 bytes .../Integrations/AlexaV2/AlexaV2_test.py | 124 + Packs/Alexa/Integrations/AlexaV2/Pipfile | 19 + Packs/Alexa/Integrations/AlexaV2/Pipfile.lock | 369 +++ Packs/Alexa/Integrations/AlexaV2/README.md | 111 + .../Integrations/AlexaV2/command_examples.txt | 1 + .../AlexaV2/test_data/404_response.json | 34 + .../AlexaV2/test_data/google_response.json | 34 + .../AlexaV2/test_data/nan_rank_response.json | 34 + .../test_data/negative_rank_response.json | 34 + Packs/Alexa/ReleaseNotes/2_0_0.md | 9 + .../TestPlaybooks/playbook-Alexav2-Test.yml | 212 ++ Packs/Alexa/pack_metadata.json | 2 +- Packs/Base/ReleaseNotes/1_13_25.md | 4 + .../CommonServerPython/CommonServerPython.py | 7 + .../CommonServerPython_test.py | 144 +- Packs/Base/pack_metadata.json | 2 +- Tests/conf.json | 5 + package-lock.json | 2026 ----------------- 22 files changed, 1388 insertions(+), 2085 deletions(-) create mode 100644 Packs/Alexa/Integrations/AlexaV2/AlexaV2.py create mode 100644 Packs/Alexa/Integrations/AlexaV2/AlexaV2.yml create mode 100644 Packs/Alexa/Integrations/AlexaV2/AlexaV2_description.md create mode 100644 Packs/Alexa/Integrations/AlexaV2/AlexaV2_image.png create mode 100644 Packs/Alexa/Integrations/AlexaV2/AlexaV2_test.py create mode 100644 Packs/Alexa/Integrations/AlexaV2/Pipfile create mode 100644 Packs/Alexa/Integrations/AlexaV2/Pipfile.lock create mode 100644 Packs/Alexa/Integrations/AlexaV2/README.md create mode 100644 Packs/Alexa/Integrations/AlexaV2/command_examples.txt create mode 100644 Packs/Alexa/Integrations/AlexaV2/test_data/404_response.json create mode 100644 Packs/Alexa/Integrations/AlexaV2/test_data/google_response.json create mode 100644 Packs/Alexa/Integrations/AlexaV2/test_data/nan_rank_response.json create mode 100644 Packs/Alexa/Integrations/AlexaV2/test_data/negative_rank_response.json create mode 100644 Packs/Alexa/ReleaseNotes/2_0_0.md create mode 100644 Packs/Alexa/TestPlaybooks/playbook-Alexav2-Test.yml create mode 100644 Packs/Base/ReleaseNotes/1_13_25.md diff --git a/Packs/Alexa/Integrations/AlexaV2/AlexaV2.py b/Packs/Alexa/Integrations/AlexaV2/AlexaV2.py new file mode 100644 index 000000000000..c36de4f80534 --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/AlexaV2.py @@ -0,0 +1,191 @@ +import demistomock as demisto +from CommonServerPython import * # noqa # pylint: disable=unused-wildcard-import +from CommonServerUserPython import * # noqa + +import requests +import traceback +from typing import Dict + +# Disable insecure warnings +requests.packages.urllib3.disable_warnings() # pylint: disable=no-member + +''' CONSTANTS ''' + +DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ' # ISO8601 format with UTC, default in XSOAR + +''' CLIENT CLASS ''' + + +class Client(BaseClient): + def __init__(self, api_key: str, + base_url: str, + proxy: bool, + verify: bool, + reliability: str, + top_domain_threshold: int, + suspicious_domain_threshold: Optional[int]): + super().__init__(base_url=base_url, + verify=verify, + proxy=proxy) + if DBotScoreReliability.is_valid_type(reliability): + self.reliability = DBotScoreReliability.get_dbot_score_reliability_from_str(reliability) + else: + raise DemistoException("AlexaV2 error: Please provide a valid" + " value for the Source Reliability parameter.") + self.top_domain_threshold = top_domain_threshold + self.suspicious_domain_threshold = suspicious_domain_threshold + self.api_key = api_key + + def http_request(self, params: Dict): + return self._http_request(method='GET', + headers={'x-api-key': self.api_key}, + params=params) + + def alexa_rank(self, domain: str) -> Dict: + params = {'Action': 'UrlInfo', + 'ResponseGroup': 'Rank', + 'Url': domain, + 'Output': 'json'} + return self.http_request(params=params) + + +''' HELPER FUNCTIONS ''' + + +def rank_to_context(domain: str, + rank: Optional[int], + top_domain_threshold: int, + suspicious_domain_threshold: Optional[int], + reliability: DBotScoreReliability): + if rank is None: + score = Common.DBotScore.NONE + elif rank < 0: + raise DemistoException(f'AlexaV2 error: {rank} is invalid. Rank should be positive') + elif 0 < rank <= top_domain_threshold: + score = Common.DBotScore.GOOD + elif suspicious_domain_threshold and rank > suspicious_domain_threshold: + score = Common.DBotScore.SUSPICIOUS + else: # alexa_rank < client.threshold: + score = Common.DBotScore.NONE + dbot_score = Common.DBotScore( + indicator=domain, + indicator_type=DBotScoreType.DOMAIN, + reliability=reliability, + score=score + ) + domain_standard_context = Common.Domain( + domain=domain, + dbot_score=dbot_score + ) + return domain_standard_context + + +''' COMMAND FUNCTIONS ''' + + +def test_module(client: Client) -> str: + """Tests API connectivity and authentication' + + Returning 'ok' indicates that the integration works like it is supposed to. + Connection to the service is successful. + Raises exceptions if something goes wrong. + + Args (Client): a client to use + + Return: 'ok' if test passed, anything else will fail the test. + """ + + try: + client.alexa_rank('google.com') + return 'ok' + except DemistoException as e: + if 'Forbidden' in str(e): + return 'Authorization Error: make sure API Key is correctly set' + raise e + + +def alexa_domain(client: Client, domains: List[str]) -> List[CommandResults]: + if not domains: + raise ValueError('AlexaV2 error: domain doesn\'t exists') + command_results: List[CommandResults] = [] + for domain in domains: + result = client.alexa_rank(domain) + domain_res = demisto.get(result, + 'Awis.Results.Result.Alexa.TrafficData.DataUrl') + if not domain_res or domain_res == '404': # Not found on alexa + raise DemistoException('AlexaV2 error: Domain cannot be found') + domain_res = domain_res[:-1] if domain_res[-1] == '/' else domain_res + rank = demisto.get(result, + 'Awis.Results.Result.Alexa.TrafficData.Rank') + domain_standard_context: Common.Domain = rank_to_context(domain=domain_res, + rank=arg_to_number(rank), + suspicious_domain_threshold=client.suspicious_domain_threshold, + top_domain_threshold=client.top_domain_threshold, + reliability=client.reliability) + + rank: str = rank if rank else 'Unknown' + result = {'Name': domain_res, + 'Indicator': domain_res, + 'Rank': rank} + table = {'Domain': domain_res, + 'Alexa Rank': rank, + 'Reputation': domain_standard_context.dbot_score.to_readable()} + readable = tableToMarkdown(f'Alexa Rank for {domain_res}', table, headers=list(table.keys())) + command_results.append(CommandResults( + outputs_prefix='Alexa.Domain', + outputs_key_field='Name', + outputs=result, + readable_output=readable, + indicator=domain_standard_context + )) + return command_results + + +''' MAIN FUNCTION ''' + + +def main() -> None: + params = demisto.params() + api_key = demisto.get(params, 'credentials.password') + base_api = params.get('base_url') + reliability = params.get('integrationReliability') + verify_certificate = not params.get('insecure', False) + proxy = params.get('proxy', False) + demisto.debug(f'Command being called is {demisto.command()}') + try: + suspicious_domain_threshold = arg_to_number(params.get('suspicious_domain_threshold', None), + required=False, + arg_name='suspicious_domain_threshold') + top_domain_threshold = arg_to_number(params.get('top_domain_threshold'), + required=True, + arg_name='top_domain_threshold') + if (suspicious_domain_threshold and suspicious_domain_threshold < 0)\ + or top_domain_threshold < 0: # type: ignore + raise DemistoException(f'AlexaV2 error: All threshold values should be greater than 0.' + f'Suspicious domain threshold is {suspicious_domain_threshold}. ' + f'Top domain threshold is {top_domain_threshold}.') + client = Client( + base_url=base_api, + verify=verify_certificate, + proxy=proxy, + api_key=api_key, + suspicious_domain_threshold=suspicious_domain_threshold, # type: ignore + top_domain_threshold=top_domain_threshold, # type: ignore + reliability=reliability) + if demisto.command() == 'test-module': + return_results(test_module(client)) + elif demisto.command() == 'domain': + domains = demisto.args().get('domain') + return_results(alexa_domain(client, argToList(domains))) + else: + raise NotImplementedError(f'Command {demisto.command()} is not implemented.') + + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {demisto.command()} command.\nError:\n{str(e)}') + + +''' ENTRY POINT ''' + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/Alexa/Integrations/AlexaV2/AlexaV2.yml b/Packs/Alexa/Integrations/AlexaV2/AlexaV2.yml new file mode 100644 index 000000000000..06e58e3ae81e --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/AlexaV2.yml @@ -0,0 +1,102 @@ +category: Data Enrichment & Threat Intelligence +commonfields: + id: Alexa Rank Indicator v2 + version: -1 +configuration: +- defaultvalue: 'https://awis.api.alexa.com/api' + display: Base API URL + name: base_url + required: true + type: 0 +- displaypassword: API Key + name: credentials + type: 9 + required: true + hiddenusername: true +- display: Use system proxy settings + name: proxy + required: false + type: 8 +- display: Trust any certificate (not secure) + name: insecure + required: false + type: 8 +- additionalinfo: If the domain's Alexa rank is over this threshold, the domain is marked as suspicious. If the rank is between the threshold for suspicious domains and top domains, the domain is marked as unknown. + display: Rank Threshold For Suspicious Domain + name: suspicious_domain_threshold + required: false + type: 0 +- additionalinfo: If the domain's Alexa rank is under this threshold, the domain is considered trusted and marked as good. If the rank is between the threshold for suspicious domains and top domains, the domain is marked as unknown. + defaultvalue: '1000' + display: Rank Threshold For Top Domains + name: top_domain_threshold + required: true + type: 0 +- additionalinfo: Reliability of the source providing the intelligence data. + defaultvalue: A - Completely reliable + display: Source Reliability + name: integrationReliability + options: + - A+ - 3rd party enrichment + - A - Completely reliable + - B - Usually reliable + - C - Fairly reliable + - D - Not usually reliable + - E - Unreliable + - F - Reliability cannot be judged + required: true + type: 15 +description: Alexa provides website ranking information that can be useful when determining + if a domain has a strong web presence. +display: Alexa Rank Indicator v2 +name: Alexa Rank Indicator v2 +script: + commands: + - arguments: + - default: true + description: Domain(s) to search. + isArray: true + name: domain + required: true + secret: false + deprecated: false + description: Provides an Alexa ranking of the domain. + execution: false + name: domain + outputs: + - contextPath: Domain.Name + description: The domain being checked. + type: String + - contextPath: DBotScore.Score + description: The actual score. + type: number + - contextPath: DBotScore.Vendor + description: The vendor used to calculate the score. + type: String + - contextPath: DBotScore.Type + description: The indicator type. + type: String + - contextPath: DBotScore.Indicator + description: The indicator that was tested. + type: String + - contextPath: Alexa.Domain.Indicator + description: The domain being checked. + type: String + - contextPath: Alexa.Domain.Name + description: The domain being checked. + type: String + - contextPath: Alexa.Domain.Rank + description: Alexa rank as determined by Amazon. + type: String + dockerimage: demisto/python3:3.9.6.22912 + feed: false + isfetch: false + longRunning: false + longRunningPort: false + runonce: false + script: '-' + subtype: python3 + type: python +tests: +- AlexaV2 Test Playbook +fromversion: 5.5.0 diff --git a/Packs/Alexa/Integrations/AlexaV2/AlexaV2_description.md b/Packs/Alexa/Integrations/AlexaV2/AlexaV2_description.md new file mode 100644 index 000000000000..bb649467018d --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/AlexaV2_description.md @@ -0,0 +1,9 @@ +*Rank threshold for suspicious domain* - anything above this rank is considered *suspicious*. *Rank threshold for top domains* - anything below this rank is considered *trusted*. Note - If a domain has a rank above the top domain threshold and below the suspicious domain threshold, it will be classified as *unknown.* + + +To get an API key, go to: [AWIS API](https://awis.alexa.com/) +1. If you do not already have an AWS account, create an account. +2. Subscribe to Alexa Web Information Service in the AWS marketplace. +3. Register your Alexa API account or log in to an existing Alexa API account. +2. Log in to [Alexa Web Information Service](https://awis.alexa.com/) +3. Copy the API Key. diff --git a/Packs/Alexa/Integrations/AlexaV2/AlexaV2_image.png b/Packs/Alexa/Integrations/AlexaV2/AlexaV2_image.png new file mode 100644 index 0000000000000000000000000000000000000000..ec122a5d1ebdd8050a82b3e0cf5d823656bebe71 GIT binary patch literal 4622 zcmb7|^;Z*)!-atnqdTNSN@^&Q0|ZHt(H%-NCen>GNTa}ql13UFl0ycgOG-M&21rYH z$k)H%J?H)5-shbA7u@s2=|a@WNtj7+aB#>qHB|Kf(f?nb0tx?hW;w_FKj3=lt1IJt z8)MzU!J!`1R8cbY$NghQ>~A#Fgmyxnj=oS0xs_(o_+j$n3wj&bRn39H8aKL^a4SAg~w4#BIhQC(S3amS(%_IMaZ>n%aTXCFll1_rUNyN>C{*v_N3 zo;IgmMMQI*p-#^#V!DKTY{9!*MY)W{B0twWJw1N}C>Q_^ zKD(sgfv+kqfkxrQ@KIXeokrY1=(`+8LEs}Kr*P0!7m-u?c!8p+$xLgZ4=-jkOcCB| zs}ruKzD$CTXD89)j}sOOK!LU^J8N+d++LhYQG65QS@*TlD~p`vCn2W1TPSSLkOj21 zUIz+a&`yE+%~>;t%x2B8=QALIz znhLi1NdzXNM>V&rBNE>Q>5%=Qt}jp~-^~#ZHD%|l=*Dc;INERV#>(*q06&d0{f#JV z=hgZ-Ea1YkQ;#_6-)+;j&autzrw5fp9~1enTp8J)(TmYQW^ZrQ#eHiXm=eGtij<{djRP!d)Xr8q zf5!SUX6plK!4pleeCD{Ca1VIXF^KVOYwe!IbXN%Lezn=$+{~v$g;yxWd>0I=qx3=$ z90H(ZN1C(zoU0zfyHf9DD-~bP@Uvj|iCQzt*1^xDx;{(vNDzL>pODs`iNT-cU}a#j zY8(eil<~Yije+dJOYqSOM_C7y@*``%5S=y8L3LkQ?o2n2MK5ZrcXI?pLM+8c=+%T} zdq`qFPBV{w1R<8Ws7!+}kiNZwF4e_dWFkBkcub~E%V+^UJuW*|$Z~Dks?O;#1)Ukl zyLd-ZqXrCOB_v!$`9=nXcr|aD2ew$qRFRNg+^x60Llium3)Lji<3Wz+FciH>3{dxe=889QHS#o^Gc8;q+N4gtYktE(IO6Sr;H5XyxhN+FI z(Z-L&83B=57~ig3KT9I8)jAc)e%m|10oDdu|%Uq9Vy;zg~RzNYQS2!`W=zHh)fAa$y#Em7l3v1d0= zN0ZSU_2`7f3?Mb}wv<|@V*6n%Tij&2M^1-0Mvu>{e`aWMt*B6jcpQuTw(6i_7gP4d zFG|w*vZ03=yeYG=XZ4aR6R3aeWKTw8zfk<-I#{mIe>+TkVawuoC-pZDEo=smUFRvm zfHL_4NyHq)*IhNmi4AL;LK!}urZTX1Dh~lY3E95~HEX{-351C?a@fAZy@5zeC~bu> zYbDSXT}X5tzbghuU={{>I$J~t;N@U0MjO_;O*(Q~^bL7;pJm711VIWp{;hCd!&)Tt zuHP;LQ9Q}cBMcW_pJQwO`X7g}Y*1;V=eX8g*?I=jbG#=HYPBlSgE-r!WGhKTmfhjM-UOS_*S01fKEwTT(KU!YzD$ULBKWh*}NT z9afW#X$cvwz4vuQ2?|Rn8>vKQ+4)p-S>V?-NvFj~=da=Z# z`QMTAr!M79>9~ABw-%2)RO0Wpn7(ETD1=Z z1Fka4T5hw^Cr^k3&qvJ6*y5kLhS_AV2wRcgNQ;L}Y&1AbkPR`!BL`?x9+uxhvvE{| zxu5N;OofyNbOL=5V}pYj?zkx0v_`UgsiF9JR6xJqJlT!2*oNk@z2~etIeAOun{dG4 z3wIpo_~QBiN0^5?EimSK{_yxtDiOvH+L4%GEO-vfP$fj8LQydq)JlpWpG@XRzk{mS z>OuMvOk__)L`3kpFAQ5L;)rvebeZ@u@T+!!tLnu^c(mr#!(7*hsA){ObI{3};yLOp zhYgP6dzJLcov&QXbQz|kL%25VUZ=CwzXb{!CS4>bgFY^SsvUzB2}pMioVhzjsea>H za)&(KKMsMr*qTp9(;2 zPKfR(hBF?HBWN;pz9sv()g5r+oqpy^ROc0$tb9ws>OZuw#@8DAlvLX6q{@d!8Z+u-&7P|Ex9hFcE( zc-K|z83c@L(WgC{RS^hKv|;YUrK5-Cs~-U2U%T_VvxllJUejgwPBYf6!8kW$6o4{~ zOh*smVQlrx)ISIO4Z>h{-;t)L9i*oWQ?^ie@L0B4vqew&b_#Rl8rs zLpQ4#h)RT>(6+^|^)?8u<6$2@wL^+0Hb_6hx3(uJ#st_B*$5eLYh=A+>)nG=2vNJs z`}=X{=jR@7j*dD41K9`yi+S+SQpwN;_n=L|;iq@)lk$q8KHA#aKY;wuw{2gI5nsPX zai>Yz_5vT*7>7|owUiz-g=T5v+`a8 zT@+v3@u|gr+=S&2$!Bb-$HfuPw5nb;reYMNa($3=%4SZLm}c!S6*tW!8u^Z$%Z2OW zMH>gUq<_H=^XsL4KQE6{Y5L|w>o&hXy^Ocg*W^U4UTG__a9r?o|FbA6Hhvkz~Iq_q!p6$gU4{g?R*a`wmS_O)J2Ecdh;U4B~oLkP#44P*vp) zM}6C_vc~DRN2E+9X&DM@f3)lVsm~58|21vw4P#)99_z|2L%j?tF5AA8j+-k;D>TyE z%Be?1>GWovpAFhwn|hO?;jrZVZ0&VOl{_+|%Eu<|@sRi5=0sw<@5GNOH`Mg)%(VUt zQcBawFf&r|d?pAbzn#&EW1{!Be7Gl~M9=)aXu0o!Eu}y>0d|ySi7a6Cot#;ZO#qmY zW!-Ra7^`0@k;ij$;$i$p$KA3FoY#BIzc}wt;$(ii9N$M9&zqJKtz5)X9M`++|*}{>AkEzCInuw>`8PcQ;FM z9QJE4n9Jsi9ak0BG_j~|Nr9>#cxqA})u*^!f=Fx)Oo&8dhyAS(DQOt@S3suH0C5xB zFg|%(!R2jBSV4Q{i;CB(dKo-zRw=#;SFZdahG85}dfpS7D>V8XttQmn^Y#Cw=(mi# zG*2bvl1e#>R9G$9meX+UJkY4vH3p+p4-4D0#)fa+xRl#_)w8NQMx@m=FMlcpKTUP_Sv_&N{=WgX^Xm~3Ada?33wvk<*V3p;&eK5jlZ1->M0jeMGyNcD9RD|2c zK(C^#!@QEF0ed%FONG#;?VIZy<)OxquD-Plo0Ar)0%&deW^Djv+p&_tuY*mRS8NR` zj+KG2d_HvQ(N6`OSd_ha1UX28r-b5pp5cWP>yF7Gq7YKl38OrYy1NSclDi*uuO3BU z*OYOKE?uSVq)*82x+`Xkl!B;Z1O>o=QBvB8}Tgxjz}<(PnTYFPL@joFmzx{dB=q zS-3t6>KOTlE9O7C=jTLL5?)zZ8Z{fwz22alW(SX+G6b)M zd!R0z7lB-h%~8-QX6Oby^# zQbbJ=mm7ok{tNL?gr;JaB}%cLX*dII>+Qab*isC%;^;9Znv}F*=e=}$4>ptHC6Gga z2#<0d&z3k@Ud!evdW=9-Hh)UZ{{XMPU3SX%<``L66ZS@Tw$Ve_&sP-$4t2dC*epoy zcZQ4PTVYk=Pj5)JOsBIJtb<3UuMMkcrbLk*gU&!_FgiMX^ zy}qHWI=KB3&(#eiO{-oWmj3xzrLhQmMxZN75KHvt#^0Ug!up4n5th7lKJvEv*8D^L z^4xW-yI@vmrE{v(V90|TRyDNSi|+&aR$UnU*jepOurbKw|Xn)3a<1gjW z=Cjv#a`iOnb|mO1I$ar^Fdj+SU9DEUC@{}r#~DcWXh&&3duH%e3fF0s6hYCWNAJnZ zguey2Qz&(r$pM#H4d&YH-n6q~xc8e>3#VDmKj{xeLx8U2$E7-I-MgRjj4XLN@3-U)@+rm*aCLM`B?C4C{42-P3cU!~Z_PPb zMYYE}1=G|K)_5VRncn(uIM+hci2P;&A3pYpOoA+f6O}jRnDXaIrEN~$pSaPE327iG z223b&;X`tN;=f4(J#%}a@yB{u?yV0QWaseEt-veDzQ;EyIlmu=1=F3YGo3pdg6r~u zXU@3qD+AY@z0A~%XB_}H=Rw;ka(<3ha_(=}4DIX!?uXKz*SWKa8bQwfEVYDO9<2CY lLCV*gt^OZw#2WBGd5^9P7taQk{}VhonyL_$Z^~~Y{s)Nm^@#ug literal 0 HcmV?d00001 diff --git a/Packs/Alexa/Integrations/AlexaV2/AlexaV2_test.py b/Packs/Alexa/Integrations/AlexaV2/AlexaV2_test.py new file mode 100644 index 000000000000..e84f22578535 --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/AlexaV2_test.py @@ -0,0 +1,124 @@ +import pytest +from AlexaV2 import Client, rank_to_context, alexa_domain +from CommonServerPython import * # noqa + + +def create_client(proxy: bool = False, verify: bool = False, top_domain_threshold: int = 100, + suspicious_domain_threshold: Optional[int] = None, + reliability: str = DBotScoreReliability.A_PLUS): + return Client(proxy=proxy, verify=verify, top_domain_threshold=top_domain_threshold, + suspicious_domain_threshold=suspicious_domain_threshold, + reliability=reliability, api_key='', base_url='https://awis.api.alexa.com/api') + + +def load_json(file: str) -> Dict: + with open(file, 'r') as f: + return json.load(f) + + +client = create_client() + + +def test_domain_rank(mocker): + """ + Given: + - A domain to be ranked by Alexa API + + When: + - running the domain command: + 1. when getting a valid response with an existing domain. + 2. when getting a valid response with an non-existing domain. + + Then: + - Ensure that the rank the domain got is valid + - Ensure the context data is valid with the expected outputs. + """ + raw_result = load_json('test_data/google_response.json') + mocker.patch.object(client, 'alexa_rank', return_value=raw_result) + result = alexa_domain(client, ['google.com'])[0] + rank_result = result.outputs.get('Rank') if result.outputs.get('Rank') != 'Unknown' else None + assert demisto.get(raw_result, 'Awis.Results.Result.Alexa.TrafficData.Rank') == rank_result + + +def test_multi_domains(mocker): + """ + Given: + - A list of domains to be ranked by Alexa API + + When: + - running the domain command on the input + + Then: + - Ensure that: + 1. The length of the result is the same as the length of the domains list + 2. Valid responses for both of the domains + """ + + domains = 'google.com,xsoar.com' + raw_res = load_json('test_data/google_response.json') + mocker.patch.object(client, 'alexa_rank', return_value=raw_res) + result = alexa_domain(client, argToList(domains)) + assert len(result) == len(argToList(domains)) + for res in result: + assert res.outputs.get('Rank') == demisto.get(raw_res, 'Awis.Results.Result.Alexa.TrafficData.Rank') + + +DOMAINS_BAD_RESULTS = [('xsoar.com', load_json('test_data/negative_rank_response.json')), + ('xsoar.com', load_json('test_data/nan_rank_response.json')), + ('xsoar.com', load_json('test_data/404_response.json'))] + + +@pytest.mark.parametrize('domain, raw_result', DOMAINS_BAD_RESULTS) +def test_domain_invalid_rank(mocker, domain, raw_result): + """ + Given: + - A domain to be ranked by Alexa API + + When: + - The API responds with an invalid rank + + Then: + - Ensure there is an exception + """ + mocker.patch.object(client, 'alexa_rank', return_value=raw_result) + with pytest.raises((DemistoException, ValueError)): + alexa_domain(client, [domain]) + + +SCORE_TESTS = [(1, 100, 200, DBotScoreReliability.A_PLUS, 1), + (None, 100, 200, DBotScoreReliability.A_PLUS, 0), + (0, 100, 200, DBotScoreReliability.A_PLUS, 0), + (4000, 100, 1000, DBotScoreReliability.A_PLUS, 2), + (200, 100, None, DBotScoreReliability.A_PLUS, 0)] + + +@pytest.mark.parametrize('rank, top_domain_threshold, suspicious_domain_threshold, reliability, score', SCORE_TESTS) +def test_rank_to_score(rank, top_domain_threshold, suspicious_domain_threshold, reliability, score): + """ + Given: + - The parameters for the integration, with the rank from the API + + When: + - After getting the rank, calling the rank_to_Score to get the score based on the parameters and the rank + + Then: + - Ensure that the score returned corresponds to the algorithm + """ + context = rank_to_context('google.com', rank, top_domain_threshold, suspicious_domain_threshold, reliability) + assert context.dbot_score.score == score + + +def test_rank_to_score_invalid(): + """ + Given: + - The parameters for the integration, with the rank from the API + + When: + - After getting the rank, calling the rank_to_Score to get the score based on the parameters and a rank with is invalid + + Then: + - Ensure that Exception is being raised + """ + + with pytest.raises(DemistoException): + rank_to_context('google.com', -1, 0, 200, DBotScoreReliability.A_PLUS) diff --git a/Packs/Alexa/Integrations/AlexaV2/Pipfile b/Packs/Alexa/Integrations/AlexaV2/Pipfile new file mode 100644 index 000000000000..edd7c014d474 --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/Pipfile @@ -0,0 +1,19 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] +pylint = "*" +pytest = "==5.0.1" +pytest-mock = "*" +requests-mock = "*" +pytest-asyncio = "*" + +[packages] +pytest = "*" +requests = "*" +pipenv = "*" + +[requires] +python_version = "3.7" diff --git a/Packs/Alexa/Integrations/AlexaV2/Pipfile.lock b/Packs/Alexa/Integrations/AlexaV2/Pipfile.lock new file mode 100644 index 000000000000..6bdb9313414e --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/Pipfile.lock @@ -0,0 +1,369 @@ +{ + "_meta": { + "hash": { + "sha256": "278db815bec49c11262633d34305f9b33f09432a223bedd5329a04f758f78b55" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.7" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "atomicwrites": { + "hashes": [ + "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4", + "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6" + ], + "version": "==1.3.0" + }, + "attrs": { + "hashes": [ + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" + ], + "version": "==19.1.0" + }, + "certifi": { + "hashes": [ + "sha256:e4f3620cfea4f83eedc95b24abd9cd56f3c4b146dd0177e83a21b4eb49e21e50", + "sha256:fd7c7c74727ddcf00e9acd26bba8da604ffec95bf1c2144e67aff7a8b50e6cef" + ], + "version": "==2019.9.11" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, + "importlib-metadata": { + "hashes": [ + "sha256:652234b6ab8f2506ae58e528b6fbcc668831d3cc758e1bc01ef438d328b68cdb", + "sha256:6f264986fb88042bc1f0535fa9a557e6a376cfe5679dc77caac7fe8b5d43d05f" + ], + "markers": "python_version < '3.8'", + "version": "==0.22" + }, + "more-itertools": { + "hashes": [ + "sha256:409cd48d4db7052af495b09dec721011634af3753ae1ef92d2b32f73a745f832", + "sha256:92b8c4b06dac4f0611c0729b2f2ede52b2e1bac1ab48f089c7ddc12e26bb60c4" + ], + "version": "==7.2.0" + }, + "packaging": { + "hashes": [ + "sha256:a7ac867b97fdc07ee80a8058fe4435ccd274ecc3b0ed61d852d7d53055528cf9", + "sha256:c491ca87294da7cc01902edbe30a5bc6c4c28172b5138ab4e4aa1b9d7bfaeafe" + ], + "version": "==19.1" + }, + "pluggy": { + "hashes": [ + "sha256:0db4b7601aae1d35b4a033282da476845aa19185c1e6964b25cf324b5e4ec3e6", + "sha256:fa5fa1622fa6dd5c030e9cad086fa19ef6a0cf6d7a2d12318e10cb49d6d68f34" + ], + "version": "==0.13.0" + }, + "py": { + "hashes": [ + "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa", + "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53" + ], + "version": "==1.8.0" + }, + "pyparsing": { + "hashes": [ + "sha256:6f98a7b9397e206d78cc01df10131398f1c8b8510a2f4d97d9abd82e1aacdd80", + "sha256:d9338df12903bbf5d65a0e4e87c2161968b10d2e489652bb47001d82a9b028b4" + ], + "version": "==2.4.2" + }, + "pytest": { + "hashes": [ + "sha256:95d13143cc14174ca1a01ec68e84d76ba5d9d493ac02716fd9706c949a505210", + "sha256:b78fe2881323bd44fd9bd76e5317173d4316577e7b1cddebae9136a4495ec865" + ], + "index": "pypi", + "version": "==5.1.2" + }, + "requests": { + "hashes": [ + "sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4", + "sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31" + ], + "index": "pypi", + "version": "==2.22.0" + }, + "six": { + "hashes": [ + "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", + "sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73" + ], + "version": "==1.12.0" + }, + "urllib3": { + "hashes": [ + "sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1", + "sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232" + ], + "version": "==1.25.3" + }, + "wcwidth": { + "hashes": [ + "sha256:3df37372226d6e63e1b1e1eda15c594bca98a22d33a23832a90998faa96bc65e", + "sha256:f4ebe71925af7b40a864553f761ed559b43544f8f71746c2d756c7fe788ade7c" + ], + "version": "==0.1.7" + }, + "zipp": { + "hashes": [ + "sha256:3718b1cbcd963c7d4c5511a8240812904164b7f381b647143a89d3b98f9bcd8e", + "sha256:f06903e9f1f43b12d371004b4ac7b06ab39a44adc747266928ae6debfa7b3335" + ], + "version": "==0.6.0" + } + }, + "develop": { + "astroid": { + "hashes": [ + "sha256:6560e1e1749f68c64a4b5dee4e091fce798d2f0d84ebe638cf0e0585a343acf4", + "sha256:b65db1bbaac9f9f4d190199bb8680af6f6f84fd3769a5ea883df8a91fe68b4c4" + ], + "version": "==2.2.5" + }, + "atomicwrites": { + "hashes": [ + "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4", + "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6" + ], + "version": "==1.3.0" + }, + "attrs": { + "hashes": [ + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" + ], + "version": "==19.1.0" + }, + "certifi": { + "hashes": [ + "sha256:e4f3620cfea4f83eedc95b24abd9cd56f3c4b146dd0177e83a21b4eb49e21e50", + "sha256:fd7c7c74727ddcf00e9acd26bba8da604ffec95bf1c2144e67aff7a8b50e6cef" + ], + "version": "==2019.9.11" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, + "importlib-metadata": { + "hashes": [ + "sha256:652234b6ab8f2506ae58e528b6fbcc668831d3cc758e1bc01ef438d328b68cdb", + "sha256:6f264986fb88042bc1f0535fa9a557e6a376cfe5679dc77caac7fe8b5d43d05f" + ], + "markers": "python_version < '3.8'", + "version": "==0.22" + }, + "isort": { + "hashes": [ + "sha256:54da7e92468955c4fceacd0c86bd0ec997b0e1ee80d97f67c35a78b719dccab1", + "sha256:6e811fcb295968434526407adb8796944f1988c5b65e8139058f2014cbe100fd" + ], + "version": "==4.3.21" + }, + "lazy-object-proxy": { + "hashes": [ + "sha256:02b260c8deb80db09325b99edf62ae344ce9bc64d68b7a634410b8e9a568edbf", + "sha256:18f9c401083a4ba6e162355873f906315332ea7035803d0fd8166051e3d402e3", + "sha256:1f2c6209a8917c525c1e2b55a716135ca4658a3042b5122d4e3413a4030c26ce", + "sha256:2f06d97f0ca0f414f6b707c974aaf8829c2292c1c497642f63824119d770226f", + "sha256:616c94f8176808f4018b39f9638080ed86f96b55370b5a9463b2ee5c926f6c5f", + "sha256:63b91e30ef47ef68a30f0c3c278fbfe9822319c15f34b7538a829515b84ca2a0", + "sha256:77b454f03860b844f758c5d5c6e5f18d27de899a3db367f4af06bec2e6013a8e", + "sha256:83fe27ba321e4cfac466178606147d3c0aa18e8087507caec78ed5a966a64905", + "sha256:84742532d39f72df959d237912344d8a1764c2d03fe58beba96a87bfa11a76d8", + "sha256:874ebf3caaf55a020aeb08acead813baf5a305927a71ce88c9377970fe7ad3c2", + "sha256:9f5caf2c7436d44f3cec97c2fa7791f8a675170badbfa86e1992ca1b84c37009", + "sha256:a0c8758d01fcdfe7ae8e4b4017b13552efa7f1197dd7358dc9da0576f9d0328a", + "sha256:a4def978d9d28cda2d960c279318d46b327632686d82b4917516c36d4c274512", + "sha256:ad4f4be843dace866af5fc142509e9b9817ca0c59342fdb176ab6ad552c927f5", + "sha256:ae33dd198f772f714420c5ab698ff05ff900150486c648d29951e9c70694338e", + "sha256:b4a2b782b8a8c5522ad35c93e04d60e2ba7f7dcb9271ec8e8c3e08239be6c7b4", + "sha256:c462eb33f6abca3b34cdedbe84d761f31a60b814e173b98ede3c81bb48967c4f", + "sha256:fd135b8d35dfdcdb984828c84d695937e58cc5f49e1c854eb311c4d6aa03f4f1" + ], + "version": "==1.4.2" + }, + "mccabe": { + "hashes": [ + "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42", + "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f" + ], + "version": "==0.6.1" + }, + "more-itertools": { + "hashes": [ + "sha256:409cd48d4db7052af495b09dec721011634af3753ae1ef92d2b32f73a745f832", + "sha256:92b8c4b06dac4f0611c0729b2f2ede52b2e1bac1ab48f089c7ddc12e26bb60c4" + ], + "version": "==7.2.0" + }, + "packaging": { + "hashes": [ + "sha256:a7ac867b97fdc07ee80a8058fe4435ccd274ecc3b0ed61d852d7d53055528cf9", + "sha256:c491ca87294da7cc01902edbe30a5bc6c4c28172b5138ab4e4aa1b9d7bfaeafe" + ], + "version": "==19.1" + }, + "pluggy": { + "hashes": [ + "sha256:0db4b7601aae1d35b4a033282da476845aa19185c1e6964b25cf324b5e4ec3e6", + "sha256:fa5fa1622fa6dd5c030e9cad086fa19ef6a0cf6d7a2d12318e10cb49d6d68f34" + ], + "version": "==0.13.0" + }, + "py": { + "hashes": [ + "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa", + "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53" + ], + "version": "==1.8.0" + }, + "pylint": { + "hashes": [ + "sha256:5d77031694a5fb97ea95e828c8d10fc770a1df6eb3906067aaed42201a8a6a09", + "sha256:723e3db49555abaf9bf79dc474c6b9e2935ad82230b10c1138a71ea41ac0fff1" + ], + "index": "pypi", + "version": "==2.3.1" + }, + "pyparsing": { + "hashes": [ + "sha256:6f98a7b9397e206d78cc01df10131398f1c8b8510a2f4d97d9abd82e1aacdd80", + "sha256:d9338df12903bbf5d65a0e4e87c2161968b10d2e489652bb47001d82a9b028b4" + ], + "version": "==2.4.2" + }, + "pytest": { + "hashes": [ + "sha256:95d13143cc14174ca1a01ec68e84d76ba5d9d493ac02716fd9706c949a505210", + "sha256:b78fe2881323bd44fd9bd76e5317173d4316577e7b1cddebae9136a4495ec865" + ], + "index": "pypi", + "version": "==5.1.2" + }, + "pytest-asyncio": { + "hashes": [ + "sha256:9fac5100fd716cbecf6ef89233e8590a4ad61d729d1732e0a96b84182df1daaf", + "sha256:d734718e25cfc32d2bf78d346e99d33724deeba774cc4afdf491530c6184b63b" + ], + "index": "pypi", + "version": "==0.10.0" + }, + "pytest-mock": { + "hashes": [ + "sha256:43ce4e9dd5074993e7c021bb1c22cbb5363e612a2b5a76bc6d956775b10758b7", + "sha256:5bf5771b1db93beac965a7347dc81c675ec4090cb841e49d9d34637a25c30568" + ], + "index": "pypi", + "version": "==1.10.4" + }, + "requests": { + "hashes": [ + "sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4", + "sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31" + ], + "index": "pypi", + "version": "==2.22.0" + }, + "requests-mock": { + "hashes": [ + "sha256:510df890afe08d36eca5bb16b4aa6308a6f85e3159ad3013bac8b9de7bd5a010", + "sha256:88d3402dd8b3c69a9e4f9d3a73ad11b15920c6efd36bc27bf1f701cf4a8e4646" + ], + "index": "pypi", + "version": "==1.7.0" + }, + "six": { + "hashes": [ + "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", + "sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73" + ], + "version": "==1.12.0" + }, + "typed-ast": { + "hashes": [ + "sha256:18511a0b3e7922276346bcb47e2ef9f38fb90fd31cb9223eed42c85d1312344e", + "sha256:262c247a82d005e43b5b7f69aff746370538e176131c32dda9cb0f324d27141e", + "sha256:2b907eb046d049bcd9892e3076c7a6456c93a25bebfe554e931620c90e6a25b0", + "sha256:354c16e5babd09f5cb0ee000d54cfa38401d8b8891eefa878ac772f827181a3c", + "sha256:4e0b70c6fc4d010f8107726af5fd37921b666f5b31d9331f0bd24ad9a088e631", + "sha256:630968c5cdee51a11c05a30453f8cd65e0cc1d2ad0d9192819df9978984529f4", + "sha256:66480f95b8167c9c5c5c87f32cf437d585937970f3fc24386f313a4c97b44e34", + "sha256:71211d26ffd12d63a83e079ff258ac9d56a1376a25bc80b1cdcdf601b855b90b", + "sha256:95bd11af7eafc16e829af2d3df510cecfd4387f6453355188342c3e79a2ec87a", + "sha256:bc6c7d3fa1325a0c6613512a093bc2a2a15aeec350451cbdf9e1d4bffe3e3233", + "sha256:cc34a6f5b426748a507dd5d1de4c1978f2eb5626d51326e43280941206c209e1", + "sha256:d755f03c1e4a51e9b24d899561fec4ccaf51f210d52abdf8c07ee2849b212a36", + "sha256:d7c45933b1bdfaf9f36c579671fec15d25b06c8398f113dab64c18ed1adda01d", + "sha256:d896919306dd0aa22d0132f62a1b78d11aaf4c9fc5b3410d3c666b818191630a", + "sha256:ffde2fbfad571af120fcbfbbc61c72469e72f550d676c3342492a9dfdefb8f12" + ], + "markers": "implementation_name == 'cpython'", + "version": "==1.4.0" + }, + "urllib3": { + "hashes": [ + "sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1", + "sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232" + ], + "version": "==1.25.3" + }, + "wcwidth": { + "hashes": [ + "sha256:3df37372226d6e63e1b1e1eda15c594bca98a22d33a23832a90998faa96bc65e", + "sha256:f4ebe71925af7b40a864553f761ed559b43544f8f71746c2d756c7fe788ade7c" + ], + "version": "==0.1.7" + }, + "wrapt": { + "hashes": [ + "sha256:565a021fd19419476b9362b05eeaa094178de64f8361e44468f9e9d7843901e1" + ], + "version": "==1.11.2" + }, + "zipp": { + "hashes": [ + "sha256:3718b1cbcd963c7d4c5511a8240812904164b7f381b647143a89d3b98f9bcd8e", + "sha256:f06903e9f1f43b12d371004b4ac7b06ab39a44adc747266928ae6debfa7b3335" + ], + "version": "==0.6.0" + } + } +} diff --git a/Packs/Alexa/Integrations/AlexaV2/README.md b/Packs/Alexa/Integrations/AlexaV2/README.md new file mode 100644 index 000000000000..73d2398243dc --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/README.md @@ -0,0 +1,111 @@ +Alexa provides website ranking information that can be used to help determine if a domain has a strong web presence. +This integration was integrated and tested with Alexa Rank Indicator V2. + +##### New: Alexa Rank Indicator v2 +- Use of the Alexa API rank. +- Domains that are not in the Alexa database, are considered "Unknown" instead of "Suspicious". +- If the domain doesn't exist, there is an error. +- Default values changed: 1000 for *Top Domain Threshold* and unspecified for *Suspicous Domain Threshold*. + +## Configure Alexa Rank Indicator V2 on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for Alexa Rank Indicator V2. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Source Reliability | Reliability of the source providing the intelligence data. | True | + | Rank threshold for suspicious domain | If the domain's Alexa rank is over this threshold, the domain is marked as suspicious. If the rank is between the threshold for suspicious domains and top domains, the domain is marked as *unknown*. | True | + | Base API URL | | True | + | Rank threshold for top domains | If the domain's Alexa rank is under this threshold, the domain is considered trusted and marked as good. If the rank is between the threshold for suspicious domains and top domains, the domain is marked as *unknown*. | True | + | Use system proxy settings | | False | + | Trust any certificate (not secure) | | False | + | API Key | | True | + +4. Click **Test** to validate the URLs, token, and connection. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### domain +*** +Provides the Alexa ranking of a domain. + + +#### Base Command + +`domain` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| domain | Domain(s) to search. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| Domain.Name | String | The domain being checked. | +| DBotScore.Score | number | The actual score. | +| DBotScore.Vendor | String | The vendor used to calculate the score. | +| DBotScore.Type | String | The indicator type. | +| DBotScore.Indicator | String | The indicator that was tested. | +| Alexa.Domain.Indicator | String | The domain being checked. | +| Alexa.Domain.Name | String | The domain being checked. | +| Alexa.Domain.Rank | String | Alexa rank as determined by Amazon. | + + +#### Command Example +```!domain domain="google.com,xsoar.com" + +#### Context Example +```json +{ + "Alexa": { + "Domain": [ + { + "Indicator": "google.com", + "Name": "google.com", + "Rank": "1" + }, + { + "Indicator": "xsoar.com", + "Name": "xsoar.com", + "Rank": "Unknown" + } + ] + }, + "DBotScore": [ + { + "Indicator": "google.com", + "Reliability": "A - Completely reliable", + "Score": 0, + "Type": "domain", + "Vendor": "Alexa Rank Indicator V2" + }, + { + "Indicator": "xsoar.com", + "Reliability": "A - Completely reliable", + "Score": 2, + "Type": "domain", + "Vendor": "Alexa Rank Indicator V2" + } + ], + "Domain": [ + { + "Name": "google.com" + }, + { + "Name": "xsoar.com" + } + ] +} +``` + +#### Human Readable Output + +>### Alexa Rank for xsoar.com +>|Domain|Alexa Rank|Reputation| +>|---|---|---| +>| xsoar.com | | Suspicous | diff --git a/Packs/Alexa/Integrations/AlexaV2/command_examples.txt b/Packs/Alexa/Integrations/AlexaV2/command_examples.txt new file mode 100644 index 000000000000..6f4d4952cfbf --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/command_examples.txt @@ -0,0 +1 @@ +!domain domain="google.com,xsoar.com" using="Alexa Rank Indicator V2_instance_1" \ No newline at end of file diff --git a/Packs/Alexa/Integrations/AlexaV2/test_data/404_response.json b/Packs/Alexa/Integrations/AlexaV2/test_data/404_response.json new file mode 100644 index 000000000000..8cac89556279 --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/test_data/404_response.json @@ -0,0 +1,34 @@ +{ + "Awis": { + "OperationRequest": { + "RequestId": "6e9b3a9c-8832-4229-a4bf-21e3926abebf" + }, + "Results": { + "Result": { + "Alexa": { + "Request": { + "Arguments": { + "Argument": [ + { + "Name": "url", + "Value": null + }, + { + "Name": "responsegroup", + "Value": "Rank" + } + ] + } + }, + "TrafficData": { + "DataUrl": "404", + "Rank": null + } + } + }, + "ResponseStatus": { + "StatusCode": "200" + } + } + } +} \ No newline at end of file diff --git a/Packs/Alexa/Integrations/AlexaV2/test_data/google_response.json b/Packs/Alexa/Integrations/AlexaV2/test_data/google_response.json new file mode 100644 index 000000000000..5f37b32a3c09 --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/test_data/google_response.json @@ -0,0 +1,34 @@ +{ + "Awis": { + "OperationRequest": { + "RequestId": "557d6ebe-3a5f-4d9f-bd21-e7b087155a0b" + }, + "Results": { + "Result": { + "Alexa": { + "Request": { + "Arguments": { + "Argument": [ + { + "Name": "url", + "Value": "google.com" + }, + { + "Name": "responsegroup", + "Value": "Rank" + } + ] + } + }, + "TrafficData": { + "DataUrl": "google.com/", + "Rank": "1" + } + } + }, + "ResponseStatus": { + "StatusCode": "200" + } + } + } +} \ No newline at end of file diff --git a/Packs/Alexa/Integrations/AlexaV2/test_data/nan_rank_response.json b/Packs/Alexa/Integrations/AlexaV2/test_data/nan_rank_response.json new file mode 100644 index 000000000000..62acd2d8d123 --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/test_data/nan_rank_response.json @@ -0,0 +1,34 @@ +{ + "Awis": { + "OperationRequest": { + "RequestId": "557d6ebe-3a5f-4d9f-bd21-e7b087155a0b" + }, + "Results": { + "Result": { + "Alexa": { + "Request": { + "Arguments": { + "Argument": [ + { + "Name": "url", + "Value": "xsoar.com" + }, + { + "Name": "responsegroup", + "Value": "Rank" + } + ] + } + }, + "TrafficData": { + "DataUrl": "xsoar.com/", + "Rank": "amc" + } + } + }, + "ResponseStatus": { + "StatusCode": "200" + } + } + } +} \ No newline at end of file diff --git a/Packs/Alexa/Integrations/AlexaV2/test_data/negative_rank_response.json b/Packs/Alexa/Integrations/AlexaV2/test_data/negative_rank_response.json new file mode 100644 index 000000000000..5b862aa40413 --- /dev/null +++ b/Packs/Alexa/Integrations/AlexaV2/test_data/negative_rank_response.json @@ -0,0 +1,34 @@ +{ + "Awis": { + "OperationRequest": { + "RequestId": "557d6ebe-3a5f-4d9f-bd21-e7b087155a0b" + }, + "Results": { + "Result": { + "Alexa": { + "Request": { + "Arguments": { + "Argument": [ + { + "Name": "url", + "Value": "xsoar.com" + }, + { + "Name": "responsegroup", + "Value": "Rank" + } + ] + } + }, + "TrafficData": { + "DataUrl": "xsoar.com/", + "Rank": "-2" + } + } + }, + "ResponseStatus": { + "StatusCode": "200" + } + } + } +} \ No newline at end of file diff --git a/Packs/Alexa/ReleaseNotes/2_0_0.md b/Packs/Alexa/ReleaseNotes/2_0_0.md new file mode 100644 index 000000000000..0375cde7abcc --- /dev/null +++ b/Packs/Alexa/ReleaseNotes/2_0_0.md @@ -0,0 +1,9 @@ + +#### Integrations +##### New: Alexa Rank Indicator v2 +- Using the Alexa API rank. +- Domains which are not in Alexa DB, are considered "Unknown" instead of "Suspicious". +- If the domain doesn't exist there is an error. +- Default values changed: 1000 for ```Top Domain Threshold``` and unspecified for ```Suspicous Domain Threshold``` + +v2 (Available from Cortex XSOAR 5.5.0). \ No newline at end of file diff --git a/Packs/Alexa/TestPlaybooks/playbook-Alexav2-Test.yml b/Packs/Alexa/TestPlaybooks/playbook-Alexav2-Test.yml new file mode 100644 index 000000000000..5be93442e683 --- /dev/null +++ b/Packs/Alexa/TestPlaybooks/playbook-Alexav2-Test.yml @@ -0,0 +1,212 @@ +id: AlexaV2 Test Playbook +version: -1 +name: AlexaV2 Test Playbook +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 4fc03915-0028-4eef-8eca-33b95e95f9d6 + type: start + task: + id: 4fc03915-0028-4eef-8eca-33b95e95f9d6 + version: -1 + name: "" + iscommand: false + brand: "" + nexttasks: + '#none#': + - "1" + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "1": + id: "1" + taskid: 9a50fb5a-9b7c-4f48-8fbc-894e35030013 + type: regular + task: + id: 9a50fb5a-9b7c-4f48-8fbc-894e35030013 + version: -1 + name: domain + description: Provides an Alexa ranking of the Domain in question. + script: Alexa Rank Indicator v2|||domain + type: regular + iscommand: true + brand: Alexa Rank Indicator v2 + nexttasks: + '#none#': + - "2" + scriptarguments: + domain: + simple: google.com + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 240 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "2": + id: "2" + taskid: 51f1f999-be43-4861-8118-332586bfb281 + type: condition + task: + id: 51f1f999-be43-4861-8118-332586bfb281 + version: -1 + name: test_domain + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "3" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: Alexa.Domain.Rank + iscontext: true + right: + value: + simple: "1" + - - operator: isEqualString + left: + value: + simple: Alexa.Domain.Name + iscontext: true + right: + value: + simple: google.com + - - operator: isEqualString + left: + value: + simple: Alexa.Domain.Indicator + iscontext: true + right: + value: + simple: google.com + - - operator: isEqualString + left: + value: + simple: DBotScore.Score + iscontext: true + right: + value: + simple: "0" + - - operator: isEqualString + left: + value: + simple: DBotScore.Reliability + iscontext: true + right: + value: + simple: A - Completely reliable + - - operator: isEqualString + left: + value: + simple: DBotScore.Indicator + iscontext: true + right: + value: + simple: google.com + - - operator: isEqualString + left: + value: + simple: DBotScore.Type + iscontext: true + right: + value: + simple: domain + - - operator: isEqualString + left: + value: + simple: DBotScore.Vendor + iscontext: true + right: + value: + simple: Alexa Rank Indicator v2 + - - operator: isEqualString + left: + value: + simple: Domain.Name + iscontext: true + right: + value: + simple: google.com + view: |- + { + "position": { + "x": 450, + "y": 420 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "3": + id: "3" + taskid: cdc575b6-66a3-43df-8ca9-17f2e1102505 + type: title + task: + id: cdc575b6-66a3-43df-8ca9-17f2e1102505 + version: -1 + name: Done + type: title + iscommand: false + brand: "" + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 590 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 605, + "width": 380, + "x": 450, + "y": 50 + } + } + } +inputs: [] +outputs: [] +fromversion: 5.5.0 \ No newline at end of file diff --git a/Packs/Alexa/pack_metadata.json b/Packs/Alexa/pack_metadata.json index c611a10bd191..4e511fd472cc 100644 --- a/Packs/Alexa/pack_metadata.json +++ b/Packs/Alexa/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Alexa Rank Indicator", "description": "Alexa provides website ranking information that can be useful in determining if the domain in question has a strong web presence.", "support": "xsoar", - "currentVersion": "1.1.5", + "currentVersion": "2.0.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Base/ReleaseNotes/1_13_25.md b/Packs/Base/ReleaseNotes/1_13_25.md new file mode 100644 index 000000000000..a71e9ddcb4a8 --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_13_25.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CommonServerPython +- add to_readable() to DBotScore object, returns the text representation of the score diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py index 81b3dcb9f144..5cd18ace7983 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py @@ -2485,6 +2485,13 @@ def to_context(self): } return ret_value + def to_readable(self): + dbot_score_to_text = {0: 'Unknown', + 1: 'Good', + 2: 'Suspicious', + 3: 'Bad'} + return dbot_score_to_text.get(self.score, 'Undefined') + class CustomIndicator(Indicator): def __init__(self, indicator_type, value, dbot_score, data, context_prefix): diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py index 729f76bb191c..64aa3c3dac86 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py @@ -181,66 +181,66 @@ def test_is_ip_valid(): COMPLEX_DATA_WITH_URLS = [( [ {'data': - {'id': '1', - 'result': - {'files': - [ - { - 'filename': 'name', - 'size': 0, - 'url': 'url' + {'id': '1', + 'result': + {'files': + [ + { + 'filename': 'name', + 'size': 0, + 'url': 'url' } - ] - }, - 'links': ['link'] - } + ] + }, + 'links': ['link'] + } }, {'data': - {'id': '2', - 'result': - {'files': - [ - { - 'filename': 'name', - 'size': 0, - 'url': 'url' - } - ] - }, - 'links': ['link'] - } + {'id': '2', + 'result': + {'files': + [ + { + 'filename': 'name', + 'size': 0, + 'url': 'url' + } + ] + }, + 'links': ['link'] + } } ], [ {'data': - {'id': '1', - 'result': - {'files': - [ - { - 'filename': 'name', - 'size': 0, - 'url': '[url](url)' - } - ] - }, - 'links': ['[link](link)'] - } + {'id': '1', + 'result': + {'files': + [ + { + 'filename': 'name', + 'size': 0, + 'url': '[url](url)' + } + ] + }, + 'links': ['[link](link)'] + } }, {'data': - {'id': '2', - 'result': - {'files': - [ - { - 'filename': 'name', - 'size': 0, - 'url': '[url](url)' - } - ] - }, - 'links': ['[link](link)'] - } + {'id': '2', + 'result': + {'files': + [ + { + 'filename': 'name', + 'size': 0, + 'url': '[url](url)' + } + ] + }, + 'links': ['[link](link)'] + } } ])] @@ -1050,7 +1050,8 @@ def test_logger_replace_strs(mocker): def test_logger_replace_strs_credentials(mocker): mocker.patch.object(demisto, 'params', return_value=SENSITIVE_PARAM) - basic_auth = b64_encode('{}:{}'.format(SENSITIVE_PARAM['authentication']['identifier'], SENSITIVE_PARAM['authentication']['password'])) + basic_auth = b64_encode( + '{}:{}'.format(SENSITIVE_PARAM['authentication']['identifier'], SENSITIVE_PARAM['authentication']['password'])) ilog = IntegrationLogger() # log some secrets ilog('my cred pass: cred_pass. my ssh key: ssh_key_secret. my ssh key: {}.' @@ -1670,6 +1671,34 @@ def test_output_prefix_includes_dt(self): assert list(results.to_context()['EntryContext'].keys())[0] == \ 'File(val.sha1 == obj.sha1 && val.md5 == obj.md5)' + @pytest.mark.parametrize('score, expected_readable', + [(CommonServerPython.Common.DBotScore.NONE, 'Unknown'), + (CommonServerPython.Common.DBotScore.GOOD, 'Good'), + (CommonServerPython.Common.DBotScore.SUSPICIOUS, 'Suspicious'), + (CommonServerPython.Common.DBotScore.BAD, 'Bad')]) + def test_dbot_readable(self, score, expected_readable): + from CommonServerPython import Common, DBotScoreType + dbot_score = Common.DBotScore( + indicator='8.8.8.8', + integration_name='Test', + indicator_type=DBotScoreType.IP, + score=score + ) + assert dbot_score.to_readable() == expected_readable + + def test_dbot_readable_invalid(self): + from CommonServerPython import Common, DBotScoreType + dbot_score = Common.DBotScore( + indicator='8.8.8.8', + integration_name='Test', + indicator_type=DBotScoreType.IP, + score=0 + ) + dbot_score.score = 7 + assert dbot_score.to_readable() == 'Undefined' + dbot_score.score = None + assert dbot_score.to_readable() == 'Undefined' + def test_readable_only_context(self): """ Given: @@ -3651,7 +3680,7 @@ def test_sanity(mocker): from CommonServerPython import execute_command, EntryType demisto_execute_mock = mocker.patch.object(demisto, 'executeCommand', return_value=[{'Type': EntryType.NOTE, - 'Contents': {'hello': 'world'}}]) + 'Contents': {'hello': 'world'}}]) res = execute_command('command', {'arg1': 'value'}) execute_command_args = demisto_execute_mock.call_args_list[0][0] assert demisto_execute_mock.call_count == 1 @@ -4758,8 +4787,8 @@ def test_email_indicator_type(self, mocker): score=Common.DBotScore.GOOD ) dbot_context = {'DBotScore(val.Indicator && val.Indicator == obj.Indicator && ' - 'val.Vendor == obj.Vendor && val.Type == obj.Type)': - {'Indicator': 'user@example.com', 'Type': 'email', 'Vendor': 'Test', 'Score': 1}} + 'val.Vendor == obj.Vendor && val.Type == obj.Type)': + {'Indicator': 'user@example.com', 'Type': 'email', 'Vendor': 'Test', 'Score': 1}} assert dbot_context == dbot_score.to_context() @@ -4768,7 +4797,8 @@ def test_email_indicator_type(self, mocker): address='user@example.com', dbot_score=dbot_score ) - assert email_context.to_context()[email_context.CONTEXT_PATH] == {'Address': 'user@example.com', 'Domain': 'example.com'} + assert email_context.to_context()[email_context.CONTEXT_PATH] == {'Address': 'user@example.com', + 'Domain': 'example.com'} class TestIndicatorsSearcher: @@ -5598,4 +5628,4 @@ def test_custom_indicator_no_value(self): score=Common.DBotScore.BAD, malicious_description='malicious!' ) - Common.CustomIndicator('test', None, dbot_score, {'param': 'value'}, 'prefix') + Common.CustomIndicator('test', None, dbot_score, {'param': 'value'}, 'prefix') diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index f6c7b1225a74..dc8b3b416b03 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.13.24", + "currentVersion": "1.13.25", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", diff --git a/Tests/conf.json b/Tests/conf.json index 16e8209c202a..8eee2a631c76 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -2187,6 +2187,11 @@ "integrations": "C2sec irisk", "fromversion": "5.0.0" }, + { + "playbookID": "AlexaV2 Test Playbook", + "integrations": "Alexa Rank Indicator v2", + "fromversion": "5.5.0" + }, { "playbookID": "Phishing v2 - Test - Incident Starter", "fromversion": "6.0.0", diff --git a/package-lock.json b/package-lock.json index 706ce0036b80..5eeaa37a1be1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3,2032 +3,6 @@ "version": "1.0.0", "lockfileVersion": 2, "requires": true, - "packages": { - "": { - "version": "1.0.0", - "license": "ISC", - "dependencies": { - "@mdx-js/mdx": "^1.6.22", - "commander": "^5.1.0", - "fs-extra": "^8.1.0", - "jsdoc-to-markdown": "^5.0.3" - } - }, - "node_modules/@babel/code-frame": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.10.4.tgz", - "integrity": "sha512-vG6SvB6oYEhvgisZNFRmRCUkLz11c7rp+tbNTynGqc6mS1d5ATd/sGyV6W0KZZnXRKMTzZDRgQT3Ou9jhpAfUg==", - "dependencies": { - "@babel/highlight": "^7.10.4" - } - }, - "node_modules/@babel/core": { - "version": "7.12.9", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.12.9.tgz", - "integrity": "sha512-gTXYh3M5wb7FRXQy+FErKFAv90BnlOuNn1QkCK2lREoPAjrQCO49+HVSrFoe5uakFAF5eenS75KbO2vQiLrTMQ==", - "dependencies": { - "@babel/code-frame": "^7.10.4", - "@babel/generator": "^7.12.5", - "@babel/helper-module-transforms": "^7.12.1", - "@babel/helpers": "^7.12.5", - "@babel/parser": "^7.12.7", - "@babel/template": "^7.12.7", - "@babel/traverse": "^7.12.9", - "@babel/types": "^7.12.7", - "convert-source-map": "^1.7.0", - "debug": "^4.1.0", - "gensync": "^1.0.0-beta.1", - "json5": "^2.1.2", - "lodash": "^4.17.19", - "resolve": "^1.3.2", - "semver": "^5.4.1", - "source-map": "^0.5.0" - }, - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/@babel/core/node_modules/@babel/parser": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.12.10.tgz", - "integrity": "sha512-PJdRPwyoOqFAWfLytxrWwGrAxghCgh/yTNCYciOz8QgjflA7aZhECPZAa2VUedKg2+QMWkI0L9lynh2SNmNEgA==", - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/core/node_modules/lodash": { - "version": "4.17.20", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" - }, - "node_modules/@babel/generator": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.12.10.tgz", - "integrity": "sha512-6mCdfhWgmqLdtTkhXjnIz0LcdVCd26wS2JXRtj2XY0u5klDsXBREA/pG5NVOuVnF2LUrBGNFtQkIqqTbblg0ww==", - "dependencies": { - "@babel/types": "^7.12.10", - "jsesc": "^2.5.1", - "source-map": "^0.5.0" - } - }, - "node_modules/@babel/helper-function-name": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.10.4.tgz", - "integrity": "sha512-YdaSyz1n8gY44EmN7x44zBn9zQ1Ry2Y+3GTA+3vH6Mizke1Vw0aWDM66FOYEPw8//qKkmqOckrGgTYa+6sceqQ==", - "dependencies": { - "@babel/helper-get-function-arity": "^7.10.4", - "@babel/template": "^7.10.4", - "@babel/types": "^7.10.4" - } - }, - "node_modules/@babel/helper-get-function-arity": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.12.10.tgz", - "integrity": "sha512-mm0n5BPjR06wh9mPQaDdXWDoll/j5UpCAPl1x8fS71GHm7HA6Ua2V4ylG1Ju8lvcTOietbPNNPaSilKj+pj+Ag==", - "dependencies": { - "@babel/types": "^7.12.10" - } - }, - "node_modules/@babel/helper-member-expression-to-functions": { - "version": "7.12.7", - "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.12.7.tgz", - "integrity": "sha512-DCsuPyeWxeHgh1Dus7APn7iza42i/qXqiFPWyBDdOFtvS581JQePsc1F/nD+fHrcswhLlRc2UpYS1NwERxZhHw==", - "dependencies": { - "@babel/types": "^7.12.7" - } - }, - "node_modules/@babel/helper-module-imports": { - "version": "7.12.5", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.12.5.tgz", - "integrity": "sha512-SR713Ogqg6++uexFRORf/+nPXMmWIn80TALu0uaFb+iQIUoR7bOC7zBWyzBs5b3tBBJXuyD0cRu1F15GyzjOWA==", - "dependencies": { - "@babel/types": "^7.12.5" - } - }, - "node_modules/@babel/helper-module-transforms": { - "version": "7.12.1", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.12.1.tgz", - "integrity": "sha512-QQzehgFAZ2bbISiCpmVGfiGux8YVFXQ0abBic2Envhej22DVXV9nCFaS5hIQbkyo1AdGb+gNME2TSh3hYJVV/w==", - "dependencies": { - "@babel/helper-module-imports": "^7.12.1", - "@babel/helper-replace-supers": "^7.12.1", - "@babel/helper-simple-access": "^7.12.1", - "@babel/helper-split-export-declaration": "^7.11.0", - "@babel/helper-validator-identifier": "^7.10.4", - "@babel/template": "^7.10.4", - "@babel/traverse": "^7.12.1", - "@babel/types": "^7.12.1", - "lodash": "^4.17.19" - } - }, - "node_modules/@babel/helper-module-transforms/node_modules/lodash": { - "version": "4.17.20", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" - }, - "node_modules/@babel/helper-optimise-call-expression": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.12.10.tgz", - "integrity": "sha512-4tpbU0SrSTjjt65UMWSrUOPZTsgvPgGG4S8QSTNHacKzpS51IVWGDj0yCwyeZND/i+LSN2g/O63jEXEWm49sYQ==", - "dependencies": { - "@babel/types": "^7.12.10" - } - }, - "node_modules/@babel/helper-plugin-utils": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.10.4.tgz", - "integrity": "sha512-O4KCvQA6lLiMU9l2eawBPMf1xPP8xPfB3iEQw150hOVTqj/rfXz0ThTb4HEzqQfs2Bmo5Ay8BzxfzVtBrr9dVg==" - }, - "node_modules/@babel/helper-replace-supers": { - "version": "7.12.5", - "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.12.5.tgz", - "integrity": "sha512-5YILoed0ZyIpF4gKcpZitEnXEJ9UoDRki1Ey6xz46rxOzfNMAhVIJMoune1hmPVxh40LRv1+oafz7UsWX+vyWA==", - "dependencies": { - "@babel/helper-member-expression-to-functions": "^7.12.1", - "@babel/helper-optimise-call-expression": "^7.10.4", - "@babel/traverse": "^7.12.5", - "@babel/types": "^7.12.5" - } - }, - "node_modules/@babel/helper-simple-access": { - "version": "7.12.1", - "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.12.1.tgz", - "integrity": "sha512-OxBp7pMrjVewSSC8fXDFrHrBcJATOOFssZwv16F3/6Xtc138GHybBfPbm9kfiqQHKhYQrlamWILwlDCeyMFEaA==", - "dependencies": { - "@babel/types": "^7.12.1" - } - }, - "node_modules/@babel/helper-split-export-declaration": { - "version": "7.11.0", - "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.11.0.tgz", - "integrity": "sha512-74Vejvp6mHkGE+m+k5vHY93FX2cAtrw1zXrZXRlG4l410Nm9PxfEiVTn1PjDPV5SnmieiueY4AFg2xqhNFuuZg==", - "dependencies": { - "@babel/types": "^7.11.0" - } - }, - "node_modules/@babel/helper-validator-identifier": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.10.4.tgz", - "integrity": "sha512-3U9y+43hz7ZM+rzG24Qe2mufW5KhvFg/NhnNph+i9mgCtdTCtMJuI1TMkrIUiK7Ix4PYlRF9I5dhqaLYA/ADXw==" - }, - "node_modules/@babel/helpers": { - "version": "7.12.5", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.12.5.tgz", - "integrity": "sha512-lgKGMQlKqA8meJqKsW6rUnc4MdUk35Ln0ATDqdM1a/UpARODdI4j5Y5lVfUScnSNkJcdCRAaWkspykNoFg9sJA==", - "dependencies": { - "@babel/template": "^7.10.4", - "@babel/traverse": "^7.12.5", - "@babel/types": "^7.12.5" - } - }, - "node_modules/@babel/highlight": { - "version": "7.10.4", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.10.4.tgz", - "integrity": "sha512-i6rgnR/YgPEQzZZnbTHHuZdlE8qyoBNalD6F+q4vAFlcMEcqmkoG+mPqJYJCo63qPf74+Y1UZsl3l6f7/RIkmA==", - "dependencies": { - "@babel/helper-validator-identifier": "^7.10.4", - "chalk": "^2.0.0", - "js-tokens": "^4.0.0" - } - }, - "node_modules/@babel/parser": { - "version": "7.8.8", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.8.8.tgz", - "integrity": "sha512-mO5GWzBPsPf6865iIbzNE0AvkKF3NE+2S3eRUpE+FE07BOAkXh6G+GW/Pj01hhXjve1WScbaIO4UlY1JKeqCcA==", - "bin": { - "parser": "bin/babel-parser.js" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/babel" - } - }, - "node_modules/@babel/plugin-proposal-object-rest-spread": { - "version": "7.12.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.12.1.tgz", - "integrity": "sha512-s6SowJIjzlhx8o7lsFx5zmY4At6CTtDvgNQDdPzkBQucle58A6b/TTeEBYtyDgmcXjUTM+vE8YOGHZzzbc/ioA==", - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4", - "@babel/plugin-syntax-object-rest-spread": "^7.8.0", - "@babel/plugin-transform-parameters": "^7.12.1" - } - }, - "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.12.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.12.1.tgz", - "integrity": "sha512-1yRi7yAtB0ETgxdY9ti/p2TivUxJkTdhu/ZbF9MshVGqOx1TdB3b7xCXs49Fupgg50N45KcAsRP/ZqWjs9SRjg==", - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "node_modules/@babel/plugin-syntax-object-rest-spread": { - "version": "7.8.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", - "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", - "dependencies": { - "@babel/helper-plugin-utils": "^7.8.0" - } - }, - "node_modules/@babel/plugin-transform-parameters": { - "version": "7.12.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.12.1.tgz", - "integrity": "sha512-xq9C5EQhdPK23ZeCdMxl8bbRnAgHFrw5EOC3KJUsSylZqdkCaFEXxGSBuTSObOpiiHHNyb82es8M1QYgfQGfNg==", - "dependencies": { - "@babel/helper-plugin-utils": "^7.10.4" - } - }, - "node_modules/@babel/template": { - "version": "7.12.7", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.12.7.tgz", - "integrity": "sha512-GkDzmHS6GV7ZeXfJZ0tLRBhZcMcY0/Lnb+eEbXDBfCAcZCjrZKe6p3J4we/D24O9Y8enxWAg1cWwof59yLh2ow==", - "dependencies": { - "@babel/code-frame": "^7.10.4", - "@babel/parser": "^7.12.7", - "@babel/types": "^7.12.7" - } - }, - "node_modules/@babel/template/node_modules/@babel/parser": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.12.10.tgz", - "integrity": "sha512-PJdRPwyoOqFAWfLytxrWwGrAxghCgh/yTNCYciOz8QgjflA7aZhECPZAa2VUedKg2+QMWkI0L9lynh2SNmNEgA==", - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/traverse": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.12.10.tgz", - "integrity": "sha512-6aEtf0IeRgbYWzta29lePeYSk+YAFIC3kyqESeft8o5CkFlYIMX+EQDDWEiAQ9LHOA3d0oHdgrSsID/CKqXJlg==", - "dependencies": { - "@babel/code-frame": "^7.10.4", - "@babel/generator": "^7.12.10", - "@babel/helper-function-name": "^7.10.4", - "@babel/helper-split-export-declaration": "^7.11.0", - "@babel/parser": "^7.12.10", - "@babel/types": "^7.12.10", - "debug": "^4.1.0", - "globals": "^11.1.0", - "lodash": "^4.17.19" - } - }, - "node_modules/@babel/traverse/node_modules/@babel/parser": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.12.10.tgz", - "integrity": "sha512-PJdRPwyoOqFAWfLytxrWwGrAxghCgh/yTNCYciOz8QgjflA7aZhECPZAa2VUedKg2+QMWkI0L9lynh2SNmNEgA==", - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/traverse/node_modules/lodash": { - "version": "4.17.20", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" - }, - "node_modules/@babel/types": { - "version": "7.12.10", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.12.10.tgz", - "integrity": "sha512-sf6wboJV5mGyip2hIpDSKsr80RszPinEFjsHTalMxZAZkoQ2/2yQzxlcFN52SJqsyPfLtPmenL4g2KB3KJXPDw==", - "dependencies": { - "@babel/helper-validator-identifier": "^7.10.4", - "lodash": "^4.17.19", - "to-fast-properties": "^2.0.0" - } - }, - "node_modules/@babel/types/node_modules/lodash": { - "version": "4.17.20", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" - }, - "node_modules/@mdx-js/mdx": { - "version": "1.6.22", - "resolved": "https://registry.npmjs.org/@mdx-js/mdx/-/mdx-1.6.22.tgz", - "integrity": "sha512-AMxuLxPz2j5/6TpF/XSdKpQP1NlG0z11dFOlq+2IP/lSgl11GY8ji6S/rgsViN/L0BDvHvUMruRb7ub+24LUYA==", - "dependencies": { - "@babel/core": "7.12.9", - "@babel/plugin-syntax-jsx": "7.12.1", - "@babel/plugin-syntax-object-rest-spread": "7.8.3", - "@mdx-js/util": "1.6.22", - "babel-plugin-apply-mdx-type-prop": "1.6.22", - "babel-plugin-extract-import-names": "1.6.22", - "camelcase-css": "2.0.1", - "detab": "2.0.4", - "hast-util-raw": "6.0.1", - "lodash.uniq": "4.5.0", - "mdast-util-to-hast": "10.0.1", - "remark-footnotes": "2.0.0", - "remark-mdx": "1.6.22", - "remark-parse": "8.0.3", - "remark-squeeze-paragraphs": "4.0.0", - "style-to-object": "0.3.0", - "unified": "9.2.0", - "unist-builder": "2.0.3", - "unist-util-visit": "2.0.3" - } - }, - "node_modules/@mdx-js/util": { - "version": "1.6.22", - "resolved": "https://registry.npmjs.org/@mdx-js/util/-/util-1.6.22.tgz", - "integrity": "sha512-H1rQc1ZOHANWBvPcW+JpGwr+juXSxM8Q8YCkm3GhZd8REu1fHR3z99CErO1p9pkcfcxZnMdIZdIsXkOHY0NilA==" - }, - "node_modules/@types/hast": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/@types/hast/-/hast-2.3.1.tgz", - "integrity": "sha512-viwwrB+6xGzw+G1eWpF9geV3fnsDgXqHG+cqgiHrvQfDUW5hzhCyV7Sy3UJxhfRFBsgky2SSW33qi/YrIkjX5Q==", - "dependencies": { - "@types/unist": "*" - } - }, - "node_modules/@types/mdast": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@types/mdast/-/mdast-3.0.3.tgz", - "integrity": "sha512-SXPBMnFVQg1s00dlMCc/jCdvPqdE4mXaMMCeRlxLDmTAEoegHT53xKtkDnzDTOcmMHUfcjyf36/YYZ6SxRdnsw==", - "dependencies": { - "@types/unist": "*" - } - }, - "node_modules/@types/parse5": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/@types/parse5/-/parse5-5.0.3.tgz", - "integrity": "sha512-kUNnecmtkunAoQ3CnjmMkzNU/gtxG8guhi+Fk2U/kOpIKjIMKnXGp4IJCgQJrXSgMsWYimYG4TGjz/UzbGEBTw==" - }, - "node_modules/@types/unist": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@types/unist/-/unist-2.0.3.tgz", - "integrity": "sha512-FvUupuM3rlRsRtCN+fDudtmytGO6iHJuuRKS1Ss0pG5z8oX0diNEw94UEL7hgDbpN94rgaK5R7sWm6RrSkZuAQ==" - }, - "node_modules/ansi-escape-sequences": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/ansi-escape-sequences/-/ansi-escape-sequences-4.1.0.tgz", - "integrity": "sha512-dzW9kHxH011uBsidTXd14JXgzye/YLb2LzeKZ4bsgl/Knwx8AtbSFkkGxagdNOoh0DlqHCmfiEjWKBaqjOanVw==", - "dependencies": { - "array-back": "^3.0.1" - }, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/ansi-escape-sequences/node_modules/array-back": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-3.1.0.tgz", - "integrity": "sha512-TkuxA4UCOvxuDK6NZYXCalszEzj+TLszyASooky+i742l9TqsOdYCMJJupxRic61hwquNtppB3hgcuq9SVSH1Q==", - "engines": { - "node": ">=6" - } - }, - "node_modules/ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "dependencies": { - "color-convert": "^1.9.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dependencies": { - "sprintf-js": "~1.0.2" - } - }, - "node_modules/array-back": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-4.0.1.tgz", - "integrity": "sha512-Z/JnaVEXv+A9xabHzN43FiiiWEE7gPCRXMrVmRm00tWbjZRul1iHm7ECzlyNq1p4a4ATXz+G9FJ3GqGOkOV3fg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/babel-plugin-apply-mdx-type-prop": { - "version": "1.6.22", - "resolved": "https://registry.npmjs.org/babel-plugin-apply-mdx-type-prop/-/babel-plugin-apply-mdx-type-prop-1.6.22.tgz", - "integrity": "sha512-VefL+8o+F/DfK24lPZMtJctrCVOfgbqLAGZSkxwhazQv4VxPg3Za/i40fu22KR2m8eEda+IfSOlPLUSIiLcnCQ==", - "dependencies": { - "@babel/helper-plugin-utils": "7.10.4", - "@mdx-js/util": "1.6.22" - } - }, - "node_modules/babel-plugin-extract-import-names": { - "version": "1.6.22", - "resolved": "https://registry.npmjs.org/babel-plugin-extract-import-names/-/babel-plugin-extract-import-names-1.6.22.tgz", - "integrity": "sha512-yJ9BsJaISua7d8zNT7oRG1ZLBJCIdZ4PZqmH8qa9N5AK01ifk3fnkc98AXhtzE7UkfCsEumvoQWgoYLhOnJ7jQ==", - "dependencies": { - "@babel/helper-plugin-utils": "7.10.4" - } - }, - "node_modules/bail": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/bail/-/bail-1.0.5.tgz", - "integrity": "sha512-xFbRxM1tahm08yHBP16MMjVUAvDaBMD38zsM9EMAUN61omwLmKlOpB/Zku5QkjZ8TZ4vn53pj+t518cH0S03RQ==" - }, - "node_modules/balanced-match": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", - "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" - }, - "node_modules/bluebird": { - "version": "3.7.2", - "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz", - "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==" - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/cache-point": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/cache-point/-/cache-point-1.0.0.tgz", - "integrity": "sha512-ZqrZp9Hi5Uq7vfSGmNP2bUT/9DzZC2Y/GXjHB8rUJN1a+KLmbV05+vxHipNsg8+CSVgjcVVzLV8VZms6w8ZeRw==", - "dependencies": { - "array-back": "^4.0.0", - "fs-then-native": "^2.0.0", - "mkdirp2": "^1.0.4" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/camelcase-css": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/camelcase-css/-/camelcase-css-2.0.1.tgz", - "integrity": "sha512-QOSvevhslijgYwRx6Rv7zKdMF8lbRmx+uQGx2+vDc+KI/eBnsy9kit5aj23AgGu3pa4t9AgwbnXWqS+iOY+2aA==", - "engines": { - "node": ">= 6" - } - }, - "node_modules/catharsis": { - "version": "0.8.11", - "resolved": "https://registry.npmjs.org/catharsis/-/catharsis-0.8.11.tgz", - "integrity": "sha512-a+xUyMV7hD1BrDQA/3iPV7oc+6W26BgVJO05PGEoatMyIuPScQKsde6i3YorWX1qs+AZjnJ18NqdKoCtKiNh1g==", - "dependencies": { - "lodash": "^4.17.14" - }, - "engines": { - "node": ">= 8" - } - }, - "node_modules/ccount": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/ccount/-/ccount-1.1.0.tgz", - "integrity": "sha512-vlNK021QdI7PNeiUh/lKkC/mNHHfV0m/Ad5JoI0TYtlBnJAslM/JIkm/tGC88bkLIwO6OQ5uV6ztS6kVAtCDlg==" - }, - "node_modules/chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "dependencies": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/character-entities": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/character-entities/-/character-entities-1.2.4.tgz", - "integrity": "sha512-iBMyeEHxfVnIakwOuDXpVkc54HijNgCyQB2w0VfGQThle6NXn50zU6V/u+LDhxHcDUPojn6Kpga3PTAD8W1bQw==" - }, - "node_modules/character-entities-legacy": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/character-entities-legacy/-/character-entities-legacy-1.1.4.tgz", - "integrity": "sha512-3Xnr+7ZFS1uxeiUDvV02wQ+QDbc55o97tIV5zHScSPJpcLm/r0DFPcoY3tYRp+VZukxuMeKgXYmsXQHO05zQeA==" - }, - "node_modules/character-reference-invalid": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/character-reference-invalid/-/character-reference-invalid-1.1.4.tgz", - "integrity": "sha512-mKKUkUbhPpQlCOfIuZkvSEgktjPFIsZKRRbC6KWVEMvlzblj3i3asQv5ODsrwt0N3pHAEvjP8KTQPHkp0+6jOg==" - }, - "node_modules/collapse-white-space": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/collapse-white-space/-/collapse-white-space-1.0.6.tgz", - "integrity": "sha512-jEovNnrhMuqyCcjfEJA56v0Xq8SkIoPKDyaHahwo3POf4qcSXqMYuwNcOTzp74vTsR9Tn08z4MxWqAhcekogkQ==" - }, - "node_modules/collect-all": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/collect-all/-/collect-all-1.0.3.tgz", - "integrity": "sha512-0y0rBgoX8IzIjBAUnO73SEtSb4Mhk3IoceWJq5zZSxb9mWORhWH8xLYo4EDSOE1jRBk1LhmfjqWFFt10h/+MEA==", - "dependencies": { - "stream-connect": "^1.0.2", - "stream-via": "^1.0.4" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "dependencies": { - "color-name": "1.1.3" - } - }, - "node_modules/color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=" - }, - "node_modules/comma-separated-tokens": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/comma-separated-tokens/-/comma-separated-tokens-1.0.8.tgz", - "integrity": "sha512-GHuDRO12Sypu2cV70d1dkA2EUmXHgntrzbpvOB+Qy+49ypNfGgFQIC2fhhXbnyrJRynDCAARsT7Ou0M6hirpfw==" - }, - "node_modules/command-line-args": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/command-line-args/-/command-line-args-5.1.1.tgz", - "integrity": "sha512-hL/eG8lrll1Qy1ezvkant+trihbGnaKaeEjj6Scyr3DN+RC7iQ5Rz84IeLERfAWDGo0HBSNAakczwgCilDXnWg==", - "dependencies": { - "array-back": "^3.0.1", - "find-replace": "^3.0.0", - "lodash.camelcase": "^4.3.0", - "typical": "^4.0.0" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/command-line-args/node_modules/array-back": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-3.1.0.tgz", - "integrity": "sha512-TkuxA4UCOvxuDK6NZYXCalszEzj+TLszyASooky+i742l9TqsOdYCMJJupxRic61hwquNtppB3hgcuq9SVSH1Q==", - "engines": { - "node": ">=6" - } - }, - "node_modules/command-line-args/node_modules/typical": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/typical/-/typical-4.0.0.tgz", - "integrity": "sha512-VAH4IvQ7BDFYglMd7BPRDfLgxZZX4O4TFcRDA6EN5X7erNJJq+McIEp8np9aVtxrCJ6qx4GTYVfOWNjcqwZgRw==", - "engines": { - "node": ">=8" - } - }, - "node_modules/command-line-tool": { - "version": "0.8.0", - "resolved": "https://registry.npmjs.org/command-line-tool/-/command-line-tool-0.8.0.tgz", - "integrity": "sha512-Xw18HVx/QzQV3Sc5k1vy3kgtOeGmsKIqwtFFoyjI4bbcpSgnw2CWVULvtakyw4s6fhyAdI6soQQhXc2OzJy62g==", - "dependencies": { - "ansi-escape-sequences": "^4.0.0", - "array-back": "^2.0.0", - "command-line-args": "^5.0.0", - "command-line-usage": "^4.1.0", - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/command-line-tool/node_modules/array-back": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-2.0.0.tgz", - "integrity": "sha512-eJv4pLLufP3g5kcZry0j6WXpIbzYw9GUB4mVJZno9wfwiBxbizTnHCw3VJb07cBihbFX48Y7oSrW9y+gt4glyw==", - "dependencies": { - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/command-line-usage": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/command-line-usage/-/command-line-usage-4.1.0.tgz", - "integrity": "sha512-MxS8Ad995KpdAC0Jopo/ovGIroV/m0KHwzKfXxKag6FHOkGsH8/lv5yjgablcRxCJJC0oJeUMuO/gmaq+Wq46g==", - "dependencies": { - "ansi-escape-sequences": "^4.0.0", - "array-back": "^2.0.0", - "table-layout": "^0.4.2", - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/command-line-usage/node_modules/array-back": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-2.0.0.tgz", - "integrity": "sha512-eJv4pLLufP3g5kcZry0j6WXpIbzYw9GUB4mVJZno9wfwiBxbizTnHCw3VJb07cBihbFX48Y7oSrW9y+gt4glyw==", - "dependencies": { - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/commander": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", - "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", - "engines": { - "node": ">= 6" - } - }, - "node_modules/common-sequence": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/common-sequence/-/common-sequence-2.0.0.tgz", - "integrity": "sha512-f0QqPLpRTgMQn/pQIynf+SdE73Lw5Q1jn4hjirHLgH/NJ71TiHjXusV16BmOyuK5rRQ1W2f++II+TFZbQOh4hA==", - "engines": { - "node": ">=8" - } - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "node_modules/config-master": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/config-master/-/config-master-3.1.0.tgz", - "integrity": "sha1-ZnZjWQUFooO/JqSE1oSJ10xUhdo=", - "dependencies": { - "walk-back": "^2.0.1" - } - }, - "node_modules/config-master/node_modules/walk-back": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/walk-back/-/walk-back-2.0.1.tgz", - "integrity": "sha1-VU4qnYdPrEeoywBr9EwvDEmYoKQ=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/convert-source-map": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz", - "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==", - "dependencies": { - "safe-buffer": "~5.1.1" - } - }, - "node_modules/debug": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", - "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - } - }, - "node_modules/deep-extend": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", - "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/detab": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/detab/-/detab-2.0.4.tgz", - "integrity": "sha512-8zdsQA5bIkoRECvCrNKPla84lyoR7DSAyf7p0YgXzBO9PDJx8KntPUay7NS6yp+KdxdVtiE5SpHKtbp2ZQyA9g==", - "dependencies": { - "repeat-string": "^1.5.4" - } - }, - "node_modules/dmd": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/dmd/-/dmd-4.0.6.tgz", - "integrity": "sha512-7ZYAnFQ6jGm4SICArwqNPylJ83PaOdPTAkds3Z/s1ueFqSc5ilJ2F0b7uP+35W1PUbemH++gn5/VlC3KwEgiHQ==", - "dependencies": { - "array-back": "^4.0.1", - "cache-point": "^1.0.0", - "common-sequence": "^2.0.0", - "file-set": "^3.0.0", - "handlebars": "^4.5.3", - "marked": "^0.7.0", - "object-get": "^2.1.0", - "reduce-flatten": "^3.0.0", - "reduce-unique": "^2.0.1", - "reduce-without": "^1.0.1", - "test-value": "^3.0.0", - "walk-back": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/dmd/node_modules/reduce-flatten": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/reduce-flatten/-/reduce-flatten-3.0.0.tgz", - "integrity": "sha512-eczl8wAYBxJ6Egl6I1ECIF+8z6sHu+KE7BzaEDZTpPXKXfy9SUDQlVYwkRcNTjJLC3Iakxbhss50KuT/R6SYfg==", - "engines": { - "node": ">=8" - } - }, - "node_modules/entities": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/entities/-/entities-1.1.2.tgz", - "integrity": "sha512-f2LZMYl1Fzu7YSBKg+RoROelpOaNrcGmE9AZubeDfrCEia483oW4MI4VyFd5VNHIgQ/7qm1I0wUHK1eJnn2y2w==" - }, - "node_modules/escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/extend": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", - "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" - }, - "node_modules/file-set": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/file-set/-/file-set-3.0.0.tgz", - "integrity": "sha512-B/SdeSIeRv7VlOgIjtH3dkxMI+tEy5m+OeCXfAUsirBoVoY+bGtsmvmmTFPm/G23TBY4RiTtjpcgePCfwXRjqA==", - "dependencies": { - "array-back": "^4.0.0", - "glob": "^7.1.5" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/find-replace": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/find-replace/-/find-replace-3.0.0.tgz", - "integrity": "sha512-6Tb2myMioCAgv5kfvP5/PkZZ/ntTpVK39fHY7WkWBgvbeE+VHd/tZuZ4mrC+bxh4cfOZeYKVPaJIZtZXV7GNCQ==", - "dependencies": { - "array-back": "^3.0.1" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/find-replace/node_modules/array-back": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-3.1.0.tgz", - "integrity": "sha512-TkuxA4UCOvxuDK6NZYXCalszEzj+TLszyASooky+i742l9TqsOdYCMJJupxRic61hwquNtppB3hgcuq9SVSH1Q==", - "engines": { - "node": ">=6" - } - }, - "node_modules/fs-extra": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", - "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==", - "dependencies": { - "graceful-fs": "^4.2.0", - "jsonfile": "^4.0.0", - "universalify": "^0.1.0" - }, - "engines": { - "node": ">=6 <7 || >=8" - } - }, - "node_modules/fs-then-native": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/fs-then-native/-/fs-then-native-2.0.0.tgz", - "integrity": "sha1-GaEk2U2QwiyOBF8ujdbr6jbUjGc=", - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" - }, - "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" - }, - "node_modules/gensync": { - "version": "1.0.0-beta.2", - "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", - "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", - "engines": { - "node": ">=6.9.0" - } - }, - "node_modules/glob": { - "version": "7.1.6", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", - "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", - "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - }, - "engines": { - "node": "*" - } - }, - "node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "engines": { - "node": ">=4" - } - }, - "node_modules/graceful-fs": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.3.tgz", - "integrity": "sha512-a30VEBm4PEdx1dRB7MFK7BejejvCvBronbLjht+sHuGYj8PHs7M/5Z+rt5lw551vZ7yfTCj4Vuyy3mSJytDWRQ==" - }, - "node_modules/handlebars": { - "version": "4.7.3", - "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.3.tgz", - "integrity": "sha512-SRGwSYuNfx8DwHD/6InAPzD6RgeruWLT+B8e8a7gGs8FWgHzlExpTFMEq2IA6QpAfOClpKHy6+8IqTjeBCu6Kg==", - "dependencies": { - "neo-async": "^2.6.0", - "optimist": "^0.6.1", - "source-map": "^0.6.1", - "wordwrap": "^1.0.0" - }, - "bin": { - "handlebars": "bin/handlebars" - }, - "engines": { - "node": ">=0.4.7" - }, - "optionalDependencies": { - "uglify-js": "^3.1.4" - } - }, - "node_modules/handlebars/node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/has": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", - "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, - "node_modules/has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "engines": { - "node": ">=4" - } - }, - "node_modules/hast-to-hyperscript": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/hast-to-hyperscript/-/hast-to-hyperscript-9.0.1.tgz", - "integrity": "sha512-zQgLKqF+O2F72S1aa4y2ivxzSlko3MAvxkwG8ehGmNiqd98BIN3JM1rAJPmplEyLmGLO2QZYJtIneOSZ2YbJuA==", - "dependencies": { - "@types/unist": "^2.0.3", - "comma-separated-tokens": "^1.0.0", - "property-information": "^5.3.0", - "space-separated-tokens": "^1.0.0", - "style-to-object": "^0.3.0", - "unist-util-is": "^4.0.0", - "web-namespaces": "^1.0.0" - } - }, - "node_modules/hast-util-from-parse5": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/hast-util-from-parse5/-/hast-util-from-parse5-6.0.1.tgz", - "integrity": "sha512-jeJUWiN5pSxW12Rh01smtVkZgZr33wBokLzKLwinYOUfSzm1Nl/c3GUGebDyOKjdsRgMvoVbV0VpAcpjF4NrJA==", - "dependencies": { - "@types/parse5": "^5.0.0", - "hastscript": "^6.0.0", - "property-information": "^5.0.0", - "vfile": "^4.0.0", - "vfile-location": "^3.2.0", - "web-namespaces": "^1.0.0" - } - }, - "node_modules/hast-util-parse-selector": { - "version": "2.2.5", - "resolved": "https://registry.npmjs.org/hast-util-parse-selector/-/hast-util-parse-selector-2.2.5.tgz", - "integrity": "sha512-7j6mrk/qqkSehsM92wQjdIgWM2/BW61u/53G6xmC8i1OmEdKLHbk419QKQUjz6LglWsfqoiHmyMRkP1BGjecNQ==" - }, - "node_modules/hast-util-raw": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/hast-util-raw/-/hast-util-raw-6.0.1.tgz", - "integrity": "sha512-ZMuiYA+UF7BXBtsTBNcLBF5HzXzkyE6MLzJnL605LKE8GJylNjGc4jjxazAHUtcwT5/CEt6afRKViYB4X66dig==", - "dependencies": { - "@types/hast": "^2.0.0", - "hast-util-from-parse5": "^6.0.0", - "hast-util-to-parse5": "^6.0.0", - "html-void-elements": "^1.0.0", - "parse5": "^6.0.0", - "unist-util-position": "^3.0.0", - "vfile": "^4.0.0", - "web-namespaces": "^1.0.0", - "xtend": "^4.0.0", - "zwitch": "^1.0.0" - } - }, - "node_modules/hast-util-raw/node_modules/parse5": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz", - "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==" - }, - "node_modules/hast-util-to-parse5": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/hast-util-to-parse5/-/hast-util-to-parse5-6.0.0.tgz", - "integrity": "sha512-Lu5m6Lgm/fWuz8eWnrKezHtVY83JeRGaNQ2kn9aJgqaxvVkFCZQBEhgodZUDUvoodgyROHDb3r5IxAEdl6suJQ==", - "dependencies": { - "hast-to-hyperscript": "^9.0.0", - "property-information": "^5.0.0", - "web-namespaces": "^1.0.0", - "xtend": "^4.0.0", - "zwitch": "^1.0.0" - } - }, - "node_modules/hastscript": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/hastscript/-/hastscript-6.0.0.tgz", - "integrity": "sha512-nDM6bvd7lIqDUiYEiu5Sl/+6ReP0BMk/2f4U/Rooccxkj0P5nm+acM5PrGJ/t5I8qPGiqZSE6hVAwZEdZIvP4w==", - "dependencies": { - "@types/hast": "^2.0.0", - "comma-separated-tokens": "^1.0.0", - "hast-util-parse-selector": "^2.0.0", - "property-information": "^5.0.0", - "space-separated-tokens": "^1.0.0" - } - }, - "node_modules/html-void-elements": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/html-void-elements/-/html-void-elements-1.0.5.tgz", - "integrity": "sha512-uE/TxKuyNIcx44cIWnjr/rfIATDH7ZaOMmstu0CwhFG1Dunhlp4OC6/NMbhiwoq5BpW0ubi303qnEk/PZj614w==" - }, - "node_modules/inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "dependencies": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" - }, - "node_modules/inline-style-parser": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/inline-style-parser/-/inline-style-parser-0.1.1.tgz", - "integrity": "sha512-7NXolsK4CAS5+xvdj5OMMbI962hU/wvwoxk+LWR9Ek9bVtyuuYScDN6eS0rUm6TxApFpw7CX1o4uJzcd4AyD3Q==" - }, - "node_modules/is-alphabetical": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/is-alphabetical/-/is-alphabetical-1.0.4.tgz", - "integrity": "sha512-DwzsA04LQ10FHTZuL0/grVDk4rFoVH1pjAToYwBrHSxcrBIGQuXrQMtD5U1b0U2XVgKZCTLLP8u2Qxqhy3l2Vg==" - }, - "node_modules/is-alphanumerical": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/is-alphanumerical/-/is-alphanumerical-1.0.4.tgz", - "integrity": "sha512-UzoZUr+XfVz3t3v4KyGEniVL9BDRoQtY7tOyrRybkVNjDFWyo1yhXNGrrBTQxp3ib9BLAWs7k2YKBQsFRkZG9A==", - "dependencies": { - "is-alphabetical": "^1.0.0", - "is-decimal": "^1.0.0" - } - }, - "node_modules/is-buffer": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-2.0.5.tgz", - "integrity": "sha512-i2R6zNFDwgEHJyQUtJEk0XFi1i0dPFn/oqjK3/vPCcDeJvW5NQ83V8QbicfF1SupOaB0h8ntgBC2YiE7dfyctQ==", - "engines": { - "node": ">=4" - } - }, - "node_modules/is-core-module": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.2.0.tgz", - "integrity": "sha512-XRAfAdyyY5F5cOXn7hYQDqh2Xmii+DEfIcQGxK/uNwMHhIkPWO0g8msXcbzLe+MpGoR951MlqM/2iIlU4vKDdQ==", - "dependencies": { - "has": "^1.0.3" - } - }, - "node_modules/is-decimal": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/is-decimal/-/is-decimal-1.0.4.tgz", - "integrity": "sha512-RGdriMmQQvZ2aqaQq3awNA6dCGtKpiDFcOzrTWrDAT2MiWrKQVPmxLGHl7Y2nNu6led0kEyoX0enY0qXYsv9zw==" - }, - "node_modules/is-hexadecimal": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/is-hexadecimal/-/is-hexadecimal-1.0.4.tgz", - "integrity": "sha512-gyPJuv83bHMpocVYoqof5VDiZveEoGoFL8m3BXNb2VW8Xs+rz9kqO8LOQ5DH6EsuvilT1ApazU0pyl+ytbPtlw==" - }, - "node_modules/is-plain-obj": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-2.1.0.tgz", - "integrity": "sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==", - "engines": { - "node": ">=8" - } - }, - "node_modules/is-whitespace-character": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/is-whitespace-character/-/is-whitespace-character-1.0.4.tgz", - "integrity": "sha512-SDweEzfIZM0SJV0EUga669UTKlmL0Pq8Lno0QDQsPnvECB3IM2aP0gdx5TrU0A01MAPfViaZiI2V1QMZLaKK5w==" - }, - "node_modules/is-word-character": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/is-word-character/-/is-word-character-1.0.4.tgz", - "integrity": "sha512-5SMO8RVennx3nZrqtKwCGyyetPE9VDba5ugvKLaD4KopPG5kR4mQ7tNt/r7feL5yt5h3lpuBbIUmCOG2eSzXHA==" - }, - "node_modules/js-tokens": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", - "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==" - }, - "node_modules/js2xmlparser": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/js2xmlparser/-/js2xmlparser-4.0.1.tgz", - "integrity": "sha512-KrPTolcw6RocpYjdC7pL7v62e55q7qOMHvLX1UCLc5AAS8qeJ6nukarEJAF2KL2PZxlbGueEbINqZR2bDe/gUw==", - "dependencies": { - "xmlcreate": "^2.0.3" - } - }, - "node_modules/jsdoc": { - "version": "3.6.3", - "resolved": "https://registry.npmjs.org/jsdoc/-/jsdoc-3.6.3.tgz", - "integrity": "sha512-Yf1ZKA3r9nvtMWHO1kEuMZTlHOF8uoQ0vyo5eH7SQy5YeIiHM+B0DgKnn+X6y6KDYZcF7G2SPkKF+JORCXWE/A==", - "dependencies": { - "@babel/parser": "^7.4.4", - "bluebird": "^3.5.4", - "catharsis": "^0.8.11", - "escape-string-regexp": "^2.0.0", - "js2xmlparser": "^4.0.0", - "klaw": "^3.0.0", - "markdown-it": "^8.4.2", - "markdown-it-anchor": "^5.0.2", - "marked": "^0.7.0", - "mkdirp": "^0.5.1", - "requizzle": "^0.2.3", - "strip-json-comments": "^3.0.1", - "taffydb": "2.6.2", - "underscore": "~1.9.1" - }, - "bin": { - "jsdoc": "jsdoc.js" - }, - "engines": { - "node": ">=8.15.0" - } - }, - "node_modules/jsdoc-api": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/jsdoc-api/-/jsdoc-api-5.0.4.tgz", - "integrity": "sha512-1KMwLnfo0FyhF06TQKzqIm8BiY1yoMIGICxRdJHUjzskaHMzHMmpLlmNFgzoa4pAC8t1CDPK5jWuQTvv1pBsEQ==", - "dependencies": { - "array-back": "^4.0.0", - "cache-point": "^1.0.0", - "collect-all": "^1.0.3", - "file-set": "^2.0.1", - "fs-then-native": "^2.0.0", - "jsdoc": "^3.6.3", - "object-to-spawn-args": "^1.1.1", - "temp-path": "^1.0.0", - "walk-back": "^3.0.1" - }, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/jsdoc-api/node_modules/file-set": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/file-set/-/file-set-2.0.1.tgz", - "integrity": "sha512-XgOUUpgR6FbbfYcniLw0qm1Am7PnNYIAkd+eXxRt42LiYhjaso0WiuQ+VmrNdtwotyM+cLCfZ56AZrySP3QnKA==", - "dependencies": { - "array-back": "^2.0.0", - "glob": "^7.1.3" - } - }, - "node_modules/jsdoc-api/node_modules/file-set/node_modules/array-back": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-2.0.0.tgz", - "integrity": "sha512-eJv4pLLufP3g5kcZry0j6WXpIbzYw9GUB4mVJZno9wfwiBxbizTnHCw3VJb07cBihbFX48Y7oSrW9y+gt4glyw==", - "dependencies": { - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/jsdoc-api/node_modules/walk-back": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/walk-back/-/walk-back-3.0.1.tgz", - "integrity": "sha512-umiNB2qLO731Sxbp6cfZ9pwURJzTnftxE4Gc7hq8n/ehkuXC//s9F65IEIJA2ZytQZ1ZOsm/Fju4IWx0bivkUQ==", - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/jsdoc-parse": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/jsdoc-parse/-/jsdoc-parse-4.0.1.tgz", - "integrity": "sha512-qIObw8yqYZjrP2qxWROB5eLQFLTUX2jRGLhW9hjo2CC2fQVlskidCIzjCoctwsDvauBp2a/lR31jkSleczSo8Q==", - "dependencies": { - "array-back": "^4.0.0", - "lodash.omit": "^4.5.0", - "lodash.pick": "^4.4.0", - "reduce-extract": "^1.0.0", - "sort-array": "^2.0.0", - "test-value": "^3.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jsdoc-to-markdown": { - "version": "5.0.3", - "resolved": "https://registry.npmjs.org/jsdoc-to-markdown/-/jsdoc-to-markdown-5.0.3.tgz", - "integrity": "sha512-tQv5tBV0fTYidRQtE60lJKxE98mmuLcYuITFDKQiDPE9hGccpeEGUNFcVkInq1vigyuPnZmt79bQ8wv2GKjY0Q==", - "dependencies": { - "array-back": "^4.0.1", - "command-line-tool": "^0.8.0", - "config-master": "^3.1.0", - "dmd": "^4.0.5", - "jsdoc-api": "^5.0.4", - "jsdoc-parse": "^4.0.1", - "walk-back": "^4.0.0" - }, - "bin": { - "jsdoc2md": "bin/cli.js" - }, - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/jsdoc/node_modules/escape-string-regexp": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", - "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==", - "engines": { - "node": ">=8" - } - }, - "node_modules/jsesc": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", - "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", - "bin": { - "jsesc": "bin/jsesc" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/json5": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.3.tgz", - "integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==", - "dependencies": { - "minimist": "^1.2.5" - }, - "bin": { - "json5": "lib/cli.js" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/jsonfile": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", - "integrity": "sha1-h3Gq4HmbZAdrdmQPygWPnBDjPss=", - "dependencies": { - "graceful-fs": "^4.1.6" - } - }, - "node_modules/klaw": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/klaw/-/klaw-3.0.0.tgz", - "integrity": "sha512-0Fo5oir+O9jnXu5EefYbVK+mHMBeEVEy2cmctR1O1NECcCkPRreJKrS6Qt/j3KC2C148Dfo9i3pCmCMsdqGr0g==", - "dependencies": { - "graceful-fs": "^4.1.9" - } - }, - "node_modules/linkify-it": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-2.2.0.tgz", - "integrity": "sha512-GnAl/knGn+i1U/wjBz3akz2stz+HrHLsxMwHQGofCDfPvlf+gDKN58UtfmUquTY4/MXeE2x7k19KQmeoZi94Iw==", - "dependencies": { - "uc.micro": "^1.0.1" - } - }, - "node_modules/lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" - }, - "node_modules/lodash.camelcase": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", - "integrity": "sha1-soqmKIorn8ZRA1x3EfZathkDMaY=" - }, - "node_modules/lodash.omit": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.omit/-/lodash.omit-4.5.0.tgz", - "integrity": "sha1-brGa5aHuHdnfC5aeZs4Lf6MLXmA=" - }, - "node_modules/lodash.padend": { - "version": "4.6.1", - "resolved": "https://registry.npmjs.org/lodash.padend/-/lodash.padend-4.6.1.tgz", - "integrity": "sha1-U8y6BH0G4VjTEfRdpiX05J5vFm4=" - }, - "node_modules/lodash.pick": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/lodash.pick/-/lodash.pick-4.4.0.tgz", - "integrity": "sha1-UvBWEP/53tQiYRRB7R/BI6AwAbM=" - }, - "node_modules/lodash.uniq": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz", - "integrity": "sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=" - }, - "node_modules/markdown-escapes": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/markdown-escapes/-/markdown-escapes-1.0.4.tgz", - "integrity": "sha512-8z4efJYk43E0upd0NbVXwgSTQs6cT3T06etieCMEg7dRbzCbxUCK/GHlX8mhHRDcp+OLlHkPKsvqQTCvsRl2cg==" - }, - "node_modules/markdown-it": { - "version": "8.4.2", - "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-8.4.2.tgz", - "integrity": "sha512-GcRz3AWTqSUphY3vsUqQSFMbgR38a4Lh3GWlHRh/7MRwz8mcu9n2IO7HOh+bXHrR9kOPDl5RNCaEsrneb+xhHQ==", - "dependencies": { - "argparse": "^1.0.7", - "entities": "~1.1.1", - "linkify-it": "^2.0.0", - "mdurl": "^1.0.1", - "uc.micro": "^1.0.5" - }, - "bin": { - "markdown-it": "bin/markdown-it.js" - } - }, - "node_modules/markdown-it-anchor": { - "version": "5.2.5", - "resolved": "https://registry.npmjs.org/markdown-it-anchor/-/markdown-it-anchor-5.2.5.tgz", - "integrity": "sha512-xLIjLQmtym3QpoY9llBgApknl7pxAcN3WDRc2d3rwpl+/YvDZHPmKscGs+L6E05xf2KrCXPBvosWt7MZukwSpQ==" - }, - "node_modules/marked": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/marked/-/marked-0.7.0.tgz", - "integrity": "sha512-c+yYdCZJQrsRjTPhUx7VKkApw9bwDkNbHUKo1ovgcfDjb2kc8rLuRbIFyXL5WOEUwzSSKo3IXpph2K6DqB/KZg==", - "bin": { - "marked": "bin/marked" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/mdast-squeeze-paragraphs": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/mdast-squeeze-paragraphs/-/mdast-squeeze-paragraphs-4.0.0.tgz", - "integrity": "sha512-zxdPn69hkQ1rm4J+2Cs2j6wDEv7O17TfXTJ33tl/+JPIoEmtV9t2ZzBM5LPHE8QlHsmVD8t3vPKCyY3oH+H8MQ==", - "dependencies": { - "unist-util-remove": "^2.0.0" - } - }, - "node_modules/mdast-util-definitions": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/mdast-util-definitions/-/mdast-util-definitions-4.0.0.tgz", - "integrity": "sha512-k8AJ6aNnUkB7IE+5azR9h81O5EQ/cTDXtWdMq9Kk5KcEW/8ritU5CeLg/9HhOC++nALHBlaogJ5jz0Ybk3kPMQ==", - "dependencies": { - "unist-util-visit": "^2.0.0" - } - }, - "node_modules/mdast-util-to-hast": { - "version": "10.0.1", - "resolved": "https://registry.npmjs.org/mdast-util-to-hast/-/mdast-util-to-hast-10.0.1.tgz", - "integrity": "sha512-BW3LM9SEMnjf4HXXVApZMt8gLQWVNXc3jryK0nJu/rOXPOnlkUjmdkDlmxMirpbU9ILncGFIwLH/ubnWBbcdgA==", - "dependencies": { - "@types/mdast": "^3.0.0", - "@types/unist": "^2.0.0", - "mdast-util-definitions": "^4.0.0", - "mdurl": "^1.0.0", - "unist-builder": "^2.0.0", - "unist-util-generated": "^1.0.0", - "unist-util-position": "^3.0.0", - "unist-util-visit": "^2.0.0" - } - }, - "node_modules/mdurl": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-1.0.1.tgz", - "integrity": "sha1-/oWy7HWlkDfyrf7BAP1sYBdhFS4=" - }, - "node_modules/minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" - }, - "node_modules/mkdirp": { - "version": "0.5.3", - "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.3.tgz", - "integrity": "sha512-P+2gwrFqx8lhew375MQHHeTlY8AuOJSrGf0R5ddkEndUkmwpgUob/vQuBD1V22/Cw1/lJr4x+EjllSezBThzBg==", - "dependencies": { - "minimist": "^1.2.5" - }, - "bin": { - "mkdirp": "bin/cmd.js" - } - }, - "node_modules/mkdirp2": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/mkdirp2/-/mkdirp2-1.0.4.tgz", - "integrity": "sha512-Q2PKB4ZR4UPtjLl76JfzlgSCUZhSV1AXQgAZa1qt5RiaALFjP/CDrGvFBrOz7Ck6McPcwMAxTsJvWOUjOU8XMw==" - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "node_modules/neo-async": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.1.tgz", - "integrity": "sha512-iyam8fBuCUpWeKPGpaNMetEocMt364qkCsfL9JuhjXX6dRnguRVOfk2GZaDpPjcOKiiXCPINZC1GczQ7iTq3Zw==" - }, - "node_modules/object-get": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/object-get/-/object-get-2.1.1.tgz", - "integrity": "sha512-7n4IpLMzGGcLEMiQKsNR7vCe+N5E9LORFrtNUVy4sO3dj9a3HedZCxEL2T7QuLhcHN1NBuBsMOKaOsAYI9IIvg==" - }, - "node_modules/object-to-spawn-args": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/object-to-spawn-args/-/object-to-spawn-args-1.1.1.tgz", - "integrity": "sha1-d9qIJ/Bz0BHJ4bFz+JV4FHAkZ4U=" - }, - "node_modules/once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "dependencies": { - "wrappy": "1" - } - }, - "node_modules/optimist": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", - "integrity": "sha1-2j6nRob6IaGaERwybpDrFaAZZoY=", - "dependencies": { - "minimist": "~0.0.1", - "wordwrap": "~0.0.2" - } - }, - "node_modules/optimist/node_modules/minimist": { - "version": "0.0.10", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz", - "integrity": "sha1-3j+YVD2/lggr5IrRoMfNqDYwHc8=" - }, - "node_modules/parse-entities": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/parse-entities/-/parse-entities-2.0.0.tgz", - "integrity": "sha512-kkywGpCcRYhqQIchaWqZ875wzpS/bMKhz5HnN3p7wveJTkTtyAB/AlnS0f8DFSqYW1T82t6yEAkEcB+A1I3MbQ==", - "dependencies": { - "character-entities": "^1.0.0", - "character-entities-legacy": "^1.0.0", - "character-reference-invalid": "^1.0.0", - "is-alphanumerical": "^1.0.0", - "is-decimal": "^1.0.0", - "is-hexadecimal": "^1.0.0" - } - }, - "node_modules/path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/path-parse": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", - "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==" - }, - "node_modules/property-information": { - "version": "5.6.0", - "resolved": "https://registry.npmjs.org/property-information/-/property-information-5.6.0.tgz", - "integrity": "sha512-YUHSPk+A30YPv+0Qf8i9Mbfe/C0hdPXk1s1jPVToV8pk8BQtpw10ct89Eo7OWkutrwqvT0eicAxlOg3dOAu8JA==", - "dependencies": { - "xtend": "^4.0.0" - } - }, - "node_modules/reduce-extract": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/reduce-extract/-/reduce-extract-1.0.0.tgz", - "integrity": "sha1-Z/I4W+2mUGG19fQxJmLosIDKFSU=", - "dependencies": { - "test-value": "^1.0.1" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/reduce-extract/node_modules/array-back": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-1.0.4.tgz", - "integrity": "sha1-ZEun8JX3/898Q7Xw3DnTwfA8Bjs=", - "dependencies": { - "typical": "^2.6.0" - }, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/reduce-extract/node_modules/test-value": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/test-value/-/test-value-1.1.0.tgz", - "integrity": "sha1-oJE29y7AQ9J8iTcHwrFZv6196T8=", - "dependencies": { - "array-back": "^1.0.2", - "typical": "^2.4.2" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/reduce-flatten": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/reduce-flatten/-/reduce-flatten-1.0.1.tgz", - "integrity": "sha1-JYx479FT3fk8tWEjf2EYTzaW4yc=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/reduce-unique": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/reduce-unique/-/reduce-unique-2.0.1.tgz", - "integrity": "sha512-x4jH/8L1eyZGR785WY+ePtyMNhycl1N2XOLxhCbzZFaqF4AXjLzqSxa2UHgJ2ZVR/HHyPOvl1L7xRnW8ye5MdA==", - "engines": { - "node": ">=6" - } - }, - "node_modules/reduce-without": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/reduce-without/-/reduce-without-1.0.1.tgz", - "integrity": "sha1-aK0OrRGFXJo31OglbBW7+Hly/Iw=", - "dependencies": { - "test-value": "^2.0.0" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/reduce-without/node_modules/array-back": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-1.0.4.tgz", - "integrity": "sha1-ZEun8JX3/898Q7Xw3DnTwfA8Bjs=", - "dependencies": { - "typical": "^2.6.0" - }, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/reduce-without/node_modules/test-value": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/test-value/-/test-value-2.1.0.tgz", - "integrity": "sha1-Edpv9nDzRxpztiXKTz/c97t0gpE=", - "dependencies": { - "array-back": "^1.0.3", - "typical": "^2.6.0" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/remark-footnotes": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/remark-footnotes/-/remark-footnotes-2.0.0.tgz", - "integrity": "sha512-3Clt8ZMH75Ayjp9q4CorNeyjwIxHFcTkaektplKGl2A1jNGEUey8cKL0ZC5vJwfcD5GFGsNLImLG/NGzWIzoMQ==" - }, - "node_modules/remark-mdx": { - "version": "1.6.22", - "resolved": "https://registry.npmjs.org/remark-mdx/-/remark-mdx-1.6.22.tgz", - "integrity": "sha512-phMHBJgeV76uyFkH4rvzCftLfKCr2RZuF+/gmVcaKrpsihyzmhXjA0BEMDaPTXG5y8qZOKPVo83NAOX01LPnOQ==", - "dependencies": { - "@babel/core": "7.12.9", - "@babel/helper-plugin-utils": "7.10.4", - "@babel/plugin-proposal-object-rest-spread": "7.12.1", - "@babel/plugin-syntax-jsx": "7.12.1", - "@mdx-js/util": "1.6.22", - "is-alphabetical": "1.0.4", - "remark-parse": "8.0.3", - "unified": "9.2.0" - } - }, - "node_modules/remark-parse": { - "version": "8.0.3", - "resolved": "https://registry.npmjs.org/remark-parse/-/remark-parse-8.0.3.tgz", - "integrity": "sha512-E1K9+QLGgggHxCQtLt++uXltxEprmWzNfg+MxpfHsZlrddKzZ/hZyWHDbK3/Ap8HJQqYJRXP+jHczdL6q6i85Q==", - "dependencies": { - "ccount": "^1.0.0", - "collapse-white-space": "^1.0.2", - "is-alphabetical": "^1.0.0", - "is-decimal": "^1.0.0", - "is-whitespace-character": "^1.0.0", - "is-word-character": "^1.0.0", - "markdown-escapes": "^1.0.0", - "parse-entities": "^2.0.0", - "repeat-string": "^1.5.4", - "state-toggle": "^1.0.0", - "trim": "0.0.1", - "trim-trailing-lines": "^1.0.0", - "unherit": "^1.0.4", - "unist-util-remove-position": "^2.0.0", - "vfile-location": "^3.0.0", - "xtend": "^4.0.1" - } - }, - "node_modules/remark-squeeze-paragraphs": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/remark-squeeze-paragraphs/-/remark-squeeze-paragraphs-4.0.0.tgz", - "integrity": "sha512-8qRqmL9F4nuLPIgl92XUuxI3pFxize+F1H0e/W3llTk0UsjJaj01+RrirkMw7P21RKe4X6goQhYRSvNWX+70Rw==", - "dependencies": { - "mdast-squeeze-paragraphs": "^4.0.0" - } - }, - "node_modules/repeat-string": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", - "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", - "engines": { - "node": ">=0.10" - } - }, - "node_modules/requizzle": { - "version": "0.2.3", - "resolved": "https://registry.npmjs.org/requizzle/-/requizzle-0.2.3.tgz", - "integrity": "sha512-YanoyJjykPxGHii0fZP0uUPEXpvqfBDxWV7s6GKAiiOsiqhX6vHNyW3Qzdmqp/iq/ExbhaGbVrjB4ruEVSM4GQ==", - "dependencies": { - "lodash": "^4.17.14" - } - }, - "node_modules/resolve": { - "version": "1.19.0", - "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.19.0.tgz", - "integrity": "sha512-rArEXAgsBG4UgRGcynxWIWKFvh/XZCcS8UJdHhwy91zwAvCZIbcs+vAbflgBnNjYMs/i/i+/Ux6IZhML1yPvxg==", - "dependencies": { - "is-core-module": "^2.1.0", - "path-parse": "^1.0.6" - } - }, - "node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "node_modules/semver": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", - "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", - "bin": { - "semver": "bin/semver" - } - }, - "node_modules/sort-array": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/sort-array/-/sort-array-2.0.0.tgz", - "integrity": "sha1-OKnG2if9fRR7QuYFVPKBGHtN9HI=", - "dependencies": { - "array-back": "^1.0.4", - "object-get": "^2.1.0", - "typical": "^2.6.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/sort-array/node_modules/array-back": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-1.0.4.tgz", - "integrity": "sha1-ZEun8JX3/898Q7Xw3DnTwfA8Bjs=", - "dependencies": { - "typical": "^2.6.0" - }, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/source-map": { - "version": "0.5.7", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", - "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/space-separated-tokens": { - "version": "1.1.5", - "resolved": "https://registry.npmjs.org/space-separated-tokens/-/space-separated-tokens-1.1.5.tgz", - "integrity": "sha512-q/JSVd1Lptzhf5bkYm4ob4iWPjx0KiRe3sRFBNrVqbJkFaBm5vbbowy1mymoPNLRa52+oadOhJ+K49wsSeSjTA==" - }, - "node_modules/sprintf-js": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", - "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=" - }, - "node_modules/state-toggle": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/state-toggle/-/state-toggle-1.0.3.tgz", - "integrity": "sha512-d/5Z4/2iiCnHw6Xzghyhb+GcmF89bxwgXG60wjIiZaxnymbyOmI8Hk4VqHXiVVp6u2ysaskFfXg3ekCj4WNftQ==" - }, - "node_modules/stream-connect": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/stream-connect/-/stream-connect-1.0.2.tgz", - "integrity": "sha1-GLyB8u2zW4tdmoAJIAqYUxRCipc=", - "dependencies": { - "array-back": "^1.0.2" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stream-connect/node_modules/array-back": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-1.0.4.tgz", - "integrity": "sha1-ZEun8JX3/898Q7Xw3DnTwfA8Bjs=", - "dependencies": { - "typical": "^2.6.0" - }, - "engines": { - "node": ">=0.12.0" - } - }, - "node_modules/stream-via": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/stream-via/-/stream-via-1.0.4.tgz", - "integrity": "sha512-DBp0lSvX5G9KGRDTkR/R+a29H+Wk2xItOF+MpZLLNDWbEV9tGPnqLPxHEYjmiz8xGtJHRIqmI+hCjmNzqoA4nQ==", - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/strip-json-comments": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.0.1.tgz", - "integrity": "sha512-VTyMAUfdm047mwKl+u79WIdrZxtFtn+nBxHeb844XBQ9uMNTuTHdx2hc5RiAJYqwTj3wc/xe5HLSdJSkJ+WfZw==", - "engines": { - "node": ">=8" - } - }, - "node_modules/style-to-object": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/style-to-object/-/style-to-object-0.3.0.tgz", - "integrity": "sha512-CzFnRRXhzWIdItT3OmF8SQfWyahHhjq3HwcMNCNLn+N7klOOqPjMeG/4JSu77D7ypZdGvSzvkrbyeTMizz2VrA==", - "dependencies": { - "inline-style-parser": "0.1.1" - } - }, - "node_modules/supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "dependencies": { - "has-flag": "^3.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/table-layout": { - "version": "0.4.5", - "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-0.4.5.tgz", - "integrity": "sha512-zTvf0mcggrGeTe/2jJ6ECkJHAQPIYEwDoqsiqBjI24mvRmQbInK5jq33fyypaCBxX08hMkfmdOqj6haT33EqWw==", - "dependencies": { - "array-back": "^2.0.0", - "deep-extend": "~0.6.0", - "lodash.padend": "^4.6.1", - "typical": "^2.6.1", - "wordwrapjs": "^3.0.0" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/table-layout/node_modules/array-back": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-2.0.0.tgz", - "integrity": "sha512-eJv4pLLufP3g5kcZry0j6WXpIbzYw9GUB4mVJZno9wfwiBxbizTnHCw3VJb07cBihbFX48Y7oSrW9y+gt4glyw==", - "dependencies": { - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/taffydb": { - "version": "2.6.2", - "resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.6.2.tgz", - "integrity": "sha1-fLy2S1oUG2ou/CxdLGe04VCyomg=" - }, - "node_modules/temp-path": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/temp-path/-/temp-path-1.0.0.tgz", - "integrity": "sha1-JLFUOXOrRCiW2a02fdnL2/r+kYs=" - }, - "node_modules/test-value": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/test-value/-/test-value-3.0.0.tgz", - "integrity": "sha512-sVACdAWcZkSU9x7AOmJo5TqE+GyNJknHaHsMrR6ZnhjVlVN9Yx6FjHrsKZ3BjIpPCT68zYesPWkakrNupwfOTQ==", - "dependencies": { - "array-back": "^2.0.0", - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/test-value/node_modules/array-back": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/array-back/-/array-back-2.0.0.tgz", - "integrity": "sha512-eJv4pLLufP3g5kcZry0j6WXpIbzYw9GUB4mVJZno9wfwiBxbizTnHCw3VJb07cBihbFX48Y7oSrW9y+gt4glyw==", - "dependencies": { - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/to-fast-properties": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", - "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", - "engines": { - "node": ">=4" - } - }, - "node_modules/trim": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/trim/-/trim-0.0.1.tgz", - "integrity": "sha1-WFhUf2spB1fulczMZm+1AITEYN0=" - }, - "node_modules/trim-trailing-lines": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/trim-trailing-lines/-/trim-trailing-lines-1.1.4.tgz", - "integrity": "sha512-rjUWSqnfTNrjbB9NQWfPMH/xRK1deHeGsHoVfpxJ++XeYXE0d6B1En37AHfw3jtfTU7dzMzZL2jjpe8Qb5gLIQ==" - }, - "node_modules/trough": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/trough/-/trough-1.0.5.tgz", - "integrity": "sha512-rvuRbTarPXmMb79SmzEp8aqXNKcK+y0XaB298IXueQ8I2PsrATcPBCSPyK/dDNa2iWOhKlfNnOjdAOTBU/nkFA==" - }, - "node_modules/typical": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/typical/-/typical-2.6.1.tgz", - "integrity": "sha1-XAgOXWYcu+OCWdLnCjxyU+hziB0=" - }, - "node_modules/uc.micro": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz", - "integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==" - }, - "node_modules/uglify-js": { - "version": "3.8.0", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.8.0.tgz", - "integrity": "sha512-ugNSTT8ierCsDHso2jkBHXYrU8Y5/fY2ZUprfrJUiD7YpuFvV4jODLFmb3h4btQjqr5Nh4TX4XtgDfCU1WdioQ==", - "optional": true, - "dependencies": { - "commander": "~2.20.3", - "source-map": "~0.6.1" - }, - "bin": { - "uglifyjs": "bin/uglifyjs" - }, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/uglify-js/node_modules/commander": { - "version": "2.20.3", - "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", - "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==", - "optional": true - }, - "node_modules/uglify-js/node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "optional": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/underscore": { - "version": "1.9.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.9.2.tgz", - "integrity": "sha512-D39qtimx0c1fI3ya1Lnhk3E9nONswSKhnffBI0gME9C99fYOkNi04xs8K6pePLhvl1frbDemkaBQ5ikWllR2HQ==" - }, - "node_modules/unherit": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/unherit/-/unherit-1.1.3.tgz", - "integrity": "sha512-Ft16BJcnapDKp0+J/rqFC3Rrk6Y/Ng4nzsC028k2jdDII/rdZ7Wd3pPT/6+vIIxRagwRc9K0IUX0Ra4fKvw+WQ==", - "dependencies": { - "inherits": "^2.0.0", - "xtend": "^4.0.0" - } - }, - "node_modules/unified": { - "version": "9.2.0", - "resolved": "https://registry.npmjs.org/unified/-/unified-9.2.0.tgz", - "integrity": "sha512-vx2Z0vY+a3YoTj8+pttM3tiJHCwY5UFbYdiWrwBEbHmK8pvsPj2rtAX2BFfgXen8T39CJWblWRDT4L5WGXtDdg==", - "dependencies": { - "bail": "^1.0.0", - "extend": "^3.0.0", - "is-buffer": "^2.0.0", - "is-plain-obj": "^2.0.0", - "trough": "^1.0.0", - "vfile": "^4.0.0" - } - }, - "node_modules/unist-builder": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/unist-builder/-/unist-builder-2.0.3.tgz", - "integrity": "sha512-f98yt5pnlMWlzP539tPc4grGMsFaQQlP/vM396b00jngsiINumNmsY8rkXjfoi1c6QaM8nQ3vaGDuoKWbe/1Uw==" - }, - "node_modules/unist-util-generated": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/unist-util-generated/-/unist-util-generated-1.1.6.tgz", - "integrity": "sha512-cln2Mm1/CZzN5ttGK7vkoGw+RZ8VcUH6BtGbq98DDtRGquAAOXig1mrBQYelOwMXYS8rK+vZDyyojSjp7JX+Lg==" - }, - "node_modules/unist-util-is": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/unist-util-is/-/unist-util-is-4.0.4.tgz", - "integrity": "sha512-3dF39j/u423v4BBQrk1AQ2Ve1FxY5W3JKwXxVFzBODQ6WEvccguhgp802qQLKSnxPODE6WuRZtV+ohlUg4meBA==" - }, - "node_modules/unist-util-position": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/unist-util-position/-/unist-util-position-3.1.0.tgz", - "integrity": "sha512-w+PkwCbYSFw8vpgWD0v7zRCl1FpY3fjDSQ3/N/wNd9Ffa4gPi8+4keqt99N3XW6F99t/mUzp2xAhNmfKWp95QA==" - }, - "node_modules/unist-util-remove": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/unist-util-remove/-/unist-util-remove-2.0.1.tgz", - "integrity": "sha512-YtuetK6o16CMfG+0u4nndsWpujgsHDHHLyE0yGpJLLn5xSjKeyGyzEBOI2XbmoUHCYabmNgX52uxlWoQhcvR7Q==", - "dependencies": { - "unist-util-is": "^4.0.0" - } - }, - "node_modules/unist-util-remove-position": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/unist-util-remove-position/-/unist-util-remove-position-2.0.1.tgz", - "integrity": "sha512-fDZsLYIe2uT+oGFnuZmy73K6ZxOPG/Qcm+w7jbEjaFcJgbQ6cqjs/eSPzXhsmGpAsWPkqZM9pYjww5QTn3LHMA==", - "dependencies": { - "unist-util-visit": "^2.0.0" - } - }, - "node_modules/unist-util-stringify-position": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/unist-util-stringify-position/-/unist-util-stringify-position-2.0.3.tgz", - "integrity": "sha512-3faScn5I+hy9VleOq/qNbAd6pAx7iH5jYBMS9I1HgQVijz/4mv5Bvw5iw1sC/90CODiKo81G/ps8AJrISn687g==", - "dependencies": { - "@types/unist": "^2.0.2" - } - }, - "node_modules/unist-util-visit": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/unist-util-visit/-/unist-util-visit-2.0.3.tgz", - "integrity": "sha512-iJ4/RczbJMkD0712mGktuGpm/U4By4FfDonL7N/9tATGIF4imikjOuagyMY53tnZq3NP6BcmlrHhEKAfGWjh7Q==", - "dependencies": { - "@types/unist": "^2.0.0", - "unist-util-is": "^4.0.0", - "unist-util-visit-parents": "^3.0.0" - } - }, - "node_modules/unist-util-visit-parents": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/unist-util-visit-parents/-/unist-util-visit-parents-3.1.1.tgz", - "integrity": "sha512-1KROIZWo6bcMrZEwiH2UrXDyalAa0uqzWCxCJj6lPOvTve2WkfgCytoDTPaMnodXh1WrXOq0haVYHj99ynJlsg==", - "dependencies": { - "@types/unist": "^2.0.0", - "unist-util-is": "^4.0.0" - } - }, - "node_modules/universalify": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", - "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==", - "engines": { - "node": ">= 4.0.0" - } - }, - "node_modules/vfile": { - "version": "4.2.1", - "resolved": "https://registry.npmjs.org/vfile/-/vfile-4.2.1.tgz", - "integrity": "sha512-O6AE4OskCG5S1emQ/4gl8zK586RqA3srz3nfK/Viy0UPToBc5Trp9BVFb1u0CjsKrAWwnpr4ifM/KBXPWwJbCA==", - "dependencies": { - "@types/unist": "^2.0.0", - "is-buffer": "^2.0.0", - "unist-util-stringify-position": "^2.0.0", - "vfile-message": "^2.0.0" - } - }, - "node_modules/vfile-location": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/vfile-location/-/vfile-location-3.2.0.tgz", - "integrity": "sha512-aLEIZKv/oxuCDZ8lkJGhuhztf/BW4M+iHdCwglA/eWc+vtuRFJj8EtgceYFX4LRjOhCAAiNHsKGssC6onJ+jbA==" - }, - "node_modules/vfile-message": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/vfile-message/-/vfile-message-2.0.4.tgz", - "integrity": "sha512-DjssxRGkMvifUOJre00juHoP9DPWuzjxKuMDrhNbk2TdaYYBNMStsNhEOt3idrtI12VQYM/1+iM0KOzXi4pxwQ==", - "dependencies": { - "@types/unist": "^2.0.0", - "unist-util-stringify-position": "^2.0.0" - } - }, - "node_modules/walk-back": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/walk-back/-/walk-back-4.0.0.tgz", - "integrity": "sha512-kudCA8PXVQfrqv2mFTG72vDBRi8BKWxGgFLwPpzHcpZnSwZk93WMwUDVcLHWNsnm+Y0AC4Vb6MUNRgaHfyV2DQ==", - "engines": { - "node": ">=8.0.0" - } - }, - "node_modules/web-namespaces": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/web-namespaces/-/web-namespaces-1.1.4.tgz", - "integrity": "sha512-wYxSGajtmoP4WxfejAPIr4l0fVh+jeMXZb08wNc0tMg6xsfZXj3cECqIK0G7ZAqUq0PP8WlMDtaOGVBTAWztNw==" - }, - "node_modules/wordwrap": { - "version": "0.0.3", - "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz", - "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc=", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/wordwrapjs": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/wordwrapjs/-/wordwrapjs-3.0.0.tgz", - "integrity": "sha512-mO8XtqyPvykVCsrwj5MlOVWvSnCdT+C+QVbm6blradR7JExAhbkZ7hZ9A+9NUtwzSqrlUo9a67ws0EiILrvRpw==", - "dependencies": { - "reduce-flatten": "^1.0.1", - "typical": "^2.6.1" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" - }, - "node_modules/xmlcreate": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/xmlcreate/-/xmlcreate-2.0.3.tgz", - "integrity": "sha512-HgS+X6zAztGa9zIK3Y3LXuJes33Lz9x+YyTxgrkIdabu2vqcGOWwdfCpf1hWLRrd553wd4QCDf6BBO6FfdsRiQ==" - }, - "node_modules/xtend": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz", - "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==", - "engines": { - "node": ">=0.4" - } - }, - "node_modules/zwitch": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/zwitch/-/zwitch-1.0.5.tgz", - "integrity": "sha512-V50KMwwzqJV0NpZIZFwfOD5/lyny3WlSzRiXgA0G7VUnRlqttta1L6UQIHzd6EuBY/cHGfwTIck7w1yH6Q5zUw==" - } - }, "dependencies": { "@babel/code-frame": { "version": "7.10.4", From 8eac3a0109a1267cedf520cb9be09d496e852564 Mon Sep 17 00:00:00 2001 From: ChanochShayner <57212002+ChanochShayner@users.noreply.github.com> Date: Thu, 26 Aug 2021 13:20:21 +0300 Subject: [PATCH 042/173] Unit42 sub-techniques (#14524) * add parent to the sub thecnique name * remove unrelated files * RN * version * version * Add UTs * Fix UT --- .../Integrations/FeedUnit42v2/FeedUnit42v2.py | 4 + .../FeedUnit42v2/FeedUnit42v2_test.py | 10 +- .../FeedUnit42v2/test_data/feed_data.py | 91 ++++++++++++++++++- Packs/FeedUnit42v2/ReleaseNotes/1_0_2.md | 4 + Packs/FeedUnit42v2/pack_metadata.json | 2 +- 5 files changed, 105 insertions(+), 6 deletions(-) create mode 100644 Packs/FeedUnit42v2/ReleaseNotes/1_0_2.md diff --git a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.py b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.py index f2bc463bcc84..b1391de7ee69 100644 --- a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.py +++ b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.py @@ -311,6 +311,10 @@ def get_attack_id_and_value_from_name(attack_indicator): idx = ind_name.index(':') ind_id = ind_name[:idx] value = ind_name[idx + 2:] + + if attack_indicator.get('x_mitre_is_subtechnique'): + value = attack_indicator.get('x_panw_parent_technique_subtechnique') + return ind_id, value diff --git a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2_test.py b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2_test.py index ddf7da7091fd..4e0317d8ad08 100644 --- a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2_test.py +++ b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2_test.py @@ -8,7 +8,7 @@ from test_data.feed_data import INDICATORS_DATA, ATTACK_PATTERN_DATA, MALWARE_DATA, RELATIONSHIP_DATA, REPORTS_DATA, \ REPORTS_INDICATORS, ID_TO_OBJECT, INDICATORS_RESULT, CAMPAIGN_RESPONSE, CAMPAIGN_INDICATOR, COURSE_OF_ACTION_DATA, \ PUBLICATIONS, ATTACK_PATTERN_INDICATOR, COURSE_OF_ACTION_INDICATORS, RELATIONSHIP_OBJECTS, INTRUSION_SET_DATA, \ - DUMMY_INDICATOR_WITH_RELATIONSHIP_LIST, STIX_ATTACK_PATTERN_INDICATOR + DUMMY_INDICATOR_WITH_RELATIONSHIP_LIST, STIX_ATTACK_PATTERN_INDICATOR, SUB_TECHNIQUE_INDICATOR, SUB_TECHNIQUE_DATA @pytest.mark.parametrize('command, args, response, length', [ @@ -131,7 +131,10 @@ def test_get_indicator_publication(): @pytest.mark.parametrize('indicator_name, expected_result', [ - ({"name": "T1564.004: NTFS File Attributes"}, ("T1564.004", "NTFS File Attributes")), + ({"name": "T1564.004: NTFS File Attributes", + "x_mitre_is_subtechnique": True, + "x_panw_parent_technique_subtechnique": "Hide Artifacts: NTFS File Attributes"}, + ("T1564.004", "Hide Artifacts: NTFS File Attributes")), ({"name": "T1078: Valid Accounts"}, ("T1078", "Valid Accounts")) ]) def test_get_attack_id_and_value_from_name(indicator_name, expected_result): @@ -198,6 +201,7 @@ def test_create_attack_pattern_indicator(): """ assert create_attack_pattern_indicator(ATTACK_PATTERN_DATA, [], '', True) == ATTACK_PATTERN_INDICATOR assert create_attack_pattern_indicator(ATTACK_PATTERN_DATA, [], '', False) == STIX_ATTACK_PATTERN_INDICATOR + assert create_attack_pattern_indicator(SUB_TECHNIQUE_DATA, [], '', True) == SUB_TECHNIQUE_INDICATOR def test_create_course_of_action_indicators(): @@ -240,6 +244,8 @@ def test_get_ioc_value(): assert get_ioc_value('indicator--01a5a209-b94c-450b-b7f9-946497d91055', ID_TO_OBJECT) == 'T111: Software Discovery' assert get_ioc_value('indicator--fd0da09e-a0b2-4018-9476-1a7edd809b59', ID_TO_OBJECT) == 'Deploy XSOAR Playbook' assert get_ioc_value('report--0f86dccd-29bd-46c6-83fd-e79ba040bf0', ID_TO_OBJECT) == '[Unit42 ATOM] Maze Ransomware' + assert get_ioc_value('attack-pattern--4bed873f-0b7d-41d4-b93a-b6905d1f90b0', + ID_TO_OBJECT) == "Virtualization/Sandbox Evasion: Time Based Evasion" def test_create_list_relationships(): diff --git a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/test_data/feed_data.py b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/test_data/feed_data.py index fb5b9af2af08..ac2d35d4a9ce 100644 --- a/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/test_data/feed_data.py +++ b/Packs/FeedUnit42v2/Integrations/FeedUnit42v2/test_data/feed_data.py @@ -84,6 +84,68 @@ "x_mitre_version": "1.0"} ] +SUB_TECHNIQUE_DATA = [ + { + "type": "attack-pattern", + "id": "attack-pattern--4bed873f-0b7d-41d4-b93a-b6905d1f90b0", + "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", + "created": "2020-03-06T21:11:11.225Z", + "modified": "2021-04-01T15:48:28.345Z", + "name": "T1497.003: Time Based Evasion", + "description": "Adversaries may employ various time-based methods to detect and avoid virtualization.", + "kill_chain_phases": [], + "external_references": [ + { + "source_name": "mitre-attack", + "url": "https://attack.mitre.org/techniques/T1497/003", + "external_id": "T1497.003" + } + ], + "object_marking_refs": [ + "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" + ], + "x_mitre_detection": "Time-based evasion will likely occur in the first steps of an operation.", + "x_mitre_platforms": [ + "Linux", + "macOS", + "Windows" + ], + "x_mitre_data_sources": [ + "Command: Command Execution", + "Process: OS API Execution", + "Process: Process Creation" + ], + "x_mitre_is_subtechnique": 'true', + "x_mitre_defense_bypassed": [ + "Anti-virus", + "Host forensic analysis", + "Signature-based detection", + "Static File Analysis" + ], + "x_mitre_contributors": [ + "Deloitte Threat Library Team" + ], + "x_mitre_version": "1.1", + "x_panw_parent_technique": "Virtualization/Sandbox Evasion", + "x_panw_parent_technique_subtechnique": "Virtualization/Sandbox Evasion: Time Based Evasion" + } +] + +SUB_TECHNIQUE_INDICATOR = [{'fields': {'description': 'Adversaries may employ various time-based methods ' + 'to detect and avoid virtualization.', + 'firstseenbysource': '2020-03-06T21:11:11.225Z', + 'killchainphases': [], + 'mitreid': 'T1497.003', + 'modified': '2021-04-01T15:48:28.345Z', + 'operatingsystemrefs': ['Linux', 'macOS', 'Windows'], + 'publications': [], + 'reportedby': 'Unit42', + 'stixid': 'attack-pattern--4bed873f-0b7d-41d4-b93a-b6905d1f90b0', + 'tags': ['T1497.003']}, + 'score': 2, + 'type': 'Attack Pattern', + 'value': 'Virtualization/Sandbox Evasion: Time Based Evasion'}] + MALWARE_DATA = [ {"created": "2019-10-11T16:13:15.086Z", "description": " Xbash is an all-in-one Linux malware formed botnet and ransomware developed by Iron cybercrime" @@ -117,7 +179,11 @@ {"created": "2019-10-11T18:43:46.039Z", "id": "relationship--001323c2-fc4f-4d4a-914c-2d556fc585a8", "modified": "2020-05-12T13:02:30.000000Z", "relationship_type": "indicates", "source_ref": "indicator--0025039e-f0b5-4ad2-aaab-5374fe3734be", - "target_ref": "malware--00811855-d9b9-420d-9bd6-8fd63fbd335a", "type": "relationship"} + "target_ref": "malware--00811855-d9b9-420d-9bd6-8fd63fbd335a", "type": "relationship"}, + {"created": "2019-10-11T18:43:46.039Z", "id": "relationship--001323c2-fc4f-4d4a-914c-2d556fc585a8", + "modified": "2020-05-12T13:02:30.000000Z", "relationship_type": "indicates", + "source_ref": "indicator--0025039e-f0b5-4ad2-aaab-5374fe3734be", + "target_ref": 'attack-pattern--4bed873f-0b7d-41d4-b93a-b6905d1f90b0', "type": "relationship"} ] RELATIONSHIP_OBJECTS = [{'entityA': 'http://91.218.114.31/yyxtqylcto', @@ -141,7 +207,19 @@ 'lastseenbysource': '2020-05-12T13:02:30.000000Z'}, 'name': 'indicated-by', 'reverseName': 'indicator-of', - 'type': 'IndicatorToIndicator'}] + 'type': 'IndicatorToIndicator'}, + {'entityA': '92.63.32.52', + 'entityAFamily': 'Indicator', + 'entityAType': 'IP', + 'entityB': 'Virtualization/Sandbox Evasion: Time Based Evasion', + 'entityBFamily': 'Indicator', + 'entityBType': 'Attack Pattern', + 'fields': {'firstseenbysource': '2019-10-11T18:43:46.039Z', + 'lastseenbysource': '2020-05-12T13:02:30.000000Z'}, + 'name': 'indicated-by', + 'reverseName': 'indicator-of', + 'type': 'IndicatorToIndicator'} + ] ID_TO_OBJ_RELATIONS = { "indicator--010bb9ad-5686-485d-97e5-93c2187e56ce": { @@ -290,6 +368,13 @@ "type": "malware", "id": "malware--53e619f7-936e-4f40-b518-9d3000102d44", "name": "Maze", + }, + "attack-pattern--4bed873f-0b7d-41d4-b93a-b6905d1f90b0": { + "type": "attack-pattern", + "id": "attack-pattern--4bed873f-0b7d-41d4-b93a-b6905d1f90b0", + "name": "T1497.003: Time Based Evasion", + "x_mitre_is_subtechnique": True, + "x_panw_parent_technique_subtechnique": "Virtualization/Sandbox Evasion: Time Based Evasion" } } @@ -449,7 +534,7 @@ 'lastseenbysource': '2020-05-12T13:02:30.000000Z'}, 'name': 'indicated-by', 'reverseName': 'indicator-of', - 'type': 'IndicatorToIndicator'}], + 'type': 'IndicatorToIndicator'}, {}], 'value': '$$DummyIndicator$$'} INTRUSION_SET_DATA = [ diff --git a/Packs/FeedUnit42v2/ReleaseNotes/1_0_2.md b/Packs/FeedUnit42v2/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..7dd6abe66d9d --- /dev/null +++ b/Packs/FeedUnit42v2/ReleaseNotes/1_0_2.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Unit42 v2 Feed +- **Breaking changes**: Added to the sub-technique, Attack Pattern, the prefix of the parent technique. diff --git a/Packs/FeedUnit42v2/pack_metadata.json b/Packs/FeedUnit42v2/pack_metadata.json index 7040decf025f..e7b5b0e39045 100644 --- a/Packs/FeedUnit42v2/pack_metadata.json +++ b/Packs/FeedUnit42v2/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Unit42 v2 Feed", "description": "Unit42 feed of published IOCs which contains malicious indicators.", "support": "xsoar", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 49a9126de5978a611f1e9a7ee501427b02baecf0 Mon Sep 17 00:00:00 2001 From: tomer-pan <81556849+tomer-pan@users.noreply.github.com> Date: Thu, 26 Aug 2021 14:31:43 +0300 Subject: [PATCH 043/173] Phishing - fixing dt + updating EWS/Gmail mappers (#14498) * Strip labels and fix mail body dt script. * Strip labels and fix mail body dt script. * Adding fields to EWS mapper * Fix dt on main playbook v5 * Changing Playbook inputs on "Process Email - Generic" from labels to fields * Adding fields to Gmail mapper * fixing EWS mapper name * Phishing release notes * Gmail release notes * EWS release notes * fixing EWS mapper id * fix playbook id * fix dt * revert field to label in V6 playbook * revert playbook inputs fields to labels in process email generic playbook * release notes * minor fix * Update 2_4_1.md Co-authored-by: Richard Bluestone <53567272+richardbluestone@users.noreply.github.com> --- .../classifier-mapper-incoming-EWS_v2.json | 714 +++++++++--------- Packs/EWS/ReleaseNotes/1_9_2.md | 4 + Packs/EWS/pack_metadata.json | 2 +- ...assifier-mapper-incoming-Gsuite-gmail.json | 294 ++++---- Packs/Gmail/ReleaseNotes/1_1_7.md | 4 + Packs/Gmail/pack_metadata.json | 2 +- .../Phishing_Investigation_-_Generic_v2.yml | 618 ++------------- ...shing_Investigation_-_Generic_v2_-_6_0.yml | 67 +- Packs/Phishing/ReleaseNotes/2_4_1.md | 5 + Packs/Phishing/pack_metadata.json | 2 +- 10 files changed, 634 insertions(+), 1078 deletions(-) create mode 100644 Packs/EWS/ReleaseNotes/1_9_2.md create mode 100644 Packs/Gmail/ReleaseNotes/1_1_7.md create mode 100644 Packs/Phishing/ReleaseNotes/2_4_1.md diff --git a/Packs/EWS/Classifiers/classifier-mapper-incoming-EWS_v2.json b/Packs/EWS/Classifiers/classifier-mapper-incoming-EWS_v2.json index 3819bb4db623..2941dec19a84 100644 --- a/Packs/EWS/Classifiers/classifier-mapper-incoming-EWS_v2.json +++ b/Packs/EWS/Classifiers/classifier-mapper-incoming-EWS_v2.json @@ -1,358 +1,362 @@ { - "id": "EWS v2-mapper", + "description": "Maps incoming EWS phishing email message fields.", + "feed": false, + "id": "EWS v2-mapper", + "mapping": { + "Phishing": { + "dontMapEventToLabels": false, + "internalMapping": { + "Attachment Count": { + "complex": { + "accessor": "", + "filters": [], + "root": "attachments", + "transformers": [ + { + "args": {}, + "operator": "count" + } + ] + }, + "simple": "" + }, + "Attachment Extension": { + "complex": { + "accessor": "attachmentName", + "filters": [], + "root": "attachments", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + }, + { + "args": { + "from": { + "isContext": false, + "value": { + "complex": null, + "simple": "." + } + } + }, + "operator": "substringFrom" + } + ] + }, + "simple": "" + }, + "Attachment ID": { + "complex": { + "accessor": "attachmentId", + "filters": [], + "root": "attachments", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Attachment Name": { + "complex": { + "accessor": "attachmentName", + "filters": [], + "root": "attachments", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Attachment size": { + "complex": { + "accessor": "attachmentSize", + "filters": [], + "root": "attachments", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Attachment type": { + "complex": { + "accessor": "attachmentType", + "filters": [], + "root": "attachments", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Email BCC": { + "complex": null, + "simple": "bcc_recipients.email_address" + }, + "Email Body": { + "complex": null, + "simple": "text_body" + }, + "Email CC": { + "complex": { + "accessor": "email_address", + "filters": [], + "root": "cc_recipients", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Email From": { + "complex": null, + "simple": "sender.email_address" + }, + "Email HTML": { + "complex": null, + "simple": "body" + }, + "Email Headers": { + "complex": null, + "simple": "headers" + }, + "Email Message ID": { + "complex": null, + "simple": "message_id" + }, + "Email Received": { + "complex": null, + "simple": "received_representing.email_address" + }, + "Email Reply To": { + "complex": { + "accessor": "value", + "filters": [ + [ + { + "ignoreCase": false, + "left": { + "isContext": true, + "value": { + "complex": null, + "simple": "headers.name" + } + }, + "operator": "isEqualString", + "right": { + "isContext": false, + "value": { + "complex": null, + "simple": "In-Reply-To" + } + } + } + ] + ], + "root": "headers", + "transformers": [ + { + "args": { + "chars": { + "isContext": false, + "value": { + "complex": null, + "simple": "\u003c\u003e" + } + } + }, + "operator": "StripChars" + } + ] + }, + "simple": "" + }, + "Email Return Path": { + "complex": { + "accessor": "value", + "filters": [ + [ + { + "ignoreCase": false, + "left": { + "isContext": true, + "value": { + "complex": null, + "simple": "headers.name" + } + }, + "operator": "isEqualString", + "right": { + "isContext": false, + "value": { + "complex": null, + "simple": "Return-Path" + } + } + } + ] + ], + "root": "headers", + "transformers": [] + }, + "simple": "" + }, + "Email Sender IP": { + "complex": { + "accessor": "value", + "filters": [ + [ + { + "ignoreCase": false, + "left": { + "isContext": true, + "value": { + "complex": null, + "simple": "headers.name" + } + }, + "operator": "isEqualString", + "right": { + "isContext": false, + "value": { + "complex": null, + "simple": "X-Originating-IP" + } + } + } + ] + ], + "root": "headers", + "transformers": [ + { + "args": { + "chars": { + "isContext": false, + "value": { + "complex": null, + "simple": "[]" + } + } + }, + "operator": "StripChars" + } + ] + }, + "simple": "" + }, + "Email Size": { + "complex": null, + "simple": "size" + }, + "Email Subject": { + "complex": null, + "simple": "subject" + }, + "Email To": { + "complex": { + "accessor": "email_address", + "filters": [], + "root": "to_recipients", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Email To Count": { + "complex": { + "accessor": "", + "filters": [], + "root": "to_recipients", + "transformers": [ + { + "args": {}, + "operator": "count" + } + ] + }, + "simple": "" + } + } + } + }, "name": "EWS - Incoming Mapper", "type": "mapping-incoming", - "description": "Maps incoming EWS phishing email message fields.", - "version": -1, - "defaultIncidentType": "", - "mapping": { - "Phishing": { - "internalMapping": { - "Email HTML": { - "complex": null, - "simple": "Html" - }, - "Attachment Count": { - "simple": "", - "complex": { - "root": "attachments", - "filters": [], - "accessor": "", - "transformers": [ - { - "operator": "general.count", - "args": {} - } - ] - } - }, - "Attachment Extension": { - "simple": "", - "complex": { - "root": "attachments", - "filters": [], - "accessor": "attachmentName", - "transformers": [ - { - "operator": "general.join", - "args": { - "separator": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - }, - { - "operator": "string.substringFrom", - "args": { - "from": { - "value": { - "simple": ".", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Attachment ID": { - "simple": "", - "complex": { - "root": "attachments", - "filters": [], - "accessor": "attachmentId", - "transformers": [ - { - "operator": "general.join", - "args": { - "separator": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Attachment Name": { - "simple": "", - "complex": { - "root": "attachments", - "filters": [], - "accessor": "attachmentName", - "transformers": [ - { - "operator": "general.join", - "args": { - "separator": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Attachment size": { - "simple": "", - "complex": { - "root": "attachments", - "filters": [], - "accessor": "attachmentSize", - "transformers": [ - { - "operator": "general.join", - "args": { - "separator": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Attachment type": { - "simple": "", - "complex": { - "root": "attachments", - "filters": [], - "accessor": "attachmentType", - "transformers": [ - { - "operator": "general.join", - "args": { - "separator": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Email BCC": { - "simple": "bcc_recipients.email_address", - "complex": null - }, - "Email Body": { - "simple": "text_body", - "complex": null - }, - "Email CC": { - "simple": "", - "complex": { - "root": "cc_recipients", - "filters": [], - "accessor": "email_address", - "transformers": [ - { - "operator": "general.join", - "args": { - "separator": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Email From": { - "simple": "sender.email_address", - "complex": null - }, - "Email Message ID": { - "simple": "message_id", - "complex": null - }, - "Email Received": { - "simple": "received_representing.email_address", - "complex": null - }, - "Email Reply To": { - "simple": "", - "complex": { - "root": "headers", - "filters": [ - [ - { - "operator": "string.isEqual", - "left": { - "value": { - "simple": "headers.name", - "complex": null - }, - "isContext": true - }, - "right": { - "value": { - "simple": "In-Reply-To", - "complex": null - }, - "isContext": false - }, - "ignoreCase": false - } - ] - ], - "accessor": "value", - "transformers": [ - { - "operator": "string.StripChars", - "args": { - "chars": { - "value": { - "simple": "\u003c\u003e", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Email Return Path": { - "simple": "", - "complex": { - "root": "headers", - "filters": [ - [ - { - "operator": "string.isEqual", - "left": { - "value": { - "simple": "headers.name", - "complex": null - }, - "isContext": true - }, - "right": { - "value": { - "simple": "Return-Path", - "complex": null - }, - "isContext": false - }, - "ignoreCase": false - } - ] - ], - "accessor": "value", - "transformers": [] - } - }, - "Email Sender IP": { - "simple": "", - "complex": { - "root": "headers", - "filters": [ - [ - { - "operator": "string.isEqual", - "left": { - "value": { - "simple": "headers.name", - "complex": null - }, - "isContext": true - }, - "right": { - "value": { - "simple": "X-Originating-IP", - "complex": null - }, - "isContext": false - }, - "ignoreCase": false - } - ] - ], - "accessor": "value", - "transformers": [ - { - "operator": "string.StripChars", - "args": { - "chars": { - "value": { - "simple": "[]", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Email Size": { - "simple": "size", - "complex": null - }, - "Email Subject": { - "simple": "subject", - "complex": null - }, - "Email To": { - "simple": "", - "complex": { - "root": "to_recipients", - "filters": [], - "accessor": "email_address", - "transformers": [ - { - "operator": "general.join", - "args": { - "separator": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - } - ] - } - }, - "Email To Count": { - "simple": "", - "complex": { - "root": "to_recipients", - "filters": [], - "accessor": "", - "transformers": [ - { - "operator": "general.count", - "args": {} - } - ] - } - } - }, - "dontMapEventToLabels": false - } - }, - "fromVersion": "6.0.0" -} + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/EWS/ReleaseNotes/1_9_2.md b/Packs/EWS/ReleaseNotes/1_9_2.md new file mode 100644 index 000000000000..fec75bdf5a4a --- /dev/null +++ b/Packs/EWS/ReleaseNotes/1_9_2.md @@ -0,0 +1,4 @@ + +#### Mappers +##### EWS - Incoming Mapper +- Mapping missing Phishing fields. \ No newline at end of file diff --git a/Packs/EWS/pack_metadata.json b/Packs/EWS/pack_metadata.json index baeb944465a1..78f6f21f6d3f 100644 --- a/Packs/EWS/pack_metadata.json +++ b/Packs/EWS/pack_metadata.json @@ -2,7 +2,7 @@ "name": "EWS", "description": "Exchange Web Services and Office 365 (mail)", "support": "xsoar", - "currentVersion": "1.9.1", + "currentVersion": "1.9.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Gmail/Classifiers/classifier-mapper-incoming-Gsuite-gmail.json b/Packs/Gmail/Classifiers/classifier-mapper-incoming-Gsuite-gmail.json index 13a0dab3ff4a..de7155e32c86 100644 --- a/Packs/Gmail/Classifiers/classifier-mapper-incoming-Gsuite-gmail.json +++ b/Packs/Gmail/Classifiers/classifier-mapper-incoming-Gsuite-gmail.json @@ -6,148 +6,156 @@ "version": -1, "defaultIncidentType": "", "mapping": { - "Phishing": { - "internalMapping": { - "Email HTML": { - "complex": null, - "simple": "Html" - }, - "Attachment Count": { - "simple": "", - "complex": { - "root": "Attachments", - "filters": [], - "accessor": "", - "transformers": [ - { - "operator": "count", - "args": {} - } - ] - } - }, - "Attachment Extension": { - "simple": "", - "complex": { - "root": "Attachment Names", - "filters": [], - "accessor": "", - "transformers": [ - { - "operator": "splitAndTrim", - "args": { - "delimiter": { - "value": { - "simple": ",", - "complex": null - }, - "isContext": false - } - } - }, - { - "operator": "replaceMatch", - "args": { - "regex": { - "value": { - "simple": ".*\\.", - "complex": null - }, - "isContext": false - }, - "replaceWith": { - "value": null, - "isContext": false - } - } - } - ] - } - }, - "Attachment Name": { - "simple": "", - "complex": { - "root": "Attachment Names", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email BCC": { - "simple": "", - "complex": { - "root": "Bcc", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email Body": { - "simple": "", - "complex": { - "root": "Body", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email Body Format": { - "simple": "", - "complex": { - "root": "Format", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email CC": { - "simple": "", - "complex": { - "root": "Cc", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email From": { - "simple": "", - "complex": { - "root": "From", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email Message ID": { - "simple": "", - "complex": { - "root": "ID", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email Subject": { - "simple": "", - "complex": { - "root": "Subject", - "filters": [], - "accessor": "", - "transformers": [] - } - }, - "Email To": { - "simple": "", - "complex": { - "root": "To", - "filters": [], - "accessor": "", - "transformers": [] - } - } - }, - "dontMapEventToLabels": false - } - }, + "Phishing": { + "dontMapEventToLabels": false, + "internalMapping": { + "Attachment Count": { + "complex": { + "accessor": "", + "filters": [], + "root": "Attachments", + "transformers": [ + { + "args": {}, + "operator": "count" + } + ] + }, + "simple": "" + }, + "Attachment Extension": { + "complex": { + "accessor": "", + "filters": [], + "root": "Attachment Names", + "transformers": [ + { + "args": { + "delimiter": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "splitAndTrim" + }, + { + "args": { + "regex": { + "isContext": false, + "value": { + "complex": null, + "simple": ".*\\." + } + }, + "replaceWith": { + "isContext": false, + "value": null + } + }, + "operator": "replaceMatch" + } + ] + }, + "simple": "" + }, + "Attachment ID": { + "complex": null, + "simple": "Attachments.ID" + }, + "Attachment Name": { + "complex": { + "accessor": "", + "filters": [], + "root": "Attachment Names", + "transformers": [] + }, + "simple": "" + }, + "Email BCC": { + "complex": { + "accessor": "", + "filters": [], + "root": "Bcc", + "transformers": [] + }, + "simple": "" + }, + "Email Body": { + "complex": { + "accessor": "", + "filters": [], + "root": "Body", + "transformers": [] + }, + "simple": "" + }, + "Email Body Format": { + "complex": { + "accessor": "", + "filters": [], + "root": "Format", + "transformers": [] + }, + "simple": "" + }, + "Email CC": { + "complex": { + "accessor": "", + "filters": [], + "root": "Cc", + "transformers": [] + }, + "simple": "" + }, + "Email From": { + "complex": { + "accessor": "", + "filters": [], + "root": "From", + "transformers": [] + }, + "simple": "" + }, + "Email HTML": { + "complex": null, + "simple": "Html" + }, + "Email Headers": { + "complex": null, + "simple": "Headers" + }, + "Email Message ID": { + "complex": { + "accessor": "", + "filters": [], + "root": "ID", + "transformers": [] + }, + "simple": "" + }, + "Email Subject": { + "complex": { + "accessor": "", + "filters": [], + "root": "Subject", + "transformers": [] + }, + "simple": "" + }, + "Email To": { + "complex": { + "accessor": "", + "filters": [], + "root": "To", + "transformers": [] + }, + "simple": "" + } + } + } + }, "fromVersion": "6.0.0" } \ No newline at end of file diff --git a/Packs/Gmail/ReleaseNotes/1_1_7.md b/Packs/Gmail/ReleaseNotes/1_1_7.md new file mode 100644 index 000000000000..1a4303021218 --- /dev/null +++ b/Packs/Gmail/ReleaseNotes/1_1_7.md @@ -0,0 +1,4 @@ + +#### Mappers +##### Gmail - Incoming Mapper +- Adding "Email Headers" field mapping. diff --git a/Packs/Gmail/pack_metadata.json b/Packs/Gmail/pack_metadata.json index 8c98a0a97162..423e11fc2dd6 100644 --- a/Packs/Gmail/pack_metadata.json +++ b/Packs/Gmail/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Gmail", "description": "Gmail API and user management (This integration replaces the Gmail functionality in the GoogleApps API and G Suite integration).", "support": "xsoar", - "currentVersion": "1.1.6", + "currentVersion": "1.1.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2.yml b/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2.yml index b06c37bb6638..caecb67e2c86 100644 --- a/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2.yml +++ b/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2.yml @@ -1,7 +1,10 @@ id: Phishing Investigation - Generic v2 version: -1 name: Phishing Investigation - Generic v2 -description: "Use this playbook to investigate and remediate a potential phishing incident. The playbook simultaneously engages with the user that triggered the incident, while investigating the incident itself.\n\nThe final remediation tasks are always decided by a human analyst." +description: "Use this playbook to investigate and remediate a potential phishing\ + \ incident. The playbook simultaneously engages with the user that triggered the\ + \ incident, while investigating the incident itself.\n\nThe final remediation tasks\ + \ are always decided by a human analyst." starttaskid: '0' tasks: '0': @@ -31,7 +34,8 @@ tasks: id: b8fe1f1e-c1ae-499e-83d7-f466009b5790 version: -1 name: Assign to analyst - description: Assign the incident to an analyst based on the analyst's organizational role. + description: Assign the incident to an analyst based on the analyst's organizational + role. scriptName: AssignAnalystToIncident type: regular iscommand: false @@ -63,7 +67,8 @@ tasks: id: d6dfa5b6-7756-4f6f-8e97-c9c7bcd67ad7 version: -1 name: Manually review the incident - description: Review the incident to determine if the email that the user reported is malicious. + description: Review the incident to determine if the email that the user reported + is malicious. type: regular iscommand: false brand: '' @@ -164,7 +169,8 @@ tasks: id: 9551bc3f-272d-4db9-8a40-30b48d1ba33b version: -1 name: Acknowledge incident was received - description: "Send an auto-response to user that reported the incident, informing them the incident was received and being handled.\n" + description: "Send an auto-response to user that reported the incident, informing\ + \ them the incident was received and being handled.\n" script: '|||send-mail' type: regular iscommand: true @@ -179,7 +185,14 @@ tasks: attachNames: {} bcc: {} body: - simple: "Hi ${.=function(val) { var reporter = val.ReporterAddress ;var account = val.Account && val.Account.filter(function(acc) { return acc.DisplayName && acc.Email && acc.Email.Address === reporter }); return account && account[0] && account[0].DisplayName || reporter || ''; }(val)},\nWe've received your email and are investigating.\nPlease do not touch the email until further notice.\n\nCordially, \n Your friendly neighborhood security team" + simple: "Hi ${.=function(val) { if(!(val.Account.length > 1)) return val.ReporterAddress;\ + \ var reporter = val.ReporterAddress; var account = val.Account && val.Account.filter(function(acc)\ + \ { return acc.DisplayName && (acc.Email === reporter || Array.isArray(acc.Email)\ + \ && acc.Email.indexOf(reporter) > -1) }); return account && account[0]\ + \ && account[0].DisplayName[0] || reporter || ''; }(val)},\nWe've received\ + \ your email and are investigating.\nPlease do not touch the email until\ + \ further notice.\n\nCordially, \n Your friendly neighborhood security\ + \ team" cc: {} from: {} htmlBody: {} @@ -241,7 +254,8 @@ tasks: id: b2b37a86-85e8-4385-811c-004dd3b0b215 version: -1 name: Update the user that the reported email is safe - description: Send an email to the user explaining that the email they reported is safe. + description: Send an email to the user explaining that the email they reported + is safe. script: '|||send-mail' type: regular iscommand: true @@ -256,7 +270,7 @@ tasks: bcc: {} body: simple: |- - Hi ${.=val.Account.DisplayName && val.Email.Address === val.incident.labels['Email/from'] ? val.Account.DisplayName : val.incident.labels['Email/from']}, + Hi ${.=function(val) { if(!(val.Account.length > 1)) return val.ReporterAddress; var reporter = val.ReporterAddress; var account = val.Account && val.Account.filter(function(acc) { return acc.DisplayName && (acc.Email === reporter || Array.isArray(acc.Email) && acc.Email.indexOf(reporter) > -1) }); return account && account[0] && account[0].DisplayName[0] || reporter || ''; }(val)}, We've concluded that the email you forwarded to us is safe. Thank you for your alertness and your participation in keeping our organization secure. @@ -290,8 +304,9 @@ tasks: task: id: 38d12767-452d-438e-8361-2c19bdb6bc65 version: -1 - name: Update the user that the reported email is malicious - description: Send an email to the user explaining that the email they reported is malicious. + name: Update the user that the reported email is malicious + description: Send an email to the user explaining that the email they reported + is malicious. script: '|||send-mail' type: regular iscommand: true @@ -304,7 +319,14 @@ tasks: attachNames: {} bcc: {} body: - simple: "Hi ${.=val.Account.DisplayName && val.Email.Address === val.incident.labels['Email/from'] ? val.Account.DisplayName : val.incident.labels['Email/from']},\nWe've concluded that the email you forwarded to us is malicious. No further action is required on your part. Good job on detecting and forwarding it to us!\n\nAll the best,\n Your security team" + simple: "Hi ${.=function(val) { if(!(val.Account.length > 1)) return val.ReporterAddress;\ + \ var reporter = val.ReporterAddress; var account = val.Account && val.Account.filter(function(acc)\ + \ { return acc.DisplayName && (acc.Email === reporter || Array.isArray(acc.Email)\ + \ && acc.Email.indexOf(reporter) > -1) }); return account && account[0]\ + \ && account[0].DisplayName[0] || reporter || ''; }(val)},\nWe've concluded\ + \ that the email you forwarded to us is malicious. No further action is\ + \ required on your part. Good job on detecting and forwarding it to us!\n\ + \nAll the best,\n Your security team" cc: {} htmlBody: {} replyTo: {} @@ -517,7 +539,10 @@ tasks: id: 945915a4-395f-444f-8500-c80791cddcfd version: -1 name: Manually remediate the incident - description: "Consider the following:\n1. Search for and delete similar emails\n2. Inform the organization about the threat\n3. Hunt the relevant IOCs\n4. Update proxies and firewalls as necessary\n5. Block the malicious sender/ domain in the mail-gateway " + description: "Consider the following:\n1. Search for and delete similar emails\n\ + 2. Inform the organization about the threat\n3. Hunt the relevant IOCs\n4.\ + \ Update proxies and firewalls as necessary\n5. Block the malicious sender/\ + \ domain in the mail-gateway " type: regular iscommand: false brand: '' @@ -952,7 +977,9 @@ tasks: id: d18654f5-16fd-441e-8db0-4e55f0df0f43 version: -1 name: Should the email be authenticated? - description: Whether the email should be authenticated using DKIM, SPF and DMARC. This checks whether "AuthenticateEmail" output is set to "True" and whether there are headers from an email to authenticate. + description: Whether the email should be authenticated using DKIM, SPF and DMARC. + This checks whether "AuthenticateEmail" output is set to "True" and whether + there are headers from an email to authenticate. type: condition iscommand: false brand: '' @@ -1013,7 +1040,8 @@ tasks: id: 0f654686-0911-450d-86e6-0689df621d61 version: -1 name: Authenticate email - description: Checks the authenticity of an email based on the email's SPF, DMARC, and DKIM. + description: Checks the authenticity of an email based on the email's SPF, DMARC, + and DKIM. scriptName: CheckEmailAuthenticity type: regular iscommand: false @@ -1061,7 +1089,8 @@ tasks: id: e80e3f5a-a74f-44a8-8e83-8eee96def1d0 version: -1 name: Save authenticity check result to incident field - description: Save the verdict, regarding the authenticity of the email, in an incident field. + description: Save the verdict, regarding the authenticity of the email, in an + incident field. script: Builtin|||setIncident type: regular iscommand: true @@ -1070,57 +1099,6 @@ tasks: '#none#': - '84' scriptarguments: - addLabels: {} - affecteddata: {} - affecteddatatype: {} - affectedhosts: {} - affectedindividualscontactinformation: {} - affectedips: {} - app: {} - approximatenumberofaffecteddatasubjects: {} - assetid: {} - attachmentcount: {} - attachmentextension: {} - attachmenthash: {} - attachmentid: {} - attachmentitem: {} - attachmentname: {} - attachmentsize: {} - attachmenttype: {} - backupowner: {} - bugtraq: {} - campaigntargetcount: {} - campaigntargets: {} - city: {} - closeNotes: {} - closeReason: {} - companyaddress: {} - companycity: {} - companycountry: {} - companyhasinsuranceforthebreach: {} - companyname: {} - companypostalcode: {} - contactaddress: {} - contactname: {} - country: {} - countrywherebusinesshasitsmainestablishment: {} - countrywherethebreachtookplace: {} - criticalassets: {} - customFields: {} - cve: {} - cvss: {} - dataencryptionstatus: {} - datetimeofthebreach: {} - daysbetweenreportcreation: {} - deleteEmptyField: {} - dest: {} - destinationip: {} - destntdomain: {} - details: {} - detectedusers: {} - dpoemailaddress: {} - duration: {} - emailaddress: {} emailauthenticitycheck: complex: root: Email @@ -1162,97 +1140,6 @@ tasks: toReplace: value: simple: suspicious - emailbcc: {} - emailbody: {} - emailbodyformat: {} - emailbodyhtml: {} - emailbodyhtmlraw: {} - emailcc: {} - emailclientname: {} - emailfrom: {} - emailfromdisplayname: {} - emailhtml: {} - emailinreplyto: {} - emailkeywords: {} - emailmessageid: {} - emailreceived: {} - emailreplyto: {} - emailreturnpath: {} - emailsenderdomain: {} - emailsenderip: {} - emailsize: {} - emailsource: {} - emailsubject: {} - emailsubjectlanguage: {} - emailto: {} - emailtocount: {} - emailurlclicked: {} - eventid: {} - falses: {} - fetchid: {} - fetchtype: {} - filehash: {} - filename: {} - filepath: {} - hostid: {} - hostname: {} - htmlimage: {} - htmlrenderedimage: {} - id: {} - important: {} - importantfield: {} - isthedatasubjecttodpia: {} - labels: {} - likelyimpact: {} - maliciouscauseifthecauseisamaliciousattack: {} - malwarefamily: {} - mdtest: {} - measurestomitigate: {} - myfield: {} - name: {} - occurred: {} - owner: {} - phase: {} - phishingsubtype: {} - possiblecauseofthebreach: {} - postalcode: {} - relateddomain: {} - replacePlaybook: {} - reporteduser: {} - reportinguser: {} - roles: {} - screenshot: {} - screenshot2: {} - sectorofaffectedparty: {} - selector: {} - severity: {} - signature: {} - single: {} - single2: {} - sizenumberofemployees: {} - sizeturnover: {} - sla: {} - slaField: {} - source: {} - src: {} - srcntdomain: {} - srcuser: {} - systems: {} - telephoneno: {} - test: {} - test2: {} - testfield: {} - timeassignedtolevel2: {} - timefield1: {} - timelevel1: {} - type: {} - user: {} - username: {} - vendorid: {} - vendorproduct: {} - vulnerabilitycategory: {} - whereisdatahosted: {} - xdr: {} reputationcalc: 1 separatecontext: false view: "{\n \"position\": {\n \"x\": -260,\n \"y\": 2255\n }\n}" @@ -1288,7 +1175,8 @@ tasks: id: c325df0c-5e0f-4ba9-8863-0b0c18410025 version: -1 name: Save reporter email address in field - description: Saves the email address of the reporter of the email, in an incident field. + description: Saves the email address of the reporter of the email, in an incident + field. script: Builtin|||setIncident type: regular iscommand: true @@ -1297,171 +1185,9 @@ tasks: '#none#': - '13' scriptarguments: - addLabels: {} - affecteddata: {} - affecteddatatype: {} - affectedhosts: {} - affectedindividualscontactinformation: {} - affectedips: {} - app: {} - approximatenumberofaffecteddatasubjects: {} - assetid: {} - attachmentcount: {} - attachmentextension: {} - attachmenthash: {} - attachmentid: {} - attachmentitem: {} - attachmentname: {} - attachmentsize: {} - attachmenttype: {} - backupowner: {} - bugtraq: {} - campaigntargetcount: {} - campaigntargets: {} - city: {} - closeNotes: {} - closeReason: {} - companyaddress: {} - companycity: {} - companycountry: {} - companyhasinsuranceforthebreach: {} - companyname: {} - companypostalcode: {} - contactaddress: {} - contactname: {} - country: {} - countrywherebusinesshasitsmainestablishment: {} - countrywherethebreachtookplace: {} - criticalassets: {} - customFields: {} - cve: {} - cvss: {} - dataencryptionstatus: {} - datetimeofthebreach: {} - daysbetweenreportcreation: {} - deleteEmptyField: {} - dest: {} - destinationip: {} - destntdomain: {} - details: {} - detectedusers: {} - dpoemailaddress: {} - duration: {} - emailaddress: {} - emailauthenticitycheck: {} - emailbcc: {} - emailbody: {} - emailbodyformat: {} - emailbodyhtml: {} - emailcc: {} - emailclassification: {} - emailclientname: {} - emailfrom: {} - emailfromdisplayname: {} - emailheaders: {} - emailhtml: {} - emailinreplyto: {} - emailkeywords: {} - emailmessageid: {} - emailreceived: {} - emailreplyto: {} - emailreturnpath: {} - emailsenderdomain: {} - emailsenderip: {} - emailsize: {} - emailsource: {} - emailsubject: {} - emailsubjectlanguage: {} - emailto: {} - emailtocount: {} - emailurlclicked: {} - eventid: {} - falses: {} - fetchid: {} - fetchtype: {} - filehash: {} - filename: {} - filepath: {} - hostid: {} - hostname: {} - htmlimage: {} - htmlrenderedimage: {} - id: {} - important: {} - importantfield: {} - isthedatasubjecttodpia: {} - labels: {} - likelyimpact: {} - maliciouscauseifthecauseisamaliciousattack: {} - malwarefamily: {} - mdtest: {} - measurestomitigate: {} - myfield: {} - name: {} - occurred: {} - owner: {} - phase: {} - phishingsubtype: {} - possiblecauseofthebreach: {} - postalcode: {} - relateddomain: {} - replacePlaybook: {} - reporteduser: {} reporteremailaddress: complex: root: ReporterAddress - reportinguser: {} - roles: {} - screenshot: {} - screenshot2: {} - sectorofaffectedparty: {} - selector: {} - severity: {} - signature: {} - single: {} - single2: {} - sizenumberofemployees: {} - sizeturnover: {} - sla: {} - slaField: {} - source: {} - src: {} - srcntdomain: {} - srcuser: {} - systems: {} - telephoneno: {} - test: {} - test2: {} - testfield: {} - timeassignedtolevel2: {} - timefield1: {} - timelevel1: {} - type: {} - urlsslverification: {} - user: {} - username: {} - vendorid: {} - vendorproduct: {} - vulnerabilitycategory: {} - whereisdatahosted: {} - xdr: {} - xdralertcount: {} - xdralerts: {} - xdrassigneduseremail: {} - xdrassigneduserprettyname: {} - xdrdescription: {} - xdrdetectiontime: {} - xdrfileartifacts: {} - xdrhighseverityalertcount: {} - xdrincidentid: {} - xdrlowseverityalertcount: {} - xdrmediumseverityalertcount: {} - xdrnetworkartifacts: {} - xdrnotes: {} - xdrresolvecomment: {} - xdrstatus: {} - xdrurl: {} - xdrusercount: {} reputationcalc: 1 separatecontext: false view: "{\n \"position\": {\n \"x\": 1650,\n \"y\": 530\n }\n}" @@ -1476,7 +1202,9 @@ tasks: id: bf7ea13b-64cd-46fb-8563-825432a1c808 version: -1 name: Predict phishing type using pre-trained phishing model - description: Predicts the specific type of phishing mail using a pre-trained machine learning model, and highlights the most important words used in the classification decision. + description: Predicts the specific type of phishing mail using a pre-trained + machine learning model, and highlights the most important words used in the + classification decision. scriptName: DBotPredictPhishingWords type: regular iscommand: false @@ -1548,7 +1276,8 @@ tasks: id: 40fe8e89-4a2c-470f-8bd6-6bae51b4794e version: -1 name: Update incident with predictions - description: Updates incident fields with the predictions of the machine-learning phishing model. + description: Updates incident fields with the predictions of the machine-learning + phishing model. script: Builtin|||setIncident type: regular iscommand: true @@ -1557,52 +1286,6 @@ tasks: '#none#': - '56' scriptarguments: - account: {} - accountid: {} - accountname: {} - activedirectoryaccountstatus: {} - activedirectorydisplayname: {} - activedirectorypasswordstatus: {} - addLabels: {} - affecteddata: {} - affecteddatatype: {} - affectedindividualscontactinformation: {} - agentid: {} - app: {} - approximatenumberofaffecteddatasubjects: {} - assetid: {} - attachmentcount: {} - attachmentextension: {} - attachmenthash: {} - attachmentid: {} - attachmentname: {} - attachmentsize: {} - attachmenttype: {} - blockedaction: {} - bugtraq: {} - city: {} - closeNotes: {} - closeReason: {} - commandline: {} - companyaddress: {} - companycity: {} - companycountry: {} - companyhasinsuranceforthebreach: {} - companyname: {} - companypostalcode: {} - companypropertystatus: {} - contactaddress: {} - contactname: {} - coordinates: {} - country: {} - countrywherebusinesshasitsmainestablishment: {} - countrywherethebreachtookplace: {} - criticalassets: {} - customFields: {} - cve: {} - cvss: {} - dataencryptionstatus: {} - datetimeofthebreach: {} dbotprediction: complex: root: DBotPredictPhishingWords @@ -1621,184 +1304,6 @@ tasks: accessor: TextTokensHighlighted transformers: - operator: uniq - deleteEmptyField: {} - dest: {} - destinationip: {} - destntdomain: {} - details: {} - detectionendtime: {} - detectionid: {} - detectionticketed: {} - detectionupdatetime: {} - detectionurl: {} - devicegsuiteaccountstatus: {} - devicename: {} - dpoemailaddress: {} - duoaccountstatus: {} - duration: {} - emailaddress: {} - emailauthenticitycheck: {} - emailautoreply: {} - emailbcc: {} - emailbody: {} - emailbodyformat: {} - emailbodyhtml: {} - emailcc: {} - emailclassification: {} - emailclientname: {} - emailfrom: {} - emailheaders: {} - emailhtml: {} - emailinreplyto: {} - emailkeywords: {} - emailmessageid: {} - emailreceived: {} - emailreplyto: {} - emailreturnpath: {} - emailsenderip: {} - emailsize: {} - emailsource: {} - emailsubject: {} - emailto: {} - emailtocount: {} - emailurlclicked: {} - employeedisplayname: {} - employeeemail: {} - employeemanageremail: {} - extrahopapplianceid: {} - extrahophostname: {} - filehash: {} - filename: {} - filepath: {} - filesize: {} - firstseen: {} - globaldirectoryvisibility: {} - googleaccountstatus: {} - googleadminrolesstatus: {} - googledisplayname: {} - googledrivestatus: {} - googlemailstatus: {} - googlepasswordstatus: {} - hostname: {} - id: {} - infectedhosts: {} - isolated: {} - isthedatasubjecttodpia: {} - labels: {} - lastmodifiedby: {} - lastmodifiedon: {} - lastseen: {} - likelyimpact: {} - mailboxdelegation: {} - maliciousbehavior: {} - maliciouscauseifthecauseisamaliciousattack: {} - malwarefamily: {} - markdowntest: {} - measurestomitigate: {} - name: {} - niststage: {} - occurred: {} - offboardingstage: {} - oktaaccountstatus: {} - owner: {} - parentprocessid: {} - participants: {} - phase: {} - phishingsubtype: {} - pid: {} - policydeleted: {} - policydescription: {} - policydetails: {} - policyid: {} - policyrecommendation: {} - policyremediable: {} - policyseverity: {} - policytype: {} - possiblecauseofthebreach: {} - postalcode: {} - previouscoordinates: {} - previouscountry: {} - previoussignindatetime: {} - previoussourceip: {} - prismacloudid: {} - prismacloudreason: {} - prismacloudrules: {} - prismacloudstatus: {} - prismacloudtime: {} - rating: {} - rawparticipants: {} - region: {} - regionid: {} - replacePlaybook: {} - reporteremailaddress: {} - resourceapiname: {} - resourcecloudtype: {} - resourceid: {} - resourcename: {} - resourcetype: {} - riskrating: {} - riskscore: {} - roles: {} - rrn: {} - sectorofaffectedparty: {} - severity: {} - signature: {} - signindatetime: {} - sizenumberofemployees: {} - sizeturnover: {} - skuname: {} - skutier: {} - sla: {} - slaField: {} - sourceip: {} - src: {} - srcntdomain: {} - srcos: {} - srcuser: {} - subscriptionassignedby: {} - subscriptioncreatedby: {} - subscriptioncreatedon: {} - subscriptiondescription: {} - subscriptionid: {} - subscriptionname: {} - subscriptiontype: {} - subscriptionupdatedby: {} - subscriptionupdatedon: {} - subtype: {} - systemdefault: {} - systems: {} - telephoneno: {} - terminatedaction: {} - threatactor: {} - trapsid: {} - travelmaplink: {} - triggeredsecurityprofile: {} - type: {} - urlsslverification: {} - user: {} - username: {} - vendorid: {} - vendorproduct: {} - vpcid: {} - vulnerabilitycategory: {} - whereisdatahosted: {} - xdralertcount: {} - xdralerts: {} - xdrassigneduseremail: {} - xdrassigneduserprettyname: {} - xdrdescription: {} - xdrdetectiontime: {} - xdrfileartifacts: {} - xdrhighseverityalertcount: {} - xdrincidentid: {} - xdrlowseverityalertcount: {} - xdrmediumseverityalertcount: {} - xdrnetworkartifacts: {} - xdrnotes: {} - xdrresolvecomment: {} - xdrstatus: {} - xdrurl: {} - xdrusercount: {} reputationcalc: 1 separatecontext: false view: "{\n \"position\": {\n \"x\": -1142.5,\n \"y\": 1060\n }\n}" @@ -2047,7 +1552,12 @@ tasks: note: false timertriggers: [] ignoreworker: false -view: "{\n \"linkLabelsPosition\": {\n \"15_30_Malicious \": 0.48,\n \"15_31_#default#\": 0.44,\n \"33_16_No\": 0.64,\n \"33_17_Yes\": 0.19,\n \"36_43_#default#\": 0.39,\n \"37_43_#default#\": 0.23,\n \"79_80_yes\": 0.49,\n \"79_84_#default#\": 0.34,\n \"90_56_#default#\": 0.3,\n \"90_89_yes\": 0.48\n },\n \"paper\": {\n \"dimensions\": {\n \"height\": 5370,\n \"width\": 3172.5,\n \"x\": -1142.5,\n \"y\": -90\n }\n }\n}" +view: "{\n \"linkLabelsPosition\": {\n \"15_30_Malicious \": 0.48,\n \"15_31_#default#\"\ + : 0.44,\n \"33_16_No\": 0.64,\n \"33_17_Yes\": 0.19,\n \"36_43_#default#\"\ + : 0.39,\n \"37_43_#default#\": 0.23,\n \"79_80_yes\": 0.49,\n \"79_84_#default#\"\ + : 0.34,\n \"90_56_#default#\": 0.3,\n \"90_89_yes\": 0.48\n },\n \"paper\"\ + : {\n \"dimensions\": {\n \"height\": 5370,\n \"width\": 3172.5,\n\ + \ \"x\": -1142.5,\n \"y\": -90\n }\n }\n}" inputs: - key: Role value: @@ -2058,24 +1568,30 @@ inputs: value: simple: 'False' required: false - description: "Enable the \"Search and Delete\" capability (can be either \"True\" or \"False\").\nIn case of a malicious email, the \"Search and Delete\" sub-playbook will look for other instances of the email and delete them pending analyst approval." + description: "Enable the \"Search and Delete\" capability (can be either \"True\"\ + \ or \"False\").\nIn case of a malicious email, the \"Search and Delete\" sub-playbook\ + \ will look for other instances of the email and delete them pending analyst approval." - key: BlockIndicators value: simple: 'False' required: false - description: "Enable the \"Block Indicators\" capability (can be either \"True\" or \"False\").\nIn case of a malicious email, the \"Block Indicators\" sub-playbook will block all malicious indicators in the relevant integrations." + description: "Enable the \"Block Indicators\" capability (can be either \"True\"\ + \ or \"False\").\nIn case of a malicious email, the \"Block Indicators\" sub-playbook\ + \ will block all malicious indicators in the relevant integrations." - key: AuthenticateEmail value: simple: 'False' required: false - description: Whether the authenticity of the email should be verified, using SPF, DKIM and DMARC. + description: Whether the authenticity of the email should be verified, using SPF, + DKIM and DMARC. - key: OnCall value: simple: 'false' required: false - description: Set to true to assign only user that is currently on shift. Requires Cortex XSOAR v5.5 or later. + description: Set to true to assign only user that is currently on shift. Requires + Cortex XSOAR v5.5 or later. outputs: [] fromversion: 5.0.0 toversion: 5.9.9 tests: -- Phishing v2 - Test - Incident Starter \ No newline at end of file +- Phishing v2 - Test - Incident Starter diff --git a/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2_-_6_0.yml b/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2_-_6_0.yml index b224f1f3f4c6..c804fc61767b 100644 --- a/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2_-_6_0.yml +++ b/Packs/Phishing/Playbooks/Phishing_Investigation_-_Generic_v2_-_6_0.yml @@ -163,10 +163,10 @@ tasks: quietmode: 0 "12": id: "12" - taskid: 3fa6bd94-e6fa-4cad-8e42-a35aa3370a56 + taskid: dc2824f3-564e-4270-893b-80318ac5c5f6 type: regular task: - id: 3fa6bd94-e6fa-4cad-8e42-a35aa3370a56 + id: dc2824f3-564e-4270-893b-80318ac5c5f6 version: -1 name: Store the email address of the reporting user description: Store the email address of the user that reported the incident. @@ -201,10 +201,10 @@ tasks: quietmode: 0 "13": id: "13" - taskid: 9551bc3f-272d-4db9-8a40-30b48d1ba33b + taskid: 09a01f5c-142b-48cf-8c92-4205ca9a6d42 type: regular task: - id: 9551bc3f-272d-4db9-8a40-30b48d1ba33b + id: 09a01f5c-142b-48cf-8c92-4205ca9a6d42 version: -1 name: Acknowledge incident was received description: | @@ -218,10 +218,11 @@ tasks: - "56" scriptarguments: body: - simple: "Hi ${.=function(val) { var reporter = val.ReporterAddress ;var account\ - \ = val.Account && val.Account.filter(function(acc) { return acc.DisplayName\ - \ && acc.Email && acc.Email.Address === reporter }); return account && account[0]\ - \ && account[0].DisplayName || reporter || ''; }(val)},\nWe've received\ + simple: "Hi ${.=function(val) { if(!(val.Account.length > 1)) return val.ReporterAddress;\ + \ var reporter = val.ReporterAddress; var account = val.Account && val.Account.filter(function(acc)\ + \ { return acc.DisplayName && (acc.Email === reporter || Array.isArray(acc.Email)\ + \ && acc.Email.indexOf(reporter) > -1) }); return account && account[0]\ + \ && account[0].DisplayName[0] || reporter || ''; }(val)},\nWe've received\ \ your email and are investigating.\nPlease do not touch the email until\ \ further notice.\n\nCordially, \n Your friendly neighborhood security\ \ team" @@ -229,8 +230,7 @@ tasks: simple: 'Re: Phishing Investigation - ${incident.name}' to: complex: - root: incident - accessor: labels.Email/from + root: ReporterAddress reputationcalc: 1 separatecontext: false view: |- @@ -288,10 +288,10 @@ tasks: quietmode: 0 "16": id: "16" - taskid: 50a5fc78-c35e-40ef-8359-3a36c7d3982f + taskid: 511c7226-fa33-4a95-88b7-709566ab4f90 type: regular task: - id: 50a5fc78-c35e-40ef-8359-3a36c7d3982f + id: 511c7226-fa33-4a95-88b7-709566ab4f90 version: -1 name: Update the user that the reported email is safe description: Send an email to the user explaining that the email they reported @@ -306,7 +306,7 @@ tasks: scriptarguments: body: simple: |- - Hi ${.=val.Account.DisplayName && val.Email.Address === val.incident.labels['Email/from'] ? val.Account.DisplayName : val.incident.labels['Email/from']}, + Hi ${.=function(val) { if(!(val.Account.length > 1)) return val.ReporterAddress; var reporter = val.ReporterAddress; var account = val.Account && val.Account.filter(function(acc) { return acc.DisplayName && (acc.Email === reporter || Array.isArray(acc.Email) && acc.Email.indexOf(reporter) > -1) }); return account && account[0] && account[0].DisplayName[0] || reporter || ''; }(val)}, We've concluded that the email you forwarded to us is safe. Thank you for your alertness and your participation in keeping our organization secure. @@ -315,7 +315,7 @@ tasks: subject: simple: 'Re: Phishing Investigation - ${incident.name}' to: - simple: ${incident.labels.Email/from} + simple: $ReporterAddress} reputationcalc: 1 separatecontext: false view: |- @@ -334,10 +334,10 @@ tasks: quietmode: 0 "17": id: "17" - taskid: 440f0a75-36c6-4245-8e76-59dbffa36329 + taskid: f9a62c93-67f8-41f2-8cd5-6a6a700ed9b4 type: regular task: - id: 440f0a75-36c6-4245-8e76-59dbffa36329 + id: f9a62c93-67f8-41f2-8cd5-6a6a700ed9b4 version: -1 name: Update the user that the reported email is malicious description: Send an email to the user explaining that the email they reported @@ -352,7 +352,7 @@ tasks: scriptarguments: body: simple: |- - Hi ${.=val.Account.DisplayName && val.Email.Address === val.incident.labels['Email/from'] ? val.Account.DisplayName : val.incident.labels['Email/from']}, + Hi ${.=function(val) { if(!(val.Account.length > 1)) return val.ReporterAddress; var reporter = val.ReporterAddress; var account = val.Account && val.Account.filter(function(acc) { return acc.DisplayName && (acc.Email === reporter || Array.isArray(acc.Email) && acc.Email.indexOf(reporter) > -1) }); return account && account[0] && account[0].DisplayName[0] || reporter || ''; }(val)}, We've concluded that the email you forwarded to us is malicious. No further action is required on your part. Good job on detecting and forwarding it to us! All the best, @@ -360,12 +360,12 @@ tasks: subject: simple: 'Re: Phishing Investigation - ${incident.name}' to: - simple: ${incident.labels.Email/from} + simple: ${ReporterAddress} separatecontext: false view: |- { "position": { - "x": 122.5, + "x": 120, "y": 3390 } } @@ -1661,10 +1661,10 @@ tasks: quietmode: 0 "92": id: "92" - taskid: 476e3b9e-4fb8-4edb-8f46-de3aa23f2d90 + taskid: 93c79a23-70e3-4eb2-87b4-fb3609ebb4e4 type: playbook task: - id: 476e3b9e-4fb8-4edb-8f46-de3aa23f2d90 + id: 93c79a23-70e3-4eb2-87b4-fb3609ebb4e4 version: -1 name: Entity Enrichment - Phishing v2 description: Enrich entities using one or more integrations @@ -1675,7 +1675,22 @@ tasks: nexttasks: '#none#': - "56" - separatecontext: true + scriptarguments: + Email: + complex: + root: Account.Email.Address + filters: + - - operator: isNotEqualString + left: + value: + simple: Account.Email.Address + iscontext: true + right: + value: + simple: ReporterAddress + iscontext: true + transformers: + - operator: uniq view: |- { "position": { @@ -1884,10 +1899,10 @@ tasks: quietmode: 0 "130": id: "130" - taskid: 2334647e-4ced-466e-8c05-0ae6b76adc28 + taskid: fd39af07-3674-4de7-8d83-3fb41a3d2055 type: regular task: - id: 2334647e-4ced-466e-8c05-0ae6b76adc28 + id: fd39af07-3674-4de7-8d83-3fb41a3d2055 version: -1 name: Update the user that the email is a malicious campaign description: Send an email to the user explaining that the email they reported @@ -1902,7 +1917,7 @@ tasks: scriptarguments: body: simple: |- - Hi ${.=val.Account.DisplayName && val.Email.Address === val.incident.labels['Email/from'] ? val.Account.DisplayName : val.incident.labels['Email/from']}, + Hi ${.=function(val) { if(!(val.Account.length > 1)) return val.ReporterAddress; var reporter = val.ReporterAddress; var account = val.Account && val.Account.filter(function(acc) { return acc.DisplayName && (acc.Email === reporter || Array.isArray(acc.Email) && acc.Email.indexOf(reporter) > -1) }); return account && account[0] && account[0].DisplayName[0] || reporter || ''; }(val)}, We've concluded that the email you forwarded to us is part of a bigger phishing campaign that targeted our company. No further action is required on your part. Good job on detecting and forwarding it to us! All the best, @@ -1910,7 +1925,7 @@ tasks: subject: simple: 'Re: Phishing Investigation - ${incident.name}' to: - simple: ${incident.labels.Email/from} + simple: ${ReporterAddress} separatecontext: false view: |- { diff --git a/Packs/Phishing/ReleaseNotes/2_4_1.md b/Packs/Phishing/ReleaseNotes/2_4_1.md new file mode 100644 index 000000000000..ad991b4a3dc2 --- /dev/null +++ b/Packs/Phishing/ReleaseNotes/2_4_1.md @@ -0,0 +1,5 @@ + +#### Playbooks +##### Phishing Investigation - Generic v2 +- Replacing "Email/from" incident labels with ReporterAddress. +- Fixing the DT scripts inside several tasks. These scripts check whether to address users through their display name, or their email address. diff --git a/Packs/Phishing/pack_metadata.json b/Packs/Phishing/pack_metadata.json index 3cd8b755f913..4a47b70241de 100644 --- a/Packs/Phishing/pack_metadata.json +++ b/Packs/Phishing/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Phishing", "description": "Phishing emails still hooking your end users? This Content Pack can drastically reduce the time your security team spends on phishing alerts.", "support": "xsoar", - "currentVersion": "2.4.0", + "currentVersion": "2.4.1", "serverMinVersion": "6.0.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", From 5766acc77283d3dfc93bbeecc3f14dfec2519ca0 Mon Sep 17 00:00:00 2001 From: Shelly Berman <45915502+Shellyber@users.noreply.github.com> Date: Thu, 26 Aug 2021 15:24:12 +0300 Subject: [PATCH 044/173] Added new transformer script - StringToArray (#14536) * Added new transformer script * Added rn + bumped version and fixed linting * Fixed import * Fixed cr's and added tpb * Added test to yml * changed uuid to transformer name in tpb --- Packs/CommonScripts/ReleaseNotes/1_4_27.md | 4 + .../Scripts/StringToArray/README.md | 24 +++ .../Scripts/StringToArray/StringToArray.py | 16 ++ .../Scripts/StringToArray/StringToArray.yml | 25 +++ .../StringToArray/StringToArray_test.py | 14 ++ .../playbook-StringToArray_test.yml | 180 ++++++++++++++++++ Packs/CommonScripts/pack_metadata.json | 2 +- 7 files changed, 264 insertions(+), 1 deletion(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_4_27.md create mode 100644 Packs/CommonScripts/Scripts/StringToArray/README.md create mode 100644 Packs/CommonScripts/Scripts/StringToArray/StringToArray.py create mode 100644 Packs/CommonScripts/Scripts/StringToArray/StringToArray.yml create mode 100644 Packs/CommonScripts/Scripts/StringToArray/StringToArray_test.py create mode 100644 Packs/CommonScripts/TestPlaybooks/playbook-StringToArray_test.yml diff --git a/Packs/CommonScripts/ReleaseNotes/1_4_27.md b/Packs/CommonScripts/ReleaseNotes/1_4_27.md new file mode 100644 index 000000000000..fb8b1721bff3 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_4_27.md @@ -0,0 +1,4 @@ + +#### Scripts +##### New: StringToArray +Converts a string to array. diff --git a/Packs/CommonScripts/Scripts/StringToArray/README.md b/Packs/CommonScripts/Scripts/StringToArray/README.md new file mode 100644 index 000000000000..f77fd0c0919c --- /dev/null +++ b/Packs/CommonScripts/Scripts/StringToArray/README.md @@ -0,0 +1,24 @@ +Converts string to array. +For example: `http://example.com/?score:1,4,time:55` will be transformed to `["http://example.com/?score:1,4,time:55"]`. + +## Script Data +--- + +| **Name** | **Description** | +| --- | --- | +| Script Type | python3 | +| Tags | transformer | +| Cortex XSOAR Version | 6.0.0 | + +## Inputs +--- + +| **Argument Name** | **Description** | +| --- | --- | +| value | The URL to transform. | + +## Script Example +```!StringToArray value="http://example.com/?score:1,4,time:55"``` + +## Human Readable Output +```["http://example.com/?score:1,4,time:55"]``` diff --git a/Packs/CommonScripts/Scripts/StringToArray/StringToArray.py b/Packs/CommonScripts/Scripts/StringToArray/StringToArray.py new file mode 100644 index 000000000000..b89b059a72de --- /dev/null +++ b/Packs/CommonScripts/Scripts/StringToArray/StringToArray.py @@ -0,0 +1,16 @@ + +from CommonServerPython import * # noqa +import demistomock as demisto + + +def main(args): + value = args.get('value') + json_value = [value] + return json.dumps(json_value) + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + try: + return_results(main(demisto.args())) + except Exception as exc: + return_error(str(exc), error=exc) diff --git a/Packs/CommonScripts/Scripts/StringToArray/StringToArray.yml b/Packs/CommonScripts/Scripts/StringToArray/StringToArray.yml new file mode 100644 index 000000000000..a92423e2ed5e --- /dev/null +++ b/Packs/CommonScripts/Scripts/StringToArray/StringToArray.yml @@ -0,0 +1,25 @@ +args: +- default: false + description: The URL to transform. + isArray: false + name: value + required: true + secret: false +comment: "Converts string to array. \nFor example: `http://example.com/?score:1,4,time:55`\ + \ will be transformed to `[\"http://example.com/?score:1,4,time:55\"]`." +commonfields: + id: StringToArray + version: -1 +enabled: false +name: StringToArray +script: '-' +subtype: python3 +system: false +tags: +- transformer +timeout: '0' +type: python +dockerimage: demisto/python3:3.9.6.22912 +fromversion: 6.0.0 +tests: +- StringToArray_test diff --git a/Packs/CommonScripts/Scripts/StringToArray/StringToArray_test.py b/Packs/CommonScripts/Scripts/StringToArray/StringToArray_test.py new file mode 100644 index 000000000000..eecfd42d8351 --- /dev/null +++ b/Packs/CommonScripts/Scripts/StringToArray/StringToArray_test.py @@ -0,0 +1,14 @@ +from StringToArray import * + + +def test_string_to_array(): + """Unit test + Given + - url to tranform. + When + - call StringToArray transformer. + Then + - validate The transformed url. + """ + res = main({'value': "http://example.com/?score:1,4,time:55"}) + assert res == '["http://example.com/?score:1,4,time:55"]' diff --git a/Packs/CommonScripts/TestPlaybooks/playbook-StringToArray_test.yml b/Packs/CommonScripts/TestPlaybooks/playbook-StringToArray_test.yml new file mode 100644 index 000000000000..0f0c5d3cbe9e --- /dev/null +++ b/Packs/CommonScripts/TestPlaybooks/playbook-StringToArray_test.yml @@ -0,0 +1,180 @@ +id: StringToArray_test +version: -1 +name: StringToArray_test +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 16acea27-05e7-46a5-88a3-58b32b0b2212 + type: start + task: + id: 16acea27-05e7-46a5-88a3-58b32b0b2212 + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "1" + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "1": + id: "1" + taskid: bf0e1745-a4dc-4fe3-8121-279955df1e5f + type: regular + task: + id: bf0e1745-a4dc-4fe3-8121-279955df1e5f + version: -1 + name: Delete Context + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "3" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 190 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "3": + id: "3" + taskid: 2415c2b1-2cb0-44ed-85c9-56ed15f6f7b8 + type: regular + task: + id: 2415c2b1-2cb0-44ed-85c9-56ed15f6f7b8 + version: -1 + name: Set Context + description: Set a value in context under the key you entered. + scriptName: Set + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "4" + scriptarguments: + key: + simple: StringToArray + value: + simple: http://example.com/?score:1,4,time:55 + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 390 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "4": + id: "4" + taskid: 00c9659a-06de-4b8a-8b0b-73044b97cb5f + type: condition + task: + id: 00c9659a-06de-4b8a-8b0b-73044b97cb5f + version: -1 + name: Validate Output + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "5" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: containsGeneral + left: + value: + complex: + root: StringToArray + transformers: + - operator: StringToArray + iscontext: true + right: + value: + simple: '"http://example.com/?score:1,4,time:55"' + view: |- + { + "position": { + "x": 450, + "y": 560 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "5": + id: "5" + taskid: da6c17bd-f14b-4136-8c1a-c4f37f38cbf5 + type: title + task: + id: da6c17bd-f14b-4136-8c1a-c4f37f38cbf5 + version: -1 + name: Done + type: title + iscommand: false + brand: "" + description: '' + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 730 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 745, + "width": 380, + "x": 450, + "y": 50 + } + } + } +inputs: [] +outputs: [] +fromversion: 6.0.0 +description: '' diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index 4829b026f9ac..a8857051ea7b 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.4.26", + "currentVersion": "1.4.27", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 6d09cda169495c10fc70b58150c3889c896b9f6e Mon Sep 17 00:00:00 2001 From: tkatzir Date: Thu, 26 Aug 2021 16:33:24 +0300 Subject: [PATCH 045/173] upload_code_coverage_report.py, initial add (#14302) * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> * fix syntax * fix script * fixup! fix script * upload_code_coverage_report.py, initial add * Formatted file * upload code coverage report in nightly * Update .gitlab/ci/global.yml Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> * fix syntax * fix script * fixup! fix script * fixup! fixup! fix script * fix * final fix * improve * fixup! improve * Undelete line * Rearrange erinstated lines * Unit test * Test files * Format file * Pythonify * Format * Update Utils/upload_code_coverage_report.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * Use Tuple instead of Dict * Format file Co-authored-by: eli sharf <57587340+esharf@users.noreply.github.com> Co-authored-by: esharf Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> --- .gitlab/ci/global.yml | 5 +- TestData/coverage-min.json | 8 + TestData/coverage.json | 53 ++++++ .../tests/upload_code_coverage_report_test.py | 26 +++ Utils/upload_code_coverage_report.py | 158 ++++++++++++++++++ 5 files changed, 249 insertions(+), 1 deletion(-) create mode 100644 TestData/coverage-min.json create mode 100644 TestData/coverage.json create mode 100644 Utils/tests/upload_code_coverage_report_test.py create mode 100644 Utils/upload_code_coverage_report.py diff --git a/.gitlab/ci/global.yml b/.gitlab/ci/global.yml index d1dc36d6a375..bc6834d88157 100644 --- a/.gitlab/ci/global.yml +++ b/.gitlab/ci/global.yml @@ -172,6 +172,9 @@ if [ -n "$SHOULD_LINT_ALL" ]; then echo -e "----------\nLinting all because:\n${SHOULD_LINT_ALL}\n----------" demisto-sdk lint -p 8 -a -q --test-xml ./unit-tests --log-path $ARTIFACTS_FOLDER --failure-report $ARTIFACTS_FOLDER --coverage-report $ARTIFACTS_FOLDER/coverage_report + if [ -n "${DEMISTO_SDK_NIGHTLY}" ]; then + python3 Utils/upload_code_coverage_report.py --service_account $GCS_MARKET_KEY --source_file_name $ARTIFACTS_FOLDER/coverage_report/coverage.json --minimal_file_name $ARTIFACTS_FOLDER/coverage_report/coverage_data.json -cov $ARTIFACTS_FOLDER/coverage_report/.coverage + fi else demisto-sdk lint -p 8 -g -v --test-xml ./unit-tests --log-path $ARTIFACTS_FOLDER --failure-report $ARTIFACTS_FOLDER --coverage-report $ARTIFACTS_FOLDER/coverage_report fi @@ -274,4 +277,4 @@ - unzip $INDEX_PATH -d $UNZIP_PATH > $ARTIFACTS_FOLDER/logs/unzip_index.log - python3 Tests/Marketplace/validate_landing_page_sections.py -i $UNZIP_PATH - - section_end "Validate landingPageSections.json" + - section_end "Validate landingPageSections.json" \ No newline at end of file diff --git a/TestData/coverage-min.json b/TestData/coverage-min.json new file mode 100644 index 000000000000..7c14a9883bf8 --- /dev/null +++ b/TestData/coverage-min.json @@ -0,0 +1,8 @@ +{ + "files": { + "Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.py": 84.34, + "Packs/Akamai_SIEM/Integrations/Akamai_SIEM/Akamai_SIEM.py": 73.4 + }, + "last_updated": "2021-08-10T09:19:43Z", + "total_coverage": 59.31080185553346 +} \ No newline at end of file diff --git a/TestData/coverage.json b/TestData/coverage.json new file mode 100644 index 000000000000..9edc756b893e --- /dev/null +++ b/TestData/coverage.json @@ -0,0 +1,53 @@ +{ + "meta": { + "version": "5.5", + "timestamp": "2021-08-10T11:37:35.476947", + "branch_coverage": false, + "show_contexts": false + }, + "files": { + "Packs/MyPack1/Integrations/MyIntegration/integration.py": { + "executed_lines": [ + 1, + 330 + ], + "summary": { + "covered_lines": 113, + "num_statements": 150, + "percent_covered": 75.3333, + "missing_lines": 37, + "excluded_lines": 0 + }, + "missing_lines": [ + 47, + 331 + ], + "excluded_lines": [] + }, + "Packs/MyPack2/Integrations/MyIntegration/integration.py": { + "executed_lines": [ + 1, + 392 + ], + "summary": { + "covered_lines": 69, + "num_statements": 94, + "percent_covered": 73.40425, + "missing_lines": 25, + "excluded_lines": 0 + }, + "missing_lines": [ + 113, + 393 + ], + "excluded_lines": [] + } + }, + "totals": { + "covered_lines": 895, + "num_statements": 1509, + "percent_covered": 59.310801855, + "missing_lines": 614, + "excluded_lines": 0 + } +} \ No newline at end of file diff --git a/Utils/tests/upload_code_coverage_report_test.py b/Utils/tests/upload_code_coverage_report_test.py new file mode 100644 index 000000000000..16a5fb936fdc --- /dev/null +++ b/Utils/tests/upload_code_coverage_report_test.py @@ -0,0 +1,26 @@ +from ruamel import yaml +import os +from Utils.upload_code_coverage_report import create_minimal_report + + +def test_create_minimal_report(tmpdir): + source_file = "./TestData/coverage.json" + destination_file = tmpdir.join("coverage_generated.json") + + try: + success, last_updated = create_minimal_report(source_file=source_file, destination_file=destination_file) + assert success + assert '2021-08-10T11:37:35Z' == last_updated + + destination_file_contents = yaml.safe_load(open(destination_file)) + + files = destination_file_contents.get('files') + assert 2 == len(files) + assert 75.33 == files.get('Packs/MyPack1/Integrations/MyIntegration/integration.py') + assert 73.4 == files.get('Packs/MyPack2/Integrations/MyIntegration/integration.py') + assert 59.310801855 == destination_file_contents.get('total_coverage') + assert '2021-08-10T11:37:35Z' == destination_file_contents.get('last_updated') + + finally: + if os.path.isfile(destination_file): + os.remove(destination_file) diff --git a/Utils/upload_code_coverage_report.py b/Utils/upload_code_coverage_report.py new file mode 100644 index 000000000000..808ffb4a7449 --- /dev/null +++ b/Utils/upload_code_coverage_report.py @@ -0,0 +1,158 @@ + +import argparse +from datetime import datetime +import json +import os +from typing import Dict, Tuple + +from Tests.Marketplace.marketplace_services import init_storage_client + + +DATE_FORMAT = '%Y-%m-%d' +TIMESTAMP_FORMAT_SECONDS = '%Y-%m-%dT%H:%M:%SZ' +TIMESTAMP_FORMAT_MICROSECONDS = '%Y-%m-%dT%H:%M:%S.%f' + + +def create_minimal_report(source_file: str, destination_file: str) -> Tuple[bool, str]: + if not os.path.isfile(source_file): + print(f'File {source_file} does not exist.') + return False, {} + + with open(source_file, 'r') as cov_util_output: + data = json.load(cov_util_output) + + # Check that we were able to read the json report correctly + if not data or 'files' not in data: + print(f'Empty file, or unable to read contents of {source_file}.') + return False, {} + + minimal_coverage_contents_files: Dict[str, float] = {} + files = data['files'] + for current_file_name, current_file_data in files.items(): + minimal_coverage_contents_files[current_file_name] = round(current_file_data['summary']['percent_covered'], 2) + + timestamp_from_file = data['meta']['timestamp'] + datetime_from_timestamp: datetime = datetime.strptime(timestamp_from_file, TIMESTAMP_FORMAT_MICROSECONDS) + str_from_datetime: str = datetime.strftime(datetime_from_timestamp, TIMESTAMP_FORMAT_SECONDS) + + minimal_coverage_contents = { + 'files': minimal_coverage_contents_files, + 'last_updated': str_from_datetime, + 'total_coverage': data['totals']['percent_covered'] + } + with open(destination_file, 'w') as minimal_output: + minimal_output.write(json.dumps(minimal_coverage_contents)) + + return True, str_from_datetime + + +def upload_file_to_google_cloud_storage(service_account: str, + bucket_name: str, + minimal_file_name: str, + destination_blob_dir: str, + last_updated: str, + ): + """Uploads a file to the bucket.""" + json_dest = f'{destination_blob_dir}/coverage-min.json' + updated = datetime.strptime(last_updated, TIMESTAMP_FORMAT_SECONDS) + updated_date = updated.strftime(DATE_FORMAT) + historic_data_dest = f'{destination_blob_dir}/history/coverage-min/{updated_date}.json' + + upload_list = [json_dest, historic_data_dest] + # google cloud storage client initialized + storage_client = init_storage_client(service_account) + bucket = storage_client.bucket(bucket_name) + + for file_to_upload in upload_list: + upload_file_to_bucket(bucket, file_to_upload, minimal_file_name) + + print( + "File {} uploaded to {}.".format( + minimal_file_name, ', '.join(upload_list) + ) + ) + + +def upload_file_to_bucket(bucket_obj, path_in_bucket, local_path): + blob = bucket_obj.blob(path_in_bucket) + blob.upload_from_filename(local_path) + + +def options_handler(): + """Validates and parses script arguments. + + Returns: + Namespace: Parsed arguments object. + + """ + parser = argparse.ArgumentParser(description="Store packs in cloud storage.") + # disable-secrets-detection-start + parser.add_argument('-s', '--service_account', + help=("Path to gcloud service account, " + "For uploading the coverage report to Google Cloud Storage. " + "For local development use your personal account and " + "authenticate using Google Cloud SDK by running: " + "`gcloud auth application-default login` and leave this parameter blank. " + "For more information go to: " + "https://googleapis.dev/python/google-api-core/latest/auth.html"), + required=True) + + parser.add_argument('-b', '--bucket_name', + default="marketplace-dist-dev", + help=("Name of the bucket in Google Cloud Storage. " + "Default value is marketplace-dist-dev."), + required=False) + + parser.add_argument('-f', '--source_file_name', + default='coverage.json', + help=("Path to the Coverage report in json format. " + "Default value is coverage.json."), + required=False) + + parser.add_argument('-m', '--minimal_file_name', + default='coverage_data.json', + help=("Filename of a minimal coverage report. " + "It is a subset of the source_file_name. " + "Default value is coverage_data.json."), + required=False) + + parser.add_argument('-d', '--destination_blob_dir', + default='code-coverage', + help=("Blob Name in Google Cloud Storage. " + "Default value is code-coverage."), + required=False) + + parser.add_argument('-cov', '--cov_bin_dir', + default='code-coverage/coverage_data.json', + required=False) + + return parser.parse_args() + + +def coverage_json(cov_file, json_file): + # this method will be removed when merge to sdk + from coverage import Coverage + cov = Coverage(data_file=cov_file, auto_data=False) + cov.load() + cov.json_report(outfile=json_file) + + +def main(): + options = options_handler() + coverage_json(options.cov_bin_dir, options.source_file_name) + + success, last_updated = create_minimal_report(source_file=options.source_file_name, + destination_file=options.minimal_file_name, + ) + + if success: + upload_file_to_google_cloud_storage(service_account=options.service_account, + bucket_name=options.bucket_name, + minimal_file_name=options.minimal_file_name, + destination_blob_dir=options.destination_blob_dir, + last_updated=last_updated + ) + + +if __name__ == '__main__': + main() From 4504d650e4bc017afa2a3eeec2dfe49e12703baa Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Thu, 26 Aug 2021 17:23:49 +0300 Subject: [PATCH 046/173] [Marketplace Contribution] Palo Alto Networks Cortex XDR - Investigation and Response - Content Pack Update (#14550) * "contribution update to pack "Palo Alto Networks Cortex XDR - Investigation and Response"" (#14505) * fixed * fixed Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: abaumgarten --- .../Integrations/CortexXDRIR/CortexXDRIR.py | 15 +++++++-------- Packs/CortexXDR/ReleaseNotes/3_0_25.md | 4 ++++ Packs/CortexXDR/pack_metadata.json | 2 +- 3 files changed, 12 insertions(+), 9 deletions(-) create mode 100644 Packs/CortexXDR/ReleaseNotes/3_0_25.md diff --git a/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py b/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py index c09778b2e987..15f11dc345fd 100644 --- a/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py +++ b/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py @@ -8,9 +8,8 @@ from typing import Any, Dict, Tuple import dateparser -import urllib3 - import demistomock as demisto # noqa: F401 +import urllib3 from CommonServerPython import * # noqa: F401 # Disable insecure warnings @@ -1902,10 +1901,10 @@ def isolate_endpoint_command(client, args): None, None ) + if endpoint_status == 'UNINSTALLED': + raise ValueError(f'Error: Endpoint {endpoint_id}\'s Agent is uninstalled and therefore can not be isolated.') if endpoint_status == 'DISCONNECTED': - raise ValueError( - f'Error: Endpoint {endpoint_id} is disconnected and therefore can not be isolated.' - ) + raise ValueError(f'Error: Endpoint {endpoint_id} is disconnected and therefore can not be isolated.') if is_isolated == 'AGENT_PENDING_ISOLATION_CANCELLATION': raise ValueError( f'Error: Endpoint {endpoint_id} is pending isolation cancellation and therefore can not be isolated.' @@ -1943,10 +1942,10 @@ def unisolate_endpoint_command(client, args): None, None ) + if endpoint_status == 'UNINSTALLED': + raise ValueError(f'Error: Endpoint {endpoint_id}\'s Agent is uninstalled and therefore can not be un-isolated.') if endpoint_status == 'DISCONNECTED': - raise ValueError( - f'Error: Endpoint {endpoint_id} is disconnected and therefore can not be un-isolated.' - ) + raise ValueError(f'Error: Endpoint {endpoint_id} is disconnected and therefore can not be un-isolated.') if is_isolated == 'AGENT_PENDING_ISOLATION': raise ValueError( f'Error: Endpoint {endpoint_id} is pending isolation and therefore can not be un-isolated.' diff --git a/Packs/CortexXDR/ReleaseNotes/3_0_25.md b/Packs/CortexXDR/ReleaseNotes/3_0_25.md new file mode 100644 index 000000000000..2ee7a42f17e1 --- /dev/null +++ b/Packs/CortexXDR/ReleaseNotes/3_0_25.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Palo Alto Networks Cortex XDR - Investigation and Response +- Improved error handling for the **xdr-isolate-endpoint** and **xdr-unisolate-endpoint** commands when reaching an uninstalled endpoint. diff --git a/Packs/CortexXDR/pack_metadata.json b/Packs/CortexXDR/pack_metadata.json index b94553d2c773..982cbcc1b617 100644 --- a/Packs/CortexXDR/pack_metadata.json +++ b/Packs/CortexXDR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Palo Alto Networks Cortex XDR - Investigation and Response", "description": "Automates Cortex XDR incident response, and includes custom Cortex XDR incident views and layouts to aid analyst investigations.", "support": "xsoar", - "currentVersion": "3.0.24", + "currentVersion": "3.0.25", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From eb343b44552fad946a8d2f8502209365ddca6f6b Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Thu, 26 Aug 2021 17:54:10 +0300 Subject: [PATCH 047/173] AlienVault USM - handle alarms with timestamp_occured (#14542) * add test for alarm with timestamp_occured * use timestamp_occured as incident occurred time * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> --- .../AlienVault_USM_Anywhere.py | 7 ++- .../AlienVault_USM_Anywhere_test.py | 55 +++++++++++++++---- .../ReleaseNotes/1_0_7.md | 3 + .../pack_metadata.json | 2 +- 4 files changed, 53 insertions(+), 14 deletions(-) create mode 100644 Packs/AlienVault_USM_Anywhere/ReleaseNotes/1_0_7.md diff --git a/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py b/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py index fe912dc80238..f1fdb82c8be1 100644 --- a/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py +++ b/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.py @@ -276,10 +276,15 @@ def dict_value_to_int(target_dict: Dict, key: str): def item_to_incident(item): + if not (occurred := item.get('timestamp_occured_iso8601')): + occurred = convert_timestamp_to_iso86( + item.get('timestamp_occured', ''), + item.get("time_offset", 'Z') + ) incident = { 'Type': 'AlienVault USM', 'name': 'Alarm: ' + item.get('uuid'), - 'occurred': item.get('timestamp_occured_iso8601'), + 'occurred': occurred, 'rawJSON': json.dumps(item), } diff --git a/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere_test.py b/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere_test.py index c1ba681377f7..1d995e66df72 100644 --- a/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere_test.py +++ b/Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere_test.py @@ -26,18 +26,9 @@ def approximate_compare(time1, time2): return timedelta(seconds=-30) <= time1 - time2 <= timedelta(seconds=3) -def test_fetch_incidents(mocker, requests_mock): - mocker.patch.object(demisto, 'params', return_value={ - 'fetch_limit': '1', - 'url': 'https://vigilant.alienvault.cloud/' - }) - mocker.patch.object(demisto, 'getLastRun', return_value={'timestamp': '1547567249000'}) - mocker.patch.object(demisto, 'setLastRun') - mocker.patch.object(demisto, 'incidents') - from AlienVault_USM_Anywhere import fetch_incidents - requests_mock.get( - server_url, - json={ +@pytest.mark.parametrize('alarm, expected_incident', [ + ( + { '_embedded': { 'alarms': [ { @@ -49,9 +40,49 @@ def test_fetch_incidents(mocker, requests_mock): 'page': { 'totalElements': 1861 } + }, + { + 'name': 'Alarm: 4444444444', + 'occurred': '2019-07-12T06:00:38.000Z', } + ), + ( + { + '_embedded': { + 'alarms': [ + { + 'uuid': '75d464ef-2834-k73a-5af0-7967369de3a1', + 'timestamp_occured': '1629187949000', + } + ] + }, + 'page': { + 'totalElements': 1861 + } + }, + { + 'name': 'Alarm: 75d464ef-2834-k73a-5af0-7967369de3a1', + 'occurred': '2021-08-17T08:12:29.000Z', + } + ) +]) +def test_fetch_incidents(mocker, requests_mock, alarm, expected_incident): + mocker.patch.object(demisto, 'params', return_value={ + 'fetch_limit': '1', + 'url': 'https://vigilant.alienvault.cloud/' + }) + mocker.patch.object(demisto, 'getLastRun', return_value={'timestamp': '1547567249000'}) + mocker.patch.object(demisto, 'setLastRun') + mocker.patch.object(demisto, 'incidents') + from AlienVault_USM_Anywhere import fetch_incidents + requests_mock.get( + server_url, + json=alarm, ) fetch_incidents() + incident = demisto.incidents.call_args[0][0][0] + assert incident['name'] == expected_incident['name'] + assert incident['occurred'] == expected_incident['occurred'] def test_get_time_range(): diff --git a/Packs/AlienVault_USM_Anywhere/ReleaseNotes/1_0_7.md b/Packs/AlienVault_USM_Anywhere/ReleaseNotes/1_0_7.md new file mode 100644 index 000000000000..a89ff878a530 --- /dev/null +++ b/Packs/AlienVault_USM_Anywhere/ReleaseNotes/1_0_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### AlienVault USM Anywhere +- Fixed an issue where the integration failed to parse the alarm occurred time. diff --git a/Packs/AlienVault_USM_Anywhere/pack_metadata.json b/Packs/AlienVault_USM_Anywhere/pack_metadata.json index 9d15b209a9a9..debbf6acce2e 100644 --- a/Packs/AlienVault_USM_Anywhere/pack_metadata.json +++ b/Packs/AlienVault_USM_Anywhere/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AlienVault USM Anywhere", "description": "Searches for and monitors alarms and events from AlienVault USM Anywhere.", "support": "xsoar", - "currentVersion": "1.0.6", + "currentVersion": "1.0.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From dd4e940114b4a46c5d2ca3ee3b6c10616a3aaa0e Mon Sep 17 00:00:00 2001 From: tomer-pan <81556849+tomer-pan@users.noreply.github.com> Date: Thu, 26 Aug 2021 18:14:23 +0300 Subject: [PATCH 048/173] Microsoft Graph Mail incoming mapper (#14468) * new mapper + release notes * Adding more fields --- ...lassifier-Microsoft_Graph_Mail_Mapper.json | 309 ++++++++++++++++++ .../MicrosoftGraphMail/ReleaseNotes/1_0_23.md | 4 + Packs/MicrosoftGraphMail/pack_metadata.json | 2 +- 3 files changed, 314 insertions(+), 1 deletion(-) create mode 100644 Packs/MicrosoftGraphMail/Classifiers/classifier-Microsoft_Graph_Mail_Mapper.json create mode 100644 Packs/MicrosoftGraphMail/ReleaseNotes/1_0_23.md diff --git a/Packs/MicrosoftGraphMail/Classifiers/classifier-Microsoft_Graph_Mail_Mapper.json b/Packs/MicrosoftGraphMail/Classifiers/classifier-Microsoft_Graph_Mail_Mapper.json new file mode 100644 index 000000000000..7b22dfcc95d6 --- /dev/null +++ b/Packs/MicrosoftGraphMail/Classifiers/classifier-Microsoft_Graph_Mail_Mapper.json @@ -0,0 +1,309 @@ +{ + "description": "Maps incoming Microsoft Graph Mail phishing email message fields.", + "feed": false, + "id": "Microsoft Graph Mail Mapper", + "mapping": { + "Phishing": { + "dontMapEventToLabels": false, + "internalMapping": { + "Attachment Count": { + "complex": { + "accessor": "", + "filters": [], + "root": "Attachments", + "transformers": [ + { + "args": {}, + "operator": "count" + } + ] + }, + "simple": "" + }, + "Attachment Extension": { + "complex": { + "accessor": "name", + "filters": [], + "root": "Attachments", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + }, + { + "args": { + "from": { + "isContext": false, + "value": { + "complex": null, + "simple": "." + } + } + }, + "operator": "substringFrom" + } + ] + }, + "simple": "" + }, + "Attachment Name": { + "complex": { + "accessor": "name", + "filters": [], + "root": "Attachments", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Email Body Format": { + "complex": null, + "simple": "BodyType" + }, + "Email CC": { + "complex": { + "accessor": "", + "filters": [], + "root": "Cc", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Email From": { + "complex": null, + "simple": "From" + }, + "Email HTML": { + "complex": null, + "simple": "Body" + }, + "Email Headers": { + "complex": null, + "simple": "Headers" + }, + "Email Message ID": { + "complex": { + "accessor": "value", + "filters": [ + [ + { + "ignoreCase": false, + "left": { + "isContext": true, + "value": { + "complex": null, + "simple": "Headers.name" + } + }, + "operator": "isEqualString", + "right": { + "isContext": false, + "value": { + "complex": null, + "simple": "Message-ID" + } + } + } + ] + ], + "root": "Headers", + "transformers": [] + }, + "simple": "" + }, + "Email Received": { + "complex": null, + "simple": "received_representing.email_address" + }, + "Email Reply To": { + "complex": { + "accessor": "value", + "filters": [ + [ + { + "ignoreCase": false, + "left": { + "isContext": true, + "value": { + "complex": null, + "simple": "Headers.name" + } + }, + "operator": "isEqualString", + "right": { + "isContext": false, + "value": { + "complex": null, + "simple": "Return-Path" + } + } + } + ] + ], + "root": "Headers", + "transformers": [] + }, + "simple": "" + }, + "Email Return Path": { + "complex": { + "accessor": "value", + "filters": [ + [ + { + "ignoreCase": false, + "left": { + "isContext": true, + "value": { + "complex": null, + "simple": "Headers.name" + } + }, + "operator": "isEqualString", + "right": { + "isContext": false, + "value": { + "complex": null, + "simple": "Return-Path" + } + } + } + ] + ], + "root": "Headers", + "transformers": [] + }, + "simple": "" + }, + "Email Sender IP": { + "complex": { + "accessor": "value", + "filters": [ + [ + { + "ignoreCase": false, + "left": { + "isContext": true, + "value": { + "complex": null, + "simple": "headers.name" + } + }, + "operator": "isEqualString", + "right": { + "isContext": false, + "value": { + "complex": null, + "simple": "X-Originating-IP" + } + } + } + ] + ], + "root": "headers", + "transformers": [ + { + "args": { + "chars": { + "isContext": false, + "value": { + "complex": null, + "simple": "[]" + } + } + }, + "operator": "StripChars" + } + ] + }, + "simple": "" + }, + "Email Size": { + "complex": null, + "simple": "size" + }, + "Email Subject": { + "complex": null, + "simple": "Subject" + }, + "Email To": { + "complex": { + "accessor": "", + "filters": [], + "root": "To", + "transformers": [ + { + "args": { + "separator": { + "isContext": false, + "value": { + "complex": null, + "simple": "," + } + } + }, + "operator": "join" + } + ] + }, + "simple": "" + }, + "Email To Count": { + "complex": { + "accessor": "", + "filters": [], + "root": "To", + "transformers": [ + { + "args": {}, + "operator": "count" + } + ] + }, + "simple": "" + } + } + }, + "dbot_classification_incident_type_all": { + "dontMapEventToLabels": false, + "internalMapping": {} + } + }, + "name": "Microsoft Graph Mail Mapper", + "type": "mapping-incoming", + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/MicrosoftGraphMail/ReleaseNotes/1_0_23.md b/Packs/MicrosoftGraphMail/ReleaseNotes/1_0_23.md new file mode 100644 index 000000000000..eec6c7b94275 --- /dev/null +++ b/Packs/MicrosoftGraphMail/ReleaseNotes/1_0_23.md @@ -0,0 +1,4 @@ + +#### Mappers +##### New: Microsoft Graph Mail Mapper +- Incoming mapper for phishing emails. diff --git a/Packs/MicrosoftGraphMail/pack_metadata.json b/Packs/MicrosoftGraphMail/pack_metadata.json index 15f84bc60734..0a7a3e67547b 100644 --- a/Packs/MicrosoftGraphMail/pack_metadata.json +++ b/Packs/MicrosoftGraphMail/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Graph Mail", "description": "Microsoft Graph lets your app get authorized access to a user's Outlook mail data in a personal or organization account.", "support": "xsoar", - "currentVersion": "1.0.22", + "currentVersion": "1.0.23", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 134d96ea5e5bb9e8477abb47c8ac9b1280c2564f Mon Sep 17 00:00:00 2001 From: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Date: Thu, 26 Aug 2021 20:34:33 +0300 Subject: [PATCH 049/173] removed the use-cases from all ansible packs (#14555) --- Packs/AnsibleAlibabaCloud/pack_metadata.json | 4 ++-- Packs/AnsibleAzure/pack_metadata.json | 4 ++-- Packs/AnsibleCiscoIOS/pack_metadata.json | 4 ++-- Packs/AnsibleCiscoNXOS/pack_metadata.json | 4 ++-- Packs/AnsibleHetznerCloud/pack_metadata.json | 4 ++-- Packs/AnsibleKubernetes/pack_metadata.json | 4 ++-- Packs/AnsibleLinux/pack_metadata.json | 4 ++-- Packs/AnsibleMicrosoftWindows/pack_metadata.json | 7 ++----- .../AnsibleTower/command_examples.txt} | 0 Packs/AnsibleTower/pack_metadata.json | 2 +- Packs/AnsibleVMware/pack_metadata.json | 4 ++-- 11 files changed, 19 insertions(+), 22 deletions(-) rename Packs/AnsibleTower/{example => Integrations/AnsibleTower/command_examples.txt} (100%) diff --git a/Packs/AnsibleAlibabaCloud/pack_metadata.json b/Packs/AnsibleAlibabaCloud/pack_metadata.json index 1b7d1cf8ad49..d5b8b9954758 100644 --- a/Packs/AnsibleAlibabaCloud/pack_metadata.json +++ b/Packs/AnsibleAlibabaCloud/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT"], - "useCases": ["IT Services", "Asset Management"], - "keywords": ["Aliyun", "Alicloud"] + "useCases": [], + "keywords": ["Aliyun", "Alicloud", "Asset Management"] } \ No newline at end of file diff --git a/Packs/AnsibleAzure/pack_metadata.json b/Packs/AnsibleAzure/pack_metadata.json index 31ce19797b6c..7e63829aada9 100644 --- a/Packs/AnsibleAzure/pack_metadata.json +++ b/Packs/AnsibleAzure/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT"], - "useCases": ["IT Services", "Asset Management"], - "keywords": [] + "useCases": [], + "keywords": ["Asset Management"] } \ No newline at end of file diff --git a/Packs/AnsibleCiscoIOS/pack_metadata.json b/Packs/AnsibleCiscoIOS/pack_metadata.json index 9041e95a5900..7cc54e4225ae 100644 --- a/Packs/AnsibleCiscoIOS/pack_metadata.json +++ b/Packs/AnsibleCiscoIOS/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT", "Network"], - "useCases": ["IT Services", "Asset Management", "Network Security"], - "keywords": [] + "useCases": [], + "keywords": ["Asset Management", "Network Security"] } \ No newline at end of file diff --git a/Packs/AnsibleCiscoNXOS/pack_metadata.json b/Packs/AnsibleCiscoNXOS/pack_metadata.json index 791edf7deb4c..d645e01063aa 100644 --- a/Packs/AnsibleCiscoNXOS/pack_metadata.json +++ b/Packs/AnsibleCiscoNXOS/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT", "Network"], - "useCases": ["IT Services", "Asset Management", "Network Security"], - "keywords": [] + "useCases": [], + "keywords": ["Asset Management", "Network Security"] } \ No newline at end of file diff --git a/Packs/AnsibleHetznerCloud/pack_metadata.json b/Packs/AnsibleHetznerCloud/pack_metadata.json index 10a115fe96c6..15ae604a0bf4 100644 --- a/Packs/AnsibleHetznerCloud/pack_metadata.json +++ b/Packs/AnsibleHetznerCloud/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT"], - "useCases": ["IT Services", "Asset Management"], - "keywords": ["HCloud"] + "useCases": [], + "keywords": ["HCloud", "Asset Management"] } \ No newline at end of file diff --git a/Packs/AnsibleKubernetes/pack_metadata.json b/Packs/AnsibleKubernetes/pack_metadata.json index 5fbc3887a9f1..dd75e1947af4 100644 --- a/Packs/AnsibleKubernetes/pack_metadata.json +++ b/Packs/AnsibleKubernetes/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT"], - "useCases": ["IT Services", "Asset Management"], - "keywords": [] + "useCases": [], + "keywords": ["Asset Management"] } \ No newline at end of file diff --git a/Packs/AnsibleLinux/pack_metadata.json b/Packs/AnsibleLinux/pack_metadata.json index 76989328053e..17120717c070 100644 --- a/Packs/AnsibleLinux/pack_metadata.json +++ b/Packs/AnsibleLinux/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT"], - "useCases": ["IT Services", "Asset Management"], - "keywords": ["Ubuntu", "Debian", "CentOS", "Red Hat", "FreeBSD"] + "useCases": [], + "keywords": ["Ubuntu", "Debian", "CentOS", "Red Hat", "FreeBSD", "Asset Management"] } \ No newline at end of file diff --git a/Packs/AnsibleMicrosoftWindows/pack_metadata.json b/Packs/AnsibleMicrosoftWindows/pack_metadata.json index 072d9d7052ff..cd7bec86f2d1 100644 --- a/Packs/AnsibleMicrosoftWindows/pack_metadata.json +++ b/Packs/AnsibleMicrosoftWindows/pack_metadata.json @@ -12,9 +12,6 @@ "tags": [ "IT" ], - "useCases": [ - "IT Services", - "Asset Management" - ], - "keywords": [] + "useCases": [], + "keywords": ["Asset Management"] } diff --git a/Packs/AnsibleTower/example b/Packs/AnsibleTower/Integrations/AnsibleTower/command_examples.txt similarity index 100% rename from Packs/AnsibleTower/example rename to Packs/AnsibleTower/Integrations/AnsibleTower/command_examples.txt diff --git a/Packs/AnsibleTower/pack_metadata.json b/Packs/AnsibleTower/pack_metadata.json index dc07b0e06509..8854bdf8f8c9 100644 --- a/Packs/AnsibleTower/pack_metadata.json +++ b/Packs/AnsibleTower/pack_metadata.json @@ -12,5 +12,5 @@ ], "tags": ["IT"], "useCases": [], - "keywords": [] + "keywords": ["Asset Management"] } \ No newline at end of file diff --git a/Packs/AnsibleVMware/pack_metadata.json b/Packs/AnsibleVMware/pack_metadata.json index 430ceb1fb28e..f94e17da87ac 100644 --- a/Packs/AnsibleVMware/pack_metadata.json +++ b/Packs/AnsibleVMware/pack_metadata.json @@ -10,6 +10,6 @@ "IT Services" ], "tags": ["IT"], - "useCases": ["IT Services", "Asset Management"], - "keywords": ["vSphere", "ESXi"] + "useCases": [], + "keywords": ["vSphere", "ESXi", "Asset Management"] } \ No newline at end of file From cad28472785ba6eba2b668b300e4d3dec1f9607a Mon Sep 17 00:00:00 2001 From: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Date: Thu, 26 Aug 2021 23:17:41 -0700 Subject: [PATCH 050/173] change channels:write to channels:manage scope SlackV3 (#14556) --- Packs/Slack/doc_files/SlackV3_app_manifest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/Slack/doc_files/SlackV3_app_manifest.yml b/Packs/Slack/doc_files/SlackV3_app_manifest.yml index 995ea87a7ea3..00571b653269 100644 --- a/Packs/Slack/doc_files/SlackV3_app_manifest.yml +++ b/Packs/Slack/doc_files/SlackV3_app_manifest.yml @@ -23,7 +23,7 @@ oauth_config: bot: - channels:history - channels:read - - channels:write + - channels:manage - chat:write - files:write - groups:history From 1027c312ee87ba84d57c6e2f988935fc23be904c Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Fri, 27 Aug 2021 13:00:07 +0300 Subject: [PATCH 051/173] Cisco Umbrella Investigate - handle empty emails list returned in the domain command (#14541) * add google.com to domain cmd test * add support for multiple domains * pass emails list instead of dict to tbtomd * adjust test playbook * build output per domain * ignore type hint * set isArray to true and add note about multiple domains to rn --- .../Cisco-umbrella-investigate.py | 203 +++++---- .../Cisco-umbrella-investigate.yml | 4 +- Packs/Cisco-umbrella/ReleaseNotes/1_0_6.md | 6 + .../playbook-Cisco-Umbrella-Python-Test.yml | 407 +++++++++++------- Packs/Cisco-umbrella/pack_metadata.json | 2 +- 5 files changed, 363 insertions(+), 259 deletions(-) create mode 100644 Packs/Cisco-umbrella/ReleaseNotes/1_0_6.md diff --git a/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.py b/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.py index 6e6e8217e744..6278b2ea682a 100644 --- a/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.py +++ b/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.py @@ -741,119 +741,118 @@ def get_ip_malicious_domains(ip): def get_domain_command(): - # Initialize - contents = [] - context = {} - headers = [] # type: ignore results = [] + domains_list = argToList(demisto.args()['domain']) + for domain in domains_list: + contents = [] + context = {} + headers = [] # type: ignore + domain = extract_domain_name(domain) + whois = get_whois_for_domain(domain) + admin = { + 'Country': whois.get('administrativeContactCountry'), + 'Email': whois.get('administrativeContactEmail'), + 'Name': whois.get('administrativeContactName'), + 'Phone': whois.get('administrativeContactTelephone') + } + registrant = { + 'Country': whois.get('registrantCountry'), + 'Email': whois.get('registrantEmail'), + 'Name': whois.get('registrantName'), + 'Phone': whois.get('registrantTelephone') + } + first_queried = whois.get('created') + name_servers = whois.get('nameServers') + emails = whois.get('emails') + registrar = {'Name': whois.get('registrarName')} + creation_date = first_queried + domain_status = whois.get('status') + updated_date = whois.get('updated') + expiration_date = whois.get('expires') - domain = extract_domain_name(demisto.args()['domain']) + whois = { + 'Name': whois.get('domainName'), + 'Registrar Name': whois.get('registrarName'), + 'Last Retrieved': timestamp_to_date(whois.get('timeOfLatestRealtimeCheck')), + 'Created': whois.get('created'), + 'Updated': whois.get('updated'), + 'Expires': whois.get('expires'), + 'IANAID': whois.get('registrarIANAID'), + 'Last Observed': whois.get('auditUpdatedDate') + } - whois = get_whois_for_domain(domain) - admin = { - 'Country': whois.get('administrativeContactCountry'), - 'Email': whois.get('administrativeContactEmail'), - 'Name': whois.get('administrativeContactName'), - 'Phone': whois.get('administrativeContactTelephone') - } - registrant = { - 'Country': whois.get('registrantCountry'), - 'Email': whois.get('registrantEmail'), - 'Name': whois.get('registrantName'), - 'Phone': whois.get('registrantTelephone') - } - first_queried = whois.get('created') - name_servers = whois.get('nameServers') - emails = whois.get('emails') - registrar = {'Name': whois.get('registrarName')} - creation_date = first_queried - domain_status = whois.get('status') - updated_date = whois.get('updated') - expiration_date = whois.get('expires') - - whois = { - 'Name': whois.get('domainName'), - 'Registrar Name': whois.get('registrarName'), - 'Last Retrieved': timestamp_to_date(whois.get('timeOfLatestRealtimeCheck')), - 'Created': whois.get('created'), - 'Updated': whois.get('updated'), - 'Expires': whois.get('expires'), - 'IANAID': whois.get('registrarIANAID'), - 'Last Observed': whois.get('auditUpdatedDate') - } + domain_categorization = [] # type: ignore + domain_categorization = get_domain_categorization(domain) + content_categories = domain_categorization.get('content_categories') # type: ignore + malware_categories = domain_categorization.get('security_categories') # type: ignore + risk_score = domain_categorization.get('status') # type: ignore + domain_categorization_table = { + 'Content Categories': content_categories, + 'Malware Categories': malware_categories + } - domain_categorization = [] # type: ignore - domain_categorization = get_domain_categorization(domain) - content_categories = domain_categorization.get('content_categories') # type: ignore - malware_categories = domain_categorization.get('security_categories') # type: ignore - risk_score = domain_categorization.get('status') # type: ignore - domain_categorization_table = { - 'Content Categories': content_categories, - 'Malware Categories': malware_categories - } + domain_details = [] # type: ignore + domain_details = get_domain_details(domain) + popularity = domain_details.get('popularity') # type: ignore + secure_rank = domain_details.get('securerank2') # type: ignore + dbotscore = securerank_to_dbotscore(secure_rank) - domain_details = [] # type: ignore - domain_details = get_domain_details(domain) - popularity = domain_details.get('popularity') # type: ignore - secure_rank = domain_details.get('securerank2') # type: ignore - dbotscore = securerank_to_dbotscore(secure_rank) - - context[outputPaths['domain']] = { - 'Name': domain, - 'Admin': admin, - 'Registrant': registrant, - 'Registrar': registrar, - 'CreationDate': creation_date, - 'DomainStatus': domain_status, - 'UpdatedDate': updated_date, - 'ExpirationDate': expiration_date, - 'Umbrella': { - 'RiskScore': risk_score, - 'SecureRank': secure_rank, - 'FirstQueriedTime': first_queried, - 'ContentCategories': content_categories, - 'MalwareCategories': malware_categories + context[outputPaths['domain']] = { + 'Name': domain, + 'Admin': admin, + 'Registrant': registrant, + 'Registrar': registrar, + 'CreationDate': creation_date, + 'DomainStatus': domain_status, + 'UpdatedDate': updated_date, + 'ExpirationDate': expiration_date, + 'Umbrella': { + 'RiskScore': risk_score, + 'SecureRank': secure_rank, + 'FirstQueriedTime': first_queried, + 'ContentCategories': content_categories, + 'MalwareCategories': malware_categories + } } - } - # Add malicious if needed - if risk_score == -1 or secure_rank < MALICIOUS_THRESHOLD: - context[outputPaths['domain']]['Malicious'] = { + # Add malicious if needed + if risk_score == -1 or secure_rank < MALICIOUS_THRESHOLD: + context[outputPaths['domain']]['Malicious'] = { + 'Vendor': 'Cisco Umbrella Investigate', + 'Description': 'Malicious domain found with risk score -1' + } + dbotscore = 3 + + context[outputPaths['dbotscore']] = { + 'Indicator': domain, + 'Type': 'domain', 'Vendor': 'Cisco Umbrella Investigate', - 'Description': 'Malicious domain found with risk score -1' + 'Score': dbotscore, + 'Reliability': reliability } - dbotscore = 3 - - context[outputPaths['dbotscore']] = { - 'Indicator': domain, - 'Type': 'domain', - 'Vendor': 'Cisco Umbrella Investigate', - 'Score': dbotscore, - 'Reliability': reliability - } - contents.append({ - 'Risk Score': risk_score, - 'Secure Rank': secure_rank, - 'Populairty': popularity, - 'Demisto Reputation': scoreToReputation(dbotscore), - 'First Queried time': first_queried, - }) + contents.append({ + 'Risk Score': risk_score, + 'Secure Rank': secure_rank, + 'Populairty': popularity, + 'Demisto Reputation': scoreToReputation(dbotscore), + 'First Queried time': first_queried, + }) - # Domain reputation + [whois -> whois nameservers -> whois emails] + domain categorization - results.append({ - 'Type': entryTypes['note'], - 'ContentsFormat': formats['json'], - 'Contents': [contents, whois, name_servers, emails, domain_categorization_table], - 'ReadableContentsFormat': formats['markdown'], - 'HumanReadable': tableToMarkdown('"Umbrella Investigate" Domain Reputation for: ' + domain, contents, - headers) + tableToMarkdown( - '"Umbrella Investigate" WHOIS Record Data for: ' + domain, whois, headers) + tableToMarkdown( - 'Name Servers:', {'Name Servers': name_servers}, headers) + tableToMarkdown('Emails:', {'Emails': emails}, - headers) + tableToMarkdown( - 'Domain Categorization:', domain_categorization_table, headers), - 'EntryContext': context - }) + # Domain reputation + [whois -> whois nameservers -> whois emails] + domain categorization + results.append({ + 'Type': entryTypes['note'], + 'ContentsFormat': formats['json'], + 'Contents': [contents, whois, name_servers, emails, domain_categorization_table], + 'ReadableContentsFormat': formats['markdown'], + 'HumanReadable': + tableToMarkdown('"Umbrella Investigate" Domain Reputation for: ' + domain, contents, headers) + + tableToMarkdown('"Umbrella Investigate" WHOIS Record Data for: ' + domain, whois, headers) + + tableToMarkdown('Name Servers:', {'Name Servers': name_servers}, headers) + + tableToMarkdown('Emails:', emails, ['Emails']) + + tableToMarkdown('Domain Categorization:', domain_categorization_table, headers), + 'EntryContext': context + }) return results diff --git a/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.yml b/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.yml index 7e415b392e82..0287c8a2cc85 100644 --- a/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.yml +++ b/Packs/Cisco-umbrella/Integrations/Cisco-umbrella-investigate/Cisco-umbrella-investigate.yml @@ -47,7 +47,7 @@ script: - arguments: - default: true description: Enter the domain you would like to categorize (e.g. amazon.com) - isArray: false + isArray: true name: domain required: true secret: false @@ -1371,7 +1371,7 @@ script: script: '-' type: python subtype: python2 - dockerimage: demisto/python:2.7.18.20958 + dockerimage: demisto/python:2.7.18.22912 tests: - Cisco Umbrella Test fromversion: 5.0.0 diff --git a/Packs/Cisco-umbrella/ReleaseNotes/1_0_6.md b/Packs/Cisco-umbrella/ReleaseNotes/1_0_6.md new file mode 100644 index 000000000000..1200c4d16844 --- /dev/null +++ b/Packs/Cisco-umbrella/ReleaseNotes/1_0_6.md @@ -0,0 +1,6 @@ + +#### Integrations +##### Cisco Umbrella Investigate +- Fixed an issue where the ***domain*** command failed when parsing a domain without email results. +- Added support for CSV list of domains in the ***domain*** command. +- Updated the Docker image to: *demisto/python:2.7.18.22912*. diff --git a/Packs/Cisco-umbrella/TestPlaybooks/playbook-Cisco-Umbrella-Python-Test.yml b/Packs/Cisco-umbrella/TestPlaybooks/playbook-Cisco-Umbrella-Python-Test.yml index db23e7d4d8fa..b5fa3746c83e 100644 --- a/Packs/Cisco-umbrella/TestPlaybooks/playbook-Cisco-Umbrella-Python-Test.yml +++ b/Packs/Cisco-umbrella/TestPlaybooks/playbook-Cisco-Umbrella-Python-Test.yml @@ -5,10 +5,10 @@ starttaskid: "0" tasks: "0": id: "0" - taskid: 9062ef61-9bd8-47ba-88a9-4d64016c463b + taskid: b92bbb38-b67f-4789-8e10-07cef2591a95 type: start task: - id: 9062ef61-9bd8-47ba-88a9-4d64016c463b + id: b92bbb38-b67f-4789-8e10-07cef2591a95 version: -1 name: "" iscommand: false @@ -29,12 +29,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "1": id: "1" - taskid: c4637eaa-d766-4f32-8ba6-ca9891b83e8e + taskid: 864f2f88-9cae-494a-8757-f2b6e190344b type: title task: - id: c4637eaa-d766-4f32-8ba6-ca9891b83e8e + id: 864f2f88-9cae-494a-8757-f2b6e190344b version: -1 name: Legacy Commands type: title @@ -61,12 +63,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "2": id: "2" - taskid: 7985f72a-3c57-4143-8f5b-7e34593bd3b8 + taskid: 38266c2a-1ec6-4c65-88a8-c2ad02e9b1c7 type: regular task: - id: 7985f72a-3c57-4143-8f5b-7e34593bd3b8 + id: 38266c2a-1ec6-4c65-88a8-c2ad02e9b1c7 version: -1 name: umbrella-domain-categorization script: '|||umbrella-domain-categorization' @@ -92,12 +96,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "3": id: "3" - taskid: 22e6df43-af1d-4f1c-8649-a99b0d4241f4 + taskid: e1971be9-5e86-4574-8c72-4b760a9a9c60 type: regular task: - id: 22e6df43-af1d-4f1c-8649-a99b0d4241f4 + id: e1971be9-5e86-4574-8c72-4b760a9a9c60 version: -1 name: umbrella-domain-co-occurrences script: '|||umbrella-domain-co-occurrences' @@ -109,7 +115,7 @@ tasks: - "10" scriptarguments: domain: - simple: walla.com + simple: apple.com separatecontext: false view: |- { @@ -123,12 +129,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "4": id: "4" - taskid: 08376eb3-ccf6-478c-816b-9a640b0e8783 + taskid: 695193eb-3744-4daa-870e-898b522c9e1b type: regular task: - id: 08376eb3-ccf6-478c-816b-9a640b0e8783 + id: 695193eb-3744-4daa-870e-898b522c9e1b version: -1 name: umbrella-domain-related script: '|||umbrella-domain-related' @@ -154,12 +162,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "5": id: "5" - taskid: 3116a1c8-bbb2-4342-8466-6ddf273b1a7e + taskid: 410c06b0-41b6-4deb-8354-8df2378451d6 type: regular task: - id: 3116a1c8-bbb2-4342-8466-6ddf273b1a7e + id: 410c06b0-41b6-4deb-8354-8df2378451d6 version: -1 name: umbrella-domain-security script: '|||umbrella-domain-security' @@ -185,12 +195,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "6": id: "6" - taskid: df89cc41-7780-44b4-861b-02de9da1aadc + taskid: aa44db69-1ff6-448f-8227-e12765e62cbe type: regular task: - id: df89cc41-7780-44b4-861b-02de9da1aadc + id: aa44db69-1ff6-448f-8227-e12765e62cbe version: -1 name: umbrella-domain-dns-history script: '|||umbrella-domain-dns-history' @@ -216,12 +228,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "7": id: "7" - taskid: 29a09303-779d-4918-8a37-0638d7ce609c + taskid: d140e0b7-4dd9-452c-839c-095fe2883fe0 type: regular task: - id: 29a09303-779d-4918-8a37-0638d7ce609c + id: d140e0b7-4dd9-452c-839c-095fe2883fe0 version: -1 name: umbrella-ip-dns-history script: '|||umbrella-ip-dns-history' @@ -247,12 +261,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "8": id: "8" - taskid: b0a0ac89-1c34-4a9a-8860-e38aec3a0af5 + taskid: 1649f1c1-89a8-42e0-8e51-9bb777e5ac2b type: condition task: - id: b0a0ac89-1c34-4a9a-8860-e38aec3a0af5 + id: 1649f1c1-89a8-42e0-8e51-9bb777e5ac2b version: -1 name: Test Domain Categorization Context type: condition @@ -285,12 +301,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "9": id: "9" - taskid: d95dc3ab-9022-4211-8858-5b348561319b + taskid: af2fb11c-d0d0-4d6a-8faf-da0a509487e6 type: regular task: - id: d95dc3ab-9022-4211-8858-5b348561319b + id: af2fb11c-d0d0-4d6a-8faf-da0a509487e6 version: -1 name: Delete Context scriptName: DeleteContext @@ -304,10 +322,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -321,12 +335,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "10": id: "10" - taskid: 00c10914-72c9-4523-82a4-84b5dae6179c + taskid: 7b3e9d03-4957-442f-8764-d06c24674b60 type: condition task: - id: 00c10914-72c9-4523-82a4-84b5dae6179c + id: 7b3e9d03-4957-442f-8764-d06c24674b60 version: -1 name: Test domain co-occurrences context type: condition @@ -346,7 +362,7 @@ tasks: iscontext: true right: value: - simple: walla.com + simple: apple.com view: |- { "position": { @@ -359,12 +375,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "11": id: "11" - taskid: a4bdf2bb-a273-4850-86e0-7913cf8570f3 + taskid: c7c82e13-d5ee-444a-82b5-f7c01b98ef57 type: condition task: - id: a4bdf2bb-a273-4850-86e0-7913cf8570f3 + id: c7c82e13-d5ee-444a-82b5-f7c01b98ef57 version: -1 name: Test related domains context type: condition @@ -413,12 +431,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "12": id: "12" - taskid: 0c862efe-ff03-4705-8cb3-f6d26e402f0d + taskid: 676fe27b-ab9c-46ee-82d6-6c9b5b5355d2 type: condition task: - id: 0c862efe-ff03-4705-8cb3-f6d26e402f0d + id: 676fe27b-ab9c-46ee-82d6-6c9b5b5355d2 version: -1 name: Test domain security context type: condition @@ -451,12 +471,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "13": id: "13" - taskid: a7256aa8-1be5-4e32-88ad-32ff6f5c8af6 + taskid: a710e45e-fad0-4b7c-892a-571d33312426 type: condition task: - id: a7256aa8-1be5-4e32-88ad-32ff6f5c8af6 + id: a710e45e-fad0-4b7c-892a-571d33312426 version: -1 name: Test domain dns history context type: condition @@ -489,12 +511,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "14": id: "14" - taskid: 9c83d737-b7d3-4bdb-83b6-ae49bee8c8ab + taskid: 695d7328-4583-401a-83c0-5c42405e5089 type: condition task: - id: 9c83d737-b7d3-4bdb-83b6-ae49bee8c8ab + id: 695d7328-4583-401a-83c0-5c42405e5089 version: -1 name: Test ip dns history context type: condition @@ -527,12 +551,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "15": id: "15" - taskid: 9d70346d-c418-4a54-80e7-2d6431fa896f + taskid: a3285687-c6b4-4d19-853e-7708118c4d8d type: regular task: - id: 9d70346d-c418-4a54-80e7-2d6431fa896f + id: a3285687-c6b4-4d19-853e-7708118c4d8d version: -1 name: umbrella-ip-malicious-domains script: '|||umbrella-ip-malicious-domains' @@ -558,12 +584,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "16": id: "16" - taskid: fd9e35b8-3f6b-4bb4-87a8-9324c2923340 + taskid: dc4e5c7e-ea9a-47cd-8e9d-2dd28a2c0d58 type: condition task: - id: fd9e35b8-3f6b-4bb4-87a8-9324c2923340 + id: dc4e5c7e-ea9a-47cd-8e9d-2dd28a2c0d58 version: -1 name: Test IP malicious domains context type: condition @@ -628,12 +656,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "17": id: "17" - taskid: 6424dcb9-aba8-4a49-8367-da11da8e099c + taskid: 323b2edb-24b1-44a5-80e9-976b93d89d28 type: regular task: - id: 6424dcb9-aba8-4a49-8367-da11da8e099c + id: 323b2edb-24b1-44a5-80e9-976b93d89d28 version: -1 name: Delete Context scriptName: DeleteContext @@ -646,10 +676,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -663,15 +689,18 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "18": id: "18" - taskid: 7fd36bac-ec55-45f9-89ee-15791555acc8 + taskid: 41f9b57a-0896-4a6c-882b-7959da68d31e type: regular task: - id: 7fd36bac-ec55-45f9-89ee-15791555acc8 + id: 41f9b57a-0896-4a6c-882b-7959da68d31e version: -1 name: umbrella-domain-search - description: Regex search in the service, may take up to 10 sec to retrieve results due to the nature of regex. + description: Regex search in the service, may take up to 10 sec to retrieve + results due to the nature of regex. script: '|||umbrella-domain-search' type: regular iscommand: true @@ -697,12 +726,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "19": id: "19" - taskid: 86c09fb8-9318-4659-83c0-466b94aa768c + taskid: 416a0a50-113e-49d6-80a8-f263353afe69 type: condition task: - id: 86c09fb8-9318-4659-83c0-466b94aa768c + id: 416a0a50-113e-49d6-80a8-f263353afe69 version: -1 name: Test domain search context type: condition @@ -735,12 +766,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "20": id: "20" - taskid: 95771430-7e5c-4f4b-8f17-7aef14e3b45d + taskid: 93c4b398-9f81-4ac3-8761-01c561719ded type: regular task: - id: 95771430-7e5c-4f4b-8f17-7aef14e3b45d + id: 93c4b398-9f81-4ac3-8761-01c561719ded version: -1 name: Domain reputation script: Cisco Umbrella Investigate|||domain @@ -751,13 +784,8 @@ tasks: '#none#': - "21" scriptarguments: - confidenceThreshold: {} domain: - simple: gauttam.com - long: {} - owners: {} - ratingThreshold: {} - threshold: {} + simple: gauttam.com,google.com separatecontext: false view: |- { @@ -771,12 +799,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "21": id: "21" - taskid: adcdff80-eb70-4fb4-8ad5-6e71508e2af1 + taskid: 2cc68a85-780b-41f4-8df1-253a6579ca22 type: condition task: - id: adcdff80-eb70-4fb4-8ad5-6e71508e2af1 + id: 2cc68a85-780b-41f4-8df1-253a6579ca22 version: -1 name: Test domain reputation context type: condition @@ -792,7 +822,18 @@ tasks: - - operator: isEqualNumber left: value: - simple: Domain.Umbrella.RiskScore + complex: + root: Domain + filters: + - - operator: isEqualString + left: + value: + simple: Domain.Name + iscontext: true + right: + value: + simple: gauttam.com + accessor: Umbrella.RiskScore iscontext: true right: value: @@ -800,11 +841,22 @@ tasks: - - operator: isEqualNumber left: value: - simple: DBotScore.Score + complex: + root: DBotScore + filters: + - - operator: isEqualString + left: + value: + simple: DBotScore.Indicator + iscontext: true + right: + value: + simple: gauttam.com + accessor: Score iscontext: true right: value: - simple: "0" + simple: "2" view: |- { "position": { @@ -817,12 +869,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "22": id: "22" - taskid: be3a62e1-eb9a-4618-8245-ebb1da34fd97 + taskid: 04ef9f98-037b-4056-82da-c9c6739fea3d type: regular task: - id: be3a62e1-eb9a-4618-8245-ebb1da34fd97 + id: 04ef9f98-037b-4056-82da-c9c6739fea3d version: -1 name: Delete context scriptName: DeleteContext @@ -840,10 +894,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -857,12 +907,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "23": id: "23" - taskid: 2d2f6fca-40ad-4b81-8657-03dbc63983e1 + taskid: ea88bc95-f984-4ca4-8d07-c23a2a1eefcc type: regular task: - id: 2d2f6fca-40ad-4b81-8657-03dbc63983e1 + id: ea88bc95-f984-4ca4-8d07-c23a2a1eefcc version: -1 name: umbrella-get-related-domains script: '|||umbrella-get-related-domains' @@ -890,12 +942,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "24": id: "24" - taskid: 248d5be6-fb80-41dc-8b87-aee3e8673bbc + taskid: 1c124ee8-5b67-4e6f-8a4e-2874869fa35f type: regular task: - id: 248d5be6-fb80-41dc-8b87-aee3e8673bbc + id: 1c124ee8-5b67-4e6f-8a4e-2874869fa35f version: -1 name: umbrella-get-domain-classifiers script: '|||umbrella-get-domain-classifiers' @@ -921,12 +975,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "25": id: "25" - taskid: dae7cdb9-af1c-4afc-8974-97fcd9115ca2 + taskid: 673d0e9e-97a6-44e9-810d-22897fae4639 type: regular task: - id: dae7cdb9-af1c-4afc-8974-97fcd9115ca2 + id: 673d0e9e-97a6-44e9-810d-22897fae4639 version: -1 name: umbrella-get-domain-queryvolume script: '|||umbrella-get-domain-queryvolume' @@ -958,12 +1014,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "26": id: "26" - taskid: 81b1cd8f-a858-4510-836b-7200ea1e7ff0 + taskid: bb3a6192-9c40-4f72-80c1-574b317e6417 type: regular task: - id: 81b1cd8f-a858-4510-836b-7200ea1e7ff0 + id: bb3a6192-9c40-4f72-80c1-574b317e6417 version: -1 name: umbrella-get-domain-details script: '|||umbrella-get-domain-details' @@ -989,12 +1047,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "27": id: "27" - taskid: ffeb645d-5c7f-4ae1-89f3-98e4029578a7 + taskid: f604e7ce-1e42-4ecd-84e4-c0f9c85137c9 type: regular task: - id: ffeb645d-5c7f-4ae1-89f3-98e4029578a7 + id: f604e7ce-1e42-4ecd-84e4-c0f9c85137c9 version: -1 name: umbrella-get-domains-for-email-registrar script: '|||umbrella-get-domains-for-email-registrar' @@ -1007,9 +1067,6 @@ tasks: scriptarguments: emails: simple: dns@google.com,SomeMail@gmail.com - limit: {} - offset: {} - sort: {} separatecontext: false view: |- { @@ -1023,12 +1080,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "28": id: "28" - taskid: 46d9e0fe-e1b9-48dc-883d-875a1406d431 + taskid: 039e94b3-d3d7-49cb-819f-510a2171e4c6 type: regular task: - id: 46d9e0fe-e1b9-48dc-883d-875a1406d431 + id: 039e94b3-d3d7-49cb-819f-510a2171e4c6 version: -1 name: umbrella-get-domains-for-nameserver script: '|||umbrella-get-domains-for-nameserver' @@ -1043,7 +1102,6 @@ tasks: simple: "5" nameservers: simple: ns1.google.com - offset: {} sort: simple: created separatecontext: false @@ -1059,12 +1117,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "30": id: "30" - taskid: 8c5db59b-19fa-4a43-8e3d-6fc01968545c + taskid: f42e9400-3a48-4b3e-856f-76c6f57357d6 type: regular task: - id: 8c5db59b-19fa-4a43-8e3d-6fc01968545c + id: f42e9400-3a48-4b3e-856f-76c6f57357d6 version: -1 name: Delete Context scriptName: DeleteContext @@ -1082,10 +1142,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -1099,12 +1155,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "31": id: "31" - taskid: bbb02bc8-5e70-44e5-857c-95f762155102 + taskid: c4d3e103-fd85-4299-829b-7ebf46a03fff type: condition task: - id: bbb02bc8-5e70-44e5-857c-95f762155102 + id: c4d3e103-fd85-4299-829b-7ebf46a03fff version: -1 name: Test umbrella-get-related-domains Context type: condition @@ -1137,12 +1195,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "32": id: "32" - taskid: 0c1b2cc2-903b-432d-8034-1c85245f6262 + taskid: dd7c3e2d-b851-432d-83e3-164a07f6cf55 type: condition task: - id: 0c1b2cc2-903b-432d-8034-1c85245f6262 + id: dd7c3e2d-b851-432d-83e3-164a07f6cf55 version: -1 name: Test umbrella-get-domain-classifiers Context type: condition @@ -1175,12 +1235,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "33": id: "33" - taskid: 1ac00612-b4d4-4417-8288-bb50963f23dd + taskid: 04617739-2fbe-43e9-80c0-9fe1c57a671a type: condition task: - id: 1ac00612-b4d4-4417-8288-bb50963f23dd + id: 04617739-2fbe-43e9-80c0-9fe1c57a671a version: -1 name: Test umbrella-get-domain-queryvolume Context type: condition @@ -1213,12 +1275,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "34": id: "34" - taskid: 6f9ff36c-ab93-4150-8315-ce22d78d0858 + taskid: 14bc432c-8020-49a0-89e1-857a41442638 type: condition task: - id: 6f9ff36c-ab93-4150-8315-ce22d78d0858 + id: 14bc432c-8020-49a0-89e1-857a41442638 version: -1 name: Test umbrella-get-domain-details Context type: condition @@ -1251,12 +1315,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "35": id: "35" - taskid: bdfd9c58-eb90-4d1b-8a13-2676ef092716 + taskid: ddc8ec81-2587-4519-83db-fd0bbe0dad08 type: condition task: - id: bdfd9c58-eb90-4d1b-8a13-2676ef092716 + id: ddc8ec81-2587-4519-83db-fd0bbe0dad08 version: -1 name: Test umbrella-get-domains-for-email-registrar Context type: condition @@ -1286,12 +1352,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "36": id: "36" - taskid: 40b88832-c464-44af-81db-63aa2c657aa7 + taskid: f9e6b969-828c-4c37-8b43-ea18017c03de type: condition task: - id: 40b88832-c464-44af-81db-63aa2c657aa7 + id: f9e6b969-828c-4c37-8b43-ea18017c03de version: -1 name: Test umbrella-get-domains-for-nameserver Context type: condition @@ -1332,12 +1400,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "37": id: "37" - taskid: ec510acb-a04c-47b2-82bd-28e8afb7d466 + taskid: 06dd5e3d-65ba-4bc3-87e9-bb221facfd82 type: regular task: - id: ec510acb-a04c-47b2-82bd-28e8afb7d466 + id: 06dd5e3d-65ba-4bc3-87e9-bb221facfd82 version: -1 name: umbrella-get-whois-for-domain script: '|||umbrella-get-whois-for-domain' @@ -1363,12 +1433,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "38": id: "38" - taskid: 9732b4ec-02e1-42a0-831e-4c96f8132382 + taskid: 4209cd31-3fa6-49eb-8bc4-9d606a015d39 type: regular task: - id: 9732b4ec-02e1-42a0-831e-4c96f8132382 + id: 4209cd31-3fa6-49eb-8bc4-9d606a015d39 version: -1 name: umbrella-get-malicious-domains-for-ip script: '|||umbrella-get-malicious-domains-for-ip' @@ -1394,12 +1466,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "39": id: "39" - taskid: ee3c9c69-9247-495d-8780-f8eea2763d5a + taskid: 372ca09e-e238-48c8-87b5-17ae833ef714 type: regular task: - id: ee3c9c69-9247-495d-8780-f8eea2763d5a + id: 372ca09e-e238-48c8-87b5-17ae833ef714 version: -1 name: umbrella-get-domains-using-regex script: '|||umbrella-get-domains-using-regex' @@ -1418,8 +1492,6 @@ tasks: simple: "100" start: simple: -1days - stop: {} - type: {} separatecontext: false view: |- { @@ -1433,12 +1505,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "40": id: "40" - taskid: 098ff0da-43ad-4a34-85bb-70d26ce3d048 + taskid: d8940a45-fbe0-4d27-8fc3-883e79bb1b93 type: regular task: - id: 098ff0da-43ad-4a34-85bb-70d26ce3d048 + id: d8940a45-fbe0-4d27-8fc3-883e79bb1b93 version: -1 name: umbrella-get-domain-timeline script: '|||umbrella-get-domain-timeline' @@ -1464,12 +1538,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "41": id: "41" - taskid: 07103ccf-6183-4023-88b3-f2f8a16ee68e + taskid: 925003d9-11b5-44e2-87bc-f397a7ccdf01 type: regular task: - id: 07103ccf-6183-4023-88b3-f2f8a16ee68e + id: 925003d9-11b5-44e2-87bc-f397a7ccdf01 version: -1 name: umbrella-get-ip-timeline script: '|||umbrella-get-ip-timeline' @@ -1495,12 +1571,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "42": id: "42" - taskid: b6c2366f-43fa-46e8-8c1d-edff546437b7 + taskid: 584709fc-0b6b-44f7-8596-ab4a0e19549b type: regular task: - id: b6c2366f-43fa-46e8-8c1d-edff546437b7 + id: 584709fc-0b6b-44f7-8596-ab4a0e19549b version: -1 name: umbrella-get-url-timeline script: '|||umbrella-get-url-timeline' @@ -1526,12 +1604,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "43": id: "43" - taskid: d72d59b2-95fc-4417-870e-090d3a0544be + taskid: da96b158-877a-447a-897a-2fa75d541a9a type: condition task: - id: d72d59b2-95fc-4417-870e-090d3a0544be + id: da96b158-877a-447a-897a-2fa75d541a9a version: -1 name: Test umbrella-get-whois-for-domain Context type: condition @@ -1655,12 +1735,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "44": id: "44" - taskid: ccf8f214-815c-4ede-80e1-b91a3bf05180 + taskid: 93da8d28-48f3-4116-8895-cf40237e99aa type: title task: - id: ccf8f214-815c-4ede-80e1-b91a3bf05180 + id: 93da8d28-48f3-4116-8895-cf40237e99aa version: -1 name: Check Bang Domain type: title @@ -1682,12 +1764,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "45": id: "45" - taskid: 4317a66e-a467-4975-81d6-dfba1bacdd89 + taskid: fad294b4-b72a-4aa1-8e68-e40ea1a88b50 type: condition task: - id: 4317a66e-a467-4975-81d6-dfba1bacdd89 + id: fad294b4-b72a-4aa1-8e68-e40ea1a88b50 version: -1 name: Test umbrella-get-malicious-domains-for-ip Context type: condition @@ -1744,12 +1828,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "46": id: "46" - taskid: 821c3602-70c0-4660-85f7-d5296a4a62dc + taskid: 3d0c2290-2f25-4fa1-88c0-37e746839efa type: condition task: - id: 821c3602-70c0-4660-85f7-d5296a4a62dc + id: 3d0c2290-2f25-4fa1-88c0-37e746839efa version: -1 name: umbrella-get-domains-using-regex type: condition @@ -1790,12 +1876,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "47": id: "47" - taskid: b0da84a1-e95e-47b4-8f96-dc11f4ad2fd7 + taskid: 923e971b-0735-46bb-8e54-6d13fca68493 type: condition task: - id: b0da84a1-e95e-47b4-8f96-dc11f4ad2fd7 + id: 923e971b-0735-46bb-8e54-6d13fca68493 version: -1 name: Test umbrella-get-domain-timeline Context type: condition @@ -1844,12 +1932,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "48": id: "48" - taskid: f8f7eb90-c0b9-43eb-8297-c183c6d604c0 + taskid: c6151edf-4540-4c67-8f7f-e11854f974d2 type: condition task: - id: f8f7eb90-c0b9-43eb-8297-c183c6d604c0 + id: c6151edf-4540-4c67-8f7f-e11854f974d2 version: -1 name: Test umbrella-get-ip-timeline Context type: condition @@ -1882,12 +1972,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "49": id: "49" - taskid: 897e6acb-7449-4829-8756-dd898bac260a + taskid: 6f3d97ff-a334-40e0-86f9-5120b4ebf15e type: condition task: - id: 897e6acb-7449-4829-8756-dd898bac260a + id: 6f3d97ff-a334-40e0-86f9-5120b4ebf15e version: -1 name: Test umbrella-get-url-timeline context type: condition @@ -1920,12 +2012,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "50": id: "50" - taskid: 69b2ed8c-61c5-42b3-8276-24d5510e4328 + taskid: 1ed05c5c-bb02-4dd2-85b5-4c668d7a1948 type: regular task: - id: 69b2ed8c-61c5-42b3-8276-24d5510e4328 + id: 1ed05c5c-bb02-4dd2-85b5-4c668d7a1948 version: -1 name: Delete Context scriptName: DeleteContext @@ -1938,10 +2032,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -1955,12 +2045,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "51": id: "51" - taskid: 4ea3f746-7025-41d8-8701-29ba2f7ac57d + taskid: 7287a7cf-3019-4da1-876c-6b322e733ddb type: title task: - id: 4ea3f746-7025-41d8-8701-29ba2f7ac57d + id: 7287a7cf-3019-4da1-876c-6b322e733ddb version: -1 name: New Commands type: title @@ -1982,12 +2074,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "52": id: "52" - taskid: dccdfc85-081c-4ee8-86a1-d69eb5b33580 + taskid: 0dafd447-d2f7-4a5b-82f2-75b04c1d1ae8 type: regular task: - id: dccdfc85-081c-4ee8-86a1-d69eb5b33580 + id: 0dafd447-d2f7-4a5b-82f2-75b04c1d1ae8 version: -1 name: Delete Context description: Delete field from context @@ -2001,10 +2095,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -2018,15 +2108,19 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "53": id: "53" - taskid: d5f44f6b-b554-4f20-8a33-98a11f3b2e1f + taskid: ec968388-8f91-42cf-8520-e2f944579afb type: regular task: - id: d5f44f6b-b554-4f20-8a33-98a11f3b2e1f + id: ec968388-8f91-42cf-8520-e2f944579afb version: -1 name: domain - description: Get Domain Reputation info using Cisco Umbrella Investigate. Domain reputation score is either true or false from the service and cannot be modified using a threshold. + description: Get Domain Reputation info using Cisco Umbrella Investigate. Domain + reputation score is either true or false from the service and cannot be modified + using a threshold. script: Cisco Umbrella Investigate|||domain type: regular iscommand: true @@ -2050,12 +2144,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "54": id: "54" - taskid: 4b4beb2d-4cfa-42c9-809e-89849b42c3e6 + taskid: fc0657d6-e3df-4650-8d20-47f8740d88e1 type: condition task: - id: 4b4beb2d-4cfa-42c9-809e-89849b42c3e6 + id: fc0657d6-e3df-4650-8d20-47f8740d88e1 version: -1 name: Test domain context type: condition @@ -2171,12 +2267,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "55": id: "55" - taskid: 60f60aa6-20fb-45bc-8fec-4c97476ba7ea + taskid: b224c22d-3b8b-4fb4-802d-69776f9f68eb type: title task: - id: 60f60aa6-20fb-45bc-8fec-4c97476ba7ea + id: b224c22d-3b8b-4fb4-802d-69776f9f68eb version: -1 name: Test is complete type: title @@ -2195,7 +2293,8 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 -system: true + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": {}, diff --git a/Packs/Cisco-umbrella/pack_metadata.json b/Packs/Cisco-umbrella/pack_metadata.json index c1d90188ba52..c63dc2d4503c 100644 --- a/Packs/Cisco-umbrella/pack_metadata.json +++ b/Packs/Cisco-umbrella/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cisco Umbrella Investigate", "description": "Cisco Umbrella Investigate", "support": "xsoar", - "currentVersion": "1.0.5", + "currentVersion": "1.0.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 6c761cae44391168d3adb7247a818d796f58b8ec Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Sat, 28 Aug 2021 13:10:05 +0300 Subject: [PATCH 052/173] CommonServerPython - check if session exist before trying to close it (#14526) --- Packs/Base/ReleaseNotes/1_13_26.md | 4 ++++ Packs/Base/Scripts/CommonServerPython/CommonServerPython.py | 3 ++- Packs/Base/pack_metadata.json | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_13_26.md diff --git a/Packs/Base/ReleaseNotes/1_13_26.md b/Packs/Base/ReleaseNotes/1_13_26.md new file mode 100644 index 000000000000..a9a9e02c50c0 --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_13_26.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CommonServerPython +- Fixed an issue where there was an attempt to close a session that was not initialized. diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py index 5cd18ace7983..5c8212f6317b 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py @@ -6947,7 +6947,8 @@ def __init__(self, base_url, verify=True, proxy=False, ok_codes=tuple(), headers def __del__(self): try: - self._session.close() + if hasattr(self, '_session'): + self._session.close() except Exception: # noqa demisto.debug('failed to close BaseClient session with the following error:\n{}'.format(traceback.format_exc())) diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index dc8b3b416b03..75648f64796d 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.13.25", + "currentVersion": "1.13.26", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", From cad60fca0a1fd532fa773a322ffcd29d0877ec68 Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Sat, 28 Aug 2021 15:17:35 +0300 Subject: [PATCH 053/173] Cortex XDR - handle already blacklisted files (#14552) * test blacklist-files * handle err returned in case file already blacklistedd * verify res is dict * revert 3_0_25.md * revert 3_0_25.md --- .../Integrations/CortexXDRIR/CortexXDRIR.py | 6 +- Packs/CortexXDR/ReleaseNotes/3_0_26.md | 4 + .../TestPlaybooks/Test_XDR_Playbook.yml | 575 ++++++++++-------- Packs/CortexXDR/pack_metadata.json | 2 +- 4 files changed, 336 insertions(+), 251 deletions(-) create mode 100644 Packs/CortexXDR/ReleaseNotes/3_0_26.md diff --git a/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py b/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py index 15f11dc345fd..ec07ba6888e6 100644 --- a/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py +++ b/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR.py @@ -720,7 +720,7 @@ def blacklist_files(self, hash_list, comment=None): method='POST', url_suffix='/hash_exceptions/blacklist/', json_data={'request_data': request_data}, - ok_codes=(200, 201), + ok_codes=(200, 201, 500,), timeout=self.timeout ) return reply.get('reply') @@ -2208,7 +2208,9 @@ def blacklist_files_command(client, args): hash_list = argToList(args.get('hash_list')) comment = args.get('comment') - client.blacklist_files(hash_list=hash_list, comment=comment) + res = client.blacklist_files(hash_list=hash_list, comment=comment) + if isinstance(res, dict) and res.get('err_extra') != "All hashes have already been added to the allow or block list": + raise ValueError(res) markdown_data = [{'fileHash': file_hash} for file_hash in hash_list] return ( diff --git a/Packs/CortexXDR/ReleaseNotes/3_0_26.md b/Packs/CortexXDR/ReleaseNotes/3_0_26.md new file mode 100644 index 000000000000..ae0d91941adf --- /dev/null +++ b/Packs/CortexXDR/ReleaseNotes/3_0_26.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Palo Alto Networks Cortex XDR - Investigation and Response +- Fixed an issue where the ***xdr-blacklist-files*** command returned an error if the given hashes have already been added to the allow or block list. diff --git a/Packs/CortexXDR/TestPlaybooks/Test_XDR_Playbook.yml b/Packs/CortexXDR/TestPlaybooks/Test_XDR_Playbook.yml index b4385555d2c3..6bf903f733d9 100644 --- a/Packs/CortexXDR/TestPlaybooks/Test_XDR_Playbook.yml +++ b/Packs/CortexXDR/TestPlaybooks/Test_XDR_Playbook.yml @@ -6,15 +6,14 @@ starttaskid: "0" tasks: "0": id: "0" - taskid: 86023169-0cb3-4e78-80c5-95618fe87d54 + taskid: ea7a532d-ed81-4776-87f1-d3d38afccbbd type: start task: - id: 86023169-0cb3-4e78-80c5-95618fe87d54 + id: ea7a532d-ed81-4776-87f1-d3d38afccbbd version: -1 name: "" iscommand: false brand: "" - description: '' nexttasks: '#none#': - "1" @@ -31,12 +30,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "1": id: "1" - taskid: 700f9a01-86f2-4a80-8d6f-f6db3bcec9b2 + taskid: 12501c8b-261b-4432-8a1d-88e7dc749803 type: regular task: - id: 700f9a01-86f2-4a80-8d6f-f6db3bcec9b2 + id: 12501c8b-261b-4432-8a1d-88e7dc749803 version: -1 name: DeleteContext description: DeleteContext @@ -63,12 +64,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "2": id: "2" - taskid: e93912db-85d8-484e-8a35-95b46edaa1ef + taskid: 3ed2c5d6-4aa5-4099-8806-9c7d3986d8ae type: regular task: - id: e93912db-85d8-484e-8a35-95b46edaa1ef + id: 3ed2c5d6-4aa5-4099-8806-9c7d3986d8ae version: -1 name: xdr-get-incidents description: xdr-get-incidents @@ -82,18 +85,10 @@ tasks: scriptarguments: gte_creation_time: simple: 2010-10-10T00:00:00 - gte_modification_time: {} - incident_id_list: {} limit: simple: "3" - lte_creation_time: {} - lte_modification_time: {} - page: {} - since_creation_time: {} - since_modification_time: {} sort_by_creation_time: simple: asc - sort_by_modification_time: {} separatecontext: false view: |- { @@ -107,12 +102,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "3": id: "3" - taskid: 216d71b1-293c-4454-8673-3c3b85918132 + taskid: 38594b36-0cdc-46f2-85dc-eb22d1446110 type: condition task: - id: 216d71b1-293c-4454-8673-3c3b85918132 + id: 38594b36-0cdc-46f2-85dc-eb22d1446110 version: -1 name: Verify Outputs description: Verify Outputs @@ -158,12 +155,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "4": id: "4" - taskid: 097e896e-7d5f-4d5d-8762-99e4650a197c + taskid: e1bce924-0c4d-43af-8fc6-26cb2863f9e6 type: regular task: - id: 097e896e-7d5f-4d5d-8762-99e4650a197c + id: e1bce924-0c4d-43af-8fc6-26cb2863f9e6 version: -1 name: xdr-get-incident-extra-data description: xdr-get-incident-extra-data @@ -175,7 +174,6 @@ tasks: '#none#': - "26" scriptarguments: - alerts_limit: {} incident_id: simple: ${PaloAltoNetworksXDR.Incident.incident_id} separatecontext: false @@ -191,12 +189,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "6": id: "6" - taskid: 19d31e05-4678-4c4c-8e0d-a99b31363d74 + taskid: 0c7a855d-eb23-4d33-8eeb-65c6f9f8fb17 type: regular task: - id: 19d31e05-4678-4c4c-8e0d-a99b31363d74 + id: 0c7a855d-eb23-4d33-8eeb-65c6f9f8fb17 version: -1 name: xdr-update-incident description: xdr-update-incident @@ -208,8 +208,6 @@ tasks: '#none#': - "27" scriptarguments: - assigned_user_mail: {} - assigned_user_pretty_name: {} incident_id: complex: root: PaloAltoNetworksXDR @@ -218,10 +216,8 @@ tasks: - operator: FirstArrayElement manual_severity: simple: HIGH - resolve_comment: {} status: simple: UNDER_INVESTIGATION - unassign_user: {} separatecontext: false view: |- { @@ -235,12 +231,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "7": id: "7" - taskid: 32d6d159-aab7-435e-87ce-f08975205c13 + taskid: 4ff644b0-b82f-4a59-8086-804bd3d1991a type: regular task: - id: 32d6d159-aab7-435e-87ce-f08975205c13 + id: 4ff644b0-b82f-4a59-8086-804bd3d1991a version: -1 name: xdr-insert-parsed-alert description: xdr-insert-parsed-alert @@ -256,7 +254,6 @@ tasks: simple: This alert from content TestXDRPlaybook description alert_name: simple: This alert from content TestXDRPlaybook - event_timestamp: {} local_ip: simple: 196.168.0.111 local_port: @@ -284,12 +281,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "8": id: "8" - taskid: e89cd0c3-ddc0-4e14-81db-790f97d64577 + taskid: 0225d7a6-63c5-45e0-8da2-5dd0fff66bba type: regular task: - id: e89cd0c3-ddc0-4e14-81db-790f97d64577 + id: 0225d7a6-63c5-45e0-8da2-5dd0fff66bba version: -1 name: xdr-insert-cef-alerts description: xdr-insert-cef-alerts @@ -316,12 +315,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "9": id: "9" - taskid: bdc9e8a5-c004-4bdb-839b-60abcfab7ea7 + taskid: b3f11dd6-364d-4c13-8ec0-e103afd5bad2 type: regular task: - id: bdc9e8a5-c004-4bdb-839b-60abcfab7ea7 + id: b3f11dd6-364d-4c13-8ec0-e103afd5bad2 version: -1 name: xdr-isolate-endpoint description: xdr-isolate-endpoint @@ -348,12 +349,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "10": id: "10" - taskid: b424b792-dadc-4882-88e5-d7cb869cbe08 + taskid: 95e20a14-2391-4d1e-83bb-9b23d55929bd type: regular task: - id: b424b792-dadc-4882-88e5-d7cb869cbe08 + id: 95e20a14-2391-4d1e-83bb-9b23d55929bd version: -1 name: xdr-unisolate-endpoint description: xdr-unisolate-endpoint @@ -380,12 +383,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "11": id: "11" - taskid: 4f59a60e-70d8-4d90-80ba-f2248b4e31ec + taskid: 8da52a87-b8cf-4a40-853f-3df5d80cd47b type: regular task: - id: 4f59a60e-70d8-4d90-80ba-f2248b4e31ec + id: 8da52a87-b8cf-4a40-853f-3df5d80cd47b version: -1 name: xdr-get-endpoints description: xdr-get-endpoints @@ -397,23 +402,8 @@ tasks: '#none#': - "12" scriptarguments: - alias_name: {} - dist_name: {} - endpoint_id_list: {} - first_seen_gte: {} - first_seen_lte: {} - group_name: {} hostname: simple: ip-172-31-15-237.eu-central-1.compute.internal - ip_list: {} - isolate: {} - last_seen_gte: {} - last_seen_lte: {} - limit: {} - page: {} - platform: {} - sort_by: {} - sort_order: {} separatecontext: false view: |- { @@ -427,12 +417,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "12": id: "12" - taskid: c46519c8-58c5-4ca9-855f-122af041dcc5 + taskid: e103b7a2-68d7-4157-8141-98dbfa3f1dc2 type: condition task: - id: c46519c8-58c5-4ca9-855f-122af041dcc5 + id: e103b7a2-68d7-4157-8141-98dbfa3f1dc2 version: -1 name: Verify Outputs description: Verify Outputs @@ -476,12 +468,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "13": id: "13" - taskid: fc6a6010-c4e9-45d5-8e6b-1e9507c6aaa4 + taskid: 7306ebd6-fa0f-4fc3-8ccc-746028dbf157 type: regular task: - id: fc6a6010-c4e9-45d5-8e6b-1e9507c6aaa4 + id: 7306ebd6-fa0f-4fc3-8ccc-746028dbf157 version: -1 name: xdr-get-distribution-versions description: xdr-get-distribution-versions @@ -505,12 +499,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "14": id: "14" - taskid: 65a511eb-23c3-4a9c-8da8-2e2d516314a0 + taskid: 391f1afb-b365-4111-8339-b5172023fe6f type: condition task: - id: 65a511eb-23c3-4a9c-8da8-2e2d516314a0 + id: 391f1afb-b365-4111-8339-b5172023fe6f version: -1 name: Verify Outputs description: Verify Outputs @@ -546,12 +542,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "15": id: "15" - taskid: dfdd051b-1c26-4d86-8e58-a4212f5e6133 + taskid: c6a8dec0-f0db-47d2-85ad-b18db80b687c type: regular task: - id: dfdd051b-1c26-4d86-8e58-a4212f5e6133 + id: c6a8dec0-f0db-47d2-85ad-b18db80b687c version: -1 name: xdr-create-distribution description: xdr-create-distribution @@ -590,12 +588,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "16": id: "16" - taskid: 794b75cc-4b4c-4c3b-8fa7-452a1df2f50b + taskid: a8bf942c-f435-4f4e-870a-6cbd964ac243 type: condition task: - id: 794b75cc-4b4c-4c3b-8fa7-452a1df2f50b + id: a8bf942c-f435-4f4e-870a-6cbd964ac243 version: -1 name: Verify Outputs description: Verify Outputs @@ -631,12 +631,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "17": id: "17" - taskid: 7672ffdc-c319-4055-8311-667e0c805461 + taskid: 42d24ede-cfa1-4a10-8fcc-91dbed392a0f type: regular task: - id: 7672ffdc-c319-4055-8311-667e0c805461 + id: 42d24ede-cfa1-4a10-8fcc-91dbed392a0f version: -1 name: xdr-get-distribution-url description: xdr-get-distribution-url @@ -665,12 +667,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "18": id: "18" - taskid: 6abedd19-cc23-4c10-8a21-cc0e2bc9e1ce + taskid: a265f880-b02f-4dac-85fc-203cb15246e7 type: condition task: - id: 6abedd19-cc23-4c10-8a21-cc0e2bc9e1ce + id: a265f880-b02f-4dac-85fc-203cb15246e7 version: -1 name: Verify Outputs description: Verify Outputs @@ -701,12 +705,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "19": id: "19" - taskid: 323ff5a5-6700-49f2-8843-1416452b1fc2 + taskid: 4f270267-1e63-412d-8bb5-7c1e8e44b308 type: regular task: - id: 323ff5a5-6700-49f2-8843-1416452b1fc2 + id: 4f270267-1e63-412d-8bb5-7c1e8e44b308 version: -1 name: xdr-get-create-distribution-status description: xdr-get-create-distribution-status @@ -733,12 +739,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "20": id: "20" - taskid: 88c6e88b-67e5-4b6d-808d-255e800274b6 + taskid: 5d70d8d4-a405-41ef-881b-3fba72ab2002 type: condition task: - id: 88c6e88b-67e5-4b6d-808d-255e800274b6 + id: 5d70d8d4-a405-41ef-881b-3fba72ab2002 version: -1 name: Verify Outputs description: Verify Outputs @@ -780,12 +788,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "21": id: "21" - taskid: cbe6c4b5-d281-467f-85ed-e963eea8162b + taskid: 155174b3-b283-4b09-86f7-c2272c6ab537 type: regular task: - id: cbe6c4b5-d281-467f-85ed-e963eea8162b + id: 155174b3-b283-4b09-86f7-c2272c6ab537 version: -1 name: xdr-get-audit-management-logs description: xdr-get-audit-management-logs @@ -797,11 +807,8 @@ tasks: '#none#': - "22" scriptarguments: - email: {} limit: simple: "5" - page: {} - result: {} sort_by: simple: sub_type sort_order: @@ -810,8 +817,6 @@ tasks: simple: Authentication failed timestamp_gte: simple: "0" - timestamp_lte: {} - type: {} separatecontext: false view: |- { @@ -825,12 +830,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "22": id: "22" - taskid: 178a79b0-4a5c-4e24-8a07-8bd70d634505 + taskid: 59e34c0f-a892-4a7c-8731-4e2a7061c524 type: condition task: - id: 178a79b0-4a5c-4e24-8a07-8bd70d634505 + id: 59e34c0f-a892-4a7c-8731-4e2a7061c524 version: -1 name: Verify Outputs description: Verify Outputs @@ -869,12 +876,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "23": id: "23" - taskid: 1f3d7705-fed1-4db7-836d-b19cc2b18ebc + taskid: 770d3ef9-5f8c-47f9-8b48-e4df89b67a9b type: regular task: - id: 1f3d7705-fed1-4db7-836d-b19cc2b18ebc + id: 770d3ef9-5f8c-47f9-8b48-e4df89b67a9b version: -1 name: xdr-get-audit-agent-reports description: xdr-get-audit-agent-reports @@ -886,12 +895,10 @@ tasks: '#none#': - "24" scriptarguments: - endpoint_ids: {} endpoint_names: simple: ip-172-31-15-237.eu-central-1.compute.internal limit: simple: "5" - page: {} result: simple: Success retry-count: @@ -902,11 +909,8 @@ tasks: simple: category sort_order: simple: desc - sub_type: {} timestamp_gte: simple: "2019-10-10" - timestamp_lte: {} - type: {} separatecontext: false view: |- { @@ -920,12 +924,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "24": id: "24" - taskid: 7e2b50fa-e194-4f01-8a5f-de26b3a89246 + taskid: 31960415-4465-48e4-8c10-51fc078700db type: condition task: - id: 7e2b50fa-e194-4f01-8a5f-de26b3a89246 + id: 31960415-4465-48e4-8c10-51fc078700db version: -1 name: Verify Outputs description: Verify Outputs @@ -969,12 +975,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "25": id: "25" - taskid: afbd4d4d-448e-44e1-8bd2-453e7261a844 + taskid: a7c271af-46a4-441f-8bb5-b47096e35583 type: title task: - id: afbd4d4d-448e-44e1-8bd2-453e7261a844 + id: a7c271af-46a4-441f-8bb5-b47096e35583 version: -1 name: Test Done description: Test Done @@ -986,7 +994,7 @@ tasks: { "position": { "x": 480, - "y": 10140 + "y": 10490 } } note: false @@ -994,12 +1002,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "26": id: "26" - taskid: 95b25963-9e45-46b3-8936-6451d2a4a21e + taskid: 0ae81653-98ed-490d-8ff7-e64c7dbbd043 type: condition task: - id: 95b25963-9e45-46b3-8936-6451d2a4a21e + id: 0ae81653-98ed-490d-8ff7-e64c7dbbd043 version: -1 name: Verify Outputs description: Verify Outputs @@ -1070,12 +1080,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "27": id: "27" - taskid: 67b67120-ee3d-4d6b-8991-85a94bc6716f + taskid: 3fcc7a2e-4959-474e-8875-95a45702fb15 type: regular task: - id: 67b67120-ee3d-4d6b-8991-85a94bc6716f + id: 3fcc7a2e-4959-474e-8875-95a45702fb15 version: -1 name: Save incident id description: Save incident id @@ -1087,7 +1099,6 @@ tasks: '#none#': - "28" scriptarguments: - append: {} key: simple: XDRIncidentID value: @@ -1109,12 +1120,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "28": id: "28" - taskid: fa5e2060-4f47-4597-89da-769cae7d1327 + taskid: e523299a-a3fe-4585-8e10-2c04bb846386 type: regular task: - id: fa5e2060-4f47-4597-89da-769cae7d1327 + id: e523299a-a3fe-4585-8e10-2c04bb846386 version: -1 name: DeleteContext description: DeleteContext @@ -1128,11 +1141,8 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} keysToKeep: simple: XDRIncidentID - subplaybook: {} separatecontext: false view: |- { @@ -1146,12 +1156,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "29": id: "29" - taskid: cd527ca7-3bf2-4178-8d04-a47982278d63 + taskid: 7c11c545-45d5-4de7-83ed-46ae206e2d6b type: regular task: - id: cd527ca7-3bf2-4178-8d04-a47982278d63 + id: 7c11c545-45d5-4de7-83ed-46ae206e2d6b version: -1 name: xdr-get-incidents description: xdr-get-incidents @@ -1163,19 +1175,10 @@ tasks: '#none#': - "30" scriptarguments: - gte_creation_time: {} - gte_modification_time: {} incident_id_list: simple: ${XDRIncidentID} - limit: {} - lte_creation_time: {} - lte_modification_time: {} - page: {} - since_creation_time: {} - since_modification_time: {} sort_by_creation_time: simple: desc - sort_by_modification_time: {} separatecontext: false view: |- { @@ -1189,12 +1192,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "30": id: "30" - taskid: e1fde48c-6e86-4cde-8a56-39828695fe81 + taskid: 0265f4ac-b4f5-4f4f-8293-a010d0603e3f type: condition task: - id: e1fde48c-6e86-4cde-8a56-39828695fe81 + id: 0265f4ac-b4f5-4f4f-8293-a010d0603e3f version: -1 name: Verify updated values description: Verify updated values @@ -1236,12 +1241,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "31": id: "31" - taskid: 9b9030ee-7a64-410d-8079-f3ca171727d4 + taskid: 9cb303b1-ec2c-429c-89a6-646cda182313 type: regular task: - id: 9b9030ee-7a64-410d-8079-f3ca171727d4 + id: 9cb303b1-ec2c-429c-89a6-646cda182313 version: -1 name: xdr-update-incident description: xdr-update-incident @@ -1253,16 +1260,12 @@ tasks: '#none#': - "7" scriptarguments: - assigned_user_mail: {} - assigned_user_pretty_name: {} incident_id: simple: ${PaloAltoNetworksXDR.Incident.incident_id} manual_severity: simple: LOW - resolve_comment: {} status: simple: NEW - unassign_user: {} separatecontext: false view: |- { @@ -1276,12 +1279,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "32": id: "32" - taskid: dcb30ae1-0a4d-4109-89c1-8f4b530ed725 + taskid: 5aa1a500-378d-45d1-819a-0422fca7002b type: regular task: - id: dcb30ae1-0a4d-4109-89c1-8f4b530ed725 + id: 5aa1a500-378d-45d1-819a-0422fca7002b version: -1 name: Set 2 CEF alerts to context description: Set 2 CEF alerts to context @@ -1316,12 +1321,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "33": id: "33" - taskid: cbb0088f-38e5-4bd7-8f65-84f9053407a2 + taskid: 7cdff9bb-9586-4184-888e-a8128c9952cb type: regular task: - id: cbb0088f-38e5-4bd7-8f65-84f9053407a2 + id: 7cdff9bb-9586-4184-888e-a8128c9952cb version: -1 name: Get Endpoint f8a2f58846b542579c12090652e79f3d description: Gets a list of endpoints, according to the passed filters. Filtering @@ -1336,23 +1343,8 @@ tasks: '#none#': - "34" scriptarguments: - alias_name: {} - dist_name: {} endpoint_id_list: simple: f8a2f58846b542579c12090652e79f3d - first_seen_gte: {} - first_seen_lte: {} - group_name: {} - hostname: {} - ip_list: {} - isolate: {} - last_seen_gte: {} - last_seen_lte: {} - limit: {} - page: {} - platform: {} - sort_by: {} - sort_order: {} separatecontext: false view: |- { @@ -1366,12 +1358,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "34": id: "34" - taskid: ab2acbfc-68e5-4859-8cef-51b4d32f3db2 + taskid: fbd54c5b-7b83-4b6f-86c1-a9774184a9c3 type: condition task: - id: ab2acbfc-68e5-4859-8cef-51b4d32f3db2 + id: fbd54c5b-7b83-4b6f-86c1-a9774184a9c3 version: -1 name: To isolate ? description: To isolate @@ -1407,12 +1401,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "35": id: "35" - taskid: e5562676-381c-4c7a-8c56-6b176a45d046 + taskid: c83f6289-c16a-4483-8892-bb2abfee0e9b type: condition task: - id: e5562676-381c-4c7a-8c56-6b176a45d046 + id: c83f6289-c16a-4483-8892-bb2abfee0e9b version: -1 name: To unisolate? description: To unisolate @@ -1448,12 +1444,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "36": id: "36" - taskid: d9c49d4a-19d4-4e8c-8752-22e892285e0f + taskid: b4d374a3-46a4-4b7c-886b-cd1a1872f996 type: title task: - id: d9c49d4a-19d4-4e8c-8752-22e892285e0f + id: b4d374a3-46a4-4b7c-886b-cd1a1872f996 version: -1 name: Isolation done description: Isolation done @@ -1476,12 +1474,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "37": id: "37" - taskid: d46c1698-82f1-4cbc-8b84-4f47fa73fe34 + taskid: f2670578-35d2-4876-827c-ecae5c6601c8 type: regular task: - id: d46c1698-82f1-4cbc-8b84-4f47fa73fe34 + id: f2670578-35d2-4876-827c-ecae5c6601c8 version: -1 name: xdr-get-endpoints description: Gets a list of endpoints, according to the passed filters. If there @@ -1496,23 +1496,6 @@ tasks: nexttasks: '#none#': - "38" - scriptarguments: - alias_name: {} - dist_name: {} - endpoint_id_list: {} - first_seen_gte: {} - first_seen_lte: {} - group_name: {} - hostname: {} - ip_list: {} - isolate: {} - last_seen_gte: {} - last_seen_lte: {} - limit: {} - page: {} - platform: {} - sort_by: {} - sort_order: {} separatecontext: false view: |- { @@ -1526,12 +1509,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "38": id: "38" - taskid: 5a47ee9f-26a9-48fc-8ddd-6f66df8c2069 + taskid: 90e5e310-c7aa-4ab1-8bef-8c2bbe482c83 type: condition task: - id: 5a47ee9f-26a9-48fc-8ddd-6f66df8c2069 + id: 90e5e310-c7aa-4ab1-8bef-8c2bbe482c83 version: -1 name: Check the number of endpoints in context description: Check the number of endpoints in context @@ -1569,12 +1554,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "39": id: "39" - taskid: d6e3d890-7e8a-4eae-8952-a08ee1bcda15 + taskid: 1cf6f029-5857-46cd-8ae4-779f8ed30e07 type: playbook task: - id: d6e3d890-7e8a-4eae-8952-a08ee1bcda15 + id: 1cf6f029-5857-46cd-8ae4-779f8ed30e07 version: -1 name: Cortex XDR - quarantine file description: Cortex XDR - quarantine file @@ -1610,12 +1597,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "40": id: "40" - taskid: ab6bfbe4-febd-48b7-8da2-b1b907d00b7a + taskid: 90c38236-9c8e-430f-8f32-b9fd3937c3a4 type: regular task: - id: ab6bfbe4-febd-48b7-8da2-b1b907d00b7a + id: 90c38236-9c8e-430f-8f32-b9fd3937c3a4 version: -1 name: xdr-get-policy description: Gets the policy name for a specific endpoint. @@ -1646,12 +1635,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "41": id: "41" - taskid: 51e3260b-5db3-4e7f-85f6-e7d75661e2b5 + taskid: f0d05233-001f-4165-8889-131652291db8 type: condition task: - id: 51e3260b-5db3-4e7f-85f6-e7d75661e2b5 + id: f0d05233-001f-4165-8889-131652291db8 version: -1 name: Verify Outputs description: Verify Outputs @@ -1682,12 +1673,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "42": id: "42" - taskid: d9cc423b-0b83-4722-8739-4af2ec2bba30 + taskid: 14876a40-fc86-4345-8311-483f98ee9779 type: regular task: - id: d9cc423b-0b83-4722-8739-4af2ec2bba30 + id: 14876a40-fc86-4345-8311-483f98ee9779 version: -1 name: xdr-get-endpoint-device-control-violations description: Gets a list of device control violations filtered by selected fields. @@ -1699,20 +1692,6 @@ tasks: nexttasks: '#none#': - "43" - scriptarguments: - endpoint_ids: {} - hostname: {} - ip_list: {} - product: {} - product_id: {} - serial: {} - timestamp_gte: {} - timestamp_lte: {} - type: {} - username: {} - vendor: {} - vendor_id: {} - violation_id_list: {} separatecontext: false view: |- { @@ -1726,12 +1705,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "43": id: "43" - taskid: 443f083f-ea10-45c0-8014-ba53482d3800 + taskid: d5fcbfdf-c7c8-4431-823d-7be8847b36b3 type: condition task: - id: 443f083f-ea10-45c0-8014-ba53482d3800 + id: d5fcbfdf-c7c8-4431-823d-7be8847b36b3 version: -1 name: Verify Outputs description: Verify Outputs @@ -1762,12 +1743,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "48": id: "48" - taskid: 20240861-2c9f-4be1-83d0-e09c030f604d + taskid: 3da21c91-20f5-467e-81f5-23778741e6e9 type: regular task: - id: 20240861-2c9f-4be1-83d0-e09c030f604d + id: 3da21c91-20f5-467e-81f5-23778741e6e9 version: -1 name: xdr-get-scripts description: Gets a list of scripts available in the scripts library. @@ -1778,16 +1761,6 @@ tasks: nexttasks: '#none#': - "49" - scriptarguments: - created_by: {} - description: {} - is_high_risk: {} - limit: {} - linux_supported: {} - macos_supported: {} - offset: {} - script_name: {} - windows_supported: {} separatecontext: false view: |- { @@ -1801,12 +1774,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "49": id: "49" - taskid: 2d718543-3c42-4fab-8f4f-3e790084049a + taskid: 35db837c-e8f0-4683-8778-434038da52ae type: condition task: - id: 2d718543-3c42-4fab-8f4f-3e790084049a + id: 35db837c-e8f0-4683-8778-434038da52ae version: -1 name: Verify Outputs description: Verify Outputs @@ -1841,12 +1816,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "50": id: "50" - taskid: 94e0e5c7-1317-4d5c-83d7-5416a5767221 + taskid: ecd5f0b1-c498-4946-8d67-7a72c20d4396 type: regular task: - id: 94e0e5c7-1317-4d5c-83d7-5416a5767221 + id: ecd5f0b1-c498-4946-8d67-7a72c20d4396 version: -1 name: xdr-get-script-metadata description: Gets the full definition of a specific script in the scripts library. @@ -1877,12 +1854,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "51": id: "51" - taskid: 229a807d-3057-4e10-8e9e-e3d7bf6f0579 + taskid: fbde4fab-785a-41d2-8ea6-7997d7ee36b8 type: condition task: - id: 229a807d-3057-4e10-8e9e-e3d7bf6f0579 + id: fbde4fab-785a-41d2-8ea6-7997d7ee36b8 version: -1 name: Verify Outputs description: Verify Outputs @@ -1913,12 +1892,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "58": id: "58" - taskid: f093aad3-f833-45d6-868c-764ad3eb2ea3 + taskid: 3d04b1df-dbb6-47d3-8970-40573bd22a35 type: regular task: - id: f093aad3-f833-45d6-868c-764ad3eb2ea3 + id: 3d04b1df-dbb6-47d3-8970-40573bd22a35 version: -1 name: xdr-get-script-code description: Gets the code of a specific script in the script library. @@ -1949,12 +1930,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "59": id: "59" - taskid: 0b6018a9-c8aa-4ae5-815e-04fb111a5a94 + taskid: 25d2a399-b496-4cc2-8965-317c9d2bd661 type: condition task: - id: 0b6018a9-c8aa-4ae5-815e-04fb111a5a94 + id: 25d2a399-b496-4cc2-8965-317c9d2bd661 version: -1 name: Verify Outputs description: Verify Outputs @@ -1986,12 +1969,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "60": id: "60" - taskid: acb47167-4974-4005-829f-6e22e6b8dbed + taskid: bb182bc5-81e1-46e1-82c1-112b5204d754 type: playbook task: - id: acb47167-4974-4005-829f-6e22e6b8dbed + id: bb182bc5-81e1-46e1-82c1-112b5204d754 version: -1 name: Cortex XDR - Retrieve File Playbook description: |- @@ -2009,8 +1994,6 @@ tasks: scriptarguments: endpoint_ids: simple: aeec6a2cc92e46fab3b6f621722e9916 - linux_file_paths: {} - mac_file_paths: {} windows_file_paths: simple: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe separatecontext: true @@ -2031,12 +2014,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "61": id: "61" - taskid: c67a4845-92f6-4352-8c04-180a1758e642 + taskid: 3383a727-4d1a-48c0-8272-d4e8cefaf73c type: regular task: - id: c67a4845-92f6-4352-8c04-180a1758e642 + id: 3383a727-4d1a-48c0-8272-d4e8cefaf73c version: -1 name: xdr-retrieve-files description: Retrieves files from selected endpoints. You can retrieve up to @@ -2073,8 +2058,6 @@ tasks: value: simple: Workstation accessor: endpoint_id - linux_file_paths: {} - mac_file_paths: {} windows_file_paths: simple: C:\Users\demisto\Desktop\demisto.txt separatecontext: false @@ -2090,12 +2073,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "62": id: "62" - taskid: 94bb6ccf-1375-4c4e-8944-a37ce4023be5 + taskid: 2b0d7839-ae27-4adf-84d4-253d08098c29 type: playbook task: - id: 94bb6ccf-1375-4c4e-8944-a37ce4023be5 + id: 2b0d7839-ae27-4adf-84d4-253d08098c29 version: -1 name: Cortex XDR - Check Action Status description: Checks the action status of an action ID. \nEnter the action ID @@ -2128,12 +2113,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "63": id: "63" - taskid: be587bf1-c9b7-4634-8f6f-6c813e70becf + taskid: 010db6d6-f9a4-4dcc-8665-8daee84bfad1 type: condition task: - id: be587bf1-c9b7-4634-8f6f-6c813e70becf + id: 010db6d6-f9a4-4dcc-8665-8daee84bfad1 version: -1 name: Verify retrieve file type: condition @@ -2163,12 +2150,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "64": id: "64" - taskid: 62f0fb59-a87c-467f-8362-7b4af2d8f3e4 + taskid: ad126272-5968-414e-8ddf-32482ed85d65 type: condition task: - id: 62f0fb59-a87c-467f-8362-7b4af2d8f3e4 + id: ad126272-5968-414e-8ddf-32482ed85d65 version: -1 name: Verify check action status type: condition @@ -2198,12 +2187,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "65": id: "65" - taskid: f50ee2b0-01c0-4abc-808b-f3ff42edf3fd + taskid: c6c0cf47-0854-4aca-8080-0ef145902303 type: regular task: - id: f50ee2b0-01c0-4abc-808b-f3ff42edf3fd + id: c6c0cf47-0854-4aca-8080-0ef145902303 version: -1 name: Run Script description: Initiate a new endpoint script execution action using a script @@ -2244,7 +2235,6 @@ tasks: value: simple: execute_commands accessor: script_uid - timeout: {} separatecontext: false view: |- { @@ -2258,12 +2248,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "66": id: "66" - taskid: 3ea0b5c7-3485-463a-8d2e-5ab490bc01d7 + taskid: 8de15af0-d2b9-493e-8584-199567357496 type: regular task: - id: 3ea0b5c7-3485-463a-8d2e-5ab490bc01d7 + id: 8de15af0-d2b9-493e-8584-199567357496 version: -1 name: Get Script Execution Status description: Retrieve the status of a script execution action. @@ -2290,12 +2282,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "67": id: "67" - taskid: defe3d31-293c-4401-8e04-a6cbe2e803cb + taskid: b1eebab0-5728-4156-8527-bdd837484301 type: condition task: - id: defe3d31-293c-4401-8e04-a6cbe2e803cb + id: b1eebab0-5728-4156-8527-bdd837484301 version: -1 name: Verify Execution Status Is Pending type: condition @@ -2328,12 +2322,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "68": id: "68" - taskid: 1d5814ba-e7d7-4d07-8e15-b5a23bd34d31 + taskid: a00971dc-44f7-4f28-88c6-d58d8f6e3c93 type: regular task: - id: 1d5814ba-e7d7-4d07-8e15-b5a23bd34d31 + id: a00971dc-44f7-4f28-88c6-d58d8f6e3c93 version: -1 name: Get Script Results description: Retrieve the results of a script execution action. @@ -2360,12 +2356,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "69": id: "69" - taskid: f81c0f56-2f41-4f8b-8cc8-bed57d41f4ff + taskid: 3bc8f3c3-3949-4545-880b-3c52b7c2ffdd type: condition task: - id: f81c0f56-2f41-4f8b-8cc8-bed57d41f4ff + id: 3bc8f3c3-3949-4545-880b-3c52b7c2ffdd version: -1 name: Verify Execution Status Is Pending type: condition @@ -2398,12 +2396,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "70": id: "70" - taskid: 5ca23378-b822-40da-8d26-fc38db612472 + taskid: 1f421e8b-85f0-476c-8eff-be279a4723b6 type: regular task: - id: 5ca23378-b822-40da-8d26-fc38db612472 + id: 1f421e8b-85f0-476c-8eff-be279a4723b6 version: -1 name: Run snippet code script description: Initiate a new endpoint script execution action using provided @@ -2431,7 +2431,6 @@ tasks: accessor: endpoint_id snippet_code: simple: print("hello world") - timeout: {} separatecontext: false view: |- { @@ -2445,12 +2444,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "71": id: "71" - taskid: 7d165a7e-53a1-47d4-85cf-02aac82058d8 + taskid: 5e3f607e-8db6-4901-8b2d-a2b83f0e8996 type: regular task: - id: 7d165a7e-53a1-47d4-85cf-02aac82058d8 + id: 5e3f607e-8db6-4901-8b2d-a2b83f0e8996 version: -1 name: Run script execute commands description: Initiate a new endpoint script execution of shell commands. @@ -2492,12 +2493,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "72": id: "72" - taskid: 78c60edb-03de-423a-865e-d030de4ea2e4 + taskid: dc343cc8-9c97-496a-869a-283fac9be4d1 type: regular task: - id: 78c60edb-03de-423a-865e-d030de4ea2e4 + id: dc343cc8-9c97-496a-869a-283fac9be4d1 version: -1 name: Run Script With Empty Params description: Initiate a new endpoint script execution action using a script @@ -2508,7 +2511,7 @@ tasks: brand: "" nexttasks: '#none#': - - "25" + - "73" scriptarguments: endpoint_ids: complex: @@ -2527,7 +2530,6 @@ tasks: simple: ${inputs.parameters} script_uid: simple: dc5815bb786f4cc095671f3150717fc8 - timeout: {} separatecontext: false view: |- { @@ -2541,12 +2543,89 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "73": + id: "73" + taskid: 2e087af1-2953-447a-8fa6-8f22c263ef8b + type: regular + task: + id: 2e087af1-2953-447a-8fa6-8f22c263ef8b + version: -1 + name: Blacklist file that have already been added to the allow or block list + description: Blacklists requested files which have not already been blacklisted + or whitelisted. + script: '|||xdr-blacklist-files' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "74" + scriptarguments: + hash_list: + simple: 5bd86c8f753f3e1e35875201d74c75fdb9c60599c9fc250151a78e7464212fd4 + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 10140 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "74": + id: "74" + taskid: a4a0f0f5-e950-4ade-85c7-205b28e8f9fc + type: condition + task: + id: a4a0f0f5-e950-4ade-85c7-205b28e8f9fc + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "25" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: containsGeneral + left: + value: + simple: PaloAltoNetworksXDR.blackList.fileHash + iscontext: true + right: + value: + simple: 5bd86c8f753f3e1e35875201d74c75fdb9c60599c9fc250151a78e7464212fd4 + view: |- + { + "position": { + "x": 480, + "y": 10315 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": {}, "paper": { "dimensions": { - "height": 10155, + "height": 10505, "width": 922.5, "x": 50, "y": 50 @@ -2558,6 +2637,6 @@ inputs: value: {} required: false description: "" - playbookInputQuery: + playbookInputQuery: null outputs: [] fromversion: 5.0.0 diff --git a/Packs/CortexXDR/pack_metadata.json b/Packs/CortexXDR/pack_metadata.json index 982cbcc1b617..ee688906ad17 100644 --- a/Packs/CortexXDR/pack_metadata.json +++ b/Packs/CortexXDR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Palo Alto Networks Cortex XDR - Investigation and Response", "description": "Automates Cortex XDR incident response, and includes custom Cortex XDR incident views and layouts to aid analyst investigations.", "support": "xsoar", - "currentVersion": "3.0.25", + "currentVersion": "3.0.26", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 1186f7540c66f7c9e997110c882731892f343ce0 Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Sun, 29 Aug 2021 09:07:39 +0300 Subject: [PATCH 054/173] CrowdStrike API Integration (#12335) * crowdstrike api integration initial commit * call handle_proxy * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI.yml Done. * Update CrowdStrikeAPI_description.md Done. * Update README.md Done. * Update README.md Done. * bump docker image tag * gco * add test data * fix test data filename * bump docker image tag * autopep8 * ignore E501 * rm config json * add readme * improve docs Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- Packs/CrowdStrikeOpenAPI/.pack-ignore | 0 Packs/CrowdStrikeOpenAPI/.secrets-ignore | 0 .../CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.py | 9919 ++++++ .../CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml | 27920 ++++++++++++++++ .../CrowdStrikeOpenAPI_description.md | 7 + .../CrowdStrikeOpenAPI_image.png | Bin 0 -> 4182 bytes .../CrowdStrikeOpenAPI_test.py | 43 + .../Integrations/CrowdStrikeOpenAPI/README.md | 23 + .../test_data/query_behaviors_response.json | 16 + Packs/CrowdStrikeOpenAPI/README.md | 0 .../TestPlaybooks/CrowdStrike_API_-_Test.yml | 176 + Packs/CrowdStrikeOpenAPI/pack_metadata.json | 14 + 12 files changed, 38118 insertions(+) create mode 100644 Packs/CrowdStrikeOpenAPI/.pack-ignore create mode 100644 Packs/CrowdStrikeOpenAPI/.secrets-ignore create mode 100644 Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.py create mode 100644 Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml create mode 100644 Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_description.md create mode 100644 Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_image.png create mode 100644 Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_test.py create mode 100644 Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/README.md create mode 100644 Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/test_data/query_behaviors_response.json create mode 100644 Packs/CrowdStrikeOpenAPI/README.md create mode 100644 Packs/CrowdStrikeOpenAPI/TestPlaybooks/CrowdStrike_API_-_Test.yml create mode 100644 Packs/CrowdStrikeOpenAPI/pack_metadata.json diff --git a/Packs/CrowdStrikeOpenAPI/.pack-ignore b/Packs/CrowdStrikeOpenAPI/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/CrowdStrikeOpenAPI/.secrets-ignore b/Packs/CrowdStrikeOpenAPI/.secrets-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.py b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.py new file mode 100644 index 000000000000..e097bb3a2a54 --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.py @@ -0,0 +1,9919 @@ +import demistomock as demisto +from CommonServerPython import * + +# flake8: noqa: E501 + +class Client: + def __init__(self, params: Dict): + self.cs_client = CrowdStrikeClient(params) + + def add_role_request(self, domain_mssprolerequestv1_resources): + data = assign_params(resources=domain_mssprolerequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'mssp/entities/mssp-roles/v1', json_data=data, headers=headers) + + return response + + def add_user_group_members_request(self, domain_usergroupmembersrequestv1_resources): + data = assign_params(resources=domain_usergroupmembersrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'mssp/entities/user-group-members/v1', json_data=data, headers=headers) + + return response + + def addcid_group_members_request(self, domain_cidgroupmembersrequestv1_resources): + data = assign_params(resources=domain_cidgroupmembersrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'mssp/entities/cid-group-members/v1', json_data=data, headers=headers) + + return response + + def aggregate_allow_list_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'falcon-complete-dashboards/aggregates/allowlist/GET/v1', json_data=data, headers=headers) + + return response + + def aggregate_block_list_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'falcon-complete-dashboards/aggregates/blocklist/GET/v1', json_data=data, headers=headers) + + return response + + def aggregate_detections_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'falcon-complete-dashboards/aggregates/detects/GET/v1', json_data=data, headers=headers) + + return response + + def aggregate_device_count_collection_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'falcon-complete-dashboards/aggregates/devicecount-collections/GET/v1', json_data=data, headers=headers) + + return response + + def aggregate_escalations_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'falcon-complete-dashboards/aggregates/escalations/GET/v1', json_data=data, headers=headers) + + return response + + def aggregate_notificationsv1_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'recon/aggregates/notifications/GET/v1', json_data=data, headers=headers) + + return response + + def aggregate_remediations_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'falcon-complete-dashboards/aggregates/remediations/GET/v1', json_data=data, headers=headers) + + return response + + def aggregateevents_request(self, fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=fwmgr_msa_aggregatequeryrequest_date_ranges, field=fwmgr_msa_aggregatequeryrequest_field, filter=fwmgr_msa_aggregatequeryrequest_filter, interval=fwmgr_msa_aggregatequeryrequest_interval, min_doc_count=fwmgr_msa_aggregatequeryrequest_min_doc_count, missing=fwmgr_msa_aggregatequeryrequest_missing, name=fwmgr_msa_aggregatequeryrequest_name, + q=fwmgr_msa_aggregatequeryrequest_q, ranges=fwmgr_msa_aggregatequeryrequest_ranges, size=fwmgr_msa_aggregatequeryrequest_size, sort=fwmgr_msa_aggregatequeryrequest_sort, sub_aggregates=fwmgr_msa_aggregatequeryrequest_sub_aggregates, time_zone=fwmgr_msa_aggregatequeryrequest_time_zone, type=fwmgr_msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'fwmgr/aggregates/events/GET/v1', json_data=data, headers=headers) + + return response + + def aggregatefc_incidents_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'falcon-complete-dashboards/aggregates/incidents/GET/v1', json_data=data, headers=headers) + + return response + + def aggregatepolicyrules_request(self, fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=fwmgr_msa_aggregatequeryrequest_date_ranges, field=fwmgr_msa_aggregatequeryrequest_field, filter=fwmgr_msa_aggregatequeryrequest_filter, interval=fwmgr_msa_aggregatequeryrequest_interval, min_doc_count=fwmgr_msa_aggregatequeryrequest_min_doc_count, missing=fwmgr_msa_aggregatequeryrequest_missing, name=fwmgr_msa_aggregatequeryrequest_name, + q=fwmgr_msa_aggregatequeryrequest_q, ranges=fwmgr_msa_aggregatequeryrequest_ranges, size=fwmgr_msa_aggregatequeryrequest_size, sort=fwmgr_msa_aggregatequeryrequest_sort, sub_aggregates=fwmgr_msa_aggregatequeryrequest_sub_aggregates, time_zone=fwmgr_msa_aggregatequeryrequest_time_zone, type=fwmgr_msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'fwmgr/aggregates/policy-rules/GET/v1', json_data=data, headers=headers) + + return response + + def aggregaterulegroups_request(self, fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=fwmgr_msa_aggregatequeryrequest_date_ranges, field=fwmgr_msa_aggregatequeryrequest_field, filter=fwmgr_msa_aggregatequeryrequest_filter, interval=fwmgr_msa_aggregatequeryrequest_interval, min_doc_count=fwmgr_msa_aggregatequeryrequest_min_doc_count, missing=fwmgr_msa_aggregatequeryrequest_missing, name=fwmgr_msa_aggregatequeryrequest_name, + q=fwmgr_msa_aggregatequeryrequest_q, ranges=fwmgr_msa_aggregatequeryrequest_ranges, size=fwmgr_msa_aggregatequeryrequest_size, sort=fwmgr_msa_aggregatequeryrequest_sort, sub_aggregates=fwmgr_msa_aggregatequeryrequest_sub_aggregates, time_zone=fwmgr_msa_aggregatequeryrequest_time_zone, type=fwmgr_msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'fwmgr/aggregates/rule-groups/GET/v1', json_data=data, headers=headers) + + return response + + def aggregaterules_request(self, fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=fwmgr_msa_aggregatequeryrequest_date_ranges, field=fwmgr_msa_aggregatequeryrequest_field, filter=fwmgr_msa_aggregatequeryrequest_filter, interval=fwmgr_msa_aggregatequeryrequest_interval, min_doc_count=fwmgr_msa_aggregatequeryrequest_min_doc_count, missing=fwmgr_msa_aggregatequeryrequest_missing, name=fwmgr_msa_aggregatequeryrequest_name, + q=fwmgr_msa_aggregatequeryrequest_q, ranges=fwmgr_msa_aggregatequeryrequest_ranges, size=fwmgr_msa_aggregatequeryrequest_size, sort=fwmgr_msa_aggregatequeryrequest_sort, sub_aggregates=fwmgr_msa_aggregatequeryrequest_sub_aggregates, time_zone=fwmgr_msa_aggregatequeryrequest_time_zone, type=fwmgr_msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'fwmgr/aggregates/rules/GET/v1', json_data=data, headers=headers) + + return response + + def aggregates_detections_global_counts_request(self, filter_): + params = assign_params(filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'overwatch-dashboards/aggregates/detections-global-counts/v1', params=params, headers=headers) + + return response + + def aggregates_events_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'overwatch-dashboards/aggregates/events/GET/v1', json_data=data, headers=headers) + + return response + + def aggregates_events_collections_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'overwatch-dashboards/aggregates/events-collections/GET/v1', json_data=data, headers=headers) + + return response + + def aggregates_incidents_global_counts_request(self, filter_): + params = assign_params(filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'overwatch-dashboards/aggregates/incidents-global-counts/v1', params=params, headers=headers) + + return response + + def aggregatesow_events_global_counts_request(self, filter_): + params = assign_params(filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'overwatch-dashboards/aggregates/ow-events-global-counts/v1', params=params, headers=headers) + + return response + + def apipreemptproxypostgraphql_request(self, ): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'identity-protection/combined/graphql/v1', headers=headers) + + return response + + def auditeventsquery_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'installation-tokens/queries/audit-events/v1', params=params, headers=headers) + + return response + + def auditeventsread_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'installation-tokens/entities/audit-events/v1', params=params, headers=headers) + + return response + + def batch_active_responder_cmd_request(self, timeout, timeout_duration, domain_batchexecutecommandrequest_base_command, domain_batchexecutecommandrequest_batch_id, domain_batchexecutecommandrequest_command_string, domain_batchexecutecommandrequest_optional_hosts, domain_batchexecutecommandrequest_persist_all): + params = assign_params(timeout=timeout, timeout_duration=timeout_duration) + data = assign_params(base_command=domain_batchexecutecommandrequest_base_command, batch_id=domain_batchexecutecommandrequest_batch_id, + command_string=domain_batchexecutecommandrequest_command_string, optional_hosts=domain_batchexecutecommandrequest_optional_hosts, persist_all=domain_batchexecutecommandrequest_persist_all) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/combined/batch-active-responder-command/v1', params=params, json_data=data, headers=headers) + + return response + + def batch_admin_cmd_request(self, timeout, timeout_duration, domain_batchexecutecommandrequest_base_command, domain_batchexecutecommandrequest_batch_id, domain_batchexecutecommandrequest_command_string, domain_batchexecutecommandrequest_optional_hosts, domain_batchexecutecommandrequest_persist_all): + params = assign_params(timeout=timeout, timeout_duration=timeout_duration) + data = assign_params(base_command=domain_batchexecutecommandrequest_base_command, batch_id=domain_batchexecutecommandrequest_batch_id, + command_string=domain_batchexecutecommandrequest_command_string, optional_hosts=domain_batchexecutecommandrequest_optional_hosts, persist_all=domain_batchexecutecommandrequest_persist_all) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/combined/batch-admin-command/v1', params=params, json_data=data, headers=headers) + + return response + + def batch_cmd_request(self, timeout, timeout_duration, domain_batchexecutecommandrequest_base_command, domain_batchexecutecommandrequest_batch_id, domain_batchexecutecommandrequest_command_string, domain_batchexecutecommandrequest_optional_hosts, domain_batchexecutecommandrequest_persist_all): + params = assign_params(timeout=timeout, timeout_duration=timeout_duration) + data = assign_params(base_command=domain_batchexecutecommandrequest_base_command, batch_id=domain_batchexecutecommandrequest_batch_id, + command_string=domain_batchexecutecommandrequest_command_string, optional_hosts=domain_batchexecutecommandrequest_optional_hosts, persist_all=domain_batchexecutecommandrequest_persist_all) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/combined/batch-command/v1', params=params, json_data=data, headers=headers) + + return response + + def batch_get_cmd_request(self, timeout, timeout_duration, domain_batchgetcommandrequest_batch_id, domain_batchgetcommandrequest_file_path, domain_batchgetcommandrequest_optional_hosts): + params = assign_params(timeout=timeout, timeout_duration=timeout_duration) + data = assign_params(batch_id=domain_batchgetcommandrequest_batch_id, + file_path=domain_batchgetcommandrequest_file_path, optional_hosts=domain_batchgetcommandrequest_optional_hosts) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/combined/batch-get-command/v1', params=params, json_data=data, headers=headers) + + return response + + def batch_get_cmd_status_request(self, timeout, timeout_duration, batch_get_cmd_req_id): + params = assign_params(timeout=timeout, timeout_duration=timeout_duration, batch_get_cmd_req_id=batch_get_cmd_req_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'real-time-response/combined/batch-get-command/v1', params=params, headers=headers) + + return response + + def batch_init_sessions_request(self, timeout, timeout_duration, domain_batchinitsessionrequest_existing_batch_id, domain_batchinitsessionrequest_host_ids, domain_batchinitsessionrequest_queue_offline): + params = assign_params(timeout=timeout, timeout_duration=timeout_duration) + data = assign_params(existing_batch_id=domain_batchinitsessionrequest_existing_batch_id, + host_ids=domain_batchinitsessionrequest_host_ids, queue_offline=domain_batchinitsessionrequest_queue_offline) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/combined/batch-init-session/v1', params=params, json_data=data, headers=headers) + + return response + + def batch_refresh_sessions_request(self, timeout, timeout_duration, domain_batchrefreshsessionrequest_batch_id, domain_batchrefreshsessionrequest_hosts_to_remove): + params = assign_params(timeout=timeout, timeout_duration=timeout_duration) + data = assign_params(batch_id=domain_batchrefreshsessionrequest_batch_id, + hosts_to_remove=domain_batchrefreshsessionrequest_hosts_to_remove) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/combined/batch-refresh-session/v1', params=params, json_data=data, headers=headers) + + return response + + def create_actionsv1_request(self, domain_registeractionsrequest_actions, domain_registeractionsrequest_rule_id): + data = assign_params(actions=domain_registeractionsrequest_actions, rule_id=domain_registeractionsrequest_rule_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'recon/entities/actions/v1', json_data=data, headers=headers) + + return response + + def create_device_control_policies_request(self, requests_createdevicecontrolpoliciesv1_resources): + data = assign_params(resources=requests_createdevicecontrolpoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/device-control/v1', json_data=data, headers=headers) + + return response + + def create_firewall_policies_request(self, requests_createfirewallpoliciesv1_resources, clone_id): + params = assign_params(clone_id=clone_id) + data = assign_params(resources=requests_createfirewallpoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/firewall/v1', + params=params, json_data=data, headers=headers) + + return response + + def create_host_groups_request(self, requests_creategroupsv1_resources): + data = assign_params(resources=requests_creategroupsv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'devices/entities/host-groups/v1', json_data=data, headers=headers) + + return response + + def create_or_updateaws_settings_request(self, models_modifyawscustomersettingsv1_resources): + data = assign_params(resources=models_modifyawscustomersettingsv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'cloud-connect-aws/entities/settings/v1', json_data=data, headers=headers) + + return response + + def create_prevention_policies_request(self, requests_createpreventionpoliciesv1_resources): + data = assign_params(resources=requests_createpreventionpoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/prevention/v1', json_data=data, headers=headers) + + return response + + def create_rulesv1_request(self, sadomain_createrulerequestv1_filter, sadomain_createrulerequestv1_name, sadomain_createrulerequestv1_permissions, sadomain_createrulerequestv1_priority, sadomain_createrulerequestv1_topic): + data = assign_params(filter=sadomain_createrulerequestv1_filter, name=sadomain_createrulerequestv1_name, + permissions=sadomain_createrulerequestv1_permissions, priority=sadomain_createrulerequestv1_priority, topic=sadomain_createrulerequestv1_topic) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'recon/entities/rules/v1', json_data=data, headers=headers) + + return response + + def create_sensor_update_policies_request(self, requests_createsensorupdatepoliciesv1_resources): + data = assign_params(resources=requests_createsensorupdatepoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/sensor-update/v1', json_data=data, headers=headers) + + return response + + def create_sensor_update_policiesv2_request(self, requests_createsensorupdatepoliciesv2_resources): + data = assign_params(resources=requests_createsensorupdatepoliciesv2_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/sensor-update/v2', json_data=data, headers=headers) + + return response + + def create_user_request(self, domain_usercreaterequest_firstname, domain_usercreaterequest_lastname, domain_usercreaterequest_password, domain_usercreaterequest_uid): + data = assign_params(firstName=domain_usercreaterequest_firstname, lastName=domain_usercreaterequest_lastname, + password=domain_usercreaterequest_password, uid=domain_usercreaterequest_uid) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'users/entities/users/v1', json_data=data, headers=headers) + + return response + + def create_user_groups_request(self, domain_usergroupsrequestv1_resources): + data = assign_params(resources=domain_usergroupsrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'mssp/entities/user-groups/v1', json_data=data, headers=headers) + + return response + + def createaws_account_request(self, k8sreg_createawsaccreq_resources): + data = assign_params(resources=k8sreg_createawsaccreq_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'kubernetes-protection/entities/accounts/aws/v1', json_data=data, headers=headers) + + return response + + def createcid_groups_request(self, domain_cidgroupsrequestv1_resources): + data = assign_params(resources=domain_cidgroupsrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'mssp/entities/cid-groups/v1', json_data=data, headers=headers) + + return response + + def createcspm_aws_account_request(self, registration_awsaccountcreaterequestextv2_resources): + data = assign_params(resources=registration_awsaccountcreaterequestextv2_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'cloud-connect-cspm-aws/entities/account/v1', json_data=data, headers=headers) + + return response + + def createcspmgcp_account_request(self, registration_gcpaccountcreaterequestextv1_resources): + data = assign_params(resources=registration_gcpaccountcreaterequestextv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'cloud-connect-gcp/entities/account/v1', json_data=data, headers=headers) + + return response + + def createioc_request(self, api_iocviewrecord_batch_id, api_iocviewrecord_created_by, api_iocviewrecord_created_timestamp, api_iocviewrecord_description, api_iocviewrecord_expiration_days, api_iocviewrecord_expiration_timestamp, api_iocviewrecord_modified_by, api_iocviewrecord_modified_timestamp, api_iocviewrecord_policy, api_iocviewrecord_share_level, api_iocviewrecord_source, api_iocviewrecord_type, api_iocviewrecord_value): + data = assign_params(batch_id=api_iocviewrecord_batch_id, created_by=api_iocviewrecord_created_by, created_timestamp=api_iocviewrecord_created_timestamp, description=api_iocviewrecord_description, expiration_days=api_iocviewrecord_expiration_days, expiration_timestamp=api_iocviewrecord_expiration_timestamp, + modified_by=api_iocviewrecord_modified_by, modified_timestamp=api_iocviewrecord_modified_timestamp, policy=api_iocviewrecord_policy, share_level=api_iocviewrecord_share_level, source=api_iocviewrecord_source, type=api_iocviewrecord_type, value=api_iocviewrecord_value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'indicators/entities/iocs/v1', json_data=data, headers=headers) + + return response + + def createml_exclusionsv1_request(self, requests_mlexclusioncreatereqv1_comment, requests_mlexclusioncreatereqv1_excluded_from, requests_mlexclusioncreatereqv1_groups, requests_mlexclusioncreatereqv1_value): + data = assign_params(comment=requests_mlexclusioncreatereqv1_comment, excluded_from=requests_mlexclusioncreatereqv1_excluded_from, + groups=requests_mlexclusioncreatereqv1_groups, value=requests_mlexclusioncreatereqv1_value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/ml-exclusions/v1', json_data=data, headers=headers) + + return response + + def creatert_response_policies_request(self, requests_creatertresponsepoliciesv1_resources): + data = assign_params(resources=requests_creatertresponsepoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/response/v1', json_data=data, headers=headers) + + return response + + def createrule_request(self, api_rulecreatev1_comment, api_rulecreatev1_description, api_rulecreatev1_disposition_id, api_rulecreatev1_field_values, api_rulecreatev1_name, api_rulecreatev1_pattern_severity, api_rulecreatev1_rulegroup_id, api_rulecreatev1_ruletype_id): + data = assign_params(comment=api_rulecreatev1_comment, description=api_rulecreatev1_description, disposition_id=api_rulecreatev1_disposition_id, field_values=api_rulecreatev1_field_values, + name=api_rulecreatev1_name, pattern_severity=api_rulecreatev1_pattern_severity, rulegroup_id=api_rulecreatev1_rulegroup_id, ruletype_id=api_rulecreatev1_ruletype_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'ioarules/entities/rules/v1', json_data=data, headers=headers) + + return response + + def createrulegroup_request(self, clone_id, li_ary, comment, fwmgr_api_rulegroupcreaterequestv1_description, fwmgr_api_rulegroupcreaterequestv1_enabled, fwmgr_api_rulegroupcreaterequestv1_name, fwmgr_api_rulegroupcreaterequestv1_rules): + params = assign_params(clone_id=clone_id, li_ary=li_ary, comment=comment) + data = assign_params(description=fwmgr_api_rulegroupcreaterequestv1_description, enabled=fwmgr_api_rulegroupcreaterequestv1_enabled, + name=fwmgr_api_rulegroupcreaterequestv1_name, rules=fwmgr_api_rulegroupcreaterequestv1_rules) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'fwmgr/entities/rule-groups/v1', + params=params, json_data=data, headers=headers) + + return response + + def createrulegroup_mixin0_request(self, api_rulegroupcreaterequestv1_comment, api_rulegroupcreaterequestv1_description, api_rulegroupcreaterequestv1_name, api_rulegroupcreaterequestv1_platform): + data = assign_params(comment=api_rulegroupcreaterequestv1_comment, description=api_rulegroupcreaterequestv1_description, + name=api_rulegroupcreaterequestv1_name, platform=api_rulegroupcreaterequestv1_platform) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'ioarules/entities/rule-groups/v1', json_data=data, headers=headers) + + return response + + def createsv_exclusionsv1_request(self, requests_svexclusioncreatereqv1_comment, requests_svexclusioncreatereqv1_groups, requests_svexclusioncreatereqv1_value): + data = assign_params(comment=requests_svexclusioncreatereqv1_comment, + groups=requests_svexclusioncreatereqv1_groups, value=requests_svexclusioncreatereqv1_value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/sv-exclusions/v1', json_data=data, headers=headers) + + return response + + def crowd_score_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'incidents/combined/crowdscores/v1', params=params, headers=headers) + + return response + + def customersettingsread_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'installation-tokens/entities/customer-settings/v1', headers=headers) + + return response + + def delete_actionv1_request(self, id_): + params = assign_params(id=id_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'recon/entities/actions/v1', params=params, headers=headers) + + return response + + def delete_device_control_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/device-control/v1', params=params, headers=headers) + + return response + + def delete_firewall_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/firewall/v1', params=params, headers=headers) + + return response + + def delete_host_groups_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'devices/entities/host-groups/v1', params=params, headers=headers) + + return response + + def delete_notificationsv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'recon/entities/notifications/v1', params=params, headers=headers) + + return response + + def delete_prevention_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/prevention/v1', params=params, headers=headers) + + return response + + def delete_report_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'falconx/entities/reports/v1', params=params, headers=headers) + + return response + + def delete_rulesv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'recon/entities/rules/v1', params=params, headers=headers) + + return response + + def delete_samplev2_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'samples/entities/samples/v2', params=params, headers=headers) + + return response + + def delete_samplev3_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'samples/entities/samples/v3', params=params, headers=headers) + + return response + + def delete_sensor_update_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/sensor-update/v1', params=params, headers=headers) + + return response + + def delete_sensor_visibility_exclusionsv1_request(self, ids, comment): + params = assign_params(ids=ids, comment=comment) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/sv-exclusions/v1', params=params, headers=headers) + + return response + + def delete_user_request(self, user_uuid): + params = assign_params(user_uuid=user_uuid) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'users/entities/users/v1', params=params, headers=headers) + + return response + + def delete_user_group_members_request(self, domain_usergroupmembersrequestv1_resources): + data = assign_params(resources=domain_usergroupmembersrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'mssp/entities/user-group-members/v1', json_data=data, headers=headers) + + return response + + def delete_user_groups_request(self, user_group_ids): + params = assign_params(user_group_ids=user_group_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'mssp/entities/user-groups/v1', params=params, headers=headers) + + return response + + def deleteaws_accounts_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'cloud-connect-aws/entities/accounts/v1', params=params, headers=headers) + + return response + + def deleteaws_accounts_mixin0_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'delete', 'kubernetes-protection/entities/accounts/aws/v1', params=params, headers=headers) + + return response + + def deletecid_group_members_request(self, domain_cidgroupmembersrequestv1_resources): + data = assign_params(resources=domain_cidgroupmembersrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'mssp/entities/cid-group-members/v1', json_data=data, headers=headers) + + return response + + def deletecid_groups_request(self, cid_group_ids): + params = assign_params(cid_group_ids=cid_group_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'mssp/entities/cid-groups/v1', params=params, headers=headers) + + return response + + def deletecspm_aws_account_request(self, ids, organization_ids): + params = assign_params(ids=ids, organization_ids=organization_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'delete', 'cloud-connect-cspm-aws/entities/account/v1', params=params, headers=headers) + + return response + + def deletecspm_azure_account_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'delete', 'cloud-connect-cspm-azure/entities/account/v1', params=params, headers=headers) + + return response + + def deleted_roles_request(self, domain_mssprolerequestv1_resources): + data = assign_params(resources=domain_mssprolerequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'mssp/entities/mssp-roles/v1', json_data=data, headers=headers) + + return response + + def deleteioa_exclusionsv1_request(self, ids, comment): + params = assign_params(ids=ids, comment=comment) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/ioa-exclusions/v1', params=params, headers=headers) + + return response + + def deleteioc_request(self, type_, value): + params = assign_params(type=type_, value=value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'indicators/entities/iocs/v1', params=params, headers=headers) + + return response + + def deleteml_exclusionsv1_request(self, ids, comment): + params = assign_params(ids=ids, comment=comment) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/ml-exclusions/v1', params=params, headers=headers) + + return response + + def deletert_response_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'policy/entities/response/v1', params=params, headers=headers) + + return response + + def deleterulegroups_request(self, ids, comment): + params = assign_params(ids=ids, comment=comment) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'fwmgr/entities/rule-groups/v1', params=params, headers=headers) + + return response + + def deleterulegroups_mixin0_request(self, comment, ids): + params = assign_params(comment=comment, ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'ioarules/entities/rule-groups/v1', params=params, headers=headers) + + return response + + def deleterules_request(self, rule_group_id, comment, ids): + params = assign_params(rule_group_id=rule_group_id, comment=comment, ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'ioarules/entities/rules/v1', params=params, headers=headers) + + return response + + def devices_count_request(self, type_, value): + params = assign_params(type=type_, value=value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'indicators/aggregates/devices-count/v1', params=params, headers=headers) + + return response + + def devices_ran_on_request(self, type_, value, limit, offset): + params = assign_params(type=type_, value=value, limit=limit, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'indicators/queries/devices/v1', params=params, headers=headers) + + return response + + def download_sensor_installer_by_id_request(self, id_): + params = assign_params(id=id_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'sensors/entities/download-installer/v1', params=params, headers=headers) + + return response + + def entitiesprocesses_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'processes/entities/processes/v1', params=params, headers=headers) + + return response + + def get_actionsv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'recon/entities/actions/v1', params=params, headers=headers) + + return response + + def get_aggregate_detects_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'detects/aggregates/detects/GET/v1', json_data=data, headers=headers) + + return response + + def get_artifacts_request(self, id_, name): + params = assign_params(id=id_, name=name) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'falconx/entities/artifacts/v1', params=params, headers=headers) + + return response + + def get_assessmentv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'zero-trust-assessment/entities/assessments/v1', params=params, headers=headers) + + return response + + def get_available_role_ids_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'user-roles/queries/user-role-ids-by-cid/v1', headers=headers) + + return response + + def get_behaviors_request(self, msa_idsrequest_ids): + data = assign_params(ids=msa_idsrequest_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'incidents/entities/behaviors/GET/v1', json_data=data, headers=headers) + + return response + + def get_children_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/entities/children/v1', params=params, headers=headers) + + return response + + def get_cloudconnectazure_entities_account_v1_request(self, ids, scan_type): + params = assign_params(ids=ids, scan_type=scan_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-azure/entities/account/v1', params=params, headers=headers) + + return response + + def get_cloudconnectazure_entities_userscriptsdownload_v1_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-azure/entities/user-scripts-download/v1', headers=headers) + + return response + + def get_cloudconnectcspmazure_entities_account_v1_request(self, ids, scan_type, status, limit, offset): + params = assign_params(ids=ids, scan_type=scan_type, status=status, limit=limit, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'cloud-connect-cspm-azure/entities/account/v1', params=params, headers=headers) + + return response + + def get_cloudconnectcspmazure_entities_userscriptsdownload_v1_request(self, tenant_id): + params = assign_params(tenant_id=tenant_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'cloud-connect-cspm-azure/entities/user-scripts-download/v1', params=params, headers=headers) + + return response + + def get_clusters_request(self, cluster_names, account_ids, locations, cluster_service, limit, offset): + params = assign_params(cluster_names=cluster_names, account_ids=account_ids, locations=locations, + cluster_service=cluster_service, limit=limit, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'kubernetes-protection/entities/kubernetes/clusters/v1', params=params, headers=headers) + + return response + + def get_combined_sensor_installers_by_query_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'sensors/combined/installers/v1', params=params, headers=headers) + + return response + + def get_detect_summaries_request(self, msa_idsrequest_ids): + data = assign_params(ids=msa_idsrequest_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'detects/entities/summaries/GET/v1', json_data=data, headers=headers) + + return response + + def get_device_control_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/device-control/v1', params=params, headers=headers) + + return response + + def get_device_count_collection_queries_by_filter_request(self, limit, sort, filter_, offset): + params = assign_params(limit=limit, sort=sort, filter=filter_, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'falcon-complete-dashboards/queries/devicecount-collections/v1', params=params, headers=headers) + + return response + + def get_device_details_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/entities/devices/v1', params=params, headers=headers) + + return response + + def get_firewall_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/firewall/v1', params=params, headers=headers) + + return response + + def get_helm_values_yaml_request(self, cluster_name): + params = assign_params(cluster_name=cluster_name) + + headers = self.cs_client._headers + headers['Accept'] = 'application/yaml' + + response = self.cs_client.http_request( + 'get', 'kubernetes-protection/entities/integration/agent/v1', params=params, headers=headers) + + return response + + def get_host_groups_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/entities/host-groups/v1', params=params, headers=headers) + + return response + + def get_incidents_request(self, msa_idsrequest_ids): + data = assign_params(ids=msa_idsrequest_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'incidents/entities/incidents/GET/v1', json_data=data, headers=headers) + + return response + + def get_intel_actor_entities_request(self, ids, fields): + params = assign_params(ids=ids, fields=fields) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/entities/actors/v1', params=params, headers=headers) + + return response + + def get_intel_indicator_entities_request(self, msa_idsrequest_ids): + data = assign_params(ids=msa_idsrequest_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'intel/entities/indicators/GET/v1', json_data=data, headers=headers) + + return response + + def get_intel_report_entities_request(self, ids, fields): + params = assign_params(ids=ids, fields=fields) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/entities/reports/v1', params=params, headers=headers) + + return response + + def get_intel_reportpdf_request(self, id_): + params = assign_params(id=id_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/entities/report-files/v1', params=params, headers=headers) + + return response + + def get_intel_rule_entities_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/entities/rules/v1', params=params, headers=headers) + + return response + + def get_intel_rule_file_request(self, id_, format): + params = assign_params(id=id_, format=format) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/entities/rules-files/v1', params=params, headers=headers) + + return response + + def get_latest_intel_rule_file_request(self, type_, format): + params = assign_params(type=type_, format=format) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/entities/rules-latest-files/v1', params=params, headers=headers) + + return response + + def get_locations_request(self, clouds): + params = assign_params(clouds=clouds) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'kubernetes-protection/entities/cloud-locations/v1', params=params, headers=headers) + + return response + + def get_mal_query_downloadv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'malquery/entities/download-files/v1', params=params, headers=headers) + + return response + + def get_mal_query_entities_samples_fetchv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'malquery/entities/samples-fetch/v1', params=params, headers=headers) + + return response + + def get_mal_query_metadatav1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'malquery/entities/metadata/v1', params=params, headers=headers) + + return response + + def get_mal_query_quotasv1_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'malquery/aggregates/quotas/v1', headers=headers) + + return response + + def get_mal_query_requestv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'malquery/entities/requests/v1', params=params, headers=headers) + + return response + + def get_notifications_detailed_translatedv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'recon/entities/notifications-detailed-translated/v1', params=params, headers=headers) + + return response + + def get_notifications_detailedv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'recon/entities/notifications-detailed/v1', params=params, headers=headers) + + return response + + def get_notifications_translatedv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'recon/entities/notifications-translated/v1', params=params, headers=headers) + + return response + + def get_notificationsv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'recon/entities/notifications/v1', params=params, headers=headers) + + return response + + def get_prevention_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/prevention/v1', params=params, headers=headers) + + return response + + def get_reports_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'falconx/entities/reports/v1', params=params, headers=headers) + + return response + + def get_roles_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'user-roles/entities/user-roles/v1', params=params, headers=headers) + + return response + + def get_roles_byid_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/entities/mssp-roles/v1', params=params, headers=headers) + + return response + + def get_rulesv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'recon/entities/rules/v1', params=params, headers=headers) + + return response + + def get_samplev2_request(self, ids, password_protected): + params = assign_params(ids=ids, password_protected=password_protected) + + headers = self.cs_client._headers + headers['Accept'] = 'application/octet-stream' + + response = self.cs_client.http_request('get', 'samples/entities/samples/v2', params=params, headers=headers) + + return response + + def get_samplev3_request(self, ids, password_protected): + params = assign_params(ids=ids, password_protected=password_protected) + + headers = self.cs_client._headers + headers['Accept'] = 'application/octet-stream' + + response = self.cs_client.http_request('get', 'samples/entities/samples/v3', params=params, headers=headers) + + return response + + def get_scans_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'scanner/entities/scans/v1', params=params, headers=headers) + + return response + + def get_scans_aggregates_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'scanner/aggregates/scans/GET/v1', json_data=data, headers=headers) + + return response + + def get_sensor_installers_by_query_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'sensors/queries/installers/v1', params=params, headers=headers) + + return response + + def get_sensor_installers_entities_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'sensors/entities/installers/v1', params=params, headers=headers) + + return response + + def get_sensor_installersccid_by_query_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'sensors/queries/installers/ccid/v1', headers=headers) + + return response + + def get_sensor_update_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/sensor-update/v1', params=params, headers=headers) + + return response + + def get_sensor_update_policiesv2_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/sensor-update/v2', params=params, headers=headers) + + return response + + def get_sensor_visibility_exclusionsv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/sv-exclusions/v1', params=params, headers=headers) + + return response + + def get_submissions_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'falconx/entities/submissions/v1', params=params, headers=headers) + + return response + + def get_summary_reports_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'falconx/entities/report-summaries/v1', params=params, headers=headers) + + return response + + def get_user_group_members_byid_request(self, user_group_ids): + params = assign_params(user_group_ids=user_group_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/entities/user-group-members/v1', params=params, headers=headers) + + return response + + def get_user_groups_byid_request(self, user_group_ids): + params = assign_params(user_group_ids=user_group_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/entities/user-groups/v1', params=params, headers=headers) + + return response + + def get_user_role_ids_request(self, user_uuid): + params = assign_params(user_uuid=user_uuid) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'user-roles/queries/user-role-ids-by-user-uuid/v1', params=params, headers=headers) + + return response + + def get_vulnerabilities_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'spotlight/entities/vulnerabilities/v2', params=params, headers=headers) + + return response + + def getaws_accounts_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-aws/entities/accounts/v1', params=params, headers=headers) + + return response + + def getaws_accounts_mixin0_request(self, ids, status, limit, offset): + params = assign_params(ids=ids, status=status, limit=limit, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'kubernetes-protection/entities/accounts/aws/v1', params=params, headers=headers) + + return response + + def getaws_settings_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-aws/combined/settings/v1', headers=headers) + + return response + + def getcid_group_by_id_request(self, cid_group_ids): + params = assign_params(cid_group_ids=cid_group_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/entities/cid-groups/v1', params=params, headers=headers) + + return response + + def getcid_group_members_by_request(self, cid_group_ids): + params = assign_params(cid_group_ids=cid_group_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/entities/cid-group-members/v1', params=params, headers=headers) + + return response + + def getcspm_aws_account_request(self, scan_type, ids, organization_ids, status, limit, offset, group_by): + params = assign_params(scan_type=scan_type, ids=ids, organization_ids=organization_ids, + status=status, limit=limit, offset=offset, group_by=group_by) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'cloud-connect-cspm-aws/entities/account/v1', params=params, headers=headers) + + return response + + def getcspm_aws_account_scripts_attachment_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-cspm-aws/entities/user-scripts-download/v1', headers=headers) + + return response + + def getcspm_aws_console_setupur_ls_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-cspm-aws/entities/console-setup-urls/v1', headers=headers) + + return response + + def getcspm_azure_user_scripts_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-azure/entities/user-scripts/v1', headers=headers) + + return response + + def getcspm_policy_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'settings/entities/policy-details/v1', params=params, headers=headers) + + return response + + def getcspm_policy_settings_request(self, service, policy_id, cloud_platform): + params = assign_params(service=service, policy_id=policy_id, cloud_platform=cloud_platform) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'settings/entities/policy/v1', params=params, headers=headers) + + return response + + def getcspm_scan_schedule_request(self, cloud_platform): + params = assign_params(cloud_platform=cloud_platform) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'settings/scan-schedule/v1', params=params, headers=headers) + + return response + + def getcspmcgp_account_request(self, scan_type, ids): + params = assign_params(scan_type=scan_type, ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-gcp/entities/account/v1', params=params, headers=headers) + + return response + + def getcspmgcp_user_scripts_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-gcp/entities/user-scripts/v1', headers=headers) + + return response + + def getcspmgcp_user_scripts_attachment_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-gcp/entities/user-scripts-download/v1', headers=headers) + + return response + + def getevents_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/entities/events/v1', params=params, headers=headers) + + return response + + def getfirewallfields_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/entities/firewall-fields/v1', params=params, headers=headers) + + return response + + def getioa_events_request(self, policy_id, cloud_provider, account_id, azure_tenant_id, user_ids, offset, limit): + params = assign_params(policy_id=policy_id, cloud_provider=cloud_provider, account_id=account_id, + azure_tenant_id=azure_tenant_id, user_ids=user_ids, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioa/entities/events/v1', params=params, headers=headers) + + return response + + def getioa_exclusionsv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/ioa-exclusions/v1', params=params, headers=headers) + + return response + + def getioa_users_request(self, policy_id, cloud_provider, account_id, azure_tenant_id): + params = assign_params(policy_id=policy_id, cloud_provider=cloud_provider, + account_id=account_id, azure_tenant_id=azure_tenant_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioa/entities/users/v1', params=params, headers=headers) + + return response + + def getioc_request(self, type_, value): + params = assign_params(type=type_, value=value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'indicators/entities/iocs/v1', params=params, headers=headers) + + return response + + def getml_exclusionsv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/ml-exclusions/v1', params=params, headers=headers) + + return response + + def getpatterns_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/entities/pattern-severities/v1', params=params, headers=headers) + + return response + + def getplatforms_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/entities/platforms/v1', params=params, headers=headers) + + return response + + def getplatforms_mixin0_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/entities/platforms/v1', params=params, headers=headers) + + return response + + def getpolicycontainers_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/entities/policies/v1', params=params, headers=headers) + + return response + + def getrt_response_policies_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/entities/response/v1', params=params, headers=headers) + + return response + + def getrulegroups_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/entities/rule-groups/v1', params=params, headers=headers) + + return response + + def getrulegroups_mixin0_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/entities/rule-groups/v1', params=params, headers=headers) + + return response + + def getrules_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/entities/rules/v1', params=params, headers=headers) + + return response + + def getrules_mixin0_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/entities/rules/v1', params=params, headers=headers) + + return response + + def getrulesget_request(self, api_rulesgetrequestv1_ids): + data = assign_params(ids=api_rulesgetrequestv1_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'ioarules/entities/rules/GET/v1', json_data=data, headers=headers) + + return response + + def getruletypes_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/entities/rule-types/v1', params=params, headers=headers) + + return response + + def grant_user_role_ids_request(self, user_uuid, domain_roleids_roleids): + params = assign_params(user_uuid=user_uuid) + data = assign_params(roleIds=domain_roleids_roleids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'user-roles/entities/user-roles/v1', + params=params, json_data=data, headers=headers) + + return response + + def indicatorcombinedv1_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'iocs/combined/indicator/v1', params=params, headers=headers) + + return response + + def indicatorcreatev1_request(self, retrodetects, ignore_warnings, api_indicatorcreatereqsv1_comment, api_indicatorcreatereqsv1_indicators): + params = assign_params(retrodetects=retrodetects, ignore_warnings=ignore_warnings) + data = assign_params(comment=api_indicatorcreatereqsv1_comment, indicators=api_indicatorcreatereqsv1_indicators) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'iocs/entities/indicators/v1', + params=params, json_data=data, headers=headers) + + return response + + def indicatordeletev1_request(self, filter_, ids, comment): + params = assign_params(filter=filter_, ids=ids, comment=comment) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'iocs/entities/indicators/v1', params=params, headers=headers) + + return response + + def indicatorgetv1_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'iocs/entities/indicators/v1', params=params, headers=headers) + + return response + + def indicatorsearchv1_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'iocs/queries/indicators/v1', params=params, headers=headers) + + return response + + def indicatorupdatev1_request(self, retrodetects, ignore_warnings, api_indicatorupdatereqsv1_bulk_update, api_indicatorupdatereqsv1_comment, api_indicatorupdatereqsv1_indicators): + params = assign_params(retrodetects=retrodetects, ignore_warnings=ignore_warnings) + data = assign_params(bulk_update=api_indicatorupdatereqsv1_bulk_update, + comment=api_indicatorupdatereqsv1_comment, indicators=api_indicatorupdatereqsv1_indicators) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'iocs/entities/indicators/v1', + params=params, json_data=data, headers=headers) + + return response + + def list_available_streamso_auth2_request(self, appId, format): + params = assign_params(appId=appId, format=format) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'sensors/entities/datafeed/v2', params=params, headers=headers) + + return response + + def oauth2_access_token_request(self, client_id, client_secret, member_cid): + data = assign_params(client_id=client_id, client_secret=client_secret, member_cid=member_cid) + + headers = self.cs_client._headers + headers['Content-Type'] = 'application/x-www-form-urlencoded' + + response = self.cs_client.http_request('post', 'oauth2/token', json_data=data, headers=headers) + + return response + + def oauth2_revoke_token_request(self, token): + data = assign_params(token=token) + + headers = self.cs_client._headers + headers['Content-Type'] = 'application/x-www-form-urlencoded' + + response = self.cs_client.http_request('post', 'oauth2/revoke', json_data=data, headers=headers) + + return response + + def patch_cloudconnectazure_entities_clientid_v1_request(self, id_): + params = assign_params(id=id_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'patch', 'cloud-connect-azure/entities/client-id/v1', params=params, headers=headers) + + return response + + def patch_cloudconnectcspmazure_entities_clientid_v1_request(self, id_, tenant_id): + params = assign_params(id=id_, tenant_id=tenant_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'patch', 'cloud-connect-cspm-azure/entities/client-id/v1', params=params, headers=headers) + + return response + + def patchcspm_aws_account_request(self, registration_awsaccountpatchrequest_resources): + data = assign_params(resources=registration_awsaccountpatchrequest_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'patch', 'cloud-connect-cspm-aws/entities/account/v1', json_data=data, headers=headers) + + return response + + def perform_actionv2_request(self, action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + params = assign_params(action_name=action_name) + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'devices/entities/devices-actions/v2', + params=params, json_data=data, headers=headers) + + return response + + def perform_device_control_policies_action_request(self, action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + params = assign_params(action_name=action_name) + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/device-control-actions/v1', + params=params, json_data=data, headers=headers) + + return response + + def perform_firewall_policies_action_request(self, action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + params = assign_params(action_name=action_name) + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/firewall-actions/v1', + params=params, json_data=data, headers=headers) + + return response + + def perform_group_action_request(self, action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + params = assign_params(action_name=action_name) + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'devices/entities/host-group-actions/v1', + params=params, json_data=data, headers=headers) + + return response + + def perform_incident_action_request(self, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'incidents/entities/incident-actions/v1', json_data=data, headers=headers) + + return response + + def perform_prevention_policies_action_request(self, action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + params = assign_params(action_name=action_name) + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/prevention-actions/v1', + params=params, json_data=data, headers=headers) + + return response + + def perform_sensor_update_policies_action_request(self, action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + params = assign_params(action_name=action_name) + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/sensor-update-actions/v1', + params=params, json_data=data, headers=headers) + + return response + + def performrt_response_policies_action_request(self, action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids): + params = assign_params(action_name=action_name) + data = assign_params(action__meters=msa_entityactionrequestv2_action__meters, ids=msa_entityactionrequestv2_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/response-actions/v1', + params=params, json_data=data, headers=headers) + + return response + + def post_cloudconnectazure_entities_account_v1_request(self, registration_azureaccountcreaterequestexternalv1_resources): + data = assign_params(resources=registration_azureaccountcreaterequestexternalv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'cloud-connect-azure/entities/account/v1', json_data=data, headers=headers) + + return response + + def post_cloudconnectcspmazure_entities_account_v1_request(self, registration_azureaccountcreaterequestexternalv1_resources): + data = assign_params(resources=registration_azureaccountcreaterequestexternalv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'cloud-connect-cspm-azure/entities/account/v1', json_data=data, headers=headers) + + return response + + def post_mal_query_entities_samples_multidownloadv1_request(self, malquery_multidownloadrequestv1_samples): + data = assign_params(samples=malquery_multidownloadrequestv1_samples) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'malquery/entities/samples-multidownload/v1', json_data=data, headers=headers) + + return response + + def post_mal_query_exact_searchv1_request(self, malquery_externalexactsearchparametersv1_options, malquery_externalexactsearchparametersv1_patterns): + data = assign_params(options=malquery_externalexactsearchparametersv1_options, + patterns=malquery_externalexactsearchparametersv1_patterns) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'malquery/queries/exact-search/v1', json_data=data, headers=headers) + + return response + + def post_mal_query_fuzzy_searchv1_request(self, malquery_fuzzysearchparametersv1_options, malquery_fuzzysearchparametersv1_patterns): + data = assign_params(options=malquery_fuzzysearchparametersv1_options, patterns=malquery_fuzzysearchparametersv1_patterns) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'malquery/combined/fuzzy-search/v1', json_data=data, headers=headers) + + return response + + def post_mal_query_huntv1_request(self, malquery_externalhuntparametersv1_options, malquery_externalhuntparametersv1_yara_rule): + data = assign_params(options=malquery_externalhuntparametersv1_options, + yara_rule=malquery_externalhuntparametersv1_yara_rule) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'malquery/queries/hunt/v1', json_data=data, headers=headers) + + return response + + def preview_rulev1_request(self, domain_rulepreviewrequest_filter, domain_rulepreviewrequest_topic): + data = assign_params(filter=domain_rulepreviewrequest_filter, topic=domain_rulepreviewrequest_topic) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'recon/aggregates/rules-preview/GET/v1', json_data=data, headers=headers) + + return response + + def processes_ran_on_request(self, type_, value, device_id, limit, offset): + params = assign_params(type=type_, value=value, device_id=device_id, limit=limit, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'indicators/queries/processes/v1', params=params, headers=headers) + + return response + + def provisionaws_accounts_request(self, mode, models_createawsaccountsv1_resources): + params = assign_params(mode=mode) + data = assign_params(resources=models_createawsaccountsv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'cloud-connect-aws/entities/accounts/v1', + params=params, json_data=data, headers=headers) + + return response + + def query_actionsv1_request(self, offset, limit, sort, filter_, q): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'recon/queries/actions/v1', params=params, headers=headers) + + return response + + def query_allow_list_filter_request(self, limit, sort, filter_, offset): + params = assign_params(limit=limit, sort=sort, filter=filter_, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'falcon-complete-dashboards/queries/allowlist/v1', params=params, headers=headers) + + return response + + def query_behaviors_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'incidents/queries/behaviors/v1', params=params, headers=headers) + + return response + + def query_block_list_filter_request(self, limit, sort, filter_, offset): + params = assign_params(limit=limit, sort=sort, filter=filter_, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'falcon-complete-dashboards/queries/blocklist/v1', params=params, headers=headers) + + return response + + def query_children_request(self, sort, offset, limit): + params = assign_params(sort=sort, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/queries/children/v1', params=params, headers=headers) + + return response + + def query_combined_device_control_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/device-control/v1', params=params, headers=headers) + + return response + + def query_combined_device_control_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/device-control-members/v1', params=params, headers=headers) + + return response + + def query_combined_firewall_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/firewall/v1', params=params, headers=headers) + + return response + + def query_combined_firewall_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/firewall-members/v1', params=params, headers=headers) + + return response + + def query_combined_group_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/combined/host-group-members/v1', params=params, headers=headers) + + return response + + def query_combined_host_groups_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/combined/host-groups/v1', params=params, headers=headers) + + return response + + def query_combined_prevention_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/prevention/v1', params=params, headers=headers) + + return response + + def query_combined_prevention_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/prevention-members/v1', params=params, headers=headers) + + return response + + def query_combined_sensor_update_builds_request(self, platform): + params = assign_params(platform=platform) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/sensor-update-builds/v1', params=params, headers=headers) + + return response + + def query_combined_sensor_update_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/sensor-update/v1', params=params, headers=headers) + + return response + + def query_combined_sensor_update_policiesv2_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/sensor-update/v2', params=params, headers=headers) + + return response + + def query_combined_sensor_update_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/sensor-update-members/v1', params=params, headers=headers) + + return response + + def query_combinedrt_response_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/response/v1', params=params, headers=headers) + + return response + + def query_combinedrt_response_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/combined/response-members/v1', params=params, headers=headers) + + return response + + def query_detection_ids_by_filter_request(self, limit, sort, filter_, offset): + params = assign_params(limit=limit, sort=sort, filter=filter_, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'falcon-complete-dashboards/queries/detects/v1', params=params, headers=headers) + + return response + + def query_detects_request(self, offset, limit, sort, filter_, q): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'detects/queries/detects/v1', params=params, headers=headers) + + return response + + def query_device_control_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/device-control/v1', params=params, headers=headers) + + return response + + def query_device_control_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/device-control-members/v1', params=params, headers=headers) + + return response + + def query_devices_by_filter_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/queries/devices/v1', params=params, headers=headers) + + return response + + def query_devices_by_filter_scroll_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/queries/devices-scroll/v1', params=params, headers=headers) + + return response + + def query_escalations_filter_request(self, limit, sort, filter_, offset): + params = assign_params(limit=limit, sort=sort, filter=filter_, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'falcon-complete-dashboards/queries/escalations/v1', params=params, headers=headers) + + return response + + def query_firewall_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/firewall/v1', params=params, headers=headers) + + return response + + def query_firewall_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/firewall-members/v1', params=params, headers=headers) + + return response + + def query_group_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/queries/host-group-members/v1', params=params, headers=headers) + + return response + + def query_hidden_devices_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/queries/devices-hidden/v1', params=params, headers=headers) + + return response + + def query_host_groups_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'devices/queries/host-groups/v1', params=params, headers=headers) + + return response + + def query_incident_ids_by_filter_request(self, limit, sort, filter_, offset): + params = assign_params(limit=limit, sort=sort, filter=filter_, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'falcon-complete-dashboards/queries/incidents/v1', params=params, headers=headers) + + return response + + def query_incidents_request(self, sort, filter_, offset, limit): + params = assign_params(sort=sort, filter=filter_, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'incidents/queries/incidents/v1', params=params, headers=headers) + + return response + + def query_intel_actor_entities_request(self, offset, limit, sort, filter_, q, fields): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q, fields=fields) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/combined/actors/v1', params=params, headers=headers) + + return response + + def query_intel_actor_ids_request(self, offset, limit, sort, filter_, q): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/queries/actors/v1', params=params, headers=headers) + + return response + + def query_intel_indicator_entities_request(self, offset, limit, sort, filter_, q, include_deleted): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q, include_deleted=include_deleted) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/combined/indicators/v1', params=params, headers=headers) + + return response + + def query_intel_indicator_ids_request(self, offset, limit, sort, filter_, q, include_deleted): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q, include_deleted=include_deleted) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/queries/indicators/v1', params=params, headers=headers) + + return response + + def query_intel_report_entities_request(self, offset, limit, sort, filter_, q, fields): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q, fields=fields) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/combined/reports/v1', params=params, headers=headers) + + return response + + def query_intel_report_ids_request(self, offset, limit, sort, filter_, q): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/queries/reports/v1', params=params, headers=headers) + + return response + + def query_intel_rule_ids_request(self, offset, limit, sort, name, type_, description, tags, min_created_date, max_created_date, q): + params = assign_params(offset=offset, limit=limit, sort=sort, name=name, type=type_, description=description, + tags=tags, min_created_date=min_created_date, max_created_date=max_created_date, q=q) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'intel/queries/rules/v1', params=params, headers=headers) + + return response + + def query_notificationsv1_request(self, offset, limit, sort, filter_, q): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'recon/queries/notifications/v1', params=params, headers=headers) + + return response + + def query_prevention_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/prevention/v1', params=params, headers=headers) + + return response + + def query_prevention_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/prevention-members/v1', params=params, headers=headers) + + return response + + def query_remediations_filter_request(self, limit, sort, filter_, offset): + params = assign_params(limit=limit, sort=sort, filter=filter_, offset=offset) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'falcon-complete-dashboards/queries/remediations/v1', params=params, headers=headers) + + return response + + def query_reports_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'falconx/queries/reports/v1', params=params, headers=headers) + + return response + + def query_roles_request(self, user_group_id, cid_group_id, role_id, sort, offset, limit): + params = assign_params(user_group_id=user_group_id, cid_group_id=cid_group_id, + role_id=role_id, sort=sort, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/queries/mssp-roles/v1', params=params, headers=headers) + + return response + + def query_rulesv1_request(self, offset, limit, sort, filter_, q): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_, q=q) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'recon/queries/rules/v1', params=params, headers=headers) + + return response + + def query_samplev1_request(self, samplestore_querysamplesrequest_sha256s): + data = assign_params(sha256s=samplestore_querysamplesrequest_sha256s) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'samples/queries/samples/GET/v1', json_data=data, headers=headers) + + return response + + def query_sensor_update_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/sensor-update/v1', params=params, headers=headers) + + return response + + def query_sensor_update_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/sensor-update-members/v1', params=params, headers=headers) + + return response + + def query_sensor_visibility_exclusionsv1_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/sv-exclusions/v1', params=params, headers=headers) + + return response + + def query_submissions_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'falconx/queries/submissions/v1', params=params, headers=headers) + + return response + + def query_submissions_mixin0_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'scanner/queries/scans/v1', params=params, headers=headers) + + return response + + def query_user_group_members_request(self, user_uuid, sort, offset, limit): + params = assign_params(user_uuid=user_uuid, sort=sort, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/queries/user-group-members/v1', params=params, headers=headers) + + return response + + def query_user_groups_request(self, name, sort, offset, limit): + params = assign_params(name=name, sort=sort, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/queries/user-groups/v1', params=params, headers=headers) + + return response + + def query_vulnerabilities_request(self, after, limit, sort, filter_): + params = assign_params(after=after, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'spotlight/queries/vulnerabilities/v1', params=params, headers=headers) + + return response + + def queryaws_accounts_request(self, limit, offset, sort, filter_): + params = assign_params(limit=limit, offset=offset, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-aws/combined/accounts/v1', params=params, headers=headers) + + return response + + def queryaws_accounts_fori_ds_request(self, limit, offset, sort, filter_): + params = assign_params(limit=limit, offset=offset, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'cloud-connect-aws/queries/accounts/v1', params=params, headers=headers) + + return response + + def querycid_group_members_request(self, cid, sort, offset, limit): + params = assign_params(cid=cid, sort=sort, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/queries/cid-group-members/v1', params=params, headers=headers) + + return response + + def querycid_groups_request(self, name, sort, offset, limit): + params = assign_params(name=name, sort=sort, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'mssp/queries/cid-groups/v1', params=params, headers=headers) + + return response + + def queryevents_request(self, sort, filter_, q, offset, after, limit): + params = assign_params(sort=sort, filter=filter_, q=q, offset=offset, after=after, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/queries/events/v1', params=params, headers=headers) + + return response + + def queryfirewallfields_request(self, platform_id, offset, limit): + params = assign_params(platform_id=platform_id, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/queries/firewall-fields/v1', params=params, headers=headers) + + return response + + def queryio_cs_request(self, types, values, from_expiration_timestamp, to_expiration_timestamp, policies, sources, share_levels, created_by, deleted_by, include_deleted): + params = assign_params(types=types, values=values, from_expiration_timestamp=from_expiration_timestamp, to_expiration_timestamp=to_expiration_timestamp, + policies=policies, sources=sources, share_levels=share_levels, created_by=created_by, deleted_by=deleted_by, include_deleted=include_deleted) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'indicators/queries/iocs/v1', params=params, headers=headers) + + return response + + def queryioa_exclusionsv1_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/ioa-exclusions/v1', params=params, headers=headers) + + return response + + def queryml_exclusionsv1_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/ml-exclusions/v1', params=params, headers=headers) + + return response + + def querypatterns_request(self, offset, limit): + params = assign_params(offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/queries/pattern-severities/v1', params=params, headers=headers) + + return response + + def queryplatforms_request(self, offset, limit): + params = assign_params(offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/queries/platforms/v1', params=params, headers=headers) + + return response + + def queryplatforms_mixin0_request(self, offset, limit): + params = assign_params(offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/queries/platforms/v1', params=params, headers=headers) + + return response + + def querypolicyrules_request(self, id_, sort, filter_, q, offset, limit): + params = assign_params(id=id_, sort=sort, filter=filter_, q=q, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/queries/policy-rules/v1', params=params, headers=headers) + + return response + + def queryrt_response_policies_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/response/v1', params=params, headers=headers) + + return response + + def queryrt_response_policy_members_request(self, id_, filter_, offset, limit, sort): + params = assign_params(id=id_, filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'policy/queries/response-members/v1', params=params, headers=headers) + + return response + + def queryrulegroups_request(self, sort, filter_, q, offset, after, limit): + params = assign_params(sort=sort, filter=filter_, q=q, offset=offset, after=after, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/queries/rule-groups/v1', params=params, headers=headers) + + return response + + def queryrulegroups_mixin0_request(self, sort, filter_, q, offset, limit): + params = assign_params(sort=sort, filter=filter_, q=q, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/queries/rule-groups/v1', params=params, headers=headers) + + return response + + def queryrulegroupsfull_request(self, sort, filter_, q, offset, limit): + params = assign_params(sort=sort, filter=filter_, q=q, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/queries/rule-groups-full/v1', params=params, headers=headers) + + return response + + def queryrules_request(self, sort, filter_, q, offset, after, limit): + params = assign_params(sort=sort, filter=filter_, q=q, offset=offset, after=after, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'fwmgr/queries/rules/v1', params=params, headers=headers) + + return response + + def queryrules_mixin0_request(self, sort, filter_, q, offset, limit): + params = assign_params(sort=sort, filter=filter_, q=q, offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/queries/rules/v1', params=params, headers=headers) + + return response + + def queryruletypes_request(self, offset, limit): + params = assign_params(offset=offset, limit=limit) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'ioarules/queries/rule-types/v1', params=params, headers=headers) + + return response + + def refresh_active_stream_session_request(self, action_name, appId, partition): + params = assign_params(action_name=action_name, appId=appId) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', f'sensors/entities/datafeed-actions/v1/{partition}', params=params, headers=headers) + + return response + + def regenerateapi_key_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'kubernetes-protection/entities/integration/api-key/v1', headers=headers) + + return response + + def retrieve_emails_bycid_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'users/queries/emails-by-cid/v1', headers=headers) + + return response + + def retrieve_user_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'users/entities/users/v1', params=params, headers=headers) + + return response + + def retrieve_useruui_ds_bycid_request(self): + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'users/queries/user-uuids-by-cid/v1', headers=headers) + + return response + + def retrieve_useruuid_request(self, uid): + params = assign_params(uid=uid) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'users/queries/user-uuids-by-email/v1', params=params, headers=headers) + + return response + + def reveal_uninstall_token_request(self, requests_revealuninstalltokenv1_audit_message, requests_revealuninstalltokenv1_device_id): + data = assign_params(audit_message=requests_revealuninstalltokenv1_audit_message, + device_id=requests_revealuninstalltokenv1_device_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'policy/combined/reveal-uninstall-token/v1', json_data=data, headers=headers) + + return response + + def revoke_user_role_ids_request(self, user_uuid, ids): + params = assign_params(user_uuid=user_uuid, ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'user-roles/entities/user-roles/v1', params=params, headers=headers) + + return response + + def rtr_aggregate_sessions_request(self, msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type): + data = assign_params(date_ranges=msa_aggregatequeryrequest_date_ranges, field=msa_aggregatequeryrequest_field, filter=msa_aggregatequeryrequest_filter, interval=msa_aggregatequeryrequest_interval, min_doc_count=msa_aggregatequeryrequest_min_doc_count, missing=msa_aggregatequeryrequest_missing, + name=msa_aggregatequeryrequest_name, q=msa_aggregatequeryrequest_q, ranges=msa_aggregatequeryrequest_ranges, size=msa_aggregatequeryrequest_size, sort=msa_aggregatequeryrequest_sort, sub_aggregates=msa_aggregatequeryrequest_sub_aggregates, time_zone=msa_aggregatequeryrequest_time_zone, type=msa_aggregatequeryrequest_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/aggregates/sessions/GET/v1', json_data=data, headers=headers) + + return response + + def rtr_check_active_responder_command_status_request(self, cloud_request_id, sequence_id): + params = assign_params(cloud_request_id=cloud_request_id, sequence_id=sequence_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'real-time-response/entities/active-responder-command/v1', params=params, headers=headers) + + return response + + def rtr_check_admin_command_status_request(self, cloud_request_id, sequence_id): + params = assign_params(cloud_request_id=cloud_request_id, sequence_id=sequence_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'real-time-response/entities/admin-command/v1', params=params, headers=headers) + + return response + + def rtr_check_command_status_request(self, cloud_request_id, sequence_id): + params = assign_params(cloud_request_id=cloud_request_id, sequence_id=sequence_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'real-time-response/entities/command/v1', params=params, headers=headers) + + return response + + def rtr_create_put_files_request(self, file, description, name, comments_for_audit_log): + data = assign_params(file=file, description=description, name=name, comments_for_audit_log=comments_for_audit_log) + + headers = self.cs_client._headers + headers['Content-Type'] = 'multipart/form-data' + + response = self.cs_client.http_request( + 'post', 'real-time-response/entities/put-files/v1', json_data=data, headers=headers) + + return response + + def rtr_create_scripts_request(self, file, description, name, comments_for_audit_log, permission_type, content, platform): + data = assign_params(file=file, description=description, name=name, comments_for_audit_log=comments_for_audit_log, + permission_type=permission_type, content=content, platform=platform) + + headers = self.cs_client._headers + headers['Content-Type'] = 'multipart/form-data' + + response = self.cs_client.http_request('post', 'real-time-response/entities/scripts/v1', json_data=data, headers=headers) + + return response + + def rtr_delete_file_request(self, ids, session_id): + params = assign_params(ids=ids, session_id=session_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'real-time-response/entities/file/v1', params=params, headers=headers) + + return response + + def rtr_delete_put_files_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'delete', 'real-time-response/entities/put-files/v1', params=params, headers=headers) + + return response + + def rtr_delete_queued_session_request(self, session_id, cloud_request_id): + params = assign_params(session_id=session_id, cloud_request_id=cloud_request_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'delete', 'real-time-response/entities/queued-sessions/command/v1', params=params, headers=headers) + + return response + + def rtr_delete_scripts_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'real-time-response/entities/scripts/v1', params=params, headers=headers) + + return response + + def rtr_delete_session_request(self, session_id): + params = assign_params(session_id=session_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'delete', 'real-time-response/entities/sessions/v1', params=params, headers=headers) + + return response + + def rtr_execute_active_responder_command_request(self, domain_commandexecuterequest_base_command, domain_commandexecuterequest_command_string, domain_commandexecuterequest_device_id, domain_commandexecuterequest_id, domain_commandexecuterequest_persist, domain_commandexecuterequest_session_id): + data = assign_params(base_command=domain_commandexecuterequest_base_command, command_string=domain_commandexecuterequest_command_string, device_id=domain_commandexecuterequest_device_id, + id=domain_commandexecuterequest_id, persist=domain_commandexecuterequest_persist, session_id=domain_commandexecuterequest_session_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/entities/active-responder-command/v1', json_data=data, headers=headers) + + return response + + def rtr_execute_admin_command_request(self, domain_commandexecuterequest_base_command, domain_commandexecuterequest_command_string, domain_commandexecuterequest_device_id, domain_commandexecuterequest_id, domain_commandexecuterequest_persist, domain_commandexecuterequest_session_id): + data = assign_params(base_command=domain_commandexecuterequest_base_command, command_string=domain_commandexecuterequest_command_string, device_id=domain_commandexecuterequest_device_id, + id=domain_commandexecuterequest_id, persist=domain_commandexecuterequest_persist, session_id=domain_commandexecuterequest_session_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/entities/admin-command/v1', json_data=data, headers=headers) + + return response + + def rtr_execute_command_request(self, domain_commandexecuterequest_base_command, domain_commandexecuterequest_command_string, domain_commandexecuterequest_device_id, domain_commandexecuterequest_id, domain_commandexecuterequest_persist, domain_commandexecuterequest_session_id): + data = assign_params(base_command=domain_commandexecuterequest_base_command, command_string=domain_commandexecuterequest_command_string, device_id=domain_commandexecuterequest_device_id, + id=domain_commandexecuterequest_id, persist=domain_commandexecuterequest_persist, session_id=domain_commandexecuterequest_session_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'real-time-response/entities/command/v1', json_data=data, headers=headers) + + return response + + def rtr_get_extracted_file_contents_request(self, session_id, sha256, filename): + params = assign_params(session_id=session_id, sha256=sha256, filename=filename) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'get', 'real-time-response/entities/extracted-file-contents/v1', params=params, headers=headers) + + return response + + def rtr_get_put_files_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'real-time-response/entities/put-files/v1', params=params, headers=headers) + + return response + + def rtr_get_scripts_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'real-time-response/entities/scripts/v1', params=params, headers=headers) + + return response + + def rtr_init_session_request(self, domain_initrequest_device_id, domain_initrequest_origin, domain_initrequest_queue_offline): + data = assign_params(device_id=domain_initrequest_device_id, origin=domain_initrequest_origin, + queue_offline=domain_initrequest_queue_offline) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'real-time-response/entities/sessions/v1', json_data=data, headers=headers) + + return response + + def rtr_list_all_sessions_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'real-time-response/queries/sessions/v1', params=params, headers=headers) + + return response + + def rtr_list_files_request(self, session_id): + params = assign_params(session_id=session_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'real-time-response/entities/file/v1', params=params, headers=headers) + + return response + + def rtr_list_put_files_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'real-time-response/queries/put-files/v1', params=params, headers=headers) + + return response + + def rtr_list_queued_sessions_request(self, msa_idsrequest_ids): + data = assign_params(ids=msa_idsrequest_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/entities/queued-sessions/GET/v1', json_data=data, headers=headers) + + return response + + def rtr_list_scripts_request(self, filter_, offset, limit, sort): + params = assign_params(filter=filter_, offset=offset, limit=limit, sort=sort) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'real-time-response/queries/scripts/v1', params=params, headers=headers) + + return response + + def rtr_list_sessions_request(self, msa_idsrequest_ids): + data = assign_params(ids=msa_idsrequest_ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/entities/sessions/GET/v1', json_data=data, headers=headers) + + return response + + def rtr_pulse_session_request(self, domain_initrequest_device_id, domain_initrequest_origin, domain_initrequest_queue_offline): + data = assign_params(device_id=domain_initrequest_device_id, origin=domain_initrequest_origin, + queue_offline=domain_initrequest_queue_offline) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'real-time-response/entities/refresh-session/v1', json_data=data, headers=headers) + + return response + + def rtr_update_scripts_request(self, id_, file, description, name, comments_for_audit_log, permission_type, content, platform): + data = assign_params(id=id_, file=file, description=description, name=name, + comments_for_audit_log=comments_for_audit_log, permission_type=permission_type, content=content, platform=platform) + + headers = self.cs_client._headers + headers['Content-Type'] = 'multipart/form-data' + + response = self.cs_client.http_request('patch', 'real-time-response/entities/scripts/v1', json_data=data, headers=headers) + + return response + + def scan_samples_request(self, mlscanner_samplesscanparameters_samples): + data = assign_params(samples=mlscanner_samplesscanparameters_samples) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'scanner/entities/scans/v1', json_data=data, headers=headers) + + return response + + def set_device_control_policies_precedence_request(self, requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name): + data = assign_params(ids=requests_setpolicyprecedencereqv1_ids, + platform_name=requests_setpolicyprecedencereqv1_platform_name) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'policy/entities/device-control-precedence/v1', json_data=data, headers=headers) + + return response + + def set_firewall_policies_precedence_request(self, requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name): + data = assign_params(ids=requests_setpolicyprecedencereqv1_ids, + platform_name=requests_setpolicyprecedencereqv1_platform_name) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/firewall-precedence/v1', json_data=data, headers=headers) + + return response + + def set_prevention_policies_precedence_request(self, requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name): + data = assign_params(ids=requests_setpolicyprecedencereqv1_ids, + platform_name=requests_setpolicyprecedencereqv1_platform_name) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'policy/entities/prevention-precedence/v1', json_data=data, headers=headers) + + return response + + def set_sensor_update_policies_precedence_request(self, requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name): + data = assign_params(ids=requests_setpolicyprecedencereqv1_ids, + platform_name=requests_setpolicyprecedencereqv1_platform_name) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'policy/entities/sensor-update-precedence/v1', json_data=data, headers=headers) + + return response + + def setrt_response_policies_precedence_request(self, requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name): + data = assign_params(ids=requests_setpolicyprecedencereqv1_ids, + platform_name=requests_setpolicyprecedencereqv1_platform_name) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'policy/entities/response-precedence/v1', json_data=data, headers=headers) + + return response + + def submit_request(self, falconx_submissionparametersv1_sandbox, falconx_submissionparametersv1_user_tags): + data = assign_params(sandbox=falconx_submissionparametersv1_sandbox, user_tags=falconx_submissionparametersv1_user_tags) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'falconx/entities/submissions/v1', json_data=data, headers=headers) + + return response + + def tokenscreate_request(self, api_tokencreaterequestv1_expires_timestamp, api_tokencreaterequestv1_label, api_tokencreaterequestv1_type): + data = assign_params(expires_timestamp=api_tokencreaterequestv1_expires_timestamp, + label=api_tokencreaterequestv1_label, type=api_tokencreaterequestv1_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'installation-tokens/entities/tokens/v1', json_data=data, headers=headers) + + return response + + def tokensdelete_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('delete', 'installation-tokens/entities/tokens/v1', params=params, headers=headers) + + return response + + def tokensquery_request(self, offset, limit, sort, filter_): + params = assign_params(offset=offset, limit=limit, sort=sort, filter=filter_) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'installation-tokens/queries/tokens/v1', params=params, headers=headers) + + return response + + def tokensread_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('get', 'installation-tokens/entities/tokens/v1', params=params, headers=headers) + + return response + + def tokensupdate_request(self, ids, api_tokenpatchrequestv1_expires_timestamp, api_tokenpatchrequestv1_label, api_tokenpatchrequestv1_revoked): + params = assign_params(ids=ids) + data = assign_params(expires_timestamp=api_tokenpatchrequestv1_expires_timestamp, + label=api_tokenpatchrequestv1_label, revoked=api_tokenpatchrequestv1_revoked) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'installation-tokens/entities/tokens/v1', + params=params, json_data=data, headers=headers) + + return response + + def trigger_scan_request(self, scan_type): + params = assign_params(scan_type=scan_type) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'kubernetes-protection/entities/scan/trigger/v1', params=params, headers=headers) + + return response + + def update_actionv1_request(self, domain_updateactionrequest_frequency, domain_updateactionrequest_id, domain_updateactionrequest_recipients, domain_updateactionrequest_status): + data = assign_params(frequency=domain_updateactionrequest_frequency, id=domain_updateactionrequest_id, + recipients=domain_updateactionrequest_recipients, status=domain_updateactionrequest_status) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'recon/entities/actions/v1', json_data=data, headers=headers) + + return response + + def update_detects_by_idsv2_request(self, domain_detectsentitiespatchrequest_assigned_to_uuid, domain_detectsentitiespatchrequest_comment, domain_detectsentitiespatchrequest_ids, domain_detectsentitiespatchrequest_show_in_ui, domain_detectsentitiespatchrequest_status): + data = assign_params(assigned_to_uuid=domain_detectsentitiespatchrequest_assigned_to_uuid, comment=domain_detectsentitiespatchrequest_comment, + ids=domain_detectsentitiespatchrequest_ids, show_in_ui=domain_detectsentitiespatchrequest_show_in_ui, status=domain_detectsentitiespatchrequest_status) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'detects/entities/detects/v2', json_data=data, headers=headers) + + return response + + def update_device_control_policies_request(self, requests_updatedevicecontrolpoliciesv1_resources): + data = assign_params(resources=requests_updatedevicecontrolpoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/device-control/v1', json_data=data, headers=headers) + + return response + + def update_device_tags_request(self, domain_updatedevicetagsrequestv1_action, domain_updatedevicetagsrequestv1_device_ids, domain_updatedevicetagsrequestv1_tags): + data = assign_params(action=domain_updatedevicetagsrequestv1_action, + device_ids=domain_updatedevicetagsrequestv1_device_ids, tags=domain_updatedevicetagsrequestv1_tags) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'devices/entities/devices/tags/v1', json_data=data, headers=headers) + + return response + + def update_firewall_policies_request(self, requests_updatefirewallpoliciesv1_resources): + data = assign_params(resources=requests_updatefirewallpoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/firewall/v1', json_data=data, headers=headers) + + return response + + def update_host_groups_request(self, requests_updategroupsv1_resources): + data = assign_params(resources=requests_updategroupsv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'devices/entities/host-groups/v1', json_data=data, headers=headers) + + return response + + def update_notificationsv1_request(self, domain_updatenotificationrequestv1_assigned_to_uuid, domain_updatenotificationrequestv1_id, domain_updatenotificationrequestv1_status): + data = assign_params(assigned_to_uuid=domain_updatenotificationrequestv1_assigned_to_uuid, + id=domain_updatenotificationrequestv1_id, status=domain_updatenotificationrequestv1_status) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'recon/entities/notifications/v1', json_data=data, headers=headers) + + return response + + def update_prevention_policies_request(self, requests_updatepreventionpoliciesv1_resources): + data = assign_params(resources=requests_updatepreventionpoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/prevention/v1', json_data=data, headers=headers) + + return response + + def update_rulesv1_request(self, domain_updaterulerequestv1_filter, domain_updaterulerequestv1_id, domain_updaterulerequestv1_name, domain_updaterulerequestv1_permissions, domain_updaterulerequestv1_priority): + data = assign_params(filter=domain_updaterulerequestv1_filter, id=domain_updaterulerequestv1_id, name=domain_updaterulerequestv1_name, + permissions=domain_updaterulerequestv1_permissions, priority=domain_updaterulerequestv1_priority) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'recon/entities/rules/v1', json_data=data, headers=headers) + + return response + + def update_sensor_update_policies_request(self, requests_updatesensorupdatepoliciesv1_resources): + data = assign_params(resources=requests_updatesensorupdatepoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/sensor-update/v1', json_data=data, headers=headers) + + return response + + def update_sensor_update_policiesv2_request(self, requests_updatesensorupdatepoliciesv2_resources): + data = assign_params(resources=requests_updatesensorupdatepoliciesv2_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/sensor-update/v2', json_data=data, headers=headers) + + return response + + def update_sensor_visibility_exclusionsv1_request(self, requests_svexclusionupdatereqv1_comment, requests_svexclusionupdatereqv1_groups, requests_svexclusionupdatereqv1_id, requests_svexclusionupdatereqv1_value): + data = assign_params(comment=requests_svexclusionupdatereqv1_comment, groups=requests_svexclusionupdatereqv1_groups, + id=requests_svexclusionupdatereqv1_id, value=requests_svexclusionupdatereqv1_value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/sv-exclusions/v1', json_data=data, headers=headers) + + return response + + def update_user_request(self, user_uuid, domain_updateuserfields_firstname, domain_updateuserfields_lastname): + params = assign_params(user_uuid=user_uuid) + data = assign_params(firstName=domain_updateuserfields_firstname, lastName=domain_updateuserfields_lastname) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'users/entities/users/v1', params=params, json_data=data, headers=headers) + + return response + + def update_user_groups_request(self, domain_usergroupsrequestv1_resources): + data = assign_params(resources=domain_usergroupsrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'mssp/entities/user-groups/v1', json_data=data, headers=headers) + + return response + + def updateaws_account_request(self, ids, region): + params = assign_params(ids=ids, region=region) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'patch', 'kubernetes-protection/entities/accounts/aws/v1', params=params, headers=headers) + + return response + + def updateaws_accounts_request(self, models_updateawsaccountsv1_resources): + data = assign_params(resources=models_updateawsaccountsv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'cloud-connect-aws/entities/accounts/v1', json_data=data, headers=headers) + + return response + + def updatecid_groups_request(self, domain_cidgroupsrequestv1_resources): + data = assign_params(resources=domain_cidgroupsrequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'mssp/entities/cid-groups/v1', json_data=data, headers=headers) + + return response + + def updatecspm_azure_tenant_default_subscriptionid_request(self, tenant_id, subscription_id): + params = assign_params(tenant_id=tenant_id, subscription_id=subscription_id) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'patch', 'cloud-connect-cspm-azure/entities/default-subscription-id/v1', params=params, headers=headers) + + return response + + def updatecspm_policy_settings_request(self, registration_policyrequestextv1_resources): + data = assign_params(resources=registration_policyrequestextv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'settings/entities/policy/v1', json_data=data, headers=headers) + + return response + + def updatecspm_scan_schedule_request(self, registration_scanscheduleupdaterequestv1_resources): + data = assign_params(resources=registration_scanscheduleupdaterequestv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'settings/scan-schedule/v1', json_data=data, headers=headers) + + return response + + def updateioa_exclusionsv1_request(self, requests_ioaexclusionupdatereqv1_cl_regex, requests_ioaexclusionupdatereqv1_comment, requests_ioaexclusionupdatereqv1_description, requests_ioaexclusionupdatereqv1_detection_json, requests_ioaexclusionupdatereqv1_groups, requests_ioaexclusionupdatereqv1_id, requests_ioaexclusionupdatereqv1_ifn_regex, requests_ioaexclusionupdatereqv1_name, requests_ioaexclusionupdatereqv1_pattern_id, requests_ioaexclusionupdatereqv1_pattern_name): + data = assign_params(cl_regex=requests_ioaexclusionupdatereqv1_cl_regex, comment=requests_ioaexclusionupdatereqv1_comment, description=requests_ioaexclusionupdatereqv1_description, detection_json=requests_ioaexclusionupdatereqv1_detection_json, groups=requests_ioaexclusionupdatereqv1_groups, + id=requests_ioaexclusionupdatereqv1_id, ifn_regex=requests_ioaexclusionupdatereqv1_ifn_regex, name=requests_ioaexclusionupdatereqv1_name, pattern_id=requests_ioaexclusionupdatereqv1_pattern_id, pattern_name=requests_ioaexclusionupdatereqv1_pattern_name) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/ioa-exclusions/v1', json_data=data, headers=headers) + + return response + + def updateioc_request(self, api_iocviewrecord_batch_id, api_iocviewrecord_created_by, api_iocviewrecord_created_timestamp, api_iocviewrecord_description, api_iocviewrecord_expiration_days, api_iocviewrecord_expiration_timestamp, api_iocviewrecord_modified_by, api_iocviewrecord_modified_timestamp, api_iocviewrecord_policy, api_iocviewrecord_share_level, api_iocviewrecord_source, api_iocviewrecord_type, api_iocviewrecord_value, type_, value): + params = assign_params(type=type_, value=value) + data = assign_params(batch_id=api_iocviewrecord_batch_id, created_by=api_iocviewrecord_created_by, created_timestamp=api_iocviewrecord_created_timestamp, description=api_iocviewrecord_description, expiration_days=api_iocviewrecord_expiration_days, expiration_timestamp=api_iocviewrecord_expiration_timestamp, + modified_by=api_iocviewrecord_modified_by, modified_timestamp=api_iocviewrecord_modified_timestamp, policy=api_iocviewrecord_policy, share_level=api_iocviewrecord_share_level, source=api_iocviewrecord_source, type=api_iocviewrecord_type, value=api_iocviewrecord_value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'indicators/entities/iocs/v1', + params=params, json_data=data, headers=headers) + + return response + + def updateml_exclusionsv1_request(self, requests_svexclusionupdatereqv1_comment, requests_svexclusionupdatereqv1_groups, requests_svexclusionupdatereqv1_id, requests_svexclusionupdatereqv1_value): + data = assign_params(comment=requests_svexclusionupdatereqv1_comment, groups=requests_svexclusionupdatereqv1_groups, + id=requests_svexclusionupdatereqv1_id, value=requests_svexclusionupdatereqv1_value) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/ml-exclusions/v1', json_data=data, headers=headers) + + return response + + def updatepolicycontainer_request(self, fwmgr_api_policycontainerupsertrequestv1_default_inbound, fwmgr_api_policycontainerupsertrequestv1_default_outbound, fwmgr_api_policycontainerupsertrequestv1_enforce, fwmgr_api_policycontainerupsertrequestv1_is_default_policy, fwmgr_api_policycontainerupsertrequestv1_platform_id, fwmgr_api_policycontainerupsertrequestv1_policy_id, fwmgr_api_policycontainerupsertrequestv1_rule_group_ids, fwmgr_api_policycontainerupsertrequestv1_test_mode, fwmgr_api_policycontainerupsertrequestv1_tracking): + data = assign_params(default_inbound=fwmgr_api_policycontainerupsertrequestv1_default_inbound, default_outbound=fwmgr_api_policycontainerupsertrequestv1_default_outbound, enforce=fwmgr_api_policycontainerupsertrequestv1_enforce, is_default_policy=fwmgr_api_policycontainerupsertrequestv1_is_default_policy, + platform_id=fwmgr_api_policycontainerupsertrequestv1_platform_id, policy_id=fwmgr_api_policycontainerupsertrequestv1_policy_id, rule_group_ids=fwmgr_api_policycontainerupsertrequestv1_rule_group_ids, test_mode=fwmgr_api_policycontainerupsertrequestv1_test_mode, tracking=fwmgr_api_policycontainerupsertrequestv1_tracking) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('put', 'fwmgr/entities/policies/v1', json_data=data, headers=headers) + + return response + + def updatert_response_policies_request(self, requests_updatertresponsepoliciesv1_resources): + data = assign_params(resources=requests_updatertresponsepoliciesv1_resources) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'policy/entities/response/v1', json_data=data, headers=headers) + + return response + + def updaterulegroup_request(self, comment, fwmgr_api_rulegroupmodifyrequestv1_diff_operations, fwmgr_api_rulegroupmodifyrequestv1_diff_type, fwmgr_api_rulegroupmodifyrequestv1_id, fwmgr_api_rulegroupmodifyrequestv1_rule_ids, fwmgr_api_rulegroupmodifyrequestv1_rule_versions, fwmgr_api_rulegroupmodifyrequestv1_tracking): + params = assign_params(comment=comment) + data = assign_params(diff_operations=fwmgr_api_rulegroupmodifyrequestv1_diff_operations, diff_type=fwmgr_api_rulegroupmodifyrequestv1_diff_type, id=fwmgr_api_rulegroupmodifyrequestv1_id, + rule_ids=fwmgr_api_rulegroupmodifyrequestv1_rule_ids, rule_versions=fwmgr_api_rulegroupmodifyrequestv1_rule_versions, tracking=fwmgr_api_rulegroupmodifyrequestv1_tracking) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'fwmgr/entities/rule-groups/v1', + params=params, json_data=data, headers=headers) + + return response + + def updaterulegroup_mixin0_request(self, api_rulegroupmodifyrequestv1_comment, api_rulegroupmodifyrequestv1_description, api_rulegroupmodifyrequestv1_enabled, api_rulegroupmodifyrequestv1_id, api_rulegroupmodifyrequestv1_name, api_rulegroupmodifyrequestv1_rulegroup_version): + data = assign_params(comment=api_rulegroupmodifyrequestv1_comment, description=api_rulegroupmodifyrequestv1_description, enabled=api_rulegroupmodifyrequestv1_enabled, + id=api_rulegroupmodifyrequestv1_id, name=api_rulegroupmodifyrequestv1_name, rulegroup_version=api_rulegroupmodifyrequestv1_rulegroup_version) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'ioarules/entities/rule-groups/v1', json_data=data, headers=headers) + + return response + + def updaterules_request(self, api_ruleupdatesrequestv1_comment, api_ruleupdatesrequestv1_rule_updates, api_ruleupdatesrequestv1_rulegroup_id, api_ruleupdatesrequestv1_rulegroup_version): + data = assign_params(comment=api_ruleupdatesrequestv1_comment, rule_updates=api_ruleupdatesrequestv1_rule_updates, + rulegroup_id=api_ruleupdatesrequestv1_rulegroup_id, rulegroup_version=api_ruleupdatesrequestv1_rulegroup_version) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('patch', 'ioarules/entities/rules/v1', json_data=data, headers=headers) + + return response + + def upload_samplev2_request(self, body, upfile, file_name, comment, is_confidential): + params = assign_params(file_name=file_name, comment=comment, is_confidential=is_confidential) + data = assign_params(body=body, upfile=upfile) + + headers = self.cs_client._headers + headers['Content-Type'] = 'application/octet-stream' + + response = self.cs_client.http_request('post', 'samples/entities/samples/v2', + params=params, json_data=data, headers=headers) + + return response + + def upload_samplev3_request(self, body, upfile, file_name, comment, is_confidential): + params = assign_params(file_name=file_name, comment=comment, is_confidential=is_confidential) + data = assign_params(body=body, upfile=upfile) + + headers = self.cs_client._headers + headers['Content-Type'] = 'application/octet-stream' + + response = self.cs_client.http_request('post', 'samples/entities/samples/v3', + params=params, json_data=data, headers=headers) + + return response + + def validate_request(self, api_validationrequestv1_fields): + data = assign_params(fields=api_validationrequestv1_fields) + + headers = self.cs_client._headers + + response = self.cs_client.http_request('post', 'ioarules/entities/rules/validate/v1', json_data=data, headers=headers) + + return response + + def verifyaws_account_access_request(self, ids): + params = assign_params(ids=ids) + + headers = self.cs_client._headers + + response = self.cs_client.http_request( + 'post', 'cloud-connect-aws/entities/verify-account-access/v1', params=params, headers=headers) + + return response + + +def add_role_command(client, args): + domain_mssprolerequestv1_resources = argToList(args.get('domain_mssprolerequestv1_resources', [])) + + response = client.add_role_request(domain_mssprolerequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainMSSPRoleResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def add_user_group_members_command(client, args): + domain_usergroupmembersrequestv1_resources = argToList(args.get('domain_usergroupmembersrequestv1_resources', [])) + + response = client.add_user_group_members_request(domain_usergroupmembersrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserGroupMembersResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def addcid_group_members_command(client, args): + domain_cidgroupmembersrequestv1_resources = argToList(args.get('domain_cidgroupmembersrequestv1_resources', [])) + + response = client.addcid_group_members_request(domain_cidgroupmembersrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainCIDGroupMembersResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregate_allow_list_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregate_allow_list_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregate_block_list_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregate_block_list_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregate_detections_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregate_detections_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregate_device_count_collection_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregate_device_count_collection_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregate_escalations_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregate_escalations_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregate_notificationsv1_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregate_notificationsv1_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregate_remediations_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregate_remediations_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregateevents_command(client, args): + fwmgr_msa_aggregatequeryrequest_date_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_date_ranges', [])) + fwmgr_msa_aggregatequeryrequest_field = str(args.get('fwmgr_msa_aggregatequeryrequest_field', '')) + fwmgr_msa_aggregatequeryrequest_filter = str(args.get('fwmgr_msa_aggregatequeryrequest_filter', '')) + fwmgr_msa_aggregatequeryrequest_interval = str(args.get('fwmgr_msa_aggregatequeryrequest_interval', '')) + fwmgr_msa_aggregatequeryrequest_min_doc_count = args.get('fwmgr_msa_aggregatequeryrequest_min_doc_count', None) + fwmgr_msa_aggregatequeryrequest_missing = str(args.get('fwmgr_msa_aggregatequeryrequest_missing', '')) + fwmgr_msa_aggregatequeryrequest_name = str(args.get('fwmgr_msa_aggregatequeryrequest_name', '')) + fwmgr_msa_aggregatequeryrequest_q = str(args.get('fwmgr_msa_aggregatequeryrequest_q', '')) + fwmgr_msa_aggregatequeryrequest_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_ranges', [])) + fwmgr_msa_aggregatequeryrequest_size = args.get('fwmgr_msa_aggregatequeryrequest_size', None) + fwmgr_msa_aggregatequeryrequest_sort = str(args.get('fwmgr_msa_aggregatequeryrequest_sort', '')) + fwmgr_msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('fwmgr_msa_aggregatequeryrequest_sub_aggregates', [])) + fwmgr_msa_aggregatequeryrequest_time_zone = str(args.get('fwmgr_msa_aggregatequeryrequest_time_zone', '')) + fwmgr_msa_aggregatequeryrequest_type = str(args.get('fwmgr_msa_aggregatequeryrequest_type', '')) + + response = client.aggregateevents_request(fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, + fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregatefc_incidents_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregatefc_incidents_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregatepolicyrules_command(client, args): + fwmgr_msa_aggregatequeryrequest_date_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_date_ranges', [])) + fwmgr_msa_aggregatequeryrequest_field = str(args.get('fwmgr_msa_aggregatequeryrequest_field', '')) + fwmgr_msa_aggregatequeryrequest_filter = str(args.get('fwmgr_msa_aggregatequeryrequest_filter', '')) + fwmgr_msa_aggregatequeryrequest_interval = str(args.get('fwmgr_msa_aggregatequeryrequest_interval', '')) + fwmgr_msa_aggregatequeryrequest_min_doc_count = args.get('fwmgr_msa_aggregatequeryrequest_min_doc_count', None) + fwmgr_msa_aggregatequeryrequest_missing = str(args.get('fwmgr_msa_aggregatequeryrequest_missing', '')) + fwmgr_msa_aggregatequeryrequest_name = str(args.get('fwmgr_msa_aggregatequeryrequest_name', '')) + fwmgr_msa_aggregatequeryrequest_q = str(args.get('fwmgr_msa_aggregatequeryrequest_q', '')) + fwmgr_msa_aggregatequeryrequest_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_ranges', [])) + fwmgr_msa_aggregatequeryrequest_size = args.get('fwmgr_msa_aggregatequeryrequest_size', None) + fwmgr_msa_aggregatequeryrequest_sort = str(args.get('fwmgr_msa_aggregatequeryrequest_sort', '')) + fwmgr_msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('fwmgr_msa_aggregatequeryrequest_sub_aggregates', [])) + fwmgr_msa_aggregatequeryrequest_time_zone = str(args.get('fwmgr_msa_aggregatequeryrequest_time_zone', '')) + fwmgr_msa_aggregatequeryrequest_type = str(args.get('fwmgr_msa_aggregatequeryrequest_type', '')) + + response = client.aggregatepolicyrules_request(fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, + fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregaterulegroups_command(client, args): + fwmgr_msa_aggregatequeryrequest_date_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_date_ranges', [])) + fwmgr_msa_aggregatequeryrequest_field = str(args.get('fwmgr_msa_aggregatequeryrequest_field', '')) + fwmgr_msa_aggregatequeryrequest_filter = str(args.get('fwmgr_msa_aggregatequeryrequest_filter', '')) + fwmgr_msa_aggregatequeryrequest_interval = str(args.get('fwmgr_msa_aggregatequeryrequest_interval', '')) + fwmgr_msa_aggregatequeryrequest_min_doc_count = args.get('fwmgr_msa_aggregatequeryrequest_min_doc_count', None) + fwmgr_msa_aggregatequeryrequest_missing = str(args.get('fwmgr_msa_aggregatequeryrequest_missing', '')) + fwmgr_msa_aggregatequeryrequest_name = str(args.get('fwmgr_msa_aggregatequeryrequest_name', '')) + fwmgr_msa_aggregatequeryrequest_q = str(args.get('fwmgr_msa_aggregatequeryrequest_q', '')) + fwmgr_msa_aggregatequeryrequest_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_ranges', [])) + fwmgr_msa_aggregatequeryrequest_size = args.get('fwmgr_msa_aggregatequeryrequest_size', None) + fwmgr_msa_aggregatequeryrequest_sort = str(args.get('fwmgr_msa_aggregatequeryrequest_sort', '')) + fwmgr_msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('fwmgr_msa_aggregatequeryrequest_sub_aggregates', [])) + fwmgr_msa_aggregatequeryrequest_time_zone = str(args.get('fwmgr_msa_aggregatequeryrequest_time_zone', '')) + fwmgr_msa_aggregatequeryrequest_type = str(args.get('fwmgr_msa_aggregatequeryrequest_type', '')) + + response = client.aggregaterulegroups_request(fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, + fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregaterules_command(client, args): + fwmgr_msa_aggregatequeryrequest_date_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_date_ranges', [])) + fwmgr_msa_aggregatequeryrequest_field = str(args.get('fwmgr_msa_aggregatequeryrequest_field', '')) + fwmgr_msa_aggregatequeryrequest_filter = str(args.get('fwmgr_msa_aggregatequeryrequest_filter', '')) + fwmgr_msa_aggregatequeryrequest_interval = str(args.get('fwmgr_msa_aggregatequeryrequest_interval', '')) + fwmgr_msa_aggregatequeryrequest_min_doc_count = args.get('fwmgr_msa_aggregatequeryrequest_min_doc_count', None) + fwmgr_msa_aggregatequeryrequest_missing = str(args.get('fwmgr_msa_aggregatequeryrequest_missing', '')) + fwmgr_msa_aggregatequeryrequest_name = str(args.get('fwmgr_msa_aggregatequeryrequest_name', '')) + fwmgr_msa_aggregatequeryrequest_q = str(args.get('fwmgr_msa_aggregatequeryrequest_q', '')) + fwmgr_msa_aggregatequeryrequest_ranges = argToList(args.get('fwmgr_msa_aggregatequeryrequest_ranges', [])) + fwmgr_msa_aggregatequeryrequest_size = args.get('fwmgr_msa_aggregatequeryrequest_size', None) + fwmgr_msa_aggregatequeryrequest_sort = str(args.get('fwmgr_msa_aggregatequeryrequest_sort', '')) + fwmgr_msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('fwmgr_msa_aggregatequeryrequest_sub_aggregates', [])) + fwmgr_msa_aggregatequeryrequest_time_zone = str(args.get('fwmgr_msa_aggregatequeryrequest_time_zone', '')) + fwmgr_msa_aggregatequeryrequest_type = str(args.get('fwmgr_msa_aggregatequeryrequest_type', '')) + + response = client.aggregaterules_request(fwmgr_msa_aggregatequeryrequest_date_ranges, fwmgr_msa_aggregatequeryrequest_field, fwmgr_msa_aggregatequeryrequest_filter, fwmgr_msa_aggregatequeryrequest_interval, fwmgr_msa_aggregatequeryrequest_min_doc_count, fwmgr_msa_aggregatequeryrequest_missing, + fwmgr_msa_aggregatequeryrequest_name, fwmgr_msa_aggregatequeryrequest_q, fwmgr_msa_aggregatequeryrequest_ranges, fwmgr_msa_aggregatequeryrequest_size, fwmgr_msa_aggregatequeryrequest_sort, fwmgr_msa_aggregatequeryrequest_sub_aggregates, fwmgr_msa_aggregatequeryrequest_time_zone, fwmgr_msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregates_detections_global_counts_command(client, args): + filter_ = str(args.get('filter_', '')) + + response = client.aggregates_detections_global_counts_request(filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaFacetsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregates_events_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregates_events_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregates_events_collections_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.aggregates_events_collections_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregates_incidents_global_counts_command(client, args): + filter_ = str(args.get('filter_', '')) + + response = client.aggregates_incidents_global_counts_request(filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaFacetsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def aggregatesow_events_global_counts_command(client, args): + filter_ = str(args.get('filter_', '')) + + response = client.aggregatesow_events_global_counts_request(filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaFacetsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def apipreemptproxypostgraphql_command(client, args): + + response = client.apipreemptproxypostgraphql_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def auditeventsquery_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.auditeventsquery_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def auditeventsread_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.auditeventsread_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiauditEventDetailsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def batch_active_responder_cmd_command(client, args): + timeout = int(args.get('timeout', 30)) + timeout_duration = str(args.get('timeout_duration', '30s')) + domain_batchexecutecommandrequest_base_command = str(args.get('domain_batchexecutecommandrequest_base_command', '')) + domain_batchexecutecommandrequest_batch_id = str(args.get('domain_batchexecutecommandrequest_batch_id', '')) + domain_batchexecutecommandrequest_command_string = str(args.get('domain_batchexecutecommandrequest_command_string', '')) + domain_batchexecutecommandrequest_optional_hosts = argToList(args.get('domain_batchexecutecommandrequest_optional_hosts', [])) + domain_batchexecutecommandrequest_persist_all = argToBoolean(args.get('domain_batchexecutecommandrequest_persist_all', False)) + + response = client.batch_active_responder_cmd_request(timeout, timeout_duration, domain_batchexecutecommandrequest_base_command, domain_batchexecutecommandrequest_batch_id, + domain_batchexecutecommandrequest_command_string, domain_batchexecutecommandrequest_optional_hosts, domain_batchexecutecommandrequest_persist_all) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def batch_admin_cmd_command(client, args): + timeout = int(args.get('timeout', 30)) + timeout_duration = str(args.get('timeout_duration', '30s')) + domain_batchexecutecommandrequest_base_command = str(args.get('domain_batchexecutecommandrequest_base_command', '')) + domain_batchexecutecommandrequest_batch_id = str(args.get('domain_batchexecutecommandrequest_batch_id', '')) + domain_batchexecutecommandrequest_command_string = str(args.get('domain_batchexecutecommandrequest_command_string', '')) + domain_batchexecutecommandrequest_optional_hosts = argToList(args.get('domain_batchexecutecommandrequest_optional_hosts', [])) + domain_batchexecutecommandrequest_persist_all = argToBoolean(args.get('domain_batchexecutecommandrequest_persist_all', False)) + + response = client.batch_admin_cmd_request(timeout, timeout_duration, domain_batchexecutecommandrequest_base_command, domain_batchexecutecommandrequest_batch_id, + domain_batchexecutecommandrequest_command_string, domain_batchexecutecommandrequest_optional_hosts, domain_batchexecutecommandrequest_persist_all) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def batch_cmd_command(client, args): + timeout = int(args.get('timeout', 30)) + timeout_duration = str(args.get('timeout_duration', '30s')) + domain_batchexecutecommandrequest_base_command = str(args.get('domain_batchexecutecommandrequest_base_command', '')) + domain_batchexecutecommandrequest_batch_id = str(args.get('domain_batchexecutecommandrequest_batch_id', '')) + domain_batchexecutecommandrequest_command_string = str(args.get('domain_batchexecutecommandrequest_command_string', '')) + domain_batchexecutecommandrequest_optional_hosts = argToList(args.get('domain_batchexecutecommandrequest_optional_hosts', [])) + domain_batchexecutecommandrequest_persist_all = argToBoolean(args.get('domain_batchexecutecommandrequest_persist_all', False)) + + response = client.batch_cmd_request(timeout, timeout_duration, domain_batchexecutecommandrequest_base_command, domain_batchexecutecommandrequest_batch_id, + domain_batchexecutecommandrequest_command_string, domain_batchexecutecommandrequest_optional_hosts, domain_batchexecutecommandrequest_persist_all) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def batch_get_cmd_command(client, args): + timeout = int(args.get('timeout', 30)) + timeout_duration = str(args.get('timeout_duration', '30s')) + domain_batchgetcommandrequest_batch_id = str(args.get('domain_batchgetcommandrequest_batch_id', '')) + domain_batchgetcommandrequest_file_path = str(args.get('domain_batchgetcommandrequest_file_path', '')) + domain_batchgetcommandrequest_optional_hosts = argToList(args.get('domain_batchgetcommandrequest_optional_hosts', [])) + + response = client.batch_get_cmd_request(timeout, timeout_duration, domain_batchgetcommandrequest_batch_id, + domain_batchgetcommandrequest_file_path, domain_batchgetcommandrequest_optional_hosts) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def batch_get_cmd_status_command(client, args): + timeout = int(args.get('timeout', 30)) + timeout_duration = str(args.get('timeout_duration', '30s')) + batch_get_cmd_req_id = str(args.get('batch_get_cmd_req_id', '')) + + response = client.batch_get_cmd_status_request(timeout, timeout_duration, batch_get_cmd_req_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainBatchGetCmdStatusResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def batch_init_sessions_command(client, args): + timeout = int(args.get('timeout', 30)) + timeout_duration = str(args.get('timeout_duration', '30s')) + domain_batchinitsessionrequest_existing_batch_id = str(args.get('domain_batchinitsessionrequest_existing_batch_id', '')) + domain_batchinitsessionrequest_host_ids = argToList(args.get('domain_batchinitsessionrequest_host_ids', [])) + domain_batchinitsessionrequest_queue_offline = argToBoolean(args.get('domain_batchinitsessionrequest_queue_offline', False)) + + response = client.batch_init_sessions_request(timeout, timeout_duration, domain_batchinitsessionrequest_existing_batch_id, + domain_batchinitsessionrequest_host_ids, domain_batchinitsessionrequest_queue_offline) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def batch_refresh_sessions_command(client, args): + timeout = int(args.get('timeout', 30)) + timeout_duration = str(args.get('timeout_duration', '30s')) + domain_batchrefreshsessionrequest_batch_id = str(args.get('domain_batchrefreshsessionrequest_batch_id', '')) + domain_batchrefreshsessionrequest_hosts_to_remove = argToList( + args.get('domain_batchrefreshsessionrequest_hosts_to_remove', [])) + + response = client.batch_refresh_sessions_request( + timeout, timeout_duration, domain_batchrefreshsessionrequest_batch_id, domain_batchrefreshsessionrequest_hosts_to_remove) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_actionsv1_command(client, args): + domain_registeractionsrequest_actions = argToList(args.get('domain_registeractionsrequest_actions', [])) + domain_registeractionsrequest_rule_id = str(args.get('domain_registeractionsrequest_rule_id', '')) + + response = client.create_actionsv1_request(domain_registeractionsrequest_actions, domain_registeractionsrequest_rule_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainActionEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_device_control_policies_command(client, args): + requests_createdevicecontrolpoliciesv1_resources = argToList(args.get('requests_createdevicecontrolpoliciesv1_resources', [])) + + response = client.create_device_control_policies_request(requests_createdevicecontrolpoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_firewall_policies_command(client, args): + requests_createfirewallpoliciesv1_resources = argToList(args.get('requests_createfirewallpoliciesv1_resources', [])) + clone_id = str(args.get('clone_id', '')) + + response = client.create_firewall_policies_request(requests_createfirewallpoliciesv1_resources, clone_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_host_groups_command(client, args): + requests_creategroupsv1_resources = argToList(args.get('requests_creategroupsv1_resources', [])) + + response = client.create_host_groups_request(requests_creategroupsv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_or_updateaws_settings_command(client, args): + models_modifyawscustomersettingsv1_resources = argToList(args.get('models_modifyawscustomersettingsv1_resources', [])) + + response = client.create_or_updateaws_settings_request(models_modifyawscustomersettingsv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_prevention_policies_command(client, args): + requests_createpreventionpoliciesv1_resources = argToList(args.get('requests_createpreventionpoliciesv1_resources', [])) + + response = client.create_prevention_policies_request(requests_createpreventionpoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_rulesv1_command(client, args): + sadomain_createrulerequestv1_filter = str(args.get('sadomain_createrulerequestv1_filter', '')) + sadomain_createrulerequestv1_name = str(args.get('sadomain_createrulerequestv1_name', '')) + sadomain_createrulerequestv1_permissions = str(args.get('sadomain_createrulerequestv1_permissions', '')) + sadomain_createrulerequestv1_priority = str(args.get('sadomain_createrulerequestv1_priority', '')) + sadomain_createrulerequestv1_topic = str(args.get('sadomain_createrulerequestv1_topic', '')) + + response = client.create_rulesv1_request(sadomain_createrulerequestv1_filter, sadomain_createrulerequestv1_name, + sadomain_createrulerequestv1_permissions, sadomain_createrulerequestv1_priority, sadomain_createrulerequestv1_topic) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainRulesEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_sensor_update_policies_command(client, args): + requests_createsensorupdatepoliciesv1_resources = argToList(args.get('requests_createsensorupdatepoliciesv1_resources', [])) + + response = client.create_sensor_update_policies_request(requests_createsensorupdatepoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_sensor_update_policiesv2_command(client, args): + requests_createsensorupdatepoliciesv2_resources = argToList(args.get('requests_createsensorupdatepoliciesv2_resources', [])) + + response = client.create_sensor_update_policiesv2_request(requests_createsensorupdatepoliciesv2_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_user_command(client, args): + domain_usercreaterequest_firstname = str(args.get('domain_usercreaterequest_firstname', '')) + domain_usercreaterequest_lastname = str(args.get('domain_usercreaterequest_lastname', '')) + domain_usercreaterequest_password = str(args.get('domain_usercreaterequest_password', '')) + domain_usercreaterequest_uid = str(args.get('domain_usercreaterequest_uid', '')) + + response = client.create_user_request(domain_usercreaterequest_firstname, domain_usercreaterequest_lastname, + domain_usercreaterequest_password, domain_usercreaterequest_uid) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def create_user_groups_command(client, args): + domain_usergroupsrequestv1_resources = argToList(args.get('domain_usergroupsrequestv1_resources', [])) + + response = client.create_user_groups_request(domain_usergroupsrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserGroupsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createaws_account_command(client, args): + k8sreg_createawsaccreq_resources = argToList(args.get('k8sreg_createawsaccreq_resources', [])) + + response = client.createaws_account_request(k8sreg_createawsaccreq_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createcid_groups_command(client, args): + domain_cidgroupsrequestv1_resources = argToList(args.get('domain_cidgroupsrequestv1_resources', [])) + + response = client.createcid_groups_request(domain_cidgroupsrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainCIDGroupsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createcspm_aws_account_command(client, args): + registration_awsaccountcreaterequestextv2_resources = argToList( + args.get('registration_awsaccountcreaterequestextv2_resources', [])) + + response = client.createcspm_aws_account_request(registration_awsaccountcreaterequestextv2_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createcspmgcp_account_command(client, args): + registration_gcpaccountcreaterequestextv1_resources = argToList( + args.get('registration_gcpaccountcreaterequestextv1_resources', [])) + + response = client.createcspmgcp_account_request(registration_gcpaccountcreaterequestextv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createioc_command(client, args): + api_iocviewrecord_batch_id = str(args.get('api_iocviewrecord_batch_id', '')) + api_iocviewrecord_created_by = str(args.get('api_iocviewrecord_created_by', '')) + api_iocviewrecord_created_timestamp = str(args.get('api_iocviewrecord_created_timestamp', '')) + api_iocviewrecord_description = str(args.get('api_iocviewrecord_description', '')) + api_iocviewrecord_expiration_days = args.get('api_iocviewrecord_expiration_days', None) + api_iocviewrecord_expiration_timestamp = str(args.get('api_iocviewrecord_expiration_timestamp', '')) + api_iocviewrecord_modified_by = str(args.get('api_iocviewrecord_modified_by', '')) + api_iocviewrecord_modified_timestamp = str(args.get('api_iocviewrecord_modified_timestamp', '')) + api_iocviewrecord_policy = str(args.get('api_iocviewrecord_policy', '')) + api_iocviewrecord_share_level = str(args.get('api_iocviewrecord_share_level', '')) + api_iocviewrecord_source = str(args.get('api_iocviewrecord_source', '')) + api_iocviewrecord_type = str(args.get('api_iocviewrecord_type', '')) + api_iocviewrecord_value = str(args.get('api_iocviewrecord_value', '')) + + response = client.createioc_request(api_iocviewrecord_batch_id, api_iocviewrecord_created_by, api_iocviewrecord_created_timestamp, api_iocviewrecord_description, api_iocviewrecord_expiration_days, api_iocviewrecord_expiration_timestamp, + api_iocviewrecord_modified_by, api_iocviewrecord_modified_timestamp, api_iocviewrecord_policy, api_iocviewrecord_share_level, api_iocviewrecord_source, api_iocviewrecord_type, api_iocviewrecord_value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyIOC', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createml_exclusionsv1_command(client, args): + requests_mlexclusioncreatereqv1_comment = str(args.get('requests_mlexclusioncreatereqv1_comment', '')) + requests_mlexclusioncreatereqv1_excluded_from = argToList(args.get('requests_mlexclusioncreatereqv1_excluded_from', [])) + requests_mlexclusioncreatereqv1_groups = argToList(args.get('requests_mlexclusioncreatereqv1_groups', [])) + requests_mlexclusioncreatereqv1_value = str(args.get('requests_mlexclusioncreatereqv1_value', '')) + + response = client.createml_exclusionsv1_request(requests_mlexclusioncreatereqv1_comment, requests_mlexclusioncreatereqv1_excluded_from, + requests_mlexclusioncreatereqv1_groups, requests_mlexclusioncreatereqv1_value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesMlExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def creatert_response_policies_command(client, args): + requests_creatertresponsepoliciesv1_resources = argToList(args.get('requests_creatertresponsepoliciesv1_resources', [])) + + response = client.creatert_response_policies_request(requests_creatertresponsepoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createrule_command(client, args): + api_rulecreatev1_comment = str(args.get('api_rulecreatev1_comment', '')) + api_rulecreatev1_description = str(args.get('api_rulecreatev1_description', '')) + api_rulecreatev1_disposition_id = args.get('api_rulecreatev1_disposition_id', None) + api_rulecreatev1_field_values = argToList(args.get('api_rulecreatev1_field_values', [])) + api_rulecreatev1_name = str(args.get('api_rulecreatev1_name', '')) + api_rulecreatev1_pattern_severity = str(args.get('api_rulecreatev1_pattern_severity', '')) + api_rulecreatev1_rulegroup_id = str(args.get('api_rulecreatev1_rulegroup_id', '')) + api_rulecreatev1_ruletype_id = str(args.get('api_rulecreatev1_ruletype_id', '')) + + response = client.createrule_request(api_rulecreatev1_comment, api_rulecreatev1_description, api_rulecreatev1_disposition_id, api_rulecreatev1_field_values, + api_rulecreatev1_name, api_rulecreatev1_pattern_severity, api_rulecreatev1_rulegroup_id, api_rulecreatev1_ruletype_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createrulegroup_command(client, args): + clone_id = str(args.get('clone_id', '')) + li_ary = str(args.get('li_ary', '')) + comment = str(args.get('comment', '')) + fwmgr_api_rulegroupcreaterequestv1_description = str(args.get('fwmgr_api_rulegroupcreaterequestv1_description', '')) + fwmgr_api_rulegroupcreaterequestv1_enabled = argToBoolean(args.get('fwmgr_api_rulegroupcreaterequestv1_enabled', False)) + fwmgr_api_rulegroupcreaterequestv1_name = str(args.get('fwmgr_api_rulegroupcreaterequestv1_name', '')) + fwmgr_api_rulegroupcreaterequestv1_rules = argToList(args.get('fwmgr_api_rulegroupcreaterequestv1_rules', [])) + + response = client.createrulegroup_request(clone_id, li_ary, comment, fwmgr_api_rulegroupcreaterequestv1_description, + fwmgr_api_rulegroupcreaterequestv1_enabled, fwmgr_api_rulegroupcreaterequestv1_name, fwmgr_api_rulegroupcreaterequestv1_rules) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createrulegroup_mixin0_command(client, args): + api_rulegroupcreaterequestv1_comment = str(args.get('api_rulegroupcreaterequestv1_comment', '')) + api_rulegroupcreaterequestv1_description = str(args.get('api_rulegroupcreaterequestv1_description', '')) + api_rulegroupcreaterequestv1_name = str(args.get('api_rulegroupcreaterequestv1_name', '')) + api_rulegroupcreaterequestv1_platform = str(args.get('api_rulegroupcreaterequestv1_platform', '')) + + response = client.createrulegroup_mixin0_request( + api_rulegroupcreaterequestv1_comment, api_rulegroupcreaterequestv1_description, api_rulegroupcreaterequestv1_name, api_rulegroupcreaterequestv1_platform) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def createsv_exclusionsv1_command(client, args): + requests_svexclusioncreatereqv1_comment = str(args.get('requests_svexclusioncreatereqv1_comment', '')) + requests_svexclusioncreatereqv1_groups = argToList(args.get('requests_svexclusioncreatereqv1_groups', [])) + requests_svexclusioncreatereqv1_value = str(args.get('requests_svexclusioncreatereqv1_value', '')) + + response = client.createsv_exclusionsv1_request( + requests_svexclusioncreatereqv1_comment, requests_svexclusioncreatereqv1_groups, requests_svexclusioncreatereqv1_value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesMlExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def crowd_score_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.crowd_score_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaEnvironmentScoreResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def customersettingsread_command(client, args): + + response = client.customersettingsread_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.apicustomerSettingsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_actionv1_command(client, args): + id_ = str(args.get('id_', '')) + + response = client.delete_actionv1_request(id_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_device_control_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.delete_device_control_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_firewall_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.delete_firewall_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_host_groups_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.delete_host_groups_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_notificationsv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.delete_notificationsv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNotificationIDResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_prevention_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.delete_prevention_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_report_command(client, args): + ids = str(args.get('ids', '')) + + response = client.delete_report_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_rulesv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.delete_rulesv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainRuleQueryResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_samplev2_command(client, args): + ids = str(args.get('ids', '')) + + response = client.delete_samplev2_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_samplev3_command(client, args): + ids = str(args.get('ids', '')) + + response = client.delete_samplev3_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_sensor_update_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.delete_sensor_update_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_sensor_visibility_exclusionsv1_command(client, args): + ids = argToList(args.get('ids', [])) + comment = str(args.get('comment', '')) + + response = client.delete_sensor_visibility_exclusionsv1_request(ids, comment) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_user_command(client, args): + user_uuid = str(args.get('user_uuid', '')) + + response = client.delete_user_request(user_uuid) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_user_group_members_command(client, args): + domain_usergroupmembersrequestv1_resources = argToList(args.get('domain_usergroupmembersrequestv1_resources', [])) + + response = client.delete_user_group_members_request(domain_usergroupmembersrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserGroupMembersResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def delete_user_groups_command(client, args): + user_group_ids = argToList(args.get('user_group_ids', [])) + + response = client.delete_user_groups_request(user_group_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaEntitiesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleteaws_accounts_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.deleteaws_accounts_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.modelsBaseResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleteaws_accounts_mixin0_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.deleteaws_accounts_mixin0_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaMetaInfo', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deletecid_group_members_command(client, args): + domain_cidgroupmembersrequestv1_resources = argToList(args.get('domain_cidgroupmembersrequestv1_resources', [])) + + response = client.deletecid_group_members_request(domain_cidgroupmembersrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainCIDGroupMembersResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deletecid_groups_command(client, args): + cid_group_ids = argToList(args.get('cid_group_ids', [])) + + response = client.deletecid_groups_request(cid_group_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaEntitiesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deletecspm_aws_account_command(client, args): + ids = argToList(args.get('ids', [])) + organization_ids = argToList(args.get('organization_ids', [])) + + response = client.deletecspm_aws_account_request(ids, organization_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationBaseResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deletecspm_azure_account_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.deletecspm_azure_account_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationBaseResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleted_roles_command(client, args): + domain_mssprolerequestv1_resources = argToList(args.get('domain_mssprolerequestv1_resources', [])) + + response = client.deleted_roles_request(domain_mssprolerequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainMSSPRoleResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleteioa_exclusionsv1_command(client, args): + ids = argToList(args.get('ids', [])) + comment = str(args.get('comment', '')) + + response = client.deleteioa_exclusionsv1_request(ids, comment) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleteioc_command(client, args): + type_ = str(args.get('type_', '')) + value = str(args.get('value', '')) + + response = client.deleteioc_request(type_, value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyIOC', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleteml_exclusionsv1_command(client, args): + ids = argToList(args.get('ids', [])) + comment = str(args.get('comment', '')) + + response = client.deleteml_exclusionsv1_request(ids, comment) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesMlExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deletert_response_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.deletert_response_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleterulegroups_command(client, args): + ids = argToList(args.get('ids', [])) + comment = str(args.get('comment', '')) + + response = client.deleterulegroups_request(ids, comment) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleterulegroups_mixin0_command(client, args): + comment = str(args.get('comment', '')) + ids = argToList(args.get('ids', [])) + + response = client.deleterulegroups_mixin0_request(comment, ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def deleterules_command(client, args): + rule_group_id = str(args.get('rule_group_id', '')) + comment = str(args.get('comment', '')) + ids = argToList(args.get('ids', [])) + + response = client.deleterules_request(rule_group_id, comment, ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def devices_count_command(client, args): + type_ = str(args.get('type_', '')) + value = str(args.get('value', '')) + + response = client.devices_count_request(type_, value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyIOCDevicesCount', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def devices_ran_on_command(client, args): + type_ = str(args.get('type_', '')) + value = str(args.get('value', '')) + limit = str(args.get('limit', '')) + offset = str(args.get('offset', '')) + + response = client.devices_ran_on_request(type_, value, limit, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyDevicesRanOn', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def download_sensor_installer_by_id_command(client, args): + id_ = str(args.get('id_', '')) + + response = client.download_sensor_installer_by_id_request(id_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainDownloadItem', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def entitiesprocesses_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.entitiesprocesses_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaProcessDetailResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_actionsv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_actionsv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainActionEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_aggregate_detects_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.get_aggregate_detects_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_artifacts_command(client, args): + id_ = str(args.get('id_', '')) + name = str(args.get('name', '')) + + response = client.get_artifacts_request(id_, name) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_assessmentv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_assessmentv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainAssessmentsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_available_role_ids_command(client, args): + + response = client.get_available_role_ids_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_behaviors_command(client, args): + msa_idsrequest_ids = argToList(args.get('msa_idsrequest_ids', [])) + + response = client.get_behaviors_request(msa_idsrequest_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaExternalBehaviorResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_children_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_children_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainChildrenResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_cloudconnectazure_entities_account_v1_command(client, args): + ids = argToList(args.get('ids', [])) + scan_type = str(args.get('scan_type', '')) + + response = client.get_cloudconnectazure_entities_account_v1_request(ids, scan_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAzureAccountResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_cloudconnectazure_entities_userscriptsdownload_v1_command(client, args): + + response = client.get_cloudconnectazure_entities_userscriptsdownload_v1_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_cloudconnectcspmazure_entities_account_v1_command(client, args): + ids = argToList(args.get('ids', [])) + scan_type = str(args.get('scan_type', '')) + status = str(args.get('status', '')) + limit = int(args.get('limit', 100)) + offset = args.get('offset', None) + + response = client.get_cloudconnectcspmazure_entities_account_v1_request(ids, scan_type, status, limit, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAzureAccountResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_cloudconnectcspmazure_entities_userscriptsdownload_v1_command(client, args): + tenant_id = str(args.get('tenant_id', '')) + + response = client.get_cloudconnectcspmazure_entities_userscriptsdownload_v1_request(tenant_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_clusters_command(client, args): + cluster_names = argToList(args.get('cluster_names', [])) + account_ids = argToList(args.get('account_ids', [])) + locations = argToList(args.get('locations', [])) + cluster_service = str(args.get('cluster_service', '')) + limit = args.get('limit', None) + offset = args.get('offset', None) + + response = client.get_clusters_request(cluster_names, account_ids, locations, cluster_service, limit, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.k8sregGetClustersResp', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_combined_sensor_installers_by_query_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.get_combined_sensor_installers_by_query_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainSensorInstallersV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_detect_summaries_command(client, args): + msa_idsrequest_ids = argToList(args.get('msa_idsrequest_ids', [])) + + response = client.get_detect_summaries_request(msa_idsrequest_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainMsaDetectSummariesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_device_control_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_device_control_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesDeviceControlPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_device_count_collection_queries_by_filter_command(client, args): + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + + response = client.get_device_count_collection_queries_by_filter_request(limit, sort, filter_, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_device_details_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_device_details_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainDeviceDetailsResponseSwagger', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_firewall_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_firewall_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesFirewallPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_helm_values_yaml_command(client, args): + cluster_name = str(args.get('cluster_name', '')) + + response = client.get_helm_values_yaml_request(cluster_name) + command_results = CommandResults( + outputs_prefix='CrowdStrike.k8sregHelmYAMLResp', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_host_groups_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_host_groups_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesHostGroupsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_incidents_command(client, args): + msa_idsrequest_ids = argToList(args.get('msa_idsrequest_ids', [])) + + response = client.get_incidents_request(msa_idsrequest_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaExternalIncidentResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_intel_actor_entities_command(client, args): + ids = argToList(args.get('ids', [])) + fields = argToList(args.get('fields', [])) + + response = client.get_intel_actor_entities_request(ids, fields) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainActorsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_intel_indicator_entities_command(client, args): + msa_idsrequest_ids = argToList(args.get('msa_idsrequest_ids', [])) + + response = client.get_intel_indicator_entities_request(msa_idsrequest_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainPublicIndicatorsV3Response', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_intel_report_entities_command(client, args): + ids = argToList(args.get('ids', [])) + fields = argToList(args.get('fields', [])) + + response = client.get_intel_report_entities_request(ids, fields) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNewsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_intel_reportpdf_command(client, args): + id_ = str(args.get('id_', '')) + + response = client.get_intel_reportpdf_request(id_) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_intel_rule_entities_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_intel_rule_entities_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainRulesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_intel_rule_file_command(client, args): + id_ = args.get('id_', None) + format = str(args.get('format', '')) + + response = client.get_intel_rule_file_request(id_, format) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_latest_intel_rule_file_command(client, args): + type_ = str(args.get('type_', '')) + format = str(args.get('format', '')) + + response = client.get_latest_intel_rule_file_request(type_, format) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_locations_command(client, args): + clouds = argToList(args.get('clouds', [])) + + response = client.get_locations_request(clouds) + command_results = CommandResults( + outputs_prefix='CrowdStrike.k8sregGetLocationsResp', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_mal_query_downloadv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_mal_query_downloadv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_mal_query_entities_samples_fetchv1_command(client, args): + ids = str(args.get('ids', '')) + + response = client.get_mal_query_entities_samples_fetchv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_mal_query_metadatav1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_mal_query_metadatav1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.malquerySampleMetadataResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_mal_query_quotasv1_command(client, args): + + response = client.get_mal_query_quotasv1_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.malqueryRateLimitsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_mal_query_requestv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_mal_query_requestv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.malqueryRequestResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_notifications_detailed_translatedv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_notifications_detailed_translatedv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNotificationDetailsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_notifications_detailedv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_notifications_detailedv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNotificationDetailsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_notifications_translatedv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_notifications_translatedv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNotificationEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_notificationsv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_notificationsv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNotificationEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_prevention_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_prevention_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPreventionPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_reports_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_reports_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.falconxReportV1Response', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_roles_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_roles_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserRoleResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_roles_byid_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_roles_byid_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainMSSPRoleResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_rulesv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_rulesv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainRulesEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_samplev2_command(client, args): + ids = str(args.get('ids', '')) + password_protected = str(args.get('password_protected', 'False')) + + response = client.get_samplev2_request(ids, password_protected) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_samplev3_command(client, args): + ids = str(args.get('ids', '')) + password_protected = str(args.get('password_protected', 'False')) + + response = client.get_samplev3_request(ids, password_protected) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_scans_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_scans_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.mlscannerScanV1Response', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_scans_aggregates_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.get_scans_aggregates_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_sensor_installers_by_query_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.get_sensor_installers_by_query_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_sensor_installers_entities_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_sensor_installers_entities_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainSensorInstallersV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_sensor_installersccid_by_query_command(client, args): + + response = client.get_sensor_installersccid_by_query_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_sensor_update_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_sensor_update_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdatePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_sensor_update_policiesv2_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_sensor_update_policiesv2_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdatePoliciesV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_sensor_visibility_exclusionsv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_sensor_visibility_exclusionsv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSvExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_submissions_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_submissions_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.falconxSubmissionV1Response', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_summary_reports_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_summary_reports_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.falconxSummaryReportV1Response', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_user_group_members_byid_command(client, args): + user_group_ids = str(args.get('user_group_ids', '')) + + response = client.get_user_group_members_byid_request(user_group_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserGroupMembersResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_user_groups_byid_command(client, args): + user_group_ids = argToList(args.get('user_group_ids', [])) + + response = client.get_user_groups_byid_request(user_group_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserGroupsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_user_role_ids_command(client, args): + user_uuid = str(args.get('user_uuid', '')) + + response = client.get_user_role_ids_request(user_uuid) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def get_vulnerabilities_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.get_vulnerabilities_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getaws_accounts_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getaws_accounts_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.modelsAWSAccountsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getaws_accounts_mixin0_command(client, args): + ids = argToList(args.get('ids', [])) + status = str(args.get('status', '')) + limit = args.get('limit', None) + offset = args.get('offset', None) + + response = client.getaws_accounts_mixin0_request(ids, status, limit, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.k8sregGetAWSAccountsResp', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getaws_settings_command(client, args): + + response = client.getaws_settings_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.modelsCustomerConfigurationsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcid_group_by_id_command(client, args): + cid_group_ids = argToList(args.get('cid_group_ids', [])) + + response = client.getcid_group_by_id_request(cid_group_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainCIDGroupsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcid_group_members_by_command(client, args): + cid_group_ids = argToList(args.get('cid_group_ids', [])) + + response = client.getcid_group_members_by_request(cid_group_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainCIDGroupMembersResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspm_aws_account_command(client, args): + scan_type = str(args.get('scan_type', '')) + ids = argToList(args.get('ids', [])) + organization_ids = argToList(args.get('organization_ids', [])) + status = str(args.get('status', '')) + limit = int(args.get('limit', 100)) + offset = args.get('offset', None) + group_by = str(args.get('group_by', '')) + + response = client.getcspm_aws_account_request(scan_type, ids, organization_ids, status, limit, offset, group_by) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAWSAccountResponseV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspm_aws_account_scripts_attachment_command(client, args): + + response = client.getcspm_aws_account_scripts_attachment_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspm_aws_console_setupur_ls_command(client, args): + + response = client.getcspm_aws_console_setupur_ls_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAWSAccountConsoleURL', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspm_azure_user_scripts_command(client, args): + + response = client.getcspm_azure_user_scripts_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspm_policy_command(client, args): + ids = str(args.get('ids', '')) + + response = client.getcspm_policy_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationPolicyResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspm_policy_settings_command(client, args): + service = str(args.get('service', '')) + policy_id = str(args.get('policy_id', '')) + cloud_platform = str(args.get('cloud_platform', '')) + + response = client.getcspm_policy_settings_request(service, policy_id, cloud_platform) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationPolicySettingsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspm_scan_schedule_command(client, args): + cloud_platform = argToList(args.get('cloud_platform', [])) + + response = client.getcspm_scan_schedule_request(cloud_platform) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationScanScheduleResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspmcgp_account_command(client, args): + scan_type = str(args.get('scan_type', '')) + ids = argToList(args.get('ids', [])) + + response = client.getcspmcgp_account_request(scan_type, ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationGCPAccountResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspmgcp_user_scripts_command(client, args): + + response = client.getcspmgcp_user_scripts_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getcspmgcp_user_scripts_attachment_command(client, args): + + response = client.getcspmgcp_user_scripts_attachment_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getevents_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getevents_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiEventsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getfirewallfields_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getfirewallfields_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiFirewallFieldsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getioa_events_command(client, args): + policy_id = str(args.get('policy_id', '')) + cloud_provider = str(args.get('cloud_provider', '')) + account_id = str(args.get('account_id', '')) + azure_tenant_id = str(args.get('azure_tenant_id', '')) + user_ids = argToList(args.get('user_ids', [])) + offset = args.get('offset', None) + limit = args.get('limit', None) + + response = client.getioa_events_request(policy_id, cloud_provider, account_id, azure_tenant_id, user_ids, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationExternalIOAEventResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getioa_exclusionsv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getioa_exclusionsv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesIoaExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getioa_users_command(client, args): + policy_id = str(args.get('policy_id', '')) + cloud_provider = str(args.get('cloud_provider', '')) + account_id = str(args.get('account_id', '')) + azure_tenant_id = str(args.get('azure_tenant_id', '')) + + response = client.getioa_users_request(policy_id, cloud_provider, account_id, azure_tenant_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationIOAUserResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getioc_command(client, args): + type_ = str(args.get('type_', '')) + value = str(args.get('value', '')) + + response = client.getioc_request(type_, value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyIOC', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getml_exclusionsv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getml_exclusionsv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesMlExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getpatterns_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getpatterns_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiPatternsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getplatforms_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getplatforms_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiPlatformsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getplatforms_mixin0_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getplatforms_mixin0_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiPlatformsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getpolicycontainers_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getpolicycontainers_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiPolicyContainersResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getrt_response_policies_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getrt_response_policies_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesRTResponsePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getrulegroups_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getrulegroups_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiRuleGroupsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getrulegroups_mixin0_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getrulegroups_mixin0_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiRuleGroupsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getrules_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getrules_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiRulesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getrules_mixin0_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getrules_mixin0_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiRulesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getrulesget_command(client, args): + api_rulesgetrequestv1_ids = argToList(args.get('api_rulesgetrequestv1_ids', [])) + + response = client.getrulesget_request(api_rulesgetrequestv1_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiRulesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def getruletypes_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.getruletypes_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiRuleTypesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def grant_user_role_ids_command(client, args): + user_uuid = str(args.get('user_uuid', '')) + domain_roleids_roleids = argToList(args.get('domain_roleids_roleids', [])) + + response = client.grant_user_role_ids_request(user_uuid, domain_roleids_roleids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserRoleIDsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def indicatorcombinedv1_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.indicatorcombinedv1_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiIndicatorRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def indicatorcreatev1_command(client, args): + retrodetects = str(args.get('retrodetects', '')) + ignore_warnings = str(args.get('ignore_warnings', 'False')) + api_indicatorcreatereqsv1_comment = str(args.get('api_indicatorcreatereqsv1_comment', '')) + api_indicatorcreatereqsv1_indicators = argToList(args.get('api_indicatorcreatereqsv1_indicators', [])) + + response = client.indicatorcreatev1_request(retrodetects, ignore_warnings, + api_indicatorcreatereqsv1_comment, api_indicatorcreatereqsv1_indicators) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def indicatordeletev1_command(client, args): + filter_ = str(args.get('filter_', '')) + ids = argToList(args.get('ids', [])) + comment = str(args.get('comment', '')) + + response = client.indicatordeletev1_request(filter_, ids, comment) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiIndicatorQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def indicatorgetv1_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.indicatorgetv1_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiIndicatorRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def indicatorsearchv1_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.indicatorsearchv1_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiIndicatorQueryRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def indicatorupdatev1_command(client, args): + retrodetects = str(args.get('retrodetects', '')) + ignore_warnings = str(args.get('ignore_warnings', 'False')) + api_indicatorupdatereqsv1_bulk_update_action = str(args.get('api_indicatorupdatereqsv1_bulk_update_action', '')) + api_indicatorupdatereqsv1_bulk_update_applied_globally = argToBoolean( + args.get('api_indicatorupdatereqsv1_bulk_update_applied_globally', False)) + api_indicatorupdatereqsv1_bulk_update_description = str(args.get('api_indicatorupdatereqsv1_bulk_update_description', '')) + api_indicatorupdatereqsv1_bulk_update_expiration = str(args.get('api_indicatorupdatereqsv1_bulk_update_expiration', '')) + api_indicatorupdatereqsv1_bulk_update_filter = str(args.get('api_indicatorupdatereqsv1_bulk_update_filter', '')) + api_indicatorupdatereqsv1_bulk_update_host_groups = str(args.get('api_indicatorupdatereqsv1_bulk_update_host_groups', '')) + api_indicatorupdatereqsv1_bulk_update_mobile_action = str(args.get('api_indicatorupdatereqsv1_bulk_update_mobile_action', '')) + api_indicatorupdatereqsv1_bulk_update_platforms = str(args.get('api_indicatorupdatereqsv1_bulk_update_platforms', '')) + api_indicatorupdatereqsv1_bulk_update_severity = str(args.get('api_indicatorupdatereqsv1_bulk_update_severity', '')) + api_indicatorupdatereqsv1_bulk_update_source = str(args.get('api_indicatorupdatereqsv1_bulk_update_source', '')) + api_indicatorupdatereqsv1_bulk_update_tags = str(args.get('api_indicatorupdatereqsv1_bulk_update_tags', '')) + api_indicatorupdatereqsv1_bulk_update = assign_params(action=api_indicatorupdatereqsv1_bulk_update_action, applied_globally=api_indicatorupdatereqsv1_bulk_update_applied_globally, description=api_indicatorupdatereqsv1_bulk_update_description, expiration=api_indicatorupdatereqsv1_bulk_update_expiration, filter=api_indicatorupdatereqsv1_bulk_update_filter, + host_groups=api_indicatorupdatereqsv1_bulk_update_host_groups, mobile_action=api_indicatorupdatereqsv1_bulk_update_mobile_action, platforms=api_indicatorupdatereqsv1_bulk_update_platforms, severity=api_indicatorupdatereqsv1_bulk_update_severity, source=api_indicatorupdatereqsv1_bulk_update_source, tags=api_indicatorupdatereqsv1_bulk_update_tags) + api_indicatorupdatereqsv1_comment = str(args.get('api_indicatorupdatereqsv1_comment', '')) + api_indicatorupdatereqsv1_indicators = argToList(args.get('api_indicatorupdatereqsv1_indicators', [])) + + response = client.indicatorupdatev1_request(retrodetects, ignore_warnings, api_indicatorupdatereqsv1_bulk_update, + api_indicatorupdatereqsv1_comment, api_indicatorupdatereqsv1_indicators) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiIndicatorRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def list_available_streamso_auth2_command(client, args): + appId = str(args.get('appId', '')) + format = str(args.get('format', '')) + + response = client.list_available_streamso_auth2_request(appId, format) + command_results = CommandResults( + outputs_prefix='CrowdStrike.maindiscoveryResponseV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def oauth2_access_token_command(client, args): + client_id = str(args.get('client_id', '')) + client_secret = str(args.get('client_secret', '')) + member_cid = str(args.get('member_cid', '')) + + response = client.oauth2_access_token_request(client_id, client_secret, member_cid) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def oauth2_revoke_token_command(client, args): + token = str(args.get('token', '')) + + response = client.oauth2_revoke_token_request(token) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def patch_cloudconnectazure_entities_clientid_v1_command(client, args): + id_ = str(args.get('id_', '')) + + response = client.patch_cloudconnectazure_entities_clientid_v1_request(id_) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def patch_cloudconnectcspmazure_entities_clientid_v1_command(client, args): + id_ = str(args.get('id_', '')) + tenant_id = str(args.get('tenant_id', '')) + + response = client.patch_cloudconnectcspmazure_entities_clientid_v1_request(id_, tenant_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def patchcspm_aws_account_command(client, args): + registration_awsaccountpatchrequest_resources = argToList(args.get('registration_awsaccountpatchrequest_resources', [])) + + response = client.patchcspm_aws_account_request(registration_awsaccountpatchrequest_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def perform_actionv2_command(client, args): + action_name = str(args.get('action_name', '')) + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.perform_actionv2_request( + action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def perform_device_control_policies_action_command(client, args): + action_name = str(args.get('action_name', '')) + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.perform_device_control_policies_action_request( + action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesDeviceControlPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def perform_firewall_policies_action_command(client, args): + action_name = str(args.get('action_name', '')) + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.perform_firewall_policies_action_request( + action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesFirewallPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def perform_group_action_command(client, args): + action_name = str(args.get('action_name', '')) + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.perform_group_action_request( + action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesHostGroupsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def perform_incident_action_command(client, args): + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.perform_incident_action_request(msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def perform_prevention_policies_action_command(client, args): + action_name = str(args.get('action_name', '')) + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.perform_prevention_policies_action_request( + action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPreventionPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def perform_sensor_update_policies_action_command(client, args): + action_name = str(args.get('action_name', '')) + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.perform_sensor_update_policies_action_request( + action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdatePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def performrt_response_policies_action_command(client, args): + action_name = str(args.get('action_name', '')) + msa_entityactionrequestv2_action__meters = argToList(args.get('msa_entityactionrequestv2_action__meters', [])) + msa_entityactionrequestv2_ids = argToList(args.get('msa_entityactionrequestv2_ids', [])) + + response = client.performrt_response_policies_action_request( + action_name, msa_entityactionrequestv2_action__meters, msa_entityactionrequestv2_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesRTResponsePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def post_cloudconnectazure_entities_account_v1_command(client, args): + registration_azureaccountcreaterequestexternalv1_resources = argToList( + args.get('registration_azureaccountcreaterequestexternalv1_resources', [])) + + response = client.post_cloudconnectazure_entities_account_v1_request( + registration_azureaccountcreaterequestexternalv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def post_cloudconnectcspmazure_entities_account_v1_command(client, args): + registration_azureaccountcreaterequestexternalv1_resources = argToList( + args.get('registration_azureaccountcreaterequestexternalv1_resources', [])) + + response = client.post_cloudconnectcspmazure_entities_account_v1_request( + registration_azureaccountcreaterequestexternalv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def post_mal_query_entities_samples_multidownloadv1_command(client, args): + malquery_multidownloadrequestv1_samples = argToList(args.get('malquery_multidownloadrequestv1_samples', [])) + + response = client.post_mal_query_entities_samples_multidownloadv1_request(malquery_multidownloadrequestv1_samples) + command_results = CommandResults( + outputs_prefix='CrowdStrike.malqueryExternalQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def post_mal_query_exact_searchv1_command(client, args): + malquery_externalexactsearchparametersv1_options_filter_filetypes = str( + args.get('malquery_externalexactsearchparametersv1_options_filter_filetypes', '')) + malquery_externalexactsearchparametersv1_options_filter_meta = str( + args.get('malquery_externalexactsearchparametersv1_options_filter_meta', '')) + malquery_externalexactsearchparametersv1_options_limit = args.get( + 'malquery_externalexactsearchparametersv1_options_limit', None) + malquery_externalexactsearchparametersv1_options_max_date = str( + args.get('malquery_externalexactsearchparametersv1_options_max_date', '')) + malquery_externalexactsearchparametersv1_options_max_size = str( + args.get('malquery_externalexactsearchparametersv1_options_max_size', '')) + malquery_externalexactsearchparametersv1_options_min_date = str( + args.get('malquery_externalexactsearchparametersv1_options_min_date', '')) + malquery_externalexactsearchparametersv1_options_min_size = str( + args.get('malquery_externalexactsearchparametersv1_options_min_size', '')) + malquery_externalexactsearchparametersv1_options = assign_params(filter_filetypes=malquery_externalexactsearchparametersv1_options_filter_filetypes, filter_meta=malquery_externalexactsearchparametersv1_options_filter_meta, limit=malquery_externalexactsearchparametersv1_options_limit, + max_date=malquery_externalexactsearchparametersv1_options_max_date, max_size=malquery_externalexactsearchparametersv1_options_max_size, min_date=malquery_externalexactsearchparametersv1_options_min_date, min_size=malquery_externalexactsearchparametersv1_options_min_size) + malquery_externalexactsearchparametersv1_patterns = argToList( + args.get('malquery_externalexactsearchparametersv1_patterns', [])) + + response = client.post_mal_query_exact_searchv1_request( + malquery_externalexactsearchparametersv1_options, malquery_externalexactsearchparametersv1_patterns) + command_results = CommandResults( + outputs_prefix='CrowdStrike.malqueryExternalQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def post_mal_query_fuzzy_searchv1_command(client, args): + malquery_fuzzysearchparametersv1_options_filter_meta = str( + args.get('malquery_fuzzysearchparametersv1_options_filter_meta', '')) + malquery_fuzzysearchparametersv1_options_limit = args.get('malquery_fuzzysearchparametersv1_options_limit', None) + malquery_fuzzysearchparametersv1_options = assign_params( + filter_meta=malquery_fuzzysearchparametersv1_options_filter_meta, limit=malquery_fuzzysearchparametersv1_options_limit) + malquery_fuzzysearchparametersv1_patterns = argToList(args.get('malquery_fuzzysearchparametersv1_patterns', [])) + + response = client.post_mal_query_fuzzy_searchv1_request( + malquery_fuzzysearchparametersv1_options, malquery_fuzzysearchparametersv1_patterns) + command_results = CommandResults( + outputs_prefix='CrowdStrike.malqueryFuzzySearchResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def post_mal_query_huntv1_command(client, args): + malquery_externalhuntparametersv1_options_filter_filetypes = str( + args.get('malquery_externalhuntparametersv1_options_filter_filetypes', '')) + malquery_externalhuntparametersv1_options_filter_meta = str( + args.get('malquery_externalhuntparametersv1_options_filter_meta', '')) + malquery_externalhuntparametersv1_options_limit = args.get('malquery_externalhuntparametersv1_options_limit', None) + malquery_externalhuntparametersv1_options_max_date = str(args.get('malquery_externalhuntparametersv1_options_max_date', '')) + malquery_externalhuntparametersv1_options_max_size = str(args.get('malquery_externalhuntparametersv1_options_max_size', '')) + malquery_externalhuntparametersv1_options_min_date = str(args.get('malquery_externalhuntparametersv1_options_min_date', '')) + malquery_externalhuntparametersv1_options_min_size = str(args.get('malquery_externalhuntparametersv1_options_min_size', '')) + malquery_externalhuntparametersv1_options = assign_params(filter_filetypes=malquery_externalhuntparametersv1_options_filter_filetypes, filter_meta=malquery_externalhuntparametersv1_options_filter_meta, limit=malquery_externalhuntparametersv1_options_limit, + max_date=malquery_externalhuntparametersv1_options_max_date, max_size=malquery_externalhuntparametersv1_options_max_size, min_date=malquery_externalhuntparametersv1_options_min_date, min_size=malquery_externalhuntparametersv1_options_min_size) + malquery_externalhuntparametersv1_yara_rule = str(args.get('malquery_externalhuntparametersv1_yara_rule', '')) + + response = client.post_mal_query_huntv1_request( + malquery_externalhuntparametersv1_options, malquery_externalhuntparametersv1_yara_rule) + command_results = CommandResults( + outputs_prefix='CrowdStrike.malqueryExternalQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def preview_rulev1_command(client, args): + domain_rulepreviewrequest_filter = str(args.get('domain_rulepreviewrequest_filter', '')) + domain_rulepreviewrequest_topic = str(args.get('domain_rulepreviewrequest_topic', '')) + + response = client.preview_rulev1_request(domain_rulepreviewrequest_filter, domain_rulepreviewrequest_topic) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def processes_ran_on_command(client, args): + type_ = str(args.get('type_', '')) + value = str(args.get('value', '')) + device_id = str(args.get('device_id', '')) + limit = str(args.get('limit', '')) + offset = str(args.get('offset', '')) + + response = client.processes_ran_on_request(type_, value, device_id, limit, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyProcessesRanOn', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def provisionaws_accounts_command(client, args): + mode = str(args.get('mode', 'manual')) + models_createawsaccountsv1_resources = argToList(args.get('models_createawsaccountsv1_resources', [])) + + response = client.provisionaws_accounts_request(mode, models_createawsaccountsv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_actionsv1_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + + response = client.query_actionsv1_request(offset, limit, sort, filter_, q) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_allow_list_filter_command(client, args): + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + + response = client.query_allow_list_filter_request(limit, sort, filter_, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_behaviors_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_behaviors_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_block_list_filter_command(client, args): + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + + response = client.query_block_list_filter_request(limit, sort, filter_, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_children_command(client, args): + sort = str(args.get('sort', 'last_modified_timestamp|desc')) + offset = int(args.get('offset', 0)) + limit = int(args.get('limit', 10)) + + response = client.query_children_request(sort, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_device_control_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_device_control_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesDeviceControlPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_device_control_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_device_control_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPolicyMembersRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_firewall_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_firewall_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesFirewallPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_firewall_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_firewall_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPolicyMembersRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_group_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_group_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesHostGroupMembersV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_host_groups_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_host_groups_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesHostGroupsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_prevention_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_prevention_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPreventionPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_prevention_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_prevention_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPolicyMembersRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_sensor_update_builds_command(client, args): + platform = str(args.get('platform', '')) + + response = client.query_combined_sensor_update_builds_request(platform) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdateBuildsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_sensor_update_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_sensor_update_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdatePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_sensor_update_policiesv2_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_sensor_update_policiesv2_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdatePoliciesV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combined_sensor_update_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combined_sensor_update_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPolicyMembersRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combinedrt_response_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combinedrt_response_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesRTResponsePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_combinedrt_response_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_combinedrt_response_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPolicyMembersRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_detection_ids_by_filter_command(client, args): + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + + response = client.query_detection_ids_by_filter_request(limit, sort, filter_, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_detects_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + + response = client.query_detects_request(offset, limit, sort, filter_, q) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_device_control_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_device_control_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_device_control_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_device_control_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_devices_by_filter_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.query_devices_by_filter_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_devices_by_filter_scroll_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.query_devices_by_filter_scroll_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainDeviceResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_escalations_filter_command(client, args): + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + + response = client.query_escalations_filter_request(limit, sort, filter_, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_firewall_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_firewall_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_firewall_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_firewall_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_group_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_group_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_hidden_devices_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.query_hidden_devices_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_host_groups_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_host_groups_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_incident_ids_by_filter_command(client, args): + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + + response = client.query_incident_ids_by_filter_request(limit, sort, filter_, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_incidents_command(client, args): + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.query_incidents_request(sort, filter_, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaIncidentQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_intel_actor_entities_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + fields = argToList(args.get('fields', [])) + + response = client.query_intel_actor_entities_request(offset, limit, sort, filter_, q, fields) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainActorsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_intel_actor_ids_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + + response = client.query_intel_actor_ids_request(offset, limit, sort, filter_, q) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_intel_indicator_entities_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + include_deleted = argToBoolean(args.get('include_deleted', False)) + + response = client.query_intel_indicator_entities_request(offset, limit, sort, filter_, q, include_deleted) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainPublicIndicatorsV3Response', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_intel_indicator_ids_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + include_deleted = argToBoolean(args.get('include_deleted', False)) + + response = client.query_intel_indicator_ids_request(offset, limit, sort, filter_, q, include_deleted) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_intel_report_entities_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + fields = argToList(args.get('fields', [])) + + response = client.query_intel_report_entities_request(offset, limit, sort, filter_, q, fields) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNewsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_intel_report_ids_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + + response = client.query_intel_report_ids_request(offset, limit, sort, filter_, q) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_intel_rule_ids_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + name = argToList(args.get('name', [])) + type_ = str(args.get('type_', '')) + description = argToList(args.get('description', [])) + tags = argToList(args.get('tags', [])) + min_created_date = args.get('min_created_date', None) + max_created_date = str(args.get('max_created_date', '')) + q = str(args.get('q', '')) + + response = client.query_intel_rule_ids_request( + offset, limit, sort, name, type_, description, tags, min_created_date, max_created_date, q) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_notificationsv1_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + + response = client.query_notificationsv1_request(offset, limit, sort, filter_, q) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_prevention_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_prevention_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_prevention_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_prevention_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_remediations_filter_command(client, args): + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + + response = client.query_remediations_filter_request(limit, sort, filter_, offset) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_reports_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_reports_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_roles_command(client, args): + user_group_id = str(args.get('user_group_id', '')) + cid_group_id = str(args.get('cid_group_id', '')) + role_id = str(args.get('role_id', '')) + sort = str(args.get('sort', 'last_modified_timestamp|desc')) + offset = int(args.get('offset', 0)) + limit = int(args.get('limit', 10)) + + response = client.query_roles_request(user_group_id, cid_group_id, role_id, sort, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_rulesv1_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + + response = client.query_rulesv1_request(offset, limit, sort, filter_, q) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainRuleQueryResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_samplev1_command(client, args): + samplestore_querysamplesrequest_sha256s = argToList(args.get('samplestore_querysamplesrequest_sha256s', [])) + + response = client.query_samplev1_request(samplestore_querysamplesrequest_sha256s) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_sensor_update_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_sensor_update_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_sensor_update_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_sensor_update_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_sensor_visibility_exclusionsv1_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_sensor_visibility_exclusionsv1_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_submissions_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_submissions_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_submissions_mixin0_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.query_submissions_mixin0_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.mlscannerQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_user_group_members_command(client, args): + user_uuid = str(args.get('user_uuid', '')) + sort = str(args.get('sort', 'last_modified_timestamp|desc')) + offset = int(args.get('offset', 0)) + limit = int(args.get('limit', 10)) + + response = client.query_user_group_members_request(user_uuid, sort, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_user_groups_command(client, args): + name = str(args.get('name', '')) + sort = str(args.get('sort', 'name|asc')) + offset = int(args.get('offset', 0)) + limit = int(args.get('limit', 10)) + + response = client.query_user_groups_request(name, sort, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def query_vulnerabilities_command(client, args): + after = str(args.get('after', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.query_vulnerabilities_request(after, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainSPAPIQueryVulnerabilitiesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryaws_accounts_command(client, args): + limit = int(args.get('limit', 100)) + offset = args.get('offset', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.queryaws_accounts_request(limit, offset, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.modelsAWSAccountsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryaws_accounts_fori_ds_command(client, args): + limit = int(args.get('limit', 100)) + offset = args.get('offset', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.queryaws_accounts_fori_ds_request(limit, offset, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def querycid_group_members_command(client, args): + cid = str(args.get('cid', '')) + sort = str(args.get('sort', 'last_modified_timestamp|desc')) + offset = int(args.get('offset', 0)) + limit = int(args.get('limit', 10)) + + response = client.querycid_group_members_request(cid, sort, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def querycid_groups_command(client, args): + name = str(args.get('name', '')) + sort = str(args.get('sort', 'name|asc')) + offset = int(args.get('offset', 0)) + limit = int(args.get('limit', 10)) + + response = client.querycid_groups_request(name, sort, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryevents_command(client, args): + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + offset = str(args.get('offset', '')) + after = str(args.get('after', '')) + limit = args.get('limit', None) + + response = client.queryevents_request(sort, filter_, q, offset, after, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryfirewallfields_command(client, args): + platform_id = str(args.get('platform_id', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.queryfirewallfields_request(platform_id, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrmsaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryio_cs_command(client, args): + types = str(args.get('types', '')) + values = str(args.get('values', '')) + from_expiration_timestamp = str(args.get('from_expiration_timestamp', '')) + to_expiration_timestamp = str(args.get('to_expiration_timestamp', '')) + policies = str(args.get('policies', '')) + sources = str(args.get('sources', '')) + share_levels = str(args.get('share_levels', '')) + created_by = str(args.get('created_by', '')) + deleted_by = str(args.get('deleted_by', '')) + include_deleted = str(args.get('include_deleted', '')) + + response = client.queryio_cs_request(types, values, from_expiration_timestamp, to_expiration_timestamp, + policies, sources, share_levels, created_by, deleted_by, include_deleted) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyIOCIDs', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryioa_exclusionsv1_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.queryioa_exclusionsv1_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryml_exclusionsv1_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.queryml_exclusionsv1_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def querypatterns_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.querypatterns_request(offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryplatforms_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.queryplatforms_request(offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrmsaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryplatforms_mixin0_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.queryplatforms_mixin0_request(offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def querypolicyrules_command(client, args): + id_ = str(args.get('id_', '')) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.querypolicyrules_request(id_, sort, filter_, q, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryrt_response_policies_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.queryrt_response_policies_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryrt_response_policy_members_command(client, args): + id_ = str(args.get('id_', '')) + filter_ = str(args.get('filter_', '')) + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.queryrt_response_policy_members_request(id_, filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryrulegroups_command(client, args): + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + offset = str(args.get('offset', '')) + after = str(args.get('after', '')) + limit = args.get('limit', None) + + response = client.queryrulegroups_request(sort, filter_, q, offset, after, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryrulegroups_mixin0_command(client, args): + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.queryrulegroups_mixin0_request(sort, filter_, q, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryrulegroupsfull_command(client, args): + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.queryrulegroupsfull_request(sort, filter_, q, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryrules_command(client, args): + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + offset = str(args.get('offset', '')) + after = str(args.get('after', '')) + limit = args.get('limit', None) + + response = client.queryrules_request(sort, filter_, q, offset, after, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryrules_mixin0_command(client, args): + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + q = str(args.get('q', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.queryrules_mixin0_request(sort, filter_, q, offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def queryruletypes_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + + response = client.queryruletypes_request(offset, limit) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def refresh_active_stream_session_command(client, args): + action_name = str(args.get('action_name', '')) + appId = str(args.get('appId', '')) + partition = args.get('partition', None) + + response = client.refresh_active_stream_session_request(action_name, appId, partition) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def regenerateapi_key_command(client, args): + + response = client.regenerateapi_key_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.k8sregRegenAPIKeyResp', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def retrieve_emails_bycid_command(client, args): + + response = client.retrieve_emails_bycid_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def retrieve_user_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.retrieve_user_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserMetaDataResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def retrieve_useruui_ds_bycid_command(client, args): + + response = client.retrieve_useruui_ds_bycid_request() + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def retrieve_useruuid_command(client, args): + uid = argToList(args.get('uid', [])) + + response = client.retrieve_useruuid_request(uid) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def reveal_uninstall_token_command(client, args): + requests_revealuninstalltokenv1_audit_message = str(args.get('requests_revealuninstalltokenv1_audit_message', '')) + requests_revealuninstalltokenv1_device_id = str(args.get('requests_revealuninstalltokenv1_device_id', '')) + + response = client.reveal_uninstall_token_request( + requests_revealuninstalltokenv1_audit_message, requests_revealuninstalltokenv1_device_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesRevealUninstallTokenRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def revoke_user_role_ids_command(client, args): + user_uuid = str(args.get('user_uuid', '')) + ids = argToList(args.get('ids', [])) + + response = client.revoke_user_role_ids_request(user_uuid, ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserRoleIDsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_aggregate_sessions_command(client, args): + msa_aggregatequeryrequest_date_ranges = argToList(args.get('msa_aggregatequeryrequest_date_ranges', [])) + msa_aggregatequeryrequest_field = str(args.get('msa_aggregatequeryrequest_field', '')) + msa_aggregatequeryrequest_filter = str(args.get('msa_aggregatequeryrequest_filter', '')) + msa_aggregatequeryrequest_interval = str(args.get('msa_aggregatequeryrequest_interval', '')) + msa_aggregatequeryrequest_min_doc_count = args.get('msa_aggregatequeryrequest_min_doc_count', None) + msa_aggregatequeryrequest_missing = str(args.get('msa_aggregatequeryrequest_missing', '')) + msa_aggregatequeryrequest_name = str(args.get('msa_aggregatequeryrequest_name', '')) + msa_aggregatequeryrequest_q = str(args.get('msa_aggregatequeryrequest_q', '')) + msa_aggregatequeryrequest_ranges = argToList(args.get('msa_aggregatequeryrequest_ranges', [])) + msa_aggregatequeryrequest_size = args.get('msa_aggregatequeryrequest_size', None) + msa_aggregatequeryrequest_sort = str(args.get('msa_aggregatequeryrequest_sort', '')) + msa_aggregatequeryrequest_sub_aggregates = argToList(args.get('msa_aggregatequeryrequest_sub_aggregates', [])) + msa_aggregatequeryrequest_time_zone = str(args.get('msa_aggregatequeryrequest_time_zone', '')) + msa_aggregatequeryrequest_type = str(args.get('msa_aggregatequeryrequest_type', '')) + + response = client.rtr_aggregate_sessions_request(msa_aggregatequeryrequest_date_ranges, msa_aggregatequeryrequest_field, msa_aggregatequeryrequest_filter, msa_aggregatequeryrequest_interval, msa_aggregatequeryrequest_min_doc_count, msa_aggregatequeryrequest_missing, + msa_aggregatequeryrequest_name, msa_aggregatequeryrequest_q, msa_aggregatequeryrequest_ranges, msa_aggregatequeryrequest_size, msa_aggregatequeryrequest_sort, msa_aggregatequeryrequest_sub_aggregates, msa_aggregatequeryrequest_time_zone, msa_aggregatequeryrequest_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaAggregatesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_check_active_responder_command_status_command(client, args): + cloud_request_id = str(args.get('cloud_request_id', '')) + sequence_id = int(args.get('sequence_id', 0)) + + response = client.rtr_check_active_responder_command_status_request(cloud_request_id, sequence_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainStatusResponseWrapper', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_check_admin_command_status_command(client, args): + cloud_request_id = str(args.get('cloud_request_id', '')) + sequence_id = int(args.get('sequence_id', 0)) + + response = client.rtr_check_admin_command_status_request(cloud_request_id, sequence_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainStatusResponseWrapper', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_check_command_status_command(client, args): + cloud_request_id = str(args.get('cloud_request_id', '')) + sequence_id = int(args.get('sequence_id', 0)) + + response = client.rtr_check_command_status_request(cloud_request_id, sequence_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainStatusResponseWrapper', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_create_put_files_command(client, args): + file = str(args.get('file', '')) + description = str(args.get('description', '')) + name = str(args.get('name', '')) + comments_for_audit_log = str(args.get('comments_for_audit_log', '')) + + response = client.rtr_create_put_files_request(file, description, name, comments_for_audit_log) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_create_scripts_command(client, args): + file = str(args.get('file', '')) + description = str(args.get('description', '')) + name = str(args.get('name', '')) + comments_for_audit_log = str(args.get('comments_for_audit_log', '')) + permission_type = str(args.get('permission_type', 'none')) + content = str(args.get('content', '')) + platform = argToList(args.get('platform', [])) + + response = client.rtr_create_scripts_request( + file, description, name, comments_for_audit_log, permission_type, content, platform) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_delete_file_command(client, args): + ids = str(args.get('ids', '')) + session_id = str(args.get('session_id', '')) + + response = client.rtr_delete_file_request(ids, session_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_delete_put_files_command(client, args): + ids = str(args.get('ids', '')) + + response = client.rtr_delete_put_files_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_delete_queued_session_command(client, args): + session_id = str(args.get('session_id', '')) + cloud_request_id = str(args.get('cloud_request_id', '')) + + response = client.rtr_delete_queued_session_request(session_id, cloud_request_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_delete_scripts_command(client, args): + ids = str(args.get('ids', '')) + + response = client.rtr_delete_scripts_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_delete_session_command(client, args): + session_id = str(args.get('session_id', '')) + + response = client.rtr_delete_session_request(session_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_execute_active_responder_command_command(client, args): + domain_commandexecuterequest_base_command = str(args.get('domain_commandexecuterequest_base_command', '')) + domain_commandexecuterequest_command_string = str(args.get('domain_commandexecuterequest_command_string', '')) + domain_commandexecuterequest_device_id = str(args.get('domain_commandexecuterequest_device_id', '')) + domain_commandexecuterequest_id = args.get('domain_commandexecuterequest_id', None) + domain_commandexecuterequest_persist = argToBoolean(args.get('domain_commandexecuterequest_persist', False)) + domain_commandexecuterequest_session_id = str(args.get('domain_commandexecuterequest_session_id', '')) + + response = client.rtr_execute_active_responder_command_request(domain_commandexecuterequest_base_command, domain_commandexecuterequest_command_string, + domain_commandexecuterequest_device_id, domain_commandexecuterequest_id, domain_commandexecuterequest_persist, domain_commandexecuterequest_session_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_execute_admin_command_command(client, args): + domain_commandexecuterequest_base_command = str(args.get('domain_commandexecuterequest_base_command', '')) + domain_commandexecuterequest_command_string = str(args.get('domain_commandexecuterequest_command_string', '')) + domain_commandexecuterequest_device_id = str(args.get('domain_commandexecuterequest_device_id', '')) + domain_commandexecuterequest_id = args.get('domain_commandexecuterequest_id', None) + domain_commandexecuterequest_persist = argToBoolean(args.get('domain_commandexecuterequest_persist', False)) + domain_commandexecuterequest_session_id = str(args.get('domain_commandexecuterequest_session_id', '')) + + response = client.rtr_execute_admin_command_request(domain_commandexecuterequest_base_command, domain_commandexecuterequest_command_string, + domain_commandexecuterequest_device_id, domain_commandexecuterequest_id, domain_commandexecuterequest_persist, domain_commandexecuterequest_session_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_execute_command_command(client, args): + domain_commandexecuterequest_base_command = str(args.get('domain_commandexecuterequest_base_command', '')) + domain_commandexecuterequest_command_string = str(args.get('domain_commandexecuterequest_command_string', '')) + domain_commandexecuterequest_device_id = str(args.get('domain_commandexecuterequest_device_id', '')) + domain_commandexecuterequest_id = args.get('domain_commandexecuterequest_id', None) + domain_commandexecuterequest_persist = argToBoolean(args.get('domain_commandexecuterequest_persist', False)) + domain_commandexecuterequest_session_id = str(args.get('domain_commandexecuterequest_session_id', '')) + + response = client.rtr_execute_command_request(domain_commandexecuterequest_base_command, domain_commandexecuterequest_command_string, + domain_commandexecuterequest_device_id, domain_commandexecuterequest_id, domain_commandexecuterequest_persist, domain_commandexecuterequest_session_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_get_extracted_file_contents_command(client, args): + session_id = str(args.get('session_id', '')) + sha256 = str(args.get('sha256', '')) + filename = str(args.get('filename', '')) + + response = client.rtr_get_extracted_file_contents_request(session_id, sha256, filename) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_get_put_files_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.rtr_get_put_files_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.binservclientMsaPFResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_get_scripts_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.rtr_get_scripts_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.binservclientMsaPFResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_init_session_command(client, args): + domain_initrequest_device_id = str(args.get('domain_initrequest_device_id', '')) + domain_initrequest_origin = str(args.get('domain_initrequest_origin', '')) + domain_initrequest_queue_offline = argToBoolean(args.get('domain_initrequest_queue_offline', False)) + + response = client.rtr_init_session_request( + domain_initrequest_device_id, domain_initrequest_origin, domain_initrequest_queue_offline) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_list_all_sessions_command(client, args): + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.rtr_list_all_sessions_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainListSessionsResponseMsa', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_list_files_command(client, args): + session_id = str(args.get('session_id', '')) + + response = client.rtr_list_files_request(session_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainListFilesResponseWrapper', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_list_put_files_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.rtr_list_put_files_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.binservclientMsaPutFileResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_list_queued_sessions_command(client, args): + msa_idsrequest_ids = argToList(args.get('msa_idsrequest_ids', [])) + + response = client.rtr_list_queued_sessions_request(msa_idsrequest_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainQueuedSessionResponseWrapper', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_list_scripts_command(client, args): + filter_ = str(args.get('filter_', '')) + offset = str(args.get('offset', '')) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + + response = client.rtr_list_scripts_request(filter_, offset, limit, sort) + command_results = CommandResults( + outputs_prefix='CrowdStrike.binservclientMsaPutFileResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_list_sessions_command(client, args): + msa_idsrequest_ids = argToList(args.get('msa_idsrequest_ids', [])) + + response = client.rtr_list_sessions_request(msa_idsrequest_ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainSessionResponseWrapper', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_pulse_session_command(client, args): + domain_initrequest_device_id = str(args.get('domain_initrequest_device_id', '')) + domain_initrequest_origin = str(args.get('domain_initrequest_origin', '')) + domain_initrequest_queue_offline = argToBoolean(args.get('domain_initrequest_queue_offline', False)) + + response = client.rtr_pulse_session_request( + domain_initrequest_device_id, domain_initrequest_origin, domain_initrequest_queue_offline) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def rtr_update_scripts_command(client, args): + id_ = str(args.get('id_', '')) + file = str(args.get('file', '')) + description = str(args.get('description', '')) + name = str(args.get('name', '')) + comments_for_audit_log = str(args.get('comments_for_audit_log', '')) + permission_type = str(args.get('permission_type', 'none')) + content = str(args.get('content', '')) + platform = argToList(args.get('platform', [])) + + response = client.rtr_update_scripts_request( + id_, file, description, name, comments_for_audit_log, permission_type, content, platform) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def scan_samples_command(client, args): + mlscanner_samplesscanparameters_samples = argToList(args.get('mlscanner_samplesscanparameters_samples', [])) + + response = client.scan_samples_request(mlscanner_samplesscanparameters_samples) + command_results = CommandResults( + outputs_prefix='CrowdStrike.mlscannerQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def set_device_control_policies_precedence_command(client, args): + requests_setpolicyprecedencereqv1_ids = argToList(args.get('requests_setpolicyprecedencereqv1_ids', [])) + requests_setpolicyprecedencereqv1_platform_name = str(args.get('requests_setpolicyprecedencereqv1_platform_name', '')) + + response = client.set_device_control_policies_precedence_request( + requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def set_firewall_policies_precedence_command(client, args): + requests_setpolicyprecedencereqv1_ids = argToList(args.get('requests_setpolicyprecedencereqv1_ids', [])) + requests_setpolicyprecedencereqv1_platform_name = str(args.get('requests_setpolicyprecedencereqv1_platform_name', '')) + + response = client.set_firewall_policies_precedence_request( + requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def set_prevention_policies_precedence_command(client, args): + requests_setpolicyprecedencereqv1_ids = argToList(args.get('requests_setpolicyprecedencereqv1_ids', [])) + requests_setpolicyprecedencereqv1_platform_name = str(args.get('requests_setpolicyprecedencereqv1_platform_name', '')) + + response = client.set_prevention_policies_precedence_request( + requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def set_sensor_update_policies_precedence_command(client, args): + requests_setpolicyprecedencereqv1_ids = argToList(args.get('requests_setpolicyprecedencereqv1_ids', [])) + requests_setpolicyprecedencereqv1_platform_name = str(args.get('requests_setpolicyprecedencereqv1_platform_name', '')) + + response = client.set_sensor_update_policies_precedence_request( + requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def setrt_response_policies_precedence_command(client, args): + requests_setpolicyprecedencereqv1_ids = argToList(args.get('requests_setpolicyprecedencereqv1_ids', [])) + requests_setpolicyprecedencereqv1_platform_name = str(args.get('requests_setpolicyprecedencereqv1_platform_name', '')) + + response = client.setrt_response_policies_precedence_request( + requests_setpolicyprecedencereqv1_ids, requests_setpolicyprecedencereqv1_platform_name) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def submit_command(client, args): + falconx_submissionparametersv1_sandbox = argToList(args.get('falconx_submissionparametersv1_sandbox', [])) + falconx_submissionparametersv1_user_tags = argToList(args.get('falconx_submissionparametersv1_user_tags', [])) + + response = client.submit_request(falconx_submissionparametersv1_sandbox, falconx_submissionparametersv1_user_tags) + command_results = CommandResults( + outputs_prefix='CrowdStrike.falconxSubmissionV1Response', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def tokenscreate_command(client, args): + api_tokencreaterequestv1_expires_timestamp = str(args.get('api_tokencreaterequestv1_expires_timestamp', '')) + api_tokencreaterequestv1_label = str(args.get('api_tokencreaterequestv1_label', '')) + api_tokencreaterequestv1_type = str(args.get('api_tokencreaterequestv1_type', '')) + + response = client.tokenscreate_request(api_tokencreaterequestv1_expires_timestamp, + api_tokencreaterequestv1_label, api_tokencreaterequestv1_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def tokensdelete_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.tokensdelete_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def tokensquery_command(client, args): + offset = args.get('offset', None) + limit = args.get('limit', None) + sort = str(args.get('sort', '')) + filter_ = str(args.get('filter_', '')) + + response = client.tokensquery_request(offset, limit, sort, filter_) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def tokensread_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.tokensread_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apitokenDetailsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def tokensupdate_command(client, args): + ids = argToList(args.get('ids', [])) + api_tokenpatchrequestv1_expires_timestamp = str(args.get('api_tokenpatchrequestv1_expires_timestamp', '')) + api_tokenpatchrequestv1_label = str(args.get('api_tokenpatchrequestv1_label', '')) + api_tokenpatchrequestv1_revoked = argToBoolean(args.get('api_tokenpatchrequestv1_revoked', False)) + + response = client.tokensupdate_request(ids, api_tokenpatchrequestv1_expires_timestamp, + api_tokenpatchrequestv1_label, api_tokenpatchrequestv1_revoked) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def trigger_scan_command(client, args): + scan_type = str(args.get('scan_type', 'dry-run')) + + response = client.trigger_scan_request(scan_type) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_actionv1_command(client, args): + domain_updateactionrequest_frequency = str(args.get('domain_updateactionrequest_frequency', '')) + domain_updateactionrequest_id = str(args.get('domain_updateactionrequest_id', '')) + domain_updateactionrequest_recipients = argToList(args.get('domain_updateactionrequest_recipients', [])) + domain_updateactionrequest_status = str(args.get('domain_updateactionrequest_status', '')) + + response = client.update_actionv1_request(domain_updateactionrequest_frequency, domain_updateactionrequest_id, + domain_updateactionrequest_recipients, domain_updateactionrequest_status) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainActionEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_detects_by_idsv2_command(client, args): + domain_detectsentitiespatchrequest_assigned_to_uuid = str(args.get('domain_detectsentitiespatchrequest_assigned_to_uuid', '')) + domain_detectsentitiespatchrequest_comment = str(args.get('domain_detectsentitiespatchrequest_comment', '')) + domain_detectsentitiespatchrequest_ids = argToList(args.get('domain_detectsentitiespatchrequest_ids', [])) + domain_detectsentitiespatchrequest_show_in_ui = argToBoolean(args.get('domain_detectsentitiespatchrequest_show_in_ui', False)) + domain_detectsentitiespatchrequest_status = str(args.get('domain_detectsentitiespatchrequest_status', '')) + + response = client.update_detects_by_idsv2_request(domain_detectsentitiespatchrequest_assigned_to_uuid, domain_detectsentitiespatchrequest_comment, + domain_detectsentitiespatchrequest_ids, domain_detectsentitiespatchrequest_show_in_ui, domain_detectsentitiespatchrequest_status) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_device_control_policies_command(client, args): + requests_updatedevicecontrolpoliciesv1_resources = argToList(args.get('requests_updatedevicecontrolpoliciesv1_resources', [])) + + response = client.update_device_control_policies_request(requests_updatedevicecontrolpoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesDeviceControlPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_device_tags_command(client, args): + domain_updatedevicetagsrequestv1_action = str(args.get('domain_updatedevicetagsrequestv1_action', '')) + domain_updatedevicetagsrequestv1_device_ids = argToList(args.get('domain_updatedevicetagsrequestv1_device_ids', [])) + domain_updatedevicetagsrequestv1_tags = argToList(args.get('domain_updatedevicetagsrequestv1_tags', [])) + + response = client.update_device_tags_request(domain_updatedevicetagsrequestv1_action, + domain_updatedevicetagsrequestv1_device_ids, domain_updatedevicetagsrequestv1_tags) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaEntitiesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_firewall_policies_command(client, args): + requests_updatefirewallpoliciesv1_resources = argToList(args.get('requests_updatefirewallpoliciesv1_resources', [])) + + response = client.update_firewall_policies_request(requests_updatefirewallpoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesFirewallPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_host_groups_command(client, args): + requests_updategroupsv1_resources = argToList(args.get('requests_updategroupsv1_resources', [])) + + response = client.update_host_groups_request(requests_updategroupsv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesHostGroupsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_notificationsv1_command(client, args): + domain_updatenotificationrequestv1_assigned_to_uuid = str(args.get('domain_updatenotificationrequestv1_assigned_to_uuid', '')) + domain_updatenotificationrequestv1_id = str(args.get('domain_updatenotificationrequestv1_id', '')) + domain_updatenotificationrequestv1_status = str(args.get('domain_updatenotificationrequestv1_status', '')) + + response = client.update_notificationsv1_request( + domain_updatenotificationrequestv1_assigned_to_uuid, domain_updatenotificationrequestv1_id, domain_updatenotificationrequestv1_status) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainNotificationEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_prevention_policies_command(client, args): + requests_updatepreventionpoliciesv1_resources = argToList(args.get('requests_updatepreventionpoliciesv1_resources', [])) + + response = client.update_prevention_policies_request(requests_updatepreventionpoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesPreventionPoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_rulesv1_command(client, args): + domain_updaterulerequestv1_filter = str(args.get('domain_updaterulerequestv1_filter', '')) + domain_updaterulerequestv1_id = str(args.get('domain_updaterulerequestv1_id', '')) + domain_updaterulerequestv1_name = str(args.get('domain_updaterulerequestv1_name', '')) + domain_updaterulerequestv1_permissions = str(args.get('domain_updaterulerequestv1_permissions', '')) + domain_updaterulerequestv1_priority = str(args.get('domain_updaterulerequestv1_priority', '')) + + response = client.update_rulesv1_request(domain_updaterulerequestv1_filter, domain_updaterulerequestv1_id, + domain_updaterulerequestv1_name, domain_updaterulerequestv1_permissions, domain_updaterulerequestv1_priority) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainRulesEntitiesResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_sensor_update_policies_command(client, args): + requests_updatesensorupdatepoliciesv1_resources = argToList(args.get('requests_updatesensorupdatepoliciesv1_resources', [])) + + response = client.update_sensor_update_policies_request(requests_updatesensorupdatepoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdatePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_sensor_update_policiesv2_command(client, args): + requests_updatesensorupdatepoliciesv2_resources = argToList(args.get('requests_updatesensorupdatepoliciesv2_resources', [])) + + response = client.update_sensor_update_policiesv2_request(requests_updatesensorupdatepoliciesv2_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSensorUpdatePoliciesV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_sensor_visibility_exclusionsv1_command(client, args): + requests_svexclusionupdatereqv1_comment = str(args.get('requests_svexclusionupdatereqv1_comment', '')) + requests_svexclusionupdatereqv1_groups = argToList(args.get('requests_svexclusionupdatereqv1_groups', [])) + requests_svexclusionupdatereqv1_id = str(args.get('requests_svexclusionupdatereqv1_id', '')) + requests_svexclusionupdatereqv1_value = str(args.get('requests_svexclusionupdatereqv1_value', '')) + + response = client.update_sensor_visibility_exclusionsv1_request( + requests_svexclusionupdatereqv1_comment, requests_svexclusionupdatereqv1_groups, requests_svexclusionupdatereqv1_id, requests_svexclusionupdatereqv1_value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesSvExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_user_command(client, args): + user_uuid = str(args.get('user_uuid', '')) + domain_updateuserfields_firstname = str(args.get('domain_updateuserfields_firstname', '')) + domain_updateuserfields_lastname = str(args.get('domain_updateuserfields_lastname', '')) + + response = client.update_user_request(user_uuid, domain_updateuserfields_firstname, domain_updateuserfields_lastname) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserMetaDataResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def update_user_groups_command(client, args): + domain_usergroupsrequestv1_resources = argToList(args.get('domain_usergroupsrequestv1_resources', [])) + + response = client.update_user_groups_request(domain_usergroupsrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainUserGroupsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updateaws_account_command(client, args): + ids = argToList(args.get('ids', [])) + region = str(args.get('region', '')) + + response = client.updateaws_account_request(ids, region) + command_results = CommandResults( + outputs_prefix='CrowdStrike.msaBaseEntitiesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updateaws_accounts_command(client, args): + models_updateawsaccountsv1_resources = argToList(args.get('models_updateawsaccountsv1_resources', [])) + + response = client.updateaws_accounts_request(models_updateawsaccountsv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.modelsAWSAccountsV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updatecid_groups_command(client, args): + domain_cidgroupsrequestv1_resources = argToList(args.get('domain_cidgroupsrequestv1_resources', [])) + + response = client.updatecid_groups_request(domain_cidgroupsrequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.domainCIDGroupsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updatecspm_azure_tenant_default_subscriptionid_command(client, args): + tenant_id = str(args.get('tenant_id', '')) + subscription_id = str(args.get('subscription_id', '')) + + response = client.updatecspm_azure_tenant_default_subscriptionid_request(tenant_id, subscription_id) + command_results = CommandResults( + outputs_prefix='CrowdStrike', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updatecspm_policy_settings_command(client, args): + registration_policyrequestextv1_resources = argToList(args.get('registration_policyrequestextv1_resources', [])) + + response = client.updatecspm_policy_settings_request(registration_policyrequestextv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationPolicySettingsResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updatecspm_scan_schedule_command(client, args): + registration_scanscheduleupdaterequestv1_resources = argToList( + args.get('registration_scanscheduleupdaterequestv1_resources', [])) + + response = client.updatecspm_scan_schedule_request(registration_scanscheduleupdaterequestv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.registrationScanScheduleResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updateioa_exclusionsv1_command(client, args): + requests_ioaexclusionupdatereqv1_cl_regex = str(args.get('requests_ioaexclusionupdatereqv1_cl_regex', '')) + requests_ioaexclusionupdatereqv1_comment = str(args.get('requests_ioaexclusionupdatereqv1_comment', '')) + requests_ioaexclusionupdatereqv1_description = str(args.get('requests_ioaexclusionupdatereqv1_description', '')) + requests_ioaexclusionupdatereqv1_detection_json = str(args.get('requests_ioaexclusionupdatereqv1_detection_json', '')) + requests_ioaexclusionupdatereqv1_groups = argToList(args.get('requests_ioaexclusionupdatereqv1_groups', [])) + requests_ioaexclusionupdatereqv1_id = str(args.get('requests_ioaexclusionupdatereqv1_id', '')) + requests_ioaexclusionupdatereqv1_ifn_regex = str(args.get('requests_ioaexclusionupdatereqv1_ifn_regex', '')) + requests_ioaexclusionupdatereqv1_name = str(args.get('requests_ioaexclusionupdatereqv1_name', '')) + requests_ioaexclusionupdatereqv1_pattern_id = str(args.get('requests_ioaexclusionupdatereqv1_pattern_id', '')) + requests_ioaexclusionupdatereqv1_pattern_name = str(args.get('requests_ioaexclusionupdatereqv1_pattern_name', '')) + + response = client.updateioa_exclusionsv1_request(requests_ioaexclusionupdatereqv1_cl_regex, requests_ioaexclusionupdatereqv1_comment, requests_ioaexclusionupdatereqv1_description, requests_ioaexclusionupdatereqv1_detection_json, + requests_ioaexclusionupdatereqv1_groups, requests_ioaexclusionupdatereqv1_id, requests_ioaexclusionupdatereqv1_ifn_regex, requests_ioaexclusionupdatereqv1_name, requests_ioaexclusionupdatereqv1_pattern_id, requests_ioaexclusionupdatereqv1_pattern_name) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesIoaExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updateioc_command(client, args): + api_iocviewrecord_batch_id = str(args.get('api_iocviewrecord_batch_id', '')) + api_iocviewrecord_created_by = str(args.get('api_iocviewrecord_created_by', '')) + api_iocviewrecord_created_timestamp = str(args.get('api_iocviewrecord_created_timestamp', '')) + api_iocviewrecord_description = str(args.get('api_iocviewrecord_description', '')) + api_iocviewrecord_expiration_days = args.get('api_iocviewrecord_expiration_days', None) + api_iocviewrecord_expiration_timestamp = str(args.get('api_iocviewrecord_expiration_timestamp', '')) + api_iocviewrecord_modified_by = str(args.get('api_iocviewrecord_modified_by', '')) + api_iocviewrecord_modified_timestamp = str(args.get('api_iocviewrecord_modified_timestamp', '')) + api_iocviewrecord_policy = str(args.get('api_iocviewrecord_policy', '')) + api_iocviewrecord_share_level = str(args.get('api_iocviewrecord_share_level', '')) + api_iocviewrecord_source = str(args.get('api_iocviewrecord_source', '')) + api_iocviewrecord_type = str(args.get('api_iocviewrecord_type', '')) + api_iocviewrecord_value = str(args.get('api_iocviewrecord_value', '')) + type_ = str(args.get('type_', '')) + value = str(args.get('value', '')) + + response = client.updateioc_request(api_iocviewrecord_batch_id, api_iocviewrecord_created_by, api_iocviewrecord_created_timestamp, api_iocviewrecord_description, api_iocviewrecord_expiration_days, api_iocviewrecord_expiration_timestamp, + api_iocviewrecord_modified_by, api_iocviewrecord_modified_timestamp, api_iocviewrecord_policy, api_iocviewrecord_share_level, api_iocviewrecord_source, api_iocviewrecord_type, api_iocviewrecord_value, type_, value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiMsaReplyIOC', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updateml_exclusionsv1_command(client, args): + requests_svexclusionupdatereqv1_comment = str(args.get('requests_svexclusionupdatereqv1_comment', '')) + requests_svexclusionupdatereqv1_groups = argToList(args.get('requests_svexclusionupdatereqv1_groups', [])) + requests_svexclusionupdatereqv1_id = str(args.get('requests_svexclusionupdatereqv1_id', '')) + requests_svexclusionupdatereqv1_value = str(args.get('requests_svexclusionupdatereqv1_value', '')) + + response = client.updateml_exclusionsv1_request( + requests_svexclusionupdatereqv1_comment, requests_svexclusionupdatereqv1_groups, requests_svexclusionupdatereqv1_id, requests_svexclusionupdatereqv1_value) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesMlExclusionRespV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updatepolicycontainer_command(client, args): + fwmgr_api_policycontainerupsertrequestv1_default_inbound = str( + args.get('fwmgr_api_policycontainerupsertrequestv1_default_inbound', '')) + fwmgr_api_policycontainerupsertrequestv1_default_outbound = str( + args.get('fwmgr_api_policycontainerupsertrequestv1_default_outbound', '')) + fwmgr_api_policycontainerupsertrequestv1_enforce = argToBoolean( + args.get('fwmgr_api_policycontainerupsertrequestv1_enforce', False)) + fwmgr_api_policycontainerupsertrequestv1_is_default_policy = argToBoolean( + args.get('fwmgr_api_policycontainerupsertrequestv1_is_default_policy', False)) + fwmgr_api_policycontainerupsertrequestv1_platform_id = str( + args.get('fwmgr_api_policycontainerupsertrequestv1_platform_id', '')) + fwmgr_api_policycontainerupsertrequestv1_policy_id = str(args.get('fwmgr_api_policycontainerupsertrequestv1_policy_id', '')) + fwmgr_api_policycontainerupsertrequestv1_rule_group_ids = argToList( + args.get('fwmgr_api_policycontainerupsertrequestv1_rule_group_ids', [])) + fwmgr_api_policycontainerupsertrequestv1_test_mode = argToBoolean( + args.get('fwmgr_api_policycontainerupsertrequestv1_test_mode', False)) + fwmgr_api_policycontainerupsertrequestv1_tracking = str(args.get('fwmgr_api_policycontainerupsertrequestv1_tracking', '')) + + response = client.updatepolicycontainer_request(fwmgr_api_policycontainerupsertrequestv1_default_inbound, fwmgr_api_policycontainerupsertrequestv1_default_outbound, fwmgr_api_policycontainerupsertrequestv1_enforce, fwmgr_api_policycontainerupsertrequestv1_is_default_policy, + fwmgr_api_policycontainerupsertrequestv1_platform_id, fwmgr_api_policycontainerupsertrequestv1_policy_id, fwmgr_api_policycontainerupsertrequestv1_rule_group_ids, fwmgr_api_policycontainerupsertrequestv1_test_mode, fwmgr_api_policycontainerupsertrequestv1_tracking) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrmsaReplyMetaOnly', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updatert_response_policies_command(client, args): + requests_updatertresponsepoliciesv1_resources = argToList(args.get('requests_updatertresponsepoliciesv1_resources', [])) + + response = client.updatert_response_policies_request(requests_updatertresponsepoliciesv1_resources) + command_results = CommandResults( + outputs_prefix='CrowdStrike.responsesRTResponsePoliciesV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updaterulegroup_command(client, args): + comment = str(args.get('comment', '')) + fwmgr_api_rulegroupmodifyrequestv1_diff_operations = argToList( + args.get('fwmgr_api_rulegroupmodifyrequestv1_diff_operations', [])) + fwmgr_api_rulegroupmodifyrequestv1_diff_type = str(args.get('fwmgr_api_rulegroupmodifyrequestv1_diff_type', '')) + fwmgr_api_rulegroupmodifyrequestv1_id = str(args.get('fwmgr_api_rulegroupmodifyrequestv1_id', '')) + fwmgr_api_rulegroupmodifyrequestv1_rule_ids = argToList(args.get('fwmgr_api_rulegroupmodifyrequestv1_rule_ids', [])) + fwmgr_api_rulegroupmodifyrequestv1_rule_versions = argToList(args.get('fwmgr_api_rulegroupmodifyrequestv1_rule_versions', [])) + fwmgr_api_rulegroupmodifyrequestv1_tracking = str(args.get('fwmgr_api_rulegroupmodifyrequestv1_tracking', '')) + + response = client.updaterulegroup_request(comment, fwmgr_api_rulegroupmodifyrequestv1_diff_operations, fwmgr_api_rulegroupmodifyrequestv1_diff_type, fwmgr_api_rulegroupmodifyrequestv1_id, + fwmgr_api_rulegroupmodifyrequestv1_rule_ids, fwmgr_api_rulegroupmodifyrequestv1_rule_versions, fwmgr_api_rulegroupmodifyrequestv1_tracking) + command_results = CommandResults( + outputs_prefix='CrowdStrike.fwmgrapiQueryResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updaterulegroup_mixin0_command(client, args): + api_rulegroupmodifyrequestv1_comment = str(args.get('api_rulegroupmodifyrequestv1_comment', '')) + api_rulegroupmodifyrequestv1_description = str(args.get('api_rulegroupmodifyrequestv1_description', '')) + api_rulegroupmodifyrequestv1_enabled = argToBoolean(args.get('api_rulegroupmodifyrequestv1_enabled', False)) + api_rulegroupmodifyrequestv1_id = str(args.get('api_rulegroupmodifyrequestv1_id', '')) + api_rulegroupmodifyrequestv1_name = str(args.get('api_rulegroupmodifyrequestv1_name', '')) + api_rulegroupmodifyrequestv1_rulegroup_version = args.get('api_rulegroupmodifyrequestv1_rulegroup_version', None) + + response = client.updaterulegroup_mixin0_request(api_rulegroupmodifyrequestv1_comment, api_rulegroupmodifyrequestv1_description, api_rulegroupmodifyrequestv1_enabled, + api_rulegroupmodifyrequestv1_id, api_rulegroupmodifyrequestv1_name, api_rulegroupmodifyrequestv1_rulegroup_version) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiRuleGroupsResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def updaterules_command(client, args): + api_ruleupdatesrequestv1_comment = str(args.get('api_ruleupdatesrequestv1_comment', '')) + api_ruleupdatesrequestv1_rule_updates = argToList(args.get('api_ruleupdatesrequestv1_rule_updates', [])) + api_ruleupdatesrequestv1_rulegroup_id = str(args.get('api_ruleupdatesrequestv1_rulegroup_id', '')) + api_ruleupdatesrequestv1_rulegroup_version = args.get('api_ruleupdatesrequestv1_rulegroup_version', None) + + response = client.updaterules_request(api_ruleupdatesrequestv1_comment, api_ruleupdatesrequestv1_rule_updates, + api_ruleupdatesrequestv1_rulegroup_id, api_ruleupdatesrequestv1_rulegroup_version) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiRulesResponse', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def upload_samplev2_command(client, args): + body = argToList(args.get('body', [])) + upfile = str(args.get('upfile', '')) + file_name = str(args.get('file_name', '')) + comment = str(args.get('comment', '')) + is_confidential = argToBoolean(args.get('is_confidential', False)) + + response = client.upload_samplev2_request(body, upfile, file_name, comment, is_confidential) + command_results = CommandResults( + outputs_prefix='CrowdStrike.samplestoreSampleMetadataResponseV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def upload_samplev3_command(client, args): + body = argToList(args.get('body', [])) + upfile = str(args.get('upfile', '')) + file_name = str(args.get('file_name', '')) + comment = str(args.get('comment', '')) + is_confidential = argToBoolean(args.get('is_confidential', False)) + + response = client.upload_samplev3_request(body, upfile, file_name, comment, is_confidential) + command_results = CommandResults( + outputs_prefix='CrowdStrike.samplestoreSampleMetadataResponseV2', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def validate_command(client, args): + api_validationrequestv1_fields = argToList(args.get('api_validationrequestv1_fields', [])) + + response = client.validate_request(api_validationrequestv1_fields) + command_results = CommandResults( + outputs_prefix='CrowdStrike.apiValidationResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def verifyaws_account_access_command(client, args): + ids = argToList(args.get('ids', [])) + + response = client.verifyaws_account_access_request(ids) + command_results = CommandResults( + outputs_prefix='CrowdStrike.modelsVerifyAccessResponseV1', + outputs_key_field='', + outputs=response, + raw_response=response + ) + + return command_results + + +def test_module(client): + # Test functions here + return_results('ok') + + +def main(): + + params = demisto.params() + args = demisto.args() + + command = demisto.command() + demisto.debug(f'Command being called is {command}') + + try: + requests.packages.urllib3.disable_warnings() + client = Client(params) + + commands = { + 'cs-add-role': add_role_command, + 'cs-add-user-group-members': add_user_group_members_command, + 'cs-addcid-group-members': addcid_group_members_command, + 'cs-aggregate-allow-list': aggregate_allow_list_command, + 'cs-aggregate-block-list': aggregate_block_list_command, + 'cs-aggregate-detections': aggregate_detections_command, + 'cs-aggregate-device-count-collection': aggregate_device_count_collection_command, + 'cs-aggregate-escalations': aggregate_escalations_command, + 'cs-aggregate-notificationsv1': aggregate_notificationsv1_command, + 'cs-aggregate-remediations': aggregate_remediations_command, + 'cs-aggregateevents': aggregateevents_command, + 'cs-aggregatefc-incidents': aggregatefc_incidents_command, + 'cs-aggregatepolicyrules': aggregatepolicyrules_command, + 'cs-aggregaterulegroups': aggregaterulegroups_command, + 'cs-aggregaterules': aggregaterules_command, + 'cs-aggregates-detections-global-counts': aggregates_detections_global_counts_command, + 'cs-aggregates-events': aggregates_events_command, + 'cs-aggregates-events-collections': aggregates_events_collections_command, + 'cs-aggregates-incidents-global-counts': aggregates_incidents_global_counts_command, + 'cs-aggregatesow-events-global-counts': aggregatesow_events_global_counts_command, + 'cs-apipreemptproxypostgraphql': apipreemptproxypostgraphql_command, + 'cs-auditeventsquery': auditeventsquery_command, + 'cs-auditeventsread': auditeventsread_command, + 'cs-batch-active-responder-cmd': batch_active_responder_cmd_command, + 'cs-batch-admin-cmd': batch_admin_cmd_command, + 'cs-batch-cmd': batch_cmd_command, + 'cs-batch-get-cmd': batch_get_cmd_command, + 'cs-batch-get-cmd-status': batch_get_cmd_status_command, + 'cs-batch-init-sessions': batch_init_sessions_command, + 'cs-batch-refresh-sessions': batch_refresh_sessions_command, + 'cs-create-actionsv1': create_actionsv1_command, + 'cs-create-device-control-policies': create_device_control_policies_command, + 'cs-create-firewall-policies': create_firewall_policies_command, + 'cs-create-host-groups': create_host_groups_command, + 'cs-create-or-updateaws-settings': create_or_updateaws_settings_command, + 'cs-create-prevention-policies': create_prevention_policies_command, + 'cs-create-rulesv1': create_rulesv1_command, + 'cs-create-sensor-update-policies': create_sensor_update_policies_command, + 'cs-create-sensor-update-policiesv2': create_sensor_update_policiesv2_command, + 'cs-create-user': create_user_command, + 'cs-create-user-groups': create_user_groups_command, + 'cs-createaws-account': createaws_account_command, + 'cs-createcid-groups': createcid_groups_command, + 'cs-createcspm-aws-account': createcspm_aws_account_command, + 'cs-createcspmgcp-account': createcspmgcp_account_command, + 'cs-createioc': createioc_command, + 'cs-createml-exclusionsv1': createml_exclusionsv1_command, + 'cs-creatert-response-policies': creatert_response_policies_command, + 'cs-createrule': createrule_command, + 'cs-createrulegroup': createrulegroup_command, + 'cs-createrulegroup-mixin0': createrulegroup_mixin0_command, + 'cs-createsv-exclusionsv1': createsv_exclusionsv1_command, + 'cs-crowd-score': crowd_score_command, + 'cs-customersettingsread': customersettingsread_command, + 'cs-delete-actionv1': delete_actionv1_command, + 'cs-delete-device-control-policies': delete_device_control_policies_command, + 'cs-delete-firewall-policies': delete_firewall_policies_command, + 'cs-delete-host-groups': delete_host_groups_command, + 'cs-delete-notificationsv1': delete_notificationsv1_command, + 'cs-delete-prevention-policies': delete_prevention_policies_command, + 'cs-delete-report': delete_report_command, + 'cs-delete-rulesv1': delete_rulesv1_command, + 'cs-delete-samplev2': delete_samplev2_command, + 'cs-delete-samplev3': delete_samplev3_command, + 'cs-delete-sensor-update-policies': delete_sensor_update_policies_command, + 'cs-delete-sensor-visibility-exclusionsv1': delete_sensor_visibility_exclusionsv1_command, + 'cs-delete-user': delete_user_command, + 'cs-delete-user-group-members': delete_user_group_members_command, + 'cs-delete-user-groups': delete_user_groups_command, + 'cs-deleteaws-accounts': deleteaws_accounts_command, + 'cs-deleteaws-accounts-mixin0': deleteaws_accounts_mixin0_command, + 'cs-deletecid-group-members': deletecid_group_members_command, + 'cs-deletecid-groups': deletecid_groups_command, + 'cs-deletecspm-aws-account': deletecspm_aws_account_command, + 'cs-deletecspm-azure-account': deletecspm_azure_account_command, + 'cs-deleted-roles': deleted_roles_command, + 'cs-deleteioa-exclusionsv1': deleteioa_exclusionsv1_command, + 'cs-deleteioc': deleteioc_command, + 'cs-deleteml-exclusionsv1': deleteml_exclusionsv1_command, + 'cs-deletert-response-policies': deletert_response_policies_command, + 'cs-deleterulegroups': deleterulegroups_command, + 'cs-deleterulegroups-mixin0': deleterulegroups_mixin0_command, + 'cs-deleterules': deleterules_command, + 'cs-devices-count': devices_count_command, + 'cs-devices-ran-on': devices_ran_on_command, + 'cs-download-sensor-installer-by-id': download_sensor_installer_by_id_command, + 'cs-entitiesprocesses': entitiesprocesses_command, + 'cs-get-actionsv1': get_actionsv1_command, + 'cs-get-aggregate-detects': get_aggregate_detects_command, + 'cs-get-artifacts': get_artifacts_command, + 'cs-get-assessmentv1': get_assessmentv1_command, + 'cs-get-available-role-ids': get_available_role_ids_command, + 'cs-get-behaviors': get_behaviors_command, + 'cs-get-children': get_children_command, + 'cs-get-cloudconnectazure-entities-account-v1': get_cloudconnectazure_entities_account_v1_command, + 'cs-get-cloudconnectazure-entities-userscriptsdownload-v1': get_cloudconnectazure_entities_userscriptsdownload_v1_command, + 'cs-get-cloudconnectcspmazure-entities-account-v1': get_cloudconnectcspmazure_entities_account_v1_command, + 'cs-get-cloudconnectcspmazure-entities-userscriptsdownload-v1': get_cloudconnectcspmazure_entities_userscriptsdownload_v1_command, + 'cs-get-clusters': get_clusters_command, + 'cs-get-combined-sensor-installers-by-query': get_combined_sensor_installers_by_query_command, + 'cs-get-detect-summaries': get_detect_summaries_command, + 'cs-get-device-control-policies': get_device_control_policies_command, + 'cs-get-device-count-collection-queries-by-filter': get_device_count_collection_queries_by_filter_command, + 'cs-get-device-details': get_device_details_command, + 'cs-get-firewall-policies': get_firewall_policies_command, + 'cs-get-helm-values-yaml': get_helm_values_yaml_command, + 'cs-get-host-groups': get_host_groups_command, + 'cs-get-incidents': get_incidents_command, + 'cs-get-intel-actor-entities': get_intel_actor_entities_command, + 'cs-get-intel-indicator-entities': get_intel_indicator_entities_command, + 'cs-get-intel-report-entities': get_intel_report_entities_command, + 'cs-get-intel-reportpdf': get_intel_reportpdf_command, + 'cs-get-intel-rule-entities': get_intel_rule_entities_command, + 'cs-get-intel-rule-file': get_intel_rule_file_command, + 'cs-get-latest-intel-rule-file': get_latest_intel_rule_file_command, + 'cs-get-locations': get_locations_command, + 'cs-get-mal-query-downloadv1': get_mal_query_downloadv1_command, + 'cs-get-mal-query-entities-samples-fetchv1': get_mal_query_entities_samples_fetchv1_command, + 'cs-get-mal-query-metadatav1': get_mal_query_metadatav1_command, + 'cs-get-mal-query-quotasv1': get_mal_query_quotasv1_command, + 'cs-get-mal-query-requestv1': get_mal_query_requestv1_command, + 'cs-get-notifications-detailed-translatedv1': get_notifications_detailed_translatedv1_command, + 'cs-get-notifications-detailedv1': get_notifications_detailedv1_command, + 'cs-get-notifications-translatedv1': get_notifications_translatedv1_command, + 'cs-get-notificationsv1': get_notificationsv1_command, + 'cs-get-prevention-policies': get_prevention_policies_command, + 'cs-get-reports': get_reports_command, + 'cs-get-roles': get_roles_command, + 'cs-get-roles-byid': get_roles_byid_command, + 'cs-get-rulesv1': get_rulesv1_command, + 'cs-get-samplev2': get_samplev2_command, + 'cs-get-samplev3': get_samplev3_command, + 'cs-get-scans': get_scans_command, + 'cs-get-scans-aggregates': get_scans_aggregates_command, + 'cs-get-sensor-installers-by-query': get_sensor_installers_by_query_command, + 'cs-get-sensor-installers-entities': get_sensor_installers_entities_command, + 'cs-get-sensor-installersccid-by-query': get_sensor_installersccid_by_query_command, + 'cs-get-sensor-update-policies': get_sensor_update_policies_command, + 'cs-get-sensor-update-policiesv2': get_sensor_update_policiesv2_command, + 'cs-get-sensor-visibility-exclusionsv1': get_sensor_visibility_exclusionsv1_command, + 'cs-get-submissions': get_submissions_command, + 'cs-get-summary-reports': get_summary_reports_command, + 'cs-get-user-group-members-byid': get_user_group_members_byid_command, + 'cs-get-user-groups-byid': get_user_groups_byid_command, + 'cs-get-user-role-ids': get_user_role_ids_command, + 'cs-get-vulnerabilities': get_vulnerabilities_command, + 'cs-getaws-accounts': getaws_accounts_command, + 'cs-getaws-accounts-mixin0': getaws_accounts_mixin0_command, + 'cs-getaws-settings': getaws_settings_command, + 'cs-getcid-group-by-id': getcid_group_by_id_command, + 'cs-getcid-group-members-by': getcid_group_members_by_command, + 'cs-getcspm-aws-account': getcspm_aws_account_command, + 'cs-getcspm-aws-account-scripts-attachment': getcspm_aws_account_scripts_attachment_command, + 'cs-getcspm-aws-console-setupur-ls': getcspm_aws_console_setupur_ls_command, + 'cs-getcspm-azure-user-scripts': getcspm_azure_user_scripts_command, + 'cs-getcspm-policy': getcspm_policy_command, + 'cs-getcspm-policy-settings': getcspm_policy_settings_command, + 'cs-getcspm-scan-schedule': getcspm_scan_schedule_command, + 'cs-getcspmcgp-account': getcspmcgp_account_command, + 'cs-getcspmgcp-user-scripts': getcspmgcp_user_scripts_command, + 'cs-getcspmgcp-user-scripts-attachment': getcspmgcp_user_scripts_attachment_command, + 'cs-getevents': getevents_command, + 'cs-getfirewallfields': getfirewallfields_command, + 'cs-getioa-events': getioa_events_command, + 'cs-getioa-exclusionsv1': getioa_exclusionsv1_command, + 'cs-getioa-users': getioa_users_command, + 'cs-getioc': getioc_command, + 'cs-getml-exclusionsv1': getml_exclusionsv1_command, + 'cs-getpatterns': getpatterns_command, + 'cs-getplatforms': getplatforms_command, + 'cs-getplatforms-mixin0': getplatforms_mixin0_command, + 'cs-getpolicycontainers': getpolicycontainers_command, + 'cs-getrt-response-policies': getrt_response_policies_command, + 'cs-getrulegroups': getrulegroups_command, + 'cs-getrulegroups-mixin0': getrulegroups_mixin0_command, + 'cs-getrules': getrules_command, + 'cs-getrules-mixin0': getrules_mixin0_command, + 'cs-getrulesget': getrulesget_command, + 'cs-getruletypes': getruletypes_command, + 'cs-grant-user-role-ids': grant_user_role_ids_command, + 'cs-indicatorcombinedv1': indicatorcombinedv1_command, + 'cs-indicatorcreatev1': indicatorcreatev1_command, + 'cs-indicatordeletev1': indicatordeletev1_command, + 'cs-indicatorgetv1': indicatorgetv1_command, + 'cs-indicatorsearchv1': indicatorsearchv1_command, + 'cs-indicatorupdatev1': indicatorupdatev1_command, + 'cs-list-available-streamso-auth2': list_available_streamso_auth2_command, + 'cs-oauth2-access-token': oauth2_access_token_command, + 'cs-oauth2-revoke-token': oauth2_revoke_token_command, + 'cs-patch-cloudconnectazure-entities-clientid-v1': patch_cloudconnectazure_entities_clientid_v1_command, + 'cs-patch-cloudconnectcspmazure-entities-clientid-v1': patch_cloudconnectcspmazure_entities_clientid_v1_command, + 'cs-patchcspm-aws-account': patchcspm_aws_account_command, + 'cs-perform-actionv2': perform_actionv2_command, + 'cs-perform-device-control-policies-action': perform_device_control_policies_action_command, + 'cs-perform-firewall-policies-action': perform_firewall_policies_action_command, + 'cs-perform-group-action': perform_group_action_command, + 'cs-perform-incident-action': perform_incident_action_command, + 'cs-perform-prevention-policies-action': perform_prevention_policies_action_command, + 'cs-perform-sensor-update-policies-action': perform_sensor_update_policies_action_command, + 'cs-performrt-response-policies-action': performrt_response_policies_action_command, + 'cs-post-cloudconnectazure-entities-account-v1': post_cloudconnectazure_entities_account_v1_command, + 'cs-post-cloudconnectcspmazure-entities-account-v1': post_cloudconnectcspmazure_entities_account_v1_command, + 'cs-post-mal-query-entities-samples-multidownloadv1': post_mal_query_entities_samples_multidownloadv1_command, + 'cs-post-mal-query-exact-searchv1': post_mal_query_exact_searchv1_command, + 'cs-post-mal-query-fuzzy-searchv1': post_mal_query_fuzzy_searchv1_command, + 'cs-post-mal-query-huntv1': post_mal_query_huntv1_command, + 'cs-preview-rulev1': preview_rulev1_command, + 'cs-processes-ran-on': processes_ran_on_command, + 'cs-provisionaws-accounts': provisionaws_accounts_command, + 'cs-query-actionsv1': query_actionsv1_command, + 'cs-query-allow-list-filter': query_allow_list_filter_command, + 'cs-query-behaviors': query_behaviors_command, + 'cs-query-block-list-filter': query_block_list_filter_command, + 'cs-query-children': query_children_command, + 'cs-query-combined-device-control-policies': query_combined_device_control_policies_command, + 'cs-query-combined-device-control-policy-members': query_combined_device_control_policy_members_command, + 'cs-query-combined-firewall-policies': query_combined_firewall_policies_command, + 'cs-query-combined-firewall-policy-members': query_combined_firewall_policy_members_command, + 'cs-query-combined-group-members': query_combined_group_members_command, + 'cs-query-combined-host-groups': query_combined_host_groups_command, + 'cs-query-combined-prevention-policies': query_combined_prevention_policies_command, + 'cs-query-combined-prevention-policy-members': query_combined_prevention_policy_members_command, + 'cs-query-combined-sensor-update-builds': query_combined_sensor_update_builds_command, + 'cs-query-combined-sensor-update-policies': query_combined_sensor_update_policies_command, + 'cs-query-combined-sensor-update-policiesv2': query_combined_sensor_update_policiesv2_command, + 'cs-query-combined-sensor-update-policy-members': query_combined_sensor_update_policy_members_command, + 'cs-query-combinedrt-response-policies': query_combinedrt_response_policies_command, + 'cs-query-combinedrt-response-policy-members': query_combinedrt_response_policy_members_command, + 'cs-query-detection-ids-by-filter': query_detection_ids_by_filter_command, + 'cs-query-detects': query_detects_command, + 'cs-query-device-control-policies': query_device_control_policies_command, + 'cs-query-device-control-policy-members': query_device_control_policy_members_command, + 'cs-query-devices-by-filter': query_devices_by_filter_command, + 'cs-query-devices-by-filter-scroll': query_devices_by_filter_scroll_command, + 'cs-query-escalations-filter': query_escalations_filter_command, + 'cs-query-firewall-policies': query_firewall_policies_command, + 'cs-query-firewall-policy-members': query_firewall_policy_members_command, + 'cs-query-group-members': query_group_members_command, + 'cs-query-hidden-devices': query_hidden_devices_command, + 'cs-query-host-groups': query_host_groups_command, + 'cs-query-incident-ids-by-filter': query_incident_ids_by_filter_command, + 'cs-query-incidents': query_incidents_command, + 'cs-query-intel-actor-entities': query_intel_actor_entities_command, + 'cs-query-intel-actor-ids': query_intel_actor_ids_command, + 'cs-query-intel-indicator-entities': query_intel_indicator_entities_command, + 'cs-query-intel-indicator-ids': query_intel_indicator_ids_command, + 'cs-query-intel-report-entities': query_intel_report_entities_command, + 'cs-query-intel-report-ids': query_intel_report_ids_command, + 'cs-query-intel-rule-ids': query_intel_rule_ids_command, + 'cs-query-notificationsv1': query_notificationsv1_command, + 'cs-query-prevention-policies': query_prevention_policies_command, + 'cs-query-prevention-policy-members': query_prevention_policy_members_command, + 'cs-query-remediations-filter': query_remediations_filter_command, + 'cs-query-reports': query_reports_command, + 'cs-query-roles': query_roles_command, + 'cs-query-rulesv1': query_rulesv1_command, + 'cs-query-samplev1': query_samplev1_command, + 'cs-query-sensor-update-policies': query_sensor_update_policies_command, + 'cs-query-sensor-update-policy-members': query_sensor_update_policy_members_command, + 'cs-query-sensor-visibility-exclusionsv1': query_sensor_visibility_exclusionsv1_command, + 'cs-query-submissions': query_submissions_command, + 'cs-query-submissions-mixin0': query_submissions_mixin0_command, + 'cs-query-user-group-members': query_user_group_members_command, + 'cs-query-user-groups': query_user_groups_command, + 'cs-query-vulnerabilities': query_vulnerabilities_command, + 'cs-queryaws-accounts': queryaws_accounts_command, + 'cs-queryaws-accounts-fori-ds': queryaws_accounts_fori_ds_command, + 'cs-querycid-group-members': querycid_group_members_command, + 'cs-querycid-groups': querycid_groups_command, + 'cs-queryevents': queryevents_command, + 'cs-queryfirewallfields': queryfirewallfields_command, + 'cs-queryio-cs': queryio_cs_command, + 'cs-queryioa-exclusionsv1': queryioa_exclusionsv1_command, + 'cs-queryml-exclusionsv1': queryml_exclusionsv1_command, + 'cs-querypatterns': querypatterns_command, + 'cs-queryplatforms': queryplatforms_command, + 'cs-queryplatforms-mixin0': queryplatforms_mixin0_command, + 'cs-querypolicyrules': querypolicyrules_command, + 'cs-queryrt-response-policies': queryrt_response_policies_command, + 'cs-queryrt-response-policy-members': queryrt_response_policy_members_command, + 'cs-queryrulegroups': queryrulegroups_command, + 'cs-queryrulegroups-mixin0': queryrulegroups_mixin0_command, + 'cs-queryrulegroupsfull': queryrulegroupsfull_command, + 'cs-queryrules': queryrules_command, + 'cs-queryrules-mixin0': queryrules_mixin0_command, + 'cs-queryruletypes': queryruletypes_command, + 'cs-refresh-active-stream-session': refresh_active_stream_session_command, + 'cs-regenerateapi-key': regenerateapi_key_command, + 'cs-retrieve-emails-bycid': retrieve_emails_bycid_command, + 'cs-retrieve-user': retrieve_user_command, + 'cs-retrieve-useruui-ds-bycid': retrieve_useruui_ds_bycid_command, + 'cs-retrieve-useruuid': retrieve_useruuid_command, + 'cs-reveal-uninstall-token': reveal_uninstall_token_command, + 'cs-revoke-user-role-ids': revoke_user_role_ids_command, + 'cs-rtr-aggregate-sessions': rtr_aggregate_sessions_command, + 'cs-rtr-check-active-responder-command-status': rtr_check_active_responder_command_status_command, + 'cs-rtr-check-admin-command-status': rtr_check_admin_command_status_command, + 'cs-rtr-check-command-status': rtr_check_command_status_command, + 'cs-rtr-create-put-files': rtr_create_put_files_command, + 'cs-rtr-create-scripts': rtr_create_scripts_command, + 'cs-rtr-delete-file': rtr_delete_file_command, + 'cs-rtr-delete-put-files': rtr_delete_put_files_command, + 'cs-rtr-delete-queued-session': rtr_delete_queued_session_command, + 'cs-rtr-delete-scripts': rtr_delete_scripts_command, + 'cs-rtr-delete-session': rtr_delete_session_command, + 'cs-rtr-execute-active-responder-command': rtr_execute_active_responder_command_command, + 'cs-rtr-execute-admin-command': rtr_execute_admin_command_command, + 'cs-rtr-execute-command': rtr_execute_command_command, + 'cs-rtr-get-extracted-file-contents': rtr_get_extracted_file_contents_command, + 'cs-rtr-get-put-files': rtr_get_put_files_command, + 'cs-rtr-get-scripts': rtr_get_scripts_command, + 'cs-rtr-init-session': rtr_init_session_command, + 'cs-rtr-list-all-sessions': rtr_list_all_sessions_command, + 'cs-rtr-list-files': rtr_list_files_command, + 'cs-rtr-list-put-files': rtr_list_put_files_command, + 'cs-rtr-list-queued-sessions': rtr_list_queued_sessions_command, + 'cs-rtr-list-scripts': rtr_list_scripts_command, + 'cs-rtr-list-sessions': rtr_list_sessions_command, + 'cs-rtr-pulse-session': rtr_pulse_session_command, + 'cs-rtr-update-scripts': rtr_update_scripts_command, + 'cs-scan-samples': scan_samples_command, + 'cs-set-device-control-policies-precedence': set_device_control_policies_precedence_command, + 'cs-set-firewall-policies-precedence': set_firewall_policies_precedence_command, + 'cs-set-prevention-policies-precedence': set_prevention_policies_precedence_command, + 'cs-set-sensor-update-policies-precedence': set_sensor_update_policies_precedence_command, + 'cs-setrt-response-policies-precedence': setrt_response_policies_precedence_command, + 'cs-submit': submit_command, + 'cs-tokenscreate': tokenscreate_command, + 'cs-tokensdelete': tokensdelete_command, + 'cs-tokensquery': tokensquery_command, + 'cs-tokensread': tokensread_command, + 'cs-tokensupdate': tokensupdate_command, + 'cs-trigger-scan': trigger_scan_command, + 'cs-update-actionv1': update_actionv1_command, + 'cs-update-detects-by-idsv2': update_detects_by_idsv2_command, + 'cs-update-device-control-policies': update_device_control_policies_command, + 'cs-update-device-tags': update_device_tags_command, + 'cs-update-firewall-policies': update_firewall_policies_command, + 'cs-update-host-groups': update_host_groups_command, + 'cs-update-notificationsv1': update_notificationsv1_command, + 'cs-update-prevention-policies': update_prevention_policies_command, + 'cs-update-rulesv1': update_rulesv1_command, + 'cs-update-sensor-update-policies': update_sensor_update_policies_command, + 'cs-update-sensor-update-policiesv2': update_sensor_update_policiesv2_command, + 'cs-update-sensor-visibility-exclusionsv1': update_sensor_visibility_exclusionsv1_command, + 'cs-update-user': update_user_command, + 'cs-update-user-groups': update_user_groups_command, + 'cs-updateaws-account': updateaws_account_command, + 'cs-updateaws-accounts': updateaws_accounts_command, + 'cs-updatecid-groups': updatecid_groups_command, + 'cs-updatecspm-azure-tenant-default-subscriptionid': updatecspm_azure_tenant_default_subscriptionid_command, + 'cs-updatecspm-policy-settings': updatecspm_policy_settings_command, + 'cs-updatecspm-scan-schedule': updatecspm_scan_schedule_command, + 'cs-updateioa-exclusionsv1': updateioa_exclusionsv1_command, + 'cs-updateioc': updateioc_command, + 'cs-updateml-exclusionsv1': updateml_exclusionsv1_command, + 'cs-updatepolicycontainer': updatepolicycontainer_command, + 'cs-updatert-response-policies': updatert_response_policies_command, + 'cs-updaterulegroup': updaterulegroup_command, + 'cs-updaterulegroup-mixin0': updaterulegroup_mixin0_command, + 'cs-updaterules': updaterules_command, + 'cs-upload-samplev2': upload_samplev2_command, + 'cs-upload-samplev3': upload_samplev3_command, + 'cs-validate': validate_command, + 'cs-verifyaws-account-access': verifyaws_account_access_command, + } + + if command == 'test-module': + test_module(client) + elif command in commands: + return_results(commands[command](client, args)) + else: + raise NotImplementedError(f'{command} command is not implemented.') + + except Exception as e: + return_error(f'Failed to execute {command} command. Error: {str(e)}', e) + + +from CrowdStrikeApiModule import * # noqa: E402 + + +if __name__ in ['__main__', 'builtin', 'builtins']: + main() diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml new file mode 100644 index 000000000000..8c4b38fbd620 --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml @@ -0,0 +1,27920 @@ +category: Endpoint +commonfields: + id: CrowdStrike OpenAPI + version: -1 +configuration: +- defaultvalue: https://api.crowdstrike.com + display: Cloud Base URL + hidden: false + name: server_url + required: true + type: 15 + options: + - https://api.crowdstrike.com + - https://api.laggar.gcw.crowdstrike.com + - https://api.eu-1.crowdstrike.com + - https://api.us-2.crowdstrike.com +- display: Client ID + displaypassword: Client Secret + name: credentials + required: true + type: 9 +- display: Use system proxy settings + name: proxy + type: 8 + required: false +- display: Trust any certificate (not secure) + name: insecure + type: 8 + required: false +description: Use the CrowdStrike OpenAPI integration to interact with CrowdStrike + APIs that do not have dedicated integrations in Cortex XSOAR, for example, CrowdStrike FalconX, etc. +display: CrowdStrike OpenAPI (Beta) +name: CrowdStrike OpenAPI +script: + commands: + - arguments: + - description: '' + isArray: true + name: domain_mssprolerequestv1_resources + required: true + description: 'Assign new MSSP Role(s) between User Group and CID Group. It does + not revoke existing role(s) between User Group and CID Group. User Group ID + and CID Group ID have to be specified in request. ' + name: cs-add-role + outputs: + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: domain_usergroupmembersrequestv1_resources + required: true + description: Add new User Group member. Maximum 500 members allowed per User Group. + name: cs-add-user-group-members + outputs: + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: domain_cidgroupmembersrequestv1_resources + required: true + description: Add new CID Group member. + name: cs-addcid-group-members + outputs: + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.resources.cid_group_id + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Retrieve aggregate allowlist ticket values based on the matched filter + name: cs-aggregate-allow-list + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Retrieve aggregate blocklist ticket values based on the matched filter + name: cs-aggregate-block-list + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Retrieve aggregate detection values based on the matched filter + name: cs-aggregate-detections + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Retrieve aggregate host/devices count based on the matched filter + name: cs-aggregate-device-count-collection + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Retrieve aggregate escalation ticket values based on the matched + filter + name: cs-aggregate-escalations + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Get notification aggregates as specified via JSON in request body. + name: cs-aggregate-notificationsv1 + outputs: + - contextPath: CrowdStrike.domainAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Retrieve aggregate remediation ticket values based on the matched + filter + name: cs-aggregate-remediations + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_type + required: true + description: Aggregate events for customer + name: cs-aggregateevents + outputs: + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Retrieve aggregate incident values based on the matched filter + name: cs-aggregatefc-incidents + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_type + required: true + description: Aggregate rules within a policy for customer + name: cs-aggregatepolicyrules + outputs: + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_type + required: true + description: Aggregate rule groups for customer + name: cs-aggregaterulegroups + outputs: + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: fwmgr_msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: fwmgr_msa_aggregatequeryrequest_type + required: true + description: Aggregate rules for customer + name: cs-aggregaterules + outputs: + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: An FQL filter string + isArray: false + name: filter_ + required: true + description: Get the total number of detections pushed across all customers + name: cs-aggregates-detections-global-counts + outputs: + - contextPath: CrowdStrike.msaFacetsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaFacetsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.count + description: '' + type: Number + - contextPath: CrowdStrike.msaFacetsResponse.resources.facet + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.label + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.term + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Get aggregate OverWatch detection event info by providing an aggregate + query + name: cs-aggregates-events + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Get OverWatch detection event collection info by providing an aggregate + query + name: cs-aggregates-events-collections + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: An FQL filter string + isArray: false + name: filter_ + required: true + description: Get the total number of incidents pushed across all customers + name: cs-aggregates-incidents-global-counts + outputs: + - contextPath: CrowdStrike.msaFacetsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaFacetsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.count + description: '' + type: Number + - contextPath: CrowdStrike.msaFacetsResponse.resources.facet + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.label + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.term + description: '' + type: String + - arguments: + - description: An FQL filter string + isArray: false + name: filter_ + required: true + description: Get the total number of OverWatch events across all customers + name: cs-aggregatesow-events-global-counts + outputs: + - contextPath: CrowdStrike.msaFacetsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaFacetsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.count + description: '' + type: Number + - contextPath: CrowdStrike.msaFacetsResponse.resources.facet + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.label + description: '' + type: String + - contextPath: CrowdStrike.msaFacetsResponse.resources.term + description: '' + type: String + - arguments: + - description: Authorization Header + isArray: false + name: Authorization + required: true + description: Identity Protection GraphQL API. Allows to retrieve entities, timeline + activities, identity-based incidents and security assessment. Allows to perform + actions on entities and identity-based incidents. + name: cs-apipreemptproxypostgraphql + - arguments: + - description: The offset to start retrieving records from. + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-1000]. Defaults to 50. + isArray: false + name: limit + required: false + - description: The property to sort by (e.g. timestamp.desc). + isArray: false + name: sort + required: false + - description: The filter expression that should be used to limit the results + (e.g., `action:'token_create'`). + isArray: false + name: filter_ + required: false + description: Search for audit events by providing an FQL filter and paging details. + name: cs-auditeventsquery + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: IDs of audit events to retrieve details for + isArray: true + name: ids + required: false + description: Gets the details of one or more audit events by id. + name: cs-auditeventsread + outputs: + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.resources.action + description: '' + type: String + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.resources.actor + description: '' + type: String + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.resources.timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiauditEventDetailsResponseV1.resources.token_id + description: '' + type: String + - arguments: + - description: Timeout for how long to wait for the request in seconds, default + timeout is 30 seconds. Maximum is 10 minutes. + isArray: false + name: timeout + required: false + - description: 'Timeout duration for for how long to wait for the request in duration + syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 10 + minutes.' + isArray: false + name: timeout_duration + required: false + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_base_command + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_batch_id + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_command_string + required: true + - description: '' + isArray: true + name: domain_batchexecutecommandrequest_optional_hosts + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_persist_all + required: true + description: Batch executes a RTR active-responder command across the hosts mapped + to the given batch ID. + name: cs-batch-active-responder-cmd + - arguments: + - description: Timeout for how long to wait for the request in seconds, default + timeout is 30 seconds. Maximum is 10 minutes. + isArray: false + name: timeout + required: false + - description: 'Timeout duration for for how long to wait for the request in duration + syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 10 + minutes.' + isArray: false + name: timeout_duration + required: false + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_base_command + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_batch_id + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_command_string + required: true + - description: '' + isArray: true + name: domain_batchexecutecommandrequest_optional_hosts + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_persist_all + required: true + description: Batch executes a RTR administrator command across the hosts mapped + to the given batch ID. + name: cs-batch-admin-cmd + - arguments: + - description: Timeout for how long to wait for the request in seconds, default + timeout is 30 seconds. Maximum is 10 minutes. + isArray: false + name: timeout + required: false + - description: 'Timeout duration for for how long to wait for the request in duration + syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 10 + minutes.' + isArray: false + name: timeout_duration + required: false + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_base_command + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_batch_id + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_command_string + required: true + - description: '' + isArray: true + name: domain_batchexecutecommandrequest_optional_hosts + required: true + - description: '' + isArray: false + name: domain_batchexecutecommandrequest_persist_all + required: true + description: Batch executes a RTR read-only command across the hosts mapped to + the given batch ID. + name: cs-batch-cmd + - arguments: + - description: Timeout for how long to wait for the request in seconds, default + timeout is 30 seconds. Maximum is 10 minutes. + isArray: false + name: timeout + required: false + - description: 'Timeout duration for for how long to wait for the request in duration + syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 10 + minutes.' + isArray: false + name: timeout_duration + required: false + - description: '' + isArray: false + name: domain_batchgetcommandrequest_batch_id + required: true + - description: '' + isArray: false + name: domain_batchgetcommandrequest_file_path + required: true + - description: '' + isArray: true + name: domain_batchgetcommandrequest_optional_hosts + required: true + description: Batch executes `get` command across hosts to retrieve files. After + this call is made `GET /real-time-response/combined/batch-get-command/v1` is + used to query for the results. + name: cs-batch-get-cmd + - arguments: + - description: Timeout for how long to wait for the request in seconds, default + timeout is 30 seconds. Maximum is 10 minutes. + isArray: false + name: timeout + required: false + - description: 'Timeout duration for for how long to wait for the request in duration + syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 10 + minutes.' + isArray: false + name: timeout_duration + required: false + - description: Batch Get Command Request ID received from `/real-time-response/combined/get-command/v1` + isArray: false + name: batch_get_cmd_req_id + required: true + description: Retrieves the status of the specified batch get command. Will return + successful files when they are finished processing. + name: cs-batch-get-cmd-status + outputs: + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.cloud_request_id + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.size + description: '' + type: Number + - contextPath: CrowdStrike.domainBatchGetCmdStatusResponse.resources.updated_at + description: '' + type: String + - arguments: + - description: Timeout for how long to wait for the request in seconds, default + timeout is 30 seconds. Maximum is 10 minutes. + isArray: false + name: timeout + required: false + - description: 'Timeout duration for for how long to wait for the request in duration + syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 10 + minutes.' + isArray: false + name: timeout_duration + required: false + - description: '' + isArray: false + name: domain_batchinitsessionrequest_existing_batch_id + required: true + - description: '' + isArray: true + name: domain_batchinitsessionrequest_host_ids + required: true + - description: '' + isArray: false + name: domain_batchinitsessionrequest_queue_offline + required: true + description: Batch initialize a RTR session on multiple hosts. Before any RTR + commands can be used, an active session is needed on the host. + name: cs-batch-init-sessions + - arguments: + - description: Timeout for how long to wait for the request in seconds, default + timeout is 30 seconds. Maximum is 10 minutes. + isArray: false + name: timeout + required: false + - description: 'Timeout duration for for how long to wait for the request in duration + syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 10 + minutes.' + isArray: false + name: timeout_duration + required: false + - description: '' + isArray: false + name: domain_batchrefreshsessionrequest_batch_id + required: true + - description: '' + isArray: true + name: domain_batchrefreshsessionrequest_hosts_to_remove + required: true + description: Batch refresh a RTR session on multiple hosts. RTR sessions will + expire after 10 minutes unless refreshed. + name: cs-batch-refresh-sessions + - arguments: + - description: '' + isArray: true + name: domain_registeractionsrequest_actions + required: true + - description: '' + isArray: false + name: domain_registeractionsrequest_rule_id + required: true + description: Create actions for a monitoring rule. Accepts a list of actions that + will be attached to the monitoring rule. + name: cs-create-actionsv1 + outputs: + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.cid + description: The ID of the customer who created the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.created_timestamp + description: The date when the action was created + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.frequency + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.id + description: The ID of the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.rule_id + description: The ID of the rule on which this action is attached + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.status + description: The action status. It can be either 'enabled' or 'muted'. + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.type + description: The action type. The only type currently supported is 'email' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.updated_timestamp + description: The date when the action was updated + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.user_uuid + description: The UUID of the user who created the action + type: String + - arguments: + - description: A collection of policies to create + isArray: true + name: requests_createdevicecontrolpoliciesv1_resources + required: true + description: Create Device Control Policies by specifying details about the policy + to create + name: cs-create-device-control-policies + - arguments: + - description: A collection of policies to create + isArray: true + name: requests_createfirewallpoliciesv1_resources + required: true + - description: The policy ID to be cloned from + isArray: false + name: clone_id + required: false + description: Create Firewall Policies by specifying details about the policy to + create + name: cs-create-firewall-policies + - arguments: + - description: A collection of device groups to create + isArray: true + name: requests_creategroupsv1_resources + required: true + description: Create Host Groups by specifying details about the group to create + name: cs-create-host-groups + - arguments: + - description: '' + isArray: true + name: models_modifyawscustomersettingsv1_resources + required: true + description: Create or update Global Settings which are applicable to all provisioned + AWS accounts + name: cs-create-or-updateaws-settings + - arguments: + - description: A collection of policies to create + isArray: true + name: requests_createpreventionpoliciesv1_resources + required: true + description: Create Prevention Policies by specifying details about the policy + to create + name: cs-create-prevention-policies + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: The filter to be used for searching + isArray: false + name: sadomain_createrulerequestv1_filter + required: true + - description: The name of a particular rule + isArray: false + name: sadomain_createrulerequestv1_name + required: true + - description: 'The permissions for a particular rule which specifies the rule''s + access by other users. Possible values: [public private]' + isArray: false + name: sadomain_createrulerequestv1_permissions + required: true + - description: 'The priority for a particular rule. Possible values: [medium high + low]' + isArray: false + name: sadomain_createrulerequestv1_priority + required: true + - description: 'The topic of a given rule. Possible values: [SA_THIRD_PARTY SA_CVE + SA_ALIAS SA_AUTHOR SA_BRAND_PRODUCT SA_VIP SA_IP SA_BIN SA_DOMAIN SA_EMAIL + SA_CUSTOM]' + isArray: false + name: sadomain_createrulerequestv1_topic + required: true + description: Create monitoring rules. + name: cs-create-rulesv1 + outputs: + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.created_timestamp + description: The creation time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.filter + description: The FQL filter contained in a rule and used for searching + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.id + description: The ID of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.name + description: The name for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.permissions + description: The permissions of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.priority + description: The priority of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status + description: The status of a rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status_message + description: The detailed status message + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.topic + description: The topic of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.updated_timestamp + description: The last updated time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_id + description: The user ID of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_name + description: The user name of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_uuid + description: The UUID of the user that created a given rule + type: String + - arguments: + - description: A collection of policies to create + isArray: true + name: requests_createsensorupdatepoliciesv1_resources + required: true + description: Create Sensor Update Policies by specifying details about the policy + to create + name: cs-create-sensor-update-policies + - arguments: + - description: A collection of policies to create + isArray: true + name: requests_createsensorupdatepoliciesv2_resources + required: true + description: Create Sensor Update Policies by specifying details about the policy + to create with additional support for uninstall protection + name: cs-create-sensor-update-policiesv2 + - arguments: + - description: '' + isArray: false + name: domain_usercreaterequest_firstname + required: false + - description: '' + isArray: false + name: domain_usercreaterequest_lastname + required: false + - description: '' + isArray: false + name: domain_usercreaterequest_password + required: false + - description: '' + isArray: false + name: domain_usercreaterequest_uid + required: false + description: Create a new user. After creating a user, assign one or more roles + with POST /user-roles/entities/user-roles/v1 + name: cs-create-user + - arguments: + - description: '' + isArray: true + name: domain_usergroupsrequestv1_resources + required: true + description: Create new User Group(s). Maximum 500 User Group(s) allowed per customer. + name: cs-create-user-groups + outputs: + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: k8sreg_createawsaccreq_resources + required: true + description: Creates a new AWS account in our system for a customer and generates + the installation script + name: cs-createaws-account + - arguments: + - description: '' + isArray: true + name: domain_cidgroupsrequestv1_resources + required: true + description: Create new CID Group(s). Maximum 500 CID Group(s) allowed. + name: cs-createcid-groups + outputs: + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.name + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: registration_awsaccountcreaterequestextv2_resources + required: true + description: Creates a new account in our system for a customer and generates + a script for them to run in their AWS cloud environment to grant us access. + name: cs-createcspm-aws-account + - arguments: + - description: '' + isArray: true + name: registration_gcpaccountcreaterequestextv1_resources + required: true + description: Creates a new account in our system for a customer and generates + a new service account for them to add access to in their GCP environment to + grant us access. + name: cs-createcspmgcp-account + - arguments: + - description: '' + isArray: false + name: requests_mlexclusioncreatereqv1_comment + required: false + - description: '' + isArray: true + name: requests_mlexclusioncreatereqv1_excluded_from + required: false + - description: '' + isArray: true + name: requests_mlexclusioncreatereqv1_groups + required: false + - description: '' + isArray: false + name: requests_mlexclusioncreatereqv1_value + required: false + description: Create the ML exclusions + name: cs-createml-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value_hash + description: '' + type: String + - arguments: + - description: A collection of policies to create + isArray: true + name: requests_creatertresponsepoliciesv1_resources + required: true + description: Create Response Policies by specifying details about the policy to + create + name: cs-creatert-response-policies + - arguments: + - description: '' + isArray: false + name: api_rulecreatev1_comment + required: true + - description: '' + isArray: false + name: api_rulecreatev1_description + required: true + - description: '' + isArray: false + name: api_rulecreatev1_disposition_id + required: true + - description: '' + isArray: true + name: api_rulecreatev1_field_values + required: true + - description: '' + isArray: false + name: api_rulecreatev1_name + required: true + - description: '' + isArray: false + name: api_rulecreatev1_pattern_severity + required: true + - description: '' + isArray: false + name: api_rulecreatev1_rulegroup_id + required: true + - description: '' + isArray: false + name: api_rulecreatev1_ruletype_id + required: true + description: Create a rule within a rule group. Returns the rule. + name: cs-createrule + - arguments: + - description: The user id + isArray: false + name: X_CS_USERNAME + required: true + - description: A rule group ID from which to copy rules. If this is provided then + the 'rules' property of the body is ignored. + isArray: false + name: clone_id + required: false + - description: If this flag is set to true then the rules will be cloned from + the clone_id from the CrowdStrike Firewal Rule Groups Li ary. + isArray: false + name: li_ary + required: false + - description: Audit log comment for this action + isArray: false + name: comment + required: false + - description: '' + isArray: false + name: fwmgr_api_rulegroupcreaterequestv1_description + required: true + - description: '' + isArray: false + name: fwmgr_api_rulegroupcreaterequestv1_enabled + required: true + - description: '' + isArray: false + name: fwmgr_api_rulegroupcreaterequestv1_name + required: true + - description: '' + isArray: true + name: fwmgr_api_rulegroupcreaterequestv1_rules + required: true + description: Create new rule group on a platform for a customer with a name and + description, and return the ID + name: cs-createrulegroup + - arguments: + - description: '' + isArray: false + name: api_rulegroupcreaterequestv1_comment + required: true + - description: '' + isArray: false + name: api_rulegroupcreaterequestv1_description + required: true + - description: '' + isArray: false + name: api_rulegroupcreaterequestv1_name + required: true + - description: '' + isArray: false + name: api_rulegroupcreaterequestv1_platform + required: true + description: Create a rule group for a platform with a name and an optional description. + Returns the rule group. + name: cs-createrulegroup-mixin0 + - arguments: + - description: '' + isArray: false + name: requests_svexclusioncreatereqv1_comment + required: false + - description: '' + isArray: true + name: requests_svexclusioncreatereqv1_groups + required: false + - description: '' + isArray: false + name: requests_svexclusioncreatereqv1_value + required: false + description: Create the sensor visibility exclusions + name: cs-createsv-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value_hash + description: '' + type: String + - arguments: + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-2500] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + predefined: + - score.asc + - score.desc + - timestamp.asc + - timestamp.desc + required: false + description: Query environment wide CrowdScore and return the entity data + name: cs-crowd-score + outputs: + - contextPath: CrowdStrike.apiMsaEnvironmentScoreResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaEnvironmentScoreResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaEnvironmentScoreResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaEnvironmentScoreResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaEnvironmentScoreResponse.resources.score + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaEnvironmentScoreResponse.resources.timestamp + description: '' + type: String + - description: Check current installation token settings. + name: cs-customersettingsread + outputs: + - contextPath: CrowdStrike.apicustomerSettingsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apicustomerSettingsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apicustomerSettingsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apicustomerSettingsResponseV1.resources.max_active_tokens + description: '' + type: Number + - contextPath: CrowdStrike.apicustomerSettingsResponseV1.resources.tokens_required + description: '' + type: Boolean + - arguments: + - description: ID of the action. + isArray: false + name: id_ + required: true + description: Delete an action from a monitoring rule based on the action ID. + name: cs-delete-actionv1 + outputs: + - contextPath: CrowdStrike.domainQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainQueryResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message_key + description: '' + type: String + - arguments: + - description: The IDs of the Device Control Policies to delete + isArray: true + name: ids + required: true + description: Delete a set of Device Control Policies by specifying their IDs + name: cs-delete-device-control-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The IDs of the Firewall Policies to delete + isArray: true + name: ids + required: true + description: Delete a set of Firewall Policies by specifying their IDs + name: cs-delete-firewall-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The IDs of the Host Groups to delete + isArray: true + name: ids + required: true + description: Delete a set of Host Groups by specifying their IDs + name: cs-delete-host-groups + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Notifications IDs. + isArray: true + name: ids + required: true + description: Delete notifications based on IDs. Notifications cannot be recovered + after they are deleted. + name: cs-delete-notificationsv1 + outputs: + - contextPath: CrowdStrike.domainNotificationIDResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationIDResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationIDResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationIDResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationIDResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationIDResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationIDResponse.errors.message_key + description: '' + type: String + - arguments: + - description: The IDs of the Prevention Policies to delete + isArray: true + name: ids + required: true + description: Delete a set of Prevention Policies by specifying their IDs + name: cs-delete-prevention-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: ID of a report. + isArray: false + name: ids + required: true + description: Delete report based on the report ID. Operation can be checked for + success by polling for the report ID on the report-summaries endpoint. + name: cs-delete-report + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: IDs of rules. + isArray: true + name: ids + required: true + description: Delete monitoring rules. + name: cs-delete-rulesv1 + outputs: + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.message_key + description: '' + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: The file SHA256. + isArray: false + name: ids + required: true + description: Removes a sample, including file, meta and submissions from the collection + name: cs-delete-samplev2 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: The file SHA256. + isArray: false + name: ids + required: true + description: Removes a sample, including file, meta and submissions from the collection + name: cs-delete-samplev3 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The IDs of the Sensor Update Policies to delete + isArray: true + name: ids + required: true + description: Delete a set of Sensor Update Policies by specifying their IDs + name: cs-delete-sensor-update-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of the exclusions to delete + isArray: true + name: ids + required: true + - description: Explains why this exclusions was deleted + isArray: false + name: comment + required: false + description: Delete the sensor visibility exclusions by id + name: cs-delete-sensor-visibility-exclusionsv1 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: ID of a user. Find a user's ID from `/users/entities/user/v1`. + isArray: false + name: user_uuid + required: true + description: Delete a user permanently + name: cs-delete-user + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: domain_usergroupmembersrequestv1_resources + required: true + description: Delete User Group members entry. + name: cs-delete-user-group-members + outputs: + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: User Group IDs + isArray: true + name: user_group_ids + required: true + description: Delete User Group(s) by ID(s). + name: cs-delete-user-groups + outputs: + - contextPath: CrowdStrike.msaEntitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaEntitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaEntitiesResponse.errors.message + description: '' + type: String + - arguments: + - description: IDs of accounts to remove + isArray: true + name: ids + required: true + description: Delete a set of AWS Accounts by specifying their IDs + name: cs-deleteaws-accounts + outputs: + - contextPath: CrowdStrike.modelsBaseResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsBaseResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsBaseResponseV1.errors.message + description: '' + type: String + - arguments: + - description: AWS Account IDs + isArray: true + name: ids + required: true + description: Delete AWS accounts. + name: cs-deleteaws-accounts-mixin0 + outputs: + - contextPath: CrowdStrike.msaMetaInfo.powered_by + description: '' + type: String + - contextPath: CrowdStrike.msaMetaInfo.query_time + description: '' + type: Unknown + - contextPath: CrowdStrike.msaMetaInfo.trace_id + description: '' + type: String + - contextPath: CrowdStrike.msaMetaInfo.powered_by + description: '' + type: String + - contextPath: CrowdStrike.msaMetaInfo.query_time + description: '' + type: Unknown + - contextPath: CrowdStrike.msaMetaInfo.trace_id + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: domain_cidgroupmembersrequestv1_resources + required: true + description: Delete CID Group members entry. + name: cs-deletecid-group-members + outputs: + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.resources.cid_group_id + description: '' + type: String + - arguments: + - description: CID group ids to be deleted + isArray: true + name: cid_group_ids + required: true + description: Delete CID Group(s) by ID(s). + name: cs-deletecid-groups + outputs: + - contextPath: CrowdStrike.msaEntitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaEntitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaEntitiesResponse.errors.message + description: '' + type: String + - arguments: + - description: AWS account IDs to remove + isArray: true + name: ids + required: false + - description: AWS organization IDs to remove + isArray: true + name: organization_ids + required: false + description: Deletes an existing AWS account or organization in our system. + name: cs-deletecspm-aws-account + outputs: + - contextPath: CrowdStrike.registrationBaseResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationBaseResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationBaseResponseV1.errors.message + description: '' + type: String + - arguments: + - description: Azure subscription IDs to remove + isArray: true + name: ids + required: true + description: Deletes an Azure subscription from the system. + name: cs-deletecspm-azure-account + outputs: + - contextPath: CrowdStrike.registrationBaseResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationBaseResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationBaseResponseV1.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: domain_mssprolerequestv1_resources + required: true + description: Delete MSSP Role assignment(s) between User Group and CID Group. + User Group ID and CID Group ID have to be specified in request. Only specified + roles are removed if specified in request payload, else association between + User Group and CID Group is dissolved completely (if no roles specified). + name: cs-deleted-roles + outputs: + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: The ids of the exclusions to delete + isArray: true + name: ids + required: true + - description: Explains why this exclusions was deleted + isArray: false + name: comment + required: false + description: Delete the IOA exclusions by id + name: cs-deleteioa-exclusionsv1 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of the exclusions to delete + isArray: true + name: ids + required: true + - description: Explains why this exclusions was deleted + isArray: false + name: comment + required: false + description: Delete the ML exclusions by id + name: cs-deleteml-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value_hash + description: '' + type: String + - arguments: + - description: The IDs of the Response Policies to delete + isArray: true + name: ids + required: true + description: Delete a set of Response Policies by specifying their IDs + name: cs-deletert-response-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The user id + isArray: false + name: X_CS_USERNAME + required: true + - description: The IDs of the rule groups to be deleted + isArray: true + name: ids + required: true + - description: Audit log comment for this action + isArray: false + name: comment + required: false + description: Delete rule group entities by ID + name: cs-deleterulegroups + outputs: + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Explains why the entity is being deleted + isArray: false + name: comment + required: false + - description: The IDs of the entities + isArray: true + name: ids + required: true + description: Delete rule groups by ID. + name: cs-deleterulegroups-mixin0 + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: The parent rule group + isArray: false + name: rule_group_id + required: true + - description: Explains why the entity is being deleted + isArray: false + name: comment + required: false + - description: The IDs of the entities + isArray: true + name: ids + required: true + description: Delete rules from a rule group by ID. + name: cs-deleterules + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: ' The type of the indicator. Valid types include: sha256: A hex-encoded + sha256 hash string. Length - min: 64, max: 64. md5: A hex-encoded md5 hash + string. Length - min 32, max: 32. domain: A domain name. Length - min: 1, + max: 200. ipv4: An IPv4 address. Must be a valid IP address. ipv6: An IPv6 + address. Must be a valid IP address. ' + isArray: false + name: type_ + required: true + - description: The string representation of the indicator + isArray: false + name: value + required: true + description: Number of hosts in your customer account that have observed a given + custom IOC + name: cs-devices-count + outputs: + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.resources.device_count + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.resources.limit_exceeded + description: '' + type: Boolean + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOCDevicesCount.resources.value + description: '' + type: String + - arguments: + - description: ' The type of the indicator. Valid types include: sha256: A hex-encoded + sha256 hash string. Length - min: 64, max: 64. md5: A hex-encoded md5 hash + string. Length - min 32, max: 32. domain: A domain name. Length - min: 1, + max: 200. ipv4: An IPv4 address. Must be a valid IP address. ipv6: An IPv6 + address. Must be a valid IP address. ' + isArray: false + name: type_ + required: true + - description: The string representation of the indicator + isArray: false + name: value + required: true + - description: The first process to return, where 0 is the latest offset. Use + with the offset meter to manage pagination of results. + isArray: false + name: limit + required: false + - description: The first process to return, where 0 is the latest offset. Use + with the limit meter to manage pagination of results. + isArray: false + name: offset + required: false + description: Find hosts that have observed a given custom IOC. For details about + those hosts, use GET /devices/entities/devices/v1 + name: cs-devices-ran-on + outputs: + - contextPath: CrowdStrike.apiMsaReplyDevicesRanOn.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyDevicesRanOn.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyDevicesRanOn.errors.message + description: '' + type: String + - arguments: + - description: SHA256 of the installer to download + isArray: false + name: id_ + required: true + description: Download sensor installer by SHA256 ID + name: cs-download-sensor-installer-by-id + - arguments: + - description: ProcessID for the running process you want to lookup + isArray: true + name: ids + required: true + description: For the provided ProcessID retrieve the process details + name: cs-entitiesprocesses + outputs: + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.command_line + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.file_name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.process_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.process_id_local + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.start_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.start_timestamp_raw + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.stop_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaProcessDetailResponse.resources.stop_timestamp_raw + description: '' + type: String + - arguments: + - description: Action IDs. + isArray: true + name: ids + required: true + description: Get actions based on their IDs. IDs can be retrieved using the GET + /queries/actions/v1 endpoint. + name: cs-get-actionsv1 + outputs: + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.cid + description: The ID of the customer who created the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.created_timestamp + description: The date when the action was created + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.frequency + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.id + description: The ID of the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.rule_id + description: The ID of the rule on which this action is attached + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.status + description: The action status. It can be either 'enabled' or 'muted'. + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.type + description: The action type. The only type currently supported is 'email' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.updated_timestamp + description: The date when the action was updated + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.user_uuid + description: The UUID of the user who created the action + type: String + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Get detect aggregates as specified via json in request body. + name: cs-get-aggregate-detects + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: ID of an artifact, such as an IOC pack, PCAP file, or actor image. + Find an artifact ID in a report or summary. + isArray: false + name: id_ + required: true + - description: The name given to your downloaded file. + isArray: false + name: name + required: false + - description: Format used to compress your downloaded file. Currently, you must + provide the value `gzip`, the only valid format. + isArray: false + name: Accept_Encoding + required: false + description: Download IOC packs, PCAP files, and other analysis artifacts. + name: cs-get-artifacts + - arguments: + - description: One or more agent IDs, which you can find in the data.zta file, + or the Falcon console. + isArray: true + name: ids + required: true + description: Get Zero Trust Assessment data for one or more hosts by providing + agent IDs (AID) and a customer ID (CID). + name: cs-get-assessmentv1 + outputs: + - contextPath: CrowdStrike.domainAssessmentsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainAssessmentsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.resources.event_platform + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.resources.modified_time + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.resources.sensor_file_status + description: '' + type: String + - contextPath: CrowdStrike.domainAssessmentsResponse.resources.system_serial_number + description: '' + type: String + - description: Show role IDs for all roles available in your customer account. For + more information on each role, provide the role ID to `/customer/entities/roles/v1`. + name: cs-get-available-role-ids + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_idsrequest_ids + required: true + description: Get details on behaviors by providing behavior IDs + name: cs-get-behaviors + outputs: + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.behavior_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.cmdline + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.compound_tto + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.detection_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.domain + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.filepath + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.incident_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.ioc_source + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.ioc_type + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.ioc_value + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.objective + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.pattern_disposition + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.pattern_id + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.tactic + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.technique + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.template_instance_id + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalBehaviorResponse.resources.user_name + description: '' + type: String + - arguments: + - description: CID of a child customer + isArray: true + name: ids + required: true + description: Get link to child customer by child CID(s) + name: cs-get-children + outputs: + - contextPath: CrowdStrike.domainChildrenResponseV1.resources.checksum + description: '' + type: String + - contextPath: CrowdStrike.domainChildrenResponseV1.resources.child_cid + description: '' + type: String + - contextPath: CrowdStrike.domainChildrenResponseV1.resources.child_gcid + description: '' + type: String + - contextPath: CrowdStrike.domainChildrenResponseV1.resources.child_of + description: '' + type: String + - contextPath: CrowdStrike.domainChildrenResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainChildrenResponseV1.resources.status + description: '' + type: String + - arguments: + - description: SubscriptionIDs of accounts to select for this status operation. + If this is empty then all accounts are returned. + isArray: true + name: ids + required: false + - description: Type of scan, dry or full, to perform on selected accounts + isArray: false + name: scan_type + required: false + description: Return information about Azure account registration + name: cs-get-cloudconnectazure-entities-account-v1 + outputs: + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.CreatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.DeletedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.ID + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.UpdatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.status + description: Account registration status. + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.subscription_id + description: Azure Subscription ID. + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.tenant_id + description: Azure Tenant ID to use. + type: String + - description: Return a script for customer to run in their cloud environment to + grant us access to their Azure environment as a downloadable attachment + name: cs-get-cloudconnectazure-entities-userscriptsdownload-v1 + outputs: + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - arguments: + - description: SubscriptionIDs of accounts to select for this status operation. + If this is empty then all accounts are returned. + isArray: true + name: ids + required: false + - description: Type of scan, dry or full, to perform on selected accounts + isArray: false + name: scan_type + required: false + - description: Account status to filter results by. + isArray: false + name: status + required: false + - description: The maximum records to return. Defaults to 100. + isArray: false + name: limit + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + description: Return information about Azure account registration + name: cs-get-cloudconnectcspmazure-entities-account-v1 + outputs: + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.CreatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.DeletedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.ID + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.UpdatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.status + description: Account registration status. + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.subscription_id + description: Azure Subscription ID. + type: String + - contextPath: CrowdStrike.registrationAzureAccountResponseV1.resources.tenant_id + description: Azure Tenant ID to use. + type: String + - arguments: + - description: Tenant ID to generate script for. Defaults to most recently registered + tenant. + isArray: false + name: tenant_id + required: false + description: Return a script for customer to run in their cloud environment to + grant us access to their Azure environment as a downloadable attachment + name: cs-get-cloudconnectcspmazure-entities-userscriptsdownload-v1 + outputs: + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - arguments: + - description: Cluster name. For EKS it will be cluster ARN. + isArray: true + name: cluster_names + required: false + - description: Cluster Account id. For EKS it will be AWS account ID. + isArray: true + name: account_ids + required: false + - description: Cloud location + isArray: true + name: locations + required: false + - auto: PREDEFINED + description: Cluster Service + isArray: false + name: cluster_service + predefined: + - eks + required: false + - description: Limit returned accounts + isArray: false + name: limit + required: false + - description: Offset returned accounts + isArray: false + name: offset + required: false + description: Provides the clusters acknowledged by the Kubernetes Protection service + name: cs-get-clusters + outputs: + - contextPath: CrowdStrike.k8sregGetClustersResp.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.k8sregGetClustersResp.errors.id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.errors.message + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.account_id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.cluster_id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.cluster_name + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.cluster_service + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.last_heartbeat_at + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.location + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.status + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetClustersResp.resources.updated_at + description: '' + type: String + - arguments: + - description: The first item to return, where 0 is the latest item. Use with + the limit meter to manage pagination of results. + isArray: false + name: offset + required: false + - description: 'The number of items to return in this response (default: 100, + max: 500). Use with the offset meter to manage pagination of results.' + isArray: false + name: limit + required: false + - description: 'Sort items using their properties. Common sort options include: ul li + version|asc /li li release_date|desc /li /ul ' + isArray: false + name: sort + required: false + - description: 'Filter items using a query in Falcon Query Language (FQL). An + asterisk wildcard includes all results. Common filter options include: ul li + platform:"windows" /li li version: "5.2" /li /ul ' + isArray: false + name: filter_ + required: false + description: Get sensor installer details by provided query + name: cs-get-combined-sensor-installers-by-query + outputs: + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.description + description: installer description + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.file_size + description: file size + type: Number + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.file_type + description: file type + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.name + description: installer file name + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.os + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.platform + description: supported platform + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.release_date + description: release date + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.sha256 + description: sha256 + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.version + description: version of the installer + type: String + - arguments: + - description: '' + isArray: true + name: msa_idsrequest_ids + required: true + description: View information about detections + name: cs-get-detect-summaries + outputs: + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.assigned_to_name + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.assigned_to_uid + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.alleged_filetype + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.behavior_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.cmdline + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.confidence + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.container_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.control_graph_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.description + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.device_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.display_name + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.filename + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.filepath + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.ioc_description + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.ioc_source + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.ioc_type + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.ioc_value + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.md5 + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.objective + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.pattern_disposition + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.rule_instance_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.rule_instance_version + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.scenario + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.severity + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.sha256 + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.tactic + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.tactic_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.technique + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.technique_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.template_instance_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.triggering_process_graph_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.user_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.behaviors.user_name + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.detection_id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.email_sent + description: '' + type: Boolean + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.first_behavior + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.last_behavior + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.max_confidence + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.max_severity + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.max_severity_displayname + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.overwatch_notes + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.quarantined_files.id + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.quarantined_files.paths + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.quarantined_files.sha256 + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.quarantined_files.state + description: '' + type: String + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.seconds_to_resolved + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.seconds_to_triaged + description: '' + type: Number + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.show_in_ui + description: '' + type: Boolean + - contextPath: CrowdStrike.domainMsaDetectSummariesResponse.resources.status + description: '' + type: String + - arguments: + - description: The IDs of the Device Control Policies to return + isArray: true + name: ids + required: true + description: Retrieve a set of Device Control Policies by specifying their IDs + name: cs-get-device-control-policies + outputs: + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + description: Retrieve device count collection Ids that match the provided FQL + filter, criteria with scrolling enabled + name: cs-get-device-count-collection-queries-by-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The host agentIDs used to get details on + isArray: true + name: ids + required: true + description: Get details on one or more hosts by providing agent IDs (AID). You + can get a host's agent IDs (AIDs) from the /devices/queries/devices/v1 endpoint, + the Falcon console or the Streaming API + name: cs-get-device-details + outputs: + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.email + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.status + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceDetailsResponseSwagger.resources.zone_group + description: '' + type: String + - arguments: + - description: The IDs of the Firewall Policies to return + isArray: true + name: ids + required: true + description: Retrieve a set of Firewall Policies by specifying their IDs + name: cs-get-firewall-policies + outputs: + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.channel_version + description: Channel file version for the policy + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.rule_set_id + description: Firewall rule set id. This id combines several firewall rules and + gets attached to the policy + type: String + - arguments: + - description: Cluster name. For EKS it will be cluster ARN. + isArray: false + name: cluster_name + required: true + description: Provides a sample Helm values.yaml file for a customer to install + alongside the agent Helm chart + name: cs-get-helm-values-yaml + - arguments: + - description: The IDs of the Host Groups to return + isArray: true + name: ids + required: true + description: Retrieve a set of Host Groups by specifying their IDs + name: cs-get-host-groups + outputs: + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.name + description: The name of the group + type: String + - arguments: + - description: '' + isArray: true + name: msa_idsrequest_ids + required: true + description: Get details on incidents by providing incident IDs + name: cs-get-incidents + outputs: + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.assigned_to + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.assigned_to_name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.created + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.end + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.events_histogram.count + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.events_histogram.has_detect + description: '' + type: Boolean + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.events_histogram.has_overwatch + description: '' + type: Boolean + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.events_histogram.has_prevented + description: '' + type: Boolean + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.events_histogram.timestamp_max + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.events_histogram.timestamp_min + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.fine_score + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.agent_version + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.bios_version + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.cid + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.device_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.external_ip + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.first_seen + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.hostname + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.last_seen + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.local_ip + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.mac_address + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.major_version + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.minor_version + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.os_version + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.platform_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.platform_name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.pod_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.pod_name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.product_type + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.release_group + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.service_provider + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.site_name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.status + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.hosts.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.incident_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.incident_type + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.lm_hosts_capped + description: '' + type: Boolean + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.start + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.state + description: '' + type: String + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.status + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaExternalIncidentResponse.resources.visibility + description: '' + type: Number + - arguments: + - description: The IDs of the actors you want to retrieve. + isArray: true + name: ids + required: true + - description: 'The fields to return, or a predefined set of fields in the form + of the collection name surrounded by two underscores like: \_\_\ collection\ + \_\_. Ex: slug \_\_full\_\_. Defaults to \_\_basic\_\_.' + isArray: true + name: fields + required: false + description: Retrieve specific actors using their actor IDs. + name: cs-get-intel-actor-entities + outputs: + - contextPath: CrowdStrike.domainActorsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.active + description: '' + type: Boolean + - contextPath: CrowdStrike.domainActorsResponse.resources.actor_type + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.first_activity_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.known_as + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.last_activity_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.last_modified_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.notify_users + description: '' + type: Boolean + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.rich_text_description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.short_description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.url + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_idsrequest_ids + required: true + description: Retrieve specific indicators using their indicator IDs. + name: cs-get-intel-indicator-entities + outputs: + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources._marker + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.indicator + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.created_on + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.last_valid_on + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.name + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.last_updated + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.malicious_confidence + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.published_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.indicator + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.last_valid_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.type + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.type + description: '' + type: String + - arguments: + - description: The IDs of the reports you want to retrieve. + isArray: true + name: ids + required: true + - description: 'The fields to return, or a predefined set of fields in the form + of the collection name surrounded by two underscores like: \_\_\ collection\ + \_\_. Ex: slug \_\_full\_\_. Defaults to \_\_basic\_\_.' + isArray: true + name: fields + required: false + description: Retrieve specific reports using their report IDs. + name: cs-get-intel-report-entities + outputs: + - contextPath: CrowdStrike.domainNewsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.active + description: '' + type: Boolean + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.url + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.attachments.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.attachments.url + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.last_modified_date + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.notify_users + description: '' + type: Boolean + - contextPath: CrowdStrike.domainNewsResponse.resources.rich_text_description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.short_description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.url + description: '' + type: String + - arguments: + - description: The ID of the report you want to download as a PDF. + isArray: false + name: id_ + required: true + description: Return a Report PDF attachment + name: cs-get-intel-reportpdf + - arguments: + - description: The ids of rules to return. + isArray: true + name: ids + required: true + description: Retrieve details for rule sets for the specified ids. + name: cs-get-intel-rule-entities + outputs: + - contextPath: CrowdStrike.domainRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesResponse.resources.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainRulesResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesResponse.resources.last_modified_date + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainRulesResponse.resources.rich_text_description + description: '' + type: String + - contextPath: CrowdStrike.domainRulesResponse.resources.short_description + description: '' + type: String + - contextPath: CrowdStrike.domainRulesResponse.resources.type + description: '' + type: String + - arguments: + - description: Choose the format you want the rule set in. + isArray: false + name: Accept + required: false + - description: The ID of the rule set. + isArray: false + name: id_ + required: true + - description: Choose the format you want the rule set in. Valid formats are zip + and gzip. Defaults to zip. + isArray: false + name: format + required: false + description: Download earlier rule sets. + name: cs-get-intel-rule-file + - arguments: + - description: Choose the format you want the rule set in. + isArray: false + name: Accept + required: false + - description: 'The rule news report type. Accepted values: snort-suricata-master snort-suricata-update snort-suricata-changelog yara-master yara-update yara-changelog common-event-format netwitness' + isArray: false + name: type_ + required: true + - description: Choose the format you want the rule set in. Valid formats are zip + and gzip. Defaults to zip. + isArray: false + name: format + required: false + description: Download the latest rule set. + name: cs-get-latest-intel-rule-file + - arguments: + - auto: PREDEFINED + description: Cloud Provider + isArray: true + name: clouds + predefined: + - aws + - azure + - gcp + required: false + description: Provides the cloud locations acknowledged by the Kubernetes Protection + service + name: cs-get-locations + outputs: + - contextPath: CrowdStrike.k8sregGetLocationsResp.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.k8sregGetLocationsResp.errors.id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetLocationsResp.errors.message + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetLocationsResp.resources.cloud + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetLocationsResp.resources.location + description: '' + type: String + - arguments: + - description: The file SHA256. + isArray: true + name: ids + required: true + description: Download a file indexed by MalQuery. Specify the file using its SHA256. + Only one file is supported at this time + name: cs-get-mal-query-downloadv1 + - arguments: + - description: Multidownload job id + isArray: false + name: ids + required: true + description: Fetch a zip archive with password 'infected' containing the samples. + Call this once the /entities/samples-multidownload request has finished processing + name: cs-get-mal-query-entities-samples-fetchv1 + - arguments: + - description: The file SHA256. + isArray: true + name: ids + required: true + description: Retrieve indexed files metadata by their hash + name: cs-get-mal-query-metadatav1 + outputs: + - contextPath: CrowdStrike.malquerySampleMetadataResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malquerySampleMetadataResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malquerySampleMetadataResponse.resources.sha256 + description: Sample SHA256 + type: String + - description: Get information about search and download quotas in your environment + name: cs-get-mal-query-quotasv1 + outputs: + - contextPath: CrowdStrike.malqueryRateLimitsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryRateLimitsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryRateLimitsResponse.errors.message + description: '' + type: String + - arguments: + - description: Identifier of a MalQuery request + isArray: true + name: ids + required: true + description: Check the status and results of an asynchronous request, such as + hunt or exact-search. Supports a single request id at this time. + name: cs-get-mal-query-requestv1 + outputs: + - contextPath: CrowdStrike.malqueryRequestResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryRequestResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryRequestResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.ignore_reason + description: Reason why the resource is ignored + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.label_confidence + description: Resource label confidence + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.pattern + description: Search pattern + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.pattern_type + description: Search pattern type + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.samples.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryRequestResponse.resources.yara_rule + description: Search YARA rule + type: String + - arguments: + - description: Notification IDs. + isArray: true + name: ids + required: true + description: Get detailed notifications based on their IDs. These include the + raw intelligence content that generated the match.This endpoint will return + translated notification content. The only target language available is English. + A single notification can be translated per request + name: cs-get-notifications-detailed-translatedv1 + outputs: + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message_key + description: '' + type: String + - arguments: + - description: Notification IDs. + isArray: true + name: ids + required: true + description: Get detailed notifications based on their IDs. These include the + raw intelligence content that generated the match. + name: cs-get-notifications-detailedv1 + outputs: + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationDetailsResponseV1.errors.message_key + description: '' + type: String + - arguments: + - description: Notification IDs. + isArray: true + name: ids + required: true + description: Get notifications based on their IDs. IDs can be retrieved using + the GET /queries/notifications/v1 endpoint. This endpoint will return translated + notification content. The only target language available is English. + name: cs-get-notifications-translatedv1 + outputs: + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uid + description: The email of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_username + description: The name of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uuid + description: The unique ID of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.created_date + description: The date when the notification was generated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.id + description: The ID of the notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_date + description: Timestamp when the intelligence item is considered to have been + posted + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_id + description: ID of the intelligence item which generated the match + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_type + description: Type of intelligence item based on format, e.g. post, reply, botnet_config + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_id + description: The ID of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_name + description: The name of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_priority + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_topic + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.status + description: 'The notification status. This can be one of: new, in-progress, + closed-false-positive, closed-true-positive.' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.updated_date + description: The date when the notification was updated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uid + description: The email of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_username + description: The name of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uuid + description: The unique ID of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.created_date + description: The date when the notification was generated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.id + description: The ID of the notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_date + description: Timestamp when the intelligence item is considered to have been + posted + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_id + description: ID of the intelligence item which generated the match + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_type + description: Type of intelligence item based on format, e.g. post, reply, botnet_config + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_id + description: The ID of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_name + description: The name of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_priority + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_topic + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.status + description: 'The notification status. This can be one of: new, in-progress, + closed-false-positive, closed-true-positive.' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.updated_date + description: The date when the notification was updated + type: String + - arguments: + - description: Notification IDs. + isArray: true + name: ids + required: true + description: Get notifications based on their IDs. IDs can be retrieved using + the GET /queries/notifications/v1 endpoint. + name: cs-get-notificationsv1 + outputs: + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uid + description: The email of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_username + description: The name of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uuid + description: The unique ID of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.created_date + description: The date when the notification was generated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.id + description: The ID of the notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_date + description: Timestamp when the intelligence item is considered to have been + posted + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_id + description: ID of the intelligence item which generated the match + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_type + description: Type of intelligence item based on format, e.g. post, reply, botnet_config + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_id + description: The ID of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_name + description: The name of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_priority + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_topic + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.status + description: 'The notification status. This can be one of: new, in-progress, + closed-false-positive, closed-true-positive.' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.updated_date + description: The date when the notification was updated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uid + description: The email of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_username + description: The name of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uuid + description: The unique ID of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.created_date + description: The date when the notification was generated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.id + description: The ID of the notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_date + description: Timestamp when the intelligence item is considered to have been + posted + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_id + description: ID of the intelligence item which generated the match + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_type + description: Type of intelligence item based on format, e.g. post, reply, botnet_config + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_id + description: The ID of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_name + description: The name of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_priority + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_topic + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.status + description: 'The notification status. This can be one of: new, in-progress, + closed-false-positive, closed-true-positive.' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.updated_date + description: The date when the notification was updated + type: String + - arguments: + - description: The IDs of the Prevention Policies to return + isArray: true + name: ids + required: true + description: Retrieve a set of Prevention Policies by specifying their IDs + name: cs-get-prevention-policies + outputs: + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - description: ID of a report. Find a report ID from the response when submitting + a malware sample or search with `/falconx/queries/reports/v1`. + isArray: true + name: ids + required: true + description: Get a full sandbox report. + name: cs-get-reports + outputs: + - contextPath: CrowdStrike.falconxReportV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.first_activity_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.image_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.known_as + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.last_activity_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.short_description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.thumbnail_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.updated_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.input + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.family + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.file_size + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.file_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.first_seen_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.label + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.md5 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.sha1 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.architecture + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.address + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.associated_runtime.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.associated_runtime.pid + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.compromised + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.country + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.port + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.protocol + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.address + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.compromised + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.country + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.domain + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_creation_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_name_servers + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_organization + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.environment_description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.error_message + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.error_origin + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.error_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.file_available_to_download + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.file_path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.file_size + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.md5 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.runtime_process + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.sha1 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.threat_level + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.threat_level_readable + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.filename + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.process + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.source + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.file_imports.module + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.file_size + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.file_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.header + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.host + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.host_ip + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.host_port + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.method + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.response_code + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.response_phrase + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.url + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.incidents.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.ioc_report_broad_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.ioc_report_strict_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.memory_forensics.stream_uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.memory_forensics.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.memory_strings_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.mitre_attacks.attack_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.mitre_attacks.tactic + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.mitre_attacks.technique + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.packer + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.pcap_report_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.command_line + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.file_accesses.mask + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.file_accesses.path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.file_accesses.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.handles.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.handles.path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.handles.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.icon_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.normalized_path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.parent_uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.pid + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.process_flags.data + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.process_flags.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.key + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.operation + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.status + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.status_human_readable + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.cls_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.dispatch_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.argument_number + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.comment + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.meaning + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.result + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.status + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.executed + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.file_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.human_keywords + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.instructions_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.matched_signatures.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.matched_signatures.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.attack_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.category + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.identifier + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.relevance + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.threat_level + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.threat_level_human + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.type + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.submission_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.submit_url + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.category + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.destination_ip + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.destination_port + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.protocol + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.sid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.target_url + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.threat_score + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.version_info.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.version_info.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_bitness + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_edition + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_service_pack + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_version + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.user_uuid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.first_activity_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.image_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.known_as + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.last_activity_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.origins.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.short_description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.actors.thumbnail_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.updated_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.intel.related_indicators.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_broad_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.ioc_report_strict_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.input + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.family + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.file_size + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.file_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.first_seen_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.label + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.md5 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.sha1 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.malquery.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.architecture + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.address + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.associated_runtime.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.associated_runtime.pid + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.compromised + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.country + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.port + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.contacted_hosts.protocol + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.address + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.compromised + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.country + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.domain + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_creation_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_name_servers + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.dns_requests.registrar_organization + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.environment_description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.error_message + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.error_origin + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.error_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.file_available_to_download + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.file_path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.file_size + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.md5 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.runtime_process + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.sha1 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.threat_level + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_files.threat_level_readable + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.filename + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.process + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.source + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.extracted_interesting_strings.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.file_imports.module + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.file_size + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.file_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.header + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.host + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.host_ip + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.host_port + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.method + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.response_code + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.response_phrase + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.http_requests.url + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.incidents.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.ioc_report_broad_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.ioc_report_strict_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.memory_forensics.stream_uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.memory_forensics.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.memory_strings_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.mitre_attacks.attack_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.mitre_attacks.tactic + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.mitre_attacks.technique + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.packer + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.pcap_report_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.command_line + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.file_accesses.mask + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.file_accesses.path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.file_accesses.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.handles.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.handles.path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.handles.type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.icon_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.normalized_path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.parent_uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.pid + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.process_flags.data + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.process_flags.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.key + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.operation + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.path + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.status + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.status_human_readable + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.registry.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.cls_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.dispatch_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.argument_number + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.comment + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.meaning + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.parameters.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.result + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.script_calls.status + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.executed + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.file_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.human_keywords + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.instructions_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.matched_signatures.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.matched_signatures.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.streams.uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.processes.uid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.attack_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.category + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.identifier + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.relevance + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.threat_level + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.threat_level_human + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.signatures.type + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.submission_type + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.submit_url + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.category + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.description + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.destination_ip + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.destination_port + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.protocol + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.suricata_alerts.sid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.target_url + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.threat_score + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.version_info.id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.version_info.value + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_bitness + description: '' + type: Number + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_edition + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_service_pack + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.sandbox.windows_version_version + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.user_uuid + description: '' + type: String + - contextPath: CrowdStrike.falconxReportV1Response.resources.verdict + description: '' + type: String + - arguments: + - description: ID of a role. Find a role ID from `/customer/queries/roles/v1` + or `/users/queries/roles/v1`. + isArray: true + name: ids + required: true + description: Get info about a role + name: cs-get-roles + outputs: + - contextPath: CrowdStrike.domainUserRoleResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserRoleResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.display_name + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserRoleResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.display_name + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleResponse.resources.id + description: '' + type: String + - arguments: + - description: 'MSSP Role assignment is of the format user_group_id : cid_group_id ' + isArray: true + name: ids + required: true + description: Get MSSP Role assignment(s). MSSP Role assignment is of the format + :. + name: cs-get-roles-byid + outputs: + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.user_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainMSSPRoleResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: IDs of rules. + isArray: true + name: ids + required: true + description: Get monitoring rules rules by provided IDs. + name: cs-get-rulesv1 + outputs: + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.created_timestamp + description: The creation time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.filter + description: The FQL filter contained in a rule and used for searching + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.id + description: The ID of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.name + description: The name for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.permissions + description: The permissions of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.priority + description: The priority of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status + description: The status of a rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status_message + description: The detailed status message + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.topic + description: The topic of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.updated_timestamp + description: The last updated time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_id + description: The user ID of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_name + description: The user name of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_uuid + description: The UUID of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.created_timestamp + description: The creation time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.filter + description: The FQL filter contained in a rule and used for searching + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.id + description: The ID of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.name + description: The name for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.permissions + description: The permissions of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.priority + description: The priority of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status + description: The status of a rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status_message + description: The detailed status message + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.topic + description: The topic of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.updated_timestamp + description: The last updated time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_id + description: The user ID of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_name + description: The user name of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_uuid + description: The UUID of the user that created a given rule + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: The file SHA256. + isArray: false + name: ids + required: true + - description: Flag whether the sample should be zipped and password protected + with pass='infected' + isArray: false + name: password_protected + required: false + description: Retrieves the file associated with the given ID (SHA256) + name: cs-get-samplev2 + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: The file SHA256. + isArray: false + name: ids + required: true + - description: Flag whether the sample should be zipped and password protected + with pass='infected' + isArray: false + name: password_protected + required: false + description: Retrieves the file associated with the given ID (SHA256) + name: cs-get-samplev3 + - arguments: + - description: ID of a submitted scan + isArray: true + name: ids + required: true + description: Check the status of a volume scan. Time required for analysis increases + with the number of samples in a volume but usually it should take less than + 1 minute + name: cs-get-scans + outputs: + - contextPath: CrowdStrike.mlscannerScanV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.mlscannerScanV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.samples.error + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.samples.sha256 + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.samples.verdict + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.status + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.mlscannerScanV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.samples.error + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.samples.sha256 + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.samples.verdict + description: '' + type: String + - contextPath: CrowdStrike.mlscannerScanV1Response.resources.status + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Get scans aggregations as specified via json in request body. + name: cs-get-scans-aggregates + - arguments: + - description: The first item to return, where 0 is the latest item. Use with + the limit meter to manage pagination of results. + isArray: false + name: offset + required: false + - description: 'The number of items to return in this response (default: 100, + max: 500). Use with the offset meter to manage pagination of results.' + isArray: false + name: limit + required: false + - description: 'Sort items using their properties. Common sort options include: ul li + version|asc /li li release_date|desc /li /ul ' + isArray: false + name: sort + required: false + - description: 'Filter items using a query in Falcon Query Language (FQL). An + asterisk wildcard includes all results. Common filter options include: ul li + platform:"windows" /li li version: "5.2" /li /ul ' + isArray: false + name: filter_ + required: false + description: Get sensor installer IDs by provided query + name: cs-get-sensor-installers-by-query + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The IDs of the installers + isArray: true + name: ids + required: true + description: Get sensor installer details by provided SHA256 IDs + name: cs-get-sensor-installers-entities + outputs: + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.description + description: installer description + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.file_size + description: file size + type: Number + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.file_type + description: file type + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.name + description: installer file name + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.os + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.platform + description: supported platform + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.release_date + description: release date + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.sha256 + description: sha256 + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.version + description: version of the installer + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.description + description: installer description + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.file_size + description: file size + type: Number + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.file_type + description: file type + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.name + description: installer file name + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.os + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.platform + description: supported platform + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.release_date + description: release date + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.sha256 + description: sha256 + type: String + - contextPath: CrowdStrike.domainSensorInstallersV1.resources.version + description: version of the installer + type: String + - description: Get CCID to use with sensor installers + name: cs-get-sensor-installersccid-by-query + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The IDs of the Sensor Update Policies to return + isArray: true + name: ids + required: true + description: Retrieve a set of Sensor Update Policies by specifying their IDs + name: cs-get-sensor-update-policies + outputs: + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: The IDs of the Sensor Update Policies to return + isArray: true + name: ids + required: true + description: Retrieve a set of Sensor Update Policies with additional support + for uninstall protection by specifying their IDs + name: cs-get-sensor-update-policiesv2 + outputs: + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: The ids of the exclusions to retrieve + isArray: true + name: ids + required: true + description: Get a set of Sensor Visibility Exclusions by specifying their IDs + name: cs-get-sensor-visibility-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value_hash + description: '' + type: String + - arguments: + - description: ID of a submitted malware sample. Find a submission ID from the + response when submitting a malware sample or search with `/falconx/queries/submissions/v1`. + isArray: true + name: ids + required: true + description: Check the status of a sandbox analysis. Time required for analysis + varies but is usually less than 15 minutes. + name: cs-get-submissions + outputs: + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.action_script + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.command_line + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.document_password + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.enable_tor + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_date + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_time + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.url + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.state + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_uuid + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.action_script + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.command_line + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.document_password + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.enable_tor + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_date + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_time + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.url + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.state + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_uuid + description: '' + type: String + - arguments: + - description: ID of a summary. Find a summary ID from the response when submitting + a malware sample or search with `/falconx/queries/reports/v1`. + isArray: true + name: ids + required: true + description: Get a short summary version of a sandbox report. + name: cs-get-summary-reports + outputs: + - contextPath: CrowdStrike.falconxSummaryReportV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.intel.actors.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.intel.actors.name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.intel.actors.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.environment_description + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.error_message + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.error_origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.error_type + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.file_type + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.incidents.name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.submission_type + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.submit_url + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.threat_score + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.intel.actors.id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.intel.actors.name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.intel.actors.slug + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_broad_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_csv_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_json_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_maec_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.ioc_report_strict_stix_artifact_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.environment_description + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.error_message + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.error_origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.error_type + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.file_type + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.incidents.name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.submission_type + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.submit_url + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.threat_score + description: '' + type: Number + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.sandbox.verdict + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSummaryReportV1Response.resources.verdict + description: '' + type: String + - arguments: + - description: User Group IDs to search for + isArray: false + name: user_group_ids + required: true + description: Get User Group members by User Group ID(s). + name: cs-get-user-group-members-byid + outputs: + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.resources.user_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupMembersResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: User Group IDs to search for + isArray: true + name: user_group_ids + required: true + description: Get User Group by ID(s). + name: cs-get-user-groups-byid + outputs: + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.user_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: ID of a user. Find a user's ID from `/users/entities/user/v1`. + isArray: false + name: user_uuid + required: true + description: Show role IDs of roles assigned to a user. For more information on + each role, provide the role ID to `/customer/entities/roles/v1`. + name: cs-get-user-role-ids + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: 'One or more vulnerability IDs (max: 400). Find vulnerability IDs + with GET /spotlight/queries/vulnerabilities/v1' + isArray: true + name: ids + required: true + description: Get details on vulnerabilities by providing one or more IDs + name: cs-get-vulnerabilities + outputs: + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.closed_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.status + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.updated_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.closed_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.status + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIVulnerabilitiesEntitiesResponseV2.resources.updated_timestamp + description: '' + type: String + - arguments: + - description: IDs of accounts to retrieve details + isArray: true + name: ids + required: true + description: Retrieve a set of AWS Accounts by specifying their IDs + name: cs-getaws-accounts + outputs: + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.alias + description: Alias/Name associated with the account. This is only updated once + the account is in a registered state. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_stack_id + description: Unique identifier for the cloudformation stack id used for provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_url + description: URL of the CloudFormation template to execute. This is returned + when mode is to set 'cloudformation' when provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the S3 bucket containing + cloudtrail logs for this account. If this field is set, it takes precedence + of the settings level field. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_region + description: Region where the S3 bucket containing cloudtrail logs resides. + This is only set if using cloudformation to provision and create the trail. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.created_timestamp + description: Timestamp of when the account was first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_modified_timestamp + description: Timestamp of when the account was last modified. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_scanned_timestamp + description: Timestamp of when the account was scanned. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.policy_version + description: Current version of permissions associated with IAM role and granted + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.provisioning_state + description: Provisioning state of the account. Values can be; initiated, registered, + unregistered. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_reqs + description: Rate limiting setting to control the maximum number of requests + that can be made within the rate_limit_time duration. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_time + description: Rate limiting setting to control the number of seconds for which + rate_limit_reqs applies. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.template_version + description: Current version of cloudformation template used to manage access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.alias + description: Alias/Name associated with the account. This is only updated once + the account is in a registered state. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_stack_id + description: Unique identifier for the cloudformation stack id used for provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_url + description: URL of the CloudFormation template to execute. This is returned + when mode is to set 'cloudformation' when provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the S3 bucket containing + cloudtrail logs for this account. If this field is set, it takes precedence + of the settings level field. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_region + description: Region where the S3 bucket containing cloudtrail logs resides. + This is only set if using cloudformation to provision and create the trail. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.created_timestamp + description: Timestamp of when the account was first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_modified_timestamp + description: Timestamp of when the account was last modified. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_scanned_timestamp + description: Timestamp of when the account was scanned. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.policy_version + description: Current version of permissions associated with IAM role and granted + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.provisioning_state + description: Provisioning state of the account. Values can be; initiated, registered, + unregistered. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_reqs + description: Rate limiting setting to control the maximum number of requests + that can be made within the rate_limit_time duration. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_time + description: Rate limiting setting to control the number of seconds for which + rate_limit_reqs applies. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.template_version + description: Current version of cloudformation template used to manage access. + type: String + - arguments: + - description: AWS Account IDs + isArray: true + name: ids + required: false + - description: Filter by account status + isArray: false + name: status + required: false + - description: Limit returned accounts + isArray: false + name: limit + required: false + - description: Offset returned accounts + isArray: false + name: offset + required: false + description: Provides a list of AWS accounts. + name: cs-getaws-accounts-mixin0 + outputs: + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.errors.id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.errors.message + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.account_id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.aws_permissions_status.name + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.aws_permissions_status.status + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.cloudformation_url + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.from_cspm + description: '' + type: Boolean + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.iam_role_arn + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.is_master + description: '' + type: Boolean + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.organization_id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.region + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.status + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.updated_at + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.errors.id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.errors.message + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.account_id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.aws_permissions_status.name + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.aws_permissions_status.status + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.cloudformation_url + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.from_cspm + description: '' + type: Boolean + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.iam_role_arn + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.is_master + description: '' + type: Boolean + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.organization_id + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.region + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.status + description: '' + type: String + - contextPath: CrowdStrike.k8sregGetAWSAccountsResp.resources.updated_at + description: '' + type: String + - description: Retrieve a set of Global Settings which are applicable to all provisioned + AWS accounts + name: cs-getaws-settings + outputs: + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the centralized S3 bucket + containing cloudtrail logs for all accounts. + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.created_timestamp + description: Timestamp of when the settings were first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.last_modified_timestamp + description: Timestamp of when the settings were last modified. + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.static_external_id + description: By setting this value, all subsequent accounts that are provisioned + will default to using this value as the external ID. + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the centralized S3 bucket + containing cloudtrail logs for all accounts. + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.created_timestamp + description: Timestamp of when the settings were first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.last_modified_timestamp + description: Timestamp of when the settings were last modified. + type: String + - contextPath: CrowdStrike.modelsCustomerConfigurationsV1.resources.static_external_id + description: By setting this value, all subsequent accounts that are provisioned + will default to using this value as the external ID. + type: String + - arguments: + - description: CID Group IDs to be searched on + isArray: true + name: cid_group_ids + required: true + description: Get CID Group(s) by ID(s). + name: cs-getcid-group-by-id + outputs: + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.name + description: '' + type: String + - arguments: + - description: CID Group IDs to be searched on + isArray: true + name: cid_group_ids + required: true + description: Get CID Group members by CID Group IDs. + name: cs-getcid-group-members-by + outputs: + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupMembersResponseV1.resources.cid_group_id + description: '' + type: String + - arguments: + - description: Type of scan, dry or full, to perform on selected accounts + isArray: false + name: scan_type + required: false + - description: AWS account IDs + isArray: true + name: ids + required: false + - description: AWS organization IDs + isArray: true + name: organization_ids + required: false + - description: Account status to filter results by. + isArray: false + name: status + required: false + - description: The maximum records to return. Defaults to 100. + isArray: false + name: limit + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - auto: PREDEFINED + description: Field to group by. + isArray: false + name: group_by + predefined: + - organization + required: false + description: Returns information about the current status of an AWS account. + name: cs-getcspm-aws-account + outputs: + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.CreatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.DeletedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.ID + description: '' + type: Number + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.UpdatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.account_id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_cloudtrail_bucket_name + description: AWS CloudTrail bucket name to store logs. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_cloudtrail_region + description: AWS CloudTrail region. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_permissions_status.name + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_permissions_status.status + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.cloudformation_url + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.eventbus_name + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.intermediate_role_arn + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.is_master + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.organization_id + description: Up to 34 character AWS provided unique identifier for the organization. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.status + description: Account registration status. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.CreatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.DeletedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.ID + description: '' + type: Number + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.UpdatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.account_id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_cloudtrail_bucket_name + description: AWS CloudTrail bucket name to store logs. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_cloudtrail_region + description: AWS CloudTrail region. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_permissions_status.name + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.aws_permissions_status.status + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.cloudformation_url + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.eventbus_name + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.intermediate_role_arn + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.is_master + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.organization_id + description: Up to 34 character AWS provided unique identifier for the organization. + type: String + - contextPath: CrowdStrike.registrationAWSAccountResponseV2.resources.status + description: Account registration status. + type: String + - description: Return a script for customer to run in their cloud environment to + grant us access to their AWS environment as a downloadable attachment. + name: cs-getcspm-aws-account-scripts-attachment + outputs: + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.resources.bash + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSProvisionGetAccountScriptResponseV2.resources.bash + description: '' + type: String + - description: Return a URL for customer to visit in their cloud environment to + grant us access to their AWS environment. + name: cs-getcspm-aws-console-setupur-ls + outputs: + - contextPath: CrowdStrike.registrationAWSAccountConsoleURL.account_id + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountConsoleURL.url + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountConsoleURL.account_id + description: '' + type: String + - contextPath: CrowdStrike.registrationAWSAccountConsoleURL.url + description: '' + type: String + - description: Return a script for customer to run in their cloud environment to + grant us access to their Azure environment + name: cs-getcspm-azure-user-scripts + outputs: + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationAzureProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - arguments: + - description: Policy ID + isArray: false + name: ids + required: true + description: Given a policy ID, returns detailed policy information. + name: cs-getcspm-policy + outputs: + - contextPath: CrowdStrike.registrationPolicyResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.CreatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.DeletedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.ID + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.UpdatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.alert_logic + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.api_command + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cli_command + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_document + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_platform + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_platform_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service_friendly + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.default_severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.event_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.mitre_attack_cloud_matrix + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.mitre_attack_cloud_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_fail_query + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_pass_query + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_remediation + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_severity + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_statement + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.CreatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.DeletedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.ID + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.UpdatedAt + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.alert_logic + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.api_command + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cli_command + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_document + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_platform + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_platform_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service_friendly + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.cloud_service_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.default_severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.event_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.mitre_attack_cloud_matrix + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.mitre_attack_cloud_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_fail_query + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_pass_query + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_remediation + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_severity + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicyResponseV1.resources.policy_statement + description: '' + type: String + - arguments: + - description: Service type to filter policy settings by. + isArray: false + name: service + required: false + - description: Policy ID + isArray: false + name: policy_id + required: false + - auto: PREDEFINED + description: 'Cloud Platform (e.g.: aws|azure|gcp)' + isArray: false + name: cloud_platform + predefined: + - aws + - azure + - gcp + required: false + description: Returns information about current policy settings. + name: cs-getcspm-policy-settings + outputs: + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.default_severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.account_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tag_excluded + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tenant_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.default_severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.account_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tag_excluded + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tenant_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_type + description: '' + type: String + - arguments: + - description: Cloud Platform + isArray: true + name: cloud_platform + required: false + description: Returns scan schedule configuration for one or more cloud platforms. + name: cs-getcspm-scan-schedule + outputs: + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.cloud_platform + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.next_scan_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.scan_schedule + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.cloud_platform + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.next_scan_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.scan_schedule + description: '' + type: String + - arguments: + - description: Type of scan, dry or full, to perform on selected accounts + isArray: false + name: scan_type + required: false + - description: Parent IDs of accounts + isArray: true + name: ids + required: false + description: Returns information about the current status of an GCP account. + name: cs-getcspmcgp-account + outputs: + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.resources.parent_id + description: GCP ParentID. + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.resources.status + description: Account registration status. + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.resources.parent_id + description: GCP ParentID. + type: String + - contextPath: CrowdStrike.registrationGCPAccountResponseV1.resources.status + description: Account registration status. + type: String + - description: Return a script for customer to run in their cloud environment to + grant us access to their GCP environment + name: cs-getcspmgcp-user-scripts + outputs: + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - description: Return a script for customer to run in their cloud environment to + grant us access to their GCP environment as a downloadable attachment + name: cs-getcspmgcp-user-scripts-attachment + outputs: + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationGCPProvisionGetUserScriptResponseV1.resources.bash + description: '' + type: String + - arguments: + - description: The events to retrieve, identified by ID + isArray: true + name: ids + required: true + description: Get events entities by ID and optionally version + name: cs-getevents + outputs: + - contextPath: CrowdStrike.fwmgrapiEventsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiEventsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.command_line + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.connection_direction + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.event_type + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.hidden + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.host_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.icmp_code + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.icmp_type + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.image_file_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.ipv + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.local_address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.local_port + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.match_count + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.match_count_since_last_event + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.network_profile + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.pid + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.policy_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.policy_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.protocol + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.remote_address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.remote_port + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_action + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_description + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_family_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_group_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.status + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.timestamp + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.tree_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiEventsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.command_line + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.connection_direction + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.event_type + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.hidden + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.host_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.icmp_code + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.icmp_type + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.image_file_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.ipv + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.local_address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.local_port + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.match_count + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.match_count_since_last_event + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.network_profile + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.pid + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.policy_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.policy_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.protocol + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.remote_address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.remote_port + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_action + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_description + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_family_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_group_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.rule_name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.status + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.timestamp + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiEventsResponse.resources.tree_id + description: '' + type: String + - arguments: + - description: The IDs of the rule types to retrieve + isArray: true + name: ids + required: true + description: Get the firewall field specifications by ID + name: cs-getfirewallfields + outputs: + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.label + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.options.label + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.options.value + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.type + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.label + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.options.label + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.options.value + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiFirewallFieldsResponse.resources.platform_fields.type + description: '' + type: String + - arguments: + - description: Policy ID + isArray: false + name: policy_id + required: true + - description: 'Cloud Provider (e.g.: aws|azure|gcp)' + isArray: false + name: cloud_provider + required: true + - description: 'Cloud account ID (e.g.: AWS accountID, Azure subscriptionID)' + isArray: false + name: account_id + required: false + - description: Azure tenantID + isArray: false + name: azure_tenant_id + required: false + - description: user IDs + isArray: true + name: user_ids + required: false + - description: Starting index of overall result set from which to return events. + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + description: For CSPM IOA events, gets list of IOA events. + name: cs-getioa-events + outputs: + - contextPath: CrowdStrike.registrationExternalIOAEventResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationExternalIOAEventResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationExternalIOAEventResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationExternalIOAEventResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationExternalIOAEventResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationExternalIOAEventResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of the exclusions to retrieve + isArray: true + name: ids + required: true + description: Get a set of IOA Exclusions by specifying their IDs + name: cs-getioa-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.cl_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.detection_json + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.ifn_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_name + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.cl_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.detection_json + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.ifn_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_name + description: '' + type: String + - arguments: + - description: Policy ID + isArray: false + name: policy_id + required: true + - description: 'Cloud Provider (e.g.: aws|azure|gcp)' + isArray: false + name: cloud_provider + required: true + - description: 'Cloud account ID (e.g.: AWS accountID, Azure subscriptionID)' + isArray: false + name: account_id + required: false + - description: Azure tenantID + isArray: false + name: azure_tenant_id + required: false + description: For CSPM IOA users, gets list of IOA users. + name: cs-getioa-users + outputs: + - contextPath: CrowdStrike.registrationIOAUserResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationIOAUserResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationIOAUserResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationIOAUserResponse.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.registrationIOAUserResponse.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.registrationIOAUserResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationIOAUserResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationIOAUserResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationIOAUserResponse.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.registrationIOAUserResponse.resources.user_name + description: '' + type: String + - arguments: + - description: ' The type of the indicator. Valid types include: sha256: A hex-encoded + sha256 hash string. Length - min: 64, max: 64. md5: A hex-encoded md5 hash + string. Length - min 32, max: 32. domain: A domain name. Length - min: 1, + max: 200. ipv4: An IPv4 address. Must be a valid IP address. ipv6: An IPv6 + address. Must be a valid IP address. ' + isArray: false + name: type_ + required: true + - description: The string representation of the indicator + isArray: false + name: value + required: true + description: ' DEPRECATED Use the new IOC Management endpoint (GET /iocs/entities/indicators/v1). Get + an IOC by providing a type and value.' + name: cs-getioc + outputs: + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.batch_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_days + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.policy + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.share_level + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.value + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.batch_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_days + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.policy + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.share_level + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.value + description: '' + type: String + - arguments: + - description: The ids of the exclusions to retrieve + isArray: true + name: ids + required: true + description: Get a set of ML Exclusions by specifying their IDs + name: cs-getml-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value_hash + description: '' + type: String + - arguments: + - description: The IDs of the entities + isArray: true + name: ids + required: true + description: Get pattern severities by ID. + name: cs-getpatterns + outputs: + - contextPath: CrowdStrike.apiPatternsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiPatternsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiPatternsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiPatternsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiPatternsResponse.resources.severity + description: '' + type: String + - contextPath: CrowdStrike.apiPatternsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiPatternsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiPatternsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiPatternsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiPatternsResponse.resources.severity + description: '' + type: String + - arguments: + - description: The IDs of the platforms to retrieve + isArray: true + name: ids + required: true + description: Get platforms by ID, e.g., windows or mac or droid + name: cs-getplatforms + outputs: + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.resources.label + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPlatformsResponse.resources.label + description: '' + type: String + - arguments: + - description: The IDs of the entities + isArray: true + name: ids + required: true + description: Get platforms by ID. + name: cs-getplatforms-mixin0 + outputs: + - contextPath: CrowdStrike.apiPlatformsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiPlatformsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiPlatformsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiPlatformsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiPlatformsResponse.resources.label + description: '' + type: String + - contextPath: CrowdStrike.apiPlatformsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiPlatformsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiPlatformsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiPlatformsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiPlatformsResponse.resources.label + description: '' + type: String + - arguments: + - description: The policy container(s) to retrieve, identified by policy ID + isArray: true + name: ids + required: true + description: Get policy container entities by policy ID + name: cs-getpolicycontainers + outputs: + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.default_inbound + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.default_outbound + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.enforce + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.is_default_policy + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.policy_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.test_mode + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.tracking + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.default_inbound + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.default_outbound + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.enforce + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.is_default_policy + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.policy_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.test_mode + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiPolicyContainersResponse.resources.tracking + description: '' + type: String + - arguments: + - description: The IDs of the RTR Policies to return + isArray: true + name: ids + required: true + description: Retrieve a set of Response Policies by specifying their IDs + name: cs-getrt-response-policies + outputs: + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - description: The IDs of the rule groups to retrieve + isArray: true + name: ids + required: true + description: Get rule group entities by ID. These groups do not contain their + rule entites, just the rule IDs in precedence order. + name: cs-getrulegroups + outputs: + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.tracking + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRuleGroupsResponse.resources.tracking + description: '' + type: String + - arguments: + - description: The IDs of the entities + isArray: true + name: ids + required: true + description: Get rule groups by ID. + name: cs-getrulegroups-mixin0 + outputs: + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.version + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.version + description: '' + type: Number + - arguments: + - description: The rules to retrieve, identified by ID + isArray: true + name: ids + required: true + description: Get rule entities by ID (64-bit unsigned int as decimal string) or + Family ID (32-character hexadecimal string) + name: cs-getrules + outputs: + - contextPath: CrowdStrike.fwmgrapiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.action + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.address_family + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.direction + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.family + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.final_value + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.label + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.type + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.value + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_address.address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_address.netmask + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_port.end + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_port.start + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.protocol + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_address.address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_address.netmask + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_port.end + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_port.start + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.version + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.action + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.address_family + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.direction + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.family + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.final_value + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.label + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.type + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.fields.value + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_address.address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_address.netmask + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_port.end + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.local_port.start + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.protocol + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_address.address + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_address.netmask + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_port.end + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.remote_port.start + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiRulesResponse.resources.version + description: '' + type: Number + - arguments: + - description: The IDs of the entities + isArray: true + name: ids + required: true + description: 'Get rules by ID and optionally version in the following format: + `ID[:version]`. The max number of IDs is constrained by URL size.' + name: cs-getrules-mixin0 + outputs: + - contextPath: CrowdStrike.apiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_name + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: api_rulesgetrequestv1_ids + required: true + description: 'Get rules by ID and optionally version in the following format: + `ID[:version]`.' + name: cs-getrulesget + outputs: + - contextPath: CrowdStrike.apiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_name + description: '' + type: String + - arguments: + - description: The IDs of the entities + isArray: true + name: ids + required: true + description: Get rule types by ID. + name: cs-getruletypes + outputs: + - contextPath: CrowdStrike.apiRuleTypesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleTypesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.channel + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.disposition_map.id + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.disposition_map.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.fields.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.fields.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.long_desc + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.released + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleTypesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleTypesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.channel + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.disposition_map.id + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.disposition_map.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.fields.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.fields.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.long_desc + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.apiRuleTypesResponse.resources.released + description: '' + type: Boolean + - arguments: + - description: ID of a user. Find a user's ID from `/users/entities/user/v1`. + isArray: false + name: user_uuid + required: true + - description: '' + isArray: true + name: domain_roleids_roleids + required: true + description: Assign one or more roles to a user + name: cs-grant-user-role-ids + outputs: + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results. + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from. Offset and After ms + are mutually exclusive. If none provided then scrolling will be used by default. + isArray: false + name: offset + required: false + - description: The maximum records to return. + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The sort expression that should be used to sort the results. + isArray: false + name: sort + predefined: + - action + - applied_globally + - metadata.av_hits + - metadata.company_name.raw + - created_by + - created_on + - expiration + - expired + - metadata.filename.raw + - modified_by + - modified_on + - metadata.original_filename.raw + - metadata.product_name.raw + - metadata.product_version + - severity_number + - source + - type + - value + required: false + description: Get Combined for Indicators. + name: cs-indicatorcombinedv1 + outputs: + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expiration + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expired + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.mobile_action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.severity + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expiration + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expired + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.mobile_action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.severity + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.value + description: '' + type: String + - arguments: + - description: The username + isArray: false + name: X_CS_USERNAME + required: false + - description: Whether to submit to retrodetects + isArray: false + name: retrodetects + required: false + - description: Set to true to ignore warnings and add all IOCs + isArray: false + name: ignore_warnings + required: false + - description: '' + isArray: false + name: api_indicatorcreatereqsv1_comment + required: false + - description: '' + isArray: true + name: api_indicatorcreatereqsv1_indicators + required: true + description: Create Indicators. + name: cs-indicatorcreatev1 + - arguments: + - description: The FQL expression to delete Indicators in bulk. If both 'filter' + and 'ids' are provided, then filter takes precedence and ignores ids. + isArray: false + name: filter_ + required: false + - description: The ids of the Indicators to delete. If both 'filter' and 'ids' + are provided, then filter takes precedence and ignores ids + isArray: true + name: ids + required: false + - description: The comment why these indicators were deleted + isArray: false + name: comment + required: false + description: Delete Indicators by ids. + name: cs-indicatordeletev1 + outputs: + - contextPath: CrowdStrike.apiIndicatorQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of the Indicators to retrieve + isArray: true + name: ids + required: true + description: Get Indicators by ids. + name: cs-indicatorgetv1 + outputs: + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expiration + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expired + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.mobile_action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.severity + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expiration + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expired + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.mobile_action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.severity + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.value + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results. + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from. Offset and After ms + are mutually exclusive. If none provided then scrolling will be used by default. + isArray: false + name: offset + required: false + - description: The maximum records to return. + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The sort expression that should be used to sort the results. + isArray: false + name: sort + predefined: + - action + - applied_globally + - metadata.av_hits + - metadata.company_name.raw + - created_by + - created_on + - expiration + - expired + - metadata.filename.raw + - modified_by + - modified_on + - metadata.original_filename.raw + - metadata.product_name.raw + - metadata.product_version + - severity_number + - source + - type + - value + required: false + description: Search for Indicators. + name: cs-indicatorsearchv1 + outputs: + - contextPath: CrowdStrike.apiIndicatorQueryRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorQueryRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorQueryRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorQueryRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorQueryRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorQueryRespV1.errors.message + description: '' + type: String + - arguments: + - description: The username + isArray: false + name: X_CS_USERNAME + required: false + - description: Whether to submit to retrodetects + isArray: false + name: retrodetects + required: false + - description: Set to true to ignore warnings and add all IOCs + isArray: false + name: ignore_warnings + required: false + - description: api_indicatorupdatereqsv1_bulk_update action + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_action + required: false + - description: api_indicatorupdatereqsv1_bulk_update applied_globally + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_applied_globally + required: false + - description: api_indicatorupdatereqsv1_bulk_update description + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_description + required: false + - description: api_indicatorupdatereqsv1_bulk_update expiration + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_expiration + required: false + - description: api_indicatorupdatereqsv1_bulk_update filter + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_filter + required: false + - description: api_indicatorupdatereqsv1_bulk_update host_groups + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_host_groups + required: false + - description: api_indicatorupdatereqsv1_bulk_update mobile_action + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_mobile_action + required: false + - description: api_indicatorupdatereqsv1_bulk_update platforms + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_platforms + required: false + - description: api_indicatorupdatereqsv1_bulk_update severity + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_severity + required: false + - description: api_indicatorupdatereqsv1_bulk_update source + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_source + required: false + - description: api_indicatorupdatereqsv1_bulk_update tags + isArray: false + name: api_indicatorupdatereqsv1_bulk_update_tags + required: false + - description: '' + isArray: false + name: api_indicatorupdatereqsv1_comment + required: false + - description: '' + isArray: true + name: api_indicatorupdatereqsv1_indicators + required: true + description: Update Indicators. + name: cs-indicatorupdatev1 + outputs: + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expiration + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expired + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.mobile_action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.severity + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expiration + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.expired + description: '' + type: Boolean + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.mobile_action + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.severity + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiIndicatorRespV1.resources.value + description: '' + type: String + - arguments: + - description: 'Label that identifies your connection. Max: 32 alphanumeric characters + (a-z, A-Z, 0-9).' + isArray: false + name: appId + required: true + - description: 'Format for streaming events. Valid values: json, flatjson' + isArray: false + name: format + required: false + description: Discover all event streams in your environment + name: cs-list-available-streamso-auth2 + outputs: + - contextPath: CrowdStrike.maindiscoveryResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.maindiscoveryResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.maindiscoveryResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.maindiscoveryResponseV2.resources.dataFeedURL + description: '' + type: String + - contextPath: CrowdStrike.maindiscoveryResponseV2.resources.refreshActiveSessionInterval + description: '' + type: Number + - contextPath: CrowdStrike.maindiscoveryResponseV2.resources.refreshActiveSessionURL + description: '' + type: String + - contextPath: CrowdStrike.maindiscoveryResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.maindiscoveryResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.maindiscoveryResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.maindiscoveryResponseV2.resources.dataFeedURL + description: '' + type: String + - contextPath: CrowdStrike.maindiscoveryResponseV2.resources.refreshActiveSessionInterval + description: '' + type: Number + - contextPath: CrowdStrike.maindiscoveryResponseV2.resources.refreshActiveSessionURL + description: '' + type: String + - arguments: + - description: The API client ID to authenticate your API requests. For information + on generating API clients, see [API documentation inside Falcon](https://falcon.crowdstrike.com/support/documentation/1/crowdstrike-api-introduction-for-developers). + isArray: false + name: client_id + required: true + - description: The API client secret to authenticate your API requests. For information + on generating API clients, see [API documentation inside Falcon](https://falcon.crowdstrike.com/support/documentation/1/crowdstrike-api-introduction-for-developers). + isArray: false + name: client_secret + required: true + - description: For MSSP Master CIDs, optionally lock the token to act on behalf + of this member CID + isArray: false + name: member_cid + required: false + description: Generate an OAuth2 access token + name: cs-oauth2-access-token + - arguments: + - description: 'The OAuth2 access token you want to revoke. Include your API + client ID and secret in basic auth format (`Authorization: basic encoded + API client ID and secret `) in your request header.' + isArray: false + name: token + required: true + description: Revoke a previously issued OAuth2 access token before the end of + its standard 30-minute life . + name: cs-oauth2-revoke-token + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: ClientID to use for the Service Principal associated with the customer's + Azure account + isArray: false + name: id_ + required: true + description: Update an Azure service account in our system by with the user-created + client_id created with the public key we've provided + name: cs-patch-cloudconnectazure-entities-clientid-v1 + - arguments: + - description: ClientID to use for the Service Principal associated with the customer's + Azure account + isArray: false + name: id_ + required: true + - description: Tenant ID to update client ID for. Required if multiple tenants + are registered. + isArray: false + name: tenant_id + required: false + description: Update an Azure service account in our system by with the user-created + client_id created with the public key we've provided + name: cs-patch-cloudconnectcspmazure-entities-clientid-v1 + - arguments: + - description: '' + isArray: true + name: registration_awsaccountpatchrequest_resources + required: true + description: Patches a existing account in our system for a customer. + name: cs-patchcspm-aws-account + - arguments: + - description: 'Specify one of these actions: - `contain` - This action contains + the host, which stops any network communications to locations other than the + CrowdStrike cloud and IPs specified in your [containment policy](https://falcon.crowdstrike.com/support/documentation/11/getting-started-guide#containmentpolicy) + - `lift_containment`: This action lifts containment on the host, which returns + its network communications to normal - `hide_host`: This action will delete + a host. After the host is deleted, no new detections for that host will be + reported via UI or APIs - `unhide_host`: This action will restore a host. + Detection reporting will resume after the host is restored' + isArray: false + name: action_name + required: true + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Take various actions on the hosts in your environment. Contain or + lift containment on a host. Delete or restore a host. + name: cs-perform-actionv2 + - arguments: + - auto: PREDEFINED + description: The action to perform + isArray: false + name: action_name + predefined: + - add-host-group + - disable + - enable + - remove-host-group + required: true + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Perform the specified action on the Device Control Policies specified + in the request + name: cs-perform-device-control-policies-action + outputs: + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - auto: PREDEFINED + description: The action to perform + isArray: false + name: action_name + predefined: + - add-host-group + - disable + - enable + - remove-host-group + required: true + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Perform the specified action on the Firewall Policies specified in + the request + name: cs-perform-firewall-policies-action + outputs: + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.channel_version + description: Channel file version for the policy + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.rule_set_id + description: Firewall rule set id. This id combines several firewall rules and + gets attached to the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.channel_version + description: Channel file version for the policy + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.rule_set_id + description: Firewall rule set id. This id combines several firewall rules and + gets attached to the policy + type: String + - arguments: + - auto: PREDEFINED + description: The action to perform + isArray: false + name: action_name + predefined: + - add-hosts + - remove-hosts + required: true + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Perform the specified action on the Host Groups specified in the + request + name: cs-perform-group-action + outputs: + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.name + description: The name of the group + type: String + - arguments: + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Perform a set of actions on one or more incidents, such as adding + tags or comments or updating the incident name or description + name: cs-perform-incident-action + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: The action to perform + isArray: false + name: action_name + predefined: + - add-host-group + - add-rule-group + - disable + - enable + - remove-host-group + - remove-rule-group + required: true + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Perform the specified action on the Prevention Policies specified + in the request + name: cs-perform-prevention-policies-action + outputs: + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - auto: PREDEFINED + description: The action to perform + isArray: false + name: action_name + predefined: + - add-host-group + - disable + - enable + - remove-host-group + required: true + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Perform the specified action on the Sensor Update Policies specified + in the request + name: cs-perform-sensor-update-policies-action + outputs: + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - auto: PREDEFINED + description: The action to perform + isArray: false + name: action_name + predefined: + - add-host-group + - add-rule-group + - disable + - enable + - remove-host-group + - remove-rule-group + required: true + - description: '' + isArray: true + name: msa_entityactionrequestv2_action__meters + required: false + - description: '' + isArray: true + name: msa_entityactionrequestv2_ids + required: true + description: Perform the specified action on the Response Policies specified in + the request + name: cs-performrt-response-policies-action + outputs: + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - description: '' + isArray: true + name: registration_azureaccountcreaterequestexternalv1_resources + required: true + description: Creates a new account in our system for a customer and generates + a script for them to run in their cloud environment to grant us access. + name: cs-post-cloudconnectazure-entities-account-v1 + - arguments: + - description: '' + isArray: true + name: registration_azureaccountcreaterequestexternalv1_resources + required: true + description: Creates a new account in our system for a customer and generates + a script for them to run in their cloud environment to grant us access. + name: cs-post-cloudconnectcspmazure-entities-account-v1 + - arguments: + - description: List of sample sha256 ids + isArray: true + name: malquery_multidownloadrequestv1_samples + required: true + description: Schedule samples for download. Use the result id with the /request + endpoint to check if the download is ready after which you can call the /entities/samples-fetch + to get the zip + name: cs-post-mal-query-entities-samples-multidownloadv1 + outputs: + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.ignore_reason + description: Reason why the resource is ignored + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label_confidence + description: Resource label confidence + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern + description: Search pattern + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern_type + description: Search pattern type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.yara_rule + description: Search YARA rule + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.ignore_reason + description: Reason why the resource is ignored + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label_confidence + description: Resource label confidence + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern + description: Search pattern + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern_type + description: Search pattern type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.yara_rule + description: Search YARA rule + type: String + - arguments: + - description: malquery_externalexactsearchparametersv1_options filter_filetypes + isArray: false + name: malquery_externalexactsearchparametersv1_options_filter_filetypes + required: false + - description: malquery_externalexactsearchparametersv1_options filter_meta + isArray: false + name: malquery_externalexactsearchparametersv1_options_filter_meta + required: false + - description: malquery_externalexactsearchparametersv1_options limit + isArray: false + name: malquery_externalexactsearchparametersv1_options_limit + required: false + - description: malquery_externalexactsearchparametersv1_options max_date + isArray: false + name: malquery_externalexactsearchparametersv1_options_max_date + required: false + - description: malquery_externalexactsearchparametersv1_options max_size + isArray: false + name: malquery_externalexactsearchparametersv1_options_max_size + required: false + - description: malquery_externalexactsearchparametersv1_options min_date + isArray: false + name: malquery_externalexactsearchparametersv1_options_min_date + required: false + - description: malquery_externalexactsearchparametersv1_options min_size + isArray: false + name: malquery_externalexactsearchparametersv1_options_min_size + required: false + - description: Patterns to search for + isArray: true + name: malquery_externalexactsearchparametersv1_patterns + required: true + description: Search Falcon MalQuery for a combination of hex patterns and strings + in order to identify samples based upon file content at byte level granularity. + You can filter results on criteria such as file type, file size and first seen + date. Returns a request id which can be used with the /request endpoint + name: cs-post-mal-query-exact-searchv1 + outputs: + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.ignore_reason + description: Reason why the resource is ignored + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label_confidence + description: Resource label confidence + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern + description: Search pattern + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern_type + description: Search pattern type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.yara_rule + description: Search YARA rule + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.ignore_reason + description: Reason why the resource is ignored + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label_confidence + description: Resource label confidence + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern + description: Search pattern + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern_type + description: Search pattern type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.yara_rule + description: Search YARA rule + type: String + - arguments: + - description: malquery_fuzzysearchparametersv1_options filter_meta + isArray: false + name: malquery_fuzzysearchparametersv1_options_filter_meta + required: false + - description: malquery_fuzzysearchparametersv1_options limit + isArray: false + name: malquery_fuzzysearchparametersv1_options_limit + required: false + - description: '' + isArray: true + name: malquery_fuzzysearchparametersv1_patterns + required: true + description: Search Falcon MalQuery quickly, but with more potential for false + positives. Search for a combination of hex patterns and strings in order to + identify samples based upon file content at byte level granularity. + name: cs-post-mal-query-fuzzy-searchv1 + outputs: + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryFuzzySearchResponse.resources.sha256 + description: Sample SHA256 + type: String + - arguments: + - description: malquery_externalhuntparametersv1_options filter_filetypes + isArray: false + name: malquery_externalhuntparametersv1_options_filter_filetypes + required: false + - description: malquery_externalhuntparametersv1_options filter_meta + isArray: false + name: malquery_externalhuntparametersv1_options_filter_meta + required: false + - description: malquery_externalhuntparametersv1_options limit + isArray: false + name: malquery_externalhuntparametersv1_options_limit + required: false + - description: malquery_externalhuntparametersv1_options max_date + isArray: false + name: malquery_externalhuntparametersv1_options_max_date + required: false + - description: malquery_externalhuntparametersv1_options max_size + isArray: false + name: malquery_externalhuntparametersv1_options_max_size + required: false + - description: malquery_externalhuntparametersv1_options min_date + isArray: false + name: malquery_externalhuntparametersv1_options_min_date + required: false + - description: malquery_externalhuntparametersv1_options min_size + isArray: false + name: malquery_externalhuntparametersv1_options_min_size + required: false + - description: A YARA rule that defines your search + isArray: false + name: malquery_externalhuntparametersv1_yara_rule + required: true + description: Schedule a YARA-based search for execution. Returns a request id + which can be used with the /request endpoint + name: cs-post-mal-query-huntv1 + outputs: + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.ignore_reason + description: Reason why the resource is ignored + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label_confidence + description: Resource label confidence + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern + description: Search pattern + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern_type + description: Search pattern type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.yara_rule + description: Search YARA rule + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.errors.type + description: '' + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.ignore_reason + description: Reason why the resource is ignored + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.label_confidence + description: Resource label confidence + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern + description: Search pattern + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.pattern_type + description: Search pattern type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.family + description: Sample family + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filesize + description: Sample size + type: Number + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.filetype + description: Sample file type + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.first_seen + description: Date when it was first seen + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.label + description: Sample label + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.md5 + description: Sample MD5 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.samples.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha1 + description: Sample SHA1 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.sha256 + description: Sample SHA256 + type: String + - contextPath: CrowdStrike.malqueryExternalQueryResponse.resources.yara_rule + description: Search YARA rule + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: '' + isArray: false + name: domain_rulepreviewrequest_filter + required: true + - description: '' + isArray: false + name: domain_rulepreviewrequest_topic + required: true + description: 'Preview rules notification count and distribution. This will return + aggregations on: channel, count, site.' + name: cs-preview-rulev1 + outputs: + - contextPath: CrowdStrike.domainAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - contextPath: CrowdStrike.domainAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.domainAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: ' The type of the indicator. Valid types include: sha256: A hex-encoded + sha256 hash string. Length - min: 64, max: 64. md5: A hex-encoded md5 hash + string. Length - min 32, max: 32. domain: A domain name. Length - min: 1, + max: 200. ipv4: An IPv4 address. Must be a valid IP address. ipv6: An IPv6 + address. Must be a valid IP address. ' + isArray: false + name: type_ + required: true + - description: The string representation of the indicator + isArray: false + name: value + required: true + - description: Specify a host's ID to return only processes from that host. Get + a host's ID from GET /devices/queries/devices/v1, the Falcon console, or the + Streaming API. + isArray: false + name: device_id + required: true + - description: The first process to return, where 0 is the latest offset. Use + with the offset meter to manage pagination of results. + isArray: false + name: limit + required: false + - description: The first process to return, where 0 is the latest offset. Use + with the limit meter to manage pagination of results. + isArray: false + name: offset + required: false + description: Search for processes associated with a custom IOC + name: cs-processes-ran-on + outputs: + - contextPath: CrowdStrike.apiMsaReplyProcessesRanOn.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyProcessesRanOn.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyProcessesRanOn.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyProcessesRanOn.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyProcessesRanOn.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyProcessesRanOn.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: Mode for provisioning. Allowed values are `manual` or `cloudformation`. + Defaults to manual if not defined. + isArray: false + name: mode + predefined: + - cloudformation + - manual + required: false + - description: '' + isArray: true + name: models_createawsaccountsv1_resources + required: true + description: Provision AWS Accounts by specifying details about the accounts to + provision + name: cs-provisionaws-accounts + - arguments: + - description: Starting index of overall result set from which to return IDs. + isArray: false + name: offset + required: false + - description: Number of IDs to return. + isArray: false + name: limit + required: false + - description: 'Possible order by fields: created_timestamp, updated_timestamp. + Ex: ''updated_timestamp|desc''.' + isArray: false + name: sort + required: false + - description: 'FQL query to filter actions by. Possible filter properties are: + [id cid user_uuid rule_id type frequency recipients status created_timestamp + updated_timestamp]' + isArray: false + name: filter_ + required: false + - description: Free text search across all indexed fields + isArray: false + name: q + required: false + description: Query actions based on provided criteria. Use the IDs from this response + to get the action entities on GET /entities/actions/v1. + name: cs-query-actionsv1 + outputs: + - contextPath: CrowdStrike.domainQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainQueryResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainQueryResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message_key + description: '' + type: String + - arguments: + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + description: Retrieve allowlist tickets that match the provided filter criteria + with scrolling enabled + name: cs-query-allow-list-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + predefined: + - timestamp.asc + - timestamp.desc + required: false + description: Search for behaviors by providing an FQL filter, sorting, and paging + details + name: cs-query-behaviors + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + description: Retrieve block listtickets that match the provided filter criteria + with scrolling enabled + name: cs-query-block-list-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: The sort expression used to sort the results + isArray: false + name: sort + predefined: + - last_modified_timestamp + required: false + - description: Starting index of overall result set from which to return ids + isArray: false + name: offset + required: false + - description: Number of ids to return + isArray: false + name: limit + required: false + description: Query for customers linked as children + name: cs-query-children + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Device Control Policies in your environment by providing + an FQL filter and paging details. Returns a set of Device Control Policies which + match the filter criteria + name: cs-query-combined-device-control-policies + outputs: + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: The ID of the Device Control Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Device Control Policy in your environment + by providing an FQL filter and paging details. Returns a set of host details + which match the filter criteria + name: cs-query-combined-device-control-policy-members + outputs: + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Firewall Policies in your environment by providing an + FQL filter and paging details. Returns a set of Firewall Policies which match + the filter criteria + name: cs-query-combined-firewall-policies + outputs: + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.channel_version + description: Channel file version for the policy + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.rule_set_id + description: Firewall rule set id. This id combines several firewall rules and + gets attached to the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.channel_version + description: Channel file version for the policy + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.rule_set_id + description: Firewall rule set id. This id combines several firewall rules and + gets attached to the policy + type: String + - arguments: + - description: The ID of the Firewall Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Firewall Policy in your environment by providing + an FQL filter and paging details. Returns a set of host details which match + the filter criteria + name: cs-query-combined-firewall-policy-members + outputs: + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - arguments: + - description: The ID of the Host Group to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Host Group in your environment by providing + an FQL filter and paging details. Returns a set of host details which match + the filter criteria + name: cs-query-combined-group-members + outputs: + - contextPath: CrowdStrike.responsesHostGroupMembersV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupMembersV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupMembersV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupMembersV1.resources.system_product_name + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - group_type.asc + - group_type.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + required: false + description: Search for Host Groups in your environment by providing an FQL filter + and paging details. Returns a set of Host Groups which match the filter criteria + name: cs-query-combined-host-groups + outputs: + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.name + description: The name of the group + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Prevention Policies in your environment by providing an + FQL filter and paging details. Returns a set of Prevention Policies which match + the filter criteria + name: cs-query-combined-prevention-policies + outputs: + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - description: The ID of the Prevention Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Prevention Policy in your environment by + providing an FQL filter and paging details. Returns a set of host details which + match the filter criteria + name: cs-query-combined-prevention-policy-members + outputs: + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: The platform to return builds for + isArray: false + name: platform + predefined: + - linux + - mac + - windows + required: false + description: Retrieve available builds for use with Sensor Update Policies + name: cs-query-combined-sensor-update-builds + outputs: + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.resources.build + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.resources.build + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdateBuildsV1.resources.platform + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Sensor Update Policies in your environment by providing + an FQL filter and paging details. Returns a set of Sensor Update Policies which + match the filter criteria + name: cs-query-combined-sensor-update-policies + outputs: + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Sensor Update Policies with additional support for uninstall + protection in your environment by providing an FQL filter and paging details. + Returns a set of Sensor Update Policies which match the filter criteria + name: cs-query-combined-sensor-update-policiesv2 + outputs: + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: The ID of the Sensor Update Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Sensor Update Policy in your environment + by providing an FQL filter and paging details. Returns a set of host details + which match the filter criteria + name: cs-query-combined-sensor-update-policy-members + outputs: + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Response Policies in your environment by providing an + FQL filter and paging details. Returns a set of Response Policies which match + the filter criteria + name: cs-query-combinedrt-response-policies + outputs: + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - description: The ID of the Response policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Response policy in your environment by providing + an FQL filter and paging details. Returns a set of host details which match + the filter criteria + name: cs-query-combinedrt-response-policy-members + outputs: + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_load_flags + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_local_time + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.agent_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.bios_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.build_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_base + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_build + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.config_id_platform + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.cpu_signature + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.detection_suppression_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.email + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.external_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.first_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.group_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.host_hidden_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_login_user + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.last_seen + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.local_ip + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.mac_address + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.machine_domain + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.major_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.minor_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.os_version + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_host_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_hostname + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip4 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_ip6 + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_namespace + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pod_service_account_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.pointer_size + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.applied_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.assigned_date + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.policy_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.rule_set_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.settings_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.policies.uninstall_protection + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.product_type_desc + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.provision_status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.reduced_functionality_mode + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.release_group + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.serial_number + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_major + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_pack_minor + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.service_provider_account_id + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.site_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.slow_changing_modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_manufacturer + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.system_product_name + description: '' + type: String + - contextPath: CrowdStrike.responsesPolicyMembersRespV1.resources.zone_group + description: '' + type: String + - arguments: + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + description: Retrieve DetectionsIds that match the provided FQL filter, criteria + with scrolling enabled + name: cs-query-detection-ids-by-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The first detection to return, where `0` is the latest detection. + Use with the `limit` meter to manage pagination of results. + isArray: false + name: offset + required: false + - description: 'The maximum number of detections to return in this response (default: + 9999; max: 9999). Use with the `offset` meter to manage pagination of results.' + isArray: false + name: limit + required: false + - description: 'Sort detections using these options: - `first_behavior`: Timestamp + of the first behavior associated with this detection - `last_behavior`: Timestamp + of the last behavior associated with this detection - `max_severity`: Highest + severity of the behaviors associated with this detection - `max_confidence`: + Highest confidence of the behaviors associated with this detection - `adversary_id`: + ID of the adversary associated with this detection, if any - `devices.hostname`: + Hostname of the host where this detection was detected Sort either `asc` + (ascending) or `desc` (descending). For example: `last_behavior|asc`' + isArray: false + name: sort + required: false + - description: 'Filter detections using a query in Falcon Query Language (FQL) + An asterisk wildcard ` ` includes all results. Common filter options include: - + `status` - `device.device_id` - `max_severity` The full list of valid filter + options is extensive. Review it in our [documentation inside the Falcon console](https://falcon.crowdstrike.com/support/documentation/2/query-api-reference#detections_fql).' + isArray: false + name: filter_ + required: false + - description: Search all detection metadata for the provided string + isArray: false + name: q + required: false + description: Search for detection IDs that match a given query + name: cs-query-detects + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Device Control Policies in your environment by providing + an FQL filter and paging details. Returns a set of Device Control Policy IDs + which match the filter criteria + name: cs-query-device-control-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ID of the Device Control Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Device Control Policy in your environment + by providing an FQL filter and paging details. Returns a set of Agent IDs which + match the filter criteria + name: cs-query-device-control-policy-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by (e.g. status.desc or hostname.asc) + isArray: false + name: sort + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + description: Search for hosts in your environment by platform, hostname, IP, and + other criteria. + name: cs-query-devices-by-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The offset to page from, for the next result set + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by (e.g. status.desc or hostname.asc) + isArray: false + name: sort + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + description: Search for hosts in your environment by platform, hostname, IP, and + other criteria with continuous pagination capability (based on offset pointer + which expires after 2 minutes with no maximum limit) + name: cs-query-devices-by-filter-scroll + outputs: + - contextPath: CrowdStrike.domainDeviceResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainDeviceResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainDeviceResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainDeviceResponse.errors.message + description: '' + type: String + - arguments: + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + description: Retrieve escalation tickets that match the provided filter criteria + with scrolling enabled + name: cs-query-escalations-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Firewall Policies in your environment by providing an + FQL filter and paging details. Returns a set of Firewall Policy IDs which match + the filter criteria + name: cs-query-firewall-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ID of the Firewall Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Firewall Policy in your environment by providing + an FQL filter and paging details. Returns a set of Agent IDs which match the + filter criteria + name: cs-query-firewall-policy-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ID of the Host Group to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Host Group in your environment by providing + an FQL filter and paging details. Returns a set of Agent IDs which match the + filter criteria + name: cs-query-group-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by (e.g. status.desc or hostname.asc) + isArray: false + name: sort + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + description: Retrieve hidden hosts that match the provided filter criteria. + name: cs-query-hidden-devices + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - group_type.asc + - group_type.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + required: false + description: Search for Host Groups in your environment by providing an FQL filter + and paging details. Returns a set of Host Group IDs which match the filter criteria + name: cs-query-host-groups + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + description: Retrieve incidents that match the provided filter criteria with scrolling + enabled + name: cs-query-incident-ids-by-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + predefined: + - assigned_to.asc + - assigned_to.desc + - assigned_to_name.asc + - assigned_to_name.desc + - end.asc + - end.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - sort_score.asc + - sort_score.desc + - start.asc + - start.desc + - state.asc + - state.desc + - status.asc + - status.desc + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + description: Search for incidents by providing an FQL filter, sorting, and paging + details + name: cs-query-incidents + outputs: + - contextPath: CrowdStrike.apiMsaIncidentQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaIncidentQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaIncidentQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaIncidentQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaIncidentQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaIncidentQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Set the starting row number to return actors from. Defaults to + 0. + isArray: false + name: offset + required: false + - description: Set the number of actors to return. The value must be between 1 + and 5000. + isArray: false + name: limit + required: false + - description: 'Order fields in ascending or descending order. Ex: created_date|asc.' + isArray: false + name: sort + required: false + - description: 'Filter your query by specifying FQL filter meters. Filter meters + include: actors, actors.id, actors.name, actors.slug, actors.url, created_date, + description, id, last_modified_date, motivations, motivations.id, motivations.slug, + motivations.value, name, name.raw, short_description, slug, sub_type, sub_type.id, + sub_type.name, sub_type.slug, tags, tags.id, tags.slug, tags.value, target_countries, + target_countries.id, target_countries.slug, target_countries.value, target_industries, + target_industries.id, target_industries.slug, target_industries.value, type, + type.id, type.name, type.slug, url.' + isArray: false + name: filter_ + required: false + - description: Perform a generic substring search across all fields. + isArray: false + name: q + required: false + - description: 'The fields to return, or a predefined set of fields in the form + of the collection name surrounded by two underscores like: \_\_\ collection\ + \_\_. Ex: slug \_\_full\_\_. Defaults to \_\_basic\_\_.' + isArray: true + name: fields + required: false + description: Get info about actors that match provided FQL filters. + name: cs-query-intel-actor-entities + outputs: + - contextPath: CrowdStrike.domainActorsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.active + description: '' + type: Boolean + - contextPath: CrowdStrike.domainActorsResponse.resources.actor_type + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.first_activity_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.known_as + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.last_activity_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.last_modified_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.notify_users + description: '' + type: Boolean + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.rich_text_description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.short_description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.url + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.active + description: '' + type: Boolean + - contextPath: CrowdStrike.domainActorsResponse.resources.actor_type + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.entitlements.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.first_activity_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.known_as + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.last_activity_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.last_modified_date + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.motivations.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.notify_users + description: '' + type: Boolean + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.origins.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.rich_text_description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.short_description + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.domainActorsResponse.resources.url + description: '' + type: String + - arguments: + - description: Set the starting row number to return actors IDs from. Defaults + to 0. + isArray: false + name: offset + required: false + - description: Set the number of actor IDs to return. The value must be between + 1 and 5000. + isArray: false + name: limit + required: false + - description: 'Order fields in ascending or descending order. Ex: created_date|asc.' + isArray: false + name: sort + required: false + - description: 'Filter your query by specifying FQL filter meters. Filter meters + include: actors, actors.id, actors.name, actors.slug, actors.url, created_date, + description, id, last_modified_date, motivations, motivations.id, motivations.slug, + motivations.value, name, name.raw, short_description, slug, sub_type, sub_type.id, + sub_type.name, sub_type.slug, tags, tags.id, tags.slug, tags.value, target_countries, + target_countries.id, target_countries.slug, target_countries.value, target_industries, + target_industries.id, target_industries.slug, target_industries.value, type, + type.id, type.name, type.slug, url.' + isArray: false + name: filter_ + required: false + - description: Perform a generic substring search across all fields. + isArray: false + name: q + required: false + description: Get actor IDs that match provided FQL filters. + name: cs-query-intel-actor-ids + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Set the starting row number to return indicators from. Defaults + to 0. + isArray: false + name: offset + required: false + - description: Set the number of indicators to return. The number must be between + 1 and 50000 + isArray: false + name: limit + required: false + - description: 'Order fields in ascending or descending order. Ex: published_date|asc.' + isArray: false + name: sort + required: false + - description: 'Filter your query by specifying FQL filter meters. Filter meters + include: _marker, actors, deleted, domain_types, id, indicator, ip_address_types, + kill_chains, labels, labels.created_on, labels.last_valid_on, labels.name, + last_updated, malicious_confidence, malware_families, published_date, reports, + targets, threat_types, type, vulnerabilities.' + isArray: false + name: filter_ + required: false + - description: Perform a generic substring search across all fields. + isArray: false + name: q + required: false + - description: If true, include both published and deleted indicators in the response. + Defaults to false. + isArray: false + name: include_deleted + required: false + description: Get info about indicators that match provided FQL filters. + name: cs-query-intel-indicator-entities + outputs: + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources._marker + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.indicator + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.created_on + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.last_valid_on + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.name + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.last_updated + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.malicious_confidence + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.published_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.indicator + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.last_valid_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.type + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.type + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources._marker + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.indicator + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.created_on + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.last_valid_on + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.labels.name + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.last_updated + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.malicious_confidence + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.published_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.id + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.indicator + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.last_valid_date + description: '' + type: Number + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.relations.type + description: '' + type: String + - contextPath: CrowdStrike.domainPublicIndicatorsV3Response.resources.type + description: '' + type: String + - arguments: + - description: Set the starting row number to return indicator IDs from. Defaults + to 0. + isArray: false + name: offset + required: false + - description: Set the number of indicator IDs to return. The number must be between + 1 and 50000 + isArray: false + name: limit + required: false + - description: 'Order fields in ascending or descending order. Ex: published_date|asc.' + isArray: false + name: sort + required: false + - description: 'Filter your query by specifying FQL filter meters. Filter meters + include: _marker, actors, deleted, domain_types, id, indicator, ip_address_types, + kill_chains, labels, labels.created_on, labels.last_valid_on, labels.name, + last_updated, malicious_confidence, malware_families, published_date, reports, + targets, threat_types, type, vulnerabilities.' + isArray: false + name: filter_ + required: false + - description: Perform a generic substring search across all fields. + isArray: false + name: q + required: false + - description: If true, include both published and deleted indicators in the response. + Defaults to false. + isArray: false + name: include_deleted + required: false + description: Get indicators IDs that match provided FQL filters. + name: cs-query-intel-indicator-ids + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Set the starting row number to return reports from. Defaults to + 0. + isArray: false + name: offset + required: false + - description: Set the number of reports to return. The value must be between + 1 and 5000. + isArray: false + name: limit + required: false + - description: 'Order fields in ascending or descending order. Ex: created_date|asc.' + isArray: false + name: sort + required: false + - description: 'Filter your query by specifying FQL filter meters. Filter meters + include: actors, actors.id, actors.name, actors.slug, actors.url, created_date, + description, id, last_modified_date, motivations, motivations.id, motivations.slug, + motivations.value, name, name.raw, short_description, slug, sub_type, sub_type.id, + sub_type.name, sub_type.slug, tags, tags.id, tags.slug, tags.value, target_countries, + target_countries.id, target_countries.slug, target_countries.value, target_industries, + target_industries.id, target_industries.slug, target_industries.value, type, + type.id, type.name, type.slug, url.' + isArray: false + name: filter_ + required: false + - description: Perform a generic substring search across all fields. + isArray: false + name: q + required: false + - description: 'The fields to return, or a predefined set of fields in the form + of the collection name surrounded by two underscores like: \_\_\ collection\ + \_\_. Ex: slug \_\_full\_\_. Defaults to \_\_basic\_\_.' + isArray: true + name: fields + required: false + description: Get info about reports that match provided FQL filters. + name: cs-query-intel-report-entities + outputs: + - contextPath: CrowdStrike.domainNewsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.active + description: '' + type: Boolean + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.url + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.attachments.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.attachments.url + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.last_modified_date + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.notify_users + description: '' + type: Boolean + - contextPath: CrowdStrike.domainNewsResponse.resources.rich_text_description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.short_description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.url + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.active + description: '' + type: Boolean + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.actors.url + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.attachments.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.attachments.url + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.created_date + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.entitlements.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.last_modified_date + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.motivations.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.notify_users + description: '' + type: Boolean + - contextPath: CrowdStrike.domainNewsResponse.resources.rich_text_description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.short_description + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.tags.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_countries.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.id + description: '' + type: Number + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.name + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.slug + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.target_industries.value + description: '' + type: String + - contextPath: CrowdStrike.domainNewsResponse.resources.url + description: '' + type: String + - arguments: + - description: Set the starting row number to return report IDs from. Defaults + to 0. + isArray: false + name: offset + required: false + - description: Set the number of report IDs to return. The value must be between + 1 and 5000. + isArray: false + name: limit + required: false + - description: 'Order fields in ascending or descending order. Ex: created_date|asc.' + isArray: false + name: sort + required: false + - description: 'Filter your query by specifying FQL filter meters. Filter meters + include: actors, actors.id, actors.name, actors.slug, actors.url, created_date, + description, id, last_modified_date, motivations, motivations.id, motivations.slug, + motivations.value, name, name.raw, short_description, slug, sub_type, sub_type.id, + sub_type.name, sub_type.slug, tags, tags.id, tags.slug, tags.value, target_countries, + target_countries.id, target_countries.slug, target_countries.value, target_industries, + target_industries.id, target_industries.slug, target_industries.value, type, + type.id, type.name, type.slug, url.' + isArray: false + name: filter_ + required: false + - description: Perform a generic substring search across all fields. + isArray: false + name: q + required: false + description: Get report IDs that match provided FQL filters. + name: cs-query-intel-report-ids + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Set the starting row number to return reports from. Defaults to + 0. + isArray: false + name: offset + required: false + - description: The number of rule IDs to return. Defaults to 10. + isArray: false + name: limit + required: false + - description: 'Order fields in ascending or descending order. Ex: created_date|asc.' + isArray: false + name: sort + required: false + - description: Search by rule title. + isArray: true + name: name + required: false + - description: 'The rule news report type. Accepted values: snort-suricata-master snort-suricata-update snort-suricata-changelog yara-master yara-update yara-changelog common-event-format netwitness' + isArray: false + name: type_ + required: true + - description: Substring match on description field. + isArray: true + name: description + required: false + - description: Search for rule tags. + isArray: true + name: tags + required: false + - description: Filter results to those created on or after a certain date. + isArray: false + name: min_created_date + required: false + - description: Filter results to those created on or before a certain date. + isArray: false + name: max_created_date + required: false + - description: Perform a generic substring search across all fields. + isArray: false + name: q + required: false + description: Search for rule IDs that match provided filter criteria. + name: cs-query-intel-rule-ids + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + - description: 'Possible order by fields: created_date, updated_date. Ex: ''updated_date|desc''.' + isArray: false + name: sort + required: false + - description: 'FQL query to filter notifications by. Possible filter properties + are: [id cid user_uuid status rule_id rule_name rule_topic rule_priority item_type + created_date updated_date]' + isArray: false + name: filter_ + required: false + - description: Free text search across all indexed fields. + isArray: false + name: q + required: false + description: Query notifications based on provided criteria. Use the IDs from + this response to get the notification entities on GET /entities/notifications/v1 + or GET /entities/notifications-detailed/v1. + name: cs-query-notificationsv1 + outputs: + - contextPath: CrowdStrike.domainQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainQueryResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainQueryResponse.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueryResponse.errors.message_key + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Prevention Policies in your environment by providing an + FQL filter and paging details. Returns a set of Prevention Policy IDs which + match the filter criteria + name: cs-query-prevention-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ID of the Prevention Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Prevention Policy in your environment by + providing an FQL filter and paging details. Returns a set of Agent IDs which + match the filter criteria + name: cs-query-prevention-policy-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - description: The property to sort on, followed by a dot (.), followed by the + sort direction, either "asc" or "desc". + isArray: false + name: sort + required: false + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + description: Retrieve remediation tickets that match the provided filter criteria + with scrolling enabled + name: cs-query-remediations-filter + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving reports from. + isArray: false + name: offset + required: false + - description: 'Maximum number of report IDs to return. Max: 5000.' + isArray: false + name: limit + required: false + - description: 'Sort order: `asc` or `desc`.' + isArray: false + name: sort + required: false + description: Find sandbox reports by providing an FQL filter and paging details. + Returns a set of report IDs that match your criteria. + name: cs-query-reports + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: User Group ID to fetch MSSP role for + isArray: false + name: user_group_id + required: false + - description: CID Group ID to fetch MSSP role for + isArray: false + name: cid_group_id + required: false + - description: Role ID to fetch MSSP role for + isArray: false + name: role_id + required: false + - auto: PREDEFINED + description: The sort expression used to sort the results + isArray: false + name: sort + predefined: + - last_modified_timestamp + required: false + - description: Starting index of overall result set from which to return ids + isArray: false + name: offset + required: false + - description: Number of ids to return + isArray: false + name: limit + required: false + description: Query MSSP Role assignment. At least one of CID Group ID or User + Group ID should also be provided. Role ID is optional. + name: cs-query-roles + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + - description: 'Possible order by fields: created_timestamp, last_updated_timestamp. + Ex: ''last_updated_timestamp|desc''.' + isArray: false + name: sort + required: false + - description: 'FQL query to filter rules by. Possible filter properties are: + [id cid user_uuid topic priority permissions filter status created_timestamp + last_updated_timestamp]' + isArray: false + name: filter_ + required: false + - description: Free text search across all indexed fields. + isArray: false + name: q + required: false + description: Query monitoring rules based on provided criteria. Use the IDs from + this response to fetch the rules on /entities/rules/v1. + name: cs-query-rulesv1 + outputs: + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRuleQueryResponseV1.errors.message_key + description: '' + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: '' + isArray: true + name: samplestore_querysamplesrequest_sha256s + required: false + description: Retrieves a list with sha256 of samples that exist and customer has + rights to access them, maximum number of accepted items is 200 + name: cs-query-samplev1 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Sensor Update Policies in your environment by providing + an FQL filter and paging details. Returns a set of Sensor Update Policy IDs + which match the filter criteria + name: cs-query-sensor-update-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ID of the Sensor Update Policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Sensor Update Policy in your environment + by providing an FQL filter and paging details. Returns a set of Agent IDs which + match the filter criteria + name: cs-query-sensor-update-policy-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results. + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The sort expression that should be used to sort the results. + isArray: false + name: sort + predefined: + - applied_globally.asc + - applied_globally.desc + - created_by.asc + - created_by.desc + - created_on.asc + - created_on.desc + - last_modified.asc + - last_modified.desc + - modified_by.asc + - modified_by.desc + - value.asc + - value.desc + required: false + description: Search for sensor visibility exclusions. + name: cs-query-sensor-visibility-exclusionsv1 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving submissions from. + isArray: false + name: offset + required: false + - description: 'Maximum number of submission IDs to return. Max: 5000.' + isArray: false + name: limit + required: false + - description: 'Sort order: `asc` or `desc`.' + isArray: false + name: sort + required: false + description: Find submission IDs for uploaded files by providing an FQL filter + and paging details. Returns a set of submission IDs that match your criteria. + name: cs-query-submissions + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Optional filter and sort criteria in the form of an FQL query. + For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving submissions from. + isArray: false + name: offset + required: false + - description: 'Maximum number of volume IDs to return. Max: 5000.' + isArray: false + name: limit + required: false + - description: 'Sort order: `asc` or `desc`.' + isArray: false + name: sort + required: false + description: Find IDs for submitted scans by providing an FQL filter and paging + details. Returns a set of volume IDs that match your criteria. + name: cs-query-submissions-mixin0 + outputs: + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: User UUID to lookup associated user group ID + isArray: false + name: user_uuid + required: true + - auto: PREDEFINED + description: The sort expression used to sort the results + isArray: false + name: sort + predefined: + - last_modified_timestamp + required: false + - description: Starting index of overall result set from which to return ids + isArray: false + name: offset + required: false + - description: Number of ids to return + isArray: false + name: limit + required: false + description: Query User Group member by User UUID. + name: cs-query-user-group-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Name to lookup groups for + isArray: false + name: name + required: false + - auto: PREDEFINED + description: The sort expression used to sort the results + isArray: false + name: sort + predefined: + - last_modified_timestamp + - name + required: false + - description: Starting index of overall result set from which to return ids + isArray: false + name: offset + required: false + - description: Number of ids to return + isArray: false + name: limit + required: false + description: Query User Groups. + name: cs-query-user-groups + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: A pagination token used with the `limit` meter to manage pagination + of results. On your first request, don't provide an `after` token. On subsequent + requests, provide the `after` token from the previous response to continue + from that place in the results. + isArray: false + name: after + required: false + - description: 'The number of items to return in this response (default: 100, + max: 400). Use with the after meter to manage pagination of results.' + isArray: false + name: limit + required: false + - description: 'Sort vulnerabilities by their properties. Common sort options + include: ul li created_timestamp|desc /li li closed_timestamp|asc /li /ul ' + isArray: false + name: sort + required: false + - description: 'Filter items using a query in Falcon Query Language (FQL). Wildcards are + unsupported. Common filter options include: ul li created_timestamp: + ''2019-11-25T22:36:12Z'' /li li closed_timestamp: ''2019-11-25T22:36:12Z'' + /li li aid:''8e7656b27d8c49a34a1af416424d6231'' /li /ul ' + isArray: false + name: filter_ + required: true + description: Search for Vulnerabilities in your environment by providing an FQL + filter and paging details. Returns a set of Vulnerability IDs which match the + filter criteria + name: cs-query-vulnerabilities + outputs: + - contextPath: CrowdStrike.domainSPAPIQueryVulnerabilitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSPAPIQueryVulnerabilitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIQueryVulnerabilitiesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIQueryVulnerabilitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSPAPIQueryVulnerabilitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSPAPIQueryVulnerabilitiesResponse.errors.message + description: '' + type: String + - arguments: + - description: The maximum records to return. [1-500]. Defaults to 100. + isArray: false + name: limit + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The property to sort by (e.g. alias.desc or state.asc) + isArray: false + name: sort + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + description: Search for provisioned AWS Accounts by providing an FQL filter and + paging details. Returns a set of AWS accounts which match the filter criteria + name: cs-queryaws-accounts + outputs: + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.alias + description: Alias/Name associated with the account. This is only updated once + the account is in a registered state. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_stack_id + description: Unique identifier for the cloudformation stack id used for provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_url + description: URL of the CloudFormation template to execute. This is returned + when mode is to set 'cloudformation' when provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the S3 bucket containing + cloudtrail logs for this account. If this field is set, it takes precedence + of the settings level field. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_region + description: Region where the S3 bucket containing cloudtrail logs resides. + This is only set if using cloudformation to provision and create the trail. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.created_timestamp + description: Timestamp of when the account was first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_modified_timestamp + description: Timestamp of when the account was last modified. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_scanned_timestamp + description: Timestamp of when the account was scanned. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.policy_version + description: Current version of permissions associated with IAM role and granted + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.provisioning_state + description: Provisioning state of the account. Values can be; initiated, registered, + unregistered. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_reqs + description: Rate limiting setting to control the maximum number of requests + that can be made within the rate_limit_time duration. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_time + description: Rate limiting setting to control the number of seconds for which + rate_limit_reqs applies. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.template_version + description: Current version of cloudformation template used to manage access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.alias + description: Alias/Name associated with the account. This is only updated once + the account is in a registered state. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_stack_id + description: Unique identifier for the cloudformation stack id used for provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_url + description: URL of the CloudFormation template to execute. This is returned + when mode is to set 'cloudformation' when provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the S3 bucket containing + cloudtrail logs for this account. If this field is set, it takes precedence + of the settings level field. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_region + description: Region where the S3 bucket containing cloudtrail logs resides. + This is only set if using cloudformation to provision and create the trail. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.created_timestamp + description: Timestamp of when the account was first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_modified_timestamp + description: Timestamp of when the account was last modified. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_scanned_timestamp + description: Timestamp of when the account was scanned. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.policy_version + description: Current version of permissions associated with IAM role and granted + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.provisioning_state + description: Provisioning state of the account. Values can be; initiated, registered, + unregistered. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_reqs + description: Rate limiting setting to control the maximum number of requests + that can be made within the rate_limit_time duration. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_time + description: Rate limiting setting to control the number of seconds for which + rate_limit_reqs applies. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.template_version + description: Current version of cloudformation template used to manage access. + type: String + - arguments: + - description: The maximum records to return. [1-500]. Defaults to 100. + isArray: false + name: limit + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The property to sort by (e.g. alias.desc or state.asc) + isArray: false + name: sort + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + description: Search for provisioned AWS Accounts by providing an FQL filter and + paging details. Returns a set of AWS account IDs which match the filter criteria + name: cs-queryaws-accounts-fori-ds + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: CID to lookup associated CID group ID + isArray: false + name: cid + required: true + - auto: PREDEFINED + description: The sort expression used to sort the results + isArray: false + name: sort + predefined: + - last_modified_timestamp + required: false + - description: Starting index of overall result set from which to return id + isArray: false + name: offset + required: false + - description: Number of ids to return + isArray: false + name: limit + required: false + description: Query a CID Groups members by associated CID. + name: cs-querycid-group-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Name to lookup groups for + isArray: false + name: name + required: false + - auto: PREDEFINED + description: The sort expression used to sort the results + isArray: false + name: sort + predefined: + - last_modified_timestamp + - name + required: false + - description: Starting index of overall result set from which to return ids + isArray: false + name: offset + required: false + - description: Number of ids to return + isArray: false + name: limit + required: false + description: Query CID Groups. + name: cs-querycid-groups + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: 'Possible order by fields: ' + isArray: false + name: sort + required: false + - description: 'FQL query specifying the filter meters. Filter term criteria: + enabled, platform, name, description, etc TODO. Filter range criteria: created_on, + modified_on; use any common date format, such as ''2010-05-15T14:55:21.892315096Z''.' + isArray: false + name: filter_ + required: false + - description: Match query criteria, which includes all the filter string fields, + plus TODO + isArray: false + name: q + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: A pagination token used with the `limit` meter to manage pagination + of results. On your first request, don't provide an `after` token. On subsequent + requests, provide the `after` token from the previous response to continue + from that place in the results. + isArray: false + name: after + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + description: Find all event IDs matching the query with filter + name: cs-queryevents + outputs: + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Get fields configuration for this platform + isArray: false + name: platform_id + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + description: Get the firewall field specification IDs for the provided platform + name: cs-queryfirewallfields + outputs: + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: ' The type of the indicator. Valid types include: sha256: A hex-encoded + sha256 hash string. Length - min: 64, max: 64. md5: A hex-encoded md5 hash + string. Length - min 32, max: 32. domain: A domain name. Length - min: 1, + max: 200. ipv4: An IPv4 address. Must be a valid IP address. ipv6: An IPv6 + address. Must be a valid IP address. ' + isArray: false + name: types + required: false + - description: The string representation of the indicator + isArray: false + name: values + required: false + - description: Find custom IOCs created after this time (RFC-3339 timestamp) + isArray: false + name: from_expiration_timestamp + required: false + - description: Find custom IOCs created before this time (RFC-3339 timestamp) + isArray: false + name: to_expiration_timestamp + required: false + - description: '\ndetect: Find custom IOCs that produce notifications\n\nnone: + Find custom IOCs the particular indicator has been detected on a host. This + is equivalent to turning the indicator off. ' + isArray: false + name: policies + required: false + - description: The source where this indicator originated. This can be used for + tracking where this indicator was defined. Limit 200 characters. + isArray: false + name: sources + required: false + - description: The level at which the indicator will be shared. Currently only + red share level (not shared) is supported, indicating that the IOC isn't shared + with other FH customers. + isArray: false + name: share_levels + required: false + - description: created_by + isArray: false + name: created_by + required: false + - description: The user or API client who deleted the custom IOC + isArray: false + name: deleted_by + required: false + - description: ' true: Include deleted IOCs false: Don''t include deleted IOCs + (default) ' + isArray: false + name: include_deleted + required: false + description: ' DEPRECATED Use the new IOC Management endpoint (GET /iocs/queries/indicators/v1). Search + the custom IOCs in your customer account.' + name: cs-queryio-cs + outputs: + - contextPath: CrowdStrike.apiMsaReplyIOCIDs.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOCIDs.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOCIDs.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOCIDs.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOCIDs.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOCIDs.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results. + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The sort expression that should be used to sort the results. + isArray: false + name: sort + predefined: + - applied_globally.asc + - applied_globally.desc + - created_by.asc + - created_by.desc + - created_on.asc + - created_on.desc + - last_modified.asc + - last_modified.desc + - modified_by.asc + - modified_by.desc + - name.asc + - name.desc + - pattern_id.asc + - pattern_id.desc + - pattern_name.asc + - pattern_name.desc + required: false + description: Search for IOA exclusions. + name: cs-queryioa-exclusionsv1 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to limit the results. + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-500] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The sort expression that should be used to sort the results. + isArray: false + name: sort + predefined: + - applied_globally.asc + - applied_globally.desc + - created_by.asc + - created_by.desc + - created_on.asc + - created_on.desc + - last_modified.asc + - last_modified.desc + - modified_by.asc + - modified_by.desc + - value.asc + - value.desc + required: false + description: Search for ML exclusions. + name: cs-queryml-exclusionsv1 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Starting index of overall result set from which to return IDs + isArray: false + name: offset + required: false + - description: Number of IDs to return + isArray: false + name: limit + required: false + description: Get all pattern severity IDs. + name: cs-querypatterns + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + description: Get the list of platform names + name: cs-queryplatforms + outputs: + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Starting index of overall result set from which to return IDs + isArray: false + name: offset + required: false + - description: Number of IDs to return + isArray: false + name: limit + required: false + description: Get all platform IDs. + name: cs-queryplatforms-mixin0 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ID of the policy container within which to query + isArray: false + name: id_ + required: false + - description: 'Possible order by fields: ' + isArray: false + name: sort + required: false + - description: 'FQL query specifying the filter meters. Filter term criteria: + enabled, platform, name, description, etc TODO. Filter range criteria: created_on, + modified_on; use any common date format, such as ''2010-05-15T14:55:21.892315096Z''.' + isArray: false + name: filter_ + required: false + - description: Match query criteria, which includes all the filter string fields, + plus TODO + isArray: false + name: q + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + description: Find all firewall rule IDs matching the query with filter, and return + them in precedence order + name: cs-querypolicyrules + outputs: + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The filter expression that should be used to determine the results. + isArray: false + name: filter_ + required: false + - description: The offset of the first record to retrieve from + isArray: false + name: offset + required: false + - description: The maximum number of records to return [1-5000] + isArray: false + name: limit + required: false + - auto: PREDEFINED + description: The property to sort results by + isArray: false + name: sort + predefined: + - created_by.asc + - created_by.desc + - created_timestamp.asc + - created_timestamp.desc + - enabled.asc + - enabled.desc + - modified_by.asc + - modified_by.desc + - modified_timestamp.asc + - modified_timestamp.desc + - name.asc + - name.desc + - platform_name.asc + - platform_name.desc + - precedence.asc + - precedence.desc + required: false + description: Search for Response Policies in your environment by providing an + FQL filter with sort and/or paging details. This returns a set of Response Policy + IDs that match the given criteria. + name: cs-queryrt-response-policies + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ID of the Response policy to search for members of + isArray: false + name: id_ + required: false + - description: The filter expression that should be used to limit the results + isArray: false + name: filter_ + required: false + - description: The offset to start retrieving records from + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-5000] + isArray: false + name: limit + required: false + - description: The property to sort by + isArray: false + name: sort + required: false + description: Search for members of a Response policy in your environment by providing + an FQL filter and paging details. Returns a set of Agent IDs which match the + filter criteria + name: cs-queryrt-response-policy-members + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: 'Possible order by fields: ' + isArray: false + name: sort + required: false + - description: 'FQL query specifying the filter meters. Filter term criteria: + enabled, platform, name, description, etc TODO. Filter range criteria: created_on, + modified_on; use any common date format, such as ''2010-05-15T14:55:21.892315096Z''.' + isArray: false + name: filter_ + required: false + - description: Match query criteria, which includes all the filter string fields, + plus TODO + isArray: false + name: q + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: A pagination token used with the `limit` meter to manage pagination + of results. On your first request, don't provide an `after` token. On subsequent + requests, provide the `after` token from the previous response to continue + from that place in the results. + isArray: false + name: after + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + description: Find all rule group IDs matching the query with filter + name: cs-queryrulegroups + outputs: + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: 'Possible order by fields: {created_by, created_on, modified_by, + modified_on, enabled, name, description}' + isArray: false + name: sort + predefined: + - created_by + - created_on + - description + - enabled + - modified_by + - modified_on + - name + required: false + - description: 'FQL query specifying the filter meters. Filter term criteria: + [enabled platform name description rules.action_label rules.name rules.description + rules.pattern_severity rules.ruletype_name rules.enabled]. Filter range criteria: + created_on, modified_on; use any common date format, such as ''2010-05-15T14:55:21.892315096Z''.' + isArray: false + name: filter_ + required: false + - description: Match query criteria, which includes all the filter string fields + isArray: false + name: q + required: false + - description: Starting index of overall result set from which to return IDs + isArray: false + name: offset + required: false + - description: Number of IDs to return + isArray: false + name: limit + required: false + description: Finds all rule group IDs matching the query with optional filter. + name: cs-queryrulegroups-mixin0 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: 'Possible order by fields: {created_by, created_on, modified_by, + modified_on, enabled, name, description}' + isArray: false + name: sort + predefined: + - created_by + - created_on + - description + - enabled + - modified_by + - modified_on + - name + required: false + - description: 'FQL query specifying the filter meters. Filter term criteria: + [enabled platform name description rules.action_label rules.name rules.description + rules.pattern_severity rules.ruletype_name rules.enabled]. Filter range criteria: + created_on, modified_on; use any common date format, such as ''2010-05-15T14:55:21.892315096Z''.' + isArray: false + name: filter_ + required: false + - description: Match query criteria, which includes all the filter string fields + isArray: false + name: q + required: false + - description: Starting index of overall result set from which to return IDs + isArray: false + name: offset + required: false + - description: Number of IDs to return + isArray: false + name: limit + required: false + description: Find all rule groups matching the query with optional filter. + name: cs-queryrulegroupsfull + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: 'Possible order by fields: ' + isArray: false + name: sort + required: false + - description: 'FQL query specifying the filter meters. Filter term criteria: + enabled, platform, name, description, etc TODO. Filter range criteria: created_on, + modified_on; use any common date format, such as ''2010-05-15T14:55:21.892315096Z''.' + isArray: false + name: filter_ + required: false + - description: Match query criteria, which includes all the filter string fields, + plus TODO + isArray: false + name: q + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: A pagination token used with the `limit` meter to manage pagination + of results. On your first request, don't provide an `after` token. On subsequent + requests, provide the `after` token from the previous response to continue + from that place in the results. + isArray: false + name: after + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + description: Find all rule IDs matching the query with filter + name: cs-queryrules + outputs: + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: 'Possible order by fields: {rules.ruletype_name, rules.enabled, + rules.created_by, rules.current_version.name, rules.current_version.modified_by, + rules.created_on, rules.current_version.description, rules.current_version.pattern_severity, + rules.current_version.action_label, rules.current_version.modified_on}' + isArray: false + name: sort + predefined: + - rules.created_by + - rules.created_on + - rules.current_version.action_label + - rules.current_version.description + - rules.current_version.modified_by + - rules.current_version.modified_on + - rules.current_version.name + - rules.current_version.pattern_severity + - rules.enabled + - rules.ruletype_name + required: false + - description: 'FQL query specifying the filter meters. Filter term criteria: + [enabled platform name description rules.action_label rules.name rules.description + rules.pattern_severity rules.ruletype_name rules.enabled]. Filter range criteria: + created_on, modified_on; use any common date format, such as ''2010-05-15T14:55:21.892315096Z''.' + isArray: false + name: filter_ + required: false + - description: Match query criteria, which includes all the filter string fields + isArray: false + name: q + required: false + - description: Starting index of overall result set from which to return IDs + isArray: false + name: offset + required: false + - description: Number of IDs to return + isArray: false + name: limit + required: false + description: Finds all rule IDs matching the query with optional filter. + name: cs-queryrules-mixin0 + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Starting index of overall result set from which to return IDs + isArray: false + name: offset + required: false + - description: Number of IDs to return + isArray: false + name: limit + required: false + description: Get all rule type IDs. + name: cs-queryruletypes + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: Action name. Allowed value is refresh_active_stream_session. + isArray: false + name: action_name + required: true + - description: 'Label that identifies your connection. Max: 32 alphanumeric characters + (a-z, A-Z, 0-9).' + isArray: false + name: appId + required: true + - description: Partition to request data for. + isArray: false + name: partition + required: true + description: Refresh an active event stream. Use the URL shown in a GET /sensors/entities/datafeed/v2 + response. + name: cs-refresh-active-stream-session + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - description: Regenerate API key for docker registry integrations + name: cs-regenerateapi-key + outputs: + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.errors.id + description: '' + type: String + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.errors.message + description: '' + type: String + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.resources.api_key + description: '' + type: String + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.errors.id + description: '' + type: String + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.errors.message + description: '' + type: String + - contextPath: CrowdStrike.k8sregRegenAPIKeyResp.resources.api_key + description: '' + type: String + - description: List the usernames (usually an email address) for all users in your + customer account + name: cs-retrieve-emails-bycid + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: ID of a user. Find a user's ID from `/users/entities/user/v1`. + isArray: true + name: ids + required: true + description: Get info about a user + name: cs-retrieve-user + outputs: + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.customer + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.firstName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.lastName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uid + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uuid + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.customer + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.firstName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.lastName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uid + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uuid + description: '' + type: String + - description: List user IDs for all users in your customer account. For more information + on each user, provide the user ID to `/users/entities/user/v1`. + name: cs-retrieve-useruui-ds-bycid + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: A username. This is usually the user's email address, but may vary + based on your configuration. + isArray: true + name: uid + required: true + description: Get a user's ID by providing a username (usually an email address) + name: cs-retrieve-useruuid + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: An optional message to append to the recorded audit log + isArray: false + name: requests_revealuninstalltokenv1_audit_message + required: false + - description: The id of the device to reveal the token for + isArray: false + name: requests_revealuninstalltokenv1_device_id + required: true + description: Reveals an uninstall token for a specific device. To retrieve the + bulk maintenance token pass the value 'MAINTENANCE' as the value for 'device_id' + name: cs-reveal-uninstall-token + outputs: + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.resources.device_id + description: The device the token belongs to + type: String + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.resources.seed_id + description: The seedID of the uninstall token + type: Number + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.resources.uninstall_token + description: The uninstall token + type: String + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.resources.device_id + description: The device the token belongs to + type: String + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.resources.seed_id + description: The seedID of the uninstall token + type: Number + - contextPath: CrowdStrike.responsesRevealUninstallTokenRespV1.resources.uninstall_token + description: The uninstall token + type: String + - arguments: + - description: ID of a user. Find a user's ID from `/users/entities/user/v1`. + isArray: false + name: user_uuid + required: true + - description: One or more role IDs to revoke. Find a role's ID from `/users/queries/roles/v1`. + isArray: true + name: ids + required: true + description: Revoke one or more roles from a user + name: cs-revoke-user-role-ids + outputs: + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserRoleIDsResponse.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_aggregatequeryrequest_date_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_field + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_filter + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_interval + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_min_doc_count + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_missing + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_name + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_q + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_ranges + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_size + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_sort + required: true + - description: '' + isArray: true + name: msa_aggregatequeryrequest_sub_aggregates + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_time_zone + required: true + - description: '' + isArray: false + name: msa_aggregatequeryrequest_type + required: true + description: Get aggregates on session data. + name: cs-rtr-aggregate-sessions + outputs: + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.count + description: '' + type: Number + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.from + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.key_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_from + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.string_to + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.to + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value + description: '' + type: Unknown + - contextPath: CrowdStrike.msaAggregatesResponse.resources.buckets.value_as_string + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.msaAggregatesResponse.resources.sum_other_doc_count + description: '' + type: Number + - arguments: + - description: Cloud Request ID of the executed command to query + isArray: false + name: cloud_request_id + required: true + - description: Sequence ID that we want to retrieve. Command responses are chunked + across sequences + isArray: false + name: sequence_id + required: true + description: Get status of an executed active-responder command on a single host. + name: cs-rtr-check-active-responder-command-status + outputs: + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.complete + description: '' + type: Boolean + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.sequence_id + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stderr + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stdout + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.task_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.complete + description: '' + type: Boolean + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.sequence_id + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stderr + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stdout + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.task_id + description: '' + type: String + - arguments: + - description: Cloud Request ID of the executed command to query + isArray: false + name: cloud_request_id + required: true + - description: Sequence ID that we want to retrieve. Command responses are chunked + across sequences + isArray: false + name: sequence_id + required: true + description: Get status of an executed RTR administrator command on a single host. + name: cs-rtr-check-admin-command-status + outputs: + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.complete + description: '' + type: Boolean + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.sequence_id + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stderr + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stdout + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.task_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.complete + description: '' + type: Boolean + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.sequence_id + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stderr + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stdout + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.task_id + description: '' + type: String + - arguments: + - description: Cloud Request ID of the executed command to query + isArray: false + name: cloud_request_id + required: true + - description: Sequence ID that we want to retrieve. Command responses are chunked + across sequences + isArray: false + name: sequence_id + required: true + description: Get status of an executed command on a single host. + name: cs-rtr-check-command-status + outputs: + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.complete + description: '' + type: Boolean + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.sequence_id + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stderr + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stdout + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.task_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.complete + description: '' + type: Boolean + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.sequence_id + description: '' + type: Number + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stderr + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.stdout + description: '' + type: String + - contextPath: CrowdStrike.domainStatusResponseWrapper.resources.task_id + description: '' + type: String + - arguments: + - description: put-file to upload + isArray: false + name: file + required: true + - description: File description + isArray: false + name: description + required: true + - description: File name (if different than actual file name) + isArray: false + name: name + required: false + - description: The audit log comment + isArray: false + name: comments_for_audit_log + required: false + description: Upload a new put-file to use for the RTR `put` command. + name: cs-rtr-create-put-files + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: custom-script file to upload. These should be powershell scripts. + isArray: false + name: file + required: false + - description: File description + isArray: false + name: description + required: true + - description: File name (if different than actual file name) + isArray: false + name: name + required: false + - description: The audit log comment + isArray: false + name: comments_for_audit_log + required: false + - description: 'Permission for the custom-script. Valid permission values: - + `private`, usable by only the user who uploaded it - `group`, usable by + all RTR Admins - `public`, usable by all active-responders and RTR admins' + isArray: false + name: permission_type + required: true + - description: The script text that you want to use to upload + isArray: false + name: content + required: false + - description: 'Platforms for the file. Currently supports: windows, mac, linux, + . If no platform is provided, it will default to ''windows''' + isArray: true + name: platform + required: false + description: Upload a new custom-script to use for the RTR `runscript` command. + name: cs-rtr-create-scripts + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: RTR Session file id + isArray: false + name: ids + required: true + - description: RTR Session id + isArray: false + name: session_id + required: true + description: Delete a RTR session file. + name: cs-rtr-delete-file + - arguments: + - description: File id + isArray: false + name: ids + required: true + description: Delete a put-file based on the ID given. Can only delete one file + at a time. + name: cs-rtr-delete-put-files + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: RTR Session id + isArray: false + name: session_id + required: true + - description: Cloud Request ID of the executed command to query + isArray: false + name: cloud_request_id + required: true + description: Delete a queued session command + name: cs-rtr-delete-queued-session + - arguments: + - description: File id + isArray: false + name: ids + required: true + description: Delete a custom-script based on the ID given. Can only delete one + script at a time. + name: cs-rtr-delete-scripts + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: RTR Session id + isArray: false + name: session_id + required: true + description: Delete a session. + name: cs-rtr-delete-session + - arguments: + - description: '' + isArray: false + name: domain_commandexecuterequest_base_command + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_command_string + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_device_id + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_id + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_persist + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_session_id + required: true + description: Execute an active responder command on a single host. + name: cs-rtr-execute-active-responder-command + - arguments: + - description: '' + isArray: false + name: domain_commandexecuterequest_base_command + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_command_string + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_device_id + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_id + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_persist + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_session_id + required: true + description: Execute a RTR administrator command on a single host. + name: cs-rtr-execute-admin-command + - arguments: + - description: '' + isArray: false + name: domain_commandexecuterequest_base_command + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_command_string + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_device_id + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_id + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_persist + required: true + - description: '' + isArray: false + name: domain_commandexecuterequest_session_id + required: true + description: Execute a command on a single host. + name: cs-rtr-execute-command + - arguments: + - description: RTR Session id + isArray: false + name: session_id + required: true + - description: Extracted SHA256 (e.g. 'efa256a96af3b556cd3fc9d8b1cf587d72807d7805ced441e8149fc279db422b') + isArray: false + name: sha256 + required: true + - description: Filename to use for the archive name and the file within the archive. + isArray: false + name: filename + required: false + description: Get RTR extracted file contents for specified session and sha256. + name: cs-rtr-get-extracted-file-contents + - arguments: + - description: File IDs + isArray: true + name: ids + required: true + description: Get put-files based on the ID's given. These are used for the RTR + `put` command. + name: cs-rtr-get-put-files + outputs: + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.bucket + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.comments_for_audit_log + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.content + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.file_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.path + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.permission_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_attempt_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_success_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.size + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.write_access + description: '' + type: Boolean + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.bucket + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.comments_for_audit_log + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.content + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.file_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.path + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.permission_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_attempt_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_success_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.size + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.write_access + description: '' + type: Boolean + - arguments: + - description: File IDs + isArray: true + name: ids + required: true + description: Get custom-scripts based on the ID's given. These are used for the + RTR `runscript` command. + name: cs-rtr-get-scripts + outputs: + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.bucket + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.comments_for_audit_log + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.content + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.file_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.path + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.permission_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_attempt_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_success_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.size + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.write_access + description: '' + type: Boolean + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.bucket + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.comments_for_audit_log + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.content + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.file_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_by_uuid + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.path + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.permission_type + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_attempt_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.run_success_count + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.size + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPFResponse.resources.write_access + description: '' + type: Boolean + - arguments: + - description: '' + isArray: false + name: domain_initrequest_device_id + required: true + - description: '' + isArray: false + name: domain_initrequest_origin + required: true + - description: '' + isArray: false + name: domain_initrequest_queue_offline + required: true + description: Initialize a new session with the RTR cloud. + name: cs-rtr-init-session + - arguments: + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + - description: 'Sort by spec. Ex: ''date_created|asc''.' + isArray: false + name: sort + required: false + - description: "Optional filter criteria in the form of an FQL query. For more\ + \ information about FQL queries, see our [FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).\_\ + \u201Cuser_id\u201D can accept a special value \u2018@me\u2019 which will\ + \ restrict results to records with current user\u2019s ID." + isArray: false + name: filter_ + required: false + description: Get a list of session_ids. + name: cs-rtr-list-all-sessions + outputs: + - contextPath: CrowdStrike.domainListSessionsResponseMsa.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainListSessionsResponseMsa.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainListSessionsResponseMsa.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainListSessionsResponseMsa.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainListSessionsResponseMsa.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainListSessionsResponseMsa.errors.message + description: '' + type: String + - arguments: + - description: RTR Session id + isArray: false + name: session_id + required: true + description: Get a list of files for the specified RTR session. + name: cs-rtr-list-files + outputs: + - contextPath: CrowdStrike.domainListFilesResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainListFilesResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.cloud_request_id + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.size + description: '' + type: Number + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainListFilesResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.cloud_request_id + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.id + description: '' + type: Number + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.size + description: '' + type: Number + - contextPath: CrowdStrike.domainListFilesResponseWrapper.resources.updated_at + description: '' + type: String + - arguments: + - description: Optional filter criteria in the form of an FQL query. For more + information about FQL queries, see our [FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + - description: 'Sort by spec. Ex: ''created_at|asc''.' + isArray: false + name: sort + required: false + description: Get a list of put-file ID's that are available to the user for the + `put` command. + name: cs-rtr-list-put-files + outputs: + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_idsrequest_ids + required: true + description: Get queued session metadata by session ID. + name: cs-rtr-list-queued-sessions + outputs: + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.cloud_request_id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.command_string + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.status + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.status_text + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.status + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.user_uuid + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.cloud_request_id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.command_string + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.status + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.status_text + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.Commands.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.aid + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.status + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.domainQueuedSessionResponseWrapper.resources.user_uuid + description: '' + type: String + - arguments: + - description: Optional filter criteria in the form of an FQL query. For more + information about FQL queries, see our [FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). + isArray: false + name: filter_ + required: false + - description: Starting index of overall result set from which to return ids. + isArray: false + name: offset + required: false + - description: Number of ids to return. + isArray: false + name: limit + required: false + - description: 'Sort by spec. Ex: ''created_at|asc''.' + isArray: false + name: sort + required: false + description: Get a list of custom-script ID's that are available to the user for + the `runscript` command. + name: cs-rtr-list-scripts + outputs: + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.binservclientMsaPutFileResponse.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: msa_idsrequest_ids + required: true + description: Get session metadata by session id. + name: cs-rtr-list-sessions + outputs: + - contextPath: CrowdStrike.domainSessionResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSessionResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.commands_queued + description: '' + type: Boolean + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.duration + description: '' + type: Unknown + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.cloud_request_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.command_string + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.current_directory + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.id + description: '' + type: Number + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.offline_queued + description: '' + type: Boolean + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.platform_id + description: '' + type: Number + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.pwd + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.user_uuid + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainSessionResponseWrapper.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.commands_queued + description: '' + type: Boolean + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.deleted_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.device_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.duration + description: '' + type: Unknown + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.hostname + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.base_command + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.cloud_request_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.command_string + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.created_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.current_directory + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.id + description: '' + type: Number + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.session_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.logs.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.offline_queued + description: '' + type: Boolean + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.platform_id + description: '' + type: Number + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.platform_name + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.pwd + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.updated_at + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.domainSessionResponseWrapper.resources.user_uuid + description: '' + type: String + - arguments: + - description: '' + isArray: false + name: domain_initrequest_device_id + required: true + - description: '' + isArray: false + name: domain_initrequest_origin + required: true + - description: '' + isArray: false + name: domain_initrequest_queue_offline + required: true + description: Refresh a session timeout on a single host. + name: cs-rtr-pulse-session + - arguments: + - description: ID to update + isArray: false + name: id_ + required: true + - description: custom-script file to upload. These should be powershell scripts. + isArray: false + name: file + required: false + - description: File description + isArray: false + name: description + required: false + - description: File name (if different than actual file name) + isArray: false + name: name + required: false + - description: The audit log comment + isArray: false + name: comments_for_audit_log + required: false + - description: 'Permission for the custom-script. Valid permission values: - + `private`, usable by only the user who uploaded it - `group`, usable by + all RTR Admins - `public`, usable by all active-responders and RTR admins' + isArray: false + name: permission_type + required: false + - description: The script text that you want to use to upload + isArray: false + name: content + required: false + - description: 'Platforms for the file. Currently supports: windows, mac, ' + isArray: true + name: platform + required: false + description: Upload a new scripts to replace an existing one. + name: cs-rtr-update-scripts + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: mlscanner_samplesscanparameters_samples + required: true + description: Submit a volume of files for ml scanning. Time required for analysis + increases with the number of samples in a volume but usually it should take + less than 1 minute + name: cs-scan-samples + outputs: + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.mlscannerQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of all current prevention policies for the platform specified. + The precedence will be set in the order the ids are specified + isArray: true + name: requests_setpolicyprecedencereqv1_ids + required: true + - auto: PREDEFINED + description: The name of the platform for which to set precedence + isArray: false + name: requests_setpolicyprecedencereqv1_platform_name + predefined: + - Windows + - Mac + - Linux + required: true + description: Sets the precedence of Device Control Policies based on the order + of IDs specified in the request. The first ID specified will have the highest + precedence and the last ID specified will have the lowest. You must specify + all non-Default Policies for a platform when updating precedence + name: cs-set-device-control-policies-precedence + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of all current prevention policies for the platform specified. + The precedence will be set in the order the ids are specified + isArray: true + name: requests_setpolicyprecedencereqv1_ids + required: true + - auto: PREDEFINED + description: The name of the platform for which to set precedence + isArray: false + name: requests_setpolicyprecedencereqv1_platform_name + predefined: + - Windows + - Mac + - Linux + required: true + description: Sets the precedence of Firewall Policies based on the order of IDs + specified in the request. The first ID specified will have the highest precedence + and the last ID specified will have the lowest. You must specify all non-Default + Policies for a platform when updating precedence + name: cs-set-firewall-policies-precedence + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of all current prevention policies for the platform specified. + The precedence will be set in the order the ids are specified + isArray: true + name: requests_setpolicyprecedencereqv1_ids + required: true + - auto: PREDEFINED + description: The name of the platform for which to set precedence + isArray: false + name: requests_setpolicyprecedencereqv1_platform_name + predefined: + - Windows + - Mac + - Linux + required: true + description: Sets the precedence of Prevention Policies based on the order of + IDs specified in the request. The first ID specified will have the highest precedence + and the last ID specified will have the lowest. You must specify all non-Default + Policies for a platform when updating precedence + name: cs-set-prevention-policies-precedence + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of all current prevention policies for the platform specified. + The precedence will be set in the order the ids are specified + isArray: true + name: requests_setpolicyprecedencereqv1_ids + required: true + - auto: PREDEFINED + description: The name of the platform for which to set precedence + isArray: false + name: requests_setpolicyprecedencereqv1_platform_name + predefined: + - Windows + - Mac + - Linux + required: true + description: Sets the precedence of Sensor Update Policies based on the order + of IDs specified in the request. The first ID specified will have the highest + precedence and the last ID specified will have the lowest. You must specify + all non-Default Policies for a platform when updating precedence + name: cs-set-sensor-update-policies-precedence + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: The ids of all current prevention policies for the platform specified. + The precedence will be set in the order the ids are specified + isArray: true + name: requests_setpolicyprecedencereqv1_ids + required: true + - auto: PREDEFINED + description: The name of the platform for which to set precedence + isArray: false + name: requests_setpolicyprecedencereqv1_platform_name + predefined: + - Windows + - Mac + - Linux + required: true + description: Sets the precedence of Response Policies based on the order of IDs + specified in the request. The first ID specified will have the highest precedence + and the last ID specified will have the lowest. You must specify all non-Default + Policies for a platform when updating precedence + name: cs-setrt-response-policies-precedence + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: falconx_submissionparametersv1_sandbox + required: false + - description: '' + isArray: true + name: falconx_submissionparametersv1_user_tags + required: false + description: Submit an uploaded file or a URL for sandbox analysis. Time required + for analysis varies but is usually less than 15 minutes. + name: cs-submit + outputs: + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.action_script + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.command_line + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.document_password + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.enable_tor + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_date + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_time + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.url + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.state + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_uuid + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.errors.message + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.origin + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.action_script + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.command_line + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.document_password + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.enable_tor + description: '' + type: Boolean + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.environment_id + description: '' + type: Number + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.sha256 + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.submit_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_date + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.system_time + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.sandbox.url + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.state + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_id + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_name + description: '' + type: String + - contextPath: CrowdStrike.falconxSubmissionV1Response.resources.user_uuid + description: '' + type: String + - arguments: + - description: The token's expiration time (RFC-3339). Null, if the token never + expires. + isArray: false + name: api_tokencreaterequestv1_expires_timestamp + required: false + - description: The token label. + isArray: false + name: api_tokencreaterequestv1_label + required: false + - description: The token type. + isArray: false + name: api_tokencreaterequestv1_type + required: false + description: Creates a token. + name: cs-tokenscreate + - arguments: + - description: The token ids to delete. + isArray: true + name: ids + required: true + description: Deletes a token immediately. To revoke a token, use PATCH /installation-tokens/entities/tokens/v1 + instead. + name: cs-tokensdelete + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: The offset to start retrieving records from. + isArray: false + name: offset + required: false + - description: The maximum records to return. [1-1000]. Defaults to 50. + isArray: false + name: limit + required: false + - description: The property to sort by (e.g. created_timestamp.desc). + isArray: false + name: sort + required: false + - description: The filter expression that should be used to limit the results + (e.g., `status:'valid'`). + isArray: false + name: filter_ + required: false + description: Search for tokens by providing an FQL filter and paging details. + name: cs-tokensquery + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: IDs of tokens to retrieve details for + isArray: true + name: ids + required: false + description: Gets the details of one or more tokens by id. + name: cs-tokensread + outputs: + - contextPath: CrowdStrike.apitokenDetailsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apitokenDetailsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.expires_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.label + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.last_used_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.revoked_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apitokenDetailsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.expires_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.label + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.last_used_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.revoked_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.status + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apitokenDetailsResponseV1.resources.value + description: '' + type: String + - arguments: + - description: The token ids to update. + isArray: true + name: ids + required: true + - description: The token's expiration time (RFC-3339). Null, if the token never + expires. + isArray: false + name: api_tokenpatchrequestv1_expires_timestamp + required: false + - description: The token label. + isArray: false + name: api_tokenpatchrequestv1_label + required: false + - description: Set to true to revoke the token, false to un-revoked it. + isArray: false + name: api_tokenpatchrequestv1_revoked + required: false + description: Updates one or more tokens. Use this endpoint to edit labels, change + expiration, revoke, or restore. + name: cs-tokensupdate + outputs: + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaQueryResponse.errors.message + description: '' + type: String + - arguments: + - auto: PREDEFINED + description: Scan Type to do + isArray: false + name: scan_type + predefined: + - cluster-refresh + - dry-run + - full + required: true + description: Triggers a dry run or a full scan of a customer's kubernetes footprint + name: cs-trigger-scan + - arguments: + - description: '' + isArray: false + name: domain_updateactionrequest_frequency + required: true + - description: '' + isArray: false + name: domain_updateactionrequest_id + required: true + - description: '' + isArray: true + name: domain_updateactionrequest_recipients + required: true + - description: '' + isArray: false + name: domain_updateactionrequest_status + required: true + description: Update an action for a monitoring rule. + name: cs-update-actionv1 + outputs: + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.cid + description: The ID of the customer who created the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.created_timestamp + description: The date when the action was created + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.frequency + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.id + description: The ID of the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.rule_id + description: The ID of the rule on which this action is attached + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.status + description: The action status. It can be either 'enabled' or 'muted'. + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.type + description: The action type. The only type currently supported is 'email' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.updated_timestamp + description: The date when the action was updated + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.user_uuid + description: The UUID of the user who created the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.cid + description: The ID of the customer who created the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.created_timestamp + description: The date when the action was created + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.frequency + description: '' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.id + description: The ID of the action + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.rule_id + description: The ID of the rule on which this action is attached + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.status + description: The action status. It can be either 'enabled' or 'muted'. + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.type + description: The action type. The only type currently supported is 'email' + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.updated_timestamp + description: The date when the action was updated + type: String + - contextPath: CrowdStrike.domainActionEntitiesResponseV1.resources.user_uuid + description: The UUID of the user who created the action + type: String + - arguments: + - description: '' + isArray: false + name: domain_detectsentitiespatchrequest_assigned_to_uuid + required: false + - description: '' + isArray: false + name: domain_detectsentitiespatchrequest_comment + required: false + - description: '' + isArray: true + name: domain_detectsentitiespatchrequest_ids + required: false + - description: '' + isArray: false + name: domain_detectsentitiespatchrequest_show_in_ui + required: false + - description: '' + isArray: false + name: domain_detectsentitiespatchrequest_status + required: false + description: Modify the state, assignee, and visibility of detections + name: cs-update-detects-by-idsv2 + outputs: + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: A collection of policies to update + isArray: true + name: requests_updatedevicecontrolpoliciesv1_resources + required: true + description: Update Device Control Policies by specifying the ID of the policy + and details to update + name: cs-update-device-control-policies + outputs: + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesDeviceControlPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: '' + isArray: false + name: domain_updatedevicetagsrequestv1_action + required: true + - description: '' + isArray: true + name: domain_updatedevicetagsrequestv1_device_ids + required: true + - description: '' + isArray: true + name: domain_updatedevicetagsrequestv1_tags + required: true + description: Append or remove one or more Falcon Grouping Tags on one or more + hosts. + name: cs-update-device-tags + outputs: + - contextPath: CrowdStrike.msaEntitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaEntitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaEntitiesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaEntitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaEntitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaEntitiesResponse.errors.message + description: '' + type: String + - arguments: + - description: A collection of policies to update + isArray: true + name: requests_updatefirewallpoliciesv1_resources + required: true + description: Update Firewall Policies by specifying the ID of the policy and details + to update + name: cs-update-firewall-policies + outputs: + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.channel_version + description: Channel file version for the policy + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.rule_set_id + description: Firewall rule set id. This id combines several firewall rules and + gets attached to the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.channel_version + description: Channel file version for the policy + type: Number + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesFirewallPoliciesV1.resources.rule_set_id + description: Firewall rule set id. This id combines several firewall rules and + gets attached to the policy + type: String + - arguments: + - description: A collection of groups to update + isArray: true + name: requests_updategroupsv1_resources + required: true + description: Update Host Groups by specifying the ID of the group and details + to update + name: cs-update-host-groups + outputs: + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesHostGroupsV1.resources.name + description: The name of the group + type: String + - arguments: + - description: The unique ID of the user who is assigned to this notification + isArray: false + name: domain_updatenotificationrequestv1_assigned_to_uuid + required: true + - description: The ID of the notifications + isArray: false + name: domain_updatenotificationrequestv1_id + required: true + - description: 'The notification status. This can be one of: new, in-progress, + closed-false-positive, closed-true-positive.' + isArray: false + name: domain_updatenotificationrequestv1_status + required: true + description: Update notification status or assignee. Accepts bulk requests + name: cs-update-notificationsv1 + outputs: + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uid + description: The email of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_username + description: The name of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uuid + description: The unique ID of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.created_date + description: The date when the notification was generated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.id + description: The ID of the notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_date + description: Timestamp when the intelligence item is considered to have been + posted + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_id + description: ID of the intelligence item which generated the match + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_type + description: Type of intelligence item based on format, e.g. post, reply, botnet_config + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_id + description: The ID of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_name + description: The name of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_priority + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_topic + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.status + description: 'The notification status. This can be one of: new, in-progress, + closed-false-positive, closed-true-positive.' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.updated_date + description: The date when the notification was updated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uid + description: The email of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_username + description: The name of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.assigned_to_uuid + description: The unique ID of the user who is assigned to this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.created_date + description: The date when the notification was generated + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.id + description: The ID of the notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_date + description: Timestamp when the intelligence item is considered to have been + posted + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_id + description: ID of the intelligence item which generated the match + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.item_type + description: Type of intelligence item based on format, e.g. post, reply, botnet_config + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_id + description: The ID of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_name + description: The name of the rule that generated this notification + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_priority + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.rule_topic + description: '' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.status + description: 'The notification status. This can be one of: new, in-progress, + closed-false-positive, closed-true-positive.' + type: String + - contextPath: CrowdStrike.domainNotificationEntitiesResponseV1.resources.updated_date + description: The date when the notification was updated + type: String + - arguments: + - description: A collection of policies to update + isArray: true + name: requests_updatepreventionpoliciesv1_resources + required: true + description: Update Prevention Policies by specifying the ID of the policy and + details to update + name: cs-update-prevention-policies + outputs: + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesPreventionPoliciesV1.resources.prevention_settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: The filter to be used for searching + isArray: false + name: domain_updaterulerequestv1_filter + required: true + - description: The rule ID to be updated + isArray: false + name: domain_updaterulerequestv1_id + required: true + - description: The name of a particular rule + isArray: false + name: domain_updaterulerequestv1_name + required: true + - description: 'The permissions for a particular rule which specifies the rule''s + access by other users. Possible values: [private public]' + isArray: false + name: domain_updaterulerequestv1_permissions + required: true + - description: 'The priority for a particular rule. Possible values: [low medium + high]' + isArray: false + name: domain_updaterulerequestv1_priority + required: true + description: Update monitoring rules. + name: cs-update-rulesv1 + outputs: + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.created_timestamp + description: The creation time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.filter + description: The FQL filter contained in a rule and used for searching + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.id + description: The ID of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.name + description: The name for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.permissions + description: The permissions of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.priority + description: The priority of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status + description: The status of a rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status_message + description: The detailed status message + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.topic + description: The topic of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.updated_timestamp + description: The last updated time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_id + description: The user ID of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_name + description: The user name of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_uuid + description: The UUID of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.field + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.details.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.errors.message_key + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.created_timestamp + description: The creation time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.filter + description: The FQL filter contained in a rule and used for searching + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.id + description: The ID of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.name + description: The name for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.permissions + description: The permissions of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.priority + description: The priority of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status + description: The status of a rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.status_message + description: The detailed status message + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.topic + description: The topic of a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.updated_timestamp + description: The last updated time for a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_id + description: The user ID of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_name + description: The user name of the user that created a given rule + type: String + - contextPath: CrowdStrike.domainRulesEntitiesResponseV1.resources.user_uuid + description: The UUID of the user that created a given rule + type: String + - arguments: + - description: A collection of policies to update + isArray: true + name: requests_updatesensorupdatepoliciesv1_resources + required: true + description: Update Sensor Update Policies by specifying the ID of the policy + and details to update + name: cs-update-sensor-update-policies + outputs: + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: A collection of policies to update + isArray: true + name: requests_updatesensorupdatepoliciesv2_resources + required: true + description: Update Sensor Update Policies by specifying the ID of the policy + and details to update with additional support for uninstall protection + name: cs-update-sensor-update-policiesv2 + outputs: + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesSensorUpdatePoliciesV2.resources.platform_name + description: The name of the platform + type: String + - arguments: + - description: '' + isArray: false + name: requests_svexclusionupdatereqv1_comment + required: false + - description: '' + isArray: true + name: requests_svexclusionupdatereqv1_groups + required: false + - description: '' + isArray: false + name: requests_svexclusionupdatereqv1_id + required: true + - description: '' + isArray: false + name: requests_svexclusionupdatereqv1_value + required: false + description: Update the sensor visibility exclusions + name: cs-update-sensor-visibility-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesSvExclusionRespV1.resources.value_hash + description: '' + type: String + - arguments: + - description: ID of a user. Find a user's ID from `/users/entities/user/v1`. + isArray: false + name: user_uuid + required: true + - description: '' + isArray: false + name: domain_updateuserfields_firstname + required: false + - description: '' + isArray: false + name: domain_updateuserfields_lastname + required: false + description: Modify an existing user's first or last name + name: cs-update-user + outputs: + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.customer + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.firstName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.lastName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uid + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uuid + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.customer + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.firstName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.lastName + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uid + description: '' + type: String + - contextPath: CrowdStrike.domainUserMetaDataResponse.resources.uuid + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: domain_usergroupsrequestv1_resources + required: true + description: Update existing User Group(s). User Group ID is expected for each + User Group definition provided in request body. User Group member(s) remain + unaffected. + name: cs-update-user-groups + outputs: + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.user_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainUserGroupsResponseV1.resources.user_group_id + description: '' + type: String + - arguments: + - description: AWS Account ID + isArray: true + name: ids + required: true + - description: Default Region for Account Automation + isArray: false + name: region + required: false + description: Updates the AWS account per the query meters provided + name: cs-updateaws-account + outputs: + - contextPath: CrowdStrike.msaBaseEntitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaBaseEntitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaBaseEntitiesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.msaBaseEntitiesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.msaBaseEntitiesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.msaBaseEntitiesResponse.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: models_updateawsaccountsv1_resources + required: true + description: Update AWS Accounts by specifying the ID of the account and details + to update + name: cs-updateaws-accounts + outputs: + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.alias + description: Alias/Name associated with the account. This is only updated once + the account is in a registered state. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_stack_id + description: Unique identifier for the cloudformation stack id used for provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_url + description: URL of the CloudFormation template to execute. This is returned + when mode is to set 'cloudformation' when provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the S3 bucket containing + cloudtrail logs for this account. If this field is set, it takes precedence + of the settings level field. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_region + description: Region where the S3 bucket containing cloudtrail logs resides. + This is only set if using cloudformation to provision and create the trail. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.created_timestamp + description: Timestamp of when the account was first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_modified_timestamp + description: Timestamp of when the account was last modified. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_scanned_timestamp + description: Timestamp of when the account was scanned. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.policy_version + description: Current version of permissions associated with IAM role and granted + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.provisioning_state + description: Provisioning state of the account. Values can be; initiated, registered, + unregistered. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_reqs + description: Rate limiting setting to control the maximum number of requests + that can be made within the rate_limit_time duration. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_time + description: Rate limiting setting to control the number of seconds for which + rate_limit_reqs applies. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.template_version + description: Current version of cloudformation template used to manage access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.alias + description: Alias/Name associated with the account. This is only updated once + the account is in a registered state. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_stack_id + description: Unique identifier for the cloudformation stack id used for provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudformation_url + description: URL of the CloudFormation template to execute. This is returned + when mode is to set 'cloudformation' when provisioning. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_owner_id + description: The 12 digit AWS account which is hosting the S3 bucket containing + cloudtrail logs for this account. If this field is set, it takes precedence + of the settings level field. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.cloudtrail_bucket_region + description: Region where the S3 bucket containing cloudtrail logs resides. + This is only set if using cloudformation to provision and create the trail. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.created_timestamp + description: Timestamp of when the account was first provisioned within CrowdStrike's + system.' + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.external_id + description: ID assigned for use with cross account IAM role access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.iam_role_arn + description: The full arn of the IAM role created in this account to control + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.id + description: 12 digit AWS provided unique identifier for the account. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_modified_timestamp + description: Timestamp of when the account was last modified. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.last_scanned_timestamp + description: Timestamp of when the account was scanned. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.policy_version + description: Current version of permissions associated with IAM role and granted + access. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.provisioning_state + description: Provisioning state of the account. Values can be; initiated, registered, + unregistered. + type: String + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_reqs + description: Rate limiting setting to control the maximum number of requests + that can be made within the rate_limit_time duration. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.rate_limit_time + description: Rate limiting setting to control the number of seconds for which + rate_limit_reqs applies. + type: Number + - contextPath: CrowdStrike.modelsAWSAccountsV1.resources.template_version + description: Current version of cloudformation template used to manage access. + type: String + - arguments: + - description: '' + isArray: true + name: domain_cidgroupsrequestv1_resources + required: true + description: Update existing CID Group(s). CID Group ID is expected for each CID + Group definition provided in request body. CID Group member(s) remain unaffected. + name: cs-updatecid-groups + outputs: + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.cid_group_id + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.domainCIDGroupsResponseV1.resources.name + description: '' + type: String + - arguments: + - description: Tenant ID to update client ID for. Required if multiple tenants + are registered. + isArray: false + name: tenant_id + required: false + - description: Default Subscription ID to patch for all subscriptions belonged + to a tenant. + isArray: false + name: subscription_id + required: true + description: Update an Azure default subscription_id in our system for given tenant_id + name: cs-updatecspm-azure-tenant-default-subscriptionid + - arguments: + - description: '' + isArray: true + name: registration_policyrequestextv1_resources + required: true + description: Updates a policy setting - can be used to override policy severity + or to disable a policy entirely. + name: cs-updatecspm-policy-settings + outputs: + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.default_severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.account_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tag_excluded + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tenant_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_type + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cid + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cis_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.cloud_service_subtype + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.default_severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.nist_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.benchmark_short + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.pci_benchmark.recommendation_number + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_id + description: '' + type: Number + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.account_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.severity + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tag_excluded + description: '' + type: Boolean + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_settings.tenant_id + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationPolicySettingsResponseV1.resources.policy_type + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: registration_scanscheduleupdaterequestv1_resources + required: true + description: Updates scan schedule configuration for one or more cloud platforms. + name: cs-updatecspm-scan-schedule + outputs: + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.cloud_platform + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.next_scan_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.scan_schedule + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.cloud_platform + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.next_scan_timestamp + description: '' + type: String + - contextPath: CrowdStrike.registrationScanScheduleResponseV1.resources.scan_schedule + description: '' + type: String + - arguments: + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_cl_regex + required: true + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_comment + required: false + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_description + required: true + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_detection_json + required: true + - description: '' + isArray: true + name: requests_ioaexclusionupdatereqv1_groups + required: true + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_id + required: true + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_ifn_regex + required: true + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_name + required: true + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_pattern_id + required: true + - description: '' + isArray: false + name: requests_ioaexclusionupdatereqv1_pattern_name + required: true + description: Update the IOA exclusions + name: cs-updateioa-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.cl_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.detection_json + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.ifn_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_name + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.cl_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.description + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.detection_json + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.ifn_regex + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.responsesIoaExclusionRespV1.resources.pattern_name + description: '' + type: String + - arguments: + - description: '' + isArray: false + name: api_iocviewrecord_batch_id + required: false + - description: '' + isArray: false + name: api_iocviewrecord_created_by + required: false + - description: '' + isArray: false + name: api_iocviewrecord_created_timestamp + required: false + - description: '' + isArray: false + name: api_iocviewrecord_description + required: false + - description: '' + isArray: false + name: api_iocviewrecord_expiration_days + required: false + - description: '' + isArray: false + name: api_iocviewrecord_expiration_timestamp + required: false + - description: '' + isArray: false + name: api_iocviewrecord_modified_by + required: false + - description: '' + isArray: false + name: api_iocviewrecord_modified_timestamp + required: false + - description: '' + isArray: false + name: api_iocviewrecord_policy + required: false + - description: '' + isArray: false + name: api_iocviewrecord_share_level + required: false + - description: '' + isArray: false + name: api_iocviewrecord_source + required: false + - description: '' + isArray: false + name: api_iocviewrecord_type + required: false + - description: '' + isArray: false + name: api_iocviewrecord_value + required: false + - description: ' The type of the indicator. Valid types include: sha256: A hex-encoded + sha256 hash string. Length - min: 64, max: 64. md5: A hex-encoded md5 hash + string. Length - min 32, max: 32. domain: A domain name. Length - min: 1, + max: 200. ipv4: An IPv4 address. Must be a valid IP address. ipv6: An IPv6 + address. Must be a valid IP address. ' + isArray: false + name: type_ + required: true + - description: The string representation of the indicator + isArray: false + name: value + required: true + description: ' DEPRECATED Use the new IOC Management endpoint (PATCH /iocs/entities/indicators/v1). Update + an IOC by providing a type and value.' + name: cs-updateioc + outputs: + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.batch_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_days + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.policy + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.share_level + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.value + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.batch_id + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.created_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_days + description: '' + type: Number + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.expiration_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.modified_timestamp + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.policy + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.share_level + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.source + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.type + description: '' + type: String + - contextPath: CrowdStrike.apiMsaReplyIOC.resources.value + description: '' + type: String + - arguments: + - description: '' + isArray: false + name: requests_svexclusionupdatereqv1_comment + required: false + - description: '' + isArray: true + name: requests_svexclusionupdatereqv1_groups + required: false + - description: '' + isArray: false + name: requests_svexclusionupdatereqv1_id + required: true + - description: '' + isArray: false + name: requests_svexclusionupdatereqv1_value + required: false + description: Update the ML exclusions + name: cs-updateml-exclusionsv1 + outputs: + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value_hash + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.applied_globally + description: '' + type: Boolean + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.last_modified + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.regexp_value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.responsesMlExclusionRespV1.resources.value_hash + description: '' + type: String + - arguments: + - description: The user id + isArray: false + name: X_CS_USERNAME + required: true + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_default_inbound + required: true + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_default_outbound + required: true + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_enforce + required: true + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_is_default_policy + required: false + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_platform_id + required: true + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_policy_id + required: true + - description: '' + isArray: true + name: fwmgr_api_policycontainerupsertrequestv1_rule_group_ids + required: true + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_test_mode + required: true + - description: '' + isArray: false + name: fwmgr_api_policycontainerupsertrequestv1_tracking + required: false + description: Update an identified policy container + name: cs-updatepolicycontainer + outputs: + - contextPath: CrowdStrike.fwmgrmsaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrmsaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaReplyMetaOnly.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaReplyMetaOnly.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrmsaReplyMetaOnly.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrmsaReplyMetaOnly.errors.message + description: '' + type: String + - arguments: + - description: A collection of policies to update + isArray: true + name: requests_updatertresponsepoliciesv1_resources + required: true + description: Update Response Policies by specifying the ID of the policy and details + to update + name: cs-updatert-response-policies + outputs: + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.description + description: The description of a policy. Use this field to provide a high level + summary of what this policy enforces + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.enabled + description: If a policy is enabled it will be used during the course of policy + evaluation + type: Boolean + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.assignment_rule + description: The assignment rule of a group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_by + description: The email of the user which created the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.created_timestamp + description: The time at which the policy was created + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.description + description: An additional description of the group or the devices it targets + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.group_type + description: The method by which this host group is managed + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.id + description: The identifier of this host group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.groups.name + description: The name of the group + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.id + description: The unique id of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_by + description: The email of the user which last modified the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.modified_timestamp + description: The time at which the policy was last modified + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.name + description: The human readable name of the policy + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.platform_name + description: The name of the platform + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.name + description: The name of the category + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.description + description: The human readable description of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.id + description: The id of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.name + description: The name of the setting + type: String + - contextPath: CrowdStrike.responsesRTResponsePoliciesV1.resources.settings.settings.type + description: The type of the setting which can be used as a hint when displaying + in the UI + type: String + - arguments: + - description: The user id + isArray: false + name: X_CS_USERNAME + required: true + - description: Audit log comment for this action + isArray: false + name: comment + required: false + - description: '' + isArray: true + name: fwmgr_api_rulegroupmodifyrequestv1_diff_operations + required: true + - description: '' + isArray: false + name: fwmgr_api_rulegroupmodifyrequestv1_diff_type + required: true + - description: '' + isArray: false + name: fwmgr_api_rulegroupmodifyrequestv1_id + required: true + - description: '' + isArray: true + name: fwmgr_api_rulegroupmodifyrequestv1_rule_ids + required: true + - description: '' + isArray: true + name: fwmgr_api_rulegroupmodifyrequestv1_rule_versions + required: true + - description: '' + isArray: false + name: fwmgr_api_rulegroupmodifyrequestv1_tracking + required: true + description: Update name, description, or enabled status of a rule group, or create, + edit, delete, or reorder rules + name: cs-updaterulegroup + outputs: + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.fwmgrapiQueryResponse.errors.message + description: '' + type: String + - arguments: + - description: '' + isArray: false + name: api_rulegroupmodifyrequestv1_comment + required: true + - description: '' + isArray: false + name: api_rulegroupmodifyrequestv1_description + required: true + - description: '' + isArray: false + name: api_rulegroupmodifyrequestv1_enabled + required: true + - description: '' + isArray: false + name: api_rulegroupmodifyrequestv1_id + required: true + - description: '' + isArray: false + name: api_rulegroupmodifyrequestv1_name + required: true + - description: '' + isArray: false + name: api_rulegroupmodifyrequestv1_rulegroup_version + required: true + description: 'Update a rule group. The following properties can be modified: name, + description, enabled.' + name: cs-updaterulegroup-mixin0 + outputs: + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.version + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.platform + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.description + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.rules.ruletype_name + description: '' + type: String + - contextPath: CrowdStrike.apiRuleGroupsResponse.resources.version + description: '' + type: Number + - arguments: + - description: '' + isArray: false + name: api_ruleupdatesrequestv1_comment + required: true + - description: '' + isArray: true + name: api_ruleupdatesrequestv1_rule_updates + required: true + - description: '' + isArray: false + name: api_ruleupdatesrequestv1_rulegroup_id + required: true + - description: '' + isArray: false + name: api_ruleupdatesrequestv1_rulegroup_version + required: true + description: Update rules within a rule group. Return the updated rules. + name: cs-updaterules + outputs: + - contextPath: CrowdStrike.apiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.action_label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.comment + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.committed_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.created_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.customer_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.deleted + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.description + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.disposition_id + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.enabled + description: '' + type: Boolean + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.final_value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.type + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.label + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.field_values.values.value + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.instance_version + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.magic_cookie + description: '' + type: Number + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_by + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.modified_on + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.pattern_severity + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.rulegroup_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_id + description: '' + type: String + - contextPath: CrowdStrike.apiRulesResponse.resources.ruletype_name + description: '' + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: 'Content of the uploaded sample in binary format. For example, + use `--data-binary @$FILE_PATH` when using cURL. Max file size: 100 MB. Accepted + file formats: - Portable executables: `.exe`, `.scr`, `.pif`, `.dll`, `.com`, + `.cpl`, etc. - Office documents: `.doc`, `.docx`, `.ppt`, `.pps`, `.pptx`, + `.ppsx`, `.xls`, `.xlsx`, `.rtf`, `.pub` - PDF - APK - Executable JAR - Windows + script component: `.sct` - Windows shortcut: `.lnk` - Windows help: `.chm` + - HTML application: `.hta` - Windows script file: `.wsf` - Javascript: `.js` + - Visual Basic: `.vbs`, `.vbe` - Shockwave Flash: `.swf` - Perl: `.pl` - + Powershell: `.ps1`, `.psd1`, `.psm1` - Scalable vector graphics: `.svg` - + Python: `.py` - Linux ELF executables - Email files: MIME RFC 822 `.eml`, + Outlook `.msg`.' + isArray: true + name: body + required: true + - description: The binary file. + isArray: false + name: upfile + required: true + - description: Name of the file. + isArray: false + name: file_name + required: true + - description: A descriptive comment to identify the file for other users. + isArray: false + name: comment + required: false + - description: 'Defines visibility of this file in Falcon MalQuery, either via + the API or the Falcon console. - `true`: File is only shown to users within + your customer account - `false`: File can be seen by other CrowdStrike customers Default: + `true`.' + isArray: false + name: is_confidential + required: false + description: Upload a file for sandbox analysis. After uploading, use `/falconx/entities/submissions/v1` + to start analyzing the file. + name: cs-upload-samplev2 + outputs: + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.file_name + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.file_name + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.sha256 + description: '' + type: String + - arguments: + - description: User UUID + isArray: false + name: X_CS_USERUUID + required: false + - description: 'Content of the uploaded sample in binary format. For example, + use `--data-binary @$FILE_PATH` when using cURL. Max file size: 100 MB. Accepted + file formats: - Portable executables: `.exe`, `.scr`, `.pif`, `.dll`, `.com`, + `.cpl`, etc. - Office documents: `.doc`, `.docx`, `.ppt`, `.pps`, `.pptx`, + `.ppsx`, `.xls`, `.xlsx`, `.rtf`, `.pub` - PDF - APK - Executable JAR - Windows + script component: `.sct` - Windows shortcut: `.lnk` - Windows help: `.chm` + - HTML application: `.hta` - Windows script file: `.wsf` - Javascript: `.js` + - Visual Basic: `.vbs`, `.vbe` - Shockwave Flash: `.swf` - Perl: `.pl` - + Powershell: `.ps1`, `.psd1`, `.psm1` - Scalable vector graphics: `.svg` - + Python: `.py` - Linux ELF executables - Email files: MIME RFC 822 `.eml`, + Outlook `.msg`.' + isArray: true + name: body + required: true + - description: The binary file. + isArray: false + name: upfile + required: true + - description: Name of the file. + isArray: false + name: file_name + required: true + - description: A descriptive comment to identify the file for other users. + isArray: false + name: comment + required: false + - description: 'Defines visibility of this file in Falcon MalQuery, either via + the API or the Falcon console. - `true`: File is only shown to users within + your customer account - `false`: File can be seen by other CrowdStrike customers Default: + `true`.' + isArray: false + name: is_confidential + required: false + description: Upload a file for further cloud analysis. After uploading, call the + specific analysis API endpoint. + name: cs-upload-samplev3 + outputs: + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.file_name + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.sha256 + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.id + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.errors.message + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.file_name + description: '' + type: String + - contextPath: CrowdStrike.samplestoreSampleMetadataResponseV2.resources.sha256 + description: '' + type: String + - arguments: + - description: '' + isArray: true + name: api_validationrequestv1_fields + required: true + description: Validates field values and checks for matches if a test string is + provided. + name: cs-validate + outputs: + - contextPath: CrowdStrike.apiValidationResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiValidationResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.bytes + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.error + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.matches_test + description: '' + type: Boolean + - contextPath: CrowdStrike.apiValidationResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.test_data + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.valid + description: '' + type: Boolean + - contextPath: CrowdStrike.apiValidationResponseV1.resources.value + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.apiValidationResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.bytes + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.error + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.matches_test + description: '' + type: Boolean + - contextPath: CrowdStrike.apiValidationResponseV1.resources.name + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.test_data + description: '' + type: String + - contextPath: CrowdStrike.apiValidationResponseV1.resources.valid + description: '' + type: Boolean + - contextPath: CrowdStrike.apiValidationResponseV1.resources.value + description: '' + type: String + - arguments: + - description: IDs of accounts to verify access on + isArray: true + name: ids + required: true + description: Performs an Access Verification check on the specified AWS Account + IDs + name: cs-verifyaws-account-access + outputs: + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.resources.reason + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.resources.successful + description: '' + type: Boolean + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.errors.code + description: '' + type: Number + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.errors.id + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.errors.message + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.resources.id + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.resources.reason + description: '' + type: String + - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.resources.successful + description: '' + type: Boolean + dockerimage: demisto/python3:3.9.6.22912 + isfetch: false + script: '' + subtype: python3 + type: python +beta: true +fromversion: 6.0.0 +tests: +- CrowdStrike OpenAPI - Test \ No newline at end of file diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_description.md b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_description.md new file mode 100644 index 000000000000..a74b2e976bf7 --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_description.md @@ -0,0 +1,7 @@ +To use the CrowdStrike OpenAPI integration, you need the ID and secret of an API client that has right scopes granted to it. + +For more details, refer to the [CrowdStrike OAuth2-Based APIs documentation](https://falcon.crowdstrike.com/support/documentation/46/crowdstrike-oauth2-based-apis). + +This integration was auto generated from the CrowdStrike Falcon OpenAPI specification and is not fully tested. + +Note: This is a beta Integration, which lets you implement and test pre-release software. Since the integration is beta, it might contain bugs. Updates to the integration during the beta phase might include non-backward compatible features. We appreciate your feedback on the quality and usability of the integration to help us identify issues, fix them, and continually improve. \ No newline at end of file diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_image.png b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_image.png new file mode 100644 index 0000000000000000000000000000000000000000..42dde6b74ce9a4b2c6ccdd1cbd8db455934651d6 GIT binary patch literal 4182 zcmaKwXEYlO!-i2ailkzXK1#KzOt00{{R-3v{K;lJ(wZ^Wr7Nk~Wu`A>EK z9i-ldP&Ja8F-{^02@v=KqH63C*IDstzE{NpX&XvR2)#6s}=d#eKK`F_?2J~PvzRG`}H zL)RvW28p%?@2)efd`PWicB(!|Kx8248oQ@+w!fj=sZ^TKbszV1cJ#}r;EgmH(0unH z$y-l{BKfTm_F<;roZhNYk*!fk%K)`WI&Incz2@JteFj@nSOWNE~ST@qi4IF zTm>0OK_(CKDL8)|#|o7?oDQ(qT;p!#$(dbc+i2L$@Cy|Nhwh}C7o|zpyX5vqrYVQ;$WA+e# z0c9?rZKjYzg4y@ia^oU%KQ8o=#o^7oCR5Uhy7EC_IL;l67 z?(Z~ejoVrii`@ZArz~_=8Jc*D07ZyO+rgnbE7Md1KWzB~Rd}x#z z>5{ZnE@LM6u}A2{)lKERBbTfh{Q^UNEV?t3FP|fDm$A1!lsd~pPxVQ@On_{bDhbXZ ze`bjA1mYM;>YwwYFvNw9RpQTHYAon)9Q6OO1%+)K5l+Yk*6U9u+F1iWQZnD%GcXsN zz2B}eOB~2FS}3pB{%l#|v%28N<6T4SkfBP9`Reu_V&jthx=xso7Q$KAv+6@`rJ?Gd z5(Q>y(u1y4b+&*}GyE=$h+y+YOanu7G;(CGJ|0kiikl4V^yyjIMGR5Nm*offW5n76 z$B{~0?`>b-gC#H9`s#&C$j`7AH{sLjLTS+C(6k&bl%|Oae1Mv-L2UP^;)8A+yMbV0 zxzq>ACQFwQ{d05hv7Y^Y&aHG4o zWS;BK^suhw7O^EM!^Q*OFttOUJQScRiDmSL3xL{ma9F`@z-hZo6@=2T? z^Xn0!Yz=#n5oi$Tu!%MvG3!7UUzZyD@;j}pesTJGASbLE6-=ye325c6zX1-5*KV&o zdx>%|#2b$Usi5xxuZ=j^l_F5H+rgp*^Zh0`x~bpXo6lIdOEq@=7H0`vwpe@iB&w&; zRN3!(uFMVxsym(xTFrDX8z||N$dDr$T?<~tP zE1u#rCmtRc(5E7!1pj)!r$!>r!o!U+zQ)VyW~Gu!pmsItFUO6weFX*!{?nb?qaa)+ zLB*B?R#IfRrv1SG!m|9_b(k`1p4AKd$}PIUJP0N9OpeN54UFgF>Ma-8-wrw1Zt~jT`G(=XnOa zQKUQw1=u&F3kRFmAjeEfSkfXZJh#DXjTjX;x*xaPYSt^<0=v8qH+1HGObZw`QWO9$ z^Q>g(YDV%ZR0dh|<#5C)$jj$j3#3Om7kN3O15`m(u*s~dpvC-tW$&H_RI)4nZC)|T zQaFV$oO=A=0;$mGUC2>29X+@lhh&r-JTK>|GZHfs4(zVlNtS;wpqI=0)ih$fXS*9D zleD8^qouj6s6^c{;MrVkt$SG>Z}9*RPz~dtC;n}gZQ)!q1hpF#HO2WXS;{uhV;z-< z^tG;cwQkSZT~cq(fj*ic0=6c0`Z9C?Tz>XCA;%kWI$1YY9zWq-AzPdGYCkxXyW{ju`56XCSyi-#2}_DAc+ z{Ota}5lfjF(F-RA}wFKfv-Gww&WrD9x zyg6dl@TTW&^$=alokDq+bx^4n1){49D0I;p8zvgG~LARj6RNK|=>IqOZ5eyP`_-z&#OmLV_poawt zJWS2y+f=Y#oOEShX4+QZF}?&!{AT~GQoEBgB&JXx(3GE-_VO8|Ri)rsDmm)?FU_;! zX)NpRI18Y}W0)GYE3i1x$w`;zk`s$}EJQ9GQVoymOie9Q$|$ervQUiq%_&F|1B4=p zaBA1!N763A#d16Rm5^nj;jd0H348Z+Ug^(w*|F`E`*kyc8pE< zDyfsH=@>F;Xn%zft)#*_%;w>?sX-M&xHN?W3V;i0Uxg!S#H+v8F#!3O(p94FAXN4K zK-X5pDCWx!J`haAyB>X+-(9@O?xA+-xTdMOzCB7{Fq0l(D43T@TW%xY)pg3J1I;k{t@YV4i*QhBuFdEYwCBxJ+<;k!r&8KU)_a=F@Ycg*Ln>vjTzj_^f?76vhtL`ucJIeb2(*8x(2` zdS5HKcOHri%B%?cKNmgy0|wg+*mbmMPB2_g0c9L0o~CN7tk*rOQ%AT}7d@fb>j9A> zS3ccIpoWQTll`RcM&mPqwwU6*z;#=S_VK1JlOT%B_Hn{%SIjiO?spB7#~c_n0OyZU zBi(}vi+7(Jb`SY~s0lMRHyfym?BHV5c2mNkR=RnYlQ-+60U$Lg$gG%$qa{ASvY3Q> zE)>|Hf%kJgo|O(9DEJUL<)@#@UF8&0yU`ctDh0yM*?kwwHtrG}1$}z6k7cKFPaYcn z70mz5lVPu!^D7JWE_=xc(DDz1baIHvN=hnLmkt$q_xaL$Y0sC`JZZytj+)RzO6yZ7 z=*K$5>V41WP(mqzFTx1!*xfniRdT;lxLdjRWwW}Arh)2f0B!u!(^pLkr-R*lGH7Oe z7{R8ny2r7^)ZcW)Iakw+geJ_4VentR~^j&V(6gX|F zTJbcm|6CsY^7V7LRThnCD^Ob|=tetLunWI7^Xn|1YjAAa@#MuwgRNtD$oC<7FvK)B z1*%`tx_#84s&{4G8+L(|a}UulS&Drc-#sGPH*`Yg2k^{&Wdl>UxJV?p`3|lm#-!io z(7GiUZoE8+5|f?Ayk#6a0_XiRp3&(SG$__>aBqZ3zL(05{=&h{vz@%JQ(hV#?6&3K zg!N3wmR!O#Sv2dR1m)XS!^(wza>!6yQQb(l25nUzz4SRdbrzx4f-qqyd<6v^ zT7hZXpwiaN`&rRc9{qAN!w)^)ovkg{eSJ#T9!(=xE4Fh~_fq$J082|_ebROD6%O!` zU!u=0RFMHm=>QAc`l}~Bqxv8QB4`!e`^$Ym_&Ra65mYfP0w`vPeJVe@lc@s=JT0U|ws--tCK}$c2|>W@(mrg-XMK2MHQ{1@jY^2qAf?CXwHI6{LCnwIWOu69&jbfs-%!K*vVon)cA-W?4=$rt}H*!ix5Z3?U^6 zj;4@2s))H#dwckP=hUE&aI4|4`Xf7=6LA;1GGzP~@mAowW^MyinDTqRyG_>>>O?A?69$CI;s)X&S@#5{pnf5^X#uu&3oFaS0B?*jXsn~;AK*}xC zT&|6@=B}2hQ3RS{RQXAKIq)gP#S>C5dq6~g3^)=JW)mheHD!2%beHmBpub`mub~SP z^TJ4?c>&BIx4SdKGHhcRW<}L^_RhSp(o>B)Bk@k<3ikzsbOJvjh zBPxV??XG}#Jf&xI9u9@4Wo9XB@~U@47!UK*G?S``4{A~KZ<`}gtflBQAvlZn z2fZ=_y_b7hY$XMzitcAX7q3A}m{#f6pkH0VSUNJY_!nYUmFeYIy^kX|Gp+8>(O&%Q z$TdBC_-7iC`U-smPn!T|=q;Fj+e#!F*2rv`Vjv@*C%DtDyxwF`|EFpLizXulUWC8SZygC4~MDaGAjKr)}SE?D$O_ Sv;I8_NM1bGh196ohW{VSv=IFO literal 0 HcmV?d00001 diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_test.py b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_test.py new file mode 100644 index 000000000000..b0261832ddf5 --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI_test.py @@ -0,0 +1,43 @@ +import io +import json + +import pytest + +from CrowdStrikeOpenAPI import Client, query_behaviors_command + + +@pytest.fixture() +def client(requests_mock): + requests_mock.post( + 'https://api.crowdstrike.com/oauth2/token', + json={ + 'access_token': 'access_token', + }, + ) + return Client(params={}) + + +def util_load_json(path): + with io.open(path, mode='r', encoding='utf-8') as f: + return json.loads(f.read()) + + +def test_query_behaviors(client, requests_mock): + """ + Given: + - Limit arg set to 1 + When: + - Running query behaviors command + Then: + - Verify request sent as expected + - Verify command outputs are as expected + """ + args = { + 'limit': '1' + } + api_response = util_load_json('./test_data/query_behaviors_response.json') + requests_mock.get('https://api.crowdstrike.com/incidents/queries/behaviors/v1?limit=1', json=api_response) + + result = query_behaviors_command(client=client, args=args) + + assert result.outputs == api_response diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/README.md b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/README.md new file mode 100644 index 000000000000..24194927405b --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/README.md @@ -0,0 +1,23 @@ +Use the CrowdStrike OpenAPI integration to interact with CrowdStrike APIs that do not have dedicated integrations in Cortex XSOAR, for example, CrowdStrike FalconX, etc. + +To use the CrowdStrike OpenAPI integration, you need the ID and secret of an API client that has right scopes granted to it. + +For more details, refer to the [CrowdStrike OAuth2-Based APIs documentation](https://falcon.crowdstrike.com/support/documentation/46/crowdstrike-oauth2-based-apis). + +*Note:* The integration is in ***beta*** as it was auto generated from the CrowdStrike Falcon OpenAPI specification and is not fully tested. + +## Configure CrowdStrike OpenAPI on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for CrowdStrike OpenAPI. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Required** | + | --- | --- | + | Cloud Base URL | True | + | Client ID | True | + | Client Secret | True | + | Use system proxy settings | False | + | Trust any certificate (not secure) | False | + +4. Click **Test** to validate the URLs, token, and connection. diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/test_data/query_behaviors_response.json b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/test_data/query_behaviors_response.json new file mode 100644 index 000000000000..cbe75727e4c0 --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/test_data/query_behaviors_response.json @@ -0,0 +1,16 @@ +{ + "errors": [], + "meta": { + "pagination": { + "limit": 1, + "offset": 0, + "total": 25911 + }, + "powered_by": "incident-api", + "query_time": 0.004702694, + "trace_id": "8862b914-845f-44fe-85a4-b985c1705827" + }, + "resources": [ + "ind:32dbb9d8f06b45fe9f61eb46K829d986:225219242032-10197-31124736" + ] +} \ No newline at end of file diff --git a/Packs/CrowdStrikeOpenAPI/README.md b/Packs/CrowdStrikeOpenAPI/README.md new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/CrowdStrikeOpenAPI/TestPlaybooks/CrowdStrike_API_-_Test.yml b/Packs/CrowdStrikeOpenAPI/TestPlaybooks/CrowdStrike_API_-_Test.yml new file mode 100644 index 000000000000..7b3bd7bade3a --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/TestPlaybooks/CrowdStrike_API_-_Test.yml @@ -0,0 +1,176 @@ +id: CrowdStrike OpenAPI - Test +version: -1 +name: CrowdStrike OpenAPI - Test +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: a6f1fbf6-683a-48f9-8312-42f3660332bf + type: start + task: + id: a6f1fbf6-683a-48f9-8312-42f3660332bf + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "4" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "1": + id: "1" + taskid: 294f3cd3-2bc7-490f-8e54-624c86027fa5 + type: regular + task: + id: 294f3cd3-2bc7-490f-8e54-624c86027fa5 + version: -1 + name: Query behaviors + description: Search for behaviors by providing an FQL filter, sorting, and paging + details + script: '|||cs-query-behaviors' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "2" + scriptarguments: + limit: + simple: "1" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 370 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "2": + id: "2" + taskid: 5ca50c44-298a-4ec4-8eea-130f2e878860 + type: condition + task: + id: 5ca50c44-298a-4ec4-8eea-130f2e878860 + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "3" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: hasLength + left: + value: + simple: CrowdStrike.msaQueryResponse.resources + iscontext: true + right: + value: + simple: "1" + view: |- + { + "position": { + "x": 50, + "y": 545 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "3": + id: "3" + taskid: f961f41d-81ac-419c-8c18-1ab48c36ff65 + type: title + task: + id: f961f41d-81ac-419c-8c18-1ab48c36ff65 + version: -1 + name: Success + type: title + iscommand: false + brand: "" + description: '' + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 720 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "4": + id: "4" + taskid: 501a53cd-52ff-4bfc-8332-e66cc49a349b + type: regular + task: + id: 501a53cd-52ff-4bfc-8332-e66cc49a349b + version: -1 + name: Delete Context + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "1" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 50, + "y": 195 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 735, + "width": 380, + "x": 50, + "y": 50 + } + } + } +inputs: [] +outputs: [] +fromversion: 6.0.0 +description: '' diff --git a/Packs/CrowdStrikeOpenAPI/pack_metadata.json b/Packs/CrowdStrikeOpenAPI/pack_metadata.json new file mode 100644 index 000000000000..7dcb48fcf057 --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/pack_metadata.json @@ -0,0 +1,14 @@ +{ + "name": "CrowdStrike OpenAPI", + "description": "Use the CrowdStrike OpenAPI integration to interact with CrowdStrike APIs that do not have dedicated integrations in Cortex XSOAR, for example, CrowdStrike FalconX, etc.", + "support": "xsoar", + "currentVersion": "1.0.0", + "author": "Cortex XSOAR", + "url": "https://www.paloaltonetworks.com/cortex", + "email": "", + "created": "2020-10-23T13:55:23Z", + "categories": [], + "tags": [], + "useCases": [], + "keywords": [] +} \ No newline at end of file From 4d4a3935c6b9e8c17e609fae05574e69faef1e8c Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Sun, 29 Aug 2021 09:42:56 +0300 Subject: [PATCH 055/173] Zscaler - handle returned URLs protocols (#14529) * replace res urls from given ones * add rn * improve condition for matching url --- Packs/Zscaler/Integrations/Zscaler/Zscaler.py | 8 ++++++++ .../Integrations/Zscaler/Zscaler_test.py | 2 +- .../Zscaler/test_data/results/url.json | 18 +++++++++--------- Packs/Zscaler/ReleaseNotes/1_1_8.md | 3 +++ Packs/Zscaler/pack_metadata.json | 2 +- 5 files changed, 22 insertions(+), 11 deletions(-) create mode 100644 Packs/Zscaler/ReleaseNotes/1_1_8.md diff --git a/Packs/Zscaler/Integrations/Zscaler/Zscaler.py b/Packs/Zscaler/Integrations/Zscaler/Zscaler.py index 0fb4dd274cd0..b3e8eaeba5de 100644 --- a/Packs/Zscaler/Integrations/Zscaler/Zscaler.py +++ b/Packs/Zscaler/Integrations/Zscaler/Zscaler.py @@ -389,8 +389,16 @@ def url_lookup(args): ec[outputPaths['url']] = [] ec['DBotScore'] = [] pre_table_data = [] + urls_list = argToList(url) for data in raw_res: suspicious_categories = ['SUSPICIOUS_DESTINATION', 'SPYWARE_OR_ADWARE'] + res_url = data.get('url') + for url in urls_list: + # since zscaler expects to recieve a URL without the protocol, we omit it in `lookup_request` + # in the response, the URL is returned as it was sent, so we add back the protocol by replacing + # the URL retruned with the one we got as an argument + if 'http://' + res_url in url or 'https://' + res_url in url: + data['url'] = url ioc_context = {'Address': data['url'], 'Data': data['url']} score = 1 if len(data['urlClassifications']) == 0: diff --git a/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py b/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py index 9a8585906c92..0731c5175bca 100644 --- a/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py +++ b/Packs/Zscaler/Integrations/Zscaler/Zscaler_test.py @@ -58,7 +58,7 @@ def test_url_command(mocker): """url""" import Zscaler run_command_test(command_func=Zscaler.url_lookup, - args={'url': 'www.demisto22.com'}, + args={'url': 'https://www.demisto-news.com,https://www.demisto-search.com'}, response_path='test_data/responses/url.json', expected_result_path='test_data/results/url.json', mocker=mocker) diff --git a/Packs/Zscaler/Integrations/Zscaler/test_data/results/url.json b/Packs/Zscaler/Integrations/Zscaler/test_data/results/url.json index ea8b8a47caab..bafad483f70f 100644 --- a/Packs/Zscaler/Integrations/Zscaler/test_data/results/url.json +++ b/Packs/Zscaler/Integrations/Zscaler/test_data/results/url.json @@ -2,41 +2,41 @@ "Type": 1, "Contents": [ { - "url": "www.demisto-news.com", + "url": "https://www.demisto-news.com", "urlClassifications": "NEWS_AND_MEDIA", "urlClassificationsWithSecurityAlert": "" }, { - "url": "www.demisto-search.com", + "url": "https://www.demisto-search.com", "urlClassifications": "WEB_SEARCH", "urlClassificationsWithSecurityAlert": "" } ], "ContentsFormat": "json", "ReadableContentsFormat": "markdown", - "HumanReadable": "### Zscaler URL Lookup\n|url|urlClassifications|\n|---|---|\n| www.demisto-news.com | NEWS_AND_MEDIA |\n| www.demisto-search.com | WEB_SEARCH |\n", + "HumanReadable": "### Zscaler URL Lookup\n|url|urlClassifications|\n|---|---|\n| https://www.demisto-news.com | NEWS_AND_MEDIA |\n| https://www.demisto-search.com | WEB_SEARCH |\n", "EntryContext": { "URL(val.Data && val.Data == obj.Data)": [ { - "Address": "www.demisto-news.com", - "Data": "www.demisto-news.com", + "Address": "https://www.demisto-news.com", + "Data": "https://www.demisto-news.com", "urlClassifications": "NEWS_AND_MEDIA" }, { - "Address": "www.demisto-search.com", - "Data": "www.demisto-search.com", + "Address": "https://www.demisto-search.com", + "Data": "https://www.demisto-search.com", "urlClassifications": "WEB_SEARCH" } ], "DBotScore": [ { - "Indicator": "www.demisto-news.com", + "Indicator": "https://www.demisto-news.com", "Score": 1, "Type": "url", "Vendor": "Zscaler" }, { - "Indicator": "www.demisto-search.com", + "Indicator": "https://www.demisto-search.com", "Score": 1, "Type": "url", "Vendor": "Zscaler" diff --git a/Packs/Zscaler/ReleaseNotes/1_1_8.md b/Packs/Zscaler/ReleaseNotes/1_1_8.md new file mode 100644 index 000000000000..c4d14d80d434 --- /dev/null +++ b/Packs/Zscaler/ReleaseNotes/1_1_8.md @@ -0,0 +1,3 @@ +#### Integrations +##### Zscaler +- Fixed an issue where the URL protocol was omitted from the results of the ***url*** command. diff --git a/Packs/Zscaler/pack_metadata.json b/Packs/Zscaler/pack_metadata.json index 09172afabed7..a5dfc3002f4e 100644 --- a/Packs/Zscaler/pack_metadata.json +++ b/Packs/Zscaler/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Zscaler", "description": "Zscaler is a cloud security solution built for performance and flexible scalability.", "support": "xsoar", - "currentVersion": "1.1.7", + "currentVersion": "1.1.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 41a9fc541353832421e60bae1aeb5c181b569520 Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Sun, 29 Aug 2021 10:20:11 +0300 Subject: [PATCH 056/173] Symantec DLP - fix handling of fetch limit (#14561) * test fetch incidents with limit less than num of dlp incidents returned * fix fetch limit handling * fix W293 * fix W293 --- .../Integrations/SymantecDLP/SymantecDLP.py | 4 +- .../SymantecDLP/SymantecDLP_test.py | 39 +++++++++++++++++++ Packs/SymantecDLP/ReleaseNotes/1_1_2.md | 4 ++ Packs/SymantecDLP/pack_metadata.json | 2 +- 4 files changed, 45 insertions(+), 4 deletions(-) create mode 100644 Packs/SymantecDLP/ReleaseNotes/1_1_2.md diff --git a/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP.py b/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP.py index 613fbbc113fc..f480546ae6db 100644 --- a/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP.py +++ b/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP.py @@ -661,6 +661,7 @@ def fetch_incidents(client: Client, fetch_time: str, fetch_limit: int, last_run: )).get('incidentId', '') if incidents_ids: + incidents_ids = incidents_ids[:fetch_limit] last_incident_time: str = '' last_incident_id: str = '' for incident_id in incidents_ids: @@ -668,9 +669,6 @@ def fetch_incidents(client: Client, fetch_time: str, fetch_limit: int, last_run: # Skipping last incident from last cycle if fetched again continue - if fetch_limit == 0: - break - fetch_limit -= 1 incident_details = json.dumps(helpers.serialize_object(client.service.incidentDetail( incidentId=incident_id )[0]), default=datetime_to_iso_format) diff --git a/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP_test.py b/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP_test.py index 29b75e81d9ac..6fefdc2e2a04 100644 --- a/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP_test.py +++ b/Packs/SymantecDLP/Integrations/SymantecDLP/SymantecDLP_test.py @@ -3,6 +3,7 @@ from dateutil.parser import parse from SymantecDLP import main, get_cache_path import os +from unittest.mock import MagicMock def test_get_incident_attributes(): @@ -291,3 +292,41 @@ def test_self_signed_secure_ssl(mocker): main() except Exception as ex: assert 'certificate' in str(ex).lower() + + +def test_fetch_incidents(mocker): + """ + Given: + - 2 DLP incidents to fetch + - Fetch limit set to 1 + + When: + - Fetching incidents + + Then: + - Ensure last run is set as expected with the incident fetched + """ + dlp_incident1 = { + 'incident': { + 'incidentCreationDate': 'date1' + } + } + dlp_incident2 = { + 'incident': { + 'incidentCreationDate': 'date2' + } + } + import SymantecDLP + last_run = mocker.patch.object(demisto, 'setLastRun') + client = MagicMock() + mocker.patch('SymantecDLP.helpers.serialize_object', side_effect=[{'incidentId': [1, 2]}, dlp_incident1, dlp_incident2]) + mocker.patch.object(SymantecDLP, 'get_incident_binaries', return_value=(None, None, None, None,)) + SymantecDLP.fetch_incidents( + client=client, + fetch_time='3 days', + fetch_limit=1, + last_run={}, + saved_report_id='' + ) + last_run = last_run.call_args[0][0] + assert last_run == {'last_fetched_event_iso': 'date1', 'last_incident_id': 1} diff --git a/Packs/SymantecDLP/ReleaseNotes/1_1_2.md b/Packs/SymantecDLP/ReleaseNotes/1_1_2.md new file mode 100644 index 000000000000..b3ad4c32dc9f --- /dev/null +++ b/Packs/SymantecDLP/ReleaseNotes/1_1_2.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Symantec Data Loss Prevention (Beta) +- Fixed an issue where **fetch-incidents** created duplicate incidents in case the fetch limit was set to less than the number of incidents returned from Symantec DLP. diff --git a/Packs/SymantecDLP/pack_metadata.json b/Packs/SymantecDLP/pack_metadata.json index 5e5834dcaa8e..f0babfd95034 100644 --- a/Packs/SymantecDLP/pack_metadata.json +++ b/Packs/SymantecDLP/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Symantec Data Loss Prevention (Beta)", "description": "Symantec Data Loss Prevention enables you to discover, monitor and protect your sensitive corporate information.", "support": "xsoar", - "currentVersion": "1.1.1", + "currentVersion": "1.1.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From cfb49644d5e9b0a9a6dee01e504810461f778ed8 Mon Sep 17 00:00:00 2001 From: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Date: Sun, 29 Aug 2021 11:09:23 +0300 Subject: [PATCH 057/173] PP rule support (#14470) * pp rule support * testing * fix name * testing * typo fix * revert testing changes * revert testing changes * revert testing changes * fix typo * scheme verification * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py * Merge branch 'master' into upload_preprocessing_rule_content_item # Conflicts: # Tests/Marketplace/marketplace_constants.py # Tests/Marketplace/marketplace_services.py --- Tests/Marketplace/marketplace_constants.py | 4 +++- Tests/Marketplace/marketplace_services.py | 8 +++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/Tests/Marketplace/marketplace_constants.py b/Tests/Marketplace/marketplace_constants.py index 0648bbbf78e0..02de954056a0 100644 --- a/Tests/Marketplace/marketplace_constants.py +++ b/Tests/Marketplace/marketplace_constants.py @@ -144,6 +144,7 @@ class PackFolders(enum.Enum): GENERIC_MODULES = "GenericModules" GENERIC_TYPES = "GenericTypes" LISTS = 'Lists' + PREPROCESS_RULES = "PreProcessRules" @classmethod def pack_displayed_items(cls): @@ -168,7 +169,8 @@ def json_supported_folders(cls): PackFolders.INCIDENT_FIELDS.value, PackFolders.INCIDENT_TYPES.value, PackFolders.INDICATOR_FIELDS.value, PackFolders.LAYOUTS.value, PackFolders.INDICATOR_TYPES.value, PackFolders.REPORTS.value, PackFolders.WIDGETS.value, PackFolders.GENERIC_DEFINITIONS.value, PackFolders.GENERIC_FIELDS.value, - PackFolders.GENERIC_MODULES.value, PackFolders.GENERIC_TYPES.value, PackFolders.LISTS.value + PackFolders.GENERIC_MODULES.value, PackFolders.GENERIC_TYPES.value, PackFolders.LISTS.value, + PackFolders.GENERIC_MODULES.value, PackFolders.GENERIC_TYPES.value, PackFolders.PREPROCESS_RULES.value } diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index 2ef6afdeb874..dc1ed93f3899 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -1477,7 +1477,8 @@ def collect_content_items(self): PackFolders.GENERIC_FIELDS.value: "GenericFields", PackFolders.GENERIC_MODULES.value: "GenericModules", PackFolders.GENERIC_TYPES.value: "GenericTypes", - PackFolders.LISTS.value: "list" + PackFolders.LISTS.value: "list", + PackFolders.PREPROCESSING_RULE.value: "preprocessrule", } for root, pack_dirs, pack_files_names in os.walk(self._pack_path, topdown=False): @@ -1641,6 +1642,11 @@ def collect_content_items(self): 'name': content_item.get('name', ""), 'description': content_item.get('description', ""), }) + elif current_directory == PackFolders.PREPROCESS_RULES.value: + folder_collected_items.append({ + 'name': content_item.get('name', ""), + 'description': content_item.get('description', ""), + }) if current_directory in PackFolders.pack_displayed_items(): content_item_key = content_item_name_mapping[current_directory] From df6e8853c1b45e7f9b565dcf77d1ed3e2823947e Mon Sep 17 00:00:00 2001 From: Guy Freund <53565845+guyfreund@users.noreply.github.com> Date: Sun, 29 Aug 2021 12:16:44 +0300 Subject: [PATCH 058/173] added login to gcp, fixed a default argument (#14331) --- .gitlab/ci/global.yml | 4 ++++ Tests/Marketplace/marketplace_services.py | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.gitlab/ci/global.yml b/.gitlab/ci/global.yml index bc6834d88157..84cd0d78e71e 100644 --- a/.gitlab/ci/global.yml +++ b/.gitlab/ci/global.yml @@ -270,7 +270,11 @@ - echo "Download index.zip" - INDEX_PATH=$(mktemp) - | + gcloud auth activate-service-account --key-file="$GCS_MARKET_KEY" >> $ARTIFACTS_FOLDER/logs/auth.out + echo "successfully activated google cloud service account" gsutil cp "gs://marketplace-dist/content/packs/index.zip" $INDEX_PATH + echo "successfully downloaded index.zip" + gcloud auth revoke $GCS_ARTIFACTS_ACCOUNT_NAME - echo "successfully downloaded index.zip into $INDEX_PATH" - UNZIP_PATH=$(mktemp -d) diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index dc1ed93f3899..8365d034b1ea 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -1792,7 +1792,7 @@ def _enhance_pack_attributes(self, index_folder_path, pack_was_modified, ) def format_metadata(self, index_folder_path, packs_dependencies_mapping, build_number, commit_hash, - pack_was_modified, statistics_handler, pack_names=[], format_dependencies_only=False): + pack_was_modified, statistics_handler, pack_names=None, format_dependencies_only=False): """ Re-formats metadata according to marketplace metadata format defined in issue #19786 and writes back the result. @@ -1812,6 +1812,7 @@ def format_metadata(self, index_folder_path, packs_dependencies_mapping, build_n """ task_status = False + pack_names = pack_names if pack_names else [] try: self.set_pack_dependencies(packs_dependencies_mapping) From 7a412c6df160ee7b06e1f36dae4fd9507e59da9f Mon Sep 17 00:00:00 2001 From: eli sharf <57587340+esharf@users.noreply.github.com> Date: Sun, 29 Aug 2021 12:37:45 +0300 Subject: [PATCH 059/173] replaced the contrib checkout to use github api (#13676) * replaced the contrib checkout to use GitHub REST API * update UT Co-authored-by: esharf --- .gitlab/ci/global.yml | 2 +- .gitlab/ci/on-push.yml | 8 +- ...onfigure_and_test_integration_instances.py | 5 ++ .../collect_tests_and_content_packs.py | 4 +- ...e_contribution_pack_in_base_branch_test.py | 31 ++++--- ...update_contribution_pack_in_base_branch.py | 86 +++++++++---------- 6 files changed, 69 insertions(+), 67 deletions(-) diff --git a/.gitlab/ci/global.yml b/.gitlab/ci/global.yml index 84cd0d78e71e..50f0a9478b0c 100644 --- a/.gitlab/ci/global.yml +++ b/.gitlab/ci/global.yml @@ -58,7 +58,7 @@ if [[ -n "${CONTRIB_BRANCH}" ]]; then REPO=$(echo $CONTRIB_BRANCH | cut -d ":" -f 1) BRANCH=$(echo $CONTRIB_BRANCH | cut -d ":" -f 2) - python3 ./Utils/update_contribution_pack_in_base_branch.py -p $PULL_REQUEST_NUMBER -b $BRANCH -c $REPO -t $GITHUB_TOKEN + python3 ./Utils/update_contribution_pack_in_base_branch.py -p $PULL_REQUEST_NUMBER -b $BRANCH -c $REPO fi - section_end "getting contrib packs" diff --git a/.gitlab/ci/on-push.yml b/.gitlab/ci/on-push.yml index 1c844c31164d..8f8580701073 100644 --- a/.gitlab/ci/on-push.yml +++ b/.gitlab/ci/on-push.yml @@ -121,10 +121,14 @@ create-instances: - sleep 60 - ./Tests/scripts/run_tests.sh "$INSTANCE_ROLE" || EXIT_CODE=$? - | - if [ -f ./Tests/failed_tests.txt ]; then + if [[ -f ./Tests/failed_tests.txt ]]; then cp ./Tests/failed_tests.txt $ARTIFACTS_FOLDER/failed_tests.txt fi - - python3 ./Tests/scripts/destroy_instances.py $ARTIFACTS_FOLDER $ARTIFACTS_FOLDER/env_results.json "$INSTANCE_ROLE" "$TIME_TO_LIVE" || EXIT_CODE=$? + - | + if [ -z "${TIME_TO_LIVE}" -a "$CI_PIPELINE_SOURCE" = "contrib" ]; then + TIME_TO_LIVE=300 + fi + python3 ./Tests/scripts/destroy_instances.py $ARTIFACTS_FOLDER $ARTIFACTS_FOLDER/env_results.json "$INSTANCE_ROLE" "$TIME_TO_LIVE" || EXIT_CODE=$? - exit $EXIT_CODE diff --git a/Tests/configure_and_test_integration_instances.py b/Tests/configure_and_test_integration_instances.py index 39998856fc19..a5bb3794ef4d 100644 --- a/Tests/configure_and_test_integration_instances.py +++ b/Tests/configure_and_test_integration_instances.py @@ -1297,6 +1297,11 @@ def get_non_added_packs_ids(build: Build): compare_against = 'origin/master{}'.format('' if not build.branch_name == 'master' else '~1') added_files = run_command(f'git diff --name-only --diff-filter=A ' f'{compare_against}..refs/heads/{build.branch_name} -- Packs/*/pack_metadata.json') + if os.getenv('CONTRIB_BRANCH'): + added_contrib_files = run_command( + 'git status -uall --porcelain -- Packs/*/pack_metadata.json | grep "?? "').replace('?? ', '') + added_files = added_files if not added_contrib_files else '\n'.join([added_files, added_contrib_files]) + added_files = filter(lambda x: x, added_files.split('\n')) added_pack_ids = map(lambda x: x.split('/')[1], added_files) return set(get_pack_ids_to_install()) - set(added_pack_ids) diff --git a/Tests/scripts/collect_tests_and_content_packs.py b/Tests/scripts/collect_tests_and_content_packs.py index d366073e86e1..edeea92a8299 100755 --- a/Tests/scripts/collect_tests_and_content_packs.py +++ b/Tests/scripts/collect_tests_and_content_packs.py @@ -1386,8 +1386,8 @@ def create_test_file(is_nightly, skip_save=False, path_to_pack=''): files_string = tools.run_command("git diff --name-status origin/master...{0}".format(branch_name)) # Checks if the build is for contributor PR and if so add it's pack. if os.getenv('CONTRIB_BRANCH'): - packs_diff = tools.run_command("git diff --name-status HEAD -- Packs") - files_string += f"\n{packs_diff}" + packs_diff = tools.run_command('git status -uall --porcelain -- Packs').replace('??', 'A') + files_string = '\n'.join([files_string, packs_diff]) else: commit_string = tools.run_command("git log -n 2 --pretty='%H'") logging.debug(f'commit string: {commit_string}') diff --git a/Utils/tests/update_contribution_pack_in_base_branch_test.py b/Utils/tests/update_contribution_pack_in_base_branch_test.py index 31ff40d39546..608660333fe0 100755 --- a/Utils/tests/update_contribution_pack_in_base_branch_test.py +++ b/Utils/tests/update_contribution_pack_in_base_branch_test.py @@ -1,4 +1,5 @@ -from Utils.update_contribution_pack_in_base_branch import get_pack_dir +from Utils.update_contribution_pack_in_base_branch import get_pr_files +import os github_response_1 = [ { @@ -84,7 +85,11 @@ github_response_4 = [] -def test_get_pack_dir(requests_mock): +def pack_names(files): + return set(map(lambda x: x.split(os.path.sep)[1], files)) + + +def test_get_pr_files(requests_mock): """ Scenario: Get a pack dir name from pull request files @@ -98,9 +103,7 @@ def test_get_pack_dir(requests_mock): Then - Ensure the pack dir name is returned correctly """ - branch = 'contrib_branch' pr_number = '1' - repo = 'contrib_repo' requests_mock.get( 'https://api.github.com/repos/demisto/content/pulls/1/files', [{'json': github_response_1, 'status_code': 200}, @@ -108,12 +111,12 @@ def test_get_pack_dir(requests_mock): {'json': github_response_4, 'status_code': 200}] ) - pack_dir = get_pack_dir(branch, pr_number, repo) + pack_dir = pack_names(get_pr_files(pr_number)) - assert pack_dir == ['Slack'] + assert pack_dir == {'Slack'} -def test_get_multiple_packs_dirs(requests_mock): +def test_get_multiple_pr_files(requests_mock): """ Scenario: Get a list of pack dir names from pull request files @@ -127,9 +130,7 @@ def test_get_multiple_packs_dirs(requests_mock): Then - Ensure pack dir names are returned correctly """ - branch = 'contrib_branch' pr_number = '1' - repo = 'contrib_repo' requests_mock.get( 'https://api.github.com/repos/demisto/content/pulls/1/files', [{'json': github_response_1, 'status_code': 200}, @@ -138,12 +139,12 @@ def test_get_multiple_packs_dirs(requests_mock): {'json': github_response_4, 'status_code': 200}] ) - pack_dir = get_pack_dir(branch, pr_number, repo) + pack_dir = pack_names(get_pr_files(pr_number)) - assert pack_dir == ['Slack', 'AnotherPackName'] + assert pack_dir == {'Slack', 'AnotherPackName'} -def test_get_pack_dir_no_pack(requests_mock): +def test_get_pr_files_no_pack(requests_mock): """ Scenario: Get a pack dir name from pull request files @@ -157,9 +158,7 @@ def test_get_pack_dir_no_pack(requests_mock): Then - Ensure the pack dir name is empty """ - branch = 'contrib_branch' pr_number = '1' - repo = 'contrib_repo' requests_mock.get( 'https://api.github.com/repos/demisto/content/pulls/1/files', @@ -167,6 +166,6 @@ def test_get_pack_dir_no_pack(requests_mock): {'json': github_response_4, 'status_code': 200}] ) - pack_dir = get_pack_dir(branch, pr_number, repo) + pack_dir = pack_names(get_pr_files(pr_number)) - assert pack_dir == [] + assert pack_dir == set() diff --git a/Utils/update_contribution_pack_in_base_branch.py b/Utils/update_contribution_pack_in_base_branch.py index 48f4c5c9ae31..94566e69c3d5 100755 --- a/Utils/update_contribution_pack_in_base_branch.py +++ b/Utils/update_contribution_pack_in_base_branch.py @@ -1,13 +1,11 @@ #!/usr/bin/env python3 import argparse import os -import shutil -import sys -from subprocess import Popen -from typing import List +from typing import Iterable, List +from urllib.parse import urljoin import requests -from demisto_sdk.commands.common.tools import run_command, print_error, print_success +from demisto_sdk.commands.common.tools import print_success def main(): @@ -15,59 +13,29 @@ def main(): parser.add_argument('-p', '--pr_number', help='Contrib PR number') parser.add_argument('-b', '--branch', help='The contrib branch') parser.add_argument('-c', '--contrib_repo', help='The contrib repo') - parser.add_argument('-t', '--github_token', help='github token (used to fetch from forked repositories).') args = parser.parse_args() pr_number = args.pr_number repo = args.contrib_repo branch = args.branch - token = args.github_token - packs_dir_names = get_pack_dir(branch, pr_number, repo) - if not packs_dir_names: - print_error('Did not find a pack in the PR') - sys.exit(1) - print(f'Copy changes from the contributor branch {repo}/{branch} ' - f'in the following packs: ' + '\n'.join(packs_dir_names)) - try: - for pack_dir in packs_dir_names: - if os.path.isdir(f'Packs/{pack_dir}'): - # Remove existing pack - shutil.rmtree(f'Packs/{pack_dir}') - # if packs_dir_names = ['pack_a', 'pack_b', 'pack_c'], - # string_dir_names will be 'Packs/pack_a Packs/pack_b Packs/pack_c' - string_dir_names = f'Packs/{" Packs/".join(packs_dir_names)}' + packs_dir_names = get_files_from_github(repo, branch, pr_number) + if packs_dir_names: + print_success(f'Successfully updated the base branch with the following contrib packs: Packs/' + f'{", Packs/".join(packs_dir_names)}') - try: - with open('/dev/null', 'w') as dev_null: - Popen(f'git fetch https://{token}@github.com/{repo}/content.git :{repo}/{branch}'.split(), stdout=dev_null) - except SystemExit: - pass - command = f'git checkout {repo}/{branch} -- {string_dir_names}' - print(f'Running command {command}') - run_command(command) - except Exception as e: - print_error(f'Failed to deploy contributed pack to base branch: {e}') - sys.exit(1) - print_success(f'Successfully updated the base branch with the following contrib packs: ' - f'{", ".join(packs_dir_names)}') - - -def get_pack_dir(branch: str, pr_number: str, repo: str) -> List[str]: +def get_pr_files(pr_number: str) -> Iterable[str]: """ - Get packs dir names from a contribution pull request changed files. + Get changed files names from a contribution pull request. Args: - branch: The contrib branch pr_number: The contrib PR - repo: The contrib repo Returns: - A list of packs dir names, if found. + A list of changed file names (under the Packs dir), if found. """ page = 1 - list_packs_dir_names = [] while True: response = requests.get(f'https://api.github.com/repos/demisto/content/pulls/{pr_number}/files', params={'page': str(page)}) @@ -77,11 +45,37 @@ def get_pack_dir(branch: str, pr_number: str, repo: str) -> List[str]: break for pr_file in files: if pr_file['filename'].startswith('Packs/'): - pack_dir_name = pr_file['filename'].split('/')[1] - if pack_dir_name not in list_packs_dir_names: - list_packs_dir_names.append(pack_dir_name) + yield pr_file['filename'] page += 1 - return list_packs_dir_names + + +def get_files_from_github(username: str, branch: str, pr_number: str) -> List[str]: + """ + Write the changed files content repo + Args: + username: The username of the contributor (e.g. demisto / xsoar-bot) + branch: The contributor branch + pr_number: The contrib PR + Returns: + A list of packs names, if found. + """ + content_path = os.getcwd() + files_list = set() + chunk_size = 1024 * 500 # 500 Kb + base_url = f'https://raw.githubusercontent.com/{username}/content/{branch}/' + for file_path in get_pr_files(pr_number): + abs_file_path = os.path.join(content_path, file_path) + abs_dir = os.path.dirname(abs_file_path) + if not os.path.isdir(abs_dir): + os.makedirs(abs_dir) + with open(abs_file_path, 'wb') as changed_file: + with requests.get(urljoin(base_url, file_path), stream=True) as file_content: + file_content.raise_for_status() + for data in file_content.iter_content(chunk_size=chunk_size): + changed_file.write(data) + + files_list.add(file_path.split(os.path.sep)[1]) + return list(files_list) if __name__ == '__main__': From 8271402bafa785832e33505de90e02d447fcf8d7 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Sun, 29 Aug 2021 12:40:24 +0300 Subject: [PATCH 060/173] Thycotic dsv (#14475) * Thycotic dsv (#11589) * Init revision * Init revision * Add integration Thycotic Secret Server * Delete comment block * Add TestPlaybook * Modify Tests/conf.json Delete error files * Delete file * Add Test Playbook * Update Packs/Thycotic/TestPlaybooks/Thycotic-Test.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Tests/conf.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/pack_metadata.json Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Change support contacts * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Change description for output parameters * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.yml Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Fix * Change exception message for command test_command * Change description, add version Secret Server * Add param proxy * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/Thycotic/Integrations/Thycotic/Thycotic.py Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Generate documentation for integration * Change version for Secret Server in documentation * Add param verify to class Client * Add files via upload * Add files via upload * Add files via upload * Updated Thycotic Integration * Delete conf.json * Regenerate Thycotc-Test * Update Thycotic_test.py * Update Thycotic.yml * Update pack_metadata.json Change tags * Update README.md * Update conf.json * Update pack_metadata.json * Update Thycotic.yml Change description * Update Thycotic.py Change test_module * Update Thycotic.py Fix syntax error * Update Thycotic_test.py Fix UT * Modify test command fetch-credential * running format * Add files via upload Change description * Update Thycotic_description.md * Update Thycotic_description.md * Add files via upload Updated description for output paramets * Init release for Thycotic DevOps Storage Vault * Change description * Fixed errors in descriptions. * Fixed * Add files via upload * Fixed * Add files via upload * Add files via upload * Fix description * Add files via upload * Add files via upload * Fixed * Add files via upload * Add files via upload * Add files via upload * Delete ThycoticDSV.yml * Add files via upload * Delete ThycoticDSV.py * Delete ThycoticDSV.yml * Delete Packs/Thycotic directory * Update pack_metadata.json * Update descriptions * Update descriptions * Fix * Markdown output Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Guy Keller <33782301+guykeller@users.noreply.github.com> Co-authored-by: guykeller * fixing docs * added author image Co-authored-by: Andrey Nikolaev <69254946+AndyNikolaev@users.noreply.github.com> Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> Co-authored-by: Guy Keller <33782301+guykeller@users.noreply.github.com> Co-authored-by: guykeller --- Packs/ThycoticDSV/.pack-ignore | 0 Packs/ThycoticDSV/.secrets-ignore | 0 Packs/ThycoticDSV/Author_image.png | Bin 0 -> 3858 bytes .../Integrations/ThycoticDSV/Pipfile | 18 + .../Integrations/ThycoticDSV/Pipfile.lock | 369 ++++++++++++++++++ .../Integrations/ThycoticDSV/README.md | 74 ++++ .../Integrations/ThycoticDSV/ThycoticDSV.py | 93 +++++ .../Integrations/ThycoticDSV/ThycoticDSV.yml | 60 +++ .../ThycoticDSV/ThycoticDSV_description.md | 17 + .../ThycoticDSV/ThycoticDSV_image.png | Bin 0 -> 7711 bytes .../ThycoticDSV/command_examples.txt | 1 + Packs/ThycoticDSV/README.md | 9 + Packs/ThycoticDSV/pack_metadata.json | 19 + Tests/conf.json | 1 + 14 files changed, 661 insertions(+) create mode 100644 Packs/ThycoticDSV/.pack-ignore create mode 100644 Packs/ThycoticDSV/.secrets-ignore create mode 100644 Packs/ThycoticDSV/Author_image.png create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile.lock create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/README.md create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.py create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.yml create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV_description.md create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV_image.png create mode 100644 Packs/ThycoticDSV/Integrations/ThycoticDSV/command_examples.txt create mode 100644 Packs/ThycoticDSV/README.md create mode 100644 Packs/ThycoticDSV/pack_metadata.json diff --git a/Packs/ThycoticDSV/.pack-ignore b/Packs/ThycoticDSV/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/ThycoticDSV/.secrets-ignore b/Packs/ThycoticDSV/.secrets-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/ThycoticDSV/Author_image.png b/Packs/ThycoticDSV/Author_image.png new file mode 100644 index 0000000000000000000000000000000000000000..478e16d24cc06aa225deb737bdc5586dcc13fcd1 GIT binary patch literal 3858 zcmb7{_dgU4z{kbm?raiScQz%IIOB}-Ju4j1GP37|%(KODwyaKsj3Rr4Y&s)^&I%bJ zWL=z*k?TCYoy#&u{MpQOQmMMSx)&E0xOz@F98RTD5D0{xo}P+|iiU;;nM`hIXn?_BC={x*v-9li zth&0oq@-kQY>ayG$I;QTx3|~J%d4fOB{w&BdU`r0CMG>SePd(e{{8!SJpRj4F1CUt z>>bC_($d+*c6OVttgLKOl|W)*BI)RJKmij5gK>6tj);h$UL1O611&8rB_${&)9+wiOvL~-ep~$iMaeHFV8(@u8s-MKl8h3Y*znd05I(zTA#1l5pGRKojHJop&ne5)Z z^R73b9cJIuv4e16BO z@3Z>%U?b&E^xTx8Kg)KF?nD{p)f`;*+K?=?=(I(N3 zbsL!Ya4V#G1sP$jtYyR)pj+ozZ??GB@#~Y1K{I**o#v*~Q+&$|X zYtFJ8M4Wjbok{xvNbLc))tfkNMm16q>Pg@oF9I>f=f4}u?#E3ptGKlci3aoo?pT${ z%W@wzwJNWwmq6hqyj+078#GckHGY@lHt9zCdeandD2Ig>rWvj##XtjG(YZNPagtp@ z1^B^^+WzbRE_jPtZtb(GH}5Sf0-y<|7~eA!JM2Q6d2<#I&BtLiW-ghLZtz*8PMY>6k^ z>&jogITl#g94;8wDHj^+P5F2ii102>IsH8y0tm8RpSd(HAf-`fY+OO!ut-r}V0YW9 zmU_Vr(p6(J!*WMK`H%jPTpk_R@=jLONd$9a3yF+(XUB`B*-871LX#UlaRyNW=GI71M@wv=b}5{lG6!gwOXI|K%0+2EnCn{k}Frcbz6(dk>=z~yOB zR;Q0xZL14bLNtDcC{!6p$#5QW0Ua=@5Rz4Djo1e=II*=A#+++R*Q4xwVQ5D{aETnQ zEdVR+_k!&jHnC8o4EVn#H7L)l!h*YrWksG)-dl$FcyYlzh^P$)hfiXHV{}_2UCbEyy3(&nGEh_iMVJi z_zEeYT27=k8+*Te`)m6YQrYtSFM<@^Q(ji5IoNv!_M3QATR;Z#pVs_+cF5+A#b@a3P6~a{7N+G zm>ID@mi!unmWCjO5jW{HjuHEHbn59)USC5I?8k9SckE@m$WD2BZ%j~=SVe>|A`Kcp zhq^4RY*WFrYBWOv{IdC`Cj?`EufTw(8u>;=+p1ZSoS+nZD0Il znA;aMHs2%R`PYl2-%g}axF_reR^3cFvhLJLz_3k4&OJt&Zn&&4lW^9fNSWcIYYy+l>XP75?SnwD#bST{sT9}IiK@QI zeWrl$x#UuDqcQJ#Mwem&9=Ho`J%zufyCHnNi_}*VU}MQ)W&Knrv|2GhA^K;m_zWrgaTSGl+!-y57<+3DZ1IrLKV8Nax{?RA9&dF=3U^G9q! z7SPF~^rn#KcQ|${7G2LjQoXh%7p||F(OB(c(ZUk%Y7f%nyDN7>;7K@ALdYmT)+U$Z zs}TGDfiy=uGeVYif!O!t2WL;i1j3E6!{T}FeR}+rO1Zmhw)uBL$sQ#+Yd8lrCb48` zuN3H_$#Ycfu&oy1^!_6W( z*G+;yY>w=-MgJwCe@HBK3etb+5%r@Z_Pm$>NluMgZ8?o*lkKVr6%bQ{2tbjmVAiwi zLY!Y@X3kO!e3%tZrwucq?J|&>&DfblG z!gX$EIju|}hXu|UIoX1rS(*$Db<*#(DI4On8x%xAb8)U`vJ6r&8h9DKmeIfoHcZr5;CGjpb){=%bcj5)=U0GNtF*`MJiL8H!)c~@ZDX?1 zU*8enFa46}6f8jHRen;Sa>e~gfuL6dzZ*eHq1gf3Agh}_>;BRFq@VFm`_%d(gv}{( zL4;5ZR^!u=y1L-CNBarqp{nm{&rCihJU&E?GNe( zaU@iNH?}(nyE*!!>l+JW+c%GCwNCIRGot;xzr;g&ro9ua5Y@bx;hErX{?h4^hJ%L! zt%+%Es7B&Lp6E&$ty|XLpIZ-v69G+|V>eDIv%@FxZR#~%dr#r{fVIR*KljaW)sT&& zcsHX}yBLx7M-ZZ(KWA%3Uz7shfrrEI{bQXFG)GkirYv5nCHTqV1jRf#1Z2 zOs-w*<)Rn15t#b5{M?gw-u5?7m%bTjL)K{^CwN8|q@7nn;xwk`F_I8 zKgsK-Ic)f=r4Xr|%?)LSba7%`k&PeHMEFU{fAxWd>rs}V$YhjxjA41$ThVv zt~o`Qx^{-|+?&}8QG1fmlfsv1`W<%|w*;|v#62|&>MjQEQFCAnm}fSbF|nRjXQes| z@-3$uN6|*_G;3F*14>#&_+tr?n;~h_zazzXJm-60vf5Hd^&^2nEk~Daf|ogcAj1(n usSeGFKTpio!z!gS>q}as|4%%1E*QB?iyi9cM!f$?E{%Z>3R$CVhy5R>heVP9 literal 0 HcmV?d00001 diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile b/Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile new file mode 100644 index 000000000000..3523d3b6b93b --- /dev/null +++ b/Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile @@ -0,0 +1,18 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] +pylint = "*" +pytest = "==5.0.1" +pytest-mock = "*" +requests-mock = "*" +pytest-asyncio = "*" + +[packages] +pytest = "*" +requests = "*" + +[requires] +python_version = "3.7" diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile.lock b/Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile.lock new file mode 100644 index 000000000000..6bdb9313414e --- /dev/null +++ b/Packs/ThycoticDSV/Integrations/ThycoticDSV/Pipfile.lock @@ -0,0 +1,369 @@ +{ + "_meta": { + "hash": { + "sha256": "278db815bec49c11262633d34305f9b33f09432a223bedd5329a04f758f78b55" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.7" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "atomicwrites": { + "hashes": [ + "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4", + "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6" + ], + "version": "==1.3.0" + }, + "attrs": { + "hashes": [ + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" + ], + "version": "==19.1.0" + }, + "certifi": { + "hashes": [ + "sha256:e4f3620cfea4f83eedc95b24abd9cd56f3c4b146dd0177e83a21b4eb49e21e50", + "sha256:fd7c7c74727ddcf00e9acd26bba8da604ffec95bf1c2144e67aff7a8b50e6cef" + ], + "version": "==2019.9.11" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, + "importlib-metadata": { + "hashes": [ + "sha256:652234b6ab8f2506ae58e528b6fbcc668831d3cc758e1bc01ef438d328b68cdb", + "sha256:6f264986fb88042bc1f0535fa9a557e6a376cfe5679dc77caac7fe8b5d43d05f" + ], + "markers": "python_version < '3.8'", + "version": "==0.22" + }, + "more-itertools": { + "hashes": [ + "sha256:409cd48d4db7052af495b09dec721011634af3753ae1ef92d2b32f73a745f832", + "sha256:92b8c4b06dac4f0611c0729b2f2ede52b2e1bac1ab48f089c7ddc12e26bb60c4" + ], + "version": "==7.2.0" + }, + "packaging": { + "hashes": [ + "sha256:a7ac867b97fdc07ee80a8058fe4435ccd274ecc3b0ed61d852d7d53055528cf9", + "sha256:c491ca87294da7cc01902edbe30a5bc6c4c28172b5138ab4e4aa1b9d7bfaeafe" + ], + "version": "==19.1" + }, + "pluggy": { + "hashes": [ + "sha256:0db4b7601aae1d35b4a033282da476845aa19185c1e6964b25cf324b5e4ec3e6", + "sha256:fa5fa1622fa6dd5c030e9cad086fa19ef6a0cf6d7a2d12318e10cb49d6d68f34" + ], + "version": "==0.13.0" + }, + "py": { + "hashes": [ + "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa", + "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53" + ], + "version": "==1.8.0" + }, + "pyparsing": { + "hashes": [ + "sha256:6f98a7b9397e206d78cc01df10131398f1c8b8510a2f4d97d9abd82e1aacdd80", + "sha256:d9338df12903bbf5d65a0e4e87c2161968b10d2e489652bb47001d82a9b028b4" + ], + "version": "==2.4.2" + }, + "pytest": { + "hashes": [ + "sha256:95d13143cc14174ca1a01ec68e84d76ba5d9d493ac02716fd9706c949a505210", + "sha256:b78fe2881323bd44fd9bd76e5317173d4316577e7b1cddebae9136a4495ec865" + ], + "index": "pypi", + "version": "==5.1.2" + }, + "requests": { + "hashes": [ + "sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4", + "sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31" + ], + "index": "pypi", + "version": "==2.22.0" + }, + "six": { + "hashes": [ + "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", + "sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73" + ], + "version": "==1.12.0" + }, + "urllib3": { + "hashes": [ + "sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1", + "sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232" + ], + "version": "==1.25.3" + }, + "wcwidth": { + "hashes": [ + "sha256:3df37372226d6e63e1b1e1eda15c594bca98a22d33a23832a90998faa96bc65e", + "sha256:f4ebe71925af7b40a864553f761ed559b43544f8f71746c2d756c7fe788ade7c" + ], + "version": "==0.1.7" + }, + "zipp": { + "hashes": [ + "sha256:3718b1cbcd963c7d4c5511a8240812904164b7f381b647143a89d3b98f9bcd8e", + "sha256:f06903e9f1f43b12d371004b4ac7b06ab39a44adc747266928ae6debfa7b3335" + ], + "version": "==0.6.0" + } + }, + "develop": { + "astroid": { + "hashes": [ + "sha256:6560e1e1749f68c64a4b5dee4e091fce798d2f0d84ebe638cf0e0585a343acf4", + "sha256:b65db1bbaac9f9f4d190199bb8680af6f6f84fd3769a5ea883df8a91fe68b4c4" + ], + "version": "==2.2.5" + }, + "atomicwrites": { + "hashes": [ + "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4", + "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6" + ], + "version": "==1.3.0" + }, + "attrs": { + "hashes": [ + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" + ], + "version": "==19.1.0" + }, + "certifi": { + "hashes": [ + "sha256:e4f3620cfea4f83eedc95b24abd9cd56f3c4b146dd0177e83a21b4eb49e21e50", + "sha256:fd7c7c74727ddcf00e9acd26bba8da604ffec95bf1c2144e67aff7a8b50e6cef" + ], + "version": "==2019.9.11" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, + "importlib-metadata": { + "hashes": [ + "sha256:652234b6ab8f2506ae58e528b6fbcc668831d3cc758e1bc01ef438d328b68cdb", + "sha256:6f264986fb88042bc1f0535fa9a557e6a376cfe5679dc77caac7fe8b5d43d05f" + ], + "markers": "python_version < '3.8'", + "version": "==0.22" + }, + "isort": { + "hashes": [ + "sha256:54da7e92468955c4fceacd0c86bd0ec997b0e1ee80d97f67c35a78b719dccab1", + "sha256:6e811fcb295968434526407adb8796944f1988c5b65e8139058f2014cbe100fd" + ], + "version": "==4.3.21" + }, + "lazy-object-proxy": { + "hashes": [ + "sha256:02b260c8deb80db09325b99edf62ae344ce9bc64d68b7a634410b8e9a568edbf", + "sha256:18f9c401083a4ba6e162355873f906315332ea7035803d0fd8166051e3d402e3", + "sha256:1f2c6209a8917c525c1e2b55a716135ca4658a3042b5122d4e3413a4030c26ce", + "sha256:2f06d97f0ca0f414f6b707c974aaf8829c2292c1c497642f63824119d770226f", + "sha256:616c94f8176808f4018b39f9638080ed86f96b55370b5a9463b2ee5c926f6c5f", + "sha256:63b91e30ef47ef68a30f0c3c278fbfe9822319c15f34b7538a829515b84ca2a0", + "sha256:77b454f03860b844f758c5d5c6e5f18d27de899a3db367f4af06bec2e6013a8e", + "sha256:83fe27ba321e4cfac466178606147d3c0aa18e8087507caec78ed5a966a64905", + "sha256:84742532d39f72df959d237912344d8a1764c2d03fe58beba96a87bfa11a76d8", + "sha256:874ebf3caaf55a020aeb08acead813baf5a305927a71ce88c9377970fe7ad3c2", + "sha256:9f5caf2c7436d44f3cec97c2fa7791f8a675170badbfa86e1992ca1b84c37009", + "sha256:a0c8758d01fcdfe7ae8e4b4017b13552efa7f1197dd7358dc9da0576f9d0328a", + "sha256:a4def978d9d28cda2d960c279318d46b327632686d82b4917516c36d4c274512", + "sha256:ad4f4be843dace866af5fc142509e9b9817ca0c59342fdb176ab6ad552c927f5", + "sha256:ae33dd198f772f714420c5ab698ff05ff900150486c648d29951e9c70694338e", + "sha256:b4a2b782b8a8c5522ad35c93e04d60e2ba7f7dcb9271ec8e8c3e08239be6c7b4", + "sha256:c462eb33f6abca3b34cdedbe84d761f31a60b814e173b98ede3c81bb48967c4f", + "sha256:fd135b8d35dfdcdb984828c84d695937e58cc5f49e1c854eb311c4d6aa03f4f1" + ], + "version": "==1.4.2" + }, + "mccabe": { + "hashes": [ + "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42", + "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f" + ], + "version": "==0.6.1" + }, + "more-itertools": { + "hashes": [ + "sha256:409cd48d4db7052af495b09dec721011634af3753ae1ef92d2b32f73a745f832", + "sha256:92b8c4b06dac4f0611c0729b2f2ede52b2e1bac1ab48f089c7ddc12e26bb60c4" + ], + "version": "==7.2.0" + }, + "packaging": { + "hashes": [ + "sha256:a7ac867b97fdc07ee80a8058fe4435ccd274ecc3b0ed61d852d7d53055528cf9", + "sha256:c491ca87294da7cc01902edbe30a5bc6c4c28172b5138ab4e4aa1b9d7bfaeafe" + ], + "version": "==19.1" + }, + "pluggy": { + "hashes": [ + "sha256:0db4b7601aae1d35b4a033282da476845aa19185c1e6964b25cf324b5e4ec3e6", + "sha256:fa5fa1622fa6dd5c030e9cad086fa19ef6a0cf6d7a2d12318e10cb49d6d68f34" + ], + "version": "==0.13.0" + }, + "py": { + "hashes": [ + "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa", + "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53" + ], + "version": "==1.8.0" + }, + "pylint": { + "hashes": [ + "sha256:5d77031694a5fb97ea95e828c8d10fc770a1df6eb3906067aaed42201a8a6a09", + "sha256:723e3db49555abaf9bf79dc474c6b9e2935ad82230b10c1138a71ea41ac0fff1" + ], + "index": "pypi", + "version": "==2.3.1" + }, + "pyparsing": { + "hashes": [ + "sha256:6f98a7b9397e206d78cc01df10131398f1c8b8510a2f4d97d9abd82e1aacdd80", + "sha256:d9338df12903bbf5d65a0e4e87c2161968b10d2e489652bb47001d82a9b028b4" + ], + "version": "==2.4.2" + }, + "pytest": { + "hashes": [ + "sha256:95d13143cc14174ca1a01ec68e84d76ba5d9d493ac02716fd9706c949a505210", + "sha256:b78fe2881323bd44fd9bd76e5317173d4316577e7b1cddebae9136a4495ec865" + ], + "index": "pypi", + "version": "==5.1.2" + }, + "pytest-asyncio": { + "hashes": [ + "sha256:9fac5100fd716cbecf6ef89233e8590a4ad61d729d1732e0a96b84182df1daaf", + "sha256:d734718e25cfc32d2bf78d346e99d33724deeba774cc4afdf491530c6184b63b" + ], + "index": "pypi", + "version": "==0.10.0" + }, + "pytest-mock": { + "hashes": [ + "sha256:43ce4e9dd5074993e7c021bb1c22cbb5363e612a2b5a76bc6d956775b10758b7", + "sha256:5bf5771b1db93beac965a7347dc81c675ec4090cb841e49d9d34637a25c30568" + ], + "index": "pypi", + "version": "==1.10.4" + }, + "requests": { + "hashes": [ + "sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4", + "sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31" + ], + "index": "pypi", + "version": "==2.22.0" + }, + "requests-mock": { + "hashes": [ + "sha256:510df890afe08d36eca5bb16b4aa6308a6f85e3159ad3013bac8b9de7bd5a010", + "sha256:88d3402dd8b3c69a9e4f9d3a73ad11b15920c6efd36bc27bf1f701cf4a8e4646" + ], + "index": "pypi", + "version": "==1.7.0" + }, + "six": { + "hashes": [ + "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", + "sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73" + ], + "version": "==1.12.0" + }, + "typed-ast": { + "hashes": [ + "sha256:18511a0b3e7922276346bcb47e2ef9f38fb90fd31cb9223eed42c85d1312344e", + "sha256:262c247a82d005e43b5b7f69aff746370538e176131c32dda9cb0f324d27141e", + "sha256:2b907eb046d049bcd9892e3076c7a6456c93a25bebfe554e931620c90e6a25b0", + "sha256:354c16e5babd09f5cb0ee000d54cfa38401d8b8891eefa878ac772f827181a3c", + "sha256:4e0b70c6fc4d010f8107726af5fd37921b666f5b31d9331f0bd24ad9a088e631", + "sha256:630968c5cdee51a11c05a30453f8cd65e0cc1d2ad0d9192819df9978984529f4", + "sha256:66480f95b8167c9c5c5c87f32cf437d585937970f3fc24386f313a4c97b44e34", + "sha256:71211d26ffd12d63a83e079ff258ac9d56a1376a25bc80b1cdcdf601b855b90b", + "sha256:95bd11af7eafc16e829af2d3df510cecfd4387f6453355188342c3e79a2ec87a", + "sha256:bc6c7d3fa1325a0c6613512a093bc2a2a15aeec350451cbdf9e1d4bffe3e3233", + "sha256:cc34a6f5b426748a507dd5d1de4c1978f2eb5626d51326e43280941206c209e1", + "sha256:d755f03c1e4a51e9b24d899561fec4ccaf51f210d52abdf8c07ee2849b212a36", + "sha256:d7c45933b1bdfaf9f36c579671fec15d25b06c8398f113dab64c18ed1adda01d", + "sha256:d896919306dd0aa22d0132f62a1b78d11aaf4c9fc5b3410d3c666b818191630a", + "sha256:ffde2fbfad571af120fcbfbbc61c72469e72f550d676c3342492a9dfdefb8f12" + ], + "markers": "implementation_name == 'cpython'", + "version": "==1.4.0" + }, + "urllib3": { + "hashes": [ + "sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1", + "sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232" + ], + "version": "==1.25.3" + }, + "wcwidth": { + "hashes": [ + "sha256:3df37372226d6e63e1b1e1eda15c594bca98a22d33a23832a90998faa96bc65e", + "sha256:f4ebe71925af7b40a864553f761ed559b43544f8f71746c2d756c7fe788ade7c" + ], + "version": "==0.1.7" + }, + "wrapt": { + "hashes": [ + "sha256:565a021fd19419476b9362b05eeaa094178de64f8361e44468f9e9d7843901e1" + ], + "version": "==1.11.2" + }, + "zipp": { + "hashes": [ + "sha256:3718b1cbcd963c7d4c5511a8240812904164b7f381b647143a89d3b98f9bcd8e", + "sha256:f06903e9f1f43b12d371004b4ac7b06ab39a44adc747266928ae6debfa7b3335" + ], + "version": "==0.6.0" + } + } +} diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/README.md b/Packs/ThycoticDSV/Integrations/ThycoticDSV/README.md new file mode 100644 index 000000000000..2d46399e6d1b --- /dev/null +++ b/Packs/ThycoticDSV/Integrations/ThycoticDSV/README.md @@ -0,0 +1,74 @@ +Thycotic DevOps Secrets Vault is a high velocity vault that centralizes secrets management, enforces access, and provides automated logging trails. +DevOps Secrets Vault is an API-as-a-Service, which makes getting up and running easy. No installation of the vault or database is required and Thycotic even handles all the updates. +This integration was integrated and tested with version 6.0 of ThycoticDSV. +Supported Cortex XSOAR versions: 5.0.0 and later. + +## Configure ThycoticDSV on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for ThycoticDSV. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | url | Server URL \(e.g. https://example.com\) | True | + | insecure | Trust any certificate \(not secure\) | False | + | proxy | Use system proxy settings | False | + | client_id | Client id for client_credentials grant type | True | + | client_secret | Client secret for client_credentials grant type | True | + +4. Click **Test** to validate the URLs, token, and connection. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### dsv-secret-get +*** +Get secret for client + + +#### Base Command + +`dsv-secret-get` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | Name secret for operation Get. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| secret | String | JSON object secret | + + +#### Command Example +```!dsv-secret-get name="accounts/xsoar"``` + +#### Context Example +```json +{ + "DSV": { + "Secret": { + "attributes": {}, + "created": "2020-12-15T11:50:45Z", + "createdBy": "users:thy-one:anikolaev@accessecm.com", + "data": { + "password": "XSOARPassword", + "username": "xsoar" + }, + "description": "", + "id": "e88f725b-ff1c-4902-961e-fcdf3c7f712f", + "lastModified": "2020-12-20T14:17:03Z", + "lastModifiedBy": "users:thy-one:anikolaev@accessecm.com", + "path": "accounts:xsoar", + "version": "1" + } + } +} +``` + +#### Human Readable Output + +>{'id': 'e88f725b-ff1c-4902-961e-fcdf3c7f712f', 'path': 'accounts:xsoar', 'attributes': {}, 'description': '', 'data': {'password': 'XSOARPassword', 'username': 'xsoar'}, 'created': '2020-12-15T11:50:45Z', 'lastModified': '2020-12-20T14:17:03Z', 'createdBy': 'users:thy-one:anikolaev@accessecm.com', 'lastModifiedBy': 'users:thy-one:anikolaev@accessecm.com', 'version': '1'} diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.py b/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.py new file mode 100644 index 000000000000..d5f6fd1bd44e --- /dev/null +++ b/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.py @@ -0,0 +1,93 @@ +import demistomock as demisto +from CommonServerPython import * +from CommonServerUserPython import * +# from typing import Dict + +# Disable insecure warnings +requests.packages.urllib3.disable_warnings() + + +class Client(BaseClient): + def __init__(self, server_url: str, client_id: str, client_secret: str, proxy: bool, verify: bool): + super().__init__(base_url=server_url, proxy=proxy, verify=verify) + self._client_id = client_id + self._client_secret = client_secret + self._token = self._generate_token() + self._headers = {'Authorization': self._token, 'Content-Type': 'application/json'} + + def _generate_token(self) -> str: + body = { + "client_id": self._client_id, + "client_secret": self._client_secret, + "grant_type": "client_credentials", + "provider": "thy-one" + } + + headers = { + 'Content-Type': 'application/x-www-form-urlencoded' + } + return "Bearer " + (self._http_request("POST", "/v1/token", headers=headers, data=body)).get('accessToken') + + def getSecret(self, name: str) -> str: + return self._http_request("GET", url_suffix="/v1/secrets/" + str(name)) + + +def dsv_secret_get_command(client, name: str = ''): + secret = client.getSecret(name) + markdown = tableToMarkdown("Information", secret) + + return CommandResults( + readable_output=markdown, + outputs_prefix="DSV.Secret", + outputs_key_field="secret", + raw_response=secret, + outputs=secret + ) + + +def test_module(client) -> str: + if client._token == '': + raise Exception('Failed to get authorization token. Check you credential and access to DSV.') + + return 'ok' + + +def main(): + client_id = demisto.params().get('client_id') + client_secret = demisto.params().get('client_secret') + + # get the service API url + url = demisto.params().get('url') + proxy = demisto.params().get('proxy', False) + verify = not demisto.params().get('insecure', False) +# credential_objects = demisto.params().get('credentialobjects') + + LOG(f'Command being called is {demisto.command()}') + + thycotic_commands = { + 'dsv-secret-get': dsv_secret_get_command + } + + try: + client = Client(server_url=url, + client_id=client_id, + client_secret=client_secret, + proxy=proxy, + verify=verify) + + if demisto.command() in thycotic_commands: + return_results( + thycotic_commands[demisto.command()](client, **demisto.args()) # type: ignore[operator] + ) + + elif demisto.command() == 'test-module': + # This is the call made when pressing the integration Test button. + result = test_module(client) + demisto.results(result) + + except Exception as e: + return_error(f'Failed to execute {demisto.command()} command. Error: {str(e)}') + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.yml b/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.yml new file mode 100644 index 000000000000..54b3f216598f --- /dev/null +++ b/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV.yml @@ -0,0 +1,60 @@ +category: Authentication +commonfields: + id: ThycoticDSV + version: -1 +configuration: +- display: Server URL (e.g. https://example.com) + name: url + required: true + type: 0 +- display: Trust any certificate (not secure) + name: insecure + required: false + type: 8 +- display: Use system proxy settings + name: proxy + required: false + type: 8 +- display: Client ID + hidden: false + name: client_id + required: true + type: 0 +- display: Client Secret + hidden: false + name: client_secret + required: true + type: 0 +description: Manage credentials for applications, databases, CI/CD tools, and services + without causing friction in the development process. +display: ThycoticDSV +name: ThycoticDSV +script: + commands: + - arguments: + - default: false + description: Secret name for DSV + isArray: false + name: name + required: true + secret: false + deprecated: false + description: Getting a secret fom DSV + execution: false + name: dsv-secret-get + outputs: + - contextPath: secret + description: Received JSON object secret + type: String + dockerimage: demisto/python3:3.9.6.22912 + feed: false + isfetch: false + longRunning: false + longRunningPort: false + runonce: false + script: '-' + subtype: python3 + type: python +tests: +- No tests (auto formatted) +fromversion: 6.0.0 diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV_description.md b/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV_description.md new file mode 100644 index 000000000000..5d9685ea7bef --- /dev/null +++ b/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV_description.md @@ -0,0 +1,17 @@ +## Thycotic DevOps Storage Vault +Thycotic DevOps Secrets Vault is a high velocity vault that centralizes secrets management, enforces access, and provides automated logging trails. This cloud-based solution is platform agnostic and designed to replace hard-coded credentials in applications, micro-services, DevOps tools, and robotic process automation. This vault ensures IT, DevOps and Security teams the speed and agility needed to stay competitive without sacrificing security. + +### Configure Thycotic DevOps +Please view documentation *[Quick Start](https://docs.thycotic.com/dsv/1.0.0/quickstart/index.md)* + +To use this integration, you must have a Thycotic DSV account. + +To configure an instance and use the integration, you must specify: + +**Server URL** - URL Thycotic DSV, for example https://test.secretsvaultcloud.eu + +You must also provide valid credentials to log into Thycotic DSV: + +**Client ID** - Client id for client credentials grant type. + +**Client Secret** - Client secret for client credentials grant type \ No newline at end of file diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV_image.png b/Packs/ThycoticDSV/Integrations/ThycoticDSV/ThycoticDSV_image.png new file mode 100644 index 0000000000000000000000000000000000000000..ca3cc8f22e59d0f2294e4f6f4bf0b4f96a657d85 GIT binary patch literal 7711 zcmZ`;WmMEp)c)x*V@M-V?03gy(S2n!Yw)Y|g1>es+Z5pZf z3gV=oqW}PPNd(t+*!OF=gSw#(00glC05S>y{@t69+W_Dv006tT03ewO01rKLz8Xm1 z1330tYRbUff1{wi?7!XcJk`y80D$=PKLI^@k|lX>#P!wCQNi5+(_l#eJ($ZK0C-fS zp{!u!j6OgFez7)A_Ao{@UZ9=YPJc=(AfvKl4cLHLMarK4+!jo-x5kck zCPODsucU0{`esZZV5Z11UWzfU5sxkMdP5?mjR~=VTah)rVMvPW0vuEINQ9@p{H74@<=^7slc z#u<~~KlNGWz0C18be0iFQWz6xnfB-pRSC~9VZgFu!C%22>MOTP$DecsK}Rx3j#3xB z&;_!23?x|{+XGah2fRy@Q16#BXeLRcSXxyLRzl`n^1oa(Ngz`IlVW>s`QOWZ5b)877n_DUIuHWaw>5}bOUy!IZvh^MjnGwWt&i2vrVnw+BY2Darw7Nbq_jIPtDIbX{ zYX0!4uu#^;xqao(?`=kHP|)P5Cg;E~z&@Pc`e&|Ki@CUa**r5VE7wPX+&J_P^pReyg+$2Sry-{U6JSG1^Vod(09_jzQdLz?5^Z$%aUxTp=B^1Fee zB1J3MAOzs9f9FZ;(`GOH3f^_=!m6$69s!;_s{x2``-5Sv>c&`|lwQ{NGPLe#h9W)B zE@Dp&LR@+NF=te_oYu5zlS-H_xRFw-I4;yIhMktyPKk&Ld_H~ko0YS4u5~56W2FO~ z9Dcik&MOQLRc4_P3$r^qIrm!(!OF+1-Zh}P$pNz#`#`>2`y&!7E|_uZ-xa?k5OSdt zgnLL<^dMYqMow2@`>L@j%6To|-_#GMoDM3$=qILA2RVn3cYEQM^UFxAlu@pZkJel0 z_oO*bdU8ybD|?&XDjaH@*>U#d{#pCA&iq19f?%pq`PW08#6%Ap@MKQESVAKT%($F- zmg_UFH>U5dN$xXkE$r%W$);gf+R0i(HwG#nB?D%UMY+0k+x@I zu(Yf&qLHH{MZ&(9tIf*b0Oc_@3>rc)h7Gl?h||r7-A2*v12+T0T$O3~TRDD?viavD z6I8NcJSjDcj7W|c7VjGoQ~peup`fFjqrC&`yWUAT%(-87-qOU_)M^eZDR_WhJCmM@ z`s&Qa=D3Saj8lb4Ta!X_1961l$o*-45z(l|45J_@X6LgCIOx3n8$1FU>-1296v_chow@Y$#f(|ZjRU_|HzO37O47CLx|1iB-Yqnx#)G4WE zGl;_rk)(4A-P!oIk_^|z>iSIK#*obt=T>31%fTR z4$WA=OsedA-TQTb->luuX`<8Lv%vLBr#>gbX=rs<=)6|cB*{XkcJ8szgiLwV?h{U8 zoqX=R7GGo0?79(Zoi&9^DWIHkD1k(AtqnW*DEPFBMD|*}!et-?^tkNt{KKXW?;|V{ z)cuVEF%kMOP*MDr4ig(x@@uPVReEq57+F-+HgUSHg`wZBXfyIsdSMy^4BoJl`JXMp#L`g3W%;f>ZQs56z1_SoYp=UUBDjq;kffk& zqjikc&;<6+Azdn7O0}o^=<~7uj)$*sN?D#y50(xM4DTV2i2+G+0aSwjtN!)aht*cc zr#2{eHy6*5X}8qyw#1jMYc(|TsqA{g8>cj{sXv?A zyl8Bn&XE3?{6RqY5sQ|bB<;9__M>bIA#U(+#T&`lL-S6rzH5S{?+mTp8=vnmkqm)H zAgD3~WG2M+tG@Z>)_t^T#H~6bhT=uERpy71&-5V!UAEKZZj#PH{tIVho5XFukJm-~ z9~l^FQRZ_oSyW*uND?9emt8m$_xrq?w_&Xp$j20~C7{JlqV6?DsYcH%ENLi*vwfBv zlAfRV?enIbK8<9i`xuHC@KfX6!7F=Z^1#4=4(T0>HAC;-mriGdJtim)<40-}tA(tK zo}V=zxyl{=z3fDMn}16=yma<^(`ZE8BzA%$#moM!p!*SV(g(?9l&UaTLMUWJGQx#R zeeT6p>Pj*T)O+A(=uw(pQ+$!un{X(>WAG0%*}F0_M-leu5?I|qCNu4>(8$&7N#JpE z_sB?|^#Q_Fq05O6qs3qfiUFj9@K`u2@W>+h@7C9CgEI6u#?0$fdAO=MI5^p`OTI{a z^5aax$LiMCBL9-(_;x7vlA(tm~rM40>hW9-UW@| z5}B5xF{kqj>YXi>;#5|50np`pRdX@HCY zHpa$5j!%b>0=oKt3{niqo`oAT%V3I-q(v^+ADoD8&YP2RMPZ5}jj~K?lJ$H5 zVjJ)b0zjhLJ9jare1Vs-A&Yb|$-3#Y!6;U-y4@Vu$EyFzRzr`7nkD5J0F*5Lz-aA@)XAm29QE zf4-}0^k$DKQxo>YDSo3_i&l?9YJ}{D-!3-0g%ArT;Lg94!ngOAkiM)x@f%9A^;*Hu4Hk8$JRc-n%=%7ZaON(*^=+lzZz zN*gV2H>=HksC%}fbCb@l_$Xd4C!3p@F}5h{v6SA;Cs>eucGLA-i2E`1!2 z_aq7%dglXFa_%a$JZ1u`KVk>q%M_fOE=o!PlfPVRzU~}Z4@Iv!D=LJSYN${c^G|skh!1Sn^IzmmjldGaOodZnSprvWoT0KW%q!Xt2en zniUH~n2q#`e;B-ex%HNPO7A<3HNiYF?FWlzx2nUuOfxaUfX&c+yFc;Y%+&bFNDg^t z%-{lIXc6(IX~*rVG+~+{bfe|r?4^pN^Y;qv8CA|7P0wt0=R;;HJHK4{?=AUHlrl(o z=}?u;1!9jx)@o6o^?l6pBTIDi=2IxuP!=@pQjGi6+?;eq1hsSw{c~IvJy@!(WX-nF z#q4s58vT7vGV7_QpvD+u3a(BN;G{U{Mk*^9Nh zJhFydvm#%w`mB>6lDyr3y1IR&Rh$@l5;1L>Z~RnjN-QQ|beM<9HdQ=TcguTTBqMD1 z0&yhcwK>lqvs2G!P+TYi=y2*+QeppyP=LOOHARYhex96IL zywuhIOmu}tN!@u)ciM645*8ut)f@bO{Uc@A2^E1UeCxq3?-zKlnXV~PQwm?ph*9TE zAKd^U<(cghZWiY+p}5R(zPu-t2I@U8vIN*q>--yYzfZ4xd#M^>!9@bZeP_ih60+O$ z=)CAe1ieYj|N1w+ID?Xlk3l05Kia;xu!(GUGVrqr@iS8D?PRrCEcptz<}q9j4_XcV?W9tVd4|DV>Td11^Iz77@~>CPNERZ9YlUbUilLFqFuW_3wT$V+soRu~WA6 zcdzQ@-}BMz6KW?{3p}vl+YoI@{{?G*%dPB5GQAuDJuN(=c{tVaj_>_%Bo=K-?ko@S z?S7|O*3@}DScSNhIo;p%E{(#N(<_rZriyBf+7QE?w522!7^tRmMn+!bO?(*Hc)WAa zXK}$I!*V)g}5N)^;Y@(Vvi^jJb&=Ywvj{olN_3)^AVSNP0fqY;+vf&pm)xT^i$c%1@z1u=&$GU_#o_ z?47%TvfsRsVP!;Lgx}xA}ky3@d(z z4$xuvIRR?|{l};k>^ldJMAgWB->7mEJ7zGWcC}?w@O;D0q*M@2k2Sast+ z-VjQ2m2&m1c3=67ntMwkANie)^P*DI3{~HRPcV9w+oProoxC|2M0TwL@{I7fW_lKb?Kw?0IqAESSV}TQCPoFyWFyJe+bpN22ZtIeJ2%GM zC2=pL@h`XUW4XOO+mfy}TC6Vxq9|2nm=n=tAhEpSQSn`Y}XK5oo`0>~R;&_0+ zbL-o{$vM&LK2;B2g!;7o3PFCmbaq_Imx+nr(wK6G%&b1vM+3GFl$3q3txoO;QSEy4 zq1Ar-x$H4|p_iug!q0af-N>D)o5bzNYc|{etlk`;=1h=mib7f`IQ9iL_07Ad`jtRq zA=sdBD$+=#Ml2i*hQiXdHktwlMm(~)pUOL|y7jRkw3H6ob5p&Eyc)mO3l|tB&scO~ zi;AR^!wfC`54{=(>n;~%BKKxwf)37IFMThj#Y8NRVvTqKJngZirB2_g&u?Wv{X*!K zz>bSL1D4447}%Ib!PP)GtAddpx`jD+Hp5C%kAa8=j0AwRh>?!)(XeCgjmm`2oDfwQ zh+KK^dJ2yywX6YZd*>+?PNpv5t6rW}g*T;><+(mSDVcwurB+eN2ZDO>z6GVxU=>0+ zIUkN%eq}K<(se5tc5We;S|IDydG|TJ#4rJcH-U4U^pQqrGg1ZUVh-7M$X6T%ccCr! z9=JYfajPjDM-TvnEP$#(sZpkA-IdxBrpX{KOM@16^>={pYAfvDExH{+QFuui1*9RF zSxIUZ|6SjNT-uCf@Iv6F$XM-UTV{DR!#1_%JF; z*oS4Ul${(A)n^dH@d5vN4R^An_sUc|trXraDL$C^wQ~-j^Z-7PGE{2HYY7G#cSn4z z5gfls z#3!bS4w}-?>{_rl;MgtaR-I4A04YNKg#NFrj{8P)eXrZXHIF_fN?ALDgo{tg<@Mn- zH6JxicFVRBt-a6Q9hg{*?^TUL3!ov5pY3-fEGnX8T-!p1`gLst2RZbr8%W5R#K0r2 zF0aLKp_i9xD*<;YF#<72D3~;bsWffI0>JM(Q4c%9HQ@_9>yXlw*@+U@{c}zyqglbC zQS)UruB!GnkS*0~h6&)5pFqZCRcp01H(7D`?$^C8s`c{-=TMOp*bqNF*uBo??l|+e zxm6UTZwXtt{P$b7Am@a_JDd!{cJxdb59aM<^)z^8$NlXVG4Z7k6BkWY4~XI+AtVww+xb%DLgss07y^z6RI1N1=_2F**qHxFof7sQH$6akl_o0-iO}qQL21Q95 zE@h29ejoK_vWsj}i9*{}9Qo+g+(aNl&cF`=!uQ{W2>K%gE4?LTpQF3il4RIo*J$%> z!uEz};bcq%`yP4(mGb+enS%9{oecYt`T`W?!sd`a(0>Kuw$dNbqRfH$L(K)(VJDFxYq*MeIh&jW+@mt}%lUwuPK*zbTk|eNyt6-&wn)@LYa* z$}3c^h7Jy$;*ofi<+{Lz?>v49SiGIj%>x>5^y}vAxMqb}%N|PG? z9taCpw(&f|f(PRfaS-g7o^mF*LRz9>4LNs}BL26kIMp{C;7PRSaK!BzZE)ifRt3)G~-bn&005^_1)7S6!And2s>Ml z_fv5%mR~A9A9M9#vw~B}_`5V8cJVQ8t7>T=TUc+eY1(Ms^hMpg4!g_Cw&x2+#T@z( zJU|Q~DJ^zEe7eNXNhZRSxKo20bU=YyFO8P{J3Poc4iIdw^V4zzb^>bnm9(O?StPLw zJY9}$!&U6N6ju2wN)u>2T($*cs(09;BJ@1MZB@RDwSb3Xw633nR@hb0AkEuYQ#>}L zE+yXZ9kMQ6XzOf!nt(qy!-gkT9Y{Jf3+wS|PEeiZ_@1J)rcu$LRnqc8G5tk3O$OKT z@QZr<4f__OnV3Xl)-kX0LN`kepW~vwqZfI-=v2jIi^+AnCeYnZ4^{y*Hh>8|jhTy- zs-@=X1j8OTBE`BWj$*_gyH8x(`#md|N>4n|LA4~-peQQXc(^p^EW>_D3MNmUGYkk>Chlqcuhsv_xZJ1&%=m8!hiAdS&}U(~OS6{Mf$9f4J< zr~;=XHWrYYZnK|>@Yj(s6ciW?SenYGgV&5pVQ6LSSs+l=15eCyw7X2Ul-45i#)z4! zy{_=D`2KevP96VE%>=sZ4E!7%#hPMT<}gu*)MA&KKuC$Y%J~lue>b)uoDg;e%@&VN zrm5x%@dTV_vNS6G?Ie&r)XtPBd#(wA64Jl^LnOI!U)@XSF>>|NRj!tgQ=Xl8TS=}u zghgQ!^Q|zmVZ^bU!-<9h($z)yonA!J9%6_aAV)&Tw4D`$BnNu;|5d&I{8nZGB3{~E z9k*L-6-N&JbV;eesUq}V?AjEo{G*~KKuU*vZqiHhZh5R(S-JNuySyT+G^H{92_>#N zYKfRmK#-#(GKmCad(5K_heRj?XKY8=*SHcsA}n!R#RK;ZOfp{;GhYQiUuO?*KwnuE zZsg(N<^xwyqaF3XZ;Jw~|H04fe4k4?ct5{afRKQYAg_QBuaKybz+*`fF-ZXdUICH& zncY?7zlP}l1-N@Wd*K-P{|A_eCPd!{u>5y|@^c>t?-!oFFFalX&c42$lKlMs{{DQP z&m4Ju|0Bfb;Nfob!143FKkPq$qZhtz&;OUN(tor(ycM3daomG|hKjCojiPPD{{TA0 Ba6141 literal 0 HcmV?d00001 diff --git a/Packs/ThycoticDSV/Integrations/ThycoticDSV/command_examples.txt b/Packs/ThycoticDSV/Integrations/ThycoticDSV/command_examples.txt new file mode 100644 index 000000000000..d75735963760 --- /dev/null +++ b/Packs/ThycoticDSV/Integrations/ThycoticDSV/command_examples.txt @@ -0,0 +1 @@ +!dsv-secret-get name="accounts/xsoar" diff --git a/Packs/ThycoticDSV/README.md b/Packs/ThycoticDSV/README.md new file mode 100644 index 000000000000..d87e5009a76b --- /dev/null +++ b/Packs/ThycoticDSV/README.md @@ -0,0 +1,9 @@ +This package contains the integration of XSOAR and Thycotic DevOps Secrets Vault. + +Manage credentials for applications, databases, CI/CD tools, and services without causing friction in the development process. +Fetch updated data from secret for usage in owner automate process. + +What does this pack do? + +Allows you to get the contents of the secret data from the storage. + diff --git a/Packs/ThycoticDSV/pack_metadata.json b/Packs/ThycoticDSV/pack_metadata.json new file mode 100644 index 000000000000..b74f2a4a5b37 --- /dev/null +++ b/Packs/ThycoticDSV/pack_metadata.json @@ -0,0 +1,19 @@ +{ + "name": "ThycoticDSV", + "description": "This integration pack helps you retrieve the data stored in the Thycotic DevOps Storage Vault and use it in other integrations.", + "support": "partner", + "currentVersion": "1.0.0", + "author": "Thycotic Inc", + "url": "https://thycotic.force.com/support/s/login", + "email": "support@thycotic.com", + "created": "2020-12-17T08:04:48Z", + "categories": [ + "Authentication" + ], + "tags": [], + "useCases": [], + "keywords": [], + "githubUser": [ + "AndyNikolaev" + ] +} diff --git a/Tests/conf.json b/Tests/conf.json index 8eee2a631c76..2fde23a8c782 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -1,3 +1,4 @@ + { "testTimeout": 160, "testInterval": 20, From c1a4838c237f1c77313e9cd25e5df7f709e94aee Mon Sep 17 00:00:00 2001 From: Guy Freund <53565845+guyfreund@users.noreply.github.com> Date: Sun, 29 Aug 2021 13:39:29 +0300 Subject: [PATCH 061/173] Splunk Fixes (#14568) * fixed an issue in the outgoing mapper, fixed an issue in update-remote-system command * improved documentation * version bump * cr fixes --- ...ifier-Splunk_-_Notable_Generic_Outgoing_Mapper.json | 2 +- Packs/SplunkPy/Integrations/SplunkPy/README.md | 10 +++++++--- Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.py | 6 +++--- Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml | 1 + .../Integrations/SplunkPy/SplunkPy_description.md | 10 +++++++--- Packs/SplunkPy/ReleaseNotes/2_1_11.md | 10 ++++++++++ Packs/SplunkPy/pack_metadata.json | 2 +- 7 files changed, 30 insertions(+), 11 deletions(-) create mode 100644 Packs/SplunkPy/ReleaseNotes/2_1_11.md diff --git a/Packs/SplunkPy/Classifiers/classifier-Splunk_-_Notable_Generic_Outgoing_Mapper.json b/Packs/SplunkPy/Classifiers/classifier-Splunk_-_Notable_Generic_Outgoing_Mapper.json index fd07b4901ddc..4bc6c56f3e65 100644 --- a/Packs/SplunkPy/Classifiers/classifier-Splunk_-_Notable_Generic_Outgoing_Mapper.json +++ b/Packs/SplunkPy/Classifiers/classifier-Splunk_-_Notable_Generic_Outgoing_Mapper.json @@ -27,7 +27,7 @@ "isContext": false, "value": { "complex": null, - "simple": "New, In Progress, Pending, Resolved, Closed" + "simple": "New,In Progress,Pending,Resolved,Closed" } }, "mapped_values": { diff --git a/Packs/SplunkPy/Integrations/SplunkPy/README.md b/Packs/SplunkPy/Integrations/SplunkPy/README.md index b878dfd0569a..0c9852f0ca15 100644 --- a/Packs/SplunkPy/Integrations/SplunkPy/README.md +++ b/Packs/SplunkPy/Integrations/SplunkPy/README.md @@ -96,9 +96,13 @@ Run the ***splunk-reset-enriching-fetch-mechanism*** command and the mechanism w - The drilldown search, does not support Splunk's advanced syntax. For example: Splunk filters (**|s**, **|h**, etc.) ### Incident Mirroring -**NOTE: This feature is available from Cortex XSOAR version 6.0.0** -**NOTE: This feature is supported by Splunk Enterprise Security only** - +**Imporatnt Notes*** + - This feature is available from Cortex XSOAR version 6.0.0. + - This feature is supported by Splunk Enterprise Security only. + - In order for the mirroring to work, the *Incident Mirroring Direction* parameter needs to be set before the incident is fetched. + - In order to ensure the mirroring works as expected, mappers are required, both for incoming and outgoing, to map the expected fields in Cortex XSOAR and Splunk. + - For mirroring the *owner* field, the usernames need to be transformed to the corresponding in Cortex XSOAR and Splunk. + You can enable incident mirroring between Cortex XSOAR incidents and Splunk notables. To setup the mirroring follow these instructions: 1. Navigate to __Settings__ > __Integrations__ > __Servers & Services__. diff --git a/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.py b/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.py index 2ecfd7b4d466..31479bff9076 100644 --- a/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.py +++ b/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.py @@ -1084,11 +1084,11 @@ def update_remote_system_command(args, params, service, auth_token): urgency=changed_data['urgency'], owner=changed_data['owner'], eventIDs=[notable_id], auth_token=auth_token, sessionKey=session_key ) - msg = response_info.get('message') if 'success' not in response_info or not response_info['success']: - demisto.error('Failed updating notable {}: {}'.format(notable_id, msg)) + demisto.error('Failed updating notable {}: {}'.format(notable_id, str(response_info))) else: - demisto.debug('update-remote-system for notable {}: {}'.format(notable_id, msg)) + demisto.debug('update-remote-system for notable {}: {}'.format(notable_id, + response_info.get('message'))) except Exception as e: demisto.error('Error in Splunk outgoing mirror for incident corresponding to notable {}. ' diff --git a/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml b/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml index 9d83e27808d1..d4003af7ea83 100644 --- a/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml +++ b/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml @@ -787,4 +787,5 @@ tests: - SplunkPy parse-raw - Test defaultclassifier: SplunkPy defaultmapperin: SplunkPy-mapper +defaultmapperout: Splunk - Notable Generic Outgoing Mapper fromversion: 5.0.0 diff --git a/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy_description.md b/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy_description.md index 401a86cc96d9..9200f2cfd53a 100644 --- a/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy_description.md +++ b/Packs/SplunkPy/Integrations/SplunkPy/SplunkPy_description.md @@ -43,9 +43,13 @@ Run the ***splunk-reset-enriching-fetch-mechanism*** command and the mechanism w - The drilldown search, does not support Splunk's advanced syntax. For example: Splunk filters (**|s**, **|h**, etc.) ### Incident Mirroring -**NOTE: This feature is available from Cortex XSOAR version 6.0.0** -**NOTE: This feature is supported by Splunk Enterprise Security only** - +**Imporatnt Notes*** + - This feature is available from Cortex XSOAR version 6.0.0. + - This feature is supported by Splunk Enterprise Security only. + - In order for the mirroring to work, the *Incident Mirroring Direction* parameter needs to be set before the incident is fetched. + - In order to ensure the mirroring works as expected, mappers are required, both for incoming and outgoing, to map the expected fields in Cortex XSOAR and Splunk. + - For mirroring the *owner* field, the usernames need to be transformed to the corresponding in Cortex XSOAR and Splunk. + You can enable incident mirroring between Cortex XSOAR incidents and Splunk notables. To setup the mirroring follow these instructions: 1. Navigate to __Settings__ > __Integrations__ > __Servers & Services__. diff --git a/Packs/SplunkPy/ReleaseNotes/2_1_11.md b/Packs/SplunkPy/ReleaseNotes/2_1_11.md new file mode 100644 index 000000000000..2ae1f8aabdfb --- /dev/null +++ b/Packs/SplunkPy/ReleaseNotes/2_1_11.md @@ -0,0 +1,10 @@ + +#### Integrations +##### SplunkPy +- Fixed an issue where the ***update-remote-system*** mirroring command was returning an incorrect error message `AttributeError: 'unicode' object has no attribute 'get'`. +- Documentation and metadata improvements. +- Added a default outgoing mapper. + +#### Mappers +##### Splunk - Notable Generic Outgoing Mapper +- Fixed an issue in the Outgoing Mapper where whitespace in mapped values were causing wrong output. diff --git a/Packs/SplunkPy/pack_metadata.json b/Packs/SplunkPy/pack_metadata.json index 32865713dfa4..b6803019e4cc 100644 --- a/Packs/SplunkPy/pack_metadata.json +++ b/Packs/SplunkPy/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Splunk", "description": "Run queries on Splunk servers.", "support": "xsoar", - "currentVersion": "2.1.10", + "currentVersion": "2.1.11", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 6b17f0b9a415e9b46bcf180d9226b1a10a8ec7ae Mon Sep 17 00:00:00 2001 From: evisochek <72695126+evisochek@users.noreply.github.com> Date: Sun, 29 Aug 2021 14:37:30 +0300 Subject: [PATCH 062/173] Fix Get endpoint details - Generic playbook (#14569) * fix_playbook * fix task * Fix RN * upload new image * update image link * Update 2_0_3.md Done. Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- ...laybook-Get_endpoint_details_-_Generic.yml | 65 ++++++++---------- ...k-Get_endpoint_details_-_Generic_README.md | 2 +- Packs/CommonPlaybooks/ReleaseNotes/2_0_3.md | 4 ++ .../Get_endpoint_details_-_Generic.png | Bin 378865 -> 374383 bytes Packs/CommonPlaybooks/pack_metadata.json | 2 +- 5 files changed, 36 insertions(+), 37 deletions(-) create mode 100644 Packs/CommonPlaybooks/ReleaseNotes/2_0_3.md diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic.yml b/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic.yml index ed4616f5ab71..39509ee1ce5b 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic.yml +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic.yml @@ -1,5 +1,7 @@ id: Get endpoint details - Generic version: -1 +contentitemexportablefields: + contentitemfields: {} name: Get endpoint details - Generic description: "This playbook uses the generic command !endpoint to retrieve details\ \ on a specific endpoint.\nThis command currently supports the following integrations:\n\ @@ -44,7 +46,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "3" @@ -88,10 +90,8 @@ tasks: '#none#': - "8" scriptarguments: - hostname: {} id: simple: ${inputs.Endpoint_id} - ip: {} separatecontext: false view: |- { @@ -116,7 +116,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "6" @@ -162,8 +162,6 @@ tasks: scriptarguments: hostname: simple: ${inputs.Endpoint_hostname} - id: {} - ip: {} separatecontext: false view: |- { @@ -213,8 +211,10 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: + '#default#': + - "5" "yes": - "7" separatecontext: false @@ -229,8 +229,8 @@ tasks: view: |- { "position": { - "x": 2950, - "y": 860 + "x": 2840, + "y": 770 } } note: false @@ -255,16 +255,14 @@ tasks: '#none#': - "14" scriptarguments: - hostname: {} - id: {} ip: simple: ${inputs.Endpoint_ip} separatecontext: false view: |- { "position": { - "x": 2960, - "y": 1075 + "x": 3110, + "y": 1005 } } note: false @@ -283,7 +281,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "9" @@ -321,7 +319,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "5" @@ -369,7 +367,6 @@ tasks: simple: "true" key: simple: Endpoint.ID - stringify: {} value: simple: ${inputs.Endpoint_id} separatecontext: false @@ -396,7 +393,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "12" @@ -415,7 +412,7 @@ tasks: { "position": { "x": 1710, - "y": 1000 + "y": 980 } } note: false @@ -434,7 +431,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "5" @@ -452,8 +449,8 @@ tasks: view: |- { "position": { - "x": 2050, - "y": 1170 + "x": 1820, + "y": 1210 } } note: false @@ -478,17 +475,15 @@ tasks: '#none#': - "5" scriptarguments: - append: {} key: simple: Endpoint.Hostname - stringify: {} value: simple: ${inputs.Endpoint_hostname} separatecontext: false view: |- { "position": { - "x": 2440, + "x": 1950, "y": 1450 } } @@ -508,7 +503,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "17" @@ -526,8 +521,8 @@ tasks: view: |- { "position": { - "x": 2960, - "y": 1290 + "x": 3110, + "y": 1210 } } note: false @@ -556,15 +551,14 @@ tasks: simple: "true" key: simple: Endpoint.IPAddress - stringify: {} value: simple: ${inputs.Endpoint_ip} separatecontext: false view: |- { "position": { - "x": 3920, - "y": 1720 + "x": 3870, + "y": 1650 } } note: false @@ -583,7 +577,7 @@ tasks: type: condition iscommand: false brand: "" - description: "" + description: '' nexttasks: '#default#': - "5" @@ -601,8 +595,8 @@ tasks: view: |- { "position": { - "x": 3420, - "y": 1480 + "x": 3370, + "y": 1410 } } note: false @@ -610,6 +604,7 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 +system: true view: |- { "linkLabelsPosition": { @@ -621,13 +616,13 @@ view: |- "1_3_#default#": 0.51, "3_4_yes": 0.46, "3_6_#default#": 0.5, - "6_7_yes": 0.57, + "6_7_yes": 0.46, "9_5_#default#": 0.26 }, "paper": { "dimensions": { "height": 1975, - "width": 3850, + "width": 3800, "x": 450, "y": 130 } diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic_README.md b/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic_README.md index 5595feb8d9ff..36fbb2b4c20a 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic_README.md +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Get_endpoint_details_-_Generic_README.md @@ -43,4 +43,4 @@ endpoint ## Playbook Image --- -![Get endpoint details - Generic](https://github.com/demisto/content/raw/ee07059dc8769d6f5652a4a07b668d63266cafaf/Packs/CommonPlaybooks/doc_files/Get_endpoint_details_-_Generic.png) +![Get endpoint details - Generic](https://raw.githubusercontent.com/demisto/content/7138d5c3ca780a7d385623aff3f63f113845c36b/Packs/CommonPlaybooks/doc_files/Get_endpoint_details_-_Generic.png) diff --git a/Packs/CommonPlaybooks/ReleaseNotes/2_0_3.md b/Packs/CommonPlaybooks/ReleaseNotes/2_0_3.md new file mode 100644 index 000000000000..d17c9340d20e --- /dev/null +++ b/Packs/CommonPlaybooks/ReleaseNotes/2_0_3.md @@ -0,0 +1,4 @@ + +#### Playbooks +##### Get endpoint details - Generic +Fixed the "Is the endpoint IP provided?" conditional task where the task had no path if the IP address was not provided. diff --git a/Packs/CommonPlaybooks/doc_files/Get_endpoint_details_-_Generic.png b/Packs/CommonPlaybooks/doc_files/Get_endpoint_details_-_Generic.png index d987875fd1a8f7af2b7854d2946a15bae0766043..2f9d62f17ba1dc3d30c1664fb168f1ce7ae98fa0 100644 GIT binary patch literal 374383 zcmd44XIPWj)<3KW77(!k3IZw$Dov$#1`8@uq_$&rMc<0M-opa63+N-bMT6^7(^>wv4+4*wnUd$G2U-{FjlRHI+2weY?kB zbdvYlse`UF9PuAcM&zEOy|{cU{`&i=Eb&Cu_}lo~7@3(pMA80^)mRryBvXn4y50@*AJ8f|C?2R|hJPEJA+0Tf@Yuag_YW0)~YI`TXEpFSv zJ-5fbg^}q`{b`C5LCvSDHkQj8o0^(JBerd4Vcos|xW;{$e_)OGlex zgY8&^6brND$nFNzY;VbAmKs)6Og!a(fqA^N0=A@TI(OmP4KQXI`zCEhh`>^k24i8uDvse`nKhyr6Eo;2xN2 z;d~jJv{(9qCu9{tDM>$EyA)I<3^T z=VW;-4%vQ1eh;-Oc>2bxN`-^GQi!OG!pBDhlEdGBe=|UHYbF0%M<%i6reC$K4H z<=LHUX^XE&rcF*dTU7?gW@TqPI6I452hO-1Q}&c3D+T!nD@#at>}q;lIyRFg38~vP zVst%qaL89kswsjxJ0uuJpM6a97~mhkqqDb@B`nJ>dw6)1l$O5zMf#IZRDi2MfE}wW zl!LuZp9$B$iSL=($HkTX7s;Vog}0^3@1%9mh?T{4$sV3OclWmbRTNJA_1jhMq-TH? zoTtwxphVMBQXcmuCZ36NY@gmYL=YwWPgE%c+M4nWlB$9*d}N&m#P5u4c6L3aN5lGi zVLKc-tcLLp;&pxb^5^Na(b3y`IXP>Wm;LxUHix@Pv0B8gwc$4Uu_pq`0qw2Gc2D`V7D^c<c52>odQf`9W<11N;~| zP3IEP-QE4}J^87koQ`~Y7;M#dgd#tH6)Dmm%7fC&Q|Pisan1|>a`-1 z%b%C$I`sZ16c*FHuzh_pC6?#7M+DH+hT2i3rb3SHp}CBBa3*+%T=uhRswhVLn7+cz}kCWd}0{u*-+EG+`EhR zB+n9`m4YG?i5(spI>((}b z^0L4$$It!^uDB?!pLDjabF_4Fpj3AA*RI(JRpqkFAt53CcY&H{xw_`)5*Gt&mULle z6E%-Ga?kyvD}3Doe0)z@HbQZA{Ko+)pu%Q_wJr$IP+fbG2&Ye47XJ!h|l!%p3 zy5MW)G#j{kN=ix;2e0H;;0o8(ZGz5Ohfp3g6LQpd=>gYlOJXZ(rC~P(=7>TBc@(wx zKu}On8<`x8$R_y?g|orVo?2~L#P(4|NWQT++V9`@tf~SPHwO;2)E7%toyZ-qm3rj0 zd%yEdtau4#=-DSf>aQ<_zzTXxT}=Q`x zQ%h=8nhK*~xgQ-YxT2{wIxj#ezEljwVhv-qC$-g5K*$jN8gxr>*={Zt~y0T34?Qx4+e% ztMyPhBqgXWfIwKDWF?;Kkb~lE@)cW@TwT4^$TzI&+%FrV@ao!{!$fn+-2{?&NlpXJ zQBiyiuD`Y|<}mt47Shs(vh~uUd94+XhAb@#X=St?Ef2IS?r{#;Vnn#cdj)Po!$Wgz z)ggL=K^U9C07_n4U*FM{KsB#&t5aA+2BKgeY;GVWx0sQytfKM?)w7{zvtsv3Mfz9@ zsZ!qN)9x)#RKjwoC;#dYjkcVo?qjpCxL8Xg5i|AAOcoLE>NVEEHHY3v7H&2aNSVCS zlzh(x2U9Nx{*nqg7^-PH`e!D&Py}-lxHl|2+l|_(mq~mvG3)&#&)Hwtk7Mzc?UKZq znVGi!{v`5NngUM>X4XHmpgg<$8ZF1Ppl)S;Vr1TC&9h=@Jam#u{u~dvcs>o=;eO}A ziyu{k*LrA?pFVx+E%%-XOd!R_$6sSc3B@J!Z`tCF&eeu;@D7iD_nu2+&>w%}RXUkA z`|}3mO*xP2i|bzXbh)@W7bXwIY2D<_lW86oG3$%Kq$LhQkFm4+_>e_OAowEiJF^h^J6IQtHaQSc=1EQ z7#}oR3xmP%^|~+8tK=qZx#5yAZDQM3LmM2lIz2w`^VP#h0kmCqo;HnD%`{Wi%~PGvg_$4`f_zcY3rh!HhoJuy51&<{9O(jfZ z78B9ZJ%`W&eBpY*!)-n>X&deI;odoEGbGP*I z@wseiY1waQYKuOd1iJ)ny~)zB6XoROU5 zIRlV%C}ER#qM%^-Ih12=N_{2g<;&D4&5WG!Yv#7}F8O9_-sYwUnU{on#+56(Pu?z1 z!nu{UeJBibX}mQ#sg}ltB_;nk3NwAZuW@Kgab#o;^GaDqhHTDOaks_C1Xg8^TWN!c616@j zs(uVD#21;VSA8sP?MK_YE8o1NSrIu~1kWdAJmTmcMtrbSq*QeZ1yVOIsHqvp?x$Xw zRXU6&tL@iYpR85zU;6RHWnidUSZ%oqGcwlG^3_mXIrvNQ^_OTyP4h~NUTS&8>!gEW z#k`L?Dvd`hwDZIe)n>0E%M+)TGeeg1Cue8%W}BOJv7|UnK0TNYN~2?sIDfB1+zrpM zA8{XjrVQ4LLpGY6DQDaWHAw%L==V?W@aWE*8J*x-X*3eP+^6rKCgy^)Ye2#l^*UMVm21kwN z9{Cm(nosYW(J1xvIs=w0fKMuHq@vxM(r782(%HIJNed!shtOO0k*WzOhv8 zz85iT-&<^Agm0cc)L{HIbe0&7M*4Eq%G&r z{MGMP4WXgD-6dwE@AG4&QnJXxfagwVH%cOxveaHfn@YK7sV$#v-G}{0Z5b8w23VRG z-7W3MJC+q{!l_y(dBvvTo_)PvlPY*8wfw&un0CwR5-!7#0bOzbt z+cn1R!z=_ht` z`h#NOrgDJ$MNX1qii?f^h?UA*CT~X#@*p8-uFG(0cFeAC3{*4|1EVXJ^cjNWwu;|$ zy};$lxz7!v9g^i^J+qANFLQO@IeJ39VlRw&JGRWs4n5oHIi%uyRyU1UblaBRA`~LR z6Rk7-W1RHP!qhAHd#^ZdO-~&a6h>NFLIGyk!)KP^o=#s|bYXOv*dFuvu%OsjDXs~} z`O}}e^n%74rWy*ZT1zX$s9p$h5q69Z=&->57QU##6Azr9hxA9T~-7X4ng zgY3MzM-J$w^uF^5`zvN3;w-1&>mfJJ$oqB^kV&zJ8AyJPb$%c z6~+7Lajd`VEs6_S9!u(a=l=*w#bE`v1HRn7?hU2ndyZOZ!HR11xXk&qA@SRZe@oA* z$tb7?XUSj?XG$strtP3|)6{nZc3Hx~r0BDVBU!rOe{P<82q7i&%A(;*u9yzj2s$|qi! z`bGp{?~hgcTe>QJh$k;EZ$1Un&~j!EJ20-uQ!*93=&?`zw;Kc4P(8%%u8K4kV$Q93 z_(XD*p7>SuI3~(i!2rJ%4H`Q0M=vwzRdZT)5 zuKD#alK5VW>$Y^qPi?oG#A}k+UKFeP9R73mOYidS1s~tb{`dXM6DpFhq}wT9-GOtP zPu2G2&A&b9h2(H0nA@W3%Tg)L$O|B}Pp_ZNy=sdN3_Qo#kuQQvHh$*QCNWD(4x+DB zFW#&0{G+L|SUe(sIE6J>=;K7UAI)Q^g0?m~j~?_t9{hWuVM@Becc1kUTF|hTRMtoi zNoScr4@tBz_5Q#lUrhG*Zm2Vw@UQbS_pbzMHIaT0yCw11T9#Ml_hdNg99yKg*>&pF zfm+}Fz3^#mU)C4(#YCwVDIzct6*Hodvut8+Al2(c*Po}9&oxMc9-Cmg)7*DGl_c6+ zvCXRWG3DU#tO=u;8l(y3b0{yze$$IcMSSSI6mM^y%z`B{xvAg_O~)pKvNKl(hoNU+ z{l-IWvVQfR>a^Hg6970YQLpmFqc$PT=;oQxf%c)8%3u+JG!W1?ErkM)OIi!+OaMa^ z@|&djjYWAs3w4Z*5=m3{W4O<42vr{zZLu~l`FQHgARa?mSL(Bxkc@uw*Rc3gWtl*U z4b{H-O0A{Z@6rjp8*1ja3;Vl?-Ek>{j3X(mC?}EZ;Sk2Ma%Oe4dZn_ma%N?vDu5P1 z+bI|2(gGWAO3z@k7zh9G1bQ7Z+{lkj?UHYy(gH z-zYj4^_9^4a87nU$EM>6((RhDUxn8QETX0df9m9i4vDsinC7`6`o3?(w1EhZbX3~> z?ollbU`zX1awUWwuLN4#qD$YU3d2l%)6YWXs=(2skLM>^>Z{kK^uB&wa68P7kPUk; z4J<`-f(`cEF&gUm-nV--t}#C zkdTP?&6M@OJw4m>t@o?%uK|~W!rnlB;N&Suph{RO3s+xGqeTIPMFvX0xO)+K?4N5WO)0B=}FJ{<-{dDsf!*S9|e%SQc;fl@Xu#;C382hP4v;NeskQtVArN+Ze`w0#tRS-jil-&p_+ z1TDT#AZR?U#BjO^5VKs%^7--9kjnfIUrZBA4@b)%;C-&PUr?kxu$oV({);!)H+(UF zVAn86^b%)VEw#HXdI<6T03xl8&I?^$&P0FR+*os<(@67JQg?T^^WD4V4GXEKVJg~v zjW6s_X$~5y5Htyu<_b%702QOTn?;6(-ubIdG-TB!kS3;;{Cd3fa3bsLHMEDNOm7mK zW9(C(gZJ`pADb_IRW}||ma3WS+LfDaA)1ef8rWG@8z!i9WEYoUx*E^1vfx2)`q@=Ub5Y6NOg zN4yx=NPYi}x;p|WQ=$;?Za4#M`4J)h$LOJADKe%-*wRUjwZzkc{rkewO@nqjMTK_ zdnn`}=kwM|!AfcyeI8fej+j*K&;vLO57ywWNR~+5aA6o%Jpw0l3o;`aegIlwyS~YrAeouC$h_Zzi*B!V6Pfc)kzPovQ#kqV^Tf)iM~_p6g%V0{ooif8poU*@1&G8`GbT z96J_CBBHfSO-)PicrD2UZDlF}u8#+ey1QG900s>zv?9!((eHknWBB2Qp z1ASZFECJAB?f@-j!RoozUkY9g%?f_MZ5I|6E^BGEUsp{7x7bHyrj1~c{uh^X zOl|SeT)o|}b>cB(#or|zot!!_E-vTDph>h`o0B~v79)y4DGMh^b>7b8fx4#HY4(3Q z?m_{R`p3xC4pl@X05BneKm$5NCgkCdeFEy>Fw!Xy!TUfr_Xd#~yjWlp?%?q%B0pc^ z01JXF4K%Yep@!-f852`C^H6!DjZW1gQfPg}q67kAoJbL|Ly&wa6tkHv{eeLYHtN7T z1zhsqC@_C;IHFb|Xw?V!-V>YiHtPzGnX>FDB>rMd4x|}1AO3AJqJ=8OmS`lNHTrB! zYHI4_n4+^aRp2IdfP66R9ILjQ?k|=Av!!KBp4BRVvnD% z%+VAtAaVUPmfGRlhXG15t9s9MFzB8WbpS6_<}oA)`qZHDEC@6tgNO`D%|jf5)9nFF z1Wt*27bm;pKbA*BHE)Q~Zw!%76n}l5 z`6x<8hlBv*76lCAhrk;&Njx{16~#o%`KJY(KpK^dyKzBPRRD@RzkdB%ZpWv^9CDK6 zm@#og9tM6%?(%UC%05~jU-cY$$6Zqrh$bsw#tI>y&~QatTbmhWO}~hR+K*>rYmn`C zgv`(y_g?yVxS$&IN6NgJJ6rkNIC;4tPvoC)=xfEz0!(>x(ASa2w)PUnGmXZ zf|DYW;v4Gg8X&_1JG0-;YI3Ys$E8^la_V*U^uc!1*z z0obf9b+BDv$BrF^cN*ela+7_!n~v(orlq`>2i?q{PI;BmDdk-V@EW z-@aW7TqM>H=M|ftv;o#om5GWodkn=2I&2qUOw_!TU(p>LI5rO zva+%jTt1CpeG+z<&9$;M1{g!)DV!zwE`5Dv9-5HRTVG!E`_zJLGtOxzRCiBGC?t(BNeJYIfvb+tV$!nd2d8=;C9h3i$Fkyzths6%Dq zU>+#$ZSn!(^ z*fsoZGq2E>(k+ua01CkCrU1=bDk(-vCPbWiCzflO`K1sx%ENgUmsNv2S#-W6nH8O# zojvkrtRVz#6IH#^_tLe9;Ra@J&q!h2E)*}e=p)=9bkTf&K>DUFHwYVED?0PoJdiM7qW$sm(pw|^MstfV7ONGlDHk5MwwF{QS zD!pe$#PlE-@^eQA1SoORq9Y@}e*JoRFPGk%U!aO*vsVqzb+1(QtqP?(Gmi=oGjFgf0cY>io`L%)m_TiAHKf7Qjgc_x+ zANYEkc;?{|k=ne}+aJg3rR>nt-8?yTD;!wPLI|?8qa&7F zSy_3PmqeB1nie^M_>1I-iRgse@X?T9?FQ3|ZYmrzj_M#|xQ*r^SE6PtKzdRSW<2=@ zo2o*H5u<~F_2gV{4+)LjwwEk6n>4A{CT+8CJf>!Yepc1}ZDicUR&?K;r%Z>1a9tD{ zGG3rfPv3Y*G*^&cNo*J!pQS3=k&=W`*kF62lUQF4s^g=vPoz_k$*kVRX&jd-!1&(X z9un31NWc4Q>08rEyVrZFgVjWyNK?+wM;W5V2Zn`$CIw{88%{<^J!N%|eTqEzxk+h4 zgwd>Kd8D~XO*@!ni>xXj0RBQRlqw z=K5L)zmsH4_nW`5DVD?N%}rH^nx+#tTmzD)PAAwA%`+{*HRaeM8}|GhT;3eVd9ug? z=A3riJ{U^!=H-}|+&j%agB;{&KO-izvBE#sVXD{j<`r7#Xrva|A1C5!{$`Gi=Mj>Z zV^nhQyyQB1q~YCDI8J1%cuLkvAIFk%7yj(0eLg;G;2_79oYI+G^Vs{++}LcTS*$yQ zoJp^f2pVuLiocSim9FwJ*~pswm#G$M++WCOE8T+8+o%~o*o&*7+3!`FLgpuAwxQ-l zhy3IuW1^=Xi=B!TVIK}9rsb@xDES`$-XU{R5tTn5HGf)1CKc?qxI+#COKsuR$UN5}Hg5e-6eKE;kp~k1V`xGuBc5=&HTG`Y`OZ zhgQpnRQi5qZqRxJ+#t#``h(fSnigy2LoJnFB0yD5Wg40#5OXyGJLdAg?BI@)4`<>c z`<>mkV@Y*tHeGodKbwH@)g@*qU{+kLjtay)es90(<8(quxyuzImu z7qiZ?v7(ay^m2n|I{)*3{aa=R z(Omc6eJ2;s9LHJ4WIMLNh(P}eEPV;wu2ddxp8_5F{ja_)^bsa?y|&L&|8k`6{juB;85#vjB2yGDYpw0Hur zUTETW0zdRn*p%!EB@Tmomvb$Xu5N&-CV>Xcz(ZhybC6%at3s%2c>Ee%_A)O|s?H7dk^os-9L z1E+T7HO7JK<_|U=V#WlHLT+rXv&-rku=p!CcQWI$vv`5$SvB2OV*oft2JbZC%QF2S zVAzcpk#}!^e`l$nuE2#4A>5c7;?v8<9ZeA9#6|OTnV<|O2M8)%@h4yb$ zA0Xwwa??;Y9x&e_CEEo)!|vAvKsuk0>rb%;!HyQAznvNOivS7A+Lc{X1p%{rg%On#!M)eGXndyk1E(SkXsz!o8C|6zWnXs)^eQ*Y+@2e;8vw+6P$~IkL zB7*V({lI&+nA~wayuTMAoLOqhf7Rp3D!ReWVlf$~`% zi2aKhJDq~u_a^r?+>84)`RIrLW;Ss6_U6q0AGQ;B#>?Y0hH;MIy&&deUMw#0RgxV7902R0Z-JkdvfdD8%$+uJq1{%bajuD-izz9@R zlT?{0Ec&5(lRWsu7dljQ*PUc0SZ4bW+)jRZn|QT9^v7&pFEh|@iDY!vA!J0oDh-ibWvr1HtZ0w}iiv0(iy@aF~E# zl0?r{ptf?&Cd?%8i;_T&v!c!niU^1%$Py8_4@99@%L!!|`t|Q$x0oehv@A}`qX|G~7ZRdb^ag_U^ks&1i;;mfPDbP~E@-RY94=&&%? zP~Ty}C(Jla)^osX<~4qQx0BazEH7d%O4R0YJC#}#H*R4$0?t2xJ_d59lRw~&*KBd~ z9Eh=bMn672;$4pQP~%U~s!Pc8p6JeB&g4?>{msM9+y$WAb@0cxtqW++&7@WE8P+CV z5tA4NP1p)Ljz-|z6g(3HU#h!vjX?hX*1k@@q{a(@^6hb-%rrd)TS<2BH!B5hl3w-+p=)5R!0>NdD z`3~4O4YZ!%Wdn;(9@Pva7-d`*cTZtP?szC}b0k+I+0-^dg)U##UI$$!1H5dn0u$0d zj@ty{qIkH4Djo2fAJnh#bUf2+UBzd5wcf%0!%JF4@zWRqOTz0ACy!&tdIj-I?gg<= z+?c69_rD7T4pZVqUg3MT;HCaVKU$o$r@v3d>mb@-J2%(hh5fTiD*A1H51Eo{9n`j= z&Kr|1vP|Sh)}m8Y1+%51@_*dD*Au_IxQpw`P;{!X>g)+7!nj8I1%UqWj~p{D)Wjy} zSw&U{{xNH8%KQDP=oe@z3k5Cbf1Hmexh8+>fNM_c=p~wJBaKkSyW!+`F=6of?x!HS z9Nb}laPQ;4o`&mRDSz+dpoIS*KY|(Pfaf4MIpd4LbT3<3Wsw-N z+?Djwrdz=Jdca+Jzjk~rHPNun`VBWzS`ZKY#`_Tisu^3=dP_`Q{LF>}BJ1aRd2v?l z+K?wor@QP7Gse>j4Hbaq)VZ9Z8sV0T{X^Epg+Fox%LfNc#lz(#RSL5(X3XRk`<*30 zf-I1LrR6iQ~M2niZT9x^>=I01Q~RD?v&@E zl=%AwYq=BpI@rVQO^h3^95fTdUJJN)EXmRMUV{wQptojR@?8G?YtVFQgLR~ogsK#r z>F8lFqQdN3uvmhO%=>KRO%id)2)eCpE{pkbd5&om3UzgLdU{&vT!nIXWh3lHmIjeM z@m!cGARP zy%KPz2ma$D~LCrEnf$3at zDQcFK5Ntv2SFo`CT7wL*lV?M9xJIxL^SOYN?zcJ4h5`fT4q*LKmQJ!9*qSCqWv7-g zRw!_1_ONYxUhJjPzzjcXmMno&Rb+8!R5d+A4*&A^r(+BwYt@D-<#cwj9QzSD{tAn zm1|b`+WA@O?q?<vmcM)LmPgm^s&2BCAi}{+9?>)dxeCShwmY8&V}eKJV|L$Xr<$OC6&IV8dyT!bF4^essp8?vGq?0Y^7M;y zcOUM}qpq_@A>a50+oFfRKGv#?w~89tDCFo0VZ)MElLw#$$dDfXx3CkooA;foE&e$U zd39j26)CHU0j^~(!T@QDA9Mk0!sGbXK3bUZ0zX{c?$&ZBTD>YuN+|}BO%MY$b5Dm0 zoZo~fjpV`-*ic%Bx|^cYpFz@TuikBbe1&9ceZUmqYdp1wlkXN-o#7%Js%Ep^*K(t( ze;_@6z-7S2GJEZJ)BrN(A4M5ClY{c#PHfi(Fys4|b8yMoAO23;7A07-vj!%{)6(Ze-M`ZxpMm53hlzosDcN;DtTE5RtZe?XRA<+6i?b z>&v3h^O^F(&~E;!*|XWN3}oD1R@-%7TB;mcoz#ln-R<~Sw_ebnLvwvC8=kj=?)WY( zE(+WV3D)b#){9}#87tM5-iSy4&H{|IY_3ar1>MGyoYI2ikn4@JwVY|2DSp(#`snj# zIxYFqhC(vPMHhrVE}1@BI-9*D?pN+VKQ6p_WU6soE*y85M_hu{#}?6BO&qg-6#v8mlMH4E7X*P`6I?qQ|sb?Kv1 z6-E7cBq^YC2$wH@^ zxGZ?s*&SUge7in;q!D7quHC5IpH#P(D~u_VKwVV2t8Ui$UD#3W`Mg|wrp%Q!lPxr^KWqe;aNt^Jf zI?H=ra_RZxZ`FvxPv-*dTmh9^?D;P<`|JA5lgUT6h-P(f=SC;g0( zb|GI_fxL=Q3ax{&+OJ;s;(M$Ecw>EO!dln;OV2q`T#Aie;eJ$k_ljzQQh^N0Z&D#h zYB5o5#qQVoe9l+G;9AO3-~!OxfEj!*Jwh>VRn;RQje}a&aD5u?j0HA;y%Q`qiohXv z8n(0|3r%l!h!w6ByomO3&g7&ze(HRt`T5I^rz^gPIefAL{>OmMEd97^;pCTIXokZ- zuc7_+HB>ksdM~V6?NuG;P(d#Tv6hAS$^CgbqF$s@C*wAmN|- zD$+6Ijfr!Gl>C@q8Oxe<em#5Ru>NJh;;z>pGQ-BZ{hmwKm9tauk&eGGi^Od3;1#M1quCK)!l-o-X@GcD6jVG!U(fnFK+d53Gj1P9PnON3>qmL zi19lsmtzNBbtw{`X^wX7rt%bjW2Ag*F48yi_uKd~Ykj(VY;d+wj$u4bea=m6d7l;5 zof|b&`KzO?r>Dn-krh*JjU`<;WC6Fmf%QD2UtEJM%B>Xxd&d#-i{}kAE^Mf9+*Dia zG`w<&2zU^^@R@cEUDnI-=F7wj{@%Pg4j|cl%QCmS6kb%U?^4lh$Z~bC*yc|zhPM^H zkg*@Ub`=OPrjN$z2?n^M>mrZd5;wD)Rw*W0h?giE*rNUXO7#_#77f005Y1<&s;lSt z8EQSVd+LRRdJy!&3^B6^Uex?7`m}1ymk5xevE!xejV{BvYm88il&<^CqbU4iG@|!Oj_T@ zqmv_A7-6kk9?ao|X_Z~b(1bzN`#di;2XLbicP9y&;@^s0-I~?)@#?O}iT{JCH zOVD4YYWb}cXUf9DR7cG2uRH`6^KD)rad{S%rs(Y$NF`8&Lys1>-bu2Y_U$+v-J~X( z7U&f?9h(+j+^m!{+0+p5P3YcYSM^~={VuirV1LDx9rdBs$D6n&vlb1cLVmAR^WxVx z5=L~y;)S?-H{`3ABj&zi*HRdmSF;Q8_*d$qiEQME6l2$oVzn}m z*w&9b$^Gj>|62x+7^Wk^9tY*5R;2J3!pQs$qio7EYv;V?eJ1aX(mOdS;_{sWF`z|V zHc>te_aiOXe)djTT(ZUcQzhVS_`sKfv1#zKqEmp>&qB=f=JzOOMb!^HrX>8g#Q$TY zSeMF8%c`DHVBRxYcs285VrQ$Z#N3llYksRk>V-2$W&NnlhK>jHwSiFUgZT-O#U3RU%oQ0y~VdhFCyC>Cgp zK!}Z#hZ9`ZT9~GvWg+G@WP5=VO28x!5|fgRgi-r#G3s3mI3VcN41oBt@%sTd^4P)P z6kHbSfFX~8+q+&L1C+@?L$A+Pm*5V3q#Hv(#o}lu^wlOlXmWd7*K@dXD1ip%2ZRcD zf{|r?=uO><$yL|`oX5d{f-mp?|9~klb#Nm8Ex2K;3qX$YQ1;VsUo@s41v>gqR*Dq? zpq~5lhx$9=YJ~(ewqsEL)(mJxCm86*msOd-ZE~cm0<9RBxAKLo^A@nq=qF95;9620 zG!&^&y{#WmqXD!ce+_OHz76{W&?P1>4b?L4V&J}IS~(Zs(&Yj@V!33c4cudT7m$SI z%vbn34WyxY@h@lJVF6|TymQLf3zsqr2!S?kVMcSDv{ea)4M+mUA^D) z-b9O7+Id+e(X=Co4&Ez0o(&G4sT`S^7_Tt|1TSxAVg4QvF2+SyKeS7Z%(o-iBjSjP zl^{mT$tTV0&Vu+y5v6PiagXS&@8XcozxY(o!BVS-*7T5Y_~%PJl*R)t?{ijgv~_jg!g~R|{rLu5_FP@=>q= z*nZxBja&XJTY&9@bq|7rRgz12RcbrAsP8I19B}kmxEWIwCtv%wdBX=nel6sxk89fY zNHFy?d#G6nzVt!HuMc6q#Y+ax=yo=n-|fh;33tddUIpzAU-<8!^~*JMScsS^jLxwD z_n_}C1V@P$Hjl6n)KHM`F>;~Z*A+zltD~`Gl6xg}wS%~p z_VMgKw~DvozsRT4!c$jzj$J_Avo)m>MjjN6)5Sl^1@PL~benAr;-rH&SjfA=!f;cK zj<|Cmj37ZLgJ%Syk*8)o^CG|^dXf=AY$RJmSVITK`r}v?U3~#-!RxQ4w8kt9Qx{@@K+Pcpek{SMRLS!CImq3NjL_ zV zEzJ9Ga4oW@-PfAvqH`}-$yz7be7M|glGl`$+xrzN94@_?bxOlF;p?ly)DhhQZK|qS z*1>xI4pCcTd=11X$*dUZ=z_;z3i70K9z@gLYgN7)kahLHN%+ZeX&yb~YkrJ8uW3&4 z74&wz89b18CrWl}G079iS_J-YtfiphK}bql@y`tqd`HTwjTZ>W%RVg_y#)!PT_+}a zE4-_NnPT5V%t#d2#}4&!>7~34y*Sg~1=1p^81I`ez3pfo#MvsPeY3s#OBO*5A?gIZ zs$A+^+`jd01iH5Uw6<4=AZC5eZ{l>qUWvIz>6WiU>oY@j1;M``7T){y`9^|VDzF~t z<=KEyeZ~>E&dcI5D3nm zoOt=VB6p<9y`LH?%Re7_f=|5Gf@zT9w=)AH74p@J_|FfA7{P;{^#bMU98{D0E?~Y- z2g=Dyv@*}bB{0bhBCvC$%2&RwCab`75IM1M<-*GAg3f@xWq(o6WGX#%(h_y4 zZ$#|qN3iK{c{ri!FlLFWXx~4UV54@pUk6KOY{nIgZqh+S0%?`(yZUQa3S+$(grs!^0i-}i05sDJ}N06h| zovO(0T;T`hEX1)Jd|LN4#6Xcy_WA64*llFTL+@N{;G2d zt*Z+22nY5Xr;7h4y)3GaakK^VLIq%FWi6gY5Q~>IKL`exj#}KXMaz5`2lea!8gPNd zmGnfm4}!fqO|%u7tmkCu;vKr`*q=3rd$vy0DoT6NgpUBQ<^W*LF+xo>3$JMc=t0lU zPMeLNyTYvdxO)Ynauor9kpt45;?zjkONpHwu}Q33xjYmC_X_sjDxx<}McDtjV)K5| zmlT~kbz$m()a8ki(9=Cal>3MKA)&mK_pts~tFP$kwX_zo5FNPX(zan8p+VNH4t)-| zQ7iAHek^FIZ~k2JE%aDiJbj6%%0U()%@5fuQ3z*q2k?KgUY>U~M@07IS@HsbJbrJO zU5BokPx0#^l279-dHs`tY<7d9FSW8eD~NLQtr!HvbSEYS(OTkHh45fb zurTEIPcY;5C9xzUlK^)*FcJsbd3WII8gfc9r3rfF7Xx^#40}v{8^oHS4V@)x(>MJ7 zodrk(s<@W&J{oQScvq=GVj-G~J={SY`B{b;Zq;@jX^rOe^rLee*oEF)uRoM^bz<~T zrt9kKNhPHJ&6h!TK0bQ+l@A1fMQZ@Td>1B2(heuGXwWSjT*`T z^(pJPI}Ht|I)JK6KsbF0u0$fWfy#LLQ^KK(8Td+F55Yv*Xpm2V_ zVYaRSaO1fA8l-Pz9^4UejkP_8IjQ@=H-$4Ug$>tWca$ga*aWYPDQqls4CrZSK^#1P z>NkjMW7bCMU|G8)PT6z#>)=oa2NBGQzkzEJ09v~bjnOWAMzT|&@z15K0#yvePiu3Z zIB;sKBg@p#+UDlwWYYN)OS1zB7<2ic#l^)dU~4{YCNNg zzE&{UgWa*q9;jk@!Qr1eL)uao*(qgXmCnSh&CPr*`yuQ@->IAeC(ZRAr#*7FM(R1S zhrjAbO`?2#$5;qpJ!^RZSfg%b)6gJqk!QrAiE@_mvoDib2z{6$)u+bz>Uq4^zSLkXFK;5DS_%H14a4-hp99|H|qIl1MFY;_#`82q`&4V~HSrEi3=Z=xxtXEaf z)xN}7`YivoqEC9dC_!hpk>PRm^kkvYym7&9s91vaiyF%8FSvV~_*z1)_v8>}`~>=m z*;1r(IcwUGVTVXeirm@YnW8aS(wAXYm(x!f&+|=vUEjJP;AYwVx6;A)6O>sd@2>Aw z`P0ZTHzUjM+W-6i{wa;w&j!Z2vs)k8CKfT?oWwI5Qr{6m+vUI=``!|v4p>7nu%Pv(#)U(rbn5NL z8SJ7lV(G_xOQiI;fN7Vk1T)LCc9%Q?vDx)i?71BAr*%MiY)a+x)Y%r3BAb5onvMx+jf>2uo-25Jds0WXH6Yi za#>#vHHEy-NZh7sA)29qT>46;y;O8JXjDYGyh05}D)=r%vYW^LYf3GdZLk6; zbPn_$lvDL=W`%)G5souumWqI`u`@@dCBYr*{~v4L9Z2>5|9>M_C~nya6(N!&WNS(i zMG+Y#lyRiPIXFhAr7~0YELqvfI>)MPImh0IvgeU`jN|yd-fp_;bMN=M`Tcjw`<(Y{ zJjdg?`_e5#zH{t<|DX-lr7s>#*K-O~VCRLsQ{2Gu7qtL?FGxf|Z~?0#YvPN=Mj8)m zL(N&91_fA%0XmtL)gb&TG=Ut^dH`ZKoo&L1iuuwYl$;tvO)eTCt4PrsVNK;IDR2*& zwwV@OTbzkaD85&GuJh~xr4?lwHut^X{i=dmxx$9yVDoHmnyeVmqYnvco$n3>91N;w zQ@Hi3$x|yEjfd!XMm@PjfC@~$4m$4x`btLn7wGuMJ$-CaOlLp+QPqW80a}J~sJczen@!{k@01YvECl64H#zKJJ&h(?R$; zN)Oyzqu;yp?Q}OlSyw6BCk3e#r;#hx&C!p39e)ElO9zDSO{k%_7WSpW4!IC2m{BIp zolAzT*7fivwhd4l2k_kxb!nR9TPOzckg((g%ekEob& zt(BQFnSYhrQ+h0VBl57Q9NZ>s3wkfrJjfaD#X^<18cRo{7rL&_JvzEn96Y*_JKaRJ zCv9ZMA3}Q%$)|-ra)E$(Pe34C!gVTtp!CHP1@cCI9Bm6?b8~i2ghiYWkcEa)0GU zD!7W~Ex3N_Q;=*rrKIgwUC1lkelrM&+>e9S9ivozzy#$5_ZtH4*Cr)~slf8eE+vz* z8QF1)8$hATQD*`5U%L11+#;R!juv&oGC{hz#3PkhdF(2xg3AP#uGP+TYQ^jDs~V~3 z0(iqg8o*!vpfLEb5oIeXcKir|$ba6!ncBiG|M)HXo~ zaNNipNDws@!SrTBl^kRv9ANq|ceSoOq0ZZFba@+MXep?feg<{p`I*gcwzsG^lB?Rh z(uqUtcOK@Ol-xUt`tqbvr0(p7IQk>Nt6Z*|>2F>}gN$V@Hwf+VsuK|vJ2uPLn9;c$~W@yl_1(SUGev-dpB2G~h=dx7ML#q|HfgMD7fep0J z-OiMfLR)~^R!OGhr4f(auD_4?gL zO^Tt3WOefh7WRUP>79scw>Bgzn!xd7vSqne(Kmp)2;~R|guXL;rd}o#&Q|T^fe-F_ zd!GK6ovmOOJz!`AGOz2mC3e<$Q)6jsjBCA`?IQIEd{NBckl;bb`r~oG>Z|(mjDU|5 z#=sNeH^QemQUn{m4pecEB}p;Zaxkgh+o!72`Ls( nyAllHB1dROVf?hmf^Dy88 zv(T)3w&mNT9+`qual6>ZU8{n}PA6=j55Vpk=n|}5@J%8*2jGj;!cB z4BQ4r_Do=|ifC@F-Ci$1D(&crEgLx>!I}}PA#6zu2wdm^6F`qhBi?tI^t{QAxYQ)S z!Ja|@u}V?4YHL!X%OVMEOqAR3>G4jT`;ApblS%dGA74__@Je{@q;|e-VG@_qm!fi~ z=X|&XUneQ6WZwYCud0-l%RB;A>Q9(Q-4kYTww$Sd1`2g2gBzN;b;8`tKFNIv^4qsG z+GsG5-E}pP3t4Ad-yM=2X>iATBTdWiDw{wuXvBsj%y2|sSK2Z)F+(E7aj`B4KHA{N zZPS%5S70~rG1oT3{Ja-a-jvsd_jn%c(RLP*^0p|NE4x%lY5JVMPIBj+GJMc3Ugu^R zQ_;C$T>iwv_U7JFoUGX$a$8JawTPwd#xC^@)K1X9{<;^-oQE6v*k~In>e;>*9gDBv z{biG<;A-A#)QHhGb~pR>6S?VS=Y~9(46@`g7}=^2%Z>Cv-L0tvcxT~Cd%`0sC1+yE zTpX`e{1?W?E10_GJ6gZZixsBJGV=0x?q^1IH>c`uS764x(em8LI0w+{3_!Tc4{P^& zvE?kGXVQVZ@j4itwB)ul*(VNfd;PXF_84k*TQNJ#h(2xoilu_d{g` z-f+zl4jPDB(p}1k;wcv+hsF);FCUN}YI!Qvu5??dz@aSUj2IE2G5D0pD19%fd!^&Y zFTc3P0i11VB%1!s?yv02bN8D}L~w?AzW=b!4aZ_3=~?C{sm#$*U-s--TGCBGOII-mL! zCS|K_8T_kxA1fk3TLrL-toP+xX+;inqh_D7J7&&Uxj32=QwyDjWNbUcpL01=Wo<}9 zK{El!5ia`nik-kj|4LablxI_#Z}skwas3=#1^H~P?PEiJIjs$BBN>_@AuJe!+fGwz zVl0g&<58|0`24SDas5j+Mmym?p~Tn?`9|zPHe9kq&X@%ssB0w!9@N_*$gQMsd3jK9 zBEKw>SD1f!aVS*8$nB1uJ!02|!4!qX9^AOiV|B5DfJKV?L4BUG^N~l6nAK-Bck>cm z^OE{Ib0_W7Z%{_xmIg=+a&;|UuxiOuke(j)2rS+&xJwIn#N?OB7V^Fc1555QUEN_X zRw2POx$y@k-EYT(GWM?K0!WKJ1ueiBA6mM*jf<+C_v-WLFKyeV@4aQF9~t-olTR=> zv8glTyxgA70_S7$ne#DoO~Y|&$F=3sLZ!%YU}LWv8*0Ty%?;S1G`>Hx_#duYrw zA|?2w$Tv`Vl!l%jqCJRPx2s29L=(Ip=iKNUxn4nTwH^FwoJ6VB=tlV{89h5EN{vnM zUF1b67A*JnUsVr`M4nDj*$8A(219%SaLvfP!%ZVhHyUBzMmI6r$M7l+D*}RrqLeSh zGIwEhG{HYrNd_aUb%Zn!Nj8Qp5RFgvrami`r;KJnBvUn<(*%-LPC6;f6_mO1@Vhow zHkWkIXH>nZ-n}6ic?U@5%IZ%ykE73mJ0TlkZmNdak*E0#%elc!c!q$momKdw`T?Q?JQ$^G)3mBLHm9D7>Qx+T!_?aQ+M4tPDM)58)wS zdtYosr0PM}IfK`v-G1SgvGhYT{L#Lgx!E?aiC!P0U5C$!jUF^QBHaXQ+0i8e+8aGu zdRY}P;5uC**Bl`4;{=SfJxn&>Z;o@VSJl}gC6sVij%43(`F%s;%O4U4{ib%$>5qUy z>ufMbkW6{hGTm*-C)_BJ7E15f8_eF_ZYkAof%)ncR~CwsPf*pkaAhNgnXE%^p%x2Y ze2hHZ7ATLdIu7JtGt4us$h#P`u%QW*not0g^UR|og~~A?%?;52+93=(F2x3R&(byx zv}wHT$&PT*3kB!LV3EGsRlPVI7lqp!5j%bDZH(!OryS*Gw5WHnRFHTcMxdYQ5*{vWtuTXh%lj zJ}1ZK+*FT}I6TZD8B*Mk1`kT)YkWRD`6n<~4$YTCr(jd2N|#mZ4%n&QyoJ6jq{d)v zx<8=lIJ$CnE8~ks^Igie)3#T=4=LWg=Z({R+7rL~bIzye=%aWEAzAOTYx^mtFHZfD z_U^@{_DVC6i$V|m-rcH?1yTHia1+1I&<=i5XGfnszT##6Jf)xuPnubha=J5#`^Ek$ zMMZ!GXkqyvft#uS7wu%yW_QdvLO@ zr&SwbwroH$YMuvDyU$L~qFVUtR1Ch<1fQqPcAPyDdCt?qLMT|z=xX!MY;yM#Z3Qh- zy9iE(l6*m5U+eJ9{s${y@YjUQ3k;z6gh=0oJ3AaGG0ix zI!Td@%vaqCwQs%+hFDDrr`h#+*p5#QOv#!n3bZ3Tg6688`#df^JgB?q)ZRZ=tDteJ zy+2v}8vepW3UU`ub@a}u_r{DHA+BeDxL6&N8uJs%A{_U-7EHJL9XoonyG8eqjninY zu41@_zO;R@TL;OG{|mvk8uj`(=zlm0#&Xhc1l-3!6PeD&y$r~s%Ud{&k|&2srr()K zbPR<@F^|bO`2;B}iHeWZs8YMU<1e-8$dh!vvuxAt-z;4c^vr95U67lnNB^|{N$aN@ ziMjr@2nPO_^^IbM+eh@_3Xje|ZZRJnyeO)(5$CJ1F2K$14+*dOcHbToCB;?d zO@5f~(}caZICl?+l+W2~sEggRb9khiAjrM_d8stJl>+ldVDcT{uolf`*0QMu?_EAg z$aPWapnQJnK=esfF|fAITkPe#zMQZB6v4*!%h_T;4#hwT5|we$S=T^BdaR<*WB`}b z^WJ{~tCXbSvX^d*Cuh9nngXB4Mz(ShI21%5YH6NO1v11;G2nGQv9d8WR&hRsnaOAW z^HTrb`Tf7zcLNG)u&4nAty|Z$Uk)JEQI*+xcb$@Yu{^(>w{dhfUMEPrMu>q#;|(yQ zFO;O=tQr#64enx5u`W_{-avl7qblK;Igd1-*{(w`yNP$VZ2(W9uYw|xpTNS+M%e}P$3DMQAN&@%iRz}|Alf93 zWL+pJDJc#cjj(O;yk%QQ?&hYseZ0#zKLsJqB>2bj z{AZdM+72#ohs+k!7ZHG9Tyecm%$rLMeB_^pSoJqNv2AOoF_`4DWLx=NO-`yv@~2lh zeO+!B*+O$E3_4{rCI%OZT>{bcSYAmDZ=xj0<1`0$abP4K)D zLXRRK&HQJKS2K%>7du^VJHowebfwXaFp&C`6tOiU7OB?Q)&u?4^##aHs3!E}JDVQX%#Be|~#;A$U7Qy;>I%ZVzS3%?+JJVats+ zCS^DS@jg*h$vwyVSLv=Nudzvpd^>nQs^;bTdZ3oeR}=%PvxZ_4q71oJX_-y8mRPZk$W=hTB=DrO_+V@t%>SXL%D`q^8dYmF)K7v zY!B@%u6dC4T3vW+oO3xXMY8c0vIijTTh8z>85^f}o-kqZhs)nc`jPtQ#+lTTPq~6j z?F;jIb2%pc#cs~aa`PcL`TtJ%{ov3|UGG+kg#j}7Vui(%%Vw+-&SR6uxYO}Dwduy4 z(=CaPH*DFm>AxMm9ojxM#V6WZCT4J?ANAf5ZeHeNle@pGKIFeo52}PR%g!;KZ+!@M zFPdlT^f1tCY}|v4+_<55C7**`~J{?)_HR)cNzL5 zy$nUytX^b#CLC2NxN}6MSZ;vl6&B_lG0)M2N#G-1pb5kf=RRs{1$l2`c@OQ` zdAgy`gcJTvotCe_yZ5o5k2r!0}NcM$llUYQ>F zQ;K|}?sceXVaWMCiEm+~-R+wUO~Rs9KJdAQKPmJ9;`vwDj_#RnVxdwa%Ed(Ad9e*Y zt3SsYXt0ZSp$OI8zPzxMbMVAxso>8A%Z#HDL3`3rQUS<5ogEhKF?A6Ol9!+(HcB1n%R?MZ|PxC`mF3b5W zt`9Z1B?r&kXgNHlWflghI3%Bt2k>FM{rX{kY3 z?C;99CzcOf?EkjENufi&MZ|r)^U4j)&B)}=*4E(RpisuIv!Da3(u)Uod?KZ#XPN_z zuCVhi7n}F!Fo_ObuESN#tvcH{$Mm!E=exYE zCqA@oo9MrPKIAXN3&i52jEFzmg(y^@0m0s5 zi_QK&g)6}Hk3`Z!i)I-&2@;TT=Vb<~Q?N^R4P!2cz|FZ`vi>&AL+D=7h;^t*BX5(+ zB*S!*b;}Dq+d?|ggc{;8<}$XIRBG#>Y3LGmy8()r&p4t*L&vYg@6ev=8roLdT2^=o zNuZb2*Z=0FA(n;Tx`Wm3$H70Fqg zt*P^?UVSuS@vT4;U1dUD0V&wNEb$!iJU+~e$RkZr~QVO z?O|FoC`ljBEA;{;?To=M>eoz~qwxEJfd~!NpkL|Ig9eqAoZBrgu*#EaGn6HwAn+P; z+m2p)-t!=sHefNJVSO-E`5~})FVAgiH$davI5jlKR{ z^8djbEXRPH-%=hRq=5EMH1d+;(c6wiY)j4x33)6rQ2ls__8dps$%xfAYeU0L{dc|l zKJk2#Kh3IKAPt_szcf2UH_CC$?6^k&v& zcr&+Ei^Nxa6Piz19qgAZ#o@#X)55}4$u&y4292p%p}RYO4c#F zi3*EVKKeg45B?NI50GBs*P2AfDzUN3l*0w&dY^7K1wMzB9CkJOQp+D$WB;x z)S_#6)e~}zlTsFzFp+gafYol>^HmjGY4DlBh+^S9w%noJ)IQg0t@N0W$<6Z0__2xA zGr6;4uGO!rs=IUU{IbNMm7P zfr%ZV3^=D;JGips8iUWNisXs8c|zdA>fc2Pf{qj9eb3NfTQaftm``n1j=;RHwqI>SkwTNJ!bV?!Z#y z()7(xmtd?62Mi{zj|$gOEcaf=c`iMD7h<}lS0ySoODbe1msa83mjwlir#(5I(T@py zA=m{;D~SaEIqdHS``nNLvg|&S(hmHxtG!ico@qs8q^irq+p(2*4DKh9bxph9ibCa?%Tp& z81ynZS#*{|=J2qJ=i}1S(wjGLo}oe3za&()CWrql-TU_bX|D9$xi`En4WOw&bp^EF zAY!25eAew*B^dh=;6r9g;o+16#W~8X^zzH(sRW}>zIn4PCO#=JEN1lb7t=J;AFoDp zFO?0V)!OHANXk>YX3=LKFRZh>g#nez?}+E#9^v8P2}DdLaAv!b9qgc!(|k`g(wyq! zovg2=M3J> ziF&hn0nEH>N#|=cK=zb+B@{K~*!H}kFEayLLerWmwUFXu)%I?`pHa&pvrj?VfrLko z9>pgndc3YmVgH%2jE`={Ai>ONb4+{__ z1sFq)NHKOGt@gi2{Qbvo|C73X18KQRvAbhHRYhU{t^@Yg>>>yWRO#fi04+fs*G=L%gw;!P~*0E}?|ETF~ z1BAzpt$$AQR;V;z$SDG1Tvd_Vs^@cq9@=x)((07cSnF@r{L z3xnpK*?t<$oj)oc8?!Y@^E|9_`accsM=c@*Sl<^)vkrEbAovkJ!JoV_O*t}HgiEZy6mTp-gqWv;?{1NMAY{!hOj$|mN~+$P0tmkUuaE&Hc~ zgF6M*XC&WM255AI2cidM(7i0B>SuOhIq{h!1`?|YQ`+JIPyYra{v^7-X~FNr@&<~< zIpGT|2e`SpZD(FtUUVyT`f{nZp+UPzSZTgOqq_@6F}%7A(uXTw>^IG4FJTsf%HPsU zlGh4+^h>%?fC??|5#4y&k|G2&9ngybO1x@1`MPrt0S}5q0T}wdDQm0>TeYcdw4nsuD4SL;O5<+ju|`~IKTwtp3ngbSs+_XI3A{P} z*}c%=u;JA%y%+gJ>4JSYrJ3>-m_5&O<~W9+oZ4^oCx-p`0)AjsWmlS~Y%K(g zHH!S1D0rRlXjTzf({gCyn5X%cCjH5V!3N^!>pYJB}sRhm~TJ5361}D8Gcm)Ko8MwmpAC&q-!NiJP508Jp zN9dR?MWK|DV46-km?hPqvar;9jDRqRy2w5k*v|8$x?R@eVt@Igg}JY-HewL=J*17c z+bzxA02F{%Z*)ouEc+`_vw8Ac_-!5gRIfD5zNSU~%&t+|gd1}q?xha5+;Rvlg&7(=C{Wu zBzwh{mNtkP$ET+HZ09=-lE_pYq`CX6@n_A}lSWn^sC)tF+6q--?`D?!?E4V%d57g#uvtsES0}}VUAg&SO=E3r_`G}RBJz%l+|N3F|0h8Px^c(G-@zqx0UQ~9c^uG zk~(T?YO9RTIiTULSRXmcO*z+p)vkKr`j<;?yc+ToC*LGmPF70UjPLZDznp4V&zBZz zjl0o#j{6~MT&BKl$i53%i^6_L9QuP8my)-)z-|nbuT=OEJ~`pT5#>#-M}wyz`Ql9B zRb-cT8(-uc7!^4a>Z({DY-eXz+~|>_>hDX84IRq2^Kx-H7*}=U5AQ(w&`^=LW9ej4drfDYt;xs7IiFwfnT)4LyZ0UVojL0h%jPjczLdhaB5Isq z)7;tHYSiiGrV}O2ZK$xAB!NAiN}$dme9Q~}P#Qd}M)gLuTv|UZhZL6GWvk*-1B*Ra z9NbjF)}r1-GQSR7Pfsg z?m!ugtWBdr*RcXHr&?A5I7S;uXbTD9P;zx1VoN#<;W3W4MGG?{(Iz8J@lPIKh(3Kv zOG``mU8vn~kz zSCsI2$iVwgy1lHKCJ)^mF;|+(P8g_5<=?tEV?&1Pd_AJ|hZJY1=OS6j^`*#YsOa6W zp(QK0+2IPd*JIoqIB*o0FSA6m&|5h4W`sm_Fyr<(xhb>BYO{ze_7>6E!s8>X`ao;7 zbT_RCT^PBvw3FBMtD^0Kc>Mx*;P@sNdna|w zr&yyQ#&@kBB8Gei+6O+Jw=by%)`p!~{@AP>=3eg5jGsN5!BnoULt|GNnC<-vgw^~b z7wmMTJFI$s2fYX^26>9rDXv4Nfhr{L!XeoVnj0(pgP}GbQ4CFx`>IKe&BsgB%ka<0 zzqPw^6$n)AxO<&qAfsNeHb=}K~I zRwMF;jBQfD%c9y8I67Q90|Ek4Qr_kMjzH1gte@JpFD;auRwJnBc*>6HOYFdyL9?>l zs3N79S>Z$FJmaW3 z8G#umJ(LB;CNo`vf~ZmNpv`4wW}Y%PH$NgRjif<~)~1E%_sC`~w^eyc|huM-^P9#?B9> zwacYpKzr%8LusM6mWL$rdb@pMWb5q4uZ9hM*mfkX-DnV{doc49-84x58gW{S9-{1k zi-*v=xNXHmi$Q4%gT*R$Zgz4jJUEor-q658g#{7B?W=0!@0SlDg55S$9|1WX2mTpp zy0O_AizMFd>|stfMimftol^2OPwMvIk)I-Y0}T+je9BO?2>7<{{+->QB!3IDG?q3P zzaU{g+ft=0J38A5r}9glvK~)^D}sL!F`+~9&!eUa3FQ0~#^NDyRrfFWbbmCh$5`PVWRm&GdD8(48lG=vEV3*Q(;xN(VY1p%)TH^0SU6#0P z#{vsDKsRbtg-BN$Vn?pQwZ`eNiho>Fih+6Xkl{99^`}IW^7l`>NGhRU0`rRT6h33E zDicZq2XW1%8q79AUxWtPmuOx1mJ9cfvI)BK4CPvC?04`2rhtA+r7P@tD!H4x;p*EP zs?C0)qM}%POLfIy;&H55bx2COJ2yhtc~-)Wi&^mex%_5S0r6#5C+e)b5w_5cGVjLe zHd8=~p(=s`ZSdFkUk}auWj@y-5#J8UEDvBiSv8jXrJr>oNt!k!C#P|l=hZ+!RXC~M zou8E>o)HZf-4Z$~)>?IH+(pBAcATQ92Z}~|GC1S#*ZV5{Iq?~bii`B4h(fLkiB_UY zIx)$9%huDtf<9ysv6f7fZGoZa(PITQ5_{nXPG^7kBfYi2_aDy1g@FZ3V1a#%oqJCJ z2-UiMG06fb?e2S8W~WU)ZW)k1N7Z_~=%e=e_krs7ic*vGn;Wm?d}h$QtNa8i5E*gL{&npYem7x+j3C41xi4%-llpP2OFonjLKDZsiSpq# zD0suF=_pBqs3)Msa_3CM&2eG$M-}vUAA*t;-?uxiI-6HE_Yl+(i@r;nhn!?iKn}(r z1%y|l@M}fLPmZb^%tCs`q&TM3r*TFOF{X2-YzyYlDTH8Q+c2f7x=SO4Lmddf#*5)?UpaPo#Rw12_e29 zIV23ySHJ+cGq?E-)KFqL^|$ZATp-iV>P7{j2~Y-=-%*fAd{+15EpVvuV4@bGQprT_ z-@U8CP)Yh7T-|v<8;5RyukB$D`Qboln4!cPx)B7^DE%1Q=oxjO_0g`tm9n_+@DC6E z?Pc!PJPb~LADjiMN-6pZP$=UvXZ#P}Yu)^Gd&?M4lX~;B&4`Bxf*PRMtv;ag=4+0= z|Gyj^v}g|K>f;?Bfk#bMTquSzh^Nj8f-0bDiSFgHASK$WF%-5%|q9P!96W zfv9y%{!u;%cAqQ6339p6!eB06vfuqIbqHF1qxQ;+QNCzG0a#p;#g;KPSxx=H`Krn5 zI=Zz(HKSnMYtQgQ9SC(cakBv9=CN|zi4vmny80-uRL#0Adk?Ct_2 z_Q1Yg_9JIowMsbzuErfDF9k5RxB@lM9$i0WyseJ3Fq(n$1SYIl&yiIhP(%^Y_?i0` z88qRVayH2MPJX4yw3-X>!xH{R8XNn9mE3$k|n&pQN=(A7@&W7ii5O&`RN_>%j+~oN|gFf3l30i5Z0B-2}vSndVf`e{}F{UxqkdOy_rA{47=o=^pfxr z7rFmP8#e1*85Soe&8mwtO&z*xb3N!*s%p)&zx@ctSt3{vA4{D;`1qD^B4)^b!HE(` z>gr-Wi_0{z+EGO0F*~mm*wCP$9Ns``>G4s4!{I*IXDQ}mZJ7o=_3(3HN7F64^11!y z>+!@4QfC6ncRx#eGg&o07sVmpjPh@&BfLQY3%Xp!v427^Vo*Zc@U@tE0OwsG1b$1~ zx{d~STQk6;hj{PyLE04R$rod{)8dEY(m*?d0s+n@bse428W`|A9ej!FL?#seVL8tD zI=Ga?+UdL))=E8mJ7k1hq3Gm(P@=KcrEtE*GSStwW-C*9QINhHvHyOiM&(J(o(IhW+aJVQW5N_yVfzC ze^x(#{1s_7$Go*uqrbercf@K4D4zfdXTrB+wI7J#ClTQb&Er~`7#jsj%bHEsKC3)L z574Uq<20CFV$e&1)v-_Q<2ig7a_fe^mKwRYkK|d^v9MeS^CeFPBZGw zO1h0N#VvQ{Ct8#2-7(GQ;F(!jv7N-uMydHlP0;xQ!%Si7>tq})n*SJ<|_VEF2rDz^=5s*0x z6h8V~%(nK~q9~xtyIzl^>fbsXi}Zaby`Xs_X=tGSeItk&Ffb16Y#B?`vWUgU3>W}0 z@a9EfZf|!AF7X7x@~{zU$#5}7tQ5$RivzxRU{UUtq%$ygnz4^Ku?=ubQUyjwEKfKj zBm{G|d^(r7i6E+J}~XPOc%}j3KQ5Ps`P9 zc`t39H6k7u{dyQAS-rrgPVU{+ct$LN`}em46tZ){G&oMRWl!z3iuEV*S{3$ZARjIR zqz7uiJg$+$tEd3FRbbanf|ePGKzt1>{Ub(oX$fFr@z&#ShU&*snTLR}S!x<+&}Pqh z*lWD=RwhcPsQ{)4{0BF@t-!T~$2P0eT9H~&;|)BIFwIt9zBtn&7UeRmQd&PG<~9Wu zXyxC}ZYAoqk;dR=ac7-?EanM!lnA#qk~Ex8&``lx+8PaXx-7R+woNw%=h_v%O-ND# zIE(VY85$qjG|LpWEY0q%K~SUA8AZx#bYq8M}tbL-~+WDRUeMXD57& zuIPHMGhWlLNeW5$2*Y>-J;h_-De>@0292vk_=QQb*mz-KSy;uChQf^Yr${BGo zl`pyQ0R)YCM!0%b8r;bTjBW8s?Ql3TJX&Y30i>zQZt4AduS`Xt#?>0(ld6KTxL2uI z|63{3D9fg#q3tczeTJrQq?bDV_NieoB5{^y@iHz8(}dY>HQ4_@InxW;g^b=2dP(>~ zKO$gHVjQLPOBX&V<3Y)T<}XMrV=B`3NPR-=2~QA=c*dgy>&VHOep|&C$cU{7Bb@LX zlAP^wTVBzz*W9_Y+TTJ3DHD>(UchZUKb7Bj0h$iC4QOpYm)Ax^$~Ft*fT_nMXguzF!B}8KKlgbQp+S4xG>#M;YB1z7fVqah>MlePZJ}qHn;Mzs+xc zVdQ+6GX+?&<-;xQ5;8t^Mbb;T6skH^WobwC2zeRPKn@5^UdM&W7>xAaNp zIUj^kI!Sy(ly-%aVHD|lg@&sbqap1k;I3>A|7Xts&Mhy1u>hM7^FIrzrrUr@?=kED zKyCNg%8|y>`)?cqC%JWmaVP#ht4NKJbl+1#j@KnG@a4u`nO^@M8D)inVw>D=LL6HT z8Gi-*)d1LkX9qNyfd%wA(U$S8NlAlI@Qt1)Kn*u{NMxKEl&C+AKlAWk7zYRjG{EI4 z*cA!!zmd_iI#HT{#mjOZARgMQkzm?zQ_#N5d7&{K3Czx;=Gb-EdndqB4&!PM0wLqe z4h}2tP{`3FD@4QVc*|fmduFq;$1WP4AqyA$qpbzO4-0|ew1gc>yZhEy zN}7#SC0j-XiU=pLA263(`m7>;L+^mf)zK$3slMOrKYrM)0{JSCSqjYU5&8RMn>%>Y zEzMzljSZ)ldNW>K8-949-T4d*&#__v-3O?G`$#zL8h-(xSM+rt*uD5)5_HSx){wGX?*<)?@J(DgW(;EA^wIK#ETytSp+rq>M{s@|AY>fagtFr)My%W9<<- z@FfJO3$qu2HnGYVnox(m7?jkCTlOVT>kRuW4gXDn03(n>Ll0uY1+I>E2Xf^R)|S)uOoOX!b#)0qV-4k3!JuB;bzS zNdoJD(kv&VcB2W^Bts6lPTg9Y_x3&Jard(GjmAh}ymIxs@c=nN1LF{ z`9f}9;^iN@3`Mno&6Tia^MLg{0^$WZhgbgLB>uXB?{@)-m#Z|BJS~KUhHdF%t)Xze z!ijQ`SJx^ZDwGn3J6J;5B7H%yK}+muDc?c-t)!J~p&F8t?{0KTpvQ^iZ7BJ*Rs@Kulr#E^X%oI zP5?CIAH3>fdHzyUgU^#%24a`B)uO^c8LsJ)O!c#^ZtTzRk2ZW}bgAbc!+2saOs_xrW`9zPK*;VJ8=F&V{GTShOX z)We+$EH%}wJr#Q>@d><=X#;-_nI?df{&C3kixhAnLlIt;fHX9Pz~LXS2nqZb-i4^h z4V_1WkXycOZg*f28zy2UKl$`#(4A{O6Z(-0cdSseiw5J3-eD{klw!NQvFaJidxl9$ zd;^)=Af*E8M!*n)pWGr~`*!%#kQ5Pm0haXgM)kkr^*_oBl|g4p?ke_E1H=08l-s>@ zT~9C*DkP4=c{J0hvGOMuq^}_wydt?lcq%XjJ3|}Bte(NvpO^I~JwQ{LtN%aIgT8V0 zQYVAS0GG&}l-r+jefo|d+AD2JnpnF=;Z|dS2OCtgdyhn}aDngtPeRl;M)q_w^U3PN z-y9l>kehs9Ly|-248-0n9GPxu%uOFppAi)|d+)M@GheyaX&`7u9*Q7gJh)* z=0~BA10BnDwkZ!{n17)DZ+`+1rB^HsHB!4mgV%aIeNKOz_L-KG0_AoIsumU|pJaSy zjo$pakVCW9eX_v?G-y$ z{2131Hp~qtnmpTVhfFdGSZJXPziny72>X%hQ*n~WlV#C5eMgKMvWtUgNPSXGD}7MP z|7=IU<~%oWHQ7vrkMzzV*TT+?ny zLze%~VEc_NA>H|cT}pv{4Xe~S7mXu46BP|p)Wa!U+rP0GqmwlgbeTn=5Uc+He$GPq zZokUv;cht+vH?qkD3OkyATE>QVrDITb{E`r)XKnr>gsnnGeONgmw_cd4OZa^b{c&m z80m?OKS?IkGBhj@T zUI%f>Z|MbI8nSU$tlWUgXq!y@+tXqWyDf%Q%DiWMO8aRkvLqS6Pt%+v_EB1zZ0mM5 zCWUFuPodIcAmfKSHN}W`%3DE-waKMF*u4AR6y67Uz|NC;5%MK#ATTS$d`R`Afz3>9AT(#-Jqc;vNP6@BeUB5=t?tEp)??q z(P;H`RJ@f(Lo!)a{hL&#y=rJ(^^U`Sl1U41?fUsdy2;Ypuz~pR%8{Bg2Qk)`GlcE( zst%PVIas~FN0U$kBk3HTrO@&`hT~-fSwBO?$Do=A=<1$?gy6r_6WU^Xxw$cNL`%9j z%iM-%hr!1Nk5?0qtK5&cyF+R`$_5(i`h!WbcK3fVq^2SSCIk#*0G1%#MRpyUQK)q& z7NqSokluSbd@}kTV(QGj91Z#T8+lXj>Mt7D3wrYMy6<|6BKh{hQ&aTgJ`(S0bb$i3 zzYUMpXzk{O@(PgLJ_kLyZIa3vYyc{IH8gmNW{GmukX{mkyWe{>{QU~o$YSM7^t~X) zy@fGWt_)~>4nBd1poMGiagx~s&VQ5)c7xE@bDt|2W+iwqVB3tx@do75Rq+ayvVLmg zHXxV&*;C^1BS(0rFQf%I%z)CrrubXcYQYjj9Z^i^m%k&jQ;m4I)eia?wCha`U#+j% zp$@lsyuHV~&))F)O0mX+q7?l#>-y_nz;@OUnGi2J4;X35HU*>)o9u@;@;{@2ViIo~ zmsK#&eT^zBe-5i~Bpd%OU;t+qGt6s`=5<(J#NNvVnPeWk84tTQ^bd zgEYm(pN7p(|G{w<;7zT>$mjib*EaI5@+H~0;SNNR} zgrby>fffYwn~K^3Zix@~@-oI_Vd8GTfge22p`^%o^z&VZ!I$pWJM$c<9@X*9cUd z=d_r2A36X8-Nz5G3u|}Y%YW!a5iF(9I2A@7)&81AN?eMVGBF={qd0P)RIH_nt`d^X z+P+|UG~BVtf3fBF_5AdKRZJ6Tw^vy%OOu1TcN_~1HUy|7^k0LixKjGu38x^oaUaS=-LyR z+81iLii12L%a=Hfb0QS!ibuf zKVA?dfkIey zYj}}TWK4yvAPuY-3ZXmgCks`qt6nOUB2#ktWO?$1Niyf>FI*^e3xr?$9cZnntza)z zUu#~hBPT6c`4~0!RwLSOq8zaU1J@qo&a|c4{1gNr^-o%MhTIXQhCe!hUU_yfs^$~4`qC$S0W2Kz~EIlsyHP)m+mj$0p?DxfEhH%`4QCDgI|&92X>F5q6Vhau$7NG z5{I8h*#e2eg4zW?;iE9xktYQh)x~)6O@ddgc?YlLO!V)wVYSeU(?S8LQ(NmIUrR$j z3IO2QsOPU>qKCQ77qm7-JNjv`Vu z1~3PRD#2)Wy%Jr+9GdCSauJj-xIx`nqzvi^kK?H$=W^4^=8`pBWU>?%mr_U;D(9cZ z^VZvx5n@}H|Cm{fd^Xhv-R)gvAn(>S=^Lm7kir|lkC)>l5Ws(E!@Z63cvKP6riEyoVUG`3+ z!yPT8mW2S0jL!wG0}?B5S%89JC)SY0-_!FZs&zz~e&5xSKQs8)Kn|{#YFnxjeQiNy zfjd+UNoe4g%oOhrQ&|kh{{|iPAmserwl==_51Q(Qk8&ZJ0P508W7R`nf$UU}zpA4s zr?paivsHIDPzzaESzyq*XMcY`hopt}5ht8 z@Ch`}^n62Uwg1?3;u*(gmMssIa~}Af+i_S`Ao!fXl+k#p0&y$66*cQJj!(+e@e3Ys ziRhYgG_31uCxsd*L>A<)l?{JS9E}2pKq$EJuDZnKlVvvKsn0Vg;!!2WS*uEmg3^!P zUQY@gtuKGmkjv6J!!0+9rav8L&FY%7=Ej(FpvlZUvKR5CA)MH z2;Az`)wNg~qc<6_$y+uyJ|JGz(6vZ~y>emaYBvdp!_cpw?ox#8*~-E8If89-J!Y`( zrrbny!U!BP+C&*BYVX9BKjkzd_CO*$53*O!{}XGjIdN^DqWG0U%{o(Yx|LD(nTam> z`L=0=N`8_1B6~%aEN86rV`c=tmj6H2zB(?dt^50mpn@%>C}1NkQqp4}3KB|5qe#Ob zHACZA2neW1w{(NV07I#SNU3xTAP7Uw(9Q7M2T`eeAK%aCeg1j4csOV8wO8-8zH8pE zy8)9mt94`lH*cD14&r5{;{e~oY8N^poeSch+E9`BlswP^6|d!;1_w0>EJ>_sYX3Zt zUn^C|_d~RItnH*(Xj~NQ(KP=spe!*loFU&t$Q{C(KfvWB;f%D##NPH=XQe+|+w}nEl;Z-5p898r z*}rIs-wS%deEyy`f9?hH?&+DCSkZ+Uf>%dJM?Dky=-Eyw%|ld;^mWY-DGtn{g&5o% z7xur2dOh9PXH#n%`{q9A!aDZ^cBn*Ju%C~YH<~2R)YLRy7L?AgBqd_tC*D-AwW_E^ zGK;;#`zA+RvFMN^Tn`?oyUXTvbpXbrTG9}62PiRqOUL$la1AWlzm3qnH{JB(`~_Q? zT)U~kJ6T4Gkl&Pzur5vDu6Z6CYR5v|yi|ZJ5}GP9^zLNplv);WIRn*fz)GP`!>U{7 z{vujBA5#np1y8>WayoJzYsydGT|N9xs84dofpd|?d&P*l`I)B5H(2~d94*ux8pqD4 zRGuWIIPnr68U%)bL|{SN&7vrMV}l0zz_-4&Oa^lz0X6F04b#a57v}k#_;F8<#ZUB8WBY`}-u<{-CXZ0&PeYJ_B;_yf*mwJ?*>< zcpe5ctl-~C(&pg4>+6hobNWVA^_Ew8aQo4#yv|~~d|V4YEy^F&2zm(p5kMf2V0<1>{7tXteWvqz+WY}$ zx&4EVbXCL2BX_;g((dV_A0r@_-=2QDSkuB(@<>Hq>YcCnE~?wdxx<5w{9ykWpcVWG}d#( zAB3T`AP(sPm$=V$nL?;C^lN3Lvw#AgZM1HJ+V1b=q+ohfYI(ttoQnmXjlfj$UrZeb(v4{@4A^K!?+YS-mgd`hsSiZXcUYN;MQ5ZtkD0HqKxW3q{?Kz^a)Q zO!4{=zcLcP8|Mw5)nT;hLj6)3bhQ>Kz_Wn0Kp_K|*SMCS|3!b?XNRychE(>RmP3*3 z7s+CF8ts~YtAxOR7B~OgEg-J(@y7-pg*j6EpllXtUQ(EBUmzZCF0#CtU&btTuUnw0 zw_XDsVJ&I3SSBW+gX`wP)gpmf2@%k_#&##|IFuerR7!ShY;0`0iLsx-=kx^{cfWP# zpc^g@BDAJJP51F&W zG8~`VH{Vx*RZCCqvr6`G-0xsh^#wlkRw}Z$Un&Ei67no}lgel8I zs9rD!lsxvBn%S#?(os@dG`!^y!KPg3wzcq7z5Lk7P^wpD=K`2Y@;dm1IN%uwAdPFK zulzTc{>u;NJi(*p0Q)t9BnVCLH0wy`+p&W}P5a7~5?vg-7r=s|M%>F-8?LQv+v&_p zGe~d-GBE`GFjt~71LN1M2wjWQVUIM~y+yg1mwy z7fv@fZeR3%r6ozf|C6}cMLsa=Tp(0RV{Pfc3JE?*h93acNtX+}oX$+AF6$``dGf?r zf7Shp=ysV1{8$Qc*m*GiAw}pf^gV#g0MU=75(|4c>`-fg?o^L0vQ=7eNHa(B4*H>l z4$B7K(I!P*28#U5YdB`1N$aR%E%q4KgY!Z&&&mt}oNr}vEy< zB%Xc~@i+N%Swfnus%o{y<9pW3L2i#MV zQh-@CsUly{O#4gqT=J9%+?B(%i~dCz3KEff?n{ zJ-TuOWeep8J{7raxXf9f6H$Zp3;kn%4;l-J5$Y07w=(+6Ye_S-GslRB^Sf9`y_I9lg4mpQ|ASg@5Psob^&M5;GenJeq zP5)!7(8@nU#efXRL?u+QVpE5A!g!BgunJiN%f=zlan>Nis48}M0W?z;8v_zyssAS_ z!J?oF_t1>nhO0ys*g$`61t^Z+1=cYr3j${9gvxX~GURO`PuzWv z$vP7awtSokWd+78q4^Pn4th`s#bw%>8Qgb%rOzZm>NrT>AdwPUT3WytFDr4Sj0AWg zpdj&WdU|>uU!>}W75-72zYiSd0c5@rK*4pas?v=}cHyI-g_3_RiUeaneN|pZr^=rz za&&jV3Q1Y6g(oJmPESsjpb889g>A>Rp;ih27*fUcH&b9Th`v*J~J~jir7I5N^IA^aP#Sd->^W# z9p2Sk;iZN~lU#C%pxSU|$6pu2$8Y4ZfiC(2`8a_m_eA3RFyJYd&7G91An{6a zW|p+}J1cTsR+R_yTA==#w%l?052gktFF^NubB4ZbLLyv3LSnG#bW$4xYy?gy&wOk7 zUB@9lP-a^N7ZFGS`KsX`bbrG@Gxo&bVOCwTK0Xy&g?@t%B%e-}h*>HQG$ zm<3CMh_)UkO?*aox}GsEU(jsLPCP9Xyg3-yhl{}so^_Ual%F?5bGhYjBKZ$Md}uoA zU+_W*ai;*9_j*MVUPk&YqTLD&5D}$1d)$`tz3BN-U5MpKB!0!9*Zz^4$LX%^H zqXUef+ru(2^J6n*SR}h5V);tJ(tZB9j_}M;sV;$}Av>_gztLli3 zaerRZ+jp7xj{eJ0tg|cNnQNfV&)WE3v@2Lx_$-O6Njn|?@{h4c99CbCdU{0f)}yhK zS-D923qoo0K)cxa@4JvZ_3{bAOl8TYBLv}HlSi9!sFA%oUgamS+t!r%^I6nQ=(@hzk+PXJV`oCBp;WJ#hl^J)czM6Rli6|AM>w zZ%T&yf(;rE@Qg%<18yekm$yd{W`mO843o7yP$!|JNU=Aatou#WAUx+c^JG zBDBPB7OU`S@W#Xf?yOT=NYCbtXF;}4D%OybjCzzr`;ve(DErxXXvaCX)een!TXJpu zhs}>dzYzx>B>RQ5fkfrv-47e=5iFarmEuIe8;uAzM>e^?TWuZ24yq>_zZtelT_Vf> z=Z@T#a`H*4cp@)GcY*;^1cIkDHO5@%50+k9&&$90d{OPB-)e_AL}q^Y z3uSPl-97$}^&hUG?@uRNVAH!{BjgTat@b*{cXXS^(o-@qh$K$)8AxnFwar#$mqHeB z92FVEy4{%p|K8NF+=8N?q`MM~osS*dYu;*}>YgDZ%JTnv{ZU~}?4kUpI&AyQv(T6R zj!$6W2_W1^oS&uA0(usEZ!j=uGoQlXBwG2?p@*M8FMIZE_A#2>E5Jp%%9JE>GnZ~b z9KbnOAAPe?) zn~29*?>%@U2%GKO2e2bQp3TDXxvtz6Zzbj%$Z!tA7I>vCt+oWXv%&cpV)Ng~36Tuo ztfg?ZFPK8x=m6NUSdBX3{)ovJsONn1wq3op1>0@);c&>G5r^^WnnEsOnLsPqW^pjxbzd}f z0bk$+fRd4=i>LOvBZ~&2TARZ){%SABLBj#)HFk7xjGbN2lcy3TZL(Ug+wTAMUW&nY$ae5*j6i#-QE7$hmDbZ6Hnn??qvnjezNRMu zTf~u-o*}DpIF>;ub)MgF=Z0rDocb^7DI|kUG%$pGaED6aP3}%?LFrGL+BrCDu{#-} z40aasMz3cy(oOMTiW!>Op}v)1=#ni8c! zatBB;WunX-x#2@qo5g(-?*l@^=s^)(DoS;y-Jq0|^FFhl0X8rE=WpVmz92gR!-Xo~$nfi5pxuJC zFJ9H2iagp=D8a83{JFk@vU{c@pY5!)L2^zj)n6JmYp^dRTyA_GDcIK;SoTW4(7I2- zswtA3&DGjRd$fFQosVcBT@>CusL7li$&fu~>FB%JWBJ9GYu^&C1UY!Ur$-{YAdz6= zUAZq^`vf2{xkHb=m^)x0=1Na)oxD>Lh*LFUI)=xb>%Z&9e|`IRj9Tvt_|!Bc7E2`u z6xBojn9VLp94l&y)5QHKp4k$Kt%`zQxq8}}VVu|XK>5V4S^%@YH#tArb*-)W`2M1t z9%7K6P%lP}bReKfMqSC=JQE4^ZdW_8*n8|#T~Ot_=@ahz_FUyTZHRq-@B(J6oFFU$ z4vyV9nPn^T{qe?rvCCgrm2h7&V(qfVQBFd$#zD0zlT0D?OGVa=W9F0X1Jt(?PyQtz zY63nS6cO^FU3I88A9$P!s;Fp8OlPKJNin?$9aeZ+=8nx(#rlNne<#W;P-U|PXkyTX z+~J9BcQ&`Th8vNwfJV%(#^@6#UyEHUQIi!qDQjKr)PCFTf4A~MYHtj%G_~_p3O1-8G51IEW{!~? zA@N~ora%1L;QDypLGx+m-97a>I7Ok{{|y?oVlmD^m6!qhi^qMSRDSNy)|YkC12#w# zH(3mqG&_Eh?qpyPUC+A-8CT#6C7CERtY-Mm9BiKa)|WGZU+Dg-CCs3fmv`^@oS*3D z$%c+b8VL>?jo@qx+hEJaqm>Fzb^p_S`UEmt{A$cSgEHXc@Sg3@Ha|^q`lYn?46;^$ zxsP7-41*0&jD%PEJC$n|oyM!{Jnc1jc!>%0_|$77_yLbLycX?IEvGY6A(gdS2kT<3 z_SB@CPq2=SU;yM0|B++_rvOr=Do8+g*!ab&d>GyCdP=M1#_2dk=$StXPx-V|?Tl@o zB@mWB&OVmvRD3n{-{WjiyTHxRwttV@%b39Wk?#+>l+Nk1xte0_cYe&eQZ!TM?fHUQ zs;?~2nv>zsV097;`A~Ki&)yw2USfmKFCt6d+H~h8n=fpa^~^<`ijj8nLla~?7Lqe$ zo=4(jj!w|64sAlU9-8f-N0w1DE>|{Z*~^xi4KJb#1&G8%XG(zRLamiZvYDiR1hyVj z5W)*Wa+dUf$q(Z7S!v7JV7K-i{B$-gNPV=i&eJt|LceT(W0IGa=)|}&Q5aweH9f#T zD1TF*7N01@U~6YNSWcUyN>@&An?t$UNi}%2Ynrj0ny_T1tk3|jb?6x|$1cy6C;X4` zm4ncj6b6|VhH{XW72@FAD!csL1YiNtTQ5)e)fU9`;O~I@wy6TgrLn2D#urke zlSw&4`m(Wtb7!@1DeA{!*+NB9=G0eB8YrIW^Fx=I6^@|q;cD=M%=5}Vn#7%cB{;Dq z*Mvm1_y1)mj36!M3qYr#A$!$ZW)rO0UYct2pO7TU*sU+?VO@)i7HsRtLR?7zRSmpK z+CT%s-v7B z)uj`*sIERSvK*K4mOEjosI!32H^j!F;eSlU%!1|#8Z#M*kwGcN!_lsP*x;827`%Dh zuNXfjL4OdJa)&CJUHZ51)JuZP0fX##F4w-od7mRy(uG0?4hC4B)`1QkvPLTL`ryWK z_iLG=8R12v{+Y=hTzNpHXO$7d@eFHcl`P;%Ftctq;nZ3(qT z0Nw&Ru2ZsP;ckp6Dq(@sKg2V7*kd_TBI_~~SKcYdNYa@*);L?|<&==XZ(s7AyC-77 z`A&nq+<$=rqg0_QgXp?Uzem6*Y@LX(hDICllUH+uh;cim={YWr2l(xbE~6OsylOW$ z$9h|Ae%{o$Oo5RD$l9d)Ue59vqNT>*ybf*E3v^ieX;7k79{jVM5`=<+q$!IZ{JI&z zP{YA)h#pxU!?qAYpIVY1HsiHc_!Jo$MTutKToxdgmHe9spnZx zf>@gUf^?^wx6H+q?ERJa%`))kH>^$V z%ki@vOGEdDSnc1&r*n1WclY1PHb4kSp;re0yaX^Sa0VNWRc-y}Q)}O>eFwVh-SJ;W zPR<>Ly?U>u7hnJ~~QUi7n(Pj!n$Y;d;ud@BA5pbW?Kr&-wFlHvlUH3M&P% ztV}JST33npld0vrNU{J(WmvB>aXc5Q2$Odfw!=?e)Svs{FKByNgdt00C3FST|32}h z+0W4PmvOn%6zYX_<`K(gKWRDei6TmO_AEJD87@xnr?_%zE@j;nc~)cIIk>Z1!_VXyCkiclk|XIlo$AotQIwvEt(J2C1xWUHYGHJL zr{i(N)Fc>O+KHIwGVlJNBG8maEH#aXV}uYR9-h;UcLbfUv1vT8sS0Wdm{8|fWkX5M zmr~mN@%Z714gr%_Iskbf4UYS9V=R_&PN5ySEW2}i9=d&cNui4$6kjY0D3hbG>ZLC> zyWM}d8Ynpww!0-T_h*CrKR%m-S~)(HnFB#Teac5fS53_CDW~Yr>>VDY9f#i@Pi(He zR(sa;fX(1j)5o1c7Sr`$;d*Qu=ebpbg35SP-G6cys(bev0IeZ?m_LXs(h%s&WzF;r z_jiAm1SAe+0y1hDJ{MB(Aod%=e=^++I|-U-(AedxK&P^k1t#azIdr}CF>j6{w`G5) zTOJD5lTyz#=Q!RVkj@TnOpb-nn{wISQ@a@enn(3-+h?Nra9N@5KOH4d>2Eh5t-Z)gZ1P)X$wQ8KW;`4C(sm%?Bb+E<_@5&_sG-6PE{TYjlEBg?XHwqUzeyRx zvUUjk>53u#+TX~Vvg!k24`$|(1X zUF>^;>@?Rgs%rU23il>B54-IzTUhS@Hj6V;r_?$IP;Z@xy+uTm#SToz5l2VIG34^B zN7IW6^hf-e#TXuaey_Nr*sWN_w+v#;hk%PNDTl+D!x&3jj!q-zKL`7^kEIW7v* z)C8Q(AClQ3#d=-_FuVDO+@xu+8{_2{Bb%|r!fi;3Z2Ed34eEx5g>u(|TQ|SL-XFsH z=Bvqdx#VA#1%5PR(Lrcfk7KlqTgGE~rqY=@!}FrU`OF|Q7i^o^yi%~$2lKUr??e&% zTbgJ^3LMk*2}EUQELtqI^Bs4nqha|8n0ueJmm(9}b5IzE+N!$a_)f6+V`+PmIl=$W z|HLR=Z<-FA%P$TQvln#A#+QDO4aU8oYz^$enyJ!o@3+sY3|R%a4kwa+2FO&b`p+Jc zA%+MY89F}=rYp(9G~@HVLD~DAUW=i5_+u_(V(Dk{B-vD?*SlUT#*5`Pa4SxFiQn>p zP<6;-!#9fu%7}LMD;RCsMaij9#TO$JdH@O(GGb*@`~#_0`_kWNhPR`zH5K07vSQ=$ z{=7q@vmboIUZ}wroE&~|iUx5%*@qGE&Rw;^hp%+`U>CYwj2mM=U@DqG{VW)AEAVQ| z3u6_KH`PPkzwQVzEH1Z=ce6l#Cu9SVB`+zwedf>NtRteDfOLYt|kYa*od2;&)s zEbgByLcUVT>0IDwn()S!JGSHujwA8OyZVhT67VC!?*R#8oi?CSf&*@~2zxlSMNGP= zT09|$T%AoLcO3;{yQk_Ihb_Sj6L62bO8Xd?Stn{XY`IWyDw$deS0+&DwPULU<*#Cf zQ@d=oec4oO1ue+}y0Q(6FvMg-*nMN`)_~WEa2i$#7LLyny3L? zFFQRN+=4aFK-bIQ=KW{E!yB!xy09V^V$rgr^xW=>j7MP|miARaLPE7F>Z=a#flo4B zz)vhmP7Hg_?A_W^q-kY@pxr7V4#GQN`1{jL!F4I;KYe|=Je$P#AJjbx8%^b3x00xN z%Gqfo+>KRqY#^ayHZ$I(l(TU$Ct(I?^p))a2y5bZ%>I&;(2kthsve!M`2!8;ZPZ)b zc&rgi&3}?st2EcU$uLuL@NG4mA^*>Jx07%d<@3s@O!Zm#y=s~-T2LcAPfVRx*R;&} z<+{8~ES6=!9uO`quImsRl}>Mh&i<8g+7RRTpdgDNEe<>&fyx0uWhyGtgV%9<40 zvg%zu7hCF&?H1ziP|c$1T$*0?lvfVEoi+6;usf{6=qD%RSuxtu?jG_+M^X9LvY>k%8%_ZrA}+UY8qElm7NAFvh`t|O}|;>WpB#?AtE z;*V2dRbvU``<$1UE4#~v3J+FSOZT#u4E|(%7j(T?i&JfU#IP_EUjY*n1A6PE7loQ{vWLx(gt$pr1JJ?xL zAMc_lUhpeRY;;8%YpDU{{;mOScbC7u@!K&o5z}-qtkArDm8@$S@K*?zYzm~KaeA(m ze$z@}))0qk;G%z05{w!25*fSiFp#)>0KMFm;>PCq`AyAi*G}R&(aFvZwLdw}I7igi zyy3wVwFR7+%Vx#U0;)vxaQ7AHDZm-*+mH3#tg%>>KuL$22;I{awTKD?MU)sMvA@G+ z($A~BF~!t;wCnx5k<@|$5zk;TP8qSODf91hIB`pP`4*$}Rr>|gj^e=N4dwB#-S(=X zSp-OSO<0&VDcF1-?-mazcmgKy`3YdT&P5uO?`q({*q?lR_W%ruozJHo4qW%|(7Ut& z7QF@%ihT3`>2F*YmaHms0g})r#Tu2kjb;3CvZx3Rgw{xk{Y@ZRk)oHjc>BZR1K{;& zs5b8Z`Sn_;Du^bH1V?S$=7aeN>P+&ucfB~?MFvB!Lwfp2AuwcVG(W|n=JJ^he+yfp zIIV#&%Oj*y6$^FP1mp9j>{**Pmy#4i!${z}N&el!I*_1KoK6By@BAG|*ZI#c9hFf( zKU+YLnJyzs^z}`>&bmqC4a%+7kBp5;)g*nywrzn!hFb07T&?)qd?sKpOCBz}EIF}B zeEI$3NSZJ8&4+=rc}S|SmQ6N7X_LXMM-^uTAxpS}5G7J=h|+0%XmeYeU+dJ9Y+wJz zmV>}Y^^62V@lNSWCvV@Yw#8M>`FG&z81wj-)3Je~fTwyXXF+oBURzD*t=;~s8fDHc zbJOO+pOG=x8ObMUpqaC+y@)T)N}n&tIOPj2nL*}S{v%8F7L{V!pkhe_`5%RepPAC| zxhXkID5gj>p*T%EGmEEOO;#-l1E2H!v=NpN=0UNxwWDbtuBQJ5fASrwj2LOUrYVli zm!QW%2n769JBvXM(9Qz?y1qGnRTF`pz7;hx)VE1XQ)za&dZ_jIHh7g6!<;PnLG@?O zVDp_kZ9ON-+|2?B=EDM=qxAJIb5lr@oMF{bNR4C zjRkW|UbI%-?j6T7)#T*1C;?S~isZ!^y}Ca`wN5gQ#+x{G*8v;FU+UxKRU|lpjmrp6 z``zk9sL8vMCl3l<+MxdPkQSwGgh#!P{ZN?t&Y@*f0Pey@j7AlBYp;G5R zYx?!d@OE%!y`tNOl%W|fr3@Y)HY;p!2{G`_zRuAr8nNWb&k&1&hlCW3Y|OouQqRsO z8{bny%HE<4=x90Ur_oR_z|q4pnj=cY(;Ehd#N z4P5YHiJCxF(3#44+>88IEx;yT1YyWAh#qoiy;AZdd$@6Xo}I=dqwqx|Q)v$m^Y;m7 zz!_J$wLN~cnM%9rU&F@V^>0*K9qX0W)N6fq`n-a*y9#$B+X4QUSi9&*ZFXb8`s9Nd zC@jyTm3-IcBh^>hQc3H((jFZJyK?1YmsLO!=f+M{Ko%nid6o|#&r%#81=npQ*&!m4 zH9U@z5>WU;lBBogIE`m(+OkCEGx8?0)--0p*1Ha{3bJqC+kZ4w$yV%6KaMh|P@nlI z(fu?fq$ghxUD;Rde~92TaU)mbJ`alG0GLr35Ega%J(l9);WKMD3(n@ZP}u?xvxyol zHhO<@n*MP1Lr@@RGi2y)-Naryc4zZ!lJGJzKC@1GWQqzSC&JpxIM!0%sw_x}%?+ev zJcjHx+(!Z^&I{Y~KywJ>&eSt4E!`KzA}keo3+qXit?FbW^_{hD_>LHuy6(^KssGjb zuswGm92&8FIxHq8rs)ZCLZfnO18>28ReaspMtW`N9q3Kp_E36b^AOmv_F)tgAKXJt zNsM9p_PH^rhW=l*=!+9C_w}CL20DG(nn3=^ex|HAl?3w-xq^G~W3QqEwxX{q>=O4L zOdoHyRRK6Surs@Oc=)c_tEmk#Y8x0Dx&rJC1p|I^Ld?f}AGuh%4ZQiMK;r4H7xlVe zz7B=JaozQY0?Ac<@NY$|MO$#m03E(zJTIzg*XoQ&kbHI1z+%6)v; z0spC;tL?x>h4&Cfw$kBPXj|TzFEq3dEBVcE=G}yEIhei7qU|TS&gVd>QeHMPdz-elrSF;$a?)S>UqCV_~ng(XyKOWjGW?uH)Gn;vs;q`ey2b?YC7tU)Q&FN?wD_Z)OJn9q^1y5&8q zSf_VDKJ;~(()hs0h%~rQDfTUfFJX5A&>@&3IW!ubu(*BaKF}O^!w(C9XcSzqKYIR+ zUN4S6Xvh+iAyT?}X<3}zvNM3<9Ml0}zNFzr^PucitX-1;Q`xJGm=*QAmc?L>yTByt zsE=@v+s|XC7;Y@jZ9B7#WQrXS6NAA-rlxX&Ivq#DfkBmqy-M_3Rb#rL=c}pEr`7O&ByWCp(jU|~1FF3xLdS)B0A_>))1zZW4P-7s67VRPWHSLU z)j%g9a6cNjST= zlz}@|Atxba;Ch6s0`-wN^`m}6fv+S~Mx|<&sQ9wDZv@j*!#f1IUFM3s$ZPufhNW*o z6Vtbx6y&CXh1$X-0o$-dBJsNB0cp_z0+Z!nwh)6#)0^8}Veomw$zcL(#cTRx_AwMP z7;+<404|_O#ik}EFMfDi86BbPs7A6kt#QWAI{|qZYs-bErZqtKtjSEV@b!+IoGN(a zo1I$nWzx{*99}qRR@$@Yhq4@K!hf2$(hvn^*(I)%2S{*Kc12yu9q_vhRLNU?LdW4* zMQwg}<~=9m4wCE_C0_n9XTUM!$aA&ivkp#Iqyt9cbNtJf=EEZZP{sLSM0E6-z@Q*` zfI5;Nv=6UzImGA>XUnAm?`O(xd|LV;Oa$skniyykT62crC_aHPY5exAr;M*2Cm-rq z^e*3>7xZs#`$r03F94$X_&`S%E5aHn0cKya6!)$OsFB2R+qohPM(C`S)m14=%SuCby5iGV`pshER6!H-|^L0!+ zLabdLoee>73Ypnf1@gIWx?u=EM>2rV+qv)9^QDEEa$k0}d*44i6<4W@f*1~rD+XhT zuP=SvQ_=KYxm8?hJG+6&z~cF3 zVSdV9#Z6`!lx=zTZmOe`HJ&+(kEpjs13At4=xi9k8d3liJtn|B;R>{y!1BDn@(jk2 z#Gg&tQI&A8x`dDL@v-$(g9=(c*1a?!Ntaa0(^g7{0l(4vr?mKP7cdJ%R|g^-1cB5VElO?y%`yn=fS@=Qv+67 z`0$5+K6A>s6~pzwaIBuwX{?!Q#0lkXz`j7SZx{{^cD8n5$CXjR0HSmI_QwJ*vJ8Ba_ENc42rI;w07*fU zl>J$Pz#k_4!6`S4{4Y1C9Rf&c|by%2^VQf;e6uQgbSl*s^*f9zaZ~&-@g5#;DTXzKiP*nTcqbSSn`R_7}k}?D0+y~YJ{yq=2z_T6IO}& z}|sI-d+XWr!%3U=s3>TTgCTA$cv0xCR567r1{}PYg^o&nbm1m>xY_X6G zdxa{^iI=G`!Iwe%2KfM%-ngNWk)5;+e`l8Z`qGa%a;gdOFN-XeD|(Ges@OfebnP$( z)FP?dRPfoLG)Bp819_LPC3|3bum;@AldaWaG@Mxsuis{@AH%in%L%<)0B|J^U& zYa9&Xcr@m~80hXwt@(S$94Ei#n#R0{v@~Z!X!8qrJ1_MW?WJq{>`bXE+>!4$9emd8 zGUfUWqw)?wKyCYaV;C>YOihW`b`)@p0&pUYT`l*ecL~qV?&gwv8}idO`55q49ys>` zc11@g6P*=J-1ZEBwHd(SGEWiSqj140HGiL~^%B)XeXh|xyeGNbdPPS&Y~y@H)7eb% z`v3u0hujMsPc9fH$m=JR$(klKjh)!Ykz>uYZw#-VAi+R0OmHLTN(k?_CF^`8yA370k18Sr67fB2+wy+-)P%vu|Uz?A^h`pnBb^L0S|GKyFg- zcz}g?lPt#p%B_P?@$_x}-3oe+s!N!4dvsf6HCTX$^xgy~Ga3|9IU8-XGrm?^G z)^J9yAIH-}J`_{>`3PW6`h`Miq_|_bIBlbbHnOwOajb<^%PSMfa9Sy-{bbj?yrOn)SM7_8&+ec7_}V&1#Et& zE5)Xslh(~21%qVda8dEIy+>~^pT9EBd-ubW_i#+!uxDqz&+iq2AI`mjMQD+-D`>2w z6;a*fHU~3pvi1HLp_g8;6Jd2fC>x~-5$a%I5D8}BW#9Jw!so9G-*#!R+Syo@ad8CT zNq?^aXcJ{&8e`wDKS}{J6{W1>vALG|M*R;a_G%!Bi*qX0C!`4{G(Lto^gnhXHLeTM z7aJS%D(%#qD!oo%)xdo@VAK~Hb2H%3joEQR;q*+rW0cVF+4ohfVl#8IRk6z#7@TIm zE6}!1Ha)PH+9^=Czz8?{XgyvXGi?<URTn~^<7M5&l(&USpt#d&sT z{De#sS3SQ5&P8;#JbsLExg<=Yd!d)pk;_wbzW;EZS5?@V9*LppAQheQqK_^^&xNgs z?i~5&Y1sV5Ower+Iud!xudU4rdwuJjUUN%NPb+K94%LffSoD5wTBKHF#|BQ!VY0rZ zP6fw&lfCY^mbic|E|6XWI9>bw)&!9+j`-ZlVu4f`aA+Wu$y78y-N}0Z>NwsRn;9J~ z?uUJAus#;eC8rt}|I)6+x022Me5OnMi$#UnpCK2;{UlHAWaPmRzPxW1PY^CUcwL6# z0-x+jB@QmXsCCAF_7}7sG}e|FWC=WCSG7m@?EA_U)v$xto4n34*t##kyp-D6SM^j7 zKK6$8c==5GMBo>Fy&OLJ$zvSH?8e{eJ{~$_yf1{4`)cqJ(waS8dQM{WT~&K3V?4Oa z_tJ{eGp7YTL1iQ_^|Gs#4L=D2MRh^@Fasj`&tBHqtK?Y?Xp0Oi-2E2in%>_p?vk?~ zNxXvnmUYa0_PdL^Q0DgW2cD7DVm!hk?Y3v^t1_jV#=l8%?tS)|n=td0WT3)P$sOyK z*t^_kBO}kw6un0OL&TQTguw0~P!W6{1~DQ@mK`Gr@qd>M(8LIdcBP6 zUhD5LgOIoImmOI-v~UMN#Dkd*LTM|v3O`r?mDg4K$xGWYjtU>y{_*krH#z_XZ(w;#9*;d=5z#K zz{DOTaX@5g@w>}@fyy9wVeiYD$}6?@ITLj8Wf7f>tW?2PU!(6YL0|CSXspeC_TVZ=Cd`E^@BL)&Nz<67= zm>L^PSvO0IZl)8^5)KV&D=_wDrvRPC;&T5ay+P&LxTB2xi!``hQ}mvZeYEFqy6`|o z`HEnGrxgnTu8aAY68ZFrx9aOut0rs}-L=8upnA(*oG4@1+@x07R|!TDBW9KRe4r6i%6ME3yS`GEwJ^ z^qM+MjAc_7#(mj;IXn`JUKhX|yp~13kmR=ODC}1@7ov#)44GqZ*3a7l$kJS$PjG2l zfRyvtG`dJc)V>#YTa3X-d1E!(ei zy3o9hd8OINR?^-F!9xP``b1uCwW0}fE1M{&x&@@UE@PsHQ-b1NP@TW&9vx;bJXS(^ z>KS5U@31F&q5nEP!X*@u9ntivtoPepWIuNV@M_Z&1c&$0vM~%1yi73FG;cq`=R=n; zsY{LyQ-i4`UQUydIRkxaw~J&+&=tyD;91^Jh+3VNIokm;Ao2yd)GJCk`PM~%-|1ol+5q`;iqI8dufR@5ID>n4N3_-@~PAy0+YHehCSDH(tsbI z$NSrx&wLCks4*No(rSvh!#^UQRSY+hXMPzpVi`>llck^_z3r25!(I2zWTT1Ct$llk zWfbVAwln67y0LaDsZHqmX&!%ZYWiZ3j=pzOKel1S_PF2X0MqpuxI`%(}lQJ@J_fU?IrHF+duB?Nkp2u z>T4YimNQjauCiHps$Y`68<+hCj@X7r?PNI2pIV_Xew{vQH)25E;gVS%P5W>$UPV8I zH(s)Ez~cK1L%YIMi_Gp}8m(dV0=p@zg0p2KhqlpP!rYH!_x>dz;UlDjwleZwU+`AI z!;SITu}8jnEXK=;4W9pf=H9@!=%?DL^0iz#a<5 zR?0dLdXpt4nT}1AmX+2r)zv!TCvG|H<7+5}XE}ZzraRcIfp&7FTE3iX@}iqp77PzZ zFZa%WYJ5rN;B8HTrwJpxv1Dsfo-Ux26*gCY+9BEFw9t06JAXox5yY&ol65OypV7e? zwag%fo4Mdx?wzP>%ijvJ7hG)U&JG9b(S6wqCKIjI5v@@F?_U1uH-JCCKoh#IRSf=d zUcjUBv~f7`FD87og=zeS^F<7<+fVIe3f86=iunSkAY^}ty{+3EuMp8+R*YAe0UBxX zX-&MHT_{Wd5WIl)k1|q~5AVS7$b(52%79yM4yaV=c!|*L7h7DK&ERx0H|e2ayK|o7 zfErvPsQ`ZeE&N zmRc|o^7Mf&yP}a4?q%cn&Z6b?oRLZ`SLIYq>#N!`$!4}vi(TpECl{Vt`8dU^rppHE z8(!yeG)q8X>m>vkrM|aJ##8Mx1&=O(slRQhIVVNUC#rSYvhb;CaJ5uSNelkQ{< zNh=AaZh4vEVr&3W^#HY}Wz*C$Iv}M|$$J z@Ao?&b6%QJORVXqW-8+8u$g97Y~#(l6z#?=PmlH?!5FfuM09}z=|h`Sni}YW_tnpp*Sjv5YOD3Gyc&&Zn5^FWlZN^ zJ+!1FY`pS+2|?_6z2*aN>OTY+g`>rw@^?xKILz#1bmj+n9?uRD;2w;N{pE@px3&4n zkg*fo0a6ap)O>D<`frrZ-7rp6nv2eSTei?S(~(ZWJTOaJ z&M=^_awah8?akZ-t^mV$-LZ)=NEnpXl9xAL?32UHzd}>c$Yykknd#63lYn z#ej^$`Qb;JyXrZ*f@2WevVWe3qDK@Q+>?!zX`uCh30DAp*i%Mp9|*T5qq9E9lRR5I z`hIp$L#?}ob_Wxwe}fozhtu~X=EEOy>qvNcc&He22O`1zE~QX*T2l68&7i4;Z#rHc z#;FB*AF`tL3D_L2ccTX8+E!p5`%``Q?K!2}>MdvwR918DzNw99&4)=;%}efWg~EL0 zCL_J`NoUg3Qfk?*1}lcK5&zXclwNaZ54Czr09e%4TBr#&QV zD)soiZD*6-vIw81DWFMXU-X~sJ4%n7XFgc(Ei?c(1CeXqvul_blw1t&>EIS=(kd2^ zUXq>ys%5Rh7rdq2x*b!xvufWPp)u-=vm~UgH-HHUK~$=*aZ&pDP}j6br9;JLzkBth zE;|`3wkiiNezWOmiB&LFChVY8w3AlU%aBz&$4 z0(^LKNw~)^afh1VwS;Fuj)d}BQMIgA^Jr12nT&SPDE*?Dt{68Rh20f;**=$3detw) zb|++)62|Xu$3!m#&$FeJ1rycPpXR)_?GmbJrBXe;FaE z&e;_xl(sOz>A_zZGY8ZawP6M_lIN2@87FIjkV+aqKzSz9aew^2bctpsJ5xd$NF6Tg z-KW--+McQ6EKfchv)o36T(h$jE_z~#Ss(B-Xp2%PDprb%v4*7@Tugtc1U>x4j--yJnVq(= z+9t0TeMu?rW}{tdMG1Fc|2s8IvhLeCU(7Ln`k|pWGkSu2meHv0Cc zFj>yfk>=`!LYYdf`;Yr*9vtN1_j&ebNr5b1`Yi*yOQVF82E6g|bC9Yio+JnMS=9d2 z1_gpR@)Wi62Nc6 z14CseZiacw2yztyA({Q;!CwL}cUzEvO#DMLK#=UOIyclTNp?m`E(9Std_H`f+Be+i zs1-ZHnSrt-2Q2Jg%^pZJ&SqhlW>`8<}362O1+(kTEU?ta?Sz8)+j5kv{terSH7Iq(gMj^ zrPgI(PI<(UQQ+4p{pyt{)9axh zb}04YT=Y*rNNd;^Ox_^an1bV_wDPow!uY;grnY`X$yhMBT3$eyxvtrXvR zNgS`2=)6IaN=D3iJxIQS6wTO0ovR9!9rpQ71%y^OrK=$jnU=Vk*{Wo82^i&4?xA(e zhy!;X`03Hd;R8h3%utK>Lp-TL;CALRzn>Ojpjp$`K6U)refJsNlYUi`4T;Jg9%_RM zhE@5N%(S0sruD((!Jdv}3xaNRv03iYr-?$oc|syF_H5V5{`y7XKk1F|TO=OBv4-`* zQ!5B5@{|u`xOv57H*hBWpaI}^-!ypkwmN!{!A>SBN2mY@8t#A`aiJZE%H-?X$ON-T zI3^H&PC2cZ!&NKr(~+3mDYj_7IMr#EoHwexxG2@*ktz^vgwf+YM-5@-ol&#slNT z*wE3Ww-mx#^Mh2KG$c4E_D`CTM>YHwj>jVuO@!>A_Bct6;aM}>jSc!xnnZf{u*}({ zAkz}7XTZr$T(*u=_!=?qU2Vz*n8S_;8NWoO*ZO4g@xabIqp-q*tv3M>4Dy{t=-OUK zSP$ecPqxrbmnjo~&#{Lw_`$Yvj$lf&q6gwtgJCVRPw66(V3@^k`F5sS6bZ!H7X6-6 z{2k|&$Z|Cuhg@JnKxSKIFuEzf^$YeiGnBxhGb0~b1|r&dE!Vm_z!RvZHIURs zvfRbKxSw|!(+dhT6OiqTu3qJX4T)aO@4pQmj=!Wdbq{ie-FC0_n#&XT-VCK$wL>SO zY?GP!=(1t28{4P(@B1|v!*b@l6%#F~QkfOKuKQdUotYEkNYVi=CfQ>v)cM36>AID^ zvyhV3lZTs@QZwKFXknbFFm_52=Wl@TWr>U8Vi{4HSIMQIWeTyn*8)^-A?1j3LiTNS zRMfXTsYC+>iecZH$lKOFeaqZBB?u^|5{tc{yykH7q{BOCFUeo$e`+mnfP7nspQ*+dfeU!-S4{Gh_)ZikdTDk05#FaDteFk`5DKLc8kKX6a#Z4Y zo|H=i$vRzk6x0fakB>akq_{Q1y zUQX)Pjb_3NZ){2{IFnmt9+y#A$!jZHW6KJq?94cU7u9B5RQ0=pDcqiP&{3vN#6k(A z9Z}QNzymL|*YEqyjVnKd2Y@^B;YRMHpa>qJOf|YEY_vAX*>@XAFi=3j_9SSYrKzy} zOcvY!arV|>QFdMXup%ge3W|Wz>aB>hARS|20xI1g(vm~NFpdhSlm$p*fizM>4+bFJ z&5+Wa0}S!)Ym^#%-`{(D&mYe*w=-PVj*){oTvv zf|}6ky68*>Yli4db*n7vvI_o@Q|Y{k<(h5M`_#eV#<@e=@ZX z7G(}^RtOg;l7-gYR;r!>vo@9nlN>`E84~rtje_cfL2me4&{vAuwOEd{i#-Sb4D zP~Y{z4C(wr^3Z@J;{6;xDxXPiJFB*`kx+mTWf(Yba@adm(7Fmk%4A+#z7c7Q)F2J5 zvn`X;UOoKtaVBx+HGax_ZFpCqeguVQR#FqySZ z*8Qsxoap0~5)rZeOT9)B+)p)At&GwSCJH5uF6IJ?O$RaRAH`}`bDxV@#495;Bhy)E z?IC${1quh%Y#A(`BQsIxt)<9uLX=hH+#}Bc7ven3PtO-<=-`l^a0M7r*{RRDHSmLg zSmyhg5Vbgv)gQyh1 z)_!emDv}& z>yMt#1N6?i0a=&%m)jYBUku!1^Qtma< z2Nxmfw!0~{diK18o4%1!o6M;N=Y`ftgYL$GcwR=U@4IdNF~Htly<-WbP5yt2F7TTd zqK>qN0iQqE!9*ALwV1`rlXcZ?xrH7hGOzr0FIQO}kJ=+U+&K1Cx=xz$T}}9y-K*&D z7Q?9`Od&o~DS>%hQp@j0deiFU;uZo7&CXg_71ClDF!PlTbg^@dN1VCCE~}TZF0U5% zWbh(SYv(yP97bW$`F-3|Pr$p54$4NPR*JSg7|>chf9_hI(xDL+txr3&AVa%BQfmV)=#vVA2RG$( z%$a=!HPYYPQ}SaIlHhAMQd43;X|LQLEZP8Vf*m4LV@V~@{lRFe-v zjy!gCud4KJ5|A}a00yVaO~0+<$#Ps z7<+YnfkjW;X()1)&l_4`fgcYGazFzg$6*4~u!Y!Hw*rjF*nHYa<5P-rn*n$2+J+48v)Vp!@jXkJkp~2q52-#78VzRO0-xeGysgG7)V@Kjxr|-hYce zbtr!!wWKnXUJ~x>*FhG2Wr9EMe!ulVp?AKhg2uCGXfSMOFv@mChRtz98h}cqdpBQT zQ7iu*J9`7A#R?JNcT!+yhf;;N9k`6$FF1VCINf@MAgWQ2ncVgh)N_cv!Hugjj&-=X zc#o>mTQA&^T0SmWNZq}U!Wv=~qYoVG3Ezsw!?KGo#(B>=2(>}u_c^_w- zeslvURwN~`O=I6>(GS)~h037*QYvZ0Wyw$DZW~rp_xf|u^05>o(i<>#)|{! z-VKXZeA5ciA4HAxOiqqxC&Fdc9v>4K33!*~XrP5}AT%1fA`(4Cx4wYuD+$#i&zv=Z z()T>z=BlyRJ{h;y9}F$+J>6J9C~RuZ0EI*G&;!6K)7e$F(Z|AA4HXkw_o*}+Kkg!r z{gHiKnPRL`3P*WvEMv4y|2{yII0#L!qB9#b>dy{VfVyn+L zkVVd!{|sc5NA^eDM^nGYFFimUv5kJVsz&BqNY=+7^rRhTamGHAbeK|BiM z4?)RaQG-52hCuLbg##BV3VelV_aY6e9|**t%MXa3PR4gVp(^r}S`N`qGzzm*F5G2P z))hkjKV;ns6aiVgFX9J19!3d42uXjLul7n8$+E7f zwmbfqD6IW_3+@v@X5YD%k1J|TH-k&odCMe#PMqH}3ibMHcUc%(g9s$k-9Fri&YJUb zp}CGPlvs9OxpO%4xTP=u{}9nH(Iy=eVjlq(1I7*o4{m^@;l>Jv{l^ys55DY@QP`zr zSysU}@EGGAPKM!2T>0fY$3I(ra1oz5X;veEbQ+&0fD+6ASlW(5#Pjh3W{u@DM_SNr zT?dLE7iMdesYdBM9aGuHK~lH)dzQb|y=OQOBq=ts$U9BPquG4tau|&_{cvGp!)-qlJg7AB5b8X7O5W`heX)1G6F;uU=UN)` zawV;`F|JV)@ks{3uEny4)3O|^eHj|)7vR7ZwQWk?A1wO~RI1{mpu14m(Pr5LF-sGE z5eOkEo8E)`e0)|gv)tqGd>U{pC(lhgHfP|{GT zTw*-;U5zliJQ~6m(B&J1rxNyj;MtUKL0DuXJlJ+M1*c(l@(^q3g^-|Im3|*9^9?lH zF5~Tsx;%vYo!#PVyu;t&qkJmirV4dXMWO+KZb$yj#}JkeB?0WS(%XA;4HJ@?90V>% zBaA!`@ngtU?P)bj;*ba;yPj&%@mB&Vk+&~a+l@5&F`jVA5c!q!H=e`F9`1PmgrGCH zg0fhreZKG1xgUml&4eVW#7KN<(c{z>i5JCHd*#f|j`1RReS#1-eugSzk-&)e$VcRme{U<#V97yR<^VEY<3ypD%eQSh@NMcX~}e9xinrT@9X>8tP*insaSj zOi&7!`>A)CyFqH!a;4>(a=dn4c5=Q=ufd7Vo=7VW9qTWdBF&+aA!IMge1d#5DmfXW z8$l3lcUSqzIjxxcR^gZ{VCnvYmabLSY)jpBWF540Vl_)t63({{SYpg?URfzi^i_-2 z5&kSCL2&zNKp13rixsX8CP@#kJ7AvAArrnVGhSFOg_Hm2Fcs9>I*~IWStHjY5OOtjVKz&7N;%EH; z4~tX|BfWZD9!{77SUY`Mm1$YM-kUQe=k`Z;nJ&5hj`CX_MOx;b04KmH*237k)H&ER z##?Ma9I2DDjH6E~Na4O4w>5v91WR(8y+ZflK5m3QvCaYxU z$&$@4gIsddI_vBwbzyI1?u~S8w(&4@y!9H8q2Yv0)AM&tIuHg-vE34e9U-ih>66{; zs~Sv>%kpO)w!vp(_y?BT;B(P`Yym`U#y0;Ph$R>TL~NAr#sUoLTpQpHAM-tg{2sLsB}4R+&s46HOJ~E{6hR4y_r0>(Nh_0G zS?!JW;Cl1Qb5%OW%*kz`&K1!U$#Yu*DAkoD>EK9;*2q>qa=v^}hkB0@_J{y|QoI>P z3<6^mIVj^H+gKh_P{spbh<-wX_x^vKLAPVW#qsUDidqZZuk!dayM3%3e-}P)b45fV z)@uRgxt}@FcPgYyAB2`z_daAas5jS}@MJc~XwZJXiNYRz3b~Li(ezxZ)Pz{+hZh+j zW|8{R^m9!98e)PQ-0>YP5}5-^>Y>u0o|Id>9Lo}v?NXBkdkk{KK>UVs_wTVbbTMS; zt!LP!w7;~6AcmQnxer#*d3q?=_1Hu>liA;T(%`h3VthH05h8MWfeBk~6-C+8ewjOI zJSC=JfJNZ)qQ^lj&--YrEd33aeqKuzZHObmZb4DQ*KPOjZLZ7*Xk9SYhCjP6XZsJ{9=k^faI*;Cqyt$Z2m1l`d|>jJa;o)xtV(`G3~{} z`56%E@CR|G5NB)Z3(V9j-&j{`R2@aqc@r`M)CZ#6qNelr0yq#K)AF0A%|p@A!HKT@f&^-iWSHb~feE{x^iOOLG#^(qCb z#XK(Sa!7o3IR`Db;5tzgT{JplnIz`17aHqJ9l+q1mDM+065}WcIl%@QMc|`rau&+1 z%WgE-))~okwtt?`kOu}tVkTig=M3WTASncW%~#E~=v<@%8GycE(ZBwO z22X&RktXZPtt6%W5qu{>uX+|@jt z@Vpn091vek`Bx77!EuhSiv05(K8(dm$+CJ)*H{sPjqz#Xy z51ZrQ*A@|96(4bnH|vurxmcCXe*j}%Ko~Rn$?h+VLK|HD9Ksmcy^vM@meUasqF+gd zJT6J;rl*My=6NLZGn5iTCpi;1z@o5D&Q5+oZ{AS@Got`&E8vLpw;qi48&EF?4DXs^ z<(O9PIl~CN``3Ye!nquW#$3cykdoIT7~qu{NfiwrNR>eN)M3L-{rllvFoZFf=U`Q9 zxE9pfD`-`gO_y86J4NY?xh>#5&)MlN#SFc!*eB(P$b|?8Wqp*}IUhA9kBXvOyW61J zr5C4f1$fJzpxnc&njCq5mk?#AA=T#$OGKGQ5A#H(X?#Sj5C>PN)Mq6Zucq({ex=ft zHq1(nDgd3K#OHn`Fi8NKZc0>wkND^Pmbrc zy}exmxSxaYko&f{MiIdU+n?X)ks0&35{TsZ7W)u&!xetMwzu2JXt#Ig4Xaeb>FjBrWmMq?TIazvfXfOC3` z3FOqK0L^pW!ei42$g|Gb-e{MDCol*EhN?K`H|it`B@g31P8e7Q&o(!(EYEu!{MzF! zKv9t)F@1e``YOGT&?HG2`}i`%4L-x!E1k~+W!6$SKN_u02Rs%CTH61~6iuTvme6_K8O$FN zx(g==#B-fwfLas5rIUm40*QXBpH+M{x=`1oX@9g~&d=wCw-jHSt%y^%M%U0^jJBlr z1_TV%51ATG%a5DZ`xob(5mDI$jB0`{3!FEf*KoGNr$&paFdx6F-(ez??b7f|CtgTG zf(h4&M25mEMW=qhkuQRSGj*a#PO^G#I3zA-sy(&J*WET%cLL<}r>k^s0h65e5<~&$ zS`R2}A&8LnaC23^Ef_~#vwRN7we0iv$d(2mOe0bCo}L==Fgt8x8;!s))ckb30~xmw zbO5|O9YR>Kw8f}nPScE8^cV2$(mox9M!sg4iG19Zs?pOmF6FUuL-&0{X|X2)UQRpM`0C} z90uPrLeYpOgTg!jE_;kRKDAnC2}Yye>|=H1gECoMw|mx81$i{*K`0XBSG9Pzwfa_9 zi3CS1pE&3o_cRp=48iq#!nxfRp0CmEV_AE%ziplgVOlP_Hm|v2LeP9DF*j$wDRjoN zDD^6n+He1nXC5yFYSE_3t?7<6*qypx>8@ioC>eLO6+8Xw)KnS0mg1K$F6BLi zUtJfcuXlDjb|T!y%QGZo^{cWwVNIewxNsdr) z^`54}?ryA|!Mhp^+uq9T(}q0SYE5o-goPr>=~$Ozh_Zr;I9LMxMV;K4+-I*`jo>lP z=tckwtg*F`G!?N$o!(7L(}wFe=!&mVVWsQ>xNj?OKf;l zL%;v^48>I%NYPdvuE$a=q=P&--i72VCu$z=>_|SL9BM7YrIzv^s0g7$u72h%Ou~$4 z>F@4H>af0+yYhmQLK+8T872-Dw-sv%7;WdB)vhQHz$Y!AwmWpX46}e5w|mCIT5O|1 znB2wtG9XL|+ei5&x$RqsnaLI`NXsKkdATTv0AILxg*Eu>S`RX|RY=|rdx>4Z`F=+q zmC~3zAyV~D70UN)c9lUj9{mE2BRbOJ$Mera-o?0kMczXGcV78hm@C{9(SHM71LjgO z_AwvE!yG!Cex`DK3XvKb;D`hzv^onj!kEPh$Hg)oZSu(_u!`Wc2}nWoCI&$Xku8vA zoDaK9lH)`bz^OET>~Bb9|Ak=dyV7Lp;) ztBOh3H8v_lN?@tq7lE7zGmBMe;+FU?dBhxI!IDsv!t;aF=3DD^Aorl>c>O){_eS41 z_y-<~o5m)#m0u#~cnb-qb?puI!WCR6>p&=6?nGor?0BLEnkO-PIQE@5&dBH%IPiv~ z0wt?3IGB`RQ=9SD8G*TKkqxsnOHK}Q1Ft+olO?q>Q)($tTQt!;n>-U&35QE|Vn&DG z*)7>+wVD!issV%q;}}i0nV_K~fZz{$IfT>mr-(P%4&*I%Umvjfm?K1+e@F@)Gf6pD zi%YHg8}`at^2#UUpXhO!PH%Vt$^1FU_v_mvl7D=^w~0Mni52{_1$NesjyV$#V63N`U2BD{49oZ+n%yje1xK4#;?UGC4tDoyox@fHPKV|lKVKltJ6 z=R;If#VQk-r!p+C45>y{zH5`?4)oviq`*s!Re)9bXI%P=894m*ml`FoF`uc*bL>5A zz7GSx`ri3khkWOaz~X{Z#u=d|LMHkQR8H@_2{~YW?I7EvUZ$p%r4&uU1EFg7we;23 zl1BCkc$Od#iXVgWIWA*?EgSBRtsms=(3EUsEG7XU|DQ4z_1wuWjt}_e-OOZxd+1c; z^S{OJ_&-|8nO8xq2Lu{GOu(6AQ@;o~C%~$i7Y8g0tD`!@W*_^C;Tzv&{m%V91BRc6 zQo^tzcwOo~6(`Pjp@knlqcsY>YpkrEcN$^YmSH|MptE#uc`2uZwk(i0sWB`9N|G1= zKsIkl;OAeLHIPDpK#D;nHbXpjW&T*pR~{TT?p+NHf?b;d#D^Z5Dq&5{rl5qsZ7kpn zMDaLi;B&NJG<4C8l#kX`)Z)TEmKDVVmTRTWIA=pv)*9g?(?YC_&aQagtPU_ikV_-U zNyrg4+-i^^VQpNZoWJQlpzW$tJ{ZFIF^A;^0=H7U%vjx}lPvr{kerI<<=Uz>jHT0-co1|83#+B%TMI5 zF}Y3|`Bm*m({Wh6q*oRPldr!BO6-}b?Y5!|P>F05Q;U`&eGG4Y}4W2#R2<6kd8i80hPScZ-R>pKA{SXyGi15o$xY#5l3{})p!khhKO z0buocnEY15g8GKus{Dn*X0&Bz=Ax$SRH6QREFOc$I*zv(QA#6$tpN8fxeN&Y2aBYI z_Ii7rw-4oL3Y0|#)EqG1Y!`jQt%w2S!=H4Ru9-O(Un(+NR}4=whr(M8_Wv7?`3LNj zklIs?wa`6r$V=$II>(!H&M<8CTWj3Nh8x%f;%58q89S7n^83lFV|(|L)i}Qwy`Q^H zT~%X(20dn)6LVx_A~%(~M=L+q8eSr9GzP?mPYtB4**OP9H&@Ju_FcKCtiI7F2k767 z(|~}=P>w`wfED3`tp^NClEd5Kr2X^PxaPUP#3g-fTO4ag>*p8QfSC*&u3Ck#q-v~{7J!QvTF3fo_kfzCimt=GdKTdRTm=Nd{FM*i!Oh({ zO`;$gjUp5^jB$YEyCkk69?Exb8WUJ5S=8xd5Lf);ENGbhi-5F^(ib}d_<^n_HX4sp z+Vqats*jT>WRW|A)OIuAbx@`?_LwB4+;dU-_PYvp*yAgd_vf>8o`o-##m!4M?Bz&< zh>82T>~(L+oks!YFw&TC%@zq92>RIZzbp$(Wh;k7Sy2C~G&#g1LhXVZ_W|9`R6(hY zFc+2q%%(b>WGK`S9J}T}fBwkKK$V{;y#FUCH~#<*_B%T}XEzpp-#+JEs40>;%27xh zug_5;O%|X)(mj}iZBx|urf(p31k#|ComEnbr&f&JZ9)T)uJD~_v5gg}COHni-xNf$O;kmZ}^I(*vPS3JT{&48`F%N!-t2rMR9#dL3_WKZzq4*P5%>9tIa!jN}&s+XFKP_?zzZ z$NCa*Fj9@glZw^1rl#h)5p_&$&rFpxD|>{iO{#}5;lhmDPYS4z3qQW|`bjuW>Yhk; zslR)Tb~W_eXyrS8eFnn^#Miq52!`Oa)m6b;V$tVD62HZSJaFI& zxFMyx69Mi^nQ`7y5(OD0+fWEUH{vgQH(a(VDz||bB55vW_VwZ{*gd!XOs7_;~jY}y-E42bB<-L=|G#= z%x-~<4OER;Z~yK9B)#izF4`}6F4>FFD@7gZJ7|Y1D&P2${DG2fsz6A5s|8&TcVfyd zFHjNgy3$d6e_&>9iE^1iqUJPj5WSfWQvJ!b8c9&V_MictYGt9UB)lR@=A_h=5Rnd5 zvu(9((d6|Pl3k#ptK1Ru3vILi2O8AAhMfQx{L#~&8;+`iPQFxOW7AY3d8H>N&z`lY)~s%g&9@|n2!5Tzz1 z19aYe8lzE;b(wTwKhiOlE3{D9JYeXcb?*r4MKW+pih7BW-F5~lWOjMbE zal5THbWN$e zk@8!>kwA?D#2?F-L_-}q39AdvR-8@z6c-E1M)lE^%U+$WN2?}UnyULS4^~GVaUseV zY!84Enzu0P(^^V)jGyCm*8lR4r~^K9aQ`SvYby6V78foek((2Huj;YF{Yo;2dPOY< zP=odkF-{M~4Psa1(=Sqtv7|a$huYTOuwGli6^jmpDv%FGO-SQLQ>|MJ0(}lnL9uh~ z)#X5>uQyvO}zd_!4} zQkkFS;4!f+;pX+f;KM@mjk@~(Vm@F0&3rrnuo}6}`HJ_9sc7C^a2kpTIWI~G$y5Tf zYPYvx+XXbkXCb>1N8QZKi|1m2=;!GhamH{Jn*>=wIN- zPCRFFn`w>#6x`U*9AisV(sI>Au|m$g;Df{LT;Z%LE47@AwP-mal1O;!YuFEv>VFke zJ5GqS$g?J8_8&*goJ24Krlb`3x0uoNrUCZhd52E8e7tu0Ic?w*HvbJ13kp@4w`CMY zAct=0BUk4f@^0B-V{^WMmY4}#Krpu*cmZ}kr=a_Xr@pPNpoga?r9WK+a&=JzSf`w@ zLg-fZ>KYR1AtH=_0Ph!qj6m+?iE$6ou?IhOT;(SY?}pTh8u zAJBsGeFcCgysiIu0w>s?nC})8BZm$iEL@#Ux6~<*kk;`pY{Uu)fV5e`C(>FB&Sie| zc}I{yZ$b5)_bC=j3?RsrpP&C7gD1&(^I>j#2ld-*lRw{76=q}NG(+{zI|k;@*Dn;l z@eL~f2%!`~SU0zpt=gVM7PKn&S2TBU#E(HfAqW61Ms6mKLe!OnJAbDE+=dMR6J`Im z-g;d;!cGzK7GWaZlIqMkBuL;bV)SM)*Wa4H4FCG@M)YBIc~6Q5C)$roO4hX1(L8zb z#630}MAvwhEh$DSLq$`m8)=)zssjsB*55=}zzPzMw4Bw|;%H41VWq~r-%NT~lMcBb zo3&EwTPUa&X#x(0X#EdK!uj5RCJCcU{__Bf4#Ppk2ooI|TW{VOJMr>y=Esj8-IKbz zyG1~svu;i@$2#1-t1^1n`Q|cJ zj@!P|f6&*S))*WN(|TVX0vS?p1!UX7oQFPJ^fxUPrhHYH46XnZj>`yfcl3%I&6p9Z z$eSU{cbm}vI zqjntklRfh5QWmh^M>{HjGt^+G)M8$1c+9Ytgb}^0@Nm^L`pk+eH&x=YJI(!y7ZGuN zht2oj4uL6)3RCt)J+e?X7siJVXV+y&?%i4^3~QoTt^>B!FWl|@BxSQ(ijmH!G~c~s z5mRLyu3%~LTHf3E#a{ZNDrR)DnGe^-*@;bEfkB6qS)k?Kq%0fL8#{4_shs=JWJd95 z#cLQ)ym#d+_Q;Zej58l&3^*pk$eu>WiIJoVE0|?UbSj~(vQc@uX zOE08LkM7@Y90?1@3<2NYG|v|$u!hR~V_Tt@FOQ_q-&Uz1tRs)ld5lD7xiQMott!8j zHNN|KV0i@dgj-!KLwNOD*a-Pim0BewwB3B+?X7wRmH9Sl>_i7xWG<{>!$#J0cCvcW zarY1$KV~kV_z*6=diCm^G}5g+NPyk2BA7NWFR!MquI?KrT99Zaku4-tmM&te{olq8 zGS7D=Y11XCySZL2uHLF;gk_CvgUX)FixW1^pKa^~TT;PO6!x;`p{pm7#YK(*m*=bF zR8Q`TDIwZ#el{7LojTTz<~`)={WI5Trs%Ip^I$Y3x@;-3kSu>%8pA3-)>`*cEgaIb zxm!sOuXl{GcdeZ88Yk42b+|C z&Z`47R3W#02V26qf$&d_INXrw7{fWmMp+%upR1;+NoB!7M;HA=2y3%VJ|4lm$R(zJ z!@rJCuq2H<O;{$-8bFz@z{a{n(ai{`0WE!}7-}8t}W@Msv+2l1Q4Ku@C80i2U!ED^Id#i7zF>u<*^dQBC57ypTfe*(PU z&~Ks#oaF`E8xkDNHa<9L+->IQD6;8ZD!#g_+7#Dth(xDj((1rL)`z8v`<9G~#Ce>R z6pGH1qnyb(`b|O81cJ+6YVE#4 zRPOK7Gxx_vzg^G8!pcplLk3Cv1yB6kd2Rua2v@N;QKjub)pu|F!2(j?a zR9^WR$CBliuhVaPdja9CYS1R+;?|AupT8)f1aNyKVkK^ZPHdst-|S51EB3AE^;f8E zBO%RB>i|BSQk!fyHa^8dSxdzqd&pHl?BR`d0}z}N>yNRz6t6Y~Cpbq@=U$Ror-D{* zgN6yz#g zlC|mf@XQsu#7Lhi^TmYqy$&=>{9_m=*+bRP}45^eTBf8g;rM;uNZ|#5gjH-Qr2ZPNVX(SYOZ&o2oyk}hI@g$RZfn={-`vr2aK`-@+#L40z9&GD6K9wE zG6(4#drAiGV>>0ao9_Pa_zY+a20AOqxc-oh$JVj)*;om#My!1mb(`*4J^QvP>@cvi z2)y3L0ksX~0F@#j=3ar|kK0T6sd{_~&l+L#8LOy zKY&BBBsmJg^_!h(*S|PV(&;qFs$bU_-IEEZxP$g=ENHEB{Av{eMz=l3_6fvDMpG{I zA6bYt(tgG&xpHaLb+vGzBpmT|t>Aih)E4Fe-;GS4C#ptah~ zm-H42`fW1PBw zzVqN_ppgo;I~NPSrKoI{-)+ncuw0QOv#>lq8X`%HoFSWMJ@&k6wZVasGEcX!R&~yc z-J82rRCZtjL%Tim11;U4(ATeqJ&?fvLTkqLpvcv@HUWYy)-ck2kP z26&g4iEzTUmdMb%lu$k3tbMO%q9**OVpv_;@OaSX$>nvy*@#bK49J+c(4&p-j;(*S zxpedtB1t1#&!hhRNn{L()AwwXOO+iaq7eo{f|#Hde?u$kk;cs)F&pZ!ODT+f zJ+t3+dLG|n#pLUyohPBprSW>=M8dYY{QX1YXP`>upk4#RM0od zYF3(L&wl>;aL3S5u>b^>o(m2tLu)I1((q?cbSO1_cvhOm@pveXL9{TiThI~LBW=1z zh`-oJ?#;yHqk)-saQ81C9eX}vN01o{FL+|u1o^keYcgWxEoIeDC%_(e8x)zz$C zx}r87kvy7!2M2flmb4XW7LtJ#qan6r>eqE+^{{D2L8WTi`>5^LmO#&`z6Ykqoz8rw z?k0&a(oVlzgvnauWXJT9%FkLFy7b!Fa$*&RBwGbK^QzQl{*`Dbusx(Neq)elw&B^=+t+^oe78MSTL`i{N90_@VC3*mO zWCI8f#O+^nYNB|sugoZ7K4k%4ysGApO+?WABYYD{3srfzYwTUPSt}FJ-TR?O*Zxf0Uw(S80Ng=5BTn(B+=FNp> zmw=uYjGukCtqS20VvsrdAyjWO%zno?*%jB%TJ%JI`Ig=zbU4UNEiPQ0W4!$j+7E0d zXaoO+ep`qeTJ)Flx@)K>Q!SWmOm$|59=1Lj9_)&bB;+BsZV3pzLa^Hzu3;^Qve{Rr zgTZ}mUag;TXL0MTFe+~UxCEb%+6mT>D1&+=+jGw0#Ewk%Rq*Cl3!^#+baFdtHGcuq zu@s!mixri{-mv?JK|cX4c*?7QyGYc{ePu}JfhdSnx$l;qj7#$B=m=k;N+eV`5vxoQ z(B5Hp;(sN-&6R9vEFy)Q!|)1<0f#epjeCx2Bq~3w&XI;l10Yp-3p&rw8B%{?WyuYFrKX8jd{a$t*#T80VP;VnC8j6{8V-@V{U^F8|p5Gy=}SNRVSUPaE2 zla{|2E?--q6vWEz!3yD9xhl@ZJ34g z$q0qX-%KM8R3zkVk9Mv9Uzg7=5Ejxjxj;e^BNPzfJatO6y84UHY*a~f=?!LzQ+%c# zn?K(23C2fuZ>)(d)in0fuHB^6ux{YE&odRC9Iuno>_tmQ~M*^-MlY=gGPc~FQN#3Uu^qO|BReGW)}+kQjW>M zg}2LAe{oTmzSN^tEFsd2m+2HDJHSzgNs{f+BYlWHmUZexa7XZ{{uhFN=wEc|8dK-U zyt|Wm>-D5?$p`JtcWr9O25#QHD~`^Ilq6o4lbl_)7@m|}2M+95GHSm4zfZ=;-PDcn zxORBww_wm_yGe2+j*~Z&e@gwjjK)a?`ZL-ab89)xU+0*>?pGnDCVy0*FE7E3SsjC? ztQDYkDc0paef*eYab7s_%|xelT$%+|%xdl~_4?MYuh>PJ>qZzJ<8+1Xl0o>oE8`JA z=s(1#V-ao>+@{r>Q7q+SS#SIFADcl9TFK;`2;nQ8lV`*F^fe76zOGU>ub~LFUE(|5 zfeAqt*3yuW3(}}6<;hs&^}4C0{hlc(JHRTY8t%G$Sk!6ZWkJ(T6tQ&tzQ=|IM=2X` zb`pOBHYAW_4o_8r%-8&ESMy#AS3I6wm}DV zTPUDYBU4UFUHv1ib4|<>gYwAmRXSNqayGULj6x+Ui8*(LEKDh?J-h1?%;*^peia#sB_qS?dbNYA$-UEh?4W7IjvLKXIw#{9rLs+}=E_2|)!uGkpi z5phJ6d$y_LXq}@-iJ;HU z;j>Yjf^B^tF7*O;k1fQf4{Yfxu(h?N;`)lxWAv<~)RWp>i}c#B#mB?O5!YDeCV$Pk z^o=Ma&3~~AzPb$+s9|jFBrT&&?k>L-{dT_TS^b#h%eBDXH+FMQKnvK9{O?-uAm?kY zV}e{Nxgjl2ju{vJj zdO7B%^~_Ulhmjqfd_3{eBx!dH5d)Lc#^wHW$3P zY?4K5rLXVQvZNlg_|3+g?c?70m%L#@|Dm6Ja3DR&bthHtO{jh4>G!PNZK>LC-#^*E z;OTbqIMHG}8X>V5ZOYOtl|i4Ak;j;hMRKm>yydszR!26TxN3@Al_pSre3VZYlrDWNn zP$!9=L-i$z<q|YyBEF zVpqpTVomEfzbIWMxwiDNnhLqJ;!rBv8OpF^&9{qK+S=)?TribmOQ6>z@mJJVw{%rj zE-p@}$c4tYy}y$$AbN~_WVly9q9`FKih0M+VY^UY_ER_ew0fUsX(G*SR_#cEC(*TH zQz;a1xsq+ee4xz?wXZfjCn0Btz65CAW|5dPsg*@80qT{vN;0Q5l8 ztE#33)86CK@#s+D#CG)8n!_Y_Ap%mUW^kK$mdg>30`Ybt|9E;9U9%bz<_13*-xiY@ z<~ow1>tW|#x0X8}W3T$H2_q<%?Qj3<0`tm0{uB%hgn4pMK@=4GgCDW-?sCgblj-Nu zj6Rr`>tG~m*$x|P<6i{kYKcT{PY$mH-b{36wv>)JcTLY<^TOPj#Zub9l2cSzb^#rP z)_A5vw!w*hA!X&HS8$%}lh$M6YmPTO4lp$LbPVV?mSo7T^bFxTIfM~#)1_VQ#5@Z2 zlWe&;$xGzKkIO`8y$kh-V)RQJF9tEEkdQ4`cy&6VtY}|aZB&Z3t3!;UWh;lm8Q+%| z5n}tYm0#@mV`!fXkS;s#zGJQ(S7+}qA$j(y`{Mcdc&`H^O|nb2+=u+> z3s1f@L)nt#JSpAx3)60m$z7{q=Ps3_ZC295e$|&LMNmndL^=)8io(CgOi%c&sm7`# zHIQJ2Ka%7O>mQgBn>&#_qWEHj2x@xHbTzqYwQC;d-J#>Zm0@9uadPoW5tW5kZS)I% zWXDzt_bZh>_7CZMJoV&3`%CRCvQG}%b>^?=lKcn23-;zB$G0PsGh_w8PMmjHHC0Qu zHX?bCth#qxxlzeuZsgpellf!!%NNK=?-ckIBr1tCy?9(;v5S@ZCXt|%=RJzR+r2No zzl&J**r+K`Koe<4i*K1dsQhksk3ZKh)TOlGj;g|cJ7xqSpc^?*$IC%dmpEQ}(eDzT z_!4L^f-Xy$OSg%9e;3Yap~EIAX7{$|1IbWxKI~>Iz0e9!a`#22_i3MvNpq>KIFnua zfMm(DWXl`oE@ih{Pt4MN&d2)&e#+F}m(|eov_qLa@l5ha;eom{+Xn#Hwhe$22YAs= z%ighHka8s8Xo*jtFD_9aP(wS#J|uU(hT?cF+RJq@{*9JJSU=Iu{rOMwB*4liE1CUW zxLyM7RZ>-Pw^wphad(7N!xU8r?+ip6E_3v`LmF~iQ3|$Nc+x7)Vs%41%t>+_WOLLk z7Au86f%3KKWlCN(59ieVqjJl&wCBfXXYTp_7@?eQO$(TJU#v}JlW(O>^FKLPwdizD zUGu-oW!cy7Uerjs6^S60gW&zYZ7{wu{~!YGN55cGbyjid^66)C-X1LxzI?P%=|WOx z_O(?(msj@Gs8~tqB%ct8H1|z|wD}2UOa}O={qWg#GgM^mu1vQ!mX@5gm-Vb7|G7{J zUSDyW!^p0=Wlnu*I*{fEGbXLwKN{}jY>;Ygj#UmJpNygyjb*F~wTfNF_euw_U~^2y z{z697m5_7E;t#3|3=#41+NTCIZLi*}iX^pHpcPA2i8(M{r?iCQ@_#)~7Q-`uBjyvo z)Y;DB?bN8A?%lCXY>g!8Ik>X5RmogEEyQ%V%Zk7l+hZ?I&tHSnEMLPF_U;r1AmxvE zV7h@uyLU70*538I2F9jIQYE!!lr^A(e48@(P`>$sL!>9%=RNkJTyvP)T9{3paC8)t zXA`|3i|D!Gw23{Q3`$JfV2LC-FB+Lhd@tz=x16f8T6h-UlFK=DYsIB4w^7{~ zJ^eeM-?8=BNum+*kTxfkxr-roaK1+xBpME5{zh_7?Q;C>UqU{yhU~y6=DE{d7=(HF zyg^r!wumwS(#jjm|MEb9vb=<>uZhr?(|1U6cOCmO6nTvF9>s65WO4iQ>sb@uuKnia z%{zIQYLtOpzbb#P6I?r;u0tupP4Z@6+`v>t76+>;50R{2*Lbv&omP^$d&jDfoTN@q zPOOZTYgS?(^JT2P#dA#hEL-baV#7m_de}G^S$}1C_#U1D%165+*h()K{MU6&7nf)v zT*lqG=%H8<#;YQmcO$NgQ$_QPpM-6MYlhX09wTdt(c!wtOF1(t7INjK*e1E($BDg- z0;S#aBbt4m_=&fidh&*DS!Lezs5G5%o*nNPn-1k-Nw!Qzh4^q^R+IFb58qw0<{$Id z0<$h3+dU?OII&bTHkaZuv0K!6HgjN)Nl25r7%lw`HQbv|mgpl@_>X&byaL8HPC{zm zyGqLErU6NLHzeglr1n)3c`1cm>$duE!B}-ZBGoLzBCbKM3i}lv*zVNkP`H4fK&twK zs+15#U58(hDDEXb9i!6{E34vtQI>KC=~thdqQ_g=tIC6uRx~0KPuq;S>t7N*^g?F4 z1t*W%g}3__O8<`#jSI?94=cy~+l=1Ni>c`rJfJkzM?4)i*f8Md+rH4wQ2kgbr049QC)#W z^}gf%1&Jw=^^R9o$EsLO%X>ZN0%nT*_l1Qn5k2P8$pSa6>t|k^Cq^I`j0PA&7u#Vr z;VXRcaYZpCUwCu#RP6zmIJM6{@Rl57DUB|*i1X;X-05#NYG3uP>1q}o80Mf46BFT^ zyFrmj`XTkCej*4A*IDM)4|2zo zV7N4m-i%s#CV|Uy*weL9vSwLRwNp0tJimLl^~exEl~iG4ds#$J?c+ejbIGL(G8 ze*CPk=Fzd_L@9Pw-h@}8luagUOMvy=ithQqcRMipLjK&4>7s4n8F~D#sHxQALoZ9; z;0^0Yam1?wIbrXBYENHh(>(<=TY`c7>8-9T>D8;_`D>ot=UP9sdalm#K(Q&R6_NT~ ztMeTLDK1@?M%&@WkuDCM)+I%gy$dOMX#A^g%6re}0{SQHn z`r$aR(o3bXM&u8;Cx_#O``Uy%U)hOgS#*^Yv%ccQxSAxES$#&%v3A!Zy*Y>Oob3#9 zjpa12B@#B6D`a^l+68Qg-}Rj>+1e#+x!cEGJ;wR~a7ZUCMYwp&wYl1GqfJabOsy-$ z>~RnD<^l?&vyFVmd87TfC|$#j?)2BlpI!x75LLq$VhH*!GFWHH5H%{Ev@tR6l|W_0 zTP4PenTr)F+ArUDQXRa+kyt;;ii~@mx9?EN+vleq+=;0C|5*F$s3^Pd4H#DhMNk1z zQUp{)TDltvY3T;(ltw{HA3`Z5L>lQFx@L$`6h%akt^p*4Aru&T;5|3!Bl>)Pzx93B zdjFY)qH~{n$F=vq_CDvpDiyB&Wfeazm^QJeu71w@+Y#{}Lwq1YvCMGeU76X9;TS5f zKALCoV`{(fyx7J%wMe)f0xe~3eFxURag zRUY@1Wmo3iiBoGa8)L~NL)*m!`=&p<)ti`uH=etxQc~oXaZ>#Cb^buQtNlr%e<2BY zNCFa2xDWQ)b7DMvyx3l#*~05Km&DrD{;Ya2CBXqw<>i&=-yzu)GH=Kh@i z_sig?NwimsuDq`yvklr<(!bJgByj!V!}`uHI{eJ;tqd5!YH%FPG9Gih%$%Posp z?5f*XXkpJX-$ydgC?@q4LodKb_#@cw`JQ2ar?5%u;y zCGMYi5x|dA#L?iAt@W27;Szr^HpK!d=aMplHEUn#H%7L?Jquc#MKTou|*1l?R5ytB5%q$;)- zs;M3BR@jXy_pV`(UHsm(fz^b&zUv7&3 zR?8II2bMe-R{3>f5v-ZGPkHM`UguIc(Tmn~(VZ&$5)tdH*p2zvmBvzIAkiXjIn>`@ z0`kLkVCoh8SwW!$fGqmJeO( zuSCcdsrq81**G{?(cj552{W^{={-!Mdp^K;4?`_EADGU)l^T{JTnS zAc~rUhJz-IU@GE4Z@K$o^;`LHaazH2#2VV=PMA7X^W@c&?(u~0iK2I_9V^k1mxbB2 z((XOmAmvsM176 zpMh%H-Du;X?dd=MV`$hhbX)Bwo=KU%Je95%$G&DETD+-2hNZN~=ZT^3-pg?^>PH_7 z_!oOrhEWY0=@%}}w3U{#a}}BJ&vjP`;P&RSf3Y>yAsS*Y8Dy_0(6&398{%Zi%#oz*LR>02gI74!;FMe zfj_@b7WL<lS7Yg%PKXrKrw+F!{CEQ;#!`C`buVeh6hi^OXFMsjh}$xeHTY|Z zilT1r{`n$xC9FmWHkaG?;LY@S+EEqE zF1~6396B|Y>`#Z*1s)PUUCC|pw?n%!cd`}@S7^e7;!9!iq#1AE%$0?25X^6>mpWWX zY^U$z&ugO2Ev{ICe3){eLem&)6I3*&J$s|HPzcIXGa6-l#{#7pmr#?n_t<6V5+sb1 z`no``ap>Zd0^(8iovb}Uan;*lVU=D1PYH%_{+sw*2MQ564_czc1Jhq1HH?tlUn5$! z+ozvjvS);M)BPQ8-`)wpShD7(Nd7IGXQY9>NnWicV|p1FR9Y!)*{$^dC-<_9$r>~B z4m85Xj_?&5v}W`gs3yl2;xs8UF02E8uQ*@ysE%Cc-19HfqLt{_FVw3ART^GfbmQ4b zq;WP^t*XxAaw}k3j6H7+{|&|e$O443$$2V;g&?m+081Yrp@|FX12%j9-#0pIJlyFMdYy%zU?=3hkh(xBEOXEuHM& zozj3_r}iI{?|b{}en=iW9s@A%@@dHVL<8{(`Pz0bCRtizkIV5F?5FcM*>DJ2I&;YN zyOI0}ED|E%bz96+DH;C!`(rqg7xG4HHH?!hG+81_ortY(T;jDnKj26(QyrrtuK$Jg zrTxaL#ra<#JMW=>`)D22}s zhpPkPdFr+)8s@vwS8q31nJJce-rI}m#p-*a32Hv>uF30v=!;GWq$Zi%@!`0Cz&U`M zn*;#GG>nBv`e+6UV;)W?KR3H{lJ}GZ-HkvLWEE*v9JiSO-NZmbo<%$W+CZbpI>kX= zy}2e)cedsqWIF!`GG72BFc(}rGxP+An(?;b<6}53r{M3v@j(sva3U58qN`k$#SInYYq4>fJjZ-Pxby)&Cn4u z9yizZ0yQO<@3fD4PvhF^boOC` zL6tYX=`R@&ht>lp`Jl>q;uFZQoN`=8LXP36ll@9%Ii&07 z>(#rO$tHD^ zVt=q*%!crn8Fk|6nyj#bVhm#m6=T>7roMBze7^KYDmIBrxG##w*tu1cixhSF&vB;? zbBb;CM@@~tY8fH>n!d4=4OmeVs@d_|?2>fcfyIdRR_=IcQ#_MwQs zrH&6!6!lE$g5@>`uy_AefwjCQ`Qp9)O_p=!*5O}>Hz$+AEG8p`Oip&^DuT58wT;Pk z1}W~y1-1R>t(%Hf%Ff`#&wo4M49M;1S-J(FjswOo~);sBZ(Ot=F-AP2$LcTR`XLE zpX%wC{!0;NdbRET{^4U|&n66IRb60r0oQ*Ig@>psMRowZv?uBM)5q@yz5!L+4) z2yEVac)~&5&!BE@MI-b0`x{p{(oeZ!;`0q^oY>}dlK33;|M9vS_4?RPP(-=`A4nzb z4kQ9Ew+A*P!nI6q0s)>`_8DbTikBT7*q_czK1LAeA8E`%&AHnmLYO-jW$ zaOR@nfq@&R&Rve3WW+%@t=}@hzt42jYfx5j$?{ZiwZRklci+XtFtYskwO2a}JnWfR zZ*(>WyaG+c==k{DgEl15D!iNYSAr>F2rRF~VL8HN9LKyn zgTY|BV0rRGGt&x^l7UmRv-Yoyu$8E9;V+*51aS#=kUh;vrHDZ~+Xt_+eNQFo=!1zx zA#m5#(@9X0XZ4P`^qqu8*w0Yd(rYzx8>uB!t7=_$cOn$odrR^Qi5g>4yr)C%SsTz! zQuk*h2P0JKCw#7*tn*oxtXo(!`$Ea{pLi@G12jYd_+r2g$~Chc$F5~wm5clUP7=wk zuGT(z?$S5y)yl(Hk_hCr@3S%alr9FYi&jjoZev0mPiFnuS*Mc$MkdXp7YpT>wV)j9 zVvtWf3PXVdr@!S276cM4_bXpdk)&hwB$AXk`4FVlkVApvsf6h+{;Z>@3&dz67{N#P9H4fD6Slt8N&56VvKNnJRfA|aYfeLJkt~Igw`(3 zQjBLW!o98O=L9RTZUUlR~sSrhMJS+uZ5;Bjcpgn!b&aJte`-a<13ALE5E4 zt$scC%u+%H)i(h#oTdjJsS8EI&)ktIichCn6yLu;74-Zs2LG)T2p_CD36fTz&A?B} zyHs{wjYE@G)LT>7$O|0Jqi9!lsKJ zNJ<@wiep4~sIq>1Q}4hVs+0`3}o*P+}!yJ8?@ezvL zU`=bYFG;MRX+miMCwqD%VXw#q=vlkC_g@M5xqS{j3_#zd12EaNAJ-tt16L7b2c7rc5{ zts#j()b+d3eF};Ktl;O@i9`i|0O2_PL+yrJ#-RFN`Vfekj_wXVnJd72@K0>6r>hM5 zLd;N_k>5;fGOTU&&wd;ou`S3Io~Ih0jEAhmVXe0R1|)xI!2kcf{3&qKiifV0bQon{ zQ+B$EBGF3XG1-+F5?qzH<;!4-;rAE&yD*sW0K2StfZv1OY5I6X#MVEL9zDx0T zfMSM@Sp2wgUgU2sdY2fagCShL(3ieG5Ad{TE1l}7xqoOtLIYrc#MP(IZ1ef>E>7Cj zWrmba|ez!FuVCC=7!+a0c>9>Dxu)y+ky{CG_YmRK+N z>dGHWOhJMod0P1myeCa3DoLmxw$+Kryf#Np&V)Zf-(Gi zR9~VK*w0Dd;5-g+v4N+XENxvR_Tj7T$M4X*P294Wu;jzS`^`0=OS42ayTj6tP6WzE zxpg!TVk$^byVw+l{xGFdLW*X%`AJM{m?BdAvV2&tx)Xfl61o=mAJSB|J@Cua;A7hBVkIZu~_!!EN(DZ0ZS4SuhNn2QR-h=b9byo3@%}YEts?E|)t1Wkl$XE|u6C8Z~(>IvsZL@#Lr1 z1K^o~$kPs}D%DhQAbXK&A1{$oN~JI+!=)=zBLo?d@aTwy4rC?I0NyZ;xQW&P;7wVI zcmJuSX~N#tH}Gur#DUw{+1T!G5 zIW(Bm@FK7HyLC%p=AyPqvVYswcMwQm@$gET!+jQw5*L?y342xEz=dRpr4ZYS_4zo- zfr<4zVd@+Ng{lP_FTt^Vw;s$4&YtI3FYxKlb&(S+i?sub)w;4F?8CP&nKE3_DYZ>WeX_>9$|NS@< zE2|P(wLqWHpUcZwcB3GY>+Hf%dsEB=#=}8NOKU>0AY)}jfKt4FlLLT&znk~bQZjIa z@RL!aI@I1{nTiEEmjazLY?j(_fCZ-KbxZ9k>N#tMG~$19I1h$SMf`_nsRrd*%`ICF zE`Ux~x#I+BL&-Tbb4mMpkGs+gc}xb)C#zaL#VJ3#kSJZhP1wi4z_8NB=trNOoh`{I zj}R+4fzaj%L;HFz_pw>l3N0Q7v=$>kj6}I#lWO%K3Jhk=w`@lvVdSbd+m6AUrS`nH z!GVk&qFw^z0DniGvK-YC9TkpSykl$)IS+8tvvX|Z;T%ydND3$}6LSWR)pMzO_R)TK z*Gvfun`&um@%g{K)i8&qHJDZ*ai#qIRwL&Y3YOO5{lE!c2|u1ln>i0_8=!|adql3; zN0H}0-jk8Z1a}igwuo>M{Dhe6$nA1l*%4h6S<%wMsO6Q`7>kdwOp-paq!o~Y((^)XolB^K#u$FQ0{jS8V^67kplM=G|TP2388p1Yfz>v zze(Qb>qUk3)6A9j7^y11E?Zzice!Y>gR0pX8E-sYwJ6+LJ|#RE<6vQ_c*v>KP`NXu zp;}|}{$azGklVgDK6F)a;t1cOXMTSEm!V`4+dC8P+SqF&a5!AXe_nIsz5m|J*!Y@V zqR;}>Ra>~WcsI4;y3ah-WLV4m*mC3S&J!W0hUpnA4r?@r^qAX*(Mp9JEvaRi1FI~D zZ)3H?VAq?GUDtA>b}JUGv26_Ri{rzZZkZ<&RD4uKn}6^VYMnF!x!hwh>7K)&E+GIg zgRkA78m(A}xeHuook8jp(dC{#Kjv>jR-Y&!q?9p1>lN#?qxBKI1zS(L->2`7v<@j7 z753}t>JAhsOup>#UfbJQipx#ii{m>7)Yhj;B)Tj8;CmqLhc`ilNyQ1pEmp?&^dgj- zW&r3iZkOqMCEEA*Kij43n_|fUy!`2lM!bQ|0nInnPR}z zSbf)qR?vC`8NNI#i|fkJS)f%Y)8FF%Sxa>7kH+Tj4IlucElA16T~Xezh9bcHXKYv} zY%9nPn{A~P^O*(Ta$w2p3;V!(82Bmo>i6sREp3=iFT<3iYiUg{@WYVl6zVV2!EV zew49BH+n`=Ib|FS$0$$Kwxpra#^$$~a6niR`TD|Z=r8$Tb4J5_qucI9?1*tvVcK}Y7N@qK=fBb zOjC6`(G zp5SM=Z~+`NfRIdh^1c6S3t_KQu!o0wlQd$6T&vhv{e*cbFasCTStpCthZyKWm3!3YvCnl`zlArw+TvbZ{N6M}`>FU3sb^bu-7w3Z9kSOuXg27c-3Fr9IQ?Vir$Ih@0#di@ zy!?If`8bFfOdN__B%wKHn`*Y_>5mt$K3SMN%2IiYohEJSY(#!^TC_SBJLJpsytiW! z##<7X3?ssDjNZv5PEsB4g~DN=1y+y0ALi$T;Vu-X*0y)U`b{d-sQ50zD&~jnBId#U zQ`hQKTE|X|kcxvWk{rffFJ$BNY4grI=Ami#x6Fs?S0w46 z=O*O2{ITWupIhUT*}PoVUxkVRscn|PJO4>mf@pf)ry(LD!gYLHQqb>8X_E5rNLWDH zK}eny^BA}-1EvFik) zF9ik6ZPrCaMXV&U5sIe$PJTr*pLg$8^b&rV5iGSITf!aFbki_0V)GhX_5G4|!uQIe z%8FLgJuy+i^Zu`Ih9W_2>S3B2{N`r?Pz6ZhjsExKF2gWKRCxPW}*xvTG)zQ4>xVn-BsIZmQ)v8XI-;k5LY@7Vi z2Oxn#$6MoojU8YxgUac&#g0@}L35afCsxErCxTv&P7~X>cOJbm-NvSxT1I$RAI}p* zUSw})cfQ-^oaa!=gk9r`J@kPGzkei+is#vPRZi#Z}uRusY` z#1kB-NCa+H!cH!Cgq09*`E%V1v-P}3arDJY`f+* zQqP$7Le%Nf8K2~no+tsc{`$zFO52zbmsz9p*`%KBjoPbepBo={BVlDG*gA&Fq@}Tk zh8^3{*8kRRkO5`f03iLe;^WIZfJ;VS7Ic+4M=Qo!RaM31OecxablQbBpb%UAm!~#M z)v`O%qoAt-rDcz-AqmtC<4n0v6ubx!x`35m8sQh>p@q#i&eQI{Mi?>ws;7-nHJV8y z=bF_=(9SVVUhFR^8uXaSuYz~jZFiqtDB#Nx-wXgm@{pJ^Fyr9{ixk%ILN8OVh`sVM zP9^*PsNSjqtOWh&o^22re~II884%0-Nf_lc;JEwN$x|d<59fISDxL0 z(E7X!l)OXGWkCmoc$y6e(FJQOLaB`%nLCY`*UvSo{R|sRO3WQOq+?2aouh~c-nxpKrrN9w{ zq@$x{%YVK>R@{B#*>IDx^A zze%RZI8sYe_2MQg2Sgjha@z0BmVb#=`b!-jTj~_qEbPmpq==NImrY>cRSba(!yvw?)6%;@Y(0eh6 z+3^=yk8aDcraLfecGCnEQyr6v6j7H9r6f;-iQ_5U){)^XGy3OAhwlN;-GE0zgq;{@K%Hdo}XlcOE7^>!8+WI-$_mMPJ8lJ1GtJ%s) ze4qjpSw3^Lg$7{d#LsyzXGLT?XnH9R{^RL(u}{k*$t2Gh?w-%8`#oWIrlv_*jrwto z_Fju=!8W!v=6dT?Ym7dwe|taWFxM$nOhB$*M8Q`U9b=|`6aSR;OtAN~B|f9Kp@lp% zg7+F>MdEwM{@@=%lZs9Av&^vtVl(kCdOPkkoGET{08F>_aPVl&<$$V!FEHAQ8n}+H zSb}iLyVke)GqSW%1jo^|i1lzcbH9@#+Z8Ip_!NL{Nd)8Whcf!N{Jc|TZn*yqt&Vv# z;@IsJUuNFIL-_CF-6*@)OFu8cI^m@xjX8C#u!e&!058ejObBFqZ7U=Z+k?Rltin?0B`v@d9(?1ZT#oi>i0zYbQ&{o6CL0j)qbK-YNV zQm_I_Tuowexu9t^>XKjvo@Xx;0uK*w2%raae#8;O$pKhs^O+^nRT6L_grPjIPS;|k zs_eL9I-S^?;eKKS+hHGdRO+OdnVAzkl*wf0RJg?m-J7# z9=IwX*&ENfR*CoEhg8)YdB#d=FfQq;p8HKV1(vx#8b!PHL}YLEeHO@8Dm!B9oB^kv zaQozWdWcNywBWjMC?OnZtW+X~mdSEPmPpC$!Oz92n|GwP(K&7yYPAMYP(6h9c65&9&p zTL==YzJ$!BTENYQ?~o!lk4mWq^ue7wXnPSX!^{G$lu zSUVGD=L@##qpy0tMXY!?i|X0%JDC|_)w@m<@$xEzyHmvgA@p2WuU}*oIFt-~_@y6B zmnn?@!5eUn`aZ?Qb0|#L8$g&LnO`MfTme+QAE(~@$qHsjN!P3Sn*#b1C71$_q)$zP|^7PK9*#&SjW;(Q~;QV5r` zXxW7yW+2WH-#N}VA}!<+dwAfA1QHnI$%l__Kqo_dmjG<+5ytM|F{y-L3w0!GOoi;m zM!l+#1l>0rzlG(Kr~qgOU0^L(1a%Fib^Q@>@qj+(w1NZ@43x4*1smY_Io483BmVI~ zC5j&K_FRy*xcQfU4%r1x0e<>{6!dNXYk>a^`}ff|9xGqEs2nN4Hl!Ht)97H|+xcS* z$H5tYM$GY62Rb(-28M+vlla@CCFuSE6{xg;ZR|o6;Pw2ICp*K^sF%Q;uo!b`+bIYV z>AY|pYG=U?&_lEMW5~M*a$Ado?BnN$#7o>!tV1!>-eyTCb$V$PsgEW8?&jYg^`jGN zbAf%~$Jf0ys9lbB&Hg>y0S1^UkD%wWGXI?Qx(w~vr1Jw0e}C^YCFfz1;|Cya4Q!x? z-<`LESSSIhK=8K; z9BL7VCM|Ivcfgsb!%&^+@Tq1{FDhp+LmR9JNdpR_C4nx2!(Sb0^gat{+NKJ^n>^v{ z05NUYk$dc_(7qPX;ac}P(rP>~Z$OvF&mQ|X2QU4)^y1ngwEC|kK<6TEx3Ukv^&bV$ z2z_Z4rVmNp3(z3&NqLqdCPX)$f)pm~`^ebFXG25WhxwfFqL~A^=d?Ndj0F0+IfBxr zzvj$|&jQ>3@={LrE3|8YNX>lc8ub#$YJ-8Hmyv;||EKG~1J&TT+F&KW%c4X3k&qeH zE0u+4$qE5`cmD*i8%Km3e*iqRt@-~ek+09;YTuX_LI9FSw@E$ zMB8sXUQfm|xVhb1))>BbiCgNxP!2!d+_(vjuSfvLOlfa}h%wCrO7CP@yLCO}A{Nyz zrcbZf=cFk36zs8O277H)AJCB3GD7bWF*@@(h2>``h-NhD%j=gn?T;ADh^PfRqV7+y z9{FudE?`>}^#)_Wk71B~Pk#lu+u~WTn)!^wvu&1vKWuz{@!}^0Kq;k{l|N>_ccrsg zJoXgrX5b{L83wsjTr-MdrV_(8?v*2`$jpU1#N9@ zt4f`D_q5(NQAHLOgtc_U7}~jg zmGoD#bMVTN=kKGtdsp%=_t6MTs0ahBd^QuJ|A=k;-Ja9plJClHQrMK*hF^3#`0k?@o{$=ep5>PZ ztk_Pqv9PeMxC3~*90w_sic;;#<267_9tN@NN1lKm0`fQKPo!Ei;9z#AbDdX*vURAJ zNT%=V0`W>*0|p!QmWK=f(1mcoG*h|l?X~#OrMeyVt-;JF1yETjrSdTSaE;%46Dby0 zGwSMgWi!usD3R06s-muUnfK%aa(2TTs$!VR*tob>j+JMP`0U*eZOQ(7j*@u!KEJJ7fD;qc{CFX1M$vfpJlT zRasdw70W&OF;J)FOGCT1c1Q37<29d8FW|GF<$Hb_v{J>nTdb8!zHC0s3wAfaBo{>O zDN#nWi-E4gz}?F@8|3Hlwm>hci{DP@=-7VXHJpDu9*BUgmB_Z=V4{}=&M6spVi&jb zzlp+@SnQN)?>zMM@z}17S)?ztFIs;JINl+T@_Y9EId=Va90N{KJ+=Ebm}!5Nb@_Hj zG`lAwHF{@IeD4d*bhXhuW8b<kp~WmUZ0 zvs1OwwSSEAamzNLk#_F3euPF7%(^4>Nqkw+l9u^CI*fw>Rwk^aTk>vmB3a9)^!-S4+PMC~Wy|(l%0TqIkZF9u0cI*e^AL*HFzfofRDS(5j;hD^M`-4Kuy^qR6 z7iUws)Bw@)8jNOf5r22}-{|~$b!FFpFxzuuFDvfi)NCv7Y}5;Sq&+?lAg%XgLPkBBXCOGtb?rZXMDz;j$fxuN=|=3=n&1VIu`s@8x{1@?mS< z9fn~qt^RovoH+~ekr7XLpwYTo#lD+7;U0(>=o0>e8M$9dI&4{-p2trHo`_UdupwM= zZ5FM(aRHhFlQ9f9yAi5-v-xmi3!NNDUz5g*-&D-cw&LVMh3#8KY0y;wAkwI(+h3rH zAV;n_e`DkKS0xO}dSe@fRWsPz``a z%l5Wya}xWsF&NRk`zQ`2LbX4@K)9fv@=vne8CfDxdB=^S!S;sUu)D3sYQj}_A6CqU z$I!d3k=x_LEqy5;DP+hT3AI;PzqgENm7DgGIsP*nNqysDGvG$qhO2BX@7AQ* z?sZ8Zkg#siJB&Lyo;z9dvnuPJ8jBk_qyxRfRD2G)6~3-bY3AF~bTl9j>HadIe`HA+ z(A1QWTdTYwwBwA+COl~slvOR2XJ|ljj$d?)dMPl4ir}Y|dmt(2bgm`~9aG!csymt&p zk4iPE)Mu-0S1M5~2N3FJjP2JOHTgI8k)DXm!dinR*waq!81-n+!ni9l=SLy4SnYwWE2*~U|-#8Pg^42 zD*kUga09pVAz=@qRL02N;Y4VjQnWjfpq}Z*l22orz}fyKIADT44p6+++V>l-9G(UZ zb^V8BSw<3lwf7d>o3xj`3>+OlelIji^7KK>aNOFpSP~f)iw2y=<+3gF8taAiirYT; zwG7BTm_hX6u=0Vk1xVC_s2FVDnAaxqiV3o^rCdD~&?o4n+!AEt^%8x+UYgSZE7nkdt7T(jE{jkxKgH1zb=qOaOQcYJ)E~KRz*pcypBM^ z_RgC^t?crb+j$z{C?PW)|J3>Uc~(^TYg3QF0y*Ds`cbvrcQVgYq3NpRm*_fPFWyd$|Z^6^=WY-_Rc;?`s_yrK-@>ywfe#N|5^dYk*R9VOv0GzPt;K=-G!8(uyPj!o$^^2Iy zXjovzRKc!Vuky#e6=ot|b+G$yX~kD!WbW%4El*|VxvSXS>^JqY3mUE2VqlvtOuPS` zcK=73zFVtQ7TB%MY=d6=#|W_vF59^;sAr&JU*`S%^L(~g;rfVx8NZHyNasChTp-wO zH1Eh%ZQxD9`n^`>ts?I*K3tG$rz+SHB|@A6I7h2>^&VTabV$@S8tT+okDNNWZ|J*n>V zJqnk-H$zs&Pl$ImDs|6GoANXIpPB2C1OD&(HizYi|Kt2V%noGeMO*l8yvFxxLk5F~ zK&BR$M*!@yH^I{I5R|8&IxVKj=tlQkn}KKU_7oe$M2HcUb`#{#gI2%6QHG91D7~Mo4sE z;ML%VrEIa>D&2;cv!13pz023aQ-+(gzKNaz8f(6(c=XU+33uGRAFa%K_pcQB?2&(* zCX^P`;}@!ElXqoId4;`N;imF+S1>=bOM+rm@f(qkc_J`-=rOfLMCW4UU< zvhOJ9`nc}I%)yHQ?~7o$g0A1xO&F8Ab=G8;k-V!X`%6b{rdZ5O34E1h_R)2 zdBFDzXhb&)9~FZlNI~RMg%wu%v*4`5A_FTn(=HXeEa`@;4(m6OA1b$0oWRv< zP{H_Il?|5<-vOP57jpjV-EZ403XCunpvmwy%w#54)BkH>PEO8XgSPf|!~8~pj!s*n z?@m&$1%?r6E8l0A?Cl8dcvtEvG1OAi6<5|t)0qr2Z&lIr13mY|_NHF!OlP&R!LM{T z!<3J4fhvu6wJpSL=F@ZaOj+Apyuzr_ebDkV=t&)J^7tl-4>bDtCSlJZFajq9NtXyN zJ{sD&Yq^A5KQiXKn0c|>VzD~*F#;skNIm?K~!obsddca*+SDY7n3g^>4%X{OU*+0P0h zI84Oq2K{Qc2CtN&F=>259aYD65YSM}(Z(D#(7$cQz{CGP-@O#lV zU!Sc`VHpkfU8B1lr#`biCVC{CQkf4-bz1Ed4W`VSdAU|_o++YUTO8H_H499J!XPaZ z4i~~fH10Z5!BhZjfmlWMvu6Q?s8RyxsFE=4d%YiLEl{POuXvm?LKgmxv4XqLPr%z4 zNP~0gKbH^|t+%iF3SG3~^-Er8P8{Z57N#0jtO{8GfZ3o7YB294yAH3`uI!9P5jEe1 z#_%s9RxC+Sqr$(?S9_H^y(M=&J=fSjWn{lZoVY3~U(B;*?x7@opi$G_+b^mxC=A4j zV2_3YXgCz?vfMZZm7(9K{wd-q;TwtKUy8qKF!nric((Nm{GzMFzSZ-qK1uE?LbuWD z4Oz;qYPQ`T^-~xDIsGa}S}wtl(6sX#7Er4m95Zr|VBkZ?PSACzRN8f$tlfD%`Sj^i zo3oK$=)igBeeuwF=SMcj0=mBarcG32I%-(>Mr4bGSe+^A94I!cpHRGf$Uo0 zI6SU8-u^S~RlKbSuS1^N1bNbrhn~|R#JN{k90$toXPZ~r^CIJ1=$|PCV2x6Vj$rl# zbT$rjIui}VX9m1wh{PQkbr#odx_wS(Uy{n+D)f^0Ox{V`Uj3mL$}e^$`){KsUVmQt z$_#x+AUFxpx#MLd^G!DQps2oSmDt^s0=ID8d^V9n+#Wg0fVUMcSk42d?dSnb`)mA-X%W-ru3q`EpN;xvp+( zN_{XCzrU8|211XU7~X}WPOkzGa^{~Dm1b~F9RHb$3z1Z)5ohtrO>)=T?ZKjxsp2*T z7sBD9g?zP?2TXAt$VNrzf7S=%L15h+nzr4n$T_$O>Hpl;0XmT&{d)$|KwIhUyYEaX zg=?*2gWu~C<0l6s?I7%&OMEM(UKBZQb0;sjwc1KsP9c}_*(Wzd$wDXjrYUrIH#v=n~N@J`uE(5*x4 zBA^lv`I!R=<^W7H7y5BV_~+EYS0%dPvl~~1XB4G-7hQLqQ!38U822(a$q=yk(?2k3 z5v+gQc988QgG6BI_X)e8lIV+{vvFYq;0-umu;meOzDKr)fCDGPb6x#@^t|TsBxXdP zwDrqlfa44oE5OICtU*g)L;wwz0PxSj}jS&%g z-dy7qDx+dAEXEU+=y1@&P{A+#`Z@ELK^a5Ty;K|@gwCcQQ9ZN1t44E#{xc)JKixdN zvIW;KUI1GZSV4y`*pVQg|1CI@emVI5KrB>NzSRf3maeM!V1oWo>?uK9O2>pk7{N*_6Bv@%HS6jmhZWBIWq}u5HanH;~ep$Zd70At4(B z|7jNX(mb*SN`en)v*OF-s62GU_uAUFP^}XG2oc*}&?T5(pL#J~=5qAzihYuiPrXap zg3mOo+{P?XA~Rm5lb1UiIiv;rEQph@BGLJ2XW+c)B93nUN$41nfA=3BIl)!pCN4O` z=I80IuWy7i6Nf&R$k{<~UIBZiKop+>xO}j=?&rHg_<0F*K|J2Rz2yR(u>D?d!|GFl zLoIEg3B%49{G*HHV#iKQB|Bx;!gfnyLf7}X6Q73#_VH|uLoK9BeUEh*TrUqwU|pQ*Y)@JvBI#0cY9U%7LwzUa>n6WXuesg z-lC+Sr%%cZ@lKXE8NkR^pxfHB@dw6=V{f;`{Coco@+%INCyE3&k}ln>zgYc7V4y>7 zP4Vt+_aX#u32}iPwRz8kNt3xl8A_e8RqHlt9I z0SDiCK^nPg$*I|{5O6Heo$!96l9#WH+~Kdloj!DnIEfzJ#`Hh5qLC8oUM#J0FmMyl z4Y}hxh-qCd!QWR1elw70b{dnF)yxYBMiH<*BMw1n8TZptX=>4A!ZtlLdm|UdJY=CO^^n52pohV9co|OMUHtovtic6> z;F_IhPRBdq=U`Fae&3Umr8mAVr~NJrT|FgLzdNEaQ5kbRThOqK&oKIr26<0acoKEQWlzs zx@oztDQvw;Tx6|bKA4H5D#AClR`}uGnCzm9&QwEnAaq62_az*@5fml#BhVfvu80Yl zbZ;{FqkK)kY@2((ocrOgAklX*I}hJ84(%;*Y!BLag~vVFLmH`IpEq$ujS~lp8Y`xt zcml5JN)N|dSbpK+k}dnMQpRsU3%>lvf`6I7@-#J>FN2K+_>jwfQ0gAfCR z&#wnRlMNhghwHGuq;%s&=aebkEs%hutWEbk7Lu|jka8O=>-_I4JDQ%_0f^4KEh5+Y{h>Zd?V1YpJP} z|NFYCZy{ifex{WAdO)Zwg`@92RX0&DA>xfLeJSHEc^2L61_WBsQHG-N$(T+hy5;qL zDKn}VTofKgyWl2v;$WTMpmoy!-`07}S+`>8jUJ~L+zQ3hE60kvjc8H~hlF3w0b<+^ zZ|v`@zykyEZ3bvU6YZI$fOp-Bt-GcGP~CT<*jmorYx<%AcA-NSRn)O2$d}gb;TEH* zB{!+1x-OV@99oLA`*G@}C1P+N6?oZn3Y=7quvc~};E!1bz~kZQt3rprg0yQ3O2{I_ z{jWtYGxhk{vPn(_N<$`i>i`G_$pIsdrTX~G41kMD;PNb-lWFI@NS|(2bLFF9^tBzt z*U_|KRPe2_r-?HaL~U0EmHD@TR|~CSMcddHcHB`Tx2QZ7T{U$7ITlzBY|eO{;RPLd zYkXpg^T4mA-#Dp*Kb*-2ZbCm@BXIB=$SMPs@OO9nIo>8>4BX1>`r2h$arIsu_=nnc zTYwkoMYzB}v;-NX|6L#5Jz#DRG$?g#A(a+SylbmDqS64W5+dEUqRyHASHS zC9iJzb>vP~31=*}?x*%YR2LSaA{T!-rki=7-cU%rm;O)c4b~rj5t15Jb+?_XnqXcIa;`*EuTt3)Ln6DRhYUs_ z9z*5?tUVYA^KM=u6g=k0zCTP@+6IRk{gNzFjo?xrAVi8@iaJiH1)DqK;BFItTi#<= zgZ}S_Mv&Po^s61Y-SXs>bTcnHJ6JwGSnNghndobSz?-Y%OrAt~)SMHjhEwv(U~T>5 z5RE3eXjz%X%EG&w^&CX^9m%1$MuPKOmzKb}A^!(+lxFx|5#mSQn|?F&HFWO)R2k>Q0h6NA*hMw@Pm(~#s5Z+w%{ z>hhRjX`Ql6fW!|791QB^KPf@~Ec<+ElL50W`ZspTL-^|6E6u}nzOytbH_$%xAj54gNLimd?(TRRNsd&xol?voRw&RgLk<557Kb&a}{7 z{Sy^zDVOcbtl-s#&S4iAsr@Lk!kzODBnS^aynsA-Q<|DEo0BnpufjNe!`WSCf89~ zV@IpG$M7#+-M)_k{Rt*ci*>)UFjqUR>g99TTx(V=J9}4nxr{2;=56!IYo*&w z^}PMrPRp4)`R(2Q4&bheYtUJY33&rS)cnROF8 zzEsh^E?p`1Gw)nG`uc~$yB?ZoX5LpCFV><5HP%xCHKvSZGQe4=k2Cn>1IE@L2CKpj z8aK;r4{gn6i4K-YYXQO^iD$DUzHNnO5<7IY~0gthWx zxa*QZ_WAs-+ZHE|{Y)B3V0eHJUIguVh3JrVkyDoy%5y%gYeJ3s%#W2jhk_j~zKAUK z|FIjJ&rOUEo=T1p8(wS>-v2CU%<#PG9D`OdDhXvYwgp>q~y0t+0 zR$I!%*1ddv_NOG6Anx@Tc<|>}I)XOUbrq1!$(SinSBLREhjaQj3J7S(V$Q;h{Z!1d z5NCyxGKrlnHe7g8GxuSV`oi#4s~$b(k!)2$y_!wZdod42%qxx-AuXFOH(t0P$mLBO3&^)CbI4hOWqU0B2( z8a4Xnw2~$wmzC$Tj$J4a>uk?$Aj#CGaCoCo;#$F#NZgcNonX&b&_$9BwsudI3^+ zIUMD?65^7y?{!o=QFS#p8~}4W-_icOW+oTZlRCM_po65xFr%HUN!v>9e^S%>rkRhf z9kX3kr_YKrxPTm&G-x27*&1F%JHE5yhE=kBDmu$gRg~g9*W0xYTV0t>R%4Wdu63@B zgQTsRbBbz%lEdojm|zR1>zx#poGeJ}SIkE+ZALoJ4hVk02YNex6i=E2)VPu5P2pXE z_62h-8Z&RFPc=~;NDv&mF3{(cjjoLoT5V4(O&YL&c4IDPCQdVphe;uf7Pcc;bU7`Q z^ar5AOq%7iKXihxO?V}+)Na#e#(fXA3}oKDe7z@y5Qgu5>TXfqCLTv-18SRj07Twm z_56PGTmc0he&uz*a)PSL96KgCO$Auaq57GXuB$I*ri}Ns_zi;nIR$M(@lG{P{H;yS zE{cJT)r+_5!{1J+yglf2M`Kl6lCD@nUTJ}jV-xeKeE~8{FieJcQ1`k!G#0y}e^{aSgv*6Sv({G{-9a7$ zr7u7AdStu}BqCu66#q1DyW;y(F;}cUeDNjRFe~1O;IO>MJv%o;b8#U!%*slY0Ks98 zP6x1*z_b^h4h!h{$K3aayMYTC2uw4NlKt%8T&cpGgLe7Wx-goEX%NpX?P`5otVTXn zY{3&-Zs46-9tahDYQh4D zOZ@OK*P9WxspIroj>aJu_1ib$;X$0`^l80od@iOnY0wdN%r^=_{Il{(SQ9joPQY-F z{?Ehx?z-}e^3V8vx3%DtFMqI~dv7&3{KvS3B-v#FE91&9HCN86#QV^oUiK}05t9}` zmoqc&O$>-$Qs=_(zn%!fZaL@ZM}so91Ta)K1+ans2F=pHqxWNtP|x5Q;TWkTqyD~* z9@*D~sI1fD2ELja{?7chI?D~|_a=kGk=iKGTs}=p-Eb3XoYPz)hDt$K<+W`?*o)VH z7E+v$&#VED4}yzhF}$j90sOhUtFJITng^H^k)jgvOE~ddO9u5lMkRe82Ey_hUZ4IN zgn)<5af!R*qgNYvlbvUNXiB;`Rv1})>q};JmuJBzJaz*KDJx+s#$OWGoVD-Ohp#s& z+1AcI_Z%BuN+yO}*04~xf!3)koW>BPs*CiJG=eCEr2m6Jv-EIQL z>0!|ErCx#--<_4qXRRYa%jA83{>bzZlfI8)UcD(dm46n_e~$NmYiX ziNfHU`^Y981sN_-?U;D^Q}GFdju8$)_9!8B0dfraSuFP8Aw8E2vwpSrx*hTM?CPp* z)RB}M%XGRL;~Uqk$23EmXe%OGjnqme?NL7*a&bh>13g&3@gqBO2A#Qw(-~pNZ3nP= z*R=8WwLGXX(ZMY@LmD6mWsT!l+(59hK$LyAUcy%ZSGgCEEiFl~2hOT+(*B^`eW1Yc z(go8FKaZJg83m6a-_j^igS})7To)0-#O5zRuQd66&zIAUbkJ!oDOoH2L?kc_{g}0P zmsK0Mhuu-qs$=ErT84axY;q-_WE}i>N1gORALGAgS6w;^;N*y1l)*ue1X?8BWCEt59WKNq;ny>Ky0q^=i*=+&YruH5EiT(3ssKdt-BI zj|zQ22Wh9t2ob?C0x(y%v?Siat}H=?zpJyO%f4LKbx-$qBOO=*zigd(-n`d7f!L@ZOU$W2hyG4%;HX5I)od<8RGlR7+YAlEgbdV#GY%~G4dBW zd<{C%)6<)S9n;dKl$CvzDQC#|kSwo-^xArUSDJ}h{h_3CU_)Ed~k)+k+&EVet^Mw;z4z8DjC?`4cZMqI>?lBP;?Kf9M@D z8(Yqti|=&}wMm(y2QQpoHVD_v5t^5*5}|h=_u9woL_ejBBXXJt9rq)@R`?4%WVXbP zp{hhd{#+TC6E_23F8ILfQ}#q>IaQcZ6|5fD>yTZCR!wPRZB$yJp;_UKsEX*paCx(9oQ6{A3Jc#DI+NP7Ki-v(Z-b@e}VxLvm1-<7@!36n&73}!gSekBmJxrf!9$@wO>BBij znTEwUB8_kK|3RdkuLx82d3d4ALB4IwsAtTn5?%2)g#^2ouzmXHO!8E>xy#AI{BZ8_f%jQ!*`;^!Bv^l1Jwz*5p=&;6SA_dYX-AJ7(Z|GXy2wgtKpRW-DYd*)j_O0U zk5;{zx|eF#cEw>~d?d%;Sm*6&CW@>&!>tYpC&u@v zS0~jHQj?xu3sWdFv6XD|-4ID!dT(RR$KlLXkSvA7n?h1VZw3DcywWB)08kne-u znSAKB2&=<{rnGV1eDYkpyQwDk_&L!OJlExP#IT*Mk@kTC~c?Z+4 zYF)pz(d(h$Y2;h#k5kJJ;;_Z7lk*Oh`u{!hAu)<1g``p?kErHX zLX#X^G3^K-8VvJ}+5Q(lx&Qpnm9tvW!$;o!dM0spGE_*dI9)6Ls+N!g`_fgd zqCR|g#?3#XlxfM`9G$o~;M;{O{(#I4vL5PiK7+t~lSN~T+C|ps9zp(!2eWRKmw)?* zAPljI$pt)hsz2sM=&})8sW$flng^}hY|8ku|B4tH=-Hr1)8vxNiL^4UR||{lM{-xf z9C}{XDb#4q!$yMA1DrYM8@IU5PVRgci`-JZ#vzZN z;B*l6pyCvbGZHWwUi&2{(4RkO-LX!10!Z>!fUr^Vr+Xk@MU))mrFa|!^wA>y#(r=m z21)m?Fo{R#;RScLl6Mst>Ra1V*;IV~{K8x70w*A|_-Y7p(YGP;RGmimbO#hrtTf#o(tLxEKKisbeVLE_Tp}l;U;c!lc%64{EpeemoLb&fRUG;0K zb<7^6A<(M}By7O+NiiSn^&<2%zj@;`YUI5 z9(@DJpWd`KR=$CcWc_545Rg_Fl`&uJbgr@Vgof>57WYrpa#Nj4ysHOB_YP(4R03cn z`p*DZa5QEm->qP8atbs2<6mSvly7W^(-`mfr^h}fJQTI5SqQV=k)K*~`?GY-%U1!N z^@(+u*kLJYKn_wsfjj*WYu*bW?&-k5TR2_*JStz9l0%ak$~MoVv{DV^&gzOTzw)M? zU;8>%@5{2?3y?7K5C(AQ8BF1wVg_6nv^78MJ1QtN%<_|5z5%j|`oi_?v^b=M3h^x@ z=hV!>0yc`QQCKf?;}`b4(Z%Y_3PUC_;Yc&Xj*tle*TzNY$oTzz3trG11Fmi*nm&Z8 z?4r8B6V+op*ji$kp@5ssMx)=a`R0IS)7JQ43yJzLYl+V25vJ%DHGK zBSovsx5#t7IG_!OZdVzP2NdL%L5F_m^G8&BfH_5qKlX%+D||rL{arrfMT7!`KqoSq zT}lFfdX?;FoW|MPb!0IN*ehVQrWHmxVK4mWv z7{azE{4Lg9MQUe`)1vl+OZ7kmtbmN z|74}d5#;W<-PrF(3(4%U$ps^#WcI5&*0Tr81No79X^G$QzcvXkZn8~!ww?42WrqZQ zV^qSh48J;?HU3Q!;RjU2?Za?Dr{+^wkr+*geSR7afqx&Xk`7O;Oela>e7OHK;{g2B z!84#H-!29{`>Raw!ViFBO6|m+rN7@q@$N|y z&azJ?W{6VeXe{*acb;}%;?_<@cioqQ4i6QW7#d0ORKk!6#b&+S`L(mK)*T0+M+liA zLa_WVX2^&4oPUHPjJ`KGBu?YFeJlwJ(oxZ`g=&HD+uZ?1md&}N%PKor^d#P0D0#sm zF&xE)6(|%usD6B(T06Lm0(oz@IBgHk3ZtB-S_!z{cg}ot*r|{r%YTq_Qp{!j_GpVk zw_b+=JB)*Ggz{v|OMEt!i0FH^aMDdOY;BB*jrFkTEme(i{Q|RAq`|vhH2!~MxU^^p zQ=q45OSXzwSetW6e{TLjs#VVNNRrikAJ1U{Q{3b-e;-{g-DN99D`3ILwcAoi7=D^# z`v>*zX^ZLe%J-|jZCt=hOUQQYaBFF9!8jI4G6%r)R7Z(O)@BrI-a=v<9kvZs6_CK9y44h!9Guno+p(agleBdUE>#` zXTh}%5DR&~Zo{Y_+Hs);};HYaT{yzfwLouMqp`juM@ihHnOOzoeChhsh^ zc=`MLw|~lpv%Rxi5cJ@BxQc(o7(|h|)nSPU>w^l|!42XwaoaElTF_dkGS^6=h|9tjdY;aBjuIYjPTBGE91K z<>B+fqvQ5$t*r|Ik_L7iNsGQ!KiDenP@YmGgl`H6Ue1V$Vrq)eK%v4{KF7vZIdLx4 z#%T~5S?%b`wL}o#Y@?K(#Cd38dO>{G9wfv0v$gSLSB{DPXiM8kD}}ezH3cbx2C{VY zO`3cHGg&+JW87qKF#lXxvaHQiN*;sY8Ly6ftNpkoHlSu_o%2I@opjpQ%Rf^$T|B)$J8iEd6vt%t z+Z|V<{A;#1IU>{r`U%KRVtJ_k7*&o5nh6+njsc<@wAP9q^eF|55KAF$^Bn`d&#LzFU z+zXgwqQ6OEggF+Pt=7w+UK3@O)BA;-xukzEw01#KYJ1k3)4EE$+FR{iobUA``v;baVMRzh(WdkXF`qBhBt>OzkCQ!LNVzbuRYi+#BmQXR_)2FC07(Q zl9s$?7nHtIa*=K?mbeoBxXbiHvd-LziDk#7%F;25nSC|=jUu)`ED+yvjB&s34%Z3; zhnCUx-viR`wNlaZ#H{-eSOVpNqb^IaltlPY_QXEgL@Do zlxQ^Y^kno9d$};eWDGqD@(hBi0)kosOPW@{+TU_xR+XMCHKtHZH6}E+zva}mHFesPg=FudO%(JKn~muk?E-7ekJa8Z9UE%i~Jn{y&R1ivg8V z-6a@}9@wBj!57XrSmUK$w|Zs#@%tcLxA)&4y1@hxNw1!=G6;fHoT@DFzlS~+{_sy< zEH(2UyplQja>$~yy?5qd^x#CR-sBeSeA9%1+PTk3><4uLqt@zgWt<1fulN;T+lbW?NTBCUyoRTJwy70oG;jJDM%=f%e{pFSm6OZ}VD^bq9F!#sKwQ^)POjU}~8 zg7<8yPzl+!Ae)KX`Nlt)$C#K$w6hdb(aFPl+W#mSizke{_M!&k6L8MFxA{(yGjN^7 z>*(m15`z=M(PM&j%%wfgQkN;pjsp7ZY)(06Tm78!`%7hoi&3bi6S9vAe;#yP`9YCv zHi)fDsawA;-z+EJI``NAUW+cg3%z<9S7JCda~O^fo74qzQK`)GM35DaA^RO}3s=ZS_c8PA>0ADoVTLfU9QTM{zK z!9?m*4kzQV+4%U2jj2e~;J08d13gV!s1sY-ZMX={NhlPMA@LR+MquUbebrD_!KAY1 zw0O7KU(ZU;A;a;OF4ZgC$L%)3HlT>%!(I_at#5fL+KzBedxe)Y{JFK%{W8076%2lH zg?@wSl2FcjIP^l)WzIebb8g*h4{oF%Dea7_U2kVSlrU}c>*8EL3I2J;K;A7?KJ4bO zVmz*If5#8FL+5q|OB@sX0dNNWidO}}*UMr%Ih6&x(JwwyeRrFRJh4BwFSVfSn623S z&GF^HGKCj1gQ3)(hv)W%)jWe>E5#slI7f{mgd#Os;r!v3s(+V%n)1)^uvbCO(C_xe zz9q{F0xQc6+Va5@86qczG+N;}qoMwpp0~;Jy3{WsfjQjqOg>k!1qDL_zgik78dO!M zvP^z>xISbaF-Z2(L0k)VngrSw=k4^1=9@FkY;)6M`RB(+${8=b&%aR0&tKd(@8xy)HtNaV7 z$5w=_nCJ5sMtyr0bxRM~+-U+98QHCJwV0oO%Uws{;df3s3YMex`}sI6P$`u9)3FQY zZP%j@`n);4?bi`M!luzZVgB&qrJU@@&ul%!P3Oz`_aWVCh-imMCq)e&8lNKj*L)Jd ze0r9HM2he(yx`Fkeg{KP!S;z+GjDtqS~@G2Cd2tQbfr4r+49)}bzVUu0sE}%sO(Ff z0vjJL>X!ChkuyIDIWr*JjKYYhZLg`~Q`i>H8KB9P!%%RD?NsiRT21kCwUAX1f^Grj zqAsW0gdRAY=R-y(u1~buA$L@In)uyoUyPVbHKJ{?t0~CeU|$m2(es{pMz%wUA~Qa8 zN4#h}f=Es=0mfaKmI52r?sDO+2<7y|iml6`-S<^zTj^-lz4$7-l+cv^C9Q1VIg}Tb zc1Os{(yF?0Z>>Eug(Dp~G{xA#dOs21+qb>mWCS;+9GA9t0MJf=@6h=%>*jZj-EjB9 zy-6zsR($w#dqsB9h^rqa|MlkN)hS?=Z=GXC@BU+wKS&O+?oNZ^hS9P`)sq1qrGVIg z0<8noo=tUs2V)$b&$JDqJWygY#^V~ya&+_oKZKJ1m<&|hquz^mfMD9Fd2RAzbXhXF zbQxrHCkyQ73pb*C6(%N_T|^;tD=BMX-j0PeI$1#U(Cr8ovh3REqnLq4da;n25J9R;`eA=JFacGvA~#*I8y)Ye5C~Bv-Z_Wp<>N^zLUZPfd`Id;VZ_?W9C-lISto}5`+S_ z?1>A<5&8~RF*2^|D;78pG%SwIB=+xt! zRp4@QR%wKv>#cs=Fm_Aoo9`C>glvdz`S=Tlk08pMcc|}?GAQ1}&U^h>d>(u>#L@aY zq^W(YwV`n!o|km#IZ87qN*-MY@?A z7g4nq3>KNpVzgk zao1DPwO@kyCYa=MML|_07zFhfiYs(==SDPi!GTz8R0dc@k1>VkAGe8Q>v=LE$S5yn zbko`fBVB7c6>NwaL-ll!RtOud);Bdu)_p}?{5ex~;5AB;>)vQNbyvMlsZWXImQ9sw zApNl)`T{N=zMP6yNK!~_p)PRLksJ4p4tpT$c>nA7+!?O_teHf_<_N8iOCKG?yC&bb z){{p3-sX1oPXaytO-~hp!s{#>r3(1^PcZYj2kw!EBkZTgxw}tdGV=`}(eJ=B8(TRe z$j`eZd)y^S-B#sN5T=VGV;mCu9DUTNaR*h7Mw^bB%yi8@7x^GB$o;N)7q*joxh>R$ zlVZ~Nlee7F$%7n5%}Cavq`dartF`F3m9M$2^laFfti_ftbN3v22iAhK%I!%GU+|f{ z=pgpXy&#Wz>EWg;H4qT1v^7lZ8$#N7N5KSce{C)yDevQ=AAaR!qGb@mK=TkYeH*PB z>Z0Mb-sGJ+@1M!`b9$xhujnkhq$iX8O8I^C{i+eU03((r!r}bPS5tX!)wWfLa_hIpyQQ9 zTU=X_-|9wOFufheLK(EDNKS7k|C@g^IN?1P7-=k~f?#U`lxyP6EtXfBYEm>x=wC}= zy9z1KN0mEaYm`Zs>&;3C&;8=0PWHyeU^Ta_-;^WX?oGcV=EB>s^^V zb*M?J$i3-i(U}X|Aq2M2IJ7O4HMwL9XIM{HMS!fCgQOadUS*Niobim$>3I$vuM0D} zrJn9$Yu&jjCCt>j!>>xVxS^Wu>e^Rd%!n)9{YJVd^^96`Vq6v?E(I1J`0E={@Lx27 zyjW%jMAN0m5p!(s2}!@3M)qV3KhGrDqNE+y47~@|?Yi}cTYkNH?dz=qm#NPl{P6Bx zMt(ZexT7^D&cUio>0L@|Qk&2x{*jE*Gc|cOF|cDO)!Xw~w7f@lYtU@x+0$D{iA_EN zgOXmgni#CQYW4opDXr>kk*oGI@gh?bwu#@@EKGY}EYA83s%Yk&{oC1(U?M)m`^3}T zB1hH71());x#0%i#}1)4_tT-BVgn98fxoV{+xrY93{xpd<>v(`NN!hFRnIEC#NuQO zqGupwQ7uAS@=Odd%efo66tIpvkA9?ewq%IF?weD=M3m`HOp10CcO-cE$zA2Yfo0s*}RxBZ}DJ5&ixBjY+|`(e3F%&W>HFzw!%sw?jXR zTl^N1Q%OSV&7a6$4^{~xNq3awYr{VC&UMN04GqTdjfWjeS-v5TyHh6d2tFjw9Wi-c zLX{xGY0Nj`zrTwO=Y}K7A$FYSNgCSL0o=O`{2&=+<%8G{a)tYqTG>t`nF9NR=BoN? zxnygldGH=z+?EJQ{uChKIGAGDJwUtbc!uce6?E&-Fozo<&b1$|aNZN$GUY-g0-KC+ z50|{THgBu}L?DSX$c>%Ut3`_mj zHy%vtb^OK@A-U0u;o;Bjb3U7qfkgn8++X8r|F%orR7`0|%11hp{emYX(T70?)w{`zRHH zFa?X!#1gUNKkL7J-dyzC$fEnl+5fxfW(a$5i*yQh2Jcte+!=iE{N#MVC)nL9B;^%z zZjuf1w1}Jd>qCa#Qf>KOvL77!mr`}-zYqn!z%X3yw410)cCJdW>sqDZo_NE$FYp`x zcC2+K8Z|cZ*ub>)W|??}zU3SF;iaTM>$vm;B}#E3ef&rNLNfF&RrH=%>DT?sapMdC z%EJ362BPWR{&sZIx+bWk;;4VtO8jr zH-0}}>^sWE0Xl`^`3{HYmtN*J7L32H(^>9Iw)d>=iD1^&q(2(xC>X^jP=YX3=c5=l zH-|?$m~8bG3xHJIy4Q<`0g9l(8E?i^dK;kbBnA=VM$8W zM>+PUms!4}7qE~$pLO@vOIq!K5)~-Jd%?jYpD_p4#U@lCX=5$pAH;;>_9gtysvqbf z=VhE3HtF?f;wao|XLyqg(55Og^X7J@j&r5hA|zEg^*2?)T9P%l)KYe3j!kLa@SEhp z2sX%bz;3z8_Nw5Xgs%KI^IW~nL~<5uD^(lyEeK8vTU(2|Xg)q=@tdYj8ASz~O>pCA zA#YBOW?vth-&Ye*M$gNHSitehOt63}1&)q#!g)5jitbcQb!H7KR@|$$`7jPst z_TXr9ssKEm*)l+_wyJ*LoF&~}yfv!DCJlOzj`)>jmwQBsi$5O+S_~8Qx2PnWE_raL zTS&@V^`>`BO}l33e0%%qdFX1o(?aL%+y}RaO18T~p!6vej4_lhnryX{ozt>0Q`y#KwNwHHBEks-W zVAp)br-{Y$?aPpmZFbW#Wqh=q^_t)O(im}KSz@>|W5E1-NU$XuwvPc~B)OOiOv-sdms?lGPzkr!q}n(7Cak6>0-a1X9UI*kV;(c^(iaA3?rj8? zx&|)&wIRI3DnbN{~}ngv@H+0;3g#@z6E9151%*3Mn^Uf`1;rEU;F;x5T1D&lkoX? z?Zq2ui@)SsFxlu&pYPJ))K<|M>D+mk?=%olTLEzX=?RqwYYFW)Ad zaCY(J*nKE{Z%og04H(b}zUL5iNi*oU{5pFRFzMX{tQUAbIAWJahJ*L^KyW+oXyA1v zNz!E%8jL?9){@-LAr)W-T%BGyIJoCc zZ;&q3VoyaYtZ7PL(uczKC(h74xQB=v6Qqxux=pk%>2c%_L0j?2h%hQY?=ELT8(D@} z3fsb%Zy_V)5U&5Sl7P?bZmPB z@L_OJ$i86F959Czq$w>%1^a<@9Pafl|0o8ma^~sGEX)0NAkZ9?-gxoNWEe6rvkTib+>9WrpyqBf1!23+E<;A{j7T zM7xKaa{hr`D%#0$eAp^A#H)ErSuTU^TKPQU_!oA52Ohgx_7nacV^Efllo_z8^9kw2 zICb0U=FEq`+GFT$iM(ai!j%tb$n92Ga}LNii7>)JA|c7La1jztOQEO)#Pw7MED^Kp z$rDhSAfHQfrcpuh+w1qvXD(p}EsKyOpT59R8x^pKZ1n$Ytd+OmHWhu1J8ro4YwTXo zXsbeNj{nGVkjA&$U!Q7RLI#_(o3N{us!yvP`?a8gugg1JJ|R0V5J#@fI$&Ewafc-CQ3wUstIrm(d{rk$N+T{$Ba z?T?w^n@FVx1It-JoMh29zW6IK%xx`HiyNvH`F3NEoojyM?OIPlJyoEO(7F;%t0k&~ z2K*EjTfIgEl%T8F%X0q~a6Tc_ZEG!|X$-i(!x(}%g-7BjykOWyy5KzZJm3>@vO~R! z+8ibjml}x&60f=lh#n(Vohs0Bxff{2CbIeL2t_>e{50nEwefwh8Lv7U3JY{;L6`&I zb1;S`?bcnqzaVXFXi%LBpw~X8da~)j=+Kp2qfR-Ml=>0!E5M$2gO3mQrUC)0bP;!^ z(H<-r5qLStpU58h9jAyrh4fALF_MVifsubqgceHs8Q) zZc=>pw;j2{2yH%Q?1{7^AE|Id_XZu;fel(0?^QOx6*V%wx_oWR@m|bEQYc>_QK+ij zT7!&DpB!t>cQ9WaeK%;ev2lKBH9$<8dM>SKzhG?DZZ`(qI7LAi=_B4X98L5Cq~VOpMt#5yMxD6FO~QnSAmUO9l9ga|4xo;(ViL`Ri-8Ec_tpHRs=D3lsKi0b|#deSI;5 z#az|d1hMO3d1F&ED6#OB61ECvK`k~x{mOqjZ2He8St)2Z_S!Iy_$$lxZ}uF+iEU2b zx6XLlvDaD_h?kzKq{?jgu%#kPl3eA*E=EaPyPAmGd74aQa>t$^ZttIs?@I9F6`kL$H3hw#eT$wWx&_( z7kGuZ7*Ig~L8icbJ5N?cTO~7ts#8^aK@gH1c>OG5!PcgP&O6Q>xS{@UdB67=N=?hC z{F7+==p)EI5>b%zP73~Yq(YktqNoSMrle_}-C1gIGd{@Xnoq3H#B1TuNER~+(xcc) zN@(M5nF~N#n8=_;zkqZB9Mi2>3bG+SXv~8%DxbZ`LzwBI$ySKj_;V}|iG8}n==ivo zzITF`Y9jgv<8)a-2qie{;IR*qoA3zdk;O}ple>hB?Hmo<3_9HNXwGgH6Q+-W^9WOP z#X0HC0fY7qAdMgSPsv#PA(_*u2nyJPT|bz+))#5Q5!BYj`VxsW*q6kn4^0#tH^Tg$ zh^jA)9jdsVL!V=+Eqh#mt@p|{2Qp2H?0;JP4J01$oJif+xH^03Cxz*EK)rM|d8-EK z{Bt$o2u*yxxgFQn`gatp_?@i{$Gh&NpU$X%t8}KPCLl!FT|a(n+oYZ*U=141h{@eX zD!%I+H$bfMJ=2U}w;AD%)^pE-Fm>vzN=Q#_Cf;>jx!SwRFKg-tqB234l)A>-8x>i} zZWrhqBBvQ-y^t475cJpN68h}h)%jc566>HA=NYZt>Z7rcvJgUR`2B7B1a)?Hc25GT zlm6T-QM!??X6i9Iy0x%KMXGw0rs5CR$$R5?!{6uVM6vYEcl8OO=-x2H~L>gzRvuV!1_ksCC_hxjX z=?jPO+ZvAoy@X3vY63|OLxn%an7rL$vZya%GXzGU9b>qGF8krxb7D!;{dPSib6E@= zf+NKj4d;{X56pUROjj?K+UC;>*^GW)3A%YWE+N57!D-cXv1`3;F!J3!$xr@iN4Dhy zBW5INPLJi!clrbD%+#Pvr}AS}_AT+e@j!CckFTfyg|PXMv(7X24N@S52^|?u3%pMx zTk+o4Jrf`I<&RX?v>)Bje#$mri0pT?oLbf4xVKfAg+?Upu3TQ{*;uiVxE$+WArBJ9 zNho^Fszg^uW2gR1XjeJe{{B=}Mi8waW_%X}LV{YX-5~W&v}28tO0uQ`N6R z;zoQqu>A!N?9MZzu~`uVH6h0X!klVz_Gga8k6DaKi;;51I|*vR41$!-NS9WNtr~<_ zw6=dQKEHcEN+)ZQnV|{N7L!GPzY+6%E05a;#q9y{e$9UYf;yao7M$kpmZ1k=_J)+% zDLnj#L{P5aMUUDCE@uv0lNX&nC4P4jY07!dG_*GHB)sJizWce!?#h5(w}ugqobsUXlE)sl|w~^;#@)p^wrhe>phLQB@;<};LyBcBVE9dj>+ECWT zym%W9M6__ywD_5EBW8K`sv4nwI(wI%)D8CW{Dt-J_TK}YZmb%&R0n!!z!e97(@|Oy z$PW1PtzgxlM_{pD2M*T~*jiC6U(9E7;MLRxwNp)8R9KyZ?X$6lx@(Q0C7L}y+siI^dwJ(hY;J#k zcI;Y^wSxXlZ=}6&AJ(u~8P!IQZ=fftduL8;s&`>C?&3IS*!PcO37<}hrr9}vyji|g)?j%A znn(QT{w626jgrcrLK-6b=DLr>sk=|^v((35kFZ3}i2HE~R@h=%slW3O59eECWAl$6 zKcLg5(rM07OugJFhoJX@(kuM+vGlUYw7ke`sq~^|5?W@fOSKDckj>E4apDRRXoW~L z?07qif^$A5?sw9S-a$5a!yX>K5rcRgmlq3J0Rkmj1x~CBo=DLf6A^ z+vzkc|KVshl@5<#JN*M_1h-qMhp^uWRaDi=CYP7nIq$~A$9vu@a_tYY@g3+0GwA#l zr$-6SS5Kn5!LzNG`6#Vjeu#*fj;8&3oGCs>rNm|%AiE3q!XRt4r$vb%b8-6;mA>{L zukdy05T{0(z#0i$blwyY+vU46^ZtvSTJnwYPw!N{!g=;LNM`)8J{`9a;;%vc5A2~reH#djufHi4_Ug`|T6h9<=^x{C0YYQud)Nv?i_g|^bR?jnp zz6DAoNkKZXLW5Br6V7Wcdi;J878_z4O&c^W4~sDWPODN2rX>RW_pO0iTBNmCQ@EgA z*?;pCE(XQZ2oX=%%Cn=|V3=He;3c2u;^SS51uyyKmK1DKkOnGkss1L@5ZNEtp0}~S z_6vIWg9XgJkmF3WF1sW9q3{o~O-@&F4mxv7Ow(}d6u+yp2~E*ZH1LJ?MICH_KrV%t z)1++{;h=0dwFj79=AETy{`J-^(+yLjm1VtDV(aqGR3Gi?QEN>#B?0-1fybm-_;!h? zvpt`AJuh0_)>^`G`XDryZW$OvS|H~`J_hdi9FP^1&ViiQqW^UmX(TvRoWX}ZNMfho zs{tLj2ehNYM9i*$u8bZmzvGU7jkR^3d{cbFXZL}Df!gzE3gqe3WVq93 z+VY*0C`ivpd%c9+BZHuYz74)nxC0g6q&_m}n2sMG3AQcWSmE3t%~O^Ef-v8Zp}>1Tz6X96H2g6g*yN$cFF2^)S-@=VIN&(*6FIIQ zIre?)e~(7s0C_FuXo&*Cq|1E)H@M~TSDBO21|n9MI?`GT56u2ysN?uEQE;702VeMn z1YQo@*j@`ngyUioW%H$p+!1%`!+V$B>68}tu9)yC&l7v z;M?$OQQ+=@387HLYR%cM!*=hq!h}ou8CN|hkvq$eaw4bWzra%!I$AFC6!YYEYm8uC zN;hVyv!G*e#h$Er&WR{+XOYFl35<`>`Wq6C?EjK2yLsKuUUQ;J;i!z^ulILde;^Jg z+K0e>5+fn(>??4+-RW>DpWkP?FJr5P!~zQPGvrUu+|xQr`Qj9Tl=w4D15plJQmnkj z*`yP1Yk5dvNQElm1U5(ME}aE8Q=4wqb`7pAPm;MC@C+^`x_qqpOYfuH+}mR68Ba6? z{ZacViZ8_q!X2^3`hiq`6=DxwAQhJ@rY*efM!q0MZ{R=);nn~dlJJDRX_{+!xOW}x z51(OywaYnAgfENV%%Ee$@aRz}UTM;JL>OJ)4f)12-+*+I7i2&8<&=5R`QmPui9_x& zVZg^@OVZHLI6=`|4cA=a<(y&>RhERiQ-0m+@UrZ0c0Q#-So0=+zYWT9K!C@&{ZH!M zPShQarjFIb=?0U8*Utw<8D>yU664t}@|uOs7ewP*Pm@P$l4sfc`WEof++rei-062o zfLvQW=fKmB$vAZb_rLP!J_^@ptjCZ?O5(1?V7P|N>w_^5)ql)O5)??Cp71SLMsY2O zCI|ns4XsbWX=eHv)$_`w`w zIR4bP>>-C*ye*x&O$GKja!b?guK;lVr`sHsY(0TK(pC`^{eXqhajXxaFv z4TH4d%B7KKY+U={5rtatr{fRnPT&z{aw;yhINN{ZjuZM|E1mT?DPiSmxuUlXflXrG z0Nc_~`vJYqSo3nNg&IMV3lr>)>aFQU>=|W(?*w9}jPWifr{3M}1<0YfgKzDzGp0v! zctQ&el~(4r?#E+T?lX2}>U@x6uRFAD89thi2DyFzy;U5!@PZ4u<15nZ`?tN|W@yDf zUdO+3_O9^K{c98QmL+fVPX&o6Uu8%I5%7*EOdwxif-e|c2^A$3FJ#AhHmvA%uAKPt ze+c{Uc&h*Ze;kh}l4wz6r6@CmY*LX~_Q=X8d+&LYN)Zy0oxP8}IZ`h6sM~-!j z@9lwl_I`bSm&@;;E+=O^?&CJEx9jbGpIe)kE$OW42+~0fZuQr(Rbb~{d#w-zv@Bm zX8huZK_irom*G0)Il!EX)qiphr8&xI^ys*AV#8(hOG?w!FT_&|9cD%8jET5i z>p9au{#b`I`)K_?7cl$qqQ0zjH<1Jy3@J<$g=lloS^QSS9Xg(6c$7%fXYFIrOXdOPHCb)^e=@AR@^e!t=KZ9n(-le^#Xc>s5*yA@wO%GLp+G%m+q4)XCP;IkND{Y|YXdOmA9 zuAHlV6z(G@wX%#n3*Xg8E+8s`Ym6k0gBN^y+Bv)#ymoS-eC$(d)R4Q$5KD>YM3hps zNAf-A-!*22TT{I1jdk{P!Cj}P&+9Rw2YztdG5#}#oFf(^TYj7KLgs~{LbmxinJW&v z(Guw9PjEYpQ+td2SC@%iz*R$NmA9@bYyg)w84bc^#Q%3U)2b63^xKJCZi9$MWPBUc zh;{jXTT|yQgQDnS>8VqvuJs&e2N~c5ao%_*cNC(cS43F@`BJ*Lv~Na32A+b=#>UZE z&F_xizK9k=9P6h)zLR*g*s6g|yGidpK!oY+Fypl8GChqW!xSgG3bDW+Y0#bt@! z&wZg@Qn5YjZr4LrEqi-kPt>?+H9*7+przSRY6|PARq%dFu4(J{}h>FpmSU_x%bozC`q+`EXabP^IF7 zve)RG=FO6u=RJ(Kp8H8oNJ!{8!Dh~;Kx}EG3I*px-8wbeNYyF<{&wQ_l2mJrdP!4 zds5|sli!SpMug2vcDtxXEG1dkF~V#S!-T^M&CSh>hAeDs7VYVUoK?%OfMIa`XN%XJ zrKKfqQ7Qg|6;1PbQgk8t`T4JZdM=Dglo@u%*bQWlD7xh8GIy2EQRg~M;nvsJ!|Upr zq^nGTsgi8#K6{^e!l3AuE{}om1Mu<2st}{a5q4YkF?w4IYdX8caoCw^=EbGf^;*IO zz~(%cS{eSh4ltp2P-$qZiekGC<2rmnx^W3#<3c>yEanPQmdUlCsd-x!BVMg zq|sF)`!37acz+8Rrq%$Vs`EZ@mlXs7;XTb_T~t(GOJ3YllF{Jz?9wlSA!=Za`2H9b zn9?-{boS5q$~CLH#&Vs3qA+UWX~Fk$QTv|=P5~R3Li}m=pKl-V&9-Vor$Fh$xmp9fUT-woQ{w24gTune- zrv3!$@1LpXT6n2Td+;lqzI^e2q)F|V7;*`WIf+4#zURoGb`lQ+kP8sjrh z>Y7*z3Xo;;+SykxcL5osLf(Fi1Fqc7I$$u=vVlupRoB(IG=h6y<#je^^4k0c9K)z1 zww5zL@&1p5BVxPo7SsLKcWD9w21ZY;$^VMwxu^0l|O@76U+)#02%WChkQE$}{gw0+73a+0em`g(+`p;apS>V(cb z>q-m_s}!8!dYhXMlvGq+J6zgm%--+|64`hL_ul){K15(_GszvV$|u+ZX0EPfE3>t= zwP~Yht_$haxwWZzTT}yqG`@m5#Zp1F1^A6_=-<>MYvqGn(+Xc3gx!{Zr74?Xi@UJD ze|`yaIL&z=GY8D!@v}8uc@1tE3N7^^X8QcY*ju>}LN)6+k1!S$6@_q4OiV~+`}Hnr z3goHtQfO;qi!}H%bEbxSwazve7}L7BXvU@4vTa-oFjuuM@ZQ;A@&avS9{n`*KFE2r;K7<^M<> zw1%Lm!)18ByauV0i4347Cn`kj+dFH@vd3tv`03Uko9v@T`m1aHp-Z&`r}J0!b*?8- zl(qiYc=1#Q@`kf@oxc8N2mG&BxE&~flNL_Mbj@#lJ-BL~po3NV)*#}(T2ER{#hgCk z{`E02w|O^Bf60BtI^IJzfq3$cLv(Sjd}fu4{T-5T^Ca{|;!QWpx#9&LtoXi)h@d2n zp_<4FO1Gc*eAoUe$xOx-bXOiV%^3SLm4g-KrdeTmmQ}4UX#{Uf#e0kKwa{3TexQCJ zEQ>8-j@{&3UzD^TkGB6DB4AH8?Z%Sp+O1zx{C)2*WKkUw_uk(6$G{^x^BR&p#W3IZ;CV^UbE^90(Fbed zjWtR!Za9U>%7FYAoKA2iI6-plY_F=wyok#UT^IAfbGc%XHuNl6nb#{=Dx=cXXNZ#* z6@pd2^~4Epb`)H%ViB&eSbr|<(uK&VquVb#70q;tq)y+kIvJUFwMixt24ln}<;E7| z%AO){vqX=fFUG{a+ZR)RQnM8wj!CfMJvwEg-(w-S(GzIU2aSCf3UU)q$wA zqUcKmH3$1*`@$KLKT#05IwHhp{{IVclDLCLM5yCIO(Uk$*YHvgRvfVy3Kv=GmkPT* zyO)J7%euvMP@YjNRP{XTTVWzG*gKjS1{vu|1#DS5u1hwiJc6KTXEn?N`+E!B}lPDFnOtndD4edGc08(~sku z+?OW0e81M|>FUypmExqTV_M$aj%Z%3!C96i750|c>yQ33eV3ac5CaT)R;7>8IqGJ0 z*Y-t^J`cQ1{`J3txM#6zfy%VP3V(%0`Q<7j<^`rBn_9N2H>EG4GwTJdw>L|t`NYJ;ranCM ztV(|o=keY4@}*192Bq}*ukAFzD6bV6F%c1{(hFt{$TJ1~qUlWM=6p(E;0 z&TOd6WWagm0#D73UTN{+cK@JWJ3lVl*rQ4q!<(mIlBZ52nzds*b>RA>2Y69H~ zcx+dc_cAAXeSDH|tJjbCCT^Hu-}le@R8yls*=^k$xR>W60?6gWNe4ewi>ekD+Ymvdpk`kDY||t1Ovk&ic4fjs#ZzCLnu_>0U(5`uj`eZX zA7f)>mCf1uIoqDC9#>Ew9U8-~9yrasb(BGOL@oez{y#Skyo8LH!#|S2;jbQBw-bS$ z?D!)Ne-IfpLKes`A0>y`O)XD8ESBwS2*OPDy{D4sQQrqYv#@0CU#pFC1E+uWeuIapFfQjo`|-8 z2L^EK!xQzcnw=lt;%>!AQ&|i9E9mj+#>t?aHE!P?T=>DxKXQS`q~)3W_l#k67Ur4i z<#ySnrpon@4%OD5=gbo~^2Z+Qc#4`hD)6GIt)ufSqX=zU@iWvE+p^Qs1*TtXRn0rx zQ>9M7ra{_I)sVDNIz8w9LyBxL*RQLKwXZT}tuIOb0XPrAF_}zo-_@7~SZ_;_ETQ-) zIjYZ%<&&9DO8f%j)Ecu3<|0U`#jwKHo7F6hVDV*xL=S#{iQU``U*c2`ck`k>O8&1c zB(m7BsHv+Gk};e39P>r+{Z+na>HT-`nk0M=nXYEEO(Wjh6sLJ4?-_HvBxki_o>tfQNe00+t1bcm=ddM6VlXS$Qa?RrBJ z69{4N}U3XJn&PFT?@^iEu%&M;rc&|RzgQZW~F52AmSf48D zX_Dt3I#brt8_RWyT8L7_MN?Ooc3o|CZfLyPef}#x#zaD`phE%MmOcDt%6)T<v_wnWn~4^2stB5T zr^B)HOrf`ykF^ZGfyx+?hE=SN9(VmV%WJoJV{>FPgW4Hz-X6Vs=OGRE3miK6n^(xc z>!hzCRMbY(Alj31HHAP&>6Avb!PCkLvlmW1zfeQt=WEL^AF*>KCumXlGU_lyuM#2f zAF5i)Ku*)$8WBkuQTmnL^Y7n_kAP8SWe)sL5O?2N1J{(Jc;w@iAxcOjs|7^P2VX{= z22&IRrhh1c^cPd;lat-8D(t@~@q`Fwj?H8Q=Ny^NXtR13;kK~3A^QZ0=AGnx`Q8GH zyM*}R;3IKySb{@I!Ey)Tz7Mtmv?RsxZc_1!k&kHbNmCzm`b(=N2`KawNrvMd0s*6agJm>10G zg)HiqwLHz@BmjE+F4qDPqr)_zx($S%kz1iZhld|uD2KJqRe!d~Kz5SH7qIf1ElK9PGsJcBDP2=!Sh(ND@K7LrLX30xZqeLpze%w5icsgHW ze_EIk5R{DyuK?QrQD8@q)buD@DQQ@zCrNE`Je^3%X^z|0CHIc|6<2~s=K-AHzro&8N!oAY=D-r1 zD^L49EP)HTNP9Pvpl8QhA@2A-X7c9``}sv2tOHi_{h1thuq{IcDa-`i3}}zKW3J9! z6xrqqqD?mlf1Sjefbj}GkVRr7A9V!OEaDCzLD>*N3~G4DDT26e&G^o@G~t56^ZLRx zGgFHP1$26jQ1$$kK%&P=`gJQ++&jL3{e$jKEWy)o`MDj<71O=ZJYvC!8r)%R{y!-a z4DdS)&R7SQ8eq|6l(-FHxMeTH3xGsRFfDA$h%u}oH~;_`If9`Ye2wJBr#-&55Nf8W zlqXN!`bJ{N_&TwHPSEQo1}@U0c@rZiL)gkzpAgehotFG3TEht8-!&NeOlUWB0pJJ) z$1}wHve$bNBbuP|su1dz|L*)KvWvR8d$$k{=;q@!c!?jY^ULf_Ry+E#| z?4*Ym^<-DFxDao^zok(FN{t%JTsDn&xA{gj~(l(FT4@k8yxDme%zHS$wue@ z9V!gsGOUgK@qp$!Mle&tMJ6fVj$hK-iL5Mf%jEm^^q!^rl%s$18 zM;$gLUIGz2JSfIdXp~!3RMwbObkFv__p|$Ur?%Xx$7j2e8Ew|Vp{ZFWd+eN`nW@c0 ziRER+4abmgp5+?lu`mA9Z*royfDXm0zFyy#2A>o9alwxNMTfhu$emzK4fOC@MpWRz zFAk#giFakoF@pFal(kQBS z9$!F)hXoA&|E#09FYK!tK0Xr?BvTO)NR8GhW*FbTSy$Hy!&6o_dG!CY9IK2^mo>yO z736jt?C9xVJ+k=JCG(-{vizSSc_sr{SY?g+OYz!kq;Shr->v@9Ob>dr)ikXu#9Ed~ zH+8;5m~&G7@V(1(0QXovW$f0UG42@{lnD`FL|HpczT)AcKv3jI~CO+=Fpy3;C8KVbjaHy2${JN7xZ>XuO> zoi9BBc>9iA{5}{%O@@CyxhtE|P-BcxMfpJczfSle{B4Rg{aL5G-ks)yqu0+WYV?c{ z8ZQ$ifwSW$WaGFA^TS87V|qU$Dk2vZM8U<9o(7B==>(}gHz>QjFi4$gJh3hL(xI-{57TeBwXPG?LMu4If%s4HE4t=bUq@Zh3R%lCori-k$};@WCi86O$PJ{9%7Z zp|z=(^bS|#^D0=;S!@z7!QiQ9N2ZTWGEAY&bOAJnW}b>~>AXD15FOxk79kWBWgzVr zDokA=NpN8xcS5N~IWGxN{|UX1HV_G{;;bf`c^^9ty-TIr zAA`*u5Im$@{#P7!2ZiZ@p?KrwPSWPr3RM~U@%1TWSJcM6pR@33}LKFr&=wL zip)h=X2bv}5Fu9Rb?%Ow`9^Jmh%uXi4)Yt+j;HuFdg$w5R;GS^`eHqxv^}1oB!!E& z{bv~l$u$aGODc7TZSpw`bof6^{-NUxg7&ttn{NDL-jM+=M8U9XR09^vp~BX~YbJOd z!-rb!u?S6`&L~dJ=XgPY zcM)y5D&e{qQ8lZK%LJ^y%T2*RA{9R4Z>AUM6^9r#fP^o})Hs&i1y zkZsx`T2q4$TFW+IkTEkseZ`WSh97DV=TJAHtesCPR5&kp3C4boXgXHFo~gZHG43)E zzAmLkq1_9%T#L1Jn+?_O+$gzoUk4_w9@0V83aUHjEva_;R$e~*lUoY2Lp-}OJFHM` z$6%nNNEz@Ri9621QeTl=aEK}f#Wy|KE>1+y%Y0NKB=Y<}W@+DEzJaQUu_^s19qQw0 z?eRoK(T+oM8a-l;hDk)%KpJ{3YxX0;TFDBpD~b$^h}Ps097neP=#CsGAtieI34Mr*c-+$ zrG}0wqxIF;ELn{n9QOWWSYcp6^fI?R7WC}D3?4q_ZQ*GZP&HpI&7Xe?Ovs1qKy?}e zOV1~PY)fjnq|6E-r9rZ@{H0Ile_}vNFuL%G6}NUO#9l#%ScO;G3Bwy09R7UHAX_v4 zT<0M{0}alzJZ;BjcMFoY=n%{;TaNoW5HDI9_GX>a3JzyX7ILhLP$+5#O z?wEkxT0X`RZ;W%vFs{wfOR(@ZC~FkGDU%I^qla>m9ji2$>mP$bGEx#Jo6c8!)5y|RLId;Y zPmrdTpa9YP)Mae-k2SpjNlet>GuG=!2{6g;L4WmejY6{*Yy)izSFnDP?oANARG$?( z2y%v$sbg=ZXg6xu80uF2F zbD|E?{l%7HgF8jsT*NT3K|zfNup)MDSA~ z$p+4j_UNv`$7q6@#9)&h;klR>uo-(Rw?Aqa{{*tK)^cQ`h}r6><(k1DF!f0pw?+uY z4~jit0xC~B2%dcFi%i5~!Oc&-q}NYJ9t18}>G5vW0wuEV>8oi#Anczk@6*(5&(RTD zWtI!t-RB(QnUNa3mo#D=n&;ayR9PFFn?Z=Cj2ut*kN?rz_s7>t?NZZrs#Q2^%ipK7 z@*s{NnjD-0v1&iUxT|CbjW3z5`}I$RY9j+iR5`zJ+8t!Qnv>xqQ9P!CwdB)Mpip6? z{F!brLy%8mxOpxTv;(Re#m7L3Y+^OSm8^KhrBA@kvGDUbizarG!}1*D{NefAL+7YN z-N@%V)0JT&Ps!-I@wF#noMR2QzFtAh67*1Y;yQrj`>+O`ARooof4QQptn5{2sH8ss z?{NcyJ-O~>0=s)`rcWY=s-dyG_**-I6p@R=9vswANkNq30tEfR7yt1+;@4mYo)pZr z^gjZRMBns#tSaiskw3YOc z)~m!#fj?zRF>$+X+_oe{6K zaYw+zLx>X512=NW=(-262^~=U;nuIZqRa}tV}##H%g`K~&hT1ZP2DH2HoGBG@rW~i zIF1%nd1`t(*>a#b1o*ZF5g4n5=`Tlj_3{xX`kh^Bv#{v0k+JOW+R0bi9==8;vxc*@dju{BwNXP%9kz`4 z2`5|(`!&$}hu>fQYFpCPpaO+-%`JDcDyh5eUQV0uY zNT-cL=8x>BA%noFDVd9Y>jEFQrOx%8^<=TMw_Q{Ix$c#FT5(36v4| zK4gMh_eAPn`q<-p@BC7R@s@N;q|}yY%sULn38qT!RqPZH3BRq=zX#i5boMbk>bmlq zu+m@Qc~*qKNMYDSFJaj4(=YD2ge(LSRek<%orx$Mv`W7#w67Nc-JV-=Z?9wCVQP(| zlHO(9s&HF+HmuYiht9bv$N_8VD=tXqK@IBnaoTX)bR#QzE zZTFFg*j)}Fh2yJc;%T=OzN1JnU?CCa;FU#Xh|IPfkrxrMx&HubaZD}*16x`G^|Pg* zqz(R)2T+%gpf%+6%9p{q&evcZH`&`d$pnLPJ?|-~h!~nKu|FAREW62nL&rU3``I~7 zn}lSX{R``G3dy-b2X@NcK<5IC{_~Gp_fX<*2z0m5N}_$`Qc+76lRt95vyKQ*s7Z%O z2tE{)LWJXgCqYi1HSN!Rg$QJY{tn2>p^Rub#6+VnfFHid#POGr3h&#%;18-RF&RNe zu};MW)5EAA__-0@EI^~`=BRWr3JI8z(%>(nQU|{hDXuK~OW5;aXlIpYjB%%0=#F~+ zZ`>^%Jv|Y}_0(fQE6P)BUW)$uJ;WtNQE@_GzM!cfX3JA`1R9|SgO z);8(%?uY^A-9uq+kxe^=Urt>67!{dz&=XlIiBlj~&s2>S;8FiCQu0_C@`Y>DpR?E@ zb}RDvaFHnK^1|wpqOs*zV|hdX+pFV1;Yhhu0xZxI(pcZmJXlA&A6>-fA1G+!TXeg= zist#bm}ag>mmN~>r_4S?S9Xb2TT8D@BmZrQ%&ch6t}tJd1>M&?1!D$GO08S!33hVk z>}!>gI6mXidUTFg&5@ZC{g%&}RuSczBw5(L>M5xOegYA)llXupB`CxpgLgqPQpN1Z z%P{?T*rHGSAKLq5G>BWBrn8A9WI#ED7dRy7Nl`tb8Nl>hdB}cGNsEnf!)@$G;?f<*@a7MV#;}V2delaSksfDl1%vf>G;(dkgsY)@&nCN4> zk06)U)}JglbFEnfp6$n&ac+ff`GMDmc7^aA_(%t@n*_#RtbhM(wd)yL{j^`>wxQ*a z6cJwh5Sm~9?t1JVr{YuFr5lg(t+)?KHxR=YjZnKLZ0{d(1#n2;vV;oYq%{2={1XxM zZ8!etlY&Nx|EobD7%vhiZN>lYZ7Nf$*|HAj($-xQYBc5Np4tFg&)&x_BnuH+qp3Oz z3)+0VbLgi?^?6rD6Yc+9tA!&iI9Mx-qi~E$mz2!&D*OB#-7pY>6s6W120B$V*DDrp zx)QO5h5h_uj%}M+Htl%zB!Bi;Z@syqcUyjOvD!g)Hnx_vx@X&2Sz@975PEfz

oL<{J zmswcOqo;4!n(`pQ#tVSR|LFPu8*HGMh$>eMlCuT?vY$&f{>WWP#yri33eg5RMTuw7 zIdoUK`$liy_ciX|>&eP@nDq~=2_K{07W!7y2OdN%G`6IZcFzXyn=g1q<QIEk&{dq3v!iMm}I96Q3O8Cb?a{D6YjsJKTY*ob8?;uzQ}_ zRdk|zdKt^>w)`-X2PXkJ6i>2^AewrhdRsr9>P~*1Uy+wr96v-ax)Sxf4GrW>cw^q$ zfxiZBLI^;evb0+tz^FpxOI$xRWnF1#aCnWY3z3`xuqlzp7L0aWiza z1_#YU>f6 zn8$MZ@7n|Oy#{nGyCcG|AqJk6&P#Vc$<#U=CrUyVkXHA~-K6Soj}whJ9o?*&NxY+G zxCNBGZ%k1rgz;dXp41x<*6Y7lbjj5H-tNW+Yao_|f#|U!;I&mA4ti&`IvWd!(yPUa zxIU^TgNU^5{qr~Jj|0Pty`69-#Tx0E zNZj~@zF%8jeVO*)P0R!QbgwqoHEYJ3pQDSfHd7p|W-Z&Q30>A=O`SFiglr-z*CV=6 zgk#rMO0!`O$7GQc)LtA-MdxJ5Wy~vvsuo-Z)oPXVbHW~u&50G2H)(m3Kq@8H7;pIW zSpI|g;WXtloxZxcEm55NjQ_mD1tZ4sK4Tb)0g%e-%vqlQxE4h~d(dFx+w ze>L-FP$YsjDlaYn(=!FP8bL2pcigZD8`z?{j|LB`PXcEpHDHPnYDS*wl7|9(;t*5B z1MD*p4Q7GaTeob}Ivl!KGhL@Y^#rlK3Ep(jnFS^H($WrqZj?$^SdrmuQbtLP6)J)< zH$q-$#k^IQt33DU;zDEj#-OsN_uEfwF`#T#Ou%2grXFbUdFJp%PEJLYc-uKiv2f~~ z8r@j$Z-kLsqu$bY@7`4jc7}sh3Js=LBO)TCTy6!?(wtsW9ciOm>EL|s9JnnqCTV@~ z;zh(HOIuoIugrpuT$s9`kL4BdN!L@>&^W_?CySOFH?FKGRi7S5dk*L5h!U-atMZiQ z-Z-WXI!&(@;pVF5pN8PZ0&j{%YSdhEVyi#g9WXmSF=3uc;XK=~iZEUrzVx1aiFGm* zv96izmL3%x7VM&HtC$~l|M9iKi^6oIX>B<#oi{$Hro8-H63^Ibfa6PkT0 z=2rd~UaQ0esSE&0$$^ys$MLAR?>}SN2}G5h{6a>$Q+Q}*!MA0|@M>(#oldA~m z8-^2CF1RmW3c$UfKDo}6QPc0NQ0$yh|8AF$-8aHZGLw=&V$m~lvhbuZXqT_LvIzpA z{LwBrv8h7sbt%(phzcY%otS2QFq>q2pPtO(3d1>Bry1)upbPO}%T=JQ9YR6@;Y$5? z(w=p`>y5gWIhq$);@!=5j?8{(^kn_vV40kjJDs~RwQe^vb~u!`Yhml>di&3eo839% zEW7SP8ObAU>49;OhMs#<&7I`TtS2W7!GK9Y5^0GU+; z-SCe1k8cIN9gG3Yi&O9GUC8cybZ=7>aY?4#XjjDY_EXW3^N3!eobObwvNRM|@xIcs zMy@qewb7d!V;e|ufKSM=>l%fj3*WFtXLJDbi3SqM26N7pZ<3yai?mJ33K?<0lJCZ^ zt|!l4WO(0Olo9oTWF*5JdomQeSY$OM^Zdp0MEuMR7ml}A7?!Xu+j++_wt93)>Q+U+{drwm!s zEFv*TdXYe>ABQ#|{xCNdxs_k@hl-sXA3vH^WM~}6-WRJ^>3NBjxmv4_U$#(@0!K1< ze}HFh?CdIIV9lMjHAj*7w-$P=!(J(x`s!QPYhBzu7VE7BGq2(p6bmOPsb3X;H&^p! zbx++Gevpr`%D}ZI?2sHgpbRpwTM7Lm1OIPed*S$-)%S<`de3x^8|j1trMUEB@YLZL z$N6FU)S6y>Qy0zFfoMlND}@R;O#GWQ<7y9krIG^Oka2p|jQwHh%-dhI%ft6d;Vpz~ z@u6KP@dZL%w|VHbbrp~L)ycJG1l<_bkq%&a$K+c+gITE_02aJYsNj1QGM|j6shzTZ zHi0`9D`?d$*_k?fHQE%OVgo0$>lQnU_;ndEE@UU_NkXV_ax3%(GY75J*za4Oj3F|} zLiGu^Y^ZLfg^DbXT2{W@4G4Ii*c|N0!HyMIwo+mGs5d+t&@_!wFry%_5)gMYH5Ksz_aRwnvpIh|R9Z zTW}X$AS!{}loZQ9z$&x+;`@E|mozvFe=ml?wEXtc8iKZ|>d3xrMT8{praZIF;=}=hd=Dk z)2IZUF-et=A3xePWC@KIYuDt)2%CGXrDtR`T|Jc{){+`D;svJ)H7=yrB{Bn=3Xgq1tNv!wVON9+&rq1y8@;KbV(S zZ9;awUMs4vAvVXtVx-A8T8-A_s{6Go#hwLPle!y{QECGn6ZcmzM(7<1vWXcNZz^ON zb}frF30qDt6CH1CmUe$lrW~z=M$f=$Lxi~m=MVHUTcoA;H6}x^O2lMG%FV5%s|BjT zbE4YsJTHxLQU;XlV1efPVC#BCuV(?U^~M@=OnQ=`A;|FR+}(5$|BAV4DX(SBR{wD3 z;^_gs4ERJZ)+;my9W@iN`q52eQJ$h#zR;O!I$6QyC4arjYLxFPKLt;|ENmT;&;J)I z<9S0B0IObgCi?|!p3aAqObkN!hzOcvm3$#cX!R1QRaLSg>V}Q0Vrfv@bPr{A`22=B zNpr%#f6H;c<#k6z1PF@Rm$-PpaFuX%b4A#q)|$miq2ISx8{f+{F_-idS$V9hzH>d9M;&x{ ziiLmI=mL(fGFsK8oeXy$^g9CH-*ln2{C4YJ5eVaj1ov{SD+2*IF8`JI0QZ}D2`ZWH zUU{g`y=GCftXf0-1ysGfIAfbh0;ev{8Vn9&xclUWzwF#jl-*nrMh`xQ!t9R5OOEw$EMID45gasQLd zMw9Ky+*X6v`l>xEW(I2X>H}#qi_pt;WXA6w5%!BwAFP;)rQBX-X2)dasP?4m&trKW z$XHof9jUTMz=F{nFa+h(^44JT$)QgoUk1BnDy+wRy}~LsC-ci~v6%Y^2R4_p>Kw5E zRbAyk2|t0(gVu6MoL<4xnHB|97p|Rdfycd+qwDEvR-=gl=tSrnj#p zzne!{4wiD6;3J;6i{BO7<#bx_Xg59STi;6R`XOezN~5!6DNy9? zH_rEVb?y0&z&Dob8!8-G>FFUOJKxCcmVbRs8^|f2%8-7jPBxLDpW{`VQ*J$6>1sC? z$ZwW9mC@l8=RPM8De777FgGX=#$baSIWwApY-f}F1ESLN3lq*gP0)X+rKkRKn$y?K z$tGEkS@Qd3h#Dw?M4%BI=E z=N<^7RK>E@ONyv^yXcmm(^$Xj(87w|pXU{lubt9pp}kNjgf{2RqN-46rM*%pDC$Ww z(^s*Yb<%u{&@xcM+R=KZu_Zm4`~)sOO>;;&vY_ualftHmWYq9UKpj`jYM7NaaMwr2sTq0}0%F9tCX+ZNZEi8SzXvUq6cnFQVwHGb}-WQB8@J^%h**R4vZx5=yP zWX7dY&r@Y?*(1k}jHV!)mM*VHbd3|i0eN$3jxO73sGIVRZ>2}((o;ard+}G%oGusSi5IB8>{C zY`HgA80JoN$s_3;@!*tw>BCwA*&=`EDp9G#8qot?6GHPG?c0t^N&X=lAAYOrby%uA z^ngV1CSe&i7i38)TeiSU&)YLWF52a8XO&t%&&zb^@_gX;DrRROjCSx82tiaoltf_} ze8fGFlzAC5XLsB{C;Z6npPm3NXK_i~LRxk9aI5F925#K@onXj~W~mA=nYy(g69KrZ z^`5L)?8g_B&A|+kg(3|uoUAw#=se#Tj^41)8=2^=QPb7ssNcHcIU*N0i8Qa9oSyee zw0*ZFSFpvCX;`AfJj6LH8nw+kMw?qc{M@>7LwiW53wPy^)0khh@{slC1wBrOc?0kj zBKOYi9mBMbRQQ5Vr}>a<>J5Y>tn=2HstV*-nlM9LV?2N$L)iza7<_#0#-{^*qlYU6 z@RaFdi+#N?L#v?TYeTv(;Tuz~;q$HR)tXvI%Q}{@@@02C(^9ts&Tw7V)hoRt^W<2d z;6-RKtnk`$E8CdLEaD)Z;ky~@zKi~Pv_(QW`3B}JD&EgAOi6hp?k#cZ$^KR&4fR$j z?_im&g6#uuMHRPDJg32f=|a-&ROZ%}1tf{3&W@V)9MxR79CLO=^_P;jd>kJ;%K`JN z^3Z`c*U^v~#IPd4jUCqB!jEo+^a$g5Sxh3+0{e`*De9 zZagEkrN$NITUnK@r=-zaTi`Onr%-pW`oAnoyu?_fY2CA@+}q+MmJ$!o1#PaXvdm7V z)ZZ!K@s4UYO9AKpcJfHuE*n_9mvC68=q40R6S&B`NpWWS+aO3j&btBNO$+_iP({%Y z)l9YK`JIKQ(s?Il4^L8_U7dal$#_546GN<1SM?ZNkdQcw7g_acHY)jq8+1UwZC2d= z-LTYB@TCz#`cKv2q9eJw?%7$mA1CjkbZ4txev6p+IKa;{@I|F3#l1GiOp;K0qBSnp zG3KEdU$>l&kk=+*h={JCxL{PJiA)C<6BpUmN$%lcP9xCRpb-W-0;AaE<@TdSIK4;aczsjs|JXT(VpYdY6GBn;D zm!9zboQNc8)xG+Cg;-VDA97m;>Dt%2mPGaob0r?0${Z@GKR7hdqgmQD>w(rc6#B*= z52buUN+m9;01{SdovrtS13z|fpQ-w)aU`=Trj$p6@kIJlyM3f`6(+XQ`(D32(ckKz z(UUlCpuuv7&{yAsi}>7Wisor~Xde$xFKi?EL^r&Po3;I-EH^d({b0i zvI(P&<;lCLzf(l6Q6b1793JDVfE*r!I!c5bE@F(E^VRwy0lgvXNx!$R-o30uJbR+M z74zRoC(x1ZeT-8z6Sm4`NlmH{n9BqZF+~6q3Vdr zzd`_YMh0?QyB!$;HLnNlZB|J7SNZE!bLw;k+G_Y$L$YSY@tjW6@uo1XPsPB)Sy~ye zZa%GkFXSpT^19%bCmF};U!Fd_F$8%8v^kk{R^`a~D8L?}P7$od^B^=}j4!^on|q+j zyy-Pf=Z!UBb6+_FWPnZuk!Pv>B`5kXW=+4pN!P{zN1Y)o=uiR|@BRyXR{Q;=?5Gm4 zVKzEA;KYwRA?bnE?4Rnd6O^kSmOL!&XGBxyxbX~(g4aJ2t@W2vhU|k9pyW}{DSDm& zf5|GXsntmN6oP;1T@l|{CF-v0yliJ90Maanc}XVNb-SWLG?pDv3Bii2pO!ba1Uwzo zl~BOpZ^F>ltp~^8jQMUaQ>fuPcWLa2PScq+jMISJ6<90Mj)-seG zy>S&Ijn$sGBv0JR(yXIh?ig>u0`0HiCXsb4v77t{B#gPd=<2JE40ra+8iVZ|b z(2Zg6e-D!Ku|^C*vBS|pQ;-)0l8$OU!tKh3F&37>ni1$6z06Og$BBx4V*c|p?C8Po zQOO^Jg*wc9qjn|k#BOPh0MGk~@Q#|_Os{q(={7X5B2+ZW{cuH&XPj-Pv#?Gtp32ZJz^V zF|+Or2qX1o9D@n4@P;X15`TGcj~Exafxxy71h(s&&Ub94n&gl@h=-8yOlK1}QX~6+ zTMqsgf4QATpzHA<+hSmdynCz3?_jdE4_(SJRf9-2e7sXOQ+uUgyVdgoMb>`N8QHHp z94l@p&{~mObl=L?b_|K$^m^4%t@76K?Iq1tZNfVdmyyLAJ_WYMy4&wAgFX{E@wAC? z<1)#{;q3?s0qpkG*xVzt84+%GVs_hP#D9Wry%lhG+pQrJ1wq@%Lg(Aa-I6xa9CInm zh!!!vju5fz9X#;2uqlCLp2#75ka^A^nWrdn3}J5M73mEJp^*um`)eSjMtJ;UzmDcJ z+9Pn+<^?Dfcx6x+l2%~st+T>oaAdc`DY|K3?|j{%P-#9K_r$Y{2hOM?N(5Q2({TK` zYr;lTFx1Wbjlkd4ihyJ&MHrGH5SSz|dj^7TgGhN}O&Q=4?{2v9Y%iQbR3tbDe1QXD znHU;EtApBFOyTc<2d&H45*pVq|Y0K*CAz7mA_Ny$nJ@O^4oVazV(Ut0DoH)4@$!6NeyVjrv!BZMVka&oRG zjt}l#m404f2WMsio2!x&sj%c8XG92PGl(ClxM@m;ha-&DER{iysYFB2b^&+_dWwa} zv2QLqz==V6t#%>Cg-mG3{Cn&V)bn@UQ7w?T4G>1cf8#*a-XBc2C`XvX*zW1@qxbKe5fD&3s z!k1s?`5viLsNLLMQjbf()ggQFb0Ij0Mu^G&r)UzEd+*Q&XSJZiWVEk^OolGQks(G< z>N-bzycMV)Lm(#oe|~ds(rc2CL&EV5mw1p4nuEU_CW%oKBN@Rofy~p}9Z3xBnf55= z`j0?xJ%E>qKjo`{l_Htx?(!FG%+{%}iTQ5QwM*AR#STDUk-JI=FL3|?ZF1Z^z-@Zhm(o`h5jDjKk%xB^g_x6J%LjMryj@Z@M_(s7Rdc9 zsYF+f3Llif+ysjP7$)mKnX@o*Vu9pG{Y%4OTBftzu24A>#JbxT%?vtA=jY$377Rh> z2u&ep{5g?C3)tUMh!MQVtPtI%pe1ZG>a#pIG%#oNaQ9>|j3mBxvBg&f6*1SPB#K@U zIK!aOTb+5vB%Qwm8YVH0sGW73OrQJ0v#ZUGA&Ai0_AJC?WhVZnkDYD~Lf9d28^Z#< zZoMq#0J6BywzRMs#9}-fF4Awo^m_R<7cg3bo4834{f*{hU|mIE)EUY|H3yjpM8SElFZSn%WjJF?{nzW z?|a{m`yY=Ar`Nb%*L+^jEBZ8bNYn>m%}@>~8E?`f9Jq$b;9DLnDp&D>TL)%Y`?@$u z`MMNDIF(5jmNsIq`JYOLN%o!-VNN-jtAU}RoUnn8&0fyzdeW;H4-)b8?o!QHw<=;P z=${Cur_H<4G;avrKw#xk5IE8BBYm~V0uewumIz3P?|CbNB6i1KQ-&^&c}p)Iy@M0g zQ8&^_(Lew;=F53F%|h?JkUkML)BjUoO`V!|^)~zp(r84)nGha30Iz&>-H(}Zcq6(S zklXa?QsmuHUb$DP@Wv(&YEgmyHw35NM1TS_Kx4)9J*Jd~aH_NFFvqY&Z|)wa*cP0Y+x5LGRF zP#@B@1)grMabsRKpN}px#*7p^*SIS5?t~P)D_0LogS;yZe;CYBMULVm3F{Z5?Y8kZ zQ5cKks�f65}KSmF2UpY(ot(y9q+#%SP@L{8VJaxw*Ft(Fa}p2`@b^dzf3r(K#9I zE>R<`HkU}_;Rb`6+hfMD3w~!$%+p){0%lGFk^yF07W#r}uofOawy2pJ)0GR>G<>%| zhp4E0`6bsB$LTl6osJ9x6orK5u2;ne5jYBmfiIK@GJR2&+@-zahd(qB?!G%pbL-d7 zCuzSsp9N+%T;wl&-*fRn5sybJC8-ld3R|Yg6(LSeS*p2aPG|1)YN8TjXqJ+M}UH-w}77d^zKQagTcbE%nbrB=ouY+>A?o>}L= zX)7wmejtNHRSLOmpU0B!%Ai2=4$$a%PnN%7T3T9u)=O4#5!%T18p8?w3dP0~1>zg? znj7Jr*=eh2ronAmv91THlat+PynCH$UROvFKmoIOkI^e#;o;%Ak8)~BD?Y-bWeOv= zUs%D}&)t3-UObyCeVoDtEY($hb^lKUPlRZo`XfPRM=Z^Lj)2U1=t=oSBMpwK$?tT9 zT(cdgp;PGQFQi!T@I*{>T$~TR!RJ?2`GJV6W z+q##ufMPUxWc-)ThKlaOH21gqF?7MXHVV=Z@=fTEeGBK#mTvK8@QPS{{ZpjU=!2mE zwPhezd!3-RbdIa{y;l4dD6Kl{P5uzRi7RxX1^k{ zSjZl0Z%dXYjo~&}4fOYNQ(IO$7?A43A0>8~`y3O$0W<#_X7?_u(l(m~Tg#dQEO}53 z%}$pHIWBHn0qk&QbFVt0S^o&`d1Ay6cV5ME|0Vp=xX*x#$M{C|-1jx$u#6b>)#XW^ z7TLTevzNjJX^uR2{JiGjp-wVs2?{oEqD1=%_)Gjcl(NqEz+o&Qttj80S1zBPy=p(LC{6x5lezbQj4%1W)^G;M~Q3 zti~}Y_u|?3Zm(&BA5np?8Eqt2h?Zb)E^j@GZESi6q!%|j7OhSojv^_S!Tw>U-K9Q} zX9M>oU>0$EhnfSh#TN>_!okCG@W%>Mp7L|f9K~O>;l#6;B!Nxuo!M8W`4Y3 zEA)%`EE}uj6+|sAlYxc!i_0IQJgb3L1d7`Upsy8J}_r7pSQLd>TwPJ|)ol#?Y? z(*`xG{rrt~f1CB>qa}AT%HltJRxC|oJlsV=Z=Lb}EsFbB!L7WN(#HAMl|(qxArG*^ zbdK~jbUQ4V8Xi^CB29*VA9toZ*s{%m*zbufhPb@D#oz%wJYgVqGgKMnp?G1B8O`!z zk^Gq!McLa;NSp0S9kImz=!I%))v^e@eV|$$+WO{!eDoYH?wr)FLOos#wm^RS;mx5}59WA<-DeEav zg#HPL-nvEm!8Ah7K>gsyaNe+Pn-WzxwoqbevyLTqDkv@aPFs1_UTdHw9lVsdS0^ns z^>^=@=b2BOZCxxtuhztLt%{s{*6XJ+a5ROxe)UTg-+273pT-u^XQ7|R{^d4)jbP?( zoH**Y1c8ZL*69~##C-yj6)ZUMQ{oz&jrKVYP8;IprHYx6_3k1GB~!EN;;`Y%vd=4& zuYdjkSV~_lUKu3lo6oe%vKoc&bv%CU8mr}+Od=n?QfiRlVT=IWG!FG&5#y25A%fk! zzX5`%&To>M6R*Ik2<< zo2s&Ee6^F#xv|T3z*o0@Y5e)~6lI&>>6{^+`%p|6+S=^f!ukmSLt>Jox)Zn-YuD<( zzz|K?Ju{8jcIymbJI4{ZFl;@VBMM3gXP3m_Om?pd-J!2^@Mn!bQ zw(fRKezAzL0Or-f2UW++B4iL>i|i5COoVIw?*R6iQ(#|p#64r?M;)!tahkWKyU;YB zz7dWjYagD%Ja$2ty^%15=3Cfb7}X{xH2Zw_1bDXEeyAA1H*KXsnD-dxVlvxltV+E< znhOPEGCgywKoisYX{wg2=Ev8`<uzj5WUZ8 zVDivUA@%z5$Fd2oxyOn(-^G3(69d-WkNk7Uj%g_TF%Uj|6QEMBdoQrqB*Y^R+`{Y$ zZLS%UR$*9z?j+?wPGu;7U7r?vJGN5nX(;KDP{jWu0cj}prhf-x3E+H%PoJB9Or7)T ze7gJWx08%FH9F2)FcFSn2I)+p&OZn8KmC!;s8738c$`f8uoGA`q||h!r0;AP@=)^Q z_o}L9qre4!`{d6mp6bECmw@XBe~%k^j^L!b1Oqv5zd-99Yy#fe>mMA`s^iOrOj}~U zm3poGX#3L{|N1&D=49MJu9k~SRffQ>>D2+PjMgA99v46R<+7}$1Xb_S4}^i z{P`6ov$q;SRPTu?o1?3}fsm4WTy>5dLkP+V2LoTS5DbTw^wHM{nVDM>{r*$b$btTT z|0L~!m(_mXvc1_aZ)Q<6NEtu#)FTOTv}j@_>eUQ+4N2EuI`_wtO(|kOryUe z>ug{b+Q?oZ0LUDvMD24jgY6-RIn0rX$kihbkgLzBoVkRGK(;yp;7!QWkeQ#nXR|kt z$ZPE_OL$nf;xL)3<*b_*L+pkdvT8eQiaBUa1@!<- zTciaH58Tv-I9k|eSMJ~ggYDlk&^1^Zk^Mb+ST)CC>jYkiF>~TCd&^+imB3vD`WA{< z$kJH-j4K8`EH&19Leh8N?dTjFY+Pb~>u1Tq(bP=QzCpRTCX_%dPG(5 z`J2MM8V&`Wz=nuh*jr)({15c*Wrf~1jxtKV{1rzx;77%0z-(l+Kg`%ou*~`Tq49+b zhf}|Jq(*zwv=vr*^EJ-fHuY|8nH;ZiSzDj#jSc_6pXRhxqGa^g`HA#(?xdytUx#}W zzx^QT#Z{>iHsnb)b26&Wu?NX!vGp7H6f)SfE`|W=Q|IL|aH9|CS!)q;TSdNbqGCs4 zY0oK?mi2rri%os(N+TsTJl1E@9Hk0nN+o6G;Gm%UQAb!0A5Q%C?FJDdu>BY@v7p&m z(AjzIcA(-|gzo#!P#iVHy`RI5shB+(xEF`&Kve|?H*tyl(xf)tevB@p7S6}8;a2{Q z{G&6&ZI=ZVvCAmdleKZP>~&pz@*vbo{4)fqXtwXx)7 z))037MEH9%_zZh+gZ@1HZ>MbiNH@)tjx&1kD(sozhR!`MA8z(^QJV~f=ronmL)bD; z-xq=N%iF)=T|&0(kY0j~utpqs1Il&RMf+e?>^BPhkvmQ5&FOgtw}+PPL|0Gh;c5j_ zwPx7`v60j%s@E;U2WrG)M;jDLSVBJ&j^Gq*hKsnFn41QRalBo2GYKml9j{qp4iy7G ze=btQVC&a|*NiJ!bOZ}Jbr||%$}H}T{C87R(B6rkT1Z~2r=W4{pUn>RHqq!1zCE3Z z2ThURMykX^RC*-z{mq|9zT7_p2Zc!_|#1 z8VKhkYxW!s`bD@^O0gB}1yz;yIyhs7!zp_WaR($xSX>Wf4YZZ0co|!i2ws11B>ZzX zmE;iB)ZMC|R-t8*+~WGr)GKdbK|AW+`2@%zKe-%?U$>;_bILb$|wL;DE+;E#%58Pa)!e^F>=@;GZ7? zJiNDpg)Owa^uMI_F8i80HO=p1x9+UqD%jG^$h1o5RsI=StA{%t;r@ESZ}VH4MKOUx zB*p`tgGJv{9>S$W@<79Xv4y+|VTUYGvCTH}>_L*?ok#{vG?Pj2pRKfPYbY}ReKd}? zqm@oE8L6q}Wf$7C1fRkYl||y)v3%mPyVzWj(OFEc2vUoyGH8 z%$?(_T^rLM%@>->jt_=wKEK7%zp$V~P|Pg_a7nX{gojq7+TZvjA`frdR*M#Tbvz+< z1C0)TR8H`KX^IdSGAlBU1mgkE8Ew-zMr@TPT4_jR@imi>S|Kl@b%uU9I@EZq0jMYy4fX*-s{}9Zs!B{FrE?$2JZ7VHe(QWSh&w7gW_cxZ8y_3(x3_ zUr_#ly{EA@J0e}0D)>6psjpkFo#jwq-0!gfK6Jsu&n)J`C5>t4Uj*E3e*XhaA>G+MOnnNo!0 zg9^GhLBx-phSyYeB*WGb7c!M#*;J%=L5d~i(Ou?s9&(hBVu7qv%JA9ud1t@oR{E&6XSZFZT;p5u7hFL z{9uD>d+OE^wOJ8uymHOOC9T&4khOZ(Y z?;{U>0qY%Pe3!R(1R3C(Zn}p^=MElc^Q_^dKHeu)KlZLC7;_V4spNIgJh zATsu~Mh5TS7dE;j)kEN7?sxI&t0-4#&%bSmW0YP2(>bslRn;Do#Xq2$;i{6q*1L%A z`BK}=&F$crhUYmVnegq4rSyZt+}yc$WehqZl%0*XB~V<5uv`iqEyNkPK)8jTljkfx z%S?*9by-4bURw#yRISBi66rUxC}-2Ci)3zm+|ooVe|ELwdaPEQ+roC>h+l4 zM`b0X=`Wg#5&P6lwUPaZ5ck8@&xrkS$?(k{=u2e|`M^q8v zNmsaz5abbdBNc-{<3uUGO*SD6IX(FcNxA%LS<17MeY3+#^?J%;8+$f}mbR>ZuAbS^ z4y63qb{&cy+4oBJtva^OKXdho_C7@T&n)>7O@2qA<;6|caj>9Q^p*AXzlaKraDQA( zS4S}>kDONUOu|_(ThyyaOrI9SMwP7RpEr|xU!IMdB|^RX|B#kGt)U~t|NV|W9Y-u% z%HvHME+yao*4AIH8`*ndgP6>0L2!Pex4!Lylk}bhFD?)FPLaT6v+cK$AafyTWcJv_ zfu-WiOkEP+SgcK+@3h&P*q}aAnxpI%ekn`u{^z(IA(sL#kD>Sd7nNomJw&@ z@ko$*kWe@2ROx@#5t5Qwer1fS(Gd57KEmlSxnR||mp}r99EUS$ zE`wF;tH+$Esv;jIY(<2#klkUz!{#At@<#;@s_Ll3WHQ!fj&|?6y=P9kbmtLWdfDdq z^3L@Jbqk$KBhMG_bO_p<%(i%9;>QH$WfN}3WJ@q%_qMtyU98db*(Wz^(X23p?V|9KF=F-sJ3+vJ(B!*xk2T()EtV z+I)e>@rygo_as%Mn073Kq(+9HpA1goLCUHl{>SER9ior5&qodTPRPf*o@HB~Vdx!U zm>t&PXpdS*{Su_zQAaU~jn;XvnIig0j@qQKc6lM>&gABjO8)AI-pk~$i;1`NM{)T& z1WYS9{a|fv3D#CvvA_M!B~vd4jiupdu5}~#bvgM2#EB^Z@E$7J1}3QaHT&Z-Rj zHfie9m#_(E;y&OmsCVD3{9UH!&%e%)6%rea5gxd0IELqVR)^2vZT+(s?mISfZ`S_-&!@cn zse1mfV*8YPx6Sj;o|3~t^ZJcz9wNHxO1GMLpC4bKsu&q2PE2ZWw!!!P&7EtI zB26n7OCYy!vO`;Yi!maxrR^h(QPx>CBcu2WN)eT4%`xDz&Cf(u>u!*ls~7jx{r;f-qDj-Sxe-lGO}Ej{dxIk*C-6UXkiK?b70~5Z0W?S0#1&{%*mPqN zYjw=Awo@$MW0zx1lg~&bJsSf*&ojSrbAqm*2Zxo2Yl}X<3g*fkB0ke*RJ{4Nw}70S z2$0Ve#y{$r)`0i+N>?k3Y3@>XiEXbXb;G1{Ygkr8c!s~%pQoFX`kRUean6NNuD>|M z7rP~O?Wd?}G;$oDSXYdc4ChyGNG|t!Jb(7g3^myNOUH;6(BB@(FhF;XY%8k&lka7cAbW9`*YXdkaOcwR3mzMT@{Pa1iI53%C?fR{p z@jIDnUkCP<9cMqORNHoh>*Q(SUsK`XOuV{i6*^9ZAAsz09Qb|ncI3Iw>CFN`c*aga zPn-+Mbd%`RT}#XKUe^(pxz&Mzd(&$Ja+Yk=o*ohY?xDoPwU^q-_>R|`D$|V{ z-|(2}p>XzW{M>hk-H0aMMOr|&Y_Q^F)#IVE+sz4^p}xOBcY~f#xS-MS3E6nj^zj*Y zRAg2|UcWE@ZteVB*|`O2v1{?>jq$0trGn;jZ_OSDT^v%KD}Vm=;K$A1+*vhGYm234 z<2`>ZER^fG08&Fhn6TRpF_ zcPN36MHL=g?s(l@0(i~4kd(hsKlvJ`Tw}e>dz~1cGMH*%QG+5ru{?x{`bVqB)j_IF zg=3P|v<&q0G@U~>Lf~bTf&mNBKe>-^_Czm(?F@Jsk1Ok96c8WYS9QL^|1Oym|NarZ z)UHL+ib>QBgF^8Wp4*v4cdCa4*00qpFUKfwQKC1-W98&u6*^y2A+SI67fQh+eG!Oy zd1oZ=`eBB{Nb+TRw&=Vq>1OHEj=ShYRSX&6aCErE;2*y%+Yrno8C(ZzCE{D_`IoH zPBqOd7NScx4;#xV@#oB|>{(e$BUcBXhz!=GD8|qKDs^R&unfz|&22u|u4hn~o_?!Y zY%M+MPDFJrtLA|s06D^(?0xCds10Hti%y!XaHEV`5@jh)|DEz&75JSDO9(5T(G8ZjrdRx{qP@ z1uM5inf!uDfg4WY&-_>Obn)aru0pOJcOc6~o8|cvkKZV65oUC5ioDE#bL%TxiaOY* z#|J{hebC0tH-#~&tVY7r2isk%Ujra-q} zgqZ2fO35A5oZdUlO!rtth2d`-bQH}p7b~ zusMgk!&7A{5pZfX0}k6GsE#n4+k7$GSs&2AO-1zIk7R}YA(+NT9C!O#Qfh!_RCDYm zH(#Cl9z&dg-I}y#|?Wl_wW)D!;ko=}O6VFz|3(YTs2 z;zM!aglHu&Fl)`1ckOX^fmI2G8zB9MZZ1V?pA zuXI~4GgR^LynRf82ug_*id{!W(-g?0th!bl6m0TR9u6Z=WA z!ZmS>UYb1&wH6dB_k4?cbRb5}j8ImJVevt)?h&8udN;Rq>kJ?FT^Vyy>m&4|kROy0 zMR9hdn16lUMLk(P+?x@$>Fn--hBx{0_>ym&fb5g&R=_D+*VLpYC-+=p-7E7Vv@g#5KcHLwzH&BhPW*K%hxyD@B1bmI898A zV-TBvDI;5Q%{Qu9Mq7VH_C(|etn^sMF zs8jItA5L4u^5@F1lT9>lL{ZyUW~$dWN)wNw^D0IlJ>q>-0%PEx;P)Y>0bRr#3XD02 z_3(WFg-i8=>q)k?LGW%NEm{390^H{nx-zsjsM@1{b{QKUI?r{%^P%!%f`G;R$ zdtN*RgK6pK#wwpMDQl#_1U$11KWen$xXN51AL^>iy?b%2MO&VeKTFgdKz*h}18Io* z?mc8%D*a9;iV>@AdJTzfFA@ZE;^a)>!H)6Kj}FGgzNpC@^B;r+fq^0l0!W>lipsTH@T01M-fiYHRluOVXImmiO4dyGEpWP?a;h#U%HPA8BqlU}^+!WD#X z;JOa;ewOE$sllz4r&FaHYGoHJ3RpL5*^{2z#Z4V7caH826R%kpgt1(otFAsHUN)H~ zW{&=A`h1cyy@1kX>GR(v_9M1cLn$UHQ?J6}0NzQk5*3o^VnM+HVZ=zE1x^{#}O85?3T4Z68BT`-wzTN-zAa-_TpajgH{;4GO%7)w3}|*FEMD2(Ff`A|d#uK&bk!>@jxv=V6}(&$T0t>YC;+0Fy9p z3R0Mmmy%FwH? zrk5GLInZI8y<~q}p_6(<`AZLR`;I!WedNJAD3)JPqQE=pgb)(AYm|BW@W#+ALyOI? z=iaj_T^dpjsR~tR$Jp^Z=}H?vt<29zo^AhNu{t?QFMS%NuF}PZq?^#)s?VR^%%NgL zAs#~k13c$$ej+9Bt0OM6kK08&(LED@uZ<54A0}MkStK9$^@y)MB1<$#V+rZ~B%-TC zxMesUV2~&}6LcS$K!DZow^jXRWgw)p;3~@Rqid5`v<)S}Q|h=pAAqtE>SVe_*^{`F zhz21eZO=!oZs6q`-=iO#vH%@Uld{+Pxk1@ehN69pgk%R>3u3xV6|0G+D+m)XorRqh zfIM4wCTm>zPevc6a67_Efj*E0M9}p*^0y@^hA#iGt$(rG4j+9zX*YAFLsc{xB4Vw3JFw`x4$c!Ar=}JxSnxI>reZl2_VF zOh{yT?8HpvS{iELp@wtHs;|_V*64GWmV?6wK`&4p)2rCwSnt-rlva+qGI{zQ&KbA zkN4^rZ`wPJ(9hk+OMjpxeFO1fu%mf`IwlE>JJ48 z_WWc=hwRh>7G_oUke=YL610f7cOP8n1`MM}h7MHJ>OTE)Nhq}Gd7%j$l~Qavq^g3b z)hcHB#<4~NY{J7t4u|LWim;De!5ajMH5IjvvDY?#ntg3Eufz-wOP5OBynysl7#v4j z_GT?b0!IMMRL-87R6nSCTmg%!%4s7|hTlPPGTxy;6T3HpNu4!foYO7K77+vPJV#u*xAzip}ZMG(xv0$=Fr2% zb?K5CBO{}el|P!`^p?_`)BD21%llt(IiaXXSXx?|>%xWa0f&GqmvHhJ3Naz)V7Vr> zu*V*A;f8f%;jCdkj5|1xhX`+;$pvfVHCgh*Gn)*3LnIv}%D@c5Gp%pg^Lq~nuC>Nc zf&2Pv*)93zt;xgP>=SGD!T0Xnv;3P&>vtq+HVA>>d-gYJ;_2$kWmZU}O-57Xi+KV` z>A*ihavB}j=I2nbovqqG5faM7eL?B{`}YM?&jtv4;^VgkUg}_Vm6Xf^H7+i$k=-RS z8lf1zJA@I#QYmCn5xH_4iSY77GZ~Y5!HP&XixH1j2Pqq}?nln^|6SSXL@mY7VnrPm z9v|QMfu&&gKiJw+sF#B}xGjO+%w*g^oOFM#7L5~7R)O3fOyjfGa3e5H^U*>+a`Bu3 zmbY$%>e#WF$cvXQr2>UMa3~Gm3;;rr@s6zM-6HWYvI9i1fXr#S*D5MSPhH()j}sj& zZ9_CO=Y-7l>$?bzbKX)dZ(2rhl6vo^@DfPq#=v`SJ|n< zO_V>kE3*L94%+x5|IZY=)hnMi3m3XAUWE_p4;moXJXUg|Q3P zi(TwIs!(F1!=k>{wVeVHxBVog`QYWIScKPU;n|-cPy!0g=N6BqrlzWxt*4~iH8Mxrx_sgQyFcYo{=xQ+jtEI}b8{74U8~J=q@~qa zjD2|u8XblKQ!P%L5;hsB=Hpkt>pry1D;GrFzcGA|mW=d-LFo&V$QWiQOz&|V92jUg z{^`@F;Vec;5Y(&T#Qba*t;=v3zvHS-8w1%P?9gQbtV;?LjyNg~x+!(epgTQ;1`jNO zy&jFqPlDF&zf#-~aTDe!gB zR%jRWv?g=CtSdxQ_kxf$ZwbM)O=tdipTj*@IE{8Ha)VB|gWIuT2r%uoysN*e=!xuc zFH>O=a_b#u1z-Ln(2y+m(PceA@TKeHTTem_^}}jMv_z_)g^&j8(1@g~MxWPAcSu$s zDKVE}nIS zxylk=2p=LdVG@M33+)7MFmAy;-*_$d&BgQP1_yP|m);@Vs|a_Cy*=P@U1X#Rhw^YC z2;Te^w*!%LKpQ#44r-x_Q*Q{$7V&V^VLSLt>R?yIGAya-jPb#x;_`bP|D|!%MlSIZ z5`bX%UROUMeJ#EcskgpnA>uI*mT3Eep`zTb-qB+#cKVEsL1v(y-&G*XJ9y{s83i`XsOM5(lF>(Gmb8SJ{y+N@;F2ALxPuGVAG5|jMd)1zi( z<+jQFrNIJ=6d47LbX+31N z(D+p4X04gv#Y?^!&A!Vn3yotLc1AK>Cr(IMqRyS)e&c!kwn^!7)i)WcYbfwcpVNJd z!WM0QBj|%&BsG+gTxmbrracW8+v}m%?acWo(81QR-DcnBPU$MNqq@htEBZ!8GL>$c zN#A82iwsX$OFp~@bzqMyn+9nV=a_w}b#@RV17hVdG%n*Gf-jWQ)GhaT;3yWp$&nKf zV2DvieCNg^FYL9!8~wK12O_FY&fk>8*NWI?DGV})3V{jrB9j4F-yQ*VW(`gqP5^aE zct=-xcaSDGtB${43V)>Oiz+i7M5^GJx1>?}{RVz0PKGmY`E6}~YqimnDjd-$8O$E` z`XrFTt0#0?oqez4!SQ4J|Dt$1HT$!s(^br%V5HsgT4kw$UbOJqQ;j9&rKHKD6iceon)k5o@;Tn2+E0iHn*9|J0AR{s5{W zYJk%CvQrsh5?WE@uH=k4fO2^UlIg9QemL;qEVZ0GKs8W8?zUGxJ-AD_A;kV7n5gAA z!$B(lmA_gWEZhN*o2uBR$p2ZR8bYA7a5%0!8=$q+%w-QwpH8=UpBRHc(2%>}vQ5oX zYHl(U(d;0CzI1No@w&&FBH#9TMHwlg{?X*JRhiLK1bq`iE9{nfOJF2J(a6Z4{`u24 zQ}0FOa2MX~7CjeFbfdw795}RG-(8Q&jH{mT%g(%ZB>2)_Ez1mc)^zY|JmO*!E}Hno zCk9y?6YuVBq_~Jv&o)|^7Pr^Rm9P@g3{@5vF|NfCcU7bq^V{-CR7Cf~9BU^|Bz4Sp zy6z=Cfy$vs4>Lz~%pRST=3?(NU<69HL-Ob@w*Fl{{7WBNN}_G3O*z5O;Nj=wi7~ox zbjRfN)B8v^>t*KDC1p<)CcjbvR3fVG`}e&&-~YeG0*C>iAp@u2iqwM}CeR0fsuo#o z`x?cbyx=CUA;hB!kGnG3uxN*!PKVp}k7aRGbV=7lxs4NNBTz|v=kzH+bZaeP&505E z{XpK%2`TExQ()+pdcS9|NSJj9YeEGRIDY3XTekH(@BqZ9YApG^9S?a++evwpkaF5S z#RH)7J4wX0fzf}@*A{8Ks^R6LCPzpeVops8zB17$G*JtmLR%M=F~w+YUj{`Q=9$2d z+pmqJZ0m|C#tRA*0Wh;PJCiaH2?l@BnxeYgga-2#9)1OHx+nyRY+#U{?497TKvhxH z=>3oSx%1y{wF^EehP6#}Z1fNTnn)T!*E>72O+5_KUE8ZNL9EjYR07ri2*NAyJ|>G! zunQw0%{7L_3s#d759Msm_T1NN&6S50hh%52MUfJ*{!$n(pTXq%`GLI_4J0qJGwq(= zyXBa$wVQ}h^R^-vtH8wGadOZQI^9*UaTggi)Bh6F#p0iD+-(>fq~_vKERuZM{71|b z)8&{F^$v$aJD1)s<0ILqm-(lTDR*JI=bW7G$~!tCi9P>OhIGn-8Peuu`1+4kMdCy< zAbz)|xy$&S5fs>mPp^8NKH*!q%2qU$H44>3FX8~AuPu^E2teQ{ZbD*i6Hpd`RP=Px z8lnD3g~B!--gjXZBbK*64<#f)G5^9lfP9fvJVV_74*o{%OkZQtu*RF0$b5 zFH&c~bN9RY{<0-Prx8*=tlnC3Ab7N~`BKEv;&^zbXcpsehw$GUouU_ZO1-r;X9)g4 zvABqZjAD5lOaYoRi~-6>+cNJF2H`NIuK)byEBi7k0C@CUlPqfD$~GN$BI-@b_1VS; zBNfZPdzocF$|v97+B5KPR`@JXp~p%ec|=6|{FNKBM|=?Cj()iXiNi}zC(!og?PYU! zpY@tk;sM)lZFC6}82x>}@!`|Hq`{JfA%JnSr8HM|x@Un(#z6%A}dlY!|f?bRa z;J5(i6vYzNmnG^oJP_HE=N!+Ji80qzwKj zkOCI7R&y@IRiMb&wU!>cV0>x&fn*nAj`!)L){TouU%&nhTA8ym%Q^zbiS8Nls>*@Q z`c3lRO%NX%_~u|obH2}yE)n>1+>d3ig8AYAuW@5pNfQ2*h2PIq&*#JpH4H)B zcT7YxHB>^&cUzx?j!{!@9}v^n`^3e=$X&C`VGtIc zg?|1ta)u}Gwr>jaj?~M==p*>?4IVO3PJItj9-?#R`8MnTHV9EXv^94Y?Lc>Se$fwB zY*l0$bc_iu`0C)XSDFRKg+CTj;{6^+UEcOaec_2X8)V&T3=4u8numDg=@8MLM!ZGw z7yP#0IMeZ>?9T8{Rpgx}sAbYN!dxHZd0y{-2!LYErKHxnTk`wA746??Q$jvK70FH2 z$=&^{`-u-kDjUIsXot;O@nH76wF;fedEySu73f5KgfcW)zUR5EPJBjWvi<$fl*+^^ z#_sD1q-zIdeS7+}|5kMh;kzM6gq7?S5Sg@SusVR3vCGL!?07K%**-DSiCn*$51QL| ziID(L3g7EIXo><$9sM=_pVD;}yx#fn9nM_h9mCyQ!lURIrn<56na<$x8JB`zOvNaT z!oc#&4@`^X40rnEvtuzngC+}gHTcH5y$ek$5U5d?#N0;&45)D+ak_XBatL=-PU-j4 zP-s`fr;ku(H;TPHEEt<&F9t5i0x*k*=DYVCkCKHOM~KB6yJcMZv|Wj8Y^cnt4=;&`amt+6Ai zAJfz!P@XC?3j!^#Rjgyaqjq68G1o}9riYqONsmUCOI)F}JI}%tKqT+kmP5o&W#@q5 zuHrHObqxhR}1^o&>k2#yhhgR^7 z!+RI&el!MxqMW;lX!aTD9RXMQBbvpMsi*t>Vetoxze-4U-^0V$m*2~TUY$zEe^X83 z`fqV}NQ|Oqf>-eEDKa==>lnYq={^6#ln77c6#`)FOicVlEPoj+Pxqmxi+U|6@lMSx zR_fH0UWzI^Hml%J=eDbjjfighy5D$~5I)!@V?Kk7|EU4qhnH6_lOX81m8{ zjtyF-!65BjxCAwB_4{Nn)Y?Gc4ERe5{kbUjynFQ|xmm4`-A2P(H&{B@ssFC2cc0j7 z7j1jH&>0bKB?x^~2SxrnX-*24DY^rr?>}m1ow2>DJ-@TaovmUxK%Id|wfKQ_uSqaz zFS2$-ChCV%&o@pbK=Hu5&p2gg^ww3r?6n!LvQM^wm!|={DQHz0^QHrX%sbshilyoF zns}kNasRPqLrkw`_<627hkQ{PpM+IFyb5SsOlsAvy1gpX^Py1&?Xhpou|Pw32S(uI zO(nKDey?5VBKK(#xh34i@IcgVz6S4|H3A6Z$hk$z!fDA^nc8)wAJaX;a!}A#<9pxr z&-*0E{0!2&4b4!a$XMb<9mD2qK2Cg>1NBE@Jr$J0gosLT;C6M{WKiO}Y#LLxQU5%Y6C#dsHlAQI)wJl$L9Unf9h1~eV&@of%*>H_NnO2^ zv3J_&MHCG~Mnm4IAxC+kik}{RtpaXVSHK^0y$rv&@|nl`EwW<&ed(R{QqdXR@ja{` z+Sz&9*YS|pK-CCV9qT$zY?DMTlYwe|xc#fSsi}(PE%*#G#A8B8>5#?3mmZG(;yc0x zG0A#S6?%5(TZg$y#vZSDUK^nqySk%fY=}>AMM)n#dE`c1wyGKbM~8F#V*vnBy#E#HXF%q`%5Br zRUOR**?u=jkdobb1TROA-mc*DMoQ}7x)dTvl`WcIUiG8-m z^W+`tO;Lh*^_U~P%rsXMT7I(m_mYFwkta{Jz|VjFGuh?YpCC zPYn2d1iKI72USJ2C)+c6oo+;@_a<61a;+{>vro3uwEqo0B=(6d*4-0iGQ@?Q!Fegi zDg_QaJmyosBeKXTRbUbqDVL62&ghWDr6eqC;9MtdA0(XatWXsByPNF`#}LwHyOEZY z&itBq;CpAqUk@g}O$}8Hgu1Pbq zHiC1AN0PJN9;JvVdIK0D?5I1K=ZJj$v47AglFuYE$6{SXKgej|Z~`*;4-vM}r&16= z^PSdOg7%KnwAjg~oJ)UqNztj^ue9bXBUJ4bFSM!cF`YSv9t<~Jw0iR|yr1wn(E12@ zBPv3M(_%x`XmHACH3p*Ds1FPIJm9pgrpY|n-jJ+8_a>biXsg^9!;O-$J(Xyz<}q$~ zb?TI*;G+~w7S`3GGseJ_I8IZ?2fdH_ohlfs3F`&q3zgdR_f#wYi!ml9FzU@yw|hu~V z2B|xqjy&bj&*#|Lj34@q7+Z{Yl7ytbzK0xiA;rVuY2V(B(y@BF^wrwQR!#kqcl=Lt z##a&OpoYA`MiYB@p}oII;;GTaG=Fa1%bRhe>ek{ZPb{1xDm(|5eTL15h#tb~I4Sbh zmxh)*O>wds9hCBN2mjOKp8H&K?-ZFepD(MhjJRB-%D!f1>3K)eWN;_2`Ma-lWNNn- z{)*rc$i!R3el3a#qAqzgUUe8MYd&QcQ1$oWW^{SEiF?Dikw*Q3&ONO5ac=N8oheJ# zX8~;MiT!ii%YFO?3LklIMT83(H%kGz|)eJ00^<7%9CQ~_9U8N&oE8TrO ztZ8`(0guamO*|?7`(E_Pm;glk=j2?7Z_!bxBq#W4===5WBubDaA7k&Ym-w}=Dw^-K zW|+IQH<^K(U9k21fs6kH6i9dt4UbSJ)^!)Lkp(*?c>HaMO`kw2^AAyZK%8LD2Bq%2 zxp$=6ODrAk(OzcQODBc2JD>%GqXU7eU|2{^pwRF`l*g)d;>(H4+)N=x0a^rX4~73u zi943?dQ<`(`S@a?%yw2vi&y0(ROdPz$ zuYy!9(lY24{_`t)8yI|?Ny}!{k0S3n+ z1EpIy_f$fwxausoB&WR4oq_wh78x|{#6vN#@@aH`Wd=fH{FZ&MQwQovF_tfE961CA zigco0eh{D_&=%;pbvxclkw+TQS+Vq{mX<$^vMzo&6B-xFDSE};^LL5HY<$?OgtB#G<+KxS!d0QW@Y)3Nc5UAEM z>RX}Mw`GY4a}<+1i12Urueu4WhEMu0%%*-A zPQ142)P5WMdBZ`b?VXz*=`6yhNN9Y*tuq=T1`YIq8whSj;b|2l0p-Hp&!{v8_%+CE zbFoWt4s2TWYO(NMHVLr<7w<=j1zL#1jv5XblyGTRf!PGw{R!XbZOd-U{lFTK(JOgJ) zDS*x%&bIy)!y0}8U4he%^F%)04i?Q)m~asm%}0}xk=6lGuC)^r43eelBeu7gG)8+) z)_tyEVm1Xc>);aSIub?Y+SFKGRWrmH3rx;Z(nDbF+G6 zTyf*#=`52Orh9~(2C}Q2=S~XqcZIye_79x}x%s8tEZBWuY_Pqgfz)pipTt~qaKHZf zhMlV}pwp$s*Ya|oM{JE?RIWaug;0)q$~O4l&6NmT`3T%6WaqO*)Y zc#B76B=1W=50Y>;)j0l=XEZV88^s(tyvwaoKVLaw>6k@F_tEaK$4CmG- z294s&ii0iw+air^q|})uN_FeYF;DP|VSaRbmaxBnc^n(LdF{UwBmAie88Q!9o%mfy z)rBVEbrnH{UGzu!FH9#fS0BPIynVCnJKE+$+m1TFBtpR1NLC6XYIqs9^ujts(^QKV zEA=fX+uZ!z#4l@AqGf~&hsYLf6d045K2nC4SVll@!9i0TAieHIXP_cT%6AtUUHd9N z{Ww;rE%O|~1BhQ1HpGPtjGWz2f*@4LO9bh^Z*Dx`qQBkZ0WzD%+0Q6*Ljf$k5j_K4 zd#}|xVeA_s%^(4<=qYL>ekF<5%x~scC5=2K`HA*y*d^Qb|3fsuPkK8*oF!tyJ9Y|# zX#M@;Uu~ldbqC4C2BpO$c8&-7CGbwiT4nVwen=NRo#mf7d|%gQi~!W52=FfS!9`|{ zg+q6yoE*l8(@q*3=KBLcp|s>=bvfOjf}9RZRQGM=8v7h; zQ+4m3L^**Z^0uxqrZbvzA5VR|F@d9LN8TZ{l+*1RWoFOn7R5$0!G3<<{n=l}WiQ)(DS&tPT++=d3JjRQS$kPMsu zo-9L|os8bjQ;yjU*C*;-lhK6C0Y@(^JiO`t#oJO>64-sNB{$z99!aOZ!9u~c)r6G* z0EcvWiI0IA=wa`dHz*uZ!Qo^T(qxTO>$oi%+ML+wW2+ZQOI|7|6ecOV1=0eKgwm%kn4gUVuCvpExK>_fwhFSE?=*J5ilU0JoeYgusj-amT znX4G^zQ3;+(C+MaTYqIil<9W+>l15uxy<2*x9;Juc%YpMFaP{TfsywI?}7yAQiv6=b-TwjeeOy;4~h4sjT!B)*YJEf+ zLIIhd$WepOwD9-$n0~kSe<}gHNRR+W>>vSlCA9pyx-MgHe)i>bQ3O7s-6^>ocwxH_ zi$YiipzosFVY-o9{2|2RP?MJLaoW2ynTp@%0LAFlb;{yu$`b0y$ZY0chdQn7$_zoS z@qLZ>7N9W|5_>xjg&JPcAyvWEHtqVxXs6~|ijX0Hpy$$^4Hj7E6E5BAMnxvtY@O}M zUm7@yFkl4tR=n_ED${#6S$gRm)Aho*(2=Z;pMSW&e!V`H2?R4d;c?Lp0fSmN0 zX(i3jEL8MAa9mN>!=qE{>8s~TOB2>i;`U+IMb^&;2CLRMA`KrK-1|om&O+SRK^h=M ziA6x;Jt#94?9lZW{pJGOMZYGxnftQ9&OZ%3TF!I2p3X7$-m z?FJaCi(Z>OJ*s+xhpF-Ll~=^?KP34AubSWe`2R=Mb;ncvfB$br8HExOqO9yn2%$-` z_g-c1%xpdl4awfKBJ;Z0T;s;4G7`z&WyQTHl5vgSd0%|$_eVV*J?P%|`}I1n^E&5w zp67W&Oo|MuAYpP8R@XInDc9}{1%alU-C>Gfri;Tj&=uNZE=-2c~uUlBGB4QPO(LG9LzJe#nj&H9k%uq#NlP**X~ zSL=--Visz0a$2#mI&oKT+<4S`btOPaE^swnP>+TDKg<&hafk0|<@;-g0BSls!Q8_p zlM{+!hFXB>+dF%>YywGIP#jF_yNcl4eR^1`kl{PzwWU7oZ@K~Yz1Ip3ZlH)9U#iyE(U;>L=hz)i%Gmn~S^O zH)S$;#o_aMcJx!KC13lNoWQq1`Op?XWz3$*nELSgCn&dz9 zG}4{L{wx9Cyga4$>`U-Mo%4MRQ{?>KSBiu@$upE$)78?CkM`U=HSx#Ifd)w5o%D{e zZP#~RPJNzT#*b&{m$W-xKfR~>K(~MkZ8I7;?6q=L%Kz1jPf6ozqh4X(@hqF}BA0Ns zmaLsliXAgzMX2eATW`?6h2{^IyE+i|Cv2ou`*K+fV+BM{?JU+O2K~CVV8%ihDx4~7 z)XNtZ8z0D~QR1nffXYHf!qz8trHm;M3N@VLqu0UHpRdb^zgWbVpYxl)z#$B5;*c7b z%&9Tc9X4BPEKe|$;9K-GYs8=~;2H}Iy)V!m)@C+8z-KU8btlG;DeBYS64(Ge33aD< z{;I@t4NJ@W?c=U{o(b`Ls&wcj+03u?=F7r`171zWPjK%Kb~NqlSJh|qMJHe-=6x?I z=@k^~>&(TA2I6gNms^(R%$oMH8TbGQ-08p-?z6C@stSOSZi2rS6_7l$|U)4=2EK6Js226>g(4ZZf)9ZO9;9jxYfD6Uca5` zGU{o>@$eSHjou5=>1+Wa5q?fV#2pU}z5EKNJ9$(~4?^TI*PX5hB;UTfWpJyrgOyos zN5iVm3=+G|-Uu3ajFDYJSlyZArkOYt(gXsXk8X0+db$R!I z(P@Vix7Z`8t9$q_NL!E^Op+)<6(KG>jCLSTDOIyQEiwu#oj|v^r>w3$;Xa_fXdo>>tLJ3a15Eu`GByd*=oz5 zcEqMV;*yV@+Q&Oje_RFCAE?h>G+_5z8o`~OvtegBJ5Gkk_^mi}ib;6e9uyd=xw|Dj zJNlds!_e~&=t%5sSPIg{)Q?m0W`konxUXi)NQP7#$vZ6T3Q^-ZVY@5%luUNCQVl52 zTIUO%gD%J1i+SXI=v?ctfSs1Yu`oJ6ASt8)ms9EW!lOuESShc%reWsvRKYnB_nRQ# zH4PORna%l|Q1VKs|Mi3I`jaPNj?eFp?(|-OR2ovg=J|lbh`z6WH^ma`YY zB5(TvDW&2&JM|SH4)ap(5H-Jj-ytmG(0?8uYqW1%+hn{|F06gRBH(-o8dc$8jL_-( zwaIW0(eulA7KO5&4H&ukLD#w$w*IA zgF;wR{c>ZGn!3O7LE61G)Jo&AhG@@vzoldGPZ43VJu6Kn9|C4w!9qDH@A9W_LQ|S6 zxHOB0UiAF}9!oD5ycf2YIt4c;rt238f%!wLIEBC$ehXEN{FDEW>+t`|n9F7nXwTr_bZ5P{AkwP+F8flAHcJOo7GNihC2gp*3I!>2m6$dCvlD+_-k83 z-m(0)H)uuX@YGrni>%mk61BQA{08MCUFUDm71Po_b8GTQE&_B_77+P!nUVz#DO?sH zB-I7r#Kv}+&6jlQU=m? zRws8{NgUtZITft(8O^G~dPTq2`}+LOZvw@3SII;Ppl)C$(Ya`1=jV;$X zRckoakHitPaus=7N$9!hW&GXyW5`jC ztLoh|*pT7M*}tK);B91+D#leqk;0-=h)g5c;qvGECu;*(g7fz-;%*Y8(#g;kBGgcg z3Os6i0y;!^kPH-Q{s1;#tCuWb45oc({H!`KKudXD@!E-7(~ZD*3&I-wZ|?G$h|cBi zNv!PGcQ;xk7J7lf-!}Sv^kqqQ*z9W%b}+Sddu&8ra|r(_X|41LPdMh0U2`Wx^=8__ z>|SI0NHQT3>1BGTw@__gz@NLm6rtb# zEm<+s>rPndre)tsj1x5S`FsHYq-W^) zM_;dg3UztP6V}asVmsDreqh{lY{jir!8|^6S3VqB4=58t^!H4(q)#1Kri7=z5v{Aw ztUZ(GYkt=frKgZJGo(JY{S)_81auQ>eYNGDHRC9Wi4hc=!-6W#Z?S!$N{3RN3TqOQ z{}rgyh#~tdOU){4kXIj6`l&`F9zB0Okh%xonI}SpzpTz4KBBsUTGyCNdsVm+6U30TpwIIO@d*1 z=q^G&XgXF=`woJKG`jk|WD;>Q=HQz5zmL>l1>AOJ@#!qGsg`oj+IY>!vGs>+caQ>L zjo+=~0FfD1gZFd=hGopf>B;EEyZ8mz(+K?DqgJ;BzSXMy&&rD5B1U zfsKLrmt-Om$WT1QX3}T*+68LuQ3{K0z{)-HZGISFSZ$ZShSQQ?);ei+;%L~1$g?|+ zh9Y;5$uDVRZ5TD5E-v+INtF4&>lk2bU}JVvbYBRpHkPJIJ0El`$jKjy@?Aol*K;4= zxvBU>%TUw*%kzo5%w}6HA52I>sPKWCJu~a=3PE|^(}Ax*(x>VAqx81qLZr$43%Ba` zXA#%TdrjKehW{>yL+Fc$+uaicjUcBn=+3P>o;)hhl>c_GJ#>sKL=9@xvra0!hCkhE zqIKg;kI+dWTy{0yWAZBfWzQ;{*<(QYeQxmGSBkQ$RjWg-P69HP$o-r(;;@ zRk7x`gYMC2!UiFS&0H%4C>AoktUYZv)j9(t04AT&)D-`35ib1?=#=i!PiWlUZG$l8{s9#j!;(#OzbFLX zLNaa0GBY7MExZTk3!8xsa}!y(dUBey)7`BnctN{$QsAFbXH43ACQ4?r)0Y148Gd!f za;}&A(K78UP;hV=8T7b*ud0GhD4y9Zy9Yh|5%z!13LQlz5GF$!QTZ+%x$d!2CWc6V zqLhjChG*8A1DOx$v}1fEfOm{4ti5@KFF%B*)Bfetd)BphRPopJtHT(mL}Za9EULp*-~6!XICC!4ynqJU(In zCUEZj-V8wz1zZMgQvF#g?I4D!{1c$!I{G5M&KkXAW`!Vy|F#GVD6r;jotfKAbu}vjvBmkjXmH^W6kX@>^ux< z=?%qHA@m)@bu{pS+Xi-qD~inh&ok;HV+RBZNW?Daj6Fy!nzebpVS}0T{B?hrnpgjV zOZon(-_q;@%RE2)s!j#%-W~nU?D5qZG)WweA(9RZd%<=t5r~~sOGM) zu~7kZz?r!@uq*4=J-BWv#0qWniRQqkxP3oq7evv8p6)mIM4ad*{fzxd6G zCGiunI+(I_8;HCv(->Z+z)SkekBs_X!nl9?e!j}VOPB7Y>s~KO0-tN$Z1IMgpAC%C zv~Cgo1JpvFz+F|_cP5!Uyp-4Y(fJ2uu3~3q?oIN_ZKM_4UEy4ts^8!+|E5lY8CKC9 z?cfSkGr_NFZVzGfN*M=IW2G;SNmc#LMaMwYRz{%F4C({V9w?9T{cy5h*G-cE(gtWY z$v)1vBt!&tpPmMEL{sXBbvkrBbeesQ2J+Rtj3&1P+pI=!7ZoIt$t$@pCH zcy6CEnSx}|TWGe}OwwZYS>nEs8wb2zt0tZv^;_f}kk>zp#`#l zCtIqDsb|r4;}0v1?@uBYKhL0FPsni`GD7W}P&=L(@RP`)rcfRGo_N#8Y5ByQHMHh4 zuUF@nZqx`G)teDM=bUU_Tx0Q}kGxYIwiB5KpCw_4En9rO;%$2ml%?LsX#DXtpo8ju zg)q++JE(*W!_HTv-_<@rAQUynHL$sDHwNics95ZA0bcJ5m>Q6Ys;F`H)RLM@H#jBJLDmfp7@BLz|e zW(|<(>+qWIsr=EC!Fb@c3-S{i#>A2LPH-F=>_IvjR3svcp+0|(L_t-r1?Mo(Sj~B$ zwV}$RN6gKgCbjysOJK1c%emX?FZ_S@+halx__V{Ktc%Scudkr;T~d}3;!H! zaoE+&Hi?KuCvG~>C^MfgaOm;Mz@vv;3AJn?gMk4Auj;9f{Zu~Vh29ez51uX-e%Ow` zyXC+6UZ|JsZtVgnV#nA7tthOmeQEc^tq0X_o2(@lU9?TwOnh3l7*9JO>*3Is!R7P4 zhcCOW?b@F&rnsgFQ5x5B;$SCP*|jTClA#SN*|x$#bqecQ5|HN2h++Yyl zWF%8mt1NwD6?s@2QE7BOf6YK2*Y?`Fd|@ARKeOAHUuQ#@KC%7vPJPO-#ckqYZf*3g z?&d4wPFBU^SiVDq-v;AWEeRe=V~KlJ97mBKBU76FeyauLG!50|qpFOEm%Y!`0Tmq0 zDbEKrxz1j0TV7vQxAePt&!^iG2?U+8v%#O z_Js=1iOdq=(7%Wab0imeJqVQMn~{haCaqT~c`klfDR;Q{F)@N~DLd?-)1~>p>WJ8H za6pCXF2^uQ?yK1ErROXVojM2F4c6h&%^p3^hE7^q?_5fbr+>_6YxaA;5-Mmt5Y*>N z%7=`5JflAL#YDlfb!&X!(Gt(|7|Hvdhq|mlhu$^$Qhzgb@vkod1I3iMqzb}ok*+2) zz4@rPINg~+UfmP5-sL{g$o>(x#FoTHq^Bia&XyXN{rXq5$mr#1zwkYj2mFa2_}}j% zwKkKHa6z+FZ)Zj`O}446+*DRBy;yAi@ZfhQ_VtWigl)$IT?cT=(Bt-LfkhJMgLssn zV07w%K`Gpbq(hDJixTGv+EWa~Z{{%P4Dl9^Yub9rVEE4a<8hJbwe2I~12Q)eCT|$S z_oF?j=QIhgEKP|I`j(RQ;+@MQhJ%bfspq9k=2K*3D?=&;PKP{cG4!$OcFuLNjp{Q! zySTc!cKKQ3-i1n6d1)F_>a|6-FC^^urT_RLI@d@4Yo}x@judQ+gCW;Hb=F3r<=$A$ zrCr}%ZC+^Ut=lmFx98{Y>P@$?RiC+gY2628m;P!e!R8{-Ty;r-faSglaxVY@ykSn) z{AHMn>AL;@#12Xq+7_fvQc*SANO2N=^lGahejjgY^(Q^5-C$)bjZ*SxZ z))B(#w*yf0LQ*MzAX{>Cm242ohquXW)Xq92xa#l|GmQJ{72+(Ck*89aUe za>E@KlKoVyg3^M$qk%;sobuK=V(fyk1$S-V0LzRC4LhD9$nDY-XdLofNJ|!~;yfUIYeAoEcY_l+0dSm^qs!|xaWA&~cDkW@ z3WhomCsvi_;-eU(mt2> z^KjqLoyrJz;CFyb?Do{(a4J0lr&=%>T-7H_InlRi-ny@U_yka>(uE{Bp-*s<<1BQx zARdT@;jZ6sprq?YO}SJ~r~e|r zZ?^KJo6*RH2*J}GeO-dHhvW~a8F%Cn7U#Zj$&}TT3jl|TxVw0u#PzUAozbZC7}O>l zRr{~U2fpN(Al!QQE;G~YyGO<-xb^}sIN;D>J9S9Zs*}uTdoKQCa>s3+Zi=zgXIY&? zot<+VaPZw$h6+?qjyyX0@zw76M=r8sNHzX{*B-iN2S<})AVIpmCK)C3twb%?ZOXZL z4-z?}IaXLkkQzy-Lym4n2`aKC40+kUo95lWuNK#q7M6hYwviLtJ2+Z@b`umWc`QF_RpTNB~GnX`lhD12(cB;PFag~k`_!O|L%*m1VMda!*Y#RB5!;Ba1pl+HP8obhpJbPNB?yf+pCua?}@}E$K?()7g zdU?9^+`~V#%n6@P`QRTfG`|_=-KgPoi?^a_kFZH!fBZ4wM1Q?Qd|WzHx9xZP+tF%a zl_Rwi;RfU1Q7lz28$SM7x&4r;h{3Ry6wa}KvGasv+NQKdn^F}+AbQ_f~-QoR=0O!sm3|cP&CR);%Nh*>Wd_PwCS-c z;uQ}(Uq5H(hxEWcZ&pEt|Jr%9qG2{r7D`Q z#&??ZQb}Js^yd}jp`azE8U2Qpd#n^Y@0WbjY9X>@;KZ<~h~9fz_U}2Hx6bbVGM#CN zgxs(|sH$lfkHG~ABe(AbET*pVNZn0P5M7LhS9PSuja+alotQjW;#wAiq-y#`=IxoH zi(7G|hLPaMYV~AvR(_VB>;JrE!C2AG%B%IBW@d&la7TV4IG;RRPrJF*S3e$NR9R|4 z!0dP9g-iFR@28NE;rU$4ztz-if9CIh<4}`@qLF!qO51}&>fsg zRGRqdTV<49^4M)Mbbp4*g?!Y?|@{+^0xf*L$L;)_aSLSwgVe zhvof~-LK?uBysUC)}u+cr^X5MH$~!=9b~#_2OF4)y;)<&LsTt>XI^rPB%_5tATcO~ zu6g^{l1156&wG<469EohC*m5u(HlBRsIUu(uCBb|ULmSY?jt)Tf_NqI(~2jmJ#S7t zeX&;~L9UKdTv+!8inpR*@d?5mJysQ}*Ir0XWn)k?gS)+U#N9wf8;k8r3CWXvG=0yrk0;IuAjgd%m9d z+`QDSY2vM8XlQtdZM4_?&YM~;v9p)u4=Ki##spfVKi`oGOA%5x)!;5F^@ex70Pp$$ zjVkd@>Hfpw@!$my{0Ta&D;2SrR%avc;h#~l&4i?34;p>sX%XML%k=59>Nyq@OizMY zaORH;P~b0J7O4vSC#)@_#92KwWS0`}nv2Cb{BDW-0=|cdY2pTBs;7zX5q$)PfSQb4S)cg^o3)xD!=Kl7E;XWYfxwnq9Z zbvWLZgs>P6?j1QlUxemqrd zt}C+$a&$t*fNFhFh@Ig?m$NQ=pz9Y8DcpWuyG=|vV|s*|*NGmgRN26sp>ww#JFc7M z6*4W?taPo-W_&oa{(eJ|^V%-<0K%mqw{7?*ySx2LTW1PzMaO&p?BWF-hzV7P4SL`* zlcCHJ#jpM<{s@r(swBj3x{gf~;h~ZSeHK!F|#PkbpfMWAP&F1ZeJsi8k)C zT`yc8>+Z%(_9ZGA>g##-u*vynXvMvkA|6Q+kWj*n_zxee3P(E!|6`0e4Syc=(ioqC zfqr%X=T0zo{vr)ipQ*2=u9MuWLbqL@3oC%abaIFk4G1yiiyZKGsdPz@v8eo*eoJ{} z%(b^=m1t~{4C?F$b7VQxYr(Vi*P46nIiLT9G*SOZIkV_@2{@2+1|jLSzj7a4YX58>)2&*=E67F_icVt~X^zdLZ>m6jgSH zN!ArY2dhono%v=PL3t;hr9hkgD3UtNKjZzbtTvC+61ZDlF7 z;9WjEh0x!3&Sr2hLd#@5NLEdUzHRQk_V5JmpMxUEFi=PPDj@bGHkW+2y)^JKWj_AAIQ**+opjrxrHhUbQSvyH~$Y zX)ew00+-3A0oWJo8P|hMcTv5Ks`IycU-9rXaeB8u>f2Bz68E7+=jCgG$ucqU1EOE{ zH<3!Hm3zI_-qAE9-T{}6K}vm0-uNLrsuERB_&4dBYRwO3TLZgar%9-_ALsw_{^w}+ zCdv4z|4d+CD_oRi_#SorSLArcK9jmS{hKXFP95}xOV*CR^T4CE-83xmk^-pA7&1;y zH&t5XiW}{lB!*DOxOXuGVx0F7jYn|LvPU6ow=Ag5K&5Rt`H&sy( zY(j!5EG#Vczxp_)Jk+zBS1VsF=TC&cD)6JT<&-4EV!rRLwSN1@m^nJ~+d?6c<^mjH z1i>owxxM!5R_L5aD_E~PIpRN)Kx{`5;1CCw?*5yt?XAVjgtEoXC_=N|e9DMbuBYDd ziK+^5BTv56*`zc4DvTeSi+3qN9OmI*#1IoqB@mM%;>Cc_u^>SkuFZrlvNNU`6Md2f zZ{Fw|8eL_P=D%tAb%?e3#M{v84|(71r*`R=IF?_%!@l@jh-u{O8 zQ#;#t345F*Xwx?S_v1LEgPk4eU`OCPGy>m20XBsPUAB7PzqmxGK-%U?_Q&LNopwr= zGM7Ov#ZyDq@pRn7_tuK@qY7JI7HRE~;c2-sfF4k~F}l03oX;ropF`n3rpD}W@C5}j zwoF#0c>T)OStroo25Fwx=f~j!Aqw0>f*Pkv@&K;*} zG5@pO*+@9>AW;#2+I$&{g5NVT6Fd-}-g}q5#;W)rJAAHmnwb4=WS~hR5?HFGnpzY& zQhV!~%vg4b^DD1^eBkxLR%#&4LsAc_Dj}B?Wi|<}#p@bK#~@Vrgb2@DUt_{;yJ7s| z49~+V{B0ZIW6#b(j0!mADUaAKzTf?INn)&{>CE zy5o!NgGBr`wl-8B;HBMkM~1bJCw?PI5j%;hxah?mGW@^(N<=fkH3bVm-2?!2 zcDUn-X@V=G=bP_1SRymui9QJaT1AlfAfoc52(;_xMz-y^C`8PRab4DauIeu?*6BjDC*I4wx(kj9K@`kRsb6~ea%K)8m&h#~K=d;Dx^>oTn^7aI5cL@#kq^e-c=1NJwb z_;0;`tb6+DU-U-0M+jEQ+3*SSemaYg>Ct{3raY0*vL{{tlKD)`Gh3wId%NpD;A`p5 zfVvt=BPwkC!oGZRujC}7Yqg2h_E|no?L0yV_@3d`2$x zQ?&(?4U!IEt4UgW=HffYr^`qd62we-kiL=OVWeReU5$M&^TBd6?Y3bed9*^y(Bnj1 zk;HXD9(DJ%JpYW+_meE87Imb1&DSz$|@am^BHk#_EYC?apzP)xX>{VBL)vjtTsDy;839E=x+N z0CQSSL7wL8zVbH>VMwOfr!Y3>Ntgr@6~XZsK()bHL$lDU z_jPdzVMirB7H>WGlmqztm)fJ~*uj=-o|D~XX`|_>(#D$6M^MZTE0A`+jUydc;SIYP zZDbP`+c$D{Ku)5fv?XrygH?dv^!ItHljy;5aTpj1X~vCx%PTjRSCp2anA;>|t?|c- z_fbIX_dh}5WxkGqfq|a^?PiS+g1gCO`|s#eDGjDMgc4%o#gv^BWTl3_oRJ0JbuCxT z&MC-eYv9M@V|#QwL8SBcoYCczy7cIq<`r*pug4XRiiE0_)k@-8y_KVXfrzuNv`E*E z@)5M&Zmo`ZNkU?3a#2JNZU?km)lMq_oqR||&pht?i1#%9=Q+Fcsh*8ZZ5{9euKO4) zhagok;`HZoKwXTONSc|J+xC2pGyz zTk83jCqC(HbX*Y>^;TH9m_1{FMk=k5?H zL>#UF33@6FH#ukLVc0iy%N#j2GbFet;Vsz#P8P#!TJp_!%Er_>%O0B-*vK!jizC@b za`Rn&IrKoq)2>}`pe8=}?{#>|;M-&{;J{kIfZ|WI zyAPn!^Z)z&?&{tB9?8kcSy@@v37z#tw%^Nf-$-voXKe@e>sAeojh5im<74OsjkcVB zepC z8R}KN-?bw!j6h%N!_mUpCUN&yM~dO(oSP|N`O0R2go7MzBrb)+A_vq`dZ{Ym+$(bx zuvE2~L+J`#iyeRh72IJ1QqcVtC@qBfU$>q2Wcj)J*(H3jU(Jh~&Z%d0FG|nbn^vr4VnK|24>44hlK2+ z^Bl!wUNA%;;^N{hlLC6L%4E>ghe^B+pB9uoS;)h{!hOm|vQatdnH}93c@BOl!*Ao? zO66AkR_29jeV040V8Av*eV!#g-m6z*Z-R3vEM@6}+0{4pdliX`H!m)8yG{JM-Zqi% zts4Ip3Uy^&`!aX&Zb9K6qYIAFPrJbY-jP?G^LLGUCy;#+S?CZ~O2JK!^qAC|j6*@a zDT0X?o_wnQT5N3$S9Kj00-GkrhU!nFw$ugc4{UTk7zdf<_OOxq*F+0yUFx!FWW;d zg}vg5QD`ugb8ZG|Jr9)|nKWy!sI1&YVq8PCg%r*V*@VpMYQuFdt{V%cwOqo&s<&?6 zF6%&zIQ2^ATXF9mzYG8-Cj~h=9$b1wf`NCvCFxeJnU8nyHsQUuzr!H@-k#lTQEymW z&(ww@R$U%~FK>UXM5gJwW?+-k=cBJewUgYv_?qX~I1#?5OTqF=)3)|}qaSFKP-fx& zTz4vdj|(8`{_ubVo%hMH&`TL1Cbde=K)k}sdSq+8HfHG4u`q7$eUR6>xPcjz3RnOv z)oL-pW6tl;vo^y}GaUsr5fY3HC6So|lPB}sG3yKQvtm4)*XJ>5Xw;^6>~1|0@hxN! z6*ZVoR;n?nTbL|&cXe?cI&?@=L*wL2h3ET;^P#bCNkVDadt?(X*TO)dFQ1*_g)uZE z9&yMu!ZBtKK?G9Z9!LU-^8>)j!pj7(Hmy-cQ{59m8Ja~T)CXFUFooX3- zbW%M-KO4l8A`ZAxckG$k@0PDxOl8X=3DH9I@`t<%$*GZ8^$NqP<@DixLw{qIhiK=V zq@ji9$a08fQ%(I=d$dF~P~O5xy;#bZ9#nyTn)^~Jz>IcVT%ux?Vc=Q#lPF1gQSP8l zilDe%_*R_$w5;w)0r41Ho#$;gV!3<>~eqhkDjIy)%hAvkN~#?{@?F|Vkq zGQgpXw6tE5muqTj4jp*=1PRQTD2;3GYS=qCl+ikVAFZ$Nv66s!6)+tFs5;+S(b~in zUx75rv)#0$^MB+Y58|O_>grAmOb$E4nu~1XTsOW(wQ+sPMiBK9S5^=^sa}KnuBU;qy`#c|r@B4$vVyLp z2nshvW&(|;ZnA(Dp5wdbSQ)&#t)KqNe3e0zbQD10h%5|1;l!HOuUB3Kl`jgd2LW|d zY7V$ek-!Z1%-!x$Uf^2Lixv6iI@ey+BzUiz>b2f@gcEu`ETOPl`IQnTe7d@HPhYZP zH#X03*Z0mCl9ubGveNjwrS9-yplV&~W0T3H!sXGxGUQha9qIG@|Jj0%lRqhuLI{q@tlRp zJ+BChox|uFigg(oIVBcfbo18eU4xi(75!ee!B6~%b)}Q!5r*H0ItA6&_&JwPgtLYb z57MOw5_T7XXpmX8^BzTTOJM=drpU@efXar^;InzSjkO-FZy!otiB+n%;e4F8-0()GO^c|0+Au(xz3;&xZn%AQQY~4$SMPaCbO|}2K zyIFA3dyYWPRrb4)ulsw*@cO!MZhk%ts*HJNg-~}cNs#cPjdXOn`Oqxv>>^}dlHxo6 z^MV$HAfhX=I?Nn&^Vs>x_5B8QnXfnt2;NVvTY>|B?$`cAw`UNHA!hYu2KGhg>3Td{ zAC@4a?lM>q%%`EMKkBM}{1URZWI`F$Ve=4)l(I`4=cH4HDQ=0R?C(U;`SZH${8_Tb zH*2-c^~k+_h$h*0)qFIP%Ew#lu`a&S0&esVC=KraqKiwF-~^8e8@%U6w=yI4Kg0{c zbb#L{;>ji(LR!y;3GK6(!xT2=6(G$LS11w()iOi!`<{|db|0HA2U|2caH>oXbyE|z z&p3i}CU=vR?H?R5ZDT#v!B>!sl&8NJ;35jGAnK&s7xJ8nwgq+Xby*?=TOo(cTWAp6 zy89GOS|tZWT(1kK-x_5%{dlX07e<~n_#J37%L*(w33unQ0&YDdD$@InL2FNM7BSRsHS;UHfnM^bnS^8X$aJ0J~xYK=tFhpj%My35!#0G1gP*ZRxr&4gRpBk_mtrBo{S zAkcEcsUJugL>o}#T5!3E;(f+EY3hz4vM+uBZ36#BmL%OzwhmGw<%!9hT+}ooXFus_W-t~27k7Hj`VjHsTDW{ zoZeH<{K#NyXBRs?G9ajj62Ix@r!Vmg;7n(d62$%)kKDDhicGnn$E~3O!CZl|6wc7r z?=*N)N1h*0IxU9Eahq4$+T;mYPmPgP%OWAhq@);*=Yk1eOM1klX_YK~QZ}d&Vo zJ3U=i2ZBX<-2h)Ao&onJ!ivInMjIuNNY z#BKcu>^X;r=iK`=u}xU#w#j?|g5P-D_gqNi-ULjo)&260X;56da_NC*x=FR-EK5=; zdLBW7Q-&mtWS!w99td(WS!$fT-Ea>uRm`;2JJU%YrR@w0teX~Fb!xjy}M1afkw>kIfEmNRcL8yhRB z?l;x6GfM-^1NN(e3Q+GtY4$`<`o3pj(j~}$h(r_;6!!#yvHoC4mogayl z0Olv>QI{C$abyEB5$)F!u)!Dqq^Lg}|Jw!~;dos!a!D6@Dj|x-0Pnf&G=z{wh8pLQ zZAO&FRr?it5ZeS(4uWiH)BPJi6V~cYxjE|MHS_akqZ*G|AXrFn~4+1`%)q}v65;o+PQSLAenQV5+`M0WB^z1 zwHrW+K`N9F#0hLA?^}UwbvW<7-Qn+sSW#swo!9@?-C3l4YU61%G6kq&`S%>C?r1wF zp6$s~B2N3nijiEmdOg_)8Xn8m&yT&@+>H9eHis={fE&!nTecV{E`SE8HZ8>D3MO*c z+Zy6;Z^(N*SGG!a${;IHZSx#WE4d{{e&rC}H`EhAO4b>A5FS(u6yEKGUnb!%AmBSy zIy?FVa}_BESf)Y3cuW6(u;{{!cfU5K4uoEQcTJ(S0V$;l1Lpu@>MKlRDt9wk&i&&< zQdGbnwOFDvrE+Xc*}JV7_=TOQDy22}QuNCwD6TMFI=Dnf?`9=EVUX*k4f!n#r z6^Cf=rxHHp5wE8q0r*#~Uwexm9R)XB;Cdphy-eO7J)5uF+Ysz9;Xe>Hkn(&UdOn#Y z3lJv1t4qjmzUD;l zv_lObu2g|0?t#B839$nN@uFZ$?+{|{&nYAGnXfeXbt>F!D^DrQ8ma5|j+1Ls6?H;p zfvZZzmd#O3OxMUCQeNErC0d-Hb0f`Xolj9!mBz>T~S@Einh z1J13d`vgPGNip&EMNJ4aFm>yhF299IiC374h=C7$rQa)F$)qGzdquC8sI7ws(`)3lZ+ zb^8E~MQIKGVAY-VG7FP{rs>gPz=MUorSGj{<~gaY@2itn5CQU40Vq$~8T5ZP@Q#3v zgr6(AfA@Q0?;y)E6gS{}`RhTv7gJAnCdHim@1_JKp>CfP&~0iDTxXApk7w$?K6v+c zL&KG|PjW$ej6%kz)h_ zNpy>3h#YbXIaFyWc+h^iQ%?j(e;DYm1O)}6{$0)n1~rji2OG5kvN1R$|AN{jUC;9K z@O)$i6{t2Q@3FzU7XDir>iMD5pf{56@da!uYls!@x6;hdr2)(Po^5As7;lp&85vs5 zp*S`5-5UBrNLig+-Q*Ib&uRgasBbPcYjS!LF6#-PT(#r6+?S-SpS{F52X7Gz`DC1X zh5X?pX*cwcip{Y3v8w-cCoW-6B5TzoKj6>&l?uO3-_t#FifzCI<`QpAK46-RuV1YS zV_xb%Kssx2Z6PAp;G~{tc$|U5XHtw=5dL$9)LNd*fMI3fhch`vwZCX$XHklZioN(M z=Bdn&nMLo?%^fRAF(W-N$8d3#el#LiEBn_m9-4Q-e$SArF^uyi;-#Ss#so|0)z3G3 z-h`tA>ulA=U{GGC&(H5rX2@PIXLif)U4p3uJ#p*78_SSu>#yj!I7dyzF=_xHwdBSP z$(5h*!<|!og>iN1fb>KG74AJ!MP&uD+wsMOgUAJY*3;1fNm(LjIw4E?1xZz*wg zZe<$M?XN%eHf0S6baoCL|84c|!|$jN#Q-Zy-{P|-nb!=4DeWHiheDZAb0LN8(Y z462@i#NVSo3WgkG#~=m(bknIm!WE=sC~>pFkq75yGrPB!YJ+CFHg#wdeZ56>GMm}A zCq|u^e*f~+Z==FLTxWR)2&wlE!)I&xHtFt;y`!!NyaMKO&zY3_Ke)K`ODifRg>|;v zJ?I!vJsuv8&m?*;I&=oawbag3+y+-UBCyUz`rh^0+C6sf8*S{(9BFkZuRSPE~g*nl13Vzb4&80uRN~naejC2 zI3$#HAM9)8?k*AlcX4@_b-*P0^K@7G&oCOw1GRUZ@fzT=o?kO2eot`lOC;a4mo^BC zB-z^URfe9g-qgIKNQ;|Na*@IvuVNrFLcwxg?pTiF(QbM>S2r`EgjlHIDlAAoMQ*if zdW6;;FL3+ek)Fwak@t8@wF7NJzE!}!a?F$4|B%gV^BG3Jm9# zJh>Cx5MSP(2W}wMd);JV2l4Px-6p3F4=ghbX{Xu*t-cJ34n5(oZtA;c<+DiG=D+~K5B0=?QrRBU08OKY4E+n}^VPl3agj6Bf=@2xe=u<3Y!Y|X;j`t9dl_n&l^`9>_K z*DpD(&9ny!`yQ&B>MhbUvFaA!<5Seu`)ZR;D7*VG7IR!wRP>9@w05nMi;hmLII0NO zl@R3f^_{B8ycRAHUJ$;_JTOM#canTFKA;i`HR1_6CjrD*;kvJFbSsUs~e&4CsdI8IG&c!2Bg z{0pKAGZ)7$VHKqr-lvQ16u5QL4+tkS_$skiuP#x5cv1ax1Sww%0)})zjOK4*#uyoLSS^@REB3!6!N`Mo z4&S)%Rf`GDQy))O8jafCR5OcT*lJyoA}JhUvkM@o3y~2QPI(5 zNz0yV)uW;ugF29^8*LU2W4^o*DZNC3+4AVqv2N8X_`zJ)_UY3+g%!@CJ1i{IZAnGK zb3iL7%s-X0Om;zLh2cqez4zwET5pQP!jDop8~%u&zhr)V==2Hl9q_vj1HNm6w0Fq6 zmmtRWB4rr&?WOp2w69j((*SUwo)P6j(@}r(w12M!^>Aaw)CKptME^Nb**RjM2QrLM z%C9emFICztMYr1yM&6FDVz6qRaL-p@bO~>KPfMhwwJTo zYxGyspfGjz3$uQ82T3XMvlc_B z>gCy`d4B%t>=N|KMU%Dt_N9(%PaH@-rxE5H(oof8enF$7qLT}E)3#(h`R8Y9mfV-X z`zE=33fp<`zk1Jx$-Ub3OyU?ok!xoHKj4iCB`P+xsxA3o3EdJ z45_}?BTd9Q-N^^82*z{kKJc8LY{@z4lpg+(7(@Z3Ttc>A0D3;VoQ-4BIs5N>k}6El zkR4=HH}Q%u94&g5x3#6@ZE`OJi1r9a5h4s#)>s~In91q*#|2j+>nc3r&mt((g>}Br zP%V|5m}$~}X1wps?a80Kbtj+8tUotA-7D&7q^sM*cLrDW&NoA6JI%&hE5LtQw3go4 z`@_rp;G*Nxp>pdIh{wwF{4ytu#xb9to2>?m9ZB`WP>cArGufK=N^{}ZF3q=~Fj&-z z%*e1!z_WfGy6(Zk*Oy9*g1z-J%{C3qEX)>ss%NtcdcK)pz;3y@uS*lshBH0mQG))S zf#q-615hH7SQPI0|6rmOSeGy&q*{E)rfQ4YgQ2f5-z5TQKQrGEa(s~1o^;2)!+?@S zbZr&qa41BrcN)Z(AZZ)i^=sbc2>tBHpb?UB;(FY%)zJHRETp#=AItfAu%Y@s$+NRo zN6EsDtoAFVKe-X(Kb^TIf2jEa@w-ouJmBWFQt`7HhVG{cRKG{hWbj{0s|QOvKkSDo zNWnS}s?L0EO7s!6Y>DAZz49jQWdDm7r}_;mRRVuZtZ>WL&25T7nUaq$mop3}z?$3s z#;TQZuI@TD)05dT94^Z{Xn9!_Sr|Dk`{rQ)_I%;7Uv zkgi%uw>(W%z~!HI$4|C&%RBY$5+Az`=s!E2^l^LpEJ-p+?0~6nyViUec6bbPS*?Zz?XeVckl8ogh)$uH<+47iaw}K>#}_m zt5kUB5j|mtr{VT5FIHQI|9ZB-hJ9qbS0!|2%z-Yc`ap*g`HY5Y;0?V3tUp;%9~o9N zW*;I~a5|w2z*os;Ty^V3l@PWO;ygev~j2e(4dB<-?Zsdg98m zRlWR873GK-gR52pm6?Gi?MPYueGcSdzS)|o>-k5T3fq3`APXSL6 zO~PEnD;?_O6wHKAygsFwyrO+KyI1*V&c)`IX+Ud+r0{3 z9O3|6$);R%bg)Kx{U#Ol9g6-q&~PE5X~NQ!WW@ z?%Q(DcV+q&lpP&n);W5*9=y)fPMXb9-5HD)F&!nml<@~li;uYQHLC3p5L*tY68h%@E{JfX?>~b9?-YKEt)OgNGnicbj_{4_QAZ(ZNlNW zF!q}-~R`ibhrgRI+IoMM%K~{Mo3D8QPxp{8=GdU0gVR9_O?~sJirast+#VHa)AP z{tx5jsV32*P$TSJ{jl$NSkm^i{juhi{qCOZJ^E5>HffCLxe9wLlO1EjMMcdG%D-3u zuOyZ+U7fI@yHpVo5i+;uCN;9@z^7*P+HgypSs71_AOJD+DBgA#3up%Es~FuNMRu~p zAUvR#A|42ce);o*d@Rwsg2df`T#-MGo@I?-t)Fj*M?OGUo7$rNY3};tn@MV;mF3&V zO23~zNTA#ZEUQ(TcJK?UIIKD+d*f4R2!IY4$#3r~Vxd$Z&!S_EALD@5U*kyan>ZaE zDhQiC(?GpyAi4eoQ7gS&AjgOpq3sso?(MAcpm7xTSxg&XPp8BHOaGvUF1jIP!m z|0XtAsigat2gvA3a^-B!rbn+mF%6LBaxc$z3Z68w6gNu$GRIuKt}b;`BPqi(9pPU^ zNF?3+Xf{z}qUXKQCZ^xR2?Aewp6l()f052*#Tg{d?l1;u*5CnSoNs+j$Lz;4?U(#bWy89oi_wBjoVbGPXK{| znxbFfVD=)EJpfh2WdoS2+X2SUt0}hEzl)yl-QM^<(IigA4|w?a+e?MdiA0JfRvm+` z#$_8>r7)nUbWrWtzaZk%is0-}ahGFT0;CCq*4tf7EceR}{GMG*>?34^Hdujap2E9;U7e#QWHdurp+DVy>R-fzBK8i% zgh#ZR0{Q8Jp{N?&ZhjL;GaBP(#@%6~4|oa*<0(JR^h1KY1Rs5Mw_}4F=}vk2GCn~V zHrjPWdB1A(hRd7L(Xpbx4D6>BhXD<kst{jl|Ju0Vrsvv*R=Bt(5bJrcsh#QblJB18xhpSZz3iW;2xQ_q)zCGgw z2T$1;@LTuesk~6*4}ic276~g?FbS z_QegKnjbKYPoGtLumrh@{U`F8_aYgt`;boDkQsHf&A*&oi2iur7dkkOi6++WKN7;h zbXs*d;uyeZmx50fkJ&OraAdrcv=!yQfK>^~I=SqEE(MD6&^Hg>y%8H;YnTFPb`x}P zB-GwCAcFUa1~d@#x0b)wmkf+HHV=yq*AFPu6JzZmVT=x(hkJTeY`^Pr@E{%V%u`=) z(Sc@^@&BV(VQ+yJxt)Qqog!(L)0V^6TUgiTRtjgoa5tK;D?#J?9Jx4><}+aWBb>(} z5JFpI+rtHgP+J#blcK<1O-fJFIFa6-gdl?xk4)wkOxhhzb}n-9|jOhEg|nOJokWNve4d4 zd4U_B@j_O1P-|(*Ln^n0(V!X}X7+WFT!;fmE&B(X-MxNV09PD_X2}kejU#41?XCg} znx`?#tKr$%(lWI-XYDpO3ljp6Pn{I^31WT5$Yi)TJ$}^HFBQQoE3Ng0!#K6}4W+vv zVopH{HD%^N#}M&);$+1fmHk81a+tH5TXB|@UAEYk?`^}0QiqvhRTNLHWvRZX)Y-U; zuSf_}4c%XWB)!P`|BEoi>x}>Ox2JQT&6Bz8+`=(FO<63xd-})~R5IO}a=R#r$AfT^ zIurlzn$tIOjFc9qh5nX?Uz8S0}f~-P+?#T|>{idU{UA6qvp0UcsXI zo~2P!Y#tz@Mg7g}Kk;4V36J@>=zT)?@JHF8tcjaXUxswZ2c~$=4YubRiiy0>t;6`d z##P;Z-RKMxJ2;~>eVa>)G9h2?+^>vi0iw0rLq9fI;u8fDOLctlpiV+fr@&fH3|qIzmsh~*!u_IYhIpPH ztbYomB-N^6BtU2k2yrlKrt%fSC=q?&&m8MR*LT03tyrH^|0N@qmrI7x)P&0GH!fCI z)-yg!H`U8^iA^esUKIN|<@5YbKk!+e?8r>*7d7|zIO4Q=6~}fgss%u)grYN}zX%OI zeyW}SHuncAenS+{p|iA7(ny0vYH370$#Dc4*pR0oB-L^UGPvfS9r@_~F@bB`?il~2 zcF$2P^|3t>1&loE6zpGKps1IJ;Wk0N796Uy?!6;KqV>5vtYA6BWylfFr%Ffo^(8E5 zi{Wt01>~85ktMr0-xr4zV#91gDg7FL@-zR-LRG13BNin(j zFE;Zj^Q#)a4Yhmss@VGU6T0+o#;}uBLa#$B*{*kiY$S>1+}3$+-_Sq^+?&rMuk8Os zI>D11^1dmr^;g6L!R4|``|=YQ;Eoa}L$#10+)Wk0;iS3+dyoMC}lkejHkao@l1vU;Q5B`z|aBnix%o3#PnbiwLXcJk}g{&5k$drga zgEp1ViN?q+2+;x-1uW-VC~gCd@w5KRnxH{hf`-JzBGpR_dF4w%YFiFP-i&A>7t*cX ztL|rB?W0dOor7fq+I9L0WEyN?e4r0`^tyO$cD5?~Mig`R?p+`^Tdt=Ig0|@B{Ca`2 zPY@vluC=4I|Ef)Py7IB}DIsOA(|y5*96N{H+ANa#tC6#>C*H*@(De{zx9pek$UpGf z)j)yF=X~E8Y;S(p&tPK);2-`+Qu?ma$Y#oDWw-jMZaLnLPOJG{-7!^s1Dur z-b^n+VlIP!zTeg~y%KG~432g6V#2X*{iUkC&DZyZxgy(Vq3|M)ruib7@K)DIO6HPt zoP0xuP|AOYy(|Z%y_x-BhZD%GiHhPAwe+0%x zDaZFj5?JudL@3ZSfRBrs0A`)i9@%Gz+gZmo-K*JF#3>qXcmdXfaH&(a2n(JBj;Yri;vfg+K&SUg`BzLj!U% zr1cio1ezwXm;~5oeWQmHjZgWCG~xqWsh5Rg{#No4(m$&Mh^5p(-E$XHSZ^s_de`CM z;@vw}I191PQy>*n$spF3dyI!;3i2X;MH?Vpux#w3U##jXJqERIEAI)SrjuRmw##<2 zHZpv-NR>y;DW8FOPCQ(&R-QoTAEylG&I$J~6#}SLq)L~_A3}ORR*wSXlUU+@G#~9| zANGE?y!wO|Ih0gNSmpbZBP3X})!&RYw6J+(AChM69c&Q5KWn&*g^0?65#K zXu20Oq+*;PSkM~~-ISB_026{{)~kR?Yz$vx;T5Sj$2WPC8$8+fq#yY@4%&GtVGd`L z*J>;Dgx0TcoZpP4G}>X-)?XbCO-f}70`ET_ziRUb)^^n2#tuG5k;ji+yq-Hly-eE8 z0b~y7k7ZkT4ulEw_phtFQ+qB@6M1}~`PjqW;}@6lWg{tSC1=F7e{*7fF$SmRkgKBh z7O+@C4N=Y?F<%Wj8J|M7Kc{(o_>rEa#`S}G6EIH^2-8@y^6PF-9 zTBDM!Fh?=D>@Lul%%&Ha{u&OXFb1Ghir=w)*Wi7Xc6#U_Tq#!1Kwvek?RI;V{?on& zaEOv)DF{Lg7FH*4XThvw6J-mj3;R!2kXk!d(|8DBqd-V*k{+U1-a8Y5Q6jar2O*GP zVpXtc?GJT{{9_dVqiLU?3~M5eLHt!VzVhJJ=Q5(*_XdH~5^1t42g%ZY!182nC=9_I;@ha-_ZW7=n-BxB8;#BV=u) zzGCS~oQH)-8)V&IsYxnCSFgUD`gdv15%k)-#OHPau$cY;Mq{MA@IV%v zCQ{ubEq@w8EDvrdFIyuHD2avu`Bok>0l}Qn^p_#;Z@U7B3NsE^8y-`H+$=C~5}>j9 z3m^rz7Bl#>TVV=;<`4xx=rd&+*~N9LTQ?n}5voMUsG;W!S~&`jqNxu8tTey&hW$nf}% zYbTplJOPm$Ze=DmI(V=RGZ=XcRu4N^?s6qDoEGvdH&a0A%|EzHM3L@3uK#g&e&j!Z z9rWu#3mYzNvsiLddFYU7&Gf{JikN=eVb*h#yi%BUJy}24|(-Y)G z7vG%?^s&J1>;X?OdnlZLao--;993X_`mWSyAWgv5dU3+9BW#OVbx6?et7IZ@`XMW= zmE`-DqUtHnhsQxf@=41Ec%7>>vddFGw{APXioD!~P?!3X)h$yAuO^&!DEKp(ne@tB zNonD0hqkJ#Yf(waOiE=_lNy3u_|kbwcl4>i@v>!;lgEQpXy8~>8kL;~p+~xC(Fz>= zmEa#|0%)!AUuLMp{|E4+zH9=bPo!xm3jE#{Vw%IKcBxmr-KfSat)#v-U0F$e?yC~B z%nJ8Yt)t^Za%Loq>U$8t2N@$*b}#O)J^yRqNygx`W%4F4=mM3a({%{QH^d=9$7RJA z1n{M`F(E=pIMpp{yqSnq1F7_TZts?+*VF?>wzlTIoHz9p_ND{ z;?ace5tNzL^T5NzUWBy|i~+oSe0&QC?x5lMVH=I#7O9Yug4|D~Mxc~cg~LaM0Uw=b zK>8b!D95e)OZ)Jo=pKWA^=n|@W9albzn|J&%xZM;XRdEz_@g5Bi##unZ4`deT)(1X zb4MHzSjhdziv0>EsoP66_ z&}TL}rmuAEsxfYcDI{cuk8x1em`Y%^`0Le9@=ViG$H}Zy0CvejzgLeDjmm%6Ke|ub z-x3n|Cu**UlVh6Z>=m{c8=ITyZsL6otiDs;dDriIf~jY@tTd3#F(o9SsOHk+{f&$P zOD+qet2+|HL3eYvYW9y&|E9{*S(-)_Ky9P-lSZsmEGQ(8u-pGpNTA+RUd25h)7yI@ zkv$jS1pP^oztrm=ovx?<^6C%4U!~0a(%HiZgH<_b)%rKP?(Tn*ZJ?y~u*K~9<>WvG zB-)sp3*09;`*m|V4w68vp0t1_ezNZFxqNMJ29nzde?6>4k3cGcA8$S+2B)g-;NV-f zaCBQ^+4}Y;j>4+P`B`~UF$#ks5NTE7m6qqES^M;V;8kkxJycxYGY4@Y`TiLbkskXi zR#KgEOHyamtfcfN9p+YXgMVT}k3sc)ClOR~fRK#kB$QnMW=IQ7uHG`)NLL)mRB&B} zEa@ZaFEeN+>Sgb{9c#y~)sAtr_vzSX8S6QQe`@nl^I>@7JW)BA+nlAQf5`pL1;w} z{#jFZNRMJvoVYuF$&cK?kY!r#p21+hS>MQ}!P++-)V($mGDmfw9nW+)BRs&FWJ9e7}xj`>8%TibX;|s z^WP1_TnL2Orjq+axiVMeczsUs>=-J*!OO@HXPANy_6|tyK>NNpAp{O!1mfZ`pY0$$ z5-WsyfvuOisW1`3Fv1KCE6J%k@ElsF*~g&6t;AH|rD}`}HG%5m7sSE_o}f4q7dIA* zlf3Dms+)kKbLFiF;8e~FRYLxv9o_rV(xx^`3*3tR?PpU4tx4JVnF}Xfuv52OhWhmc zeP6zrnLGm=nUhxUVE?p*^4>9t#`_{fRDnN73XGUrTPartgh%i@X&uO|Ldm` zoh<+*7Ft~VOmlMjq&@z)uB@o2sV!8r4N9CW6G-$jtIVBgiV}*$+q~RPl?>4K9dVkd z#@&97UQt?I$@`4ky8XPau1>4uPoI$A$mY9M`#HY^r#b0L>HhWJ#S*DR?g8j=croNT zi1Wc^O?_Y0*{Z}0*{>hIijyOuDf2{>%e+TjYWRf|EV_RCUbb}btS#`}yu@3_4)%iD zMe%j!Dm|gySn6xfu788rORHNT_a;8RCtKf=rO1laRQ=+I_kB0d7@a~HseV)1w-5v&9Oyphr2UEQfm z`Qi;a5(mwm%-s@EiH*p6Yo+I*d+?dv@acxNj4=;5!V>r&&8@{f;v7U!CAu#~-2QfcG4>ieioj=Xhn zuLHg;cbT$ib_-b`qT%2XXGJ>QnSd%;YWv&>| z#W!o&{VLWrHl!T`bPk_8?SegXpyT?b>e>pum7~rZh0iNklvRM)o-LOYCL`}VXy@~w zU!Wl>VQo90>!G01!S56o$yB*=um@>$r>$(l90fcIAQcda(ET>xWCIhdHbw#yRA=IS)N&NV~IFWV3a4nx*H=u z$L3ajzP1>NvytM=bMagwZEVMQJ;O#~WWz#?d(dS~e+{0`ay_>kO?5*%^IAGkemD9) zGDmG?q2JLH8x$u@!I=1Q{IlzB34yy+a!sl?L>s_q>yZ&ekpakEIrg2K;aGksjDpWh z<7*B#p4?jyL`gJX&$*NDYiL)O=nL8PV7(fXVz{?p(9WTj6tGaI6BHdx<2RwD*?ieE z2L`@1c*t{iy2sNhen_m@tL}0u2Ho`~morA?lCE1pOjaS9b|z=uxzGarK~evbXJ+`y zL2A9ArUVSF%>5Xj2Y&caw@1A8EnmOi4{aSz7FU^Anml!K`p9e4iy6^@9{g(OAM}r| z#Fc4!GEasZ9_&3`y1v>e-_ffNFvszfnV8vX&@!w&UB$JtvxHek3_)Exr5{~Am916M zD&DqT*)jPJy}aaM?zy*T)@KNR&(il#fwT0(-sQy34i0-K^YN)xbf&L<+gxl;^Rf>r zZVr=+b3a2M$kTKWnJ4Boa}>&672lSaa}tZ%g6ybw@2R){Yvv`scV&3*eeVd9((rP9iua6sTJ__cax8T5A(Id$aA0}{#%l46M z-U`wZR^VT3Duwv_LG?)H82$}C|DC02R_~2saua>sj_@({;MP5o=6|sOD28tCCL~BD z6M!B{8I^~qu2W$Y&1AT}1|SDQH1FS+Hnv&z=Q#nI&^KXul)-2=pUcEc<>8ZcA5FDm zg6j6#6ArJ30%m<~=a}RXvJ>$S=`mD1%M=?vGHZI~1r}%lzmEtT`dzr@~Hw?DofVE?t_Y;)L(cBw)~} zbbgPE0Pp*sYDqm$E6-^iV`+guLFVJzZ!XkAtRkXw{`x2CweKuDr(`^)C!(#ECcYob zygP+lgtJG&*?=|IGGKS0C8RT*VT%kH(PG7Fa=yYV&{C^oev z=hi(=PcIX&V@Bv+^qrXGe`>v^OerI01SbKMlgYu6?y7ZxG0hv&zd>OG4Ld;ZUjg5{<)+c<4>P4RGc+3k@ zic^XPqTl#k)#Zz*F2ma1d=4aShrPbbT}{PwQpTKHNQ$#FCl)v?xy)0L)B)EyGN~hR zqlPXn9c+-|sEDO#zTZJ>01g)&wYwjS#Rcb#PoFOvTiFNo-^aLMUCWBpakodi82H|5 zMbFJh+)&JuE%bVJS?Li56Kwg}Q*K7r#Y(%ad{ArK9j~V?Fz&%{W_>EyyxO<4od#p> z!h^a9j*@rjh`X%|Ib4F7-?5$<#>OZ7+)DdO3jT@lcOVVIwO5yMwTPQ? zz|Ug9-6x@weOqzW;w`@d|ErPX(`Rd}huYHKZH~Q|d)PqF{`AS*;wSvX8&364Ss3?% z7DePy1kFOS=4--kt70|in7-Vh>272?p|jOLyPgF(b!0*Xk5IpMH!zcy4@5`U1?C`~ zqj0i^$k5j2DB2s_RrIP)wtl8nT6KPkLp)Jq%D6bwQFfPm=qLr*Qx>$Y#nc3!ZyKIM zfn%-Af~20W{(d1r9<$@+PDS*G4~(}i$sfxl3*K5^Cb-|vGf8&vD!~NWdOmdbeCwn= zB5G0T-Z5E%wppg~@ReEaOknZAJd*eAb2H@7FBa44nVId>*Oq;=>^|Oa81N?g(qsDX zTIXjcBMqyoCr>3$5wOnMANp(jjeTV5S8DwihWcnaMjAp1uQM=%81#?LwVk!k0b#y# z)n)x-zO=O-GocuP>FveZ&D?X^r#(dTq;3+VXRB8SBhV=$HM8+GZ$g*c1_N!=oV_g6 zGYe-&|2gB?ezQ$rWVgGEsG~Iy{3MIi%XS8V;n~HX>pun3CPxMF8&4X2wd%s{+>cn6 ztufJrszw)nIL{m%c>-t>#yjzUl@891>))`sl@vSuA4*3t3~~L!^g*)#L58ci5yH_- zU8HF4mnys13dk)Wztm;EexCBo7bk0PFx1(KHo7633!2JCo}a8f4`suUK4WpbA9=J) zE=hCN_Kfp^5eQSwzO-?4ykKvuVshM&#On!qV}1bvPm0?K7g`s`+dQS^^jcEMrEzm@5wj&Rb&GR$sfO^Wb)#8AHn%1w zUPfD{#6a7n^UW-UhwqWx@zp#B>IxZ_>RR0PI;JUR5dt~O+f?@G5>xfDVVci7p)K*U zSAGE=S?h!mG75J$a-Bf@E+4v+*z07o@?z+%r3<&JAymJ(DThIYI>~Oz+&Z_^Z}Iuj zN?T;l!-9#pmn33AIXX~WnB6k&|Dm`p96Tw9G9JYL{PUQmuJVE-g*uX5qB@Y3?-Fi5 z)SIDy<{~s$(L^6k7Kwyk@U!YR}OXEpheS*AeUyEyNP8DM8=PbOf z>S@;kb`}+mIe5w?bgn%>%j0{!SbFpc=N zHH|h}ZeHuGY&FDfp$z-6LF8jeHH%pq31`xEhbu9|H*wN>mXKF%X4zQ_82in+t^Ap$ zbdbtJf6IJs?{YP(P>o=~R!ITg{n>lB+Uj1yq@QPPs(FC6-c2*Si|4?*%N&D-E@pF2 z(E?(t?o9=RLGw#f)mw>5%F4~2wX3h)8Cqq=UAMNnHhhmgsV%NDejsJ#oyxxHfV=0f z0&Kl`tl?6&&%efgX{`J(NBdtEq)U+I`=Dd5nM+r`QC03UL-r~|EHQieSE^Q9XyeAE zq+lmaiE9}D?DrD-tMZaOSAWJhO}oic5ySZu&Hc8-jlnd0jCH6SOuaDrzgb&VieemIdyKc^n0l&F3i3^q5=w!DG%< z^s_0Jg;@^ABzUjNAjwWoy!$GHk&gk!J^zXYUWaE&Gorfs5&e^>eQesVvcBAr>p0W! znG8>P$*+o{1Lm(^fXsRH1&-8IVO-(t<|!N7l}}ft(bxZFSpy#hSTa(UeVSf8=SFnd zl)m`oJ`)rxXVls%bL?+VzZYF@m1s#-u-ZfBo#XfDi7#dXs8Z_(cH7%}5R_H*dW$n2 zm<$M1Y?nysFzWj--!bM!OZUgVrt^nS-1xq9_d?cvK2os3HGHI7A7=TD+NqgoL^7$R zB4tLb`>r*Y(GntBb7qc~#>zp-b`bsLl0@1`fCA9YtgJkHMjf-yIbQe@)u&|%K84i? z@Y57NoDm`8KL81C{+rjN_;MKc>2We=S-i<}Xgz*yw>E`XFBc^H&Y^5~Az5axXA(OG zxC?fbwuwPPMy>@nlclTx+E}J`t^-v9q-?J2$aAeZ0EIBIgR#3$eG#eDY8Pak#UdGc z`c_xcC6{yGng7IR+z-U(r$RC^EAL8>jv|j&#~jC1Yg}@vzx~Mvz{v64-J*^*&i*_N zq!VNUI)+2MZB>g(MrB-L>et`$kQoL(G<1b~_PhF5XX8#AOZ(o}P&?K)evayoHk|j4 zW9;F*sZekdPW7DlwQk^Y9!9~Pud7_leEzDJMLFJuMei^50J3dHWZUGIGZd5Ak!>3m zm~*x3WjCMQPQ!DM0;0x;{r6YRQhNk=xbgOHH0i#sI?E`@F3e2XsP2d>o z^(=Le$fPHTtu3BO=d?CYTK)zXzUFAnPg@B&T&V~3sRb6WHh!52M)o6TY)ey85$#}n}#v9a2C;#Jgyi_{TaXdV0dhQkugQ`S7xtum2^1Xv|)ys+0v~!0Vu1sck zBH;gFqV^u>@tnS2RlD`1v_0?Z)gr6Do;`U@%)~3daxg0|KW3;Jqbuap8Fsm`4HzLm z5z&~hFJYJ8yP}E^p1Y+M6TX3-2fO$MGFOR{Fg!6Mp;MU4FEo&O6a2p$KjBu@Zd+}FmY-&p(s$bF=SC*B^<&!E~b}h zLJJ!)UcX$gtbeX8m!g!hwg;;f19hl&+U5|z{QC!qY; zwbY|x!6FUVUH#jt0Ox24!QO8n}Ip7m{ZFr2x0=y__^Pii-^Xiz{^ET7yjd zeiiSH#!9-(%%-o;Uo{9v=IlD#NRnl~7?jx-{nsVxC7$8Q#h;J-wAF0Z)SY`*; zER>l-8VB;=Z#m>d_bscVV930J?sc}Bx4u;Z&(3~T zHsq~bb8oJinVo%HmBtKdG@;M~e{AoV9WoUc&iB43U@#^`lJ}${^M-EQXOSparpW4* zTN^(=grufwDxb^3pQpME9HmNSz2G7rV(o5ej?ALg z>Mj|_V?ps_O^Nds{moxVYW97((06OhI)!^st9jX(+6%C1Qqk7L{1hYy!O^}O_u~jq zNT1NO(>Ub(=4TdCu`-a?K8-fR~@Z-YrccW5dP0m*^b&Vy)E zwIxO|z@_7c8QzkRx6L#Mqu~E3DMJRZyTr`57fEyuM=L7XCddx?7tOxDfhuwa*7D#A ziG2@<2Kp!&Iv^9W41?xBW+2~ZcwUGIgYXgryqIj%;tUGXRsF8*H`cxCDr;En{x-3| z28)4?_?vLTTP+#tKR>Rjq(f_em3VzG zkr?W;yF6wdrVBLxUNkIOqb96Bk9zv|Zue4XoJ8_LlA+-uBE!x9tJ_p9JR>Qu<=gv3 ziIju?U&5yOi&nTF;tRKa|KmiZ)xAs>POODPI&(i^f8^!>{nKaEW!Tmp1j&5BD@YyZ zFjl|9s0ie}C=+iLm0^OF(&Ip}p}>cy5a9?s4{~X6XJhn8ceR{=W(GX(I~;XWB!hsQ z;01&u5sbp2pyQPHwyKO0O8bqrpPfxG5rG7*wmh#M&y{iY8+{M<%IOyBhEOVxj2GN;8!Tgf(%W=8KzW(^ld_=~qj#)sZXZR=$XQ?9OrDyucRuCiwg&Cq$1?(@7 zUh#cFP^wv*!p=89Zm;0#nWlKNBjuol30n+aEmfCxoxP^UuY zRvQROkzX3=a3%E+MrH2H`*(X*fFET!lFFzT1PxD6yQo3FZyLFojpaATh!3|1846v! z(KhP~nD6G9zc)kSaa2|$Y37y!l26!4hA0v;4MEt4xm^q6j2;eAFF1Zs6RrfabW2IV)muC_4dCu+5x5Ytp#adHF?JcvolB!w z_78t~K#4Dw*d=(AjF0PE2sk7aa>%>cfRulaznuMNqA0E)Q&;DtE#1nz;nqmw^wTu+MU-jLl{J4RJEYoo z;Pk^l2O}w`Ph2wxzswiv=yqzoA_^u&tG-?%wDP4!!NAFz_`97SISQZmvgaVL3mh1T zC$js!XK}!OmJKaiP^3M>7aD;g&umj8o)+=P6{PC&s`7#e^^!1>e%cR91Ry0~N-f)Z ziC}-=k%yc=W@owvq0t&RPWtR011rLIL{a)^n&c^K^P#>oNXxdB-V9%Qb!W+Cqp6_Q7U?DHJ z4l;hN|L>_DIQ<$NJ%;WBO&1{XFbg_c z%#5_)08WEfSXkrYrL{Z0bY+S8#HZGy2Li3h(N?+v;?iHnbb|Cf--HTLJEwZv!KmH8 zWn&Bd`h=+x8)OKEl|+ymYZr_P_jKr213dSmyG7`(zOVjJ-B2X67u9bP;+*R;h(G6% zH6USsG0?#7uqPZ@rBH(xa+sTN%UeSq4MAciR}g_&ABt!FcWcj)aWW$-kD5SW6y?MW zEKRJ+N)75RUgA4-ibj|yFm!Z!dU`5O<_Tw|BvkL+yQger_z*=iZBqW*kr;wuOW`Y= z`h6q^V<68_6a064+d75(kmt3|7)Ua7**Cz5Yej4h89He;QT~kTf}8mJfI!l8sNovy zq@b9huxbIF0Fs2X1!iZhC3>Us#A260$?fT0#z4QxkXQ+D!!uv6N(@V7V#BDrB zI1y7l9#tNgFiy_T*Mtd!X+U`{bL%&NY{KK>Xo*2e;6ut6$7C`RvIYkR@+dtvmI;|# z#tDTS%*@w+Bos>!Hwu#?!S_h?v&Tup1D;a+n_%>#&eBC8kx9uNpPa8>4?QLQMNLYx zkClHdF2fk-F-ISnLMM1j*M>Xm2@8FXn4Q?b^f8Mo#<27-95_o#vmg+$TDz)+@5j%( zRj8Q;g7$ht)Lw|{gCqKbbcOoA%sLP>3-g5x<-`rF5lZHYl$xn2UT*FnUA78aWZxk) zS+#Q@ZoI;>W=Ez7B@w7DLwEQ0moHzw88FAvQ)1N7yC1Qgd&qb$TE+D52|A7_C5K(5 zlz{zJEpVfMFXV9{p&1_WPaTGa*yEyzeNU39nM}oumq&RiD~!SW=+^}FK1AAYs_vLu z?0iDf42{`gv|=N4Kvvk_ttZsNE~(ZGnYV1=sO~;Do|dltVe?)zp~pn6!5MbE^CFnh zl#83`UBl0NeFlss`dM(~H6_ zKahH|a9~17kOhwdcV71ood6vSR&x^~2t z?+!o)IdgGil6_=h9zq^10y5kX(>GX_Ou=(sh300 zdW8OPXRg`4ifE`|^`MRzm~*&Nh?X`k4s4@n&D^4u5*+u+Si|@&2c`)=gs4Snx^icFP4n2}wz{OP3z3q?1)m`A)?G zPx&m1IQ6FO7R+FG+^>@T{nd{JL-h>G8zO8MuH3GN};++`}l6b8-kmxMX@a5zxMVu?{#~HZh61hn0J)-fNddjs+(O-R0PMkcB9xDQocS7EN@B)ESmgC z?#CIC2Mp$?80YLOHwX(bzcj+02BZ8QH*5TR5E;zpJZ5vMO77MgERNp&IQqi0AwI|d znbMx1RDwlC%Pgy~y&?tEkVcs)W-@15TtBc6kaJS$mCUy>R7ZTzz!|BTy8LeB; z55=KtN5aGqy_rnx_hQ4bnYN?W_){Z~8kqsK?#Qcu;+qmy;x*yOFeNPnf}rO#2OW1# z(*)q|4c%7_KjRo!8)NNHaZhyk$Tt+j!umaKexh##H~tZ+qG$-6{B#r9dNL4y=# z+U;X{=CiEDG_tj59kgE8TFLYUntv8rFs_@GR1qg28-a^(Kd+CoZ2C%q)(5^rUVkp9 zo(&iB`fpRE6JP%!li`TBsn?*mmwR>VWAggGizEWXm4m=Psd-pv!)8TB{?ODzUzVQy4X9p2@U8u}Fzu*_SO2m;3HY?tIZ?PB z%UnDkC6BWrZY|Is7OCm1|HW`PAVWR5b0uNCqJd#A1IUtAd6zzKVyoXw&NCRLh+Z!sC` zw$A*d$`8rM;6zMrO4FNYgtPsrWDyNfohi^do|G0;YK=hIr#E+=1=r<-lr9p3Jz_&h zCV862Z4XsiJVTyXC2eFBXM}0YfQ`@V_G(i;dC~5rjl!Q)vNY4Bq{J`E?USgF`9+q` zo=1kE)3WJ)h>Hw+gws#2}(NmV@g=?aac9XlaQARe(3)Zk{wnB-oMX&Yw|R6vLUX&OT!w5(C`N12MLMsZ53Fjal>AknGnVKaiFW4}j zpZ%aU!m+Z2xM;I~EN*_i^XkbTdF_GF*0pz+pY#05=SV_sSdkG{wmfu1tjdr#26&S9 z*&yQ;kc$EnXG^(1J4|<@F<6}cd04%8gRw_}BdP2_lIcfvu0R+(_MKmum+#BZH)j!{ zP9;Cl4y%_qSPyy{3wNxccC19iDg zIbUwVGs|t=#XE=-X;6}V5#2lc9OyfQV^2$~4m~6$*GO`#2sk7lSPm~SWpuza#h$*% z202`#$HchAN&zWeq?IqdG0V>BC|LtzbH=akPHeQi8P1F9U&-dO(t~ffGDDA|G)D?Q zriy!sCrQQp$LcfFsq;P;awl4QNBCq=uY+<@4fNa-6!B5AefU`ZHJ)q6m+=hd3N9)M`ty0{(zs2-lHY7xC8ywO`jZ9)d zfr?6_vGzw5JT+S_ zv!iqMQLd>es;Lv~tlZ=**Ll5ls-7Q{S8Sl?urlN!rs;NH!#}WFHiwh_zZ2l?3>lvx z@&yG}P!10HUtT%p7L1B%jpd4H*e|jAC<{T+DPnDcPGkz*(1-iIHU%i$c+j5>qY!1C zj)cE(spMmLeK|)@z6C}xE&E!`LuolF{y9d!7l^5WN=o&7T&k9Q8xwrh zKfint$r(YZKKp%px=LPDva};zqNHSD>vI5)OTJmZ14rWeh_t8I;#sptBJ0Z%s34`Th*)})iSf>CQIBx|&* zsDtvH z&zd-`{8#I5Ij7>Zd6@b9d$0J}940okeoKYhjK4)qSfKkawcVxU(Fw}6z(Ub7BHcxx zCZ$(EDUzi7U!I8r0d!w2?#=Nf+uWDpYw?_DVhdkj`|=-;4L?=ydlcQ$5|;PRrM%+v z9z+v69F6@E5o5bN4sM~qOAdZdWcJm|4`6$b2Psl`L^U)l3-NKwYt?Mw17bw_Jq9U& z9$I$wIVP$S9xM^OIs2#fgI_hc6fV-|rG!r@Utie%cK6oIIwq}T*344(mIC8U(y4cJ zmf!z6iil@1#JR~@$rI|heV0m5Bkw^fF{7G zSRD;?(1yFAIB{XUx*itt17p;L*4T3<3mMNZAeCQuHT^X6+m8JuZy1OL1w<}Ok%BrV zy4boJxlD^w4Mg!ZQc_Gv&eFQ3CkDljNx=<7!OODf2;}Fo;JO^tOp1hKqh@*1YykMIR~5)4p#eY)idx*Z~D{dB&WI@GaN4>_$^EEMD2 z*>Vs3RaG-$m&mx#AeV5P`F$Oy6b-ns)-N-3#U;f_zw>Q&YLV^UrwZ4A8udbCvrKm_ zC(zz!`28*3+3AQo>h2lmV>qG3enMvNf{XlSW#Cvk)Pq8W19PDn&AZ)|sLYzhN~(yE zU4)&T{bHpj0oq@cm32{Q zU*V>k$DiCn9YF5bdW;-1>a&^KW||jx1w;RnE7Ai}@Lt=WNs+xro-Sak8-m&^Wd?iX z#(8S%fO_D8~x8{UMNr{c}w)S@C((B#17L3o0Xuo^S7j))J!dg{=yWcab z`HA+qPZ##ysLv6nG=)k$u_1oiuOETuj@l4Txhi*1E=|?m{$t<)9Z1D}^eivK<3MZL zj~|tTVHjkGmMqWa{}XE`=D={~I7_c5s(V8gA+j z94WbP6OII;Ia9fkv-`-2WVR84@IHEEIkr>boJ>0pc2JVtxa(ZYxp()|P59*2X_)f) zRo7UJhF*rky0OdSg?AWaW!rXfip>hBDyyw6>)rtgX&Fkne4$+)n^iN=&3(8u2-p0D zBW&FSK}$U@SYmQ_tPo$Xv@3bCk(P{-EO_*1TOE*i1oR)zKw0=I7r>9>AY!)T$|6W! zw*)JGft;8Xx6r|ELg^NBODl{E zh@DMqD!Ec#uW|s#?w0+T@IMj>^=D@jhUf*{MGMIcgyMm94qi$L5=L7PM!vebI!29o znl5MWs{DLSLzR*Fjr= z)84B!mVXycP9Z;73HzU4%(G2ayOLM4*s=_sMsh&lYKA#}Qw=|_T7eHMy+K#Y5`oC-?b3vn@#d- zr%ON}L@dROb1)O5uf>V%P2u}`36TTOPM^C>UoqA(Udj^uhzg38(7Tv%^0wavS~ir- z4qKFhx3HfaCr;#E(Ld|g|LoZzx8I|Y9Fme%t>fhb9q;FnroSSYr0ZIn%791jWPbjf z#c>e0>MAP}{x!^Jh{X5AM>H=S?j#>GH~RT2Kpu@$z1FKYgcJDKE|`HC^iN!~3sx(m-@7xZ=;)3@HA+-Zhlv4exhRl_g(XDp zb&0s<5rZ@?p{}kp;`+%LNCk}GEu4=ZhpmG4;MTgw9$!u${BbqmdH;v}2ke*oE|jWt zLZJTLAUku?JCW{fJ%DXH;$+bf$uX2huHZ}YF6etge32tVj{i~@uw1vgk_1ScW-Qn zl84IGdyNSvv@KN*)2=3^A%z2ba);Eg(wNuBy-HWVw})L=Oda9Yr_1>cN*=9ard8kh zk8)LlL=a%W;B_J>7lm**KeE`u^tWt=y+xsma2EzdTV?j-mXP)$d79+K6|LUR8g#q3 zW60cSWnkANR8T7sl%{{keme{qW=J@<*m->(ZgE^w4H~_F@vZ-|b+<w}|RxEBRkf zxQGCToEN1cViy)IDynW|#P6XXKN85Hkk2Hl(!tNqKb0m9%{q$F4C-4&*SlH8U8dW- z$5t!J*XK|!_Jq$g5<;wpT%O;f3+XH}5c!t)S>)!L3ZzPpN0#bG|TIc`p>w z7llnE46=o$2HSzD&h{(=_KiRBI8?ke7B?z-p00PK-0LxnE^-Na;S8XtU)R!2Z4Om} zIHBWz*0&+C7>1?qIL)@H;eX0cgt>I8F$FJvsdJw7}l;C5W%sG*)DY7EJ zbKI<$FFx2Zq@ITwq-*vS-rvW~sB&XTWwq?mHcOu`MO9%OMS{EW@_b)%d)uKK5015)7D}L0e2$py^|6vO)lx#_H7c(s&QH3 z)|ZmzpM41Y$9H^U!LSnQj^`OlOnY>r!$sw5wRUf&I52`Zak3vEH*)X4zX?f*Nw+nQ zE6h~xXB0kWTh%|$aID@T?i)EZiiIwOK~6ehZ8`iBo5IKACu zmrGnYg2ey47trEZqN;yXA*Em;_L5VHsov;U6|;Uk*sd^^*dwSN~}NU{~!&bIa?(quBCWM!?jf9#??g{0cb@lPDJxeT2=s zQN;r+{-lIMd1{*AO3%@Lh!RuD$gqKmsfd4SYD&EoLC0N)q;pvfZvqoc5shuwn;Mhr zp2Dp(iub1ERI0I7*NpH|Z~}5Aa*-_ZZ@e6(W6H7m-sBG!prJA}x8Q76*(T27+Q3Iu z(M_A=O`}`zI}!Cdz@gWj{mJE`Kfc*>S;?R24>=`o7bn&c6pnT?{TCnjfeB+cV5NQh zIVdlJHDZ22jM%tWl{FRUO+jfH6BJ1?Xft4>&^}+84@u*IY_BTw1@M{g5kIE2&gPND z=Bi|?G?v=cA(JY$jg{b647tLOsaS9gMko^LQo%p=>$e){=5(G{qB=r%)Wqndp3H7# zoXM3<029(s_(N6zE8V@`?<1eboYla;sk~CnM7;|MAs;!o!1zd(_?Q*4zn307c?*N$ zEgqj*nFup-?h*KR185`anKbslaH&G|%s;uulG;#v&|*EnXsBrSa~{nS=XCRB(z#-d zi3uCU9}F#3J6BnzNWdl`^LOLKuk~7WWff9Kc{3Gd-;S5Qw?F7-G`z)=XhNY2lm?ka zh4lgNEvL-;SLiJo9I3U7;ithS&QI(-$Oc7`@?>dr~3V#V|{WDHA$PbW%sqlkE#^$U=ee z@>$CV@LOM6664=jgJMezIRK{sYRz-yJ`|HLCv>9%X`(E^XpV5aN3V_}(SEg}y1w2U z6dgF4t+USUWM6mOsNdyi6h0@e^rJBnf(O3gL}e;f1zHop*P9EZjw{Om9 z;X8unDChe&WF%Pj_ltFQ?t#b1b?NY5{^XH> z0XV3n8@Yl?HZaJ7QUeWeYEzQPsST3S(9HxVtp2*zU77bmgnHR5qL=PtB-3hxtGVYP zruv~>#tACvL}e2S6q6kt)(PYZVPPXboujZ81^zS9$#hBOiXzQ5KSw6W)LY!-vmtq82}yG0{2+5S<# z|ISLSb#vI|7i|4KwSt4IhKFMG^KI5EO(WRf%9KGP^S|;TL~w;rc{FwPou}jlxyEHb zKZdl^Pk=};dyxOzD@}!}G*X@qAKCxJ+`53sZOy&0ctdF@B1_GY(Dqum!<2x;)0JqV zX77Oh&)~ynHCa#TG}p~%>ZFvs`!VKgTF%PGYCiJNJX-Y1vp(lq+Y`K2`p4=`mG+YK z^zQsdu3R{nx1|)`|QZb3HTOx8lu`j##Uubdpo-hqB3AOXkE`z?xG|k zJHC1(-rWg~>6C(|d9e$MW@?I_APV!%h?01fJu#j-W3PhNt6rxT^PZ(I-ujQOZT|PM zA}Ix%%+=Kb{vOT{sw>Gb7P^z;?XCQDlUIE#r$i3r+iY0s1=jw&m4Eu*3CN)oFxP_H zOZrN|C1>{!S8mzzUDtWmECT0| z8u)NH)C3x)aLB|9W(F`=^-s<-c2qM6P#1^RL(k98J6`Z=ZNxa4PBvE0`|&;-pIJWxU1RNryg5J5=8umSi&e14V!%o@grM1^Q^(` zvy%tU1VPmPmXKnwLmFBPw7maI(g#c7i;{+gYR){g|IDaQVs2Glx$ z$(ihLTRu?gf`90pTLo??>!wD_5a zY(P9J=`17~0Pj!ZjN9w3us`DzaoXtbMt%{Tol|(Wp$K(xz6II2Pkh4HvKSldUX68h&U3 z49wEX&8B!xg(EbtDz?ME0n7ak@$rP+-^5hfwS2VC8M7titoVx*Uea*NyeKRE;jwi0 z33I7fy{>eW6Z|=V1SAfrv5FX9qN&;T`8R>c`SyOn`N0mR%USj{rOK5>lH$y=&BmYC zi#?6+1AON-j?Vx?b7Ajt44QC8dBD}Z23*~p_W6pNc)I6OF%Qd^jDt~H`{TG8#OoJi z9CC9WJTpX}6=h=DyRMO2GIFlXDTj)#dSU|9*+2N!mSTCME7Dn zuQ4CkiMw6gRUNr51T)cFUqcFaGF1|EtU3Q?p|k2xTaNTKv@-%h=$PUcN5|91{i&yi zbHcp;vAiry-iv75=i-RE!P~ZZK0ExBH;3d-0BYJdoCieXB@w|jqHe&kx>VTKN40S3 zP@^;D?9P+}bkg`8exdZR4v1mV!y#oQvaiS#3JeTG>-P-(fWXCYM`_Nv0p`f|sX3?) zeQ@|aVXI+&$p_$VlhmjFmUEX(fP!LO#F7NNejC!ZfvaIwI(D7HLO`+uG`s4fu}}X2f{_`a7m9AKX{RL)U$<7rhUW;Ov_~Hg%YbE<6Tsh=IXr-qQHw zhV)XGDu%|Qjc=W__2C&}Rdf>EEHagDI)NsgrjEp`97FCQIcgx>9vi<22FWRF=KZw( zTn#`+zFx`^MgN~r(9tV4i5M$`_dz!)v@e0Ldkj!WKlFBiNEr7DG|B{-oj z_c=myCQ@}KW(X@pZiczO!6+z7XK1^Otp0uLUGGrvT1b2KvvLPK9rcwL7QfHHY+JeQ z*{;(_(OuD1PSVtU9Ak=~^j5+7Kp<#1v^FJcK6o68&0DDHZ=p9h&|eGvsh@iH&rb=p zn(Hq+ROP%GflA(x)hoM*jzZx_j~+jL1-rI>!qo78?!1=*GLK?X?WEcZcBUS7&ck_gdY}PB8*RGhW(|>hWRujmUTG48}9|4O<=ED z7`FPhSCk6%J%sU8Gx$o*HAo;H9;>hu5F%!O?k7QNk@t&v?soi-DriUs%z--eFma{qX_rWYMIvzOTN%n501q=v?!i@>fwmngJVk>AT*gxO zoD)oRxF^i4Hcn&o2n`}}lqlk>5GdTt$G)QG01OO5JnI| zXXfK?AA8IISiEaTk!`s^3d8HqvLBR7T+@lmD)WS(_`=C>Rz9BDRvnRR zRjFW&kPqR5`o1WOrU5V zBjWa?@r$|9;{FnZgu6UX;%nGg_9r=>dP<8vEZdF|YfQz2dzj6`C{hH)L%{;G0 z%X%B$l`;CSXL*l6yi*p4phWf z6vQq6ypW{qqxotS;G{wpxbeleJCQ)XAfFTv=X#g&Z3ITabEvegIxGWOI=@$O&JP5| zStM?IR5}6Fpz3D*K+BVK)??&fd(DXEFl%%2tgy?3QTm$FE1|pOz3uK_ls+I1I`-{1 zZ~I)!a(@rggFO#Jt16vJxrni;_ATl5)d5+o_&R)<7u6gcUAwW7H9o&(D6deHWfBgV zo1T}11TX|5+kkfV45Z{l+)!zSVcu=kc{Gp&sSow@KS=%+#+H>S@mu^3E{9{K@g*3w zTSQy}hA>5%^T^$)tvy4my#XVcTy*^}h63*e#F zyt6!8DjU&!QfrN76A_MCTZF|Pn_&^3{g2HE-b#vVJ8g%Tx6yON5Owa+as7vYv=Kr3 zVoXi^R9u-tjUF^z-R7q8{sY9UQ~qz7ki-j;4D@@d%B$#H%}d++4#0(V4F^jwU^X61 zdXdM`T4&N*oS#~Hj!OF2`nw!AGiu&l@^?c4UJN{RzOrC9`WRnd9})q>>2l8Q5UJiUE2qw-fj*C zLra6UV{N$Se0nw%#qDjzP>j}yxS--BftL%C!~2D5K!blk(-e{6z}l~KWf%0|VS#bA zs23PlMRkdcYD)L^2}>{6O7F@%j0x_hqmg1xgYUijsH8upXi=Aj45h)5ZHPti!nNnXj2rr(c>S!JUM3xkdsY3*E(APN~ z0E8HCqLX~jIh5*3K6O$k1B*UR?<4e9rNSFc?QPpDddhkDb_iO2tGOXi|GxNg&pVN863NScgu zLLwy{?>e{2a>{|~+`abUksAqF$5^dcAcuI4xQqSpn;c#E~)-RzjLj%#co9Pc4xe;?CjrpgS z{~BRWE*M4o51Ls((qxzuq67707zMn>MYwv*YeIJ^8a4!!1bPXY=D zWV-*-cx)pQ10IjG9gkQxW&Pm?G=n)&>v75-#<>-ME|ZMxwYF|&_xG1$bZ%cDY%}({ zu+lL|-xxw1pYX%ukH?1L6)sSD@7osoKY_-J_2=SKMr810sM9Jwrva~T>H_7#eY~ha z1|IiweKNKL#%~*$r=hL@@OWIyr0_JD@Q19#M8)bgo~73kXJ&e?IA8Bxy%Ve4f~C_D{sX+91*4SmOB{92Y4fxqUd8j)k} zk{JTBg}NU<7s_ON<^v`UZo)_`4vvRZ04F%%6)BJI6%!s8AwaDY{~ z7kaL-(drQU_&qJM}3oMZmHh1j}adGW_~mDWbTV($8~4 zQyLr+oGntc>g0b;7KFkN(KHNY>0t;^d>>J5lM$^mYlXW-z(LlAu^wIsf8tN5(oGax z{$YObY<^V7ZGwsq*1VM_}Gw!yjDTthtjjJ5gR?tGlhOoC?-xJ%ald!{hL$6zvr??Q2&`GX`7;3=A zRq<%TDZQkw^pTU0%^&tH_QI@SF;~R@fsRBaLT5*R(eBrZ;t8 z$Na97PJb(zQRgA5dwG>w8vE4&sUbi^%q>_U3~K-oZ`&T}a4sC#u$pOlky+X#(JXoO z$fq-VFD2?--e+og_x16i{SSvb-Kcxh+a|Im+A{|;^yReXd)IVaoj0`RIRisaHx0dw zKHGahsH@BL`k37A%QP>fNcWvTe>LJ$o6QVwFz@wG?d=tdii3F(5sas;X1@KNyb=@Z z;bUb#;G-RAl-9Z7)c%!<=cCf8H`f33Cw$u>9@h6FNguRF$)`*M9tk%avA&kBYt6ZF z0{H2NB&l-X7))vWg3bCpqcuYAZH{qAf(6YE;icqXp7_QT&8g9)*Qp>UfZQb!o5M)o zscy&F^7SMb0-*-R^IL+SoKjW1fB4y0_1}%U^c&St25cNr&b=w7@I@d_oTp9pMscE_ z6j^MhO-PVSY+I{RvqB^nJq?MqwL)Xw)GSGQR%M2bm#6XbFnV*{Bs*-)+@`}j_6juh zXAWifLDcLUA~D5Enbk!6Q~mB%{p)_`>J$UR+x->TBhb#Xq%btM^h5=}7LXNmHcW6Y zEp-QD0=Et{FhfZOdek|bMU2e)XZT_SLR+b08_&(4li?sPWUS;4Z+FhUs-L6T_@Ut9 zN18{z2T4k2e$@#+s4o3M%{KBbT!=%Awed-c`roC+Fi=GgMt1N~G_p%lcupd#S10RB z<5F*m2+g&QKKgyvx$4?ASH?0v4`suSs)Fk-@r^ung>{Tl41Z1td;^-8JRc{@4-0=g zsTwX~bQ0slhGzZp<4gwtLtond9Bo`@o`q3>9rjI6usBhq=x}(Zh=KDRSRPu|bQ6-) z1!~>0wdB~U9(EOe?uct{*A{G^2JR#E_4UxznaWzJehinh-NEXAD@+s4Yhhnzj5@8- zQ=?->BAX&c?J0{&BkxI*V9t#1_;In{6Cb3Fg57^7yOVKj5#3`i8Gx@oFB4#M7=88q z4T_=YFjYwGid-9JL=K0&IoH`#YI9VcgY#%#s?)K}u*aFWucox&8_kEwBt-&^N(y>O z9r615Z?%#R&{Fe;^P=!8d>WC6z3T@PiL-n=?%bKX!)2+U|Mjift1m$Gbb#kmdn@lN z?_!;eByvJ!agt$DmtJJ=KY`YB2()f~uWrS9l=vtTWfSYClpY!L&Z8s;=T1X6VE5j* zlA|VvOB0*pOoZhknqt3xc8H3arz+h^N`4Od}1ji~yjYA8n1qvN8j+p5vwg z5qpJY#1LJ&Hc`T)I2)J1z^Aj&gKckV*$uHS^K4Ob;D`B_!e@WFGR3fnUi-0A^G(>+ zp`{55rwg9m(f~Ih;!ftFtA0(>#=qP3b#z6J3#%LJN@ygpo?ll~ula)oV6;8|6MH%K zqY14@bLx!8QUl`moDLJ}cdoN%i3^`B$_t7w6G&h>ljsuk>LNL^`~SbsU1 zQl~-j*tVB9;BTJ1gwXgiN(Vo4f`zlqeVUJITuXYUu<`GdvbG>+7QxE#KFUNC`El3m z3u3dbeL9sBWx$+AE~I26_zu01CEXIiN;Ww@&iP~c#WqytIiqSS+s@JLnyW4EsQ#jEYR{hDv+-^7CDLx{l_~E(jpU08H%b>vi^W_%Iy94)M--VYG@4ilu z3?Ck#D4x+YJjtV1S&-bg@}?L@{kOt+yc&FQ#)7_+;%Le6mCs)>VTvYF%8r|R|6aa- zHM#Ayo`xEy+Wtw$FO6k>7-8jS`*bb)Osxm*3fb-k{Fo|2|I?@2Q`fG~x|80=-mPT) zr|{oH!t15i@;r z4dCBEg78gcufl~qUNBd4j&*Q}I`%u!C9bmI?7s1cdZeh4=Y@`RKS*7^LjL|DjBZTD zot+~%uQ=OVTlGh3H-*irx^xtbUT%f@z?KUFOLB(maQH*&&2#@m1ld7k^WOMYpAFR; z5oZ=uB~D1t6gx~scrLY*oxQ9rpH*Ib`Q=_&D+Iv8%sSweAtEUl&S(kUn%==S85@v; z+Bmg*wV3~^jy_Z#`_Q3i{QdrR$K^RyfIL5M3KG(eaI@ITNOB?2kM*D4Re|@?}Mm@SqrD>t|P8+KCd*6Z=XoH8pk(VrhpayolyErY{TJMHeRN2;qVA@_#69y}QQk3VET%=C86u7m zAj2NEP?CtLl#U2KB zeWJ0P*Ca3c@X!FFj6EfUjF$F3hzRa!C80Hh%nn4;X8l}a^mV(dOZ{rBII#vffLKz} z+o2@0KAgwS#`E6gYzsycNbL8;YQiE^V>DWtL-}g-k^KjXq-98|#c9lNovYz!l(1j zwSPX;|Lt~q=*Slck!1Kvmpy-0*w&^Lyf9GNFsU+Nd2{ZZOjvd7-<#n?0H$i`=j=`> zcB>UrB|*xQj}I7g`RxyDCqdNi-pg&c_nA<=id0h#yC-^@hF|3;U&xyoqvxC>sv2}q zeb!rQUQHYvshyjbGfE!@m05f+k=NRexjfg6{T)U|YDeW>s|DsKUL$_b`l;nJTNOi( zp2#T{ePhFOx~_cQvH#Q>fgzK+$L8!fD&R=reTY_6jDn{wnDyV&a59(sZN8!O{=*CM z{F^r$dZxHW$ENmpP5XG;J->MOL7+P$*MCAs+J)-RYn@ShDiBuy$6<`%SeUB#MyAnv z?r$b>LXMs~r`e>V*$dj2wD3u$*NK>>PV;=5c=k&gWA-i`Kh;4@Kt${fll1BV`|!h0^x7FF8Mp3Di2Om z)>ji?Ipef@_53lY9d3O+Umi#-uRgX&B!v$~>tH6u-K1SKOI$jPPV&nhwS+OPn%n}{ z{$OWu<@$n`!bVLSg_iMeWn`nCpS1pC%%LO%aQ7U)B}H315X>=Srp@sYe$~M?PM@{O zhw+?(LTYV$j>Arz?4~7je{RTxe50@XwR-a>oq`4WRUL`<;*afW_OW~RkcWWh0n)m; zd5orWD2CYGePx7xX6AEM_{-{2+LVxe7ZC9(xJIzh6A5vVM-n*RoTHX0douV}OVA)9 zL=mI8Etv1}Wg=dPO$#@w6&MeuS7~mSJUq7ldu1yZ!8I;IVg6%j8k2;OY{=yojT+2b zq}NDmf!z>qhp&tNbQFS%>|FIWWbl`ahuk${R&BYnViLmBTpyBIL{bc15W)=pe!sm% z2~R0>?8mJW3{}}%fsaJre4HEb3X0sbz0NBs1$naPZ$sJ`k<5891}86%rS!L+`Yz9X z7L;_j=iEwdBu;ow-7)&|9MlWO3I%?z?S!cR+N0yk?>O!{%UTR?QnO+g7K5M##R<{&$bg%=u9q)L z*_fVyq4r~}Suw}d0MX4ycG=2^SAgTx-`>v>VndXWGT#(SSyJT87vj^}D+HpC>(MDU z+_*TXZR==is`|hs)5d;+u5zVocb%Mnk+pc+U+RZrXqa;tC|%iEA^ZY|mLBs?s1O z1U?A0LDAO*ViW?}*es5h2!&iW{}^)OQ2@C}G99NhULGuyQ33C~0-$8gZink9YGW6* z`2&`!1=r@OC6!m}+HXow;4Il?}4q=UavIRYi^QE|>C*U*jCl6%g!la<_> zikRLQzxVD$I4os`YT(Uqkr>f(%zpR%M3_ z2%u7P&UitIftn;oxUfFvf;eFUXD9uLco&Ii@a=f)JT8u`y;8nJ2|Qy641(t(s?smh z5i9fHICJu%v7u-vE=NTZTOmuDC1qe0v})P!efFA*d~8+@cle`VGe7>@-TQEfQW^@W z<*(D#b#h!%ysvSX8BqwZar`5QmyjUdHa~z}U@wKI^GMR+(?+Q)hGI^S8-b;*`_!Pm zoAI86ikAeRtzt_dJ+Rp!pMicHh=GpkYquMPcOZ-xyZZVX?9(~SuiE*E)!sI{W#`eX zGE2F1;@1uLUd)g^gO^!RlrN6nD7jgo$95(!?P5LW&j<~x!TmR3QTXuwTk|y)Es(13 zH)ENrCa*3Xe!U4&;r5FNwENv(yX)7lQ1xMRh@T%pm#EG0*sFWQhYZ9L8QMu`)=Dr4c6y~PGr`3s}L{*DgZz7<%h#Y`#g z_1w)rL9a4BIJ95lzUwo*kkw;J3$6;%)S|2ExmoGl;bfjpP3sgY2w;u(f(_@J^njJr zOQX9yl2?=yF5Z7o@6T%~fBAay%uXwm#ccEQCGE4DiRkPst1g8cKiB=nql?nGJUgk` z=(jB>2&n>lp|E)2$6vuCeIg5YH2i0{f{V=a#`oKY#fHfV5@O;iV^ov*ALnM$O4(PG zJ0`r3T8`8wT`MUZ50C+wi6^4`$mm#7sdvcE^-^=3M3qQ-Wg#O2BTKa0@ubQI#>0n4 z7DcgA)GXrn@u3i^v_OSGmvL^?DV)7DB!9ub{A_-n-3{f(>n#Wt`TaDiKI2mGWhRG1 z8$|2~1KRvYgRy)@4COP#GDG0Vf+4pDisEqkh)9LY*ELN!Em2cx+x7&qKI^G4$?I8d z!|Avj_qu3zvK^3op3zNwopNElc>JjZ4;zmRoMi1^wK=T^kFRX(<&Fv60e^f%{ZGe{ z$x~i+xew+nly7wC3VbsJ&o1Gu*A^r;7O51HB9y9|Xe|%*gH*CKrKbzAS>XzuF_boE z*-u{@i?D16IT%Wr>Gud}nF%UL-DADdg}`C_k>St|-nN}z)nmA@{O7ylYm3080jMt! zbnxf&k(aL79p%Pu#+ZC{b*Oy6dBoj#>W+$o!Az zvX9B&sj%Wyg2W9Nk_f#rni4L=uO_ltBHnz^p}i1{Enf&fj;a16H*R#uP1Lao+P;&| zJ>4GSau_4^7HKG@O(koxTnsY%`;M`)}$_ws54u3YwAjzd8o7-7^&f?3>=P_`A6{fc1E00|)O+wlO(qR2y#?WGjX zI6NkeKLJ8FHHSiVcQE*t-P~JS=HL~06%vIn`?wxd zknGtiv&FlnuZCWjwA{J)1X zsX4P6wbYgMV?7sNJGOSnnjwR-2KLm^p4ov3JsSp2t{@f|Easo_zM&|hB_^r`diPrA z&P|Ml;~1wOWYc%asKGW;@o>Tbi=;Aw_V$r@FH8%J6PTVxr8zKm1o#JT!-$Z8S!lkf zXXI5((D#g=c~Ck2v=1s0T_@CYwiAg!awZ54$ujlrxFp4mzlz8_qzOVQ<~%x%VZltZ z{;Oj~X2%+E3sDHY7bE^=U^uk&&i(hzLB0NWVNZzN)<2Ka%{-g~-hvFGiJ#}@MW06p z)qbOuciX;^ee&laHGpw=0yU97flu0rCoQ-ICDX_Q^H?? z3(f_2m+WoRLrP=#zmgLoQ&PTnzvs!Bpw469tI9sR+ z)Db~fB9d69egi3CZY*7rBH6FWYz7(ZDOw1k-_{?4_*&I3p}az4 z=dN8G-k0wV=!rn}|2b7Y3UqaK5~nRQ%L_(f-^%>?80Ps07C>=*D-qR&tYgb@<%hxk zVXBCJ97bf!wE|}Yu!nu3W?D0CE$Y<`M%3|KuwpY?mblFM-gxgXJ^bCcmHfW(sZO(# zwDQB~r9>>VW8Y*)t*_WHzdW>fc%sbvo#^$(<93&JBA<=QDF;qb>%s1noObOe?qH<- zf{Ex~^@r@O6npM-qbKa7o3+{T&HnNpx&wO%8QZF#Jyz#2w}OfUC8|ga(=OE+h?}ck z^f6uSuZ6^uQINY6eb1ewhS#nJ7ZqubNBeVf5a@fJwx2R(iE45DPeV(&Qr?f#M>_mZ zn#eRG#&2b9KhY4cugcdt*Mc;$*Ko*j&9)ntsxMYHbLpme)M`T>#r1*XQ^2izkl4HG zOXA5Q=ji8QYBsu}MXHu`mQUP|V0pbI=%GzSc;X&xlA=FE6)Ok5Mu%?v%==T_=Jb`J zUzL~3#T=1>@&4+z9J71fa!v0No!~l54-?(F!z$_K@!*IbZu&HH3333(bQ2fe+q!-8 zzf$@*q>o0gqPT77anzCRHl&6&*JBCzu6Pr~fT_Z`;mV1eHkF>Pp$*7$Y%7L_ujb@DmlmE*kLYMRLPkLr!Q^H2oYl@5oZck$HRbn%TzhVy zaJck)OP{7*LGfFCN>zTMon%jT6QE*qt^uD9s*4^4e!!wS(dT4zepHwU^ReMvYUM;t zI+F=rmTHf}l#~k;r)aF7__`mgfXyc}w|*zY8?Xm|VR=telLbeCsN)JvE+2w0X9q$v zK5T9q11PG^^!#%%cy6dFG@00j6!fZ03_gnoXPTQQAcFc0&^iK($0uS};J=3;z!Q3# z&!xlp7v(wV77Z0hZQv8jR|9#oVrUpR2EDHDG&6d2ssx#`W6FtR?s?@KDZE*kl?Pr{ zGQS5gctHVz-2V_e%}qs&WdR+u$`UfdT>O%Zl-C0#uSg}vOuFz(h-w}$W*T;X%%wYj z@kw8K|MN00Xpq#&KXR7(mJc&;eh5o@^~M;qkN-p~gebV2z(@X}C^D)cY3n6zHy~?2 z&L(LTA7x^GONj^3xg zE7E8n-w1>%eu13CVfVW3wz~AWlV(P;1G`S1b@9s#$esghFn>yT?TrZp2+6=@IilrD#!+{0l#!6J?=q{OrQ1 ztKc?Q(PBuG+$X3E_YjbA0#ZW~PCiLrx3nOA zt66WiYQ4Tw#O^E0qv4A#gi7_VFPwEnj-F|A@xn^BfO2zm%2aN~gmQqqd}H)RddWbRpb1nHIYePr zpkPESSTM*i>`p4-;Cy?Eu>dKBfuD7w03K}@j?=m^vH(ixu?48j> zw&&Tgq{4-!BNbPcMj49cUv2!%Js1*m#Ah+~WrVWZ6^#_xHNH)SJS!F%ir!8LDP+x2 z)jK>O(9az8xDg(4=@}mMJ=ZRkppXj1_qo&J1jk6EK7ptrZ=}xoJNm9Oqt}H`071FM z?~wY+#9IOyAWBi(8|6^q1&Z&UPzoeG5UnP}q!rC%7R@?Afc2e7=aBx$RJPXg+rD4K zYgR01c>=ms^dlDSa^cDmJBzszM9fq;>{v2D+hLTKtoWFV!$X{=lf^-2=tH+n?))dW zgNJGA8Wh96#?nML*_EM{m_U~fw5HaFX!DgG2dwHZxh!>Zro3y2{mPeq#!1VCvFuks zc>3`ZP+d^~Ini^vP{plPVP2eGU~_TblDF;tuK72&g@_@a(uBZ4swBEm9u?^F_1hp; zSEhB?Xc=#;-mNEE^eLU@7giEtX7yPfc?vqk@|@*O?#m=iAJsRQp+4r~2ie%~cPk#h z?xmA`p6joz=V0YCpWJZ+6`_57pA&)OK+QSAA@KhV)a4_MpXN;+38YU*k;!tV3*2M` z!Oq1K@yI8Ho?yma8bC7e`)gF&o+;+E%2$c!!w-`#$xBW3lo!mEgKHUQxsp_!0=e=T z%~%dVM0lQ}9EQ)UAwEMnsT>!=$vZ}K$$3ht8-nJ(m8y2Tvc2S!fu~|ulo~)s%tW}R zSWS0;jT6?rs6QJ7anwffiKEDV@j`508Df4IZVG>d$fxh-r9%eyt4kH?*#+6&90~Z0 z9&4Ye-?X^bT*F?7ZBIhe@`?~3d~Q)jp^a#>_weHll(}ZE1xGTHXr+mGn$YbvL8L8$;x(q-lUyk2KDd!R>*E0>eA{go5?LRwQhRI z=qgJwnL+Sb`gIsms3WfxW^}dhRQkDJPg$_GE~}zF?e>Blk9)|Z86mM75pQ^DkaBb4Z!2C3pNeug9)Y5SC6(nsrr45$f#(idJ zROBQ4J7ebU$|h#nahXlgfU3BChx5a0ih0*p1x3$(ms0Gd{9Kk_EAv3%y5>@Ul}=Se zD4l)f?R3)Z6bJx5`&F&f2X*f{BR?bMwkOH3v9Dh?N}V5tj=lLiLzjm?Izk9YXvIm( zU%ys=rY|mi&sj%Mpxu7YD5mEJ%A|BuUX`Ob`O@Rh_Oe&gcu|40<*yiIdhvxy|wH0Q>kS*r8|LmQ3Ocfn+4!A=b zd1S1!s1=*?Hhp~MoCX! zfI5OWH00u;yZhu`DjGH2G@*X4$Y7{924S7yH_asL3*Gxm2HIW<-m)9ltb@N6Jz|B0 z2vO&U=I3{fLL;ZPVD~O3!Xf>>+l6;7h)-H7j7FF4-`?-D`^*;`r`->H&QeZo1#o9` z!l|qD5~0MFpYN)mAX~I<!@g?_@~r?-x-j+bt>ME)3P`Dc>NWc`b~hljCc z(rPPPt4!6ufzm$Qb0{9z7N-IK7P=@AzbZQkKFG@FmnPgo+;iSy#@pAoo%sEst~fCc zrK)4Pwv{JWOOhw_NZh{BSjmk>XD*UWdgnDt3dXR=y$)t`Ayg!=z|{{LL25!Z@APGY zpYgkvEVP`B2dgL9H|X)ZNxQHq5xOuJPcASmt`Serr$5obEWssR*YYQZ5E%jT76rb? z0s5(^+bL|Lzy=mo*AIO8@A=X-_m;`9({A3~H_0gXkYC^5h+5vv$LxR*`xTTqn#OO8 zg_$?xcDoH93EjTW;r3RtTkD)TnMJrun=1QPMqvLF41RCLA|NBH<1E*%PCq51hC}8# z2-uI#VMXk(g~*~`i9DF?5N4n+%uf_Rg2FPfH4Hfuy3K_#{sH z7y}U<6mD&PkR*Fkm3O{hRTDY#h@3T^Gy>s-%Nh7#`3UcZGL z@j1ftIA_SW>Ja{AAHX6KEzvi?zao-tG79D2)l3i_i!g6^0jc}M$DxJ&X(a=EGkfnj z!`ny@_{Cf8qMB+eIcOlFg|oq>>5JyG~a~eM1hI5wU#2 z>|>K)3_F4=Oc!2xW_PP-fS_dS>N9ojC9Fj#83vdge|x0;K-{W{$*r!a^HH?hDG5!Ua{uB zXy^u(OW9 zBfqC=SLVYZt_RhwE;W{N#HMI)QlLw@Q=dqT?k#WgL?{KFx4%erk#U0#D0ee|oaO%| zD-{veme;UJy}NT)ol}rvYr^ZTx|yl7-)kUxn~cQg1TV8r3$CgIRaqan8NXd%k4E>L z`zQP#h8DshtL8>@H3vyFaf)6y*pHr{$}*^bU}9;=ZVjz41ya2~F7wwnX>ey?`jIYOW*R{Cnc_sDu?ZB~)8d%K7_htz7@7 z#fZqCR;(+0{BcWia5D*}2RoKgm|AroReL&UPJ6#LmgslYrk5-_X>cSi-0Gvu7Cj{w z(FQ5ue%%CW`FbVQGlLXeM6kfQWp^E2S4a2T1A4C2#9Z>9gg~84ZT;3#b3QD*$iYo- zqAs9Vx$s!sD-rX{)bq;R|5J`8ZV3PF){Mk=Ni)sRj3>K;6WaB+w)+Qe_d^HhBXQ-m>Dv(QevIZxc+AQynlGT5adl6NfKpa!A$W$k0}VfFc9@ zBM6^ve$8k_*X-+CL{w!|WC8&r`%zZS8Cc>6-p4>82OEw)_6k2JDR~r{+aC=Q4J@ql zf@=gv%{^bqp5V`bHCHG?_#; z?}=^Yc%7FMt$kk~*|{sk#w%A7Zr?bJUN)DwgK1t39-g$L z5@}Pklxkp-Vc$xb(PsLi8L%A0Q)q4?RCAboF3(s`exL0W+h-~k#FNLm-sAV;Z7Phg&-?M&R%oVtHVZDf5c*81fdcKW*?dzP+&BI7m*xx9Qjy+ z47tm|?0u!H?x!O4@5db)v~F^79~l}&1ww*&2)nUl@!Tl0!YjYJM88ig@ZiElhc+po z4&S(tk3cD=BU_SjXp!=$UJ{Y3sfR6cbJyRl_0$?QkUUdlKG_%^5k>bI;(I3j!NUfB z20yjDJI^rItWs}oFZ$_9>5RO&uzZeaBOuz%6|)FeHrmB;DNy@ZI(f%~4GqzYYSx8e z)Qrj@JQD?t@z*Do!U4%o*=7X4G+2WoaB0|jl5KU~3Gmk!c;Tf^o;KJE952hX$CWCZ z>)FD277vm$Ug;CC5Ykp5WJcZT!XH6Xv*qCh!D8E~Lqy5r^#C~sRK-}^i5()_46#TY zyCx6Rz#(LsQ&VFOp(vOjrqsjJ@4b4+<=l3_S+MJSNv(ojWQxC{dF&0{dS9Mf8U>3k=^tUG&hxo^4WdITnk2Lzoz2-(r(p&@6 z_}T_|t=?a6U^v3Brr>p}FP@1oDk>56rh$Egf@RRlY$6MPkZbwZNn&?(eKz2KzCpY8Z2vRBRl}oL#>wZ3Hd^n#>D3wb zPl~k>x4HBB@LK&Z_qWng#+rs&6Wa?-NqH!b*yK+7U-DqHa*TT*xfQ8-QZLYxnir1dsU#hD! z3WJmZ^0v6l4AtN19zJZc2wbS=FzB}YLff6@C!4RHM!m~}XLv?Y_4SGC_e8E&&N0at z_6a;%PK`?$sC9h-MVTl-%obORdeh@nz)w~(GghE-lnWi&r*eeUygON0d^;I`m8Rt) zdZG2?fj>4~CMRbSdM=ihfV@H2Va_o)^gHAQl4VWc#d3s&8a1LiA#!`t`4|md0nz{< z%wwQYOr+uP7qH8kyum;HiP-hLacyV&*|I$|&!ow$cbH71%@PNHSb zLn6c*$Ixq+(2uVer9+s`_Onz1-$_&v+hMHD)u5{W z9{OAw4*&MKm@0aEgk0%w;sFEGph4^#GrTv6W5B&W5TxB~aGj8@zEc*s<&0cy1Q+*?wNT zXt3YA@P^1d*h+-}VQTclVdJX2t=OU@?vw(ydJalwj8F%F#)LM(`+&#bu&f8ob}*>` zOa>wlW-rhee$>Be%+*7@F_eVrAM8)9Ey22-l4qX;R{ETvJ=_0$zx$TQfM3yTSFUoB z?`yrSx792Sc`XcdPpHO)tbuw;fM-XI2l1$5hsVP1-SpphE-Zz3Y%Y+d(KpP^3G zKfrmm*3pD$jE7*kxf=WEq%RdyLMHV4;|aIz|bb|G3M#hWMZTTOr**iym}@_Y_Q{| zlI*KfnJ`>$fcy0GgE&WZ$I_#va!q_$O-CU>Hs8sIy+G{j#jPRkXecCO#!Q--%8;(j ztM&Do{;D2r>~0+~0QdIX&*-l=v)}i-yu2*zJ^4!aJ`O4W?2gdjgK(+n&N`eHhL=+M zS_nxay(LAN%&fDf5~P?b9P*iK@BL;5rlL3d0%O77 z;iOqy{M9HnFqp3XK{KNBY(Jne6;o~wqyL9}!vv*ej%)lwrw{Jn_gqT7G@%Ubq6pQQ zUFXw*fT5Oof$#n3BKbtxM?o9|QURX{LHNS0@x$j~f>5yuB&?tJJujKDVztxh`F21A-KyIv5* zuQjzlDNmjBtny%LQ3)W<;#2B~J>@hxbQn%FAR zazD-kUYSNChP8i;bMj7#{fXD9x`m48ke=Qu*coG?{uh~KHIEv;i%)iK@kudj248;b z!zEOFdjWM>5YgRpX|XYvv&yS0Irad+-wc=@m(3=Q|8G-*C_4rn6U3k-+1X%Hc&kk_ zBJLgZwEVbPYkVl)tHz@$~EUe0ZsjHFMgN9A$cptisr4))^15b!r);xV=R$5^M0OP!V#!ena zE)WEs8f)JGt0H(wZn~9JIVPFt-EcL(zctPx>F&6a1AutU)Ct1QoTAzCcwlS+yVX^s z661itA5S{0e|06(xyR$oj?RL^BQkv2jOL}!j5L3T2e93>bTo$JGO?1K`i0W!SG$jr zK?ONR3?K`usXfW0H&+D?)$~%F@w@$pXvQk=ppbeJ5|>fiC3F zJPHz#;ekb34KZSUHT`PU`=l2>=IO7i&K?~9t0IPeYBx1#0j&0CT|L8+8n+f3Qzya= zAvrgVYGMeS5vz}fJ;aetRMWD7=3eZa0IZD_^SE1**SW2el;>#M+PdinuKv?zaMCQud;9;I@|0sJB`QBqhI5SOy;V&{(v z;OtTNv%&Z=pCOob$$ANWXpBG52h&cq?`AYQ;Opd&dX0{Gdrf{ZgjO)X=jhJRWx^rk z(j?V<765|S=gVMHqU}ncP(S6QxdEG@9Ri@M#<(4T>#@9A#Sy98x#G7nO)yt@3)Bx^ z$KyYIZf)t=lRlmZLYFm*vfo6_1WIzVAukKy9u23Z;O}C0!sp_t;9Oe-y}`^pw5GRO z25Y5>@Q5#%9DHj~Up7`*r>NE6+ z#C3<9Pz_t-F2s~0CN~hGr3t$AtYafqV73v>F&2o{FOxdJgVFEx@n|-v^lM*g7q``pnx*-hWMtQ7<$s#mRbLzE9xA(k*VxhAKL z8cUv9Cyqk|T|{VwWz7M#wLS@#X#AGdh1PmkCIWKP?*2Z*q_+sd3-+se09bQ#R{L zOi4)<)obMkR{QZ*44;FYL{S*TeKW<;i=^xB3bo5*s9nbS9av&Bfq@VzK(Fje{;?G( z5o&P>Q;)`g&bR&ZkaxUJLgOSASz?$5qc}o{N3FJ8b_5%kY0YsLM%r$pfkK;Ut8i>0 z1q)fhmf%tg_g}(V0$}vx5&GY}DIJAIgwwbzvB6lnYUrtK(IMk=Qc2QCmN>*D>yU=R z>7T{-{}{;20p1TVD!^>;y##^cw@+f<{!@b@cSZmeR#BnDq|i(i0Q82N6^(!udaoJX z$^3NJF1FEx%KaqlwLy?F?k^S~1|@KJ51puX1;!N z_PrqWh=rW|kw$=!_}SMtsz)mSY;5qsNN~fz9VJMWOg^8l20oe(xtCGr``Q@OMMhxp z@idkq54A+$x3*(6ZrM_vn3)ZPmh3}s0n)VD^cfrl6t!t$669H>-8giaP#a~pr<#UM)?cU0D5d*y>wCQfe!#uXYUu|3du^AQhGY+t$f4VC zDO3pff&egzmEwKOU3ByyW}V34K-wHbTbZQX&8f|iHdz){G8^ibB})%FB+Gugzh8@p zOJ?IAv{K~Z@;E|;tKFl2&}x}e^4Ili)iBv7yUnZ&iRR>vWw1c#ciQ&drvqQSn*i#7 zm@p+J1qsoXsQGDTGoN|SVlzXquN&EBLnxK%@H#jJ^ef#!Rhu__u;nQVAe{Z$L zd;*b^^M0#*O)dMPV!G*;${`>**03Pv!0;gcE#uCl`6DlgaFt;w$%h<QaRyp0Ii<^=jxmj3m7=Sp+`@|>&ARt^igVgeII6Fq%E`< zfARW$%>~E@8(j(i8QO9T>BdZ$Bw_i_kaGw$hr#zpT)Y8Y5OXVoDQCtij2|N&7fkJv zomQ}V>9SKyS(nM3d-poYL`jJm=(F!T3JPAD7mQ+W+`4hf$EV`P&6|@SXXjn2m%X%X zp@pr-uLuxK;(7gB&~$004DcO&@=SW{*+}Dxszh>8fn8U`31ld3XaF3>ryGmH5>T<~ zZV3lq2|W`Qw9R?n#P8E-i-V#V{bZ69`gVV+^|K?#D?5960h_j<7pWbik$vTt<9!## z`50xpC0KF~!XQ03C_Dj(v(#rSd%^p`&!OEKMM>@o&VU0;JTCpOghm7rqbTDrD&j-? zE2Ke-%5%lf0#{d8M_ZHSKY#ql(94Q7y z+gsI=lG)#OEa0Y-1l*?A@m~Ull3)(!qUFY$zg72cXr=aDw%WyUfV)jW!WcDN&bTsX z_fV28y);npHrgrw|6ZS+#^Is-1n{b=mcQkv1nsNX3#Z?$4=l`)bFQw116I<&nAXtM z^?HDtLE&oau8Ypjv9l>0iCo;DK7HE7#PnFD+R*{e+>2KNiXL$wt?vkgQS96IWkt-fp(MQ?;BlIaJVa$5AD1w1u&1HLJNXPJ>T72L$TSVgiknQz<4-7o^h8Y#_rP# zHg$i5y5zDoCUx9r`gcK>724%|=7I&~nGj79u2ayPbT=lboV5ZhfD0C3URi7AS|@yLxbHLfv!W0rX)VRWcLiA2lhWAxOUAXl(ll) zp=O9f%+F!fMmj~#a~1pH+t*7x5yKyJ6Ii(Q(3JNgjud%u6L zn71ic2qmn@_OJ%?VKI^H?K=YKqnSE#I`C3sj#SL#?36SABR_kEAWr0|fV{EDENcE(6;HSNd&3!vNiM z4!alC^bVgR4_dKF7S&z|Fqc9Da~@ZN_1OU&fvqc?8$vFZtz_lcZc_EZ*E02(0$|aTplozhwiOza5VvdE$`tkW_aA0wX9w`k z8Om{#4&nsh8pA9$9$YmO6VnM>X_zQr)P-sU8Wd27$?CPC@9f)rd>v+DF7GRW*w6cD}_T(vn0} zX_Nf1=EM88`{3_-i}fC23oA;1>*k-&-;eg=Z^M#tKSchbM0`&*A{6kwUbNGPgDUVn6f=rsij znrI|OfB1stS#cSb0Q3OYtf1fY!6vLeq!3|n3X};up&SKbtc>vdHA6nEwKV|@wF*3T zrX}}Xv~V2X$KEeIudF6OOT%9vkM%=q6&V0upmve)KlgR@Lf4)|Q@KWKy3a_Gdx$Y4 z_0=nj*~MR4FQK4t%=k34*W@ltUh+u7t?61vLCe`M7Q1JyM2>vRgV?!fldxQ}vAARRDHq1Nbk98KOFICkvwl1u;> zH$Sm6OE80i>VFo!nQY^!aC49VR4z^)M@9~JcG0S6#`q`;iBaW`O|q- z8BWQDNxaSAr_c2Z{7XWDW+*_OYXo_)YETcb<7RYLe7Z07f1Q3JVy+mP@al`l(@Dft zC_*%9|3a~T^l%5^91_-WWSrn_m&mwPu=W1!x)2ZMIX$#{%!m$zF{BVvPcnj9oXXzo z8j$8MkknYzojf^j;19n_`Uid={ocP+z)(+M3f}YrL<+E*6!=A(p?I)#2c(?rzD&RT z|40;v7RMeHpDhQ)EChXRXdYbu){+Jr2LoZj77>Ha+oMx!L5K@y;S&n+C)J3$g4gc!KX*Wj!2p?&ENYC^9_rQgK?8)RSiz%Ymv6s{HLrgqzvPzB zu{>+VtZQ(PnG}gSQPJLg4-BeBF=$ke`3$L|5S_+%7rS50gC% z@V+;Ko9+Xo!i{X{zM;Z2E%ie#s3q@$SDiwEHl-u4&*)%mufJsU*b9xtUsiS) zzy1&F3vgwyjPo0b7;px3w)q`h-t+sneZMvV-1PL4g*?M!aoA1cnx}&gUU?Yp@B|`n z4?Jvt&IyZJC5t=Aq|B9uVMUcHao*J_HRU&$be1er}RN$8_5>Yha+3Zo8vg@uIxh33akDA z^$7YL)x1v+V$Vs5DyhOpMe&RDo~|+9=+szJ)Xw!0KJ)g&tpVr+e!xH9v)L|G6aw#p zRfPL6RDnb2s&mH{$94ceD9!t}AXgr7s5+zz?))UK{EYk<1FNv4ii_V%dLE$e;8!mn z{{v?1X|TWY&18JdNz%M6+mL}xGT$*PpfeqnH9?rxo{Ioa^)Y`izzrxUn|KBAhsC?^ zs_wlf@o$i_j{NtlA_)P^PS8<+9BKj>`>9sYf@tOeulU9|6LLLeLLz+X=U1@9gYcSkMdNURhbG z6-=(121lG3zw0BJ@4 z&r1#m;cOk5|2sbB|8_njlB)SE=u^6%iV8eB!~hM)*Tty)2l>Z-@&NXp8HglYgA8~< z4TB+%`n}^EWj%{%|zyEp_T{3b`J)F!(3+j|De3 z_qs*J&h(uUMY-#nGeMgSiSphBJL5J+V#mkrS3X7l30r>`v@*!)GczxjEgX9F)uowR z>ee-maqGX|Df!tRZc=AYPnOQSMJw|q^{P*m;*J*|Vy%%wz}?dV&NxI)%TUZV)3NPu zHFW=_nSKNMGSL!^ZQ3u+&~#v8T|+#mKu?PSNjN`AfR~dYsZL5mwJMKDU=5Ck$Fmn_ z<-H0mIdFS`&fk!D1TkXS_j`Pd^W}ty94K2Y+)cTa3<6ajeq(2aeX$2ko5zW!p}klr z*mB72_q6esGrq?YUbs0%hzO=SXD(pr57?hnbcb^9Is)dZyqshA68E>A>_U0DC#r>B zIxQYyQ%f?p4wQZ&%Z957+*o~}Qmson9pO!T%D%UQ6(;sE(!V_}Zk@(d7 zhbDqE=iKdupqdp$@iv23D=vum-P{@6ltZVfL3a#e`y^c znm4`zy0qgH-#?MTSqQv?DzSp{k9{=X`Tn~zQXsYc_yf=+u$@`wbNk*Rx$^BkByXzi z?iuHR7W?Y#QE|+WJjQKOPUqYLD8)h0bv^3nx`kLzPnnq8ZAADrvc%fJ)>30*WluA` zTBQ_}7n&9F@j1Ddaq>7OlXx~(Z$5QSG{5<#^rJ^VOO+SgDt-?BS>t>k8Mtn9 zp<;aH=S0wm%ZsV?C041g$!kg*?}DOSgVy?Z&YYfL%g?E@c$HN;NX*_*W5a%)ZrZxS z?f51!XiaH!@amtZg`M*2{*an^uiXv{W4*%p)#A~@`j5zCUo{eo#%Zj#7@RyuKHqE^u;_#5b6EZ!D|Wgz;ZqW z+R*P5DNQjqykBT57g=@l0-QWjd%9i3sN!_aoji|wsMfy+L&z@({{QQ0G0y)LL;9oS zzf5M;i60O8V^DZ%5A(?=eHDs>1}FFJcit|g^L)2yQlgBVeb+wS?R}JFPpI!$pJY;H#@9Hd=H^!J5?Z$IcW~8dqUy(WuFKgL?Oz`R5C}4`abrEG?%eOv3fiD z*V9ukCOB|3#XmSc?9#W#L&kvlqs7H;w$~zJVsn&F9~N$Ob8dv~?KKXiR-B820ri^1oHS4GwF@jK%Iw(3D;E+(W+{(&_g5DzyLm5H z_H7a*uDpVD<`*<#85y@`9{cV4?Xz}7)?=xxOZEsFxmQp3*}oARMZ`69D1_+kI4YLP zd?_7ze=tU35x8=PTy8;j#;~u)#8Ztvsp?5SRO&)qrJ5nNj%0oYlT4KI2MY7`6vP@+ zqYh5(>jD(k$8t2h;$=${OXsp`5>}Gj3gUL6z+t;|951Q3pqe)Hme-&ywj(M*K{L~# zUfzyl2TBFuX!LNcw9`5GfeJ&OW~qHzDuy0~%_b1X_u?n!PE>md&JK9VC%_`~lFj<#MLG8nLd}wS`qw>sy&uj&32{G-0`n`twJ;iVGS!$g28(w`?J(oS_ zO@~{4F+O{(NP)sDKfAwI`PpHJMXr@txxP)gR-n+?Zt-ql;N{_onaJz|S=A3OTZQHf zdlznQ*1EhGdiy9QCLPaPMyqF0t>m{l!CJZqV((~x$4+pr_-$CW)lRP1>t)m$KX~LO z-ogH2@;MU9_N5^KqOxNFw?z`8M9CnP{b_FtLT?{kL-KdFojOZ(wm(os0tLK7Y9ZB< z%cG@|J6}-m8tG_u{#-i2kL@j?OvPc0(AeC2$MC3nQ{ENNt{IDa|4~6WhGYU#DsuBk zqZ(Ln{*gAZ$?C06Ds3$+yzLE)UHDr^&tpOUcRj+F5UbK}=N$?`y;^hCGQi|?p2&lT zT@${oigm^5`45{VD*6l=%bk9IdPs2bw$lCJWZ0cMB0sn?p}4(zTr^jK!oO3djNGew z$7%mFTHZgu9Ox;XW^}sD^`e~Ma{PGR)pB+3I;Z9sKk6#48Bgch%<7fH?}(Q07!Ui zjw(S1*LSzIDZ~(_${g|R!naF_A4Z-R9Z_&FJ>(?MuIr?cW6ny2a$45wxEHg{M@M6^ zKtr)$5|U7vU_tK5+@lj7N74S3vqy5SM)sJwxp_9egIzJ8VtuqeRnz;iK3*pvAV9tR zv=gq{N`BR=W}+peu~u&Sp-N#5KCo1}sM@v;clpEA??xJ>_@SYp2#IQ%dsXs9eOAd= zH_T@Ri~0cV_obZSCl5NEZo-h%-dT>M$9P6}1L$}q~Vu}BBvC{~0Rx>w!$5X+pVnR>1+ zUVA2nKPE0}kO|G)&?qPDJ84CRrU|q62Vd_eCInw{hM`QYYzl$7vv;kfDTDNLpgg4O*bXcucxaRlM4_H$z?WPm~D8|TPnzN z>tga7Kx3&ks-k=3EGiQ7qG3gc}MQSlXRVWn|RV^oYpdXqOdnJDS&b^4mmn zvvYV^WCxKWBwy9xDQx!ai#(siL>;qk1^GHsa~HdvvnaZ*_6}abHZq*MDEIeExSa;V z-oJhyN=!QPTHvW63f|x%)9-e(w>7;mU&F1BC5D#p+Ur-m>9Qj#3z;3*wd-^C z^}GY=PCmvP8$p}XujKH&GcE-Kaz$rST(ye4Ep>Iv$uvDe`v>I8dq1BocOsNzNqUzW z5ZzCLH}muBRdJy3>I{fKTNhe6^A`&+n1ajc^7?pKOzc&mR=%&!#u4N5J?CsMf9xve zlYF;a`)B(K=4_2j)oqAnOKofu)sV3i_-`ckt3VmT@4Z?vE%`C!w9--?6K8p$eT9Qh zOA2;Q^J}5|v?}~jFi$?<_GnuRSNKO8qXOuI6f*aCrfJj1Jp_7KW|r3Yv;Bpow!>)q z4M2)3KdxL!@+MwAGW@f({RokGzGF;Z8Yjx!bH-DRTF>g!cv4Cnm+u!U(d7Sv!5BXx zfX7nt?hee$rFn<2tG71Sj%30JUn&g=L1nRVefXjO?8vuoa@Uf^(=K$2XC6@5aBg{Uq_~vlz+VZ}nj?EHZL#50~+9 zuOuXu(e+{S&5_6ar^OZZUAO?1u5$%avZe?}E1ZwSVd(*xA>5+BdzE z-@PoHoSbA|j#wQiwrd_+8~l^vwYn8|bUn;*@~3vNsHXq9adq*#L87FSN%``FQvXZ& zM^>9{_G}rY{0MJkYgNGjZX7HBWA^3a9XKa^F;gt*ocu$?=u=~^ z?M`?h$C-3rq;m2N-sUI;sqi%Yt1hT#s}&It`2PFT`zW5VKWoDb zFSfbq9q&q!OL?eLK3>=H)z|mvC>Bo;W`}vyM-#JB2Ut?`;x5Q4}*nyd3)>}S<M!k zlM_QzMemHPx(#j1%kiEyVjVI$@mVPWr#IJv0tW<-x3M>u-;I90SAE7zI>jr1 z4%dCV%-CaT#;2N9=xD0l#+~Q1ogJFNm_vmxJ`doa6r5GIE=M~IyO9&#scYTU5Once zv9>l(9`PUN9T>t&{6_FmT($IU$NS>L^`AfXe9b-Hk|ypu{+Nx5dQtjDTo&^eLunH| z3x48pP(A_c>~6|6v<)h>^qBZ@kp+xNHFoH4&M9#@mA1DDK8ZB{KJ-a$?W+hV(HwA{ z%gaT<+g-6s_NqIoQt3yP=2Nzy|*9-zBEQ5^Jt>o0EvA3R@8d*o-%of)ZyJ#rXn`nHfszc}P!MQF_8Lb}6GC0EwSn41{qJ;Jb-tdTKvU!|JT7eu%J= zu~YsdS$+|Gti~1Pi}!y$ZXfpS>a1(UdzY!z%`ASucsYv!)X>NA_Mhb0yGWj~t2v68v%Niy}FUP}EI z+%QpWF6LZa$3KmlcV~Vc({)RM(!&Ij67hrknY+yXL{SBNt>jxNAkcB}e|+}3$|AC< z6Qp`M$}2^Xd|Hvp&}NZK=Kapn?a>&8i)qEv<_?>@)9RQSSQfa1!=%Q&c!*Z_oTF>J zi8^=zn8DR=E1YIY{*}LIQaO=Ls3wQ`J}DomF5GYbFPKl6a1VMho;-?%ShH!rrme@> z#66|2)-Mla7_lTAaCo*VxCI_@pq7y3a^bDm$_9BISO>QjhWqJA)Tiwlyuc zP&rHKlNU@)3@mzT*5qmo&%^k(ty#ymNGmZK%x-jmnC&RZA7l6$S~`i6;Ip#H_u zO9eYs7a%kccX(!=Bxq3>nJr(>S0C%0alAvz5YKy50z$RP8bUD&n0Vbbd)dvOckWR; z6&V@N>&rsGUT=?Jk=L@ItZ&_(uB*;n`!(2)ylsuDK!GmEAK)em2I3jYIomTiA00E| zNS5fedMYl4yS2Ng=+6r_!RpLTg`@tl+Rb;Rza9{P@x<5?&=+;o0cW}!j(MgbI+%$r z7WeH}(QLY*dUMYqkcTar%Omk3z2J41J;J23Y(3$h)dr7Gb>DJK<{3bhn+H}SillqSfKa-AOjBKu_xS^RJ&8oRni8oTONPDm6k9~%+V z27^(59FG-&h~!dxlHz$BU_7R5`i0*8udBKmNv%`tK!USCK;>h*SL_nDH!@m7C0Db? zzMHrI%%CuAKO`*JW&S@Z@-2ik_F5(# zm~WfS^CVnfN)o%(W|Xm3wY`sVZ^bWjFO8%EY?y z(%-9vTn`N2q*8EFGRMYRLkCZhWR<%4%w!JhG#r8(nj(eCxlsCCgI(9_QSCxTy$AIx zrNmm*(k$RmV0H-LyJ5<#RqazVmw|kk_o;oc0a+1R?vJv0tUO^38LS!ZP3TcA^3ON6 z?si{2ebc08gdsdCc35T6^bj-l_!foq{jyJ(%p7~1d{mTIcbutfEaEu95si|+az{cE zB-lHBFqsFEV;M3)ed1>`7mi>n(uJYrq$l_2?C_!|%Tb|*J0(Z9rq86H31~-uMH!47uj zrt0rZQQVy}BLxsO=lVsq+WqS2L*L*&kB+4Qfq(Nho}5VrMr`L~gZ^IJj=hjpjy(z+ zGciu4ji8KLf2n)fx*_h&R-b*M~?XG9U7-VsHW&>X6R5d?F0fx z^&Eu>Jg5d{nJb&O^7=e9EnsNP$ShA>wfazd4X^w3SN!FLoejKAu`N-vf;Y^uC6mmQ zTM0ak{+DE=!CSWbA^w|$K5XH6tl;B!)=MFR1lJIXL`28zCG=2ek}cm{ z#po8PJX51)UN(07Ye5wNHx(=hC}9mQAUE21YU!3YK3pR_?q>UEPh-w{v;%6peqV%A zrGF<_+jCy=hd!HkpXyW3M?b>nw*HmQ{8cxor|EEtGU%q2po`l@O>&L!zTfdST>yLa z`3i>Igf|L56pHNC8>!ea?7_(BY~9ula}?fY+zWT_wWK9EkKioW^QDetJ1h7(k!SLjFa!J7IF5)`zbj1N$&%b8Z@*6}wF7{E|0ZF?w+AA?s9I@wZXadbv>j3E@ zAlZB`B&hdAG<^YYC$6U`W1>dK-Z6Nv5*1C93H2~Z)fz-y;x3lxYH}X*;5$@Vfy-1O zRN#_f20_dP_Xf%l(OXUbIg9V1a29JJ@1DYk+lI5|Em{bJ>pB)+HZJy|CH5246dnJV zWAjaeLDgqkt~ELeeXw*m9mysbT3Y~-@RXmw06p0oN>4hXXkyesgY9o<4V7+Uwo}Fg z1j?vaE=*8e{+O2msZU&MRRps=Jk5DNn7_gv=K+7=QnNWIxq}vRRI&S)qE|*1iPQ&L zIRJ*Xy*!auRzn&8)TBSV^SFZ*|G}f!MqH6hFURjlZo)AOWPUZ%n~TB~LU8HC`^lTS0rSe_AOWq@Ga z@LhPUx$K=^v~MISeV!7k6tYI&uKX$zg|`0!hwUe9r?D@52x`cW-5?a+kI{&71lfjX z(84=NW+OrVxjv#HWwVGdL0CifXfUPZ96x&6DCine#l@8_6$f}cfA;4d$9_Jo1&BL7 z{VFknZy!<&i4K#tTPld@U8W+sUq^ptW4GD!rDyQb)mcX;LyLJ8y=?#N7$r@+OQ2zs zyJ{@O9DnJjF6(ZwqaJFNFL&^rgduXU1+s8?PB&1di{7mI@8v;C1#9*1>PeU9P|>+Q z16doF)&AZD&iB!y!`EvrE{UKt05)g>edY+^baXBJ0GXXT(f?TL4Z21xCI$kys@*^* zw|f+E%Gm1qTUzP_-lL!G#FO#(a=ksM>0Y6k2IW-WXUF7jLNZ?L08FF#V<8M>dz)|m zLNYH3u0iH7)7mGLP!}y+4Ee$3=k3Mc?Chn^TFv$NnoLrLNLK4LWz$HPJ|5RT6|FG| zLaQK@`R`FQpf>4`U*UJL<$dLuuZurd>9$cIwSt*#@z+(eU#RS{cEbEWV2x7B((`u0 z%D!6wlX_4sDMUFHU9LmlpnCgVEv-1ydSEcX3?>qn7C{~27VQDXYe<$Kz`N8*RX&DY zFT6q1oI@xQO({u4|%++V0_pNrvLy+C=D9WrLq*$_nErud{_eLgATl>ti7%g z!)(>aX@x+a>Z;p`;?Yb7>F=5Xn2J4oJM44FCK#ropg>DZN_9v9*DS>u1^HPih0+m+ zyh9Ci3n}#_NGt}vJqb;fZ6wg5xad0~P}57_j1EVnCm(;cdddomA(tfu^RlOC8HY^p zXxRAd;j?I-Eg>IfYJa_7TCI0U@0tk!;3h}(Yy4HB4L=U=1OkDk-hTelxrvOojR622 z;zcLbkDGIq<4$mWIIy`f{YF;eT2VoNyd}yrE3{CnY319z>}9`BV^e(h7<>pKxyhWI zAn!OtC5IYyIAQu&5;g@7_5}U5|LZV@`tOB~Io=e^TN_P!E^)WDO1H$`mb4n=ikZLZGaf#h`%7PKNtX$c5`4&}NRD)5k}IJ3pl_ z^m7I79>dF~WU>b6pec}oZ2MeRGZH140KwXp#Z zY0@Dh6Rz)9A!n)RkV%vlGW-4#R&|1M3SX-Z>ckNNw$oG)qoX?7A^OvelZWQ zUaQ8U4Q)6+HcB($BEN1b!Ai5o$$%C(BiZ_I@oxSkSY5ww1;u>WZaYw}Fa1<;pYbY{ zT5M;q(+ZeYcF=zF09zj=7Z*3UYdY+X0mqSe)xY&_GE%ao0*o;n>DSX|(J@+|FWKAm zp{+TV63Pc<%_7J!6j={JWp-h5VAl*zj(BFSArT#hH*U^Z=FnKVHhSgF3aEgv-_UmX z6U~#_4hX6q_@C;W-ECGnQW0xi`;>X!&E>B4eub8+_2O7{2fInza4ty5m-R;?X)>Wc zE@&n1RKZ~OC&$3?VP_T=7%`#Gdg?j0f?J50S#dZW-K;b$w$*vRZA-6vTgU)8KV0>MfzqfQS}qoOL}=ZK@r{|xBi5I1*Mf0Wfz)QT8*8~g-#LlBBXwHD z;|T@dXo@EuK!MypAX>Y1|JghW01mqB0VAdskooV;`4|T`2Vcs*hjhy4L&_Bu1f=J> z9GMl@+#)C2rTSYR?4RV4^aIM*PPL(;R*zrDeWQTvTjX#x_F&0qGK(m$y@&h3xk&Wgsx`PkL(-x{#rqj2tRg;Lr7$* z>Si*an872_3d~R7caC~>D&#LrjNgkn3*g9#Fbwd>WqW~49onO&{j1l-PBr((&_AAM zeQ>aDw@pT0fyzJFXtN5KEr}+>(4(T!wv)G%3D?Puvc#CXF1uWcV*+)R3n=PWxEN%P z)HrN&|Hi`A+IWT2A><^W?i%@kWsts*5EZdE>zy&|TCgH{8OJf6o4lqk&UJ)2H?*@D zak8o~-(vjzJ8Z-~lPB+y(1_s(?f;q3bP?7icP91+76cqK9s*dvsLKb1A7F}CMtEJ` zZ_~39B4RWNW#w|*2Hmuj=^l-%b>2_&pMQSrv`7^mJ0vI;7Sur=8qrJ|NyZIlNAusa z;|9mT{)GcL*Hnx5JD;QQ6=W!&hSw|9u!4@e4dvK8M1AuAB$p5E=kT_cKCV0o@ytbFD_Pf~fB} z7N3bfB&3?mB{cQ={a9N1BuAuY2l2&={-%AUG-RG_{BZsfgcZ=;A{9*Tl;@2<<2E-^D>X8z;QHg(-PGwk>6 z*tHe+%Mo?8Sw$Iiw59ZyVv*d(cdel|BK4S;G3Zv;oxHl@Nwo_(1Sqv)iZ;l!@4!1Gz09B1?-l6&-h8b26$p_~a5E ze|GUzA^6?s-MieOMb<7Zk-=m6B@YK_Y#wUL19neE63E1uTCAWtDvDm3sHOxikZ$yq zGdXa5%mQMD;vE?>vdFy^Ub$xmzWA8+_Vyk+`&}8qG)_SBw3t#NgABfO$dh(cJ1EI} zX}a{f`Q8VSdW_}Mj{^#tn0GF*l=!Mv-1G^z$_z&sHk5%Jk_O+pOM;3XI*-<)1k-ut zeV_Rw1x{K4cnrMLE(E%a|CmiI9y}XMOVZ39#uXOy@|P|j;1wt6#kaD*3v*Klc!kAu z!NEt!r>UmPOyV?W;`#HfZF{bB-gX`Rt~()ZWhuP0Gst;kKSMs_;BBMawuzJIp@pQN z_LMi*(Er*~v_f#ALH%y0a;+f%{wcvL^KmdO_pvkf-J8^&&}Cvs*vWrr+4~e~Zj-+> z0i&=s<^nSt3v0;CWZ>X${I8J%%C(oG6Z5JNYpR1GkaYP_4U+S!d_EepamhHT{+C&RyDei#r`yGyudL>Ym*_`C@(s4@Cpc z#U8>)Sq69q9|Fh>v%LhF|&4GR&vs^zT zP)^~3=8W?`K{WB%ElD}6$fbcY@n{OPNIX%Cy=272Z8qo>;r&gMwhtsiX+J8|v?>$Gz!tM3Ufcdt2=caH z`c(X=-6{RxS0N_K+1N2e>=6*DRmB3y@K>h7h) z|0)*rLmaE`ZGj|E!1Ks4i-+Rhz)0j-8J7JVdF`5ln9s&QT%~VZX29bt&1&R++HuV5 zeU1mK-iF2j-OcCS9#?nTpXy0k&OZ=|4aXrz^`GYc5CF$RMR8lyK}PXl!q}s@h0RQ! zGfy?%?0}xlEpnJ>O=vYhX!#*FGN=$k9eIIJadJZY?KAi=!TTuJ13MK_N}s=I5yt=H zm#bKhM?7TbDf~r_@2&{e1ZY|GKtdCp!Z_m_c0m;;MM4S5d+H*~Bk*1t9kduF0gE5f zJkZewTo+(K_gh&SCw8?+>&%%mcF^nYGM5I3s>`oiCrCH{yAXQ5e*Ml-nVPv=#>-zn zCKfLHx>y+A>u@pSx~$V#lgi2{xP9;CIgewy|3AXMJD%$PjXNhQBvDdH%g82@Es|`q z=P}9%8QCM_G&G3pY$}^W2|3m&l~pJ!TV-XBZ1P;+@6qq>`Qv##|9IVZh4We0cwg`9 zeW7n<44nzM=fC5W8ATAaq3?2*^&vnY79S95K>a0W;nomam;YGec?t`xjk3^ru)24M zx!lW24t~#9Rv<~=StD0r(S_FUW;t-tX2)V*aYJF<=dGcUBuq5zHb3-J2WOQKR+r9{ zL5l_ICA*>0OZB9%w`c@QT0l!K2Vn(!SH8ZLt|iU6#`Pm!=l(xl z$BiddS|C$eG;<%UvY$g4S)~c<73Uujw{Cuei45^#TGkK<$j>90e=^5xd9-gjzDntq z->o5I6?WSbJS6rwMD_Wpts}LyD#Iv zWYZZTMfAZOG4$F7(F+9VxtqV?%*z#@Bnd;o1*)P*Jo1euY1L*fIQ|=@jC-r@eGM6} z+GYEW&*SCgcn>-p)^9*f2eP`$$P~G#q-W|_utx2ROIMCzHtFAZZQ^+bwDKN@KNFuA zv3gLQ;#B={2x&csi33!V68=ga$82dQLLbH&iaif0Kg@;r)n1<2p0MSH${_Z+g~ezm zz9xXwMmEiT;Jb*&{}&ypoJfIHLaba z=kw4l`Yn8MyP4m1V&kRmPbHZbdktRq5nRR42mUuML|rZFUYV%?>>p|V)bfs;L`Lc7 zgdivBJiDnijHzm3!a>V#pd7jX!k6ROPB%JCgBBjk1LS%e(Z>%A45rY#A;mRXPz+7C zho4uDg@DP)JK*KiYEgD|-vl^e@pGj9bMyf@KO(k2;>yl(crwzVml@(DcKu3V3Y4s% zb1;p0U_>mfwJVO~T6dBg85s|!50}4=&I$;V-n>$Bm#$+mFv*G%-Glzq$lLYkDf;TO z{6be!nr!FvMB)TvG> z?Qv)saux#s_QA$`6Q0G<{;N11rQ_1ysP#V6(>aF_eVJ$*qp7rQ`k;hmsd_c<+AeDV zCrG{*)|z+ljd!Wuz8I5mfG(A_U4x_b#in1sr8^Y?jE!}5lbFkp;q8k-OEu(@TB&8} zx~6|prSh1vVOTT$p<{#L_Ewstd*PK6n2-DGsytlDGkBs?Uk-HQOS8-I56D?>DcwF( zVZPjp;+`kXp^n&?6c~69PQkegh`^Kd)cWo94<)&BsH3H!YXxi^8P6idg;IV6Ic?T6KxAH_<(Blz@j zjYICabI->mZHp$W6uTBZOWj|*LhTlR6)hLqzaBkewZrsy; z`~j3wG^C<<(`4^L1ws?8KtR@Z0#mZfBY`hJcI{n2QID|YIQNeeBF5!a9uuu!jSR0Y z8oVvrIz`69XyjLwf5yMc;?9tzjeRULCtr-hNb}6$XRlxD^!uzkc>l3Ci)?FaQb$*74BBGH9;Kic1-jpL5YO+BIhMb zah@?b98x1U{Y|uF8`govlJ;jX3Db%1dtzKVqiAoO+q2{Lo!hK@eCqzyYk_)lpHiK@ z$KT$dq@4FOR#PPvMt5MAsJ|Wk=3t)_9luy~X>wyGd{$oK!ZX8tm~Nm<}y8!kEH5Drr^_eWZdN;u`9RK>gOM=>>PXN`dfZ#g3|6!KP5$d?X=y1 zIpK+{&H)A@+I8dNlnEAy&)f;axP4^XV#TdP)LN=YO&5~~yjJgEzxICRk|p~CH?s^P z!0Q7tCM3k|JnUTBnzO;X7Mx@5y@zxH@qxoBDIbKsva#R*Oz)9H)d|p-9KuI(g)51C zv1z8Mn<8N$vEO9B6Y|2Ip?@!FHu%1t-rIAv_Laqg2WPbhR)qSvG?zTPTGA>0>RAWM zeXM!836Igvd$=?=4nmln8&t5JMEz7fT@`LizclDFMIa;%M8rJ0m|MH&e>s$c*vpCv zlYXxSwd~y73Ae6i^1YpMbVFepGz4Cu2fS=o`D|?++NBj|AKwG_aHdfaxnvXM{awzA2#xIk zV#D9p0#_zUTIdLNups3`gng-6005Qtzx!VJ|22ukrx?$infeKPHRiS7K3TCBvt#9M zlKkSJ9WG$2Aa=JhG`?pf=PUun-r0Lh_GYWy z9IB(63gDHi>S+3m^k4?&LQF(3N?dh2<-FjSU$NOGYir*sFSg8Z7MPjdqOt1bYrV`l z^Owll9oAWbQ5uAX3A;TCz7=Yj>(6<2xlTUwI1l28q@L;2-4L)1Z~`(zPk->FnVG2O zyW79=8b70z1T~`I4ai%rmn&3GA6l6hm4~v%W4(_*Ah|gU6{hL_10#reL2p-urn$C7 z98&TH=|h($gCh(gip%a=Cy{U=aCFbc)PSGyd56_^0@Q1Z{9AI#UN>G^jHmzAS`nax zd|kIwcpHX!cy`+uj?-41RAcNk@N@VJ!blG!AJARV^HX~&AS*pkDC_d7h>edAe=Tbo zQ=XolKHt&f)VN@_9)Dbj;T8z7zEg?Gsq>Ocr+IxhDGv5x++)L03uW zCuHT}ft5I{t|?vru7qvpmNwM4X6Niyn`i?jCv6i2{VyBk+*tk1k{R-u zB;bMMe7Ha49>%%K>5ikNFY;f$YW{JHrImH^?eKZ`&P9NrA@2%yy1QVOntr?Vi>4;X z8l3c9nhgKdn(2Ahx%~(7CPNAK9eLsDDzVC-4`(f7UfOJoI{*nDB9h}?NEtO~gmaLG z?zikld{SFe*PqpgN9Yd^+Kjd%T8NdDQP?szZlHL@J-=%C<+mG=^lS`}&@VRWWNQ(9 zg~6S47Fg{Pbyg_Alz4HZAED6EIkkFoCpyF8`qrkN7C-PlCz!nhvy zHc?h?7WF-v`FJZhWz!%=deJKLaWfGfE&@~x8X!BT%l4T;UdwE@Pg<@Vv1KQ{v)lV% zI+}=AL*tJV!f#(vPg}fx_U!b-;NVEIoxAE{c#Vg?D4duQ0vDo1);IR_aGbP5yc^@7 zyV9I0VqCr<6Q(W;sEbq)eG~RIMknY78PsV*!Sv#!j9i;?I6_G-L@CLL;~b@)6m>C$ z>T;G^)OI&!fR;7#9wo0JO*Z~zy$3sJXerwW7QlcYKDLHP8_0D91yU!$klRjdjBm`* zi&zHM7Q|7U9^}B4Uf_;k8bK&D%pV#=w^s_w-Q3RsiN4;HXnz=;iD!07LBXw=Uy_|_ zb*kvUG36{QO}$dJF)6aQa_N`0%kcB%0fFB~IZ(C~Xv5KuIhpGlW~-Mk?lyZ8Q+~$x z#RBEwljFI?({?Ep{*VTE{Rrm!m1oaq-Lo_$$SIpmvL_|a= zK~7F?n8|F5aA>x8qilG2-Gmjz)u9Gjh}1wm!iXm>a6ZW)>{?cJ{Fw)YY9+m^d5`rG z1@hnQSA5EVmnoW-bP=X4Fd(-1Z#T)g2XS4`ErA!|h}Jgwa4{Wv-rzB(y2;XH=QnOY z1TCnDA<%9@ymCQ)7e7RGcV_d;UXPh;UBM_IA>OSTM>g{xp$~NFT$rS zg^`3>(Tny!LLG88lME~ExdrvjX8!H{jqa{}_ag2<-cpd@Ly{$gf8le;`I333q)*M4 z*z}i^N&YwgA9cJ6^}*%bC8f`mm*w)-x54mJcIk@bAty;h)N}XTYgs?my|evwnIqvS zicci67H-apbvf;u7zv56y*38j!gfJuxA1kSk;PsR0Al#N+d~u7E&!4@*XVzqM^?~$ zV5N0@Q_IkpAEf2xdn@Jy-JIWy@6x%O~1{1n>l8e9Hq4edXpDp3dbTZeuA#`KLPt_J>`2o7 zJhX5xa{!v4^`HqlZ*ws(QByFw5CQ$5_7^Jy30=jjtECOPMt6`F zFkE-+ot5>~hOgc~flOuOtFu$Z-HO|3?BqJo z2j)EWMonn|hkb`r;i`Bgw$Qtes{Yg9f|E}V<2Xs#FjWHSr1OF4?J#lLF*?0heBwFo1f5J@K}`p}|)Fg0Cza zLf#tsp=MY)@!~wQ1y(;>2%&SNn*AjoyT0%bP8Wo8k*UR~ea@e6K=NMP_fzx53TO6r zw9ol#BFd~Sk%6n;wt>|tJV^;Gz`89n++S$4?Uv3+OG`sLC=e*@#7Gz_ddAMtfyFp* zWS<}(m3@_6s2ZA5-mjTFyj(Vqw6NGNCu@sx|xJ=K`$Vzs`P@7$zSwv385<3Yw(i9TL+Iqrh&g{eTW&zN9|v% zuTWw55Og&ZX-WVd1;#xC`DDMjN!?{-&lpw!(u})kpkJLJZv~rTkNY@sXjK=`eBAf9 z^BeC>C}$Vi-9H~hxdqPEf6+j4&{l!6pVX65F4vTk=J|nQc@w$s2tq<^?(g^8^A7_A zjP3yP#f075!MyX>Ybl7=5z2aQ!NhX1kAQK|rMq=&K-B%d*09wkp&YnBSJ+L0e0zj)fIoJ-jxzcCd5LG`11_~fz6Nfz5k$P({lC0)$s7~)AgLdQb z*u5-QPtW)^W)3gwPH_!>ADw8mJtFK*ljJX!)_-1{Rq*xCV~rxgOU3?+!NHS5X?{r` zo9SdycatqPz88k3)%Fy&MVm)xoB(COl4FuAy8*(Up&=r4C<_dY8t?oBt*8A@8laOm z^FQVI19`(pqYQG#bIJYJ=S<5wTUe3ItheH3QnCdhXV-`07z@W#2=|t3~5&@5YtgQ zB|3qu{t{rGj9y8B!nnS>-*B&-jpBQA2%U2s&G>=F#^Y>dwl&539LgUxdrm-ykt~@% zGg<$1zhZaKE_jZFo=6IbD}zJ#m|j6Ahy$RQ`|esH6B~%B|0{y8b^SbGPS4*o9M zOtMVXCUU;fNxJ(v!&%Xb_uO4)e8Z!Cxh;{94wV1N+b%S=Uuc!XY(ialuKPkO^f^Lj z)dldYrMWW?sSfbetHid^X?FZi#S%4fZ)Ax;I{hZs)N1R6{QbV* zKDTd4;Zn-JbDMLnof3rK-LEX6apd|+SpN4oQs0jm!; z1|_yQ27LUpEB?&2PC2VTmH?V|>?=a$iqGSkEc(!XC6J78dje53>6E`@@sy$v&C_g0zcX(L2fHsNpRXPiB?RtbAA(pI&14CTup) z(smji(Cfw!A|89gWM~+3rfJ}byRT}JyQ|g@OCT)pGg=_DjzCXpgCO_O5RC{W;B~JD znJ#DI74j$FKd` z#;pcj+iSj2Y=mCgGt)ru(=zvW+Cn8)QNVZcPQ_htK63pLw z_h#)Tvj-Uqv(s53K`|ydPd;g$eN{Ymqn4j;jcPJyK<-nDpwX+y`^qZz2?rD3u!2$O zxdf(@olpI;%=$u^ztcnZvwQ$YB}CmuC-MX`Qs0og!gXJzQ5Yw7Ai`2h90=qq9_GKm z8Pejq*Vw(?(>e2)q^{g^Kl6yzu+RU23nyZ$kK1(sE7>UL%&)?5joR_l><{ z`^bzj<>f`eAi0-J$ujLJNX}&*^H}n+cwl1&GBoKuk4f@#Dc^NCYTg`g}_9I zO57ED%w_($lH>JXE&#BQQp8n9VA%b*o|XvmoA=`$?`{}!{-x`X2ZRR|$2I5sA&n=I zyIV@x)^8uBuRqlq!z{#M@@FZ0ZdpoT9tOxF&K^>>*hUX!d*g&lcPSc$An{?fz_K{9 z2$w4j78e77YEcUKQ_$Uq=z2*1tLx#1St9rFr5af}`fVyr66nY3*ov-fV<*o{c=JwS zWr*CS4DmcdA!{GK7_gEQ5alFQtz#N6A+`E}yP#kHy~@_&0q>Fe+SgZ_X8!!{@EdKh z=q&O3iPASfnx6;ccwzU}W^S*o`IKc=jgPaQKK-MLFZii-oyT?R=Q-fVbIw6MON=oZUhrET=qDc@ksT zzo*IS-3Jk4pCR75XNf04V;UjABD-R+-8DI$w?6pZvR(~_j}1<}a09U8xr`e2&c>fe zO#bbsvKI5e#sf;|$4zsj+kj|_Xv)f!>$tb+LaS;lEAZP2)&COFC})==f&b6uy|RCT zZ-@tdlB6$gr&D8zj;s0O>iqRHq4$Y+b;qL(NRT6G0t=WPi)u=mQIAb(7auVK=MZA% zeItBh^1}%wFN3EUgc~2YR{N_rF0I=$eA~>d4lrFOmaL9(_V)C}z<$;^>BOK>7WBSx z73Nmy#L6$utotrc+fL*YOnn9uC z`PoI>$nyfCqlW#~$9E=E3Seg^BkvO(Q!XV21|F00Rg>=VG>SZY!RKiQL&D#%2)r8* z&0-(}tX#G>2Y9}PA2&|ewJPUpAOb{vKevn3AAgc+k)7081Hb-UjRS)2b(sf;kfhtq z@6@LU0OfDfUZ5rONQC6ALRtNbUGNT&_X%J6c?KK62ugr{L9wpC?T5rW)xvCQx#&?IQO*+!LL7q9F!)Lhya$)(LV*}O9t?jNEc|Kmd&=AwUuyZR22bsDG=s#-1Uk$JAA##> zE`~7TSU$49z$zBITeWuo9_T|GW~@!$&?|2JSbEH$l6-n@_s2JueC)D7_#K%p8*#>$ z<>J?T8HT3t<@k7*<<9c^NX--mPc<1|Q^Ixb**li;D_HML%g{FQ#rWz@rad@p=>XqB zAip3b{9|YdzxU*<;agj=ZW!GtDk2Z$=aC>TRQX(>O2$g9a>Mp96xxsb_(zu>JQ|>F z2m@2RlK!T&CDU1T0^Z|kFX<1d+F%RH=?n_{V2H*GnVfM5CV-g+Rd3$-*25t#^(LyfWdbNZCAoe^#%~CF_6P?Q zlur}vOhL21ebfhw5SVk{mHJmnCv{l)OI(LCG&#kZJsGyqm1k##A8!A*DU}B)zW<}{ z8cTz}UgR_HgVhkXfKOHce6mWs-<`jSel@W#-gmw`erNZNnrEkn%DjJ0o(SPav5?-= zsmW@8#^s>t$;bSuI#+b#Vf(_Vw48snGa2JOpBvCgN2J*^wy}4~t;^7`;_sX63tjNMDIecRu^PkeIx_payL&L{6+;p7VyeJuAEQ8f{a6CRk$y6)=vHj0!6w6n~-;>i0WmA#2xK13upOKlh*QOM3Da zJs&sTS?CWD^Jr=_^hBjB#8o>NwT^*ZP1VQs=(^93y5BSMW_iXk+*Ky#!y8RNzsqMo zBrUAfn_dM=t!Z+*0E7)?U=SaI>pnpaRbSj6Bb&bWqWx_*{?|i@*mQ)3gzxu!u!jB& z6J7)qXm{@tKY_y6i49yT_mWdl*HWMx zalQ8q6`3dXF}_MJrk<@DM`#R0iH7CNcUO_y>j|y1uF9b))oIZJPFgu3Dvw=lK(ikS z7xV`8tdc5T0^V&Q^5h-zkLiFC8ZnR$c;HXqtdu~kX8~*=J*o-<5P%^b8-zw6j&}sT z26R3T$vXwok@K09vz)jgWp`Jrc#C~&Nk4<>ncgFmJ|}>PjQ*Tv28+J!%Jz&Y3|2y$ zj7Fq=^2S26~+{H z)54E@`m;kVH0j_#b_9U-g3pCQ#~un(Y?+4L1XFQn+p3U|W!n|;iEexy!#^hPP*z?x z2qAVAjM7WkX>V08iAjgpKBz<+U7?f%tn>`U#3l4#_=c8q*`bnDio zD)E5Zdzp_-f5RQ2A!9~JOLHSv;ukRirk*m6`h7)zFe1ruDY2()=e{`R1!mJZS3~di z@(gKYsSmwD`TC2*3TJI@TZD>!Dla#4Dh(!v3OpfxhF+77%#1=u=#uhYOS`dCS0fw! z6w0Zx{1r#t_Fq+FwuW#k zIl^`Snc!0p2$>xB59Vk&iqn+{Rrxh++>toGMG}Fm*nS<9O-j9NP&EkU5qOM)mu*U-*bw0ncb@keVn4G zESQomv~l^>j=x5pIEdkTUGC9b@9)_S@iU_al=WtNaPw10v-6o_vAp-&M5T%+5e9g$DQUsG{L!O{uv+XG7gGyG%pPg zLUd0!^v1vZ@}K!Ku+Mg5C%xz2z9isdf1n0rn(>XXHa}Dy3N~eswX4UhtkQQ3o5~W6 z$e<^Rl|!bDDIO{(`Nu}lYAYI79@b4wFV;0Ra|L&Q)UEvPP0pKwPA)l)6VCUIB&Dh{0@S16dGwNF2e)qsO z%kMdiSh+8rPu7HSYagw>-P@&YZEf3&>!9iM8Spn|FC(DySr#k3eNH=ne_Rg~MvR0t zuDx7cnGy;ud*EY0n_TBiTb&s&hS@*TbYM(L1hJ8AH&_J$_&BCT7Wux6JnKj$do zV4zEY;yByvm!)eiOXCh${I8dW*H{53$97!S+#{+DRZAgvn5G8?E*a^2-L6*69g_Wk zy#9UUZ8goF=Z}5m0z-I*CJp+#Wr+K5j~c|iUH#HLtmX^f&RdyQnBPAg>s15*OD?cM z0kR4|8{YrvE!zByo*H?Dj*PGRo4F^73DP@0vVLr+DXXVHI9L#NI}0Kq_>uPH{r<~4 zSHDnS5E}A1a5?lzWltyI!jI5M29^QlMjcI>jaO(>l7^FZIHL#f3j*eeQ&uJgKY zUTo`O`t2quF0A&E{lj=RtDP*74Q7a7V;m4MNShBTV2Q9lnplx#nL;ntxVudjfP*1O zAAwQ7?umEWWCh>v3^&pOKEB;AMFd&Q`6V0qqnEZBKB@4%G??l?*TX<5Q{}pIAWs|! zGcb*bZnya(OSwZ%kUpat78b6}=+rRG6#ccOZSqz0t1~kivRq#R{^;6nLb}V$0YcViA2#xbBx(B=`$2( z_{u8B!NCgp-g*}DVC3^3$AP_6&Sl`uVk3o+VHi+Q+4crTkHgfNd9Ou|<>gM$Jck~i zmV9FLBQ9^JpBDL5AeA#Tw|kG*FOMP)M1g5cc5rR#=xXCAv<8fYYtE;~#TlF;E!;Wm zkn|qveNoVNEhuQ6N~7<}_16)@)r9V{PSJfG|dXc4eqZD#xvCb=cjd^p3Diev>)9|5D}zriT^R8M%!y{C?IUoq@C3CbRk zuEU-~BYj4ieV*8xSt9rM1&2QQ9j+N6F4(}JEw~#*6ut$_N8GsJrk-mLLUB{uZ`7AU zZ(5Yk3IPjtAz;Cv0IpFacW6@$966xZ^N0HmGh6>Hp#bfwQG!Vo`?dAQbG8foHM-hR zt~-9Jg|35!vQ2y()NQ}!0%+FV%aOlep@k=M4^ zaR1}SI*qLvTB|S5UEQ%~KK$nnPPQP&IZaLOgJ?G~{}9IHpRW@89SceJ`GEkRjP}b= z($!0W*@fSamKCT00a1XKg_gOTfzQPfJf z(Y*nVXpDpOGrw5Jkly3SKR-)>*VCylpMvFqj8)+&M2CQXHkZ~@<(hUdaQ&gTBIE(| z{Z<~|&WI3mHC7qXm1B>~J=hkYdsKwMSFg6VM zZHiG+QN3Cd|ECg(C{RNi{A;GRXGn{kPcMVr*Lyp*Fke96=I&c^@%!!y^}qAH?&Jr$ zpy}T+PDF8(SM3!&^s#(J`&fL*`TDb>hNmpBgtI=)RfvWIG}LXSR7%{;9hY3*3ZOpC z5h+;5(eP=P%}w%i@$XspJxTlZ%eGl8sk&z7_pPn)47K|&)Wlz?_3X7vJn;DJ%^e3n z7#?Au+ken<|85=2HS9#!x2p#dJ|}nlHtig4Z++A0GrjI!p#Ax3Ku2qbw{bsHADfhC zhg(jUEZZm^&!$UneA^7;KTWD?wtSFK}8vNPV>)zh+fEq ziF8OH7941|)z{x*j>!42|0HLkI+kx2Gr!PON{>%W;c9e&DceD%WW2~`1TcbR!)MeW zD9H4roAl(HNW5k|ah+dgyH6#S7(F3k)i@T+IFer5=&AzWYjWU)Q6+_cNw!H)P!QW` zogQG?Jv>Y26Z?Mc?^@tmtzh9=`Jb_oh3(rx7D*MAXBCvo+zDB`UjY` z-hchqSTt?5DF2-1_j$8segV1qwg-U&a5QU4i4>ntLrn<;pw%nMKL)w$f7Xaj2YB@; z#RPJTgZ9I%>oa)55*i0v`rs`(eq23u&M54bTiub4&nk~27aO}Ce{qw00g4fYmBepb zyeTQ+C+%Y`yZgy^kbh*EEuw9-y6$E0E|XkE$pX*%@ow0toAh5c1Y%;@kY31#XTKuC zU4elo$d#K-!>yF$;hugCRem;gX*P;Ik{Q5Vt@@ zo(xJGvBo=bXQ+>rweWQFPkGtN#`D}{twE{Q=GVxk)C{|sie6v4hLbxcbj=}8b^`g8 z>zLRcg4M)#J9k`{?afz?M`Fn3%Ai#h6AapcbA~Q${W~@wj|B4-MenHLUb&mWdy9IWd z9yxd1ON+iAnEONfJBBlmc(0fK`t_+8hx8^;e}3)dZDAN=-1(gqy&;?Ae8nD(OJBBl zL5rVNgI~F`;IQ6h;$6&z%~aLP0Ha)gfV}#vs&^^N|1YTqNkrwy#-GG`GCzU4lgTuE zDM=`Aed8-nT*7gul#zc1HG@nBMF}%LCaA=*_{hByP72tpTZSYV0}YTdXw1hEV=0hJ z#;+LpVKT4L0p$rA4c=*Pu5V{5jgq~YCg-9B^R7EY$Ug&I(u0XLD!25teJmb;ym4X^ z!O_?SY4A&pmGM)_oa8CcZ5$nCt&ayT_+mW8M7;K3=833=x(A9c4t4Ol!Kg&BTE+JN z?#^+fD_%}U9py9^J|;3|@-=3!oo}C^Rw=TCp_e_Mk}v;vioY4gCZ{4jmy=_@htsW2 zFHp1baj6d6Hee>Z1N;KvF>?+TR5heIkSc^t;Cx=L-!Gl@c}|kg_e0jHLd6^b%-1TB zok_471q@?>M}4TEje)-JLg~`qVQQ|FZNi=ncosM|dWBb##V0?T(10L{IJKnDp%X_k zrt(w_^ha+NZWC#c`>Kw#(o!Z{p&wQC4E*ZGP}2;i6aNIjPfZ5D4AhRk_|Qn*xRRVu zU#qk#jj#*lO!yoS(>0QOqTN?N^>;6Wn4X_5*6s5%xB6!Gya}uY9vSQXRAq2;(F$2(BuUDQkVjP(v*m+IGVILYnX4Cqo4*m4bab@;-aop&aK}ILw)igNy0N7J=2xmVCnc3aA0Jy5hW`9=crV3`FMhf9 z!h@+*`$&0+0W6oFk0yZ!l$F0IwIWj&2jhvp>&?o>qYiPY_uPYB*z94NQRmRgLHN7b zH^gs!hevJL>$*PxSxfa~RqquLjLN#SdI@RpIPeum~gN&qA!R}?&@;9tD zPL0_jl2z^erBpeltZyUzZ2dDhNKIFW6NVzDAer#dIJ*)913U(Tw0g zeaOO9o*E6d#9hwLbI_HNj7&L2T|}?eNBaS_iC*lprOizZ#rPh20gKz+hA`-^yNKEa zx?5q|IxaqgX?{)<-q5;4$&#l7sXFIMdEIPpYZb(K+}4?j-%Z{TM&eJlk8=uukuG>V z4UzG!S3V1Z7Fek>@4EjxBp>9E_`N$whm;Vw^yAXf1NFSWT!1NxN8K-95>JK3y|lK+ z`TS=Y_6t-JLth;&^D0*H^IS=f_Rg5Ozia<&F?b;}YFEEjRpkJDssh zx~5vA44>k%{h>W2&>mA$!!qA}-)g)DT+fS^Q>_p(2un(%{tZ0^b501LjqDQ7p^fN+ zayY5l@pQX$dAXGC2p)ndq>3ec7es~^k*Kppz!quLkRfJbQgqr>78xK;><<1=q}`cn{( z$WLuj)xly+tD8OG<*l1+$tqt1i3A_4!kz44*f(v!`lLo3m+`d8RXk_LyAReB0VUdB zqU8cCNPs<$=_H%{zCZE_zDTa>terZpe19@KOW%g%V!&kb=LRz*TKL~%m+iGmqc_S{?{(0xBp$aam z@JzZ7UeoyH=6B+h$3*=M)kA~aQ_u*5-Yw@Y$vuReoSp7({d#i&uex{d6^Rosi|}+A z7ir)rUB*#AW`4E&R4A`p^o*e%zpBtRrZ%Lx>6_7@j$gv9o8$9iv}syahW&euky+A;{qe)KfYL+(_b#BtewVmNaK@{q)s(Ezm2@G^ShL~>L2Zbp%Sf1%ZiErs{b&-a8g5C#+ z`=>p3ZX)L4G#F=U#Qx3fNv!VWOF3Sh#aHq^oJWHf*dok^cqF7)(HOjhO*kewwRZv^ zpTeaAGFEFEDbb(!1O(3U6ogIZF)^Q&e?$$Fv_DJhjQ@9ooDtDq$CsqJpMf+K9#QRe zA9Ard3$gmcN|)&^uuT2CUjOa?f+tW!{1z){&wuUDNW2*RQ9-5A9E0Ozt^madcUEL| zgu!w)AAHs#P+gaJe_i6k_1zX&tiszLaJ+%1$p2J~M)i(OMW#M%N^);qC3|{m1Q|JO zE{$`gnR-?5^+-qiJFHRNHX>sJvYq)Z5JqyXWv^zxf=PE}yA+EFKx)|6IFZn(OYbkEJ{E zk&_9d+^}ut{H0^jC&S5CcPg)O6Cv!q;dCzfPPnD#t&~*B!!NJblrTIJElL`I#t-Q| zuNF8y-fABU0#B3D*W800@kb{gbwYR&n3R}dhiD#<)=bp(!SXvNYTQ>ES zi$j{r#4pSXB9fa3`B0S|UXkU_=O$Zlbc-p%+^c3X)cdbrIN1j33V)VucWXyF2>+V^9@wcsQ4gP9H z2Wbcmxe0Y|m|+0)kwT&QIZnb9deSGCxQE z<5D5Rkyu_EE|mz)9Z-F+FE--h{Y!VDK;$n=JOE)(^4Lv$I%KRyJ{2X7({oVx{iGCJ zRJ7%OfKJk%p7=6BA^#j2LI$$0=oY}25H{zD>7Cxb`srL;oa`52JhU|1 zHv@Ss8VoxU5WP#&d=&sDe62Q4cY}Mj>!FH^hnr2Gd*dss^A^~xeSz)BkGey-@%?Ay zSJ(Aq^4)4WTM>7Mj-9->Bum?8u; z;AO7NnRSwq(%1U2XCmI|kfVDEm*DU&CsGM}pDrwzf0k%}T|d^KT2f(NE7R9StcetPl@SM^QqHdYvZM%t%1Di< zc{&*xeq5w`KFsiZZe-e{tKWkq!F)s$%zeNIehTaBegS--ZbKC&uCVt$Y;C= zi4sY+EHE6w6<*k0K^|*hU^tSHZEePR3tsbi5#E@7{-0yw;cRiANUm6@S87jK!X*8; zeJqY1CQ(GxWN;#Y&-lBhXV#Fv+6QrJKF`IhbMe=g1x<|qoX{Uq><6$4-#sUWJf=sO z>H)utj{Rl)ryx3OIaTxnqO(V?8D{{lsw6(_))Vvkc%*}OJ7QR@6z4`hYCnUhTZSf= zy>YvIig7&K!q=ab^KmGrNosM|lZ}UiWD^y$69eWO%}! zH)pOG`s(gWDto4GDs}EOS^06 zu>(WS>@RKfp$Q7#c(r;ojYK~r9g8HQSb9G&5hX2{GvSt{CAb~1rMlGv{vK7VwU@tT zcpm+y{6XZvO!avV@vk>!xo90owCEc=`HpZoj@I2k0YW}^Yo#-$VCpBVuJC0B6Z@|* z4qv=hZUk1DkHuUQIk_vC>Kz$OCaQ#7D%V4ehI*QtB8R>y4)E2r|Mw)eGO#w++&@7qPI~!mp=G%d}n6P{9&)*F}?nZx>?OS{6Dng-#KNLdi%K(_9g09hsPbu_voP63&?Nf z?LdA6W7UeaPcVX`%C5DU_;DdSD|VclxdBkxd?$){gwp=mnJ?QM-WL zff@2q9Jit6&*PI&{II+U0F?+Q%7kfAGdCM%6NB_HzuH1Rbf_sFZ_LXR64*t)Hhm#V zr1XTgRjtCkMip*Xw!}hw*T-!oOLR4+`(bU2`^!jZD=&iiZY`8iMC@mF46d@>9tDA} zjfL`@X*K5w=89D12K9%!7JZbLxtd1g;HoKQLSb+e3)DjjBVL#Q@^sQ1k7HTdIYiiT#9`Y$<$ z+;N$V>5b2BfaJTq3p?DS)G*>V#zb5GSM^E{+cWp;$pg~rIlb8E!tFljyBH_%QZ}Nj-CsLxOdzN*|2mJiguK#bC=XPMRMb%d7*3dL>RD69p z@7F810|C_L!sIuQyl_Nh$J7NBb-f=)?r|bJvU`LHoSCZjb3Me=d19)&{7t6&JK>hn zJJc=?8F+LoCY{#@1df{;$|5n(bs+>wsc(LA&+wt1V{AWi!&Rtm-FmGK7++TZYsN&Y z%=ZSbG~zE388M|Zi;c!$8t#rcBe~vPwdA4T^f$;Jpoaoqf{;;=X|-}U(LdTnzp^=f zz-6JyPxs5RsR2i8CMa{acyXW!KDsy}JEmAo#B%wIc)Nq?xSL@$++ZXr-i1sgNwv80 z=p_u?Uo1h!4V;XO!Cf-lwA9|Oa$)kAw|W|$Auz$`j9Pk+%A#8 z%CL!?)Pe_kE9lWwe$Nx~!FK($JU&&?f zVU(C>9OLksK6^KrF#=eAcxwBV8GP?_*3Hmr3b4{Ucd}<)(Yx&Ox?06t3Vnq;DJ7}E z1Rl2y;A2Jh$_?48PpsQ;VO9jJ=M=Rd1RAOf=mA5Qu%RjUA}>VR$om(HgV7*D`<->o zZy1Q2Wxr_3)u79Nk2F+m`vW>6k$TVjUx*GQk}Q>a>NeymXGU!H7K* zMph*#MDT`X7Ak9Hofl4WA+V#;S%6l6UX9$D?ck2#efNhr!4&xHoXGuarJUr*4G-2Y z*XiRg`1F&)CL`e_#RR8w?hLM?vPdgBbt-RtK1Y%g27u*`sv7(^-azIA*og6;O*!c8 z8#&-*KYH_v>5fe13nnT2kTZYkBxgXM9O=HAyWomq@r^cT__Fy%Y*_1z-VxYSIEE7t zl33Rn#Z761Ei7cjH%Wn0D1Q%#O4N^c#{k1NU-*%!KGY9PNHmc{+mG5a$UWfoDYIv%0mr>Mdk$&1 z*CxasH;r!%}y>jgeXZL*5gq1O8syFjNlIZ^MA?>Omf^B;+XGgBZ zs8hxt=J-G%c5AM!S;!m>aj#>l*T%9Wy+lQic6?@-QfVh~-F`BPdSz&;x0U1^NHL3N zb8Y=u8$j2D-mey2bEvG9^^WY_&d(30+e`6;f)ntW>5Uzjl1@|ZFvX-(^ixj6+um+N zGY`~u4D!O!`KUxpper!I4t{p1eKGS^u6-m-gfGVSdt`pU;O0Nv5OY!70Z15T-Ja*z zTj)KLjD&eG&T`LA8pE|L9{y(A%>WM#&oOr-fC>f^I@t6f*U3P?M>d>4dCe7*hhV6O zHIN$k#U8`$vffcAWrT@fyB5d@T#d{KQQK0reZhyoiiwf6Xi??w7;PD3_l>f_~q2|$Tl7BPpG`=cx* zVR;`D9wu=g?RZD9Dt5^R>@jI(rw{TYK2mLfmfKMtHYk+AFd;Y?Pl_s0cSH5|((Kkw z-sYGtM9jQ+2x$X{#EW+~e;rh&+vf*NgcPhlfMT8fp*(wOTmRC_4kX6OR4ypU2UYUF??8q~zB(850kk5o#&-NdF{teo)$GyHDOT)SW!G)~k!WdH zDezgKSaT0_o&n;__qXmDa$4Y=Bu{z6gpPrT==EnvjS^CP&4%YB*q@o)|K;!l$zz8j z>RR@5BK4(%5)yH}6 zOk|s<2TNp{;jr$1Npg?8#xiUL+K{9wBYF)31IxfQU!Ptjaf$=C$o*HpX#NTi(Sg^)r)jQkv1KEnhYN@|XB9G-dYFhC&tAs!EE(*~* zy$I_ntl<+O!)O4a(fB#7l$Z*&*Mev$0xw#X0gChKQA&oVVIInINqtTPw9?Al87}xe z#hW;}AJ4lC^=oeyf`5H#V7>(a$jDds_P0S$B$KcwJSM9W)7&_4+C|vFJ72{^E5T5&Rvt^h;Rl zyDcWv&JVAL)b!94)Zhk*aqhy78x365@n=BMhca^ zg;J4}%3j$ri-dWS)vl{g{1=B^m85lL!#nR8Aqe%zWR9}*FKuXxrrNo0D#|>5NZcN zE1mEdq9+8UcP1FGl=W&@*69S8{np)m@0D!KdSZqOnp`vG080i2O2WHyoqBiMuy0{q z{wDzX_t7AV{>ZiJW_?c9%SnGdfE5isWOe+FtzFy` zzi#+BX?{zpspbCz_?SyHB44fDntmMY)JejC7Pi8R6ia{ai0<9HH;DJm>8U%^^CPEV zzc&m#p@QUcoJA&9u&|sf{6`0p=0Y$T_^S5`&Io?;=iQh7VFh=(L)(~JH)}R!dvw*g z;$Tsj^8G3a8x!E;jbg}``7tQl_hgnFU2q}EfO@{p?l0~c#zNxGDbB_MHBU1@Pcu{W z;sSj4BKeZr#MR;(&3oIH8-^L=&)h8Xe3q<9Dzyi3A5J~;b1H~&GBG+S2RXW{tG4PU ze?;&=7p(773N}rYuu8&yXsUTuskQP&2zT|aHo*(~)YgY2VlM<9ZU)MCt@Oh#y|D&Q zxRmx+uLvT9lW-l(p>6Yx_*R7PdRD$4nTUIf=R8*&@99R&;Rxj<*`DfLZ`s*t=~3YZ zQsmBA7^MQZn!4$)JGJ3D-xaPnMo?tE_U^#cF?>YoPWw`xV zUXBCj?BaIw*`O2jZLMfs7@1SYHWEu0Nz2az{p55!JG^d~B=;7X*l}VCdA?6{4kGnx z`Ae2YE`pfcYNJyBF35IcyC688Z4(UsS^DvOwnk1C1=)#P<25C5u{uv10$iYI$3$aV zsmk-O00C@t1IooB*(`}!v#hD9y}WUs$JrzM_A(#pGpUg0QrVF&_vhwD9PHzRBYhpN zQ=8aktNmGQ{%5WTr1`k_vb^L)XttRJpR^UYvJ&U0qSeLL=;`LVbuK_9z9g_k;g1zm z-9>aEm09qn!GI2?v!-W(3gVTT#&tzJW1sASHwT*G7|@7B5ysgIE_8LL)_6e#ub}oo z^deOYDp-9n?w>7D`&cJA`}FN>yI`>1itV*UcaneF(fPEjQVY?A*<-gy8T&&vZH(So zh_4v-a$Lu})tuII;J#kMNeixRztv)wX#~78 zFC4~H|)&mGm zxI|mV1^yx*Uc{M`UaB)<5DhUjcX2*a(mqYBtGpz1mGBL<^=wbO&6d%iE1Zuc=-Np; z-N$Q8-v7#29MN>-0NBgM)dLeSzziSZ0!ltxj$I{|iR4Iju>$5T?cnE>?5n0DtQO70 z)c>-zXk&;YJb{#g>7O@LO*fa57RH9du2h%)bmpg#?{6$v3uMRvaBL$6QKQ#9NyL@o+{(sz%pN(Y^gQf3Cx6A zC2#{bBSJB*Eisb`LT=#O0CAW{6nQrUj}@%cqvz$6gC;UB^5C}Ib-FI<)wzKhKvAFv$!6@tPY;&UiHmE z3^`O{hVyh;?k%2_cE@4n2e21(l(4j?3lQg46ko}LxXijz2)j->g#>`6!lC{~U-|gx zppq7;HVVf zLg)Vd9Zx69a-J|&%zugA%IEfS2k^2xBv2jLI^#JyM`pX9;XHu zOz=VO7|R*?pG?)19#=6Y$=;5iNO5ixZU`&Y0s?cSpeJIZy8p9AqM1x0^tdnQj>^YS zj-JPY-#gIlP4Nlia)nUr*hyX60GrjE?3;Ru5fXTgh-(3%U@x}q{$gyv9&P|h3o*P0 z=n(TXaEdK(CU%)m7MHh7iJSH`rp~DRp^ns z+f(8{@3c(-LX)=LUvvxvsR8{s2orN7`D5VZmXUf*f7Wn=VkOB|u8)t83Wa@Cuf)&b zxBh6OL#RmpJDzzU?x`I+jzLz$HN8X8$nQxWVz_TdQnO#Px{_BkASg6Xe)kU~`fK&CrodT+hA+2@41@~76f*@=AxnLNa_Lg-ZZ}|55R*j) zrL$H!fvu44e5bVQ-PeGqeV71cap=5R(X>cG!#kOo<9rLiVXF zwL4M?^a$5&20pZKF4D(&jS9yV2zM#0-^QW%?$HVUku(2WIrq9c?%cPv!zlp@K_>b7 zXm3Qy32$+y=c~eArl|ua5`1Pm3}t@&h!Q%IpOdh$qy@jXIhls{_P!GPDT4KCHG4NMD-IvdGM8_6si$!tf=bq1K2*1q5? z7G-W*o)P;4Q^LpRb{|KDf=2y*h>k4mt@I$5tl1?Y5S&vDV(zRIwNdiVfe2fA3ZG|t z>r!axRLeEG^)6=OfpS#?=Zwmy*k9Y|8!P`Y;E|Dpiue#z^zv-;ZX!-C_VsYOab)@7 zKdgkC0bEPT<@^ay3bmAwqAcMutc#V-VM{u~t47Q{``R=EJ(d<5fgE9g@|v{kX=s$tBJ&#Vm=E5w&#e1WDuy-n^OG4b<|zC5%W;@r zc(P=_e25}OiUOK00HAsW*i?RLE?+~H*ni8D&?)hv;JbnZ_Qd78f8d?edglid@Wjh?9Z|#Gu0U<*#xKg0wRl`U9hks*zSw~|4)Rhu)Q1hXv8NE3^HH1D^i@ZUu=q+- zHnUU66Fa^hj|g}C?@XmX4op+4f~p96hkp1X3IyzxOq+33P2JMWZAQcl5>HmG0MFwS zNMx*^KX0xG(lmA9)o)Ip(0SX02+P*c(=u7*rhW4~EDLJihFcRhU8ig`U(qJikSKXy zNfJ}$IhA}eS<9dIhUU;kwT1%w!u-vOSfqVh~rv)eI-z>?Q8t{*+Zvr zGMlWo)6LL!b~-&g(gq?7ixXh)O?ScRn~4xJ!XJdlf?9lE9IDZDXpiq0eSg+Z@rGI8 zf*LVdcc<*0V0!|7N4<{wtUqe$ID2{s)sFZp--FmPyUea zpx#vrD1|PWzZyl@MD|6F&Zx^otOE`+tcjUobjBy5C|#-1aWzwH8G~Ol_oK? z^+0i?vx}mD#i^h$?q6Qn7tMa-RiDzsM^QOqw30b(L))$?cz zSJ!eW;2GR&q?upA`_k@*5kadVrswh~#a;eBczq|r*_=zRRtb7$+B7g3F`{Af@dq#U z7iuI}JbCS4W3Q*&O729!$dMxl6^)Hfb}@K1bHFC8o5AyRu8v)Yf4WbqS8}NZe>>yP z0n+wIIs<^HWdb*Bx7T_sI9brEYu!!$Q4H70#qE3;p%gI-f zwZq+@%y;Syo}G!)w6x$jS6h46=>zY_4;!z6X425q%1W=d+e?{MYJcd*92#CBdxWJ7 zGk&LpC;T6mRabJp@O7T8e&)@dk&vIwl`SSI@rSsg3J+oj1L^6m364rsZ`h3slnUnZQU2bBXm=~Tl{EB&fmtXJ8{{dvso*6n?MJa(ZNPa zL5Aw5wV9D%e){q`MJkJ{B~?T)2yR+EEN%>tk85{t-QNm{#vfzssu}iYFV=sYwzbro zbr%*0{@HxyWCf2d7O_r75z1D!xLvmKH4r{=>4AqD)#x_m$*u)~yFMMzmj2B1cFRT+ z<^R-;^ikmx`ZpCRDMk(4djD=1dFU>M(0Qt@UU4te{tF-o#`wMFZ>q;|T|{#{AL$Yr zYwq2aVJ-^Cl51Z?Tum#4f{Hc?!}Xq(crQ^)6qkXx3NZYuUju$98mdaZA=%4??kumW?ILS>4>y zC|xzG93A>>#-g5fVY@M@Ea?a-BdXC89M`52vQGu6Vb;k*p}(grIT0hpEIU2q2-_Y` z9D<%oI^OHeQ_%sQ!@A_9_w2l{C=@nQugJezpcFSA4SKv2s%Rc>F7)Z=fSmbyP*e_f zv86qZNPGHpuo04b6x7gz4C`Fy_8IRbup1R7xtod^E|^Uyo`G z8`Sj-tl{|9wNAjx8OR@M>lMz9Z&kRrQ+L-1K%*X`@0>y1K{1D!+o++w-?#5}J;b~0 zxKk4+IVEgoQf-z@Jxr zd*i_usQb0K3-=nLqtZEOFxuELr(0O9k13ll^xC!qvYeQ(@DoOD!rU2>#?94W8&wdd_))1WZ8X4ad6!clHT(KHzTxf0){Xfx;>=ZLz2x!8Dy z5RS)6X=PWn&|{@1!D*WY6~B*ATVPFdfWz`d+ei3ohtt$wfL3&N7r70W-@2UP%<=y0 zNAHXnyQghGwr;5)7teR9ef?Qj?|Z_#wD8l=G_(G$517g!+W3u;zZij4#2ELgA^1vi zRW;tCW1x&QZWFYP0vY_R#le`9$t~Kn1vx_d-njA9{3O@Yh49bGQpu7?b!a3>E}ZQS z8cRIlFl=1GQFS&&xXxG2%+iP|AdCU|pF-02+h_qO^H-*za2Pd+MosNsj1Zk%p z@u|)nJ+S;;F?Uzc>DHvU*;mf(z2EclwF}qodJOAV0{!?v)re4IW2a!3Vob>k=x7`t zc)m&9h6RmGWtUdM0MLl@{TFP)7j{NDe^PlIJ{*1}GRc{8qu3`y;3Hv?n5Zd%@X+~V zn4U%2UmSE;14FGoj6cc{mR7y}huORV)WpAj1L{@0=Wi`43rJ>Zo?`I|9ZEs#TPpFs zJ0tf)fc=g=5#aVl4Hy#|9Xft-R*URZ=M!P*<++*Rmx$fg_x#Vx>`yPADR745k#}|F zQ|WKx+YRidHaMU=hga!DCtmQ-NR?CXPM(%?CIM z@DY9jq7}C1`xGOe*v{Z*=wXE^q!`*BK{^gLRjJ4j(vWN1CJ`UUE#D?pm0u&0FhTc2=BV*j1J0H9Vaa+9KxBbm+w20HBtW=|1 z%9`FnF!J-GJrX-o=AJC+;ZAT7&seN@z*yS?QkzNp4nae#PbL}U&mT>sPrlr7fi8Zq zwKebh7?f)Rbo;-x3Uz4cyi{ce8+LM&4Kw8gJ7IA3*UN`C z|E*b;`B7<0JqbaxXC9Z20Odi9Lgz^OdQ0>WUE7h-J*gWcD8fFJb@&}>$AYOGyiDuU zogJDQ*`1#n6oQXXHUD2C4S+sVpI`84>jK|6bk7M6E8x7orG9XmMkELB(bir5O@Cp_ z(z7d0>DrB!CRXABwpV-r2wBZjsBNwY;4oB^bO#3l$rMom0oWTjzJxt!aZ)69V;P}c zo>1KqJIsgd6Dy+?Bn}gv&N|C)|0eLbS_@${ zMfSx;GpGfu@Jo0 zlVY(#J8R+jbcVK*T7t`4?*!8_@`8sIjm*h9>8BPBUj^;>H)m$5<7NUNU0~v@0{G>0 zDgDDJlrq@M^+VH2ZH)W!2oUt0YJO**@&C=MT{ z+HnM+BxCF743pUFxjT6_Kupxs2C;)=pdprv5IRYQnX_ukYn0NeIRnkz9^_;dY*%&J zcpH9uQYtz*C2Os0DXmEfQph`;?v>iSq65#3@ppK9aq(6>I{I=*lV3d6JlD_w%m{=_@(gNv*s2A6) zvGN2HebFtr#FNEh>v>ZZn9BDD)!Vyyp+c4>b|v|JHHb2)HuuP5F-r_uFirjicQqjpb>Cl6~*;-~0tnggV3Tfc!0p zc$-D+lTl+I2EoaV09HRv?tsQ|KF|JF@a2#sr_M<+tbRpi9VKZo3+W2tZoaR_|G#6s z^}bM{3J+)KuZ|h|zY*W_v{$k-`_o~7hnSeo1FE@LQVF0`xT0yoIHj&NFqL8DGn=;K9-2>UMb4+8pA_n5ZM^vF?Gh?>}@g%~KAL{tr6p;*zI!Q0yJ6|^@ z(aNai?JF!&A5@E%Mb*> za*Nj{q+rAZ88sXobb(Gn7w8MCaRGg4$#V@3o5-#Rw!qrK&YQ%)rHZ`nM%5@zB8>(% zX&MXJBE`}xvAy9ocGeZV&>~&iIGK~cY5hXLpA@R(Iw3bPLUVsE(n3p}JAnLC!8+TM zxy{op@~&S_-gtZbZ`d^%g3P)!N7}vTFL2vrd6Ra#3S>mF3JVKBM)mBg#-?HSx`^AZ ztty12-liHjXx^Yo!@y^+iRTgB+Z_TTGn^-YLptQ<_1>ocDopeF zj=JUQi!}<^P`J9KLrsZD;r#j)xJnzjcst&b~i-#HW#(8a{3M9RA}IG4u;U z=w>M*?2jfGHuAxN%RF2S2*BV=*;Y|e(L+BKJ_D%mwjSTcBxr;JG+Pv)ssx4w!;GID z5&dli*lo`#AqXF33-Z4M=+|m#t|1p)Tfw5>=~Xy{L|>zAoSqhoDe_Fp@`OBk;^4%P zf^RzL4x$$HsJ^jnQ*rhOAHaD=^ZJ;`6M=(-9=dan0tR1pK!rgvSmnZTi_H`m791!j zUGVCir;QtD?q(bXz-4 ze?F;#O>F)o+}P%()Z68)dL;Nbq~oAYz4E3BB*1?hnq2tq0LYAv&1!{R#*-%sbWW*v z&SBAKH(kp0@`ELhTT(;j4~Dw?MO)b6(%$dva16-FDw`m|Z=`aKKoI%piCG9ALOX0L zS%z^0*F#70QLi%QICR?9&K;qI#6Vqlv832p;FD^wB}1aS%N9%uB>>@CV?G$J^=z@t zsuUDi79RtXY_}xOGxvBcl>54JHFkpDS)aF#5r^3E^NJ7l(~96?oK9*ET>}_8ozNih zv=-nPt5vauQ`t0a1*4uaeXv2sxDgPus0J|$7Y*lNsk&V+K1nL`wV&%>8gichJ9n;N zrZm76bXI_ikh5`}K-vp51k@)ea)@Nxy`<2FQu{gWigwzJfQ~y??S@f=b+6F#oOC}2 zXHWa#cOVTjmvevZ+mgdfaunUDw=bG=ZQ$e?If{Nu7AkbAZ3F9+AMlxF589!7FXOq; zRTn1Fwd)SvC5=jz0F?sIK>H&azzrS2OC+aIdC5<%MQNAURE>jk8_TJKmguzNDYcA# zJ~>HWZ*=;PW3WYCrMS_k*$vW9Tqq(u4LV3yUo)g^cKO*T^5G9KBo>Unkys2rONj3* zzSAxSnpPtGpTDs*Z|*{PPq)rEuVfhJsI@NVHY+`-v73Yet?SK;reGJa6t_Nn?$g~1 z4a#Tqt024vfq;p_Ip|YNnQ+2L0LC{X%j~@@G$p}hX_w{+0ihp?9pq0|-7JcgDJjME zx1$O?`In3R&@cGwSR0;RM;*(ctAk1r5MIpw*ZQn)TeEoVu}omj2n2juyig zlCTT=kqPB~Y1o6u;5xpW=di+Uz27so3KI${L7{z1wW=rp#ff^wt@_f76?c{D3JLAtyKIll45e)0wAu^Gvr5@ylNINVAPdLD@hjbE$M9iesu13%U( zeNcU3v1bden-$tXt#iNxPqO)cZ`lA+w4fdoS|d| z`_T?|d+?mmDc7~9v3As?5BrjiQex0I(GC!VNaA#iga1&sYnQCc$T&xy^gLv`2e#pS zB&idm^MtIg=cnG?25LMj8?io&bN&?3Z)JjbE}B_#?zLm$4?FB|)&kecv)H z(V)5SOsznC>o7LRd{7s;m%oba*K@1DY7I_!rv81nq?xGPc>>vr;Uu-NE~I7qD6Aw$ ztR=5leMopNGhba>YXMo{zMd`luv{IQWBPqu+fm>7zbgpniMe(9O1xCbvA2Dk*fk^C zT`&g7V9oAUht~vqu0RUPDF>2;jWt`dhy)wNYNR8?hkGS zge;m-#QEq{5>T`{^o?IqLb$Qyrh&9uL3kty^z{Cmw$y9KB466=CLxZ%Ud%}$Oitb_ zop~Xav2VY)2C`J(LQOy0UPYs>a*_!5@z9%%*Ephk%rYsX|Iw?q{o+RR%Ke|JKxfYU z4x~yMXWh8saGhzl`849hQ{)v@MYpEsm4aaJ^ALw237h&`FMIh4GcbJ0<% z^(MOWy7f_$BXEIWD!t+h~%M28- z&i_zYZNtM&~o1ozH#_^wn1Yj0O*L46N4|1fLio1ArA56D=op^_kAB z_nEc=3`N8K0?A#k`OJNkzfN4>cdCm?`;*L&Pz};$)bv)s&0KT(&lzNat9GR27%P8L zd7`FsSbLf`%sDA?j2A_>+XR`;&M4~ww%bIA7I+yzz3?ip-rE+le?Q0Sa+4^9sb$Y^ zS%+$~rPA?Bk9JJDBx z`LB-LYvcd==k9-9{y$q}DXfZV1x?~v(ixMgzd=sy$4pZNB2#cxj@$wl^lI-iJz>ob%n*NLXQoLbNcUBt@ zZ_U$Rdk;$+J${JcyldwVwDi^lYDOf8I-DV9hdKNWmZ@Z>0Dim6q$c>xr#Rjh&hG-dv|-8Ln{RJq0mE+)`x1y5bERMA5}R zQUjEM)Mkt2sr{Gf<&R+R%8MR+s;(_6ZBkLKYpk&N`6&mlP9%bwrJ$6Z0sPK}GStK> z>?I>0^1Vzpb$gqi+L5WY71ZFGA6Y{lQC{$UWMenp)5C7uu#~mHe)OJpZq6#EMZ8D- zTv@)TnrO(&N7@Hk*ERxK1JkWruII6hxxefD4ZU^xPhgztw#&)qNR^S6k=8)Go;Pg9 zbn;Avae7iJ0yeUx#U%w*+XOFfKR2N4uZZ6JDwU!2SlC!%YyBz43j^jX;Lp6t5z9D? z22<{s4g&jiR3A=O-dPiIWB|S>Jpbhp0*zEDVQ!Z*Vz|_@dugGtRfpkva4#;t-h_q$ z@CM0bLq^ITbOoSqs7KB^@pZ8#{cmW-2#(#8Xm>heqjv$st6`XCMlgRnr14NosP6vj zx{t3BH13F!`P^qc@o>XiAFaIdP0#K|DtRrZqCyxT0jw20Z>EL0tLG01m(7ffzdf(r zp$FfZanQcPTL$%p9ifxv)LWT&sFeAc3CnJdf@F!yxj=0bZI*24(ETGucdg}Q=Ar&# z%r+mx=Z&v*iT!!#K(=w!LFEQ~dTm4ezo0(=Dg=cbO5ZIY;Q~?8_w4rZ zueEo^Ue!v5{MmJI6Mxp{DFj+piC3G5JvG8)U?vqkAHtaEHR^G>VW7=_uDmWe5+nwW zNm`$Nq0~hH+rFZr5|a)DCT4Q7X19P9(&|E@4a#1_dS!gK)x*m3Or7A-2;?9g_(+7z z8qOI%`QMYSJa)E{Ne1_KPzS9V<-Vi5{&_1p#r*5xMeCnGpowXF!p!Jm&p+a$uVgH) zr|)N`9?i|m`VdV-{4qyBNI-`Q_~aPeOqd|)s-r)RiWQFq+57>MYg24kA} zoOu0uV|za*i9Htb&P^VAaCoS3noi+^_S#V=E~m2V=zz+#?BmB9Sb!dqMbe4n@Wc$_ zoI(GX>~La1iJIV_VoL_4rBZbh;p*v)x)EFyc9QI|%;0gG<&n5B21yPvGokb7Ch|hk z_Uw}Ko>Ua;t)|npO;;R;NE%c>7*Z-+&%I`|QRjpc7{q<X=UbsteC@mV z{7e$b%W!2+%v`hW{&KOGLtEwKNSt(qlxD8$Wr108Kv1GH$~ffGfJ>%-BbSf6I`hx` zMmUFpS}^(aN%Fg}&sd?c2T8G&$SPVWIkNr20dzr+$!%^o}R$rKpLP$dXyMsS( z>?TJ+dlH}pHqSIPQYyfvEa;XdCF(lI;h!^DSQ@Q%=Ap6Fre~q3fdr8d#7<^Q-5Uf@ zVW#4)xFag%(^6(eV)a2#k0kVxxT~5x8ToGPo0ED>b3etOU({!2k(gTUYuP}p!t^{S znyN@iZ`kYq0YEQ96K{ipdjoYr4P)DP`Cr}o|D&|-Ly#j|DJ{8hYjGQgy@LWmG;hs@7IKwN=ZRI!9Jm<9}9h&1UuAfd@Ww7ML?#NpTsJ?Z}^8lk#na|#_ zKXBxe|v1E!{1+J(Q?#jqSQ=>zpd!a%$@T9XN-mGG<2UeaxW zjJiTk^1mFHhhw;pguCA5ZqBDRd=Eus0j1@7W&Oy@*GDQ_ozaV5I1%y#H z9i?Gy;Az!1d{=CNu(|x`@B(&ch<|u!^}9&&4=!XLq==38bz%wLL%$6vubCRaYLFEF zA_55Pd>f8VfAoj?M(JNGH@}=LyEny%5d@Cl`mo6L?T5!cDm)5y0(!LcVN?%zN!eX= zQlO&8IIAX#@u+P1Yw3oR#0!|jJAiYq+3cPyIKwjyCFgQ-`boTZ$V08SuN)cAEhe(~ zQhl=+`gYbub$C-PkzDT#n5{4-b`_%8I!!o|vG{a&ibK@Hk4?vdVr}`@s+s6q=Y9k& zd0G1Yo!(WOpL#mC_}#(Ze=N5m?;Al>_mTTu4&c+Mq)~g$cyIud+bx9$6AS}2*gNrK zMCdpJ=O`uI+ez7%G60h%_{=m;wX$3`>!F$Nyah65Yh=4QCfs!pZTWoM!bc| zxx7u}Z-O$(5y7(D#TGJc2U~;u3_t~5P?wNLt&lwrLSi=Wc zITno77i6qH@<0wzc8a1s$JXn7Kn8GiCfFS@CB(Bx5vuv6#dT>jBf3YAFMth}A!)az zu9jr-v_a|v&zaa^ZPVl8_2SO8D`L<9^+)Woxr*_F ze>3|e+7#RIpp(f_T6JzeKTiQcU9;}-C0O4v0Csn#Nl;tMwM0iw4Ovo*GFzU&<}C-P z_4m9jXzF${@|<&o<+(yZ_s)POP)iU@6&OzckoMJP@!aVkKT|LjTyE;e>)=zlHWV?<=q1n3DnK(@n#Zel>hxSh8hrZ5~~MxyJ2%mVb~E z-1_rnAk|cxPeDS&DE+#zLnK)OvyAbLE3lb^N>Eai2ELR-nnb2kuBvRK62?)X8E( zx+Gshc3*MccwuZq_@q84iw4&JYwN%^6pbZDiOkFPdB#%lCHFoGY0USV=H;6?rlq6YZJxiaM^g}+><8>nVPr`PslA+kI z0=52M9`=I>OK4_Y_)O#=PGUw|>BG~DBg`g-;p~TZ-*w_9t*L%Zcg(PrD|sYZa+E<> zS-pZdO@?^la-tB)^5~5P%;`eYL19V_e=@Q$A zrgx>A5B6@2+;>zKY=gy4;m^Nif;HjS%5aJ5#09OV(_wiH#YS)Oz7X+>a##O(cmosX z^7%=|Cw#NEoDx`w^O3J|xr96Zp8Sjq>2rUX*#a-O>vm5KPS_f!c&zLNUCmFpBXEdt z_sL6F%nEKAJNY?PEM3bwTNimesP={s$!j_&+pUK@n4ck3KrDT*5D8$w4H=-Dn{I1% zu$c^8m~=Tx{}KA{F>|u!kKkXpD)c+_`7B-ce$-v&V)EU;?ukm(PKvlHrJJSiYAs+z z1XvNZ)PBWgT?id4SHM;?zN@YQrT&v4*uZbl4uoyG{Yg(B1}-q)Nu+{Er9`H^)oXs# zADA&qOC3|i$&B;s$!J6bs8r}Ev=?|e1%X}X4*Dv_<$SvSJmCuZnBa31xl&-Xt~*mT zZt!(|?oCEN=^}0d=piqSENeEM5|5W&>S;=(J;Cnkfpwj1?9$`|nTF}EsrM_)#V)J3 zvwjWGj66lllHKS494`?haY(o0KJ7GQ45Q_X)tyQX33!zlJ&-T9=(J*eNF)~f7n`5)LQP$;I;W*%uoZ5C-Tv4u*4+4BA_WSTRNQk z57Z*+!l*iA`_;9hqO(d8o(bxQ^3>)HjD0?4v?-YGM-hbWcA^1%&plZ?t5!Ys3PSco zTIMr)E*=h>TDB2M$*SR1uavzitCTB`hU1l*@4*6*^rEejjKi2Qqd*CSseEY4V_4&C zH=Mps#_##U^+crii!Q`jB`v%8(~*k96{O-2@r01bUpQ#D2*k>FDI)WqMtte;tlSv# zF=x`>P|~1i7YC-UVA@So7zX_;pCZ!{&m+94(c!iGp(O~c*hp@Lv5jzm4)hzpp8b0a zt1l8%Nh(|?5_at9(-!oe@U;-NIq~8j$+|e>f6XH4U&bFr9?&Bp#l4G7IymB<{sn_? zPa>BLvsO)0V8566z|&@T3tZs>>pc+HMic7Zxy}U`FzX?mt~yREj4e`zw!754$;+fP zO=VZr8RF_-yaUYge{dA!R=b4zzL>nsda{RJD9$+MBrg31aU=sPiFcVPhn>AHG+`QZ0X-=ExzTbZUh3WYWIp$0DISZEnfwV)>Yrm@*2?C{SLgk zsbvA@4V=D%m{tzaRCGvwuy7qLUzprwEWoixMEdA|G;G^R4e-FsmK|=L{x;kY)^y2V zdDqUV&go(rSdA&#p)1cA3Kq0|2;3#xUbcXaO%2BKw-E`xoGjDh?zP z`Tgk5K!ea^w0*QXQQ(U(LvqS*JOcyX5$1n`NvtLqkgiLbH6&8S!MLVBBW zz>W|V(7LftKij_ohpnKeln@w{HsN}?2w2VZrRdcQ2BB=K5)iTX{;fF*d9i_PhV6ZNpg-lwv3qz zS3XEWmOs~?6OB>#Ne+!hEm`YXg&fHvmUeR+{g@LHyo#t_#8vURT>CdPfe4uA5Y<5n zIf;iQafh%jf(L=X3&a59{GP`|$JotiH8vhnxGP4NJL!FWP`Hke z{puki-wPCm>|V!&MQue2L%muD%)~&50Vxc{_}J*prbct2l zPF3b2SuGxl=q_26aatS*fB5B1EtlhFRrLY#7L(FLU5}5X+zx*E*23|=>}?Y6eaSL> zDCWHhxI#LeR4ua!9I=X64gI=v$Gv)?F!hQ@1F5CYNr=&-cO|{&m_DEcXnaM+K&%x5gG$o3f3 zOyDK;;LOR6*9Ui=*O}pQzd@M8H@4l z=~3>=l5IRlz(D=}a-Y$_y?}U4RZ;?ZlAlKUpbwg18 zpDpYZS`xD#W1Cgd5&*ckU=Yk1vXyIZ>RD@SR}deW|J1{MpnN($(0tsWM~K^6vgMRv zWC#buKId84u*NL%Ilcb5`JKG!H^wtcq$G_M0awyP`V>CeWCr+!!I-zh+U|RQJHnp7 zP0MUT=z^&}&ZN}k!ZyE&w3YG_w^T%f%d+rSxh%bVE~iw#{^)Te5;{tENoYg6(3Av< z_Q(YiwQ$LC-rmdiq-ZrHU6y|&9*U$D@1Swgz!Z4b?vL~CM&oxGWl!`a^CwEK^VNs? zKwtQnsQ1Fz_0bD-ak($x?s)H5mUk+#D&eu-4#oJDE6*+9dI6jYQA<48@7zm(8asrb z8yQP3?qVG7^0*~Xx-{TP9Vg_M_t}ThZ*Ea8E%k(mx_$u7r{3=tqWtD*u|qjWNs{OQ z@XV@F2}=yrYo371DJiqjo2wR~eZ;>Q{#r#5KSMI+#B0 z)&P;~h_laA|KLj{nA?WFCMx)ykA%ZQkRvsA8@{{aQMcym-|fN-H33&OMWCc9K{^vA zp`fk#_{3!=+uS|S_4fZlsW0?@eJeM`W_Ro@UK4t&YR_5w8~vBx5+`#`Hhh1|P2hUa z4p;xF6Il5+mYW*kAATk3;552%tIIPtiXCUmZ_j;I@};F!)(bBo+2TS9X<52M zh$sgT zpZkhu>p{$AJ;r!#IDpQ6v3_w{+xTDhZzeFTv<)4oZ@v`qL>38+y~*=e18LU;({;J0 zl1|SqA44`pi-fQj>3`$ncHP04DAnv+L(ICsG?$5t=-`SkIA)Fe-D=}FMkUT(TmU@Ad zccvuHJAbjB=;BHqje+Po@%Wvdh){&a{y1QtpJb#OJ)zDI@|9-)2!IAu*lw#LSMAp< z;FsN+pIf|F1buH)G2CjWgEEwlp5s@3*Pe^_R6yLe_rk!ImJrsb6utbxTQqKS0qYRL zIzAq_N@N!#lXN=jjk#qwE4NqTh3RV&;NE&ZsNXbGfoAR=X#ej7iFoYnR>*qSNzBBgWTvq;;GOv`0RYMv3$?WKsY65L{8SY*o%K0DIjobA54_@ zx)Sie@*)Qyw5O=GMT?MJPpt<}!2FVNX6MZ|XW2yYwrDZe&C(S?%dWMb0NV z{u}z30bBdSHF(|J6kq+E`}zRA0QL(BxYT%T43TLeVH{VZlgiYiKl_uD7meL1vvtLz zEM5ALeL|XwYTF}UCprr^XDQ;2vXZyFHVTX3W^Rq73SqbKG{bM#{fe4iU>Z8v%JMY( zl>Aw)?aIMy-qyv+P>n((Spms%jwyvT!I0Bf$!E462+~@+0nif<8n_g}wb+{U3`~F2 z8@Ubjgrvz;;=@>vY*K+?((AWUDTzMT_k!<}(&He@Da{>*f{EyCyhn`4PsQp_LC|Z@ zmmcq=bAS}`I>90HiF!Z!PMB}2oqD5y2&#$+ zQh0Jc!1Q?~aBcdB zC&c&TQ8)ZlNPp3O0p?f8zGp{Kf^`D{lSa`z=cvBuyF}l_0&!PmnXYrHR4G;;zP0c` zxrg}-_VHY_u5*(?OCR>hX;*ay;!oWwmiKjrmRBINc0N?fH@)pV8BF+Hvbm$z1~FL- z{v_=JArNiC&E;FC5PQ|E@mFwS2M+W`h=cgmvsasH;dIEaB4v6XK40B?& zsRRAs!i{!)Jyy3s;tYoj?j}QmB7o@A+m-yWf2+3Vm|h3p5H-NKxc$wXFnlSE9U*|A$rmzxfNOA5Dw9)Be z$Eb}8!Idy6<$Nq7gkeBl zyvOLgM_ks2%~n~aKaOl?^wppT?}es?A27VDeNc5D^pxR^Dyu^XNxJ2D51vG4=Pxh4 zUIEJ}pz6(zCyJq?d=gA@){Kt8*q9zMPa3DvIx_vS7aCM`;kbiZPfON%m3v1yfB&-)MaA<#I+Q3lWG0+|s%R6FfOZ z<|j8^-OzjdMOgIV>qPGWjAIBXV;SQ%M4)q$;5cO-*To}x8O>xCq+>4Qzi8$cwgJ#h z|J{21so@=a~cCehjPYy5Z*M{C_lYl8+MmGG+6AcpAu zg4o^!VBis-gnrnGOCQ|%;*cMqvESX;E1FVvU0o7d=WURw{7%P&cT_WWYX>$V6oWig zeJ#G*+N@wQj`Q>`Cw5gAi zkyB5H9aO%MVMN5W^_tqQhiKN9pfJj72sPqvy2M*x^yA?|v#a_(+i}n|k&p!$b+N_I zTpr&TC+Zs^SkCf11Z}L7aqb>-;9{u0GzF(BQY>@sa`=82!p3myk_ANH)spcjSpXV$ zq5t{8@QJt!Dh;u_1^RfwXlG0M*p?jxH({jvgbU1BZ;=48HI?{w30lZmv=;GTdiOHi zIH>UtJ}%*F9f5uoW|B=LfG@_T?bYXxx8Kq~p40Jo%x*gxZQ~Ey;CZh$u};wRDIsfg zpE{Hu7Go1&X)@3V>s}j`kd`WE1gMC_*<#?9e$jqj`a%=1wzQe>6W`3WZG(+?f1nbb zNTSSY|Gg#abVRyyeCFY-ZbkZc&ldw7;YTkeN3$+I<2s%SqlcrnZ(?cvV28lU zvs)iYyvo41D(KT2R4V}z-H&_vQ;AN;zgzoQZ$3vpgnGJ17rH?s+EGEIuXNv2`damlh9Ke zIXurjM_(bpuNqqe5>xdG7mlEH_O}sO=BHmbr!60c4nB#vhC+TaPxk&-gtpuhSAP{H z)q4XaLO}J=-#LTm&HeTI2xDlg)<9D~eSA)>l|GKAhXq9L<1;ZV`4U%~hoZKB{olQh zfdkYRAhy$&D&sg8WT zcfv^=m#H~Uovx#Pl$%X(NTJy?1|7jmJs7J2;B>R`jGBAAH*8)ILBe66>C_Z zt*~yD++Dwq5=Vs&Te53C0->;rkJ}Um5<%tcnE>=vvn0Ry|1Izc=UKwpHpK&&f06Iy zK#OR7DGa;6IA<6$3mI$oz_2(zD4#O?48Y3l1BhEYel11Wa*Nn@X8@o){$L}TO+~;x z2-&?C{bJ7pk3f>Z0`Q-$QX3Z_jNy zQ!@S4D1R#;OAU@X4~?RTW;2N>Ro*;#e!OI#n7{P6#cNo13Gx4-KDReGM!YX{We?Vn z($4~RAu1uMSk4G~sa%wcLDCx}d)BbVXTmk8_6s0atP6<|#DV%`S$)jGePbEwLk(0^ zLD`v>mPUE?!T4!9*9rMdaVKM4GO0oVBZkDYBf2~IH!&HXhk&bax@`%j16BmW7skb$ z*%RqHN4U@WRa>?Th-)wJL9I7yJK;l5`Z}yt;qr$gtu=W{Fbl~#l)f__)hjmjpArHv zM+bR2C;yFD)|(la?5`=!mUfo*xN5bhr8j#6ES`K;hf5!!+z(aK;}>8+s8B;-I4!7; zL>(A{vStriR`34MQy%u`4}aPfchJN$5GLMwsWnzCl1#9sKD`1v^Y#W}q!UkwPa-1w zq~2&Ef>@79PYCseO3bvUq;sE#bpW^||6kIQIc^qYgf){v3?948c@+C+5&5$p<65;` z5!9rJ5X=Dy3avuMDrC#08G+jDc!>etQWQCa_Xp){I<*U{sOVadiaY%D54mCSVIJ@9 zp&g^=>mqqgypFa@RcZ2qZm8?5eWthzpi@RB5kgcU0AjD{hOV8eQ>YsJ_=^CRaGM(7 zfNeEcw{=)+SwX{W>SrrBrB1U8$2Qh_mCSI}%SBeh&zu_u(Ts`kLd%dcKe+AumoM#2 zs3LfCN(Nl-v=o?Va6n`*DtTuVZTNe}x&E^+qwPvED2*;Y;VZrhpSzTb`Zbs|Fena` zIQ|_93_BhnhgAZvx+L-)J8>z@zZk1miV(k+~x~;HN zfM8Ks|NrNv=TCP(Dcp&TA^I=E=tJP9EOnYJ&7TJRD(Zn)RgjF{EZyh-kF@uWr}}^Y z$LmCqB3Ug_W|<`s8NEufm8`5I3CYOboR*|0LNZg4nZ3tpAlZ8!M95y*>vuh$hwAhG zzCZ8ZyFUHlrsJIRd^{f4cwFOtUDrG!Gu9iT%gF^z^H~egUcX>B<+Acn9|=cp(8UIc@G4Glqk@b*iVGZr{{JBYWfiB$8wPYG+u;n=Gx=!b_8UG}GLaL(R;d!97(v+Soy0T+`;Kwpk zolL%G4=ulp`*bLH61Xfa1V@2z8T&4XQKRg2*H(f5q$~t%w!ru_^B|fGpdX}cVE*UU z(B072U=v1({(HWaoNkwTqWCTe_e__uK`BdcNxIX< zog6@qrUpr27p^9lV>iFrYR4qz#MnRjf0jYEI4%J14<(cvprRY=SX+K#SbWS6`-M=wA|sX9T^m~ee? z$7UuZ0whFlh>Rc?_v=snb>8QZRvJ%Z&YGbwou|&W9DI@Qo~{@Gt?W5fUj7ye%_Cnn z)63A#wUWbdY<_C1u<|6$k4csYnnq31Z^c~k!so&h3>243Xanr z&|-p^Ej1IuEJ|TNfWslGzdkw}9FKvFIlO_G{in0a2MhnGxqs zcG_kB!fIyGmE5FRIpuDc^9ahplZZBDM$E0_WMBBhJ!&y|&>_fFv%r|@G>5_q))2V^ z5OuU~SEfb;OC3e#=|h*9kveGlFRRh~ZVUDp81#?uFVhmO;HsZV6G5VeP=|Fr8|g)m zxyyJw=a3db~jQ&zJN7>0%xZ0#F)FOBn}exGWA&7&asxPb-upJS=LB+c6C zS{q-~R0a|LVL0HuxjU9CZA%wgQ}2w8Bomx*mC%2M{_r#DUJH`>k~Y3yB@f zk!X4~gJAOR*$TabS;rLz1kx@c^zguwkakL3iLuje{>{b2uL|&3Mc3|aa%GoLovM3< zwmkw3(n|6|^j&$L^bOV4^+eZA9%ViVA?K$Qod^5nvhA*>M%M$hC^w=%{?%9uwJ6|b z3cYz*(3Fq1xiFrX72J6HD$Sk)gT+P+NQA;b zcc*ioWnk+bNiZArW_rZq3>E?Xq-XRH?6+m+HkSoeFcy8)Q+Rj(i&UzIzhV@USR{TQ z`rzOI>M6HKMXp2i+rTjmimm5B&J&&m-~5yWLFe03Hh;+oxpUll@pA2|n~>cYH%q_; z9`sF2ND74qNum7MG13WkOs0)aP$a(W(v{F7M_|zfhzPe_k!%-}Z{{herpAMPyCOvkIE`$MiITz_ zgV|PcVXq4uTb~M77f?( zZwnNfW8oJUeNc5Y_l=34|2{*%FGq+SOK6B0mw5F(nqJf27W#tm@C_jt z_jYxjppp-{#lbxnz`kWa#Plnck&FZ-dHBy=LH9P1BdKcbJ0eDS-Bc#$8whc2*FtuR zUq%BkzXS>5gn(Tw3(yAgFzN*8k8OSZA0!XQ42f9i-U;=rLoAWf*txNSrPNW4k1%Z- z^t#^x#w4mu#JKIAen+9FakAQc_$Qry#%{< z#RAL~WTxFt(=Ocj^43b{6W!U(PC1?RG zssgaU*Tax304gQ$!+{qpqv~J7bBy-oU0VyLZ?r@Z)|!4-Bl-u?io^BoZ6QNIpo!AM zeE`)ahpZVJWiZ3ZkDCH6BK^%h@D6}1^-+IV-KvO>KvjE2f-Zt!f)r=es3kx~?6M9( zGrmn2U-Ep{@A+-FbVN@Q?VAp0;%hV` zb91C;L(MO#etRudmV5gI8u+Q;m}o9gt+P$kLuS_ZhcMCoMjmO%i*?@mhCuVcOr+uoQtn_=Y`R6Krl2GMeb?>oV7f)=No{4LTnU6e!ZJ)&)LY{DTP+I1l_IU z9sUdY0@qZ$&VDdb6gYp2SgP8c2^7jI6MoN&DWn{s^z8^rG_;Lcu>>d)uRR?RAj6m3 zhd(v5d)p{XcP5}W67R%&uk)w6>@;<-1{d#hUwARTP`o}xY8|)S`HR!(jRcM2Y}_)^p*xP}1}~f}-=l_hLkqPRNcLYXk)`S=uAd>!%T} zZ(&=iPJjCW>I)1NbW;~zL|!Gap?5H=)*LK!(*nRzt2UH%s}DG$7A28R9^!D@Hk5{` zqJmPvX4&K7c_7h5U5bwwcIn^8+=yPp=$@YIMkWs2hv9lvgr(hrM$ylpG|=XJ^59Yw zV#!14D2d&u+qRlD8d4X!7RFp_^-M-nWzk{9h<&Uf>epnzJ7q@^N>~HL_jE9oMT0*<{r3@7tE_%L~Qu4rVzur{3>Ho#Lf zP%_-Lt#pe~mH@i&A443R+3N}NkVx2q_7+OS0}|kpJ6L%{PqY2LAt7ii^Y6~R}9DkggG`LM}3&KChh;VaK=;GHsicf;3 z`w%b>g9~f`RWaugX#Z~B-aC~FWk!`I0SVYEd943vu*;w}3c zcQV7W_O^p&ig4|k6pS`vXPB=alg;T6V)oyHc?}$2cXh$>^EZ|^L~PQ!(nR{#?2AE} zszos}AzBCU3(Bsh)mJl&Qh!G`GIvYh&?27qcRY7PFaSm^hrB1^lr^NmO}D)+!=Xz* zaUE-qbvTz9Ab4S*QR}!t8|}v#!gW3>F-GYB?4iG8N}GV@sKZeXnLxwh9B1<1T9^W>)9gYVdSkvY zXDD1_J$GNm5vy|lFyU7sG+{1$u%!VtLZ_~dqZnhw? zv!HtXxhd6Y5I8OAv)^+vNI(YfQb&M-6-OqTsp4M`-zbuQ@eP7vVa%1Mq~pLrSRn;G zE|)@Bv+5zfByGH+)uQj+?Z|VpNYW#d=vx{o&D3?w>=BHZrBXNKqx!x)-W+`Tl;p`E zVOBw?Uv$3hg2c-Zt_Eeb9Rw-;1MMJshWKX8HZH9&w+J$0*H1!Okqj;pRH(y&s2yt58~n05Z6y zUue@Ps@fmPVZn4g1>oFuuesFrAQPI-CXy9^<77nl7f^v23T`LqM6X%lS;w_Q<56Yv zTO$UCeJurVMiYji2ZdesgBJoS<90|?1q4bO*E|~6cAJ2qvs`y$mBJ;=b+5C4a#h{hn@z2WFH&N z`M#g39E#CtK)#StXp|lzWFzs$fnO*HH~KObV*TVa)IEeqJVNdIUX%hBWCs#%225=Q zRs^%+8%)%lxzE*{9E8`*1Ix(z~1#Ngmvv~nGa zm`Lo*PFl7x7I}!`ptXLleV;$F1sxLbxdHLr5R!7qV4&rVEx?PR3FXm=e%!vC7H1Wm zX#rDu*{iIg!%lS1y%Bp~oW4c9mKzM&#-r8WVq|rl(tXvxO_6CRVYw4T*(_5*GTCG< zE}yRh z9?1N~ZY2N-_<&KO)$^nQ@at~hjE;cxJi+f@GJV~f3S!k7!yxm)#jYu%#=!*Kshi9b z`i^O#W-xBDneMfW;+1D;%kq4#i9AL+s{;26(Ig6im27uy3*yTgf3Z{rQZ1Dx|4;-~ zgn$RIow^-rY72<+m;7f_A*gzavgudEDfy+x>~U*o=ic^m<#f`Db`{Y?MG}6qp`tpz zXR)W(-CXF3g1G&a;1Ek|*dNGsK>{+#Nq8oE)wm#G5>iM5DL_7-pkEK8sOB$sTP(%( z)dgtXcw8-3aG{5Mc(EbG8)2PJ`WEY48Gu+d7)I#4VE0ymXj%L7VNJd6Mn<~2W(ij4 zGl2LC5G_dTI>GpxRX2gyv{rIN2Ae2Dy#TWi2#P!|hlp-ZzLK~Xas0Y^Xf&P97=c#<++b|CKe&ubzr^!h7eyv3#ke+Cd&hWfoS-Gen63On4;cL z--`7g;Gk%{MOIMx}w4#!0;ufl2h(9Wj3BS|TPbg6`y6`2hrz$DT zj@mtdoWVGQA?a^#-!-2n31D1MOsZ>Q9D=eJ@q0viCF)GXF<9$xaynve5wlTtF=X2 zxJpVg;ZTT&8fZW?y;|8EvrA11CYr*v6??|taQY#)%p)k~?YVUciGBl#;Rl3|ky%nc z_2`anvPHVOCqmDF#ElV80=#^yjWkNl?C6^_S2NwE*p2QKWLq~03mbLp2v?n*Ai z$L7jeWydK9z6d(VQ~eE6Agc|7NcqSf;6uXXsmUYzx1WX-^>72}spdK^sCka}45NNo zZ}#?VIeMf9n4)&gL(LXD%NimjkMNW|d(COr)HjCQ`=_brhoPlHZqqwOsPyn+9zaO2 zxc#Pt8sE$-(NmCbdT=M~zz;^U_>fC5S8oi+^&EyXJ-hST_$N={$U!Gs{^JsgqIYa(f=o2(S6PgTxE0h;%`QuKEGf)Qo{M@D7xd{`nxU1@!7kOP*KEBe|*|t{H&0!x12JkR>erA?zE?{q=9|=n> zm_r4J5Y-LfVlB;r6E@naVu8T30&YofmfoBqaXB_;&)h$)eO`&$bHT})}U-ZN;B5I6Y7M_4l;A9H z4)kHfg-_c?j!x9#&5^=cMpL9=qumkNY%%XbyB_`}$%$OuI?O6a&T$$bQ! z7fQ4ftU>uXnU^9ZCXffBb{McsOt%5VEuTaH&yizaXHCKte_6xOXI-*22Rc230+wR~ zYUPolj1FlOhRq;jKlV!D1(TO1YFSz#F=nG(c!a{Qzq}-B$E#;DjObHD$ntYv{j<2} zdG4MqM5I4gNsGwi*ud)Aj&bjFRdYfrV%O`F6Kd$8^c*sZ)Ru%YKq{G)D8ACApKn}> zdF^g|E_$1(D3si}t={B=89l#A27e)h(;rK)97SswYV1FnVC!Tg4 ziX4?vg13&M8s`!DvYm4d(yisa%AIT0(9j0DWA&qgw0pijNjAsDKr(Ep5sG;w0AwWn zgcu2Aof!Li#pEEN?CYBV3RXcoAH{%VZcIPjeBV;cw@iAd2xEN%F0`BOTgQ->RzKwm zq>~od&(kuL*j}7#v)L=J+0OlO14{37IiVWEOmKbu=qBL+Es+j^aI=g(p}10z6zxdxLkribF|CG z)kK^N%0Ohs7|*KAFN2GU_b%r1pIJehzC!k_7m66H++lhYE(M=7yY(6Lx?lxV)ajzr zG{_hQKof0Wb{aOx5p<9qbxDu?bclSKe7Nn0TBI4o4I}YP&~*f94ifKzH1Lpvf#gx4 z2!aM$=c9JKkqw6@xG1#XXcp061-ZyTD9_%Gxd1_iPm=?3T#o_{{^G$7gg_x!7h+rS zK%^tmQyx2v#wGuK9+%2?VOJgH@ z-y_#YvcV%W3(|dvCw&d>TeBOHZ3_>INP44DZljrBsoI`nXL=zFd?|smXv1+Z*U%(2 z#QP#N)0B6!eEh-fnSso?;p-G-+wzfR_i+U%UWIhrGnL=fw-?+;mQlA6G$PP?8%%tT z50q0kk5!XctGF7@(yIUc$1l(%mUE+|Hf|6tNToB{Xe))!hJ8F1-G8)R6U&_(A3!ZC zbh$9uE~Sbtg_s#Sh$(Vfd-ekY7)YBTN2$P1)fA1db~GUzBF{&(OuL|TucXAqi!981 zG29r@UdjF*!-|vqbao-cOhFvQL$RRAovWNJW;uWWsoFvpJXd_Ou;RoD?(lopi=pR9&!+=(@#77vCtivKksKf z^?tOT8Y0f(myonX2+>w}Hxr-KTK4|>#~7V=it z;X-7%&+k1(C6FYLdU$yNpwJiTK7RR~7RuN;aBu7D;zgj}D+*9}D@nA(I-xFZc&Aj7 zz6?k@+NTM!h-C+f<4B-v19T@NVSzI+%r{#B*^e)YTft0v$36(j6shE1zFti>`&|UR zRG1@u@e%gwvKCz)SC)z0$_fueSF>s~R$wHYp@h`8!#}t_25bo!#$I_^{>HD6+=K@3 z*1`H)hfyQ>F$vOMD5=9z+;^o7nrcD9@;sp)?clJ^jEfX5mZ=vZfvR>7T4Dusz*z7_ zrF&=qaT>u2kB_|VD8(4y2q@?69qw(+CdxZCiQDQJ`QChi-06!l^xy-1P<{)s4f!Jz z@riJ?Tb^rNB~+HPp12l=!q4H1lb~H4<dcMyq_=CcBY>9)-R%X9jS+#PfvR`WL*j~=sdx?S z959pLK?eOkwLvsDDtS)VaqjgFLJpSzWJ@3uvqLYspBUcXjb7igH4w`oR!;xA?&pI( z27ZQCUSUV|HAyPCCb}$`f}lfBdBPLy5uPe=cRDX#Iz@asECEjfP+Q^6rxj6KB>6FZ z+)nNDjMmw>E@;|!nEK^u-;Bx$lV6Eu{4Pwpuh0e8JQQlHLl1*71V3Rp5o44;2Ru`M zswY#f93bq59DBR=S|hkcJSWCLl&LaQT=ity^wWza|A38#{pV-(_m`r%4^U(ItQWak zcJce-$L-ZVXVmg}x)PgQ@p%SAFZdg@xQIeq?ek*chvf`#SMDF>qwfP1sh=?2C^+PxaHna_CY6kQ;p%*=iJ01jAh$z|ea)JMG2*|Ij zQk0)_CSQjII3mu%A=j0vumgoT$MpK|PWACm%lpbcK0HyM#VB2x7bIyBdK}%QM z6CrX7at_N};8(9Xp{*?uG`?G2fwp;v9Z2GgOW|EO^8x1A-=gB_>#%&&xYfr}!Kut9 z;U>;6EzujO7irPfDgX8}Ga@BxGxq|v#y&t>qmtzFtTRWLC{qB`oMbuXz!Zm;3*7u}AgM3pzvDuf5ebm!k*M^arV|;7Sms~h&S{r$mr~=9sa<}Fx9rC;r6=UYWNt~q>KxKzYcc=B{0ZNV<=k>&EG>{>xoY?JzO%)L3-*q`gj%j6Zv9vibE7+H2fZLWx5oqu=VsMOY9#xX-IyRcY zp)ZW)_=)uvB(67}3_7E!VK_18wN;_L2ki=N z+doSWmKgOhtj(;+N=kY>Eq{Fyk+mj_%c+W{-WW$d^5ua*gQ%5a^Y4$akP~Nv)O@~; zAum!3wr;z4ID%8!v@#hJSe||a*MB5jmUydA_~Wa)M2|oXSmTW@cm3dsQ1M13t~9i| zVB^zBp*Erqw5oTKhaLdnTx^Q92a?%>H5dU&T+f%^t3>7sjnKSygBRh#MD7M7V0}yJ zD*XYLF=R%MCw`V{_KUsyvU|v@mfE8cx*7khPUWe~s|pk&tZqk*8jl`uy%=`<7-Ydk zNR6z!xl!}qnK&!jZWpCQNL~dN21Ql*F&f^M@%t$B{4c$#+EbSFO!T??G)*hl1d;x%=XYf{wDOoX6>;A= zd-gnMY2v=Zxx{y$i&iAog0u!E^wC9iZO@;AMeSR$YJomO&-McGvbwbien`v>Wd0g7 zed)gkO@WAktPR!8#D%EC^3P(>_tD+uMh;0@8n692dDd9Fb7@wn^o~Az0u$Rh*f)p` zgqxScI(&i-b;X_gkF$N=3uBzv6NdTRn-H>%ASLuw^)Yk4(88pAClcV-kOuYD(8iSA zy6{;f?G3bOV4jdzYc47a8NVrL7QbY7^C`FVeUsrBL~}yNM8q7Zm6JLyCj41;w3Y(1 z=I(5dVQ<##^jb|!N=oX?NDoxYx~7?VP0Qo`o*fSFKixIN2=8$A(BJL1`MP;#$T0pi z>s;BrU@z;^`*PRW%POB7>Ui@0WJ&ktM|U=-wUl_6-P}$W3oGew8J}wu@OZGLvL=s)XrNi^DOVA*!xhCf}@E+m0#=692fB#3t$;PC*%(w3COE`Hc7Q)Kt9mc&<;myW^*6%TiN z#)=&zA!|s(&obuqe2~*ssg`@t<IsgY^PSm)iDN%(eS65QHUG1DjGuM<=%Ypd}0+h>uZ5yOOjkTd&ysO%@@`WlxQSuN~1>D zLWfL#b-J#rw5d4oh~EYcB5@>?JA6JhyG>lUNf6tmGrEvHRX3AjWn#Z2vE~xWoVp|= zcEg4-4Vtzvx@vN`;KBfl5(Q3$CVMtl^zee-#X8No z%1*uTeNlNo&vr;Ra`{kf**{5(kJZm-9#NSyP2GeNgufjl-f=Zk>ap|&@g%W}m?f&m zufuG!#!u}bj4u2z@>~ie8&=e-2|$R&AA-T;rNx>g+y}WZdpnxG2Z-}ja$#;foOE<@ zIB5HD)vLs;%b1-WLHw9Nh;$M&59ZZ}_{|`F5k>*aUpaIN!S;`pN;MLLx*dfX^yycW~GAZ;yiZz`#+* zHoNOKwcO|Q+~68)C;7V`C| z*lzY8Hbfd_yTf;e^g2_W4%W@I(U)eGkPo|S2UAOTy|o9va_TxW1IjBh7eggcAYh)e z^pwTl?VDJTdKPf6@h03rVbN*6K<){B<(!|7 zb;;(JS{zd<>18%}L-`}7dZdM^t8m<_#TCo%l-u6>MXuW0&|Abb`|2A+Jn$~myIR8d zM9snk=;4=R!TS-G;lO0Aey?@-UdA}sQ7vk%seS9KW^HZTagL1V&k!--0WYvUs)PlO ztap3IWOx1KE4|bHyq0AjeC9`m@?YO#Ff}AO%G$kRcn`Z%?&oUMF`aqZGd$d@G1`&(8z&4fx%nN~YhwY@8v?9U#0 z#pF%3Ry$s@t#hq&KCjwMJZYstkE!{4%dxTCrP9f&IamIIlR0a1;y+eD_gP63@?1-+ z=I_L>o)}yFD#l@3w9*uEbtPwb-wg}y`>=@&R?BuVU+F2|i)ATpGj)g#$+#STg{&dp zV=hRrNNW2}9sAY~UQxY$awo!T4H+I1e8Wylv`QOCQ?m)vm9yrRJ^qwuP*ykHPHJ)b zquIhM_oT$lfhN#Ma~HF6DQw&}-%<8m0tjU_OBK47d{gFwt?2>>9k1K(c>Jh1 zDk(EPeynXZT!pdD72z^XTri29ztr-V;V!F=40*a1g%7y|oiOPSSr+c)Aw5IBYcejQ z!(E|v-E-F-z|k%}IPz!{PK3c>elRTM>tNXAr=|i}(n6F#?^UL&Dg$|O%Qp}yQ82Sc z_y-k@hE&*GM!x6`UMoW5mS< zM|k43q#!1*^uD$4wo|Iz_D5ZCgxI^wh$Khz@$(DsD{^p>UcT8oE6gwK*O{H1CYY2x zF>+yb&0yPR3tf4+Xx2i#ef z6xZ?hKQg`l#_ct?6)LBS`X#LY4B&5)l?cm&~ynHjiA#$WhTx4D>aePuid(aG4pd z*L9b*lD%_imXnFL)9TQTAOnE@z^D0HKws^>mE#~z9(n^i$7JEmJj-;zr*`tvGj`dh z!4IBa`0BS7@`>@l&qt9&b65^Dtco9W{*F7sw+gZt)4crU7AC7~ScTMFVu69l+rDU; z=OQO<&%4znquw@ye+pCx5~{ehp*it=a)EOSw!wPDgZ}lM8~Z?B0VKG0Zd=biqq!33 zLvU`Y;LZj~fo!dG&#Sf_iy#yUoBi;=Ya4QWYEN3;mh&i!%94?dsQuIUeCHv405eIr z^m3#aj4R8_4xGG;liJ`~vWi6Lpqw|5AU6E=DpULXx2K!NZ7{#Y#>UR(b+5L2Z{@8< zX^B9$h>kU9CMWlARyi!zp`0Dgr;p(XIj%kxAg6HD{V{k6cZbfecU5alCo+ zhLd^{3j?)zF0D^%#%wS}99qHnv5Hwj3-{O(&L7x((tT|bLW+L8yVbaI>eii!5}L+_p~Hv{=?2d2Zn51s0JvP9Z3xII!w%ay-`=qCrS7Mj%z1-EhhCJP z6yMw2HQ)DrY)o-WuD|<=!{$zdafuVcd)%kob;7nfE7^Td){5o$l>Ku*|J^SQ4}n(5 z{c=MQYlWR_8ykd9==QymuU<8)-%kF_`WN9!Xr7y6vzpX-leLCLUlaA%|H=cu z_O(u7MRiH+oDC_VD;d*=H#d@&JFxG7XlhlL>o8Z;tBg1L&1U*PSDe8D#;K_D%iVv< zd7<*)9!;O=CV^*+ebaL*r5ixJ+UGwn*IjRs{i;4!_;q1z$n$^R3a%b3Ix(||IIJg!Q8dC zJMg&910#bK^7nfFTsS}5H-BJitM(hVpWA3i#Y?Y^RQEE8yBqKX2`9E4oc}tS;?nA8 zqBFeiYyNlJLYCL?3XVi5o%RJhNd=45*Y#P?{#w<4_vlDF@MTQxEiRud z#WZWrt(-^*@$#CVaMl$pZG0ZSv36|X_T@Z@<+;fKt-_00FY%Wc%`;?aQq z!smO{CPKztjh2hu=j-=&_F4U@3^YUlIafx5A9ArOkG*xC`pVJ6k~^wqylux%-@)=Q zj?ZO~Yf_qNAuSi?S$QYqw;nRG*q`%n2*Q5D4ca$iTYGA1H>Z0X{|iu9%iTAIny zfAZ>6t*AG?4nIP^p-@jcZ&9;+tzI;gIv=t&74a%BKJ9ke9-?FW2Q=N#5q_uW5eAA@ zeJ|ZE*TY*ir*sWTzpt3Gf=CO)zgmsc~#;}$d-G)O83r=6ZT5172j{ka8{Cs zf4xaxwCmd1_L-`^d+4pV3Qo?>ciz#_(O=}RUH)T2Cj+5(TKLq(@$st$=@4w=i#V?T z^pXBMq4*!7n!yWd7gT#;9E6L@lg4sY3ETaD>YP8I&AOoAa*=}yNxWp7K|*QY8us8p z#YL5&B&|e7eyR<|*pR#bv5@~o&{|5WQ#P;w>+gTd2Wn)ojjvJdOt*uMT}afCRq*3g z_3c#te7V0ZX@(t6!a_6}qOJ$p4b|-laml|Tt^dtZ|K&XmZ-7)f<{?pBJp4Jx$p$o? z6#wmc|I3E|8%B_?M{hCb>;3C!-Y)L!8JNrw?88xn?E_w|MBLX5D{wM6k<%C z#xn6^)^)O>$u-5S`hANiKkZqTdp6y(P1<0T`qGK%q(oa>3~kLbwqrlB{r|8D=9*oI zC7be?{+0-a>U5#tn7fTBgoIu+@rw~gZ+*>io$Rr7t@>If*oJ%a8|9QNnC*Y+{a?iVeYO9YdbV7^mRVXc6Do8UKIH1H zyuYtfu#!EuviRnoytM5%`2SRc{I&*VX(S?&t|=?#iW_yNDwgQ9TQjk563g^^T|c&@ z>#qNUckJ}a;m7|61_MhY01*STpsPyi-P2vmCO2EfEOS2|m|I0i(b=q{{4`~!?EhfO zKcsv^5(`Bp#^lk^&{*?D-M&vdKenP&Qs8?t z=}Q~0h=m~%nN$rfXPs7O_AjgGD%Lvn*W!Ic9$STml*-q{7Hl_n?sL8}lpQ);w3616 zIxMNGR#RkiCVxqgF9CKGEP?UglG``#yK{8=WL3n#d)fcTZU0Yu`i+!td2n&t>^Qbr zbGYjr4Tw_a{4_uBKa&o|-m3l%(b#SIW5T3`m7XA8YZ9#hu@y@UvSB~TxGB*XW-3u7lyg8ZzjBa`Em~< zqnH)@J2vU583#stQ%?o98TN_RcU=rLsz*g=sK?!3;mrfG2Z~Sliw?2t6Ij#R!BSXo z5pQd6_a$-S@O0qV<}g6&Cj~M4zheO`CF#+FEn+9%iV6$wDGR=9>(84jgPrrLbT(*D z+LB^A_rAs6Sa>Vt&eHD}>ddleX@YMQa}QWD$U|@i*GqPd{djFh2kkf1=*AabJ4%X5pJFgxo;;bB2p)?Fm50^5xAx3$=}iuLe9rAbQB{8+ZF7wSZ2zD zr}r2b7^GNqy>$3KX_lg2KkIP4Je-BA{2Jx9%BUmO^YLh~sxGPb;){91xyc^tr>b1^ z#ks2GJ&r~^zEa*Ib(<{g?d@%BZKbTOt@m|`We)Qy{=K?J=hM_=}k04;qgiKQ8%n?pV{i!N**@ zSN3}|*hjx4yzYhYNWB^0kpKFawv$!JVzUl3@z8sxIM0m<+k98^wg@+Jc?$*Fv)jx4w+LI-yvLv2QoP$@p=y+~!?$w2|C&>lO-*mdk| z+h&%3yIcQETDyOcDvBm+Q4Yh2mxPNsU$wO4FSJ^!?kV&Pe|Ym`(0$uiv4cOj1kqH! zyk6vG*|T}YR}bmhjD2xfc{6a%$jFFWE0Y_P21`g~bWF|I4;h`GIjlch3UCn(d8it4 zJdAtydg9@6WRYQ_$j`^5gOGBDnQQ=uFQ{FsZV0E1GWmJADK@wEV^(m+OMmaaDH)_(1e z%mDm@1h;0SuyyU{U6*>sivS`&kQa+2ltU%4R>pHW@7&LDUrFa&TwILG$PgS&=Sm;0 z{p(8`A4?Hxh0VHrw74ov)BtqhYEg*$9;MT1Dn6{CfO3SLVC$bewz{%pP#rEdSyZ@!?U<`k`H;JF z7OO!CmhTZ|%F%FlMfdzwKid?W!8(o9Yck)a7d~H4lNK30**}!{@Gnn$GbVug`9-V{ z`7ryy#DwL|_DmkPTZzX%Db=glh{{8J72>&$S2FD`4T5Q@W^noL_KUjms-Mu@bK{Ta`RK^ z@#W@;Hv@lV5&!TM-rC|!;1H6{t$ciaO9OeddW?L<_eZP^`5un2@V?2bH*9*D2{9HA zNJnbyd0bojHG4`uoT*wgPpInjbcM00sW%8<>&=sX_@tU7>7O8gKUUi+6zE|z6N=p3 z+jQo}&2zcJ3Aqw&BDvAw@97X`P)@^qytD0eN{mQ(xFMJV#}8^So%tB3ujyWihI6ybb_x*M%8KpkNB zt%y-5xrJ;873HU)RjJ8-^)LoR2H1I2CK#YuZUieF@R(LxDD?<0Z0Qk4G%7hJ`G>TrW>o^9FvhdlRF zWZov=pWz6XVrhGOdnYRdsz1%S|1j>bo8yZrC=iW`jZF>Mi)!>Z7UiSGH8qmjvr&S# zYAMu9T8$zY;a_cCo!?fwkYzW$FjszxKRx%2Roik|*5Stht;9M2m*7ZC3d`zPbl%nS z*)2~kh7;OJxk3@X3g_Y%ap4S{NiS`8pII>RB!B>Z9+)->BFMA9Do^r6fDQG9`2EtVkDd#KC2lU14X(K&q^R`K~JidXO6@u?+fP@9>V znP7zmA$WzNWd7o*$XYF3a7VU)jd3i~oUl*A@q1bJYM^u7SZ?c00VQNJ#>}{@w@&-< z=2>LBxP}%b@u|JjWgHzHg>&DH5+66)hQh%9M)JVarrB!8!Onj8RB36cL4CBsWMUqZ z&-luGt?{__E@}~;s#Uc;PvKatkML8U^`!h%UM0c8>-IHHcxfcV!J>2d7wm{a|cn_PD>lKmB78e(cDHTolar7u3hyXAm|)t$>$jJ+Fc#Ke^UvDLvBS z$~k4mNGIhuJgmFVBD?3dan(si!RpV(hs5otb#BeA_^R8u-GPu3WHla9QkC?OE;y8$ zhBFw2-a7x|$BzT#BPRs~$w#W1w|&h0TkGukCF~cN=(J_q)q$$8Ta`wIdp{by`8?1b zbKr*!FXuKpCg&Sk+S7yYnD!10#dlJ>mNOK8+@Ez|W^u5hPZ!~yc_UnH?aR+XMm>5( zlgk=8R)&cAx^tx8DhJBPUjL1#paRzY38S*rZf>-lAu9>v>*IXTtEgzu=V6n+B`l~y2=|XZD|<<4kNs+&H)1^wwl+1fCyRC+ zBpF7O-QNf>wgkhmbA;ZzxFyftVx+S`RD89o@L*-)!l|7jx>jFv=bJ5ZxbI7s^wjIk zo8N57p80&c{7hH>O_jyA->Auy6Ya7lMkP+Y1bDrj>e{>dhO@?67~H4I_{6tOwA`9w z+~ZQ!A)scz1=e^&nVEdV$M+Gyvt~Q+<|jiQ%d@N8QRVXbs|_IAw&vqc#GBXY&-J>m z%z*A0IFTG;spHxxdbQP$^wzMw`#!zZe%IJ;i=vgO>}A6NgwUS^BUYUj+a{B^w%KV- z=R7}~tM%{W2IGYjqzCYRxRCiaBR&Q4 z%ioDDj8w54>b{mhQ_$Js>(xlj%+Eyf1xKLD@B2=f$HT(|$fU2ElTmE(-)K`s%}CxY zdDU9&OnpgNrNg(inuNnFEsl?|@tqoYt5{f;-N!sJ@ww&V=C3N9n}rbL{yYNYy2kR1 z2r~L}-62UJZveZ&%9CJlHpkz-yM=#TK6jG6m;HS=4WpL*2u(|3Ua8J|@Lq_y^S|S7 zFacC(-sa)Q8r2I}==nw-RTEs)J6zX#kA>mKHrSxzM6&3qJuWx$#}0$7vI4N7rfS_- z1Otf*>>oZE*S7n)9d=G)xiPV}PAA`D{0Jk+Or*_fc_7(FCC- z`IhN{b}9R*nLgee`;O@g%PR`@6`aY=skgYcV^PU}D!IFbk!kN^_vt2ztLuVK4@7@j zd7T9Uq8AOL|5pAzB+V$~_qGtSEc8Y?as-lA+bzzW80bHd?0j>R(91BH=8o3v%*-qm zTQ~_}TO4b$=rM8nqLqG%D7eW3`ScFLb^5ftkHk(XtTF6wP766>K(50*j`$FaqIRD+ z#Fs|*9ORM`@6x>(NMqYluo!25u4_taa-xK%dN5yW?7rwiv)^zKkLIo{x4D?fK8wzv zrqlj-b1PTJjzrPf;s}>1@4-F8&9lYry6zWU1~Z-ODT^rKIVT?CzkgRwKOvnz-mJR| ztWeYj;Yx1j6utS^j@V_{Ziq305x5PmS+n-cV)wNVVJQaHSn$G*s>+F&pGs~IH50iJ z?z(MjFKE#*^0TR>okGX2JlJ4G>5^a*?A*B-R)elv zJ~NX=K~IN9#tl{Q7=B#9X2r%HIUX!8SbmJ*?^qN*HFO@i9&2ipZ?>kgnP>NPwoEis z84rJt3n@N=ay}p|Pdo5e4QcIpSKy$Kpqa)_&vS(~F)`7^QwK*F6wUn!v;R~1Sl|GM zAq!&Q(F!3w?Ghckx{3x;P@5^2yQ)aK_#yc&(2ZVuL~NLKr;p=eH1A?)Hn2A@K5YSXi2CFi+PwDrG zmkujz!&g@{%j+rgz-Wh-!{E64)&H&D1Fcd`2NpAgY7Cl_bW(t2=Bp!e#H<#YKKEVG zB)UuFwA)!O?qT%ma;m3@%E}U2Tw1Efn~O*IBC%{+QoH@eA9;S3n*8bcYtjkpV}*j* z!2Bk$qdFk`WUHNo^E8#gaMc}?ARU0tf~5FJ*6G*}MrCGC1(+K2eF;DUC~)cd1_lPQ z;0Ps}i2;9Y|6uJ9lQmHG&7S@Hy<;NWM8>iQCbL&cea|^N+n-aZA5pt{0#Urr_v0=d zxqp9aPhYhj9iMK|>82!|{W>~2wM|X*IoiB0Uc9hr4hso8#`U+1V0#$&P-rk!i<1^H zT~kczGw0*?k3B%chfN}yQ78hl``ShfM@V-XF#}B!u4Eh)5fM2YQ5^$-D|VLTVQRQH z)^7{SAGhi@ZKB;NbMDOLpD+G*zu;v^6!*0#jLC^02AQyBweF0wRpH0nTxs1KxmN`RVppzQISi3i#{ZK`brn&?GM)rhaOqlI zXIqVW-%E#k@wxS`g6+%_VycgVb!@qnxgQmSGR+_BvAtC_6t0nWUBSlA?!2jKos3w} zRy%*nJVfLEC6frJ;L|aAGRF2UE~jV52>aW!EPSh7XF6L_4VWRO(1HpHBL(8v^ofm5 zmdI5<1fxu&(8bZl#^xM|3Ai>V61bAJO7|z&{OvO0Q1*z8x_tD_!1wRQ5G@jzoG#7$ zq>#m?W7mE-q+I=tG73S%k8G!|{Jt({~CYN0P4O&t#9CII+uUZtfEuL!xZn zFfTFI?rYNw@wwdLrsm8zv?Aj#XoAb328%|Bd=%J{lXiQGVR;~g8;zEI`PMjPYiSoU zeR5(u6A)@!%3@x9yz|uSYW~W@nG~0W56GoO!&Rg zloGUajw2TsL>>_Lzp}FOWuCd~SmLh|r9V6vP){b??EI%>-&}G+Vvl2lJVc-08fM(z z^Ilp=x-f$!wK6A1^PVQ+AYiXxiYNbhUwM$Uv$J!X4kR)Z zF#i{cc^-~`1QHWO_{L4|eeC4P|F5)b4~KGF1CT2-$Asl59+<&M6|7qf!mE zOGaTEBiF%%GukDMVWX`)<9^E~mkBe>5JzDvm&|d-FeWMt88eX@w_&f()6?Gn`h0)S z^Ub%`df#`w>-YP;?^5Pa1Bv2gQHRR2Sue~G{gfXrdZH49sg^9+2hZu^SIRG@uf*De z>&2Rz*BnrmQAP`lVJ#@e<@0ixj4!;v#PXAFCHZJ-PsT+IQ zF09LPGs;`<>_H$-Th9pCp_;1$v^x=MqnXv96a?Yy6@n7gsZ=HA2$CnKr-=fA0LU-H zSl#0xfJmSUGvM-f$3IKCA^}-81DVEGY$SNJg;2j}t@bW65WoLn5DA}T=7lU*sy~3Tlnp|Jo*4&3+8}S zXS*`2Bl!0S1j53Xl$?9Hw$vY<4qgUy;w~4L!&P1DdGO5-62)helI2cOQ1?Eu4ibr1 zt8Dq_=sZXWz9^d^*!=%K0@ec;X0zkJZa7U%}jSF!1 zOoW@)1qnvttFhNug<+%JTc;Z0)>a{CDJd!Gg(6wh)@zAPd2A_kG^iPz@H>4Q-R=Ll zKz?y`vDd_un$d&~2?&!meV<&mQ<8N6V=)2EZ=&tA~d+ zT-Nc0mO8szY^n@50hH3dVN^}_0+DLWL4uLam`Ns)ivJ5y|1SWq#~(SCbr+Y*rs~bm zFC8_@#2|EtC0%c;*7F*NxML*d$)#}bg21{cR{n^9k zX)E{u-S?6THlDCkp+`mpj~)CB;t?uG05n57zRX||pjoD(CST{z*Y)-Fu^aJL5kj@3 znB@fTwNZ!daw^`KCp+6_6CeGtR}Qp*0UY>KcAdgGUvSLzb!wocq=7gU!!6cT)J5w=WD+&Lt&);i_Oi?atbZ;ELeNpD*trR`${zXmo;M2Z5gy8qVT z%v_Lgd~LC1N>^(*gf~34JQtAuykUGGtty^QTEn2U;94e7Xw9}@qkixB9+$pmjAOby z%joT_(h~uZvbDUE?Zvrbp;((LP%V9_uoO*yAJ{y%Qr2}nZBYxTc(KSN@-3s>aW^4F zi#r$d=|ra?T!>QB6en?h8$aVAN^aCukb`eD6^`Wr)x@x^CdurR`mq?p*g1Aa*+Je9 zy!noCl_$Rg(VYJ+LT5hby>y6PLX=+I$b#7g2bihecZ8u`rO{rr#(DIK`t;k4di0VA zw)@#22{KhkG>H}Empu?CAGor!9ItZzx^a5fJ_7nSqw{6TOkR1RU?oc9$z~9|nij$A zo-ig*=N0yqt*i5L2>JJo%m1#Z{8d(#7cIBJyzwt|7TmA*qY}G9UHLcjf)>e?AW{&Q zK`C&;&)5aLZ<}5+Jdyx`KpWgBz9q_F_MjFS6=FA+JJLtjx^vqzxROel#c__fMp3wm zyAS3zbd37z_Zzg;I!N=&z!yH#xpIm(kwd5i-3#+HXWl+X`{PJiZ)e{Ui_f zZ}KLf%9vQAEU52t}*wvy^ZsWGUI5$4y6pOGlnMJ)z9IL$@Y zv7d_rpb0YI3U%RbwUF869ReV{8hT&FJ98&pGf)$N*3jj5z>Z47 zn~1P&6pWnE4l2w7`Qkdds;o^@%vGDZ@T(Y3sOcBE?QI|Zw3--3xx_Z^45i@l0oJ_H z{lj>bZZG$To3bquDEQz^T4Q41?ml1LMo9^HfPU4c+z7Y@;wP|{eK_{gW~LFm2Q;^+ zzI5gaM0~>cI{?nnf!4cFSp9iZl>wlgi8~lpLF49>;ecfi18!tLa%~#!N$u-gl$L^F z*+uQxlnx$#; zO5)&2%hNo^J%7^?tI_`8F;WweLXy>zpObtPnWy<7F*;AHzc*q^a_Vr(T)Xxx>akt0 z*8YQi{LT^_cg5K0Yobjv<~j0K2XdoV^NDjUE%=VX#vbPt&&Gy`4*XJC)6%9=Q|{*K zSeKZ%xcD)%1N6-NDu3?#jRx+Q_I#D6Lnzaj%8^5RT8k;#goey!gE`Y29=C!3Qh=UB2i`zu>SKKP>4>lWpYn;+mu@n6)G&hFkTmF-AH!Zlp#@4c) zw}p-t^(-jY{kSxO*FK=sgKMPPKz$@zrf#H%MYtuJJGhgwZOuJ{d)^Wkko_v)%##VV zKlfohSg&mp7`237IXVOlCpMmFbiGPOV@$fGj`x)~Q!<@DjI6s_wzOV4cAYAV;duU< z_T>y^Bsl^$6rEYl8!yNn;i% z=;aRaTb&%0kGpveKC3s}w5WbcFdC9&h%4?F%8~2Y+){iTDa0bv@6`wU%ts z!KGY@THoiySzvJkwghHQzKf-0L|E~LF0Fa?4pXaiMYe}Z_fy)r<58V)0v|Dx`CJck zTp`gBs^ZuuM_HfFKs|ET+oY@{8g|Ja&&bFCn0ZqXHcv338|_W`p$%V>$M(}O9!EA_ zAsB^|94lH+_)rJp44v(C?Boh^`=#E;KtM=j?k>M)%VX&6-S4C&;?OVq{yEP0&Yji; zlt?&>lAA4jjWl!y`-Be1s7i>BkEc}P?E-cv-4-UE)K`Ye{ZAvIz1jbW&2qKeM30q@ zgoVr03W#t86ciLldiMAC3wf3WOx$|}8x6POtIB){wQ(e$LQ7=DQa`2W{?1m5_@H^n zaxV+mdRp6pzl*aey!nbGumljgA^TkyN1tHj^A_k-QQLk{}NnP*J*N(AOzw_ zql!vO2neO&3a6EJx`(@a-NUsBA{=1DR1^Lw&&`?=?vc}u=Ik*=pLgCYpj1^=&p3+0 z1}Jl~GFFZj7uHPa?l$x!B?S05yZe;c?wCTz^zpcO4k%?NhQp)sq~UzN0G}O+;-aba zYHLSF93UlY8=Ds!f=C%%4-JVm4sw7tfO3r1* zh|@v9zI6>E=21Q`W5tTuW8IB5sRT2KOD&$$lp5HDFipg8`*^$hxVX6`M&rU3P@T&~adCH_ zOK@I=yZvu88ka3@SChcrlatmE5_Zr{ktqG9u5e#07o>0sX>cw+=e^xA&Yq7+DqKnq zwzfgz;}1=7Gb>lmNBxV4{@xd?2mAX!7G!7KkkZoc+!VZt;mZI4u?w`2zA7` zolroeJWo5G0WF};NyaF*-Tot}C$a1MqBv`p@6U~L3pPUTn z?Cg|8N0pVsq%%lNJz{)w7@?!7`8x!2ji&_i&f>MGwdqhpDG!TBLCK+j%v~=&E_!1B zD{6V3x`@HmERNO3=jKW!wCwmBS^l)%(aZD58=SIcx z;y}-Vq4RIR?#pMy2AfZ~r*B+CqPMVy#W_+XB_$s-GK2x4^5ST5GgH#ZZ^7Te0X=Xa zWbGHwE-sRIq}VaOo!&@FBfc+faPp(p0OdQ*Bz%6UGs{yHKhRb>gc+<@_N6W#tyDO| zr+BQ;bG?8z#^)T1$T-5AvTjdV>M}(*;!g-gQZx_$P)t1To&wo)Rd%$9scqfODa@$? zyf`bwEPv4pI}$Jai2~=$yEjd~j0F+`xN$&2IQm=|X_}u80#s`B=6G(btzIVO&9eL4 zRG`j)$HeHwTlyf8hm$gbE+Uw3_(!((_!S<^DsP0e?iR(z#oh$d;U_MMu=(v?tt|`2rAyamGYlKYpP8SJq%czj|M)f_X5+-j*nM@ZjXrQC%;KG9=GK4c0YXhu)&!I%raZ#$d{#3(jZ+-VAm=F z|F*V=`*!U{X0aq5lP!brc51rNbS`c*x70w#d)tE?XVmdVc6Pu=a-i=@*|?r&v->!9n{6c-9*^g z8azs}C3+*bY!XQ?23`o~?b_r zQOf)=gqldm-r_YLDU{)py8to50o;}v3ryltu?S>rIFH^W@&y%bY$(4F7VyqH&$GmY zusYcrZbnq*WM~}k_gUz^PnBiFKO6|ly_cJPRFUG@t6wZuV{+ozPrT@nf`>62&+mr) zxe#G{JBqbVt5dL}T8>fC3Oku{Kc<46QIACBaBM4RiZvlfSkNcyAHlCX&& zTTv;8RFBtI2GK22oV_B4{VIEu-{W=es>o9MJqMp(pSW55>)xte%=G|F>d@-P&67fL zYK%__*DY2**hgCK04t$0w@EV%DK5t9PDaZ!ZJguvmx+3Eb$xAGqNFv(FWN6G^D8fJ z2BkJ;Tj#genU#)}3sFToEfe=h>-wmv@!WG`M|c%qJr8g!TFIH5wpMtMd2i(Y9GmG} z(t*G*sRA=6huKYvpn&TYkH@sYJITUe7P$6t`}=xaA4o z$uOELEgfVxFfW$##w-o*nq!>T36|BQv%lz)Sz##%h?m|lLps9R`n=K>TD9XK&WcMY zI(2)5*)~PRKIiK3fCl-KIvm}?M>^hdDd_JjxK-tmD)&M;QY6ZBdZp%c05SbEBT^ey{_lr&q+E0p5rA#EO+`9N_w({H($9dq}Mf>7b zk0uNcr#mmqhi{AkL2(_x9!-syAYStkJ+h_Efz*~iCeRdv>HHAp+u&E}Gg{|f*Va^y zcM}%z_WCtGM_HWN&|%;ZuzWGmfLFkLO_kK${J~8ZpG1EAeTYINZW*$MYEAzbH%-5j z%k_GQQd)4Xnxq<5O)4mmt|qOSV zg`}Iy;S6i+m_`?qk%FxsKa*UZi74Tw8cWf04WDGoOn!JtyFWTNShwke9T`HUG*(?# zaZi2eIJ}e#OaxL_mgzB~7rN`sU6Nh+^?e?F4;-}=&Im+@Gn#+r5p0@_IxJyD6#gAV zAX%duj05j5+Oi;5!f(Kpqu6z}8PRn@6%~E%9(lsB`Z9RNtniY@DzDtxGsuAs5%mS?TKH;R zl0&((Q%|uQQbZ|fL_X(Ek^=euTunl|Z5JNzl9kY};~qY}s?5EV<#`e)CXv@izC-tK zI%^t6MD-ZQXJ?~w!kke0*N2{{8DP!~Poz``9-$Yo{K1A4anJBuK7?r6@s5Oo-0-ZD z{ENDJ)ua*KnOl}^+Y>qHtX8%>D{MoY+Q-1H#L-wMT30B-&(c#}nWYZDAqHMB8*09i<=TA|*0k5aqSn z5?M&7&m!aeWBQ#LbdQ@1dVDX=ULs^g{qkB|>k~x^%=`Q*{uMDLFURrx4cTiU!e#S{ zySvhqP4o$G{RE(7^QwIFq6Moy|&MX(Y6B*e`jPc5r;f?W%+4Nr8 zD5%4#655J^gurB0$huYba~M%&E?ivm1gsRYf#_k&A}b;vL<7Rw>SYU?x$nHpEBo%? z$6O1_tN5)c@^>YX0ngiIgBa@{`;h<&$?WE`DWKnrzd7#+hY zE#LE;Pg6K&E6UdW(>Ha_UO3FuO-DvLLXwdoJk>c>E^$5mR#i!Robdex*~ql+RPfmRq;qo~l|jFol0`Pt7&@HiWvgb1OPH*OgK0p+crR@zwVQ6wr-|VM7mFJJwu=hZ=G}_qpC& zbtRXa-(E5weB~e-X=!AzF>3lv$+-BVL@3Wp42omQX^W|SsqDI}%%S7Na?;f60e_BO zfnrO7_F+8hDYHqb#1D?*Ho}91%nk#Be_;mB+`B#-m<25@$9xHIWxZ@+t2YY@Z6c7Z z1F9fUP*}-I0arWWfFs=6-MyLxHg-oFdJ8+lFs=0moB~lf42(V z#Rm3E=%|KeK^aqCA_nNPlk-0(?5{;{96?036baFr&A#iIL)*FchO7Xa`Tpju%M&%f zHgI!FkFty&mn{fE0_B>#p_OS0$Jo)>Mve@Z6RRJA_W|rU0flo0uPa;gwe|ZNUCBX2 z^h6GI=s8J%7RSxaefr7XSn)h3694{vz(1l%(R8Q0msVIH7dt%j_dgyO4K2qB;Bk=C zG|;ZtbtTMV^?AOPCTH`;xMuc0YXN@xR$lK`IAqgwpJ%BUU(<@o`2a^?m0`w&V)Lu1sb*xK4UnbpsA4*`*52ei472wvV07J;jlZ5-Sq<6h>0{l9x3 zD==C+o5a|9+gqli@?NVjx`WeH&&^0%C^wXFoo+ZHxLzJ%;4|iS&0>l^SVpprcSh;> zs%fFj?M%DC2lemN)Ya7`Wn>r;qS2PO55ZNk2W~KEaw8ijmVn<+M@L86UpQttkfw02 zV-kC|DW#7xi<6b;^I0(LU!3YYCvfcwfy1%)MCr<}8elv~Jd}4>QCK+e8_g1%Y=4=w zN27=P=5p!Az1kOSj~0r`%N0RLM_PIsjWoAtg6-18{-A~62jX{eadAas8!VJ|mZqA- zZBu=-*8ak9zx!dFZpd{LNbrs;8SyF=d(F^NW`JXymoKezTUiq6af4$tA~a3)%2^h} zTUf_G;0sbhSJpVP<`>V7*G@U?wtZ!4LJ7w+fJ&U z>w~JOC&YobJrVlQqOl)o6uM0Lc1BY}i%f+QuHzDt~lHS z(BCqP1!|?|hEj|U@%jR_Ca|S@ee8Kr0XfwA=h55VNw?2HIjWpPhh+)~q02G^Ugg~X zOiSPlc6OS?Jrt>Y&f67Yyf|QefkeXLBS-2S2NaHZm3p&+cyD>0{w;NI0C^U4inB&~ zx62=!U4>+wQeJ`Te}+6&3BbGBLoUg%cQ@KR3?->gaB;mTHFFGBu9!fZbZlfKWPFqd zply$+I?e46?BlI3GFUin2q<87Hux_JxS>k$CAhksd;_=4L&X&0CGFo|heClg@k^JE z@87>4Me5?Z*TJnE0P@nVhZ3#98HA*;6`dj3K3^3^ock~WrM&JgF2DaJZSqLjP^JwY z3DOIB{Ug?VoeG5@=R7?7=If|2M|na8SG+J&Gs!Q326yHE>^!hc$u2A;gbet%4xtPT z40`8^ii_o#cxT*9=)zS3;qK2I5CDR3ED69zg;F|-^JFqE(xIuAQxT^QvO3JW)dA0G zJ^C60pUxE4S!K;f9OiWgiL8Op$PXV}6f%c%^P$u^JT=;I+u|xPWM@FciF&__Qi7THrV65Vb>*rhm4ohYeU0KmCTi{4{GQ-d0qf18r?o88(u%a(NA2IJRu?|pbTeJ3@6XYp~G8vNdjQdcM3FC;yG zez2N!sVMR_JmU)ds^g+q{17T4qX+oeBvHDAyJdq%OeERfh zaaq|D?q!|FcZMrkiq@-k^SM?oKhAbDxYEdRqLf2GGD@Fuf2e55;y)qJEFkho3ZdQ)nV7Aoi z-;6T|-Fb=1Fmr7MuY&mwcteY`%X}oS^2~pn(KZy$uiE;;5qE; z9~kFBYELFI@Erv@F}ggOlA?a@-W-L)5(tPl5PB_+9dOI)=Gq94=Br#NG3-LP0wq zaS19eKKUXxo`nt|U{eOOteVATKpN>rR46llTuFNn zD)1w&)xDr9moBy_OCGny%>{-$%~G@VZhi&nrz+%u=iGhqNn26fm7aPodD4U|JAA-u z#(c<``%wn~-g*=c@ql`c`fP2&lFI6NSjdA={w}%7mlnqobH>x8e`{B*{~6_axq`gF zN%^U`hPE@;NJl6iuh%I%mUi_>&5LYRP>v+}$HNC86`iw=q74c25g-FD*DK+Xk(3l_c-{cJR0*Vfu3B7vN(j8ct|Y>y z(&+o`>(^rHd`l+!9{G1Ht!v(d^>#D6em54n4sg$Q){XDO?L=*g>J; zy;C1k&elcVu}n^pxawq@Eki^^_WF;s=Ch#IN&;*Zj;Pzt7;=ed4;nS2ORBP)DMC%v zk71*|J+R7`4kuCgWgbe%)e#77tDp+$%rFpsn;SbjgFKi;Q_6Z^-6UVItWqoUSC;E9 z*90UUD$k6XyeY1t(INM6E0^D3L@uSYo%Ome+LsqMJ7Z`u#V9F#HBVBrX7OF%q;*Jl zw;W=EK(V&r3N;Z4ugG<%)6&uk1A7pAR)NlaRTlO+yNc3UDRB`tk5_pf_`#0UmVWyT zmm32SuGPs=p#T#qX1GYG3>ibCsKI}X8d(|>9QP{wg+*SzWNp^KV>PwToNHe6_v40z zevjI0@U8vc^d%Ox2>r%R$i;-uUF|Jw27ixJF?veqsbkpx?R#a|W7LYoAzqH>A&iw8 zcu`L`B|ndX3fc;{9h@aOPDar8^WEhfYHdvUr&G2@_a8B``ajQYto5rN5qf4qHNER@ zi6td?sYAX4JRZXOL8Z#FeUDKAMPkpQTxCSIjSTHpHm}gUPg6SJhFrce>sgU>s@7qk zOgz(TqnOR8{*;D6tgKj+UtrRDgkLBN6K`nve6%hny#2wiehBNf4599d>$zS6<(l7R zPm-MYyu5zy*brY8%~e=ky!lIXr$2%6Zdp(;=bhTLMy%K^lM|Zk(wSM9*gLSv`;CT0 zi!Z^C_ALV^BVYJT_l)yk)4&>1NTkuJXy#r;7FZ>IosgX0B6qVIm^3RUSt~6+POvm_2@7kuDcjSL&i457>9w)&b43~`)Jr3Y8%PRepp0g?SKF>is}%#q!u5s0;W$XK4@M1XJuYJ{+gEhr4~+*xJIG z8S8Bn80~4|D4GfSqRn{EQ)V$y8{O z^~RdeR0tC{j(m}Z85Z0ncpqYLg>odxtJDDreq0+NdZ$VJNjysbsR?BPwF z4STxeGFZfb7}5R5TL=^1FLxi@lSn%T2=;}T@h5gjhEUpP;kV#{TfI;FbBJOxhAbQf ztA%eK6NKXAuy1=F=wLTqP~`)O&lG<+1qys*+s(m1~hg0$El7L*4^8T~H zTnWH#vFF2{K$Z+GGOfU(ka`?^xhO~92fM-og7w8yfGv+b3~K)fC|DT(L2*xpf-@U1 zQq!U)-jxBoz6L!aaEokbV%eqFCi*QnS9;OmJ?Ru16CfAs zjyA8<3jo+D8B6R5WF62VURL+i^&w20rMt@woBjbIsHg#g75rlN>JBTQ;99+0EBNdL z!dRIAZq9F)`dQ=@X3suv@eHxhIg_f)-hh4&>Dj1Yh3rJhR`EP0t3o zKlHh3Hh%yLX4mc$4BVe4{YGaEGl19ceAzU6T8##Hpk4oVME?%${o4`!+a}k) z9Z{H~^52f=-?kb4?TG$;kp0^c{o63xbrk>q?ub@CrXhMv78@3)dpUif^Z8}7PPQFf zdH203v`p>Bj>)_YFHb0%&;9N(l<`pU%8()01gyKbk( z-r9lB9ec4-exqR&0%4%4*u*qbY||i=V3QWJ|1HhHrN*(pD8nr%&v|c`_$v-yr9-YVi9Kaw3Gx&oT zAQlk{29Ed_*$)p69b$D?+`e8&`k6fzC8d#kBLVj9cSES!AWi0WnqKpyZuhcbp{2pI zzhlDv-$B@9I^aHd$Ucy2yu&}`u^B?=me92IrBt+Y4&CXCfF~RN@hclGVDxutH+T!4 zTSyTd;5)`d+2AWLxMzDOU@s@;|7-{$?5yKJDhoP+e66e>b7lqMA#sF{FQ9t3#RWH) z@iW`ziMpL(xlrSb8RtZ%xsfZT@Z?^o4y2!5@y$@s4_fB5VJ zp}zx4v}h&W6=h>V&v)#n{Pf3%1O~1N_cSx3+E#)_z7(cM6Mx6=DS$*Tlmn>$6yKj? zf}$^els5gN*R`dlS0<%0&M$dO1A&fkW7yf_|W617N`6?vg=B zRha0nIz`;vg&FU`olq@^j2@VN9o>U~1ldO?5TXcI?TFI9u+ZbEi0}_Rx~aS}uh=-B zQ^B$2{_s-xeW#Nr4_x8Lo?&LbBF3>l;LljK;*`AnfLcr20jt8^3|-NIiP;<3;imcA z$gEzklERLH$Qv0GcBv*W>}XHk7H9TlW~Mp$lKz=S(deaOEs>37p^eDQ;`9jO2cz7F zKkty2J$?#)Z*X4oCN_mFbopD|vQ_Y${zUzDwqD)!XwaU5i3hH#0+k|pE5pc{rm2GJ z;W;z!s-H5mH6a>G3jJXAw%l$HC1wEb$!}DQKx480k>y$A&5avumb^6aXCF89hES^3 zC$8GAnayMxx@blfx_IlaN@TX;Klpy1Zk z*upBA%AIS-LRVvb!_Wvh;Y>8)k$zA8xdRt3y!=vEYyQaox6vC6#zC-UX}+)+=)se< z_8h9h%Ayx6h6OjgZJK5X`Ci{rgQ#R;v9jCTOeRC^r-DwZJNb#m?tNb|+y})|kHMHV zo~g8igamW?C!a78I{&v?`QIxJa0=@MSw@beSQG=VySqCfbD)&eTzL>@TPoFYj4Fer zL->ds(LeO*!l~O)o|3-Snk#oJ^V!+%E_5_6+gz*{_u2N`ZRFJ@&~VE*2yGrc*J?FV z6X+L?Yh(OorkF`m?c&+>r`HfA$HD`x*PdO~ znPF_%G+5rkdMr9Rx}~M%4|=|&@OeFIw?AxpJ1}hkcBEkU(=lZ6lDo6xnURs=mRGlK zOa?=1j^uZl1w|{kUtQ~9R)5i0>8dY|S3y3A{1WpaK#G(|6I^(RmUe#|b12CK4~f&t1AgIUslS z)RO=hhs}Wmr@B3atwb%#z;SS^EVq=w(Jn$+_sg0Zu-mXLqCh+zm%Cq21gv&d57I8K z8Sp2>_5$-fb8hJmUa(p!sLe3ZcZh_2w%A0--Ii~YzwxdPh@B~2WOTf_M= z&>T6Za51H%Dr-aH)JyC#sMN#$; z%AjLFSS{brsobF8q;9=eS{6nlw|C5@;3D}qny+lh9t*NMld`sn>|Y2*-LA>Z(-w3u zX@ixwvx!q|_rYima_>W{Y^Sjwcgw{*mww6+wvMKAIytZ_@m_Sf2rjV3Bnb`{1f~TF zXwR;CxSrjf$C)Ir3qsW!{h_d>ZZaD-^&qYuOgdJvzm_}Y?m z$X5EIqOZd-hd@4-?XPCSzp3T^(*Mh+b-{or&_~U=Z0LuB@GlydX;xk`an6&%=)*2} zJAKk!;${&=v|=&5yrL4|>58uF>O2@8mzEXC+HIP1|N7=&k`ixUfxTcbuXTCFMq{)> z;eG2I^w)I%Sqwx;%MA2Z*#0K(@ivN|sP~1OiX3?bd3lcx^ZvHHM{OfJ+m+jvo@1gr zwsANi^d`hdt}#3DMJvue%tw_sAB#T4dT5Y>Hu#bY?Hc?u*O&2Li|u&YYch_5{b{)B z##x_!>MF&2ds8FZqS_ZP=VhxI8Yyir!ihvA59S#%G!K^A=w~f&gz`>?GPxkUnhM$@ z61;-U2eo~+8?1aPlL{-`@5L?&Duq=y3Z{9133glaRzxvJ`N~&!j=EL`VVdTv9)z25 zEsg)=1=B533)a^re1^0^q1x87W%x}1tu*lnWajUavVuNBUkF}cpmp-44z6boQU9z3 zc=P4!g*TB`-phEd?F1^XZ@TWUi2C3ssi#sX8)d>1AbceF2rIgwQ+74Vd1N|G*@&NW zy0%j?(eayWY*%0|KZ@a))!n|ES>-FHS+e}bJZ8d264`x}e^!ol8e?eFBuFDDBdyxu zp_{YyfzshdBt8!?q_cx5l@uy>Yd z_`3Inq_}N-SA7$h>o|618FqOcc9Hffkj`8H2<0}K5qZ|p-XH3)UZZ$$U7SH6xm&AGWM*Wt3W-*)6^)|QEji%ak*u?r<yKgoU_>NMUnO;rY%1KMJWdE%M|k6Dm1EE&fv<;2uMXnqFckD>W8G=B?h5C{ zgE&FT2#WZ5eyK^>yh{`zFf*GlrnBi!3{hTd+ufsx-xO%y)k-@C3 zem+(+^fr~?ozzv|c{;n%xspyH{-!A6=n}EDB;p*}L`FRYelNxwVX^6I(yc$vej!*M zlh@8)W$H`(Y{{UT$Uo*w%g8X4;9J`B=naGCI~Fis|J?-MSv!lv(jemwTM&n6=&zge zDlx2?W$qoRW?AA%UR@c+91~H_jj_wCOb;KPY!o&wsDUKkXRDR+jx+-T*?ZFxvNkw6 z8>Y1?cSL=*6MQ>VmV!cpCIs3lsXxqjjYGxD9e{-V<&zp5V^RA%!n_>Ee!Nw@JA!TG zSD5%7rm!pO#c#L^mj8)#oo+{yF(NZ-+bXN4`fTU>ixpR?WO zZbDab8jKVji!z|#lSGY<@As=vw*lh8%Ev#5Y_L*(uW5F+^+RF5hplLQ&dvi~0?Pp$ zfiipn{-YqLS(9%70+M~bKr!?S)f)h677(`~@>jDC$<}|` z{H^Yvvg*~92qU!QPu}VL9@fR5N(2PP&T~Z~CR9&bE@4#vo5y(spr1H@>5RYN3C4w&|80k5|i7K^Runb7O7Bv(kRFs6Tv~}Blt+MeM@8; zV>0Wq(&IQsY4F`hXta5@(-@it=ADwJi&)`~7TJe=!Ej3$9hHjErlN&Z32bj2KGz<^ zh!<9$w@Dm`Gy6R=;tJcPL?E3le>lQVHwLGu=szW-v^jktTp?I`$Xv}U9-;(LuRh2b zq9lLr9QX(Zq_}_LIt5q6s5oF#>2P`vosW%23DRxF4R#`?%8)Vm(Sod$Igb*%JYr_X!iVMnmnlffwK)E{4OdrL-^Yp{ zMF?!NDrv{CB3E_;quHR{388>dfUo=0p}+*PlYV9QtqXIg#_|vxH3MQUAh2fwa+-CD zm}qdGSWwWItpVROs{=6?hyL6yIk56Nh!d5v{`*+}PY7WD4XyttY<4O0zr^YP4XwWu z!uvP0{wB0Qu#T$hZZPXZ!OJfE_#pe)-iv3}tAgCoQTzK~vgF^8)&KdAr}bk$R+FCg z#k|NY9gOKqUE1^s9)BdT!bL1!>+D_{npn(2RTqAIGJU9+z`fgYk^pWwusf3LzbJtJ zyy*XgSIJBjwWkD3ry0jUWJR<_Zi?#-&5HZ_mD#55=Evv?Gn(?Ra<$8o%UiO4_4bpP zAWp)z0(0GA_i-s$*>Em{*n6M~V!$+eX~p@}5#ELbxw|WUmLr^9t6Z4JUGFAKmOh#+ zVGc@35k`Xy)bwnvo-74JhAP$@Y%D_izrEUjJKSFz&&LoEn9j|l{?~I!Uh=){COx*B zgRVY^4QbE#3Cz#1&`|5>OQVe6cFPV(Kah+UW?c$ zEH`EE!z(NizRXoQKLnyq#OXG=h8Tof+kr>DQkTq>#0Xj-# z;P*d;2_NxuI3uDY08XcLNY| zDKAVShOA`l3tF6eznj_bs|6;nr=&>N9XF<5S{`*J2WKjXzEB-dILOy0FPv!N)bw(O zbC+G8LR-RruLx}UgBDj=E;Q0yZSs0fU}wWxVQPoR$qwHY$`~XmMR>ESBs=PH5CAiF zkalIR&%io6Bg5V>g8^|g=;s-@3`^hcSM?q|zFIz)75`v7$L!B3SJJOXHqre{ThWEl z62EK-e%FEXiQ<;J{AbnY0|jNjoRB5nUdWAp=kjqr_Xcs)^hY)Ejc-Q9U2Moktq1(D zse4*G)~TA**BCT8_>R#UAovBVq|#?stzp|8LEDj`g5_5gFQ&sk00=Ok|-u;CG)kXR$rs)8^*+^?9JyQh^`a0sK;H5#hteQq{v;- ziuE{Fv=*u`($Phnd}OtfZiM=-AaZ_lt$<8qGdA;HBYL}yrWcL+ns3^D#tl()uXt<2 z7W?4c0+4TO>Ye$BX)E*>20H&~O9fTWZ|y<38_%(fr9p09jV#`k!E-qK%3b{a9l8Qlp_$?<2oQN0k?^mCbx% z#JodKrzDLyZm&3!WRy0CWrv@!{4niB1KNKh{5d{N(4m4K78Jb1+gyYmlQavXqj*IF#wiV9Gr^QVk-I%By^WP-~iZ(Z~p9HOKIvDZe_zkAnzX8~Q5bPoZW zQ0ginl@3|RrtamHc5e&(_<~nzV=nIGlL98ohKyT~%g=IF8x&6Z;rP5qU!lAFIM~f( zmF|rCz07K*D&(8ce z{rW%I8UOi@EjFPSpQCz-rSt3Eg~N3@XU^eKs+#Y;%w~ZdJUQs8F<)%YnDt_%wrdoj z9EAn-P8IJ&Oo0vb7e$L>R%Y=D2XOxJHel@Q>0?E!6)`noO~^LKz!6C!m-Vjxe(TS#=2tlQSm56C_*esIow@vCfm`RS7Rvh%A^@4jk>UU#g# zuu2_1tSQPvbnCO4&y|sLpzZqvd6~4F~UBz7?Ge0(a~oMS&<^ElEF|=4Hl`YY|#gUpgU!j zSR%cWUh(kT0;=!J(W^7QN5{SAWc@-FZkzG3JQT_JaUtEbRQh2Po>wnXGq7~NL~w9x z-klL)pf-38)O($KO!iU^6o`3}X!WhNHmNSBHVC8jVd;Deo*a$dq@d;_tPV2> zqGt!;*Gi$FG-}kfwt4~vQ6>#s5cKuo#Lf$^Dvr#1-2J9!{g>MYX1mKbzF4bPT&)3b zc~}xcc_|C0aW$nPWuF(~XA?-vGhM6gijP`Bxw7N-!;{IgQ0Y|*>$RPO18!ZWl<65q z)`AP*_I)y#W!bH@g(?5qvm7SPGd@vbx?aA7_$M}<|1DyxiB&TCXDz^g=Cc0@Eh_d< zYFyUV>z|(OnU??R*)E@Hmhm)6Ei8*8Nt%NJ0S*DXZ@KV`E%t#fmiK+^gQJ-i00=5*qDWpSsAB&eJts@G~-w8EDu!PEs zez>DBbHo&S?fV21meCW(+wlf$Q}^8v3Z}y|lS!(vAeBd{{s=wl zEtv>f;w|x|nXsk7OHj-=upc_hBxsCxucxCu6J{OtLt@bq73$Ky8jwMS;e z%~Dac2~HqO0Pe-%>rA$~h@;3EG^zre^3k?{$|a^P81hAbYP50WVhwhX*F@5SPn z0a7ye6`h4meY#(v*Dq7XS$C02N4g9CmsU^taTPT;uY7ivp&dE0q@UUb>&-+2BF860J;da zo;v(uFi_mIO9$_ZrHTnDqO_xOM~ik(ahmO$*`>xWwHK_RA9*#|5>D$&?>;RI3r!?d zP_&M+iI=r7;rSiGC!G3Pr6!TX9JfQptEXL|q)kL~E&Zd3C-yZ>?Pb!4iqqNE&+KsJ zH)v(ZRLLAd-S(!`*O|#>4yfw)RMD7MdTEuFcy%Q&@+i69+#Ij{t1Ib*Fm@z7q}&O4 z=SL@aN&ueHP?=+R!-mWpkiK=*!W!$3_c&RxTJ=1RF4Uq%!9XZjCg$-k`rBe~p8);~ z4r0vq;3AuC-sl4q5y#@newqR~nhZH@Ofs8*~OtRF9IxAoyTnvx%l zB1PMhn&W=F>u6_1b@*wJk~zZ!OFwtOqJV$tVSQ-+*zr7j8}*?;t*jbhWskCtw5BVa zVWdw_)Ni?H1;MrhcQKcG0aV^=*<(6_flWkogJqpYM_BYv=ZM1siDW(>rZdVarns z&3d9Wz00CCX?^Zvy*mpjVfUs!#*=;u@I>2|UH%tL;e5eTzywbuLi>7%{xLN0=1377 zW;o%j`GBqh@{0jXDdUE=onr{6oG6!*cQ`-M8hGD(}mLK<2 z-twJy;MzueoK;H#)7j8be6fq_V2&mFmt6+zun9!W?Rapcx#++bHqbE4t4FSI!Xcx7 zN@x{*aMQFec3~9ImV-p-X#L#FYE_Q`2K)uB%mzTDLJju$9Q}>g`~_ zAnGUID;mNLehh{Br7((FgS`=vc4-!Nf^HW{$uGdV`tR*8A!tG6RgRkTi0=c&I!i{I z|K_#+Z#~uBN^fg_fn%{HwE&SfEF z>au6xzw-pV+jKw{UlHYX{>LHqzz{hp?nJNTg=vbMMkr1~Th1*x1%AMOm-0^hAKJb= z9_oGn|D;r?v{*u@Y(+@2uhmhf#ZoF|Ey~U`*0F~+S*B7UYl}T3>tIlr$-XZc48}f| z89QV6y+6u1>Yj72lke}Jd*^W)^WI*s=ll6u-mjM`#9iVUj?~ zNVbCPePm{#2H2k^gN15};Y`Qq$-@QIju&FLFHuZ`ZvXNF!DaC)i~~7{Ncuz-;)(t0 zBVeUdx)>y6#f-L{`}?b0DanSY)NikpmFlXnw1pfk9Z=i zD5Iadx!q^#f+gH+7XAHxIW6Yf9dZ|(^7egRyUjJD!aCtYonxcdI7HF;X*CsBSo39o z!5J;dp~<`~5xNlH=qp7UO*Xaz$!vuu4A#}1tA=Rkb5WR`RBvFxXy@shmS>813c zRKyTUi$QlxuK&4oS8x%Bk6OxlhA5N<)oQsOK8)!Z+Uf@qi3Rg|&mggTLiGfqD zaloOBYNynj7*18Y>+hHM81%a4UKe(n(D3UaTAtxBdr$Uh{jaC;fFX`@0pkHnh>u4J(!AxAS5vh_EH-A(bzteKVKxizvu7&; z6Y4@$m*M`GH_Hu-(M|_U#Drb)YC14yvi~eLm;3PLRMXL2R}r`a}s=xyW#9wSC(440IPbKcU3uWjYGe5GIB2Mti9j&Saf_S=|Eqj^iE z2t<*ugl2tcKqzxinEj<>XMJ}!lZ6pZ3kD;kjG?*iTvh$Lhdg=-4EdD)m4PPB(n8=A zc>oh+o)B}n;tfiipkPvPSW8bQ%f6%;=JDa^bR3&z_o*>w+hnKB>vQ;=2IbM^cPrRh zoV!uEr@ExwLaOPqYDr0$TPqyi6mM(WI5Qv6PHxoUKI9kfbj@U;Po>;uy?c8UdMnXY z7NVs|Lz(7&v@{cW6%sFrD_VF%cM4j_sO;Ueu7ouXC9sGSo?*psNuqcZZOG%MW@c3q z&HLAfWGEm}y^q-p0%;hNJrqZsNrSK6CuPT_u~z%0u~e7q^;fl1x>NGgWOs1MGX)A{ zmcaCK4z}{A_e8+fC(HX&058%%Ofc8()KR*|T5auwjAPS?IGv^>GKIbw8n zD2b6t-!`J9gT27Mbo_J5I_kmz=hXM!S@qgR{G=D59=mg=hdI)y6V`2YZTkuwOTIci zobkiq-1g@?;5I(hSGEqX+0Bi%Q|Y3;wa)t@8gLsSKC^H!=Gi*c#O|8lt4};8)E9=X z*LKJrSi0xI`4zpSyimz$LGb6yeS7%eV*72Fk6EBxnLc*Yy3V&y8JzE^ir!XNa?BM% z3{rie42*fz9Xv@wkZNAf=E^l;gkW~e^VFpCSBw4P_h41W=-1^mG1mevEQjjTw{LGf z4)PXwP~@tIhUJNJ^d1ZTzAsC5J+y!M`t~~Stpf0%NarFejX&s$_;8vL?;-8JIG*`= z&TT+%*)>k=J_7Ox|M^0h!{6Jqk_+%(zV_{({QLok~%wfrZ7f!tEMv~g4VHELQUwm^Q|68Q&trd~=b zf3U^W%zB6~)3&)Io0>nBIv6cQk6-#yQcfV51v+Cazh8W%(F;BXGD595{vP&FlN!gx zUXxV!iKfprLL$<_eOyl0BFxrTP;`?s^ayLG{edR}2>G!uMcv)vtR=uJK6CFL#eHnJ zKESuvx3BosRP_wK04q;4=>2SQUVZ1>a{|)OQN&=cx}`f`e(rqf0R*A}##{Q_MfWp;3JVWuQ0z31_e0J1K{`NI`^d-dtX`R6G1aT=~xHK z^=5iTCWt-aA9>_aoGerPe7cA-Umvge{!EdQGn5BxbMuAfDkb575Q!wbZ;2BqZ}1@0vF9e7 z9O7#@{%*Rhi(n3lm-){qElz;a6eje&i*=9pbWiRvZf*>*SV!|{Q1B3P{M}Yak~~e* zyBUek7%!GK1KbrY!O@*+qCXU$(*{Z~ka<`|MHi+mvQpSCML`z97jI%DGMCFWN28t= zc9~4RHd2lsugQq$0RGlx46_ys{a+)uh9UT&22#?iz1|i?)^3ty} zn|b0LfIG1+t0PSVpZ7dUTNe1k;PS zt#7^@J9_j;!326*ZB%zO93^hsj7o8-3hS&$bB$=8P_CYvrbPT${BR!lA>jq>t@GNT z)>rj3B_v4SH+0PDSmR)lCI-u0`Km5$L;AX+D)Zsc2)Md=-I}Q-caPz=j9h*ekGaV3 zz1~~4zegk`>bol}PK*j%vcC|T?g6qWA8O_C)2<6GUqG!Z!_XnVhe%Wd`Q1dROcr=? z-8Ko=Ka5;^@(Aa|5u&H{(9{0egH>2f1!VA1{whWC7k$4s4C}EjYq)_vP>MvfPc6)x z5+bCUG+jm)Kiz{Z&U3u1l|55p&q2Tz=)d|XHylOnZrg+3y>ZKqIOp^0Yra(i-gb*5 z$JPq+K5?>z-9LB8v~{9yAG79;)|9BsUd!~pj7oBm9GAbsF8ILgMfhmg+c!6B3T^Mi!@c-q-*?hU#Gbo{PRxZLQ5&@2nNA@hG7k zTv_U2j&(Y3Q1Cls{-e9sv&|ZfVC*Ysg~vpn!UvVOZoE5+*CBmu=xo-0Ss#2HdRNj^0(&=BPL%;FLc)44ojWUMCY4XEKDZfPBkM=?@g=zfS4&gbEf=5Oa~+A z{JM?_XzT%dAd#y2c-W^9>~e7mi_#v^6nsOVHJ_QBL*z|3=6z9jlo-$XWA5>r+q0vE z7YU;R2k8!s;g0b#D{@H~{t+J|4wZ`hb$!9L(~B=Y^z+S9V>6gW`AT&4CE*BtE|Gq`Ula^YH5Ufs&tM0h7Cn~8ga7gbAZt_* z(({koFRGDgfdrguZ_736Pv+Y0ULTH(Z8f+vFGf3Ku}}Vxz4#qXLZ=tyvTae4)d+cl z;?63XpCk4_QldCALQ)vx&#qs|m$yU&Ul1%|&M%lGySWXzk zr>Il+({XcuT#6HHli^#J+XxNfoumG*6zxIEOPEV&U??)EfMh=Oa7?jxAlS7q-yY6& zK{KM41vBeYxjMNQ2X;KPDlmZ=WY-l`XaqCY<)lPC z76dVpQD;qe)W9HO;j7jq|2{O~i?mI5uwa|Y`Zno4XdT8X7_HY1tVhR!-U8>@5QJTC zdHe$tPAQ3ih~vo=HSKj>n^&NGvlqBGaps^kr-&u%sB2FM;#Ns$7eU;Fo2y=6%;4IY zq;)B50+cY9Frslm0<3{GpTkipN07^TsO0iPabqqP@f}K0q$=%oox>IA9GG!YkIbQS z_?p~CX|W~a@KnXd!3MTKqo!S3rY(Onr!fe&%8~%v=M|LKZ%*lzeaOkP+u2b904$K`=;bssL%I|RWpmIhuEn0xbZBa z>FJh|cvxsd)`qF?d~zOLSY~py#M_qzYg?TXkff7!#SRV1Nco?AsOGoFxZ1BYa7VnU zF#j(+{pkgQCK8nHWDa6|*<(7>17$%3Ek>n4c2i8(mSQ$>Mj|EZ^!H<$4=+@h5%z;E zO%xPU8ATGxGQwT!$na7F>Xw4e;0l+)+630!*%jmfuE3Q!8?BQE5FdEegL@J;IM|t zcqjv-+iGG@b&@}hHTjS2h{@N4?)QXP7T6u0?`SO{L>f#i*t;}e?;3J6 z_@%7KVv`iA%?MN2#X)<6S>3!bFQxd>R_0%*T%7~<+d*+_54cH07HhAiI=i*mER9{- z$n8!V2%ZVxF{~-{EQ$Q`=o{rxz5+dMIBXn&Fiy8_*KV}$6S8hlq!f2k#vUCw^~&O- zyUM?}7CoUp?NysS<-z|&%diU>xC&dNmmE_qW+H-JJKe=*?#0(O9L+u+$o4&VI_{h& zY^i>Rz|icLCTJm)9yb?>KBx#zfw@)p7b=(h$qL_tR@v~u1}*f0^AW@yr}U8)wui$? zg7y>SCovD|R84Pv)9|Q-O?}i-3gPLQpsQC@6@>dZv6YXPW@{Z?T2)>CJqY|s%oE>% z;mxKZJ#L>mg1F&i+1|mm1&I^r<5H41z0FE+*KfkGB_9WWl{1(@=>G&9X*rJe^gXwc(!avWMLl{}; z_~9H86$)LCT2gMCI`K<=H!(FFJnd7Gky%`h&R_e5OYW6(qm{I^Pd_&_HTw7W-}k0@ z?e8)`9<*-0o^$V%Fd%8_CBQy1oc!_{j;Saz{G9Dprgb;uJLG%>7jTe&>+k<+ildN5iGPvO>O8bi&B=C)_{B0IQ+g?VzUVmJKzb;U6Qk=6cs*#4z% zr%S=LeJNILt-bOT|9$M-&dn9inhm`k0lQwBE4)CuFRmy=sET?&FG<l@wE9F!+Yp60w{@O9JG_xjugx|4R6Fnow@Rm_7=pvE(4S-Gz{Bnv?f_t z&FqvR6022j9T(kAqu1^{oJlCNsxBu=m1v6Qv8$s$h-7AF#L}CwH8D}f9QRrLX3F&<-@jZvLCR!Qgg*8~JlOPN9SNg-K^#wg>vFoIko4*iB3?dMotL!5OGf6@sxxCP=g8`wg zGfv(`j(BofgEWxC4t)Z6*Nh`9xl$QYm$FmIlj4asnS&OjS(u`&-f;=WK?h;>m3@eFSELMnUA(3Zz@~j;AXq$ zU73V)qkoK|46ad5TUxhsg=ShKD|K*&nik^)u*I2xX}w0R50Ag&+H+-fFKp0a0rjjETY zvwXilpx(1C?i5h}y#BOu&WGg#!Mtw?!39{%M4^8;ZYjXP?ZH ziumnmEI}(M9e4PdHkYN(*^?Ye@~wT1c`lRA1y3z~{BB1PcYb~Cf_SYW zF6kUTwMeIH!v$j`{i)`aXE+*2KsBbaiA^g{ng+rP>kACHl?uij3xo(A2cFCI|O-k4)Z!B{aWGP_JqT3y+=`S%LBt}ozH4$j~HPU`#5MX3S! zA>Mi`yizkjgV(b}NdIvzmy;ym-;WD|<;2-HGYZyyc>q*bD6V5mt-Ttt)^h!LTr^g)H$+ zv3|Vb>v?tl3ddST2j4N*2cqAXRYT)^kW@z0>Bh*toScgx49fslp{SzmY3K+dp1&3T z{&P_xv@sXt6t%OglLj-!gQM#et-ZOPR83 z^b2VOg6)t%Sv?+2Dnu?)QW0jWd8Mf3k~^|xnAAmFxtwAU#Q+<)STQ-UKGc(P{yR*Ts^0?))>LEm!mK9 z!Y4E{q$=dZhmnI;GhXx5l@@!g4G5n0`BjDJIkFIMxw?>E8f{pjs?snVa}ISo03ic+7QT$_G1_0y)sS=%>)GRy)UpO2?M9F_D770 z`mBIy&tq`cEM+!T_KYmvz8l*SqzG9#CHwy0tbRApLt&s6kS)TPV+QovgMIG10^UcjnWf_sV#}>hxy`=b8%q!38 z;#54D6Ak=n8IvFB0~mK%Bu={c5L zI@-{+O>!$C)eR;}Of7Kwjmkw2xBH6fPQ=gFPxN204}ZL3=1&TEj!_MPtiUaT&bPvP zYG!M4ji+O8>#Q{(D=1iFMUoab&9i7uZb7>^4hd1I@0_!^wd@#G_3suc;m0*B+iUfe z%k!n!T3dE{I91^&icfZJeSTs;=Ml9n0b6$L+gsWkb;5g^{y@;{eVWU95KjNz>9*AZ zL21ci0b6bDs~Re)_2P4!+qBP2o{RoMNMp(b(gjT4t*|Ihdi~$od1!*ASESs4% zR)K2x(>iIxGkQ&}Ek>eo)lE6%5wr2E zM(W)2Gw+CZ9|ha@oKP5iBkcK@VcTBmqpw0=T`Ks)kkt99wx;F@J-5Jt9=k)RZWY1h z84jJiL4JlcY@A3mA~snu>y3T5dCI8nz#c+N7N=&d?1dGY9_Q$pylgz6BX?LPuQ=`Bcfpey+Inp1vrkjvB^0MKe8t_mApF}Xl~^; z1SzH`*Vgyi8G=&`{LiYN95{7Jid#Txf9_QFmPfCC9zcZ|G0{Y5dbGDjEEyNzd(QIc zPt#igkDu>PyRCL0`OCTxP$~6x2l+dNclRndAD4yxdH_p9Y)(ODj^H#?$U8VBkGu*E z1x&dohQjOmpRY|0WhqZ5VPPE(u80faolf?sna{32>gGR9VbTKVj;ooB`e66tN;S+p zD|C?U4!VQwN1;xI{{t|fNl~xwhmoY|!ubq9sT_4$WMF4VC)`7kzUed={}FgMv=CZg z+g}B}i?l2IZtVOF|GZ{^4HO%F4J_^o9`IfF0+7J5;cfR5>X{e0$0yc?B+5~EC<=p1%7El| z5+sUc_ZvI^Jaox2Y50?0Z_hI*uL%~Lx{JU)-$-wsvTJRpzG-U@R6$x6T2K^dZ`^Y8 z&!hbQL6C2mx>c1_7oR6eO(ophcqXfOP@K`1I>XtKxG1~EHQiMPEkQMx6^|3pupJwJ znx6)pXD@KTWGT#E9{yUN^>xd(N5PJtpTdia#oRdlfUQY{K}CUhV3CGf=iLSezds11 zOWXdO5B*$cKOHB2zED#oe0tb%D>o~1!;QZe$Dcu>0gBMHTV~t`(j4UioN%N5=|6AQ zV}T!d?&D{F@!W1^i?x=KZSVvmaaw-lgGSN-Bb|&+U%7Kv#NhD((%U8XBalh6_tc04 zW|_l!Og269v(i}OW=(2=pI*#KYXbDdQy=&dW@uDdfBM@fEgEF9tBm^;NgO?-V;Z|8 zLHw{RVOGgdm(dkH_-`MEAR}ND`5Tm?xo`rAnAy*}R>ns{)A|xJRCUhFwtpv_FYR`C zuT^`MfJbj8wtd-6GkFn=hP<2e^WW0a$uE_Gd}qCKdUIU!=`k5A?R_8zB7eu*HR9u@ zp_Aa3MKV!D6{!5F#6*g!L{8sO;u{nS6?4Tpf39!#lfRN*ipNNznA3RA(4G9s`yG4s4ETVvRZmY}%{i5OX{UkEU;Mo99ApT9IPuI!w?i-gRbQt<@hor0iQdmYur+Ch$WOvah#Vu<4p2Cjr3!vl8!lI8*)!sjP}_Fc%Rm>%-?Lp?)!gZ#Q%NnPtHSA zACYswsE_Kh6D89fPHlaS%il!Yr$Y?=&lE_cbLPsf6LM+ zwAq3LEWO>zR7z{)Y}D-QhpdjctbO2F70(%rly$b^X@B+?LBJ_ivnNh(#T|TqwMmVl zJ?4!8m+|BFT*uh_I=s3wirO+5@8Ic?-}|~H=Pmlk?HyK@j|$}bN0#aSyx@}^EU_E0 zAUDvj$D$_cgv!O#-S#KjFa=C5(E8brT*YWlS zT+j_Oh0RDxPEaGrk0@oIw^4LHhRg(J25>Q4P&HZ&!cns{f5$?*t4)8WiQe^%g_=F+ zuxQw@ON{u%yX<(V*;b}AHwp_qYug&0&#UbA-oh9F!W@@prRfgDo+>Q~DLu5Nb;vS2 zmjLUa7AIuDDKIU&T*fo%?5rToB?IRWZA}_ZtHxjz-BrTmP1G*J1d?Mq;fBEtX%6i< z*04Py8ID?nW^IzRn}g!SpnA#s>uG{#O{{5XLE0|sg=nY|^q>0$yp5Y`p8a1@*1scU zp60s`xsarGm(y3ZvLiYqP)3YxQrfzEnNw z87}jJ-sIS-+0yXyM(q!pM1t@Q($XUG)Zo2x<_MMG*4EbUS98rVefi&k7AI>%tDOeh zqlT2T9&WLQT~wRzupL8le(JF!O@*cP+uw5(_bv`O(W?7;PMFwyvr@YzsNj>)O?E5_VfHMW8vjbaTw99u$UX4YO%{Ihtl%`6?h)yr^!D zrmmfffBV+U$^iLk24YrML{RnwrsaR)Sx0AH)Z7t|EGOfmi0rK%Aj#r>A@zemfcEoQ-oBsn@Nzx zxszD%Gjs=nDD{manJDv8R&7;eVB1|ei>CJjB5kj@D(zR56B8BRz z>(z#6K~zh7*B=qhd`o>}Z76XNa|M>1x%s(vM40Q`S|!73 z6Oxe=AgjS*Cp@3St3LF}j@L1#vIe8f@>S1mc@AyB30%cp+rDg`GXcZdeAzYNd;2X7 zfIyvB=cdduKV{=rYYx%VQisWl*psB=#l_pg+nC^$3l=<_JF7F0bDzu4;w+N$1%b6I zmjgPPQX+*2FMxfJy|1iq^+l#Uw&__7+=c)LJ850OBtIJdRv&Ca9G_>8Q~Q6~Y#Hf+ zYw@-<1VHBwB2zw*ZF2}qd}`YHByi)G+>cd9#$Y}%U#!e)cWj8e7;gS$2UmYCSvr>l zV)S#?@>N_ZV5wr@!;Zr+TxOCn_>{3Y$))dHdghYUrrRC7;lx4|Is2f;c2(`ufc_pc z3|$GdEJKq5(;r)qf&Jo1Nl74GVzM5pADeNg(@9Tw^wq01_?a_=HJ*0DcS`~n(AnAS zM0L%g&TNvOk>PM$7qh0?!z=0$;sPSM!*9cfz|2|M4~>rU_fGQO-y8zYte?J;-*&18 zLl~A2pa$NVZnY;)=a8l3()Ij6q!D(a%KqrH!f8h9g_~IannB6Z?ZpssPtUtwG8qq% zhM$z5Bz2>kp30mNDN63k9p4k_2i+aP5*AlWsy_J8P5xf!>!(m#_d||YFZ2*0B@0qm zjqNlM%~y&<;yhO~q16)o*TI9J6f+$cKL3u2Jh`paI=Wic+I*janQj(vU+kxQ&%dD# za7rR*)aS7T6Gih@DJ?BrW<%u%xh@42V)*EAEyd)D?!g4&P3;eIbMhTkM!66XX`^@H%Mc z43HqQUeXpOu!FyM+v5 z)34Iklr0XOqcVuhrp->w6euy@8U?ov8xLoNDl(`d-1QiYqKcdo7;|@&C-($C)psW+n9f~>$GhuoPcRSjFon7tH3xV>H-=zCRgqASq|N)%VsdihYH*6W1#Eb} zw-QIeU6pXPa3Uw6o&El568d+n3Ve4yN%^|>kBVKhO0lUd`K_!kMJsei>}N9bd28|j zISkaek)2kqA15l?Fmul`kK(21T) zYpf#<5{>BHq`c(IA2F-VxqnihF9I5wo#Yit=^#+`r_vlhl%%Xc3;F9>({4?+?j{{H zvKk38UnOpFqCgzyTVaV{AmxLdPT{uyyu80At6}Z=5wspgADx&|jVb`yeBbyK#2F0% zRfShJYN>z{*!Y@B{u;(j;FuXDYj>~Gf`KfW-fdh;ABOKgC&GNpR~bhw|$`Fo|{I_!lqgQeP)FZ-JjafF-{R~f*EZxeFBp;wXr zlC9OJ{IhxiBLY=Y2};p<3bFuMW`+gSt&*xZ7tc$yNCrC2SaRY4*9B4$Blbn)?5#<@ z55YTrGXOWW?0v5DoZCdEW>JgJdUPz>m+mKQyju|kbM!Dc$0^^DX@%3z^1-`KRFb_p zJX)*{gxo_BHG&8@>s3rEhB8F^B_Zx_#z)?@1ox<{PeFZivOY) zDxg@U$g#LCupb)b(Ad50nsTf5kE$2d0+=Eg9P?ruH)xhV{0{uj^4JGAxfX55Kgs~{ z5eY2=W{`STvO{jB89kAgTrm3Hehu)O02Qflo;iIROz=?dT~@YoHS3eBm67R)Mnxyw z;3Rg?ONd#qih0>5ZqaAJ0SN;s@4F*wq}OGlQVI)Mtl{}epxw%4X&YRo6&d2tJ)4^b z>tnHyp$}5E#Tq4>5nm_Nf{z}^hZjwWnK#6RQC_i)9=Ww(M*&U5V=){uHn&`<76$&M zfdY=~N-nA<)uF6GdegOsZY2fjk3Vg=rsdupsMpGOpbl8ANpDq?Gx)8ZRc}!w^&iIC zwR^Y>^2Kvli4#jrUUc9me;>?8DF>3>?+_T}Lf%zkklgsgq*v{doX)Cauw(AYsPV6T z2?A`kiy4u~#FTm6BYHXM^)ls(N~PHluUCZkGLv5r^Iys44!WJkjGA}2T3ndF{m>~; z!O3#44qbJ-Z?+UQ58c)H`Dvw?D)+vTqWckK%j)9s`>al!&e{32qv~UQPqV%=u_La`pclA_gz>UElt7}om05c2N z4|mKW_2r03Sv}{ptkNwyFN%In|H5R{BU#zSG4rd3j(Aa4h|6<_(rw(aSVdCd#_sWQ z5h4@6daH@-J9N|g>-F%=XU+wr644Rn->Vh9QJ>Ls81>K9A@;1!n2GRm-pS!%a_pLa?y8aT}xI+BM)$YDY(3b!jPAB0sb-LX?}Qvygx-*45-OA&R7Ov$60B) z4=sAq60D|4G};+XTDd~(o}x7^Yb6pwrZc7 z?}t5gHA>RUO0KUg)uZltA+$9-y*gtI^?7)%O1p0c4=#X9CPK}xY{CnM6-u>?lE+wW zFcbH`Ot>jEYcHhXGw$}=t8HC{3jYKs$|xvrUD#R?+JID`(1{4!=irK7`BUX~hDiy8 z?&BJ`vt}8aVwJt7`TXgx6`?MpV4d`7nedoKhk)_DQ9P z5F#1?om%@r-9Nra4C)N{W4~_byilJ!EuI$eu6jFu*4TBib&ed0U*P9*M!<(MyK%4r z1#8q)rdk$%Y=5YNi$j9y_}P=?Az1<@O_Al2c+|Ovj^ZBrrX*=Cgq(ufboIxX{mt7; zP}X1EAy~0~Ql+Q`V8qpfJC~lzk+~{`;xS7r zXZ;plPVnZy)hQN-5NFgdD9WDuoZik^2h3@aPh~bVy@S23x*e=<0xDJ5s;60{&EyJXEwK+CnfB1^IYe{wUPnc{mrQ|fZZfG#v zg3QIGC0o`@4e(p>tA#zG?}*`4lbP$8Emf5&i4Jn*wb!&AFJ-n7;YGCRg^s=#KlN$O z3p=-O+&|neux;3tOzGe-K#e9YJ9VK8?M`nF-yCo^9jlYla-4E}^F%yi?1Cc*ojZD{ zFXW{`YQC0kuxn6ra7BbEv+%g;`qaQLxqwrky9K$I!)b!%PKFPjdMDL|B4Q)e&-m?l+&kwa&HVtJNlK8al z9@oQudCDW#E*LJv6fT+_W`TURIMe0=ixmr81bGR*GPZp^RH^-(UVmNyTRZp(3iB;S z@$Mm>ZNuWv^$Ec4=pJ^OxTF@6Mc1EJDRRgv(shYwKrv4Un3P_z<*}%NAwOfe9u6Kf zzI0B>wd{FIUF)ly5fEoXy-f#rDRH%LzTQM=;)uN?re5lV$%Bx3Jfw87ujo-v^G26a zt7!mL_4z0Ew;D?iW&Ka8YPcD>ry~CzQixerZK!I8zv5g^AbH>|vScQIi5ejOjPp^Y zJ)-VFtv`p<=^Sc4Wt4*(Jv{zp$6#Nsm8AHGkO)GjH)8JexE=9nSjR6g6T}86ZT!{-vy^JAztY0RTMt?S z7Xcg%I|qsfyFSAOix<@lracd9wv)~sU4oBoE}W1Rxc4`xymITT{8LmLpfwHa1KFdD8}25sd|}l{8G6I4H3fO2s4R!qPgx{O{Ej#;IfnO_Bb z+c+yZfng>uIU(x|e6{TTy?lb~d|)t(W;MQn3}!jVV6IXXT|K+!r=p$%=h$NMXY5IA zZ_7>Fh8!ToNn_>eQR@qvAKM0iV17@Z)mYe~shNy?Y4jDcW+_!pmhu$j3 zdt*y4+1y9o4=B$rh2G#OzXX64utvZtF?_ifRK*>3vbEF-t!22s5gMb#)T%|oD z*RG8ZId^)WR`Wk$WQ^&gs{3r%UQ}jf2=SPPB(Swa2cj_K2>3oFPxhUM&XA;UegP&C zXLI2vje}qb+Q9GRjz+Vrq2xJuvI!g^jxcRDxrjMqW-u_sT+<3d+sk2<%R-J~$0D zjm_>lE2+|dQM|u4>HBU)v2QvD+QwVUSiAHLwM=0&Rjw1G+yeaijQVq_*@s?j28Kpq z2Q;4GPvd!E8*`-uAx}#DCixVh7w_R~Fs3(+(>*_e$g`zBGu5$k8vdG^8aKa@{mki! zVWJUffK7$7c{#skXP3(9*dJ!y2)e)NepkKc=fGKBDrFD)kJbF}C(F{XKT;X=OfFT$ z>WoqD)Ski)s_=FZUJJNkE3s7)U=JQ20mpaHn>}FlZ>fOyAtDE3UPF7y1MTIP(}!0Q z?f;8$R)gGhZnu2Le5kKsGl#l;`Ek?9ipzJUDfQ0Hw5cwH$08KQ*8VShorjRQ;ir}p zqz^%6$bB8NAK+&-Tg?MH^a8(;`R_qy^_({isYVTe1c>rvBxiNowI@dPVp_iwdVFOw z+UxWAGLJ~dM=gGrBhk2|)6nMBpn>k>O4a?~qIv)$dCNSd_#rjjj z{^Nr(nx07lk>^rhW{RFrpw-zSH-b0n{8A*B0W)yZNmsDB(q$C3SiiUBSajz!JLE`H zb_ZxB`$JpsIDO!@9BSuy0l~~=uZXS%VK3<)j^Z#dfmSy+%8|fAlknwN&v@R`h&B zi^O>>`I_o1eD#VB4L}`a7cgjur%vBC@a3#th$Face8{!4_UIcN$CFT#MYrSo7LvXC zo0hLk8{iDB{lOi+9>;ZhCmi=|u6FTrHN#6T=Q>BDngJuZ47@Y`p;2cIS zK6ol-INE+cqY=93slV?>wIjNo@sTGJ`Y#EwD_UOLr#M*C5E(dTWoD&Hm6_`xiyJf9 zF??iYqm*`i*tQBZ=b_3`1#MS-AzBm!fK6uqs%iZrw)e6e(k5k3NwJoUN<|39EpFJ( zGo4e4s2K!ovqy;qN5{ams@YT{ zqfxfl*hQC5DPw*T#3m}JT8hE6)#DegYjKMna}en1Up<|;FfiNR;Y#qd&GQ@-`Z(+~ zv6j$>R+Q-{LMGqDTk8GD8SRhc4>PCh(~+_BGXt4~N2cG^yxEorrKoG~LEQTK@!H2> zAGO$at~}qD)BWItlSdFM)`@cw_Tl%%x(Fx z+dZ7HoMO~qqf6~C6&DeC6BXi`9`1L#K41HAga?WRr%So-V-hk%0gIo*=gR-YgRY{GS{#-PAHy)}BgiEJ?K> zJZ@>9w<)fwge6;%9_^JLzPtChjrlfqaq-P#9_N7eTy3%sg#w9FM}Q(KjOAzioVfZo z8zIP}0q}U-tNW!vg-=Ubu9gs+;!OVDnxpa#NglkJ9W$)=kzzM)Z1ZSF^SN}1(M>DN zc6!4<(+Lzai017~NjBgX*yrIYXqRWxTb51oVz_i5U&k87cV$ARKTH!b0+n)#Vx>_} z(Po}maJU#7@imK0bapB{)wn$eeOhTQ`zw6*-B~A-se?wMlE43uG5q{26uoEA34zd$eoVRDSpkL>4XxNo@z4Hlzg@-+a4^(5i6me{#KV|K;*INDgmp zusYv&hQgpUM%LaO5XN4lmV3AnMs(v2&?B<4%AYPOwtee_X{5~>J6j}S(NqlC=THOQ zSZnZXLG?aTT_0j)r8L3?c!U-VSf%p_vF z|3kFYs~ESu{w&Tj#UJWDwCiwJo+*>-u-r(;2q)vAmjto5XRyx?yWsntEeto>6Wb7N zg!X37-#jDedvYof#UE~pk)yn2PnLiT7%n9T%L)a;WS%Bav)J6%3O@*_fQBCsoQ33( zr-?>@&@xApPEhu-0pct=IDvY@WDb?xXov$8MIr}YwidJIgYrdhtj{T!^?5d%w(Vkw zg~RbdTsSSf_E8fV>njjXZ}wvo?+$Wo+f|R0;fDe;@feU3R_vHhX%D6(JN9nlW6j&Y z9m4&)g$fKF9O_ClZTiCEr%Hfl?IE|bX_)H*+{uJ|&}aik6y55@2=an#4|3Ji`8QUz zy{RTx%$wvJ%7ibb5pHhVxD?*T5tef|HXW2tv8DfyBlw$RDihY2?1X>3n^b^`JChZ& zEz-qc*bKif$uaB-3HU=VKZuwoc;RMZZrb>gy=WPxhvq*qx<>Kb$OCDS%MLGYa!;L9VI?3Q3DXu+pp;9guphh02?CJ|5%96$nWS2^D!q8(y zDvX@5tdaMS4XysFgiBW4xjaFbj1kzp(8}`rh)n*QigM3dj`C)YJ z(K$3N-XZK>K&XiUxA&RqfkADTM)%TZd}8hkvwOu1e{XZ@4<}UdRpRk7p7NI^&u**RxsH)eG5QB0m6FRtKuScB zf6XdK#0Hw%OaoSb!T`%Rq?7I5&|xVRWPXxiyX@@e^z`U(UEPj4f0O77&e8;u@2msA#Au zRsF)ia-_xL6{CCSMzP!H=7xltWc^RwRkotzEm*kmDclhQh{PYv5l%R`GvA;NGH|H_ z)}SahGg<%I?0xJ?E-{iK(k?5u~(NYYmIfjU>lopOYu zG3u|z>2@B#&5d+ARurNq-xDevi(3FRrU<1lCrHz7fe06`e_@X$^l)rW9^An zL_OAGKmzI6dCVG)lG{up;P#(Jz8NJ85X%6z>Vner=qA~!`Fz$z^<3fW$MngYF&H7= z4MsG?(b;@+im}+RI6AXvrmyv3J#y>cMo6bBN*d}?OH~sql7*F1v z4u(fJR~Y8qINC{@vj6-?mU8E6@zVj8M=W^#jUz(lDr9VrR4xSJmnJ+&XCoC2mR9kf zzb81Jt_(eVz~>|=qZe&UO{$$LXYQReSjGS06K#yUJ|zyaF6b zxyF^B>X9yV&kD(hC;G8@U(?dAlJ^@mU0ycNS6mDG$7sB_bIsUgoGuS%HFgtCb{^sr zn-3G^{+LX)(s?sA>d0uF#QZ|6FJa4@H!(NwP?rlyduGvP8}z^V`8t|0NdHOj*P)={?Bb%3l={ir!e zO!vENU_53Fi{@Ls*m2>bEuC;mS+zp+9r$s+F9Klp#e|DIKwBP8b{Ho{Z!W-ULmzR3`YNw2^T9=w(rdVCA3Nsb-glnB= za^J>URM+B~{QNPAV;pznw?hl;9H1F(M*ZOI{0ED3(>T9wS`UGpYW9R=7juXMy_Myku>4S%fCr4l)q7NoTV zSOidi3_X9WYq97FS{KSf+@cy78L2#zl$K^8A!(j(D53vPt&0am?-q2Mh>MGZzGy9a zCu*3((z%G*H6*}V4tJr_=Js}4H8r)G`g)2(hYsCTRHTxZm%pi`v00q>5&QBm(YQk|eg&Y3^g$}}qN z!*xR17Y2)<7v$HwREUm?zPPy;VMDSvjK~HxOWzg%@2u>r3+Uw4)4MINP*U`U-1K7n zy)}Mz#eur58`IL7n;IyAFM$6Hb#36z1fQ#51j{CMUw-ZG_d>KbmAF~1FXc_Nxr`Xu z#j(z$dkG#^hzG&)-aeO-3rYQgLgBO%5$4>%~H|9j{+u z4UhzdAD>ueSmm=Ab3k`Lj*t$bRm`7Gt{ks$u#nMjNgMUpZ!+5ECme~2pEouUyPr%+%ALxaL@JgxPRHBxD|GuWR)sO#YMqZxCv<{g- zLPA2-b2mJs=^n!^Hv)>e+?U7n-v^9FY3}8xZ;%-Wc zFmR*P-kUEL^5hJUWusHBI-l=={M>|`9;eD`q|m~{Gb(9krl$c4L60WG@_-is^VosA^Oo)xG$nn6Z_o#lC{@sM*qw8iVLi`|r7`(3G*jY>Uqcxu$ zCCHJP3x!cp)Z`t4L9f&BVSdX;e;a$IMUiI@ecL1Ldf$rQAFK_Bip87rG{w&dW7_Ye z8>+EbEfvxjmM(RrlvS7MF zQ-B$F%NL!bR5Y|LmLD(^lW$6eF$Yzhxu_x1qJ?OL5tnaDT>To!BC|$pWOk=f# zH#9ze)ZI`~!`__5t{w9}B^T``*c0Jz_;_gYu6rso{O)%gq)5{FAT`s0=!us7NEx88 ztAtHW@=XcpiERYU{);0vH1^SmHI3bz`=h6`4(WkUYbzr#COq04jr!V-*CDRjjfm86 zd#}gqiWMrub?(1`B$5$i;sourU|hY8%=xiHRIHcK;5Thyrmd64?`Jo8O;6y4U>uQ9 zXIBn~@_44hcRb)fvJFWuFBb+|(2^eV?l|)PhAFhkIfpGz z7oznoFZ~M~E<%+6I&YRCnsZ|`SE}SmOPJ2p;?SgzxjE*Kx4aEvxv;XxDZ>0fn%aAf z`Mq)MpOx6}E6WV{dS^>Wan20!0T=1fA`mqH*eqeSF@%NQzDh9^0F~FQ6zPNxzZXm% zQxWX%ixQlbQ%YyJ{uO{)(yeSnZzD2Mb``VxJ) z9SG>*cNr0j49i#J><7csxrb>^k8xTF88yab478gr1YVx7Vzlr2hs@o9US&prr8)l5 zUWUh_+$16Wi`9v<6Rv`aMOA%iq=64E%h}suW0+3}yecGc@q~AIxCTBJx>dfVy`bPb z-b--5`#^tj-nC}AWGIf6!F2XnOb7 zaXRav?Sy7c-F)8@tM?!%_!{0tU9XFxOw|lqd75}tyRLmNiox*NNm(J?o+2N9(+5IR zr6-ci25Y0@L`2!b8o@+0tAhtLqbLgl@LZGQ!eSno*V0|2D!orznKZG9d>0>{F@|@IsEcmHr zhw?TeILK=iaL^;bt{oD#Mc0PqEQR`uVpE-6Y1Z(?7|kOkQ5Rs|-X3nY&hzv3m|`VK zuc9Df+nz!B*q(Csgi^aykfya7`0(ofye3lHAu%zLN`T%NpBs4oia3FRfk`7lw)gwT zc+ZQ@36Ex2x^)7lqKnl3$y!KqP>it&^fF}HW+`iSH7YzZ064 zhCU|)(PpFem(Yho3Xt^f42!gLfyXcps+`+jQ^!rOO&TtBpG9~B%jL~8?sirXQ?iXpjf(;>YX%v!e%RgTTyd4V5LO!E;T^ zb+@nOt`AObA==H&4NUxf103z6Q0y(<5D1+`?HPAmq`$v^SZpjih<-vpd|(d61>taCpf`DPnA6Qt>@Q&NTvdbn=(OiAwvV#nDTNTK9l=% z`yQ^9_FQHC1oHk54fLGtLG<6;Y<12GB&6|>&W3`N{}2P5A_O!GZDzT81VWV|8S2{} z&o7V<3=X~-8ykbN76EpdKsovd+w!c@=+r&LAsQYn>5Q&)BMlZSA)A?j%JH%{C`w97 z=A6fp|6<5ac>+WBq4%4=4OmCL(OaCY*+{q&0jTBZEdqUc?VX+UwjP!$Di^uA`Dc^k z5^$ZF;UToR@AAhX`p0Am2(-3cV5MUnzZoWW6#&HbjoTNZA7_xoz5O4BhSA*-yne~w zKS=_@Ue*fp+*~#Vj=B5_Be)tF@2#&mX_sR;-dS1RCMa;<(bBRnyEib$X7vpDv5GU7 z5%R<7MTl7QUX3!}PtJW(bn|a2;f(k=x%YaU%FCl-;#?XV8!OpRv$M0lFpuvh=H})s zX26E-GZy_Lz}wIM4+G`g0HS^MQV7G|LQU`e8@ghBbM8Edld|m{9f8)C78YV4Pt+HP z`xb;^>@0g#X@x2alRFXk#ejf^s`B#h363>2 zG-!9Grl$Jt7Q}6P=9 z#$SAXU?IbQTSz>P{k{_WXQjIFifXurshTs)EteMUtNZZ!mZ^ftE=0OitR0UeBJUD9 z57Dbyb?@H>OS}Rp+H95sGr(w!)NbddT8{4+EzL;UNc;49%ZvivF;!AQ|28p-fAaYM zx=#QN*UbGF#)O>Dx8zojJNmGL=wWfgr>`^q?u-BJNM)~svkXu1Z+s^Q1U2ASJN!0A zD`>+toG+70(iNY6UHV_X@LyhXN*+A=R)^B?u{1Do`V+yS-~9dO2Ph-@#~FPQ6ZJY{ z-l>>Nd&#H$u>QqutoAo!?U?~|-W#J&KM$#a*{cHwgee~@^$?S9AEbbAAmCG5vp29O}x7yoFH-&CHt{CN1yy zA&N2m!My%M;J?u9I8ZEjxC>x9kA?0o%PP&^;$C^k{I`3xgI4QrUH6@KSFjKte<8@p zF}KV~v9{E2$z-+QPA~3sOOWCU8-8@(PR?E`@cYrv5w6bU5iabiZy)?a*#fi`_#4Rm zXnv_IJqFaLsgCY$=zL!(jq?pNo-X`LXb&EG_bxaSglozvIdE6xHCUp;vxDd1r}5eo zC4Z)!+5$WBSEfRcfnkXpNrzGc+6k=Oxh%cJc6iyqu~XfP8GgCbG5g!`?gu@{^vx2^ z=PAK`j_)tD#BB`l@m9fd)@?)Q&|MgK7e+Y61vXCBCROxxVDpJ}AArm=(ckscNAYf=^iBp+%E``-*~=TX0EL!8M^HED z{e!;TzPycBHa~sSe<8@AS!y4?rFgc30HVLK?%^(6{_@0k+x#&n%SzWe;I~!DF6^R{ zx7*S+mfY|%{;Fm_iicnvI((-iQQA5|KL1aa{hSTmvmhz+e|g#6&gmi~!Z%4tg(qXF z0?AmV8G?g){+;O1B(=A$DK72Mjd5rF`sB1N{P6NLAUek&OlRRalsqRkKehaCVh-v8 ze>uUsyPVKVYEQTW{Z=JtcvOw*tgT>xO+Zlm%`J6Xe}5G-G_3owzb;!Ql%9!?+?i#< zJ#cXCSgj+gTwVpY4Ai54+#ULddnky7HrD)CYbJq&k1uD*s9H)dRjA24kQUCHNKrDW zDno@wO1%FIlW*7WA*CReb++609tJ^koY2u*AKJD_F81O)qZ|NCKRBz>Glpu^ewi^- zNv>J8H2928`d_XI*Ivm7#!MzvJl&9josu<3$_GZNRVy04Mrl}`mFrGav%6jy#3LeH z9J7nZu!TJ~4(KX08So=b zS9Lq`4}UX9ZeaY`NHXJhB-oPVmRkK^+kzY7`Kbu@yf-j{@+ku&t+1#<#e|Lk-F&Og z6ww9Y)v2_H<0AqS9qqcLl$7}SiO~rzlQ(8fmOz!X{@18W-y*kE>27RqC(UrnA@Epm z9pLvFsIDrfYbSQ`EcX%WcQlYy1Uqs!<|Nw}qGtA6Pez&M zE7%Lt|9H{n|B?*_oWh)yejINAL8ZB%!X0b9h*Nflc|TO?1>-TB??3f(_+c*Lfv+G367GRCW4 zQMw1%*-cV^o>uUBv-9h_ej*DE6fI7c8>)n61a+3(*xXF_OK4;-<8bP?(_0GV2&A%S zO^sM54HU6O$IIN?o zkuh(&Y{pw|$}9P{9;4g@ldvoMuP@_w>CIILY~rFyxa|-7x(w9ri674lm47O73#x0>=nxb)btZw(Wf4l+`fXp->TxNh99BCwT`^t`0 z$2xsOR3)LYGal2}c0KL6oyMLM9PBdL5%@+pi2B zkuaFR9?*Y^8qD*$y}7z*^8&UK2JQf!J3VZWb{z7?LciVGIkpNO18{_`?7oIO_h8vj zAIoL9c2aKFPyUA_A|zF}PP^Zj!0z+raH94=l}z<(xV}=zwKHb6hslTtEq+9Y#w7Q+ zzfVgsFA78^ym3v;e>=Z)Lh@}>}0!S zV*V%w@f7upfEt6kXjD>kXR+0-vWda2U)Q9)H;Iixo@~dHc2{syK%)gP=zOO50CBUS z-@BbL#4RRw12Br20F`ew_Wr9heC*A>LNs*}7+@wYG-=hBgg$RCkd=iVwoEu$+X@NP zg~I-RjZUw@RfHr}G03?d)IGDM`D_!*Z(o$`2xKz=!XE<^O_KgX7u?3pZ-}&LgrtwY zlSAsr&{65BcaX9Mp5q@=%VaWLFqt|wP=xMWah47s>sYkCKR=yF&lO^KaqOg(s-g-V zOg)b$$l63NVsMd@pZUQJI*p!eE$e?|Br9OXl4AeE-x4K1Dm8)aRYH~gl6)(<%3)lqV9ToX%f2 zuE;6CFC8Gl6w7sSmq>p%>cOKS@Y!-{W$`NL9!2^Qe1|SWoF@gV<71jH2zS0;(wp=u z@Qx~JKc^q{I)@jF#`4f#O6+&9en4+4rD{I5bW~2m+Z>w#CW26p=zu&@c`E)F)Ohwl zuMdD2VNs0N{I9ZG^7{!3029PPP_h{FBIL?K)CGkgxWmduJ5tj5Bdh^74ktd=Ue zCo7bwrr*YTX|*~mS5fYp;}^0DFvHH5ADYAxC2B9^VV-*2?=&IDrxo9~W6QgXfG0Ga zooytP+vPRLHNO6I%yT;v!a;R$E$Ekyjdl`bP$Q?&a70J-hyws$I(n;xaBQ(@;)4Zs z+m$a;=UUf>C2i%;9Z!RdYB&dQ9EJq-?M0!y%lSaJojj+_;hqSFp4^%WC66qMp-L|S ziseDQhuphrk-?10va;M@Is?H40M~3!@9;pgFAyMPWid(%+TC#mOnFr}vnR;T%okXt)W@n)z*&D^})o#=`DCj&bv2U9>beuSa zQXEBvaw|`G3t9qr6`lOq+NoxQb-Zb~W1`lG_p}l~C!!wYr$$xQVr?AR0 zB5nZ!d&Me>&7GC_4rG#(kxKL9(d(MU`TyhTgZRT&4oh56GPuU+0kg2-Q) zdzO?R8Odl$Y*E{lxsnqVpHQCFR-WpQ2GXq4nm-Lf&dH@gB}~J=x>vd&2$Wtt9G!R< zycjQxcPClkZ;9+?-B3NQUUT({_rZ<#5-i_lEM(a3@hG^1Q2BwDq^fpfCVFtt<{;fa zhz%qq?hr=v#W5$pTi{+fz{x;%C-?}Ql<zcbe3ih#nJX{YO3V@fz@sZ)AV)x(#{9j|6vd;$*Mj=xKD2!t5sI>lK&A zO#4u5pOJKr17#Ayu*rOIwgWRtCTSCs?q{Lu+U@MU%O{M`T%5sXeEE;E;N>s;Lw6>m z5uv2mrtBb>`0TllX`KW&W+&gqdLPWrljk&a&Gt(C=3-hHO5W2h=f*JSvwv5wW9K^H zA0R)3*{HJ~B#a^*oHwS&ZVL9@?}HJVjwkX=t7GaFuzAkXZv1tuy&v;*cys7i=bgEI zld1&GAM}m>%TN!nam0NHjH5(N&J>zOKK(_1`xG(o6|y5%pduJsra62o{flIk51r20 zfVXv7LAHal8PhfUexOZdL_|3FMxO_`8Evl{_#3f%L7fdBLwVn+>wu|3+j*|;RGc5B z?#`BsPS&BCuG;qJJyldtlc)9$=4O=+6xP1-Xplxk1o*5yp>;a0r9%66`jWenyg&l* z5YjWw#2FfdGXSPx?qvR3$G8rC_uUFB~}H;}qNF8!kr#PA)GJKL-WK_WC)C0rOWg z_FezCOR+8cS%UTxx7&Uwh$t49v#5ASUB+`MMMSI{lS~>izo6Li+BaiQ?o>4!pM>ZG zN3{YVJlQcK?mN1hgv`$GQkV$mBJlhIy=L5LyaS{E(*6g52ih;3$Vr!|epBD+#zS`@ zBb*xYj0;&*dcNac|8c40L%ix1B&~G{50amHzi7^B&_cJmGOcsIU>X@r(G-x*c$)om zEq=oBb&~;7t(eYLS)t`h(>wBseWq3D1@6RV?ssF0~ z3GoChBdN<9&m4&pKEWhiKq}bPPkeA*w6TEbeb(VN>KcBv?(b6T+HbgNFp;` z-*pWC(p%l^j+h2)Nq+k=LCevqWbqY0Za3Z6T^aK)vCA?m3ib8%y+-#h{1-IvsY^f` zlC|HKEO&*o377iNkcMsIybbO=6#$R!NNj^@B~bR&S1~KgT;TRV3Y(D?lWbh@`_6Ud z#3!3?S=c}r*2AhVvmu(-Pgw84(l@FVoij>y%0qhcj622S_a}%Ha8DFzu2U~>jJRd% zp41((8wAL?gNR!>8knIpUbHO+MiZ#k!DTy?kukUA5t*5vEz ztbdZhqFei6p{HT4^unj}ra4zBbONmx4piOWm=(J#6NN(nRav%r+FvP772{LCx)!<_ zsCiw>BAya>4lQS$v|D){W@Pl`yx@vS%eq^|vLSdglvWsX-V(XkAa(&y zC01Gn*ydSj42Se@-#55 zbG+y|d_{3RTb)XwIUleLyqmD=5+#l#zn%}jhqv-0w#%h@wV{h5?e)FNl{Z~W#!Hit zFn$+Ov;VSZvO$nW%^X(JmHHGm9LSmYirs*IWg2+*GLLo84@rc zsnxt=gk=x@+NZ2Kj*gnKwtj0)_(Q4=Sq+A2*!SdC{i)e9ZzgHBpO0XuSL5bnXt>* zO`VqIzzn~em_*V$Fm*m`p#f>DlGOgQE=ihVKO0)LHkik81(seEyi(0cAzU{4RV?WaFpPurw;LTV zi|N#4MoEo!Hs;7Wm3uY1tMjq>J>x5rH1olHs0*D~1g2PHbzbLxLxli{3Ld*s;kc|J zW;kus(6x=hMuc1>NXSr1^|RR}siP{vRC*p8R2ErPbR=J$XfQe=Ty$vM(a3I|6Q(#b z{0SNuxbdAGKgXCBGTEA!^`4k@LKXnwVRS0>ivk#*|iBy;PL?6N152nU1t7|Rs3#H zrG$n<*66>#yfcM%UFz;P_BPFy6MCVxt1Dp%aWTo~6VwG@eGIVZB3y^e06L?Tl4Nm> z*Pzp>*Zjxe=biu$H};lU<#kAU_rpLzn~gl%g4Va4KPlGBNY8B4m2POkKZNs)Drg!9 zWoKRbf~@E8qZZ%`FsoE09dZ9fm|AeD7w}R|R`fKm^>UeKopxrkPLU(H6GvWyz{S-q!CqX| zMD2#Ts`Xs^JCRZB#0yq16yiw$?pqYMo13$AFy*wH{~Z>^=NpNqd5TgVE4!`^*lTOk z2l??SMqP8yu(_}${iVWjhvOo1AN+gtx^kHFuJ!FR&&>zITP_w*_LUnUZ3E2WG zOQwz#n#YbE9&D>^J?1#$3q!7A3zNf=+b32qCElx3rt=>!Q0?HTKXw8U3L#c4oK1Q1 z79`f`*_6;bDNa%<-Tg3<-n&8<^-9v9t>YM|biAeCoWnldP*32RWZc(#=bY&+7iu+s zx;TY(Vj}k9?gyP8FSD>t!)|;%aA-6JnApg&(l)+qA~Z9giT|twmNm`l+x^&RA_Idd zGz{pTyj#4rt##YFNxi?z9_aPHjQF}%aDS!{tW zYWn`lBzfH(!@@_cIbr+?`IMIp^~O)%q1*5Ru8VdTW*Z?{=@(j_IA@NJF=(}_+7+7{ z=?ThC@C{Cc=VSHlCKiT6K~ek4Sa9Ban(>tJGZZVQ2rEbaSj66@4|~^N4q9Tk8{~nD zAut4L;AW!yj;g89g?R*ne-u_;1E2#{yCf&!tw0p(@*T%Wcy)C#=Ls_bA7AlEDoGplv#g#sr21*g=ipw4Ce=0XKBt~ z>IIim*HE3tlRhtBR`PY_jp9$*I$~QYt6w=b3Eu4D5my1@u`Cwjq2_RK?(Q&zCJOlm z4<+LSlrO5+1b+pC+(qmVDNr89K)l}L7*K}w`Y$g3(Q6wfqFj}ce-;Zxa;I|omplS2 zRQsBqZRGk+a8AtUFZg3$B?5SWH*OX^Cbjd#4jA&uB;pPVjm5sRMuOk46NS|<4Bce9 z#=>Wx$0NPZexQE@fqSvVE*g!Mit0ldhu7c>pg<#&Y@oG?&VWuWDLt2cS_k-BeGJcR z?Jf1<91V0%c46`&Zs}z4)oTeNr+|{fJO9?3Z|q_?4@63nfI(F^0t(%E#$u2uUGYJu>g!1JIclpgt)1su#a?@Hrm1}w3vgY%8wy*(zh!GyR0$`=W}Y=YFEw>cO_3b! zKcorzb$z%ER0GawtCp$UVccNnE}R#K>3O-`-mK2qI?~ETNV&mQ+Zl?HV@ubTIvE@+ zz8{npqQB^S_}Ba3^mvVVStrIEhr%Tef0Y=sR$rm3yDZ5KfIW|t1JCfc z0gORCPlA$XUgvgkrr~#=;|8gw^D88@&Xx|O!=gF%3AM8L>;No%*j^aXTf3xHeYSU>f>r!#4qO0B6$9eVv*QMUJ4Uvjw;B=s%FKi6>%Z0CHsCv*5ecZp%X zpQu1D_`~RPFZKBOi9Wla*JSh>*wp2Rj~q=2yq6gB)I^i}O2|OVBZQUlVzQ5Gl z`jIXW=A>v_wr5WjH_ty%k)mxQ8Ryr)HdF2_Uz9xxl**S3f9`OckWLR<5=a&(bcvCRPs|>2h6;M?VexN<|-)wFq0zlwZH6`Cl`aqNShSEBV+qM{Iwn zMqgsrgx=%}*rG?M#;c9NEI(N%7RJ0XmJ9pQu3i>D&{J&=>>E+?ZziFDrrvj}ggm)O zI3qmUtc%iZXX4(O#-PYvD?pcF(13+j?AG59erh5yeZ_VO1Dm(2;T&CEt~Wxl!X}e8 zuZL}7A;GJ%3}uu?$l%>id3Q(Q2&g{?4sTUwCEF1RP!+iRq5lG9-kOOC=*hixY+Z@{ zNkG9(2<_}!oSIwOc|wb!ns}sYuGW?QbA0RH457davLAb4)s)I`Y9ZVnqp`}y!8abT zc}?t}mR%dM$i*O6VFNm85st2kg7O`q#YV%R^VN-t-9Z}8GhXi+wslcKtQ>L*SG_Y! z&@db0n^SMI93ELhAXoAef=yVL%j?&=r}Pq#{XrUXDUyC729JbRy49|#U_d<|acP7^`j*ay7t;UT*#J+#vk@&R3%2jd3_@Aqie2v( zgsD&_j#`<1dDj?9X>J^>48&A&jywETL>Ne+Wy8xA?hYq- zW#|+yK$0r4AIgAeOZF9k=IxjD8apn*3S@B?_Pb_hXKSvmEc;rH_m}xd!|0vjMCK{5 zL!-#6Dmsel5pjv}Z;<)@bk@EVCvji0f2TP!c8FF{K|yRPAtuH~<$!gD>EN$x++yD);n9FMEwU^HF>Rv zbgQlCJ_ohkT~Q*0qLL-hHd9k~A?K&!?JFRYu-2??wQumoAKCk*fJ-lj@Tvyjx`Jju zMMcGw(GD76BRu5iqnF8XqDidmX7#u#RZNu~$qIs|CQym*o=h%r83k2AMh@rA3H?9^ zJpBb+`G+Y<_(I`ia7i3gS+;d`P;*^7Eoig!W%OHfls(pt&~o|A%FnJm8e-vvJ44sild&mSPF{OPhuK`k@B|*b z4ecs+IV3)pJy25D zPo%1E<4;Bz9MJbS-j>cOASkE_CdP4r*>OVO439zIJN3Na76NzBg^RuEpa)9*+-o0W~BI><7Q@53VFM-my3a_)gtu<|E?->LUg zo^Wu1hwXx?(yM&|15t2x;vHXyhI448H-2$DXz6NIf{{A6S?mIEawM;#j_!6|3Jw+*T>E0&9(a=acZo!l8I&h2SVgpJ% zLH&HF>Cr8anb7IVAWoWj

H0oCg^VD;6u&pr)tt4`PZEQ1#olZ#4}KltAPF zLR#4y6v%_ys@>UE)XVn{*ew~m$u{B#c>;sa0SHblUdSd1-VpnP*Y3&!E-JY_9y?ww z>ZintV@;7^^z)^a-8VgJ-^sZ73q3u>pQq1zUpvryDc*bB%c+WF2A&4)GlyJ26CC`w@*}EU9$#{ z+1#JIF6Mb8;klc#>2K+lJqXIpt*jg%Pd(%)NIy86G;M^W8>dFdKGD;sHkrE^^o?S2 zy|{oPjq&q_bN`2m6oCa#3elh~7qrDo&>Ks2<_5E}TP&E=jM}zPE;Y0=y zy+_+z(ic=#GcAfeh4P#zkb*KEE@U-C-`7F*q!_xP%CU`nyj9W4KKxxJUKz;6l#o5qd)ZslVe6M5zvDRB zQ2<*I@HimHA2aes7%+N$y(dAaHDn6lg9lC$Cjzj!|FkO`hv>Aa==!J|kUis>nQiw; zKhI8xN!qqgc|?Y$=3X$&0R^*M(a|}Vb^)bf)Pn%h{@4ois?NA!NbKoxJLKv#J=wdX zE)T!&XJ%CH)ITYvd)2e5`ShD3ZHGhev}NW7##)>W$xEfX^oi4na4sgWYP5cktSbU@ zSiV3ZBK&lkEFta*K9WnPqRCttSxzz~_9p1G^_v9;=2o{X2H1Dz>%^b=5ugL(4DP>{ z)!dQ41Sa%qwP%d-FFFu5l@#+tssUZ!Ci%c+5A=og zzXn->AGti|Ny!900q!ULEAk#wToU-6y_^3!z&!C7y|*O|L+8u0axil$)U@#O)^Gg! zg@X6+((WW1pQQZ!t|*Iu!1v4m>LEcOoOEqTj|jmy@hdhqw#<@OoSdD*KYjXsfFbre z=CoZU(U#Z28BK5i9Fb0SDYTPNuqxK;K_;Zz79~N9z=(`^vT8i?%xTx3ACj;8>G}4> zVA44S#O58Y@0COj;a-R?EW8xfIys3(xpuci-3+@gKrJ8+ZA2pOiH&>G=g)HWUq_gk znZ+8=OG|cTWo1lO0nPFE%r?^kUVu&a%hG77t2+T?rX;^9LjzR^Ev;4s*g~6e&REfH zq+z7T;aqY+UQD-R4ED82tMpN&L^4tD+q&ho-(f7qqkV=Nx+FH+(AK7hi?nvxlJ%9&lUf~1C4#NbgD6Qt14ySSf9Wb7QhrwQ zDJrRDkIhxE-gnpF!llhMHB8IP%eR!3j~$?obwUBdq#Nl&wD~Dop?eC^QtjrAfb)Dg z0Ke7A>=|Ao`=%2uU_dm`SX>{jK~EJcd1$x$+*~oc&bhweE$i21CxMUx*T@eNDRT!t zodf67ZGoa!I4ajxprNU!)T4GrL_;tb%slR1dKP%)YIDK$F0{})*w^% zm00)`aHaFy>_?iplrkPBsh%_NJENTPy(w?-AVQ0z+d=L82#)F2XOqAgXYm@B?;%I{ zXAr8^HMqV!dFN-TiU_w05A(Sb{4Gh3CO*_;0imET%> zCYv~q;mBl+Gi!OTN#rX7@qMefJ(SQiY5#WXrjA;04_)`2qfm3TYQL~{&>qb2d82A2 zuFdp@ggc4EO1ppWd|i;GR!Q&a`O5mwnq0W{+Zh3(>&Lg?bS}0^c|8UHxWZoW%%z6# zvGA7XkqAO-%eCJ(HB!Q&E7(Z+xE60d^YQXX^!Y41t&t;Cm#PH%TP5T(2- zSj-6Kyn`!v5p>_i%S-5tDm+ahEBZNu22}FRo^5L<#4FqC)#|d>l}k{IRf$x zHEq>BkW}8?ORv>?W$XIO*h!qblaxot_KjC0t~AqH{O~{pawsxiVs=UIa!|=LU!;57 zQt6wgz$zWloz!}eI~dc}`bB~KaJC7TK77Kb+vFgUN^MmhER_~-#|kDy;mc&@!K+y} zPnSFO>M6=#!Xy{Ab2FrXBsBLvMd{{bo;d{mF>xC3f_m{oO5RPEJei_W*UM?8{Z>@bK{BhZ+EG_`u8%qp7W} zZAfBr@_B3Q2mJ7?tkyI~H6JMhQ-fy!8xMuUB^Lgu= zXf9cDQ%x`SO`G);5ugJ)K;_r|vOvoYIzDm>)0;Zhqgmz%9#A^8B+`-r`4Ak6YQ?qO^)Y#YpSNbLclkdUq$O1q&RE z7p=3%lkT&T38;GBVQ#4QC7xY%qWReO!|D5Tj||Vtj<>yN82vI96VKf}GM7`bxac#P zLjaJ^{i))&lLcO&^rV|BayRdxARhkZ8S1o|{$YA@5sPf|6vz=-qUydRwtC|iU4C=h zgd}5Qp(b~A2Y#ow#&QxraHEidY6)3Z_nR#ocn`>1E6Oi7aH^3uvspzy%cW|NrjieD zHki1BC#Z2Jn}g(BBRbl|Yh6-fVq^DFniwe?ht=de@Z%Z8kLKVa<-7WfV-^;H0{H3o zav>zCVbQQ8J+?}ZE-WXf{m!k7Ckg85a>0$uDQ)=XqrqtgmT|^(99D4#fnTyLI9kh8 zwVUm{P8_0F!6?n@Cb-3~7$y*o_Kxvb0rD&?+h2EFAq3>nkg?g}YkA;-Yw)SD&lZ~n z=9h#O_`|{2=)UhsL1~15LUUqWHgc3%{i=n1xfQlKJ52n9m1m52(Vh`M88bY?GPC3H}m2*OaC&6 z@CQVo;Amu7XLgJ2Tl>}%D#UX<Y()-+6J zr^_%z@5*g8a@)62fHWQGY{KNmmG=F}z*cJldX=^yK9l3xr|Dl2E_DL^dj3&;RLJ#O z3;a@piDt=S&0)SrT@3aklW;6ws}o9kuMOoD%!Rd0Pq|)W<$||7+4dP zs;4`|We?&t9vPX?VM>8U_Oj;_CRw-=XiA|*%DcyghP7)#Uyw2^NN`GBnYaUco?$tz zzHXS5Yk#(1$s$&zQUS)=C7v@Ea>4%)wB|t3d8@cDC8y2ezMwv+<5>e|NGGy@?- zh<7(wb@_JpikG1#Rf>FYv~^5VbCUd2q(R%yb&qwfJ>wAlutS%T9!;Z0#-c-`X>Urt zVSf+B(>XziKw`6p%8I$DAOgLi{w?UgJrGhrATE_}mvp6G?}& z6Rf%&qT}OT52(TGEJm>77>T2IbC(agZ76g4o;z$XbzFmH9_eRU01 zpJ6_%P@{8Bt;*GZwvJ^5xZ_71O~tNkSxP%0Aly>y*>A~<-HZ1kA2$?}Yfoj=eNA&V z-xsMN8`-tmXOLdro@wf;+ngKO={OjE=)7K|HUb{oW($kyi1p{ed-1Sg*-tIoqO8*Q zf-6_Yex$sL+Knc=)tmV`dBhQmx0?pQbH?dX)6&XM#4233wzmF`?K4gb6iorF2v0I! z6^%!6z!UmX_2=!yc$?Jgz$naY)1N#edY#^~9IZ201&=6yK6q}wt~X3aizrzue{^+ zYB2}DjaU0)h^OBB8=ik!ss0odLrhoMupFJ#P_ZOAV-~EDGbYfo+~*(aa5K<`fBBur zu-~YD=pp*pN%>Fa!1pOp1v2wW{zK!ioSu>~`p{H|W1e_xTbt{gbcqe;+*pTT-1TI0 z&i0q~fmKf%uD-~?jJC0|D+-hOM0TjA1}Zy`X@YcLvT@D*%)6~AjQD~&!z-t%09IBCAaBz5AY| ze&zUA;KF}pV2&iD`H|>i4_Ms;Qr8st#fS(NB`bsT0kFAImvcr}Y+Zch4=S@nl*K zzJtp@%3p|Jz`b=1xZ=?%DwUMm){f|fVuAL>uOnO7X6;)DEwa~=6MTN(lS;1N#x`?U z=_}sQF5ZWcG%y(bl$)x+e)EtS7$hA)?L`Lbi@1;vRA(*z=kt`XPR*NQ=`+7 z#_Pug+-;izElc;Y(;rkhTb#op|4mf>rS-@p1I@6Hpk>0n5c=o!4gBj)HgR)v{5Msm zE8Hn6{&ILnYg(oa&NYOpNLBVgJGx-=^G9#Ac-* zD4y|%x3QevCgA~9c2av~%Z;mnS__v-RaaO5Ndxw8kqt&`JShJ9lmvxbCQ*u))Du)! zTh?O8sUEF@%JXbiBN)!9iYMqovbsBfejAaY!hGe=s ziQ$9hsQ>GUByOv?ulbLpvsz!;3>Y<>fW2Gv;`ErBn!1O&1fz(;$?7vs<`2+4{3d44 zfJbcbJ21md7PvC5D`pJd-vZd2kDR^OX)1?Md~pSGmcM(enct`5lV`dw93hv{&>GBt z(BSYz|7S&g81sh>w1y2OeHIo>cYy0h$ekUS?SGohqS3~!5uQS$5xJbMV2~uJ@+i0i z7deVEH6%dk)p*Z%x-eyq+K^$k#r%R!_UEuZOt7BAwHJOASOy|6KL&B*zSHL2xhLT` z;3FMV!<8%;>|k;I@>DXOWoT*QHn;srl%*fLxfoh2+@_L59 zN_*fy_Fz*2XR1tNh<(O5xroeRV1}jK?C&1gOp_;10-tmhYI@2^GIjvJPQyiKh1oSa zRkHHP-c>v>JSm?|czeRbJsM;QE|~W#@owjx1B~5jjGz|n&U3ffsUB((i4C#I~H83QI$h`zAYFnUBtBRfYX zq%eH}U$;S2PMS%6I49sVy-KX83hKLjRLAY>CNVQ0EKun(F4QzNf5`2YY4f=w!@{)Q zK5DM-dW*D9txbg4)gCOY0ac1o{DSf_b1UdK>|{(psNTrxNNqX6g1|k6 znwHWjP)4>EQaghw{&9HQP8k96QbN*ku&}L;%o;hPPlDuBrC|#mvVnQQepW|Mw!T#x zSWCUqy4HNTJ<2b{`C0g6X`WS#jmbJB7ac@`uJhJe_R3Uiav%CQ6~~r?&kQ)Df1sZ;EI6}WoI#H1Hpy$Ry%l|MQIY}bjnSkagthwo%q4-NyLD)0=5 z;o_Md>HSm_X3chw1%4{T-P8`|giSHlO6>I6v#I{+az5>e-AO@4Q5VA2+^O@c3&YyW z&Yb1;72ebz?sC6cRh^df71Dh-;xPTKz<2t*&TvbLiekoeMgJSp?n@;_85d4(Ikj#v zkouruZiNi{ATu!jGp#ZT+XH|2aS-CM-U?3IuHwMH>&aeQPuwxVl8Q)Q0sHPamez3Z zTe#%d+o7RHn(2X0vlmYB;ko4EBF(L4lYK8dyIk(iWAKhmE`m?tt^BiZXcE`b}hTxz^S&2-If+)bCRnBPC6S!J{};HZIA@ z$sx;+TVK_QBM%4QsfFLcZw{>Tnn!sAeVs(pozJte3*odck#CbxGrrVq4+Lb`3K(!= zQ$nf*>G=P{-d~1AxxE47=oUdykPst1&!Rm=>(8eobe6}q}7nPR{$;Ba!z zxGHA=WJe)~;9o902)feXDPFRZU;HCZjWNam2Mc}&5(84&awChlZ1yLkOd48ZvKw1t zZD^huUh?YyIY(`5Z(laO35GfaxqB0NM|mOAWX$W7{8!$|INV(Mp{o#T2> z*7Qf`Ory8Iu%tQ_-@SUUG(?{sXQ#@N79(`aX8-$K7Dw7-+Os@6;Dzr~G`h2wV%6=E zZN~~sz%*RKHjOgl7`E`YySwptMSX}@pZc99IpQdZQn=#q>9y7d7dESsl5X6N1Da&Q z#a!NAW1zCu^1aWTv|MY}3Ov}`A~WxBbXSXuP2arjkpwZ2KZGcpWN8QAOl34d`C%O=JYn4ZaS=0_^6mr=OCbBGjZ%+~pg~?ei#< zd~6+1bD@tB2`G{WzVRm@<&*YhmTXb!cYhOX{;3IQwoOpn!WQ*?zvC8{I3V|iHbe-@ z_3f-Eqynxh0*c+OZAKIR2Tu>YSOfGQx|tgelG8lxMpFBhAfQ%tzUd$MLttL8UFOO{ zbv=$<2k#PU@qvN>w80>%5cHB8HHrgaO)4{Zs$k2%?>|;tx#DTRtjydZwf(-$RKOp8 z1j85D90{Ss_w)eHxY~OWY$$vRUIzg7V6s*L;GhU27OG@7GMZK`reTLs{`ta|5|1d^Z=wy1Lle- zu~29ypjLe zwE->w0*pSzxgnt?0T`WD(E4fK2B4o<1$n8wddP+7ETRw3`w`N(h?rpk#57yN%|Gex zf;T~yMBiTPEWQXe2T*vzBlcR-PHqIkK2LWL-ce3zr~eNC#-d%orDReh6jEd*6qr2r zBn9w5npU*nb<~?U5gDdFfK*H;`vxx*=z^slhJdB+*K@G^$5M7^kMISg1@9b3pA(ZI zul7`B9^*-3d58<7`b@5W1{wq)n(6~SR@Ki?oDpRmI7k%n=cW2@&INJ`Lq9@RT)-LV zV$MW0T|Nm9YF!{Xl7D;CskMRQSxge){@1IX0bfZ|ASy-v+QVxmzzQ<2EP#K(vGITe z!|v4ygZ%XWvqTxd6Fj;_e(xao;X`Px&Buc31A$)U4FtR&`ibxTd4r1@0D^Inz6W@z zjtcMdf)C^}&O+y{J6RuUTGY546u%BAW+H|^7J zOymt#B0(F>MpFL|0{=US7PzQ`phT*ZoBst=>H|oE|D?=T-SEuND3boIM$$E7cigZk zHyXH8vX)hLHVZ@z{X}OIzv$6m);t2+K%zI_{`2-@n2Vr;C9aDgFM}mO=p3Ns7+Kx= z$s32T=OGOM*rU&+lBacI=rc3$8QX9?6l6Q$&(`q$wywsJa{ICYcM6~V`8 zh@-3KR@49SL#2~)*94fmRrlL)Z0p5kt3pb!AAZ|iv_s62u=wr{}u>-3M6@!$!w11^7>?){l2iU01wFR_^Lp%<6bZ~ z9;m>SR9-HiO~rDb8Vn4kO#a4_hhl&~R036c;y-thITD#8oTmKn5VFj>xPOHE*2tw2>)Dz7>#z`G0Px-op?v$@U(Mg0m^h64rf`u^@}BWoi-jH`;NN*;D!H1JS)ic$w}p2*{mZM0tytQq`B}8b05CVKM6i6e4#KsR0o5e(#5MnqKPk;geywItP<4NCilD zhfSod3Y#L>p3*7Cg#FOGMfsbHoWx*iWsqj^p5Vj1GQC({aUxb#TA;_lndEb}yQHGf z&OE1xtoZan2v1uSlFAt zP+lYvP1xSFjNE7m$95-GS8UZ^Nygs-GwY-j{sWGOau5RD>1ILCV7WjT4MG@HWTD=T zjg7wln4|!Yf0D-B`|jnO*gTvrDDENttk?LKxvnl@q*bJU)_ew9@vP-i-UQW=^~`04 zTemn5=jl@BuB;c7b+gFRqwTRQx^<%Zxad>=08R*nTNe~ zF#vdNAtiPXWqZ_%Xuv2x@5lMLwfj4JXV2o?VE$@jVvcdrxMJsaKWogfH_-ESm7g3W z{7|?01M^Lqon!%0U#EoVuT$eaG=VN|vxmVZ1FgcKCo{jIG$TWj(rH@sg2MA&iDhLE zqnJ;-fbO|m5wp5DSK~k*6-Y?-aCVZ#&5bUDd3Q!-X=!QfuAL{{B2OQwQ~__N+PA97 z<@_`vqpejY8^cSU$y-Id>G!HDp!jsr#~UbH#WR5e-%47$>6U@kmY_w(CHd{*>Gn9; z9iCwi*A>9?79bI~sn&#cnq)mwUF5o8X%vW%n3mI@0rUP-vx>Ih!uL zby>hF&Bl=1(mY;KFkt4YvNEANB@L+O4*4y^51zXR~tnj2L6arv+7na2>yvKzcXqXIuC&p-JY z^Xt5+cBZj zQI~_GekJ?yH~rnkQckCIR$tgwk5E=PgBpwYgVcpU75GMu4cyG7k_yX?mK~qsy}mMj zE;Hz1iQqN=^dn!c8baBPgtJAA@nGKcV0DI;-AlKoNXv-nXSur~%{$htRob6R##U8C z7c5DN3JSPVR&yf#cMaPUAJtl>`9GktR|o2tGc{($NP2oY2ji6}L?=P}hl#MTuy})o zjCHQr`~#Dv@RpXWc-}rEU*HmqeE_n0+773MEQK#^Y&`!qxIZsK9Sm8S!B$ZPC*`w9 z+J*a<1%&!?WlHZj^=-&{XK&-yv+#4LI661-&GhBgI8x<1U+YUEP%lb8)@WVw0kC)| zPSG>)Yk0Vn%mSD90bUX=3ZFQ}Ch7{HUV8M6Joy5%OvTBGEQ{b?q8ex79=d`#895-Y zpg{Ulbt9(@;zY)(uVGJaD{mk+&q^a-kjU0(~XQ}BqWb|lgY6?jXN?`KHFZcGF zraZ~jB>RF~KRkn&Ee9rCf;C4LD$gCefd{6kC!0pBQ`rr7UCCd4tTP@h^{wCPz&JMA z(8Q|C<5dXvrYb{*%516NrDM{L2221kgZdhXlMAEEcOi+Ljz+|ldK@N$<@q7| z^Z4$lL|$$aeMuOfm6?eFwCKw>f!Fdvjh;RV?5TZRdH`PH_Uw#F0<|N{(42`i9G^HF z`;~oOnL_Cu^@-VCk%SCGQriu>#W`EK1TMh+o-qMC59b^TAB2#7`$o=KgpwGo#A38? zM>fl;OG?A_Nc-r6 zhlW`r0~rx|%@0xV$wlc*_7~(~RryW9fup{S+Zb|70sFH%q6_xcg0zl%aX97S8l2*^ z*|dfj<6mb+g3D#p7winL9^-W{F!20>QA4#5iweBBzf%D-TV7^+DQKrIG(R0iP;nrx zbp7J0j{M6&`B+t&DIbRL{MMWQXKeyrjQ)qMB+xWbRf$~ubjvRdmql9WOd19KNbK!| zCcutrn}(egQ4;j(nMb)mc5JcaF0SB`-BYpf!>Dn2b&}4?y@G5BtEWlh(RVb=7(aPm zq%2EyjsA^W|F`pKVpuKm-|}ttn9zSvlrAB|%p4T?4mK`FP+R;;<~j-%{Ib{K>%@=) zT7h@5FIWDYa6i&pr-flk;-`CKiqpLJ3vK?s-|4Kiw1130tGhlRJN7LQjAnQ!XbT@F zT)rx>XlGj)z5ZG&YaEMTgSpaVsp|1kY}^~eD945!S%)2ttlfm;Ec5>(%TOGxz~$FP zZXT>I2I3TjqZjb!f0TbAL&d7+bCvYRhWdXdl?tJ;VNv3ezYK}Z^wv$u9#YE8*k@@cxGFa#^o}tJ_#@7upp*zZ7Lbvk)>k5NWT=8yp&1h6Z#51fnP61>`0cL0hjEk= z-3@ci3j7ox-T)|q;cQy zFX)MgUr1?N=@*_~v24B+N9Qolbn};vhAP1s=` zPC-VD50are8fNk94B_2d13K2``TILD)~?hoLUXqw1WZ55#|rgx;cd;S%l*JR1x>im z6`Q4R(kc}n*k&Ii6a^G^Y`%nYnboFL4No(;d zbz|DR)`PsYab5N?pjH9=72erdoaWkeP|C?m{+A&PC%GVSpq1TN_JB{jeJ_GA$?V&R z7G7}W%#~A+IaXv!FdQyX#?ANAYmimV+kOA8wC|x49z)hS+;P^2Mpj^tI7ox<%f@@o zWA7JmHvrw~JPMx&x|60GLW8w6JeX?1v>-mCJm`6-k2&Kfi62SAm()iJe!k-EbL>@c z?gJ*w_i$lk8nZ7X!7T8V*XFbuf550P!sK}EJ~!>m8zPtHoXei74)h;x_RS>dw#@qr zV{ME%Y4BVVI-OHaZGOzns`?6rKmFsZ#IGsD^;}XC5&w7D3xst9%m1>|SD~}dYXi;i zTrwEgD6Nv~*je}x+;g9E<) z<%fA9i+wkic(q>~7g$h~Sv^8#4T;9YscN!>t1H9Gi*z3(kPBMfnqG@!2%h-LAa_^V zbI&rjkM+3r;v|Oz-X5nyr!w+|X}=j+X~3JEqd5dW!P$(r9 zdPk5_wZU@n5i9HC)=g(W8`0}5nm0;9^L^$j4)dyi3rmWX-k&TEFTb6OxMP|2BV)#w zd)!<}lhmTV(s6Hm#QD&CXSSKU@y!K-ua<}@05}nOG(=gcPIItjwa^s=W6Uf>^NLvwaodcQwrT{f0C%&NsE)*_T3zyf2#{IBzyVS@8-?oz|P zbn??y**OK=UCQ!EG&$;kZ{>N{dX9&_$#fx~J5L%6OMj06UVvv0>`|Wzw(F>jEAaSE z55(Zzw!YD8kvbE;Az!ZZC+-y-{dDSQI~0R6_7>T$y@+6gy(QHueTF@ySB6g#W<3dz;07e8|z^-WB0-lKkwmd!~SVAQ-+qr2b#POm=W>eL>w zX#~0(H6C0Q%#?q)7+%L+0bwhKhZ>CExTq_2sS7zKzP*t}bzCjE07XvW^5In{w|fPl2LcrMhU;w5M@xV*G)< zx>~5i^W^kGNBbiMyRCg%oq>6|mhiF0IMXgFh!LGZj|SFnUvLv}DSqW#p~=<6>q zn2^xg4a!if8pgaX^B%9Pq&S8H#2bK3GoMBpeucQPH^1fL8?P8fN+mx^W^*C_0erv~ zW*n`QQ7lGU@oI8TN^y z>HTpUE`jeE=Ym5tS8Zx#RhW_;9UcAr+W2;}SKuiK;XM?DkOk4xdU?iri)>w<3;9vP z`KqEpN|hYY@o(HaK-?>8W(p4C&3?1sf9{wQet^J40QsK&C8A?6!3rXO%Sst6GSd~t z`poDXg8X5Rf#b5LXVPDb8bgk#%$VxYJwg^mEiNvu)%LfS*o|i8Q!_F`0CTY2ESd7j zS?SG%opq+OA%Dl-L+t``oRy09f&8<1-Fsv5Nv_=T_Mmx7U?WROuPM)Bk8R(D{*xvt zD0;-OC{`XZm|I#3UnHQ{nFhwdvS1q;d>pU0aEgM|t3y8Te&XhS{ut-gZ`7myB8pap zSBS2VR6V5O=2imfWIj;!(A<+e;p;z8s@|ZZ&M=H>{ZXl88ULSEDiJ}QOwFC09en1{ z^Q70cku)f3H8l(5XXqL))rw^Wemzsc)`=xWKBK4uJ46%Q^j~s&TuMBC_7q`3$q~j`4T^W?!^4Ka;(2Rq&l;4lxksNQRn%Q zroOQ`)YTOY8No*=)ZOLZp;wTBep+!jf|9XWO4mndlgGZsccuJ?zP5R!-*z3SGF~Ec zdq#O>B`SyeE&QT#LVFqcI;%DBWNml#dnA5}iucI>VnF{BNn$I(d5SnpXm;+8i zN~_^MU4o=-uPFfq{+0&TV1THMz`O8ulgj8U=m(wo@oUPf^50zgN7BWspokcE&Z#Au zSDa8s6B0!k=zi9g_2#VTN*+odkmiV(>r;MYdf0p2@UyGkaJTmUZX!-!+aAt`k4$rs zoyA(j=^6=IC-1H9{uzx0n`h5NI$5nu3=D!zoe!+l=9oP3h)^3{C|MJ;kf5Mpt%KXbyf-smli+YlNc6FV_crv*EafjrE%^kd6nl zCMxuRc8b;1G$TTqY`<%$sY2ZGB~ARH%x#57VuCp-n%BL(eLYCKBr1CPx^(wdDv}wK zi&I^j+;>fp=7QwE<63u?2 zP7jf#(Ozs|Jz8Pj%KLz&YE%3p6qB8Wu3&3?=is&90F_GtQX=w=Z^166*E}s5a zAxR|QF&p<>U*CKj=6QvfSmOEf5BNfgp^FOJ?@txQ0(9=h0%HHzhTPZpXPWw-s!68s zbUoeRTbEhhUQYU9o(!*+7prrvg4$JRBQrEPlRZ^o2?(K!w;m`wjacjJs~zb%vVuL? zxT3IO^IORjt$lsh0V?b~!Q7;&K^}8tNt(l8J}edcZLxpy;!r9p_tvDDG_Tf0R&}EA z#|YKK2_?(SvHk(^YA08ZhZ<*)OrsvCl_kR2vZL*8W7i4U$ZoBjJj;B&8W9k*j zlA+>ZxdIq|J(+#xmF`=clJT$p=@LeLKW;wor@>(+DM; zD+M*oUD9Z4sPWLtP?Vy=?w8v%VXX0A{|1y$-~Oojs*sgx)IeKqX)F+K7I&3VSSzh6 zIEtKBMMZ@;C`oDsv1B_X5-PxIJTqNNt3EkR;$mZyfQsdf;`sRL6q}4n8&tFcH|0_R z9q_l;hgW+F_^E;h8&qmHG^(QL=?9`TwiI{{?1Q%6rE3&z^)Dw~BGc*bOs&bEbIYiiCO-7c&AAf!V` zNU5_<^BAS%SA@C}%?U8|CWQ^;iEtfJa455_!lfW#CnxoE^0FxMOdx`RIC>K5Yt7Al zK8pea&aCS=btD^(vQ2?6sBVcS-ZJn+9%(b|xQ`9M-wqyZ~s&wzr0 zqJ3n96%=K{L6Mpbn6)%f6pnG~@@t*|C1~Y|bGSt%PshPMuQ0K{RNQ)%KK9jFsi07$ z`NONY%nCUsYm?3Fuv%LsPUOA1%4N7py!tQ|27VL7AiP7l{oKcaqG2^NAT%- z2^_3p zC5ha0q~M^MgNVm}TYii?VYrTU=Y%81A($m4mR z8vFyZt@tk$1Ahf%zTN*Fk`esrS8NkHuGkU;yd_Chx|wqZYY5f=R|ap5BLBn>7b(-T zBO|Zc{x(ma{#34z$Fn`y-KdT8_VOC1s@g25)(iCc&IMowd~ts?OJzAw#|lOfF7i&* z>4vM%^I&tU4$c2#grY0MYcQ9e>1YpLK7K`QpD>Ohm;y#YH+R%%VY-W#%XaxmABmv=&2JvUyIg z!-0}XrHZ&8IYX4Dy;SAvg@T~CI1_o{Lw~J(*JV@MHgy2eSaho;qcCP)-)~u_1OkT_y=-}_sj}sFXdn#G(IW9cU&2OZ8yh7M&n`RXqsznDJ)$#z--Yf|BpJQ}z zP!)6cq2O1%V={b;<3-bL*V@?w-2VP?fL<4{SH5Dg*3k>^Jc_t|ZF9}bN<$ssLn_nj z@^pz<`)kE~y?o{9C4*r3okM0w;Nw0D<1AAxkq7o!go)(tht?>IyY zAD*jEul!6ZWiv1|3~6Y1%)r19=u5`kFeQ9si~P{i-K_}OKI6N#Yd)=+ z&i;+#B!CRq6-T?6okNOnD6uoDUNq>Gylx1g_W$i!f^W45PLY?)2YKI%G)>@w`Cq|0 z=@^4w!Fz%$p2m9JX0Yo9Z(pD6)2D%G9D2WMPy&w|x0IHa>Bd)$Y#%XLEGxVFU7&oB z)?j(^R40oobn^ab{igeO9WGoST^r=W2Fr%}+gsfV1qjX4!p4++zq6-)@!RvBK*;H9 z^E0nlp07LDb|+LR(Q4O%*J;0)vts3~!(s!|*|ovn42N=i51@L)E5vi_Kp@~oJw&v$ z;xa~xpZZbm)lIjkFDP$ir&Fd^#i=@ZHAM&xY=6J-K@+f1nDsPj0+6R~bz55iHV%&0 zF87Bt2ix`Or=;A*>W1eMlz!=%cs#F1T})+6o;|Au1CmJCzHXPL*+hqihF&q(L7@Z} zku=O24x4=s4G-)vP>&wPC~#b&@K6Fmf<`0VrzgP$h}`rzO~19uy65rCKowuw#P~0p z_d(ZrVkoa;hW6PdD*nu7qiJQ0R^M(5zH6w39qm#gplIV;AfpA;4~4!{$+{>cEKGKT zedtcq24E?*SSfK^K;{PpM=@0h3W_JeHWZYVZ-Sc0+Ezzb1gW#+KmW6yAl~JVwgNa} zTQ0ASZe0ZBGV}W=mXWNDZfjbMSvh#;9*z+%{}^|YkIm8nhI{? z{&7@2jEF_L2hg{udC}!{kweYR@L7bNBI9cT+p+t+J@+=4j6c&MV%f1!UR*5=9VtA` zF7+#dUOM`A%$!pyyWuodtau5n^IuwayCDJlxzpm=pv8n`fd~e)H%0&0+mNxd4#=ON2TBeGFgV zj)xyt7E~GDl9EuX4SY}U&}}GL-raFaMPG-Fa#z z9mP_j*A$ddJ{E$en+I+mbTa}bJ#=OQ|087bwc|6BV>EV*7LC>~_zMvA_GeuU@j!AoE@K);ZB? z+%tqX6$yRK&CGn_O+`iFE1`h@mnT5M<(Mbo4$T_U(wA$Tkj|h1b2?H!i`qVdg z+#;0iE@EcbZb-cp-0jhNNQ&H11Tj-{)~GAUr_+>Yj?gW*U=-|%gnkPDs2pfu1f^Qd z$8iasRPse$TmY5EU1q8x(p;j~(DYId0bL!n>KToC zWe;zKHf1H@?xm*-JgT}`C_Gw{&{JW#S87^0ivHequYXPg4#^0}B@+!*y+CQdx7cp~ z6!clSllZD<4eD$pGf?PJ(QVwiVc+f4*w8QzYE?o&8H|bdhk|SIZj}ve>eW5|OJW>l z1!K7dN3pS#CDwgr$e`CBrY-uV0l!Kf(qTS zL_x=71pU}fcj0|zh(mMs4Pb`kcEB$`qGSbpuv(E^Dz&kJyo3T{t_{?t__xpdHp9n@ zv0H$T0KECn50R@EYiMldZ&+kJBA^i3ygvVMnTNMhbRUy4+h+7Iez|yd4RnPep4+R> z9b1odryB8ofe(tRr6qiKpe&|@uM^<5G)K5I&Y|o|gc@{}^ZyO2Ny=V{K93VNC-OE zrXf!M?a8sPrGWE_ z0yph6>|#MSmgqrL52#kBW5nF;MGD{P{s0=8(3XM{{XCHQ+uqr!BahL|T2?UgBvrF& zsDGZZvoxX%=Y8Sl&*+)oUbfC}3dsNC2s%!UgBC;s6*+s7*+@{{1@(7;^QsJ}O3B}w z8@A>3p0%TAg!v=fY++#7`pAsqjiDT+q;IC&w`d|va**!%e0ZjIujd7q_5t~KQ!=%8fYJm z&K%ik3=6j72mffzxEV@zc3t!VF+p;wtDzw%QwtzIryUoT^hfZoy_`8K~Q=3OVfDE~x zjFbZ#Nj)!y&4*e+<{jA?^)e15LIt~^r=gl$N6EfoZKKCm8+$T8bE?0;|Ehj=tAwtu zZnctz$wpyT$6~bmtd@J+LdzT88lx@8pPPe`t)eL+wzCKKt%X6OgvCt#cYlELn_0N1 zRI}L#aB|YRxw*CX^ytY~3fQfu_>ghq2ttSqvYa5L?deaaf0Z_SX=y(l;H+F}P`Ua) ze)H$Gw0DowLpI)ulU`l5wy-3F{R;Ji5WJ+x-|)^ua{|Q;pkTTVDwuvQ0~Jh5;Xnn` z@&yJ|j5W4T7uMr1*4hb4Bh$E2FMj9Kc|~lY=%|eNjCGi1Wwpd#P;gEvQ&e8iI@zTt z?V=;p$!gA$-@0srXCVqS2+3-glNao>(_AkFeS>MiWVjI$!Vd~<1240i%q=c1L^4Tv z@Ow*ZS{Ybf98N1tTg|~qony;%>@DC>`f7Etm|r2>Dl$Q?SjAb(hPTL$Sz7w1L&r~Z zkp2I6At^OJ+BMJ^;YB*A$|n;z)*)90hEwb!JTtYSLSt$xwAm@g2M;{P$0r|~$oM~< zQFcrnc^erXuD3r(Z$r-SYrOD&kCuJ<(vy+qS zb;$!zicIHiOS|jGD7g>XO{sy#Q*Jji*UZvv_Qz+F-?~3rxSMbF)2OTh3uG4;g5t}I zDyFL0N**woXr60Zw^SI9=He=^L1l;*Jl$8%ar-BHYu*)HE9rt(7>6K~yA)%p{uqq?_5$NY*>8P^%gS&#O|) zHlWkG*_4L0x5oEp>5lB^{xOVX9=mrq&R2KY9hoNcI#Ubpj`*KTqvDS#dmU;s6fMSTPh#{PR)Aw}X+)@haER+fvhH{pbm5%j zSk!HvIglF~ngum+<{ytMK2Cy95uWn}MtG~6TSH+K#GSgI>zH@J^zk3Q0He+-88RRE zBXqq&lf&u;8|nVo6&lUT9zF{0FhUVUXC=5!8pYlRNfd+P_%c1)6~M^I&*y)SF)X+3(KM zd@%HRR2(Y9`r)e~Hu##JW3YUE17re76KMkI-RqQou39!*;v^3>*?L5&QXt#V*hsN6 z-#s%)&SROy$pH- zMsS@}1_79B?o#V4D_=@ER{u-Sq%%>>y+X(f`hD+iOO8W}iafmKYf>?%7w+fS6>a~i zDcZ_Py;d6!{Uc#psE=i_GKR0^2JC>c%P&D;((bfghUa;Iv~`Ih*v-SAwCc(7H$P+E z9|I;993QD=#6yYR?P9q6$}N5El)@flT5?JchO|k!YEZS`zH;3m+7lFbmvMd8&l-J& z^G>K_mjMCw+=8)wfl-uJ7*0wisAf4C^?!c!Nit%LBvIi@6DW|ss;Fz#lcm9K4n8IW z?Y$^yPL;|&X)tPUZoSN1BCyR)6r*kk#b-mL8uXU zUPQlWS8R?{?0bE2_&$-3rg#5fXwkkpi}gSgG*MfKz}#^BIWd^V`_g}{h2NxCwS6tw zaXAeX<$h(!7e@ssTp9BXs23M)J_9qy<0T^aD1)wj?e%m8Y}Hw-kHS04V`C=?^rO9n z%U}CFQgom2*ly8re(-@C^*xaOOwE4WvXG_R{1AZ~uzDOJKZ)#T(91EmNd**<;sip{ z@}NJ#z}0^o*P6L?r&@ZTY#98}TTD#m*c5Z(d`-Q>!z`r-phvOJ&yU~DzI=Wu`dmBt zV*TWD>f#nb-1eJ6%P9)>m+iEOg)W2J-0y#9xYGhvItxg1yE*bs)ykuaJ)I3X8Sk`L z=}eq+Tn-?G-G{M?@qLEoWOcf&&FHC+EmRsx4d$G{(Kb7T*2#gk^s60$Iak%HSntjALE07k>yPhc+?TVOeEl851 znsux&d3CA#Rmab}JB<1nt!`8}WOk8d?f-;b^H3Wy&EY)2^*fHNT zk;zT)kXpUr{fl?IKeJncpU3^75l?p1==C{eAWW)#PQ1Pi3@r2gd0_ z^meg6aXdg)zRTCsLA_{rC(-g10qKP#_B~1B-jb!9{TBm=@7ec3oPVeD4I3MU+kcec zK$hBl@VbcNxr|ds{Rg-+v_VVf{I$!V;(LC?skV&X6|q8O%}oilb%_}C8a1U`5;8dH z2>`G21g$bmIqlS=%+O?xdgeeP?I=*!$ss1$TMzPC#c>% z88?RPc28-juPYZ5H&jjkV?paUc*(_JSx`xXtuXTN+*#ig@Ff&{r~E90qnV?`BB^x&fGL1-(>++D!k|pg@EXYIvPAq@7iXIWM>l&p7x- zskPf4!|AZ=0Mgc8R&GA}m9hQTg3H|C7^m7*9YaO@xKAc`*)khI5-VQ=C=+=a6xTkO zLUf&aO9WKGzJ{KOux9Jaw}WLV{vP{qZro)xO_9MW;cM z0181ym>rKOq59w0if43xZ5CPu)TMA7>tiTCeqe&$Y2yCJSlkJGdC`%3wHc>YxC~W! zuh>^(2g!q6=3oohd!o}D1uKe(g9fZD*NbArQ0q@YAO>n)G;(tWy6lIf08|Y53X-Q1 z$f@fAF4OnDy&W?S^#L01!+L?59rycNkAnD79mM|9z98B#qKtvX8)6?&Vx3l+k9wv*5E z^fI>&D&j`WVi&tMV!}mg!8}5aZoCPd2Vkh1iN9yzcCQM3&Gcf+{FP6a|C$4G295b9 zwauWbRFMwqXHP`In5T={SG~ZjkxO8<+aR^CEZzU6&_KWFNJGq-`RNly^!D?lBU@_b zWATpkI!U)I|4atK{P!3AN8oi~hGk*|f5zb)e+Ksg&u}AOFl!n{L=h~ZSOhEA6s3NJ05WL?<&x{;Y46Oxbc@yYV0Vx#Y>3? zWRAghNen!44j()cAkGjB4)^cq8+I@XCb}f-=1nHFa4mcL`=7s?=Hqx4QF32r(oJXA`)QYT9M8GGc;-G-`8NuOM>ZA+9Bt_d^eGAU|u%2WcroIE+?NMB>*ae^1YB? z3i!Hct=m=<$r7)n)&DQg#@{@lvvXaJ?gf1zpnoO8}~Hh=A&_)PkYZV#!9f|F|1P*1HfOie+h}&F<|A=1BxqEHrqX59ccskyD0BEUdI($r`JN_ z^f~|=v#39PfYzag)@i?~i@MGvM6f-VF?7YCb)3s#qWc}VOa9GjMTmNHoOiUI^8jT} z?ELqQ7=arxm@~R_67#?shG<P z39zpj)4h6{KD|pJ`g7zRhM&9d0jg*M=&V=Bg*qt|?gI_ME*EV`j}tj`^J!Gf@>6r# zvB`Qb=O2Z?_JZO`)z_x~7$zN$0k)@>GZS{|Gsc@wW=2=CF8L!iLwm$q)5vJ7mKZbJ z3pb~uOK+CGh$UD+;xaFgKfnhFSsei0;UPJ7ALWSprU221s{XlERV;FJp47Q;y}o$s z$H=&}%@)H0#QFjK&;Oe18!rxE&*ggO5-K3|W#Ny{`4=%)(G+HvzfhLd;Ar&@%x5L< zCXt5j5e^4C(71+z=pxVb!K?0>n=4{rUa<>UDIK8l3vI0oQ9F1ryz`cXKP?@D_SUJ< zmJq^=9DsMtjhrPs#jeDOQb3pDz6qN-M`A>a5@jl;7((;G{Vmh*-h*PA$a7$RbagCP zG3z1<7^rV^0yumq;Z4Ut_Y$nz#^q*y7tU>1f5BnDf?n*w1A8oeWg67O9&^WCaLGMA zBlDY(yZE`YFY&jq$uI(k^1|GgXV<(}5zrc=8iMSn{mAZ^7r zY&J!uAYc()O7|1_!(`W>cm{m0Kl2fa!I5X5R%M`)~08b z(H9yn)Dv#}6hk01VPytt@qNd%jY>|R1FD~G&8d2Rl|^NG|G=+dV$<7{Pv}k6fQuou z==Q5$GdnYOnB6Qa$ZwUY#WuP_VNZddFk-e4Z_aZ}q>qWg+~%PMRNg2;tp%D~ZHUBs ziZI}^JIzh*X)o+Hm*5L+^P9s)-ob297{c$(J;8v>F7_xqSG{-oQz@F;ouey-6G}CJ zhC&i=ufCTN@9{C;B`+(}lQS%xk-8Bx!nIaT!n^l1$j=fFLIP|SFy*W`@H*=0MXrJQ znmrhB8nh&#y6uIyTi#mPDsf~J(M8Sg&Td6igE4qM7X}Z!?U9GNjmW;KSdh_R)m>0p zu@y`5pox!jcy%&Zd$5HPvHW=zPc6MrC zGx{hO7csXvL~p*q;E9S4I#Th`dzLEc8iJ^Yf=Kx7Wr5++^`L3n$@4b|N4j}gYGX|i zlnCQP&}+fqz$>WsAjEBsZC zuOoR$upuizfc{xBrG^N{Okk4)>Gd)3~+C53!#)Ln`& zW4tx1$_m?v_%+t|UshRHC{hBl=e0)2)x!66>%FhqHqj>-)bcv|jTG*u=Q>VQtylI4 z*&TVdn7S>x3<@q~e_V_2kcb`lg+a;ygF^q07*zd)N=JQlI)9}jNoM?wwC%w<&!Oj8 zHIc^47l0OxD{S_Be?-l=Sz7dlV*8LFyK%+N2r|GeIn3tmw^IaVZ~=S6NyC6ag&Fl) zsGms2500*MCxzc{>2+Nlp`f8v24~&8G+f z8p<}Nah5(m1$h`2_LP$bEL(l!G}7NdZ@5Hha@fb4I~V%kaje}S{}Ss=?}Go~QtxKn z5%*~B0^otLVKbvgNZw;g`oADN$s$lA;v9qyk;MKJiIWsgBGG)-;#esFUBKM-xoF() zg5KesMV`-FoO)!8J!d?&VHn?ZEcj3$%K4%C^->SlwRbllP2nVF>S988ZqvblFE}R= zd9AP62Ef{>4Q9P%=+#`bZ#=))$FrOpLjbafi!SlSo`r7k*)zZhl`v6Oz$1wSvkcn? zqr1@1LTv(80`p zm)g52k;A4V@kn0ioXspbj(eMfm&-~^-+q?=g1nZ?`|jlN(J|iuT6Gb@hd%~d!FF~} z?bg!1f^pcl*#QE3+ucMK+m{7Q z9KP*u7dh{Ey#06Z{BN9wKgN<@b<#*O;GjgkYib}V^4t*IF_(YjS0=jq+D{z>qWfBB zX$0-{uZ#ut7C4E~E+uEjDsb0!@3AnxET4|XL$(xWeuhy%_9PwtLo4n|y_t5K`TArt zrmOrfB+2g_1PpG~+eh6oX>p7zxBfaobj=TsVT}u%>^?jQAz;S6O%7jUft7h4Wv|BNvimy7_B1dbFs#op%}s ztBA>+9inX~BPMW`YyfSA+{iIqn=D=wb|M)lGGU!72h*%=Mn1X+?iYauSH-tv&!6(m zXac54d=_YjT@C@JYuyVg`AIUh*|D0zQI5ku&)1}y>rDf@{u>^i0Oh$@xl{7wET;UL zlg8OwTJKQc2aK895dJ|HYLu}Mul82fwPt}$AO3_)bHjOcdo9C~HCzd*giOKOSf>Y{ zE&Uh{qS^fQBbhkn>2h(?3!YQ+ zs`rzDvLgWp3{+L1Zrj^K={rSZY>UEeq)P>|v!nwCNYU=DOEn()<4cszTai`X!P4qE z2yE-23Z7x}VGrcclEC#!n|i&m+9>BMR7Y#Agc*rPB>tHW?9#joF%^hmtHv#4PK5n% z+u^2lm6k=*`ZxhmllPK_{RSR-^eM+eq*^@D)?B1o+bk;1ix@yCFa5cYrGnNjc1N`D z^#Z|*@9*WRg85AvW1O$>_pmV7`n0@U@?0z-4tH?iJ)fmn!IyQ|U8LO@#_TA~kM!Xf zd*7FjwC~X%UgDd}AmO(%INzq?Ir*Oe7+t-ZS$4r8h6uX$~6 zfU()3RN^d_46cZz$GmD~&F>f~A*1SS!| z#F7;`P*-+`^r@Wn`^>}a?p_ws+#GdV+3b*RTzFmHI$m!&{lP=Y>%2?^iHFP(Jph!9h3|A5JsSEs{1ma};wN>* zPgGnHEJ~?XbgFGOsW&+dVUjG#urAA~k?Fw2$A= z@g7kM!VT2c4B`0;tZ56ZHbwU470@f~ZL?j6RXsv#?@tG^88_9vzx@gH)yf_EF~p@^ zH)l=*e?b7C!NVqT_dA#|%v=gHvy)ua;-};uPkYIdBta7 zDtDq6voJrsRpsi#dJJDdWJ~W*KHHs<)v_CL9l1UDY`e@oVGjFGa3rmGDrY`LZSrtk zAfwM7pL*0*oSx3KwKSJqCFCctTBnZJ_X`j<(?1AJTicWDv9%sAZ~wnId+$Ih`#*lT zL?ub7kljEfB-yjYZ7Uhs*?W&;cM>Y&R6;h%UfKH~akBT`PUgX}_jo=REqtHxd;Yoa zBhGbw#(TWp`&GUbdc0ikA`@uSsHDoqyid5_Ed(kp)2?&fgu{QusyRvK+P6Pg&^Yl*$7*q*_?>P#4jJc%G0eSVW;3t&V5DLXUe;&YDM*` z=J0A0tI_07GX9LrZaT94L(oqyo{Jyb;z>CGrE$sCHMq*qsua`+$VvfjAs3m~%K(nl zCJfv#%0=g-;3u`V9Y6wd?UVa>;ZIN@@X9;T;UU6)$R9jZ*|;-OmKpb#;%T!lSeO9dEOKyI-d8--xi#AOSRxGND(4NSNeD< z1C-@5X6F*ua0az8RcICp`-YF__JjRK<2BrqSzk)0S2nLuJ5DC_XaB-3wlrQ~FcTuC z2BeN)zdktghBIQ;<0u%>p*(Myp}+44e`BqtP#kJ)<9ei$+`=i9g=tqW>75aE!h+JF z8Cb9D%e&g4Gy>H1z9@!UpGXG^mnZLaJf1%0U_0fly|TpAR8FyijWUQ9vX)4)AR~X!~^FpKWk~8&c}ahcHBLzn#UD)5!bJ z<|bk2D{I}^Bl-6%c$ayu6d($}(DPEoRcub>^k{Au*{55eD;0kUa7>C7=*=-Vjdfy> zPgXn^ErReR+A5>@dA}N3KzxqS{Kimo36QN>ly0~^v?lD>0ZWq7)IG~ z$NYZ!IxZrqj~l%Y4GCoezbU7YUW!pCI4DYvsG}!apGK;cp|#&{mDkn*2o!IxoQr+U z5aF1=!nkHP_Ig=m6;}5CL|Yb?exE}c-hR%!B-O^jB<8^0$#MKaHiC_bvdbf5b^E%n z)lCoRuggf`=ZRx}n;JCMY8{Afert6BtT^NH zyD8(%#V+|%9E|8eXg>IH$ZMfTxYhX75!S;m`A40MNBk_R4X{&$#E5CT==C+y_Mf(FY8%Zp zb8i-QM1JmUrWTT}cz~vueuHz**;Y1dg0~QiS+l=Tqs=1;L;fENEM{+A*N2*Wvrf#g zU9Pw92~`Tz5ZJ#8&7%NH=H&+n@7Ioov@$7!7KCD)yFt3skAYk7wYk)OnhgMMZPPXJ zBSNf4L6>EYlXnAz5`Z0)miXQc^=3LJoN5mA@UZi>|790whp9O4BTW$cn(1KwFZ!eC z{&(NG2|}(-mDeGKDhEZ%uB1loyST^%U>t`O6q9gLf;XQLX~@SlWTAzrI4)?iA%W2a zpo*jV42pr0oxT6=*x=NKxcxD1eMPWo@*JB}2dv{DV71ggq__ZVOn5L968YGpy?@0I z0c4YGl@L!z200sy7=ybwZ6siUIp+3g!MUlLx#Aw0x4yp1tBn&2ngFhh5DxB_th9~N zpbu*x?mirFmi9I!poO7vZU`j#+yLPDld~-QzQ1V&!GgSPewlm1c%bh(bU45k!EW{t z4Sy3X%o}o+;<32r1Pl+ORhw%Bt7Ty&Z&5DA98z2khD8%(h18snWSRE4YHcn6dE>hp zdmu0=N&5~&zD#;Zz__Njz!dy+*Wk(d z*+X3<-FA$hJ=aAA#$h{SS=WQ(%S_ z*;`p><)VI8`Gq_;Xy5gEJi={HRiy~YHGV_I&(CVwo7X>RLCizKXWO;U)p7(r3<2>o z0EqMb7;mO+RK%g+FnwE&aMsegs2bT_Q!?8H+v&oZuG)MdSXCEPq@>6-_R5qJxT#B> zXV;QkbN{a(gpO$$P<2~>ulN4*hztVF0Q#vwuW0Y-p4>58q|-!9pyvAGL|xWHBM{Cz z0(ZfY7Fg3Z_1pmQl%FqApf0|8i??eo4@`&!ZrgoNlX(c-U@^cA2B=V#9G6^rkZ5~j zZLXYVCwcBvLlSJQIJctTkDgxnTCnSP_*_88hHEE>q!!bwf2F$3SwISB z#$yjiLCI_HK=L0I!mn`-v|dNI{WPixAQN;cQe_E=ZwLS;Df}VrnsdqXa*uH`)+;$C zeZf5wTx*jvGrslp^}SeU5JWn)f7#bTylH9@czQrDPG&+JABNcl^p~y>k9|kSv{ihs)ULn+-m)d&o?mhRNjl}gxts7otz6nxQ}f$XcEA8Sr@= zUEs+owk55aK3S1BF>^89sspqJ6g8cSuozAjc>Z%;Aq{8W?f=LCvuK{p_;&AmYf~v8fUtDKYtc$drCy1E5~(`6xJGYduae5iN}9n*YO&*W000s zr9yvM1|NP+CUi=_x2fqp0Xc$_`_2lOE8*|RvPR64`YMZc-+Lm1psnQ>wsYKqw&vAP zg*$n3){`dx_BNI&w>{g#l0M?DMcV3^*_H{VW9{RS(10$jG^D*~QI<>1i=}D)=hjZ+ zi}pdPZr}Djm(~$d#%T;UL4wS`)agV2ZpJVa7^RUG#9UIgLQ>^F)_^?g?r!Z-!s+PS zHctjFLrD^T9jt{#dq@a6C?NPn(3csU3DZi0A6#8ST==vMJ5o4Rw!Ep1UKjR1n~)ZW z+9Q%rG@SwGE7I6y632fmRacuIS#1||E__lhXA+856J$WnS9lH2mg~x!_$m<5G|SMOTF zd|Uc_ryWAy>)wctF9jYY-xvhH^7*KIPpY#F4cvM3Rza^y&GDMUyj#pIi0?|-2}%uQ z_RN|4he`kQrlUA1&^}J7=2TwBhrP4-&sgfpyBl!eNzqZ+a!vJ7cA3wVXah|Yz7Kg; z*z1)r3c&iif|62*@d&dp>3zP8myJ*VyT+_=Kwl{xR*VO9LmTlABC@d)?~~XgEbyNy z4F-*MRFw2B%fxsxarI-vEUhJa%rqrO@8HA5PW?RLvv91+KeQZ-NBURTMm~e6hvN~^ z$=|sE*_rL^#tpsmWN`2u|3~P??O{%^el5x_H~YYIKRQLngyt=uJE3y z+X~e10-eEg(Ml=?qyH)iA*)j$loINkee>V#fKahCd^5~v+ES%K>XYMjoPh#}7@yb3 zNHML27NZcpf?UpOP+V3h0C(PwBd5k9fG3({-y`&KA*?q3fgE!MV6}p;As`4&PYg5Z zK-ZmXYA?K5NX7ZsjmiCAx@9K;*IzjpyALw$%EKR7rCSI=QbDAhj+~KG&t}lv`h%6U zNy_5~&pv-e4m>3Y>i<~Yc^V{CNoKzG>k3f$6_4D0=B^n`1lm~90J zqhP%&BLDuy+{2}sQeOVW4TI>>-!!6-Iq`fxTnlMnzpvb zKv>&+=LBd(^6I-1h+aZsQ%L^xNWu$F0@X}v>vu3E0c2z-4z2}qRpYrQPW8)y>ri@o|`4=DvqBHsG$rmX!-mq43ULg{~@ zY6)4D0I(#p=1qX)LnU}kS~35X?qSG&$TG^>&3E}ja`8y;-ZoB-V~5|Xb?Vv>ngZ*h z-N{SCz)Qu#_jo*yH4R5@KY9V*y9v?@Rk+2kvIhZG9+Dgt@BoB+mq?f?~8Q`p$PyFtnz2=*BQ{7;gk4$ zJM*!5HdWOy+i8!>l9r`E=jPh&*?^->%hMX^w~teI1xzpqx8>P87|>lL0pqsZ?-7c; z5NaXl-C4Ctx2~|7YxZEGOR>SuMQhC@Z=shwXVjbL&g_%l@OFp|vNy~Q29N=9#^A$T zqVF>7W_9hS)eFF|u(dgR9Wa}4ARu{MvGcQ}R^nEckp1{~m8T&}A6nxM+5c?_gJu8E zBRr$g`lJ5ST^DPKE=Lv0jGgaXu#z_^cv{*2JoFb;xB>W2B=+-#{6(}9VK(>AK$h>ov%LX8jwTa zgx>@k+&H`mc2aZKl+mB`2ap}e)=UO+r94M!sEx!tI=lN@C4*4pd%SR0ds!8$n&#(N z>)rv{uC>*omeEQVzeBDZZvJ7*-yiP21)Gev77GK%5S_hy43YP6XIwY)SLccula!`=MjO04XbN2A z#%}Kyp?3oSWBatRwEYi>CSJOgZM^h={ovN&x1f~Bd|tz(B+#$JW`q;C|1Oc_t;fuqVv$$JP6S6k^GISJ3{pOQx-}WHp!h{41`FT;GIUNGuA!W*oZX z@6Gf=MfADW9}%1NwzQ3tD1!TfU2oK z!8e|L+_fv}J?IAQ^PbOfAA${yPrwB;wV8S`i2%m6%%bG|Bt*_E^|BIprsLuma*Eas zr?wjg=QPGPxZ%ksdpCZVY1;X`HSl`9CPJwg-6ioL@(zy4^mG%yrS=Sws5h{gK;t*7 zA@sFZp&lO?+58^=6@ytGr9y?E_%x3_^=Q(eb2}UF4O(Q~MC)JpOD%gl7GeZm!rc3T zDHi|Xm}Z@MQz!Ze_rnn-U@#y#jC;u_IE`P=p;2Qm^>;najeIy&G@m+wC&QbZpNB`p z`!#5lDGciAnVkSI@8wI%{>NR^MtVI5LOn@lX2%b{_6U5Gc$QDaYN^HW?;d`M@;1nE z6`Pt)p#)CN!&E)?t+X9)f4Y{4@c@#)J^9)BmN@B#r#^3YP5#3VbJ{LX1)Hd2Q5Cgw1%aG z61b(Rw}##T=l+N-|IFkhaJHQ(LpyMyHvjCH@WviYrO0r9d%%JLe-obxNNBS6NXsE4 zM*bhbI`H6_*6ve4_bOv`!}_c7Hkhn^xh+&*yD+_gwwVBw$ltMJS(ddFUc=PqwO;E|@Q2;ivYfXhB zlIvkl^y&cJq;T7}NPPkhLeQTmgwu?K&$L@g8NxT);Dj!(LSB#_Pxt3O zaK%Vr>uWZ1tyUP#C23f*%X&XO7 zMATHN%<<34c3+@z5(uXULRMl%C-a)R$(>UxZsH+~qKqL|yS6w;2Up&b`IFrbf(QGc z>qX=WK+|^Z+mHdqG66gB4{`s#6a7bkqp~$SQVz+*e^Tvx^-bXP9r|zn6cgOJ20YkN zy4U|$gptodMxecHZ-KTBU!iUJJ3|4D`BfOEC@6j4OZo$z0nxw5_2&wLpMguM>s2*6 zWG6k92c()2E^KrKkVi;-kc}EB8V;k-Z~(h*y$62xuQyL$A1)GM&uUt<@xHUz5muxB z{{UL|yb5=N0FMOk+9C&VNBn0%mlrJv`#OP`<*?n!cv?JY5l|2XS<9`$;KdyEx{yHI zy(axL@N3pikm)t9NmBfHHScre@k3iVs}BPQ%wvS04*(0v*7o_6MFmP+8cK?8q~_~Pe6{15!G4%>a_Tp*f=rtbpIV1M zhx+%!X;E;z4>YZa57Ja59k6|sGp0#Y-vT5TbDcZ(0$9kCkCae3%qTICqp2=Re~D@d zcY8#H=zFFS=Tn`R$LJ9VE7y(AL~j$B-yHbQ^L^-nl7(VEhj?%asyvD)4q{^lD5{d8 zRcNH`4s3H_q~WJ_Kfq_l@Nf8oQ>_EmVy_c__LbkyhF9-eV{>Rn1$mdjqH_ZruDV6r zjax}Po@IyL0dW6IaI@r5;)aKqO#1;~77AyXN5=u5*J;R-XMIru(yh_LWma)D?;Z=8 z&UxC#3xL@qn}q**=HoK}90DaK9L5Qgw;T~P01j!X9fH$)a7g$pP?cA$MSTvEI@}m2 zZ@p-u#2=C1ye}Dxxdl80ZQNYOxpc%{qQ0RB9h$C(9D#d48f=wB=?_T?`Qt%$veQaj zO%h*?QF+N&YnR2W%XysMN@X5P1MAVoglyNagDW=Y*or)}V%;-7FuUjoutvyiyq_ zu%(x-KlCkc@a4jZ?haPm4BFYS2tKlsXN5@m7)mbt`=MLPs8(%ezq9dQgoruncf=}5gi^nJ zJ+OQsBLK%!v)4@ynbq(iaMMH}Tqnr{s9ZKTH`Xgjem3u8qeVgEtyhSauOlOY&fKF7 z5$Y|}t%e!bw1bO|6XdGd_1VlxcWhcYO(&_pxx}XXvtG1+qf&05H@a1Dty2V@oLQgP zMjUJzzSzx3H>f;4XtC3urku-MUo!ZO%eFrBURp@3vDA4MvDv&gAw~wf^hbLPXYC$@ zHiYN%+1A7cq{Xr}ERK`MygG`vJ+rP}88FSy{+Rs#2y*XU;{Vy^g=h0Z!R9+1JP~+^ z9ZUuzn4Lf)>@xg@VHh2;sx9&9_T^s$_dQsxFoo+`wj0V_!VfdFPGQ=LrY{@>&eT70 z`p&g?9$qaC!2k@TkF+Uht+*aXusuzDa`NZzM&>&P<5F~jDOV7FNI=w8Hiq`>mi3qc0mUIOH^HxNK*VuAb#Y8 zOqwn;UgD#c8s{2GQ&`QDnT286Q|9u;nSCm}NLSRT0@asCJ_)+IG$qmD8}yr_eToGm zcx(*I!ZiI#$2e2hN2$?^g2)|QEP6%Oq1HZIMn+BQfs)zAW$0ML zxQe|?uRZytkP6$Geie!+8MP;Wb(R16Qnc#cQv(&RaT85%yR z2Pjd=2`QxL$%X2)9UG_ZW^v8o?{6HfnehFPUv(w1bMBS@NlntUGF_OFXizP7urV{| z=AU5^SQslF8oT>R`TE%q8WKsAV;^#38UF}r!6HaACL)oVF3~b|iR2Ze?QwOEfsveI zWGLS3w;5n5IJO|9>q+ARi*R9p4<0+yDcJ8Ync)1gXkzJux+^)cv|D9GZA);2O4e;o z-ODA5#hejNmS!c*+#4rC{g!%NP*lbD=C{!d{LFeqi^11zx7z1A{1X^KHNDC`i3h*% zWigKEEZ3TMS4)c@Fm;PlnCPX$C3cHsf)zEUyR*}6dUEu=UbAXdKD4v514ikTb;K(~ z@c|_P9H^&&oCWTK!>|>k%p3DYizJz zwyJBn51!p?sSb7hIO6G^(MT={ObBdmK3i_j92jw9RhB90 zN6+4UXD?A+=j62r7EY7yj~nIZLH1kCv_o%O+eOfE`z1<;i|6AXOtAOi^(SB>ujZ)c5V9q^}MI0}2#LBi6I-{n9m{fhS>l3S%a6PZRs(IO( zbLtA5&ucoIuW?7?EuP^9mQTf)VNCP+fOfs+(8ygf)p(+)nLv4?@%>}JFby8=hlaqajvSL7 z%QEye7(Hz236Oe1Rs`Uz{@)DL-P2JLALKM@N3pRK5woNW5ck+k-7=b!7Fe;IS)JGj z+&;ln$iu7IoY!R0h&->^?c(Uq9^rNfk>HXm0N`)o7&m_t81xF4^4vX0`CL-E++U*B zunYrZCtee%URgWZRl~AjSsNiJ$Z5Lmi>k7Bn@$d)iDkOm(3&9Y==S;8G%PeUWTr?N z^upcA_Y01b3?VnOuTi#ycOsk@ud-T=*7mOGF)NYjh1tlPcEvcv#t!67hU72IJD*x3 z-wE~Y5rl=#&=(rE zCH7x#jl$AGz3M0a93 z+TyaGr7d6mcp9UQ9JJP#pFDnfIUMkA&aDye`aOZWydm(gyBuzKa&r;Mpjq`+FNt;W zU1ccf&Jk+68TEjtJM9mKddDKzpSI9=wTv3_jVJ`uSsxw7Z zMv-C81n#^otUzux7K&S@HyZ9N$DvZxiX9Mr7Jd;_Hm#5IWkI0|DQ`}rj)LJV7hy3y zhB2qmoX4dg98ACXUVDkn(Jj}2mYaKK2}Rwr;gS&k#-bp^yr9q`UBg02e13t#w1}02 zNu`rly*mlQ;8zJ>krIF;QkFFogDJ$AO|C1Gt=sPGMpq{Eh=rtV9i`OWM{hipUhfC| zz5!#v zWh79lc5`hlqv8e=l&(&Ab#OtaJWDKUKa)ic;}9jQPzkP&pfA$oJ~@V5>wKUI5^v=U zxzNAv=$|iW1J@tdgE|?p96)=SZ3yAi*k&RRA_gawv_^~OlI=1yfCOAKB|GrEb>)Fc z6El|=c`^+xVI~SGO8y%b#N8@@#Z2P{Hjh~CpyyGOG)j`?$rG%igjko3!r?8fAm@ra zcNzL_Z6R!KxHo?-s%w+{EwHX-Om-B~Sx>Effe&n2%^OXYEI;A%L(&zVWVkoH*e3X? zrzD_t%2_XhDp1wM9*fv$5R?IIaARw2eF;J{Nlec z$vry%$3X`CDUns|N}BA{r)k7i^TMOhaN270bc5-^x7`d^? zPhItrrE~w`@{!H({6g=Emt}ka55>3a=7s||cLWQgp24->ZjikfHvWerPUFbzlA*0L zDlPzSe3%e4W^szRa3G}^>=9B~Dy*nnZ-75*vI-^%Qrg{yMqVM5>8wNVvUS-kCz@@W zIBiukLTJ-@J!Er=Kz;McZv*sc@k$C0e9!`l3oqb-Wjg#_W(u^-y%cu9wP2Zt!WE7B zI6E#q59WSavFIVEjxArJ8ADEY)^;QusC5M=1q6qQ_4)lk~@jNYM$H! zR2_`)*?HjTW*97+t;7Vq-QAtg)swBm3p&H^b}qH()d=U^Y5nho5F5d&Q&(+Y_JQs? zGAfZ#FHu+lR$*Iw>ca3tr&9+VibP*lz*~@0pztv>=EQ;qOgwjB82_yPV<6db_0ddw zDGX1aMUq6YY&}o9$=Nguv7#*4_MI|Hsr?Ee7-WCuiIN*!+S}b<@C!c z2#R9a(&4u^!s)jy`4vN!JjA?5Z_}OnJaidbpj^M1Zk!7bnMkEf_eK?l*C+pzQ zx?@4&wdq?9rHAZ*-jkxbgSF&0%4XZ2W*Y*M&{hVN+cksOt9BHMKJ|2AVFY-*T9Yn* zL)8(}rpV2%_B&#Iq@C9rG=YI_gKyYz6;@<}XS=;&T{3iVKBDVeHab=}^)Y(q=<)@3T1W`a#P6ZbzODn2z}#XHRm zdwnh}EKGJ$f!tg*j)A8qdbK}C9Y=UAm3$m-8Jrug@VZ)jJY=NchR&96LNS06*_@nL z_d|&vFNJQDp;y8kBq;N+uM{_v)KRKL0)5K1+Z$CO1ipONdAfVnZyB`&m{=_EGY$ul zs#O*5M74}n^q&`ApIDJ^_|@ptM`FJ4<$~hjMNq*iPN6nUh`-{B{i1co*B*3Vqhk!8J}*_TAbB5km6zAS z?S}}}d;zSdC}?gxkreIeMMIGV`XRaz@AgL6w~a<~z!-!bckntuub@2n<~l)Xpp(p8 z*cpLGTu2K@qN4PTI4F(+DmmofVy;L^v2m{K1ie+oS=cP&UBYkS`TEa8ZQ7r?MaaZm zh3b;(OSU~I&=>`^bLSbPZrNWf2PxZ)*IuINT6oP*g3X;dT6Z8dClVi5478W8aoTuU zK0KSS@f{JE?Clxh@EqX^iqDuiwN+jNuP8n|3BPVSAMy%wn38xV)-rLO`TfUeu+o0 z>zzwOt{XxE`#rAhSZ&aGnw{?qT975IMc~un+MggB7jWUFWXC&_IR=^y{fHOlE&q#(Mf`Nx+N93v5 zk943tD9ol(k{S#Aw17uGIk%(YC29+Ey}d+pEG~Pr@B&ZH$KZ_(x{j(2(N}ym1 zRSYOR($I*jH*`+)U%Te8L1nk-E2nQaeAhgf<_r^XX9=pgknspMhSFTCcNHW|8TC|_ zMQ@@{xoda0-GJy6BsRr>3}CzQAP|2SYRl*%4|4n*R!n{LEO4q4f0nd2?1^;=aaJjpo)kC zWy_49?!=c5Hn2L;%wSbW!;n_?5;d`gs_kU4o$03Xa$UmYVanoa?vwH{d(|9hLje$v z2c!yKbKJV>MzPzOo1;eI(qRnjWCP;}>99Z|XY(cM= zs3)4GqfgaEERI6JFrv{O$loXT$JZ8?A{Yo88p55e`IcH+ijNLGsbsn<-yFAnZ=-D6 zZg{Ng?Cjbd5NA8k`!GIR2p9;_XY5srO!{lbC#PQPg}c&iFU1ip2ZZ1vNP#y2RJSZ4 z6|QT93JO~ex=HiV2&!xB?1K~A&&9U5vvl6($HeTs?Et!BK>AP9HGM(J`G4yHH zq(6b};x6pxz?{FhU@`Y7!UsfTPLuJu09Vz$W7Y0BRTcNEMV;5~b^qK6U?O=kO>>hu z2W_#_7q!vw{#8=T%JH7LyiTbG_sUysc3%fAwr3iv_|^(JNrQ7`d?v`M<{({d=}a}= zwi7I7cTE7hHCCw;=o+)qecjfX@TpaLpI_#zqa>jl0At*To0qYj`UslDweR%HB0#sY zu&*fJikK-_D3){D#<608q4sThv`7FYh)S4NGByV9S35`G@=%NsN>=d#P_2;bCf)7c z6XlF@o)){n$rb`mVc9{u-x6ZPKfSV`!*&AUhoL3B#xSr#^me&K3TT8Gn)xX~m-Hjn z#N?7V&F*Sz>_k~c<}SdWAXQop(j-*!?+8E;{g*?mL^@&X!9X_1g(3eW^{qB$odo0R zqTaGZWP?KEG7HXzY&u42IPHYR`eg%A$lgC6koz49D9~(-i)fD42IXUcH`*K#mfVr1 zKG2hSpPgZWp`#51B6L&ZWaFf!3BTqxW1ECkl7Nqn+raA zepUmvu+;i?@5D%Ofy*d^dV zEEoquM(Jo!4;iN>N*GbN`Wd#|r59p~LT@A8*9QioK$?kNw>j`JF2r_B150CZeRVz% zN#?r6Iq=#pY^h#lmA7vM1_o0(+g38ijczJ6V>s=xkeZ%2)B0?cKhA?6&k1QQx8EB8 zZ@=*4{wz#ePo&qW;Vo>`UE#R#%RvhxwP^W+?E~)Sf*o6}bWC~xRK$0hFK+o<{CBsZ z{~%Z$nGTHCe#NaPdmX=kr$@{gnXJ8<*B*ubqTmK(vesKXuNF1Zo=2R7+SI&yQYye> zTpTDIh4#BWPGHpj^IL(ze>Pu@489gLFNgzIP3Cn5Sg+v2KG(6ntl0aPJH!A{m$+G7 zF3}w7{@J+J4S{zOk=zb{JWzhPKep1dpCo3p&Vi`5~#RIFlvcKWmmlkel`~K6u9+xSjrb6h$Z6z zbY)Gc<*xz+nG7L1L3Q~nPAZ5-iGq{i9>nzWC?q7bg_b1t4AFnC5OBIDEHMZK}I^ z2k%|`R|~YqCvGiWtl|WFIOWE=7Gm1Dq&3*jMrEn4q_5oIYolFNNhqbF9B>pQRU4V_ z;?6&4HO#?37p}D}+T6_0(q083#e~1WB6biw^$JM}*|7q>=fVHpN8J_C`TM5#Y zk432D7Rkjr-no``>6LK0>>Q){F&(ZV1E}m}ig=j&yia!x6-|EX~Plr6$)0Pq+%or>X=cF;N+PU5d$$ zrCz&?*`yvjQQ~LSEVLlR&R}cTx3r)(rnyzy%fgR0f(t~#Z*O*olHo{bMAVMyegOV92DP~Pw(W$}- zr>5M|je2LEl-$RIe>Veiq4)A<9}v$`Af!UnS08lnc0oG*pQtxk0=6uy4Uf@OqJ-W}rKY;z-Is_jgC!npQ#*iFxMC)G%oAodZ)HDJ` z$|~a1qv1(PL>`>E!EL~k7?}=SVf~$3vi!Ts;YXqnyP$diF?eVFr2k_jRnVq~oBOR$ zJ9uZUl1MAaruwBsc0U+ioy~SFX0)B@l?$oz;I6^L+G|<+j+2dEm--)dQ6GTp1$k!y z62LE}mq3+DxCU0-Rsu8)zNh>$30evXhJm$Qe(zf8_ZqCms=2+Uq8cDnjVYjgi zwQqhOlqL(`|A)}Qjervf92*%YfdF5Wu7Z6+o5O7t0(l3Fz*Of4a@cvm8Wvb(xp0n+NsOKE?w&WcX9C;8eUlDFpcl*PXgb+Bav@ z8!gy*44_!XM`qw|pO8P8q*-@uc5wkSTqvj-zD5^j-+T@m+fE%GD6NfZ zqiDT0!gGao{_@Vsj@DAD7eHg8H_LOL0k*!;kY>^N0T37sNM7FavB8hx-rQQVq@B9v z6k7CQF#Z40Rj3TY%M3?aN6YHZ2# zg}ULSSM}7nl3Dk9UL6B2gWik3N-O|>e*l8~aRlow2$+X%x4-rE{!1I&Nw;H}ecWcZ zy(5_Kse=DXDDOPZ(aVvS-;3wt-;}>{J*S5<2zC?~zRnE3j|%X6N8CZ;pBtL#+RRE1AhWow&Ua6d5UV0ZdMFc`(rxH(Q$ z4#sV0!K|(p-DNX9tq@0PH>E_!Pr4lP#JRb&>Vtq5dmK&3=PGEtY-tQmFIl}D{MXZl z&fZ2Z>2OW%jyF64pT(bDzvGnS?S0^7FQ{D=BO zf^yFE^w>?Iy@@Dr^OLXE*Y8lWv(iJ;9fV+bFy~8Z>cS!i2Bwsr!HH;NuMXiQ^5Qwl z-Hj-kI%;WSpYF|A>t%bR_J2;95eAEU{#{4k5e)yyS=oM;ur32mjDafGWGi?gN~=%A z9lyU_w>E8Olvu&H3q?$8OY7{XlT*&C{n(6_39jOxMY| zGJb!NKRGec()W2b=GJ&cQ`3c`YU;t?e(WE<46U^hQF_8ts)~a5j1dzOCYJ!{s+{1@ zef_0H+IqZ`)TlMQ(s^etIuCr+wlW{y7yHSJ1c1|pO)T=Rm7jeHROt=oe*|w|rM_U!9=EpO(^9N6S z?$%d}4u*`R(JvRy)Cc&Br@q!ZJR2F>JM9%*ME>csvzLWtKZ%#$f@_$b#>T5L`D&$+ z-MoC6PC4Udu1a&x9xYZjk|jQ_{zO4nZ0tX@eD@)AGP6wJVpOPpUHI8Ea1AwekLWXn zh)ZAqd7=?LZ1csJxHx4S$CruXL|0kVZQWw-&)j43kcvGyyWV_3`1pb0T7X-Q;Yg?T zT_&uX&d@BoaD$q)Q-~<|e-YL9L?9Iv`<}I5%m5$W;a?hL!GZUa^^fWM2Xu^jEiRGY zkzg(oJ6`Khn_^<7oRVdl*DvF$7yasCl~TbY;wN{GVML4|{)CI;=COu);rzPtZ&k|@=KABaV_T=$dlTZz7XmKqLOEel45Jtc1SLB}S>=B5^EGVz^v8b!rGn8qu zu{@_~dF&UpHW$hXrSL>eo~>E6v}3G%jJFjSJif z`Qoi)2s0(W0xbYWI#_9*dis|LI_W7CnZ{E7*zICv>w~y~wdJk(7EkJc#KfD=Y|9BP z8~E*vMy5N{A0W5Fusq`LNmCHNa{;yhEl!*^Pkc8MoNd$>5Vc}Mcn#ZMtQ-!Tzj2A* zA!~DL4y6tH%Ka-;uv2NC4hR~-RDMn{HBs+~Vp_S4OL27W*Hj0ox&%S$^$F=OpFe*~ zk>~%|-Psw>pH?YgJC!#yIMPNLaSy4&Xbk9^# zM^AKkW3ppA#vPpF;nvDFVTqnDlKJG0>rQ!&D|8zg?j??`XQ_aM5JrVPJ1`#V>}wHt z%b4=dTuc((<;(YGwui^A(Q&gZnQnG` zUNSV1X|`S})029v%r0xl zDY%w(F+{A}jp1i(zeEAvj#D02^qJ<4(}OA6H9bhRb6%iO(&+3_No8P6YO!!`i;l?I z0O~eth(=}0&8sBUL8!Twn)3Bw z{kwOIdFr^d`deIjmbsO_*px3dkLk~pn24onDoRvb2Fz!W zw}PeCuu)E3`m&s}vxSFHl|Hh3aeL{sFvch`F_C!du5N?98$PvTxNtHep;9T+HpS{x zgKQMPTP^bbSa_M1nIo1bZoQaiPRVuAjyU7ucK_oCivXWp;&;?NFr-h2mKtxFivOx> zx7t;@XwM(>`F`m4FW3)?XGmBArX?2w8XAz(nLVam^S^Y(x!5CCIs^nEcqT9|J>=Ze ziWJu_Kh7}g9r<-I>CBC7Z81!&?Ck9EF_u~|8Ds0;Lk9&Re)X1X+hbU%Kv5+iGtSe*b>$jcxZz`)FTi?8>umElq$3#>~f$mS{!fc7OnFnq6q-~ zT?^+MrCmRVeMuIqJwxs2p`%*fU~g})7HD)0#-~wwB#nV1>8NwcJ)e#5e$ob3lV=T3>4I9N#J*Q8`v`Xex(r$n$uwwS>KmIVJI;BM@%i zbYQk0(C#>-in-G-e(Df4@~G)gyhHegzYndwdxMF5lrlLgU-jmg#3?6phySIUJD<=- zrKP1c1o+F|#d!{Bj#77!i(H_QqWl;>wO;K8i)eMkP;7z}r##}-$6I3yOkn1U;ItwJ z_%3~!B?G`9PimZOy-96#NgpSN;a5F&mA;fWWW~k4nCruz1KWpF;?aZOdQFJ7u_N&4 zX_KT_csOh-pQ}OEc?o-hm~Yu;IGyvqj`M+SCFfmNqiJ{_G$t0OolU_gA`J=H!64LS zK77SBWQkTBN#zz|XEk45*!8*MRUm!HI2?x4{act1JVxq zk#-qEmD|*r-)O;y6Zj&z;=4M-zVH4y&y^N)z7q||iDQrNp~Kh1x)oNs!kT*&uTI); z4RImmd2Chr@=@5UbP5@a1Is<$kbxj{3qQWaCs#qCrtGRnwvLXDZuR%i7Twr3E2fkb z=zp0t)u+Q=*7^*kTf2WH**nGLs{r$eW1gCt(jmXa2$z@k-;YcDCiD`8{1(?QpO{;m z@mXafhk8;{TDoIH_ z+FZw2rVhQd;&#Wwdt$$&Io*Ki@4cRFW3#hS9EJBJe|30e-O*etPw+DGx5ZR;5>h0e zxThLX3VBc4QeTFHhIbacj}_f*S7!Pc7seVo0>&6MAm;apKJiIT$gbk;MX7=%4Cjw; z?gS5sNRrIrg9o~;=iHDas@aVx#ndoRm}W!pEzzNM1vH!eyd{(QJpqY#kBlcPMfP1xyb(HMS)32PeJZmOiU@J?DmBM-X6|CX{V)p{o44f#8M8f zw`Hy6tgb4pJA-Y-3Z;yWansXJLQ(H1~4gq z$;x`lTl|cFagB(Q%UpEYc9mDuXXqlJe;{_L4iWW3L*I^?^+dPkiSgy?_W>Vnb<~BH z8lY5e9lTm_)RbTXsBd(gZUP*9I8*D@j>P+mn27Hh7|u}vLolLUFtWw>(KVe~pATv| zH^=iQAcWK@snOA2{G`|}Lb=OrVP1RL`_6R!bYbF%$^$nrxLz!-+Pk^gC9v9O$hMF; zo^)@Wj?gVNQzxA&ss{Sq@Gj6*Jo72JE~49$HR`sMcKe{ zb1|7ZJnnj7s%qNfFqO@EUTif0&)H@eOnZ4+seK~$ajf)O zr)KBiAm%%>DRRGd1>8ri87slAVfK&Pp_CYBE6kzR02R=AauXQkpL->A z8GzHowwuYQgZ!_}LAm&UvG&$cRjpsRup%JRihv*`DJ>wK3W9`ybb|uY-3_9kARrCW zp)^RBlqg-&9a7S{>A3GA6g|IhjPH(d|2boM#%Av~W<2wmu@XT9r51#OYj~(SRwfU8 z6KX)H#*tYNvtioAmIs?!)iY0tIJPGXMNaKRrKXKHmbSgo34@N0U^#_j;UOUnCdH#P zX=!O5=u%FQxg+tI=~Zypg~2*O+lVwjY-6rSmwj{J$_Mxc(vM7MVDHvVq)phznr9!| zf6$DijD^MKbAL?96?RmWdTY(DxfmNw|2DFgg1T5J$SXvA{qyUf_dy2M`hx><0vKW$ zmuwzAdi_N4!2r@XuS+?M+S*ge1>9Aed8QOXRhQXRjQ>b5CQ<+}Agd+JhN#f{ zV?CY}G~57UsW!4YvOee>SUDQ6@Ls-D{)S9ma*Atsfytrjq&7LZSZ^o&vvLnLgniHm zLJ9gL0=4V?8wd6rBUzk^x_f(@HW;gB zZ;|naoMU0OKwH(6;?e(rNOu6~fgbt(@^g6*nr1E=PxWB~Cqmeh@!euE)ZO<<3w>bA zBS!th!6Mfuj`Mc-L}aJh+GM^jfS+!@#^?s4H83)=T2N3{rWRb^n4S#aw?*_*RZ*G3 zV638J&r!OgtgP%IA*gyPCP0yOHU0L}R)sz5f$N8~J8r{5+g?ERf%d7_!n}7Evt>bC zQ}CQgGJmnsD&wmtrZQJ?$M1pO!Zq{3T-eqtpP#A#;;dC1XA=E$(;knJ?PDFC*9s=z z$}n^B2kG9!{Z~-HiMu0!clWAlVco6y0OF3UQbyZM8o>PYq{(L8HoInDn)co9vC5o_ zN1QDkX{4_v@`8apjq{f?br>jeDaYZ6z4z?p)_%T?P1|@b7v63_&KJ^++14&eff zdL>>xWKcH{8Oi)&>akvGf8X2sGq)4>5$w3c*3aTJCVgWD5iE{AX?;RBUal-SOa;1zgGq$;2bwPr1-|FOcWRdCrU zL{@`LiirQ+J!TaYYuT+Rml6Z>pho)Q8oZOX{k;?^vS z1Bfbg?E9p1bH>-cSxoBGEGqMfPu8uPFX2y~Fc~D6V{kQh}AE7C8OQ|IjRpQ{G9oGJ^Zjm~PDG)-GEP8Li){>kz`E?Vmj z*dfj!s#tCqhy#q4ykj!10lh1FQhe1KSzcjUVb1El_=490T5wud8gsT|oB6&L{`|A& z?Ujxt{jmK$4J*Isw2aAblUng}o|oV*Ut8psCL7AgV4TwiNWDB$;*%uJ8YeNk*VO{- z`{$vGCtSjpO1a<6bcHoGUt7fXeJbMH!{GH;00jvHR@^|&$M!$hrWIB#*lvOo2*10v zw9$$mWbrQ$g>1bsC74h9;0Kvd|b-mVqw=1MD-qnR>xhdz_9cvV}@x-Kabgl#W*84D0PfO-xbMvBi zw_~Zay{8`)-FqQ;?%FP#$Qvk$lKO)sw+Fy%RTu9?S+-gJisB+Y6|Pbr#po*q zW$MPB?G%7wHOaW$2=dwRNAUS&Wh%%hC=}e>s%)micjJx^W(&tH6cxjPK{xc!f!V`) z6m=gz@MwwTG?Z=0Rg}=JTy=;~#J31;G*bZO_@@YjY_zTIIHtmxzW7z`B!tnC4*Ps zPyhWBElnWzTO-^w82R9g?p>+>v05{FYgw#&$oesNW6A7S*Eq{-)B}l?jzf~WJ@P5i zAKR7a-*RFd6tQO1d@3Fb^I5kvFf|PuaoTFI5f9TBB<8l2;GQU{tkl@I($%F%(9Z9` zyLuV^067(dU#Zw4DcYzczR-quNogfB&N1_dhr=vhjzMD)_RY4h5hOPldC|^EFC@s` zrS}B`L(9aY3PhHI$u3dVseY}nGk4+gq&A%^bz%-X8m=%D4pw_X4sPPpQ|5p7h=a@F zQu&B&nTL*QA?jtiwUDbn9Rp+7Gta!2^HNl2-sCT6v;ZZJj)+*sJ{j| zmk3}%!o&xQKqKNNTkkD=K~^z5tEA-cEau@@uai5e1e)I1bDrb)b4@Rh2{>#OdQFEI zU0f3UKD;Nftc`ADHfVX@ftdI|*fDo^3P{8)Rqr-|chUxAeMZTBDtM3GYrELeMn%4F zV)mPbv)^OQ9H!(~LZWyT5;DGKv)$C%&kG)2^5D2BO?7)EBh4b#H4`hfdaXO?Mx>IQ zj?(MfwP>yGCJKlC zho(Dh$l~1am~WgQ2x?$p&_j@y$4tS^vRaMG?p1%N3xB2?&#pt@b27g#S$mfMb~eR% zdTJ}ii8wI3w#texJc3D$oMLF@TEpD*F(q|U7=CQj=^c(jcNqFV?hq-OZ;Z6vI2C<2 zS-V}OyRn`&Jf!jS1LYSXjko?>^`9pkC_NbH7mvCC0;8hQ*#5#q0W;L%1+KK)kbsT5 zfiz%r#^p0%J55^n&-eV~*z%c>VV*e*C!cONHySH~83jc=O?63?mvJpk9nTGveJ@)# ze0NSa1GW9hDTlHGv}UU5FX=zg2o`wP?OBXz9hYD{L3QT3HwOfzlY`B*%xs>gPWg9) zeqv9AK#tD>FuFZpHd}znXHhn4CP4R?{JdtQQ}Fa!oCeKK?6GNy#vVcIVeym3(8Z?WLw^wfuRtE@2)cXhm;d?c1mpwD z5lPOzZk+jhhg-za!FSwbm5F*eZxNi`-UT-$Kw=5bk4&#sf(?@Le6)P?Qb@`tK1$<5 z3v+(}$ZK|_M=U2-1W?^$C=zJRX~CRZV7)IgI8_ziEvmUa)Z1WCKS*-zZIH_(L)GLD z$RWP5@yO0*FnJ4{`vdyWzVHXRKd${}0Y{{(b90Ceb6FMF*GhDsroAH!!woErfd9`2 z0ebraR$9Bz{EH0`e8!Wl`ATzpeiJbAi6c53AR*%`FUol$(l3xxZ`VeB`0#DQ z{IR5@zs`#nVk#;h$SEj9pFdBGlx4y>JM?dX0vw+8cpFFJLF;-Y2I*aXJ!E$%ns=R> z%XW{XxO=&-1GYds_#>&iySKnnB-enVELmJE$HZ1lE}2LZuvXLrfSi9fp8JgEGzs?G z*FD4jwXk62zp}UgS+Z#yDS~9x7IuB$>Esd7>ua@+go%kd$#itI$bGBtduTc5I$jueVa_rL zc#Cs|yEpb~&(g^q_CZ0k1EFTOjl^le<&y}*chA)UbU8g9m^A2<$IPPp{0GO<_B;g`&~~?wq}t!=Ii>HY812OKrC3@C>1)ko{nqw zup_KM+B<v4z&1DE zl&wj}I6Ev4b5hg%?BZRj%;|<0vP~-UsfO!Iz*H}r(x33wOYQUDw2!QOi~uw^IgXdu zNcZiB%RnVW#pkgOYXCXIqjjP~G#T(VVr{p~Mn1~{0D_0lXfdwS_+_3`(BuToeDkSp z&Z%OU#b@9MmsOG`2~}k5Jvxh^x2wi(tB{2HGP>qeU9Hh}d+1F3mmnj>xf^vTjcg~l zt$sQB@*%P-pmw&sVFu}7He*FxHM};u=HOjW;0IE-;)A9)E#JwJUeUyll_y;FhhYTu ztt@oJVb~Du{TnN5DFQoVJHk1SUJl^YXRP{G_<8=wZa2QP4hsZ;AgQsXHRG{LI;{hO?7S6Fm$xTXfWaCHgD1%Ey#VbE; z-QYbYgpLIbRV)%(zu)E8fRB!Q6%}z;^zGZu!NK$x%jm$sgv0bBZL!0v z*l}-eGb+L_oKj#UJkV(o##K-favyX4dj5Y&WX)op6Is(4n!7$=^hk}#ucJy_eY66o zLdp6fk%cK{XqY}+w21h$YR?hyByU3ME}p2ny8+z%5t>a??w+BcY1qssNMWcT?ybqO8C2o0`YZ($_Nk9c`d;ICcPl`?TgeU`ksY(lcA!< zXilrC{#48o9g$BK1tBgtfz^sMxdborLS+kxG!97$=FVupPx@ojq5WF%z2M@0xnx{I4q~$ zY+c5huesV1mDOzj*YN{wxCxAQy?WBj8^~xQSq)1h9;bx32A3ccWMI9AN!8o%!Z=K& zl~U;uG)4~sL5%7Dc7frU``>7N@zI) zZ{Laq;%l@&_B^dnA*k25c8h_jScn<7A|7Tmw8uJ^HfCV|E`*6)%yEFGcIk?NlBz0g z)j>~Aa#mJrma4AqM;7NyQ$&}e*SH1zPOOFZmb%%2HNi~yc z6co%(!jV$afQd2sYli|;2;IB{^A#L6X5JvGXS(xXePe@66N%--Yzs-mgJ6t{i<{zs z5Hkx41uw69`K(~o7}@jJ_fB%+7ct9!kY@!cuUclDYvxg~82_9S|5Ai(z*1#%uI6#r zNSqj~CiuFt{=m2E%x-)A=Qi@;_xS{G-yS!fxfJ4s_BoS>F}_D<%LRN=4Sc{^)fAkt zI0(8s#a2)b3bbtm+kS?VGwD67w!&YE|5{(Zy%@L5*3<+HHpwloB`0oDjB00jj(d42vnpZFbn<6Z_P^uJuTmYP6Sj$lQ5_waBgLOUWF zzK-)Hm6K!XmlUYL=!4Kodw5JtR*YlxhY#s4{XE-F{ifX1xBe16fogbQ)+tGtg^Zzs z$5t1=t#q|3b=eQ5^!vUaAl<^|uq}Jwdc4J#)GBDW{r$D9Zp-H{@9W}O;C^75qv4k$ z1|>a3u{!x#koGXX29L#~00#n!;OyFV_*YC?y^}#|CDL5BSvLTg>$U$0Cnuz!(+RB@ z<5L1MQAQ4kRFuz{cECo&2wvww7Y^kEw%X^MY+%Iu$||==YtLgb%%ObGDXe|&8j*J% z%jP2p`~61uFR?oKA6Mq*%c2lvjN{czj?>LSC8zz5z)7UI&VVUbMm5?t^A-S|Z6$2X z`(FL)D1p|l0YZsm)HWK1523yYAFl^UC9%dW)b$T8byB3mRXLiZL>n2R7@>JuF;C@$ zhk4teBZ>f`FFVetQX5L0aY7T&#Io4WHx1i%7d_8w7%QR!S_J` zpazSc*s8fNM@0a7;g^H5A>uGPg$N7mJnVGml~-8vD$4eP?!1E!&=vcqOQEtS zXlm;?%l4e@97$5ZjaU+}lXKzl0iIUL5c#J?bs5H|CMz4vL4Xe2u>~lzdkdi1QbBMx z$Uk3HE-i=-%qPdAngQ0gemE?T1RnFA=(wj~%9J0W_Y?fq{d;|KH=D7syiPXz=e(;; z;Sx?|eW*7_R8ui&O!orw2KYNGJdPfjRC{qMyn__18|_-9sVjz`-t+J{^Gjq^9;Ma8MQ=V~4wf zoXTT2!)QdNW*Z3mG>F1-@orv_D{homj=eP)}nW&9}iM z+Q#UMWM*SicoPRl4B%kn;gY9($Gh!VJpONZf`LM~oio8UY}B+dG%RA`BV~(&<%;Rs z%T|2sry{LT^?7);!N&Wq+Y!E50o)nq!gbgyWt!7hgL}>TW8|t&n*>yO#GtuAu39DJC@gSB#2_Lcr)1F z$j~s_Mo&klVe9~=**sq3IlYUkfoV1-d*=laxD0_*xOu&fGQZo?YPAR^cl)~hVYx8b zfS$OkvuGhr-+f2;IBHbUhF5RRw{`rzEhM$-ciR(iaiP%HT!Q;?6S~uRmVY=QcWmfR zEfiB5!7%jz`dqY|fS$m?;V@s!%yj6pQ@Rt;8SY}5CxOpG9+ACyp&*lF2BGE4M6T6} zcBjow5A{4sCfmujg{j?Ras%@;~(LIxo)z zKOBqDQaSN7#&y_chtq;UldQAP=pEagr!vBf!QDTH$Q+w;bAReXR!vDzAjbGh&Zjzu zyOjC(d!bBwiPXxSR05F%>hP&&C=_=nSTq`xAq~Y0 z60kDLC@3f})Yj3}6|;RY&d*;u!IVr7+{>wYpNVRSK*^{#O8PCX6ZsVqatEsMwT1lR zXTV*s0r+j4)SB4c0J*YE_WV2U?uQ6`9M)p#Mv{%CpV$O_@c>JqOHn)RbFCJwFy$gf z02hfCaCVVzL@t}!|A(%}G`T$L?Yo73j~`mP1N4tCoTuvfI~+$+QU&p2;kNgD;$7fS ze0C)KF2NPy>}*`E47c@Fj658@TLIzhf4JB zAB8x1%47gB&^))0%Tp|pySS{5l){%hZefkj8oV>P+x$oQK)QmRN7yg+EkL&(sn^VF zwYz^s{w0e)mB8ixwBJzX0_({FKlXj8H{bl?dVpvXL%X^U?Mm8T{QqlLduRcttPLrk zhL{0uqjj><=Sl)2tNkD>MfVo8w6r8=VUY#Q4mmZo=nX6^ZTo4u6WZ*zw|f%{qTOEu zB91fQO#lw&FpL5NVl^04{w-1lFFWhB3o=Q??L4#reCwaV7{Af(Ts%|{C0q~)E^xQ( z{c}oi*x>)C-ddUzc8^yZHfBY6bjjl$%Ie1bmTJ^LehrfyZr)1-_7TigQl+3~dI})# zQ3t$;I&>^2vLzyr1 z_n~{Zga3c^+oMVQ8{mee%3D>g3y?&^9q^!~FlhfF3%&(|8p=5E2G7SJnPj^@4c_#g zoSJ$!7DT+Ipy~^QOTTgr(xiw^tXzquD z4W()1w3xXdWzs;{acFvdfdvON0gZj8siRy1fcc8$dxl2A(a{8w75BX(PDp}gq|~_W zCr_RPg+$ZE5E2fG*3Z*|AVo$-rXX$~IIVp3n}5Z^Oq5!-t4eENvke=7zLFHNt5Tt{ z&iq9 zJG_2R99Sadpm!i;d(ln;76f!#=~5|s&%wb@OHk>67)SC?=6=gPYfO3q5wviS(U>l|4{4+o{AOH=T~-7=-W>G|YSY~di}{x3 zj(l@_b5mbaU0uENjDB#G9Jwj_i$jtTJ&JyR0FC&uh~hETK}2ElX17kMRU`Hbw0aJt zSLy-?K0R;iL`6kaIymU*pX`f0dD0UrtNF^mwh~POvai2aWexIA zm#6gk+52-R<*MpK?SCGAK6UZUbF*P=}_79DU`fY9&b{y^H zk7xLYVNaByo`5WTD;UO+yaMkkW1iEtsl(64l!BFA{JwldR-p6sBcS%NPHxhXdt$(< zb#$h8_Hez4I|jD!?B|N}zU%IsAcnZSd=JHoSnUOrZJW*l{0+#q@gEesh3dr~#`H1S z$V!Q`7LAS##s2QfijOm0T;i+{HZx+gzWxKr<1SSDc7vzuEGRtRw~_*oN8MttuZi?P zwFbGX4}dv9fm@0}cle1hRQPe&7G{kn|Nb^g^K-O6Cxs;RM1a3XscQErf`8Ao2FF_i zuSCTricA_ zreG4u1itI{`GfBl7)E}@Vn004L*H&TOmBmhb-4HGBW1IRZ;I#x4F$QagerlwoR?n^ zRCuMZdh0=B!T9z~-5$G*F#0yFJfg4am5Yda_Tc5xi}=YfoDW+Hama(|pYw9u3uYsX zdb4d%h@H5x2ZwknK{1|bUwmF=9cWdv+hB5}$*&|b(@uBk5}X>X+bCuSR37IV2aTIe zhpXLD)N`Q0gr;76KvOpL=p#e}cm@9B8^HEa+{BEfum`)~-awQlU-r3!_ z*ySeB0I{9?he{(zX>rz>akedK^>hl z2%Ew0VCK2V_zMufVKHct+O&BAkN}^!hl`}Qs?@61*FoA|RVux#t>T4!lahgY$TUM8G{lQsw5PDKxY9^J^OO3ndMqnddj) zTW+569<9-yxflN&oDKsvk{vjm63{rg+vUXSx|@Q77P_Dpx?`ee>v<$ODxY#Rk8voZ zrI{elo9U?gsMJ<0_Xnt)D&2-^hc9cp@Ugbf6CY$`I*x1V9PF%hYOd}KjqPTGGHuNz zxNAfi_-a?a&$ru+S>=?(R%iBsE`|N+P&+OuBL$;PY@Q?YZPVgHZ+xDuVJWly_<0An zddav46QCXxc*$_Jm)R+gqFh{>cU@#qRNlx@|=CksrbCVd3tVClEh6$xv4& z38fEN!J{H_LNo(y6(&|cbBkdMPWFB5Rd+lQ(JZ+|2Zs+^PI-bF8*?;s!os!~BAK%V__$Q4zLOy~ z`yj|ZH;DW@?gbGl{BOqOD^g{-KZpmpvnzP$v{^v5=b~+eLWyiB<4I!-@`5zZ!()Oj zCEF&7Qo%33WTrk?c-DikG26_$J-npgt+(2*AKyPF+O$V5?AZc}A{{HjrQ(*0!UQCF zw$$>|)cPUa9kE3!q_g zDWzd+dU?CGNhO*YdBP+n`@>@iLrSVA11o33&w{7%JYR(;xq9B-&`%=holx z1{AoHQed`?uf-MhHB=_)9WYGqDN`^P>Zd|zC>}0j?5NF7cL0sO1i=E=JZw2+32Kubg-);n^dFSqwv}?4zxKs z{7T^u^zlK?syZ45KshEs)kOk!c-BD8==iIss7S$eYezdV?$Q!{^iu1c?(y6lf!x`n z?P4Oc%a-zekg;NG@oNs}-0mE*d9=zg>^5|Ze-KDuQpJ^jTiCT&fh|@Tx;~%#4rp1k zF~Vz*2tY$17~x%y>dTmRwkl`QKUf~sPORjB^?ThGYea%4Syfg~O2r`Ju$*_kRMBFh za^LxV%NOI2cQg&Gc3Q%Js%emXt39;!bX&{!pAb3?%u+TdGYLu%2G{&!pn(kY!G8te zkKNR}gSiU)syDLrkcAH4F~LnkbQ~{8PjBMXH8owPNSRGHn@@ow=64+)ux$#VUO!wp z3EWXB;S}@U18<(SA)hco~*fgWjgBjqP3{iO_G6GU&6fpX_TwzRA<{Pbf zD@g%Dn#D#O1BFEGtWNpYpcWn32aBM!+fddCu?FVYz1OXx0P5?VkK>LX;orVpXtvAT zyZy7;%W*ED_Lm~wbPnGo+-*Y&1s&88I(3y_l&HI!=b%17<5x|-HAprLt z#BN7qi-K2NWXCDR8_Vw!-SUCCsg5?;8gw^Pel}TQa?o30Y94Q)CnU2Ht5^C&g#0H; zU!@0m3ZvpBjNK`1o6a>fDVsmH+uM)z6z!^BUod8?DDira z;VQqj+(9#(Xrt+H{*>M3@H79l_{aP3U!l_c%rF0zvuFu|&9DvM7xM=KGTFevf&%Qw zCwH!;9SK3-jRI|#&~l8vCa-M_12?t%+FwG#-@SQqN#V5s0rHo_n(Gd3$Jd&(4w@Rt zbSJPMg=P4@{B!vX*cS`se&Pkjk@+_J>h{NH#_x6gw^{^K8t%o_0Qr8U*Zv^-sS;5U z%LC~2K6S%ng`d90+qIiKy;4S%pd;wLkB^Uj9$+S)LIFRFKK{}LzX<)jFI1D$?Y*RN?ZK*}p{9v32! zn7?)3FqY31jlNkQ|28IU)dQ8y#2U*MPwAS~n~koDi=p;YrzPB; ze-QjDO#lma{32`4$wI(wJ;m-nn0T7Dx5LudOhi(wCQnnUJg2eX0HC?$&J^d8(^!c? zm=4-wKf@6TP`y-xvbhCoY}ZT+3fsyazk1C|3dS%k!#*mCoK zkY*EClRq}ZgIy9t(@%QMHugVrcp=%W^snn++H#fSn^m%0F={>kRz#*bv4#@uJTbQVUkWv}!gu3n)$s1bkKQDcqdOoE|o}J*7xi-GT%zSX^QHT1=k?L+yqYDh%onRuUQCj@oMa zF^ITub1Esw;e#n)L{zt&hp5D9y3iqJBX3~ z$6i27!vr)TAj(!QV=KwI-^QaaV+sLWbr=>XPYU*q8%yu88R&;gi)NvY$9LPV^R`?! z4(^@Z8=zpe8SZf3>jE5LBJJuo;v#XU6tc2Mw<6SI(z7KMXaA5bpqzI!Cx2!1Dd)dn z!xrLwQ$`XMz-rIuw_Kz*!PyHeLZ~OELWhD9#hfguF&-88c_!+PKC1QA4b_5O*v;GL zwE%@^coEb9=7zRxcDwhL0Tdtu(11$SfUI!ympSb#M4spn{p%4ss^PHt+K!ap;ysJ& zLT@RcJ8tQimHjc3LaOfD3yJ^rgYE*(&|(5yUW9^`xn}@n%f9;Wkq?8Q&*~A$xF9%7 zz;puHJ3>$stlurg%X41VW#(Wf(=XzUiw=XyUoAX>nt&7YNE_Q8qd4+_Dj9(tgfb_` z>0I0;ES}13aVrW=K<(}1puRY{DCj?5$*T8lCMTIu`#t1d6I1iQpM;VD~HzB(VDximgLe$xE= z=pZ^Wk(*8Lno}BEeDYFzzk>YTdGr7-!v#p>IX6!F2ghCfj209TDvaHk_XP|z^C<&e z{S%J2!e#xJCcvl!U!0e9@N^#jQqr_tDt)muHJOjA0+FxT48)9Gz9{tB4;_%cr9dY# zY^MMW-|3eNi9>fx(f$P~g4X=!6!q?atW>iVW2NzOHKiY0rGDnYh-OYmXt7I8@^w7K zGc7(*WNhM8x19H0(Hk?!b1ileT1u7b?lj} zog-13@U-^!RJhA@WMS8Lce=Pt7S~0|be;~_cg;QntRB)6V6OFDH~;X$ND|`-V z5wu|CYEmcYYmo#zqn8W$T|8@WGl5V*C2BI07YbxW)dcrD5K4G>wJTl-4!DB#4g)jZ z{_5fDqayXX&C61SDRlw2=zN=ezVhk8-;IRxh`4?apXaDE(SSLRL@}N3NMdxrYHg*! zv4k(@h-V}3DNwcXnXb-W>Kv1tKy5t+{r2P5PD{M#s0m}M#Z3fspA~3 ziD>@wT^Wbz-#gGh5K4H=!ysOv*2&GeS!%i?_Kknngs~)zqc=zSNjXH^iI;6 zkYbViggb|a8yd1t=>Q5MTEmY3#r-dFcjo(6!qCi2kzL*IZXduHk8;$UU|;Vl)@)vs zTTE)Ofxw^_M9?O=z$UZuasRDV(?SEE>FvLo{y82P{e2{}pGpK!szU zD77JXwFOZF0WOJR|CpZ!C}fUiWf_nFXrz_xo#l0bYU|5=9l6L`4Ew|6coDqSn+`AW zq#=~7^!mO0tw?|m`ayEqQB5v_iZ!mM8H@#*%9Iy1rE!ptEVTig>jIJl9=lvNHDg$J2sx+i-pemLy+nEzfZ_tC z%XH$p*=6lMCb`)&@12$3a8FL=eKXv&g)$h**)4dR3kgIH}FGo>a z9K5@MFoZ&{t+-)UFZ8j&4{0M@NgE`R_-oFv1-oW1cJ={{$&Y$*VWs&w1&3Tpe|8U^ zc7R`B9D9QUzE>afe59`R5(;`KqyH&O+luk*DC6umlGcRZhtrhkHtEk zE=HYH8PCA0wtm~yAlsHJ7Ms|AndoUsX|WAga$&{7&m2N^%Yvc@lHIIa;zUg3B6aA^ z!2_});?Loz4wNkz)6N657Ti=IHUl8u0Q0ky#Dp;d`-+G=j-FUIC(3M4X@h*_J$0=) zAMPp7k$nkb_RcGOu$_SEPr7{~jw&Zf^fUW>$>S~rz~H!KA>{iMn&UBzrghe_cK(^m z%~0qz947r<9tz!bsZs%CC#4>@?OcmDR^~Iyn|g7B%YTXpwAR|*K%%sF9%*^YY_N&x zpgsF+_t!7HSxZoN1y~#+#u{zndv5s!YWr=BnnQEpZB5{%hd%sc-IPE>#9P-K(~R_g zeDEg-%6J`6k3F-i&VJq|cIh%VN-Bo_ZtFsiWo4=QiPc8Eoq9NwllxH+u=ce1pWYR1 ztfvxslwj^0_!T!VR}c@lW=Zkv36}2GiT%G)0YG;FpNZwxpY5U;V-4Y?#yi$6Fp#)B zL{g%#j}8kWKl8(z<(jr=MCA{cxFF6~0$cw0A9(1)OJg}>|1z9mER1=nZV zY6lJKX>lZe^p@-gcjYC_$8R~oYS@5{@NF#2zYG8T5kN4Ri{uNxaVs$MuHZWA+colK zfVC2Uz-r+IH9rw#cTk|Nos9$lDj0v$c@nniFIYDOn?&F7>*z9$15xDC>Ds;=W?K0xDvd z<&SaCjb-&9+`#0k*>?7ziqw!Q{v+LiP3T z<`sjF=K=ETBAxwf1w{p zaKwpZf=N0y>0JTrZuW9*?1jy*0zIcc?cz#Zn))4Zfd&NCa=ySARw|bx)me-v{vavI z*sidByXNc=k5?dtyr3-d4l*RUXu7A}FsJMO<^ilIN54)OG|R#sx`LqJ`#sxvwYvK_ zlOjAEAGk^@1F&@-q!Mp`E1lip##jE6&nA`0;3%O=QZ|G6c(1pG2aN4i ze#t*P6j$S|H|HQ&pJF^xC2~EW&RRO$c9vb<+fxL+4BxX>=2&d_>a9(7z9sR8M44s2 z+dqVd0^+k>d)Py82&23OA0jvGfE!Y~{?`qIV=93rFZ!HMR|B!MjYsbmgTs6Pt`rv$ zAgh{Z)hU&)$Y{F^WP+&<5|HmEeSsuMc#x@~F|e1*_SJ@ks;OYD_TeqR-!z86CW2(N zNyzMIe-`%n%t5`U>i$FnMJo|ss*Ydve$tVvl#?K$1{6VJ6($W>-4l}c<7=kEG3y>hS>f*;rgcAaT}g6x{fbEhl!7% z5eMfxUj%Vj|LDF53=-{oK(sxdCSm*|+H_#s{?jA6CU<}wp}!4iJE_W?DU#d`P)skN z5kY-QMTo^!v=jD}2rdlTbd1S>vX#u}AndKJ;o+DCLm| zy`&Pb+g0C`Nu7iS<5L+T8QLbq#a2-WsNuw8HvA<(jUU@*Wf&a;Jz z=R_MZZt-~NvEKQ&fvx-$BT=iF{GXL=KiK|PWn1>JG9B0@<`ZzwKf3iyFMJntHnc#Q zi+*NH2U9>!<@s$0v3(^O$LAvABv%Y;kD-fVxVV4-_F%(8~4Q&gC#;o!?Du zcH^7Q%X*I$Lf$_Yi}^ur%4>fTM)$D3 zcjzw7!)jr;`Aut>2cm*oYOwop)oneMikA2DLl)z&jMMo@f&5Oj88KoQ&~g3FxCP>v zqY+~KVRGV|Ib3I6b`#|EJ#3&~>OI~z>_GWQ2FHeJe>98H92s1{pS6j?F5eWO;3m~u zxuq9ZGZ7xUD@9GjFL|`4Iu>qMr0ML|3|rgs;&1x)la$ltQ=3tgv}b+a$QKz(bywZ) zZ#`EHK9W<2iCN|)lT-QZNxu%6B44Vg02#x^UkO(VG33X8n^wraC!j>&@hlJTM_3cO zQYI(VE+#G@nd`%{7w@Agyk%C+L{a03#vjJD$Nr z8h<$}^KCO{gyYG$jPO>hyB+IAfy%6=@Nl&|wTOD&_laW830IHD*EYAd8p#-qdpmF!B*ug|1w~r2uoMQvSUk-oZ32ou> zC=e1Ku6bGx(X$(97ZemVZ7Uo;=0*V1m1F~DWn`kQI0(=k)^U&NG5C){#twaLSNqL8 zNC&Sz^&|Q~n}m$mRPvRFOkMvkNUj0jf<%-d>(6bQ6%>oI|Aa{rpF_D*FLP#7TlPL4 z)Vx^&^8ZYV|7pJdx9ah^Xnby=pzB(Auz!!Ack_%S^4wIaQrkeo(5g<1HWh3SIPypDs!YCo*5Nlz%hEd~nj z(?Y3|XTd85)TDmRpKr|0P(JOEymoNO)iGBFbkvtlIC|-Ur`+;!KQW%5qZZjXd zD08Q*wyr}a0J?M}t5GoGhRBUp@CGEOYl2sGn>E$#Uh6KP6n?fDLVv8Wb;%@R(5lsP zs@nk%OoyiQZ?Z!l=@@1RwW55@g?)G~R+nWF9335}f8dV&sFOQ(Rc5oxLv3RM?^%=e zg(hbssgU4PnVd$dbU}&Bw*;G?w5;-UJj|R+w z-w`2XkFH;%u+Nm_G6k(jU4r#{b*ZZsbzf3AcOz(_5}JF;AZk4&de03cq(WLwz%mz& zJ;cFe01p#Ex@y4PCc7K`vX^_1O&4busgwLsC=Y%Hni_z~aTdKbXK#x8erk+(c7=p-V_9xS45857__H7@>Rd9Rc zq<`5yJZ>gnMt*e%^_dvbGfHx1q&JD*Nj(SmSL8E!W3A?wN=2N^Uc!c!o{| z$Ev(JTh=`FT-{wN2n4A=FJTLjG{j@xh!lEx2MMq7QlkqmZKm}~Ohta*s8d!&-|9e) zqQ>hf<@ODy(e{^lMeTO{b-;YxE=~k2&ToAIPwwo%>p5x1MC#rI4j@Tj5;*S9q1C%# zw!7P~6+>2RzlLyD-%oj^9SXEUOh_f-T2igl4mNsOOO!S)y16aXc)I0fEp)$d8JC0d z{Y89#&2rOQqz z-^lC_WbmXihu@Gdbx__C%UZGGq=8JdU?&87i#SlWlIlEY{Xnb^ zH8d(*B7eK}A&9kqJF$KtlEHC{`XiC#{H<$(`3(^cRmoB+3w=c?8IM%h7}%^`9Knn? zrb)iDeqItx4G_%O|7Ws^J(TJx?u{A%FGpSFfTIIFgzii5-7mhznGL7)$lw2oTxzf; z*C-)Xs2+0@6x}c1;IId%Z$zGUDFzpdj|pZs3d8;`!{%!L)hM^@QeoghD53YqB-#=u zVU_gZdpWPV{IfKW_Rh<=1mRp0CTj);y>-wit&JP}g^@VqNrJ{LByEev?w6O9P36WN ziMg)+npAmj|KqE};Vlif4XO2my71|Z;>@jm2XUheO-yBkfR){KO{mvhlh|YFA?NXq z=J8WLyDqVMdcl!_7rRR{E}af*L39xcl!#ke>@({_|Ry~CHu#asig$!}FVg8ZsEB{he%vE>y!0}wHThX8zsmPn( z@cnGDYdq7~J+r))==+`5rn)bH9D%R!iPwmV6?w_k>*LtvtYlQOr!t2-b4(T%ipA`- z3lsR{k_s%?MPKZ4)h?ZmMaEPCp3DwPu>BS>=;;XB9T_GPG|5~Q80P4^n76nTs0cHH z85|%o<}D^iPY3zz2gb*GeH6{!Qc~hS9s+l|PDkAAf8`YyETYSQsYIpwv|GcS9ihAG zn%kzPnNhG}!X&G2^OR5YgVAqVy-4;D$H$A~tO%=L-&@9@V5b$VEXaGf1^p^aE zHE9WYJoc>TRnO{N|9K-Y)>JTGl>Un_VyoM?91}a$m;zIkXTSC;g+&{KtR`_p#hU#W zxl~S2*(MnL(DLLj3bNFK@uPc-uZfJb)Bagaq>;*k&Z4S!roeIFI z{m;aF1Nyx8>Qv_V+&avuOW9YLx{EeCq&`lLOCcIZIX{Zj(cB10I69rc^8Z)qNXBuw zh**V8fiIDf<(TWgW+Vb-yxg(j=DR0xk2XDeVL;$Gm->-)_Ra-T5Dpjcw)ItG*@g53 zA83tmLPd!Zv;}SNKdd%^JHY?Sk0HP5!lcE45wB zZYqIvk*uR@8_zD<1f@HWkUC7t1ZE2heoO@o!#Kxu#zV2$I0hpH4;{-sTs4gfV=Sc| zLmeVMIvo3*v|=H0 zQ6i=CZ$ATn{T?`o#L&_EgCbz}wSS73hApBR2vMGT1QYi)hKie-Z!VfCTP5*qHSlxV zqTeni45}&hEZAFUV`~nSjcfW$o2R?p|FV)Z#;B5n7FW_@k%0Q*tg_1!*6x*Lhp6w?=Fn8S6qpeNS#Aj}9?&*`zaSJ(PwF}K@ zCt=fb0QDF&)IQ-vfq1n4pacws&cxoCQu95iZ zYbj=Z$7)623ST~6k}DPz#k}%YFKm!N^tcO8v@>Hj&E9^%;6uA)(daeCd&g?Fr9gz~ zy24YJpYM!^73jmuuA)BxQDk$|>yI)j_vyY~*T0Z!bKi&0L?zNY(_cZ^l-n7KGAfc| z+p25~*W3nkZLim8Z;yDifY;l+L+*BwVZ552G2P!7>>B=#m__(gc$nD4n+f6a8!zj< z()2Glt&@|w4o-?lS^pDWDLAQy))K%^{3Kg#Orc*V&e`ebv>L;6ogRn~V1Aq*>9m3!X88 z0@GsE{!|HSXGgz?$aU<<)G{nB{ESrZ98sd5-`~qv_=adOb{L;@nH%%h6j7Xa=s zCvujMdpS@<+Y$sb*$9 z=c0#euQ7V@Gx#DcBjaCrs+;)E0Sm zc44VL5)~!QzzJ&%v8a8%@FwH83%kAs-fJccF@iI7z-Nxb?V~%BU^s7-Cm!`J=Nvoq zY5pJ5-a0DFu4x~Zk`e(?5lKZv8bLY*LwI=v~STk0Z25tT+n8U&;}1WAkT7Ad7W zq$IyNLB!{NpS8aAtlvMbOF=l#y=TuHbIi=KYu{B^#||`H(;5;*gghhWV1|c4P(Yi_DNe3^90>{leL7A5cVH&T-juOYL*7%ASq)!ftp}GS;_V zw2&2?KhgYar_8n5E?hvr+Cz!XakfCf69Fdw5rdGje$`Bs5z0%dl^^TpgdOnry((8}{|(aB$RKLrY?{YxnLo5vINEuhqZ zL%W!-yCWInI=*gGyyi2PVNv#-|5tnTyN0s*!KO3|rziVRZy@jEUux`CvItburY^rS zSGs#)`V@e)yNdW>COz*e+|uoMRLJL<@_)DlbFWE$nxi$}sDFE#!*pDBF0XuRt&X4} zOy>4&zwPOs%K4ry-9e}1moHyR@MF#)@A?V7DKm4qzajgUv2pTu)4QLbGrPomm2u8p zyc~pFB&78Zg7I&EcnpmY(A`?qMb0mifP`*NR4W4*sHjTyzWl3+dZ>e+l}hNYMTv97 zFRxZwB-nXmV#&GpU6eOVd;TkNq)I9+Bw#^Jhn4o}Xs`3`>BB+!wbP4)loJgRUkrnz z$(%=C2^n99pBs1!?TnzXU9n1Yv;doskPt2toe;}y$pFTeeEG(=bh2Dx1AZe&VN*E) zxnA>{s>72A6U1i`^w818$il`-JT>KSqQb}YPFhjJU(2MI#ay$}pe!KKpsvLF#ib-e z^2*DPUNQE*Gyle|4joGrB5qpE*RIum#KPZPjeAr}uIqYdezQI75`9g1%U$ADxTpz} z`4q3~s889d+yeH!>FlZwU!IC0_37!EEoH0KZ6^+=AD;t5i3N-9w@se?+n(S!=7Qs) zEVVmrfea|5KbeAod0!krhBEufDG@*S4@q+5*qWou?=A`bDvqxUe&EMi8}dzr^ILGm z)S;$9KT~UOAFBxJySDiw{ihQR(>IhrD6pxV#K;I)c6`jgU}&+PgY2OWAF`1!H%dU2 z9`r4pDmZJT<))T|ja#aL?v}5E_P6fRQSiQ>P>Ft}QXCCEWERv?pWeUc|Mi8=nXq1lh8xF7%3hpOGFGQTO{Wf-CzB zO#WhVX{w|KkGt@XI~@m3;|0jN5ZCFfWn7vFl@NT}hJSa%aiIcb^J#f34@7~;R1{j- zv@+xbR76VWx-~(TX5fBL!TuEYDIA9gYYPWZb>)1^c9&xM^T@~VpA5(B8^ru&7J1X? zzF+*;$svWr!eQwLM`16VoSN~PE?Bk5sya@;<<4}MLb=NUEP;Ts{W8U~_S-9Tz_29&6=F$y}U47!89mw^f-he0` z8pkdx!=O(x7M0sH3$au%b~o!%0Y=CnRRTLf^HQ_`#wB#Wk(-XS|MK#-wpFnRjma_s zto?D3ivdDrH-tf7S>&zGwG$hWjN!yXQPeK>86hz#$ROpMyT>%Yjy$Jch^6BnE? zQ3-VHlgbTiX=!df=WwamuCRqoDM^d_!|cwRq`1GCUgS7pBW#&oQ20M~aQYK$M;L*r zygh7yN)TMtSdgko(#JO-pr@=kUf+eIb#@ZqZ~o#AmncrJ_Ha`gZC?JSfmVG6GbOD| z1AVn2^YQBt4iXa+E9PC@&BxEJ>=TPL%MX+yw_QhA{odSvj7KRSdYvq_b$`WpMMY65 zU2RGeiSuUpYwG~;Su;&mzY~iu=fQ0yS+eK2UK1wRRB0$)L>x8}^r5X4^B-KQhdf=k zz#$|i=U+9;t^1V}jGE&lj&_K88N;Uj!u@ic6WzV7fI?3^YC@(ffz~6{bs#El@crYH z;Fy@f9&-peDctV{oYRNa^(n(<61h{N3bF>8(ou)(nMEj5Re>s#NELJ~4el9nTqxy1^ZhR^TNpOTFE;DrJ zTD6_*1y!?h8!q%E636jEluh1+?dsEFu$SkA;x!_a$*;GC{<*wvWGmtF~Khe|>yxe|= zBiZ0({2Ejr|M>Z;O!QpLfY7=x-i!~1taW=At(}+Vg1M(0J|$D8w_1;v-Mmy7C&;=2 zqkJ&reFX;L@|=De{hBov0ms3*d;*RG25wp54ke!}3@?W)lXV!*`;xhZ%??)Trmay= zZVis&l8jDc{ltDu=h%ok45Ejd_ir8s#sMI_B%dY->4K7cU5gs)nMH#0y6^3zI*+4) zLbLAe$c_N*_ZzGc-IbM#Sq1iMF%pKWOiV(zcWWY;GO4_GiP>+65}uv$92p%oxTDL! zz_24$`}V{wdc?AyVl{IE$)htXH09V|`vKTUV*a&7f)Ab0VMdIeEMgwiRBAFd;{7&d zno>KEzJc+%;b>q~O4h{R?lFp$$P}h6b)#MTD_o+r_}$qr-2|d7C40U|>0X^;)|HUP z62dQIiTdTQc?MmT7?~IoOG?z&=D*SNFze2%CL?ntsPYW;{L5xL*AN8PcxrNX_N8AW zPs3N+i9%Ks2y@o7$_uGfQuA-%sh60k_lA6h>GeXfm4An(vq)%Cmm0qZQ#kq^Qd7Vs zis4X*pyb@PHr?ium8xMGRju2v^5CQA;!S@42c;wm>Iene#WX@;UNyOEEvq=6W%MRK zgtU_+e+ZUH%rldXlGHzk*+_g#8m@5hJu&BXNl{6O4yMZSsndz_sHC}#FF7OFxr_nw z4=T`3deLx+)-S}r+=+)BuK%-o{s&Q$jC?Xs46aRkV%WD8T6W~ji54R~$Uf)~Wa#hF zwySSR$Ugqp~?GQ3+|UFEp?Xz#Uw9mN66@4Y!( z8${cOEt}F4cipQXBmf56qnyoRx!yoM#OjrY<)q`su~uvFA;v5hVF<@#0`o68EXr%Y zyhPd104IW?C7k2l5nx!r1I>?aI+ynvV?U;N#@fTRZBlbJ-oxc0T4wV*)+Sk(j01vS zZYxTWsa!~<4FgKg19Hn|w~k^zV)i*>l#f>_&Yp{+>6T#-KuQqY}qaQ4}kH zP5XUfv_t>C+@ALdvL90TmytOD#~Y&NnD-w%XcKn4$ioA7-SHkMd_e3TyQ~)jna*=$ zM}MST$TPYVo=D8k{pFP$V!TXPYn@TSst>z0_#SKNsx#Y4ORDo9k3LG>Y4k{8wH?%P zrxEY;15`$N-MW4M&2624?`c+}PlJ)u467o#hZDEkTh=Y@*+s)7SD1eEsmkq`82#F_USn7kTj}8KOU=j2s(%&dFWB%5 znvJ4vp{fx~eF}ttd9Tj<{_7+h+%BL^&M1?EtUKGWPqf1vXhW?_(1tZ838eQ|JWfgh z+#KR6x%BJMXMn(?UK}E7V@dE$5Aimh_}?T91t5w;S!$aau6)ijCMKrhY(?eqlW3** zW$N}44l1#}GU1^~`UVeveJ=L>LWA>~A@JqP&YtLn>?R7Yir|zq}UFz>|SWD$h}SKod*zS4c*>2a_re{mjeD5@ZbOn%qxvf->>kX;!xR}*)rU{ zwc_K!h2BzDBrnH(O{2p}G+Q5Ud8~WJ=r{I6JHx%Uqlh9AFD^>!9n!%+%eiW@mBiQ)>azOn6}AHm$9+6MXsvg;NZB#$EUva_}=3T8oS1wM;>DUrCI2WkU7mN2l#CM?h;Z} zJxR2PPZqrUsm@|5tyYg+A4EO42gh%KoYpb z<`^L+5_&niA&GE=>+=wetqP*O3D;X|v+9(kUC{O&gw6; zorA-J;!%MTAP}6Gl=L97TA4_lkS>z*RQW-q@bHMl?5w2h{Q1UN#mv$&41YR3^EL#3 z-qrTo_)S{K8xhYfY`uMZSxV}5sQ;S7T%!JJXn1(4koa^I{!~Uv|o4v(utMiZLAY zl;7M2uC%(M?W{1`KT=k*&A-OOmFwB>YUGU6a89wtS<+Cy45fRJni?Dw)b{Y7Gs!A+ zu1;6rYsioOhBryAk|bAt_xlJwDeL{hB8X<|Niuy;BU0E_+xL2kLgLw5@MqIAU(8^u zG%>TTl<|S?kpi`3lFl?nx?*rhQemO8z!)zRlgyUx8GaRNy)REy`1FNRPyOe9SGj^k zk4LsA$iRD*8e9lJj*g31tNeL}*yx*+yl4$ofmFaa&VK)5JPlT+4&NT5?R*(14`RG1 z!Hz5Pl-FMs`&loiWKA_1bKFm+UPu@k}GYEb*{b=H@JZJ5Bv^!D#zj$kzKkFLyW zq~S*^ys9N6kk<5L8ZNx4V!Lw1CyO&{9|TxEMo@=?SUi6VBjQXrISX%(nRu1B)rZnv z77O})Oo@2VcEr?EgJ)r_1`x-&i%>aSAf7#$-A9>4<{fU(8Ed;DSGfd7#fC&EHu} z;@UX9s>7|%IP-Spu?x|SWhr1^Tcm2%v{@K!5k(fBY*t$YH67KMkDuL0skjs4mbsod zq6h=}KT57HF3bG}uM&?yIBw-`#uFD$n07FE9=|OZQ8z_@isCQH7*^qOLLgyj+)H zSeLP6P4?nCk&m*d``OM=1Zx)aBw6)a_NC%y zJ%1TaZHd(@SzOOr%oV>MM>yuD(Je@MM5{oIyyVVKbhaGB-F>lNNlEXbR4vrfpDbGp zcjLG(%B$Ar!tiO&k>r*-_i`s1*0Ei8ndFAz-*l1QTMx_DUYad>rxhjX33=FA0h6N=UN>&jgoMu!8)swVLk`HvEa3Zxi&1kg;znEviI zI&P&-vD`z7Vl^@94=p!ZI z)773nAf{-9(JSc5ZR@RF8_B*1dg@jb%QSNrhWFeHjM=CA2Gs5$gr|q{!MEiq*RTA? z03$5wHF!cf&8yRXNIA6l4kr=1|JjXUwQ{pEh?UBMim!C*q-y+i6rMkP0{f=Qtlujo zxH%axT3+rlb~8Zuq8GNygi`*)`F;jM*B$cZ#r3@#j7&_Q_~AZ|Y=r5rm*$iQSSc~Q zG4*r#TaSx)jnZ@PIukj5|HlDEtfa#wZDaV2E8s*uY0w3EY&3s683atLAGUlYVfLt= zZGbxBEC1^gzmMi$TLH?e&`&}kVk&9#8lLef%ek?OfydDHU{;B_GVc?Q-ZX9(SCKv{|-dBa0T zczaPCMr2EM;d;`GLptkmaIuFs#na(jIvLSqRw6x&68y7443IyhqSs6}*X3Kz_H0IR zSiH`tNNeoeojQS*jQ@J4f6|U{f6K~fs%#TTRl@m>9Knf8i=)&-Ay6A+zJ4AEj(6@x zMRceRhQA=_;VX;&12#ur9esxq8MQ@wA@L07lEUy#LTv4eZ|Q}2Mx>|866=LRB>yIVt0ibE`Cjyuh$7Z+?(@ACYkv#vc0{XV+wb@Wo)`kf@GvU zp<6>Bl`hUbf>N(e)$D|1kJr`f z$Qi|g4S%mk9FG3yRYhg@2_JfHWf-@W9at&lWsn;69~khl$3BL^871eAU`J( z4q$o7d}AMEJ^C28u3fK6Kswuk#eT`s!SLmZie4Z0nVf$xoOVjiI&BuB+S}}{tJKqB zb`kg!n>V`7llE&F>NX4Ix?S~cUbXi2_V+NdJXgQ5B$5Td%#rE+YmO9kyr%uB%ZI%H zAjHykzBqGW{=rY9@urww(fKBO<8CO@>JHbY%8xy?q-u3j;C3s{(6}}EdJEH24_!r& z=i>gPxSl0i4EbES@ZBTUjfmP)yr!jg^BrLXfA4g9y+M8Py|-&p#)sPuXW`GOcm`8W zQ5#%w=#j|uz|=>Dv*@^>bG$<0G_@>M18HO3YUmf-EFVzMpi!twBN)Z@cfH6~-r>^z zOEen{zV`XAr0)^xyS8W2T<`68`(RYZX`kdo=c+wlRzComA}^ANtaI>rpx0M zePmRNRcZNTv2ItUHNbz8ymsJyUL!u#Er}NiDCH?dv{Yd54GuCDNzQaho4&6sB1&%c z@>q+XzXt2`qZ~X(LG(!gkD0)^pLNipKBA0|OQ~6WcR#cE^J)h#c?l8?Yq4Ks{mn>> zFXQj@2CHAA=3`;2v{fT_Z63X2gTjg*`J927aFIR7Bb2*q=st2bRBU{_(jv-zXI0YSdHHkRIAyns~2#XZFSSS zdv}!7V~t=mEmmZ4)pCWr=iN}%d6jGpx{>NLtN1GEeCa*W4|kuqt`2TVWIGL(IW5oG z6G{VFp<9x+vq?a{S+O4KGXF}`q9jQ-a(!)nE`8|!oM%j0hk`w(K(q$i$9Ixrjx7W3 zOnV#hd(81LNnxwFbA@fEb4Ijbd)xKXx{q65o{r}5`|0?}>gwvanXHN_^2>vz4=sm; zNY!o@JDso#n6j4*=lEhduqsTw-7Qj^y*DDVHBX2V#u(_hw|A_K<~zC>jr_(b1u&RP zYQvubTIv^uoORP5wOT(S_4-bEL2t}9f%e!H1XM1@!5&d**}Xl|StU{&UP)%jb5hL& zGUaq=`{W}*b(K5JP-&I07b5*P2uJ*HFZ8tK?)3QJkz9h%c75^03y<4auHrRgAvf#n zAuD{Z`0|N|4{VVDKU;lAo^ks+ty#_;Ezrz%3Osd$uETr;qFXQrn& zKNfzF>r#$ylAoUOI_`+Nx?-BGlb6Ugd)|>h*K(ta=X84C&IC#2QaX>CyYn$__Kh@b z8B`@T^W*bo&Ca)n8pckuf;CS$dKCxw3r1H;HPw|%>8^Kq`K$)8^G=+7 zzoxA^(EU(rRp`ty)qCcs+pb$}pL!~KHoQYn-_j~vqq};88fh1)I%H3> zyFe*k|BSH8g;9xebon@fv#bPX=I>r_22VeY|NT4x6}D;e)BD*O8LeV*@p2mkXHF8F zNMvl$yWXWYq-2hP(G)+P@zfaOQz0y4zH!quoP(>6x~OJdKFmMSqxxWSr^kD+}jajA})Ku=liD}*_DO#wasT8@tb%mwwHe5l+~=*yWiV6&Z4k4qq}#r za=5I`h5wGb8yOD=8h7B$@f!$L9UwYam%rTqYB0nfC?8|(@Mo*&Dk40a&BJp$HHAYu zT>4R~B>MZ>7@mO$Ua5-`M7ddgC3zwnSP%pbX)+f_mGqe&0bKK-~I%PXeR zD8K#8wu1gd`Wp=S2m*)TTs)NU+D7GS^dqxNiKzkkMyrf0db3-KJ?TB=>uy|Ti)tcC z+;>IQS4pH6dD&;ro3MVU#;2gyy04L~-E|IXH+RqR_6;wInv!I-=+WQV%9<1Xd7{iA zZg>epch7rBsu{LHa^b3SER`f8+B`Zju`YntS1UxhM#x8CMq72<<{LAjq$Wy%Wg-_7 zDx!6gQa+YlOvS3*nqrl#ehPib(c-QoqungI;APj@6@jOlP-CfsW#o5SO*y*coMsSx zHuA+g-jV-u=GTxb+bX%@FGk`l9#6Y{_7Mlst+-?HBbYxpuc2SX`K*so@*M;M&}p3S z=jZ0$!N2DZSB+Qfv_6!;;`Ay9uyGNO3Ogo;qIY6iIUPO|+O=C0d>A>yq;lU@g>C1w zPI_+eC zmqfTF5xEbq#qW6heea_P>*14Q>HqEjS_hFR^tG-ZgZ5oVj8JI4w!|+}wUyp2&Q}qC zt;w(PswsNZoX9A^!wWNGP*le~>qg9AnLIx~+sPCTSF57_BC}TpiOGG^Z0tBD*IXYY z4u~eVZC*Sl#MPTY65!VyP7<&Wo3{qC8OydlZW5p_tW+I$05RCR+Nx~o7cI@detcF_ zv>92u{ZFr`MFoQpR02>~C*3<~S}b=&nXIZm2SIimGN;KLdO=SKEj^ap>xsWT-p87F z%jcdkXy(pLcV0a~mlSqn3jW?S&la5fz?2ZdA-N~-9(7?4pFmq{;?s{#`4{VetVWI^ zxcbodD|7eJ21V^xmhT9nU&WnGO$`Cg`aTLu@6Uo?5a04a;_+{-G{-nqWa_|SK$c9H zm;SZHxFsSf+9RV9UH%j01aH0@7{NtBa(Y-@bBg!S&fDN3-n&q{!E z1PjR;?x2@>PN$5$QNxra0Z^s-(*Kny-&F54O@1*N9ds278ute-g%rG-QoX4euXPza z=>2iNHK!fltXA*ZtK410=6ImEkUF<{dH&-^v0rQNu?rRQs9H19(|>-`O5aoviR3nq za4=7yF&m~>$?amuuZaJ_qFGeyOU7xiIQ#)+{}^t`sqlKDv$}v~funN0eU+TsXW{s` zUJrJpEju}v8}kSKgvfEPLVT5g-EzQ9EBGUuS>h>HmN|vEq>SBLUFIn9s%e)OXSI`} zgDEno?OV1ta%*->{4N1#7Q7o>v930}b3TJDVZA`vU2dvJ3!HuAjFcq=QF+g4664V) zB9xuaBMqH9hg>9c&FoWy z2HMV7YrtWs1)0a^+op%D_4Y7O8{vhFD^zS?+9PyLyhl;gf=F*Did-d#@2_xim_g-);I!NtoN%B5B6=qlzkB37e-wxg$W z&UMiH2A;u}{#5khCWa96w17&AlIdz-${@Fhi0U7UguG0(B+|;JefiX~Rjp9@`V8b>GE|$*59#{fI-)QN-39`vP@maWGCwv< zpGkYGw{AQv^k(`_H&1_#mZ`;PVv3b1MX^f!_|;aS?(Xi((}|;1tDQ6JI~5R$soZtQ zXt`l`4mykU+&#tVn`@oLYSwhGFxvTgoN4h3f-Omr@D5mYk97aJu-D9HMLvrWeYbpi zXdFSc6f5D?8BgdP&0Zx6Z07PiQphq;t(OR>)P(0lnjbzR2@Ok!i~fvQZ%FH(ezJcF zT<^OY=;_iI$UI)yEA7FfU|vXZ+6$<9$Rz6-^hYC>pS=pGJBC0ok2B=8GcAR+04$|$ zPJBUoK_$$qX`#t21EY(X;S}X3VLaxPHzX@%NMu~d;NrYd^#UC`pr^t69pM9|Saq!{ zJX-2MZX6%?h2-5xgh!HuznlJL%3?0nvUa|6XunMZiw55&_O|aiVJ+d*>~(=46;xmg z{tV9sY9l1|#l=(0;%SXkHSa_QF7!VYP*=x5VUyyV@ek;3xaA%%haTV{o0T7iI0cQr z1@dyV3gpI@8_|EEA_WzLce82GJL|G=#}{BVhGgBU<9W=rXB34EgSF?npn_6 zPfI>1oO0Vz1(*?fyV>p}BOU9r>_1DczG}@Co|AYSuo{?~_Wj!o)yu|4**hN^pH}?T zR(JVkzTDX%-|!y0k`7prW&BG+E(@xKd7v{h+uQce`R91kPkg3y>dEBpX}?E>ZSLdb z-Z5OJueM{e2iW}l{Q3f@cXul{q8l?RlCh;$xo_OKaowwpQFaqa%F=CD)0E$g6K|lp zM6(w@KEYq^a#xBShV_ zlP|BX5;^Y~qgygDUoq^MBO+EtIqQG*#=2i1m-h+`bDf zu04EeLKXLPx>Pb}NEbH5D&M0Blu`9M(Rq}Pj1To#;^!F>cCZHB0q(ZX6Y9*9fa#)4 z>wOWL{{S*(kbp0-FIqXuoc`<|FVc^ur1G49gcW>=HNCMY=BbN0Gp#kt&dQdP8?b+Q zFI%m}x;?KGvny3KLbjO|R;1eCnGpM!#rn&(Vz{uiM6biO969(g$Zzl%z=CkUe&&rZ zP-v3FUizzf)|$}n_1Hgwc=SA`82;A{K6f2i z*wtC-2*i-Txh6!WPI!OX+*Lf%`BpbiN_xz@7XQUwCH}+7%%r>HS-G(CPl_sF8U#oH(pQPd##e58|W;s~QRA`9;HYUN+mZe-PYL7hBT zN!9;73+XVy-G*mm$2=e7Z#?y{sc+{aIi*8_1z>m<-N>9Kp!}4x&%0xhk4IRV9dUYZ zdJv4RspB(3{nZu|GS++>RQJT{~kZBWG+s2T-Xac@`c;;A~$D;oMG!659gfo z;+drj584@JEeb@2wrE}|6}!BO6_D|mkTlNxTZ#3OiU-Q}*{bp1GBUsI6l7t5KFPuB z)RO_gRydZYa2owB?yR7r;$W|>#Ed1}O=GiaCRX$Idpj{ONbLF;PLGnS7WW-AFsEaqCiE-Wrqt8iXG z*#N_l9*sFmem*NRlYq>kOFYJT2M#>yf?B!zDyLAtVC&8)R>zFkV}c4BJnW)rJrkN? zmIQ6bVZmrsP}3+bZf+BCOaVh)_F6Nb-55Vpo|`3DAvlvlP;kf(Y>&P0)xsVdMa2}J}hs%+I`AS9rF{8w`6sp`I zTdUaWI)47v@gR(BTnFjGLHA*PZ0~-IiL`F}FVD{`&poY3*r{E2Be1vJ7^HTd9Q^5i z{rx#GHBvTKrNc&HL`@4!?QKZ=g+ElrpPXr!7wu7vza|Hsf7mh0xN4aQYa*X)NC`Kb zInTpPs*gQ}(?t`b{aXS&dog=OsUoRWp#~!Kht*>;I$-sn2&-?H^3f07NRUT^SlEB! zLCxm-G|_Zt77e>l=%5u@dBTMfud4}IKkl$vWtHM#m7?Udn!7T5A7Xafu=OQ+D(u0^ zv}$URHAmeI-tJ-Rl;Mo8A4aT-;&-FGA@4ly(Zsu?)-~*cp1;YnDYDxkvK8%M{^c2P zaRDoz^?7zFYoZ?EFZS0)A0#JjRp8AnwAIJYBhCxu!ypvjZgn{ZvgPYsJ#Q&Tf3sZcp9BLl}pIw!~~ zV_HdsSXD$wz49vD5U`qKsaK8>9g`kF>}Z}sg7WKr^X{imm#Uwk!=htc&Z?+;jyP6; zUw886$wH$K=oJ;7_V(t(QeQumVW%y5X1j~8C?$$#x(sjot<~uI3?k9b#kAS?$Qi#O z1>m;gpmk6w{9^=&GcHD=pQcK%(`zL9?Hda&bc#~8#B!^=YP@I{)rxh`3X}OXyD3J= z6S{U#8wFTW2b?7j*~@uogLO@C*|Sfo9=X>BXD|h|=b}X#Ga4 z#$;(#$)_uO)g#$WX;P%2rDa{9kX!AFs)$r^O3E#_l}TC-$3;DsoHU*9a?;&3oafh8 zGq)fy93b`SHpMxSb{zk<`;tG~{hlWRQxAdlce^)RHEfoXW6SiHXCq}B@b-1-tH&E z^_0MUUE(Qt$5s#YETFJfiyXRe(o7(Ggwb70cGl7cKsOM#b0(u51+RRUB%wMX8HWTC zDIf~Wnx?cUHCeAtD=)V`tYDg<+J1!)_6Aja!Na-d8+fi{^|;Su?rHD-c%j=V_Rf=S zXJx4J*K*hxy~xgkSaCf)-k0Trv6e(?C^mNAd4a5;ElEPRr_;KbNqI`%>-{_L6xG$g z@<`~hOk;Pvy&Yn?yEF6*j~rVw#B;ObHtN$?i`}i32HTO6wubbU{-fo;cm^yy@&DW- zgM^TNsxp3Jp*F?jp1&nZ4iqJZ1Rz07nzW=f2*-1*5E!M^A+124CB&*jr76C2>qlbCL6Z=FW+0%%MAjUq&CvilEoVo%{#4(!u z(yyAv5=SsuvBh1Wjxm#5}A;%Fqy?V?55|8G|j*>d=(_pv+q)&qX z#M{H@3IZxfXDlc0C%&7I)J5m3+0F)8XwzvfLsI2<#Sfo zy&)SprGk$^3oVOS8U3PEdtcf2=NmkTA)_L{^9BZ2dauV#!;{U~OcuYfE6|de>^<2a zMnH8sXA@YY#jDWwKWK#;#Q`mWKR65KFdZ!l27(oc{zOo?oS~P;c;rj`wLi=B2ddD> z0UQ~@Y+`RF0ZW_6Bs)VJhv~}WkQWr>?BYA9H9E}Hb7a59a>U>=65|)8nMZf;dnj8($s6z2AlY2}lamI$h}fqF7--p7 zV*CH`8j^U@!cGn#C81DIP2vJs!U}`V2^&vGA)aM4C)UcK*HnPvr2%c+WI=SH55vhN zH9#A(UH^w%Tq|6DVq_I>p(g;%@}|K&}7BGalxa?5NQ3Sb0u$GFLFcws-CB#Fi+ZIu5&73-N-&s z7sw0z5s7h2?U4;NBQE)8x9{`+vO4)tn27|EFpC(Tr-zx2WXYrIRr$@a=yj2HBk9Rr z4E*NP#5lA>Ed-;?`$NP4eITm~u#dyTB${M{^iayFeA;Kt>oC3Vrw7Y|H4(@_=R(YN z2~OJ8ib3BantIp_VQO7=QvTIsgRItHjrhRSj^%MMkm4a3QQgO>D5{ZFR;4Kx1Jq z&&1m<1J=WTIW!?i{0>K@2$50+_StX-ehpFcVHNU{F4HA26Fujkgb8sNCD)6A1JsnC zNDrn~#Q=EZVZAhnR16X!*d>x*B`Zeg1K7hWsJy|hV6&V}Dw4wJKI{cRtoAbQV*mY9 zmj;fUi=!A=Fwz|VUvSb1XassqjtOctWuEn!ol(r|P#JCiJrPVGBf@GIs_^{#*1$)B%z z*22-bX;FQK3OPCf%-1^XURIGS-!uUA5{)JqBl*BzO1P8)CTI+2J$Z2!s5mkh zet3k8N&SWbwBSj&k?y8(d}V&l0B1y*hP`_BU&?IWurTCr-^BMI zn`6q<>^jE`HHzkRadVtrc_d7N=#I_ON~FzHBWp>g8p}XtvIHylIyxx8*{ofWs$&a9 zBwYAyQeimx8{yOE$l8ZNTHl|9-%vng6w`dSBcnNIOLROQ{di2hHP zEp5U6Bd#Igy~0%7@aTcp5GT0P{doVU{n^C*Wdt232=7obgx)AW^Aq>47 z=%O~w*Wx#RqovMWJ;rI|3}Za$9$(38OCwD{EsFt0MRh>cL(K_9f>a7L+F$fY+vq&Y zHT|s_SqL_l@ODHDu+w$DZ=NK}$*7tFs$i?7V*X&#TeH=7O*h^TqMrA` zUHD3ZuSk6Ff8Rl%2?CHV7i4g24Fzsn3Ku@vp_B#QpPg7zsl0=V6n9uFXN+2J_U ziGPhlVIDuLhr#y{#sofVB9-YIs8rJU5yu%$D)e0Z*T4GDxp1xQJ18Qg$~F?;c!GU_tx0OQ}tn2eaxri0{(1<*ejuk;>_9$Nl%Ff$7CsBaq?$DVW4MQsr!Q%Am$qK987>W+k9Rrnx?wOg=PY*tFaUtv0!{j#zdHJt!%sjYL+`P@VYq4|_^Zjr_D@Tdm7F$*|FWV*P`%xK?>_zYCivM+5xt!NmLT z{jItUgpO^83CAA^W+dz!>^-#qg6?XGbtpD+h>#S^92tP zry6%)dWiqGqCrFFNwo>Z?<1gwF*2%8J|yxIB5pI}=_Q;!erd#35mnvgH3nN-LN9R1e)C8#QfqvNO92DRKbB)!Xncbq1?0t#M`Hc_wv z>mvalmjoRK+_<#<>u-B4xVMw`Ny(tD*Xfca}U` zg*b;%zi|qS-~N_;#0M8&M$7_F;*3ns{0JX0M2jDpyjpS!EfPm!tN(t;G6U$I!PoKN zNe?sw51*?A51uq%rsea0c~W68g#HsakBK14SP;PU)Z%Ypr9KbP{|qikg0a@*mRmT* z@-z_yqXW0O+TZ{B>3uaXdnfbKg#4Q6ko`Yi1q*Jij?@h?p`&G|{?ch98109#CcV(A zNEiQFU<*wK*kZVJ&dP#)rDsf$!sx8T&;D~Qo9BS%f$-=G&)vk6bo0VG|6b+TdDjdKOHuG?wQ;wKNYwnq}m1lrM-@x|Y z96RU%Aj$;%&{l7KG&Ai%ir|MY%ElnZyl=~Y{c$uew|JZp1i!lR%gRP_W-DFWm+Won zrTFM6H9^A}$5E7~eLq?qO2qM}KIy5A`xUTJIA@U_(tVrhg!WL+6$W)1i~fsJ555Lz z-$eSik9oQQ4x4xjyPJ(Pn} z(n5@AVdf$^>R3FqD@-v+e#XZ|X&wW`XJbmEmsusVaJRveHuk=kmg*g5=yg*Upef&P z>b^K2I=I^QqP=2<`oxw&W0`I{eI|&ic4gmarH#dX?d0B_#d=0gA_t~R8KcRg|Yiy z2PZn!X&*Zbr$d!EMHty3e5hE)$%OSE!V(h{q@aY+}@-DDL^obGe&*uxj^&>jA+g~gM`jV}G z>BJ`8f0+}^5R;G)`{%j;x0rNyc)!{EK9tM$yT?z-@sFz@^&Tu_n+{dsi2wgp;eH=+ z@2c?u>Us;Y8Y6{vZ1f^hpOuoUy^lK?YUWCN>XL9`=&>J3mAsMVm=OLvRZ~>yas>vz zqZpyx8!1m6IVDJZDoTDQKL6SfJvQ)DNU=CK2yCtI{?#jAxX=-;G(!I_)1SX&4WBi# zGT1fszlKHWy@{NwCi1Z7c3kHpJouYb$W#4$B<#QqYr&TAsWQ`s{5kVSp5Y(l+AR`l(o%K6wF71E8(9XC z)f-cNRSSybOFHP);#ErMK~NWhiPXZ4iC{(co))EOiwqs92Yjd@%df?kwjb2=-2iUN z-j+ihQeu*ntwf!ZcU2p5L+E!ZMBEzBh3jZAKB4s{KMT!s2Lf3hFeSVZ!AFu59O7Sc zlW6g=Xkv?B#g)V8Z!gV|(u)4sGrPOTGIYLr8ZBEMEH5w1iE;MazIp)>J1ZF8e^OrX zj`N5e{2gHS{|d1Y<4;Z;mAMYJ;|g)7sxp0IS+68`VI;52}=q5zh2x9T%t8} zMEnhR51b4*da6H;o~X16I`Zq|8xZ*d|A7!H@XoJA6Ul2eht!w`j?1MhCeSC1tqIie zE}l;BzRe^3@Ee2pm&>|$E`N>s$FTM}bn^~Vc~0oKsW-<64DrPO7WXL_vUD}i2c?p| zU&gfF4fTfQBIJ`_jxSq@ZG++=Iu_DWIG8@Q!}G0hEF|%t`uljw;-kfjFlR^q*9S^4yZDgIs8PUW|xL#$++6>qhvr!Fra$b-I5sTqeX4H>*D zU0(=G+ri$hr{Z_aVScTdg|gh5XXJC4j~Z%eFqRD~;WRqItIQoJFeewMgL#T6XKLX5 zSIuuO?MsCK9Bwc`bAJ|20xgld=dD|;n#*&}z?&F$| zz&@ON<#YTfOyH~lWAHRaGIP@V`BrddAu#FUe$4B+$tJy( z+WgnE;kD#C62bx-!CjEsBLlEwdJ!N_dP+*EqfpXMo-_bfNVDr4pVD?A0x=? zJ-2gk@HU_MMgudy7MkVKoqOKSxt@X-70=TSKS026UP*`nYrMYv5TWc~DPj%)qoo^O z$VfQ9Cx}lvt3wO=OFw#wN;Bm&crw}TP`U|!)X8o-P(tkoUTza;s@lJ0cmJo_Ce;}l zyVv{)TSYL~+697yP=e{4GGLC6`RGXG*l8jyt{cbZJo+2Y5Z$Zz&QGIwZh<3SK zKwujOU7mCBKxJ^D#_muQ&DD%%eL4C|KQTM&9~6)E*x#=dG94Z~1S?Hps~G;qUI{b3 zd*T3_@)lg`)DtAyZ9c_#n5|-~lvty}kqgv_WFeZ(|Lq+97Z!Xmu8O*-jE#%F#e{Qj zwyciBD+DSer0j;6r`U+5j@u~zR@nXJ^FqFvEp*m2wk^x_n{yZl$Qc#~9Lnm>(LPX9 zRi&@o7-LJy%xqf73uRJWdxCUg;hmcS<%OB>gmq?P`3Wz=UZ)}q6+*<0B7pqxFhPd7 zHSW8gVg5U+SRoggzRP0%`5XzG`j-z^+ded4ozpx2WXttFTd7ssZTv5A9d zRFJ0^ZQ|B^=sQOl>i}**G)^?9!`C)H-?0DnRaE>B1$rvdlhmwC*_vlhg#ws^)>HPt zKOp`#+-IE){M_1!-T{^{R_)-mHHQc0=Aj^CNXB7s>sC}ZPq*|s=zT5OSPtr^m`}vV zO4oddJ<-ek3li>%aR%|7wta0=ngU3lkYw;rVEJF_PQw?FL+*z!ZPI{q-m{$#sv!?JTVyV;`U3R5F9>NjVZ6KD5Y``R={*;4;Ds@e z7K*=BhW|G=L+m)8xt_E(lHX^BOX*_J7JeC+R3C1~jJI8D)fy$IKQJIlj3$wvyNs+8 zvR^XQUuyW#k=B{|g`CG?R<#}UDUF9fTH4Xf?hArhjc_S=@3MSLPusLNzT{XISElt= zo`FCe4=8^Py3OmLnZafua%q7&v*++)fw3%H4p30^(Lhp^@rjA&D|Y1P*%D?gFQMwg zJ{57<^yPL-Ddvq176_QR@8hk0*0{k2MK*hB)HOCBChm;DLLZ)#Y$U-?XKE=s$^j0) z<|zVv-?+sQ1OOgn#m-x#j*+kO zZeBL(@|zC-koKR2A=$w{rI}TT?tCA)hlRyq(a-y}$UKr+tGLxt-zaA|m;Zv(&gQDk z*4#T8IXV9Vh)W^z!VKxE*=qtUUzdN7!NJyI*pEhK!|wcLpa2)cd;RjB$l5%nVA}HR z-bS>L0o?`Mt%zf|M536)r$oOzSHTG_>MT^&+^VoF+%i>)1mY4VoLHY{vz9Lh(8HCY z$Yu0Jc7=&;pNBBY;B#wydw%J}9{qb5&D@7MA15`E-x9#u~(FMmw zWe*Q>G#$~gcF{PLXOGC>1?+(6?voKgVJv(*LX{t|k!!H3V$lZ&Md!6-#I55yvr5xH zEn3@k6PyZl@~Ro|SDxf`*iJYV&RrebU`bh;lcRu-Pk;Gx{qr+SqiN|`)9j8JPlK=t zshCOVWm`WsY^}|O%w&}pbqpAw=c!$We6|56Lu)I1R>&@;aPVpg?dZq;e(qJvz6x!; zcMJDX7PVEL9EKmi%w+|U*Rt5+Dgf0-toGjM-R$O@F@h6W=Xlhh?fImSKnRT<9h#-P zMTVNgvsd(}SI zxz?)3Pj3M8vx@NfpTqGt92l#7D+lF20ZuH=RWw^$de?i&f^_{h@7aURT`D5*U*9L$ z?AGwkmKuGLD{$HK=Xtbwr)=`y-3YqY@&Z`u$B&YwHp9%?O0l23pl;k`-Do3`S(OHa!AhCLBob*+RR;}!}Vc%~J*}+HQo9mmo zh=t!atcIq0KQd^>?si<9l3pT!(VGzZrzWgK8U}R+!nr6pl8fe?tV7~VNpY^QPb_x^ zYtk8VDJ~y)&FRGL2^3V+epGC@^ccou18D1=nm6i(k`tJEaeo>*G9G=8dV^^KB{u4( z(DBFJ(>7erOST%G5p5ySWj)Ah}3>XK{B=&p9|yH{xggaWg=2E_b#emwEj=veU` zOEZ-=A7#8*;ktVpiv>bxTrS%Y&{gTjrX|6gMfu(i&*Om^N=`;5%`8=qwnNp2&h>DD zwd2sZ(uUu`PA5wtu{aedkd6hJ;Wi^g%WtXBW;^Je8p=Zy+ zwLXzwb(gYtBr$eBuPj%T#Nwr<6c@MmBc|YQ@f{t94cWx_^p@{~JH)AC`kUYZZROsK zp*mI3QzH!0;z1xJaa=mD8Li?+uA*4Z`i{iOUt4U5)0m`Wr0do#F`4IE$vyU6e1Ygh z;uFGn;#BU`?Ot66r@@m zC`wZ#XV;9uqYk+usPX&)<&=HWi1^A)QtWFc`u?R!lUI4zvVxxUw|oZY>59~~X>5SMFO+AHa*EiX-C7=I=@i}mFyipL9dOdUpla*a_v4lf;`wrst z^vtlp)oS*Ii&@p~cV%Q+oiT6SJzQ9UOx_EJ|2LDDQ=dg=6U7BD3xL<%d>nmYJ{Aj^ zr@s$v-?r1G_D#+2b_cM>!X>Jdty{9{y*ERjzl!W(AZ8M-jk?Q781dpy!R5ip%eb#! zZ97@OAy7$DPkdCzNLM$Nf|2p7{KM+)aWTMUOX0do7UIWYbXc*pTc{IW?r=av5hFJj z-3k&HL*$V8-~4SdtsgGpdy6e?p7>K&AK3oqXq>EH3jFBUXuq%MA>4@Z^H}@NQ=8&!FSGyIs9JIyU5-}#1finCy z7(b{qat^EwWAg-EZy9Yh;IRt2Z&Y9UWZ<PeXzlvXOSS}BJ3h8 z5nN=sX<0EtHEvPXlg?LS4@4v&w|+=5un?v^oVyl}6(VzihK-n$dXg+8fl6w-^5OJf z6Eg<<=7(*w4`+z9rzUClGpon`>1C^;X@uothNK_3yf`F+vM9jE+~PO)X$(thUM{RK^O!q5>3C&8JA zz#DdA2>y12sqczr=-nJH!lj14>Zp`>=-@l!T?V`KGGQ+>faT(rhmx|gO4839a8Hfs z`Sh3u-qZ7a2;+?iE^XFtr8r?Z1WdVG0Cd9}BDL#n=f5dxw6{IqL&@gSzg})G{am5W zD|2{#w<7d4n7{eYF?V8?+jcmz!;!g`f6gBHGOD?cP-~?Z*#xFW0xm^87CJm>Qdj-C zyq2vX&9I5SE;;~|=RiG3smud^u!(-{nC1Q>GgNIGM0QuZc%6hb9I%}c(Cp(iox~zw zM^9|>r27wlL(X`vP!X=sAw|d3qo&ItfU8p}_t0T=V`ry>IvsE_VQtYjH&!;Lc`T=7 z=Ld_-7gcC5L)h8bry)N#uWh_s%HUwW@QWJAmZ5)yl~{O95J4RF#1%Fda$#B?yF`T; zy8?Y-ADauKi?1U7b|iG;s`qvri?#pj%})=Q-h>YT*)CwHHY^%=7fR`7aWYc3-Df!) z)6G0Nd$vjxS7U0_Z&Y4x0j=j$i076rP9@EJMRv{?!nHeJ5$6(KLf=(T|4}ocwKnfn z$@w~;brlMUxpLTTILHj~qSqdb=p1%$es?pALVU#S(Uy1g4%E1DT#1;y>(m}vE^mxl zyC5l-e(6%Rx^2boOdpZGX9Mie$}l{9-en}_;sjW(9cw;pn^sp}$8D@%7?)Q0$}MT> zM}*Got)0OJPJcxi$Bh%LG+y5xbdmXcxkLSCq7AKdRJU)s2&{BZq3IkMncW2%-^H*? zJn7^~Fnn8?4p8f@loZC7 zAt6!G(N|u+c=2{^ZS8HLNdai#Z1S@uuJG96WocWU@)b4)tnc#!E1n&DL~B8QTn&?- zHoVnp_IMwQ4sSg7UKaTr9(4b}G|#PfnV&;Y_ZPDW(@(i)LX=~(d0C*1u-^MWtK-If z*}4p%l=Fwr^FF$jr-0Y#{mC43!LwsfQPpJ1~_J$B^e*;*yA) z>?@^s>su`)x9}NnijL*nXn_5{Te;VG)qfhab{7oNCT)%1v!D0;q~pZ&4&=;}*b;5% zwdwTM$}{g@`}_qoxxJwwpu-12HJ8yF8ynR$4R2iB+zgA39sr}al0Y-0tM<70O+=U6 zVADzhcAQRLn*m8YAG+*cED5*Xt#?B+eu~I^|NNI^hM}u=(9g-aY$`^!-&i44P#@)` z9T_H`CvVnYyWD*E;6c)#r9t)m?VhuNH@w#l_=6|0ljqfLhXb`-#?;C^RM?^w{88C) z8f!0(6?<2a*o=4YjlA_gZ`u;@dbs4OoAthY5awS(j+ko*r3QUxMJHp<_! zRR@XCcr-;D%i6Df{i(SO2V8vO-9DxOczck$= zGQ47$b-Vz5uHPmG0j+R)pb;e{W$}ap05gg^H4&5Cn<4tNAV=-~&;6v&elx(DLX`W< zhSftfu(iTy#?KI$4!yhOEe9!x~Cf%Z4!6guhZhgi^|30t7HIp17 z7HJPd+`o4((0a5~G4}(n;(iz{=U9=svel@)z5T|azHNk*vDZ})hzQw=l#O^5U7%e$ z=4_{tbO822$4K0pP_Oi1;JbJ6-F?3XmUWCjjBV<8kKIVkQb-Ui`NAg&`U~vJKg0a1 zX&5Sg`!nb-+BN=5`~3XmAnv6T>^l1ndbJC2ZWSe;8s z^wMCPm#C=NRaI4ow!NPsmrSsxt;T|jlam+tP9==&*f&_&4 z;e%1r_v=;+&l_PAL&7JGo4#tbAmt1-CVc;%^2yv#rQl;r>mRkBM1M#f_oi0>icKn3Qk zR8N8KPmfo<)$Jmnp^>R6KF9xps^JIDfI@xKM8QYZ(U8s+U%7=4j!TbiHWb)73_k9W z$~yIJqAfct>Dp66Jlkj~acADK0w6fsuo^Z}e%hN(=@%$&H%&_7(t0X1LVobnqu_u$ z%%#8o{QKM4J50b+KfIBewJ|bQwhUlBxpzBE8B%Sf9jGms=ItH4Low^;uz;BF{eT=d_OQJTVX$hi5Bx(j)+@Q9P^c?%;bv~ zI5#Y)iHVcF)8T;&0-F+Z12~VriPO75o}7ZXh$%=3(J*|$OuF6-T^c*YIeuo3?J@sR z!R`2=>%pd;DH#jVvQqb2qyAUuTNcC73K0|!koGqsLUU*W7k54E%Ie{^@>9goAeHoA zS^{V(u-!iBXsk>6-7DueFJIt9ts1;%_nvd2KIi@kL<8bb5A~Y;g31DeRi|uMp-+qU^sWIF zf(-eVi{xtM+ZN_Zn|mK_N_n(Ssh+PE4Iw7NdG0sXtV2kil~^!#sN)N_K{O0d%-pTN z0uzXBN1;DGLx zi)hEV)S^agdEV7ue2Mwr94yOA%O2CRqGVC6{-(v!66To&xTb<2?{a*#D0qDWAk_eU#XTe&V1=;xs z>A8UbFq8?HuzWw5IjoYJ>P@Si54qb+POzGq(Q?0gB~xQ_j&{iABJ~BhUmXUu5LM6g zfN{&4*WxA^I5gPbVgR1}&rst3zuRi^7L$@Pwpa;`bIl-^$%%T3=79&wTnZBp zR72D4AJmy+yKbcC1-FLbV{I=?4SoRRG-zv9(Yd_yHERWRKV7_i%QyPMa@5Rz;v2~5 zlwaz4h5$wa6cDj?cXx-qfB%Xc`6t1c8f)d%)dmZTi%hJna=#`gnV6ZSuU)&wC@ehk zjotk5sd#`7`M(N~nThNG%h+}I`uyOHZj1=k)1G*4*VcY{>Q7nNSFi+mcq^0I!bI^GrylbLKUaR{S|Z`W?yA$#$< zkX`5GjLclHe4L&a_4Vu5zKH@n8sLF`cNFoSI+=6+9XJ3+G5^62-8cWGqWMw4#&|BX zWZi^dl#5>(*PdZr+%T2xKw3ubiu#6U*d+wp7cX7}p`&~h=g@5CWWiq9_5Wxv`+taqfvTR` zB-ME1+Iz2BGmAkcBq}6q1>^Nnen~b`kLWQlUFbxaB({U(?huQTRy+}Gg#m0Q4s_E=WSqC zc`AVEhSvLGUs5w3LQa#DHRjxkAEkWt6g`K;G$0+A#{lz+=HDBNx{7KAdzmRPI$2j< z`~-aweE^1$POUCHLPNG3kEUmyKfonE^_mF*7^$U2m${gVN7w)3hecp-U$2}xEP3nB zW)kgQ-c0%jHX?pwli{Olk1O;Jk5xn-$e3;ZIlkNG=ZA*w5zWsbYyjf=)XdELiw@M} z2wg}-ot$zy+0D;N3u52O0-cvT+eZ|zr)9OZOIX#Hpc!B?aa zOXJ_G=!r>&bPnsitK;lIQ$lsV&)6FHC_ZmPtfyw@kwP044wRuKu%8wvpFJ1qrm{;Es=E$8V2g zn?fzf>gCZ$uiIE#{}6@xcmESpXap%pB8)ydxT#?Lh;{!F{{*LLq@X+0VX_z>orfIY z>;ZmwBw6rpmo8n>>*5FIWB&yl-WRV<2eR02%^;6(f*i5qF9|r@kIWfl2nGQqr&LW+ z=bx8SrWSQh>|9Yp|Ks2>gh8+RrK==Cf$^Z3YuB)2RkltbJON0uQk1s5f<}tLafxc! zScDS7Wze_}wb!7g#C`lG>xiR*XYwUw+R?CIkJ`G792zE!;;B1sqBL{o-h}b0P2^-6 zdvUHKru!gIbXS4#2MRDrOpvUriZaWu0Q7XOFIeycsS27ZT32C8FbG!IKakzk(su6B z3z<%vmpoQ2YvKxx)HqkJCA!|~llqqVr2vmUt5cIc#s=}6`_^BcpWj7{qxC*%R#vOy zW9ljnx;};+r(oO&zL$Nq1_2Fwugz_3TVXYI?L3+hFtuGR{MX&lE28<@uP)4mq9Z5I zokN!(wYW$l^8ue`JE_NBg)gA_lDPPyMYivpA$(H_;ZX*wq;*V+HZo zU?yuDBWx)yKJ)N0h8Jm<5XIuphorars^}IwyO#&FO*{S;w1Gi~@eGX{E0r}L-_w+P zq<_QKhSP!2s>+&w@l*o-$^wQkn2WH4b~z~E6LhpAuIzc0T7hsNnBQMfzSIQ7I_cL7 z)=j6RA4z#XU&Ql1pCUa-PTA0pz0y>a-f7)WArtHf%@!TaRugna#>CX;zriIQ#d5_? z56Vugt*f~&Ptu_2c9(HcTs?GG&+^l`^|AmRE&)S`7Zwz8Q=)7fQY!k$Eb2g!-N zzkgXE7ki9fj7u{+E30KIi8#_W#{!6#R((OyO+$E1@8pgNzVL5IH1f8rC>9hsZEHNT zjc36Why$jHfx&1_#F3gARNHuR*jf1HiymM{vsO7a|A(=N1Fh^v1o%4e(9qDSuI4xM z>OO3*P(qkP!43%j!`=@xGH1akP)|uek#p`CzNz(Q5~+6wtZO4efewYmY9FsLq|kHe z^Wf6#hsPEmUzF4^`CSX!IC_5QV|dvA&9oWwndh!E0oLEMM?N7=uDE>vB-icjfa@w;xuJHaAvw-s_(5NHBCGa8gJxgq-5ruJNzt9aioAQUn#^20T{_Y#{ zx8FGYt|B(`F2Z-8Z^_?M4%PS{DLQ&0B4B3G9++Kb$0HiZ|CPI2H)Fb5&BZRNcVk#= z{6=FV)Ax}Pkj5BoBci3{47Gn5)?HM0f$om9&#qWes+FX5*TRE`CtnN_G{^8e2vHSi zstC~ny2l*9p0i*_XQ)Jtnp9lC$q7zqgJ#|A)4S7w5C6#bJ$P`9Pmzj2M2+}BPwd&h z&Ny1Cz5o)?_5zkOP451YQVgiq68Ddop3CSMyc`9JXzXg3@Y(j`*Gocn+$N45LfuT^ zEG=BCN4`7{bxO<99E4AVA5@?DB8Dt(>4HH5^d_qQ=3_(G8%=vJ(~w@pbPs^vs0@aX zEbx+q|7ehMbC|L#g_rX#TjT=#?&5iecH!CJOyR@}T3vUORC zZ1)}@u-~t}c=P7A?%~m8IfWN|51ikfwrM!Jtip#TeDqE4Wib3*f|u3Dx=#;ItWgIs z*!_joL~u*y$!Fn9w2wiZERnT;`#xOmXFLqLJ*l#u@xHV)of2oxA9{Zu*~F~0)hb=@ zzXTn6?FjPx%7))ci$Q!YZ<}zn(RcqjT~k`Z6YfXZCKntKzT<3l)%(YoFw2>f6oo%M zF13gzCs%FVJ&#nT=3wnN1Zt!T$Z9YmOLXNMqx7kycZR5pNv5Wo&PgJYTyXPIsn&4( zu8Ni^Dr8;bUm+Fu!-OZ~z9XgDZtecHq0~MCY|AHjdl-oE;{+4J|EJ7AqZXh zENe!$aD}QTh*^i}wnYUs#n~3w#Ync{KHnb|;R49&8AwQ2^AGFo-OWdhD0u0mJ}I}A zPElTmir~fT_0V&YCZn&jf}k5s1SH&ZXi^~O2QmyK6USnb_WioI&MFjr*R}lpHCA09 z`?vY_nJ<$u^S~a$A8jjdKcVk9RiQKTO~joFc2?a6|6YuQAC+xeK7K>igNE?VCR@5a z^))Y@A6SPb2^Ejw|cy%dHC%+cUqTP9ZbbT z-ocfB;hgtbe`w zBox>dpO{*34H&U&w5WU2p7<{nME0)R-5n)VNK2R(4a193uzt~g`CMA=9MJBRifA4nzHxOmHd#wpb#JBUIg{4=dPMl*JURjF3YJKL4T z{`P<98)`j%k0Hd~#p*i80Q!g<@e&Qr$^k~mv&GJ(lNC?I)qfk6nf~(mypzxtJUAKo zVAVt*5O-CDxGA0zh$Pfoqm{sBagRox>8Jr&qX|BLE_hT6ASP@N@4(M@)^cbAQ;*wZ z@V`h#^b^J)f;rkWb;8HDn+y)*>-77MOH1X~M0D~vMBM(fW32DOQzM*&2%`CkAzzxr zlyA~)uBPdzbs6A!`v6xh<~*kb8P2t)Ch}7*0KJJ2q#iE%El>X*6FPkt7#b(|dUEwV z_Z@ZmiST+vAhzk3_&hJlFFoOii^~jP5c$;nPwF7Q#~7bKf7Y|IKd5<(mqK(R`2QUB zQ_uy2A7@VC@kKP7>Vj{gyIJ>@pCRbDj2Wd0JA4}srnSkNm3{5&Mnq;^DwZRurZUWp z-?{%LFX!lYf1})&9X`l+s3N2l=Zo+iy#^8-PdY?=ex)2trPYNg_vP9~P5AnX%J?`9 zw;w%xcp6f3`_~I4EJrM3hqO+Jj!uD0y`st`CZwPa$eA>J?o7!9R}xqXy_o)93d`_g z_iRk08T5ZkoSu;tg&5b#%GrnO5;Jm^E?ae8#s2&hdAO+EnG+W$q{uR+5%ZG*_mw=a ze8pNePJG!4@9$yLL#;Ack2skn>cKp3UY7$E7?>QU7G3anTamwIgSH9-ud1Zm(IEXK zGV4+LrMRYZ<5$?@{&E9(8896{Q0cyc#l=g$i|^+*s<3@n<;OibCnp>{UtokNdcIUW zL2#bqoEq&EMwigRC{R)_nSFJV=j4idf8r%z1Unnn^v%1O9dXac#bY3|Z{YZK3?{PF zr#HUu>lbSpKv-UEL+mRZB$46t{OUu%ZE6y<4t{KD`CatSZ0`>zv8_og?&7QHzQ)x? znVo%9JX$i(zTT5*CNwwt(fz=S22CAjuHm7G9W@A{7Z|Qx`&CU;$cp#r#Mb@Y1awf$ z&R;*FU`_)>x^Ix(SA+7!M1f<|K(C-69;a)u%Tojm?z%JTNwV1!E2*<=5DPc0TI`w^ zM%yc2CpjQr>cJ%vxRrnX_SM3c@e&0E zE08_C9i70pn<|AjZ{37K>NAE9#5~ZzvYf+@L+3ylCINjZZW_-uw``;0I`fWYhv6H1 zP3oPs*MHA&SrmOgz$I@^pxe!Pr>)^q33HHf0x{g>UyG;@)KO2&&eV!Gs5WBv*+@ro zSYPw$Gr-YA8tQ1ZiS_<|+4ey!xi?nxP9yBWN{CM**I%K6%0yyx_A=@)=LFx3IQO4j zV?3Lm+mzmXWlY&% zkJ`hB4;cjo_3-HyM?qFZPwU^;D!*9}dy16(Y9fMW+B~FMDIO8W2>< z6n4;ck%g}}U<@N9=uydGXKKwpp(V{5p#`^Wt{we;g{X0nHF>!gA^q_lyS?`|dW=W% z4vjEFR(JCBi^+L5gR0&ZvWpAS#x4|oyn=d6FER^Do5&zzqnzOIu{%ap62hXqL$me} zof&#a2p$gyxaW6n0IXj+`5U7AP;uvFUH6qZ$&73P_JW(LYWmt-;~#h=c|6mGEFw5i zb_?|h;}DkaT(7Zho^FHq`QSlVWaP|#Ju*!|Z=&b_>(|4KoUCx}OAvKqU_fU%UZi*4 zC=f*%JtHIZAf^U6q$dd7JOp&Yp9-h_!7h;c;Zat3xb+n9`+mN+F)QQ4E>dY;{5+&a zV7wPN#wYIXh1a2l_!E%=UP+pBaMaUkYB_m0zUswD)Gf2PKEX(z!Flsy7)hQWXe-7$ z6t#{zK<;Ptm7R6(BJ>I5v{r4ti`mXEkibr-^D{OB;05=3uAL_`cxDKj!NTN;KWCnqyqyY_UVfUcV2U$nNfDe9*P ziKl$c#SJ*Li}J^AyVsV>*xD4<1{ldPOi@}+^vM6)Co}h{h+`)~E&u!f5|ci}zNYX*ZrIxkD3D!#sI{Q7V9O zl>>|+NBhJ%xqouk^~mpoMytcjc#uKiVCO#WRlbKA8a4?tok^jd4}EVjSfavzV))9* zua9^thz^w3DF(rM*Q0Y026xU#(Fd+XNd!o3;L&ESM1eKkht{+Y)@1MQUh$*9UtUd3 z4Gh9|7G`#{K0Y)LJoBf}2F^nD2AL4)7hs6Bx6v;N`%GlT)g+>`0GKw8G9#WPs z*m*%g0k|%F5|KfG_Yvrdpq`Em=M(yag>Dfh3A3qLS<7p2@CqKJsJ*!a?ze`-4@;B~ znZK`|CSCH={1#liJ{A`$x=v=kFUm0tVF{tUPENRL)!A4CbqhMtQ9xY;>9&%R5;aZD zdus#oVg!&)%f1fC8m6YEPo5$`8blIu?Q-q^T8}i8>5vS)X$|1tfym*7^^euKw1mx+ zPGjY#7j~<+{A_HQ?KeHQ>E3}grq>94#G@4Q8Py~j+&yT?WZRt{8Gnp6y+!LJyyey^ z0E)Ju=jy@z@WkRB0#w3d?h1r~9vn{lccJUJpC%^l;Wo>6aJ+0z!XRnr#NuS#o0DRL zT8$vdj$IGhVEJtNg_Rz~+!*2N_I3Sj^5%`r{o+~9DsJ^}1k0m8-KfvFIM5yqhj!RI zNEdW8ptq|9cg)aqyJ^X7-aD`H=-S&lLoY}oq&IlTP|yGA^3H-r zO!c25t(;Fts^qGT&7yv}L)wy<-be34nSKKfT*HrwC1kHq7dxad(Z2<@^?XLV0d!UZ zAUO~Vqf19NH#wCx;EsgBd)kZ0H6HQ+cf>sW_FR+{GH^Pb$n{=)c@S&&_o7wt`1Vrd zbxd~w&MMUg)C>o4a|~J^@XRI8;X!iJ_r1)Y|D-;V0}i8+u^;9!hE zY5isSN#CRKnnJh1sz{lg(erihVr>uL)BO#AwGO=-2NMku`x%!e=rg=X8ax<%KKgGX zqZ{q*?P2dz1ZfDv|KtY1&sUvqLt%{K6BzIBJsOkGD#i`E*z|UuxJV@4;JEIR^XCtP zyC9jnvR*-r#4At-?q>+Lbl8+d7m~4w3h-S2&1Xk;dKZ#|NCfU0@cjKJ3aH$@o?Xaijs#*DRQpMmw!ty$YGuvqoCE>YPQ z{keaQfx+~6tK>4x@~EO|q|xn0)J-2iy$h8d?!ST~yX^Cd@8;l}UIX0E6-FlLS^%>FR5chIQ1lXqB>J{mf;B zrifYAz*-~i+fT+5F@ugd`#Mq6#CqB=q19dYio+b)dyrxDdjcJf8N2S^TpDt-{3L+9 zUwr!L%0AR>XguDd>Z5$#2PV%gnzgOlJ=DIVOIA~%ibkW&H@?@45Xqnr`~^y#KOWlOy+p>`#gV* zRrQu@U0xE*aG|+zF%{e%_WzVpOfoWcmvI+~xcX@# z?iA1h-u^2fKUqs8Akl_AhtnSz_kl%COo>4_fOEM~X6nPblbg^Pp>5>Z!v))S>^hF! zcdXc~>fd$5`*ylbbQo-zi&Frc>5-lbk53sTp&e%$3c3W555bcB$^1WoFlxu3>`U>K zTZ{m!OeNDL!I?d1`M}=gqHhK(@*Eq?@iQ<<;B7cuz^7R>JJu;xz2A~mqHMdn7pPYr zbK*6SrpbkD&2?=+b53XbLd2T=|%{Qn8LiPt{|8}Ot& zgQNKhP`PjXLl52^A2o{b7*Q9E6T+P97I3)R3U&t%I2Copx`_I9XnQv!Q ztF*2!^XmlI88R5Ja(LsUtjK*H?QBpyL5}8&6*3Gq>osoRT7e;Y3J_D<5wAwNHuTy?No)j4!gydS-MP2i4@9Q;wT zeqr?}7q>tZK6EtCRb6%uP8wx}J?hqIF&_~*)xUe?B-w%#DihotcDE%tFb1KB;xocy zU^7YVNa9;CRe#2E*RzkVBS*=+umL7<%DIVkQ0YH?RIx2*o$V@ie8ZqzrO$R?Aj7fu zn=7x|lFhM5Mf9JE^-AZ(yLDL04x?^`K5*P>5Q5gn-a5&&pL#^U3J4zb^iAh{0k-DZ z3)}A*{kFplb-qg!0_Cn%AJ_yfU$KGPhv^a~!}MYgXVmKG4hXZZ=H9^OnRhLxgfu4jHnq2)mSA zdy1$v!u>D~SQw|F4$|_Vew>NsV4N3a(3}|}DwFPuc(};Fvr3z}FDIAr;x_h0wrkfU zzxPyPKJj5bH3FTO9U6Tt<21la0w`Wy;oahypY#zD0s9WhY$Z0AqGK&B3kk@L>w;7 z;zq*-I%46KoxT2N`M2=RnzD6^1VyjP%IpC4{VbPJp$1CZ-HvW0a?ykss$LQ%_>M_( zt>>~ZL1?g9%;~Y7C;;jz_3FG7r~tB0UoPL@6bypfzIQ?6KYgPg0v#lsHhz4+IJBNg zOal6k%=05d^2GBHJ9GOT1}nW&+Z|LC;Fp7Gxj;F!&Ie99t82aO;6WG(9r3$6Tm~iT zTfUkf+eMJrR(tFtEK`PPz*a%}17Hxj(510LyutEb<7@2*HilV; zQoaYz-ca$aRM)6H=tU&xbj|FpPa;|m9aqBvhq}VC!|)?|RkCz&Si;eg4J$i)58U}q z{O@W|T>bkxMpm8#*Dr+Y$QUzyHZ~Y3J8QE$DfL^gKeeBNifZ_i58@6J3rlOB&n~|E z!v^DG=eY)0FXpa4wl9O@>VAp!Xk|&Te^$x7Vff}|m0oOCM@#&VTx{nMYJu-&G%H&Q zG*ezm4R0vE*ZGP?HB4@K4G;TH3;G_x3LnjX@2fP((WfagUF_?t0i`=GxnD+)Duj&l zdb=BY3*vt)Ev4m#pBN~gU7yCpZy+4t?Fb7!*%hR(06&(X^bzfT6WamQXqhmbjC$ks zWa`F3&~QnMCn`@^I>C1R)RsSGvI8mGc%xF)SR-dYHjsVO5v0Mk5{iZb6Gjyj!%>MY}R7egDD}Bt`)Qf7)Ei)dgBvJOfFvILp)G(X<7{Qb0W5tGG7( z*U!>V#Q3Q;z!)SE9*qq+bVAr6n`?QQa)CjbZW@>mXT`QycH5s3mM;ZlVVh}+_uu@m zbfv@T!pqEab9M2)Ns21!bg-7GW*+m7ILenSG;W%*PScs1Ik1WarEF{^nlDK!pEEip z1)e9-oNtFqJVeZHc4flKHThhGJ2Y|n4A*opt3+}Rzcz>G?9Z$yKV`S7k)AclXQ^G; zGLBo+3CXgO@12taepB2iF75O8+)5Rpkil-zh5lTYJ5`k~8s4@X20xN&%*W&STM~eE zJIrVuIFF`Q=G(HGP?jXtw?7?qmG$qy*XWIpz{D5p!J3PUWQ6XsSI9poAv&_$ zJeO$)?dJlv{=BKSZk|u*-VJns`Z1q|E6kU;LD~GHIURFcr=00y0K{0>Q-X;Z8eLg<5!X(@m?Q$^he`nE#ODAeF;1RaJ=cShGLt9%VTG2v2>n^$ zJQTVsRleQ5r{k%L%FCMI`41Ic+?ef$a*DEwKgI^G35fQQl&E5yY}yqr6+L)l&djiubl0!LSiSpki5J>T49IATRmq>8dfeH;!( zwu~nA3d2WZ4ciwprM)jWA21Mh_H32Z1pU5~>dII<|BY%Ygs|PJhIho!c)52e*VEx# zo%hWMLLj={^^+Q>*7U?~=tBYfbZOyr1`ym(C0VrJBp{7wu>vd}5jmTkAqy+cfXtJ0 z5B+uYMpMm=HvQP*3hXUtmq8TQqQwo3JO@cLVCMm0P_Il%5>YyAMuwtSh-Zo4bB;UM zYt$I_oeg9w6U*DLU7g+%jw zR;fvxw>H6UQ*SuYjvJoS3zXIrAL{*5Ftb&OC4>bwAAO6-t=jk4r($+2q4mTO^;e8jta8=3E$RXCe z9S6^;jQasW#L@Q?Kjj+H`oeOw!trRbCREkD-eg#&oMPeJN{Ju$vcb+qDj~cz(qP0v z@J-FU6WYSoyeYX^%Ro|1@c9R4FQDkxCjiVCu@I7r@LzJt?wbHJoooYXCq`;K%Z8PT zYC+t*=r%IO^fQ+s@3#Ob6&|IT1QG~P$18RwtxkmB8zA95P%h`jHp^8C{ z6EVBQnwJ}17q{p%!pETNsh;H)?jq&0Al2bq3uW5WNl z*qkmPgOFO}hHW-z)00J2k;~vj9bjm3A0@ll>=Rc6J2c|p0MALs0UJH4$_8z88-t3b zrxqDNdt3(CZ^)U=%*q0&l3 z%7XqcPLm}dgoJrYF~Sv!vhKZ^nqjfAi>0r#@mg~YN-`Ds%jQ_ahLtJKB4 zQWao!Sx%hQ=4@Y%K8slGq)QAKY{>h`C~xl&vX$}28opvTxg0^!28W;4WEHZGH4d{rr#Nr3v35%E21rBLicH=9C)0G(v zIqJd@CjfI{{YL`aO2<3Sp=L=Rff6I3-(q8#j+!GwZo z&Vl#K5-G%utAk^yh(9EAmIHcB)A$S_N`Oe&o1gz zWgUt+Ovze_U}D}X=KKn8aG3=ylynHqvMOzAcRdS%kI3Qm&W87;^=EqWKhLJw9=N%a z)6spteYrP#NpyFrN6XxG|8c}>V3HOK809u>--l$@oyJx;^j)Fg1`H3_@n`~PM-ZGd z?pu79Y#|9INE7t!Q_+bUT_Cv*iWx!uL7#NnLXRTe1`Z8XQ>zNtR&iN;4XyrW<1y=s zt2t#0PQs6)8J%7dJSHYXk+J>aFz>TlPGzK06*FzEc5CkM7QSv2q!C)}jP$;@G4|Yh zsAn>0GlDf4d&nJM7Zk^yf)l|QZwP4F-**IrJfjdS?RLTPV$GHOjK=j87xam>0yfns z-2SvW>GW^fp&W+SGhL%u@QdqM2OAhDP}-sdhG-x^c7}vs%it0K6ysk(p=`O#TUdBT5=4QtRh8DBV3`Y9tYY4e)0yQ_G!O770fD z#bpXL+&%I%$RyE8tVh3weuP7trRhcth5=FUc=K6GgGuRfJOt?eV89Qxj;-0>%PrD5 zaMuCP`g`>fDV7|#ioTsVe|x!>>$Pe3LTAa~p7SbOzY+~aVob~ljSq;vU2(aAk(cf3 zQW8=qQ)wrOa2e3+gH98}FcA>Vj!Mf@d+ZbbJOW5H!#b!q-m6uC>=}5+(dFx`d6B*x z!|4}6f;KCG3zp1qc*juX+oYgGjeUy=- zmqu9~X#wg0mGj^@F^aF1GhD6x+vpi7SO1k_9`X0A_j8x0`Of{fB`XyjcOCh{Vy4Ja0z7F2#vA%GsXbqs)Ei2M|%yQmIIN$u$)+a5Oi!_UUL9gyl zmxPpBB@j@(z1qWKhV4leeYU$-6#5YXZI+y2UTMQJjR#=yr%Qs(B|5umKV?Fx689EeD)n_I3IB8Pu3nSMp4K^z#cu;ZPv8xDQkX!lLj&wqx~rD(bYlYU`W7--pN*%ZY%y59nY{ zl8DN-?q3e>>oqrq(m?Nz=~#7XyTKFd0X>-sn?FF%dOvFJ=!j^nMI*sB@injn?9TX@ zGb}Mk+S;IGFQf*{pd`lnsUmlJ0B_P{JS)$>njj6;-BxbYk^=(je@>cDjnkC|z>D_N zPKWqED(px20j`?rYX?Fu8Wo~*RH4&7_Jw?n6U}v6D z4@gJ2Lm<1egc%VH(y9f`yeZ++OQK$CkzSShLb0(?f-jp+Do6wJ>wkjb=;PoXI{QaC ziXs3mwPR^A4{blF$4Qzz8m+nyAk6Pf@4E^LTHc&gw7O#e3ieyyn&HdE7dOF;k{vE# zy~)f0tl8uEi^-S&xw84c1?dxNRGA38)o+j#AxfKBp7yi?OH|!3aQV$kKCEMxck+mL8FV^1jc9Z)eZ!=rW%RNSq z0-db)hk(yADD8isz>%V@hi>{R*7)lgD@qrJJ#hFs9LQ!_Qx*S zTS@Rt`1PSkC2CJ?2f-Ut1OBtk?zg+2rntqhxLp}>H8UkrFWTNL@Y z7&*v>Farw&9KwZNG zDipEPPksx=H@d2HYxt^L^@A^1(9ORr*ZN>*-A3xiC;v1eAQ8Z1`VA@#t`$va?DV2p&+{PcvvJ5({A<9STCZuKNffJu@etL27f?eC|%1^oG&E;PVI z_?NDk46<0!CicCLf^Mb>kHY-XVEmO|1sC+kGoGw|aG zn2aUc2j9xF!S`7`8HG!MkgUYB_~R|lG>A!_--rHBG0ju9e9*6mL%4sQ-&KXMV&T_S ziJTx%Jqh${i2(!}Bkahu3^S-p^LB|ox%zc!O|*uaZfs!RNSaJK{9aPG57^$W5gPry zt>Lfx<-Mhnzq-DRq*I`4txKq8m_pSHA{Cwvh}J%i+sdB~kWPyk+)-_#6?R!6%6a+? zAT5cb9o-Ajjq;H#u-|kM@7|G2c3-)K_8Q8C4?I`pJPCA8BiV82qvE1*v!M%^ifl&L=dz#@D{obS@`^jQ}6dg@mX<~ zJ^ZdrcR{CCY}-lfV+R%bceZslq=ln{b|X-Lo&w;Rhsg}nAiE5*IvOl8lTgb?=)<5N z)c_k>ii@gBUM3ONveFoh2ABZrc4v+9Ll~@6zqGCjr>uW{KmcUwRP=JpTl;dr9#o7_ zG-3e@_$2=&$JyQwkPxZ>v3>5q6CDSXK_3RihOmV66CkMwZ|Sg5XUyQRLd(d;jIhE| z7_b#8wSPdOucJ6|_i^e$cvnGhX)v-`7ic|QTn}<&QxT-Y#lMR*(_oT_xY8fW*;%%4 zK~WqdX|MBTic6eg99LLy4Ig^ZMxp&(715k5Fx;=-F1)Dn`66Ah9bYvKz{YUr#XdQZ z-+&na(rI{doyweus0(AydYk zb@U;^!pdN%wti>7RE-Rrx;vgq%*V^>oKD^sd!NI*C0MiTe{AaaZgwOYZdPZmr-@bR zx3shrfB7*0S^=)}yM0JVVA&qo|J}E@DeyeZ@ak#t}Zk+;BElq2O@veS!tjcHGb|G zThszfuf+yaNpJHM1sTZA4G70dF#+-NYlLd4fFrNc)xT%93XnO~P$$9Col>=vz}yCt zfKH6z_$Z&r=>y8;CY!z$mx6_piHfT0GW`7cVB-tmDzF|MbUegTM4W^~NV&BDa-q+O zAyPbC<;qoI)$xH>!i1E=sKQdyN?eDqy@MmVoAQyS#2^H|&j!BO?8>5aT`-L*!L6;t z!>ht06LO_<=?&H)+;!<}>H=vF$vTf4b$ioXk4DPvhbj%*(}E&s&UbeB8c=`fhNC?> zG!VJ6Y^mgJq;0e(47L*Bf=hCIk7`NjiC%#xk@~N?EI)Bi@c$K}sK8?+>f6>c#B^Ne zmgPNym2l>M1zNL}rx~C*A5xYSnDS?33pkEaQhV0Zv*US|KQ?^I3_+<{HaqB?Hv;a= zg+Rt#g)&gNZGQsHT7J-A#i!g*h|^sBd0VvXT)EV3EnS(n{^@}T&zkD@>(rFl+iO8 z=rw@HMQCn6a^0MZi(3UQllK771O_%1NA?+cOQ(ZFgmD)u7j>2v474R4Yj+A5l|X_9 z@5!wc$jYl&3|QJtxD3AwJRnBMa#>pT31$1#Fw{dW_G)+SOM`*Iigk4?qv7XV&9%a% zA)Jq89*@2|H&9)5&lF{;qLodyf2tQw^#C~n;eDBy2INL{bpHuuPQjk07k2DiFHbuQ zB+~dx-AmmVk^%Pk!FirXf=RGCBd%i)*P?Vjch!(pWjc0HuXrFxcc$<*AQ$XVWQ{Ai zuvRBX4;SAt$u?$<$MXLFD0>U2D7)_sR7Q|e1Sx406$=oMPEkNbN~BW}kOt`v8(~l> ziJ?QfbBMuUlF(y9cVP7Q_%?xio^JId(I8(}Njwl!rywH<7 z;gU}hlUBSj#~lN#j8mOI(32#S!wSDDVOlvku+MNBEyQt#ui?) z1U%{L2rQMR*J(2ugx;kZ1Cv>?Pl*t4#d2jDtd>)aSDY*ho_4%9*&DEP8&5cOy==GG zYwos(Vd)_R3e3epxwoR3STB`23klE)Z=wiVBW!t3rKR!48hoZtlJfDX=;LK-hW8FvzdyrWMxF17)G5vbv~I zhXf1>XvXPs^Uw8xqU|rl&JmfM$G=_mg&pkMAwkEYjHb<@D?IO5)87!pAkzQpd6^qv z9~!tl29|oa`t9bYGku1lNArYsL-Koj#P zBpkKsGd#Bd5PG00^-X`ZP4%i6;R`20OHr|thmy*8#{eSdcsKkB)umr%zNneP!vxIE~gk0tP;>Muo{A(G zcPuavLE*9n)#mhLz{IW9$R0f7)lnq$BY@;&;oYsy!`4>@WPp=i5{n1>=d5|@#P8Hq6g75MVY5Rw&y^!}} z#kIvo^ijP)P8j7+4rchy1J;QS&kvUoeeMW7KG{{He1nx&Y+hL`4t*&RMIr_#kI>W7 z7Eg(1O{*F*NqV}@RIvFx@)KW0OBEgS3wz;i1DtuCSC7ylYyPXP%kMel`(tM6?@Gyg zSs(cAffi3)sTVYT=7C(z7(;p2hwsE_4rU9-TcH@af2U>oKlnp4G}Kt#5A=NpA%5BQ z!|O1``VbzJfah*sJ)4L393hpS^({RV8O`tp0( zOdT0?d8EXzjHR2EY|r_R(`#){+4KQLB{+|(aHaV&VI&O;YWa~p4;bp|scjszpWbzo4U@cXfuy@j& zzMGtpcu~ghy9^;g0Ld+-vlkP5lS`XbpO8{kXjY8HIMkSNWnWJATHjx2k<<@L-a-1{ z3=d2hT<4xhDQ;IQ&nnKZ{TrlibHzL}rPWJ8!$vkEylScUc)t|Ol`SaOte9=r_0)9p zoZc-H*m>#h(arDw*=LLX;Le*jZ>r9(K97@6(JuJeoyQg}+YuJsI z+4y;E&`d3Nz1PODT2fniS)N_4piTc{?{c#dd;607}}_j-v@rpwI8)) z4zHfWSv*^I3vrl$bHyd&mFDWS#Yy!h-D{xYxc8npfIQ_P>LzfP)6QFZ)xAr5fEyc*G+_?P*BH95>w+W zZ)+>{P$NXZB&M6|hX!SW@!J>*6P)H4b@N+Z5h_Z^>x^+V?I)DDnP%L=;bBx~{VLP3 zXt_Y7L!lwe5|LPT*-XN?}ORWk95uqj-<4EPYG1dVEL^9###UNvw>WoGew=N&os^03_iw5|ja zS3cLl`^#R%8dbcZeC`XR3I`RR%{)D{9PA3$2q&Gbs`wKUQIN9eooJc=kFsC||K6zP zhdKgQy0`L#`BF{t+)#qC!S~;B{6^}y_nF1cc21L@gO0SA$RcOBO-!spl*Npb2{fF_ z(!bV)5BE`dg!L9SPcXwkCJWoCi`^wz>Ru8}Cq=ukNu?c4YmUy$*8h+l^NWxzyOHm& z-BCKVcx$nD^68-GFQi3H$C}qSyWDqeA^{(FBr4cW(znAl*d#r*eD>K63=2QhY_T20 zjWl;+9r;7Sq1({LG?0K3nK7tp zbBjC?; zbQg2VvRd9|G)gqKL?+WZ+_$b`3&3&(^5CexE2V2Qi1Vg5GQs%ffX9!BufA$txuipsDrpyC_>k6z!6 zMc+hA(8z5HKb;Dm@|;aGdu9T1ZskC95FRD7*i{{(0+iB5P$2heyiT70T8qmo&$8J> zXF8XvBToc*el4?zU%?5@D5W3A?}(zRofG#+Sj2v*^g+O!5tSd9#h6a2g9I4^S@=s_ z6&K}V04lw(r^v*oTx27r@s0assi7+~*V1hXxA*7A(%q(_LU`MR$P51#>4JvHFR8_C z`nM|j7eXm4C{M-N9(&DJ$>>s<3PzZ~5!kHyt6qp${}}=H0CRvQa~=wK|MxVp zU-?04iEGV~`V_!lT%v4!Y1c5;{M#YZ7taB%uoB!!PtVDa-VzDgc z*N#QD`&+DU;!Ge&5s}H9D;+O|sY~%{0E|Bd*N7)Z zQntZV@x-lT>kytStTZ}0Mb1~zAs|q?Wo?T=-FTamLNHjR^#g7}VI5=81)Q2T%zaD!Y546PrWGz4nnLT|KXbas(m8Bu)N9@6M29WeuQldh^>xK zpq+|KhMyj}GLdXyK%u{M)#Vxu4$t-_Cft6hx>ER|C?HPVL%OR%ZFSB{{~Cw(TeEYz zrCOK&Ca)JWeF5FCxkOIDO8bJ7bJ>H9*I&aJ%NKX{>YT6Zt75t*^eSpxR8;a3<3_UM zTQ6?R8)Lh0fC-X>!EP7-vlz-r(17P7C(IAh^Bxmz!gkY@&TLX%9+?6d4IsL6abm^gSzM>HhvO78+qIzCAa+^=eA zr6uILoqDU9-1KykD=jqP>+Us6T;~tevej#*_w?+3-MVz$w3XsJ)s|0o>yH*>rQlJl z`DNvTmUY+*?{Lw6`_LYor92Ih=_c5MsuPTpbVJ(&0{&QgJM~diI(ffW^HA{*f-paM_ z-;gmx@SR;@H%3uYQ4w2X`(d;IUvJglK!g+eT9KNRFONo+g;+O7q% z!QhfHbMxc0AmtI5*8z9_W4VIBlQ`orLE?FUkQuUF$lHBM_gks0JyMO!kP{ohLYt0) zeWQ(7b!%gAI3krfekZ-+LFUP7VH25OCQ6+lTT}7>csWL7WlZ8ZBb721$e9nZZB39p zCT1Dv>yEF>Zb>i9-d{4lDSyedDd)z7G1d`BVIU><{GX42w9fxJN{vbR2fy6rMC_Ym ztj3Cd=m?5^K1WrDOsMznxsb}B3G9Da0Yn~lZ?p~}x3`PoDCu>Y{>tla zBAdfyk#ZZalUzX)q@M+n3-bW0`pB6qACEV5TWIYm>LPdV3xBFAz`K;OiSIwj>7441 zzVdQn*Y9(|!BBjCj-!|$Cn=dmBl-F!!%Td%DfH6Uj{9|YYpl%Y<>j4el38@UZ8eC~ zQrMM3{~Lu4jY3kdL=Z}@ep%t4pJ$@cx$YGZ-kiwaxu_nAOF8(VsCsqpb6~!dk(nxW z{T#gHSLo&pRdNx&mToE*b2r-|)twczw+gJTc8CA7u1OxdzRz)?e8Sy_IN`K8ZDEZ)`tfP@$%-R@TXaTk~7Vz(@@1$@7?(E zY3r&EmgPM6G3vUnlT0ljg4-5Rg{r)PY@8&c3Da+f|IBG!`aBgb8#DsD1QK?3+SpHR)gk%_ zctmqlhHS@_W1|D))(Atr3e}Xuy>Q!Pbi(foaAj7W6l)((Ft&_&6P8)#nxtfFBW4=@ zkypfkhZ|w~`)N89bK`6+>Md;kSTK`Ibq-uCg&gGM?IhQMDEm48ob53IUvR6fG4%>vEc!>gKs%}KC&Afl?xPIp z)tmxeC<&1V6=x5yvb?~lKrmzjxNSuZS>okw34XcmwI|y+nThJ7_sp^8z-@Fny6j>v&+?DzlzJLpr=Kn z-hVhn8xb?Bx!zkQ%oP=F=52HE{t;O8(87!x|5E{%xv>?f^*i{D#mi)4&v7KrQ!O0ygaF=%YL^ zGgg{i8aN8X-)|Hu;?BzRs@>u$k(YfIWH4O~ z*MvUn!aPd3)TRpzHfYC_X^5>OO%2U z@6d%-ou}EjV075WjIhXe$=?q1VysSfQaGNCNDweB2`-FUEN<$yOkBCZr#BFg;W#~8 zY>-kN*P_Uf`-?P*?NnB|yZpke@I!BJ5XVY{#pUF+=8V3ky1=`CfZmLC&a?dd@w68v zQsmhQ48Bzn`=}Xk(7h#(yt?YM=bSXWyZcdRpkLt9!%zbqL4B%+9Lxn`C4a+*Yajo| zB|I*;#! zC|ao4we76KORt>`%a!q_@fxYiu2zFPWAbcM?I{X6NYf^cXFqI0KSM2IQ8b@E<#f{% zQ>=Hm=0z`!x0KG*ug#o%!(~_|4S3c^@17DLKl9gL#a*y?h;125LU;^<;kJ|VC%%fz zVa-;rlaL(V!IX|bg@%BmY`G!nW z3#-}N)_sOKQI;;O{<91|DJ9iHuXh{$@0lnwY^cOiuhxKiW~B#ij1^6*-mXM(m*+2M zuG*vmn&N5emFiT9nzZ$3S?(4p+|8U>c6B*sQ2taFmBy#U?8#rC~Y8 zf=_%Pe)jFz-qsB{7n!=f|AR=k}V6MTQak znt}Y}Pn^T*c2+M3EGyifQAtXA|9l>+UDZEpC(bQdZRqP7Kbmhp0!oS3rZaObI>wuV zk6%FQ9EBWhziL?Uv?((+ZOX4ZA?`Q79d!~{x_7%ZiZkvsW#}kx%fB6{v8(bwc9eia z>M3e!k2H5MiDF^mLr4hm>}&B*_cEww@8+We0`(Y)9m-oHDofI}n8r{VF2f=_>07|b zHvB8zxUc?ove^zGCp-6JNXC{3;fqZ+XgE6L!j^I8C2a-<)N@A)QHnYb1wputZwKKZ zK&(83DwySik9VX*JKa?b>o$qDJ-Doe-vSt9O` zvLf$&gYp+Z=XzewD@~TGdu2~0x_-$^noDD(GjYQi)GLVvF|x2EXlgdA=rw-#X?&^;R7!=AQtk*0Cw__SMp5tI9eO9SZKe<j5$;?_rz`^~E)1n+dt)r^F3HBhm(E zvj|K`Syx*B_;~m?_!sqL-E5m=6IE*4jrk!CB7Cf~@9WzD8wieRd%p~vx{S&PzdNRS zO~j5t>P?9nQYX*f1m=7@Q+q?yemtYET=@3%306+!(?h|Zgp54b;0)q|Ic9W^Edb!Y zGNL=s55-%v{^Gr|i>}uWiQWM3CsU5;0D(f&3(#+TSgKXSs;npDq)S|TSik#9lU?BA zQdyg-UmeQ(5Qg^ir97>Kh2^2(5|QmfTujCqmhws676~TAU9<{48?modo6qp9S!$3# z?zO9)XJugXH!x+m9c7zNJQ%O1PKQHR6@k+_?TFq@2nP71Xe78<%X;M#v2Pr=T8pdNuS%^E^3bla*fpY^sQ_vl- zp+GBD`90)!W$x@c;bt}a-A{~xNk4c;PvXq@`Z`6#XEccUU*mQoFC1iamI|~l=?Ei) zz87_qiWEk9a9M9ZX))I?^VWP%m0-H*>Zw=6FVv88sO5m;4fe0s2Ru+9;!Z}x5Im^W{;U6j&TGA)qV3V8FT4U`bA%@(#u3cBtZsRmEKo(=h| z4LYkZb1i<`Kbj%zQQ{Jech$T-B=6r({P`iIDz4$)owj9J&=wGMx@rqP5&a(wjnBspR)Cz^Ct#9L`c*$JB-DZ>=+ zzSPlKu*3}CM^ru4eVA}&oN4qNJSg9D2-nIOEB&JtD7$Cqy1Q}{m~oB~^&Lbz0X+p- z(EFvfw$8QGs$isy+{DF4^BbOESWy}rfpj)E@CHScGful-NhJ#1i?>qbodn^5ft{t^ z6E2PMPg{W8=c)Y$F3~j_0!$58bg8Z8+??3>oEMU1qp_!Bt#@;!x2#QPkh5%PrY|F84AP+dM8xu23q8Bb+&ys%|jgttH+kV)jR>6!cwQ{qf z8fyZ^*OQ_ba`+bGebxQZniex_&2Z{q33i}CYj8JR>!#60exaz{w!d~`0dS9nLA%Iq z;Yd_QVsW;9^m_Po<8NIuQi^s<<;MH%WxXgFqtZVr;u(=RmH7Oa`K7IDoy_6W;Tl@o zJ;2)^_!9LD`%0Xo;-@89pV;QSga_@AvWiWSKIA$4Wo%Rmh5$lN6shdET{4h}5#|~A zPyWl7k&nIoTk|>CTm*5^v9BhPq}YRWV|C3&f!Ic6HG>NXcokXmFYsBuL4=+R;`=~5 z2fR7nQ<8WYA?nfeV0ucaXT#y>5|wyK+cVj8>@(rCn?HNCS!O9%c;XO=L?AWl(e2!; zydMYN^7z@&AEWvCp>2C*#nXz#h>?o`sT^mc z$!fhcLleGVp^RikYA|D`hFg-HMg%E`M{GDt&8OFsFi(JpoL`{pHy8o;*I4|$i%?@% zcH$<%A%G7Jnsf^}?mqUeSmxub2>x-1AyMYRbWdtbZboK~@5e<&B#1D)A+W5i!=5)Q z9Y|3MyM6w0Be)-_xLx__Zrl5@df=&78wV;mfyP)t^+59z;zGGmLqC1_Oec`M(f%4B zk{%Vu|D%Q|Ulb!}A)h*L``Vf@zxcqy3v`fSnUuA;7kU)uV*KkaC`r0>bS z?_UVdOj;^%tf`)9;CMvCETDP@c$0kGh8!2NR8*dXHk}89ZUNvKB<*FK1V%SDeM?MA zqM`o1?;}OZx-*`o^=~&y@F3hkH3y9c)5aiFZHIH1J$NwOHMNON(15%MI`~WjKJvEo z18(yqVS=$PXb2B2Ynblz-NoJkffLuIYK?t<6yoWx?ae>=MfJMZ3N3)^O{GE8TbX+= ztwmo*!NW~9r~Lvv|50S;Ul3?C(YF-D$lNX0u*;T$(tt-r75)kU)*xy@^V?H`U;W&@ zL^)ZDnUimxyzMf%Ikm+Qg-~*l@sSM9!co6{hXDEwkBf~+=mQ+b0jm2v;QEbHgSAOM zG^N7rtQA)tHbo1vqPa048E)VQ*W5(QH@S8ifM+J)@Ro-=Iw$asF``m`{SbF15r*C% zDLA4D+Kpg9zG-~+H*CUcE#JTSK+5m67?ACIpl9C~s$IpdR@i=FG3E~%!cFe!8L!8g zi8OekFxhJ&h&Ag3(9jw7V1y!GUyyy`)CP>IgP$?@ZSqu%oX}#?RaZ3(?)(ZK7a5lj z3HD&c_#Tur26t{#FW%OLZ5Z`+V)rVPzvxvO{TU=$RX+ETYg&m>=&qrcMfhKgErvaB z?>hs_6e&xKqMA2df-z@|CHw4H;mt5n4X1B|(^230q67ubP?j_Sco?57lLw4x=T7?q z2Iy_igSX=5#bLOI$us~D_(JeN>%&6z4MG^NYvr6>7+eEn*}a`X;?vLyK9xvidW|!mdPG z8D#8IWWj(iGIH{ckG#e)Rp!nRQb$fV5~Hq-k^-&*@=Rs#Pm{(hY(;;RA|c7rOK84_>&|@ z@z0CbH0r443u~VOX(9-^F?tPyaHEkQD>o|#TuS$r8s1*#6Yq2(FF1uWy#yEY)>Km9 znocj^agEBF2IF6kJTPidI@Rk|r1MIFXZfDkluF-U)LYujEUkZFpsT;%!nrytJ6qkt z!a{l$p$I7xzsoB6`qs{6H9iN`4C1UJPm{OIk}&ovDk|{>dA8tX{z~2v;HLrGfO^%^ z&Bj9sa(#dh;#fJI@#e9zh+GQK4*raLjGaF!jrfY=&wD*B8Kf*?W4HQl2BYRNW=^A> zL@U9#`%Xyl$NK;T?!eLfwxwPY79k;_nb@Va&ScQ%pu#|BclILG9@$P4wYlJ>uaA(C z3sg~XDD0c+-F*G}waSwxpSDK8tl9YtK2~VI|1J?l3Lsd7UBGPZ6__8T_^^AP3>s

gD%gI&=G%^otF8#?NG= z_Nv?2X3MUsKPYF*@J0ss4H8=E)Mh}@N&){+1mFu{aCMITx z`jVg4ANrewFf|nD`N1aFqrl;v;s*UAB0_QYR_Y5BWE2{=?eZ9zn3}kuVQ}M8L9I)#sW=)(PEv`l9}!mj zqlR%BpjQd#^*MN;zt{QERS>_=Q&~nlzQP&Vnx7lX)s3qZ1G~jGCz2gNF4UAQEpHY&K`0Bo(Hw|XtXT-(7EdG%Sjk0o!{0beD2)W z5driqjo;sLgi01S!osi1Wloq~c7Ob_M&Ti( zgMrjBUs+u8dy2@aHl1I9Y__82IdrT5)66Mcl6ZlPjVJQGmABpBFd4L1Ps_}wx+dsf zCpX$V={ra*H$Sk}8zmNhnXm$2^FKp#I=gqCb3mY*j^q%hWj+aTW+$gi2dVi4MVXlh z9%EYMpmA`qD*tD>NT78~W`3xa_7KGYNN_*`c)LAp9CWz*fwG5r9erp?XJ*;oNr;|% ze**hboAU9c82fkEFG*^wDP~s;^vHF{~y z&M)AaEiJ8AK?2Tc->AF+DR4toIqQDk}1Anr#ZPOoj> zLz&lNf;S>&9=mM3rVm$A8~^1Rr(HmaUudu4=pK*KbYqI{xLh}PvjznMKIijk7W$yP z*V1Ee80WoWX|!_a`!9PbUseT zciCG@q0w@Cc1Ny?T=k2yzI5MOzaww_^z3+k{`+mj#0oJ}T@O`Wvh+xEouf#}FDg}< zLjl0~kDxa?U|K(H4rn(gF)_;ae6O`2e_oUFxPY{v*X;(d%L9MaYh&LUKNVXG-Y#Mc!^d7&;?o5;$n% z&Et>nb*injvy>^6{PoGf@9xtH>$qtTP`Fery)Wg)>@Z+<82`|w{%k+EF=oJFcdipD zAm@X6V*f$@D{KGr|>L9;PN>HQ?oE#?R5 zE93n{{2|4{5lU!p5fVBau!E96w65j-h2;DK98Uhh8m0_{SzIdjy%gh^FABYl35)&I zwZe~OG`7m4Hp|Dt`b7nXE!E`B(lo98&&kTa1nH0`5QX+1A*HlSMCD3~r78%`R2CE` zZ)$n1P4yW>M&J44n*L)accE%!srf96qXe9U!KJf29e~lMI2RGFtm%FV0k>Y9R6UD3 z!f>k1wdN2}j}$;t-1cWS0bD&kvzupt@&we`?N{(L3;TH*r0p9laS=RWlo!TCrl9U! zeZ_HiF!Ac|)Ic;Kj%<^}h2;tEe2;kj_}_V)I)_{xb#W&hC$*uTa=D-tpLp(K9Q zXk&B<>o(_rcUWH5OF6&PJi_XI>m$A#N}jwDnRII+XIMi;N zd?o68G)$*q#V*mSz$)mcXP16`N&Pdi>A?2RX%>?=?iUZ6Xj0}?NNYEpupZQ%ZsY6W z`l0H)EF9eY<1yYQ;Y1v`-H=J&2T}a&0e?K~Eg7g^90bukmOl+f(6*ri3vhdpmy8k< zQ~ESM&BE_!e_D&rkewdGDDK>SHMG^cX<#z<2y`@(F#m^`g)>Cpmc0aX@LXNJ2j`3kkjH|B z=D5_&n@+4eHqaNjdFhQkh2;5?!}v6o&K0Dg5P*tZJCuL{z0YGWm`VacV>coKbkXjF z_P68v5lvAUFFp1)ibrVI-2jStINXhEGuP_)srk~PsUb%#C{AvG=iu^7^sMFzZPo3 z_n;nM5f_yDQF%)PKC*t-52(kCR^NUTse~z#5Mvx(dN# z9V9F}3)i*q%-#j^%7bs05akanxgR@PG~G$<$lvJFu6+YD;~8nM^D?n8ud>~5Hk}z%bClkr8YsbT(oEo#KyGimdr%oE`J(*&>gumLr=4GJDGfSP;m#x9|>&dRT zFl1@YufW2RB#W?Qo`q4Oa)B1z@yFkr7=X|Ks4<6m5D6xIHrZu7A|9oDn9t46_pTF{2+ zUl#(pVr!y_0;h&uZF}yh8&;dhP>PPbNgHj#1bXJ5bPV4IY1YV^9o~HxT3RZ>-8X<6 zBt#gv_=8C|xWfL`!OLZj`v-l6e0ZxWtbpRqjdlnZMgG(8;m~wtfl;WvIukbp=uYK* zIjO>SoWmo!d4u2_Ik{vGN|JzP7g?bU@;Iv-}vhr|Gh!3njm;_ z@roR(gJ~QPWKf9?t7v6_Fh%iquDFO=2sL;&j6A#@x2cQeC>|-Xj0T|@TG6w&X2O2~ z5M_cB$mnCu(o&|LU9aL#ddwZqhB zpXQo3+}KgFx}!DgdD)W{#b0$_Pf4y%L=x8bzu>eeT1b}gN3T4+VE#L%Q(A;^{SVUS zs)(x3jb7C|{iClbrQ_p(L&^%V6Y{1{s)&gODxqsgS$x*g`|dK*H;DX!HMz-G zU&3$RECLq-gb{kx5qN^6xKh0Bq^pTR#<)obfJyK@qd3Vc3zKdMXxc{WdOn=GZlVNt zS$6JYf_c-Ic_VKCPr?bgANvzzhkxukDl$m*FF2|C7DB3Z$FuKGna|=yg3M|gc*mi8 zdnjMfl~_c8*B;R>{Ln<0wRyC29j;_OOD($J-%%*Q8{3-S#L88Vcg%8O2kTR+`c>+= z*8s0Xf|w5CKE+&I>>Inwl3Dr4Ca5)^TKS^{PFhT0so_Zsx9W4t}0~KLLv0_MkK@NbS@_x>Y!**`<;-|*^ ztBpoI0B~3>WF{L;qBTeS3Gkwe>}}ICxVxkLK~u$Lc2#`;S-Ml3QgJjh{d31;L5$pg z9^eoqt$ixkiMuX-fSsf6W?tW-RIn5N>9BPZE5~9tpjeM>>pOgX+mL$67`S_GMwE*w z(#8&%&LCX|Dl^6l>PBjUYF;^<89f1BWLU*S>2OO?{V)xWp_t<0Pk%J-Um39jL${61 zVy_^VeSO2ceJx(X$raR{(t#JY*5wc?ELe9G`S`FDiiF0`(9`o)&%*Vn1dNlyQ;;9v zRw-$g#NO!2s{kDXVWz%-rnZ2P;ug4~Rri`#aa**hKHAh0JOlb6*2EILW`LgGjt8*58^y2rZJtEnL}In3ccF$?-|rX~o4(d4^L(T2Cl z+S#g#Zi95_Kf(Q91x6STz{4ZrjwQ2EP=?HUL#!xau_%LQgpd57j^E+>LqPKDQF^b6 zKXxOMT|i*1Xk!sIsBw(?fDS%}zaYURRuT`=F(5-#9{VvmwH(w{|ExcU`z3NH?ph2pq}S}9{%4A4FuGTjpZ#G_Mdj?Ay;~vPKmG2 z7ora5Pg0(SDT18v*v?KDlsY-|HaeB2Kz2Dkzm8_btl-h60oJGogJ z`=eu%w=D**l0o29Agw&fY6-p34gj~`m~^$fD2Ll!P^x3-?R+o77Lf72 z+ZUX8MLKBxq#NY-GAgwOkcH`Q>`h6oi@C*omU}L2g|p9iv;03{uve9RJWhn8KOdc{V${T zuaaMcW-^Ggf=a2;h0&#F2^d>RF-?FN#{6*#M+pI7DS2!dtPAAQ(%p2@=fHUSiBlh$VM1_BiAPCkj?T?TCxzGXQ~& z%GetR8(Yv^b>Q*fpJf0}EvQ&5VaW-lNiNsED-owtq$Nl20xZATU0MldJ-<;225{*y0asup7 zCE)`|qs8Vu#$$G~?2C2XNfq~XZNslpx9rtoH8=WA(ca!~TZ;c4~!orh=`@pY1D zwp8hNjh%Vqn#vKF=_{pSG;Eo`_b}Zsc2efmLStfgk~qFJ2|c(zto44T4K|i=CScB+ z!!K5d_S&$Kk)B>Cm@4`CaFg6csGQ(hXfdK4{pSb7vneAv6MGTj1&W zQP|VS7hA8~!z{|OvvXSuubXqpb_deroz^sfhusy%9}4DaWe(qi`w9_SnL81LKxT0FT)ur{dUm$6 zp}_&*p2yDo-~9l&1gIUe5plD#K0O%pPzEvrg7bTdlbbHFEtZN^W1dcJ5^Oc@dut4Alz?B`&Qwcc?0|b zoPKUVie@IqCMhK8FN&)sd2w3m8Mpw3#!65|ps$B5`Voig)hXSU-_ZxVQ|P0PeBSZ- z%lrTv;ZEiEGLpkJdG;^e%O=yn}hv zr1awL)3l4ipLW=1EA1@~8PK_8gOvlxhMrGvv9KWS#xdt+kPC&yUf1B^ikt6piaf*$ z|CJk*I|!e$T`oL$OhsTw92~8?UZQ)F$90-j+Z!vQF`DBY+G|UUaczd zS3=v2@j_ml9hUa`Ybj}MH}Ps$_fQ9b306BcyH|!lJM^Q3!E6sTuQ_Ba7k+r~!21qJ zSxIOJz4J#0KPyx3NnR!wQU~e#t%Hd=lijRd61KE+bt1E*CSrKiFnZ^Z0Bzdqx)noH zwKSz#JZzgblh64+@=vwU;o3lG_6E2I(aba^+XkqJT0jo3mNL}92?)v@c2KeOZeH+u zbOL5g!6B4}ZKjB;fDJ2lQlzWopt7ZP762GKQx~=Hv*_b+CeuDmwYK(#yVJMh=ao;- zg*ZVRB1&mg6ikDJmFJ_Nc3QJR2gpgWzP+`$`7pNrtx$34FHhSeZr;u3xSAC;w4S^c zU=z+bbRBC*uY*Wz2+lNLynZZb=h*ux_u0~FbD}flqWa>d!Hk#n zpo5M;4@e0e%=f!7QuDV{-0H;jFggOGquPu(L9E`>oA~j&9YCwwZponOL>RCqKg*M6 zZkvAB(&i(RHe_u`SOyMM`Ur55N-)(V7-93Aa0bvLL7<|8m9Jl!qxQ;akDqxq>@N?G zAQ<&Oe7SjZ+sh{2_>AlBlgRMyoqmtyN=U06J@qqj?YBBV$UcU0{*lp1+KZQw$t>T@ z8g0-LXE0DA8EBra-oXr$!uv&b+mFBgE5?u;4V@wk%&)WeWxhV(Xo#Y(HO3&$3e9tM zZOykXEo39ogk{k4Y;-O-8%>FV9qhK1+4rSguR7(kS8z3JuQk_bS(7YExbp(Su98^aw2J+ivvH@3|SP7x& z__&NtDLSj#m@!I6kBo&WJ+x)gAj2eise5hU zMAZ=7quQ==I-rC#qu={Rh{{%Kn!73zBYJnLp7zT^Z zjm~Xrqq=z|9Esm8c6OrusV_$@%6jfj3bQN6VHpp@w7ptd83ikVRU4=ME!AQ(wGy7tS2>t6U2HNj4JKq>H+kQUwf88=aX#guS zPbweTVN*dx*J1z)Ykl!**S8s$rZrNQ752j{DH3+DI(9=~(6a5*ClW|-pXc+=E7d~T zU?38#myA4Xbd)APrs2v6{d}o5e~f=Io%qs9b!PnSE5Jo;Y%5d+KaA%>^jW9?Mij&) zEHoXqYSfUI&&M5(t89E)l0ER;z07|f4`PhBuOl{$x!;wdQ}|NK(>@_l{-s+A>pyKo z|4}QTu^_0IIjXLug3_%u=69@2dq8jN_yT@lwC7oEu3X~pWWB72L~YMT{xr(S%RV&cWG7h?07wp;uFE*arLR$nlb@U^VsSo?lWtZsm-T%(L6lupl~2!-uN(K_0Ix* zeX9WAHZW89srwZy7F;gJS8yJuSMY1a0z$>X?=;2=CA;f=J%y3$_;K;$AoBGBF08Y9-X z4Y$^-sj;b+lb0`Zl6v-kuNN3T2#SV#x6N+7@IJNpc(JTHT^3?h0QCMd4Ag-2Dswgz z;0~`>8AZavR8whfQ)T-S-a~&+O-3(tPf+F?_S@k!lT0{fP_km)V+6MQ7PN!0kX>M6 zc>{`F5Uu%UT9FVl!7fXBZs@|Eqr!Wx^^Kq|5M^2ga#a6kTQ(w&G1G-ljt|K>#M(+mrvVUY#L8D4uWJsi z0rsz+5WdCPc=eGyfih8WQ>*>Mbnc-neun+Mx8$_4X~trbr#f*|Enh>ze&F~$hwnXV zNdzmCW+wsA?;S+BW5eJyHW3!qYR?`c=7DtxKy8&zpPhkhd9Z{;S1 zW0lZ;JJ+$LRwyT2Fo^W&ncCK`W)ZP*Eb`td7a!rC_U!^3jRb1597r5>1T8a;I)A0Z zFJjalHpjxUjVvW^IKhBCJ6%Szy~4jAn>_iw4EuKLDf^Wb7U^asRGx}xO(O~UUS7#x*oh$ z6Lm=Mj+rihpgB~2HkQyOxkx$sBq)J*mgNkW`~6TT)Y4MMH`-`) zf3cQ6+4n*_s&=E;Ca$fmzM~4oz-OQG(w#`V(37jml8?k|uR?CP_+7*yT;xs^> z8`x!8waX1&kI?{nd;B^NPm8)v`^Pb*AA8_8z${JgeOucZwA4XLGor?*JnEUh|7uW= zVVBQl(n!zdbNlejVE=yw2el2k#6EHlCOQ4ajs*jB`T)y~ifPS{gNJ}V9?*8@A$*tK zj<9*>8D?A0F^XLV%8XL9Wa!NOYd~y`9{Pb2hzD!GL3fuHuKN2nWT2}y8+{5+uU)h9 z^VweXWt=YtP4r97QA1b7?@As(&p=BUtyAn??OIhuRu$(h3m>Vzc$F=vvW&b|Xd7;oMNa95htHfQOjgf=5v0m$Z__Ee09X)UT!0KQOhaY@nU>I**F3pC#o`&4&^72evNl>^$Cu0n!vx z&1Mjrz^+Sl$#N{NG8E+k^SX(a6XHn9q&hTwpxp|alyE$-@Uox~I!fp=kLjTlZ{moLoJK!jM-qO!fc=~(7_Q^{1Q-+DHvMc9=wE%VGk|mjb zzMj7cUYXO;fvw45t3>u>+3kLOvT`EVWBB>k5R(NgH69_9riX)1Bt#?}paTl0D)T5+ z%JrVxa9nnbG_iP^^3G@PRZUm_M69#PMdN=Zr+2(c+ml7Ar^>J~f@~ z?qCW?gOBj?Ituq~8|wwx07r4b&vl^tItd&0LBNiY`WY@-G8R zd<810q5H{z6CKRevl+Qs8rxFZ5dP_~G4V0VYu+2XHQqxkqVTuf+u(ymML$~_$eKhH zf#M*M13Ww0(vlZ4^`ks~BYR(LXE50Vd&Rr&dV*e)^sI9&Tr!ysJ=0PfgkK)kxc}Sq z1oRpi0pVeghYtX;YYg?X7F9%9khRTF(IL1xFdYbF2daE!C>8i#s~olC(3J`%t3(#w zny9#m##l~E_ z3&=Y4QKuH(%n=SU1KF7Fct#5}*1`8GrkW9N(;LTz;78|w7=6LMyb|>jo2uM{yJ-^HW(H88o!O}62Y z+;unwLxM48C>8xRaMe~7*Y|7mG$50}MeYjX5@Nmzu)2+i4V}PN`!WMPL46E{gat{6 zX2(9hln`i>Y0xEx;b3-h(r(7Ug_xL#_>$<^dmv4GMU-!FXn^6s7lo-{?U?(B#uEg0 z$WKdAU-K3;(vzEX-D_tK3RpHs!w`SFn~@7i*LWJX3l~q*K8~sLZgqKPq<#OHY)Q$* zUC*TZYOZP|x@>2$Wb{Kx=Kyhtq`xV{4rv*fHA%)22jZBZak+yy9@>kJxAOJ`6>%N| zkS%%wuwI|deQzg6=gYN|P?t`g2^3^@0k#S9MTw>4UH#ws>JvKh)qZD4GnE zvI^crdnnCpBVt>ZPQ7TK>P<~k>cjo?rUA;8cT=jeR2lIB1h!C)34$DVo*Bu4qe3M> zOb3O6u#lM1Rzv|8UU;q%?(g^PbhbMiCK=0tWP^QDlJB3qDeI-yE>I-H;-a$9Gv(a) z1uqX(MBqZKemUt)jm6_1o&B;`l3q_Pv^EyoF}@9wpOIt627o?>F?vWyc{&wkHc-QsnJ{t&jbX!#0|2*X4j-hUnjA8o7aGhD)6#TaAEn6S{!Uzy$uY^(mL;kOAw+ zCsDSx~r8koephbR$ftGYRD?Rg3w2TLAAqes2&t3Nq z>phQaj)HE;n%NrzO$%2H*&W68l;&{&76=hfI!nw?JIADFU0Q;Vh%w=jmp8Bzid@@i z!4y%t3IV}g75>aMFX0}6Ee7S;8!m_kfO7=Wc&mWQBP;t{WQn8~)I197jW)SRwz};9 z^e7qm{o%#R>Wtyu*Z+@0Jx(W{Q#Ftr=9(G(Qi`$@bwucI-C&Y~=1Gr5 z0@zK)(|CsBe&83G;?1w?W&K}@l+JEyAaOs?KYyPsVcEGMe-YYqZY@^|Yp^c217u>&oK%{e?S_ro)`s)jQ0zHHBx4vfe{ z2Q|wjB8oPV?prnPHrjMhc!p;LcG33j9BRZHD0xA0)$^Uq!O%6#q`a8H6c09OICsw< z!DwQmI7^Gl09yhFw-aB|=7KO2-tlHSB(+YMTk-wcF{L&>-D%5j|LQF==>dsEB;vAi z?;YmFr+4HMgCyUo52oKHM3J3JeyZY3dmTwSdPRXl zz!LC^_P^;_wKoKyf-f7CTF+f(fKeg3A7x_8EG#zKbaajE-~B$u0kO1*A@7R0OqE`M zeEc%Zdh~IJVY#pO-PA5sPach<&g9~wkPUG7BXpEhdwL3DA1p427C6|3Yd`nrDWJ7A zYqR-mf|fv678vYn9$n$8Dc)0~X(wIU^UEld9e8j0kLe7{9~m`%N*?FQzqCI9f zI!M%M@*-zI7Z4=vC^jlzGY-=aO*dC;rk))hB;I@dI_H4UwBk{16#C?;M=M2YD^&J7 z{BWAdfLji9KM0Y^go%$py=7dl;dbjBAT8Yg2vDR9`eLlUR3EyU2J-Rox3uT3>?abR z``;l_UPtOmubbG?3$q&N8OEih|KEHg*Xu~g?Oy&Tr$len5#X7C?Q695r8|`bY%EVR zR3;OdAV`lc6v>1UVR}d@Z^UiWuTjk}IGfC2Q=PAle=lmL_WZhKOQrmos z2k)3YTe^q4O9$y`tx;UwO?8H_5Fy?2a$i?8&|Z~aTOY{;DguQ$Va6w5{MpW_ zz$NZmb3@VeQ-rs}TBFkLl_*;M15LHgAu4mr;zKuU1C+xgpPfNzlhwVr>$c?Q$TL7= z8^bRwHJbY$yI(RqTYLLiI3|4+AtBcOd8516smUm>(jRq-iFxHkkoAAb?sV-49@DyW z=U4yt+l?}mJW)^ok%)X5m>2Awo?<6q5YP&JLJlc55rW zlfHM4md?~LWDnD$D? zG%c9laEOW!QhH3!B}^u63cqh%$^GO$lqp$GT+4a9FQ-=v*2#$<+}=!Y&)xAGd9kGy znH@2SI-(a6qduG5KgQ0JoEy5p*Lu~KoXL3#EpgNnn8vL!AywRVd@6(kX}gl^?^xK- z>I#unq~}gt-la>KgvA}XyIW~%D`&$3f`o?3JdfMLXf7}?W`39+(avt+ zvYnSm6|HA-%@F;;i2O7gDl++rx&tnvv5*8bXD6d?OwkL zm9f6rpFbA;ID!6lZoWZc;)Chp%Vn(5c4(rq?jJX5>XREEH6KZm)Ko3m}#BHL+-0lOmgBY>gqbot(a@iXcNccR@HUp?FJxlg8g zgYM{qi9}*%#gG53WU`H-%l#=IAU9w$@mWc!>%n#^X)3QW%k0P)vkcckWnoqg@u?eN z9-HY#WtVv^e{Eg#p%PN~MSjC9<(0&1038B$|_A&Q<>c=5#42x6SA${LKN?h9$6eWCE(O7 zO+xq#!@^QHkdptmEGy|kiX|^yU}dFNdZwksrws=WSc)cHqI!hfdVa*>HWOx`%IG8R z46fv6RcyWTizmf~o%cxRUXtIIXFPPv&h4-kA6Zmjr&ryTQ_w+u{`gCdD_uMjVO6{O zW#@7FS9;wr1r6p&g$O>6uY6n4pUhN^F?XP_7mUlQyyJ3hPf0pjDLTu1Z)8@ZPgUVs z8DU7Fn!V8>CCAe(kv|<3Z?tc#9V0}D;WLNcp()He)o(m01yn54WwT0mz7nhb6EAbT zsEmxzWNp!UY^Rc6jI5+wXuUZ@?6??h_w28Mvf>QyeU2SF9s{jY$M${gbc$arW#oFQ z3UD~q76?huFQ;eZWqc_kWPCFDxyIwbZ>_7|PxZa|aE=yajM{qDUT2#0Nouz?s-o0D zrijT@F{uf|W-vu+ts4CTqfK_sn(Z(c}?DPO3+bJ1Fy+-m(Eoq=4e z0iEyTGe@Sy>O8M)xu}lTmpi*z@b^*;K`9UTC~V@97aqHS>#*$jH)U)!@*`nmq|HTK zcr@M9v$t~ydluV8f6Q{_$mY53(vqrS>&Bp?4OGa{47)9RrONKGB%N#bu77pfdUc<< zUc$`wL+Wh8ac00CDDw3CQzxT?h`Ph}!LrB;QVk(nYJ3!t#(pWNVHbtf9v8Dh^bM0C zo-f!8IvU}>d@ruB@(!ittnDBhy}Z&)G3+hWo#91d3wEW^`M&&?@sfl7_J^0xcv0it zP_I(#zOY32^+%>3d03Y&>*e>9!6o5X7Zn^)P}^&6 z9*@A$+&hu8wd}C!%YC3`if*aWB8|}4`oHdK1I9j>1-coK+#!Nv5yScXgC}X?)T2|r zM?@41q`{Jx<1)b8`-H|SlgO+3i%A=m~E_D%=Jw&54EJeY*_sqRf40^H%>Wf z+8D<+nI)aDl#UMA-IV%uu(d*@)4#HS@* z-!2%BlCZ^W|Bl>Zy_3eVNjQ6^_K`7_kUS$>d6AB0!H(r-kDK|2S}e7rp$3TDDZYGVmOZW-7uZGlTy2fz!vNN2{3XSF0VXOW1Fbm3hU~Y^uK>e~QAXd5y}fp3}x1 z1ju{zeETkLN@aGFm+Lme8vAh;@2!-NYPM{{9UP?a@mS(Vyd5kiW39-n|N9IfT!Owt7} zDl7H9M|pvQ=Afqza?e-4)%V)uW*{s%_Eb+wR+T&YBz(|Y|6Va!wy7^^H1}as(hV$) z(;0nvx~;xH=tb|=O)f9Z(EK(c^~R#5rK1;OmD#0!H8b-BCh7eATF>+%!!P)3#Op`M z2du){2>H;EPQ~pTkbmm)6Cn4Z>{PfUc)gMhI`S@ZL3R4JihP+!=ifQEK604I@iyum zM+QjJDGHk-SUr9iEL#i+u$@O1H7-er)@xCr4ov*?o=c6! zZFzSIkcuyUZ%(ZPT=juv934*UaeFCt*{yz?uWPr~ShDEfH#8QlHyXG$3r+$DH|0bG z9(j89>TA4I2DY$o-|n)!tV3ZQFur5<1^XMlqLt;v%MmA~-bjY}(4iHWL^&}50%_cP;b z0vn`=H!~D4H#e79Sg0Z)A#qhuaOgvU0;T_5-Mo3+G*rQ)>CV<-CiIQbDvnGP$B+XC*Qhti`sx{@AaKfrvJ(Th=yP8)L7W9He`(jZKGcq)mGh8+oTSfH>kk_oml8NG_ z2?+`5$C0&N=vSU|CMP3fmY0{u3Z$@S$lwg;k6$CWct;}v!^5%`4Ycq-(Ttlg2oV_R{G+yC|9h_iS_h^+q2e}nskqy=I8o!-^rR$le9H7un8%&0 zjhz8qKJfkL^|NhzJ3G!Sjv1wt_20igg}qgm5GAD!hmBG(?|8z@x|3kSw$#%)gbM0^ zY3o4N;{B%3R_~UV81L^SF3HdLHz$Z%pR}b44Sl)a*;6cNR0k?C9%EaGRNglBOO1U!a&J4HjBD@kmXp*OA?Td z{DFtw2B77R;RUo@NHNLjDAOHA?f&z5QW`9Vh&^p3mW$W#T2aFeRNj<)Uf z?2RR)T_Aoiy+cKMOJl}wd+cpb(|%PI|KIZi26foXg%ZztWcp1y*9>Nt)<1l14G!tf zck)RjNjB{NY!;ajZiu$D@VRh#wZYDJWS{6>Iudr24B!^~1$2px1qBgT9~tGBo~8h^ zOJtpy2{HIleCAktr_M8^r-gd7XlIge^Kz+o?i=2Kz}@@;1nw}}9;Qgx*%c@$D-#RY zPbgP^f~^}*F_|2-R8+cY9m%Pv*kJO8J$;T2mMC+M+oAQx{15HcPr5!LBa7K}MmIMP z@5SsdG1n22PY`$D5Pl$>Y73T${_QRBUeJ$i*hT4L21BSXr*XfQo|3_5smKpqwEkwY z#47)z-H&2H{Y0kMu)CKA{)gi6_*L{hnbEZ~*$U9B($WES(#TsK2?&XdyppFff*U&u ze%%%V!6fD*So38+>b1FZfmhv0BPOOuJd&ou(xD+XN^FMr-E!|GppIj#-8FKduI zbdnGcBscmP(V{k!kKfa{lBZ}M+D(_5zc<>LYjh(v;wY3rY|pYL+}Mag)aV7|;rgC- zqx-Q$OufYFnJ2#ABm2UW_e;TGX96M`Ee6ze`kofxN|pl?^gz@#1A_XX1HnJGW|vt{ z9;H_tUhhM?R{xgQA$%L@!rLE^ksY^?E(`@kS|4rt1^q^yYabCeAwSA~noBc#X?$ zol=$j(s`D!w^X7<`hHr3H;&8UL{>11PyhNnhw1z~aIplr)<>gnLN6g6LPm)gnw9n{ z^N<*``Ua+Ks}8+#S3z()qspA^V3qMFb%_MDa)9ut#eMnxMS!#Fe@XGD1lqGPK4YkJ z#DrC%On8iy!IWdyCjW8s&&ABWpet?@c`NXKvpNbqNVxt`Z@aN; zb$%`T$0tHzZVEY>4Y`uB2+PK|JX-pt{TW(vn%aSX?9C>l6OpM?$Th(iS*RS8uo5i; z=P6wBh<-DD`U?~xK0GfcpQg!qjQpBc-07M4aaJ%g?k@tojasVF8u&tU^zQc4?ak+q z)>bX{;{*`#5p2Q`XXMkUgI_{zf*wUC#kUUFsQ8QUVinFa25rY$bR|)Sd}IoX;kim~ z$c{4XBDh$vk=4-c=e668%Q>B0E{nco&pE!-;eqTuwAheqctCaGH6sO&Ur|;)RD%W+ ztDpZ1ceD!(D z%nyoOcAtC#k|!jpEXm8F{hYs3 zq|bWxe}|8r} zA8_B^XPTGc*F8@|h7@U~2v1FRy4W|M?aD7z0B<_P)AbqAuSPvOyk49;up-wWA&K#C zq83PvCg@#Zmwn!4I(P}P)CM*5?}w{;w&yx+`ZglZ&5ygc-$J6GtvLd&KctdTdm-mW zH)76_+o6Ol-WkEu!`n>AQat9M7Xc+I$RBmUz+>+Hi}KX)YkIIQN5A&r67$B=)(g$y!T;4ic1x(l*={rgcz=|1*G*oOvY zs*6wYTaLnz+IDy?JXgVw`^J2SktJI&~jNaP8&gaq^CwnLBUdjg7g zwA=4(a4G!k@xu}0KLbl*#tAyCkxW@n9Yj2Ih!5|6bth(|J!Pnas(FVAIp>#bEe=?` znl#M*8eLGJK7rA-?zp(h_Jz39@7=Ej-V;(X$JiX01cVIIVR6>S2h68+v4iI}TEua) zsw;yzoPbMc6?6r`c&u`&M~1hQAa%cblSXFOPh7N~pz^XB3W$fjOcE056Wb1C{1m1L z>iNq5WzK%7I_g9(!RNH^d)SSf$`-Q3*nv3!0{9UuZg(fOVP=T*BQM@RGPs0ZemdKC z@6t{z&L#Eh-^utl<^iq=*+8px4%ZQeGBzh39kCm>7HkJSwHeBM-KftYHv?5w0B}06 zY9+O^o9lssX!!*|nW*?E{9FmqTkB7F$({ZO4d%{1i4(GVfr9Tm3lN^6X%(Nwf_|VN zYb*&#!+4+|6KpQ0ps2er9TFPaXkIizlW_lS@PK7i%LOiZEKC)|N)}Kg=wLOo$bA{l zxuG$1nNNr(Jyy%r!nfp@3k4VVu6nUHF>g*Um7Gt9=6a)S!=DH~^C-Zge+lO1Z# znyVfwq3xzP<0z5!_s{V6S;?aveBd5wt+wv^lrImTS^(@(>l(a}ryaIG0cBNwo*MTO z-!Il5Bdo1Y%U}~?sBe zb`xoKok6-m zc+~+UaG3kVM=>p73D9OGxf*I*l4lFH(tYnsm$)Et$JzJ*5&7|k)p=$;SQ(g9sH3B; zb(KC*+5FS@@8V4bmjXZNG)!$*GYRr)s;TvAxoBu;_?2R{#RzJuWUDi8wwB-jJw9IR zj^V@Mn6XE>(-dn6yQkeVH3=__I5)`-2=I{C=t&tWU2S5UtlT}M=3Lr# zlY72ov|B^&QbrHy`y&uG{LAB+k`z4bXU;={~lU<+8=od`pGuVQE}PxsYKsZ zx=(zRf?lRyo|$V(tQ_+Pmm=}O8WAke{Osx)fDwNIjEFsTW}dMF@(|dyjHuA^o$8s< z+=#r-Ulerqtr9vryNcAk@F>!kbMa{Wb|)E|({O?aDflKFwtCGlz60QRa!5?KHXHsM zV&PVqy;0X@HvbYU&~5Xo<9rzjWY?a?Uh4w{jeg+F*PiV(VS{g*(m+2pOnB1VBoEnU zF8tA#@0H0!D{8RwnS9}-6dG?ia;seM$SMOjXU~2_PzHI*lC>gnxKa4cK zD^6A7y4N1p)_{c)y;fo{u?^b%58ZVF{&LF~F-^~7GNTP2^({=CfY7EUDu^B4a-(XN z@x-{|%WBG%PSeCr#>&=ZZ`hmsuBOE;4?3;w6I^!DjO%+|FP@z}^md^dqtaIwHkF+y zidJ+j;Bhz7zmGg7?3*6RhjK9 zaGY45{MBv+{9gn`bf&+4nU_!O$RR;#1k7TIw{ydnhkZs&f#_Z*J_e$U(OjnK=#cMu zPCY^P%w>;7LsL#X0TfQzC)=1~!rUqLr`dRK_I~}fkd*4zo_%}?rsn~k_E}_-p zP+8IU%R9RFI~K7Vws$nSb!^1<}2E@>u|WLnmJ`h(Np2O_ou^fwEBxmjY)yg zdg)5tQUhW%omtRt!)wYXp+4{wgH}%2!3o$d9WR3Ln4+(a~ z4bQgM-}n*Bnjro*nBT)X>_bS%Q#;3J_M3ortQNN|axoNv0haDhTlo8@BVs7CXiq7! zs-nW0$9BY&%eTnwXNC6MiftvSeoF)wi^<9t)t$QS$4gDaE~SM-bIbPTb3HN171n3Z z!xmqz!@&}&Ih};G`y*oObA|4$e@*XFY;NfXN<4d(S4ciIg)>t1P-x4_dadncWp|-_ z*1*2l)n**Ht+i8-16{nRrs*moWP(Q#*hWD;9Y|?5)+Kjbnl8piw3&@ngUTvdf74od zdYp`vg3hhf0pqx2f?Q=2Tzz4)iu{ulh-&;aqPCBeQ%A2SUco6Lwc{pmF5RvmjkH#! z)w;Tx*Nj`E%+FBBHiYO5!K|$P2t9;A4%?nddOf~K>1@Y6&>YRFshDVd^&()QYyfeI zQP+r?N3EsJE6PiY;SAIJ4c@+a8*0i%$ygCwySbc-$CGv<-MN57sJr%!9|4640mJO{ z!3IxN_t*N_MA3KmB_sq+IcnehYtt6Xr;J~c7UtscxMwuO^qm65=GQlD1t~opj?P;h zf`3zSxU{RXV`HPEhqTI)x#qYMladP65=c7~m({Q(-7<%|es=hb&yJDGZ1mJ}`Omp$ zRZdy97E25$%DQBjtQlJlW}kK=;0iEpALyto_Vu=_FKl%<`?Ks+!I1aw((I!3?flI} zm&EK^uBi0NWYOicfWj>0o{FD=iet}uz)_i+xZ7n4FOSA*?4Q|Pv*C8`WLPl%`93mR zxJPBnM8>pMEeu5!r zJ1Ce7NtZ16#`Bz%N4}A`7s`p*?hj^qZ;^?jCV|yp)|{bCSCE7Vu#1pKLR#A`G6V|q zcvJw;7wcqU+*kHaX3ZUb{+8)-sdG#J)QQw=jC->6e;&21)xGV)jBq}oKzMgnXc)6C zt44QUO_oMlc0{qh%+IPKQ=RZu8IGhNcA#78kmgp`zVmWVt>TG6w}piTRTuDI-P3X!TX4Q)1RMw`T3k8w@A$D`Zh+|Sph_^zj8*oAbdjK?)uS=Fq^^jBELPg5JJ zruWfBrd?sNoXTNy+i7L1U@tYp3ml?f%(Z0&G)pcQ)0sqh!=w=v%f9Q9-1EPPt`SJS zXG}PCo9smw8dB5~^Ex{~*ob3lk7Z}5OBTjBedZ5Y=k3e?nk?aF5|HSJzJa$8iMPsF z4AHbaf^%D|)z(gP@7oGU0$Zg*vY}C{eK8*?TT*Xf5>}NewZ@SAiRo3xTYZL0ffE~b zRQAJ-tRAMjK3VXctYF*k>>`V*Of#M)ixjHAhKSrt4<}H$E7E~7$U%jqsLXThPsQZx z(_@Eabp>xSnffc5(vovNyX16)c|O*Re$ur)JK68lrCF>@XyA-Lk!HOIqr`CpD>A=# zxDNAC7O9q{{Y-%k^!M)^{8brK-5kv*%4*-aH}G>bH+eMErCN}YG4-C`um}uL7|PS0 zt6Dk`{?Y8>&UWR>l}z`G6`5_Z6%G`giknY+HU~;KhBlKj0dlR{3n@M|g52f)?T)z) zey;S9vVhD(^6g&@I^#W zX=2km&I(6`V>iL5|I8``vI%(FoK?<}k4VPm@$sQt>G<_4qAX$OoPa%H zTq$9Muv@8ajlLy@G?&GF?|M}&Yo9{!Hx5&R=cuSgw33ED_N@zYVh0YaF8|fh^s=FQ zUZ1s_iKFp$(Q%$M!mcW2@MLS&l8Z)c@_tv_(>X!Qp2+0wemtYOC2UfGjrD1%Y*|8~ zIbn}1yWLeA^XAy*8Y-Vr>*cpFPpS+zW5+f228#(8VbYjuPILeng;f|*pv^-ux`rKb zAV}TIp{jdJ^wj!8f{k1L$J7`2Es<)l94D_CoIp<*ZOvmvSs#9Uvk?cWsT;eZn!lfj z*4q!8bR*LhUTBHTT0b{pySIo){Qh@oBS6WwYq+YCN( zlpS3=2Dn`ykLQMDLU1!&89BKul;zFIMWS45&FtdvCnX!fLBE(wBzw8WNVsi=$1e>cW}^VQE|_xIeg68*^)+Qvtp%a9Hsa(6p8Dv+|HgUqugxeUwY}{SXwccBxuZ8 zA&aIl;D#%Xc1XM2bxVaAc{Yp0@N`gS`TH(+N4JN~M)@HZuHz-gh1$1yhid8%UhX7c zZQu&?KhvNk_1rTElgVs;C$a9Dr`czAeRMFXCxo2%z~v6pL{i02Smq-khH2Q)05bWyeSP5x}@; zo^Owt;}GJ)2@DVH=T`*WjSX|nhV4EN1!sl7qp$67DRR-uA!zr0YvS7DnMiq2T3Xti z;MAN~r!OT=zo!rt{GHxkmMIQ%U$CX4CFX>IL8Jk#PyR?f|UAmHCtRcj7;twF0 z+ak44o_5A_ogI;slr)vk$CGc36xLl$mbHu-=-7_wo^KFup?a`foEgxPWpUu>xN4`H zP+19H)tsPVr(e3iM?=8p>pEX>aIl8f^_Z`j!_S*yvN-JyAaE`$4dpTKzp9ulv%aN2 zVNP){U$I-gvpz|RsWQ^k6q#X1ykThB84fIj3W~X=wvR61{qJ8vNK&(t-}u8CRvRH$ z7BsJN*+%g^dnZL2V^no7j~33PS_Gpf&RR^&J7w2wJ<&r~`rfAg$(k!n44ATQ+APT? zbI&;ncjKb<^(X4Fr+o}quic@R!w^)rzz&98=&wu4M_K{q8 zdcMN4rxc*EWbMmPzQx3;%t~)-_Gu^{srXPkV%FeMS`Iti9adK!v>2Gv9p6fJ!506Kioj{LO_O8ZXD`S{Oy{38c)R}j> z!){?04K}z2(_%Al7}iJ9OO$)pUR{qhArUypNO_P|F-5xFBu2>9wlK`1;!!(P|6ZE9 zMxQH?l8A+w`TV9xmX2Q)<<1J!54(J=s8oG^6j_e21`2Hyr#P*L?d}M4byv7Jlq_uU z8~ja?XL&vzgPF5vm*UpY7R$OhbcplOsck8e9}kCAKxMs5_vEZgkJg&`_OL_MKw5fH z<#6G=Tc3-paKfVSb*8XvW2e?}GPLSnEN5?V320 zfr;`cCAf{Qi5~+EoJd{2!$R&&Dk2aj{0zr4vQVkGQ!H>E+FE9rFU3Z_I%*sD#qHz) z#n!c)x6MGI*PF1u=&qL@Rv;>v{Z5vc zR9M;4=t6(}2LLX?#l17sS?}U2PCMcie}ckPE3#$A-_0ll%0@Y6;}+_D7x-fMOmd_y zb61bh@FKJ6t)e{f;!;`bXVc3+i83`d(cio&kN;@}Wzcg1J$EcqCMPF(3dKC~_ zT+I9G?c1)e_0F66yBVP&Xrl$_3zQs8F))ykBPF-c{(-%yI&_Gh!{fV3=8xRI{fSRE zuS~Iq&!T>KgKm@*7_MIFGW88GF*M)f0(zvbXVp;@1Z%P8>Q)fl(#8TTE&cz)fxOXX zU@0O1tag9{PrRBP%&D(D2N7l=v6{vgO%=D{-an4BDR(#?sYRG~*NMX0dg-11zqt*9 zY8^LGG$YT`SoVv9sczLToWUbKoO8|KqlV=~Sdn5!>ngBdp}jSc+?8LH@Q4e!foKS| zItEjBo;3)&C4T(i+0V-dV_#$VThfsCYR8AVi$f5A`oIhrIc0>VcTpQ)4s24qzui>X zKE-eRKzF;pxcOa6%Ux8AGX>ogj(e?*kNe8!9+bU7V1zTWOGAs+r6%9d0IL}R zdguA?y5YW1(QELH&U0>ZH~+PEpD=W##Fmd>fqMLj~(h<`Jzk5dw>Z7rxW>=~T4P&T}0T4JFyxm5>tcpI&h|@oL z^UBe@tdrP6BfwvP2o;5}fuMF8qE^%PVHT{PUERu%<$5vPp#2%jwzhNUmdq}wprbR- zx7dYC!mKtC$f&8p74iIAV9equFcQ4$JvHwGG-J2%T7sAz;l2L+DCMGR)#l-;N6%8H5!P@!Lj>2@Uc0i=LVc?IAjKQMN8bE~*0prRc( z{`>crfcn`t$4uB>geO(8@xJRa!i^D;@Uu<{z`U?gxH zZBC?xGU#d%kIIt^ZV{sO4}nSX3wZ+YgoXb+)OvJemn^FgPi>*8;Um}HTqrq!K1mgY`CFt z`2j?5Lts7>R8_A77pw(-x)KikKCBoQQB~woL~RKMtU~9?K+@1SA4*g4&GuGv%2j(W z^HIj~i?mWn&+zt6p@MzhdvS&{#py^@`ST0M;H|y`)YN38^odlde@jxwO;w~I-%gCNn9TpF?lwHU zX90F`Y~jX%{82sr0Lld$s{Z2?$Pn+Fnk}LzAW@1HsJRnlcb$;G@WD;~TKgik zM}C6@b=3Gx&s6N!_T-`W(xG}JdpY!);{CH6b`=*;3ZO^f)lsm%N*LB|eK0}(5c#1T;ekhznXI9l^CkQ2M?5Ibj zya>DJ-<=(Rw*jDFimN&eco%ALm~Yn&5KV{a+=H^3kHS)prq+!kpo4M418xL#$Ukd{ z95{5|pWia8r*ZOFx6fRBRr|{TrY1Bk&|o82h7k#`vi5b^W}VcK9#uPp;|4dMA1Zk~ zAekr*$Rdtf_8uixQqG=q&(O8AXyia;${J88?FjM@p6dak0E^F#M0ZsQr}scMW7ynY zX|F+Pia7AEv~a#^y&o^Y`9hMu+3{%7_!;^{M8WFvPE1HWA%SyN>0_KlS@WC(&z;Xt z*I#wa-ka$S;BQ7q6JE=wzu;0NUzIqRFnb7{9hGMv8KGa}`Hki6EV?`^!(8sBViYk5 zs_#;*sN(G;^68#wir2tNKo%>&K*3IPl3I_^>t1@1By1y>T)6Tbz_G6-S9VZTg7X3$D5c=l(c3TdULEUCYF}9fF6Fa#5&NrZFgguM(S8LcmE0CDqd2d2T@8^(+FA(rm!8?SZLroi#_=_Z3hcDVa}r2l_O#U zC!X03m)|QhDhq*DRilXv-p|9S*)pOKh+6r9T`HX#|0(ZcZH%`70 zLw`?@j zp?JP1q7c-eM%=i;C_XIy>E*aDKHP5N4U+$8%eP2PpNu4o zI@qF4!ux-c1T`pbv5!7SOi~C5M#v3V7Gl#lb-s7QRNCC^PCD`#Fs5 zCxY?%WM=e|$S0Dzj-2QS=fl;tyhO?CK$fsbK;1C>&>IUZMleX7X#(s~pjPrl6vK>_ zs1Ya8T&7_aF%M0+@Oe?M55?E7A>UV>6lb>bR>TYq#A6BG);>gCfI0q)S$7Se0B!I3 z7l9=lh+|tmZ6!=05`eE3)9pU{j5GTe;5Qe7dPDn-rHu;n2q z{ssmjdO;#i$_0Biizb<$fTDfX<5__1p9`j+@EDJV8DRNeusTa2OAaa$2xTI znkte4=8BQ33Hj#@MliLZgWRvhtFL4}~?x=982&@2Vo7sw>Q4#amFp#i33yo}*I*-*3IL>7<6A9oNc zt0JQsLgVrDtihaA=2~ql@##-F39k1v#7rtiyeNxs9iLp#UTca)>nbxau(AYqKbMyB zWsv{8xpMA(yYx=7af5VE+q<><$$kZt*HAt3IRPRJ@IV2lLJ;k4MTFdVo-^GxrWy)h zKe|E5C!x}O*V*!j>O=hkv!*h3;{soI*!?Zu7i0^DX>3({3X6N+wO5D8D(N_lnsGhu zDCvb)|6hf9j6l=Bju@A|oxngYjfm>{5u$t>9vca_2|@tFlzYgDTAc*sd;p=@B)I{i zSJ6&U;$ixyx>k94Kw|6Z{iB9YF+KS}R3JLwZI0nl*U5)!s>9V{f%U&ON#7s*`KfJD zwqC!wzocW@Ps)hm8&nHm*0{^{3os|1Lmim5Cr)C?MWUS8YRITRJ6h@|j|0ms1TfF} zq6aES9XDKxI()Ok+$X^9)Ytm43Tjaj0hRbJr?u%OF^}zhfYMmY-xMy-n|5aem3eG4 zH^d5QTU6~Aa;rYJmFtCCi=Z>jf9h!$RqVz849fEB$EqV17mmCX;)yJ5ta7jg#}O3d z zJ7c*OJ`(O;BCx&{dzLB;17%+3>4}$$CV=g0F_)LZS<=ii5O-gh|14JUgKQfg4LDma8{~fPE1w3rom= zMU|L%AZeEc10T`JRxWX{<@)4TjQ8GKg(-``D zAyi}GFLNd9;ZA*RXxhies8<$cCd$A`6f46sLJ@J6?}J?I|NN~6ToHETKht@@?96;1 zT0b?+oCd$Jdm3xpy+5`+mzA`2IhV3>f5Fmy=o48sWvJZ}Yx>t%LV>O8O+G4u+7j_*--k}8qK3i=`k<=P)3HpcHp+~ONeRy=eOA7 zK{C!;;L(4CDpv084KF6-=CJ1JbDpi~s25rn6{etbw3G7%A}Z*W?%dF+up&Z&gflYM zF9K={Y0#AtJ$^6ErLDKkF=g$+b2|$|hs;HTdv225GCxr=SaS)t&ihwQb_BZUf=LYC z4Fz+o;Wi&k*z{S)!GW7A6iyJ#8pixawNY7ldj8z(paAh`9>b%Wi`KwjP3CbJ&pe`` zIB(9VdT{kkhqEAVci{SS4>N{JoQQeD^X@WV4^l$>E(3&&d!O*lN<)!Qu0Z7_`NY) zDi^%CG?{7ye=1q*H=PVo)eZT$xu*l=`EOkBTz40Wo*K@LFyFXgR{6RvkZOdfIgO8g zWWPzbz{!8taK^nAz~jW*vARS-Dn?mNr(JcRC$?uUI{@q!73rEF#0DT`jmHoW6EpOu4xb}0^l z)LO4wafPWwW>4&jtxLLXoBa&cdS+smqEKWBZrJa?{#oXuhCx zogZ#d_Te0f5WIh|IW7ENcYlYcrABL$peE+|kDZ&q4?8CqHP5)0hMCAj&Zl2@CNRv) z`S5+BWMpk=OzHVKFJ%&1_laym)3GPAYw4#4>ut_Tm7R(hAXR+3cEmhT$**LUoi01& zRsmVJNDt5=_+?#0*RDIxOV;Zfa$6p_2GabVpP!$yDxoZ0=*iC3a{YOaWux;Foor8# zM(l2k3*P4J2*1Z{r%F$x3+`Z;X=CilU%}Bpg*JZe2&=Tz}|(7SoD z%5q8LFLz*?q8&qbZB@+kLK8FPd{em|O&$%|kxlL-7sq~0wQfb+F3siM3jDm}{tCCY z_wlfbSWsy`(3eJ=!3*V4$|%l8Q7WTohJ$NLW5g1Pmnf~d*Io7QJ#H^nrLR< z78YBQ^`%>4Dk99sK8u z3IvCrH=0E4E*^R}mrrkMIE)uU@zhJ*vVQx#fc?_vK^5EqHz5!2`o%}Oo74q7W$@$0 z>0*bI8@G~*L^8`XU1}_3@7P(683F+z-f$BRvq;6%I(sP0Gz~!b{(`0cOihOsqp{TU zMT8!ItsaB}hJohOpwy5C*{u55Dk(nzBy(<_1QkR=RZCC(r-k~qlm5&WAhaCNa(Ej* zkqM>6O{dA3`RNbUi&fHHtV|pl+L}U(FY{4oTF^0~7O+&G!_+ln43$jMHh-ltz{J7L ztzvJfuD@-UgYL^5$HsJ%>({(zJeT(QVENor-cl9P#@CZlU3Y?ZUf0zolt~zf>b{a_ z3{HvBr!Q^8K1cjsZ}0bIlpItiAn3v)YCS=(9^rll7YLq5!h@NiVOGtOSP3;fM~b?A z_h}hc;QG61r}4VR6!`>=7cSbhl~A9_b8gWnK^LvFwa-FBCa?i+E6p=bq_)Ycsij1R zL76)xpfN_rnMX%<#SJ|iS`!L#2bbyS%{9lb=f0~8;Emxh-q5XKdLXyFa5+GXxtx?hD&WA6QhnoVEP zD!mMNT{!;9{{teQDX#w2X5Wy;w(;~N5#M4loiQqH|8kMnIZq_FYsJp5mL7{5 zD17GDx=e0?)}N}K;cj@1Ey6nGBVwT0+%TQwGZ`{lf5}SK5J+~Flo9( zb;Md3%?9ZNoM8ASgcKC{T{n;qCQ_~Em3XhrplcfPCnH02{zS}p8yZE+UIeUNpMGE_ zb%7ft}4!3;gQP4ayV+UTP$t?SoUsZl~uagl>ta=Jld`On;iV(s588!2K$_=QNhCtQ1 zU`9Mcv_V-}SwUTyK8-nV_-wbLszy()mRQ1KSTO0@gNF~_EH>=i9ImsYs_lV#e`{F` zX8v%UlD+_NsUphw${c38OgpNw-LoBhxoI8e`)m3J0uz&+`e*qDhXad>SgRImtSsR? z{FPXomp8jL-IU zX|p|q`;%=P7K6o8=^`F%h|)Ty5C83?QSnhgn3KVwq1}U-DoaU&I>`n-O)}AI4ZjjI zrv|<}eJ>Twr_A38hfK*JXgeckBfYZ;8^R}zi-v!ZCw0$J3A?-6Sg8?a#t7S)yrIrm z{QbvOwN}Ktez^P3fj+7K=t}wa+V=v^f@Cfie9AH%)rBj6On;vIW0I|OqHmq=@2$XO z=f6uOI^HI(x><}KbvD|uMTMwb!Mhpm3&W{ugsy2Io|}!0q=%8u z@xlo%vx~%l?k=dU_vh;SZR|qTh5P;XxlY@&VsqDZY+8yYT}Jk^zSY<7k_)Izm!5jt zwbZ3SxiwBT@jXn(;^%jD!li?WsmRIL!=13=EXk$6^QB9rZ{4F@dX*{2o-C`qjTg;l z!phJYo_|g(pb{OLeOzp28xRa1R#{eyo_G@^R9rcoRb#m?Xt`Fbd%f{Go8_}LuJEX+ zK`j@To)3KO5PHRxvi0P59Jq3=IhVw8uPw@X%OmBcCT7!V)KC}Hf6xBd#CczoC!tTEmDEXxed*U?nukv@bK`9 zb};LOR=8@dD9?4$L_P0Gz{W6kn9iiN`J%p(igJUckr0Drt9l$ob}JRkdzl?nHEs#w z_i(d})XB}w&2woYRSZ`^RbzlOg6SluVaF#_Fn{0IFTjq5L}*c9@(LeS&IgrAar)MUX zkj7?W28&Q!=AXH7-ybtHsf8L;Z%}1z+*knD)$BNbv^53Ir2JSW`PK}7g2p&vM^^$Z zN_AqK77d-Ya<2JBt z`ksfi4J-?-7eY8x@QKQ*(u7LITR)H#Ik|%w`QtjqywF;MfqJ7#e84}JRLEb6q+lZ> zN?>JXdlJ1Zxry5pqFa0C;V4QoKkl6dzSf3i+jF;DHRIVYPE+FSn&|IYApjPu)6@|^ zT>zX)?Raa(MFe&9lKzB_`=B#|@3=EUPZOi7MZ}IvF1z_a@Tv!R-T@14e3TNi7l@=l zNJgVC%dlW4Wq}W6u2eQoR5#F9ruLsWiKg6wOa=Tpe^WP#gB%{3)!DHG2x_V_hTtb{ z*}9|M4nb_dBx(Ye*9N$qQa8E)1PW!l(N8^l@?qDU2P-*^x8nO+`BOHiNMMVh{pape zUEfW5R~V6csiB=xY62Qlbjc^uQF!+A05g*Y32D>*{9L{-6u5bkioEeLJKB2xZ zbv4IvC@fEA$<}q4=t}g%WT1BuCL%W&dXd*LLsZAv!@JOzW?vCt)xx`g`u=i}Knm~B zsz`zhdqaYRhnPo7O(FzVvZwhvZXg$w+^dvd%}hlK}rcpB^4Cu?i5i}QUU2u5T$Dq(%V9%L{OwfxLBSYKEub)pV zu(hF)j~s?~ZO)Oy%cOGq^WNNmtm^4g5GkLjSa+)obX+2MP`*E%PyPr3wz>awHdHk^auiT%b2Y7>fK6bJ#}y7cu!skli3UTF zgVxlWP;MWazH2B1m>UJTY$PHj21>YH@qw}8xuBA3f=r6Km#tTdl)9pjYDNnp2s6Fd zlTQWh3}-kvardT?;=8`FvNEg6Q(`~A z(_<5*-LGWRoBr(FY$3j+axI!S`kIRRgMbMa#Ox^X!VBx262N&O-v?|W%=}8SIZgyR zuZl%=VexB;AZ}q7wawwJ@KGFSKt;;)c$mIqcfB8)kq2g6+eu!4WVk~ zmIs^uELv)L^YusLiu`|Z1XStg*KTFg|FjHf^%Mj*vsVF!H3a0Fk)^wD(_dTdAK9!) z{YUEy`d0L_hL&8H*U!kV(>);fozw3YY4YE#<|APGpN4O;_9>`$w+;ueMdfd8$Vj`n2DkCfdv_g83dg07e?RGh@$m?-)`(ak;#MvKKIa||1?rVmgyo^ zU%mO|&xbxt@4)-%_$u zTpn{BJ7Bizc&#SVj#l_Su%7aoK3|1WYJPLZ*&N4)gbcaP`J%fsJZZMy>0Hb5-_2QC zzD%7dIXf4I#oxvb;5HTm^%6f}qpeHP_dhMmL2CPn&wlbgi9yhLf)n8MWZr(0LMA9< zXyNJIW;z%wj(!2t(FWA6_&C^V>d!0J87=?zU%Q`FuNe_V47KS$1PQ)0#B@({6}}Ut(xw> zVm*f-YZTI|PE~>FT)x@#tuykPHb+9wA z_X3eo5(5YmimyH6`NR%1_}HX6QXgZ%1FiQfnqn(Pz|mK#h;Seq7{YUhP4LUExi!px zYe2doi&RV4-}*2Re{B%%0Q@Bh=Q6>)|2i|u&6rQqUGiqZ(>DSwBLyZxrMqBNSHTtP znFf(^KmgDlaiY(}gs*yi!RdPA+r8a8UN>K-uFa3RJ(D{>CrU?r2BZoB;o$4{jkZ&? z3@MMpw$s3{NFkG>5MKDm32pV8Mk^z@mxqr4^hts$G8r%3g@M31A-6wq_6ex>a`76B zp+lsbnSflMzG!RGXDv&~2~y*=sbHvo~oZt#gxadV4F!altps%rjhT z^s4$xR6^P3a!YAg(N_2@aN4oPb=SME%q_a?od7ARh?rmDn%!z`V>ZuR&$JH>He@M_ zTm*RIzkgYrd`-OpGW%)2bVE^L;Sncwg07k?V_)~ll0o0HA4>fx4P@mr0eNEv1Z1lGDFI%~fQ`H`l^tFXDauv8A!etd-g7e{B;`iKwF&Mvu_W`- z$!pSX({BN*uSZkFBXaYlDFX_4NV8{zwud~&yr#a5kEO0npY0T=G}zvKK*`XQ{IVgS z^M)X3Y486Mx=_0M>%!F9BQG#*g)lL;_!{8yxCXd9x~HT{RrN=Y-sMEzvyg1VN0Fub zHmG|8f5%V({QLMVtApBAKDcfX<4eiO5O}n8LA-S;p@*0qt@6g#@}ZRX)RW@*r9oyU z?v{Bb%<~sMJd|uHJA1|sx$vCdVOmXnI2T^}HVJ}mp6g|~=GOm#7J+D2dGGq&D4&?4 zU;s#0?dQ;q#~yX&Lt&RVt#Oi^{>{x4Z7t8Brgaf^gF5mVNe9R49^t>OV!Y-V=X`j3 z@}fu6()fqjL~mEb%idOrQyaTrlVeKy!%h$Om8I$Anuxz@FVb6&sDfMWM6frk#evt# z{}#4@9|ZvaV>{(bQ5Y;1$(*w;LQd?A$U-OodqDBg@&K?l;bXsuzujyK>~BOfqt%n5 z9DXn2b6>zfT%f&oPm1G6aU0z#Rm>~%iI7tQ)}|;ZIpmdc?4(HQ<~Hxm{3s%F`g`>YeZ?6&lR=760;W|Pvf@aQjRA>`f9X zg4f+SGqN<~w%RxkuDft;X6Q45GtmHhHekhJ_+$zAY@w2OkVx$CGFh|f-ecMY`E17)AJn___I8etR$@T?lVE;wHz)}R&O8@V$dU2f=o zoEE7(rDBG+xPr0%*;nKl&*SHMgIrNDW$I^cS6%s3wo z#-^HWG4h;_*Qz7+>ifHGtkT}IZ`5O@t}}fQH<<;M>bI;`hf8}*Qiyhb6m+exjBE?b z2SE=mkFacRkUJ^Y_CDLM;TEqCLBV6%SFh%P#!ex#C+QhJdO)-UqzE7IE{2!i{5lou zJ=HI*nI9XgHYrsx7y@hS9%%sgZmN*3@iQVkPe9!2z2H&TQw$}w$0rSBQ4v)edD!=d{CAseUto*#_&xCX`tmkSY zs|lS%E+cLYNsf~0e8wjup-2SBAmjrXBg~^?V5Lx&(xCruTYX+43i|(9E%^B`KTml1 z^fA15Fb8!a4{A&R?Fp$qcXKdlEatN3o-J_+N~O$gGVgfS#APug?n+xc=+O<-&K zK9PUZXGXm{b)ZP9}03hMgB`hlXSoF;N=XJ~>pMId1;h$qn8;Z6a?sTRN74^5Pp>1#rGC0SV%tWCR+Ac$ z7#2{fRP_lJkMCg%JPW-@*Majgv~W+7o0*Yc`bqnyc*U)+Zofk1vdY($Z%DDT^E|N| z+*Xehy>G+ zKiJ}0s)LkDE8QcM*?Nm=Nmottzy|x%^&MCzU4Rd}`%G;5I{rmK!WX`xdAxG#8bVHT zEbtp~rd$q-`tjq(crr+^tS&GxFa+BL{SNzqK?-qmFkHO)-^xs@jgl*#JO_E(APQE# z39Wb>T@V~{sPENTmVynEb&i7xf6F#f&eL_ZpHHI4QQ6wp9#lPRG=`8|~9##bP zlmFK60i5jvD2h9yMgkIIqqqtYq>B@v+|~hqDl;{s0GkaUH-56Ra4YO19`nZhA(+0% z|0BpavuE)`?HC!j{zr7^4}?%a$n%5GpZ&e{=+}p*dL;D{w|hoKc4Y>jmd8ZpLRiN_T92)b~}W;~>taz>?GR-E*JTkR0wET^ zxMAGGK12h82X0XHEphYBcj%6}krBEoI<(SVM|>zHAK-|VbA3MGp#I+l=0dNO0GFbO zGT9$c5o+s(G`190C@lfzMo&YaVEATUQ186)`UZrCz^3F8lJ(?9#{~EqNH~Jln~~gt zraF%ZIp>7}&QdL>;@4O3<-6yoNq%3L5*-^D`|+ObTVMZs4}F@LsI#ODwd4BbqfdJ| zrvNzmOr5!7egn<=R{4{>&J8OZ2L1l_7qS>Jo0p#(8YC!ZKtJ^R_czS^H}8CFYjgU} zFWufR1%_6~b8BDMJ6q7=(8pr-I4mfg@^$jm)Tzd@1lcMPPia8 z2$)>R%9=B0C43nKs1i3K@tOSQGmG6^abrzKxHx%uZUFKr;4kwrU4%`ofybej$I;=_ zGzLs`VGdI22u^2#pnhvvaV+wzn$<|_oNIdWFs<%T)!A>G_i4rgtkt7~TiZl0Y0x5| zm4!b{0Ol)}nPrnN+>`WWhJKKh$%0!sU~COz+s{mxoIQI(Tl;NSh2OTveZOwL%@6DKfZCk1x`7jnP{KvN%CQ>AH*FzjIq;Bz z9~TUiTkhA#Y=O@zm%~9G`t&c@bo`! zgaoxo9$~ZyN60KhZjfR&L~U@vKnKmEq#7cCm13!! z>@BrpnCh(7H?Xt7*L2&F!MxzKuSu&q@jpW+O^QTih(=*Lk59gFGxi>{@xGj(a zw6yk3cr;&xizW8jrAv=#9R|-wn|f!hy&j&b0RL6awO)+2V0o6rd9LwkPAK zDS`k$hnRS2x0^H0xyVTNExHd|ppgC<%#z7|4;6GbR^RB}-=!c$IP;USBLKFWm(F zTocQ0OA_*_x=&D`_uGd3h*jOkH~03>lb?M_b>ajGDJc;Z0k!%IA;u#Vj2gX5-m@{F zLC|yBv1>u!xIWfrA)tKzhwjk6hllmuh2~kpyWz#5G$$h+-VvNsX+5D#a3^Xt$Ia;D zN5;w5GVux%LwY=vc@uJN%YO2AYfGvXcXzw0tGfnzGF(!?l(f2r&*3DWB@7UV>95&OcCjBCW_aN<&91-!=lf#g0%umM}51EBvhzG)^Z)*fhR&bi@ zoC6tx=BtJ9im*^bM>5#0eo54^1{_gyo^`r-3L#86QTMD&ezE>cO9m;6TL83yB)yj~ z18h+eRcxM#eyXO?iqTu%LzZNudY@Cfo;Q1cFE9-o8emR=vTaAgm=GGSr#Cd`FIULR z;VdW5rK%$;Iy8J9WccHrqe%ui+IxC30{lG7H%&Sw4g3nMVlRKWl!Aw!v=2MgC$d`1 z&e-aCwot4N^66+)NYWLkpvLqKC)STCwB)-xY7x`g~(0#2`QJN zn|9k5v5yVE8A*dYW4OrZI$op*i!oT)@TtL4V{1_L{BV=A4+&zxE^WLOTZiEgl?g#h zUY@OujkqKW14GV+LEFP~zS=Sst?@%f7crC0_Ta{19aY6p4)%Q4WR^*cdG(GCZ1pmGpE!Oe z9Lanub~6QZM5|67D(yo1b-mMHR8GdY!8_h-=FCkbtFz@U-FKv27&^2?0=uh9m3&0*DLx?65L?W z;!fGrw{O4+YW`UWCzG&$B{~`ucK1%kJ?Z38cE#&u_;yIlCnAMj4_yX3lZ3Eri70S8ZWf~I*r5sWJ%jkbX=6-RPx zVzuP^RE5KOTMerW>s#@USmCn)$;(9=^Wu%*7iLI+e#_kba4-yO5d@Hy0q2V^YeN{l z(bBRL99m!sn7Qa`02UDoNRbB8JF(%eCB$El&Gpj4eXTs@Fc{Du?|gHOkUuGItoB>X zU+xh;uEo7Fjw;?bo*% z*EK`u)!;g2<1I=@C$g%lD(c0Hx4pdvpl*wsk54^0Ir-+Gh>tR+fPlqRerqlW3=+zE zMmp}(=E8Aiw~Ck^$?_G}VZhjVhXHe4txw-n=}*3v!XBdv*#2HMN3<$&Q+{Qu@cRAd zhFh&1Jr;i?pVE^{K!JJ8CvnG~*^*_7p(_aat&w zsMlbBc450V=oObqcnq#`z&c0{vTRwUc^X5erq9E}>zU*vl(C?4+HZw+;)#;#-E#l! z@2qZC{S^^Lrtvuy)YlzNzTwfd3{o&-cF<*|XIc)#UnbW@_cG38)OfY^*5%We=JLDD zY<pHMIELa!-(q0-k7EB*d~it8dljIE37U~cH9Wv3=EUR08+Q?1E}@rQRcFZY z?u@QcJV4lky47K{E2V*3?6Y-{ac{`}&6bdY;m*>}DKO{`|k5rl=_ zIbF%zJjvVJ`$u1&jYnN>L4m%tb-JiTXn*DhIoGj0;VB2$fR`VwN-1J+Wx#v#v;9% zxMUh#ukEwB?-3AohwZ%B>4CW={Fpy4z~N~*f56Bae-^CLa6+S$6&~-Q;AG@tI85W^ zrjuqn9Y;sQlGPRL3I@>5avH!=M$l6tpFA3`D=+QyeD`_k8ARa;sVaCETVG$S@-F_i zv%IWDd(ZXHJrrU*shl4Lg5gvOd;nb;7#MKJZrIrAC@T|~3bMEmYXcdRx{BFY_XFbn z@#Cki@57EBG7|oPH-L_s`qrLL60Rt6p2U`guf2OXZ6vSHPC;DQCiSFD*t6${@S24t zCOdZ4YtU>-&E0hC2Y=U#r(R$3`rSu*yB!2G%ZnQGq(d%HPmSoHz6%brwkg5aMH7RX zm+^TZWl#nUfwU*M59`jrAeXX`5ve|=qC!hb+?;I4qhB^o2jkjou5uiCPf3s9(O?H~ z?Mt)qy8HlMtG}3jumwj+Yl_DT^M_IHGUrgud5B%di5=$fvfp7e6%1WmN|5zbe*i|< zuCA@TsTcJR!D18>tW|11a5(?AFE#PZSzx=Y)qB#AyUzS69o6CkjM5t^PBGnE$;q}3 z4&v3!*w3He?8DsO&!5(lpfi{O6LV&g&}cw*bz6M9*-z_~;Abf6ykkBhT2`KCloyu>RH6EzvNGNJtiWTH&)yy^DF|9J z51LJzHU6*n(gJ~#eeRD?XOA7AsaQ>vFP#VAHZM2x#NP$pYCT@h6+ zBrO@7`oX5Kc@E5xmSLqn$!dS6&>T7SLnL0Oh8}M9I9+z_(8$!A_9F8+Ls*hlSgkY`W9uO8)xhVb>6o2(KKAzd%dCT;kgDW6 z?#ri53+zOWn;A%anzj9W(6Grxb_^xXy3t-jEhQntPWdQ;*i+u)9i=#NI3_j$t7keg z8+|+@B(#T;HEBG$)PV4?6Ui}@C@aZHCYG?!L+_XFa=cJ4w{$uWx8oR?lB&s?*Y&0H zc~}TZnMki7H0w%%gmQo|NPp*sX|#g7Pr2|}L0&$WHTls2kA3xIVQw-eN!44=+^oPw zF!g{Lkdj|w*!}qbXEQFn)#{j;X>u=4)>{(3Zd7|-KMN(Z7AzkOeHTrtOesH8^VgL! zEN$O3I%zJ&Xr7Ndg$N&&b1ud>j%VS?4RCd=NxU7HsTKZP3*d|#;{}2vKYyX;u?@tT z#4;?DDB1KG;qs6!A`h0j%;%jwJMUZGWn~$eNc9QY6_F5pqGO!2lA{ukc+hZUD4aMk zWnjtqRi#2NVXV=>Dz=T{%>cMp($3z0{`_sHOJM@XHdJu}Zk)|xh5L5!w1d>t+UwDJ z^QrFMR-J$w*l&soDErAwxi12K*t|_fB%)Zf0503$0r{2`BpoPjjkA>p*XHbDdVCkG zuR#0202dgDX_~@|GBJwJAbm!vU>;3`$W#1jAt{ucq@;!#=*J($Wg(d@;F~!)=4!X( z(HA3`_~Yl1#1T%G@F;NzF>%BPWp)EXfv&;sAlb0ZJJpItBBoQ{Qg+|d2eace&>t?0 zen49}<$o|CF))2wRB9S9P04aM6=X&M8Tf8m(* zi37XlUYhCNDLOr4>%Y1f2VFk&ikKcNy_{J$!JE*N%LUzTjL8Vc;aA5Y6~ z=n#k!HRj~o*lkJ|Z&cp5F_H<^#J1MZAa|Y;h8x(D%=XX$5Ilq@#V0?zni79Q#{D3& zD8t}d8&J|7aiM5>YA<)wnCZBF->SGGQsJ$jyAvCz}QSJcQ1|am8*uiXABfcU%is~ zt6qQa>n0--i<-VIF7D(L77=m1l6FFl^#l_G9yp;Y0bB5JZL+tb05}cXMsM(3)q~WN z!m=#Y%2*D|l-0pA;Gk<{qebwPHfU9{C_U58vOPe)S|i4P8ntsp^e7VXvQsrfJK7$) zr->C55Yz?E%m)*S0}meV_y)yaW17^@mlT&~*hk}AbrcWmdzs@rmRWYkf*+25j-hF| z2jWd-?C@Rd%h2=-6Vx4J#YWZS7JlwqH#jvE8mf9lWpHT1xLd#O#@+`&!kenYTp?)!Pe`Ej~;FsKp zpEH|Cf?8jh24=6S>o*xofk3NHqk%Fukx>M;iYwth5D;sbcC9^M9uK^KpQhC6=23jU z0SKSv;nCGQ4gqi?oP@%?Ylx!?FJ#Wz+RYdFUE-Uc&xi|O5X^fs6fFGBx!+G0wMY2B;;Spm7#5|xYCN9(=$d@3wzJNAhcMJ61xj+*_OC%a= z>;AsUVD$hiQ7L`?z%)yOV~2pq1PnWeV|0X}CY?RZf!gWcay{vEC_E(irj1M8ORVp5 zXu{2YULSmAr~>*!@+kHX*Ypw?xBGB`whulBByFCYu|UvCqC!D#vEz?&8kmsoCwCby z`{1V+&TG5nTyk>A);3S_lw><`W*2pbdO_bS`c)rP!X)w^l4Vn`-0zIb7-m@lCp@DN zblWHd-G!SED)GVfZ(LrVIs7EjG3$}a=aHUoQhY99x3BHFu5Wc~v}KpiRT(co4r|nz z?eH8tg^WAJ2oTsw*lX|3J*gf`BfJDm!fLmF(gOjm5D(|>X)Q+ ztU9EFc1J_JMJcQgT-th{U(~|4!o_QCqkOw&H#l7x+I+a4Lx&TpP&!EgbHhPfLt`RU zmgDK+Zk|%3$dCEhwR?KA^?P2$$$ryxgASNI`r$2vEadoqE;<(1u?Ry!?rdDZn;xGZ za|Sn5w$^D)SAtI$v^<8FVj*c1n|${36zqK8TJQIiQVWlW&B5V6WL+b5er*fEWa)Mu z7d~86JL|=4?@55%6jVwUUO*v&Ca_%+a4N#+r!<7e<0C=Bki55pY2_*70dX1sN1F`` zUZ5Rl<8v=8nF4SQ5as1%E?eP*u!l2;`uOqEz)Dv0zD#{p<58HrmF3?llI#{thdF$A zz9dF|n)d}hjlbh*P-#2JNDHd|!l*0y+OvDQ188If_*?bw-Fs>|ouQ5F)(F|Z-j3bZ zxKqOWl4M$jx6MZIVPB=Z{!09Q%F}0URr14~XeLRA8$Ux%j^7CiXa26kt3RCZ3(Rrz zo?Go%HQ(P`c$JXgprE)oSl)9|uAx(22!ex*RQDVmx?+zrb@la4QD3vNO7*YVl0Lcb z+x`$&q?(F9X(jea2$Stn-v}%K7G(R{Yh(lxAuDHlUspS4%dl)>reMM+B!P_V zAlhQw)H-cs+WF$9hK73kduhXK<7zj8eq%4e^L5K7DuYB7>1?^ELZ zQyFBLu1d~KmpFeQaC;)}vu-=rUpl_;Z;;tba;CtvTvKs7BjARKNj!0mD8zIs%yBE5 z%l(y3`||Z09+IP_=8k&q4s(7CiVFL}8ZFJf?7Sd0!?*1a{_oiA6Ft!Kf_y<89lM~u zsfrR#^Q$So%WO44wT9;qT_KTy)`qC_T-Kv@m-d9yOb7LDH0bD_*Hbrj;zC$2D}p8p zQWi_R27{*t$aE7c^PgwWWINfq|Gtmw)GQBf?D2;dOT zuuSohhlD|3=WC$9)N4>(`zw07Y9$LhK*AD}(#th0T3|P@E4upQRi(TtUe(CUu|6V& zRaHg>HCx&J{quearM6w!)jusc-t5f#EW`w`PI}3Cg{tljNA3#2OGJop?X~`-L07Hm z&!OY2T5aFHKj^ze`H0i2S^l6r;(sD%76t@!2}9lvewDEUGGga$K?Rgj#(okRL$C<6 z6X6^@k4T^ zMFWINt*I{16F!|9cEpb_7eZXUH!RM77#&U*wH?~3!LlA$C$C{(n`Ylr(#F1+TZ)}G zvv?Fv$tL|S<7U2?EOWS;dJUJwPNqfC_qpDRd8}Z~+pk}*ct+o021>N3gkG4oW@cl` zSt%*0PX0ygE~k0*T1Pflw7jz;@KU{yTL+9b`(Iw_6F!SaVdkd#>91uIPRWW~&S4m% zmSKH=jsa0YUt~6_`h~x3hT|n0Q_>&d;-`c)4?}-K#g?n?N@T zfSij&Ugo|VPnzLh4K86eZagdB0?kdACo81dc#JLaQwJqz8Lut&T1-l9*|{hBHE~2x zF9)P7Mx6zh_Twsnfcdr32t!3Z-4AU;tcp?S%Zt4m+&nxT4H|K}QkG8uW81vuY9VeZ zMfuysKFS{W&9dwBom1ot^A8!BdHl5(y=*T(VKo=pM}vs~mG$@w1>bdy1aTOq+`ovc z#TA0flN+x}@7OwUq2xG~1d!+z+*duSg5NfTS;;dpa=b3f+&);Jg(X_i&qFCRZ;p)o z_;;_6zS;o8(()B5ga6C6+F+=u`(D> z{QiX8co^Q{`Y-t5ROlTD1}VVZ2`8FIp{Bar$E+u%T&zN_1uwURVde1qw)h0%KMzoJ z3{)~}Pk7z%2W_E;R`jnj*KlAVqa+u6ET!k*zF{*wiHL~ z=?D%woj(kZ&sizD?){_y4Va@RXkH~I=F9u6-TV3R@$-<78riu|53qouKEh=;+}!JD zqTQ2fu6%%G-z66-FPpAyo1dd_dK8vnZGF$yI{lg3*3SI|g@6lPrKRf@wc1riOGT9a zNf983Tj0+|@Neft;NMInNYhnw14(gI7RFPqSfV9FQ6}kSYXbT(?`26t!s2u68@`fp zgnO|oBDmje_Wfq{C8DWu$^%15Rak%t0Q=P9!1A1gvQv%Mn#YDV*>XEk0$;fWH*=T) z=jXBzC&B^r2d9P3DGl|WX!cbgF+c%J}ctM`yQo$bi}vg(s?j$*SLpQEA& z=RNEng{81YRVh zzj*gxD%Monx$W$jYIydq$)f5ujh3(NqvYd?w6Af(>qv<^V9-IxotD#$C<(nDcKwAs zD)=oPg_;}cp98$i71xUZ5({8a2YE1(9%#GVwZQhJlt&u}yl`tLHqN1Dr&0Dbt-tYx z7BLWkTm&_O^Uvs!o5+sTB+KDPHAtw~oE%-9eZXwz@L~uNuwEmJ3c#<3o%9_v+am`W z;`>(bib_pL(s0>K_{uS+R~eIi^($%_qv#gsfDbR7$20NAf$5*-KZZwv4frB@&JNhq;rPT#ylyFBZW9D-SS1tU?)kXL?cuDI^#-RqBG@ zy#O;9YS!xA1RyI(5r;3=rz#A@EGP`;l!Xagy7XuY#wcK-B6&QSG4z3uBYL18xc=qg z`fRT>z_oR7%Bv23AggHTdtuy5US1I!L#2zak8?ikL>x{`20)hoZ#igt41X_F7ph}_ z^T6e&@Oj|<-K&dIjGD3Xc#*`(gGIvYCXRIRXif`7lq+~I^dVBQa`!jMqpkC-XTzWM zOkb)zMW=X1srr^7^4is;vvQ~l+gc{VO+4K3xxjJk%Ts|fec?~h7YO#(N9C(JzvoSU zb*?S(J(v7X?g0My7Ad3oJxkxB(53aJfX%qapJIc95wFr$(D~;UzhA}Zo67bO?r+}H z!eB4W66lbPV&%l;;Dmo6LeUM!E)5mmx{DW)4Q1e)2O+r&Q2A1oTzvzkc70Skp|L zo4&2NeaBZBI|%di;9YtRapi3Od13jiUsP15zl=Qw1rz^uJ2$Ss{nP9YkmQ^9r>=TC zUe9OKx8_EUPm8eCv^p)^vr2}A!8+~USdG1wz}mqU0twU-@9X&|CQ-Bd4=pZ%@4}=L4DhziSOiRN zEXADk4rwpa(29MJ94M7D>CW0G`RU2&o9d`XW=0A+DN}#5AaHr?xU*;nx(Pjx>1=vU zE&ZhslweDv7_#(XS}C7AGdmAf$&C0I`3t<`*7x1K#}Cp5aByFcIu;4f+hHQMKgDts zzhlQhqHgI$Z^c(q@H+|4jXxk%qIrvM4*Qu&cX z$nz9b8|##HH}86e-&R$b{=!8L&{teD_W|=J*ourmYAaC!hqmUn?<>tqdnU1^$VvyP zr2Nt}ljap}g~i7tyrXlQLd_m!!lR-)oI+p}qqo&^k$QQsRSLA=$S#_sQ#b-u{@~|73xjQvM@kpfs$pER zx(ZP9X!;3mg>yVq#<%c&6igst@K*Smu?Vlu@}CZSgR^H3>bx+47$=2|YowH ziiVljUB2V+E*t(-#L;ob^SmuDKK9<;S}{-L>DUl=#nuV{i$p)>Dx&FAkFY&>1i@^a&+vB3~QQphk(jdhku_PE-u}Vvn&fh5y)VcVSMpG zJ2s(fHU=5vdR?$uACS+Wpxs#AHqWZg&?g1H0+^!6;>Dm1ORVr~GDf5Khjm}XN5?35L8xP)ugDFm z$_RvbY(_8Jy1OL)x~#J0!<37slhuK?Dy>*VJX#av$7~MrW0(#FJeLA^C!XEhN zK!FK3C(w^e!ctydJ`=Xo*`5CA5n+{?YdPE~2^yh2zmXq5QVSQI-Al^j0O4Q~m_vU_ zMdi)@Fc+Yky_kWo1t#RAmK&E)!W{-`Rw<6x0qP1aRJ_=Y90qC`4{WF~@+$MB_S~{L zjh#I$AJnYx+%p?iSr@Q6Aa5rjOv4lm59JNlDTvwwkqBKB{_7IM%d-ZI8C$$GC+lxm z8QBnHp5BO{t$+=KOQ73!E>UOP8qi#is`nxTy)h5*@`tJw`-t_N9~34o_e5ouXJB^{ zmMrCt?mgoIP5)A^Wk&hcUF(!7T(cp$v?GF_$w<5|Sg@-zpEw0e4NA+(Vok$ zDtUBq(ODD)#ygV(hF)l_0t3GQqi8&<)Enjw|1iPV3n3~Hh~ zH(>1a%A4wtU3s7mBIGxk*b5$B_Q*8hL+H~a#~y{Lez`P*)uQJ~Y+s_Htvsk(0x|-M zbS{^VmP@kTu=C0AFDX$v$(_RHPFjyd9g7b!OXQLzj!v&CJK_h$kRq+mz z89IKLL)#uDMnO(4`mg~^D<9Vau-#_-(#6SMrjF)=rLV#jFR1rMT!Mf2&E9(yF8w-s zs{t%Mti9+`c#s2B+6#h(o0yXT)`p#*f7Qac9ERqqm}3-@3{ z86q7W8!&AN3iav&tu>)WCljnc3JVqymy~QtK7shgKu&gvLMTmlXR51PltJs=eofZF zlo4REOEANh(WTp8FD)-5wh8jLf328Qa(cE3eFH2xvuwb{nRS=|ZBpxeX^4{X*wHu) zMUTqrAisH;D$H_|W_6?a z7+dbgsDqO*vv9_EIaBqm^A-~j3{zL=x*4;r)myK%hEOJssj8*(%HJ<3h`!}dSR)`L zbx%&}#q8?igL$gJw?R7SR6ktKJqJ89Tdt4(P|z^sgETUltZ5y;d@q3sMLQn~kHB3y zN5Hh6)E$8aMI79*k&(8MjeoN{gmwJwodY=mJ`23dQ$-w>PDaM}^ev_;M)s$I-+9BnRDwmyGK>o~E5URGafJBb z&>%~ZRhQM0A!12$dxf&Cb!qC9dKf^*k9ta^Hx(5`#o$fHVLOmvD(k*q$V3kR(0;3s z4!%190T=?|Ok$5T0TyAN_+_}S)Z}z70n0B2%8x>|;yRFHj2CDh>dY~(Um#=Q3Jd8P z5#R-7S1WN3km4%vL4aL^{8-I;f}-@*9QyGsFY$ClWW1s<$;Dm$gKRPqb;mw#+#tc< zGRP63=`!WqOpPfLSEtUsZfohtoh4N;efSMoBl4Y8i?A@l>8eQh9IzY%^H;bb8#d#6 zrMWr!+PdVAH3}SeN)nBuR5M0T+qs^Gb{5pQf^jce2NyRp+UFuxcxx&0@hNJ$pUj7N zpxb)z(K$+5&nZsG{jCLXD%hKo?};7`VWP{KNW!T(?RX#JgBY!E5WeDK64XTo^sDd- zG-Ljj;DPNsL*V43kZR|yq0pycd;0;1PdmBXM7iOsK;;AftAqXtx!!omW3U!uW{ykn zA3xDoxKv+qIz|RPFJ6%|_Pxs@hw;Dv1hZAECj+e3v!&nh+&rj0S z^_w`mVi}H=CBzUqcy~wr1Bw}3uvm;9W(?RjF^$gvi2KdnQ$FxEWaibrzg1NhRarI3 ze*jL;_Qs(<9_%#cC4qRk(MoqZ+3M)*U0@$E&D_A$tPiyKHD<)hO`ICOvqz!endsP6A2 z^McD>Ml)br<#4iPT%!1$1Md=4*;6s@q)9f6DC!F~cD{K;{huY6xoa4MQA4YO@d{VJ z02j?iQ2TF6%fJ}-BQ0)gXC~5YD0QhyPSP)4f5J-S;Hcpi_`+DF=VLS5-+ViK6i0`S z-LkH&%<72eb^FLzOappg3))5S$)nU#AI+)HUyM3$Z^rYroIy4F9b9J)L^4%Xs{@ql zZ&pLuXfh_EPso(b-O^$Fd*&90(LQ^7Ho&wmi^(Lm7ZHU$;RlBOAyK0y$l8u!`XF#zwF_SJ2RA?<8txP+1w?E;gCOmog2rgj5$YEGLGkbfIhNWrzcw!608tV|r&%^s^WW{P{JJlz4i~C@O57 zL+wB_^qi!;d9N3aU%-oMU@hU%{aw-fAwc`jD`VGWtN=9%`Ynx=*K~H7e!S#57z8mH z7JeM5O+^-D>sWfvuFudk$L`ciWgz{pTfV(q+KNBmZ%01&1CSXhMy*i!?MvWdG=Brp zLaM@eOgU0W4Y1wPL4`gl_zp_WWT3RD;7wd!Odt0LLy~HIlIajAcK{iYj{RM)0%?K! z_BDHJ&j^&U;kuRw`UM`vXcN`#u4{>+m>J}MOjRK3#gG$#u(&Ji8URzh8m#!^6~2)d ziy;0U@?fAM5l@?m{-rMWF3Hl$(%IfejC5n_IJL>4j@!ul;D75CaKVi?QN6}W&=-$N z`T}$Y9Y|tQVAo+T$tKbx0bw4Bufm0}(agdaEm)_J6&dXqy9y}h=Y; zVCOjVadklCRNSDgt>_532rDQf6+3sj!B;*}_*Tg|uJAI~ld}i&4Uy-7VPvh=_@a~n z3k~|8>40!Z$`tq|QnLKlL1Km{1QeCl^JjwAEvm&>%!GN;k1TMlHs0^!X@1vP)Z-j; zFi|v^w4~H?$`e*l>(J0Nx4Wo#z4_wt?H@=HHoCXFX6OWLe5R90e8K4CpJgkTY+21L z=nf9~1=%cc%7N!0=BYI)b%ip*;Xs@KT1bU+8y`ILR~$i8Bpj@;PLp1Dntbtr^H-D! zjK>KRFr`)JU{PG}F&2gi9zHR#$!UvE$Wz_48z3CZt^%kqi0)$Ve$M}UjbLz^ZjZuh z(;DUe{dmd~_Z(;10eU{N9!3~RuiYS4{A6ls2K-s1RP8r_?JX!VkxA(8mLD_GJm*)Ziv)~_ zwzGo}OaO*pHSE8;;V;g@&|J>__B((t(<)E)?h$K2j3h9LP+`bVIiui5Ob#f@q>*XD zTMH_7^oNA;kalc1C_VS`G6?ke^#0$i^( z^S?@o>J+@MHiR!3;NgYb+FKs~zL^l;VTHR2dRQE_7+({o#vWkUVbUH|g{6{}w{BnH1fn>IsnX$FN?Va7ujT>Fm*Qx7Fqxz7Gl9k5- zB`r|}Fom+gtdL0RP%>P1z)@T65 z`Lyan`%ZYxq9uP+#;0`HWN&IyNAE=pb7o#4G8YT{bi?3nR_Von9sByq#?&Q_)s!?M zPy}b+y7Kp%10#v1PYtY0%ji!^$@h`4Oz?tMh;N)f;59&KVzCaebe};w88f4(tjbC- zq-rC%@IWSjY*G^VwhmH$<-^}=P_U`A56d7{E{_jGuFRW6;RDz61o+3OcsrDgKr7Rh zl?fhK0${-Wah8cpb~m}p2X6yPbsNA2XVrHWfens33%W6;uIs>d3Pj{AND*iVq|hs) zzkN&5GkRH&`BX@4HdF)tT$8TXed7VB*SP(9|1;u7PwSFR|04s;TtI|bJb%+76K&z= zNoj%$Wi%}Q!4MseD7pGZ2z=ECs)6k;i}7@_P#qpz$BianQS<%$ZZi;c1B@OYyh3IX za-2hl%Lz{z^{-B}QNFPZZ4dfBCB^wUPwgbWpA7CrU?7&DwA^@Q>j~L%RWqq2fG!iy zfbNf3K(!BkC`shOTJ?69%OrX9PI1OPiDXNsKO%o8MX_7l2SV()$#MJP!Q#Oie*!q1 zoVt=gdBGt;k~yC;c>b-l6{wU83r_O4>60X-ueR|wyPqS}LnLxT1>WKhm^IqKNKdV| z_?opthsj9>9qUr+eO=lIuU>9sEQSPbKe+FDHR4g=sq)*!4)a_qt;4$}eW)9q^GD+)}TLZ}U>r>bJp7+qJ*_km&idu*HUw zgD@VyCrH2lv{Y}%D;Ud9iSvvFZK6o0xC%yk@TX%GXh*3cCBTa0Xygk`JDg=tKOhu5u(CS6==1Aj-f&*f&|G zop*vA3Qx`;DQ7f8g@K`nbc_Y$-7#^`ak;0&hI>Y>vFgJ02j&F&NZy-(EU?Vc? ziZlvx-5!UDasgYr{EwjpN~I4|@+&%Y0$!*EjupS4b?7EjvuxYvivv_9*O#7XcrVZGxg=plV_K z<^HRLDjsf?Vz+bm`ewPi`DPVJ3!1x|QH9p0p^54CMd01tan17z|*lYPeZjl|MKL+y8bgfS9YXP{sZ81@`Bh z)5@-cZnoZBTTp!Uihd%vxu}IA2J9F6Bw-z&Y{v6WkP_t`zhiffW$wZJu|5Q!g;EUa znZ;$pXJ$*i-5P-*THT=``cKLf?n&Vz5UZ&%ABigjT%DG@iDW)7doV}?K}u<}wq_8F zC*oU22?wdY0%oX9tG-)M_<A1Jk z47J-#<@~GTcTDV*4kxTe3#}T6Y2l&1H zE~S#{0m+dkshshkySoNa%(qi4YK`)Eh+=?ieXQQ;ehdf9|MNvzmR!m>US4!JIgdsK)%wv!>lo}5Yk$AAronHMr0@k zh)x{K`7tjr2C-0+ zEX4l?sDrPU_Lub;CJY^dXQ7LOHwu``1QYpPGoyQgdI=KX`T&vW_o*9TOax&LreQb3 z{kKVI9y94!v#>GdGpr~A7^6*JL}EYBEF{Jf9WY%Y2acz%PD!P5 z0=-RZW#^ZnnX01!ppUGvHF7P#_}hKS$*BSZh@f`i@`L!Qj4rbhl=ex&$oTNzAP86| zVYI0J%*wZXn(_SfJ0U&AW7t3HzB5;Lw>v&jX13vNX0ILw22;dk z(?lEBfCwFg8;gk;9OYPZv*!2bm3_l;@puYaW5SiNDnJjs%>a1%kpXSm@Zs z%~Ee*C&RdJirH8=a!|5`ECv)(;wv6)Q9C5^^(9Iiqwf|TN<06__Rvj~Op*k3E<@q> z|D)TWIRU^%n=8H5S|AkNj*5mzANm#`0A`gqO@sWRoC=17_2l8y_I9c~GnL6VaR+0L zWXVmc`%=rxL1{&&NW)AY5h}KL`M%Bp<1}z=?x7>2ZCAhaWHdX_!j!dKovwKM-H%(~ zU@`sj87M#lCV4Q51^$yKNqn`x8ry=D_1-vfIA}1R?j@E1z36G9432N=_np#~#YEQj z0!6+es(}9=A>hjxg_SZ>oW{KR(koe8|(HKd>5 z?{_NSe2yQ;OdCh_fUwd8) z-;OJgk1 z+EI>EOZjRqyPF!+zAe6WLCrI~AjN(S3)g&Cni7;lVjZ_~peMua`~8|sI;1fKd2}KN zGg{Vu2>54xpVEGete)#}@W z;CR=StJpaKh%!kiy~@v5|GP2k;Hg`BNIfDgnk8>NU>wH)J0yijAz1=o9#E%impHXX=U5aeRgE7d3d z(CSX~tetG@QyjimMkn;o?LmokU_fenN)iyiz6?Fdzn9V1li4HqEG{KjJ3VupX0$O}aQR4LNRiP?xmcr3li<`(e6H1-BxEEhX#mD)kR5imf4BUD`; zY6_ywdfWNBpp^pRAa3Y}lDciBh5M5^$8nslDS)pL^+re*w9OAC_Y~6&N}G9djH}RW zbVZwULQ%HPP4d>1>^}5yDi~~lgo4eVJ{|uqY4{)PJXOYBJ>PeGM|X@$4h|ps62Rt5 z28-m0GrEoOWJ}-uj4oJzSvqWU8%KA=Nw`@w=zjq5m(dmET!Y1_fX@<1p{eO@OCup^ zV`dUZ+{(SnLqS2b73PnEFF}Twp3_lyvBm&=eqVw7dmx(R&nyHmB;jXXHrNg`$v zGt6x|)ErHZZvea$`#2jbpH&?5^^jpZmkz|u-DO{YsWj1JTc)y?=Mhx;e@p6_xN0X6 zDpv%JK zm|80P`Y~Gi-?T}>(E6HI-5WRk&{FWc%@$Yw*G6Py1V}OVpEYD`IlpU+cm{%UE-w^% zLJa(5w_dD&Bz~XWos4iq==BtkI7P8KO$BBl(VUE zL{Byb*XfS^7N-!I&y&*|MPC6EjEYKQF9v=*FH!>|Fc?Z^u5;Ph;B{skG>yxjDfzTp z)Wiue&&k$--rT=yUm#=>qhbVy4HN3P7W(4dUEYU&MX_eK zsc8(`b7`zUbL_gN{eGmlCg|IM=bfsJH8o;or50wl+$svYLX-<%?lg!xdy9Sr}foMdo^8HxIMaar*(-SlBrzL>nz)U_VAx5oC8Dhi@I=&>@g?eX-@rZZY~ zLFa4Ar5rA&m}Y(V9ttFj&lT$Sdd;Qne5ZY@h!5Luy!#4~$Wpz8VVVmZX|R~XQ!tUw zh?pdGlaFjd;vu$QZ$tw}c3?wSCJhrMBVY|9GjA&H9XTc9lY!1j4>z@}$fksQ|Bb+< zsC({i6}hoi-)ydN@~U`how8}i%YhBOoz#ck!d#9EJSQ zAM?Wb!gqywbSxiM;WXi*{^oJ#;8(K@eVGOVBTYsA=CnvIQS z8mo>aF;0Dvr%ET85p~lyWd`w~r%j2K#)Xk6ZrnhNE?Ti2Kw}#elG<;ZsXxG~CHAw^ zMCVKTz9mXa-*mWny-gtks*4 zfFi-ZYs7hNam_D(Q$FV#D8CR`Zy@3m%BpLPC3Kv% z+bMfJ*ktDet(clRi=`V(4|vtOfJwvF0iQaLvEoLW6p5VOI|dLBV2XSXRUL*S2dTC` zP5+Pp!C5d;2_j8X)l&R&Uc#^R)Z+-zB+fT%8Fq zmJOXSKd6}%ESE^&RK2#Vov_c^jrDEDyE?wu*wZm*^+^#rlo>*Y5-}M1%^TqQJ1rX# zR{22^+&EW6srxv0n<87%IYXc;HSaasf%ZullqrslAQFWV6A}=3q~#~Up6LJ|Uk>r6 zKkI(Rf-F#%?1aOc0H%oJ95zf73L+n2VEy_NaV~H@ZwR3O=i-HuK9Cid8YBhv(>Hc8 z_>4E3IIiMqc1w+vrNeaL))Ox%&2*N1L6{lXC;(#RQ$YJ71lrfia$o^2NTti$Y71>EJjm@L3*qr()%T-j-c1K+?7RT%>fth?t=(S03o!3gP7M zoO-siT9Kxv(y^+v$XhBcgru!_Qz`-a-z@HY#!VaiXspIzENafB;W<`O#w1~DqB`O6 z_^}bToD2O__y(V2lt4n1cmh0oe098xR>XBOP3rIWPNcQfJ|yN}jNeFvBUD5F^NdvR zJkSstXM%!|FIS`Wu+>h5^t5Ra=%&kjuN-z|38uK*a(puZz0_m;f}DZhrmlECEzz6s zFdHAw>u-bkU@?AQ6^`bz^70Pp{r9$_k=y!KT+j(V$8h@r(%KL6#Gsz?VKVHhO8T&w zl-ddsMaL=d-)~wGZbM$N)=n=-X&2KJjDbV@_Jdo!~==X zM3Cs7KG|mwA6#P(GjXs$ptqQ-5il^M+Rwzz{4;PEbFc`^ZbRYI)gXSWxeQ1w>2VUz zh!A7uKcgV*hX)S8QQ*6do<4c1VWU{hvACbj@!L6k0uf0q;#;UQjhxqL_q+f!=;DaT z4ZC#~sP1@mbpYi0p3UrmLZHBtg|&q+!SiQruFl&f#Q%fa*RBqE8HeputUrHS8{Tnt z!{m1LhYzwo6=`oc^79X=!L7Gs>#C1qNpy(zvN`?n4icIX zx1Y8C`NxH}Md8iYf&cOvwh4q-C6X^$XEl8QAN#sj6d4`ZfQ$}&&oK{O_WgD@FTC0Q z74}d``J@Yzo%I*rJ$*36gW@2~>haMTozE6&j@?Ka-XCk&ZH680<+e&!A40F+6bZ4pf!K+t0ew*D-Qx zl{GpVTv`UyMbb7)??T%D(p$aR3nno(%u<-y2iG;YY)YqBR-la54SPdyZJ>LMQ zf#drXU615ARa@!F{_)@Yo#AuJOoPH1)L@+3>tdkHyC_f{__rmIRRdB}{Wd?pBt7$_ zB)8KcV*ftGgACw$eduEu3K>&4Z;c^?sB;aeiO>Ub0=*OO{W7j1o({5{Roj)!(s$ao zx05U?j_FM}^#H1hT%!q{h;|$mVdWfOI}SxaKGerq;AKn)%n z4WM}E7r&qDzjX(hBfvD#ZsxNqC>R42eU{_&$KUczs-vl#lK}8^eSbyo)(#m@R5#02 z!@E(UKWes|(65tERtX4dEMy%(t66FZo4%jn093Ii6yU6$5Xs0=Jga z@#T89dGj3>+7|#3A=kCIg+0AH!9m$NEcp!zigkfF4m!L`2pOAAvb$kWQq!Gu>%eY7 z(mQshUO-zN=)0N;3BFbC-|}0*wH%*%svSu7m>SUe0vGc)w)pyUM2AA}UylV>A&SjW ztYKh4eU3^~qjGT{3!eQnPtwOI*4+Kza>X%%Ih!Jc@(;F+g-_%5MnyFb8_>`Gr8+~b zXb6HbwSi~!Ome&DDlJsb$R)5zAvxt*yY-TxW*ssTO(h;K{9JL#yBXJh4fN!}6kS=-2-Ypf|$l70&y53mJ(i zByw2^-f+zxAE_H0jp-zI$d=OsOn>WbyKtpv5L5kXJ-s_X364@)+J_C#EF2GDT@v<| zwm9Y|XQ{<}KGTZ%T3rlIvxfU%lp;k;13AT7i~4Hz+uTc(Kh2^0*~W!O2dkgBf1**G z{QVvDrU1S{xfiOwKfawy^mElp=NmkK#CLw}yk%;z>+U>AtoH9#lj^OIq}uIOIE0~6 zuw@A{MX;5LTrXdXzRi>}4#ClAP5Xy{<;q`CYNoQkBQ$+X3F%KCFij($~r`bJD%(UE=Xi z50ke)Yb1?0FGhx4OoETZRj{}o=-QHB3j${c1Oy*)cowv&J`E!+mqKtT2bKFSwG}zq zN9Y!nu#@E|$Ogr!OyF?^su05Fy=xf0j(yDsNnuoB-4$po39FljrP>rY9ho`fG~aQ} zK3~K!68c8-(p7N7%@NIYC6F5MRDpQ+obaE%*GRduxOoiQc>#dxV192l5U;PuLF;9s z^_kl=@xjbq+!{i=Q9Y#Rg-gOEVAI#Pu$b2Lj9T5`!S6b^)hyHVV$>OpUj;d|{lh8y=^DiCA^2V7!Oj$8{uB6v3_@;Cs~E34NE|>rPG0c4hz@!vka+ zKko}z5t#by@0yb&%=|GCnVz0DWw{Z!Okl@vWmdc*i@RxaE178@nm`uCPI0k9_VKCL zrvlH49B_MERGBpZ-C!5mCFiR81#P{?@?+fLe|(iQQw@dO<%b#WAL*&(7(W$yN`~s9 ztSpft*LaTpUDJ!iVW)1lyyNt4G2qd5nj2_Y@@#%BQ&Cfl6$Eeo`JeBfX=zOYIkV-C z;+Z6iLGp(rU>Fuq(m%XpzgK#lIwhhJ5X>1&?p{TVYlXuKw*&g#^tGbt4%+RdhsDD; zRL2hAWI6dtsxeclJu|P9G>ly^V(!iDM%jVS?Am^!ah)hm@? zy2HLNZhbpkukz&X)CGNP9G6n9%#c_#iBktbw` z0BO)HT;SjY2jKQ0d=feV<+z=4Ua54DyXMx%ohG$bXa22Kg&W?7K1ASKwVv^3Wm$Qo zTtGiD;>=miVU69qDV8Lz%0-)O{K%tVdXC2H2~`g5iqOxBwNq4^S%gEy`UlXNrRu_Q0u@~Dug0{&qUzs7wU8n^e07bm9X6!ErXhEti zpE_qU(ZhaLGtR{>Mc5Y4FHlBPM>UKp3>-1OxAE%n28QUreo2nlt}m8T*p`TyakQ}l z4u-i&FwlQTrQ+_!DTz}G)sRD0fkqT!0F!KHIlnrMOi=x7&GO^osV-&7C8nzJ*3LFT;WZp42vC zPx*)!>RoJYgVM(}r&5OPqEv!Uxk%Vam|$syNGsQ)N5P4P=P%I#$+w5#G`_zAAoEC! z>8jClL-&`i-}3WS!t@v5{JF$hFpa54bEuy@Skc`vG4Kd!q+@Oj=Zj&H$(~^6G|t^O zYjz%WNqxrn*VCwL(Bk!xi;x|(XM}cp;Liwyr>A~HM%Pa~Fpa28Gt$-h^==G6A3cX|EzBIhavLv@2tDo&Dfb9wo$B3aTM2=u)sBm!gJb18zQK$a>cRAr z)mEG;q1|`d?7G>G{JSFt#6dIY>Xc&FgB*TA2byYux^$_og+GRU$y#lp=Q|IsaDxdM zkmfmX^4!^zMqQTa4I{*HE?nCizb2T-3!ON+KAEZ?>LIsIa>)Oy^@>{{fWmcXb^#E+>*@5n(x&!fYo3iKaX zOCtGK)l4cfD`7Qi@y|A-CS-;}SNhE*h)5YFx-dza2NGw!MmDA*Hbg*HCjL&2nz&B) z_pdQUW-C|O%J3b!xL+v2BuYthb}r{`j87dXow{F&>zb|JyY9zllNNtpSUPoG<*_5_ zb@yFa+qb`+D6Yy|n{4n1b2_Jz+QB3Xb+U0U%XfB?9-90|>6uSB=Ecv|kLqKQd91y~ zJVF8vk*fxafpD%Cks?Tl^bBQuPN@4_R5#}5fg1vW{(d0U3%&$%19A~nA&LeZ8j6uY zv#kq{eClsq_yxzHOR_ldRv*g`ME6^7M4KJ4WqorR^Pu>4%5C}^Hw_EX;nVqQ(Z z_N|ufoPfY9b&;Je;Bfm$Q=Zv-$6sNHJZwN~;%_I+RZtJNldXGnI6WszQ)sTG+qUj< zaKzlZlGf)wdf4ITxKpseDSn@ouMmJ%io*RFJb(s8Qi*s}Usj{nnRp4)EN{8cAlY=Z ziA=oJE42$6-KSjJZkH)@1dXRyw37$pcEC|Eq+)(nX^DE)Z);?ig1TmY`SBkE$vq#? z(yU}}5lgVPST zDxl)(kRD;k+d%4!44cr^)v?JVC+i;8lXvq9ISA_P!O|23C2$qWAtAql5K3bTA6Q!d zUP3Yxu88*goXj=lE@d~qKE80bz5~}OOo`r^=YC1e zy*4qW7L7I(ID$K_S0@36rzT3zrsSpK=Fe0ou6KQ zhU}3+Z@&Ajg@=6fu><>%_gzqd`L@M)XY2Lmrh@3v_8X$mU=#Sq&G^}tYYXAz9P9J5 z=I<9<^7)qB;rP!F&KWtvWV8}gjM9IfF zfPnDe7hT;{b^+(O@dUwk^42p#N#XzWwY1f8Z=jY4wYuaV|4W z;>l@A*MxpIMm5ix5R)B#?ziq0Dg4HIFVsL7yHHlaJm>l*45H^V+?)rd)eyZst~8>e z`H=5ds%5dI!#PgoO}CRX2(H>AKZI^Y1WwMWtMIVGx&y=l|YY(&B8tu4?uHH*N9ErBP>TGOo{SI#(lJOjlae49# z*vMrwSSvqIgiacyew^@1w(cku%drRljU)_)FmI{qnI)JkJ0bG>^;Et#0HtalU-Y|` z{cU?sTJ~DvpdMe+iLLGa05)^m-B*D*54WQ#NJ4Tp7Idmu^??^yF$MHH>%4jhG`yba zMy7v>n>;HAdpofgLPj+)IUVIbOUhh%>deWn7f~g6q^p=O8A?*0MnciMx zFSDxDailRJgm^~M*|^#GwjUQX>DB3BnV>QTRjz_C5M#ll`N{`G>Ww1-H;)D^)~g6w2G)X18JhT!CfcapO%>Mq~c z6|}s5x%|nQ6q?-&LI$89Ohl1QeK|OrrQ8*mEI&^J@*6Ebv3B~nCpQw+Vh*7CC4ClW zBj2~)?$ARbo#-F<26=G^Qp=WHCij}61QIbVW%18fnpuw0vz*KyO{oumGW=Ed6fF`m zkWp!zc=&g%l^I6EYb6aIhIGK?`M%tLdLW@@=01Dvtuj@ev{?Hz}C;$?}BhBAw^y(%Jz zvUII&&B$5aegv-e5hHSY^ z6B`$c`IyAJFfq}XWwLN#Tf=eQUIcB-`7HHSih<+&)-U~YeqA)fLKc=GB;H=H75E~$ zCN9)0er1X|D*P=OU)?|gUw{8~NI+x#F4uNh1cO}V|eYz;{#?6|Pl75t%ZsKj`#$Y-hG+}Mk6?5N1r=~SA| zN)K^dGg1u8?Lsa8M<}7mcsLz1oV$VykDXg@V}=SL1MG(~FSx2E<~EfpGl)EV9U%)5 zvvuW-Ee6>-mH?}ZxUW(_Qq<~kL1h+a>iyMi6oKg)Bve!d-ca%4JtTuI|NC$r(r2jMuA2=A2POu>@g3!2Ec z>Wx0;^*k{E)Mz-e(GT7odl^@$RnHT2*~)(RyqFZkWQj2}EWQI(8Eo-Kz=mQ}rJBi$ zd!c9EO+1=8uc#O|(tAV?tI06foZ0x@Vta0#>tAioD_;;l11#m9O>`~Rmq26NpCp~> zB9Dr<+nj0vaD3byI}#2IcwYtgh!`3>i2E0QR`WjYM?MokT2kU(&o3>NO8bj5Bnl!@ zApFnYy|=RKoX|-q@nBjd&0gkhWq#gRUgt22{YB*%^b&ihpVXLF%LXVUokozuZoGU2XE=qu`NoD;S3`9}2g| zf3Y|SJNCoT3ZZaAG2+kV7e;4tDWz$}nia!(k$mkPHsBjNicU%z7J>ilR$uM}v%bGs zB6A7gMSSHffb{n?S7zJ8%z&U2SS>mDJOkf^ilwLdKdvfWC^&rhu}Xq~oSz@t9iwQ~ zie#h|f_aI8iK>g)zrmkUTW~;p2bucVsm#5ULqKjQ`D4_`tt;^+Tce|=L#5(d3(vMy z8!qczjLBgA?%Y+h%LSM+z=0sMmDhWa&M}V%nBNt2qMqw%M(^~e1(Q>H6!fQ_M%iee z^wBxMh`90uq~V|VN>@QDya>bKh%^ePI1FdqvysK1V+*UR?W`mqP34CEj}U44NPzfq zde-=k>AEYG>d2sJ24PY>VB(B!QKM`89D2*R4lDE{Njg%jB!qijUWj%AGWs_{EZ_P+ zUk>W@`x_@9)RETTh5$omN1z#xY`rPi$khlg>RiQ}MA7GF+sD$EVX1v_A*Eb6j3cVm&k8gq-=}@HHFn6c4fRuVc z_#mLFL)z$#NV4^Q@Ddy03hMx1EU>xGw8s>{WI)`p%{b7!hxn8x?cFEzBqew*oc^vd zs`(6!qR$(M?0>7fOjboqr8t}EWC2hg z=sX7!l`zOU92u!C7Gz-{G}F53D-SkgnI2($xQ2Eh&0x{$L)EPdH(c9*EVQKhXCgr9|s zE6Z?nh#K^{Bd7aZ;(}5@@a`;2_!w*jD)98H4!?F`>Tmr=+jvh?n((Xjd11OPOH&uG znBH~E6Fe~iO76`!zp37$V60u)GVO77|3&o9qI7kcitPOZs)lS25pg6(cGCEuF>Lty zygw~r8S6V9Ky+r2IGeX-AmgK_>vL1rSTIelo)It& zNvf4So{I{5fsJW(xNha8x~UXH*I&F*f`oY3tbenjIo5VuocdlKY^StFU9oh(QCBFN z_*=R!NVhqWud$8l(dHc!B-xKfh8~`-m7%mkkb&Av4Qim)s|^jaMU6Hz84yE68+U&D zh#5X|kvP%X(RI3}no%q`=J<56mZi$g0?tS)#FQd$T_DMSBQ0)YEUp5AGbfpFoa(~2 z^eDVauGID2ND_BpVwE(JzUsQFNgMw>z>FDb+M<$asY3izs=&cVZljdS~cfi6{Hx~ZT z4~(+`S+VOc#ZJra%zCmkn~fdSgeDLPpvpy8qR{f7s$)nuJ2!D3Df6L?M#O4@MNM7M zM3MuuTVN8^)?pu(V%-xlmzmJ{*5lgUD!ZVifEW6=JZWlqAK-%xAhd$Mzb5F1g^1K%qE7i?@YdiOsuM7DCw=gO#F%HF!&Eo%HJ=Yis)m)gt!h1;}Y zSJ~#ht6f6VFFOw0>bQTaoI(TD%{^^7UMM>`I~n%nw)x^m*Jo(Nh*Uw9TCA4BIJ;%``P z@FFHA=@?v#7h=D2zHy!f_wXzf5W=ek#=QFL_Xrx9@Jy5y+VV{e?#>gebcJ(qlh_&3 z@D3>i?#pN!rf+#|+896GsIGm)6ZHT@;N#56W~alY(HO=6<=a<9ua#aTWA7S2~YK}jF#rk3QVHu7QHcL4>9Se-E>`n8~JLbVas zke3cC-=a5RQp>LX36gqyypmCJ5H7z|C(2hHZ9Qg==qb_wSTW|dzRhXv(y4gHB`&P? zi6C9$R8RkR#y zp1e6V^ndWo{jPpR>coDfv4ZCxs)E(sG3vFC*4C+Ig{pvMEq}BPyUrP%uW;sEDx$KG z2blfXV%CwLT4V>>)VwbiIMKp@)!G$(&kT|Xy8N1ExxdO!P-Kym6 zt00B)pKD_wY?eXqp!css1%GnJwR|Ga|^dT{n@#G^xXH~@K}YG&@}Bvbd7w9<-Q*6B+A(l8pQC4L89ejjYOFPocdYQNGP!@`!&qkh)? z{eLF53|&JH&WP{^<;GJ{(Y#U@3l4!d*15mOrFcpAjOARf?Ky$tp%5@>f$ic;XZ_*w zz2u?4JK-a02_4!@%>1Xv1&3rmx%=^+u)236?NfcsFT*?M|JGiL)v#5G5m8%-d&?1} zl+AwH>fTO;lCg804|+@<`T6$+%ROkB?) zAygA98`|PR@*{yt8C8qyt%YLeim#K}CzqcHzQ4HNia&M(s~^A;3rDfe@IPm~20^ZH zLSyS7(eOVvB!eMBzpNEnAGWq$ZbQP=4W6hqzsV9JwiQcNtR0Xi&6pE){5~$#%PA=; zXJR4;Eim{dQTX|gBdTV=*Wl%MG4}H!8Ur3y!Jh!jT$z96?eoR3k}uOUeK1l9GebPh2H0391GtlgU`Lv$J&Zvf=9kf^G=A>Xi?CoH3Cgm)@OXw><68Ggznx!I4g&0F4H8{c z#(Juk(geW*Ji-KJ9b7l_L-V-}d_BGRAymJMEAGsm0fM+{e#xFQHMiKX_7P#@H23(I za3~hNL(R>r-irM`ddH^Js9KY)>9;Xi_bZ@i&Oh=O8}(TJaASKs*vrhS{`Wzjjlv2< zpYrtq6M)<=)bHKYz}bB`nTxnP6lV51$>DaOk9 zR{a9Ds@j8pc+FGKCDTl?!djW=L^6x(I->6j9woN}@ z>N@pTsKjmJZ&rX_M!{OYGGR!%`jhaSw~BgTPq^UCgir;)=`{tR*|t^*fU?^w!-v7E z^a_@|Nfv_50WT4q&nE55vwczH{S*3q<>JI9MO0Bx!S>1NK*q8{iqA$kFc`*3>kb4d z$NU&hprd^4|4*6qIi_h!uD86!C+pJplKRD|r&sU0UB@aY`X`A|%{5L#a^p6BQ<1w_ zIrYGRF%rk7mRQjdxj59%TbELqt`1f-qWjL(36DVP?`iT_?T#f5Jntc4?G>2Q6nFZ{ zsQbv0w(hJ=hRotSn6FM9ocL)usPiarH)g8a!&sMD?$xQcd2bBrlK<3}&Ku0?et*OD ziaG<^t?J@moKo8dbNu~3f`JjY8!8d^21)t&=2ryB%2C7}gZ;e9r4sLw^TAA;Gid4S zuN)kx=&>Iefk22Gf#4L4F?Bb6Zdlq>G3}Ti&$;kzn3+SS@}Kq$P%(JDytMHLXf~ct z-;`OgBBy|8)+jq8%sv1La`&-k#wnW7P&^QMV6OJ%VA3$4u(%u#z=zS?B+(~4BrJc4 z^g55d1hCVW=fr!9xdC%shpvVs($u!rwj^OUY=j!+{>)66fQJu!>8}GR-otP_M(aih z9p+!j=(^{7JH3*DsNyOj?j6#yxGI~8Q| ziU{$-$X#7sC-HC1rfrDxDUX@hN;|+PPM@iCc3kq?Tu~aN`H%-D5agOLK(2lOX{2Vh zc7wc^61mSBnXD;8gny%-I0`d2gRs@!p|c2aVS(E6lG{sQRCwC?(Cx+y&cs`z&z3fl zbfz{c$HyD5%GQk?qv+hbE+Hze+?*)hL;O?0W6h5vq9U8iG~G)O8PU_0i62>9c+ps~ z_O(Mq{~e5gxxlH|xhoX@XHky!5+}D095`q5fx(ma2fHREn2;A%*RT@qNbGUWBj?^{ z(;YiYclAW6COu>G6X;M$_m>2R2>WdFbFyyh0RnmuhS^kbv-G7`RcH$Rc0N?w9%eCO z$?|%t(!8J;J4)-85zVwJ2=zdR6+b~7cWdUQx^*q%L4Zi#zS$p-xWq@qeHHCIe*IwK zJi5##dJWtSyT9Jj_2lJ(!7Yy0{IgYgb+=z)#sYNCZl4Cqw+v zBy?z@AoH-Nx$@npt;Jz&FMC=Eo&7f;p!cXk5_pP#349>k#KhD$PUi0OB@GV>lQsw% zqB9ER92+;VubGT8qr9DGjvU6wr97!&dQVx{n1&nQhPxk`E_xR8^C~mT_j#K94+pWqc)CE&#L~Z07WZm z>Vbu8TVX}VICbYZP3Jf*9$zfD4-YS{^6jpqQEo<9$ibSLgFgmb`F)(4p&meeF9>uYg|SFeHQ8g2aHU8NpoPg4T3~)GM16 zT`y(x{i@{Wc@93enwh8)7yQ642+@^$73)Ze-O+a!@f)M@1XL_2UDXz}n-=|{=vc33 zjzUzWo!aZ1IN_!U?!d9HEdXz0R&;3GQLIPR(=5`?6c zNv??Dc|Lx^TI4I^Fy%oWx4L|f%!%PbyScV4K+Xx}6u_?)RZam)J=#=(d__9}%VFkp z;uwqce!@T42Ckt~Xz5uo?h8lkD@Nz4%Vn-717fYXl&*_a6Zi)ci=)Y908!Iv<*I&| zXnX9BVk}<+bBO>4Yyt_5^Gky#c&DI$-f4(#ViF)?DS(LcF4gt&9hH6*7W`HkdzCZn z^I^PosSub@scv@*>nP|cykfsqdiO<5e+>5#UgpIJ>#;9i%b&P8M(t2AltN8ZvwcCX z5{_E7`CyWK{~%F`t6Srk524nN4h~JItJVVuD|pxq8)tB7nDleSu8dAMYf(XzW+OBc z8i^O6p*+~O<)$-xo=R*i82m5(kOC&JGG>BjM07HQ4Z^87TX7y(uVr2j{VcU} zvG>XK?U$pIPeQ}q|Eu657w3SUO_1_*e(uNAz7gbf9>^yDX&WU0}$n)3F4GhtMF;R;-?{gA1 z_kcky5jLHA`Gft;Nfp1d{9Ydz=4df$Scxg4g8>fH3vKw-dgMfhx5s){O$@lsN_0G} z#8W1a`#X+KO1FXH8&QlUgwkkA5;{gd!yBpXAbmvcE`lkW8u!3}MMv7h_?B z;UHrc>5|BwDMUe1b#lEsTV?QXNsq$%#?)KvVRSm*G(d|tr?0Q?BEM;4=qnk&^b)m1 zqCg0j7ao^;6ow(b-{$+Dr~V5ld*=S4+olN}!tMZRCB!l#FRG5XFXPs8@)i1tYHjM| zW#J&ayOhCH!|tm;IUPc8A!_F5=M9HT{w;1Nh5)J9H|)*hlvyGN<)@VFFDgM{out45 zuVXVu2G_`ttk3lqU8U;NOG1d6pg6M7HdbEq;5KS|ZccjcabXUuO%X4FBI2ZwSZ{qLdN z#*}=N103cz`T2h(>8vnc_;)ZV`Y)AkhSefI*SZTo(eh{0L6^CdEm+QonHW2@`#qVV=#+h-_NdbGNH@b!73K%MMI1U(BspT!^CWx)m~?0FuOEHIt2bepU^ys z;-I^EYdT!@?$VWQVX!gVpCurXWMN1}WRi}WD>EmGoV-F^Of6O@COuo<&Nm#_`-@Qk z>f&&TZ$<>vl|rtDbnlrGqQJ{TTMThB&@8WBm_L>{es{{V?DbQ1 z#;F$TUGYIgJlua{=f#FpXhj<2Qb&4i08QP8AG;GwQ?8?#UQ?Y*M!vL6%P_=md(K*^ zHc-zr>ch^ZT_n{n=ZV<<^+WkLenGeXN!j`6AFgKE#JgO8e+W1F8%ajNLan4{Ti*ct zF1ztp%J8>4i&BVjLGu$E<>y4@0x-;vwHXvnftdU^iJ@sitHRK{E^ak*evcdjlV0r> zczfMfDhBR)dc7XG0fJqByaypIGn@prR@I#y7yZace|#4@R&WhoRlha%U9CU5y)=@k zx#1K(Bm+W?>yK-uLyD^~&P(b2@)?`o6DwkJ3Qn(5)I(l;&hr3pVqs&)Zp{PzYtdkR ztAloOYSL$d^wK@l=;zd8k>Amb#ORAiK2Aa;0X0PIwD~|e7(=W*FnIT(!S_nn2@i;A zfCdy~b$S5m0Pr|Ky6bl6tS`G1^(Vh2Mo8a8|HaeYNhUpdL)|~rpLvx>RP6lhRAISg zIjrA~?5xI0_K+=F@XDJTe?{FVJg#_!-mpHkUU3Rr3x$Dpf6x>N4_tg7_E(XA`hd1J zrOmmLX)9+G4whGu0=Te1;76_=7SCrnc9O%wFkg=^9braOe*>;r9p@AK5Y|`}xgQlG zz8u{id}N=sqB0T&{8{4~P=I5~O%(~DR%mY8O+F9WTue=Ur+mFbu?`_`-Ncf&yiYmh zzE&$^hPVgbACN%TGN{UMV^4sPNVGLItlic(i+~S>!k>EgrVcpe$pA#nBx3q{f6*An zBzkQHOa9O3qkdu@7_>x>Cs)BvGsy8q_I*Go-{jyJ_!CkmNS>RU(BWIL>*AnQ z$K_eOeK_UQRtQLU`_}+joI1$BE~Z)SkRO*v9LXJjmRQ(+4LR?{|u=>Av8>x$B-E{{sOWb z%YIh=-HRr$zHwAx z=g5%-ESEb7kA)4{0uWN2uy1qEw2sl18v}m2{()Ic2OSM2a*Q{!0e>e5SN*Ugq9?op z0!n{yb2E!GX(0kLG*{|)40k>SK+h`S}|h>+}s1bgj5R2u46fB60>n!V|8 zC#R~!t}Lh`c{glYD*~!*LMwTx7J1s=pJHlaV`NCB8~42eYC~As6*M5(#R+0@U^Yqy zFOqE>IoRQp<9I3FUcj3Wq63%xV$}`!5qT-~MSR?ywf$}X3<@(kDe>DiQ3^Hjm0DZN06Qo`0id~s3<{o5iTisx}dpp^%d_f+1n4sPKA{23%#Uy?7VhNBp^Rm0x zb?Iy3dF2qsOa{~~U&`IuhKxY@h6H)(A^|sctOM@BBrXr#^o?PvnE<|& zj5R%(?YB8Q-a7CdtmOB9@44kL;;S9!>w*8^a?PflqcNKs3WIi+k!D`(AEcvOTU{l8 z@;Gtp#~WRPa#AIEj0h-2ZEsQ0XGE;L{li22(TL3ubLs2shiPjv){zLmI_`|dRX2Gz zChm^k)?Xh-&?7@(bY3BK1E4h$ZPj&A16HzsX9po0cxFUg8dHO|bi}kmcE=CxWBt#e zM{l{Sg-<2&Gn6%b&K_DpsuGV#4og1tg%(bIkyyyWaLWm?x7UXn?NlwYVFg2s3<iI#cy#{GQ9|AH}{DBBXi%0BY_JiU_P6N5dxI!pz!>h-HIEXW*L; zBM+GlFd#g*)+k*C7Q)F%2=^rLI7~d)#tFWhR#Y}Uhcav%Jv4Zv1UfCOC`Al3IO<6I zIGOW}CA8_jzPuILma%8TWiWLp%g&%8Pt)qWlh|5QlV$5F`4s><{B%YB%OmJk zDq}jYipYr+Rk?SvoRp|ZihH84^V6z=8<8Pr%yDH^q!59rGz^{$FqmvD1dLbW6XTDf ze>+zE4?rUY_lv%h;6hc$RN#WlVh=bTFaT)?BL-CdL>+&HdXj0Zs5afab#Xn%WzoG0 zpCeFm6#f! z{jybz`$<9g%7$9Gdc_e=#_(4@B3Pz$b3(*i02Y(+^pK?D24VXX67WUnG^TStbxp-q zR3K$UX(vPd8F@rG{`ui1c`y_A?xRLnP1s!|yc7p^d#nK5J+<3TvSDdU-x5kl@FU@J z?HnS~k4Tv+G|r?0P&E4$p_k(nl9mwQ@TlAXfbTs8)4z~<`+jDAUYcMPz$1~uD{?nP|QXvw$TBU{%Hmf?h& z05jXJJNlvYM}>~7Sg08LlfCl+?_kyph90pOpSmv{>myF# zwg-``oYF8d;rki}xp0%WeFnK1Zrw^*)ioOsN8px+2FeZx*?KmhI1(%p#7k zuwcob4frZX^tB;*#*m2sgNFeG^@BApGygXJi$(qYDRF%ORPGaNqn4*b6PPSM3E?)~ z3ZT$F*7=S4vUO|}!>M~Z1&O zEf4|60CE z^Ljfw5m%6jxb<%iyxWVo9+7yvz1HK4)R~qv(N8$(oJK7sL=%TyBxOzn9a*Z)#+e=Y zBWQ|``-a)~p8GyQN6pX9n$gaPm}8vT^bpG5uT{^+|Jclbx759#Te^ItTel^`rtpPH z?=w}3d4zRtI#v886XJweFA16eh)p9(n-&LVNxgpCKwD@4^c9}y;z8bni01LR@Am7z z{#@%9Q_ph!#Vpf;{RTBE4NfLFaA&G)-IQW_($;31;+uW%_GG|>RwJD)Q#-U{x#8*6 z7(x3Y-BoL-z(W{%h;U`ZBy35yKWP|}rG~i4t=|8cTtmmjl^JQw2|s4f^UyCne)QO` zd3Yr?=d^lk!?~SC;RK|fLqpKS$D23*wB=Vg{NnSPkDi3FsuE|0#>d?q-z7==b#M@b zNH(-wcSG8b(rwyEQR;L+lS`0d*Xpvagl5S3ddCsGdpLY)2o$;~wsk=u#RJd2=%Uvc zyubOa_G871Li4E<3)s1qc!n8odV%&u+XGNLNh6pSXv|VN2J~jKXAmf3&Y~)v^Xmzr zz8E7MwD(3JVBKilNVOqeg!r4yQ#>D+I$#9Ql_xBg2a}`^|9Jk8a=rkQ_HJEE^T)`~ zYpm5qTPX{RO&5;h?k&ZigpqtZsms@BU(8S;=dymI4!9!w3u-Sf0^jV-t=Q53qw6c9 zs%oRH1wjds1`z?35|L0uIuro`X_XEIgYIq%69lA0O6l%SQ4c90(s3k|?#^%Ra{%8v z?*0Ba9K>PoCsximS0-$pGJxOcZ2={A!h0{~Wh7T&KbaIn(*8{j#dzjEBIXUQ=q4wE z&atwvjkXu%7QJ4vyKoj@%Ljl0Fq2so`>X1QudDxeca>XzHP%Vau}X8f^LG z=rv7`4}0xoI55t4&|iM_=7_AO=z}WpLkleo1qVHj_x#A)&5ez?%1VRXqRmND2PFwl zVWRGvI4GB;RGZ2xva7D2u?Hpg15t(sU0oyNfSxJME8GW76$ZwGu( zcj!#NK~0<3qT>{H>p;-kS#z%@wcWCTDdk^msu9WBtDk=cZE@~9SAlyoGd>=$;&+_x z#4$#H%i9CbfZ+gA2*ySb(cZj&JC=*`Ol0t%YWMZmU}zj5OQ-qE9zbMyT_{VV&p zs*N@qqm@K2!0Xn;T=4a-!^1YvFkILOb3sf})Fp}TgMy&QT3pY!!DfY#0%lAzhj zGL^>=U%Nl~bRfh?zDGL{`NymRG%$89k%DH`3RHH*}^!viHWk&j#IOL*#XCuPr}#qLK|6o zW#aaZ4*7=~p=&Q|!!8=JT)uqE*Z-H?>Unq3rL)dcCLSHRZ{ekT-vr8#6)B?|VuwkD zxC!Uj?HetyhnNmq{wtnz%|`rz^jH^P78b(c4XD|Y61P!yCdSTSX+J1kO9RdIsof`* z{fDmN-a`^X|L)weFzOQw*^W^Q()Xd~u80 zchPd}G3a;%joLx#{ZRN8=7Fp=B=P;hkS&>@xVX54ooT44@iD@t-f!_ICMVG|o;>|Ee}}n6QCsDL${ceZtjdDBHJ1>w6h4bW+s@ z`_4=pj%6-Jl2e17iC67+E4c)DC8MqRY~0tf25X1`>MnviL3POCq<2YsP(tT@7+~Wk zT8g~R53*XWG+>P>*yjR1WCWRx5_!?31Os!l{v`R(DRT=2xrr+I?}hD98hOd8Z3BCU zPsCyep%cLg<}4elD8LZ5z4mgrUBaRaWtlgZQxTI>L)&GOr}C;ELW#_@kIa0-LeD(c zT+1+8ZHQIKDy+(Wd`VTJJ>T?d&IOxqy`^_cFinrFJjk0;DgAHHX-0a=&2_a6$03sh z02g-Nxv#J9f|!^X1v$A5k8_%mD4VnBg=_l84hSw<^|wFpPZ@+)R`~ClCpCsMey%hm zqdI|}p6&(-rwW$2(U$q==Amor>%aH7ZL%;B!0l;(G}cUIJw2c+r@GGdft6y}fxwC) z_wxkP)uS`&A?mImcZMb>n>$;dK&~Ou(FY-FP^Nn?MJw-M*6@b~ z)3Y~63H=0e5whR%G3B{Hk7)wVJTNjVR@<(@8QqKPk?%i0Ai*qGW(!LN-eW&eK#L_i z9#h^YWO~kH#D)YJ2`>J(4&7ydw$_LA-(Fo{W9o~s*2j7|)Jn8419B8Pki>AC4vAe( z^Qu9%$V@%FTtI&ALMb!cmJb=xw4sfGZ^G4YYS7}J0sJ)p_q%Q9K3Vbs3!>wGa**Hj z0RJ|oUI$~Cc3NyO;0hg`-2H}&vsO&{XC2R-R=M(2B8J`2P?}dvyH!gIR9$^K+aAWW_-y34kY0tZ=m9>`)S!i`dI$^g}GU_3QR{plEQApQ0d} z{C>#*D9hI9K8HH4lK549I6O2zq9%fbG5ssZ2wD;T{Jfz`wAWOY zS+^V>q@m|ms@NRD9TvC;HN$gzWS+? zlg&SZfqa~$ z|LNGllPbg1Sf%yl<4|6$|7x=kNlVj}tNKsafsFTARm-ehN~K#$<&%R5WN`cDxRXcjj=n&pieQM73NHioH0%~V+AMKn~uq%LDeWO z)5}nhXL;QW!T(TzzgZLp%!3Fapwxo>j~jGw*|cRxvMKN&?=J)nC&K9Xtvw|)0X&ce z8W9k&TfT#IItIlg2LEU2SPIjC2WHhP;1{_6U0c6L{OQBzQy8q44ABETsn1};4(69YuHe{V)#0P0J=Tf-9O zexRj&K7(@D+Be&BX1M(1QR&!IFy|vFrQn?updVmnR*$=W`;Qh7#l1qhYn?m4g@?9 z;jy_;0pNXH40!4nZHz4x%Mh1UvMZmTxjb%Bk^dly1z1r_A!!Hj&(ntFKEOt-8>Qzj z=|LomPQm=o@Kg6Ora@E=4q4FCsrk*>vc(MD+J+#f!S(FxGBQ1%IZ9yDRH2~H$j@Mv zhndr$8L2aCB8LwB=bR$SX3`wv}ic6L(^#f=Ym>#@06l?1R zL2Vt~T-8tm-Ew~!#rr)eT@xb|31hH;t9UvXi01P^=2p&+bQX4oejg|O>ZqKeRId@M)Z@dWI?eaPCaOO=J;_Z} ziY(D^yLWFWNr`Zvz#`(~4>9K5?cEIt*2|aM|2hQ=JVDjZ4(?X&YS8fLi+-x0KY4P* zU}xDYV0S!vcRYKxT!cM;O>fY*X=dinWM_Ji*LJ6ui#b=lte&!K|BI6g)vw=985J$g zU+py)A_6P*S#p@GgXV24vnjx>v2_jW5)ggeRwi05B&)^L)?aR;~jL@FJ=Atm-1)3x& zyA??pQ*TUi&We$<@41AmWTauZ^&6<>r65nV0K6gd9uA9tcPi{EI#EaY2B-xAd8r=k z;BLh%|A$y{3@q;BImxlEm+FZR_dX5jA22agT+rZz+8>nQVK#!Os35j3V90@^eANH; zB0oubj*V3X@cYF(?%9rLGKgQ1D)?iWWV=)5vic>_sV1$^YLL-pt?MPo@s!W|(wlqe z&T0PQy*%aN)Wo5lAbJJQ(%5j-L{DbHlX>&RjJu2)Pv&wYoW{ZK++2S=U>PaB3O@~& zFreg*pWB(=Ji8x=Lic!ktIvXb3!pN4<|@wW<664}R4s@@e){qb0G12aVONw{hVThQ z)nc;JWE>ee+bWgE!sxMa$WH_@v8ThQOqt7wy_*T-ML)aPc479_<;9piQDq1eXZC3@ z!C4@{wz!T@K~4T(H3Zoj%BrfN;q zA)L#3YJBHS7|QxdIx`_-s<54%-RR)X>h5rMA}>8%7yp+DRkM@bDC@t&O`hFm2uD%Y z3MImIp7$d<+f*^~&4&*sxZHl|27ys0-I@gko9xL;o+sF=jb0BJzn`{4=*BL5Mx)PI zLCJ41Rs}IrhRi;Yu(A|pU2}TRXZ7Jibd4P9%1NGdtP!)0_I53q0kz7Xl_69jS1YnX zHnw;#zr$R7%C)+X;SFP7kQP{9=~<`X_iM?v=}AN2`jFyakl#qqH6foHo?A-f}Y=P9`KNqb%WM<%@LMDH?%gQk)vp|zyH*8)1A+Z-b%2{<{&DE5 zUv*KNxzWvwdT!f?2fZ%+s|%_H~%faV&S=% zbSQ`2;C$Bl=%1#A1qB{?H8r*9_@vXbJo>x$Q4SK@v%7(Wlx#2fKWb@db(@e(u9oU_ zos8?xHw#^vURzsJ!gM0ZkR3f|E*x} z_`t6Cp?%uk&|$m&cB=5oPVcO{4x{^AwGvmd*$R_ji)v+gzSHup*DJStKUWVAqx>6I zz2>CWQxhv(b;>(tZ)<2cEs;}G{~8w>(~ekhpDCVQS$|_Mrr{u^!RMy2s3DZC|{&t+dwRgbXixt}abx`8?OlEZDLZ+kuxj!BpT`qyZ0TynAW zmutAAFH3V-KeS{Q9}lyHEBOw0qNcVznluU0eJRE>(g%eSZc1mX;WI+24vIRvK6G@K z9(+9=x?kZW7`s{(Ts{2!`va|#9dF&TJH2M9h$70`#|v~63^Nxg%xcxBTXfdCPO_z^ zq)ZTWYR_(?n6{tLh~MF%9x1b)zgLK(-^-T1I>2uvBO8`KX@9Txbhbs;Expym!hxAv zR!);zhZFSBuIGf7_bNmYL-lPYpd((>LxO}5izE!t$0%;jHwmv?ZaP-9&w0y zXtl|b29QWo_beGLPjEV$mrHP(B<1B5)Mb25ygykTbliqq)bYjZ*W@ib+q$`*Zw1xT z@!gyWfA?ljVnK4c>Ex>dUfx$S;%Q@66Td7u)wQJm}2q zkKoKcEVlam4)ccUKL-2*pHcebb#;p&E%Q=NZ-e4~A8zX7F2{Pc7{VeTAa!Uk?G!A% ze$v*`-j`YgRjs*fqBCw2zZ^`>ohUtSzgU*=T!=1w7Id4yc{S>bA6Z6u_3%ta?vWep zO0}KWVmsbFQgU=mG&EQCdD#21=1xOKtlIMOOhrP)0DnuLdUHR%E9_jadTDv}9ofgI zethpzaRV`YN4J#3Lc;oTm)@CPCiQ$JCw`G0-<03WP#!E8Z$JO$V`OBy;>!XOpI$fd zsEyT74+dmPQ5da8gk)6!+D7JDT4R%PNYx<;A%~rkveMs%zTQNP%JNJco)zK@29w-| z=B3X|=Fszt3*8w;j&c;D1+QPeCTqbnmqHDrjs+Dz^>e{W(|tT=NH1K$$$oXy;q;!q zAQ^9B)jFrZh_czLNfWv7mA`a9srMt$7~UzI)=oF-&+5^(6~`B-959_2Pu>T$$BUERu!=v=D9 zDfkvi$4a|`)27f#(Spb>GpnrpLiBuwUa6&Jo zI@mFhX93c0SkO1-G?$mhrY_K3WJy{4I#jUo5|vz&pX}7HbZJL{QEQlvT11jYNiG0< zS7{9j&;RX`v1%$iGJ!!Yx*Umz7m3pbb-3LWnoZsUA!OGDkQm5Ob|Su|SA51Q-`6kb zImvt9F#D-~QoR0uwuvTdr#$|Hbs8H(>Pr-M8AUngN`F1GjZaYG92#FQ{**8_cTi12 zl7X_^8Sjt9x6<#5irRf-0de_iH)8Hyqm&gV7Uwimy<*ebg~wD? zRU;FebfWnk=9~3Bq(6QBEHcCF+}9aooHk1-dZoifHJuXg6ba*?h)G)9chV4tXQMsW zZ%-;HivCch<9-$|hUf2=wA}q{y~oM3Fd?hil7Mkl?khe)ZS1SXg>j_@s`+^%Ula9u z7wkQUNy$7!{tB(xxjnXgb`-{EgZv_;8-!um!BvbYq5DQpx@<0PYwOk39Iboebbl;E zhUni)^7=~ZMAW`k5HM@HF8lOR?C{(>NxRFkw8*ac;Cq(3`s=0_$2&m$TXj@!9Q&d0 zEn>W#GRw-3<+nbkZ`Hzi5wrIucDyTx4epjW(G%$TZ)O7b$2Y+6boFt5c{j%E;;vMH zhrcmN)F6zrlDNBVaOv(BJTB{={0UcMD@uQh&RhZKskE1*ybdnPg6S=I1+$2vT+GZtqvrkDNj-rMEmmXbWyW@lWz zBG(!45(Iiu#FqPh$t;h)d5P-qbag$U3nb0W?&l$HL_IwstwrGI3zDllqBe|DI;_7| z4OC@WD4P1u?xKAc{3SMya#?5Udn`|9d%1M4`GEx)B&Qdk)2h;|Hsa?H0v~!x)Kg!) z_kQ^Ilmr&A+{ubc1)k{w3Q#BYY)k6@1=duLt8oK4W=_Ouz3SYX^*>Aqa=)|J<6T1y zY)iI?VGKty{tw-h0H+QuHU@vXi#HguvzQ~|bB}N%V9u5a#ynvD8IysrLDY56QbWkzZ_H(_X|gda#$fi) zInkRFiUm{Wf@|2hmk3J@ZC|}ncr(2ytf6N}aw}!oz;j$$PCnvX3?PpTjk@*dUaw7VY@@@`-S>t(+Rfnnm{_XzdzR0&dl@is%18i4%qsp0Mb=;!E zqaF`UOd41Y^x61{MS695r2YNy;X}{-R8l6FUdc_*xhJz`p}T9(yr_Hs*6OP}SSg>e zbKA@kAM`!WfYdeYH{W!-g{+*ki>yH6)=AN%?z+JCwHcEi5Ksy+)BE7KJn&$)_4d0T{*s;R}x8s9wGXXC^F!mKpZ!n<>2^1SBO>rSuk`S_%y zbL;g|q;(pV8^)+k^Uhq7RmbUXC(lAgqJb)u@jJz_yE^NYgdgrkG_rEpr{g4J0e8X* z_qi~(%-sczLVW*KCc)GG5-VX_tIA$I*{jOCo0Y-|eLWpLzY<00-D*pPQ`UOgOm=@k#t4Yqfq%Qs%pJTCm}-Zwvc-fan_A8d9>w5knp{f_vH zbu(5QDFduaA0NV?b&i_*j!~mQkDd3t#4(>{r_j2ch4U84-Ni2hVJIM7TH0O}m>d5* z&#i`>Wf-z9zh$VU_Aa48nBzc?TC!>lclmA8LeFMzzRbO&&yj?LmE}cC_PlZkjK`}Q z!>!zL4sCA-T-~7N<*P?zo}VaZoj3qKl351=OSPLbG^5irRqUdGj?6KTC1TMI!2nHo zle{?}qi8ex-^Wjq%1as9WuBM%R5LO!)ZJq!sXs$IW+I%i$$3{6`ezWr8#%qsjYc7j z^euvOhkQh6vPc+G$AfZhDQBIzEV1G^F{xEO{r5k4W~gR%12Z#P_|!fgfH%1+nYeSb zfB9(sjG8P-$Tt{Q6|t0LvIk^<;Gw80{W;tEx1%C?!q1PtdMEqvp}fi=E5C)cY9#Y_ zF0a~kFH^9zf9kh*-;gE9uY4!=&_UPX5scHDxK^yDp1A!p$j;7q4Si#;1Ucu5^AJix zU7FAQZm$&;hHfk_!Ql-&)B0QA>qrzXM7|uLw^g+W#R)O5Be&2Gph9DL=ON0zM0 zsgLdziMl!#*Ln!T`Jv+$^hgVl69iFq@m`0U#~CFuwHoUb0?Vkbp+rw$T?qgrN7l`9 z+-uIHi(NxK5WD|Rm3`@qipC&Irq?4v29!zc@C7I!|CF`CbOW5Tt1`uVI0UTtO>qay ztR7#NFyWTtFUDfm;gFU5#6NF4Jtdm=m+tyU2GJd3+2m8=HnGY* z_(AH%y7$bZJ8gU>!Pu1k2ni-{L1vwlN0TiJ>7l>H>%^s}H;qr0+^e1y7kw+hRD>JC zPr{y+IrTBkjFdt7CjA*c5YnDG#(~U;YsrOSa$?cP^Y@Ojt`Fty&XMxBa9n$m&e#s- z-TG@;1#Kv75g9frk2py(f~X+5Gb`+dMVk$xpv8z(t*UpubnEVVyC@q&#H9H+ zW&;oTWZ)LW4llJz8Mgx6RP+GYc?dUyyhye4^zPz3x5Yg96Xwz1T3W#Mn*7kDNsVkp zm8DOoMAsPy62+n6;m?Y~jAV@FtL3`b*+cO9rwuKA3^Kb|`SVGJCMTH<%GqU~A2)8x zE>`|HgGoJ4QNx)_I)PzRen&dvTYPbckK&83Eo7aNaQjtV+UK?Y;*9FT*Z%IA!7v8$ zmH3;+ESdbN;6ML9252AZEW*{zYAT3Rw+4p)~P3|RW4>T_}PirRH8hSEq zn;NS{9O!P>iib>w=stY+U_OncEL1vb+I?TFudkcJWTxxB<4MBuSn!%86I`Wb8*G=W z2${GnlHaXBi+i-bxuK^YWv{AWCEa)``W)p?nXw8bqU%++aUo@?-zbMXdSof!5{xKG zP0~VY@pJM%NW54}*nq%4_16hnE@R>nTEbHjPPfHDxJ{Z}X&-az4Q=R*!L-o9w7zs| zGA0p8#wdQJEqA~K&s@hSLuU~{U&}Gs%DiJI0&*SM=lE9-a2nt@+2&IH9qXHP-cp=E zvn&5-3aCCzz_9oTd#+oM(r*+ovi+NIr`!g^-8@hh(_ShnZmFt;G&nmI3j(XkA!tdj z{*D`W35wJZ*K8EmSo@$Yo3k9l5}&(*6q@?BjOm)=jI7-7#xUK6s@Hh+&H4ePm7<>< zM7b~Cp}7gaLCYZVZ;*i{b&=z6NLjY2f5G3e*w%&M@Zr4V4+m-5;%b3{lzQ$Jj~)8g z3#^webmih_i|pSmZ*NOH{ar)fcK*w95Lbx0I2C*)6Ygm0Rw2MFVKxQ-!BTm*i8eVNy#7@|fR;5~o+Pb}$6I%uRT$qz|6sM2? zz~aPw5y)2Sb0Q^+hhI+A(NX@*r@4$pe8A8izsQOUOjbfE`QgErZ_NPAX@xlv+w?&W zg%NIO>g33(8BzW=CdYo@x2VZwjuC;GqxI1k=s(}Yl}B8*SYmeIjlUj<1B(i@4XWhWUl$8lY?L_yuBH4 zJ0OPCUu^^&k>fj?J>WKUclmKMxd+cHHle$RoQayg@jx1N=w$M{zYbDO?`BGF70I2}B8FuxB%r zn#Jjw@;#uM#^x6QJgu3UhkL!Iz6&a@8#!r@qV3bfA6@rA6YSTWkfqi=WBq$V5!4I8 z(sTt}wB22@*D$a7fO*&BM36S7LhbPt5rdaeD;~@fv9`wNK5)O#mG)jfZ2CnCRG(yz zJUtqbe|yidSB=9fL@L!kMwVm-!lTKZ7w1~^a3?71l=X_ZHBu(yvWvgPS}2_7`njk! ze6-iYAf_^UMb2bC`!I{8%G3T;n=`l%D7*CBwXaNz#OCvJ*}Y$RvIj)^L7|zwob>*V zen$u}O)lK-*t4=j*(J0=XM1-lC}Dk(ixqN4*UJ|mnJUGEP0p1Ql5M9AcZh@?MYU3 z7+13r^)pc&+3jV->AJDM4Ni-T%@}--5ePxP&W!slk-IL%;#TG0G(Fw__jS3R}-)m5_(OwJN2XLiY2U6~10g#86 zM_vl&_Zg%n0Odv8{R?&qA)cN-fssjJLy$L*rQ-0Lq5r(HMW^C3k0wPCI7f) z`6uRUBlFO05M@!}8CBim7d}VG6-mRNG?7K*K+fTp+Oq?QZdq^ip$(^7hH#&{-O+K5 zI#*$+o9uQGh8`K?gt($DIV08}Ih5!n>~n_QLD#+{&Uql4++mKYTTo5av)ob zjQB|8xzo_bbNrFCG0WHbFB}|Ed-FK(;_}lK^-W0`QV-Sf5iha|wlLAb10e<)`6n(u z{bL91XV#_`FSqQ>dKznt&uQlcyGLTQ~E6 z0v-WeMXvM(Q@1few)3|bZ^sTBvN25l@y3$m4y+iGmoEWU$fk0whz{p95;Wl9O;L8) z#HkhJVWvk!(`jH{ql*U|jXtlC^mo?pJzjho7z79ykXV2S(N7fp86DYep*WSapLHS8D z8KuWJm7t6;emwj+vZJI#?rWpu91>>X_GO0hP^5uKta{jRZ&sJ?dF!O1$L=M$w|b4P zO%Q|!M~t;?Yo6LW3~)}}@Re@q1+89TY&(<_^t`@I?xyg{K%&nNa!E-ZT*W4?g^2|V zZ6Vd))eDV}MG-W5TIgcz@%;l;6||QRgAso>X6<6G6oPjYa*C1gECGyHa)F>G;_roV zM42H=1I|>rnyxQ=GM>MSDA|}E)EnJ3;DtcFju{jGp|AUpUSS9s{+nUS336;_FDPI$ zofs*fC#dFzhoycd!HP&ugrXGg_7IQ!o3WHI^Dz8oIMy| z38kQlKC78isEI=|X`ULB`M3SN5!p)(0!TV;i?6j&fGcqfgU*lRw>`!l+FMde{q%R@ zAIv+I=@=Sx3uzT5>Pm%uyr}lTm~XtRG@78~AiB_H-;cts)G9M@=h_i6lqy98BMxU1 z>8m{fissd*we^iICqAtGz})gM?U;m&tDgOg!i+*J@{Cczbw}I7Holr*V9#(-prn!9 zJOF#){Se7ofN!kG2EM`gsJzHFrg|eVnk4XdueDR9h1(!-Dlq6T7s8|zQ3!UxJUdxS zVpT=Xd96;+H>@vm4v*s3{!dLFKKeJlypkT!RW876M-yh_KWo=(Rmiy{E3N( zk!4b+M;2eNKdbNj^Y>MBW@c+I5X!J04X?*epj+vp;F)XdU!dkbb%@Kp@o2jsP6#XZ z2ga_#P4GYRf8K=W)LriAr&FS~+NoZS`hg>fa4@FsstLjm$4DU#&f_Oc&1olNxFaXG z?;Vc$d@}kw^7!$WQ3MlmNl4lCwi zNr6fuP|qXLmwfx8vt*d4n1qJAJH*((jWA*-7+)tz3pzV}fdY4+829^w7yUwff15z!Q?Hfzw(sG^6BG+q)VI& zrp+)L?GxZqY?C4BP%vr7Rt-TDo2E<0^-jmESVp?AgKilW)Qjr&LCc8gFr*f=9eSMB zt(vkuJn|;s5_3e$MP(#xfI$ioaBDS~;3*-Rg>#jtaL?=CjzkjZrY8ptW^lKs$ep^P z!dSxjgfywOu3H7!25;|Td}viznxzE)S&WDqRg2BL6)JBwEfnyFp62E*!8{2)o2M$r zkbt1UmhTU$Xm4ISDGbIi1{u{REPPDCny*)6ovo%m!eEjWM6&ARCzTuk$o`n3L9dM_}YJzd0z+`PSw;%ByKte^vGH-_cw>RNnIhzt^FUF90lANKY70k~;*t85zMn8*CqJf_ zDqxR+{aJJ)+NLH}BQAR@-P3_4Z0kMVea}n-Giwa`L2?#xrq{@y*nz`irfe# z`~j^(189}Crs$}>ov+pxdpE&#e*-!m`y*J{Y#w0NCx&~As&{ei8IdcLWD^f(nr9@^If1#x1Q43y?#TkY zxNuj{=dCpAzH*&b`V8PVNSr*WkmALd9=dsQrJ-Aaf9Ufy)X$&yr*6PzO7LNZ-2mH7 z3Ez=HjLTrA@FoW4!4}UqzNW-gjJQL@n1Y>i!l6!6#}Qfn5GAIaFy|wHWE<#F+*u1z z7WR~karraQtn7nUe1_?#6Z^k(2&b9gW2r8)l~;v9uPDD~)&=exi#N|q?Pr5+(dg_C z_PT|m5lW;CI{wnn{G}2rt4EBYFezpovQ@|GZ3j5O(}^_qN0bgA7@=Nlv0!RM(CSYN zwvNe8oK$&P&C6wE*eDzs2vS$I&-w6!X+}a^5u}>eP<$x%`mcH9!YO`gd+!7<*2t1o zxRjPQ=%#CCBIEe@<`48?t48~ZC8*Q*5vTR&pZ&(pBkcK^ekSZAIS*fsZ0TM00_=hy ztJ0EM6|TU)@Ix31VjlKs7e0LW)Tx%d7nEg^jVaF+Sq@XS*_Ib6vsZ?>b4m6s-!A=q z(IlOFdfBrQ2gE)nBgI$IxR~|Y1Vhwo^(~lS2^q5FTN8nIh3fW=yLEKw_o0<*zp#X? zT9ItkN#T{{`BqFLw^ockmw4}j6zLhFAVq|NQo(Fm-}Uf!pw2VxTlM_lpoJ1lK}VVX zHC&)lTMA<};aDRcA=jSkhkO|E{5}?)Gjn`D*7LW{&DPlYW?Y6@oZ!D*>?F9QU&P(e z!PHK}6iUWPoB(CEw^(u@xTngh$Rqyr$IH*Y9kuGtS5@gCW#t`zsnl7(-~T=$HL=&h z%Wy%R;{Cc84>@_UkyUe?>?`r+K>Wyv%D)!oq`2 zQxY;PsvsY>@F&r2bSPh2PvH%wm8#t7@Rkb83qmXm+TBO}Z)QU&JuFV+*Vs#53z~ne zzP#F7J9Ji6B%Z&HS$&-2HnZa_^_5M%`L`2Wc3$eE=aUCFc~&wnJ}h37@yp(H<;FD6 z#z2$^anVXphM2;;9@0`?Mf(gDKXwAj3`|t`NGN)QI_tULw!4S1+|?2m2qI(H<+`zd zZix%{;v7JyG;_3sSm^ldCR@h8BPWSI4o5oqebZ4TQ>P#Gih+b%J&VVwieYsc*{o-5 z-Q_|pZ;Agz; z@Mc(?bq$stUyj`9%D{EUJ{_~P^hV9!FA2-YTJMA!tB*|vP ze+d8c9~p@Mn4rY_#ZI`e=O?sa+)>&M1i+^~=ImO+LdrCf7O%CZd5UMx2HA5|P$-KF z$5THC$A7|HplfHi`CGo*wS_`BDl(L1eXHl^<%bH)1gBdhe8j#zG&b5~S=&h;*(hZy z;gkwo6FJ-|m3w&aGMtV%?DHzcY{3(|eHRGBx8xJebS6{c9H((hXJ(6PQ5s)pEomU|LCp-CBA3CZ7h-QXPiV~i zMM-1Aej^Q%~K-O+CqG_@efx_Nd^`ff25FdJW3t}PyxIz=gsoEpqlZquBT zaFZ6_T6j_LW9?#%@yyc^&&<00H;3stvQJQoiJdn*eoJ)gT|c;v0;gQ%PB!fJ&GQeo z+&zm!?x7@k{Ku{n;fdmwnet-H*s>TmBm|;62xhN^;zmlLI0C~@r0#dJtHN-tJWDjV z^;4<6Bn-5!jdg|j-uQ(*VqF|rqg8UKhMR=FepZoeGYMSQ|{#dT&7*-+wy%@hRR3Pr@G_1OMN*bi$3E z)p3ZZwN(1Pv{a%M@4+Oh+hgL*J^L$WbN!$lv;oW)v`X^LgS z<%yt)Jq#J<+0aBja5?LLtdN$4M?^z_v0$dGA&BtiPUt|6klpM*f&Cb`)O>`eL_D;_ z2W)SdnP4j{j}lhK_AH$`Apm$Y`q!T3>GKryo*we?aMbJ7T&QeQ*_zbPTxNL3b~kq* z+f0lbbJ6~n%?XD7J!(X9-6cKYnYtP)^W7I26Q8lJ*$4rD1n8DIs^f0KSp+LdzbToF z6r09_W5Cvqv%aPcP@ajSARzj{>T6**NdkvH23m-q6r~3?T=0Db$ z0v?D0%t`=ABC}K8yE6Jhcog?bn^v~5S9<~$k})DM^ya)V_=stpMYgxWQ*p79*dh^j z?NzW3L1D8yAl^BQc>1a-+_!JvYQF|G5~ud_)x#q9hS~6h zkym^PiWd({>qpQw3S-W#?YHEBG8^(ao)mrw64FY8Tn%oGPI*JHX)w~7`^U4h*af$K zR`vZ8QMY;AOot=6?;){Kyh{vh|XS*A{Acn zhJ1rGCO7^kzIeaO&EvN}c6LBr$6lWXdG0cOv{NeasJvn%-jTJsz{mD5K7H9A4`#E% zCb1#qj^^mgcPR?#9ros9h>*k#orzi2XKId~d0zSG&Lf}e%ZOIo~ zA={yA(b^C_)_%P`&}@p36IgV?-c$N>pD=JubN? zfF81?}`fQ6;He213RkTwTq&@mKOjC4Om)&;1Wh}FtmOo2lku$5Efn4O9XJZoR zXV0AvG@@qD^ZQcs#n}AQ=#!}SPRouC(_I4(3wg^7J@t2lj1eQhV@R+wk0eT04UlT+ zVBTdpdj6u_*EzUYcQ6foJ)3t#49d!(tx}(}_mj~eBJ*>?+|O7;(5T0C9GCpizH-VR z3J$JsGqJm>Cbu-|$Gn+xGZQ{F#0J%PQ$Py}X{TCmU#pJ1_C>EU;W29BKD|=GD8woIKLUGKY6*TutTa4oU2)y8YO=UJQf!*vm#3jK=1Z7k*;A|86*SCK2HPUyZi zo@hJTW3baGW?4(7WxskV9reo~Ei~mdt;oi0b${BXZ1>DU+Untor)%Q4j!^O|IQ&w< z9_b6~i*hNdfz?<^!@BHGRrIMVwfXdgEazGbB0x=W>=1Lo)uz2i2iW{{UNIQa>xx&0 z{#$_H#1kI`$YsL?E8d~bs0^|PFglGl*Bh|^s@aG0cE9T<7qiY<3Z5(2EpxBA`gSaQ z1wB7&k#M%RM{G#4wn)SdCf<2cjPD=eGCAlR1*i4vCFK80m=U{lLIGJMk5=L~`-x!@ z%S*iLa)k9;K8}@AKmDXxurb*d!)()AcwnGrtS}0*Nc$dlI`5`ppLesa;a5e0kyU_h zv19trRXaYEoc@CcnduawS9*dZ%S)hZmeybtdrkzeJ@H1Wa_Ai%XaRd;Tfp8@$oa8$ z8*`?LHS*mmLQq7o^vr}^N)gO!cjJOS-@$wV{;6`top@V6LDDdh|Hw2Y&Y$sK8Cw$a z^Dq*wyxQpYr|GA|05cS3JI$0K$RjQ;-nRMGh^g4A?ZotxIwbdm$jH9P3?_F5+5C&* zM35@q^=+|0*Zq>pKh!m35rF;{h}36Zezx1b`bA8a{L=dEdH;xHk3z>9qc&|l(^c*2 z^<8cpX4)Q)^3SxM1&-;)5AT~4G6*`W%tQ)g8okWPxwKvrVO8H5?Wz6!4c$+Zaca&x zwHf`T`I(9z1XV*WXbp{Z=pyu@J~r#m1$V@^miSD}&Fycn^YW@N8n{O%?M{zN&vl(q z4|5u1XY97*)Y%N=gY`jDfZZZ-O^-wbA7JVF+z6iL$9#4w$wlFcs$K zcT*!ufboio$4N;7Ie$4Ulrpk0ud;yTN?7xW+XpSkJ3i&{5ASae4EIR=F|(|?Z^6$u`7{Hq2h1?}i# zL`}Ug`a>_WqSfKU`~**j!mn?y3;W$WN8~PDxtJ|`2ZB(WgCO)vIs#7c_pb#aGrfsM-Qnz@ zEkCW8C_dvh&#kd06Mv&?>VA*LWP!W7HaBfgxlC2kCad78OKGOl$d{Cq^XvVyUOWyC z4w05Rd5=_O*EI2iLb-JkwsReZ=9?k}MxT&My!T~vSNT#?!_XaQ26oX$9N%$@E3hU$ zGVx00 z^6qaq3ymxglhBUfY56Gb-M942fgVkf#l3mJBJ*>)vC|=>4P#c4d=dAXb6xHJXZMll z-jw*~m7{}|J2FDQeA>3%XcRKBv~(Pr@Z%X}I&pUAo)p#gJ{I8j6XT_@%j-SN#P{#@ z5TIy(?>81(g8!4QA73R8+ls@xzf(1Df;vla1(T@TI4iqZsr(*3e3Z1leDRM7rQcE1 zS9`oSzfShUj4iQ8ts{4WaZs*1+gXz^H4k?|8!Q7R=^sK6Eso zWB(I5a62<8_Lk{h0PbUnH*?uJEhMEE@;F_{a z`6rJ2sV{1O|G!p>D6LQX0&8&Sbz&s`8~F`X5uzVM$d-l@!Xn+J}vww!>r!##Fs6LwFIz-k58WlG=&>84# z2eq7Q2&+>`uPDPMg`@5&j%Q>=2j%5zBX#k|m-izkB{D&6+nbE8Lt4oh88%-`XLN>& zXWbP%*G~O5T78+jCvEkE5-FSJC)}I>qu6sYb@M{4zzJIFZCFRbH zS}OMR;!(jFs=j#fl4<+7ZmciLXTF&R>R zBI-*@55CVStn8~1JDmNJ5FCzb>6E7Qvs0;pXKsVHdhBLickd+u@g#W=wC?E+YIxS+ z-XOdN6T6{?4XMf{6B;BlDpN;mFipRQHXQ2(K@}R>xVqXissn^qJF#aA&`#`td!2hp zter^OSo`iG^O_1LkD#OWL3$>7cCPggvzp_dR|Tt5PWNw6FeOa{*cn0roHx-s_X+CB zr)ySEgn_;}C91~pJND`&A&Wr3b?e_qmj=s9Dk>j&Ne8F?g>=PR!{roaY z!1IjV!)D%lLx<5c_XfRu0CSj%s}%(sd+-jycYocZ+>oo&KIchW8qvOXu%+|Y7d3k!=JTb-8x zhlA0I5?Z2M!2*A}UZWf^%jSq2&);W!a-6k4yn*3aq4c!a9Nq9b0wW#)7%@8|@FIu) zD<^fzhqOZUEUForwFcorN))~%mzCykAvJTrm9>J-s}ATS%6aVNvxjiXiMGZgS4VcY z7b_?8%fu(^>+0Vri@PQ^PaZVamRMT`K|Vo7Q9NUCvkY$U46L>{fvSY|JJ6#jGk31vy|b96Stn(qH& z>$~Hr{@ec}A`%&Cm?@M{$)1sv%!m*wN;cWs`6!x4MfTo%WN)QXcJ`)ZuOoZ^uJ<_y zeecKbACLRa$2srU`*rQ>c|EWHr1TNL4HHB&M^&N?_{Uc|$7`XSdgICo%R1|2)+}b^ z1D^n%y_eN)Q4xYn@@B&?0Bj1~_->4C;#9sOZijg+HYjp2mqNWXSYY(4^8WPQ*f4|6 z(WB*lvXH}Vpv=_@eosX|-A$o|L`@iJC<^L1j^*OSXdht$b&$t4&6B~VBQndm8`FYu z_iC=nEKAMdMLrbi#cAYt%Vb_RSk>7)bx6To{=Z8V9hv+9qyn+_lj^`&E0=Yh6wz3Q zInEXuXCpqTSWBm;)$2qg2D+uU#kxCI(#RjaNsvm&1OoN8t@(>5a1DxeuNzU#WvOp6Vnr^k_0*@f|RX==X*)Fu-0xGG8N}uzKj$Ekm;hF@4Wq z+B)*&PR_(TU+Pha62`(Ed!v7UnR!N6IzmW)Xu3Ooqhl)>APmhSOEI_>f^T% zSFl%+$c4o4hTsAOs7w=Um~#dERtwCvbbY9iaQc!tdZ+h}L}IdpkcOU4Yye=kZ$ra- zRT+}P#~cAz_XyC7IIu0oq|b5VCTXlD@q09hjD(Yd=I;_CHqoN_PsW*Y9x3=qZvWEc z>GMKpwUM_`S%l1W=%kwd|9}Jmmg{oQEjusFy^=pt@oDw9q;0|q(Np1qiyBDXTj3m% zQ(5$%bF;lL4xlGd2IiSaxoY$y)cu-4|~T3tmm9-CZhBC^P8g+wpzCeOqp(vnJl< zkKx1b9L!}y&EmU=xG=84l)-G9R6~BO+cbg#qJ09psZ%v9kq=04&)0o$!%kf^gF`_sH5v4*foL`q?a!X)HV(bWVpN^drq}F z;znbu&w=ehVgGoB)^R(w?XQF6ikySR`1>-LGkW?#7I(Q;$?)WXe?MZ8I5)uz6pI~w zc_{?`F*ZD?Xu{mY0{W25(2V#GnzArw8#?(GJCuXT@^s$+-kI%|;hiiHR_H`ljec6f zJ!|2u!69zB;Z9?i-o<8IoGl}F$LqWCCxL~d}p= zONjclOO#VGdYkfH{zfnyXObD~)LoiFkcgaETn-Eo#FuAl1+rxS{Pj0)wWv7lO$_eVuePbMI@TJJ0jYEW}t|+qF#P5n$0}t$G(#y`fbFM*`4*nM) z6Xvp2?fYtFaqp~?4U@B+f5SlS)zxRI*p*rrhwxfB_Q_nx8QYE4(mCqtNMWZfl_U_1QthZet!K2#Vy|lJEY8`pEM7@^l@M2h z`SecDjpy<%+L*S9f4 z76p^V-?IOb1q;uj(58avo7cawbM)KKHV-o|7A7qI4of?<`X|;w2wB#G723DJ%8|;f zjVa96*l=|_!_NLqic#epqTBF70(tcVx{F1OEll1&fBqZ|%Pkpc#O&4mCd&|%bq7i+YgAu@JWm;Z!mE0^tT(>n z4YR1iBSYT+7^4rIsrtRE!taQIbc2KA%=ZDeZRUrQ=)QuyUQGgqIHLw7@= zbW`T~g4#uF!Gd%_Gb$!VI@D^Qw>J&wcBQ3rJv3;1-CSKoxEsF=ZJF3q7z5NGbm_5O zM-UlfX6LQ*9F6*ZS#PBv;(R0cY;wk*6Y(4u@+-M!E&N6Tj=n&X{)B=O<1vdV@1&g# zM9#F>*oeipj^-bedjK_%e%2qVZQV-xB@U%u{$6pgP%%O#%c2}mpWo+vjQ)7mQLbuPC%(a1LdaDLuXUNO6d$dblN4s$0sMaA0isv{+hUz=R( z%7wYk9wv!3Tn_IH7DPj`we=>QM7iB$z@u9OO)Tl$+}+Eql#3s?GCN`kqI6JR!?$_1 z2W3s?P1wyeo`hL&Lvde+z%;0{x+7b`22i*WCGA82 zMoOGKCCCyyy`uE1O2DuZNE=rR0jI;%52UJ&0LUOI+0O>;QXgPRxrl3}ROTXRPma+M z%=*oih|6zwTZs|$js`H}YhU$uBo<~6{64`Lj0Y#OWKNGaYjVtZ^~v_Z`ukYK(XsJG z_IiYgm`GRnqfYz4++gZ+U!^soTWPUDKm zmJP^t3hzzCDcMCb&T=d`5LFS(B<^`pAdUpY4rL$w!pd@;aT>fdAJW;B#`NFdAsWL6uvEomx^S06yXh4)5{CZ7Jw-=ZcdP+-Qcr)5@w8lw z^f!-#%&(F%jVtnV*&g@WdHh%H>=d)JsjZqg?bn0J1p_+id{_h7P;597Ka|n?OOIf2 zG!B}D#SdEm(DLxw(&K`uuk2u&D@A^EohC^aYMrpq2k|pR0jt`JvY^tbGF=AOJ~9C86kH&6)r&cvWe0FD|i~KSh;9 z+wK}J7h*B6FTZOC*4}h_2Onf|nYFn-iWAq)1Fy}!zJF)AM~gtjez=4lE{X5;F+%&P z%Ea~|3sw-`xu|S&mZC&)Ab?Vf%u_&ChN@R5zj_3i?5_b2gl&?+i1H{s#rErM4(7i2 z{%Y2&J>;b^C1dp=Qa(+;U7C4D!kZOBEHIsAx~(u4MDovyybpw#9)&W1!q4R{cN!o9 zKV|)o$}ClV_}F$rq(RaDAnX#HzBhzl)e69YK*ET_OrwUre$3+AG^%z$<1@@At%^Ha z;q6NMj~CU@ee#Wul&DrVLlEAD(Wf7r^&Y4gCW+--7>GyKG-Xg{g`4%Z_#5<;9b_t* zIDMxB192LK$J1hyL1>1g^=d%DA@;LZ-a&r_k@mJDst7y&y~n7A=%EW*khWb^g}Bl! zi53@1K_7TFt%ui$r|q#OSW?wp-KMgNujG~JWQB2>tD9eQ$QUU}DedA-*NTFpRRmzRIuC6>plx(=gc|N7CppI)bAm{~ai%n1@_ zT6gM^@Ql7N5MlGtLb*shuz!x7*oHUjdRdymdU?>N0V4TkzWRJH%US!chl4lqGqW-?;1uN~xO!j8A>bCG}+!HboC zs-I*g+qYB2#}J~4e904(iqi)ShUqTZ^zUc9@*9)Yz^v}E^;y1IwI7U$rSkyssLtcoO|*!4gFQyOfHoDIwgGVaX+mEx+NYv zVn0uqo(?bO65v^oE;3lCM&?6+CqOLy;3P4Zl?bfOgBj|jegWvg9RYaR z>bIDK)W?rL#cf;gAJ{-Q=RaHJa86~_Y8e*U$6t%t?cpjRukmKzDjNx0N zV0onAaC)9>bNk5P8@IbNLu`LrOYa`9c}qI_`C~{19At9Mk+T6eV`GUfGc}ofIGj%n zr2!!&tR1%HXliag$6HZyJM|_xBb0cfuEWIOOcXYBgooxhSXyRZ5mxeG^>RaIedDl9 zdf1;D{46GN)PkMS_vkB987%zHkji95gs>q!9LhM>sfuTiu@e zbnV{lur%?gJehb8N;jqM`?aO{v|a1H#Ec&g0OAeNUBB}4H8Er|$Y3F%vs1uU?7}7W zqsliwuqucMeC=u`g7+Rpf*J|XaEceVO>=iwm26CkwEU+Ty_3_1xH!A>R8(9Zz4#BU zA34FIk~J}Z_NNv@_S@|rGlPLuSi>sBA+DjN ztHaBcPg@K3m`eq^As#`^j|5uZp!xEswe|R7Gqw_R;nbHx3RPh^AtGK2=P-$lFaK<` zg?97n>%ZmjB6-TX)3t&B!t*9XF8Q+BIz6Xh#|jVR(97$ zPLaa*g}?CXk4v`qRv7yl6-kdF*Yy(^v2~H_dYGG_S7?eW=#mL8zGy+VT@C7?AcJ$V zTh%ac>0D~Ez8r0^%tTm%3o-|ST~!n&TizX$A$Ub%nch!*rS0GJB$~& zi}g&eAT$6lhJ+x>S)&cg7)b1PC5nee$TsfI2)BFP!^slUU)4%0FA zn92ggRNhi|R?28??Xqi(`mXXr@i;rsMCMF7^GH{wft9Rx{sCzEBJsHA~|m z3$Y~AtZ0HIlE>Ipo%(E~s*ndsC4#|^KSr}aM^=6KP#{S0Q=kgT#ZrZULNx+B5g0oi z%QU#2-l&d{q&$ZUhmbVqTvK;DJ1=)%OkN^8gJh1>GxTPCH;)@~eD5QjS<8jA0TFEz z;gU{ihU~zmb-_n2dgtCM8A%P5g3fAY=#_YhF51*K>TL)*{rU8D?d2V4H-ZCXKPaZsCUuSf}GOS-mKn9qjRS5lTL@LZNw-k#=Tj*x>-j|Ri&dc&O%e!LBr@*(tCG0eP+%v>AW zK)1*4&Y3g2mkCl56`yxoPcQ$rDch;b*VijUk@fS}BsCFYs3Bm9bh*0(Ol@FUXdyH{1oYGuKc65vUEU=lK@vqW%=_MLlTB!iWYWly@GFyY@g%WLO&%^$a^2Q)M2N>mYykvnxzLnurh0NK%psC~e% zB&6dEe{QhLVy6h>6z9fceU6o|rtA&bWZfLR+vXH}$@JaDw||OuumG3&wb(O`PcJSH ztmnHf_Y7Rp?rMF7I2ptgAY&?jzLjneL~TkSg9ktY*?+E5nWf+PFM81}FF}c%G4+PJ z7nCsfL+<4Ly$$~@wFXAQr+Ga{uKi80iolgKM@ivIe7;_-`E8s`4J7Kqg=x5K$n!99 z{~h2b>?@4F4cVy=$<>`XQBThsL=z`Nhx3-XqYW0X2sUnbEY0v0rf`|BZ^#}#<#iqS zkFUHqjgmS=V&Hdi(7t5)@C<`lg_;^a|NKLVGRrpgdfSHShOT?>2@K3G1ihv@6-y*7 z%|ak8O+ZBW^h>Lrj=Q#)dBGW>`##$lPd@Zb<+QtP&-5LrDq7OMq!lh=w{YDd7a8;{ z)EwNLA{S|a^+CdXHx6C|9`t_WTRYy01+xH+7R#3H4G;IE&^CVMiaS)Aj^j3sliQp6 z+Xcn8-rzDbdxlQO%)Q+z z%YCBpQJBsXH<5&rBJC|(ma6FVe;DvlruxPN%};Ksn>pBFPV& zuq+G64DU%30ZpOJXh!*}$EHV(=!e*o9T`MseTlk{2R*m6FE|90V}74gys7NcJ-j0J zkF?*XV-Y;6;V$5Sf?SdQ&e%o9*{Q`#mFT^}15IUm}i#GPE_`hQrORi+1tXvqf|;#j{;& zMCy3cvp1+<!&;XUhq z=isJ`Sm3bK3UR;q-Kf%=f(opuqj8UIX@PN9`5D>njT(_|Jnp+9Zf2s+(w| zo9%U+q+V50wlk^N%(L0ec6Wu@GW-muZ=bi?yAl?v^Qh*R+UY%R*Q!Vsf6_;W)25lj zE)-3K0%385Qz8glyjSvML|%H+T*9W)$mw&yxD{QQDf)_uLgL(AXb?e8eWOL&~9Ns_CMBz={Ho1rh~F zvu7>dD<|X84B3ITo4nVzR9u&&eY~_{BLB z73TDy;4gunBjx=mv5mFdqe&$;%9a*C1h)MSGB(POnCFR|!W|5j%m#+$*!nbO`*0|j z;{FZvnvck$zc^L0G}Pebi?hV4Ly2y#A|(myivimn0OUSyeB0^ zgjkz-&8eoj(NSfUsU~-V|1-SZ%iYwvab5DRsSny^c`6~3Cpc{eCbGrV{|Uvc-c%Ng z8>u^&wHrR8Hel0L6NHHrWQBZm>my!GBynvkB-Bo$6X`GH?FhU25S-G5JDE(n`-@3l zVO3#8GsJ4S+!cYO_@fQ+D?8gdq z=#@l9e(pr9@ZBu5g!HwkdDa8M^Wqtq=jCq`IYp~v<@k^z*JJhApWy^@Hf#HC9?et> z<9U=AjR+blp}@kLdqfr4U^r-k>RvmrX+L?f#S4)(jYbQ=+=;8d#97usNzx71p(Fgg zmX{q$^F?Hi^f@KdQDSQw*x*TOkocU*#9|;LN8M*OpQVmh^VKBoG#Xf_*y94v#jpI6 zUP8$pt2@g~VwWFMi5yBj|K?Png(WAxdpgT{R#>;x#0Oo0sk=Hq+IaV$r|q?LO^VErG-Fv?o{2_6 zjYM?iKQ_)&>N%0nw9wTiv!R1<9}&mc6p0`Pvc8}mUXrjYYcTHZC-kDGXej0q+-#*C zVOzn;g?00#8`bSE4#1m&r4~{5@bdOJv{G4+p?wo-!;`6et$u#!o&(jodrve?U1&d_ zzqNz{`^em`&s#SXH)K!n1R+qMI*p=mX-p1+AsgGh8Dy(W&&9qkk(Oc)P8@4W^wHB5 z(+USbhC|feiffiZc>*O-`{7Pb5e2w`Dx${x2Be?9ahy2i^WPc~8j*aZn3vho)j99m z{Af7$f5kG=ZqfaW zH6?X0;v(whfC7gbU+ixxunC8c*aj7x&5^Elv9YU|i+U}w8ZSRgkzg0^G0kk&xa)?eJ`KZ^P=1nEJx+2@?R+T zyspEHa!Zr(n)Hb&`vFBv5rW=(4Gi2?(P{Fb%cH?30w1w+p0RiyI~gy8=Uz~YIv|H2 ze*WAc)b>BfI9uDcNkT~{np>e!cm2=l6i>1ogs)-H64eg4TbXs!;k46slhP~S2b78X zu+GX+Yp~jq`PNVsyVh)i$I!F!QnN3$RSAN4F_mI@O{i(nI-X8B4Wx%hycRan{#?+g zYRBF#GkIE{+qFP0u;<|R<9>MwjRz&}wGX65LRZ8o?PfRL0Hb_~-E(K6m<0G!4SWteyD747 zyZwmWp}+z0p~Z(T-_pXVXpFbays$|N%LbvTLuC8#OA$4Ie_$HD_CmZw($=|GWW=8dPF$}doDfz3y!eVe9kSeK87UpwNc4Q4}`>-(rU7szE! zEWc$)zI1i_4R!WI0(>|6ik}e1J8&o&Au{ur_?+qNm@-6Th42uj|t_<+{539 zG$*DikEE^D%mC-o!GBz=1O~5ZGc`Fg!jsS{a!hhFK z{>P@`n%BM2nV%F!NNna)Z{C9Q zo7D$OYV&MgDVU?^_^1yulF)?ZArV;Q!QP~zSjkx-i()jhgcQW-$>h-nk>bR;*fP){ z2R_=o5iV-i3Rb=?kDT}9T+7Bd9$!I3MfyQXbyd;4JJ2-$B)#C(o0n*$^Z0QU&g|F$M$nyv=>5*W_L@kZo+%SEW4=ApvuLZB6O>4aeWw`m>xg4hXIx}jflM`{ zsD0D+Tyq+R_Hzbl;ay1DYe}xJeu6}hL9E9r&2`-QjlfL(Z8aOd`&m|pJjIbi`I4)v zcTDom_HZ!vL=PF-jraZ>(rv--lG~zNSy?`m7Wn#3w1Ip7@@$S2zF~>vti(M2w~gnw z#B#o_tVC;vT@(oF$riwx!IQ*WOP_A&mN@nFZchBZOfjQ8R`|xYcega|s2v5V=+;66 zIJ@J`%Dmh`gX8Wv8ZvCO5A6=J%e|JZje<-U%eto%=d=U8Oz*Kw<;=IIw zIJ9V{F!A)JY`bP_$XBGRKe1wQyOkY;>3|eWgD$M0&0p4?AjVN`P(OMI?d(=>Yxir^ z&GK+a#*VCnlW z#w?s$p%*5}#JOWUk%uSEmU64wziDC<(3Pjt(Xck47sT|N3|329f@4~07aM2ygh${1 z{P?$c`Hb79RsDCxofodh#vCyD`ugg8J2gH)C1kx9{`j8TkMG6TWV<*RX+#b`J#UJ; z^Fc9!$qKHD?REmSI~_a_ZETdzmI|vP%Vx1MF-VO1ul7T?^M!%jOU4Tq#6|61)8in9 zK&a~BwjGzD3773*_rp+j>6Mk6^5q>#B1I}h=@p{Xf@u{Jg1$|2EvY**zSxhRrb$Yz zNEC!9jdF3UTg#G4#DbZ{fenMu9XXw+TA>A-H{)>`UOagD;A_`(03dtA^=$8^LHvGr zMU@u`)3*noM;bBk9VNqAY!*(!`g-35uRJ7F4s38Xw>z-ycAVDuC>D@|)$H%QWzpt7 zWQVR!bpFy7dU%-=`zVL0R_4(|#i};d>c9>`us@n;=ME}a2_bTxoE4p>Z?C3gj-nqy z+gyL>zvl!zJw1qUxgwsareN-77NbZ+7*#y6pBw>>Q*s|lvdrP`2Y3xDrZ*EGs|-XOPI^hb zBc4#5;a1Uey1CuCm^q71i}0hKdA}C}!-o$XRB!8RV=fpCDn}BjSqaH{hXa>iOJzZO zndD}Goh~mpp)$78JML<*YBc1)H95-GnqWw^L>12=X+szX=FV79q*0h4%Q;+b$Kr`t z%f(oLO>}4)rLghlkwsm=GhHI$;(FdHBTjmj@$BVop)(h?=UaY%!rrKrXC-q1v*vBa zXakbh|LvVX?%>@b)x-h`F>{j>G~z0$k7z{fTRk~QFnXI zi*0iF=u=+?;d3u>M;S~e)`kSrb~2_z;~{2#OD**yHju^s0Cf)IF3(`p8m*^{=eTC9 zcLEl7$02$IP=%@`hQ72CQ~A|zAJ3j>^6^85U!ceC7{y);+=;eos$EHA(519lP6qE+$6anGPazZTU(pE>Cj zYd_{_aw~Tv;YqV~$-W|F7J?L3di2--tk;3!;+NWwcq8HIX-dqao7vXmGSy`Lz${Mq z*t36mK8d8cR5U>1dhKe=M3VHMmggHjc}xyLi7Ntd=I~0WUxIp%MTM4-q%}TTrA{j# z)#gxnPfR{~6&I@oRDL*V=R7I19%tYlG1tDkO93M6sO%e(T9!U&HfLLY4n~{Zq7}qw zhfsd>873Xsr*al@{~QV7JIiydCku#8z~zV%yBACcf$|0^yV*DuL+Q<`q z72#LS)I11CTD1Ru|D-J-{_~Z2Gk)d^dvNqo&h(_V;=ZL?&jZW8O{uS-8RLA9cGLuv zK7)z*D+%DDtuNT^FR`C&vi^?_;ueNZiaXfZd2lP+N8umpUig%|pL&eNZC2J2E;Ea@ zBHzl5n(xfD9Cq{}4^;%42hH&Ti+T<7O>wrlbUL-R zOic&%Jx!--`uf+zyw}JFt@hjdvGF6qb2}G?{3X=`)ce#n?Sa3Sq98t)tbKJ$<}N`G z>mWjrz7-BVq{TYpw8DeVEjk5N8t> z0+FjWSfAdN!e-m6#BZ@%-Yw--QMXqM)h>?};&Fc-U!w)ki%B!%-g#I&C+y&KO>GGBK9M0d0fiw)K%mgh3bvsgaf z;x4TahdqS5+tD#BLviIgA;t2^#rZejO_Uog)*9xYqRS-hM0V%kKC@Y+MJX_ca|(nu zGBBr(4;fUck(OXNkHpw9q1;`?cGVK&D?MC^DV9WF2%h8K4RUGMpJ}G#4ts7ge#Hg| zx!GBJzXQp94g`D2&7#~DJj@phGs`h`U#K)I?MYVQz0;-WR1#(o3YZw0aq>0RaO| zY_<$U_X3bFcIB~xz_P#Jrk(Tjw`(TEyakw5nk(yAxz#&b=#r^g(P@Zu6gq4D{z)`9 z2(_FvbGQA$7mA-%I{t(0vpy{y_N9*Di^11jmsgD^`f^VGs{@=Bxwm=_cSR4iW>@7| z)ja-JccfUp5RSg&TF}#o?&5b}*;jVK;qG&;d!j@e+#p&5^NH)*2=F7=SMCZN*4#RTw~~j960NVuCqMTPd^^9%7jMMas#@?>pY|@-z$}~T#;)t z1)})Z3~BMOSYGNKu4&*JvXdIF{)+4Tq%GkUsDsJH$?V{5)LO~%VyXi=WC^K%S@I|^ zo1`x6WgAqFP*tPyb{K`^Q`c=*-;tsC# zRI$Us9m|Y0&s6rPc8-*I4p~z@6W31D7R9` zya(6b50Ju|mTDwLspI7QVhoW>IN!U{n{>|0R?%l4-`$|%{&C$($yy!TP#$zfy&7)o zE^L$lDnGf#JFyf36m+tpHc*E-l{B^FnxB#$Y~(o@3r_C<;qg<$2*_- z>;+R_U*?pr#|^wbQoh1!!-^W>Th3Ty1w3M3qxmlb_pKO|RA2bIvrVmP%Xp=P_@bSX z$kL})<0JTxn2OZ5a;xP`O-uE4C2rbQzba z{PMU=%IE_-ypXr*s1=nol^`(P$j_bdh2m#(9T9KAO-tN`tY}B&Z$-G5v;n2H$^faG z`M9CJOVeH-Sqek66md?~9VX4sFV(Iz-QY?j*uURz?>kl99 z8Az-YR*^z!0~NIe>+BF=*7n-z=99R`$9_4QR>(15-KQ}iq?;YhlrWlrwl)lh?K%Ts zj@Qk9FZ3Y$$IKJRYTn@Oo>pkV2cl;|ScsWEdG29G-&ZGNps(zu4${U{wJQynpJ;+&M$2hG@r5(=X+?24JWBq z)ZqYP3|Ip&gb_bs^olDt7S#Fv!UgW%=4XDLJRpk1EljjR9`W+C4Bz>}-@IauIddGK z4WBNy;Kxa>MXlL;xhszaB@*mNl@tpRVTmvOxZ|(eIW50mXOG0E;OhUs=vRJqdzqM6 zXjC6&Tv!WHkgop4d=Te&5UD{^eQ)4x>Gy*`r~T=>8V35I=f#}Zy`I>(Wgmg$L08+~ zG3dO~RtNb9xg&{R*OT3xWh>`E+ZiQKksS(z(irA@!C^*a262T(czKO1SZT&2?E}c| z;edRc{H_qe{NBt2Lgn#&9nqUtC#n72?qInR zqTC22@484S*88?*8<3P`v#a$LTQys+6YcJ4pu!}0+J%JJrG(hkM;uFh?SG`-%zwAq z0k6m^t8!+D-mWyOS3M|#Hr)y00Y)(%`FUg%GxBgmz9f(c&KaE~UOOyZjXL^J9LZi$ z?S#()x$=hZm9Ivo(HN!q89|E&7t4hb-nMgCte%E<_T5u&t>zT8qQm~d>-?hcbej4P zh#MY}X$gp{f*tp%;KbqWnkf54qDJI=Ta(q~%F0E&pc%ba-10mk^knAa;jkjZE%$~v zA;p{QwsrrMb3MVU*gw*5NiG``5-acj2*2{ zfS60$#U2TIHdr9xb!=7PjsO%2rA;ENEQF(Ykg2!#|BUPxwFqGbd_?)i-4sdIu{}Tx z%NQZEVPwa6%;clUVLs{)v@kP1HfDy{kK8MR>z0g7v2c(s04x7c?`R0`#+!G!Y4%2b-ugJIoTvV86v@>!N>6hTX5Zn5j+I{3QcFWwL zKJ2&K3KtK@#{YFSVY*4)=RjdeCHj{-!b3SzK&86DQbi z7=poJA@C+uW3ZEqNvGq#AF-E(S;=T|MGc%3kY-nw_>lWMjC*(4;S`4kTlOOAW&`?N zaqZqoF3|Mo5LVP_3gAP(L8@a#t z_OpnVB6(CbX6U@;>imDopA=>Ihd&xA+IiYN_qPl3x2q4P1qKv0X(X-klyZS&y+HHz zx*ME9XeCy{?pKICQ^`F6c}CH@Nc&*Bc^*r1Lpml|735ZlYKDV1%A#)Y^Rm3$FhCb+yy5otes{8MD zk;o!4r$_DB*_y_jo+DEY4x`-^+Mme=a=dxhd2#*~5lLmvtYyROkMp&4iRpoDI=tzl zdl&;aNE4Y^r;8Hg_Vo$m?7q!^VDE5r_`VWW%pXwk$X>LvGZee6F$a1@Y|S=fKCOM- zkFWZosK0Y3H!ZO}dsK8I)@NKxN#rms_ayR-ka!89Oa(0`Et$hE+sVo;{j4R228Fdu z49kvK!=5P}%HhWNTbn%7>!o*ojeK>J0Lsp#A!)%my~yeQ+GEh>{(Qh&|n zMbpi)4Qk+GC-xrtTIHI1%%ZsLBvkq}hK69c;4$ts;)KNn1;xE|F2RYq{L(|5t!q<0 zQumOQ@!PxGVn8)6gpo0aMDIOS{3=*sM?(#4;&|RFf2G*oFkFzZ{bY8UpaCvE2Rk50 zoT1UzKH$*J0mDnpInA>Cb5*ma7k1~XS(;8|aV1{o01O|Xef+5fiB9gk9IS!Ku9UQoxaHKw zoiq9VHF(|8j$u|NFa=apV7v(K8y?|>UgcpJilEnPn;C-IyBc-uWl3}OdxH0Hd<^>J zVn;=o5bFRHkH!60=CN-u;%Jt;TK8JL@#M?n&6>R2gK-ARlwr7SFJQh<7s$-I15;!E zh9(eBJ``-fX^C^KpSi3cl;1S-VicKas}g}c!P=4I^UThr0GYPLcZtjv*$%}kwMM7U zo)u^o{;Ik+0=bV+;>b!535VVEh75F+*g31=YvKKCO%O3N zbnEjrFwg!}+S@iP1t1j5S>e>19q^sCjSA|Qqlc_~pKc;4P9GlcdV1}uZHt2jwa7>| zE-peODvKE8yQAxYsO`o^n&BJ9i==qggk7(xZy%;2t60`$hd2H>uSp0M3!$c%w9(^m zCS}PQ1LEPeq+w*Ssq*X(GVI;>l82Q$>N4j(MRRamHU4A>`pSkA4aeJqPh`{EXCw@| zU!82%j|>ICV`@&q?s7vo%%pv!s5undi2RD~t z^?}fRSQW?qxJO>pUy z!R6db`k250Rzb4wSk8QHE?9i6r_g26`fH3RA^WGRdf23K8>sHA|1#DsS2cR+G~9LL<%z4XCEE`HUt)5w9k`S;w!KhWbu$H?Hc3fJ zEV&2vNpp{O+9ye^#zVBa7)JYsy|;4zKY63ncjB!qaXG=snGm=1s?%vQXFwM#PlBH* zyC_#o3Oh`OIOM>VHC$(k?(+K`;d)U5H!KaY6M!4>Ca#VT_mO~>N%I>?qZv)(!qua~ zj9lU`?wTAFh719ce7Fr*8(#6il>7T#e0D&xP18`LnRGy(I0zR@wWIU<2-Au4nd&q@ z4a?6HsYjK{Oozwn$1-2H+LZtwr^r`isIRe#m z|2QXpR7B}`bQctNB!f>!V*TyPX_Vh+rirG~yVdBkFMftZ9;L)Do*{KqA8cMcQC2pZ zHg2Kbx-UH#Y(Z@79*CA@ig3HrNq+ctfx=Gz`dJw}8S+FMJXVuXrAdGbsc@h~D)$37 z#&$7WQc<#l;rpFLJmPCMS^$n_`bR}cedyPo3Q4iF5?1usEASWKb#Gy?Jemi!2~eEx za4lYk>i*6EkhXWL>*288PpBn~cpZm4oANscR>!tt5nt^LsoD{dkr%l52(}ZR=`hLN zViUC$6LF5xXjGar%e=hXpJoB*a)q1KtqzNR0a@3Fsv+KhJDZj2L^=&`)ipf;>{%~x zbpQHNYe%5cCp?on_EOohj6E`5)>wp8j9%qu`UeS2^qKA6=2rURdSUzGS0gokSCv_8 zm!5?RNr0~mKeQG^BK?5{s6Qt9zWP~rkgca+p93yt$1oG2=>trc=U$DV7vdh*-vmRz zgb!d#&jD0I`{Yst-!yE_obVstO}nkUEAmAz>xU66&K)^|zW_-b3^I~Ygo#G{ zdg>#N^+YF;Js&`tT)ATx=TmR8bA8mmdVSdl*@cCeiKL>wr~z|`C)+Cm(>)~rt&iV3 zc!xJVPfyQOSKskb%(X)^V9?DO)#s-s8I>b-NYVt;(x;4+W#vKU>J<-wb`vl=cLo8#V zLR8WQ6p(89Z~HP{yx!OdE3iKvxy6J3HOt@$e2dpXq0IH{XMTfN6|hu=Qj6&aHn(&^ z3=2J;>ghs_e26U(n{LBvmWry!I~~)yOdWN-%3U?HccBTA=i z88~(D1MtwAp@(e~0C7Fb#masQQbghOs}p;P1?D-f#~Y6Qx*sQ617VEdl6E)96+QW# zZN2=hO*37YwdH2bqlra@C*^m0LR6%2mBoEV>e{NN0j_wPE%dfLZ7;6#tTZ}^Kr;s{ z#1p*N-vIv4tGwLoB^0UWw3vsgk4RPS2aOlMa8;WW4TgAos$0ZX%;xiTMP_=Muq#*9|bXyYyR6uM95t zpp&7P)U|rDwwXVQQvW4s)v-=$xC}>yN)c4Q$cz4B@55v9yu8Rl$UV0Kelc(Tbq4t2 zij}F;6deCkr?^ghVg}FcND$!hx!c8XFEH_=EBNBDVSJ z?fUJqW1YV!FAXE!j)xX0Na;ye^Mo;+!P$c*chtOQ%0dIddfZT4=XLJLPdBQkHUA)M z;E>=8ewZK0DyLP2F`M4C`r+}?7iHX!dl9Gsk=Ec`leMLrld8#E2ScYlr7j@dFz7h@ zL9_qTuy%zKgGf|?j(noh-tURTSdjsd_M2|ZVrI9Xx&d`*wboQ4LFI*O@V!j}AZg|{ zzj>G;KHmBh%`B#tQZ))?&9sATAAUd@zu`f`jXeA(8leye*>$B4K@>vcLXHh-c-}}F zA~If0JxjC6`-hWE3MVKa~hE3D=5JN!_*lx$Xxr&U%a>uh*~O>s1zX zoP~Fj(@EwPSI=6@N2rb`ZRqknwz$9K!)Qc)Cy9_xc~8GWVZGaEI4rWyw{6@^*vp741>#)&|7 zl||91$;n#c#c%>m1^!1#ueEsK$x&I#l z+$~G!uy8GZT#76=w8(WwXS-+MS@2+TknB%je^b5;aYB)Q;V117xX=G7@2#|roNp5p zyYS2v0>;HRgK_vl85n2Kc>aaV?~bOep?+DZRm}f5{z_-zH;eC2Od??4ms9j8iXC%_ z-279OsFaxufQuG}gfgFvaiK>dhhlqx7=AvIMMsE+WyVuU)+(?4;EJ|QPiRopkv-L- zk2c^Ck8ed@j-w3BF<94-)<;|)>pba)B@2KX-_m87ZKf!5>BQH@p}S(R_bvf!jqBKf z(-h@OOol-mmgz4z)Py-*p|+il$AB>`c|J6g$}1)_R+w(zyIVPT)E!iwWz>YRftHbu z0HyY*a_B!x*sT52W)1LMq-L3XDAnGUDktb>DqAe#Ffo>PDjCuc>2nbA$Mu?xu!E#6 zi-AHqXtn1M@!`mlG%uqmKQy1(gUitVt?p1j;gud^h%}6chI~w{ zzjboxJXhY0lmXUtoUo$P@hZ&Mg_M*RoRcYYw*88oDP^fcz*6J00Mm)ab-=Wl# zVqqby@K_E41qsS4&lc0&@4QUH=N^gg0M8$E zg3E|tzDOaF>^b074R6>+ZHS-$?And9tH|^`{OvZo)tFgwT1A>E78p?pJF?kvcLHhH zUF&E4wdXGXe?l|m4(9gFYYjw?s z7-HnmW$}#ks&-Kh;1mTH=%{B>+6;fcO@rJ3Y9ARyxh(8>l-HmYD(7oQ9@}JT@{`|V z_nj>!j`?URfVtW+$`*7hKYDx?2Jicw-G<4wiJxzpvUQAZ^uZYzQSJKLCxz1h9Vyr^ zTK{veBvGk$u(XI@$8K@C?nL_wllC7b|4wDFP>G=4oAPUK|J2I)Raq{+xEQY{jV*C| za)A()JW!xLewd)*fUl&8YMKG@LvL4XcUpK{h@p|$1u@EcbVv?%Q9`3#f9Hb-6;Zej z0OWhkLHC^nKyU;(6nEKCV9aj^G%f?6aRWQ=VnADNV_ExLd9fHTZjOgvC?+$ZnX|OX zM}Rfw$Pd8G?1aG{8%s6D6DNOC?DCW$zJ)YeO0^5%zLBQ(uczpvVZe#ua~}fV?nO{k z+6KIzrV_%;PVo;*IBIMWQFMzQs{<5Vrn_K=;G=ZBw?xr~(2Nhwr>YnD{DV z+-r*b0Gr*E6?fRB6aUt+|2u^Pi}$91pBzIvru}&~DogiOvG}B{llXjwI>BcY$D3~I zYx$3qo=S$~lYteEbHpHul!I)A+p%=?YW5RtC0JMP|zdg#MzgsDtz84=dOelu}VdfLHt3U$}z>_*xue@e*GMM=g=#8tl-BNqobY0TtN7&F8Lr{X-aJWDTs!Gp=<63uNw;&L@T(ctwiC<{EW>zL)qQ?3$H!#u=C{31 zIosMP;~1#%is?y0)bK%ltc>khf?v{i3Fn8uPE*>-0$bWY>Ho?ZN60kVe9wMGLNYYH zqnNGOt(NMqLgkOhb`HWpBjofe#h#Jt5;I^`AL^NX{U=P9iXsM|JWgUt8T2rn2Cc8} zXZ*Pu-(RIGyrY-?W*uTb{QL;!=$GA+C4AeFm2vN?;%)0OM?3FRplbGYxUE{agdcFA zSP3^k zuFB1Wdo)r!mJE&EXeI)Hm>}XtbqPf?nmJL$0GSpJuPT!-cyiB0uE-7E2k0&gj~EvM zYTMcEwzmjqd*gnoL{N-7C@9T#=kj*6LLn{NAm#$rW5ExW^MsOG9@k+uuC6~bvq8Oa zM)&hAl2EJ)EHs}&d<|_FjIv7g~#R-!ZcL=koXp%qh`7!A7e%*Tw zPn9a2oq`srvkx;u_fJ9d|B?3I;Z(o>ANacyWmJ?UN%km}A|%NsDIviAvb3dNrUPzDLN-+}o z>j6boPV!Gjoz3pS1jLYL!xUL`nEyQ`Di9Q4P9rLq;^ps1z6UT*tx`?xu|ogkv0SMMzwD=-Lj zYPl!i69$+J3c&dZF0_7{XU(R3ve}_TNPo6legfmFIZX!1MEb%Sb)_D->m~ zY=9Fc7>Bs%V0tGh@nv;TpZ64Bti{g1dO;bP-;QTqC~qclnQY!BDCLl-$SgKICwOqU z*(1oGng4({k?i2<`<4E%47HxDKH4}j_zL>cILd^I8sX|Z5=9_RFSkae0ZMlli|bS8 zvmjyNmmy2}25L%%Ghcth7kWbD-e%fLlm7UOtL zop8PR=cvQc!mdry)e3%%-;Y2G@$1d~q;4^+uA!W-p#sxT(~aMVAJV-?oD^_kuqCyi zIOkzK`T+JL(!W>gO1>G!{ffb2shXfDX7Klh*kU~uYL>r=idl80$#Xy@hDtPC+;sbo zFMwxRlq~nWYoDm1x8L{agO?9=#Q=a&>Imd05>gSRcv?X>77OZO^c-gH*AyDmQ)GTW>t{$Dit4JvoMv&H;9bmXiTISxiv zHGbBlip0Yot*8%2Y1>^A>sO2B;^8Xu7k~Dy89TKmvX(ekNY4&7UwE5Vdlljlx8K+m z$Qm`ps0dma#MBV`JnxWZL^w6UCo6>bt2H$!>1{IITqX zWFU3~?O_d;Tqp&0yFTHjS|JIj%{4#X!ZV z+>$y8eW=BWxCo7pG|*#Eh*ax#%p?^gQ(IV0hSg80?0OM^x2aAqOLw->Tjf`Pes$3- zge#)guL$5rK>#DBp*-t!nm>ks`ByyfdI)!`vz@}40GJ_aR9HP0aw0Ap>CkjG3jL`% zQNMcc9!E<1Cj&~ueOl($zs%X<8}*<}wCyUT_T z%gc6~xXx_)gczm0i1#H2dE^Y@xdl)#iE5n~;Twq%L?@n7f%K=<_v|h2>yc`&VVBOD zzN7zZeTxmUqWrKR|Ieb-XAnPEljIHkQ%%=nH+5bcJT`^Of_s~W2Z=_mI)8RvyE~)I z{!J*ppt$J4i4&W`xVeXIBOZaxKI}CUJ^sw;9x97#9n=ACW7Lx#fFSAlh98SLU+RZ< zyr3U5Sp30cPz{I${+_Wp>O0T8wV^LszLM-&Rk)qpk+!tqza*(xx`=kVDpbDc^aa*kui3 zobgQ^$4~X!tl;aL0##pSmCfsWG~0eio3O$s2tFdUF1u8lXCJwBAZ9~is`VQJ-Sw(N zor^#7ZjVh*(E@|V$jo4zrS$$ zLJQRbf7)=l#fFIOJI;|457$kGWO%$2dWhdC2yS1V{Vo)ufc}3qq-hR3ZU~AOW`3mmWs-@dLEP+1xpDb=XwBwDw`^ri^$XzH%Ai9l7l1Rl?l(wFJs3Kvf$^d z01&H)SpzK{Y+L4Z7b%%T#t2Y65ZiJkq_s#+q>RjkE+~a*c~T80@JWij=3&LL;N1{5 zN_DZJvGUUEO_KDhH`(GjG_@;T1N2OWH zG~4FCnXtiE1AIgRt1CLqHaTuEbG>5^J!i>LNa|mNq&~aOm?Ggem)d=He5qHVe)WoS z-IarB*_ofCRoR+0Ee}#m6H}b{2Bdo6WjUA-tI}q}L&O&XTT9XbC@1gQWB+y40Oko4 z6+VU8I7lmhF9`nNh=2#NnsSp2Mo{L{|9Vm`c*p^7 zTu(L-D$afYWXi;AKW|;=*65DaqWYEE`ydIe%`b4-3z-$R=;@6@R60HRJ*jK2I`=_# z0Uu*MhCuqXq#PkT7psGERHEY&E2(xeL{#vR-<@WJx5p}=?f`;SN2L_$Xh6Uevxh7@ z@l$!IwJ`=uca{ee!9s?JpR)wvqW>ef4J9M=)<&Id+JgreAg6ycA>qnza#N8*MO!lE z9h<>c3MQ?Oc=!2_7D0=7zy z$Z??xMJyy)66Ch7!WCAjBvA*%*C*m|5U3$D&(uC#<3=PI=CTtfQw7$&4ET2B9JZF_ zKodcMP3}iI`s-a+)c>IIBm8(m@EMy$l{e+GTL=P_ao@(khziYIaE-9L8Dr~e7vg$cQLDjN*c=QW znr(~YhLZs+j;M(ZT>aE{{)p2NLH=E$^23BdFuhqMHmoJDaNufqs9fXL z4N(_LY!*YBe%ZZW=~GwUTb8+wk_W*9<>}WibUhn;K`lXYgImyCGadEiJ2w?}~Ka{XVNU0}480htsMtKinl4Iz{}IX5lOQU(-dLk` z45dg$V6|zOO4RrWY2|K!$k;472`=daDcwnaPb4h)QZ=&&R&eL{kulwCJ7!&S=XLfAmtI*>XunDbN1$ol_k=2quJz0)PTt>YBaVT()FCt>0Oe>gKC zF2jQIk(k};q<+wQmJ=uAAeHR>E&0N~P44p!VUi)wealE(DrEMNc$%%qfEm zB_cJr-|;E+bwUamBc3G-?Y}pwVdBzt3p#{R+c|GWKe!idb593aYL2tppJ$Y+y#HIu zpry~M=pq!unQHp7cEhA1xTx@_edF)06*mD=V8ZOLTwARRebwh)1M2OBGL%&m=(4S=U2?IzE|8r8wMP(_vUi@P94XLX8l6-TN9meJNU2 z*7rQZZP>!&)u+d&`Kp8wOo zwr!-q3#kaQ1_(J(H7n?|E)D6XKLvgY8w@J>^-FenrB)?h7t%;-)t9aT3&fBOLerHt z(jZAH6aQtB>=C=&DojBFUR!*NFSPV#m1GnDXB4lbdM^{EeVN5r6&_)S(a+3|4{A>n zf)ux-8SJT7p_6AcW91SO<=>NB^O|8}sU%oSf@?m8--1c`L(K?H2M=W@RmS&cAg zgUrTb=Oq01l37nKxW;#%rT z-5O}EYvcph8Nwu{6GzQX>i!l3G7@bK~~>_3EL@ukRxcI> zY@jmLbT{i4w6rBz^yy1GYiv#vhKcgFiB|{Y04`s$@3|ZlM@L*hsn%Ba>C0pO3@HOI z0Sa$^Gz4Hy=ZTDgFBhQCD{`9t3QJNYxw6@Pk9?xqhH`j0I9%oh<1nrpb2wqXCVmgIs*B{ryw-&+lRe^7Lzx%*qyND^X zUzS1T_=@@Vq8+SwCylI-&<6Fi9^HFKW2@xCB3F7ni4kUGmY&vMYYUt++JZs}DqIu; zm2akCOH+!QVtJ#*OlqR`m+cy&&quW)@SPnpVNuDgTz2&kwRi6nwAHseWRyPgFR&eZ z1HKNe*mFJcMVK=q4?F7JFq$Y%SP`9AnRJ!D=jJ$3Bpt|bBuDr(Pv!d~av?lzHzE?f zm^lo zDhMC;`!;kkidhr0}#V(dyDrOFImS=htF(*GMV$Ck%7a)o0uTt&Pf6({X>akX9T%b6SE zgb!(jbk2;4%UX#L$d2Dw^xjt2MZ490k0xcuLdld9ayUw$PoT`QwISKSK42X+Qj!42 z;GX_A?s}DvIGQ;QTwrKRk{GjEaA^5`AEUCoAKTxBpSzFeBLmce)QX~0#>!RAxim`C zc*BRxRF?P1g9)4_%3UvM<+ReL!SCEzzejHbPZh#0nQ7HC&1A(3QUtA>G-_J&e(i%{ zPVFKAuoH>nlT|H3U$hu)lT?lrv>YvH6~S`?ev?Ng_699@SE4Jkzo9=Tsl*Yfi7@q9 zjKt1>G9^7bA^)am-{RmqQy!*<*vYfb0_vF8@CA!?)I;omx$z@$+Ci`0si`AYg;w|P zbvPbzzEyeO=aK)+?EE)6I4K8(-eRL}MOL#wrgPY$_q&cA!ynwiy>^R9f>Yh^*M_uX z3hv&x!U!{g_Syvzmq2l)cP^&`wo8R9oA5DiK9f&kIj{r^41&#M@TJDsXeDmDJh=GXDGpbi?$)-oZ3>;6EtrI*~AyI!5JqFbY3d+H7w6Uj4{tM!$(-5C&6KlK^-%LX389jgHkx$1@* zlflZ(kdG!!crr4y}+)*71%wC?l+BDX?{rEG??{wOajUM>^_LMtq81nEg4ygWi z4!QVM05iUeg*DamiEK!^Prt(Xp0DpNeY$DjNmU`hKZd+Y+ML3P)2i^*F+&)#8Tm6T z63-&kgJ&`DbY{l)te0Sf-uPK#8JbPeqR{SbYU=1K%hi;@QW`2fxj?VTX|Z<a^A4#V1>;10}be5dh%}n(wo%8gLwS8<)Wr1Aw*AL^Q6o6{Dpsy zv?QhY;-}%(yaYk3)umLvC&vv&t)l8i(u9c1G$-eFv^C{+c9a)g`y@is5bBN`kb_?D zlv;DyaE)W*IkVyihT11h>?Y`wP(=D+bm`TL%^byZ@2Y5Ge`b}JHPI^#&qeJ2O~Tlx zB%oFf1QZwYGB7BW)o*Ju8O+mDwLi3XF!&#g_W_ERq21FUK~r!yCPu5CkBf~Ok>weQlIK)c&R?ZQppnLh8h zfz@fL@f!AihuT+vVjF7d1e;ydTdvf%Gjzf|z38#2$9DZco9odV!_(^TGLBuOWR6+L zKY+I#E=MO5lDmDGSMDZowhh@$y$R#B8l5LFp*fuz=7Pf!Zf11C%nN@kue($i5~aCOPQ5tX+Vst z(3zO-A@#vLvGaasi6(hc8C5xcsgn0{C3>zbsBc;WCykgkX*#kaR0X;VAB(e}_3O6? zaO|pjnDTs!sp>mWRoz_-@;zp|nfamw4mtm!^rh@D8u)fIhX&Ib zrT-&t9Ys*`Gm&BNj+V&ma{G9D6J*uuG^SG{FfyCI) z2>D~!JAwu?@q7x%(YKJYxR@vu=H7R0FCX(UvL`c1=X`w_ zLiXd|%CP;K>TwZ69&k8po{-wPU$H;yz=C z+3ovg$G6KGNLydX-~RJb9M1P`G&#KMX&q`~x<4}0()IrAP|&CqH|PP=O+8?-ku~vU zX94h(Ug7$uu#>l7X7!dJb@5JirYK}O=>T8le+V*IzY>QtlRd)*ESJwVnHAc6{++?a z2TtQDl;V%FDIfC^m)@UHDsO(@OYKJPV}E+E3+aV7oh0AC=J@?&4XzBss&2b`ZTZ>7 z=+8U9gr=9A^!E0C_g>cnAzCV^K%HPqoo-62Gj>sr{DU|YCq%5ccg&~x9`!LSulQ&q zTD!t{!5uk<*itIjrHjiJK7EaGxYzJOY%yZafu#&d#~pu-wdN04hz`LEILiYLJZ(c& zUnH{PRcch-8z-q7#kuTbbIbNBx4M1#Nx$VDLyl|=MOBn1dgh+g(-3>CD*dAps)~79 z71m8{z$Sp=E6x$o)hXhM9wm^Rg(c*meHLC*;J;){t6pTUB)rfswDnBZZ`*G*DF{X>PV1`BA9|i3{jHnp~cAFF>qMBI+HUGkv|cJGsaEzGFaQ z*HNV}Oyo|v1)9ans z-buej*4L$$=J&jRn&u|6>WSGt&=yr0Y)#t|P-(UxxZAy*Myar!LG*?2gR7m^T~SvQ z&3S=(x3!^c8P|WTnik`~BY>*8xs09ftzVI+e_5qQ)ix-Fzy;!g!o~8VVg$AF}ck{A-nBfnw8oe zKs#cSn4}GNM_0%2A7lJ_Z9DQ){KGL1_u8$jbxrxSG$*eqvPcLQThxp`9MVZ3A={r0 zfZ~tzqT0Gc^?|);xG~&rD5BMN(GG0+ePxAR^rANAczq>Akxj+Sr=d=xf^8qlW3=CW z0l%wva=kBrU}LbU;+4lf2BR748mck32=9djOw06!zBPZ6duCiN^25+O6ZE(1aky1= z4IMbJ5tNkucyw#_$kq0X)AFX3d~g5Ia^hLjYwAn7Ac-n7FTZHV83>X7-jDC5i|8aH zI`Exerq4f>uVQfZ7%-8vIXPTV6jErPrQ56h5jP))`?!{RtMXI$IjlxW3dIrlh8g*4 zBMq0q#1EXZW+z7ocZ%0>gGc_BrlhKyemXDFTs2aT7ypPqAXcr2Wp1%NMtr}tEa@|j zOb(^nO8#}){1U&eu(W-XkCsKwLxPhKfI_@zt1HHF%#Y!_d)C1Sgg=oZVN)Y{p;>&W zyS09KGK2A#lArv`fZE`Orpp8lLB7F9(yd-1@Io__f9%e3UK|?Y1^aKI$KcoXdqDyE zbBZLhkxCx7E8M8?0*jlIxiL9)prPc18LcR9h2!}~c+cQv46AtNsrjRb`kehicMdD@ z`u;uq3hE1psu2!W$gEJfd{<86|2S()$0ujhTCie~z=Q;E@AP3Q#wJ?W!GkNk7^5C9 zo&qf(_DH)3zw)3k_Qur@L@s-=*KT@l_tdZQ=K3kWP(>e~WWV8XFJHN>&AFAzQoPZG z-AN)vBxc5)03#|Ml8!9}vrBpJV@?Me6F|ulV{Gi(&*!?pA{z48-&{+ZMrP-ATc?{w z5RHKWwj^`fn4%37??1eonL~^@fTh}(aJm&Ln2m)hp<56dnAn!sHy-7`d#OZx?7G(G z^0uLhj!!OfO(3pb!#*>OlLAm-)J^o06)8J6M#ZK+4%JT~x*1ew#bYAX+@z5Za%z4h zjf!ez_GcsR({c9KTT%;*d=^7HG4{krtvIGuT|i&G6EKF&(4g%QcuCA7vEJPK7xQ|j z>h!c&Ckji%AXWhnqQ*OJd&;{Ehog7_OQ(R11!rzlOmT84*odZkRi49s$bUXe2)73I zFaF@`e$urQELVv&Z0_3NVw9mGQ3X&B7M3P}YRX|9mFK(Sa{TbpPqLi|)6Eu_7Acj` zcFeO}rd%Ruot?8T$|rvR&>F*`>&(~P^&MEUPM4qEP>JQ+h~V+xM3X*5URZ3SCB9Mq zEBj}^esQIYGc%ki=XqeqbK2GtwwHPn9%9Y!wH{RB=?T+y-E`)d8LAMo4c3hv)#G^Y z0@EvrLsp%8xd-qkhhd^$9MF5?4KZqx&gy*fKsgL`uq4^yNhMg{C4;3LgEC}0}?b{6Bz(t*= zj_uc%-UFwzKLxa3TzX+~-Ej+>NjqR2^hTCBwzB+X-mhnsXb8nE{eO@UBu5$Zz8-CF za+zD>v;fF;CsE`9q6q_t#-Atb0nyJ9Ie|C}Ul1p4*jx`BtN_M{glJAAAX_?WQKw>F zHt(D!#@yrlxs2aNePi|RRiP~=)!B!53F=vQ%pLB(OVE6m6|v>m!ZxbO3*R}I7S1+@ zSbd^Q_VrcLla#OwibRkU4NhP+51;tNQEFpWaWgX$ubnTPIRHyyqQAnhS4eN@_0hIW zxfCG0v^Ea&4`v&1KH0D9J;dI=^rE#Ts?B?e+mb#*S-4ueGqCU(?%7ZR?(xz& zY+Ir3U3O_UOK|$av(BjalV_6#lsHtaE`F?2yP%?C2?zjF!PQ@_q9;OOOKsef(XzS$ zh`$T5K#G?a`6)5?QY-q_Dy$$&1v)UusoOU=io`<^6d zfNPgOwjBXKF*ZOavz;hb_If&Tme$ZRoZA?y@qWkS+vLE}K-uhI5 z=@QIFZ;BB&&EmL074GJJ9nB^+vv5|KWwkpR9$$%319inth_paNMb7z3SA;x*>FNT?_xf?*t7%D_fGt)`tP~o~J;Q zmBnV$il`IL62C17eJoQ!@~t}>55A3(00>T)2*G_|2jwSbn$)n1GMkE}$71Mv-tG3m zU1~Q)5hT91{os-)nPWl`|lzeO!O3Lomol!9-@uE>%Nin|1yWfnDQrB`2 z#jipJvl8RXA=%mmel(~kesp3znuRwjg!pulcj~?2!HfogZ8uUNLIQ|umR-*Ci{QZ` zx^A8#Ov;qB9d3e6t!gaU#mmQ2*{(^87ab7J1t~`!{};wj0F6<9XKd)pXqJo{)e|HL zC?=iUX&~??dQlxHzhG8$ddFN=Bf8~?4ne?R1(TNnYMQ%oucrl82VVQF(UWlow!7ev z-<|Ds40!uwyR2ej(&~84jKQE=$~{i`-CL(p#9hDsLtig{{Tx;5#Lu~tTMQ@tgIql4 zmO)`=v7lAq;3x9ToAZx8$<*`1Lq)*}>Llk*rVEkQnuH0rH<2*ul89nFM}_E2P=5q{S<(-ook~45I5_fv}fc<8VxR*S36%{0p&bpFbA^QCGV! z<-THggjXyG-KDXlFSNly@66yT>P_)ERz^$jJF-|-i`X{|gtGL5pG;ReQTIRMmH^AO zo_QIyf-=H03?_hjvA|Q;4`kpe3=mf$?PPB{jpWj{pj4ZpTr)2EifvY@L zQEyGt_%?R~$nEMReJUtq0~2zhLhk0qb|S}ap$YQF6X2d>JtXB!kTq0SNhLh?DS|nC$bT?Ajs_(#m1D_) zO%f=|97J2tAV)|=D!E@&_d1P%Cpq)Lk5i_ETuma%bt9{#Z;%`+TDHPV={gF6P|H9b zre}S&^8kOId7Yv$^fW;%^0ZV+GGBZT^Znh-8{KK4<*_d3u*?rF_iZXFwmPsy;I%J+ z*B%O(!hlbj#1@U;>|ZQ19l?z)*e2)b2-!klD{_o$hOpm7M)aWy{?KZ|jwHwC>uH-IWB>3?^iKKF2B zl`7*VG2EmdldKPc-I*ZR9Ye4?--ToZB7cWM|6tDdX5JaORTENlynOdea{19lS$D*u zVH80;Z1+_Uc_4OjeL+v1n)c37kH$PjM9O;$N!I6+tK!ptT+eTux)1LB>{T)582VQ} zc%NCCj&ilj{Vk+(f=oPIXFqVo=fC6jNmXUoS{Ot}3z@X&jQ4=<2S*NIpKeqA(C(cN zzkaH=$&_ATR62NlwlzWGGN&|xXlAXHOFw_kCmT3LWGl$29GM)fGBp_6xzg~>EdQRS z_G#(H?){>? z{f=iR5K(-(f$DLX3>H@I2|EKZMFQi^OV%%S$fg&w49TCu(ftD zR?Hh8?}sM4^7U>-WNhF7-S~oOgkZBPasbIET!mL`S(ez}>C!rFNkAVChJS2R0NsvR z-3O_Lw{zbWgb-4&zl?*QUHu2;x`w;+t={g$vYHwsz!$jO(sKxi6opE!x$CmrcR}!7 zHpZCM&Z~Mv`%}&+)(dVPd#n*@@l3@CSQ2N^%84!qlU>7VZCNx7c)U&Y$fPY*@jjT} z87Uy0`bb}>me6QAgjd#plZO$f2O7+fHtV(k4GPQ#08qx^5$)p08sTD{G1iOo1e#GY z7wB*C_~CXiW>jVc;>&6)lHJaK0JSQp-F^yF6(G7ZweH`Nm6QRn1sLh&OCc&a_-S1@ z_=!+;cO6=4@$r;xKbLBsd&+T1oc7OZDYq>mIhl+~pxoQi?CPM+!lYJLFU7k?YTo$6^8K0OZY^EbD0J)cE zJU?F}F0eg<7139{@_IoH>nB$=0HeVsMbdr_>kf%!SzvqYr(uF^cY0L1Vc+``Xb60b z6QjSVVZ#4MwgK`Oxl+zYpXoil=1$K}+i!?%@j>+znwy*!6vFnd2M-CQeD?6SL?3J-xC^33 z>gO{8`}?InKsS=rmEZD(8K+yk`f7}lvO({u1tM{fZOwK)(8k*H;pA7jHSO5{BdDo6 zb^U{qA?lf*D9KT{oH)PRw0z>6$%sU$Tk}9rO$le<3TGhbBB@J3tOZC;TK*u- z`zDNGOV;-;N>Oq9m8+yp&`3lb6ZmCFG{6uhAG_)Z)f|P8kh`uHQkF((SiZP-`!+nj zLWP_*TY8+O7D#Vyi_#pT-4rn!))VsI8XES=5aQ1>S0StF?6;Y7xZKM(;dneEQmf%v z@p@93a%VDU1b^x}UO(UCerP)YXLO?DiaG{(uM9J~&)Bi`(zT`-7kl*V@qMDT z>9p5&6DzUdXg-86&T` z-S)(3(KjdlFxV8gr>-c|_oIH;kTkKzR@eNMl#Dv`dRmr0@qI-+7W2Rc1uH4typ^lS zuBi7GOBU=Veoi6@BUabfD?Xcaaw4A+{H#+aGOX)<*g2G~Ab>nntegtrj-vg%Q`IPY zM-ZGrY&}>;%C$Z98(5%z0g|`68irCTT-GftFi~n>edF~R*Zv_WAwT}jNq#HPhlqXB z?k$6YhSb#DmpXfx)tO6H+U)JSGYN%#$QK-B;7q%(3Lz$=mZx`Q=7V1p(fR?}K0!l? zZkpSQRGuoJ%_8heVb{`UC{`hR6S(?RR0Iknec+I98-(B8@}(-!+a|;; zowfxlxk-0ZEG|do%BS*g3QDOxxm}E%t`jd2kcX(X8&#L?Aa&zSN1(sK_SZANP9r<4 zm4`W9g^SuzbwJ~#!h8n^_DkQAyq`$*Lo)x?S_@dOb0X<; z^@2O*g(WjL+q?RFj+F6ER~CtB35u7RD+ z0u3+uHocp8jKB++H`K4B>`&YcXpx-`y^zDf&=C7A&|oferT5#cWu>yJGJ_z^W7(QV z`uq;Y8*g4|?cJpI04W1(%jUIRqsK=@kziY{c&N>nExOycloy+jHn=)H*d?Kpb zHh(X|AknB|Nuz=MSNKZ6Eh-cLFe3M5X_rC-DuVoTLQ4E|#8V}^9S4-8_P9~Q9 zBhI{g;o9k=u9&Xr)NFLec=_cwJZ(Mddql*VRcL=R4)KxyfBr{;@2ajQ(^@LmEhvte zP2~-63BL0!_ry|`_%UCm))~?;e32}Xk3bw__KUmpC*@?Cb#z-zRL@?bDNp0aO|kEI zY5p*U>uY>U;pr4Et&J-$K3&ti7FBl}5nM!||IM0yfBAtrqL}EFh9tNq(J<-Kxu-$6 zsnf}DI=(MH?2N;uD@-DsF9TR39{c_wH-GUej5gFH*XGcwn3t1Cp0Mkj|M31WWa|%7 z{_+jj)e*3a z?%1Bfi6rB@W+DQ06FoNJI{uF5yJG+SLw}R&j}nPk9y@Wnn|GMRwQXN^_vk&)Kvde? z9M{vor!5>~{Xy`IYK=v5V@UwO9*bPx%$ZYuJ)8BP7OoFknZ8_fd4BCPgUPEBwVswZ#2;|ZsztRK&mk*!{IlQXCPe`8;y&@lbg zhhq~Y#r6|E-@Z3wzW4SyT)h4>Rn+EP)_*$=5#%`7DU+&S&@Yxt@YxtYlPb^}%#*pQ zxaDaP`RCsp$OAdhsL3Jnnb0m!Q`pSk6HOLVBUOnrLg( zK>J*)8CE0rHpPEhYW`(-VkFz{AXZdN_DE)z|BQj3HPOxeo4u1c0sfFF<_?#jrxmc| zof00b@2%jHWLU#O~kl&;NY6cNOeUU0q$1 zJ@=%aqwbR@@fjUx7QT1Q|MRVXxnhg}czdyvFKLue8udtjKvo4KLItPa_&1SV1X%NL1!RyMnDxa~LBksqP7{#k z0)Ql-`3x|s)6bA42~p3F|BbW~NCKWFrMy}c!&5+2w!N-6C@_CK-%Js4wAn4gw@}o7 zDbs`_g(4UYT5&TIlcDrtUzuJRR9#y8{;HPybx*z~31G`1vut#mH)wylw6e1Dk27yA z|DMi+doj9DAIf~nY-M0RhW`9`pdeqx*$L<6vDVCqOBWqj1@1{ZEve8OBJcB;UWr9_ zV2wNjJOU{PTwt;B7w@4o~Y zyYpR@<-Vu&G;T2HeYoRt@z<%#>y$_I`y`#06W>02_KcH5)876Za_ zT_>)7zqbGAQRn!=_|uT5{8CyR%zw|glG$Jw%siB^z_L;aKppHv%#w~ZDNOW zNka>Agx!g72C5_^~uH2E6K=MyJMuf#`%CW!dP@2F?9@`HinyGn^mqDRG@0Y2lNT zlWU-!ZYyBJ{TI8=%25x{0MwlB3z7d+?n%X}xE*UMH0Dn`;X*wkG@&?hoR`;2^5{{> zgPBV6##hK8XHm*Qk)2pjCL|Q&{Yxb|{`Jsxhxu&4BKyJ(4B8jtO#ZR2k3DNbCPL1} zLG{46g!0tQzn4ZfXl?3Z5LZNDD+5XVM@B|)^>H%jzAs*f94p~we(A4Is~;nsOA-Lh zDGCY-nXVh_!ZxGoh3oUb?E02$<1=3$|60YBke4k^m6wgM*(km7-FqO_`J6nw{v+v8 zES9F_7fW2$Zhd*OS6Nfj!Egb0yTw3^)o8;Z$3v~Xy7!nmutU_-gT(S{|TV7sn%{ABi-rQU+5%AV`A$Q!bVcMIMCyfms-4=1y zx2m)H?VjV;pMAR6X)VZqv((LM0MQIq0|q~Ey4p;CfRFz&oM5XW$!8KbgVsfH`&09y zZ8R%;n#u!MTzG6oMGpL=ZBo|07I7!-1X5S-alGCtg`Z(K09z5ay>DKr#_Nas3ig$9 zLPK918) z33+*o)wS5A@mQ(97E$U&Ym6c(^oygXQ&LlXbP8gz+21gGdk6VlOY|y?Vv@Kh2u|k_BTkNJMGH6>UTnbsgtN zy~a8gzVxhCS$<;z)A%kw3yg#Ka?A zbHet2v{C)rAP{*!6aM|@u(JM4UTZ50SZ63dv=thEl9IB%7j@Uex@9l~^8570X8trB zcMX;of1qcY1a5tQrObc3;;B^&?)_w@PJpFrxbIye$Pdr;9CfHVN9UH^#cVCQ3_KtPQuII-1CiubQn0%b9 zL4O9cBRm%2f6!lnuqOCd9dmifrGEH@{*4;IaMKN5ofHON>g`xZE;iCs>WL$ZGtbwm z)cCw?ZXYcbeBLEWKKAw0?bD~Do@k}Npv_A5^Czb{mRP_N8XSBfM$&n+&;9Ro0)>-xag334$zW6u9fZSlIhXrUpIy z{dH@;wQ1qxu;WzKom8-ZuIFPUNsu57u=|Ke+!wEQb*pcQd9$A~`R{yv{wh7)|J}QH zr|mkiEh|pycO?F;RBpLIy-}!`14yjp)vpTb8Br0gtCbC{nJbr`tIbOcl;S(WFr9lr zLC}5nyk171Uc%NjWmoa^kg~4si*X0->(_6$;5s$rg11sx|8_C4Rj7eoEF5Ai6FntT zyID2@%r_1b6l8oAO+MZod8ZVcnJLM@IE*v3t@Z=+gjmM-ckfQ^Mt;Y!mAwBO1<{|2 zkO6U{EC*`Um&RY_Eo8PdcKQ4G$WLosum#d`p2WO-sS-Hqu-cY-_f~E8H-7z3k6xvu zcmoYMd3ou?c{5hd7W^F#08ak06uTopOH=c(eKdrDl8e3Wc6Zw%?ACJ@;!`Hvo@C72 z(eLKXKPJuQN~+oSC6gW97Bz+b>4CfT_4)B{x#m5be0)+g;_pY$>*>X{eLMWoby|3^)LT`mKcN!&CL7_u>NJ^T?M#_2}l0CG6t)YaY>o?njW)6_w>TKSCC>-zP`(@rm^NINb7u@kK?zKw(neet-u2JeN20Q$O^y)rxI6r^L_Secyl~^F|Cfr zJAXN7DtaZxCx_8Br@%<-=7+>QCAk|t^#`P!j7_+;a(?X6@0fdAGUvjSF0nVJXui)_ z%yr;}%#>cq5>5{%>DVbF>%Y<7DN%UwF$eSwldhLYEjjrz3ikVc%2z1p<11b>Uas3% zqB8Rf50YIQ?kOq}Snp$H8F{9@Ph3*9hq`28NskHv6J!C53N5$ZYSa7oMxp<)wC6)? zr9XCKY=R{KVia9aZi%kzb7BUI_1mVtSelo+E2Uowc3q%UD^m@v@fBpW{UTI6W4HVv zK=dt-owl+r!`SvOthqrCI`YPB)fLN`#WN<}dPGB|}N&K~n$MGv@qALx+GHREZ?|Se_bsTbkFpxbb8u~ z^Kx;~h>!0|wEX*pCZI$PioX!FzLGt5ZdJKpUv662(xc}=X!`2N^|h;lAlBR&#_O|-!#XWauRdkj3ar<;T9{Txi4V8rFOF}o!#2>4h&4s`qLcHY z{$7X+X(}pv(JRaWb$jS@_2RN*Dx=$&MGgv)3%hn^TGkzc%*0BG`(v`(p`~5&bYJ{@ z3|(Kn^4}2YqvU}S0b>3YLszPx(FHcKTyS&Ww4NEY2rH z4=YdRsc0+ybsiC*HY;Jf)t-{M^Utq8mj!<<;BY4zx4Jl*LyujqDQL*BSV`a!)>d;p zRcyIonQ4Qo6?Rm^%@5>`X|DE-jP$KY*=NG=H6?~z*=-2Yj%h^ct@R0J8h6j?%^0(u zSclg7hTsug!GcuJ@v0+sPASEQiXE_J{CB^pNH72~ax_C-%%H)#W_FT#pt>|rg#4N^Ld!d{r{A9?eS2i?cXZdXsLLS!)UWba!3v{Xi%>xZM;R! zVX0Ud8i~P-Nq#CZGkHsjiLBLZTVm2Mg+a?q8gPr<1L*!&flemvE>`+wE7=s67}mxz}vG0ePKU z5jVx+shB$31Dd#3CUKu@2YAF<(fYykol5qhWv-#HHr?6;3swSNam(F7bosn+WQxN2 zWx?2gu>Yi{#e|b^sGKTfH#w$p*cW%bbJ!I(Wn2_cchBf&KB8UV4y-C=9ahyKgZ1ar zU%oUa!jP(^kz+UUbYWiGr9R9ZH`lqKBH(2Jd5~tt5IYqT#hk^q!io0Q7PtvhUei;x z))j>?b_93eZKCFBrvtOewY|x)Fb__y(k9UWp<4y!gkA=Gc}sO;mgkPQPnOY(-%ag` zrfD2^dq$e*5n?F<)e$1A@0$TMi)QTKMMoQjv=tgxL7?1k3qlKp6|tU52vG!aMTLD0 z%gAa``c2E6vjYid7tb+IgrCqN{4{R}JQs+4KaBm*&I9tKFQ<-T$fH=YdS|4@4dKF= zJp_6Zj!`~QOF=)vko!aF;irDgFxk85J5^8t{RfZ8y2^SmxQ=s%JBpG+CX)#uusoON z#$n196p(&rY}obsS-N@2dl`U%1Em_|H1XbALkbqepdJsSn-IgOvH-`s|->Z%H`TEez|L!AbL57qC&Y3to&4$B+%73Y#`?UfZ0xdC$($ zrlVu!{pk*q6B#cm&R0yZPTw{=k?XJK48OeJ!LkX*lSw@F>RQ3B&BsEvcM3|{7?!=! zG59u*Ju=nRvoqK@?5`vP^!U`uBnIE#n-%?clcLI5DJuYLsMKws?u{03YcON!LtM+= z*xe50%c+e~VfanGqT+x2nQce&nNG;r%JYlpOKe3%+=_kJS=5`7*p^S9PI{anQW#i^ z@#U_g986bhYsrp-4Fln+p~`E;USG3_h-a1h39OkINx);3iNY)dQ*@s&65B!#+u{S(b_&s+3;L% zSjzCou2puL2Rqq8)$iWUxkl#ZJC>K1n?Bsm z7?btjBTQkXUu}NP1&k@FVo+oK2+hpQ+{?^N=J9y*pC%aU=~mt;J&gDU<>#X9&4|Lv zk(oRdb5CL~e)^J;g@vk?mR3`1t8(6{y{}43i`bwAD_tQ`EcTd6yuM_~78qs1OqDSD z%taUd@pU2w8apnSYou_Xo;S)4HX>N;rzz8XA?-I8S18Gt!kw;8tuKapdU}8|np#@Y zx(&p(hph+|$xayGPe)a7XNCbRTd|(_F{om=7QUicRZcTt=T6? z7tTXLwr+P~7DG)*UkuZ1`)^NuNZ!qmJgfq4XD3%vU2Qu(H)rqUVSp(J za`mUgwv9s8s!U8nP)HvipN7{gLm?M?P^cN0`!9z>v@E30?;lr{0^b-+qy2W8!=+vy zzv-KOP!)n8H0W9kkBt%hsVd#w-8o|z_^)4SAlHiHDl6Dc%#MADl*0QG?wqusV1*k>Er|PK{5Vzt8mLp}hFHev{&Iqp!H?@cUYYu>3aTenuZyTf2t5i~XH zBnfsdx=&6Pv~siFenean9tDB6dU!Z!HoE9hKn~RSbaWl)=Z;7;w+|bOyor{nrkidW zJ$%5SuCbBzDeOdzJbu#gX{(yYJi=G!vLd-2Nc7v)?pB}s@VrF1dhuU4_SUA!c+|I}2w=-W*GOsvI}VmS4jN~ASh7{`vY&y^ z!hp2V<#R^iFP{w?DCOQVw2Qcm3P@tCqOoipc93np4`C+Q)XYrPC?;el41wGpMVz+x z_4QRkz*JP;NV0g2`Yhf!z)umQH1Vf~<4K!G9ry?W-4sjCAUV&AP}I^AwywUu1~`JU zD1m30U_63cipbR8l|4axrYF(*z%B6j zTG#z2tNpfYQ7pP8V6)jLHn8gNLW2_=?*{yIU(0&LDLWd>r<+fMv*mx&-+ZO)#fv-L zwY9Y#`@-{1B_$g_F}gGsh;Y@%00>lb=7IpQkT)0JIQIsYJ_s?^_Xvbai$0N1^m(cfy6sxvq_b`b`7pZ%@va z3}kM!GT_(A_uOzj(&kJWEn!Sv(b`$KPqO~uMPn24Rp#S%I)$QLT00P~WD|NVAKiJs|^*8l!w8Uu>lh1%jNAMWGir(Y)T+aV`4T{vre$`u~!H;Xf!B3JEcvMW5V%6 zjJtK`{+;lBA#H}fL)S68zI2Bp!ziQ+JMO2`zFT}RJ?irCTop8UIP(xUAH{^r?hgA- zT~>2q`W{mFzOjdt&A>h0y|p5G&V6ZCS=;MC`Y{V%zYCc8^HtpZoc?_LICh7n_=9!v z-AX~xpllSc_D8kXhPT<%54wBG1aid61>OZgojktj-{0Xs2^OJ-ra$!W*Zv@F-^Y{) z?^qxZn5snihDAS$`0|&H_x0e18Z>w#I=pV5Bpj;JzJ_Qh#FrUV{%P|{1vCw3^jj6Yc#dvmf{i^8q?pgk9{+Avyk z0Q>slvxjZ?7(*9Ad$A;bG0fWe-G>_z5>mI0*&cF9K5m>G``d>lh4Hi&wN-84_BQLW2N?F3lLq zYLwJhd44PYRRW9FonQl@f?7NW{1t z;C%Vu6BeO)#V^Hwr!T(d#baPZnXr^|;!kaVkycP1c+fuDe;Gr?Ki0z&z`1lz`{{{~ z>c2?TW*>Nv*B7!X@f|mKITZM+M%N?h01xpr_4U6z_ww-#aa%tpDp~1DfWKo$9BrQ+ H_PhEYhxN@$ diff --git a/Packs/CommonPlaybooks/pack_metadata.json b/Packs/CommonPlaybooks/pack_metadata.json index af49bb21e5f4..5877eb5b06d2 100644 --- a/Packs/CommonPlaybooks/pack_metadata.json +++ b/Packs/CommonPlaybooks/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Playbooks", "description": "Frequently used playbooks pack.", "support": "xsoar", - "currentVersion": "2.0.2", + "currentVersion": "2.0.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 0282ca81b2bc960e920a68e0087fd5df8bd12c50 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Sun, 29 Aug 2021 14:56:30 +0300 Subject: [PATCH 063/173] LogsignSiem Pack PR (#14565) * LogsignSiem Pack PR (#13875) * created logsignsiem pack * added logsignsiem classifiers mapper files and deleted dockerfile * fixed [PA126] validation warning * fixed some description in yaml file * deleted override http_request method and updated unittests * fixed last_fetch parameter and updated tests * removed unused variable * fixed logsignsiem api description * fixed logsignsiem api description * added query parameter and help section and fixed get-columns-query on api * fixed unittest func name * fixed Flake8 error * Update Packs/LogsignSiem/README.md * deleted logsign-get-incident method, added default param to query * rm integration setup from detailed desc * set default classifier and mapper Co-authored-by: Itay Keren * add author_image Co-authored-by: Kerem Co-authored-by: Itay Keren Co-authored-by: ikeren --- Packs/LogsignSiem/.pack-ignore | 0 Packs/LogsignSiem/.secrets-ignore | 0 Packs/LogsignSiem/Author_image.png | Bin 0 -> 3893 bytes .../classifier-LogsignSIEM_Classifier.json | 27 ++ .../classifier-LogsignSIEM_Mapper.json | 196 ++++++++++ .../Integrations/LogsignSiem/LogsignSiem.py | 341 ++++++++++++++++ .../Integrations/LogsignSiem/LogsignSiem.yml | 147 +++++++ .../LogsignSiem/LogsignSiem_description.md | 3 + .../LogsignSiem/LogsignSiem_image.png | Bin 0 -> 3218 bytes .../LogsignSiem/LogsignSiem_test.py | 164 ++++++++ .../Integrations/LogsignSiem/Pipfile | 18 + .../Integrations/LogsignSiem/Pipfile.lock | 369 ++++++++++++++++++ .../Integrations/LogsignSiem/README.md | 307 +++++++++++++++ .../Integrations/LogsignSiem/command_examples | 2 + .../doc_imgs/logsign-fetch-inc-HR.jpg | Bin 0 -> 49826 bytes .../LogsignSiem/test_data/sample_data.py | 244 ++++++++++++ Packs/LogsignSiem/README.md | 49 +++ Packs/LogsignSiem/pack_metadata.json | 27 ++ 18 files changed, 1894 insertions(+) create mode 100644 Packs/LogsignSiem/.pack-ignore create mode 100644 Packs/LogsignSiem/.secrets-ignore create mode 100644 Packs/LogsignSiem/Author_image.png create mode 100644 Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Classifier.json create mode 100644 Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Mapper.json create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.py create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.yml create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_description.md create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_image.png create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_test.py create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/Pipfile create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/Pipfile.lock create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/README.md create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/command_examples create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/doc_imgs/logsign-fetch-inc-HR.jpg create mode 100644 Packs/LogsignSiem/Integrations/LogsignSiem/test_data/sample_data.py create mode 100644 Packs/LogsignSiem/README.md create mode 100644 Packs/LogsignSiem/pack_metadata.json diff --git a/Packs/LogsignSiem/.pack-ignore b/Packs/LogsignSiem/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/LogsignSiem/.secrets-ignore b/Packs/LogsignSiem/.secrets-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/LogsignSiem/Author_image.png b/Packs/LogsignSiem/Author_image.png new file mode 100644 index 0000000000000000000000000000000000000000..de2b5fe9010f3d5613c1b34bf9a80eb2d2f1d1e7 GIT binary patch literal 3893 zcmaJ^XH-+$x(yP)l3I8|8`e^7K>!LLpF9Fhm`!s;&%yz}2+j>gvFM9uUJF z(c1@ZYi#zjFEwL?Zux zC>HxKI+$dO{%^ehr*N=+7y%8oMF-=_L@!3?d?bIlBEXG^XcP%gw8!HEf0xnP4^P4e z`{4;dC{#rQD2GIOVQ{}J@_$p1NH_u)OhVzj&h_SY+ zs)><-shX;`ktxhb+tkR&*ckSkYmE0IW6?O$Z?5-$xdwma{u&1?f#KO0O~izty-kUD zEb#BF;g~L0T@;Rmj-xJ$sU?L#E}l*5 z)eKn|56mvG2v)s?RPqysR@!|Y+isoGs{FSADvlKo zAXrl`$9&~_kgE6N5rk#Xw0r2)eI+$wM1DVBwPtR`AkR_ubyi=op!rXqM?~(TC=sV) z$J?1E({3$%TdOV$bUAGI+0dS4hNr{A&)LduUCCZU0pvloUKF%=KW2TYxu9RLY`f3w zYq`Dg{fmhM`>{n6upW=st5Utmq>{;kg{m!fY@YN)XTTz6{o~>BhoF)zfqC-{#9rE5 zYMcI(SQ7igP0r#K4VwE&RN7vjE$zZg=i4tf3&k$G`{^V;Vu&nc^d}H0vwvdIk9MLs zm`9L;tnd|B)bWlI_5&=dq_ywfQz%H_`uL!!CYPkT=yGEC`9fb@f{XbcGeS0XTUNP7 zVY+=;WY_ftnloC&ML}kFXl2T zyks#9QG6iv0nj*&W?!`0{1PFc<-@_53&L83XKhN*CR3BU%J-qsPb&pMrCY~-G=_<; z;AOB6-aU3aDiz~UU^UTk=ST;a{H=HpG3=tNBOWQBF9u4IP|nw&9AzSlh~>!@eQpqf zuooxy((poydm3BaEV#l+e$g-DGO7GQC7D2sTixUbHtI>k1c9y2hW%5I|G?moh#~~e_k%xga$yjmDE$wHk@E@A0cf>S8%+C z&6oVt%WXCt&D1Em62COPcxXRAo0FZ;rQeCpJ$)@kn4>_UtA`iGHc?AWxl>+?=}Z77 zT*W-*0>r$rn09R8&OB0YyI)l|5&Zo5gnm%fsh&>7`k5tGT;`>)g`_6Z5^K=}0@CQtt1gi6d`@PbRKw9z9G@EFa{CozDg4 z@L&6q*GR3n+gn{@BHlJ>ck5i*vyB5oLFT(JEuEsnjwn0K@3I^coSV9scH5*D!c;ew)@dgGTt>eO$8XZz96wf8bk{D^ZKl(UaM=Rh)9Fj_|0yc^YSSSAo~9ND zIAbX8lCW8s<8OZcESmKQMLO)O+W3*--jg~vTIQ0}+417YqB3|#K zC9#gcMS!ClQ`0n!n}G0_u|_{`Y&!R?vapH=zJA+sjj~}67L{^;a^{BGh0d8yi@vLB zN2gMrUk$y<8Y<1b4dQ;;eIP>D5O+~ky`=*i7dIy}ePb^FafmgfNV=J7D|;O=HGi|7 zWZi3Do=naT5WaLUxms{=r$@4fm#K$4O%Mw3Wi?G`oje>{WxN;DstZ@QO3>e$7bc zm$D+4@l3sQ2voFSu+W=?OcstM0kOSPZUcHFL3z(;2S~APbaq@vMmntgb46_EXr8tq zRKbH?E`66?tf=F3`Ku3n87-2iH9HU=blaT*q4a59J2ZOfF zHH4>}h#ET|7P{L~a%vv)Qe_^8y`Wo1wQ0?B9A5gkl%N4~@~jVs8uZax#cK^z&IHwj zoaw%1Hr-O`c644Ue)bG2`F^Jx-)WT$9hQ)%EwzEpQ8`M$lLsFm8Ro>Dc#_IG5L$%X|ykrwu#H8jDtOWL17spX<8`u|To7E+F zR;8n_`$3T@V^#4p-`;s<21*X5dM(yMqQqd?)RO^WyTopPll4y=R(9ijbeYoBfv6Jx zDN|a06{jU{tsd7#z_StUtRfiO#+O4?viC0Oe&LuJUmzi4P1`bha=*z?^ZXabB}5Qx z5XqMNpWE)-j@GAIHpz_5eBGZXJe$Y9RC9j#vq_-5Kf}tlDnZ@vX-=_100#joOYqTB z?-2ihxnH?fU?PILgKX}H57v?g#^%rlP zBQrTh*Um+x^M{R`!=`3U5^Z&F80G(@pWH(!X8_!-uGRT)&CVFyJ+8o2Yvayy?yYCm zLXUSZ_1<~j;KX(wN*-&W();4T(EzLQcS)!9uDzFTs~3`Zp|GJbRsj&Nn>x6-mcMG# zxZx8ZGg--hT|cXl+Z%GV5;DC`riR3m*W1%}OuBd~VLEXR+#c)UdP61ay!kk?_s(NZX`sk-aSC5nF(TXrB3hS^~jdGsMkH%W+kqt z=O6oxgn4<^XDD&K*=*?Yo`1T_!RyHV@_Y8zhYzm0bddWrX*uu_u>;a9%BNev;}H=i z)fUWGKE&qpqQEvQuj@yAilTI?np1|BMMG1LJ3-_bVw{)B z4V_h$dW&d^zAw(BNklcG;W#~c$0S*hqa>MsQJ-G#t#JRR_%?3+IBy;<`n$WllUr4K z(4{9G6Q$@%`SEYQ#XI#vQKtd{fpJV#5=S~>)o=W8k7fdJ3L9|oo*lsc`jJJLSQ$Sw H^oaQ%1U%}0 literal 0 HcmV?d00001 diff --git a/Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Classifier.json b/Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Classifier.json new file mode 100644 index 000000000000..7f77f8011c5d --- /dev/null +++ b/Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Classifier.json @@ -0,0 +1,27 @@ +{ + "description": "", + "feed": false, + "id": "LogsignSIEM Classifier", + "keyTypeMap": { + "Discovery": "Reconnaissance", + "File": "Access", + "Identity": "Authentication", + "Mail": "Phishing", + "Malware": "Malware", + "Privilege Escalation": "Lateral Movement", + "Reconnaissance": "Reconnaissance", + "Threat Intelligence": "Reconnaissance", + "Traffic": "Network" + }, + "name": "LogsignSIEM_Classifier", + "propagationLabels": [ + "all" + ], + "transformer": { + "complex": null, + "simple": "Alert.Category" + }, + "type": "classification", + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Mapper.json b/Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Mapper.json new file mode 100644 index 000000000000..02188f4bfa24 --- /dev/null +++ b/Packs/LogsignSiem/Classifiers/classifier-LogsignSIEM_Mapper.json @@ -0,0 +1,196 @@ +{ + "description": "", + "feed": false, + "id": "LogsignSIEM Mapper", + "mapping": { + "dbot_classification_incident_type_all": { + "dontMapEventToLabels": true, + "internalMapping": { + "Agent ID": { + "complex": { + "accessor": "TriggerEventID", + "filters": [], + "root": "Alert", + "transformers": [] + }, + "simple": "" + }, + "Alert ID": { + "complex": { + "accessor": "AlertUID", + "filters": [], + "root": "Alert", + "transformers": [] + }, + "simple": "" + }, + "Alert Name": { + "complex": { + "accessor": "Info", + "filters": [], + "root": "Alert", + "transformers": [] + }, + "simple": "" + }, + "Destination Hostname": { + "complex": { + "accessor": "HostName", + "filters": [], + "root": "Destination", + "transformers": [] + }, + "simple": "" + }, + "Destination IP": { + "complex": { + "accessor": "IP", + "filters": [], + "root": "Destination", + "transformers": [] + }, + "simple": "" + }, + "Destination Port": { + "complex": { + "accessor": "Port", + "filters": [], + "root": "Destination", + "transformers": [] + }, + "simple": "" + }, + "Event ID": { + "complex": null, + "simple": "Event.VendorID" + }, + "Event Type": { + "complex": null, + "simple": "Event.Type" + }, + "File Hash": { + "complex": { + "accessor": "Hash", + "filters": [], + "root": "Object", + "transformers": [] + }, + "simple": "" + }, + "File Name": { + "complex": null, + "simple": "Object.ObjectValueName" + }, + "File Path": { + "complex": null, + "simple": "Object.Name" + }, + "Log Source": { + "complex": null, + "simple": "EventSource.HostName" + }, + "MAC Address": { + "complex": { + "accessor": "MAC", + "filters": [], + "root": "Source", + "transformers": [] + }, + "simple": "" + }, + "MD5": { + "complex": { + "accessor": "MD5", + "filters": [], + "root": "Object", + "transformers": [] + }, + "simple": "" + }, + "OS": { + "complex": null, + "simple": "EventSource.Product" + }, + "OS Version": { + "complex": null, + "simple": "EventSource.Version" + }, + "SHA1": { + "complex": { + "accessor": "SHA1", + "filters": [], + "root": "Object", + "transformers": [] + }, + "simple": "" + }, + "SHA256": { + "complex": { + "accessor": "SHA256", + "filters": [], + "root": "Object", + "transformers": [] + }, + "simple": "" + }, + "Source Hostname": { + "complex": null, + "simple": "Source.HostName" + }, + "Source IP": { + "complex": { + "accessor": "IP", + "filters": [], + "root": "Source", + "transformers": [] + }, + "simple": "" + }, + "Source Network": { + "complex": { + "accessor": "Location", + "filters": [], + "root": "Source", + "transformers": [] + }, + "simple": "" + }, + "Source Port": { + "complex": { + "accessor": "Port", + "filters": [], + "root": "Source", + "transformers": [] + }, + "simple": "" + }, + "Source Username": { + "complex": { + "accessor": "UserName", + "filters": [], + "root": "Source", + "transformers": [] + }, + "simple": "" + }, + "name": { + "complex": null, + "simple": "Alert.Info" + }, + "severity": { + "complex": { + "accessor": "Name", + "filters": [], + "root": "Severity", + "transformers": [] + }, + "simple": "" + } + } + } + }, + "name": "LogsignSIEM Mapper", + "type": "mapping-incoming", + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.py b/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.py new file mode 100644 index 000000000000..1d6b0067f6c2 --- /dev/null +++ b/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.py @@ -0,0 +1,341 @@ +from typing import Dict, List, Tuple + +import requests + +from CommonServerPython import * +from CommonServerUserPython import * +import demistomock as demisto +from datetime import datetime, timedelta +# Disable insecure warnings +requests.packages.urllib3.disable_warnings() # pylint: disable=no-member + + +''' CONSTANTS ''' + +DATE_FORMAT: str = '%Y-%m-%dT%H:%M:%SZ' # ISO8601 format with UTC, default in XSOAR +DATE_FORMAT_WITH_MICROSECOND = '%Y-%m-%dT%H:%M:%S.%fZ' +LOGSIGN_INC_DATE_FORMAT = '%Y-%m-%d %H:%M:%S' +DEFAULT_FETCH_LIMIT = 50 +DEFAULT_FIRST_FETCH = '1 hour' +CONTENT_TYPE_JSON = 'application/json' +API_VERSION = 'v1.0' +INTEGRATION_VERSION = 'v1.0' + +URL_SUFFIX: Dict[str, str] = { + 'FETCH_INCIDENTS': 'get_incidents', + 'GET_COLUMN': 'get_columns', + 'GET_COUNT': 'get_count', + 'TEST_API': 'test_api' +} + + +class Client(BaseClient): + def __init__(self, url: str, api_key: str, verify: bool, proxy: bool): + """ + :type url: ``str`` + :param url: Base url of API Endpoint + + :type api_key: ``str`` + :param api_key: API Key + + :type verify: ``bool`` + :param verify: Whether the request should verify the SSL certificate. + + :type proxy: ``bool`` + :param proxy: Whether to run the integration using the system proxy. + """ + self._api_key = api_key + self._proxies = proxy + super().__init__(base_url=url, verify=verify, proxy=self._proxies) + + def get_incidents(self, method: str, last_run: Any, query: str) -> Any: + """ + Get-Incidents Service + + :type method: ``str`` + :param method: The HTTP method, for example: GET, POST, and so on. + + :type last_run: ``str`` + :param last_run: The greatest incident created_time we fetched from last fetch + + :type query: ``str`` + :param query: Query + + :return: Depends on the resp_type parameter + :rtype: ``dict`` or ``str`` or ``requests.Response`` + """ + try: + last_run = datetime.strftime(last_run, DATE_FORMAT) + except Exception: + raise ValueError('last_run type is not datetime format') + return self._http_request( + method=method, + url_suffix=URL_SUFFIX['FETCH_INCIDENTS'], + params={ + 'api_key': self._api_key, + 'last_run': last_run, + 'query': query if query is not None else '' + } + ) + + def get_query(self, method: str, query: str, url_suffix: str, grouped_column: str, + criteria: str, time_frame: str): + """ + Get-Query Service + + :type method: ``str`` + :param method: The HTTP method, for example: GET, POST, and so on. + + :type query: ``str`` + :param query: Elastic search query for LogsignSiem Search Engine. + + :type url_suffix: ``str`` + :param url_suffix: The API endpoint. + + :type grouped_column: ``str`` + :param grouped_column: GroupedColumn (e.g. Source.IP) + + :type criteria: ``str`` + :param criteria: Criteria [value or unique] + + :type time_frame: ``str`` + :param time_frame: TimeFrame [min, hour, day] (e.g 1 day) + + :return: Depends on the resp_type parameter + :rtype: ``dict`` or ``str`` or ``requests.Response`` + """ + return self._http_request( + method=method, + url_suffix=url_suffix, + params={ + 'api_key': self._api_key, + 'query': query, + 'grouped_column': grouped_column, + 'criteria': criteria, + 'time_frame': time_frame + } + ) + + def test_api(self, method: str, url_suffix: str) -> Any: + """ + Test API Service + + :type method: ``str`` + :param method: The HTTP method, for example: GET, POST, and so on. + + :type url_suffix: ``str`` + :param url_suffix: The API endpoint. + + :return: Depends on the resp_type parameter + :rtype: ``dict`` or ``str`` or ``requests.Response`` + """ + return self._http_request(method=method, url_suffix=url_suffix, params={'api_key': self._api_key}) + + +def get_datetime_now(first_fetch_time): + """ + Get Datetime Now ISO8601 format with UTC + + """ + now = datetime.now() - timedelta(hours=int(first_fetch_time.split()[0])) + return now.strftime(DATE_FORMAT) + + +def api_check_command(client: Client) -> str: + """Tests API connectivity and authentication' + + Returning 'ok' indicates that the integration works like it is supposed to. + Connection to the service is successful. + Raises exceptions if something goes wrong. + + :type client: ``Client`` + :param Client: client to use + + :return: 'ok' if test passed, anything else will fail the test. + :rtype: ``str`` + """ + try: + client.test_api('GET', URL_SUFFIX['TEST_API']) + except Exception: + raise ValueError('Authorization Error: Make sure Logsign Discovery API Key is correctly set') + return 'ok' + + +def check_arg(key: str, args: Dict[str, Any]) -> Any: + """ + Check Arg Service + + :type key: ``str`` + :param key: Check arg in dict + + :type args: ``dict`` + :param args: Args dict (e.g {key: value}) + + :return: Depends on the key parameter + :rtype: ``dict`` or ``str`` or ``list`` + """ + tmp = args.get(key, None) + if not tmp: + raise ValueError(f"{key} not specified!") + return tmp + + +def get_generic_data(data: Dict[str, Any], key: str, output_prefix: str) -> CommandResults: + """ + Get Generic Data Service + + :type data: ``dict`` + :param data: incidents json data + + :type key: ``str`` + :param key: query service type (e.g column, count) + + :type output_prefix: ``str`` + :param output_prefix: output_prefix for HumanCommandResult (e.g Logsign.Incident, Logsign.Count) + + :rtype: ``CommandResults` + :return CommandResults: use to return results to warroom + """ + result = {key: check_arg(key, data)} + return CommandResults( + outputs_prefix=output_prefix, + outputs=result, + raw_response=json.dumps(data) + ) + + +def fetch_incidents(client: Client, first_fetch: str, max_fetch: int, query: str) -> Tuple[Dict[str, str], List[dict]]: + """ + This function is called for fetching incidents. + + :type client: ``Client`` + :param Client: Client object + + :type first_fetch: ``str`` + :param first_fetch: Example: "1 hour" + + :type max_fetch: ``int`` + :param max_fetch: Maximum number of incidents per fetch (Recommended less than 200) + + :type query: ``str`` + :param query: Example: Alert.AlertUID:1 Action.Object:1 ... + + :rtype: ``Tuple[Dict[str, int], List[dict]]`` + :return next_run: This will be last_run in the next fetch-incidents + :return incidents: Incidents that will be created in Cortex XSOAR + """ + last_run = demisto.getLastRun() + last_fetch = last_run.get('last_fetch', None) + + if last_fetch is None: + last_fetch = datetime.utcnow() - timedelta(hours=int(first_fetch.split()[0])) + else: + last_fetch = datetime.strptime(last_fetch, DATE_FORMAT) + + latest_created_time = last_fetch + + data = client.get_incidents(method='GET', last_run=last_fetch, query=query) + + incidents: List[Dict[str, Any]] = [] + for incident in data['incidents']: + # convert the date to ISO8601 + created_at_str = f"{datetime.strptime(incident['Time']['Generated'], LOGSIGN_INC_DATE_FORMAT).isoformat()}Z" + created_at_dt = datetime.strptime(created_at_str, DATE_FORMAT) + + if created_at_dt > latest_created_time: + inc = { + 'name': f"Logsign-{created_at_str}", + 'occured': created_at_str, + 'rawJSON': json.dumps(incident) + } + + incidents.append(inc) + latest_created_time = created_at_dt + + if len(incidents) >= max_fetch: + break + + # Save the next_run as a dict with the last_fetch key to be stored + next_run = {'last_fetch': datetime.strftime(latest_created_time, DATE_FORMAT)} + return next_run, incidents + + +def get_query_command(client: Client, url_suffix: str, args: Dict[str, Any]) -> CommandResults: + """ + This function is called for query commands. + + :type client: ``Client`` + :param Client: Client object + + :type url_suffix: ``str`` + :param url_suffix: The API endpoint. + + :type args: ``dict`` + :param args: Command args + + :rtype: ``CommandResults` + :return CommandResults: use to return results to warroom + """ + query = check_arg('query', args) + grouped_column = check_arg('grouped_column', args) + criteria = check_arg('criteria', args) + time_frame = check_arg('time_frame', args) + + response = client.get_query('GET', query, url_suffix, grouped_column, criteria, time_frame) + + result = CommandResults() + if url_suffix == URL_SUFFIX['GET_COUNT']: + result = get_generic_data(response, 'count', 'LogsignSiem.Count') + elif url_suffix == URL_SUFFIX['GET_COLUMN']: + result = get_generic_data(response, 'columns', 'LogsignSiem.Columns') + return result + + +def main() -> None: + """main function, parses params and runs command functions + + :return: + :rtype: + """ + + command = demisto.command() + demisto.info(f'[Logsign] Command being called is {command}') + + try: + params = demisto.params() + base_url = params.get('url') + + verify_certificate = params.get('insecure', False) + proxy = params.get('proxy', False) + + first_fetch = params.get('first_fetch') + first_fetch_time = DEFAULT_FIRST_FETCH if not first_fetch else first_fetch + + api_key = params.get('apikey') + query = params.get('query', '') + + max_fetch = params.get('max_fetch') + max_fetch = DEFAULT_FETCH_LIMIT if not params.get('max_fetch') else int(max_fetch) + + client = Client(url=base_url, api_key=api_key, verify=verify_certificate, proxy=proxy) + + args = demisto.args() + + if command == 'fetch-incidents': + last_run, incidents = fetch_incidents(client, first_fetch_time, max_fetch, query) + demisto.setLastRun(last_run) + demisto.incidents(incidents) + elif command == 'logsign-get-columns-query': + return_results(get_query_command(client, URL_SUFFIX['GET_COLUMN'], args)) + elif command == 'logsign-get-count-query': + return_results(get_query_command(client, URL_SUFFIX['GET_COUNT'], args)) + elif command == 'test-module': + result = api_check_command(client) + return_results(result) + except Exception as e: + demisto.error(traceback.format_exc()) + return_error(f'Error: {str(e)}') + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.yml b/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.yml new file mode 100644 index 000000000000..5ae75c0cb9c0 --- /dev/null +++ b/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem.yml @@ -0,0 +1,147 @@ +category: Analytics & SIEM +commonfields: + id: LogsignSiem + version: -1 +configuration: +- additionalinfo: LogsignSiem API URL + display: Server URL (e.g. https://192.168.0.1) + name: url + required: true + type: 0 +- additionalinfo: The API Key to use for connection + display: API Key + name: apikey + required: true + type: 4 +- display: Trust any certificate (not secure) + name: insecure + required: false + type: 8 +- display: Use system proxy settings + name: proxy + required: false + type: 8 +- additionalinfo: First Fetch Time (e.g 1 hour) + defaultvalue: 1 hour + display: First Fetch Time (default 1 hour) + hidden: false + name: first_fetch + required: false + type: 0 +- additionalinfo: Maximum number of incidents per fetch (Recommended less than 200) + defaultvalue: '50' + display: Max Fetch + hidden: false + name: max_fetch + required: false + type: 0 +- display: Incident type + name: incidentType + required: false + type: 13 +- display: Fetch incidents + name: isFetch + required: false + type: 8 +- additionalinfo: 'Note: When a space character is used, it must be enclosed in single + quotes. Query example: Alert.Info:''Registry Object Changed''' + defaultvalue: Alert.Category:* + display: Query + hidden: false + name: query + required: false + type: 0 +description: Logsign SIEM provides to collect and store unlimited data, investigate + and detect threats, and respond automatically. +display: LogsignSiem +name: LogsignSiem +script: + commands: + - arguments: + - default: false + description: Query Description + isArray: false + name: query + required: true + secret: false + - default: false + description: 'Group Column ' + isArray: false + name: grouped_column + required: true + secret: false + - auto: PREDEFINED + default: false + description: Criteria Value + isArray: false + name: criteria + predefined: + - unique + - value + required: true + secret: false + - default: false + description: Time Frame (e.g 1 hour) + isArray: false + name: time_frame + required: true + secret: false + deprecated: false + description: Query for columns + execution: false + name: logsign-get-columns-query + outputs: + - contextPath: LogsignSiem.Columns + description: Column list returned as the result of the query + type: Unknown + - arguments: + - default: false + description: Query + isArray: false + name: query + required: true + secret: false + - default: false + description: Grouped Column + isArray: false + name: grouped_column + required: true + secret: false + - auto: PREDEFINED + default: false + description: Criteria Value + isArray: false + name: criteria + predefined: + - unique + - value + required: true + secret: false + - default: false + description: Time Frame (e.g 1 day) + isArray: false + name: time_frame + required: true + secret: false + deprecated: false + description: Get Count Query + execution: false + name: logsign-get-count-query + outputs: + - contextPath: LogsignSiem.Count + description: Count number returned as the result of the query + type: Number + dockerimage: demisto/python3:3.9.6.22912 + feed: false + isfetch: true + longRunning: false + longRunningPort: false + runonce: false + script: '-' + subtype: python3 + type: python +tests: +- No tests (auto formatted) +fromversion: 6.0.0 +defaultmapperin: LogsignSIEM Mapper +defaultclassifier: LogsignSIEM Classifier diff --git a/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_description.md b/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_description.md new file mode 100644 index 000000000000..cbea030f9c57 --- /dev/null +++ b/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_description.md @@ -0,0 +1,3 @@ +### Get Logsign SIEM API Key +1. Click on your username on the top right +2. Navigate to MY Preference > Log Fetching Key and copy the given key diff --git a/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_image.png b/Packs/LogsignSiem/Integrations/LogsignSiem/LogsignSiem_image.png new file mode 100644 index 0000000000000000000000000000000000000000..a9d5bdde0ab1be37e011258564beaac42bb6c765 GIT binary patch literal 3218 zcmV;D3~lp?P)aB^>EX>4U6ba`-PAVE-2F#rGvnd3@N%}XuHOjal;%1_J8 zN##-i17i~|6H60IqeKG(0}BHPFf=eQHUyGJK(;wlDA51~m>QT_ni-oJngcP2&jkQT zwiL-a)I%}=01MtpL_t(|ob8->bW}wahrfCq2w9kfeP09=0xIheTP$|C59I69I5VU<0gBta4gTaZA2kU*#V)%;QKk;+Ri zp-mzO`gcy9eqD8M-TV61yLIoacN!vyAc6=Yh#-OpB8cFkfgByp!MVNIlyx=prK?Ij zC#H5JdsQ+UPByBln5eK7jNs?NJoO=_aSy_Trru|f%z%lOq1~#bTeLqRNgdvSBC_#G z@OV!kWkZB8Ly3tP_?Lo|oy)K307JV{a(WP_Ize#>oZb%6&A^iYjq2rt*rRbLkWO9T zOeirC1OHMGybjC;Sw@s+5&Q1E7hmi=I^40h0^PR5aTK3?lG*`$b~bA7F1zd~>W zre_7hSV_0O{poSlL%0}=Fh2pJsb?OjFi({0X-xBFWbhO#V&K|D=~L~H@+NwBdQ0oQ zj{T?C02v^*)4Bh92q6KG<`KY)FlJHeTY(`TJ;#+Wb~lER#@Ztf1rr%DaBV`GGcb(j z5W-98Gi^ck193HV<^8lz9SX#gv!Z7?y)g?zjOUsrbMPi4BV{zug>PjF08w$%K#pRq zj0q$%V&K|>OpO6qOq-7~C>=GCGS_0HI1BO(nvJk>T=6_UUH~97vp-3;2}S=!Nu{*?^tvN3piFy_4Kup~G!` z=2`7xM*`plPS?onzL>!XF&_!w8;@c3CCY3`N#kxv*#x+Z1Ml>}69;C4Tw>qp zK$uX_=m9n#T1}~|0n`Dn*%F^Co;2A5I06iz>l4Wwzj_f8@Omczt#$GK44h_tP6j5` z$W3237z8W;&H@90@2Xvb5KXjiE%6z>@EP}E3J{_vh!#lM9Rx_Fz%HPM0qAAnQ}01Ku=+IE=eF@`3fJC#|}1v8#U-lA}N5{LmDXqQ6X z{JE5waU`XrpW~?`M&mUXv8reQf^qodUBEg98bbiswR{lA$)~@_t+F1L(vt84ECaQ- zeSzA0OrQ|RK)IXvz^s6BnOT}1b~^#Q2*d^9Z30Y1ErtT12-pw&7Z?jPcFE=xZ(6Kc_pn^NYw?x`eE> ziaM^(|CrSU2go=vl2vCqu-ualfSg#DtZz55;Yjl!zlUG^90NB8)=>G!(Az$sw;x^s z{38Uf1h%2vsuSH%Mh(VW3=GkD+}fDiG2gF%6;;q@0m{obQDlwJ1davapGCpk4&=>W zK+cyB@I!hgnd?Wg?T21$%1&e5-hZ;DUE%0_K`1C_TIdtseHMV$`z$eQeHFwdb`*?jfV-lXC`^sqq|pX*0QL_58>UiEs`4yvF-35bYQjz&MR&i8j^> zD7E_c0B!utA7#yJ^FN}E)z|u;44_{W(Am-F#=n8@)cThJv3}-j2yC)wOqAhu=mt&$ z8aT$A0td10d48&k-Al)^EB!lmem98B%r0!oUdHnr9f^p#v$J z_PYT084}?bSZK<0knMM1GW6U;iF)B9jhtZn+p5%NvlASy2R-o9BKbSQITiJN93nwPcVOQGsWE>64 zHQNZsz?}*G1lj1P(f+~eTWEdXT?JXwEm|KH-SjGL-mg$@G#UR-pA9$u4SdMzd#?)m z*!%Q4N55_01wnYbY4U%MOpQTKOyu}GiR7jwvL!c>G?~aZG6DHu5=E0FyV4}93ngF6 zV8P}&R9Bj$m)CZLpxvrn+jUbra?G!SEStta)sYLW??Zs4z*WF4Rs*#VHlm{X*{Jl7bFLAkVaT(lI)4}4LF0Qi1Z|2&`+(J_ z??tx-;jK@(`>aaksXppSp0CZnP#bsS-$j2&`Tp4|$o$<=MzYf(9kz>pH3)yACVxz@ z8>vo&8%5_*o*vZ?KqFB5qaAtLNqS>cKqFC4b5}pSu_!ld>o@c~^;>4~3H$uWM>8TfIH_Zuo#jp|Xckl_qqMrvcFs2}DIU;wHL^`kbvoXU0d zH&9h4e~ZgSc^o?T}Ti_X#lA+oJ zi_ZmotMQ)z{*5|UeiIdJ*kgN9q z*>9r?6E?a~?tx~YN|J$a87iu7go?1;s4YaGywkN*Osi(27Sq?Lpv@m*Q0^XJG0L-D zkBX$7dG#fMc9d7l^6>8(YZC)e0hUBX>JbD$L!gJ%LK*Ez%H5jNRaY0rsDP^`alb>R2bBq|LA`YDOuwAx z-x2sh7t~*m1j;#ms64xM0RHO6tpv}3i&5!SjaQ$-#fAD84vDDzHvy%i4>*p>H^V+f z2@?W!VBeJT7Y043W6A@lG%11zB8VV@2qK6ef=dbi2mY+5WYV+LivR!s07*qoM6N<$ Eg2U **Integrations** > **Servers & Services**. +2. Search for Logsign SIEM. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Server URL (e.g. https://192.168.0.1) | Logsign SIEM API URL | True | + | API Key | The API Key to use for connection | True | + | Trust any certificate (not secure) | | False | + | Use system proxy settings | | False | + | Last Run Time (ISO8601 format with UTC) | Last run time format like '%Y-%m-%dT%H:%M:%SZ' | True | + | First Fetch Time (default 1 hour) | First Fetch Time \(e.g 1 hour\) | False | + | isFetch | | False | + | Max Fetch | Maximum number of incidents per fetch \(Recommended less than 200\) | False | + +4. Click **Test** to validate the URLs, token, and connection. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### logsign-fetch-incidents +*** +Gets Incidents from Logsign SIEM + + +#### Base Command + +`logsign-fetch-incidents` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| last_run | Last Run Fomat: '%Y-%m-%dT%H:%M:%SZ'. Possible values are: . | Required | +| query | Lucene query support | Optional | + + +#### Context Output + +| **Output Path** | **Type** | **Description** | +| --- | --- | --- | +| Logsign.Incidents.Severity.Name | String | Incident Severity | +| Logsign.Incidents.Time.Generated | date | Time Generation of incident | +| Logsign.Incidents.EventMap.Context | String | Context of Event | +| Logsign.Incidents.Event.Category | String | Category of triggered event | +| Logsign.Incidents.EventSource.IP | unknown | The eventsource addresses that are associated with the incident | +| Logsign.Incidents.Destination.IP | unknown | The destination addresses that are associated with the incident | +| Logsign.Incidents.Source.IP | unknown | The source addresses that are associated with the incident | +| Logsign.Incidents.Destination.Port | unknown | Destination Port | +| Logsign.Incidents.Source.Port | unknown | Source Port | +| Logsign.Incidents.Alert.Category | String | Category of Incident | +| Logsign.Incidents.Alert.Info | String | Incident Description | +| Logsign.Incidents.Alert.AlertUID | Number | ID of Incident | +| Logsign.Incidents.Alert.TriggerEventID | Number | Trigger Event ID | +| Logsign.Incidents.EventSource.HostName | String | The eventsource hostname that are associated with the incident | + + + +#### Command Example + +`!logsign-fetch-incidents last_run=2021-07-27T10:27:00Z` + +#### Context Example + +```json +{ + "success": true, + "incidents": [ + { + "Packets": { + "Total": 2, + "Sent": 1, + "Received": 1 + }, + "Bytes": { + "Total": 124, + "Sent": 60, + "Received": 64 + }, + "Severity": { + "ID": 4, + "Name": "warning" + }, + "Time": { + "Generated": "2021-07-27 10:35:33", + "Start": "2021-07-27 10:26:40", + "Received": "2021-07-27 10:35:33" + }, + "EventMap": { + "Context": "Network", + "Type": "Session", + "SubType": "Allow", + "ID": 60101, + "Info": "Network Connection Allow" + }, + "Event": { + "VendorID": 2, + "SystemID": 30292, + "Action": "allow", + "SubCategory": "end", + "Reason": "tcp-rst-from-server", + "Category": "TRAFFIC", + "TrackID": "2c60f28a" + }, + "EventSource": { + "IP": "10.x.x.1", + "Serial": "001801044448", + "Vendor": "PaloAlto", + "Type": "Security System", + "Category": "Firewall", + "PrefixID": 3029, + "HostName": "PA-3020", + "Description": "PaloAlto", + "Collector": "alert.flow" + }, + "Session": { + "RepeatCount": "1", + "ID": "137290" + }, + "Application": { + "Name": "incomplete" + }, + "Destination": { + "IP": "193.x.x.6", + "City": "Istanbul", + "Country": "Turkey", + "Interface": "ethernet1/3.100", + "Port": 80, + "Zone": "LogsignServers", + "NatIP": "10.x.x.10", + "NatPort": 80, + "Location": "Unknown", + "Position": "in" + }, + "Source": { + "IP": "183.x.x.14", + "Country": "China", + "Interface": "ethernet1/12", + "Port": 21089, + "Zone": "untrust", + "NatIP": "183.x.x.14", + "NatPort": 21089, + "Location": "Unknown", + "Position": "out" + }, + "URL": { + "Category": "any" + }, + "Protocol": { + "Name": "TCP" + }, + "Rule": { + "Name": "IsmailLogsign" + }, + "Details": { + "EndReason": "tcp-rst-from-server" + }, + "DataType": "alert", + "rawmsg": "Jul 27 10:26:44 PA-3020 1,2021/07/27 10:26:44,001801044448,TRAFFIC,end,2304,2021/07/27 10:26:44,183.136.225.14,193.192.118.6,183.136.225.14,10.10.100.2,IsmailLogsign,,,incomplete,vsys1,untrust,LogsignServers,ethernet1/12,ethernet1/3.100,LogsignSyslogProfile,2021/07/27 10:26:44,137290,1,21089,80,21089,80,0x40401b,tcp,allow,124,60,64,2,2021/07/27 10:26:40,0,any,0,2622656518,0x0,China,Turkey,0,1,1,tcp-rst-from-server,0,0,0,0,,PA-3020,from-policy,,,0,,0,,N/A,0,0,0,0,1cf61932-8145-4fd8-8d01-7a410f782236,0", + "Internal": { + "IP": "193.x.118.6" + }, + "External": { + "IP": "183.x.225.14" + }, + "Intelligence": { + "IP": "183.x.225.14", + "Info": "Attack Info", + "ListID": 1029, + "Type": "Attack" + }, + "Context": { + "SourceIP": [ + "Suspicious" + ] + }, + "Behavior": { + "SourceIP": [ + "Threat Intelligence IPs" + ] + }, + "_insert_time": 1627371333, + "Alert": { + "Category": "Threat Intelligence", + "Info": "Threat Intelligence Host Allowed Connection to Internal Network", + "AlertUID": "bd966ac24e90168f14df453a5e1ba6a0", + "TriggerEventID": "c459a1931fa3409bb59f9c35120021f9", + "Reason": "EventMap.Type:Session\nEventMap.SubType:Allow\nDestination.Position:in\nBehavior.SourceIP:Threat Intelligence IPs" + }, + "Action": { + "Object": "183.x.225.14", + "CoManaged": "collect", + "FeedList": "ip" + }, + "_es_type": "flow@alert@generic_log" + } + ] +} +``` + +#### Human Readable Output + +![Logsign-FetchIncident-HumanReadable-Data](doc_imgs/logsign-fetch-inc-HR.jpg) + +### logsign-get-columns-query +*** +Gets column values based on your lucene query + + +#### Base Command + +`logsign-get-columns-query` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| query | Query Description. | Required | +| grouped_column | Group Column . | Required | +| criteria | Criteria Value. Possible values are: unique, value. | Required | +| time_frame | Time Frame (e.g 1 hour). | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| LogsignSiem.Columns | Unknown | Column list returned as the result of the query | + + +#### Command Example +```!logsign-get-columns-query criteria="value" grouped_column="Source.IP" query="*" time_frame="1 day"``` + +#### Context Example +```json +{ + "Logsign SIEM": { + "Columns": { + "columns": [ + "192.x.1.35", + "192.x.1.17", + "192.x.1.18", + "192.x.1.5", + "192.x.1.93" + ] + } + } +} +``` + +#### Human Readable Output + +>### Results +>|columns| +>|---| +>|192.168.1.35,
192.168.1.17,
192.168.1.18,
192.168.1.5,
192.168.1.93| + + + +### logsign-get-count-query +*** +Gets count of column values. + + +#### Base Command + +`logsign-get-count-query` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| query | Query. | Required | +| grouped_column | Grouped Column. | Required | +| criteria | Criteria Value. Possible values are: unique, value. | Required | +| time_frame | Time Frame. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| LogsignSiem.Count | Number | Count number returned as the result of the query | + + +#### Command Example +```!logsign-get-count-query criteria="value" grouped_column="Source.IP" query="*" time_frame="1 day"``` + +#### Context Example +```json +{ + "Logsign SIEM": { + "Count": { + "count": 785554 + } + } +} +``` + +#### Human Readable Output + +>### Results +>|count| +>|---| +>| 785554 | diff --git a/Packs/LogsignSiem/Integrations/LogsignSiem/command_examples b/Packs/LogsignSiem/Integrations/LogsignSiem/command_examples new file mode 100644 index 000000000000..237dc3600979 --- /dev/null +++ b/Packs/LogsignSiem/Integrations/LogsignSiem/command_examples @@ -0,0 +1,2 @@ +!logsign-get-count-query criteria="value" grouped_column="Source.IP" query="*" time_frame="1 day" +!logsign-get-columns-query criteria="value" grouped_column="Source.IP" query="*" time_frame="1 day" \ No newline at end of file diff --git a/Packs/LogsignSiem/Integrations/LogsignSiem/doc_imgs/logsign-fetch-inc-HR.jpg b/Packs/LogsignSiem/Integrations/LogsignSiem/doc_imgs/logsign-fetch-inc-HR.jpg new file mode 100644 index 0000000000000000000000000000000000000000..637ce4bc5f3648ff80875bc389c2afd86c7f61a7 GIT binary patch literal 49826 zcmd>n2Ut_d-Zv^XP&5=NQlwWwK%@m&A@pXbq6iBJ2ukmLDM}|Bde2frQ4pmCDN;l4 zMWho#=t8KWenH)Gzq{+|-QD-Q@AI9R=bSlb{xg~K`?r~M;OO1aB*A4RIYl{w6DJ4= zPT&K<(FlPI!P(QN&zvSad*;lUb7#+GIN_$3S9sgtKq5gxrK zxNzzO!O6>~F5{o2vpl6X(tml>&HE?&?Nyf!!sjKeXwv@Q(tJ}I{bBM$r=QL}v^~ua-&F87#I#lW zbhvJ%HvNLf#L@a-JK07`@;|;@$@$~FFO~cHJhlPRy&ds>R?`CAo9hP`&}|nj zf74=u6BH%t64i1&$|+ylYn_jk&K*}O`rd}uD$lH{{a#pNOQ_M8Lbyx&(-q_Q7ZPie z^!QanZc&v|mH6N4e%MRI=WwN;WAMVrh5NUol&MPn*#-nH1)lI5G^w(*ylnJ{FU6Do z=b>p+1V02HTPw6)b+v8QV%+emx|aR@OxMz_vy>U}JzofY?H_VyCwk~rt8T*~3zzuR zzq8ZqrZ+HXUZ;;oc5Md6^t}`1-;k%2$^&|N@dq+w1DCw)(2mX!aVahNr1>zxMS3d< z@N5+$+C6P%=pDUj6#(r{6Hfh?0{2}}j~(%)^LmeCx+LlJ+7v6PhaOY8I5_@x0s$R; zzFj4g*$-qm$KmX0v2a*HtUy;fiN*Mg-Ii8oijb&Dfl9`M3l2+Zb&FTs#$lpub4J|? zzeUEsrB7RF!fO1hKk`ToJ9%|mbIfLPN&t&A==Y=S&9sL>3ITs}e6e8Xvg-1V^wkh| z;sh+#P!aQP<-6$fe-!hBKDbrTbyA6sI*F$`!%e#Udo&t;QX>3&q6(J-UiN(Cc!$~L z%F3%w7lxv4`TtqqabFjOzk;*4kZ`Qf3ceRHFE$ms@cthUizRB3ha|hl$myh|&qA-~ zE>L##mAj1>n8^J}P$Q{G)jqh5?i-@_$^8Pye2JUBJ+HUKKMs$$w=uB@{dMdXsJK2o zK+Z3v-1@iJl(o{B{O$dh(!Ygp86RzRJ(BO`^a>*r=^sSSEaKnC_8(#XYo5#6XomjW ztHJ%z-d%Mmr+K$6@#q=xWEwgfUQ9a5zoapEzH;TY>FIvTI}dI<{pND7z~M!+*yzar z{rq34{^FfM(HXjZx~*fKin*}+f$#L5GN#M59#)|)d63ar=8B5wX*5`?hu>*@`FjBg zdn1_AFX}va;k{zi?Idv27gfWT)W+B6h1qCAeje4S#(4unfkR)<8ab5TSjL}$TV3iE zJgLlf8vYY-xdI9885iA=u*=~8=R?-xvwS{hy?nW^+au~>a8aXM0`qMSoz=Y>W=JWs zdx^h7`5b1hVYW0Wt?w3T|c^ThNw{PfcNu0evH-|Sl|4JkyN$=lA=V-`?G3mQ{#2> z(hXkZEu=vftP4myqa*x%AnR1PnP;ya$XKi)izLl+zD9I^J9f!->U=MOe%sG{d zD|7MWyh?8k{k=8quGl><;oSyF`y7?!db#U&UoG4HitB#+7rvt~{ zoIULYsHa19z(BTrJ+u@X@+sD9c;k20=AGc9eC+LXVP@h{5rH)?Tze3#y^+s;g(S|<#QrgAb5P>rcpKeM4J}H7xfp?@TC#uWPQoFcypQ>5x@d5Q&RU7COA_e- zBSRo%s%p~)QMsdC@yAM}@vK7#@_yGc@A^+0$v-*+@ut&%#2@$aepLkmi?l=UOx1iF zCH%_%K*3xPrd{!Ek+|K_D+>R~0jYp;CNWpYmSB#ulGAe{ad(Ok-w4Cb({3!%RxF4< zkS=!&LxH>0in*aTVkt25x6ap%*9j{h%%iUNs@VRk2Pb5U*XaLlXzL0j~o7tbQ; zaw@U7g|*5UCeR8~AS&EhTz2VEglURky+gKb^I{F9ekpbL7tr@hmOs8lHDbqpMYH8E z55F-%^v-@ep1^bbv0XKrsC5!5|O58+4;E;+Xns3axTSl*v8 zb*o|D(9>wt!rVV-%4a%lQH1E2}tzD%C=rIB8H-AhLVWQ{qE()2!@ z&XcZ&p@+GL2@I0-uuV1gOB*om_JznWwO3HyD1@k?)EJ_uRWE68Q%c_jA=!>D+?T1_ zH{AF6_fvKU&CN$W8FJzOZ!h$e(+Au;@ka!Zt?fO0-!?J|6Be=FAg!!fB+8Bc-W1;y z^WlwkAyGG|H_v{m=S*b*U(Ht8C(;21pN1LqDo#>!6{mVcaGqh!n~$CEY1@$0r8sFx zVUexF!6O12;x+H+BZB*~={=8%?_IwV`W1lBbtkOt2LDK;lwF@C)ORFThbRA%# z4p?BS`g21DR)-B7{Rc|eU7rc8$eyQ#ZL;~|!VJP?lUJe!M=!Xs>#l*BK+6v=J}yl6 z?usqPNtU%0&42iS{eIWAE%0t?A@eXY8sUsZC>Lvd(0E{IsQaU&q~gLdwlYYxPQO9} zGwiJI`Lu0dgg814ZT>nGHJrS;pzmI58#e9a9~VV0;k2;4cJROvvHifLt75A2z~?Hw z*+9y|cD}2blDB7ZeqrC52#nd^uR-EFk|n6pceCT0P6B+(-&*9G>i;HU{+cp;FR~pr z>t}?dpt}Y0Fy@0?H*i3;+?ykU)1o4Fac+&dT{H5pHa4&vqeDK9rX8D$bE3}k12Xv= zt@aRaN%`VswEMo>b~G^J^(HpX8#-Ho5PlDit4R-Rdp#`W0vX;E+t$ze;5~;Uv-MVa zc|>43;}jX_{aR^pH}s&AuW{Ex(bHRR!=Xn0y1VG^1eIa|?U4E;OvDK@KRfEW9yZlU z+mEQT;nu{^LpK|lfNA8oI`C%wF#Vn2dCYu+%cAc*Ca{$>+0`Me3fRxuO8OWg(s?6{ zg3WzuNnbQa5;!VbpRAja6u5k#csP!iD*RG%U|I4%j+c)Jh&Yag^4}YkmydaO{%l_; zYD{@xSj1rkj*Cc63I^Xg?E}Mn7cJT7HrA3Zj zpbk%O`HYkT+MYF>Zbs^%ln^D#{&7#24?~Q*=+Kt#M}ggNK&_Ao%-a2PQT9oi2tm5_ z{w{&^AJh}fcg!{LO#O0qj~sUoeNh~dcXbVsZPIcR8ja_h-iulF#iZzANBzA_oSQa@ zm&uHeW!%p3s5U14xpD>gSpUS-tR4PD`~0c^u2r{wJ@HrQ zwO?!gDq>PYo2NT9>UR-46EsS^lG>=2p>TSrVV%srR9V};Cteh3eudeSF0kkLPuoW% zhH!jKRkDIS1Lx;wkT6-cUEWR9eo)OJ?-9ZBe*Dm@iv8j&>{R^bko5!9yZK&lGBAs6 zKW7(pUH-5Vvxt_A>6MV0z(^D>f8xn#t?3;HTW_gbykO0peQdcyC?$!7r?+`FeIv?V zW~!r5OPJ)wta`MV6r}5MpvaGYen$j_A|9ejG|@&6MC*z7Og@TgWACS5J=vV(LA{tQ z_|`~fDtK$8Rrl2L(41Gv7wwd9oX@Y47Qw7Ayq%XC+!o-r8RjsPL6^Ycf}{{a4jmCN z*H7Xc4$oE$1&@=?kMZGB^ec8!K4db|L)XRB>`@$2a*x}iM{!Ppdakfx(?dzT?%@0{ zVc)io$|SnzoZGFqs572Hkd`nlwh9^a!4ZJ~2`Sd-gd4!#TX*k9?9>r~Q%3_NIx!Gx zZ=iAy=h?g+R^emmQ-;TvvR|^d6#vd>eEDtqAT8qz21x6{<@QQz4T&4?r%s={?EpC# zI^D~_kR&N3zO#=+*_&q*`Mif63x+<@ZxWj~5r={EK34z4{C<`A0Y!Elb3O=N2i$EE zn#qv(1cD|>DRmQwr+V`C{#jFYRJjmqllPo0ECcC}Mja76{_m35zfL(gPAZ`p2QcT{ z6Ya{(=#?0m-zS?(qjuv~ezPUhrVgv<#Y&-hdyxjcA=~xiZ+ftXSvV=Iq~V?*mQ%T< z%LmFtuMurJoB`A2&3_Jy*njqPxVjp*>%J9z4`0wn_ait|eyWi3zIhK4elDwt=njV7 zQa?jfK8#sv5+>BkhYWz|POPC|;k3Jlcn^(MicV+^wWQAk3GEtM+&g3k?z>|8OX#`S zkr9T3@28^=c_eHC?r+FHZVH*%VdM2#`T0k{czJL|Pa)Gg>`VU3FSwB_+GVinm6F-0 zke~A^Q#iI7e#!fvNj!@^))OAGT}_^Q>6I{ZjxLx&L18FP4?|sFvF&ckz*ci0$%nGT zEMkrbT$=B#?$vHA#qE#xdU>j?dMO;*D0%>`V{y}l;;&(b49Fq)9?vJ+Pwda_0ve{n zv47ermx&uWX766_YUP$abF?g9OuM)AW>=+=i1UQ{BwWgndZSBWqk0rma!~ZqnilYz zXMhmzROZq1fY&CccW$Sa?@9S3OC+0jX+p#nJE;su7(Pl2@^6};+g{Nj@*{?6Uu_b8 zlRWx!Vj1OQaW7#~c=h0Y@|%Wbn=r;f{v(3O7-xsaHHFU(q~5w+c0fx?81;A*Bh={; z)4=S?nq>{VWrWu@@fA1q{?w9?J*fDKDgR3(fgkPEY>fsP?;p@sCht@M zpHd^65uOR|rXzeaNafZL%u3HCMp4gZcUV*>;6Y*8rprfTzLhxBFubD>M4Qoi!xL9v z=^2fozZ`Z%;1|a_$k*U+P>68tx#P`3qfZ*``3M=;=m#l0Xx>>1GYqHf>aK!L`R=@o zJByNS1(M%e%b@puYPXg_?fD4P4GASS;L-4AVTmKJI3oBgrH%!Nl$-`9L&jH`fPm-U zgu=g@`0+=zy-X=ZU0U~1N9^uu{& ze^lRR2Qi!XEBu0>nzBE4BmWegU$k($(H}j;PVZ`))&K?E zJ5rN(XFhjz1vpU@;XFnoJmiOF7IXV*|ECck?6IWrhsm%vQydIC@u9?IdQQ`pILY=cr7gkRSVK*%9xALJ;xjB2i{q;je~eq^9eCP zu5QRU_|0E};NiUN08YjsGYo(lo=h|Q)>fVd=E%TTwhx&0U0?TH^fYkWS(8xqp=U?> zQcYh9peC^-MC7X4hWOA>Z!{{SYD-YJ<+%C1rG$l0wbI^vlA%2p_g#0VPIvf7ep#=NA^b{^P9UwRy>Roby*h_*RPLlM z>%4FbP0os04yOrz)cfiI^OfwRexIFPS#^aigemL@|NK*F;4LbnQT!WJoNF{lay3CE2#IuWUR z2c#&j0Q;<_T|Qb2ZNeO#zzPWN;*SW>Ecarwo@(nrmm_S{FJ;Nrv6$d%nv58)?34nR)GYAO7 zmQpFFj|fm*#|t2MegEl<-$kMae0*;jzmasjfpmNT2u^%|^73skGT}z!v za&{k8zog02%5bh*0Yl_EHbwo9F$NacpVI;Y>5Dnjd}8|h7Ul!fazP430UrN-5I$% znPElq>YDC3TetV+o)>rC-D)`^XlU}dxeUZbiB91+d}+-18W$W3Qw|bm&4UXrVmLk1 z1u9EGW4I%N0O!zg7G#+kpmLah&L-A9sEJ&b3I$OUiz;BtemqR5qLx~~rApSl9n;3l zhY}aF+ffQnmq>w%TU)-!*dE2d*1;zN8h_ERC`hxQGAop)VMI6nhKxVo4LcdMazs!Y zBL~iPr&jZ9#U2ryli%@^Y5*KwgRBvHdM5vu9?&)QR+Gi^%+pb$dx+NiV(;IWWVY{C z@h+3F8}kPZ#55vf_G2$fu9$chI>~Fk=nXemZdkHtU3o#jAh2SnqsTxWH87#oNT-;h z`QcV8JCnQDuIVAteZ9U`yH<1JkfB|gY;#rIvVr`)T}?ODrd3B{ zF^7DbY82IkTMcOlRxmiZM0Z=1>s7L`xs}H*U@SHTAy`j^h-WV~r|vW}X3KUKv$iZO zU$8oEAOCz4zexMGUiUyBqQ0?`?t#esK)9Ta0i|C~^7DwLvIqeUljw$aIZfew%RQ=o z%jbpa3B!GT6cXiVZAr7-0f~vR65WHCF|usFitU-up=g`Zig=+xJy3&uINjYoks@W7ksqTC05pq_KspFE~8UgeS;Bb9w+7 zL*0~I(pp&<`PzfqtzOSb%Mi<2`0`vj>dCAeHMG-U}_BneAW*fEQ zvZ&aER6x&2SuW)sopMlo{nZga=WuY0%4$UHdnXjNT5}ssSRS9rb#OHsKfhp}tDo^3 zYm))JN|QXtp;=JBzMN(pdMTuyZZ&Keu(CG9pSuh)=-Y^fu9=cilIp;85oB3pu_>7T zu$x=R=TJf7{voPuPY6{fZyA4zB)OVhxSG0sQHUQqk2O@(fh{?GvWdH{Dgk72F99I3 z9I^Vi0L6uD=yHM=fvI&?%|}pc?up!GD<;uRJ1^R^`PT$xoe!E5kafYG%x~Bccag6j zxR8aJ6vsEE6dAMxA)i#K*!7ii`((~QLR9n7fXx8tnt24@LCb<;hHRJL!MRji4svaG z#Z**H1NZRpKw*lWVarFc1^pxC$3*zGD)CEn0Q~%0gln3KI^F1_<_s3D7YPZ5Dc>~l zVXJeVuxdBqh))PgfH0Y>-DBD-f0sLt$(!b00nN8&^DTL#DlV9km1-HqsN1a|_~h>7 z0hhw>nvzvFs5or$K-V71E7QF!?sALWW7d-O##d+t6tAVr?@#FMx^%0xuS7FSC*=^W z)!(s`8Pr$oo>;sxe9tu-q_Mf1sIUWHu`(D*48rkv+{)dpP}r%6Z+Nig=-d=P-~a#% z7ClABsK~t-pjLB;uGZ7;PknwwkTbvOIGbkzPWEU?zLDhZ=?Te-HYx;-dCT#KnT~|< zl)f2V=ukCv(g^vGY|U0;BknU?yps+`_oPcXpmhToQ>}39-rQ!QW^YEq7{WnRe z*5LU-WtvZIR#OP?KD)Q+{->C_^=~cyrtWaS!Jin_>IzSVg#5Ib9A*cMh}bH_cpddwM)*$|kYZ!3#* z9B&dqg_+t3%q0c)m8g#kQg}9^lXV{kMr7b%xMORbQz>|7hqz&^0F}CbJ#?TKP7Zh(B(R%;a#(aMMdgDI45DH>g>2_R!&N;aX>V3LK}P@FzdL6 zq+1KBG+(e_p8jJ&^tXcMZGm+<|LFUjgZ34HpxO?)cj$;s4LR3bHUXpxsG|c%Ceoy- z2{3f1Kt1MqHEy{WH7+Meg%tH_#*3t`-IZ8=%0d&myY2c0tt8okS2tGX^d1c8%v9BE zA6}%0RvMSgkCfyoYEkTXQ`Nj|pkZFzS!Sv|QC0_SgJRd0FEqmrq zlN20zJV*Q(#NZ1%DZg2crEMrpSy=WAQh!|jKF~x?R}hjL8^5r2zi~H(2Q{wxpy|b- z42`=x<^VEc62l_#Gq^ zSXsu*m7-Z1KZ_Zgs&j!wpz>X^K1Z zD%QpA;`H>HX}O=|`-qG6t;|;VloxWxFVD<(rjBlnB^Zg!XDxWNHUU?h`In{zT6bQn zrIZEjM-<#MUfq1JmTdC0)4U>n*H~fa6_S-@euOiL->c~Iu*Z5=!rckXEtBZ6=`taZ zY8e)217RkHoD>?J7^8UermCH3_T~MSylsId4B`Xg8P56o%uvmKMw&ub zgJ&s=AJ~%GhTKMj4+rK<^-M>%nS?`TsUy}$8lz%54mv1flWNH0C#KkWAEqX&-7_Cl z5pFB8VJnkT!8-s4hZpllN<2gOhLNxRO1B2bJF2rIC3y?@DFtiy%ag?%B&p2R8@YDG z%Bb5_My-t^QnQ6p_v*yF5c;5d>tadf{Lv%B6d5AV%XDveOB5xJ1Gl!E_#smZ=Hf3Z zJEUNnePJefX1Dw=6qW0GT0iasYYUi@^`&UqWzKgBlP%VYdLWt@)f4)I=Q}PFq6qQ=X1QIOjEnd^M(%?>_j!$8iBI(j)TQM*dA60MSPKKC zE)`O%>kK~~aCIJq)^S7uv)LSTArkEiY-Z)R>gB_EjgcypGv z3;47RXXGo_-1h^s?plu4**4j4-#8*DPr1i_iNnmWEkzP5(1$rIe|}!2uT^A2$YR!9 zHyQs$3X7-4A2Om`-5(D2w`8OQ?YwSla~N;pFYa$l6i8{`b6E1qG}ok@H3~CwuTmBK z%%OenH&ve)(6#yVuyGY`NucG{!DndT$Qg^ER@aJmo%T(9)GxAHp6PX{-Cd9v^I6u5 zo|{n1nec}LH<`94BVy>3>N4okar_JO6C4%HRG}+DFqvG}`FeOeH2HgMJWK|zErRJt zKtY)b>5<%IWEB@#!Yv#+#)o0FNL>b14Vi8=EJ5Z zbWP!pECayRzlHUfoSCP)#46YXms=OY?3x5p?k)tUn`rRKd2=)sr-&3%cZv6j+pPOB zt4_S2Mr9Xw+)^3P-Q4Mr2;=XIK}WnO6R7vPyJ8e$O0z%NxP3jiK0Z{St(EwNp2YwN z#Se%`(NPQD+)c&H-X^W&kvF4FF5%(=&WWi!eS*>J4r~&`TLq|8=VDcZ%?p(;wC}Uo zT%X;SMU@U5c#F5|M#m2{#pmP-HIDD&5^b)>&IPUHOt*A-#AmAsI!Vf^Wx*S3^RQZ- zBM07ayqMbC&z5|N7og8g$OIc{?8?LM55=Xq^c$qgc{_>gj0YN)<&N>|0vw9MHr861 zj|kX5&rSv{s>Vl5ivC>(pTzShj%_#fz!eh_M+_b14bXtk{l1)57nDO*j5#13PU|92 z1r8YXs*FhX5iq9?*OgaCdLCvQT&MA2770p7ob01A*YpbtTu{5af$`)zP~3ja9gkUX z`yaB64DP3H)4JsbM?Y%2-d@^Pv;~a@HR5VT=Bu8!Q72RyV~kzmQLfB9X4Bp>Wa;)d zF#)Ku{hnx>ceAB__BF&ef(FERQZTGjG5LAI z$~bOa^gs#n<6P^4XJ|qTNKhORHmVZiCT_-0lc6**tQ!}qITKWwUg#mzI3f_Pw=L0b zJCI^r#^1RWj_FVK$n#RJOt)TP8LB#HY0`>wdoVT}x(t4ZrmUeXiYTl{1b{H_$^;Sy z#L~0*Oe(My_Okj~nnK%F!n#G8+rr6}1;ZY1yrXsPgC5#Mt2mfdeONKA*35S{bixf& z)rE(pm^MbvnzqNI-3%nNK6FVwG#Ps}M%95Hc`b^83G(2-5=Y$c8Xe#l6n==RQfm)) ze^scdv$C-D%H1UzC26nq!0QByPZ0BTpGU+kAb1Ak7S%!XQxc5$T|Acd(z_!9qbAhW z1LP|&31YuO`<06!uj~TPNb_`ByAmso{TQ3PzaLTdJ$5oRVQS*{3e6P%yxo%HHJd4dSDhrz0k^LKO0;% zYt~kt8y|z<7bFW;<0zPDO+z<+YEwqZ6rl-l$r1k0{9 zK4W9J@wn15*IFm1nk65xE`hPkLfFM}Wf+UO7mXwei$TLs5rrEoK+k)5Cf)Oc;JfZL z1;ZkZHki}xD0d6@sM^@ITL$Aa;51oYM`X0G1QxpU8tUV92 z@ax+6vE9Fo-zVV4?-QIL{P}aEk6T420E}QGDF51RyR@Rq*S`0?V|%6kO!MdltDNw91w}`kb0R3?e6=!Q2C#Yuzq;+s2NJu%d2O}-AlQsJeNN(uLZ4R8tnoD@t1DMfdNos42_Ic&Z6cr;`;PqoC zl*=B+su7i8vdg$)*!6B_w>U|)K;$rNFK&HHQYs@Ay?+3K%wZ5dQYNTf(N82oYTUb^ z>uJP~q~BjI4fxv=hT-S#OJC`JTFhwm|6$^i{h>D!*%w#112e@1mP)kY_81t{3|^hq z&-^haVahwdLkr>&Kmtzulmdj?J?-li8cq{*A$K5-e`A)B5vmd*M zx5-<@L9r-o7aq-cBuEBn+{`n6(l8wSn#_!?T{S+5|JGl*wLN?0Z>Z(3wBYY9`${f? z_tQ`XYf}P?C~w>_ex&JCu5&Fi72wJ*v>_LvEv*op@O?v1a0ZziTbL?UBL7X}N8fat z(5TLQ6DfP+`Efa&Q&;7;9_3LbvOEs4q+GJ1nr8U`qX%XpXxpP@f}+Q z{rAv8T2${%?8nxI-~106{Y^dmBVt;{M#x9T=w(~pBOV|+7a8;V)ZBwMZ3A8C!1~FE zns>9EG60au1ha-)Ae|(9E_ux5W=_q^%!e%^Zp1#*#Br0Fk@p)qSox64kBr)xBIM(a z2;S5xb85WLZiu0B<-V0@?4g~T9sM$l9nGcOuG`m~nK+n+mgzb*)oaW27Hbk?twWSI z2ep&bc%TaRojQD~b*)Y`vk>CTgn|i0C1_^eIyKcC6%KXPLf?Pq%du7DAFS4VpGjkg zJVvuRM8|@$k>iw-VrwXc&SXb@;t|2PqVG!n8v`Jj2=VQ@yId4-9#x-LhTkLY;rkH- zK>9xK`KGf`{U(o-959>d%Hd}03~3~HQeano2ARzqDXwGvMNZA6&(Tp7X$#6rACQlj zXiarCGd78W*i7AK!caDkwH5CsCKH*=su7uG^bRduYqT~>w4bF&RRT?12iqBIMehVf z+v;_axt({om7! zvK+G6h!Pbe$@?89+x9OxuM3eck-gvxxv5pT1M+s@I!Jc+KC$#^vU*w?-ELfuztT=@ zcKY?nVc#cjOTWMWcRZla<>mc*YWh1`^Uv4eb8`BV3ZCz(^V72pn4}GU)UVQ?d*!_T ziqKPWbyO=2X$3@$bf1%{jwA2P4E{q0X)~5}UEWswYfzK({r0nJ{PYMdM)ym%pwVqT zlIi{QHX*lainuN&ILV%6b8T;Btj5Hr15_ReA*{;58$YRGZKDxATo*F)!4*={Qp&6L z$?8DwkbaQ8#!NrPS2+#thn>NklnHEo47`&*8brhE9%&`2;_y(iH}@e` zHVqiRe`%6Tr1ew7aQ_tJ3yLHXrIy{$f%73oLai{?Q$^a13_Ijm%nJ%MqH@6dl74wZ z#355}2TF{d?akbTbth!g8`g$JbShEk>?@DZe>6riwAy7<-e%`&FE)={<%)c^Z?|9; zsb7gzXT6!#xT1PGQ>DD4RiFhCCx?Tt+WFqezjH(&W5nz@P^;Z*#nrqm;-E9;W8BWq z(vWp=^2P2f8)0)|U4WUABM+CPt zl-s4Ifb?DKmmYr7!VzjPmgmFVx0E^}UqAf26D9+!jV*ewbe_Z{v6}sVmtc5Xj`-vW z@B=M`Pdg&7l_z$k%|>f+iKwb6abK#B@OfrAa3#ttJ$y&4eqAmNOjwHSr~1zI!Z7C4 zbA&Kaa7fsXo{I`;R5{HJvfsNh>kLtD(pZ#D_dAfC_E8m#gb|XVaT@UkvUZs=7ePs8 zXgkf0eFpN571sLmWddj{Tj*V0LugEXOSQ?|m**k`GaJ3whH z<%W@ac+c<{aM~TG$(vt(FGr|YC;B85;7j%Gkyw*LS|#Vl1*`64jch`ERsZFY+1K_H z`-ItVNW+(WwG+wpuRev`ifiK_)Gw){cGXbYwDb0{DItwZ$nfH z)I3w6`0af^dB_Q1412%kQ!b6S?xgG)S!(;ZEf&I1`kX*UDhVtFPx(RpjH)X!T z>!6jiH1ruQ^QhDWHp%Y2xEW2pCb*=N4`tCGaBMM9&)#93_VM2`jQ9A=5C(m!xxPjh zQl+YxGT1UU?PfDNV1buTUQ_b3HZxzDd7{|JL}nqBbl6IYSHG$MQdGN>FhdSqtN%9a z+Hu%cZ!n+yUl4y)S>Z*Zj*$6aYbtgc4{u-?W{C|6ZKoZPd0(_T{{V_U~)FvCQ^RLM9LRLe<`rfdSI_ayy6qsbG;!89F- zHoPBk-?2o~@;Z19B^ND#Nxh^?h9;j*rWd(W`d){d+5b6=?|?Q>iB_G&r-(*N-$B98 zz~Lk+Ac!0KK>>puHRjg_vF%W9xFNjNf=bvDbc<% zJ@=%+-A*~(S}9iI_B;bcjq~FDzegt z4@teqSzTPK;8~8?9%3ykFWxWNY{ar z7PtA`L|;f%5SceS_yQd;wCB^eI=*|pZuA4NSxuOuTse#0?6kI2$HkkTV7i4s9$B}grX0PXgBVWTn z=U{JsijO0klWHjl$bE37PFt&gEyd{XZO-fjHA1v^1+~tNN+P`sU^!o5!K;Er8zCuqFahiT(5v6*vyjnk++30XHsZ0_jjS% zcOvHot{&EpfMVmo?2`Ugb;^N?teW&8k)Vjtnuc&wBYOQVqKxFsI6}l_`OFqUberf# zCarZ2iyEnhT@kkGA}dPBFKPs;gw`P(42jgrXNDQ)nnAcJXt=WMSzx|miC_ngWc364 z+?x|WJR8~qIw)AST)x%Fwlq+!!4()6aWc-(C?EJPJu^}|ueeZFaDE5**-=!qw05fTH^XIU6d8;ZU|Fo2mm#|G?rsw$&LDWi+}R<@o5YR@W&Ti%9GDbTU=?hiX&-s zq5@WBr|XqsBbidUWb5Pk8Cg|mYJ;hu|BaFM_Gd>m2G>x)s*lJba-U$H)rt!jErelN z65!H6yGXrQRmO_-IrU3%6q1^EQA5zYsn9_GalhL84>Vq^V!Hh;O9A$_z}l`$-6N48 zQ;obWCbW=kkdi0s5kXn)wVQRK2a(UQOj*iFQQs{(lWL%~Wet~nn?X^o&dmqsEJV0W z#e4eRMmCJGaob%Vlxt>{1yXg8^(R-=&7{gQBU63!$pg~!oZ{&7luot?D=0-NhNyU} z{=7Ecq0;}??So_4;NF1v-)$cp8#m(JKl`ZgnDfD$oAxz2CM36oITR~vP8MKgG`tmw zxV`*fl77G$b}mJ>Nv-zhj$(XLHIq{bXd;t1hS48_t8i1SI(JSg<+hqkI8^oHP4=G` zaw1oRNeBa?vgDBb3}-Kcf{8Nigvr4v>qOd_;mcBd<@AoxalWFYDMrm%ml}|(Rx&JU z4Xc>F%QT91twE2V`f02p%0&y!(Ga%@#F+Ww996r(TCkbh~OJ|q? zbCit6#+3k(%=oV=^feWK6OH`k)z6Egj@NpX-;VU|^kwu7`8Hh4*gidP1P}wVKRY;s z$oxssh`)KUr9c*dP7`9ovtu zb{wA|Wb41AeBCFuH9|q!&pS?QK#9uacA$fClRLDKi0rIZC`-D2 z0DhN`faqnAY!BO%Xg*dp=&nL2)*`rjhy`()ly(0{*+FihDa01{%LmetoV5+=q)n1; z9CkdTFBZ-OYPLjkS_i*+I}2X8Q*Na)`p}mmH_ign90OGo(j~WnbcdbSB>}^3m&!)A zxV(MoTz%^POs}>dtV!ZClGHZ_0#9EilF`1?zse{qNvn#C?~8s6s&q{2 zsBf^+)Y}%n-bMLcQOZzpSmw+-u%xW5b_=O4NgK@v!{POgd1VhfJHHmC*JA3ky(GE7h zdmOUUgk4vyZD`|qF05-XTI<6thV{#HI2q$O9~q1S$o*3lJS_xOfFu~K(` zSH=;+L`SgJDC+|9v_2E@R*wCkj45rc_KiqY?O+;hM^jOUlUAz65zPG=ukZV20SS`j zp0F~X%R*d^ERLJ^X*u|eWJMq1z*FXhOUV(JM}M?fc*T;HR=ktn!mOAGwGw(eHX8R- zb9yH8nP*8+Z9^`v2rJq?lhl;NkVhjpi244b^-R74EVmOJKx!y?TABVCJ8=#RD>1un z;AP=5d7}Hx(6=NC-3^ic(WINW4MX4JIiYzb;$ zTf6X8C}Qkh{V2T|vy=lu1Qoa%S-z^+pGf>~!yGf90r+_haD}|rJ~C3J^gieLaZoUA zuL=wPJ+mUMxJLgr{|!=6S=JsVJ zKL=V~*%qN6yBCGZU`%frcq99zaa2@3 z`|Ho*f5#ry$HrW%M&zSeE2cS$;5_N4c%y+a|CP3b zyn%$GvjC5Nh+Und(5=NohShryXBHZb8ZJK%r<*FxH<;m*%Z2&5k+NGvD!gzdrAe3` zf~;?3-Ik8AYIkjs0Y%W50~`)lokh&j@1SnTd>84ikUgph4_IdAxmhX787wRQ%&LUa zg0_20!49a%)vcmJTW&FM@BFQU7JWUkI|X9RO)<=(k$EikfwfANigKFVu7zSua-tJp zIrMbcEUzYake#G|Oc2sPpf^#Hx{W%g4S8Qy`mXD>mR7bqqw13W;M?qAl{LcVL(5Wd zb6phIGj2&AX#?^VPah~(jHqR1cJ$gDqjj{BiAG{ViJQOw#i?_Tv?k;HuBkI==wJ*v z5RE`G!jWJWb&T39YFfieJ2Iw4-bV8+^e2~VMn5itK>KI;@08!HpNgDHwbR_5(c(4b z1l5q)E3`$ow2K7^sj-3%Pb`0aW9Ciz%SqKljcXbKfu8nDcFZLTtqQ^Pg%sBeuXA!F zf?KI`?j6)WPIVBRMAxir@pKR!5xi|7lr=q-nPJk6_6Ut#e;Gn@l6eNU-&7rA5o5bg zPxQL*`aF&^SV!@J8`U+zbPHiXIXBelG8wkdm-t#U>i}Smg@*z#`BGG2070|9o7N~7 zTp}DRXf}N0*#~eoeXa!ew)mS|NCI0VTYMqeCqG|^CBI@ zY=e5?Ay_?90L?AFXk41XOHu zPz;A%L#qCBc;}CUP(8)Wkr}I;!a1!-Dn%_fh@Z7WlnIZr$-M%?pPo7rJiPeE+0NE<}d};nqdtU<8RI;^8D(8onvQM3=+Pl6}XP;els&AIx&kH{m`e_4N)eP{G zT@PI(+bq`&o3Kp2QOHVpkT#t(k$*XbYc-6qY3kl0`B5#uPka9974&(!uV8-l$6ZZ7 zy6ll)tU3DQ4fE%JHVAT9JipQ&ytnDOV2;h7&fl~mv?8?FzWk^8{=(`%%lo=hA>ym> z-BJV;jjakh9T&dq71USEg zOQGOHpF_0Uk3O%yoPLh~XTnE-Rrs%DmW}+?>2HYoOQi%@-F5H(8i((`y4PRF|1&MP zzr#bnV)Uo5npOHecrnM*{^Ex_0_Lw0aovY<)Z_>JPQQo;6KCin=t~cCUl$E>$ZLlLf?O(KS%yH zvDiLzbI;d}N6@Y!9(sSb=<_chWI?-{`1K8qA!SGAF$FD5|#MUmf*U=zro`-C0J~~Av}oqim#906huLR zsFt8X6c}v@7U1^VVhH%Y?NInyn21hU-!&l1Bn4lRY($$vggprJKjal)H7})(+7@Ns z#9I;C*|cHy>AQ8b(3e~Pp$+}^>3{GdG+FFi{zdWqcHzHsRj{NB{J}rohdrc(*8Z|} zy1+l4-nYt_30+HcM8?4UvyW@JKDYpss9Fb_Ovt=9Y`ar;QGztV36r_B>ZX!skBX>L z!oL;bLm(X$0rkV@vgK+h_uZ@; zzVFE85dvGMZdr6i$mQ*;&cgT!$buX^X(DF!elgX-=@u&JW{Dwt?Cdh&{La;m&o=b7 z#c?Vk*PQ>b{7vO&tiJi;Oz>x{l+Y3LmKnt#k^10DPy$)2L$NsU<4-p_ySlk2+ftMg zL<|Sc0vxA29Tfd&jc{PjSbAueQP01k=r|r_ZQ07DUGRhJfYq{)cx#oz|#0H z(X}pVzlyIu7WOIqhYRVUpVCK)3!?9wIKb9?tR%oo`epoHzYn;DW-e{I2fe}H`+ebp z$BRnE`*+@G?)<)>9$0;#^_HsVi9JnwFA#8r2>?67?1CZo<&x~4&cc}!hu!bIdLSS9 zVP~?BD+L8k7X=MV&~gO74{jHgeV^%JJ^(dPED^8tZ54V~c=N zuL@6|V;h&R2+f=nWwz~hJ7*nRI0JaHbK;a-52Zg-8ao&bJ;@}vtdWm}s9L(p2Rg#! zSZDfHgqC4fX0%SKbX5xu(Sgm8V+3u_J%{CJQ_9dgu;kcVbdY~(c_Lid9#*8rYeP8N z9RX=oNK+euyw>o zcMi(%J}6v?7fYQ4xM4@4w&1eTxD{tz3?-jWyVfbc z&X4VBOewDAmEzsH_5`g^?5zE)Fe#aO95QViLr<1T(E?!sge z+Y4L^D16cFPIE7k=UE{)EgA~?5tCbVewydMcm1X=E5!c5B#Lf*{fsHn?Lt*%Q? zZ^u2b*!+6y)2#wzHhctR%b2oW-86BKa$agnI*nW%0PSnwa%Q-4fzGGaZ6|Hj_;Je_4XOr`6qxk5OMEqx+dpAwSx%2(@+U|khy@L^YA*n=m`u2f>Yc0CgelP zGHc~_px&fG3kuLQ6O4W5t3>yUMu7!s^&TN+;`TcUp4e%TtddY^jS)6VU3=8d+`qM( zr6HU(0Xur}&tUMU0Q;19ViTBmSN@Zl0<8}k?o4G89*+@^Bt*^yo-cZT`o#?)XIRJv zJdAxxu871b6Z6Vcp=s2Oruz6dOP$%cL+quf79~_A{LZ9zUw6eDeJT#|NZVsj^WMSf zfKt%xfu3;W@muMASXyz5`b$D;Z9?S{(jy`{eanCn-7rUEJnsC?w`UoqKp=>*Hz~z) zr-Vi(s1>WxQ|_<_OTS{vtUuSll`GIwCwFJ(am>n5{H6^DBlUU^(lJrAo>ym{_&SUx zI~^*YU|2}sj_)+jWvJOu=?h9X0^OR#4J_W3gL#-hFe4~K3Zt>-Aw*hRLT%mqb-2+; zPN+JrM1MRm9Mw99OBiDXpA~dC`=1gQ*0($hBi6)s#gKT#C?cv%$90Da89h8gYkGRN z!^}fdoFOfbrI&eZQJ#In$sZ)tNqR(Suff4LH-N^HVI%MbrB#y3cEc#A`oRZ1T3b?I zmPh8j-6{n$gmGFTc}w#a+X8;#R9zx)MTVEU##GVZi&4w#Iqy;= z_7oc-W$4;NB&e$*7Bv%<)f!=`1Kn$>AU40<1WT1v)$AEMq1<3Bt)DGSP=A&ah@7Kg zbRZ!UeqeCG`c4qob$1ldYV@0#S9$wW6+uhV6-KIMnR@0TgV{h5PSt_Kd%@w3Fy`K- zJBf_>gGtLQ~+06u5DvcQa3PBypV$+ zP1Pb3Dej0HQ*p|fa+av6!G$H|36EiTu=ABZ4-)jrtJPWD6M%`r)yi3?Jy9{F<@L5l z*RwY3^6$#ftW}fT5wy8z$8$Z27^OmBAKqx68)3xopz0alUe|t@_PY87%-M~-+lJ5g z!B>QKz1#V-?(|fycxtW+UJ58&Po1C~(|1Wi%y;kDtk(LMMQvDnd&ag5T!8*-i~TD_ z{9DU9F%x059RBIeMgA68Y^1U`QQJ}a1^dLnKG8(G!kjx;IwAwMG-#}!>FuQKCQP0? z9&@hkh%&sCXfCChrqNLR2-$`;bRBfviBloofWgw4vPwJS)+B_>RDcWy-`DiQ(Gcmg*=EO@hx9~Sxn8GfNv|YODf}ro-bJu9n{&Ku+3bTY zxoq?d4lNc>;TLwL%2&3~XRTIch+>KcBQ{E@k!9E@^YB@1=%gm*%015|UNYVsRx~#& zEisB$HJ)gKY--+b<8KzvnQQV2TwvtP*15hHY1cjRwyL zvP+GbqFODaQVM}7mIkFJBdpKXcXK0jpi&I(p0xl;)%`bm!zva`JQfV~Q!?KfKeoaK z8hb)mQ~-=jO0pE5c7rGDGeCA{m56cqL^a$a+;W-0!=<7i!}{WDOdpU2?cP%mbB63XR^2Ni|(59*jNV+=dHastwQ+l289NNM$aEQiBkEq+joU1N( zAXU;UcCRH#gVaN<32MOtxAn1Sx>kh3zbJL^;rjV=(OWl^Oz@AHok_;b&+XV^-^yP4 z%c7cF-dKq89#FY|ZLxo)h<|Tc-)*>f+~kwy&}oE-Mh<2@vdI^$J{N=041636IfQcn z^r_I)$WRw)gvl1%C>O6++{0t;T&lD)K$<18*>U|RFRM6JuDjM`rY*vtk9UkRi?4H- z8W)a$RHvPT$$=G0wh+n%x0g<3JaVa-{rPo+tjY2#PUECOAw~3N+)M0T`jCj{wc}$IY}?^bwZ{wMCS%BzpfLn1d4{auS_gE$DE^>f`b$Vv@QA z!FMlmFvL>miBKq&i>i0V&O1mlOwUA4?C`}oqAf)v`to_qmZ+-Z;;kC*0170=ppCw( z*s+%L4JQjMvGtcuL^|(HJ9f(Y8(UVF(o3^TxeyuG5)?E;vLzHVSaxC$YX0^KI(&@4 zy>pPp5#eV22}xvx2qtK3RFmv}0yXdqS3y2V--hE@yV+1v0ydq5d^|y9$r2+4Pdy$2H$eeG-4S~=Rtzq&S6|^XWTPkM?4>!R20Qd zz_A*p8w+-bn$sCnb9H3=~tKp$78kZ_IZcaD|#5AT4e~X)~M*1l?E+yc$74d?_=km$UCsg$nTpyWcZ$mZ4 zP5i@PlDO{u-KBIa6W%4W-zp4FqrM-L*q!B<+uNiPYpfOM2jmygBbP@WY*4`a!i#Mt z05yO%6XirDc6^URzElHg^x%U)j%q2 zl~~*HhN>!Fu4+0Soh7zwaaaw12j|09M|&DZTF_KAM6%U`Wa@#7j2hh7xM1kY!u~;A z{qe$|?N)W*+#^NFeK*$>ddqwlzWZhKf15P%u?SaAnb3^?Z!`KE>hkxp02eWv6h5_e zHS^i?vl^;i&wPrFU8UnW18MbPOrvUU?mScA&!=Co-J0cyE0@WW+QH?g!63bu{U`G1 z(7-|E%6ayF^-?xHtp84D#ua9T634kZ1v}GG0US-#@xGo4C(FlnKpvCvZA7~5KFhw) z#7pGum1Iw+B_&&M98_HJb%He+FPJ20euFgTOgHhra+R(K!S9*b5;fnrZX^7ln5z|t zl0qoQ8#>n{>&96_UEUuq*)rTId>++0SOLiVW^=Cysd61L?VKY%ho#uXujs$6g`n4lS@!{>T~Vkz9(CqN?3(pxY*h)D|@feo8~vx8VmMeRvuR0;l4o((nh$4 zJt_T)X~c!mN+){dubzqrx1sqR7a6y#yGhC7Wlw@3))^puqnE~6WAn>2tJGo8z(oTq zuka}x=LeP8bD2@`76iXr=?iK~P#$I4*o(akJ(IN$jbf?3t9y0&;}E-e?uMxV2+gZB_j_Ftp{vp= z+-fPl;ALnhbX9h>(6{Tq`568C!A)%Ij~S!mlUHp)l+E2iXe5 z{e8Lq^8~A$k%UH%kAv6qS=UHGkdi1Dx;Vr~CD;#bW$MJVPD2-Ckn+0$hWd|e#Vdsw zL@#2u4b{z69qYatIhnjVjO!?tG#oddGAxZKMu{8@}uL4!y=$LgjNQ`scM}e)BaToXGBsxrULd-k`e0L|&+RG66 zz+p-c0Up!ORNHf+B6gR^C<Ejouu8-&4D-9WP8i_ zg#Wk64V&z}0q`{N`M-zV-%z8!i^bJBIoN^DwVw>@PU0huhB6U)U%$BaUVnk|{RlB@ zaiah#iSXFSF4KwPEJd%Sr`#ztJE=2WTn7R4<`K73fQB1AqNX+?7>C7zYt*E0NsZ}0 z)I$g3&5Y_;7cJdqIMDNG*S%sbpqvyl)}6%?FC-BaBcDq#IjB)vmSGtwqCC;QBJ_68 zsVvgvfuP`rtyc&4&q_YWOw>`_&jfLhdzkRL_*k~WW^tyTv}stnDf$OWyC;W>cawM9 zel<|e^_;0-kM_@FD3PMdX`lseQ*pJe~@7ZsEV z#HC5xJvT@uiDn{@Aw}_+@X`ZM8k!#GPHiNFXU1Ca6uuKvaTPhZ7B8VJ*E9Ehn)an= z)PYNK<-ugpIk_GwH7?emO2q86^!`a)M?y7y2Bk`{4CPt3ER?tuec?O$A57^yRIzZb$u92%dtj3_f&M>J`!D{UB9_BgwEc#6fqk76k za|ScY-tL`?Yh{kVmn&?wvp$-cPNBUF_;(DukKH`%E+^PgISh53ZV@gEe-jbm8oLi1#=7ux}!N~v@r1Y?H%zfR~5G{$OQB<%9Wjv^m3kb zp53y)r_|6c-*|Ej6BoC5#VXq*1OALqwh6(@OEjw%bHfsft~*y4OBKzju*b1Jwic4o zNELdTmtfZuK$u4h=FW>?1#++2lHC9$g? zCG?(Or&F)haPNP~KZ1jT4XEzkr#EyNfKr`6DNj};Z8v&dN?{M8r)RKfM&xoEe&7E5 z7&SI6KXCOW*3Bvncc0C}YVWvnrp)n9fddqj)N>AQc;;Y3Gk`VFBp3rXJmQrqSmRNe zo^$}BKn>j;YO|XfrKMmpOsDk>ytWFz`@JX#|Oi`dx7 z!s7eS?{=Q^+ZwMmg}}{?`c+yoS8+;EGa(vz#g!Ad%p1GPb<6CH_NDxE4dj}7iJ(ly z`gSFPY&6^gNY9#KGH>dWd5|BpRPJLW8(8H`n-SoHt34z*so>b#qElJjD#vW2Ml67v zv@yP@ZaJyFaCX_K=TIb3`C{a_wB4k7B7Ze{0IPuA|B9Vu(-D!&?IyFK9@blSxiSpKvE`nG@!Tw@a|=%$1P4WIXL- z7sSm(IZdrE2;^HyIH?Ts3n`v%o0McvnuLy=%;dt{{A*Y$O>&WZjBP6#Bx^= z72Ilq<(mO!ytBKMEqMVaizUK3;Sg?s!A0fe3&Yf`^eEDRvBPO?f(boOVv}I9T=^{s^#|G5@oof`#^Mr?Q59?T z4mF#S)35?#-B1$roEOQb264PkY2U3)zhBtzGBa$7#euV05cWwwCTKU8BN!n7GqX!p zP#<+{vUW@DexFgtfnosOdoXR3ya$g3cFZO2qMpo9FNLjvh=HK6osWO~JW{!C&AVIk zO$*yE|I_bMTQ`&m*t@v)@W1ynNrg0hGAT*Qfz(};unU4&hqf@hsgyA{uo!=@Xfs$2 zDUP1ry2$xP*5+PN&H~>|``rV~cNck4qRWW-k;DA_(CujI1d}LG(p?oRgVNVo*KCt|(J-gDyj#vpW9b}3 z%$I}okEXQYua7(;I0i)64fSJV`MIHZ-`WxWOc5f8H11YZ6OG51NItxlACXF2V7CL8SXZncO_%sdz&>jkzT8VWdW~Hb#C_^uR%1D*Yyvk-gINkSi?)%a6<-- z4tFYcCo9--UF~?pP1{~I4gK=XC#k6Ea)9IEsuDXpx+#_%_R8^awbvEO_~Wdf0_u)J zF5lL^+x-_t`UgiJRV+YfQvQoP{u^@t-zd|RK|Wyg>5C#{GTp)TiP864?Q40Gytlqrgs$;C3cNCwwNQYG;>hOwD zxkC|`jMA;S3eTPq3U#MKsChc4&&%M;N@m9 zT5}gL8iuAgkmg#}CnUS&UOMhE`AAQqLAcoX+)tR;qfSStY5VAuEC4PDWlB5@>^~ng zATgnvx6qcgnr7uoRnGgG@WtqGePB)K zcT`g^%#3#N^lF8ai5fthP0u$eXKUmYO?*XVyn#JpjAu+Cy=!y{K<2$*xkJ zio8kfO}TvA`*B*brp-)4tE>A7;t%prtJ?tdARWLP&73&p5Zp17)?nD6xCJ`MNOp%# zy$)zh&(vX{0Aw&VRxn$`R$5dtYnh9 zW0agHN;Ouy_fNbf{+k*e*yhs>G5-16icYqE>8K3l=DV%@yA)6l4*ZC;BJ@aRdt{nn zB$ZGu$37GddIU1cundlsOIxE6W*EbosF_B&+2)%d?j@80BMJ?wMc!P|-yP*>Lk07O zGB%&;vJ<03?1;5EMmcY3Am}0Wx9_Yj$r+Ms2v*&B4xA56S}4~ziHHx*xlLX^pK0rU zGR4!?(I#UCF)_4zMd)#C;z2%(Y-s>-#f7~GXgQ9SUKl&*q2bgPSND1B(NK7~)~4?0 z-yf_6+TMDIN;*dwe**m9@E0MlA()c2Q2Xh{;8x&q#{}}gFCPtGh_8{tT;;D4eLUfq z8u?;VB6dIfjKtloO+XZkAXIY7B$c~#A1eXidMZya)dxB=Sh&!_$)&4d6~3z?n^ zrYgkhuz>t6*aL#~8WI{}jZ9s#L=(#l?!gxrFP!%`-W2|9QK4Tvlv9rJ6muo6Ee{)| z)ukZpXmY!_8Qpr9kYI;4xU18q)Hm~He02vD^_fH>+OQVuh%#CXAC(`)s)KlCNmFh0 zn-xY;RvqO><&++JpX;RhM1wmMRCf`MB--F>r8&i#c5{y^;siB|*zs_qHvD1qMmzAV zq1HiE?Ho2>Ekb`^2yCxt7-JLo$qj^j3!)i}kR(@v#~-ojmzs@ijrd5Z^9`wX(wjnh zXqsGvu;FeQ&XHS@m##m$%k$ndbS*VMWnkN@xX)8;lC+XngqCc{ejaH>c=p}=tTib~ z7$CpQ@I%xG)#;J-`v=wdK_gG2{!a$9YXN85a++5h=Z`q#mJ3Xi zxmNH9K4#tt8X{sd+%sk#t__t$yq=Hhw~RKrY*-?2AmGopf-Cpe@gAfpUTD|BTI`ng zHq@UcoPSzqqhKKAoq(D}B&*oVs1K?qktVL!1qhc%)vhK@OxalUsizfYD_4S?h8z|Q zGAPhKE@sfUa5eXKmtqb|BIV>QL~j)b*{y%y63jeUBF2SI#bN5+?wl1YnfW+K-KKJ^ z)@JeO-yc4!UB=NX{~P`)1d98B*t>3@CR`=5ph?ilRL>>gwDhV_5y6ls(}EQJl2$sP zHo4p3aXTl&B&VFfD)P98(7+zY7DVHuHwbgxoZAqWOWUlKPED^B9f63OX=YhFARgf@ zicdaKQOrcK3WiW|_bg<8+MN%^ONaiX!W~1IeH%~=b2x4tZy{>Q5#>hK!FTS`l;61` zbfTIfFNJI=Tegi>D4lQ|ivR+uF3h&R1qX^SB?ck(`e*x(95?}D5$}o?Ep?EuGia}j zj!oy`UJ~|z2JPmrwXVgnNNUnIE!SZejQHPk`8AJ;cHX&mrC3VllQ2X0954%u8}T&O z$aY{FVJ~;8z{K-mih1;7 z62k_>7cs!t3bEA^PBfG)*#2bn`a;_4&ELDjgIa)|Au|J-uyQI!v;Z-LdD*<0gQFj@ zI)NMSU>H8Uq9%icxMgixU#HgG;L(7qXM`qAzc?tInZ#YUXcr;@zGu+WTX@ z>EW}L+P(Cq<+UXe60Gz0+fL~Pt6{Ia;w-2FpuW|V@J0;eomBNmdnuF_hk6{a8=OI| zJ&xa0%n8J6K;**aSQFSo(Qtbm8DJl;ATQ8OA32aL-ia`*O6wgin~d5L*s-CsyZdzt z+6o(#wm*$CPxMBK&aNtF(+T^z*7{Kqs;8vJ#XKSgAOmnS@Lg1kcRT9te8#?efdn4e zYVAdYqjG~%X8K@c|8k$#^9M&RIN=c6X;u;1*{(_4#(}E&@uGRwKDz!rHokh!cR$%) zB`!qVqkunp-aYpqyEt&*l40#c<8YnXFu5NT3}a2{!~nA{)TsxP2UqwRJm#I zk3B!u2hc9c($|Nypqa1b%P)I3xDj}J6iOdPY80yitg-{hkJi!+GpF$)QPbo!rh#|m zOxSL!u#BxX$fzjhTPECyP#=?(&1kGUBmPEq$QN|L6bT-5D@k34J1J(_YhJC!%a7WB zGv4r2wSVy7)|4MHuGP>XM&ODN?p9R0{&jVbCV%fJg}DBto9%XE?iMf2bHaBz`c8Jf zS^G<`wbjp)bKqsxiqP)A_gK(J76Wb4s(aHLckX`=zsBJD^rzYT$796hB2Xmv3=6Zs z?AmrEb@qIY;kT@eiEUa1tV{60{t&TAiJ8fA8oU=LEGNY{cZJLdl{z3zKWM$jO5*gM zmfaXVSeZ|f5g1a(uvrUW_3t4v?dxwj@Oh`@3oYWD_gfu}AwwT`BuP$6Ecp?n0*1ID zUANV|=qxH?jtNKA0dIqioaI7VoweXKGm$yR{j96uFWL}u0 z=gG1py69f>VBKIK(euZI@9tzW6175}rQz*Y>F6ZW&QcoVE`EaC-&;96sWy*a9$P6& zsk=oCyp}2DZYvsDOk7?gO&i{OHJyw%&ARYH10x1G4qs)=$N)Kb>QHpC+<%8ZI)^PHVe!PN6Zr=D7jWs0K3FC{C8y0tr{G5MHb zA9iFpHf}`-an5=Ph@QeDhTQb)#r*c*;QXgL8+8ic-Oovk^yvg8!SYt*`;iuj`!=VX zIJsdJkL*{`48MWwzsE|UWRA4$=Wou5(irt5Qu@7A_fKY(XVs}#=8jluCbxr;8L87vwYTp;ZyxpS55P95)= zIgb|2fxicrU(<4249y%C@NvEMA{coweQ{y#wuoOl2L literal 0 HcmV?d00001 diff --git a/Packs/LogsignSiem/Integrations/LogsignSiem/test_data/sample_data.py b/Packs/LogsignSiem/Integrations/LogsignSiem/test_data/sample_data.py new file mode 100644 index 000000000000..de36066f7ca2 --- /dev/null +++ b/Packs/LogsignSiem/Integrations/LogsignSiem/test_data/sample_data.py @@ -0,0 +1,244 @@ +DATE_FORMAT: str = '%Y-%m-%dT%H:%M:%SZ' # ISO8601 format with UTC, default in XSOAR +DATE_FORMAT_WITH_MICROSECOND = '%Y-%m-%dT%H:%M:%S.%fZ' +DEFAULT_FETCH_LIMIT = '50' +DEFAULT_FIRST_FETCH = '1 hour' +CONTENT_TYPE_JSON = 'application/json' + +URL_SUFFIX = { + 'FETCH_INCIDENTS': 'get_incidents', + 'GET_COLUMN': 'get_columns', + 'GET_COUNT': 'get_count', + 'TEST_API': 'test_api' +} + +CHECK_ARG_MOCK_DATA = { + "test_int": 15, + "test_str": "logsign", + "test_list": [1, 2, 3], + "test_dict": {"str": "unix"} +} + +PARAMS = { + 'url': 'https://192.168.0.1', + 'apikey': 'apikey', + 'last_run': '', + 'insecure': False, + 'proxy': False, + 'first_fetch': DEFAULT_FIRST_FETCH, + 'max_fetch': DEFAULT_FETCH_LIMIT +} + +ARGS_Q = {'query': '*', 'grouped_column': 'Source.IP', 'criteria': 'value', 'time_frame': '1 hour'} + +MOCK_INCIDENTS = {'incidents': [ + { + "EventSource": { + "Vendor": "PaloAlto", + "Description": "palo_alto_fw", + "Category": "Firewall", + "Type": "Security System", + "PrefixID": 3029, + "Collector": "alert.flow", + "Tag": "palo_alto", + "IP": "192.168.1.151", + "Serial": "0011C100469" + }, + "Details": { + "Flags": "0x400000", + "LogProfile": "Threat Alert", + "ThreatID": "Virus/Win32.WGeneric.hjykm(3081002)" + }, + "_insert_time": 1619013913, + "Source": { + "Location": "location", + "Zone": "untrust", + "Position": "out", + "City": "Unknown", + "Port": "80", + "Interface": "ethernet1/20", + "IP": "192.168.1.17", + "Country": "Curacao" + }, + "Application": { + "Name": "smtp" + }, + "EventMap": { + "Type": "Virus", + "ID": 20503, + "Context": "Security", + "Info": "Virus Block", + "SubType": "Block" + }, + "External": { + "IP": "228.x.249.122" + }, + "Event": { + "SystemID": 302991, + "SubCategory": "vulnerability", + "Category": "THREAT", + "VendorID": 91, + "Info": "wildfire-virus smtp drop", + "Action": "drop" + }, + "URL": { + "Category": "any", + "Domain": "po.sen260216kk.exe", + "Scheme": "http" + }, + "Internal": { + "IP": "192.168.1.17" + }, + "Action": { + "Object": "192.168.1.17" + }, + "Protocol": { + "Name": "tcp" + }, + "Severity": { + "ID": 4, + "Name": "warning" + }, + "_es_type": "flow@alert@generic_log", + "Session": { + "ID": "48247132", + "Direction": "client-to-server" + }, + "Time": { + "Received": "2021-04-21 14:05:01", + "Generated": "2021-04-21 14:05:13" + }, + "Rule": { + "Name": "rule5" + }, + "Alert": { + "AlertUID": "94d17e7f2ace2688110e0bf9f579e142", + "Info": "Infected Host Detected", + "Category": "Malware", + "Reason": "EventMap.Type:Virus\nEventMap.SubType:Block" + }, + "DataType": "alert", + "Destination": { + "Location": "unknown", + "Zone": "trust", + "Position": "in", + "City": "East Berbice-Corentyne", + "Port": "8091", + "Interface": "ethernet1/21", + "IP": "228.x.249.122", + "Country": "Guyana" + } + }, + { + "EventSource": { + "Vendor": "PaloAlto", + "Description": "palo_alto_fw", + "Category": "Firewall", + "Type": "Security System", + "PrefixID": 3029, + "Collector": "alert.flow", + "Tag": "palo_alto", + "IP": "192.168.1.151", + "Serial": "0011C100469" + }, + "Details": { + "Flags": "0x400000", + "LogProfile": "Threat Alert", + "ThreatID": "Virus/Win32.WGeneric.hjykm(3081002)" + }, + "_insert_time": 1619013913, + "Source": { + "Location": "location", + "Zone": "untrust", + "Position": "out", + "City": "Unknown", + "Port": "80", + "Interface": "ethernet1/20", + "IP": "192.168.1.17", + "Country": "Curacao" + }, + "Application": { + "Name": "smtp" + }, + "EventMap": { + "Type": "Virus", + "ID": 20503, + "Context": "Security", + "Info": "Virus Block", + "SubType": "Block" + }, + "External": { + "IP": "228.x.249.122" + }, + "Event": { + "SystemID": 302991, + "SubCategory": "vulnerability", + "Category": "THREAT", + "VendorID": 91, + "Info": "wildfire-virus smtp drop", + "Action": "drop" + }, + "URL": { + "Category": "any", + "Domain": "po.sen260216kk.exe", + "Scheme": "http" + }, + "Internal": { + "IP": "192.168.1.17" + }, + "Action": { + "Object": "192.168.1.17" + }, + "Protocol": { + "Name": "tcp" + }, + "Severity": { + "ID": 4, + "Name": "warning" + }, + "_es_type": "flow@alert@generic_log", + "Session": { + "ID": "48247132", + "Direction": "client-to-server" + }, + "Time": { + "Received": "2021-04-21 14:05:01", + "Generated": "2021-04-21 14:05:13" + }, + "Rule": { + "Name": "rule5" + }, + "Alert": { + "AlertUID": "94d17e7f2ace2688110e0bf9f579e142", + "Info": "Infected Host Detected", + "Category": "Malware", + "Reason": "EventMap.Type:Virus\nEventMap.SubType:Block" + }, + "DataType": "alert", + "Destination": { + "Location": "unknown", + "Zone": "trust", + "Position": "in", + "City": "East Berbice-Corentyne", + "Port": "8091", + "Interface": "ethernet1/21", + "IP": "228.x.249.122", + "Country": "Guyana" + } + }] +} + +MOCK_INC = {'last_fetch': '2021-04-21T01:00:00Z', 'incidents': MOCK_INCIDENTS['incidents']} + +RESULT_COUNT_HR = """ +### Results +|count| +|---| +| 785045 | +""" + +RESULT_COLUMNS_HR = """ +### Results +|columns| +|---| +| 192.168.1.35,
192.168.1.17 | +""" diff --git a/Packs/LogsignSiem/README.md b/Packs/LogsignSiem/README.md new file mode 100644 index 000000000000..ff7d08fc19d8 --- /dev/null +++ b/Packs/LogsignSiem/README.md @@ -0,0 +1,49 @@ +## Pack Documentation + +**Logsign Next-Gen SIEM provides comprehensive visibility and control of your data lake. It allows security analysts to collect and store unlimited data, and to investigate, detect and respond to threats automatically.** + +Logsign SIEM provides comprehensive visibility and control of your data lake by allowing security analysts to collect and store unlimited data, investigate and detect threats, and respond automatically. + + +## Use Cases +Once implemented, a SIEM solution becomes a vital component of an enterprise security strategy. As a result, there are a large number of use cases that it caters to. A security team does not know what they will face next. With the increasing number of endpoint devices and growing reliance on cloud-based services, the potential attack surface +area is expanding. Considering these factors, it becomes difficult for security teams to keep track of events happening across an enterprise network. +We equip enterprise security operations teams with smart SIEM and SOAR tools that improve workforce efficiency and provide better, accelerated investigations and responses. + +1. **Advanced Threat Detection** +Detection of internal and external threats +in real time, mitigation and eradication of +threats are extensively handled. +2. **Threat Hunting** +Logsign SIEM proactively detects insider +threats or outside attackers and quickly +responds to any suspicious behavior. +3. **Security Analytics and Visualization** +You cannot manage what you can’t see. +Logsign focuses on security big data +analytics and visualizes the outcomes +on dashboards and reports to provide +understandable outcomes. +4. **SOC Management** +SIEM products are located in the center of +SOC operations and tools. They are strictly +required for real-time detection of alerts, +detailed investigation, analysis, threat +hunting and response. +5. **Centralized Log Management** +Logsign SIEM collects and stores data by +integrating with all data sources, and it +analyzes all data in one central platform. + +## What does this pack do? +This Content Pack is used to fetch incident logs, detail investigation on data lake, finding threats and anomaly to respond these threats in realtime. + +Using the Logsign SIEM integration, you can fetch Logsign incidents colums.This columns such as: +1. The name of alert +2. The action object of alert +3. Related alerts information +4. The objects that make up the alert, such as the IP address, hashes, user names, etc. + +Logsign integration enables you to run drill down searches to retrieve additional data from Logsign such as: +1. Get information about event columns(Ip Adress,Ports, GeoLocation, Behaviors,Event Category, etc. +2. Get event based counts about incident \ No newline at end of file diff --git a/Packs/LogsignSiem/pack_metadata.json b/Packs/LogsignSiem/pack_metadata.json new file mode 100644 index 000000000000..736626e11a77 --- /dev/null +++ b/Packs/LogsignSiem/pack_metadata.json @@ -0,0 +1,27 @@ +{ + "name": "Logsign SIEM", + "description": "Logsign SIEM provides to collect and store unlimited data, investigate and detect threats, and respond automatically.", + "support": "partner", + "currentVersion": "1.0.0", + "author": "Logsign", + "url": " https://support.logsign.net/", + "email": "support@logsign.net", + "categories": [ + "Analytics & SIEM" + ], + "tags": [ + "Alerts", + "Incident Handling", + "Incident Response", + "Security Analytics" + ], + "useCases": [ + "Case Management" + ], + "keywords": [ + "Incident", + "Alerts", + "Logsign", + "SIEM" + ] +} \ No newline at end of file From 3957e8abcc5abc2ffaa4043eca9f91b7a9c4c52a Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Sun, 29 Aug 2021 18:27:56 +0300 Subject: [PATCH 064/173] Update Docker Image To demisto/python3 (#14558) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated Metadata Of Pack CiscoESAIronPortEmailAPI * Added release notes to pack CiscoESAIronPortEmailAPI * Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml Docker image update * Updated Metadata Of Pack CiscoEmailSecurity * Added release notes to pack CiscoEmailSecurity * Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml Docker image update * Updated Metadata Of Pack Claroty * Added release notes to pack Claroty * Packs/Claroty/Integrations/Claroty/Claroty.yml Docker image update * Updated Metadata Of Pack CloudConvert * Added release notes to pack CloudConvert * Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml Docker image update * Added dbotscore outputs to yml and readme Co-authored-by: sberman --- Packs/C2sec/Integrations/C2sec/C2sec.yml | 2 +- Packs/C2sec/ReleaseNotes/1_0_2.md | 3 + Packs/C2sec/pack_metadata.json | 2 +- Packs/CTIX/Integrations/CTIX/CTIX.yml | 2 +- Packs/CTIX/ReleaseNotes/1_0_1.md | 3 + Packs/CTIX/pack_metadata.json | 2 +- .../Integrations/CVESearchV2/CVESearchV2.yml | 79 +++++++++++++------ .../Integrations/CVESearchV2/README.md | 8 ++ Packs/CVESearch/ReleaseNotes/1_0_7.md | 3 + Packs/CVESearch/pack_metadata.json | 2 +- .../CarbonBlackProtect/CarbonBlackProtect.yml | 2 +- .../CarbonBlackProtect/ReleaseNotes/1_0_8.md | 3 + Packs/CarbonBlackProtect/pack_metadata.json | 2 +- .../CentrifyVault/CentrifyVault.yml | 2 +- Packs/CentrifyVault/ReleaseNotes/1_0_1.md | 3 + Packs/CentrifyVault/pack_metadata.json | 2 +- .../Integrations/Cherwell/Cherwell.yml | 2 +- Packs/Cherwell/ReleaseNotes/1_0_3.md | 3 + Packs/Cherwell/pack_metadata.json | 2 +- .../CiscoIronPortEMailAPI.yml | 2 +- .../ReleaseNotes/1_0_2.md | 3 + .../pack_metadata.json | 2 +- .../CiscoEmailSecurity/CiscoEmailSecurity.yml | 2 +- .../CiscoEmailSecurity/ReleaseNotes/1_0_5.md | 3 + Packs/CiscoEmailSecurity/pack_metadata.json | 2 +- .../Claroty/Integrations/Claroty/Claroty.yml | 2 +- Packs/Claroty/ReleaseNotes/1_0_11.md | 3 + Packs/Claroty/pack_metadata.json | 2 +- .../CloudConvert/CloudConvert.yml | 2 +- Packs/CloudConvert/ReleaseNotes/1_0_1.md | 3 + Packs/CloudConvert/pack_metadata.json | 2 +- 31 files changed, 112 insertions(+), 43 deletions(-) create mode 100644 Packs/C2sec/ReleaseNotes/1_0_2.md create mode 100644 Packs/CTIX/ReleaseNotes/1_0_1.md create mode 100644 Packs/CVESearch/ReleaseNotes/1_0_7.md create mode 100644 Packs/CarbonBlackProtect/ReleaseNotes/1_0_8.md create mode 100644 Packs/CentrifyVault/ReleaseNotes/1_0_1.md create mode 100644 Packs/Cherwell/ReleaseNotes/1_0_3.md create mode 100644 Packs/CiscoESAIronPortEmailAPI/ReleaseNotes/1_0_2.md create mode 100644 Packs/CiscoEmailSecurity/ReleaseNotes/1_0_5.md create mode 100644 Packs/Claroty/ReleaseNotes/1_0_11.md create mode 100644 Packs/CloudConvert/ReleaseNotes/1_0_1.md diff --git a/Packs/C2sec/Integrations/C2sec/C2sec.yml b/Packs/C2sec/Integrations/C2sec/C2sec.yml index e31478c2ab62..6bb3086b3421 100644 --- a/Packs/C2sec/Integrations/C2sec/C2sec.yml +++ b/Packs/C2sec/Integrations/C2sec/C2sec.yml @@ -193,4 +193,4 @@ script: type: string description: Query Data for specific component for companies in the portfolio runonce: false - dockerimage: demisto/python3:3.9.5.22665 + dockerimage: demisto/python3:3.9.6.22912 diff --git a/Packs/C2sec/ReleaseNotes/1_0_2.md b/Packs/C2sec/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..d74850e5aabd --- /dev/null +++ b/Packs/C2sec/ReleaseNotes/1_0_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### C2sec irisk +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/C2sec/pack_metadata.json b/Packs/C2sec/pack_metadata.json index ad6b7bedad35..e84f91563afc 100644 --- a/Packs/C2sec/pack_metadata.json +++ b/Packs/C2sec/pack_metadata.json @@ -2,7 +2,7 @@ "name": "C2sec irisk", "description": "Understand Your Cyber Exposure as Easy as a Google Search", "support": "xsoar", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CTIX/Integrations/CTIX/CTIX.yml b/Packs/CTIX/Integrations/CTIX/CTIX.yml index b5ae5de63dac..6762dc573cd9 100644 --- a/Packs/CTIX/Integrations/CTIX/CTIX.yml +++ b/Packs/CTIX/Integrations/CTIX/CTIX.yml @@ -746,7 +746,7 @@ script: description: Additional enhanced data about the Threat Data Object fetched by the CTIX application description: Return File Details. - dockerimage: demisto/python3:3.9.1.15759 + dockerimage: demisto/python3:3.9.6.22912 runonce: false subtype: python3 tests: diff --git a/Packs/CTIX/ReleaseNotes/1_0_1.md b/Packs/CTIX/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..4fcadeb2a70b --- /dev/null +++ b/Packs/CTIX/ReleaseNotes/1_0_1.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cyware Threat Intelligence eXchange +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/CTIX/pack_metadata.json b/Packs/CTIX/pack_metadata.json index 4053bd7aa0d1..ce071c0c2f78 100644 --- a/Packs/CTIX/pack_metadata.json +++ b/Packs/CTIX/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CTIX", "description": "Cyware Threat Intelligence eXchange", "support": "partner", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "Cyware Labs", "url": "https://cyware.com/", "email": "connector-dev@cyware.com", diff --git a/Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml b/Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml index f52438449aed..c77d89c26d09 100644 --- a/Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml +++ b/Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml @@ -1,33 +1,37 @@ +category: Vulnerability Management commonfields: id: CVE Search v2 version: -1 -name: CVE Search v2 -display: CVE Search v2 -category: Vulnerability Management -description: Searches for CVE information using circl.lu. configuration: -- display: Server URL +- defaultvalue: https://cve.circl.lu/api/ + display: Server URL name: url - defaultvalue: https://cve.circl.lu/api/ - type: 0 required: true + type: 0 - display: Use system proxy settings name: proxy - defaultvalue: "" - type: 8 required: false + type: 8 - display: Trust any certificate (not secure) name: insecure - type: 8 required: false + type: 8 +description: Searches for CVE information using circl.lu. +display: CVE Search v2 +name: CVE Search v2 script: commands: - - name: cve-latest - arguments: - - name: limit + - arguments: + - default: false + description: The maximum number of CVEs to display. + isArray: false + name: limit required: false - default: false - description: 'The maximum number of CVEs to display.' + secret: false + deprecated: false + description: Returns the latest updated CVEs. + execution: false + name: cve-latest outputs: - contextPath: CVE.ID description: The ID of the CVE. @@ -44,13 +48,29 @@ script: - contextPath: CVE.Description description: The description of the CVE. type: String - description: Returns the latest updated CVEs. - - name: cve - arguments: - - name: cve_id - required: true - default: true + - contextPath: DBotScore.Indicator + description: The indicator value. + type: String + - contextPath: DBotScore.Score + description: The indicator score. + type: Number + - contextPath: DBotScore.Type + description: The indicator type. + type: String + - contextPath: DBotScore.Vendor + description: The vendor reporting the score of the indicator. + type: String + - arguments: + - default: true description: 'The CVE ID. For example: CVE-2014-1234.' + isArray: false + name: cve_id + required: true + secret: false + deprecated: false + description: Returns CVE information by CVE ID. + execution: false + name: cve outputs: - contextPath: CVE.ID description: The ID of the CVE. @@ -67,8 +87,19 @@ script: - contextPath: CVE.Description description: The description of the CVE. type: String - description: Returns CVE information by CVE ID. - dockerimage: demisto/python3:3.9.1.14969 + - contextPath: DBotScore.Indicator + description: The indicator value. + type: String + - contextPath: DBotScore.Score + description: The indicator score. + type: Number + - contextPath: DBotScore.Type + description: The indicator type. + type: String + - contextPath: DBotScore.Vendor + description: The vendor reporting the score of the indicator. + type: String + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: false longRunning: false @@ -78,5 +109,5 @@ script: subtype: python3 type: python tests: -- "CVE Search v2 - Test" +- CVE Search v2 - Test fromversion: 5.0.0 diff --git a/Packs/CVESearch/Integrations/CVESearchV2/README.md b/Packs/CVESearch/Integrations/CVESearchV2/README.md index d4715d69d339..41a76fe2877e 100644 --- a/Packs/CVESearch/Integrations/CVESearchV2/README.md +++ b/Packs/CVESearch/Integrations/CVESearchV2/README.md @@ -48,6 +48,10 @@ Retruns the latest updated CVEs. | CVE.Published | Date | The date the CVE was published. | | CVE.Modified | Date | When CVE was last modified. | | CVE.Description | String | The description of the CVE. | +| DBotScore.Indicator | String | The indicator value. | +| DBotScore.Score | Number | The indicator score. | +| DBotScore.Type | String | The indicator type. | +| DBotScore.Vendor | String | The vendor reporting the score of the indicator. | ##### Command Example @@ -106,6 +110,10 @@ Search CVE by ID | CVE.Published | Date | The date the CVE was published. | | CVE.Modified | Date | The date the CVE was last modified. | | CVE.Description | String | The description of the CVE. | +| DBotScore.Indicator | String | The indicator value. | +| DBotScore.Score | Number | The indicator score. | +| DBotScore.Type | String | The indicator type. | +| DBotScore.Vendor | String | The vendor reporting the score of the indicator. | ##### Command Example diff --git a/Packs/CVESearch/ReleaseNotes/1_0_7.md b/Packs/CVESearch/ReleaseNotes/1_0_7.md new file mode 100644 index 000000000000..ebdd2f8eeb59 --- /dev/null +++ b/Packs/CVESearch/ReleaseNotes/1_0_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### CVE Search v2 +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/CVESearch/pack_metadata.json b/Packs/CVESearch/pack_metadata.json index 306a03e8e76b..47aeca478970 100644 --- a/Packs/CVESearch/pack_metadata.json +++ b/Packs/CVESearch/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CVE Search", "description": "Searches for CVE information using circl.lu.", "support": "xsoar", - "currentVersion": "1.0.6", + "currentVersion": "1.0.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml b/Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml index 857afed57594..ebcc7ed22057 100644 --- a/Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml +++ b/Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml @@ -2129,7 +2129,7 @@ script: - contextPath: CBP.FileRule.ReportOnly description: Is this rule "reporting only" or is it also "enforcing". type: String - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 subtype: python3 isfetch: true runonce: false diff --git a/Packs/CarbonBlackProtect/ReleaseNotes/1_0_8.md b/Packs/CarbonBlackProtect/ReleaseNotes/1_0_8.md new file mode 100644 index 000000000000..b920bc07a940 --- /dev/null +++ b/Packs/CarbonBlackProtect/ReleaseNotes/1_0_8.md @@ -0,0 +1,3 @@ +#### Integrations +##### VMware Carbon Black App Control v2 +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/CarbonBlackProtect/pack_metadata.json b/Packs/CarbonBlackProtect/pack_metadata.json index 4f2e8c2952eb..34b9be4d97de 100644 --- a/Packs/CarbonBlackProtect/pack_metadata.json +++ b/Packs/CarbonBlackProtect/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Carbon Black Enterprise Protection", "description": "Carbon Black Enterprise Protection is a next-generation endpoint threat prevention solution to deliver a portfolio of protection policies, real-time visibility across environments, and comprehensive compliance rule sets in a single platform.", "support": "xsoar", - "currentVersion": "1.0.7", + "currentVersion": "1.0.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml b/Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml index d8c77eb38834..0818c40bfa6c 100644 --- a/Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml +++ b/Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml @@ -293,7 +293,7 @@ script: required: true description: Delete set from the Centrify Vault name: centrify-delete-set - dockerimage: demisto/python3:3.8.6.13358 + dockerimage: demisto/python3:3.9.6.22912 runonce: false script: '' subtype: python3 diff --git a/Packs/CentrifyVault/ReleaseNotes/1_0_1.md b/Packs/CentrifyVault/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..3548a75d1c16 --- /dev/null +++ b/Packs/CentrifyVault/ReleaseNotes/1_0_1.md @@ -0,0 +1,3 @@ +#### Integrations +##### Centrify Vault +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/CentrifyVault/pack_metadata.json b/Packs/CentrifyVault/pack_metadata.json index e853aec877fd..36851d8cb4e8 100644 --- a/Packs/CentrifyVault/pack_metadata.json +++ b/Packs/CentrifyVault/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Centrify Vault", "description": "Centrify Vault integration to create/fetch/delete secrets/folders/sets.", "support": "community", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "prashasthbaliga", "url": "", "email": "", diff --git a/Packs/Cherwell/Integrations/Cherwell/Cherwell.yml b/Packs/Cherwell/Integrations/Cherwell/Cherwell.yml index c0c461a1abae..648a5ba4a72c 100644 --- a/Packs/Cherwell/Integrations/Cherwell/Cherwell.yml +++ b/Packs/Cherwell/Integrations/Cherwell/Cherwell.yml @@ -516,7 +516,7 @@ script: - contextPath: Cherwell.BusinessObjectInfo.BusinessObjectName description: Business object name. type: String - dockerimage: demisto/python3:3.8.3.9324 + dockerimage: demisto/python3:3.9.6.22912 isfetch: true runonce: false script: '-' diff --git a/Packs/Cherwell/ReleaseNotes/1_0_3.md b/Packs/Cherwell/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..557a180001c4 --- /dev/null +++ b/Packs/Cherwell/ReleaseNotes/1_0_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cherwell +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Cherwell/pack_metadata.json b/Packs/Cherwell/pack_metadata.json index fbf2afd0045d..6fa3c1774071 100644 --- a/Packs/Cherwell/pack_metadata.json +++ b/Packs/Cherwell/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cherwell", "description": "Cloud-based IT service management solution", "support": "xsoar", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml b/Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml index a01538e2c9e3..8c3c8224c26d 100644 --- a/Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml +++ b/Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml @@ -87,7 +87,7 @@ script: name: limit description: Genral search , can combine multiple parameters name: iron-port-search - dockerimage: demisto/python3:3.9.1.15759 + dockerimage: demisto/python3:3.9.6.22912 runonce: false script: '' subtype: python3 diff --git a/Packs/CiscoESAIronPortEmailAPI/ReleaseNotes/1_0_2.md b/Packs/CiscoESAIronPortEmailAPI/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..5a9ecf5dac95 --- /dev/null +++ b/Packs/CiscoESAIronPortEmailAPI/ReleaseNotes/1_0_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cisco IronPort EMail API +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/CiscoESAIronPortEmailAPI/pack_metadata.json b/Packs/CiscoESAIronPortEmailAPI/pack_metadata.json index d2e550cfa2a7..4ed418a1bcf1 100644 --- a/Packs/CiscoESAIronPortEmailAPI/pack_metadata.json +++ b/Packs/CiscoESAIronPortEmailAPI/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cisco ESA IronPort Email API", "description": "Cisco ESA IronPort Email API\nSearch IronPort mail traffic logs\nSearch in IronPort Spam and Quarantines\nRelease Emails from Spam and Quarantines ", "support": "community", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "OsamaShenoda", "url": "", "email": "", diff --git a/Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml b/Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml index fc115761331b..98a9049b6b44 100644 --- a/Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml +++ b/Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml @@ -1238,7 +1238,7 @@ script: description: Deletes a list entry. execution: false name: cisco-email-security-list-entry-delete - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: false longRunning: false diff --git a/Packs/CiscoEmailSecurity/ReleaseNotes/1_0_5.md b/Packs/CiscoEmailSecurity/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..afb964fd0a44 --- /dev/null +++ b/Packs/CiscoEmailSecurity/ReleaseNotes/1_0_5.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cisco Email Security (beta) +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/CiscoEmailSecurity/pack_metadata.json b/Packs/CiscoEmailSecurity/pack_metadata.json index 7cf23ce6069d..da19b2257bce 100644 --- a/Packs/CiscoEmailSecurity/pack_metadata.json +++ b/Packs/CiscoEmailSecurity/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cisco Email Security (Beta)", "description": "Cisco Email Security is an email security gateway . It detects and blocks a wide variety of email-borne threats, such as malware, spam and phishing.", "support": "xsoar", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Claroty/Integrations/Claroty/Claroty.yml b/Packs/Claroty/Integrations/Claroty/Claroty.yml index af237df19b4a..9e2ee558b877 100644 --- a/Packs/Claroty/Integrations/Claroty/Claroty.yml +++ b/Packs/Claroty/Integrations/Claroty/Claroty.yml @@ -482,7 +482,7 @@ script: - contextPath: Claroty.Alert.Severity description: The alert severity. type: String - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: true longRunning: false diff --git a/Packs/Claroty/ReleaseNotes/1_0_11.md b/Packs/Claroty/ReleaseNotes/1_0_11.md new file mode 100644 index 000000000000..16e25d6c9711 --- /dev/null +++ b/Packs/Claroty/ReleaseNotes/1_0_11.md @@ -0,0 +1,3 @@ +#### Integrations +##### Claroty +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Claroty/pack_metadata.json b/Packs/Claroty/pack_metadata.json index 83c34164cd93..f6bc951c08b6 100644 --- a/Packs/Claroty/pack_metadata.json +++ b/Packs/Claroty/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Claroty", "description": "Use the Claroty CTD to manage assets and alerts.", "support": "partner", - "currentVersion": "1.0.10", + "currentVersion": "1.0.11", "author": "Claroty", "url": "", "email": "support@claroty.com", diff --git a/Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml b/Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml index 451249041bbe..901fbd35779e 100644 --- a/Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml +++ b/Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml @@ -366,7 +366,7 @@ script: - contextPath: CloudConvert.Task.links description: API link for the task. type: String - dockerimage: demisto/python3:3.8.6.13358 + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: false longRunning: false diff --git a/Packs/CloudConvert/ReleaseNotes/1_0_1.md b/Packs/CloudConvert/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..80d9370464cd --- /dev/null +++ b/Packs/CloudConvert/ReleaseNotes/1_0_1.md @@ -0,0 +1,3 @@ +#### Integrations +##### CloudConvert +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/CloudConvert/pack_metadata.json b/Packs/CloudConvert/pack_metadata.json index 118780ff2710..8edaac618625 100644 --- a/Packs/CloudConvert/pack_metadata.json +++ b/Packs/CloudConvert/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cloud Convert", "description": "Use this integration to convert files using CloudConvert API", "support": "xsoar", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From c1870b4c54c19a9741ae022e1108a70ee2eed192 Mon Sep 17 00:00:00 2001 From: Orel Haim <49915958+OrelHaim@users.noreply.github.com> Date: Sun, 29 Aug 2021 20:42:47 +0300 Subject: [PATCH 065/173] IAM Group Sync - Slack & Okta (#13550) * changes * fixes and changes * fixes and changes * RN * remove test functions * lint * fix * fix * command result * fix * fix * changes * Merge branch 'master' into slack-iam # Conflicts: # Packs/Okta/ReleaseNotes/2_2_2.md # Packs/Slack/ReleaseNotes/2_1_2.md * in progress * some minor changes * RN conflicts fix * RN conflicts fix Co-authored-by: Dan Tavori Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> --- Packs/Okta/Integrations/Okta_IAM/Okta_IAM.py | 211 +++++++++++ Packs/Okta/Integrations/Okta_IAM/Okta_IAM.yml | 193 ++++++++++ Packs/Okta/ReleaseNotes/2_2_3.md | 4 + Packs/Okta/pack_metadata.json | 2 +- .../Slack/Integrations/Slack_IAM/Slack_IAM.py | 348 +++++++++++++++++- .../Integrations/Slack_IAM/Slack_IAM.yml | 143 ++++++- Packs/Slack/ReleaseNotes/2_1_5.md | 4 + Packs/Slack/pack_metadata.json | 2 +- 8 files changed, 901 insertions(+), 6 deletions(-) create mode 100644 Packs/Okta/ReleaseNotes/2_2_3.md create mode 100644 Packs/Slack/ReleaseNotes/2_1_5.md diff --git a/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.py b/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.py index 9742c2ed991c..6c137bc91a2b 100644 --- a/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.py +++ b/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.py @@ -122,6 +122,66 @@ def get_okta_fields(self): return okta_fields + def http_request(self, method, url_suffix, full_url=None, params=None, data=None, headers=None): + if headers is None: + headers = self._headers + full_url = full_url if full_url else urljoin(self._base_url, url_suffix) + + res = requests.request( + method, + full_url, + verify=self._verify, + headers=headers, + params=params, + json=data + ) + return res + + def search_group(self, group_name): + uri = 'groups' + query_params = { + 'q': encode_string_results(group_name) + } + return self.http_request( + method="GET", + url_suffix=uri, + params=query_params + ) + + def get_group_by_id(self, group_id): + uri = f'groups/{group_id}' + return self.http_request( + method='GET', + url_suffix=uri + ) + + def get_group_members(self, group_id): + uri = f'groups/{group_id}/users' + return self.get_paged_results(uri) + + def get_paged_results(self, uri, query_param=None): + response = self.http_request( + method="GET", + url_suffix=uri, + params=query_param + ) + paged_results = response.json() + if response.status_code != 200: + raise Exception( + f'Error occurred while calling Okta API: {response.request.url}. Response: {response.json()}') + while "next" in response.links and len(response.json()) > 0: + next_page = response.links.get("next").get("url") + response = self._http_request( + method="GET", + full_url=next_page, + url_suffix='' + ) + if response.status_code != 200: + raise Exception( + f'Error occurred while calling Okta API: {response.request.url}. Response: {response.json()}') + paged_results += response.json() + return paged_results + def get_app_user_assignment(self, application_id, user_id): uri = f'/apps/{application_id}/users/{user_id}' res = self._http_request( @@ -652,6 +712,151 @@ def fetch_incidents(client, last_run, first_fetch_str, fetch_limit, query_filter return incidents[:fetch_limit], next_run +class OutputContext: + """ + Class to build a generic output and context. + """ + + def __init__(self, success=None, active=None, id=None, username=None, email=None, errorCode=None, + errorMessage=None, details=None, displayName=None, members=None): + self.instanceName = demisto.callingContext['context']['IntegrationInstance'] + self.brand = demisto.callingContext['context']['IntegrationBrand'] + self.command = demisto.command().replace('-', '_').title().replace('_', '') + self.success = success + self.active = active + self.id = id + self.username = username + self.email = email + self.errorCode = errorCode + self.errorMessage = errorMessage + self.details = details + self.displayName = displayName # Used in group + self.members = members # Used in group + self.data = { + "brand": self.brand, + "instanceName": self.instanceName, + "success": success, + "active": active, + "id": id, + "username": username, + "email": email, + "errorCode": errorCode, + "errorMessage": errorMessage, + "details": details, + "displayName": displayName, + "members": members + } + # Remoove empty values + self.data = { + k: v + for k, v in self.data.items() + if v is not None + } + + +def get_group_command(client, args): + scim = safe_load_json(args.get('scim')) + group_id = scim.get('id') + group_name = scim.get('displayName') + + if not (group_id or group_name): + return_error("You must supply either 'id' or 'displayName' in the scim data") + + group_search_result = None + if not group_id: + res = client.search_group(group_name) + res_json = res.json() + + if res.status_code == 200: + if len(res_json) < 1: + generic_iam_context = OutputContext(success=False, displayName=group_name, errorCode=404, + errorMessage="Group Not Found", details=res_json) + else: + group_search_result = res_json + else: + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, + errorCode=res_json.get('errorCode'), + errorMessage=res_json.get('errorSummary'), + details=res_json) + + if not group_search_result: + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Okta Get Group:', generic_iam_context.data, removeNull=True) + ) + + if group_search_result and len(group_search_result) > 1: + generic_iam_context_data_list = [] + + for group in group_search_result: + group_name = group.get('profile', {}).get('name') + generic_iam_context = OutputContext(success=True, id=group.get('id'), displayName=group_name) + generic_iam_context_data_list.append(generic_iam_context.data) + + return CommandResults( + raw_response=generic_iam_context_data_list, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context_data_list, + readable_output=tableToMarkdown('Okta Get Group:', generic_iam_context_data_list, removeNull=True) + ) + elif not group_id and isinstance(group_search_result, list): + group_id = group_search_result[0].get('id') + + res = client.get_group_by_id(group_id) + res_json = res.json() + if res.status_code == 200: + group_member_profiles = [] + include_members = args.get('includeMembers') + if include_members.lower() == 'true': + group_members = client.get_group_members(group_id) + for member in group_members: + if member.get('status') != DEPROVISIONED_STATUS: + profile = member.get('profile', {}) + group_member_profile = { + "value": member.get('id'), + "display": profile.get('login') + } + group_member_profiles.append(group_member_profile) + generic_iam_context = OutputContext(success=True, id=res_json.get('id'), + displayName=res_json.get('profile', {}).get('name'), + members=group_member_profiles) + elif res.status_code == 404: + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, errorCode=404, + errorMessage="Group Not Found", details=res_json) + else: + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, + errorCode=res_json.get('errorCode'), + errorMessage=res_json.get('errorSummary'), + details=res_json) + + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Okta Get Group:', generic_iam_context.data, removeNull=True) + ) + + +def get_logs_command(client, args): + filter = args.get('filter') + since = args.get('since') + until = args.get('until') + log_events, _ = client.get_logs(query_filter=filter, last_run_time=since, time_now=until) + + return CommandResults( + raw_response=log_events, + outputs_prefix='Okta.Logs.Events', + outputs_key_field='uuid', + outputs=log_events, + readable_output=tableToMarkdown('Okta Log Events:', log_events) + ) + + def main(): user_profile = None params = demisto.params() @@ -733,6 +938,12 @@ def main(): context = set_configuration(args) demisto.setIntegrationContext(context) + elif command == 'iam-get-group': + return_results(get_group_command(client, args)) + + elif command == 'okta-get-logs': + return_results(get_logs_command(client, args)) + elif command == 'fetch-incidents': last_run = demisto.getLastRun() context = demisto.getIntegrationContext() diff --git a/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.yml b/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.yml index 13e3562a2eab..a89b2e9dd92b 100644 --- a/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.yml +++ b/Packs/Okta/Integrations/Okta_IAM/Okta_IAM.yml @@ -424,6 +424,199 @@ script: - contextPath: Okta.Application.Status description: Status of the application. type: String + - arguments: + - default: false + description: Group SCIM Data + isArray: false + name: scim + required: true + secret: false + - auto: PREDEFINED + default: false + defaultValue: 'true' + description: 'Field to indicate if members need to be included in the response. ' + isArray: false + name: includeMembers + predefined: + - 'true' + - 'false' + required: true + secret: false + deprecated: false + description: Retrieves the group information, including its members. + execution: false + name: iam-get-group + outputs: + - contextPath: GetGroup.id + description: ID of the group. + type: String + - contextPath: GetGroup.displayName + description: The display name of the group. + type: String + - contextPath: GetGroup.members.display + description: The display name of the group member. + type: String + - contextPath: GetGroup.members.value + description: ID of the group member. + type: String + - contextPath: GetGroup.success + description: Indicates whether the command succeeded. + type: Boolean + - contextPath: GetGroup.errorCode + description: HTTP error response code. + type: Number + - contextPath: GetGroup.errorMessage + description: Reason why the API failed. + type: String + - arguments: + - default: false + description: 'Useful for performing structured queries where constraints on + LogEvent attribute values can be explicitly targeted. The following expressions + are supported for events with the filter query parameter: eventType eq " :eventType" + -Events that have a specific action; eventType target.id eq ":id" - Events + published with a specific target id; actor.id eq ":id"- Events published with + a specific actor ID. For more information about filtering, visit https://developer.okta.com/docs/api/getting_started/design_principles#filtering' + isArray: false + name: filter + required: false + secret: false + - default: false + description: 'Filters the lower time bound of the log events in the Internet + Date/Time Format profile of ISO 8601. For example: 2017-05-03T16:22:18Z.' + isArray: false + name: since + required: false + secret: false + - default: false + description: 'Filters the upper time bound of the log events in the Internet + Date/Time Format profile of ISO 8601. For example: 2017-05-03T16:22:18Z.' + isArray: false + name: until + required: false + secret: false + - auto: PREDEFINED + default: false + defaultValue: ASCENDING + description: The order of the returned events. Can be "ASCENDING" or "DESCENDING". + The default is "ASCENDING". + isArray: false + name: sortOrder + predefined: + - ASCENDING + - DESCENDING + required: false + secret: false + deprecated: false + description: Gets logs by providing optional filters. + execution: false + name: okta-get-logs + outputs: + - contextPath: Okta.Logs.Events.actor.alternateId + description: Alternative ID of the actor. + type: String + - contextPath: Okta.Logs.Events.actor.displayName + description: Display name of the actor. + type: String + - contextPath: Okta.Logs.Events.actor.id + description: ID of the actor. + type: String + - contextPath: Okta.Logs.Events.client.userAgent.rawUserAgent + description: A raw string representation of user agent, formatted according + to section 5.5.3 of HTTP/1.1 Semantics and Content. Both the browser and the + OS fields can be derived from this field. + type: String + - contextPath: Okta.Logs.Events.client.userAgent.os + description: The operating system on which the client runs. For example, Microsoft + Windows 10. + type: String + - contextPath: Okta.Logs.Events.client.userAgent.browser + description: Identifies the type of web browser, if relevant. For example, Chrome. + type: String + - contextPath: Okta.Logs.Events.client.device + description: Type of device from which the client operated. For example, Computer. + type: String + - contextPath: Okta.Logs.Events.client.id + description: For OAuth requests, the ID of the OAuth client making the request. + For SSWS token requests, the ID of the agent making the request. + type: String + - contextPath: Okta.Logs.Events.client.ipAddress + description: IP address from which the client made its request. + type: String + - contextPath: Okta.Logs.Events.client.geographicalContext.city + description: The city encompassing the area containing the geo-location coordinates, + if available. For example, Seattle, San Francisco. + type: String + - contextPath: Okta.Logs.Events.client.geographicalContext.state + description: Full name of the state or province encompassing the area containing + the geo-location coordinates. For example, Montana, Incheon. + type: String + - contextPath: Okta.Logs.Events.client.geographicalContext.country + description: Full name of the country encompassing the area containing the geo-location + coordinates. For example, France, Uganda. + type: String + - contextPath: Okta.Logs.Events.displayMessage + description: The display message for an event. + type: String + - contextPath: Okta.Logs.Events.eventType + description: Type of event that was published. + type: String + - contextPath: Okta.Logs.Events.outcome.result + description: Result of the action. Can be "SUCCESS", "FAILURE", "SKIPPED", or + "UNKNOWN". + type: String + - contextPath: Okta.Logs.Events.outcome.reason + description: Reason for the result. For example, INVALID_CREDENTIALS. + type: String + - contextPath: Okta.Logs.Events.published + description: Timestamp when the event was published. + type: String + - contextPath: Okta.Logs.Events.severity + description: The event severity. Can be "DEBUG", "INFO", "WARN", or "ERROR". + type: String + - contextPath: Okta.Logs.Events.securityContext.asNumber + description: Autonomous system number associated with the autonomous system + that the event request was sourced to. + type: Number + - contextPath: Okta.Logs.Events.securityContext.asOrg + description: Organization associated with the autonomous system that the event + request was sourced to. + type: String + - contextPath: Okta.Logs.Events.securityContext.isp + description: Internet service provider used to send the event's request. + type: String + - contextPath: Okta.Logs.Events.securityContext.domain + description: Specifies whether an event's request is from a known proxy. + type: String + - contextPath: Okta.Logs.Events.request.ipChain.IP + description: IP address. + type: String + - contextPath: Okta.Logs.Events.request.ipChain.geographicalContext.city + description: The city encompassing the area containing the geo-location coordinates, + if available. For example, Seattle, San Francisco. + type: String + - contextPath: Okta.Logs.Events.request.ipChain.geographicalContext.state + description: Full name of the state or province encompassing the area containing + the geo-location coordinates. For example, Montana, Incheon. + type: String + - contextPath: Okta.Logs.Events.request.ipChain.geographicalContext.country + description: Full name of the country encompassing the area containing the geo-location + coordinates. For example, France, Uganda. + type: String + - contextPath: Okta.Logs.Events.request.ipChain.source + description: Details regarding the source. + type: String + - contextPath: Okta.Logs.Events.target.id + description: ID of a target. + type: String + - contextPath: Okta.Logs.Events.target.type + description: Type of a target. + type: String + - contextPath: Okta.Logs.Events.target.alternateId + description: Alternative ID of a target. + type: String + - contextPath: Okta.Logs.Events.target.displayName + description: Display name of a target. + type: String dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: true diff --git a/Packs/Okta/ReleaseNotes/2_2_3.md b/Packs/Okta/ReleaseNotes/2_2_3.md new file mode 100644 index 000000000000..c65e569b45e8 --- /dev/null +++ b/Packs/Okta/ReleaseNotes/2_2_3.md @@ -0,0 +1,4 @@ +#### Integrations +##### Okta IAM +- Added the ***iam-get-group*** and ***okta-get-logs*** commands. +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Okta/pack_metadata.json b/Packs/Okta/pack_metadata.json index ab8dacea4914..df8516a5579a 100644 --- a/Packs/Okta/pack_metadata.json +++ b/Packs/Okta/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Okta", "description": "Integration with Okta's cloud-based identity management service", "support": "xsoar", - "currentVersion": "2.2.2", + "currentVersion": "2.2.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.py b/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.py index 1b5d89e19906..185d1d9fb209 100644 --- a/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.py +++ b/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.py @@ -5,7 +5,12 @@ # Disable insecure warnings requests.packages.urllib3.disable_warnings() -'''CLIENT CLASS''' +''' GLOBALS ''' +INPUT_SCIM_EXTENSION_KEY = "urn:scim:schemas:extension:custom:1.0:user" +SLACK_SCIM_EXTENSION_KEY = "urn:scim:schemas:extension:enterprise:1.0" +SLACK_SCIM_CORE_SCHEMA_KEY = "urn:scim:schemas:core:1.0" + +'''CLIENT CLASSES''' class Client(BaseClient): @@ -115,6 +120,93 @@ def handle_exception(user_profile, e, action): demisto.error(traceback.format_exc()) +class GroupClient(BaseClient): + """ + GroupClient will implement the service API, and should not contain any Demisto logic. + Should only do requests and return data. + """ + def __init__(self, base_url, verify=True, proxy=False, headers=None): + super().__init__(base_url=base_url, verify=verify, headers=headers, proxy=proxy) + + def http_request(self, method, url_suffix, params=None, data=None, headers=None): + if headers is None: + headers = self._headers + full_url = self._base_url + url_suffix + res = requests.request( + method, + full_url, + verify=self._verify, + headers=headers, + params=params, + json=data + ) + + return res + + def get_group_by_id(self, group_id): + uri = f'/Groups/{group_id}' + return self.http_request( + method="GET", + url_suffix=uri + ) + + def search_group(self, group_name): + uri = '/Groups' + query_params = { + 'filter': f'displayName eq "{group_name}"' + } + return self.http_request( + method="GET", + url_suffix=uri, + params=query_params + ) + + def create_group(self, data): + uri = '/Groups' + return self.http_request( + method="POST", + url_suffix=uri, + data=data + ) + + def update_group(self, group_id, data): + uri = f'/Groups/{group_id}' + return self.http_request( + method="PATCH", + url_suffix=uri, + data=data + ) + + def delete_group(self, group_id): + uri = f'/Groups/{group_id}' + return self.http_request( + method="DELETE", + url_suffix=uri + ) + + def build_slack_user_profile(self, args, scim, custom_mapping): + if args.get('customMapping'): + custom_mapping = json.loads(args.get('customMapping')) + elif custom_mapping: + custom_mapping = json.loads(custom_mapping) + + extension_schema = scim.get(INPUT_SCIM_EXTENSION_KEY, {}) + + if extension_schema: + if custom_mapping: + new_extension_schema = {} + for key, value in custom_mapping.items(): + # key is the attribute name in input scim. value is the attribute name of slack profile + new_extension_schema[value] = extension_schema.get(key) + scim[SLACK_SCIM_EXTENSION_KEY] = new_extension_schema + else: + scim[SLACK_SCIM_EXTENSION_KEY] = extension_schema + + scim['schemas'] = [SLACK_SCIM_CORE_SCHEMA_KEY, SLACK_SCIM_EXTENSION_KEY] + + return scim + + '''COMMAND FUNCTIONS''' @@ -138,6 +230,236 @@ def get_mapping_fields(client: Client) -> GetMappingFieldsResponse: return GetMappingFieldsResponse([incident_type_scheme]) +class OutputContext: + """ + Class to build a generic output and context. + """ + def __init__(self, success=None, active=None, id=None, username=None, email=None, errorCode=None, + errorMessage=None, details=None, displayName=None, members=None): + self.instanceName = demisto.callingContext['context']['IntegrationInstance'] + self.brand = demisto.callingContext['context']['IntegrationBrand'] + self.command = demisto.command().replace('-', '_').title().replace('_', '') + self.success = success + self.active = active + self.id = id + self.username = username + self.email = email + self.errorCode = errorCode + self.errorMessage = errorMessage + self.details = details + self.displayName = displayName # Used in group + self.members = members # Used in group + self.data = { + "brand": self.brand, + "instanceName": self.instanceName, + "success": success, + "active": active, + "id": id, + "username": username, + "email": email, + "errorCode": errorCode, + "errorMessage": errorMessage, + "details": details, + "displayName": displayName, + "members": members + } + # Remoove empty values + self.data = { + k: v + for k, v in self.data.items() + if v is not None + } + + +def get_group_id_by_name(client, group_name): + res = client.search_group(group_name) + + if res.get('totalResults') >= 1: + return res['Resources'][0].get('id') + return None + + +def get_group_command(client, args): + scim = safe_load_json(args.get('scim')) + + group_id = scim.get('id') + group_name = scim.get('displayName') + + if not (group_id or group_name): + return_error("You must supply either 'id' or 'displayName' in the scim data") + if not group_id: + res = client.search_group(group_name) + res_json = res.json() + + if res.status_code == 200: + if res_json.get('totalResults') < 1: + generic_iam_context = OutputContext(success=False, displayName=group_name, errorCode=404, + errorMessage="Group Not Found", details=res_json) + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Slack Get Group:', generic_iam_context.data, removeNull=True) + ) + else: + group_id = res_json['Resources'][0].get('id') + else: + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, + errorCode=res_json['Errors']['code'], + errorMessage=res_json['Errors']['description'], details=res_json) + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Slack Get Group:', generic_iam_context.data, removeNull=True) + ) + res = client.get_group_by_id(group_id) + res_json = res.json() + + if res.status_code == 200: + include_members = args.get('includeMembers') + if include_members.lower() == 'false' and 'members' in res_json: + del res_json['members'] + generic_iam_context = OutputContext(success=True, id=res_json.get('id'), + displayName=res_json.get('displayName'), + members=res_json.get('members')) + elif res.status_code == 404: + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, errorCode=404, + errorMessage="Group Not Found", details=res_json) + else: + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, + errorCode=res_json['Errors']['code'], + errorMessage=res_json['Errors']['description'], details=res_json) + + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Slack Get Group:', generic_iam_context.data, removeNull=True) + ) + + +def delete_group_command(client, args): + scim = safe_load_json(args.get('scim')) + group_id = scim.get('id') + group_name = scim.get('displayName') + + if not group_id: + group_id = get_group_id_by_name(client, group_name) + if not group_id: + return_error("You must supply 'id' in the scim data") + + res = client.delete_group(group_id) + + if res.status_code == 204: + generic_iam_context = OutputContext(success=True, id=group_id, displayName=group_name) + elif res.status_code == 404: + generic_iam_context = OutputContext(success=False, id=group_id, displayName=group_name, errorCode=404, + errorMessage="Group Not Found", details=res.json()) + else: + res_json = res.json() + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, + errorCode=res_json['Errors']['code'], + errorMessage=res_json['Errors']['description'], details=res_json) + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Slack Delete Group:', generic_iam_context.data, removeNull=True) + ) + + +def create_group_command(client, args): + scim = safe_load_json(args.get('scim')) + group_name = scim.get('displayName') + + if not group_name: + return_error("You must supply 'displayName' of the group in the scim data") + + group_data = {'schemas': [SLACK_SCIM_CORE_SCHEMA_KEY], 'displayName': group_name} + res = client.create_group(group_data) + res_json = res.json() + + if res.status_code == 201: + generic_iam_context = OutputContext(success=True, id=res_json.get('id'), + displayName=res_json.get('displayName')) + else: + res_json = res.json() + generic_iam_context = OutputContext(success=False, displayName=group_name, + errorCode=res_json['Errors']['code'], + errorMessage=res_json['Errors']['description'], details=res_json) + + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Slack Create Group:', generic_iam_context.data, removeNull=True) + ) + + +def update_group_command(client, args): + scim = safe_load_json(args.get('scim')) + + group_id = scim.get('id') + group_name = scim.get('displayName') + + if not group_id: + group_id = get_group_id_by_name(client, group_name) + if not group_id: + return_error("You must supply 'id' in the scim data") + + member_ids_to_add = args.get('memberIdsToAdd') + member_ids_to_delete = args.get('memberIdsToDelete') + + member_ids_json_list = [] + if member_ids_to_add: + if type(member_ids_to_add) is not list: + member_ids_to_add = json.loads(member_ids_to_add) + for member_id in member_ids_to_add: + member_ids_json_list.append( + { + "value": member_id + } + ) + if member_ids_to_delete: + if type(member_ids_to_delete) is not list: + member_ids_to_delete = json.loads(member_ids_to_delete) + for member_id in member_ids_to_delete: + member_ids_json_list.append( + { + "value": member_id, + "operation": "delete" + } + ) + + group_input = {'schemas': [SLACK_SCIM_CORE_SCHEMA_KEY], 'members': member_ids_json_list} + + res = client.update_group(group_id, group_input) + + if res.status_code == 204: + generic_iam_context = OutputContext(success=True, id=group_id, displayName=group_name) + elif res.status_code == 404: + generic_iam_context = OutputContext(success=False, id=group_id, displayName=group_name, errorCode=404, + errorMessage="Group Not Found", details=res.json()) + else: + res_json = res.json() + generic_iam_context = OutputContext(success=False, displayName=group_name, id=group_id, + errorCode=res_json['Errors']['code'], + errorMessage=res_json['Errors']['description'], details=res_json) + return CommandResults( + raw_response=generic_iam_context.data, + outputs_prefix=generic_iam_context.command, + outputs_key_field='id', + outputs=generic_iam_context.data, + readable_output=tableToMarkdown('Slack Update Group:', generic_iam_context.data, removeNull=True) + ) + + def main(): user_profile = None params = demisto.params() @@ -159,6 +481,7 @@ def main(): iam_command = IAMCommand(is_create_enabled, is_enable_enabled, is_disable_enabled, is_update_enabled, create_if_not_exists, mapper_in, mapper_out) + base_url = 'https://api.slack.com/scim/v1/' headers = { 'Content-Type': 'application/json', 'Accept': 'application/json', @@ -166,11 +489,18 @@ def main(): } client = Client( - base_url='https://api.slack.com/scim/v1/', + base_url=base_url, + verify=verify_certificate, + proxy=proxy, + headers=headers, + ok_codes=(200, 201), + ) + + group_client = GroupClient( + base_url=base_url, verify=verify_certificate, proxy=proxy, headers=headers, - ok_codes=(200, 201) ) demisto.debug(f'Command being called is {command}') @@ -202,6 +532,18 @@ def main(): # For any other integration command exception, return an error return_error(f'Failed to execute {command} command. Traceback: {traceback.format_exc()}') + if command == 'iam-get-group': + return_results(get_group_command(group_client, args)) + + elif command == 'iam-create-group': + return_results(create_group_command(group_client, args)) + + elif command == 'iam-update-group': + return_results(update_group_command(group_client, args)) + + elif command == 'iam-delete-group': + return_results(delete_group_command(group_client, args)) + from IAMApiModule import * # noqa: E402 diff --git a/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.yml b/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.yml index 2c8dbc354840..952ec6266fc3 100644 --- a/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.yml +++ b/Packs/Slack/Integrations/Slack_IAM/Slack_IAM.yml @@ -260,7 +260,148 @@ script: within the application. Used for outgoing-mapping through the Get Schema option. execution: false name: get-mapping-fields - dockerimage: demisto/python3:3.9.5.21272 + - arguments: + - default: false + description: Group SCIM data with displayName + isArray: false + name: scim + required: true + secret: false + deprecated: false + description: Creates an empty group + execution: false + name: iam-create-group + outputs: + - contextPath: CreateGroup.id + description: ID of the group. + type: String + - contextPath: CreateGroup.displayName + description: The display name of the group. + type: String + - contextPath: CreateGroup.success + description: Indicates whether the command succeeded. + type: Boolean + - contextPath: CreateGroup.errorCode + description: HTTP error response code. + type: Number + - contextPath: CreateGroup.errorMessage + description: Reason why the API failed. + type: String + - arguments: + - default: false + description: Group SCIM Data + isArray: false + name: scim + required: true + secret: false + - auto: PREDEFINED + default: false + defaultValue: 'false' + description: Wheather to include group's members. + isArray: false + name: includeMembers + predefined: + - 'true' + - 'false' + required: false + secret: false + deprecated: false + description: Retrieves the group information including members + execution: false + name: iam-get-group + outputs: + - contextPath: GetGroup.id + description: ID of the group. + type: String + - contextPath: GetGroup.displayName + description: The display name of the group. + type: String + - contextPath: GetGroup.members.display + description: The display name of the group member. + type: String + - contextPath: GetGroup.members.value + description: ID of the group member. + type: String + - contextPath: GetGroup.success + description: Indicates whether the command succeeded. + type: Boolean + - contextPath: GetGroup.errorCode + description: HTTP error response code. + type: Number + - contextPath: GetGroup.errorMessage + description: Reason why the API failed. + type: String + - arguments: + - default: false + description: Group SCIM with id in it + isArray: false + name: scim + required: true + secret: false + deprecated: false + description: Permanently removes a group. + execution: false + name: iam-delete-group + outputs: + - contextPath: DeleteGroup.id + description: ID of the group. + type: String + - contextPath: DeleteGroup.displayName + description: The display name of the group. + type: String + - contextPath: DeleteGroup.success + description: Indicates whether the command succeeded. + type: Boolean + - contextPath: DeleteGroup.errorCode + description: HTTP error response code. + type: Number + - contextPath: DeleteGroup.errorMessage + description: Reason why the API failed. + type: String + - arguments: + - default: false + description: Group SCIM data + isArray: false + name: scim + required: true + secret: false + - default: false + description: List of members ids to add. A maximum of 15,000 users per call + can be modified using this command + isArray: true + name: memberIdsToAdd + required: false + secret: false + - default: false + description: List of members ids to be deleted from the group. A maximum of + 15,000 users per call can be modified using this command + isArray: true + name: memberIdsToDelete + required: false + secret: false + deprecated: false + description: Updates an existing group resource. This command allows individual + (or groups of) users to be added or removed from the group with a single operation. + A max of 15,000 users can be modified in 1 call + execution: false + name: iam-update-group + outputs: + - contextPath: UpdateGroup.id + description: ID of the group. + type: String + - contextPath: UpdateGroup.displayName + description: The display name of the group. + type: String + - contextPath: UpdateGroup.success + description: Indicates whether the command succeeded. + type: Boolean + - contextPath: UpdateGroup.errorCode + description: HTTP error response code. + type: Number + - contextPath: UpdateGroup.errorMessage + description: Reason why the API failed. + type: String + dockerimage: demisto/python3:3.9.6.22912 feed: false isfetch: false longRunning: false diff --git a/Packs/Slack/ReleaseNotes/2_1_5.md b/Packs/Slack/ReleaseNotes/2_1_5.md new file mode 100644 index 000000000000..8d718e587c26 --- /dev/null +++ b/Packs/Slack/ReleaseNotes/2_1_5.md @@ -0,0 +1,4 @@ +#### Integrations +##### Slack IAM +- Added the ***iam-get-group***, ***iam-create-group***, ***iam-update-group*** and ***iam-delete-group*** commands. +- Updated the Docker image to: *demisto/python3:3.9.1.15759*. diff --git a/Packs/Slack/pack_metadata.json b/Packs/Slack/pack_metadata.json index 68f692ff43f8..2233c03fae0e 100644 --- a/Packs/Slack/pack_metadata.json +++ b/Packs/Slack/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Slack", "description": "Send messages and notifications to your Slack team.", "support": "xsoar", - "currentVersion": "2.1.4", + "currentVersion": "2.1.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 5fc36fc36f62c3297afcbe486d1f747722de9e31 Mon Sep 17 00:00:00 2001 From: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Date: Sun, 29 Aug 2021 23:35:02 +0300 Subject: [PATCH 066/173] fixing dups and typos (#14578) --- Tests/Marketplace/marketplace_constants.py | 2 +- Tests/Marketplace/marketplace_services.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Tests/Marketplace/marketplace_constants.py b/Tests/Marketplace/marketplace_constants.py index 02de954056a0..6a7334ce7d40 100644 --- a/Tests/Marketplace/marketplace_constants.py +++ b/Tests/Marketplace/marketplace_constants.py @@ -170,7 +170,7 @@ def json_supported_folders(cls): PackFolders.LAYOUTS.value, PackFolders.INDICATOR_TYPES.value, PackFolders.REPORTS.value, PackFolders.WIDGETS.value, PackFolders.GENERIC_DEFINITIONS.value, PackFolders.GENERIC_FIELDS.value, PackFolders.GENERIC_MODULES.value, PackFolders.GENERIC_TYPES.value, PackFolders.LISTS.value, - PackFolders.GENERIC_MODULES.value, PackFolders.GENERIC_TYPES.value, PackFolders.PREPROCESS_RULES.value + PackFolders.PREPROCESS_RULES.value } diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index 8365d034b1ea..53736c9c5f24 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -1478,7 +1478,7 @@ def collect_content_items(self): PackFolders.GENERIC_MODULES.value: "GenericModules", PackFolders.GENERIC_TYPES.value: "GenericTypes", PackFolders.LISTS.value: "list", - PackFolders.PREPROCESSING_RULE.value: "preprocessrule", + PackFolders.PREPROCESS_RULES.value: "preprocessrule", } for root, pack_dirs, pack_files_names in os.walk(self._pack_path, topdown=False): From 223d9eb58010caffbfa3d103ddf787cd972c405a Mon Sep 17 00:00:00 2001 From: Guy Freund <53565845+guyfreund@users.noreply.github.com> Date: Mon, 30 Aug 2021 08:50:57 +0300 Subject: [PATCH 067/173] fix upload-flow bug in collect_content_items (#14579) --- Tests/Marketplace/marketplace_services.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index 53736c9c5f24..1a785a300a38 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -1659,7 +1659,7 @@ def collect_content_items(self): logging.exception(f"Failed collecting content items in {self._pack_name} pack") finally: self._content_items = content_items_result - return task_status, content_items_result + return task_status def load_user_metadata(self): """ Loads user defined metadata and stores part of it's data in defined properties fields. From 1022ecbb81e514ff65b6c0392111e7c59ac39cf9 Mon Sep 17 00:00:00 2001 From: Guy Lichtman <1395797+glicht@users.noreply.github.com> Date: Mon, 30 Aug 2021 11:08:38 +0300 Subject: [PATCH 068/173] qradar: fix aql link (#13902) Co-authored-by: glicht --- Packs/QRadar/Integrations/QRadar_v2/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/QRadar/Integrations/QRadar_v2/README.md b/Packs/QRadar/Integrations/QRadar_v2/README.md index d38c5b5c0f74..c8449138b8e2 100644 --- a/Packs/QRadar/Integrations/QRadar_v2/README.md +++ b/Packs/QRadar/Integrations/QRadar_v2/README.md @@ -280,7 +280,7 @@ Searches in QRadar using AQL. It is highly recommended to use the playbook 'QRad | **Argument Name** | **Description** | **Required** | | --- | --- | --- | -| query_expression | The query expressions in AQL (for more information about Ariel Query Language please review "https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.0/com.ibm.qradar.doc/c_aql_intro.html") | Required | +| query_expression | The query expressions in AQL (for more information about Ariel Query Language please review: https://www.ibm.com/docs/en/qsip/7.3.2?topic=qradar-ariel-query-language-aql ) | Required | | headers | Table headers to use the human readable output (if none provided, will show all table headers) | Optional | From b061d99782548a0b10ffaefe81e40179aace010a Mon Sep 17 00:00:00 2001 From: tomneeman151293 <70005542+tomneeman151293@users.noreply.github.com> Date: Mon, 30 Aug 2021 13:18:29 +0300 Subject: [PATCH 069/173] ran update conf script to generate full conf. Deleted from build call to script (#14583) --- .circleci/config.yml | 11 +- .gitlab/ci/global.yml | 5 +- .gitlab/ci/on-push.yml | 1 - .gitlab/ci/sdk-nightly.yml | 1 - Tests/conf.json | 986 +++++++++++++++++++++++++++++- Tests/scripts/update_conf_json.py | 144 ----- 6 files changed, 984 insertions(+), 164 deletions(-) delete mode 100644 Tests/scripts/update_conf_json.py diff --git a/.circleci/config.yml b/.circleci/config.yml index 59a92554e096..1b54219b2d1d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -499,12 +499,11 @@ references: command: | python3 ./Tests/Marketplace/packs_dependencies.py -i ./Tests/id_set.json -o $CIRCLE_ARTIFACTS/packs_dependencies.json - update_tests_step: &update_tests_step + copy_tests_to_circle_artifact: ©_tests_to_circle_artifact run: - name: Update Tests step + name: Copy Tests To Artifact Folder when: always command: | - python3 ./Tests/scripts/update_conf_json.py cp "./Tests/conf.json" "$CIRCLE_ARTIFACTS/conf.json" get_contribution_pack: &get_contribution_pack @@ -745,7 +744,7 @@ jobs: - *secrets - *create_id_set - *merge_public_and_private_id_sets - - *update_tests_step + - *copy_tests_to_circle_artifact - *validate_files_and_yaml - run: name: Spell Checks @@ -827,7 +826,7 @@ jobs: - *build_content_descriptor - *common_server_documentation - *create_artifact - - *update_tests_step + - *copy_tests_to_circle_artifact - *download_configuration - when: # If this is an ami run - No need to download server artifacts @@ -1309,7 +1308,7 @@ jobs: - *restore_cache - *prepare_environment - *secrets - - *update_tests_step + - *copy_tests_to_circle_artifact - *create_id_set - *merge_public_and_private_id_sets - *validate_files_and_yaml diff --git a/.gitlab/ci/global.yml b/.gitlab/ci/global.yml index 50f0a9478b0c..b232062a2175 100644 --- a/.gitlab/ci/global.yml +++ b/.gitlab/ci/global.yml @@ -216,10 +216,9 @@ echo "successfully merged public and private ID sets" fi - section_end "Merge public and private id sets" - - section_start "Update Tests" - - python3 ./Tests/scripts/update_conf_json.py + - section_start "Copy Tests To Artifact Folder" - cp "./Tests/conf.json" "$ARTIFACTS_FOLDER/conf.json" - - section_end "Update Tests" + - section_end "Copy Tests To Artifact Folder" - section_start "Validate Files and Yaml" - | if [[ -n $FORCE_BUCKET_UPLOAD || -n $BUCKET_UPLOAD ]] && [[ "$(echo "$GCS_MARKET_BUCKET" | tr '[:upper:]' '[:lower:]')" != "marketplace-dist" ]] && [[ $CI_COMMIT_BRANCH != "master" ]]; then diff --git a/.gitlab/ci/on-push.yml b/.gitlab/ci/on-push.yml index 8f8580701073..2a0c72a5730f 100644 --- a/.gitlab/ci/on-push.yml +++ b/.gitlab/ci/on-push.yml @@ -67,7 +67,6 @@ create-instances: - python3 Utils/merge_content_new_zip.py -f $FEATURE_BRANCH_NAME -b $successful_feature_branch_build - zip -j $ARTIFACTS_FOLDER/uploadable_packs.zip $ARTIFACTS_FOLDER/uploadable_packs/* >> $ARTIFACTS_FOLDER/logs/zipping_uploadable_packs.log || ((($? > 0)) && echo "failed to zip the uploadable packs, ignoring the failure") - rm -rf $ARTIFACTS_FOLDER/uploadable_packs - - python3 ./Tests/scripts/update_conf_json.py - cp "./Tests/conf.json" "$ARTIFACTS_FOLDER/conf.json" - section_end "Create Content Artifacts and Update Conf" - section_start "Collect Tests and Content Packs" diff --git a/.gitlab/ci/sdk-nightly.yml b/.gitlab/ci/sdk-nightly.yml index 00dd794d3f4d..729c44ec7325 100644 --- a/.gitlab/ci/sdk-nightly.yml +++ b/.gitlab/ci/sdk-nightly.yml @@ -51,7 +51,6 @@ demisto_sdk_nightly:check_idset_dependent_commands: - demisto-sdk secrets --post-commit --ignore-entropy - section_end "Secrets Detection" - section_start "Update Conf" --collapsed - - python3 ./Tests/scripts/update_conf_json.py >> $ARTIFACTS_FOLDER/logs/update_conf_json.log 2>&1 - cp ./Tests/conf.json $ARTIFACTS_FOLDER - section_end "Update Conf" - !reference [.create-id-set] diff --git a/Tests/conf.json b/Tests/conf.json index 2fde23a8c782..e3889a89f937 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -1,4 +1,3 @@ - { "testTimeout": 160, "testInterval": 20, @@ -3514,7 +3513,10 @@ "integrations": "AzureWAF" }, { - "integrations": ["AutoFocus Daily Feed", "Demisto REST API"], + "integrations": [ + "AutoFocus Daily Feed", + "Demisto REST API" + ], "playbookID": "Fetch Indicators Test", "fromversion": "6.0.0", "is_mockable": false, @@ -3529,12 +3531,983 @@ "playbookID": "SOCRadarThreatFusion-Test" }, { - "integrations": ["ServiceNow v2", "Demisto REST API"], + "integrations": [ + "ServiceNow v2", + "Demisto REST API" + ], "playbookID": "Fetch Incidents Test", "instance_names": "snow_basic_auth", "fromversion": "6.0.0", "is_mockable": false, "timeout": 2400 + }, + { + "playbookID": "SolarWinds-Test", + "fromversion": "5.5.0", + "integrations": [ + "SolarWinds" + ] + }, + { + "playbookID": "BastilleNetworks-Test", + "fromversion": "5.0.0", + "integrations": [ + "Bastille Networks" + ] + }, + { + "playbookID": "bc993d1a-98f5-4554-8075-68a38004c119", + "fromversion": "5.0.0", + "integrations": [ + "Gamma" + ] + }, + { + "playbookID": "Service Desk Plus (On-Premise) Test", + "fromversion": "5.0.0", + "integrations": [ + "ServiceDeskPlus (On-Premise)" + ] + }, + { + "playbookID": "IronDefense Test", + "fromversion": "5.0.0", + "integrations": [ + "IronDefense" + ] + }, + { + "playbookID": "AgariPhishingDefense-Test", + "fromversion": "5.0.0", + "integrations": [ + "Agari Phishing Defense" + ] + }, + { + "playbookID": "SecurityIntelligenceServicesFeed - Test", + "fromversion": "5.5.0", + "integrations": [ + "SecurityIntelligenceServicesFeed" + ] + }, + { + "playbookID": "FeedTalosTestPlaybook", + "fromversion": "5.5.0", + "integrations": [ + "Talos Feed" + ] + }, + { + "playbookID": "Netscout Arbor Sightline - Test Playbook", + "fromversion": "5.5.0", + "integrations": [ + "NetscoutArborSightline" + ] + }, + { + "playbookID": "test_MsGraphFiles", + "fromversion": "5.0.0", + "integrations": [ + "Microsoft_Graph_Files" + ] + }, + { + "playbookID": "AlphaVantage Test Playbook", + "fromversion": "6.0.0", + "integrations": [ + "AlphaVantage" + ] + }, + { + "playbookID": "Azure SQL - Test", + "fromversion": "5.0.0", + "integrations": [ + "Azure SQL Management" + ] + }, + { + "playbookID": "Sophos Central Test", + "fromversion": "5.0.0", + "integrations": [ + "Sophos Central" + ] + }, + { + "playbookID": "Microsoft Graph Groups - Test", + "fromversion": "5.0.0", + "integrations": [ + "Microsoft Graph Groups" + ] + }, + { + "playbookID": "Humio-Test", + "fromversion": "5.0.0", + "integrations": [ + "Humio" + ] + }, + { + "playbookID": "Blueliv_ThreatContext_test", + "fromversion": "5.0.0", + "integrations": [ + "Blueliv ThreatContext" + ] + }, + { + "playbookID": "Darktrace Test Playbook", + "fromversion": "6.0.0", + "integrations": [ + "Darktrace" + ] + }, + { + "playbookID": "Recorded Future Test Playbook", + "fromversion": "5.0.0", + "integrations": [ + "Recorded Future v2" + ] + }, + { + "playbookID": "get_file_sample_by_hash_-_cylance_protect_-_test", + "fromversion": "5.0.0", + "integrations": [ + "Cylance Protect v2" + ] + }, + { + "playbookID": "EDL Indicator Performance Test", + "fromversion": "6.0.0" + }, + { + "playbookID": "EDL Performance Test - Concurrency", + "fromversion": "6.0.0" + }, + { + "playbookID": "Venafi - Test", + "fromversion": "5.0.0", + "integrations": [ + "Venafi" + ] + }, + { + "playbookID": "3da36d51-3cdf-4120-882a-cee03b038b89", + "fromversion": "5.0.0", + "integrations": [ + "FortiManager" + ] + }, + { + "playbookID": "X509Certificate Test Playbook", + "fromversion": "6.0.0" + }, + { + "playbookID": "Pcysys-Test", + "fromversion": "5.0.0", + "integrations": [ + "Pentera" + ] + }, + { + "playbookID": "Pentera Run Scan and Create Incidents - Test", + "fromversion": "5.0.0", + "integrations": [ + "Pentera" + ] + }, + { + "playbookID": "Google Chronicle Backstory List Detections - Test", + "fromversion": "5.0.0", + "integrations": [ + "Google Chronicle Backstory" + ] + }, + { + "playbookID": "Google Chronicle Backstory List Rules - Test", + "fromversion": "5.0.0", + "integrations": [ + "Google Chronicle Backstory" + ] + }, + { + "playbookID": "McAfee ESM v2 - Test", + "fromversion": "5.0.0", + "integrations": [ + "McAfee ESM v2" + ] + }, + { + "playbookID": "McAfee ESM Watchlists - Test", + "fromversion": "5.0.0", + "integrations": [ + "McAfee ESM v2" + ] + }, + { + "playbookID": "Acalvio Sample Playbook", + "fromversion": "5.0.0", + "integrations": [ + "Acalvio ShadowPlex" + ] + }, + { + "playbookID": "playbook-SophosXGFirewall-test", + "fromversion": "5.0.0", + "integrations": [ + "sophos_firewall" + ] + }, + { + "playbookID": "CircleCI-Test", + "fromversion": "5.5.0", + "integrations": [ + "CircleCI" + ] + }, + { + "playbookID": "XMCyberIntegration-Test", + "fromversion": "6.0.0", + "integrations": [ + "XMCyber" + ] + }, + { + "playbookID": "a60ae34e-7a00-4a06-81ca-2ca6ea1d58ba", + "fromversion": "6.0.0", + "integrations": [ + "AnsibleAlibabaCloud" + ] + }, + { + "playbookID": "Carbon Black Enterprise EDR Process Search Test", + "fromversion": "5.0.0", + "integrations": [ + "Carbon Black Enterprise EDR" + ] + }, + { + "playbookID": "Logzio - Test", + "fromversion": "5.0.0", + "integrations": [ + "Logz.io" + ] + }, + { + "playbookID": "PAN-OS Create Or Edit Rule Test", + "fromversion": "6.1.0", + "integrations": [ + "Panorama" + ] + }, + { + "playbookID": "GoogleCloudSCC-Test", + "fromversion": "5.0.0", + "integrations": [ + "GoogleCloudSCC" + ] + }, + { + "playbookID": "SailPointIdentityNow-Test", + "fromversion": "6.0.0", + "integrations": [ + "SailPointIdentityNow" + ] + }, + { + "playbookID": "playbook-Cyberint_Test", + "fromversion": "5.0.0", + "integrations": [ + "cyberint" + ] + }, + { + "playbookID": "Druva-Test", + "fromversion": "5.0.0", + "integrations": [ + "Druva Ransomware Response" + ] + }, + { + "playbookID": "LogPoint SIEM Integration - Test Playbook 3", + "fromversion": "6.0.0", + "integrations": [ + "LogPoint SIEM Integration" + ] + }, + { + "playbookID": "TestGraPlayBook", + "fromversion": "5.0.0", + "integrations": [ + "Gurucul-GRA" + ] + }, + { + "playbookID": "TestGreatHornPlaybook", + "fromversion": "6.0.0", + "integrations": [ + "GreatHorn" + ] + }, + { + "playbookID": "Microsoft Defender Advanced Threat Protection - Test", + "fromversion": "5.0.0", + "integrations": [ + "Microsoft Defender Advanced Threat Protection" + ] + }, + { + "playbookID": "Polygon-Test", + "fromversion": "5.0.0", + "integrations": [ + "Group-IB TDS Polygon" + ] + }, + { + "playbookID": "TrustwaveSEG-Test", + "fromversion": "5.0.0", + "integrations": [ + "trustwave secure email gateway" + ] + }, + { + "playbookID": "MicrosoftGraphMail-Test", + "fromversion": "5.0.0", + "integrations": [ + "MicrosoftGraphMail" + ] + }, + { + "playbookID": "PassiveTotal_v2-Test", + "fromversion": "5.0.0", + "integrations": [ + "PassiveTotal v2", + "PassiveTotal" + ] + }, + { + "playbookID": "02ea5cef-3169-4b17-8f4d-604b44e6348a", + "fromversion": "5.0.0", + "integrations": [ + "Cognni" + ] + }, + { + "playbookID": "playbook-InsightIDR-test", + "fromversion": "5.0.0", + "integrations": [ + "Rapid7 InsightIDR" + ] + }, + { + "playbookID": "Cofense Intelligence v2 test", + "fromversion": "5.5.0", + "integrations": [ + "CofenseIntelligenceV2" + ] + }, + { + "playbookID": "opsgenie-test-playbook", + "fromversion": "6.0.0", + "integrations": [ + "Opsgeniev2" + ] + }, + { + "playbookID": "FraudWatch-Test", + "fromversion": "5.0.0", + "integrations": [ + "FraudWatch" + ] + }, + { + "playbookID": "SepioPrimeAPI-Test", + "fromversion": "5.0.0", + "integrations": [ + "Sepio" + ] + }, + { + "playbookID": "test playbook - QRadarCorrelations", + "fromversion": "6.0.0", + "integrations": [ + "QRadar_v2", + "QRadar v3", + "QRadar" + ] + }, + { + "playbookID": "SX - PC - Test Playbook", + "fromversion": "5.5.0", + "integrations": [ + "PingCastle" + ] + }, + { + "playbookID": "JARM-Test", + "fromversion": "5.0.0", + "integrations": [ + "JARM" + ] + }, + { + "playbookID": "Playbook-HYASInsight-Test", + "fromversion": "6.0.0", + "integrations": [ + "HYAS Insight" + ] + }, + { + "playbookID": "ConcentricAI Demo Playbook", + "fromversion": "6.0.0", + "integrations": [ + "ConcentricAI" + ] + }, + { + "playbookID": "Cyberpion-Test", + "fromversion": "6.0.0", + "integrations": [ + "Cyberpion" + ] + }, + { + "playbookID": "CrowdStrike OpenAPI - Test", + "fromversion": "6.0.0", + "integrations": [ + "CrowdStrike OpenAPI" + ] + }, + { + "playbookID": "Smokescreen IllusionBLACK-Test", + "fromversion": "5.0.0", + "integrations": [ + "Smokescreen IllusionBLACK" + ] + }, + { + "playbookID": "TestCymptomPlaybook", + "fromversion": "5.0.0", + "integrations": [ + "Cymptom" + ] + }, + { + "playbookID": "GitLab-test-playbook", + "fromversion": "6.0.0", + "integrations": [ + "GitLab", + "LGTM", + "MinIO", + "Docker Engine API" + ] + }, + { + "playbookID": "LGTM-test-playbook", + "fromversion": "6.0.0", + "integrations": [ + "GitLab", + "LGTM", + "MinIO", + "Docker Engine API" + ] + }, + { + "playbookID": "playbook-MinIO-Test", + "fromversion": "6.0.0", + "integrations": [ + "GitLab", + "LGTM", + "MinIO", + "Docker Engine API" + ] + }, + { + "playbookID": "MSGraph_DeviceManagement_Test", + "fromversion": "5.0.0", + "integrations": [ + "Microsoft Graph Device Management" + ] + }, + { + "playbookID": "G Suite Security Alert Center-Test", + "fromversion": "5.0.0", + "integrations": [ + "G Suite Security Alert Center" + ] + }, + { + "playbookID": "VerifyOOBV2Predictions-Test", + "fromversion": "5.5.0" + }, + { + "playbookID": "PAN OS EDL Management - Test", + "fromversion": "5.0.0", + "integrations": [ + "palo_alto_networks_pan_os_edl_management" + ] + }, + { + "playbookID": "Group-IB Threat Intelligence & Attribution-Test", + "fromversion": "6.0.0", + "integrations": [ + "Group-IB Threat Intelligence & Attribution Feed", + "Group-IB Threat Intelligence & Attribution" + ] + }, + { + "playbookID": "CounterCraft - Test", + "fromversion": "5.0.0", + "integrations": [ + "CounterCraft Deception Director" + ] + }, + { + "playbookID": "Microsoft Graph Security Test", + "fromversion": "5.0.0", + "integrations": [ + "Microsoft Graph" + ] + }, + { + "playbookID": "Azure Kubernetes Services - Test", + "fromversion": "5.0.0", + "integrations": [ + "Azure Kubernetes Services" + ] + }, + { + "playbookID": "Cortex XDR - IOC - Test without fetch", + "fromversion": "5.5.0", + "integrations": [ + "Cortex XDR - IR", + "Cortex XDR - IOC" + ] + }, + { + "playbookID": "PaloAltoNetworks_IoT-Test", + "fromversion": "5.0.0", + "integrations": [ + "Palo Alto Networks IoT" + ] + }, + { + "playbookID": "GreyNoise-Test", + "fromversion": "5.5.0", + "integrations": [ + "GreyNoise Community", + "GreyNoise" + ] + }, + { + "playbookID": "xMatters-Test", + "fromversion": "5.5.0", + "integrations": [ + "xMatters" + ] + }, + { + "playbookID": "TestCentrifyPlaybook", + "fromversion": "6.0.0", + "integrations": [ + "Centrify Vault" + ] + }, + { + "playbookID": "Infinipoint-Test", + "fromversion": "5.0.0", + "integrations": [ + "Infinipoint" + ] + }, + { + "playbookID": "CyrenThreatInDepth-Test", + "fromversion": "6.0.0", + "integrations": [ + "CyrenThreatInDepth" + ] + }, + { + "playbookID": "CVSS Calculator Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "7d8ac1af-2d1e-4ed9-875c-d3257d2c6830", + "fromversion": "6.0.0", + "integrations": [ + "AnsibleHCloud" + ] + }, + { + "playbookID": "Archer-Test-Playbook", + "fromversion": "5.0.0", + "integrations": [ + "RSA Archer", + "RSA Archer v2" + ] + }, + { + "playbookID": "SMB test", + "fromversion": "5.0.0", + "integrations": [ + "Server Message Block (SMB) v2", + "Server Message Block (SMB)" + ] + }, + { + "playbookID": "Cymulate Immediate Threats", + "fromversion": "6.0.0", + "integrations": [ + "cymulate_v2", + "Cymulate" + ] + }, + { + "playbookID": "TestUptycs", + "fromversion": "5.0.0", + "integrations": [ + "Uptycs" + ] + }, + { + "playbookID": "Microsoft Graph Calendar - Test", + "fromversion": "5.0.0", + "integrations": [ + "Microsoft Graph Calendar" + ] + }, + { + "playbookID": "VMRay-Test-URL", + "fromversion": "5.5.0", + "integrations": [ + "vmray" + ] + }, + { + "playbookID": "Thycotic-Test", + "fromversion": "6.0.0", + "integrations": [ + "Thycotic" + ] + }, + { + "playbookID": "Test Playbook TrendMicroDDA", + "fromversion": "5.0.0", + "integrations": [ + "Trend Micro Deep Discovery Analyzer Beta" + ] + }, + { + "playbookID": "CrowdStrike_Falcon_X_-Test-Detonate_URL", + "fromversion": "5.0.0", + "integrations": [ + "CrowdStrike Falcon X" + ] + }, + { + "playbookID": "CrowdStrike_Falcon_X_-Test-Detonate_File", + "fromversion": "5.0.0", + "integrations": [ + "CrowdStrike Falcon X" + ] + }, + { + "playbookID": "Phishing - Core - Test - Actual Incident", + "fromversion": "6.0.0" + }, + { + "playbookID": "Phishing v2 - Test - Actual Incident", + "fromversion": "6.0.0" + }, + { + "playbookID": "PCAP Search test", + "fromversion": "5.0.0" + }, + { + "playbookID": "PCAP Parsing And Indicator Enrichment Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "PCAP File Carving Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "Trello Test", + "fromversion": "6.0.0", + "integrations": [ + "Trello" + ] + }, + { + "playbookID": "Google Drive Permissions Test", + "fromversion": "5.0.0", + "integrations": [ + "GoogleDrive" + ] + }, + { + "playbookID": "RiskIQDigitalFootprint-Test", + "fromversion": "5.5.0", + "integrations": [ + "RiskIQDigitalFootprint" + ] + }, + { + "playbookID": "playbook-feodoteackerhash_test", + "fromversion": "5.5.0", + "integrations": [ + "Feodo Tracker IP Blocklist Feed", + "Feodo Tracker Hashes Feed" + ] + }, + { + "playbookID": "playbook-feodotrackeripblock_test", + "fromversion": "5.5.0", + "integrations": [ + "Feodo Tracker IP Blocklist Feed", + "Feodo Tracker Hashes Feed" + ] + }, + { + "playbookID": "CyberTotal_TestPlaybook", + "fromversion": "5.0.0", + "integrations": [ + "CyberTotal" + ] + }, + { + "playbookID": "Deep_Instinct-Test", + "fromversion": "5.0.0", + "integrations": [ + "Deep Instinct" + ] + }, + { + "playbookID": "Zabbix - Test", + "fromversion": "5.0.0", + "integrations": [ + "Zabbix" + ] + }, + { + "playbookID": "GCS Object Policy (ACL) - Test", + "fromversion": "5.0.0", + "integrations": [ + "Google Cloud Storage" + ] + }, + { + "playbookID": "GCS Bucket Management - Test", + "fromversion": "5.0.0", + "integrations": [ + "Google Cloud Storage" + ] + }, + { + "playbookID": "GCS Bucket Policy (ACL) - Test", + "fromversion": "5.0.0", + "integrations": [ + "Google Cloud Storage" + ] + }, + { + "playbookID": "GCS Object Operations - Test", + "fromversion": "5.0.0", + "integrations": [ + "Google Cloud Storage" + ] + }, + { + "playbookID": "OpenLDAP - Test", + "fromversion": "5.0.0", + "integrations": [ + "OpenLDAP" + ] + }, + { + "playbookID": "Splunk-Test", + "fromversion": "5.0.0", + "integrations": [ + "SplunkPy" + ] + }, + { + "playbookID": "SplunkPySearch_Test", + "fromversion": "5.0.0", + "integrations": [ + "SplunkPy" + ] + }, + { + "playbookID": "SplunkPy KV commands", + "fromversion": "5.0.0", + "integrations": [ + "SplunkPy" + ] + }, + { + "playbookID": "SplunkPy-Test-V2", + "fromversion": "5.0.0", + "integrations": [ + "SplunkPy" + ] + }, + { + "playbookID": "FireEye-Detection-on-Demand-Test", + "fromversion": "6.0.0", + "integrations": [ + "FireEye Detection on Demand" + ] + }, + { + "playbookID": "TestIPQualityScorePlaybook", + "fromversion": "5.0.0", + "integrations": [ + "IPQualityScore" + ] + }, + { + "playbookID": "Send Email To Recipients", + "fromversion": "5.0.0", + "integrations": [ + "EWS Mail Sender" + ] + }, + { + "playbookID": "Endace-Test", + "fromversion": "5.0.0", + "integrations": [ + "Endace" + ] + }, + { + "playbookID": "StringToArray_test", + "fromversion": "6.0.0" + }, + { + "playbookID": "URLSSLVerification_test", + "fromversion": "5.0.0" + }, + { + "playbookID": "playbook-SearchIncidentsV2InsideGenericPollng-Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "IsRFC1918-Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "Base64 File in List Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "DbotAverageScore-Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "ExtractEmailV2-Test", + "fromversion": "5.5.0" + }, + { + "playbookID": "IsUrlPartOfDomain Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "URLEncode-Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "IsIPInRanges - Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "Delete Context Subplaybook Test", + "fromversion": "5.0.0" + }, + { + "playbookID": "TruSTAR v2-Test", + "fromversion": "5.0.0", + "integrations": [ + "TruSTAR v2", + "TruSTAR" + ] + }, + { + "playbookID": "Relationships scripts - Test", + "fromversion": "6.2.0" + }, + { + "playbookID": "Test-CreateDBotScore-With-Reliability", + "fromversion": "6.0.0" + }, + { + "playbookID": "ValidateContent - Test", + "fromversion": "5.5.0" + }, + { + "playbookID": "DeleteContext-auto-subplaybook-test", + "fromversion": "5.0.0" + }, + { + "playbookID": "Process Email - Generic - Test - Actual Incident", + "fromversion": "6.0.0", + "integrations": [ + "XsoarPowershellTesting", + "Create-Mock-Feed-Relationships" + ] + }, + { + "playbookID": "Analyst1 Integration Demonstration - Test", + "fromversion": "5.0.0", + "integrations": [ + "Analyst1", + "illuminate" + ] + }, + { + "playbookID": "Analyst1 Integration Test", + "fromversion": "5.0.0", + "integrations": [ + "Analyst1", + "illuminate" + ] + }, + { + "playbookID": "Cofense Triage v3-Test", + "fromversion": "6.0.0", + "integrations": [ + "Cofense Triage v2", + "Cofense Triage v3", + "Cofense Triage" + ] + }, + { + "playbookID": "SailPointIdentityIQ-Test", + "fromversion": "6.0.0", + "integrations": [ + "SailPointIdentityIQ" + ] + }, + { + "playbookID": "Test - ExtFilter", + "fromversion": "5.0.0" + }, + { + "playbookID": "Test - ExtFilter Main", + "fromversion": "5.0.0" + }, + { + "playbookID": "Microsoft Teams - Test", + "fromversion": "5.0.0", + "integrations": [ + "Microsoft Teams Management", + "Microsoft Teams" + ] + }, + { + "playbookID": "TestTOPdeskPlaybook", + "fromversion": "5.0.0", + "integrations": [ + "TOPdesk" + ] } ], "skipped_tests": { @@ -3633,7 +4606,6 @@ "MicrosoftGraphMail-Test_prod": "Issue 40125" }, "skipped_integrations": { - "_comment1": "~~~ NO INSTANCE ~~~", "Ipstack": "Usage limit reached (Issue 38063)", "AnsibleAlibabaCloud": "No instance - issue 40447", @@ -3726,16 +4698,13 @@ "FraudWatch": "Issue 34299", "Cisco Stealthwatch": "No instance - developed by Qmasters", "Armis": "No instance - developed by SOAR Experts", - "_comment2": "~~~ UNSTABLE ~~~", "Tenable.sc": "unstable instance", "ThreatConnect v2": "unstable instance", - "_comment3": "~~~ QUOTA ISSUES ~~~", "Lastline": "issue 20323", "Google Resource Manager": "Cannot create projects because have reached allowed quota.", "Looker": "Warehouse 'DEMO_WH' cannot be resumed because resource monitor 'LIMITER' has exceeded its quota.", - "_comment4": "~~~ OTHER ~~~", "AlienVault OTX TAXII Feed": "Issue 29197", "EclecticIQ Platform": "Issue 8821", @@ -3912,7 +4881,6 @@ "HelloWorldPremium_Scan-Test" ], "docker_thresholds": { - "_comment": "Add here docker images which are specific to an integration and require a non-default threshold (such as rasterize or ews). That way there is no need to define this multiple times. You can specify full image name with version or without.", "images": { "demisto/chromium": { @@ -3960,4 +4928,4 @@ } } } -} +} \ No newline at end of file diff --git a/Tests/scripts/update_conf_json.py b/Tests/scripts/update_conf_json.py deleted file mode 100644 index b4667ee78275..000000000000 --- a/Tests/scripts/update_conf_json.py +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/bin/env python3 -import os -from pprint import pformat - -import yaml -import json -from distutils.version import LooseVersion -import logging - -from pebble import ProcessPool - -from Tests.scripts.utils.log_util import install_logging -from demisto_sdk.commands.common.tools import find_type -from demisto_sdk.commands.common.constants import TEST_PLAYBOOKS_DIR, INTEGRATIONS_DIR, CONF_PATH, PACKS_DIR, \ - FileType - -INITIAL_FROM_VERSION = "4.5.0" -NEW_CONF_JSON_OBJECT = [] - - -def get_integration_data(file_path): - with open(file_path) as data_file: - yaml_file = yaml.safe_load(data_file) - return yaml_file['commonfields']['id'], yaml_file.get('fromversion', '0.0.0') - - -def get_playbook_data(file_path): - with open(file_path) as data_file: - yaml_file = yaml.safe_load(data_file) - return yaml_file['id'], yaml_file.get('fromversion', '0.0.0') - - -def get_fromversion(integrations): - max_fromversion = INITIAL_FROM_VERSION - for integration_id, fromversion in integrations: - if LooseVersion(fromversion) > LooseVersion(max_fromversion): - max_fromversion = fromversion - - return max_fromversion - - -def calc_conf_json_object(integrations, test_playbooks): - fromversion = get_fromversion(integrations) - conf_objects = [{'playbookID': test_playbook, 'fromversion': test_fromversion} - for test_playbook, test_fromversion in test_playbooks] - integrations = [integration_id for integration_id, _ in integrations] - - for conf_object in conf_objects: - if integrations: - conf_object['integrations'] = integrations - if LooseVersion(conf_object['fromversion']) < fromversion: - conf_object['fromversion'] = fromversion - - return conf_objects - - -def add_to_conf_json(conf_objects): - with open(CONF_PATH) as data_file: - conf = json.load(data_file) - - conf['tests'].extend(conf_objects) - - with open(CONF_PATH, 'w') as conf_file: - json.dump(conf, conf_file, indent=4) - - -def load_test_data_from_conf_json(): - test_playbooks = [] - with open(CONF_PATH) as data_file: - conf = json.load(data_file) - - for conf_test in conf['tests']: - test_playbooks.append(conf_test['playbookID']) - - return test_playbooks - - -def generate_pack_tests_configuration(pack_name, existing_test_playbooks): - install_logging('Update_Tests_step.log', include_process_name=True) - pack_integrations = [] - pack_test_playbooks = [] - - pack_path = os.path.join(PACKS_DIR, pack_name) - - integration_dir_path = os.path.join(pack_path, INTEGRATIONS_DIR) - test_playbook_dir_path = os.path.join(pack_path, TEST_PLAYBOOKS_DIR) - if not os.path.isdir(test_playbook_dir_path) or not os.listdir(test_playbook_dir_path): - return pack_integrations, pack_test_playbooks, pack_name - - logging.info(f'Going over {pack_name}') - if os.path.exists(integration_dir_path): - for file_or_dir in os.listdir(integration_dir_path): - if os.path.isdir(os.path.join(integration_dir_path, file_or_dir)): - inner_dir_path = os.path.join(integration_dir_path, file_or_dir) - for integration_file in os.listdir(inner_dir_path): - is_yml_file = integration_file.endswith('.yml') - file_path = os.path.join(inner_dir_path, integration_file) - if is_yml_file: - pack_integrations.append(get_integration_data(file_path)) - else: - is_yml_file = file_or_dir.endswith('.yml') - file_path = os.path.join(integration_dir_path, file_or_dir) - if is_yml_file: - pack_integrations.append(get_integration_data(file_path)) - - for file_path in os.listdir(test_playbook_dir_path): - is_yml_file = file_path.endswith('.yml') - file_path = os.path.join(test_playbook_dir_path, file_path) - if is_yml_file and find_type(file_path) == FileType.TEST_PLAYBOOK: - test_playbook_id, fromversion = get_playbook_data(file_path) - if test_playbook_id not in existing_test_playbooks: - pack_test_playbooks.append((test_playbook_id, fromversion)) - return pack_integrations, pack_test_playbooks, pack_name - - -def update_new_conf_json(future): - try: - pack_integrations, pack_test_playbooks, pack_name = future.result() # blocks until results ready - if pack_test_playbooks: - NEW_CONF_JSON_OBJECT.extend(calc_conf_json_object(pack_integrations, pack_test_playbooks)) - - except Exception: - logging.exception('Failed to collect pack test configurations') - raise - - -def main(): - install_logging('Update_Tests_step.log', include_process_name=True) - existing_test_playbooks = load_test_data_from_conf_json() - with ProcessPool(max_workers=os.cpu_count()) as pool: - for pack_name in os.listdir(PACKS_DIR): - logging.debug(f'Collecting pack: {pack_name} tests to add to conf.json') - future_object = pool.schedule(generate_pack_tests_configuration, - args=(pack_name, existing_test_playbooks), timeout=30) - future_object.add_done_callback(update_new_conf_json) - logging.debug(f'Successfully added pack: {pack_name} test to conf.json') - - add_to_conf_json(NEW_CONF_JSON_OBJECT) - logging.success(f'Added {len(NEW_CONF_JSON_OBJECT)} tests to the conf.json') - logging.success(f'Added the following objects to the conf.json:\n{pformat(NEW_CONF_JSON_OBJECT)}') - - -if __name__ == '__main__': - main() From 626536b903ac2ffd1415ece3045ee6309e9cd320 Mon Sep 17 00:00:00 2001 From: mayagoldb <43776787+mayagoldb@users.noreply.github.com> Date: Mon, 30 Aug 2021 14:37:28 +0300 Subject: [PATCH 070/173] Prisma Cloud playbooks bug fix (#14511) * Prisma Cloud playbooks bug fix * updated release notes * Edited playbooks structure and added new photos * Updated image names * Added new links to images --- ...isma_Cloud_-_Find_AWS_Resource_by_FQDN.yml | 227 +++++++++--------- ...loud_-_Find_AWS_Resource_by_FQDN_README.md | 2 +- ...Cloud_-_Find_AWS_Resource_by_Public_IP.yml | 84 ++++--- ...-_Find_AWS_Resource_by_Public_IP_README.md | 2 +- ...ma_Cloud_-_Find_Azure_Resource_by_FQDN.yml | 184 +++++++------- ...ud_-_Find_Azure_Resource_by_FQDN_README.md | 2 +- ...oud_-_Find_Azure_Resource_by_Public_IP.yml | 85 ++++--- ...Find_Azure_Resource_by_Public_IP_README.md | 2 +- ...isma_Cloud_-_Find_GCP_Resource_by_FQDN.yml | 90 +++---- ...loud_-_Find_GCP_Resource_by_FQDN_README.md | 2 +- ...Cloud_-_Find_GCP_Resource_by_Public_IP.yml | 85 ++++--- ...-_Find_GCP_Resource_by_Public_IP_README.md | 2 +- Packs/PrismaCloud/ReleaseNotes/1_9_0.md | 19 ++ ...isma_Cloud_-_Find_AWS_Resource_by_FQDN.png | Bin 914195 -> 511583 bytes ...Cloud_-_Find_AWS_Resource_by_Public_IP.png | Bin 259480 -> 131059 bytes ...ma_Cloud_-_Find_Azure_Resource_by_FQDN.png | Bin 759104 -> 472977 bytes ...oud_-_Find_Azure_Resource_by_Public_IP.png | Bin 283065 -> 130651 bytes ...isma_Cloud_-_Find_GCP_Resource_by_FQDN.png | Bin 487014 -> 293729 bytes ...Cloud_-_Find_GCP_Resource_by_Public_IP.png | Bin 285000 -> 133972 bytes Packs/PrismaCloud/pack_metadata.json | 2 +- 20 files changed, 429 insertions(+), 359 deletions(-) create mode 100644 Packs/PrismaCloud/ReleaseNotes/1_9_0.md diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.yml b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.yml index 4dd71f70b362..2be2ffa97aba 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.yml +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.yml @@ -44,7 +44,7 @@ tasks: view: |- { "position": { - "x": 2670, + "x": 2870, "y": -1340 } } @@ -77,9 +77,9 @@ tasks: - args: prefix: value: - simple: "config where cloud.type = 'aws' AND cloud.service = 'Amazon\ - \ Route53' AND api.name = 'aws-route53-list-hosted-zones' AND\ - \ json.rule = \n ( " + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon Route53'' AND api.name = ''aws-route53-list-hosted-zones'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -95,20 +95,20 @@ tasks: task: brand: "" description: Search Route53 hosted zones in Prisma Cloud - id: ea7872de-3747-41c8-81c1-574c5adf8f87 + id: 42c46d62-d2a6-42e2-83b9-0e87dc352e3b iscommand: true name: Search FQDN in Route53 HostedZone Entries script: '|||redlock-search-config' type: regular version: -1 - taskid: ea7872de-3747-41c8-81c1-574c5adf8f87 + taskid: 42c46d62-d2a6-42e2-83b9-0e87dc352e3b timertriggers: [] type: regular view: |- { "position": { - "x": -1660, - "y": 1030 + "x": 1820, + "y": 550 } } "7": @@ -135,8 +135,8 @@ tasks: view: |- { "position": { - "x": 500, - "y": 1680 + "x": 2350, + "y": 880 } } "8": @@ -166,8 +166,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''aws'' AND cloud.service = ''Amazon - Elastic Load Balancing'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon Elastic Load Balancing'' AND api.name + = ''aws-elb-describe-load-balancers'' AND json.rule = ( ' suffix: value: simple: ' )' @@ -183,20 +184,20 @@ tasks: task: brand: "" description: Search AWS Elastic Load Balancers in Prisma Cloud - id: adda060f-e7c6-4a51-81c1-da6e31b8341a + id: 1b59f137-fb46-4639-8904-00bb5f021d86 iscommand: true name: Search in Load Balancers (dnsname) script: '|||redlock-search-config' type: regular version: -1 - taskid: adda060f-e7c6-4a51-81c1-da6e31b8341a + taskid: 1b59f137-fb46-4639-8904-00bb5f021d86 timertriggers: [] type: regular view: |- { "position": { - "x": -150, - "y": 900 + "x": 250, + "y": 360 } } "9": @@ -226,8 +227,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''aws'' and cloud.service = ''Amazon - CloudFront'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon CloudFront'' AND api.name = ''aws-cloudfront-list-distributions'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -243,20 +245,20 @@ tasks: task: brand: "" description: Search AWS CloudFront in Prisma Cloud - id: b8787bf4-585c-4396-87e3-a2c7ff7183e8 + id: 2580bc20-bcf2-467b-87cd-0c5ea9c1bafd iscommand: true name: Search in CloudFront script: '|||redlock-search-config' type: regular version: -1 - taskid: b8787bf4-585c-4396-87e3-a2c7ff7183e8 + taskid: 2580bc20-bcf2-467b-87cd-0c5ea9c1bafd timertriggers: [] type: regular view: |- { "position": { - "x": 740, - "y": 900 + "x": 670, + "y": 360 } } "10": @@ -306,8 +308,8 @@ tasks: view: |- { "position": { - "x": -1870, - "y": 830 + "x": 1400, + "y": 360 } } "11": @@ -340,9 +342,9 @@ tasks: - args: prefix: value: - simple: "config where cloud.type = 'aws' AND cloud.service = 'Amazon\ - \ Route53' AND api.name = 'aws-route53-list-hosted-zones' AND\ - \ json.rule = \n ( " + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon Route53'' AND api.name = ''aws-route53-list-hosted-zones'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -358,20 +360,20 @@ tasks: task: brand: "" description: Search Route53 Hosted Zones in Prisma Cloud - id: 63596c16-01a3-43c6-899d-e1bfaa8ce36c + id: ea2fd6b3-2dc3-4d03-8917-78779c2c8b18 iscommand: true name: Search Domain in Route53 HostedZone Name script: '|||redlock-search-config' type: regular version: -1 - taskid: 63596c16-01a3-43c6-899d-e1bfaa8ce36c + taskid: ea2fd6b3-2dc3-4d03-8917-78779c2c8b18 timertriggers: [] type: regular view: |- { "position": { - "x": -2110, - "y": 1030 + "x": 1400, + "y": 550 } } "12": @@ -410,8 +412,8 @@ tasks: view: |- { "position": { - "x": 500, - "y": 1810 + "x": 2350, + "y": 1050 } } "13": @@ -445,8 +447,8 @@ tasks: view: |- { "position": { - "x": 200, - "y": 2070 + "x": 2120, + "y": 1220 } } "14": @@ -470,8 +472,8 @@ tasks: view: |- { "position": { - "x": 510, - "y": 2320 + "x": 2870, + "y": 1390 } } "15": @@ -526,8 +528,8 @@ tasks: view: |- { "position": { - "x": 2400, - "y": -840 + "x": 2570, + "y": -1000 } } "16": @@ -554,8 +556,8 @@ tasks: view: |- { "position": { - "x": 2020, - "y": -300 + "x": 2350, + "y": -830 } } "20": @@ -593,7 +595,7 @@ tasks: view: |- { "position": { - "x": 2670, + "x": 2870, "y": -1170 } } @@ -625,9 +627,9 @@ tasks: - args: prefix: value: - simple: "config where cloud.type = 'aws' AND cloud.service = 'Amazon\ - \ S3' AND api.name = 'aws-s3api-get-bucket-acl' AND json.rule\ - \ = \n ( " + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon S3'' AND api.name = ''aws-s3api-get-bucket-acl'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -643,20 +645,20 @@ tasks: task: brand: "" description: Search Route53 Hosted Zones in Prisma Cloud - id: 426ccb2e-a16c-4fc6-8db8-1d79c156c2a3 + id: 0f5c499c-6d23-4d7a-8904-025bc365040a iscommand: true name: Search FQDN in S3 script: '|||redlock-search-config' type: regular version: -1 - taskid: 426ccb2e-a16c-4fc6-8db8-1d79c156c2a3 + taskid: 0f5c499c-6d23-4d7a-8904-025bc365040a timertriggers: [] type: regular view: |- { "position": { - "x": 830, - "y": 1250 + "x": -240, + "y": 710 } } "22": @@ -704,8 +706,8 @@ tasks: view: |- { "position": { - "x": 2020, - "y": -30 + "x": 2350, + "y": -490 } } "23": @@ -753,8 +755,8 @@ tasks: view: |- { "position": { - "x": 2020, - "y": 120 + "x": 2350, + "y": -290 } } "24": @@ -792,8 +794,8 @@ tasks: view: |- { "position": { - "x": 2020, - "y": 500 + "x": 700, + "y": 40 } } "25": @@ -822,8 +824,8 @@ tasks: view: |- { "position": { - "x": 2020, - "y": 315 + "x": 2350, + "y": -100 } } "26": @@ -861,8 +863,8 @@ tasks: view: |- { "position": { - "x": -2870, - "y": 460 + "x": 1660, + "y": 40 } } "27": @@ -889,8 +891,8 @@ tasks: view: |- { "position": { - "x": -1870, - "y": 660 + "x": 1400, + "y": 215 } } "28": @@ -922,8 +924,8 @@ tasks: view: |- { "position": { - "x": 580, - "y": 710 + "x": -170, + "y": 215 } } "29": @@ -950,8 +952,8 @@ tasks: view: |- { "position": { - "x": -1400, - "y": 700 + "x": 2350, + "y": 215 } } "30": @@ -995,8 +997,8 @@ tasks: view: |- { "position": { - "x": 2020, - "y": -180 + "x": 2350, + "y": -690 } } "31": @@ -1054,8 +1056,8 @@ tasks: view: |- { "position": { - "x": 1190, - "y": 900 + "x": -660, + "y": 360 } } "32": @@ -1092,8 +1094,8 @@ tasks: view: |- { "position": { - "x": 1190, - "y": 1040 + "x": -660, + "y": 530 } } "33": @@ -1123,8 +1125,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''aws'' AND cloud.service = ''Amazon - Elastic Load Balancing'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon Elastic Load Balancing'' AND api.name + = ''aws-elb-describe-load-balancers'' AND json.rule = ( ' suffix: value: simple: ' )' @@ -1140,20 +1143,20 @@ tasks: task: brand: "" description: Search AWS Elastic Load Balancers in Prisma Cloud - id: f97f71ef-ea20-4d15-88ec-8a01deab9532 + id: 7aab8faf-31eb-4938-803a-38c0cc0a53ea iscommand: true name: Search in Load Balancers (description.dnsname) script: '|||redlock-search-config' type: regular version: -1 - taskid: f97f71ef-ea20-4d15-88ec-8a01deab9532 + taskid: 7aab8faf-31eb-4938-803a-38c0cc0a53ea timertriggers: [] type: regular view: |- { "position": { - "x": -550, - "y": 900 + "x": -170, + "y": 360 } } "34": @@ -1183,8 +1186,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''aws'' and cloud.service = ''Amazon - EKS'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon EKS'' AND api.name = ''aws-eks-describe-cluster'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -1200,20 +1204,20 @@ tasks: task: brand: "" description: Search AWS CloudFront in Prisma Cloud - id: 2ad9c170-43de-45b4-8701-bda4dd680f6c + id: 80fc8d82-c52a-4f58-8b82-cd53c9fe9c06 iscommand: true name: Search FQDN in EKS Endpoint script: '|||redlock-search-config' type: regular version: -1 - taskid: 2ad9c170-43de-45b4-8701-bda4dd680f6c + taskid: 80fc8d82-c52a-4f58-8b82-cd53c9fe9c06 timertriggers: [] type: regular view: |- { "position": { - "x": 300, - "y": 1190 + "x": -860, + "y": 710 } } "35": @@ -1259,8 +1263,8 @@ tasks: view: |- { "position": { - "x": 300, - "y": 900 + "x": -1230, + "y": 360 } } "36": @@ -1297,8 +1301,8 @@ tasks: view: |- { "position": { - "x": 300, - "y": 1040 + "x": -1230, + "y": 530 } } "37": @@ -1344,8 +1348,8 @@ tasks: view: |- { "position": { - "x": -960, - "y": 900 + "x": -1780, + "y": 360 } } "38": @@ -1382,8 +1386,8 @@ tasks: view: |- { "position": { - "x": -830, - "y": 1120 + "x": -1780, + "y": 530 } } "39": @@ -1413,9 +1417,9 @@ tasks: - args: prefix: value: - simple: "config where cloud.type = 'aws' AND cloud.service = 'Amazon\ - \ EC2' AND api.name = 'aws-ec2-describe-instances' AND json.rule\ - \ = \n ( " + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon EC2'' AND api.name = ''aws-ec2-describe-instances'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -1431,20 +1435,20 @@ tasks: task: brand: "" description: Search Route53 Hosted Zones in Prisma Cloud - id: b435a043-8763-4887-824c-b2360f6291ba + id: 32822336-a548-45da-8285-90b091caecd9 iscommand: true name: Search FQDN in EC2 script: '|||redlock-search-config' type: regular version: -1 - taskid: b435a043-8763-4887-824c-b2360f6291ba + taskid: 32822336-a548-45da-8285-90b091caecd9 timertriggers: [] type: regular view: |- { "position": { - "x": -550, - "y": 1310 + "x": -1390, + "y": 710 } } "40": @@ -1474,8 +1478,9 @@ tasks: - args: prefix: value: - simple: "config where cloud.type = 'aws' AND cloud.service = 'Amazon\ - \ API Gateway' AND json.rule = \n ( " + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon API Gateway'' AND api.name = ''aws-apigateway-domain-name'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -1491,33 +1496,39 @@ tasks: task: brand: "" description: Search Route53 Hosted Zones in Prisma Cloud - id: 9462461a-1520-4f28-8138-1957fc38328a + id: c405e3d8-6a9e-421f-8b8a-499d31c8541a iscommand: true name: Search FQDN in API Gateway script: '|||redlock-search-config' type: regular version: -1 - taskid: 9462461a-1520-4f28-8138-1957fc38328a + taskid: c405e3d8-6a9e-421f-8b8a-499d31c8541a timertriggers: [] type: regular view: |- { "position": { - "x": -1270, - "y": 1200 + "x": 2350, + "y": 550 } } version: -1 view: |- { "linkLabelsPosition": { - "24_7_#default#": 0.17 + "12_14_#default#": 0.23, + "15_14_#default#": 0.1, + "24_7_#default#": 0.17, + "26_7_#default#": 0.22, + "32_7_#default#": 0.1, + "36_7_#default#": 0.1, + "38_7_#default#": 0.1 }, "paper": { "dimensions": { - "height": 3725, - "width": 5920, - "x": -2870, + "height": 2795, + "width": 5030, + "x": -1780, "y": -1340 } } diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN_README.md b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN_README.md index d07a994a196f..0e9d8e8500ed 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN_README.md +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN_README.md @@ -36,4 +36,4 @@ This playbook does not use any scripts. ## Playbook Image --- -![Prisma Cloud - Find AWS Resource by FQDN](https://raw.githubusercontent.com/demisto/content/852016ad0103ba42e8b5c8f596246fd14a4e7a90/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.png) \ No newline at end of file +![Prisma Cloud - Find AWS Resource by FQDN](../doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.png) \ No newline at end of file diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.yml b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.yml index 87e255ecc91b..c483fe9b41b8 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.yml +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.yml @@ -38,8 +38,8 @@ tasks: view: |- { "position": { - "x": 1820, - "y": -500 + "x": 1770, + "y": -510 } } "1": @@ -69,8 +69,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''aws'' AND cloud.service = ''Amazon - EC2'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon EC2'' AND api.name = ''aws-ec2-describe-instances'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -84,20 +85,20 @@ tasks: task: brand: "" description: Search EC2 instances in Prisma Cloud - id: 94247d01-1c67-4de9-8b39-d4175697f72e + id: 5d21d3ef-d78f-4b93-8b0a-07a355a64601 iscommand: true name: Search in EC2 Instances script: '|||redlock-search-config' type: regular version: -1 - taskid: 94247d01-1c67-4de9-8b39-d4175697f72e + taskid: 5d21d3ef-d78f-4b93-8b0a-07a355a64601 timertriggers: [] type: regular view: |- { "position": { - "x": 320, - "y": 270 + "x": 920, + "y": 120 } } "7": @@ -124,8 +125,8 @@ tasks: view: |- { "position": { - "x": 450, - "y": 870 + "x": 920, + "y": 290 } } "9": @@ -156,8 +157,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''aws'' AND cloud.service = ''Amazon - Elastic Load Balancing'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon Elastic Load Balancing'' AND api.name + = ''aws-elbv2-describe-load-balancers'' AND json.rule = ( ' suffix: value: simple: ' )' @@ -171,20 +173,20 @@ tasks: task: brand: "" description: Search EC2 Elastic Load Balancers in Prisma Cloud - id: 5eabacc6-aed6-4c3b-839e-f232de432e57 + id: 53e36036-6367-4c36-869e-2e0eea7eb955 iscommand: true name: Search in EC2 NLB script: '|||redlock-search-config' type: regular version: -1 - taskid: 5eabacc6-aed6-4c3b-839e-f232de432e57 + taskid: 53e36036-6367-4c36-869e-2e0eea7eb955 timertriggers: [] type: regular view: |- { "position": { - "x": 820, - "y": 270 + "x": 1380, + "y": 120 } } "11": @@ -223,8 +225,8 @@ tasks: view: |- { "position": { - "x": 450, - "y": 1020 + "x": 920, + "y": 430 } } "12": @@ -258,8 +260,8 @@ tasks: view: |- { "position": { - "x": 140, - "y": 1330 + "x": 660, + "y": 600 } } "13": @@ -283,8 +285,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 1530 + "x": 1770, + "y": 770 } } "14": @@ -313,8 +315,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 60 + "x": 920, + "y": -20 } } "15": @@ -369,8 +371,8 @@ tasks: view: |- { "position": { - "x": 1250, - "y": -150 + "x": 1420, + "y": -190 } } "16": @@ -408,7 +410,7 @@ tasks: view: |- { "position": { - "x": 1820, + "x": 1770, "y": -360 } } @@ -439,9 +441,9 @@ tasks: - args: prefix: value: - simple: "config where cloud.type = 'aws' AND cloud.service = 'Amazon\ - \ Route53' AND api.name = 'aws-route53-list-hosted-zones' AND\ - \ json.rule = \n ( " + simple: 'config from cloud.resource where cloud.type = ''aws'' AND + cloud.service = ''Amazon Route53'' AND api.name = ''aws-route53-list-hosted-zones'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -457,32 +459,36 @@ tasks: task: brand: "" description: Search EC2 instances in Prisma Cloud - id: 808a6ab0-9bf6-4d29-8d61-a292bb0ab02e + id: ace1585b-f50b-4466-8ec0-ba15ea621d90 iscommand: true name: Search in Route53 Hosted Zones script: '|||redlock-search-config' type: regular version: -1 - taskid: 808a6ab0-9bf6-4d29-8d61-a292bb0ab02e + taskid: ace1585b-f50b-4466-8ec0-ba15ea621d90 timertriggers: [] type: regular view: |- { "position": { - "x": -140, - "y": 270 + "x": 450, + "y": 120 } } version: -1 view: |- { - "linkLabelsPosition": {}, + "linkLabelsPosition": { + "11_13_#default#": 0.13, + "15_13_#default#": 0.2, + "16_13_#default#": 0.25 + }, "paper": { "dimensions": { - "height": 2095, - "width": 2340, - "x": -140, - "y": -500 + "height": 1345, + "width": 1700, + "x": 450, + "y": -510 } } } diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP_README.md b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP_README.md index 4f9812546d97..d834a20f22bd 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP_README.md +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP_README.md @@ -35,4 +35,4 @@ This playbook does not use any scripts. ## Playbook Image --- -![Prisma Cloud - Find AWS Resource by Public IP](https://raw.githubusercontent.com/demisto/content/852016ad0103ba42e8b5c8f596246fd14a4e7a90/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.png) \ No newline at end of file +![Prisma Cloud - Find AWS Resource by Public IP](../doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.png) \ No newline at end of file diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.yml b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.yml index c5d53c52e88e..af2efdd9f75d 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.yml +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.yml @@ -44,7 +44,7 @@ tasks: view: |- { "position": { - "x": 2350, + "x": 2010, "y": -1190 } } @@ -72,8 +72,8 @@ tasks: view: |- { "position": { - "x": 500, - "y": 1690 + "x": 1670, + "y": 1080 } } "10": @@ -122,8 +122,8 @@ tasks: view: |- { "position": { - "x": -1580, - "y": 875 + "x": 1070, + "y": 520 } } "12": @@ -162,8 +162,8 @@ tasks: view: |- { "position": { - "x": 500, - "y": 1810 + "x": 1670, + "y": 1230 } } "13": @@ -197,8 +197,8 @@ tasks: view: |- { "position": { - "x": 200, - "y": 2070 + "x": 1390, + "y": 1400 } } "14": @@ -222,8 +222,8 @@ tasks: view: |- { "position": { - "x": 510, - "y": 2320 + "x": 2010, + "y": 1570 } } "15": @@ -278,8 +278,8 @@ tasks: view: |- { "position": { - "x": 2140, - "y": -850 + "x": 1700, + "y": -870 } } "16": @@ -306,8 +306,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": -380 + "x": 1400, + "y": -700 } } "20": @@ -345,8 +345,8 @@ tasks: view: |- { "position": { - "x": 2350, - "y": -1060 + "x": 2010, + "y": -1040 } } "22": @@ -394,8 +394,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": -50 + "x": 1400, + "y": -350 } } "23": @@ -443,8 +443,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": 140 + "x": 1400, + "y": -160 } } "24": @@ -482,8 +482,8 @@ tasks: view: |- { "position": { - "x": 1900, - "y": 470 + "x": 570, + "y": 210 } } "25": @@ -512,8 +512,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": 330 + "x": 1400, + "y": 60 } } "26": @@ -551,8 +551,8 @@ tasks: view: |- { "position": { - "x": -1350, - "y": 470 + "x": 1200, + "y": 210 } } "27": @@ -579,8 +579,8 @@ tasks: view: |- { "position": { - "x": -1650, - "y": 715 + "x": 1070, + "y": 390 } } "28": @@ -610,8 +610,8 @@ tasks: view: |- { "position": { - "x": 660, - "y": 650 + "x": 330, + "y": 380 } } "29": @@ -638,8 +638,8 @@ tasks: view: |- { "position": { - "x": -1020, - "y": 650 + "x": 1670, + "y": 210 } } "30": @@ -683,8 +683,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": -220 + "x": 1400, + "y": -540 } } "31": @@ -733,8 +733,8 @@ tasks: view: |- { "position": { - "x": 900, - "y": 800 + "x": 490, + "y": 520 } } "32": @@ -772,8 +772,8 @@ tasks: view: |- { "position": { - "x": 1230, - "y": 970 + "x": 490, + "y": 710 } } "33": @@ -803,8 +803,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' and cloud.service = - ''Azure App Service'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure App Service'' AND api.name = ''azure-app-service'' + AND json.rule = ( ' suffix: value: simple: ) @@ -819,20 +820,20 @@ tasks: brand: "" description: Search configuration inventory on the Prisma Cloud (RedLock) platform using RQL language - id: 1310abac-4fba-442a-8917-50b083086dc9 + id: 3107b94b-2010-48eb-85c0-ebaed826a7ec iscommand: true name: Search FQDNs in App Service script: '|||redlock-search-config' type: regular version: -1 - taskid: 1310abac-4fba-442a-8917-50b083086dc9 + taskid: 3107b94b-2010-48eb-85c0-ebaed826a7ec timertriggers: [] type: regular view: |- { "position": { - "x": 890, - "y": 1140 + "x": 310, + "y": 900 } } "34": @@ -881,8 +882,8 @@ tasks: view: |- { "position": { - "x": 410, - "y": 800 + "x": -160, + "y": 520 } } "35": @@ -920,8 +921,8 @@ tasks: view: |- { "position": { - "x": 350, - "y": 970 + "x": -160, + "y": 710 } } "36": @@ -951,8 +952,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' and cloud.service = - ''Azure Virtual Network'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure Virtual Network'' AND api.name = ''azure-network-public-ip-address'' + AND json.rule = ( ' suffix: value: simple: ) @@ -967,20 +969,20 @@ tasks: brand: "" description: Search configuration inventory on the Prisma Cloud (RedLock) platform using RQL language - id: bd299765-2d65-4603-827c-43ed8978261e + id: 80352352-4b39-4b7a-86d4-c07bf3a61b9d iscommand: true name: Search FQDNs in Public IPs script: '|||redlock-search-config' type: regular version: -1 - taskid: bd299765-2d65-4603-827c-43ed8978261e + taskid: 80352352-4b39-4b7a-86d4-c07bf3a61b9d timertriggers: [] type: regular view: |- { "position": { - "x": 480, - "y": 1140 + "x": -380, + "y": 900 } } "37": @@ -1011,8 +1013,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' and cloud.service = - ''Azure Application Gateway'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure Application Gateway'' AND api.name + = ''azure-application-gateway'' AND json.rule = ( ' suffix: value: simple: ) @@ -1027,20 +1030,20 @@ tasks: brand: "" description: Search configuration inventory on the Prisma Cloud (RedLock) platform using RQL language - id: b9f87a1a-8f45-44e3-8233-6e07a7320f58 + id: c91a738c-b191-4725-894b-8deeef6ef3a2 iscommand: true name: Search FQDNs in Azure Application Gateway script: '|||redlock-search-config' type: regular version: -1 - taskid: b9f87a1a-8f45-44e3-8233-6e07a7320f58 + taskid: c91a738c-b191-4725-894b-8deeef6ef3a2 timertriggers: [] type: regular view: |- { "position": { - "x": -1750, - "y": 1065 + "x": 1070, + "y": 700 } } "38": @@ -1100,8 +1103,8 @@ tasks: view: |- { "position": { - "x": -30, - "y": 800 + "x": -840, + "y": 520 } } "39": @@ -1139,8 +1142,8 @@ tasks: view: |- { "position": { - "x": -60, - "y": 970 + "x": -840, + "y": 725 } } "40": @@ -1171,8 +1174,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' and cloud.service = - ''Azure Storage'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure Storage'' AND api.name = ''azure-storage-account-list'' + AND json.rule = ( ' suffix: value: simple: ) @@ -1187,20 +1191,20 @@ tasks: brand: "" description: Search configuration inventory on the Prisma Cloud (RedLock) platform using RQL language - id: e7b16762-83e9-41b7-8095-266d36a5d466 + id: 49476811-2e58-4291-8f00-305c666af44b iscommand: true name: Search FQDNs in Azure Storage script: '|||redlock-search-config' type: regular version: -1 - taskid: e7b16762-83e9-41b7-8095-266d36a5d466 + taskid: 49476811-2e58-4291-8f00-305c666af44b timertriggers: [] type: regular view: |- { "position": { - "x": -90, - "y": 1280 + "x": -1020, + "y": 900 } } "41": @@ -1249,8 +1253,8 @@ tasks: view: |- { "position": { - "x": -430, - "y": 800 + "x": -1470, + "y": 520 } } "42": @@ -1288,8 +1292,8 @@ tasks: view: |- { "position": { - "x": -460, - "y": 970 + "x": -1470, + "y": 725 } } "43": @@ -1319,8 +1323,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' and cloud.service = - ''Azure Kubernetes Service'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure Kubernetes Service'' AND api.name + = ''azure-kubernetes-cluster'' AND json.rule = ( ' suffix: value: simple: ) @@ -1335,31 +1340,40 @@ tasks: brand: "" description: Search configuration inventory on the Prisma Cloud (RedLock) platform using RQL language - id: 28ea4616-343e-4625-8289-2a946282bbb6 + id: 8ddbb096-d42c-49a5-846e-30995677f78c iscommand: true name: Search FQDNs in AKS script: '|||redlock-search-config' type: regular version: -1 - taskid: 28ea4616-343e-4625-8289-2a946282bbb6 + taskid: 8ddbb096-d42c-49a5-846e-30995677f78c timertriggers: [] type: regular view: |- { "position": { - "x": -350, - "y": 1110 + "x": -1730, + "y": 910 } } version: -1 view: |- { - "linkLabelsPosition": {}, + "linkLabelsPosition": { + "12_14_#default#": 0.29, + "15_14_#default#": 0.11, + "24_7_#default#": 0.14, + "26_7_#default#": 0.26, + "32_7_#default#": 0.13, + "35_7_#default#": 0.1, + "39_7_#default#": 0.1, + "42_7_#default#": 0.1 + }, "paper": { "dimensions": { - "height": 3575, - "width": 4480, - "x": -1750, + "height": 2825, + "width": 4120, + "x": -1730, "y": -1190 } } diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN_README.md b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN_README.md index d33481b044c2..0384e9a75a5b 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN_README.md +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN_README.md @@ -36,4 +36,4 @@ This playbook does not use any scripts. ## Playbook Image --- -![Prisma Cloud - Find Azure Resource by FQDN](https://raw.githubusercontent.com/demisto/content/852016ad0103ba42e8b5c8f596246fd14a4e7a90/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.png) \ No newline at end of file +![Prisma Cloud - Find Azure Resource by FQDN](../doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.png) \ No newline at end of file diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.yml b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.yml index fa5fa573dbe3..88e46996dffa 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.yml +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.yml @@ -38,8 +38,8 @@ tasks: view: |- { "position": { - "x": 1820, - "y": -500 + "x": 1710, + "y": -480 } } "7": @@ -66,8 +66,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 1160 + "x": 850, + "y": 320 } } "10": @@ -98,8 +98,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' AND cloud.service = - ''Azure Compute'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure Compute'' AND api.name = ''azure-vm-list'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -113,20 +114,20 @@ tasks: task: brand: "" description: Search Azure VM instances in Prisma Cloud - id: ef6587a9-3f8d-42da-841b-7ea508b3e19a + id: 747967fa-f4f0-4afb-8d24-bfe451752cfd iscommand: true name: Search in Azure Compute script: '|||redlock-search-config' type: regular version: -1 - taskid: ef6587a9-3f8d-42da-841b-7ea508b3e19a + taskid: 747967fa-f4f0-4afb-8d24-bfe451752cfd timertriggers: [] type: regular view: |- { "position": { - "x": 480, - "y": 260 + "x": 1280, + "y": 150 } } "11": @@ -165,8 +166,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 1350 + "x": 850, + "y": 470 } } "12": @@ -200,8 +201,8 @@ tasks: view: |- { "position": { - "x": 170, - "y": 1580 + "x": 630, + "y": 640 } } "13": @@ -225,8 +226,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 1770 + "x": 1710, + "y": 810 } } "14": @@ -255,8 +256,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 60 + "x": 850, + "y": 10 } } "15": @@ -311,8 +312,8 @@ tasks: view: |- { "position": { - "x": 1490, - "y": -150 + "x": 1420, + "y": -160 } } "16": @@ -350,7 +351,7 @@ tasks: view: |- { "position": { - "x": 1820, + "x": 1710, "y": -330 } } @@ -381,8 +382,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' AND cloud.service = - ''Azure Virtual Network'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure Virtual Network'' AND api.name = ''azure-network-public-ip-address'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -398,20 +400,20 @@ tasks: task: brand: "" description: Search Azure VM instances in Prisma Cloud - id: 881c9029-ed14-489d-8a2f-7def9adba178 + id: c6f7f040-449a-4734-8dce-733b84e70c14 iscommand: true name: Search in Azure Public IP script: '|||redlock-search-config' type: regular version: -1 - taskid: 881c9029-ed14-489d-8a2f-7def9adba178 + taskid: c6f7f040-449a-4734-8dce-733b84e70c14 timertriggers: [] type: regular view: |- { "position": { - "x": 60, - "y": 260 + "x": 850, + "y": 150 } } "18": @@ -430,7 +432,7 @@ tasks: - args: prefix: value: - simple: 'properties.inboundIpAddress equals ' + simple: 'properties.outboundIpAddresses equals ' suffix: {} operator: concat - args: @@ -441,8 +443,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''azure'' AND cloud.service = - ''Azure App Service'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''azure'' + AND cloud.service = ''Azure App Service'' AND api.name = ''azure-app-service'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -458,32 +461,36 @@ tasks: task: brand: "" description: Search Azure VM instances in Prisma Cloud - id: 311faecb-5148-49cb-8feb-b1fb58a9dcd7 + id: 9da485c0-2441-424e-87e6-10ec95671e6e iscommand: true name: Search in Azure App Service script: '|||redlock-search-config' type: regular version: -1 - taskid: 311faecb-5148-49cb-8feb-b1fb58a9dcd7 + taskid: 9da485c0-2441-424e-87e6-10ec95671e6e timertriggers: [] type: regular view: |- { "position": { - "x": -390, - "y": 260 + "x": 400, + "y": 150 } } version: -1 view: |- { - "linkLabelsPosition": {}, + "linkLabelsPosition": { + "11_13_#default#": 0.12, + "15_13_#default#": 0.19, + "16_13_#default#": 0.22 + }, "paper": { "dimensions": { - "height": 2335, - "width": 2590, - "x": -390, - "y": -500 + "height": 1355, + "width": 1690, + "x": 400, + "y": -480 } } } diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP_README.md b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP_README.md index 4fa75d535754..45be96380e72 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP_README.md +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP_README.md @@ -35,4 +35,4 @@ This playbook does not use any scripts. ## Playbook Image --- -![Prisma Cloud - Find Azure Resource by Public IP](https://raw.githubusercontent.com/demisto/content/852016ad0103ba42e8b5c8f596246fd14a4e7a90/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.png) \ No newline at end of file +![Prisma Cloud - Find Azure Resource by Public IP](../doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.png) \ No newline at end of file diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN.yml b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN.yml index e72fc148cb2b..140fd1b380f0 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN.yml +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN.yml @@ -72,8 +72,8 @@ tasks: view: |- { "position": { - "x": 500, - "y": 1690 + "x": 1420, + "y": 760 } } "10": @@ -122,8 +122,8 @@ tasks: view: |- { "position": { - "x": -780, - "y": 850 + "x": -170, + "y": 410 } } "12": @@ -162,8 +162,8 @@ tasks: view: |- { "position": { - "x": 500, - "y": 1810 + "x": 1420, + "y": 920 } } "13": @@ -197,8 +197,8 @@ tasks: view: |- { "position": { - "x": 200, - "y": 2070 + "x": 1210, + "y": 1090 } } "14": @@ -222,8 +222,8 @@ tasks: view: |- { "position": { - "x": 510, - "y": 2320 + "x": 1830, + "y": 1270 } } "15": @@ -278,8 +278,8 @@ tasks: view: |- { "position": { - "x": 1410, - "y": -865 + "x": 1420, + "y": -910 } } "16": @@ -306,8 +306,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": -500 + "x": 1120, + "y": -740 } } "20": @@ -394,8 +394,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": -130 + "x": 1120, + "y": -410 } } "23": @@ -442,8 +442,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": 70 + "x": 1120, + "y": -240 } } "24": @@ -481,8 +481,8 @@ tasks: view: |- { "position": { - "x": 1150, - "y": 490 + "x": 800, + "y": 80 } } "25": @@ -511,8 +511,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": 330 + "x": 1120, + "y": -60 } } "26": @@ -550,8 +550,8 @@ tasks: view: |- { "position": { - "x": -780, - "y": 510 + "x": 70, + "y": 80 } } "27": @@ -578,8 +578,8 @@ tasks: view: |- { "position": { - "x": -780, - "y": 690 + "x": -170, + "y": 250 } } "28": @@ -606,8 +606,8 @@ tasks: view: |- { "position": { - "x": 1030, - "y": 680 + "x": 630, + "y": 250 } } "29": @@ -634,8 +634,8 @@ tasks: view: |- { "position": { - "x": 20, - "y": 690 + "x": 1420, + "y": 80 } } "30": @@ -679,8 +679,8 @@ tasks: view: |- { "position": { - "x": 570, - "y": -310 + "x": 1120, + "y": -590 } } "31": @@ -713,8 +713,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''gcp'' and cloud.service = ''Google - Cloud DNS'' and json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''gcp'' AND + cloud.service = ''Google Cloud DNS'' AND api.name = ''gcloud-dns-managed-zone'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -729,31 +730,36 @@ tasks: brand: "" description: Search configuration inventory on the Prisma Cloud (RedLock) platform using RQL language - id: 2db56794-0219-4474-8ceb-5a3f7b8482f5 + id: 32767fe7-d8ea-422b-8bed-c3327a805dc7 iscommand: true name: Search Zone Name in Google Cloud DNS script: '|||redlock-search-config' type: regular version: -1 - taskid: 2db56794-0219-4474-8ceb-5a3f7b8482f5 + taskid: 32767fe7-d8ea-422b-8bed-c3327a805dc7 timertriggers: [] type: regular view: |- { "position": { - "x": -660, - "y": 1080 + "x": -170, + "y": 590 } } version: -1 view: |- { - "linkLabelsPosition": {}, + "linkLabelsPosition": { + "12_14_#default#": 0.29, + "15_14_#default#": 0.16, + "24_7_#default#": 0.43, + "26_7_#default#": 0.22 + }, "paper": { "dimensions": { - "height": 3595, - "width": 2990, - "x": -780, + "height": 2545, + "width": 2380, + "x": -170, "y": -1210 } } diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN_README.md b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN_README.md index 21afa470af32..e58053be44a7 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN_README.md +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN_README.md @@ -36,4 +36,4 @@ This playbook does not use any scripts. ## Playbook Image --- -![Prisma Cloud - Find GCP Resource by FQDN](https://raw.githubusercontent.com/demisto/content/852016ad0103ba42e8b5c8f596246fd14a4e7a90/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_GCP_Resource_by_FQDN.png) \ No newline at end of file +![Prisma Cloud - Find GCP Resource by FQDN](../doc_files/Prisma_Cloud_-_Find_GCP_Resource_by_FQDN.png) \ No newline at end of file diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.yml b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.yml index 11a6a8c57909..8aae16893c1f 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.yml +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.yml @@ -38,8 +38,8 @@ tasks: view: |- { "position": { - "x": 1820, - "y": -500 + "x": 1700, + "y": -490 } } "7": @@ -66,8 +66,8 @@ tasks: view: |- { "position": { - "x": 50, - "y": 1100 + "x": 760, + "y": 320 } } "8": @@ -97,8 +97,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''gcp'' AND cloud.service = ''Google - Compute Engine'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''gcp'' AND + cloud.service = ''Google Compute Engine'' AND api.name = ''gcloud-compute-instances-list'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -112,20 +113,20 @@ tasks: task: brand: "" description: Search GCE instances in Prisma Cloud - id: c6789137-6f7f-4ba1-868f-560dae840a57 + id: fc1bee60-2efe-45c8-8142-fac341a44269 iscommand: true name: Search in GCE script: '|||redlock-search-config' type: regular version: -1 - taskid: c6789137-6f7f-4ba1-868f-560dae840a57 + taskid: fc1bee60-2efe-45c8-8142-fac341a44269 timertriggers: [] type: regular view: |- { "position": { - "x": 480, - "y": 240 + "x": 1230, + "y": 150 } } "11": @@ -164,8 +165,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 1350 + "x": 760, + "y": 460 } } "12": @@ -199,8 +200,8 @@ tasks: view: |- { "position": { - "x": 170, - "y": 1580 + "x": 570, + "y": 630 } } "13": @@ -224,8 +225,8 @@ tasks: view: |- { "position": { - "x": 480, - "y": 1810 + "x": 1700, + "y": 800 } } "14": @@ -254,8 +255,8 @@ tasks: view: |- { "position": { - "x": 50, - "y": 60 + "x": 770, + "y": 10 } } "15": @@ -310,8 +311,8 @@ tasks: view: |- { "position": { - "x": 1490, - "y": -150 + "x": 1290, + "y": -160 } } "16": @@ -349,7 +350,7 @@ tasks: view: |- { "position": { - "x": 1820, + "x": 1700, "y": -330 } } @@ -380,8 +381,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''gcp'' AND cloud.service = ''Google - Cloud Load Balancing'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''gcp'' AND + cloud.service = ''Google Cloud Load Balancing'' AND api.name = + ''gcloud-compute-global-forwarding-rule'' AND json.rule = ( ' suffix: value: simple: ' )' @@ -397,20 +399,20 @@ tasks: task: brand: "" description: Search GCE instances in Prisma Cloud - id: 564a9147-51f1-45ed-8b0b-3bc3d55a1319 + id: 1ef4f6a9-1e5b-410d-8d44-0fa35f15118f iscommand: true name: Search in Google Cloud Load Balancing script: '|||redlock-search-config' type: regular version: -1 - taskid: 564a9147-51f1-45ed-8b0b-3bc3d55a1319 + taskid: 1ef4f6a9-1e5b-410d-8d44-0fa35f15118f timertriggers: [] type: regular view: |- { "position": { - "x": 50, - "y": 240 + "x": 770, + "y": 150 } } "18": @@ -440,8 +442,9 @@ tasks: - args: prefix: value: - simple: 'config where cloud.type = ''gcp'' AND cloud.service = ''Google - Kubernetes Engine'' AND json.rule = ( ' + simple: 'config from cloud.resource where cloud.type = ''gcp'' AND + cloud.service = ''Google Kubernetes Engine'' AND api.name = ''gcloud-container-describe-clusters'' + AND json.rule = ( ' suffix: value: simple: ' )' @@ -457,35 +460,39 @@ tasks: task: brand: "" description: Search GCE instances in Prisma Cloud - id: 1b2983de-58e1-48cb-833c-438102a79237 + id: 2c5ee418-ee55-4f6c-84b5-a21227fa2110 iscommand: true name: Search in GKE script: '|||redlock-search-config' type: regular version: -1 - taskid: 1b2983de-58e1-48cb-833c-438102a79237 + taskid: 2c5ee418-ee55-4f6c-84b5-a21227fa2110 timertriggers: [] type: regular view: |- { "position": { - "x": -380, - "y": 240 + "x": 340, + "y": 150 } } version: -1 view: |- { - "linkLabelsPosition": {}, + "linkLabelsPosition": { + "11_13_#default#": 0.12, + "15_13_#default#": 0.23, + "16_13_#default#": 0.34 + }, "paper": { "dimensions": { - "height": 2375, - "width": 2580, - "x": -380, - "y": -500 + "height": 1355, + "width": 1740, + "x": 340, + "y": -490 } } } fromversion: 6.0.0 tests: -- No tests \ No newline at end of file +- No tests diff --git a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP_README.md b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP_README.md index b747ad8edd29..98e66bcde664 100644 --- a/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP_README.md +++ b/Packs/PrismaCloud/Playbooks/playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP_README.md @@ -35,4 +35,4 @@ This playbook does not use any scripts. ## Playbook Image --- -![Prisma Cloud - Find GCP Resource by Public IP](https://raw.githubusercontent.com/demisto/content/852016ad0103ba42e8b5c8f596246fd14a4e7a90/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.png) \ No newline at end of file +![Prisma Cloud - Find GCP Resource by Public IP](../doc_files/Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.png) \ No newline at end of file diff --git a/Packs/PrismaCloud/ReleaseNotes/1_9_0.md b/Packs/PrismaCloud/ReleaseNotes/1_9_0.md new file mode 100644 index 000000000000..5cfb5c24657c --- /dev/null +++ b/Packs/PrismaCloud/ReleaseNotes/1_9_0.md @@ -0,0 +1,19 @@ + +#### Playbooks +##### Prisma Cloud - Find AWS Resource by FQDN +- Updated the playbook to use the new RQL syntax for search commands. + +##### Prisma Cloud - Find AWS Resource by Public IP +- Updated the playbook to use the new RQL syntax for search commands. + +##### Prisma Cloud - Find Azure Resource by FQDN +- Updated the playbook to use the new RQL syntax for search commands. + +##### Prisma Cloud - Find Azure Resource by Public IP +- Updated the playbook to use the new RQL syntax for search commands. + +##### Prisma Cloud - Find GCP Resource by FQDN +- Updated the playbook to use the new RQL syntax for search commands. + +##### Prisma Cloud - Find GCP Resource by Public IP +- Updated the playbook to use the new RQL syntax for search commands. diff --git a/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.png b/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_FQDN.png index b69748f52169fd467f88d5ec0afaaf957cad7f44..c8d45de02f0eaacb5c5a2b582c9107663d72bfee 100644 GIT binary patch literal 511583 zcmcG1WmJ?~`?m){MO2iQR7s_!n}a9{5+*r-bR#)5jtWRCNJz&4LlF7~~z{9U<&wKP=DpJhCI;>3yb_wFh`JaK{=ec}Yg z`7@`$f8p(Zc@F&FA1)77lui`1GcTMtaplB4FHC6C(gV$@uoE=PXlEoJ15n# z;h9j6addEXbrr2XbMcDeixYp4kiz<-o|%05HE#B9w~iP%gOo-dIlC2#HMYjB9J{k zE|h@)@<|-KEAq*XT++Yfg6A&rca41p9Hfu3@4h&Jis2KIw~vTVA(;h;nbxo zU&6?SUb)XWOMU9Kd3+;getw>TVj`S!G`!BT)(WVxT3Une&V4Ewcd2_S#>BdMFOo$f|>9y z$vK=b(=k46B*>bY8tZX~F>krGNhY=i89bY2^Yqz9(Wdtu{xoJGKllfv<=y~ERC{DB z3OH1%$1Z&HCRJwJJ69%5A(k15t!8(qwlHO^)~|3tFxIH~Rd8ujQMLhc(^gZX^%GLB z`0hhpUA}@*N|-%A{xok zv$l$SqPlXD`r$(Zzh zdQxQG8p{)-YQ5?p0DWSK+*RTwcyUD>E%?MOFFB1=c@}yBgE#nt=`D|iaAKww&+V*- zp+DvXWg`D3We`dJ)89+4fZ3g_@V8Zw-EWcW>g}aXlyHmy|Kp)KyAabl(`_p*n2s6z zSQP}Xv90{9NLR(g$QTmMt$D}D$jE0esIUQZI#MO~Vfe#buR*DE5Lr+=)K;Q_84uV( zY%A>F2>Q>)>eP6-*$ozRO3TP(>hKvpSk{<#IBakG1*<$7H=Z?nhw-Xm<<>}g6K%OS zDOgJkm2}>}|M(Nj1D;sz&*9;a;s}$Assv`ri(bSs^*1Q&FRv7N9xM)^-E4ur7#x3@ zaB^`OtRjdqzw-7ruw(tgzB+Gi<+}+)s zJo1^GTf=>wdXVcDGJ<&8c>-vM0ShY91W7-ckiRs=ONpgh>MxAM;cz^0t=7v0T0DPI zBsu`T;ue!KbEx3d4wU)zx36))8zsqki?=69Q6FtJ7dEOnR$)^W5p2YnW{~Qg}k5@0Piy`EWFApmkUolybSkX*a88!v}@NcT6 zW2Vs~yb=lfw^zX>U{zOxbVUHurWY3$g4yM`C;fLeEHiq4s$}(f28dvip`+*?rpbF; zb*{45-%!}ru^TJC?!G*5DMpo3HS6K@#?B^sL~S1DtmLNw^M^e(2EkeQ$QFUnl=~=W zve0kU1UL>WSJ%%W@pmpR6jKTvA4sQ>)*FICZ4}KVsIPe+VI6NHkx0N%;h!_kG@*^6 zu5qn1*#?oF*l#Rx+_0(yBy-BRC|ff#jtFKcs=_*7p2NvKg~*3lbXgD0b#a5)z^#25 zA!7{p5?y??7BE&L=1`R`Q-HytKlVnAEoA{iY(4MrX&|{1>wNTjfDKl;i?>8^IQQF> zO^#H#I4%Cp-Hwb@Uzu{_x+!K6r>dh%K%8(I#H!I<`Bt3Swn zoT0;aM?RGvov7*K0_-7toCU!LpjmMzcH(=`RIe{vQ^nCN{exUr<@CpfEusV-}FtVO0cxKqydr&i!L! zY|W8ukw;739nC08jXU`+TYMHS6cBIt#8F=7zLKUJi3$>!n&|g?aOP@s7^%5U>G&GMnih0+*+ICf#fkJ>E$e?P~(K0X$vW1 zc)Hc^pvlyuuUMzHa{eOI=7^6^qsKO~MBRY`a8*A6VRs0;1dA_&Ovk%-?<74|jrZ#m z{AE(SaQ$6fMbg(&Q@4^FIG``P&CzMoSg&a0vsi&_tU)fnVRERv3b}X#ft+;AK1Urs z07ut#S??^Y!mp!Bl9`$L?lrDGRpD=TZf}=3eaw-tDJ#e-J#TwVwAM4{E)Z0Rff3t3 zEgiyHWZWA9&ogB_%vA`WbLzWk?N8_^FQ|o7*cV0+}-M@_28={M4B*kaOpDt(d>i^%7pnP165RLcV(S z%4vIbVmptmn!&LaDQlCQN4GWUI9kJBO9-OOw)L4VvNRb(WxCXk?%`{N54Y7)Lqz6w zr+r%WKmAD6ht8 z|FQpLn`8=s*nr-UfPKymzm58L+fD2W%-;T2C(X1)ZpPWWirfCc?^$N0z#x=JAKPQl7EU?<6nI}whKj!BYE*J{^N{b^o(&;R&Xnl6c-0=wdW zG;sR?hOg4SoTwzbJ|I$rukX@%BROby&BY~LoZdD*RBG1CDAc+Z`ugmHg1^f4GlTHz z6?^@fHI-52zJoP=OD7*(pPh{K#}fe7Q?VPZmO77(QO&xD#_**chi34((t1}?;6^`) zSWf=VeYECy^ga60&cpYry$d7qIi_3`SWe2FextpbN^>G%VDFp$T7EO}EVfP2aNfa& zFCBB)C;r-GWZh;gqVlS{!>|zHFg-KJvNWe*Vj$RMZL?!Ez6;I8ic zT_rL#ywHC`W`Q`^5$&(A+fcGL!ix_JZ=L=8q;;VqN}H-g+ND6jaJP347&m;F$<@@_ zqgfRDTDXdz2f0moyWNOZjZ=$DapK`LFJ;5YI+vaSW=n6u2KGof>b(ohEZ&aAcd@Al z3)-f`v2MbCj?unNIcKrv3f>cC$e!VnEsj6GR*cGsmmmES^u9yKYUe+Dw}e(xe#6Fx zs3Mr9kbtXnuW%1twu?xXr9Uk%Deq1<)sc>MxtU0Cs`J>w4wU4{ARIAuV@z>p`9QL^ zO~NkJ8(%4(va?gGcFnVe^{Ly_shp0w%X_18j4cD2V@S2lq~&DyWry4#+?~LswZhuX z#7@Mq`=AL>0w8|m_UTk6^}~lAup(i=4~r{8@~+7B=@#HmvQ*vf1>%aWhP{I{!fwwO zzZeRBRAX9%;d6~`7^&Ub9u>~FTXqq|YmTw8wK1_7w&ENqbItLQk%gRpqT87I4QTw; zSmVjYi^WP+2*oGHl;5FS`VG`U?Ry6x_a?R*u^G%Lux<~>Ce?W&F58z#yRRt6KI zM=*Z&{W=`at2=fmUM=i|QIc?_c)Q!PxTNsC9>AsKiv*w2pkYk<>Yqg`;_5RmK;GcH zo+9To>1t$9=i*}1sUSq7xpMG?G0uBFx}veK&9;Xay>Z_VfM(XvmII*c;q4JWb#&Hi zG49PQ5(w&+qfi#?(o~6?UktKi1jdxV~v2} z&erL*eL>1FtoY%9i|cpDqEL7^@2M1y@Ug-G^A!6ZyttW!Zz>PVMD$ zB^K7YYJ*b>^z!LI&i`zH63Cl`X8#K3^1lvyIZ))H&e?Q~!p_f=)~<{5Yb9%2j(*%& z?EOizm3P(ChlGy^aU&|9))e6gx`b2EJW4{K5z z`wv&Yx>|X^clgAf3X&+lst${MEnU=U(cZY3gN51>ZOok6S{1=5c=&*AnEGEc6W-SE z$NDH4xtFxE)M4ToUDYvNBKqn`uhrekdtP9tZf95jbn{E+DS!C~j~(_qECF4bkdAuP z3ciPJNTOMUJUjT^;m?YHM0d|nHFKwc$CCsHPK zV(os9+=5RwAv^!;uCZ_+4gwwCKVCWyQVP&>t7TYJERV{Icib&;dvKqhq6o;Pj?dIP zwkG9g<+&tID@0A&Lf{F?nwOg#%Y9SUZ0|PN4;SMy#>ZSQc*`pxKj;(o%{0qwJo)PT zaUz421Q(kzO*)CB#p-BFZh`2UQQ7Ala#JlMf<)bfh&5G45&CpY!x98xJ_O>T_HYQWS7>3p>I@da@G<8Sdhj)_H~{POz1(9Q=@8OCCe6@sv|fLE=^#^Z zlnu`&?bNc@lE(2KNzCtW-Es)WX|F0L|D1W+Fp1AEB898a5Uc*t) z&)Ui4-{G_3CZ2P{Rf0*32&>imgG7YNiV}N}=znAekONQ5Cy@k8fm8lFF2sg8wrUXz zCIBTm%z?4Wjt#3jGWG5@9+s=Xs|NWWB#vDk{`nYHNw|VFE2=OnCKNqt#12h8pSp#- z$AfqD+il$*Vv~ zDMmDR(jI>SB#UZ{-pF4t{3oYyB>_)dUW`bUKeE`Q{5>^s+96UkH{P!fkIh`zUY=_q z8tpG*oz`8Aq_wHgdz-!$4TnVUYoTqN&F`xH@htt#A_`;lK@rI*tFNQx4T#xdrX4M_ zi&BG$r?!jVVh3I5yYbO(BWOz%W@#_4Z>ijrAFLcVYWfHL_M55ab89z@_C34?&+SuZRd^-6g#O` zuMS}#7#p#mPWPtun^l>O6szy#pa(7nIq7T~eXm3aYxZYd@NE2iP0LHaXqG)7&Bawi z`9rC4Jx-SGTShdO?NS{-F<@O!21i$c&}p3hj`A;2SLA_MV$W%gBO|^1KAlYgPeF>G zZf=izQaLA@Y>{?hsWqhv=ds~Op6i&!hJ{+4x@-~EEE8!x#zJ&f`xQj>h6aXlXj*d$D?R)HZ9L+QfOOAx7W|@A?&1T|L zqZ5CSWS8-F@PAOY+paOXqndH-pi7N@g*SK{TkP$9u9wNQ3vH)JXPfs_b?qOR9Dm4@ z=z^zkM9?%PF7E)tQ8hg{=u#rZ6*9-!k-+yb?(?$@Pj2bbs&iP*4a>cxdEF^>3uzqi zg8&dVu#>;zd{D&U=U&Btn3XzAit<(14o;jJJJ`eLsI|@N^gdydiCnI6vz4B*!v_>G zOuY2pj$1ex&0s)P;BA91oCKi?MRDu2OHaRo$AeObtE@g^1nFVlUJ!^0+}SVjf36Q@ z>CR(&ZNxyW>m@o8-V|8n<16IYGQIryrKQl6l$31+);)}*->woAE4Pb9cOr@_`5eUM zwPI`H_~pq9IScm`$}PWjA_%{zbG(|b*$&p|Ucm+QkA{aYX=nXeJuRjyD!8L7ZdCME zvsr_tvvt;y@~b+HULv4lP3o_$dFqZPVB$pO=mWjFH zq`ibFcli!(8g((uie?WeVw)5HcSK!-BK`A*OnK#I!EAuwvvuOM=4>Ph#`@d4m zP3_v-PNna;Hx?i;CRnta^?bqO8{}BT!s)MY*S%H1=NEKY{gb(>5G2%ADoCUIl$9L@ zMbv2>^a+Wnji-*5HR~9c`rR8dHD#GPYS!Cti*Uq(kR_Zu)l&>t<=bD{I6){Ly&w+P|#m^G?odGq>Q@*lOyp+et36j{bq= z$5b>Yo{ngcVBL9kA30)>-zp1&cg?gx=HOjpe_5ZSaHoweeUttIMAzV;6dk&C#`&GW zlo61r!q@+aOce~;HMK-@A6MfP4(3vokL%LXuRg@Kck=y={pO8J)uW5Tq z(D%ltnC^k(TU&Qz|4ks&NMM~re5xlvy%VLFDNGZ-tF<3GR>uz&Q1%EbK&n6%IbG{6 zJ7@&ZKC%21-UQva1j)T+0dg#;jAeu5$9ltt({{to$6mA$6x7$>q+(!Rj^tmmSqrGE zkb!D-iQ@JlP~AVS6=c>3E3!=LjEKxvt?aOC5$TL9@`~Ca(wXdhy8bBZuoVq`m zKR>U-@~)%fx%l_viqnI$rFz0bo%C#VZk8i%8?gg5-pJ2-WjAcf^xmsx{g~T$*E%Dh zi|)i`$f}3JTkH%qx&L#C2_7prH zX;jz)DzvRAqtkq6y2ncXtF`1hU(Opb5j^jImc)1QLvr**hcqF4;$#2mNf#oP!Mgx^ z5#zoRQczF;C8}@4bax^I;u4=%DIr5=X!2jd>Vo6K)&|o*z+uF-l^5{kear}@&kKw8Px8=M`kuW(`DG`;nh-O92qFv z(P8rXmz-9|zi#&)vafAFDg@RB)N*bTDaF{2qg#w(=7Y#PzCx^MN90JQi|_JK87~@* z&Ul)4yUKtybY#Z4io8Dxz;0>yQ+C$@?1qf{@?c3qjI)bo{H9F+NR<&9ENSnzQrtw_Sd|^L@l^pr&b;1-yGJ>;etzDHLmO1OCnhE&-IsNsCP&u2 z;r_|*nK_vcm%^0NMf0o9K~4b`KzrN=Ref<-qA<9_cRxV~v|vI|KYZj#UN7);4|r&< z#kFSj&lm!mO}*{{C(8ji9RkRxpx37H$B(qr>$hPdP7*t=n0BSKTG- z)lUMK_eF?=?KbX|Ne{Yx`!o?jZQEY})tZ$pE$4Km3y%9NQlCx>=$3&Fm89exSb2`3 zy$XsXQGlfPO_3*0o`l?sq#s)1a4FKCRxZcuZ`M~|leLQi+z&;hN!?`LN(XHtw5dA{ zZbeS&+IGX`{7(xFeIHCi-CO!CGtNCjAVp9bf6N9L6)BtdZ37U`UK`Nwd3bm@5BiZn zwCXXLvo|?jB=X?X zx&lFc2*R6*`uq1_b=XhQigXxT@kHz8$Nu2CSa=LaHPE8b~ZU@#2upEWlJ z*18Oemc5hp*aJ;A1WO`u2Gs;Yk;iN!5*RDda;v(78B` zvGg~jB-@&_C5QpNKeqEfX;pAh2Ov^vdql8_G6 zKU-GtxaM4?^d4mA-v4YhXdnQa{oD-#8Vsxj&GS|wz#(15)zrxJxjr>L*xf2}nrZ@g z!}J{nG$pkBhYhar<&XrF>49eOD8spqR83Q4OaIBB_69Xa)(}(fU0`=qiVPwirZd0m z(A>Lx3Tkw$Cj~9Jq6y!HZ^|-fX6Db2R^D)^b5b+FWbuM#7$C1eg1hSx&a|P8n?L6^ zv}vl;o?dgEqlQ;@&-}vFZx4W8B47@}@2~?eNpIPn6r7%(F8O@>e)XD$rqA=~`{)#d zs}usXpskn#|7%ZL4pJXAePhw6v7-Dwl?Pp2vv<+Sw&exki3P(nG7`wY{=}ST5^oqP zv+ePZi>|cFeSZoUHCEYL<~qgbc}mKhuTW-- zftfkX<>1vC?zH6;)--2oAh@>Z$&51_S^Txsz4^T3SW+1vZL9EXBNdfI(`#5J?Zz_w zzNUiYJkuxnNq1KIKI@8Dj|&7tpsQ#})jHt6=!Y*Q1KsxPsuSzG|xBXme5cB8l>ow5n`r46=Yi3^~S>FIKv%T*#S zVHVyXmehhz=)o#TQU{Nk8%6tD_HWlC-0@*-i>FAYNLh~@9UF>z=I9&DmI9xw#f;V1 z|Cus#mG{<_(BI~3Xbv-p!=EM|Q&a9!_z!}d>6o1;F+mu8I8bvTcGOxIn$JQ)m$cA# zIgHgz2qliHDXe7^#48kE5nvkzUDuT^{V!!(Z^hPup)55}b1t@}950JZc4Pq`L?;e; zO&INkkSVG~$(;l#lI{9klvI9MifPPqHrzU_di|=A?`nBvxi>aO(+naWSLgu0>xjdC zIvA{c18Z|SfL4aaKI0Buf_)@$f7Sc%epPeIb~HBZuk~|N*>4@IvouV7=1lUTe)|Wu zSL+fQ!?>6Nv*8Cg^dqU?PJ5TfZsW-fbaoI9%YwvK+8-YrdK(N*7A3uQgB5&2d^C81 zs`J?Gm2@t4H0=B0+q1ZxLy46VbV+<)Z$fhstsjC`1J|`L?;#qjFX+m^`xSr& zPcCgYRS>f~4*LB!>z{bm22trO173$7y#5Sxkqd;oUF2u5{Al)~wA)-)Tq}NDXmEy8 zl#Y2cH~9YTzk31b>RxnWCl%OvtI^;}+Wlia@D?@zGh)-g5md6GYKB@sRLEusLhz~w z$WhE(0kmS)=wh9H1njH4TbnxE!uW*`60ez}q2J8V$o|#rT-e$2G!W3~r=%q&sRsO5 zUKxSkF)4vdJe~hKOeh6EvenJ6z^yAMP?4mdlb`C$ef}#Trc#2N4T{ErKukqQMSL28 zp5#}uS3HAVn0RSH6Y;}8iGoPTviW@@sK9*-p*e5~7Y&68bQ4oTZ7=X?(`S-DfiFn7lTy>5i`nnB|$BV7ql2@`o1TlQnz z0i%1>c@LTLbsavNOVBkkzJH;Col;p>!8JtNTW%DlfNS)Y5Y1peg7XGALYcC?nEpOs z{MV1i)ATTs33#TeGk`vE(WQ|)R2R{Sg1Q?pBX=~NRA7#9NzZ&X2A81q*)Eso2S2QZFDt`sJ`_P&8f zxK-kc&@J%gmtS74odm}G>BzfbA-MfSeGKrTh}^WjI1JDTXN6~buq$@F3%G<7x7fr@ zY7h=soVJmHRUIIvZU_PyI%-P!0=d&z!j7&S>~wl^5jdl>^Q={W0anERcGBg8{Rk6q zg#Ni46MU+G7q>n6=*r%JYtVH)(}8yg5lZ`ZL)T!OGmFvIR0L!1 zgWkvGXgK5SdMbbn^fOLd4pKmV+xRyt?5h360Ah3Ny`g3w;EmeiK6}Cs$Mb>470c-{ zC9*>b@>29X>=O0!5}=cmrF~8bP`$+DL=5ck=IIx3iL>%P`l+$t2mCcM@WHE0f27N# zo+5b!0MyQFIOXW?I5|EYeEGSr=Zu_yG3Ukou#bm1epVb;1!f7_Gt-Iyid~iZ~y*TkPU*&HPYZAbi`sM zUo31#ppGJwF_cl50&3aA43tp2Kt;n?8xNfdGMEqD!DO9(%?sKNd@dSUNIa1livBpLH9;riErGo zzY4oRFI)qt0pZXs^^^08tG2*@fTQn2INI8~?7~xs6I6dD1i~iI|M-eDKR}(uxq{?U zNpQmCh%D^cKdokrfajdQn?Uvwr{py~&}Nuw9x=JOvU)FAJk zcqM+q4TKunNNrp_>;N&OcigvAgHV3;>^8f>nXt}2@*#;P%Js2Q;0dBOQ zxC6Y@Pe;3eArQ^vt?ZR}!_5iQbpQ<$NnF+X-h<1iBjVa%k6a(W0)JU-MIGij%!^mF6aaO$ zT>3TilE4X04k<8Kw$EJrXbSAMbghqy;9bS}f-79FV29{u_BFr)+F?awJAk7d&%n*+ z6DV@vsnsw3T1A5(BM-xiG=|-71fR9@bG7`HEaI|Vq>|!!eFHz2Tx+#$>B#KED? zRL&7ksV{}Bd~E-s7VOqNi^{`+SUa#k(9XcX!0hrfJG-fJ+qZS{cff{fS*hol-=BeS zv>7Htd-UMVF+Elt#}FMu4^DeE8Q?103EK^~d2f_)E?xX+1H|T2Eo&m|j^^Vj)SNp$ zG*xyjQE~*yG3TzQZ_%JKx)CAiHc@ReP#||P-Wi;Iy^e$l?%Q7cNQT0X*6|bA=3ALHSguDVAvHi8&i+OkJ0T>ZiY$DIwh~H1&2PpPt25ILy?0ZPW??Q{EFm7 z2TAgF3w2%acVCs8=kobQCfV_xDoN<)hH@p6GN?>|E~;r@r!pzml~wFsMdRT~xeweC zOLmc(2Bjt>noO!`@(_NVN=b&gabZ0+O_`))Wt5(HFlJeL3yWyT7O)?-1-nd5Q_pIA#qr%s+XbZlgx6Sx_WQ#6Icch- z?#o`Be1duoe>dBR*@x|a@X4p&}nIFr!K`805{sRWswZ`{yN1pE0neoKH_wR z0%*5dxnUC#J&SAzYB!|fW|qNxoRd>d>w|#K!Ksy0*l+z8iHy+@Qz9$&@~vC9q7y38 z)2|9hA$9rmMg1Rcc*HC6LlNv`{-DVJ54o3x-Dv;q1^EB@_y7JIMP1UUAJ`_96#j*g zxD;f<0OH%ll2}I(;iDQIjrg zIrAUl?)&2@sq&X0Hn)0lx8dLLD)?CF&Wc}0*#OU<*Q8&>4X;>(x@XAQ<$*2Leb=Q8 zbHv7X-na%`HBG)HMlNnGen8<~XKKQqa8p>woCIk%N>_;7dhd2%Dl;@S6srB+?R+%# zM>^nkZK}xk;B~t_TE-(@G(hZfdeI@+-8cs#9hwDT&bxrO^z{trF6t6FDK zfq{V;*_Y6~A#Jx{H6AbOtx(G!lk1a-nX#m-yN!;fOD;zb-|-j9ZV@M6B2yo}E8|m2 zdrva>6{9o>hD)=4OTarL`|%b^)Fy6UWKTbcCc+?-Wb8;mv$1s#eWQ3Ude*I>`S4&p z!n-+$DC|T_uvo&RD_=pv|eEjnPCfxYyO+ zPhVI=&`WaudEH#EtrSukt@9*x2P=*ufA&oG^!3FCW830|*}*m`77R5yFOaF^G^_?p z%M`3(c6k0=2+ZhZE{%V+va@>QxiQ;2aNX|su?f(t=Qvh7FXto4c+CV10(=-iKpYbn zKZ{i-?S{FD*jP#2fThfJR<~X8^7qQg% zl_Vvir>B>Zn+rCEFpgm|Va?)zXo3TkIV}T}Er^n>9W2q-(+|Mi$Z)&_=zl*Me5lMo zFRe-hb1)boj~BCjT3TLy2PhhsYn)Gy=69`i|Fdkca!T=qB8mj;MFy)MsL?VWt7)AG zlzSk!b6PAkQQMC?*#&m=CMPF9;MD1jf{dfwU&z0#5ipjtI8yxv7|5TM?lcWg}n z!ycD`IQ@xHWE;HF^ndfEG`s-se@>c%H?lxE0m?LS-h^y>&qGi{)HBSx1@9#mL25QH z!utyaL?=Cvit3*1gV!{=aRAb&#I1Y;4E_O9f*aDXd4j(Ykva88*LmDKOT(W@Gu1ux zF)R1Eptnd+YY_1yZoY)kF@h`bJWPv9$8b2uv7o6jyzAYv;0-1e6-ZOWoall%fL3%s zsRrPR*^vtxQJu*H$r8~1{6|m_D~5Xt?RAFH<6qSZ?nD&)K!otROAu@cnQR9DpwY+nRqwf^B?=?K!i=Vs3M^wNy`aEe-aFEjlmRrq z1KJ5uT2^+xP#dg$H1i+Z@2haxojzL?ej$h7pi-!|Xktkii5t1(GMy-4WW~>tx%fa%q1+L=fotJ4iCe>NYzRZ_4^|_xQ$LBS<`% zE5+S~GP|VkNx?Bz5l1-(;JB!&)F`$2i!dBv?i;&>X60^uA1s@O%KBs46p|}rZy}MR zZp6wz>qW&Yz(XdNoGL`MB&1Vfc~|4w!LA9<$IODs+}e_bH0hY)x)YD86>Eut-ul-2 zIQwQcqjw6_kM2LDZ>7NYHj2prse;k+$1|dwU*kf8N3wDX0|&5y=f{57S$1UvIE^)_ ztK9DW>GY^a$~Ep(H&sQVg8{w0y*>LGm)k4O2YjCM;S!^7miqj-==gM=KNiAUD){q= z;3pqxT)t!ipxRM5KZk4FP->MASP!`Umzc29d;wQM3m2^IL5lWg-%GnneE5O5AsJJI z5uGjD?N&3{S)W-O>_D&?9d^^3&ist|PM;L9vzc=!x>3R;e-tpkyc{;{h!LX`G-S3O zSXpak>)7|3_!i)4>bYQmLE>50NU-Z=g%*AHNzAP6@N9<@bRfur?t9#gkXBc)`0qbIBQR*h$doAO z?arrL?a_emt{m9Y&SyOIbpPyt8>y1Qiw0*OEZG*a&=#ttsDF2}_TkfJ5IA44GFW0M z`6-UqHMZ$zREe*}irWVvquqOi)kyvFbEo%;GyOqO6wuJoB;$`Jnz2b>D+PvzhMWUu zx_xIU8qH7tQNphxGp#3hxnzRrh`+Y@aQ26r%8nB9o`;Z(S-h=drl9QDVYGMq1+H22 z+_I2~yOyA@X7Tse0k3i0dmY5XaC1XKT@s&`JFtSq)cSDx2+}jZ3l+gO$E>iCtO{Y; zB23rULW6hZ27eU0c2vE5X05X#$E&SeYdoTpj*-Emy(Q)29Fvz7johmR29K!qE5e!H zw$k5Ln?2~OIC7Uvk=WH#y$W`o*lEgdJsy>cl2VDhY&*K9get-){Y zNz83Z0!`hlRLOxiZ}Q~2R!Ap8>KgL;Q%+N46^T_9$@86WMy6!Hqj>bzbuk2V68=x& zbj-4cLG7GM(BeATv@_X3R5;gMo#%n}WRsi!rNKXHHZQigK%OB|x(8^X2y=g)>pUb^ z?|f54ed1Vr)Ci?cJ=v9;QEKa>_Xz3hjT3iH?>m#t-I=-%o_VQh(&?(|^8Q6Hm}E6C zV5D4h<4CC__rIwg7+(WOy{<>~rJ;n+A%)aV@hhtx6H{xQ<$Bb~sdizndNVK&V%Z*+ z=wQeesc`7g?gk$0Vi+4(-MV}7Iq(w55x?Pl_HS<1+x-2cAe2!F*KD4lm^1GX8I3n^ zsw_%rp%1}0PGwKHWV_U^Y)?%k*dFo}=%~CM(UEqYwqNdewG&z>@4~$PombMe1DC9@26*bMYC;N7=t~{zJt8F!^G|NxLSs>UBVbEEn2N#Gt)x`iA&Pz6cqMf z&&>&(@@ny^%J9wP-w4=UCp%Np|AUC*v<(~8L~A%7F4r5?T8-7!5)$GO>4Jx%m%-j} zb%AbScmbN&+4nbGC~_W45&}EJYc1yl-YF?WK6^e=N>CB zjfC`XLZ7~4qnoV)wWWZOJTtADpk#O`#H>qo!^P%mNq)Nv5Nb=pE7g9{Pfy3VM&9dO zVPdM4uhu9|okrq)=43>cB51Q)X_M5xId{lz+y|@PY?Ss`=q0P}(hMHc#*zDeDCt}@zG1+^6tvM*ib8mQz z6#^6!;|2xZs+o>0c!8SfsQWyHot+42BXq}RT{O>#|L!Y=H+co4by#dtf{u;&^6{R~FF zPz?ad?GA7Ed3Ly>loFC$L%0Z&`({KvG4yl#D;la-dFfM+UGoM($oYEymhnw+badAS z%tHu5*@|FeT}uXaFgAFkw?B0E8--wlr2^8IPrsb+pLnL1Uh!QHEt;3A-Bbz$*3}F! zqIM|dG)VgMGFnX>ad%l`y1=eqzn7Z$Pn6Zn<}X{)0aWDQVDw21K6fOk6Z?2kv#u-v zmpzs&eFT-2)wS`2knUV`@5J2r|yrA`Ut2A1=(OE}_-# zJ2&E#aW*UVMMfl~+0jr-AzIxM-X`8BTw1xE2LEAwuHbw^C zDWi``ik!EQExAzxi1mA5TneI?kQpj(y@=rR@MaVLZ-<4@B@luHTU}OzHwL*6`sEyy3{HWbE8`)Mc2iHxbA`8e zSnL1Tca$pBfTT3Y2rH}8G=K$N+?-@dJb^-k@rt}X?GqrGC&c0z{BJJ+jOX#B0$%Uf zwLy|=1NHdM4i`zls~l56ImG-><>28X)HQIokk=awuv+9RLI4Y5x9{8mkj7XVYCLS# zcRPMY4mOCR#R)F)#Q9P=DD9)pLXic-h%=0A09Bn7sOf2;JUIq1yAHIMZHU8)(EcDX zhkDkS@`Hih(CUS*<0~f)@ASNlJ}^z?_zoO&1l0dn5~fG7F+S6Lh*?Q3HLrOE4mFNVDFn zrzNFh(%FM1f20JN7>^Mcd|WKg5vr+f9h?@iw6;p24qxHEGbP-bVLdu1Z2Fa~OUU%; zV7oO`54*^49V~|khfQ<-zS>VNt%y#nasNga@mo#TQMd1!Ay$4Cw1uV0wvU> z`=5-Oq}h>VoyDGamt(6L?r*G5?1(ihRBukAv$rgaY>MFI{LsMx-BSn@@Y%(fAf1|wTv@z zB{2+3+D{8(NYH*~0xggmMT@}NAdNapeqY?Re`AB!WW3F?8EfBDP21&n zh>T!F&Rg1=tk%1j%8$AJvhF%Wc{d}zLw4jMj{(s5=e+E&0xGBl{yvv0ayyPG!?8b^ zEPueOX{)PvJLHmS&@Lv^dt--8Zmf87(aN`f=w%b*akw}I980*P8QevizZ8qoF<%Sj zraE8w>#Tk%k>6IxDB56QZzAGHX@FSL$~Oo3F#yh-Wp%s)*^g-eJ2u>5cRxIUF&IY0y4L4M_2rzmB$JDFS3W}^i|%S+BuPSMI1p#W<>Ldy=Mt6f!~ zqAh%&A%=`YJI5yC0q~oKXCa}1Pho(GXnc*^J=!^(#}ekq@VQ%IOPS_twCqi6ezWEC-iIj@ zsbb}+3|+F^fJ_pz)%LuHHxtJE9(=WBI_~AHfvIi2ZD!{<8o!G z{wktvGTsf_DM1RC!&fLWtPex15-P5NEy%_lDUzG@D$Pk1JJYQhE1%uS3hn=vBWMMN z1&pMEWWbyn@a|s)rx@)?YIUa(Eq9z7Yo4$?a`;sQS=SY|%8Im|bH^*P_W{dBFZ>rQ zL*whN1nyp-Db30DzFz?Uu)~8wRaiIuCEi zP6|Bh{dwH@k+h77)t5B6vJ`?*rukrMn9To3GUC+L$>4H0MObUTeC%ON0Yvuv6HXBZ zptzVE)am>E4q3WH@ynO?*cS2a`^Z}x%M+mymg=Khn*3yY`z5zH^caX6*r%aw zNsp_9l{9Hl|JUl>c66EbmS_kgqc=-Y*enqf_86~vIcKB47T2{;2tCWH(1lX)97pN+ zHC_JDoZ_{+u>B)|-s13}tC=;lEm6Yq(D!hEXRXDyFdURvEe|mmj7+UdGfNQ?Kbq+$ z(X|y08sikRpcDtEJ-k~Gw1S{}1V%82;M(%81)d6}O7va(-qk59bBbUenG#gU?-LQ& z6z{thYZWh?w`$2HR9sjn$m+S-C5az#naYYY45`^8G*;ogjkugEz*hY2fdnzol1fFy zB8@Eidh@hZ)_)QGS6}I%U9H=TsC7oQfGvCc7(kYc5juFIt1V7oO9U=0VvFQ=jrP}G z7ct6chU>EJ|2bO)S^blH<+QRY8!d6Shjo_#Pu`)t3CqEFU%WSXQr@z`l-|h4iOV?d z;9ir%U@@lvX1REv&fkBe!pYRYZ6-z-{Ns5XE&_wE;(lu6WzDDa#rT@O5VXyK76f&9 zJQaLwdqXY3OO&C||+L2r_X5KL|Rl-1PKHn+AK zA-3FS7VIyf9*isk+QE|pAgvVK3l0|z(gr#a-`xK}lGId50KgwdZJ2|m`LUX!aZCMJ zLzaBJp8o2#$tlnYI=zQO*2(y-*Pkrf4-+x@`jU)2dl8TxKjNff;L~;c!&?M+E^({S zKRI}mlPw)%GA(!OMg3zaVHSWEgB1oVCZ7Q)IPT)szb3HE!f5~bxh=M^Ta-Sf-Dd@KrdOyjbJxOY9{1s&r{^$^Isf4ti7Wi-k z|1e1x} zLqm?V8hyUa<=V~#LiJ7Dc~KS@z0%|wc}AI7fO;OEWc8X)*C{f&%`EF7^gmaTtug7A zDB&n?^Fg6@HsLM_61*h6mMnvNQ{zo++TYojitaaLDzWSk=q>*RCdN_4P}62W?_aQT z=33EdLcmTm(-rc0mNh2Y6>5W$gh+MKSDs z%T!cQkA*+9@C`^s1jw1vK$=7YP^z|Q@@ZJj0BE=+{RygA{mjzNJQ2&DJdktzDuHY= z?%);v?Ju;k6gVr@HQ;9=%38vgFq_OGLT7OCyog131)>h>X-83kGE~f&Zc%voQQt)} za}K+9+!4G8IiXQZkqE5PtF-~b4>A9M3(zGp000Rw*?@Vig4P@0b*`#5fjG-}7a9_- zlX1HS?JqI9M4A#@|5p`~9#9tei-zB`v;%1cMh5uTE3mQM0vWMlKg^kxf7o zG9SSZlxzRrvktwxcncXG9uAcN)1eX|jQ;48`juep`E%!#jf{*oi9|4W zwm0?ukw$L0{SYN|%zLfzfU!eyJ$*gsT`*zrib=ebi$!T^sq&*okAUAjux3y_)SQ5O z2S)r0#VA2WX69eYI4^JSOycUqyp$`?-=kJeBqEnpAtLk&2#HEEoJONfn!+wSRaQt? zv?avsl$Vv={&%A2$sXqr8;sNfvO)%4A&c{g1aGB+=ZL`Y()zuZ$df7&X4gFANo{VA zFVGvdRd>W}i;9XiTn^Rz*zmCLiq=gOhp}{K?)3{S(lk)F8i7E#KV6WO#YtVKHo7#O z2#EOUcj~7omL6qTh5m)2*ctFxBnpN4B@v8ek@u0@Si$2vNLRZVQhq-W8;O+*<9yz6 zW-3+hY?k; zzHP#Fe?%}=s~uvBiiD}FsL{LurBbkh{1d2WsO13!Rkd2(;5*Fpm@k+$u8++z3^UrF zoe8m9!{Q~cKjl}bx@N2Uy55Ye`vrorMC}`x*z|daF~bI4^#^TsV;it?HLZZG`~3sP ziq?pcUa_$6{bBWLV1QP^XFiU05YJ|~TA<_lZRFqK(MLod&S>c>$hriGxH>6%G0G~?79Mr3&6gONt%|>p%D5?rGAEL-hP#LKj#49d!>^# zt0#Jb>q89+zo=En81?OYxlBfgTh0cU8Z=Ch-{n`o-6PN+2ReuAj;_MmZ~%#a&-;35 zSW|gp3 zCb|d6K}-|HUax*`zJ&G5FUHpoQRx}C@9-Cu)TU=io0XS;ait6kb2!~5Fy~5rD(eBr zjxB0+reSBNx)@t8EVvMuS+NkvFF9nQz3VOB=_+2a@iya*P`cAyX0Z|xRT&$F1jmKo zh{b2;$aFvzpmk+2HWALi2on28H^^liRz0gcW!>6~j}GE8$aw&lYQcBg77ti0Iuy*% zLo|VQ+QuozAVRB;ltS=R?M*^$B_x*E=f*&0xcYDe*gxVd;KXPh`*2o53&@6Ml{J`7 zgjFV?S$5F<`aGyZT^0O-{hThW>vk-3Q*u$8F-;C5HjJTk>)y(7SikX%Pklixh4G|qQix*m&}p!&I^CtjF)Yb- zrOS>q%iVNOQJEi`_Tao+3SheKXqHO>WXOqvuVKAt5cU5E(Ze_AimE;wvst<);5u3J z&|_$sQ!4etk(1&*PU3ZIuPE$KvelZM1?_LXV2pQF2Ph1D&kgeNJh#27O2ncDr*6Ju ztG;93$ZfA(`4@7}$PI^TW$U(+E$xGjVxyXRczPk#@kGqQ8axBEL`?=QOu}cPlU^hS z4X>S0#g zn(@fSsuMkCb%%2mKXSNPYcJuC3+l6Eh&+$;tgb6QBkyh?qP+B`;x7WN42YIseIIgKM?4mzqq^!2)EkpOWEY()*xwK0@lriRll8<~Yd$H+9l5QE^9R@9p=TBk zMq^O{Jr%HqBAPz+=4f~1+Qx?2I3JSa&YJ;sx6_0){wTDYDTT1KAZR!MtSCLEk3}4<(HMO-_s*^=s_~_gaU1{0d^wj!U z=tk(xsxD9koAqtGe+Ss=C`TqUIIFPU${@@$T^TyA@<@{`zG5+yh~2+UNK}eRVuXZo zlXwG>ZoKxK3Ti6vG?nCm(=@+T1o|aa@PJeO5*Z5xY8+5OT^8%e?MR?)J)KCmeLw(o z9+S~+_ntxD?aVO+>vy+-FERyG7|MWrjDL8usRCIey1AFl-4O_O_y&)lDY5h_GoKhC zjIk>S0qg4Ei-~ezq_D!s-Z|m9qh8)#d&zQ%V$$qz%>gEoO+Xs|4HHH%IQPNvcY}T3H`_88oSQd^uJ5xBdHy9fX-VrRy>%J3mUF05bqeJw1~NJ;IY9NYXRgC3pzBwL+}! zZo{pl&D*J{E`>$kYtfxpalzqvE#8l_KG@|pO4N8Zza;(xcGqEA>PJ?e{up6mP}tBJ zFsXiJ{4o|@v?I%o4=7%c@+_dMq)T5YQk?Iwl}Gr zoSId5AA}v%pRrN4GR&dzewFBFf~k8|WPb2zAaTzDXM3={5QM@%N2uX0nPU=IGno-j z^tS>f?rCd_P0acbawgKB2NwfA!}zabY{EcHaE-7%sj)oJJ#23oOb6BcwQ4I3&2P2nii*#fAeB-{Eu=i+Cej=mZ>w?g3c>oP2?2 zX8QjNywZ!oc@FBO}U%{{{1_dG6`KhuU*LlVz*wLNr#YPumy7}>YklzWeb1|^7F&x%UmVHZ z6a7@bsw0uwkRC-E7L<@w6|d%hK$;rd8sxyN)kcGjGlEhw4+@c9^%y@r1VKpgizx$N z@H75)`DTL5Rv)GDT?dn*bhl6d^#QBn!AK6Z-*4ae?{JTQ;!#r44xd15PLLsTS&;%K zoLE9RGE_pflic(Lp2zGJyf#Xw!h%+S9&ziAdv^VEAwZN4=m|{LGXltsO~Z2W%|fyK zhtlW$I{^ks86y*@eCwnqY-W>-QX1cW!oD>L7#?vMWtK%y=ve&GJ zWPyV5P%G;I(;(GA4YdT3Xwz>bRozq+WDm_TlA=%;T4^##Tjfx@vk+-KdzQP&M9p@7 zS10ulB{pi`;p6oXP;u>Tk(Zo$2L!fBd0HO8cd+Fw7c=W?(H=Yx^4$gExJ14T3rO$+ zfz|C;Y$|iUbQ5u>v>>(4rd}%10N{3WAzj}`&a|sU+CN5-Fl*Gf5XY0LsPNZ&65i0t ztw4tr%|!^zB48yY{)x2xH(40ZgP%!Vho9)g6ly%J8^2bisI`#y^%0Ohm5Ijy61a~W z?S=S~R4QiqCP7Ze>z4y-v&N$~GC!32cm{ngWbc=U9Ml3hGm|e*m3?=+HzUCRZ1-dq zGmz!08BCT zpzg_aGe?{4L41+dsuH~{al|Cd9|}4fG0)`4bbvUve&&z0g9f}HL4{Fwv+TTw*&Z?o zXQ<6;3@j~#y4Y>jiBDE?m~6DoRwWaM+}Q=tOQnI)JMF@P3ii==4d(2%^SH#aAcNd7Wimooa~#LfmK5Rs(G!{lIS{3+F** zXdj|o-A9%?Y3;IBm)`IIlREx=RV~EF!OZl=Vrp}8NOGQM^|)E>61~HCuX(bjox@pw zxo99k#UAcvYG4jafXdVzHXi`;?D~&nz*VzIZa5y_o)#X~9j}ey?|3^}C~6hLRyd?C zB#fRK(HI8_L)JUj<2O=tfw|9_PRxj#b3`BQfAsodl0(?5R4h>58L zDq&+IMFeYhQOj_=AWR~dMiiIKh*on&`|S=waib^9X|vR*#m3fe2? ztv*1mz$Z-vPCN8S|GzHkp^2HEQq5*@BVHGgW<*$+3vC~EZU#ugjMRw1h8-if$d~Z$ z%r60o6^#IMC?=X8A}fQA)>=VaXaqi;K7HaWoKkf$w|=L67$54FgQKSC+~ArVB(ED75EZ_a~Ir)pkTrT_(rDOgiQ;1;2R&<3`xM)y7lJw-+yEs*N-@L z^kmD?t=(^azXH(aQXY$CaBl3@b8d`gSuD!kmt&q;_||^qL$;7vscHb;ti0)KbGv_J zXrj<#;US2}_a-o)+X6@EpaByfI4y+S9GRt24_ML6766Oz}slYe!vdx($CZpViK0{;JXt)MB({YB}thdJbmxV zqNF5@j^O^utqucp;Ixs2V5@2~TQ4KgWnaQnXE+TQt&1SspWbCx2b?_}4F7sxdrLtB z&ELHM|4l@e7`mlC0 zP_yFvWIm54mP$3ml}1x+!#MczGr)yR$N$?e{|8^o{)!9~?9L_(wUlu!K?ocYxB8T) z*=v~7yzx$R$8A%=_>&iXj1=;%oA zO3a(ul7opDwZ@!v%!eym5kA~sEDc@n^0*Jamb-L#hl2Qpc=wVXsqE(tHa{yUkKZLJ z10n@jb z2cy0PWLy<#O0L`9`+2P8V-q)>x9bf+r{CH^;=#7d=CYS7h#tSqTdpracXe zOZi5=qeuX)`{}uWQ~m_Ae-gpQ4#k6-w~+0~al**2WjKDT_UFt@eDmF`{G2+Y_l~dc zyOEKEU6kkd_jkGm2F_4XQB}<(4j4QOZmohy0-f>={;rn8WkA)n$nGp%JUYUO9^NE` z)GjV|4Gl3mt*>i2srmuXM=qaoZDZ}0ySsa-aw20SBV$@sl|)=zoP7~$0zrdX&9w)Y z$Fpgp{NOBzccbj6GvF#svA>~(DDa65e$LnVa74 z=uVaQgA^<0;iKJ+MZ2ZW)T|)?Y>mt*W2n3Lo{^EDqxPpw0q{qRNogPmx^w+4FT*yg z?TtHjAr(a+5FpA{(1H5Y$|5jUku~7&BQopOWVzKrs~fWWLN2co(6~mg@@tx4TSsfFn;Mr10-b{nW`aEQ&U-mg%}_3 zuXt%C0Z%=N4G7=?1Q!Lxga+6;_eJ>LP-C4Ch-vWqn*{pm+#keGT}Mx5v4GCs{yK9t zM<*wFJv}|6nS#{R>oWx}We)+$=Q`$et=Hg0^7^mN!Imf8TBF9YfFTpm49@L1-2jwD zj_Sz7O#~pa^h`y4jpX(N7@1KW_yZR<%Vh|{rg36DIc&LzJy22^a^MAfATUmpXfPuX zziBqN2ExPdCFQiRxClr;UqZhFu_*n|@BHtC9RCO2+cQ6c7ilJAM2aC%q`w_9#`S;3 zNF?#{)74BAN!pe-fVOiL44#841ubTOV>TlYFtSdK4ZxcIpcLW&g9SVw9&3-MuWp^H zjlCufe8XDaB5Zt%DJgQGZb1r1?aAGlQC;Yu0K*L40npykGn>l<9!D|5>qPB8TWCMR z*0B6Ufjy)Xs~(P$dNW{PCIfu$P6He1a@{%+7m7g=N`!1jYwQZe;tro+l{&+=yG2!{ zE#tiJB;>j>(N$yEXCCA zq7w83WN!kJh+gFVRFu_de0DczXH>!rslsNJjzN6=+86C(*pwG+#^@*0t>*jk zu7;y(2)CLEch6QcF=r`}85@zlX$#X9FtsxzBTy@Wynm1nC`ayh}d_9 z-hnBYR^KL@1OOeUeN0ST%YXscoe;&W%Y@P1nTS+tGV<8sSSBE9g$t_Za$YLYGdVJ0 zqoc1OaWoeR0ZRQ+< z_;0)g{*$d>gm~O|yKI$7(4e|haH#xmkvT*>NUoA4LGn*X2CD{^w=tfgp|Yf{t$}9S zmc{VBZ^Z6{ldt;KNO_$)k+N(m_H z;W#$xJg^ySYiOo;J+R_H%}~u`k?%3a z7trbXbh`{Pk##6W<~K|h*ooK+n$hI#JBn>9Kv=@-JW6e{Ty%;_vU_;h$uyU33E!ZW zNk8T}WgnUH)V|i_T;w}`wzzq=L8w8mGwv1MZhyKx*&J9d&mR@38!98VwTtDyU$0w! zH-(80qv0ZL?aaky?AtEWj^6m|MfQobd4ByMTY!bV5M(`A`w+lTcOa%f}p^strDb z6}wW>a`}yORi6Mcz@VN@ZN8wJs7vUN^G|OcUI?Um7vf0zvBBK&bjfwqf!SfL%X7JG z0{esP6>|AU*cTkB-KaT&Q)#FCj7|H5w@1SBN)ZZ-#9OTu<>Ka>xeqq;#kOpA3T3zW z8n7A%N3hRvpPu9J5<#ceU8xv;Qy$&_rhNdYEzVj@Jt_a;CG$NwWDVyni-A^|ixQqK zy}f}LtP#`5gv2VTED^TIoR03I{7eBe@Zp`$nh3suJwS1_4ec6VoEd(ewJq|;!FGa# zgW>6H@Z17ySC#tq_oii-z=S8$M|rTrV7p}muy6179gIL)%V@fr<3AVe?4Br)mBtB3qb1DlApS z)a{ZJ^y%}m?g#2W)a@!$`vm(OrBYEI{&rbJ-h+HDGtu^15Q~s0mpvXw_@Ts zGle~KAYy8rGB}1cT^&_Ugt9@mK4;iwQPkCcass?cmaV?DiF%6`xMpc{0o}bLa{s*m zn}A-04fbOZD!gw78QtYe*g?nR%%8s{{N<*1SyhsD{g8W^zptL4H)XPj27PZ|xf*=F z`&O5HazD;cs5HvIG58~iiP?$il4Fc)YdM2aaF_woKsiaubpTTU$T*5J8aydnllOFd z1J801M}g~HZe&8A6gF!+V?XudynlKvx|AeYs`h696JyT}ru!^(a~T1?lC%6E5w3uS zJrW`pUVX!^+_=95c@Ymb4p?6JROaz+5fH}PEv`^EKD>$8@BgMa z3W&X^LW}5k!X5#gU#>CtD8G5+7i`W0=xE^;=+e2hfEV*PUw|eM zO-5^6C7N&8Rj2k{d@UQ-X+U#9$&25}%bJkN4oV~(rjCo-9!yiD*L9ZG+?!Yt8IoV7czeD~r-bpl{4 zaZLq8^oi7OLHELTH7N1^V$cTm)Dx!E%hLC~}i5i2B}4hV~T= zySfj!$H5xSUzRAp2Y%Uih7Eeg$KV+s{W4bVf2AJK{7Fy-8!{R*H)SG4q8J*-fQnPqyh2%%IjW#?Ggr{#{SQ3IzdT?u51{-vP}^;q@mQIf8FEy*Wvga) z)oHy;e6t;J1jl9BCK`=MCjDf(6$0HFA+a_$jOeQ4)xF})!9pd0LorWo!3C5LodiHG zp|j97xPuDE$Y9w05}~-t8y#jzB?wI+Lj!>*E3b3E4vo^9DaiCRVb*sra3p%wTo|WP zOkj<~pw7+dO~*Wu4*FS2llysyQ@`#I01|U=9ui*)n(P{`%6vcMq+%^JsU@b+(B`02 zUGS5AmHh^Y&5XQ%Sxyg9$N6WtGc23v!U+hSyR%R*IbNvfIqxC%v%0_uX2W^UnFT5x z#eVR&&i$`xVz?>~A!K+etka0Q3U~&OTXDWRLFtp@NY6osU1HTWw~ai(Ew6@CnToBJ zwybv4)X=lYErTqeQBUi8Bm$l&20bZuhDq&CsG5HFK1Qk``wN7T{c zU6M~Q6oK~c%p8x9-KRGd}xhW~jY*wdjZm>hn<~ZOejcFIW z`O6YXlcRrIiJGT_v$i^VJtc|rB+e7kq_US7QD!^0(wdE_w7x&7JdX=Prz!lUr&-in zj+38$eFSr&URoDur4a$yFQPiXyInUNBX8S38g2_t{Dead81w1(Bt zacDs!yYdEpkKu}aEOZ|6rJ_7}4QXo=-2;u|NzrBDuNOgh*0C?M_kC_=utX*zc^c_t zUB`c-psFBieeTcKyELam4f&P&CCGB^UHfI1bs6l`ZLaOVwMl3WipaN2V68Q9r;r-H zY-v}jzgOrfJB*w*?dmT2khRVjDlV;S=F! zCrhb19Q2P!@IQc%NG+G_P`H|$-l%v3AK^w#4D+lI44PRy+nt(e;DziFQ4Jz2TBhMi zoAhV}15ahtUR_rF)v_&w!txW)x4XCJO);KEDHseo3>uY&E1G>6^xx?H@TOo39=1hG zZxV0%5IV&1!M`t~?pe*>1BO}|a1&!+e++ZiNJZJv>ZW{yDqwprS>Rfz#x6+)Of_ew zWaWnMjN6oAy3AA0;m_~fzHZtRoq$8>s`Yg0vb>tK7X8kH;3O|A8%F_ZgN(SXCNX2A zV)KiB0rcKV9Uu_>yi3@ui`m5iLiQHvn7su>*`0gPf?G38l5`xuG(^yT6wKSitCNIm zLGjk?nqVJ9yBwllY62IZlV%+h^$I8vM?K2UaV9uyb^!qiH@#wI{E z6^8SI`Go&Fw-R)d+zh^`fh)h9VYpH&UOBZhGvqPvkKv~75h;_0oa9d5w!E}#l3&CC z7RXKGNRBO;Qs1rf= zJdTruv5m63K0w@H?W74A-S z4qH6S?Y!^^?|-Jrd%)_LDEos~ujQ<0Xn3;U>uT=WTXr0L&KJ0qt@)vPcYnlz5bij? z>F$LguI|l$&IRmlPF(82DX7;M`q6?4NjpZy#R$wLpZl>N!fPCE`l;r=lbIiXTDyaj z*O>0>F5vHb>Bs7JvD_BN%B`BvDw{fUj5MA)HH63-o*}}5X7~6EQ^cFje=f6 z#e-H-J2UCaTeNBu$a1&!xh@x*T z6j`3ITrRM~JEtx_=rp+gWXg(cC!)ynx*Z2Mt~%Ky z;#hMb#U2YjOpZ+yGLRQL2A15Q8!Y9(aj1^p34%lIA(aa`ryiJsdO6bb<&kpDzPhrr zEPd5z%y}`#iy2Mei4wl?g=B1ijgNiu;f795R|^lGzK@e+JcQ+kQsl#AF9|u1j+l48 zOhF0Dm3&AAk0;VoX#lO|f#ZNFafk1o1#{|~eN5m#$Y=n*-CE}Nmjnw3n`(jN7b&O} z9Z9&_VP4cHfUl8a2j_mO{5$mch+ifF;6Kj_%|u+y0N*f_fP(&rFKFckg6Gkv3R|Dk z<;)i;lGG4Y8KVYtbsYxKA1eKmv?m?4Wh}Yj0-;X6(|BaoiJh5wnjmg>UblGgVU_V= z2}lC6OuTP^y=_}AP&5P>{?Es^D_lzq)#Qmnx@$oXI2Rufnxg~`=hS{v3=WZjWSWXk z{YZ7|qXe*e(b*LRwqpFdnRbM-pHu=f%Wifhwpxu7M^QCqsC6Y3FxzlkY2Ve4V{3137rJ(ZhJ}S?8)0c_`Q%FM zQws|kNA1Sd)8LPWE?uo7N2+rJg`U2IN$p?MOOo9IjX+87-uV|56?uR~40p+hT-;nM z=Ufb-MGV{8)YHk+_BHpjHTAtn)%MJj$I0YrZ<8sdc7q$9YXr}+LU!l!z{JE8QsQfDNNDI34v)ug|5kJ3 zjA0eomtddz*kc~MBy$rNt3Blk!KX%gN?cy^F@+C1S%Z#h-c33AC}uB~e8}`lY>QdR zHiE`J2E4rOIYd-k=UxZBqnIprE~7R$GQMN99j?Kc9Lm z8mcQlqD(omzZA5*QABHcN(XKK%wxyMBZbdg;gHs^4TOk#)Mt0I7K0UpAfPN+YH_gr(k;lwrxc`Z zJ$y#Y^SP2vhy4-n#$$A33&$Qi-}#7bt9XNIJQib)2EIXD@`E$*p1p(xN1*tysEztG znGZYaMkTiG4eA=YdcHTHKHkrLyui=!Vym^xW|xx5YW1Y4MC&>7z)R{!%Hq%3Xdn5^ zJ0)R3Zv}!Phwvdi!5x&t-jB4%wvDlz^(?F^3v;O%RG*Y=!>y185*xqH_wNUv~^QQPoi>U;Bxswo3xHx>i=bxCe73Eyl9UxsLa zdDC0{&JV|>{FO~usE!R&OEFP|ZN$7MhU7}(D{N}hE|k%80*p)_a`tTGQ>RZlP9KHq zF`(b|jyT3FBXbhDABOqT)1!G0bLYeT0EPanx#3vy~HF~R#($})_>GrubYHgNl{PJb3S0Hf0i;b%qR zU%dZ6cysS7louW&4weR#ghWKjvLZFIHTQ<77>-uyy-jN;Kf?Dwt`lo~c(D)xDS*u5 zO}KjRAXi0y6uNR*R|_L%sUf6-fweyNEE~$rGEc8)B6wpM#O~h4M~_tVM!&zd&I6?0 zkbB+`p0EBXty#w2=7th(le3bzRg@K70)c6g-#|~7d2hJj`+M5^%#TM`4EMSWR!CTa)k&`R(2V%^~$iH12+sz3c2+g?zzF9;< zR0Ym&mN`tW*gLI{4V05UwpEwYoL#LU1dKhsh6X=O@zKwxefajpSeE?qAZS`Wd)UJ$ z>eTQ(5$M*qnlqlk_&YtB;AeIca`jGSDgKVrUKiIw@IbkNu|*DCeYijUO%TmV=CX@2 z@kdWyOn*Vly<#kx!v(p>iGizdnS##SWcbLc0bDN=&;?^FkKze!%+*Yj#_#3g?u*4O zW^qbhNr#TK(Vb+TbOptf2jm_`z2Dxi>0AOr5*2}fjU~;y`^Z|tnb2kgpee5D19G83 zzr0glWjQ_+gbD36cha2j@Doh}*WMIg#YCH>1+Km9nuKQzl#EopPlRph*`wddFpKVz z1f;!DBN;)}W<5H$BW#huTECu(kMrYm@2=&5tyUCktLmH7|Kiy*szm#_Kok&AmA( zd&+UT3%th=P!g@(*K69(ASq3Hu?klpex!!?<8(X6GWEgU{a*JGxAwlum6udnxXeE+ z)yA5`(99ULn>el#00i;Lp+~RA0h^!@U%4xw3B2iz#yr^Afz{7@yE_vCVm8?L@2!tV zVT)~CJxI~5f!gYvWT%9LVuR2%^F{C4CRbQN*mN4KkVb)%SR}t8@jz(VciQJNFiGfd z-iX5_i)MV6thnwvD}Sux-j8V+{dG@^kLBb^9m+Rg8+0Q95ZUjs4i z15!{u|L8K9JU@;$^6pb4*PbipZ*Szyy5B(QG3`A)o}cd7eFB70 zr10P5Qsy85+4sNt@G%e&de#?s*aU=*{Ft{y8T-m^a+S+lKD7|$WSQB^>jf-L6#i5+4ntTJX-h@D|c+_PN z7Yv`4_1c@w$c-Q47GzWxt>>R(-#w=RUf@J4<& z7a~95lA2S8l~AeI?i&V zN+IV(>8+&8HL=Z{=MaO+Zr8R5ho%cc^eSvafNct4lO?S@Gw1jz*=^^S08X*IR8rVX zLNuH%taZ`QN6t>|l{|Dg8oDwA;Avj6xUG_EyRXXfEIX6^Da&O7&zf@-(K1P&LXFNdyEH)D)O zWcN3T`)k`Zz2L0Jb`_hs@$;L6YaB+`5$0bWRKzPZai!Tly0G(yVw%{t!&ss$HS=sp zz}Jzr+Wta)#%b$^r^NK#RNvpv){zDw_@c?UG5MTo{iYT+q{kU?LMtGBxQCjuqO{^sa^{MnGS3M^1J!n>7p@~R-H(P| zOMH_|%dXB3q$bCdW(VxRyN>9+cGeTFkLh_^KX1zxCPuvpDQK6IN6JJk_ov4dHaJG$ z=SU;aqs$6Nrl95pBqYD9WY1#EC`;pYICQr5a{cfi7|>rCWl=|x4JteEEw(6_?@AIs z<6_Fq@d;(-{4<|lrl0;|Dg>6z(JgsuUH4Gze+{HQ?o1>XT&^fbD+OhHIcZ?^LCunG zzhlsy%6?z1L^~kLMa3o3SK3v=pQ)l(!T&Zh&YpAh3Gt~<*dAT)&=Uw#v5fxv`rnO4 zlVh#X&rKGF+?S-2lXD1DW#)~G{YGb$hDugXpmz5$`fS#NZ611Mq4hN&$!m}Qc7u$Z zhYuLm&xf9S^a2N$yL0Lp)Vl+RmZUHq=HhbLeu3iNtf5cG)7te#^i^66`+C$HtjI+6 z-*`o^LD}f(J9f;uJnFA=SzbRlU0TtZg1S)%L2IN!BQ&D_*)W46Liapnhx(Wx(T(pw za{aGp!Te#PC^+R?L!j2PA&Kh4Ad0nc_o{{~Y|DC4-`V0avOXr5mTS(A+@aU&Z(ff{ zqE#9$37X4bd`T#dbsX6(sa-bHCMFVEH^)t~%x zy$qZ!$N4H_E)5WStt&^Y;ffr3LhGqnz0Mg*yGT87EN@m}8=)EQFw}ZG)k^P(7&MTrFe`1;*XJZj(t6N7HX$?_9Ix*1u-%U~m`g!%!$_;UklE*=lrIA1m5gQ(^PZ zkAH9lqOuKKK@d0f3GZPuL%)YMF_IJIm?+Kw8oV||K!(N@zrl7NqF|YeR z#NQ{*T3dNsVI3$F94d)zDZe`XYSFA9_N)h@TIp!DB(NpP+4ZuELkwzYkBc(S>)Uqg zK1`U>U{4^m7ps73M$k&8G(pMt)^BC7k#fp-PjA$+9Bh5z-9Cg|1mIsI0RPsPeEz`F zuP+@wP3u@8ce!<%e`%G0`U?l9mbG8M^pZ{8T#YNS1k$KU0EcSZ*iH9BiH2_cJ1@9w z2haJ-Ac-i%p?G)xP#B-$#RORjjB2jQ0K_Iy^AjT-P^^N=O>=kr=MwEkZW;SKRHJgO zpgYkJh{*Q1}30$pTDXHX!9{AfMy8}u^u2>x?_KBGwyd>QHobxo~XpL*7 zSlwp#bb3j;NS(`WFOYzOBBrMxEmi<=VE@HPXN)lYNk>G6{RUjl;p$sCnwlu`=lkFM z${S6m^Lf8w4;pYXi~zUb%r;m^LoN+6ogeZ2*`r+Quf!Ou8C3Z1ur-(Boy}ro&Fmkc&aKUPqP%QD#l+uW%XZ~TEtKz-w;p} z*}Xl#Af5aCWW-Z07Q|0mUo{GwqSssTt71k9P;-?Qgq`s;r)Bd%aKC&*=P`J!_zO9w zV^S+4^UIK2(=+6S8P!d_j1Z|ZnNAu&9X$Oy$B?@;!m1RXgqWRoV~xTG(nJMFf^2GYvyBH&}yn z%dP#5hU&_iY|}wY%r8T7dur-O_p!_A$+dKmkyR4J2vxC0mVP5ThNP05ECi{k7L|sw z&B_u9(y@BxF6u?3?N{K5;xW@HJ5r-Irj9^D@~Pl%3F@4EyrZ--0nlplUUu;Ij2S6@ z7Lbu?@9u(nI{rbS;s5h*$;p$~c@Yc5o#Q@MMYRs$l`3on-H^K{Sc6b(UPUubL0U^2 z^MZlY38;*RlRf7yXV&9nt0fI(I$7fTljsp%3--F;99cY&-xE2}u9*r<4G(i*G#qCG z-%ZZL`w@Xe>}>_am^fM)_bC7v!EU&0c>J@&gQ)ji+#AgPeo3yi7s?nk)_j#P0l)zk zzoXfpdH6;SSATmC`wH!!MB89DTV;vYE<``SzRS-A9N#72Iil`sFS?xsmr1SRNCD4X z{^p%V`LlwUXZy6Tnm4AbImQNOxF&3V+G8WC0#D*Lx-@&1@)D^FvfzTFrEmEAXf6iU z*S%^UC-@n)^{+6W_R%~=Mjm(pJofE3-+J=FWmdD~2f<}0`4k=zNrbIsTEXU-fiLdg zp6JEl%PlJ!eWvqtmA73NrAKAy!iX{_(JuLxhVx2AGvn=+X@n?ma^lvQ?U` z?I4Qr@M%L#;rG&HdZ!dn@YIgT0Qm#0r7*_UXm zPNq@iGa0?SpN(>m0KC;+z6J>Z#ZAY%l9_B5pW zS1EGtzNo)+_z%D4aU$!UJe1KEZbu4^&|QM+X;~@Yv5$>QR&xQcruWOctFUqYUGj!P zhtPGZ$uOh8?(c5dxIP(`U?*0LZgXLTxJM)$awVQE z;BBd77zOxuphx=MQLzs~BH|ch%wUVF&at;-(9CsQcy8ex*+3vo)Mu$V{2+ zO)MQ>Ul^$34qZDwF~2`7 zX&XG{sBzDN7gPYeUjj|Skio4v+f@TTP2hu`9(1lc2kI zRB(y(5k;+-ArTS?+=e_n?%Ri>9qS9+Izfied#~0^AfqdXZmUC9n!zu0Bj!T|6==hvM6Z1Ucl4&| z)Vs45V##Q+(6($_H~RrBn-{48((3^-;qko}&a5uB=F)`rBz%s@?ZGKD6tBcKx(9jie%DKM< z^BP6_Fb@b_sx-@nu3=jVsFo2A#*dR{wXYc_^$ zlkRoNwBP8Fyv!`=dDHumTO@xp|S zz5Nw7`^_P}W_)K?o%oRFdAC1&(~*zF6`Gq&jK>qlBn5#uUQLsudC)&HLN^$#?C4zD zw8Cj!WIy@+A-Y<)JkKbax>_l-d;23QG&FQiavK3GciZt=rG;ak5Fs<~Mye2xE`V^2 z#h{sDg&et5#dJRYnT_U&O)j}dr=Ye1Z*$9=pnPoUFNA_+Nl#Xu9F4lR%d~yf43QW{ z%dPqa^nI_bQGcNntYvW@m15qdW{tPG8s)~Faw+aUac}l#i%+wEcJut+N;n6!-f1V7K$n|EezumZPzW zsfm!K{2c-I1G@ccXw>wc2C=plgAE`b7-#bw=&mw+lflwlL ztNcTiSw(gg_8W^k3Yr(rj5dOS-0hb!=}$i zT8Aie4Y%APK$9B9N5QZ})7H%GCs$PLT0x;8CrGUE`v)bH#i6qBuTNII5uXX?L7CFH zxkK7+Yan3Hiqvjy>)#hWRowpd`p=CczhJP&Nl^Vr6%z|fh)Hv3BQRnMTVGd;=6(7( z5<6~*4xjGo(cC;C09Z}Db7)#7fl(Ic;%>&jVz3DeL%Qhk=@eh+%hRDyvHnxD}uJD1H$EF@TCNa0bbV!~7N)*iT zfZb0z0|vK_p!AkZOb>bc0z|LB6OY(-1$H!^B7zeRU;Uzfgv{p+s;jF@+CP3T#P7!}UitKtPh9QL_KMS_eiA zffbvGdOgA-?RIr%cNc%K{R4yV-8TrgoYLb}O{$g%hd-Xxy z!&89iJ}5dm8qDcjOY9J1U$9Xaz-AVPZ9Mpq|H1Q$7Pq<{RQI$rtma39fMO+H5*B{Y zo)9@2M=-;ZmYK;7YKN@I12s%z0fXUR;xRXsBmgBJZglSw&IEOZr&d}GH*IZEF?^Zp z%{A%G(dvGT086l_SR7;8YLHK_5(cXzL2FNoEZG4*Q95&;mI0x{A3}1J_#xA?1rSL6T($1%r$++{weRc}#RzG>zz8wiZL9M_ea`s?_ zR=c^WEY}1~+=C#KBl0Wos2U{fOd;*f^db{8ARRJvEY|!X9pfZ&MyNR6AWQa}Dws#< z;DD!NjPKzi3kx1L`~LoZ1}ql4jAfHPE4Uy@x45XpL4KZpp!*M?GMbv~F+r)Rv_*>v zy>`3k%FBKEdJMS_@&kb^Lva=b_QU<`!19Mwe#y+vn}xFLsSnRD6fi2JQ;^X^21Ce= zqTe3~G~?N~qOf?zvLhGHA-=jB8=r?3^I3IZU_Nap{_{Q@QT|QI~TgOmmkwu z?KE$^KGzH78-MN$B*)fD&U^nT8d#noh!0?s4dy3c8 zARP#@WzScX7#xOK{E#;=#3vm$`}AxZOWa3;iF*zB@b+@WYaA2P$8TFhsCw@aC`g)_ zQ6E|EQX2oB&twc1JNz|~*?k?6t(jx7lmCPRl}b`c5(_0m=6T7qQb`d?rpzUo z=h-r4%skH)GG|!Jyo}3xUUvI_p7(g}<2~Nr)4KoI`yX;$*Y|tQ=jZ&KU?cQk1refp z;kUqbFpfn@@}9eJjtR3Jmxh&OiQzwVK@Z-~@TQ^OOC^#s;>c>{m-%ySKZ0|O@|z=?)F8*meJGGr(?EB4yzMRBODw~ zXM6jkI05b39T1HubCeN9zSjN&%hlc-(&8!k&Z=P;(i+4fhha2#Eegv$NF+obKg#M` zf?29`m^Q+Y3`>YL(_b=WG_yYNLScCs0j3P}OeRSpz}4zwwqyaOBxoac%`XZIS>^UB})xGyI*kDMNYhkvu1vZL8rW|v3 zQK<6-zsJ?;5dudKy9N7f-QX%w)(T~7PmMKsKaVxojev-Ueqz@P;oTd&YLEe@KaVe> zAV$RD!s!Y&h?wP(A5SznKR$K;X9W6`u&nHnk!a5O02LiZHZjvTKtQ7i+q9mXW4(yB zsek5REA6@(k%l#i&Me1pPEV?rt3jg~oSVlB2oeF2ev%w7_`I}`5{|Z}rsjg}{f${fMsPj9$U@`duM9PF zr2&xY`SDPTs@=Y`J|4#h*=Cgjue>Ua&Nxs88POqLuhM(_4=hz?2Zhsj>A2b>LXB*q z0_gzjR))VN^X5bP+dL^6tQ5GqGroxm)c0JnHjHVwv?5R4sxg@te(p336yKZrxjLXaUY=R7n(+az>WdKoo+bgo@ zw0XhG7l+ZeLBni=m{$jOQ7kgB9G5;kVIj?Lj-7weouRK3X4k2KEEa{)^$)N5X$nHw ztd}6U+6_$}of5G?fv4fI#riuaXMj188|5r|>OCcH%sQWih2;(GtgXh7@SH6jGKYF{ zeEbH6+e!*$T$jiBzewPgif!x(QY@JHY$qj0S5fBF%g;4`)_)T8C~zEZDt1)wxT{tc zZ+!OrRoz__(d94GA8VL6MJ=VluKT%O?+0l5h8CAn^U~hYTDY)V%p{nyzxjIatVrHJACY_@%@lb(< zJafCbx{7CHFI@>_9Hb}rkHr1!bMGT0DOAnuWNAMeE5p|UdILfgyboquop|NE{@)*; z3j9*L#b_IJEQB%@m0_nRy-=Yv?@f@q+bWxo?jQlE(Y&b_tKlj*mQ?l&3lXK?jcq0J zdEhdHxn%A~m#(f}yQ%C`86<0^pQKYFyM5~g{^7%i&`h(`CD389+>H-gb4vLF0gdbp zT9;tO=a|3^SJ`p?K+&HYVn~Yk7_Yt9slh-rR6^1rUbRum`En7><1vIPv{P^%YYZKk zjV?+jc&Ds(gr>fMR?f@-+EOws`HHT;poR z6X)&E%)_Oy(k;4V!=$TXA*KwU;AC9DY3T^38!MjiB^@cWtZd@QQfR4HLTFK1q7^x5 z3hJI{CZ3y2NzUfFwf|tXc=7f%&5$PWzNGi;a+`u;b?fxp3)dHecQsLQ&jCFwkvd=c?47NA5H z$(Nv#1ts*e+oxvmpouISSjR=RS2zKRw)+%ne?!c6W6x*r1i(tFXGgcN{JHIclI(Fe z=;=&)C}!B)XL{1Y#yz1SH?=3? zRnH6jEwR%x{FHMtpsF^n7aEo;7>!Sv0QfuBHaI!;NmIORQw1^5);k^4U~4#!Iya?UpMdU6xavw=>=A83pYV-e+G*!

$snBtr9SG*1 zG%x;c#N(057@gX)$95rnT+%SdsevfV6B*ubQQkY&#?iFDiGN90`ka_dP+8e%AzR9T znBi^RldFWWuEEA8&S&8XP5B0*nG>qB@cC_|zaPj)xj`TpVBXE+fpb~&F?oE&Q1jQp zd!K;o0I6iNCYRYESAA>GucPFM!=n5t0uC0K+!8M$IEw7<^y6q`T(Y;m&{tCl-qN8r z3Y-6;$ z@%QY;_j&PCeq+4Uy>CK5r}Oat77BTuS~4HksGKy(acw$<7#00q-Sms->niS80aR-s zU7A!sj=5wpo^1q_d9z2I5MrY(@^WF{XZK8Z8bPr*^Yjg+`HipKZV!>d{`zUScmJ)^iTE(R)e)XjP>?nrWQxIaDVwZ-_xf;j@a3z+hKR=}Z zk}rNtiQ{rmy&{HB4bZ}X8r~^^wSMV{ zZEiR4OR}jUM-Xz%ONg}2nEt5z^#iQESypbYBKOC`w(6rEe~T}hcjJDd%kk!e$N7Vx z33M*gn(_vs*{6~`J3m0BOY-QqM6$#mcWJX!jJ0;>S?S4w zh9)aFqu%a`+(fS+xXHrPGbxwLYLD=G!=bk3B|MaaC~wLz(3~vQ&l}wDDd$H2=|1n| zA8P~AEq12D8D{KUQX;3d>Os8*>V>l}jUXmv@}twDo2mO>IU_~8*Eo27+SiyoK1Ymb z&M6zX^w&VWsAg`G_hO^A2mzR5mPFYWOfRA{mjj%|L@uPH85CbcyDz(I008P+pF}|2 zc2i@KVvj};kpeR=`>|&0VE$nWiX+z!l_|@|{mn$>+tTXD+j$&izigy=S}ie*;&C?L zLm5V=Ti7L|%HvZp)}!CuN5Bv48$=qjq8AAXA*ShU4DP2clwxR7)Lm#5|>sjhsSfp5y^|TFoTM|dv*rIcC z#EgxNGx|w!OZG$Z6=;I^@_l-Vf6vM>0U4>0(GkPyr_~(Cfjark{7Cf#=)v?faDOt%q1VwEl2Ou@8Q_9+9IS7K^3J5} zpGi3(Yzlt3oICS#E!bkUp3-cfSN`+B^57M)j!FXv%mPfK!{mJSe0U$nn{R>XchuD} zyo&cnkHcWU1k)85*EMiUNoh3d%jFTgusC@E|AX}`hO}v9W;RPxkQg8Tc63(l;jTyM zm}NUjx5tQBy#6AR0fVuEb!{DFnR(##lLwmuwP0frMm6a95OZMAst6EiOsGT*aUwzZt zo0T1{jg&+uRidy`D|j4ZEV~@fElKmM$L!kgoHg&yGkW^;EkLs3l9RndLXO(&Gfgtu z6S1jYzdpXI4}3xE&bz?Qc?H>W82W`| zPs`0kh~Oz9Qe90I+vKYOY}5ZsG*}P`j*?1kq37KXaL+*(RDJMy`z22+z%8GgY*dif zwFKcHQ+HhV2gTll$9_=Z>}+i-Y?@@4`R^zD61G;q8yO#^w>#jiAY1*<8%w*T_^cS2 z^s!mUj!Zf<6rM(m1B;ZsDFAE~6%-T%CsP1OxUerZ!xQSkV7@e4!1?nzN_!^$1+U8} zOvy!-5G#us#@eCxnV*K81+x9|hR_jBaUoxCP5UcK(|K80pKtAmu%hl@9agW(|LlBc z7Y8dso6ag?@LM9rE?fO8HYJAe!~^$#JnFu_{)! z*l<^Gt}W`#bf>oftkK)sTjnG*-bA08i>PK}wwd|$8W#I(WQr!>?LU>_&xz_Zd_@u) z$?>nXEs*JmJFb|+Jk_6jka&h4dvSL5_EkRYQb^O#s!fICEl&jQh+fq@uefAoeH~9^ zZmVOTExLN32&?x!sm5x+PvWf2czv*}iz6I6H^4r=6c-osOr{un^JUEsJVNtS*4K>i zW!=?3{No!Ov}vQ7`funvS;%|c5)MHf&<_orBtVZ=AbrE~Z^`r7m=d7^Xtu=1Wb++E zhIrhPsIz9BB#eyb0Ha3XYxr{=g+5x#ZpdG-|45ISl2`|SZXv5MWk$-a^OTbIwD=lXuF zLG9~jHIVSH>QT{p7~8B_-%K6!`{mrloXRF?^(u26%(b3@mfxCp~bFOfI zgbqSk-aW=WlTya>tuP6kcU|qN){XhYn0#1GO z65cOYeT}QRii%{!%z7Dw zik9v=PgL_i#x3@JiH{MTnmU?Lr4S9~`r1c%b#+BVR1B0O4_U~XncoaKf7+lSB!D*G z#N6Dcs;Vk3G0_X;yuXj1ono8h6);~9>RG96|NXjEx4+ddUabJiyFk$>81quqz6Yr~ zdH3%0-TqWXPdFiz!e}(w*53Xq)bFIXHy1&Eee&iNeJjS9(N|RKSRSE!*swnE8TqCB zC(%xNysVFR%Uvjq0~!nt^TjP+`TZ3*&eHPFc{%~gvP9ne;l5RFT>xx zaFr|eGF-roJu&rn5CdbpBuEwm^NShLRZvxR!5MSHKoR0IyEDuTH%lUAj)v;=vnn^} zeMu=kyVWp-Ts-Tc$thFcoUQ9WaNQ0gzZ5IlY4k?s%ISO|$|mm1PfSd#v(r>n{pgmG znCcFu#%p9Qek76ZVl`zgf??SIBjs8)n4EjQD)UH?_NV8syM#Hh|C6!-D3BcPUTYh9=PqJ> z5)EFpe#`V9`3L1ip~Bx|@9noUxujG_=re-xCIy&|7eB@A zm4M8OFw*Hvlj8=Wf+<|e@gT#GAvc?ERT8T7>RVk(vor5fbpED=%Ew+psFz&4+8X-#XP9E%)ZMLGJlhd&a z&FmtvK3?=b5r-EI-g$R+c50R4@~lRzcL4~nxLB45MJ7gT^|K0RP$$8UZ7*+LIqTH> zsueZ<lS&eR^Z6 zp?b4bv-x_)QwwfN%aBJ0Ia359k=7o@3x{ejdRVLu4WmqR$0to0V%l4)nZs?58<)=J z%VSTgeyaeZYf~c5{qxI#1NqOfqb1;>6Q&Pud`J0Kwz1`mg)rHxqcXe9o+3V?sw2J! z#;bzDHKxddcD&~=FFPZ+_KEWB*lq#<{B7LOQfT};myMN5C8w225fgNUNN7&ww`8oN zV_f_*uIHx#-MaQ`2eR3M!?CxxoFFcix}_Zd@JY40vXGTtj}$h4HYMgPv#~fR(XQQi zK-z*Aj1cdgI*jCo-{7v+UrjyLj-~ufq2*JDOzqZt-%}uq?psstV0$-jUi!3eHvw+z zF%gf;Cq~FPeE~EnVid}~Hij$Ng{oKJzs923`Gw*YBf{jHl$721Hih5-pc8$a7i^dE z`Sb17-GSd&23uL^d2+z52v~KGels#Pt#^L`v9B2MxVX6%L?=sy)6>(OG`UIxH3g%E zqXF9*-rqX<7nRX6Oe$vGft(J+P^QXbkI)^P7baaOLEElAH#GUZO2EYL&jWI(exx9S zIIE3&2e{-uKF6L~!jA>%_#lQHMAU{bYH|I7_Cg~;x!{n!ctK`;+3X&yjX?_Y_>6-yy7X6l!n|3#AFIzqDodrwY&b2)KQq z?q6+VOizurIiU zweBZ%zirpZeEVx=8%@%XH&0bRE4@c1?jeO5!a$l(ow{}s!gV$ZG7TTd&r|JFm|l2f zzuSFi8Kt>t9QHt&0xh#?x;b9st^agww5#6JhN(%Y4kcJqEH9fT_$$leJ!~r2dB;0ywbd zi$1FZ;rw-9=A0%3-aQlH2^bR$y60Oef6~5eHerI5_e$(GLEX3dBlP($PS@{;erMgB zW%hjrkk>1ZY>_oF|Is^ny~KF@iv{>^|KV-$+0U_$Bc{(#JabFMt;?GZX6JrA@v++X zEwN!pXyJE%X{^ft<9kL$-J%kC zi~Uy&|NOH4@wZ=Z4e4OkElr&tsb8Op5H)kwawHA=h0WfEuk(M19D?7V#7UoEiTHMP z$w+xV5SJKhQ%}KYc%O5RvB)6te|Ag%{V_yYQ;Jy((u;47e!gHiB!9;%0qWLuf)`F3 z+&Zq=Zo>|#Bg~6Y!x(4|wiQXol0T}V^AT68)GI@d7eG#fktfX`V#R=7(Vgc>ry&`tMvU;%vtm@*F^Xs#baVm&(~V=xOpOAlJw|14-m@V#P=6@ zUy|uebZsdiL(#-*FhZe^<<2fBB3ZS3s@|8+_5oR7a4$suQ8$hdj=ogSY_I;5^KKI_ z1iEZjoYiA5L6pu{_4OKAt_Dv2?mp9jVjlczLtFa1JIcehA?fMJh&K-hqX>_$%-1b3 zs18K=QMo!0>C+vzX!DP_TXJ z*vL0((>gx_R#R-4tDsAkGHTs%HEI-j$6GTm{J{h&t^E~1HugP0k%`5K+wa~*0qLkc zl8$CbQxtRfSN90~0O^sqxY?fTHTj@;qI&Z77HYvB`u@2EUfZmF&rbKPdx zHAv@KHu?Tvze1Mk6LRrDP#{)mWeYqpJx7pO`L%nxZeSYLRQZAUUi!JMA>B(P?OC|d zge{t8IWm25DKM?{9P|GHrHF)kLxJ$cDoIW!ySAhTEuGHQ%Xki7T z{<2hnm;~Qy-jKcSW8>o+4YstrJ26LbkS@V~=_tn+@Vh53X^>5ri$H4=&?}NW^17=O zxdWMe$C>TLoi9k;dfus46()>(U zRg29xSkz_CbDIM0^~Uq5A2%WPuWP>`O0K0BxA!52@U|Tc6=^Ud%{d{%5;1Mg8Nq4J z)B=*TTwK8i6Ng~X+1E4%66CtoWg6;?_~K8~!GF08Q$y(D6RpapT1tFb8|Ib3hwOYC ztG~oWw%COac(*R?jfQI3zvg%JB=xGRCACq`y#NrJgrm7+Bl$XbMgD!m=eQn(7G;|u zZ+1X!zB^OXhNEyRsjKR&P3-W=_l|IrcjYb}@JA|!Z{66*<}K~f#caZ<0=Ycj8KnOn(xg?lE}Dgdfd zFcG`nil|CaIvcrE<*p#8%GmCEu*!mw>o$u$dS0Wt61MTG-E;9gDSQvU_BEeADjONv z>8zP17Y7$KmS32@zNvo_^x*X=L_?S1sf#dUP1E?r^T^y*)R(Hy!TXQ|(oNyc5prpZ zKB6s2&*EPHX!;zN35KL@sURWIpsn#9Dy|5v~(% zeFRN*{w~wE%(>DWBB6aF^3?;AGc(6T(_XKyU)W6hWYs!MKO7v*{O%#UV2U$bJ0IpM z-!T-pzUXO!J-LE>25Rbz>)+q|UwbZZOjV3&OP(iguVNn0h8Xgtczk3Mct;*zS04`E=g2|BfrAt8(pAHrGOn4Vr*Lc;g${dVMd{!WVV z7;GKa9(xFz)p+J&G4tuGKa=Hdp#}--LKa?_)!|rG_1qUqoM3*QYK4a&vsFExVs8B( z-|~NXCQvW@@olGG2oa$9R*TBWZjSZD_7#%%_SRV5(B|S@&5|-NBuiK4u`Tolu(& zXjT1Re(eAIwdD^($jflJ?G8j_*`-wz;?;hcLf4AEmlJV^+hUcKT{w=ie1gcAb1_qD z1Hy(3IX!mrv@oF3a2uQ}^)54rqyZ4=y7W(w)hp|=&6m6^_Q-&uc$HlJs0S9#(Cu;f25{z`d&C$M)*M3-otF5 z*r%hh1`x+wK`i+j!qgYqRoC0LclR3HglARlNnj_}oetAdXPhpMr>8j-cMG1?Awf*C zpWV1fZV(J20_XT4X3321fP#lU6N_;(4sEeIabdc?Oc)Csc&tB92CvXT(`SBJGGsNg`3vS!&6NaM2iBu+n<`Wo%9PQ zT9s;(CJJsKcE6STOT-OiIOHk)9kMXxfafTUqwRNWN(erm5)z^a9um z!o$g8Lg9>98CTcM=qhr;o%YU}*SbPn`bq$+za&j+gN&{x-o zhdiS_fG`RLQ;h8^*!VHV@s4h*h6BM!_OIeXhdq6D+7b@{Ic1pfas=08ilbrb;%B5u z74lJyTt}wHJ-6I<{Ee9uaiwqBpGI%k#X=^g_Hq_L%H2ND?&q1rCyA&`+x;9D&>U$> z%{zxLCX!fg+{S4bh5>7CrAl=@Yn#nPze`g_-e?BhsB05}qp!Dj+J|&$etmj9vrC(m zkiX>j;pK&s9dNF9Wn?RZ5N>hS_b9ReCK1CX>(&97S&qT&Ct2C(6~5y5blCyxDU;#g zeATute@}qH2-i}S!$uP0@0$_2*kXM;I7`bWAy;eF!tppxr!xF&Yzbit+OKOD6W#;# zUhT&T|2ygMx_tKM_mKtt0Jp_r1`OUS@}_Cei?7%B41<8dj-&7=52>e7z zcX^!|P*HNMX0ze>RUt>GM+9PvxqUuKiE4UJy$03NKf*E#9G+fGRXi!An<<(X(fUUn zU#A|n4f^@hIGGm?3re5lq2U6_OM)fdIeQ=XH5TQse7ng)PjH$(tzo97182pXFE8-| zFKfNFcSHfRP@QhN_R^|GpX0~!QVP0IfZ3Ed=NXXSw6I+~mb3kaU)HrDZG$wEtzP9M zSoEZO!}LcW#O8z96%~LCrrqWKe2`oQ9U4ndRH3m1uJklLxKdP1 zE@(5iH77C0oVnEoGj`;FbOWE(WzP$rgNW;Y zB2U==_fEI6P9|{}0I{6bNXOKxQCiF=T-@yPME6b5+cUJAlX9-d2^(#7s)NJ1#r7_R zzX~%|2R-&&1^OcM|B3Wr7lP{v#cW-^<09y~WmSgv9%{X=M;dI=@D3UeVBAk+=L`TFs*Ue zp(}>q>x9>g=(QiPT=`@LL!j#aq?oW0s;TvQ4;cBNhWsgVb-ag8P;9TadFYMMVs8we zH|br?TiUGTlIZ)4I3R54tQ<+BaQmhD*BoyP(xO~N=-}$>_RiF~VPwGle<0&6JwZVy zv+TTSyVk}fDv7DNW7XQ?5wvvB0~Us!NT%Q@+#IoLYsigF*;ESDKBiNQSB+29{2qgF zh#ystH9*SQ_6G6v++5 z%W%BWuj9C>9GfZ!!FFRV31Dv~s;Zfnl)y5kWEJ01LHHe)nr`ofL;d5jP}F0}gU2r1 zKAX+^s#KoBM4a%3K-z4{_zSfl#Zz(kA9%|lU>pMy$Fn|Gdtm-43+6_2oJTE&$NOB* zeO->upJZp&VcA|RDDhrjFK9Vaj$=e<#LD)33G+nq7%R>@hsY7Oa zAeDM^_`7Jj^YZHq%QF%N_F)?ZoCvOonn5*6c<$CJ>a2cvM`Wq8_%?4bNoZUAxbx}< z&)t$Mc_YK+nDuI_c}=0Xyk3U$>kw0rz2N8ON&my6mrIUzkWoGE1@-RVX>1?eApSQaj=G6MZYRW28G5I*NdJ0HEZMb(WAChzF*I#5Lhd2PXdQBIL$K!dO zC*)K@e(e1j^X24~`!S_*TXUrDu7Nv&1DZ$KhE)b!jWzJrG;SaEjlP^&*oB7KjytQ3 z7}-{*8J_n{Zjo}UH>J~z^-}t6R6;mnkBjpN#3W`yGaV1j^pJKa?kmksG64PXp9@AU z|7{lQu8s~yc6Ro3^kDHMehSE^2kzvVy`rd7H+yqIxJ==7K@s=kn)FPMf?i1q#*?=- z)tMWVmGifAfL{s8gxWhg#x4QDr&`4uhC5dg47B)}2#(mI``swkHGUEwv}5J|rt(4H zN_UPwpC$|F{UN1aY4juWzLb&R$N*rF%hWRP|FQk)#Q)^-R>RYRQ$}$ zJAgoT7ucB`dp7!^T(%ma^gMLUw=_i5#MEv z%Eb{|VDw)*#vmpznKH$(>#x1w2PO^!UnLo&^dKKF`~Zmiij$MmOm8;-(W7j7wWBqA zafZ7P75J*I+qW{CZb-ymBgyIZ=UM%pvI8_X4@ARyYHQR~uJg?yd2$@~xkj#GuA5

d+^8Yd?w-_X!=F9CT>M+Z!bzgRP|vUJmt z-84Ppw3*-kC6k%`upx|c)ha@!qvnHZD+lbM`2I6WWKn9-eGGeWvx6maFv!FSd-ymg zWq{JgjsmzWL5(7!u;b(7;1cb8U%cK6*rkaUI389q9}hC~j2v|WvbD#q5!F>rpJ!5; zX*HU|}(e!6OHtQ#LuWPj#hC5si17;56<9}U5tBDwUA4kw13a>J~$)IMCvcMlR{*)yP z*V(*7%>1IXnaUM;dLJxv5Ng!AU@;k*d=pui*Y0!cr#`YFliR54&jTsQOtKKaHa*&o zED8M==-t6Hm#ElTRm9&laa3;l)ibMcnlgL_i2*tc>#vr@?;?2=V^$cE|1dlEd#6Pn|nP;Y96+~{<30_1${p2sHs01VeMm1QnEQPI7!4DgG8eB19e;NCv5Cs)Cr5{}!^ zIJj|`(+SVF)DE*7F8si5gsz0FCNb{=Z(JEbMb*0H{mBCS;Zuf>j8VRf0EBscL5zV^ zf~${$n54xFS1s5z`iXX;N`vS4huPPONkBZICT2N%5HtaoR%1#Qm)n8ttH@d;eW!Ch zG+6MnZ@yAUiy4STcxUx*A?-b3_}T-z>+Vv#r0&nOcIn^x(c8ZdhCUtdQR4JXA_`6; z!|cPMl4K!wdU7L*;UYSBFjw+^N{{vJSXvc1Zl>cBBT>_>g;BsbgiJ|=sA#hR;rJ0( z^+zvJu!F;SNe=@li|rjP*EJ9RB+0QuyuV*5-H{59%9nLr?n}dpFg1E-sz`rvJbSJ^ zKMK45fGR&1k{BMj??H}op4$wy|KC7aR3u_vsCUH_H@^^d8>!mk#UohSc)XKYnw<~f zGW6>ljYFi+=FV$M7>sVry}6VEM;mW;;z~B%^2VnUfl+5IinyOC zI2Q(PSLenstX|9lQ;gk#gCCC#5F>8Dh=!QV#zPF*m_HSWY|m4Q7t@L#)e2AX8=mx zA?;EWbYrNvI>HNkUpiDuyBihnUxx2RdC=oWX_(M1CsqR>a zfYpXeB3*A?8K+@|dn|`dvt5k#d&-QhxpB>dr<={AdT#(JDrFB>>a)f16-^sV(W#4e z+Y8BT)*GZrnV?EPE+y-diQS|D*ZC{RIwSQhr#L(!HydxZ`X&Czhf|Y+G=);# z{J;c6LAbgY@Tz)iAq6|^rIRPfbmoDu?&&7!#hcCxy(*O*>RZal_8;VCoH|`W=x1r( zE6L6XO$z2u{AA>}c5|$mE)Uv9=v|AuTwIz?Z|Xe~#(lZsHSAfkeobrbtuL`aoa2nT z!!6lkLYU66Aj}1#NybWB8E2^ZMVEkQi}Ot$kirtY{Rul9}_Gk zB3H5zBzK5oV^VS0CbC3uVPgZ|Ams`MM`mbE;cV7xc?m>SRQpgJ+-WoO6T?9=kI**5 zVOJIty-(0@?JKCOU=h6oZ~-(|g&kQ&dVjo-kADgC$WkL!Quix5*@ft8JK7&`5L`#z zo^@&MzN6Q$H=K)VKa+is4#FMuV{bB-lb>)-s6{^4zVfkya4Jt*ziO4#3RY&ILC{+Falq$K410(Vw$kqjYJadwDAQi2 z4QGo>`Cc~TC$n3F;Wh1e6GEnxnpRL~_UH}jQ68$ek!1V>bKl6Hs8MKi$G1-&8qU;% zuW0BUBi@o$4lf2rkGbRkR%$leX83@YJ1*dU z;c6^x0Y88OGQmj+YA&_|Z}p!WCEfz$4E!!6TU1d2VB0NtwJ{g%T*`5NA#%@VV~3{_N!(pmNkl4Iru{4#L3BY%oy>dc z51bDL`!&X%x>-@JSL4SeQ@t_~+P;8T>N3Lm>$Neu$)>`Rkd1-^47S8%w&JaXq4Ll5 zx>*sAh(}lwz?FW!p`kd`OohihR@fZ=ESkUj74*ADjAj{Z#UC!*fuz^uKle zDQlq{mz87P5SX`B+_87o`sW9c;j%VgiOGVyLO(p>l7VL#t@daL2bWk=Q0!(}d9Yww zsNXEAG_OoJr_Z892CqYs*RokwOSc#--tkfvC97ZZ=E`Vy{B*3K1XrLSs#nOQwOl=A z+Zb>0l4{_9_+(1S^Wsq-Qse3S&A5fJx{+v(jp+zk+6`9oX4IoOZC4BHIpz{e)Tv!B zv?=*eNQ9(v%|+wz15(B7Jk@R#U-jvoDS2B~MEwr;k)^eL0%48b6Zuf~fjN*X$?P(S zX0`1Sk4sKl2NS|8Sh86z!@*^ex;-UV6;!fBoNuroDd8742R{zwjV=!mNp}R7@CqE8 z1cVy?;#pX<F+zElYJ8JY^j`*r>Y~x(}3)yG@1@OPn<4D(*#xg>ebE`Bqp5ssNjAa)?ZGIh zofW5kNH_f@e&75;)4MdR=Xzwu<8>I9TD*3MH??$kqF6=KA^@!$d~8%CGYYBl%(~$= zUn?6Z1R!C1hMNgl(v$t_QSD&P@=&nL1;EBD#>R2J=#pO*!Lm20CS%$T~*h2J!#WN{JGyhsWh|r#b zSbumS4uu0kXL@(foS-O&7LfQ&;W`?Ii$iW|Y$FqNvLB^>-Ft+-a!6qIFpO}K8v}ZS z@Agy__BT9O!ibJJ!u94EY3r(sT>-`yW%mn6Z2yh~-edVVn9$viJSs)ibpmL=Pg|JD zQkui2jiO5uV_05s$lgs~CpFg1?Bu72?v zUZ|7nw?W+0D;v%PFyorcX69%6t^T^R%^dQ5lpusL;;S&q%E+IleVzuFk>JPA7 zz%b9DnD4AQAoFxE85QTDx^mGPu};EAzIu;5p#rBzZrGJG6?WZ zGXa$STmV^~tMw>k>|FRawx5W0KGBOESZjQ+)~)w}vW6?Q_>pyu;aX{CxDru9`zM)xM{T08ND9n&jqQUrjf|2A>_KK$H1!+%$ z)b^UZn*&|ygBJeF!WIiFUP4o%k)*O;>nk6ZqzxOx@<@r>7lwiU6dxPuDv9m{k};>= z=~Ukv4pklUCt%}bW2U_B5~ZU%j$KNs(FrywwS-ociUVG&B0etO4@s6=&$s{ouS<~R zq=-kg4DAMJH$ObNo^z&7EN9mUC3QE81SQ3V)65?(wZ5W!(_#CKo#N@Y*poJmUG-U8 z?Vm+Hxk?sUI!f_8Juz|qz$-19ic|0XXPiC_tvLgl;&n>#H|9^!3?VshdU*NSddMAqQ2kEUWN1Odok$DcT z&I<|?R}8DeB-$W9wWlugrmkAK=ou{rZF8%NbZPMhb=sfpA#9;fbxg|`*gnPJ^wu2ER z*Pa-E&d(M&YC;KOfO}XL3cm4h(VY)l%e}nEZruVd8hBpf_>V8O;dEEf&dr;o>b2{G&e5Ky!1<+jb zLr6v?%|8c!jJ+u$P-C!zsO6GI?H40Vg&BxO|t3R7^4fqAMivE^8HDlfx$qYZ0rC^S; zfnT$eJ<;{YFN3^5Cd?0-=kN?UgGkoQ{0@p1BbBS4~{kHdY)nt zWS5CuHF?bB2+rf^k*_#M-33Nf-W$TZ4wil^%31~o=RTi2^={OshaD*H$&`ZP1aYLw zQ?)Z?_2&jyUJV|l7NBkgpWBX9lMC3ry$-+OEXNC8nD$>S%I1%+hmGu54SDnv1&An2 z;;iz|kmY-e;IH=nv)yqSx%A`Th7MBt2+dX4q*lquIf-ckLyCO_RK+q!@agp!~n(@KOwao^^`n)=9IU+K`TUz?e?-qNL_XyUHI%NbM72ET^i>q?8Z zL2l-cBi`F=@R`|G_AnPsIfYbSi>e&Ls^E--?^<@*Q+%#;+JMCta zaxi;qDg4?|2Zt20pb3mm!j~}BHX_Dk3rPe@KII*Dv!-%gE}OO@Dl|Q*8^l^aa~|DF zti>7Q_JccY_^Yn<8{A8mzg`zvDmJ_b(r@kleW)^@-~#D8t*k24z&qDYn_9h|TZV7c z%$H7KuvcHzgEzIjOGOVDo1kv_Y_c>LJb}4PJuA);?$2mHJlp#$Pwpw<08sELSq>Qf zpH6fffmG6DlXZvv@Q<(g9zt6RMg#f=@;JmR^tI%%xUtemZw*h+7wwI#SqVdr*I11a z!bGFDm^k2M!ed{OImiI7eFFJjWQe3e0*#72J-6f~HR41k8!n2*f8wcDbjLBCGXf5N zVLrb!P=!|>iK2h5*MRYS1%K>sh7Ls5Mi3WK_$mJ^c+7}rR)+mtGbzm;mzzHhxPEbHV@>gOqE^*67TT8!8*PI%qC1h8m3-xN7C(OTm#RiIL1JWdwfjmLo-e#0 z3VUO0#)JvEmvc{D$kKJ$hj?vjLxdpyDAF!{N!PqgbMxffOdWO@%k~O4=5h@ZKgKLM z#J$C)G_nw?IA2+Z+9|Yet9+GQL z4%|fPJF0}kw&KMY&3Dph&3DBPh7}bK&(OwCy;s`SqetqezhoQgKXXdjS%B<`T;WYa zPPf-by4OQ-R@Ex50l2j=bU1@Ls<7ZQUM@5U08ydqjpmey1rz2%lVz7;Chu+AX54ok z3(pV9IyD`4suNTcCnO^4)XEJIWAIx=m-f2l0z}^Yu z!VVcdaWhMu@gZzZq-HR^!Uc$52O=X0jgCUF0wFtO89TrKXEBpL4FgV<*2EXZFE*8WLkfrcrc zc`rU`K1rH>Y)WWr+m|DNVnYSF{4$%~gK;){N9a2@M#{NT)M8g@))w(-2Q20fC6p9r zetw#-+;f{NGV{rMU*VL+)i0vkXx55*5c{%0AB7=@hZ6Rd2h7q-l>r7$&62x;RulP{ zXEp99iFd7;gQukdXC7af?G)x3`wDT7{U)kabm76~myp_KpOgx{<90=Rbp3aUUxPq&cPl?>X?s zVqm*&CUl_f);nJvz8Q1B>&@ZY`qVce(I(d-nVY9?UvI`$eE!bzVB77@+xZOJi8CdC zkE51|iplI8y@y{CwbeRF3w z^Jc5|g~PBDLQh^70eg~bC&Uf68-UW*DVBOIPSWqm2%jK5vkiNOyE9EkTCmW2(wFS9 z-Pvn*g<(UKlrNd^i81m}i7gM6Tw5?3i}`yz0;AVs_*+~d4xgw2am}UDcDA!{-l|r4f|1>5*H2GL z&5i#+nlO{AS>N`WmThi77{X&IjhyxYa%jA~?#^ky#+L|It;nKsW?rb63YyIR5Yc(} zQU&vwwEDVfVD$A^PaO->R8y#fv^5Qv|%oL;>ry zz(YpXZb86Np|jyzE#lrmaOR&$dE1Hy2eY>QS8wEf0F`B3W+Kn)F~!09!6AH|9uhNH z(#obw-1u&X)?I2m{qAlc9K1gNS zu*l}=5^?#el9J6=98CfL1Wo$4Pl#h&Tv{eenV|L%^18pBw*Ea|qo+E^8Tvf@S2D{n zY=y)r7LH!+`$fOqw|;Uq!r=&|Ixt6V7oW@LQCx^_BxQ3ey}a(2Cy_}HP%TffU#Zj1gb zadV+7=(j)mg!m&6M4C|sqblUZBsh-teMFdxH{XboWe{-qh8S+_{U`XjYoDBNvMt#=_{^?n+OS|Q!ifND@?^yOR#xd%Dil)-&uwgd_Tcb= zP4FS;+wq0yU2T)6{i+I~&GE!qmhKRD`My~{A>tP4|2~ys& zV#$xA50`ynS_ZrRANJlmp6dSpAHS}mlC+SlsEkU;E;3pqvw`fgMI__c(jc-*R5@nu)|pkRVN z&TTsq(>f7*ml!IZS-|zugH^BV{lfB{QU*qj6yF-cqN>+uI~Dj9!S%~?O!EdAGl?(j z!$Xd9k+zC17gLVcbEJ5=A8KCRzU%f1#33%_&u%jMk;HZ0v2JXMGUvn1lJc^ULAj#7Zs$ zTYDnNxpJ6sxrDBh_)bgRxrsj2xbojHkccl9XwmQ|Z3_^C;Q}$?_Q&QI7JSuU_0lu4 z)^qnHIFZ}C(xFPyK-HSMAhEcRZ~h3IbbaseyuGfxx(RRfcC?JabGo=^poosWKL+Fg z{kbs*mE_8vPq6HccRzXsy}x6@s*M5LV*1#lelw3PUP&Kstp1r^Q>9aRX8zJXv8l0- zsm@FD*|(R>T_)I5Z#BigUe;1uNRL=r)ibImw7z#opFFoz_l6&|1Xjmp|8e9-%oPy5*8sZ%3eCYJ`|q`0la4)ghh{Z8ML zja!2DWdJNnt~B$3pn!f-ZF(%#^=#Ac4JSu48hhTmAMljn&SfD_Ss1M?Dgy3mR)6h+ zMUNzi;L#jn)=SgKq6I1EY{$8Y(=Dk;NsJPbhEdWgA>$7yN^sa&tb%KMIqlf*N%^YK zT&~L4`a^^5>OST=jVW;fPSdk!0Pz>3Zk>>D7Bn zh17Mwrq$I9&Qpbn({?nXGp)Lpx5uczyK$xy)$KH%>g#kI3Ij>Mj5;n&590B)K1fTO zV=sO8WAUX%aio;GxW%kcR5?kFI!MFOA}ecZ31o66_@JE~-Uyj@>xsm}p1%=>$*m+> zSiarbxdW*?UQ^j*;~E6&#bQ!F0xYu2A|tYM1_9vj_r{kx5ChGVMflzu-qKLOd`Z0b zTt`gUrH)r!!46*sUS}HiWtcos8!OtptGGSWq!&8p$A8#Ij(o$~@YZ)X&n=GBOQpNi z;)g0A%O7PMy?Wi>`$Kh+#ek-5X|p2~Lg!&~)8&>ci2YDPYTc=oFOczP7MVC~>FMs; zjuGj74!4{l)IN|QkmwPKabpa7(t?;t??^_Xq#x*%B4Z;l<;%Oo?5=v5E?wgC@llHK zsj(CbN^pbW;D3VjO}lNEyj^Eq#BGmrUFV$Q0Ti3Uzr{#$%BO_8IN+85>>}~qf-&~DJ zoJB^=G_}pGKpajAfiwv5(j=$CtI<6W@gaf=+s6MwLf}4*je>0_MQIe{u3;`M=^wQK z#jVM5JOzXhfSv~ck*1}nx6_TCxfqua<4hgg@N$x@1g?=0~* z7Q6B06}b82KKAo2(4>{0`T>Fa#jpFHr9&3NY~MH|q+&O&gz3&izJS^&?dg zXg>UHS}xLNlaxD_(`UIrfPxxqTe3~9r#~Ii$EI6TokSEQT#X<=ul6&*O|cx{Hd_nq z3_9qSSd^UqV7w2`KJU;nQ377J5EQ}ipD%<2iH7zrUdX8ggP&PTfq6wq+8K(4(Ht#6vM5}utc#JC{RNwM_fM|j(h+ap~H{lB>G=s zlF6z9i*QcoEGqR{vE^WXt*b(khM!wQgF{;I@mnyg5hZupG3kG(a{9}b%=Ipb&knSR z?brd?9bD&FkBtdZ;Gzvk(m1W`s+D&ZdOHzi^Go9*MP{?)YQ_LnBX_4 zj=pnPQS3}})>WRE@~0^ScPUuC43T`#mj!A^k%k3}czYxUxncGs-7X8EVqagWql0EQ z?wo-A@VZcvNgDo&3i;~Kp+(7>7@a#tM+^N$vF-eHT*wY6t?7n#MM(uJ` z&Ro(vOryLO)smCRkl=`Xo#xqH;mYwytVzlYK&ZcY-UmMtnElgp?H5)2<29HcirX1xwhKQTuaz3CaR{cPKs@^KT>nJ?%^hL z23x*@seDL-%d1f#C{fGMK~ow4a)L#UEF*%HKSt#cWqNO{kn0sNz5{hp=YYb`pt(RS zx(Jhc&OL4SX{Jryhmdj`gIY^YF-}fS3&;|;^c*qVeMB~r>V|Mk66cn!TXnng?CP7E z0v>h3E?d2?sOSOoR4+1H`W86@tqp2O`pK)p8brG)Es!Y|)*~u#o&-yjM$pd}BdK-> z3JL};J^z5)dEj*Ll9!Kpj$4=O$^0{x{Ii`Dz0`Mn!D{Z&7OL2~^KB-dA8*sWI^Z_nRxWjjW_ zrG*|=e)1i?900|c@gL%i&cdtjrF*MP6o$_v_1S^pAnlS{W}v;RGLLna5G7yyHcr!% zYN#DoPR)JNWVMQ+z08UpMa%CWj6V`_3A`OPig;lGvUTAG zfaY6d8=E;cY%37`m3FTPb8It*c5qRDQb(_pc(?NPd|m4Ku?6MQxdi#RAzDw$BWe<{ zn)R=SVDd7B>(aTcz2x0XDeo|-mpLcqxktU{CWYfIK0g-#P4}|Xl>(Wc^L|S|nh1Bi zs=`aQb01Tzo!iDLW&hm`U5t`K9AoRFpOKdLgRMzLUZu$?VP3 zNpZ%lVGzS-A!bnoocM+Emk=6Mspc**O{0}zu2E?8RaZ8WD_IjMS6%WQd8hWSEci&J zajP63_E@HK1LHV(Z7(tFU;qflk%9^Db{Gr^4i5g*R|ku=nF_y|9z^9*-Ck3pd^9H^ z?`N!#I6Ul4su{+|&Hs@Rfao>@yGEp52=+UyE_&R!CRj~0fmcho-M%knq*HrOji}9wcj3ZyVh!cRs@3q(6iN&t^u$c)B zOOV?RILzz{$kdfqP|?V-zmSJ&nn-I_U)Ltr6ux|Vhq)R!bKXVU{P^HdV!JD-bIF7| zhY)p6`$mumR9V$qo|Lv&V776UfXSVGU4i)(GgYJ4#qObL1Q}$lw@#?|8C;Daj3dVa^^yq zF2Cq@Y}FvRs*&wrWbk%bo^g4E<kh`W9txfF)@K%!j=GDb2n=GN-@ zBlm4GKX96AWopzt?R6l)0t6Y}biIk{+I5TPf+0ULw@ETQ977Bz2GN(F&%=?S^mMI7 zWjoFO1E;7~W|LMRLSk2be~|mcNX^2Tuf11J@PJ@=P+SusmSBLln09p4TLd~Pa=1P? z?B2t~_7Nv<3z<0wGhA;z(>Jzj%ofOFiMZHd4(7&x6T0TQ%C1#!i{96t8{gIKcm(qS zv;#O|0;xv~Tf+zs+Fr({(<76256hM_62n_Z9%!Hhlj9R7MAlY%Q5`zLE4*)IICPgm zro3>J$h@T+)=vD0-f>SB$d+=!oLHiakpW4H+z+$NOHRhGU9y4tm(iQ3{M1+ntqUy^ z&Wd|N<>ZjfqaJQaO2mL-NHVwr7A9TmH(2Y6h?R1!Kc{QaD0HAI*`}cfcO78s6Pl{i z2y2PTw}cHz1D!?XK57z6qK2*jQ)~K^M6Z4!gtL(9#GD+Fd5&$ENoPf#LT@?5eU;vl zBuBIZ17BS;Gh|0(YIiIwUeWCxCupx2+vHz@0cT8~hxM=tT1dR6lBJU*n9Ja=t7-VvD_ zj*f?xXCA-9SUcsXzKI#mamZ(SUUKU)B~nh_^VNhXy%Na%LM@CSlr^pvv69ef-f+}` z=bF%`2?lb#U|I^ADSh^+Y$tGZ-C(25$}M<$Le{%^Vku|}ZrJbfRVsFkii%l9fN~eB z!883ZSKo~qc_)J3s_(DX`UY{9t;X7k;w;0vL(71l+*->3=n*OsHnu~{{U+k&YO26p zi}loa4{$JiZdEUw+3w$bP5_u&>8i?YVu>*e=q(l=Nx3!lq9vCt*qnH3sW=B>#=hA6nl}MUW8d)i%*-xpRB5`H;2Z?QnWlNd<%DjVR#~r?h#FW=KyirYi4)~D76!{^R$^WBPSD1u#!T0GRmsQ}4F(Ew zMx}hES~_R;(;cW520xmXO^*IO|s;HDp4K1P%f z88Cn!G7;t)djj{Wa#su~ataN9BB!oZE(q=QRdvZzaLi~T?sfWxg!m}y*7mje1sByu zEX#Ek&dnuqAfAtk$Rp5099~xr63f-mXp^wsgW``2t^a&0jt5F zE3iS&zvtTYn!HYs*@}M}FhuVqWA~MrQdgng7cw>SQJSLb%9a}9O9{VK2fjr@X4iU~i83k) zc&^B5le$(r^)Qn&8|+Sr(P(dOrfbn~v`G}R{%*zUq_C!?Sk@@)_}ycYe<-hw zeek9P%o6=|uUZk=dI&KamT?EUg7>UEZtO_hgl z!AjzFr=fZCbeAOo?T{*c&Jsl1>3GVb^sK~PZ)1gD2 zrv|PW>Whj%^IzfF3%IJ|y7prT6#BP0*Khh3=Md6A0O$T?H*Ik2U0<}O#ehOYMbt5(-eOf1wvV1X5N6p$ur%N=X_yoXs-2X#U!LD!X|e3pFVops zW#R?7qFs*J+*yQC@BF3B0kr)#)}=jNxfWA5^T)}hxP5wk)lOH3P^>2?Jr6NMZ%n9_ zk3HEoY?DlL-Wt>Y9gz61^(-g*SXHHYsasH&*KH>U-qEFZU3M0w9%aSG9DxRO=Id+a z6d8Vx!t``T`+t^_7)%yRHXzD~M>vDgLD%f8QBQZFyuIQMG3JsOvHr2HoH4IHi_cNy z22*+NYf&ZFX3E`YlYEi%-Ztvp=ul1b1Y(5)`9q4HnCDRv#AkGN?Aq0mk)D;6l{3=m z-}9z-XNvKGUF!ucNe7v&TIdLRLEgxVyvz?EmP(~N?sp!CTNo$L#q~@OB97YxCB&Am z9$Lb3`!=k=Kz^&z*D?DKEF?{9OV!I>|i-424zGxFM+%EHKv_n(Vt z(l_&8m#u1q+6;snG}RpNArGZ%NGx`@-fP?6C)DepkbfnnZKXSdN!Y~hWkJs%I{D_^ zH3S)HvFR+zJ3afZ2~a(=RJ4s~87Cju+BRloI^5yk>$O$E+6bSQ^Rk^2nomb(%+$+YXxS-i=Q9z4kRxUZZN$>(@4$Q2Nf4YWNY~#c!FmL(wiT z0=y%vdumHa@gg_Z-h)(fE4~;%@mv6EbS~`Ojpk^$Ei5BS@(?!^b!#n0xms@fpTCmg z4OjkKL5tn>;-q3}uc>9f;PB>N5w}M}1FkZrzY$8F&kRUU3%s!H+fl#bQOOk+OY*M1 zqo!QYp2!R;_@TO$n?1;7)76&F|NI?(9wG9^CgWB!BWQG4c~hw16Y4g$-Nvfys9#Y8 zb^(=|?Q%m|oIVBC-hJ*NB*aMWRkQ0{5 zM<~T=qV?Ckp?_@_kh3YCaIJredH?=B(ikr4Kq#&I5}Bj<9)}(*vl}XL@!TICeKqUC zOY4T(>IR*_gMPje4pLH6Rw$L_Y^R!+r=YWe78XVZ42HF8ij^81gmN#Ctdbn5nAiwl zuqD%KST($HjkcZDkHq&`k>*5Wwx!|7$ncY{F6d4-=l*<(adqK2ln&B)78Dc&3%NK~ zeII-bjqZa(L-ED9XAvwm1FJoid(NV|Hf?GmeTd6DNQ_IpSM+?7^f#`#Q+K{dOc4lW zft>0+4=Lq?Cr)ifG-#wXsg}cN=A}CRxv8nCYdR>){;If#xMG|dL2LBoZ?21QhZE`i zS9#!tJnd5C*XnFGsC(~HUp$0@J)ArzPV9CPK}kBOs~=ZQV`&kPUG>DOS>HjId~3Fg zOU8xb#kon2R7_1xjgh%I4ca6*A&nkp`LTd1X11-&@`B5&)Cln2AP!pfNe3>^vWmmZ?A=GwflMLh-EHY$M)WW9BD}a^-grTMV+#THq)}l!7}|kdU+^v`DKL?6t;HWPYxCrZNqF5u0|fJQyIJ0n^E!GXEQ=z*qZ;5ZcbvrQ`zkWi)6w%+9NQ?dUis?7)y zE#1zfOK>hpa=-%fTM`xSNu(nm7bx1aU&8_EoHjQTg@$rmAT8f$^c>)1vHtMjup4qR z_atrt@wQtA?7YGbhZTPRV%@!6D@yuL8JOw82oyzlKlZbQ#BKBb{ z*~9<%(SJg<|MqIp0MI$G0U{@WCy&7cv`9eiuF>p9PrB`ng)%==6%-j<>^A&j3)A?pIQaGt{4yyxE zrhQTXkxZBiq5=HYNx&Cx=}~|2n`TK3XOz z^P?8v&rkgKjI4OX)&3!FhQRa~!_>83Jqw?Fs|hQ>o{S#*d{Srp{@W8yLvb-Z1m~4* zg`A-DS}_r`eEr*i6J&E+RJ5H0%+v`XIr^h9x@~FtSAA+Ni>z9@vdy(S?K{xO5Tjlh z?ZpqlOQ4%Y%`_&6Z$JG;s&F9Op(i1`o9Amcci~7H&w?}|*SPWR)A8Q2H!i`ZT^=)6tJy-hLx#H+ za7>oXr|}IMBtx74i_LFNQZm;K0rw<1KbX-rhwHQ_4<$;cZAOlS=vfq5dEh9f2ZtA@ zS=hSs8ug_^DCrR{k1m0E|1E9ECZtkT!!Uu~QCT5Dq25Pqws+7bF}?nA^5UZzJiq6D zgY7`LQBL(zlF?^|V%Ck-0Zme6;|(V|pGqPC%qmZBqg}Y;M0xO$m+V$S1ED6#l89q|7W;x^TgEdGLk?_U zzTjElpFKm(L=h2A7R40kYad%QF)w?dkjEcgdX$}k7MQo^dGC;Dq*oM%MK8$FM+DcJ zLnv5a-|^9V#i?g12<7y8qSIUxHF}Zi&ce*71+4uljj!Z>(v+Z5HtV7=u$=Y~*C2tl zZgI{?>l##`i<5Ci4Re~jj){qx7%1ShTcIX) zz*O%slFo0pW21R8^nA5dSNg8!*;?phq{l{pTlYlF&X)Cf3kjAu5xT|u_Xla)s3xjf z>ayI->S%UiGgDpo-kM{f+ZUqiE1JdIl6AYI=c*8v0S063w-XF8PrKLQuOMbum&2ka z)YeX!>$9^yNh3EcZFx4h<2;)&19uqTDfJ2I(&e(1sR%^A&K_6KO1#^pSEDVuvRE+} zGg-bDEi*GdQtG|6WUj%Qt=%Ehu55*q0?TMuyeHsjS&G2rK`sF-Y~X zWBQAgXu|2Fj%(GOsE#{}DlcvDYcu9hQSQ0@TGzt(xtZe_r>G*Gvq*oiZqJ8Z&Noas z?bF~bu1)8%;N7HBtl%==h;XOWSxd@C-3_x^bPJXCxmO?IB&7z~o(x87wP-HX?-{-| z>BA&$?>(Hdl9U6B4|SXRg1kdarsm2D>C06qdsi%KQIa^0;W_WaC+LCy(xXga7^j*l z2wQ-8ZI|IWi9s{L=Si@^VdExO?RsQa6y~8p<&35Ufe`UzY4g_jORP^ZEH**s@pR+T zy?1+C#9;c7l#W?>x8&9yL9@=2Y%_w(c-UG=A7b`utX*&5<&kfJ=X=AkITlq~rQ+gY zb(*~09qL(L=UdsfH+gqU-F5rHniUP-UDyX0#I@1c{5C<04tafg0};opgf3q*ThyTR z4ly3&^7!uUVw2Z${{08Zys~B%KP5mJ3C}G6_`|2tOOSJ0=n7?L-{vB4m zbnFB@9DfEZrO(y~TjNW8SLILga)}KTA1!Orm7qf}EDng#8-`gcH?c~Vb(H!>92X2? zwGy)L(%X!P9?R3r<2SSQ9GmMjg}c|)j!KQNYV2*RBHa6}OkRZ!L*FkknB%+h5zQpY zTUJ7&&5+%d#pOJg$S2iLzbp9R*8=+m#sF;v>O6W;8`yXi;WQJRsi2;l*27oN4qQDu z*gadPIZt4ZaO4#mANQ3TQuIZ&yo7dn5Fko{T0muNAYQ!Ktn`}mz#43~!ij?VSRo>{ zuo5H+_bDt$QSa@nZve8t8D;#5GlZM0Y*pa>)B`VSO~}IW(JLNW)8mGhO1qrPB8pX- zT~00ca4)A#T%-$fz%jA*Q-}A}`X+E`&|)<$ z>CQeEu*!x7d6z!lE}7^XpK_xZmvWiis@r4MNP(5hz|DSAL-((oR z{Bb*j48wC;W>5A8OGpgXm>`>95cJZuo0wrB2_;v1cic1BOqeU9gK83kRRlfp+9Coz z*YhH83I)Q^Nt&P4wI#vrZe?;Di#*Y(H_7roM*(YPseu}mDk~mh^Q`ptO^jZFK_`|? zMrwh4*Pir8J1{Wf=^1Ah+=H|aP^QZqwk=$a+Eqd*SXtt6keSIt;k%yR(6UdpdxT?~ zlx>zK5S@llQ((k#s~{h70EHKOUHm}>`zGycmuaq~J7C%>WB&CDK;D4)dB*VH zTz3F5X#I8^%>;IeOX>bfjC2PKI+)&x6`d`X83#b4ko)vW?I|AlQ(r%UUa^!2yx2L* zLrK~I<0<847RD{#x@IEM%>_90>6qI5qBMIL|6X%IDgKI>*r%}wcoC2Ghv@AMjBlMftW$1e&w-w|#> zVDD4g8}{twttp8s6Tx*|=O^D9JlV%7eB?6<3|Y^o!#?|SA6P9}VF5VUdGUhuLT|)^ zI8QH5mOZR(7?70uE?FB;S_kN6Uj+Jle-5tQ*XMj&LuSJrwFx{+&P+77^FbU2zg!W~ zl9+3uCu3ZE8}>XNE|h7`pQv!5l?mcXS~Po=NyDwBF{eK7$UD=l-mKhX+bd4_Xpn7t zMRaZS8BBd@?v%Old9yMf#>16fJ|E?522{_X$|ot4c;>kzQ+V3#rts|T4s_$8N34RD zZ%_7D>z+lqEM$u(7cVs^1f~nl=Vv?Hfvu`=Ajr$#lMn#p$Ozn1?Z&OM(ld0)T2pnU`cnVwff~~3l2K{F+l{G=+=CFr z5qPV^k!9rE@c&s38ze%pG3Wt*t{95EUFPVgM&!%>H()(D&Li&HW>9d74?x*b*dBoJ z9u=s+=o|z0L?p_x<+LwRV%@ypEe3oI3`3$TTS3*@aUkb~kWmf&*+?`5X@!uLJsYQC zEO5&JDKdTR6e4PNczL;d5;h=eBg&G2SK&Y}3AoQ2e+=}4ATe%(W1A7$9f9vZs~PhV zK5m7N!jUi16oH73(DLp?L0*3f$7I}x$8vN&6Wz;PcM+Z?Ii!xEhOnjD*T4~kwi`Yg zzakLHbv6)shb1;6G1tfDFhxxb@$6ZX%h~9G?^`4sWr&hzP)6cikJQtUX;a@okb(;1 zXvuaT34|l2;u?*A2BtPFSrUW-f4-0qARO;iS|Fh`e7a;m?h^)411`P**9~74 z!h$d1{rmDzF`z4e8Bs|5VLg!?kEr-_f1Szx-6a8!y2is(w2+yi&wuJ~JtSsrrmy!? z$rC~M@xn{%zvV?b1|K2S7oV+#A-QLb6oPDyKS~aGL?w3EYX8P{?4Oz7o&*PyM*G0o zb{HmiAZdX&1)1tU(z?Jee^E^TJq7=y#<%^{?ob*7R-@;IX__n0m!deED9a^{{*)#8 znNV@nL6pR>SQwiNNY|oV^+jTYsYX|8r2Sk7W4q$|9OC@SIZwr`B+j+MpvL6^DY7h`B;4H|4rVw~~L)e66# z$?>*xP^z{|S63v)VXPIh(vkuGSb zygi_k){~U$z>pYRvh5o6r^8l4vpBv~f`ZN?A(w zDok%gFx^?LgmZm>vw{x4jobL+!EEm#y+wf?o%`CvGuuUewZZE6DZc(NLgs_g(dG96 zJQ=;w@wF(1yLYP=in8BoeEecp0ED!!AQUh<(L8wCSw_OqmvFZ?}DZMY_VpZ3Q70=;yv&nmI z?4zeRFs^dG_Iuk$+Yoj^#AdM~iTAJ3B2YZk2<9tvU(owM{b=I`AKYWvv#5_-ZOW3j z*7)u}P?7QZWi->{+yO_ss@5pcP+h_~8bf<$JwrYtDhf$Cp{(GiL*gsakQPH|yRAIY1u!R>x{kAs7kLg#NN1O$g-U7srP7JK`TzrIDxDvNg6Y z)2tkyDIAMYDzjPF3cS^ZtHtoLNDay8zarMG-y#3MR}1hz;hM;Jgm9Pwhci0}_)jby zso$!CQC%%>8AMLMa}BvCjk$>j3!oNrH$4y+Y2`~fNDyxUaPZ0?jqcmV`Sp{XvOj4=U&iKf5xr9qyXo$h?NjNPXxG! zR(Iya>30be_^cYz!-d_`MRPo--&qcIKr(>7pnJwULP_w=CrEgFCZ$Mm#_;}+1S zJ1)9`Om5i5y7H1&u~=mfV`z%+toX>9B0Ti$9rjCe42SsEE<0gRS5)Qr#@eE{3%cEI znIZiq!)jFITy`u!H2W`Bq6Y58o4}{tqt1iR_P0+O zyqy!?dFoWZ(--xSQo7Y-kw4)v<%49+YhE7e2pC72zerC65wRO4r+^&*} zs|rb{v&M4=dOp%iDvL<4PZ!YqQ5#(M$cpf zBC4>Qj3AoMwMA>CCSzAe!C-Ol%6oH_@Q%qrd@%?bUv0hJB6Ypxe0x=I4Bs6{J&aGM zxQN=|+xYrZWw`S*_G0Llpon8oO5BqpIp@{hg39^q?;~Z`;W|F6Lu9Y(LqEGjB;vcP zEo~Vs>;nFp-Y1CcCE75!GO}^(fm*v41UvU`4#ib2nzncjzgl=M5K>mF zcLUPl&Rv88LP_`ODaFLo)1R+HF;Q@w&1gHdHfFLWXX=^EPR}n&3mvjEy|f7Jk$^@x zx*y6xw*kp7 z;`_;O-+~FQ=K2T3{at-Umu*kOil?oj^BpbP;(IfOp(-6yxHNiFum08b%v(*tsZGm* z{!6w@Y=}SB#h6L;N_z2Iiye-i~MPxTJ$}=T_ZY#)#5boJ}q3SsDnZ*VNPu zIC=qh>*+KwOf?d`_R7{#0IwgZ`sKsA<@3KrK6H7C636S`8w;6j2K_Otp$?wXZQwoEFOQy?zL7#pgd5iE|Pdi3x9t75?6>oOu0d zOLG-cwB89?<}SOy!QVHLBGt;RkA&rM!2G%XFNmTqsbrX;Y%o4;-M17tXq}Y9g;r3# z+Q@JKnTPr_2LDT783bBn_91@cy!MjvjywxhKZP$p;=1?Y&_eu0RgZVVNMzx^;5Ys0H zvT7dHi{S^2#J{~6yna`*O4a^MMs@Fa1?q_zy@1L6Wzs_eARQn-{Sm@$1(wWPLMq_&4o!fQ$OY-qmQ#HNs;yKiM3r?`O zi?bC9B?bRwWM(QkJ0e6!a&Elc1?h&+tylR<59ylOFt#|73Ke2@Nbzla_2GG<4byn6!`cmKZUFTJer6zg|%3 zsH7BbyR%gp$KxV;^V`0K&fn%#PgR?1-MPeo`rNbnN)uEUU)#LywK3ktU29zhsU25k z0LmtP9qEKNkd{yieUlBV7zDy>+72aL-;7?bVD3p-zuB~XaSj#X0~0KU?9lMs|<_p6ZlB^G8|l~bW3=LikBV6}Pn>irskher z_>E*@-|oyx_0NuQJ4nU)r|e- zQH?{q+0tw2Q&*UujW+Rdc=x0q2{?3NQu&DWWa0ldOacZ8{O=tmA^oL9sLNx)dGTy= zg68tFe=m&gsI`{&U-xFJ*#WRQqI9IHA$#4TLAbfPym8|}zuz~dANMQ9;ao;a_8&Nq zY}~g#IpjR<)|Dxw`w%)t89|9P=W>YL{@K|{45QCncYc%k?GEZ)=C-UbM5Eiw#=7cj zzQtGC%HG&>G*yFkyVlR1gq+XrP>6!(9bN)dRHkU z+*gH7;vlJ`_>pg!!q9zOEs9)9biJZ1NaKQgq$kR4EkS0z5Z4JHg-TO|!# zP4})_^^>Nw5YVl-Q&~fl`UoJpqW?YEB;~m3_(D+&)!0&`U(1lH~q zuCskx8`Y#%*xFrxKJ;bb45xiKCxWnP&Dx-(@2@)<{}Zd++Pga~&ZG9@8qNGR6);gv zs4*Us0)A%Tkt52a2!v*`zaI?M=}LfXJYrkaNF2puFVv>%BXIX4rwCN({7>)rmpNTR z4)|GM+-_~d9@Uj1!UJOG{SnFYJPN{DPsIt?rB_8KpRd1!lrSm-DyYr^M%*$I`#ta z^FPMsf1&sOe`;*@{KiW7Q46qYF8?t+e+4!CV|e}psQ8cJ`TMr@*BYKLD`}Sa_jUn< zup*adrsXKz6T97;^-{^+ox8KmCQ`cm>_zwIp)@uyq4Z{ho2+o?n-VhP(2Pe9r=DTj zj2n#E-ZaY5-)KCls(s^Q2Fr2N-!|{$i6&2`pzqwWRrkaMg?ieXut{8=nsi_n;o?C4 z;LFK+FSe|y(}e?bPR_pN3oSuExQN*wCh5yM3a-rt2TbCq_$l>Pyemvarh6Pm_4n!a zFSWS@4=jA7vP?#=!2(qhN3l<@49#g_=5oNz3VUJ!tWPY=pV%lPs#g&~q~9hnCaSxM zFK$J`kmD^n$B2l1VJYd$gydBqC9&`Kh+S!eZQwDULFosl9UvBvhq+j3<;8}4t5*O% zR_)eD3<+=PU`lqfYw)FY_kF|I2Yf8RR|D}Jt1!;*Leap3XwQv%-a(P5%= ze!-Le5t+YzUtqQW5t$z<_pkX8|A@@rc2obcGJlP={%q9$u`+*~X8%~3za8BB2bld? z=KfLu?jKO~`#%+!v9Z1z|7xgPzu5NC!FkG;``YqiP4>&vi|L{ZTE3NC z7V~e0)YfNxQ%QmAVPO#G-w)e}OnegJ|Mr>wO&IAEbt_sIW$O5?4W^YRww+N?G1Qom zi77Ldp&7`y+Jcllf{>=cQ!9UgYa0B#C>v*YNb9@kb<0`{@`2*5+?uE2(EHX$M3n3S zALXU$(3?}>c)#e4C)&1hAJQybD`U6INJQ_Q?xz-*!SCUF@JOLd z7*0)%d$^4CJJkcK2VJP`f+PxL>z+>&E0KCa-_;yDc|Nbf;a%EF&Lhj72SLd%?{dgXKiFyr-QSDy|s z4|4r~I1WJKJU=Nq?xNL6$z6~pG&ABPs)Zj;;TOa>7#vqSA<|{rd4E>OT!YHo{^Khh z{zURMbatZwc$-bm;9NNpWHbHJPOODI!Pmc(-{vmuPvS03aM<-$N7(HB%aa2c{yj-C zT+*3cht?h+c@iG)$tM%WkLYtt4JBed{?pTv zpD>~5CBgN`*c>G=d0|Mdg$b;p%53g1{+pWXU&+_1{4~mbX`|8dq1Yu(58Dz#%$n=# z_XHL8PMuu(*2~wF8nVXKpWH#T9jnSYJJ=y$=QJa~ZeRX3sQDq=KlHIty2ReQ*~?P3 z{8Rf>@+NoOL{U&Ht!)XHRRFbK^s3^Da zb~rS?aCXG@W9lTGnhMW4&%y2~bg0(kozU-aYP0$3V($%~cij-FF^`26u1GJA^ySN) z`u?Vurr5f0qWSG-<>zbk4n6?<_O^_nQ)eE6ilGJR7DOvwVyGG))rHc8fSQ9Z6*D-3Kpf5nL3u@{ZLx%fVa*Eo?k~Kc`=mL+x(hIT(V^OqNYQ z7xsCdZOg@*$lKgU-bVKFu4*cH8(GavqP)#}lKA&F4<0<=nZV3XzQNwwt@U25Mc$R9 zAQhKto1aq1%2@OLoncBTy_aaT$Ri`p@Q# z0^uDE%HxUB9lM?F1n)Pq8#kC?%SZ2*;gqs3MfdJt?pLD+M^7)06iV*MjIH!}tQ50y z_Q_7m9j>L@tZb}H62rqQTsjP^g7@$l)_5f+Ctn&2dxt6ApK$h`1P}6-x;|*5aCpo9 zws@lL13JL^JF1+}<+PyF-IbquXf@!Ck;Ad3dWhj|Qfox$}@)Ud4t zsX!;g$Q1a$6VXNt$?k)LH5|-}>Jl(sY;`!xhOEoB!cK)BwEzeZ{7ilEEbbZpu$0ev zZEfw5_Dl}>Q+?0T3&#;<=(@Q5^vdF7fJEarljcO#fOi;LK7(ubaSyS5sAMyknb`|O z6R5co4FzXtj(!bmqU62kj`=<8TyNSK!De#{iwNtC_mohGo?F%Z!CIRzD7?=(_gzv_ z=c~d*viI5u!P26^kr65@p?t|cLFoLI1|=E#g)x*Klw>Y#z!PF9N!J-NmNQ68O?^uX zjROJa9fHMLbf%VN;m@vGT-Uecc@skksV?0G7nj9vEHBRSILwR;;&496$y{epaxEy( zqjsPyg4~bh>WUyx;c9o=hAwj*$un==BwciQLiFUx{qDP%l1Z@Egeh<>-;Zb@c_>wq zXOS2u*qHV7u$0dG`=mT5T<75T?;aqfm+CYpMxVg%=bq8s5dY_|E1=Ci%9;) z>$>hGzxDvPWy_XhXOJcrN-LEfLL}6_Rvh*t!9wGYH#C-9&$;vUPMxNTN>C(b;`HV) zm;iVV_buQIq#rX`X3u$$_#H>hx9v&X1--!+tFi{5X zeLt27W7&=Y!^8z2Kb8t~*t<)6_-~x|-?~-IKZzP?i$GPOtBf!a`#LGCoT$fMxfwH!djfN(`( z;fvcve;=S^K7j?!mLrhmYGV)5~FX3~!ohnQ%odabTVBRkr{>P8jfYE<`T?iv0nBD4d z%i4yZ`?%A{hM>JcH_ciAg5geUTfy)%<{f zKEMnrHMzs9!+|!6qTj%~2fe5`3&(&BL9h;}G!9zpUogWl$zm_<`}w1dJ_t7T*dih% zq=aa>ABq*qfkzPtB=2N6fK(P7c>B#~;~W7z=Z$dqW4sZZE8{YJG5t6r@B|m|M4yf< zSDPff%I#tlQHJ(?dLY4fABS_YGC94pC}Z7G_${xor|PPFBBo{&Jbt%P9`IyoXguhv zR0Oq{grklB_z@9!ayx6CS0v`6lT=U5LUwVo=+;|m(-71$;S%PMzs_&27A&?r+dD2& zxZu#+)z@iR>s{M<*Rtw`KmtxP!U2~%JCYRfMBQxpfQrm!C;tV4SdnW4$8quqU!??PiioiNPCaiGN~iHI-FIBv zcQSg`I?gn=W*9e)p`&Gjd>rsY_sa`{GR!EO7|oT-HPfono|-EpErJ_a*{xm@@xbrD)`NVwt8>#n#Oz+_dyh3N>(QPfy7Ap}8V-xej~&y>*is)54&XBx$cw3%)h=aOpDFcYWS7 zsPgtv7|9{N&{pfSJtJXD%hGa;xWKVGuC{dNk8b!+X*>_BZRvmB5V>R&vO^`gx*9=1d+JK|o zx{O4DPO_V-x1(jarl%&kOY(iqk{k;86i)GQox*3JhhO9~-@c=o@9>5qG(pAiSfPT0 zO~Y_Y!SX<=Uiq^Mo`~GO{$McCeYKRNuzJTr9Cl50e#ut*YASuNbH#D&{p(Hb4O_5E z4wpVmJQGPN=$WwCJT1ALM|Ta?L&jb#gR$`*!o#e2AM0VE9R!{kyfL=1AgCNIcMbJw zEI+P__qJ~{HGpf))PV#M2+ETKKbXayO$Fmc?NERwN{>_kQ3_} zl=K%(k-{O;Af?S;o{4m2%_JbJ5-Y6zBQwMo+FK5j={S6S#Fz@#dHJ@6#av&iLA5sz z??W?K>JlJ|OvnFhKi#C#ODW{U3-{w zXySTtWgfb&F1@e;zMN>4iB@ru5qU@hjL;pNuT!!k6azL^#{$dbGUbFx4ZB)_aXdRFfcF!b5pe8={kpB;}lDGu7=p@inU*BcNkz{#OMALK6;-WP%J$%`n4Cw~dblK70Izd}` zZKq@4j=imS4?EFU$?@KaY3Y+oa+SWG_h?6U8KNLx4|$)?u`gp3vAO1~!7;`qccSN7 zXBr7MIz&Hnx%Ia)gT>G*miC~~Lc1m{K)1CcT7HS|&V%m&EY0j|%SJa&CJ175fT~anDLG}Q*lTr8@4`R$OugLG? z(%7#(HxYD*%todl-o*d^VehTOqD~JbQ2;_jR4u+3`6g zk}s$1mU15K>wFTl{CaG@Fllbu$w-wtt}Qns16?Pk*SCQ9DzY2c&f8a9&PX_ho-};6 z;C2Y(X1?tIc(afKNKoxHIskpz3H(EO=#2UAKl)=z{BO7eMcb~Os>UZt&UaPLhk1cl zW%45A^)(Akn;I{ukk-(*3SG4*EsEQ9HAX<2UD2$KHGlc5Vo{t*ya(}UQ#f|CGI3*u z$}K|iW?vTSeR9<(VR>SgsfCa8a>=yp27LYI=J+-uqSkKCo)%wWtAd;dt|2aCpPvI0 zt{;fQ*wfZ4xP_7zb86==lo5UMvGdL!);aAtF{0&gRn|aZ(l3o&J$L#7ar*4=TMM}- z`XjyRV@GVFKo@$pl$fM(L2|Xi6O<0R7{pd z84~UVw~_?Oe5W>9#a0lO;fMFJdxw%5)T+vvtSX!RSaOPQ{&7M4xAPMABw_JGBG4!-l zws5H1QdBliU@%%e*zuDmC@vdBaiy5XUA3@8rR;7<$V#!!^&}hSnwxEWUf+?T5F}DW z7pU!~jIULcc0JO+Ki07?1YM*c>iUAlMWlvF56?v@8$Xq*SK>F*C@X!4cbmnF*SRJi z@r{#+cZNQDbD+VpaT{#zBxHh^y~h;?sZ1K3U3`FXE^Uv`*T}qn)dj4smqFPR-{&f0 zfe)mU+axI}SeST4KOd}cKHH#X%IVI|bnnQ6Z$7FlKDD`pW4SbpeR6!%@QNK9(^TM8 zh0u6=X!Gy+hx;6e@p~2!l#WyYom)dlQsuVZQ(Yd8-P-|fTl{nYc`LYW!%NIek42^g zzy73{r)iOyf*o;L}n2^=h%YWxSr zlJ*casQlxT;^}PF1kWTn6*m@Sr=-bltWns(6F3y>k;R$5=RHt+P3#i3N#R&He0lFpx(J(Ygu_;{T5q?7q{zCxeqZ)MYerjmMR z`!&`7RDkN=DZq=2mwdOq;=F%*U{Sy9iPie)kK3E3wDAW=TkI&;8g96?Nlv@Vq)BpU*^SKE`~To-JSbK$|+aG0A79Qcd^XTz#@A9n-F zXdPxZWdh1sBcc8E)yyr_gA z{}Bn&Da?r5H5$zek@QY#`0UsLPBbhV34#A?jwKEqMcTkVJZ>e)%*gMlsb4T6NIqjv zUL?h~k4Vi_)2EcP1sUn_o$(_{hro9!H}c=_cws+0VbSv#i{F1lf(Y-s2f_UIbg)DP zGP1TK&F8_N6%Y=%Lkb>*B`UwM88EsiQU?2%(SL}t-@W+1jQ+otgZ?z6_)Z!9@-L(R z73=jowf@!UKgfGF9kkK2_~Ul1iW>-L=!z_>Q*Wn(0=yn&tP|_affe3bBP89Ph5L$sKC$*L-~x&mNEP zgU%-~h0*dxP*dYX>Z}isncDpRqaQK}|AVc*|5rSBWg;Q9Bb_TUm+mS-t2G^qldXDY zdZ_;ON@t@9WUj`K!(UkIeIad6K=rF|?7Q5SuIk<(y^b^^=G|>}+G zU0UfqIE@@(_dj-od*N7&TBr|>14VnnHJ7TM(67aqTBX5)Dha_?XL}*-r82j}C6W=7 zvF2s}Mide_RnN(;K!e7#h5s#TeD%nE>_F6`*I2Q>cJ`3XPlEO$N(9!E!P32h0lQ^j z#2o@2F;xZO-+uI`hU~{w(5W3CnQhS{cX7o9rd4%OU)6IC^#(6jL^iO^ysJOhh)wHV zO46&mC&tiraeB*Ugqe0CY2OJ|Rp=D?R>-b}N0PHNAPMd%Pm~NKnLj8d`{tRqpYLg~ zY2c1@Zc2-6*g8q{Uu3CLOv|6I8;tBL7mjUEU)f4A2|j4O=$o6rV65RBeA5ed+DJ;? zbq}&o^`{?6CU!$Kv#n?*+L<+T8K=}z;X3W^U3tfnJuT0@#N)`@+1?3Zfw>k$XeXUE zBTaugy5N6nA$yS4SY@r5;OEZ*Oel<;2Hjt(5xE@GE*I5u(8jGCJM=EHfqnJ8gjIa? zYsy7YOsSRUIeY@MUn4F#PXs&}%~n(yEcb!(KmKLreu3YA^z%g0IYb5tXBKhmol}-B zYK7H0agm1mvkn-BP1j#E-9%0BSwD?>XtF%=!msk2j#i0J)}t092rJ2dW#xqaibzDr z%n_RX`pwV(UPt|1vV}(%K%?B;a!=@yi9(K-Plm+?A0g`X;vn^MS74;&Jley(L9EYr z`{BM49b&_CJEO#f$fvX3fzeVeNbkfpM&P25z<(;t#>A52*__52`j@{>E0tA>El>5U zyHviK+{7_=!M5@W4XPyBC#i^U576~!=Haca=(82shudup%Ejk<>x?v3#yGkV<#_0y zQjP}#!m+ocb3`_3Idi2AE%1fOr==5{EDOIFExqV%UegK>;zCa$uXO8Z_<=wK4tKs(1K0(P&*+;qKWOHJ;9Ueufn-iaRJ=rxY| z$E1+PHiMWSMte}`>ACbipLQQYt+XcEygjx3-iNA%Q+T_Y8m95(#ooEW1cZSx&p~+~ zMOJqHBb`N1E3~Mb%|Lva)A*~e+}(SK;Nnm%yDS%@i!LnZ&DGM_sOI&Y{I_NM`q&%7JC$^_o(?K>ajUI6V3JT%sjNjs=lx*;H+W6jdoC0^lM<}qCAjEco6 z+JBiQVg*%$?Nkj~p2UQDO>4PW^;A(ykDW1V%}g2V>++YDlCu3kbX>3JpyJd#jXOh6p-e)ICd~^4O zUT+R#W3Jd%Dccis%;0zv-)xH1D{h@|=1O^!oGj=zG4f%w5}mV0%i+r%2ghlGLy6#` z5@)wXOS-vLMZKCV8jViS$VgJMn;fVQ2;ARA|9`0jD)efvz6h4oO0UnCMH;^egz!E(3n0#A~G^UX<+n|kFoO4F|3>Ag`rntcBIxc z(y}FkyMA$KyrI~Klc6x8BID$;-(>8xeVCK$L~s_@WMD)>&R|kwwwUCuN3~+L5>rFH} z?;i%q7h`!km=2w}sIpQvl8knaao*?b7x+5SL7nW2!G)g1Pvn%bdqpg{T6N^fDG|Sl z_xe1w`N9SwZ}8=V|4|wiQH!G{gURk4>t#1Iv!!0YnxK{I)T;MT9NM6~sPWfNln04g z@~WlW1=oNd=~t#PybEg~^pLZ&hsI}|gtN;%W&8QL3gFi< zh_Lx$d~h0%E?RpDI~@0B@oa|T;Bia;$_-_g606?uP{c~OjdmWH?S9lHOD)YxbSaT| zfyH8#5LJM@z$-fIzyxH=$3g``9%D0Pe0ySzH|zc2LU=Rjz4|V$CEzRK9-pBOZ9|G|tK>Mm@}~ z#@~IR>)a9i!t8k0(mc^$d$C?SksPmbg79z-r|CL*9kxJB?`0+Sps>1#>gvicZ=r8r zB%r%Q-MU1f>yYi7d5;3*3(Kz)Ak!e?)?ibC%)S$!gS#14u~K>|(Pe zXR7=*50a4?lLXV7eH~R2ygjutOIVy?e=;`x;$~!Z-sLQ7gQ1oT!Sth($~n`W-h5Gy z4q$y*MA_}i5!SP6wJIq(K`pr>h}}71Y(C4T_tz}bI+?m%{}&Gwd6N)Fb2m(j#kD0b zgd%z^I(=r+xH7=>TWxNwmz-2%M8NL9*6p}vTaB`A{6j8@w!h!!8F#WD!2oxPstL7mHw4tmOhnw=lzq4`U*ioo`hJiM+S!^4x%w|CgTI-YTyK_LtGQo z&}Efn3{C46%v;{kk-{4&u%*9dSdF(OwBX^-U9blYWZ=GT4%i$SICDDgrv3Yme!mu| zt-mM6c3^cJcf-HsiGe?FU5Ubh^9{;7ulzju%C|JCn(@6Z_VTh$a}kJLG1@>0j)xdf;$SoXXF2e(DrjQIQorlwzI}0M%5`yG>;E;n>yrrK>Q4ChFwm^ddf=MeUPI)0L-X2d;h1uf`c!}S8NWXhY*#|;%k={=&$YN|>q#{uqy1VrnT5RS$du*i z24wBdrmgHgOL=*hU+cVsxhf;0m~d>TzxLhV0~d@Irx1!Okb$GloPC``uJeaLHDJFr;^V0$R;Y-u*BJ4$pBP=HDmor zLxM8Plfba`v}4YH{&)-8_5|T0N#i-xGpU#N(=*V}IBX}r;8Ch8QngK^DT~uBdeAdN zBg-y95YppLqje|98_vCJZ!Xo34xN*WF}{>$tsY|^c}@?P@^X%u)8~C5ja@38=fi6# zp3(CUcAp_DG{96|ncgY)>o4m<@kN9t4#UcAWR>%IRpZW;$NOr-eo!7CzzCFr0$9Gv z5DA99;$q$Ip(aLFR-fZ)47-pE08QFK$XTiUiLDrf%bRp+x`QGGq8%lfaE_oXhz7dKIcH zn3tqBb_OBZ1XOi=`huMq>4|tCtC+cC(1TG zSL&>g5G@K3)vQ5|wlf}~p+^(vJNvZ2``Co{5IWx%Ma~rT$_*C2!m`>IQzV&^5MwxV zYv}WJZ1a6=a7I#Y@UJ;mGx|qoa8;sFK~*jzxhZyw7cL=i08W%IBka?@*c)%tlB`NW zv`8}&SxG1=4zCX5lPa>Je2GDyHBD>pd#%FXbD?8NcB;_x%L5Plbd%T8c{3>*EKVL3 z6hi01Me5EMpdud+%iWN{f_^ofrijb00U2QCH*^1UefDD!VD&LFGNSmkM)S6T!^x~Z z98y`y5vbP1JT|LZ6_%Alz}DbbsN7S-vNvQxp&-%YnC%pgz=AmOG_OI^{B8OBrt-pv z$@4}(7q?$SABdb`y?>Fw&8lDGcw##7G%&ILjbCw?qb;_stj{Q8yZTQ9&L zST_6)IYNJFHxq5vBO)#rRm{~T7&)>HWD~U0I$tzstdzk(m#*N01U>T#;sZv=YCBI7 zr2r(pb`{n;i7_hX+8#K+#eaX?r}|rqR%P`;oyGAY`v=@azoGCzcpn%BxMl|t$?Gyv z`@=Q8D7VO2C2Awp34 zy2cXppdhbIBn*=yCXs|7XZkeT^dEUv>8{-EzT7(ErYu0}9zfdq{GO(hY7@%G7(i-w zsZ>#0xy?@R8`FT)-C&PkjGQMu?D)YIS@{?RU(xhaxnze-Bg@KbtUc>0L4QJ?x)IoM zsqbLN=a11#no1zU!QAp!{D1oIuc`27Rm zUMY<21K9a6oBGwQE+2PyECTF!S_m>-O-phN^((6wDAxPnD}j3T%4|rfdwZ=asYo^p z80wFzzQa&=yML;x`8*OjQe0{v*!1SPh0vM zGE%TZq5HcX3OOA5HL2-HceLGm(t-HhKMRt{CFQ*m)W`^I$l>UQ9SU)gpk~B%n@P2( zZf6)Q1Q-)jL#-$j%zm;q*r9Nxg#zARob(GJidI!-AbiCdx@GDSr~tNu<|F~eK|*T4 zT@#u8ZXpD5)4yiszZi!#-0^?S%#Ulif6dH~1!mt-ROVkZ^H&Yezh>sIJA@xs_YVDQ zX8w!P|IXq5H=6lQP5mI*{*7k-a=PH(Xy!Ya`!Q3nwngFJXy(ULRsTjaKd8aJOH%xs zH2ceb#=l9kAJbspS&6kRYXAR8niV`GXK%|D^-!IvNSMWjofsU!<#$Q4PCR1^emCzfCESoA)o74s{SKF6QnVdeK_T#*t-ir0F{Q{Qsc9u>VTO z(%tF8mJfSuk~Cb;y1R_(We7MbuFPJ+Ai)CCc2fn5H5eh|=xde6_m?%x|C=Rbf;Q*8 zU3PFGdIsv5xs2tU|0IbYeb8cGTpyThJiawxtzBhpoe0Tu#096mJ$83aTD;&_e?hmQ z2Jhyo-K&Oqr!*uB$B+#Zry-rEr#Va#d>JI2w;mHX#o7%kkN*^lcc1KtS}f_3@Xx<6 z-1`Wv$$(s!`;SXhNH5W=n_>TP1-ed9OjwG>BW>MmZ8Vs6;5 zDn76EL7L>aQo}zW8TQ74G?GB%1AiUJFF+awVzk5=xjkg*i{3iDmbS=py431W?{NxG z0V#h{ z)mHk`I($vXmF)*0`^BF2+{-v#xAFBjN^E@mtJQV|8B?Tbu_EhL9MY(nR=Ho9BrWLh zuiY#Vb(=ARu7TG3k3`_@+p_@vamf7AD&K_*BX=)mRj$cK4uKZo zC0WbB{T04P8fA`QmvvjP?HPM4vQ6|(RJ|5k6S;4XJ&d%iNcO%w_v10xpV9;)PPvc) z78DwV#0fKmL{+M(5~BM;gGcC9o7GR~AVA{$VY!c50P7y*Tz)oyR19ZFgQ%XFcK69t z@!|9lk^DtdTnXLa-RH>8kQJuH^dfwhlu`Se%#q^TJEzHNYiqNJ7jKnuk2KaM7e8`t zH#xVCh&8lnwHpsm5G&gi!heBhhd7H2(i3=jBdEKw8-$PPNXw3Dml6QE|NJpN#>kkz z#_Q%)#oSDK&N))SA<3}GpGveR)7NxUm-fOO)ygsUTwpQDcuJIzJsks|yp{xBT(6Tv z;v&L{?d8fO+4^C<>wrYHz$|gX=+dQ22M-?H{^-%8i?PaaYQu|Jzf>2#S@AU(*}|@U zngy#c(^+C^{^`or(tH^j6CCvZqkB-yYTXp7fs+_nHPq=(PY=a;n^v3yps6^Ej8GXW$x<3{yH$lZ0MG~HEko|z zDmh=2(iPLy{j7#j>M*lj7wti@S?`XO9V-1NF?$n|uvorNV1!xweIw{xVO;A|<7@i^ zNsZUf3il^n-mm%r*;NszHr9?pp)RsG1vW;#Lx=RgG6L4Dy976p6dn#h>g{cRPzjx0Woex2#gu;#t@o zzAu|He+GwiI{tccOjIa3I)3@QqMG5!bTdY;_;gKr+^{CY3BFAL^9|d2QmlJE!P=1| zkGA@aZ4}t?17J>fVu8_zJnTPa!2i2csiFUzC4MaU)w#0a;dN{`->fKAri9&qvTz5X zNR7JWQB^*Ba*q8=C&h?H6qVk2Vv2@2C31Cb9dX`(bMgub#ogWd@@ic1 zoWw?_E3LM}y_o}J!u17M*!pGCj~dGm&U!dfE!2O$12w341%L$JBEs4b;`>P*(VM2_ z$LL6LiJfS&vzaI-Uq8QM31SZIo;`bDgHgWgKmcHW4)g5Deu0hQK35caFDa>&=^D~f zs6hAhxtHfB2YEmLl8FgrGcD;I`PLuO8?)>bwrtr_2*9l`^7GxfMg#yZIXSxF>j8MQ zZe-5v{Ki;c52QDdG0~SKecXMNFV~?##lV5Po#sQn%q%4_bj`YMdU1j0w4$PzS5#=_ zsn3YLW9GT=jM0B|H05b%Qej$4LkTMX%^p?Mn-|RXqC!GD@OV6s9k$fKg16vXiGUaP zjZ2!K=*>Hu}?V>vko;RYA{48#WFi^4<%9Dx=y~1EDJ$jBy~4W z^;a@uKs0TlO&hJ&E^tjA*I|>z2`4VaD6;jhN;Vmvc9jWx} z9!pXi>$HoGQ38MwBSWtJM54cL%H>?jJI5!-R@y(j0Vy}*2shde;p57X+)9!#0cykN z`&gU4%Ayp#5?u#}BYCqQYe&ZyWnU;0e3fD|lKPrf27jM$9XMzuz*SsX)ZiQ6b%`Te zVB@AudiZR+g9i?50|t0ccvAe;0`3HOGt}!aci`b25$v5mRbfA5V=(1wx|l`wnkT z9Yo7iA14d=bkfI{>ni%zXp?grvX3#vs;jtvcsS7mZ)azBD&oQ`EoAgZM#l}#7`l~g zGjxKF-zEhG*O4*sLnOhe4fB?3ue>y$vAoMIZ~4sQ`Hi<*QEwAKKW@90P$2l8P+8o= zqFNL~bhAuQPvdP!*5*LQG+twY8Tn-zQF?tkXlR&65agY!6eoR=fnEnaZc>~R(@F^& zvOpnOjdhnEvFbdz5C%>dA~>IN7cUMGO3mAu!NZqfC+B_Cb-W7a}6cM#{Gj;(7MvJRF-+!Kaf-=qak%on%Fw!dW7{B|EmO#D@Jk!}hzEOS_S>kee^ z(NQ{bdSqb_1xX+*$OX>nn3(WB931)b!K!1VW`^2*>9V|n-Ki|gju%s@D^2ZBWOd9Y z%yv))%-|Klwx;)_flWB;wj|78;8W)EO?Kcku>zzD^(mzxR-}xV=`Mh}2ZPTFKnxpkBpu z;hNf7TEy6dV~m#2W!(Bm;+7VzUx5g@E;)OeESxJit165LyY!}B)W@qKvZ9-Egw{ULavdI=4xLeu5qis>%1R`#dbR>P z{PWr-lLrRvl9XZ#Ya(U4DsJ8Fir1dMxZ>$dYSp=|AiDsC<>iBc1#L#LVL4&~?U@21 zmTj!Lxuxy1O2R`)7kJ*PzKa9JQg8?Yca767vKa`LZ#v_n-6ZiIOn(JOya*ieq4s>~ zrCts#FCuZNq@T#)(?4M1OQr(&Q^-o7=xAMi{Ue0Ts~S1PK#`KE;TAnuy$MsV0HA?d zYBL&7d;SYX6MWmU`Xj=%zW^^%$)u44knLk+0nEODS&2~$^Mfswh3>BXqYmREvHgP@ z4@&GOVfX~&N5{w}Njs=ET@oWb5!#sJXagt^;;TZUc8dTWSV{9WMAxJtnvj~L+M1s8 z{zg2Tv|A3d?X)ZaqVNPbM=B4X>YP@_Qe>Qe{r0?3ig;E)tMH*>5kWR>K0b%Q$satf zLbJ1aFVIWjroDU%lACF%*|)ZE_vd^sA+?==Td&M(HPZ18;KbFsf~cjp_vF!C+;1a?s#+NQk-v!-CzUaxQ2#?^3Z!<Y`k+|6Ihoxv4-*hly>x1FCOLm1r7_F=#L>CN)X_wap(~%+OPdGn z&Ab?<*zP5_PJevZATrk5VwuM)n6 za6NrtdKlKXf~$TSUISSadr3y;D!foAg7x*&?<3Q3lk99Yz78gpAza(aA;r2pD`;Qz zpv&k*tLXK2X_J{>{Fg@#r&!^u9W~ONe!cu89Q(HYmhAcB!2CHK!}p4=GYvESDACjC zltGj;Kc~DPp1Y}Amu%sX=tHYpLNc%IgPQwZh1?{3zLK-h9Pxzmgl74@&jp3tq4QZg z^NViq*GlR|8tK(@=8ito&KF5HYodWQw9hEA2ayr!40#(XNE{|22m@)o5ziYSyuvvh zzPOzv{(~4ssGm?5d&z2|zh>ssqV&C*(O90qc^36Smv?%`I!#K)o0--7S%Zu~$k2)7 zcV4)DsYMruWT0rd6+?XI*&X(4wW43Q$z~L~8NXInD#zt7It;nZ1(=|Wm%rM8SrF@@ zvBk0WCB%T~Jeh^v7Pj0tnc_I!n>qBR476&L(mvqh`n1qrFgZxgwQTQX4G+Am@53}f zQe5!k17K}*XQ3w&jW5)MNio-`ctN}vf#N!*pV9v2FuN-Rz75nD<7tVMiy07LP53-H+r&;&yLm5Dv zi&frDl|3)&K6b`-`Y{W;ZARVeOrck1{SPs`?fM1-s9la3?Jg=VOKlP_GBls>l5*(Q zcbSc+4wVfJ&b>MuHQKT4x?5_TCF9hazS2uZU29V6lQk7f#TB3E3W@d3Y__1@MB}N1 zK1y*pH~SWiBnfiOi#8zeMN}3-fUPg|fu#gW2Aw(f4`l zNAdYiTzL~s*tnkPt)|(MPF!L=D=sV!>&=z+*Ka}Gz6S+RYt_1iKQ{qyIp~nt$7`q zeb0@DhuGW4#~iC16OBy{;cUVP&J#1S&#DS_rPRLmaXJb}O_x%ams?L6U7y<0_q=PU z&p1geCM+N1&@o`9vLz{YX}&ghUa!ofKE?V}d+@qvrL%#FSugoN91dDszP-2K!rEp3 zQb(IRC9+c28-kD`-Gg9tQ{}AL;WgFIL#$cmd-51R63`WGd;x%KKd+psy~xszp-cSO zyg`_h3FZ#fDCUpC+9OvIRhV7uIztX0UWZCOQTf?f%XR#kOHZC`Tv;FG)Hz70*N3pM z_~$n-9(Nhsepn;%7vuSl~r|JZVToyTU_ zqZ8qi_T{=weRiWb!+6#?X+h(sdg{|IRnF?p;^WO%%GCyku4mg4OV4q7DEfyoD2ug^ zOX2$R>6Y8l&nbYyE^N%2`5a^62d+jTL|&2k`EZZ;Eoayuhk6?c4;XLlR);MfsLj-} z#w2(OK++?B!UwQj(iGjznHI0krCjL15AA$gXOS0%Yp$f53m~uOe1}T?P~1zo^xX73 z1Qe0}lFnLZ+FYcQ@p=*A*rv&HJK~TNJuo$@>i9Zqn+@+!X3}SU$C(60f(gfSs~9vz z+xtxN<{2pOw1CB}t8_?NXZc4F*S~aL;O=VX^;C{^TM&SQW`e(`4_HryVwNB_o>dZw0POQJcf3^PE>%%w0i(p z_&5JYJ;h8I;)6Ayt>M=qNPOUN;?f}!XsK=2(hICN;yH7pBUE#Hl+q?`^l1C;+=|L~ zpR9-+4VY&a^XI1M$hIysAX3uC=Nc#7Pnx}nrKdgqWGKX7Q3(PT$`m>0U}ES*FxcEm z@*w^lTSc{Xnh_(E=3MS3)puBfhjsY)VY$l83&hQLA}S`C)Ojup7fKiz`p{dW%&PIn zF`nLz#ZLflq)q~xlqGdIb$$Pnu`KmZ!@GjL4>%u=E_lO2-0{aNjep{Kb_2*;{>?M*Q0%8nTDx0g&2&6}!D zdRCB1(8UFtq~02R81%3s0o<(TS?+HR(fLbFnIVE4C#}JA+q^HGst+%Li;$yOdY+qi z@fg}>_N9k0l^j)ekh$YnT~j6zQ_@-Fy2+?H&In}tp=wLn=J~BTd>seGTq3l3pEqev z3+{*(Rcmb4y+xpJ&R_z&x14&b-SF=5N(0oO>ijp_xH#`Msuan(P>mmI7u?Z|JMM0x z5w`*^GLoqMF|yQKgr#A3C!uWTPZxP71>}ZP*Oz*1+|)Tf-L{>(P3$o3XJNIg#+TKZ zp9HiWRy%_`ehiHpZWN+T7vU&Sx|wfCJg9b{)#a*{H^m-}a!F&VE8u`iK75@~)}X0G zbwTcU(VLC78`?23#X#(k2!nOB5@PqJg90Q9%tNVQS{X zHj{bPL%nf)!^8EW{>5PCl|Sr8d?1(M2vmI}JuO#8wGq!OUNiS)8ZK10JvVJ0=SHBv zq%kaJs+#CSWhxj#u~+knw5GZJHNXoMlcLXG)(|cBpkj$rgGg~=V&Y`VWuM~_)rM^Q z0ztqgA!V!Peo3Misjues#ExSpJP&3lrVoUQ><(?YA);S zfYWT+2dfWhfmL;Z4R4-S)hmTf&-RM68=1zgyKOxDH5)8nws+AH+o6z|Pp=23}I= z@XX8K0)_664`!y_ry`-S?`55}tecV3ku9_(9@|KV4Q*u6cD{xyf4E(fGg6HC}o4n4cwfy&Uk zR7ZF;l&d$G{j4K*_U0Hpt!~5lV`xupn#cC->-~$o=eJgpXL6qZTGcz~7}4>LFGEx0 za7ottfzOhUY)twN;BEy-$vt`$Fdph_>kkG)wNC`m@qJZN&Ur@rV@>O$_~?&HXT_u^ zH&wZsTTUWEPC*+)OALPI=vJFbk9Z=qsVA0A=3|EqB1YcLF7(dlRH@h`UdnDCs+!)g z{7cp@sD-_Vk?6F^A8mtWotL1no}8>$9b$xF&{tD1m(a6YkRwo0BS>PB8PTVXMG-H#%Nt;vTv&fC@FHXveuuEjizA|5CqV-lbf- zDYvt~sEyfyyTHI^8`!GNQW)4UQjF;uZS|gyk8lbB)Iy;n+tkdoScq6Rjk@Pmp^6RR z*sPpK*R$_(IEx^W{pdiDtkKQQ3{GvIFMMcremF~XoxBjtDy2a+AQ$G}Bw0RbR>5#m zwEZv=AyjS74oXgzly>Hqa>Dth%*O^+ZFWdV#A?C*(|%3MtcfI<(utfRwQEATuogPSez+OQ2!Q7T0AgOp zBkrTg7QrGz2oGF;rrTpHQt0_YePfCgdBXx-^3UPe2M-<`fen~PM@AlvzBiSPwAAU* zeS$@xR?BunR*YX{i`5k`vzimKRiS=-qFT)8e0L3G0ilP7$4Z2Iwi@MKDSzeL661=H zMlCpOv#C}b;O73UC$V-21$p_xwd9iSkkeRCzqZxclRKV7aovS}nvUaSEBTghft$Vb z;-@?2N@~Kq24`9BvsY3CLndT3y+&0igZ5p9cr~ zWVAW)g*twjbm*v&yhza4UZgv{0f$BUfh*`U7klGZj9qe`qfnl8`<@D^yu_+_WiCCl z3Her=c@?YSfI(eAi-ywf0e}(X*|9sz1#x0)AvI<1lKDpuK<_ zv5V-7lzO8Tf`BD@ti`;FbcMUmSL06=s2{%}Lx8rd9*dXEaj6ith~H}V`+2T_W(<{` zRM{*2D*c42yv6C!hML+MT*mHX{y`-Bz_#yzxD!_c)npO(Qj_0GHW^AT0C*P}6JrG4 z&7P}50Gx@rf~YeZlBzSvC9kTpnHh(irMbbBK~J^L66q$E#l>6Dbl~0mK>>-@sykQ8 zYlm3#7ee{1YSRXFAqrk;`dJOWk^Uu~9qKt0J;{cs*5;*NTI+xOIRU#C zha^VD#F!9(Owp~ZUduDm=u@$+EKy39mrSh~5z8ucT1U52Q{E@U+kNT5bYbtLDWa#4 zb^~~3XmQ(s7xuuzu*ln3cv}&+;5R`?dce4D>vx@~e_sm>3m$;Rs(^Ex=R?Hl?rvrC zTAu8`1bq=Dpru|f2Gy=Zj#${=^ri8Q+X2FCfO(2>Z8TDco|vANRa8{m;ay}>9U_Rh zRx?m>kx(QfX-~wd&GL$hP@CZ5;_9prZTIP$BKU90pSFEmws>*>8 zQiW2l zIU{TC`<@D9-3J>zRw*HnluDS?=JIsMWGa@qFb)6E1g5Z06Q2i&hzJ5Y?p7$guF`*GMlM zsE^mv*MCW4je}m2ev6{)^RR&P9!Q2)ql&Nr04oZ}Dd>?Te!aOFYE{OK_`<@ItVgcz zB)E6S&I}5=@_C#t*1dM^We3?OqyysMhUjQ6U6W4RoLRfTVgm*XA8*0DBMk{xX!Z2; z4jw&vl))N@!>P&tq5_A~*#HMsz0vzv3Dh>93YLx}(*f#$wn%_teph3Po>hN!#EhW! zlEu-PTSmI|acSEZ7ZbG$e_hcwVwk3;BX$EPhg$Ovwq*{!N6Ndw=r%`W0WBjFljpm4 z@3NquN#RofqMPR7tWNo|hK(rTM*Jk&jugSkeF+4y)Um3(yby{JMs~Zu=I-N@Scy{Lg5F)sq0REaZoB5@3_JVW2Ix`@YQ?O+++iqwE^Ml6Ybykfhc47D z=jP^kEmuU_;Vc+&ET*6nPTfkP7Kt~A5pQa0g6?}iq?zcEq7>7#!}2`uv0%-JW9*>UqoU$70lf(kGKEA(?B{ZHLV_`JIKh)90!d`tHiwwogI~^ zV>(vA2?WvUObbobE49s~*}g7mS1auy_qj8`34Rz%1fB2jUWD(i zB^Q)KPd9KxdRT_kQcaqKF7%V70HX7`kNE!nYg?$PO9~2PpjknsO$%Z6*Rb3y1bdUD z{NVK+KX`h2I?R1tk-5>pknf7U1?lLqI|s!F;c<4mr#B};;?&*Czh^msO#Ri#*8 z;RXiHZSiW!p_{W<077_a$!!;U*cfvWfYk4S<-94R#AJ??zC_g5lY|*M5e-&qYG@cu zV~-xFi#_5nqI1-y+hL)iy^Z5;s090-$ar0y>zOl*yn8{FZ6!C1=GNaW^M}XoT!P=Zt`p z!@c3*YizfqgoFkKR>E;ipH)qk>m@E|#l*aUu7?oM zSkJ>Li#d~{k8o!GX{NYJpzo?Wg9>;uc`HB#mxV-}CnHxyHf%>(SMqrSx!>5ThmhpR zzJU0PFE5wp974*BqveOI3c>AL7?$)eLUXwBZrtbrEf@QtmDu<2K_SGF@89+`#Mjfa z_Tb^ebZVL|S~&z24c=X7FmZ_sVo;-oCUOu$3mk#{o#ZA55=ZenC+@{NdiU?ylGgna82AGl!KFVPz5UVkm9 zH61C@Ikp*xw1V;NLdUBndOdiseHWU*2EUpBVuz>v60FJ$sv^ob?Kml7RGIk=aUTeV zhK9P<)`vi^jdjk?c+L==r%U#1+A6EvF0+N&zp$YC`aE|JC7hNgqM*D^U;h00!lu;2 zDK_)bjdnc^m-C&3kZckx5%H_3smVggpPhvC?BFgp4+bamxm%0g)Y@ldVZX zqC{HA-;)0xZ;37b5HN|1W)LBQX?ZYB%w4YGUeL9s05(h-Sh8b zKez6sJlf3R6=ii^Y>%qGYT}o8nh0bl$8{Z=n9te@{q&2!ckpTk8$>R*= zYm>A;r)hRv*a@K7OY%3LelEb4mX@CDz>jv7bWMD%9bG7`9c`p7=}fsL+u8ADRLnCk zk751O7x}~@>0Cs??KCtp+GALyx^&dp-tfHsU~igL%@do>&ds=@=9DkzUg1G3ST?qD z?m`1^*;u|sRLpA^c$G3yo6}iviGcWa(qu*0=%8cdq1u=c%_n6x2T=%;xX%Z_%25nG z$^YcWm`N}=)TcBy_USV*4W<$#LN?fO=J?l*8|T2GJ<#Ce zTbP~l1>Pd1F~@CxW&05tL=j!67B+2AZZpLtfkuePnuhGj-Y@p05@G^Of{sz{PimAa z;ELCfT`%!BD+RMbv%WxIc15oJ)5c&E`NJF8188Q4z=dbzt(*~P!JLuf!QytjmBC_{ z9J#|dzc`diNQ&+|)rg`N66(7&6QAsstT%m;X7`k0`%GN0_cOQTUzP9Ha=I&$4L-bq z1;J-zVewXpS5;Y(ph%NzH_k+j8Cjp7#HtM(q6We1My{bHVbm6aWR~|C<9;BX`S17S zWH_^aAZ|VJ;Wn&Lb&|+}g|+n?nj3*0UsUem1A>)i`6(BA0;h|<#(t%jH6~1?M7*0R z64kD6edo9P^=%nui@@6rR8&+IcbWj*zaC>>+Fl#R>E7Vc5`}RrK=f<4FtAtRtQd9% ziG$kp=tzNJfC;5}#Q=ogPmwFPEWZ?*7r&nH*~U3;=cCe)0_|n|bZ5r{TDE7?vq25T zRf~o3;@12O`|ipxD+PMsIFH%a69Lv=yftYq*qSHyA+TBq63a3fsg))Jhb&B0mXpLX zByEU0G5Gla_Vg}?w36QJ>yL=p1^D*aV=m(lV#E*m<23UmldyB0ewt;cyaexWY~T!N z*w|FRv7??{!-Wl@Q}{U0Ox%*-H485unC$ip*;n?{yvy@aCUU35I`kbgG|s!(z5nt; zy;?r*f#X80XdbUXb9TfYob`jTUxg@BXf4!2on@lPf1U6Ey0rD*x-x+bm9!1}u8h$9 zY?ci3nNoREYXJSRFXnVJwN-cq*%HOHNoE#Yq8E&o;@(a&Z{)sDseHHfBEspIO2nu0 zNsaGDjG&vdQSZ-_VpR+9?UF%bZ-hU#d}+p;JI!UY4;dYDn@C$AE=E-EqkaH(lLYteSNxdZ9Llvnb#*y z7Wz0L6-dj;4`x5j`fFNW946-R!?VRFkg=;LNv${>16JGp&VB5Y9U-fuxnnD6Gr5Oq zzXcMc&|1i)C+-(SL~?iKyN=g53^a|>RhZ0Y4R&&C+ZY4c4Nvt+c&@(eM+D}6VY1vu z0(tk;wxqS^`0on+zi?&s2eS61rP|SoyJ3EjT`|v}_e9&pcM1!(v#V*_yIm@gSleg7 z;|B-moKWH%Msy>)S|q6`(0#eX^F&GKCPfbK7=NFVl+ju%C+lpbipCKgv&*9NEg~a) z@?+n60TR8vGtBP=n&a@O8#4L!b7%KeE-Xhf7sIVQ~dhI*t2RC zm;pAChf-5Esh%=`{DQy<`4gmK`yB{S{K5G+-W63|?RBH?mg+>X1~RN}(Eo;+6qW~} zlR7~7*V2SNTKRi2yEYu<*zqRO>l3n8-Q%eTNs`|{cb;f~@YkJESy{v+6Hd3TYExpr zSjHBxTc4^8gh|CSZvl=pnp28jKTLA$a6+F6UQ)t?uj?ak=m@otO6nFaVP-GpX>% z!yU-FVz@fnmntL!-nT8gYpLassjThLNH_z5uvcTS@^1Jhr%5`}|4x$2JrNxFNFC;# zKTCAi7P|;UBd%>B)d!DLy7Uq@A)$JCJ(NA~ zo2%|v;f>1=K)C5r#9~hZ$DFG(iz1aS*{|5qzECf!t83y!fD~lexXnu5Ya7oS_~34| zn)wx^5&n1$BdN^F9oo#nLF(cY^I^WQGY@vtr7MMnW8bG;Ikxfzog%oPs(fGJL-;P= z*~oyiq){_Ft8)rmsU?}TXB)Z#XtnH0pUkv%RVgnC^d~uHZ29q)W%?c*GLM3u9IQ9QrX99nVczE`@%sj$1gXVVc|zM zo@! zldcJSZFPrCaK4rK!a|T19qf~|qu9`tnYtQVVAR2bAyANcgJ9Ue3g;i!sMh;O7D^9~ z7QWLPEsW5!8k^9USEwqSC^ze=iv8O3^!YQ-rlwS}r0Tl=-PR6o?N*BwwTDv!ZeVk%rI=_h)ml|PubD|H%TOUBJX}r8|IQ&iH*ZW@ZqI(TaZQqB zQs5Xnu=#PT(JbHg5tr9A!hMgS6pVV7ov8Zb0te7BF_rQ~+OCsJ4!w<~pIVdiCKep< z@%DwyDtofxi*ElXN6GA2H>f?m@!K^41_5L)LarCeV(>F@K9D&GC!a`zi!?jW(W$zc#!L$pO>})3)LKLXUpf7!ahACPPg3^T*zOxAjPb)dsrJRgt6NvA zw}OlfUl2BY0ImdGY>>%c$YWA+j?`O9vO9A)9rD<;sk5)$*1)VKC+WiEK9B#@VSC9M z@(Js|5g8e7ds8YGQ~qe>w`|XY_32AM?Sq{?gs~>k)HRIRAIUFJ3cM!P+!~E?&ex8$ zo@UY7o}Ag=dQ&ao=(lgJ5S}LzxPb|qWcZC6+>ljA8EB-u4ZqOL39o>9Q_SxLO!>lA z2}Wjq=cGSZIx<(uqm2x^9);x#`h^{(wRD-}Oc|tO*by!Ahvt8ba={!f_csNGEYlQm z9DF*vYWb%&J4jv2PvPrE+UN7;ji&y>3D#|3cj&zCvcy7NbV{Sj(|szMgJ0*)xj)2| z+u;Fz>&3_9Kx|#AQBsa{mP0d^Hax(*FKSmi@&I`0R9G$ipYQj-lY^3HBrISu6W}5c zfE{aCxk`XsgaCu46ANJG%G{|{ew_NhLi)z0-GN6Wfh{P$V_y0wEQOb53N&kB?6XwY zn4L|bjp;Jdc0c78FZ7>1IXqa9h$iAMliw7M*Di?Z8C{iE!AUz&w@Qc6 zHd$R=>uf@TtjDIV7;R_A9G8+_RuzM||NK)rc{e7LC2oEbyYOFOf0=&i@~K?;THN|38l3DR)Uq2}Pns z5*kJ#G>k|ztjwY!ag-I}blPQ>kS!}CB-^pN%S!g1r|is(W1n-r&+A;A>R$E!{odct z?~mW-pB|SS=k>gvd%wU|H3e`aX@R18T&G$```phTBv_}rdPiI!5Go5GMG@mV^e{QR zFIoM>e$+NvI}J$#35(D$7binTP0FsK6;0eZf~%fVR2N+USy;_L{n)#U^!mBJEKd3! z51PpIaIz7FY1aD@ z-M^lq3g^#Vb<pwW3ZiUp%Pnpw$l<7I89hfA0RTO+V>Hc_{s=S;-0vQEis)1~9b}WaF{>rzWGvMaIs}&R&=rNPH+D zbTB>gTHv2n#Wo|5tX4N#bgfrR+y+SW`)*56Va2tt1Gdp2?Fnc{n)MtH?cKI0Q9lPM z^cGzSF9n}VHjMH{>TxUZrDtoYd+BIMtc(RK4y_c6+`-&;5!}k0RxT?v%xQx#r;^J~ zvy8gbed5E3A7hh$Q(m~hm75Ma?2{%%Vv3rQFYk{JO-vMSAN4Tc(h*N6vDUrwr?}61 zg%%~@SeXQk?Doi|#V;-V(8~h)T!B-|58#!+^KR>=dEURoudq2@=H`s#Xl-(*x!=&F zRYQSr&P;!rt2xsDw8#_i@Ol#nOSg%H&*FQ541*E-Z^&@y1NvMN>1AiBBe(g$Dnj-^ zH6kU=4or9cq&5pcO4_(-U|nPeZ|1&G+!HEDyFqQf9n0RNCk^7-J&^hMKOo0yB=tP( z0yV;BhXOYU#q(yH%>JhUP+Nh6qBL9BYPt0~)N&z(^nt|1KZXQ+h~7eaCRP}4scdNQ zE!b1ID3^Jmk)3JM*=)#u$a3E$eh9fXBf>m3^M2tf$)WnFeD`qO4M;M8|zdsBmv zi-1|o_b~iOTN=y%z7>bZ=eu zW_@(~SIjup=S|^4Tr>uDKA_-O@;vC;K0z88PGDmdBJ|@t*480_)bK=2M;um(iYF(TguAI<%yCc``ezsFL_3H z>`CVOX|IZQ&X;`96*HCe`Ned1dQKWNp{%8gUm0=O_6sisMr@;&J2Wgt8>u~<8 z_!_-^MUfx?zU#*9wZW|~ZML^T%!UVIP08<2k8SOS5&$xfXL_g)0<tPf`qP8#N&2TMo%w!RH0DM9hp=h+YXO8^$3<7|LX zKOYF=bHH&92;&M{zuiPdjx2`ZhIC)N^K+FE2y6y&f}j8D9w#M1&#Mz5K|yY?OL2qD zwXL&rvlqsD$|A*1Nx>Cm=3~?pC@G@8>c@q~ zk)JAoNLEF$8NLx@cIEl==w)q89>xCMMf~h0y}SI*saC)?18lR zp!kDXG)_1S;>_5rbrB#nWPnU;`U-@^%*A=&rp-^O(NmGfV+IbRwhKq12@+P;pCbM{ zG>asb1<$^YlT;BX0qehlVKGLhvp?c$`m-vE&#In0Sx(;u8)xr_;xEy2Ep(`Lseqcq zaP2n$AdI(x1#$~Ng-U`rs2b}tgj5u44D?j=mE}HHA3?h8g7lv=P{IBwF_$R`8-`=Q zV3zy_Ono+Ap7K;ozX@fK_aKrxEOM)1f+Q9AD5fRx27(EQhIj&K!4S_;zy!2C#CifI zkan9z3jc)b;etZ3+1_N#C1glegZ}CSM!j-|dhRXRcCZNJ^?S#muqP`9Kr|iTK==eY z&XCp{aiSg?Q%*#IptTRWXcLiEr}i)R{C<%Np%ZYnFPZH(`2OQ?w6JNXH>zxub^}{> z^aup~hC2;h>61lzjCjhp+mL?dSKQ`}Hbd-#mJiP@Q7={^qZ6Ly>S)3H=cpdz2UJVX zU8;xoG*Jg!f2-L3FPZuU?3Rm6UyjhyVr63=LB**7Rf@~9kbsQI zrU4mJngZF!6PE5rNf{3r4AVufgm#?ZHIEz4uwI0IJ|P{|@L%NfTe6IFL9Klua0kV5 z*g|Rc;@U}stzCcv(^vFaBLW3&|8~ITnPz?rpy+v6K!2auz=Y<5vvz^bj++-k%MK1m zl2tXWAi@D@8(Aaz?(9#bY*F#3+2T%`Pb99+R4(%hl{{~EF>h&|>MhyyWmhLge6j}? zlxiE~oQKdKp`KfxN1My^yayt`d%fF2FA!4v&?22xnFNu4BQ8qak^C#7_ew34g_AUJ zuQjrU)i(V`r}Q{1mwPEqVjoq&PQ!{!tKOCPL1ZRq_xjgW1U>Y$70*Berl(6sDpfH8z+gKF;jUh zcqF-8fD%9Ku0x_vS}gE~hMSWwTb#_B4Yn&{5^t?MVa_tu@gf)^d>QrWpfY&qS#qfQCL;xrRQpI$bmnunc^P%s}+3-Hj`d?%B3U2r?d1|;w7zmPPERxSW|R#&7t+!i3i*+ zL6UZ9IqypDlO3np(+#&->x<2DOWN+X$o`VU`mzNxcjIc~>+|J1(Jl( zN&E9xzes2r*r>N!*SJ{~y(E{ci50)k#}<;&S#F;*-KRjd8Ej6Cv%pqg8_w(v&I)M= z4k#ao)znr+4UC>BvB^#LbKtm9NCB)l5Ve?G)1Qwm4moz>v~3 zKeTU$rxGf!BS)kL2tAl+Yn5}DpyvsE*xqz(+%QL~*sGhcwScj{yyQeRv5kngtI*-& z3yCxB$1 zBCjgL?Z{`HFBgZn&Y0Er;oW;iL=@7F0&8)_7NVVjL9EbYp^ec*V-9;}Q1TGb8G)T` zvstvWe|FmbhN%pLWnmA5FkhEYkXqv1wjG?cG83N(@h1lAG!1eLt?VT&USuzC+Y!+2 z#hf)dI!ceTHMRW1XS_V%vY*AX#I{ccm~rPEmFX{q6Y@(iZgk`QL}4bb=*|1?_h=LYH^>deO|B**b=0Y3AOvw@bt*G0YW6Kd3Rk^a%#mcCv)Ai$_3Ptp zRjyD5^&EQ&W7tgyCQN#QtyiC8b9l0>otLlKe05i-aFEdjZO-Dnr}|>pm)RS#HHT6I zt+-k?gASX_;P6JR_Gz%%e5rcq&d#o*pu?nRjeXjX1lJ))%>_ODQ%#2Bz}a4%fXfZ^ z4#w-Rz$@P_dfFhzKGfG(*d?{REi$0Y06*a0m`9P7vYP&y%{2e$V$PoQlpf<6l8QL_ z++b^Fa)&-AbLGxGhB4TWWw5*JFddO@yxMIRSiMeHk#M0i%1HeI-C2*(RQyOV`}WG> zOEJx{GKu0v-GL*GW5BZp?d@^s!r*7>`LlNCd*iVIlm^dN=kvzu^5Oztk3UuJq0em4 zNf%1xjc1?rdBs1HG48RAL045jz5TkCtGl}fITvVV9XORer@0Gfn>XH)$BMTd@)t;J zzv(q9b7NdE$)?l?oMvM7?3IQI0j8@M=&93xsDE&@;C8PJ@k^f8>voIvx#_KdZ{O@2 z#yPLa-R_^KuY%!9CW>%SY2SArw6#Svo)`Ve9La6AaVHPtBDu|}{8c~2G|EA;pD66b z4&hiB!!$jUwb52H=h}R1T*6~SPY5EV6jEv4Cd#BLd3*bedwNB@w=ave zZ^HhXR0<;D?79to&Bu%NPZJEtMU(?mhvbKBYHUW{-dWD++)&kLr@SBTcf9w$&PwlU zt3!xjx^F6Bd^@p@u~gMLS4+*H$+>s(bWVLN#0b?Hfp8!Cs;}GC z`5?RBY3BMD$nCenII~K|#S@4R5j8nVnNo_p3(q?tMQQkj2-b#J+SKtT;t z8Rcu%K##LNXRAiyHR2!TPdj7p3{kKR0)B zIPsmrv#GeZfd0_Ml7{VHP+aa!3$hIwjQCcZK5Q3rd}wMxnIv@R#o4OF|8C$`y?-41atmVrzQS3#-{^&Ln zgG0mN9?}Qx+>(-#vOeFgJ8xH#nwT@$oaxWeHd%IcPh$G#9NX+>BOeaCq)5K|!l~B*BG6^l!)O2<#CAy9l$< zE=QO2>~2AC8~a%<`Jo$MW=s_wX9=bUC>QcB`K-(`yA-4|@*FZtKK&PyhmW_FO=NfF z-N$R>5-|;Zde5oG$e0&enf5C!MJ47BNYL#(A;4OVEX6UuE&9th4DL4Iad9ILt;kds z_+s3sms3_s6pIsYzLC?|(`%e;HKru?vca*A@qx0t&h9>oq}M4E9I1zG+zR8`U+2Mo z>r8%LBDU{c9%p*%{98q_;)dM*nc9|R2AmHyhfWRb7gsS7bh_3E$MKeq1d6Jpw_EN<7ZI;HV`A238= zVPQx88m9wPf7OZrwx2zxB!t9XgVt|BLdxP&Dp+jFK0mbX)K zr;8P2*g&#WE?PNfeUY9SiA%`3Qe~LapSj~wNuXJx*Jdww$O^@$w{8j#4`;l|L3}ft zKar~_J|HY=5q~YGY#7YT+~klBGlv>ywdP3s@k5+-X}1lQpXB$u7Dmi`lku$xWCb-6UasnE7zCp?x z_rms~p-U2E4%f$p#FprT4x5aU|JA`79P3Ksq$-)riG~q^f&Jwfhj-rWa%01_0!>oE z*;m9de4J5n;IYkO7_yYbJj4&?P0qTBVH@fjKW4`*?SGn|)vuW|6T#Vy z$(*?Zm&{vu1X#?cLiBjKJ4GaANKj_HX0$|R&W=gEK-0h|#xv`ZSh2X(iPNQsC9>E? zzR+7c_p06L6xTz`Dmh8EWo_yWeil&%yLTq}IZND^jR(3w12HN#R}rzXX`P*l%+I<+ z;i}aUfBDuLks5V|$I3@KVVR=(#y4UjIg`;(9RgA9oN(i_bvYr?yX;MKUx@Cm(%1Nt4_XD;PHW<~+)TQadTD9z6`dNB zZFb=*pHhn&T2>h(l0cKCe{qUwxtwIh))GirlZdx?8%4CGw9~;@@h^Nb6H)egM* z`JTOK16~I41*(jE`h6=HYQgy)30_FBec&}D&0Q#p$8u9cRymtKo&6Lx4*K^m2}?Ig z-LTZJY&-q7KlMfbm)VIaXUZD3Wzjnt$R9K*3H!>#b4K~X#I8yQVZ%qZ$G)qNdq?u> z<&-yg^RHYZhy+rfspsZ-a6dPM@7KQ$>+^6 zc;~6xdu~r;HRwAIwQ7}AJk{iot~4=n&XJhgph#?WX zE({Q?50RSilOJ`gG!wZzxMid2~3yFQi9ED1LVzm`mw$)^c%!xrFry<5)ATk zEi&}q6e4%vW&79MnraRapOubqa4&;J*H$VCdZa_L=M2W|iBp^1t|<3<)oP4PUvl)j zUrV??zTBv{JjnZcf8CR;T4%zkyM!RQ=(mulTj=h4hV+)vdLVK4z?W-dq;(QDfFdw#0eo&+KIF`Ek44 z{UCq6&aEGRpL95E?It#^8KC~4ERy||cw)b0hC^^E=-2W@JGW-b9C?z8v%c^Ko|%~o z=a;5V>8}f$?hE%Qjnr4!n{zFMN2=tekTRw`tv#WzA##4K+)#0Vu!@-p%^zm%h74*clchaX zrB~honmN4YkE%Tbg6I&-#fvs0{WM6zU1v-&3de5Ef(=p@cU!&jbFqnhp1-#XrXCL2 zjLT+(jMmg@f0>2ki!SKr?#B|rkWq#mFm}0}L)Rc8wZDX7F+ zEHv$fLhC5b@ju-vR=J-JR{Dml&j@@ixy9~~mGX1NW39F=L)Snww+xmKsTo6LfY_U&T#c>1#znqj4kl>96rO(_RlGr;&#o7#F$~QV`5tJhBwkV1Gd2 zb*HW}>$4;XE?o~Z{qhC{0d^!sX{=Fpw~ZlF$DR_{B#p~)oGP4?`5Iuwj(CU}U!pi$ z><({Z>3a>vm+N;si3RgJ0OnT@gJWRUO3F9#IK-Am<{WW>`vf%$GbWqOI_q^TkabI} z9$(&%L1xwGWy3CH77W(`iF`Hg$*U8piv85{o63;V|9U0l{M0jh7ZfE6oUg(of#kaB*S{tU8lLf{ zcD_YIUf@iYj{q9;?B)jy9N)V986?K_N-)25Q!Ug&mgk>M59~);b}+R{CMNUX;K^b= z;Wqjn*tNS63GR#<>QE;60NoHe!{j))e`pNaqJ7e*c2Nsv9Z10p+!yNe6_A_?ed zyJn{jKU(VmL0Y&hov6R6%mNpwp2-bO*FNTj0)`2fx@tXAz+e+an*bNwi@%=y?SEcr zh1PJAG^I}QA!!ELD6m?WKbY=8Pv=<zN5aBefA zT|##v9pTl-ZBPLo1h3urvT4KxWNz`2f%-4bE&h$$!u&4>0~)P571NotR$!M91fDty9*VWbe(=#JDWx4pRG+y>o?G!&Lvo9Ib(h$BRyA_VSynx1qL` zf0tf&B4p1C22{!6Tp12fF1<4R1L*=dLRX&0aM&N6jj25)yDi{ghYq^0A>wTQ++iig zZLexqm{|MzpI-6H^=#dVbgIfcv4oxEqHRZQ9z$9I4?rv6>~*ja#c--zLN0Ycg-4i< zqp2(M=@@GLN*Hd)D3({Bm|0)hClq4i&H8gEfl82l{GYIus#(Pwi&?hST zyZ8~O4X*tSyft;FYj@c*)g^AjW7?Y93r_NnC;XM?{(nedwK5m-QBqq~-T?dF*LF^; zHn(oLb4b!Cdc?9R=EcQxB5A^|g&TbpY682fvOi6lm;^sPe)KTX&*Fl}LeiBB3w2)J zt)J#4*B+_>FNp^aoY)i}RE)+#uW!kVO)kvzSVrBNS_-jHF&#%+(=Tt__T<1_(VgHP zY+jdxagv!$OL)A2L>Ea@UXSuOM zoK^T4JPVz<-q?dGTcReP$b$#S`x_dAybdu_*-|#t1d-9WjGOQq%Om+S4JT3gY+|o0 z=A9FLhE^vP&w-Ap4(llm08s4XqHq2pD4yqW5kj+TY|S4T4dk&cT`tK|W#WHL?!-AV z(PU67u=pk~lFY!>fZ|HuhJGh54Ad4|e8(85t$c zWchIye_;%etvfz!>=%ee)ho>B{2#}r>2P zH;UcA%JZN8$5_iSjGeR`pLVQbzrpeBlD0jjF->}N<^$H6N(F*(+PO zE>J8BC{{-ll|+8E3)Ecwhlgmx!&xEFINciZNXYOTE^NgOnVm|J-4gnsaS8=`7ed`X z0YLTGf7HE-x(G~;&Sb?^n+7+DCPYaHgptznW-2p=Uv74Pdo)1)X0B-=Yn5}+l!D&7 z-w>#xbwLw^1k80ts=4Nh6yGT!S|lxZ`*y{$%5w!y5VL891DPFi)yRlT+k3ri7(L3 z3fXG9_BBu0L=D;z;B@4=e>KCjiV*=WiOIkt*A9F3R1cG2&4qrFD%Rxc)R{F!pI)f2 zmYw3Ly33&6L(S-0P-Bd_OCq4V?>zFT?_|9T~)nlueG@eub5r9LrVa+t}j`@TI>*_p!0z$%1szHR~SX1*{T`hQ)!jp|N}IF5`SNE?>X z2()Q=llQP*nOnkqe$;?MsKR$U@?jH`oX#IBP1zuoV*1{mFMhhB>iXLcj~m21K{l3^ z3w;X93tDJDT(6QplWxN5i(IFCa>W5kGXp9!b09OudH46BiupJrI8NtkZ`!kf=*Y0_}9dWSNP7@_fqZp^EuyU{oJQWeS9umOtJp zn#DQT#M-9XD&CPT$bM*pR|4f+ff*-tE68P#B0~AXA&}je*GYL?iUj3+%L1`O%c#Wl zbXwwe^^L*NjZ|L7MS#1tUGPe7HUqeq>5o7BYQy11wha|>l;9AVbznCH${m{TaPH!0 z!H*_(-sm-OJCL@Zf&~04c#vZcqyu-_E=RGUCbFcL5T>q+Y;iaM%E*ilg=LV@#Mq0( z@c~sX+XX+7cuY@?cdN*TX%l-?o*YeeV1ZX`i!mVNfX|xJF5os&%!%{%j->VTmSM2~EY%4~x)n|FY_|YrgUw|xgoh7+UU1A4lI^1K>Is#Gq zsDiX2LId1`S|53I2sP9KG-JO!=Cdmj(>yuCfNpbH_>zAivm7(RblW@#n~&x^*wx`T z`RV>n(KOCRe8PNN-etX2o152161d6z3rd`|tfBJYp{Rs;IXNRH#HRfZYw_MNY()k4 zBix-JpmOCt!TYnTL&VZRh)wc_Fel0SQ!D~TuPOs=_%JNShfqq?Y?NxXTpfCbSrxZ4aFeFm>@E2D*G<`umL0f@*#;6)a^ z)OL|NLNT)rJX8bXGqep=@d$XR>mK*OQUvf&6B1hgPH_K5IePBJeW%0SC2LB=vD^IF zTlJlD=VBfheXWdo-0PpxA)`=AFCeg4rXD9_-|;BJw&~57Q6h9swmMcE>Nb#pQf(5n zu8k!^QI8Wl@16J_uFy~oaE7t3(V#q1%XGM~6Ti=H?S1u;ZjiN>RRM=Lkw3iv1roO& zw0*Gt-O*sIX8bu;;q2)P_HP0#viEMj@d>y7tR`~p5vaHE#5UAYyb%T$WzuXXy0pkM z1tQA`xiVjIB(l^vHS=>WrwRbiJG#!yKABnqmqPu`trtuzb^TOxD1Ig;ejH038x+7F zjk)Q5zwo&OrKYM{;hs0?>Egjo!12U|CWWKx{L3H@XNSAY@MLi8*>tbr6zKwJ0oeVU)s znS*y%?(ICpebaJGN~(1?=Iw2IqQEO}a5eTkhBp^nNbmm_-`qfHs_}lJ0s$|>Vb$YS z<6HPll9D^GTd^Oz3Ep2_N}*J4O<@GWp3_OITA}KUQ~=$FgM(`}<0<61(z4-`q+M=K z$n80AmviqH&lPZDGME%5&3+I_tnIVdJzcntM~xkvk%2!fPN7~;s5`iFd|!(k$%3Lq za}@F@cjwe*hn-O;gU%HxokP+wM&S2x1^7}u8Cf1T#9L0;<5U_5p*>AK_H*1jc zAuh2nXR7s#g|4_=d0?{GD^80mQ~68RJbNj8DE$hte|o-Gnq5XeIjVI7rsU}kBkg7_ zc)?mE2=MpPK@~D{bn>n75e(y=;PDa5nyKpDk;ztH2CkNU9?-p13XbBZqks#sg_S=4 zMYk5q-`$z$w9P>rYj>haHFt&+NfLm=Eh9%rt7DaE$?94YKGdJ6A>}N!RM~e@nIPV3 zd33((5no61#nKDFb}v@!3ZzDUg%Jm4l*Hc2oM z*^muB_rZJ((Nh`YzveMLFP5X6ZayS~-TwP(TaDd&h~&!`Aa7zVbIqWjLS(@P6m%Bt z|C$MxpTLb6H~XqSGtNg+_O#Yo6i$2@MTlJF6D*)NDXcdr?8GFVQ`2W5rT!Imai$_! zFQ4Z6g`wSQo=@|RVJkZiQGCjCBQGoW66)*g$8?cz!IOJPziHgubwGNI|^ZK`q^?=|`(}={1H(UOu_|T*}Tx zB^I2WjZNdVdzXh?-?B!~kwTg(f)=}dPb{U7$SW3{A_H}OFC?x3;p7MNLoz>A=s*@c zlnFP9Xr(&X%#)#e0hE2Im#MYyA8tZ$&6hOf9?i~BwJ`3#=5QVpp7lM=-I%_`ojev7 zE`~SLn>R_(oi#y7D|aE1*Uk$=mKQ0@%?%r6;hGpL6)w6>&v>CZ#dNgGOSSN&4C%}D zaQx@{wvjV=(_i251rUNV+rMU~lh7Qw6+YXe{KZG`$UcGInRp#Ssg_RR+5G2c?APAACD@|1ysGEH!A zq#9}2i=d0o_86lRm^+_>&E2Z5lhC=g66E7b@GqvHfTdP!x2eJ&$XL`-N0QPO5)~}| z@7^Jp{~wJLWUB$?>+k64giXbdC=lw^Az<+SA|fJR8n!%)SgjBS35tsq8>kiBPBzG( zv|4XoNb>AMa!*x%Fd!qcEFc*{JfTHsW?&^`0FEDCdlxnEr+FdDx=6qFWItpnl=Y4; z`_smpe{$5Ix#DbR80B@38rE)NWL9p~pdR;~<>G~g73CZHC3VRakhKVd;98_SL(0Er zw?_|sy28=%XB})udH{{lNuZiVe^1|3(J*Jd*b9KFX*D}g(^?E=|7y+%Q_ zIer~0xRj?(dQo%pI9*7f70YehaY_yxtJsHTS5PC4#*Y8yWNiqL6&0TK5L`!HBOK}j zV%2cE<=lc;aX_S8qej0Mz9DoHSS(dM9i3}bJO?2RIC5wn>Wwg<4HB@2ZRka^;t~>@ zsJI1OqhIsS4~DCdbn}u@WCKl?BADb&tY>yDoGl0EvF_an6u`A239y8Sb=0VZZl#Iw znfx$iv|rkF>nBn^+ZJF%dAr4c6{Y1r(F%boLLSbleRhNgL2C?x{q8jCy}MBSpaYDr zUw;^JWTWo@#Vj$r(Q*)LySw!sC?GpgE$tk;Wj zd)Wo@$E-a-3`3^;k);$>&Gl@_m&=q?T(mB7tO zvDX1vP|1OO>B26B|Bhqn%J>Yb7^_$N1hjI&OshMW%;rOFZGf+}Om1!)D^5-$U|7cH zSAH_w1b5x{^zTG;VElXd0rHg) z-7c)oQ2-4vUwfJt{S-e^<2dfmmx$CjQs0a%cwRr_OIdk(CD7^wSXf=v(xPKwt2w(% zG@G+;L|FXoxEzlFU1Dx3K0Cy0w63y}xl|~~z$Nn4VV=FX(@Sf5qN4hShuurO_!Jx+ z9WzVx%*@O(XY@=Bd~*?#Nad-qouK!NV%fy`dI=r%`aRyDNHi7=WASZBP-{m&-GEvG zbIASG*0)?~LXwq^qAb6<{O7tb$`)#5AyK@f^Zbn&d}3l^>u;Ehjk56^54$((-d1Os zZl}zvZyFkkYo333QYtfb$7WKkji`3%)@8iA_O#|FOjMjciudvHF)=d}!20^Pii(PQ z=ZR(pM5pwkx)hfJrRpdsJH(xZ%SSfE( z4*Vh2yfKUH`5t%wyEool>@DC+$cg4P)4rR34BoL334TS>B#Am+_(v-pgHg>?{1nui zPwb9*E8vo5P9)(yZ+4lgJ#q64kc`dq|A00#oPaijx5wxYh1el!4E^&ni~RNz3_}{@ zo!j7jVNytQm(V*?h8$Ts9Xsxa+~kf_f8+VgmPB{C@yqqbf-cO8rwub=+G5Iv?sG2L zp6Q;s_{FAdmShzxoA(-z0M;E!h3oZz8~P+=$p{8L*&&%dcKWzI3Ue3KWVc^7jk>uK z@`@E%AAa=?mdte#RvM|aC~#dw9onbsq0$l&l{vN( zDlMDicJZOQ<|lLp8z3wD4o|mUf{)*#F?+xBY_(79C95d~_9CJ(n}!XO7Yq0$XYe$? z1TGiMpAk>=E;G;XHRBb&#`yNoYN`8JwGFw`BDe-)V*p3A168|lQnq< zK#{7?4vq68@+>Rc!aPPlf_p}o~T z!)&JGxr|wVM)1_17WPNq1JU^w??E%G8KC2epv567Xr9iX(Z3`MPBnL$8~vc9Kb)AJb^ zNighaC9F#U5aN7=->V;L6`EX{$uv&>##{dg$*y%b?51!xF8AUZGZO_?TXVUE=a9O4 zdDF#;KDw7AS=uV-W?Np;6~SJT8%Ny!@4#ACjTrL6*oO=E$U$SsD-d2+^^er$OFW)f zz|Tx#(kedaX=r;tFNH2H`X&4@E1u0?Bg^-}6s@8!zPVxyPy|}dcGGxcEq!)TGZHbt z8|M3gs17pFZ39WY{2$$@aeDiw<)LTJu6pqU#$@XdPLwyhKs#;M${QZ>TN7eX=R_Wy z6XO)iKN9>P&Jhhy`xE>8BhC?E4Xu~R{B|ho$=dHV01xExdI_{16>ylh!hwPp>blVu zc6n%bFnqwgL0dLl^4GVKWwD}=D@9IfYa8q9^Lr^I@Lr0ov~H^=xhPJb?9TdcB8n(NZj)jFz80Xz}IF- z(@j~l;Gg*WUtf2F9x$kfh4HfQC1QoK0oXQL*ApE05Ds+FvO$&w0+>&LV;Z-B4X*4f z|M?i!0@4K}A9PW|8QiKuOfM4kE%MLbJrw)pyI``}InxFoA60O#+mSrpWBYzA zvbUg{y*$2jmTjSG195zwEQTOE@5?Q%v${)|d*&Ev>AHng76_{77@m>WJ!6+lFA5kL zidU`|EK^Aute&|xuFn4c+3|RrM{mQHUD*NrD`1KaE+TZ;E(k6+w3(r8Kuzr6Jb=Xp z6V3snvkim)4mpqK65N{An;wN^f4wx=j@`~$rEg!Q(2=X-BX4x{=&p{nG*ZhBEt|9< zzE7`zB_JGKr8m?X|BZ7#H5p*ss_i&(c~ixTURvmO2+JKmy7&EGS@8qt%Cj3AC#XR2 z+yT|KPfKJ=!&wN={jck|{-A09is)+I*N&9W({In@xf|t>Vpf_1Nk?b!KKC^2Vs^P0 zF8+Z!dt=s|;rzQZi9WEkBcZ>Q?VCKRu}wE+3672hNS=8)`X#`(P}KLMvYsy8R?oYj zWuX*G`)Kq7us1}tbaYLNVmjn5ts4}qiR_hq31m^`Z&dq17HC{jd)&~{a%b+i@PHBF zMesqnJ!5Y)4fY8S z_h}zN8c0#|Xsj4Ir-hlXi)A-5G~APVO4wg~Tdrlpo7zIYJ#?K&H(O$0?;?Sg^&>2s zBVdS5|9DCxK1JN4ht-ISmDRrm9n4zzX4>)J9-^Pff@II9Q$}^4k^OoSUD!XmR&AqOg89*PXtXSJ{UR2#$F!qWO7e| zg5e2J3q~FLXsVM(4spz*HylAT)%=KK{`AO-ZK;T3o+d)~lg>Nbm6capv-mV*TC~e{ ztP7YU$XF|U4@-i4#!*9A3sZz*O|4`#VL?(yBgvUM4m4E_8o}xE}|iKg8H|ixgb{k0~q22;=GeN9xap>7fJOEj|=}3 z%ky>Im*DOzW|8>E#}d_E;6LHfPHJ@ zco@z?|Fh1cr+aDVnj-1#c<;67AY60^=z-ZL9SKfgfs5fM!xr-TG}ivp1MV)pM!eHD zG4qyyudnL-hR<;8t!og}RtqXAqpg8cV zTQ_5d8rj!4b;N4jBo8uFV7|XaK^n;l>mB|vU5}7x41{Vs=88O(+MYHb{Mw13({X}u zUh2Iv)gS%sKjCu;T?{h&;C*rJq6!VQL>BLQP{`rzAMCNSJ(1VSc8qsi9!Ps%iWzpr z`xtPP`UYzrU_q8QE_^k_IP!L>YH7dY2#^77W}?yBel5^i*!vmU5T|$&VvOrPmp;6N zkI%e{d-WGsXn#n3FkBDX_UhV2CWa6Wv8cIoUcRMpmC$H*#)wa3w*h60IMwk*v;C2W zzO!@dwRby+t7~SzebIG(K!Z@}u9#;4S`-Xi(1QOBzCh2;3*)HAU7QMxsOzhFodIdq z`YnwAC&2MI(s_$y%}u{?>4*{#emKOv=`r?3f1TIy;MuvvoN?#YoD0`d(nNypSGI^V z%jl)=K+MwE2=;UN#UvB5tC!IvSN|i-q1=S68LCd!$92<<4==PuQJJmye!kZL;W075 zHgMG>I5zJ~41C+SaATd%?9MSfDP`H>-K41aUHW|=ubOE%zDOhCq3MwMOOic?zwQh+ zuQp@0R))eA1@`+>iHuHee~0}`lJ;2sC$;Rag^o#+b#@Bg0sCS^$%8Kf6u2(`h7&=M zMCrOX=J&w&KE}kwuWe>g6ce^?1DX5x-+6hU6VN6N7 zyC~cnPy}8vP^ZP$LVzPD%dLQ(%;3Ll?yskPjwTg9Jm9hz&o=iBe`ItC zC(Zdia!ZYAYchm@XwG)+qLXHLgs#Y8uGDSlex5R=y}EUMy1vu-R_kv1%RzHqT@cPC7A`MC|s&rR*u@?RT2uvXPqTaWoA?K8C&*Vx;+cycOx-vIZ+U?Zn0r&q!b?o&S4 zHmg_SX-<|q+uLkDrQGrfl##T^bU5`fM3fka%YAcEQ);xMC&T3J$LV>lhFa+@0yN{v zT%4J&#nBct+nYZEe?P3BbU@6ag+<2xbJ?3}1dIqoEI-EuY)hLd6HDE)^bf(jr!fHQS^mo-aCZ!7qY3~_N$!j!Dk++M?dPY9-tf{7@Q?X+7 z8YOb4eSBi}7(_e)i4GrVIj>Le01u6<=FYG@z8FS#I0R+&Y#oh zx{h*6dg?QZHklaV^IXFGIw(7fnFb@$xw(G)XscOE$Nf^aLO#vin+G}zzuBMS6xn9! z2OGW!i|~tP>4;zpP1`S6jCxSnpPWW z-w+5hD{fp1Eg69z6ZyeN2gFYc&qnJG)H>~UCXcm@_BcAKIu8F~zrQ1FW`CH|X|qh+ zQAZuK6Z|Br)5<9#A??3iJ;BIvB2pCabtPZLV zwaBPyD>QfP;1kZ)K9%xLWqg;p?Np41(4zsL-O(l%cWBHww(WJ^fXU6?kOl=Evolf- zQ#RdE_PMlQLlq`eBjo7dp;|72^G(w81IpMm$@rY1qfGruZo`-CPPi9^5Z3DuWDfKP zzQeXl?b)MsDjCo3b*{5wbC!LrJrj?oI!Mebjgzell7PE_l;}TZm7+tNuG;}q0;^-S=&CR~R2ReC0M=URP-$1q$Y*QRXxR z#Xhz^T8sLlWaa$LcP*o*dndI-F!DD)CtNH!X(9GaU-7d$TV=3!g>-f zkM0T|(JbXAdDfHaNEYsoE2kGfkK45Z-h}?_88kuR3Q6hW8%ypP*nrCsd-Cc(s6SMt z&oCn)B;;M)ukS-*P-)w;u;XDaXxZ?wfv(b)Sh5em{9k^l9$s$@S5 zpg+f+Jm0-i*wZ>3U+)uDb7J}L4?6CNx4R%}t1GQ%dRmmdAjT+dSo+4B(KeF;Af3n- z3VMYcBs{S=rU1J_RfFc!Cnp4^up*aiPLyM-_t8xK&bzWX(hn4~s@g#2rOzfhJ#e5p z%C(be8M7Vs*ZQBg=i+KO2ySPux(%-!m7zaQmWSa+4Vq{0|01No`LCQGNNnd9@89L* zWZ(Vx`Tm@or~w^USyB2za0dL7T*cDm?ZO#mMrg9TV!o6SQMn{Bg5@MXKen~z$z!w4l!5|CznT>Bd?2#f5D z#K&ogtv|U8$jjo6thm~gBupMPFc9vYO)_Ki&U0D|O()PK9~-5+$od7$NUl)^yy)pq zhISI4^QJq@kqo12*G1aEo2Mks0lWG|mELgLv%A-k`RecsN{b0;&!Z3yU)MUzkA}kx zD{sg=hkh_CVF&?+m3JRr6#m7R{vOg!mT5en*n33enhO{^f;oL%G3!*ik#lje z90s*$=uL=S&}*{hfW_Lvrd>^}@OgYHi^Si-wn)KPhO3Sg!+DZdVqxHyq0w${f!H+n zM+~)R7Q=Xl`)Z@ji(&l2NFVhJi_`OS6N0sJ()LeolByaUrZ`M@R@F8>ABng~%XxVU z;6!e&KIM=|uJ^a`vkaBvIJ{2rG^C`Dt60%eB-?jD#_9Ca9`vPWkVH<% zxepNsktAtR-7A_n|INcb!LP}n8@t8r3X2l7&q5ax+=e5Aof*1e+Btb5Vsar}^5NL4 z+cZgwcFQLN{5DF-c*-~`UouRrSyhOgd7HfVfXI3S{miXBCop`+ zczo%Cbf(^WgbaN=W`Sf7_Fg<~#(RNv`yw@wWG}ZgM_hw#;qv9~&)7-*y)tZ&jZS6E zSNevc!Y!Ur6jxjb(f2L^o%5MBolo$Ikw>8!$ceOclt3;T-@E6)^Zrf3=l1NE#ukajxSz75 zK}cjdU^#8_>R@D38)bCHLoV);9Z}#RG9Q7WQl3?@rkB~wz)3vV(Yz&kZ-Zk#`>-w> zL}}4>8|wMgG{K$78q-0Sio+j$f(ZZW)#WG^Kb?Tg#pE)mZ@_#r+FbCxfYN|~hXX2~ zN{E<(Sry3+mInPz;$XJ9=rY-+3+|_P7L*Ugl#jkp)n#?52np)nKu=?EH3Qt8$V+w= zwuN(Z9?zD}tO>!3HlOn!;Cxm`dxI5$M|o62j&71@=EUao-`lWZlahIkP@wp>&ADdU zS2|fX;LbsaTu*DH1PFU!1gNlm0R!dG|6r*4E7dhz%`%PnAy<`_$@d?0dnW8hX*rx|2KM~v=1^0sfRLuKff(RZ`ppIrIuG9@$ zh=|kd7ShpaI=AUUTOrqIZ7HU1bJ!oOSjw4(fEyR4e$wHX1eHh`R(uIM#h#eUP+0rBLj{tspE9gp??|BpAc z6GbV6lE`dW*&U*iNcQX?d#}rit~za_>`e;UA!MtJC}dtXk-c)+`}cTW7jn+~oZIj7 z{j2LZT(8&j`Ph%g{qcA-eSZ=Efn-BCUua>W?sGZL=*!shHRw7jLn!`i2v z7TT9rxO#A9RH%v*zE2Yp!!FUTQXk@>dmgd7J}yI@7j z6yP`qW@%Fz4>4Bd-ky1{QZSYG0e>=pYFK{D^K}NYKKZ@jt`H<Tl!>7QvzyQ{4k7!pFQ+Z;XFgYpP*KI+4V9$em|2XJ^k z>4rn=`DYlJp(=pWS5_sq12D9rEOD-DR0=>UF%5i~YvVJ12g93^omho^zAKH*5qWd^ zwBw_qCZT3Yl~&^(0VTEj`rinUeLQ$YKGHU5;=%Uz8c0Mu@(!J2x8dRCmMHVhR5_c= z2#P%gZyd9c{$+V4rd&ONOsM_XC~NGJ0a*v_E$#}IYxBM9-pLg|u_L07`K{mcpB)KI4iskish&r9 znI6L<>xORKplsHRK}U`bT7+?ECOVn+KD*w}Ohits-3jH*E=zcAg5{k47@`}mkGb5o zcMWe0?NXXW{p5CB*e$z%s=?Lcdi{t~+kj+;w^e1tu{>Z{V-wKI(q={^{)d3M^FnD%fj3B*i1rh+7F8UO6GSqENW5Hj!=^_^FCrUBzFql>Y0LBwkKlwiMNg$ zxs6Q>v3_@A2X<7=WK~s#chGqyX}tVw8vVQS3chOhZlwK@sh$yjTyb?ZcbEAy&oja8 zhYfapS%-bSIItB$wATls7+x5FO%qa9HeZu%?7}{NTw~$RlSCy6)s6v9sCFo;p}qrY zrsB0E!@u5MWYsoeF#7~=6KDN#v2IgF79FuZeL!Db508+t>H=0 zDHYheY@R%e+kZ;z_BLQNilRwqc_hAI(Gwsm?^*-6C8}qRkp5r5E|&6L^@Vo!GgC7T zroDRwHZ&Rf@PYz6rkkJYWM+^z8={X{{W{)u^g@iWeSi=C+PVsOu?KEUFY5aJQ!gCh z#=Zrh&H%zKVC(nt<6<_de|B(V$;nGcs_%h_A7k+*{~O!7wjRm1%!sY3D7fs$YwCXN!jyyPT9qT(nJO_{}6D{3KMoXxC`w&du+E z=lE`u$Axsh**HBr^MYTs3%9}Py!`Mc@5fE(SN`@DfnLcZCTcSfAfQfn179pZJ(&B+Ma5otxP*0KrQ9GSn=_? zx!Kd8<374SMm#?_{P_04aOK;=4x_c%l56*TMWJh8qJW@1%Eq)0rVF-EXnxlF{fukd zL>|9`Su}5Bp@b?towSb5`ttamjhV<0%RT~;HMn<+$-WI z;Wh0zHq1Bb4$#!Y!omr!h5flSkK(vgRcai5C%+K$FtnqTxo$%XpU&{ugI+Ou_3V@S zvbYh>c14QgYgfP^2=DmiMv}xehH<2HQ{FADE0~6ZM~AaBr>ORFXgg`43XI*h^J|vp zg&IeSe13AkZj%0G_&KJ@yZ|NeS;Ytg)pZzq}%w0|6xdwQbnu>AxLRG3P4hdYp-6t zIw4{++-o%-l}!;`Mrixm&@^&x*q;35)S>1o2Mq41KE}djX50swi(h$7C??sHm??c^O`4=g}@=dTIG=5(Q!+QSZ1qlzI zCudnE?-()=q>$;uh}b{W$2@%&{5K%W^g;d(96i#{f`vx*v(d7hjTGph<8vSt6Zu0;-mdRDrAhk?i)mXAP|Gyg9!2c_8U*%ihKjI8MsxHyS) zGeg5CD7p+3m7aVc@uv)N`0koU6WBckDd%|W^xWm%hE-S&Q!LbP43Rc^$Y%A7Tis#)#WU@tT@tCr+D}= z!b`ozXe;|=%dA(u5cwm(NNrQ=C&uADjA3yS=`}*pPY5r>1_{#IlU_8G0T`wZp z%LTRjIgTysO4l;@o=wu)oax=ykzhO>aLn8dF3RCo71kTU`u~!a<$ckkO2M93F0;7! zkL~oDv`Cm6c&`5)?3!^9RfrU0A*>;Sb9izSJPH)oU#ywp*F}jL+Mo4Z%B=9dq>%e>-!ja7G{pz*$KQ`Xy_lL;u+s4O4$RQVo<2g6C6oxBa?;qHFxnk2h zc2-o53FvT`?>0o}Q~a2N9eL z>?!2j$=7K(A}oNHq94U(^Ra&a=twWlV1fIum#{UN?pa#u&FYEvXf-)BCB-EwI`-j* zH>6r#>g?m@=BA_(o7uPm5@VLL{QQ)w?`J%k(v~ICbEU=#IIALBZ+_m*z82X+-$g$; zP;Kc7GAN?Z-DC4aNXc$0G}KLs?>rH%QID*#7QRFUmz{akj#JIQDuXyO?#croxzXGE zM{5Bgp&6XOxTz}e`z6pZAWsv!(xu5%SjBYzjq&MU%Mtm91ZQm<^zt9t2zI}e)l&D# zV3()G-f|mA_SUA7l8pKN_r}a}3zN^?occVPgus#T!IjR_2WjPQNnF$J?pGtdtLeD+ z9Hof+$hdos_S4Ll95JQ{VMFp4)2zyLu%2mSD4H=iJW984Z3ggf3xz6`Wpbs{juIGQ zrG+AHX{O$r9LQj9g0KG%J&MkNtN05#a~``{!0zsag#}pNEV^^&&WcXXz-E!Fdt6K^ zbNE|Y1L|!Vt1h6nq+GYlGL30hR(4zyy@zXRQdu!KH}{0bBz%f=q3F_Q$Ipc#II`hh z?W>PAotf>|>saZ^u^E4=NVv57RE*4Ad zm|V`Av?v&66GWVLB^KNOfnoW--U7GD^}6&8XoL{@Rj?zdb)~)KX&x_Vj|ND9{(k6Y zego0EwBwN*v|OcX4n{!kOVWIGtk(pWg=BiIrQW8f?YpX2pC&7##?QzwV%{Rt=KQNx@muz+3L5l)R zRCD`h49D|*{grPU<@?r9rmS#I2^jvPpa?vw*vsSS2X^n~oi2CT@uiT7ZF>pj)Iz)0S!e%;mTPL@g#k8wd5abX zgYhkpmKj5|lo{*jC=j(DyGZFgL+80&%2N{e^0if77T3a}EO)^q2oHd}eO1=+ycNOfk=U5x4Slq$+Fm5d^Sclia~dA zRR(bcg(C%UGhqsx7#-qf@x#6A?w|RZ^7$XN7x`jaH2o)<6*^j4_vGYcewR7RshOEl zY%=3SOQ~i}wjIW_HFf-rtoY}rJ7sE`EW0BJMNWomtMt?l#CzQikdlT{X5aq!O~v}7 zRCmSKzLIZ7w<Sj~%Pg?{XH@CzLe1B#AAh#+DQzo5~PZQGVSUB?id%cEvX?>GJ)QMXX z;$wGDpA>tCW0yBv6|RcIW}^LKoy`-gt!9eB%n2% zTiDVZ8bWi4!P_as+wQMbK`<@t!PE+(A5Vj+NDg0Utb$%k%to)}|Bx2mynbKkLe@7r zVJGebbV5f#fO~ghsuMeDTkS`ngQwKc+|0v2rtwK>X?_1GF?g9bYPUh5?R0uwn8o+# z(axTw`3pULCS0Chk5oQAb1SAeQ8hg(KYv;8bFREk?vHVWekT6kjCG7cW!cmKP@=K4 z(*_oW0-UP+Y`VvG6Z_co#DR62-}M$&TXwr1;ThdP+vqkw!rHAhDr>JZA8_uR;U zZgvF-7k~YvT)`d-7ni*HF3x!u$JLK>Fvh1Rl|vntb+I`)FGeNA2An|R%zf#$=}!k* zQ4w0^8}20!hn0#+Et<#y_RGPOtNz~brY!~&K;2+9(ou8{16zj_h1Wa4F=k#Co>PoS^3WI()3L&@m}74=MD>=537`l}C6* z;PEj>-X+^TL_eGd-N@6~w7(g888};~DTMz^H-6X0;$<9kb#+q>s>6|fXq)_!J`pBJ z=kfC8#K7RNS9o{;Zu#bWEfV_w~DB(uRKx4FhH29?8k!1H&{=21dT!s<4L0PHbUEX_>Br z0}HfqcjG5<#U2(yTzxR>>#IMj1i ztI%A@^xWn;9)j}bh&N!$|?K&dRL;}S2?OxId|9EWy1ED+UgDF zpTo%1$=L#lqO`Z-nGyP{F@uQb{es{HstJJ(>IgKOP_j1t;_sdaLB#a5BJncmu*3FQ z`{IGp)tuh3rW_lKscAAvWsF6i4Iw{>XE@92B=pGZxW{4XBgI_#%e5+*4z7tB+2?oe z+QpOmRUF&9;px9n!&-DsODrulhegl14lX?J7OI520~?mWS^_&p#NQAbR>d;z-QA7* zYdXb*80gd^A-V$>&OiglSW{{!nnfR5nc*0VBb95LZT?9X#Ga8Z6dm9N!k*v@Go!6k z+DnqPKh3qLNcT%BE6eUoKZM|uc(${=yoWxEUro=QpGc+QdJ2Q5O5zn0z|}0QA4yJ6 zzW^5YT7<}^dkPfBj<-!q2+aVuk!fN640Y?PZKi3vLU1z}%78Z38X9p28DKBaB6&8u ziTG93Ro>#>+em}6+ynKu^%?tRXuD;)tr?PFeeKZ}EH8M9I7ydV1}N3_x85Yecdo~# zz(v#~-XXudz220!kG1FabbWjvr{|aIrZcYz502KR(%yE z6F)E-hn`b$dBOxA2@4Agn0loUUH+aDZCn3)BV0i}WAxgmsFO=k_xt;KOU5B?0t0|*+EbR;&sWRtj@D}WP)9Gm# zMBE;|F^Kpd=Ry1?&-$Y637?1v9U4i2wg_pj{`&D@Jk{WJird+o9Oqlq8Sl{TGaNih zBTV-p&`MqLqMBzxgdkS>J4Vn3`yAQn+($+``yU1`kwza;1K| zgv>oLC!`W&IV8MqAeEp>b@RVf0>u^cPtqcfA3f56Gg-}kt}f;fbz*T^Sa=;9D|)A9 zFQFgRc#pd~?emvEbSFGbs=U~^G>#`Ir+Cg!_6G#F+u7OqK~d!IY^RAG?^xCoT9{(1 z9P7Z0?y#z94sNeZepf@d9WvlMyxirB1o>Yizg)QOWa1iyU|-a5%SmNzhzEXN25m<~ ztB)d7@A09&Z-CaoY@js=8sP83gw5P@$|6`s1eDxCbeo*r z-wRv1=O7N{O@iix zWX0OPa+I@HO$z<6o(B6TuVMY+93e91#e$YyVk6Dz%qv6cv!%M~nI&CadAmtpswwS4 zJvO(MNJ`6k25Q8uI)bEo@-0L}l@e7B0-rtY=;(l<9h^Kl!vh0>esTLZO|K~`-_}{U zSne>_ppO~P?pyjGkuDfOtU$2rX?kpV0x_@@QVj~`a94#m^@S&6icDrbs1Z zWwm>@3lQAf7S6Nh&(kt~7N1zj(x9bE(mrSqao2wT{!^>Tvl5^UKz8&oW?Vj7Hnf~I z>#t?!@Mn*+Ou6pNj`4-k2ZW~!#Rgp?&OfhbzD*w`!Yl>1#UPDrkwQ{miScr)5OGtY zSPr-gb;K63+r04EK)eQW%amyPFPatXfz;jGzzx{+{}AerJ-(g1P-Ip7M{ z4q&=wZ*Ej?sYNQA&`FP7ZFM{&~iFM*RtfY)XO*S zSx^AJ%%F_bPvjhI!48s?N_v+4`c>o5sm}RKnm6%TdX)eh#K%!tS(vCAO)04|+s|`I zB-TlEf%3y>M{M`2*vx>c#u4*JPi_#t=-a-g$6s9bptv4;6-?^~{)%mlg~^2RhcL3$ z&MZ8EjSm)RaNgEbpJGF!H@Hzm_gcr33pogD3knEQy78#B57-=Z5@GO6kwsl8R3CfB zQ9bI3y*N2c_ZiJCX8=sYE5=qeS+OZeu1$^V z%~W$A^VPdQ#%B5*%AOdq>A{n-rAPR#&0OCObfGS?MpeD@ET9q|TsD#a0=v=HRyx1e zEXv6oWgb8< zYW193qH;Sbe0RB~t}Y^gvKK|gf9zXV(KPffGNIYVju4ogURd;T>vx92E_eoeM;VD* z2njcqL_YWNE*ywi8*?t^Cm=x0 zmG|q9rHBaOgPnzw{pa}kMWfPf{PoYmWJ%y~#oI1Io^--Tahe63TA1cwl|t9M--0eM zJ2^W`dyEMzJ9jqX12@1+u-jZT&q7-07q~hYjf@k?LKccv-T`OOS5c~gu)O-p1?PXp z0Qz9JqB)DyaOa~Bv;>#z7&%x@v6p|Lz`pL_yJX?x!u=5GorUx4Rk9r9MS0B6dTUEC z{)I-*7+&O=@n#P z%wy8+exd3~K|#TWnr3l-DDhi)zQ5HaH7k02Rx~w(@>6R{3wcV-NOD;3Sw6zmh{1XG zy^ukKr`+B2_{yb&@<;AZTU6{lNsDecF!i3@sQX|jI?(k!DmeXkjr&YukuW;8J>y_! zeGr&aPKrB+Hmdh)blDK4@5WfXhlBIX2mtsO(^r@Bi80-Z(qkP0D9JFY=*ySXqsK&! zL@a$b(P@ZROttQ1W5EOFXcf;IFK3Xj($BcHn&8Szs@km22^K;eUi_6+G53+6=9kv!86Nb@$+W}UOWU2H4cFuhhXYuG96PH zB}}r&C36tG7X`eZo!4p6uQ>g zMW?t8_IX(KZUy&RRtpv=UlD?r%Y_)mEw2%h8N zE9S*CV0=G6CM)wiF4!%)+;BYAruqkPZ=JWV=;EMPaeVLd8^Ob#&U9W}uFIbO-$Z?` z>JLliS&xNentD{<{n5(&(A&kV*?UJUcirN5!IWpSZI+iuT5K3ZCg)SatgE^o+Q{a7 zOmcC-DEAkqE*_u_nt7D1W_N~6Zg{EqXB26|aC}ea{I8I18D(wDy~}!5em4BJ4sZ3_ z(iOdeH1<`UcySr~;}v77!zDMDpQBWzEg2@dFzlHE)Ulu-PtI4Jn@-6Xw%S<z}M1%-|7M?KavUMH5D^PfgOVpvz@FUmE6HijFdY5+vE+cu_ z+j+G2D|q&l8)QYK?UI*%4)(7#9m!vjEYH7il z5bG4D-T4X~M@~*of4t897NEQ)m++RysOBafR2K`U@a8(#9Ukr`4Q{`a7xf8&?ywRd zAw9T{gG(LGF@?7xMrId$Mq3qDv zWb~!<3TWyUy>asRd0v$w$2zoOkrt>SlS%Jed~2m;pvj>!X4mxC1h?xQfd^uDL4gk0 zurAzeEQGM|Cv;0=O~HWiYNa%*;2K-`^Ct#^F{P&5IVM`RlBdNYwZP+bil&viCx&p! zY}V7gT3%oxrdcljC*+L9S8QG~4@K|c!p_~*E0dU$0?tvfv4wF5%EkF{1v7cq3+$$B z&5PMypPtvgJHK$Hqa%39u~nAN!=lZ;^RIb5G8sSm8`lmb3dOqkv|ZpDdxj+Mrt4Yb zfu@PMZ~cXhmK?)(ce7qJ2SMZ+R;l_E7rvdj zu$?UZFo}&lZ5{04#J&F~$u`(=a_r&}=2FkH&gCvYWLRqrY6oE8IJ8af$0-hMmI-pEvvN*P!YT3cYr4!%L`u5KG2I+_Kv#;W3 zZ&Jry%g?@^$t542&`9@1&tuHnCZ@&U>Wsg)6BB&{PXfj(_TcuiLxzY=7}ZKd8W*yf zrUOt0ISu8`9WriUG#A5ZlAo~if(-S<(|nN4m@(179Rsgk9n4Adr&7oPl7WZP`|6ps zVGIzlvYv-`-DqqUA%YUWiv1~>mztW&!k4pHxB6>zU~JUH>2u~Q*yWXC!=SJGy98Rv_JB3%KGC$m2j+ghz zL%O*3OaotegFxZSeec5`N5(kcW(!Jb6j#3mLr-}0=f~-syG!Id8kBrArOVqA{JDbh zYKFzdsU-N5D5K=$!oSiXQwRnErk+Acrlz6c@bTlv9j_|VZBU!!Je%D7yVdD{u;Vz5 zsAf(5=VvUDYi_klC0MljoYaq$WH|cUreGC-zs@k5~LA)84@*Z!5CBOGo`?=mU5?Ue#H8bvqy#+>o< zT%8G!+EoWjo6ckeZZ96W=@2qzH6!#DFC{7#{yY2pycUU<%xllZNP%3%rW6i(j8*VC z%GkeFWU@|*F>4^>_VbD}z0a%4m}#y1UiWiZkHuIUW#@;{f~SKOJxaV^*hE&&Ab3mALE7}#a8yL%b>Xd)Y3F%0B@86^siyW!t-_T#8i+WzY5kc#lg(z2noX zlbd_P@nx-TXVCOd`D&3Gh049&M_Ff|R-9`v{w|lzY}*h$tTXW`o0(^4Xrhvz&8dl% zip7+tt>Xgo3!zn?aC_<*!7%_YQem&kY7QO2`$lzvQB~ZHh5_^Vm>)h#yV$h()rZ3~ z%g4@`>Lm{aH29~CR%BrCn5^ZWHMPR7w|IIJG(IbK>{Brh$AC-LAS8M*CCA7q$+33j zF0;tCQOJ{;#TH~k)$ti<8Pty7iYD{q{;d4Z)`~Yuk(zwnObq3uioIEZHyVB=D=~h+ z&tDaPuST}w`_Y8QG$iqodeS4OjJ?VUscP13dT!dnl6JRp)cC3zs8g1Tl)T3mJDu(f zlBV^xne?g_SS9Bsq*MOENIE`bW~0#{;i@d4C+Ss*?qdZ_0FxPz(J36%^st9C{7{V@Bm?R0r;2nDd@CxH>^>wtI#|oW7 z%Rw(J{%n(V9eLDL;OyoyX+ak{H;zo*xgZ-yx04q!wx)Swk1#-K3$tOPKa>YWKx@qR zN|mQJ$m}#wd!D%5da`2*80?CLSuJhQ?>rUUe|3(1ydzjIeUVcZ$SRY60>BjP_BE8PrX)d~@@r>vlDEPdGoL{jhr%@4wzk^`* zLpr`3EPO`ML(I{Y=ugy5kq{1jSD;3I{C9qsoTj}!U9C6T z53-x`N|8wMU5W`NOZXpjS9RZSh1# zL1n_MQj7^VKM>T>Yk(%J9rH}t?scxUnYROSSXlV(v3wU5mp4m=3d@lP{e}X=oof^2 zzXUz6-QA}jF z6-90<%#$~jE`|#YVw3Rv<=Zv9qBQW#>sSEM^!%v|waP7QJ<0FeFkN4K$r2Si#gvE7 zr<5f$J}|8l{-P|5nXZHun6doTBxMx9hAZ?8?R-`z{KkL6LiY!S;guo}2U4qxzvqOA zv68srzt~vebh&(WvirO*^f*DO@g~(JLhOnBVAmS*$negDfZ2=jZsTD~%eIBuvYtj$ zn4vlzH8y3(w16swg1=(%fj{%!G`IOwn@8Y#1v9Q!I4Tu>h{ZQOoZQtj^c5#Nl5ncu zcXjo?jna)gb`~QNzGf-M@Snr2_G2Lqf67izOmmMWWUSsY>2RVxsu0cx6o(G+p=^`U z35BtPisK;-vtc7F+omB`i$djCq?cIz@uNH4}B@_I{ieU+6EyZr{HwTS`^vTJ|2N(rgspXE6<9U;42*YGv2$ zw30&b#`$+L@sIL^oylYtiq!6W79=y5aW>+QWY`7)!If9h8z=>6efIDYqQVrkjEs>| zMI5upSsH2UWjTR-vM;e97c<->Z`&>ej$wwTNA_HAj7)+#`n}_Gg_tr%t2)7yU_6s> zZx0nm;H}B-6jvkJUe}M_C6hY6wGSz{rsGyxE}8^{O;bOaK%#uH1G2FoF9qqJ42h&ne1 zbgrFW+b$KY)l;k5%V|wcjW)f*Ht=J=;i_`2>*~WIS$a#7)D1j2_K6uWvMVTrp%`v+ z8k_vOFdH|w=NlA$Moo>WpM$%HFoU>?3KP_r7{YP2=ik#kpog;$zAZR79yflxWH}SaGOnR?3mEO%sUBh~%`Db?1p?$=8 zao?4|zB2QX7|w_kUw4fSAK|-xSUE}9y@Cp_FxKfiyM?Z0%0=UyYlAOfkDuG6f#g|zLlb~!Zo+SAh%qOLTpDcw}U4ExxZPQV({qgJE1h#@- zeyzHb{$@2W_Oc%3e?0A~mGl3DYyqu_(!RpVYO^0&6b#W;RKQ!s#P&T$#_6i}4ScqI#$<2%8SN#m|g45O-l$t44wHQcd{jgYY zW!7>Oo!@*|x_$E-j~_9uooBo*v`b@*N3qwD!+Y0%sE^byLzLGg@4dxTbO>K~8kw?Z zMw-#>-hFRcX1N{)O+xzoq-=w!1!rU7=rkYN0KI$Z4~VFRAu|H)|H(45^a5&5MyAs_ znH`H=F($SF8V7rw=e-x{`m2xg-$^cS^tzR_9N&{*XUf8YSMtKAKhAG(X8(B4) z(+eL29uF<@*eqAFUEFp7)JfQh&^jn*!L)MBL)I)k0|sb`+5bIs6TaZ@>fxt4Qm!s8 zLI`atXg~5~74H{OTovFY(ODE4!>r{Rm|z{H=27FFqAWt9AR=O9KGPdb!M_d7j(EHkPENSwGS`Ro2l&Pp#yp*tGR=@WC^u9}wgQJTNOa?T{8ngjsRuh8g(_A%4 z(>L$Rw%D3{)N^+l7Z$Q;uLvG4ui!V%|B{6tZZN6VlX1q0t9Sd*=f1LSqAIX-HU5oI(td#<}D-t4)#BnPJo&ozYt!lWURoq_fldv>cSS8twjHBQgkRYhFv~4mT!E z_*t~mgoL*r-fq)3aq|1SB3nK@k5D898rY$Zgco4k2X{batvMIXvcrW(sTyT~(QVH-M@zJ+u3*byV zraiwSV>*w8k7NGH12I9U1GK&}zX8ckGl|4@@S2%CINTy@47OM3Unpk`SXXW zMOR&xx~eKswx|>p^=e)&%Kt_RgO4OC&?Er;HC*LJbDORhX9v_zWf=Uewb2ZtGOOSzAV_n zc+#ji%i%}cTx}&yPt~q)fitCV_H=A6+r_zS%aOEz329xSega`SJ8Ct3$oe!DE&a&2 z)ww>xY{P?C{~*S?0}8kVn2^I@bU^ng3TS|zl2Fd&ixwJ{@IGz5eK|kQTyNzSWQxbLe>`i-=ofS8o74{ZlI*=0My5;>8q0e9yrXEhJ8DJ4E3TCHgUszo`jJWLWZ7#DD5 z-P3{G`$@~$7^VyO%BS z!HCMk@P@VQfHCSD;ug)U=<8K=Y&J=HG+g#bs#_Y2x*)wn{Jfz)!;3$mLbIPr76kA; z>e%+T4q<-)r@r&f5OL)C`TqVPnCnHGdjNM1Lchh;w7V6~Cp#G7UL8Fe*t%3+N%$)c zilfv5v|p)6ix*Qm$zi$U(`e~{(yp%C(5i9+%0sGWPj8Ht1)yBx4get(cDMOW0MeOiq=o&%oF?z~C;I%PO)Bp@IllYnnIhged z_cU70;pI)7!1XUD!G79v3W(YyB-lT#EC*=rq?^X50?IXkKs3Adb|! zf_kEi5}r8JB6e(HJqZgke?M`}J0|=Drcw0LOh`&e=|ZJ?VySU-Vtlp#cugISURZcJ z?#WF;1H7fvHb%xW9lbdfmnBWWyd0L+1$&A%%@N^m<{o1=yl~CGA0f|VS=|@VT}CEy z>)Bx1G+Vc3iYS-j#2!K^?-}An2c7_!IafjfIM}@4*b}Mrs^(Y(4U%b*YKIo2OJp)wwTk!AEmHa-#`8zr6+4I!x|Bh~3uVPE}?e1|<5|Pu|uXu0_u*K*~Z> zyBU;4E>afBu{C%EhFODRY$nQv4Bhr8@y@C`?J*`PDcM~@rS1Nh-t9!eO#ZH@6pOPt zPEH0!M?Mquh2RF1uOF1Wqe0j~u*A=^ZTcmlsR`nAU+Q){Tif@H+%~^WEW>vREFde+ zn7efa)$R`nO&98zd^8!tAM%QjfG(;B1*&lZ9Wn(DxzxzZ7NokWA1&VvsXMVu1R*7K z1Bl&bMaU5ZwWUVXImabMB@6nYyFsJ$-)RJY9)@smy;)VD1NrO$;;WrA-O-dYd3*o2 zAmx6R0|Znd_ul=-FH(N3KI%SOFcGSfs&koLyFjS#TM)(FyLVwHZdh0t1huJ_I=|J! z*?rq)g$sCA`mnLmjGAfYj(PpmfGEc{5ZL(ac5oUlh}ob?!{<*zu*LYW!ZEP1@FLf{ zDc~X4V>#Tiw#U-Y8@SNtHmUSIF>}=KY-Ys7D~+gj=*^#-*=@7lgOz8XB>XH&Y3S%Y zsk9tU(A~8*aamp@laTEc0~+*l865-ei`)Xj^!eO*AelWaxOU)h4#kyA_H5bM<+Z){*gCrSx1=CHZ>9ahbqzra0Lt z_{@K~NaU~QCm#Z$^bGs67x17LjBuc}EcF!x+}H)b7Wfj5aY4sM9t*01O)fS1@BR6k z9?8uq=Q=zBJsN<;D26@vJ<+4N-GwXT5hZK*au+$m4m+_{k~Ms}%N!tN@E48{P%>j} z*)^S=pdQzYyV0@;II`{?{?zWmGG~>Ljkn5QoBEXQU%J@o@aKw;KcPSD%{5RF@f9af zjwuwKvF@F@NehH(5v5nC4h!ZfmaOV~Xm1(04x}Wuj z{q2L;z8$Qc0?u>4eh~bvf`~%$&dv`Poff=HuPk%8mnxt?JbMfK@}=%MC^ja$RW@7I zFx(OO$8y6 zV}xK&9o*~pew}DK7QY#2jaV7Odq?)DtY+?R;f9~FM1p$Q`kWJnx@_*K0WSi#)Ap7= znjUi9Px>9Y@PD2P{X{I6pw=Ux?+!IxHx=A<9_cI;Ex_kL?wL2^l7fI5dd`fL9SE(` zfP{p`G#!V5D~Vc}3?1_e7j$c)E~h$84?&;i%F4>X=qNbU$pZreEO!?+JufnFn;+R? zM3(*4rP^s2vov|_1rOY73o6VCkLg1?p~w^Bm{kmc9XhnftnK%$=CG6{mV zJ5i9cr3M8_@c0lcsxc(woI3LO611W=YFwKhNHAM1EXd=_bA*05?njRw>jHW+)uOXt z4v(RKdffSdWM@$%!2T1x(3&ne=`O#JU!JA4munOz=0g$$J})zy6;br&$5eWM7?cTa&t^yW9BBvkO3lCwH6nlW2iXGr{EdVi ziEio~<_PObDGsT$qjqRC>pVD3mCC|*#P5kMBF7>kKj{B=wFkovWU|W3KySn~x1(4W zoQu@S-t7}OQ5SCek&EPammkzLw1?a`d`O_V?&~t$ITdLBGS3?&H7N7mVWSK1+H-Cz zOFnQm=(TwV<=)86Q6&RiN1AYfTQ#)W@Frel6q$;79!FpxtUu7na8LSGB)}$cOnr}9 zF|$MOR?H~!jNl$$=puzkrECn5j668H0eAdhvX>d^QIYu-Q|S&87j(u?j9}LP&Aa8^ zeTuI~vA}T#_8g~zBghZldfO6TNYBGj=hwu@q>eoKC_G(GWnFzJajBDA&Ofb8{gb zhCm>+y380<61cP3zDJ)>TtD5`Z614t@Kc_19qqFIHv|nDy61kWa~j$1E+b$EvBw}B z2|O6$19$PA8qS$y#Vak1__D$b^(9cE6fgN5f53379tOTN?k$GKuL|%wq#dz;;b6(* zSc}%StprBcxY11?R4L!WIib%L;Sd*R$Gsj$G|^>sE-JWthCd;;gMQU{rh~$hK8PwG z>4F;%=)Pi}fUslzNt)#Qj=Xd~VhHVb45FYfdSm_18+if~5=+7V zt`+6BV4>0nc<=7Hi5{fy3-OL!a!Wru`g_W$>@Q16DMLJXSy|R%tHK-P$u#bB_n`Ia zDSO;g{4`aiaKYW7J(^ADW9W)Xo`V&;YT7ASDa}j}w9EMBnwpynQ=3sl(ECDnS6|9y z)`$hyOKT|o|(yZdpk8VEv*pH8Tx>S<{>jp6xC=Gy`< z7~F{a*bcGgHPSKfYG_HSg$_7So`Xs8Ux-qOc;<~#7j!35-PYH)F|`)G{__G#}NN5*eIwSD%V$h z%|$)SLw?rlQw}#mn2is&53Laxnphy5(OF$tPQ{FO@Y|25m^vC+2+h=cI+zc4)Uq7c z?0qEN4#+vbB~oo9WP$Qs5~o&6J-rHR6{d=t3x4U%_-mzkB z+G%Hba@5mPnfmNygEBTZf@Q}Z1yuP_(VGjC!1Q}w9+vJaQT<9)nv*f9+aYEV7uSA& z$G+2MmI2(^s9SLEZxd#*L3>d*^u%axI7^soAO7LQM3#{~-!18WLP)F&W`%mvnj5%e z2r{TQAsh0H_4cwl&^82aq7vHF&BBvj5{gLc!xU;!{Q7^|_WI?WnDqrM{L7`FHX-@u zU*>vxrw$w!P*@Ox#xBUjm;U-?nfKm+WoAV1kn`;Er`x5x%3i+ev2xKnRa$z(w{!xf zqfhQVB{P_lBLE0r!M+1iB}>>2l@FE-{_IDe_&r~Qp0%ucN?Y*GqpKY!`(Q{xb+G}= zd^uG)>RtWwgI?ax*GmQmW!9E;5~xu$vIpveh4#(&=lrs?MVued5SOK12daM}^kOxm zju1gl$?`(*YFA9y#ep5)tAW05=!P|hupp!{!;vtE;R{-7p_&}tq>fgEvH234uL%6K zAppb=lmJ;AO)qx~py^<8I}Mx~gOT#2efnC;s}xM{wTN<@cb`MK!Tb^lw8Q_QDIjxo z#w1I$F>RP7+i{4IPovgXXup~ewxZ9r+>M!Z*n1}ix+l&7+7zO!=vCR^7C+IiaAZ** z8&=Wh%q+S{fYx|1_{_V(Y|V)zL3%EkRQhsop;Ot93cy;o(p9?XP~$t$1V)x46nVpPrMgIsd5OWMKJA zVAQn-VjK4&+Byv`&8d%nh|1U+=z;#{UJh`6zxT>2;%83CD<1gBjhe`|vOhke1rG49 zfGuc*9ye-=Ig_|E3!gxq zl?Mu9p7`r-dhS2Yc!Bb*shYC6K3}tpQ$tym<+a#@EPD_#)oRs8T|H`|Wm2guBv}RL zoqgTg4UHGM8q?r05^wQ6L4F|WF`#d zWqAU|=su;uL!*|*SN^>DmqGyicTOO!MAxaU!`f6Nh|=7*fKov@rQz3*=kZbzPD5O( z@>3B`lc%Jlg_dErn_i_RE@NI7gbj&+50Eg_^BCd&kU;VMPtrX?g}T}}?z9eMWTAUuM4U2v zA*s3@x_T=s`E!xGj(RDn-mO%+dE7z13pe1aV_xkodHOLYlRu-%BxXa6{GaD#kiR|j zHt!tS0j&P+C7eY&l`|QgS?PBQUCwaPqY)0BiZWrJyGSaw`SJDNM0w(Mxe!w$33vDt z(}oAjclbG!g9?XvjP}UTBB_zH1diEJxJB(n0bl_cLZYJK)zvD@()I&XOrMzL7b}H0 z{(@G~{=Y0VL$D|Jq@I8~Cw5*@CvUt0@xv7oIu~R0rLGPR znG%PxVcufD{$%4J+MOF?p@~dqMCH)^P}pi%mapU~#lf#sl^&fAS^5~Glpx}^Kxp%X z4mYcXN0RXSVvUeVNmn{Iv6kb!1#W20+7JzF9kl6<+3pC7z`)z#wf>yn`sPRoD{YOqI?ewpo&z-ydJwm`8qewNa37xCN6!My!c|x3v z1QPcSxb{(bC_Dk++i;Bqf2}8ASyATd08w2P4T98R1e~fk(A1~PZ_{Z1Tl`>pxbliZ7}uQ)6&!T5a?Q(OoKjs*+=QW2w=Z zJNK*Yr5$Sv46j2DM@Q}CE)WhFVq&NJuK6fFNDMLKH+w zL`5VeMM}D)L?x6^L^_m~5|B;>=@5`kLAphn1@Cy)TJHFr^PTrx*Zcjk-7aB0&zvLf zagQ;_oRcd(5sTH#pz9+V4)WMEMgxkwmfal3-l!q!y?592e-dCS72Fg%gy^m9eDk4U zr~6uux;r#Zcm4+@hHWA$<)7Fs+8N4HGD!&^?b`4bq1~k8!{?#y8Iu8j(r+V zb-a{br(MbFf)+=PYdSJUH_YTf9CI2l6Rz?9YHMOwfuxfEuvyeA!UA(QxH|&2U~ysm zKMoEf|4^xgF(MQNGQyl$pvFv&; z;`)^ZV&K2$c$6r1xJ1|zJ(GNj=5)|A7CTPaFQOZB@NLs$Aad0uP`ZWcH# zl@9AnMPQbGFz<&Y={bL#nSUVKeLNcZe`S}5B%lo4zWATnSIbE!hnF2uW@ll>XdhcVHwu|a+ z1Ec%-ERO`itr;^~>{;7zlzGWNjxv|4YC8m57L)4{(=6V$`JYVlhD?=gY17|ZxiNYa z&}A}pa0Cfol;ERXJ-9Qr-!Y%HHEoO*Q3p_4}B2>ppbCI_89!MV&Xd5 zwl`xkCcM91XY6`+9EZ-Lp#K(Y>m=;aqQ)GfQ{FURL^FAj@g;vh{{LCV1qI%S^9)$u zj;8shl~MBA&SVCt{@`4!wPx1aWA7s?9wztDuqX z1(lY~U5A*>rTsONaT&(PR;9_p*aI+`f-eGvczIH>2;*1rLHWn)(UlO!LAZ*SyFqK70N2-W4{3jKvBjQX32n8TTTBZl zkL#8~jn2%GsQG`o37E+U{8{Y|`Hw$i!weF&Nc7s+v2f4M_UN&o8a)q{-D)!Jke%qW zxQU#AHl8ck0}Fp~FJ}XBe7V0df(~nD+wvRP)m&-YUtu&7a`(c4L?)7)$K+#gjYZud z+n}IY>m^)DdPYI@Px--}6{F8$cE;ZZfS&25=lu3} z!r**0`_E^whdv*M(~{m-eGP-PmtrcXp*7*!ZVPd~sPQsq+i^c1_sG6YBHRhoaJWrL zfql0zc8OMlVtG~i&iS*g4#=9;1?Sa2ThGg}KdQi4Nc%tUa>@c5$ui{HF8s<7eggS%vOn~EQaL!wHq4?e_ zW5=!YAI-79=CxcE_X08HEy|*`fsvq*ts$w#$NF(Qc^>p0JL;0rTM~b=Cjn?^DJZUx z#R81R2@ot*I@{zOHKQVzlRN;|QBP$idzf6F< zJ`N*T;I{QSHwxBLgh{7Yy|69gV>aB?FU zq=KqW#eJher?uj9L3f@0ZPrY21Uw7wK!Sd}gV7GbXj4J78J{vR4@0dGN-V3FMK*;a z0TLL_K5Y|jY@5&E1gv!2%?YVg%d1{yPoVdKcBuIBzsB)zh=Hmk`R1zCFx?L6vCut_ zp~kB#aHm)jv>*LTil5~5Ac?SUs#Sst@1>!b6<5acETvcBn5HavJRBm)uo-npffcNk zi5p&;gkAhVo^p>FQ0K6bEk=c~c^*&)u0yw&Lr|x@nC1`O{#y*#_d}T%_PYm)SdWD+ zZ@ZL?GrIlk|6Y5Z_a7JuFTX+PmFY@an@J~J_b#EjeW;73a{poroQLm-JrCbY;)v5I zPg_?g9X`QTV(zz3EHfSJW%Sse6tSunO^M!_$R3uM37_!ZZ(!Va-)&`gXMOhNGOnwn z12(-!K|u@~JQ8KVa%WP#IXaL`!^MpCA16!wS4D82+$0;>)Swr2*i95|(<hl|zh`41Z3Ghg%mIHk*)J7hv}1h-gji3h$#! zHiuO9<;~0HV%2J+v)Z*gelGeq@%XjvcDB{_Snb`>a%|~Zv69;7(QoQ(drLcUmJ#kp z{+R$9tjZ@kr?Yg<)nNeAOCL6gP?hfGVu2(dV#jF7|B7f`Czv?4emyWNt9A2tT^8%V z@8W=!29(}TlMg009(`p1NAXa2Y;r=GB%bRs4nk=`kGkG^r0{0cLBf0O(^+@aO796k zdNlfkf(7G7^+jN3wMRG}V=UwwAt15ss9GyFlG`#vYQgM6euH8 zo#gXVC0az4HZi4?6X^5U%PsE}#}UV_=7SFZ4twB_=>%{nr>3waawvFcEjmHhturIg z>W|}~@`xmsd(7{TL*R{HBgh0GF$@*RiITFi++9rBKO;13uhMcwu*A#_-GU9}{%o*B z@X5akTM$s>0si&BI$Z>e$+vQ^A=&BI*Gp&pdSWZZ7CrRMW-7Cbe>NA**+0!39|IRx$jk4@+n0;%_eMfU9AgidTIU3I_%cdqoea8x=i+*PrJ_TKcV zL~Ftx8cN;0*%pkuq!2<&yFtD!vLXQX`VCRVxH0Yq4QFZyIK!M=m4C`A|04&gCTO!9 zpwr!1F-SVv&810RxxL<$V3UCM7+%*iAFxe@V_tEG10OZv#75u0Qlnr-uNcUMx#@(J zkozlwbQxn}B4J7K3m>+wwRIA#$lZ*SANmD3zgf1>I7xOv&?;^uU=n~i>RV*8LYU8|^R zAbX(%rB(4tvgwiEDtnt71&=4jD~txyOc{Sh=DYOxHX4+5cd!5sVc zB+~x=*nt1PpAI(KU5lxz+!=BF`fa)Xik8RkbgRhCrF(P>6O{_2CFW>B2G>Z<>rXJFUHkFloaGoAA8Q9c+XfOBXIcs2v@$Oy@aN{(~ z?yT-(=JQcgrgrKcL-e@Tp=QOZ5(i_;R_ybgk&*wePLF^o!7Tz(9u6jtmloL#%y+Mx z8*6P1+yo=@xcNK8;?sW6k|cTQ`soX&OCJrR%BGG@eT_^y!uPtE_dnF)PPBdonl>!` z%MbZnm){$f8##4pNPA1^t}#X_o~UHNjj)+tB(WecL8AVl>3@SYtevpnQn5&AdL6(b z44^&SXS2lw_t{vRAyGfGuSBWum2~8;G}BDK5Nw*PqvH|fY`x3d`)g3~Kk_KzGM43EUJ2H# zDv+(nDeUj31yx*hfd&p|oHd+7ApGzPmNTHQ=wuYL^DU@eIw8mPo!bsG|44v4SV;DG(fAN=}<9R|yK z!F|(T*TcxZW})Tu_u*I)J42B`(x4hI=vIC#VXCn4B4{zI)v5ZcNiFQZ*WeGG5$f0N zcVn^~D%#pNSyGPANL{Q6+V9mw^~)Nbyg{3EoBUR!19K4@+xb)NXChM@YPcvr6BmvC zq9&xI6g(_1z|PO!5FyWJP$D}dSrhXUTP>$z~~THS|rv0MsD0%9glynp$CUS=Po3m&j%LBq;C|dTdBk>Q>BeIM z+JDUFKc+{_6zq$N>ds7bRWhNm{{D_Hb%gn^Xk{fY#^3@_3A-L_XP)X-$KUv2T6W>il z&V=OOWIzZmKfO3`ALTu_Q7Pu+F9Hb!N;)rc))>C2O3oaZ2ym2o6KW>;#!<*z=)A*| ze~%gaRm|g1NW07@=(H%g&1pJRlAk(Bsx9Ua+!>S|S}~OFrcw}1w=gGc5kmd8B4p=s z{OQv5`m7;WqqgDlT*oEJEyEGXkvd};+~~1SWP0d@UtZcs;lse?v-aWDtnzJD#=sSd zYgbU021Hzk(|>)Q46>=)-@D4LaI$6bcmvTNiF&;ym>Be_qCnJ(vI3>f#4x^>!Ajff z5s{NFT^4%+GsZ5158}^y3mCobo;+Z^^Z;#~w$QvJ*-zdNfXSy@+YleaTK-eQRI=kwrasmZL&g(+iy~E-fV0Q^ja;lQo4CV5 zgIjglL(87ZDQUjcCFbJi4!eK(vNg$#u$r?i);I%Tvc#W_F8V6UfE~m$g24w{xUb=-5`;3uuZMvmT@5j6P=yftaAX8IaE z_%)hniOVXoqkds`8o~2^l1e(E$V82U&+ir5B zVnSwr^NC_U$`BT{TV8ulObNftdsnZsd*S`?ep;>LY>G!4?N%d=%+XkicdW>}!#S#4 z4E4Kxi|M_%8JFH@v~j&U7A4uZAZa=8*OB(YO;jf5FCCHlgN`oWHzbF5pg6rmgCs6M z8_`_8e_FKO;^t>=o4&Kup?RD;IC-O<6FTWey))#$jUD3S!#5Z=pX%o|9|rB_rJ0OP z5Z`^_-@g$}d1!)mXvO;v;GSWInLQP&!)f13gfP{1?8f9NtnA)Ujmo;3vKC5K3Cgkq+9Fx8UaRMix8`*&f~7T)5OSr77WSVafufF9@TgDX;!8hNv0-`rMe}bto&!H`r{)V##6Hjur$KAt8&fs!nlEB!Nz7Iiu&$?L9)SFmJg|yx$(<>0syvcz{&n8- z>m!R@KaMtYVAV@Vu6OCM=hx)g!w7!vp6i*nH2d2|93%+?ac`I;dBpgoESlmXJaSY{ zZ$OT*p`O34{`rQ~a$fPB0lRr8Pl=rk(T+Sh$ILO7Q#kQ|Q$u3ni&+-8z@ z3$%EG7qF;UfBYib`Q_3&>iQD0!p3i2k=vM!aKn^uWZgydZv$%NWLks=9{X&C1#- z`wgE6NXN*$@+HPJ_X>XFr}W<=j2-c5`si^oZ3Ixf67gvMIZXHz({fl{Trg)=v>__- z8S~z6cBx<{>~4W|&Y3;-_;_NBa+F=H*klxmwB={$*1SbQmjHv2a6737y^ zs5ZN*m2$0{9B5o;FY4tyuS>q`K!<&~6VzR1Y@;y}V&(qz?v z%Mt`KxR>D(ED{X*j5Z_o*}=W+Bekc&HpJT%F2AQYd+b+B6VF999ReH;@%jnzEb1{S zWPTV84naJ#Ya(8mW`k)B@m-d@#a)fyh6fv^rkGk z<}Lj)(0YJc0;T*yp*UmoRE7EQp4TRP0S|j~cKOS0*v~_b&2Pe}D{gl0S3#gDLy0uDCz&smvfzHeI9+qSaMkf zp-)>_G^xApW9Wf<0xF&hfA)25Z!ZbXXpWM{w_aqDe~Qs#um+f}r3$Mdnp4LIm`fg1Pa#6U-;X=kkW~U9%;YzmGl6E47Ld)+%xM z5z&wlN8QYbd4(4TQ4twM(ggzq4qZrgC$d!%RYAMT0#3*DK{13ybOq!H!@TB@MH79lrH@ZwHJNZnK= zvk${fZe287hgN5T`ZMFIY&?5E-E##vwuj#dAy2XC)Cva4;YKIA1&u}_TSV!jXAOMN5rmMuG)Hv2ALi>oK}Dwx7;330My zISvkZ<>OIAtEZSgnk)_1yf+_64p`n3zUWT+605ThNZ|fp$47%5-(`w;N#bX(q;GNo z**w7>mUf$MxkiC=B5A_R@cXywi5i3LJ3^;iaj^uC;3V;luv zuMWj(aV=F;iXK{Nu~iAS?25?^_%e?R2295xh+p~A7?1g$B$3np9HoB?E)+qe*vQ93 z3S?@dC*mbXqfzlifQ%wCerISCUm$81T;v-rJ{Hrh+8Szqv?*mAF?tL57_4*IvnE z1g;zIEc+&A4jWce(M&${a5sX$&$psD8HE6~vTHn;gM92eF^aYlT5Zk1PLNmurf^@L zj}#_=fE8%tn#zR;c>%Dk7qy|P$4)qH78~8P9mU_Or_R>m(Ucr!_9k0m?utpb*{?92 za}ZtnDR#g_t{yvdCcW2SZ1R09cW~B6%z}!cyz;^V`!-+os$%7R+m(T0JY|{=DMsQA z`LPxfIm9w^IrMacgscXb6^6BVw8ic;1ouz!q!?Uk9E1BDxziwl?{|f3T)grEZ9OPLh&*V91k?dl0G zPP2Tp0(h#X1a4ok_iQ}rP|Kp7Jef6CUqImP3sh%V5C+6#OHj7oqSY9|i&fA&;&1hA zCu9%ep!PNZVA^%|5I+7^fdS2ia8v2I}Iy@#bEUYA_v)A-t7W+BLTy zdSvET8zax9Qitwy68e7%6*7dWdB@~W+(%?WLj`8`Jf!VA_Q@PFp0Ywl@i|AZvp7c$ zX6F1PLgy=(S$cRdeg{i@#o76st?Z^&ZC9<7@9*3+w|0G5jc!z0nnv)gVu=|Zz7hmo z0i~n&ae7951)6)3k`Dtccm%IVJ}S$}HdSHfiVvbD(91c8ybxswe)6iF@8f5Jb+R2@ zhjr_YxzPj1VvoK1Ls5?teD9M7SVY7EURAb#?0oGyR%V9kF!a8bOZ+%$uHd=tX?p+| zwm`}FQRynS8}pi9NV66>)T71ed2nJyF;PL3xf?D@jGZs>879b}@WgzuX-8EG-rOe@ z4j~L8``&_#;-=0)%;T3q=sy8q_|7hSs8q06Rc>StM)O?S5t)IOam9(a2CTi2KgY9o zIOYEmqaE^myd{r>zv6TUGm16J?&m8FtTB-%L;4pU`7%@%(!ZpO>CI{8_}Nw@bKfd5 zAG_DQ;!D*n%&jw)`)lC7z_!V`3;x)72ofwBsdBKvLJ91{jK-t_B;y$iGR5&iuMCop z3`X4J%{|#w2UIS+EgT+rGqBsyb}VFg2o|$K7jSrqhySj1@(f0qyjQ_1lMVevu=a6H z8HC)>XKRQZhuz6|$!~)EHAyc3OYIs6tsk(Cu5;f%r0)2Jv-NbA(n~@t0RT87kH63$ z8yj&JD`<@q@vRN|-4XoAN6&NMhPZcl*&X@FkR)E&ObQ?XFJG&Fqex*gNI)i$e|Pv^ zAyf@|B*hiC=`ZJ%7TH#GFWQ}z6t1;D3GIg1Urkvzz)w>8T2SZwc`S% zsqt%RqWO{I4v*~RipK_jNc-ry;)aM~Isq1a;}kCPKy(F3xAUHR`V`}QRVg6q=);)# zi4lKfma~ zg#F<+#4P%go_bDkmh|pLD+kAwh`Q^Q42Q0|NMIcmBx^@}!z6_@s2NE`>tBNp=Do3)#J<{73dFo= ztIvs*UhWx`TX2#&e~%5Myy}6pJBF7%iOwM6#u~&aC`#yGi6lObQ3^g`BXH7l2Lf;s z@|6d#V|ze~sbSmzwD6_Ggn!f_2rNjVB6g%#YJNYIKQMIflBq+AZG|tkmW8hkfNT%m zgVFuw$x(FnUo;S|KrG8{`P*@%!4RH2$g!Y8nDo~SeiL;s@ZvL8Swm;cqy|~w>WZ+1 zQirJm@pw1!v>6-E-;zZy=!Z*XN#``YnXtYGSwR|rM`GF0KN%;<;TuzDeB0jPVgPfM zSj#z#i0)3~=$2E$L4J_+;;x0a&;_{}I2w8f&>3cOvihTsS@P zRJwekh}C7MKQ;hogn0OsP^)xL>P6rIFR6nqvulFKNn7(v19!(iS~ zbSxOsa;D1V4Wd{MLP+v&L9)*){5wpUk;P|YOyOC=BV$ZJ!9Gps&(m&P2OCd%x_JpZ zIY6*iNVa3{1gyfRB7Ke(Q{hl!?+{LB})Q^7QdQJ6yQ;JOS| zg!cu4yh-lRlS_!Hx0`w!p_Z~rp2{LM5M=)3fL9L9qx2ZzFx>$K)Hb$!#<}QCaM63o z&*E_|dJ7bw>P~9u3CMl)+HvORJRj#5HjEZ+n+!)P+)f@F{&1U<#?2{_fSaL!Ap=7tfpO{O0ysAGu{vlI z8N(8Q)nhp3^-JeL1#VzdN++$cEP*@%25n+njc3^1!E`r z-~!4m-uVeJk2S=~v#|sOzM7~Zftb~{p39f!!_@-eME}(HN0IUZz=RMmz}#0R#@GT5 ziV7(JgxgPIUIR6*xld5zQikC(4S~RCT6r)jzaosD@2pyl>HDgA=j=u(>jWP`e^Cp1 z)h~G{O5~V6mZRc%@qyH*u!_0h^7+dG?@+W#=sCJS00B#CmkPUuMdPDLI zNuYwIX_T$JHiRrgMlMyLkXuS0#v{pVQ>&yh7!3Vv5pMV($dmCGo z<0`q|2rgOq8MY#JuDdh;@mj6%AGUfe4)A5$rtu}tYxOGe>`6@suoD2kRG#|}zf_0U zpmYHy-E3tHXO4gLfO9TX<(epb929y8BaUIeNPGf--1ag?oQAi-H#J%$RxygG&js_y zjdq*F0-9$j-WtBiL4vPQ1+dcNp;gsSSqn0I0i@ zM&RS#QUp2PBV(-6;`nVTRma8Td)POC7?(SKcanK~z(Eo9!+oT+HJ> z`9L%mVrEB#sWCPox5uBI&xpgvmKb2j(Fd>=Y^Z>c)kfhwES0DVf?6x%*@6a`$YO3Z z`eh4Rovf0BuJAGaOh&2049AF=l~ZD!-Xokkcy&EXYIf=Q4*XFM7{w1v*$FF0Q$&u4 z@xO%_nTrc|)0|K>wzBl)Dkrc-#_R@Oxcf@3A>Q35(J{CAD8|FRULL+-Vj{4jNQZok zM8R)1iQEt(}>e^s`vOBB;Er$`d<#cNb!go zXiPJTsdy*fc5f?^%XJ5>g=e5FdVO}gb3SktSyWqQt+Hp7x^5ow3DBm4W^_~RNa93E zP-|_?b5BdiC%U*f^#5+WWz>rtU`2ITUIE$y} zI|8kZivre9xxe>C6B56n^383%;ARIaC|*SXTXcmYb=bNSlRHqN8mm?c?6kjW!`kY` zQ3~A-f(qIp4PnKu{rvqfyJdPth{PNFZm%-7^j?g#aQ0`Z6kf0a&d5pY9Yb*qmd-@- z_fz!ae`p_%7!6N?*sQ=8W29)x5g{fBJ$yG{J|ikQQ?rn2$D_Ma-GzQ#jtMDiemq0N4*GtL z=(`o@00Puwz$N`;A`Gs;8Xjdn?|9UCRE)vH$;ffz7$GU2X4F&r$UHoJNBj`5e%978 z0U+;5U_Z=#98XN^fsu_Doka4F{xPlPHXU+<~-BBQkEV4NJY+9+a)pvVyAqhndrT` zE&8wB_8~3qSud~{xDL0ACn`k=6(>6ilpd)IS3M8RKW#9W;x~DG72!vkKfM4K+F8l2 zyhG}t0KU1?klVh`Gy3TS#(`9pCP@Gy!uU^Kock2v%sTrPF_V+TC#b)*6|Ja!`MK>Qr4PIHnG3eFGN6=PzM%5*TH zUF9NWhX4&MRY^cj)|7@x-jOvXFpbtSK3uMF9x8CDSAyK~m~P~@$2@$LvNw=xpKd;s zd$q)Fh9&b}Ve6A)m?bSf){jdeDu!^8eMgQOyD5}e?WVs;_ZM2lnK`8FX8ww5bc&c)>@9e`b+Nt=8d5SSZ+rMR^b*rJjj>#h){xVNMnSwz@&|# zFW)T8y!WH@!K0_hTUBX@5HCV0c->CFGeH~qA@0M64_bMpp!iAJq4s&@rZ+}x9J8;R z6C?c)hVG0%dtCW>1^~X{+0JHUnfd`0u=y!-y%-^O^(#n<_VjH0xLAwJi8~H7$ch{< zP@MW`EefPs6m0Az(vu(;r+Yym!`ShdTw`#5tZA~5B_b*vm|pZz5SFM>fohj^jC=gcZ+^I3v%q}le5PjpYs;aM zP>(a~*cD2hQExKIVA!m3os(kbdzxBSpEhFFaF#A4yOORmq&F^oyQ=+qk)B^1q)~Ma zf}H59lK^xXhLO(5yjwt#lhMaAIwybnUxU$jeI&HgO3?`V(s*GU;T@CU+Yuq0EJ&Q~ z;3D5}`8|E4$*AGOnrKIxF#Wl@j`<5MDb%(ycwQ<*MT^yG@D*Z16(+bg(Dh66DSR~G zdAdiSFFB$NBw>QYi}S0)UqO7E2_cCSBquEF3LTepFe>cJg*6i^o18t%7Hx6M>w%W60?!8_d-C|6!)V zH7>uysCB}=rVlse#9kUBrV;z79_bfBhiKdNPS_NSC2{{UHb zTQjmlOkN%QRGVMz6!qLE8fTX4@J~$U_(KR$`N-ew1fut(frw@N(~kqu_opLg@)^)c zEA|>?HXeDU*kzpfKJ9+!0`q|-%A&=Pu4aBKC|8uAZrVF^4@F23h#g+uQ?JV)$F-$> zhCoHx{2~);%=J$IqN#G5={YGl`lprMWWpcX7240;fqs+s&6p}6Gr?@_%-fbIxYc{; zrnYvBm0eG=5*;*}ysj2_Zi+G3+Ic>9#9%c&OP=Pj9swiOsOQ5#*gdEZgj?VFs2uf* z{XOCYU#PxW0M;HBuYTzRf)8hg{t?+&UnJGPR*HH(*KQDy-NXqbWXBwh5?%BiHk~qd z2PI15XYCmB&L|?;B>Af|bLPiEZ`&j=Ghmq%pbPjYjm+$?m5BQ1Ff%0UZldPso3@0b z4|6RBglLCCt(s#Iv0fzT4(J5`o1h!Iefu^^z~W2!`{xhjOCcWEc!K{NGNIcrAtx&^XpF1-;|i!N(b#CJ6=vJep8IuA+Ub)r7pny4YdhhB=yVJSb# z1o%))o{YH|RBe=fxX2G6gYd%>Ru+^eynljt8AZ)b2>%qU1ny!!dC4pWj@dInDyO-@Lqw zYiF1zfi6j&sb-OINUxqa=OA7m{1D$VI$5l|Rypuc$xEfvm@b%;&>MEErmpol#H3TN zIldsaei>pC35~$}A9qt&pBN!)JwOW)*Jf=|IrRl0%`6DdAbyJty96ZDpBT{jGcfep z60O}7Mk&0+8ou4*o0#IX01t9bG&%xE28VV!99GXN$%oT{>TNKsy>~j6w+kz0Qr;$Y_Za z``a=BnfO}?yG{SdwwItJvok~PzDYQydd?3SVlxgwO{u?GT-w&`Jgl)?+fTn^T6Zj% zLau%O!on2OstnTt@JD&q=Mjt`z0nKtnlVbTAPXs|GR=ljvS13|s466{ji$pm@_$)r zMe23G2nIza48N&*9xAbGK70{j8tu?~a>c5d;x#0(@{)&O7YhL~w135fJat(%$W=Zh zY=G1%;QkcMxJ^aU!x6J1*Me$C5sfP*QGd!4Kj4yRyje)CUjL*A%I(7Qk7%szMwZ!I zeG$PZ!qELlBCC;KjwG4BYhosQMTD3M;k?)&N%)c?{#C%=3vT)lI(!2n573;4ZVVYp zxnATcCt&OWkY{q99QDe=`3SEXWa7z{wK-Y|*gN?*DBV2VV^_pi%B8#Mh5G-ia1z({+`WeY{@$8lB<0+2SiJhk4 zszwke^2l_7avp=J`xkPgJ(Bzt5Nll902BE&RN-1Z!!9LH=9{p$*$wE<)OS7&es#Z( z2nb_Mog7RZS&T%K=Z+sUH@_(;0toZwIAmPsnBB20aj0BaB2eg#OTZSL;uD~#fcQrY z%pgTg$QNOh*X{yBlCXPLmmWqC<{%8^{||)G42mA^_Cb%hZg9^OIllOWHuM3`C!X`^ zlWC`{%i8>f>cG=n?1D#CxJZ!(fJx#W|UszhbO(lC{kVp&Y#p6OxP5B1bB;GLipQ6GCg6QDc_9FiPV{#wq&I!!!I@ReCE?PB1Ej8Fi4-J|N4@K-{{Btt9-V# zmu{-5Q7Q=hWTrAEJ?@2#DunWZrq^^1XYvAWM$@2W5P&~-3-GSI#F^e_Srdeq25Oq;g3(=C=dOrA*mXtH8vDpi6=YvDZr^&)Uvp(9J3$;5vXI}mkX&?0` zky!h6-t^wOrDaISp^dOtkPZd%BYmY{H)oI>JyEg_Tb@U$0A0DXdimBiaZUHM0e!1)4EfQj}-?!Max7gO}}V~-PDsB}Js8$5s<;GL?h82OwX zbM}DSq3n(NS8TO)qoG1JH#Y7JE+%Y>*nMWZ6F^>jS2}26u;P}%JN=E&!K|=Nzm!3V zO`0eRa^IU6r1D*>ch;4f-fDCCB+sT8eWv<3X~1uqfOzNou7ua2Y9V-JW}QC5|K)~U zQmfw5$WBgYX1lg%+mBG5pH?b!=vQ;^dD}*Vh}RFSHH(wq1%`sPy`O4;aqA z(M&8TxU)oA`f~cs0-4pmYC~Jnn~Qd-rB0W6ZZ5jLx#7)uF&ym{K)R7R7F`-x*OAlO z-R>8Tq)4M_MCpk$`RJBKW!ga%N!$7RkFZ4(Pt;|AeR<+oOaO(EtL+)&g1rH^6sZ;j@bm6vzM_Sq2brxD? zM_u_1IjPL(3zPAnZDx(k3yrK+l4wA2(zG=fuFJXg+fvYT_1<&Mp)vdNYWLxt@?`xk z`wyboXxadEi=Tp7J%T4)4I~O{o#Dv-FX<<3k7`04-@N@ntwD^XgT1DBhAT1Li(qT< zlve4^ZUC*}u{B|RXU$N}kvEQ?#$2~7?54`x$EWVS=y_$|Aaf%2WrQV`YQW z1bs4@SAeceFR7qqF6?)2UQd2AUE#Ppy5C?F_V`@;DG^uXBUmvc-=XqM%7qs3%R@#OMRCw;5T?LxyICc?j`29xYkaY!?e+55< zm8jQ{En^Uzc$ym)DjnT@FF1SMr5j3{xuB7+!{Bz`xgmm#;hRjWsP&Bo*pv}Jc&Jjz z)Nabr-K-}obhzA=`jIBtueIsnq1Aylw0m$`uTRFHK9^9I<^fv4+VTzb5gq`9vql+Kq`Tt{XI}eoNYL;PVOe~JTD2(g!eF{0CJ7#C7Ri$45D z@vA1mgHQ1Bm@J+bG32+D3-*ka_GbeYSwxBtkZLTt`Fi@KIoW2ZCya#9Qr(9m*#ycESz1X5 z{g2cPPb)u5fDrNAG0FW_g7{jz{%a|BhFu3&j&EC@v9NKdP*6jvtE-EMk+dMt2)*}V zW!!MSH)m@hlP)bJyHa_vX!U}rx%r!m337!G_@*}S#VZF+uJWwiHBGP&waGmf3TtGxND~_wGQ&5dFiqYcp;!H6AKS zRrsBzaO*-eSy-A_b!No%vt$Riz#49$r|y`YpzBG$82j+}qlT~4O{X1)&#hZ+*_qjy zv}kmBbO*V`UEgo*WyC*?EY?7d_6$}eI=SvWMBmn&bwGc;m#1=CuyOSWURf)RRFC1V zmf8w`U>+3-5=Qp&Ok&O|yuHw()UZcHVA=CLx~B*z(BXBG9V@>Ta$Y4QF?yM!EIidP zhb~rUi|Of(S<)R^3=>)MNwr8;s#Ho=F1|{|eeaA^<%Z-;PquDFUu?c)rcQau*B!$h z!TonKK8=DsI_%x$5jU5TVssk~0+J#RrN+&%kBsiP6~}GY(kh;IY#l7#%86l^rEXoj zjgA_494$0EEDO7o{DnBV?x+=M_dF_9{-L#0{*Y8^%dwO(d2;Tynux{xlz)F4P4?=B zrE|gJkF}XjIm;NKOO7gmW_-qF?&`EjNUeopPE|=sX%Edi*S>TlHe2t~_QjTf^KR`u zP9EK?8$YL)5kz8>7oAhh;X&COmwu;ysj+k*rfn$Ax~$?xvzg-54&|E8{6e96)AljC zUp@S2EpP7i*!KkmLX~f+Ukokns7$#o>Mw-~xJR%G$Pn7y3qp#}_SLeqEK{c^M;Nyf z=(QaaS61~9){bzeC%PNfrH-TaL*1DNKlLO%tR$gi_d`p1_t-n`2yW~5O!yo--9Ofc zFBK=pv2Gr}y65Hpbz9Lp%tteGeoD;0$EjP;J|$wH{Aj*X+Rl~rN~WpZjNUGxuZxtT zX3kUg9&>0f+oNks(o+UsHRmgWdX~ogJ7=aRDJCy{e56B^C+@Fo@8FPE)l2~!fMDr6 zM8O!-I;58jNZ8y=r;5!J$de%bc~kN-=AhRV+M$KPd^tEw;gxysZ&lT5(uIM>vnC9j z&>YNeyfEc`4UV76WYZgBnr|<6eGwJjdWd-_GFwAftIOvhn^H8>th7iWqZC0uNNzsLDPrMS20CQvL606;ZuK5uIS zWmAC{;ZEqUC42Fa9fTHvOH&7O+_Tc01eXfq%#;Uij=N}ktM({m7)uL}*ct3?`{uRB zXkO?N`tUgredM&$RTNVbP%vY|IQtS&mF}HeYdntoKeJwMut8}$ta5MhanM}1U6sYc z#{#ttnO2GM-%kW<`iCp_K6to3>YmqPeFCY=lvK2_)yv7LNY5UzRLN;$so1!j-S5Jd zExVcdCF7}IA)BFsJ~^JtxH+_{Ul z+oy28CwM;JXMjGs$2}tlis@Vj%*<9dmW$X7YUk{GRcDcUK@LOTl1Uzepm3zgr7;HS z-t7I7fI63-u@t9cS;x`sd$LT@!;D*Qfh~WbmSPg-!cbZJRd<b z)Kf6eGxcY*ZexCGgg*aKgOZJ*Ml ztkSQ$kWv0u2MDVwduG*mB)cLc>bq|OX=rC4U2ql&A03jLKqn>@l$a1Ii2Zo{IP_Kn zPo!lHzLp@Kl=n|!sGr8>_@OVxZjMu#+4ba`^$hw9X0SP1G9KP= z?G*E~eQm%3?kKFB@ZD(MhUmRJWQmC%+qG}n`<1g5O@BEu(NnplwD=~+!?((rR0HY^ zOJ5%zH=~oX_sI)h9a0@OA9j^_rY02;LyB#8GJDTF9RP3QU?*nZ|*wySW$AK`u z6@W|FPL`via$X4j$d@{?m~v4k&5Ut&)AE>o%v1_)fGM|S&u@M(eRS7D>ZP}5 z1IFfq>`Qo6*6kJ1weH!U`#a{m?>w{!ANj3cVH&l1^wExIXb&xQ;%Cp*7dE?(!yA{v z7B^{{RNTgmCQWp+UFp`zvis&v7J3xA>&{oa9^s)`e#kJj_Uvk_!9eAi#yPPUd5gqoN9?PX6Xm)Twisunps~8 zEhD>ayXtZ<^YuoY`*6rX=a&1Lgk=c08@Hifyo`F}z0y#!(!bPnd!+QsrZX>6F_D8c z%+J|7PTG_X>7oe_?bNw;)~E2w9tvgeY|OrxDytC50=_Y2B3)MCm|ni1OFTa@w|>+! z%DH&M&tI^_wzXv;_H|^KdNpdtHllkM-C8$u61ebd>kmakik!}5$6M1G67CX+b@drS zk*$N3*Q#Cf*O!j2Vv??&)8|tdRq{%I8-_(-c0(a`Ar+#9J!GHxQx3F>uQ0^qcF{I#Ocv$|?(gUyTbi%?7O5JicDc34$+R;Ay|A|= z=;S5kjDsNG-VwZB-U9%mol`QrRncUXP|DQOg?{|QT(l)GCg+edk3xcYj80DH=@-g# z?cQXUSk#qD8l09JLTa13#w#p#CBmWZ{1m#X;zoPi{JUb^D~h@o?iKggyO`KXM@FZ) zmB&`wl``ng_Ep&cO*T6#ojs@CKYd}^jipHh5*YpbkE^lLNvml;>94UUPuYG#xN@8M zQ)e=+X!XzYf$!B~VurYQZ3#QhEeBn-YFI^Dn{;~QT18@~*8gg>iw^;|@n`E4WZgcH zb;BC%VK-<2RA&)(m-M}53eMu=JkQ)`#T&X^6__74BI_v4c;-`W;kw$0qSowzCilP} zb-hagf}FBb>pCOXlPVS*f35X206{*>I_pFInDSoEp_^;y5H>!-^OU2trbh1brvvcF z>;y}6~1$2KId5{BMsYTDnMuCF??5D>ujdk@ZH9XU#(NQbo(J);l1=;Nz4C3 z+jqxf{lEV<6jDi686icb2q9#YqRfi2LYdjw*|f7WlC8+zLgwAF%FN!fZrn!3ZQb0? z^}6|d&+nYa`F+p%oyR%qN6>|;|=WT-h*qlDL zc64Bq?{EJ7yugw8khpe)-rEr3?_fN3d=4? zTCe1FGfYF?!{*}=U>v_Pa$J;JzhUt1v99VxA5mmTM|>Pg9>+#6Q?4yea26>?@xsNY zS>oNy4I0Z=Gm;j}$P26kXZjZWf0RkOsm&D7IQZSJXKWSrn7y`gG+iyDa%S|Rr^(UN zdgeL~Sd{-Dr9Eqp6dg_aR3x&x<5v9i%pKECRtT^Ba&K?jEiJGY#2KW%9Epn%;nNc#D^D7NYnJ;H zi##_y&HPI}3hPph!99c-qm(p1__p6Fv1U z%ZaP-j-y^spZ^*S*jB2uON1zP(9!a1u`HwZu!7Lw={u^O!@Y2&Th?Vv{^{rit(P6; zOl|Cq9-g)5Ha(d8!b$>0?^b_~3HO-fEr_G%=`fVXNWLq3juO0E6Zx<4HKn;hzj^Te zA^3-z;q^Jk!id@izNoRWtUSacppHkNJz)rUD|PvVqdJ!0t?y8-&PnBfX(K+@_lUwi z?;Gd6K6SbO*P636%WOJ>oI<*nGLFW7=C{jRem=6ib6_ifuP*m|uA61-sOlPTz^yr? z;^wS6-t)i_zhf?DkO6)=*Ie!vAZQ5_R41i0m3-AcG+C$D1p3uUD9nVnctVGwDrJE@uav_ z&7K~N=`WQKaj>D(alkY;BTDjWfvWMAell&tEfgPVc z*be7&>AOF2>nm}H^`B`i^uSf;ZT{_~*?9oy5f`rS;sOlSU_*JJ8 zvLDN&ld<=7o7#uYiiY*aIw5~s#v81O8^R^|(LU}s-o%Ohum1(JNV}2Zo{iP?HydY7`k}X7~N5T)5RDX%$w6YCc{YQ%?v>=pO@8z~7 zi0}UmhfJo zdwcSFXt#P!VxeK@mkG|)QT;VHVT+bE2y6`Ih67t^&wpCdhXLmy74d*D)R&`zH4m z$?`VX)muv#`QHKfyy;VAnozWoXJ1u8RZ3PC@2i$H+_6Z(qDqW5!J@xRGs8eb$q+$X zX6EL*+n!%0ws$f>brJA2nD}rNxDG8DWfA@NZR`DuO7bpNKX$J?BRV}rHQyt-v0@==JLttg=->Qe(a4|a&#l75ryfXf6rH%w z21JGT+jv}hZTXDSis|CV<9`X49yG~1wc~LnWA(o}-dp9aISV)8VqZh_X@yVdaoCV& z{=QnQGP0D+k_cIT`Jtk*WrqHD-1j>{~ddu}?49 zASM`Kw+veBeLw+Ay~?}#ayVUTv6F$XB=*8c5mZ115)~9f|J9oXje9rQ$V3bREhrIY zE%aISfRX%0%3i0*ot256>z7toM|OW(qP9#e?ux3?tj=p(9rDE-*TbyaLOFciowLn( zfAV|n1Tj}tdUIETjH^{{S2fW5L_cidC0$_kFU)xYs( zGs{)X)-@7>#y%wz4>!n6|AsF*|C*yYh3EjIKXdg$cioZ%s^0JQKj&B{gY~KXHE{)Z z;!+-Ga+NJDGBxIYwKQQ%) zN?j~*Cpc>6>Ob#w9pJm_p6Z1kUjJ)$*wdPYc4rLG@9clRa5|gO@?5yVe7ONfVKr-> z>8U#VfUo55mEy(U*`vf-;<0WQPjQom-rm^^+0>5}ZdH~Ci0$<1HKJHI4iV+zdd6?- zK`Oa~GgkhrYAss0>P+PvtaKZ*6tQ`Fz9nws-jrTpx+)1~@U|U5!AEz;7N0jLQB3?@LQ-a(=t&%AD)GA@o@%%3fCm zZ$|g0w*%*q+CvBfyxk}NbwQ6SCB9#Fqt4oef3xx!B=oAotFI*H@|PgoRW~z2QuWplvJ(5(a=NL*b7%Y9G9t$Du0UD z`Omion%O6NOx4e>$BJJlSwK8xLzyk)LqjO21e;?xaU04bbq9tVS$i_G?E81;9M9=k z(OoY51r@Wqc4F1buB_c2(*tSmMXY*HS?N6)WJr(0tvwKWVJE3DQKmAoPDKrr*y-8m zz#coM2ldrH9k>dWTr9`XtCm#{nMy(9x^aeC?{8(~Z~fIL#*I@|V_5sn9tDP~JFW z3M^PTLL)`SD86oURvsVAt9XeIx(7t%UNHwBwL5o=VxFyXqWt2<$PX6j-2kr~2oCyv zD8o7$vk<_h0C(TYo78?fbY2}*n0j;n9rdm?nmd+La5(xT(6p~7Luh`B1x_i$9okY} za>uu`dUpAj2IH{@p{Q=)lA(sU?HepD64nPX6Wu-Kv79x1}Ku8z(*aO=FO znVIKIE-nGs1Vb@SMjuB7+}bN|L!u0}*+*_WfMfFZH7)lE#zS&Y5-mfy75DCc%TTX( z9ugH0Y|sRjx3@h~>B_e8nUdGThU-q7O5FwK+{;quwX=%n+8Js;HtUErIvGEgK8$ep zESM-eXgmeIGHaCMY9_d3nX9m`AHOUpsQ;2;C=V0=5wufcgo^v1&-^1l((o-WX)Z)A zetkjk##Usw3s|~jL;Az}_rdYueOgFjiJw;nPf_*pEbUI9#;9`*zJu-+_WPfKg8zr| zgqt1&JQeRcDd5;%k3q{jZ4@KSsd5$d`aU~Hg23n;UmT@||35DSts~pi;~>YKG3^Nu z)yu~A-VBOF^H~4c_Tup;3nNRWBDKA8#L4a-%F`F;6KUr2OFd6XxY{@RFHC{W8vRuf z!lo)zA`YRz6N9n}{jg}qr9CHAUT=e9I=14%Kt{3vejWGYSW|n(UOx#EQ#NMOV#EFw zyzK{ue?}e^f8S4HbMbyy@`eq+<@lWe;QEbq1YR$ zdR1=cvGLz9@f3BJUxh~2!{z*P*U|XSRhC1jp%uVU2j#<)Uju8!SV?bzZoVUtIzRr& z&_{jd(vP5lY-{IW!zz$Ez~I{5=G2WMg?4ExruHTS)n;ZU*3he@w6S7pfxRT@Kl4pW z23ccC!p90Z;fMAEI_yz~n?j!CB2H zAqVAlfd)6!M*-v%QR8UJjFx{ID{}VOYokV*hV#RSj$@1(X|`Jye)Gn+xP$^?9yW~P zK7H$0Ak2JOE+R5l;K^$P_aZr?}2>^fu(Pbt8$HOkFZ{Q-POdj9j@ku`{fB|MBg z@@?N8*dR6Ky@)#wyyFIb&O85wCD`eMb0 zV2sZXzVn*}P9qb0tj7+zscp^(tkFgGRmSZJAVrDyO8^^CY-FF?uF_V(T2_+$-tnTf z@Wj<2ULBBynUm?~a_z37wfu`33~PyH|3(E|XYTDeM}BA)1E*O($uw*pkrMU=nW7>2@l-FTjRDza!_6lvml`C$Nn z=4()(lP*)JP3#>H&~RmEG?M@6IC`+fkA5EWpb9-x2Ytu_+tw#h2a=3a04%=Y7Ws6& z9>;UH*3?8V$ogJKv1;-Y%YJRlW#R?GgVn+B{N%9@1|`@1&0Yuw+SKzQfpN zTjKS|zOWm$s22`KJkf!|?G0%N-GYNoA&+$Wi8Pv>VDo}>hDY{%w)t5L+-qw42_T#z zJ@^3h!PouoI8X2a5r2D1A&kNlh zd{QGvT7E4eqTgqHY}3W$JU<#%>?!uaTBO*^*eRNwBzKBXB={T0!56^mp$TEFOx zK{PRBdj?seCcLz1Lsqffus5%ro!kf#>PhhDVdJ^kTdm-v(MvG;ImPZ9-p}kp`^4Kk z9`&ryZN>qYkdRQ;qPXK!kan_Cc=WBydWDT zY#9vfkXm3<%0t97Cb8o$_dj)_*}8KTVFi+bDQpdEhxVQ_U_S)I#BS}cVIfU$jZfTy zFy)hc4*>sB8X}@2?=Dz0rwgMbs7g2ug8} z7&v#4nQJOAl29QwNHGzv}zfYV4fhJz7wKFosQ4DLU47cv?ogu@~|5NJD+?ThTg zi)z4~xcQ}1hH(+3XqgPTy_@`nThqzd!F7>OH1Z2(D1uWDTg?@L?+iKvJieqeF{u&z zsqH^aTqL55Q0))W45nCpDM`r^<0(u{2+q@e08*Ai*`EbaK)Rv0YMA zQz`AaQdd=?Jfak1Y<*kX+sBp*nEHe+TzJ@g-Cx$}T#H#u2xCAwbS2?-kH+}t1EChE z-Jx0dQxll9qk_irK$JoZwHq(L&Cy85KLd#*lg6WMNn}Cq9=qQ9PZ9h3si$7J&KB!b z#d=y@GsuBSUWuq=JyCm75Dl7pLIGhQ`Rgc{D9En8iw{$Amq;A)=}k0ubqb?WVU9kx z!+5Lp)=LFUG>n86+zJoi(nR+lm>1oahh{J_FpDEcK7p`fu?4fWjK}f6{$)KN8Gs%- zqqh+FX|5jELOO=X?KvkBSYJAnG^qy6xFKmWYM3%VRcbDsa8zQ9WgvdD@mqG&?6)?b6vA^_0@8VY|6 zvIQwhmaP%*uCVxramROUbyu)Ef`96)6^(xYDj|6G!80VHtEV9&fbs67_aN9iqaLt< zUL+rigLMsT%>?kdbJ!nuky3PnnX9Wgg|oMd6}Id?LCd8aJU5&b3V>WNrJB-QyLD$! z8kblS)Yxntwh8vZ#Xo=UJ>w~8OjNUql2kG?Gs_dO9Meo9HBkW9Eh0G&XJr=i+32TQ z#Kk{mkaHZcdsua4hj$PZL$2&K+8XDXhsgd}(dRXZmzHz$#y)&k#&hovd3kKbn)M0? z^#3$ng@X}!;>me^IAGB_AZLq7LfUoNM;;fs;{k#qDAFH%4> zYa8NVtrBu6iGR2N|LNRqG;QS}FErEC(}p(x1vj4X+N2va3R=vA>*97r?10?pYGedT z9-6?5Rr`fJL6oY>$g2*%h11b`nLFQ^P4-u9H~iffbi5(SgafbUXeSkF|;7O^K~Ol`B@vgtC9g zj2**i{Mfn}?MFiaM56W(Q%^fC+ZdWuRzJ6S z05L29AyWvnvlPTkT#InqaIme8aT;|87+C89r~Oz>v42#yPyKvO^#qH;Mni;3_FP7E zHx}5FQeYBd8T==s+pQM%b!RmDsh|GfC%@G@REDo1YQ@VIWZ&>;XC??=*42(N|5%{g z-65SV^wnirm7sx(>>*ALM4Kn};F1dJU#|=$z1(kx_qmK5HpRW$YjwdKTZF-DgUvIDnqLSzhj{+IWSdk zCTu8Vn9nqulF+|}IgCcu)W2I*Ew)_ybk9yO{nkx@Be240Hr-F2Q+-qj=Uv@seb+u0 z?LU*j<=$ZIoR%9?{{BrQ4mt_mnCFWLy(n*vp~t2s$c{!$7Hf7fvxx>`9yK5DNU~bO z91~J6O)dZWMq7F6z+&&Ej3d)X%A5`PnG zD-)q6J8`Md=TYfQcF?4;M```xlwlPvi+784_q^y>7qdY(v%Q#J+S-4edgYa+G%HS-wnByK9|nx>G}iww~HPdQ1q1ZSMOJV1 zbTf~qZc02DI+4pXP#kkIjb9~o?<3tFI-omS-%bv|wUISgCx{oxnw#A-v9LNYbe6Hm zpi8N2$${WhwAb$LrKJ~-bPv3ls&-f?ux+c$Nk`q%ax0hetkQDf(t6J8 zAu4de$Gn*g3k4k-U9_L1P)(OnXQjaE%$*KEAvV)?zsWwLY<7g#b7fW!4N!5jY=kL# zL97si8FF{j(SgWvsK&KSLQaAQj1T?tfgU$9w@QfW!^8C-_uRPZXXGR1Nb@1R7ZI|6 z#$S@`D+Ra4RfalK)`UbE>HMQal@G3Eelh-FPL^;=WD$L`o zy3YnBpDcUs5;Q1b%Ek~Q@J-goNFE(F4=bik&W5IHmhYLWpILLveyh;Hl;-s1DjJml z2I>c>!0RLL{%oaV=WoJXsV|8%wizf24vTt<;vE<0*;SieHxv>(HvZFWECQlKLme1J zjWdxJ9#e@4@xLUf0Gkc7MW8QK^s883G4gi3Q5=rFXhJVL~JUh zwhWs#;iUm*p&hodN;jZ8gduqWEqfu-1iB+aKj!ntUjrS! zC*7y~{jvY)P$S%|^;UWN34AI1l;M!`{yj(0+q5{yKf<9#jAbsp3+3Z(r-iZlEKgah z>`}AtfI*JWo5;bK!olM(tk@JR4RExcqR!`*kuEILsQM-zGvC1-+wPst{=)ldKrnL_ zu`t?hDWbblRvJEvLhZ%cJ#SD{V6$&r*QDC?Yc8x`(Odm)1$UrOMJyGuX{K%dPGnz1 z#PtuPWS`<1WE=0#3v7?}O+|FuJ7N)vWJu0C!Z?ulRUz>;GaLKODgpub_R!hChoNz< zm()0iCTgHV@Ro!#(Py;OJKy&Am?@uS-0nIJAv{-?IaZWpl6JI7#%_#ZN^kOPPL*b% zg=Q9wZbz1m5j3rC_cCfU_I(HNU6|bH@An>0wWiR<`mdQ0QS=%4qW3}CWlU%9z)3%7 zUTJO}G*SdKaJL5{CHZ46z`8-XTC=K;tkXy0&`P<^Kkoa~!vt|$O@mNsVPQM)7>lZM z+8;jQ1PI!xZS$T#$5CQot7^btos;of-1AG-;nOHfy_SvE8$GRcQH^ly3c#-pC(& zOs^ZO{p2c&PTY8DgmVToxMo*+L^mWRkmkd;F*PMw!7*)Py*S6-zxAiv8XUU^k-aNTyW`K-Oau_lLM&z%ZK-Oxa%- zs}{+=l9~=lxqNXcD~qQvhZ3f|paHHRH|b|$Q83(#?DugPzVR<)Q4QgYFdB{#3_OU# z9@>Eu0bV?F34ojDCbcA>Zw`#LkmU2!Xn<}$ZdYPX!Nj54!LJV7MzgG+oDkRpkH_za z#7Lm&aOZP}lB0d;H{O}`FD$suhM-us!ucKE`oMt$d;I&=cE>`QI;7OoR{e5*S*0)I zuasK}wg-lz>ldSyo@G=$a&T~1&27WKC{)B7 z473bTvk$v4^dK+|rGD-m`!kkS=suNOJ^HCdxn6`xt^GgbDu*9m`xC@P`Og+1hM7i z?SC5Y2!k+wtEU+m`l@G!W6E+aE&KNO9Sl{Fa*Dq3hn5Fm)f2$tdKWLcA6YV(Tv}*M z$-zRxN|!N!m6GOK!-QfeaBS}YZ0{8YaJLZA-sT1X2#o?orhXJm{Uj!A$%gI_8RpI5OiHy*QFJi?va6N3d&a855-@JREy|r;Yi4p96s%L)W zMyFiG%20Mq2Os8A$D-xeC(q|`1M6IyxXH=MCsmIp8JAv|w!cWb6~vSbogYR*C8a?3 zH>&;p@dMM3R5p_kN!-Py6#^c|4QwG!W|;njdZAIbncHshqKkcFNLSn&mXe+<8Q++E zH+e*A{j24C>A+^7A9&orY864Qf=wTKo{@fn2S?h`n7(#1w`5{H#8>7$qITG^7q@l) zsd<;N7s@mDImggev)K9dy0!Qh+g;f>^|WX}H^%yuQC0e(TU;l%>Nou^U=I6!e^gM& zy5XU#ojGQ^RPbAidaSN%bM0Yy)mDUoh-mR1Fil5ZY<>BQ%reDo<|BsjDe&bIOKh9E89@_OIp7Mf%icGdEo62?eiM~Jk z3DFC#=BAax*r^S7jCIIHjB8^L+#Rr!@TTpu7u=qBnj*1~?c@F5O8Xlt7VoZ4m4BZ( zDE?S}{m-3)rMRlb0{N>HsH(ssR6A23WX}b1!F=;_ElG z)PZlvqgfJ?8UvbN>M(H1s!U3VJHeHnUefBjDlSg@{HokTIkI{sydp9Fc;pLsT?vYD z1s7>Mg;BCa(J-C}FSsW%=(U$5H*Hlfd9KRrjb1S?Eb}JTGjMYnw`sngwKv3-#y0l8 z-phTXmoooQF&q(FnXrp1muwK9Eqh`jqC>yuc2DxO9DX3sXMH)*;mbI1kjkt7WL#^o z=G{dm#+bwA9GJ1tHYATOP2~>i_6XHWTJ>M={bgOrO3i1c@@V|B>QJEMpPbV5PyUMW zF1sX`Q+4aFDthhkK1;UPrFn|!=??E!vP+vucWLHG(z*rGIxXLQX-isSAg#$(`NUBQ zI>)BIfC2@5obQ0Ix4M;YXK_Nlg`A%sfAu{^1C#zEoXN3GT@qQxrQuJcWiC5roQ@A0S>AS=|i=sEe6a=@Xh1u>;)Ss18zUdHdjAd zSC_qHD3rN~7Jc$%Uzp}WJKF2AU$Bz3p;y@9!>81w<8)3H!A0JuG`=iYe;rKXM4R?| z4=mY*k_>)^y$YsnVmqOJc;`v3Alzjq@pj(V^?{z}3NiWYA)n+}AIba0ZQzfH;-4v2 z2~wboT&GSC`l`a@J?{+N@!#Qz8an(S-TMQ()()p9Q0`ib{tp_O%#{93QpaBmPy6xd z%v!S@pZD6n#6p#xz{%2fLs@u}4a&|yF>SVfPF!8>9kjYTXmuTzZWmjB<*}|-VPm;8 zWmUB^WGGNdNIb0R$7L_+8*s2sQ}%yC%hQDA+3r+S@sgeaGhoLpyc50Pi4%kDQO|rh z=-_8i%2!@Q_BU53I5oX{50>;)n0Z*N)vFs|+nofJJbrYV^8fi}{UhaRW3BzYr?3z& z>1TY(nNR5U)E6*7XjD8}s~ZyKR%=Lf&TO3gC%5$uH~Pau^v zJQvh0X({!yELrSy4Fh^9Mofxbnj05 zylVEc@1q7cKg}t5*tcspqF%zMO)1CoThd-W1g(*SeUr?RMc3|nFTzm`(N($%Zv^Z7 z$ z=GkKYLX69kfr!&;Jz)ndg?OF>~6g}`Z1q^iaHwttYxhU1Ro$cO+hmQ&NvOzE4mTu`v zGLi+R*OvYU;+B?$wMuZ5%e`&>CV;MRFQL0`DK#mup2+9-xw9=`CWs3odHnkxkt`T3G}wrSZfl`;V4-I)wLI)W6I*BXfRks%@F#8^Vk5t8 z_YK#3QaMw}xvO*84w6;$Qa*1~RmN9b7?J<|QUNZ;%pvhq6OKw}EtoF-G#4!1o;RLv zqW5Q58+{X2t;q2>H>^?$R_U?mQ`#Y^6I~F2R6m&HJx+aW<6wYi=(z7oxeRo>8dheC z3&Lq0e7Y-jTFxP(DY)ZqW#+O3qd4c#m(#REJO@kD4I)Ob-j4%Q15=9OSSjvwcNE0& zn(tC#{JY+>NYCyGf3H>j%VlAFW@a6H0=_;Q9H{PSZwH;XB6Ug6rA-`v&SHDOl&oLG z;gIa&S(y&2m9_)9!+qCS{hLc3*5!6ouh@x69myW{)`1JHz4z_|4fVd3E&a0`X=tjn z&2#kY4G1&N2L2Z<&n&V$Z5sI>PDsbcqDA7>0yO4ba5<&e1pK$H9fp+8jejUHL&jFPqH1q0jHHy8@DOhyP}4E56OgtH)YITr2L(wKGwSx*$nh6noj% zR@`sPdH%$p9h*6F^!0R2CL;MWd0f)>Z+=>4~*7IgJfec1DQI*lfHtAue~8jFgrVi%3RG?kb_h%u5ED*R&H$IADB%d%kS`bAE7+-tr=%m@cal154kz2GNZar8( z=1FC*bsTS1*I9Ut>q_he?hxyB@1voHXMAXK*ba!f24=j&8>1sVrGWh9Oqh%5>f}nT zdt)UG=`xs1w3##M(7CxBIw}`G2WQxH{qPPDn9QEVt^?=FK2aX(JUO`9p$~_4hqoBz z#hN7LwoodxIfrUwr9FfE6K+lN1a)0@io$wI?0wtco!k0Dq2egS#{I)<{>z>xWtA_T zm92kA3%_~Ye%UEzeY(sbpj@&lZlNFm>&Sur(v%Kt^Ih5hU)wD7{x%;bm&;=wht($p zu<{!XeO_6Pv+2~Ko#d?^+qcr2TwD+?3j53e`&>%Qt^YIIf{i8*E^TRm>RF40|KcFgn+E4 z_btwoLO^*R6aw~9jw_Tb*g6OyN173p0{h>T4Pl_(SN)kH6~k3OSCm!t5B*yb{SrIeWl-|=VhN#9x~9)}4?$Sc<}O2Hnvz zccW#h>A*7YWXG={4fB#-f@MxA`D^fzmbsjrkId3_lit&w3Bi4T`sRi^6 z6<6zqzXxD~cL-NNn$GZ+yic;UW8{Mmgg|F>rT-wyBL|iz@X?+D<2c?Uz4owx>sPldPtCVO zd*PXV3^{Dq9tUO&UNaFxuY3&|p4Zo0@Y7DidNY=+jztn&e$2F73PoUXCifTgES=j4k_KgLl0Vbhlkq=?E`yI9B84GHfM(n(!%xu8_lWSH7mI@ zNDDnUYzRNAyFCjtAD;ySdrE7Q(A4-PFRp5=8q?nVn6paRw^n_ir@4Tal#;qrtqiqJ zUcVI|&RDW|^7P%?ifI3orS*Qtgr}#Uj&Dpg?z@VDR}WCpjeQJu826GRCix(KcA>4P z$c*PIN{Ua(e(``%SO0D#Qpy}p_|Jr-c3c7dY!#+=!NQ`iP@*c3m34D&nb+*h^D@d- zWr&Ijcv7Ds6@KF-S<1=9NWD@vK8~{%5{{G;^(Dv zkdLKvUh~!^;FCV22_dXptXYgScstN26|IX+l4` z9=Xrft>`y3^AJJ@;*abk+bu$-Z7f ziXKw0+dRJkfAaq-MxyEGOs~?Sha?9NIgV6X(bC_pb9%+X9`=p-xkmT3{g?&Ch%Hz? zCL)(QoX<~Qjqbs`frIF*MtMn!i)ihpWxq)adn zSr>72f;~kN_{EmF*Xdbio7k7fJT8vaM|BVzp%>#-cCW31V(cYR==fvV{5x&!`7lz7 z_&a>)2d&DKqe}-;=kws37-TI!@RE@%+q{R~?++Ezg*`(>ftT_W+<`bTSIKPkD%YUe z@fKw`#M$v0a7c3djd|px`c{Tg+CYE~Pcl#X`=1F>vu)cYWA#xt(J z!|9Y!YYW_xa%fzQWG7m?JQksk>Br^@+a{;5MemUiE@i(c>k83>;!`=wzh;opH~|5; zPs)(1VJU`hjL;e)PBTR9uFm8>*NH2xUN?9rbZzcr_>_xZDEERIJHMY`2*@axx&bXLsIbw1ua z7Zb=2&Z1(h;t0RXZS1nW%_vM18vgq7n2#@C$thju(J+l%TcdjyoU8~`E$w`!2Uric ztTkqCT3WxX`b1oIcIwT=v6t~CIh{u4lm2g|>HA(T+|4bsIk_4EgxQaoz#EnLQ-pv`tt;lL+kfr3vEFMEmmT7>}31 zCanI*kXda(hu>%AGO@L@n}g)jvwyWcC+^{zN_(s@62!rzsBX_2F(|H8yYEqm<#Nz^T7ulMZv=^$r|!6fs^*SxNgo zbN0ZlF#5m6jep|^pRzhT#COWXQ5Hy2o4NCT!VHY2OdY4WxN}zl1lJvT8NtV;*~vja zMB|wd0zxLh2nK&FaqpIXgfTX;sZ~5XT%(B$zLt$u>?Zz*hKqRzM_{xt50?({>5@D1 z?54bh-l|5mfuHEo+7Zu&4zY@gC@QDTr~xO;Y@~UXsV7GXp|L{u-R7V#zOQap3sy)6 z=CI{MWqrqMX+D$|_itXSfMZ^jS=7%IuIpk-2tTuq4BQzIcbb}fG#C%Nz4*0_^-2@I zjf^YHhuLqw06V!KKZE_GVv?^yT`O*%LJ%512#5;}$>krwu*Eo69i3Ad*s!|iG+i*= z_yu@GY*NHpl_9&hjf|%=KUX_yG5`}|zb}>6?`kNRq!NgY^YrNW>bR7!pLp#&c=(T0 zaO%Sj2H)IaovF(vRfdh|{A9!~8_0CjbA!O9bV}?!n3Pm7IxjYRO~#jnmX?&ikYk)4 z;s;ATWm`>I?;%v@14Q)Ke4_$)c%PwqOw6>!|4@eC8dE?>f7IbE!f!x7A*65ee`_9f z>OZF5=GD2}y>!D3D?R@lcbz_|2_Lq~npAFk2Ne;BCB;P>H(+|{ak zb=w+ry?26ZyX42n&Tz)_r7EV9b-(nI#JZPxNP5~d>9F}WWx~Bn$KxAMKQG7Km~QEs zYLQ8p!ik4wQ4Q~f#f+RK#m$ozQfBVlo74kD$9s>6tEE<-XG(Cky60XX6u<-0!pU;E zb{7$g${y=kvGFW?#7B(ZS&XNgpCZZ{;cQnL>cnXF>*h-mSJj`s?DJ<56(El7ec5*> z+2#1j^QXY0H9*#+Q&8lzOL9e=sh|0;HN(zbcM#I?@%GROX?A)z*Qsh(SU|q)IU->A zH5k#4;3&!WERwgA0bpq8(xhXa_78%rK10j9F6$>bl?SfP)8E^u$jNQ?Ux-fj?C7_4 zKCL2RwChZ<4OYjgQqv^1712g^Y<%x5p|zs`Jm8jfcOwkQSadpZk58n$YW&yCe-zt;;hV0_Xff{Nzd9x z503im@E!qEQyZSb8t-1R>F)A*_GVh{;j1^iq+7OPftYEz%U->K--Tl)RU(|l9` z5P>cEuDLA~_E-l>eV#~Ka>|i$ZDI4AP;lL#x`QjW1-L-E4@C@e8;Lq74Wf$MnSP&1VwZM?_;`M*{@wxaI_eVhkL7c*%mxH;Dlvw4 zVAUbB(Losw>ww^-m#Y3ybw$S!=R&oDW&) zHIc%xN9gVwJO;*_5sder5w0oe_&6kTHp#k%%Vn%*#lqn|o`Gmz3s4+40nxHQ!o*?5 zt!;Hv;3%@&fyW$6EZ+YxuE99&*qMg@3YprEkM<&LF%C{)%TmIh<%ISJSC;#n^zM0X z;2}>9XCwZ7X|qr-GP_1KwRVre3Z3XbAaSz_xk3UqT3y%KsBEKM+h*cpcz58wO_7>s zU}jFDYS0~B2WFE|apoa%jEk7C)v;GJoU%U#+?yXbIi%;hP4a-G|41!Elctp(d0&Cc zU%viFG6X@6*#oW11N0FzDG=0@TG5BW3A;x5n0RixF4W`?VlHX6Jx8)74_^Q#0+z*S zc2_ZreUZU*FmjYAq5Li@Y}=jj&VH3ze_?o2Xz$xT$tip$m8@S317Nnse$g&h1`S#khq;Q7fW2dyG;}$&jtgWtBQsIoU z4HszHn=-+eYvd%0uJ2q`2k6x<{)^?7g`qp!PU)OqZ+__E`C< zsz?aE@HkpR2pa^mPZ7!kcD&lvkZ9X#yD1?czH`?GvflW(Tkdii_?fDeuYD@jFY2{> zZV<7|e3{mH0-QHF0r%d&S=`t}@9N4u=r7X$>K|A90nf;>a_ocbrtS6T()D1$h4^w7 z0eZOuNPkw@UfA&+-p2sxZ`mEGy>+Ox+S0L-I{xgr#E{hA81MVJbf&#>7K;_ zeKa8Jh_x|Zd60F5y;L0L;&@gHy*cPf-eHJQPDadL+=@}KG^K1}pNeL0&S%CqBOD}( z1jjyH*+{`F)DLWarS6V%E~@C*9Q2&EJoy=c@}v7Y1Jjm|Y2pNbiVV0321u@rFAbTp zmWT}p$vC>pY0vl|>65uY?kzQW&UdW0z-4;yffG&yVw7bky|NRsen*;Fc0?RbiT}rS z`jnT`o?pZi5I;O^FMZSRn=yzXyTa9U6A)b)Dn3hyOKAVDM;-m>jbzP^5;Q}vhZM+j zvfmWkxpBFE-P1P}Tt4O))JD%w z6=>=_nk`?hiWarghq)|stt~3m+*u`Q5{p299wriI0|zAMuM;pTkr(-`Dptpqel5sI zxe|JY^L>6@gfFg<0nEiYg(+Xp`>gJ`nXTUZ*I1(}zoT&=ddT_ZLQDAXs?ZY)+#{-{=8cp)j!fnu}!l2;6Q|nfptFm0A;xx}HUqOFCY+Hg* z*MU%`AnPG(${P66r7Yjg6$L$?c0N%8!dLI?nUZUB4TK>^Mss{pM4OCz#d+mZS;b>a zFMIFc^`vcR*>e#5c-`~`qei)v>iS@~%Cy+jj5X%*4L|$NzQ2#M*lz}JZ^LJ&UF{Gf zd2ZHQR{{Iso9mmC=L}m8vo{rh+1V<^4$45(er_L<{Pk-9e*EKKrP*0w8^j6@-H6;( ze9T@XbpEXghDMvwGnvmjmz#LYPkbZY-T#j7w})i(7z)L z{X28<6F8O|sCtKwQc<1JYk?KcBpdWqotqBb9DAXl-&#YXbVDze?9559u<~IFIcNhF zrQ>2qN9y5cNQ7VT?U;b1jGYD!*NNK{2ED zcW3u9mQATcRadpTtVQ+ z1+_c?tqc`7&x1Hd&crv?hKb~Voo?AKwuJ#I1>1hdY?b0IJQD%s*QLu75_xs)@6h>g zdW|aS-2A1+HwR)cJ0L7Lw`^R%?>(rxhV;30u5{( z^DW~WkVvwdqE+e~`-)z6hxct*<;R?;Pgiz5XSEkG%(Lrx(YaJrp6fn3oI4!zJl9}& z9Ya~aV^UstZPcLBNGd9g z%%E7%VYxvJ<0P{Gm}8OS_qR(;dK=&54C)@f>@%9SxU_470OITGFEl@bWhS&4rgY`8O}0vR#**1?!=)Z;#Civ>QgGtsv>A~lKwCoy!JfA+}L3=HIU-JYEt{*okQPS zDU$>qR0zP~^xCT|x1HpDVS2l1kQF})=m(eTKJO{6!RNfcwhKPt7xHJ6erd(EeDe8) zHsC2jcQeTTT?M}_CFB%>?VJ$wSK^9|7+6!%9(Kh%7U{r(~q#RA0C(+jS>z zhsBfZq|7Mods;9;$4h`N2u);&2(;RhNpwnNGPTzA&MQ{=s61kTZB09kSe+H4y?V`-K_kIAC&O9T9 z4DBM`ssLt2ayI*$6FaF$wZeJYBWpwU_wTbODMc}aa4GrN3|CbGRZ{=QE1GF356IJV z2&ka@0bh?&*?G|9(XOcCi=YBF?Z&7mC=VMHnwC4OG1aoY5kUo81zp@e=0MoNwnI5= zcM_CAl_A|gOoYi9ovR+qBGf;eJm(BEG>cLt`t&@ktQ3!kB)v+lzwGrz7u7m7k?j9_ zt&@%i*gzWA`DpdEQ0_Ff#g9T74N_dgOZ=o@Iw-rWn2ZJ?ih<+ zi4!@dzoge&8V97NX7~V&BDL(U84L! zSf>GOxt(&wgugRc+|HIBJ~VkEXb5;SX)XIgkeL#rg@Zdba)$J6>g<&prw06@1lIr% z9E$Uhl)9VU*Q&hMDCPP)IuRA$iU62MTmAZH6GH@{d8)xqwkM;Nek8?#< znW2=CjItBSzKoJ&WRHv}ijbX660#~n5t{Z$AzLMilI&zf_Le=rkMq2|UZ3~p`~BR0 zaU&h9J$drOvnd*rzFtPO_X zjc_^J?770n)cVSeAnht(5;yBXK{_kl=MF%adwBn(7^s3EUfPBg?g3jrFuwWiTFUhI z?>*NjI@1v8shQ!dC*&wEi_Mf<%OGlaNPC=As`hJ*kZLIKfv&`=IITh#?%0gVwFW)m z(wtqt2H9sGvuE{6Pfqvw58p}Ovr7lBmZvA_8HGZ9_ z{Hd@(xD-Cy=;eL;I9%W6YRv0v6Zkl#X_ssYtGXKXDsT70E{|^Gt8hwWorPPD6Zo>@ zR<$+noCdr6jYGO4!BjTu4ts2#E0d>!T8imz?O6r9`2$79ntRV6vVO`8%{U5@xzIfP z1#=Ghb6JqcW!Mhw9xT!{DD!*fZ(c2DFHYN8hSviU&wa*=%pewMXh&y5%5D_S5?#Fo z|IjB7w3TPiFfYRG`n8*;%w%=CcB$Hb=@FGB0J#OHPqGAFLf$Z}^)#^P;?LC|u?x)f znT~Pmtwod}TW}dVS)n(PSrKd^3!|nEcoeC1vn;(eOo1j!3&kstgvGE^yt2iu50c6xWl`^bStq!BrW$pg# zlFpac?@0p*^ss$|AL*SnYG2i=2h+kPcyn!c(yuB1R5_X;kmS-@A#G5d7eytRJRlI` zPrcE=_37yf^U)+;f6J%4|SB0juWIRgLfjs>pn+xcdc&jL%+t(-8-$wDB$dzB$#>miKfI=VXgMabN|N z?lrI8pQLA4-94sO zkJ}f3Uc{f|geR8*A1MsGx-eEL5a#E_GN@wjg)YhuPTPus-) z=c(;iDT+PbP|y5)8Z>#QQn_dIUYXRT&o3)+dF3TMey%fbg1J^!8#JP=sAco-m7G`P zPz!vjH03Ve?JyeNCNOfG3H4>UHz`Z2u7h#>WEAmd1S#mHKiK~lc(v#SoDfe=+a_jZ zf)q0K8<)A-a*{rWkW99;;{tz^X69>pI~=Nv$~_CSjdk}`j)$E8Xrxr=vtGc_ygCfr zf0FB7lCS5{c|Iuwr$#ldqteF;8-K2ba8+svfh`>FYQPCi2|!TrdzR z5zy|sN&<5Ze1Z6wx{@S-eS>y9fcbM>*sZ`N(DXyWLun3yS8Fq6+atICGOz@i;`&Ml zUn4i3%SopGWWRZ(mqxD3{v^B^u8iGwB%rK3HZt)gn7^936{BFP@G;|VA3X@5x;d5u z-;5zg0PVWFuW4johJ7v{VhkA;%36UtsJf%xSS{D{XS|_;A&?J&iW+?5k9EQRGxX0~ z%m8MIcE;^f<3bQzz|D2!;U6wN_j7UE4w2u!&g#Cr^my--|LjA}6lO9Fr_LvCim7KI zgFr9Ih71;bNuC3;1U+3j2w+C3Z64mxW+459+6-c7_Geg?v2H$zHhmNO3*Ei1fv4A| z;Nh)S9q4f^PVc-oLqgR}&y9f}+$94SJ$osf8pA?Hq(a_PTo&xtD$70{Y49qb@&&-z z9?%d#)O~d*i^MXzoTv1mEXqlkXaGzpmfNwn6&5|iAiZj3vSo9%r0f*&x+|oKnQ?ei z#A7UMH;s8-$Sz*8=G>P8CEgl`RyKqV$m;Y|QiXu$Skn@@@N2src#OW%)h4-*7;>se zx&Z4OqJSU)vA_eGhtrJ>ZQr2YkVtD6<;DYpKG}aKRC92H2Sl@jsEW;ef$UnV!oD%e z1>Yvq(u}Z(>JZY(^>E(7MMgW9r;?Vnt?$O_-?$w3m5MSD@TQxf!i!lM5!fe0*71!Z zaL!1Y8S^#MOb*^h*{3QfD36{=F8t`M0VuD7y)xDp-2U6hJCM@`oeJO8aY?6HF`x`z zIDkSt2ULviU5j+Apnve}*-Oxu&?iM77WkmlNRm2V{SOxasELFiH_i_&P#|W+0kk_^ z;3RhLG)eEp3c0Ph+|~Pweb+nI4#sWGX1WYC1@RatD*{~}o54?TK?VF4e%O2P9Kzsv z%nE7=W#cAQXWF`i7{)$Y5VnvX?`tAQKLZNgW;#&lAcXh_&UCLTzunrtGBGloHB#dW zl)S1@ILHEF;cJs}#65(R8@fLbocFoMpj34p`4=Aw!b_lk*u;KW!?yY{1ptoLqz@Zs zaa86;bj9-TELNz>-VJnxYlg){Kl<^BRcPlI#e1Jfb{^DsiqowK* zIHd=nO|RnC053k3JkY<~&aeEn?QDLTu&=ZGA?MVO(|2!3pvFli@PTs)9YXl@7!^GP zjvR>>LNJ7Fr=f0z$1MV_ytS;dV8R>*y?K!3=`);Tt{JDb1Tn=UVBZ|Mu|#Z9j{4{otQl}Qu9%|v=?LVAv@N9 zK=b5WNfcUB7|&zq6xcE{pwfk0Ock8!3)_Z=@V7AlrJHjiKO>Fif=nwWQxNC|UUVyI zDe?yz45+t;n*A5TTsBYtsNg6?e7?PiU7A0t&4bB;5h%kZb2v(*I;4ngNvKfZ{gf1= zG<>=OPvbcIQ_HkF)gM2rZkFh%X=v!Enb)(k`qrfmiDi*{0z++7)UGs*(2q39EOo4Y z7Kgk?1CQMiMm%UF(=(tlEQ~sQ*r$MMHr(1FDx?^IQ}J7*XcV91L0nE<1;gvb698ZbshTYRI?|f$A}+I8~{qWG5{!d)^>;zdVL*zlSrs~)h_m#59yc* z@6!avesaa5ti!OjwymnM+~l43b9e~?semKjfY>)Im=OBOTLHq<>8P(q9UPKz4vUmr zCB`A7NaG;9Omn3JFwRtJuzV@q3)Ha2+_RhJa*TPEvcPVQG)QJtX-tUg(8YpDAY48E z#!g>r3|qp$$0*zK419?YA~q74j-`NML>&cDx}eq!l|V%$f+{7R5|8s)?E0@-7q~#e zJG&T z^y9R4ZhR-a5>!S``oC0WR2Oi)H0@kuTPI*>C!aSKphp4)7*W4|INLLzq19wIlpF!G zP&tpW6Ja!zv`z8*04Bk188ImkF#9vmN?OwsF@qr?dDDVTR`}URXzN&$*rvT3l?x=(7JPN z^n}-Qh+MTO)za|NWk8jW`YkQ(WYyPf1yp` zgy{top+H>)Y=I4%&S#BkxhGFv-beP3>H(vgai7LkcM^QwPa~EvqQEt(jlX%xQ3ky} zX-`I(h2)P!$u3l{@d_%TH;<}Xq<`NE|Nbp9Y_N7g>`o$j5L(GAs1vT%TaMI2rFvOq ztW}WX(l|s5cZfxXcnSx1;anm9_7w+V}1zS!|OmUiYp;FZ07k0!xY59XiZQ2Q7 zOPiis{oU`)(PZDToRvSMyq^x7pviII#qF2$a^ns=Vtt-{IYb~r>{q-9q{ei zm;q=YQJ-3B+BHZOpYr32AoTCixPXcY`JV(Zg3zY45{jENau}Z#&7~eh&1WJN$jk+f zA8KG7S@2$qwmg;u;ey{+HRb0Q#y;WkDOLpC3Unn+_FkQOH~2f)>BD`pIvZhG!5;i+ zAb$fN5UAsArR5Khr@R6d`S937JO%Ap-G1|F-;-v>m8Gnv6E3gXN7PYY8z@vw>o`G* zkf+8p1o48&$ZWR*j)BZ)1lJoh1N*+PKcyan2>MFbIJtrn52X)v)CHAs;eo_w-?27u5yd}`(u6V;+ggJ>qHdh~e?w`sr z9x4E#_ZJD(5hc^gPe-OtZ-grt-`KFy8GKDPnw@-wj0&~0mX7daE>#&0s)lhq$#oS$=3$}~gio}i3Lx`;c`Sjr zyoyZ+pP6{g(-ZMuk<14JzA*eh%Y2+;HpX0@So^~(-4-}S z7AmVr)7TiRe7D+`4tqcs^xqX2=YSO;)ECGCWpDD|CMd#6YQR?YW3+{vtjFju$l;7szMFmfe6aaV)Hgre5iF5{ofeZS ztQ;lS8=Rpa8`8KAg(nN=Y|MIcICmbg!8?+u!}kwz8VOrV@n8CS;|pir^3h>yM%YWm2cwdzJ}Raxm0c1>(&>aRrNQ2tRKW z$tRVncUxZDQN0Y@#b&Z#SkOELTJ zV}IXs#6rG68U6A<@=7E&;=RzyzqNt0xJ{;VK~-^)aU;5^PWqcuj=@SuaHQfmgqi za3?c9VDAgF#n`>rB+~)=eNo@WfCxV@qI`J(O%@3mXXfEq*nZ0{TwW>~wfdQOZrvcs zC^GdlCe}jeAhqSbphrm$H^5*I1rk#+Z_~b>9Q`RT=eml=x6{0J8Fg$AuDK zax0b9vVYC*sxX(gCy!%pUw$K1=9M^teUUg)Zve6q9FvGVOECFOno3&h7);)A;X0?9#^cz)v?^^xQ4P8o5JFYai^o2y?hbU8a^UrHJ~? zl{jy2^M2kcKcTqt%1qh06m$Pe=V3Qh9|s(of-NoW(X*gT7+oU(ykBpSFzqjbuR|vz z1fi1=ULs^g%!?sS$YPgjh2j9gu>d3%FNQ&4=t1hx#1YFGm`C|4u#VsQz0O{wvd&3q zXq1#|lpp%cmv+P*%{4t8GS+9o3}>uX>N{E@vi8C0Ek?Yw&{Xw?GnE@02!G78TV6s`r%>QK*m=Yu|_j^nC4 zr`z7mWW@iv*6sYw)2XSILQhk50~5Xi2%j{Z=Q0vLgaX}<&(1*>sZHwOZJ{7wT=b0f zW13JBV;Vcuf7(=*&hWK;9Qjqtq<6NA_#>(|y1NrZ9L^KdJtEZMP&`xt4`?Iu8$fDzzM({p0eyBZ2ca5y-Qpodpe0ip;z9WRRh zrfX)=t3)*jr$7|{T`3bbV>xn0SB{%7QBqKRMuEro;FFdTOl5C4A2;MwjF)u|$7CKjAPB{0&K2mH)<#>)oPF)B~EivhvgkGID(Z|Dysm;y%iD49isf z#@AIyPx&xwW6@W(l!6nFfLVVyh=Om8fw%B!yPzAt`5yP9i9owS^ z!i985X+}p-Z6yM^yZsL)`(_?eV|Nb)CnbKfYIb2ve2ApiqjRXc1R| z1!`2=8*?u;0`LwvdEcv-1Ps^Qy*K(~XKGHZD~I$9-LbcTvBq*WeOt$Edu{)n`;f)| z>%Je91Xjbp$sX=2y!OwE{DfllTYJk@v?AK6i6dQ{gQ5f|0v&?Bl?oueff8g)hzg=c zn;-Zu9R+UzJMZbKc95KOILaa|_u)hAr(&lqzLlywt?!~5$Pu6Tb!@w?uk0x7+3Sg2 z7{Y=@7(gcU$8L*&G@EX~v_3KiEWq&wrwNv|OkGwsU(PU)#6a`?3R@70^iW6lR0_}j zRbj4+3Gcf~wmufF8Kn~?`68+M8&(3r@IRxoR%%o4pnO*W*CW@#v@h-&wq9@#3D^nu zKw>F9c&jYsMB4;w#hMDB z@Xuf=lznsz6k#bI9*yB>Kuhrt84J;u*61g8oZf$53ibY;z0kp^z`$wws;v(RVwbMB z?Ej;Nq6#;ZV&{Yc#?S~-1tABaB}@QLHo7}v=9eWq3kh%Sq>;*H`7k={OE&_|`j~HC z|2;96#cOuG&ikiiUEONhA)}jhthlbmp#W$LD^Wh(318tL2~cX`T+!r|7H;@b!Bkc=_*zo;6nI3HG1r z11JQ64gn}cncOq}3sC>;ydDA#BB3z-PoC;(X7yU6$v_bqbIk-la0Av`CK{u!#nehX zR6;v85p8!fo$Ds>bHU%SL1BU6$v>$!CMCiLe#ZCO()g^F)YU^1kS-gE_C52pm=nR_Sj=NE(PvQECTL|_tccfuM1mW3P(N> z$MA9;dfkLpI5i4Fg_ORY27DPfKbz^m`8f_yKGnuAN3&2HGp{$Sqje}{k^XeaW6VGu zfmFb!V49&4xOwID#=?8jDT>Af&#ON3w_R$lA>YdW z35C8`?jQPTZ7>VdTP5X^P}2>!8owfp)eVxs9YP}vt_is)s8+ER4tz_BHf#K1yD4Yp z3)zH8uB0&a?Wv?r;0VS`NtazW6Uhb9HGsK6r=D;9&|q8Z3HI|Uw4RkVZo!U**O?I@5(TEZWD z6Rb*{YNKh>(dPDb1q&J&`mDB z8zYY9p=k(k@o1D25<1m($s;W8oFQ70G<@6)RryBkaUVx24BxK+sMG6$3-pEI-RV))h<3I_#sn}{$J?N-LCtSb2guH6YT!7r?AI7g z=fW9PG@W^v4q*UXM=_AVtKG@zH%id+&nrTaQ7uPW;Ah_7R@@hvBKMA?-LZ=$L^FlO z;QJFsGL1*6JF5cd3j(~cmM2~vevzAVEaojiw$H&-BKe9hd!u+xbJgJ*iX8v$@=L!3 z85X4;{Sj>F98KY%Vo;pJ&|sFf6xR>zmzkU%l0dfZk#b5x&bjH2E%#xxUlIv#Gku;L zLrH88L#BTE05_boWr_2UEjX2IJby+y6Yjh{Ih^e7YDq_l`dcJR-1q9%aSaB!;hr>t z5gzT1cgI?IKGltUjd(8a9Keaa6~4wN4E92JvN)U%S5kE6yf&e<7cS#yk7PZ7*MR zn*Mrfz2@WWKYrmq=gIJSqNK?BJY0Q;6zcz&rynjnE+@j1MmS>Xm&c?;NjvkCj<2$k z)~vD>e&nJA;UFeSJYtgU$Waos(itz#MbOH7)zwAsKTezZ_(GF6(QkS3l;v70PTqeYMfTA@TmV-m6m#4ya;o~hmaG0qRa`xdHM;}@W&D3T zLO$;FeItGVRTi&Dl6;ge`c0n)LnSEFe`shV$-GZ)4qc4y|E!@IY1PHUvP@a+4&9E< zWSWTcVy*H2aV?JrPD#7h*e?r*a_8mQs`w4oeZPBz=8^tuf!kQZ@Lx@D#I>AML0n5n zgVg$&qlLm&!{dvCN=Fy024F#B^aGxu#eisdcO|&0PiEP+d%3k?%F~9;PwS$bw>1DD zx6b{mvIsbD9%7II7f*i_T>P1f+B-`L^d7NiUmpP0qTu1%Us7m>Eu}QO=iwqa3ZkQ? zHj{NP_p^TnOGHXFn2TNl7)?U2(b){5XQB(Z*K7K?||Mv*C4dH5<%e&WYY@Kb*ci zs*7WfMM)n@hEH#PFrN_aD;Wukw}kZfxYI_$snyW~PV>i4417MY#mT0&Qv<-s3?qGn z9SyB2sp%tKYoT8V7+I@1bpN(l8USdI0{g}eXuGi|d?Nn`rwcG65u(_eEkyZh# zu^qW(K*#9c&6xk3tWk>fq=2iC3Pdxiyxi-&e}fyohg#9d=Cg%;!IDHiZqQNP5)xR` zz%H1pt%-3M9i$)C!t5sWntPxs>VnxBL1~we$@-bCqUlqu5>=|Er|XxXHQrg#l#G$t}HriM2pJf>DH_ z!Vdh!W=IQ$ebr_OQQHQo<6J51GT9^gm&@G+lyM1t2Q&II9R3oL} zu55wE-YaXr-J7lIUS;R`KVXDVwxc zAAtT62vaY(w1!>m&rw_M489l0LWX<)?YxkY!1;s+JmlsTum3E~+0^_GTXog{M`;wH zun%@l#Lnr1R9*|3+8jk01hpY0@dMh9VgACD`-={9FXN<}f8H~O8i%6aYDqxlxN~lp zt`4MY-%7(C6G2DBZ*e7jt`lI>C;s*KouEQVJD82JNJIj4{eI6pl;{g9JXl;)y1bR$ zGrQ&AD=M-g&5bodQjKwS?0#D7(j!(h(ju_R<~jYR)!>kx?^UuNN>FO!Oa5a1;x84- z9jXxtghF-*h3~o$hUd=xP>TuI_juVb+qmqtZ0kRZ`zgPckm#T@P=Rmv`0HN6)i!~n<)|wy(|sA zeiCt&udSnJjmdhy$!;bfMZXea?}sZvwJ1giq3u+vcF7^#F-RXRyuXDy+VB@NolT4L zrZaqd{Yv*z_1`If=N=W!NF$Z?D|}Sw*f^NsQ58s9qsn#)+`tVetXB^vV$BkAUG;t& zs4{KL{jyk>3Yk;rdD%}qw>=h$@h)u92@cq)oPqPbaPP6VVgxl}hDrij!(C?~h=>1nS5h_~{r!{hXPietH0VES#qNWuJ8*I1swPy}J3?F8=k|JICQ z5f<^Eo4@JvV;+%xRhSUj7n*f!BS|-Js&tfLM>c`efU`X+U+5hBr%M7<-w{OhMI#4R zDpmL5=YgBHUk*;;<(%HDIt_nSYM?nsf@IPJ)Yl7x=Y%eSf^i)KP_aPZ7AHRS18!Mv z)mdhKBWr3;qvY7^yXH$CjJdCxC}^RNV!o2Kb2i90MR|#rug^#$Z&x6@=jXTYfIFZk zOhLymstur3yoC^?9r$?QWR#J(!1;Ob!m9y*_z<6tvowdWF##kAJ*KO^c;DqgwEB%J)kpq_a|@7Q!@4GF+YiaqR<@xAKEcWD0s;Kgh@HHBC5Z$n;y~>Vgn`3L^J@6 zQ`re&=oBh=qdW9(jDRHsW_Al`YQcP=f#{UNjkPcFgT)9ZT?z~NG?VOM`J@@!F~oPc zpLvUqz*bAu$C>Od`sBa;Luo2$n2@=CH6G$UfOau%*qMSVaLB{Tt^Qk&MH3}YYb43s$b2^%VmE)9C<>E7XCN`c7i2T6aWJk9713G&juU)yBV0B1kA2ujf%>@lL>O>>J+aJmD#-_p%>|97Jc&j%s74G+Ojf%Ual*3iR#RxX$t z_xnV&vlny&PC7dK?v$b$Lh4jw6=+XWzV-XE2IbLZsUh%l1Nmj=Pw&MV^dyfDrwU&? z^W+LvCXqY_oaLHj+YlTb4iB1VSQ)ZX8wf+mW|`&ES0GY`Zt$GIS`dh$v-!Ch#gxE( zkcA)9RoDY1xN3i8T3oGTvPrwfST+N7WLBemhQ`o#tq7gRt^yBonu6YT_=M}gQwKqb~pg6_rkR+S0 zxqtP(dI@EpTMJ!(6CV`GP~09d4@Z;uNpUmx8%B^sP8asj1Yvt$)bv;roq=ZcGY_`FXu4(tA@QFDohwa{okh~_xIe}t+##}^3zA=GD_Zz$0lEdmAsdPCX~yCLlYV# z*-A0-KR6*_ANJi0(z+Xe-bXf=fB41-q|NTGh9tOD87bhzH8Fw$l7RvOaXdr@DPUUe z>lpf#;qp4m#jePbTGyu5FsBA_7w0D*`;oT7;}^kCpq)9`CnDHbGwPDP2YV7CYkQ~o zNV0hXaY2_|_HQS$>F|Vh>`WoN1r71~eL}8t4B{B#=s|TKQ?2y9lAcBe5ht(J`Eum~ z72-)fKQo*w%`i*lAI7MB3SN9QwYuq&`N$LJ%RZAyg9ndt4Dmn`WshxZ#p{D_fAc_$ z8o3DC^l0$ya)q&~ayVah*J78EMjy@-e1UsN<0@gV4$#g-4>|QI`Tm|iG0>?*BXC(L zhW4|f1=yI;9;-b#RRGT(91Y^Q0}WzBPLd_aC|^qf85c-FZn{AH&;gk6wE(0iM)Skm zc;K=x%dR?a3`6%(NNzCU>Lxlf3WjkP=s}Ev4svKf(3RT!jJi^AY$=U=nZUHa*ER1Z zNMg8hOGf`(=M_PRgtPF8%sdTt>W`%;D{y2LYF+!e`FB%%;^gXf*zO+C|9x>L;AS$d;xgg-qGH{-wkyWB{n_R7eb$wkWdCskhoQS?Khd1Yg4 zyM-ide09DhetjC!GhjBuQIEc=d+#0%u7u3mcdn#F83Ylw@+vn1kU7zp^nh?P(!Imn zh)YA)k4D+4QAGdXr!T>BaIi?guk~~we?|u=Zl;$OGC(}OM!7Lua>c1n2kNdT&R-AD zjfJzi$6LQthO-d#uo~wto7w(f#WS6bpP!$JjIbL{KJ+HaZ#(~K=AWb3hWWFw-67U5 zQrQqerUT!;orSaNNf+pLj;aOG{Xo?rw)tpuG_~xhdA`GDU(dF#pwZk(141{_yrhUW z;K(b@NMYzm687|w8dqJdSWjv1q%LpJ?ld$4Srj}F(=Y;A6#V&S!VR)`n91EPfVe2O zELnt&pTpVz#kkj_-Dyc7Jp0D@g*j;(c7x#jPZ;zsjwl^)Og+l4fq<$)AfTSr?=Svd z#Zu)rKjiKMN&Au9ij~;QR*d^WMKU>Nb3CIzWfmS>J~;kfhZhc{f20%aT7x}~5jx6x zZ*P2P{P)BiM4=D;mqHK6xRdn^k=S*1k;6{5o~HNiaCdNM&-R|p8NsmalnU>_yl3Tq z<+qLma$U5dRlq+NPdEH@^RR{RGyO9A*A@r8FJu*&l$GW5`-d$TZ9g0Es zAvj9#FX`nKxZydex;eh@fxOQ?cMsQ11?R>zin0?9_xIDn)6Q6!PB3}8j`0^1Tcu1S zWM!>2jPSB@t8_$%eoNYa6rLJ@-yrFX9w@esIK@Id?f=~A6*F9&SWM)mT;37=;|N>; z1Q(D86DfFHING9;MC!b|=O=r?^!WIL#zu{wh2F)k9&U6F%p-c5zdPe|d`&LKaS zHj8cD3zd3)kmMF!dU|&3<8j-G!V3TGEm4bVqKxe9w~905WmL5Z`sd&h?_)jpn7-1& zW#(3_`-4m1X6fPFy+^1t1EhFmOpK%S;s1>ty~0!Amh+AF2)ZKy_;Ql1h33Th1uEG~ z9t?HS55Fh1(&kZ!pzC#s0+q@0*|{wb5bjO)27z@7A7%i7eI$v?^)%VacMcNId```J z*j#FH@J{5t-yAT(Il7hAj}1dXOQyNIg4UIpMQ|^#GKXW+6Uuiw+g-(u@l#V%qSre`#tbgpzc+Sb zFB%;&cYalwN!PDmSDO0YH&+#CXJ%!+%*?E(EYsQ6?PN74k2S%QR%^w_dNYo)!=+l} z<^iQ#K2}~LAdR|m@k`2Rx%R^~OPA7{d5}g3&W^O@%-88T8urPIr5|^0uW_P1OjxoK zqV)@Z{PyDtRc&MxEXyn@p!0cY6~~gAR-*J za7KmBgn!a%;Osx(n#NY3zr8f|i(95g~F+;0&PK=M70~VT`KuhLzK- zo|d2N+GC?+{@_>VW36JuWQWncpUOP5e?#IM$fn8))}(hd;Bzfr1)Cgbl+#|0e!=QZ zVFNNWHj@CUTm0xEP-KV@y-EkW@EpbXM%ack?Jzbu84GiN`OIAY!0}sEQ8lFK>R&D+ zi-tJC0-G7LF<#CfGMb_f)4TWV=U`-HBM(xJO^*UMG057W08Ux~wIra{%E?Sk{8%?6hp>*VZ8 z+w?Yv{>DT-cs}82c5Ls&cXYoXu?`ZW5k>8#OrqtgSGjuz6^V!$NYan&h!)-z@CZlJ z^Qc59qW(}|5_DlrO`CuGIE-u{HS-+xA-V3P`zPozZK@`f>nzoCzuqUrcin2V>8a?A zetbq|=7akBbGN2(9k1RilC+AenrescuR{hn2QDIPn?-b&KgeP$=@cc%{p&xcXhbD5IPDZc_jU>A#%~@Fopov_AcFoNapQg$NmiEBHpg#}Z@IF4NTpI+d z$Z-z`9%Y|^sE&YYz}toLV0t-Y`}lJ7f)Z!*1qBPouBxFc11@m}Ft zM^BHS_wsb%t?A6nEQ(UKZ&%(c!*$y^xN(IE5Kw_*pWK0y*Aw=z$rvJk@a)+K%2J)} z6-5qPuz~bXV>B>h5v73Ang}l9)5t53%C%3huZJk^(nK;h53YS7AiB`xMzei>9kR1&)jE{XD%Kbdi@e&WJq*w zOddE`0TJZzpON(5bWAMYnm*~d9OVA9z0w4-2IId64aM=}clO2}C!>yuj?9SpNRzA9 zTK)*#9*A!Cn^dvRA$uMc4KkQB;y(lV$ZrZQmD@II4cKy%bDa)IEqjs8^_N@?{*izA z8oCoQ^eGXIaovp{+9H>67TWor&!ZdVZ_vT*r3Gh$V0J9}k0gCf871$i%Rr;hUi0s6E~^BkAW1c zqlwnZi zMeEQVP^=dU0c1HX`So*&M~Fq{OirAMfd5Ex7;j2{o6|l)2=2gLqdYE$wCNDUup1Yz zfx*zu9+}<9IymGXUt!BCHGOZ_OV9e(ej0=O(W(-Y;J|ZH#>UiQAMWn6kmsY1YC#`p z0+}Vsd8>SjcqeoHT8W)|AKmV8dW{Ta#=hrpbe^H`OnIN#zS_>9J6|60M#lt&&>S20 z(I89|PXV!v6|@7U`QEFU1xKDBh-baDv?d}&ci(K;u7Op>2?d?l#oP0`gb5keY){uzw-HMnVRH6MYcJefNvdDC z4WX-y;ab>It|7tM`T z2-Erkv*Gr1dt?IV>-3O5J$n#|Op)Yflhk3VNBP%iiDL3euSlUeXu`FfptDSNpoWIR z>_O-OcbQTfk3EiJ03inANzJ-vlQ))rLPYpTEr+k%dNjDpK82u#ps{czgG!hcQbUpt zOrW492}|JN>~U}%j1k*bi?Ll-$RS;RW}l+t_7D-ka|z7$wzJMxTk)Uv<>C39=eN1` z<#dYl1!^`quFuxjsIXOe3f_gn)bQ1nB$!~WAjK|4B#-nXIQ$C=f>vq^Kuo>MoRYB) zd1fOs0~rcyW3>GW6Rz1V-PWo^=ezYI=8!9SPYxy5;8}iaDy@-(3b_bscmud3DP94i zE~KKA%s0mt)#nrC^WJD=v%3W(dGNqCNq%RPa|YluU?c<=4YfOy*94EY z95)VFH-8=<@*dnT9cbj~R3}RGK5!D3QTAvF*<%2mg2(srl~>~Rn(C(_7BO=@`W*ac zJY7nzEa@}qfTu#gEtO#k|I|vS-$4xgz1A!RkFv-la*N8~{|MLHLtX)jCJ?<*GV*j# zi8}KkmE5lceahiTcpHb-85ol2K#MqfJ^oCm0<~=Z3@2HLbeEpRb&p2ku)bP6gFs7B?UWHR#Nu)xz99D2OlhXJ#e!?8I zr1}sf{Vwgdup79qfo`7rJAMM0iV{@7>+?-55D1^s9O7g4ovslneX5RrLLQhRTYj;q zXok{F;A6<%2QxlSmg&Atr!e7^L+U(G;TIuSiR<33^_bc(i6dX2)Ka-2jx8LfEhIe; z`980zG9R^TdLn!Nj8ayr^oQvOem{@PL&l~DF+tt*k!v)6Cei-!2d?HeUm@0iWq?Z8 zQGNe~Sy;XIiOrnwGFmd2>8WgbD`hy>g)-aoudmU<`R__~WbCJOg@&IFika>H3W+A| z(J}~tKjQ<4u@QuluhYd7qn~G2^E=w#-(DSTke!j<%g)E_4|-}59MkuB?K-hJd4kYv zt@p1#@+miuKe*&Kb%No~Y|sSfShxl)xnin$m7ju`&eF-w==w^MJ=G!LuxPlbRdewB z*6Eh3GAhdFHIk$_h3Uxlb3mY|<`f~ZB7K&AB;tw8E>x6ILcGYui%@Gm!T-E9-TmS6 zTe(XfFU>>pDwZB!bQ;ogo;%Ha&c(%LY;QB9B`*{~COWUbzD~Tnk65IY`?nbr{0~xL zRmM~y)$w{!VWr9Q?1KeoLq<-1E^u>%^PSuLT7HCl9^+-DQ#E(Jg};Ye zvLI?v!gWU9y6D+;7X`9&_G@>u@SR9lP8FiJ4obKw--vs=F9-0Gx4jEYnt}Nfp*J%{ zY|(g4AY;fSCvm2VNQht)0$G`sLTr6({-DvU==!6JzTXNT9aB%1G0LrSC~9qO z<+}FxD>nx*+gob#2i7=7a%rMFrCd!z&h`-i3=HObHM!L+Tx;Q^iGF&A!cK3nMaWIn zr~U4ICSm*&o$@EgY_vyWJ-EqBsd`gb1a9gSGiA6u!vG$1aN`l z<{Gjkov%)zVgnr8GtmCKuLhN|4@B?*SM%Z+e84NWS8WCg7?yVx>^G87uKdJq)L)uU zG0H)-DT&+kS5V{-!c}c-@_E{*d2@Yam9|Vs^4GWG^8G=9Q=m-86Rpd)6YjQlk=tficq%-<+;M z0nRa>DlLCW)ax_P?H)9;PA5AA1)C(Bvf^(7}K$2YgNtIN1#qEY(A)2D|gY^az7 z?s<=V`@YsYRoug;uCD%Q=GznRXn~7wkN)lR`(V`F)wcK4caMX`2JB{2W+z?lh)GD; ze6#wVEbF|v*X8n5S7EY?|JC1|B{tJN+6D&k%ZuuZzT3NKth)w?XUi{V$Rn-xr`S(H zYmNMvm|F7NQmzia%w=C2)BZHSFl%wjiPIe)E_771iUjBAXh*;LFI~^uJyWIpx9oQs zk5g`N$NGsSI`5p66c@Eep7&;4MvJT)--%7g@{Fu3IE}A6%zRH@esR*i_fUhpD1NVg zeVbutNvmYAr;`}C0WIo4gT85svWe+lVX}7W2WpMUhEbQAcrkBQ4@;=+M=atCYgi39 z;t?gLTbICxS(3C@{S6ejnaMjDC0}qa;fkOq=h~ZHJv}{^+cq?1ErG<`9%puu-{zWa z35lzpj%vJT{N2I*|3p475doB8xt&&JZY!^l^xbbCB)+jGu)N*;`0ZDeu~zZ}TOF-g zhm)KxsN5brm-PcYsq%!n;~d>l6;?WSR#Z`tLsxJ#Dhn6bjk~|QhmoG=d5GzBzVv2l z?uoPC7O40g0!4YnPM%Y1$WF>OqoM!RarMJ(3Vp5a+Q@?^Xbw*NJrm9LRSqV<|eHcCqP%+FVm)fSi!@=h5XsxmOTGjgK`M8 z%#L-BepB4WaG2i5k|r9)rUQ)W&+JHwiF!v2a_YPORzyWQ=nZr*h@anR&u*pDiH`;E z??jv0IA+S->rb(LSC9Dmsx5u-vPi3^rl8p*%jZ0msY1U?9Wq0EN_G6-zMqQTUn4mh zwS51>wrs1c)`+r=x+V(5$8h7q5%LRPS;of4<9;iV)qA{J+1BnQKsj&7!sd77JbSh-^Y9W%e9vly_}XbyGH*TMr$NLNEP^w z9H9hfb>pwg-+wh1QWJc~iPM5YS6Ba>x?AC5S8tWS{{az;09}23=VYbUMOd^d8NcLF2%{3`IVlSC$X00G1Neu3Rl}fz`d#vB+G0ANfxVpPF5G&dK$xGAZ z>(ClSK%zR!!mP5Xu3!+k!rN};rO1G=;cof(B18J*EVSefjFOQ|!`DZtX z7fXm4Z=`J%I`#?u0?fEG|59__vuCrlr!bte+Awglr>D8MS14#VP2ASQhuWs5f_i#- z`khbK(muc~IG_Ak3^)LW(f)8*%(vvjG^J;gvFu98jUUgxwhio&n)4Fr%%NetTIBlExny`e z>rc_InS0!7afVYG$ud91N7Y&VXUbRGj~5me>f^i0SLN^fD0q}Qu5hnO$Fkvx9!+Wu=gnqNVqK*I_3( zINsck_HDE6=Fje2D28rzx&<^BvbuxvFAnlF71^D?M}X&Ye4Q zGOZ$hxe0$*l}sO$i(ff|unaGC%95Fp&G-%PcfZ()-mN{h`&44SzFM*Hh6bFwiSN)N zn|h`EzEr#2-lo6XD=Rc!cSx0t^Q^DicGXPCp6VH~`7WhqW?a!F)xD*1pd0ckTV9*> zrBvCrSH{ANFYR8yjY{>45?{ZRt6cRrZ>)@JEIBnHYbzpe;JZ=>@Sx*)8nnFkaN|lH zR4HahSl3H0clO(^PD{oFT~98;JPPeBHxzT>VL{j@MO4fkNEil};)cs}?B>~C{1e_@ zPIKtwS)ondv&cWb5 zUXIgWE`YHFaMLa#1#}jc84vxFD|iCsj^!lJa*r6I5|6_H0{bWXPx~EPaZky5Na=W< zU#O>Z9~n`w+sq$F{{89YwWmLRJXf({a~BlTIzt-Nxl6wMgF)-Ax8P`#D0aV=mr0x; zwiYi=bg1O!*Q%L%YPm_|>Feuj?bjHRG(~JLDELOS<8?>UBC+4DD;u|)hSrAWT>L7n z%7?GcbWHu8xi~fK-1`33Qof>1(-XEBmLR`$<3h>hWcG$g7l+Rze=<_aSPw2zQExsH zhN@*a?*fa;{>u>UDcr&+rxxLq3X}NG=$7@uis3ig$!j?cNmaib#M3js=;BRXT;907 zd$Zd$tIU=4*{usgj*lKv-2ZD*R?>EI&3mve+9OAPH}#>b!TFtbRyL`TiG`2<<}q!Q zYNnqMKhI*m>OFkk^g(Z-X3N(Ma8rrP=3Yzgi)8yg+}wWI`M73kQ?R)2Lf)cFJO6mM z;;m`dvL!7E?{E3u%MKIKqDf7i2^5Fi*N>3;jq}L+b16jjnYoCcJZb#2dYnc>OkDhm z?OXLk2^(9M;?jm3rUJ62u~n&E^R8E)m_!aQZE=Ywlt@#$MU~in{EYNOn0WE29iw}3 zu}jLH1BTr3eyjWP3EC8T5u${%vlJ>&0phceA1FX^>lWk9!3z8N6wQU(J$u=uv?@>J zjQG0@@U!B^PoN~D`RC7LaK^9N=_)@_IPBQ&XHTC#Z4@*OiHw(mD1e`5bMTTVZH)0OaWYT*>UKpRX}wUOb1Pl;|6=XUIW6E5+{)jk+Se6+r6i$ zSYA#nGBAlfp0_-B$#;I<>(}QGbkaR(ZfCK(`5y*+b8wP*3sV(MgALPbPxA+q%57*+ z7u;Ca{GY^`b4^>Cy#eRZX_-siZw<(eW=`9l1E1lh&%M{iMe$ zt0whZgn@(CRGiD!v$`i$7ba#zZ1OCEur&vqUU&%x2SGiqzR>??SGC<;4zn)j+ zz44w2o;&z6mYslIwxC;Wr-PJbpD8QLek*N;G#ck0&p9Ejx%(1oR&Q#X8|Vj#+1aYn z($XnaRYqjDbeg@t_@B6V_c_vNMR@kD%G%($fh%)FO8zvAtBtAISy?F`KYsk62vtRD z?wKj1$@u3eKNg8MmAUlt$rIJRAx9gL|Ji($UzhFmnJW)~%uzW8lx1`Fw?Q8|3ZZG? zptCHpBm7_HE7`kq^77hA0-ng$;yiv_$WUOxE48CWPWh2QrQvuRv*sV_Ap0;USjY4f zE|0?1Z#>iN*29>A$b>~nC)8;oKHQ*R;4#m)YIL5Hnml1`7loT5h5GYC!5>{`2-xS(xY3>dyo4Sx6&U{@H zFL(L}&BHcHq8(RnpkMncT=Ezlb#;txbi~;S)<1EXqTr?CjOmL&Pv zKgf&pA!aIye67Z9F>-skLDWy35aqezpqRB_nt#RSa+;rs7>;Q2(T$Qb!u*ltcgks|PS`apUC zQ!8RaoJ2Zw8YY}Qy0)0cvFW_5yg1`q#-8k1MgAGk&bjw|(nFy~=(0MS;q{I<-6ty5 zbVqyg2Fg-FRrBRqvCRN`?n#1_k4{h||wUW*bel13Gl9iMe1Kk!ie9xxHQO^_$)?9gm&LGpZ=o_+fOb=G+RsE%c9q z*SAhNttgTJ>$vj#Dc}Nr1Q8{1Dv~Xxr3(MaGQJhJ*gaZby=GD)9=coATNFxDq20S? z!jLz-=dt?AQrCZ4ZgV^g-S5~Nj#~Xt<(1bjiM0y1(PeXJAFN2t%@xiRv1rXc0F*Ux zzU290=x$c2PEA!OtQ$WF^c>FYSU0ZpRN3x5x%rc}xyTc9Knl4?pQ%|z7hF{o#Ij~6 z3F=W}TRAb?E9tC5I4(S1%Af6a0;A*9{aIGs)9`!ciDZG;+X`{?d8>B|5mXri!DF>9 z9ovMFWfM#EN-gx5(^mLj=wBAs@YYKUH8Y1QPFyI}uXe|bo5&=Jo00fzRX!D^zspGo zKGh^@_)2Jn=G`CTMDVE{G4HH0w1M|Nz7GyS#0W^S$4o?z3%J|RCWUMg7yuo*a_WY> z9V3PKw0aT=i!+l`Q{3^I1oE67QKXbj(4?O#GbI^vebuhf5jSu!AJ+UgxjUcujc|$K zM@60@x1xfvk;CL!P8C^kGkG)U{DEwvxlxI6^`bBlimPm4-*npVuS|c}Gh4C5TF;{t zUDnJJjEe-!4+IU9e;V6*Utju#@fX=SpoK)#Ih!P^GgWgL*&41Jb*{Uu7(_l{n<^?< z_*qq<@i=CnWeSBn|kte$`tnx-K8_znl8N00N@gnmhTc`zphOON|>1qI_?e1b_ zz3pXoNDa9_|OD zfhwbW{GP6Kup@mUW~3ZBXm7Y+#pXUP{*JugI8XE2SdS~xYp1I@ikWZ>=>p!uvHuVe z_!&tPFA%xMY^Rtg^vc6(Wfn@l)$Gi>X0IptW=*&obI<0gsUEQ`QS?M{c6)d3xA_x^ z)6giut{oGp@K*|)7l_jcD?Rzfj*b7{8n}AOC@p0M8BYvSxYQxg;gM;7NQJ_*q6;N| zfM&G)v%$;)ylY3l(BhXlQ^S(6TljTMj0ng(^b}8_l1>Wz`pWJ&*_*ce^UW#M@sH8x zQp(EuR;8WRk{Sp5``FQbQMIaHLCe8n%9 z>=rgdgV>&owqb|#)t^Y=TIvVCpBK_qDs3An^he>G#4L@vVZADsI zS}T{0w+Nw}X{UU=IU%x_VCXu**jr}#6La>WQ+)Y+u>oQ9Wx_}#a~`?ySuSCB9=X2KjVnU3vZ$6*rH~gtDuY? zK+UhkN8`r+@WnGQPP${`T<-lGdn{v&)*xNUl0J>)IFfJqCS>=HPeOTShyG&h@2;)N zskAM<(uc2q>@E7}GAAs{#%uY`R}#O-{QMH_N3(trsCl#n8x$}BTEB*b=72P^x`)rL z(z^LwBlqG$H-AOC2y7A900e;<3E}Ji5SVG^Wz+83f&?ejTgU!)q=ri8N>pF~$&M?L zCIS79a+&l`A-s~^(An$AZhJ@+hEy=VsG;fp$d2Q<- z9CvQ-<6#7fZ?6YixrrH5izRTX))=tYQ&Zb(S3H}NsoBC2JR@r20jD8(q;7x zFX9K{@}=FtH){rAlEW@`?g^ha4Muv4=(i^If~qkHE?nk^DctbI=>XV`O_xa?4F#t_besgI3xq+0OhQ zEdY{6T0jq>Rs2g0=@*{81#bkQohUkD z)2cr=jE;WAMGaqlhda8g>wAP-GwOhoiYbbf4fF-EPjX{UC#PXV@1J5OC-ws#p24Pp z1=-2Ji5D{SE6jVZ4Fm%}DcCNfBOnk^aSlDi3}i58=y{-~Q*!v172$r3o(AmS?qt>t z)OK#IyFtmfgCV)$JKSO!Y1bcINVq$1!lI{0Y>GxDCMrHglon4F#{UNLCDo@i$YJ9l zQ5y(hpj@xHYIvNK+DH05r!WoD3q8tXa+mEjvmq~_#uuPc6GjAKmly)hPph{jhibB1 zn!jYYNf&c_#8#rU>}GDv4v)pdhZF^T=iZ_6O}qzXY^x3T8KM|b{;S>!uZagujvZ>W zNTPhU*&yMhlA&sTdCVePHAumnj)LSQNPy^0wlNEV1ZZW6SzZ#yIu;o~#Qp2ELfn^n zM38$@+oY?Q4bq$VM{B%|l@F5KKpD&(9Y$zpfY1plW|oTchY!P!xP~OVtcaLqputIq zV~XcP@f-%HabCvkw`3I_#N%I3xTOZ>lh$olD*P}@N4TB?-lL=hD0B0VRdY0QpJGYj zz7(DU9ani)2G3{_D(D!zGsX4VZfWj}&F?gDGc~h7;{-Yg&rVWq+H&ng&rA0y$^xfS zOU&EZ%XXhjiCKr;us4I}j^LO12vD8CQqna66Ef;U`0}hG9F}J~CWm1s zo%C)SaBkXx9W%d!zi+a7pe!iA;)jUsj|8RwSvo`wPI6RWKN25xOA;lBLqndzvz*YS zfbpi5QiB89^+mOi0DX-pY$kwnO2q)Vbp?R&7zG<$EspT3cErJ$l7Lc^(YA1n^*}L# zUZJ6_lco_9kri68k#mgaYOTT36Kc6M^rY{fjK!3H{rXnKQ?2_{{eT@WF)yNVC_El? z>I__M{=KjPVJCHaY(#V_B2_V(X?p~XSTr$5;oKX9)n8J?3tKID;ooXpchcEgQ9Nr# zSlN$=^6zZ|hHx+BkXxaJT$&G~CfEDDt!anOp(k^-x?H=s~bfQOl&ROfw4D`iyEax|E8#}nSjJ8Rd?ifl8`$f(D28C zp5LG&&c~VRE!ViPbtESu{|X~1{e0d+oH_7V0PdA7?r5$Qe9Bt5z@rFN^o$2^d$3>* z0@KnEaZdH6AcSk?H!>Mm8(NyF&%Uo}0Gadtl;J!#gA@Kmj1t=*P;FlFR zks#6W&;kUKS_1j?lobZ2jfRG_WD{$)=X4JN$&^ahGetUz`%(%w#XE(PaD~Y!D2rA^ zYSbiT((gHbL4V$>t>$GWPpdJ{RYV^DjEl}+nmfp~3z5|S(gl*fMvFD_wl@@lryboh z4s*F!R2@cSVNu+*)M=*$KTFOM->ilpSXbl^e;&mHQym!nvu_qbno##C^*(ah_lR(; zVY>bW1ZL%sN2yr|qjUOhCvXAZJzgHp&7{mdsJ}1C`$uwtggrV6BY>igcctOOhad9j zC|33S1MAq+BcyXs;C`>J{97^adukFb5cQRU2;Gooy8Wo%T$&q&h;B49kbR8ZDBBZq zyq_!^FU<|Z69{HiI})JEX8Mw84Bi?{_8cRt#myW14u#83t5fUxwPc7eIyN%F8$4Cm zgmpZVAS>%mb$JIO+96#Y__oP&XeYAF)biIcf(jiQ*^6vCZQwf8j93~FfjfyvN3}y9 z2m|yl*bbPA?^cQ2hyd8_yAW{f?^)%78H5QWA5lo%1dInqoIvL9HK@Tq|F53o^e?}_UDtt> z$Bz}W+q0U#qQ+)A-#>nW#p$vfmnSp@%1B0UDd)dIu22d@SAzc1=mwSAfW!((Z&5^$ z%-IZ)oY&Q9Oh)48M({$vs6BiWo)3U~qqQO_Aq@4bo!;pNP))-O1#IOHd?2Ppw({(c zA+8!X+^N38BEH%AiYc`SQ(u_B`Cn(X-nohiW3P%!((6vDdo7e@+cOClT=IiHgeWj4 zFl~Sgay*qfX30`RcH*Jbe85fDkg)?U-i2hum23T0_VsUdn>YT9O>E6PPz6E5_sFJr zS@-d+6O&E-MOG7kxvBR9qnAlWdH-TgXVTSRi5v)W^^=$?^(r83f&ONlV+Y((f^(G!DUWhQ>UX%Jgh&}a|kud#>g)}VbPQL$}G(0QGBoYO=}cxW@aM3%th76C{A?j*1^-K=uAHQklF)@iJo-m zYh~#i9DLM$G0qpBDF)5gQ+a{tDqjjd{l8M3Tu;Tq1Y6VYa$%$5%8UaFC054k<{TB( z^ZEt`=f1r7;uO{{{7PPefXn)HP5ak*Qbp1I=OK5#^|o{0v13oB6~347jma&m-|gYZ z`&jp2nv6rEs~y(yZYb0;^^&;S+^4@NB>6qDNs*s}n)8X08JU-5q`xm4d_ELa%&{5G zvR>mE{$BREw2yS1Ykg`_aK6m6TT_l)v(w&GVOL{T@y@fhiXkQqAZW2=HtTz-z>8NO z{ca#dGI~cj{L2eD$Td|E*Hc~QqRZrAWw)j57~r;tQWDvm-4|;Ces84lCPF&vr(u>& zW#oPO|h|)QL!ik2ULc4dyp?1$TPD_y=nP*5LwVq(w zk117F5oW9Y{_$0WoLSZJp`iJx-WW@VBm>RRKe@fqCPdi!!x5=Vgxc>bKMJy7U| z)3d7`?n}U^-fs+ML;q}Fq|EEWLwhIr-0Jh;M47xrlbWdtA(PV}C(4ss(X#O_?L9K# zoa_Z4Fa*%qZ#}CA`myjueVH8r?O%h%qA&YUkZ|h`EEfCoLxh?DW@l73h|kFatnjBo zl%Chpfew2+uJ2Dik$Vw5Ba6>QUWq8a!R=5ZU zuykKfPulN1|Jv)OsY{$uC&;kNa307c5lwZ`S$UDg&gY=5HOEe{t=K6Cy~#{xjax6x zrwx#9O6%SvVRKAx7+ceH&m2?h+Jyd9i^=?;`@OEowxs9u@Obj6qKKQVLN~BCZ#jq) zPE3_xyJz^0!LMTqF)dNc_AY-`thDY!0pmTEoDvRC!|BEIl&#eK3Ocl ztG#HAwae6zk(`M!9C5(l^=lNJaMg>M^??U-w6ABX)}ecnoU}k;x7fV&@Z^R)I>QG zBD6yPI$JpE=p*vNV;Ks7a5WWO1QvydBVmTf+ht-~U?u4hV-ph4qPd1W2Xgd2OKy2@ z6&Dw`ibl4@a<#R!Meh~M7gkyJ2xM1nZMprUaXS=mWoeb*Nuw&_r`>iac?XOOFj$?PVuINgY=zEkJ-W@-CBs~xuqyD(4e6n6&0gr~?Ok&{ zfRb0pYu9cBS)-I7D@N!*Q``4!+H^ntb&yrz%yNl|y0O5D&XhG^ilNKhhrc-`op%J^ zKT|y9;}xrTu)<{_LQg0%a7X&))Ii?BxwMc!_BzYOLi5->*{hyfBmmEd zt0Mam^3jVUHm}PQzAo&Nv$xJRTDDR#3AJz+hhWPzWY&dtmQ`-hf5NfJ=RMx+?bA5HO0NNj zI{6YKV60nbV#hLhGI%O|=9lI~Y}Oy!J6Cn+~1+#FgM`gPT3ZgV4l>%w$J*C(qzx7T(08!io zDBg1omsUD4O>*b1eri%v)AKls%>6-Iwn6X^-bpU?R z4)e(T;P$zY$k+EhytL#)KajaWYc2rmyR^l%@alxbgSzjrL}DQ2v!U&n8EXh;6Eydn z4EmtSjINY5xr$!UrSh~Ut?B#HHk)+6jJ*XL7&^mTLjEZ(N!5ld%X+7yRQ6uu?$c6q zET)#oy(5&S!@*s02wI=yJAGeBmi>-rh`Iw&q99pO#i5&*C{to`0Q~`7X+t}NKUAI# z1E&$U{aG?*l)N<1!#N^T1va09Y)n-!#^aX`mIb*VQTy|Bzgk|XZ}RN68Yz~L^s*jW z%ek~B<<21;uI|@_GwFvUa_eEN>|uKbUgb-6d(kQnYv zKW0Dk&0_4ZPLI_D-&0+`okX zNrozMatfC(gr>tNRszBPj2}=Mx9|;Q=ZGHFTtB$?=WAeR`EMnwZcxr&WrzroCW8AdnVToLmhkvk*ivT262=S7T)2Pu<2`3L=89%TQx zPFeY9nG-Y+!Maheh6+OuaOSOTlTo?)QEi~u9MAxxwD5P)*{JL>Un;^bQj10rl#k_rAz)CufAFmzPTiHVJ;k?7D+$ z@(gxCXy+K;K4$)ieZ7;>$fG+QbId^|EfkH}l>U7Yt6}oOz{|!o+mqO(a&nfh@K%f@ zo`!o`7|VVx)8Z~K^J4nmiiUk}wD|*K-=Rx}b5_|t_vaK#>#N?|-6nKjUKWk-mfR^b z!6XMK20x}MS2bfx$|adX=Nqv7T8;OWbB5=eN3UPlu9P3)W0o7XtvHw1ZY{i~Zw|Rq zZ=q(|4p;uQ&2(N?KH?C4a2VFui^m~1LBCzK{yb97d$wZcdt-84@vH7}Fj3*wuVf2>C!{33Cl z2c#f)Z~dow_IE)Hbo>OjNU=mhZ_glgI;uZk#dCSKymCwy3LLT3@Z@E7rZu81t_O_O z@2h9MU2GIZaLlW8tB8=0z=lw259>CHfNuNTJ@>Owx(YGa^|@sXlcNia89caT9*goL zIp8Y0GRN5B4EpRABbT4A50#$gomThXoVLSavF3(DlW~I6^U%e83nXd}rGo=r;QX|3 zWVXX#xx6{EVQ$Aoc_LMm;z1j1nyxX1?tsJz`OkFHwM{|{Vza~A{USGN3)^9*L46f)D7Hm95_X}@Ri5@j)k z0G1!5orcQO>zuP(kIOFgfmWzC$Er39zwa}nH`?xut@tPLfhzo`l z>1Qx-gMgPypEc$xvRz7Xgwc~lx?f~rs$VX9XZ+l_U^gFh2*Hw{AlaQQn-|{ON>BB=f8{Y-hn5QQO*D$rM$zTCjy&@auw8y7uh?X6 z=hm18m&zW_#T3Yw<{X?~QCh=I;RX>TUT1Rs(8EB1X$%XAdCjj_c?b8>s?bCkHb-p( zgP23#9ON#t`@_o*>Dcwc)7l@2pT-hhcGgDNbTX<#<;#@AUFb=wjAcsa!VoFl#9JyN znz5`|`w*k0YS3aZBs?I>4Tm5VQ+Dd9uvvJ0%98*40==z!mKtvG`ay^Rb3kdZzAW zm+a!?1;ycm+#0LYUncE#^_!gR-@Ak+O0i2u8gAF?M|MkYeICW6LoCqrzK;=+$J=Pl zP_XseN)*%>k2GFQn3?)vxL%sYW-eqx`?|~NnZeUIXuiP`Z=#-Mwb96YKw%`u4hvp$ z1x3mI!BV^4Juj$mqU9NWxje#bU2n4k#YMbnLw!}b-EBGVl%6A-li%8riv1EP^g(U~ zjdk(Diud1+-9*B=6u{W=rL#9Vvm~l-#LAcCpM9w-xEdGXFuCNU?G0}htcEW z)MAEz5`@P#Y2QGB$kb!yUh0VD_DA8ktld;~!H(rP+DG_9yY}u)144^!f+-Dxp$&2c z`9AZpBMPXI^ER{HpB}A|DL(0@{F0~y~%Kc z9!X^0yO%oenEa&;_Bzw77#5B(=Ly29z&S*>UE^9r6;q#4BO`trM5=Dba&_D*r8qlTWucF8SmnU=uz~?i}$la}OUcY+nG)qTK=WsJC<2yphGU6;SuI@K9 zv6aQ%0Zp12q)BtKux!%mj_es(#2x~4QqtWl6p6cdsPSII({6c|ISW5ompm>7$?J;m zK(cZOLOcwat7X-k1*Wing|gAkJ+vx3vBHq+;u`s=!>jKs!DD<++gPf#UuHx4w))MO zHO|QXFrh{tZwRB8dHQb|8^(KdtB1+);?8h>q&Rxp8A(RcIf73EH?Ut^&>+PHpFL^% zletJ#o~ljWA5>o0nps?4jtzcyhxTHW&IuB*KiSfrlP!8;mmmkDI)mxAAFmlb>==Ry zCx)>j3-2-`I4l@7jBaX=kINJBWG568i40|X)Ym(WWe_|lozm)BpOO>2NIB^;-{@I4 zQCjuP$c$B8MQ5g1uj-52O+5Bvu_r#%D(SdvTYk=)fM)aC z$lH0Ctkmt`8*MkpsW5Tjk}o-7LH@9{%~ZA3x}9c*A2PzI4;jFQlT zZlZYX+gxw*9${=^B+VNL5u5XpQJqdGc)rA*{~+dohm&one2o& zSwzolrpaRm zQW~`&35bh`t4|%Aag$T`1w21EncS~U8;Br;1_r>16Y1C`5NU{c+u00vEm!Rn8z54> z@~g3pr|~iim8vM$RUMXd57c@OZlXS`+n_UxInXPjQadYM<8gpFkWyJaM(mV>b$L!f zISuq$!x=qO@=oB(On2ftZSwbHPKG(UFJv&!VQ1^17h4bBTY3ySkp@Ypwz5Of!n$-Z z19IaRE|u*1(3Cr5s|=!ihfvEy7#%au?H7DGvb8AulOA4F-g+RD2*5zzmF_htk=HXKw%ok_uSE}J^`Z$V`L`l4Da21M0#`%Mx*B92A zM%2jGmLahHTct%-*atnwY}O+%{VE|pqf zhxqPQ=jAcEKP|xi=q^}W^QU2ZhZQT=tzTIQAD8Bq%?8tl|GQPmp(A(lpA>!Y!XLD{ zfY`R24`PcCjTWUQ#576hFVZC)_i>bbqvt|YI_pJA-J@25rG)TXqCk7oR>Zoc= z(cg9*R?jhVe|kK^J!9_aGv95ul{63i6gBK{+4#|D=~b#;uWW^A`r{`)vA19te|vcK0=avXa`B|n3HV?w4k|lJL0faPMtUk^U@E?CH3t3_^Ji8#A2e%P{M$0a!gUx z1I^XCoRYya^1FEV`&wOJ)f6f%KZTcnMaBFWURW$w#yTv@TyRH6%=ntQ|+7y zaLg6>1kzhh2vbyAVa5NNF+&<-S12F*>YZdw_Y7?PNu^ho-l&h^HP3?H(vzA)+C58$6+EpJBo+2+cN_P4~P9R&5tx zTXD()T16VJi0cWJRQTOF+<4GQYNyNgw*#Z$YW~e*fsjKo=a?BH#J_Y5 zWH(?_CUTwggG6=U@xy$C3%bk;QUn%pwzoH*N~Z^HI1*j7X#Zgv# zTh#%EHrA{6kJv|>Yu5{-5u(*3ct5L(P4x$SxpwT#9Zp0r_qQi$$1DcJ@Ii~ zOZ;&DJ@@|9U<#~+MUJ-eN$V@$WD?3877EBZI>oXp52{!!SY+~Ol~<~r0Ou5hlsa(v z-L*n!kH0{ncnL)fF9_cdg~}^LjHGacH7)k~=gNF}P4s~BAb|o$v;Q|&Ph4qU$UDndQ(C;c_ zP^@NCzIp7Q;pcwL@3y1YwAnttK~PyebcJ+-j!&hiz=k=WbHM@GFiS|nKXvy#a${m7 zHTDyJsE~qD9pmf&CgU>*d|MGidt=)p|)CwaR~R_y+`hK%ZlctF-Ev6eAY|*hztW@;t0qJsrf?M5 z*6+{5wwAQU1^hZ=fgG%WFokzB0g^fN5Z%0&K)IkR=k6BluW(P%WoT|Db*#uM5+lKJ zv~PG$Bi-2Vu;eUjre&#u!1GtjE;P!7(8nMIXaBonEHhz?YezmSH93!jzyFsy>#QUa z>(2wm-4~e9UGuB8-K|tdxuL_vvF$gcwT?HwQm?O!K8fs)e|cgdo3<0N9@=*)q>HGP z7cvw8KGRGb^!ImKs^*^marItQzJbhS9w1Krt4Yz)4gWh?0wnI0oTeSyv!mTdK1+5Y z&M%*FQX$ zA2_eBe$ifSF|Gr#B!N%rinQ@A6Y4%SIum&@Q%2^4(DYTQ-Ob-~X^%eng$#Sr!tH9? zsp)nqW^pMpgzn<}bsC}=cV9^99i+kFNC_AB){L=qPsk`v`n{tPLDMtJufTSsQOB$m zE;JQl^i9hyT~^Xd)a5fa#v<;wTO)F5u_Sl3U28?P9F|x!nJ);3u02Gkf5brp6jc=T zq&{v0MODvzq-uQ%W~GO8m5+n`rZc~#74eIi28qTO9fH_|?pZB3gS}=#f#P4rYE)9{ zH$M=TkN5YlcO6_Lndp` zFj1I2Dn!a+PP+L01V(9_V}ZD{oYg~EM#I~Kdl9@EY&YL=m?Oc#jxjMfV5UXX26pmw zWJ)CEH(xF?CE|q6*K(F0;Ks}J6Bqr~)e$_X5iR(ZJf8Vs#d*T08)qFgudeqCV#P|3 z8r>aj5#vSf0O4A%{ddG??WMi-*#gO5@T%3}|0J5J=4 zLI7YIuF*~~j!4l$R@7J{;UqboGt-6>-Pb8nVh#psLgIfWyq}dW8QX&>iHIbK0aPLa zd`H)7>Swf-8Nf0Dd9zqjP!d+U1%Y<@J(7JX?{5WsQs5_?(EC`98u}+qanEm?y7;Q^ zMBh4mg2~*yfiMEk2YMEcL^> zso9vjqNAi{wd6%iCO+grcw-D*5qtz7+tP3hRV_5dp1LCNSPXJc8QUQNp0L(tG7O6$q*f zW>Xi%Ly=pq-iZy0GM}l=0C32yp42bfuXRsv&^&~LbQctJh+zFLT55vzBK{_#QRJd~ z1{$-QbPfVV)bn0cOew+qgF)wzl{<;p;+ir>LzsAmxL`(=7sioz*ZR({RiD?DMpX?* z-dO#ktD^ITRIhPuyk%sM-a5**VeB>15hTK0D4X&}zPQeYi^RY07!CS$1zI*`t4bxbI8+ZUllS%@XAuZC?pPXLL z>WL0`oiN{xghMige?mi;rd|X)viIHLjWl6VJ8=S6^9!tjzt%7+H-Hr!U$s?Z z6Y~GGAOv3jK1MJN@irt5$$N4GTwfcd$F=EcKJETNbb7GAy5Z>G4D3Qg*Dyi_I|NH; zzJI7ihn$HNvaa}WwFbR*ndPSH52MVwdQVhhx95$E^15{G|Ea{I^w>a97>pl(TgA3T zynFXfq2DDY1UL25by;?x=I=fV-SvHVxgxt53>!+idwTARXA^rtTZ}csfNm^}8bHqe z26M|hzQ!Xe+;n3>88Ptjtg^EDmyFHFbJZ#4oVg*+eW6FuuYa)%jEl}NPbwobA>xWwE#5B9*IXBqn?{^Ni=wv+8^m~cQ&Ox zW>2-sHJuxqtu$=+k8DYo0sq>))I!Q@s*a*k2n(ba`w;=%Eq(K-b{=_;<%cj3ZaT%fSOY)ib=T< ztP}b6?crdL!tuS%IPO6>mmb7m+^ZOo`x|oe#F&3eIK5oN0s|t~L^kR#*r?uNoybxk z#(A^Ke~t4(m3|p}e!BE?FCP?_2HF}Cub&MuqN^B|UA^DSoZJ4ILP}Njk4W;bN@%Iu z_^*0@5JWIiA%cxdeZGD$;dE!de3=Fm{!NGdz_a25C7SojewDt8(gV}e1!WkMBz9$i zq(*o3xC*!f<6pl>8QhyRW`vIZRaOLIoP;u(`$cw3ETrdafYW`tQ*usHk{olyZuatg zG~e7?wZ4Vk*3s&Dtl0a<-MCU)x_8fD(w)(_A>c5xz>xKfeX+s0KMVJ2lg#n+F$W3z zWDvQbE&t;iN+eILA-h+8#&uI@rbDHXl{-D*$+LtmNiqaIA@+`79Gp2hYu_t+Eo}1`AQxHvH;(s4=CsylGekje$uCQ1+>vxh$kJo1Vc(B7~ zm4SVHQ=s|T9w@Fb5ay`DS&eut>!?mXGHnLN1^?8lA2BzRY(Yx%v0B&ISOgBR0Kw7+ zc(>;+{o$w44YRW)&^XiRh?U-ZE+x@|^qaD8=X@ky?v5NNz~Mco-t(n}?9J+#H>+mr z8Vnb=4+%|U+WIXf#cd{>Vd^x;b9TmlU!*xWCGDJB^}^J<0G^i33!7C$)bX_Ei0vIN_qUiOqVyP@Ylb$d|mz#Xsk zg~Yih{A|bJaAG?%GuOSoWXJP=qdFRwrVlW$sk~;mU31kI2aN1 zUBte+i5$aJ=v*M4RB&Dn5POmy%X2e|HyWaMmayBtv)QUb?Wr+=6ghyCi0PqH3wraM z@ZvhadjX;lZDi*$c^hv#`+?%JYpYp8-s?@!aqxsrV!DoOiNcUlR%5mNP)dDw%Ri%P zzk+Dq^_AKsGe)HmKUi50_ocDWR7oFW6+PVEJ!O7<|>hi$GO3=-BfIrA39 z(LX_-Y;my|5f(t3i$*GYhO47AqiS#~3>+^U zAAg6@z4E|Fn1KDHHhxFqjcrfiC?Eswn@G?@dinWIj0e)oZAdRBvKB(F#NMPsb8bt- zzqcO0vQ0`dM*W`o5nLqyw#sT(bgJMjIV+DZX2ZpJ&JG^RK&V)Ndt>9JWLO5^_u_?M za};tS>j2?EF)|GZcnU$lh(Zu%ah%k_K@*Iw;YC0#hi(;@7i!2d&c5@z*~EviLluHw zL(B*0i2MldN%uLqA(tBK5s(QQp_eeBRuW5g7F%8yE)_3rgKB4$2?Qp zj$XKJfDPuv)Ml$xwI~OLZuao&LgYhAl)(yIx}>=iW*{<9vBvSt?sJ*8M&&rQmha4o_NPFb? zG2Zml0>Bw)o<+WtN&kR(7glCkr%T3?U=D+T4Rh)lLxRP;+RE=A)DOI z>Egx^j$yuVA>FeHpW1-x)HQaq;Z_bf`KlTEyyUzWKKH28W!7B71_VBlfRWr0 z@RxwOwvRBJq1x*v7W0dgn5ukWSDr5rG&JIMIJ0U&ov}UMg#tD!F9CP#w%O0I6lnPD zbiUkfwA=65sRLdsQ&3~zpF{?b=yl(SA`Kuv7`9@VtpEOpArbRps$3ND;!L~+1*I0L z6fy@1llWXwZPmJ6PD*%sUK~l5S)aBTZeaSxAp>kdxD9w0>X0ne2z_s{t?* zSTp!|@5PLh4Q+Segb1;(`m2BV>XjcMZfDd6L)56syRO27UT&Vz+Eb&c-3i9(n0HKy zyp}--o)JCkN>;aHdx6gBvLUR;-w_wKBZLtbg(YM?AlxOJkhUCkl$h>LP?-n_`}E*r z&8Mlnvegr3PcHAU(Q3Tji5pmMk4mig3yL;CFw{kU)c>-uX6uPzFweOedAT};@HmnU zU}pZ*e^nG^g7w%W7DJ#QJPrUC%RM3qqdoBAp0|8ew}3{?;`1KNv**4ORAC_kWjBr! zP_sg!Ch&Tf>Ln554F%4_@B#onsA4xlFv- zA2icWMGdI=inaq*Q4F`|^1Qvz%ZB!y1KgSsaU{(k3~yME;Nx~HIe11ja1jFh?Y5<{ z^Mie9uo!S$)H}g$4j+76N((eMa-ccoSUAj0DK@SC>brH-sN2xF`IW!Ty`NTyZm`ap zmVe#zo_>dsaI#^Z&DL?AS>Y=8rz+29&e>fiA7uWGsy0g|}?F_45(a<{TvXSWoLLFY?DUcJdokSq_MlqC2Vf;}vh z&@b zZGziv^OF~`LLV^f)4iQy-@=UiN{9ApeeFRfd`(G7X;QLebJ`Pv*23|+bd5DidxzjI zNaMq0l6=1zerV0h-B!yo;yMBn-FIYe^Xcrml)M5|!*UwVCA+Dsl- z1pO*Xp6U6~K;c%(_*F`49RVA6&w`O`u(D{?z5GB&osj1B8M-9aYh*3EkJKB=#v-lE zuf~AtcdeQZ6R;hqYFATNH>d#Bm&`O%rObR0ufDuR%`AYIao_cSw4?Jko1ELLS}yp6 zG~}!MvoHQ)W^rt&!T;0Q_&;6?(s=Zyklyz8%?iM0Wnw`pm--^~mvoUMO8y}-tdAp7@9YlR``GoG+6ZwEGU__Z?0JRuNcTh~1P z&K-Tx)jq*>z&9X#u4;Kw6)gIC2~N?YhneijMl(GJiTwwA_1Lm6cDI9N#E+EScW3iR z_6d{ZpMilp8Q3}?gqmPPMxg@y+XjQee~s1$-bbuph2G;BS5wzl4ACd2?+0goy^K&t zypQz0jPFJQL5eB~Li)56mtbKjuJpssJqfM#$nl>0Hi{I;!kSO8{`MHdUJ1#x9F$0L zt9#qK8J81yul;3T^}zAR8O+Pla)WxBniHRsD|^ zfJg}r*kL2)=MWeQ7@sV9B}BTE6dH`lFSL%O!XqFG;#8v!iog*w4Ni}>W}-in(va=j zz49X+W|0rQxjAf5jEGc)4Sd{%9u9Fh^GG^1m>@8kad{)^FbT+WyaLk))4z`aJYXFb-TfL0jDeuLTs zX{?lncsdv$+(JC+OcY(*f-pt8SB<6C4a*kmY{Qqe(riiojvFWcyl*CdRMbgci|C_` zvGlE8K?RIeP2qx`TLPP$M`^2Nnc?82)k+^brvo!!l_K^<+kF^x2dB&$f?luAU=8qz z=xvN!J(h}`oQuu}X+%WQMyb$1AOdo1V>MQSDvQp$_M^D%w=hA8 zJF;v}(-fPXnH(XBy5;+M63CLB06}ELQlXXv=Dg`|d&53cctbKvi}%`T9ov(4cVRcu ziRRtfYre>*aFjF1lww(pnei5@f+C#|V=CFVPF%Us5ZZP%4_{M}h0Su>n{_fm<7tMn z3;T;%HC2TeuG1-!+&`?%tWLbX_m0Q9egDT1b)kfc zjO-Pn%w%2JqmYVhDSPj|N~NsqY$c+Qk!-F?vR5i(l~q<&M%M2*FWvY1{rP@=kMH-N z+v9TUb-m8xJkH~I9?xT(m4h~gXB?wcn;!P{5>kJ)4R4sZATC=^btJ>W-Kr3EF~ejQ zY*_~FsMG_Y$AgF^TEBuVTW)$5Zqav67Bpbpdx}~TG=Q=a=C6-?3<8$%!F2u5h>|L8 zX(F++b+g>MV>Oq&!B#%N_JGU3S?9j0iukTvS-_0#=MSOx<5xHh7&pm3gGt*6_$uaY zI&Uc9IvEZFl3NBPT%W#r)obUr*7M+4%%ewEJEe=hjr9yK59<^Nz2xKJIh`_Gu(Rd5 zvDgxSB4Qz5@F5=xz1E1maBiK+N%`aoOAzWc&sA|;d3MFHvZs4cpjUxwrQpfu(l_yF zV|{`3pVt$P^#oS2e2(3FH`}T+J#x(~Jo$swtZj|ekC~x#3k#^b<$_rf?e|~cgOfoj zo^u|?VsrM69=fM_3=%q-e|0pp;pd?RVYvxA*k1z|4-Y3JN>%2)8H^gPRp6eOK0#XE z=k1)eMW#>2*M6ONI-yvbpaMkiGu5xpTc7@H*zEDMDEr;%*3h8#w#z)`?056~?Tq~& zk8Yu)NDwxT==pXH!PKQV(g_cwUC)S~rzy*r&teR|Oqon$>VFx2M;D8*L7*Jk7EujT zd+?z*+Y>12V;mXSSvX+d9^_Jx6>s6HXcND(y>xB7lwYkD3#e zmKoXIMrTP!;VM8Uqo4y9zBDIw-NHUayvZx^eo^CIRvIz-M39FI2)iXaB#04)cUvn* ztZXN)tgQGBr}V?vQGS!U!7XhfVV2Rg}}n2PZ+y)?-c$*5ZoNls)0=CR)@ za@9lINm&QVy>2lG+@lXEDECXh(t!mMJ9{@vKR8y6Q|}_#oX6Evlh+UT=vOLFm)FsJ z-nNbknEg?HkB<4ZjFusP7>z)jJ&av-(1<*G^yuJ`vFT4QILjSJBKLb`XJ;=lJJz2n zwdk0w@Bn#SFNg?3np{o-nrx7|k&jWpXRCaT%zA~C-qDVk_lh*Wc#%`9tG|CsEZVNg57^N+jTyC&7QZ=kZL$^(MDNVkO*@P=<;IT_wMlb1Vj#Gv(m-_CbaQM zmnm9j*gIwAN+rd&lkk_rWEur6ho&LHuw>pMn2ILTV}WZNFfq7I28yPQ2Mm)j;cKbk zYw2G175*#}d48pn~cgWFnWv(lVEyiT-jJ+o}lcHotDiNm%}l9YAK_{2og88K1O<^wNuR8>`* zr4QW*Kdk#wue7m7;FRc9WB=cuA~*R3ACe>SCL;0DrT*k6RlsvXD!Ci;ohIJz?LOP~ ziYjd{fz|2dO7LKzWeo}f$#NPu3%>+OOO%&^ggHgz?ClG-cG|_wo4>y|3OFB};%$yt z$xLnttI|W(QG7u__>y=vKB4vQ&|Lfc(&kzMEzN}$-lLPK28gojTF|n}*m$WM{2`VV z49A_A^Kcg$B_{ZAoeaxV;Vbd#&F*(cZmts~4=FA$6Ft7ztzV|;Fuxu#Xk$}eHghcY z5ohC+i2Z(fal@IgTVP9cl6_S3PprQd6U#b8oAT>9Pd{r4xx% zeH8wcKTs7k2Noi4rruj3-;qS!q~xlD=ogitKhOA;9sCTgO|$B7{AaN$s;>$94j0bA|Mm)Q+o+eJ^bCaRm6J?S@{%!-nE(r?6}I?4nl0d8cupj(;L z_5}ON(Qn2$@%Y6X;pg64*;)2-HroE4{v_lucs3b#ZSb}sf8b$X1Hz1u7V3pb*q}3a`tBq_cvxJSKAjqEie#FB9{< z++u89g{hF)Bp^a^T}9d0|HB}s$J$kfm9G!W&~wtsb61zaqNh8O5`k!mrKq&#q?U-^yis-c-pP)1ayoJbT?mm` z1Tg4rGb=FsT5_PoYEOe%j?y?i1rr(QOrIjE-$Rohb60woquo-rTw!9;B$b}|bw_)1 z^keyZEo(5-W}oYnhsgb(jCP=0HJih}C3ZixCEWkK0{`Xm;ob{to*O623;~HSkuL=O zbS8RKr%ot7vQA-UWR_X@*A-IR?3XusyW0<5;xK4!Koj*DC8*7CH8>r!X0o)jWaUCT z$2A@Rx1lM(6{kl$xbWJDksrnOE9%w1sO=xh9E5DfV)OOE_H4WmF@5Yf@0(HVS$HK= z;Kq3$O=I>%XW5fHf8ZLwrJ#v;;Aa25#@43b{sA^5PMvy!vjWeww5PUrn5L>O@;#kX zQZ3&>)&aE1HiexAA&IlBd+I6?ZQh9TuD!G%RBaRfEsVPt2o)1(;)E{$q$CEOpXFw> zC~RUZ=&Y-DV)1R3QI#yoeK}<|8H0n1DNOa8{Kx#^ENkBU(aI%JX!Fqh)^wYn zf2;%tU_$M2=G2a+riaiE+Y+lOV=Y!CEE6Z9=$H8x zvb;&H&s7+?$}8zPC$uYlO7xSRi={~H8Dpif>RqqRxyaK2J1u?)U4N?TDR4%1M3=R-T{PRN&3!7+@IWWX%ru;(*bZ*K+h|PQV z{W|q6QQOahv6qH#U$Tll0wQ%o1Hc;5;iX&%!@Y@39B(~=%yNnFI5+vw2Afd*Iwh10 zgOW+YL7zV>jLc;ab`3tv;vJcB@L};|tx4)%+RtYsiEAhw>L~UkVh*SI3B_2l2lUDp zy<7P%7%V()u!yJ{`!iW;@+f1m=#QH3$_-uF`s<S$N^VW_=&CxJS(9 zKUQ7sl&j9DM)M8{Kn!Y~`a+wvTENNhq|g(g7>5zCk#k()8+3k&87a^D{dtf-z3oJqvpS6jn-BFYRT-&s z$O<~W$kwp=(pJ8u7rtHtMJcPhHSCeE|Ac9m@8m6{-Y{#w>wRX?`rFWlPxxoAVfI{% z9h!oM)g=7X!G59yD#HNYpYRZ{MFw&nD%(tT(Tfa`cm0SwaSODwP_&Bt&h;%4+t&B( z2z(9{GRMCD<5Ky_@WxK@V!`#|ynP(6zZ}2cnk2C3eR!Gn$*d_nAEyWcGHS5kZ6%6^ zZe(|-Y3di+hNx`2LJ({8y-q^73I@%N!A~SJUhucM4@u1MhX2saqF+lN6b(KltJ7&fhq?6W5gm8 zw?v7`@cQTeurlP*&ckJ?q-tDx$|x$FJ-oLU(~Q!~9nV2M;4sFe7CihkQYKzK6Pv{L z@>CL4h=m(W@e&PufJd~%k`k-xrHhPQ)!g*c)8jC%r1@ghdg%FSI_8%i*^ByyJ z?@o#O?t`#ifQ`O+JD15qam-ed_!DGDpMV{>uk&ydZwG2<&N@F^9Pr+p3&LVBY^g5rQk3u>_7+N>5xl8af`~ciwr3$jL2Q4u{gitB2}9nUMbZdA!xvIzM`Ive1UYEHU5)g_bk zq-?os4d}43WG2C;T98^+!oz}|fKzXnG9np#Xn#o7D!@1F@=l*8EvcOZ(QqM*|ctq0CJ z=WxGpDKJ73zz87?$%G5fBh~s@&~3Z~!B)f?CRJP+0lwGt^}lkQlDHJGJv(c4cgz_5 zU*KJ+!R&=bq~Jf;fekF7i~9yv+?Q}n`dJD2)tq;+rOM3>-?sNzes_}(`sc_GLY$Sn z%M|-?cySZJT5G{%a=O2@+m})*ypg9NzG903!5{U5BiWFGG#gH^rBe=2F8DeF$Kt({d zM^%a8E<1RsJ~pS-CHIZ-ukU&Wdw5T(k}j2ZwilZl?#KH`bo+8gmeZ>W#Ihn7-NF9s zCLLt7+>WigwO&6dIWj!!(4But$XcNYkVFqVI zw%J0^p6cN?R56>&f=$bkqX|WA9$1`4@UpH$6Ecc92|B78;feK|-G-9)Ecy2|i64B3 zp4oRiR42R#CZ2J>g%?;ojnUFm_p(>+S$L9L(lm`ndk3Eheaed678g{X`JI(;(2QCL zj7j^6FO3sN)uwAkJhzO8{=DzeF>$c2sW865`8#^;lu@f9-V&_QY89{&O#Qb#?c^V< zw2?*ltH^ave!1)`ZIUm**35uqDRp=s??dMH6-3`FqQezkbw9rv5it=Jef{JOJ_!juYHDf@yoM3B*P0}l*KAxg`krV< zh43~dh)mTjU~o9JfU>X{XYxl8aD zs)n7_z0aO>k#}F4E!3dhPfHFzrU3I}SS;d2-JvY|-3|tfmd3-9X8lxPS)JwL&)_9= zg}UO}Rd$5G=#%w1WCV0}cHSSjN)~kuZ>~hBz?E@y^CP^ZWeBcpk(i1JT$#pbr$JQH zqASEmOc`gib7&4O4AIY1oCO)SPkmOC?+%RenmbuK@^HQ8Ui;=A+~-XApeC@z9CO;M zcw**Vt<%t--$LF!9Lulwy?aou>m{;A#G+P#_N_IEJWcHHmf?9l#XSTXblM4{I6bJz^;e}(zVaiGcdH9 zz&tjKeKlRTa}5qP0MC;!m5K8;nM+K$*iO;my%xX3=G)&zHe5@ideh$O(jXJWu$$c%^LGJ@Sv^yMAKcT0(71kbx(Gg zOH{9;fBT=~;CbtAhBY)i)2rtW=Zomf^Q*T{kvi>Jm@46_#LLTPKA$QviTV24F%bgj zN4tKWS=IA9{NX<<(FhW!tJt!;1gXm9ADMr8k5BJ66GEqs3k54F3CA8?-&)#&nYRUz zrwfIq!#ia*F9^gXwtiGkcyw_vVr0|w6Yp|Hgr(^i-50C7D62C$<>QSAz30&Ck(*5S z9VVY#1sC>AjVo0CD)Q}ghf~0dS(H|5-LBSJu7+KD9>y*}EJuV~ak!(Z`&fKp8f&MF z$Z$m7qkV)1#B$89DMZW2MQen2q{YNO+qo!bNgCwRai|4r4V^cl=Hw{%6@UQ8n+$`! z4#DxASb3{Rhy>5Jw2lhE&x+9YD|K)Y#-dRR1|}YZcO?scFyp@TEypa+(JJB5@#sK5 z>wu$K&ZylTUOXDiwc=!>5&pv}nG;k0OtTfT6jLK7;%`{;T?qX^rrh-E(mww%YE^lH z8^wRk54rEq|2+*OXk5edKk_g=KuWHB3mm(>tF$ku<0WiK>RG&7byDBklDVX)RVf$S z-P2HB&SIK~Ae7MzSp9vQa9{udzoLz?ivQvxMV+l_Duc1 z=*H&OR`MPX3m{i1PXqB5#2GgM2x$&^fwVZneOz7kS&}yj(q!%IMG{E2rw7M7)-8=O zx%@>FIO~4jty_Go^s*vn0$u9(T+fgab(4kA_uY|!KYl&4g-!{XYyA*9C1FD8wD8k7 zSNIt-P-a^XInCUF^Y{RqhX>5g{BX*8axn!?%ZQLt4PLq)m@7lMiC0q|WY1f~N({=@ zh-jKc6nfU+jToiVCCCRU+U4LUJXgE~@0NnD>@3n94f_?<(k+avSelGnPSmPpX|)Oi z(W|S8swi=zbdj-AJBDlL_A8zFXh?|NaSt5GVs1NJYW7bpfV$meQ_(!>l-bz3?E??O z%)8&-G4orO73ZFcyz3!SMXnrc3&_HK4}A;`pXp9je*R1HJK`1QAxx8ElQ$yI-Pt=9 z7|~b0-!`Tu!bEM`a^{t?s(X60m+98CkMVJwIdjQsyd#hlj*}n&x`5`R&>0QTLZoV0 zE!}&Yt?LGeo%OMj$KwN?9T(@fO0>TB8jQAO+b%6m$``Uo?Jf}04b+$8h3-KXl04w< z;6VF_<#pQfX&TrCtwaUBrfp+#VA#_LC)Xg+eV@5RAzT9@`?HT*9yuW0&ucdffCy;O zb}|&2xrAfi_uPB#0rX!U+l_MFW&073Ug`eo!L2t-=GbN_oxK96-Por#k!sVAlSkL1X9_ z2Qc*2igcY9;iq_6Qfm}M7y)hcXYfI@0=rY~>+>?}e}Z~@%OTyUWtQOv=01!sJJfNi!P8YrrTs$@Rr_6&cmHe|s;Y&0x~SnfQdkBPgdbw4 z@#_Cb1_kyTv)$7$5=&fJ==~=2QMrBoi9M!E$B65FcU#;MqSFWmnG`y`Q2@J)2|3@g7RI86TBmiU%3vqrP&5F$*zFPic}2(BlMi~ zugX#&m9@{HLT0)v7O}sYi%U~%ya;@|nJ6C*v=MpDck*PVCApwpiNf89sn+RE*+k}- zh9?2uz#JXEUv+Eg{03E5;7IhXqQ#Vey=cj~ivuu91zG=-F_^bnIxN#lo-KvpILaS# zqqT=NC*%~%*v0m_3Y$-iU1p?9IgdvkaK;f2@}~79-`;3^Jd?tRXHr1@;NiF-qB8N6 z@ojj5kG*ecb-lks zEpOgzg4<{(nz=I|i}osa5Wro_Kc`;@iPGa8)p2-JCuVf|sm(89%TRDU1La5)Ll+0- zca62QSX`&tsIq=KK&}U}JMT|)HhlItpo@UVJhWt0ShfR0GO7up+YokCm`eu~KUiwP zMM5lKR1hy)IKthS!sAhAW@ZM7f@f;GGCw^iTH%HmynrZ80e};5CuXCk!O4Uwn8-Mt`zKmFs9FmcnN8qSD%UQM|Jwp?6&2AE$K{oYqwbE_|KM=tihCdPW7?!bHcI z%R&REYvD%hz2@1)Y4PgPEY_gn;n&kbU@i@;YXes5KL024!u&Vut_q%t>1El>t@adg z_3PIk!|iuX!QajFUO7FMaQh*@%gM=k;&OI&PRomzb-exk{Y!72U+wvnL3eT4YY&9| zYgEUjzPDZay=&b7+bm5A`TE~S1p@;Nu-PEm(Da$m4&OC6^^F-YY`Epuh~H&iUS1Ay zab4rUIZ;*3DdFj@KqwXN1qM<}QdR+2uT?k1cJit?jmM zspJ^`!Cj*h77>pzs6-PeP*^8IlPS=Bc7q?~cOW1Pg4uV(Qg8V22Oa)5WvEu><2=RT zZJP|k0tW!VUs^5IeaHa+j*p`WG6caG2%gzO#_%5q4d8>_#Ld(2f3TnDqy*l}id3hF zOPEZCGe3Ftz~~U6T$r8I%3YE8x+9;GkB|rOsvZeA^6B^>nzas`;$B?RSB!KU&$jwl zur6JFfxs@6H$^21ofcp;V@O7+@+^vDkOpa4P{^WXclNWdhLVIIHV7=9dvx3}M`8KF z{rl0+rXn9V8;OJ>(}12j3CA$mkstxzbP|LOg7}vx)i43^2Y5wOVD0J~_Z~Q)U+KV9vxF=c% zNvFlCORGVdCXq6oTdWhw&^rY*-GBwuVud_z<#29jg~WHyfV3h0h*K8tt({GSQyj7G zbqLZdiRLK3d9eVi|8{9932{3M*TCYB5ub)Ijt8X+CoU@lF`?DN?`l1X5(_`KG)kMh zJbnU~0_~r)XvzAhj1CgjQ0K+J2Pp`v0xh1k_)`S`IS)XD)W$*&e?bNk0%aQ3RsF@5 z^L9X9%_U2UmDX(GY+WB0x7#k_dm_3H==%<7;{^VBk;qrRZOMcaS&Y-IRyPl{2IF;r zi$XLoZ{6hyE7mIQ|GyS)_beByyxHXgDt0f=P$vo-eP3ouc(g8Z?0zVkjDdN&Ck>*? z_G@The^(Z=-%*6F=M#yHQTnb3A8|`VxBCBLPoQk5v!--fgJ@H&)m&4x(y*Yge7uKS z_-alR6U$}t{nx6}!}hQ&>>(7xaOz}NP{4Ph9o>Qow6XGVs=u%RRICPTYmib?>X328 z&=Iu%&qv{>o=Ojvj|k(d&j^UpkS#`|h*9>&i75}Cy$NO^wd3K9_5aY?&Y3qb+tGZN z;Cu_GEu!jfaqT(&%(>H_QRem95!mMv8c|($&d~`7yNP|N;a$2QH6RD8fYd;d0BrM& zj$z(2Pgv2CiDyFh6HJ7)jV{b--@QD zMq7@32#5Mss?le3NY<4>WoBd%K6wRHGQfN{AHCE=CNs|4X88=Ei(waK(gaHWL)W22E`Sf8OZ{bwLQ1$ zt#t6PIWrYtv&%_VG}afZ4hZGc$Brk!PqGF>-CI+74Ef{_*T%!q-m#yoJ(T4M?!|Nz z!6Spd6FnCt9+lGedq)Wz2g~R~vFWA%O9``Q(^QTL*xq*68J1W zK68kiH5Tuz(JN*?fSuq?Vxibu5GCNSa~~WoHR2r;UIFef1yLYQ1I?ON2o1$0K0brw_o$?-Huy;fwv(hK4qte7JlSCbg zq(t6tT6m^05Q+ScyaR>pX({v$L5W0LIE%|{4R=y zh>=DAX_6v7{mC*)4g`kD)B7y{Ksh4F)nU3SNdB&!5>tU^vdH5VUWFAhjFz)b=<5oRYZfEQ`0-w9^z<>1mf-RxFHg zJRUJ`Gc(O0Ag1Hu;=(`J&bcS_W4ZbHaaDhOtQ~A(+S=M6)+#P8P6uvWYH22t%>llT zMF`MYR+G*fqqQSWGaHFh`l~Ex$AQKSN%yvd3^){~bvEmje^-+x0RqT!Sg(wPkb;t2 z1)usrTU!X#VHI!NIPhNy8XpWu>%fl-_`xtpOV+WY+lLN}`@KIT+>^+h!GGJO)Q?h> z6)!8|i{Krt=*$tL79C8-+|aMFXAgwQ8gbilWh*t;2DTrcZ-m{ z$dm-Wc=Z4*9#WMVv5=7cCuKRP9JDW_041x@a-YL;b7M%qBP~YSTMdX{md1Q<^N>W( z5;6PvV>^tj!Tk5!h&6XINrqvb)%j>_&q5R!l|UE8r|6~s%S<|u+etX7c`yQC(miXD z$^S^~?HuK~Nnv^-xU)Lx;ygV){nN+Am!@Hlg@rGhnca{M3%ie3uUXoPPoKHOpTFRg zkuj!cpyxPss(mXyHI<)~l$4r*Va7U3vV(oowIdWs_yG}bhBB|uhBTLWdZ2gV?@a+# zl#>H~+&#pduMiJQ)>Bi5H!Ock14t;eWH0Qx60}d@V?(JOezC+y5pjC@WC*_K9;ERa zc#6KaO{h>5FCVNaiH<#gLTTd5lo?;=Hyl8H=$d|Md5b^iy~n^Xii;~Czko`EpI&~g z2YlVxQ$@dlq6%2gmuO$<-Z#0M>37ZG4nW&cxs=9nvs zX-ZHxPDDmP16npYI5`!e0J5FS6VgEz%aS)t80u@hoSD2Iccf~-nUdgatvFAmwIN0J zpx9={=?}_8m4zSC6oE6|{lobs6y{Lv73Kt;0K?Wnq1cEi0e6a=8cjU*2f;?l)TD}y zw%nB)&Zt-jzjn$9$d`!t`~{BS-T@isrk*hS*H-sZt~*^WPOa=6o}J%N=4vUb8MYx- zI*R}2`tVlP@eVWyb@K3mXzXk-VEp`e7K|3H`#o~OK>=AgUi>yXJ^!s0S=YdT%?_l! zA;p?p4+o-szt`g&LI+XGW#VAfeXI+^x|qs;{weq19)ey7Ve(GTaWz-b+3=_(^|CzeDk9!3)kAWGH;fCK(0IF;Y`1Sk7)fY;u>e7t{S%zQl4F3i&z zDu?$ZWLgj2Y&$0$?_WV?HmH0h`oNQajuP<|+I6ds=Oz4qCeuy29@czFweL?Zlh7hQ zgd^4hQxT+Ut_lweIt-@5?~w=s1m+}lvR+EzCXKe!xr9p<2ioW5B4(jWr_I9i@qW+8 zlb(-db!nn;lXM=Ut{+6xgjl#C~92f;Y zN*hyJ8!}Tw2&>=W@_a1n!lamDKd<|@p6d1kqJVQzS60Z?E@Lr0d_L zdQLJsy!_ORU}<@2v!4g3LEotsuk%MCxn-uK2W1LKK-YAH~l1P#wBmUHZfs~<(OiA42 z(pDapZ6|CFI<3iWhQ~UI9`mxbkA`T+)9v^FrcXc74-VB@Kv{qX;aC+b&U^f>kn6f0 zPID?cBkgMB&`-4X_)<+fX&`D=I2tl$1h6L_Z&H|U17c7FtDqBCp=60#T~hr&4;SEq zOTtP5bo0F1T@ObjQtd0H`qwJ{Q^|neQg~|;AY^GDCgGd4kcwb3anB4W)cZGpQ`PJ| z!G2?TbH7tOKZ^PgyWhe7Nmv12E5ZaT_Zd&R3dm5BNHQul)^ROEh&u(+xcteYEot|C zA7#775^xf+VTk8pR_iN6u~`Av-l;`8c5|CI1jBWCP_Y$4_ z4ua(uyp(avDpyVF-%qTfMCXV{Xx*Z=@{bf>o#9$!3Xy03Ut!m47A@aW)!{9(a*?uE zYQ`RSw{CvBLhk8|y7KVn`~PVTw|Ex%KeKE56!skSUrg;53b-aKD{%V}UQm7luqDgH z)H3iiN=m5Z2;zt_hwY~(f(m+BXRknSm)G>|^Km#<3^6~Zru=%nVQ%hgC-e2hgKh0` z@ll$jNY{~kyEGuRTpd>m)rWAG($ok5RYd@>m{UD%YR~ZZFd{VjSpLM+K zQS3{|?g2OV^NZxrRtyck8L5NlMLAP+4A?n3=5t~)e)v00VL9cnWrH-9`0|9{LKJG# zqC??NR2`X~*uJTeyieo!ux5I)^g!JkI#M9746F3{0uAdm9fnHQezpD=l}Jc?(;L50 z9uTGXKW;h>=Jhr~XFY-iKz5&?01ul}-<-~sN;+flkb7D9BxpkBt$*^H zZCW%PjGVE`J#al>4Jw6Y$xHz&;Xr3uiv*GkXT@gn4va#@We_#eW;2-dnb$NPp5YFg z>YDAyNaC;&B#unWd)QeoYctcU&U~Ej#@)$*b6mIgT(JST;=T=YcR1@AAd^)+A#Eqf z+1!d%*V${h3;GIX&lOsvU>RAG_2%JTMzp5`RNi=%HhQ(EqzXdh>@2;X3tF>H$rvU4 z73&6!crUgWsPQ`uKlMuz4&H4%8GY~;c2ow;q8*G^{h<*waBCYNcmUKpExN9To`6cC za6$g{)=26z0hy|I5*HOuX?8GiO6XbhhR7d8Yn&l6@e8~Xxw9}b&TVnDDejikmm8*X zdj=I0V;_EZ|BHjk#2k$`e0UL>+FI!nM|2a~P8^BLE~X%6q&>YuF&74Tv(E(vm)egV zIl>NhNIteY_h=<5GwjlZ12i&N>Vn5ZQzHvC75ax!?a5Lb@7@7|s9nhuvM0t}=m5P6 zFJbyhV&f>*Y+(D~X>sLyM&CEDsI&q0&n=&30c6bSlsWq(f8^@(!6%mCbR1C^7zzyy zi2-rXfiz}`p?Wrhpp3*9@WvKoS;p25Qp-a3+pE`Q&G%9$S~mE^`wo#owum129p z{gC&lCGOB2e7GjgsO8bE*~atmB#C!Rqp~UH2UH3?!TXv)KCJzlLO?{B040ezWApa~ zkCMCXWER=H5KSJeT^e`$^p=eY;RDg&vajlpnQNW&BhQI?__o{6JKlDEZ~a~1-x@6N z*6_cJ#}!R~ExK$}<+d4iJbGMNvJzZ;UXOkTi#rzVpFL6X?5Sa)&KHB^mzoyOFEC4E zb7&UKxe{=DrLnjeIBc9;0TnCwGg@ z)GyQf-8>lHL(TEohoN+fr_%hyJSp@ZT-1m+iCubbQ>o*B*+C5K_A`z~^#MY#+2a(>_(r}rV}$W8^a;IJ9YD#NAN zdbEC;PC2n(Ho)w`!KUWkfspqAdEJ9wdc?Qvl!SeDT=>zl)Dw@x?nc(pqP#NoT1!t&32|! zNA9k@LlgXdTpFDdTx*H9Et58W_Ld}Y_xo*XX4)5WJg6vo2q>B&Y056xX}Mopr9Q;B zz)l`nIan$~yv42MQ>ZQT)u(|rxRXit+N37aWY{%Q#GyNBQ@_ev-3q;4#}2k6Oe}x+Dt?xoH8UC(`jMxfA4POp zsFC#BI3+z1#!CRV{Br6f3&DHHKpfSi{I+K%fh+qR3|!eyK9u9+H6nfy^H2PIPA*wG zAhazb^`&-b12|POvaK2JuM-wGN^eCEG4u!~cElO~Y_1E9XQApc3aV0AJAwP-PLuh% zOJXx0oFl|hD^0>L6rg6sH!86ec=tMt=i8!yrQXzT{6B)7dq#rX?xs2);v{}iKWY1Hb^;(MYtIPsE0(uIUX5~ey$<-Y6?)eh= zjdn`gTHrMo;$bLaMe#5|qA3#~x1lBzKH;^cNC3Ba@N+?hHp=V%O!CyRkHzh7El2_& znmKO2@{rNn?T?D8rs^x}{ddoUVJF>sDQh2lH;2ZAf9CfyOO;>YM@<^kpx6Rk#3O*p zJZ;GFWu9Fyvt7A7ywsSu_gLR$m-Axt5|15%(%2aGocY*4+bnM?e<^8J(%3;m^e_9( z@KFfyey~1IT@AjR`*d7ej<0~ z0SHE3W8gtur2vYg8JzE=!@_+g)2{9T#jZ4h--Mg{g6F~Jf1o(eq81#uvF>Ya=P-Ai z6B?SN&iRKN{P~5iCAt!FtG9Tt!pW$Blr=LFSd(*=EY!q<)S0iH)RVozok0^8<4a-O z79cR_LW}f=cZVhioRyBvR{5Y;JEP<^rgXJZ$w14vALz^l!fv7*I)2vse>m6CY}~iY ziRN>w5Ln5Q$`6l8|h; zi#-i+_g1vBPB2(08}hwQr}I!EODabL{rx)t4$|tEl~)j)V=c1oBt7}(asN>GncL&h z*6)J%D%o);288Jblt{rc${$E9nuU6R&0hftzTW@e490;}8J|q4b7}RhrJ9M+cm>RdJwstA{@idwV3XQw4$isjBD8t& zExlhuJ(9~lt>hxrAMMGDhB3tJI1^&4K|BCAtp@xt_w*nzZG^PoUq?wTystx~9s+D1 zUePgDtXTg{#bmvkM*(<*5k(nLRTzx!ZhJrL?G+zh{K~$6C7R@;GCFNI^ftvk;gj!4 zVsC1V@b`OeG1Ncy6)0v2f=7zpnmIj!`|PCNsAwFZilwa ziFX&@CkQP0^ zbMc%2+B>&neKo(H&Yl~9W(ElHz5N{i`)WM7w{QJu3VA_yd;*8C5T;VMfXH@YzmyaY$RB7bhV6MC`S5 z^%Q%8^K8ymsEbm)sPXWO zyo-5TmmytT%CXE(h}OdB;?#tbA8-3Kf0xM0e*VWo`EpftVCQ$e}l+E-k@MOt{J zjh&G>ofb#=rF&gqC3qTYThGay9x~bjI4NFj7!~9Lz-M|QBoyTi2j1@G4(kCeuXA2* zxQ{I&&KIc?)~T`j%(J{b+Hvvc{EqaPKf~CkN;+f90KOmjmkpPKxR)asgN@37pAeC0Gc`D31om zlpZVjQw{j>_Y9|?%(;_1aN{ecPher^?mm~g?{{lf`fkz$-jPmEm0RFY7CVXS9v4vMYBQM*q2MvAhP=D%pVK-n$YGw*2U5MTb8Mo~c{ zt2(r=f|QUGEMMFO^7E{wVFYD&PK6%?dnAK`cIPF`2|{KhJWKw94ld-|_IO@@mgr~G zpLp#s1}5B_vvaQ!ISq_tAG%uv3~M$-J*9{r3e;SHEZiJJYBVJ#G-z?nbYxzZ^P}?N zIOS(in5O5~P$zRx&Nl|5cg27zwNKX=_ z^xAB#MHLX0JsGm1Mm;e{+ATblJFlpCo0sh;;)hiC6ROiPT~bmn%i~gC936YtoU)oe zyMEeD6Q+82M{IIO{17a#FK64)auZp6;pC_-S93FmGpSv%v~5>3IgAS~RTOFNP`k>i zU4VaFDPQu+(x$sM$J;V7rvR|elor7p-aubMhuLvo$gLQPq&xl4n7Tg z@s@ZDND<_e(*yfys>r&Ul)ki;qO>zSe_jylkDJG4`hq_!mZx;OHk#(XIo|V$-ZdfP zR5I80pQkCiev>`!d4-N~$;<&)zYOh6L7UONEHh}kTDXl{zrH=b_%=G`5vAph_!zjD z6W19c<}D%^_??T-oT&eDRld68#_@mr#oD{26H&#Ezuf2~MRe~@{H7Vp@MZ-<&;34y zo<#&^&;)E_-O%|H*E2ZTSxpmxi!_QslMXz{YAQ@)4$h6JCnp=2%U{y_KzsbSE2P`! z9o~+>S9Be3lrH-nQR3lyA6U11fS`K`1BQk$+!W3^+?n2*n_ zr(QrnjRjS2!t?@Cyd;i+>Ro9fLIcUPh+71%G(Q`8Endw4v{0vpvT%D zM{)jNQJ)_jdbz3&S}O5TlSU)HX7(Vhg*o(lYF!!)+_p{;5z%wBu=ac8{jakh+#!@4 zGZ(4iW0clnO|<}H$0W(?p$!d#4op_wYyt{6WpGk5YBZ18OwYqc z5NU@bYAGvVKGx)C8^kQ|h;{|1ko`aU)zKlJ0ceeMN zh}gzmpzj`WDXn(i@HcNBJd<$a_t>3YTYOn}W?j&t@mBe!W>Rn@Qw)166XUahE(Lrh zlJYF@=eX=R5)_ox0q?P7K7fHP+@r_NUJAG>)9=?5?tsqPsw0`vhc@v}5Gg!Ori`iPzf}bl91Cy092g&r zU(Hc#EMKG>Y54#o@yZcQIbFme>mGT!Q>(7p^C1wSHs$Z#zhaIW_6D&@e6S>fsrbku82Gi0M z@57)67VTgshM_xkUYXDT@arN=D+S@E_j72eOfHN#v0?NmKdjc>@8er!C(3 z*+~0r8AKF4kaBUUqpEgtmmaL&-GAFd{*A7KS%3^+7@sY9T}=Z1Jso`oG8EJMR#A^M zjM|VAEL39Qg<&5wtx2t4+M#~Ut^~Zuu}@y89CYW1)?>Ph+H$G+L&iOeBUzg#_t$nC zO}QtgzZ9yc66#%WnCv@m@lNvH16owXD1eF>6CH?pX@)IR&%K2jSVEYZ0~nnffXzul z$N;xParBl@h`VHzXZ3|4hM~o}sLQ*8riR2TR6M+uEGet0r)ll{ih9pSkvk^n{H>Dy!%0b)?#j?DeN+^wMks%a-*juMa4~GnY&%ua47GZ12|`w9 zm$3v=BwET4IlH@@=jb4VYE3;8C44J576*L_2arNnp9EqZ8W+e3sg@5M4Hvfw{}L9Z z5d&E98+crL(uz;v7JCi6fhT30^Tuv>9@c1~eZhQJO#8`Y=vb+ZxOi&vaLaMoOxv12 zs~U-bbmJgD6XC(5{^=s{2@psRvyf>SOL>hl$PtpnZ$W0emK=(9tL9N$@-Q$ZnMB1>#$RMQdJ=3%X(<;IesL zA0Me#YTytISyaAjo@C~WO?B;{6stWq{^@S zuY8TW9eWvsMa=~TG*N+t@;ExcPh;-Dqu9Uz@#N_{o^Q{_sXCeOg)u*L#MSU0Bs`9N_NllZlBCYKFHtn!-E z&hSLcS9QqzP9EBQX)1-J_z#z86|g(J^!C>MHzp!{5N?2$pyXX;93>j1pNWRUBv@N^ z14eupwCG95?7%CgEME6;EuP!jV~SGr-5-^|?A&&3AIV20m2Z!NWget!;ScaFHb|z& zT_~Y|hbn^Vp`5n{X;)L@NxjCuoP9m0-cI|8=xTOQJ_E|~&V0C^L_qif zC~L;72rtv=(9oY1RD{Y91~OhZ*CKv(3{&2nmZ&9CRb3CVNR*7Nq*{1}of3RV_jj6@ zEUnyLNopOOyCwHO7&HbO6ArCUrrOPNfEx*ep$@6_c?3ktF232#P~lmKy%G`>R1RUc zBoq#&i{BnyJ~ljgs~?E~p+~n48Cy7L+z`jPLznJVD)6KKDZlKcf;f(wR^bUC!};De z@=Mli3mcxw6Mg+;u4SDa%!2F(%xz0t67C1p0mHGVIUkkrB2Ly(+H60HuTVpA;4N-# zVm7FSyiX8eK&gcVf-;!Hjf%)UB-xvl*B?sBR@$ZclyMHArTwR-hrD`iVf=wGQNXdY ze;FvcozXhIB|x;>RY$+0dRWQ@X!eSZidFsrijEBeFhLY|ApvYaI(cffi#%##qJyFs zDa`|fJZuX;%kO2+%Ei;Q|IIBZvauh;8!uFsjA|NTuf@^o<&z|8C}H)q(`|c|d_e=S z{Weqgen62*ciNf+3sF1CXFEwQWet-v$3XYd+@)^AkO_85JHq7db-sGV4+2d&wcH%S zqN)MKPqnDOk8PC^JW*u10F4=^-&8OXlEBs3nnagha=;` zYr9XH&S8l4M@?k=1;iOr{EHh+1kz5zSQdY(7qRE*Wfd%Hl6LT2!8Sp$m(Pe1sR3Kf z6TSZy7FPo9+MHKY;A!LnN)bS}q&r0lz=tQt`h05)>jZeiJdXc=jJBb>MdV@$RA|MC|sB}wr83;(HG)M?i0wNtM(jhI4(%oIZ_1#;aGv~aY^S-}- zo*CvDnZ57(UUjW&T}yS5N;E403bFq1l6|3*8_}521_#<_>vvwctQ_38UWIgSr{QbH zFy2?dq~K80A*VNrb0bA27?=RHPr1W_0>BcN`dQLD_2Ge!BadY4^gryRmX{O$(4<~} zg8ugFNMj|j=6mg|{8tcXfHx)t2=FQfz6Z{=(9sEj3U!VE$s1Ugjd24C=OGJ8A&cINhX{(?FTOx2PMKuq<}D9%{aDqXk8-2iC9*qfJ+yXb zr>1Wf)SZujxg350DZ&%)wN7IY#KqH~3KRyaKnVm;P&BoX-nAA*>0?~y4=r$=d+f)M zkDvGwOz46UH46NPHyRS-^1TPp^AL$*UhNMd$5A71LQ`9Lx@#3a=J|Vr0SuQl5X!v_Q`qQgGhqbZFWbObZUK0N}_#KuCoH{4P8K%f{y`%4&X%3(|<; z2dQK&^$F43>I`S*roKHOoJ)05551w+Jz`HQcN)y144o@&bmvg%jZ-ulaXPg)yB}yga4=6*r`WZAA({2%0Tjm zAnk1}_h^0lt7$JXNQfN9l9y6TQoH>os}2ow=;&)%FOWY$-r&FKp2gPyL#AkK{sm~5 zDKd?NO`i7Yp}x*_Ab(X|&Vb`1-+PZj`o;*F_8YzpMn^ajE`xw{%^EQwq_U99tV@sY z;CB(lzxOysI1Mw+ul=Eu6MV{Lc>{;venK*(sLV?Hsd()EkhL}ajT^P$JNqJFU?bep z`zQy-XTQb6T~-&KaC^jNDLdL)CfR?vj^TcKd41(oGck*c;mZoDq_((TOk;eDr8c1*6_p-rA%rX)9Y$1As*z zSt8)WT=U$zF&}xFq`UDsT}@p>ZbVDhA%Pe;ZGAV^4=Y@i%(aGeT}7&;#AjL;>xT-X zWAb$uFX>s!JVyNl<@TqqX>_PZv%n`6R0jLWQxf@H-l84_!QFtp$!2dfA)aijO8x9o z082#}|JdvL@`fGRx@p^IT_#!v9y>&+0QA&}b%a+|NDnKG*az+&Vt z%L3GDkhIvPPz4#runGGcS1?%=JDrh-UrvO>aQ;7U&E>HQyG`S6hgC^HBc zqib|5X<@#W{@G&V*`3k3i%+VkY(8$wr6r*JIS+U1dlp#CYY-o}h8W|DIjb;9~l)v2Qz0)-8)fda7geEmkb1vnQ-#{-1sQ^s0+iYPK%bqH>T!TO{#I)J4XhDcE+sfc)=@QjB8a=P#v3dvD(&xoEIJ3x#Ef||-H zMtWv30Fv(SZpf>$aFD!6(ozDMj+Y))_|Tr`$h<)s^QK-_E&{%C=g4Uqthk-_sb_DO zEx-QN1-QDyWrl}obU|{=^o&_g44y&~`um2!PGHsiKeY9LbRHp{X`wp=N~|=?OPTf! z0Kjuc|B2JsNCnnt0~K5c^FS8#at8@VcY4q2O+Ewh*c3(caGwQ@s6_kYZD0A_dyj(wKywY1R1?E|v1 z3H6q{)`z_j%|Q?s7ova~Gl;{{Xj{$X`I}ZM=i-a$02>uLY0))$ zC5qoJ2)GXGx^Cf&u7BPb`BRuU+ka}A)cETn1#SR5vzy3R;ZLB=J)zL+I(}bD;%@yh zR58Mk65zi`Lx{pj?puxzu`01CtPS1Jg{})Q!iKp6&MQDbuU(;#J z+i-}e34K7O2#6+72YVp~Qv&itzz^xLYwF|V_WmcDk)Ba@L}Z2w_Jw*o99PV}eW%VJ zlD`)omRHNm+!8Lm7c*9TzTaYPeH}~h{oi}D-Lp=P)_0u?1jm+8ZU=1IA0H=h(C$3= zOX|?y&K2Un3%JDAoFZ29;@<@C5TwSBB7I&O2oCH&vvSXhAP05E{hNaVrue4WCD26D&IVfVnSGD4$o0=#bGd=r$BQS&lCL< z@bxF5mI#4z`KZ92>apE}iLZ4dGog2!mMXSx%)AUByzo>!nCY2Wy*){|_u%gX;x6Y6 z^rTr6!2-fG0e|X(JJeEnsfS^6! z=+;hSOY;6%?>-_0n4FeK(j^4jXJQ6=yskRxlxH!7zTa3OIglZofmbI1cqfl!O|F+DpC+L}78RexTa z)Hi4>GN;J3Dz5SJV8nHIx2TvGwCazaTkAa=E^ij?#KjqkIW%fQV2;X4TELKU`z!9Y_w9fBN_4vN+I`q zGBSi4SXqNQlLD2*jMp^B-Y_`qekb(tPA#pI5Lr_UKa8f_6dx*8=_ z%-=r{Xym1JI^plJfi%hDPcGMftRVtrRR&DkoE52`c^`_Bl$Gz?ssm^(21SRImoGnO=0`KfHuJgHskRgJ54PP#PxB5`5EZf97Uwv8EKxU2MY|5=BhK`C` z)-yc;RL}3z>PRF#hgKSPBZYz(5IJ8V`pd0|fEQMG%VPu=8Znr{AkAarMQ>Y0rFtU^ ziR~xya6+G)j!?`^TSsFr7*+t9@e-9t#BG(-%X9pL2CBEQs>u{ z?0E2a^Ic26>yf44zDDk4I$^<2KWv$6kmL{a1>jt38)$6+&{PBymrbKz7Hh9(Sk^d( zbpd!BVB(LJs1>TzeP&dDy59}S37kIbp z2pL>KZPe7LWPfGjfmLOBTHnwMd-*WGb(`>83|KLYn(<9QBAWxY^HUr*(>fg@V=d+Gu$7;CBt(xk{Z)n@+~FVZ(9iPQ1Kp*sFdf15Cvh z`0S{gtkrwk2Eyd*wm6sjQq1d7SXcU%0qy!28BFR#>TUI~6~bki$9sntxt!Y>oHwrt z4>b7e>~0gE>_pzY)2S;Wjw-_%6}Qe^VU;(=q150DHj&y4v17kXZwsXF$DnWMBh#nL z4q$vBtYi_Aee}YE9Ac;bc<=*&C71Eid!HkN%)tGcYE`YL($c0+)g!TcTd??+S}ls4 z<@FuY|M`MZhD-ofJ?TIJ&KE|)#IMa!6<6_y<54j+Ir+>gH4L}3ka#*WUUzR$=_{W~ z7yk9h=Xi=mq{{H!R&2?GdW3M8S&{Q-MXW*Xo}}De$lo(|EHQZBFaT zDihY{`US$D6qDi5LcZ=NP5TDWpqs#T|Be2A0q+bb*8Rhl#0InxKe9wEZjtY7ggET@ zt&ysY1#7Cl-CbXtT=zCtAV18QP)Ayh5Y4qAn!8#{jUzTF1MYwUp>YF20k>x>+D*_o zN?D_2v7>YRi(u}uAl;-?wY?`_BuS%}rquk+H2G=9gR;*n!VI{GDG{RLp+sJ`YV`%b zrwM+qbgpT7<@Aqw1~<&CFXEt?AjFF`@XXy&0j_OBqa_ut@2Poy8(FR0$1f;{su#`1 zCoK<%{lh>}_!tf^Ue@clDYx?P?T^i)ekADI2l#Tmg(QI>^%rozC-x6*#Qh{Wb}qWK+WQ)^YqzN`7`E zW>(}MYHBofojf@Eh#r%WE0W!GSeg=mU z7%w&$=pPrV%ZZ($aBSkhQ_I9t7-yZy&TUf%N65YY@?JPsLH8F*Wco1qr-~`*GQu2%ZBpA@Jc7c+LnegMf!>INOJ;U5h^_&-pm_NM^C)Xk9E&*Wo z?8)Ur)rwd=W}3@=c-S%?&e?Mt*yX>ie}5Q-zA8s?iNOR8;mv2|549eCY}GPalF!!N zO~Ju=$Sa5B*}pG7EIUXnFR+qwA!Bsx-q@+obyzwlGu&c^dP@%onTm+oSzIwh(sUP@ zd<0>o)+bWP1P8e}n_u4d>Z_`gLoIYwZsFM!$;{W)E0iFR->iysy zjGhqTZSdLI2)q0yqk`6b`g`T2$}Gr%EjF{#3H#gGx1Qt<3BWzwyAUxEBbs-s%1xP* zeE4<3O7}m3HAu=a4Y^&4^9dhNg;%}^$(=FzNqHfj{FCw+3M%r!R>0%cuzt6N4tTq! z0w^vYr+qeEL+*IEP`K&jY-h?`q{V;zx`_cYONw^IZEMx0XMEFE;@kC3=GM+^*!`T= zFQWkFLZzhi*&Be7bXsJP3KDo*d29j?dkU(zTnG8|0j_)|H9AwmI=`bx@BDnCKYtrJQsLar!t(;O)~-=UTdBeQ?KhNO01!9X5kT!`kC2%>p4 zg#`P3q}ClRt^O5iFwSYw%~Livob+nYt(&@cO85EbsfSe$BFS(+oSx@*k=1f?f5G@< z*s|sEOixY;Bchxsk4h=o*Kp2|i>(hS(Sf!1F&d#Nl9W#rZ>YWL#5M0FlCPUvcj)4m z2e~|7$a+}xU%j0@rI4G)Na)Q$xbAc}vSOvVJltybP6p*-h0^4(9?^^ul*bU-mpVg;-};z}H zkB8)@)oj-OP7ANyy2>~D%#{nAc#0$__u?pmIHm4!H%@$!M+I^!q>Ed+jr)~Q3J?hk zMZJ-M;R)*fF9z?ao~LnGaw+Ww+@?&jSbTn!-&W#>{js?~sp=L1n)scAaxa0pd#;mq z>K;xlM)zyiWZ|!@Mw9Jo)b$(D9FER*hb;VRF0JRbSd}DYni$U7{+;zc16UjvQxqG* zF8hJZRg8@jfp=u0SFp|N)7<&4Z$Gj#DAAD87pKTib7=`b!faQ9lw|%hV?0k*nIGkk zzCG%<80{JAWpFm0Be=&P&U{14-b-P>W=VjjLxCaj!~21|q5>93x;A#26PNDUx{c5N zjDPp0Z`mg^274_*I&`K%hWx3QS8YBY^6dwPT7#0O`Kj`4bI&U`wdN;@BWo9be(-57 zH&4etm{SkW3%x$dtF_DjMQQ63+Sg&i24nN9w?9Q9`T?wj-t41xlthBK?zzB|>`mxX zf?PpvD2Qku{O20{yg`U^sz{THkT_i4W#PZC+&RD46e=Z~sqgszO9xg(`O=~{X#ujSl!6JH}RsdY~G0R+zi7Qf$hrwjtsnmw83i#`)rQk+G07k zU4Ir3;at4wRw{Am05|cz=kCN>Z>J0MV-4zw39rio4^&mjb)* z-t+xrR#3<4sYuCOVbd4$Y$X=`hW8L1XLxD6`KN{FW8>pFez}XgC(H^Z?SY|%bQxTk zMY)1*N;}NY{G>!lkS>=7C+c%*~A$ zyG_3-p{j5}~WB`}6Kntht?(=I=YLHkV!r zh`(kd()p8^+zrAn&!SbfPiws|e5*!P)x*hO_=zv@b(o`cDb3*&OX%l@i`y#l)C1yj zjO^^&{J*7YzNuZjTU(FuPACavbjt+sD5!r;1>ParcIV^_&R+$`JyPjfKCY`5ozK(b ziB`m&`%D#r&ssFF6+rn@jp6Jw>owZyRMhTn>gc89Wp40E2B=Du9gLe*UOc-7(a8cMO_^HfY$UJDKD33)i$-;${whd zGr!TY_>=w%>BA}jR|;KX{I8d~GnN=T1U`Q8@lR(1azd9U2B4jG{Slmy7vs;m2|%f& z{#QN%3KSh<1(aCYnlp{;deaz9 z3uUN1k@`*sHQ!&@WNv6&VP$O%DJpCauuB$v9|NoE>4K^K&65ItFsZ#n$W}M$M)fFv zDb(kjy%jfhnfd?<0ra;O+6HF{k}0?3ev za|~AtAPPqiG{*eUj@0)Q@V8Lk2Ug_+#K1C-Q{^~!(&mgpi+aNZ9u|qLz4U9Ey;n-yI}uAeqBVc3;C?+N8+6`@k9SH|ilT-2gce5AFs;)murSXt#dIy)&XYz%OeBHxy^q|-LHu(M*)kCP6X zQt9z0XRjc_6kR5m!8b(B)x>FXf2XLoG3lbg{HTEzpRz!a(T6E<%)S>i+61zp>`tj= zUf<0roSm}lpQGs67fJ+K;dIb_@BZDFQqu;j+>}K3441!^^@oZO6r|xW{>ck4SA9w8aw5oiQ9N&f_usfrd?b z^t80!!X@oV>1}a( zd>Q+`i7R5iKseL?IjZu_HH0&M495(>5DX9wHz|o^Md9+u0EEbCp_N8OepQtxQY-%C zI`o`;15@5_uL1^pN|c|&TBP5U;GZm2=aMHj7VgKN+9AKn6Af<;pKE~)3hYOukQO&p z<50vy(?#xP6E+v6hEDE_n?c2NSVh5IH6h%DQ?dN23{}qAX?>b&wP(j!`2s`MZTg4u zq>Pa&I9s&4yIWC3MW3&@bXy=Y)9%5&q40q``Iq!iW8=bK5khzV) zf#uk3&EH-h+;w0(vq4)ka@7gAZrwy~IsEY@8P-Volndo@Iaa^|jl?nD)gV)1PPT`P z1OR=Njm>`P$aY=Ref=AwaDjst0_BcubN~e=3%&wyhZSLH64Y$VxJd2L8dvpm-hB6A zg9*BztlGlYHU=zWor95P|V4cyn&)+>E%Ww=kfo-N`*a zvNldJUQhw*aq$zdxE51>5B&&8Dmn;`o2Z>); zP&p||c=^$T2YP&^g4UB~An3{Ct|7lk1O;!4jEqDE)8C24iKQ|vFq;r6*_)oaz8 zsh$nFN~u0w#iWA$uyIgT*)h|CrU|-Q8Z3(zA>^a089f=bH5urqnil%1L|pxNjDyCM z=L#pMsD`kC}D*BT16eV8`J(mgM z+Y&@M4cg*U+vD2F4J_gG(f;UZ&neK2mh)c(2mJkwqW>#SHQ^z zH~UGJ>5IZtA z)1BRR6GIqnh(i^Dqu9Y~`ve_{Psf(r{pE8R-y{e7GdAA=&>wk3D&St!Q{OyxC4{EQ zdC&m#n8n~XU4tZwP|rG^&7T-%-U*4jT_D)KHmUC-v^@VO+|Qm$U#{l1^(oz>9j*r? z0Xz3t&4xn)-s5(LwQ`%nv){>Dr~g#4gdAuPCvw}~bDq;13GUo{F5>+C*i2_hIR6`+ z(UG3Zf4Kly9mIZ^>NN^w!9|SS4=jdDpn?rXwS-8w7v}Y>HlG%h9dVoa@iZj&#nmxC z7Wj^rrG4`$Z%?6?YuTp=qld^lq#BqlEEtM}lCf@9}}=3<4PB6&&( znZksp!EDI5b^6!1E+XuPau6%TSI(d<*LHl$tvE$D`MrA)LTt%cV>++7|gJR~5ixNY@Y@muFKUtO-$kd*6` zENMO4Dh+V!vr&h<@{f<>C>{UcAeVEV2Vq=`4Kz?XpeF>d3JXA~s^7Dwi7xt^uGe3@ zk31?kj#O|Dk^Rl7z$sb8pkbrI82CoeB0MaXGctDm&Q5=qOW6!%?&!(oYHKVic??Gm zok|d&A-6sh+C{WG8Bh=ZHBV(c`bo#>LJ~&;DhZDKL&^KBDARk90nic6}ytT8#O%n?FgeA zd&#VD$vGdn(#4QV#uTM|ct9N(Kfk8hR~5`D$bD{7@qn-xHIuqo| z-r#-^UcRIG`)R)Bm1u#lw;y>S#8P5Xh3o)@w~gog1*A64L_w5{?!&0-c%XS825@iH zii-YZDmx$diOhbj*p2I>V9R22GfyVc8S8>eR>X>VqwoMfVq%KYhh%f~RrS&oTjcK$ zF6R%?*h_@^6)5u7%({*5e~Sk zJCw#7ZCbriM!Ly=*G?S6*#f*^us~0j8)ATgA65nD z-aiiHE#I7qza!TyBwP8SQ$gyccY^}*-;=~;=^^^Cc7G~8{+jhz zvKBY+A`xl0^m_mc3?8hkzNXOY{Q^ZrXx(PGm~ek|*+Uf!P?nel{yjhA8X_AGYu2Ek zhiMnE?nrz{W?m6T#uga>Smk2W{!-tbBb2-RH?EX?T)1deNo_#BNtym?iHR4})qj3r zBHLT&GU#GO+qT&u@>Ovs_U^-VL$&rt0vy(%5NI)Rzix%=?&No_34r0@2i@JPb-k)h z8QiHM@evH#F*nqsd74+QP*kvALzu@&ntsyS$p*7%mv3q|86_#xB;H}496#QP7X$0hkd7QS`(A0_Ablj-}2GdCEZp72ShRYVx6fJDpTgwLV6 z#Smv6u#%*wo#e&miS(bOe9>th29Vl zx79-m0$mlT2=pgHyOD4LSZwZh*3>QAT-Q%(pIxm6wQ6jWof^DFDA%Au~XL z*l9Gv>p*9#FAmG6279`X0ak6&`-aAYJ3gqz2ex15#XUS7%O=9u)(QvMTdAj0vd8`H z;Jhyi@%ebT$a3&vjLO?G8cNBl)FvYM{-!*Ci1Xkuo`VBFoqom$$zuGFt%cQso>k?A zD(4b}bnb0;Gw*b~JK3^W-nr$*aMfXR82GvHdr9zY97m%{C0-3(5I!-BDqOo|gBZ33 zZfO^hdG<(#WrlTZh;HnE&sCm>Zt=e3zuTQ7eJK@zflj~beIgj zCvrfZ;M-2wAlW$TCfo8K%v5+bk|7YuS*#zv{bh6UqX<=2+v&OP&rs_|#z;93>Vv^?nY;m%=5W~-_(RU*T~P&Zjw0EMBe9K)dpXBH-XT#ShgszZ!}PUl$e#h)7= zU3n_l%sCnB|hbY*- ztF?4Rn#H2`6*$cFUgi4d_Wv~RIb=eW*A>4!OC(HJrOmj+V8DPm9Xt+5-||Q>SNg93 z-89ro(fOnAF_O|Tlm2%Qkt%BD|8PULJ{w0cYR3z4Wmv*|HpT>$;gA*EF-tP3^C6Gv zBX39gW5XD~04DN3`eS&C7q$n=@bixhgN08(fTNd9wXhrWoZ^chX{^TN zU25QMuceqS&Q%A}yy(p4IKF#shXqIB`};1RfdNBDoj7p3t&9F7UGF!!3|gTYI|r6o z)GUhea~PTbVk@M?f&0r+`L=T^JKdb_*MyxnZD?$2rSGGQ1Zcibl)4Gp2F%rX#(Oy3 z9a&e(y`MW%=Irwb#3Fe~@<+|ivh8rxAud80sy0I})U3XiO`+(h3)-S>v!>;zKxefl(B`Rwp8#E_I~75!#&2O?3oX_r&#Zf_QD$ zjR%hVK8&24C+vtt>2U+tf!xL!K6WTe1z?wfA?&=%?=tm}5f zS1GTfOAv@dIfo*MTxwM4;z!aWZw0uf?gI&wafQmrR?ckCB^dk&bKl!KDwZHy*b{dN z76U1US>Eu1F)dRIjsXS=JIc?D#ZL|S$oW3LaSr_lh9M9)a35alAC}*L$@SqV;l;;Q z$;y)^6hvD8!70-aiLIcp>L_cy)v{h=x7u>GSMlmFx%CdG&U0T$sg&l*T^BHxm!(t4nYJ>A_tirG;K=(&ecDPFgT zDPE~ANVQq-Qgd7x+5o6njZ+=$ZeHJBrBkp2-rxM=-X%9DBWvXbNByQ z&MtI5sg~uJ|M)C-UQVvyVr!h>#Fr%zx}IBKew{u3E#{+y@geEGWI@KQJ2df0CfPgR zdWoF~`<>8E%cEab>(9H>{c>is(car!mb%qQfTp%%59t`_g_>b@pGxl zv3)6cxz%4bZY-9b)|CZaAz9H=V9=JHa6#-tFWXD$Lb;)SmX58@S$m`$>cne%hAs@Z7eyKj2AU^xM*`Te&@I#eL z)^RVKK7}{v?A4aHE}Skm&x)9Jx?t3-VxJ>@exav=p(}AQzHBLkoLj$Z_t~ctEbX=a zU8C$glF8*lYK2aP`@LI-N~>#YoGoLvBEL8MiX8oHHDQ$zkHv6#L|pfoC3m+~rK{n9wE zlvgopuudbh<}zb^;M~V0BO9`N3>T{;rvzwLx}BT}Yy*mh#oqcm`8%o%F6Z$0*&eDzGYpx#-S$^Zi5)E=y^?_g?x}unz4v z1XEhzXk!3f!#3DFJx(f6;j#T< z<9h<6dHOrZ5;cW{>iOF-y1+i#q}MKf^44bjHL>5%>*gZMrZ{S_y4A}*PfI0PF!NVj zLar2*>mB4B+8^i2%&Qx_C*;UHo^UkpZo&&XU}z0xWt*93>9cp-wv(xvzKL#E5)%{u z9J8J2xP8@mz1Qx=rynmqfen?J#xK7%eGN;&&bw`0JK6GpFQPPOg(p2vsE3635v(%2 zl$6Hy%etG-d?@f$^v6$TowZj>7ay(g$oudlkQ8m~{w6!Ref8}I<;lJwF53^y(HrP4 zc2bKM(b9ABx+7_;k8Nqzp0VTR;n}!Denh9@Rk3r^w&s0n7g6EX6T(}*5(F)@x}5rU(L)Es7W1}qwkBDImNixrV}!w74nSP zLPHR+SIMQ<&`=XhuT1lBa=lI6PYty-KJ!3u@9yFU%6$C+vAq{M1a`qPw~XxSaxm$@ zGR(=cScA7BI-KD%qi$_$f;~KE6n?v5__PiFw4J zAicI#KKF(uVKAnn^RHx%$k5K$))drR z_Ui^Kq|Af%&06DAxfCpM{XD$RUvM7A4V)L!IC41p?Tl}=uH16INWxj|=%eUb|FsTi zdW>}4I-jkMvp*YI6=ZlG_jUAZ@W#`MN`a*lvw7oi#0!kv1}#NtHDJbyo1V(NnUy=w$|*_ULc7o$8A!E$6hTM5NN0hdybf zX>mydgxAeRU;gB=(0MxK`XV&5&c@CjPjT1HivBteeaf9oFTk$=4TES*Z?Cf{ljJqx*)E$XXZs7B-74{w+M#tqF&*AKG)}5JVQ$06#4zqk5nHYxN43MQT zw?TwNT~hd4=*_r0S#P8!5FGAr+)7n4L9QFPm-nl8`F9K^bHl8sSn2o#l@{ZoIRW6Z zd35R@>~;T(zJM@|^D|c1uETXpwn+TBZd$nRyB|lVP~%b!ZGXco++ zq|xlZ!R^{0ncKEN5YJwo{JypE%~DQezHg%wdp3i;N`auLdyHnfkJSD9!IUN`X*4QI zfk!(H_c%?w40!R?@~j@zNYeK_48BSe(Br`#e}caKa=~rmd{r_Lm4ZTt=*rur41J(f z&RtQumDVwBt||5$Di?NezkF-=fsKa)xM@O2 zk+&(I;qEf)-7nHb#CsJn>)Q^LMENsAnUS&V%tVttgDXs*Uf>l@92ESj+yz+~KnY z4z)bJssqn`x43brA*%mKx$0<5ZQ|R;#J}Rh&%11Ph2LpC-^)%#DS$D4-z@utiArqGhV@iS z8SyH+(t9oAdZKJtL|AoR+dgZOZfnpr5?m!M&4cZ4rN78tUR`EqXAehex7i!#eR$nj z{1<0$;Myd&$B`V-odtBHGj(lAL1gYm#~XW5uTAk!`ZrbrzS*K~UVGeu7_$7l z_jqk$fcLy4r5GjA0ym3`1#~c!52vc!+1ida@L`wV4?SMpp?|)bH10;{*K}U*yDT`Y zo?m&HIat!(c5c9s*EVJ6f|(7O7D4AUM@jBd-Xd2IaGeX$qkMdNe*?`^orb-%9n@K*1Y&= z@(u+R$Eue%B%(PLzlA&WT(n3oduZ2gr<`8$*dh6ry+|fG32^=HI3wY=vRu%W#1_w1 zqAfmB^a@p52}PH{J99Imo$sBaH(lPpGHza$Z2m53xLhb4q~Nu9zsRxPp>;!XQZp6 zucbzUy{!z;gG+f=R{_eJ?V5!7&6kOm)gFIoT*x=yyCkORbdfltf)G->ygtKSgB z2gVDqa#j{;K^UJqn|pUnD9Uj`p`oGmjtzN^mUhuh?8dSA;AAOIlSZPe5-F0lNokZT zFso*<9g&bgW$C(dgVD#vTBxO;hL__c6>C>9dpWtb>sZghL%Q=O`$0?NG3H^S`zs}K z{>R5OUk~^%{x%YS$k!9}AbsYExp_{ebHo=SZ>j1Uq^kMdP+rihAXT%O60lv!W8vm_ zYd*1usC||%(@m||FnH)8zan?^avW(Ue{LsObPOjL+KL;8M06mmx~l4NaDC-t`?A-| zr&TI0H2qTVYd~0@F1>PSW2#)DeYdvd`flOn!@>vCl@CW4-&Ayh0I>zqf8FTO`y9wO zPcj#{ak(e6V(@xt5l7NRXpMqdiGf+2pbt$&tl%=lOQTpJaqxc=c!#Brv#$t2ioIyv zdnPz%A)1+t7U$Y%DthD9>DBjqDoub$ZhlfJDAV`fj(WmrU5%wc(0~pY$o-(J9RY$B zu=ud+&6AIib1;KH9v)kOJ%i&+)?$oI; zP`|NQdrSDx@aV^QYtcP3h5(w!vxtivHg}x$zE_a}q#fZ|@A`x{?XyLOg^G|*>G|X8 z@ap&!srVE{WLcC;TpsGq4ovRu3XVP{*gnmncz13=^-h64cOlTa^}Yj4=48YsKAQF)R@f%DSYSo)34V}8TkTcF77d4^Hy~A z6Nq-N#mF(c8mXCKWHSX3D1_}3Ov_)N+gd@h>mW}s2b@*E_Tg!wq+8U6NTSn{nh;lI zZ(PY^F-UEQhoHm&9O1yP!Vf{Cz?X(0oljYV=I_9xXCNZOdQ6ZIn|)E88jH`!1XKBV zh`I@M^c>tKw>Nr5*tPcaT;0oCWN4ypn@Fo}sn3P_J&ce^6w@DcImJ`V)FdY|-ot8^Bo- z8A6HN@<(WfUx6p`G>hsmU#m0c61A&f(O0SCIDAwXvYP+m(+Xv$AeOGTv_g}m=c~O$ zNS*3=*GE)niw4Xq9xRs5o!-=b*`gQA+gA1h```2crk9X{I z^r)T?S^VrVgW!Y36)%iy0UumIV5Z79%1wABfDg{7J1h`>U=%<5`>S4^ANj??_>;NL zSqzTBTF~VJm)vvHRwr-ursZ!u$KMSjJ;rz!KYZ68c6`4-KP6g4EdHtXx~-@MO}Bpr zPidw`o7e2>ZuFtU8j13f+8v~bJ%<#rir6Cdp@EjdY@zgq--dm#ac1ep$&DB4+P&Tk zA~>^!+p*7Gy8n<`O`m%X_1Ak9EGzxx0MVWEX`t*;lC9o(4=Pv%&n8z+gtI|e8Z1+0D31Q|BVnHj!0s(`- zpZ`Tbn?eX^YkxPKAv*g62t#cM5wafm>IePf$dfM0AEhG9KNwxGZK^r!$dxk*BPM$` z=Q)KfZ?YrvR~w!1`+3?zqk7MUL*M*+DvEP`)Y|pzx&pjwSG?yKqQu@_u)tSW9VPw5 zfa~<3dA&p#GtcJBipBXnsk?|iOua-p$r%@+lPpl8Abeq#7qcaajsaZ}@m5tKS4-0Y z4bxnmT5d-<*?O}t55-a+4`H$q5oj>%{N42$iDW5fkgsZu%UP*Go$$!i&VDZZMT&t` z^br61Ch5{s`v(;p`AhXig8Q7qJmUR47Ab!xw$VCZe*PF;s>BpZK*rDnps*Rrh)+QAK8Gn-jd zC)Z_1VMtUY<6kHOL+>uqkV}z-hMe)ZSR_+=uT2B7B@LklM3&D)s$Hn8K0AeB&BAYo zM_3vNAR^cX$^VLo5DrV|)rKEWRjrG_GAdY>I|wLr+me***0%<4KI$(t%$ku!QD8!f z0h~@8W-WE%J2;&O&A!(E!0GVIN&fL(#Be%FTnz$)$n>>Fz8`d>|G|$i?`NbUna|5D z1CA2;&kD0<=i+KA9Ox*x>8L?nWlJ~toFQ<5^@Y<%zNg~Mc3=L&%(rjfw$p`h9xQeB z&~topl7*BRI4v;ZA?5@ba!o}W{w!+C^e$zTz}K#3w^EMFLs1DjCa=Ukfc-Hc_P2^O ztB$M_HSoGjF!RUWP?FTPN=rN*+Pszjc*1TkVmMBtVV(5^ot0qkA6AGr^yz6a8o)3l z@(%jVz8-_fZrYb85r$Fz*0Rx_McTc~OcjFd^8sg{|HW&~yvxilaZswmKg57d)T0&f zi?%>^<`|4t!6@J0en)-n;9x$Wj0i{-0?4m4G-aOCK=e)2jkcvpOs`&TNvQv7TedK5 zXqaXgB2nW{5Z|rI9*k-Fzr=gKiL~qlof8DUQmRVc#_VvKiLKbyIj>GhROKhCsyMYh zmeZ64Usl)mCerIPfYdN{m(Z~#GSVgDKolY|R1zq7R80Fgsd9$&v|YyD zig2YElx>@jv$WwkjP}9EGV-#*E}(uRsamUr*eq)5E;%w4@k5N-8=wYQj|r*g;diNu z$pm3;#8J8dX0(%$yEI5)PZyV;((8o@| zhJZN;vbJ$Q*G|G0<_Gl-%)gLW4qtecnFgHze1s`$Tws0T8RMy#4{=guWdH-<&n(yv zCc5h5ZKvp8C?Id+JpS`t%3;g4DgWiXO%Hqd;O=ncOHcq`8!dU(q5p9Tg{B%mjA zTp#Pcb=KGFJWIp6NAz)U0B1uayepCWg;8#)W1i1EyI&EES9A+5RF#TUMV?t2!lAwm zm#Y>mL5K)hkLIC+kc7?Byx_jnO)Ll9LmpQw2dwxa#)?J2ikDiVkXwgAZKu1h*rqAI zMO4)34%cbS<3BvFs(xN=_5YPWg}E!LOf{G<2gdqL_Mko0gu-x$upq+BTVDpOYOYQ(agnu~AK)5a-zTtwQ6IlSA zXssuv4|xI)kiL4u%Sub)ML`a0Qj5=IKT7T@ML7;B{J$TugY7SdKFiUUl;2?}G{wF5 zhKN+nI%=D9dDC}6@#9z!zXGv4ITdPC^ypo=wBe1 zhzp05G>04*5gQArw{5sUkHo%m7|jMC<#xK9;)qKZQ3eGUG9Q_k42vpu)skE9i%MzT zmado#=UGEOfiXb(8R6$OlfkdN1WHZAxhkDGhSgVduV?;BM*eGpiu!R7xK^a zWgZ&`40CfIHln#I6V6Oa76^`niXW>yU0!DV`eD_NR;M8+s5txbQkVWALQEDJ?1okE z*bUW-$c(k7HmBr!P>pPC#$r+)e7H?2SrND2M9Tcyq*PQ^j$Kble!u_5b;)S`5E-Ff;Ox7VO45C^>-yuI|jma?al!1$v=wr|a#~O`1 zgX9g}$FTY1KZ~*fGHcyCJ(0&4A6$q}aV2WXlSEQs(kYpT8POUdwwG9v{v0_!6`#*pExur!NT4$R^v%5Y zUGSjw7-}d2U5;__CxAao9wZTgc;QPRx}uA|paw6Hi58kO`pko>&{o6{KtN_ROy->D zHp9nfL*{BwlsO+7T_lhm;Q&?^JNX@CLKP2Y_n4|13})b1e34^$vZ1T+-;RZ0xl{X4 z^6JqL)fLK-84$i6UEFINT3z0%oHNWi;{`-@kl()*2dliP%{|YSook9|0xsj-%l(?Q z=TiDK2OZ97)gNy=_mqnmv5{b)?)1u&+R9kPL<-RG^DQE-4HQlSez3mi;&+;8nla4i zjm56-M#I)VUg6agr7%SKB62u)$3Ma>nlFTNSfW5MZdD2sBADTcr0Is(B9`U^er+aB z^c{r0LcB?iVH%As%7PcAMy6EcgUNB~I2X{i7#Q8 zV-*A7?i6Nln0gf9Q^%2R=nKJFj5V`i{(n^QwdD~}XJxm&^@J-_{n^l}NYt)0NZa4~ zcJ#}k`HVNH|HD}*#*{!bVfOSd3#_M*JH6oiXPQsO_=>r#7FbJY(HJrX3n|W3he{#m zE_$CO!&&c|mSTkFcO6mdsA5x`nvUdtPm`u)EgNEqI8E5s*Sp>r$d7Q_1AMfKhk8?U}EF9-wS}T@LzQ;|2M(5RG%r_`S z5)#D9vOX^e0(yV<1#yLYzH>W!c&cyLZtMsZnE;#?IJh_IO8+(_ThWf$_OKL8U;q2> z{W3~E_sEQ_#A?l0upFH=-WwPR2PJSc`gIc?217+f=FbSyfDmSsK?nsoXzId6xNi4q z{Y?-;NVaP9XI*(Uzb)hg{?yNpE6s`DVRChhD>w9yki~N_h51 zJdiek&EMFc2y>q8@3|DTT}IMtK_3e{*-x=b0v}kCaVxUw(_cNS?*b}U0wsI8o(YOt z;Xo4jlY%4vXw#|1T z;h&@4G*xhTS&bxQ9lbE#QRp1txfqYTm$w0~>b_ALLk9gj=h^S={IH&)w$n(Z0WsX? z%~#=9#~TeVdBYi5^~wZJEA;R}hwE%dU4C`QpYAkIFtI22=yfy@CptAT`UobJs063u z1P-Ul@Ac9U4;Pt>4cGOb8-#Oe?DI0NtBf1nroXkd4jp3b-ybxGE=zi>u^H{^Mr zO=kVm$_b6hULpwvZ%SF~s`PqwOyd3RVd;5dLv+s5LdT)c$ zZ*ruy`vbauCpQA{4dU3pfsdg-qU6xts-ClEBa8vDA)4juUT#Eahi8WB6`q#C-4ooz&H4WQ&0N0OE;6H z?_b4tQ3oC&%0{CNaz)2 zjxL=;xc1kWd)Fx9OW@X@Tww0;h%CdcP&=s8*;ZnIDUS7&$@84G5O^nj@WG<^jYPdhvB=Jq6 zkZs=e2uFh~TFvOg9g8ay25LtG-tSukxOX0r?;MDJY=C6$M!c=%?EEN{%I=Td z7jB)BUhya6&HsJQ9B(3}1V(v`^r#817d#CPX~gNeKDv%h3O((QL->sx0<d@xk4gx1b15?-d`MG4+}<-c}#hfHrKbeUbCZ*4*(^RKJ7QBQ zFQ5I|ALt~(@ZrG9X~$9%tcsD`NQeXb%;P`v`PTm10eUzu1A7?nhp!I;Rl)1kP1hl^ zJ(Cf9O@&(}qee)XGEIy%ss7lMP0KtTPo8U>>Z@UweYGZszAU--=>DSv*k`D^K6?0L zV>lWUzyJG5aQC!uxri%DhEv5efto(_&oMS%-XuH6+_S~mhoX6|=Ro+&q({%WM+8oP z&>@a1w;Ott7o5vzk#ivgz|3NpzIqxB?Ror2s@Y`!5D0FV6`Z`;COt3Ys0$rmKO%%! z*{?yvDW3R`dk9h-z`8-m!iU>!aZZE`qPP^fb;o-nBb*Im$|I$O4DH4`8Z6RLs#8qVQ4@*5LXRvW4MxTwR6N1StHW z;}N`hI0Jl&ZU&v*@%jJ*$0|G&>*tmkN9%ExMk*HSsNU)BFTa*Pvd zBH(dgjt9)pn}r?4CDBVaaMR8}Vdm?giORN1(osdSs;K z^x_j)52v|-$g0}Rv0C|han8bLw!!A2>v|dXkAHEyebXh`UbonCT}ySyZ#_v#Nx4|2 zQeVwY=iIcrel4@;>{{O%b9GHk0$=3-qYO7q=4{?+ftr9He=#p`1e>64d1hf<#~W#(0Ym407KiWuWYpwT;fj=sIn zyIUkhugSn-C=S5IPcx(^f3bmwjUNfmi>dGxI+x{K_D`ys_mHb72M+&QHH}=D#->=10b*KBqaF%&|1vUr+bd#mG!m#%evt1OX%5THM$D%4$T=b zW_mAeXFQBO51R(taN~MOt+ZXA<2vi&;`9btX>_B`IgKIB0CWfphTagvWw@BgGo1d^ zeVl1~u73&&RWavb#ecd{qT;~?#YJ41BtP8~TjY5XMTQ0ygt-ft$@$ReAY;ASHRt9! zl15~j`;#bYb36#bxKrPuBfD_iYSk3_y%HyA|J=1x0C;l|m-@gfenN*E1<>1$;qA|c zf)hb@^*6B+Ogpeni^(5q`XMOMOka`v`y$-*Z$$g zw!I_>9DC?OAe<_B5ZSkko3+jiO|#gM?2a*#U5jbd`4lqrOa%!*jzt6ZqM5wiHR;Cg zs=}?ze4zenzj{D}#sklsjglqz8uECN<&UbgdYmnB*>Wqn&n-U=deNF`-Z79hZ@y<_atug4ZxAB*G2y&`<%yPS$LR$x^gWv|He6_;%=!WKU!IO3 zItnB|+%*jZ*H8RCgKPKhpR=bonA!R(4%N4m3&%K(^~LDVoq0>lN5Wn16dNmlr|q$S z&(e~AZ;blS+FYcg5)6DuV86JxXBpa^j2c1?3Ek~fD0msz z?GA8AE8NA9yVpmA;8c+G#vKNzlX@>M8sAzPl+PUbzUNf7n;#tEs`+eX+C_sR|A@Aoq)(W`llU%v~RDFwt8*cMXGuR_^uxVroy>Hm(V>we5A<24w2WPBe z@Q)jAbwIG-j;Qa*a>KYU3nQf8@EOWvH)0xl3fic(ji0F7)!CyPED8Ct*x9*@o2TnG z^Bs$q@f}8UsrC84B?=3`@raIt-Ba0cAa1+vz!CtgDY%Cw;%#wJp+W+;w%;tRW|f!h zAtpxAo)w2%A4=knL?n9JRc*A0`z8F=Ix|rHs8!EWX7@%@=(44u$YC7Y{e=^}V%^+p zhE}AcbBxl6NwJ1;(+y|k>ncu`2~}!H?nwi8{YNvzq3E;?H+Vk6+|gMKRS%NWaENuT zhDpENxg8;H$XSBr|J$wyY0Q7jkW2e=FPoza#zp~2mH{j+Z*w;Hn;!X+dR&ao3}h6lX%u4z+F zjSr*MN6An(MU<{peb8GK>h)i>^26Iuc3SHbQaC+o7%O(35ods0@1HvT-3!3r7X{V1 zzwT+HG7e%Q$KJ9h9fkQe2T!bjxd(jR*LvNJ9IVdpn~!jLML++&Y8yN_0K~Sp9R)*e z8gyqyAXhg)hgTuiq8o@J0xq8gaukiuFsHZ~Eo}bJWvr}t+h*3;DfgngE!NszNZTnG z23)d647ZO4<3lv%xPN?te4|TvDyHC*TpkP`7;DTQ6_}B=y2^>-AeCsX!omRqK56)A8f$ zEYzFw8{^vwG9Ln=F7fB!jwHuhya@XT@nP(VY2wR}w#LFqjwqb)(WNO%RaTZPIFj!* z@V#ZY!I@!XcME{Z?6?d1^k)FJ(cy+IBT>6$gVU5^40$0FKIglC}@I&awy z^4AN|UeTdwqCoA*g>!Baa+u2GhjuXMVq;NmqB$@ACrr8+erWWW_aUj7!U}fGirz^# zLBZTZHn7q79dE&4NNozc!=6Gs*M+3DU9X2bu>&oxo`OgAo3_fhQPQi$Z1v#wB>CiP zL)#;3NKas1rwkAts&`1=39(W#2F}Lns<6?NA>3%s3K0V)qA+vM4=2{f3_InDmK3|# zdhwdQ57@rfy?;-Zgg>Z*><W5$p9U>`Ejm{z#g)UVO;goZ2(0KmhTWTDnc~&cj>9}KM_Mm zN$ISj$V%AuU?b~Hg$+feZ!X8z+s+q@v=owkBRSdPTh{B0t?l-l_572Pk~9sP3%Qy) zY4$O{LIw=4i-7AD>-OuzYIrEEM@JK(tv}{kB8%k|bTmjR%wQw}@2Yt)!a>AZez6N9 zU3=th%9bxhm^wto^`<(BDUC*^x7i2t#Piog{VzYdqupkSP>CDNLIGOE^xY(-bLB#guP8=ul{ z+L>~yur8An5TZXvl|-mbn%8+j!1x9ZucsaY#{Tq57Xs8&GsP7R?F)PMu7zl75DeK5f^pR69dbJ+@e^)buim#} zx!!!yS+!xEB@$Wl&bZbU%B|6A2o|qhy-fDlCT=||cNV3_Rl2W(`!h1PeKmnhT43un zZpT}|`Ki{v7GHR;JGLG@xec8Ob)h`xK*mwe0r?%*I9K6U0y&l0UTDNh-hKn)fj?)w z{+)jgYdVKwD<@JSBfKE9ZdUr_J_C}VzTyCFXb(5KcS_3S&n#FNunx0e18;_2k(gQ` zg+tgN-U!g=XQSRONuN$y!}E-DrfL?Jpq*g9Z}e3D>pmFzN#f)`-y_Lq0ZTn#Se)-9;F z=5|0;C({s3tdd}bs!n)@R8r8Ni5Nghpg~2NypIX~_j50oF}3_N0aEyUzhU#8fjQz!U8_f(l&Rj3uOhzz9UaV^w}$Z1KuQqN{$-YELW9J8$mjEd&wz-G zYODT;2u+wrwKwS101-t}s6&SO5hDeI{N?GNkWPJ^LUYMh6A#M{y%cqa{6;yCF3KA40j^c^CRi=yY%t z47Gnjq;Z@5FvZlFtQP^kFQ0Kb2+!gm8>)y1I)3-r`Del{44I7i`WP-FxHm^|2l=>l zxNL9OS2z=A(`ZhMK5jNJT$7Vl3_T0_L1+N&2uwhegA=b4twp&%-}Byv(-^-rnG$he z@iw}mZUg!XfHh_TWHCkochvuB*#Yy-#;?%j(^z%3EXjIIx4tm6+V1PT7n<^`G2;Po zN7~?_whE(rc-;tUgywkxquEJ-oD;Wej*?F}*IQJ;nNcV4f9QSs5k+wqmIc&oBTL-> zjcDf3@#F!@dO7LDw^=FTYmJ5ey=jGpU+I`nB};p>jHhgNpJj7!v@9HYXcNknTk1-> z)~&sNk+KFP20I<6KDPk4-JNE9h{&>Sswkg%;X}rC=9=NrpDhQKlv0_^D*h%OO;`*s z<(Sw%?3IJ_4b6vh#wy5~Qlz5$_0#sJz@dBDouZBOaeD*}LX6+gY2SV?s2^>Ol)~)N z@6yW?411Ak<;94h7UXdseF}r*FTosuwNo z-6~jfu>X{?wwAn-a;wP3t#I~8{TZzY_vEV#r5Fn5`1`OJL_}hKUpJE z+V8ZSw6@zEmc2B@+Lw6uI2Frn*@Mq#FT|UeV(@sF)11{+y0@l+qvvV$HdkiJ1oU_= z9p*o6tA1Xejay{SX_+zId};erB(|uno^!JEGrpd$=+fRsTAS^x_}OPVmg-7VxsZ@y zfFda&uFrB5T5Jv;XEa_r(*f5?V6sj$$TTa9_c)Hl*UM&GFEmcHy~(y@hCg3qiqfl9 z;hVY~Z2rrhi{Gp#glR9GUBUDI^UYS)7fFP$jHu6;y66v!U17M#Q$a{Q0js-Bhc%*3 zdMy)aPHSt|nKNLqq4BaOP^R^Q2G!kc2bu1bT8H$w$L43OREu*KJ_STOW^-vM$WG(I zzxqiY98)^%$zq7XQ|9bnGT*2%XwccWpCFbtKUBYSD77MCMJw7ob=IPmnZn?9v2I9hboasF z#UD$nN4R~0K66UBH#y9QG*106r(5U@8l6cW`bZ)pzx1tCx2qvpZ#j1}9VRbeFz|L) z3f!n8OtxMO$8tByG_ML~2*W!WGe`M;33TFL{Usk6aBPNACSFfC<1IT{i_F0tO}a!) zS3&2o?_>HqL9O@g?6k!MrH?*N63075fwbTkewYj&H}(M135IiFGIWRFgWk#X=en~G zsaxqPQiY1x-gO$EwiwZ9zktWXk#@hfE@$hlL%Nln)lvHHlL9XN!{Z%=CND3O3&G0} z7%IV8`SJv~VHe9wyuPg!F$n^plSxD>cK~Zl#GzThB=)p?g|aK-^z&I4+ddtO$+7_U zpy%#{s>&r%`Erw*p$D)xiKaV$haJt=N;i{Vp6%c~Wh)TlI(KtaIVDQoVZfow+35P$ zY3>UzW+}uddMaEuU$^mdu0NX&*{hc+;5scN)z|mIYIsUp5^dTm%K0BwGxUBU%gmdv zJH=(rp=ER8Et6&4u5XQS7`Mt`-ra4SY+F>8bwC>BjM>aub;uPe#Oy8p7EHHY@?k3J z61O)#(`l`4)&y&o-x*4ic5l zDr<9oRFl6q)Ed6;6(Jzn(YiOz(iUE8ffp52MLy>I8zwcddpAI(dAnIQ^q6;?9) zxzM8Tr@Fz$hhNopXYyB?JS>{s#6aV;52|mvkLgmounUoh4MjcG`jE}K*W0inFxzFM zeS-5>mrq!bq@4`EB|d!U8&VJ%*$uTErYUC+u}?%K9-K&>t{!y0PUPwT!!M(EEXMC^ zjNh^eb9$}^$T)<$A@xDg3-T)x{d%suPDvf@n`3g>I{a+XbUl$I`^(64Tlz9N%+G}M z;2Ht&zErTd^S*E;VDcM1vFs}vPnzC;v=|X&eP?t(k+dqUw&%c`W9bGn`BR9RsB2o1@mDMag4Pf%X6ajZ*Ra)Z{Gr0@?~Wfst0X_ zJ*nMedA6gedx4DvHvFriL~*Maw|bmjzaz;n?`;0BE}1b}T;V4xkJ0+=MoHa33(Tc> zN;i@cLw*iah6PMGgd;SHko3mKl5VNQ!2u(!S3S4Ri1MZgwWZ~s2$H>_M%A9-Y}dUs zF0XWwhc`zr6{P9W*xr?vePJOt<>t*ypFM)$_uIk&ktgNX8$n zb7XVbQgJ1n5_rO4az601bz8P#*M(`-G(xX=^_b3ss{ zgeQr?+j93_jN4S}Na;+SL*`)bdXQTrZfc^+SnreXjW#Q$)9_PO zc?o(Y&IzaKfEF=U`c1OUtO8YKI{52Hk!~)@&bldeFH6?wUC!P~>H2`@_`5u=Y<%EQ zCRxsTv_1xPh#}g6Dm?J_RY_pjnXwdC4r16S?C&>fEqEGHGb@GjY>uzb=dyn0xH>@k zrKqHp)^V`XxA4SN_Out)TQuOl-OkqX7Z(OwoOb6y9BQ%IU{-XKz{i8Qd#oiYzp1-h z3a6P(=hB9~A1qYr?WSH@@`$UYQf5Bf6K>Tyu@G3it$g!}g?7i_S5mAdA^1&phb?jj zzf;)4t<}myAk4u)nosg$3e{=(WY1|XQ@9FZkSKes_AYz~R)9Y?GnjilOR;x8x7cB0 zxm|Ru-cvVm%A!ri_xGFPqH%W}P#vrg1=#i`QABysb^5nOV>hm&-GAvO_UUxZMkk}E zvx4pgh`RF3Bj7x-tAyiions@D(*)f+wGIoTot&~I0#5zICx!KI+x|t(hAewn8a#fe zvfK;g2Vmt7@|@s`SOzJ~5>+uJiRf>k>Dl2SU!TPK%hOy^BV=;kc;Du_Da3bI*wbx) zuNqeM{0hG5bGVxTKiouTx;7gM-p#}H}W32NQ*aN3# z`dJ}9-ZE4AuoIO>CxR#6*PhY_(-tV+xHs)Gt0;dwdMsDZldF_VVYY7}u}gn1$XzP6 zW$0(IM@prx&hpAk;rtkh=!rOm5AVA9=gO&vYS>e5>^iIlD8k{7%l@u(Jcc)%CIce9 z#GE&o_KF@gep;U`-j-jiXN|De?{?`jZA{k6UNxI}hV)epfRNe<*R#x|6^KgD<+bGK z8^2xE61Ny*6(bv}*q9}j+WTa2_8^9j4A9XF(WTIb$@SGD>s_!RHNR6QS{4`CuhQX7 z%19L75zk7gyy?1L<(dBE*C^A<6t@st1?}Y=x>Lh9k;d^MZOl3FjTJfGf8z|Eu9LIP z_Vz@Zf4PFt?3ee?cGnj=QMIS%v(4_TurIW}G;M58bnJGTC_CBQ&i+5ZN>e?6 zl_rtFiTl2y6W?~WlhTul+XI#>b6s9`KrAoX-CI`Ln(L>hycd-Hr4o9T|7C zU7W*QdmXA7@_$6-e>-UF?#i{D{iE2tJ?-r5?spQ{I{qhjyIuEoWX0Na>~t0!a{ZCq zP!K%U;MvV14~~0KK#DWg_YsYkR*qfg*T?CWEeSafCsm)%zS+(i1WaJe3Meexxz(;t zIWoXz>f8E?iOg)<@ondbtFEiFeO-d{q4X!^!h-cqEi(AI0xsJ%(Vjci3m!RrIr&zy zE1lJMS&P9NrL&VeA%5bZ>BeXKMH1ZeM3GecdoVCR0S|s!!#LmM-?ESycQl{f_p{pK zxil+9tDBD7fp>GwOb}8s%Qe(LI-wU*TpCGz8Q~c>i4BMkBLZ3H4q{diqFq=K7*DZh zS4Xx69Uf#2^v&|IBN_>Al6J8*xxO%j?Zo+?J>g;|E*y7@xT^PBG0nbu~)Hsaf}cXL0rjX&#NX&m}0&b_(0s=eN-WnOMqv=rW+ zZZ#&EeJfmu@06`wzxqJu7QH=#*t1GnrS&m&7%vw7-L@;++&8k@(Y)Kf^jKq@V&v+J ze$9Uk#cb`N#)SMbS#m6AmhYn}N}^Jg)?}T~B%3B#)>GDPvwD}z0J(KyHeVZij+qoE zEekp*wWS8Ori$*a4_WN2v{hoCdl2`HN6kB4AFA-KtsOcGq1KWEJe`F_?5a$~@v zT-c5X;KrKt5Ulwg_~lpY@L zjA^EhSTol-BTSc@+r!^e(M#6Dx~nv;CC+MFw{4g|JLlZt`$=V}-L~g4m+A#TUmB{x{6(MYbULPgY_sE8E(@9wBG!Z$-#)+OS=8Y%NP2S8$&}e zLq0#Q;(}uW7bv|@?lGLwlY-LwA~*_4UqfRu_?;EpxHr8ZQ%Ye;TK-~{CUY&u@xxlh z4n)SLY<{UVGadi?cGr%q{<4(Q$9cP>5J`CM@}7lk%=loWtFJcQ^Cvz}hKZ248E%_n zHlIIB%yH^s2N&d6uB`|=n~neQr!HwKmrm$**DdNu^5|D2Ka+38bBj<*tQKr%J7Sif2<8R&6plvFp&CV-e`^K1mKxC3cbwwnuQ-%4Q5cg)%^Cq7+A zE9XUeai>`ii<=c%#-)i)ySQDWYi9_rtKpxe|< zy;5|9DiMMncz!Iu_NlD90=(i)v>O`ylCT^4up1QZyAyM--Lq`;RE-@aCz4Y^VW%FC=2;$Ixc!!~Jhz4JI%{^&J zoO8wr=o=4~v_Sy#EcT2S?4%@#X1sa0`{ge*7QQKOv%nIfo{&c#3 zJ(>6zxcwxx430FrzFqr%kBxNu@|WY?@haW69Wf^_#ayao^T1I*Jc#QxTncDx`a1GjYPxx@Y}|Q*ME{TO``9}V{Dm@}Hut_a3f=~uc}0xW zlrNi)o)Wnt?R}b3@n;0BN}afPp3T&11ar1|AKl*W&RnHUo9p~Imom?C$$hw^Y+l2$%HsAQg@r<5mEx#(IqMe&kwF$Ij~c+--oURm{) zF(5L3Z+FX}N=fFF!tX}?oX7*%H^lY>xr1et9So*8{PTb-*7y7}t*PG2IMv}`FDXLO zFMg0VTurkndeXTWR`BjxvF)%+axw|Kw!@ZbHtk|4-S~fnsX-IpF(hKS7j+$?S7`3) zxQw=6nRzkr8fm1PL<^u4HP&o^ym$m>t^ysBj(+NZN5!Q_y;g5bYb&t&Ueecev^5)3^c{Gx2J!yPeO zA(XT@;eT-l;Zsen{`3dLqmdAF7xLz;l56!GZyY@P} ze({bLb>*y}E8P}<_O83nHD^BS85(!`ExQyU{nz1Jim&O6w$-eGA1X7cwfSz~D@tV) z;qdTD*Ei0;LvM8xjewa~$YrAnIU)x8zk30G*NX&fJI?7A`k%FPAKsxyzQ?!;w!tH*`4ahRA*OzjNz%wr zFq(Ov5)<rv5AGWvNlN}nWAPKwr>Hzk&VSCSC52naHwYWlnxPXCkI47^FQ{td% zV@U&9tpN%FTq%d}~w+kn+8aX2@s)jpCkG(jaGL!jf|A7&C1$tT| zZ*dka!q-9Q%`E|q*GQdWM(FP+U_u_ftMEKOa;y}r{;@epK8>i;y>9FD`*v(>-WQEI zF2aaudz*<)rZ+!QJ%6N<=X8XV81pxTiY&L-& zd4;%E9`Fis7!vX9E2Bl%=kR~ost>*VU$bG1+RYJMX-3v;-mc~kZ)N`VMSZ$!H7GC1>*DdhplDX%Vi9jH15Ji3sj zXFoM^c&bNB$0AO~d5H=A4pAF)ALI86DiqeA)AB7ZTCvjK8^up|9ZPuhxHo9q`dV8N zw4%(9H@iAn(>Y07pR%>!wVnunEdL#pg+U%rZk=*guXwBG8l>Y+A~G4s`8eV)lg&_C zIkRE1X07Br1ijbB+nVlDUP8-W1SnfW({+{xQ|x4B0j+FcG~>-fgWUl#4;h~-;fRbB z5KZodI78S5KMe@*59L{(LYm8x2FN#Ot_&<+Vkrg6)}XWCVCFHYoK**j4>+oZ=w1`B0y1+Ct0QI$s9 z`3bhuQ;p*CLCoV5_RcL8>(vI_tRHCwtR=cF)gOA!>|GV+wurIlAzC zCYZ;3Ejy;-iF?%v-U~z7ke>+UxpqJ6h&g(l^ExJw+I~Dl>XP|_R<(4SLI~-Q z%(3|G&$ggju*5lXfO$-?u-jtTXS>@bez!Iv7}@uscLBjT393h^%At}-wPrBR`K7$bHi^f2I4DY1@68@?;&9Z zF*%nrxeQ644HWou4f9=4V2=3;tW_ba=2Q?-ZkS#rIAdsuUSj$)SCfVBiKciul?J!`m<^(%!{1*o z-Tr#VD*u=D=HorA(>kqK)U>Jp^MR3<$7O{xZ%;)Z(zEZ)G*U!ZBF|=y?)l;4KW`q# z;C#X=@z=t67{+^MXLH4~x6n~$ZMG-cYOJoYp}}u^KJXUS7#a5yF~(0Uu#+<2%4jLA zUE?t=(^hicmrU0t+M4c=EudsT2wd6Zl`iH`xV!5s2a!0Dp3$uB)?^0N|A6`0!ACqDFIi~8i{m#%G=%Ww%yr&KVfJInp!qCG|v ztQ1~*7`*(<#B(2q^F#@O-Hq?Ggy7bMSy|m^V+fTKS87H1Izny@^oD@kQc?h$wXA%j zIf$|0x;Rz-;L_GeE42ZaptE%t-|qXHuVL*4u6w)ZkLGn18OT`AHnSZjp$qd^$CpKq zi6uOOP@2BMll#YA30BDwAuI6X z1N&;dz@m%FS+^CD>yupyI1jWa@(?uO`b@iLKG1@X&ro513;2lwd#Jc}qCAe4-bnEZ zKSc9U&O=6jqyJZy*5IsOo&34e zVmX(@HqSzhRF&>y^X>lhT=TNaOMN%bzMgpGEVyr#~3k{oMz(C zHog#5=UZ@ z{-E;5G z%zAODJXUG_rLB9aydph?kq^C6{=I2jjl_l>EV-*mKI{ONh+ueUDOHl6(*6+#?o;r1 zxT3_X><_x@Ss;X^@C4aML2=3N)S^?xE^x2HUu+aI%;HVkYW5Qja0_jX2m9$BibW)Nb1h`t_6W8XHv zAEnclq7&`7HVaSj%ZC|Stl~#=r@mMV&81o+uVvID)#3uBxaO2DSR-uz;9Co{=9 zGC(cZt}+={xBIBKbd>bUS2vem0g_P$nEK*x7hE>F2MynPL_-y>PBh(sI4=~rFM@Xr z{UR3*{^G zF)Xg@)H!~|@yDhAmc0v7RV|I_J%3`k-7mM#?7cf5C4Qc)&eVnxEVSpH<|pt2YW*P_ z?1SmK^8WL6;tve90aAW_xmm}Mzq7T*S~}Z#xI61uu?dZJa3>y~biXOq(RD|zAnU%C zn#jvzlQgIVnK1o;0y9GT$Z;aq^ovecN&b&wyUAv@QzI)X93bETQL{J)7w(!Z_i z^h^LNOd?2TM8okjYP)H;ll2+@bi=5 z+W=p2p%k%t;K4lhWhMvFFYwbS9Wtx)*}(C1e`;lvh|&c^(yK)5SsK=d*M`4@X$&>BqvXIdEm{|DgONeDD`HQ5-xY{#BU~7fhIm#!2K} zSZVd3Qh-2g(0PE?D1nGk^J@J88AnLTq<7a~pGz;KH(w4G4pFFw zD;Z&$n4dm^t1&g`E{}2Ea#{SL;_JDjKjg8ZD zzU;E|gGN?F1riaLb(Du3#I!(FS52$i1%j3agZaL@|9#%@iU&@Ub*^yoX8y;gr0i5N9a_H5FZ%90A*g?#l$jYd%p1t`NGIi7X7 zKSjA_LN~h!5h_3t_Y450j3C9lqHd6}zuLrgdqRwLW`mk0(k1yWTU)G>L~&3>!fUo$ zfG&B}u5oBkB0l8(B}Yl}UBb%aK7D!fF-f1#nITK6N`tJiw44HUkXZt`RHJk$_Ntr2 zE&NuqPP)CtOi=mfTPtt+7VH#FG)Y3^Wd89UZhw1^Wjt1L^r$a1pnv;LMpcplhojvISHK}IifS*vtb$S+TeP*trT zA}T3+n`v@Y1mjEI3ff@Bl&VfD0DBUA_{+>K&EM36fI-+NR2iN=I_T`f`dp$2T*gL9 z>NFBQ71q7Bt#T(*_tuY7IJRto?J?o4GiYOOBU2E%@J$uLAbr@uH=c~VxYkpbC7<=W zE?`RdSG^P!MA=mqh=U|z@o;^1VCfpWz)N|1veMY9vzZ`9z^!BpEKGzJo_an~f=&#V zX^wsWpEECsBl!PxLa4zei*SjXJUOCn4Xu@PRCfz49G&Jq<~BApDc=cu`SRs@J7rus zbnw;WrIe%hW;)d`Vd^heisA53GS$Rw%(dRybKn=f12fG^02GZ(D;~s_Os}& zoPWteDUSB}X~uI7SEc-k>S9_#SmYA^ZAEIneXleqd|~EDr2M&)4cSIclc!5(jqe`U zio4Md9=@DAQY-Abb?dspp#N`~xbs3Eac;2?VE1Hf(;|~Z)M<>y9%2>vBFG)l?+##} z5RQ{%sBt&m(F0atGPLV0_z@}Mg0F@)+tcx2V*!=NJxRhvQ^p;kQ%J%BLmZS0Q`z6^ zb(c%&+RVHITD;lsT&nFUgl*48aaT)+U)Ruqh1(R)0D+5@BOJH7z-*#}f$4>*Ek%cM zjh2N31x1zy+rw?#tP?(`JH??Uu3Q+yrHJhD##=CZsd7>xc;Mt+V1_HpgTVznplr{v zF>*4Io=VH#b$(Vcr(@Etqk-iN(!f$v6;c-4+bWUoonrNQU0ZiDphFwx-oZLLD1r0O zwgrhYIAb($bjoG~>z_)dCh<6lvChG*I2~B{SM?iC;BgB}YR!{8BB2~%0d=@X+75Mu zHs%;NiClalZc#<35ou~_3VpS{cI}$B)vo=uS)rJ5T&rOex2%;-*&W#U>#*@?Zx@Ni zt!kzo^I;y7Lm-Ght&i|%5q__|iNW@GBgnOqu7%rduRnf6;V$a6`%j=x&>RjRVpfjp zJ_hdsQ<_Cr%6jXvQ9#Sq$^=6|Pj z7wK7j#Dr3W)~-Vn*gK7TD-eRJ!phSvds_YP&_OkkOW5GaQQG#nn5`b@f5s*ejLT;z zvsv6x0Y7)k)Dc`%lqF^}tfoUV1bPIQO|nwlcEEyfi(}-~&EGh>tSI|G9jHGxo8x4; z!^EwE+jDPtU%psU0<`BqE2y@O1dG6)pJ@MTs_wKjbKlOp(6P)Y?R59CPP!u0_w@qSPmRM@K*GH4*~}Hn?hQcwUX_) zi4VlFtM_%(`gZ-^Zd2AJXIs##zk!{w?_sPQ!B3s97r>)XLg?c#-oSbn4ti0%s(d{3 zlG>&a^>F$f0W+sdIR8qHV4U&7N8?+t5><7HNEH~?Oa@IIF3Gs24w!07w4eA_dCD%9 z9ucUJ5jSktaTX)YKpc!Iq$u!8sArqtE4;f1A#zf_C8IO>Lo_5J0UWK+Y~?hXUB_1c z3v6&OQqZi6)%t%rV+}GlwC+~Aw6eWm2*J`%Vj!QWINew!sWS}*v-eQu ze^_M^UYTxXKFqu7HSqlO(E7lk!JLnWE}XzVK)%@w1d%tznAb@J4g6E)cCZv{Rf)*o zN|I|7Hvm9$?(mVL5?%(^p9I!H_B3>4c>C%(Xtt`5<5+#e+rTD$|3rwI{{>G#3YYdp z`5dZAL!+-xYG0qwbP9CKFKoT+X^A<`e=D+t-8{+rNTjwO9>2wMqeTm}VRGNVS+>M1 z$RU?I9S@j+PZB{mXJ3A#^bSrA42&QLuM=|b`6z%^e7MYy_TVvwI5^dJ%c$@}w+MK% z9NU@~O;naZQO=OhfB&ST%>_+|3V6%RHp-74+uj8Z5E9=(1k$NK~jdO(DmH@nzWHCM_Doqeevl_qn2KnhPZoS!}ZK zTA6s?nstU$WJJ%PxVEbqb9N>__9wwly*&QU^=5!V78hhHTgFb=28Rs7-R>ZyfAZX@ zQH;jM_S770>$VaZ{00_!BOFR3Hq2zVYfyZW%9CYs#MD7O?Ur~pdF+)^+{J}g=w|wTcE_5=U&Ffe2J}YdHN7v`oegLmX z{G=i(Q{hu_Xi<}hToNaA{_!Px@B`aW=KGhR$q@a900nqa z-(H7@$}tc}y6zN~s*3Xb1^yJC9Z%W-mx&zx>qa_|7;IcV4WR5#ui#2fUqe!*<>lqQ zgdaZDcKp5$4G|Q89xgETKbLa9#|e%3T(G6N=cAb}oQEbQhLl+3r0ySdR&d91Dl#ww zLVb7Q>PZl0ReZ^ZTU|qXuB%S|Jy8e(tJME|{J9Co{qq8_Xws%lM_cNGwiHLC+}6O( zZf@slAZ)sC@JNsy#Sk3Ln}ts5}xb6k@A>$Iuf5>{dbsrY*x{ zc@R|W4b=^x6kO-h#(DDmaPn#P20{xe#EsWz^1~y&+neER=*Q z{`_+Wcv!AmQA`HDrLB5vwtwOj!-VlmOd-)#{($;oiA0KIK5a0U)1k!xl+1`5urDtQ#LHpzSQ7sJy3?gbc| z9bJFr7uh8Zrismk5kRCFcN+x}hb!>RS{jUvl4Zf4Fv9!cG!>yCgoBjG%seuaN(e2f>m(J(*VnZyuwD|mjoY372{$XK94YNAsLSW;OwB03(_Atb17oA}G#(HhUKgRz<2j91GTApCUfTWM z;HMk-_f{G633pJWwda|aFQd86TtoaIJ~!@X$RBOfTX%3SG%%`-DkB)-tY=sc_hicb z+LXZ>;~y&A{mpID>R0{4@!2?y&mJEsg>(#G1h~Y zrVBx?wWSOWkMvxu!4?<{Cw^+UE}B;8n(;6EUfa_3Az0rXGw3K%|=--$npqbot_oxUGb+=uR*}S=73WaVscU&uf&*ml2Ic}-5`*>+ zFso%NazC;x8vq8Ap9P#L!g7s%*{oZ^O+bsRNguw2RMe2hB96G8>FaY|DLe5z)bTTk zJat!A2H!5E*!_6dwc-LdOj&o=EBl8{!JqmcP3xyM@Y4+9E+Hm&h}nZgjZdlk^?!%iz-t%je$|BGus@C5FPs(! ziIOx6JV%cZ%#UCq2U#@|;%sZMKSXc%Z211vsWTxfGre>7xt&S!&7SJFW?PXA5@oxUkb%>6>JI^b1BTLT-n0fwtk8Mk!Epl22FviJg1AVD zD<`s3$8HXOi;5Z-loqE@9Sh!zlEy;f_I&^qW1ZwKy{8sqBcK_taK>6i2H_4=DxV0# zW46Dunyq>Y7 zm({X^-MgLB=sex(I(JR&AxO#E!O41&x851sPlAnvqK?uXqM2f2ywN?As8e_I8}AUg z3rorJ zufZ2v7BU6aRdC8}D$5=?8(A)Q{gdb5z&%Ifho4)A8}CNxT;I3DkCUBO(nMQH{~ekv zdM^|vdewC_h}bW#*vmb2_k-GTl;H^YVbYLIz22kG2L6u_zu^Cn>O^)p4`#cJ9DQ%o zSsL6joT78u)9fv^i^B*lo}nB6raL*XRkD@b$YWO>9lm+4%kDF2=(PGl8*RPHDG(to zT%RXQ8|NQ52MT0)UXb$VjzAHB18+F5;pt{=NWmI|s){xl=y!JcjxpZ>Eq*PFj zYbEl|;S$6+CH1(1Z_B504*)sboEyxQxGZ3cYH@7Wt@?(e7?jc*UYZrv-0`Yl}I&Fo}QLDvu zM(@f)%Ogi}In1+P`@Rp@_TnP3C*1fgxip45bfdJR7$3iMoRfVW)+#u$dS!Oea@O}7VfeGa$e zfZo-U6SI*Ss^@vQ*);IcyZg)!nU1&|lix|CAZ@w9zS#a&77GuMxRv7;>MCbVto>Gl zm(L4Y^FDe*>}`r)!CZl2%roKOoS1FU0rU?uLn-Qh`nRHM@PV0pRc4Lrf~9a?#mc-a zj|$c*9x>8?eG^^XHv>TK6JzdWc~781^5UGIpS6l?a;vu{%8_h$g^3=t`VmZ&7c2VC zHg#9%yy9CpMb}e|JTeXiGeo5@Rj`@SRwPP3uCS_MI3_^9yGN;TNIlq5{}h+AO+@m0 z5p;cKd);N74?HL}v+p1U3P;#-fjd03GxJwb)yIm#W~6MqnA>lZ!f#p7qR|Vu3oLx6 z54w@1CHSi>Y9E*m3<|1vgTYg~ywBZq*C%5DuflKNzX~0P$YTD9U8s{scUcRhj!%h3 z%I-kkOY4B#7{%%x7lRMF9MyK1dbJj=d>a?M+$5V!$ZeouMcx! z$s#BFBfV8TzkOc$L`KQo6p;0YsQ0}N_w7&=a9fQ!EEn~PQBW95qmnsv1>wxLW$gL9 zGCuf_^Ex+<>eZ|B1m58!gMmv({ZI z;No>1n3VIppdvdQ@})8JI6z!xK38XR>dw~5?WlJ7VLiV`cDh^YrAc+%N+RB&q;4FW z*#Bw4oa{BSG4+%W)m>jEqVYgzsN1B>*Tvbv#`F*lP8U{+Nb2%i5OH$mcDUacL#zRs zLl|cfhyaUXA3|TD26YfES3L5DIgWHNI>1?OD0;$0|LfgDd#?8p+FYHfR?iqpK5wGU zL@5#_2NGq7B&vO##K61?gXmPKgw?fET>XKv0rJ(bh(e&fY&mxp3_&C6ZXg@x)o(C_n0{0ij(4L+=Wo_?Yc~-q z5DmeyLZwx~vTN77dS-d~l$){)Y`!Gn5*pi~aFP!Q)`>r&LmC4SU=v;>5abL+?u zv)1;PH2t%~v-cu*nj%s|sy-~xPPZO%hG*-a9<;bBJy|rgtpfqCf>sse*IX(ZE};W7 zOvOt+052kWhIZT`)Q-Cdc#ef$Y#0|MBLj?%XLY0Ye5n;+)(1)ncyp{|z$H$TSI|xo zEy{L$O$`5DS{#NC#s{{B$m@C~1t#-fb%E^|APDbRRW<41^S{L1$ZBh@JBUx57UJD$ z<(#{a>kRP|LLlV7pFLG9;0PtBzRFX%@awNv!k&=lEqU8xS|h5}3!oVM=<(W&7>}Z2 z)Sl^v(qBXj&kGbN|6wk=fktY4e}M_K(>{q;=e@5CY`WkwGT^oc(3sz19IM+nqsN`5 zT^Z&ZE1LvGaU0(T9CjOs;DEC0Kvx8St-eiin3)zpFY*ex#SUb+U;E>I_@R4hk=Tk{owxoX5&>`F>F)cgyAn zb-5mji@K9m7xrImBmsgH*@FgnQZi z$*&GW&)lnGQp(8Z1>gBtA(YnngWHi$(q7efwQjmJ2S2K1whPRK&9DP&Jrg5etD zJ~sF1ao^3{6U8-YG>_IGDyjk%RoAI`Q-Uoi6co~0qq;ET)^{$&zV_`tNqbyt>uS<3 zF$q%SjuIduI^I`wQ(n6^Av>Zytii#qcfI`DE|vl&-VO4jWNwhV)2gHuwXAt<3pf#V zpn3YPl*@|DKy%vtDTohb8bvj;Q!5%X$2#uRBt;!0cULL7G|kk@d2-jM@Q5|}W(nwO z%p`b3=B>IUU(j>Fq-oq>N`(l;yJ0+xqq_9-*0(oh%9l;d%1x5{(+l#b?2Vx*CB0Qs zZlL@h0AV1Gm`tN$h2W`_C<%$dfBOcrlLi6S_Nj2KWAT;hd6&X@`J7iAnr8%2fo||h z)D4ytfjFRGZ7d2n8dmoaQ{-T|4;z$-?)lW)n!=0&6#lN^G=qBYa5G^)x zKxNfh+p?-gVshdo(=*RQVjD%@4NzkrI*5hYFiDr=5Kf;eXYi+ux_U!t0eN+{y-bQW z<)i0X1zjg2p3XIkHf}T>CvkegP_vy%{b{_6k`ft4y=PK>GEc5W504`gYih*VzXtnH z?G*)}DSK9$EIZ7hC6kR6oHJ-Bb)@&W5prCKJd! zA?i%-Bu1y4)knz5{S7QyIFhHCl;(U&f9Uvra%{2TneUX355frFX?Q%{C)O30s)?tD zCtLzyD+i>1fdlYKCp<9FtDTv%2xf71uyf?+b2t5dhVu;NL)`X5=li?r+JskUpaHyJ z?bs>m4QObRcx=W$WdyW7@tf7Ds1L)he*FC*2Twcl8xOU-_+O>} zkHl+dGcvB@fNT4j;h*bI$H}0TNqu#R;*HR2t1_+QQ7V~c#Q)%r3SnE$>A0hM!{u|0 zbsAL2T-zb2|9k8z3V#Uo|MO?7QB@t({uoWA{h2wW)&m#i3x0-3C&$K}$eep7E6z1e zT0py?E1c3%r+=lHQybhfM33AwSgTVQrqg>g8BiGW$751H`A>ghuS0W4_u(-A(q0FKwp*8Fy?)D*E=vW5}h;h@+I0PL7CR(9Mb#q0* zguSQ~wc|uFRk}Yg*q@Q@XIsyU_{=P!kyG36N&Vo_oj@N-KaTQGzd!B2eggoCL>+DR zL|q-bFFDXt)Xh9f-F{|__9Y>-3mbx=0}z06MK{LPkh8eoFsDNJ&$C~%Q{UKNN4Yoj z)*Nmu^w$3CGyhcpx1hCYxi8o_8!ufX1Q$@j49rH*$1P1nfUOn8>xZcxC73>FPy3L) z$!OgvLn%GXynTC`uA$^gG}Q&ZMV~H+n5U3NRe&}{4AcF1ha$=dBjvCEh8plq(=^R? z2SMMf;E*TmF_=v+q8|0JBFKf+NlpHEI8A%f`ytdKL_adXwHrC1bM5mSO_M43eP&h#X5#tk^Sz-JG6vKh+TY~YeWst)^PazTAl#}3n*#nzW9Q1Qd~g3+uHv)O zWyIpyJuHF3At)di;uZ=BfG}bwEWeC*c|jF($}jw@)c&V4eu=`=GY1~F0~txoe@~T> zpZh&}PJ#$Iyh%oZEhdaa*YP!&qq<>a@Ra0CTbxC~_0FJYg*9~4eP#-5*X#loN;!P@ z&6devl6(2lCLxLi_&dt&Hbc)P(LlO(VWU$(=<{M!+(%;`aD*|hw5&!{sY~%HM#ECH zJvz;(NyGjH>kPw-=-DR zy0;R0@>(M{Cz>WL`0w33Z*aYp^ZL zOfXbA_vR+KE<&-vrFe9(wrs|nYoETx8+{f^-oX6YALyqxG)AQu%%&}`fZ4QP;3cZX z4^-j}0rXIOaowg(n_3uBbTyhzqh2&n$`;uHZVug^W5`XgK0**CFcU6xFpzMmqc5s8 z=~#S0Rcw9BKz60t1&{nJ=SvMW-z+~)8p`{Th=TZMl~jE^4(4;CaL_yI|E;7O`Hhh4r$H1+Gwd^xr~u8%s;gyCaCRx{ko>h&uCbNE*ziT%>2{`oIMsWHo8 z{HxK`s|PR7tX;cy@OHiES5tGE1*QF&c-*%@0*2MCrP!rE|G2*`&^DMbvl}J&fC+He zJvnd87nEU$4>&;qj{UwD^gn9}hV$FqpICrjp)Wf6WzFUoT-iM+S-V>q85!LbZE(35 zIlP|IUxkV=np%-GH@fWv6}bTNR1wu1{(>(23A@AGY0Qq8);*a-S8n!NaR0P_`^vw3 zO`V_D+~$XnxS#qtuE_FJWE0r*vmybDZNN2B5y$_T)W7)LB6v};5`eg=j?HQZ%mQ6F z6miZDsQP==bMX&yd&?k%&D`0jk+f6ItY%YSGRZ60@%f|24z}b?%QrdZ4;=EboEcbV z*+5u!LFN1ml_f9)v4ZITuL~3YzC-vgQt!5P)gK^{(%&Nr%b1`7Vi+W`1$uO96{8|l zyGJ{OMtWR~cRngY53YQM>k@S3T2Yf&i zk&AyYl_Ce&1=gfF0$S6+r=@Nu3lsoiUL&|U7;#BRwiOMrNBwy~0KcDOc(8ayrqV_A z429yE9vuiucL8SxmIRF*BK+^$UQJ5R5VGt5P_OPc9!B5!f%8+wTNZM_U!d)OW;)VK-)1dIyeB`}z@OUFlNXx@g-wo6*SBPIXcLt4W_lt&1aAS^?$z z=6!$?^4BajJ)Ssg4wg3!1KN5MLsTtb%6mJE{U4Br>><@H{ZV5eyv)xGw+S9 zR?K_iz-FJp2TUQF{+Xs{<wtlb#!#p;Bgjx^(ms0md&GSzfH{7rd4;Ql7?lQ%Ni3Hm@^*n9a4C4tni^w zUb2&CY^t$pfu*${7JoI0B}z$aetB@WcZNw+$*Fy#fy(j5tsj)FziA|KR;#sW`G1ew z)Z3!r`vxD&Dca0NOHZRAWcTf0j0nvqKDr^H8^pxW;Dd=3Lo+Vfos-h?LBl;Up292> z{i1Rktr>ij4rXhL#SE#(71Otx?;|H$dP{_Zn!gsuGv8M zqz6!?Mta#HT%ck9t2tI?o9a;ObCfLti?vi;T5igESpFK3N#&dUR}2kb>corc7Fr0B zPi|tjt4_H@j{fA@`5;QH|ANA&{JF-mtf;6d^;514Zy7%b1{Ckvzn|4#VY_isofUIq zQ4ZeU1YWyU35ph$LQ6{=t&&zPcci&Vape32I7V+D7ZS6}+{w zCeu-it43;53Rg`dW4a*g>i&25A3uJK`On~FL;d{2ah_QI33F!dQ3N$JUrnFh8yT7T zUVyJl#QR(&%YX6kfBT=h_PA{ei?dGBjC~ps;;R@SlK1J;;Zw?Gx% z>BdP1IPMGEIg}=z?To0#_t5po%cP1q9Zh2qZ!Xz)`^=>>L`mt+u6+$+4UAcw+}u89 z^~uK)G)z4jW7lM`*mYh6nqwS5YP#3r>VGXQOOBhCH{8y^QW5aE=X9FYLcYce*@np>1rvN<xI^tZXQUU5cCaJ1{1-?94U+{gXW+nK#1lBX<@y>MYhCtI^vWCIRDvq;Mivu3Tvu zBxkSpQ-5(<;8?_2pD&#&gHO&QGpy~VCfGBYW+cWrSenA?^)No* ztr^RH`*65(yH(m)JEg?di})_fk6RlDB>fniS^6`xS`1Y&>U5Hual^yImScUj$bdA> z7vWl0#)tZzH4spU2#*Uf+y}zPoGR;f{F3aZ(aF@wX41rj2ifb}w{JDsuC8mCnB)^Q zSnY7mK_rBBpiduWW=>7Mv4E~yq+Y?F-`5Odu~Lt(ZvFafpQW9ZqzloU!O+0{x{(CEVA5BTmZ9I)C{taYTje9ysy8$)LgueTE4=x;2%`u2LHxy)Ug-L53A z8%^8RXTIO1{UxpdtW#_AM|bde6^!`ePGlnL0w`}`(8gj2!BOrxNp!S7OX!PLayL%) z6NgC;Rn}YK7I-{AlPBlRo8cn4tMcMzoVbt)8VD0pYc6>QAkcC*?4YM#12^8T-zy;@ zK_H+QT-xDqf(WLDm|yx4s$e52Ab@irp*`X{7y>b$Q;Iqg^QSiE@6q_O8sDmPutbQ2 zu!Z;T{G3lzYoVczCza1vrmN7qJl^vWw6*U}&6qY=Pun|?<6bQ zCBood1z>#69eiEppN-6d)&ZwCZhR%Scs2vJ=nBKO&A7q?;^G`p%E4Y_>DkW{FD+a| z75u{m{O^e2xjIp?DrYVI{!PQ*UY8Zf%TA2hj|aEzk(K3n`SK-|jEw1uBD_c_CeFao zLRQmMgQcVle=L^IKppcFVU@><9=u9+Y6TyX@a=0q`icS%E zk?MQ8(-Gsj6LXoCU4-!0s=LnY^4}6#mLmFpcC%5kT8_En3S23=>zdpf3gN;CE7GFvv$62jO+6C*L&` zFu^7U^tX%k+Rf>-5AWmEV%RuDb?(7#s61DviTc6(Lhm!&jds}SR7#WIK~ax16tSUR zipzC)>v(QWjYc04FTTrP0UY(0&S8k6O|;)^#)PdzK~N6!V?sHKtR1AimZUzDx&8jF z2HTq?UtT$$CPz}z#O(ZF@M~4$GXnmOF&dSK206B?_H#0vi7(49n{UHfj(>Bv94--; zPtx?UO3UD~2`FxlGf_c%Livi}WbdW1nYKqD{t;*GUy^uj#Zj=?;`{coz#@C!`62mv zejS%lQ&kW7l}9mwz@;zAISuXI;Ol%RB0@9v)l|j*LF16Qd>cbWU~1QWC+CqEjzwGvu|xX>eP|gbeHOlIqS+O<(w|z1#di& zq?;~oE}1IF$Suiw@XU{pz#LGEu&YG&3_t7-lza^CHLvxfXnKFk@WRMFO^I}sPH+}y6 z`HVB$z@ywF&~T3W)=W%Ye^fzg1G9D~pV5`MhbMMD~D|h)uWIsT?ZH zJwN!vqJWd-+?iP4%L!N+Fok-0bR8X6^i6TXvV%Wxx#34V^cOg+A(ZS+vPx^nsWUa`F-$wNyRY{FX$U+c!X?*gX_V)}A zcKbDPu4Ll5w|phzQBaMu(c8M>aH0%Q5)7nm6n0j0sZwc}=kgZz@i-_c##AmYWy7tvh zl#?@wPm!bXx8r5fu6CN|AG$y?+cy(* zC`^~GLqyk0s{og)J5MmPEEZ15g&l7CMn(c&dHUe0fW)@%dtfL&5U8CVeKlSPWi&0S zqf|u5B5hH+(0y7WDlI&F<_Z5z;9Tv6ltTkO6>L+B`LWLUZP)taUbd}nEK2ccyXpl2>awc+8r#~#|CW(X}PoAhKkY)9gn{_vs z7Zz1r21^Rghsoj&+L`fssmxUbTTTr8s7W*|vm&6R(x&>nS>QT8LOc>ETdST%ArPp* z?fqO!;ZO+$G{Ir`=;&w(>yA@1RTi$o9qgKCqASEQVw7KNS`j+4Ci?CB@S;g&GovaE zyyMyPzV>77EQ4B1E)ntWBps)ARlG-ORQYhj%wg#X!pp&iVt(<4N#m9D>GgXZRH!w_K1bf3T3PkWDZEn+GrM`)3 zk<4>Y3}dmu!A5=w97%g7(RKdB(Ja=8?}R(-4xQiJ2fKBzhdJkK(Pd%FGKnG%vAa`8 zg9ZmfT`Xq$mXp0I58(>ylgF&V9jo=%9;Y4~0z_UdBbdOiZX z(f*E0(P_-C^8t+`G(KD(3R`1{NZ2*l3$iNT4svJ5#pb6)dtv4ghPOTsdg^|TW1XLmS{6CJgjdM@#L zg)3aGH8%K-nDnXnA)TM}ROZB|>X4arohEcdY(H6YM{tR9NXWgWiLagUHIAb)!=uNY zNZw7p1zFQ)r?Z-7D1V)g28TD=*i&VtL^A2v14mudwp|DopbF?J2naUfj2H4S!39V`Jd#hxE`D7_F9 zf0^iOmeh{P*nbFja%*rpuVYW%MBnFvCyrV%p|3(58(r*6!anji(y?W=I@p$~`wDWi)d+1b+ zM~jC=P}-Im^HFl}eAYF~D+jlk3%{*gX4AX23$IDQc8=%ebyz)Z)Vf`4d$_a8dh9q{ z*v`IqW${{I)>}-mxvtbtEC4uiUY9;1c=EP4YB3PpygV&%6aui?IySU&sboC_U>ClZ zcB{knW+e~WE{Ts(Vy*Flg}GlE{$O+BYX_5V4yvuh&rb1^{H7bN9i@l5##LWhH1^|?x{RwqPQCB9y7a1TfwrG|y>8F=^<~zWV$bMW z<<~QkwHUK{g*3QJ0~&DE-v*J{Q@=G4E3NnPCP`9#2-T@we@tS(zCH~iD1~-UB zn2gF^$#I$CPn?$H^-L-A4z_n2H4PyFLB?6?vAHdwvFN}_3F60Dsrad`*fq&o*U6gU z)|_lM0jw$C?W}r+(hsj**+0)eyS{5B;?wT!2iEhwtAr~hJJ6JpZQ*B`vYSUy2EEuU z-HnGC@$OZB4Bh+KV^*1ma4Eb82cBHCsRmmOM7FyC)`r#lcIy6p<4-nQ#JH0lj%Lq! zPPfjDH?1q+ag~*w9!O|ci!XSQXk^e#?BUA*Q`BOuJ7Xt3MhtjTc4Er8{)e;rOxBY_ zQKW(phe5AR>ZJzoo0=CLWd<|^-F|a3p@$-!Jy?k5Sa3I)Ne`q}KyXXcE7KicB$FtA zu7{<8Q_pp0J8$!9S9q*&q*v4RrMT^2s?M-h3PR<*W%M3Ih~Kc-HOq> z^wX}o>$<3ONn8taJ|9yF<*G9RtXl$#&AxuL1B?%b7rEA#7kAn!LaJ-F3V&ots-~{1 zY;KZv@bjah*h?KY5|YQdZcE(K7+gn#E?9JL-Z*A(x%F zy(FA1rjtB`J9qA!<ZUC}`IY)JcXLdwZ8mG;m~d`#FzCj6Dn9o%$$> zzy6{v$aPB9R9nhrzwE(p<9V*rJuJoH4kroqSowlW23^`#W8VVDMLpWEf@?@$)1qVU zbYq2glR!OVOiq59;F-t?9xR*h4|uZnp+3~augE4Z}xO;wnDej~AjR>RzEdG-)yditXW50>$b;+)h4ykw5>WG2ggb)mL^@!)vzmKqk( zT(WC-LVHtHIys4@v!%OJ$4}I$zfePPjmU)zwG)j+E8^H~0vgI!y$lRWcRD5)+@wx= z)G!>&uXDH9dbB3fTB`wGu~Tq5;)9bS|C(#<&y~%Bo7NY%4bR~k9gY#OQTc6TlzjBN zRKIup;Str6^r*Add7R5LxPE>pO#?e0DYKh#3x>}h<4m%Go)0UpYx9_d)5JAYQvxsm zD$YT(Q(Gj!*wq`<>pmSK?$Z}MVrRju9Pg?7CGh{BS=h@^vau1DlHx>lIgc!qR~0>b z&1g}4!lMq^WjB8s>j2TbdPdS+Kc|5cTnDYT*^wG*p(%^hLK=3sGEdBdMVDSp8wX4; zWud;%ZjmuIeMSW2@^Rmcau>4EG>NfX?=zgWJnPa@w8@lNg)V-#h^N8Nyv8$HPtQz9 zG3KL62r3AN;q?;)y5d5QN2@_buL{JvGgK$N91gj6_fg@+Rv9Qn@nHv%d}v~6xd#>F zT<7{?1_@hLjz>tYzkS&9rC$nV-<#(5R~#w_PfXZL!CNSzp(tVG(XcALn2?hM(dAkO`gHt7Nd~Ck5r{X|XreOS zqWv{rEO6J{*!T^%&A62AjGX1n*NE3@^54zP5d4LHPWe3qHCNg7U3|@FQq1 z`|C<$hyw%MNe-{IBj5~>0e~^ynCU)^TDYNW6rL@`(ez?a9t3q@1_p+~o|yRjgaTbJ z3zyEx*OkY&4o$|2lue??5Y|GA@rq$oYeAExM5A-(oP@)O5qe$4n@Xr?M?f(cnosGL z58>_Pe1vfjy(yPln`-nxgE`ljE(we8v$-h~h%GJpr=Tri!mpf{JqOW?>PD}#R|N#k zdeH31a$$neSE#4+y7tCrZ-sWa&u0&&f`Nf+P_GeS_lB*Ek<-X>d3`4*Y4nbU-%DOl z?x*zbGIoMld4y@MLsn+tRZh5b{!&8tLfF5ew-+t z2^*({?)>X&!`3J{d)PTWOp>r_J8|#cy<7s}G;rCDfNH{-pU$JLHNq$*IX2+i&k0O+ z-nZ-alGKD_IjFu*s*eOOFx#_d&$`g*?<|%rBQ~lYDQ3=YyC~*}ll>{)Y3CR@F0X7h zw_e}WRA`Lc#EYuJ(W-Tuag$Cu1mfCWO~7fe1FH=z-#GL{LT+qsT<5*mz#Hl7Wo@W$ z_TC~^_Kw=aJ7-%(b)?rZxsKw`yit9r`sT7WykZGz|B;xNXZ(&ki^vXrd}&$#18dp# z<-vxH8$FGaHnm$_KiDP`P;9`0QHNhmT?Ql+zj37y15qaDYfBT#tH>5>cV2No1rZfE z+uAN8o#Duyo3$tTm!F9-^ZwFV&a1x?CHOVc6vYFEN3d7O{mQG zm%XSgl8=yVz{%`HZ((s4IvtAVO4HsaJ9rM4KSz{m8Tj!Tp&Vcu6xxo^QGtBfL>Il( zk#8UX>CW0E_0ZZWnDsW*#!33%1QBRtVz70vZQfZXYpTEVh3d(h5AMV{sxTm?=?&9u z@|iTM=xmK|a8zuty^Q0Mv=OlDt68_8>y+l%VUn2Zer4F-%!Ha}AMZa-jX+d=+=RN4 zi}pBSuE?yn8Smd@IX5#Y;W%b0Z3U2=soSk*HoiF)u0d+*P(|-*UB+xAB68H(MT{iz zUeu+ffH4=!iu&;Ol>Ym8g^2YLXQ9^`piL#}OGH$*B_(RZ{T$f1y-hu__TKH=w68sZ)8m4 z+_cHdDvgU$4%40^!D~X16Y!_!bb>a;5tyy`1Nm#hFc%QHYmPE)tV-MCIO1F72c+5IW?m?Gj1_+>{L*o z7ZngOw#No7R+6R4f$XX@PERJ+<|j3Y&f6Gyq&Gl(seY@04Vuy7Y1(m2>1WX@*yQ67 z8&#!BCAlKeEqkjk z&I(6ZaV+fHQ?RbGNEVo~ani|V^>)X;U?a|Y>L+ZNbjsqs#@}XsI%JLWdcJE&aLrXq z(+{nK*i!&DC?g~Ow+ZG)FAMRM{P-mbwz?>gb#JLb-^P}kw->8wo-E$FSe`+kQMHcq?_Ob#B${oxImBtqN5b}sq*a;|YjL{( zThY47nL8Di(4zD;_x=ULnLlRg?Py-lD^BJ`nUh@(5d^z#8LsfW5PQ8kG_kD2cQbhc zmAe)K8bNOm?)MVsQ8Rk+HxOpm*k}hJw0c<2etfHlPR0g=p_-hWw4a=~ZQl{$X+N5K z+b${XF#oma4Pb324ZQK!&;XhPR&VD+*GpQl;zy1JJooOuX(9P;D=F2$f~!&8WMy4{ zV6 zcH6*RfPdK@+9tKiKy#ygHAF|S*SX*1%9S1L92@|OFBpWom=9TLKh5Aem&jmw-F!3q zCLbfQfV$}k6oxRGJ9eEanF(9&_f=RF7mbQO3L!S+G67m1nd#n~khGalv>G(BoM!8v%i z9FUSMqMOB)n3%XnPOd5IVYcF@!G|%4VposVV42o@C{vu6d0A#!XZ`rrUFRV;{IvF| z$;>V9_6CVeTCdj#plyKh&tuRI(~PZ}BX6sSv$p-z|B!sSq$oyx>MVN0-xO+xWh*Na z1Gj_LC%y`%;9wVPPgiJ%v7AoXJ0P+up_jHUmN8pPL&Iogv+bt=wL8SM5)otPR?mE_ z4)smT*Du0WrDSOC%5R$cB2|q`#M5Wo#_%_Ytcr!2Qt?H*lg-e3z_*nJH$5a*{;&(q zk#0tZyRQt#mXwQ06ou$udS4YnS1#HIbnSFYq9H$QdPu;R;)Xg)llC^pB_>C0I(w>V zmGn$hS#I=jfLH`+IX)$i-(`rTbg+1{`)0zb=-yk^+Yi|Z#w%}VEV>3W6)TRM41m+r zaDn{{Z0&nI2fgmn1tq zwOU*Fi*gQjM?q%0Ql{9RjiIh1&y=EDA2Bs>i~IFAJWk}=D?y{qkicRtE>U(v8O-!r zcz))dmFGtg+`2K?r)bgC0dtX)v-<6tR89?AAB)#Hu2VygEH66P9Vx3hpy};8Fia*A z_L(Y&ZGE@5%@@6Lh2GQ`o?T*Tr!bGE7Mg0K7bf2R%<%ke4mPi#o12MvG&styll8H( zS8MFSIJXb3$?lr7IDR41?vermIE(M4vv?1OP+EcGS_%n)lVdFCXBw-sIrvMJEl%ud zb(C)1LlCz{W)MkE>(j@6&T1@-HZJMhf0^+{fao?GRr3Z_4(>XgBL z4+^^Xs59!4m4iqJJ9|A*wK%Wlpr(&IUcU9q$6(9ino?QP*@YSnW)q0S)seT{wD8q^ zw}H%3*h6%+SL>NCKk_Qmr`+=X$z|k~&$wbD(_u6%&ig4^ev8Cr(cZY>?;p>ZKD0^3WaS|cSiVyi{1#6ws{M(krLBF{l1O=jG5zJU z@RS_|Z=ywz3)m7FyJ(gyn9=t;`M&H3w63I1Je}CuJj>@3lH?AU4RhwmxAIHCd-NbT zRhpZoX9q7($8q=Wgr_{ZRH@1V!Kv-Kag3%sR(MKbg7F)a$fe)C`v2{a{9h}Oo9Sx$_k|tWwp0+{ zcY1rd6E6+>`2e-Sd244cb<@t`?INE)Xr`(YG{X^_POY|=`?Az?aEN4LbhNdXt>ebiX2>i5aWj9xzkl4!Ul8cuozp*V=9lfxKW^sN zN%oJM`Q?D^A2;*MB>N|u`SlRzpKRurqr!i(nSYNX{^BS9WHWz3pnn%azJIcrU(VM4 zDVqH<$^I#tp#sY*HZtNMY9Q566bhLr`@@EFmzk5e(jUpVyo`t zo;J0vy|v+{(s}_}tDPrP?ZeBJ4?h<&>#~VDX?QI;E#*Ezs}2*S{3zJ&a2?~-?>76C z*srC(tKG)RF0icix7xfFQgkUBR&oH1VZWTy{zscJ$;$k`urpJVTD5W)TdG#qR|UP+SuOp+7n3Yy4dWC0BIaf1zdqWLmEuTt zOYO@jH#`vkk;)*93y8&#b%63&UO2;4>U019$c10$Cf`dMcvY#F50k0qw{Hnv{9Ro} ze#MPe4nfIISC6Y0*DpL?82I>q!Oy4uIn`paT%v2&s5xCZscYfX_5MKO^J+AF4syvS z2alahQ{<2KyFtJ@YnLnuEEGQZ{zbP~DZ9L2IhVbRjJ(gsSc%x-7Hnt8rYK?E=ReNX zNm6A3l#+lIb_fx^318Ql*KS;@w%`@vfg~TM0>$O-<+3TSvc+X>x}RSt>t2w=|GR5j z{_)z9ecS$c?Ln40+5h8fcWnE4Z4Vjz!nF^UbZ-8?=JxVGUVB$?B;G_PqqpH)>xXtl z>uZwo3r^j59dmljv9iQt%*^S6pM<5BsymkxM3423B zsFE3adSZL0NboCJ5cW~a1Anu>|Cg$cQKn5M)v%?^lIJ6=x9|Lk1<;Z#Ne`W8vaB15 zIC${cr3LGs1c#`6(OJ6%zOwyz61-H+ys#b1HU~bRkfyd-t#*PT)z*nQ5+T566R;&R zdWoD5?a=0dkzssmD7-Q&SafYJ$!)o%p8YGEcazxQgj5Tcpm(oCT}Zd`EQbcYhb{G@ z78rg-n9oMsWG@rzDNI+K9tSD)FKPNWjjlXL%}hmU%?De<4C&n(Y~>HL8YMbEu(ZBC zU;Jj11v6F4?juV+(-85fLLMG38+T<%Af9lAFZXkXMaka0rgiLPSrWUWu%Y(ax*4-U z{+2Td44oqx9#pEk^{t{O8jwr-QWHS%d`6SuMcqq60F3u4)9W31sjYLuFiW9RURqaI z*D^G$>{qTL85endK^EvQAHj5qaE@ONC}CkvHwnq~Un=AJT(Y??H@6k^POZ~&o`$+yuZtDy zzyEg0G4zsbh-j~Qm!4Ju@;LN7Uy@<`wo_qT$()>=-i5mDWc~tSj{z$?n}WgzIl2vF ztrEMXzu#vmA@|&C(!iNhPNhj#v>9*J9G96Xv%}RtTenv-1YY=q(LrakdQ^Hw6rHW` zIpyV6R2}}`t4-S}J*zfz8=L*dj~~|`$Z^}i$<3BhT#N0Tm0&WPtiC(ABKW+9+9IdBNwz0S@3 zjY#CiVzCi5*dhO1k`p2k-{G!OElk+^8-!r-rCCe(^bDV8!**Q{Ms6>dV6p#ko1^9N zIpt@A2Vt8AJP%JJH(gt%aHzbkyuAFJ7qKKzJf1b31z$|ctON9TH@LY7!>f^y(-GT$ z&*>K8p1(3Ne^wxSwF`Vqety3G<;&YvjFEiCl9M&kZLYpCc}hXdYAWhg$6@!_4CsA0 zmV1+qK_LNOT3TvkVZj0BKju9r4ej%7d^XkF?2E4)2QRo!-QeZ__9TD2NZ56nlU+!{ z?s#}y0wzh~)Ab7z3dAgqsG;=VEuA4_WT-g7g4}pwPEPOJi(`9S=VrQkdc1sn8N>1E zy;|@)LdZz}c+!{f3|wSMMaq)AU+c>a%z6ohEFf45te1`;VAXLc1nde@DLdH0)83f% z>Ge{(nGu7tva&SZ=^e7c;p8119e3IUI8DM0!@j^_j%7I;#sj(HHf_JOSY1R^!?@8E zh2vpe_}MOVSk``Oi70lf^q0IlXT1i9wgu*JX}UbX0wg@jbhwU8rnAy zKg4(yhS4xUm_9MY9lR8tRCO!Z51)s7Kmxynf=!ttRd~Xh8g&p%tV&|L3Ve0N^&DLa z0p&Xn_Ehzt652ra6$x6$8&ja^4p7kps~X=wgAA-k!N|Gkm@A9XPDg}Ycc#6r!$ z?F!KA!1Ri@DmO4O@NLr6+FIR2;NWxTnW8{|bwMI=66KMsxbFk)I9LQ&PNv zF$X_lW$n*+mLKjd`SJOZjN!K(1CEG_cXPqBo(A6_5c@Lj!JbWf5X?NhHGjzOKl(G{ z^*=QFv+MlM>)Q~g3O4vl?FNo0AjzkNfK`>9IeqvJ^J^hKo6faMvP6w`*XsR}Hn^tN zvd3fAbIS|m&qxA1TS^_2a+CjKWAlf{@zfY{enq*owO_t(X zs^aIB8l1{G^z*#fqAko}b*t=j8fWXrmApbFv;3|zlNxwCv!31x$sc#t>UxDrPZ>E~ z{mgM`uq7`^x$`=W@J^8Vht>M$;BBDyfocrcJFy>L!8eLJ-bzaWZFj3$_ZkNqb=unF}eu=DmU9Pm12Y zegMvB)|4e9i)$t4t*xFnS7JA)R?qG^pWrfUD{Lltz(%~%0G2yj5~uv~FT|*)%v{ji zRM+u*7tmGJ1zzQKe;G){8tsR|VjzNX(KGBzVyj|BPsbC8rdx0Z5o(@9|Ig-yS*5bQ zZx7%8dW$qSYZkOAJ&#NF{2g+$(eT%^Wg@jE*!53^zprtPqHI7a#zRB8@Q|=o)HQfC* z(!0z*_R-0x5Zuu0V~${_s-f{BSs0ZTa27oH`P75YLoRX?Zn~a@k-`J&b?o%2PyF{&D4T zq9TPu8OhE(wo6-P3E4_^_I9kw%FbQ~+4I=v*uKx#q5HZ&_xHZPzx%qlK7aiFsq?6F z-tX7zx%czTA#AteqdP;K4mk^7m=|xJP{4LL9QS-;8f#k{b?mGD_r>A|NzbVn3X193 zY3A+;{7$T+<`O!&2@531#A_x$XkEQ=@U0kTr;fxS-Q;J4w-Yz`u3fP0uBc&E7C1+8 zl*d@y-4iF2JwFi<(7mu!CoUqi!qhEB?xm^61E1l-8Vj3-1Anu(gpaj~4fFRHz!I6=)L@@;b z!eMOpVgAErUK=_VhrxwOYact7dm$F*nc^Mko0+ZS&PL<2s_Sy*|)gQ@}1aikZ(R;^>4yJ7jPH7 zK9nTXhJw}1`yBuA-xAuN6vWV4s0GYa-HK9=v1dek11)YHQE{FpR;}a{SgCKssp(0ouN$jAQ`sj z+NbF+h^uM;Zou~e=W5sCK89?c!>T6kv}Z9z`k{f$!`|a0_udjut(SyQ#o$bp54cEW z%+u3g^Lvd^C)vQ>bNDEaRi%bWU45LL43Fm40zE;k6k0C`Z?i&o;B-v7I2*A$ZRVbe z&IkX}Ff?j``!2D+>?~KvI)@l4F20+!Rgo)mG%gTtTp?`OfHk?-i5R(1UYPP<3q zqwe>xOs|Lu57JVLaYa6;_V}ciU72>o?%2HCTrs56e6}=5^~$t<+blZDZdfZP?@`BA zVL@o(rEBxmZ|VAWfJ0lJhOmI-E4Td4WC$yN*vt%X{d`!J zfXMjIHoq-+kHX=`#NN0*6_}R{dkNY_roKz(Q3JWDw2X#aE$|d|S2Mj$YnfDuIUU3F zfxUtkqt3ZkKKo@?&fMIbgq8K=5An`IT4A9u_(DZj;!(RBy0(kG6-Y@@JCCFVR=Ydq!la0O7++HC8o!BUj3bj0c+Z|P4m|NrG2%0!C^Ux3;A#twMi z!$$Ja?uPKtB44oQTlH%!z#UQq+Sa={(Jcjk8}JVZt-(9RSTyV{LH6mDA2T~{vLKZ^xlz*3HOHTV}{9;gUxJ}wq?8QJGuhjgF*X75Q439rVe`1swRqjlam z#%)`Jcd}GQQaEqLAKi3qh;!!12SM_ZuwO|ZN$Bx}_a_)in>7jnVtX1D$t$QD6V=^S*mqqs{Hzh;{=Kvw5n zlIg0U2_jPL3V`girC|!J#IoN9pS3qk!sga=WbZG~3*L8zqwrE#uE{);E(}~?gn!5y z=-@qwlyYBKKxJPHZ)n}VwgF`D%el4yy}gEzjC`pTRvSXaaHFW!;v!W@d(cm``magE z><@2odyxkSteBYU2N3Xl3Lp2&NO`jZn<-(!zWryq`tMO_KZz^?eqL0ClK@=i^;|Il zn*V)J&`HupM-!}aPHGt5zIq-55_bTcNadxTfp_^pX-fSiYYB+HP{MU2mE5KHZUPfJ zOnWYuP_FWY_dq<9eC23F_o@OMNwn2Cfkr^FMio;3nSNv%8EAtu^WTFCp7d|O?DkLi z2-1ejL`H0d@t{F)*^OD|g)u8u#G0g|xdB_REk-XvM^MP}ZwV4X)`bOb%NhzK z$323N0AmO#YfJXSj(^bpzlFx1DhriKhUeGHZbEWb9^jRpf%2b0H1N?>j8`KDM52+Y zKh2uV{rZCnwils7!`=GdArSot-H>N0+J7S;?qti`HJPtse+;An?~b-A0O8*sUH^ka zud2Xjo7+%0>xMGw*7&gMPhfU=Wk;+@Nu^lKhJn2qjG{@RG{RV{6QOCBTCA=^{1=$z znvmL6Uzg6>WF`HIsCL8EC8RemQ-k4hbLPhM1k*jhI7yJG#;~`!WWgRUDnM`aV`^e0 zlF`xDf<*FSxqr`G|2;V=hy@+^fQz@+z@!Ud`?<{0mB~SLd^E4 z6;>l#VWnX4>X(}w05)ZTGi*$MROpuoDIULmp*4xkyguk=)<MO-m;$$kP!JtN=FQ$tbztxekrTff&ejO&`0E#BQPZO&+f75c96{zbP+ggS)R__ zGmBgAiZjZP@Pu zIeIJa43yEQL)xOGJNcaKYaoOZsy=HnETrpZP+cXy-8IJLhkU^MH=%0%K7Cp3QQ}U` zOW#NZ4FS>gfg@*oocgk+eR*OYkP}a`z^L+B9&f;JxDAr_J&90L3rb4PKm!@Tf86aa zDt*>ZVjLfEPet+Dze(d2JQPWcBD;YpM0AIyi?SP1$DTw6j3`Wf>9bv!jV#zl9^1?V zuP@V82O`ObOe8yTL2#iIV8p|?cTIM%QgNKBuf#XxrZg-)Rf%lU|I)n3*)%6DtUF)i z0t*hSr)n$4hz8Scv{)&e{%GB@wXKy^SFe?d`oTlDqR zXycnFGlv2W7Z8?yTB+$))J67O-DDbItug6`vDp(l;IIwoNNgRD5tVtri{$UQpFvkW z%-4AQ$3KzL`WMl)5@mRJ_>@;Ae)_{gyg}!4kY{onyatW=+)HIDLb^i@?Z)v-F(lck z`MjVM;;mD$daX|yg*B0NwS@_4&w4|UA^vwrm|Ud`*uzWXS$iy}v5}s`w%-ar>g3nH zbQYbSmg3GFW~6J=84*7C(fFp*aHE1@YXEN!vwv(>(m*l-+Hdy#0JY4$e;4b&m*~@f zG~vuWK8cO;9L{R@?7M4O{-AU7$imd45zOxWh0zW!Av%XB@y^>s80JPSrSmNWrL#|4 zmS<=G?;UVdT)wc6U0Rj{*H>I7=e)mloWXF^K{WPkO6Pl?kE9NRJG_DC5!XL9L4q1h zL;YLqydEeCB4s(MTANGDCG3}|zcjK@#ov%D6YT1(RISww^5gX|3-O~>I8DEb-~N8( zg-FY4X-)tU`**XzvB2QL$+q`~L!+KKubxWJ&p35{j27O#P$nKImi3bTYYJmZ z{I7zxo3-q?=o=Gj8B^{a>lBa}#jG-whun~$`^X-|JuW;d zcE1ijCLWs*`vRh!%Iv3$#9A095807OFUqmzdU0UUzmb!d+jh~HA6d&Diwiu2L)+;koGjRG1R~10bYS0I`&9?58J!rr-m^|$vjYbzi z5brD2<6Z;%g2hc3(Psheu&WItm(w0*-)egXWix{$Q%XutHoF;Peq<1&Me=;z(PXn#dmHT6zg@(UHfgsX2iz8#MCrj zFBN}hUyeRL&i5!15jc39~^rc^>%%cNbG)r zVh!(_Ro4XKRusuE2nCx`^4qiO3#LZ{_R_Ys+9{kgZ%ze^d>eN{Cvk7#@%5luf|uPX z4Y^L8z3=h}KqO~woa_ITHnKR^IX_YE7!woYaKd$W23>m8Wjy3!&OqcX=H7VSQ85;F z5JdOVPt56h0>~4)qSr*Mo<1a_1KirvC*j+fD;gchZC0N=zVIWxV}WcVhqzxN^yFAv zG&w1NiyTX)vFv&yj))`v(T|VQUubQ&kJyrMnp^Q6haojLVl`q#%cwGFDap`Gje*kXN&2?<+KKsc73mJXfNN} zeeMtEz5Fa+^g3*t4fgZB#A9d$nX3r#Zsy=yiR-t$)XWr9_5JT^pEod=Z;D+|n4hSY zE-Y|nbZz(=t86UwSs|G%I@%lU(1<{x&l}noC^i@&rcIjkw#GXNiWgN8FwN)q)w;Z!4;2(f;_Oq1 zeL`9oljyW_5CpkHa)R_6RD)_lkW8T30xEQ#KrWQN>*Idoav)CQ&ZkKn_p z1_>U8*DHtt$86;MvKwNET5wR$>;t|!s8Vrv+6Ki{%T{!s=#wZ(%O2R=iqHa%2JU0d zx^n5?b0q-?Jd`sQKY%V?FK#-!CgoZ0fqTl?p%c*lk6elU0K6eG^>o5}cw>GhHf&8| z|Nm53XLJ-uJZjJcLXZO}hqzhxcF%R-V)^?1Q>#ZXM6GQAYLilB5TE!*OUE0ixIr@c zc3aawXCYQiPLDq3c2(lPJl(7YZ4^Ih@%trQgi{=F31o-AMlpyfgAumWL2cx(&JO5f zg7!F%Y}79#qYei>)Rvtn|3@3bs);Blm!ca&I1P89lf!0?Bo4hKCovgGxoj?IMcF*{ zP*XBHk(Q>QX!P;q)RfdSLQ`||bHcdY!VTE)M-M2MW7&J_5ghD-O3t@6QMdye-ZtQ2 zxWZOi+QOoutC^Ek5{AVm!emKtWR7>cWYu0 z`MGFlw&kOKCKae${L$FBcX)XC0#+cyKpa*(6Oe>TolxfnujI91#f@u!MKt{@>a}-X zg`$*t1Qc`gv|Ts}k!z#+la(KCZK!xDc4xzZ=0)p%8~wbn=xC1CxQ^*7CpETFL{J`C zR}IZ+@pem#??vrwCy7MQLs-}(fYf@SbJrdXU z=$e=$O+q&uY&*Le9YV4jce@+xn>k_qQ z*}&eXlxHM@nBpWB`6-)Bq1O+K#rCs1w3wQhyvx2s@PQ`Eqhdj|09u9ND??$wK9F}$ z{bdH;#_0OuS1rJbO`H@iCZNvG$9Ly7-eWzsdm1y-%aLKzeCX7{QGdI6(Xkc@E5<_! zy5B#h4MfN46e;XJ==MTPz)aqy$>S;Zdth^Ov&0)gD0cl+cK&Z`@w{&|#7Wuekpo>6 zZgqy3L&~+$*;$+&>qS^{x#1mFht2CD=YCsu+Omv!wP71hKPf zDYNUU*l3KHm;YF>zOA;V_0k7DQ{jBU`WUA~d4HLDUdbCQdh2fDk}j8t|1K5)2N<`; zm3zJb_T2Zn=U>IaUje8DM*)d(v?HDN9|xwUXx z5Iz;Iw$FHx@@e_>9AO~B`|6k*LNQ#ew&lfV7aN`%TeeDBsgFRzDrxAAiACY8C;c~0h6_{W{SA!2LzLRxEZ1sZ?XjHmy9&Frce3s&fB_`=$MB8k+)rj<|+lJn8?Owy5knHHyRTunX5|nbZMUot6BXmhTB19nbXCK(@}N} zvggLcZO1r%G~@3DRSU8$TLq8Lpi-|*zrrPJLHI#OMoCN4)eVb7B^(iBKJrtAwIg@& zZ>PK)-a(;7JCZkpA zvYqyYDUh=enO2ujQ<^WhO`gutFWjUgLKg67=uOp6+n+6RhIPdnGeY6Fk;eq&n+O%F zzVu#SHlo(k_7K6-YhXrgf6q2rzts80`~fN3^F_Z(C0$NDp~bT`xUBm&i-XuP?xHSZ zq+^;Z?!Bpax-y87RJ^0=lKs>8k=)1g9f~Rp>^GF&x~@OBaTz(kf^KoY3a?N} zz<-T5GT-W6%)JMlFRWUjW<4~_Smt9Q4yi(squPF*L*^F z3sSTU65m_7CzYwbeaOS@aAjjKHz#+&HkpI0A78zqPWX08m#6fxN^b*?_xbk%JjR}F z0=+iMu@?P)Gm8PeGueTGQcJV{K?c~{PzoiPYY3%1x_s@oG9QtH052Rt5I4HBl{&;{DFCifH2*{SfSf^5771`Z=_Gv=QbEsAe$F1#i#Ii$wmx*}sjIN<^{{Err`skda5 zq{hvz9!+4A{sdU>%x3ANmu;^#RqS|~V|xg1JYXN(QE@|He%k^Ary@O8n5Z;6$K&G9 zlo%?_+UMl6a-i?9)y&ID`28V-ueUfx_mzKN)wv)5u1;ry%{!>pDg98&fuq^1V4HC- zwluky2@RCByOkZOENSn|^``MqP>w`12#b!yKbt!39iwWif&ufKS zNevO5i0mzedVjOe-ZF35YCP6u998A&viHaK5uwhaJ+ktN^|wgE@j^Wu76J>Yseycl zk2$x+a&ZW+)cL-P0|MNs9Poqs5Wt?L)aO4i;Gbd{`z|WDp_k9%5M5}&q(d<7S=I0i zhOLits-Nja{Y;Oy8%{PHb8MR6uUYE!#`&o#;hRKfeywlD^PMJMEu`>w#}$)pCFY6W z8C1KMGVKbP&BXl9bOwb-MG%Mz{7b}$yTszzNpD&e6VBiFz!mZ?jp_(Ce}?LDh-6{qZNJDthXdW~zLo;-jLo zzCCOy`oOIlB`-=aCfY!;8APq&S+dy)j{P5yA*=9Yh6mpBZD@7cP-j|fI@nl&jW_j=wC)=hNgbBSe zaDO7jpPTeEq#rlEy(mNsQvS_b ztg7DG9=`W3J@5J`m8A&Vg|?{3O+&`nZA(A%uP&(133Rx{j~!18&GXa~?0k_vffMqi z%8;-j&fBUaSBN~&F7?Z_t9yV2ZOg1#=JR$qynF|1TJF+9dJSadp+a=bncRl`9+&g7us&E!$t%y zT3a%jU@IGb8WOHmtJ+i(r-AM=k_dX0n1P@C6+&kpO8IV|@XFqaIBi%COcBlM0FHOL z@^)j7b=w+!^hrM*rJW8=B|q1W{$(eK!O1t~)kPiwvEb3wv=#NDtd@^Fjv&Q6Ka?$+ zH{e{>ufr^?q2zZ)O?B&jB`>-cM>gR7A5Ytl)lf%umWu}t6K^~r7$q28reYaoP8Hf& z)~s0Nzeo!7cS~GSraqOidzq=lJV8MwJTv;NifoFZ0nA!-n_a)$&X9v)s>n$=NYr6s z3Oiu>SW@`0>#@h0rfm2d4CXU9OXPk8s}2_{md zOVHDscuh>Pzt^-kXyxPL<28`R&a}@Ys^wLlw;+VC$RQb4po!;i>%wFaO$_vut_4kK zaK$}tj7%Gh@2w&UElIu1f3VrPyu{y%(ZtK^V8TgI-4d*YJC8p8<~I|ct)*xgT2kRl ze;BHNHhG8JZ(9*4>afh4ll|CBwz~k%ja+TDYY^aINvFUyH6eMRW<23?cH#Xs?zy=2 z<9wfkaG5{YB!e!t0%I*;Med?vCc1>-lZ0d~cL zNEFi1cj=6oEsxPO*_k6boyAq@cpSKyqU0vU!uIJAu=hcXSJN+cNV_`6AKo{6vn+Up zOX2}#^j7OU~qWd3>|9%fLWnW~=&-iP(I9R}tU(1LYdBNV6vEJK4HhvJJ zadES$B(X(eP^~Pq=lvPm9E8EyIcLR`LW|?l70r`vIJNVi8&(1-^V*qnzA;w7=M10je)C$W8NA$w#xC?w=#90i%J_{>s~;Z+YML8;8V!(v4&Y!>nkKq!#O%jw{1)JLJ{H{tbiGrZ#{6RSWQEi8*`& znR5MIg&74E%}mqvF~hlM=cXgL^;93MkKGM116R>G?a%n6WY+n)ZToi>O73Sal=78% zx9GEz)iZa$>q+PQ68W%ZmC?{|sV9eH18uTU>7P;cg;4H*pE*J{=z<&Lxm<@4Z~ zMwgsf0kd2ZrM!WzOMRVz0|cLbWLsgCd-rT#|M7v0o)bRyV1YA}PrdSMx~mDf7*}D2 zh`8@Hy_xP|g+DjDUK>w)xSU9(NAV<8`H_x$h?;j6uTAZ`!9N2wM6tG(#wpP?a32y0 zSe+@#?N{ID;wL=w=_;~(0tWo(!t$N2snPL$FkDfT=drEpDDa@sVO-~OWctsd_J91! zegowSiFyV+>WcefIFp{Z^Nc^tEMfhWD@+~Wx=}*qTB;E8ppC~DpX* zjNM{S06K)RfopISu_qfmW0V+DMW#(GKT@|@n@jqhWjkNJ_xW%37pPm7^2W_|znAo< z82H;fVzTK=yWkqMGFd2&7Fbt#+gbwU8ReGJs|^>NF2a=JUs`c;7r0$J!TnO{a!6W< zx7?ywTrwM3x0Xazcm=kL6#!c2j zFoz?G@(Le~OJ}Imt6}{p?w#So2jYnGIu~F;J|zt5AADr zO(t1OuT$J)0I;qH2x-J!l7|VlaH?^(KQR;LKQrVas~c51ZkQxtblvESFAbfU*X^76 zTi(6M?X1Y&m*bstQh4Y)&#?ku%>zpNp875?c6j#&4sco_Gztb4!z|sq^lP%%1hY}O zxspjVZP1}1%L;o#Ytz;}+efULx#O2?w+Tc?LHE#i2J`WBxv@cuijd91W3SeC)&$dB zTdX{`oX62P0`l3(v!Bgk2bgXQcP_7izxBJAygf61K|M1e#O?wSNWCd%x22Qp-t?O9&Pdi^vJnT+>*#Ut``TO4;bvlS`qV5Mq zSAz0y1wVgZhK% zfu_~&5}&yLL9o8pt>1J+)x~J9YJah*;owv0uvp{C51k#+iL@MEQR%4F6{etl0^+_D zlP^OF&Wcx%#-8V^HK*-us7+{+=^pn=oj7Vg$EpawJtzm zhX4AJXKhn3%Bp0rvuAU_bp~$%izO7RUSRLjS_aYmKx8X1t(C3B@`J)#23I30xOBww z(YGCaM;>@Hv*^r2Ec{XkX?`EeWjLn!T)s6KriKDYEqn>uq4H;RJ!6(cHsoTt>P z8qW6SY1we~T>E>@7f<1RA4en-`{vzeM0m}QZQ+XdI(0Xn+Pbr@P}NF8=R6bAgD*LS zvRSgu9IRBamvqA%YmbSHWIMN{o;_j^c-_V}Ux%?X)N08sdl8H|hlv{j$`QK=%P}Gt zO$c-DlBm2KkT|>dN#{RH$^VXZS^4eD4`TK7^nNro?Q2dka3!Yj{WR-N89JR)fdqR4 zCP;$j)qCNE-zj*jU%>46$jGSR>=@1kyXMU_OnZ2Fd2eDc{xn&1X7!?-UUj-IjCP5q zFzTQmI-l_GugiH7u+pTE0W36eVS67~`)ja*!~PQ0Ckj_`&^DAqQB~sh?K6CQ1;0l| zUMkmNMVRgL%_R_tkF>R4f4TS~FLz)dJSxf&c0QRjU?d9wE@?8nGr!n_e zQi+)(`9dr8;U*xDd!MsZW`XfxfQDH8chLM#BFcg8>hqQmTeIONdJYbb_=jaa@6Tx6 z>gYK`Uc1$G<35a}>=&!93CqqF*>A@GxINdT(mxKjD3Fs8bHa9du>KnXe7)10B2%vx z=_gmJe%v7A)O&et&zPK=Dz2lWb4IUmr`-BYdEqyMck+kXqsy~kDF*AJ9rp`j3x0pK z=d}9Ob3-wqp~oU4BS9kmZc#hSG4>P}a8=$1;u+?1T0BNFa+GAS$uxolV6$4%Z%YK4 z4RH4RPeA&wVGNBF5ka^V$QEg7IfRCWhDSs@znL4BZ$FWQ+#dT2RG-`84*I0(I@By} z+PeSTnN8dF?Skqqpi~YRap-tA>x01JTzO%2EzJS`L!1H&MND#cP=h1PBMgNz7PsIO zHNoxYv|>NLYK6@DyBJ$L>r{1X>j6P5L2@&`wyu^kgZ=j`6nBS7)NFnFK)tB`< zT9MnqoAUAua&mG|ZBXMXy|l4TSJ!1^VPGl_2Z5_XT)AK4(nmHj*V|J;yhr|nBX;;R zxG)-0-7Kr7)92fZHsAqLAx{Y@x{ZhWVz!T3!n?qS0Dy;<`35H^^S;=|ShvGOo(#)E z+&!F@jy1_;V}Imkr@gyJL>ch#B{?F;&k2cL{(X# z)1y}z($A99bOq>wL}cRK9Y5+ zRq({jEpWeZNr3A22CE68=X9(hvon#1=hnSy14Zti_uR#JIQ^7djur1jhQtGE?i(F& z_M`eoH?6jQ=^tVq*4cDJv`M0zkUIQG>Lq?yTgMer*&SeNqjY@N)<-+Z*L6emPkHYd z_f7~>amGh+gSSLR&|kIk?Tb+|(Ax^D1J8j2)CtDfXzBnNTA=ju)`(bV_VPe_Q{MIN zyyW#J(2w%p#329FnLHqY7L!06PJv$)p+mId;(|5gtp|w~Z>X{uW##FZh3w2~>Zx!N zt)Y_S!BP1r!En;TMgkE-gl@6lpL*fH`7+xjc#sy?>`ZTUOcB9{>s~B>&yC0Y4yssI(WtR&4bPOApN~xgG+@WaPlV3N? z0SVdt%tA}kdz4h%OCPMbXH+NQqPgu&9;i;|t)jR6Y8B=xB`_1Z4h4ZDa_a)Cx+XBr#l^FY=pL#d}bk$?E;keT>sDqDRDBli~}|}D{_myG7&aZK2ZO49lPu~LIeyh81f8RA7Ih5 znxzm1cAum-@&dwr-g>m(cwtJ#p;o6ZFF7#l*udbR`x%A8lOelJu#-2%O)05LOGRyF zCqD{MXGnBK>4j6Ez`}MD(Wa!-5tosccouNL9oMZt1g5U;)zeG-5zO_I%SntP1;A9D zEX|#8xCj*{Q)ji9x*92#{e*CfgvqovZ5b=7IuI+e;sXi?uy+ADq*u458LC-#MYRj4)`8r^Sy z`vLYF<1@TR0a23dJEVhE?xk~cs#pqclCD={gCzc66=_H!zDpAmff}$gV1dcDW26J2 z#))l|^F*M{M!d#_=9u|Wl`!#zyf(YjV3>K*X#1XeZ~?JO#}9Gl;j{wE<9^%gZHYeN zv3A1m`jAMdz>uWJ8g&-AcXKN3K}1^Jrm1a0V^uP#kZ#n?SpJEk>2$?IpM|-lnbh~f zR%WyHHE6w&RUwm|arev44o5D+SKo8)vr1--DxaSA-LkpWdqZ?#a&p9fq`{&s3hRuwrU6Vj*5iXN6Ye!x-4l=3{u-?eaHTUq~y*s}&^L-l9FlQ{1y zEGrTeWE2pS{fNw9k10#cYAe;m`YF2v`}8$SV$#L}p2t7ztkX9{nYs|j9&;bwx6{7i zb|vQG#fy^OLg|OwIq1sy%u3(8j1YH^LcJ4iR*l&ewmpVj>^}X|IKoz%Q>kG`UrMUx z?els$X)~TK?U|C%71p!2_pifx3*3oTn0lcAQ-}t4W_S(Efg*uccU`0(bC zF1|Keg{_N|-pq?Ci=7x27K96SJr{ZSRW$A%X{%PV{3#{2%wZLgrP#3$F5830qysW5 z;*!g=h`WnYH2q6wY@UBJrKvCR!^@w-w`yyCZM{{YJlCl6F*|#48xy{E4%lIQo4s9B z{pbE$?A4vqjfqv~&8&O~ji*%3W9KZ7zg~zLkPeE4>&>#sxAfXtlfIf;4EIcKXFl7T zwny0ds^R9Ut0XxHni2mc z&sY$cfs(_LkJ{RlW`1(oKNnb{l|4^k0al`ycnih5?0%@9do9OU?cZugL?Qc&)Rl77 zWRW7H1b5D#su!LCAiT{vOt;$Lb2ux)I+^}kkv1I~s52{lbJeuq~sc=6j9w!s0(D;Kf{Nm?(XsX2lKW;j)%|D61^`f0-r{#(P!gRfqvO^rk5$b#mM$cg=>$ha zoKVFQD|%8LqePG~MEkO6g(ms{h4hGfnuJ2aE>Al{i8+jf)URtzUjFw<+b*E-9+t8~~PGC0o{OTYk%INQ;GJy%y7GwAzz#uH6SvrBvFhEM_I}i$ zs|YUQo&_Dr0-+MgvE6HkRs=_0g47%`7Lq4^Ie0KKY&-1_DzxoIed|g+|4g zEV|xstLD8j*`qvQ4957iCF2SU(nGg#$>EPcROepqAaG&K|3 z$_Fk&sWw#ouzUJVFwf+P7D(l!aR{t8<@rvT=;Ca!Q0S#vQ?zhhRrw-fHZfEgbks^T zlsy|D)iIL0;oo>Ve@-Ep>?{K2U~A{3H>s~aPXE{oxTq=&_%5Q6=ZhxDkQ*x91~K!G znatbmF%*NAbS9+sr#Y_8`Z-xoLyYe$_uBeDZ9e_-_5{|JkGCYBL8aw+S_Az0!RZIT zGx*uria*92lO-Ut>pg$>G%0Y}+=*FK#FInOlMj<_q*2%=C>l6>n(mI5fcxy6hS$Pn zveD_myf{cUvl>g&Ys#}H^SSc6zPneqVOzW79(?O?w_9>RVNNcUC6A&Z{=`mUjQivP z-{)djfaUdxh3ST{7-!}-6NzivMCa0iJL`NGai1RYk%jdU6pT4dQjP3FPEt9iT*Y#%S zw31dLxdyW8-o_)m1r4D%5dJ!bwGeJ%v^5fiul^iD|JATwpeqsw1h;UK{ggq%ZF!zk zoWeQ}o%a5y%#koBFPpIB0Kc_f{jyzqUUj*H2UpguNrBmOx$AQlH6*>Quc|PUmd~*T z3Nk3xsvyIS6?s#5a6j&X8{$e5f)o@txFH8B1jw!dEc!6^`PnKQRL=h-Eaatrw^LOz8B zGgKwDy8D7-`5fMna5q>2abrCa%~E%2HbVf_Lxo%fd-WCk|Fe@{_c)-s(uUeS%fXa? z<+}eK?qV7c7mO;+!tnyDqnioBg_DRHWH+t|X~g-oNCgo%NwKDv{%VC)&`I=;{CybI zIG+VxdA&};M-exvN_;cdIWCc3M&k}>G&7geYrKj7D|=3 zJ9fZ&I-b8pt72btbo5xVfi-{j6PaotWi1ou=+3|Sq%u{e5s?N{Us}^tnRKxeq8>C}MV8MaH6_<#>)R*Xu})lnBg&ZthJo(<-oLU*_ULTnFf zIbkXKs(=)924TD)00m;~l~Bt-@*~?p`a^x3^s3nImm=Fmb2M%!Ekx*$EDwV7gHIel zw7ZhyU8@4KtM33cm!iL+fqAU&;q#N5y`OF#gc#J*R=au*ZqwpV=6X{;)6G$$bhIM# zcfDpHk)`hc8nKlaGZ;NnJIdAQkxWs&GyL(tXRdz_y6YDK##%$)-@${5lHoK;jydcQc^gz=j_7~w>ZHq4vnhdea;^WNf`ZyU|rkGj~COS7WJ;PyKl@s=a z5Hnx7`6DDcEaW%i>Wuz<3#pLlFP+Cp{5Eb@Z7BS9^~wN3O#~ zKGr=z+fjC*(x5Nl##Q0`=dr033#Q_6_<*uR%8U{rcgp1EM#u!3dCd}@GMh_V58_0N z*&6gK7D3C6pJN4~V*eVYP2;1mVSpEd0lJ1N}AYp z7-BF#{vm6Q2}uJcviL*MDByGy5KVQ?kdA>PbSuaTuU2<#m__PK#rgnLTZnx}q9?kR z9{hsu&mBA8k{0C9KadKN5KW?hT6fA#()VR@h+Mty&H=WYawN}dVMP)4kmL+-cJYYX zZCe_qCpATx5$Eme3uU(EaS_qJQiuiHbuf#Y1K9l^aZ)3&%sA^m4y?Lty%L2s7CI(Q z!PBp!T6nGK7$B5w7hjm9EB!Oknmoq)N{js5=9NQQ+}!D9Y)kK@WPRQ%hu;9-baWcr z1hUY85*Lj2kcGZV2D@h|Dj})*%8w4dulilMMASVS^b8E2=8^-sVq*~S2H6#x#K2l6&Y2p{A8*Wy1 z#z!kw$ur9EoQd4z>Kgg8I@q$tko$3q7We&jw+k3W6!?=x8Kf%9jWLT|$%dU3`X{14 zklqvH`fqmzq>KKY*0-B$5RMqC@nd}6HFzpt@vvE{X0JdHn>J0xDedDqf|2{e)Jaaa z5nL)Y0Z=xf?8Q&{+s^UF%=d*kRtd^WiB5ZsI9J&8bf&X~(IEbm4T7ssDP^#eknV_0 zV_NmNT$VP9befFj^y%407KFKleK=wzNgVGKH7mC~tQnaS0KAJZxV1B!uKd*$BcEqo zyMJibgcpB7>0w%~#+hy83g~>q-Shk3v!L3jw^_{9s}*|TXYCI)vZ+QszVjm($?VLdIJ^d?kXf z8xwr%d*kzKZ&9wm+lm|ZKCOlxk;W~$T#0F(J+3+j&5Q)kG67R28NrjA{LO7-U4@Q? znbMQ%w!r5Onc1y0R?qA#NXQ8L^dj)|jNAJON9HS?l`r1R zJGE`qr(@_dsKi)RCo~Xo>_!KSyzWV|4e5`bXmg1yI6X9KE&Yau4|hMw=G%NNcx|SV3reFHe!_l!M#$yY|B-ia2ud=-*^=WwUB3_&2$7h>dBhj6$rOh63` z!udPKx_b6z2YTq?OI^i>yRcXR94=YFr`PXo?L_j+Y|(*-N*=ZMpydJtA!2J`#-j^) z#a_xTf%EfqX-F;iAC*v(S5*8Vet=tBSJF?2qx|fIQ`$fRwHkDy{?I&4wtL?p=W)C- z#J3AM$F@pxtFG=3a;31@mZ4*yuv>A&Lc9+1(r>Ifd>>zO$xNL`YN5-LrW~Ev0!Q$qh7+gD$f6ZFs}l}>l#@sM^hq(%KZJT~ zUg3xDm4Qm?=kCkn!U{BJ>&fY64f=f!7&&_;h;9FSe$Z5{!oB1Q*v#`_xOg23q!{Eg za71OtDI>bhl);Rh6>X;v59mC{cULRvAwBQ}h~s)gf*=tQhux&ms#hq8m2aHgX;MF1 z)zZMd#GDWiqTf>(Y&MR=`L)fwfHsW~|6nTu z_wTu_0B;K(=mCIEd^F@K-qcFMiBaGT6hx$DA8XUAMHyH7(}yCW~T}JKf7! z>tO^9$(&(+uUD((SfE}$djnn%H-i6>qIIn<`la&Zr8}C60W(*Il*U!?0nrC+?`{=Y zD7;r|{0b2!5qygB=9{ecQe}c2p;io+2Lgj%(mJ3aN-t<)*k!HA)fqufAoVmG z0_qortp-beV3naa4mcQk0p`>`dDGGn3rD?hqa+nK&chW_G` z?)i#das{`&KBD3CR2*>{&E?ZG3y!E9hFi5S$h@#$ykK2z4C76&!sr znum`gYX(I*Pr5OEPZvWqk@*G;sEmaB^9LxjPi?C_FEA3!f>8M`45^ToD8=p@a7@BU zxz!d#im_~_u%XP*39wQa(r@&WBYj{H-Vt#hmts0mEsCovcO{ld9GTDHpI94 zd>+^qzJK?&-qyesg?PUWs4;VY{?3Ms;G_DB!?)wL7d-czOXEZp>xeAk3x0SZD!-1( z+bB6o!Y?B=zROH%)#T9NMJ5M4iSVd7=?HtxI^K(F*g;QD%_#A**I&Y{qdIZXSbs+F zDas<1r$)c2j`oX|4}89e&=Y3>_-=JkrGkk#`%;BQO)@jhjA6)^FAa_nDl53ft9;3a z7DIFp71>- zj(qf^raV2XB@dYoWa_Zd(jR)iL~FB~(WGMv`C|ROsjYJ{pf=77D*QujOk@e0_hPX5 zH+eKenHAF>-Sk^XNi}_EPDt^R96?eeQ9%U(2_iwV zN|G!=RHA?+$*IXqtEhm02uKcsh-8}}p-Bz`B9e1xQj>AOSThW7)vldt?`J>NIM#ZDVqtUd%`?`JtIm^e{a7VEUA&h9xl`U;(@?ixNZ^o3 z{s0u}_*~Aw5Gla(1?sWtQ*qz6eNonrnE8O(-Czt1f_8dz9$*F%V2_Dcxr2@c1-A_b z#wkBI19mc|%8|sx zSGj4DZBWdsCN=Zc#lQK!Tf$>(TSzY5Z&(1$QFum`!FDcO4oop^4{HrS@LiPiQUL0t zp#e0JbfP<(5%Jo<))D_$d2CBpL>7RM-FspLO$Qb4!wnh0hAG_vwn5yUlz1gz$a*wk zy|~Y=ZDnJx4TsaLdkg8E>eSm?Z1HHaR9o~;_QOsl?^~U$&Z^y0Ud|5SMLJx|VtB?MgrFXT%oi8h9J>yO!S-lC@Xgyb#wczud3 z`Vn-C@?6__Dd!oess&qIYYj#H^sUsg!~GAaUEp&$#dXsH zreeR~JUfQ(g0rB}gn~rT+E@AH97$TY4V4`~H|&)!*yV2&>psmh9qF))qEzhbC+7;! zAeC(Dsx5zDd@S(vbY0?2ho@!|EK{b|)|%eY6gSUDE|YO-`Eu)c3_l5wJVs4zDvlA* ztEM+4rxYjQdHLkYliP*Gop?_%*N{wn9a;?Ysr?~!Hu;YJNFrdc4RS{naf2z8B{$y%tCVbJKNp(Nv6j#ZtkKievS`qhT%L_ z+ezLtfh7*3^8)jQgc+1fkWU*34d$Qb0Nn?>%bx2{s!H$(|9a8?^MB%>APEOmd7+No z9UlP~r@3f+tYZ(kfJEylgO^Mo_K2s<4Z(Hn-8GX*w z$y%1)FHc4ZicHLwZ_j4oV8dH#-=YOf*>ZXTT@@k)>c1W@xN(7VsW(W^bYLiT3+?AU zH-XIdXg&*vLml0tIzk5yGSMHZ%^qX(7sONX{)?X-_A^%2U&gyS zUK!fPO#7@1*HsVIH>0GA&)gE{X7F9ClFPT6i0)Q5zs393?$gc|(q*RI-KyhV3GOK) zXcoE^j^BBN6%!W+&#z1?IJThS3d+ijX8lMgtbey`!`gJ25nR;A+HOgO<;Y5p#tCG( zTrZmD0~eU%K;%O=gzld7EjCCPB>C+BM!){&qx$Wn=~2-BoH%}B9%hov+nMmF!CLG3 za<_9=(n4qU?uheQ_*##jwB|~8sMW3+tYWQOZ_A-9M$n?pxkVCYv^%TY0w~AG>%~3C z6$in;+QL8pEa|NV^|68By^qPL2E*sOz|INNM;^3EYzPh!+n^08F=n?71rZ}U?t4>e zw;nuzHj>N)Vr?WQXQnh7c(1^W1)hIvK>z6mo4NUE!M*hcbbuR8e$+QOihZ#$0juA> zNcLeLPc3i@dD(Uv>@KqR6)u-QOt=1I@4FILG8y|YB{h|O$YTRtf>|F}NyFpu7{A@k zdL%Hlwp0d2hUNQiF)9}f-ADc1*NS?U{X~{m^o5z^XtkX{edTeHP>)4>m@3 zLa}HEt89G<3c~oOb_VbwTovx7q2O21(HT5{i{trU*=RC7i59JkNc+R#*NY1KAY_N9TKusTvgdDmbil2Vo8GB25QO2?a+L zz(I$8GGh~e0g-OBduC{N$)y)9DUuT$#HY`%njlK(UB3hKZfKVV@nU`G3fHJQ6aJrS z!oRT;naHCwY}0m6?A$+aACcZuJ;CfHn9orx_YrS=g2H8dUo0%~bi>nb#b!h5j4fTr zLx;V$%BFHP1Pn%Y#Ue? zL#WJJ>*)3!bN#Q5@jrFGrZk*pt!R3^4+Mb5JK)CASCYk@lny8Q_*mEsIr1CLV1sw9!+OK+e@F$;@pc4O0gJE%(%j{|nni6pOAi|PS zHo}ah$*AVsT*dR@0)Bft?e>Px2p;D?!n8g_P8SY8vAUt4rPW~xdYmydE+Y4J7}J%F zF#{+}3g2McqbV5zr|k_1T#>nA3q9fW@t-+hw(sz zzkI1#0k`bswPHK$xfWP5IVLwD{Kyx|KSm^=T%7H2GgO>nJSfZwwEK^Z1LoE~8>#W! z;$jg`{B{Z|i#s+pmMu)>wSE-?bWueFke{$9aLlZb1em3iykZeBYrdim9-n*LF{5}P z{1Ns-^TVkt##NNUO>Xkuy-9|J$xdswV%vT9;yLTWhM{8SW>I8tbbK!0`9kffC z{EgHJ1Y!#Z2mWn5e&s&ARGoLp&eDOO_0iOgWc|ay-D~Xm@YZpJDSoEqjtz2*5Im|9 zBg0!=cp)+nJeT`EFE8}z)2H5F48W~VYKM2jaEgVMWP31h&8X)2>IhdGunvsYQ>iZ z!f{Q{(7}fXgP#ls@A!DArO#PYZ9W^Wgt4+Na(?}CX~n#*qRP+eRj=LD=&zWJo)+^wkS*f)Pip14rbpK?dhPVhXV zjLxoB{28qnZNS@${ig5*ZRWqgCx_4-9)?x<;6YXq9L3ipEd_a?|ApvGO+$YypYd3+ zxZt?mqw}`x8rlfSXZ>U8RehQff>j5%g+paa4DPZUEG1rAGDyX#26wHxS;x8#vdez zSxe-?EPwv{|JCv$LaIMXDqxUNAJwdGz@c=Q$ACXg=zG(D?09*>3dVi1sN+6-PPe$u zwkMm%?vNUxEqx5=b{u7#st$CG59A$qf6yEaY>|JLr1S%-9^5%cM@Mf8g)5#Ln-j@C z6#TK&+e%5-rW$k=B4_ zcWhIFY zEomHD(J5lCNF}^_l9>$Cv_OWD_1cIQi|*;9)HN#S?9Q=1-QgJo$su{?@X&zIxkPUd zy-Hjo-#vPxioLOA#_RRqe28BhgA&nq@*}A?Y>{|lJtm1E7TX2MwhrlNK7AuSYUkM5 zR98bS9{U99#@H#9CPXG!;LkEQ$!&J06(uTXfO}7Cgw^#_a?aAx2VFc7`Ls*>>-iO8!LXYkEQKXA|H^z1DGek^NWK65 z4|QB;_)W7lyFslz+4HcJgaaESe*w{mVA`O`TC_-RfQxFT=MO3X9E6~v0V|*?r@0gf zA;n*nooxEAKKYl0B90Uy++b+7Vp0-LGk>N&$rTo&hQyICmXM zfY6J_e)(R<{x8+?A3AdU{L*yZaIoYvwK`U`_uXvE1ikmBorHYoGOX8cTw7wjy?c6o zCbX737KFpx;FzCcE+;AB!FM^K@$U&|U9kif@Iwa%tNq^^$v;*Depo6cQLikQ1W`oP z?t9HaDUe`(-nrF?)P=1Ns1R(WWx_BGNEa@|GR!@Px>z!&AavS~eWxBkLwwnJ>fqt* z18FVvziR}LFb?-I=am=pfe06nr;o~{Qn*45xdN3p)t^k6ahu9|7;RnqD=l%Sq2$H9 zh0;yL|FaTU(f>j|5D{J777i$Q)GJO4Wti<`*$+}?Xy<m)#0BVw!HV3={eU`1vY z_B`=|?2vc=7IW9g+IAKyOnjeW%kAJNg|1mYXrDi5(oL{fGg6k_H578HwPAC1Eeo?8 z6w9I4>X9^HaF}=Zxl|UWbY0lD+ox=X=v$L#mlfLmHAW z9|&cesT?S_NTs@{+2zGe@I|Dq0?t3`~xb2U-TQhqT=$_i_)2_5)8A!ry<&0?rqo? ze||=$HXgc*1&gz}53j8xnSw%jHmMtnC`;)`=f{vl%lFFlvE;DNv1#NcxJP#%NJdRU zmpC+($l#B}8_j|rly;x49(bGv+BIJ*TAWhaV-N25Hb>AN5P{sTEsMOQvq(bNTph1N zW`RiJa5=YBFWknZBmec))Hm=Vp$sIffPf%f25SLqa6~FFLg)WgCfVMY({L!C!*HNX zdU#>>{0au#tW#ZmwNAU_$w97wlNP~lYk)M}NA85-HP%8Ec8V+>QO?g8F{a^x1fd~};_5uD?I~{ltXpnszT3lzfZQ+X> z=%j@4#?!)znu8;QCO>^o^-bw|U6*8~mava~>QmG0jlbcco}0{7^0!(I?_1usxLeCt zRhjjX0!7@7uBUbpG3O%B`n|mWcXjNqOO#3WCVl$snQ6!C3Lq|=XnXfnF-29b)5^Tj z%mo&mka?t62`BDV=6-zVP1b!C$RG4ejU6}{Ir_a)a#F?BTvlcEyjo`Rm?cS;j&tRS z{z#I>`N92DcFE>1TU%#lR{Vzm#b_;Kr`APi&@64Bl_-fmeR}m!4TmYd(iCYrj0EWd z>y+Ie3{pEv=5oyQShLHT8D?)^1t^}Q3VZ(i)4YSrM&j=Nj84#0EsRf(p~>08`@$>G zAo7H(i2DLBgApk>Fo+nEP{dmq-qqYx6kk6IpOQMa+7q^jKXODl-$E729loCdrx4<) zir6;UGZP@pnON;XhdzItzw&GEOjUqUbaURmC)P2S_TzKVqR7&@tfg#eA07M0H)<67kK+6NCA(R zsiYEZ5x)sSMQvm$pt%=5u3f(N2_f3&;Wmvvv|&qs2{21JHM{9ToEu-OOb<+Z^V|3S zv4Iy_$>4;59}yWE+QLmYcWJ>*{#1eu4R|LC>z^*Wjk4g}K(CilVd7#Yl`d@BXAR#yljTg8qDeZBSf5G`fke zY7`7E0K4B>WG%6;xubOFM)LpOmdgoS-rxKMzh&DX%LXpQTZ^RVVBPj@YX~TMNyJu- zm>LcpHsa>7a^!-{&UOw(OXk^WJI%Mkx)4a}c%^>o?`HT=qG?| zKu&VxSw3zzshkEBako-Q(X=4L&?V-5{Z9+lpdyj>Twf4%D3lxy0wswOD%A++_6Zd! zh<<1hudDrbaO7dRHz(p4n7-9%2*>S9Y3T{}Pgjp58i-6Q)Hi5UZURZlR`v^P#Es+0E zM-~uWF_XD|JG!u>3J>hJlKqf1of%_Gk|}U45@olLbc1?S0PmD zIW=UY%mg^gta#LwW5kXc)imS~)@x|cmtUZI9kTO~q6X?2BUy#Q`#wh`B z>WJeu1I|}ih6^u&3l)cs2tbSU*x#Xk_?kCbn>p@S1VmcsR4ycWV0hbKt&K+Z49sZ* z6ynkg*Fgmr!28lt0wW>TCa03~k_UxJ{gZwICkxtyn|KT1`lY3%h{QW|$Vb?Cxg01D>lNp4E85B(i%5Y!SxzfS{7>rq zqrvYv`Nsyo5`iLp@QD<$E%@*|)sZSmoP50HBJcE;a~#8%IQ&<*0~hf2N)s1W38=-t zsNX*YsJ|1v`7e>MGFt~F?QFy4uHr-OD~r5 zQeW82MnZk+w~8EfpBPrMC-*K>vA%0t$wr@yaXCqVtVy}vJC}-N)Wr$ygOYyzMMlxb z5rU5w>Xvu4<1^&fj!P_O!N*40)>D2cP5s=ay0A~GBaV4r zZp{U7#M#+dw(tfpE>vSlITV9{TVP}I<)v;Zwi>)K>w+rcL<~aB7nkn-2nU$LFfXUG za4?~?^%7-(SO5GeHGOOv8Dcp%AF$q>I6cSu{L`n7PjCos^Cyw`~h6DOy9BbUl!yO!9SuN%VsWc_|ze+p}VufyrhE!Re)J%XSckV4kLiG zqF*pT1XnkYnH31|cd|a--4&3C53X%;9^2-Qs-I0;Nkt+BCYuu&fBNaCR0O>AB`VA! z-x+|2vXjBg$-%tFpa1u24}jq$pl(NaH<+aRSXyib8T8y(p3Ab)78L<_^}`muMnXTH zzN)%a#&30FqjqUYBimpIc-pGVlg+VV6sR~s3$@P9&hbNwuNuZ9o&d#Q+-L41a-?~2 z!}#2|9dK_U%;Izj2?@A<6bh3OTor^s*t`{V4O6qIyVXV@uZ(_QT`gmDVs%YkEa8P- z)d#WMdni%!=J?a(Fy0p~VhI%Gae*Ji!Tq4(EdI~ZIH(^%tQ>#wWDt;i*WxhssaaXv zzPLdYuI@EDOeu{$JR?-`LW^EKL7LIm5jMix+ny$tmS=Ly-5m#gF|%MMOkUsN6KPv( zD`=K-?VqCx*bxi^d_n>5`-lSX_&W~R@MP#`m zbAP@V48(@`dJ6cX=aq^2y#`u44GU4V@mHNwz>8xbiY?!VH<(?f3Xt79J*Uu$zLS@IU~L9kjHw3jw5XAWU&Zeiae!h76>`IaH0f(Utb%OY*Wt^MbbSZaNON_~(8* zUE&1$_ga`u@yc_Y0;q=YB@=L^SyQpZMiEEO_UUiw)U=npXx7RT&&Dv*k z8JuZ&whi=P*-;v;&Ph-8W?-9lz zh-Va{dDTlx4pQUT&I~Qb`CjBEjykXYbpl!HoBQUU=}E$xy?!Qzv{OR@_`5QcxXGG7 z`PjoMKgTN~BK6=zpz~V^5d;9piBjJ$* zGM($kS6y6XS02@EVg`6aCnqQGd@#NS2BCmE4luiXaXRd>TnW*6^ z>7k)A4i=A{t}kW`Y>~M+<_rbkTgmgJPmgS;=H&slv#nPpHV+>17?fT4K1t+uWtulk z(R(sJV06%)jF4#(@fHNw^g*P629K9UYjD!OIH&oYY0FL#Vb$c=O9ZvECXqB)Ko+{X z4LYy%L+1J|PJ|DPs=U?AX#0R_nY|0%Dnq~ZCGMG?h9;T7R1Xxtkc%U4Hse_LxPEmd zmdA6ToVj}H*ohOXbuvcwJ1btff#iCyy0O}z)Lh<;MQ<@ywDh zWCL?nkfpM^MD4`;f#zFeE3@^1A7}p4)*`|oM*`#q=KjW@(=3+u5?E&zqg`7Q{AzWg zf*>@H!=9dEsUC(myfMmAkift-%OeZ`bD?XA3nVn1Ypn@A-ywKJ3lPySs})<(NYi@Y z2KGm*B$#JZz`&U+b*2RYUKjBWq?`62-K>KzR&d?Z(@RZDI}fy0}5yUVHxfUW-9X3I9n&t(;-NM3xNz8?FuZq?FMNPdJyVmd>jcl(f zC)GiZ#0GZ!XV=Smb zLE~SrPsA9F`TbXgW-dJ7=Od~Ha7F+PfG)N` zw0mej-^V4!kPvCAm%8CflYZR;B9s*SJGH&5 z-63s4?06%usT$F~A!hhcKCgT?tHdCk->!)CF3l9j+{c93?an^`vO}(*+M%HWc@JYh zqn%pTz5Q!&a90geOJ|Q%0t7LlSqYyVup<5t-2?Fy9B2&_iNz5#v!v%0AjBCJbm0;7 zMF0Mfk&hs6v^003=ib8RGo#9|r0Id-UP{JXJ?h0p2}%m7RkJ;dq$0a>)49CiA%chI zST?aeW3M8EOfU}z#-2$Jh-O~V-1wF>HQSsZiP1XiiAgSkV7cd^D+c5AT=3$Mmrh|} zp{%pBGq@3g%(7viow(tYQwyO9-njB_&oLaj%-|wIWe6WLv)EZ1-f_|PTKL+%iA@@O zwZC#BREkv(&hnx~4}Vvhb*nGeM?t=3#i>YYaq59*Q$MH#RlkQKjM2{Mwm0Bx%K$UM z|8UgJ?Mf%6e6==-=5T&>Ty;dd|a=a2k%nthy4Bl8-37@uWdH`pgQHkwpLA2-w=M)6i$a1*N% z1B!|paF*x5^}IN((qS6Hd@&J) zi*P*pg78>-Z5X@4m=}d4bC`tx(nw5eYd;;FK$UHp(n* zZG-*EVe+6r|F**lJmcdU9!uO>#d#inDi`={XNIWvro&Es6<%j`)q*|Tiqo=Z!*?RK zWaYIh?h`f?^XXY4ljNM2-&&KUfhfn&u*XPt(iELHo{`a{#`R(IHfnI2e6l4lJ<(5m zZ#2q&eC`FuH1=B=8AWle(SDQqicoj1O|W#?ZvWwl3z7?>n|O=`X(d2Wtx&}i+3*a`z+9r5%u_2WBu_Gn(d@6a!N!(wfEYrA&Se!S zcdYhuwsXIlYc23)`=z5!NrOFq3_xNS;0A4XvVEP3L@FyKSv+jCu3e%5_f;7I(rwQ& z6Kr-_$;Rt0q*=o&=(^h3)di8R15axs(kDX9}Pi2&Bx7PwRubydbAT21kMo^Sx zWn`Rk5#d!1B5J?l2Sf`ku=t6@PoF+PDY1?3eyaOwh6tOMG`nU7gA=rWjcX(~Zai-5 z={Q|H{DG_6u#o>XpAk!NaBwPAv0-y+iAe%EL-CV;&KaurZKsC(Rx%e4h4?i)`>_~N z*Tcr>9T@4e3m@O=yxeK^yv^?3K+-*{jw@Eu^GSV+cx1<0gC`fn1YEUrWlvM1++;3B z1f!0g4M{jWfII&&2@f9kWfM`R6GtZ0H_Ry-Nrw0|Z{Q{K@+NlH4@QYUe?1vi_ON)s zar77e=%l1j>AenE>YZF! zu)(jxcYOobi7_+ryV9KukYPY6-+*&-bKjlDwj|;=M4f#vWp;hKv3%qsVc1dpRPUgE zXajrKW_OQTT>v$QiMO|ebDrL@L3DDJ77Wi$I!yu?lBey-*vZGUnry(2(A^%Q8) z1xD?!?7HJP7G-mUnZg*^@{^3waThTp63Jk+^^1zc@`zcygvVu25=pt2BagiE zLZ26Q^VLpL4mo;l!m6LRS=qE7!f-mb%ewZLU#@#gh_L!CNAW2j^#e?h?fZPj1cDw1 z1BAIVckEiuCVF`LdVDlPXiQ8D#E;`t%H)6j+BCN8ksYxvc)$J~w@a-vE-7fc`mbM= zzO}T}3rc%ml9Jf9(k6Qfmy9A%-6!uK7Us*T`_}2;jmatykd$P`U@*6`x>B^cU-|#!(O?!>EpOBX(}Kt4powFWoW0|;W2-MI(IX-%-{{m_o^J8xUzeuapotqt5^b$ zTXA6_4LLbEZc5ty{A6>EysPmvWo6hUg2JgAue9G&3F#VxCvNJisH)bEkDHx1aYD9K zznKkQs;@TPoJW-Dk>B_BVS~hKIv0k@>X~!gUY*(8@^Z%QPWds^Itc~VE)Vfp6S!e| z;Ry2rmZoiUiQUbH68lNZZ_UjR+md!x7iXkW6g&LpD}7hKn>fj-UxgPOoKgID{|46QbGW_LK&*ek?MhrzbX;7J;K~%n%Ws9X zZDu@0pSi@xusaS!>XDO_@9hl(&so*OeOEq3Gcg83*2={6LMe@^)SvK&vhM$zU z*KEqW)4a@0=7MxE80Hs$a$HT+aEQo|B=v;SrDcDr3s4l8HbuB)om$HYb~kooOWbTX z5D*YJ6&@abcN_|2$UEQI;4>vd=Uw2EXQdDNR{CFV2yW+E7u?vH7u>`dg5@Fq2f9<3 zJik?WZ*Mn&uU&{QQ$gafjjE7#ID8;ka1)%3i!$*vIaj$CiNb&~I`D=Ga#*fNB@o-b zOs#~SyD6LtKZZ6?|I$L_oQRqH?HiO@I(5!%?%6fZcu6ne*HKZJ7(aJGIw^x-r=kmP z#iptvpd3A7d{`=I(Dw6Y7-Dmweleu2txeQ%OcwYY{g6T0zI*x^9YohFqma8M{RJIiO_Q2FYk^ zSs(7;!Jq21j4DJzf=|=|e1fUF`zDMHzU3|D6?yKa+p5xaxVVWEp`=Z`V#5b5#1*%w z5ViF1T5NYukLmsUXK&xWJyz=HEw0wWCr1d&`5hP0gwzRtrq#wyuAq{(gPI-J8I=ye zY|~(c6HZr;`(Gb-D&=t~?)YL*rt=2nBg(G@bp(i3i$#bVB*Rc32fRCPXKKpcoFER% z%F4oFlDz5dE5%`3-U44ItYvxO>CPU0z?7J>WzwnFw#^F%njl+Z@w2=fG^nbo`XDJ% z>AX^!CS7Uc)CwwOFpZDh1^z+7T8OAgm_z+h{nLc7v$wNV;*K*Z$6>w8SHI%htX;q7 zt(B(w<&dwoOOq+M8*1*uecb;X%YHlBasQj*ix)4ijL^y(bUU-M$%mZmIkF-B;RP|wjlHSLnp zXD6H0_S~+RTC4u)SkQ)Qon-i90e=3Mq)-DezuG_ysIIV6>7c3{wmsn}dMlW?;pyJhTWTleSs|ptJg^=h@ z7R!jVS0NLcEpD~hp&~1q(eU89LmMIW-()Y5_k#;w?ew(ey6eT@AiAKtBfPtMC|DS3 z-rikgw{h{HZwCC;Zs!Yt@S}X+oqcDxl-p)$_6Zdk8QD8H_#$X74mX-HvFYF|Fxir4 zIHdE+o6a~;f4MK60RB(un2~iU>$4~xsN}iqYQu?*VG8bx8KuvBo&O&F<;xeLLvX8c z-kYx)G3HkOSi9S;#30)E!{Vz$NZY>{c%~&;MOb+)<@VXs_4nTs25v63%UZ6&FjO$f zt}eYX%EW3*Gu!6MSi3npLlbZrXd4z7I039I;)+sK3&$-UI+G9gLPo7G$}40!+Pr0e zGhb53(Egf|46^G!`nUHSYkv5FT;QhcHEjTMG(oz1&>Z(y#JJ5UE-Ftc=M7CY#U4ka zvy%zW@Db4?8j!z5lr5yf%9W)%stp(_P%bl?Ha0e&ySr}-w0|{1430~ zxs>kfX~ie!H#mcz`)o8ki~kWJd8(HsUAao_v8&Zcu4aa8(Y@e%Ij?ucgZtOy`Ru@H zx7e_HGr3kD(W$vOS2L5*Zw`3GH4p zaq9^jG4NQ-rE?NQa340@>r=q>dpVPhEl=-u;N~b=Sbmk?r?OSmyc2x}rvc63&~Eps zvH|=1E6^Q{h%OsNS91G{+K63G1WPZXx}LldH?M5JFwz`XHGxu>qS;VkF5L?FCSx2| zUBu=_##}t$%XuB{D@SC(RKj{$O6KrQ{UdK^Hiw3*7?iUZ@nsvSHAS1L_P!oQJ^WV@ ziPh_0&^a2X%22ek-9&c&Af@L<^bAWg@|7=ts>IIB)T`C8Z!iz{2&t$g8y$Xv-JUo% zPZU;yKW2m@uaEC^kxK`al4s%bpUvP#H+R!nhoVYVm6BOW!8dW*^Tb7PL3hAvQo7gO z7`{Y5$ucxHF*o7d&7DsoECCs*kG;h58jh|O{M>3FofJa+!6Byi)#9v1&slfo2E589 zi<8{>SxPLt)u*nUM)<-g%jPzy^C3>UKMLr;ijFu$t7r=M+pu4hEgq=Ia1B2fV87dc zhz%~1Ha%Lyb;bpLN4>d{xXKJ7(z>egeJe>r?}f+Fs1Keu9;$>=)N6$%z5qfNSuKBd zl*#SKH>eulN9*bb-r--8w-5Ftc~ySGhF%*sJUMprmchu;dlK8q9k?YQ_`5!zcQ=ZR3&Iw(Vfip55S+Clba%+qRw9rlYBG$Jb(U-0!W~lk{1J>s_zA z>#sWyo^sc(U-^Bf@MV*0-Y*S~Tw}8xYjQ4(i?h&1DN7?$58J+VGg}r&cRQYFWVX#n z<1+U!&;9y?8rye%ex;gzL#ghr@jBk?;Jwk|>*42~uTg3(X8O|$b6`Xjyhk+=lXFQG z{QG(0^6%Sz+rD$pA(sB z0Az#!=ZVV?7q$mtr)lIMACrAh{J|%KtbF+IU$=1$$(X^YHCv^+S)5t7&Q#abWSU*b zvBeN}#I$&I7cD`D=wd4{Xe9jIj~I2`+Z zd;dj0*@rNQ!FHUpvvc?G@Nj^b`hv39J5E`l-#KE=bDb!D^)>tF>Xmng%F4=&&T(fJ z7G7|#8q<13G_anjiMrhdF>Zk-|J@~70%tp}KhzT@vh&Glx{FB>-K*X1rLi`rWrfqF)-PhOm!Hp>Tc!D&Rig<=o zzTIoaT0^?LU8g}s@pV!EOFun5J>E;f{`Ai&#HnW~r0<_S^~H>d?w<0dT*GD;$SvDm zf4&PayOuWumiwm7sL)f}$H!;wO--*(wgIm|xZp+M>?P?->}ec)a_3^x#Epnk`fBG+ z?oG=H4q&XT_nXz>19qZ)?sQRr2eFPnFK*lQI>K+=$<;N!%yCf5)YO#s5^~|4tutQmpYT34@L zJs_l}GQY48P|q|v|K-`U{}XTUb>}BxqHfmfu=WIx^${;OY`P&Tq4RvCz8KGoD^l*{ z@7oee%)v@53Wm6Ul&G#&%FM~(XS?ANl@JHxtq(t-n~AFrV~>VHp)yV|w2hB$pIH}# zG-hlp%(`g@Gif1wGd4B3ZQ7*F;qI66@}?c}$U}qUWX(6aiOoEYB5=v&qXA`mnd6?@ zo^{Lijgs<7cxO|K_L5MzfPyeDAD?x5iWC!0i^&}k(EU*SoZ+)|);cuD;oPQnWo2dS z_4)piNA+Qw>*wQ9Z^bPm%q|EuTA6Fg)r98{Tmmxh;^m!Z6K5Bl;@zu`gzLi(+45He zAK;ZatragQu)eU(mN3=dFg7G;ADGx_cf}-0OF=Xm z?M5hio#N+lWMN(;xsBu@R?igt4}JE$Y0H{*GJKB<#hTl;#{j!&taQV^FE5vih1!-5 zH$T2KH;lR3Rg1jU#9H(HeJ|jnsq0oa3FE>TuZ4j|j-pz5m}TY3C@*#^+>S-RVgM5s z>f0r?(ee#y*5N4S8)?Vu!#U!!v$Ibh*=OIUlH8V+Hs=Z^m%8qOFL=XJIZ$)=#9pZJ z*+e@RmpEC+frh*C>f9bMh;UTd`m4M%ivwkq$Cxpd6Z~>jjf9f&$m93p%Lh5R}IRxKop*^b1cx4PboCQ*0Q^7mgSR5wKiroBo z=cHotc~fq^q=E=n>SlTFozF)3jz54;{kFYGB&1`5{Z-2wY~YN5AQlx9wU_D z7o81nPt^TVRuE4k9Y1Odzo-fb%xbFnmC@-V@3XVT*rB$UQjNz#Gsv*O=z=&FuK#b_ zfvHBOirWHxbMF3UQNdsvBkI~b<)mePGz3v;Iyh;?oUdY!ow`{ar@hKiRpK2Hq1iHx zA9NDl7hWLOz~ap=B=1IBo?!y4$8zX>rp>U-VvCLU02lzFisN8m?A^S3jiewqpL729 z&V8~n%SS1tOv*iQCuD+7bnwf1atSeB$+Vj@%pc@&U+DT%qB8yA^^MoD>e@-5fFsMOx3Mg(P< z&&$gTn1FvME>+(qIesO1rsGY@y zWb4MLqb0LhPY7kvu5pkOxmEH=`o)?v%qRaS<363J^uBNSFkTs7JY+kTl5+9UmA(P7 z;29!7|AZDNw@47rucvzivUaG#z_m|-INJK>_ZM!c9i0uaKI%u;*F!}<534?Yk)*+N z4rS4sA2m%!t9`NgEm8rv=P8$-=*q~*Xui97Jrp-wK&|7E!3cY~vK0HjP6&gX2bWG4 zgtoQLT>Z@n$>q3fZ4cfTx^zvHXw)$MIOI-7U7ajcs}JyL>R~Q1eX#giOi*PiZaY}Z zW4Q!Q8PW>tR-XCIm+yq)^6nMrhT<61bUpx0u@FSkK_=TQUi+Kwn-rN5;>I?`MweKl zw9L)Tr-*(U#JX9v(S0l>CGYCXoHCNhZG;{@$;PXO9r1cafhQamc3+b-F6}LPa)oJW zzDqmLPA|{exyF`Gcs}G;aW-45!6S?;ErniO5q7UK1F0r7ck-MLJ^3kXr}69WN3UNh zYZ)FN7ue5zE+TC?m9GNB(C_2mw7!mhc31YYve<}nwN=Y1&R8+D;;?Vso;6KVM?HSO z6*aeZKCz}ZXKq_{WoUq;Oh70uO$)sXZ7E3_P+~3mM(_NjLEPBbFahvu=DiduUV2@2P^jmSC8I_? z7BjYCXXZxRQ8UFm3jI^t9DmR2mK3nDUHfEM7%2_#N9p^6Uims#8kKd=YYbc zmLW6>4OylamWve>>@=S?4 zdMgEK*Jx8}b1C(h+6Up?@&k?YxB-*F5d>FJEhT3jMBi2h4FR2M3S#;xhcdO}Z-nB= z5H*mIVbGplV=aFXw)ba{p|Xxv{h#gdlrE#07%nKhR&d) z025@}0(3sI?-_3NJ4uP9M6mn)A4Fip4h{a9hKz)cObYVIs6TD3+)Rsyaj8?M&D|(8 z!<-5SJq_ZBmD&wO8!i5ePn0e z6~6+%@vzNlc8;bMVRphglG0nbg$u_H?`p$-!P+#aVYQl8@1A#C2=u_xwc(gW8di%V zwjw=9b5Y*S(-VA8spPq6%dwS*AO($aT71X0%#~B;W}|P%E9m$@uEE++GRDz0P_()& zaiSz}a3zmv*5os&j)*B*vPFPp?U!1=wD{$LXE>dFvIq~1A6fe|AJyY8)>(mZnj3IE4`}c?Y&N{W*4X{vRuupv6_aicVpaI z_)xLOxn0$<5h*Hep8lPJ4BGqa8>8~aXy5kVi0}g=&ViZp&mjH0+uzCwU#P=PR5D7E z@%4|S#Tq}N(AQOs^DTIM)He0U$Y1gDrHcLoeF}5AJ2LJ2UYgYAE6OrvUx=f=C*K3U zOVk-b{8l4vr{*`At6+tjs+`*E$>QziF8eSAEd!ZCDI zhTkvUL2jOQ2gz5tYNu>*GW`25xyL#{-*GR)wF@%cnn-xT*fN-kE(-w3qm6HrMij=w z0fN;=#)iZFrRpqA_dzY!<|U z8%JRrYllfWU!nF>4C8T0<&~sYwwW)BBC)oHhBJoSf9hqEy0 z)bG>w2dK7#V|-Wn7J4%RENiA7;FTz|3fRq1?6P8K1K^;@%!BE#n;L{tYfdB;nDNPv zku|^MyDpF_kM}mAEbACCCdH5Mj!~LDq`WXvZd1ayZ>0g&lCK-pTPAtzPs;hWI#p$0 zVfd^^FG(I%mD3(YG=!&Di(9`Ac%!)z?1v5gcza!eu_iKkK1YyS@`A-tj?O@-Fqr|A zTeyK9zCVG;y%$QFc{CCy6&Q;1Dtn=@&~SC~8)^pp951w9_F^sdBVEl9cJZv3!Lj36 z%kKX8)RZ+`b#JH2^m9TxwzC7Zu{{8W~7k zUW!^+jxWg!L)Ziu3?%PF>!k}2UJ*Hd$?e;>Z-cz$eyA&|)cG`PQTEN(1z|f2({>aF zGWGTtM&_Iv#WgvrWN~WfR+ma7Pm#&^Ypt+66egHjdraNN1hOa;d`wmKaAuf%6Ow^` z;kJIB1C9Xl3pg;0pfOl7WhMi2}{5oIA z%Zfz*oIHyfFrX@)U(`8OsyFF~L0%9@Yte*E6L|pCFZl16q6s7ywKOKvx1O1l_yD(l4(*Mj`qj zr-yud7v~76lC*PmLM@e&L0bZZHKN`m!vb>EGg)G8=y3h+#$st!MKxYIJybq z(-#9YVHE_IFT)vKJ&c=YV zH=Rp+GW^^J`unfFy9u^Lcv|RNf~l~1%a2QyRn$qvsXf+(P~kyu==n(OLB*%=%{8_Oe#Tb1<76sXFJMN3+hG!kSfO9Hn(v>5 zxFZv8Zp|Rw{l1j>tj7fo4r`;%pahQyQBXozZsd6>>yhW1i{YKRS66jTP||G$j@qXC zUZ-M%sb{&*-7o95KoT1{KD=8hvV_!^pRPj)Y){*bR;LywOd^BaZ}ajS#&K9Yy)x#G zAMiMbr0i$!;4NnFqDuz=;I8r&W+8nVGjFsPZ1hPTaz9;nV@n3zktLTV~;RNxO zy5gBaB(}uli>Cp8#3H)x-k_u%LV%;>9qS|l^P3Nq00T=imD6n7+VFHnFUU3Y9CgGF zP;gBE=wn@mnc_~LVo=HvF?YMEsnY1GNCH~(LRu_?*bmR~IEDHtEsheO2zcOnJ)ogW zgHVPH^r8Nk@o6ykfa#!WZ*@^q?%x*K%gY#yca39%rwB3e)$HlOE5Zv`v((*j6hV}r z+x!LDIEGu}gYbRXUvxQ36fnQ4#KE3B>Y*$ZdPDjJ>cVNDM%a!;D#$+t?r@7Yls?8DaV9l(9=c% zx53cP58ucj7mEsKEKjZt&j)~bytB8DQDS-k%Gk_4O%qmuH_(OrCtvvDUSxp}#f5fu z-Jg$BUS`m|+0Y4h1?8-7@ymJK$~VQp=oZGo49fDutsrY_JL|wP#t<>hdGYr%SgVb1 z30Rad%_Vct!M$p;jr5i`*=)VWq_o^C2Sj)%i@dZ$AexeP5@jiw?rDG>|9=BIG^I4_ zs~6`@HPY05DS(%guyA-RIr?5hq_)5@SJkDJSYRSQRQ9H*(jDsCya(}W@If_)fUa2q*blzMr*Mv{-q5HeAx?M^O1+A zXrA4`^}HR-_Xdc2TKG+sUYq!HrZPt3>rRQq3LO`sgbQi;RDJHgsX+`<*BzC8svU~M zD-fGgkWa5|DSJ1EP#Wk7Q2%<0NVsg%iy1)yOzl**rvc!i6s>M~b|ToZQSjY*u0W5N zBaFAXL@%p1^yTp>E*wylak|~P2i0N%uc_=0s@IA=8(Bg&%SGEIG_lSsd5b(5HK?)5Kv&D-vy}= zv<_uyBJFZUPL6o%w0r*jQn7o5X2*GGGhRlwO=FnZ0IdGsGDWC7b|@YMn$&vn320b( zQPujZiFI+p5>PrV(K=4#H`X={;*!;(bP`)*wCe>EX5Hhl8iKIG`szJODqy=7?vB}g0S_fVA2i<7`@ysmM zgqGY<|~=_ByZbv(BKxMB4$)k?U! zN~cUmAnhqeBZVQOd`yGy#m)?l3+a3fo*eo)hj(6e0)a+6P+i)q0i;lg<%nA!`E!KS zr9q-JTiy=An95f8*}P+tqK*`KjdWyYjFQ%!OWqYo^Ug;R-ua{-!_+L6+fnM-xJCJx zT)*rQ9}A~$`IwFm&bg{6XdQ5l$OEx@y2O2yABa6T)aX~38%%3~El6Y8iYB}uG}(eQ zJvc+!jmA*Q<(o1+cp9*s=X6ox8pQFsK?I-vGu*g9I^i9WBlcH<1jMXI_Pt=nteQV4 zK=Ekyu|8r2={T@2&P>N8(51 zht&AT@DCibBvauHqzgz@HQ#T0nLZZFCYXky_{)j~)dM{O2zZb}w0b9oSS9c8-S$f~ z+&QZ%<#hcjgzSNjV&)Wzf*92kB_P*FUn<4Nn91?MDXUMq%?lg;MsOoGKi9L3u1@N~ z{cL$P=mUnXH)e7Rf0hHH1j!hmtx^zJaxxaia~e2;g0#nEXHtVyYm}w!=uAcw6_X#Q zO-WePsAFH#XrnU|N89d|fA~f+Rx0O~QJ?(LLP*9do(}>tmQd=rJU)LUM^IjxzF2FG z{gfuC+c_@aGLw!kAC`~nZG(hj{Z?vh<-5_3RdfBukb2~ujg<_cU+lLc;EnPa;lz%xFc*lcrYP9?rQP|*g)pCBF=bvsV+G$`)_ z2_VG>qe_`&1)1`8^spUbO*()R&-qn3?iVN=h<8K>Q%Hf zGpUjsz4$5(2jAEj4RC0{4xERa4IzRStKkDJ&%+%M3A zDKv-|^`98JnWoj9z`=1nZVDq{o^?90H7ypn{SIu^E(xpdp8nA>Q@OOrt!k?;F0(_E zLsKIyn731*2g^N=>?h}bY-tKB@9;gpG2&y8p1x$1I~PfMt0>(RF9hF>UYMWXiLM|Y zImXH`ZCl81XJ2ZDNF?g!n^s&%0#zuOI%=T_!vE@#1zzu(=8fHGLp5B+W-l==whH8+ znA-=Qb*{>^i0daCL)rSXy0OZFn}O|tE;^8Tnyr(R9ju{4oiNecyNB!}S?86hYHU6E zE19-(JORtjrmt^_>6$qHi<=m;#I)n-o@*KeAi4DGXIfr8Z;>STn-gYx_k-}Pp$y}- zVdOSx#0GZd4J-qKenxH5J6+?mBnCF(#vgP+7H8iP8V!*mI29>%1hF)Bur7)0Ai7gKW{504InT>W z%Jp(_mb%KjkXfD*Kb`l$Km2iN>M>;pyK|<)oYT6~M@ep7eFQ>P{M+=fd?5y{shePc zNogog@R(~&^3AGs<=k=O`*7CsvdQ?^R@7k8$CfNdXP4na1*Eaz*ECilXxsv%of?9cwl2Z7rC{ z!&liFTV)q~rk|86kd`MFvZI;XlpB2VGN9QzXXijzs<~4iC(wd~A z9U%@~wRg@oKHIf_GCKekr!4fAXFW7b^TWsaI?5*1@-3f8ID1rQAo+9do$_1AiJHCT zjy^Lm6^Ra&pD#Bz)oD*lO*XqrvzsiTGNK(SS?So^WZwW*yV@XyZql5 zl$|;VmlBSHN?pj-Pvs0{;{e-ipw9smqqi>5SQ?QJ@$GsI@=e}8KB&pYXzZ&h$)@Q+ zbmU02#w&FHVytQ0x6pYjYRV%w>f)T+BFHx=Cr|JKCmge=8ceVI*o#q+o}eXJW7&+y z4*RHX>f_hy!(|$B)K+lKgHw}u23~UVjrGC#!Ake4&!x$BYM?e!BjeU`T-?Th0(QvW z?MINc)#_ABcUM;zpA5*Ly?PrMuWz`Dd>+cuh26P3|FZ0_LLRVXQQ|q*v$@LQ68T3V zPhHP6hzDZ#cc@&d)*UD0@y#@_`=}v|mpzP~K7pMC!&=f85Mebiw;n9aYA?+@?3eQU zp6k0sPM(~!96RnfP_7k>T8ff|CTt5S*#AaXz-WFkf&`bAW){~`HwpG#wZF=i^sI59 z)$9aIcTo=w>7R&%0?`dLiHsdx-FSj8+BiSHx>_S3>mKK*pxg)Hd$L8K#QL-GvYWB1 z0}yhc#!4jfUEwju2M?^fdt^&I8%NL=Mlo(R{&hI<%RiokY-|i1lg_`;p&I0%pK?){ ziHx8g`;U6Dv7Tw=PWh2 zA`1ZG_~qreCv8cM&ra!K)q~w_!8X~e&OyXhWL*OD;Ty+7ZhaKd1v?tzuCT*gP_4#> zNUls!I3Cq#1)5a$K=D#Otyfs8UyH-{-8q|hI=QX8r-xH7`9f@4Ven~~Y4O>4-re|j z66NQZ#yTYUs}#?w_lE*@wnZw4x_M02;SSh((f*aP23439o{#-s$JepEj)>>FdzsEJ zfPQ~1da?u~86)B1s}R+=)jYj_#{?U5QY|{SPv0{3^e%6lL+MA;NCJlw#0}##LU&&S zJzP^n@~`5t^2%!(#6eUS^W&vN=CO;|jc8CeeoWd%pIMbxVxn*TM?JO==E$H3D@Eql1p{W~cqT4A zJ-y`V&+oog6R$TLV>z@DCOl*aVZHp+!YO7^O9ZHO%}39yopm2I5u&ddby;U7K*0@sT2^S~B**(>g`))uTnU@(}B11KiV1Onsr zDLpGf&rt%+a)KvOR}M52)cEeo7H3Xz`kAg_gz%+Q_gZY<4(s-acT#SX4aa2cZuSif zXsN+L-7`zSi?Y<7z4wc1 z5U0*1>X!Jg&zn@aKQZ%}=_L$FM`xOt3ROYBdw0&U|MEV{&en1B?%{53Hhn<>RNW(| z7(rE~rkLXiP3_T*R!qdOfxR770&(7{DKD1J^?}Pw6S>~uUd0dGiK$XdYP_Azg6geH zeq{B7egm*SsJ`uqQ!2o@0L0}gvnXcF614VGftDL+HB|hF3C%J#7N(|r|5o9-HZ~w^ zhd3`>^e<^9He1mf|9dUKe>N2lf8PgY9+b*6eRFvDxMbbhEg5-vRMw!nVB5WdXe;x& zT=KR+Ij1xb>KOl+PVqAZNw!0_0;Prr1e9c$b!Y7C>~&H^pq`p-N@-E4;>t&5Fdq1d zM3#2?{E$6*9qfi1T}bZD^#d)9=gg~Rl8Rg+^IU>XCKWhDS~&+!IqWN%Q!;=1i)Xk` z`}kb5)#j8IIs(8@QR{$91T+2g<6EeFRO*a-l_x|jVU8y~!w;Eq;3P{;{p*qI?{O`l zWws~R&(YEGoN4*F2M-=hwwl7@Ug!<}tzqr!&d-iaHx>SS!y0u~*sb+2wl{)2RAL=q zjr+Gog=}FWy{SE6X)hEnEI-Wb%wyf?i*xqf$z*ne#X>8}${JUv+pIy`uNyJ26NM!v zXC>v9Yn;eSL3&Kr2D)m3J?j+C8eqyix63 zGN2Bd*j*y=pV{fZWMh5tPKd!DoN3h<#q?H{jrN|(rEj*GH8tX^jU&x7(aP&1Vod4| zIS)dEbY^G(h3fMY!vd`skyovnUkZb!onL%3c@Wi}Ah91Bu${%5E0)^>f6aMyb+r{} z%9MnkU%(c!@if%FkT{vp0_qTA%n)5ge(X%E4O!wkom~AsFHhRvzg6l9H6kVO>Fopd zxv@X%!%?7|HnY6ET;2xOHhof2I#u5v0lnHq?a%e&VCfFx?%d0=4nSAEuc=X19W1hh zYoQa0I?q4g^1xk)0=cJaVhOR(E5fT)S2X36FE;|D0i6#z8Mh*DRY_FWRKL&3;WQB8 z!~U?hw!%n-GFvs-Q|0C4fZCI<64GmUoANL zz=(M3;}K?i5$M~~)YjHkK~^fld|mF>R{DCizHX`GA3#5GJek&ZO8xk0vke`vG{$GT zxDwqJTN9JjRo>@}rFWEe4!v{x`oT!b%`*^)g{GCC_11ua?Hg)eLLxNP7^|33Gnbr( z_Fm*q)fUSjR`<;f9Sm{kQz1h&(Rq)EAaav&ngCJ8($Z2%d6_EAa)`fE^1gtcasEQx z6)~c_o&4wFW}8NIMd-v$5F1&A=w^w(zZD6HL{)WqB3&-lDJBqgFt!B?n)uCyW0N_K zUwWJ;Ocb>N%^?1r0;jlSFh&}9rh;PGa(&%)6f}aiyn+}^)&$n$z_Aqr!1!PQdAdPw z15-Ks-VMlim^g%X9DScvApKwzc+Qp(v-a^4n`sptDD=-NBc}v1eKM;ELfeNR&M+vc0i95aC-n!D0z0?Ol+w~qtVEB(VzL|u@Xu4r zRU0c0#}YQUY+V8}4)5GLb2IjpvBD#w!{ma6hJ9}L{sa&%zKLVQJcyN`;Jx*&|yxE_IPuCCeRf)!8QQZL@%332+O2WPaJl&iEeO9$ z932yw7PcNx8?tjtq}YC_b_-TOt5x?{o;~(I;D?8XE`%V2iA(;O-@tmV&>V$gWEVy# zid+5cd{UKaYQ7zZiBTHReClD&Ug}y!eADZ@3*IA;KyhAmho{sz z`|#!0RR+2b4UZg>!EoWDWLX+DFxf^~wAcx~wMmGL*EH-rXiz$w2Bc6eDdxVE&1Ocr za>?+X#c#|xSwWY`{NuR&gJFwDWagjk4CBD;*szp^l}wv(60Qq$g+5KJ02Wz5O0w3Wp)1@j~RrrGe4i#QcAzKXR?<^XJb)IfGhOIQ5wB@m=6dGK-ARQs;ks z!vA{%&T!cd4^)(gkq7%WAKP3TciHT?yWr_`w8nWa=~xHx4y8Ecol;I=zu^Klk>Df}`ukSs38{VbHn{E_c;_K;c)s4jqyy+VNVCrE&p0 zGh~vv%oD>(_q})SM3-Xij9aDmLzv-!uF|*xQ*0)%^*``t!dWvbb*#)ON7fp-~(l2t?ZJ zB+J)P5X|cOS9g0I@Z{vFApt1s;;BErxp~hXXaLWiK7f(S>?}PdiTS+0T=CCa;s4f? z|8hkZOzP!~zg+QO%aebx;-An;|2VPz#ftx0GyMg(f3f2KmUaG|^2+#2pt8XG{}QPG zYUcm{i$GmWzj*)ewE+Lb_Sj!;`R8ElAM@eA-17fcxBSZ$|Lc6kUt;wyvHE8b_pi9| zA7hM3{4 zt0DpUDE1of)A>6_&WG#SyGlU<nu;9N- zUWbGoW?DuJW9E%XrJYV9n~dWFLF7nK=uoj^c$i=D-MvRLz)*fWh)!a;kqTY-yKS7^ zU*Of()sxK6n zM?^^Mee*k*jJ*ej53_tS=68ju6CBziNqMnN3stt-Tcgb@J5E%ZyFx>-K_S}n?2h@g&=CGjNe84lfQ)4bLHw> z?i#CMb=TaUH*fwIbvbVSbeut&=IA|irU&I-cb&(miEBamsp-k$oerFbWJoS7hlx|d z7u{N8HV3DU6P`3umC`E$^SDcv!WJ6tsSXzQu3tELGanQtG%DSnVQH-})9P-8bRypJ zby6K2AeTz5vNQ+ghR%AAmTTt^yR0WxV+?lgGY7ufC2q&~=dJMH0o8vnxy!MCRN67D zZ$T(a99PduNJIzvJ0AhncANFw?(!kqL6M{6*LS}zz+)+luF$~EBGi(-2?)k_f3p(& z4ZdjTV0~LwqcEsT;rH;|$LhM2hl;;eg``S*0HHX0-*0Vgot(9F5pXOwRjt`?8hcrA z{~qWJ;i*$BtAWErF@%jy^@prpYiu2-s`_{V^N1S?%-el`^!?6Nqsv_?LOE83tTv6W zy8HFtUJ{|Nw)Q0=kQe0XlPFc|JecF)^sT`|r+optKNEVlgXM19wtsBBK?1n!v)$M1 z|HkgS1H&5kPDKM2LFj*1W2srboY{^EqBz6wT^oBeA)9lHzOz;G9#`CEFPLgpl#NVH z-50!af^YkiCr>2GVlv3OB~_6uHIK&g#gJOF=GsbIbElkue z?s<2YzkD=F(Jv|dP;>TWPAN;e{Qa8p;;IZkx%Gl;|4zmIiw7C9ox6EwJM%`ZHinIw zVO-K)7|)87b6xW;7a>X~C=_+Oabvjleu9EMX6e_Qtz6x8>D#J)b1k^2tc2={BhJG_ z?C4k5$60%a!^uM?YBmUFCoZ_squsLjMACWlvsM;6iRZIKYA?-U-wMd@z3f`it)v(L zV>{d&b~&>t*1F6F-Gf}3o}TUomsQz~Rl0%x0_HVUFm^vjmO5m{*IloRojETV21(%B zBNdMxEotI){P4Mkk9fZv;9jNhW|5GIHA51-1@g#^SI@;$rn2#>Wn%ga(&QJU0u$WhiPhE zC${5}jG!+L{b$Vs%KGo=friEDY5Oi}jgf~2arg0%Yb+I~Hx&TeLBM$pCBB5o+!Sf? z)|2n8QE@LkwkiKQ1;KxRJ2(RjgjR3pXjkxSyt1x6A9Q3K`mT4?PC#A$Yf}Fw0qF88 zW@merUUCyS1LOVs_a~up&b&(_WfH5ml?8!<&^3KHkZjpBrs#2!jQL%5z(fQp?+T;S zT*oR)GW_h3yf;|uGM~2VG|Q3A!3{6x%qlOkL**R@^t;BQL90Q?NgmK)?Q!<3Rm(!xUUPXx|0tc&qpfcZw{g zAoJVyEU}k6(Gm!{61SuUe}QR5;Q^?;%a}=5ZJ)*N8Rn}02X*$Z`sA|n_BJ*&l8j4B zQT8bWu@AH3^wf!$d!dpKzT{rALyS1&y3r{rfUCeEr3ie5DcNK518HceiA3_U=^7qQvcA?|GV5Yl?6=9$u$B*De#|;i zHV--~EX2ilK-X2qEJ*!DyL>qK>zYhfJriVin!UOp-_v?~Lf1xWP3!raKQW(mli3xZ zBvlo`+V^!oE@Nng1O9srT^9_VYvKjM)Vz*~1lAJN&FxkDpprt;o!d@nco-3%`I|c> z0e}Uuy5##uO02znj`!9H9&j~^6)sge5;~|hUNPY>VF4jzDNIJxXM*#t*vV&2C;>Zh z=(OarkW<@F11BX1mKV6 z6(P3H21sbBQ=c9=2DSjn)=F;!k@m$vRyCE2Z1fk6hx5)9P^1}%M@6K$shx~LnY_=s2F z{@@YEB7r9uqxt?kcyE619ZI$u0w@M)!!!wiJQr45TztJ+m5oQu)TDWWuwapVQm4s}Csh6Qdv4a-l zl;rkxU7ol_E_(<6UA`fhPJ|zm^Sqvz>*r2O0B6;VRe4~O)W`VKT&nG-9}Mq-%5Uy3juN^# zPLX$=sNI~5zTaJ7I_T+R2_anL_aFM{_VqUk${tBuIy+Hm=uGCkOCMc6-kzClQHc7oAy+YT~ za_7h3zJb}=Yth_4&fF={j<%q~4{?qa}*<)#uO)81;!!1cTQgfx*%+fJAp(LnxQVWJtMRidZ? z>R52pGDuM(Y|PvAiA-H~hM$#;+vGxtUHAK;hoP`Js4Pv?1|GC!@ARcx%gDk4W+CT1 zvUXb1^=*eRS?zvazR`Ur2382g>zHqZeSm=w4VY&nR(sBI0>{!RG7Y)_Zs^SQ>PYn| z0=FDX&5iqDX{3qxLi52`wA|=9UU?TY^4McUZ;oO7@_3ClICo7#ok1mbTI1SN6T3+x z6Ub?fSG9SR<%-}%1jVHrzt*ewqsW>dWYkr=X}kEGmGFP4IqGtGC{7)m2%^~aDF!P3 zZ80<`@Tr+Qp|J!lXNvlbP4I~A+5!({vDD`%zK%2@eq%Afs&-?f!T0A2p7+;?I4SSN z6q(bi8zrcdk)Glu^RD2wQa|Dhszn@r1gSQganvTMp@1~xQFK%dAG};uG6M^^vl}g0 z`GZ=yJ}}y|x$*tQ{>=NOHg4#C6qK;w&qNpgM?Sgvze#y#= zOP=Y^>$PK!rH1u(sw^zZJPcZtLN&Msd1&%hA=W;(S%X7TO9mb|Hfjq69#QpQi;yU) zR8jI?G+CnDOV02UYYiGLsAv#NbNc*UNymixaZQkz0zYo zct*C-O8a`J3dPC6{d;7f^<@T~&}K) zRl@RLDc0wL!+mb&Fdmr6tW5TKWyZ?I{H$lBgkchfJ?Hz*ELR2&?K@0u|CXbl${T2? zbmny`-HJ5c8=tTa0{4((zTGd}hNq4DlxC*JN1qIuTeZG9LjVArgZ~at$9kclBC72| z-Iq%ibYMNG3=B=prS@l-%UiSIaUw>;?;ivuz>I4maBXq>~~Z82c0jRi|%qxwREkG!03`YY}m1 z>|2ixg9=aD`rzGEd(K3c?$1y1F?9iN{cy+aSCk`7k@PJ-w}D~XoJY%|UFkauwc~>n zmJu_sP3+1~Cb}M-h@FCpTB+LieDGZfq4eSt6udLFV$WV3(GjJ5-`^2`zI^DU*p0Wx zc62DKmyddnRs#C$S&%q;b}~0JK60so;U+4zHbqYcuyEn{TFtD_mVF6ng2Db-{O97M zdYAZv0!j@n;^{}~0vIwhm0`+#TR0bp!FyyA@R$I69k}TZtF3AU)X1m6oCQu9<&*YnIgS2}!H#p<)OhQKB=9#92eqLQvy&5(2C|uxdkq`g`-bAF$$`9Y^MC0Bc zewXU!pW(ErxMoiqowqf$wJK_~wcfRg?3+FY8pLD^|1)v`bY_E>6-#hX$EK^9+S;54 z)IYjn6c&rG=BYY@UlM%=&v*Mqp6OSZdHii^+_cipXibs6sqo`>+U?#P7_ZQvg^xLJ zw)#6m_*#|MUa0NKMcKOG)E%NF6ohy>|EMc6uv%UHe`a4ort&hlL2WoD)%IZB+4neG zxW^3{$B}b|)$^^Me8F42nQo&mg$XOO;qRSC%M*#$-}e|m~E9F_Bo_z zZgd*z$G5>dLFFLVG~|P%O}-4}h{VPzmye{1{UrEI_=yL0tg5HJ+z<-K938LmDWcAQ zNHB~9vQ z`qN%T^aaaqB;$7gSf*CJ267*%R0IVdAFxcu`1(_C+iy~8)Kgb{0jFl>=jX33Ok<~X zAc6CJ9|<|yf`x=YHS(L=))TdU_Rm$wAJ2oUEmxIZ1X>TVL+2xka z)iy~iV7MEhtKx6Faz--9K@_1wqfT{R2Y5Yo(&++u;4JsWQ>hwFHgqbvq!U4DT&}@$ z&%liXH*3l>$RxDlu+!=??F-2eTl?FNPm6V!ch*^<1iT|G>iqAf zx^nKu4`*s0;P*8u^I#w{$bX=3Tq4Or+V`mngSwwE#TB0eKh?b=iP$_Dr$AjfyC80~ z;3H=6=|C34G9^G0pz_Dn5jO3Z2yn}{_!dcBo;OkU6O~$TFVwVyLnS4wsm62e^Y;nq zpM>5Z%IIm=)!=W$a_5l`YAu~v$>!W#VpNePb=gAQH3+#ePH8KJnVsWpzY*jBwkakT zc1TuV^d9#bY+XRb2yhw3@+H$f++m^(bR=nv3&`%s$23t3dTF}P4Wy8w`<<~Mlt9UJ zl4%p2g6C0QpTFx|tXhhKf=h0KRy0&rzS8cR9aNu`F9{+oyEPt7HdbC3d4|Kt1D9VL zAN89#*2Ne*yTEZ=>6}))V7k_LLT(^%G}l^!7RY__xm2o^PdMb&Zq_{E8a@nK^5Zh^ zvM{a$xr8+kzcS<}rL3Ep(7~Hm%cL<@(dQ>|X)gKH!s^_$LCatPiqO-C`DFtSx=XCX zj}GVzC;)(R7%T$!s8lZ$#m~Sfrcc0?Dp(4Tl%-a6>(vFtL2caUv7hn^_0@|mw5LO0 zZz)VKHjp3xFhWZYp786g@|Zb_$UCnBtJ>^P#_R6D#;d3(f#{{;J8z5fW}D^GVRdp# z9HB-dv5V5Kb|>TM^d9Saho~`8e6zs zt1G8n4aM=W*D6f-FBC9CEapxPFWmfgmkN=*R3Daoc%_=&cgl|5qbJ$8i^t+f4m{`q zzwg)IB+jWm`u_ZwFX7Z(M3M9O?Hj7HYUIaSF}#W=nOXM2WHTfLq_P)ZAQ`H=*|*Hi ze3pJF%#6_`cA};E$eUQh$&rP^Xq^PH#vLRKkASkb*`xRuhrn%Us}hr0$(C{Ag2Cs; zgWc(R7mgn>w)A>J?PO35r&BM5kk!>y5v%4O=V*E^Ta(d}RzPr1BgHOGN`h0T{&GhH!U*y5`k1(%XY69JMp6iQs* z291D&{zDk-?t}jicW)gP<-Yb0ZxK{PMUawKM5IMZU?|XaBUeEKs>sjyqt!JOxKi;*@Vx51sbKO_R=lWjY-qvz* z(8N^aL3DkwjN7yZam57Ht-Z2K5`Hf-`}60|rXAbkuT7DAYb!&penC7~PekQ<(o3a= z_6J`lCNPK1BaMAcCSC0eoIpP8{F67WUT$Ze4Mr6RQ@olc))fBDV{B3R{O0KDHB|%v^A`nFkF}7MZw%R>{#oU#qw`FQ$>eFzDN`$ZMpLO7oh>`{6rrV0;D@ z#Cagx>eR1-5%j{HM?(=m(@NKh2Pdk~ORt2Cd-NX&y=3#f z$$Y7LEkgeNXg8hM!RBOWr{~5IS#&*bS^}+cud$?MOB4+rL9&l~bRBCAcw8jv_o&t% z*nY*t`>^f$#fpW9`r<**RB=BU!;>^C#}mf{isew>G%PTS*eTng6?}v*W z2B%$jojVGw@KF*D21DQ$Jyc3GB&rC7K+$vHVNd1i_t7-0&uWMA%4}wCeQiK)Lr%p! zEfMQy626QES>?v)0jJvhpd>h-qXRm&320FA)j?^|AZXh`gDT+5a-uFjxIW}J>eG>~ z)j)6g&gmLSF^Dm3e9ss;%+1F~sC}JuW8z@1n%9}ghP>YcOwem}Ib^960e>kEUr6~43_^1zYJR5s#2ALU?8OK@?C2X}mAp;pDvqe)ep zC>csm9(h^xy1(f5S`dh0VtYgo({I!5L4CKEN}+08qmAnMqm!XBLhD1Wp|%^wP!>n( zO4piPms#}hHHpR})vw5U8{v6}5LB+$uA=L7loa~-s z`+Pf6KR>3V820A;N<8c$aEws>Dg>(dO^}54N=MG+RLdox7oDJ#OE)JRhX(&XO2D{S zzyviF-Xvx0`FRU86bA332x00WL9vciQg8cpaOD?B_QfU2a??5Xd@ z4%A-w9(4eU^?M7^-g;3Wmv}BESpn-AA%!*y=JVDGtY#L;giJom5shhjdU|jE<# zo_jy&$NMo56I|7p^RO~V6Oe|gy&8;>_w&6#Fs|^(UJC}Sf{sssDpUF8DK?$84q5qT zz$N`7MXd1lyR{ROo)7|beUb@v45Gq48{CG(?Kx9yK<2(Y8p&>9;X|O@Ez`bFfB)J! z00DTz_GFBV=^Ul)1x@AFWKr{DmdP{L<>6u7v3z?w znN8-}tBwn{@04DdQB9Hg&nJ^LombJ+=*qTe^Farup4V_%KyKlPL*~wNTY`8Zih6fr zE%!kBqG}8sl&9Q{zQP?7Tj2bef^oHnMzKO&sC{=r1zh;@TgX%#OsU^iRsc8duF5=z zb;Ly>+#ZP`NX3aI5x%rg?TgRq9Ol>UsiOvsQ0T>La1}sFQBe`GS+l2UY&@L3cgNz5 z0_k3~+vo;wJ8tP!JZznGsPl|TK0Q6BKw|ygc)j&`G-I7zSIWhh*jV$?Dj!Yo4t{ue zxa>eC9mA++Cvh@4NGR}NH_h+f@rBtuY6|k0jdMBKuvUp0cggl>tP@DmCLhZ#lgzxr zR3Tq4hEo6dMQhF|dZO$EMd6~KpaDyP!A2iZYfmatvOMnHZd2}rLN7niBp+@&Q&=4gU9^Jw;Z|xvV^+bP9*>NB zaxRYdg*W%nv&;!bblE$-@oqj_{%19PW@O_Nl71Q4cM!hRoj$yUH3#7qY!6c)ab+&~ zr=FBoo6>b(>`iw0K5?qZq5rA#@;F6$kFHvoNQR{^w|4fgHTOls~Q|(`7ZfsV$bXtFtZ3uz$YEmghr`?k$K}Jivc0F2D-G z`U7*HZ1|*@Q`U~!!xFiu+2Ff%pP0N_wU*KyJY6&k7fmB=Lya`+Hs{QiDg54)o1BA8 zGENT!%MzGx`re~-<7vkUqA#D4^LD;j_(9sdy)U%(HL3*p(LuJ5iK5!aQVFu)>!twfZ?_jk9S=wo}M3nh3 z@_fbG=Psg-aH&j_a@&lC-}H=Oa+a6D9z2W+w zKZ$qi+EYe3yf-JTn|qLQe_#mlEa_m0z?#AXS0JjBYsi>ey{7Y$y#b4|Y>AT)tPeRG zUycN2RyrN5FM1>vQUG51E|04u3!*vchd$Yv1{*y_H80XPrlEQRt%s|HTt-Xe`z3wp zU-4Im+gATu-s!gVQ2D1v4ibThvT{cAJwoekl^b@pX0x@Fjrci9r+}v?Pd4JUc+`To z3WWW^LbIA7qxA^y8!}h}^677o+uUvcUe}TDec;yDJ^wy10 z?Voq|(WPPmcfd0;_^w3XWtH>3`r^b{7q_4|Z50)j6U<`MrGu6Q{U1MmoSuC%3-a4X z_b}m^I*P*?-E6jMEF$L#_~>}=jiILUz5=Av%TauSxG13|#{IhwMGSfcRzp$X{C@?K zN&1t~NaYjEXq%szFL)Rg=l0#xH<%F{#UHQEWpu3>3+^_m`!Qpy_P4)DNH*M{mZih$ z7hWAk7-;I|{7K1Le;TfG zuR<@NhB)QKs-$y^2dz#i>FMbz(x9Kd60Poya5<3e;A+RIybpxRfnR{9#kyuPS;Tb90ZHF^`NUK5Uq!jA-YAl%06W{$E*G-&8^K3-zFwX5WY`nblQ6P}3^T%JS8lvOE>u)S2DR zp#$h_Nnb1#mubPpHYsAUw`7>1#CM7xK!(!XrjFZ!uUlrv5OsR$X5Htcy|EJQ-h@IM5x=(i zGa1LlHom}nWJ`e$vv?$?WO4NLNp%zKY_NF{AJ6D%?SiVm^kDJ(cFc46(ENc$V}r2b ztBfX9Hl3*#y1d7~JYRt@JOEA?_K2jVE?e|fLLGd!%qWTn%q{5v&M~Ng-4C%p-)t&p zKq@I2W$!gcJKT-Bd~RW77O3D&@Hu~c!MxZ^R(WC8H63Seo6K_mBlVi#AI7S zcKTd}Rw>w5*3;Kz>^1Un-~E~N(hPt$MJ!jRPZ@Ui_BM?AY*ef$V-LK8StNxh<@~^e zdIA8}r3{deQ2?B-O`NE?5;Et(Ns!Hl92Y=4qOwNwr)1AJya>l$YWJRfM(NzRi{j~` zvtCq$wRr=TAF`BUc(zB@GZWVRB@*5GWywjs2sVfQZIF&;blEkjN7Hn3l<~OxAdl;2 z8_+jL3Wwf!N!>85nKJQ8ax^&4yrG^x(v;o2KKORAy`y8u0qHA8J+Sw9Z!8)d@Z<=U z-S_m~QZbeGnjanUMFY%MkqAI}EgID^0~g3jueUc)?wOObD0|+9td)pQU=vMKmq|)h za1~~TY906-;CtF>n?%&y{z>QQ=-8C(8HF@r_(?2-c;ub{v#zg9z7wL$#wUkUOA3*} zIK*aA6sFaUESUyZUsqa0@wL$PSAd#YDcD&IQpE1NK^I{YuRT3ae77SM+gk6pJ#WPo z)_6e~+8y8D P*9oy?E-~(50LP5ZHy*b3s6pVn=)Z$Kq zq~&h0Nj1tfYZS-rF+bEl{!tOTd-FtQy43gzSu6U=Svy$$p~iJG*^^>;&7%4Aps&qN z3u0Y3m!Bs!MP^<=I&uFCn700_F(Y(Kd$coI*>`X5>H&^q1|DN@-WWzU0GLUfeYEIy z-COQFr=^in0D1?j^vPc}59R?zp!fDpY~L~JO8tFPLu6JB4H?g8Z^Cyn0v&`-T; zi)Kv#SFo&)(=U*o&N3?Eo7Ksd+aB(sJTviji=@VPseOp*S3d|o{YWSG;%Y}AHGqC} z=xr>Eqo%~w*CGd(6w@O6q zNy(wt_IqCf=~rqFQ{M!+KRDCQbBI_*6vb}cZ2_=2PhvcB;$VNXLD|o*^Oa;hxc7{n zGgv>TkXTCrWwqlx3I4L^4Q^T}hfP1jS zB|*g&)Jmkm=46Y1l{uhet_V8jTkfeYdhfJDL1(Hn*}H3q$!(h(q+|vIU)!N}?7ib% zl47-=pPszE)-FH&q4+N>K$5sfR_ev6CO`f&)*}{Is9^M)pjL??^Eqp65|dmG&59mC zt(0J?GHzJi^%2k^+Bqk05o)@9Doik0~iE zya~EG4-5MH3ar%c#$6RzaB+w9QR6XLtb|iYMpKhD$c7$#eNp%N+>PY?{40QYpeb&S zy=%B=dYl?oV>$LNOF<~LxTr{+Qq;*FjCi<|Cp2!{pnYVhV`7po#LS~{iHt2JjcTfA zQ3||uaDb`9Y;QA(S!=M`{HjxbhrEmf1x4NsVtC+Yr zcM_qDhY?(}ABuYxk3L2hSi{ePylE(JED_dNTNb9al-9|5BN0h{#lk}5BM!mL%xw1U z^*Ml!i+>iatD|%A9IQ8PLs*fTT}Dl_aqsOOf)rVw6(Pxc^EBC zz)rFE{^b?~G6&!`W)0zeOX&P*Yia=}2M5*bt%FZn25+~ zNwgp~3SKJ6Q3;??D!5W#bhVN5dY7~F3Tkp^O5o+`>2w9O1`2JB5~|tl!v}n6aV1&~ z>@JLI`OU$aA8Ck@ExajOI7euB5zVL?#>{Jr$(C8K$46!_MzZHtyIJCvR%!NJB5oX8 zO;td9ZsnaLEMSNYGRlc4r`f?ESX+6D=i7n2?1+8Xp!c#4bY(Tv?5J}ivX4sDD-hYm z()-i1Wj@EI{uRsW`yC^853WeC`HW1`h|JePhOuWt&t6_q#N|$m<~e+vuLwOde865 z^$(^(&rT+y-RLp_=*TQSs|t2)oji`)Umxkq_i?fxb>&=VzsmYDHYTk6 zoc2?*+E3@4>urie#)D}@_E%}hDNp+!1BlYYuqI|u3jLm9pD>d4cE7r6bKI|6eC zfWCgm3(JB)72h}HZqWhD(BkBU6)pqCi$GoAlvdhwtSY&{FC$qOU>xCS!}U z+lU4K$2Y~}cN`%HZpN8!@tr#4Z)}(sVgJb03h3K-kbh#JMS@S5G9h>~b$~gm0N;l0 z?R2bzFo~O%8CU)I)aRtwNWfzS*W6=pi&Z0^jNfFCLA}S}&Nid9 zNq#P-UIxI37wKX540m+KKsHq$#8S+&MWbg4>c14;cX@Wr^LN`rnoCf( zh)uZyc7{`2`0KNoq~BjT#qM~=5maQ4k4$ImL8*~x85_)Pa$wp||N8uuBz>!fC0z&A zoD1NU_KTCJwl0BOl_PCJ4fga5OPS^AV2IE!;eBx`J(wjojtwdI2_dDDh{C=ZEUf`< zj&bu3V=Sz77Wl|p!k@;oWmjsn?A}u7;<4<+yG(3;u1i{tSc;f5&qd6 zOdw^a5anZpTOQ=)eC>*22IKHWUBoU zn-$mtxtU^|z?lPwjwh2Iz*XEdIp*MD2r|i%83BNcgjXqkYL6|yvERjW}87yjrG+bI>_#4JehypYZ^!BOIoyMg zjX|EJ2JnvEp$D-ajkUiio%>7-D}H%jyB52*vlUMZ!p6H>*8-p|$`wWh=pkbm@jnoJ zZk^3O_+YQS`ocojiJV|zV@Y9cJ5axf@bWzXw!w|?&W81+deHJPqv>-U)7Tvwr@t-p zH6wFEUEW=Dwg-gn)O&i#kiT?W9sm; zPuw$l0uk|O+5mncme(tePBv6$s|=hKvA;F+bA_s6C`N%K6sE6X1`%ODHUPJ$0-W&K zz--Q#3v(~TN#LZb9<2>I7F}$|8QL?1zXqidEpxFBtgTegdCEJ6D|7YRom?_e8#wE8 zM|H@pJI=8L5HaY+5aACIakfwbej@CB(56EhKlpFUq+zAS<}lEy%{1OLqss; zGyDc3M)nCH18zbQVU!IoL=AEidK-kr&8g1ZiwiiX7T!GT@v_PuU>znYg_>_b zP9yyNvn{-hbkG3_su{?ZnbfWJ6ST3~o#C3;Znj*r1r8G(-f5`_vR&M`R#S4Hf{x8z$VeV=Gwg@})v4>WE60xzG)#sYjqOx4o zhlmL7saHG?h`4nm9p;U8NH+Yv4naIRj&}y4eb+y3*1jAWP0OYfThcO#WyAolah@re z0p6(o%YS}a&(_s1k2J!hu`Z_5;1 z3<>a)bTX(e1e$3Y#dfa-XeO1XXAZ1y%YqJ1pyF7+w&7&7wqck@TP#8%XS3#=uO0B8 z)tWLN6`-*_xmR?FHDlh0b!aTC>>-(OQ(;EqIUQZJGQd*t)buZ7%<$;It{4~OBWZs-4@?R z$+{bjfV>y6q%?6I1^N{T{E-Q1_$$+Wo0$wxpN5h5@y)_r>7(C}Q*0pi z@7WK!bJ`FyP@QIkS`pMR$b50^q0LiJP5~}W^TXOG_*JGuMPc3g@By=>Z|l*thTxSH zQWYqXQS#>*S^or8z+uE64gdKdw&^!NL=4j*M)QoZSSL1?HTrk`xIljW`Z3B2{CYRd!(Vxu6S7Y-_)`;k;uGa%|m%fZ0Uk$F5JC< z^kci5QzxB&7L*IL>2gG!4O6D(&9pw=+H7n5VuAe7b3**%#c-G%0gwhqW#Kus_zHc? zeI#{TU_i=|NMo_*1dEa@hmoHiUniY9vLOv~Y4JL+hT7DK!>Y}+X~NrKYo1BoOhaD@ zNF%~d)a~eTAPoikT(}P>18IyscXuu>mJ1?ruqUvXXC8Uy05PIM`YG}?#E2*B&_)fM zjsP%XBf*rBC^RA{-0B%zLSqA6ewP`4DvqKQ5ATjkCA zaZa*cR>7>_bLUfd#e{e0kGHpx9d8{x+qVWU9~2-bu{N))iJrN`KpYHh4IO{Fa}jb9 zw03mKY!q}cC0sd~aHo*R$-oIke?QcEN~xZocn~Sn6vzMK5(Ne^{+Z^-~p z;l!iY3oCjT1P40u97(ZyQGE8R@@C2AmV?enhT7Nrm0JGms3Xq_x3jgPJWgv^kDU6L z1NV%9_n1*-&uKiOT4FZWC@9Cc{GkQm>Gs;4a|76i8sJ^_I~06*z*cCVmc#oB8~L&K zobC6`_V={sCVqC$LAOXY+W=P{%Z2ma+zC2yyfw@yQ-hmM!`kHfU0t}-TRQUD+1z?+ z6Fo-V9PyhQfsXposOk|}ARk@POJeFCMNh(S0pkteG=>?{Pk!(8$LtDPd2eSQql%H! zvK6|uNF4!xxp3Kg{_BzuEnbyh!XZaOdD<9maLB#WSCM&g`)hS4ohy?>ywi*ISX_D~oxGRL4Kaxk|B>+F$qN3(5cc7U52qK3 z&(g(=MtnO=!3eZvnOeacW-tF}*2wr*wEpy0g-W$lV5>Kx501ABpXV@La=?by~m=ll(=vr6F~u&vox8V-|nG_!E(roz33RxL>??*gdwA6?s{ z^f770ny5R1Kr6bE7vUZbNuBv9_2`ODcK;hyahF@wn>{H=g8i2^HsvG~aT|@^2e}Z@ zPx&I;aX*`(Z+j-dbLMG$|5nG1od!vc=-%0id$J$f5#6m#+I*l|`S8{a=B=yK-=b?G zDjO!lLp?0CUZpdi_B&V}ic^gW1*$x@aV!G$jPB?4V>_r%ejxAo5xi zLtVlajFcO}s*2mJj(N@=vLLkTzqw8#TtcOO0}(X{=hF|b%iuhV5y!Inr;es#XGLyI zG=2~bYwQ`h2EM=K(@wK7NOa1;JtcU>q2Y-^%8zhx*vmvo-90NK1~oUn#1@i+A6F?v z7~TYSsyI~M0xuD-gKGw3ac@ayu^NePx;vP>IMnLJQ2O z=;w@{cAZsvhOSp#qeQCsstP>~##Idt1Gg=1+eUXAaO6#~AoOx9j3xaAu1{W*BYM@7 zw<4?v&&F43E46@5bO4<|7M5;=#{v^|8H@tSIIJ+FWiluGJ{A@a&{e?7I^RV2;@<(C zpa2{&T#XZa0*E+oudf6vBTnB^8Y@~un|0=-=qE^pDb<<>y^Ah!F9Y2KzG?4SV4qr} zpS&xt@zE69^+35=LqjGV&=TjJ~&L|5g|j{C~{XW!kR=s1b>y6v+BwY4u`snHT8C-^WcN_>N{laiq1|aCZBtPRn`i;K@c3t3F{`so^@D0@$$w!--4eyn%EUt568rjYF@i$VIw8#=iaQh# zK`Nyeg}0fYFiruIJsR<&juFwLqOL{)@iJA*7Z)gi+p2sx92*Gfgaq$V*mYtTEuJ?y zmM(yw(4RDGWVIkHlo>rIETqpZ(t&Cu?UUkJ7~Ljthai|*jSjO{oQiMzDG=?dERf)? z4AhbtsHKUdc@FLvP|N0vEim^mo-=MP$PAiojEhEp-E(bds1$9WA9>I92XGnB@{#Wf zAeS+c0DoR#T3so)&Rzz3^ffrjJnQL#Us1hlV9NUA}IzVP&T3IB% z&L$fxB~amNCJ-l=x_pt168tzUbytXlaf&ZzSF7^4excDV{|5Ck(nj6m`UQ5moFLbhHPmm0ksf?)Z#@s zG9nC8i-8FJzl|jS$cll5nBwxdPbHKBwfHvNE#d^;=*|x}JpCM8H4!0s6ap$j7&heK zjq8_iHF(p5tEb`-SSduY^_`YzvE=28@sL`Gu2ojB0%sBVHKGM(qy2Iadd>)qEUJwvx#cP}IAkl3LAi35`RjE~ zUc#v)90JV@l#FFFl$;~%Kc9eCKChqElu@m%EIIko5`|1cn%L=Ax}Fx8t+wyqeyAe# z>^kXP3BMsPEM$AG>hw*T`ZvJKK5ud-(KVrZQq}EQ?9*qZ4g^;OXm0D4Jpcb3?$E5=Fc| z?BQmmfN?_7$tfskO*h4KDPd(5NNBo7?m3bdax7DYf(0Hg0DsyvHq_vy<<|AF>6wAe zR++(x?^AXniRu=JN_(9Xi=#3D_KLu<;BE~@6o~`JVwgfW0k4EWLekzyTA8mHOxbTL zV(QA()v=WOm7C24@LDr4A!wdKva_9-EqcKuov04ANFntdH*Pu$xFO|)pJzJ< zC9v-*VZQe8_H>`?kGok0T4#E5z%iPd)GH*Zj*5IVU%9|2lv@2kWq;jJu>`WPc ziLV7rNlr=_4Ecc8->ZOJAKtqi6jPJl326>Nlv0go!*)#twIT(yKMm??7+!nrrdF++lH;=Eo zVh>{sK`UnCIjpThfHkQ;|HYz2Zl3>14QB+ZY2vedCNn?)+zbkQVzZfvW^yqJ5gnu7y zM-NxNXc>)Ki#oUR<9oExamXS#gBS|Bq2Q)U;gCyMm|0YQzd zaQ5(lVcsY2S-Q%aDY@7@0V+#+eg<_Fzy(2w3uFSJ3{ZGK*DE9juPm~%rC6OD%JnVf zT)!-PPK=~$9OnbdkQl^R(GQd%R(0wc%t@ExSjxi7iG^0Ir88J=p$Q!o)gu4fxU_kv;cl$(DJe)im$+&fzvcbjV>PqC>bXkYu1nD90u=fMI{i&3?2 z)&F^{_J3C}g)3xBPO?l(4xlM0m+SQqk^f0L+WtwQ3E;!rLYx4U0-Me2-+`46bS8hc z@*GW`DVed_f2X;!{G{=@;Lde8r2x9bC=9Y>K9stcy~Slj+}#b~ z*8Bd4C{>>~2vn^lKOc$!8W>%d?!hXH#LHw$-n%y5r3)Gn$nipvJp29HFAo_DQIJ6p zf22`xA~&oUH-(>MPEPw`as$2vE#4i$c`Kk%+-Sw{X$o@Dj)a?ekh8KI{SGTs z6>!4Iae#5o_LLQBDOyS>qK(ZoYW_*_U7(cBID|0*h^20@tQJ<=yk+v|+Kb9OU*a19 z;$OpyM&Zhnhv;KU4&ghlgUNw#ZOn665i<(TAdTC(x>wu2K&k+&lDTCx){iV{$hnbL@J@Y5M%+@3DZ$fhMH))3lrN!` zr9cHL444!TtF= z4_rki$>oTP6~`)<TUi{UHsjuV;!(Em$q_kk$ zUZiPR&*{vbuG*>;s}#FPp*%BaEaYKbQPnwBcLo?9E?#Bm3Q&4M(oc9x2$yrqvjf9< zD14q8)&fjER_f4cO4ufLZtN6TyPtFUcNrCR~>9jzs4N{$8{0n3$`Nc8%O}ry2N{V%b4aF4Vs# zbbh%3Sf>v)xg!|G4>7{}A|mDrt*2A-zNg>Z=OI-iSxaj~nVZsWLPmwRc+8za>iDa_ zCMfh9s-XcX@1i5gd%69z0rRMz{ubt4B(t&=uA?^9!w%Z$4oM28j%s$NZVC061`tOF zXrfZ_6E}6w?J{xqd+C-Uqg!IE)*D)BnDUuYq>F zz`Vy*cEfM0DS5iL!YarL;kV*~s7}2Y5?^-O2fgMG2{%vsuz`2zVR8d5kU#w{Jfj8w zqr83FUHqtT)Xr9Qxtrx(cG35WuD%{ga!@dx1lzP0(~w=Hyj*kYU}L}7&H%XP(BWEq z4A@7|CyT$w*8PL-#U(W64AwZ<4~;TkbVYa}-CN=j`Ted5+1a7Q-mcn4yih$@F!`l? zQtwR*@aWeHe~t2ZL0nTuRpi47?E>gSFu9uK$^B8?zWe5Rw@7X|>Nx@0d2MP@kIxK( z7Ec0qQXBj~`-JsJb522m_4cs%-bMp5WvRsxSliDS2Fmw3;7n|78PsOG>a%|j8e{2< zND5{g;T3i2P#zzD3w9la&wdD^1!-Esv{@aT`?#Efn0LopC70wFoa~2KPM&-vV*e)= zf>fMf>*L9Oep^ci=+p08leSJ*;CoI0owrwOG9eFFtb%g`El502&=QR6Z4$#t}z9YFZ@J zW{ivL2l1BqV5>O@YWvlL4G{CK-Pa8(er z$*()tRs*~FvSBIEG-rhNXb84BA$__>9PA^XX=pPl%|>Y@ZM9Hp>j$7(KWpV3^jTrC z(cn=72&s2s+7LB}Mkpk5f$SOiz8D#v0`gL5CJbw=jZ<)?YUO#w%xYTYr?lH#z)?4q z*$dV#8R`dOzUJ9%bhONSJSTuq5$fdozyvHrz5-7n1POYu16)CuX(fA+dt^a@D#c8< z`3uWxRloHcoPQy3ry%ftLh%CzIP+;~#j({bl|0f|`p0S)L9p$7u;&-M?@ih;xM7~w z(mfFAyOXz-H`hLM6`dp(fyXk9qJ53U#70`$?^}=DH`pIU7W?@6+?aeNVAZJ(j?^a4 zc;_YzPgV-#9EorsbnIA&dd3 zSAKtYDdu=12hR0+3#&Xr$h3l;1(OikJM>Vpiv=m7w{Rs5aim(3MatYA8 z9qD63U{F&g{0zq05p$g~uG&*-WT;S>U-V!S3$nQSO`5|1Jrg=@+%N03F~7fsMc;Ru zb4yA6zJ|r+=k>epPBJbvxgbbG1EnL&2SMLrkGCqHTwnyisAeK^xRj=&eKXQx3d*}G zQbXE&p-_#jESF-AWv{Bk|J#9D;%Barp}-_2;iX{IIXv)~Bph1-oY{oNJxrx?TRmvz z_&4k3DqDmGmYQ$YFiD#Id6!L6fd4X{q^?5M%3&(Ty}dSb_MmDzOg^CdzO@{*LfCH? z8_QNQvjsiwu)DpG-SN;flLPe2E!X}G0fj2j`m9pp2jC%$a_ThTboTEI#$KI7n}2QN z>MttbITc!0u;hQphfifM#-k!P<#=m_u3M0h@%bDRyG?|O*4B=n&+Lfj_+GrG>(~!L zQ9d!J67`z81?a^XHfM003{ZTb=Mwop$RPjweC2=C(h}Ou8~V}F&-J* zzy>ppjMC5#m)CzUJ7ZS=EMt1O0KGocKcMn!0{w(ExOYjcI{vjE9tt173#kaQt6jo^ zLmu&4^n9C(kf>8k^#=e#csvhEBWRVsyjeHa2Qbr83w2o;7@lk4iIgAEEL5o1>=K;u zVSsPBCsiG^TaxBu8W>aqz*1A;T9caW=-KClY|5-(Rhb)@)RWpq9&Zq#>UKo(A*^6* z0|5;~BzM)pmvU=s>);QrJhif-4aJ)wI5yyzN?t|raD(u|>!1~}4$X|&GZx_-fh1~C z{Civ-w8C|yt~Ua|*rk7G?WY!Tc0yU$;ZnEzf(PC_C>0u@4lMXGp0TC|)GZ{(xIWb=gH@ktoKAk%vG? zXwFA=fV`^HaB9?B+CJo}{Vsr6YIbDX?QWzoLhZ(|#*JKIM}L49c8Moe?+s6UoY#Ca zclM<67#<3%7k@`seNR3zR4UxFaFzA1y}71hLfGMs)!1Haqxp+k-N?3XQIz z;S%-%)Rz!qeyGL#G?^f%{zvYK;2BkcL+g+b`rAbt@V?wIDoV#Ie;@cC-W^M&3^Q|_O4d%W z{pv_B^0Ve#wDeYW8a}XEo-`mW-`RFpGGOoJ2|Xfy{LrxyX=Q%wp-0*hxgK9!PF6)N3a|uSon#3NhwK+DaC^A#0zp^{G)Q~?gP~=s0 zDAtilhI-(_wmt5%L1k_%jouluCj`6e-Qooo0NEdGq^bV*jQTr74Tg-q)aJ|kD8sUk zjh#+?+2@tmuU_c9QdHDDxj@Y~nX(mRK9eubC?PB)6evVL)q(yh)RB%8>r6eRs|Toj zF7A}(Q1&A>0I1Ko zf$`~)JO(1Dj>VJ=wVZ-8G7qHJ1WOWY_tfvIV;9FNivzAH>ke?IX{4^Uv`Oq~IYmxw*578w09LKFJ z;yiuUah}AdO;M75&H^U+Vm|F^Q*6oT$iV606qVJvVcFt7&%JfjAL@#aYovj?ni9E| z|5z{r3LH=UZ4%CMxV^BZKo}p=C^`~S79Qkse&Cax;`|ls&OYbn5vlAF|35HaXikd> z$LY)1%mH~B5-nj^gCO7GU;hgW@L$?EcWbPYnz5EE%ru~cc)xg-Qev)Oe0|VD!M@9< zQfHwg;1A3^<*^tmr&P7BVqj7Zb2G5sp3S<3VYF%skl!cO=~a27Opv@ne1YTGVZP!4 zoRvv$Ui2Rr`(uC}^ANQ>0^n6|TsEw4r?PPLN8qdS+}>hF4{pDR@7@^M@1UCBWO5ZD*~$* zQ0tB!xChKjP}~^K(;OHHMo+>Naw7Kt^`SL)aQTU8pL;W8T6U}KLTZl{cIbiUt1ei1 zxNrjy+ceU|Jk|y-~CtZ!8N6n2LaUljJcZFlNH*v-wwab>OhxXJw&#k3x0pE ztv;-X8n9x-2h3kr};Xrl;oskSe~st7utv1=`)*LGc4-8 zNH%vp@#9Bp;~|N#4LULW4?VVwlN2CeobLPpTYbBro%jG}^bJ?3*61qEy|pw+L0M$%X=@eCiwCZ6NIi|mV@ldubN+IWy#GWt{~rJrjmKo}D?fi= zPx>8y{pF2(5?RUKTJ_5MP*c&*)!4OZX0G+o2iZf-s>cdHDA0;HZH5^c_TenPJOPN5 z{PJbsh^U+hYH+D20;_nqUMNzsFKMtRAD&9zNk-+f%$E+_8Y|mZrQ{5SH}vUD>&c2?Is|s ze&D#&o^<0~M1<1q+qan|8O8C&dhG}#KR=ZgAo((Ju?wcuMWLSJ?I#D?E9$;{M11I0 zczDMLl}Is{xf`6in5imRLks+tJxiw8p*ext9W=1y})oH~y z^eZ1HZq2^Rx?~S5`%6M~CtQ&3vvjx22#xsfA5>Dx%cV#B4)&&db4`z^&)$NVqrtO0 zV3(^1<~f}Q^L=^d%;FGBnZ+2zP502}t*gAa_>UU`W_}_rt-{63BNT6=P!0|bU0q!_ zr*^kA>1brp>n&rq*?tAcS#m;4^cj_m%+6|(4016}sZ~WqC8e|!Ncv^(&344m3o6GA z0ELMSOUrOk$UyNn@t1-E4)XEyr(|Ublp~iC>QbbCt&Z*bVahmsnWzZ(&>wz>%iU&Z zfds!d{0E7P-Tgz zo+As;GedgUI4NWBxmm$LQI&wSQ(TE{GouG}b#*rFh^-YH6NUDn!E1kZgM?rNwx*!M z3-Z|~gyslAm8S#}5zi=wZ}(<{o&{*7yl{=w6e=GQ6B9GtlWph&PNTmEvVGaB^m_!{ zL(Y7pH8Uf_?DG?fCj@<#d=iM=iIkY~M3lR`J0QorA>^EO!rx9@a?dSZUSSu|+ zy8KsK{2x_4&Zj^QXIV42fY0ST3e`ieb@Bi|g3AhQD~ z>c{4tfor*d0<=a<6ux@g2htQfeOe5^WL=2Az>BTiy zO%j<`2W$8r7!OdBC5+zsT?+T9_zB^pIl&!wyWOY@_t-=Nm|LPTFaV_J8zU8}ZOcEx)azFnO@qUfLhQrl%D(Y{ULT?wMHxdR zS|Qg#nNT2a&I8ww?)a@gRgbpn(u?MrI|^%(`U|WY_}3Td)acd753GIw!I!hC&lWj zJ+ofpmp2dg_vScwDFaPiTZ^0<7D|+JO=NqwQ`nKalpQI`p{4WRReH87b=|*4l%C-5 z)tHxcv-Wmc{U{;zwU0l?pYqH;-5HK8yS=ppzwzg#JBt;QTSU`aPq$4scZue;{#?oL z-@jK~oH@Us3^7d~sKRez+L2b*faqS$l9wO1s`uA&ukIX`4-OLE*Z1}+88%pB=rT4B z8>vi5b|vcF)28QWiD%K)*3R1)LDxyiZ)>_uw?8QAt=ivaF(br^PVz7swJ+ZI9>gFR z*euM!a)!f4tlWK$!Do9lAX?N)3FN3yR<8m=}@8zUh6CKJSOf)=L?|Z2upE&lW<2Lc{Z#xstTGe8Xp30OTl-(F%iI?^W zK78sb=bl zS)8oH(B-#wK!*?S#PEc$wbdW*10wM}zK;?ngd2v8R`1L;QcrEm+_w!@oT9hoGQ-?M zvQ~;#`OUGXo`h&CsCYPXYUoPwkV~^A)=67)wG)3;w6cD!*En_&D}!|07JW2U^D!$c zI4!|Tx_G)k(O%qIqa|+3Qb7M+_;CsDyE+ zW9{>AyUq0on)q%_c}|7vnpZ3oziO2nMHm-6Y)%@pMZULGu~GP{&nxScNjVuF;bCGN71mz%&6 z)1YI8!|H5zK}QiSR&vx^bbEb)C0+)Zb1;lvs$_H}wA|jHqo)@i2xDrA65;Y%pQV>s zD%A4cn;Z3aoXh2iH1=xb!@71PE3OQ=;uWuK?CvcS=WAEaJEVgMuc3S5Yl-l=pnJI^W-y1hR8b_1yhG?7e4Hl-ag6 zx}{M;T1f&*REdHl0YS2@B*_L435B45M9CQ}Ga#TMl7pZG5fF(&L7@^va?U|=hN8$t zxbt=IeeM`{-0z(8?Q>qfG44Ho>>u4Wi?wEW<};r;-t{m3M=sAqthWh{*dRlgiK)sAQ;4uHMp#W^F2f!r zPesFn^+X65IoTO$kUy4q<2}y$IsJO9+w=C~a*tKA>bG9+`7f5SyCb5SW!xEuqWx!< z#fHCAD?B%>9(*;g`Bz6_zniy_%P;NWUQ1uzS9~jkYBnYn4&Q5Ald;Yt!JU{;!mj@u z)T<*U$;zps(}D$EvhtggBR2|c4Yrn(g3K0&=2~XBb7nY0rO(Fu?`(j1IBk+fqb=iB z=DM89@2~#~Z3y7%h`ZF@iSgeq+WdfdPna1EyYy9J`Ye$H9%JG5PgZI~Jtq@*zXR}i!$yrJ1 zOh%^W_o14#7`uXQ{)gjNQ?-IdH6WVm>gv*}J@*;(T?^pY89JzY<;tr8$tcaG1w%Ut zKKtUS&MDt8o3-h70sEqzVsXAfIxwl^5ZSXk_tyI1U)}e1>gR~{bwg6!wr9+tXx`kC zAzr2w!fLSOfYjju>SH1&{JfeU2S1ps@y){TJQ0tM@8fjTN}5$$F9joXni~mGI9awd zCR`oB8?U42FUDA6kY7$(G{(p6%!18>JwZeYquC_z#vb#Y`(kNy@9W0Y0GEhwziX#TD7)Nn z-c{{j03!n1@&R|UkBRTrVs_{hO4cU`K?xXEcv~AT=NKtMvx~NYfkClwfU$7ahrsXn z&338r$n46e91TIls^@A6k^zrH*;o3Pzi@btzFfYE*;%?p$aL@%>yIJ-6835R)>C%I z?adXt0A2@eyS6%l^qp3*L0COASo%yWAfM2k)Hzo$B}52 zdx6Mx%C9b`y3)R6jyYK+`0~Ty8ren`;)vA9vP0$KukWpvY8GLS1`krR$41-dH7h$# z7`wl3^qoGPTJellCGSUG!=0gWEMa@WS9m2s(!nHl`yofwM}yqq)n5BxA>-nB+X+ z6A~@Sz^SnQ;-dLPoLiu%c|+|~W?D&Ar?!k>LAS+B+Re{g1Ae5rqJ;s{aR1ssa7K19 z|K`d}gh__bZQnk}>M96Kos*ja2kI9}7s}Shg#8)t8!MX4soDuV3EY&?)ZMPCTOM_h zn}eY&?pL4VS2~JDnG`}#UVQRykXLNCn2Hb>?8`Gvmr&5y^#F?m+HtWJ}+L|rBa2+15fpZxrne0XC$%$VKqcl(N# zNk$LHgP4R7Ly@3NlH6hi+69HKlmx4g<%g3%e{= zwJrKYtmN-5jUJQR^mc5&jt{ge>`w7ps4wiJ!*9@2h)zXRPvs`O+jPNOo3J$LoZ4! zru|qCspNiy7QHryR=8 zP^nb8vgT_(&LZl!mFY-a@Q*0t{eFa%-FqQle{1NVrKDHE_=9n^WAagR`uNRosbA|O z`Z9)8zdN2A^_qM5-2TH~q6m$5#X6t$SRQnst!eC87iSRHo|ge*E+U4=wEEi@{dz)( z%WVjhTkR^XQTb3(6gP@gMzdsb5~WelAG2a-$Q&Z->YXe?7<%=t&%} zlqdNJDTgvMu*tY-2oGLs+FJ16^^W!bs;vhQhxBowB1wsA=HYma_r0-j{Bs3`b<^3; z#D<)itdbPVZNkPxwHl{NRkI35`{?mkGhDQbhW0z#)+%|!p1Xw5>XsRdQ;o3M51|tA z9)+C_L-W3(nBfk>NV5Avu=9~g$AL(W>itZy97y6zw#gE*^7|IRX+Gcgr8%|n z=YruxU;`mHVOzY^#Q6d-o6XtQHfLjeO!tS@-3ixeU2jz*+c`SV( zo*k!_U99eM>$QtsRv?iELm?YfL>!UlIwCXsNow10&^9j%@Bv+(!qh=Yx!r$i0YO5^GJ`C5 zbyshFKVp@)7ATOVF)~dpw?4rqBotDe;Bl%!#zDhqD>tDkRbhK-Gao>hkbUV~!Fug? z>i2~8+vf(svxlF3rw(n^lF9$=wAz1-wWeqWDfGEodS#Bwe}S4@!fswJQo=@$)p^#D zQ19T!i2$_J&|I^;GW!Lnx>)`=c*J(;WthSUM%MJk@?5VZgxY9j8@LK#6P%QZ=UDqO zse842!otFdcv`BNG$acf?wK!w*Zt@@Yh6|V&qIVftnCvR7&txnEd6R~<#EgS;|isd zNr0dG^}VikTx;^FoKUsj>WA;f?WbZ=rpwim7pTe#TW~rYo!~v-De62PLm&-q7wl-L zm2XFyhZ^5$@)^K+67tPMf&~lv&ieTg8ksAzfxsW`2I8jQeHW9;@V#F`Lc(#KmNQ8^ zL0)uqsdjpy1d7RHj-$HGg$@bgpW=Ox>S4WO%CZ7*FHN=2oXwQGdW29gc=l}MQk@uh z&jxWKm3DPB+Eu8gXVj#|*&dLCWB2L45HdbA>G1uV%m;)Vg>K27kfVx*2kPky3Z6x02Ss`=%?ecg zuxyAuuCVnhbhv0FBpA@mCAyxnUsa9-gzgiR9Aqu^S}~f^G=Kyfwl{o8bz&_OKX|Qn$~ktAnOB>Ah5TQcp+KB4Ad$80P`B!94W?7R0pm@qgIuYPf$Mk1^+NhzpBXX5~i zEe*ope1td#Wwv`o$wC=Zu0{O^>S$h@?BdO7AnCl#fSDVmzGLqPkS*WnuHIlT(Q#$f3VT*HKNXPOS|x8Qs*iVD#BipcPNzh+E2;7Qr-1k8|0vtTfXNN%lI@e{Ba`mIc4no;@5aX^}#z{rR&+WOGtC zISH!5DPnz`jHH(QSerQA4uYQ8q+L|;+DYR8sqB~)wB^-4`7TfD=4=mr4Sv46oT^aG zpl@xG&`}1R>r+_1(M@X0C-@U-iGk~phHqQh!c817H5BSW~d+ctXuRl;97UK&5 z(Q%_opvB7fv*d>Dm$Ca&#OGpWy>^9~yE2`Lo>?hsOxkN!WyS0Y}sV zpe+Es^OlrOEulB$rC~4Jfv7ihog3X40K-{tOO?OQamK;pEmzrg6^p~Wugg#>Z(_Ks z9Pry(F0(gGI20YG_q|eGN0_`Ahq4Xpi5KKkGx6`=i>W6K!hhrja6rsq;!Pyaszd3D zp4VWp&UWCDnhlT>=tnp2&c`t@FvPWNYx=$sG-QN0aCtC6D^5Dosj9~J9PnCtr3cUX zo<*p(n6SO_B*=`iCvDZ*aHUmsRFl{5L5K2?210^ksrIlvKwo8)G;TJ&fBD;aXx7as zBL~pkI~M+6J^jz?O7)d+19zO^271DgX5q+QwP?$GD57~|HUEA9rQZjLLk_^Xcil>0 z^xhp#{`~~6em?4}~Oo}RW{r6guu)uiznUdm_^qHQcMrbk}EWUoM_ zjSTeZ^Fm;A2-ZyyDLOp%s_6J1fx!Q$K>kMs^4}#6{~xIjgzx_!NPYfC&-Fi#{Qp7G zUODtPgfYc@ZyI*I&yY-=+WfZ6+Jt;~-*nb#y9Qk@x#T#ZnN-xPr`uv4G1)|N)@^&6 zbbs`>u5kvm^s);6dnWM;0ExkvfbRBmrmh%q=h;~Pm%EJNm!=pGsu=7hCl%T3_O0Id z{W+{m5GOlG7#HjA6_&GO6UUsjv%QAjBH_qu3uJ|U7LwddIzL4rNk;ECx?=&cZ9+nS zH%#6&?mUls@!yqx{vZDzz7yDjL(!djWpvlWsw+N+npn}7zB*hG5F&%2sWc`P)~p!) z-tof>YS4)_?L*7sbg?E|~Ts7byA1UK#%=i#TSvFxjkIrBz=*uf<&T+N|ry zEBd&-r{o&S&4=c6rZENdIp>5S#b2kb~{ccBplp zn`ixl8zQ%|V^<^WJdIvEtj)!C-2A;fIs=(OEp7gww`Vq(kGyGw`LBxa&Tpo13v9Z5 zcBaWI5)M0}A9xZXND`~0i$~q(5{O<@h%gPr%y4xBd!}H`J7;AgF}9T!<%!X{qV(R_ ztn^oCW}e%xWX`13k>lr$ISsD$OnjOwYW;FPyYP4Th(=<`!rWeQ2Z}b}!#0c+4=BA= zDwbm3NiPrZO3(RuCg}`gAN0@29J)#;hznt<(J3R}UEiD!+_$$xDy!6;WrU z*@PRqa3wMcO%laJ*xP#dmVo$>29Vo zK526HyMjErj@0j-{>{D08<~{R`kLnztSts2a<5dHj3m9Q77FeV_Szcd%bH~4mV0tZ zt?}eb@_HMl`jE%e+0uF@|1^QY-rou)D+q+Lc*%=Oy{QCJj-`IZAyyj!?qt%)F3<>A|2ket-M_l}kzW(^TYySw5)}2Dx1~gP0?2NTG z5)170-+A!Kp2Z*u=)$edv(nZ&U*R9z%;W2wZfnoV^doHE zIJ;fko)whzYSQV)yY}qd2XKSOnbNYdw6t&N>2-VvgF(>1OuxNjYh9XfX4#Gi>{Ctx zw|}>5e684IdyR@`mJPW|6O$&N6=gk|6E6&~-3z50tC60)vm(?ah?k zofezy>IaXhTKze?vN5wcL@ixCy@H-(s_5)DR^cE3-PR-R)gczjCSBy5BCT7sY0^OQUL?mawg7HaIKh4;2zdL1d_V3ItzAnQ@mb!Tzty8KfxN^`os>O@2K zlyKNS{edU0)%v|wNoeqqQiX_l%=+XrNJh#HozqgINqpOFpJF=;U49|rG!<4qkG3<$ z%phw~WIb5K^lpN% z&&kqnh7P3+4t24|L*-U)FpCdbXJk%iZ^aDmoI{l6i0r3z0Yn*k$7$_thgMC!E zGf4vM4C2g)A~<>hWSE56+(zX_cDa@!Pw1P@2)BYnt)*5d=)xZd ztA;Csk}VtKb6~{eQgsNMb7{USOmSN2nSSG>H(w2CT* zl&d!Z#SorJd(Xhq;b`7V>M17d?b&^Or!xQH^Gr~fU#gFx9>o>f)|w~#l;k>@3`RfB zwS)~hS5qn$|Db+O;_x`(Ht4(7m8PGq9AV9GwX^u0x>}jVf%VS&_k_mO_&~0Zot0Lt zpyA=+4%sJi@av~Btyf>wu2#>+m%UQ`e!~-Fb68(eRg;{XgC3}r@l1OrTm*pweTtI5 z4F4NnaXHJJl_v`9fERw(2e{PR+jdE2354_64)xzaJXO`It-uz&xU=Uo*84qocL z7P7nXjma!I_}mBlZBXGnStEgnX84u5a4`JGa_8(nWlJ>PriMVDQYyt6AAR-?_cNmh z>h|qyQkI@tkI;uRE8h(b%WWa>L+nvuDRMEUt zjrgGl$2^Ava=I;I@>d;aVTF_;|L=Idy;J3n;SnVQ9H}bz+isCS5DEml86>c=qz6l_ zt2e)Qp0MCXuA*iSuR`|i&2wu}H@21ya&Vg?*MA}of0@L=2Jrh$*gZP2g*;LhU-!M# z*p7*kNp1ff=h>p~M{=f8VycQ9M~2^pY2BQ9g~){?<>fv^oC#oa>pBS`eRyzpLt7(O zN)!aE?R<~o7jnC`?<@W~v^A2RI`X~~lYOwubI~oQ78EavJlb*0S5veycI{0E%S2s3 zkr%)NtyLNBJtNvqKJR?(Odb6?Hzk+iiPiqD*%LTn!joYxpgcXT zQ_cz(XKYsbJoFU9m{}KFd z-h{stqx55!>;1AoO63m^_|ka3bEPDtvDW|J+0ApAt0_&9sPOJx}0u%CGCDb>Kc=^S~9m9f(@s*hjMp___+A&)?dv)%53h{(d76lnr z%RyhM2DYB#6QQL?CsbCe*Si8{vt=wAf*Q_eBs+h7GkMd=xbDVAz+_~z;VI8d1ek1+ z@jiJvGFtP?_Td+2Z*voexrJ0k;uJ|=?~r(QW8?HN6@|F)&U06^`qQsf6Qi)>+-7aa zq`njHi6&gxOUga^$zV_cPcpB=b867iSeXpE!XF6%M-d7~j9X8AW zm=Jji`Hg4b4|#=*AYu6Dx>yHl+c!?_gR5pP&;w>oL#L7GKC_j0cd%w3KE9-%41{+x=J&l|(F6vxv^3PptWm5pX zsCm_MDd$a><<(USJg6cAkvV=#OSoVD1K^~!eNB_A18y(DD zT*Rp)vbU~1sBesui+LPJI{AVLJ7MB2S!H<5Rz*d{DCd?^ke2hG*eVJa7q_bCSy{)} z*+Yur-NG zKNSSNj=|r09v>e+TS#Xy(B2-teMl@@>n4biwaWOjAx1udqru9sce5?9%QwHW*At3j+9kYEH*|V)kwW}0 z)3a?pXK_AfyKqZ*85x;e5ohdpyBd{vc0-N+7z4!Zf$o{uf9*K`;ossbDsR&vUjDQ( zy3i&<{F$&#qiQhp(h?JDoIUHH7SL&H!d7VXrGVS={3FFuvakzdVQMpEbaI5)MckxQg0BX)Ym=k4m3_Xtj|wn*`=PaT zFYTsv8U&0dPCdW11ONN+;6FBRI}%Ex1H3Xl)#gyg{#&**kUeSg7n~XhopCFd`0x8CVbhQ zte#5jaJW!aao%(+@R{lHZQgkLCka0T8-m`IYRz^xZ^AA1Yxgc#!iRc^QXqn6v zM%oiPvXK5OW70#I1;A``;@wc)ey#M|gJduR94b$gKS(<|4#pO_)lL^#xBmQ4wnn>; zYzzV0@dh(4UT{mP6BZ~s(LS;O3LIge*~53Yxy#>!FXTvE;MHVv+Gg6^63dEjW!*W} zj+l>z`63-zHzHLlf5JjM3An3t%}a9WloaCHcBiHh1c;WGCkpNRTH#7C&`5kuHV}Lz z#JE)g!d&*g+Eg@6_nq*GNU81P=`R$m;itCoB*nLplSikXqg_G#9j#whC*r>8aPj&X z9-Yhk7L-p{XH7A~Pwl)vcJ*Ju4*%IxwlL9X#O^%5rV8)6plnUAt8EQNcQxjj7fSKz zx2dG5D~dQ8`!Le;y}$3C{Mx+JJ)&>85wkawK9xZ=mey$hM_uV=31JZc^ zY0GF@Qyce*$RZ*6Aj;QQ%1d;A=GYV;01uKd-FW?~!SI2q_vHOot0 z_FQTUi-z0-w#<&EHKhoOI9Z%2b0dY=Zu^r;3{y%&9|ISp4nh9QcxG=8CVTINoZNApT^-Jw<0fuH~2A}sa+BMW1GYW6Q&=zsdiX(~fsMQ_+eI4>QN9gW{d+BU_=^T7Nq+ocTw!88Mohz#(5INKW6Gd{+?bbjU;U=XrNyeT41w z62PFP;YZ&4MPzxYj7bQSi2_Z~czpBSw4bs!;IdO0^z3B_6 zen2)waIqq2q2hbVs>RH1E3Z)S;S45Ae?|>iJ5V~l)`Q&H(`WWA!u!bXQpCzAuVF&hnZ; zTrFcm{kJ-%`j~B|8AgrREhz@o6XyX}J8|mjm?6=H<(U(j;eP#7c~o;Q0q?i-bQU9o z5tlqrxK{lQPiJAWp)8Waa_PQeCS1(TN*~NQ@S{61MSdu4G(}8tRCTB=DrY^l*Znp_ z_6=EK`~CqA;zUES>A?p9&f=!;=~OR)$^1C+`sGK+$hTFJMNl-EF~(!( z?r_)nBr0rr3A4hz=!rOfSqPq|)KDoe5oMFG`N;)QSEIE<06lNQ#!|$}N-z%=5pzEF zTvy)&X57=+>%#{V5y$Hq@~0F{1Mjv#wZP@{6CQ=+k{gXGv5)wSAjBBte#Kuy`imW4uJ|c=eE?|8m0z zd1!HKi8!7exkiEQqwtV)661edfKWy;Lu_bLM&(cUhr~-Uz@o*PS&RwJ=fa=%3!&$8 zEjsGBB8x1}Qc=7%fqb+n@V6mO$O0v&(98jO#zQ}vRDC8QwC}hYeKrI8b<>`^H6Fh5 zAfQ)XYd_78I7mqDoLBD!A*|l9K1VbU<8x!EiSTlLUJlZLjsBVEz%NF&%bE9RJP1hD zv^*aITZnI#$Sh3}qSG*v ze0!MUwH8=R@k^T`Wu*Fluz^++24SeMoBIc3d`|7G=$CvBKKIe&=)>N^%DUrmD-Nu* z4+2=eS<#cdr(3jtZQU0g_XJ|^-9!V_M$_Ot<;(k5IhX?%6c#lKzE%Y>Ru8T2L^iia zLXRjO>_&k_fb#WqxSfugnUb4uJMEV@LQurs*y8=GY^;GCvQo4bWm8Gqjx&n>E^cmZ zr3-C`$>}9uw_1>2J~`CSR~ac`@Dy%GdhrZ=jRUmAHdk`HAJp6Me5;d@ zW@fQ4={6K`ToEI1?<1op8#pY9Eq@IDU2+ml?-n;6f_h}Qnp!R*E_ZDBy+NdBt{+^9 zdPf;~pa5LSysc};F?gY1$2=6j`?`1@pXjq%XeeyJ{IEBM$-?CPMUk8g z)jb6g$TDQa6sK=M8ptK5FTp~)g@33&?RwqX9eUtb3Ib*#P_x(jid5t# zz7zNQHhTNJ)c}99V{muXskGvx{t|JlO=G(R&7FbZZ_lrAY690Yz;&Y+#R8Tuqg=p& zBM>9IS^aUlwln*ga9`1v_eUQD82+3SA$v@-Xn)k~d9+m$xG~RgPc({`(oJsSHDlVh zQo@v5klpp^l)V2%o9}f36Nh+&dNW&vAtd8iR#&7|V!M2z6CTJYRGT0O_5A?ZZ50$5FuvmQ`Od*mZ#Ruc zQJDO@cYIdO=P1RpV}&D&CJQzF$(eVse))f0lUA5g` z^c_qX6291**V;sSC7KQwEXl+w3c(Y7VU0;L8^BFq67^dkiz^uj{ik?eeWo zK!TE|VW$3yBzBe3L$b$mVblluk&V@{*VNDh2q!49sU|&4cu%iWbz4vDY=-IeGu4x_ z(v_f_WzTi!)C(LG02{QYKh-1GBKx;$v_y7bgFk}G>4nSasTX=;!o5cdBplTrKo065 zr=J*8P7hO*22*jdc>78mpi1g_rt2sMIn~QU1cfrTP+6jvUaMw=2`dNQ$?nRErl7Kj zl(Eudhww=q~D=3xv}hJxI6I!TX6 z)0$V9ur6?vsRrdccafu*ANhdhQQnnvn0Sc!t@Xti*!2qIxk#GZDk6^4^jA2r%Yas< z>MtqXMLPF3>>p61#a=vD^6bOqW;3_4G_f)_5T>GyVi$P z9+@j{%qS+H(f#b6<0~Fpp$?X=15RVbMT8cKnoik##jh1#m?O+6xuEP&HTyGA^#+9f zZ{Ky%Jc}NcEY8M3mM|>Sos&>xZQS=s5Cg7Uyq~^svqLIWaR+R6BjN3lXry@lQs%~s zqWiF52W3ln<3Yovx4@fi!qK^gc^%V}%E%un6=8l=92Uetu>HBP$chBpuPDRsttuIE^0b02ZAlj%w0(obI=!h zkHz#(vrYk0Zt?DF&tXT%&R=G3S$_roR8GE<-U?a~$%3;->Jhy>>tXeD6y1nfaIu^| zyGks(G{%lJHFK^CK#RoYvo{O8kws&pN4Q>i1I<0Jl7{603AMx7Pje`eE${g6?T%zu zIC~G&{v_48vW!fVJ&MxzqJ?N1e05KwZPOJjiQW5r{Gj&<8DcI+?@@ibo82wM7|%%4 zVTiEVDMM!zwkE7+ET7VZ+SZ_BRYY8R+thjF_X831tC7|wQ zu1G1SPMw$JuYmpGk~mVy1xQ!+>s!9xpZY}yVJha5&+mL!Ck(SJSoZqwJgIlAe8NyK z{lSiOh{v9#^daRawDw;1HlM~RfkzpV&mBY2qvjZkX559V)E(IBey)EDju}~6sicB? z;elizS--c*pnzg)xLKhJ%GaL_JHwiW!=GJid#|Vn9AVJtJ9NjAhVKn{H&jHLBLJo( z2iihV^zK)5Ma06Ak#_eZmJ+^GDVdH_#dp-&J15P6{JGiYM;-`O8XpWf-AI5)v$^$= z2gPKNS3Vay8zM&nA`B1h&aQ%jF33yr`{{XoxfxVWs6m{0Wv+YeFR&JR<|kLsvD)86 zf%ui732Hoz_Zmk{!Pd{!ok{%dyPSpEZo*$H5MW9EiUGVxhWRl!%qYpeyukMmMS6jA zzu)FUV>QbHdwl^b>ttvqQv_!nt|i-aSb2cUo0jh>7z?X&#~A3oqO}JbE~Dr~YKOK) zLAg->M|DziGN(P;WN5w38!iLO+(0^wzB2|SI=(D8Oi^yTfjKlsB&(W*(6n5d_2%q^ zV1z-9ivwmXMu=ZO((?`ll#E4zfhS%FfVpHH5uHOE(I4ei75H&w-FqlwPEcq*XFc?X?{oFiYFgaMhr|20>xeIyOZn;>_Zj(-3 z+M_6H+aQorXj;bn^^sP?=$WYX14VU6O@d=?H;#bCOx&}&jG|AATp#kr_b|Y~3T?kw zvDv*ug^p}~he*##C6Sz6dDsPju>Tp63$<`BI9vKoVbn0V;#+e2lHDn(d!x6P>pnh; zatLx2U}F4$pArXAg|u}C4PPPHZXdC8TLo~;t`#Q+E!qWqLiNfJX1@P8qER#G7yErJ zSu_?V$6uQcb7f~FQE&-DIp8H5sICa*0NF(yGSsf+Z`hmr%e)(}I!>;u*3Cy9f7nYJ zdBs3w-JkSnkcvlW)=EM-@h;T%Da}1aCm`@romI6%?_yr749Vbq_z@9K?B&P}MSmll zQRGJ36r7~dpGum$i4UAQnQQLqH7MDX;y#w4mje!+UYsjQc%ICwrL^#I{!E=u{pXFx zv$^pph*ryTPqkWB8RdoZUZ;>YxwEAD5Is=%xrP)?;MZFLGL%4aCO7t*pE%o3g*Y?)o5rO2Om&q+hR!3$3iV3UjBu^o2)kgTjL*7_w^)xIw2L8(DBlhYpNI?LcPzU2y1xb8()r`Jh{G5q7+WN?!Czo9*vOisad;-1BC{rPdJXpyhsndung z^|F|D=-61)^h78+BIR{lW&<-P00+?!HxwC75kc%#%PNp+{cK!%>}(DghOvR(LSC?r znvs$xOQjLC%tt{|;XGfQWdfJ8qF2U+UXj$KgMHa*PRN&mB1!*DbOgLqq)f(J%h!%# zUn}m!7ROVz0j-&~2kR+7LY!E>nBI&8nmgf{MzXXP@_0btoXXshMaZ12ju6D(y&3+% z7L#j*fShe>m|z?FcU@iCc{$g)yM$eO8jaa=ur4(N5|f_jV1y<-Q8!N(2DLH?ILqJC zIzJkVGT=4)ic1y74~aQUYV5tjL?@`6@T--O>F<5Y(5dSw%RiP4&K2w*D%w?cYjSa}c*m9DV?YQU zH;&_Ox6H4?2LM44m zmD66@>1tmqPHSEiBwvEQ)(>cscgsV;Hka#u7CqR2B_ELUIaRin0hSB2R0ZgWUEIK> ztDiw*>tcTt`4SY>Ki0Oc4f?=Y>LuOKE27m#-Db6<~4D z)LN20?^<{n%q8Pp+(p#loQ^8i_u$jvgVb7JxTUx6f|yzOc7mt%Wf8~tl=pft+uLGT~Gw(@)NJ}S|r$pu?@gf)mmVcE#7p#Y9j`>ig<-ehhcq{Q$gwtZw_pt^M5 z1J$MVQ4eBy&U(#3koEmTOcyM(j*Eia9FuP2KvoH`@~CrGv2`qXa+N_3dcB%Naxw>; zySU$G%tWr1Fb03B?B2*Yol9Ic<9_-H8 zyWP3${cnT*=4Y_Lh;ygI&kOBiXLLmz&rf98z$l-Gl~tg`%=6kxuy5|ADuSd?sm4U9VX_t6h}>8JtCvK z%y;m$v+^w)udbD>hvM$`Yo*(63RfkrCr)!V%I|y@W4|FSR<`|2g!o30%FjT= z@oRYqug-;i-pLOxwqMDD-^_W;SuoHQ z4gy<>qe7+*N3~`jQ~=`Ol~)`?Pvdly_mkZ&VSPl#Fqew`<~f0QzZ;RBjy)T3XCkE( z)Ol&sg6@~=^klmOGMuJxHM6Av~I1!|46p z>BoxRx6QYGBR;Eq!bT4U(B<9gZ7US|N|&c~3$(iRq|&R2UU395Is0p`y5^RX&i` zrz-I}7xG%{1vd2RycciEi|3vWx4V{nPD;R8nz#(|*2!j4?)c_E2)LS%xJj9ZDIc)H ze_?3_!FqfL?izZdWiOJ;d+eSL=ZBKM)s@W0C2Vi1VW5!N6l>dub))KHnPYUv{CxpS zq!)UvN+;U&doy1>%(v%fKhBfJtHYq^ZQNf#{*;18=qt@@#S^0Yyg75Qrwix6a(lJr ze}B0J711JAi^^wl3hUwgJ^thK?7qSi@kN#;H`@7xx=*X}out@$sf3*L_RQc&=$dcwTfNAR7GkrOjWm(m`^ zE@fgBnSVD*pzWvJgm|cmuNX4NPh(><5tDK0b{aT31Zu zAS=BvUWy$rRlxY))0ORsYz-}xeU$`@ijJnHSdhgre3F!&Sy){{sG40^B81venv%+U zS=Oq&4OcBweMa6Y5q>~dMex;|P1mm#@7Y6#DPXzI0N>b+qu2kw!WB(j$PyD`uIods ze{_ExG|HD^H<6dwRgb;F54)<~Bim)TPMSJ!iSj79A$w;I5{xxbyB3{~6?1~&C3%Jmms>S9eDdE86{;G3nge2*BZ?{;~aZ$Oyou( zhXFJ7nK*+{*9M^|Fxyv$FP$f+qxmFBckC6N3_mz>@|F;K($*h_ru8Zbm78%-bItL@ z$(AC2pe1m@wSMuY!=JTPeaV0FnmW98;NjjQd`w&-Db5XbB@&61GY+P({fJB|yd zZjHNcTS3Fib!n4F0%YiawQ7p6yn<#le3h?$F=9I_Wr&>Z_z&M~kf4khZ#(!tjLXADG;R2|EGAbf}?Ye*;m zQlcrOWK+{>UL+-N&|0Gx@P)C1_6Ij+?Mhfr3@pR-ZQQ z85BS-FIXpwKvDR(SvnH6V&jB1cCakxyc>r+!^H#CA(q7~Iky`|WkcQd9)sQLTSeYH z*~9}+q}i0ErUyy+bMjRww785!c{04;c32l_W9pdnJK;JXf-NjPjq)SLf#7+dj)i<0 zsEoF4s;1pIh$@3>KL*hQ`qKQ1eHk%kgUw>1wv#VFsMGvWjV-f!Yz!&Fc90F1-9RCH zhHakzm>W(*Pm(y~zu#};XO+~wS=&E3I#?{q&N4Q{sy;1egH45lFMs?&PO%kyzw}qw ziF@8)E=cr6$#$_<4#}2STx6B?6H-3H!7OJSeB(qN?zJ<&x$c92S}6tzS`Y!2>H>L? zMTGiCM&SH<@`t23c7cq%?C2*+pF`yK z5Lx<|(A(0W!;kg%zw66--cx>l`mor7eFbjnTb;T@B6%RpRg}ZbP2z0;lQjpDVq0K* zOt@e5C~Dk%T6Q_Ubls6v&h?~nC~N%VsK&T+Wo5^tIX*$;-`DE-Qqc}ro}Lhsk?o@Z zCbjuO(VH_o%6o67BXhkwK_O(sQm86Y*Z0=AbIKtxVJ%z_FBMPLs*kHmA_asNV8Qf| z%{1XD=}c&uE-W;ZbXa{7l^sNHDO}lAqI~<-cy8)*^-uKN5lR5G4S3!jA)A7Nd8+R6 z`#1z>A9pWA4`^SiSYeSIvGm`O(uylNI-(r6^}%dlTu4)#dv~GYh(Goi51l`HF0)2@#5E$xv~Zr5Z1#@wZU9HoD&;La52yY|+0 ztWVz?>seW^na+3owUi$zKA#22Y5GxfeqNJ{BgDR-T-USM4~M!~u7kXH38Cd8-Z`U` z55Oet1@3K3GZDhtXNHHvZA3kNpmcmq_*Un8ZUc4(Hw?A~kbi)zea-jVrpr|_FctVL6PD7q<5zi~hk#o#TF*aKq(yE<$CU?b4b?zxzAK1dt*0`c7>ixA(aFoj6q*orIP zP}d*9=w}DpVEUd-(N|y6cIV^?VN(iJd<%C&HRdXXy$n_p&YF?p1i2xeGbI_lyV>Et zH$U9IPDqdsoRPGzdahP_Yh1wmTja}U(5`~U$UQSAnzUGe5?@|g^H~C@IsZ@^y?(@r z;n_+7!pKBtRd9@?`S@r~Gk7>5`EeBKTn{IlMy|pBqz*TPa-A!5lccV90P@E zDP$Dj@41s)f!Yv|sJEdiw7f0hCV@_(Bv<1H8EsqNK}>EK5$h#rGJk!U+}^ z1ms2x^JYLhVgi7LyQJB&>aFqg2C)?w1W%Q}utINz2iDuqSuzFj?o7}0H)x$jM;ePD zEN#q)=dCWiF%+X=44<;PG#$Iw|a zcRCb{H!+!uH zB70B9fi5ir?4=Vn5#k|5k_5)iqjoQcVGZGV`o_`@CW|sNKTPBo4zfE4FSAOS9;&zj zF0=%@TK=&wKkdoC9Cnj0H;4XH3-BN0R~=?-sft#0HipENkt*tcb1Th8>8|xv3T!VW zv_O6LvIWXP<}I(lhW9LmWDOKF;XCi+sI`anoZPfDvwpjJP$~HaSys4n7Xa*XM zK2TFoLg@GT18sgY?QMCgcW7n8P74HE>y23t>-J%0eycAZpc2V|+Le|M)JS{{9X0K+ zt91YK38FJ9-e_UxN>xBOk98|Pu!@cOZxN98Dzkc9sdH_(HaS?YpF$Iv5=E3YaKLlz^ zh95)?-rhZA+qL0|+tP&~JL29Lls$kyQLlVWGcf_omP9!wN=Ck;Up}xXN>fw{8`?1x zXa$tSZ)7v>tRWIM3boQc!|{li4>m4&^xY&~Q54D1#==(z!B8wJWigWQJg(?{R{+~X z;e#8whg-T6>DgIIOkV4x#!7=eE9?8~6;;SR-kcci)a%GsA6G0spf(|;__5cI&&0S; zAZ)VC-B0#(U7x-#C%B9R^6BVNE>nk5@~Oz5z-eS7n-frqt!>wblI;$Ttc1E-&iRj( z?I%>o5vMP|U5JK(v8<_~e9grDkZ$(NW_SDr*CAN-Q4J*|npvWjaEw{oB>f~5yqd$8TezoO>fB- zIN9IvZa=o?_*F*@yH?2htnl3G<0${_uSx_fb1iOC+fnQe*y?=fD@zKRbv(4`7qDoz z=>w>6g`WPn(z^~Fm6Gf?kA{Avv4~$+4Ie~Ae2n`_wf-;O-ZL!9t=Se`wx|S^B%mTe zK|nH+l+d&yf{FwIQF2f~qT~$rQW43D_mpNxujT$woD&7mc*|8T{<4MS{p4xGJ0=<$am|~)xkIuSfxiICgLzGG5 z40(3Ab{0xaI{qMdGw~<0H&HKv4tzNLiJ{z_HoEN}UFHvSH@TUkTRs zza@wj?V1Z9FJx@m*@~$Tt=;xDt~!SqVL~Lq_y1fz9Q3}*jA_m%zyJ8de9yU@ht}Er zi>wnVzgFNoECX{jiB)fanEsp4@||ap_?=UYA=o(LFUlh!_NAj^GXNQfJ>8rKa!p(U zlEr;6%ZSj%DoN~|QXU|+ybp^iP@9U~AnGI(;ijtbpV~@B&-t2#BGVMg zTAsI`B{Dq^LL1m|!SDnQ6U`lw`<)*NEJ4=#k$891LCA;?Kf#4)AU?mdNSIJQ|Bc#6;GDU?#b#iA z(5I)l2vN)ymal40$x#m2;2Scq?j|Bnh8g3W5nw@k+G)ZhfS7F}gulrdt9tp5X08Fz z%x#j|MJL0jNC?Ns#4{rG4O~Ve7O(+RQH&^o4Cnxghiq#nlP70!q~WB9ogA%Eg;Ur2 z&{n&@uqDV1ZPLYi!u&J9vr*0oItZSHO`e3pv*)S)Q)21X6NE@CK_`7aGT_b~C>2I8 zEOjWv3&OD&4-7^Izy;YECEg(rdW*k`s&qHBMTpSrN10ByLILVi(@UC31uh~nE=bXH zcP!b1-aRRQHQLcJpa41GOosyxj&Zc6%7)byuh=Vk0WzG#+=V4x-M%E*R))cx>vtf8^t(w85I4xspZUEvQS zb&8ZYu&0e?t$HF2P;F??EO~T7$weJ>EreQKBgQ*lyG)Ot>Xv#bUEf;!p8~qMHN6u` z_u;Za7&7aKPeA$o#Pz8WA4Hh-g*l&4Yk}XWjP%g~bV2l%Igb8&g0)z&tmxV_AB+qV zm>vZ6F}Ga@eCgklb@L8{$k#A{oInpb=?bv75tw90IFVqNW3qA$5#0Krkn^9aSb zOG!=V)BQ2y$h)z8fBKwK5g=b^ZKXnx@7iA>ghIYBAM^9L89rTIv=*c!2H%R5+rQ^u zOuBtWI~JvOHJ%M}N3)A27F1u9tA@T%epe0wC6rD>j;YUoyN3AhlRc9{M3w~r;`;<& z{ZG83jG{VAk^+U%(ClSM+p>WK8b0vnNT6b}=u#))J*l}X{-%5czZjWd+{K-&fjMjD z1E_771U4YWu1Lu|uYSO_x*IdH0&mBiU~AQ|v_vgBMXzD%VX2*PlEO)bRy$DxL_o(A zgc-VP8Ad2PtVVgseaB|YpxLX)ZrnFqAQh^; zpHJ%J)FQIcAlQ(PMg$x2)PQl=I|d_O1IBrS46OP0&+)$-=V6c$d#kpOaksf&qk5%x zL~#9ec*u2ur|$doow)J@^9;z$KlqM$NDyD+kz*vSRqh~Zbo)1Gn@@qr+T^!9A2o9j znAND8WX$#W<8V3*Ng4Hbfea~pH=+ISPUr3Eum7i7fPYtyjlYYkZ`JbCEh{^lrCmu0 z5_De(7JlWo!kshGsAe`mJeOVyTzHL11q^n_Us~Wi;(E8GE)GTM)c>nG$EeHORA7(ZXmF*DF);nXqWf=i%Dn8G4Z#-;QNVY zPNQh3K8SJ($!DH`K@4RScV7?+oq~ngAPT8Q`q8dTO@aT^)unxlMH8z+^~U;qecA=o zb1?Yl3u0v`aE4s`*LVn};jJZh8=^Pb`L;1Vzb?pj4eaYWi6GzM{!}86>&izXa@~$= zKxH+==U>)?G~!^=;yD7LFQtcAY4(;{KAoYU{31PE4G1xR&c9W&yl+Lsi3koaCUg*E z3&1a1BseI)gL9!~i2g_*zlbcLZEn_5?ckS!&q4M63i8i6uuA(U-RKDj35ww#GrN`o=iw` zx+tm^aA|FkSiTq>O*)LdBh-`OA)S_TVe?p?OqzakK9^k<6yILQPYsNw>ab(t|Fn`A za}Ko$BSt55reI{Sn6V9_#Dtki*OHRuQM)k7BZu$rKUWK_q(+(y*OsT^9_&__&%S{d zJU?>fJg@ zcKx-#n5Yj)e;K~cGAr>wR;2;^Om^T~7Dep|W!FL8Raw=^qmH`JClxL#4DjZqYL-0o zc(5~v_pCx3&xL@QYY>|q1#qI|wpJx!(8LoA+kEfaV0@gFWy4PCKVrH=r%*(k=ioff zJ?%J*6@k04sButxjob~aog~!V+$BQVg)2SN|6fwN!qMN_DCqf=*D83K@&dCC)%%53 zx#uwm-n;KvNGScK1#OS@$hEB>Gm5#Ib2^tKJ%G0tQ6CXQ5&0nEcc>bWs49Z{ACk9! zlMUB{02~69&)?kB+uRw$>&}@sbCwymFRks2LBFE}ZzAQ%Ki+2eh|Ij-QDSG!5|Z3< z5Yw$PYKA&Ur-58J4vP6J)_<(f1Tv|v^7_&BO7ljsN-MnIS{DD}X^%r1S;2rd#cpe6 z6D>f`{erdKO?!kkax4%d6m4|QpmE4BXQPpSaWkyRZ%(4*4J@3dLFBRc17?Ak17O1k zQUWsGz$3ZouOdhw8?M@==_#8qDVrZ!nT})B662~^{z3(rQU{`=JLZ)kgSre11hn;J zAq)hU=$&JP%9P4canoojPY+L7FMQj_`}n15kQPEU2k|Dn!CmawEr8lv+%c-R0ULC} z#xVjB^_ho6X2huYJlg&r9i4`&Nh}5?WKi!-$Y?78u_d&mr9mmBtZ%UsCTZ?n&PZi% z@gjS9nxNE3pu;oPpf=Jz$9y7_D^$cphy4Uj()Wi%tn0HiJoqXscq8pjL)^uXn~AT} zE-9Q(O?nUvkG-R$KjSRqB}JFqIYJ>N=lJQKk0Y62xXnm zPuwe&v2kzsWuPi98Zf4SGUFSZA_~ zL1)&T`SzVYfyUXm6M<5f&d;&TC_cfEfQ5#|-^h}KiP^a8pH7d$I6%nCi$aSi2$W&9 z(O`we18T(S#XdJNm3!K7dp@>NN9TI|g(ZS-VQ+hIo+>5xNwKoAQoou4yxDP$H0FQD zUi|l+yplVXypSotQIs)-W~1j|uvw)C_{aHTpeC(AyqEz8a#vtV1w;7k3sbgi!pH)%EXAx3p&zsy)>`i6Zt$=e%r@^NsJ__-r;_!o;3BOw;cLnJW$`i&Tc-LC^0_N7f>4Js^HahB zy%f@jAdth>9x1=woCCn?v%ywpE}6krN-3$U6demD{tVb*V>^2xs}k!0+XT76$6w(?EaG0cy^Ro*Dn#S@jB*R!je0;FCm4Uud3<2?BB$3{b1eb&KrJ*aY7Gn( zox;9@Tw7+w&y_|7zC~H=2P1(_#u)pNC~|j(JhX-w=EqbX?x%)P`+B3MtLpYd3l#jK z3rhLMAqWmkjWQ*WqO1@GiOs_N>mX#-gsNDk0%{om=%n$ZWK*QY$w*g?K&e3m)J6vq zz%*#UG*ay}Vu&W$^(;GDzbSMg_2lM?Gy$2VUX1qP~su;y)GYyH-#)w;G%2P;4B zhHkTuj*gqsk!{qLd!{7Gl=!wxu=GpS87xJQxV=r5`&^gORvpLZVCl^nXrt zqfFM%{cA1&!IItvQoHkQTQApD3|HPO;OiG`W(!TOf29SOs&F9^|+F<|pS#S@E* zp}G%j4?A3vB;_B<6j{02LNLexi<-*qAK#oTmS=nHf2lT4$_BRjhjw+XHGhrCmnu9G zIVbKQGBn(=l^;sp%*ceWFgyLXnCd#GM9s{+1}}4LEYDC+NEP>`R$>+vUUI__0cv>U zvCzT!N7%&IG{0`fJBzmjlO@-_&vC5Z^>CN=J1KI>V_~}%U#X+Xl+34<+G|g1Qei&y z{+`fg#o8QS=F2Fa%!u+sk;ZI`po7tcp(fKez%8f&isdwN-&u@AF zAk?jG^02zr;h{6O$$l@zj~w$0yKBDtIa9K2YrcW3y<&Jms@tjn1{3n+OC4ttyR?II z^))^4YtG6t05>*qF@j8}wdNt@sk)G^^}y@~=5$D5)tWXsz=tMxSuYbLt;c*sX&)1^ zIEqh&bLxSO8O9FmHc2jJb z&SdDqE9m31gE~bI_1Qmm-1lK`#jBlJ_+;ndm-otN+IWm+u(-{D82?pKVaMK&k{yUs z8kO2LRnsbMx9OjQ`S=l?u;-%U3Y>28pF7>tG$!bu0a)wx$z{!GV}+Baq&y6Cwz_q* z0~FEa%fl4|6j)pXTKPG3N)$xj66HQ`%tc6bE@s{}5d~t-k-Ej0Fvug`9JPE@NXliy zAY;(_C+*){-Ij<|;k#RTd=#?>y+bs~>l$ps44b^q;(;B?&)=Q!KNj2K7udxm z26I}bU;a7o;Bq)J@RYz3SAbPUFLl%kW1zm{aUWyaR__aAUiD9QwoRuZ1LJ(VyQc$u z!?Nus`Cwr9IWl63U$CDbhyCiGGp56lt0&SFkoN!$om=!bbb)M24*H&tC2=Nz8+q7 zAc=*NHT;Oi>cawIYM50MFwB6#e>i(s-6_a(cTCpc*9i7`WilBRvyv7B;o2GhC`yhr zpw2p4iqw@MFwiAZ&l0F3!G^ZSbJ~1sGA8qK+_&7BBgcQy?f!0Mn(Ae%V8bvw!{;1V$crw3p)xG z3SN)Efgnsf@EY&zYutU1EjT6&)=UKX6lPeIl+HBmV{ruCf`1lku|2ww6fXG4u2lpN zHIWAR8igH_znFu7%ljgads+jR#NPFIoG{V550%`a8xU7sP!U8-T{pnsx!$yOb*MR! zn1Uk=oU+YwqXo%{D^&v=SLp`cg7a(k9bj-IkTBvhaYnB->rn3psTVP&l@Et2+(&gK zOZn@D1oJkd)?Pz3Iu4oDb%L1U3#Xpt1Dag4Fc?#+y;eD4!UXd&tzP~ z*8`d2=)czoa@V+Pfe;S%0la!y@}*Og}!mxxUAdwDtdy68{&7vPIS;f3XG zWNM(6A={sPYZAx_4UpM3j-3P&M(teF+s(5mse2B z9;f3AXF4!&cxjGK`UrWGg(p(Vj@O1T>Ik{mAHk%oFgQ<=es{@I7J7n681!-5o7)0S z5;soBP&5D2Qf86)nfNE0p5@Q$W@CFTWpXSb1ajaNH}vM(1@WzOmg(Dz87~t|^>OZ- zD+l0qurL9JEz8`D<~p+|Ky@hkt6u}MNal1Zlr;$v+UD(1t{_g;tz50=Uu5F7@l zi*V&3B34D3$?`YT#Zb<~;q=ZaeYr?8S$fCqe8Px!u~L*h?rU~im8*r_J4P+<+wr3d zYzTKKcNIQ_%Hl37wgmVy`|-T{hY%gvht!+r{$17We^aRZH-}kzJjN&N?sUo(q1%iM zQcm*W#p;0V#egyR{yYCBNyjaqb;91ery=@~v=}wQw5+mneHa@_1!@44JH;w>HLFZ9 z!5Pm#lTgU1z;Q&ns|#ae;a()$7cEHPUQ~X4JWUWSDDx@oOf&mfh?=JN8CPuW^SO z-``nkrY3R8T}xv11OMXd!j5Gqp}vIxz=+z2hUE{q>wn)?w_$@A8d1c}Mi`5!rRpi0 zyH>WN56%^#8=*kK-F0XXnLk>N^j*@mG2Dp%37^tH|7)WdVo_^M&w+nqf&UjjVrKeR zS)fBimw$1{$pN;fxxJsc`2^P1fS4)MaQ0UGDwL6i=CJf9kivh?=9t6(#V`CferCk% zkjU(1MysqDVnN+YQx$71qo>{@PJBcV;q73H{2$@%Zt~5y&l=)OL40S=9Vv{Cy)RL| zBzyt+@MWadr+C|yQVz<>atWx(qKi#4Po1 z;-9<#krbw%yhi42IUm%HBgjihrj>5tY)p`60s=h^Sc=&ENk(@l#I zteAN4Ci7Ip128VAm{9wtNLfD^EPlF|pAXi%{#0eOeUqK$mqQk8yTaN)9Ojjc8+eU* z1$J}JzFOOd1F)L6wlzCJ-iX|tk?q^f_)i7W`F%`rQs+aPVSV;bX(gBeAqg!i15kdZ zkW&B$n>9|_0$(D*59fpFmR>CRyj9!U2^I@M_7lw|&psK8xsn*(CxJ7ufxB34bKs4K)ZUdkGd7{2rmF zIxTAn!g^qoi4YAuXyNl5VyvWuBpD+mD>&3`5#8Y%Wd7K1&6K}T$LRP)PbQrZifc60E{niDaML1>|9Xf!@^Lu#vUs?d75@?hxav8Vvrs5K-^BGQ$H;NdiaVp5O_=T*9FuuAI11T!R ze6q;1;qs`pYGgFr&Xr;;XpQ9qLwa!THp>_e9unw;8@y zeP=*YEk@FASO`>H>weYl8irz>bA_QY2+%X$Bs=H=+%#Y=+Sw@dvie^l>V44DAV$?(#@b zUPknvx{9Tga!~G*d)sI_{SrLMFR(YD&^Ck*G~5A0QjoCoGd zwLAQgcghR_62|QOkq&_`+_12788IptZ*z6PSr#D8`<%~Bg3=qvJsksW+5odjJw-|o zoXlGz&hvX~BR=%KAq>NDZoVOTMjzKd_AAv_;K6(qm{*N}qk5u*J)8^l4E_C*tM{%9 zaCxNeJ>aOG+ctwGb0#tQWS%PYRen z=7C+AlG3h4>8*(WhdMsAL-Nc@pvEDe{5mX6^OFlOpRR5xVY2-jL@ioHRD9V3l!yYu zwXeDVK_va?rA$wyu98hz6ALs1S z9|gb4830a;X3q{$8UP&C>}1X~WR}W?OP~M#e+Rt6n`|HSS96@q28a4GcSnC8G5A_U zc|N_$eh&~M6AsHs{?rAXeLTHXyH?w;2{Ud(olJk^-TNklJ&st4Dl)O-P-F@b>KH9B zAxCG6_SV>IH)@3w?5ptndmgLo~6)Vy_B$<*FrC5R> zUiSe_kw@-%kCncSqWOl-wOsbOz(=ct!S-ZRdro%*Y=~@#xtm1^1C44=Zd)f_MOZvl zaV^3yG7GdlMXOF_#YT$qC*2*l#vO4J?$O(OpF#&|+$ySsh2)JE=-r@XB;^Rfv6xzX z|DOqBmOiZWfmRkiEXlkzxwnk!{*G9s{cSo6b%6sYdw_Ua>~j4Sa&iF0p-pZk6r7x8 z&iYkwYb4CGhw4Z`oG+6kTGZ(F8MSPSnY{+{L&&VP4_-ybu~Z=SIdAfs zYb6a%MQ7ac5njoC?U% z{05*tF>&3@5b=Hc?(sPytE9GU9%@y#Q|;ng8U3#u+@zavncX{;KW@a#DIfi`ZH?g% zeL%-Qmm9VIH)awJVUiEC9RogfPX0?JVUX-YA|kcBNg<@rqX~A?=2O}+kjglObmYW#5qp2l;#%fYlEWUNsBxB;JRrnv%V4F(t!%Sd*Dil4iP-KZxsA< z-+$$Dl60tm+AcY%JPoPf`e>_B6XfMXvt#^CXm&h+dPE$)`e^BX2&8n-HmdSnM-6Ek zt<6d!On;!;Xf5GNEWMF~Lx}JJoUfvLGnrCGN{`1Gn0;CQHVekx`JMsbz6DNI6Q@p(}~a) zpWfi>onx0=k>82A0+5I9J!RIF_-kM{FC)j(%8{AP>OBlVCKKQV`%|s`=9(I9s^!vk z9r#i@=NDJ@p-5TXdM}L;k^|ojb1tM|Aq(#M^T^aUT8QudY`Rx1+xH{l@Ttm@P99wr zb{*|ojw;l8)K;~FANY13o=?g{RL+)YGh^V`$0p!2!u9&;j)H)1sq1)#5Xp)o3f z`mv>7OY8T}y^Ytd<}d#1zqb$nhk|mr*iOd$(HysCQ)CwflUud5*4~S_iI7&03@v=C zE|Fdmt)uMjP&*4I!`Wv-y$`?kzxv7ftEj+?z7uqOo+%R3&DobEj^CHqe9nk>MO;|; zJ9wYTCSz}I>rowwrVsYE`h5Yu#_eX_jaLNu8h%>T-<fF87Z%y%+Z(o5vB^cLW<6g|jQF?wkvmqe2^s5vc8{!0r`-yz-(;fY;iz=beJ zHH)frwX+yl|I*jfH*`58-zZ+c})(Usy;Wx~q}gUplPm)Zn#P zL=29-0Xc@mqa|84{)cc-Dh2kWam)bmsEI6K?lb|8>ZBBwwP{Pe(%D3w&gpx@3ld=_ z73E;?`g)@fGZmxrLx@#NMdDCZ5s;#cjs|2DDPjjEu6O2lc-7s*#IK)x8W}(kLu9)y}xf&sd;vV2ieS!UtU$lqRf7sHS5af$TD@DN`THGSK-a_Ka@n}qg7 zZUW#NB4YWps^YLAO3nV#x_qzu-%pP|wYp@f)y;o-?`U9F$!N~95It6d;<07N)vy_B zA#g#m2^04T@`%HQu*qE(zHvI9!_P8y1Jo-yR?K41XU*>KwR&6!CA-s-ml3m)8LGu! zW2$I7Kowq%T&*7g;JRK9>fphH)r@A$*jJ=m8(HiIwbkje8$D=$shtlp){_E9roZPh zp5v#&s&Wdy{!vH8Jdez!_!nem*^bYv^XJD$C6kba8R{ec#|cGTk#?g81j1^ zOBs>gkRO_-2(Tx(idX+n(wx$dr?&JRrTqJS2I4_|B{5Xeqy}6NwJJF#%o;!Iq@y=96 zLv3vo{{H^su2w&A4Oxe!+qukMq@7hd1y;b7K%U0TA3_9yFICet<|tfJ@LS8<`|mSU zRQ0+k7Vo5P*-_A?3Pc8)rZmZD|NlH{?jWKFcJ&2&{x4;j znVDxE?6gr&8P;wq)_-O14y%8EvDaAI@q4eF@x=yqYOTz1h*$ibM2Fw0a$nEsU;>*H zP@3km((B!^9s4CsSNrjNZsRAMpivXYizxQDxQ3XmTyNH%GPjkT;cOL)iOKW)I&gXQ zx4O!R($oPVmzU?~=D@%)v`B!_{?9X0%17PsULP6k?4;>0vxQ<8aJwd^olh%*bnuc;a)i9g?xEi)OX@!h~*E!WvRs9xXG%d50^!1=551?%(kx0zjkH+F&L+;9$b?u zXUNm0VAsZ#m7>X{7o$7%UDr56UbybJ>B%><&yAc_*I7%)TQ!? za~LU@alVLb4Hsbf*lT{dMrez+zds+EBEWwD~SO`$X|o?VmQ!Pq%+S%ve4PqpPd9v}`BK z8y27*_xN$y&kr)~0|RFkam~Kqw~vd^nWBp&Ke{|bhJt2zqoDpr|W2yQMB9e<$;YdM~CeD?=%|aAHhhJ5>bhF zmX_>fa(d|a&<~WO*B729q^4fLwZzaLJ9g|9Y(8-04B;H+Mdc&ol|xId=7?6{_;ai* zW7Ci!qWRy=#0d~`xUrx37iVW@d-5Ks?7z02KL_!C;j!|_NM~Cn=wy3zCzccn2S63R2mDTHt zj>dT{v9!jOxRh}5-1E5BI3_sttIg$tMCY#Z=X8UyzXGn}I;W9aCX%4%2lVg%{sim< z#mS>cM9k5z_Ub9H(A?_gd(FRSp`2pnEzefJmxyr6#owFujm={1C_6u7je8|vSm$@| zgWi>n&dw0&=I_7l-rq@Gm^lY{6t;Y3j;-9%TLM4RP9OQU1Zkyr^qkrMe5UFH5q##) zo1dFRE&7nShcEZ_phsTG^Ns8JxavDXNYRy=Z{9p*z2)9TPouJ#C6+z!*w=S@-L2w` zX)HW%84}^RwV`{~HVEO6RoO`*F9V25bviPV9p+Q7Uo+M8-S;De6)pK9=&7t}cR|$M>==u4cM7_r+B>@;r=f z_RVI*s}zU!^JA6C;GNty`I{4|C5|5}klgvT1hF3 zdWx@B*6ee})jeV><*$F)$y97)l2t(lz4KqfGS_N3`nmbG6I=FU-ijYq^|3mp*JXGQ^>)mzPA1|BCL<2BXz_=wE zQkz%JMl66*gtD6oQce93lp>Jwo4Df%kW7ao&3zM~@POt-lka~CH#`z`BYa&ietoht zeQfqcY``LKF%Ri;uP;9rRBTn!_UN~dn4D};7Z6_7VkH#d@eZJoGm6q%d2%V*QnX&>RSp(A2~Y8{%%x14c-oT zGvT)+#2wLa$~X!GY*f-J)&smGPyO(bl$UnE_N(tt}kI9x6p~>=+N_?#?#smDIA$?#vEp5Sa#1^S(B*GW5qCtwL3fE+R!yY4%O^9-9t$)V($Hq5mxX_PDLfHwY=HunJp!?v$wxCmEq;o|40_` z(*|7`_mw$LoQrA>J=m<0dV(LN2GiV&Of}66iRu8V3Rvc`Wl=$NQTry>zu)u|q?uaS zPngB#DABNk&6R7-T>pea%OaJNvIx_qf{D-07T<6w8LOTsW2NQ3N3l538o05s@nzfw z)trpkeRD|+tS@14Q3xt!KrI?{&p5Lp)Z)8``_FS?IVs?HeQOOev`a;1%XVL`H6#|w zYP+kv7wqNiiP>AQTNRH6zU2I30(s&N1ly3Rh5($n}(>V z@-y=VP-AQ(11Ci_sMV346V6BPE%u$_qc|CWp@P+Bkj3MdzAM%X7fPHI9axbQ61we6 z{HdT?;7p)^{d27|?mZp?<%wrwb#gB=y130aaSJ9+m_JGj?7IBjpn1b0CpX>r=9~YrnDBPEjh5&qzJ$L|B4_9>i_$Uhh^D{Z zN%|$j--quI7Ttf3NJ@S3sL$1T+P&yj7$aIEr|#TXisUIy#;kWl%^|pcLdxwmQvEw zea%Ja8`fFc%931e5YhMN5?_dF)P7HxUCzDqB4)G|xyXdu6L zQFLcE!MOfV*dVR?fRiHYkGbvIZ$%;f-&C2H+&0rkYhUo3(nz?+S?gaYd1gY_#jN&l z6qyiHq59_<8rC+YI6n2@E!(F#B`zfnbs4|y@de+H`_}r>)gzc2wTHPEbN&`ltVK|F zQ7DHurWQ~)XN3%D^aF4(!2^Fa5+KOSAr1zCf<@MbTZ@ia0a-&>juVsh`F`;Kr!1YB zEsLkxzdZORkePZmK;nUN*}|Ii=%@Own(hi)86fw@G-S^!c&z-czi#6>dQ0kMbH9V1 z>&v+HFZXlIce{$#`ozbEUc_Bk9i4wjHs+tq$WU2iDx>B6y?jikx`G=DWV#&^f;2?O zB_CgjwqAIJf6cNooHwbrL>k&v9sMcV7VTJa<0UY?0^Q;c{aApOSi ztMTh8CX!k|0D^LrUHQtQgavaVHTQYVc@yX-nS5!1eMQcDwS_u$J^nVgsjkc%=SAGw zs3>2c+{C%Cbo%b+M-Ddg6-^fujn=t3XijBjOQKs`mId(7JvSdp;G62KGZU!TJzIPE z0>3MWo!c3mtDw^!EFaStjgDx>hbUHZLCS+)3uMwQ?AORO5~}T*5od9h<-`Lzc&V-Y z-Gu1$u}|0k@UIsDEX{$uDf;4VFOe#+M5pOrDgki zOpYje4QFVuv$Z}hP9oGgu?UX;JErw+8DIq;t5+xzRRrIRYP^dlMb_f!A5-2F-0Z85 z#o|xMeNKa*aP)Ab=gu&%uerAVorBHf;*YPmO|}l79Nt`Swyw4y4=LRJR9MM*7hQ~I zbh5LLUhEqi`|{9tls#;#;7m=77T;xqU8m;8KyM%<4aY)Pihc*kjwbapF}^di%(7XV zGf%NN-JPz)_6{YEBWU(3>+~Xp^?{!Dw5+a3s5a z@9vCb_RDO~-N~XUZ1Pvv^$ErD+%u6eM4{}$QVTUDMfjB$jcgFecCwA!yKV(fKo8ivK}kzI7GhL|4PK6)yky5H6U0xng0aaqLHZcPNwFYLtSHimt=GV#gaPYZ<4SttUxd z)Ka&a`|<5;)>fwplEm-!2gWkwCW+Qs&1#*R63Gu)?H4n4aa%E?yKbess}#R39hk}E zdVcEsn6BNg*Kj_5fu6tFA4<_-Q<;OdGTBzM)E68*hO#YBZIo(!99h+$Xn0XshHF`n z{Kf^NzJWz0k6U~lF6HR~TcoZ_OFzXdzPfr^Y8+8b6o+02uX+!`j;;IF9){fJF_dvz3+wF#3Ats1te4zoGeVK5e`)n^dM{$ymMBWy zH6|;6-|TWO5BnKy={WYcec2K_L2GMLvFgVUG94B2G+oB6ZLDVdWLk(f8ct0u;Gb8b z*=>5w-9{TL$*a&NmCpFJv}4jghHi|kR&G^#QjtrPu?>L6YFv%pUbr;# zo@JD8XV$g7b5N7fX0q{k;A)Jm&DO6`&C$N$0jZ@P*C895Xot}s_;D+3u@fBVlP0mx zJa)G$cg}TL4D6I;H=RAw6c|{(>StokQPbz&KNdN@TF>K{=@&b+GZ=g8bK|gM3)g5| zh5ZeQt(uaBxz|C92+;X8#drL9NNe=aiB#{NkL8BH)(gvL6Y+H_fxO+p&!XA87dzK~ zIL4l4XUyfUaG4#)S0z-E2U(e>_y)Ah4#p~)t`{=;{J-ec>QmzQ6)POtlX z#4!OV-~C=#}z-fNNtCZIgrh{*VF6JCdb%0ZH*6mN^NZVN{sTsek`({g zYv+dJl48g$St;llLNy1s&4=PP)_#V0P}Saf^eYEfSF#pXxgA_IGh06<)mmAxwXUbM z)|yo$$y>fNt6zSU=k_wbM7^9tXZc(8*SBBA9USUq)U&;HcUL~Wo!H$mw0b!kTk-LC zR=1|Et6SNRHwj~{=*<`oT2I~nEJFneT>RRiW4YMQSlQIqe6(&1NGmJW$(g)MnOs~7 z=hq}fFBY|C$GAEV6fUg3onSxXuD4ZNs^~knwNzK+T+343S9yhqO=aZg*zo}J?e+_$ zA@hx9vwlAr%h21ea!1<^;&!h@OzbRq-K#Jd_x?&}fIr5%;@d9u&2q{*Pv1LsFq{^ez8_ta5wvR?Oo2P%C%5;@I2zuDadz z*$~h9FY4&+7Mm}d!@E;_Un^a+;^%&pG2AfO;tG^v9a@_-JV$bQw^og7RK0spZAH!$ zY?39`&1ki46)~le#7ukxUmR0ZK|xs9jnBUo(JLcPc>P-j%2Q2WCURfhNFLj)yvNu* zykRc4VcY3kHCl{!+})nGnRlbY>}qw}N_vjGE*_s>XWCg1wI1XlKWf}xM-i@yb*%jT z{?gb_7RPk`A}mgwuTrXIvy+DbyuwWZdO>MTR!J^kKd~91FHFj zX7`ZKkYJlcRCA4|2mYY-#6iXDR3#M?%eA}f1z#TK;!{1*m0RiUumYxKaNr(Y+-|z< zyVM+B^g`jVznvJv@QyB%cRqb#eK~n{U;1)l_b}oDM}Jj^*2oUqx@2e+p0_NT`EhUk zXGyp~rT}{Rhv;#xwk>bKvcaA!8%Ug|?nWyz7h@LbwsHmZe2Crt19%N*_CfYkqfIU$ zdE#zGp+LjIe}S{>c`8^O%jm@-9|)J~%7PZptB63j%0}FGQRObwk=|Iuz-ZOAFwzX?8@Yh*)oZMVF!DI z&A7p9I-}QC)N8o{q*!-0e5HJ5W@7M)o{Iq-KW*`NPYFJs#BVy8!7e-7i*vpqidli4 z>q8;RoX6hOpVx1`!MwQYnIn+}Il@Gy?FaSl?Uhe!KV%x?a+4uVnm=M}B0~lXOOk6E z>KV6=2+y9ryQ780HO^_Bn$US%?Y$C46uIiSTJxgivKUlWbt|T(rdZ-yW!Zv3R3ZFs z{U{s18iH*?6jFmR)I!o#7;!F0O@d^SI89Hk*YOwlK`1^<^q~F%pz<*=UN>>V5W| zPhYD^gcMuKe{Rt?gn)gYa2-2nB__7Vn}VRi%gbwzHfrD5njsa>6<;~bzi}V9`~Wc2b=r*`V6YQj^R7!bm+Cq4}y{+aQvbtfA@~BQT+tk zK|$+ruZ4B3|7zKYMk~#kScx?}c?IurDHDCIg{k3MpUqhA7q6MhJk6S7+s{Z@4Ws4Qco4}JWZkvVLpF6e)<|UVXVOve5Gig!Z}%*?uOC~jx$P)Hm1&z)tEnI* zf?(g6!SZTSAtp<0*ZwuQSNh4t@t`?ye^SLi3-L`QJYcJ2qcho3XS*_nX?54?WL{14 z6vuM?a z(EE9<=EV>Nq_?%t)dy(l3-jtfZfiC!y8Vs{t65o5z~cDU)D5dtDdk$yvORFxr6I84 zoKF`o$E}<5acjMyp5Y8TlcU@jm#VG7I`@BZS0?F_lG?9YkJq^BI6i>l@`p1fI=Z@i zZEn|m4lBw)EL6!cGiBp1hFI9JT<9{6Y^K;^Ox>&W?k|7|C;6w0-`C%7xV^FbKiK=u zs3@~8-4;<)R78*<0%9OY63H2*1qDeWL85{rNs=>VX(Jg_Lh72RdgjiZwZ5MI7WAxjXZlzFQ0u(s?7W}7pZPRWtDs}rjxz5`ZR*-Pdww+p zBUx*F?(nDtBoOD;BnliImn+n2asK+cZW?Q2U=6fqUHKCEJF3ZRsl-LoQ&>D7H7_6m zrFYG(CwYWL%M1<@2bO((GxWOi{weAebrXR$HHW>ALD(eZFjH@AjUN4;f43!aaKAN5 zO}JP*)X(;@%gJ-w@%|_ZC=5%h20{qsGX7DTs#@6O47ERXou37>ZZu05{<;R176Oq0 ztBVb9+G%i-W2ffhq^V_3T14wWOA%g+!Kt5MadvZFmi~mbFh1Y*vg=7M6ybbI?U!-= z?MSBzGOqRdrnlU8Oin)B-p(t%GFoTB)!5UaA7GBMLv1cZh{k`&gZLzW+bhC7?tsK% zkm}&DAsK^~fJ8gI{1!7P{v~@o9Tz@M9uq_W)TxD;c3^}WqO{=a~qRLZEZ;q`g=Ms+^W+{;TP)Mw|i+v zp05B8WzpKqniNw^AhazErCfBu`*NVIz|lg)xn%Q`a6F(9VJP%-5xxy$+C3JorN_-FXN4743>lAP9K+XUCg0}k+SPULR zq;UJ(?$?eoPa^$~sVV;tF`gpn1tagEav0j&#K(E=wqZ`)`$k?GQ_rp?r)rQ&iHRjv zq{!=bWSaKjw$8Qq!@R*XJ`F*+Ld!naZN8F|?ldt0u?im}5P8aUHYfFOZEjPag#KDc z5e6fvo}ovNahprZA6Pi0qJgEHxV7xX5OW0siI$O8f-(_5_oD?Hl4{xvp-WIh%!#~y z@`2}4{YvG+DfX4Fk9VenXVZg(@b8UmI``oX;DrFvCbZM9KUbjpx7YTdGED7XiGcAC zfS|0|DP%P7Tz4#NQQB3T z4YEVQ^8B|57W61k9>Ga)dW$`pB{s6H9fArvBWz$ol*HohOq%3?_;)1Ws9b2%SEyb?%4R4$%ZOEfa3rJLXm&mgNjGJRVL> zLT|6kCnzZE;o&iCTX5q;%Zp7s2{nxQfIUr%%Hbv&Vu3EMq&BaHH*`5C$K!Q(JykhD zlUsH#7K*K?RDFyDG-Q4ZpM-|Fa<-*I3;-!`6p`M$Eh>QTwM4*Ul?FWB z5c~BNI@oNVa;h>^vJP6WdYx3l(}wi>r0&L=o49dUS^Dzo=k5Sj{#`^61TA`$i>M8O z&qfrPTN78wf{aL{8>cZKGSVV1x(BYy0s&Hh3Dnou7sJ=_+BBA@41Q(DL5rK|O2Ou* zF`k`Z=#mlwzZMsdvZ?Z|9URy)uKbZ8kDz}M&l^@7iohxEjGRh8M`Xwf14l=B6t2h0 zz$gR%57VAr6FB|Gt+A`Sub-+KXAkpnhsup8!RmCp&xZfp3xDEl0^Q}bRDFI1Iw$40ulEw~cU57+`szD$( zccm?Nf6le+5%EjlU{=OQM@MVsJXGt=vsKufPA&ow57tS){MIZ0d1&+z3V;gvmPV%w zZB;xq=o$>qw4eBazz+~i2$+=n2wdpvC5_|gOaz0F8*O}EnG`}pB@wt>zN5hQ-zxmvb zGgNqEg!hD6sab9i!QPz&s+#mf87;<(*b`n~aZ{C|mWXHrTaT3{(0>D-F-ItwmDjFIZ zpJ6U4|K^?^Isgs$&-CO~AJFKh06O85Uh7pbF;O1f2=qZPvoC};$mB+_Azuqx1_LNw zR|L@V8Xy79WjqYIf%by6KNl(&YE6yS0;XXd_NZJXB16Qripuk*V;~?&Y;XH$x?wm}hGp&9uTz9o zfB+db$6eovE{&sq2eR@q5*#((eMJhHn$oYN?;U~KSfW(OE1@Jvwpc>3gS#G*5nqx9 zo3E5^kg0i`A2&T6;4sx*`Ha(YzSbP)zZBUMr`&NO+@kc#5p|#iAbzM5+li$U@4NZN zMb#o)%>556z+2D3A8*=z(2!Db_&^HK2a9*ZZ{58VD%Y0(W~L(o)EXI;JxNmntqqu- z{b+?a;6DALJ(vQqKwoGTD}ae_;nrdpA8OCgXM}Lmra6PrPi-n!=8xc+Z^sW;>HPyE zX!x_&%%vm@47`Hel#lBrWV$xN z;aBn9e->tydzV{b4C=LXy{M?DA=JK_`}-L>`q!O%i)(3eaDaIEC_ipu!Z(mkuxfdxXDC{>y>iJ(?DW>wegLOm=h7J189Jpn`#Und z??rv$UamenHY}ShwDY?ytmLrEsgd9t&3ZfkB zIlPm*AM#)JB`SJ`Bw)x;C#QCyeqr+ z(Pe=jwrLy{z|G8Xl0@d^iJP=!n8C)Sd@zDip0`(Z8U-YDa?Mq`1$S%>;fPkwDVPA{*4L5t*q94Ze5z)lb z)6+L&v5d$xpR1jQMSm`Dt|cxYw;_6bd^)hdw3K!EScTMN*P0Gu{P@wWQkSk2+!?m* zGEHu*{`~C1r(y|XrIg?`UQz&1)Dno}l9H0#K~@2zMOT>JWpRNCCXWN;;g`+l%+p-D zxzS^=hi$s=Z!wAYC?RZHOJBM733=5kN?+@pU``auoy~oHx}_o5i%jF+#aAtEf4z5O zowa7(G>}whb!x*PE^a>L(|BHt>w`f5o^8#;)2FXRyT=fRuv{H=aBx6|{9%A`Bqn5T z;fvel3bC~avFs^vb%$_oDSiYrn`qTdiuMJQc`G1WEioO$HK|8*C!a%N^xey7-cX{y zoL$g;S|9Rh;mg2+xO9V?n_KPGv8V6Gz?3T09OTgACmPeWQ?g%KQu^jOiSPQiT@mXC z4ocUBJX+A<5~S3MCXU3N)`@nPT)n&C(0Bs><=)~Xb+$Bg!9h4}d6iClbO7N@!|Yoo zTm$>Bf8!f&_q)6&I#bH}pVWsmzI=oq?qAyY6654?kR9E8WOI5QxW3xyak{x40u%=>Q!l7sI zE8Q$(J!QG)^2`T@QyV#ojL4Rbqq6rJ@8Q3gL{H&=)|nmMN7RUT9p=Bs>!68>4u&fY zWW7#iLfdhdoX^d53Y-cufn8N3Sm)mS^!v6%Pa$v!S7nmAhXqf8D~e({+?ov6r!H!Z zEk__CI&4F`r*r?8&xsu*{;F2+qU-?y+2m9beP9|`N@V@et{TZd9_-eWvT`MBKmD!IcRadl z3M`CN-dy3liFOe?V`9w6nwAP7Z7;CkLW0Rjk;_*Yz|>Vsx4r!ngFQ#ccEa9w3^Uq( z9P|AGFB4PXZ)blyDRo0RIhOs>jW+&6H@t7yO&mJ%L)R~TvH!q?f}j00)7$OWLgG#w zBY#c#{3XrHTc^WsuIXZN+s3b7Fts#<3y&4A6r>l_MdNeFJoWSm8~@sjlvEh$gLk83 z;-V6-IVO7B)zs87w>o5x@Z!$Icfm)Et3ycKS7U8QWW+Ym$6A{!Y)_5wM_#kg-u>hq zUO~#{fW)e)qS)Gk_I$9J1AVt?=faj@WS}G?J4c>{_h{tKa<>Ge&A_)lKuKJ4v#dx( zvCp=B7M8p9(@!q%&2qQ6BgN~ZZu1MjtqjH&x>$CbJR(SB&imZY{HevBYgW9oIYhY| z)JMKZQc*UR@<1_NLgy)yOBW%pPG~)5vN!tkx0*pj*+XJ zs%>2ixVjbQ8+vdhxJ~0UWx1r_$Jh<69T_gv09@nBdQX&;@DXRhnoRSC-cXR?qT4-s zeOhIoCJ}3l6bW%L9laFqMK<{4n>pH4bsin=S2O1*B)x6oJ7E11{!U9!!pKs z>ao@e#SpJ#y?8hIKh<7?o)W5;Eo+?M=MLB0hdAmg`6j_yivM8B(H&eDh zqLCA(DpJY`{=i6s<|8iteO3Aq#0|es%(69Ll)W**`dr<5ZT4ezXetDcLV1+5MU+MgyLnoy6 z4ZRlY4~ATq*fKH;(j~pzG`l@O)PpQ*MwI==)?!d+M`6$$S1Io`dAIL;Zjb$g08NKO z%7~JEJb@r&e%vrRF@6mUEww>UG6&eZFr%I`JM?h7E|%Tr9`(HmGjQ!IPB>047OQmT zQy;VC-3A)uFsu}C7^5Go)fbenf$=^0@LBvTWF!7d3xDao5mP2&=3C)Z!KJIl93S;N z2W@ls#fPw%EJwJX8%(*`h~^x6S47KSt5S3w%thX(p1t8$ER-84 zw}S*v7Yy{&$qQN2A~Kv-8=?uObNDk#t`d@CW0ag*NOK=hb~+g=-Xi@ zdJfNaJTrW6eCEi7KV-;Qmf;^VG;-%z_73$f9aJRp$ZIYW5l4WEaqZvB5G{7_!2cyb zZ#uNJTX?s(*v+eb)V%Mw&m4jDNy-oM7}e>*h{N`ZWkt=xlG*I~AUq>0nqDCB|K^)^ z?SD>?cLchyC3e);avmfbry#M&J50T!=)XhZG>ynv(EO~)Hphcxs}S7k4i255lgdOaP>e>%QfTznzle_iZCRw zO0yS)c%+?YY~~@nmM*82B=VTMCM|!Qp0%(HhD4~jm7KXHk|R43OAfB!DCmM|sOZvj z3?i%OeyZo=p$|8Gy%+PD(^-Pm{2yzp#eBe{VWEkH*krF-(Ie3zGLpME=gG={C@6uJ>_#PSk z2NvKzeyH*zv>>yRzjrh}qx@@otBK^~^M=F8wN6${**n7C1Lt$1D+xUODh(9R zLVIjL7ntLV{bMb6NTGJ=jQ@VFN{Vk^>linOR-agXDi>@gf2gOd;t%dKb_zL2R8G{P zJAQDG+agIp28iIlPTk?I{8Kspt5O#$PmC0wdKWs`GauZ%pO=!H?B{_gQAz#Oo8_h3 z`4IVVWqa`W*I9D+q5UZ4tnTQ@pSp7oGb#ys~@dA zRT?klTD6M*FR-GoUfo=XaUAYZk4%M(=$*S=Q?+Wl?cv6@6NN4cpV=y4cLQArO>X!Hk#F&AqGBuM6rhRLR%(YE+3 z6EhC8%Z@g ztg}_-&x0v_C-0}1n5%Int6Zb-0e9qy@l+|pdoG60U4j|JVVX7&>*UCYKl~~Sj(mGI zD4U#B0b+Br<;o;ESqQHt7Qf!y1MA^i#!_BK4N!gPMe|s1Z)z5szBqyBns}^mS5i-)MT7K#?$3n8W}qG z2#48}6g2F{1<=z3l}cDj6|aOXZO$$fd1!7PpP0yu!ewJPT6?{v5}*y4-rA7tFEtNF zsWLmq)(C<01V|)5*`-pJ|kiJ5={FNz&4&0M*{+-^2z%8W<3seuroaD2PE!zbG)|{elcD8$|+K2#l*HF z7nLuA^nPLGyz>sJa(>RN+5IYK(@QBT(^AvsIAljBph`a`CHaoL);_*Nl6mJ-*@sE_z_k61Uf*R#5mHi84n$}?!m4sBT(+4Ml-eTh<{s!X#e~zELFk~Af=%A_ ztn-HES<~j)45V11bCrTXg!JhO-irQrxS8)v< zbORhpgx%B=>1t#w9#7c;xbLbREh7M4d=}tyQfCz)&@)>WUrIhe@xgO{t5WP1*udq; z@E5Pa>3m*K)7tF-5Mc+6VELUL^fUa%`<@t!`6s?1mL*>g+iOB{eqV%w0%EM_8}XsL zA3FfVOcb$Od~k>lT`R3ARJY!)A5)e@FOz~KSR2bAK|#x8-oss&gp)8K5&Z}s3i|T{ zej~&Rl~oCLCwJ)xOVfR@JKhtwZv6^Q^IV`h^X^C8=+RlkHT-~{LbNefHACy~GbHd$ zU+XnQ_7U9#c~&ai`cB3DMyRWu{jHQY_yqbyULJCgL0>+t@ZC2K#1Tcv+M*kH80jE&y|Lzq~aXUeYkYR@7(w}%DwVXWo?*gmm|Wftw?dxH*rn`07VRb>6Wq^^cn9lTaCxSt zrat{8Zq!b8DS6uWW_t@1JRYt*pg8m@9L&HK^EX3Ozd{yqm4@@$SvF9J+cWAGBydGe zztmIiwh`J#G{UMJ0HB*j1s@v%uadKeVjr*kvU8*-Bs{ zvzj58me;t#2~(t-?T{7S?=q&FxqdpO8sjm-Uf+%y^u<=a)I5ppcI+|6Vip%_d5jib zb-Ij2MU=+yo2!e7Ia=I`<`X`6^bE~Zz!};|%jLlFuIw?B=(Ty4XrJIj)GLCXsy0PR zYO!r|n$`;A%!_8`_NA*wvYr>~5;Y=v6j=5eU%O`y_%+U#<->lTg3$Dw!q zUhSeob-Y7)7>_FlkJ3CRu~CW;;u&p-q~4g#R+=utNzC-8CrIH_GPc!jMPCv2oYyCu z0w=x}akptTK3JTJ`YlQ?a`}z8o8xqGZTebge6YwRnZR|$Y!^3Nw)Ig4F(Iyk)wo0) zk}QZ$ua$xSMq zrQx#~tjM2>^EX`SbMmh*oe!K9dLn+kqx++GKe|v^_4mbK2|vkfV9dC3 zMK(BS|MAt}kIBh3<@vZG!Zxy}VY;xEYevFA9zDv*X?< zO@o%VxS7v(7A0-!Hp4Guhq3g|16O$*xXUlx`67O4&A)gdkY**VsV!| zT}Do=y$zP!79ukzjHqc`Cv0yGCDK{@z|^ilo9T&tM3qSYPDei_EDx~a~+bE~m*!)dBMbkR))S#$7ee-0#0a^aK z2F6cxHlKI4WDMlOw8_LO%*!6L)UM5AJNyj^o{N{er+6&8Khp@?{+e1a8c{!*Luo4E zvhYgt)4-6X+e{9=Z1H9Yb7j3C_GCu!`op(2>)Z=#FsGwENgE`(y((t9SsQ6_(j>}5 zvDa?JdMC_v!`d~L*sPt>s7TA}eVY;LVYRW8F$Bp_(A{j~%GcT!v~IYqt<8-j)en^n zZnLy3QT7Jz<~^2%U!EM8k5cKWT<$>$21!hQbj&1}$GQv+Q|mc1DT+;e$i$UyRFExW zF3yJ9OA99rS(-0jK$s5$8y}~zL3mMrestlr=*{rO3hYW z9B)4FbVhJCgU4mzz5Dju&vHqJS(u0|wzkG>IWA6hNRmBmyw*-98R((wG7@SyP=;RX zX!)SjNXXKw2c_Iz2*bcE8)M}&I;*DPZXrq0a`uek)3{>1;!)lErm1=&^Ob8wJ-jy;^mC8wJblQ<7V5XQcLsCe&7F_hb570B_cC@C4CqtT|Cfi7Og<3r{7 zy0^l-j$ICULQAhy2j%s2wP->Pwq zXSU1F8%(w)*{oR4KGfnSeL|?5_)tBS5nQ{!J3HHG!}#Z9q(!k!Oa8PwSm(?t@N%4a zy%7Xae7|ii=b)@CL%4T>(pw>(tfqzOywurxfu2;e?KeDzgN0MpK9B{|TzPO~6CXpU z+dsrzwD?lfrt%ctCeXw3sAFSk?Yh%cT3+RM!dlB}<%G%blu1c?T3Vo8g9N)k=e?)y zR#X>UX)pt!|D8{1g9NpJy^@FA{8cGstcPvWRj8#-sTaqL95f@5> zTsVE~$u5E#mXj07v{LLQ(gp0`Wtr82;9hsiQgHXf(mrNo*uR+iDT#NqVg}>ENyW#Z z^Dye}8yBjF(O!{G9W11++ie-?zSRsUF|x9TYq=0*#H@BFMheg;@vN>_P$>FXqc*e^ zu#J&|++Z6zR=Yb&sXn}Qx83&8247|KA$mD`wFkRRJ3W7)#(g&S>eGl(M%(fGJh3Q(&`Ph};8I6*rHU+Lly|HNf6(@Jzs>x0>Z*fu z7SFxCP+}<0Y^gGkE9?19CZT)I;*UL}%scBOHhgR^O~p=j1GCB0B2 z9W&dl>9N!{ln|!pHxwkv6eK?S#(k!$u{B9`Xu}OhA!>o~IO8%*zShx2iv(v*z1vgc zU3e5uc4%|@772s1RLf=vNUNUnPcP@qOxZ}HZfy~3XN}rKtSFthM55o_YeiHtC~Yeafv&meGTfOl
Q`I1xID!4O>uMm=(&7cpYC(!-ZMjwcIY|j_B!@t z;0Km0qV%zzZaQ}LIrEW4vjI%f&-k=)u}{f-Au7w?%#z3BvZe4hDOjp3^ZL5^tkxGN z3M#LX(9^`Pbf-*gOl4r0tO}Oeot^8Xn?ESUB;vBQ^gKsGSHTUOp}TR>{PrFCG4@25+aG z5Rh^KI(MP13OOgnPlKuN5b8;AM=({^xVO8%>{hCXSdO#Fy{}EfMk}psU}DzpzFDJp>Zc7BTQIdMg5q`s60wxH ztyp!SSdK9_sX_ItNUmEV;R2}LtHPfg#5K~8i!ylF*32TgsK>G+vJ&H;*1#4vBo6$6 z1^CNVqoxERU2;!3bPo&nyzW3vE#oLNo4+OW_#_s~(@RlIpvM}69AR&;CMY$=y^{fiFspA2X4#*2P^JE!ZE~MuV)(CAawhWEOY+fKc z&M0DUn$qe`nDarVgSD*-3Mw;WV8f!V7Tfv^69&9aP~nz1g1 z`~0am{W1+1edW1}I3T_(5}K@*eAw3Z3sE0}0upVV>FPs@1x5RpS(H7YD7-KgPT_=1 zDy1*w?*60_+KPhJG1i63AlfV3iKOpW}GTU!gNpTZw^uuxSKXBC*_6?VNkk(^yoLC=_Y9;4X?#mo5!w& zn?#+$Z1mv_>!is94p={<`H?WVUv3BQf%um=*G<@Omz!u1!7yf#;#6<_J43)8o`-fN4m&s?Y}m$;rerWbGc?KzXnoa+z^ zX&VEfif+E3(Sr+#M~v;V9xZfbn~aT#Ox5v5c)EcJ9xTQ;Hkxm*SffN`0yIUL6(cB> z#I}Demax)6;-z_O{WUrNv~NW9V-4YSlAAw&@;J>Fzu_~xy<>~Ncr#XAC1Ic`n#ncK zc7bXrU`%?jRqwpdoJ6u`gN0XYHb1?nN0zYmL&sFKwKu|zc}*Guq8$4#B0)J#Nr#@o zRKIhJf=!EpV0F16gP(-QIb0qM9tqVLgw*3ZM&BgLVX#$Iv7x-2P7(?V!B3A%fR#moKWxr6X{3UFB{o=i zIo}yyFNjZqm(o7t+4-(sP6ASA!`WgNoARZOoEwlwX$)WObL#bUJ4#>ZF2PKCv+?VX z?CfpxPs>Oe0hKA|X$;mg6J%UK+pag?#->e8qZ*5K=Y{6u0ye8KYhd2m(+=Ngah=L^ zyNZs`gV!r@t$di0MrEE_>N;JzVdWyVj`7UO$-rzs%OC4^!+T_%#Rm#*-#+6sZKJ^d zz)tH38jP5WfMg23dn&zgqr1onC-&L1^HV4!>lv(I5=NJ5Q__PV6_j1ZCQai5t=+{H zMdmBS?(}&}u|fXJU70SVnhD7awRYz^@g*hjxh~>rD)%8MqHb^50fPOR+x=^(f_c904|vReyccT{C7s?*RciOQNb@44u7vthR%@oNS7?+t zsRa&;K|#qk-?T?yHhXiSwmPepOZ%0_6|581Lr`7IEa78%I#&$?tlnvK6M}O2ct?i5 z%JL^x^fd&3_v*bv%}uBn2|Lu@J^bn!RE&^W%mj9Dh4yYk5B}Ph|5r+lM=l`^2#yLd zQr^aE^XF@%K{4V(_DJ_qwzZDU z2?Fnt{;OjwO-m3qqzmR5x*#{4;VI1dPlLLD<&M$ENhyKIuH2g~#5aUl!Ot*QRKnAK zm>da;!@eichd>-z4-#HP4l2N`m^t;3xk(t(fw9fHba%MRP^{sp-S5ABLw@lPe9!;1 z#-k}4kP7As9OTYBa|S7nz`|ERxA*EKctBy^AnfVig1CSdx5d;c=(7)k|DwSB;`XTdvlYMU4PAJa}0>!mz53PjVoy7lW{CaKjx{A1S`IB^W9z=qCR-yHZWbDW& z!2W|reM&txWN`f@@r8vV&>mj+Z@_+c?ObS8F_!Vp++}vI<&riE^ zQ)z%ZweI`oQv;MzI#BW;M;idx*N@X;%N8zLZCb|m*OokOQ2LYh z&0jvIRBRv-{V_g$ofYFc58D-i*^|vqDWdV!k8>get=}vtyKgQeS?U{36~)UE_Q*&)m!kW#jKIf^ zxv2ORnGc^`iqXhT%yq%F^#xHvY3@U(13$(1Tc|$Sc^Ye!LfO6smw9COZR0Qz{b4@+ zAD3B11G>Z_`i6aDy@sHd$e|)#3O4TLgf4pmFpFK~iCn-6JEliszV(?J+8*k&LYK-{Q>fmN= zE3>GT5OsCjQX&bt-Wv$MN2El3f&l9g9O(|7FwKDLEitJ20GL>@oS>Aj-S&=W@1lc< z|6K|Mrn0+oRKy<)84rzZZO4u`n^b;e$hvul8*}pkdenccgwc*s+f~ygO`7 z-+vIPNJ-TqQW5aCOGV7e;8BoAsKv^*flq zOfp6O8dINc<}m&8nJ~{vrV0d1%W%-PqX9;FZiQ`2M-hb9KZee3Q=Yi>)}W*9R;(SA zB^%blb=TmA*)i3Zc7MO#b5i>YFplJ*Ut^qm^OIwgbiDB}Q(90OYG_jP@^-R%^>sCe z#f^UXv|wJOTziU3SzkX!LldA!@8k|dIQi7Szk-mVjUKaiC+a&3*Lu)i`*kRogRF;P z<-1?69M6}^++V+8;b?h>tSi53AK3oy1YELSt$>H5N!=(ChE93yI8h*Mx}-j^MfRa8 z|1gEYk0P8vip^>bdv)P?nF>Glqn36vFo1Q-=-vTj9dNAiB`+yz2&)PYbqg3FrF3NO z{;wPVf9_4(O7H*n2Nr;cxSOTvg%n=cu#{H*^knyE6-<;~AV-;dv!s3vflASh4Xnh8 zu9d);XKZ9h6xN-%l>G2uRaTF9Ut;D#WIq2k@#NIhP=SVCAO^6hdOxx}HmbVKQ=X5UvDTk*pW1Ah-)AHSTDIacbToAVL zGNF~lsrJ~#UQ|M;ydPcuSwCOWBj;)k)e)8B3UQ^pJT+I!-}2fu6fmwhM3D-Om6R}K z6gd&Z|H7o87W1b|5I}Di>T_(5k5E}Ex0~gF-t}2nRGyBM%}Yx+TesTYGK{RyHc((D@O5VOL!|G-7^6pBo3cbif>5zKX>6kycA*M+MPV4H^) z>h4n!vM$MFfpwd8)vW-xIO89UTE*%g8gUG|0^%i=L)xOBVEz^&+_=pC zORaO6$tfxFDE)R-h=!v?93IZRt^)3&dtO8#%t}Ef%t~egiMYv>>erEhw=iz*KX`de zW_yh>!M&!xTI4p%u%@$~WHdR5u-OJr}jeu}hF5DzxbUz{3?`+7Cn&dm%S5)n^f|XPU zELppir5HF3iSx?hD9>ISoW}&});oTsv4$u^Y?PDVaN~$LQN8y0hZaf5fJCTb@>8je z!})^UjopfsY+yNrHbz_ji;DEmQMv!Y+iP(mA}&8E>8r$S5moUn&lU6FS};9Q%pCHZN{%0hPUy24*2S#lW8%C0x2W!d-0`EdIJd)Y*c4^5F>WF&3$_qC^>r zF$}?C^AED0$XfB86X-FGPsA~cEk3Gy%Rj}-s?WF-+IeqoV8q}sUt@#Y`yV^Z2LiCS zLTlfOjCo~1Bf<)h>Y!7y>$ekrN;6anPnwU}0u@7hdwxKgEaB=H zoprIzttb(G2Isji@JHqgV0g%2rO(kHa9bG(J#;{Kj5a!Q%X$3g8)0+xY^?fJzj(W@ zd0OJ91*5>5%txoOl5mydBQ;0(R(=>El>$kAUW>3xH=OOvh60k z{TK9|dusdZLke<2xcv${(yc=ubf{3vj+9w~{iIcq9GazSoDo}m{PDDnj(>GVO&P*< z@!llbm%ci{cist0A1@Q=w{L4hkaKCQ$4Y*G9m(-CG;Y(SZi_GyeM|y{upbUQC9^v1 z1S3C{0zDQKbe=$yYkSlVKBMWv+_xd6iWKYOdD<5Vk)KR4+};99s(2j- zzL8LpSvjO(G%)-e;zmlI zU0<>8J;@)^;ImHalwt3FB{tPAV?4JlN2TBHhJRJYWGo;#su1M(cw36bQQ9jP5Lj@h z39cmGq%m6M?%ghnE|?w@8XA)fE+-S^5OJ8K#1yPg3eB{t#upchA<Lr4yw z5Kfr-OD(}nMeXY7iqT2q(k}x`22Z~{ZAs9Nk`UL6+Li&cn$o4dF`Z?X+Fr6@n@4Th z|GMFgb}G1G{~Wsph1enDUOIXc>#;%DzO8r0!&Yv$^#+PVRHlICv3*==7ai!ObcR}f zQbO;i3lf8fq+w8X7?d|vl;~kzoXF(h$MGUF|EfHPCVghb00n`5p@YXxQ+DXNSq9LH z3g|8%2>Rf$djAZI%vZrLbu5N4+*!JXluNPNVuqeQ7 z^*J;b*o`gb;TWCorNZb^fyirzLnprFOX=$B-f~|3`G$8T{thBRhEKmt@vFKxtkca; zE>281d1&D1MS~ck`fswk5=WS9R@RuVJ@Mu3b~d6geF~A>G3P{M1SQAZoqA*UC8z*K z96qN;+1j)!6s0SCj`C(Wp>{sVyyf)To8m`5zap?nK$s=G8#sQg@M7cb7Aq$9R=SVTNc`KD2q^0ENlt`5NY?gJ2}+=5E#h20_KGJwZs=GMYxe z5vX(HoYcdxO=8b5X1;%CRA)5OY}Th6hhN{g?$XG_8EHrf?&=Ej99%Vz(PS&~3dW%< zS4Yo3JLZ4vAemLBj})Ftl~(f_sIC0Ra5<(XMX>UYPjVHS5vW^tyD+TT*lmB;ewgEK z)`gdi2x~3m0}^Y)A>%q~r#v^|4EqQ}72>VkZPJsh zE+81+^EA%u@k>w7C9 zc_!q6E7FB1cK?CJV2x7a{^W}Y(vBET;2(Q4=#3rJw}e@8&Z1vZKeB%1?tiKip?|g{ z=8O6dsl;x?R#KU80Pfd{!YuG@woot;%ZpZLKMn_|Y-afYTi8Jgu1!A6rbPBtUz_&h zg@VODFOK|W9r*UN><92(=j5p9>e5H0B*$6DNVs&?zeIFNnUx42iAzgM&B*#BnDV=$ zrgk0vdled*z(|I^jr3O@(yNi7H%apa7pyJ32N71--Yq-VzkG~8{Vq-_)1!RWFfe~NLV7#sS9n7{5~Vg--YRxa($}1>T@j#dFx238^hnd&M63eF z`_iAv=U?_cO_$J6GM*o-oM1W3pOKcPAPI_Q*5qP1?y~T~TZ)OacdpD%MO6dKB|ELv z#q>>xej--pt)9@~-M65QWS=<2;<#ciHTLi`684eVkwENj;sUymvSY3Y6~wS~ePWKH6ic z&rx{r+p&X{?R2P8-Q}#qu&j^oV5s1;*DU)+zDQlM?(usR&~J9O8|_`ipI7b9m#a<0<gfn0=ofo`7yAWC-Gt0_+t!Mon1mnW2T zPT6i-917T|Rh|D??B&9lYu#uyU(ORb=0N68@hzVJ7n8 zgu9&H7SgSTCO&SJL1^FZ-{ljE6Bc@pIBjA_4vC4*^f}KZbu3I~_l0>^F-wz-?wl>> z@!W!rzg9*kvYS@B`fZq0HMlsDQW8bwPOu212t(3tU);`1u#@M{qsIoL$VNvh&6F|G znS|WP;XgLzZo_HDkWIOAYGoxV$*?Im9Wa1nd$uW;i3sPRN#B88vEcYVKWk)UWK)(W z5V+67b=cXc770b9N}<{?hK!fUDZzLOotmY*0y-ONxB>-5cU2_m5h;4~RmPrdt=Beau{EEi78@ z$>joP6SZxUe;J?46QKYh$?;Rb8SrjXfJONggmG~ekbtKDD}1SHR;j>dk|HI=TAE^?qw>`-dr~q)AE-^{LbQJH~0BlB6@l zFy^}|uH?`l*K3~&c)OsbJW;d(v2M#<_G_=s){s{-u!B?^oc#dcjx2gM7Elz7-F|OFh2|@z}x0^kH>y zvDT-;zWn8I>%ZdXl0ro(kUz6tJw5^OT>?0z;ojX$;O4WpAl7f4{R}9j1 z<^0)?S9sIZfkT>>`VrP-^MJAhTJ6Lm>r|o$ws2VYAD!gLzUxa1kyr1cI&mj_W;-SN z7xeU@d|Y;mdFaV+p^$rMyliJv10hT3zU#32X(u?3G81BAHCHxJp6AElnFSC^ssd20 zVW6Z+Kq#pw|D2NQal^SAe_#RrwGdr15m=(Q5sHc|rh(E%goEsC7}#qa;2?t@b;M4O z`u|ane@U+YlaZ)JsK6=_FDgLXyV8a5Qw`rPD|sQWU>=I(`?vRspXy#XhgNSs;py(2#vg0L2cAXutIP?tnd_AuGEAp6max z_ntvfX5FLjh!_w70R_n@3MND(XBJ*pg%0CM26dKtK@?NrU9jG)hv* zInziZ8Jeca4c&J=%*?6xemOPwR5Sm&b>44NI>LVT-Yf34*3WyLuJ?Z|*#CbM=9Drk z!8l&5k1KGy#x9C#J=!>Ym*}qO$ucy=g&Ez%WvZS58Iv&y``7;lGyWh0 zK~!15Wmw$gXJaY0sPdGJtn>G~Rfs}We})u-JU^o#iecaY2g^W;KT#MIF!yyc{-6yJ zkh}X%xK&LS5UpC?=iP2P8Id|}&V%o_ey}&Mp0}{Go_GDsgdruw{DD2}RQwZoC)8{` zrZu$-tfIiz+lH{i^sxm0`E%?fFeuL0FaD&5|E zlJO*D?7tagzbZNhs@yoR?!bm@&>_*kH%MCPF5a?lFkTWyv+~rh4|x=aL_+WHhsxnu z819fK&xSf}=PY4&*al0{Sl(Q>;AYcQMdPac{7&J=>Dgz#cVr+n>DT|o@(e`cPgfK$ z=~u^iF<%V+>+X!K2T%u(K-hPhFZCFM7vf>DcQhYFhW;Gr{s;x08*qzF-jucSWZSH& zS?UE$eQx8n>4cI>$GAEt1X1gX!KOgtty2mU*x{p~M|HoosxgVF&ZJN@>?+0h|w_2kI5B5#w$N8QrQp-COpEBSppd-ugO;?pRa32w;z`{ z8Z3ZQRDPVA$FE zRX?_(gq~vlz0T!`J<`CH69+kqh3q^|07^pM;G9_7Gh`vl&vTC>+Jf%ZD<`E+esn(nV+gL9JmUemn}?!>G@*?N6k`YWcFpP+=}l2U4hIcS51 zS0A7zzF^D3VSXG3-wCKJ%M??2h@Y3!=Be7pdJ+N=j^1rdI0@w zxAO$@fS;%qiWke3-WtnoXi*;}j=_h~jE|+II!C-OzU&sH;nDy8e?7UqmfQL!A|j%? zIj)M>Qxv|;xZ?^q!24jz`}W;QAh0JWgO?s5L%#2L|2#ndi`lJtb?gMWGMHNnp7N2} z0$wf&F6;i|0)J>{FvfZ>PnnD7HoHClZL}_c&2&tD^Y-1()x9(|T~j`tBQC&o9fkR} zmo8oU@N@Wg$YmSWKWBseUN*=T#WZule!HWMI^1Euo#b*D=)d3ZInLg9dLc|6lFEc; zT__oByKE-TQaHcME~V`GYgXwnc%k4tOVvOC3r*=hiyzZIK7rTd(cVHAZ@gICf!1D) z_)FlaMcCW6X$qs^BCmFt76SG&3b3C>z;mbblH)ZQv?IM{uRw9fiL1w z4(q*VyOYbHFczs09s61AI`;f=l=0=uNf_AJ;Ot~Q>|NN{qjD$j|ArZ6m}YTi#O#6R z!^Ow+m$q+D!PG*{#4dQOmxPV|u^$1t@o*R%f$jJ#b^>^FAJbEHh^x>Gk^F8LxJQk7zH8!y>XX}wPtCXV9Kj0QV)Tp9X)acPWKKz+cN6vU>a`IxLBh% zXxNFm+HZ*da-28IrTa>GxX#{pe4($Qq0!pj4hIT^NrpP9RlP%Rf5SL#KL8Lf@^B?m z=mAIH1Vd%#s1gzq`cQ@*9-s~cVbSBcVV?rjso-ZV%jIdH;MgUmsR}A|zMNp4xtM|B zh3qJcbY?~dmtDWL%4Tpe4N4faq3=6fEe!YuNJX<@Jg9(2>f}ME)EAimxXD7eW9<;= zm;!gK9mK~roiP6Yp)2d3IU?WEkTNdlPa}O7ivtg4vM2ryTu3Mcu(LEa?$~YDpQsZ7 zZdPKxuutv|(R#}Uqx13UAk=v~qO8V|)GM}pTm-xj`fl6|4L;as4}8N@1U%L?>C=u7 zxaJY2ovFk?za91sPZ#pMu^~(*WDJGWpX9My@Y~_Qk^b)~iljOq#+L9WfizPAH%O&r;hjbM+RJO-tN9i-yr3}LYQGrp*UW{eou5_fl>%B z7t8@S87o-eJpm)@Jpp(WQE1U|+rlQ|t;g-mgq#W0MLbQt_N|hfdoSud^in3=A`bNx z%(tsmdOzq`@9W5xQdt_%$U5-4!oBBq&m<*TOgD(fx&BF?2R?m_f?$!TCsEcV%S5>Z zV`4w)(a&<2)LzQ<>eZ{7bTVL>!i_DxZoI)|7Ec#t{d%1c<&SV?(5ee2C9|_fNnc_V zB(Hy4$?E!62M*S}suX(64QlXg21d44DLQ0w0$1ho0UC9VT=szN%v~yRGD{2UePt+K z-8miB%^$S0V08Eyu+qf~wKo~>LgG%DJE;ATEI445?UEx08%dzt!iX5o-7qbH{B=6K zh5nDn-`=RJGSoRta8=f^sR?Bd*IWHmK$5Se3Ao*B#x&yHut|0eAy2WGlR8KXm;B;zso!KHkM+h())^Gs*O9IpmfWkTENE< zfsxeNuTC$rB2#aw5+lre=hmPTzy=wyKGav}vuaUy|2z8bU|`nOFJB90gKAnxKnM%v z^k02}u%31bC`tp!*QP3jC#!!%O~^Kel#L*sB5th!j^jAe^t4z0&QEj(N0riPm?de$mQ z#x7bnz1JM;(p&u=j?B8Qt9My~QRYW8&xdmA$*a2aOC@zV6RN|*b&g|?O_vZBkZ#N1 zewGIitiS;w)#W)6NS5e%9vh|^$r9;F7(EvP%e0KjMV#7y=70Qe(;olfRbcLOe$$Hg zx;T_p7*|ophTWArAAH%wh2v)I!zi(z!vbsIWW{;(7m{9y=b8K>C{ub}P^%=diusN; zNd(nqWNB+8n&(aoMI&pd~K1y+qP;wbV!KOk48TUwm>p{e2=~$|tF7M09mZatyB(rQ5hA?)kl0 ztF@J{o&%U|gPk_$-Nln7E-lNd*xM%;9&uYfv9j{KP#Yz4G=o}aRQG$`3w5$bzn9#R zBS!`wPhp;lsqumprKDHg+e3B!Md=H0%TP-l% z0D{pMrlF&a%7oA*bvY&}0e4fodMO^QbT^bCQw5<;SzTwle?K-h}Er(fLx!a1`;Bz`FTzF&oyaf;i>r0cNzifS|R5$hg~UkWulr>UzsOC3oQaT zuRoITuet5u4>Pr9V_m1(#btq6U{fd4;b=6qmDBF8Y;fG~9Ps{nw(kxXL*+hrjR;d! zxKR!HN20us5)2mj53!+#9NHOUe78o4Jv#5}Yk%I0u=c7wr~KnJN$Z(=ufl3Z?!5*$ zDW)?YkJ1V$UWh_8RSV$&zR#~g1=S}+lh9L{nu}D-^?E|d>+zS;Q&=8~l%2|zA8OPf z%+?$aCD-GG`vE7kw{R>81?KG*2>4grU9@~{#xaPk_E-psd+YBV!e4l6GLIriO0Wsj-u#U( zj@t@w4~pZX@&w!DYUmSw;s5qwJR6_vvFFR$PgWk`s75PmNZ);XoV;{5BH_2xS6&&L z$F{dMC&MX!x0EQE`Mq~xL`@Tz3bwEPmwpBy9i@R*G0Wsmn9&~P?N*bXU*)%`w^|!> z;2{+T><3O{QfzqDaXX~X$6Z~#u_a0_qX~zmef;?G3DRfC zs~e^YJoaKk>Hk=flc`<` z81MfulGm;oy*+A!Z?X!arsgZpDRx|h?jFSK@Lt8vksnF;?t`2aGTOj@ru+dS)VH2` zaG0!NH?xKyumzU%3~1Ufp5_%YUK^G}P08SN9%Q|^IsyMENuBJ!wo;jgU%fe*4-9*V zHRl!&Z1-u=l?{9*qLoDRpZO9n7~|5Q`=AWBM5{ju$it+EGv_^G)FH8^bhG?O zRX^`q>cE4gA6#Z>cZfHx^tm)VELaUXYQ1XVai$}~g7A>jKZdn<=Bt$)OD51#B$cLj zBiJy0-&F#6+UPMt_IyE=iF9N8R*&7*)!_iXvd0xc$;QSVK ztJCcI0NEs6zqI@YHLYM<{qaIVGYKvQ&VLPVV;mPyAx_;YSnjfodqrIsQzs(~#(v5q zABC826(Zncpg4>;X#Q*MPfk6ca^9cb2R&YY7P>ZDLZv~EPPZ!KIW4HnRm5J>_J_+c zQr-56&Ndj7$qqeXJdDKtl0EFtA*VL?duzLd>9sY;zj4^dK8*ILXaU4}8dk`A1|w~! z>=o<3GPd+RP%RXZkR^&5mAxey$Bv^+wOz2ZjHUWlzxAjB;3Rv8)nc`DV+rZaUz))N zKo)__=(UNYM&hrwqMD52%IV@ME`;Z$I5cYGzZ(dXw|fy9hLKTj?X8*~pDPc-)qXzw zIBvcN_!;%+dcW$oC}bLd6Pjw6R=P5-YsjiHIWyXpZEJq#%kr~_pM-pRQMa~xgH4&t zr+E;b2TKHn%Js`5+Unz#f20JfnuCKA8^i#H5-B<|J+0&uZYHg$dg$E4MX# zal9?{O-tiD4FVt%bw->P)19k3N*CIey2g?vT;76>>+}zh%pyceqP{X!C)->GVyD}9 zE5N8k1_8$shV&o{#4!Tc9qY||ms-K8U-2E>0bJ3*YNs!`PK^@*KsZ;hvGMX%Q%55^ zZ$wxq4(`bl!~9*!dT>ATHqV=~lVR!*WJI(a&GsaM!axefH^2yB)qOzGCr6!JTZ>$( zXniGkC*jLxYs!W4%ZkT^HuG+-Lwkcq`(2bzuE!d&R|`ZJ;19)mkB>#lIa`{$j~&eV z`It|3t@N`x`Gx+%!Gc#s0=N*swU#T3O$j*m0FZs#u!tBM5LS$PSCZ8#0rT3n&Ao2y1lr{70%{R7 z@HzA1nvvrSn#$|T>ssLy>*qssJiu~TLelfQ6(8@sqISG+?la;Q3>tHr?-KHxyMWl_ zESf*1vNLO&_@W~mD{dl#gc`dMA@1^4!f#CHR;MSy1z|)k!@mHSikbOLs#SITskq<+ zpj7Hr7E8{4ZPHg;%jxurut3az({B0F5)JBsVtfrX_^GcL1S@XNiNg_@`poK@@L4oY|Zp1>{-_2b~m859A`JVECwGn|;*ZAdV z2%R5Pg@pnv`ec#&6z@o^hd(4~PnN!Ww@*|rX0J!ToALQL>KP!m9Yg#Yvk06#d-UpVOPs?cJhxzNy!Q8)NTk9K`VaPKCZf0Bc_nk1q2Ne?w#aIQEWEZ*} z8j}1>`Ru4aj%HS{YYFZFS-CTr-O#T)!GEU=BYCxM)2(=~*~tQeo}_*2NBOB7!w54& z9Z&#s2{s9N8OOuaraNys^dTtQjwKQ)*~~c*0^uYa7El|cHKElL{%&8EQSDtL6-;9M zLS}wb4r9(R<;L0E>z5I#{fccRs#-`WzyGew91)LB9M;B?hwF682O{Pnj948{Mf2rT z$MhwqyB&~sp13Q+KTJ{o3>LOGtKmFc+G|? zElF6e0Dkyh-&yUfzPuh;KlEQ=4^KXR0eRTbU-5${l*wW|HLG6HK@L#Db01z<&kh|% zwS>x@hLODyV>u<*2*DV}&&0xxe$=;p+p1N4XmaW*JYh|tvC@qYQPrn6y_ zIW6_1I%j_=mOD6dSWg0QX2+ZnT-DkF?e-*am`S4vXnnMUuPSwk5P9OKL>3&q=8a!y zjd6H$#4dKpoeAmuBPCCtyXCn$nN4*`xQ|j3?JS6cp;+%rN=k0MfxuUcRduMbl?Ha# zVa4BT0%ALHQn5ouARO=h((GzMT|&ejJ4@(G$FKEoLZCsOFe4~xOO)7U=ta{dXX1W7 zURop4c5%{9zB_yXTW)!Wk8|lI45`dK{qK&!nH8{8C6Q7je}yg@f5QG}R0V`1zlAQP z$2)mu-=ydD+ovM9uo&MTDWp{9`f%WUE8E-K50(*W!bo2&Kc_s4+zmt=rwZS5*8~_-+ZW6isAs zY6*B<=Z&XMx-?XRWz3gfjLC);bL&DM35)YK_g3aREFf}`8I^LI&L;Z96cmSwJrP#z zb3IIAtMUky)5N7thOkJ;aFP{c64U>^6ehe8=J-P!{1*G-wiW}lYK1iA?057rOOJ5> z(jt!VWt(8gcf+I#aBexRx~zk5gqa=$laN}jgL{G9fzQiwW3@hvTC7yaX}^3xCdk&&81$Vg2Au(zYX zxtejkLL93N8L4UFhD6u;Z>av~eXYmOvB_CuH)WN-M%*eq;#NiEH;BvOcdIEb6iCNI z7SF#+dXiKf_ry?7MP@yB2k8)f90F}?zBe(%16at_>3m}exkhCk7sLau2wbeXzl9me zWv(XzCC>ZrgY;Aj3=Rp2R`xo_%Mr_n64Qq;2}a>81cO_WdiaUY6*%yg3t9pKWbR{6 z)K>j_PwHSHq9TA>76O<(1xPVQgaL@&fshpK9A@F(buetLNwRMEtxx|lscbV_#Uh*X z30CEqdpB{qZ%!V}C|$`Xjpy8gao};(*AK&l+(+M$<};nKy|4468jUcQEeb9%tNvjw<~U?HJSI+Y%)4& zF`brfnqCFDxV;e;-nRg4`?_FxIKSN`L!JEn`}YFki?|@r!ZACf)qI!ktY)gM{H{FT zYMAVujypuu-rQdnO)Y&2xUDBwTeEDc2bV|$RFfvR zroMhd+N-dzuquR>?$D9(*3HR}_~i>HX(8XLb^EYC**3$r!TV}3b5(UU-@eJUwY99f zzkYCeC{YOW!X!Mc))q2tYP)D-9%#8&Qc+#5MI8rqURQiFN_~GZMVcHb!`KZ|^-HFP zSZk4O*tzo*)1TE1U1cwO)@xhDJcQ}L4UgE*0t8IZ+LBEwGa#w~#xsqF6yNr-jlubT z|0+#v{mSG^rBVo4)p?b=L_g<}5f$Ps#!?S=_o}K;KIV?p$J=v`z_N`_HH;ty+JebR zHyN0Z4)mLtpp$K_Ao03j`(Xp783%6vz-~v)*C&RKu&z3`uc&&KCl%QDZOP8azE@_> zh_K$5YH%wP@}4tS30X&h`b-_6EfHP1zM3*5BGbu&BpqgT!I!~uFmA7f9&kxx$%z^m zYhB{V*&#viZC1avr5U0V@uVuLgC|a&Q-8n$3P*>aI9$xxzIqZCQcn%JbXM2_ zb|Ovpw8|9#EXU>seq8S!q3cVII$~uF@8=?jzmuQ?lnI+JS{{MBX?QL7Fy?otuGpbs zS$7b*B%4l~Z9pN`1Gr?$=e0xOe9t12muHjQYfC`~O*Wi;#P}Jhu4R`e5Z zx_M{PzO<_X7M^1N>J5{MQ8hZ31o{$<+M27T~|;;J^OBzv2%(y&1pUx?~U{ zv{D`E>12Dpl&qFjR~d;HrY!i{$g-N%pX!2B!B)%__^WE>AvEr)Z;~9y#UpJwwb(-aH0yump^(-0~O_Ay6!y{vZ z$b$+s#Et&QwD^5bFU2npl?9{jj@a4^&Z`7|b3cYV$z`!v2%DvUT`d}Ma?9QzN6G&0 z9_4d5O8FJX5M}aM zotOyL4Cd0*($czg&UW#7|Mm=fVh-~E!!0bW8g)L-D+J`;6^St;7yc@eKgj00azPoXEsRbH+x`KD!<{wjq(Td! zUF;&$CuE{EUBkP3>Mt15w??r!yt8WpZm1@@uefxy7=eGU$@-z$WI0#I*ZhG#Mb%B9BQ!ReBrxJODEO|5j zM70hyGQ$Mi%*^Se4sG!Y}u5<++Y#le^V4ubS?6&iy^ z!&lyC=&11qXRMuXnGj!}H|qk&zUclE$sX|}XV@~N!#oC4GTD`cOsqgxDbgP?)wnBC zAM8tKpnTTU@JfsBVfT#XN|5rA1`{O(-$RcDX;%#!;!H1%*)b*=ylZ)pO0;?N7JxcNJf5x;!fUGiu_t#xoHB z8tRfy$7#fDXL-A{ZmtsxV5@8-NCmv|uvlp_ah~z#TVJ*03^a!;_q29*ldYaKsi36^-C@6s&k)nu zWOCy)k#oLt8!khC*uQ=m)JVBz)}Le>UtUFa(WgbIp~&5S^7Kv>>X%4fz8I7fVz55D zQPL<^)|ILhB3+OFed!u7&PY}3dU>^>VU03cIw)srVdg_+mMj_xziGk!D$Hc%sM1X< zTO^sYFK9$xa|^Xy4KDC9tWk%PGSAg)TLJZV?jLci}G#J-I+GaubO-&H2$*Fn(Rx_I7+d+ z_v*aiRGI>9wSbT(9!l$9VAHR7R~|r{&xdDYrM%S|XDL6%s0PuY#r=q8AG|bw8nVud zXNpSQ8*rf6R~rnr(O2a8X-D#c5Y}_tG0ZZ~UVjSlYow z8gRwDE%vC+=xcb3`FwYIwt%!U!Hf3s9?5{cSmME1dCVK3*4m64wjXZn^|^co48x6> zqFAOJ$n@IPHMCTMe`C4IGqC{_XN{|>m|+{WWz(2m5{1lVj(FCE!|hdM4Sb1|D8932 z&N5h*cFh&L_CPl?ZsMy1wJWZ&T5Ta~FP~62QY|`NM6QpFi3zF3kwTZgu=zJGEwb>* zR&491QB8_m$3k#*^NthXe$Cv(e0lc{xd7g+_PGi_T|GRiEreEneWa1iq0Pu;e{RA0 zII5Fpop#wJfNcrw4Eur93Yv%MuJc;yTQWX;{6w5OIVFn|W!+OZFF#i(w3l6H+VkWQ z3mxmh+_#deLwG?ryRZTl$)zgVOnO$tj+xGC4ZpNz7ua~K2`Y4;+0PY)bUjPHK!gm zW%dA8A^)1}{N5R7YeJFR$fZ4Y(~pk+yZ#~U!itNShu`rk%a!q%J*hRans`cSujlQh z@A_304oXq|2@}oX74IF?dgfLNk16}FdMeMqC04MZm&!e>mHOG|KQ+>m?;K8>F~iNj7P-0NbbQ`K2R5RptVPMA(#2;n7SjYcX`^V_%Fqrg552Qs zwzK|avkhgM{GHqy`o50!L46a%z}QqYL`6M3<@)_{$s?4!RijIkj)t)}H@Q2?YoKUM zNapvte8(;hJdL_&Gylmb^bUE?(aSMeb#m~fKhK=;amjpq>iBuG+OUxH~VMo->~xOX_H_{RwR#)*~4fsOt7~(zk^0Dkxap#T|pD z@|dx(vR0wjoN40zgbuVydxk~NoHIG4S_<^?QhQ571@ku6k}ZRCf6TgUiE=KP{9N#> zimyKKP-8E}=wDTD@j(4sA(!_M!vZ@NrPB+C!o+Os9Zw(;MN5NgjK_^R>YxT_wuZ0J zI#w;!pv+k=B7&lhw~=P`{W%=k(*oH_Xltl1Tezk3_=SYRX=`F=4k+T)CJ>X+aJNcdHLt~k0X$M2 zK^v49tPe*kuTUrn+1c4YFVT8BJ55%5tk&8-UOJK-7B!Z?+)hw{i{83rYrx~dn(!De ztM>9*xs2jtvKeL_>fYCARL^TPjJ)g843C|M|B^;lP9`ztDI}0={@nzUDaO|`WH=N5_yS+**3^-D^7%djrKhUqc(B>+l51zwLEB~iyV_2hF{)$n4d^>W%FmaSj>LRMQnoZb zR-qUp9HHc>P1Af_usv<%N{49fz&i=Q!>Y4KaU5;-GJ?=QQ~=!yyk=ae9B#-$v6 zeSMOus{JQY(bG_jx0i=UVZ_-OOAye0brS}FojV5Zt91|b2{aKh<#xkWK-^dN$KRMK zY!!${OU=8x?1id+Egq`mkOa6~4&0@Kw=GVf0s}JL7|1Zcua>jkCXpTdou~^AbRYZ} zKgpoIB}!i@Ow|M3y0CUjC#{c9m0iWyuP9MP8OEDo_A`|zw62gW>PW*O2QUb@>xLWM(8rYq)p zBCkb+uY8dNPU+LyM6^%U5s=y-t_W)LD53cUSF|8!Wbu5hS2d2B~gRe<$sqZ;Bl*v!t4*xX&Z zdOnmz)<45lJk*}p{V_KGup$Hs^)mUV6SJLfSDGO-f#*ARva(bLa%zN5M;sdqPV{rZ zscnghnEQ3us|TPpR0g}aGG$21lhw&*Q;_tDeQy-qQR{C8}4mN5Qcq5sy-$- zFIw?JWYuDjD~7R#s*fNQtG-;MCd^Gk2}y|4H@f=v2=R79w4Z?uJ!=kGmBA0PwHSB= z;NPho2>dvx`sh@D`9cBC@C{$!eY%FN>tFH#rcEge7#AZ|9}|$^%~stvp9o9^c@`rd zjzf9ilXsHaERer3lgrr*yF}k5V9b#hm&(Z9+HfT*kg^{=`*MDy0P4%rmuH1-An_2w za$4aHQub5$?9h7Vm#!;NS7b=u78MQ^g#!auT^Hvne(X8gtk9T&eCJap40OC@Wo4P< zIbNBYpNHy0eOFi4(}@>v`TA|&tqU23Cecqq3}bLjn&sSo2Y5)-h>!m#`ZH)6bIPFc zV`%6)Wb5>IvS{XB41~!%a@c@J>+4j*h-igX%zQf=(q`X;$D@xlmYAmRkZ!=s8})vG z%Ov{ln27qo%X>cMHR@MyA}O;CU|1dG_!tnSfByXG^vl7pXY$^2c4=n$8K)UcL2T8R z8U1t6=s8!9>ZK*mV-`iy5IOUMU4by7336lm3{FD;tQqqucKZjYTRhv*F};jDia_xh zoh1%LSiOZ|e!V*OOyu(S7h;5=QM;XNEHVtYQw0Qci8cTlW)>0l_P*9j_O@T6m04fC zb3#!`$!2coJ3KNu_;QPz?gqH#h4jl?qDI^b#$y5UL`pl&1@SIIV>7;AR*Sru?W41( zfb5++V8AAwInHO!{C6z?y1KeL;c_ZODid+ue=Juld5TQ-2B=#y`p*o$i?lb)dUft# zzt?h4w`-Km_5&gYDVGzn6GQ+Dv!uI`9)K@MgviIX`aHC-41G z^XMaDVO2bWq^+BgDMY4$24|VRRM2HS~45v81rhE zT&a+lgN@T+6iVN?m#ou~^Xpi^E<2;EiXTg;4c>RWjE#-w=H}oBoFF4b!N!qZsm-ws zpW(_M)7Nrh{ESS*A2z@AN&xPB*PBP@=&Cx_^=FReRmDGi@812)Zm%kET~*+&>Y9&P z5NbPyi;+5PrWT^1wau*a-Lh6knklakc3GfK?dn0y7OqHEnK)L7I9AzAnn$jw)5AB+ z(pCfe6jY5s3Q}gfW7PM-0I)~=sYx8juqEN7bo#G+NONG$fDD&rZgK7ec?Cz=_3d*R zv@oeFQ@(!5d+FI%m5U-5A9t#`!n&{VQ<p=c7-Rq;M4`M&$IQP(hK#E;(nd{YM*C)$k*M^-Am+fOT-R(KnNLosDR_Pc#UZ+CM zGRq7L#=Bd(1gGzRx(_opGuxt3o4mO}>Qd6h?FWv7JwsjO<2Y0T_H0I^{c12`&lu-6 z0I^!ae12PW2St7jPwtOcso6I(&{4`=z4gpRC-)m@=hdqAx|G;!E)2JrVgxOZe^VB} zLAkj;Qaky*D4Z$PcXD zKhp^Eo>?mUG^nM!Z4K2RVe#TezbxYPVdh{l$+ix*44N?5bGO^)m2>AnFI{}TfYb}q zeL0vd>`P-=UzP?t;zCm%>Sta$LJDLv=i^Q@c|KF0hfI~j~^r z`x83@ncP2-yN+7)*9(X-FJe$rao-=?xolnHef_HCwsea=p?nLR>T#2->y`~Z>n`JG z#G~bNG1!7phIj2*Y4P0S2q5~AfrlvFFAwqqKOC8vEPasWLi{2xd!n~h;V8w2u%hcg zh+=VwGId_ZDPA`N_c3oIL6PAKM8MZkN9=zf^NWt@YKYU{aX_5ek7eO#Z)H|~Wx;LX ztQ928v%M*ynx_wPd3aRKQY%qEe^3i1zy3mv^}H7I&ZtA|&DCpg$tBWoElfifK*d+5 zq!hjd#o3cGwLW!|?!l0W0nD{${y~I6kK1!}%lz=N_S@JGg@DdJkEU!yISF$iHdF8I226v4r?vrKJ-s@cS#zz)Ew7pD#*v!2Cw0HX`+ z5{3ijYo3#L6>os4Ny{+>$3!>ccVm>9w|}Z7&$S{?7Q3&Fw{QP+tnQ=CxqIs0;rAXyZ_3fXDhOuAE8gqFCAeccGPmm>B&EAAWxoj|6b$=+V1(A%cTHZu3wSa$C(a*V|?~vi=`$)$Ervf-xy$1{gJmlr|B?ggVucBnqv%6Y}9%byCH&{{Wp5;{~AH&W#}m-`yR6@ zT6$S!SZrm#O7Y1k9csl}3h@V~XuCJq0h6fyMABV>fV<>^O65fVt49oS$Gw z|1b*?^4bG`EdCP7ni|7ON=hn-T(Z@Y$?NyjbS(1RW3axSC$OITJ1_Dvb|YhmMDh~u z9)|Tq*ceK0h|ec2GBc1TfO5U+S(SJ+V!jG%CMTEuRt6FGr<@QgEAYHL$#nfJ=)ZT@ z4jp^}vLU6wrMV%pq0YhJW2MSrMVl_&n;shHRvbHBU$EB4XVX%d`dq$VaD7eeuqGa! zhbOlWA!|ywcG&F{q}e657i-Y}r2w&d77T2+d)T$MJ#O&s{c!_}BDU8}9jR16)&g%8 zUn-pLyYIv>fGOS~eLnpIbi67fjfWfH1Kd-;%(zhMd!Urs=O<~(rw6xIX_8&r_D9@70Da)A@MQgqk+ zC!)*xBf=|0@ck_&3qPYXLUf(2WO_vW*GV@q2Oz z>}*JD6|axP^mNd#wP3>6S8J%QM>T}zd~yBB^L&VUEBgw4HkL~~AMdI6gDiPPM|$@l zgN*tH>o+D@(z+$K&*Oyqw94M9U$>$j=SZAWVj3`#1Z+$I3le-3%-}MgoD9L zI;N+odj*-=pLpxzBl@S4-~yO(KthR=R8h}OXcO5??zWv8rxr}D%%i>p9VC1AYpiQz z7LfC<$OlKZ4*|;jS@NwEw|$64epn>6AsSg2g&DC@ba%ffc$0{#-hf*Tp|_X;n-qF3MI}&h=G`JS z#(;cU(+MV$VHRN0=4sg0_M~hLMnxU5v+X|eyeyneARO0QS}ZQ^x9Ud>(dl=$G^@Y69dm&3$g6W4J)IBK zZ^Pvoad+Jz1_B19^$8w#^k9=lt{eQIf1l0M*JWcrf8DQbxtQk+j=aZIxPXt9w#`KT zd>eJeF zI2~i(Z905V1{7vWQ+K5LHRQESAiatMQR2HkIMLq$7}CC~SO)KWC-rE0G;Dv3>ws76 z%0-7l#?qN@9yT9j+g~SfFS=Gb`;YcHDb&CN)t*S!V{xn}GcTv2Ry9GVahAUjK zufN7VhN{cLg1cgZKYd2ZFO;$km^NTvx5o(HRF#xux3RI2R6fb^f|K+2+Mbh}0uCIU z!K!2)$Zbobv~G@cUeSQ7t_;?UJsh%k)G=QA+Iq_Ri zlcD$TBt?ad8RoC{ct7=8Q#v8P_rd1PS*~NvXTGJgVQy|oin6eS=O<=S1De{Wz5M(k z{iUU&lcP^!V`E3*9lLjN-dUv;9>5`$$GM)$dm0OQ9~CntZVk}RlEWXF>92)!nOe(h zC-5W^30hH6OEW)B@^4!hHkhtw^Okpa;-KzfaZxVF3Pw7Mw3a|=CA;16R^>P;qxnfN zueNfZ0rMpV7ovYV!=H^p|J;3jci`c`-?ae$^ve!CQ&*`)u5wjX6;j)9ggwi9ew>5J z4w=9Ii&OsY(Aki7`%ooZW@aY4eScfqo;G`b0mJQ1K&WUjv-yd*0 zOiDaa1S)ZK6w;Xkg%Ma8Xr@4Kp3}cN4eGTp+Uq^ct*NV#aqgpgJo(ZjUhujZO;1m+ zYIM{NhIl0>0}dh(&y)@sW>$=M{PIAVdPsP<78-8B{JhLG%|5q#yL2Y{f1-d0x>Q6O zeec{cfEFolF4zlU98w8`k?Vi*XO&Y|iaHchumUSXAoYhWz|<%A>{Gv*fox*X6)RbA zxo$)k_|x4RJ$LjDY!p(8QxV7s$$yHhT@1vTOy{98(mog3(So_ecfjxVX8zHUdUbHN z&b%5FEVOkU8C`ylG{~8B;dlfU9_rCr6gx>X z6psEw-|0_?TzQA$CWb#DawOY4FM!AiV5^v0}+<=>|JrT!oOa=S2f@-vCh(EKX2CFF_B z<^%n)MIFT%i9k-2mjr~xa-v{I#(RsM-9E(EM-salQpV=_@S{R7_TFN!B;YYycy5QK zlB|&Yoj{`M^3aQ=YG}vXCgi(IK+*L{=!)ZRJavI~+RMx9Z7wtS@em3TEqvJu>jS_m zR-H+5K5k7sNk2}ocq-2fyC!N|I`cIcW=c;~z<^#O+qFnZ=gJ;uoB*`>83Wt4)qfFK z7wc2^;ZObMMzg%9Mqto)@XvCguuYp~gP|Sjj|DP%l^{eKcgU;^8IyYN0noB^XD7jl zjN<8&4i2M!-`ku>e#RDVZOG{L=Kh|XTiK^oj-IUX{waRQ9yFIGOcE5=0F-9xse9@g zTUPt+K1R;}HQJE=qX2}n8R}sEx-<2D0c8wb_2F>#>xu595+nYc7P!~h(bA(znU2_siE|xfa#Iyjm<=qjA8q`YkrBos*D0I?urF-`502lcspR_5SQVf4 z4E_7%xcr{!3zsi*$*~n5W*MTcyx6-oVMPlvbH*lGb~t1ft3GBEime}xEhYv%fBwAN z1K~9k4CLcNYb0>TWP4m&x*LdvBmD(GtM~{{L|DTg1nf*%Q)W_An_l7^9K>7f#;>&J zH#fXkeBr0)J{j4*oJk@eBrMdoaR1!_{Idy(?Hx}k&AalW{9Y8dWH|LK`8I!ul(N-x zo$gi8Q~vp|6F5xctu38b+JkSOYFhU(*d6X127lcGLI~a?AhH^jX$?_etI~AMaY(X^ zt|{j?dl0E%bZLJ12DNDDTvhUEOHHos*V-2buG6DeB9ira1I;X-u-ZV$-%sE6Va4+qbXU^S+DvAqbOGGMCFfR)toOWW zW?l>cimL*EO042N_hgxzItXedl+U^7aJ|CF7xZEl`(e!lLJw`7I;w@DZD#v$YRID4J>4SD6KW)h`mAdE(@E3C(;@BYW*uF#L^RC@Km!tl z(S)#|FAvzx<5HQV0X@eSrbH|`dVHzQ*&1kqpZp{`AcxpN2vggqvN$JIA0nRLyB}eT zb^AT<-s*>rn%#(=&HP>?fb~{7%i9}uj+S1( zUPUT<-A%*RD>mV*aEbl7F_OoQodpHDML||GGalY|_b|>WVs^s8Kl}2|q3{%#R=$cG zlK;>l_{T^88|LdCyLxr<=^H~jHiUFiTnBRw<+9&+8%a@$Rhii<5zHdPA-_fVGtq+5L^JB#*B7f*h6Ssffv3x~$?6Jd%gqkFyEUZI+Z z$HQPq{IRW$c~{I`n;xO&WjZRJu!n2ix^*k<^N%B>He)MI;4uyUz*{}@zf4wM9*VOW zZG0!`(O)v!oT%eVs^rev?hiYQe#P5@vd7j+MH^S=TJ(aAt^8zES4I;Ge!Y%% zc#!SFA}!=SFC*zaH+t3{yHGSi$V9I>^rG?D3l}e5G^^&Zjp2Dw8o3({)X%x>1B`1G zFZA?is|gycfvFiKCy|-#{t>mpZ~7z}6vWoZ&@#_qZ0Tkcb9eT8R)?j}uy5tvLWxk6 zS$}C}$*g^hSNj#z_+hc?SRZPB`{Vk%gB5|ORVJ}B93eQwY>UO6f6{i@LL5;)PG`OA zw{vmjfEKSb*m=*kskzY6cCS~j9-DIRT+5DIla?Lp$=4I$b1p&g#=m{&N?Q^O z0Q0Fb_*q9HutANc?C<*R9jf($Ru$Vqj|33wo9|761w8(^&($UkM%jazeErz7Ff@p-1ZZ4oE6+hZ4qy(Xif`2p>7`)9fn`};$%XIU?|*mc zCu#^lom2`<*iS7&ojl|}jV{BGutYz(F!|LPPnX(Ac~ZrT!5>G_LikZUE-%c?c}=4i zHS$(+mc-taq#Ip82vZ_F;=gX-1#?t8Z9t}dml3A5l; zNe?;gCp^azBM98KaRSCxD$*<>YV$cQHf!@8;c;tokp9cMnL&(M|M zX&o$2GagB_m34hRvNpcDSION`vF1i!!Yk5Z!y9p!p;Pj!?rp&=B#<*#kvHpiOiS1c zcASRJI^YF5-$IShKi6rZ%^=Qh7n`%tUeI7ORAVzS^%(sj4X3w0ZD-@bQrAdd0*nEhI#G)|#J|{0Ah;5w0oU5qn!pnaMJjARjn(Y6im(@9gIp1I0L9b$VmbGO)xy1pGQB$SDEEU z2230Svtd1h*;X~#l}#8Bq8{p7Y&Fyi!>$%?_4Nl=; zmKGr;IW|b=g`$=+ms3xk#b7U_5UT;U!&@%oFaP{08JwFCfB@O2%(wMMoO-ae60n?R zwsn?1({I`-qc-7{dyH30E%OhI`VA38-h<1OyXn{W-uzzcU`2}PwF#i~+`bi_9P52< z#X?u0u>NGBF_2)rT_@VbS!(e&BHkuIgjz>3{t@eiv<^3H`%rQda;Ck<(qs=Bv@-ZR z@1FOR>0kt>B>J}|F1m*Zj5|&V;~DBG=^ZNWc<=v*xc3gnf{pve??jQ5k}b4Q2$8)? zNV1Y0itLq;O;=N9rLsqqJ(8VSS=oD!vbVT!*?!+schB?uj_3X3Iga=8J{?E*ao=~j zuJin!-@QH~`$D-mue!`@i38R)av`oD8{^+&lT6m5*xm-XS=dYi7|T!09I1MxRF;hp zb5fd4<@7u#81Hl4RHxHb7DF81# zT*r3obv(Q<)}Ff>|D9ottw=G5n^o6B=q_N`zd=;PS)wymEod5VBNMiuuFz+!xIS`J zIl^)goW%0?&l#x(HfJ4&kmGqOK=9-t!Q0#2ymWM?TYzO--rz5G-XD+yX+X@n-46*3 zH;xy(-~i{wdAZjv9U;XwE6*E=v4gHI2UUCGIU^keFism2FC?T(wl*#H*2O~}Wu58X zZGhTi_Hg}5B+sx7IGKQrE9YJ!zO6BVg9uY;wx_9*fdaH|0N_7Yj;qAJquoIct~?tb zNfjUAVs82A(p)!hU^D>q37vV+WfUYhG8||jA%XG?)cPK@B6C@)zBD{1pOFZ!R z^ZEm9Bo<2M>tA{nmWzN{2m9A&eUhK+QHEK5miwYsx0b#?l*{IwzJw>>4gnfh-Ojoj z*y%$rVp-x|be`%M!lfPz`KWjw)x!(kz9l5y&?ucF6Tp;$c?d1og$dsaCmVYK$JEPt z2SA)_&aCANrYKwf2Yx2(V0 zNx(L2MzKXxx_(Kw2V#1`$?@2sF$oFw2Yp6C-3?4`zu)Jrg<1@L-9H-uX`c^Ktnd5w zlL-leSx@Z-w6|NXwZXZAX(Dr8iV?z`ZDv{~T*XdiCpv$G_E?vQJv;0vsIFtxHs0eH z2!DIHU@EOd97%ZI3UU?q?r*ma>3vVi^@R(3q#n~#@}o&)cJjK4El@wh<0 zy=t#JPR!xk_mX1fj`f9g_H^$`Mpura!=S@c?PQvVz}fM#NMqDq@B6&0K+x~G<&$ZM ztrG|s*qBSVz?qG61UkQc^QN`9Yfk^!jet6ywDxrXB#GW!qyC+j2O;pAR>O9&X|S zl*Ct0Thl$T`_k}mPgvW&&;WV?ak4A=CK1^~d4>TBdt3EAhy3^!*S`(uz1-)@H8oux zrln5&;OJ$Ks`t;!Kgb0dG)7-?fIWt_!ADrb?-{r)OvLltt-8c>yYyi&zk|82+o00? zLJe2trTt|7vHqf;mlF_j8fm@6cE>ydf%`I*lGzGude^mtX*!B7%5ItKU2u8S*5cib z*+HM7*YfAn$TU3v4LOiyw`~tGDSOakrLnGeR9oDBybVEk16ZgMs1&FSh($#y6%%yuZH#eU#ue#XiHrbkJTb&pW2xb&R39&*?SnK(-9vNv|13P7+%I(NZ!ZA8oQ+ks#&FE2jo-ScOtENAf6gCgW36OQ z3p+NEikEW(SxG(? z&p(?22OtvS+HMQO;VM>x<>@Yjt}VF1D)B;~vXEBaeM!v<25GI4`gtwSE0N%Wc3fy@J^qQp?`N}Kao`Et*;KDTq-o|ZTTA9vjP zCAT@(0lyX{5zbA)M5_QXocHA9B+XXi##SM;UfIgaK-6t#~E*{f zGnO+q&K)`26C!dCR{@cZ0kp%o@VZ;kSCl+;e9gU*oSx6G=k)6--%T-Rm*r{N_3hgw ztmLI$z>P1okc}Lg$R8_H08N@&gJO2u^r7Ku<=QDQ>qlG_DORxt*WWC#+F%NyMGE`^~n1Z$WS*a>n1BRYj=FzWi3*tv%XDQ#O&i zaH(TS>_M zO9KjVe1a?-3W zqtejqtuxIgqnzZ^K7Ad0V zcPd7I%?hXaf0z}MJs1NDfJY6?TYaZ9XyduAb5l+2LhCbPH5mKXA;{F7H7LI zF86r^J}Wfm#MGkoM73y870)z&=>R9tD%rEfD#@ITq*Qp-6322nDGb|B3}17KnGRy z9fAg5M(XrpffG3c_C=ka=d{UOyUanJz%;$ujnxttIO7^ZsrSz=`f0|y z#y=~x{$JxB;= zUhm?g`ud4NO&phnSsRrx>s!JsTT5MUI-P&6@kA>%JS(;q`(F~QTSP3^L#Z6amKqW) zbr>c34R7DfGK-i>Za)HxQ6yn8%B}DJsn79LGtfeN$J>5Ph5ds`fed298d;U`Hb|F{ zqb`MMLaA!HJ5B7sHs8MG30e`dTP5$)b(EM@K_l?)#t8hs@00Ebq7EAkMQd6btmoh` zBCZh>Rcf~v7KLm(^!vTKut|f@3#{oZQo2ucXr!KcDF@mrgrOh~@2x4HA+I9pquRj> z%I74AH<1=vcvOx+gT52aIoYle$Q6-o3rW3y~CxW!2B2y2X-Ui9f#zuDljkq zSega+)Wm#_`~Tx?m|h}APczFxu`TR)bFuDpiQ)FRW*0v$DE0J96`&05@xmPZQwE{# zy7G3QY9?xTo4o`W;Grf6hv8*dDf^tFmx(@8(D{Cwbp?aXNL@SErgH?eXlL3yX|(%) zMg{ocXUsG*g!L&7U_yH|i;WcH;h zzzsP7wYK+d6&mvAK=@7XI6tvL8fI$M{!(uJ+l+0;HCdyc`**>3Nx~29{ltOyzDZ`~ zDj+whvx_;}O*@3#-2VEor{Lfe-ZP26PoTj08`h+$iKtgZTk-p+9cK?+qgg+~<^rrG zEnz^0_Yi@6B^@u`i7!06IMI#BS?(@tMN7%!z<25A^M7!b1MdFxB3Ii{(?b|(pJGO1J=(`PU7Eqp zc9K23f1r8I{qRnhySi}8cGN{oUX=v=lAEOf9V@?xro@TBsdz;ME|mG3w#B;*)J^2wY|q-#u}Xp4YT20U>B}M3+=6=<_xAJWf7+*En%Q+ zQyuV`?24+0Nuo8|K9kxbYbM>mHq**lt==c9z0@gwOcXL^l|>;qVo>8 z+VL?=Mm-5Ju^AP%)&eHtoSNaoznWuLKmlcPyeAD-;tPAy*5=i+n8{uj_OpKNQwO~l zmY!cRd)}X4WJrmGg%9;g$4(S#mLe_Sv;&48H{pn)ee-V4Sj6e-ya?L;2 zz_*+|L|szCjc)xq8f6=Yt#wWmEs!00!M~}f_g<_JmM!lgsDW3XeRdbEVWEmo8%sGr z%-b+IywukW$JWsX)NQ;!yZUQMRiaQ0rETs}e_;VCMfY4e;j>e{0^NrMC9a7qTEE`3 z+}Z2wfWnI-fBg?3AA)bSnSu^t=}1ek%lGHw|76;l(Ps(js6CckYMobyHTgWX1J(6! z^q=jva*%%G(3d6m7whhNq^MAwLKqcxtRcYvxQL9A(N3oxRJmh5d^o*1PtJyBGs^i@ zHpw+_fDX~Q6m0~z$xX>^!8qZglGUbOH+g+a#p|^brXjjv;D*$*U+Zlq7sn0;3DT z+rMUn9GXYz<7HRZq$X2zZ(igz_V476$JGc3@^vqYoQ=<>LTw0=2)=zv;B(9hGH(Od z9j-7RNuV(9PrR_t>QrrS9dqLiBv#kDch+p+wLz6o{j;RuUZkDKGb6>B$0pew3k9x; zSZkWNw|O%9#!cYzO4X0Z7necFVQ>`_xaF;|0Hm;0-CMp8Ta1iG!4Yr-3H zcCeb>K`%&e-G4*^<>1y7cCsWzT?WIaH%@U=0?(%ghn9he4&b@gLr!Gen=BBDByaMF z>af!m*)F0t=r8Eta zVf_0tOT>IEjc%huJ(V%5Eq0$dbsVq>oy&199p{rmX)_~x#i-QkG-tbCFDPbIGd8pq zMD3{LPY5vB`s&}n_dL~}JEP?nomivd8=Eu$Py#P)JVKN-*2N z__#|)z31GsVBGA|Qku`}&!*d(9g}~6^Sp1}-r86-dp>3a&Vjkl1sx1 zrn@r06~;2DO$3m@(u;nq%8!4>eRg1nE4*e5RoWKA{mn}nrd|;Sb8ReSFPeO%PM2QF z%6R3bhrPKumJuv6*&Dvhes=Cy^7Q<5MGLgYMKXi9HcCQ5k8abYP{R6Fck{WoZ!_+s zFEzukZSP93kcIl%9R2bnrOx3_j_R74DJ#GREV@E<>^*SLNrt3%-r8_Ql>iMpX~g(f z_a&0y|9zH7&=r??r3`+xI!^TnZx(-WSl7IHF}A+@vzkDFx0OxOre%Ae>y@QxCA;qQ z6uW_h&R_N6?Pz=)V{pW2`~~Y^@>x}jo{6SZo#}k6;zX3J=#u^QaK4G{;;DYl<=%;s z0nWK2rg~8?=X{V`%>zpY%g=$<(PT|dH$VWRmK1G=@&9;6J0d+hj*XohI4sbeRfzlA z6t`_Qv97l5%z<3(u_EpC0-LP9=^&wWoAGZj5Fr!BZ-qQoXt<%6>CR5>JDH)KckfP? zd7JqQtH8O@hN!6GDMXmqjMPIl2Cwu85<5>i$DlC0xx~$5+g&-v|#J9v|S^ zw>($UdjSIFkvG$7Y)ImaZcNsGk#txBqY+7c<5`=qT19`4C4;WW&ASoO+k^`!yP)SU zt+ERSTMsD>H6{s0JAIM(rt++wNpI6O!{>{eTAs%l+FB|`3pIM`xV+jeW+Jg`&(0Ta z`itx|Cnph+4mQa$`90ou*dI#FP74j5{-`}>69;`O%*D`G(^Txf&i8Yp!E;r(#cj>HKxq@xKVP^addqr{V;2<64Fc-76gCZzj&U7L$X9 zdht}>-@A*8;nh0hnUAlEdy-D#9O?2FpiS5xMg&ArcQrm`v!Ci0Lv1R-0ycVuE4d}*IX#vXsoL4zM*<`wi`O%wwz4p+J5YRQi29iX&PTeg zGC35}G?wTeoE|7y&OD+dcASD$L3?myCb#wzPuLw6;?u^JOugcI{-84x)J-!iQ68U1tU+lq)Q~l1k zKBu*b_@R{{e~YU5cJOO&ClYY^(H*z(JFYWU038YIOA{12hZ#Oy*TRgR*ZmJ0dkk#s z(+g)EjwYbms2_gE+IHfsBN%8Zg?OCVSj=7W@!M)wCI+juC@PeY0Y@w5(wxSuz2}<; z<9*SN_jSXc1bHqt$(kjsDvHb;vniaHNy(W^GRt!gIqRFwMY9QTV41c96*dX;LbJk)1T}S2khGw4&aA@vXFlxKC;*5xown9NtK6q99x}L zmZD_sJaXM0OT{RZ1ls8h1V5!SvPhAbFeq{4E!I zquckTcAuHte)EtRph3=G8idaQ4Y2N)Cr|xx#E5r;1}RsgoiFqKbzUt}KaY`SB$&&9 zbBzlhI6KuUaIV3)#i=m?xKeif;*$v2M?%70BRb`&u}uIW)<0 zdtEG2GV6sW#(X4Rj7aD?pNaI`T15?}&{nAKceY#vSTKRoX{sn=zInV!-fQ@%Y4Os- zJxw;T;x(->i4kM;H#Ox3$}zH`MTH*I3lYiK=-r(>+yAhI;(r#LU>;FxHc4V9Cz#5n zsr|jAvGE-iD%}}MH)oxcYL7eUf#cKU(!ol4ty)B;Jm-5%megE$yTF5{a3Q-vXwmgW zxuCiJBABe3^ZUA=kp?=+u0H-j5kH&>b3`jmhdpV|oH-*emh|O|aQ%8)`d~aX=31m= z$QahlGs0Wmz|dwImx~3oZn{G&wN0l*QRgR(bo;vXp^9?&U0Eg>&M0Kd1;5xQRCU~MlYUrw0R?V!__wYXPJW8PjFPl`OV0Jf>3C-&dhzwQjsC)8rsMKL<3k zd)e2NjbrvR`6jBymEC!MoC?h@i%p`YN3)jr%6B@JM?QZ1$Yb7`;Ix=gIXGq#L5YS6 znqC(wfhXoP3&Sa!^FtPA_ASm)?_I~GpW-#I4W;rzhzU@=`of1E}6Blccl7n z5onc-xmJ`3A$$0N7uGK*V1xg-n@tcCN6e=bnugMGz%d-*YqJ-~P?}>n-eoy{N%*b9 zB)!%CNT!d+T{;SK5~+HfJ9IM|a3xXu0@2i$?eDMq<8?~bx-EFzR(`W_aRtDv)rUP} zKkOPW?U!!2*zSeq?@1_FKI|F&fg51rW8?3-8yI)4MjVR$JE0HHAXpjjP*q=$xh{E= zxu$B!j%?Zv4Z-hbfJL7@<~p0Dx+Y@b49I`J`YFCST#cf!k2@adkwE4**_Q2D=>bTo z>EF3bk5|#!QB`aQF>wd@(kCAL%}2iztk<#!Hpe;X&MEg6Rwor5HDN~c_ZwjcKZ%^m(!8d&C4hy@h|(cwLe&rW~Kla zl$Xa?0q^x9axc?KNo-k`%i43E?bw2t$$@|?97*+l`5*YS(|OsdJD85b&4w*Li1@FToHy$ehs=tMS-iMP&g3Xq zzh#x?q|d)EIiNM2ROG=t7V5R(LhNE@Z`IDlx*L7>^gO_4gSjMhat}#Tz*Y^bbSY z-bN4nlT+1yI@kDWoc{n9ZICCB@TDgudH*fjn64Lc_L{Lpdp zy>;^P@K@B8^W*^~SYgfILJZfGHV-~>@o*vL& zS`PE*ltnH})h{2agJiuF!vs|L`S6d7pkUY(1`)F?I?h9WCpIO8gNzSH&L#ugSq{Jh zBR-|C?~J;~%0GXwdLt6{dYhu{wRMCRcwg7GhhUZMCFH*~G~(}!B8!rb9W9^M%4~kv z)BO3f8;6zxA+ei+2^_Lis|s~(xD_SD#{EXW~B zNv3kL!AXfOo-e0*iS9rz8+3@0s1gDK*E{@AYDY2c&=29cHbFp*oiX8Jyybtw~ME^GF_GFtK-#_=+%qM(= zoPhnDGR4iv4PKJ-HZa2m`#e}S<-XO{R981M-5F&+H?s+Gfhmd$bWT9+nyV}^F+{Qj z(grr#N(K1$@2Xrep`{Cu8scj$WT`4-87>@MFSNOW388ix&(Ad+)Zo=FdtaF}V>mFw zZ}uva;d1m@Li5XY7T;z3n z=wFO`fPZTNhDiVLMWsh|79LPMi`*!9E-6kbiffpkUt5pLx%y%+|1@onyImg@T9&GQ zGnyr#kR?l$gnN4}fE!Cmx$JQQ8M!BC6EnyOsm`bP*UY-}a5`iwzU46uD{lHIRdAV2 z*ALt^v@DKgUpD?B=`fd%B#>~VlkjZ21UtW9jIOsN-EbXzlee9pt4;Xp;qkS~?qo;v zKNKf2|5j7NXrM>o)c1&g{XW(wQSC?ApNGQ=8-eIF$ZmH#<~_5g>;cNIfq(ug9H zxXVX@6|T12V8^^eO;H!>6;aDIeoc?EGQp!dQuA9O=a-ibi~E%nuHDI`n_f#LGiV`m z;hUo6XN57>Z#7}stsYOIi>|PdC9dBM&K0TDqD+d}KxILR-Pn+eZpnA~XT3zpktjEz zq9Zo#+t(V}gv-7bSZZ%yW=F=CIUPBfZGy*CB?(BW)GJ4D#lh;msj5cPMG6Ds&F^*h zI7Hth0MdeOwEMA3%gD8_{LK8pJGd-S#OM>ck_G#)1cwX4q;cny`R4ycBOC>l)ZhDU znM(#0$Pna?sW8|N1rxK~!8wA31#_G0K2D1^bNmw%t~QyrmRZZ@3SZ)PaO0wlfNHtE znX2BhP+ys^y}`QM6uQYwa?x{oZmuFmn*D*LoSfYB(v07ekaU{ZT$CKY0iJsLO^@f) z!Qf>P&K3BJWpGWrLh-uBNHnv2UVpdKD5 zx;_B)uy=jYS3zL>Rg25cjvVF^Ak`So?Pd@YO8prgN@7<2TU)`ukw78dKGKb;%(FaO zEobK^G+GR+7ln9CJk+kdxl*v8-jpv@pa~5Znl^s*8MBiS^o6<9J7VdHPB~|J^Bog` z!?#)yjf(z(S$bXJteSwqo3K((4`uOdGT6NFtjYeU#!xBAQY*WJZnSlEmGvjieXH(@ z^y(>P*4jd(7_2}s=mk4(UB7yUZ~=9cd(=y#$Q=KP^u~h(1lD1D+TOvZuXs-PIS1=H zgs}e3T^5rw8o2uMpZ5e+Cz<765FD`2EUUtIrp>@4dkX`URgVHL3 zYP$T$Tj{P#O)|@z%*54^FUc=2zr1$i?KLZGxRi#&fy}o1HW983W1qT>8 zn{7=c#Xq7S;@tN=kNI$&_#i2-jg>cP&(jbS18#3-WdiW(FZ9GSTk*e99odU%S;^AWQ_wDmaU*sb7z1QE(R-kB z_gjxB5)dxKL`Clp{J%32lU`!tyt+S#iS=-2JCA>|B(6iJ-`-0POP#<~Vmd5su?s8) zBnGURJkA$9XI}%m8&dr)X5xKMRDA^$dkDhTx&WOGqI;#3@n0ZABfu(yspcNp{Q&Zt60mb+Zm z0bZ_vUz3kY2|?dQNxJFazb6q0D``ta*h|&XV-1uDX4^Bj{^E7++?79+_&8(rt(Mh= zZJAY>1!TVF?#u4oc#3~8o20~feI>6%K#eLNBIw7Ba7&B%-n{J;?5xURrGK*4?St1W ztK{u;IK=ToKrQ@pM3vvehdsT%+OdSh!?#M;#mDwDKcB%ZE>%*OI4X6o)~eqb6%r-T zW>LNeOi9F=gQh9*e~i1*AQ0*-@6jEPsh6%7e=1gQcvt$H8#}7m-A|RuN!E4l#zoki zT?n4UYo_=6;0OWN7mfb*0^r@bm;5OS?7^7uW*t3EH$2TpF^M*&JV_-RPq+Cb*XI4k zIR|(p?g=>_W#+yCq&Y=thyM;ZMC&&x@IbGRM|=a1kNYI>=@Hxf{3{TE1&sqRSM(Kd z8Fv0{S0wcmHQ1#4yh^}#(Z@hP%iEfpGrjeoyD9 z;SDqwT*2|vUBdV>>0Qm}_*_`o(pF^llvgLr(9BgQD~IoHp25c>NP<9C?|8fH&T;l0 zCBNq?dEFW{X#F5{8VK4TzW9k6tfW8G&?yj#Ud-?e{)g7lyGp||=-A(lX>2_d3Ob9c0R3YP^u9dU2`1>Ir#6k6Zve`4|%KCu; zst`fnk1a_?yFm;Z)WG4eGunZ7O}q|1=#&>oJ2MlgywzYkA;+_|h2inZ0t6osWCGt< zocV6(e{!0qaA%chXSCn=4BJn4{YO%&3ojpX+daqpgZb09akF)IaHNUg&N}4kJ|JAo zc5v$u`WKH5DN6>g?zx=r_YYd^(bF3ci-}~5rPfg-8$5JXs;lmFw1I_=rDNl71Jm5>toQe-i1(Ex` z|B5{ReGU*=NdR8T z5x77Ej^*u}@Z_-u*hUC~CTDy~3MTvQ$3jx;GO~&|wRPxNqL1nztvdkci6GyV)BJZ2 zEc#0K06-b3TiD%Vt1Z035`Udw6^)uUkk5PY{}IKRzk^Y0_|R!No$f;kP~O&Fdnf)%-$%UVrByc+#pzKy|9P=x0}MYbfb&^tIvQXfn0KhQ2N5m|B@V z1YAkXYt&hO|CB2CZm3*hUv^+(iu3!2mt^sONl zyV!}WTwMd;vHrWCBIew#2s_(D@GJztE(|2aVohjgpd&)AK(z&sgwU^M$iVUPs@7zko`v#_+P?#2J^sn#PP~STd zIk4G3NoR0iU3>SOkc{p{A>;aPK#QSRMGBI)$M?Zg4og8gfyu7^T2T67UVVt-Rki6p z@3bp0bDu}-_O$8bu4q~118@X+)Zz>?kDU;;R$7}r-Ah43Wh|a8^e&R6cB6E-R~qog zQ23JlB5{|(7fuLYTJ0H8_#%hGm)5*%Ih}XzjDl~m$Z5s%G5`JDbrnIRjUjgIUEQ5H z=D+7xy&JbaabpwV5Lr3F%_nOMi5GJ~EFVE!p+sJ2wHvBOGI|AG#K*>37TDtYlZUv? zD+yyJ4YQHOE6t#R$r`SGtA*U-wM?iNh5r+Av??Cei|Tbdc7r{tK7u~D<*y5hXIL3H z^tlw*jT)FECA6X^AiRK<)7YI-A>R#sKz!^P1k>;DrlMsXmcSAw7K|e|{J61yVm%r^ zxOG#4^E3P#f4I%H8}Qw7{t8V%Q<@BT0x%}dXgs~heP^4wB(}a#acJH>t<;UOi%nl z^2m>X&$}1MkAIT?_bB5wL-%$YHx`sYFZUsKokzfS|IcIm8s#4)bjHP}-r_phqJKNW(R!4sh%v_Xw>$Fv~NT=ml^D}oz)fi6xRZXgXLnxUGbkPo zC0Q#ZffB%d^O?0Rp!u+TRz?3CNo1juPeMfY!C^XcVSfQD{*k4S9=m@Ed>{dU*4;xO zL=8UB>K>Xq>)&c+iANv6AEM6Ypk3%}M&G<};$DlplB|XNcjZi+c*cdzbu(EmhPBzY z8IhqvRjRSQSAyW~RWCs4h97ic=$`Ixqu2j3T5SJOOBM3U>#u{GZ%OAD%*gZ~>`EneQCR?9gIQXrTp2s_I}U zy8P7*cY`v_ziX4oYpNUiBC?;5v~`T_^nxZTbKjA1luW)S0lb!f-G=j{z-Uu zS~7YX`L>&07k8s@iE$&nW!v((v$ZK-_K8^_{m>v*u}a|OEXv(IL+^1fVW<@%3)@Fo z2lo)?8?y-)2&Bs=u9*uqYK*a3mKwLW5@B4+pa2 z9#+Z9v(vC~TMb=rW;Ic;^8Yv^4<>$-O??5?3l@;O z@e0lj5dy`50jdM84F%6b8X~(HsB^epoUL1WiGKbzf;y3X zIHJBQ($A)gVYk+%3KJG?*%$YROz-W(RD|GE#M97clfM`8w6(oj;DnW~pp-0=Y%=~0 zBTCX#?2sv~WGpeO`lF53QJ=%1k@MbfcMzy!p(kEkJAc6i76&=ksS1D}kNUM=Eai%z zgW~-_$5g;wJ(6K14Xi-|QG1l+hOZ@Ot>~%8%1~`HItBXJQYP`pZhSSlQ&FjpMQ)k* zMID2>IRDP(CQ97`mu4M0bBh><8&b6q{Ac^Qb1xo>>^rd2t6q&J2x!Udj-?XwG7*K! z0x>?J4i5j_smQ&FC~b(;p$HJoWZ`$TXH>RnVYyflM%CbBcsR^X5?8P@>i(G%__+sr z_Aa!MktSML0f(cts0}S0yYgJs*Kf~^&ddkOMg{~4*!w1BI`guW_YByZ)`oVACXI>h z6mGhpSRCmmbgbY2^m0<=GVLL725S--Z#MORU*53%5SsY67vTTE6Gj}r7puu^huoFQ zOG`ULQxX!qNEJm+`fG9MXtjn^fXrp)67@2ecA`RXe+&3dpP8m*#pdY8Dn|#4<-TMDd&z|Lt!``Z-4$ zZMNcWQp`hDA9>?V(Vy*vhA^rj{@{B`8q69d2dYr-As9hi*2|hA@qZBH|4a6wVB>~g zn1Y@!y+m6}O(Pl86K&FF*s`2e+X~y~$BekbhIOK0&S&7CFRa{(z*vP&T$T>N~R>!qO7|#n04PBi3 zfqVRQ^s(oFPNVZG`^3xAPM~Q(9hZfYqXVwOsG~pV-9=Y(c@8TZpC5HgTI{M~$j`Sx zLIdF9_@6^!3opIRy?Xnh^Mc9I+x=Z#w0(VjQc=SNeRFc>j+*P`RpC7@(0?&OSdm?$w2q%bFke{yOnHZAQu9UWavQj)o5)#}vudhG2FvIK_Euq#eg zWGU9u)<+Sf>*}ff26F#(GSI~~jOHqeM^jN20?&HDkg8MlUohaxa^ z((sy{)b*(LqjtvEy&sQVR|KpVZfr$Gg{isuH3`=P0!rR=2c?-h2smY;ufrn-RWd&f z394jpfJSv^G~^T@G>LLb_`RZ}3L!*TUzK1Jmc6}w8H^Vi0Q^P9M?+V@!ERaRP``x>D0P?Q*y)KX$+b5wlr{+$`avAjbm4tw~$Zxfk9WCZ?Cz@n%e=`oa zMB@L7hX`MjV~4M8F&w-w@WsJ`?(SCWLUzXVkGJ#F-q{mklxl71PiNKDWsTI-78DLW z$%0rHlRVF0;!>Q?@dv+a1(&^6Z95-Ln0<1#u&|)Bj(ifz8a2%1 zbM;YOi{o6$rqH`{qVmz<==qlU;Q5v}ZYsg^LEkM`L;fWG=L|~oNKT&^eH@jRmgWS2 zpRt*lykr+j)?bYowAF;cgyn@K3yaveB>tGs_j{LfP!|6F*~S4TG53NP$Br}_n(=_u zOr4=&!+!GTT;Yrg3JN?9ldYzfmJA2@mA=*PmjHY?K8zURzCObfwT1R*K{#PGtOay- zZqRVVFDvdC`qSJrcl!qhqV|QbMk%B}C_6moaxT(s3$_6ycz1VyNk~dO-XabqZg?Uw z(#54|Z{30~hPR`+y8F3B>IGLDgN5^j$S&GgS^1$^$j-vgpKm1OOI^7w02=S3GXr#e zjrQJDcql23Ob@i>Lp2G{499JN`O1wgE-voOvo*9FC>CQ}TlLNxNn?$PkC!l?oQ#c& zvo4!*+4)+T^NlSn$Hn?Y;D27Icf9UU#Zv(7%4?mW`5Jv;`&LaCyrM&aNPU{8kx4Oe;( zgTs=aikfcNugSNt{2sGGytp*$JsT0hGBQ*WoIU(8ia6BP z$>;x^8`~Tlcnfd}U-encukj^;rmR#`aGcx*^*w|BB6Z>(Mq{;2Fx>AAMb|xr?PfO{<+3F_C z5zKqBf73tK0HKJvE>9<{7kw0xTD)jG zf{KO)^~H-9RkXB1JZ=##zyeWG*FY-c$fA%0FF52Wx1i2;$r6D zH^4S9*x#Ozz~;J-?C4csVUsBah~3&nZ=$}gCX_q%3pK&NCV7L|;SUIjh5!c8KS~07 z!)^W9{+PJ56QIDWqop{JD)A%`6YFbg>7%4BoT<|MZ2Ew~?f2KF#+QX177#g{Bjcks zk1Vl!Rp}3?5hjz6#NZ`;3qN<81BIb6V^C_r_sP$2ynGUZ!{I8E(~Ifo1+0B-ZrLdn zW{tL)nwp>emG)*QZJ;ZXQ$9_rFyHUUa6Hqb!Jn4b_=>KsE`Z$28X0|*w39te4F}BR z8LgjKA*rJt? zP?hMPg9T1^8wAmG8#IX~KxalxDD$mZROkYDRVtXHM`#Z6!hRRm6rJ4jTO(`x2lJ^r zWTjd@9G#F1L0|TX3zK&Ic*Z?F3l8_GBRn?!g~9w*+O2JE(rRjL$_YZ32u2{C>t+yN z;2OLdZpLYQ$5rRLby8Gk%=FHq8GP+ zl{Y`jXe{okEzdz|EN=V#6WR?_0c#3Z1r4{Jser$dujGWWk`a24y>&Q%H(FsLSa}N&fEH+47#6YMI%4MFL41V#OQxeD)OPZ9KIO_FlDG{XlT4(zfn()Rfcunmz9c(xH5T*Tp1}T zyLUC}^gBYP9Gz_83erb2Cq7k$b_^lha0n}6{whYAU*6WN%EE9;9|?9y!VBb{f*K=mp|1qfzT?R)6?pi8euz1aUdH9;if-*mzeHw~d$~!`a?^ z1YT@vYU&jlN(YS?Pc0*AQ6xHRD(tvircvza`DNlin0;ZJ(?^5|ZKjF-gvdT+;eda# zhfrK4s6#GdUFgO6s=%5d5dpDdOJsE_T51vb+LSwGjacgOxhcO0-JYQiB^#gE!++EZ z0feV2eo=ok%j{3?sjr%W)~LzR}shsJ1zL`^nqXDJpc5uxHkcAu~?N{|6`8e6NoM1fx}ZGy4*V`nf%27MGVQ<cH<~wFJ2a4FWVeaV6V?;lA2Ui8UM3Vn3E(2_k}t-IFwJeB@Yz{h%uDhDn3sa zs_lK_l97>gZP>+&WX^geiKp6A299oSb}5o<&p1Xg#z)y-aa&Z?xME{7;1%vKYN>bY zUiYj0w)(&Oy!Sy0sa@n#zR+$fe2N(vX%etL%4_S?d)@&$p;`P$(nd zR9Le8y+NB1n<=86)s$4uSMoo^lGI_xt`fmuQ9Nu+&f>&Wyleu}+>OQgy$8zE(vx3sd9F#B5w9@aT1XwI zy`#JyOi%lr;K%A}1TN|b>6ikOwvmRC%`MOMSlgP20J4bK8zg*8;S)G(4{qxs>^x7^ zvF)bG$s|GSn=|t(s>yKH)N-!qgN~M#2?_<1({v^G)@Rd>^H^PTFI-Q_5gdX;F^G|Fo1kSza?=R--Tn`yZFKhjwU^~d;6SJxCymGAA#ht^`%>9xD z&CDQ>8Uj!+=ghc@$?ULG8B9|bX*@Oq*FBEl#MW-Xdbx_>(F#HH`3=F%vhw+wF@1me z^t_8}>$nn)!2tk~;VPm_z_5YpZP%&?q0 zGaI$x|BK(LvSZWm>v!2wA=(!@+gbMJ@rdJ=bWWbLh>45y2zR6_?$uG$WS}m=rOr1D zl(5b^{S5lHT#R@-L2zYA;cW(dpKSa;MS=93uXl&!SUyLZiP z^fObLcM$({#-@9nJ%?Vo(}Q1y6Z0Vwg;%3j*)r(q&4>065)0fC zb2ecy5ze30TDH99JmlWgm2GiTWC?OZm||Vq`Q{;m`f#BMR$z_PR7z9vb1H}5q9w22 zu3roOch~@P1IqAv2UKq$(~oDr*7oSX=90T{gEy#;p>4^5=rAAC!3V{Q-a11sO!T^K z1Qf^|UJ=^o9v2o!N=_Pl`gUs2HCL2ICuf$%C8s!zrCxZXO3CyG@})k%^0i{4M)>lKE%-9SoSi zy#SAmuP8Wt?pRy-I#XjX^DK3uVgKGbuC2_PQxiigrw%JdInS17&vQxSvF6Nl=686! zUh~|vs;tP)6+6b2)*sw2u+kT_HJ>B+;Kw&4Mz08^(tA3O3>5z=)?8h%z|Bl_Ypgi* z#N^Mjme_f0v}8M0Dlxg8bKe-m6<&QE?cfs5-m|BS8_E{m_NveFY< zyXg2K2bP6PVDo^pT33?O`(Dnvw}R$_B1qt(<&4Lf5}zLo#S5uD&o_(baJTP{Ka&@q zPt)W!=~k9j;_^IG{CkPMWqYe-+y0V^%>MLveN77el@bBJq&0|#98DbErggU&P5T=g z$x-%1O^x!$+y@^?A@E29`Eb9_9%FJY_5oRbFvaAPFv@|@5fz$$*_-QCE=yrN7Ivb-o>yK5WY9p}9EGr8U|eIcX zN@BI55vLl@7eB=>&|cnG6Y0l!Tx1Y(q?IQ~jb+q~MiSto*8(LM+kYrzSP!*p7Cn&v zV$&>j)Xj5UOet>NbD3fe09mS6GE0igH6tGH`5pCTaZ)qWT7In;v!QopY%@5AD8qO& z`PCD@xtT)!d!x1)!=IdA5l%=feGBc(bJkg0T>f}s`-cO_*@0h9hjjOmI1a&@tyld)vZBR~b`G>f*`Mxq#s%3s@2L4?LW56JO?Hw|p zzUie`h(cL)!}~mLf}gJ%^ZD~hQ2I5t>qSZxLrSUF9%nk1ye=I-&ArjURU}N-tC)7W zb)zO~OSyNWrE;*lhf%Ra{&I7NO*b9Xx%_}cVDw@$RPyRO2< zkIIGsXQ;6Tl>F}FBNoYjtvnsl!t(#o_7+f4wr{`aD}soqASfU;C?Fywt<-=BsFaA5 zq#&V`h?K-Q1|15LQi_6-(#@!p(%mI7GzbF>Fm>){eE)l&v)4Xrf9E^nyOwLc2r|!e z-&g#u-&J6lf&xc8Vm+%q&d-0!%lggM{$9ak!l5()5E-cfuz8#&m|-V|+F0P*B5-aW zvF4i^>o@A-VE`clsb0Gl5!1EUN}Mi#Ur+!i{w^lDI;`{ItIwX5sjc!~sP-a_Tz4a$ zZf>&lTg2V}v6q_9_qFbGov6~@o)E)AytOW{WaszkG*D+mD_5%C`A4U(!g1sD)=hnJ zyS=E&3uRt)o@jL@2Vynsl8}y^ogTg&KK3Ti7iGt~VT$VJwok6P*9U&b5B!|bwSDn=|(&Pp}Id_P`jPr4LLs2UZdmmM&=q_AT#J>QHPPw2e9B66l9oFSp$Fv{Oseh!1hX&SJ9Jb2 zeUV(XXCnglJ@z&JaaNz@7!f8A5Yu z1OcrkHn;dWh2nAH*TXdDB)Sv?J%}rx-M*PLe|*o&gHI=v5r%jH({zPJw-{x4Dlx5XX!PqUMeAIiAc$ zXb1ScLfoaF3_13;e05{bpC-xj z$)3nYLvc<}sxPK6>?~bV-E_A6%$jZIid!upo$M{mIK=8o&K%=NllUxt?5XaR52%gW zw5EemwJZTCX4lysTkmHfaJ80nDgpje*zPcfP+beWquZ!CJSxZ4|9oixp)@NX+E;0d zW7TayP&0u4HjWu~S(a%&%71BdVZ8py^X0ThWA8TPQ9gElt1W2_&!cL;G*86vtVfuZ zef))?eN^JzDC8&uWJg3EO&W2#1$cK7WO^4y3A zw)k;4;o(pf1bVzldje5%T?%wtq!n;PW$1a*ZtY?&e9x$Wrdj|w1w~+PGbo~P9jV@S z(d%d8?sOXBVt&=!yNd0O=3dE%=_n)K%j>@MQt&co6@0fwM+AaM9CvFzsCz7jbdWVQ zi8ynJL?}RUEX#TvrAdPCtt{{gNN{sklwm^;++L zDAc=kCpxf)wDcAg((fpn*|{#<<+mRa)I6#KKX*)B%)HDq>zTZ-5}imIVx)WHqboti zu&%G7ex8;|YSL?Gc6U>tc_mBl1@V;}uO=&3(Mg{97~p1KHqZAjwfMnHabl^VR>+wyZ772_}CYS`R%r`$!DG;E~O!20v2ayj)%~*a&e^XjfnNGXCVD7kImMs z3p)ffg=jSFWx-OK=F=<-^P{fs93_z8wKCjKHXA3>_hMxglLNQPQS3|Ey_axvvPwfZ z&Ev$qFxH0X`N0ndNPaa%dRXWAiOKXmk8(ISss`V2K*Y4mPua{xl;?m7=9{aXyQ8lk z7VDLDQ2Xson7vps$FWj_=dhu}WJD29^$hJ(>3ojz)}4U(;uVfHo#%QjD_#`jqOcI zZj5b~0_w#)daSywaFj4GW^)uKUQvDWK$R(+@AeA6OH`{Q|wuL#GII!9gA z{fPDU4eJH9@CX-I--z2?_}x9)CfdoJ{U51wDB{BVg|)>H#QwKai;oX&`b)pU)D@@i zRc3LYvaj8cmJcV`r|tbJAhLNWZmqaHNB_jbiEA-7J0&3-FJ19+cG_HO1=A9gt?~njVWfaou(GA$GV%!o2}eMxRJ?H`XsDTi$9pt?Vwb_ zH9j)JJ;^Ky<9we5azZz)z+Kany^8}`WD1)TD-hHS={k+Huyq1HFr`B<#04=Y))^93P$`zbJEK~Qde2Z<*)6x)ra%-ZJUu*Ui4!lu!vt8i~joOq#6cM z4^=>YX3K69!fe?72Jb1bt|L1bL1?L-X?e>X$+7Ntmf&mcgHhD|h*@068a!H8?!W<) zR3LAS>RYrV;i|lUhp_G^B>VK7aGSWV(QH)b?j~$nT4$+(0a|eyXhrYLI%&1%((Kbj zx0dg!)B2>}n1!XaiE;5CKM|y^QQh#D8r;9LE1fxnCQZ8VJG5~PQDRj-%F8#Np;Pjl zH{O+VpXklh)`a)>_v`8DodC6?dbe&#q;HIA@mKhP!0jK0kGdi9i}%m+)|y113ec$B}}dUaD&UYMBwW4&;g=_rSkn2=C}D`N5c zr|hB0lsQwUm}PmrWHf=hVxh%%ddZY~vDRJ#qf6ZQ zkLMw7=D?RFCz?eSE@$enGY?J@y=$;zGcz#=5_}PBwzJfU?N{#fWnv|*1nERsn!6d9 z;j$S0B$_J3OE zMl9F+a)9U0Rr#&9ATc{sL0Ot3;u(5W9gC|T;B%Ph?dOIWKfVf8v}9@}G65>-_0M|% zzj#xY#-F^+ciWo|;0Hw@Sw`S5p ze_9h}da~6pFKW`<-7@#iC>wKge=~$3fK|CPkUM&kc2!=nZWq-Nu90TJ&1&gudE4+! zGY2atrv`VC7ufH*E##0YyqlNR5vAtp=d7^VS5$!>(8$QEm9+5vG2!-gLciDe$#iKk z&y#mF?WE~dfu^mWGt)&Juy9tRx@023+#bf!Z*Xd3xPTxLp}T&*EA>+9&VK#Osy$~f zhf*hZrdOJ~S=+%@pf|}6;m(k>=!~XuPpBDS%tEPsx zWhEahTT}B`jq;;_*_JJnDsTM0NBhCOX05FGY>1kD0du6%`EeXyOUjF;7{>iY0d8&) zXD)HarQL~ipGPD?dImBC(p9X!0Ga&m@m}WUPB>4*2Z0mouMa1|#9a$^`*1qiC|3)Y zu`wJyRnhWd=N~KTYrUC=3b1G2BF)))Wr|}zwhm+#v;`o>w!4bm>bat_d{GOtgPCyJ zXiJM%c&6vG?C?w(;+!UH6F^X$sM`IB6e8!1Ci&IvAT?(X1HV<;_$*v>fzc*rVLk*;qO_P(|&Kyx;&nHZ(SGRMm(-e-$^&w7mtG4LTp>eh8GE!=LTTfhu5p)=99bMX$nCpKj2iv{QL7pNuzC_XJ(#BTC%!h z-*Vf2{J2QSv3L*;BcRa}LwG9yjS@7ts&s4S`u4>AH-~^njBI8txQ5+MQzGr`4)c38 zXnVmcTWz)3j9Ay<*cVbRse)pf>;8*#+HQ;63|E;tJ1ks{FN%pO;D)?66Js~>(#*zj z+q0Dn$=Lk_iNZ64JH8tBW}fxW-TK?3J{-WU#J<>oZ{)}D(!CTgn#s)Dz_hM~i*NV8 zelaphdI{T}c$=Idsry7b*}vuWYifKoKps}uJaBAj#HstdOj5ev7bo}Lda3z48~Bk} zWgBXv6tEYXi2(I))d;-Xz)bi(-miW0+n>0M3iaTypmRyvs`A+=>y26?OpJWF?}%T) zmN(YxiY%v?BEZ{Y_sUU^?>dc)agyT)uQ|;2yYjRIVszk2Z1Uu6@v29MpoaS9Pm6N+ z7rp?$?)HNgo~Eq>Z17Bpi6=csaUd)SQul8Gf(y`GYH#A=)HgB1YUzwL)a|roIo9Zd zm`Abz0fg!)gITm*<4I5n5k)aUs38xBl&gzNBvi;zKzeAYu#F%2l%EF^kKyA~^0}g# z>pI3{nq=y=H^JAT5a49ap6lYg48|jW{Kzlv+%p8IU48cEiC!VP{d34=zN@t^s`?Yn z(b&E-KB9C!0)-nQ?atj5_glZ1Xr+J}cp2yMUv)e7#Osg!M`jD}PsxRptuL_aTQVEO zCT`)K5D^^u9MT4-3ZINOJ)ZRPq zUe7_+Wt3HI#;z|$nD$s6{<6B=f*nX$SXj|Q&11K2>}*UDcNEEXNQLBwdXOzN9R|BB zWT*S~mFV0KF8%}R>fKStU-*MIzwk!y=b`8W3JSW%dX%OFQrrE6XkplmYS|!z25C(4CV;#op}hvtZ7&PcG?o(R50^#TYFD@alGvj?$cg} z3rwp`;k`goxl<@FL+a^fP6frCaj!{G26gQ@dTwqG#2#+Z!q)a62qDOG6htO=h6Rqa z5EWNMA!_6N1z<$qkGO>KQ&#T4Z}vp;0me~IUf!lL^wdUIj97!3(KyVY-$Uf35w2F(hkJD z0OsbC20fQ}^Nau@Sli(0ulVhjhbzR9UXErS!+jW2*v9-^-r z+EDlq_a4jd4+m8{GsQ7GksW4fJKUYF(-r#(m+F-KiF3!^&Vb<3SHW=STV&+Gf`elO zHpS$${%;ZRdP;n z>Qg?fxX4L$o%0f1k}K$uIhI5kC-oIW}Y}eUOH&v&BuF}BZo*vHRLP2t; z%u|}G>Ws=t!AQ{4SA&jwn2`RTT7a*Dg_8j|HP90Y6)&HQ3F+zSx%PfTlR6JOr)N`=wBvMREGS!pqogHb4PO7eJ=bTZ zO`iR>qm`bKAuTs@XXcqKj8ig8ClqS00?Gke8P$D!D%1B;3!hww0`T9m*2Eg^^Z2PY zG(q9=c^-$<=WnfVQ2e2(15MMbtK~rhgf)nf3!iK+?QZuoG!%=~arT!Ut0z2|feMYk z9zI;+TG)kc7PmGBhRn^KG*tYJ#?Xz4Q_tWg3{zvDTj&f?h~!?Vo@5Y7A&Y* z^tVsBxgkYbYD&W2ILTGO0#xQ)tK9Ux&~hqSAsV;JbOYP8WbY+BFvzbFyg z55)fXX!S92UqHP;S9doHm$Qgl%QJ#C$z;X`WO$)=ls}YAH;1H{py27c>uib2#}6M) z3QL^-DlSC>Ui#!4AX6&NS&bCdRd6Z`D2R^%ZQ&6S5ruZ`NfopE8Z)2gEki-$53o8! z2DA?O)cuibYYr|GoVX4)m;jfwP^L}_dyIfC)bb8QD|~Zv6L8WCx&ucKA1zQWq-_Um zPBT`tQeG`p=ABZ9#U(NJ2ZZlQzZ5;xp+3F45LDSA-uVmLA5)G1DVpu=?>_|qOW~ur z7URMv&iLKwYS0%cbs@)*+-|7MO;=Lt6cHVre`$TTQr!0Y5Y%e;KgIvNkWd&{*9RKk zZZ1$Ya!RpEif#2e`$OW#1*E9k4NLJ54w$zy|2hEBGhF60%p_!(8;nacW*M9y-oAGs z<{uXWowi;+$X;6wQgLzRb$1W2H={h)6J+hLfKA(yO_5w2P-zYz_W-KWyL0D)-5SrS z2<5^XGzV9%wWuS2`6XY;hviKw8hx z;AFyIWWCPq(qVz1EwvKgDfZ-bmS5n3$YS)H)ZDC;($cTAw)I zl)e`ix3f#+_sTL=@VE9CmUFR?>N8|%jWZR14A4;knf5LoiP6rTU%E*7nhbo zcXoD+YoB;PMU|pe=-1wE{rjJC^COCiwDQI3@!&>ozM(QV=jt9PlD5<0W_Fdc^9<*Z z6@^eyQyb_=gf{E`XLoeP;geyYPqiJ_&?eB={Qjjiy7AFK9<-8b`FjiBO^GwqlHUo%M!aD0A_Fi%+fE>ScD|XHaEDHy6rz3 z76%Q-37~tpZ(v}jsjU^PY6g3b+iEUFUDGS5N_d9$w?;EB+jP5Gqt*O(MW9=#=L2t{ z^(BzvaGmFsE@WjZfs^j}5#<1MnQUX!;8R?1SS6`Qc_Y|A&K#zA?6T2KR=D*-MiGDd^d$v+{NAJp*BZq z^&3D#K76SC3muD*^n7~2HjR&`sJE8`4TqQ-h=k-v_+5z0n_x_A$^LOK`;i}iCNw?$ zJIlg?LqufRK!UiBR*f4mT*_L>d8A|_0h%`gxI>Nm_wTby0MoRBvGR~-IUktrla{de zV&AyrA*3U6Ou$?LTVV`fRM5-*bn;geMH`#?JRH*NOG`I0(CzK*8$Ft0YWn*6V-K-C z-j9E_oEK^Z!znzj-oGCp+LH@F$EyNBQ31%o1XKmm{KBbMf_j#gF#RkYZBj1Sv=06Q z7QoQ(oLy=G&S^pw7+)2Pk~k&=5t=v{oXGI=mpFOi*vd`iuCZ?vhfY9dqQ36vVam$N zj6qK+r0v`$HF7Rh>xm01DmWlld;csh-Pih{wI1$4qe1rCrj6B84@w0}Ke8`Vp8$P=RVomU}G2;r&jZ7djbO7R#% z=v71#FjpG(_V)Y3pq!muT9@eOxffVL`Z)*Ox&E6sZ`6I%)b6!hID13W-BbG<)O%mU zxUd!(nZL8(7-jbUN#QWb2H>8YATq7ta@cq;m!uw3y!Ss{tMEGA?6m&}4*x zfdS*H_u|~Xp4v5Eto`M5t`7^{9WUzHJTD@oS$BmzWz$ozi+SAKyt|*!A{MoH%(1p^8q$ZkS6GNeEY=6 z;MV312iY5%86~&J6q?INw}4cg0YEb~cx`QAZ7mXr=0v$piZRSrn}Y+4u(;~)p~fx- z1D*0Zs_5%&fJpg(mAul6Wv99aH8T@r}sJFu&L5ku6DBMt7P2izM<2T@p4TQMTdzOZUb$E?+WeKLs>Y z?=JQh5m;A#YvBtE7`aqg-jJG=Yy4ceN`glDU$KSEP#(I0H=(0Og(J30eq&jm;GS4sl(g zR_gGM{y%(i%2q#Uj+_C)t2EpE{V8N_E*=K2rZVLN8CA-fA7$|)_f%&`1KVSaePqn) z{AX(bA9F0lK4X4Vy*;eEGbu=CDt-{ol*g5#Dmx{ro}GU_$}8D#H@K!%^N1x6c>ZJfSd~W$_OG= zh6C@EV% zpK#xI%Q8K@V!^|4PIs;C5RgrGT!FpD*iPj*s*#I2)Rf2aIokBj$TTi~EXHMGE9BT2 zJBzXTp(O~IXaZ8NvV;Ro`IU1#oit@pZ|&oYiwoxW9%&=q&{&v_v!QDDHcliq0!3i= z)drKy);FW4PYfwJrJC<`)LAG<7~Zh@O$7>EfRy0tILI}Afx19ScAX;r!hnGVnzCbw ztcr)8-aWCq0b2_@rY%x0;py2$cT9TYo8&yhviwmU9-%MJZOKOtQ2C0!a#g{AoXQ44 zbNxCih{;rw|05Dl|05E>w=jr*`bBw>fbi@rHTM%c12e>AasB>xS*}t9XCbNNu7A)s zGOy)8vnl9MR|$$~&D;DO7@l@R4*|>vz`)6UWYa-u#*ODP?y<#cR*_^5+V)hb4>s)3JR53tb)G>8AM?5&uOWB(2I>GYUl5M?JBtuA z&cC|aUQmJgys&tBjPJ&c8`HTn$C*GGTn1DIcQKo)5~6xw{TaXJpxgNp1nh$E;rYL` zEkO|}%~946!Jxn)G$_5=J!_}+0Q9+yiDiZtjAr~hQn>QWs~ixTV#Y4P>_7#<0jh(n zfH|&66!6XG5Zv!WX2Wx{`0#bbquW37id3VwV3UK4(Td5Rz6-Is}B}qH- za`&`tjWqF;JPc;4UHIpcZel_S#hEtugAh!5UZn(+0; zwjlec2y*iquMp6yqKOF*n@}30fL{n?Sra*`ckef}uJmM$az4HW#Adr0c1R$)=h*=~ zdO!Stp7JaVFcL^Jy0H;DGQzY#n(g|C*(ufdIz1-;g$elJ*V{WX6h>u#PLNFvX?A!l za(c5CnrN-YdvOFh@G$fz6NuUjRR=W+4rL=(ATvwxGq)-^Snf&wt?KGlQizGL#HcoI zUugcr;qY8QLjHK-OZkRw@^63t)!~qfhTE_Ov_;@OGh1F77SL^8eZo*ksKyHz1u0YK zcYnv7+(DXdLcjT95mm+p#-h#d9(HIHQgy3)z@=&ojFP{g{9&J@QRjUqAKJQ2mhQZ- z*GQ0bk7U^W`rFd2>_+c2*27M6+p87)K0oPm#m&Z85!}NOGb=vGRnY__2$QGc-#Vb; zPD}az3rNyKuS|u26pYaNo#cFjuA1{@V`u3Y&s!s39|1`r){Qg8kglCf1cB{q=ZZPX zPbvd;)0l?1JJnM`T8v%Xq-hV^K4}cffEv$UWKzLoqRV!_eZ+qF&?_L*05Y5E{@S*M zjDPs}zx`06b$c7eRS#6F{8TX3iZlaYa3~lI>jhbSW1VPd{o+$)L%A;vJ4j)?uFma_w8WP5o25U_{V zL$;2TA8QKU^fkRyxn~1btX3WrxZk21jmiG-pIQJF%vm^N9H?OVMt{@@I-aShNE$LA z)d3!n>)2nh&*#07%j*ak?mI=8qgE`V2GWATrvd4!|?wYD?!$c z(x&=|d3r{%5RuU1`@Xcc*z5B%^vk;C0SzD~^hZ6qYVJFl;-`vyZw;Jg=9pf2>7J3F zSu~WGM<)J5uL1uNEHirRZ}^X!;ZzL57N=#EzLa$K0EOD%GX}%J8u>21QNe%`pr|ws zkA9E}dYqa|-W73{x;+J&(MIXx0noq!xlSa4T&{Cep@#vW8L>$ zzF!>Uqi1BU@@KEl$rNB_x}7VbRnin!sdR5@(YiUH(T`NCrT~lLjb94X=t0pZv38#R z0%)sHeXH|OtkUS?nM+<`;VI1Huy&8~rvljxl_O(>+0BaWU-P}CBA4!Yaw3L6ksosO zSwqoz$lfM=wSwF}>k#q_Cv-JzCBW^c(;cJyu|VfsdG7a*;+&Zg-?Zyl(!QGs6;reI zy(k8mhi@I1rC`wK4;6m33IGozZ$OrlseTZx=#ZxoQv7^QzWFMR6%Nse&tEj}g`DF0 zBrS7=$a%gnu&F~CNx!n#=_`(*g0sbuBLZJ=OLfiU&7gn52%9lEjEynLDtwVjwJbf8 zV(4Lej<`8Sz@USQ>`>>jYkx!6PG%}=n%XO%o~SC6FU9IQ`r21@rKma4w9{iajiKSFWvpxt zT{XIGet<;ruSuxXCkGPLWv4(u#r+p_9}MZtqLGuUeqUM23$k1q?xq_1SoFY-aha!n z&6lbT1NTXjHib&PE`_Y}ky-En7w=IWq)U)VdWweJNrU3aJDrV0m zlqBh~4E6MIYsR5CIm%0}YHq?VkI22}-(%oL>=$Pg`@XSX*d_}oMXkpXU8}UknVCuh zj-HpXZ?5{SaS5zEehsXBImr-&sYoumEm?;N0XwD7XQ1j6z^teLi<3s_4kyVoQ6CcQ zs;J~oH7Qhz%Qu6y4!W?0oiAFK_qKLhF<7RtKNZuip6j9 z);~Anak&8lv*P0RBNd-MXI~@nYG~W4^_@c)+Md<7Fnn<+ zzW38!z9=Xo9Hr+4%EV(teFw}eu|#;;Lp?46o${VRy-bpwvEvd9kaGQC1xUzmSP;`D zi2Nud+Ysxe$n}$?l9zoxYFNLi$wI$56O|%D7hnAs1=~etFyWb^6%s3&(PJ( zo9oasA&{jJrqfwQaJHD{{wAD`{H6i@NJ*)5fcJ3i;-EbsWQtik!m5@+@s<^*$W|43 z7iz^;H&bQJ{2IX^96`%cpvCI-LrH(SLKPb-UTW~N(m03mOxmjqs#j@*Pa@8)gb8PrP0 zS>%n8D+s@9O_vECw3#aIU=)(RES1h^6E3m=*5 zR|S$hcDkVib-|zwIV7d5s&48{b%F!l?b~ZsH!&fB^L;|oj&U1oPXyAEbV zhUKUP=H|Ayu}Z>rN*7hV{&kW9ZPI(y#Uq(q? zJ7GYI;n3tAvG_vv#R$N0L~VuNS!h46QaLi|`YMc+_UD zDxb9oND}Tl>$BW|ICuS zwXLQ`N{JXpqxV{nW2=>>omSi7A8^aFxnDu){&c*o0#ko%qQm{=Yx9D3sl}tV*5tE= z+C+TH?qOH;|I(<_2+TUhE@R%3I%?vs8%4#Q4VMiOs4{oX-+` zu7KcwmbP^hurdxvjx`YSnt_lv0hdP*)!l9JTh&!FgS4 zp5HE2f7C_-I?tQ`fb*pJ5)yY&feHktQryNh5;~XsbZXY7OzJUA8UKPNN{T?2hSg}o zo<_&zbJ-UHMeR~+u62zeq2TlG5j?&s$fmzldvUsJx|-XV`BgCAF9{h!4V=z2qP43( zjf?PeTblaKgN>B}+)O})$V*hgx6eS>;EI;&T=~~nFOf(PU)P3tJ1r(TJaEypK@S(W zg1E(=)Awe8Sl`pM8PlyF*&(xA<23PO%=@DyVB&cU+t-ZptPv!G_%w? z#P@`xim8a8ki@7F7jJRMvXYw?&aCH`Zkt+d6oL7b?ef)CUVB7*T;&_{jLwAPB7vQx~~yWQT61F8V6u}vmLk7n;A61mw@F^tB=2fz`~42z z8=|-XfM=nC&^b)OJ)qCf;OMtc)vzmFepvN22(5_z4>Er7q~zR3H{$i6#tA)i6L8d@C9k6QnYhYuyXAcuuTwwqp0x;R;V@&g}xVoo#X|d@u z!xU_YU+M;@C@-#|Dm)w~3-a3A z3k+zWema0N!r)17ier9J%gT`9>QD&i=gd&CqNNIp&kJjHL0llj7e}SB(sm^MATKed z?1>^3PcB3x8re?Qx^mYh_(=GxU=+u$Mgjk5b&`6&sZDbRA9EZG{dwvC`v&>_z~ZSS zd0J}Evr}-XOYD>v!9!x8Xb7*ERVM>1I4yjEN4@Jb2X(3jWHFyn0RtJl`iHtqhXD&o zP=2K8cDUwCrg*AlKU>a#teTC!W=V<1)i+mf8{M=1U()@@8FMIaF)v<2Iw{nYWuKk! zSULe>%?Gb|j}zU%tSk<8DA89h0#QZ*j~o3L9VO;$A!F18j8Q$|4!J!L{6saN6TK8d zEvDYt8#W#cGinUXL#Mt{C9sfMXw&Jda!O&7^VfeCWVLrEwD|G zZYv@&zG+lPPS`FualV%&Nr>#{KLN!-y5!ofT3EFQinz@j>}+cB(5^=L(0cKa?005) zv0;KU%R37`41WPu-G*S5hnksp%L(za{0sJR7aUS0P4AuslII-@EP;MNX;}Vv4CP$dB)`6Pu)jdbUd61T7q=&g?gHq}C`@Wd)>&M)F32JO%J+c2qv6~_l zdcnF(`mr<3@K-M`-eWjHd*i^VQ=AKyVH}QJ=hqGl(731^VC|4|(_?*a$S8C?kY2^i zqfgJ7>yz4>H0JW7FE84@AXN^Y<7c|)Fc4F-cKPxGW^7*GV)E^leI%;LyHE>H=|y!DG1059Ut`%GcGrI{^0!G zR`N%rZ-QD$Bcf!{_ghTfxO&&=#X-36$L>&=U8nPCW8CV1VDIIlf1xs1g6?EU;(DE$ z)cu>~5+bf2OTkkt%@kguqRxK(wbKS21in|oBw3)Y`!o*<0hKcWZDckQLat`{Hx|2nR%3|JPOQ|MbJRk0D8oZH~=ns$E#x z*#}xbMbIVL_qmw}AD}Y0HifI95!Y&~Ig;`z54w0|59ZxQ&`teS0S<>7;xBkB9uPX5 zY9y#otWYix_rXOt>n?|g3#C`A*h;!T!@hvJwvIjNjKRef+~ zW9Kfv#)Q2h+g9tJ(foy0zrO#lEYoTj%Xp(lRe<Ln0!2kdJr$Lod<4&MP_{<$UWKwjFwg`rv*8!Rdrrpy|anqmXhz;7YKk}g0i0~b${P;q)XXw+uk6Cn{ zDjzx$oM=Dw&IDTFa+uNh<<|?((a?m2S;xhmkA>bF(@=M5$^G6#e9#ZvzKhgV+T&xF za(K1&#dCG!exHK8y!^4Guq2~j&&#DLDE**LnH~A;AMcFP2h9iMJ%U*x23s7&R50O6 zN?`)ZJkNotlw9~C{0ED?QMM{o!QkmpI`okylL#0F zNYY$uyar)^J3}W$Zn2XDrgErYq#GYow$JUyL*%pHUNie1)+EulO(WU^Ex)-4C7>ql zf?K!@SP#$7!YEnL5M*Ohk!l3 zEMPcmQ4w{!(6>EfDoPr5#`6rwQ#R;vuQ91Rx8EiBOba+zaO=Lle3v&+LKZo6w-83x7sa}wp( z|9Erc<_SY7<1mS3k>erhP<-2V)Dk(!K%^-*F3X8-x{qE;Sl8mkKw*;2fe$W+yK<+{0MYhh}l2v{VxVf z|FzT|^2kYm1!Z$NAazTU&NV{j2%Y?XNuG9JIEu)KujVj#t4Q*zemUJ_!M3QR<#0vo;yY&c>-%mW+i3~XE zyB~>>P0Xh%s#7ddVxo2yUxgpk?bEt|Au=0FIR$D_+#2e&PqwqydhgqVSFHwbQ5o}= zvIB44Bz}#TL^sg(+BMLobq3Rf#a)d7XrMfAv|)X~`Hr2tVHq+jK#BKUjhu9xNUP;) zPf_uMraE~iCJxuG+#=_1Pk=<;d`BfYFC1LWjo>v`)$ugsgp6NrNx;kepR<3wlyc+Y z+aQbU0ctA)TiB!#OP{l5f?xr`F5^29r2}_ztaXIXHYx2|9p!pr8qO_!;ZBKz#ocA& z{svbRK?iK#rY&sdHqS6AeosjfvWjwToxK_R1^hR*K`CSk<6PO|Ka^0V}H^0$|sAKnC z-EMa1`=qzO-}6zE*T<77W_H9oCL*JC9RUN2bS>sajvNiEeh0<}71kdgWvz=%OM?~Q zF=-p$aIl6p@G8!ulZ`T_uFTFOP9;6fMx5nfYE_|5j)(R0ZQ0=MK})e{6lrgJOR}>e z`Lg@;tLF@n?9vZT`rzsr;GwdUev-!(en0)u-cC@PpAE!jYJ~)GKRG|)>w2RPK!hE9 zJ#0Fd_qdp~@q6UhZ9BkM*{VBQk+qmoYI;)?qyt2S!V?fX?F=v7%PdhQ?2=I6SDBk3 zp)KL}okLv6_1lB^zLLA+3#G2}EhSElP?haV`nH5(9(6z_>|QqhV=+DnQ_XQpiGfK7 z|71z1wa<5?aL{u3U8^byuunaWTPgNRO#3C-iC0YZTl&oANAOTXXRoMWME#6kiXYFEp=XJ2dd8v8M^=uS^TyV1ee zPLV@f>o9OTA~hsS(!No$>~FlWeTv7lt5;NTa&q!n45xS3x58G@>V`!7EkdKa+{TBP znOd2JYmh9|B5B?|yL3r^sF;Zm%PnU!5s$uoI&0U$0&#RyZ~U zZxQ)66~SKch2AVzKd>7-w|cFrJ6+}Z?re;154J-Qo4iXnE`PGRj;j71LQQfS2=?O; zeO*O$E3T=dGze^<+(onndc0dO-~OHGDhogEIzJd6>e@b+Oo~O4Dj1* zu9jS$OgZcDsoWvw^6~eoLE1C@h`J>9owa_UCp#+}VL-b6ZwQZaCLTF?;rGn+M{#>% z)N5IUURxsS{3e=|K-^o!VtNLnb6i%Fhe|xcz#oi5f9^Ne6bTzRd>eCmV-^JuZ^*3> zDmV08DK!Vvj-T6|uGXN3#u_8&+>+fgU{CEROh(wB6nCb)38+2iARx<~%E!wV9qCy`!})|$sVB>a ztTEPU8P9(2#^`Ek&CEBNL$SQRuDpm6P@IY>JiT=@SM`T-e&ptIK8#ZrPI#Q`gFfBu zPa@F6i5RyS-${S$ctyZ(OK8`w8_roZ>}q>V`ks-cKNm1~ZtFjMp(yU9O&*B#Ox9^( zevEHjs_y?{(}4MF^|iD|-1Q=swxQCrZb|?g5PiAwe@BTSV`(z|<>fb7@NDiRTr6=L zueLZzsm)woCy!XZx{Zk`fb1 zQiAz4)0h&s288XFerCdKowLs8y#iveN3?GpRc%ZKUc+LjJXz za;Lopa!nSEm{vMkTf@Myi`;P?l9L(so_Rb0_>BYwpGT0{s6y#*$*b#hWFy31UoEyo z5Vno0ZCiJVI1}-$0aN;ebB#3ZF|RzCPEFno;+pP(TNXwC?0Q#DD4916I+~m&TzvB`9kcZh5n15hxVYmjJx%ViDV$!OiGoK?2qd%FA7f+0 ztySyF;eGWpuL4%frl6L{20q)v3^DHU60@`7bNlhgqt;9FE5$v7I+wRguHi|Z*kI{> zy4%s|d-P&8jPVwpK3l7!0>>4mp2jx8fep0*>13w3(;Pgk;r{R^UR7^Ry%L!nyHl|`kGtQi6=Ice`CI$L_9>?z zH+#3sZ|WyTDnVxF3{CFk5+~b8WJqg!&w^Wq zhj%d_<1>-Fd`+n@zG*&*<#P!5_LBAEyL~>Vv}8hOfqk04On${?cEw5$yje$n^-W!E zl^f~Fe9EHxtA<~LrmnTX=R4F9_m`XPxa1o0R9(ZW0~w;W2XKN7mS$b}xp>Qv)`E(& zkBW*j8b=(n=4)pnvF z%=T+G=<9t7mC=Yrx7BlwYJ{rFZji!}GRyJYzq4t-dS}?+-h3H(3pUmey5|c_^;4olTKfG=%WzHW%`h!bd$w}@CVpphJs2SG z#-9QyC*{}i`gl1LUlj46wTp#?oZTj|8HPwclru`qcQ*6>Mbj9d&)2;Y!Ylw5bU5bM z%2*%>U>jb_&?#0a)JD_W>B5bfnV$mZ)bs9?hH^>Ly(xDb6wR+iFKrQ?rSJW|TR#oF zxYm57^Fm(XMiWQYdOR51-Y^`cgdVC`t8&yY_f?M!*UL~RLo+_cfTq*-O+B`)XX)|< z22JeKQks4;ECeWTEeuP#RBZ%q9X-;qSKu|4nlD|cw7-zC&|B_0J1-XXf6?}yVNGV+ z`|ylnA4EW;3MwcFA|g#{m{CDNKn7`2B27Ax-os$0tB6Pq15%VGy#->SOYc&ZP^Cl& z5PIJApq~F3htvFBub+@4x*hH!^m8ZhiDgsW++KRc>y(xjfQ9JB#nD#Rgtd!JDPMIs>0zcexXe|m;c9D?Z?=f-YonF3;?i|+*ts%&$7W9dW zT6Jcu1st>E;{wNE)?R!Q`hf2xrl%qpbs5xn=psSr`T;wmx6W);$Jj+fRIW;dTz!vP ztGZ(F17iC%stDYofx^+Nt*^XYgo*1;?nQaoCYe*+Rh8_bse$kEj)C*>IQ3QFd$LJ+ zxkRfZQX8z!IGAA8x;$LGJ@ji*Doii#(yft1RuQ3VY4=mysXuQ$QlMq`3!9T>aUg`S zJaz}AL^(O6kFiPE>ASsw#-7Pq=`8l0pOM(`<3uuLoZWe%&CfcsH0g8RQROG)>!5jz z?r|QdI_PSXrFM~l6L;E7NvhFbo8b_b)Led{_2SDei-e%v15)Ed8px1%;ZMFRt(|vi zxi~{)#pNmkIW>7$WIv?kn2bLPj-K*bbw{JsH-q zi+}FWUg~q0J)T^-xA0YQ;#9oTI6B|aGE7eUx0_s|807?E$gR%;KZr08jTq=Rah~ID?vV*G z%+uzTY`0C`|M$PJ$!}hSL;odAc^ZD(cv6&j8hh!&lz!=!4;i9S zL1e5<&OG|(XYh;_K$o02y&fP`#-h>hLpb%=5J2RzpL{LgBOgmCsL%3&EcUL^-V3_w zISTb}I#E#zy1lLgYnJ+6rSlznmQ$#0^;|)`$5by3C|6$GGUijVGOd$uV~J?+mJjn8 zC6l$yvCQAF0FTOiDwwn@m4yf#YI4F^7x11HzM+k6nP}AAekmUBB5-(nY|om621x`X z$&pqyQs`BeK5xogolCEM)m)&K^Fi0%nXLZhi3&+`DhY=Cx-($V!qsbU_6U_Hh8u9Y zhOp2(j*e8YnlC7GkJWf=r!AJcUKdU8!zy!TZ9=GQHTy;o3Ma8EiMOLshD;H)iM?GN zddS^g`&YNsxmMMH$!O|%BD;juV>y!==cd>9&h_Nm61%N4PPzm_^*wR#JuVlWXs_9e z&~obqWhsY;#Z!=&5OEXt%FaDFGu<_4vYsjwDPU0w=gq0Fuv|BVtORbDwE zk=lRA1zI@dA$5p_ke?8C3}g+B!7iZVJm#A1?OW?5m_4jY-J>g zaVN7rLWFnkna^<+@3YNBF=ex;v|}c7)9tBUGo28_tbKSrvq~1)zr8+0x=fo#eS%iP zrnF^o{!@oQ;1#M6w3K-eJGqioRatdC%9+o_do;$=F4wBvDv^Ta6h%Yrn8S0@zPZeM z<;?KoP~vCq;1d9bwWsviH_CFizVd(}3fgQ!0I*m9{(6^lr@`Q=@77j|52vV_Vae=^ z)WJSiDkCKr&l@bcP}pTxGNr{TN}bGUJTh~9`h|hC1gHDr#}osYKc~#_5|ypkC@L@K zT{$OuL2j~vkVHDFPKv@59X%Gv#l;)rrQ|eOcz$lG)jUs4^Rz4VXOt{AM5Os$_g6l> zA#S^cbMe4Em3Fo3B^Q(g#E?oU{Q<2jb3r1@3o69Hn!IBBsu0{hpQ4X<`RflTz|%eM=6tdU}F0%aF( z(npGlL|<+>Dy>&X4wT$5(dNJ=N-N^XDW8vnZrB!H;o+R|@kg$oa*ZZmzTX~^?KSbk za8~)OEuH;TyIDZTL$9z- zXT(bifpR((YknYN_IYw_uwqqEfN+8$lR{y@o=9G%fu+usvU(&R~_^nYH-BmiHxA1&0`FBEY`ar zaCk))y04)sC%IR8vMDUd{UaCkK8)Twu{wUwQj?o8 zwJEDOkorqx2&g}qQ&v}c-QJ>)NK2R8XaGBRBBN|1vT*Fp9urERtAN+qt6O`6AtA$C zwmSRHqB~cYZB8`V@`(O?x2Hm^!rR0O&sSlSu`3;xG>)-O$yw>$--n(6&QTI zUTbe3c$C8A3&Z#qix(;QR}rF*%!*^it|J$^+=#A;Hbr7uT$EeAvG>7VFSQyu2C*B@rvbeql0b=n5ny0*d!H4*SKA z=bcaxlZ|=5@oOHPYbD0r!us1}@>^inw=tI!Anhx<-#{Plp;_h99{1~pU4*!j$`B2y4`UDo%DT!~~}6VIGtfcrDEqLbwk>lehM6EY72Qe5QsM_sl%( z>FO#!_`EYp#-Dmzra3@NblV_pedB3n*)qQ>_!?ba=jE+QJZ3-7la1}ROs+h< zgG=Ad2YKX6hy#j5Lsb)*1VdQtWD$tm9UK+14T=LI4Hrz-r6*r{KXgn-51>*WFGjuK z!0Z;>orN39TTSDblrTU|noxO0B zR%&LOkbw$&Tac}|p+vq-L4#1=CvQ-YrnyKQVO(Bb&>}lzYF+`fDOT^;0~>uQX=;_@ z>Oi;@l(;v9%e0S9cJ9V6Me`jj?v1ip5Ibc!9aH3Z&rSQ7u4s5Out9E|5pB$)L>B?hV_XdQjN(ryOtm3rfD~2do zy(Ml5ic$&MBu3-cH@7txG>$iCnN*4HTVLHHbS`|r)lb}3T&c74#mpm0M(INF;z~|q z<*riCs*@#?3}V(D_Y3+x1hR7+jS-c!AZY--bil0-VpNq8eq^zDG+dvfWI9{<<7hGr zJ{^sfI0b>;LB)gZBHekm>|ikinoTOp;aM3Wc2u7%GzovRqRk{qovGsD_6t*kfvLq1 zY}hp64=JFo$y3MjNo4|4A3s@VTzvaEL}vAJ8)QtqQM(dD*u;<>f(tT)!Z`QrU>IOm5hSrT*UPJlKye!C!E`C4TSd-kam!J9+2t)2xRRH@=LZ&>?+gY&*Y~| zVE;1in>|HlY5ccp@UKNZ!qpEwq|u5T40b=dzIsK|B&`Sk>tvQnk4{O=Rl+B-9AaH- zPk?oeP^5#(Hw`qLAZuse zP&8U`H(jslKD{fGt}?@z>Kl@tU6EPu=kV9(`=f+S6nGkIU|?1YV9t&{oZ}8YBjds0 zZVLK3z2zk`I_B*~ueGujQV365tp3GnJQBWwAu&esF-M5Z(8n|OwO0Do3I%pM7SG9M zF_(V#;Y0N=z%|QhTe;1M6d477ft)YJlT;$~sCpTR!QDffmLklf=}RVO30Yk3bIpZI zBYK0+7}YKv)DKezqN791z0Eqq^I-sLFnd7aOW%PX;7241etwfZs!(`F8DQygNAsO;~56dq|T;SR8zp zqF10QrJ!pFYWC+8tO<+r*zY9 zez>p5QKk#VBO#@;*ozpUX73eJ;qw%Czh}MY{*X6ALZC@rQ}2z74Xg<$QObPOff)mu z0TJ5kRj+r87<>?t=-o%GQoA4H(koo-G|qq+MpJWhMMz(Wcw2X%RT0OW#&$CW5_Soa zvX2hlAO4>JtpD`pmz7%vuqYt~xp}P<=(0*KgQ*=>Z7KAMRQps!c_d1|L^@Gl4&EYy zeag%o>n0E*41AE_-UO3eo8Ji>+SmBM=&U&YosT`6WPTO6*ai)N_+<`Rs62!yrvDr{idouDt4`$dTS9h!Q^ z{`T`QdMdSXt3|RI@5>t>-{`!&_N%B}?-?s7-MKKb7AYY*{W&q0brXesl;P>;MmpnK z^VU|FKc{?d1j#%8(~kdDb^p7U_#<9Dqay^H8&Xp)Y3GgRPZ_^+nRqdwj{eAh0yKJwVu01e%x)s z9AFXuIKL=|`H0~(cit*$t0Unt)l+n7^wb%ocA#->_^Erc#e38AmgqM~vloQXAjX)| z6z6VSYK%N|q^x(o@*nbvjKCdmQZ(M+seQLqwU<65WL~d$OLY@E=+l|rUG5T1-T$r-{OW z!ly4^Tc#rqPV@FFX~%}fFey$Sz8>paWl{6xX1DBme8$31Ktdu?-17Hh>=)ukYM`#U zk<7kq5BHbJ9CLjWIT${E%Dg{*4&Ah3H2tQ_Dx0SyD*leXV4NE2=JlkiJiZ zl%<%AT=_7^EUmBKZu(e05$IEopH?8P4R#}xua9r@HX{KD?37tE=&gZEeIeqU&n~!ZkBH(|+ZEhx~Fd8i)LzW-f*W z3fdS(z6mowAxy4yJfQW(B)y1-9GIqzrYE#id6fyxEvR8P;I5@DY6Fk;{==Tmx5J zPw3;HiQdy6)^T=l9DKG`Ab{|tJ{0WUPxEfiZzG65g?x;fPG0mHrU$zrV{UZxi*&s} zu5x>5o)C!8>TV>D<~zc@$s?Y=^Z^7pSRxtAq*s7p@^rF`GD`S5qk@@-+z z5x!mqQ(+L!#R;9lQ?ucMjKV^Kro_hqub^M5?nyFFD9_Jh4N+-&cI1fr@|HW>>T3PF zi;Bh@7bYhst7~ff($dmI?M_-5vb_m2`2~*1elOCG1gReuBS(ZXS^<^wiVX{9a9@AK_Vc?KBl4s+w zYs;2H9p~eoZF#5ck+1>?{Zs#*xubm@Ku6{aOS(vNWq`x-z-e5P610ZIf;=nSkZ|Fb zA2(UYm6xxgGzk9Y1FL7m^^@&6@_P<2;n`X@DfRvrYr67S9!7eXJvnK>1~h@-@z!L; zC~;eUE6EWgz2WPy4*{FS|9Wft_$Ba<Glb7Ltx z?L>PpaiQ;+m6^F_`RO|N;CGMsZ>8z$n=kL8fwCAvW}6wTcnEOSJgav9V=9qXZieY@ z&`KVM$+xgZNx0haP}wg7tR@BE70YClfB=BP)0*Dh&=)43E*JYs27jppaDBQR$aDNl zxc(Ib-x?g2nGqes#-2HFqL|e7=O??ihJU}?|7s~(0uOH6gl0meZV^KE);MUnmJwGp zije9w^$(2)*8fX>PZ;Z#0dJJh`ofUjxG_{y<43uq&IeRln^g{`e`SPJTfp`B!sz-# zejKz|ct-NZXp`@D`pPli&i<7nhF+tsT`sNj07&k>l9Z^sNe%hGI3RgRP^tCdf_hK3 zBiK>_3&Y^`BrpZ?=XdRQs)VqSftFqT#4nNNW@fu0wcGw&^>?qR^Vt>|^3{b%JO;6X z)nlYxD1ZvV0Isukf8nVAKiNg@ndYw5wV;r}bn1%K!dS0(zTLp?{r|<|{awc7#h7%2 zEy|#B2Kl|%ICnAc12$1V`F=VYC-P)zRPcK2lDWl>jq7!&6*{trtkGA2ETw-DWu!C3dY!`BLwG%qa5-!70u@5=TY|@`wM?pffBL zB4!ZubScumXrl!+v}fJ}Z^^zab`0Kf`pPRIw$pPTPHaNElivlSn7trl9?MlVm7^kx zxspkPyYYkPtO=$)(?8it4c5PC_H#@YTKq+tD;H0)An4j3lCr3QT;V5zME0(E4~>{=_XTyc{?K8*vVtR$Jp_-G61zppB*Gn0 zR+P#8f^6ww5m8ylU;sF*Lqy~t*LT_?7a@@sIY@I$p3M$YifTitf&}Nzb3_IYGXRj|N2BPkHM#{6WfAq{xI{M{2)ud>k-|zoLPCUCe})xa~K*XG-{n1=!?#uOLG` zUwG!bY~tnr2T_FY&|&nQMVcFk25%3GD1S$06ygM)ScQ@cR8`5PXPXgZMS zTF-_7FC@*gq*eUt>U-U0$40>fcW&@U+|}x8H#Ss$o(VF-OCh0{`xRXM^&d!34Dvr9 z7#aSlD^aowiXOz*JGlI%oPmtJMiDwahot-(QPkfyYFe}sy)QqPf@8xXa^1$Jc>GxN zbB*L9xQH_|eilt}ziyN&I#FwLt!@iNqk{lS44CiK6UqmKJ%YN`E(uD;xgRUT&3k82 z5EOoMl1kJY$_S8EGV!yGPnUf(OvYQxvT6X>XKmM=JFbL7+xK2A%4?a=wd<1t0!LO$ zDMJ0uf(+Ob!Oma<*FNV&3fg@*tQwHtP|zPYFPEx*FQv3T zQ9b9^p5Iv;5&HuTl)(_o&?7&7=l#9NfbgqbR!{neGCpa3^19pWl^Ni^SeyAr@)}Lt z+AGInaFrm^80ful+}*-MWl|eYi7;R1RFj*(@=Muz@sYEpN=>V{%rdrcz#U$AGeYT; zK7BRMO0zHoLD?h4S4FP1WWceQ>_JnZc0Kr5LoL7-p!yq7x_KU_vc|H$!4J3g`ZKDI z#gwggEzTflI7LA7vawMYN=OKwAq%QDRR9q_h!B0AtizuO0$4Loq=a>T%SuhxHs6`! z8c7>)AMijfBuoGtU~Qa?^d35QqZGp_CSp zF$_4DOWdTBTaGd{u?jrDved_W-4NSx{cF!xCB?Y9nm;s)CQ7KA%KWpUEc57ZjluyK2bRJ^emG@u4?|!=OB&}PhQRCd&IY9TQI;$%O-lC&?g&zBjyXMCs}xbi8xjBhc%lh4&{TbizbMe$VK!yUh(#afBMNQ>qdz=f>+lHv{&Ofmt)^>qjR=*dg{6o7Yc!XI$)H?gs z{47SuM?k+qvYh`mq4|^ZPu*X4LlvMe=I;6W?Y0MzRP@frNZRVSG22G>*uUOc`J+f) z)O3fj2vjsa--1zHnFtnDRTU!csbH->~$7` zusp&mYF7K$qWy*D^0FtXlo{ubcdaXrR@f!%IAAMzoD6|h=>}v?JON|02 zgoprV;9kaF#ZzDJu>8rZVj@03D40&}DH~v8PI@gxJ2nK(OLQIL#4dg;93F{kx#sR5 zyH+Oxa?vjA(Ut7V-R*QHI%-vr_N{kRJd<#3`q!C*WhrS%o<;VMI)>+P#Qk^?iEZM zRM22e{U#arll>mnzk5NIx!HK?Kvu;_lp@19p=qV*KEle+Gxt!F^xi9Ty4+k6+8FR; zY8}^&N5V!=q}~2{&<)_&BU=GfLZ-Vin&MeU`3h%*0Vg~GL` zoNeoyDnm!VrQJ~e4)BK_=@o5KR{lp-ED20 z>_pK%QZC40)v5? z@d&g24I>1KX983cq18G7SaTueWkpUbpR;bUljUTA52X-597lHfQ)favD{;Y6{H3TY zPw*^S9(Xw%eN7<-lYrpl611m*iv=__-;BiBi#JF57J5*?dfC@$=;)k9+zS-Jr=J&z z!qd%)8~HogRCY>RtE$=*W5^Ky&PZPK<>iUYDzHKvu6<%M**Q61z=<~7qn%yYk}!Q9 zx1P#+s-DoxKao*9TiazEfQu&y7=pi|r0>>TA-uReVLXvua55{19jRain?v!-A^Mi) zSO0*Z8rKG0?o`VTAMkNg^V16LnVC$PFX22tZBS-vSQqtD!%q&K+SmNB#GSyZ;Oo(W<`yag8z%vO+46@Ro+2Qb>7^MHB-7=4jMs{8(3( z$tB?UHAqtM2z}gszWr9q3VC*RP)(7GvB$Q+mgnQ-5ShB%Nf;bdUgz*$iRSDpUfXY~ zc5|d)0IMi!-El%yZv0u7`zTHdQ`5aN&$SOy&Mm^Bl+e!$!`k}vwmzNWC-I+eYRb9Q z$PRc*$lmRBaAeabVPE}h4-DqYW}jt^kLHiWD8RB{qaASRu{D8a0rr&O+x-&B6z z$zW2ufa+MEGy*qvO2h4_$6=Sp5s>K}ts2T$PNQ6StR}*PNfY*K!nw87WC3v+;FAr4 zeO!ALQfHAGm{0jYU2VWawbGcA&$L{$=6W69K|dA43Zc5)-{j-ye!liNcWl3+F!lXe z+enl^b&^1Gg)Kx0m^a;omq&N%P>Gv*oaH=pj~b9t-sqn`F4=M%wltE zXs7U3$^37^EnhKuzVtYE%gVYv9cX%W^7_{8=j_sZSwzQPII#lK{z9*mlZDI~mrGC> zE_@&korT(7FmX?_ZFq`aYjbkm33f43_CPq;UzTrL^Qep9NjWpw^mee27%aHp_UQBC z?_|L=TG<3-{Xoc1K3k|IWrm?(Y;@P&w&&7?N+9^N<9wZD&L0M zqdmrl7bgxDR57Z_&`b0?IbLF+>PS^#S6oBh?v>8Huum3%(!lOyrwe2YtLzE=WA)>` zg9rLbNa)Gp-6JY*h+No3bwKD7s=Mi+cY)Jt`D$+K3h+wJE7w=1v?t%=7rL#5Kd{mQK-^aLrE!Q1@JC9#(8~%qjd0iyF}Oy% zO-T%rtq{5mNxGd-h7)OZH2D6iq=vGnf`dlG-5m;3=}MgPLNl-IAa<7* zLz0bm@7aB6fcY1N)s9SX?dHe}`Vo#P6;~?ln^BA>Z(o0>y7TtIbGaw7Q~ua(v7^c$ zZO`v|G3vTDsZ1r9{QOo*Oo!^|l$>ph9j51bN5NIf)l}!_TIK2OmfM&w(=h4(tZS}L2Y2= z4Z%wov@D~Dd7Z^+DnfE^6ujET^0buM=; zuD{E~b95TGdh2`EX95CnZ&xA(8ep7RpGrlm+-e%I|KK~mhU)k6SshbE1yfz;g-php z{tPk!%5Xf3oYy(8;aQ<7GaS{6t!aHG#QTI+nhw2)xxqfvVxvGy-0aW<#%Drrroojn z@14iRGmC(Ut|}Y{#1-`A2zgr>5<>DOmDJyj zSDf?fl|f*e2Q_*xv@CXamT@AElD_x6P-{_VCYpr|VeFztAz32T?ie0S~i0lEoceh@fyE*9pBuHa}2U40ocyGb^F|aS*&UBduBAgXGxFEV!e;#Ei}^L{ZhDTHJ;9p!@4sg$ms1l=b`?W zm(NrD7e^!r53ws0d2-Uv<27ZZLLx=jW%AFGDN+D+RwxT7r6dQTT_S3~)w{ZuQrAcu zwBebKg0i(Ko!qe{(XrJ&lAJ)>V z(_^)uo{^auf?J<7pNSgiWy3AiB@<=MWAb{sWw(X!ZhiD}hUYf6J6D956K+`CBl+mY zEYGvmPiR9X@Eet_7eq7td4+=VIMks41(5xII%{RIYV(W~0M4(~9= z;EV*pD{DM;tCdl9{+`oIXL){I;f--J_FB(=7q3@f7bFXiVhoXhoe3zU&{1-S6b%J^ z72uo>l21)CT*r3bW@$?GtP(ZR{OX3ilG|-6*o0rmD>0d1ETPg~E1AfeeA%ct{;Nn- zZ+HHO5_R&Ra}bHiWdIfb%)AYwgRio6k)EAUceu9aRuhH30pY<7CBRvFeZg3KZ+bsV zz_-WJeEqubU;Qo>^_^+dl=!M2Ui4 z4(KCYpV6lu=l*sDMSZVk0xUn)`7+RdqOaE4GzOSj8)R~7o^q{^Rb>I>w{S$8nmMxu zc|qAn6e>v#%Yod+)~4Co+S<8w3Bpo(SD~c_hr{RBGxt16K@*uP^M;-lJGpUE^MQqv zj<_D%wf-&jp}%r1ja3;#D@uDJZKtBW{me0L#IcB4T&}}OWL}JOKg;Os>RM=VD{3c4qL|y^^MxTDx~ns)9OLK`~?KLpcQvD*y038EX8Hn5@J-tV=kGNU zO6ANG8hB!F(ic*4+J9Ni>UZ>7^-=XM?;HE)QK$X4bFjh}e$f(*M#D$nHU!%-o@{ip zy@S}%m!8NO|FX#$F9{rKlJRNm__2DlAbqtKV6Lx=pRMnauJfAe&a2qR$}K!7Bs}4p>!rE$DmtL?gj$IAKm1}CRA5jQodDyQ9AQ`VkZmu9ow6hkV zWey<$Sfwzf*HLYCa+J!%2y9qBzWbT_>%*0vjdB$IH2th2NtYs8OoIrk!qz_0LVRFSykl%`q7XWDT;OwCm^ju*N>H zswD$l@P{;S0YA^5K41{%KD#c`D8q;=n#-{tdUnzB)Ka@P^>n%#_Sl}?yCWw@9dRWm z#I-dO$LTWK1@wm7raCvS9Qi)7wsF+ILXI^h9f%a(fbkJjg!7<_HE zNAgZw=WfH7zO4%_W8YGkSvnGV=EEO{OZKVaghgoiAn3+E?YBPJw2GK)Izt(0g%CC- zxUh=EgAo2BO>!h1Iq$#E5ejZ;Y3bu^oCnY?VX-1?<|CaCU%zwhamzSoh?lrq<;hb$ z1yvO}LVlkmDnbUr3CfZVV)3Y)*RL;sRsYf5|-YJS9>@cc`46>i{R!iLT!rm7=&f2`v*0^( zA0qCG#DKH$WXk&o>QU#{LIS6&){Harq^%?r+el-h?-f<6OhXgofa2^^iCdpbPRYzv8)X%`7vTPuaRINxE!5Ms-&uPVyeGd-L(fus46!Oi z`D`;~|40lNf$Yn(j-OM3vU9ejGfg)%!{B|6d9+9Ob4&T9o?By~?l>Q;{nhZ>I67#K zpzsS9CuDr>IGmb(Rq+_mh+6_sJ}Zg(>P{B*!)x$m5Edc0O`}3+gpf4 zJ?!ATbD5c$c^Vv(3;dZs?USv89~3>QsqT=i3lC{-=i9{Z_RUUjhQjmdxzFHjh&k= ze-BoUny%&hgnC}n;L>KNN)X~3Z(dvfs_6!>8;^?aEy8UA+yn5*7p z68cRcCvfIaWe_XltsS&=Zlo>sB1yjk0rUIaiEG`pQ zfyc|8z6<;IS@h@EzU#CJL=RA|6ko8kSJ%H0d5WCRB=I#(&_usQcaP|RSEpZA!u7KX zo@4F{p$}=EcBZ=@@wP>;odd6!qh^Ixdn%O>l1@I^Xi;{v#ju%Jw?pKGCc?JzqEC7L z+^=c`#i|U=!wT9G;*ThVu*70ZO~p<`Wd`o9NgUNea8L8OBT% zoGE-OXH4ZLn9@z+vu`K)^(9>@|=%Mtyk$u}S|psuBL0IqTt^d9FE62e3u zS*p5jU|_JHnVIC$y}Z19!LYs$V=43r7WrUjo!-ksBSJb|Gzn;&oc-K0zj4oy`Y0~z z&U9-BpTR|YVawG;*)6+8DPEfpU;nRhxV$G#B=6efNn}ryRh0zcnr0(zdr54K&6~O$ zjMYYF6<}%w$Tk?RbQ@&N`w8WF6by%E-XDC;n?y|Ie9Ae`e!yHtyMUW;;OLIn2zzhk zJ(+9snZ#9cLqPXb4|KVjzR%j4oP2ng((j6vfmmg{6Y4$wt*WwO&}%Y66?Z#&z?srF z)25+z9xP=bi|~>4CEWUPC1qv3V!Q{OgeZO26-_2W=_sALhDPg=h#?Y=)x6X*#D{K| zD2D#I@g_AnI(&U_TRCDkF2J8uxWvl5OQi9s z(%~;U?SbNkhR7=A7awr?;{%3FSE!d$#QI~V2TK_ zG#b{_Hedq&p*KhCk%S#`o(RLo||#*|E~_xHCNw}L^HGIOw7QOOQH6*3|7E^jQi3PQVIz{ z7bXXEa)dKVNY9<#v^CocyHDYQpB>fuQ(4|C#eApKcz-S7(Pbjf+5KvFNmoiJ`a z(POQHJor_BohY5HM>yGPvVgG}8$i)Y_;_Ak+Uhu3`9fkK5Lf|KFWOUy;e=JQ4L|aH zz=6a(AmIhwym|9dxE5gceXnnu#`~zI>EykrS&L<25}x~GE8E*zSMAVWSiY+29LGJP zln?(uXdv*+pIAIcSQG1zY#gBE*f3l-{Cz)jG=H7ffM)&IB$3lG-!usQ*az}I`=_{n zj6A^lSgq`c{|+3B-l+FcD|9J0F)J~lpUaGRvc9lP><)xb_ua{(Rk?sf>LC?!A5)9v zxV3$+&FOXkZw;b+KHpmWaGts1!Qr#Wy3x@<1Aty4v+s7yMI7OTLo{EU0s1 zf5RrG>^}>S^d88(%E0^LtRZL`C~#!HUWUOce8uf79eyw`PrjY#FM@mysM&{z^JINh7@-6N zZP|lEbA;662mu$4`Hm>6MYBNFx-~6H-jR;&duIuGlUt0Kv7SW#*# z^QbbM2)&88X={Z72`?Q?73R|gyR*%dkpxOJWY1V69ZY-OT2+MCR>=w3*{A&j0$QOq zP}<$y?KZHD`P{F+{#x7yb3+EDsWV(N1ZpSMAO6ji3S<`ZuYZgo1doc44{(rw@ zm_FUzBAA#c^)DJq9=kgiV!Pio3l?g+W*5zk73(WyYr}%0nU3zL_kZD;e4Quyc0@RG z-Ee~?GlQSsnp8hHY!B@LD*^h^dOVcQ1nW4Fo`vlzF8usvPr|cj&uV@r z;Fmw0`TT0DNo@^p)ku95aR+ME$ZOSvD*#|V)7HwBAkl|7Jtk*#vTbw|%FAbn#w|Tq zqc`|%d!P%!oglGF-PFJS(Ex@91V|JO7l+)@TXFbDgpxxl{^M7=v^ zG;;L(OqmAnIf7xIp4`K4xJh3bdW#%+a(ObAxF^fGUmJ2^@z;xXD|sl)zQ{Bz({73H zzjv;|AQot?VO<9Rw3y{gsG=h2g2zvuR4z>QwEjUJ ziUbTwAiK192UL0pWz)qe85zOF#l@mst1%=m^Zf49K)5i_k4s8AHXSX(+mWG%Qwro1 zMgoccb7nPAzyxucE5&+yROLb`nUJ&Kv`dsUNcUvw?=ZiiJh(o1Im4(Q0(_dD0N>Dr zA4&XH3n05Ct!gwPNdEn6(=aDmUvXMd%%R@=4=YeR$XnsLDmCk^F20_#BC4qPOMkAV z#^dmC$bH)@p1`PVp_$eBF!kq1y{%a5DY7YEo-BjCX7goW(myN6xObonNweSjhyC^R zzcaFbi!=W~at6J(;6uI{$Km10jy@*ym4(wGYKdEwl>G<2A^U_4>l4ArAN{Je4ykSH zKH4Ocl{&EaTN~cZyRFQ@b5>p9ZuBLBzp_ zr^t2DSH7wZ1C6-8E%oefu5EU~QvzK6#qDb6*6voQqvsVSQ~DnFpX8fjz0-H^oKdE* zy6A^$zJAheK8Wna)G9L&Px3ck6-~`7cSlXB7m6YNW4h|iZ&;7eL>4@)`_jGbue%?k zfcV&w{6AFirs=){pN^W1MED(&5OsKw6uIlZWEGJ3)i*=1Y1((hAgX5?p6o#ntlM$L z%V`si;Wae)Q>1{{tp6wtf0qw1P4r-zQ0A7r@ac`pq^$KW5ll_%Go;NT{BG<8d~?aC znjVBu;ld5#WU@(L-9tW*EE*;KAnhaWD13)rd?NCdOYjx=r42twe?JN3{o7pnWGw0) z26?`XeK`SPY9qrlOT@m=!RN>y_fH}7eZO1%t7#-3diu+U{`TtM-~X52Fo0ymZbd{~ z1%4_)Q989TffLllD;_zy&-nU%AW4$3#Aw|486n3%e*?t2ysLmeHyCYjWhW1Hyjrgb=l zo`GKf|LWns+jU?4{csHelH+;d&~r;+g9+?}GAk2(AF9SUdm>oG_10qw1GTgHC>nup z>RGDjl^tZeWsh=+x3#yQS5Z-E>*%P2Zk8rc8;S8M=|-}uzOuXUxlWdk!#3<)f_Y=C zx}hOwVq&8Dl`D_8N0xl|ARCf8hKHp{lirVi<9_{5yZ-=@+4pUt$dO7R{vshJ>=e0y zT=(hA;Lm;4vc9t0BRe}glZ{4@%6WQE{&{CjO|~0)I#(WhN;d=bO@-#1n&+XbM;@$h z2?zp70;6TqQ!EB4*A{I6Gsi!B#wA3E54n(iY_cq}nMo!m07zEV3yFa1fxIxp^&(%mv%CAvsf2<%1J z6E=|lR|T8Gw$`K3d51Fy)bTder|zj-hqr!Ae|QMix+|E* z!Qevy9g1C`V|7YmE^l6}(5Lat=wg;_Y2eZ>QG@Mb*zaF@(d*~^!wXhi@mA!f(8 zNyssF3hvNB1&q-Tty6WEsdST9&l`dGkvrB4mLXqb^S)%sUyxQmzOs9qAj#3GWqY6f zcErleH<2kgR9YJJT7qfEWUKn zeRqUrK{M`f3jT1e%&t=dOGoRx(0771Ddaqm25sUvdcx_42Jeks@U__%*@^KI&TlA@ z`P3m)TkGP#%)!=o3@f%$3&*9@BnA<1wsvx0ztTKFCs^bz5pUJVNU``d+_k zQxcC;AZWB;`vU&I>5a{;&|g&3p-!4?dH_mqgnEfcO+%|d`*OE*Eian>{917JC;WzG z@!jYJC~niWPfSb`UZm2$!51xT&-+i zX+ppIf#FV3-W%-(YUO(DsXhBsFlLm(#X9aDC)!X(3jyDlx9_$^6oh5Fe-r0_QlL)J z$og^$eyFv_p>Uc7G318rQHP|VE}aPGl+thYC0vvMzBG;qWg8D<6jd_wn3C^EX8Khw ziC*d@kL!qa^9AdMtDRN#xhww7){I&B9)N;OhVJW;gWk708n1k)VSZA@MO`*d8cu)V z*{RNL@+M_XPpsq67SNISf1xAeyul4C$Si38%Q^hLBDVQ&iuhlGJJarHuF$u9-m}k8 zoyy&MZMFcdNp~q^nKpoOrYxoL&*ruAiG||3Tac?-tsj@VVK7!BE`RG|Ve$Nx+>Xcs zr(fr3q<;TUjFMx*r1f_l6a0nsGHXu1^SP)x+u#4iHGi22SBIk6^g}Jo<*_>_mE)H3 zw+)0uGH2HBjQ@r%Ynx8#E}#ckRC2m5B+NRJ9TR7fX0>6f~LcO;Oq(xi4{{ zdve9U$dlM8KF}3yKdYkNW$hHY+^y}yr8jC2yTqY^WxNx%!%RPOV@6*jb2Xq24c^qL z;aI#qo_O;7$5vdomE3OQNxI4^tFK$ zU}I8J(Lesu|MEkOc3htCh~B7=m=$`-K!F|VxU5i&z$@FfZ*5J$z8wr4x!|vKH-@qA zn3p8cV*}LHgqH__*&{+3`sVj`D}p1uaz^iH6%82J0jj(DWLFj@h-v@+@)GLIHKUQ0 zN{g?ZOTJy7Z%RG)7TjkS`Fxrm+JDBKxyPEk6sJbIyhdl}AL`!FnE4PI?=?$_vS`!J zybtNA{7Wfue6$KeeAE5e_Ad~Ha*f&7ixz}v+UT1x$i=}kEac?>9=t2f%i6Inf?|x% z@-Ru2Vm}>sI_VM{>&pC8^NX47|LO!5z@6)l?e5sjCD{DpZb(wITpWlTdbFndz~I$roUS!MxA+$zohD!@Y%up>bFE* zXn#cjBNpl}=E31tIM9>PH#z?oS^CGK{y*BjIv}cbi}yH!BB+#f8i3MBON~Jbh=@pc z*Fm}+n?_K&q(eYJI#oiXrKFW^grW0&8<;`8davia_wHYF5993pt#9@Et+lAwn#178 zbYwYsZssQI&}cD@z5c1C=(hN>^=HztuQ$G&pLEwdb%O6A2yE6TiR5kPqTYX$Mlo3~ z5fmGO_;i7#d9z({YN&c6T9Q{)<>o0GK3AQ^3FX;Uv|Z@F0p62hFs#V>SV_rUb!OEv z)}YKj(kUJb4;Jp8))UWziIR5MyZ%ZhA4OpS$~Eq6Gq|OS+-%bAiH)Ag%G+1T7sKSB85&qz zZ2oeH(RcMi6Z`Z-_=1!}KgaCt84TEc^-FJ08$bK?gDw((E3~h^h5ef&{Q4iEUel2U zx}ygBNIU@(9)sbVz`-7O>t$P3DUP$VzSSqd4PYJJy5^US=fO#N>A*Why}C?Ps)%8#^$f7V-E0LX;5QnIBEPQ{Z4# zvbjDbv&=Vr@32m92nUBlbA|Uxe;080U9DYv`Nl$R%7I&A^_7e;&fagqdu7kK?2>l? zI23cmFUb~efkQ=6zcT-&){61M28Z&ZE;0XChw7)_$cV_85DnD)QQT zciFl}^1y4pfE9`ilof1o!AvNPs|mIKceob;Yv|@mse!k##|v<%^}v$Ez{^JL&|B8X z`L@NqrSAW6F%8F7dwX(zk&yeJoCYFH$hMU17tzjE+z*J#inCJ)?2g?Q7h4%}YgyH3 zFEtbc!K(Kt)1RPH(+RZ>zf5-o5Hk+2O80)9T z`{m!zU;51l#I+di1Dl_A=+~eXh9a5OyP%TJ(pzL}3Z=q8VGE4;qx)D_N0B7)3IK#+ z3knJnT2p}rfTv-OvH(mg3A5S7vi|~9$><_G3@}Fd>l_zR8;j8y>or>1&vZ1hEx$22 zF_*!CqcHz34xF3WN2D6PdNb`%9SCQt9>`sV5w~!ARGfHz<}`)iRx(UOK{v(2vF_AVGigmL^ED6Takfpq6PvuBOxoAIU>YQc8Uk9AU)hKPU1*BInb z_V!;cuqQxt02Q(4V+)h@F;+tL;rjv9`yc`VBtJIxSt`|DAtVROtCC5u&;%^?@ddNn zg`!+%3%Lq5A@t!IsGkEgVU$xJn1aIbcXLe0-Gy48oKBG8^K)Ma#Nd*Rx=07DI3><_ z1*PeVv6+>NxTu{r%fov^_}tX4lZ%wimkP{96EfXS@7DizEO6&EsEo8Qn;K$sx!aDc z7tA9JKb1ZYI#u<^@Va-u&_|(*XhEO?m8OyhxD^Y9On_b&r_{wO{SUn;>`DGzHv#+z z2vj)XH~(FT4}%Q4+?~9}9h0`Qg<@hHqGfVIB8Gtw-!!-3fMlTcs;!^z!n_Iuht`8m zWvJ$}ZZD3B)PR0h3f&rCpL65(Am?n=3s%m6Ni@BBsprOBW_t_gJ-{03`K^HgN5fM@ zL{%S&m~=ip6UXMVJXQvZ*JsKEm?`IK3 zj*aJLhP-2F!BTz#Ixrs2C9N_@=eCxn>wv7uM0hB)cI zwUbtaL*=)KNf}NwbN%=sCIN7cDq|uf(?9;@PfSQOEFI){xbj$5-GC==?xh7~Qh@65 zPDhpz@KK&n6R<&H zK3Zh;vdgzvFR+U9Gyu90imcE34V73o`G8R)>=`AKjEK?nx4Zz7(uXa$_<1NxuPa-9 zc82nHzgo=N_}BMC591hknZlow0P}UmK9={fJ&y0Hz>h`|X z4QsC-fh@5b7RrN&yb8!N#>b#;cMpE`wKTAOY7W(vq|L>#hl^gH`^_0Y_<}fcnlJ3p zzu}eUF3f}6)bwZh9IMPzk4merRn_uVcQ|T#bSuq$Hg&yu<3=}A5fo3|_N`AY%M}It z6+OV#WiDu~&{=U`Zwkwz3yA<}f9v*bF;JB_CtK^Bo0~gdhQs>woF8N1_Cj!ZWzo_U zMX>AoL{cm5Vw|tw#goFTUpn%1DZ#OBLKR-Cp&6N-vg_~a#r;UBZjXrmLO>$Ba<~Y8L(^Y{5NOGZ;l!CX1&s$QMY(d-K{aeXRNNHH5}*oy`#B{S zQ|fGF7``$9j0vxKo}c7B9k=evQZxm2dp~`T>jzq7D_;g+ z<(o{714x#WJ)L&mkekE!ty$NvCP2TAoSWX4h9t1s&oY+N^6mYQaxLv4XEYe)t=e%e zOL7AZN)oVOtCXq8kpRV37zf#Wml(Ms4NoWP8S%?BZ#%!QW=mei!1~huNAWJu# znXOq+HA$NqhCz;D0-7%y`K=)&_k=27ou@5lAM+kk0ca-3{JUmqM)w0G_w&WMS3>HA z#76yG^(E(7BQ8mX6w;th5BCK{l&1N^pEPQYabXlwZu%aY-%Lvz8qb=0I&_kz!|H@` z=x+pU8cHU)R&eeY^8O*A#9>{)_R@CkqX=CI7^#-F&r{e>2sdc61NK~y+y$h}ut0zm z7go$L-V>Z`zFvv4-Wo)G3lmr~D7p6!26BL0xMR*p0TU@0Y065sb1qpaxH@F-CrCmx zlE8s{{yt8wX~FEe<*(+9LQK${0e+(AMUT#}IpP;_HR`^>pAZp5AMAiwv_Lq~2I)@m z8K!*k>EtG}Im}19FcqifdMM%DMXCsXeq09zMB4}I(df3F3ZE7{c9DkH;5vjM(tW0O zjB9`&>^_L!yCui!q-3<`o&`yJ$G{{%^WRH-NS&qiRKUxU^GTSQl{lH19xop_)vPI; ztoxdg`@4CIc5DDI5%{meGtn5w2h+YYidn8z4P>2F}L4 zisu7tDIel^WGoXUcK%G@z}6$@7N1$e@`V@8N*1fTq3T&nQnsK)SPm_ZWf$?#V_eS^ zalhI^H}2o%)|StKLnHt7q4i_ z`;S80hWb2+!Y`{|{?esyS*`BJ;>&S#*>8o?-e@Q&vvj5QPL`d*`j%mn2#=>1b}{UU z(0^iCAT17O0FAEwwYWDneszdn>G|)a8u1;Dr@0p6(iyNK{KeGZ=uzVMoBB}dr%kdY zEmoBw@E}6~2iniN35GDh&`>TEws86qx=15P63Kr-%FBzKiQd}e z6tRZifSZpHrf&FU(&#%C^UIs*mVs;;o?|3Pgqpp-6unXXj!A4ehCg(>1d2 zh2*dLgmBI!kn$ABMc98@RW~SDpLNV~a#dX4_EtFQclhYCNfqPc->?cI58|)oYII}X zZ@%}-tHQD&Mx1La$;e;@7CRQ)N=Jq|#aS`$apsw+-C1xdr@wvrlpudwg&cx_M+rHL zfrev%N)-b&UUH+T^fcoTM=LchTb*0CZR$D}N74Nd<8UBfR8K7@dP$P|RVd0!HasM@ zBi1tB58XRdd?aXKv*NzQcFS`$LmCktF{);^72d?FzZ7%4@w-6Z7WY2ufsF4j9i#6B z=I8IkC?n48qNh%94uA|6)aaU;mip;l&%4+&cY){^z?Wl_tX<-|>pbBLILtg2-KVOm zsP)+-<&;5;*Py$Y0l1m;o_^$rjmQP9v&Ot9th;4{`t@PVzn43D7nKw-_*}vL!a>b4;76t07D0Ta_gXC z4_bMG%1lg6TVs%qn~{4E9*Mi}@;ch`q`gM;-RsU;_qokxHNMI&p zo~tiOPCoB?jC1aIQi}LKPr)sKKsNbUH;ek>Y|cI#)2THz)ftcJx7vRGK5S;0%}c}Y zXtY{bzlhVcz+l1qCnKwkZ+?L?g$|)E3e=SnzwyQ|ra1pMR^20j9(^<39iU{QABXW` zgz`R&;O%WP<59%8BnvP*LIAU4VG?}g$jThq7^O(wEk>56`moLwFHwA_wRp`__JIaQCl`8zei+EhI@E8vn`Mw@$p1B+t z4aBt&AFo)*tGaVy_$InCy3pnz~tm;kUZC7e-VQNJ!3|8E2F;TDAb z8SEAjBonwu<*%(Cz_APv$(1o>LKi7tdV?k=EY7AT>s%%nMjoOu5`_iWHRy0@5Rc?v zlV(9gLg*EN?KkIdXYQybuj#k?dA)mg-@qrY-Av9s{1(B75H-#LTL((^7!p)41Br{> z+1FYVA6KW4mX%>UYjZQp*T_F7o$Da(QTVh%r!q?uSg^x z>&fnNOA@6w&?e*kw{j;*PD}F>pi!mt(p2yJ%KYRw6>00X)%A1b7rG9L47491eP>J*Of~6eTyYVprEpl`IEuqLz$+GqgoEjI)ReI-C{ksEfLc)6 zKXIZ6W@-M)wuv3^i0jJFaikJQ!-$K3vQi6L}BVLwE?WyR{Li9a z(q$x**JAJFT39==1>Qi4M>+CStFD@;xNqXW*IjsdGytW7K>CXgQ$wSW)xu5da^tM) z=!GXWhYmZBn7NZ5G&cA{V*;-~Z$ojxKRgMozaLC8<8AiHl+IeWPnN|{(C3>96!>7y z=EgnW4Z*o@N(2P>1u=f zN-M9JmHgYId1Y>6&m5*lSZXh8}@;iU4RBWX89>eGdgzr^Hrxu$bT;uk`5?L*O z7z4SgZq=kuDPSAq1VvnY^bI77vuWVvaSzkw=UG-`pB&{iZgPFVzW$wrk->VFY5bl< z_xLYYxvifKt`QAPYb}$-Jji$P1>d82ZEg8)Wf1=5&Ak=XLPD%XB0PgxUo^*|SrNRr z#|`9*G~TMOMGCb^aDHrf_;0M@BY6JU|?yV9Cg$K4#@v! z|3$(QF`DPQswv`dL3xV@Y_(8v9$7{U%Xbe@KhuY~ITa)_|RmG0)Oj zs^+uVyp{bL@i2^`y0k=FQ*dQ8V>qHqp}IQV%TRnNIeXDWmiypkj$B~(ha>5bNn+-% z3e)^|W1CpL#$-AI1{ZJa$n5#+2M%m|H)EW9A;eye+;w!;m%oglBF z(qCf3WO_cKRwuMQ!7`s9Kq9K4p+T8qI^8;3N3kr{mlAZIh1Hv_H|u%(jB>nxZY|r3GH;?0JPL+Tv2F7mij|ZyppSka}bTARXmL)~T z?icO9wt&5xUwN)h#a)YR3r5>4gt9eiwqMV;&(eib~#k zucS!{a8tgPg4<5OKuB*VeCec7rKpkRVNji7Yj&B?=hSH_xiDX@R6-u9-Z$28x_Pst z_WHryb3%7-NBa?--$wuG&pv2f!zjy}%uO~m^6;Wps!0;LyY{qAO97TbjAsyKVzq%% zk=any%q}V|1A1d8d`Gbah%`Fitq9L`;#RqejiXqxf% zKs#KNjEQ~2SLQU3J0EG-?}?d1f6YeZdnto%pdvdiKahFO^#9PYlI-j}s;!<9Za^EQl(?#3N|nh`ot`HnI9kWJUY=z+>71O-s}g383R0zN_Ixnb!=J?A18kRb2F1swNa;Ot6kWsDL=~L3D;(hT6?r zq?#Iee5s%%K$`*Ta^265g6uKUOhkJtp%ktw?R@d!{FN&WgfjHoH4=lZ{gZOs;y|#I zEsglMrc#J6j~Tm@oJW$+_xeQ@WN%XJ=hFeO@%9D@s zSFR0OjY`$ayyDOu1OUZsevSUuygbvwmzrmM&cd~xVkG*|P$3O{y}aoCh%AJ!B?j%W z#9;u362_y`{WBV%4s$@c4+e;_fo>|c^nq}*`J8+Wd`oV?P`*_JJ0#6(w>5lCu;Rs%R6tX#5i<2`coKw&#GvInr`rT&WUrE;WhUhmUo;$f zO2k~6!c_?3)fu6EB3Nt>}+_sLqfsA7a zRNMk4KvYpwl3X$Q)InTymCZjDj`aLAD6z@A($yJZ%spSL%Ia0_v^rvBHnGuNEI?!= zyl7}C3dNa&6S)EbUq?MmJK`r->(hfD?5jcG-^6_H-~2Os2r_=&c&k%1r36V~JvzPP zo(_L^4SFXlKf^e3_Vrf9{OZ>xo^we-r-)xpkK__0R0R z!`~Lr8~hHq^FJwZSMf_|u7FNMQ0ts=ndwBy9fy`mwS;E-ARG{QE*$Ql-ao0Vi!zNeQa`LA8?$yV<@h;vBSfBW<0^8lG$f*2Z@aC)wq^R@%DzFvL1(cKgy5f@ z=B|v^PD|i?dQ$(i`38xIo8omUr5C2h*BcIjBn|)HA5>8FzIX%>d@eo=Iy}B$xV5VI zD>YZUuz()vc zk5)aJ|Dx`td&^PM*CrE8T-sBeh+6ha^c7FQKMN7tuFlB~j22jvtr&gn{7o0k&d=>TnTm;~?#Gbr7 z1sfxfco>$cR(fHXlK&aynYP~21F4aL8SYd`Tv}NQRb}%7X}8wGYq|Iz7{M%o9y}=R zk$_`Z3H;)Zsr_7g88I<1GIUL%wkPl1MY%utG$nhHRyIPA5yT2U-^~Hioz)>*W6PY)Svq+I#i(UlMt^u778DrYE-l~}Qwpk9nk(f| z?f$eEe2~gRg80$W8pQ-Cb^E7hy-EA`rk=In;&_;_z}DL_OUbv5d9?m2Kt58I@+eTh zR$&auAqI@>+_%{q)(B5B8wV+L(svb(5ZUR+Y3XQrkta2hAUYqu!Y0$ReoBm16?1#? zYj9jvg3#oS6C9fBWKM@Glivk5@+nEf;4aNbq-Vhpb^m zJY;#I3K?2?ZNUOFD-aNo&6=m9P|mcV5?kne53EN#cclSJloaE3GDvHdnMt;Jvo^iq zX*(E&6604flxgOZZ$~Ms`XX&i)}tp#Eg)~{f;T)5yX4z)l!RbLp^b{m@T6Bxu8iw$ zD1dkl(kXIexjw%Vgg+4p35-nVyouP%Jo}!=J_!>kFq8BqG>KAvk_?Si+|ygaF!8DI!6^}q z@I1!4ISm4CMPZ5a=C~5t%5>kxrB!vV>l2#lKF^+~xD@XH`K$KJ$)ad8P*?)|`NeowL@9JI> zgHWI?wgc^l|H*xQ_Z_Wx%noxQQn~c5epN9yH;v8krar+>`d!f#{y2+ZB0Hn^(coj8 zG!UP%%}i&bWS1My8943WOGVQ`hpWh=Hvt#>jnoBw+0O?xg1~gm@jltVnyU>C z2Uo!3AR4o$eNeqayI6cMky&t`{UBw#4t<`v8a z2KINbD-GhSf0?00k9`={R9eUcLNm(`ok9bcmUs9#EsAtT*JL@P{zBlK`kbB56Xjs5 z3e;rToD|TdRyDcSzie=Ybvd<*w{*II4r}?|$BCGf{sm3pg^M97T8(ThjUnH z;gIb|REr?Uo_+kCsG!L9M<=9h#dKTTto~dycgK?AT|MX4wRU$_g!zV_wuHhG3JU|F>ZJom`?zz8v+j_vKLrx1SsiTrV2TwXsS^wp*ABYfhLK}9|mu?O8 zSjcN%-t0HDsDH7%6nYi%ug72KO6`;912m?I%ueegU2`;CT*>~GS}BJeB_EZ^_9O7( zV2ILImSZGZ`9U8(UDvAX?{?U1H*e|a4}HZv@6lqfCcq2a#$baNj8FDnA8K=|=Vy9> z)u)&~b_R{EkD<;1y6CDgT{X9eCrgWWn`k{H5hyt~>?uH^FPW**U0o>ldqnOBKX}5s$lC(pXf==my(jna1 z9)@5h8K0c>B}xOa@lJxDCJ|6B`i`C5KiFWfWB9Xcfv_FbE58Rd6tQJ5=~TKeomn{Z z(bFroD3v*}?N*hjLaHuEa$Gl;@7txbRwdv*Khjd4@6U_oi9h(jhl{8VT3#Jv(C~Xa zn%A$K037?CclAwITbi%qe=gd&vpHVqQ+t>2<<`E(q9?UBi3%j~K5&2=;J5qI-5`U= zn2owq=%j1b<1TpYn-@(vV#Y2NOpj``iJ*3!3z2Kn{^77Vj#A)OnFz|y4BXkduKn_NMay-M+AwM z%$uOMM{sG>?i~9WSYMw|*5LFFWKV`?%21kEJaPDsssq6Zdoo2nG?Cjg1UG*lbA!M= zZ|n1*w9eq?kCz*GJ$6qx8~}t%?UH%vkN@H^hBI+B76 zG&mXQoBi$q4TOdIEjT^YMpLPvz=^nwZL_ji`LR9x%>2>Ml}l?q8Q#W2;<$IYThRyI z{ZR4fm|4F9gW6yx-gO=*%L7)U zeSit9j@J|Sywe2A%7z&W0kNwxKm)m?N{Iwl6u++zW>cknq5r+%iibvZz7aWtNkFQC zSa}!*Qam9%my_3;8CB7#!(H)QCzN;?n(3mg;QqdGYRTEM=vMNYqX*e8LbQ+`++?S$ zTKPXzKq!TK@v7F)Y+Tl4RfDT13mc2)K#9At0auI^Z0s~`{ifjS<0$=!Cm{g1-q`*e z_8Im~n2?YVsFNm2Y$AB9w%*lbcu!nuctX>E@`tzZKgD;mlXSpga7kiw&E|Y2p!@1O zU?d=;T=*(?_io@F5W+hwt_^*`zo+r9bQR(izJu<@ONWJabJz8h^DMpt1v~4nCgjgz zG-5?i8EB{gCCaKw@It@pJG-O@&EfOrXM6-v{+dBANNrUIm4Xx8?lAe`1kKSEyzUEP zl*#7fmY-uZqA!&(y3OaM9pUagx5qUzQ0aK<;nKh5njDM{Gk(0LSA8u>gyZWQ=4348X5FQ4FpgD)-PaN;L_G;;?r9JvrL-~uVh>k>XNWI?ekGgiKPembjOAG^a)9&5II*HL^fKObP{hMUk>LIqbRZa!Vz@e znp3&0N?tnNk=ZX=KDNd6+I4ji*P# !ZG?e`NEno_(#|+2UZ1+~!jm;N!xHs$m=w z3$6(ONCnTXz((Dmmp`xu2%dOw_VNUcWsG%FgPkId>OA@B`IG=I6BTzf(|rG_@E}NG zeR|MN3}OvnD-_K7Rl_5eyHqouh6Ywg%n?9?^uJ?mP{4rfVcAA~&jtB)kk_wyCE0$V ztB!v6@w5t%|O{|mryoxPDXaHQ~L5Ml_ z52OS`by#2`&bmq^*;bm-b|6fzEMI@fjx^)fbuBpyuuFaDxAZrM*nZ~P($z08jN4_e zFYwIqQ<<=?&cJA8(E5Vb|1G2@$ka+dwW@#VvK1K0ZP-w_Im(SpsuCwwj|eC=3+RD? z#-+j&F<>O?MQG`d7*(*&PptFPJMO>3agT}>w<5@Cpa{r)tn+MwP^@N5*hzGito~*5 znT}sb^=m6gt*4%Q{jz3 zBM&cxa2Gm#UU~DqT|Ue3x81!pco}t})J(()*nrby1K*t<|A5v#@>?dJ2N%U4~c(o@fSXco^ET|cksgV87rP%e&EdsYHs9skSV(m2Oo zKbN9agh5yXo*DkI-q}`~LP1ur^@q`E11)}d5*`)B59$cZMUZOt_VzY5HrEUd4Q*^~ z>1Yi7mVKWuD&1B)1u{+n(0y*fJiaY#Zf*|8ff2P}vqpd>LzD=i zncL`;HD;t?dBDkIcpor;843Mc$^`9B{hA1S)L`d=9W|jC3>R_KH6o^XtXSf1OL~Ll zr{2;}cfPa)=T$yd7hk`{R}{+y)!L2Kaz9}mm({8()6E)O^Qo-``Gzc)t^lBXsC#t` z(D#lffd&!yvjVad0I~=Znv}7#h6(bhODUl6ACQ1PIK@YJ-HpCNaNhJxMM+^HKNwUD zii~58)PbL6lhfy72oX|C&SDs^RY%~GY1H9Q4X))Twd1>kIsJ_=2Gn{pmKgI?=AR2EK1%*E0R ztpI7fn(AnfaNLFGoq9Q{Y**Qh##(&9N37snv@|jCtUQZv(BIzv;yC9(Rypg*_9*Xe z-K5yEEIM*>)!6jXvzK~`;}|j-#NWID7l$Z=ISM(---)21s}hx0lqc6^tkY3zNDdJ! zV>FPVjy%pK2UeDVT@#@HbYb2N)HfBI9>#Kl*~1kQ!1U2vaNPJKCsU%dVrO+02l$gO z)_t0EYX)|vW#sSpyHj%>xHS8m2M`({v?0(Q6*x&br?4FI@zbg&JM#J^soaw{00VX3 zncqwtHqstFe2o*Gu%jJ<^lFc_1nqLaD zS7xts1N*d*Be)2L$5O{ROJ&4moKEi)G?RS>=J9?3^yx#cR)nz3#zqRa% zTyF{Os4Pt|RJi%c=JJUk9w&A<3|BQk2qA17?AV+%rb0M?46e32KMakIPHYLK{Wi;v z1WDX$qRLkE&olP-^g+)Z1DWt$gp+?b%&+VX9nbWo0JH6FTy^5$>*=*JSl{h3`0y9v z+S9dAacODk2tKPbVd3F`Xib@Y#LfVoS5mTho|)A*_Wt10&CTQEQXYUcC3F$9v*Y6? zevQk^;}a9U#(}9r>r8B(g`71&(nP(f1b9Hxsq=#dLhVsQYUAD)pTHP{D?nE(J0$<6 z!RtHvK)nA=7*>3;y=Em!W(SVkuV>C3|4F4Gme40EK$I=xMX?3<$lNOW4VVzySpW6Sq20U*dW>N>X8bFhLukjn7A@*WcF{dHkZB zpl`I%Q--LXQ&aggPfJSfpJ!$DxPK;kRDk)YmOKpOu0~8+oKSa9Pi#^W6Kko_O_$+y zX`Siuk9x_DU@7}4Vq*FS4M-&NQP|jKAM74{60k^8f3NR>Wd9e@5(DD5CXw9pvt#zz zdH5QDD>zdMbWy$-p=W7C)cgv3-qP=1at zpU`0Nw*u)<&e;#A(0z{V*MNWW1nbj9jJuLwvV!v~*CP$DG>}wA7!Tb|as4i{AR&$5 z1dBe+&8;?9=Z%2@>@JX0E0EKec7u`VO%yS(SwJRQBMSu-A=H@=Y^)NCrdTJ?D#A7!t zL@r7P?c{JeT^GJv;3PTU+|oi$WuDGqEhW>t(}F3ls0jAg%X$N!40O$(GI2wcB@)uI z{|z2`IR9e6Pg?9iGw&Z4IwhPQ=lHp1m&Qdac@R`v&hhmowFBQH7Ssef<^&0pG%oTp z*7Z|VE-p8|Z)t7|iU$D4ZjGhoQ)S_-K8~E#E4=kn z2mHLtR`4+FwrCR%;INOMVAtfbHvur8OP^hO#}^!KggAypMP##H1D@@p@lbRr*Z%|* zj(k0}1lM|q;kLQZA+gykIao9YC@7b_h86kH9DS#El_8N)RaK=Fa^ff%@m16a;x*B-O>hH!I%lQ zXNP_yA}tH%a%YrxgR_Y)s8<2uK*D}@8XKqfcF6g z2P{J~GL?K7rc`BUsY%-2-p&C=41#sZGLOT?#>N;176Tn1{3<&oB>7j{!+tykN|$`c zgAkv7lGCC^jC!QHuPvty{oR+cT5H-9D8n2kK$lT!INhwX;G zxt`&Nlb)-eBE5zLno5YAPex1lUI2A8sI{YcUSaDU82JG~u6}qpsQAr9s+XP~EyitM z>EO0sFDP(Xu3UX9$9pbXdea@jHb7S|Xns=m^i=?L`v!GQ-7Wnz`0kF|N=g)z=e7^!VDjz`WP~K@|*-7Je z0TOUJeIl^ccO+)%@;!LRv51r0mY!sRHPwgnS-e3XW_7$|Aei{dM`oe{Mz&0Yaz+PL z>0_+;M?g!x;X5MwBQO4jUqRrDI1<(rb&+Sb*zxk_lAnf0$8zK9N1@KjwD9Gcsh*Sc zrqckHJ-M2?S_QJjnL7^ZlY=HCCLB(h<)N&%SfIy?=Cnf(+R2YkfDR!@EQ$}} zc;T0$yc*;H>DyF7e+z9o;It1g2oR%veSPv^4h*p5^KnW2-rQ66qLRjrr%tV(8aRGQ zDuI9&G=Zx}&a`xNQwBFhlIIVwGgSN0&JXVAS` zKXD++{7uj{fBr7Sv(;>B<)`duA!OrdI;( z1o^B*eA{*-rY-HR>l=D!nq39}aP4EYYiVwty`3m1$u6vbNZ?tB=IxuO(g5t3!k)&b zk##_~bx@1wr+0aLC#EF+JeiiTp^A)}puXANrS~;*RlHFSLTk2XhBrYY8}*<%i@4S> zCeK`o&kHs)DdL+zYeUEoqJ)c7V%vJR(1&8b3B*ras=o{)`^Fbg2ynJ2;bJ8+iF%au z3cUjfVS@)TCN&ESi`97ZONWt$$gIH$-q_@LE>BOX)|c0Iy93}Nz|Ba9+>CsdND?K@ zOWcXFk>ns=sl9;&##S%Jaque??%sex11T9(w9oTv{)87DJ9pn9e@=uN1ZHxN=ZYZ0 zYiWU4A-g9dl&~RvX1>GseU`=4+kOuZI1+U3xe_~loe_HG5K%~=JxWuy9$R46QE4Ri^a}Hq1N;C@&v- zyk<4=>X;3RTfnzLJU%-+D)g;5XVgV7UkBpBU80sK$RQ!$oCYKBJ z#3;GUmsN4t4z7mqn5#U0{`?x4?K2FNCJnSn^Ef0EFWcVym<;_-D#m+N)K+&mEH6c7 z*$!k0(=~+f(HqE+6OJTQfo7glBXm{r&sKBaoCi46PYEuz5P9!l*iohWffDxey-p~F z5ja4zv*M`~my=d(uW{xnb5=*!As}f&Eq$%Xs9b-eTnk8359GxP(83A}cWEVV-zK?Jyv~D$?d;|{zIeZhh zl@sSbYe=H707zZL4I~#onLhfsdJo`oa&i~zH-~Ejt-x}N)#cPqovq~u@*2X7SH79^ zP-cO-)nL)h?5vT6Fp)KAS<-7JIdq@6p|gqV0(0tpg=sRAs>v6 zb~&ru6rc5C9#ebN*qR5M>=MHMN$AeUKIs6Om`QY%m=;cZC8n?#xTGLH5@>VjI)NOz z_;U39pc#mR_E-|p3lNwyb2T4)@dE+E*Eet6 z$kfAG*hQH+MCgJ+Ll}|1zQ^3u?s%}{T)>3UJxMX(d;=73s&=Wwl3Igx&I=`2&G^;Uhh0RTQ5EE}u)7G6DaC4T3?lhuG3g;JKM@ z*C$7-E>S|xQo5ysbUmp&0$6I0A%#M4Un&7&_m!>othp~9=hH~JV{N;3SKzT;k4c!g zb)8%jKe}*c0h)R1O(P;K1$LH!9O(iQi5aFzn%RYM_cjFXkiZDDx3hJRxeQbfv+5-g z2-}f!oBRNZgx1>Me?Zg|t_E5Pb*e6^cQ#4yFXjW$<4cfC!+22&0QNNfpb=8<=~}v% zLCtiE?obkFR&y1X6B9MIQp?wJst?s5)O6O9;mXZ(|B?k-Gdj`ccUQ^~_4s@@dhiA| zYbk2)Gjw`;YL=;kM0!M&)KSLQz^NBpc$YZ*t@7x~*2g|juQD-&#?|g}8GIJXd`ISV zTtMJMjJTPRfYf;j07?8u59-W%W$-igo7ZF3wzoEhd}N#lRsBi`=;%h|Z`_JlJ2444 zg8acCvEQp6}IBk(iF19;aFru~A@+To>!N^B1owuTdvA_`XXJowOC&*-gHEtAx9tDPB6wqv6rvbIMVJcUh@3vr& zO{zUQVMU)x>I48PS1nCM(c(A_m8&AhQkh`Jbl(Cy^Y%QhqN#PqEFcfYiqSd;FRypM zB9t9jU0uz0cUZzjx2i77e5K`lTJpz-3+=lA{w=IGT-=rQDeYDRPeyCnQWT(dgAmij z#KiEnQ9|t!jY<&54O1Le?GYHTH<7f`?zNif4dK=8U1K%>U%C&E6d#e)VdiJ6DpxKy z!8@l(K9Z31-dY{HbpRm(8t=(FO8{QCv0u5SV7hTHn9xXAixIs8Z;v@Do*tVPak^Nx z)HcD6yfBnH7%c48{*Hv?nkdPjZ)odWh9pRp6)B zQgmq9#gotk`xACEA|Sk5rV^xdUtf_Em6tR=Mf4)kvV{?eVmy(PIv<}1Y6yo_5Dp=GF$!=S z(MNp~te-@ejAVy!rqf4C-$Fz3_ZaJgB-F{`IL+Vrh8-CpaQ9$L=J991R-L~82A~5D zlR(OKd1|!!#g&GmzJ};A=x|x=h+|wLcAzn%dDCxubpAZ!1)td1PZ5jF(AKYP#hAD_ z?n~V&Lrg1do);7nD}fUQr~_O8PvC`3y`1ubdtyNNYS5xYY(5iNOC{}zGvsSJR$W3i zbn_O%{5R)D3k5*moV(&k__YLTsQ|Ic^dlAn9`NM5@R-?K(k?U4IzN@Qvh`ZoUMCk| zoSC{s`y)32zb!}Pym|L(%RB)1)F&)2g`I_vl*2K(=rSNXGn7Dh)EE@zGBWrazG=NuFX!CWZ%>m~xlOi)`H0^%)(Y^n zUL4$B$?#1cSG9V+8hLP2C;_Koqc`Yn0_kL55XXT0OkH)}(zSblGW$SM2KzKJb?Ulc z7Ri>zJamcddkcf62lzlj|JrReC|AzqlH`SSK@xKsQSJhI{Y;GIdVIaG zaRyg}t#!LQlGuNgG=DD`NMk&m6GYz5UV=*BY%U^Fw99+ z?)F}D3Z!~cAd4$y?u<|SjT%ZVbk=*Mjb2YYNZs74P=*82^D~N>Rn?K= zv9EM)NkstHO=q$)i^FX?na`=@^hxS;zuDPE*<v@q#LA5MJ1&h5$TlfVH8D0Kt#GlItHnsQ$c~Dy9F7#8Jd}Ijpr!*PQ2gwgKJ-& znZ5U{^~8NYwX$wH{unhfZPvJ>t?eE!-glVjN<_3_+LpOtX=@)`y4`*XrOKbq2PPwY zKtJyBZelUAS)F^Mu9W9%#13kOS~j|GKFJo*Z5@D@q^TIALmRA= z_i1Nx{YM48O9HRNK=jTc?~@6o7}bQT)ouFxpy3Mj*-^&t9?Zj-BQKww&-@nA1s=7- z@|y4On3&Wbh?2}PoMm)`;&3WuOue(}dvXvQ^%+c`f7BMu`#>+YjGGuFfw?*laiB^p zZ>Mn}8+o(ua3E`Y`c4M2|Gyc_Z`*Nlj7DktQd_(fMnN5TZ=&UEh4lWLCXm06))FsU4Ro+?wS?*e4!s|}M;b2-uO6m5`KEiA(>jOcH!S%k3wbk6(i4E2~G zL1omd4&SZUH1h^=<=21|L@Db7p7)oXZe#@q*xz)`Qvx|b+(g|~md1NTFzR!k zbNX4!#J>tOu^Q|o!*JdbB%5f1gM**!u6^HKbdaKw4-vd`Pxng!9J2m~aGgB~t;$!m z-`3YXOgC|`p0mExdL@-b$r-^7qUZg^Pu7zl2k4tlOOFq~C;4%UPEc$dt;cbPc1#or zpeHd$ZhVtRON-q@>QmZMJ7Jf^_7jTk;hJOCUJ0)6Iy+R)R-us?w9`e<*G!Kd+L>}( z{w4|Qh*l%VpxmV>Aef`ssd8=M9q)cBC3T!7MenAGC#@9g<(06|J{x$`K+R^)P8E8@ z_|T&*R!Gth6Iwe2t2~9<()v1_;MIYBW`1d8dgf(yYEqxA?r2G0uQykO^MyObrKF5O z_q~jMpmYcUR^uy4`kU*g&pnvvyufKk8@7AxZQ<01%zU;WRzb}tUGEp71?Lkm|^2?Xr zjEihjdf_|JpYWRg=&{|>xbYQo>+GriG~%h(d;IU9W3MJxieUUQqYk#iS1{A`bgP@g zduL)5_oHhIOn3RsVDs-d6C{}W3HcDOHzS%oYoM)TXK<$74#Rh4)eU%dFE`KgHd^h&6KYkTMR z=PG^>@qf5IFh0DOXgcOzmM`poRIdWLVP9@;lsi!&mFV|Gj!(xA+56|A=?pp2pYw55RjJy4v@m#zzkqe zj!VPZBNh?>pdYbtyCV@v64x)(9|UnN9x%tcUU6#<&lzY&(&BRyq~_&azfZ(eQ?Rsw zWe2%NkkK}?x zB;}xI0ap#Cr)O0mQN&8oXS<)>DMoHpmknEeU|c;LdxM>|rQ5#buO=Swb z#7oI_{EKc)v5154RH@P*?{u#9`uID&_zfo>7uCf`Z&p-P+yuDtuxmn`GR*km?b~UM z!`lc2ul14g3f)_T~S`?;2G1g{D)8(_NV6=;UEi-x= zv-51weGU}Ef}>q_TQM7720!gszK;S=-z{3*X)ibFihn$YneTvH@+P4P`W%CSLw1PQ zTjIo~V6}TLNhLPf?5Qia)UU1d?Nqko#zJPhw5OV-yf@?FN{k#wq>!WW$8&qekj44A z6+esWTPl!U*h=t17sa{*CdonGbW^M;gO>D5($SGv${OL0%6RF`%K_-MaGOV8)EB*W zl)xRQO26C-{9JbHCT1uKbjBR9c>h>r<7N-(m~fW6CRxYugcj!TW_G~#o?pUlV$80^ z)hBsIMS?Y`uR&d--IAFf#6k%1%zL;_3X_h8rsCCZ z-k^Z@lE$=pv-X!}O5+RU&57tlSc}h5uYT`*<5e>{?kbJ`HN7@g)>1_EgM{w>} zLFu8P9~wRz$xnYz%6-)c=DomxAu&d;)>6Kbq%;&_7qJ*wXInP2(Jl$tA=fQ#LG{PJJ(FC&hAP47)*2?pZ(l$_e?B}CXEBr{4Jg|wDV(r^uO z)i;?oO6nM{6$E7gUKtA(6BVP@BV~Sj&gxswjHR;VPHi`yF`wU#c(zjA1(VGBgXo(ZH~* zK7_X41HqyFIS-F6CMoq9g=U7WP?mnNeU*!WzWY6IaC7Oe#20BrKg4tH4Hsuzn=2t% ziTLp38Gl5~1^TU;d9r`pTbXh&26C6%=dF!z7YnD%K)f&xGp?-i!_Dyv)!W}GbMkLw z7z%gLal>2BJGrWn;ebc{@#mj9pK1XM^dw6=2+YIkPx8*-8w1 zbv0JQr8#$*ioC7+nk0s+n2d9rb}SuhUB>qNf;48c1_EPcIQhvTvg?j_cDx^-Q}wb>oN<*-m$So?fYW;L83sh1XPsS!9x~ z9=WC8SbUM7l?%job)2P_vpr90bnm)^1cs@)`mx-!s^a9KF=UUTx{_mHp_yaAfbW6a zzQtT9##bM*zZbOyXPM}F?OK_;s(7=AFsOD1#;p&5k1(PRk_<8|;p(B1a2&}hMQ!6EWM4qoK@<`PaeB7Zw$@6%rX)zJ^H9I`Fsa6G z*|X)oO0jG&g4ZmP{4_$zZOd?CFW&1~(_-~ZoJ;c3%R3}1X#Fk} zt{alRmzdtR_)d?ogp76vLt9n2;<-jkxl;{oBV^&}#{x`t6BJ80lMv#P&ArE2g$<=q zG|M46#Byqz&RdVO&c2el`b#Ycifgfl4aK!^#q${q7zycyg`FQRlQ1ThYU`^&c=DMN z8Pq%(^VE8{n?Nd=!6a{!3scP8OIockg4Nb)aaWae@3#efjH2Oi*l_IXsBtalQzzd- z7$3rU8Afp5sl>g_Yk1dKu^7tzReiN&Tlmz-&X`-t2LrdUquD5z%)?AnIpIj@h+TFT zN(ZvDTKn+Z83{p%=d{OaHHytF?fM*2j9&9-T}UNf2C};?mE@(uF1*z5;O7xcLYLor z)GSx3LSczsq&MKq=*g!?BeTp&U&7iFK3ooev9NuRR46-zc=WVP$_TEG@$~!j=KD(- z2~;Y6Vkyp~KDDKNL#dMg-aeFkc1Rb{BT_IX`5aVEZS`5HmUwjoMWt;mg;2UJ8l}hjGI^Olb5=X0i z;BMTy8y_KJxQssCW*?v@R@~u!o;IT;?O~w!9=#F7ZDZ9gByqTOfDnz{o}tN<*jQBD|KC1zC=Shhx}cCWMU>1@C0N`eZSD@qp>Ky!A z@S-}yZ<7sX%7Y58dUEL<0x(QM8jR-tbR@_nM$UD@-!v#EGo419bJNoMV4fs(XZp@o z1Sg*w-WM~k!x_>NPYb9Z)dQ|Tv|ood3gqcbK%FPK)(UEWD{k6kl0`X@@O~}&wR3Lr zDsbKbEul2tb6@H2`c25eEStxtn#S&!?{wQ4SKd{r-VPf#DohzNt*^x>N%?-f=eVbh zRPK9oPcAm#b<*HVu&QAeQl0PO^R&h$YW&jC`@6C;wu5%htBi$bZI9;QDmgzMJ};>x zoDxbIWqw>;Znl#9B-RR)KRU-{xsy=%-h&swE*MY!w65U%A$@dsqEa;03nzsl0<3>k<3ThSXeF!Y3ryA^z~oSmz?h$|~8P7nBj&yG1CM>u5p#(BWy# z#DS%HQOSXlN=ZFG43aA>rDH*B0dzJ3WwEL2+^SM5B7fwy-KiwyS@tAc1;Fc0u|81} zV}rM;+M$7A2d5E7-#3garf8I|Na?sAuISQ=8e{=0eWW$AL%GNu%2|LjtJ|RPu%%3< zVm{V6?&8r#gJ$s6U1X404X^&tQMbxd-cv`+nYDt%;B3jRNBX#AJUA*`204e_rWnKS zeg*UURW&!AUG#+&u<+q8-~QiM#djat7-fy?eKIU@MfGoUWf)Q^UHVvG{Z7AF>dLVZ z{M(&;7z=zcGS$T%sVJG+H@6I3R~$Xa2t=R=@B3TBg`8T350oqI6D5r7qnLgyd}KHw zkfLfJFA>t4;eboFs|ej0Sn7X`ILKW#f3uviKBSvePI~3UqsZ=qq9Mx_xZ)CJs&3Dn zg~OsiRz}(VvD%5w$OOEFft;T{dAKmAljs?Vf#O`Hd>W_LN z!nzI5hn?3_-BQh1_NKSqE!v z+0y&KZ?B+8^Hi}KznFLA)42t!S=0E7tx0j+;Plz3iG-Y$^{#!iuZn>8+?WT-#m2Y@ z@%^=F{W27aM6PPLiMJAk)-IBAe{DN}K|F%#eEmLA!fv|NZ)pS(21q$<@JMVd9c=V^ z=P9Xy8T7cB2aOF!2ZoN@JTYr4^ipeYDD?bB2Dtj&SNs$sGzDYD&HZc8&o{Tmyy@Ui z5lSx)R3PA|gmip+!u%oR!Zo`Mqn+_U>RL%;7zH*y~ z(i`TC+8v+(oLh)9u97~z|8b$zSYl|f`F+uud3J5(5}bYQ+>xxENQdskBYfF;?Q%Vv5GDoQ?Q{H;Yg z_5DUL?LZP*H7l#E6~8%G5rYR#H$RBpvXEZY7~4aLV1Yp`WcS>;E74ga4mBEAN>_T& zALLkq=Pfn!6yKKU=2ux(nI{R~5xL@KGqkWgTmri_t4#9<&l7&FbF>!Ifu7jRSZbZ{ z)W?tAQB>)cm`KX8n9xZ9j@GqDa8`&=08_izJ`nKW2n8U-0MRS}t3?im`MJfne5YqI zR)_narJXYx^A8+qo3fWbMM?IqLN=bOoD&Fr`LZ*~4}G0o^$>{QD0(Kz*!Hjmw`~HI zz`ixmOr>XfS@;9&O`7h7iZ64d?tTvdW`=s1UDN-Lm^l1`$(>&9i7bo0F?Lj4{yO+o zq4nmT^7uIY1<0ei{a4Ge(wkGKXDSZ3xf2Q%0>{js*Ex(Bew;wt_>ni;RT85xbiRup zkGN_d=1RJMzd5$k$v*rEKDdtt@46WywRDtNTa~-nPM4i>nlBDFHqP!{MYA=ah+1ze zc_HpYcO=jofwUW|ZGLN9 zXFyV2VItecfs)$6sqU!x056UaWV7CFGN5f1_i!hb#L)Xp?tY0N9U+w z9aeRHB$NCO>-ZPw=<}q|OA31Beo=H@Qwip?&GhL<4f^b;VQ(91IOv1`?orBnNqWp_ z`D_k-kFm1?kgGVq8b0^zrqHDv3nV1>3M^(EBp>!a+xntfth|t@8L!P}D3)`r0f7_l zBbs_eRxtF|1pG>^6mRFK5APEfNQ}Qr(b$fCG%5>Z4FRcXHm+5~h7Tyn=*xW2-S;Xy z_P;Vu7t@pCLVUaQP>X$X*YR88aGfyQ@&neWCJ8KG2OOvNXqF}Ad(t-PYEw>z&BAUy z)|}2c-tM~>S1Qms+LjkHorL-Bxy&vuLNl={4(y0tfdKr~G>BIyNguARlxZ=CAIaDH z>bWL**(9ms#f~sCxpw4fFF1aAKoJ>f16(`{UhILGK>dPo#UV}1y7=zbIIUKf@56C-37-`KQYNs+W7l$j4wK0zz~Q^IaOn1p%;<%RmWj0rgY=NI&@b_%qK z-_us6?|)rAbP<|=70l5eh-SI->bG4a6UD)e4Qw}1BgDDNO?Jsz($~dUiDsDphfTWl zZ>x3+_YjISGc#jjW$l7tP>~nsEqA1y$@hJVE3_1}=)8$PLDmD+<0coSFb+`EC&EQ# zh53B_Rc~4Okp6h5ZgWNIY%EEbIGh%=8`B&tL!8rA?kgt`oMWklXgvoteI0Sc*HrGm z>~nCyRJpBk_rWmeYzmEKW5qhyr~Tq1?gU;vZDVm6cgfxOji6R#5oL&PsQ3Xi@`sO_ zH-Pt8T;A^o;z&Y-M8YP6wdn7HPVyoyK!w%o*F_ca0Stlrp%~AtMCAh^z+2|tzm|ER z0UUCYSglAi5r@!``2OJ|PNPpV?@a}-F7_~=?RQ`G8;#AWGgD0xINFMH-a3q92jQaO zCYaxPLPu8aRHk4erl#QIJ)T2tSZw+mx-km+#s2J339s$o&?`IqBXMt6XU7dv_PrdY zXPE^K>ywN!zJ4X}J&3~C@UgJa@pn|AKaC$gG%UhoDyTuadsl$)<@AdW560-;gJrU>a6mOX+kVOJ{5~Top&pH=m@V3AnKRM^2cqT_;jV=f#Zy22M~!qYUel!1+XMbui&Gr zNh5P-RlR-&3~@Q{&6~4n>FI2uqIx8O&%gn39@q9dlnfo`&XyAsaOhPlu)~)~TkbYn zSXea;`eDVjLEoRsJz(chUE;so=U>9+cWU$9>KL9G+fAL6LZ-g#e3XuHxgp8*&*c$7 zhifhqR>jB3o%v;}{wDgn7omBc_**UAO8u0l`N9RFc$`C`$Sw|+RqDVXE*w-0Emi}F zqGtU8a-EavkbHy-j`5Y!*Sqrv)QwE1${rr+FltevnCU6@N6)q2FD#uwzJ?zQdVzDw z%5;F=6wA)HdD}W;5C1f57q(xo6lHlAb9Tml1cuVz$;$jua0aC?@cF^f`%X@++Wiss z;c8ef^)te8A(I{u1413@vumoVrT+-HsU%|a)(8U0dwst(VoXZT-RFoeZ=z6zyQ;dI zXkQYt!IL0Z6}sf69|WwBv9m>RPyA-H^%zpT8blN+_$1ss=wtqHAdj@KiY2}!6)x@E zvy+>}wDo*CrAcakxra?er|TxZ+?mI7mBuxylE%*{ImVI=5AH|AUW8eZ7xwW>+~ekM z>tbKcwdb=yfS`ja%Gk#upOLZGHo2UT4AavAgSUYwz<`P>fhM&5M*#BmPM z`|RzXnm}a>7A0!mHglbJ4{tu(sWcF8^E@20{K~z=sWHE4^)CR@MC4)&yoP2Hp%guE z{DPQGBg1q&1g`gi+>{i1=ctR@`c~NfVOn^u>biTRoyLQC6BOcpm)UG^7-0ma2SQ~z zy`5g4*YxR!>htmaht-O2J^D024I zjm!Tb%YTVBw18Zvs9HLwlyXk>wq}sE%Ina6-DmuQUJrW?-1Lh1|C29WS+JyepS^NN40 zXqA=fZd1^8hr_sf0C7^<7f$InuC|V)V77~VamK1OABTNzc*!)f!|m4x`T9K7v%1_Ci(b3-hs}evU;Tul-ln zz?7S_&zqjsn}7dR>p*^Dz7^nGArlg&&s*YV;sN16b|mG1NLi%k~r(aU-X!JURD3o&7j`)1(~t9mw0J--FsXgd(8wJ%K)F!$$56jH0^4-chR zIEO{)+}s9ccnL{mm*mMG+ehwu!HDjYve#y|QTLRN-Da`FSV57@0cdThswUBN`-8sl z{u<`HzAL%wq5w{@zntIzw9IRvWM<#7uT*__(`1ei3o7!W1a_&M#bX5>%O4?i`Enq- z71nWde#j#&(_Srl%}2sf$o5OQ;813^>)@=02M?S?6JEc0qw#RkCg+MppxgPIyk(<@ zW0)9`KyPunzJY<(MUI3N1J(Tx;hj`GvwY6V z{5fOxaHHYxQq6lE&d3Z1D#(%K?2+j+qGQQAX=HzeXB)JW=Ty_i4NK(qGWH&=w!QZ- zbnO2ljk)OsH)F(qMYNj1NL9|h9Qysnws2IrmE0#8h99^D{G{cqX~#q#%5@FUDymqH z7q3A&fq+97E>FKFhmc2geKe__l=<}nWYP@R@BmZ+eLyW89Rod^+SZ#Z7s^eio@&7e zNmj!yI^Y?^G0dvyEABc!+R>q)zoD(P{Owd6h{0+xlo1YY@B3sJJ|pB;R0@ge7)b7x zqtNp3u+UW;boUBf5%nlj)9iCiFw?OU3Nb}ppR;t$YiVI0L5$;OVkVn{@_05eJ9BXx zUMd(5tDq?aZ&YMAB71pYaJkf*&h@{4 z(k$DtNd%&xkSaI5+SA#gbPsCZti+0x!}hnAa{>Zz**nE~mP%%rELyiOuHlCtoNhba zF;r4gvH@f66?eSC&n$}=aW-$rSjJR+VzX?1Cqn9ndZ%JEOeWc)F>HjxawaN{$~}5B zp>^in$Z{mY+~$H4-6ebF0#9!Q(eg1PJrOK9HVmD-ILtb;C1(2VyVPankv9+GZOwM> z&qvG7QT&I2o5RJ4LttjT#M^vSJ02VIM(}JZ^KhO`3C2?<;ZI_Kw~jYechda!z5pKx zut+D1G@rpCaM6XEcX?=Eq=S8_=NoEJ1m4YM#jzgu*DO$op=VCIPfg^tx4aOy{zy2Z7>c z;k#7Iv?)gO_mqf)WRS#>ww>Mab{XfsZ}#V;SEv=W(`8;gQtN{|7_)!vqqnqws!!-3 zVK*)`)CDoxu66wQ;RB!(G!G076I$5VA}aG#eSxPgFIB}J}21H3FAn> z0#)+9FM#og-kUV~R^ijq>ByF(*LVvQn)Ae1wj8H(=e7V5bKhru}-M9J2=&H9_163}-=&$d5-fQd|$54)>qs(zqaZJGl?X zty0PA+gPuJq~45tc1i8rTZ*lYr_%C7AXC9A!rM;W0F{#m*}JcoNt>s$!ZJ$l2pb3) zfFt1l1U*X8HV^$5FT3A5okzKbX(v3(2ddNIPuql7+0>L*jO<1XAD3J)DWWGH3od5w zHs?<&u8?xWN>zhGvWz55+sL>Y#h7u%p;{ANCn+HyDyDGS`?~&Y1J;y{j>eNCtc@tY zL%Q&}4+&sQFRcH!Uy+rY{Px@?!dS11>&xRbmmXJs`4WW@0pJQwi082uxClYhO^~c$ zt>3l_-D-MPcbOQ>FK!ADIJuQ^gdo{r{$3#94;)(70+%Br&ek!TbKm37SLa3G9qS}i z^*qn_EauKp+zb$w!c=XAZAa0BjnH0UyRL?heZ2q2g@yZR%w>Y!3x5EH%nCelS63JC z!~mK~;~CdsoX&3+RaEE&lG1BwYDQ2zu6f+&HZw!7aqHH{CFKknp^S@{FCWTuGl83d z__Sn___%1_Kwnl$eMW9Et`c>h_A@UQeeV6cii*YUq3DOejI0>Ty@KkUkg>mP#qnE% zD*`j9;0STC<4lMf=X%5XX@DxdDz{~(|8>Ox_LC>ZeIahKbH9tGp-s%|{#-3BZY(%? zXsN<%8~3)z@^UA+(n&V~PD=*7>eYo2@YN`?UB^bFm_CkxSoc?~rf-iQ!FiGAR5k#V zpig?Z$Rd;yHk$7qoQ{XW_P?_W&;$5HY?Cj3Z=OqNq9kb7zy_5{v%ge{? zMQBKF-?^h_lE+a`u@)E;w^=~QC%jnSNa5wZZa%Z}Rr^+el5&QEP#}NV=~Q8GD+Wc} zszg!H`=6aspL5l>N5HiEkLzwhC9(+e3l|>4NAeyzV?5tEn?=)HdVd@MIUy9k<*9Q9 zk1jDORgOY)Sx^3F$j{c`e=Z);j}@-|EA)0HFW!!c-F9xj+#S}K;($ARJNaI8c~8DR zlFWRZtMjD9O0#1Z5RWpB(O-I&ir}oEl(&b2(&eGbP14x&CsumxG7iW`?(cg6P;TYm zmxA8^{OHdx@!HR{IKin?p&55TI^EE_i^nW2Ez_bS@%5`$VXZTT4SIwEr08o0jcwIN zFcO-Z$t^AS^K@$U9XQ4rLYv(W#g~ZCb#v#j!XgK5(l4qaN)smPFvSo|`_8O-mq}2t z&ud+NvK*X-%_A=T|6w!93WQ6n96d!rLbzsaNm33Uy)s-$?;E>3{k^FFccF3B8Qir$ zjqCVvwE5g!rHl1dcH^nc;KqH**m)L@NIcuS9Ip&2W#T9-+b@Wpf?y{i{q`1URzje7mSD{F} z|Ib98i^(ZihH^=XW`*O1^tpwEk2SsrdZ+TRJme-#@b_H9vd>(CE?_m4l!EUoC}=)- zkm3o0b+=bt5HT=U{!pPIah4J*dxC!nFsl7-_vmIIo1~;sR#p~PhR5t#dc}L0 zl$nxVx3cbaRcyukfi*ZEn%#vimJ;f7vPC5zj)$~ zV~lrso3&Bdvg1wa)#Z(e2{XTa?OK8zzvt*rGS80};@6dQ0dD^)N4I`+V_P6Hr(Gcjd`-$mU8AFFO)V zHNzFX3-Bk&(+rUA|1Ao7tbk&(*ALR1!mUWGlP~ww1B5_u?Vg;s^{}NZqH>&r@6qwc znI<8QxivN8M7o?HRHQ&WV6(aM=(c?Gy|6IpKh4ASQ;Q~(ObbadnU|-%*}y0s39l_x zU~5tS`VTMJXtU+8hxB3UO2C08oSd4sZ$C#LbjuINXfsBMz2Mo*znS$0gwGmeCv`IS z9-!{4^lI`4vh(tGi6+J3Hz7QG#c$YC(h-pcH9{Hx$4XD~<0?};_S>3!5YrbB6K8{D zZu6N%%dv5AYR^NN*m82UZkv@@FN$ZwHnXlW>hSg|vH)MwS&qv{&G^{;PRoqT4N2zv zW2R&Gm0zoS-LKmJ=w7t4!#9wLs5a*1<{Qe07~gNtoCL8fRa$`TAC(C=892T zOFpqwQDW(>lAC?je*9aNRqDi5&9ycsqk+=;`PFPwMb3Svifo+?D#p>q78rqT4Dly? z82oZ=A)ENc4Z*BRukEF*!9g7`gYVmSM;+4Qm_M{+bw(h{N8IOlxzCEY%)K@8vq*4q za&M)e;EWp^LZ42?$L=_^hjQ&t`@(d_%({Q*bi})NAAbD!(WJWh_3PdCw2ZvgkbnOC zW3SAHgZAz?9B4)a)r8WBe5j}pjnLF!bJtH1TIEtRLf1FFV`8-B8_>IWIqU1!m#Qhr zB;cu&Z*YBT&U~8<@0eAWdj|iMmpD&IJy;p|g5<8Itic-!M>=|XSXo(F6P44!D&BNr z0e>ux+nwV`(66fo<%i25vYa}f#&6nX`FYbdAPLmanJb&cyB?W)0Vxu$Tq(%B@21B}165|6gd_tsFaopQhHD|UPD04} z<+QjN$Cy7xGnM(&UO=&{ux5orrxGk)A{Z-L8v0^eNli;Dvci2eA6xdQ^UP;%mwp&@ ziE5dcq(~aU6<}4Bk(<_UXQ3R*xhkB1_0NDc>AMmnY%|t>5si0-2ZG@J&ed|`sic5=$^Zn6`PCSd4t4#jV85ekVw!IcLjI}df zoJlI|z93+wVGKZ2E{G3ZXJ*#hdAautp%h&XS=MmnxpZuHe_uhBuNIhlLn-q|O@hsC zVFV1t!$6RYm-p-kB|Im0s>R^YQa!snv(bFbjo06s&2Sh>f9e+we zf@<9&>ML%(`Sx5oG0V1^tn5=he*QfCz7HQh{BRM?!|(S{<-8eg(GGYt7|d^gPeRiP zLbGh{^3V^d(;li~H`S%N!JVW>z#eC3i++%)R&$x(st15b-N~uY)xKn8xj#s@ZSN#8 z|1CtncY*-_6h^`v8CzBkZ_C9e)t+1a5*Ja)WPJX-kVpd85KX(|Wbz%behhOsMk)yl z3)X#|lYMV%tYUes{4Z2~(Mv%h6M3C!M@CtYwUG$aQnJc<+7m?VmyjpuJw%n_REIkQ z;_?`*I~dE7k;r|<-3te5g0zn^go9Xv*W0D%$J!x{PXN~X)SL?-owVF*>*>Dx50~w2 z7^aJg1WavfL+CFu{dU4Y(kXDzfAj;w*Vo^lot!KUf(l^lH;PSE^=gz@tm>wgMdboF%_s&X7ON*MKqM~WE2sEcY`jx5gF8#RBZ1>@zPu@g@ib_p| z0ZEiTNg%t&=@b^M7(s=|*F3CevhwaF#@Rh9(jBCUiHf4^Q(60igN#|;(w}r z=MdiEKqH`)D5ur`!zx(<*SsN0BneOi`l>cA^+-|p3l)g z{o9{^EVZzu*T7{E=wn02PljSd9c(cLCCQG*%979WkWQ38$aAg@_Y(kISp@~EU+`N| z8)8>9T#^m)GcAXf+Viz(n6UmsR<%ywIAfR^#A|b6!VlP3CGT9meED@~sKW(w`=X)T z1<#v#N2EBIRv9o{%T}W9XmvKq+PK~X;QHZOXRn`IX(m7Se}afxw`|ogr|9BLE;6cv2Bd2(msY?hAU9wZ?%@Px*(aTnrLV(_Xo7& zqU8l^$(!o43AZ!%EIxcX_4_ADXPjS?@^MT&pOwf4(-ZOS*pKZB~{kvo#N#d0Xc_0dJ{4tV+u}ElRyF-Etct(^TF0~5b-LU2Dk!q{l@72(fgA{DheHI*xzh%uDy3JAlCWq@mqo*FGkMN2sS_@2+Ph^d-CKHif34?)!q82)aSP_ z5NkH6{$!G5YkL~{`ka87EY(N|czR?{O-+G0@a9Kg5NlzBrspNjU1z)YB;<1jq!|OU zYHyIewZvED6$p*g)1Q_2Y3GW;^yn@kRJ&s5OivNO8d)DdUW=i6868-A1ac1Jtmpp4 z8Xij)?TyLW(A?5et?SpXvvKBhhQoYv52xgQ`sdl1aoU>_F2TSi3J`fLE^6qjrxpLO zub6szej)4*k>I6^@5>JpIXAsuW+x zG;@U`9ZFi9u~Eu)+;W<2RnDl26PAI%3eZS7FE3V-Q@DC;*y1KP)fZfsgp<=M3u#Y0 ziIxi_hsrT2#f^ca08_|v>XjR!Q0JV=KKyVj6ZNS&i}f+Uy@Y0Hfk4~P^7&Zt!l*N- zrF8qT3SAQ<@;g6y_WfwjW?DkzsFl%~M|4x;+NvM%>3wH+J^8Yy&)ohqf?&ryx!$WY z`yFN=sa4IV1|XwZ_1(_^iKigXpFeNcPj&93hyJ|)zbpkUCz%H(+B3^tS2u>vw+oD} z|27j6i9pWHUG0{_{u*h2|AEB^b|r*@p#!rP=d`hYn2#@aaoDZ0dj0m8!3eV8M5gqY z-)xY3I1_oKSL_v~xfBh(94nGInz|Ofx0d~mXLBvqA^SLAMBs~EPDn@=XcN=BQQ)-c z$EoMMgc)V(t$J>0`{MTtcUs}%(BJ1jl?TGUq8@9LpGpp2M&^#@*m+)m{j%WOyvsMF zqg(7Jeln~xet#lni;lTREybub_UOa==;+KJKOQfp@I#`@2{lmQ{FXIc$55Q4jtt-# z0i>OOMxl?|?hXdFE{c)qnHZVZPtamXe=11@3?Po>ONTX)cBo;qd*tM%)rz0vy_xoW zCnQ&j|1ALYYl&s3cy@wgzKrr~>FH&^eob_=lNMUc54*+Xe%1sjlXPAb%M$dM9XWar zGriJS7P4a+^A1|OySu?6Gxv@fj0h3$M3l6J=baG3zg#;spA7^yeND<&hQy_P|jNqjVb%4d?68AhydkS~h$R869TUN5d25kSl zDT4c#Vx(%4*il zhBxbH>{o~i3hcg*q{%pcTD?z9u%AdpPzDKnv)0>kUBqb%b3v1AB$S^{lz0Vd(jJ90 zuxbwm!_W42HWf->nFjXmwvPC+4nI|YnN8KuFst~ZrJ*aD2b=$3WzAX_Uy{OyFaBW( zA_@Ooh+qFk@YEke?Ez$&gjV!p)P!zE{OH)9VE&8=uFFr})7b=H8Q<{Oe-x_$m^`|OY6*x1tdq5+63!bBgD=0!YHL&c(%h`S6Bl#P#>mK+`>zn3p%_=o zc02=gUzEP47Q3NN^=6S?4^QnJ&b!zbF=8&Q@#_IG&X12h8v_|5w&?WhEj5tvFV2&0 zkMyaAdu8;^{bk=vm;L)s2#%%vDaHO_mG{nQ2k3TXpc@lh}&3K&-!iU5FC7pZM!2&GDi!%<>Uwht7_li|l?wdEU zw=Wkrv{t$<_S?SooRl*cx9sP|_s1OSsH!GwmRD}|9#Xt^YG&&;UyVN1#r|{6D+zY1 zP}y1ez1MqQSbnZMi&`1e2iZO)x_$eo5G!n;@V6lT{fgk7e|cbiE{MIfaI<2IzYf(}FLtL5X?e%9o=Wq9vy)!wj zbg)%F42Zx_{9tk3oQ^MC;c74r3z&TRw$()Lm}>*WB@4z#ZIZ>@Z2{Q7lnRUA7!0YD z0q0weIAK(ht8o=|a&+5NHaqnm7L+$ncZD&@=av)}s-aLQfH(Wlr~5=z-89Ssb2N-J zb6T=R`#i-ryr_H0p5#hUVomz!&*+)+t*_q;*!!0?;Fjb%D_Ty%@NRNLtsB{%4>^Q{ z`t_!#rgHJW9fCrmC_-N0oS}C5N6Ns3(%eHw`9(WVj8}V?I1VvaW7f59H@k&@RuESf zWX}TmY|t9J?ETv1P>NgBd_(jB%(qBQV-;m({JmaTfb9jyHn9*3WM&r{kl)$r{t+h8 zR||nG8rae8llasVI31&ve_lyzUtF7@(lRp2KaEc^H^0XoQJE^;)%D~;J>2lg{mcA7 zkBj^}GP1LosC(IOM=8_i78eU#XJOIbNsl?`z*!X|wqUl#g2un^k_@0OKBJS03G&gN zHx$_g;~79v_9(~+Dqd@gPdx!6p=9KsW%@JodndpG?eMhh5CfGtZhFBX)Nk{317hKv zJbA|ep}5jts;m#wLvL&E7t5nfZjTLeg0MqYdU}%{!krm+EEj#$CVg~uep%8|lt33c zOKC@-cgg-%fD7u)`KvbfOzJ5J&R!LU2!S+D;1?`acdMiT$2sh-MSJ>l@O&2M;ptma zcx=H-dn39n@Dp8QAHk}AFeP|$3a&dhe5SNS?VyN0S7a}vzCR^W$? zwo*?q;ZVhVMrdZu_y`+IC8yfh)Q7mSjKb_Ype-!Vx`^NQur3tV7nUkm0h*N|3yy8& zbI6X4f>F@g^u*$lsHrr=5-zBM>hjOUMTlDX?{CegVr}HCgL6KzipDMQG~TgcK4DmX zI&v~T94Pl@J179#&pX)qk<&WkSU%%eCY!EIgvCD%_x?%=6m`(1ryTX<+KeK{1p*uE z6)GF&rIWS(zJX)}R=+}1TEWwW{I27J=&Od@U!G@3_wYCe)<{}BjVICfc%=H%F8_ss zu7W&~CxHrA8t^G2*bGMKQc`*lGl_NF3#*gm1q_6{&%T~+L@4Q$OO+jdehVg@h_cU( z(tFWevZniZwMXeCk$8z?LbgObVZN)_(tbnRgR5-!bn7YC0;A&`oi_cWrHV&!btL`O%ZjewXk*(Rv{HTG&9`{vGgG8+}4ftuQqB6|QB;f60*FIRK!r_wU{@Mzxxa!I}hD3dCq`T>7UnDo&;bgT#h?sAk{p z5(nba2=`~Uk2JW~8rnpNPADz`m<)nww8+l_HoaZiUv-ne&Q$xiU_h0b9J4_&L8Be> zsNh-$x)y(>$BM{=!BA^*Z^v2FW9_bLQ&Qr^jGT5_y7x76*TivgA;}WtvV)R4Z{J3sMfLkXCa}ki`r6UdMK1p_4YV5XqU+RY|l$A zm0g=2FL-xHV(YcrGP~6PZ@m4q9hmLx@r5$apmy=&)g^Y(kBwm9gIKZK75)>FFQJe<=_mO^jQ3U@_Og+9>FzlfO5-*bmDSbN#pboaR0AW`hQ@J=TdnQ?*r;Fl8BlT=9ApI?GrR-l z>z24}8X>%wO@AhhL#m}Ce+quG4Uvb0D{v&;W<7z{yMH>-pPey9>(p?JWNE(c)zlO4 z?3YDtP@hZ%30GYRC@Q=gY5wMFo49yrKxcj|h~Fm~XP>}=lefU;i7MtV~2A=G3BEp-J-F4uOH^t?uSAiEQzx&u_yOnERk4C?6e*Ot&3)r}B>_PPQKBAg7VEW%4W4 zUQLcDWd#CIb84da4RR8iA( z%>ya2|Hs&u2SUAm|Cc3HmO_dw<%Uwonq8?>)~wk{c7}|7p9*bK*^M>Xm$8qXs3Zp2 z_azz2U@#cF-}A0}OZVQ-{r>*C?!Cs$Jn!?I<#k@?b#M~_S>FgE!Z5e7&Lg+x*=*-z z0bx8wATy!cZZOLO<#W$IG?p%{tng!oLo0*$Y%1z#Rgr+gwUmi&A|Ujz_$}orv6=;~ zO?}XPo369wgoa?x zofo(B={btT+89-ct1=}>-a=Iu_A~p93OdWBt_*1aW18?{ct?s*a1YVKREX z&b!23^;I{lKTCWvq)T9ThsAaJ13G4&{ltkRAp2m`zxFO-6H&mKNh#nr`{7KS1l_I> zt*aemti@ZBFtG< zZKeaOw8`lMmpjYMHeAPSj!TfF9ph+@{BJ*O^B#2?(x=UuYR1B-U~eT0})Z(le9LwzhsrdYb8af$O4-o|vI%uHk0leX=bQ zvLx3Wvr|81a6Hx6W-!*Wgern*1mH*!wI74@b^eWD(2BZW*BS*IFmB#jiS${i(!*O;S+G_pkJzhGI{^};I@9&V=Kx=}`NB~+_q42li4M2cfBW!5Y` z`wV0gKFrFR51R1qlj7=60R!CTbv0h*f9Tq8P2`)M8cEaBJ8H!SM&HU>jhNx$tL;`D@Iw*KcX68~@KswET?Ye8sML`Ja0=--aq}9?& zI%~FJv$b%31wR6j2mn{K`&k7*r~D3-&i)HJMW#AhPwi!{U8r=jU!y|-v?Zi`JP$_H z2F6|UB#hf@yZ!R0cZND>_u!h8&WXUIvOZSr0fE_tyxWeqtuB^Tdw=~#>P&m%!wT5N z=f6WVly7Qd=E(I*mwI>OZBXXewf)RO0?Ab|X@0iJU;IvPfBDA86YG6wJ{>UM zRlWXfR}V2@adB+8gX>;a-nYE@jqyX;0%+ZnuE_a{Ih$*sKfl?^KdrWY8wUqf1js-| zisQL9`R^25R>c?(UmEsusJf+VO;x_$qM+qhiJ_;Z_Dfs`6f-dA+xrd2h;y~>c;SsJ z9H@4EwXr&z1awDA84X|&JdyR8>)Rn{;lPvV&eXCP78lAdb{q;a=nzw*MH9DJ5PGS7(N?of&EmJZ|3mI zcLlA(f_C6*t30#G@~~zE{?G|MiF+3`lGp$I@k?K~1}2a@U#Zz7;tbb}Ipt|}5MWAh zh_KDeIOkgOG%>SWMYhr}zPYvgJO~m!J3)2q6E6?1{J6H-9`pmZA=LlQH= zM*mY{Ccx`_?M9ZThv|129(u<=6=uNX%;zTpm#2G-@4tWsj(hkW1l>(|GdDp+YK0B7_ERr{|@{LjCgm`oOtJCbZ(=Algt4P0q2y6q!j z!?XNMu7V0+tgs^C=YKtH(3*%m0&Jp5iIMc$K12)8Uo4SI;UZO9LswT<%adGYzq2bO z!sWgs-ICr}wGk06n#((V`Yp~fSWEA&-GHc)EogrWewT6y+9T!CxHbPTQZ8yiG&-X9 z@jZn>u{227A<8CEL{G;@OIycXXY;qtI#=&KVhq~}9g&5G0lRlF?Gl&lh`eA8E&I8U^67GO#W0}h;6?4rjspNZKIi(H}tum(X=7BdoK~5=xe_mL( zx3e#oSa=A?B4_Hz4i2W)$HH6a%!w-29irBU0hpGiFpis2ZYPcO4rDVaUbBT!@Uk~!7yJU5j^y@izIk?#uBa5Hq%+2NW zdpgW5p?LYUU?e$B#0%fjs*-45}E;$Y_3y*}!Xo}eN?UwcUo)c{i z#x0Xp%Xx==@bg(k9u21^jzz>h@XIb&LDit&dG2mBrCIHKpf7SI$mDF;MXs`)>(0(d zcAgu&Id@Q)IJ`TGH

ZGyKkr6O6aI5S0ssVc+&`_p~NN)WbT=WXt3gM@D$)o$d4# z>{^b2L8x!Cei-tN7F2x4tIuZIQ5zIM1T7^c3yJYL)i%f=05`Zr`w{Ai>e{6jB{TY~rI)uO4>jVOAX1Z~K(2$ieTdPv>3~i>hby-TwBP zMjU93pW@^Dm%97sqh>!Q&{~1XN=mv65qO>gjf`jL_Mkz?RI=ve+WBDA83$wtn39_#R;Ien%x2`6lz-Xed-_&AC zL6GEx<0GQ3bxqaoF%ePGnd*`Ang&WhJ$H1n7$lL>i_HV}-NKg&fo4juZO%*F8GNoo zbqkp>TC8nr>q-4`IMPyoJZiDuri#%@#`6wPbe!kS$@}{0v7^uUi?Z@v^dYS~>Zak{ zMlA5TJ`#-KnCV6WyU*}J#gVF-8?u!|o9(F@<1a}M+AR(k1BnL57C9f&cS?+`xoYZH ziVi*vvFf8h7P;ua5_~LA97p6*4!U%l2a#(lj888x9L;DIUj<8x*IV-q3IucO)Wt64 zw(s0iQc`sJBb!q4^763C!>ltepZ!N3u@510bm2e@AV%KM5qg_Ig>W;FFDVJ`YgVT!K$ z>7UQNDE1t2|IlzXelnX>^W(5ms`f$8ua((ha&Y)!>88!^qlXN)}37KFv42f zb-wyMqah+c`fnzn857 z8{Sb;P8DSaoN(PlZ0~LAId)VN-|@`L4-cH><5L+M8v{9xpsdi%MDdYdW5qvBsn(55 z8#ahiRRN2$Wi9+I=q%(4UZV5DALm zw%s95_D(u)^SfgNVpw_ExA55mIhC(Jt8_)bI+?7`f{jvT zU>VLz)2^4sL6>Fs#PtcL7looY-%<+&-i6ECq01e+28pdD^F8dlBTl%&pcY?My zIY9|uzL*uK87B61w0vPY*4&1QH+aM9btnc^M%ajs5pfCgU6^{Ny-;jzZ{Mc!Jfxj- zq@uB(Y`aO8ALdf}sBgh4yTy4|tFQqFnqeKJHC{J8u1%!nbV$|&ICy88v)f6HM`E6@ zkI)XLcCiq71nV-E!`!!LLr^8_j-!hj;vQYTJPCqxHSXP_a> zaOB9Tp!&;+>wODrzgIJVdla{7rRqh3%yoXyzx;enQ=Zc3G)_OAU6i1pol2{KReth( zfwLDWUh%ZL|6U<^x{vtiQMAWP{qxW2ixP-$X-Oy&J z-=`?|fhp4y8^c37x~-lGhLxFJ(pVq*!@JuGMtQ?x`>|q%BFd4mvU;NWR)k{l3c^ZH zq)gk`QnG!^29QEC7+0XaG&jlRJ}enn#&K3gk2vU=A4sEQT|NA$9i>;Js9F<~Q@+vt z4vV#9g~f~IbQPa5S16t|d1Yi&vJpn-hHs^eBCWu*9u;=i3ySbcV2p`TvKJ;JxmkPC z+eFU=Q?tu9HM2Ei^WyA9J_E7l6Dgpp3s^cL6fr@8fk&-|wM^#!rEyh$(_|vhXXD<$ zsVp?1;c(~k`=k{amgSehU7-{r#uXkj3=PQRq7$;e&pt`;a!+#LTid1<1N;8_Hv&E=2zxumq{d6$SS^vCT1AVq~}f z@)a#>t7QbDiBeQ4m8~D_%egWZseX7~Z+R*w;+rA0@a}ksLu4Oa_40P`IcX>FP*3F? z{RzefO+2hBy0W4Az4LQ9v4c@Ht!&%xF64NEL6tsRHy*D!72NiT&>$d$eS}%Obj5Gd zhp5wG<`?Eva{GEnvb>KYSHAk+uj-qQIGaIH;}WEhC4RSujS-A2~% z;TI=|EG#bG=G*=%DF%islR?Ns(+sIR4(<$t2io>x3;LJsyu zqz1MuNBn%H@!jXu>kC4Hr$&dd)Y~%aa!V|^msANBAv!SAXtu5Grkp^Jtu!|)T#MB9 zdYM}`5mn(_kXv@|jkZsTB74q2%I8d*Xu5S}rUP zjHYShkux6^^tTP9woiIU1$)kXAQr=#cCa|G;SU?kWVHK!L;O)hupFV#XJBn`gsiz0 zZy;gzoa+T!XQnd&F4$Cvw%Ux};!|#v!n^jTNaiwUfsRL(agDEbVwrd?kPhej;skoe zdrkj)a&1q-Zr7Wps`@C}Sim*0`B|V`A}E*Gtav|r|ID-i*aEiPV=5Y68G-+Xus{TR z9bD;7Yj~)0{qT)$5uxiz4}XKhijNtNm8EPIr3hu-)rJuXvkt*N#WF z)0>5bv!O0$EY8ioYJ&ct-ywG~cO7l*OhAL(tyqv}3}*}NVC+j)I(6z)xgGY7p|Hza z_0X>jN1eP&<;l%GT^BPoLnlLXaY>>BoT{$W3YL`@z;70h46*jdF(+lLi< z43fR_%k!)#nQQ3~!&hbx0kNJJWlYcWH=F{3bhov&yQWgivvM3wgupw7rw|3Xjusl)y5#pyq=g#Fwr6|$&`_@lP z>f+4LSMPozXqUP>KzpQJUsUIrd^}qm?Z4utZC@;k=%8B=LsYU+ZbXlo_Q}(Y_duTwKl}X`}#*&j~)AX08eA<1kp=>b+vx~ zX*tE8=mD|t0RJ~TD8b-dfW$YDFFOS~ zY_QDSts`8Yd11@n=CHFA=(|>&wK7ms`DI29Z~9O@N4^O|@TNDJwa5C~tC}STQY&@& z$tBrq{j<(X683$T`u+!KtQ|oL`*J9 zY5^_8S5KU;{w$%^OV);TT#c~r?z~+N5(2%g7EA5kGPFm1zu#(a7AB|&*{c5f?#fU_ zZW!-i(k7d3x|v7=j&L9bS>G2#ed~))jjq-9;Rom=R`XeY>gid@Bu8=uh9q{qae1(g zTTNNZWBsh%c+5!jlf~QMpGm{57j#o*Vm4mTm>S|;domj}Q2fS1mw~82_p`~NxHsQG z#`Akn21Ex1vSH&I)hsxTt`8Wu>(8Dc1!i$ zveU_4-gfwX7WMaQ-XFIWGSgaFq;9e=p8DiyD+K>CcCf2Env_jXtnj}01#y*tGmPEW zr&>hmOXFWNB!B$K6&|LgH#Sr~++xuYzv1VO?{ez36GWm0Y+mtAF0M$ZciAMncx~Wk zM5yv#c`o33X1dVbHn>~^@i-b=dM_|mj%|(RD7?6n)L_&xEdRlf_37r3DXsm5Wt%%* zSX(*0HzK)x@9k-BTlHBev3;pr-!!?L0TpX1_Di|qu9^=!#)aKHBMJ%%7=VC@{etVI zlc04!lPPq3?@|2Cik-D;rSPlnQcFMwel}n19-*RrOkE7y(iD9h+^j7oKhQ?(UK|8DM6lu$*SmFZOA&e@07hB&dEE{PH>6V#v ze;pp+`%*wFYBR=?py%UBib-(aupjcMSIQYGLWOrtlVIjb)C|RKE4vcJ+oWsK4YI&4 zj3C?QQ?tGc^@muEF2X3u5JA;0J_G_xC}Ga)P_|`%YP97Tc442xKsC2<&CW=Vq=-Ge z)v%g=S_Nv?EwK#D?#H_g*oj6b5R?9;#Y(vxT)T-Q+PJ9XimW}q|Im3SYQK*LW%B8^ zhhUVJ$icUVw8%lX4}dHbwWkFE^s=Cgh}hMzaJP7!8+S9k%psRSYww@;=La)E^G#Xu z_LOT0{$g!|bFL8aLNEWE0&mZ(=2gw?d)KaYJh*1k`OljnL@}Wr!4{KAvxn`7?sA#mZzNxHp%2MfQ-o|nm(wnfI80(CPE0eIa3Ow+ZThB*o zwROU>NQlCIcT53{^*)pBmdq-dX~9|AEcKq>?vZaTl5pNiaxmhDbF4qC@#~v$7<{bc zgHw#e*~;z&`7Q0iDFh?p0;L- z7o&^0+Xh+w*!i?u4eN3$7j;;5A9DQQkrRJ8;cVOBHy+u=4#{wRO^YG37=Tvf`{m}* zXw@t}B>)|}^++0Qq+UV-*sO>3=y2|9zTXYs9HMxdEz?YJgqNblx8ef*QB+Z~_1Lb0 zX#5)dnU1c*kmt&J_sGQyNb&4LQJRRU(7vo}d{zx!P88AaK-K zpz5Yq$k932$`rb^7s*Ie1rvpMde;NjI84Z!4>%BPtgO^vu-tBk0aSou&$&Uy6g8x@ z$t33e&IJJh&YKT~Hm!$0jB9D=qY`!&wM2y7yf|H+Q5kfrq&pV&j&B=uJXqhe>@H<;_B^` zrawbRP)r&uH(K2M(Y(h3UOO0+y;{jZD`=aYuhdL7Yl)h?Z9_#4!yeJEkG?_Hw_?1w zD0d`{tJR~esUik86TVFisg`7Hy{~Lp-WG0s(Qvq_ZFg%tM>|qPR7BU-ynn6-(-u2D zIVD-+sgg3Gl{VM%=$#)Z!#8lx*r)1?8xm9@Blq4Z+|@Jb+A)^(`&d5AVzpD#T9YM$ zBu?v$Y{%XT(VXs4<;$0mHB4N`vzKBH@`;(^hL2(M+;}>N*mt(n%}gl&_@K~q(!_*j zVg5!|Zbpxr-*#*>iWLf16(}TNVh+#?I$)JjnwS2%8f_d$+8UsqSG~>-rp03tD()uz{m(b(*CJu$(BVwBZ3=6Z}E$Sc1tpZA5fexy5TBUFI8vh&zfV_44b z{E0dZ7+k?`yKOI^avn6*Q>>WQ3~myo7AaBH8Wnn(T{8cQ(cW=58xG zS4@+-DoS4t`?%3(hOz-z!uGN(lhx$T6=}44c&h60Ow_PbK2*(0sOw&!AFXn+gk^13 z`Ls$nyydHK%zjOO_dJRygZc8z!5ff~9KarO-_8t#_{#hNp9w^b?it_h)w1sLXg^VW zLT)t22HtPtTverAv5}v{LzhMX1=o1>glqe6NBS)=Mca9Sm9}CGL(i>0`fg1#>Q#6o zFg|ynS=rg)_&~1(oaqBp9#6Q_UKUSs@2@;IK@pP_jwLw&gMbO zo~LyZ{CU=Hh+%`OrkUCa=c#zxmQZo4h~MT^e#oMXfb}5qp=3d_-*VE?U67P)?lKFKl6foFRy0<;c~f^#cy}|4ofo~9Zjj4k%p30MDaUb& z?{j~;k*-z;X%$f^lC+&(1o-S%d}*K0Wjd!PDv^Is@U#HJZyf$)V8%P_D879wS{`D2 z16nrk>C;!hT5SvhyIyMz(#hq!AVCk}Kmjp}D=a*ppqKJz!%$4>nW`4)G{Gch+>@+N8f(P9^!c;C%PvHsX(u%O%0 zs@!*BfJxu5;|~$kL#iWUreBHM7D)gNjV(bP;-c;u62r9bRxQM9`?yM_f3rgXGDJ(T z)1_H$fl6y`p!iOl-<^@dnV4yeG@s>kZg3IO15VL$Y-Ho>#M5BFxLB3nFj;ZU87Ub# zcq8r9s4dB`tl|ZnjYH!4((HxqQxvS$pzn9}neE=l{Ua12;u+m7huCrk#;Ao_+l#(L zOG|Q8akf#AAXgctFsdL&AoUFVCDkBT%MTO`iB0CoRv^1oKwR*8RZeSztGbmT0vgme0v{mERZ<|m z<-52H&t8}->1W^BNfrHevPg!8nmYeVb79Y15!QJ`2MhTA3L#y339?Ju$Q+YpsCnRH z9G3=?9OM23ueImK()9B?!Tbi9i^&J3#<-7J6A^DZjPL+}{7mX+TPRC!0ecYTw~H3b zkx=P52C6rm*64KO9glq1dEO#EagD?>0JG7{Za#3y(e>+4VX}&kjz|xxE|cTuGt2>* ziF41SMKQoqi2;(VF&8}^Stzqw2h=0WcIHt{ni~3eem|)Up&MlLHI~)aX;f@Q2I?mi zR{FY0F{Tq~6(0vpXuQ@|LKP+cxCYp;rKSHQa??#+L`0ZknSxu}JK>Z<_=|QD^Fj#a zibKm-o4V#ryZy)azDAY-B#^XB!LN_V)%pRwS>E>c5Vt$@$75cllQRXcjx?%?|K^|C z4gvo}BoUP7pt}cCQz-Fu0m%hv-#AE|t z9cb2lo_78WL(^NaMK!f#{{!*(neL~EBZFHg6WACAgmsUNszrCRqaHuvpp$fq@TkJ(FrW8 zznXF8EX+k*sAEiR@O2838Ol@GCDwUi*rVyp;IZ?mtU>o?yhh#lMf_Gju<&*IFJI-Y z+)m|9n~7)NHl&XKSmL}W?;$}f}O zZ~l!2*!Xr#82*{kXZ_=|<&T>z%kAx5mLgwC$UHS_w>*UX_*7vR>OT(vBcfoFDqh&8 z3Ac^+66@@q&LtlQOXDo6nokV_4`0w{ck=7dDdm6bT}yB;to9FW*jZM)fbA7=Lf`mC zm^hjTi9L@Y`K`aYe+$i-`g}h%^oKe2k=eY^IwvG@JyN+z{rdI5*P)?| zM~-}{%$F1v7T#yk$nd`nLyjYgtP%kYxt-(V0}LR%^4ZQW<3K^WbK{P3oQy$XG9y~7 zvj5S&-NoGtXc@1y0WlsCag`CzwG*t;+Ftz=(b97#LDTr~_DmzR6(DgvMiP~fp{t=V zO%YO^{@^QT_ohAhYwnK<)35MDZ+*(nY)m9DWo1l{$Ok-n^yyCA^iGyVNKdd%tYyH9 zNyhL5^)xEWT|5P>L!TYieF){}^m%e*_p{dLnS^Wysby#Q8c|tCxhr5YxCpChq??ll zK%8oajYmn^0%cT}#m2tUO0Vh>EI|WdNXj9`$Y3Mmg{C%|x#>}O2)l@!>;_&3MDyjM z_&F+JF)=7fiV?PW$>w7dT{8dKzN-fU7XYPVYQj8g1^CGrS%A!VFX!!)6A5rlmuzj> zts%vwSV~I=Ad)O0Xi!szw`lU5stwadU|R$#W@cDo8iaAgHC24usx-OhY(hhgjxd?` zwb6E9rMRu>w6Ko&KRb-ItMXECZHHeK~~991vI*$+1cO$+L;tF+0c#? zr;wc4q|)~xc@Te4s=E)afFaNBl#U?lwc4vt6?*R6Ezk+Kn_Vsb@P_T5CHY?;jm`?~ zPZURsmsS9goRFPu`>swgK-ws-2zg;-g$|gJbTiDjE#F>jZka1Ocj;~2S59V`OUeKT z$zJQ_+5W2ftO&36q^p=J%Xf4*%SE6@lfS0y`uc~7TR`Cc`OW$jaM?BQs3*OWZ+F?% znS}BM&xsrnK}0t^HKe4jWX@H;0xZnCbBGU_oi(Y{`7!pPCwzj7m%;06)MaKFp00z6 zVn+7lZxX=rzWL`D%jaeYE6-#vbmwjdq~#ep?O6Hj^dHLRaHF4s^@rs@TwzBWpLTnw z;HSG54>aQkyp6r>-ZH*~$>^7PR>b?xC1YDbTjwnxtM_K^Cc8)$Z_2%@i=&B?wDIQ( zIg!0Gu)})XuYAQ8+y(#}*F8NbM=r*6L(Zk04}|4S*I69Q#0rd*UkHGLhZm@`sf0 zTdGfb9ukd`C;E`Zz61LKvZ`O)3??O7E1_+8#l^|Sy15F83gpcrmLWT%5!z-^0)*LO z$*?Ndw3VIbjrAgCOO(MUW4mX{@jEjftbDTlNgH5jkHNyBeNN|jKFyLS0?QZqY;u@Y z{oCDtKKw*D32*mo_lDtmHwFw%x4f+IHue{Qj~H|A(Z-Uijf4`eiLNA3Kwhvy3@P1i-{%y7p1z?Bg&Y$m;WkTIHx}9S1 z>dU9^801>M940^c*3IW_T1W_T>KUjUifxE^ZcA zsO&D5S*^D8b(qh(q&GBEqEPKu2%0dx6N6Qkht-cES|7e{_e3CqW{yDI%5C4kw zk&-m^%(e#_l6SKfa?^B&z1o&^6pK7P%1)9N7_Ay!&o;yULF3Hc9Bl0opsvg0A7%hb z0PoJ_+56=i8M{bzO7UJW5^G^&$!2K&y@I`z1AgE8A}Bz)$(jSr@D_M5NeM~lAlrscc5bX8brhO^T%4EOfFeO+*i_tT&;lFC~3=F@P7H?P}2^OeOm z)|#TH2aKz)a2B*LgT_o300Mnfj;oIJr*_t;I7*)%05A9_h<-gv21B&9fjGJBa4fRpix~v1~Ii`27kXt z-*KxV)kO2C^$+wEwt}YExrgKDYL0@;2^I0|?w(^=(1kK5S8Ef3tX9L6z$&6l&{Ti=`0>k*>98S~r3M<6&FJzcwDyl$9t1wQAn4IRu@NX9GiEsz zIbl?;U1g=MO+D3i1X1LBe`BmCS39ac_k)99YTV`_m$yq%jE9Xq-)3?e-oHR{nfrU2 zVxJ+EP-Kjzp;pq(*(?2B68eRzIBQZFscj82+@0NHP%f6}hJRik@-P zeEIh3M3t~$Jx7}t35zR})%uKKw?AK+JkdZ>i-u*B$IF5I_?}Izh+2rs=-B-_8ia24 zLq&&0*u$7nt%g$FA(ryfzaxG`NV?o7Vi}NSa>$!490*J9Qi3eiKmj#OUoAV$X#Hw% za1!u*r@rT|3!I4Z7_);^i&KG$*Uy4kZJ>G#s5J$m&XOl-`s_qO#&?Gw@aF#ak&Zf$ z3|kIj+vW!c4M0(Ed?+$ktCaUvl4wPZa*(HwT(R6|6rD;&dkYZH=m^KNPl-05-+=V?;adFUP!06U!;j5w7=`31w&Mc6DWfHsn#Tw?^%~A`;VovPoWwj|n1>8~LdgxnO z(ti?H%Ra+ykLF{EVn!h;MPyk{B>V;pfZfnmY-G=x8IDZJ?=Kvy0HMmF-VNxr7f*Z5 zbwBjvl~kZfqpGFG*Uubh{_a1jNMLR`gD%A};`d*+G~UvLlxCQi(jGsi1j5seFf^~Q za2P1i9ysk48v6UUT8ouylCJ`4Z{TN7K)Z`BUE`RPdlKOtW>zID zAfh5>C`EJTx5R-X9b^NvGZU6el*>=Su0%0@pt9cHt{xpcqNszl8h>FRUe9^2Flgl# z>*4PZT$}iQRr#tJn=BE*tOUN}k*U7h8$dGu!$Bc2WEm?>5YTBf`n~1t-Xv3@)pQsV`pS@r1L6d~tpP#3+hn>8iOyUfv7Sno5!9ADYFcJ0k67%Wl z>Cs1iS3wPMfOR6a)Wr>774)5CoqDDC-Jy6Y){fuL%Ed+rZhV+&&maY@eH4J!Z8_cC z-An80>b?y%vmQO#u5W&k=D)6N8z%|2uS7g=Kx$wZ$dYR3_NBPVfWhy_$Dh<2dcBWT z0dIydV)`HORt)VjcHIqyI!L;={`hW3a{CUR-@KOwAl@PiAX2lBPe7vp&;ci({T4!` zp)ao5*bXU_wvq1#;=%q6IeU$tP7T~oicTlN6J*}nwH4D90CWRtQDAA04u}r%#w9lc zf_NvKuhH4e7iK8{Rc*R#5-?Jn70$q(!J9^_W?&GzLByjzefoqIfL9FVwza9{M@!zR zIrF!yU~k+;)E>23x2pi0CyJ$m%WFcs6OMsRW0bVnje;z|syS|ej6e@$1TKV$BJ1f?Aam84!i(ZC<9<=3u0JfjyIXNKV@G|q;VeKU}ar%w6(4dS4S2!{;ouN4Ud1`GXVr3eQ?zhKioS9p1nJXBu#|X zkt8evo!9)Eq)qBbo&5e*!f|ktm{O1NMUESXkrO;mGFhWz!Lgii&_Gfrkx7knO*M^)#Rax`y=H^8o*TOtn2^ z&2T{5n0KvknQA*_Kj^E*U$q_`+d|oQ@?`s*E$*5$I0QKbGO2mbt}ZQH`*gjqx5*ob zuEWS^&N>TZ)4@nsJi_g2*uMec-6Rg)mGb&jLX);fMj?gtH4-7|JO!h=W@Bl7zf`e*1FG7EQ;DE}=xEuB>u<6zc<+D|1(9u*^)cM?U#7w3R1a0=+fwws7hc?@o5M$^C`n^WNhh-)NOXp2Z@=9q7g3vqOHVt{?m zwWc2X4;XU08RpEc(kZix$<+&)F|x4O+K;|?{5Vh40r1<7+|K=vo44POaY3d7Rz&kK zr{mp2ieeATcq3n&ka#R#yxAtMPF;+IlB}wBaq_E3jHFL`pg9*07~zB#E|eK`6C53) z#3{Tewspw&?Xi;|5pU{IEiS9XmIZ*IFUODhL8*L#_A|Xb=DpwtzVEglbu>sE$ez@; z$OjekNGf0{UJAW7b7o1xUM^Tt`d&Hx88$}&Cqt^VC!vqCO^4)yJk)od!Qr&@^gOq; z?rXB=iYLZVJYzh1SL05UhN!|FK$Ug9v{$Pk^Z$*J~#Dk%AV*n38+xNz~mxB$>Q16sZs;X|Le zjh&6Ur}}dlziIb`jNmK3B_W7-I^gHIHKDS!pL3L2ga{)MV|f?CCT$ZCgEV$yKiAQ3 zAEc>fkn!@RT3>zLx4eM-iaF}KGFhg%%mK?wX z3Id(QSvQ~r9({k!-XV9t*&d%o_Z-R)#xsR1L1)hvVHiYX`$YkqJ zqfKG7n`gR2IdmgQz^a~Lwh*ac>h6(3<@f`(cS+m73OlJ42yR}xgDe6Ygcz8ZECZr~ zqUHZM`C{B}q~Go!HFY?ZASgc6s_C2eC`A0qrvLn@h07$~(u;N~7s$9mWF(k$I=TQ3 z$ZPus7Ybe8O@6l{8IDocp3jClS<&!?Zp*+9Cqc8yR$uHWMexy-ZLH3_zK&&1FGq^@)bN99{K-31NR&i~b7JRNLa)e=7 zie6Y1=AekG;`8pgNad-3+b4d@U+JbG#ZRx1*dqYKEA|)b9NeK2c}xMxO;Tl zd^>%QFWm3P1lo%uIxjbl$Z=SK`egms@vS98TE5L<8BSJv%)i`L;h3VQGWp`iTZj-?w^D$uRYq3$1!{2{W( z504XjA1gpG+2p!t{J-5QcwWP#(-oMn!-Gc5b-Th-0~1cV$U=-Pa={7T z#Bz7osj#Fhl7le1)*_(zALnYNU+X1+CN9hYNp^r6;?~WPnqa4>iVj&4)*AsGD?9xq zHVdPiw`(^H#eMvNf^#Pzvw()OC|G|sIdOq@V>SP*+P@TjqoE`ypHgK>TGkSq3Y!he z;Fep9jS^=Mg6UA;1{kI1_vRdk`J<2<_+y#^as!-*A&(SLiXj_ao`V}Du%izu?hNtF>X0W z=V@FKlR9>q!4*k5#|>zJp12nb_51?|f`63yqS)9snxJIyqCva&uoDI_U%XFi#mx%y z$Kn8t*flf-T>Zaa`=53IA}wCX4liU4-v^oI(_6gD{R2oX_tGmZ3zU7crk42Uyx%{! zr$KFp8me3mh^3?ez%%SPeFo4+1vKL#fHbr=E06cNhwxL8{^OnG{K0{-aU5zCZsBpf z6}9f7VSb4E+HZY3x+xdPDaOU_2QdgS&(s^LlX;E%3P$7Tn`LrP>9R+IWBQRKL5KK@ zkqQ=&Q^xZ34pv&$VK7+}_^RE(rFhrF@6J%h-X5JGqCpGP3dNIh<~lA=*UZ!W`~fPO z{rEsz2e~q;^Tg^(#3Xl66uOf8Qdrb)K>6RlLz~Qg{JVZ^Uy-;~MP}wLfJSAer?+L{ zu~R0Oqkm8r=5Q~wejL-)+PU0tK-oR9eOJWNDUk7Qd_+X|Nei%IBuD<8z6?M9)s?A# zku{|hKwy~@JlE7 zGq+H8ebY&9;{k+eDFZ?S4DR-(xkwT`uUWJ&95%cplcn?V?#o)Hg#)3;Xh7H3-|<}9 zGk<9+lLXhOkI~$sI}ol1eKSb79*CYg_!TH1U9pW8@K4juHcAyL{ip*Kp_3Sw?0o!|> zejEwMB{Cz!GOY?H#hk{Y7HlVN*`5~~)Cd{#0?(*$iFJe76#H&X#AL77-dY&c6DdB) z0Ofwp$|kD5(V*rFt$6n+Mq#Ffm&+wbe*X6f{tZY#TE=K!AlUy+Lsi6hN9CnQ(DAa; zI1-A3O)KqQ`u!d*J$x1SSC3OG1>^O&2ZL*Gl5kTXy<}lHpM87n_^(6y%gfsKU%8*}w~oEpNCI2N7%G&s1pu9@@n zX|NpxP`UzKOep_xK9oubznsC$A?~{7Nn-)^-U#hGA@+jw2Y0@Qn^Avr^DuRujYsA zfxM?qT?T?Y2We>?XoS#xc7ptb=GaNBWy%D}Kh8(4_UKv(F)U&f0tT z=qN7%`aCJ@X7pZN&HYgAUwi%xJp^U$TmUc$ljUT3yc)dv*xv6kItd-)I*Gar^hM=D z4nlLfjJB@CspIgp!(ER|r@tS@|8&kj{)Zfq%3U7A!ot$k)@D-m;y=n5aG8d5$fUn# zGdyj*Jm@qd>Xj9cQEJ+#7k#8r{8Agn11$i(j0KPbP$u{21M?`1%*;SpM8MZL>Yu}v z&U&Nav?W%mM$s<2T};p0Zvbf``^MmEUb(0;d@gnP-eko8Di8vIPL)FrdT!hwuFojy zC?9N#7QC?cs44FO_e1L863z1cOx!4?D(*g9x^=E1IZI>X(~TEj?BNZ>8zavDBHQ)5 zUzX->6YLxuUj$nJK^(rC)w%XqrYqH z$w`tQY|30-)=vN{9pl7`2n8?crdOM|&WW7LjB|55@t;=;%Jg3U|5P2jK2c6LJ}o91 z1_Yi9dwJMcPtOKyP?KQ*DCTQsmag93^i(cY_!+QgkvZyETK4nf*DC6=7nXW^dqp2M zD@S?UxN(D!MVt1%ZSQsXVa}kw0`#65i;v>W7daXoY|_-o`hh)pc%_v7rn0o54jgTD zr==Y@3qXPXQ3GVcy+G!X#NP@wBrx^H1Ed z0u&PN1!WeMsdJi-J!LIuh9aQB*5XKA5s||K=R=ds`iq5Hzbq)#H9x#J{m=&N6sG8M64KpcGFy58$*eJwc?xL| z^mFIcBpN&`fNM^|)UGH!nm^rH>EmdyXPeSK5+6R`&l33elYhTrYft>CM2rj0DR3`Q zN*EUR@ks7&y#na1-bO()+>G-O>cLC`e*C;6Orqw)dizj!srdNw;Tos}g0o zhX-Cnh!FU8bNGD5Cu1@rPq#u(Ugi-g(i#vk{gRSY*qQz+43uAbfDVlTUnHcG?b(6>Z~wx0s897U3B z9#VZ2(}PrlN6yEHeGog8a&FHN0-Fnf=nt$vZoE~EoT+a3ur6BP<4pKmO~!}t6O9+k z@3pI?{BhM~#uv5+XaD)YesdKgj0*=|p%06SnNAFkE``ds;BdH{M7YD0N0St(ESA%b(!%@TlV)4q4F*fGIl@>*=sS5IZqAaQqKYs zMMEagYu@YGMu8uXA=pD-;K7aBE!uv7xMk)zsCgGDy0wA@vX3JYGWH~D7FA0AQ`Wm^p zf>%oH@_Q>oSz9Hj{&{z5l$w(m7>2Bc3P*Qer^g;mUJvA-= z3mLuo4Q^M}hUEwTv_LChUjEtTvwJ^G8w|MI0p$+QF@fz2@p0De|uWp;Ad!)mQ!g1ZL^y|l7^#2LgkS6hT3qb1kHbc(0974S8MRpv{C>pk7UDC6x8Kt_zdymP z2-R0-u7>(jwvlM_Xo>+#kwlGeo*6nIXfBw1pmtObD`1w5jG}Yk8K8j3g0Kat$GiA2 zzQUhzpOymCn(#x4ZxCWq4eoVFv6~BqqERQHc+}i%N5zt{9p*Lv8qrYzxIqrv*jh(g zmd~aw#IWp~<&l@q3?3M4W%@F}0<+v8|u-D%OsoL^o*HFPa*FI^ktg6u#?{&5M z_E_D*Rbcwr`FpAXBoHsi!|hS#pHGoM{294#i5qZSp^aULd_<2W#0X{(z;enE)7Zj5 zu7VlR>&wP#+g)xK;JT@;SB@$}gkNDlAdxCbF2Xvpf&+Ggysq~=J+junKRGP!@z;pX zz6T{KN6f#3^$YTCNGF|YTfJ}k-!?0-R0VdHC8!uPv-!&IcV0LxOJ85MVK@Fw4XSSw z7>Mpdx=)m2F97rCv<&Hj^#s^%w1THp=_)2BBFl6EyymH5i1%k(#5X{g1k_ zA)RB}WQQ&-_}6}ce+4hi^}X<`WlqU1sQ^0FFoACIGuz^Gk!ZY#b4C^VVWMK9>mRNj zKUkiKj|p(Q@kkLA$HrwlN@P|6g0?kglf+a%+PgC8+653nA>$ZRf<%7S`ku)53;@io z@>jljf1m%%2Kw|wS$_k5j(M9QNz2${$yb4#_hPZu#(Va|nQDv-Zmeb@uX{J4W6duQ z6c1;vFg_lqhP^Hix-AQRHU@{3{yct+5J(`GXMqqDfF??)3yArAUAKDS7UY-q)&~SM9S%btvjp1eh%}d#VEiE<;D$nAY#$O9VSsT0jU{2 zRi!KjwUC)|t1!KGnb(*vIU54j|2V4TCg?m5jNJ-CpNo-hU;mq z{F4q$S;H`xf~1zjV_%j~4&`en6{yMsCoz@_V*z3au%k38ZmkWlExfETlQ(mvQU3S} zcQGAN61nDV3|eo#!UaG)mXO5eSFfU|-VGdh3S1Xr7t&W~a~)KX>3f66+}Nl<9E;j6 zuxrOi6^bBEo-HG{k*YHf~l8WQt+T}s{$x~8}m@h#pK^9N@ zV|ge$hvdg9rVG@Jfbu>8rwH0Su7{xbzbG7Nyoc=vHuzRv`#p5%54bZ?Iu*B^e3X%L9`t1}s2XDzj==r#r&zCdRct;U306%l%a!0HYq(GB_tU>SRd22eE13JD20 zXoQO&+>|ts46zD~1e^iZC=SczOcDd%RoxWRP`s0P&8zTdVOn-+CYYhufb&Q{6YAoO zQ)t%y$lI`m>yqSXfjhU*0vwEJp!Q-Tq3$sVE&(l|IK zSh1+gzB6W+K|vL)GQx(mg7EujTA{q2eQn&+T{9@AE;YEzljSs(w%-UQ743`N1FytB zn;meZ>2-I_Yn6lR2?;WweQdlCqYIs5fax-0k`jqR7@fDc;Z& zq=-j9d-BsrRU@+B3$?qd$Ud+se*C|4$6xua_D%<-o+e`O)-#jEQ46& z(CGT4_4OX7#y!C0bj;F;*TT52PtB7%u6TB!1${`=lM}~*N+8n|zmtg#Ay>F;7Mq(O zt&yita=?bgxE+&lkTgf5XopmHSK}{|LzH6+MV4y%_(yVtSL8^ttE62(=^krl#uA4r z-{RhhIBN+MV|3z{yKrV)yRB^AIuA* zKJM}ZgTAY^^+KbV*n;;Kasb*ls-c8|bU%unP7j8@wEWB;TA9ML-=iZ^AwE8KY}0NK>2KA- zErTf~JzY-DNpP(6u%claXKe`J@7*Mq`e!MKH5uh;OSn~Thbqpr@aSOP^Jhc{KEWap zgDwGMKH@p3zW6Nb_}ql2<&B>3L&bm%DO}E7Goz|TE^K9F?m;t z?*VJ=k2qGBN4||#9iN-$$jb}QGRT^#Qwit>5oNutQqa*XY2;<51sTiU8Ao~eoo`@`LenWyv zMn)}OnlZ(3!&%kj<^OF;GWt^OcvSqM_bWQ5a#JU|Q8%9*z7&WDSTs8yq`mb{8 zGg<^^mmmrRzlE*UT+M4p3+qw{Ki-isaC7UR1V5BfV4;ZjWYU3wZ_Qy8J$IaK`Ob}*3r`pV@$9_AmgHnv+kkwxIPtpB;3Jt ze*H>bEdTlk)#7Z$PE&tb%=OwQtb;ORQ8;hrGTTy3AYYi~StIwld}ieoZBs|n zNFhRoT*O2}=~8dl?S;)(F-QC;?u0nKp659b3>ScU(+Bix9*1yP+O#%vV<*MGd=4M9 zSzcJ`cv{6*oJg38DMUOaft@x(*!%S?dTmHZc|xNS$SSSdV-4sVWN9cnHQX!ShiSR? znn1qq!5#Yh-#Hk(&_g|OvEG907AoP%W?<0k3_g`Q(`FSv0e6Svho-_2wOC1Bp(|#w zQiOn|oGQnre?k(S;7s%C(P>tzOPL3ioWMOWJ%V2OYRE1~zX+yxSG?x)_#LwnS2wrC z=IqA5IUaEuV#X?&ctiB)3(wz?y{lw*uZ+2U6CN8mJUcoWl-G<7%pOi!dlcijfln#q zpcq}RV|hjqFjxm|RsMB{q_txuvlX%BWHyZuOlY4V|9omB4LMgXS|j@~#LIfRLloo* z_&tb{$86v#;g04%!fxlu;@(G{SxG!_cM+5Wo5|O+gPgx2KLpqdV#8-)N$=~rY9t9x z15s$n6(E73MY3Ok8%TOiX`;=gIoQ!57pE5KA$zd zkW)M`QU{7A>oK}=9Krem9na&@j6l1!^4H-{-wL7i}P*yoSqJX)J#N=fpaH znt=V^)t z67UJ}IZEWbE&IhoDG+l>Jv}+G2UfYNUH$8!-Su%4%1Bu;V(xmrcs&rGDFF!R0*R{K zR@i@=Tb@4nu4nT_ukAbw9ULf4fXuBQ{4%W@VdK8-8OKM+Hdy& zi<{00$D$kun`INEaY|x{q%dXJ0p9sT*RZz;9|b16&1n7ill)xrTbjgj6g#u!k{k;G zGSIo7z+Z-T3!Dw*&wVs7Sm_Uy*pwhn8K`5^6P z?&C%cVTNYCu7YB1z+*OdJu_wvHn424Y2Jtj{%&eJ1&l=JhGnqp|7Y$W@Xl>` zatIIIlz@e*g?w7vx`TyH<3u&P(PZH?du8WhE@Mfej1IlS-D{YG+MjxvByy|U;~UK5 z`6J(w%)nYAqZz^QS@E}-ePvpeS$8?;&zwZd=W-KgiGwD_3n(oz-%x}`^&&6hG@jv{ zy-uUpz^eEbDg?d9O>^4tfYEft$5I~&#P}B2s2y%lJO9}Gc@#I|PSZ`X21gn`D-udu zHwv%dGY+zkQvdAie}01b?c3XB;!d(tZN+K!W8d#CY*M&zDCNJnuWRrn29r|viJV6a z`2j?HGL(g`eObfC`v*@QY}xmQW98jU_4&RlAs1#juhq_@d=qLLzj4aB>8sPP zZLE`w+-yAHMDOo793Qug+q_uzy>X~0ei|Ihj`N-ZhH7A1^oJPiQHa?>D}*zMBreJ zhjya~82g-%AsTMV(W;D1Rmm*hPyQb`I*RVqhn3_Ctq(0+?NziT=gkpn6&e=&J2TtU z%6wO{)w^tO9=>J~EORsIBYYabK`+d&4ZMa!h(!(J%*8d9*N$Q8GEXANSh&oUfFA5N zz0DOmz{QNGI6Z8@TCS~&Lfr!XOf&=wI6;4OCLTe7H?hY_FMGg?Sb zUhrU{7;NjU*h%jGXj!h63c@F(_F|Z51WXFsXAr;(j-={uv(@lbt@Hd8`q&me;me)o z939N<-^z^f*x$oFh62~C;g#{*7Rwqv3}x=?F3i6S=y$|HzV{Z`Pk!7WLkyx6L6}2? z9F}1u4<3YY#*$QQB_<{^#^?0VHvu$5Xl7L&8Aprp5^dVK`3My$*}Lp7g9!*)k|#AW z>_|_Ui~RIzdBLBrnd;q2UIRfQhMRF5q8JPHXUYEhbY5D&rRR3WKZBN~s0UT`_@prV zo^vCkqv6qKW(SlxFIT{XUUyHZ*?FKs;r9+Af2hUOS3g1WV z#}N0fmW8UhenY-PA5GxVK>}+r&fupVupJlhpM}}_U=B(o7Gl^JFP?J?Pj{{1b)+dA z-An#wdx}`;Rv0l4y#HJ-S#Kqw+p8T|7nmbr{9*4!|DP!%&tTbZ_oWw2pRmjb;;1jP ziS0^aeLZj8Q~gLRm`S;iuPLIqYD*;Gut#K)!bW`zrRp~6>o?cA7`6DmFUhnV#d07~ zC#wYVScXIG^sYRf)`pK9B&S&@V#dE5dJWosX?#i<8E!E=0&2ng%T7D5Wbx)!^6i>9 z4rIz231K7QUyLrfl;3aQ)lvHGtj?ZY{SlzPRi1RQeKRqtK{;PE#PL+)yTeBN*LS4M zYz99hEC)T>9m>n2PrKMk_~zRFs$X)+PfMz{XVkIF(nj}z`+E&NxpB+3s%|Fi5E%)f z*17QL>-#7Q`X`NmsWn*;aUg_(fP-`c|JmRKG>yMt(Ff?%n$MG-%a=?gRUHT=>km(Fp)2Rl1edKW7ARO6wPOngnceMwQJOSmg3iI zm)-4kpbt0j9cxkUVDc{AxU+ab|Nk}X-~S>303DUlu}zy&&@oMAq+2vMJiD!I58iZdup(U#@+N$hFA%f%8&Bqd;ITP;kQJ%Y7N z47RxRiVS7Tmsr~}cH83Co4NJmkzwtMJ`(wqngL%hh0>pybHfWOc9h68aPFfF zHu4oN+(*q6cr9vSgMjKw&(8;tD4rrWfXHUOdLaodC3sYk-=CiX4(}FgyQ_^P&hb^= z0){k90peMQy-dR!JE&^i7A1C#v_lM71rr0mZmKYdWM(o+cB6DD{2!o|0Sk zI{jt-8wNMQsYlEe`>j|U&W3DmMb}#azKwaLCFc* zncbZ_TfM2L?xR$D zFR$l31@m?gd3X?4iqr$jYqWEBo8Ch~KOn8U0E-!Utel#NL5herFc)iZU;y|K;g$JdN;4Tov zN_Rtiw*&g`*C5@2Oe-CXYPkXE1j&h2BWDEV&of@@T#n50L@BU~o@145}SMoUWqo4bO z(zqggfI}$H`8n88-P{)610{P{AnBE`c^>T)7QI4*#-fOh7pSGgc;f3+cVWs1#3wAh zof27>GYLHJtIUY2>v5dVHAAy|uQ3;9s_CfZCl9^T zJbw!jg_U$XoanKYoJJ?u2sQl8+{fX71KIu;u#Z2o7GV!*v&N`e^keAG^1O~p0P!gRrO^MH@cYq7T`aGoDA1acZz+Dx z-XQD~!geLh*Q)$3vI>gLMQQb!7nS61+c zGhL9Or+RkPa%oUAGP}kiK{Bnbee+l9-#LLl<2vw(MHJc2w(y(vwLddvRzB?SbXzwZ zQO$b|rCVse51{?7!6cpfPH9cej+ZoSLo` z3&6I!XcdhNGjY$}c(W4ORvHkX*_DNg&{V#Kkj1KScgH(}chkdqWo1Q8M8tD*bF<#Y zRykt;C0F$(_q!mA;^~c(z>KIQ-dc zXNU-hc?3Z@1E3ifn(vZf!hwJdo(Wc|v!8+wZNo4;5xJG@ROSGJf>AQbPK3=odwJA8 zSp;qY=aYKBfOqZ635oBM?}gqp`pSF)OPtt7(HExB`vV{td3-$QpE4>cDG{F|XY>#j z2HmKyv9UF8ZVjvg21VO1a)hgHmT{`pvs^XBCE`^1nR@+75(Z}u5b|N`f{4dirc0Wr zTQj$0*VW7@JFeT^Olvd%ye1>o=j_HO=T_JU~ZUM$|F$$9i0P{;5A04J?ArURdSGaG=d78zK1HaSh1d>xTk} zHOuB{+07T5_jc`Qz*)9WU~wWMC_yFEapcFRsY*%ylJ(WQ8NX4IJNND>gXSV@Uyw+B z_V&KP!NF4;^z9L)0DdcQSHGp?O2$9EhW>VjdD896FUX@fsL?U*!?@tjchvOR*X9BG zDM~*)O(9ZhqCYcAvLW=tY;whhTRiXE=;$mUX{3I{ex&B4MVHL`bL;LWn7>HHdo}#3 z`Yl(^`+%R0uR1k)-g|-&#!B)DJz=)#>G1t8%~o^=NL|v8O6Zg1hzcxv_T2Lz)1p%# zzrckz1XtL&ypQ!Mx{bhPZ>pHp&XEJSHa|B)%$-vvNMG09lc z2974<-c$u`THMK*Y2jVhCPu962WG@-I4wUqkBmwKIa;#TgGxQG(34>lb7+{b2KTx~ zi8lU@dTP-sHWjb)y|tT{zv$RL^M1y_T=~wdJtfV%q1WV7%o)5z5HsN{y`>_Fw?|6+ zxs>LZ-Y^h9+9F`ttagto1Q6b-`>LvZFM_$<^4#sl*b`SqHX?{ygCP?P6P!`fu!6h+kRj=Q@%c9_c-D#R;X zSTy3zQg6ORo2>1ete<&`*pTLc590IR8~@j?0vpi_2ep&0GPyHgJUN$&3Qm@JN=`CU zG@L=j<1DJzsFhZ>>ADaadA~m_S>hq=8>!KOmhXE?sPO!%Wy`s8p|xWfy=Tq8ZP$sv z>kxDtjBP0#wD`7df(L&|e6fD>!N|cwc4uuO0H^uq8SZ9}NpVABQNUQ8L_Eq{2lhg; z#kfAHo#;NqD`pr=;#J1{Yfz#U)a7Sy7GPlb2eb}r%f$lXP~Q|@Q)iyI-QFTTmbtQr0=>fAX>NGKiq%ShBe3XEOm?325( zP<=i4hk6T;wlg1v8=yXc;7M0-$M1O{oUpv$sN&*cqZlVMGe%G{eJBY^HXv_8>oc+18viUolHcysrla5dbBLAPXa|8>hoTaSE z{L$t|y=sz+CaDv|Rpqsl4<&*UC9;%NWixpTxp7KdIwaT+!IsXkVp&&g#p*^bMrp0t zm8RxZY_3ujPJ|i}@+cv*R&~~&0z(JN1^w9-#2aAfXg$_4L5l<6CV*te3qHE`&Blrh zVueKIyTK#-oyia>z_<-Fe)w?g^K&8)z_dTX04-{fL=0QA025Oki3v3&<#ntEoje+4 zkYyXi+axPhxV)V zS8Bf=jtq}iC09NyQ~Sc>T#%V&WS<60z!CdPI6%xea3$MhKAQYduZ|V(FG0utSV@{N zWKek<2UJPf=lBV;K2L|3zqnQ%lEwIz$1~91e^*1m zKUB$PzFHYt!*s}NAa?YM0!fKbtUB)L_Mc0@ugjQFQ|ltJkI;zH{GS`{*@b`axh}v< z+_X4D5HR+0>FRNWOJ30AZRa4A>R?H!1 zIRDyZWFXdT)3!8#RimbagjzrU0PW}BQI-bb)?c+7&teaWg2<7o zS3Jl+eyXxRqo&NUFVcA!K5r#>tidH1kupn4oJxveZdjJ-V&7ymemPu0K zMv`|}p<;3NtCxDOnD(!yhn)Q@CbbY9kU+@e2Na_G5U<0D=S%ZVEaNmPo%&NJTGnp{ zFNyAXL>T^8Zg93XXvRE6a_Iibr>^mz|JF7`5QbJKiQOzapoI3qaXj-RFR|l;DqT9oF)N5BW9$;i8wV&q`VR#yQ@ zhFe~kMt`jx@f*G|y%7+G?>o^ZHFA=(lIPw&NGS=LE{7Q&uGbRWP2 z!yPAAH~}@wu%^YC_q5wTl6;2&g7|Bmd;bb3A*X4At_iaDQa0`aHkRveO>=Y@1L*We z0G;j#gCeVID;E6Uat{g3=%0pb%|yiLk+Kv>u#s(}{Xf`fN6ERZthj1qw6(C#Pn`NGW_v6wG-V74T_+Ky$#_tnCOf6%=y$#mPgtW$IMFsaZ z1B%3-#9ltWHo7nCWFgr#K71Ym@LazH2!*Zy4!kG;5j8KE>Hxu{`b=_N#k*bkS;jeM zOrhdO|4rG@j@!t=@3IFmG9>|gNmG|3!I{aasHa8AlUW`*NrJ#RoCxkpj@gdPvO)X! z|9)I{lE~mK+I;7X6WC!{8gX+rpi``qb#~Aew(Mzk0>I5YpX#T5>i$AO9)oh;7g?my zf=ylNB0IlY%Z*3CYVLI|RQ{6tEKJL`aO}5rI}2q}OIM=DL0cmiaNo*6x$$G*TvZ}^ zGF+A>YXMm>nMtO~`K-VCKZM}ki69#QW_3$0q!^7Q?McB-bDB+P^XLVo9Q{L&*rx`y z#iWrtu^xYWQ0k&LoEmh-DfY3rVxX=H0uFUnr~MATk`$nwH=o>&K+`kwIhICu@r%pt zeME&pp}YGq#{k9W%=pQmbA}ALVB^ITe}dDibE0s2t(EcMK&^&vlU?b_AZIWqiX(Bb z&dp(4DaA5ZU3deswn#x{wQWm`FUVDaRrkk+c#c$`%jfgSAb$o9(ER*D?u${R4XFHG z_NoLUn5p!+r?0aQnf=&|6!D{IZY*i|yD|d+ycCu6e5C{v#kn>QRorL*rMTyIHh%9vD^MQogB%Z~pOC@S6|BJ<3?!*XZjI`J!m-Mba#~c}kSVZrbrx&(vc*Sie zr!^xT!58d*KgW|4?>t?z02`b9P|bjQ zkgU6I)PSq;i?wwX9lm76hwm%4+?RQYK`@CkM$bCmx=o5KG*q+P;b|OdGrh0x3C$gt zX=Kkt*Jw{(W`D7HVMR3O=o5aTN~7nWs;XFE)bzk!265TQ*n6iB2pz;cSYG~t5IppV zNJzgnep6AtS9WfN`UZdbNDoP>vcJ6TOKXbh-PJ}CWBKE9M3-K_m2>w5%UD;bjv!~M z()g26-i>FK+w0OyY8i@VQmHJZQ#bRi`la&CyDE~oDnK*w@|A&&b%%93aS2t9t_v<* z{XOO8!HIIwiLD7QR~$dNZ7h!m2$M|KGLZ(!PV;2d3{5;dyj<-{V=m=48-u^9iZz~s z5M#G@3kx9ad-_VPN4Gv)|Cp|qWX5~CB=vQjb1d6$M%$O)|JoJ+(#Vq0iYtTCAip_} zs>h*}dXz;@-r~W>ys(ifF^-86RV(gerw@@x11$3IL>97dCgeNyD{kdH3|*!XFrlq$ zs_QxyAY|#jJ@uBTBmFMz62;>>-n+uiv#0aT+Y~D|3+|ASg_e{^OHL1z%86N(C{=Ix zW{tb&3vJoFsR&<+|Md$`w9(ICvh#L1_fj6d6%iaodgUiJFs+RCOshXLk%hS9E+D-SX$S0oQ_$2E*#KRgXh@v-Mf6DL5Z)q2h(5ETC+He+v0?Ito}GZ z{k>SMNq8j!iZpV1Y}vz64bfR$dM-<4oW9vhk~A*btd*O3`Ic>{bX)5SZ1R2-+?}>f zLP}G*tacwWbxIef@|woKkm|`NNOj`JRm$&>uCEtZ_S%h(-EdwGP3lOH4#tn1$;~1i zI95&l4)07S{OJj($T(xX5Bczi@2VKw;pQ^wOt2S>NfyTVaw9LY&Iwnipj8{&xs+*lafP}#2UiW9v9#2G<#$9TPq>buqg>mtd39%IE%KCSjZbWG&%|TvDwnL z_u+CoF6CUgDj_Gh^udbqhG@J*KMM^F&4Qmwo>3E*N8Dx%{MgI>pT(fQaQ@e%Xt%^@ z_pr3t%J4@6j3a+L5Y~XHjYl zc1h6eS%X~EW>9Ckj=6W(%IsiM?p9lfJ+KK28+Dt(;ol-30JN$?tt|P*tB&N7_vAl! z;gAhJFyB4Rh{>>?MA+a&P;)zt+89XPi9ZW$jda89a=Vm;YGFTg^J#ALGQG|9nBJ?DdM8vRdlu>O#ETwDhsKi5c_558UB z5f}^8vb9gpBb>Rui!n0qje2P7yL+_hB&Xx3V1nbWyzSFKD8NzPcP)M%ZP0O_@u86A zG}lgg0Zm?_@EhzU=TEo{i(O{?d#WOK<>(w?rtN)!zNYUetaMTInkAs zB+XjB_+he<*rdXsM%K{CXzW)VEBCRsLhHdy){52EQ}OQeUZV|@ej?MhOEx)hltiRV zIM=ls*X{;hrtL^pp!M?hj^Z5pQRS2GFwF;re}C0Yrdsuvpm;Zyr@P|BUvd~uC=0F) z6QRg~GUa^QAh*OOisZH)NUtO!l6mQ^ru|6uw1H(6>x~-?$wPal%<* zaFW}iIVZlRJ=YLF{98-BWd4IMQeMyADfSjv5?{CgQ;q!afy459_O0rB60E1mIaa#_ zIhSWQXxy89$p**AlcE*9evMdeXccuyuzGCef6|Tzap{75hpF$eMXNBJ6F6!2tGr+M zro%L;TpE;$#wz=dNq7uZ%QesRmo~^RE6MnoN46OM*ebK{GG1|jJC}F<D0vg7rYsf~jH4rxjbzAE24874 z#(@MvSJ~J&BdLOFR@qvnkwk-vkrB#tl=yg9;f!m>`Pa!qUDp+0t2+bq zn(trooCGIiK~|dnPS63^5cYM*rTxP7%mK|2+N_{$?c|E*ncw^o1C|7is$Sp4Q6O-N zU3Rm}I&%V&QEV;_@2*xZ1yL96xGzojj_OHU_Ls=S*Z8(f7Y-&SCz~vMJUvten=_b0 zek|F@%qcK$0xeTMzujqBet*SnYe~)M0xWBwD^kV$rx-zsKodFIKqP%v2CKwN0t|A@#ky523Sx6^vE@zeozOr%V zaSNdCUs^Q?NNFDO8jWtFk9JS(FI@>CsV?UC0;}scjFin?v4W*B88aQG}*!CyI<($h7q#`&bXGA2-Nj zC9-g2a?(7_pnkn?p((uL(xpo%a-C9L%Vn2L y+XHDq`4`dgjI2TS(@!5UvGmozf z-kBwy9<0=34&&}(%G!+P9qOGei>L93F!1)FC?7_lCj1rRIUau1@6}um8Evm_bR@WN zX*NJ$J(=1S>Ap0sWJAE8)^wVJJ8a|4yLS&~GIDCF1?Lu(b`)y-ckn%hm$q3W(&VBm zO6IF6@(t@qn00eM_tC~%(>8C81n*3K)mzpr2i59z%ePJetRmf6wt;_kw&K)ny?!HS z=+ynB_aim`rcN}89yz)~^8Fo51S%}B6MbXXxLWDj#)^WJRI1R{ zgRp^}G24VB=&}mj9ej-8UCC5qNnLYS<rhKrNj0}=0|J+?KnD%M{x zGi-{2`TUf)unq`0d36=$wg8A-khW~2-E-#CRlKV78eg&urpA_DA~}H+R6}?j?lD$@ znetip>7IP)9k+4ujx;qnP_fW?J=FN!t8DRTkL46HAxlbHtFpVqOsegZS>=o#9v;)Z zg-x3#Epc9CESA_6p#0ayy2-?Ol`P%HX_HEWo!gLGwhXs7LkT+=JS6xMBon&U7|L@;78JhFg^=(0UVaH?0jie=OPA-e}J- zSNl?3ZT7P&fPsTU`St79>rHRvLVirq$cBRYz6^ppeYO+rDHl0)9r2O`pbM?(M0>#Ev@e-6&~6>EVkb)LZBeIT6(Y6<%kEp&&CQp@ zI2@)fEGQZ;nNIb7^1|nY&0P#+Qj;|`H3hvWH&hBNp6PUy z0hUhr8tMx3`Vc|+&OoV=iJ;FGu&D|wuQ35M#R{&)poj9{7Pa~IoIg0L95UF&zPI5;)rJ9o4Ag_1ps5`lQujvfvznLE1cvtURVwItf|T=aWh4R&m{UE$NwZMNF7AJ22qB5 zoUktQo?G3#yanXIgAngw1gEY(f4=Jgolk0vxqbkVgR2gmoP24CJB_xc)Fm%+v+993 zPY*c2YtQBN`#|p8&7+bh!YCquE71G_hvHr6R;AB{#xEAnLP0|giK61PGqh7KweM2G zcIsG-<_ZXp2t6Kdm}ssj&q(-$n3kk*y4|JS*0x+ih!n7CzR3P{U06=Yv_kiti0zO7 ztpz^|i|n8W_fT0pskcV->=jzya<*nyU^5z>T@@n`N}kM|v@D$h3F?yh#Bh7J!HO`p z`(EH^QyUtfCZ)2Fh3Z;z8T>ZWan*_b2BHELs9u6pWIK9$EAj$T<2_ z$M;%S%5V?by8VI>K!jw@a>{;HHmwio5$(&>-|FGN<)`knpEHucYGJq zfwE9tk7-UV`IMZlE$a(0Oj%QL^wb`G1yS>p;|0Ce+{c=Px5sD!=^EvYf_~JE(;XXp z`KE0WO+pJF$QWl*h5U4VU8+}?&Qoz}!QpTe!w!kbK&}c?-smTT?%WaQ&FA!sU#kcv zd(5+VXS47tV2^2W z#UV;f23tW|Xws=}>%J;g*vEUTl11ABpCil337;KVR&)Z6`a(Rk`39imbQN!99*ldZ zgCk?bODq4JL8~HdhF8JCS;zW?&f@D1VCDlh~-Xi zku2Sknc6G}NUT2teR3EW88sm{rmDc_G)3x-c*$@>e6dU#mnns%sg|J+suBTYOv1u? zfc0Halm4L3w`f#2r@1ppRmcs4jt?5_S}|+fZHZ{%)9-7o5-aM}*2w(?@$|`)#l~Li z&@8#=?F^xao8rL6=6w2@-+qe0V`s;!PLH8^^IpK(f=5f;&WcCauOBB;wF)yc3LZ6O z=;ldGc4jCkK6vxMz#uR*Fu_T~n`cfZOggW0J|z&+_a5diZTkHA z3bR(hz2|qIzX%vihXOKND+4N9>q`v^+sw^nb%AOVKb{kGR}0!8J-tuU#FoyMNIyM6 z@OY8cDN8$A#5SwX!5c(G`SGWC-^E#zTFJ{=MS-}Zy;2kE*UCb^EpgEQ_OsLJ_Kt>h zD#!B$c9iyybegr+m3D`~L;$++^}IXrP-yiTKeH6KDstV-Ppf;f@{eogxr7}-XhMBX zQK~|yg749<_orhlx@|1A=S!~&tUfc^S!D--zEaMyF@fLt#NGyW(cN@M8HPs)iE{yY zARr0)lqJwUeRh`T{40~iR+weC{daBH?SRBo-5Y%s;_CaQ`2nJ+1FL~TNAYfXZ>dmo z*{fPyc8_1ea;8Joe(S?S0m`Kg(+kJL0-|jKWTSXu<%G9BYkyLJqxK^qROR;(BAixz z-$_h_)-nn?fN|}qnW4PLjKzQ>XhpE04>m<3nj6Aa?vxZd%Z{M9DRy|#UK99CG*dM5$Qeo=8+>rkmu}t<)lRK*h zIZ;l_8s+N~OlBRqBc_vXTMgXnWAOnh7kqVFof<8cfgK0t+4@z>sw3n^Jg3E&Ja1mp zP))$(xN%fR5VMxuNT5!8k%9r0fSo)rm%PZr2D9&r*}jWA9!3$n_|)eVU2`AY<1wMh zjEHs+AgHW!--9Dk$15%69b_{ZpZNg51^lSHt|21(-<$u344_X)K`iT??0X>LUI5qX z0G-B|Ctw7g6fz}FqxTzh3c5Eh^;bW-8;E&fyjbvf0mk+Y^J4OUzzswK;G;V3POzdth^$K@JKU$T{j)vyve`KW3d$uAcKC zf!b+NL2!O`Xkwte7xV@{ahf`AeQ9zMxJT^9Huf=V1j6<0{IeBlS(WRGDru^M4NIN9 zR!VEXh!@w*v!X`IT~?^e*L%!g1O#wrWq=1hKL%vT!qHH}GZ_=?ireT3#jUDK_vKa5m2+^R}j}WY$h5)rGwlS-3pt)hPH{ z#CFtK3GkkP7SeNmr5|T9FfcOh@%>9B#m4M)Talf4j-KOxG4#LwMYMo3ParYZ;ZX-e zHS=t`x^d2>dZ+5}erie3sKmzlcFi;_ANJP&{rm7VP;w*%q_F_gmtm(pMmM-WNN%2< z<&g94o*70}x}?&&9BCA@7FpPD*LjVI+Ev@uT{otNIxGghwUO*v{A6}?E3!z3C>kbP zrcpbZ*+?)m4g1dy02q`8sbFZLfKs~AT7H( zW?D;Wk_z|Uj6$>Fui*_{el8ztYHA!BtNn6HMh9G$T3@oJx@|aw@vj)O4{uHvUQJVo zmnc}UpbijBjS_VJuB(@g!#=4!R?R3I;{-5$-lwP%fk>Nd;MOfSl+o|bVoi=rG7Kj!+=}rPaMshK0eDm$HLlXn z;kY3OPmrK}k?i*(3Lrq)4eMYGG%TB)YyR=jg@p-xQ~T|~C@AL@(R;Ab)|?QCXO>$x zg2^_1i>6CLOAgfM||8GxMZ!Ab?aH|%PX70h}*JSXeiLcRZn zcj{Dou%4^cb{CJkR*^hw*<9S!@-^=;E=#kDWsHzf!J~>$E*YgH_xCppB+?{TW{k37 z#g9iC$qS2s%Z-&)_AAw0CtJjz#ur3Is6H5s%9hVpha34d32!KaD0@$ife*FE=1KO& zKHSe-0*Uvw?nno-bg1dMr+oeT0yGk7D+2y9@OAqi)i5mh$*80%Z+9VP*pD@U?$#W3 z-)%b5HI!Bc9ixFm#$n!hymVSbw>TKQBj>ih*aAZAfv;a@UQxSgom|y%4PHEg)15M197-lO9|!Sy|0NcG z$9et)fE>^LBh42hKKaJ(vS3|j!F;_&+Iokb{Q}<%2VVI$ZMIX*C1&+}8B=hMp9#M0 zo~pttN=4qKobXR8&wiHn4|U@fi6FYc2+4sAm;9ESc}XOMcje&eM`R?F^&PEX-)$&+ z68jgZc2mQ2fAo@VAcX5QO30;C|J|<`3?FWb&vUa`0MxlevB(u&bo*WGi&UVgh5o{& z0UD2ADJ0CA@5OxZwyBM2Vv@MA=L{-{aJd#85(&Kz;3yzXWbkFj{=d6 zRPEy2jE>>qhyA?HzGTT;3w_bUv$GzJz;m4>5aLkKDzxIvq7r~*&s3OCY0&E3Lkk+A zwPB?#Hrqts9m}$mbP$3ITW!A0p4`Xd+dQ6Cv8|bBEIB^>?Jdf@x@@K2B`dQm_hm-F zj>`yfL%7;m0jp=Ga%*!>F9VOe>%xy78n?~o;}n#X7Tz^#X{su-Web`8z4(5<#Y%;uqGCN~np#%ob0QkWx7B`@oKob? z?nZfDDZ-LChSm=8NE%U?gYskC`!{LW}OWE?tlQG8$h!?&+R_j^_Jf z_OshSk7&&L1k=0cu51^1qJFLS=Cd9?`ve4ujB5f6Yy|G_X&w?B!bWx6cTxZ84)^bS($k{2T>^*64XN0&tE-QQ?u|o3~o+Wd3fTU9f@> zV;TSD%b!Lvk~tk_`mO=*FWuHXm_B_Ji&(MJyo*K07WBC0PRfju?#MF_E;(`e%C&3X z=*?jUiXPMKtkwY>X74V7wj2ZBxolSHR(rbvmiLUFJe4nOItWbkfUp>dI~vX}w*&5DL4` z`ur4USJUd+sp?Ba!GS7YxtR*Tp(0Pb&o25>S#{}Hh1%lx^gkXToK(!=aLJwE`Y@Bm@FeHQB?pv4 zHL0KT_1fB4cfIA?Su#FX>v_js|8K|Df0TO1ZNeMGY|ox2w2eqSGoPSx-v*Q93S3Lv zhP|8I?DHdH96iHfM!O92wwL@EkIr7dU$uh6dR^6c9^fK3`Kp)8mlL{CL6USyeC zPmk05X1Lf-FH+{}H`{R!aAau`_Az)UX9z6I1Y1FG7{++_D6*|i%#az=pNamKuzEl| zUr3<+bK(c6a<>OY?o+g_qYl#c`&3~y0V`*reC^j7|2hyvyc=qrW{yh$>>*{T0_9&{w zpvYIROrqIO#ncR=d+7qSozAQ$^uW-JgjL}Yc=^U3oj^k<3qbJ2kKJQ1>z5NBTK{Am zjV)CgemUTM|nqo`jhIIRig zo+&OrR(UJ^+P}@GuwXv1uwbv7aO+%@y1*NRQaH-aF_{k^=IQB5!ghxPr>n!mx=!9F zOEj)$>%+)$D!ftMRLxjdbztSZQfu(C1pmQ;&~LtO;J}NQQ1V_Mi2gd>ohafXe2IkO z;^4m+p>G7eu&I^Y-AQ1h0F50w36oOWfOh-5okSQ07FO#Ovc0IR;3w!6w3@ISY{||@ z%f%_ARA}x~iDoTA7WwjW@1tKI=!D~A0#TM;8J+22yD4ILm;Ah!b{NAY`BywyI{e>j z4C2(Ehh0^n8#U5G+oN5YE}UT0b)p(zxTh2pWhHYEzEwg(L4Ypsvl8)=$s`*FT~UiUpj3x<2lT zj)Nb7lI4z7FXL!vjgr>cPS|qz7*}r^apa$o#>uz?Bu}ZRh-ejwkBeH&W8s%8d;%9c0Tv4zJ|&b_)J4eg@P9kdP^2m2e01z%^VQW z7+uYRGsaJbRjQN8a70Fj=dDBRg?Z??hDaZmh-!H~jwlG6k+LZ8j9#MxB7P@byi?Qx z2qQg1H2E&x@^4;%xS|KL-gGDhF+=AY4@_2&Yz%$@vFB&v{&O4W0}TVN zSZ!5>HlZs+CB75T)?jfX%u`+qe_(y}Y=3>lbCYk+IIOq%3l+q-_pUPi8OD ziT#FlCFMS<-q=STFiFgp>whM4;$J)bmEgZUtTi3I9!IXK{`jcYPh9MkpP$)bsIPtF z{OsJj_U21&Lix5=eH+OIxV)c-6f!cNgC)g~Xs-WKqzDRLl00BUDT-7Z-_byBGvs~^ zBJk>imoXs)@#25?$zO*G$?uR{gd|B9G)>s#&1L|bRh&}~Y&GpMzSgPT?;ktv@~c^( zUUB#KD5%Kcmz@!F(2|?_hQ2&_SDS;fr&S_KjRod?F^pVjCPCZtYg)ky8Jr!vTa%$!ilN0}0XM7pP-EI3P=zh;3_Vnp{Cr|*?JZW= zp$dP=Bf`{f{-2Q_p+1wQ7QsyDa&CY604V;Fm@drV{AHtLy%6To zST#_G?~sgF_1~h%4yfK}^wDc1e9#e9qpn{Hts}Ks!}q*goR_6@D%rc^KA;$Bs~ntr ziquRLI`<7AUAnW0BVhM1n9i6~nP=Ml4PAe2Fx~xO)k1Kh3cm)#`=nP7-HtT1D_tuf z`|-D^@L>W`88GF5K1cwF%3>mK6f7#hN>R@h!b-h3u)cz|bgo%ZC{y>?oXf_JtSa*U zO_(Uy*NIaJZajJNCsEHYZPcBH?z$ML@l^*DX4)^|vq#)<2%r)+`)?Vr4I}}V{!GxG z2@zjc-m&TX=ol{4Z}$g!@I$?ESU2xwLeIksVP7ZcaXJ{bQY!Q4H`Q~FG}7HA){ux6i8 zKts?tW5V*0gpvEb?UmoFxsALxvQK4;liJcrQT)9^0yGEgfWYUDLSL!DSP{Wo2^+Zm zz{^oi>?vV!CcvKM!kX{?d#fJMt#&^}g%22v!-B#tALEJpXWt z1?ZDWtb#1^k_BLjwzGrmdvRPh}ApSubq&xKSEQ3x){szSJgGpRg=iLwYObRV!vZU-Yay!YkjEc*}NJAmccecz{8@K%%OhK`Ygc1 z2~=!munqnLFA4y3d+iUk$PF))Nb0R;QV%1OVAV${gl)@M9HsO*E8q z)2mX4448Ds?yw|2Hn44};X%-!SD;Qu$gc)ibOV~h4;T}jMwxry#6qe{PG>yh!rCha znD4+dtpSoGAYYGAgQuOL0EhLQZOexqoDXB_%q@6rM2p-~6q50QuW$LX&g&n^FwEJ< z=!0iJnWk0Je+DYN_Vlb^v$80Rz0`=Om)N@`r!5 zFr03-#5~LX-Z9vnb^7a-FSI#Tad=U^%#)mlTUtqXi5WRn~AZnsUX7>#z^^l@q#m@%Z z0tdG>Ag1{op>b7)=A2!TCEM@Z(@x3_hK<>;$(OC;u zIH#V^4q)H@(I378iC}iZL3%I>v|=KC+E#RjjzO(8@SXaC`KIcYiVq$ugv0d4m$3d-w@(+6s` z?ZY37PMeD8002EBR`e>i*AT=(Y^?P=*V?IWQosS9tye&J@%~bPdE7`44Uw=M^7;xa z|A#8z+~0F8V|=E889H;HbXODggQHF@8t>js_$2v^v0IP4CH7qS8;kY9Jh7 zgYsgXF_x$|a$dl85lk`$QYs*~0&AiiW^wOXFZfrx5#a(Hn~m53)_@;Ly10eW9q=TSH53)0AFeH2gfGq_Kj)LG9qoFM9}r=9Mq3y{U^jcH#f~FTT8hY&g#9 zfTy?`-2_UCNfyy*s&5+$EzS-S}sTSeY^_31N*OYb)05UB`5iLg1_8beE-`A_$d3=QoBcX z^gcp;zguPCf``9%!1Hc_pMpq@Qwpeo3I2su+}lAbWEH+A5Rah#{3jj(bi@EdXzAi# z9$TF{NQUnnl`?B=fT4vU_Yta3ZC3oRHufWa2p_NqP1n9B+g zy8{bNoaQhmfsY2>ow$Q8CEb1Kv>cEKbD^5lvxsAB_|=ANr}GYY02W$~8ER8MHUTa8 zK0ZkpTn-2AOnCQJ!oBY0CuEe#m8iK6z!;U#2o0g&L*O$H-CQ7Uj~JVqoi#igvz`@L zpQ1Zl@U}vqR*WTEMj^s-I1D?Z1t?)ysSQo{gXNVzv}Uo`o|7 z?}Kq;#&Ng_S_F!31G531_xuM4T7mSuTgd=yt&Q-Y_yHM#LIf3I3do#nEOtMqaj?EgRs;pVI*4)LG+PuVGd{Jc0 zV1rKMD~{V^fsP7{g3UNf)I%adPB6y(52n16ask=tVevf#MF1vo>fIDx)<2@SiCMCP z-ySfn`6jMH;a$us$I|-oeQh+~3!sjl>cY$aQ^!vUITQ`}iT1GcRt z-B(pt&6R(POAyiYTcxi=t~%qhH5*7rlv}=CgIR;d2Yom0!mm*cODfQ@W5Lt$4 zyHKHRMia@;Bu05@ga}pVw?_CY_kgT)-GrEaL?(4%)s4CH*_lHJU)XE8bgf`1I3MQ8u&{r@Omr~Jx|pkZ2-jo%KbPR$I|n&4>VF5uU`SLN!R;J?n zy0VtHzU$COu#({~(botv&caSF5bS%TTMtrQkG^TBex9Qe(6%4QQs$^>rV;NTEny-EiKYgNrv8dQy{)B3`lz~kmWYS*>4nw;533DN|cml0$NlDd)(BM{S{R!`AiHm2U zfuo(95cybyvV#~kT05k@q`kWHU zdJe$}4(!htJn!@{)g$2Nt|bJ>Kr%`IrQ2=+JJ}}pNeRW%gmzj+&#W?zao6r6_FJ4IEcd zCUcbNUj_O?(SzUmPo;JBtzySvi8vJ!^C>n7#t_<$3D#nTCxSq76rJg<|IE;ZADhq) zn%@#4V2KN_r72DTk>2vw?GF8~`8(aqw><^RKI^_6KxI*VW-*0vc*MefzlyYWZ4Nb- z?mlLyZup^Nq7+RPVN&{r{Hthnzv)}qy5^q8mtdmvuz}?^=h2dUwqn329flDF^86LL z6d-uh*fw7bv12_GdVj4RdlmlNvFXN;;;h-PqZ&^xz6g}2kOEQ??C=B%M)`~a2gqEA zXdeY9lmMI%E7OJx5b6zq`t+77#fS9{IS?RoVUqnnGCxH;QnHikanj%>qMu-nW6uuu zY<)1Jih$ZZOD-CN`AR4$fmy_-0ib>75nnY_mbeC^R=ZL$+E$Rna;h$UcUd8)vgT2& zB}~0Uju}u-1gxrn=;p%)kGtujp);?$%9>&pycioRPWNuPT!Igis1I0g z1L|w7KSgi9w-LIj`Fz+Pe`!qT!M%TB zVD^^>=7i1D!y58>uwySE>CPQY8Y6T-4;*}7cK9$Z`aY)%j;f5XhX=NudG<&KG;01) z8)kqP^ciQ-10nCB*Ux19zZ8I~XDfP*Rl(>+Ky_}+TJ1OnXu4SA`{ijB1n~7cD11?S z(5;yv3jEG(&g3~Zkz$lEenBj>5y0IAmW#SeE7i!@i}jHAF*eHuUHWh%6TedeVvp9S)Ez;>VqZvVMYoNaYS z0Dd44wc-8~wTT7iG~U1Z#2Y?A?X^?_glbGBd`@%*ac{gx;Z>OQv5>`iqh>^Ke$p8{ z-%cU?mX0He-GS%v3@v3QZbwhZ7o=%sfLX;l!5;aeF3wrQ=P!T*o}VkzD;TxWK)v=Qeg9!r6t4r)Z@XlNjU?jlk;0Oh^ zETSh)NrvUFdpXH{h4<;|@*8hqyGYU8zTHC6e`t-52m%4-kwD;laX#USTE{>iv{<4p zuZptPCPX$s2^9lkZ1uCPzWs}$S3K{`$kboD4BW9RG|=nL-P)zqbP} zYf<&?c;Rf``80HRb@h~mK{s3D%)suYd{{9*U@h&<>M&$Vc=0`sOKB8S%y43C5y~bc zmS(AfD-p-ZAB|^nh?A*)K-v zd2-EGxjqKjFhi;!79{!rPjsm=#4~GVkAyX z2PI>8_T*ff1z8?yp7FQE)Z8E)+v&ox1})&tF{I%>@bM@y@}rUlG4((Yl*{i7yH5^+ za_0u^e+1j9HTwOTDh=(DHINs{@w%A-w!jr`-Gyho0*itJnAD(p4+UWWZOeCyvmx$y6UuFrAIK(f2@1Wv(CxVQ~lwNQb>1!SiUeUz1)pkW3cQJ=IBBy z4BqGEioRO1-?AuwZ}q#oqe3(u)=PUTbQ1UbsVi4XHM*JdPFJH^<1o;~u&d8NEZ_0Y zGy&_|&yU{4ST*f#x9hOI0`(OG6c$#est(7jBOqMc8DUx|jt$(Xw61u~t6TR|(!3w9 za~RcSS3HAQeQ=p`W4Xv;MllhkC7w+jKq=Y zptgRj;D>j+@_|bVfkUncpavDPzZn2RfqI5N-mUL?JYP5{l(s&+^?=4m0;ooIm#5a` zDBFq>Zo*<{5A{7Uqc+$|+a-$^DDOaCVT@*%ROe*}jmbG?Adi190Sm~#(>(Qv^<&fhUy5H3lW*#@++TEZV#Ls>Vpray zEcx(3((*Ky+|ppLNvDGBrzC*hTkn;kNIeov3HzYs5ZR^3W`>^D(XNs{50JBW**LANq3J}z7t>Z^jBa}C&;h|0B4^X zlQ|$#^&j<(Is*3tI4s^yXiNtZ2nug55UB7j1%V1bPMCw;`e3ql0J1{08F(20xrHL~ zp-PS~oW;x*bsk^0)MH%(AK35R{@yV;Jok_rEQ_~U=r^|gw_<>{;{r>&F{*}A>%o|{ zx@G#&&nMDYg^O%+6Zv{gmw_BkTE5+b7QrV!FyBmF3v zbU^6dZDENg&0fPZ9+zRboMQ+vDr7O-WwkzHW54sBu^MY)H4m#qDJOl71k)w7H&^mPSlU z%1BE~D>yL`lePdPM3y7uT5OlAwD1II@8wXjh^t zksgq?5(|iV{WH(d)20+`keHcX1BscRtZ3PLeCZ*(66vZz+*N>2*O-2sqO*%rUq;nU z(HQ9&nRIy_tpUPPoBd?*cLjP1_`h}ZVrVA%mz9w%lcbcxHa+H4z zmh@msO%}_gaoA(6OBKi6-eCX@%>fhJ;`KT8a_JYzLGcUPRb^^*6=h|b-n(~+ZxG)i zA|gUmW+S|cygn*B7z!_O*D5}Bp$y#53*@lFbn5Clvj>zfiiw@1G#-T-rIH*ka?rd{mMymzhxa+O!7{?r1%>?K~0 z0AW_$v&$bL-wf!KQpl~M9%a(F1hTo4sBErJCWgn&r&JXF>P07g0ax*s1f}iwG zp17uF^pED|)%E)i9;_(u^zB4KY+jRpE#JrX-fZ*EITY95wGen`qh0X2^k8KMAcL}J`C z-Hgxae_uMlQ*#s<~2ELfpdW(C9Q><9;jAgt|k0r$X9Risv^K8RHwff1s zw4+zwuhKiMIlpP*f?S^BKp)&I`qlPP)?ICV42?}cWETgnA?x@op2wJg?#r`D0bY$u zd+X^^3pd;dpH77m8bVp6MA~AJ%}|fs=WjU5<;Sz^M|%ppZYQ$nlPY)LWMu)B#Glo- z@o?#7r9m6c%C@i`EPr5yH}d$P{cSigQbdfA@j*a*fWN;S(8x;Yoy*)qm3$*md)&+w zG}~SBm}>sHL4LZk}k!rh%-KxyNZGrLafF*TgyVPSc6lUc^~9!Yz4jef*$*IG!)! zMLKJp=Cq&q&YRbVf+*OVC?YfGXFIg=N~l7vFKywQ1k2Y*EOarPoW&5(>it3VDFf(1 z_x5@C*y@sfq7uCggrPV!Nbw zZwdSBLLQ=BGDKbdfq#-_|6fS^9++o$v;AKR`pTB=(nm)vFORRuFklZ5J}$neOKLW^ zGW`~cS~nB?_G_;HI(TCW%U6dW@73&k2l=lp4|eLZ`Hi-KvfoDyJ*)Z ziSPW&^0})U&f!lsqhrUcC4uEiJvI zob}LxD3&x?+=Q71y&>-mg=S3KCk(q`p3sl`S?|$?id5<|gxL zs;jrWy~^}5wbE@$8bk;oXB(6#?=_9SI`Lp;WsLxHT;9HY+dF;c=jXR)Ww8>&N3~0C zdz%YR|B9d~9bZN^xLI_CKrCpB?J_1-{RxY^LxP&8fw>q9(jRB&PMbh&pG~XfL#}YF zMEwS`Gv_W0m?7ii4x+*9j>+mE05C+>0&1cbfQm-?WxTqCxlq&@-S|3=Z|TPc6cah>j8hB_5LL%+u0aL?emH)jESpuOg+^vo2{7*PK({~ z-pLNslhO0IX4IY@@(s&2_O>Y%@NNIKc9!wFjNHmJN7v+ZXQRq~PeV)YnRc89VmaG> zop*T2b$@f36ZEZy@>&hGkX&Vy&3=@WyC?<*11KciQv^M9j>Y|s5sY%6?|o7yB@nV4 z@#vV%@7sgA>q5iBiDQhw@WA=8b`Fxg=~58@k={mrgM^C?Rfu6&I8^5JG%81`vq4gd zQbp+g5U28vYdS6u=k42|ZU|1)+WGjn&03%KrhgFq!AVP-CfFlPPyd6-cL4|#!jF52 z8~;n?ZK&9dkO&~)c-(Hk>uT23D=IZ~v z5Ym>GF;-CTR@&K{V$e@b>By-Lq z%x?cu`9-kG2icsE&Kn#cXHoFHF(iRg!uXS_my!RquDaGkN{MeE@H3AXlW9ApPAc0gN%)Gy?-9eK6(>0lnLhjAd?c5_Z^v<sy&ap#L4e&=`AP5 zyJ>=9^GOcWDzG|#2ZDQ;+g)UNy9^)MLA`E616W(s*b`#1>Na(qh=>+Qh7(&%Jj|Al zaMWvFXnMA2YNWcFnr0kw^;CcP@;KzCP!pDg9T{Zg@d>v+1Lf6-#)rcI{TnDVa5b+U z{{OoglE*P+TB2egAoxk+YTTU&~K#}5KA3s^3#7OvB z&e5y=;^cKRWx=!ss&IQ4tbx%}^&`YyUyZx7ibNgLqr^~SsemC|PB7$vY%V;Iv+%SA zGMiRKbsPjDhpG4uEbQ!2Oet;;H!6>9o(<%LvFaK@b)0r@>VJ{2GSG3C4sB9g;ZXtz zNdk#T)`$XYIUp1Qa2U>-kcYx4^5`LQexLnDJ5+jP>T=r%pL8a;6kpWiAu#PSc!#UO zrMu)Z)8^MeY6hPa(7Q*B(ql&%SS5a)`hMUK2}Ax+xFB?8!x(E*Sj)DBlLSFfxO(lD z(E%{TiT@a4d0>c(b}~S{RdH7R*XQnYJDCZ43pm^r3*;qMCO`%#9G?6)FyiBL1mbLb z({aV;n}bho6&pP-XKQO2w7RlBYH$g}f5@CkQHc;x)#`k)lXbhI?YFDe*OEvoim4aj z(z{=j+6eMPzaQ~czVz%^dQZ<^n=U_m{bv66_KN4@SyG)c@2S{9lVfxim_s@teE04r zxA^{xo!s2q^X)~o;X>X!2`hKIMb4@fu8SFfR7Vg;H$=hIN51F0Zt2O+!T4aT%trsF zror%aM+y5b+LB`bP z!ds|t{BMv6e#?TE4}6wsXo7{1aH|G#{I2tVCj36oKvomUsS?tOt$C^@8uUcZS)fmR{E z#oN%<4F(zsFx-D|`G$+8A}EIJg&*k#F~6QNy{*T7I@M5?_A5Z(x0h{~xN2>r(5CpU z8l*CziiUcCkEi(MQ|{VbzYMXA_3fEwz!M$W%1S-|?`&j4J#qAPN$Sr(?tX$+u+*=j z%x%#$7ra>Ou_R<}muPz+_a1@}08)DP7%a;10z1#{%R9c`GO==Jhn`$4@xWJS6=SqO z1q4gZU;D?}LZ6!tRk`h%jzA^+fb3qxkBd2ENDJC~^RE1>=J*2o0^t^YkDi9|;kq=l zSV^zl-A}U%?X7+20-^`R4a2W_Rv3F16}g3{l6=8Tpa=%}Xjx;GFdnNhb$jQvP|$i@ zx%CP!!*yq2P%WA2X)PGFd9NZ*r40jEyt|ElkuZQKU2mE|-joeAL|y_c`UHEAgiY#skIEJEH{+KLAa9 zK4LC3CTW4cko?$(erPTxA;0HUg0%b(P=FcykhqZ?Np_888Kn&3jr zbFMuHI~WSkTz%#cUquw_6F&C!U$vJ;s=ogwGS;dr*?G~OCLfhpu4hJ5f>p}HpC<`( zrmek~6#cID(VGvvWH$Jn6S?3uHsiue141ev0&1AQ{l0l6*x6ZGMJ0^waj`f^gl3pD zhj1bN2H#5&^3!;3{ZYeYEm&iu=*{Bhk?ny;DShybuBki44lh zE|LZbmFi@ZTpzgxghk&dJ1|XR0!<^AtylmETd#zE>Nd;f`KAh@s$CXJ({voafzuUA z#{v2n|2S8ASBu@LGwLdx#O^?`Y2YDF9w+oVd?2_H^@I|zt`R55sMK^tfMgFSddjO< zXpMOtr#o9bk|_i9x%-c1REfYpN`?{Y+>s9Wrir=}>aZZYX;6~^ z25f9EB-pko@=d;Mii9)^8fV@1yUSEOvWWe4RxqL=3PPLg6%)UfoxVWHp&s;UPJ>$s z6}Ck~OXGCyVs+YEJ*g%Rw`LNCKYQMk!Z>K7De2ODOS_sOARjug0o<3XNT7ICq=H}^Zm|E1B7Fg0ykBRIV$KJdj4-IMdW_c`H+ zuM?lhP6{+j@b!H81J%#jzWy_$YxbXxz-PFCeoFTEGtf2p?Y(#e4?*@7oA=<1w)hrG z5%FSF6Fn`=%7Y6avSg3Kf-Uy0;09jZ%llyG>}NsvPc6hf{vq9qSv3dAL3JngIQaO{ zXUI)&u4jE2D<3sNUA??&Bcr2%Z}bph;f)9Y{5eM-+HuSR(-VaSjthj>| z#uh~&+^oQd@lL*NZu3k(qsV%SUlY}eYr@F!DgJ_OV%gZ+PlnJ12%TSu&|)JSbU}ka z|8VaTQ(O~rC_TYQnJ;wgAdr>J@)-5-#lnP-?Tmxlke|m)eQU7-eK&U)Rp^5 z`StUkB~{_VekTI}mYpeu?MZ^(Q#?INJo&)4x3#wO>BY7C%arOGj*|5L@4 z?DxN_xbUxzBt|iSB?$IgTVXm;c{Dq_pLu}KV)^*BxI=?FDw)Htm|9&enS5;Id#X=j z=`{%21{ql>nJDnKnzSjXIp8SD9yW?{Hc}9;#i4|qdy@j{NP!HU6Hx}i*gXA5xLZZB zegnj{7sinFP!hME1KUcSeL}v%59>}w*GF!&k zOU@F_O%RvuHL$a=goD}oKvN8nQ46~$n|B;Oeh@;*oFw?0)}S!Z9wc}%B6n?<%?`JIawzH;7;t1}W)hQ=FZVf`Q&-#llpOu?EMns2Y_Qj4Zq?$< zuwuz|^lTiLF_6z4s?D50*4{tc+Ni8@$Df+SETx@^huF7lutO+bbO|xK<(9N+t_KRz z7f=Q+ZZp}zOlCv04trpyIwL?!WK&d{}|w=J)QZ z@zvKKvmOFHecpBrcmPlp`T=6;PyZE57ryqmT2u?bnW56e@q*wWP^2cMaz3=6o)^vV zQhZhURaAof5NfUQwk#!uL{iCj_CCXQTeJMj7Y**2E%h7E*R*eIyycwY7djttkh<~r zh=UVe8ct57+OyLD!I;2zA>k?dPH~h1_R@t({3?RZk0R=74qs7KnYC+H&JXF%`(mBm zCQJ0Ltt;29>54J*WC*~g%5|7TyVw;rFfgEF$O__Hn0RCl&CRn4vvr4UxWEKmU=QR9 zUXYNGlsK+x3fRx(fFbm5O~Xot%KoYzyS?7sI%i*Am@wSCSB_W(!*jwj+oM~-$Sebcb zgVn`@(kBua9rQCrd|iDOUBY`{%|qM!_855yFW;AIBPv}2*>#_7r>7JuWcCc2f~(Zu zyuVIcS9c~Fv+q1!WE+ztl#UB1CnJQSmTVGV3CVPN8u z(J8ZLSYBT4D>9ts<|q;u8KVDpd+8xm{pNkU6znsC-bYHB z1A5Lr2Uf`M;HDhkajapp|-i%t**7C`7jW^_PzB zv&7ijoOQd-%*@PT0n~9HrehK9hNqJ61;9wz_M++!4VAW)N9HNfd#mHNG0(?KGM1l7 zh+Fn1*w%g=qEK|+m|%D>_WR3}14yXd%qn(mC%suLI3E^}>3w$UR#a-y9X4#>4ux9p zVuE+3+Jo!6z}KUE9h zVGo-ZoPgk+dy7^3|9gPH|o6w%_nU+fevfW)*}HpI4ih zltc&Snn%2Q7g6G{_=uT}E%NXSzpH5*osDPe8(=NUzQ9q$WRQr~qHnJG01-_GBC6J%l;yqU>+$=D@@>v867y#kg^U0)n zu1jb$d@Yd@ITnZTsn5@6^PHqU-Et=veyW_rXEbU$^@}_uZUDg%xnu4sp2z7P$!R!0#V! zA&r$*j{1s?8|DDh3a(;Jf88!6rMPDu+Dzpw38MZ*$Ek=)9FpY1`imb#cWYOE z0s&VK))H}FNw8h=ZqGk*S^Lz?AS9%Fx>r;YG=&I~0wJ(niSxdj_ZZO@8{xLVtd?Fi z-=H(i;`ImFye$4p_fQRHe}}VXOaLVEynNnYggqi*)QZqk;f&8~27^t^OjFc_BJW>8 zfz4P0AoKmyL=-SyhQ|LZJ&uDS7j_xqg8?M>LIT6{x>jj%K81z6EOzJxqMW}y=6o1i zeYU3~prWJ6nF0@JVwn)`A#lF9*+u&Fbi8V_mv)vw>?Bl4UJVWVmc;g0UeQ2Rh?~j! zUW9Fr36=MnQeS~CAF^&RK~>{%Z{}>%aw_foR!gMJ{BT{ZViz^{g8)+G;^eb!FzByM zO-Ym%3`;I_NXq4_FmUJ`v|nYfNOa_sk7f(QqVkZf3)}ByR?GDZ9V%!K1=F6TZ_&}s zi)~gHG|c4fXTR#R>dHIVO>v%|jpGK0%6L0lhPuF@XoYh2*RMG+D8El)jh7lsBH48^ zwZ}tw0&yue?~d?DTOyg?uWZWmO&zl0;NlX`r`N`OByc%ABGHQ7z~_<*Ew4h3lEpr_ z*lD$I=GeqCA%UzB_s8l=WIsatyB6T+lc>8El{r6_)_(hAj7T`-AaS;}t3-_S6L(PB zq%9-}0{D#XPSyTt?(Vk~g-N8BP1Nw}3NB9ypKUUTjr7}(Kd)#T)Y8`o{@vGJ)DlF_ zJ;&KCtaej5+h9}8At!W;N~CYKn!KAd-U~4^Y%0E8ucj;mW5lP2s-}D*dWR-JK zG8lKX=}m3?zzX+|O$-)`BM{jwKKbHNc>;!2ny!t==VmAV{@qMWLe5NP=<(@Pq!bJz zJ~|M#DRR*j1T0F|#_J4E_lDE~ zV0z1O8=$fQEY-=QglXCI2f@4DniFp0Mf2})uFieO^)XHA5-$7C{Oi+(MH2-DB6WSTr#>ZN^`vXjTX&sT!udc)9z6Gji zL7B82Hq_|zH+qG98BP#qIQEabkNRVAE!fR1G#9`-?nt}%@;Un=k);h%DihUk)(?SQ zs2C7(d6Ynm{{V+I0!re9kQ|zxUTU3qAud=U7v3JAafxQ9_`Ofj6o1}pu9E$>M25I4 zPxfS=bAYxcE4#!Ztm{`~$BK>p=;`TY^E3-~qaP8-vT$%jCkZ*XrF*+6fMInloHjX^ zi8d!H9UNsVaB*5%T0()Mel}W?xw|r|_Wk?!TzPd{evP^TUI2tjTz(Tj8?H_A>R(zW zNcUY(n|70*@^p@`Mzpo}fn{`V0uBxidDADkmvTiEzWiE5C{}<;o`y-oH(VnMzD|2N z&MK;cQk~5@z5>lo%f9=8q^(i}VjnK{YWP&T4e;4&*!AsnBQ+4a%jwNpNwagSMZ>-% zER;1XR~lDV9WmqccmeulT-oe>K3*0*-N(d-@i-VyyQGnkG9;CCY3Z@HF(h9nNZOJHgRO!w=daU9j_QV;2ex7 zx0z(o|N64`=Q4o{_Pw^5P{~S=knCD`gX<#M?uj`73FN>=jp*o^Mf=LHibEA-Fqg)S;g&HmROX z7bfAiGuWGUwGz+?9bnl%Y6)rs%mOhotdYK3P_-bfI$> ze4zMCFc3`{n$GeF^0KR0w`Q}Fwx2u3x;l^x-QE&&UYo>?yW;y0=(EbJ|5jz-#feZC zPsF1HFmerY(6^M0mfzgmMy{x(E$HjCyLwukUC0UOcQ{Y=Vka^x?_i}462#^DL~Q+q z{VY88FA~Uq@CnAuMemfCmv`KXbo0}fmVS-@Th%sK2pQ~nFDn&Qxygx5DWJ&)W@tRb z4V0fpO>P=P3p9BAiW&X(Ogmp!Zpi{$S7gw-J4OChxbL&@$Omowxt zM7oyAg9%oa3;LMpO7T3ugIt3#XmSG8XtDc^)ic&^o?c;n?wKC{sFB6eA5GlMYaZef&p$jn_!jB+|K~k&b+SQhPH}P zVkf`Rmch2olb;85MFy)N{Q=T}l{(?sw zV>whP=;WnVN8-`jll4vS828Oe87!)S1Ld>{;Mu&+5#L@~dJ1~i(;p-;5r}U2c-a&o zz5~zb7FZ4xJu_qUHaK|D_#SYC1@AmUCcCM7PJ1qIdPi8CZs+It*pTGxtd)8bk)&>Q zd)LyQCES$?P?Q0ce+0!}X7|U#1sOuUN6^ExiZFJ7bQkb04#lhtft_Ug{&YFe{Z@=ZxhZ zJsLVz7CAg3Gq^UGH#_@lF5@q+PCZPTk2D$a1cQMZGsz|D7Rm+&g$-32{9&Ntlt6Sh zG~cjJ!rV(Z9pMRt^H=YV7H9g#_Gs@EtbTHOazuQSgdxR)OU;|V{i>2EvvFEl zU%sn@im$&^0Db{CTkpeZ`O(!;OgONPkcqm0^gER}v(v2j{n>luexT@KzuXN^QKP}( zRm(T8@)j8@kO(IvBGt_xJ2`vM<7D|$^X_z>M$Q*R4{JIB$USPL6%|#Vs3uV#W+dn3 z49_qIQFA&^9Z}T0^xQe!3Fh0iN?7r`1cE>MB3@H`(@TrD_$EC9Pfkyd_X3!5W%Paj zAKuF(~jVb2?IJ?nkH zXYXJ8_|}hgfZTCi^BVJF80Z85+)}M}9ft(koaXh+nu4rlMJQ zxb4(4>GVLpox`~en_EJ)0q#e`qnK&hqPdxUwVIH+b)S61xSaaIA%L2$S|e@K!`h*I z;hvBqueSSSo~oU4TNlmf=@ZLtv;i>^HN8fqx0VA29@HKtD>-6_4t)5j;$i)DT zV7&rk)vgG{n%0s3<7IBZ6{*+S+jH)TVlS8U9+xDyZI@Vfw=(zV2L_O0wEU}FvEg?| z6esI5Az=0+wRJ6fDNhRIP{{tsI&{66Whe-)9Iz^3#N64}{99`oNuPn!9Eu4N*&3ie z&hoa`o+qwqnQex9IjvMdw&#c{q>BX|e)B2doJnNA-b!=+gOuw)L!EE|<+Y(8sfh`g zlIeOWI)dTR(|9^f^(mY(+W z0FZ+I_Rkiw$7vEvspRiX$cBEV4vKrNdk&NaKmSqsxgYY5zjt){Dq&{SI)PtafqJJ` zgYp86te`wMcvr5{$wAh1WbBkkuy$)P&-=;SY*^8Ps&zAfJq4G0;a+_j$`miwcl1vt zFLN`xdQN`!0VbvOPsn!l&SFt( za>TXUG1EZ3*EP?IypB%IyCQc1GpH zN=u#(4%VvC%&Qa;`=qObWXA|!WLCLw=wlGKzlvdbZaZJfQ=u8EB0LK9gsp0qa4Xld z=^Sm!kyBpF$P715t*16wE14YmBViftAC0cwNkUMmsjXsUx1%9jQm68$ZGt{GeuID7c*|O{`$w8 zf9&>J@HPahU5^MW!RQIccd5uMN|3X(@GH9O^OO3eyevgWIk91WED|irtY^>cPNwRI zuW?hi%Rz)Tc&!n@1;(g;I2Qsnuv7JXo6qiC&TROh6QT3_06X=1wdGZmp}L=!{rA0i zBq@9EXJ3)3ABcLtzP=~ITBn_Htc8P|-?Y4a4Iw+cFO-G;gpl9$kf8ivBu`_hr+WJ{ zAiwsDI~gPQfW*VjE(Foq4Ztdx@XC31c>SjuW%X%3|HD}_!tWK;Qnn0oxfSNN&PdyG zlX(~kxX#ug=AWYWQ@EZ86~a58=zFYqtug*7lr$>-{HL9B#b(<4xF^xg%lYSZZWm`f zhu%e5o(_CgJR12<*4vIR?ZgRqn)T`AV?_qyX*P3B*(j#K|!2TjwsuK|ro7t7b&|_hP&rN5g9hGI#gSN6#;$?iPkiCmeu5rP1b{J?bE?Fx< zwPPPfz>3RmKIENYEHRwN;Iq7cm0i<2Ua3ekl&!2-d%x176-_#kM`r2?GaDGvG_5hn z<1{!UMo}9Ub#le1RrfKBgn!sA>MNbHf&sd_=+}sZGcJUZ2l%yhrYsR0xqjQ%JhD~_ zyrw_#FrU0k5m<;^d3~mBWi!zo&pB*tYlo#;Y5R3jcWNAW!1=KuStU|X4Ws#F=A-cv zQ_E7a%Cmr)I#!Q2_zLwt_2znJOvwlyin~N5W>bV{Fx|w%NtZVbr4WtKBY;~FS*}4D_93hDSGI7h5m>LJ{nk|0(P8Gg z52QFrr2-zmn?hl+Q|=)=6@o#Q^S=F2*AND94la(|oVWkv9SKh_(p~&r$TX0gTQY7+ z;r4X`9!Tea+@qD2X_6-uaL*Jmt&oTQ#oHEv@#3tJ(o6|Q0E~yEcciG$BqxVau!AA| z`+<3|oZEseAG9(sDAln`vNeSuOq>P}xGtL19P*lqk7KsXb@Y|6cluR!8*(Fu1^R@wMu{KRaYV}dI%oFi}j&oUs*V7 z%*8s_Zo*uRYH_WH!~O5~wX_}&)7;t}V{XOnW) zr`K$Ib?L%RO~A{E?2iYdqQ%w8W8fmr?{!6NzueUlmdHEoR%%xqVALHqKk-4J8{fB3pQMNqLXf=K(^J1%~A)i}k zHy?h(8I8|xW*7mH?C#V_xfh5|WM*Z*J4X#T?xEiHhDvqa~&$)5`nNMagBO5!mj$qet%`GG4OuF@or8 z13y@I2I@p5UOu?Y{z^C0D-E-aIj&URlOgw^L1Tqc>k*}^gLDk@^kqas^RW4lP;J#w zADEMIWKUrJB~!l0rqMm5vSVz2sXGKTkbvj)5-=f#aoc#f5wujJ0aAgJ|01*#BU>3y)Rhs{nJcAq*|Ov;}ZKE$U=O2sweW|Beo=jpJC?_ z;`Aj1!eV}GLCo(eJ@qAfwHzddLU7juWrQu$4Sv1HYMr;A_nup{8>B>%zCMa}6h5Zp z)NwuA|A9<_&gFz8jDDFES2IezMMYlvraNx=7>uKq<7D{~Ps3q4E?w*Sm0ZBwXW1Q9 z?~5^8Pctq|+NkgdXI&2~lK(M(>xZwjX)ixL#^*7#39eTMs|H8~-}~rf`e#3X;BsOl zZ7v0X0SWWbj^@J`YU*&^es1BVE+J9t=`B8R-AfSlGg6fX8Q;Emc1yxdH*@t?D_5`A zofn1aCt_|#n|gKcje-j;gnZ;~(27cr#Nm3><+&f+eKg&kNtboR(*49>T4mZC@4bd( z$Z3*bc)nJ3Rxd0T&FhbAgX!7VsAhxvS}13)Uu5)X^`%KTD-{5KN(FEXzV2R44r%ln zP{^{b>aTToHaLi4Sa*B;ytTn+xjs)P93%~MMhn6JhtD?}oUk9Lz~=hRnN@PD0g#e} zg*kX?moEF^RRAmR+RM!-SUtK1=7YkcmHub{!Y1gC9W4B0*d{S@}H4siH8!tjPBXj?=(}+ z$*%ulSPX>Ru(f!Mn*IVFu9W)zvXFMCrF9&7ojMT&*dNld1H>kb!t0G%W3(5qQqI8e zL>9Bf2Pm9pynWaoY#`^3Z06IjmJ?;dV8)8&KELNBm+Q$|$nn-hs%NdM@V0qXMX8X_ z<IlVZ`St+?Z+t-_{D9V0+mQDn@NOeEkUxom>@qX{?#Qu66L8Z*y zvlSl+bA|_CT3fYAU*RJ@UZ)pRRU^#>e#mU-#M#+Dm>7IY^qn?F7;rK%Y$6M5vxl?O zz{GWv!K%_TioNTFUP0Tl{kLx&=9&<|Fe~yEizQlR`ET!RAL94Td=t#`Stb*_GDmw- z@4Q3$%k5gnYwp+k$QUj?KD)&>y=|2+=gm{w1U?sqywvb;^ea#kiivD8?u+~#)fAG4 zz$ux$KqK9d?6ut*)g3=X@g`q0fZKj0+xy^&Shq}gY@4kli*f9YCNVLLpt{WBDw8}mNerED!4 z(t7b?dUsq-Z{iZQFHEZy1L!fTD4`gflm$6Q-6*o$$Qb3>7s#5NwcYzB1|&87-@Phf z2Arv+vRlsxo1XTXBm^d=OsLtlwN2;x04qu zz*>Af9mil09adVG(J6F*Axp_&6XD&z5&wpIMEJxj(Kya0cWJIUXjo=^$)2oI@?z+j z_RCN62Pc_}#r1&Uo!_o?JB6G~trrVbo>?{Y2Eiurs@IuQP^>HH_+Iq10uy5~JH-D; z!b%u`f>(A{jhk-U<}6A$R1glBk5t>p^z{oIJGhTv9$ZfE2ri>$O5pWkJC?)YravB& zc8YpwcBVq*&j7!X8T7I=?@tJ-_d{!{5{M9<&LaDG>n&G4e&=I|I_~xf`L3>?$Z=BZ~S!Ul1;vz-K``Vb8eCi<<(ineyTz4H_`0_mwx-cRjr0Y zs@0R7nFWxlrXAAcK;pRGy{bj#T@i*nD;J2a4TN*L$$Ch!^FC zFB=!^62RQt%#`UyKg3jrHHA0mQyJDeIE>X-K(VqwaYP4$3v!T6AUaUG04L0TF&Gm# zduVEn<3NXZ=6TS~xeOftOOTIHEpz8S-ntMy>i=$Qz-Bry7E^zifP-*_WiuR5oXgsn zY=@~!uE#w+J*~>@MG7Lykf=QM1zP3q}~63{j6){tsnB3hOw%ks-QINNRkTl z2UWp`>U{UcGz33BZss|4p(?E*jTqTJ^-TOYfz2^pmi>O-#xVxY&TM7lI(7GQf8KR~Xvncg;SbhMO7c zi?f(LX_4NsMyT6M-88Ra$)8LqP-yuO2iFa@P{I0f@S|pVzP?aT=;5+I*8N?AL78P3*6wQsFJ>^8Hr$PIOi z8c2Oajq^oClHMA`RPukGRM`P>-{=Lht^5BD@MbMQfXAy515vz<!JuY#lcyk3bOYU<@SM3PCm{I!Y-%2i-IFVP?bkBMs-$9NO zr2;{WfsN=`^&;-Rt-trPOwB75-%cv`j^<`jNF?(CaA&i;0P6X3TtI_O3{QmVx@+$M zjj*}3PR>jn9=w4kp+uf6583R2H|4gohmt$#0YX3zvRuvicP#yd(pK+Ygc4IX(Kw?T z|LqHq|KKHX052~GEpSG#hH#bcWtASQ!*;)|KPKUs2QaQ$Yxd)um*u-mlLN2g_BX39 ztiTC!EKZm$i(m}=>Otj@strMWs+5TVqMKteXFH!9e>@yU&9TdOHV{%ChX){zGeJxJ ziUtUVnR+j>?l?{fP#RO@G2yh>7CZR3Z;}n8a?A@L*n1xa`>?SHy#E>`zpU zMFd!Ze#zGpa$zuwE(qp6KgZ`XVRm1UnRvEF5cdroTrNsRMz9*A4Zm5}N~}8SDt*zTR*Ceo%3*DH za8nHz@(0U=kwmh)%H<#(nflAglDU`8eQx{ZU%Psu-7vV3)NXpfsv8mG%(c9LhlD9a zF?T8zO)uW@5G^QeY9SqVVda{8}rN7jntXgfvj!AvFkN5&SYnh!Q$F%{1QuE>S z`H1^y#B!Vq$fw}(bzFSqw4PSj5$$jb`6+qf4LuwnUXTC~C(gCL$Lh;*P9~oTUoa1j z=z$fm!oCT=$|HJ}>UvPF9H%#vJ)6MOV6cjL^d-CWq$L~VEv@oTn!RCgt0nQbK$?Wb za$V^tDRn4=LNri+a*SpDfPT=Z3MP0h-FtsJszySiUYp-xwQu^HtOR15R4WLEptZzwu*hT%_PgZ45^89v`>06R zOln$&>ua4-yMSTc!?LaM1(5ApFO6{z9~;?GS4ClqwlDVxLVKCOh4lG}r0+s&m>Q_k z&|DU|gT1|Jg z%ZH^dZ~t^4rnw2rD&Bjqh4hgLdMc$Zr<2<&wpFg#a>k+s5riRlLJl5U3BKFL^f5#- zNOgL@$;ge1E&?O*AO=tlb4%&E_Gdf6k0`U5?Ey@Q#Cbrypa(Os8z;#v0UPLYSvI(f z(#cQU4e$+*d+Kc7h;&hPfu0I}6MWxZh&TVNjNqD9(WBm2^?ri1{W_5c$1{PepD*KJ zr8g%;I!8I@0~p{7&#ht%R%v+@RO$m2Z_oS~7&Gka?-DOEvh;X#d&+GV5`-QjU`Y$; zJB;}%liD_?jv>>r64S_aP5{ujkk`liP3bc6%HCCLMJeaC_A6-TM`Yg7Ogh;ieraMM z>E}OjO&A4remXn@;u?NTs#n1le}2X@rF@<7@%EzWbffx8t0J7I&fZ@n8icXZjficd za!UdooIU(g=E3{isLfkCmY(S+Yd~*zi~#DNV&iM<4lv^vpU(v2RW#$f24I|;Ejq@A8)bf3VD5DQt6qD<|`k`Qz3h%@V#ME zjn$7YRFp_$dtJz0k^BU^puH`Tx7aL%Yw3Q)%D)_`b0ZIW2D ziRQbJ^<*I_i@|TUauNY|_^Zi!vTCmxobPIKoP?jo$A2oDFLnYM!l723JAvhR*@b?h zL@24B;MFPRn2>$mMge=@BzB$QmNop~3om>w46kbs)c{>p6iK#H6xu#Mo7$t}W8qP& zDJ7vQcu8B`Bj~I|Q z`?>|%wZj$R#QbKDOnOE!#9hP}_$(g%n}U|Hjc2n=pVlD}w90MicKe~72!hBdW)%+e z0&_$(Vt>U9*_@Md*t!*(9k)b*tvsu!r<^DJ_R9}>oY&0iB)=WfaMEm!76^tVbHOO4 zoB<0S4#gZymqDrgRAd^tv)sY8^xG%W^YW4)HHrxP{?T;YNRh@x^-E8qEyogfjs|zmN6I<+WmWef;Z93uG;XQ<#tzbi zd_ypxfW$SGd)~uh+mtm3C!3FXfkyH@PDa;yOi=nq2QKW^NBI{)eMkXd$Rig{Lii4b z++afF4y4=V^L53`ld)*-0IM%js6oyishkCZf^WololJyqNWZ(1MaShimo60;!(@;A zr7dxUs&!uYscwPyGw*(Ebw-$Fm}{1o+XR>kc??LEf*$uvL^3=cCriribF#kC}-axmuwth&& zfo(eYT{wZuR%x~uB)Il2wx>)c(otVU(Z2^cH+#Cb5KPSdfxBX4MCbsV1vv}%rxns) z`p~QWjPc?#+Em>fKjN*UQ&S+J)2?~9yT|Q^L#L7*VnL;(1WVz1xcNSw)4Fl6m~y@) zGz6VYFz%u)mhwIbxh`9ZO0*3xKzMq%IZRY;Jp;xHTPhdkTv~LFttauUPExO++F@a4tWpW2oAX-)jNkV;ceoXgI(J}=w#pga(8^@n>@n( z<#xXq7K7Q{IZEI(r6F@f^jT(6V1^A=$!OHL9wBR0JG>E|#0)ETo)N%?lsyGftswK! z{8YehW~vl0t`FzsoG0>H3jnGr1kgl*_$G`7;}xb@H8tt8)jM^Hjffz4ga$yn=fmbl zmrU_VK;gxf8UB%gK~OM^jEQuAxjU!piMwo<>+x#X;o9KB?kCC^Zu=FAOGI`BbWs`6>pnPR(vu$8P&P3bn237T_=B}JguTuuLoCVJ(Eg`{;cm3 zAm!?GZM>P=%CV&*G-MU={c6+`$HRUB_1634?l=(m4!pa%j79dORr~e? zSd0%5r`6L1pmj@4GnV-N`YSS~Yl+(lDexQA69t76SpiGYf-d;*1$Z8EDMBzu7tF@n ze8gNf_d25(#pZv#pWIdZB8n#2FwN6^-gvIZ(<-77(#7eZ57C7@SVIa4-+0w9eV&@r zKE{GS(%Ab>+^e23Q_jZ4a%4V7 z4=M4^NRAS+H}zWHRKppf-N7rf8deBs>6qDvrel^mJprrD`~jE2Yb`~osW|R$IHw!v?<%WlNUXt>H-TFko>EwN&$wEZxHFM z{JG$fJq8fQT9YoVypz!pYPxh#-s$OidNevip8C^{QWS}5rq&o8P_UuioI-5%^CbecL%kjs=!HP+|$%T9gicNHwD_EfNsw|X_NL@9(Xh5uph0X zoN4jn1CDa=mTy1^IVVO}Bu#iTY zz^UZS(*~(P2#>4)S={MDc=nZ2t{jZoPs70LuXG?h$E)#hX9h9xQS4{;Ufn6C`pn+= zCzl%9&5*s7WYr>lDv+89oNE^F(8hT;c&>%Q9WEY9n%C61F_Pt{@S{$#^>n7uPqpS9 z(*9ykC>TH=Z+#9$UteUl=)G4FRq)wTTkHs6s)!)z&Wsnxo;WI@ewsa?5DiMTTk2RQ z>N1Cr=w-cJZ# z1J_PjHEVRSot9jgW9DFmMYjQ+Hdmtz_|bD9x2CkZ{+UXu2&g-8R-bA3!Xx!%zm-zT z*OY{mgSe-zZX}TkbfmzCwb~f9mV;TwoTk;-R4tOLk~V$kw3*51^flre0tzl-7X6$U zrYF(6LDx@tn>39ztVTUeSCEUn^CR&mGTX3u=!OsQI5+8 zYEOEN5Af)fdd1RLbdmBIHOlCDoJ_)jh&PT%YAa@wT?|1$Dl^_9_W4_--ZkJqs$BEi zkI-98RmmW1{t744;kQma7C^1+{|)FXrT7p$rc|wqV|?Zm!H#IUla^<-pwOo)mQ{tH zsgs&BcXhHIt0e?a<(gz1op^G zU9A}_=lm!b`0(^;CU2CI^`6-w6q$iV9D324|F@(=B4k`M9gs9EUO8N za&eW3^#y&0GEdGqa<63&D(us|DG@$u&y=Vap;cXP@R5;`T^A;|iezkRZz@YNL^j>H?_)>V37i$+l*P&{swJVk{|M*W@eNN6vv; zPj#_jMugLHpR53fu|j0lOF(6BbWOHkG?r-&*_Mo z<4=q(?ro^L6_xeg#f%BHP(j4DK&aQWC-Sd{W>UmV)Pzy(sNtEPrbq{8X2{w2DLFUMen4ACV4uTF+;v10UJ8d}q}33eTkB9|;x#TfFSmgJ-ayRh67za`SK z&z5e@YG>3mwsMU~FOFR*LYtW>kiR?6z~S%L|tC{WDTto&wWhF_umYPPZlO&UOIM5z*KbX*LN<2uGn z>*sjenBSO_Zth{seb1dV!YB{EoCGcL_kqmB#80{j1)-a`i`xIXE{Ca9PQW>09iTY>p8vhNsz^)u5;Q_ z2h|sNKvMHy&B1njK_OD6^hsuKRDzR@lQc{s5d5sW`*88ynBe`I0+FlsC{9JYFLW{T zoCXU*Pr-@W$!w4QZiIHRZTk=2tttO2wrXHNz&F{B>ijKy#|j@Z*c@KUY;qqz8{&f= zw;-7EV8WM>xY-|p7`la(6j3ai((}JsG{zhkKP#@#>Ue%;61GkA=0)OK(06o>6Ks8T z^WywR6&I@rxYmMU{KSj`s+F(AevI7D8!*t5=xhj-MxbF zE_TO93xW4X-WoxI!+fCz^!+?|%&s1T9lbo6${)5Y9z~Gbp5?cII`AQ92H-&jobJtM zrMOqZ-~w3_`6kHpHG86R!GiU_hJ|VFI(Yj!>?Z=gQU0~^!UIuC5X|;v+LHYvvbqaW zAE3iNWJ5>K>EgaqRW%9Cf^c)p5}Ca>0viYUEt;SFZp6O`d{=DMx{W7R(_YJ8Qh&U} zCJOCbvVAqP`Q;z3uA;gjzI=zpa_V~a5fx_DFvI%x;M^$;*Fw{uy!*Y)t=Cq;bzf18 zg~JXdMJ!qof8zm*x1VKGP3~@m3hBFhEHKTX(tlB6z;lJ_$s#b%!Z(>}|+r$E%m%&fvzv)7( z>-VYsQx6xdupdY^tU5*O8cKa>uxfDbQjvY^y<@DHXrZQo7}8eU>t9E9Le1l0Eq64S#hw6 z5Vg$}=5_73nMwKLUfi3upznM2b{4Ih|IyCjztnB|AUJGs&Oxh}q82cd1zqpmoc7oW zI`WkT5Z_?%yE-6J{t0P^Jj3w4UDCO%mtcDUr}oBbn^s(!)u7)C#V@f4$G)d@rU@=J zUe~0uNqoYf^5PLl&n`%RWKH$%xwTUVrzTr2sA*_E(LFp*|N6;ME(d$!59RLR8em&- zIjuC^s^-9$25&fEnQ->uiC|-ZO!NWYzs|h7 zAK{q*)sjT<*Z#PaXHNs-Pa&&s9X}=zeEx|M6ZIg> zBWDeNpbw~zR@WNR=So~#4h-aPIx7Lp;^1jJUrsm(tcC8JzUmul%WFh9Pr(8TQ4OlV zOn$4&_JB0DO+v$!q6(Dl9;RsSB3bE3I-~&+2qX_l;>8U>{k=c%b>~>RDV0|v{*>Qt zEe8KJxMdA+%T(+I32Twx6y~}D<0)zW^*-HdZ~r*!^BL~Ti-N5S#7RmK{|A}JmSD2j zL~C2^-?e!_12#J6h{!>cnn50ou_*Xnp`2Sg=&ySG_mZKB5_E$^^aNBWKIeg*g`U^i z@5VbKTw8$AdUIdgx8jN(ZtF2R=!t87T}Mq4=!ESk*-M4Sup$k34)e2`Ih0&-Ukp3QEme z^0c^!hMVD#=36;OUT_oLU|}J~Z4#bu4_q#?zwC{IPvR8RyP8A)4i+Ho!A~^8w^ZEd z(BI2I?gZ^;-5)1`LU!ogr`@R7v}pe8b1&4H?Tx(RayYJ94+j03-G1JOATxJq)|)qf z`rnw~eFZdS`St8`!O+V9UlfSLWjlxKL{j^GIhs-nQ;D%j&c2zEgXTY`Y=O;XyN4T= zSRWwKt8F^YD!hr`2KLmx;j8p4exiSUfjcHJsiGcuZ7%b>$AWBvb9>k7D*jv0FT|I+ z;bZi24}6M2YUXK*GL(cl;&Qca<;gt3nLmZThzlg00d974ub{g9fWFB2hGV$O^;7>b z76w+^y9gf0O-hrX)}xyY+7zz%swsX`syjS(1csQR=p*?0d~TdVm9u z0$RvFj|trM%@a#O2ajvRfP@SA<_V<;RXmDF>Clo82#7P5jfPjoHzTzgNy36&!tGkA z!{<-BJiOKjx80ay;J?jZ1G)+6x}rP_uv4@#NTfLZ-u{E znAb@ER~H7u)yIPdVtcyjI4s;)0G3BPFg8d#(rsN0>=rDT3%$iMUB-W9?pwZr>y1)O`)47r3njdL;*VEtb#7M<{9*UUz3aN?BWjH(#&=H! zy033yc=3%7g(T25G`RI!J~|56+#w>6Q};vtKdKWUCWF3c1z0+;eD0MRy#nZC zI%I@`{&4aQ=tHfIISS9A%(1>)qMyM@F0ddCN^cJ9!ya4REU+a`tIV+$*=vAN1=*s2Uo&<%(=+ z{<%|(?>Bea{(tLES%kg5{M7>7-n9kZm|GLNgtXrBABDMUzBP*-e>b@XRQM~dxuE)M z-qHG7tDn>zB7XeWcK>3OoDdlR=+Ral8|>SE^09elvp)cq;PTnfxx#yZK*t)ldRRIG81z2i5|_Ge6xDng;vTq2{wnF>F$58?;EhbvAA}< z6XiP%Kx9#;8K)@5$8f8UwyPGetC$E(sf)I{=@y)`D?!T7q z4v1Ybz)3^;#>W7B5A>h>?V*0H+Tarr$H2It16JR`|8Td-2>2E4#XkR_Ki3;?FCFd? z)?BxRfMUH`SUv&p5k7^FZV#%cjSJvavYCuwXh+ge0`qEQtRsc%283mZuwT&ZMy^`_ z&mUWj3!?=(t-v;!T@RmvAo~}e7x+*5IL_DgX#Lx}B7MCBsYkP!581Bmkb05@p;-jo z;SQW&z|h4MJi4Fab*tYmT9;5wDpIIkAIS-a0g7Ny`lH8b5=PjKlsC`Hpy;ei4+x+;x61@;%zpEESkg69 z7oVFMNCCc?2(u7_;lwI@z#0xc6@fVyQ!U#3@6{E8I&h=yA~yJc&6yFHGsz~GyD*EP zOyYy#5D$`RNiMH{@K6Zm9)Jha+avPk$^U=B13~AJ7NGLcARZ5jjk}R;=Z=8JeLh9h z#Abd`@^JGH%ANLRYpcif0;teK0`j^^)8oxCt{asN`Utwj6~`r?FAubh{bD9B5WZrB7IJ%QSn0vM7F9de0@dK&0SM=6x=5NT7a7$|2KW+4g1*U ze4oVP`a&_&C2HusoL}lPAIqHugNvxZ)15V{5JY(JcjdhO5C9DL2{%{pYI70&Mrmk< zhDi@7@2X}h8yGZ7#k&cILGCY<>CM%AO9+?O6(1(m>yPd(2j2`NWPiOU!UL#a(tiv{ zu-(1A#;-XlpZHwt7JI&;0CKFz-TaMxJZSJuVYm1a=-CjgCM(_ped}zzH8O?m{0lC(V|qaPrjbT&fhw;Ghqce+ z*PuNwm&Z5}&=pFIx)sf%ObZo= zf-KaFL24N#vgc@L(cJb%HJ%Vc(4$|$$z^|$Ln8)_dIbU~XJ{3{lh>c|x$PH)0Ed@* z{wn$B8z2U5;6y-CFJaxX*_r0otgv|$PAVw!`yoLDLthPS{wQdJVl)2>>HF(MLLDy% z`(yEs4+z4;dkHjaT@gULG$ByAmREIpaj~%Z$3B>Zh64zBvqrdQ%WMa!FV8m$R7-49 zsZ}_TXKszObp+jIJ1UN%w`e~B+-oREfT#6w&X6m7e;H>U%+MP!um%-79E^q%jY1P^ zi@nk4pC~0b$e3pBD{{}W1~c{+_plawlhOC)TNJkzsj)!rT^O93@|kiJFG2~ALUb6j z+p@J}ZGA;Sd~}kiMCZBAky$8v813nV{yn z4csbdV7YDlv=yoWAa?-xZLO}XdcX8l(Ve#jO6$z|q45j(JD-_w?WR4Ha;3D#+zM&$ z7&m5QQYjH8wa9g2&Qw_VX4{$Voplt#ppL-Zu?XF0VC$&@QJP-OJwCp_jz|tW2GC;zdk;KBNOm^@$JQX za=~ct9dKEg*aG^CPjTFnKmr>lCJ|&7KN9f2+M=A$@giveDpw3DJ40YW@F3GHR;1s; z>^>%Uz~a0)_I_26I5=x70NpOS4U2=29iZ#?Z5n~`F zl=`Cm^Xf!K`TEX$i| zNeJ08$u^m$0lmdyxXKL7TR33y)u|PbC)*sZvV;g7lx~dZ0UryWZTJ31Vs`a_mQKF6 z#6Qz3?N{EkezG~#uDzHAa)FnT)a*%oE*}6S=yt94x5cssnNikZlGDR%9jq|P`5X?Y z00>}NSxN2^p8v@hS(`o!n&WYC1p^+^(Eoo$vL}ol8 zg`l|cQ?~f+stig0e4D&Ol$x?)xZNfhHb|U*fI1Vz{w@ zUPPYr%_(TtH6%l^n2xNN@h&SFA(w(O5WP8}@_?MvCSrxwMf=k9m_C8u84a3!TKJmW z*$r}$$=Mm~G<|7tI#8=Bl=AdT*G6_$KL?UQa)GL(~)Txpg{7hSWc}4#U5#aPW zl+RkVe^VCz!LiSYbsOp}H$1rYiNv|2xbH*lyzGX65r=yv75 zWvpU*bC??cpb~O4eOT)JM6afB00$DXa>9QSc^yT7woh5^@R)>`*>Rl>hn$qTuLjTr z@2)muk&|U&m?;=_>cHd(R-?9HVL!xd0U~y*Z%y5A1(6;{+nAk!B&5JmMR_@TmE%qr zCe?>D>tq2S6hgebytKJ)gnL<-XMq{PFt-3^sWdl`A!goF`(tPUN@b)XERv^d<-Wgs zgfq(^JULNj*$mQL4?*X94z<9>uq7m(HXD>e7paUP0)589w_lc35Rpi zK#RldsXD={29TeYFBV6A=jxU-OZK zlN9TBxG1#Hq3|3CF26VrWy*KgVJalC8oz!^?UAomjcdQsQ~W?Ly69z!`<8ksh2GKt zNaAac0Zj*om8x}8bZ+z^jqs+&#i7{YYX8s~ycb7giq+?F0@#~Jg}8s+3mpTR8A52U%O}2dO8J^-I|P)ymu8i*^m2{ zq+;9~XX=@Ro)!2qr7~(ogaDFIY5$2+mQ>km5tMaLvH*z|&dVfFlqu9Z*AFd<{PIkT zP(VOnb+A0Ss>pY8Rc|-NXT5TBh1z6jp6-m%jhwgWVlf zLieFAZ{uT|2Y>gN`?J|C=lc_A9w0sOtMNy=0x zq;|E%`UvyR86R;g{yokTsKACYZV!~Hud(5Hs{y~r7Hl!0MI0P*)`^$9%Hz$j< z5UM+lfqDX3o&xG<8dl{g8D57hGpJ|x*#R|Vzd>tXhOACk3=7GhYZTwFBvFhSfuP9F zp!L|2_Fa{Dw|ZMNCsQCAiT)AW#y}~N)l^jgPG@u@n5Jk(gw!SgdJ0p^oXZFFBTj-8 zJE;61qg8rpZFRmrOy{nXfmR1O)_`{Whg^=%cs3udu@*YC>*JVMjRVCGXo-q|PAc$g z|E*NF_JHTlXuL9zJJ%V>3-Hg32U>?x6tm%6({1}>SwX$-xY7rV?iawrSsktpN0uni z$Ov1*Xs_`!s}tus5C~uX_rWkPqJL z8dA=KPSvLxMz^91WMN7ggVc>Dn8yNYJw7!q!{MO7E_fe@Hhb3z$#zBDXBJc!vgVQ{ zJ8tEX4Mg%egM;l}a}X-Kv-^Ll#?8^r(6Rz!V7or6u$26x<-UNKvg=l79 z^?9KN^&3-{gzYxL&=3u4SDU0+PNUJEU^*mdh0Xl!UUOGyMRo$#U)Sreb+3v6@5faQ zDa`NAUGrgruYqjqPoy5Kuf!@)3*}+{$@&-bj}ZocOkDplt&Vf}V|{xR^32j1F$Z=S zK9}-eYkxW`2M#0NFRWd>(5Si&p7>^$FyBSh$d8qz$AQ;KjetVU=b9S&g){g}c zP5j5Juk<|u4L-|sZ}NYEhQ+|vtzUe^=$}097^VX%mjLc3?!(!`P&x_6iD9m=+?qUf^j5$MBm+omY+s z*%KK5=unm`vmiL!9`5|s3-W+MB9)+hZ;D81UO;Lm8n4qPXkWenb!$LmM4h9k1!|Ez zuUx|7jDH%ocUk(Pu<6vAL2LXBtw2{^_{*~uPpG;YvI+dM)zv>pOxiU2ET%RK(mE!iYtt?np|%`^imv<3Ai`-zsKrNbK_LX zQy;GJ0##wq!asISka~Q5!?Vv-oKx^4cy31}Pu05NffL-#v_n&4QLwz>n!nmZ z%7@WImZbfx35-3<+>GWPOtw-GSi?i_f57pFm5LSUJgGY2+FafVBHlk zxHMj$F393wSR&U&NgVIYgagH)-ml=fr`owOEq@+y^|`N?n2v#Bp`XURMo0AP0C_*t z$mWysx^CiwZIE`wDGaS)zNt9OZ7MS#z9PMYGe15eKjg_M5(^}@oyi|`+I8=IfP^d4 zz!a6u>-_MU*+_OMaD7u{%sXw9xZQ9;%qk2BD!DBE7V>5rP;I~|9!`K|k#Yvmd?*IE z5aB>%8Osko?b>$W379Iz}Q+fu8 z<#8k|vzkbU^@g@y8L=PRo$C;D_g(KT838qXcnsPfTSB5^prw{yuAUpVc>@)Wm+fnJ zoeQ@w^lD9)_G;Ilb7Gd9`@aoRZ>v(n^B52jL!eUhaUWj=;p1=waNulJ+H8zi#<06_ zfK>{_Y>^^2`28^Exg(*%k5}*CV^L=!A>x<_yzNjrn#2Pf{&+O4)^B1Ht8ARVC7oO( z_Ddaa!wzwgz8P9fozzdW$56n*xXSIvMh$3(D&jnGgSY=kW zKz(#}6au@X1nmEfv~uM1Ky5-Ab z{imn$k8xgVSJ>zQ+J?DJfEdR_JHv|KusaSXO*~Alb%4->(J}{=iiwPQ;WIbrCqQdL z?`p*sfodgR=-?}zieArTB|fiF$#WLVW5l@l^RwMKxF>zip{-)T+4(CW*-ISIQ|yU;7TBH$ zH%E6^4%vX>Y`lD1FYs(QN&cv#_7j?HZ*1hOYy2%YG`uS}|x5yoT5N6;})&z*F=8J3R41;mJypi~Qg4G}AKj|B&|8QB}21xPmC1Dj;njD$*i? zl!AaDDcy>Mw1jkt0xBV*AdNwnbT@)DN_R=O^r7zT1Ni-Ft-J2J{~#RC*=O&0=bd=w znRz`YJ4DVZRM&1W3Tdr2{Y!PO{3E85zgEr96`nvY7cz;j1^vI{go96Cjui6bU}{u5 ztYm@Fq`(Dpb+?t3kAN-0mh?I?y7+E*M5L`OgRvmcj#VKGgD-%0GJ}EZ6Kn}Ks_oA6 zdg(r(7`A?W!u9ojC>dag39imCx5s8`>XmUv(r3c}y4z9mk63xuxy%L!1*dvb!||Lx zxGzE5r-*AVjK!%20LxhD6B1t%k2i$yY}l<%$*)fL5o35}GWKg=cE-zwzoy|8bW=9L z>!3T}-o~RSZ(5SbL<;(KBrBgcXl&uRyz_8aI6`pV51KvCiTP6AfK0D^6A%GXAeGqq zLaX^@V%$H$Ps4Hnp8R~bLD{Gyi81WPlh3Xx+|@ka%I5l#RV<3_w|*7Zz_=J};_~rEnC~fuBVG8uI|rFPn!quN~=E z>FJweZWJ2#KTXt)jcqSd8aJ;X8Pq}YLn%L8_ohoVd;aEN>9)I=zIF1Iw9VbqpT%Ci zAph{^+=5E2SgumFFg+{U%c9M*)Y#GYdZ-C@rhRZkXr6+ zJ{9$+IRTK-bF8QPOI5Nt)EV^Kb#f>s`27FzV@`=@CYG5{u!Z#i<_pgHU% zBrTux8^~{9|68{L!!7`d2wn$d{Idf^wn}5IU>X5Yws(-O7{2ZK_Mb+b5n$RI4J4hR zf*9|y8$y^$?H&382Y?v0fBUrMtdVWcLC&WAoF$wmQP{o*rog?*7_0eWH7=Q;lOBb~ z6S8Clld+9{ea&zf0?b|ydOfeke55{c=TPNyU5#+BcPWTupA6F}dPdl!k*&z%o1l`% z3JBt>f|ZG6zPD^T+TLKHP433shme;v@j+}Q0C(S@Ge^nr{+hTsgF=azw5_L)Vxq!J z8`Pht03H*7wWfb~)5e=F%(nGY#GEf;Tl)^m`~^*kKRnRItpqf&>DvDyxQrk$v%@RU z{f`ePMt0w`&+VKwFz=2Xul}!0{y%E573WUCZ~!NHTbyhyOfy(s9uq&qIRL@AW|1r5 z#=<}z&UH9dL?HN@+G}o;uB2~PJqVE?31bbE~KCY|Et0%*>!35a%QR!L7OPf*+SghM`sKc|bq_Y7v08FNOgNA8(lPT~$spLb@8bw&SCf7)m1cGl8^w z8fJX(VEaIas@vMk88|J-16YBH))z#)2(F%XX`kXqP|it$z9M~Jm_NsjUC`hr{$|1h z2=OsN@l5AMePSj!p8R^u@A?M|!j0Cx2UN9RL=MWOdb8fpa>c?eY7$f6t8Gq{0h3C8 zSgY-9E_e7*$~Z;WKt+ibY;kQMHM@j#kRyWzSQL2(WY#oUxfOB&6xT!fhN|X0^GmWu zCSvUZAyH`c7FVAbz)ay38fcj5^#RNz->le-PE^d$FcbIxf|*_zdYE~$miI0CpT8W) z1cmG|>918QTe`msxElL^BsUcN5AR~va7BUPSyo14`X^g08TWs6bCSMK_d;gjlp z6|T-#Bf0VrLsUkYjP!i1&ALsG5IR=fIWp?91#N?aQ+;{#ooQ-*U<}pxFW=4tB<40S z$4Q{iTDL_BH?I_6SKu)FLp{Xhr*c1382tk1_wQytzUMi&2>J=VeJ3E2PsG#}$qL2% zj=i^Zygr!46Xp@0Q_nWKT6`lx+8@v(JtY31qoX@Vr(9{lNTSjkUYR4(UnhAS*TZcW zmBZV}uM4%vs05PD(^nK;#Lcp;2afr?#QKV@ZK6TUpclkV+}z$N=xOY>v7lA#v_S-! zdEQMXZ~`8MYcmh~yEBjm@GnHQt_0W6OcG0(-BzpmC#mPuQST-Pu!-qz&J}Ry>j^ro z6Tmz#(buQz$`V*2i)`*zV4i4&9z2#R1Ee1I|8LTibZ0-UEG-u$$LVm&@|}M4(ZOEe z41th^S17gXE8g3G*YdD9+?t5=W)!m1kRRm{75J)NVYLq)h9IhZ^!9!o-KxE;n{K-p zoahQ$mfHQPJfW7+Q9o>npo^?CA$8+>LE{8}KOsyB6PWl3S|jZx3^i|VFZVDOmlR_z zrkNkx+f6WAB|U#$GK|V6>=Wtvn&t#E`dqXn^pL|pWcq~sfV{$4CG+A;M>6%yT3efc z983o~j{4$UVC6_fRXZx|ffSrtqDlaSi97D3uOdc{4z4K6T=QpkLijpzG*nX53&@_1 zRzK}{=s*LaeGjG60698kyP^!DnWHe7^`PI}y6#D}ClctiMxwoi<^S{+^18DXAX-BZ zspj_54MX6)<(-*y{x70~EQ0#B8CzaEiiNr_lCZb)n`PQ3)XG_h?{t6s8zoIi4-bbz z&-M%+SWZ^X=`A^&LHw_1V@z!#&G(;~Rj`qQPIp+eR?Ty7+s7@h3tVl#0 zuxYC~y>7k&sQ!!XZ0BXQOi>@R9v~MSFri#`Ejujgzt(9(XEj-&?fguV$R8j}yVD|+ z(pyBS$y#dIwmCF31jsFg9I#3Y<`hRgkUN}`M8^9t-}oN{5|5=z-^Pa>BDUBXcZ!Oq zmz%n-R8eD0Qp>>53_2O|u(toA)(s%kx;&{Wk0Y}eb9cDE!>QY*T!kBkwb0GL0j2sp zx&H{~bZe;lP^!3UUW>S2l6*nGMCfJz4pP+SK`x}Xqwt}bJh1BM{lIpCz76t*uMThh z3oX~jvZU;-O>qSIdE>XbE4Y16^H6^tr}y{C;Ntr#^z6XH2P3JEa-Qua?Hi&E6gO|$gv6U-D$gPMdWu9p_|Bl*<(NdLA(6hAMxA>H;XR@y`d+Ui`uAeKx| zBsl(jZULqfz|f=PqcwiB|5r)#<(3kD_hvGr&Absi>ipf;Uoqd%o>5O(Bkh$b7UD9h)#>(q4}a`|70H&c3vR7GxGE0ZiN5SXH$4I?XP_AVFr57q*MU#hP^@( zt)oT|qWFku1+UiMhdVT?t*MCNExJxad9wGFfhqSa;+a?mqINx$-$~_g{*$FYLfwQ_m87+o*TxQs zwRSR=Xh10&2O-wdRMGZ+BPy)A`qUSZ9t|5XK8)b7k{2r5eK(g^E|l>Uv#&sn^rfIo5;Zg3|MmeS7iAw{EnTdqGvDl_`^)mDnM6sVd1037i z6v1u(M8}7AH19MRJq=cBZ1@mbzudVIdR}5s_1)uMVJo6XJK7zyklg;yDB*-DzbT#G zkQk#WRr(d*2haYbC{gO%4KQxoGlj~?p@vp|fpzf9nOWDqxovE5!P(x5RrI|CE`CCJ zcX?lf0O8W|^p@^M0GNSC@73u>Il2$h;cT?4%1hu{&OBFRm%`QCLYIqJE|ScH?w-eb zxkw_cD+(c|xBPvem1n+-z($t34*`GX(=Gg#N9uY=O;(4>$P&egwWT7ND&jqlyCTrwFMMfX|KTO@9Cv)J!|euLvo~va0Sbi3a)EI z4hr(3Z>Y{{%{o(G4L(~&SDnnW*j~!QJSqM;pF^aB*zTV-8bNA5HR?~CSR;08Yw<1E zSbt)T1|}1KHZXepbA8B;ZRwHqQ|WE-rgj24UPmM2h698WB7}{dw`7;8%24JC$&^%{)^k+uMSUXUgAvimv+>N)vQw#KnUqy-9JQT8)nO8 z)bX9%{S+#lV%48NbJcGb)f8IJa`e0XQCK_2lO0IiXZf$RcLe;zOYJMo)a_3A zBI*T}!u{U<$L~V71h|3<>Pj}Eb$&eNEW2m$(c{+iCoG?r(;pu-Q2Odqn@Xiwv8guA zXrTn08aT;vV_lki45PIMCmmLgb=tX=nUr(}Q;7dk6aN%(FSsj<1UXn@_!p*3iDjpT z%R~#_`2F9xa4<3)M1Py1S5RdC+b0}T485)=v5q6W5Gwa87wD&(`z7hhl^9(!?8BVo=xMZm3h6wSGGPWPlW z_A59=XY_>>>#MOHQ!NI!KB^P#jO;|ezPRy?3*log1;Z|PTZRpXTa(!T0fs( zK!iHYRZ$TC137GS>I#Wj^d~n+DV*~T4{OBfwz0hTG+np)q?)+MTWG%MTi1MF<-hUQU=&{j zYs;pTysvt}VZ^j8mp*yzhYo6Jr~kEYai<`T%-t7F_15`D@MN*&%ckHb zeS31`_(d1AKC-xqy0E8}h1{mkR@dl67Q+R%6}vzPjD;VjfKIes+jtPS-5*OHuY31# zL|H%)6L5P#=0`^E;5Tt3!NKA3KGaO%;uGui%w6h`%%_LmGgDa54dSEU&1kRy$7WXl&_*faOmV|rW2HN3LdCgq)@TQhGVD(6v(Ryk#% zOhL+8v;|~gL0dq<6H}i33}Ccxcu?G!>)abVW1z~T#i3@+1oO$vxX;r$VGZ^wC#5?1 zhllGMex3Q*@n){)qt?Gm4g^{L47OOGOuZLcN^m`8j4^Cm6Z|(FKYu2UIP{=Kn^yX% zu0H*1-%3d~cV}FoS}(Xw8<$2s}FF>fa?Yv zs|$A}Janjm2JV^4rA_mQR2fKOg|l6}_DJq@rq@6=!8FTpvdXn0E^gSP#tQS66>n~454Me?z zCA&|FUu26&b$M9&RYnTqtBlT<_fLkV?93XXYCAOl(C?-_xFgY%{05~{i-#=hBqj?B zi-8xM=}oFXgE;3dL$VJgjwYgUnuxY;-eVX9`HjREz0!mbMgntrf!;MEju;jD?l(OB z?Nc$t>sre`s6HKXiAY-LFxqyb`@Vt8Qjvv&f#u95?3NW@O}bW*zo&iDr8TNP3m;-5 zEqB4GH9RsQOdK10{{00Ip8Uf-rmDsQww-H``Ut6n^#6zY?I4|#Wy-lPH zNoTnx?qCzGGx>kGkQW-5smW zEunOcy!(-dUYi;xcn>u>21-^Cu4FqL?N`n7Qjjgw*e2*<8$B zulGG=`K!V1Uo*4T98swO`UKpv1TSqC*Rr^;3U!^i@qwEV)x_M_-aGiIKjr#>TNTat zV-4!f5Ml=R+*y*X8Og#O{Jf!5ugDi;Vt!nsDIhm96?`)DSW6Lo zs<@8ggP#G{=0o1TOHTQ)sH)y@9??`bL{oc<&5G7P1czPG*EcY(2kKwhBD28PLX_jm zQ2hOmF^nsdR~Q*%huR1DTlq^}(3W5zogN=i3?bb7j26*Ve*FO}TR7>|0dKcTR_D}j z2=F?w`n!cv?k?;pt=`_~^1(q|I7)YOLs)coKGvkYN5O2G9ntF*eyJrSO47k?9eSkF z?1N$$TJ+Vr-F+4`FW={w%iBIo46L2YOZ~TsY?dxoHSVfvSk163b>@2Z7EZp{^6ojC z=xDQc-sezF|8Y>|7XT{Vkobgi>QIO0D5iMZou^{12~^8jZwL0kN~1r7dBJki=7VDIySS&AuV+q5;Byj;91-!F>ZDHN*>@TUpS7K743!n)vGFl4DV?=;5r9+2`O{ns zh6(gFSG@N&H~B${hM6&V*3Y&G$bNF$oH2R+7*;gQoqF3l=f^xNakZa)MT1=S=NxWT zKN;0i2Hj)`q|C-2a~;`&BO%iuNb%Tj8YJ05ytg^oP5aMxOz@@JI|n~~I-a%K%Ca(W znl9t7XOAMeEa)sYJJ_dJ!^eJWfaY{mXz*x#ceqCH>Kv>u_%+`aA6rG&G-f@<%SYeF zKn@ET@X~l^-4|pm-RGLpdBN?~&8heIh_BkN6F1Ik1e7MkeWq6%WJbqNhAt)Jel0Af z#>NW9#z|ykWbNJE39GBCD;ku_pzRZr=$Ksw_w;;!qS-CGH9l60VPO`v*0q&{rn`NL z@=6`ED=_Kv*YlpNZGxXo$D5|PDAvz9zI~wcG{RGO39G-?uy})i90|#4KMn}H2tbFP znYsCdgJk1s4!sn&y^#>(pV&?+?-skZ#+xq@W9?iJruR(=CSA*$7m}YHp*Vj_ zPQgYf;Puc7e^pXys&rjl9qD8<+MeaZ`dEIi)S#EA_nlqTug)X><8*dpKqp1)n8y@E z9zUrw;pFaoso|bHyP4L+v>_&q4ErPlY08=*_P8{V#_Kf#e7puou{SZWS7!0NGQ04Cvy7m{lmB(^V>2reyP}vs@~uZDySzf zbDXxaouiG6REJz;J3!^*(?Q#&Ytl3vKRP&0(Ht4I1BCURO|2l3gspW;8TX=yNtxc3 zZca*4x%xS{>}qTzesN46FZo5jXTcbt{lvi~AKz_bduSF8PnS2*2*<<2v)OmqNGvJQ zN-taX0z%kBqPIWl>wgK@4W&Y_nQ^T+{q%PVo#Nq-x0KVNdoQa}AZiWnTbRwG7v(6h zU!Ob?e&xlA#Jzhzck_lWjYWqz<~zhVIBz%Z%m0}=Gh*qTbE99dO@$b5R+k(}{U}H+ zt)rI*S58lEd&~cV5joS-hEejDPjl|OjiePV{DN`q`9nxZ_z^F^z^(fFQ*54i;`JJ$ z4Ttwn*H+-%(1GvYCwc1W`BkC)_UX6RG%q0;JrhGLrmcq3*xzkZl~+{!$}{NPw$t-| z+4}O>r2N^lX9KIO89`{ex83&)Fs{@yu2$@A>$(Y@VrFJ;>->D)W%Z|c;cW9QZfFs_ zoLq@ypTZ$v5O2Ye>^qlQO+IeDOAOl%&}#I%ib7){LjDJK{q5cqPM+>fB3qO zLd@#p*iQ1`gq&2Zt>c_)AI{)^?hkA@)QMvl`}ods&i5A=Za%)m_pJNafYX3}lq9Ny zczt@zGrsAgMTu3IfiLxF;wCQn(RcZX0&W$UP_Pjup?$NjM?JpKw&9|!*n8E^RBAYU zFLwRUd2Z94q%{GuJN3cIfdNNcfI?eOvUi-RI;SS;nWCK)0{H*<_|prS6A2V<#f7)` z_oq}!huf^d#6d~PUxgvsoI?9e;`H3ul9VFNMfAW*;TGDTw{Veyo%1lN*$N&oCa=8o zmqN+*9(Ku|<=&i{I=j>QmXOBAgkvP1^#o?&_#28R^)GNkF50dLuWYV|`bkQ>9&nGb z+`g|P;FC@PS71=b;Mq94C?NZ^)Qxg&KSXEePM4;&-$Zlh7hqmbwX_Jtmu>fz`K@;j zJ0f2w3vVYbd+#sUUG#25FaYA|MV)?&(seML(J-W@Ksb zF;{u;CFEIOB@oxFZE!{`dhYJtZ?w0rtrGV)s`4U)^G)F7uDfbySdl!Z5CEEfT<{J| z9)^R1iB<7QjqjCNLz6-YxHcX*)Wv#(IWM67cSV6PJ^<3<-3L;fM``ip6EIAKks$;P zjezdOVBrY~rffW;<+hIEbo{2QBTyBzwXwtak(w>~t3!~uJty&Vu_M=z0)@5yr1w0X zcmGtXUC4?v6H=ZHEPE08__AFRXS!2;aoWSNu6FIxjz4sDV+(S<#q?_0^v#t?NmtDr z7X{`AOZsSR9uuIrwb@MwIQHl8AHI>2%y!*%w2l#N5f>Nt-kT38Yo|?CF@f%)5tV_Bd`JSqi2G>MOBd6SFR zS8*uW)d1ywiAYf{02A(|mzGm~5&1 zJSrwfusiF0v`gA*gU+rbvw6W?XkFeA{*DU~Me#+j^Tq0<8;5qjQn34tP(V_8y2`zK zuS%C*vPHPbY<9P}#<}fyyUD4mt9PH&MDiHbGcjdqA6`3aRlB?$YRDhn;N07q6yk|q z-cPy18&p|XGxJE#eyhS0yXn(JmyTNr*!E956`oBa6Trjg%u7s5>jYxiT1~h` zm}m23V`!Vnc4X1BCvbedBOEuLO4on}aAiGgEz-IYxeOgs>zW(eyXC($6El}}Q;j`8 z457+?@0rsZ$wW^N7@}rxJ6}Q4&On^}f|e!z*yPW<0MCs}brE__e$wYGA_4D(qZ)xcQvLGea?4RwZ zC6cAr$6VO|NZuVBB1&-G9e7AT_dQyio11%DR#qUkY;SL)$(fppYPGGFuC1$Votuze zkl*w;E8>Jx@LGpbB=458{t^5Eg9f3D1;ON&%MZv*ET3Ya80=0$vUq!VI!~}Ou+6YZ z(Hw1k;RG4_8A&1v7?%`L^j{0Uk1V(wH{*pvMetD=ZcV(J%5qIvDw(65UxYYalXBc& z^C&~X*%TknVcA~$>G8ne4t~5}yX^`S>U;t5>wxJ2TJJ_p@+QjEaqHUc^K9=9!Uni) zL1Ye<+rTNnsypS32De&_d6$a53IC$l*SuGiF8|=CP~w`A$GFLZOK$fPvq}veTrT3v zM)JjeHtVyQt^c5|Ar}KJv?fz;Wp%oj=c4yh;OwI?kqf>a9>-4-OxZTV$>WK4RWv_A zw~@FNe-{$SP~a37ZMn?fYF{hyiVBFTs%PVFb*|rBRxf?L%&0UV2+3PpQOjzV=jI<| z_0A*ie8izX{>=QWL;b5$OsoAXE#V>yz7=*uI}<$I7lnl0^?9K8bpv`|2U%|2LH4y# zN@2ToY?ro^w1_w114*mQ!M@@i=b*RZT`3R^SUIfW5<{5GitO<_@@sioLMjb=LteJ| zDsFUZZ`^iO2}gHh2?Q$TRz8MXAI9Z4`8v7-PELx>o4#kKl(K5W=v^I6`|K1f%msAg zt^>w5V6*jDC{~>HF!XbGM>=cW25^2tW9?fb`)!PzXqF7$ceb-)wz-{22z;J?kA_|3 zY}a1JACv_7LVv-7MVQ`5MMd3&;VvFP%Y_{>RSx-B^2< zq)iE%c`Lhxl00PQw(~Ti5`hqjp|^7qMBsHlezd0V?GEKkP!F+3dzxOm){af@98-o` zu=@}kOg?Q^VT*)M02M6I@19%?Jb}boF&`GYY(uu^da_W{dI8h7hPM2@);0yB#m%uR zp|TPJaOed#oZTjMx7n$wR$#FzX+8L&#$`B@5xv{!92F8CPR%Q*f*`89IFP)$y=lcx zU8`7-TwUYhfKYqSbsP)p`6bA{)W6qJV7TF~(iph*DYad9nImyyl(>NtaZ2|iZyx4R z+zi)2%YW|-WL0h^QU-^s0dQNF+zJ_YUhWk(CXs;tLiT#v0t9$NZ^)%MVG}2B?S942 z$7`7zvC=fy6C6!%cu-9SISrlk_|Emc?O&7zg8G&A(xL1Xnq}$PirbRJ)9s;YJa1=R`}1a= z=^GkoD|9d;X_%HvTsmEK2ocDMB+)&5+gG6FL1|KRaG0w@F^c~?<+IYFd{rI$rHU2a zy*@U#M3c0F8XCu11n2en0Ph!1v3lmHgVGJL&mKyjRm-E_|ILKB6(F8oj&G=Qfc?h> zAjR(!ex+r!a#dnu4%(KkbhdFR_XC9X^7lp-_qB0xcNWxs+tI_a3%fz0w)f)mzVoU} z>t+don_F4dcGK^o95$%&)J%dY-`)K|1XUglfHi3W*wa3<*%nSe-5r{?7}Wo)!$z7u ze6d5(huTB%#NbuFgj6Tlk0zO13Tsm{cYXdszJIr500KpRdGrqNP+z*)5ZI!VN~B4n z_xfcfEuE4zt8HR*wGS*HCAewXEz4=|ggxxaq7xSk{WQwxCqq94s(!}!S%^PIfAog7D z@>e*<{!H=a=e_8%?OU<2v7shFG>+R4+7upgUj1oQbr4mDloy2$b(M;EH}CiC^kil0 zuFq+kyneROo*P*NFTGzL%WoY~`PFiObH;9s;c(K(xZoU1OV|<$+-8Ol(v< z&8=tm-5h7G90k_KCMIi$7v?G5vt8jOMAwglG0o@cGa7s9N~S$`H!4a?byOUu-l~U% za~n3(SZ~e-6AQJY)@IkL=y!&n^RU`vrbR$%w?_)8ow5`! z7sq@Pm1Z%c`WTs(K2RfPP4U57?$C2Ecwv6X@pE)op^Lnht|V#oS@~L2(v>gRwM(KK zrdp1f3T$SB$u$$oevK_0);xPUNWyY}APn0gpk~SQlCeB!ldbWm<=*a4T$MEz>RYQ3 zq;R@;(Xe52%IIbf+oMtUvyvK1dSE5iiaOIy)ad#^c7DS-kjAC?#KqA?qvRWh)Csd{)1G=up2x=J32-klTI`6B~PXwliJju2L8E zcd!q)A6)WXjLk}4eT%@AZoxd3?&c+XjDI>mn6@H;Qzp%O+QRrXW$ z&5;kg@C}PDm=CU5=gjS!DdK*;zxPhT(1k5Y;L+0z4vEi+iT4T$3MSs@9U^Yd>)*3N z__}7;t;ZbG39l17Mt{QQUF)df#ld<|?uX=Kor~Ys*PmIxm6eh4=l$W0DBZ5L#n_INMlo|=zy8s4!Iv)d?OR=!2g-;8CWn-l{HyZl(bUqD|L0drB7nl zXw_aJ$<--HuB=}_KI76_NF{VC%lx|}uuD|j1&z{~iePO_vG$f~h$1g1bMWZo*m%YH zpQQ=+>^|dh6Q8}2zxl+l{eMcC2EpDvyAhNJy-Nnk5olRhxv%&MYNy(3Ylr*cJq^f(Y^GM^D9!;bNA$DLzl=}0Sa zQj)jLRhg(^SW$Zr50E}?@ZDlQh>`UQs?jz1N^;8w5Fbl+kB?!(voV-M35EWt$hR$B zR7_KhDdM23fsNG%hJo?|YSk6d{uE8q><~HAKK3OISO=#V__%^FwyR@K>ZTJb6V%`Arrg{tX<_KB4}gdp3cs*k4x0 zjNv2Y$(XK-o~u0RgQ3;PXGED0j+T2Netkl4hU-4g~Ow_(wjgM-Rf^^Q4Xp5yGW)mC6$-ntvIlD8D#-3WPL7>^4CB7`^^y zfaanqP&+?6G1}V_5zLtHTD1E4c2xcAxW1+k|?Wr8Aifq75sD@9WFTYH( zIbhOfoAkMpABCololb9iBTjphYaRM214=lU{uAm49sv~nb2zJyc3v9A&1Z4yKrCpg zh~^DVRL?RFoYlJ|e6UC0yGe|mmiW9E z{4Hfy*N*&=8yZaG?0*w6x*6{XL<`W-=i%5}ge zx^)DZl31z_=cSu86!@d{kZR^3MwASlZ+z)>Z*#9<&djeI(v-=hwg943-ym|H-Hx1P#->o&Foez3( zswDs;=XmbdmJ5@0WR_^&zyepR9q7!crjb7a+m2pDvsJ1SEf4=2=#He5OJ=vC1dXT} zsS%xtB17wp!_2dbs)$5x0Q-?ASq=zg3TQsm4kAt!fx43zOeb8oXP!l-rEmunn?R`^ z2EqpIM2yFjhu_7{Fe$w7b-gajBKbeQ8EguPDL_x+kuCk1<(_nlzF_4eLcx>KHoIh|M+#@S2x zC@LQJ!byi4#5^aoAX9v+p@&`?QfX{ASx zK10Q?k@yzf>e*YTdyv#`DGE(j87T=n#Q_)A^+xC_{*?XSuw7aSl^9MUf^+~u-bRJ5 zY@B97Y`8hel9OAO@%{gydXmFD>E>-rA8aR{+Ob5(zPhlbr5!)VTdM}n?$&J6lYbQ? zBGP;%gw>l$a75y9kH_+lPVDTJW=yg$l~;CrUFuN#NcOwzH}nU!Fl$Jx^(dD;#>V+v z7DB|o-7asytQj5yNN0Tfv5}li;mOCbCc4UDCm+W%U*Y&Y-mXbqv}}O=f!i-B$xKe) z>`Rg{RneYW-;WsUF6E|h4*)AWvN=4tU8@6d`IiUGEW`KhV5 z9IeF=G<|x3H9k36`1PQ_TCHe+I)Y>q7!RxWl)BhgT6DOiPKf~shHKYssXYvFYL3|u?#ggPqhhLB&W|mI zn@83AfA+d2a`dFidk=;quRx3mVRKII+fNg&35>j;FH2y}!dKUG6|6rxwA4evJo% zy+f>@d%1&$XKbvb^gVeEjquE@tPfF9Y46{kX1sJM3 zF_dBWMR~eTPaGH6$md~Pqt~E<=pdHVnF7&TgjD77e=2S@qPS1TCoSPV5KFogewbkb zs!)Gl>Sx}9=3L(CI-m`ZEJc=Aoce%34cs}|S6CSD>3I>gc0W9R-PWd*H$UPql{AM* z6w1?e^(*u>ZqydpPsdX@)UWGh_f;~|p}!&o@vHhLGS1OJo=HnfJHfsZ7k7!9nzm^=!wUwh%1#xOYVkayQ`*w`LxDwhyH|`gx$bcJRIdHHtj3yN49i z4ZI!H`1wd)4U3cZz*XjU-4xz9DfJjf^c=8-E-&RH8uD8-lEcTpWMnyf-6y*I zRVEcc^#%zJJCfyf$cpQuL4fRy7X_}JFFq9-ud9w5#Hp1=y*ya1Y7Hc!6BFV(89^QJ zwCdzc)T}}6t!vF_KB{E~0^?{#;D~U+6o2RJoSeki*zYvP=KQ`D6Z2+f6W^@qaP036 zj~$P1pO*WEi;G)mI?C=XGe(IuM=F8y^8Ndd2`H3fYoJyHvOL-Y zdFe_OrSV{Yzo~0>ZZ4FkigYwhc7m`m&B+l~W_$au83`Y7dX7sq1^yA=&w+bu6-emc zjOWPb=jByPOiY~c2E>emwgo1+j3_=fOLo*&lo*xv@$V+$cy*<@i46_06*UC=ozEEI{o^(=;2pWQFbz@X41 z?qu?jqiFF^h=}+42!Zva*k7%EbkQ=iSj?n_kelb^7w1VKdy2eIvyFnGU;cT-$7cK7_ z5t45rG27p>2C5p0u*0eMY4Kh*KAgyaQA?|2C|}wSj{`uX3`aqu%qe{CLgxFrFImP} z`NR}G1lts%9;&OvWjB9e?<(B;6GLo840K`-hIK?wNnJ@nPl1<73VOQElkAVyQ|lto z)A=*!OaIYRsp0+7Y^CuIt#oPqj|F+g;@Km(t5gP2fgo9!#vR3we3YRbS%IZI*qyst zI++NO9R!7-4edv0!|-{`7K`pw1k!JDo^AdP2DbwD;FCi**Yk3xDOySmC$fP5tHtB? z*~01qDcXh{G-G|CwwvA>Rnr?b-4JhiI8jr!B3#~tx#(&m(YFz4bFq5sftYbm#M6It zv=~HJb8IDwK7+Uw9QpDL!3bNm=JlxuKurp;{H{uW+Cz1n zxQr5!Se@?VZF+)dyLEfNFmEqFW>?C&!yxRoB66ng967vVp)7z-X(kOYP%+`jBBsly z0XTRNokhA7Tpq+`ru4nw;lzfvU1$vv^>8Yd4>`sg%o49q!#Lxnt6rfRU-ix+4)fnO zJ9Lpa=t@d|K75^o4MQ)%p(2h9f_7$bK0~`ZAC~c6S|e&%j$fQL_BQu4Js0gl!L!^N zLV8O3Q^(M1xx*y)ELR(01c!Ei$f_}#)+czfs`H@^O%Kon-xt{DFjBwZF+RZdd7ihi zAAkAO1x#@nrRg3!J6_DEE!5}_6E&w=74gW{!rILFEZfWd$w;iKE-T9~qFeMzswPI4t|r&$toA}mKjt`>=ounq#QyoO*jp!%==XDJ9#KSgP)L%Ih>7hXhCLPu}qBd@Tc z+&fra$1rb`Bs?+dJjLdk0QA*Vbv~^JwZE~?nOPxSMW=YJ@nkRg1+goQ2>AZQ&z7j)x zGHcTUfx?Yh9wemY z04F+FT40?F$Ie^VZgAe-3vwK*I?h439oN8QvhaI^L%_3%^qU5Qc2z^_#O>&etKSRl z@xh>JVKmz%3m2mZcB@kDu%5aoyYE#9c$9xXG1?)tqd<&`(YZRk&kylmI>%Wts6-a$ zQ}425Zof*7pol5swP=1dND@U!(6L^uWawHP;Z#oFwj6(k+?&0f8uZ3GaO_mtC2^}7kA$qiBcy)V|?x_;Ql9@c+trb!#aem-PG3T0<*glFboz_2?No| ze!lpy5Pt5IsaDY0R$w*%OxV%fz!JZR(~Y!AQ*-p-{l~(39D~@LU-0H{?Aw$Z21pk5?RS1!m_X;w@BxS*EQfVtp8x#V*q`Yy zHuJ@}x9^4Xqa}-i(2X|_QUv?Ex-Eg6XH2hVaQ7e7!M1W2>JEzFgQwwvv&;{YR}J?) z(nUN=L9|-%!(%PCPnsh41(pQL@Qe+m2SOr=A$I&ES&b$qgO7mKl!~&BB)8XtuxH5b z7yk_=E+rFX7Aroi=0g|!FHaqS#O7aKUO-ADv&auOJ77 z4RsQ-AJc@Y->W)a)7OCV1HyVF+<$etgAfWAg7-qC$ zM&w~){7vsw;E7ZYQMhfpb32hbZP~yiEnQri82_=TDTj3d215HSlvUw zf=p8^@R{$nDqnprVN&X8*>En*_+!PHtve&p6vh_a&K!B?fKk!lU(0648e`7G!= zczzA|C01*7w1|$TLq<@R!-(eTd+fo^*rm=u6U54gF!wXok3)bIeh+-!P!5sfGXgGR z6s_>y;d&md3rMy50z9A-P0xvg+Xd!?;3F zSHCPwy_Z!oFznse7A=mu4{8aB_|9yh>4BS2M4GDl{EiHsRu>tDU{?K@87}#ze56f@ z&n8oniP>0DsV$)(cMS)TD$b`BMcB1!o-}kKd`)8$CqV!POA+9k?3z4TQo`5=IIzYNLlpywSA2Pok4Gm7TMViua7wkS_e-$%9RIT0QbFiBQA*OK&o;&baM};>1GGO-3 z^XMZT-$;!1_s4TEEGrBu(fxlCxc?B2;W1vE!rlNJ-1hEy2GAnk^1(0q zj`J$;d6Fp30kncA(`NK-;$H zcw>Zq>^W!$=$)-IN8j55>6AdDbEy|$J=$%$`+*wfkp`vyvt)0FXBa=iOS1pA7feeFUuBM5f^uH+FIrQ&vp*a0eXH?^d^ADO<<}@3ZqHl z&R5Iv8=civf8Ajy$J{9)A07?jgQp*MKju<%*h}erS$Kcxq5M6x3oFlrwK;6X#^S#S zx+s@{a|Tf|=we01%zrgSJKAAP4;{h%(wT7eMhQApzcV3Z!}v*ea56~1zV3p3eP3XE zU|&za(d#~H&HDRzFwFoo^%!~N`y)-I#vK1Yq`hTWRpHhyEZwDaOQWQ8Hz-mHNOww0 zBP~dWf(X)x3QBi(H%NC#D$R z94gH(h(sNaEy0KTks%#XvJL}G$yKVZF)%nX6fjH7zHAaCW{&+6qSvU#G=R%YC@lUrCE%am zIDp|e(3o_ijSG%&CJ7!AM!Q*3ecKJ%XlM~UZXT1Upn6u9p^;ssI+r>S)=RvQ4aDk+ z9X4d|blJrX9K1tO!9?d;GtlG!DlEc*|vC3vjz zsY*X~kU~0i4PV>Xd(Fcj1u8~&3VeN(K^@mwzux0_sfpyJ2cUcu{1bIM{Kd6Xg#RRD zc6Yu4k^M&=KL+6Lu>x$`1ny1(fB_~*w7Rg1*8!Hg+_4zOqKGFWic*-TrnApKNHbb} z@eQG)9UAOY#J7t0_eTG@jdd_JRKV?Daq0q|Kj0W3Mm5(n`_x_$re z`MPqwtb106Ffg`2?#XKgHR6EF=tpyIc+u`A=KJ~k(-?;vmZC8R-1O}`;jn)I7Hr@y z%z}achG!X^n7L=Nld{`h-A=Z-ck|e&E#ZX+Fkt1k;Kb6zj|a9S(EtQM0TN&kV;bm3 z7xcl2>_%e$^Ys1vVxfA1zriB-GB5;0RA}S^fS+%zDoovau<~0F5&&8=k6keRju{Ug zJ=X&X3qzlV8W6 z@_A~-D@Ldr2Aqiv?t(`uRtRi(4mB>Hzrn?+2=M7$W?Qt*nIDvefT^5=4Jy z^Ze7#0ds+{AB}AQuJn8VO#-93E2INI3c5ShT+8Poz+vcpYn2ApI5#2?q_cU^HwB)4 z`4h1uK~XD+Se{QMT&(jhLFs&OJ>>Z7KLb2RNX%$I;RtGSM?vJr5({ucOS-qBK*nMk z=}&{v=pTB-Wp0h+iD z{(8ZpL!h=Qah^)I%2d0N=OGnLe?lN>FdprKdW(008`)F6mHYB+fHp68NTqQ7@l23V+_NTCFZ`-$@vS;2(f4}pv%GP($GdM(bA>)W zM^Ggp6wDrgVAdkLD(|BW6tqy|-uF*9Xv+CwJ*7D}L;H-!!~h&lBNn9oH#oLXbpf>6 z9sWcC&5F@=m)|yA?fUd@uEz35M{wB(zWxOz*t17f1xT2IxCeGYUi6SQs4K<5H08}p zuV{zd_xikqcW%xep0RPiwlOX_5c+2W)Qg^yq>=Aa`K>As4fHt;JOoJUJHzR4Pjbb# zjaHv)m;6M3b0d(jFZ%oAe+>J$1%HI0Hp&Z%3q$+WMn5F^Zl`{hS3;lk#f4Rfu@Rhn zf(8TF)(8p-*+z2Qy(?i*?U5RU-CgWra3k2_jY|H*aV}>R-h)a{k05z~rv>r=uWEH$ zhMEJgt!bmf_TIUmK2gNE$II*!0}6xNZ5Z$msS`g25ax4JP7_5x` zh!l2QcxXFLAt4i$upkapLj$&A%BfVLf+Z2m4GON}e<}%6E^%sJAQs_~_iJFrxm9Vw zAa(K+Xpf?22s((BOvMDmMlSBrGt!^klY>1THu{}lKG$_=Eky-C+10gm&|2GWYJZb;7jMJ{ zaEc;q6Vf|GRbVoZ0LdBYH;)^{*WoTsOtcWMgB&BE|T3uQ~q5 zdElbH16~wC-7W_9#K2*Rp(jZ7@x`sjb_;UVUB4Jmmp96;qI#?d@YJAG< zs9m*J@v0IfWe@EHgw25U1>tD<*K#D+((*tNbSN6YV(90Qzkpdf>HFYNJ`yayyg3xKS_3ZyGFS5N zpWb>@gV`2*uVquT$>I+qFZod{n(Ps-CVpf$&7RR}}U;{g- zvEkR|`Dq#TaJ-}V`a`79_-{iN?-OvIv1YWEusa6pn*{>@I)?>xsLmj7mY}=+3ULQ`J;ScX2WNTe5Nv zK!>AA(IJxOoYSmLBpL7E+Y)|6I3Yw(+p{^rQ0O^`f}rzKnO=$NK&=XO%m`>q%L4hD z77&fq$?tgl(CoKC5f%pk$sxn>XT(V%?7%h_LgnZ9Tb`-IOwa{8h;e))yKbh?Ndh<0 zqzChO3q<~aj{#&%I_>}+11{iMvV!In22Rb(@G-oUx_Mwe#ZLXY#vx_)+ zMW7zh@;27@M1sp7G>$&g<_#}u6q=SlT%7yCDf-#^yeBK_JI_8NzawEVwPBX{fPX%w zTU{lK_h7$JR9!OQwFSTSY3YN&^JST1>+g3UR&bI}bOK0{5}w^=BJZ-}J~YzgY~~~L zE~@{HWAnP_a23ggY_^dxu-i@|%F6W|iaN?M2E}X`&7@$W17cA7Ztr!|IHhMJ+26iA z!RpI1e@F7Qi!>oNAJ0R8RLnTN9gA%JKji0Qj0+%If~x9SHSY($x4sQXzsY+56Av7+ z!q-QzQ08^xK}tB1()A0=IP_kPcMm+(3m!N@sP3G zn!M}f@&Y+DVnwch2^Vn_p98t-=z`=`pu&G+9|5Q6p1MZNg93{WC+K!2RLP(TQtv)Vdz-DmgMyLCQm$#JI%}?_ zcevDilwb?}jpcu9Dsa3&D8PCSZXDCeM}J-01)B=UZ@p^1og&CLav|i#`sAfm@%%7@ z7zX?-La&gZ;K+XF`9LIVHA_n)1U8_Zp2$YL{Yt%*_}iPkAK z=R{h0@X^1n$sMQ3`Np`p0gbA7@ z$#~h_u`CeiN@<*|W)OLN9fJM#CK0bo?*OJ2{R+p1ys-2OK!6WnVK9I?&fJjvwLf8> zG3!qM(NkMyfqaR{jq3C2NzB%89{zKf`)JhzCh-M39NdkErQR79v*k9xNQp_#4%T2% zQ!=+gtZ_ht-y-@eyNl~;IZ)mO`*J%r18O^J5Es)b={zJl@+s>z@Z~K$mm{GwTaCrqaZL4pmZk|t{#>B+N z#w8?JV)NnbsW_dbEAkOfgG&}AKE93X*8@UAHg?>_DoK##&Syf907g9mX>Q`BIH(Wc zR_2_`W#i*wZD%aLsl!x3#7@p01cev8!z+L3z%PMCrcL_E3KtFb`X}6HcEL z*y}ZJ9~Rh=G&DFuZH~4I^+LC4(Qov$A8nIGBu`^*-r{N;_!q0CPGOrH3EU~WHL&lc zrym2MF|Yg3L2@+6eMn5sF38o*PR0!Sa9%zEr@VQ{dS3RUky-UFBbTD}Gd(;9yzj6o zr~lYf@EadgL#8-NP59SDG@640H3wOxv93LBr#1WeGHGC`c+;9)_3?n7lLqugMkh{b zkB*Hn2?cX~rJwUS;3& ze){f*pypz5i_jz_XLo39><|&zprpzcHsF$D#E<7aWcz(xj^iHax3)s%yWp~f z5cR$6qvf&FI4jPQP~J}#(R;$w4pAHgKz=l_G(g1{RAG?>D3l+0zF*@<*3hu`IcW_l z%uefmdt;0>5F;p$A@OQS;j{x|l^hc_B*97^*j>`xUhvSDw$X(V>R?pP51m-COOx^a z@{xCRBE`o3#UL-%5$52`0wu^E>mB`V()lZAz^sF4*)E>$9Cl^U4>rPVFh6Pv0KEp6 zHDj|cpDX!|B};S~iI=B_hBC&+o{f%--II9g<5NG|QFxQH2uB3X&?7V7jjvMDK74qN z%>(+No-yI0FN*^m4!2X1gn~PAkk}OT>%~ij`h+bW%Pj!=meJTCT=Iz3_V?=Oe6>l@ zgW=OT_rQ0$u!wU|DjgvGf%-aCGmBq+Vwa1T8Yo-m`7^jM)m_BUoe+D^+;n0@2{lB5 z&(~$!2?i}F(jJNmAIamuEK$2;ve-Hp-3VU34-e-5yxdeK>-#K)Z2oi0+G1ZDK zEbIhy11zf2M=PF0O4G4tYxyRlXU}Zt|bI{=&k)Vg|Pj z zQym-R;i~qDJQZn%H0>2L#D>-FF8U`h_}+}r-1!fZ*HuWb%ajuH{5E)@21bcN(;7jp zuklYA$T)yQ`z{`jV0F&i5M}zvE=VJjf9={?K=QL&UC$=1vLsL!B`H< zEZ7o_*#3cmh(hH?K+!{D#jSN}e6D&K_7CnNlsKQOw{z?t@XNG-NO^$>#5bVm@v1*y z&EqPceNqM@k6`Kg8l)*9!Gn^l>bbyfFlMawt}$qnf|;*;+yM2AGUErYC)M}Zxi)vIH#KARsvhknHn%;P*`}vQ0gA2k9AR~l3jSLX`Cw?< z8cJf;=g-WYUpgy3*QfbGj`%(kiMhe+1vi2{uldjLI&oe zJ&o6(9R}QRw78jKCOR*{F9r2FlE&k$D*3KQp}S~7sxaUvOzU8Dt@&-4ZVtbN3yDqz zu^AV%bVk9s88sGhZ^7H!-ya>T>!1kzvG+XFxvv%tRy;YuJm|DQ(Xzey&Ws(v(!uXz z`Mv^tyYx|$c`u{c0{|UtQ#=iQum4o*94(VED$@uOaP||jhTuB7>6imQRN6$81 zT5Ov!CS7S`VhcPVa}Az^P0Pn03~NNWzU7{F(Dn<*z|{K^xMb3xMC-QHIB18$paon% z)tT^18zH16LKVar=6s#|S7gU;!9L#VyM?>kIqpYWCC^Arl6XY4$L?jsRcoRl#XJ>9 zoRztt?FRANQ}hxRbh^C8;|1K_=`%5{Y{gY)hp)QCB*UPV=6ReJDH5iR-!I`7N&}O1 zigAy2j_yqpW2DOd$GOzeS>j8Gl9DYP=W+>ERa#b+V{Ve#K_3{gqG?9!u!74*0JdLYJ;D$5^Q?C_QNdhraN@D;5r%?l(z?R=#LZgaK}G*g&}wfU z_lCjc-mDFa4p`gOsw4g)PmqNL6Yp9YlScz_v8_gB>meK~2Ft!^uwS}i-pD=4&>6D# z!}5B$f$*UODv0mzOKv^=q7WM5i(kN4PD!Z@2aZ_WPz80>9s>s?S_LRbpRv7)*f^OD z{iJUG9G}AmE`J}>(<}0`o9-G(&%=_mpXd%LS^31rS$^h-ucVqeEP5Vkxw|KLXno>Y z5g|$(GXL7eiVL1lz-y8jAi^_J&1e5}5fTs%6;%+vSiO4T_HP@7p(XrVslGNO_7{uc zNsFi)oudxzF(T0Fj`S!T!XUE4cn;Hg0bGrlzJ7LR`PXK@|_IBr>D}nT6VI)jS?`#9#q}?yqHM zns`VtlGJA3)Ht|!;?jOIFfcq!5##|&$LL%7NUT!vn^^+jA2H(Yh!A6xr@coq?=eP; zmw)}%-)Qv_N^cC4AtF$Hk|t`hM?_WqTrvLUe0NwHUG!gVxKktDX2m7H9VVco)aA(1 z`@L~=GW1xRPCE{1{hN5Jr^c{OLIzn&uZv6e1lzv@{Ifp>2(vLLvKCOr`L9>JFffCT zA5jT=Tt2d@>ApA?9CB5V$qP!gADy#Nre=nEH0egJU>shN=V4@C=UJ0moE=v86q!giF~C&V>DRZb&6E)jnm#tWwbge zli;z^jB8{x1J;0`XVW&iqzY=!@G$`Cb+=OyKL&PT_>$8Y151^fi4Nb103=F=8}sV# zP+eF9T3a73gxEZ_sTp$%lWWc6KY9;+7Hl1iUn(dm)Kx}_>I3`5|NQk4E4AIotoL`K zXanzeGH$k-*d)Wdva_FDm7?~DmlMf<=0aPN#P=|OW$?n}$6>gx>Li3d?IAW?e?V78 zzu+OX8s+T4QyWGgnq-C zPR>|G7M$9I7PI+(x)UPoyOTlu$f75PDV-Irjpyf^H@JvMNQ;NR#vL3S2A>_~2E&d& zMq&X>ZhM#}T9-T7+p7?in3RyvDee@M$k^gnD330UdqPSaC?nM0so`i^Cfy=0^JcF3 z9c&lN$n6C|WmdK=Xg5wHHDYBySBQ}*QRuo2D~sZ zFo4zzx>$jgf-(N9XmBf>_z!9P+2JHKYgO^gQz_ZvFj~GR1MP3^F=jGUgS3Ctp`--5 zs86@XJ%sU?(kcA6o9-r59QqbNz%$=k)g^rXH0!(4O73fTZ9;yBE$n>GUfrIbxlyo3 z`cFJzGN}lOXlyl0(!bZ%GyG6_=7EIz6o__@agFHWpm08oC0YJNMDErd$o)x$x?sGoeSLfr?+Oz_#8?=$s?R*Car;ZRsu!m+S;|)E~CXI#(#A>O%wQm zk13p+0h4PyO4NF&90Xxyto>*I_tC*Fb}$Hl(XxzQ!GEv$rJ{AJ?5o!Ac#=?Bv87t2 z2zYCY{6b2~!8Lqye*g)3S37ef_4v+ro+yy7vfzWTv>a?T~W7L1I1vfK!T8@d#SO3yA;9{_qBZ<4=Co@Nn}1MTY0kJv3oR zi1*P~JIs^G5{wD(vqd{2u^H9Pme9qxF5>%(}R^N)iSo z{+b=+>QvtjQuy2i#uLA;^QKhG(^hW~`e^kz)oyRTRvL-LjfT^ z@lmT$4%3}<_umB*8{Kg^m0(lRMGh*`Kq{?}<63v5Zk0_e9i47odv?`+M>N&YHy3Ms zCKcTM)&3{@>)ADKzvd8>(}bJ8D3ZNp)2o(_J6>wT0Q1gtwPeHIF~8xIk|hx|NEi2) zj?0S-n6LN7z}unp=!v1nP*6~K#~$vzHQx~JwmsL<&&KDt+?f%%S`h(?uugr&&e5#Ua!)*wnS8u|K!7*Cu*=%Gl<#$< za++wy^H_$5Z)sl3dq5uy27K;zP(?0F34fe^&!!iYH(hRYR{ESt^^5aIQTkSk^Rc{X zweE)&AFwBj&7{7@(7y%Sl%?YeHUeIo7#bSBvtnUoHL}aE7WFvVB)Pb_Ff=n`?cge| z`!e0V=OP6hj9mnRPDT>ImE(OcjB>zpn#Fg&_({u4QO`i8L9OwO``c4#KC7#jJVdC)k?g4>#P^dh}pV zpZWumySLy66u(i`Ta6v;aGLe!wWXc5v2a-T3H(7|I0f^9rN9h^GMK_a;(YKF2wxpJ zFRyk7Qauu~$zs%Saokc_HRQS;nEAcD*v1C$pYbf$)#q)^iTL6ib5WJ zNA#3yq}J*3L1$tU%_(VX;^^(cR;+jP0g{EgJL;NG0MGQZQei;a%fuIbW~$^jRF889n!)*JSa^M5zbY-o#|r ztzSg!1~hbZh+t`G{Ng%Ir=CVddOCFksR;6G3y z=|9mdZT7)5z{w0!T5Pp%YG@)ao#Q#c+gn;6QC7Y@yqBAo_qMMc*==i124F2+Avakt zI9RQ@a5TlB=6Ky7EN(VgXoPdfH!v{csI9Bxber?qoGGFp;WCdnie2h_>s#bB&W1_x zfEWxF2|eRJy}A_gDbP_Ki{r6=7Wn%0QdewNalyy!SOz8OtBb_*%LTBinOMvRURao+ zsa^IGWiEn*i;z(%HNto>OWFQnDEqC~WqTx9!UGr5R54#Rs*$@s$6db`{Lt>S?=O;v z3VI&w8}HSl zuP5W@pQ0a()IJU~oIuf@F!V2Jk3U|}2ao1#Rl2Eyb zGFEA3gsb@QUNJXwOqbeWX^i(jNLM=vNgpgM+}`ay56HQHSc?kB^8W0 zq`9w=r_YMeQDHm#(UoFJw?MrHo3yGjT{iOPy^e4{&ljm)7bkdIv(=f8ezc$bt`K}M z=+zOGqFHAiiFvU-!nq5#Z^f64LZ|7+rxG;$g7U%xon&8_c$Vx@GMUKBqgJp?p2M;A zp<2G~qb-KjUJ@>g#lZ}z_3;9BT~b~(%6wGr=3E5b|Wn(`KJyEB6mTZkd{r7tNLpEC*kK{i8ivZs?;7r~MXrIwrvaNUQc;B|<^LaHO!u1uiDBLCpa`u01m9hZxcKDg+p(fx z^-lfWhbn!Ewf=kU0U8r-tFFnv9i0m$X3>#;%qR~FvFOy3C-K_0NBy3D!>sy+Kj-}D zcM>L?@A(ny-fCZX^J@$_fp$PLfc^4q!&%C2SUp|eG3${sFo?BGBOoBW*q#%?zo+&v z=x3OrViB{XYTLD#?-hA{eLX4~noNno8`woq(wIyz7wB&#j$j4yFeVK>`+iGs6SiO>3!ZmbC3ZoUDfoA*BN6Q3w@fj68cvSqrN z7~Di==ru|yLbOaw{PM)PX=zkmUfxFLRtyO0GJ{sFzX1yPuI4T`6Bs=~PEKxmO5@=6 zdrIuZ#-5qGLL!qdLw{Vz+8)rw#UDSy4@kaeR%T{$tJxUWl2&s!?<}^cWV!w(?vs9F z-|D1!QKz*}=ulYEk*me^!)x9FWfl*@D<(}IJ8J@69x8{I9tZ1BBGNeUyw48WsUk^b zJoa5(wu8Vibq*YsJ|FH*%Moe_6L;d&0Eucs9_umjW4qaRhpmi*y1h8YskjYtOrl9` zwdTe#^8Ij2Yw_#`5&%l6RuQFZ}a9T4y-V&LpeNGFUO`KUPPq6pZ zg;xLh(b3Vp1}^Xf<)=bDlzXSy^=kun^y`h0WFtwLeFt!z3iI;virIG0$40HkaY=8} zM2DZ8znSRj%fmp&X9>9*fYRoPeMcyYl1uiCO1RKKG&=yGQwK`!)FN}`Q4k$fotX09C|8NP={waUId!dulx>nPLpj-z}}a$=V)-AgMMV7M@md zD1as2w3#jDDvb^hZIfJNstm!Rzw}rgpWN$L8qHC`Z6mi?no*7w+MHU6^w?iB5x>5&9BdRA`<8Fe z;E#5PQ4;ZaQc}_nKxJh=$rO~uq+$zbZE0>UbQq$!I2_j}iTc2%CuqiWSX<@v&i?~| zu2LFqZY&96II3BS9X;{vPpZ|J71BhpXqaA}?h#DXo1lFE^oSOrNruC6fKp_za+j*u z8)&X$Tz4@Aqf+ua7Zenf9`XIJs#&cQ!3pphZE!RS&Oh1}Pn>>}n!U+JrAXm_ep|Ys z#Iy?@&x@_OQ0Ame^}~bim*sZTK`y_>Ox6eQCUAElK(QFy3Jtl}h%xm9h@@E@T1NwC< z^F*w=)Ey0Wb!Sh`_}vGoM{+bY#&~?2BsZrkl#v_5c60!x5J4tHNdNf#n~u4eLO zjp2pmW&G`mL`$dGFMT`b_6-?2e8=uo9Tc$!kSC3XTWd;Nqgj&}J^q|P)r!DhZaWLF zsyfVMKLu=tNlb^S0-Z^O~jZXwP1HG>!3IG|}&(aTD!t zEww!^^cZGXLEx0GY1>A4jZP34KQ8}CDTR~;PC6EO|qHeZQ%SrSy>(N(9Njch7g*1Z~eMuFX)uu(-9WN{{i57&j zAu7#M3Bdlu60WFYjkEn{xIpls#(HpfJVzyAZAH9JrKoAmqfaJ2& z=SzK`cRVin+jMIrV2A;XN}GUuuU)@VXK%3a&Zi9VVhqc(Gv{KrH&{2XTY_LFkr5fG zlzr!DSR;3a?239yc#vSv~MB?E{S1P2y^6DXjyUx=vh=|xZxRIrt)@}HmkTtQ# zZ>Tc~b=q#c9-%w#J_a5!>nnblH-`yDKL)eh*!hKmgEPVncb?Ke{^-2%{ek8I6ml#x ztD4?&c}ul&?^R`9Zmub+#jmkEQ-`Vv1H=H&JY8mlDw)PIR9UeXONfwrVk(=EF04R3 zw3(^ooT{+Kcro0bEa3FwV1koHs}>aqP1u-7d84|_$@;r4%50U4SHku74Oi}a%V@3E zNEn2H4Gm)LQDni>72Ae=Kh+<2>Dq)Dj*?H7m@IeVF{z~cVgAssr4tS;^*VK2AF8Xt ze3ruT;jv*SF$Z+L@b&&DFik ze3qB^fZV5dqR9RHh{E;v4BVYNv6igH=-fD{n9`ZDkt2?g%!3!rZQ;bi?x=#U>wef2 zQ$4P^+I51$7v7zQBl&tdK?~u2<9#~ijV9lvFZO!a9UD#%6T>e9H$V`zb9mSmM76lN zG=sm^_mjuE5I_!vG+qLkaKgC7Gnxh6z>fTLr@T_UYxZ0rx2-^p0{y!(Vego9vvGaS z^P+^QGN)5TJQ)Ut9>=puAs$XoPLgZ|e}+4XFnEVSrPd!HrfkQE>SSWLBKe85-qmu#kk7N869@ZU8rWJSaGR|a@6;dfN+Cl=d`53tIofK z3vdvb6k@wI5f#UFxmq=ZEkW24eTh6+JF%&HVTyi$rN#Mgmi9K|&W1Jh7-eOI-*!{y zn|@4Nt9a?^(&x7|n4)iBXC@JDM(NVougrL=Pcm6A%?#t-;>7Wu-3hn_>Ch7H2_-rF z_8qY`obfZI&Ss#&wLpW>VH)fj6?em0MgVH8FE#*vir@wZfShXukQHoe?PD^g z!)zDQn^4iP+iN|XOl;~OXNs8;XVHvk<5}u|Q+w2#D4>cQ6RsH8&3l%~2?kM`R=Ox8 zp&qgQSPtC%(SFZO!21kSHiA4fLn>(Dc-}YsXmA2vgP>{b4-i}g_?%eSlnEJ&JOqsL zXYTR5JmZ-vwG9r!BJF(hqzJ@@8hHnjslp!1)->*=^-c&R`SlJ>UMsuP<@OyPWx_dq z=Y;tM3B!w`X_)jQ!fB+{H;Gl#t3LLHHNR)k3j=fHjei6kcD`rTDRlv=nu@C-lkO4M z9cSh}4`09dbJY3)ok8FP*ouM-ivCVO=s-SiHTunXIRvlUHT2jdt3SmoBqu&A%S)u* zf7RH)XywO`09&03rXIBs`u-~3Je~Un4L+C1X9vH-Crivfs(pR>K)2qaV2ZRY<;At_gVLGNLg9gMb!yA-{oxxEdOW&IJuUm+=D|Z z2(!CNL)kOnIn0zIc>Yb47rn06789Pr~mZzxxCg@pYi_I2zT; z#ZZ+GiD_SBurYDlLP@M3b9&^jVLTz9pVes>*7S0s>H3VysJvnD_#C8g`f0q08Rl{> z;^H$U^)IjKCvTsVf7q3aqX7x&rzqO(4B&f%?g53(h+;X15HhtZlyVMIpgoPU3%^A0>M#A6$Rs)%mA#P&zOkUd=lptFVBy6j^-l4(ycCz z-$0}r0c_Oz{U)Pj=jgXisokjjXA+uHRYYG|%vi$3bVlXW!0kL8_mhRY`Fage4?aIO z`8mS8rzw+ux??2u1h9o>9w5$LA1aB*q`3TDkyaqL<+f~Szq=1SM}}F>7;uC_i9FV% ztm-!YIYeywtqV<399GMyBe_~IoE1ipI#F%LRczk(?Wulz{uT!hk2-SPefT~;`zgAB z8Uh{Q2BCP{>|w6^<@e8zaqsTX6kf&~_&nLV-`^D;&$bBA!uL%;!ktj!2O^vwGarXC z59$WyjeXVAshV#J2OO zg-E_lRXH)1+78Q-B;J?oka4d>?X&U0(;P3lu*h^bxp(iaSjw ziy;`xsQf-4;Tmi(FyI#w>fx>RJXQ)CyT>cD?p0y8WjRz^wdb;%%I|%~tzYL8>3b!> zGEaM_Jv!ECeda(827(FJn$`!jOg^A^9&Vz=j)+lxieWa9g%UU)x$VB=FYW8%IZ$fJ zdztgvj_LY{h7CL_`pVT1b_t3RgCY_hm=z1_UqtP$9$LG<%x?rsj5w{2$p4a_uIV3> z+%l8KTbuHK}Ku4 zN!_QJs&x+vm!vqk+xi@tadZ62^OeJ8Lpb(B{8uq~*1DklJM}3Deg#iAwMt%~)xNw& zvc?V!{vfp68PTpDPGi=M-~PIB4uDu~fQXfUE$71Uw-PF-U%J!MD7&7~xK=O^GJUx= z9t=ID>&+ZaBIGi>0`)*oqYLnlp%S_Ok?L$zfeJpeX?uMB<8N8f5QBrd*hlY6_Dx^w zqfb82vHI%z><$&2?W{P-y!gKH5pT8z=P3{?SDI{(k#){WpG!dy;?O9k3a^h$sw0c7 zb(s*oo@kztB$2PSpZ8(WFGdt_G?g2@rw)P}{oWKlsw&4x841JEFuHYNaoQ3$!bDl3bWXW9gAWXQMiR-E|0PKAAsPjFx$M58jP z72-x+cp_T#C&wM$FF!#}3@@~e?uw128x$7J2doU9ra`@~fY;dpn(cI%T+v6FxV6{o zEk!0BoOT!Py$PHYN@m^J5!+{2WD6S`ud#lO(|R7+gkp1RjKuNT>n9{-MLM$aJfA@v z{q{QeSaz=7>y!q;`~I`s5P%S5YobwQsW=>P0S6xyNj4@YAh)zH(CQrnQ?ME*%81Jg zu67TVyEK%-ch4GJ`+i!!m7Z`bnDZX2P^RLx!lw+P&`I}LK2_hO5*VBr*yhxoof)jr zQ2wNtM5y{j>2Wb&m8d3H`YFIdx7OgwgNH0$xk8DU}fCn*9fMZmLD+8)T6 znD)HKdiLxajyj$#vwkiAjIN%EaA;eL5rECe+j>GKGjhFEWPG--*1}c_D=L&zaZJY& zSs*X=IwkIBC@}Gdrs)$3z>BdXzLJzII_z{2_BS|8y`PcxlGEJ=mPV%_ zM7^D{n&q{-AV765ucf8+3oM%|;6GT%vB}Rs8HOk7>zu1YI`*Mbbg0VTH~>>$TxUFs zHt55B6`6DasXnYLd=nJlPACXK?tp@Vn71b#QNRAUV+tYOENw50W8X^VEe%pjFP7Dt zNfPw+Y=AQb1vzY>svlGm$^tjc{Viki(a0zwk<-?U2POqCCaqkAc%C*7r{jp_OyvuN>2f=XpCey0S&zr^ zba3w`>eV>=qav%@{GN96Q{+wJN9Y3qLU{hxEQf=*FEH926RwINKypyW)4wO#EtBx` z=(i9=ALSYxGeXJJ?}T`2sq~MZ0h}sTpPB$<*_f>v8enbaUQQ$IJ+>*p@37#fkDT~8 zHgDRr@N$GX_DQ{$$Ac2M9o& zR|tHW<*u>KbUB57YN~?+Do%40D_A~yaqlRa+>%ZIPTF}#6onL@o7<@hz-{HUChZYJ z*lN!E`6nVPf9RxcPBb*`2Jds;>f`lL!oH-I*}9x5r-{&5Mo#ly%{T!S{9@zRjJ!58 zAyOzfOuq3`MNW)_ESgL$!?w1zakg%DgSc(sLdL~%z56N(7Q4W4z5t}|=B2fAgn^3J z$HmKIVCeGI?A@tZ^m09VIi)rAr zfkRqi29=w_8I@#!5%oH|9b#6~0;;yNlri|$ic2&6nxJ+q!{GN6|BF)*R|Iid4qE%{ zKkRo4=_8S0cGXrYNn*YK)4+sq4ktV-%4ze&Da1T0f?$^~&Rs!e*Nt$?JxN3$)2s2k zWsl%~;fo&(EV>+2Alh#O(67jJ<7osX4?2&PT6B3`814=r#c05`F2^*Gek-+_MXqvM z3*#CD9SPf(W3@<*tG%K0;Y4kgF(dw~AJaZIhKs5)`7f;zh}kP`a}kTptEIx zP59EG5{1x5?{n9^!&XE9rs`>Hl=c!>0`#s$omI5lmVNF^)&%2F1qqf}-#3UlH`ANHak*af30h$Z=XqF%>Dt|z;rh8R67Ng^h%zZ7%xwuxpUuUY~36j5w6_%mG z9(#s>5a>P%dtpEMjc4;WNFL|zjE@)0-vaSxZyFy?R8-rtwf$VJM8%fK8&(}&;I_I{ zzbu^W-Z`-zurs6fQc-!6dmnf^&61bu5oD>dD7nGT*YyFnv`K+z{zQAkQ z&)3KCh0D$aE`nUjVx2W33+riPnCUsLYKifjI0<$;NK=HifbdI^PIOzl;(0iTV-omZ zyz=S{H1-4~4%N;sa!|_LdrEEP7bjAp9A86Nz()-3Q2LJSOfm)c$q& z%OaGi{@$aC9GSxvJX`B=2Lw(MYyByM`L;SMwfxTO9JZmpXaE>mx<8!D+U)WUZ6C+@HI*&3;nSbG3hc`aua4froH5w zLNL@r=P&N?kk~bCuL&ysf9{p-d^^1uR&OIqy)*Co21l>@TG;E#^4gQxw5Qj)R+i&n z^J5e$#CF&it)j#0q4D_cE+GLENcp?-6OS@Rd=Qq4>4;j=?qUlHfWB%gq}gn|+@Q!B z;~9JM~gV8gh}p}2aB|FJ9{hl zmy65dj=AF4^t6dc)TRy^hO;=WMl4snRiLjN4oBGu!8Szq7CfmVuIQcjhGz<)< zWFa@oxf-{gTNZdh%*_fi;$=BHL|*4dSl%x|f7w#o-DbIK5Cp{ed__b-@f7yC&78^=1G2fj0#_mlr9&& z6+@HJG#%DB3Th~N906(b3WJDk0X)xatxROFWcC|oE1_7Ls5kP})f$zvlbhUU`G&^r zU6bBa5ftX9pWfV^47)W1j81stF(IqYU0|Bl=L@K$aX0z_7h!+xvyormzuLU*dwotN zy}-(@sMgNQYeFMe?qq@3FF zbSj3*ZOK5D!IP=@`x=BUzSk5W@{BbQ)vdJTtoOORCuP%ym7AKXKT+;2G*$W>E9-&T z8&D=pF62W_#%m)DoCv4SjHY6pj8;A}qC0{a|Gl*)2NaVO6r9cZtlO_BPV>sGz>W$S_zBsrOSr>DuB*81XCwq}Y%+S&1> z`L<<`)3Hx$+-i;rds4_KDPuogO5?3HZoB;IVpptj`~7WZZMMd3Zz6_X-mv>!7hqtQ z+&+KlOYC9i2DC0i18#%IzWHg}5n%Jbfuo;)`|{`~t1r$AC#Tn_YF()!Nizi{Ib`U| z1JPR|)wFK;y6#sO0@zfdG(oNwI)7^cj_)*3g`yOI7Pd^_pqR8jp#qc-Ul5n$u)8D! zz}FopwbZbNN%;UDWc#GbzNx>ZmBS`^SMSq;?12q$;xfx-Jgj0Sl^#3us6P4e|Gr>>^0oO|iT|$&L|! zq^1(5InTTfkaGj~&XIA|amF=U6)8Acb-Fku43%Hw#P<}5e5q9&?-Jwixp)YP!R^JU zMZhoqH%VPtHM_~n|CGA=!AD+$$(L*B)QXY?`K0pSnA}&daCtt5xrWWc4q{yc1Ey8- z*DFHn=zgnd?24aKxyGot)@vH>Yk8g8~NrS9M+ zRPP6Gdj-ILxl+_i@eGPyPbM`cxY4&jQ+_0Zm>mv>uZWrPtc%jxh;MRPS?zmVARXge zaj_iFi9cMq_aIjP@P}_EN0<5pK)f4nioa=dLAV9Ded-2X%I75uW!Ox&(oG2qoZq2) zqHq0trsh}T=91$bA0OYGGu5b22eOzv)86LKOJ7u)e_wjS-db=WXS2u{6|YhK za`iU1@Vjf(x4{>%RVigIikMQO|9?};zpu9>1UyI}{Vyu&J{!p;3ja|S51Xju+53wz z(ck%8uu}=a^ zxF}|-piHbr$R-EbRdc@Y&H`Q*$xt|Vg%Y^qaG^tU!Z*H83_hQe<6dFS9cU;VMYzZZo4b>BQBfMwEB9M zp-`)S9}^>%387E900ef3;P^~?B120QXN1EW7mJ40j~lzpud+=Vy^oLHUX!QT$KAgs zAN6az<;UuEeX?5K?Ui0aD0!66cS329=em7~`hCuTTm;*7fZEtqx!QfBe^e-QagoTgP-0JVrLp}$OXYn`eq>0}P_h^!a-*Q;IxbOYK zV{i*;#jvxPgk>qA7ekMx5g#7a>Mp$h+4S~`ugHU~YL}o$gb(=g=wp_<^WIEL)Qrb{ zY`m?g-ODzQ$w^k-Y}(a;2#F8}-6wX}q4V0U>R>7F{xqb0l3zY6;<0&#=D3E99c2|u z?)8N8(CgXrVHg$;W7!BT1W{^zPWny(tCe{EDgG;9(2wHk&XO#lMFbS`@e zBHk1W6Z@&%nHEZ4Uf08Z>FVJ* zQ681AB&*1l^ZqY{4GJDbDPYr0b!}AteLsM`^2}@Q-c_-M6hQu>7N_REe69Ys=*dDE_UjW^0D3N0}D#(J0bh8ik;)e z?FlX3>rj6;4Di`J@;t(vD=EoOln>mzcJ=B-q@UW5{sz$auRPUB_U}zhR*YFEAQ#9h zXwJCso57~GqeHREc^ykqQgUPD7C(RQHRY0P30R0c7JQ>yEJSnP(zzHpH2kbjjt{J; zgr46M8Gqqlt>Hd*W8Iqa=E*b^Ic?=y?lyPgynbI{csED6ej^0r4!;88?+WY!<38~- zDC&lQ0wE1eELANBH&%zZ2PPQm&`(E4s65$_>c^l+nl6{{i3Sj}tq=)i?^)dQI#ppo zrHQ`+|7Dzv$qncKQ+9ew68arc(wpWur`w~SUDGwAqZeul`4j)FB(ZgEQvzONwU43V zlX z40N`NAkcQ(nkU_u{*_YIz5pc%iPzbStf!P#puAd#TR5CUopI=(@<+9Df38mBhctzE z02WTSMG&6Tx|D1;_sFEb#3E}hsEo^Hu1%}zWQ~4*V-_H-49QGS&oDhug7vWv*@Nuo z^SzH)GtH4twHw_bM^yE(4aGuH8iDyCs`-idxAD8u`IpTpX6DmJKW+B`^6s8<>BI>9Tau1F`R8k` zC$ao8KYSqLfoz)Uq3OHWc=*jB!84dlJj$DR|4L4-Sa@m|LUjedjPoRjaJS2 zI*x?DVfPe{zu@P zZ}H{p!;TCU8#Uvu2R9ryz7`lEcUA>A0@XFX-b`9a%&h47K4>?q+n!LXm}+Z?=-vU$ zZ>Bj;Ie1ydRUB&p2Io&_;asXq{`a|b#0k~*^tP)}Ff^=G9at z7`(L_rPE#Zw)<6zTh0;2a6S9E^YGMc-#&MP$~h#rnVzWX)?7<>>oyV);wNZ$86 zK6D|X79#3SdngTFj~TQ^sYQK-1NtVgd=KKLPm{_pe}_pw5or(OUtYK-#~MZ{X>QOE zS`VVM=ch_)Yio(vE3GH>vwUV5t1Ncn$_4FaiMlkN-8szR3bp9XxK`n~@QK4~I=z!8 zx*FJ~wT)-j>&v7y?y??i7|I*&eIyuM>8&L8|BEJNRwX0MKal#mKh`Fd#!SwfqOo>k?zr#lT#LljO0uz05pNyqx+gKCb zkSZUgw;9RFw)!+bVWhz2arkboK1u{6gs;7XNyOMyU9U?`fYSH`kdTRD+X!>FzAW{b zT7~D$;b#bE+aDhv_ulFoNq>)D`cePm z?x_m>sY_41m}zr1w~Vs}l$QysP7co{cxk;QH%94(BJP~y%Xu={XW)dJ^<=&NKTfzP z0)5e+zZ8oYng1dyThf=8YESYGK69@e5XOZQj{Idk-fJV&Zmcc+1B_iuhdeA;ZivhtUPH==UPkG_rr2NQK-FNb)ww9vHUwq& z=0KZTj7ALsTQWr@7rzy6E+jCp9kunmk^OU%!A!^{Tn z!&~nBAz142a2eYWV~AcDzgtul)_v$wuYYePzw`@0;l!j$#J=TmaK0&mos#)s46APq zy@>PcNhX=5jyynge<|`hV52CxwXtYuXowhYT?AQoBUG4%YvmwajTUkU+_<{XUCK=_ z=I(c9sxcW6sF;s*w-64OScLI+z?x9q$vb?e7Rr$%Vg`$8nUTgI2Z9C@HxSLXgx1^~?|57LWtSlvraoLW` z&rGI&f7-BvauP83rhZ1eM9L-|2|OplRsKv>X&N=L7w-d>0-Wbd2}~%7u~q$C8@E=3 z?B_|oJc$276iG=B5VK@&#?$A~@dFrQDuR>t#MD{>f3l-kkmzpAp#Bir9(Sp#3DU{L zS7%qa!YDPG!>@OKGGxDaU72dC!9U<_5DHZDqHfzNeKY`_5Co!!a}zntnkK&Se*Dar;iR=iZ^yw zeVhRj?#tB)>v_>7;g=lbP(IKDnptA<&1dDxId-uER?Pj@AZ$j88C%rFn;jxxc=f>S zNLeeAP;f+tAO#6I*V(t0``~^z+?m0*k%b?ES@o4#qzovG;uk81_zi!A!?s zFS*vpNJp0X<8lqi^7!Xz{Y+xjjDw0trW(TxJKP{%Ix3#B8?JxiKJDXUGL}URcAlW! zRdHQJ@CaBiSd+Q?PvFJ?Pun3=e>3A%ZNHyEA!dq4F}46$A##p?^;Be{+yY!-%DDd0h|v@6URV5x$Py ztzrU|f&9B6hOW<5KFSB##vy;OhPR5R0p90obh(jiOcF*&Ku`ze^fcwnPt-PIlLg(C zNV?9{&puOC=tzdPjVzEy9Xr(%v*hmIe{FhgS*hk8*QbA7B^Nj+JigSE=gr(EX{1&#}LTQOJw0s&T^JK%~UanDitWP8op#f70(#QSyA#@cMJUFEezLp z$n;FXm2tPk{MOp0TksVryp)yITG`v0ev=l11y4hR2%Z%d6x<1#MNR(hy3wFm1zIG% z<3n7v;x0lLXs(oJUj(>|t=^e-4BoF-0V?drKzsUH8OpnD@1=;YZt? z%g`YMQXla`XFKAId0_Bzt0|uws!(%we1&oO#Z2wb-b;az8kt1$U)1A2N2dcOZN#95 zU*}i<8<&$H#{Kb7uu=iTR{Nw~(Qf&?zVfKV*HM+iKWM|nds(Nfl87j$MWP3I-!vks z(+&lgbn-tPlAvj=Q%__Obeu_czdt;wM|{H@%T*Pv^swlp5( z{qwbZJg33xRd%$O&5>(}`rTwvAE1Agnv3w0#09OyzPr)o`qoAJs}};3_()G#Smj=_ z9jzNw$5SMx7JA_SFi0Z*^)R%MlOsu25cFL@wI2sJ#%iqS3@AFA^`&)()~8tVc5_8H ziXX-b7=WFYXI=nYX+%;7PK-N|ELbSSkqc<`*R9;A z=v!cK3IMh9J_gK39YyMP_9o->+0Tl@a~&3Ys6&6!-AwX2F&Wngv@XFr7uN|lWrPQ` zEgaZWKPhhRi2ytqEpA1R(4wFpmv^$W+oWnaIasaDcWF@p6UfD%baXe(`dUq-P$1HJ zy&~$`?D=}9Cs&milwMCFEA^&is5``**Dim4u)eAHJM55N4>~Kvw=ys^#D4WCPWDxNH2Js{53A6L1KN0+e*7ZT6=>pr^i@R6s;_+eP#I6wc@7rvBwl>+n5JJeT zKc^lTA6npS1`Cbr!3OgVr~wlNr=LO|hh_OZ_QI^J1iLGvggOW2!=b-_1{rkyII}ST zqND>1=96r@_J)sE?U4#gL+MAx4v{b|dJZtbyu|U#dey6lpn9=Cdj(DVXP#Xe-_smC>7_*EAv7+<%_o zHe-usk@e}oyUuS_6Kgz3siIbs_BIP znp0jG))=x}XCeGQGyrwph_I~Aw!pjT1460PGP7|w{M+Qdv{FJI45pn29Y z3RI?Ijb^zCe$r!OL^`26`Ep;$Q+uv-T&ddC0jf*B`&cOBwwPC5C!!fdd^&l$R~(l{ z-i(e_>b`jKHA`F!(1Ex)RBV{X!EVZfg)UZ&k}RTN8UfELB3(+!CH8cq$E; zU9uA|WO2!Iyn?g7=Ps+(!FjryPHpDltV)c}grybB2^1)=EZ(#LYvn;CmwGUua?N!@ z;0o+4dO-#mlCw`hR!xlxG~R6W%b*-b2Pf|`LTQJS|8rv^E)gohQ7Zhe@BFXt%9>;oy=zhXuf=#de?!0 zfgi#hhx7Rch|}HZK_atMm%-3o0_PI*!L_D#g=1Bb>DCrIT;;S!oWzieZYG2JBNR$L zy`8w*Ynu7Az|Q*;7=%%oc%pYK2BToMR8P7R-K(<{-`{zKO|*V2+&k!yH0%elgShJ! zYlA{G)wPZ)os-j`l+Wbp&^#0-=ug7%8Uh3@ZtyeGRC@x|n5$O2`YEf4Ed^Jompx@) zP8}Qf{e2`4;k29nUwKF#$wM=F`JMmCLteO53YgzJVcfl?S?aXq7JI4p9)=m&3n+fM z$uAw*`jKCYzacj|m?Lh&j zg%8PB(4dJCvkd1*VcjRSXQ@beqqr#->PX^MRQ!`=-f}DYW*IbTNPW`9Ax+}&FTuy& z!9hy0JQIS9t*nUGSGFgLhh32hfN2|Fd7fyRBWTMX``ZUoR>x_HO~54d_5;bI|8)3I z6#EzwB{mT=P2_u~Al-y(HD#F|~YmYA(&P*UQ3=_oATn zxhwp95idseyjUW?*{$=mBCjK~6WEeRI-fExW@zM!E%s&xNn+zSxSoCG@2`(&P{1yT zP)MF02ds_H!O;kAD2d?4Mn1i<~-RYyrr6t;_1Gy|zjpqS#|DFT-I20^TE&QIKh=1C*VUtZm zMrOh_)&esHz6}k@_?PHZI4hNZA-ggg63h20C55RWjE0bmjBF58VsjI9KG^puOxpNO zs>EF#^ks84?e(b!2+7?kwXWZ9{M8;4_IN^elU~j;hzGu`foD<18N%tW~ z#Pk>rVz_{B^k=N9PM~+6 zm3+Qmtlt#-0W3o|IL!a}ed8$y?3yWS#OVV&vnrUDs7-S=4I1zkYb2C$N8cnc8>W|+ z)VE3>Op)1_I-rBeeLnu91-OOqPIhyxGH)(i3&*Z9Y*FD*ueb=)aU?-%GUISE?wQN( z`_l;c^O1J589AV%#3X%Y;lwm{=+$>rx$wgE{!sl(VqzkZ%45H;vQB+(E<1t^O|8E5UI+YWip7tvx`fM{xHAi+uRr8vlMK8^rK!S?6$%eXkaG86!fbB;Jw!a%R_-P zY02)!PeSl5JWdsQ6%m`s4uvA!tGmGp(-Yf1*!Ytz{kbH1_JO)pP`e?89MyP}4Q>pG zB`G+cm3;qkW-8x)f#(o|&b5uZh;+yL!3gyMO6MyE4e7gI+1mJ}O>`cF1dTKT)mjfD zgYv9ab?(L9%HFs^T4M#d@qj_aT<<;M8pi(phXM&ElCs?;I!D^d>u$|ApmVf#e23)< zvmwXYzfB1#R7==7^t-^#51a{cUtb?G)6drWrLS*im9#u!)Jb5ElsyOyvN#l}uF3=R zQI>Y`1xH86GH?U9Zm*;i+@eSxmkKyvpV|@?0k72p?hC@{){kWJ6x@O9@myFaLUJxY z>h83b?Wv(+Fa1%>wpxw(bs%cURvo5*nC|>yAzbFT5)AnL54A*n6bF4E^UH4XSOWLe zey>w;&Eemm#|rnE-CZ3I02;Vi!s+Mn2NC9}fqa8MM;OQIecj$fjy&n-UXFrlI|;QrGVT~^0E#*B0BiJT?ox6&+T-54~w-?x)z`{&hl z5c`OpRN{^^Y|3`)1bw@L&k&f*z|^R+m?5EzH~L1584!D0s6R>?S>_-4CBGqA1rAbA z;=~i=yLIK8b4UaJBunk|R72>~^A2$HS|7C0l~p*(bTUe>wNKUydL3gWfV(OQ1nVkV zqm>|5WSQ@-EG2qWYd6P**jV82o$@#>6d}fn(uV$}!=koVDR_QHv(l4JK9VCs&xG;G zLsE<=$f-qK_efwS*yHPIe@iYz8uUbayxc5`=k$$=N^2 zpe`v5EvU7ULf`b7bI%=sUmhy=f`EXn1Th2Voz?L$wg~nV7=M~qjCzyVpQE=r=CQXi z6GZeAAb~*T{+<`zBo{6O&Z1(z_w`XQUbbutGpyu3H29umNA?_Npf`n?p9FfJWmIb`OiI{(Br1A@9z?&HIlCk5Ci^zWp7aU9 zHJ_{D9m4mB-@aY*GK%y&_j$?E@x$ogs)z!;;ck4X``G=l2Sz&r*RL->7dd><-18Mw zTQbNbR{Vr_w`qf%R?3k0qvlShe5bTgWv6*PbEJ#$f;Jja^*@4uTyB~9BqHR z)0kf5O)ON1UH|t0P3qH20!Qmco8KN=)vQ-g+paXZq~wpkCRNSQdk{>2jFvh}NXXkR z)jldm$S2S&x5kM!-zP{*kJpqOO=ki(q5bNzFkx`0d}2v6zD9o6I&<>S;LH7NKhj>nHzb|K zE%WK}Zx>Q~g@5HCvOMM~YaRS&k8k{4%AMPcKh=AX>lW?Oo}+63nG?wWliM zduxcN@CAG0aNauu$Louk&kCj~H!+^YroDWCfQM8r--6A8x-pdNdWz$Gb&Wi^TUWfHW`3XWZ2cLvOPHm(mc*-EF70i^Bl#KE) zG*(q#TexbodL-Zr#m*Vmm(gcJL*W^yMx93})y)i`ju-&TH2Oi55b` z!npHq*RP6`jVa5>_}>m_=*v`95Zzd-KTAw3aAHxkJsH5T(2`rjbMV|8FqM7=tBU)+ zcv{-CBZC5_enGW+UGj4G?sW`XJ!I`md=CMK_2R{X>wbi4kpo(#&>bXm{En?uT6QQ_ zyVi!A+lzbsMJAn}KHX%w`U5@YwxR^-zSy{(-p;+@K*l*CpW5!YRF?iGb~~W}Q+kJ> zW3YkK*1TDBocLH#!m0kWY=N}kCOa&2$x8Q+S7xnv&hwdbabIEeJ`&-B9xK?L^e!tSOt}2(!pf)8&Mn?Nl2LpagOjo<~*|}V6nGg~iro0gX90nfe zJUpU#D}N_S%ZB=FZMP$bO?NIv5lzt2sRU7=wg*l`wK+Pf^2V)dk3#poSq*sGa#!I! zT^y|}-CwnXH=*D2U|B$Pt3Lp>xu93?f7^b{WXX8T?9eRty14lG((30`<`^IJj)uC= zEHtEj=LC)=L-h3nML(MY@#eZ)y^9Knpq5;KL7HF`@FI;Y|y5qit?2rG?Y5?RTPcDh1@Bdy);g-)l_4ZA1 zI|)_qpfY({M_g|IA~-W%Y*re>_abXzV&X#PjXOP1)O?wrH{lH*(uyTzc3c{``Lm%x z=xJ(xA}K~IH^Ge_=N(*5?73BPs#+cqmY8~mxW%AKLI!b9O<~6+#d`m9hB#BV3&>Xt zaQb@zmH44W#LdJZDpFNJJ)-?FmK5VO-K4ZhRY<(RzT`{lTna{tLY-^dA0mIZ^*#vn&xtzj*KiN>GJNlnQm*cO+q(tJ+^3p8r9&2!AK_$VEU zf!-xeKE2to+xNGcEwKDPR))L}{NFoG6mSXncDvsg5Bw7--U4SxOjia6FE{lT);v{r zbKH?ZC5UQ3Al?)gY4C@L8X$y#c}Z-yT6$f$iq|n*Iw=FUOiZhnSK^@N^4ns=T;`*2JxBg)ImukBW6hKm z4;dizd@ig?oj-TZp~W{uu)Xm3bc0L6_FOdSGgWw_&~2Pd>{`10tFl{@!81la{@bRD z{w+e^UwIqi2EO{(PtaY)UZL)oMMMN=2!6-^{%0-xl+SF!`&8}!d@>E^%VFGC{@9)9 z15FR5g5Q^V?M%JSMsZ2JMXSex2E!DXm&M`IFxX$xCUxNW`>r(qYvo*RQIFqmV}zX& z5?nDas@E}S*u-<|pb93N7#e1C7N3k(I6T(WB+RAOf%Qf;m_;*wbE@nhu8R38PtIpW z_kdvPn~Bm{;rIB$M6eflN6fJTViI>`R1Kl&xg~`% zllFV&(i9Bm783CVoG+ZelwEf$3sc!$OH`D3u}Il{;+c^@QX*w^iJ<%fjRm@KZOo!4 zcI?(S{8iPW>pQY_t2j{c+?vVq z&GPm4F3t5NB_++!%ItFyPt*3;W(W)ob;Qi|kM53SzEjmng&!tZvexD*skiHTxm@f{m@gP{^ZpntnEeK-V>5MFV=>E&JzL{jX7ywjjmdK5`+ z`Y5_w<4e9W`!5u#ciyZq9cJ)da{hI#;uwRzNJXXg)g$R9)k(1_9i5G2P{qZ?t=N0-gV{XVeF4g1 z%da2gNYxWw4jWm(C6VNQ`ha*-r!%woeatOZFBUmS!*BZ2q@<*t zLT+63VZYuJcf;=Z4HVwv4qzM1PrrE#!Fr8UI)ty1{GD!jEm7jW2^ zIz~()H$~2i!z1b{aRl2pbM})2637PfSM$UYioctC->_@H{kYJHfW&BpZc~E$e_o3c zbwco)X&7_;z4VdyMwi;>Yfxd4>y)LPi0ZaQW@P?0CvQmx6@g@qaj(`nJ^><7>1Hp5 z(2&!Sr%q2lm%e*9P9PrULUw~Q2x&c3vM+?ceXHxKXw&`WA!e;UEWEXGec4REgZrWEEw`gK(0 z(4;foLjVIKSSH1q^$hu_wV0<)n31UoXOUy)xLlK z{#gP7MX2#_JvYuYY>6}-{_^mRg%D5VcRE6BRBokZmKbzUq6e+Ki=8QMO4X^jFcV&; zwxF=^X`vCP!_t5xGz@G*?KR^Kv{{dN?`R>+lVilJ)A< z>8kbV>1h+t)9}ppQQ5(yt<2xU(YHvg?|aj*T9_l3K~3Iyp$jH8!2QA1eh)~^&RLX3 zcw~YR9)o5_cI?ZSFI(RL0hv^O>v+ZoAIe{|p2E3T85FeUVthXa&Z2L4w%_n91rcE; zSB`hq z*RK%pIt^b`CWUaCcn|l7mc9W?5Fu3}?hP?AU30qM27GUC*afu<)=Sk@Kx$BTvZSVl z?^TREHRnRhaC}*p!Dx)N;7bn8KqrGgit6ZzF6KQ)s^PFLq3Pc&zyB4d{(mnbga!ky zk^_#f|JjyX7lQPssyh~$&Ua8+eb<_{IpW!UW&tzr?QR!IDJrt>&D9wvI?I1Yg2824 z&tYMtJbfe4^V#!A!W@-{N}ZiURW5~aF{aAWA7^qg@af=8jP=mqI}xy1m5lQbC6!OE4_no~fCAd}UwVa|)tIMZwlvYirhpp)gEk!75Bd`64ZPLx5SBQSl7ch{Ovi zBf95wTdy2C-brj;k@7cP8pwZE>6lHyp=pvM-7sW^6H~kPeRKA%LiAc>&E7_fzPR2c zK9eNw+Px8XRQgokuq8is6O3<7UxR-1MVAu>YObS$@sm!4XbAx&@!(v zZ>Aa@I9Oy$$HgA0>NrHGkAoY!b;gIR8oVLg&tFzTazkDcd`uDd#Q(_y z-Gi}u%yaO6Z}NicWc?%&9aYo$BA1dEDUIPcZ8^Yl24px40(fx z377?Hgd7&HG8G*x7$-ahd;*GogTgA(EDJy5lU=WqZdDx*q=c1(*zJYLL3wXxWpQ{M zb_N(}$-Lfo=pWa`3l@Wm*mNK-8AhCEQtG(ghxLr9Fx?vZLa(xgFjErhuL9%lQm0R! zmY(9l>N+`$!slBGWVi3v^5Pl(2ryWJ+ltFMhFcGu##{o_OJF7f2gehqafedmx&$aL zwK3884&Quix zSGk&=p59P_VUT6*)FUmYQMHirogq66-51c7D1cvC)z!6v-hDpTNZ0+zlknr!d|A|6 zOzD`XEX+dc>Q)d<)vk7pIiS&7=pVOE0p&Lvllf>g_tc)t;hS1?Lgi}L+bdF4`-*8+ zun!gvkT8iFe!Hhs-g(zmA(N~Z4H&aps9{<)3(pEL1t0FcA-g2zUS?T#EM%v}Ab!km zcXZrddtxXSS5H8tQ>*8@Qa1Hy)UJK>lKuXSQ8}>9g_lx7*IpC+EH+6#SgGtk9Q{ck zbFzreZ71Z@$=6R^IoV7Mq7T&18f;kQU^v{Zbv>!xZ9TQAUTCziPpQr46}B)`oVkB= z%Wa2td!f5B{h{YoCdH>n7P+QSS#ufgTJF{h9?0%bb1a$prI!)0_J_|C7W=Ytf`m#G z?-&e^GY$T&IIN|Sif&^iJN!a_M}+ABK2i?VwIi+M6-wr>=aOeV9dT}G8bi^u986(| zU=U~mYmXrzyI=R%xZXxq%Xdd*@v|>RcifAz56N{-?Li{{NirOor>_;d;S5NSpS4a< zMX*I19}72P^yBZXqAL%u$FArmK31%hiEhy9L>*PS(bnIVA=v?rcWYZ!hoU<1!-tefrktJ-fw81~gNBRM36YUG zZY$NQxyMuFyt+q6yW$8 zy*rXJS>KNLuak9|hxR<^k>kM53jPyZT6w{VMb zvw=}K3ZK5`Yn4d#F~*F`U7&yvD}uf5T=*@kK1ryk)$rvp3v10S+?n7+lD4AOn~txv z@BHB9^=ZBsY*_PFVPYAzVq0&yDwmWux0jYeD)u8awxYzxy~eNwgN0y>$=0`n)sJZN zNfkJ(T2A9BkTJHqSv>KPf{wDC#B8*hJ_&0 z4Roo)vwX|6@)kqNBIU|RzZl^uS#{(Iba0K1DnRc$+!yvu^g?fmbWyGH4NIKnixU_= zd;;XEPsGwp+-Y|)?wKRZ8p@OB^}J1HG?wv>YvE4x?M47x_G%!MYs3SBkHYof^hUp7(v-piRf~9^QAvKoBzoH|9Y7ma4hSeT>P{9 z`VR<_&gSz%z92lIdf434dG(fQ@702gir*iWZLwztU$8@ye@9%{-o$InJ(R|&a>!|3 z@uJD`f^p&kuoJziI-bc*O}`uCNxkVVUCQvP+4om(pG)*ghD%NZ)UX2BMKGN0D_~&c z#Y)Oa<)qffX_YItuu(LPx4771Aqz)od#dk_JLOW}#WXQ_J>F>u!TjEA58N)#lGyAu z>zjv*n;%^>i9rV~8`F|S5nsv*;-=U2FCMlEqTuW@IN2@J_T0aQ)Mczxhwo(R`|9Mm zuCoc*&2m(){SK18f({Lx(cJo*&bsH#a&G!|hUD$Rz57uzt6gL>>z4UI60w-`N!3jb z`G>uM?gxa)-GkL>OeXFl?l*vu$QGlb|&V#EsSy2Wm=seR-r*qFu4@i_*}SUp8P zF*1oBx=PYRx;pS(02LryOKp+H%b~``z4i&}>qsr(-Ga4)Zv3YJGJN1zlm+!Xr*QEf zkd5`RH@chlGQmCe{?(pVo&Jv(y) zK5BO_@yMCEwMvpRq}uO>U1GGL(8Bvudb3>l`LH>$wHBO4_uBxn3V^^!7h zzHqB&7AC3#)arhVPsffqF{TJ*}hEN8UX1;Qjc_BcZH|W&|8ey@m z4xM6`mPq|8Q}R)q-BCL3*QaU`(j;-URtMIq2n=7p-r)||ALihLLI!k>XNhw?wY_pG zHrTe8hh+uEZIR7_PU9YFY9G6>Pzv!vsTx+*4}BzkT+P1w0nr3##5o3=)P_*H6b;Lo zamQ~^oi+so}KISoJ;j!J@ z-`oTNW|HtRB9$f4U9Le8G_+}-e_Ta<6qc2bJk)QC$d8~fIUX|0H3OROCr~;YM;Kyw zgeO!peNbifLf^7EdyP@#PP_O?oZa~AaG9jD2s-88Ce$Qka^g)YRZr9ZturOJvuxOs zeUn8Ru#|>+0h!Q>hH{BbyE~mBGVSO1xcQK(>=K{giQb*%p<;Fn-FE`slfxixJ{Ubq zCul8kgwgtp&)_Tph0@ct4`Ixtg6wrdO`YBn3(#cR*&}ae4ZEVE^)u?&T~@nIZHs|* zw@wLD|9}i_6lkV0D;E3Dsy>e=;7_MZUdz)Rr{fSsR;ZJ#mDLf~X7_J62)8=oIX+Yj zz`27G4Sj@-#3U|KH?&liD$8j~5e5fdxjZ2TwRUCu`xqoZbS_L_invh}9@~C(feylk zBBy>02(dJnO3XzjnD`4JNE#dIgh;O3z>ACUgZ>RgddK1})wj|Jq^I5lWL`abvFbj+ zCsr}%F#kpv{~ekt6hN~y7q$%iD+I~5(<;eg?HD1rS-X*u ziJI7FIXS+oq;?>#O_vMHfyy{L4m%r<6@c`_U^2PMX&7m?lK#?j|U_$HBv66=c2ltrv@2lk;BhOY@U#CDFU< z`P;pG6``imewgWjc|IhwvSW#JY3245mnd$^S2ScA+*wEK)$p9hyg^zc#d0ih4z1i7 zD`~3`+amfaqomq z&{`W(@f_+8w3qi1ayvi}DpH1g4_e#V~v0=ul4bOMS^i8j2LT&+r#Da%?ZuQJ$)>O6H$ znw-1_4)$>pjb+)G`>6GK0s>aH4}Z(YexlR-FY6QCj$L3tm*V4^M9que;{k?K>JL_d z6T4k|;;Fd!pysGe7_(H^9<<2DA^4)}YV{6=MtX9p0Sz5sm&KH2|C(OC{an0L__H~r z8;r#qnAlC5LvAgSgrD#MKgs zP43!5xs#7KCaWCxe0;sR&mjC}i5g^7c}&fAi9<)c&nysx9Rui`ew5c?N=~JvdHy6Z zHO~_;Wc5lBizzN`=hhrQJ2~F<+WI+{$j;Whb5Oi4{0*Mh^f-rvT7ARUukGllabT6( z%SA#qjILXQ?08CEoM#~u7pPNC!LLNWEa1lahmp%A5sc7D8YiBcuX{IzIcl<@6Lg=g zl?_Gj-5)0sDh&t;$ua~pOlU?n#Z8Cm?{SZi5LO}Evsu7P%^9^kkN(ZIzSt9}XqSn) zIVFh%*%jRr#bEi$Yv~^D!7MS!k8s={LGlz6FtkS!n{^PR)zR_qE<25Ka zLt@nS4j%A76X}y2h{6c;L$m*U!IC6;z2#Z95Sgi`bbFtisZ6?ydKM&8mBv8{JA?Kp zZC7>i!@U$s27yPSZrbUfmYwfaZH%3qks)v~F-eEvJXy6z%SyakRUkOxxl=LjIj4oN zTnt`Y@2H6||5TA>Hl+*igSc<)=Bnl<0CSQ$r{k;y`h*-anGl|ORDZTcT5D_8Cz3Ak zuf~4+j3ncu-SM>fbXHExzOl#JH!sxXbpdTJt?So+8JVm?!EdnQwJN&Hn&mp+5+IZ5 zhXZiYUARP%PF@;(BVF-MBRSA`nRZS8!pz26p*(k4s#O5I-+RCRShEcYkT$6A#?y?y(3#oS6I z>=O{CyKQ?H#zj4DCv;=u%6UcO8KZ=Yl|Vj$Cl||&FbqddF{L@alsogu$Jm&}U8yVA zZl|*9R(-y);c>9@VmjT-evZz`WV$I6b+oy$!KeQt!jy_ECEx_}_WSqmJ!Liqo1(^8 zs31>O&~DHx$1Z6b5m7q22f6!Cb^Qyi2JI9zoEW;2 z4OjvzVreO}Ewf`;3mnTziF`bf(2gXHt~U3LG#tEx!ne2l+V&fP5e{J#HFDeC@cJQId15b)-Fvz>GNYhMieEcgi1t z?QboJyaM=W^&%u>;kj4Z2tM~Wz{8mkl&;9wteCl{>d8$=#`05g(4w5h93L>u$6D3$ z18RGD0|tXEe8Z>bI7=mJ^V?7Cc$&;(cl0U@wQe=fdlWBJu{!3~TWZCyIW9xBqeJi9 zK|~`^0^_w}B!4&Df=O*h=<$<2pt>!Og#mIxRAGrLRo&+811hPh3m=UWdg1azd6mNK zY=Kex5A@D!-#$rfLg$38KwGhHR?f8vuXZ$LTKJ@W{P@vz{by9si%p}=ao`OrJVq=o z@jSn$MAwEBBP>L5a6XdUq{a=MAZriw6Fl+)Vah{7rq2%Z9m#*++tP^7y<1f`KiLPi7(1QkR&M5McWl&x%O zq@+<~h@m8<-}M=FyU#h_-*vrzY&I}5v7VLpy4QM8Dm0(>cC?(JBxtmC?CG9lqoy-e zGcysIkz`y}@s?rZ!~Ll6_{T%l)PhKS%LL-ZmiH2uVu_u68;`z-=dx2YdUn@7?Qp z^w2IVH8u76`|wTg`Oj%OnJax|c2Td2R^G`e1yxeUk7a4G3hJIAc%GUu;x;$CA#$tECd)Cz6nUhCb zBdU^a!|2g@=7ZQwVtVF)tnwY}yoC=-jKG4+(aVitt&KLuz@=qFuoZ0U(6g?tuGJPs z>A<=y?*0~1ts$R@Vuu(UimLSAn8;@W1S-X#UW9u+l5rFYY$M$!X(^eW> zasA%-cAM}>FoIu5uv-#nokr7e@r5xONc-cHzc(~}~^{s7eiMSzFR)t(3u;@z0)_FcdF;?oq&^>B@#ODxScoE#GskRgMs zaL?yc3<1?#LewMQ6s0CkG1FRI!MFOR+f(q4Os(5y8dNYGfVUKOFzo$r&xsQO4?~P@ z9Q)~XKvkKKB9%Zj-&Lo0h^vcVCSd8wQSw5A#ZZkGmA=nCYS6{3d@P!8+e0tDo;pR? z|H#{sSq0~|s<;r0Osrq_CB+#pL;(KAL7rWinUNiSh5%Mk9M+LUG%iS)Fgz@gZh$a6 z-|6u!vc+dJ-5Xg9h$mLYV}05}{N|D{?tj;Ry2(@tlxX&#@g3W}Q(e^=Pzl9U9$jL! zyo#q`no@C&Dp(HjyB8n@eyqmcbWv|&Alxawa)ibvnD&tTYL#r-$4!GQaxa{i*-eo4sZ?IDe)8^KsH~0ozPbr6VHjVD?**l%jU(=V?|=47pd;e`@+P)Y0IPh^ z!QB_4xw`VV&-gw3#Re%S*|VVtmSza|*Y?CD>L2lpK=V3O*zZ4jg2@Fm!v`cFP2!q7 ztx?);h!l{e;3jSh{&4m{e_RHf z9gw@&d0*gqs5lp*8-vcX7_fW4on-6&v&}lwVn2i(zCAz|O&B(S{i}p6`mXB}lMf8K znNQw{NoS*tzdL6~s^G-@2&u!`gFT-v;ZPQ7Ftt7RvD4+&kjsi=6n@fXmS_yitzO#h zmh{hm6WSZjHfjoZHywCm?evX$!m)Pvm^2ys#mLR4$Il+ z-r4+4nloNJQbP61D;;vH2fk@T z^_?=OIWxxBBDnK6zsTpZrL-4sWg@-p8Ll(Xe?Q)DN}>BAz_^p!Wy)eo8MuGOM9nhO zkzS{3{vQ9aflK$h7YS|Vr|!~U+E@B1(kMivg2Um|ARfS2K%~LEB#xiI*EU=v6)4Pg z*v|Z+4P*WI>X830QqhJWJ(Pb8?&o)rq{nY9YMFE302bWCS&k^?K$F5LtXFJ1`CM|= zx2lR>wP&5hh!6Vw?N%VVi*lsPeD%9TDV+vufayd7A6A0Tk3N_BTt& zfncFAR4`nexegj$xz8XV2d|D!AsE}+7ugH^R#h-Jtj}$Y-RbE%%?YQdX@@lC>xYB} zLO$M)H=vUuL!MQN%d#=hw6{2IPDJ9qjH&p3N zOs{co+x5lqt$uqmHyXj`?!B!|3%VByf@IO&hq zS(!aK+cu)p+lwWHn%(d1xh}&0k`(gR0YY^rC;Ib1D}wM?j7e%;3}mu52LZWbBJ}p( z3QaMwLBysS+ew13mmpwF7*^6UBAum9AF{dgdPJBVJ{D+5)gjpeVa|Tp=E&13XW>`+ zCoCDuJ~>{Z@jeQN;;c3IvuUh?s?HwV=5|jQ5{&%x^k`I02`A3t42><{wmdNgTNC|| ze6hWaSNP`}YdHy^?b2{s2+u9~EMH&Sx}_a_>Uyb#9ei9TVOaz3-r}zNSiaPpqFsWG z|LKJ9LE@9L-bha)NE$k3(~+eev52ZXT$PBxw>WOt7|__j4R?5C=W6X~`=<@BQR2Ns zyxGGiN&oHF;jjJ=jp9Ht#}o{#l#91vc$dahF5V`~&EeD=b5?`|JWk5I8Y|^->sZoGI1f=8a7C|fq36xmNt!C2m$SZS_7Lgm@ z);}FpOF%5>{qo#8&UyL-qYK6(=bBDu1Kp=9ApH)}91Quzt38yYtX9X-VA3%P5dA-u8viw-4sTx4{uBMUWyyCMhy+-q(9cker=*T1N-96h2GtgqsG~0*A9*ed9NR7 zxz~jCbld>$Xvu?p3-%(f-0M@T75;@MTbaD;BJeCO7U|bDO`pl9^`vJKae zk9j}^)L*3S6hQ)77JD)S`6YqBGMX614%&$jT=o8`@!89g2=~rk)ACD>nsK7@QK6-0 zBf9m&LYr^3x{wwEo4mp+L%LvEldiyRUKA+cMzT1_tVIgm$_3tcGC@M91Q?De>GN(8Y$Tg{xG z7U+gLpIdqBZHwAm;;CG`Bolq#yEBMnEj>{w`c9uZp#-U|bjp!hAQ7tEP85(ro}LkW z*#n#}yB}X0{6efw6WxdHF~3YzgX_>u+&?7it!}B+n@bqpSWbV}U8KT%A%6DVjdyMJ zcitgEP4^LK)QfkjtcYC>Aen}zj$Bv=ao%W+#yGdB^?t6Rs@aqIm-oojf9Z8i6DWj@U)`pTwDe>~%+5qh zeVWA&%gcGcrnA0SNW*FJv{a|rmfY>u!7DjDlr7&KnR4RkjdTQN4MO|k6I2gfF(lf; zAV;yQ1DUDxbdr`hFi)zj)uVAnyX=fN*`(rWe?Km1#Cik&N$l*MfwNNRagt60Q?Y2w2w|W!;#LJeupLIDQCyi>M0@kWhXSD65hR?@~ z;)6H`G8u*V7N^C^-IG@~xpm&YRi*wm-!)suidn>aD@1*YDHkpFko3{~D|`Nc>Vp<7 z!xki(I3I^#LH0mbYYP9UzGLrmA(QsN<>Rk7Qpm;NQS)v#z%mxb_l_}nL@-VPVcU>xLA8-L3dQHq~ZhU^$Z-mmQV*LlcWZj_K2 z$4sT9VG2fM;wnAk)wu$CzXY?DjRuq2iM}!1in1$Y_ugYuEF=sSd4A6!XF^jyZavh~ zSO2YA;xRezs!UuDcUKww;IL^a`F1CN=M}_L`vEC6f`~wcmZd8(9Y;BZNsp3>`4`_& z89G}w(oai`HB*mlUeUhZbH#%B(jMYp>a;DjhHOt;eCW?tJ87nnRc+95G6^}dIyHpF z$5$P9ryK}Q!%SQ;&;zH?3_e?_VrF-r_p3|)lfs~f5DoVW#1;O( zWS;~H>=wF!WbWzlNm?n8weR&Uot9z2ZmX2#u_X@n68GX2(W5SUmOkP4&epPL$@0zYcu9@kEh3xa=M$*@;)^L>u}tL5JGv z>lHef(+99t&-CI3wCD;GMTZF_ipy@o#i+pbD|nsIvF;X zejG6mqzhO*kL|KDqhvEI|fhJo!<)DnoK$l8 znuGA7u(DaEQmk|BtArF1K2t=g5F_~W1=uD~0p@SLs{HLf5JwdoRU>;%V2`bLL0{B8-rY+ z+mI1;`eX}tW{^xDLqp!KTQu@4Ts%)9)>0h3E4P_{_6|+BzR*# zxfe)F{nx|(ayUC$4c2rwa8C8O&?Ql~SqpL5)UiWjno;P0@wjRF%zC=cHejC5RwBvp z+gn9m5diR_ZwXhQsC2e`dgD|P=1k?>PA{VGcKy}$SLqB);xHtYWk|#*b%PzradoQ? zVJ%;1;4#7+Fn;^qjaR2HAePGZ+bKVKQW3b|Ix121IE9!`72Y;XM#SWeQVqU8 zc0t-(T=-@gDY?yy>bshw!laEeQEtPjxHKSW5`QFfs*3u2t~oA+uki{Sq@472ne=wW z6>2cMbGdVJ29Xo^z*UKZL~obV<&^V|1QPTn{*&7^B^o9!vvhkh=mlgfFe#e!k4%5d z9pH5cixsP7wcFI;8g4pRL6Z^oVq1xVE%f#<@ zzQj~c`6U@{RLQRs-tX0a@^+PhM`J$*5r$`0C98U~gGLgGrFF`P!!e7Z z%e7#WYp=iQHS_avu%wh8Lui?Y%7{iGaCNqg4fS8Xe{1Dl# zeOnZN!wN(41nWRxg<%i?^KSdcy#K=#(7cF0e{5&_^p8KcA^9D&74uHnFM_iXb#G=r zund(aQkQX6OX?8U&U4hfK^w9em^o8!EkKmZ((HBE-`7Mlsh@Od)6VxjXd#foqtTT; znGOf2U`6Xk4j`&;y1hMvh5ZR4(CNUqiz{!DS z0*V@}^2@&r*Ox{<;h3|oa!6*Vv<{%;?B{tc@=B`igQJA~&U$(NV=+sf*9Rvf2KXl& z2>ZY8v{~_yB5uxx*foVFER2`9ZQChHKX2I1tIsFs>35bhKdoW~tb%j=!3pF|P{a47 zU-Rx9#Ok|@VE1IZnFKMsH)OD4T6g%@H44b&{ z4fZBb0nsri=n!-;Okp0wyMnX@N#C5Q4P#>7^p>q%_v|k;F_0AVzGPui$E63WF4#8$ zGox>Ks$acW$_%}dNh?OKz}O=4n)TtAEg*O@z{Q+pUXv0eB0b8he2;M1pie#IzxDBJ zQ44rUO?N7_u18%dToPbJkjGtFv`=c;ZLm?paGv59wL|eQ&je35P{FT8TtBzHKkmHEcd`f6Z=# z6CW^5q`1i`U1)#KIJg`Ys2mDd8FSV+fcLuz2eG;*dV>Ht6;7zxt6zPPLKZOyxb&UV zZt{bHK1z*^b!R*X7=D4c{0!vtNBO}QX93_Jp`!ICXrNc{S7Tgyp)J^cdjm_AS#b3U zH@_`}h_+!dJ+>Gr%*u~kZ{|XKe%iPl@g1w`BA!n6s*jd0hk0C@Bc=8Y2g2zx>U1&% zeOGRniQg%!ZiTLDxyRt8eA8-e12f-@6R;X3hXY%`GBgJMYI=It*&QG?U2^4MUi{K{8wT8x-$ndV$Qlc*0^|Jz55R z4VM;)EoDWh&sv*~dflSxyS|-$XVc*E3+}%Mv%%g)%kFBW1+fU6l1w$Oa^KOSL$rB9 z0&lVBYwEJ?c2+BP0Kies0U7;peE0wGTOMwn#!|8D@n1MswK1OZR~Whd3>U26LE)_6$x7$T9@f~iDdj9;8Jr7orEg|zVh)Yw|(#fj=!@HI7*&#{$d7tR{jG6L_ z(jEOBl71ag*x^0=@<)$3^`fEkBbXQbo`TW8*x(=JT0;K+g0>8QLXoSWrZ0 zm_c5}w2Wsdd8TJFZ55}zFIW+ZP6WvlkE^ibfKxeHpMztfWqr0TU&r(MtTnj^ju8Psy!5rrQoqN$Hqqm|3P3%Sj=L3# zW3l~*c?GgUfE`yAI{eSL>~U9JWV+&2#O*oEBo1z{GfXnvk6sa0^N7yRGPPV#P+U70 z+4TlA|3#xqc9SQ82yMcwr(V2#Bi)6js!+%8_iDzTGkfS`Uo^c&XjYB=VFcT5b zjzTIQ^eDJK1bru9_>Z1lCK_m+Wn2znfzoih9uXE8ppXN5UU_gkOCkj4pd?s}1l?;f zubufgHJmB)WhEgM4i_v(LQ4M$z=lGc>j}$)_ zm?x*hq`BW<(_-ZFSZ7E1*bf!R_LGL1yWc7KY{7khZJMiihmYKP|A-pKqwGQx267Dw zv*_^KVJsJlt}1!UmdMg__s-<&dVS#!G)q4`dHk;B8i)1#@srdUXJ{$d%juEEz7=Dc zXq7diM>D?$!VU_mKZIpzK8&viTISnV)x&{vaqkJd_5yWFU*->N)Q6enuvf@(n~jK? zcdy%5l}U@^oTaX*rCq;QyOHftA(!E^D$vN(tJAi}ebA!1pgnnhV3p5&at7W;;HLop zAV}jn;>4AC_Q>FyAQmuhlNZq&%ojJ@uEB^9b=M=|Bv~( z|J}iYoDLzUu>HsQd|MP0yfgQN8{j@>NaaE}*m{~dy+^~;887tJMjDjIKK8gic(P^q z(%_c>`4i5Xw^sJZUwUUu0JEr^OGr=t2u1(vk5PT~e%^}8iqyGq=eNO)L70FtrH*a% zdD!nf;xo3mVKoI4$d&fpashrGyybQ#*&O-Lvw^l- zT*BtuPKtoXb{W?5l;05of?Kyb&z%=?(ky=T8J0tU{@S2yjE04F0F+9=XwkWyNyG41 zm$1T9PADTuUTqAS=OAJJ?ya?BeFM1Ivl{o0F z&Sia=sGjOq#wjzZgs@8EG3#Fm1oQImcxLGe!H3pm`>heeqsyY;==_~qW{}au2^#oe z1Xzw4#Gk|B=r{SzWMTZ}Q3#}VmCN5Q3I4VWoOvK$mi>?tZ~yqAe}03+cBtg+KF)F5 zQd*D+d4t{fMI}~SN8jaZ`f@nq!_yE<*q3mM_o6j~eRk=~fhm`bM>5>(?Cgw7Zaj30 zU^dVVJ~C9|nG0(@JZ8}-*vY_?6D8yR(q|CZxu#TCI@>;d?d@IN@H*F3r<|#-qOQVK zZu9dvh8RYQ$!mOKOOfqVnmKS9L`45}8V>kMv0L91BMt(Fp6Q2E;GM8vd_aXux;lwp z7mTJczbp{pbQ#SE=5#D!)d-CTrq1ijFU-1Kv9a_!tgjrw%q;L;*h=Wmz}dObK( zw!T1mmCnFH+T1T%Fz4ws|2+dd)%N^C&9A3 z_e#~qam>130>{kz%O{mO2bWx4L(0#17bV~^^#cvQQ_S72{8^r9qmIB`vzz3c*+z%W z-mbgls_{=2pJZuEY{J7G@qc_NssLZspKPIo6ih#JiHReq5IB|Zahj`A3np29!xx;h z%2#q+;dFM!s2R))6GJLzJQma3#2F36wJ7(b2OipJu)DN=b8Dq1#Fw+@L~w#U>LpEI zgQH01ExorEWj|1m|Ko>G!2Ww$x`1{eglYu;>FaW%Fa@NDMO2-2{q~tZKq~u3=QY;0 zIz7{)kUR+FnkFRWmk-jHyGJerD}@ZtSQ%v5Dkx;PugHqhlVMZa-!fuTIh!x z{*+|W>Lk)jg+GdBgVy!AW<>|h%}>nxrsigKkwKY=F)hITg|{R1G;d5_AC*q>?%nm4 zSsq*+`3-`ET}}0c@)SH}E9v}5z4EM)5nR+`Qp_*xGGh4g;loD{BiwxE0bSsuCX@tn zFhj4;m8@b|1R=XHNg}YxBBBRSFf-CJQjTiZq?AEVBf)CxV%hE?{k-vPBM3-=$){7* zAfbpr@X|k)g!>M?jX>&mBTk?BeUw2#^kB#Bew8i-Oil?kY5gtP?*LWkTrk?-pAu{M zw(ln2F8{TeqiV{KF+ue2w6~|NFo+-2+>0Q8QFtp2u4&GOY4=A@p7hl&HRPHASGA6V zM6fXH(hj`SQv6j~-tM6%^pCx;(a-ZbE?#_}WAwAKdNp7Sld27pH7^ILn4?R-BmPen z{GXVgqYe`&psND(oG8z?uuPbPR~W@!b;3zL`Q#6nmL6)@EK;U>;G}uYns;{MS=LYc9;kLPajDBA_GCXEvZo>Bc|Ny zW(DPggP5oG3JO`Ej;jX)wl2Nh*3E4PF4VM{Oi5xK=gz$zNpnxpuU4R1E<(RfxfER< z!skvQfKa=BWJ6XTDE9prcx`_bu+x-yp2mfF7-A8E(L>A+6A_2hG)do?%5kP+fqbs- z+V(7;pFaD~x&32|EDwRXaQI(m%|K;XWgi8=F8{Sn=K)j6=K;{{fit~!_TuHbvE3pQ zK)JNvX=rQRxBb3@&(}8V>rYIB&p;HUOVy{;@Pgqu) z!YDX-c{SitKHE6I#Rd~tB&TDvRGsV63t@Sm({e;Y)CT;Vv}>0FpVTpfA7`rNs3)7; zLYQCWT2w}a9y_JE7&i4IHBl|nb9sI8x9;X51#Geo9eif(oi-+hH5iM_|MS6(CG+J~ctRI)u4lOew z9hd1gMjgza;YPZ^Vyjq^_v_C=!O#?{+Z0zU1ZDo5=2scccyF#k>xW{B4+V=PQu%Sn zP7KfXJYMX%6#w`a2*a(hb-TiAaZsoCaqJBHs#N}p@L~^##)D1Ci_4?$gp6xFQwIO~ zIV4IZImqCNRQ!Rk{4RN1P4qC3+n5pZArV`9XN}`svvki=cCv+!o@CPE1iSWC;|Gb^ z;c69)g?+!!SA)r$MZdf(;%9!y3uZj zZHzR3B`nk>$NrOJmv_$9Io83>+Fh`1w<{PfQ{U%W+#cT^sXdTRc?H0zd4`ICxiW=)}-(QGryN3X03Mmy+O9~{o zKl^zaKeLZ7%z<|`eMtV5wpUBsd-|i8RLvJXBK_OIu%ym`8SljQQ<|odxP4%)3v6xV zU}2Gg%}mH0zmIeH^1>YyKJ1)#g4I2j8Xz)Y9805-W~a(OP|ec7{}Zawd9hP=c_v52 z^6NbzZuVfoDB*J0WZoaRb7xgeL4c>m=Y(Ae)xr?oq_RpDAis_ zEQoOw`7e;~6?xPfC1OuU* zWBTZzr)D%3MEY-%XlmWpip|6L)FY0ua>fx_mia!-8);OC72L!JeD+21i;O)YavJ(- z${Wdvv03`JZ<9Y>h5$#6O>GK0h7>k`dJ};Nk0M1?ut_163U89(AsL4#-K50eR0GA(Kaf<-YoA}h3AV*?DEz7CxqU_2KtQoM-lP)%2g(1o#9qx$dru==)b^YG!r z)U>pjxrH?~@8L(UskmPv3u1yDZ_SmRACx=Y*$Z>&|d3r9BokK9Nmbp`1{NjMn)=|UAfMQhk4 zth*1{x+_TP#K&2T)l@^VoNg@|Fc+)7keIm}(5maorvqJS$gdw%`vFEw7~0HHr2Yz8 z)>+1?7KFNwUCZooq=rCl%MnB0wHf}NRHY}xec`VA(`*ne8RhbV1NZX(nt%*I8CakQ z|GlCU$jOTWI*Q7aSw%qsKBBT1YRv0)&H(OY)SQ<1oZ;zZHFmzXm6+p&(F-=zObXvIC~E9Kr(%#pQWi-v+WL>bwAcz z%}Js(_MX~aLzZf!|+GiIy#<%HZS8gJ?^fyi@^G% zez-b$Z<^)$Yp}fE&0y!_hB4)4r7xZM9PE1}ROES7-Q@FiQ9<6MKwL;#l`H(8EDPW( zgk%KkLI1G5it^B}%GxhAgtsTiw*xx;sU+$Hj?^Q4Vj|eB;-f9&T6%DD8j_KEfiGqt z|7U$oKP~$)US0`ij@`m_OS3*JP&)MoN*WpHNsbe4o;3hYt{cA4r&EpU*4a6h~G{- znggbX0~z2}nCpKrFs-V8d*0e#&Q2ar6x*G1W;QhfjrK$q5D*IRK;-ayG2Qom5tqjFqLY z)l*-XHJfiFwJ5wLJ|8Kgcl0%!*DNs3O#bTa`#bQW-st%uoB}Q5Ap;O)_9wEx)RPEp zqU=glhb^Oia{+G9n$=60x%wnUv@=bWUA?kv81hCU6`TyTk7+VDB2O*9fXq(3JTg7x z$?^&ry>M(A=J1hYi2Lnjx%BCn2=6ftX^)w%gHmti3B71L`eqkxk~7pN#L|M-$T?o6 zveP`eE-S06J6{vfw@_PCGj2Rkfqhg!N_w^i&B4xbFO|Lih#Xlxp`6?mit%;z%lv6m z=R|Ef5)Vubc!X|Z0#Y_N!;eKJx<_s-3};qb_*)Ssd1L$4h{&0G6I>dym6-w!VgFBm z!^MjiCD0$ud^Y3{q1;J#mmc$$Z=zA8JAWxCb7t7}loYK9ELfA@icZXP;Hh29n_S(o zQIZ2D#997_ zE$gRV>Ym<~D-$Z-4hp7qs$W z_M=hJ`xDInd}mGx5Ibkyu}8o4h~>B{{&>OFfpMoei3xq9nrV4MCMrV@Qn zSM)=Cf6aojTvMVXAFt92hyuIe6$HPaFIHX#zBW@`{mrQkT6Shzb5qm2ckkpFJKOcH z-Y)iZ`72Z=m6&U=Xn3S+=go+5d2got$?>-LT*N+CSk4LRmb0?vOAj}_dq>5@Q~KAH2p=cxcO1Yp@y9uLM7p++N*fP z%cuoPCpBV3sT~6=RnBScr5G5dUyH7sr{Eaj?^&>B9g5JoF`ZIVf7jCsZWk_uOXmt4 z3L1{+1_(KR*5uaK&eL3b zev-{&(@gKEL!o*-1BB=f+Sr59>lseNUPE%NVJ}j+yXwqZV`_fv?%!1Wy4lkqeRsa- z9R()8d!t@CPdk+2vIb-PNn7Wz2F=4zz*_|E)G_;+ChgR%+`QuDRblS)UGYidB)O2? zyQN!62X`qr70^4N4!+~Dr*ke8c{Di(l-CKi)w#DGshQi|(4!BkrzB=UJ+i`-3t9P$ zAIeGA#zDpZso{8Nvp$go2PLD*E*p})`8A#-FeEl<{_e_8p-? zCkgtUM+-G*UCLsff8sM2AzPfgZ&Q2(-Xio%k485Jmf0C=3{cuH+T0G6)=PcUm?9;$ zL_>Y^O%0jJX1t5XD?Ss^6tk%f{b% zZc)FqC^$k!7fohY*KqKK2!_yQq<3aD%3-xn{pS8of1|RZqEX}00aiz2w!v>n4{$e6 zl`p3dJy*3{2z|2cytUG!FhU|I-FQ>ObJ2C<_@zMU_JA0}f`24J_D=rP|G1{O3ACzrIXRAc$jHN8+DfMo|6mS|H~(tsgZu zIZ$sG>bj7InHragOG$AFF;!4d%3)$&ar@@`_bWuUFN3hbZXqEdj~+kP@$e|4cK${x zL>gnsS`fS|ja0D&nTH16PRxtvdT9XVZZq-oQIyO{*U_C=3Or;087{nmWjcDP+`)Hn z3YWuzw9{aTwy`oy91oKUiKHFJOb5PQDQ)C%Ep`YZ%^R(-NC`BcvmdLIty8j4$?^@V zcwU11Z3=1LFg%u67g*-3t&z^N_^oFvj;o5$p3cMIdHL1m#_DTqq$M07#~wNq&b-z6 zWz(gf_S(tI&wkaNekDS6V)#S;UT&=p-10!fV|uIJAWbbnIR27nj?%bClqba`X{q}Y zGg!STz56{<|5mlHMbp9F-qM}j;^w@&BE$42*>Wt#8|FS`T=Q)Gav3?86MuJn?2bN7 zeNYE$uosNWb!(%fH8h56^z2M3?Uqo7se6?oPZh*Q-Q`Jo2%xO`B^OfFJ-6~tn>USh zOvQ_$hJ^E{+hipq8P0Ooupaziik)0Nmkb!vyil<6i2yN)UPyaBSen3zg)t^V+vM!GfF>b#BuN`;9 z%VBo&eJz-?)UFMFd*swN_SgEbqyPL?y)Y?=9D+zP8ZN)}ln^lpAtdY%yJv>NoH=tw zmfHR=&n~~|Q>;j~;6*bbc58Z3GocaEj!kc(SZ2H>;#fcC)m7LM2X`Jt?CNQX5@ zhL1RJJW%Ff$1AuT_&p~*_s%B;TMg!QAHf$Qs}Z=y-eH(F@?N^{;l1=}Q!RxAeo_}n zCB)YIThw5az`-=NabcLr&VWazhSZ+!XsxGC)CIM*53ok3pmwn&)U+|MKEl?<=*$#m z-v&04#)~?{F!`-%VH+^*m1Ekaw(TCX6K}=5=3~uwo2A##dz+m6{Kaq1-#f#fy?(6DKicTaPJdX>B>Xuu%SK={&#>KDd z_C2sC$i+y22cE-K7|uN~I=dsl{Kk#fQi)P#amo=h8^bP@fiH2Rem>wHBsA3b3c zUK!0O)Ci69w(HY0*l;mOvbuZ(6?B}XO@d`e;n|-<{{3B0Cqm{qEp!ss)52*7!DF;H zK!^!?!}(Ji*w3o8-j#6g-|gGQklf{IriX_gLl(sv8o$GBmPw`h484W3tY>v~bzg(q zR#a5Hc=oJZT3VWZsxO}tris9mC^&mE4>{VWRpf3oEUsRla-!nLUEj!T?IgoyMC^X# zQ?{EM@i-C!4=TJV%#%yp1VeXxUix4%&$U5jOLOSW)!Q{T#A%q0B{5C})wkyn{k__uC>m!YPw#6aZkXcefMK`Wh z?zeaKOtBNk=zxy6YT%NjnYi0)YGc?+$*na5WQu2EXU+`8hIOaKRi>t_R1_*-+mzH ztDk>Qg|p63e||r9{lr(#_KcUt((cj&N~yk2Qw+_G_jfGvK6M<8Sr|`<(xZ)KeX#;hyynayX&x z$zXZHXmESreMxzaJ`AL(4^u$3{$GuvT_b3^OhiOR;8abCZ*c zOLfcF7aB_y4Q)iIrlzKRilaou5lcz;ApiJkJ7y!l=anEZ8f zwhXACQ9@JZRN+lY0GuwNFtD?gAbz<1b}!Oq>D5FN#NWJWWAufhxVX5#^H6)rK|#s^ z;c(|6hrd65fsO6J3%aVE_u<$q(;+<_94Z{tNGQB`IqUS%YlqWJ1XUo_tNBrT4&z-F zlzDH_RCUWC#o+B5Z~NCY-Cl`j#ShAqtbHaY0LI1!INrW}yFZ{U+XQl_^$D-lF(O=C zjl$0i9Zhm_^loZv{|=~NiF~*X(8_96YRO|l}S+0J4b(V8Jkqjk6X;^PlsGhj2R$gv@74{6QwBKmE7ZgTdA9A0aOHdb-9vG!{}oyPxhL3W`}wK+@qPx0-H0CEB!0ah@%kXJbj(=waVSa6Z9Xvi znLJ5@FSDuQr7h3%+BrV2B$M{syuvo(A8C+(JR~z*Qvqv&gzjWRU8Gs{!-&NRtDiqw zrFB~Q5~uFJ_fs)|-rs++}?v~1eRJ6@r_)@5BQhsAo3C{oh&;Unz zFeo5^oSq(XdK@42`=|};oHJ?ihHM$tV|_iTMR_y{I6~uKto2L4;S7&C#2x+n%#a_K zOQ2zBe#F-2pGQy=H0%c$0`dFtw6wIX{&AY_C!KFJsCI>rh-;vfI&2eao52@k(m-lHc3#2I|jG12qL`GmN8zb7<2|3TM6y!V4{3 z%}4u<$}IBKzA@vuuyBj?!b=c>Uok2I_@9pK zyUIQHwdhKgHzF;5*H+7(VO4in|HBE8GYSpt73fzguS12K2sTG}b3CAY?mgD)*4vzg zevi>1!CvZs;VpZ6j4XN@pSr0HSHGqVpzr?6Uw^D z*_hY1uGE4!#jZZ;8;hjgp7o0_zs6FbIEekrER!~vIQC@TR8}gjTYHS6)yI-Uzf&&9 z2649aQJXK43X2>to;Y!K0LzrX7j)#S*eRLzSH13}u8iLZWGCkFO^J|T_$N6AvywpU z3o)W;BswRaXC+KVhcXfgxm(%6wNrncdO{Cr?}X>GM~KCYA9Wl{N{ht2426}S#|yjf z$L}edSXEYX3t@yWLtmUsa&*nfW0y!NOoW0_xAR;N06 z%HeGK-g|Ii3kWToH66)jP{^L>RL}4`lH5hNn`PTCpSB-kDK2oPAL{AR;bQ_j4+=U= zSTQe}H)~N?uHXMNwQNV_-nhC?1;cbH+il2%5IBZZ@qXTeo`_*5uJ<(vy>O-PJK+kg#cqVkcHTB z#P^B-ZNW=lb9Xm6v(dowX&6+Oh&_&G!CmCEWTlpX6lQ`K)hmyk=^YuDy!~mHU{o|a zArE23xLSY^H}gN2zLL3p_2Gqp2JIaRW*x&U7@*6!aJ85Z=Yl_90U6Q@1#2V1V1^lw zY5Dm>v2(-av&L0oqd8@M2}(6}F2jei;!jX!B?G^y&wY~pA20ilCuTVXr3S@^f>PT* zk2R9)KCRKQDEw^OKAszJ(rhkM(_NsEvunNg?j}9?Nmfll)Wa06zAt%`dY50#)n53} z-<@QzS+I?QM1_o?CG6$N8-bWmP`9@aRY>}1mfw38nL9E*nHDo#V7i@pm#~U_dmv?S zffqoHJwJsIVqHCCC+VYNX*kA-W03SFbt~&@xuXO*dnNSFv#GORlrr`P$~7kV5S zYZ+#JRZ>StBp_sv_Cmmf$xQwHCR&6R4o#b9uj{xvV8wWGQRdk zslhddPnl0(5yX6-=qUyS{x>%l&?*QPTAjQ#PU6bAmLw!V7y~MYo}=yCM%*1P(2gNl zgh@#_vSsKqqG^7cVRQbRMRo&c+9C9xXVaDDF`g`hyOt^$Es>mzg^%#lrj7kjolw6# zzbf!yT1kW`+SG?~=T@XMKX!H+Kn8dAEUO+bf46yvHo`VV_Q#mYdjG*F&a$#n)6sFP z`Z)%^T+nh>KBjL7lgS1%mbMY^n&k5NR+ZMTGZYKcAn?UyHPFXQ&uHBA{UQnIV{%l_ zCI{f`Qr5Sm9R3as(jkO0q%U+WxPRruoYL&#mw?0?-F_Tv=C|?wGUJIepahZxANl^6 zHL#=FxFfKRA`#*hwIaL{uj!7j%xPmC=1yD{sIH@}efH$7K)7z;Ou0QE(j>^O8HezQ zjxtEVH9_v~dWM>*a8r1R%qnbL2lnO2<{VFcYL;P?lu5R{vO5(eO%7~>dvoNWXRbIy zGfusHj6jIIhXs&|*ir}bD#xKy%rWJzo;83SI=2JpOz|bIg%^JcCXum9cK9&0IeRz? zM@{-iDRDCU$DRLinhdN(=R99x@;}?>XDZizpp(n0w!YIU=g(TSw9H?>Gw7Cd`ODyz zecyBE`d68BD|nQh?=I2((uz87#=Hzja^8A&rH@|cgU^XJM?7CHvum6##rK)%P_QMm_*qH(c7}fV^GD0Q*C(fXf z;8MKcLVXj8_qSpV>Fk+KXt&Cz3#jsu#-{X9(bDForpkay!rEI+SRHxq**zfyDv@O^ zvcc*rDk)?E$j8sm|LD;pZ3Tt;@N3Z3yblqCLBQH3%-7!&5d_#u6S$3*tT84(Q94jJsTW z@bZ1@kDwX!U>;6Aq@=}h=$NQ9jN<$AUz;j~9muDUcOXpj*^}>@jv7D_59!YJ_kC{l zV~^H!r}u6f%ZN+qi;j*qw8HrM`nI%o4t!5!;G7UXC)hjoUI)f$A1E8Up3qf9OQ6qk zikraxo0iU21gl)vtMzgU2@B&qckVuT>L4-y@!fl8Iooz!^$X56HF>l?byj&4>GdPW z2uT#cg)goqf(xgtL$XenrQA|Cs1VXIdDaa^Nymhi#wwoiEcNt@pXBGjC#UAK zDuAX;-@}taCYG@BQE>hq`Te+o@Mq~bTkwYqpSzkTRFTs8vJ5;ek>IoQEUu4&3Ss0h zEUs3C4~4lO?~Yr=vXAs^q!-)hPT`w)G55DAV)YDlU;U^l7eY~t9#NXiLMASjOVN;h z$FEG;$Aw)##}=!(x=4DI?7O?3D)R&U0#IRU>g?21Gyt>-B*MHr93}5M29Fa{q52Xw zb3$D{y7^^e>P?{F^zggurGO^KFPD>}0@xn*u>nMs4T}c#V|_uhsok7A99G|l$|REr z95{wV+?eLLbXL_m)Wcw}N(_xtJ%R_2jN*M_Z}GSWZlp5y^Th`c)sB9}Ttlj0nv=Fn zBW$wA^BX|es?m!~{cI2PJO6)nFAkyTNI~4t`x?LgYa$V5cNy0*rQ8u?L%~%%z7y-=k0`TL(X=Sc zO;Q2xKDfl$hB0S%9WVy9ctNB3oi+W)#ZgY_AW1|EuEN4-Iu=)FRK6d%!-sde)HKwb z1

R@>!yp$8au+9^X%(L}==<9tRhXmbQNx_%Nb0jB{0S>nuKITIl`z_x&$PggQGr zD;walT$_6xX40Mf2RG!=9r#gF7TI<8k2i+TeW?{{M^JtvP<{#Q$6Na+ z!Kd8aXmfOdU(Am(Tj*9=_6c*FSN6o`80=iADKl`eP;F%({-Fr@MPrcwZmBxxBuET29ka}o(->%Hz zV9lZF z8p;yWqT~0k%KR)T)&W~BJw~&zLV>%CHJMQ1m)S8Vd;aZEP;CsI2!BgU zxbq~2$Lx(-f=G7Y-uB#Be!`v2#ektxu)uPt$SN2{v3hGf9XJVQOo!pF_Po8$vW(ZS zXLeV2Ue@bEuRw7;FqbTw-h-W0-f5^zzc9JJH%G6vhn!d18OF5egq&Z)I@VmH(l?h5 z0_HZhMykc`tYsB23(b|ezJl(913=C-8$hmp`b>PdW*sX8IAy*`r8&Tp{ZsOxx7KD7 z@|IbJ36PpA(H$SvLa3Tmy~W}zYgK$boz-*cLEsDKznF0Hm*p*5a;+FUxL&@l8NLlm zcUBfjDJGY`$=gx) zGNTAV4CE~rI>4OId)&xjTB_4%?}iY76;hq0$tc00-50}adw1To9nQYlYa9S`cDXLi z{|8uo2%j3V`sr{mou9D<;N{r@rc-SJfa(f_%TQBes+M)?$x5y@UjN>Q@Z$%l^w=%qb3Sdy^hA^QYh!M)faa^QpNKiRnnGB`acA>w)O z-d*mJI4vb|^85{+nk6dT1W>0lPXP6YWKI24(1U&dzCOWpZP2kbOWJQ=_bS#+*rZWS z(Q{D|qD`h^Yzg1gASfg3qdbu@BDNg`BEUIwTWdVZ=3|ZF8s??s&Q{N!zmVMi9wL9u z!n@mhYsw(s3UsVuBEe}3-+AIMEbzn5~h)0Rl3-plA zk2~CFq?6Jh_?)e%omKF4TjPNmH^+3)sN({~(ySS0Sa_)2gXj@=S*rIvxidlUUr``m zdld;5pXx=e`v%8_bCS^A7t^vm0r{bXS+mj-BNGK$~bu)jj}FI3z^T@ zGL<>67D&u8HG2Q;y1+NS^ zPHm16L5R~6lJ=dtPhIhW{!j)xE*DY{$lo{?Tr$cz+cqcC6K~eM@!E@5BQKJ2q(*tS z`jd|@#b2C}sb2550zsrGkk*if%u#zI|5myDembsBKPoZ9tyQm8Nkfu^*d5#U7Y}H; z)-`ylHw!0w^7DIkmRn!9e5PPZZi|1Iys{3j2Fi^PL8_9PLN z-rlMb&4WYdd#Q+gC|=Hqzpz;BS%2xzz%%gze~{CMJx)2$=m>EZ3yy+^hxxYt_Q^o? zV}W{%|2z%VO>&XYO`aZI%Tlep&@9Fc6QK`^9JOuOdbnmb(A3l}0I$mYfeyE8Q z!Z`AC_wBg9*VuYm(Ug_x5^#ooFqGF(SK!fYF@zgcPWbqLi0(>B9YN#c_Wflsy()%l z^+W5o`)IQZxpNsN$-P)sBh_vw0!tb@CJAv+4yGx?iu#XL2Ibe1!-?8S;dln)PHUI#Cf(qwL4cg z+wHX}y~OR8^&vGfrNN9IE!0E)mg%WBpFXn&bfr02fj;D`+UmvFJg-($A;+;FVeH6Y^co-$()qT$9H zRzBu7EGPTTduskn2uX?WG*SR0&cq})pHNJwY;hxdEvX_2__sjj|eKh}DKp@D2iULn*lR6zBWo|cz}?X?;-KGW>k zayQ!NN>6ZGu8aqJiP9ZIuKSjRRGtIkV*brj&IPX^@4aYCnc9cc6?Kc=PRTawzEZyq z)!0}|`&JG8#8C1>^N~;kLkgk4BH~}Mu@6qFqLno{f5y^Td`TkGXWHqm3+i%y`;?WO zH|^u@tFVVBKpH*kNi9P6B&+NF)V)Cl1fw_f6l6wK`%t ztCLW32|IM~f?=>`wVOUPHhy~atY@-hpnhTn zG*_kupP#G{l zaz5Jp-oPX}W9=l^=84bIcHds3Tl(^tC&Ma|TU}yGGEr1hS$w%@d$C&=iOTh(L*y3( zX<-DlJD@|Nz};bT1!S%#|7F|BlH8dHsrdHdaZY5b!0gn{cImK>Paq<5BVg0t**`)Y zBWTsFfJmls=D$f3WK&Y>NJ~ArVn%Vnpv?XmgmY>Ns{N{W{r1T#EBE*k?OjTj-2Pm& zuFz^%xkafbX&L5ZTX51I5yOt7CR5X6@iIs=J$K81-cn!m64kAqnn^!*qe}c-GMQ${w$AyPl-*h zP99=M`A3qaUhJb7i{f3(ARD?^lsh>dWl@Ny9s|6Oq@d~cmGP_5R;vM1~(*e z-<1BZSF%`<9xnmMz`C&DU!Xv{9B`y{6)9aw!=6?GSA)R_ipWHmXN=ukB)|ht#eD=~(hjMtlE0yHJBXBde56oA;wbxNF_!xh=?DgaG zlHPOrnL3?tkd1OalV<3V{_g>Es_0p26k9v*wmeNMzdm3|zJ0DEw zg>PSe&;#|kql}C;UUOrb`t3^-%oZ)v%B{!#(eK-N&?>%D^=5s66GTBfCf`S2bU}gc z-6&<(lf3Lm1Mi6-Gby`I<|}9U?0njDi`qOP zEX?}B=MZL}bSHiBwXf9OR$!bpCe2y^{F&%8+qPY{o*S<2)@)4>=j_x1lxE`ACS9Y5 zyIOwrN*4H7z2gk|q=*EJbnm^0>BH!yt!O^xUM!YJE&hYOxX`3$NKg|CAxO5+3dMzI zUrWp{0EG5bcgZDe%Bi~eYI6;wj1fj1wcDm0qX~uMH$DH$O3ivxqzsCQL}?3y2Q3c< z?9NGisa{`)dlEgNjRo&xF_c5jroA+lQ0+7z^DOqvj;N?@ZnesihFib!Q%3w{kLV;Qj)$B_Bg)(FJh`u!1$UfCnIy)8uX(VT&j6?(F`URJyW=*c$m!W%3|d%XTVwyS*xBB=SGU{~IpYG-rFw#s>tK?J6V~UYr(K4fBK2Ljg`K9lvHkCf zW9$aY+G9Fs?s{+ja6n`m&pg^}H`wX#pGygm?B>j`;uyVI#j;h#(Yemzp5P)>Z)-{U{f5ym zUpV{|N^J%-c2-N%bL+TkZfEQ}P^MC|Gc?yCq@b^#kXJQnspq)dwZ7KsV+uwna9%TO97Ib+i@3n+%{|! z<3-eWJZBQYE9;xcQIb(2hmn-loKK=CQKg45%&k0XYL}y!Dz;H`3hy!qk1F_x&~uwh zSWO+O_m3WP9~8(}ja6}!6NrXVCq|oOg|Vf((oy4^f54OGx@pkSlsR~0%H8$OLjvC+ zr~L&s<+)~UqbxbxrWLHbgqvq z#!McmZDwrOq;)WbBd#$2FO&P*8CD@Axup+|6S(?*hH@&hpN<+q*!D?jQd`avsXrt; z1IBkhbAW)XlESG$3JLK5$)m?0gS3}m0d^H-fUK}K51yWB0(!EfwMU0pJ3-r(0?Xu# z6`&v|Z_oGM$^Ze{lxuTuR6j36X-<#dx~x8^T-IgC&8!%OO;?J3@%8J=LWi9dpPh7) z{cqaYc4AGu?BFb_VYuQE%9aTTXOj)}(`}m|hY(X^h%T}2Ly8uhTwGX+Z6@*cGge~M z=5M?PE-J#rOYOSt8JJ4Fx_8y_NJ65qUCbg9?XWM?%zEbJRy&1Nc$XlA+$ zZ-)R<%duPL*4t4kiFx1J+PcP->yJWu0A`xIbMfSNsKA`vFC^(y05G;DTpEL2XZ7l^ zakXcj)M9E=#6)DxX1Mo8Y=hGTK(#h>(RhdN?vt4{Iy*Kk`F^C7-<}9==k~oeo9Y`+ zD7`;4Iy!p26@6B9IlsrC6!lFm_(U=hoxZD%t0&+`uju*s*_M5FA9C2334it7{SeH< zFulW?O)wqqb;D&q$j%>idyvI=I4uD1=#MxF9UUdQ4`LDNE|Q!Fvx1%k7lAvpiX7hm z3TdJ!(fx#GxZjJeBaKU^1X(Dz7&%fiLfb+PB^NR_F(cd*uBmbd&cNO#%CfQxI0okL z{Dc-5xW!H>01?yU9M~ap#$h6xO3Y!7nW#sQA};|0C-!2ahLck`Bu@~}QC{Bn>T02fY21f_o+g^5n7obMFV)=V5ZDaDblK)lH#Wth0*Aw{z56sf@}N_vZVL=9^4`rZ@F>DAtAG%}z7!Xm!%EnobI z`F8W`R>1q_H=(cw?h__nOWzxi;2QYvzh`4d;-wrr#_0?;10>?bb*tT1)Dk7UkYSsx z@5(-fs9wcGm3?pqkXY$J%V-OY*sKT$ zq%+@yz9UVrcN%C(JGsv%2OwH7x}U$8iuRPfHr-NAtMAeGP-pBfEnSfmXcH6n3Ye{$ z;uc@R?S&T4CspO0+)GL2!u7-{KD^6&rxMcw&PZ(|CB$&^+R3>JkNf&wV1Mm} z%6J}5(@Y4EE`bhOr2KSg9Blbg&ps!+e|@-LT#}r1ccxznXRc(CQ4R#w&gMa}d3-RZ z$63BF4FUH3Ntfk+Cv7cfFy4$v1Zg(pSt_L+DU!8spu%LoOXHDEa8TwW!4#G zcg<_pQpc6ROM#-<3+I`B4nDrZoBN%~5S{_Q($$>7*C+(x7{lDerE*y-!}~64GCqOE z6yYnuM5Fo|7ISg(iz-1CHxAPa7NsvM6B_f!h*uaT(s&|mx@Y~gyL4|BX-;X(X&fj( z@h7m!V7(YkZ6{sW+C2MdAB}0~yun zSsy~-#UQ_G^EthMrJ7O3+9I7f4)eJ2eutiT`Ba{$06s!@a6NG#UTP6e=MxdlpJjl{EUgZ`gGs-5Ec zOYL~5eRsagb~z1I$=WhDD?xjo>EOzKS(7f#h9x7`dUY7~eTtGyxc)gH0bOz6x&70RF&UL{~&H~J)yTIoJ4`>1@iEp;aXxO{!^q;9- zn9LUO{82DlHtIYC0}00mBptiYiSKOgUmvpb$p$%hi{%&r_nBg!N!(k%3dc>?C&yLk ziMOFtqBH=CZ7`e85oC-iQH>Go300Q3@p*%JXSF6qY)u>y{>y)}P)JkjRf454_kO!J zZZ)6kr#z5*eViLyWZ|0{qtPo{lbSUeAd{#*;KnGTRooK4@nCGLc7LmG8nf5ZE98)j zsHcIJr4rQQM3Skyk2$5Jbmbe=@JEa)LG+ui*@;i~sakrzzC4qCBPCC@?%}~==NXZ$ zspTFT=vjiwss<#NXJhLGX2ChKO?g0_u@k0kif_M{*AsCqVDeh(ffG09z>WeMkADw( zt{@n=V>B}k^6+n$LnOBuhMWh4mS=}_>lc@OYLaCi(^`D0oQvqgCh*Jo>}>FN3-jIm z`Y3DD0rN&0K@L6@h#Pa)Gh9tRhrJb*1=V9{fw#AU1E~9_5-{$+rkcp>}F+TBiDVjfN z9GRLn0z?W3`{!WId=*E?TOu;z$6(rTKUs7WaA5XlkP`+S;T?aSFi2w9*BUg6032vJlp#9t;A|n49-txqj{yDJ(Jwm3f(5@5bch2#-{sra_2|Gb$a))w%1T**|Q?KwbqJ+Qc(Xz zTCQ7Pp9L(x3-#$Lu*%DHPFjQWM9%U*P@@=f8I~B|VS)Ve^~{}G9M2n9!@eej_m96- zB0Zc_GpnFL<>bkemVJe(>Mn@i+v2XaepH;mZ*%r6b~&+hSY*^{7QWGM9J`?tI^v1Q*6DA!PuJ!~P{^{Q5Qmq^W@USx@4YhAPE?)ahn zY2)ogXolp=%PVQ2Ct+SG9sAm6$9pQySO#|s3g?dAzzB>MKi(HpZeLw^cY)?+c7(SB ze=>gfnW-A=C5$$zeC@${2!J_HDU3c`QM;uF`@YLW!%xbd;zScy8}tjtXpdeK`Al1z zBg>Gp^-!<(ZSGboVf%0WFz+WF!=bApS-LW?JTVVp){$0$_8*7-rSU=PNY%aZRz!zn{6$ck)+m;#Xx{9k+i z1OiDN)on)oDQU%V7q~Y`VAmwDI;I==YxIE0?$B*n&pL@=V9!R^pCml;;KOiui_$1O zgxoGG>K2_??FSaJUU>{0j7^`Z1Mad2X^FLmysv`6SNBD1>C*7mj}Q(Pj8DIbUN0X{ z?8(vI>5$#K?_2GDo}$`m7|upyWJiu-U}#$fA}rNyzN4sgvgu-osZLN=ITJA*S$g2z zF1!XUPqMH-aH)IR1dyJVy2*I)qXs>WRP|X!dz_J&EXH17Iwg@iT%}w|W#VSv*%)AX zOH#up@e|Q6EC9fdia<~W{EL&Xa_-P85m->n!GpsYo9482z_7^yZm zeeqZ0DG8pfN)!AIYL!wUpZ9*9WGVPqmc@_+@0oaJ@wo2m_>uB*?#cdBhCP=)lc}BI z9gSV?FI#+C9J?moIaKF5uVZ3bg?#kit_Jxh&JB(v;&zRX{(9vH0W(`^x-9Tq#j$1y zeQo9}nC(m-T^0e}I{yT6`4J)h{qT0^W!$1erK)!R>$`y3h>0k@!?7IR(+#{cj z5vRZhBkwz3@Q;sP$`Ur)opnErdLaAWeKFKTBqlWdQNbsb#dlhlu)+?of3{J8cJBx< z$X8d=M{@<{LblLj@Jah1wXyXLDp_dP*i%dkA||T)IG;{a&P5;4k@gAXIRvKUJup6m z+cJGScy0aHv(%#wq+BnsujIzsi z-i4jeJ}slM9F|$WJ(Yx9Z?6VMEa)?0N6%{zPK~cjqqT4gA+nVm4QoC>7*{dgUTHq5I z2XtuvV_}G2LVtp&?_wa~_=mU?;G>>Kjmcnv**V>c)cO8?bP}DbLw{)_&$&;mJqAf1 z9u*|5?jig~fU=ZP?$fN%=7JSciQdD^o2~Gu=P;QVkpW2zL-ay29*(NR<(EK31$PeC zKfX&@!`KeJH(HpF`GE6-n4Re~BFH3PxwNYxjSd!^3;N4*>X;ujr!_Ll%WVgdM%#O! zDp;*oftTZM;2x*O7K_=0a5=e`SmiXim%cKwISL5#7MkAJXSpttx<*_D-kwGE23<|% zk4;Q|J!+}bsH%}5RbnW;aqxP4zmnTmF~Tu-pZhF*8&L37t^`(Ca!Wpl&n!c@kia<|q$ zhNl>^BKjjQ2J)tp*Bv(V>b;~_AmuP1L!xmuGtbI>m};puK|8V>)&U4oNMW7{Hzlb;D6qJ2Fl;I_Yi=O-H(k49o+!n~vNVXcG` zIfHXU){%Exv>H;Yb+Q4%S(5h*4h@*&C=W^#i%;X6x$pmJkehO@ZH{l((jb82V1c@5 zuMW6has=*t58Ci3 zFSCRo^QCc-V?je^Sa@m}kY0*$)Ijyc|Rj5yT0h1-DBt2fV%ubgM98cNdk654Pgle~Cqk#FVQ)sdH&>N!}Zo z#eWVm+b85&y##6pGEX!BgD<$vLZ0AX0cM|ou3^_eOow0qohrB{6Wt=~QCnGA|B2)& zo{Z1tCy@Boc`L~?Y7N{|MUtaDmehop*c!nTDKf}t@4oYI`vIaQc<^y#f4w4f3nOMT zTy>+)I+uaXvh#F2KQ+UP{ zF~B?!=tD|x%*1x}JbEnR?(SN@n=xa$QF%4{?=luS#j+!SnfYi~dWjU%Q^cN72`F#P zh(@x~f^hh4i6!ZK;$$gPSSFnU{eWP+R<@6M=UO0`)Ftu=g5Oh7M`p>?>puqEj!IIX zj{1m%pdYF@2z13e^XGjcR3--TM2GOwhY&VhUqNDLCZVj=8uo+yc2QcIqi~!1_>F&h z4JluWO)ET=2%u_nWB;-2d>_B}9!(fHKBYr2SMGhIhgKw!*O9F#Tp&&sS2L2M+2115 zolSoJMumqKbIxDhdpF7<5v(8{xeY6F5`ur&H90u#I1NyJ3$+u}@+-BD%V2;q2jzv7 z{+kHGB+a{6=T-Z&iqR~6xXafj@ksdDy>bqHQV&i(u}+2#UIM|0lrPj^nOL5@Pyiqv z)KF*&dJ*ym`={`gl$K|%lWP%C(< zw78fJ;V6rm?WH$k?8KK@uER)Lvw4cws(oK-8gl{uO!FWQm*GujguYJ3I*pL@{8=2r zPZwV|>ybZD*A2H;_VOvG2p%Qx_kpQoVssO^IX&3xb2XP#QrtmM zIIx})5(ygcebu#%NszehK|%U%*%+B>gvZa_#?RgP$=i%vmLx^9eq5S>?yB}knT@$J zOf~FB7{hRmzlaH9R$th1-2*}iiF`Eq;rVcgac`cRGX1p}znA4dO71MaFkci?Y95xv z0Efh+*&CLM#2U84*{wdkF9}Q@S4(3KynnU($eeT}-bYtFJ!Zc-N>pZXbl01(o!NU@wBEtye}p#_7p_d0Og-kE*?5Me2U z`96iNhm5d}dn=1od;r3<;cx$A5-{PeeuT*&xVT@|hx~+-f``D^s}_L-pxwRYD`kSp z901CLQihx%0ts2ws~kQ)eHUL}H`dfOUVHp2u_qNTU+V}e-NR&Q{j9spl84n$>iYmS z$QO}sOeZ{$XHSXb+h|3TYtnG2cWX;T?SZ4iQ-n9|Wnm$&IWfJgsTg`NY1ad$_B?>W7l?D--*}5wf;$k{Cg7%Uj-S8_S~VH}Ad(IwO2i zCzqk;^&4hpRo(H_ex((vkm>b$J&=s5<4s+kPR*9@ z0!1LlnC(*)O@QM7sZuYJQ`*a6HjgjA)wIgd!|pX{9(ntxnn}!oh!rb7?wKok;|7yf zmN7?35qc_|D*E_-)#6v@nyXTwB83MIrvrd9gPjUEv;W$u^I@=46Q18W@t1L;6j%hd zd`-DH4hkq+9Lta0=W?)sMui)tPN!AoUin6^Qif6YpQ)JrB5GcHf_L{fKqDdHvR`CJ z^eX0);4_)t-C-xTMyO;J>7|dulk^Qi%<;TX$4T5nDJ5I9L|lyq9O_=Lym7fB`5u_> zAD*ZrJnv1jmAi~WYbrtKWh%0--8{#Ryt$Q_WB-Mazym$vtm~FgzSSwU@zK^3JTRFv zxOr-8Zs4HhKv6;-WA8`zt#{-T_Re{<`2)!rA9$^pUoTsZT#meFmznDk!p<++v;La< zVnxYt^y^yjQ(6vk32DR4`p{$?BstEDWLv`cOvKco2XCyCxXNJ-;9~G66{~ z%^h15mOvbZgLc5L zU!r}fuPRDr0HsN8g)05KskG~`>C4XCv=4{g%-CeEa%5K7SAXCdkmaI3tv2E6ynEz= zWLiGouSxCJ%@+)$E;k-OyhXaVJh2l=lGHR|a(c4S;RNb$dIn4^_(>1d$XACm-uRNQ z{+ORC?spLypnpd!Sufj@x9xj^P^dn10X4Swf#TIL^2fIc)wPo<+DYY^Z;9oKfffuo zgL0gO$?H;sK2`XK!g1{efE6UV?J$H#U0&q3rZVtBYrLFk7tAh=tnR-ctW-&PBKKZ2 z%zVnfLpwMliL_AZDsXaU& zAhl)>;)Gl6MEIpt#E*8GLV@;oQ2G7SE@A48pXmr8=CELhFTP~%Y=*szWq4~SBTGePN zTW^buwc#N6zPb&LJnm$?fa;hzTr7(aF=B2&d+?gpW6@-&^Bm|N;J%4vU&hp+pby@Y z$(ZNyaJ2)$k(jg^>3Mm30DCnIAFE~m_{pw#uS9B5=ef6g#~v=NV#Vu%(|HT`fh3>r zI4Pv=XOYogte*tvWuyZ+yb?dL57k^l)9wV3t177{V(q0gU) z#a<@+p##%q29NncBjKmR{o{Il(~(_U#6J30u5-v2#o&D6+=l&OSkhi8`Ml>+AOEF} zS%+Ly%w8>C=VF0`VZ(0KK&pT&EG(|AGatOe^%`x2*auo6FdW1K!$IIBTBgo&B5r9A z8LDJFy&{eALAjC0#$2>h)XrG*H}X2lOg&a}KZ<~PWicckUbB9%67R`g|LuBZV^v51 zk_*qL`2yhGbX!_n7ctG(bm<>Aw^n9aHNL5s2CK)wR7fKKo5;2JA}i4dU6qwNI_GOQ zpz*ULGs(?$eIOTbM7BJSe@&9MuoRfMJWOjfFsr`Jbj+CPMBShAhkb?bS`Zd!rwa8S zWl~#+6QALZAuYKJI&!{t#7NE$BjZ}3dY@9l*Asd=1*xHi<_+XwgH+!X{vreTy|({V zTp|WqFBQk(0_G_3mzJv}D|hZp`SECGCuKwl3YWLmClDSG<>6jOc3oyqb$7-So$zJz zrUn7`B218HH;bf23Dh1Z4_$@rPI|MHAQ=K&rQqa&tCYCv^i#V_*c$z8@qogdvoP){ zM-J>kk7FH>P%cMawb2(?7;qaD4l=q6j}cp+#n~pg-J2mB;(w9vJl(2x!{J|rZ^2fM z0BNj{>Y4lJ*2r9U8Yr0!-~60>5(#6pdDk>ozHiFw0jYJ^BSxqSokPXCn0;df$e!e{ z%?hRI;BmUiv5ArJ8No@QYa4p0|Emi_jt-&C>A;5?;XU8HrG61)WCm5JnL$R&|ESC# z$_Rw}Qg6Qv3R%BB!U=8yRf$%VWp1Ix-8kFwoY*?e=7syesTO4IN0YcM+u2V>32TWW z7BBUbJm=~_O8IqVebS$<)NlHzVL4=h?~p}wSk$gChF#!dZKZt-F<>RcfTf{DjlN%d z+l!ZAs(L+38n>awyKk*LdFY^jRRYVgrB<09zubtmL+4tt( z;e_g28zCn+WgJLiYJ_Z_1zuMQ^BN&eOsshDu=6I!L3e`4%7X_FKWw^1x}BSg141v+ z)lFj)GFMf@j=Te2Rfh2bvWxq^^HBvF{aG9#JoD zym*^9zO`g~Wb2=R{OcQ~I%4oEv{6fIjbO8bANE?#44uo8fm9^xi1~1)$zHv_{P=|E z1;qz6036S<+ z-|J=vw>zt-SN~V>6iOw{3~OfR6vD}6ET13EhSZ1jn>;%M+HwDhR?be+MU5%UvlCs9 zxgaGAgbv3dfi(>ROS6;xq-M4gZ|Ibv{k=GK1R zcE)!oE_!*hnI!JJK@PWLXpH`tnBO@olS=iz%t(c<*gDK`)bcF2S=0@TCK}&f%o-M| zse=CC$&+V0Qy3r^hYf*>n%L`%<3u~;))(f`NM9|eN71ixJ^z^L?>n?U_tasj?2LC| zQBLhwfAgtvWxW0qg7YrHEamrDHYL<`U+~*Wtlsd=FRa)R+Q#Z1Vwpa8((f5>Z3I^! zAMv1HR_;wrUES=GlC7TZlKyT=E8SA(@4RZNB#VbOOCCMEo;@SGE8^pu&c-W%|E043N{|Uf zN?B+}4@19{tx*PB!*9bb*zc6bbz1;=X9q=9^__G+rHFu-kqhUqeAcUtbIv^n19i8Q zF$rjVK2QIP!u@nvhZ?!B_LY+aPIqf`9ypd^R&a01HMIDKR zR&-KPAn)QwnGJJxBRr*`*?l}{Kvk_xNB_r&iWKG**rjN9B!Q^z=K|YX5K&vcvA21# zeEo`E|AR?g|Cq`p@4_F~_s6wxQ#lGG<85^IX*0jOP(vp7v(Q8hm0kB*ZdF#WR_No;*Xj; z*O$u5)?^n56*_9$L)R~19*|5QH{Vu#xVR?k{(baGcO>b`#LF9d-7}mXOHJ+U50qc( ztG|=V^zp8dctkL!2X*G9Bs)g=Es=M3Vz&?Jx^|*m(CqN=x?PMh$#cqt&RVB2BYd@J zX*)I)fB`u|DL+eZzS$JhlI}Xpc?uaiZ`=}ZclUaC*XUUw%bG$mY!IEa1k0NJaOK7c zBYf}~vrSW^MRojp^lmrn&)EU_3G*3Q*0?D0zl_)31|7zlo|9y@*t8r!P|_LSbHHKd zzLq#D@{mw`s2$0VL?OrF_4noQJhN4gCFA3E+m8t+RlFGov#HJQmQ%XdN2mhG)b%Om z%knh=?>=k2P3i3Q^RL9SkG9~yTCLM~iC=wi^RPV+k=(u*1NM*VA76!Yh!-oGn1!lE zxTw(uI-Zl_sfk#ioaLD7ZeOqvRCp85_Mu7eUA28CVqW&QVOPbwI%?6QoXDblYN|`c zpca@|>^|&e6DP8eaCCf^eCQx*j(bSmNi~Rp?Old)4=+RT3#2n??}lE7vQHgf+lVHS z_nXER&b9~pSB^b9f5`qIdY;<|vHEI}(i_=N7Yu!3wup~VCA7V8y4LOMA3e|-{_N*k zVYY}@n1oI)x)nB>4kz*&;d6E2r0iX(C`%@kh}q!$67D@6R9uk#P?nuL>+vGjbDEPd zn*#aB|70Qhoir&!X7)tPB?J)rqLRGq+ilL^H_`_OFQa5wOxl3mbeS!=t-HT*Q^)2G5FO8nGl?nKH4 zM+H#zC^tf3yX`9~7_b~gk~ZKQhQ&iWtBySGY3>I_mogZJ%~(TYW;-; zI0-r-p~NvFZB-{r7zc{lhEzxC@3J?rwB14B7mMGYPNfMc%-T_E6-#-ym+jt)r*xN& zLcto%dGYe{@ObBRclLDh;2MkDLGf2i5iW0nZ^2X(m&}P~rRu6?2Tl%_q?!g#m~G7- zK%#b+b*cJO5LVEfmgksvr(3$jY6{#OC}0#a~RyaK10-%o?AtVC+^ z**Pw)*o;qwd{dDVSe~v9D5?-GK9)Iykz8DId+?Ch680V+bLY$5;|-1+g%>F^oY7|- z2TwhKcxv29l-;@EteokpCXIm-^@7=WiDsG0?9|}73tW=ijA|V@yyhuM?!u-GE5n>p&uun#|rpIzjo+OeJxW)|u|dBkGq zIiM&dGbTidUMD~CK`g~9K-pp>S+$Y#Tts4iNZzA~eXR$B*Cc$YWwkKKV@VgajMd z#4Ti5|0g5~F+{>TUO+soB3H|=o-y)5S%ELPfI%7ejnkoq|b zVQPE@_l;<6Vawwu3?IbAQd$2Ds`JFily*T=C$x+b{y_rHo58pj_g_5MX`-B8?J8z{ zadappp6!(iC(8D;VZPL2;j|i!wa3j=GwPWyqaA5AsL_PyF6RDv^~Qt@6pau`IbLDG zNucJqMsoe4$CB|QF?>;A&SqAb(6l{dpMjWj-{?ALmT3N*@X@%phwY8gJ6`2=>p@}s zrNKsA_g0G?TBl$dr@*U0{OKCzpAtfHds^7V2_ zeQ-dmmOCp~n6p-=v(IAIsV>%rOJTRm`)jd(elWxUNP~-bNB^>OoGB{vxVBDNiCAZx z!O^>~v8i$ND2VPl1s88La9qM-NiSka1(65>ALe==fn)cYAk>1&M_i4+YnYgfcj??6 z(0E(nvd*jgB}s#LPzl3?#;0nFhShvOtj8{5rpe5+(@jCY9Ov0jSu$02fN<<(iI?!w z0f-;Meu1EDfwPQc-@e9%2049w{cb<_KY6UYK5kW%cM@LFij7actzsJ!(QS~29e_5a z$zURu$#8pZOA^Y8`-Ec7lW*G&S}-&*vw@W5UdQG8f$>g0TAFpl5gy@zV1KHC8@_!k5x{3-L%JytqFJk0J$8y*5hU%I*UqSnM zzO3gfBmL)yZ9;$OLL}@x?CI7jG9e}07R`5gNew1T?}jcvSLH^B&LG5g%EG0VV{bRp z4=A^b_gAWW9fhC~Os7@3;oHr2;_l|>H3@>%!7ozaH5i8~0@+ zOc_)vAZhTgUkgbY`qW!+-Kx}l4^E{m?ZF$xjPku<$3Gn>zN?V2R&m)RuDL{_%t8WV zA@Skb?^G~n3fB)WL4kiat;P-ia@O>+B{noU9_dt$bG4b2L{x{&t&`k_14Y%`FTPSb zo9JAZW4K^fGB{S6IelxvBxKd1!{9CTNS-652;ri7q03u7qp@@u6Hc53dA4^K%W&x3 zRIG6>T(lHFMYF--{Jk`S?|Bm~zFp67~oLh?aA*O9xL?>G6@k-c7iK z3s;lYHx8QmGBN5l4IbcO$K*?oIw0baD$Hn?$k|VysmF6<@{S))l|CFl=_urN*#0b< z9-O^&jHn+BaQ92mBCL>qmU#E4Hbcm}7!(@Nf4@?&lR++^tmbenQ>2Kpy)^wG2?$*t;bAiC_`dzj zg_8v@cX2tDz)dAJ1P;E(<}wxWEp?nxyC(Dh&)nlQzTKnAj{k#Vq||#d4#TnJ(>=G$s$VL7Di8&1yx*_^xC2^^RG2 z@iZR6bS=hakGR+MM@(&dsGq(4m6zBMXOWV}zJSw^@fM{*QceCq=T*RT;;K+xHKcl? zeDZrYAWf{QeBVgV2?!u#5@AGd^nbe)OgQ4k$A*k&{#t4wwC|e9ItfiOenvOon<%7& zZ}SR><;cF$h6ThhOE@S=!%O1i0xrY?yA5oiWZ!bi7@tMP&m!OaE9;&kUo${5tW~A1 z-RIU#WTQ(mH9S#gEg1!+L0l2);6WrCyfIs-Yn{jWwQ=?95J%RPoi8$v)e2^=4Kze; zqN`*!dIuAO3D*=!3y09xdx=(Qf7qMcZ^ou7RxUT9C;R?on5kF|M#%qw6b!wpd4|3E z%euo5jaOH`Ch5k3X6VS^R#4yor*iY1MNHxy(++6#I43KWU!;BDD^8*@r_fVh9ne*7 zbA8ASd&q-whSqpSK|C#=qqcct#X3LQc)eU!@8~Zy3^14Cuskl`v^12u3aUjT1ENWP z95%JJvw~ti`Z39{cHwm}!q*8=B7E|%fPFQl>=hJOY^%z{{*-2aI}#SqwL;@Bo^SuF z#X>~P&1QHBtJvmv<635aF-5z0M*!-fuP((`nxj@=#^B%KAuqpe(U0#hGs*qgoW}@4 zOY5!@vTgEskc7p_kD|l$2{e*tXKvN7bHIZTxX@N*xS`4+@#9~``}*EoUAOBeAFt!N zYZOh!pWD#a-CLM)@Fba$$G4s`|o=e z+*PzDt#x<#Aj-?C(a`DShnhflv&QpY#i!q|`#9FoI*!s3=sF3W0P`NTvuz!#lz`23 zKUH--YFU(L`;CM>p)pG5YW7iyQ8?NL%kQKXcDqhg*i#8XZh-iS9k&}EsnY##3nvuv z<1GZWkOSGT2f%&qsrPgdO`wLFHBeJJwJsTP-#U0*4&uMtgZCP~JISNK6Q;=oWY$pJ zh~p=`G2tX2-1%3cp>m3;CQ0y07km1H%_YcX?h@j;kCJgVTn+5D!U3u03`}yF&SKnx<^>dGZPw* z#g|&cp$kDa>GE(dN$rr4D70+{sw_^VqzELrG+YV!xMziqH-Dn-ko`rpUS`A67=ED* zhqqO|a@o@U@;Fe^FS6QSBjVxVshskBWs&GS*V>t}JtW|5Z&w*I7r1w}*G27mNyLb? zkyJiqj8arNr!A}1uM!yP{;;r!3CTp8j)}OKRWc2DdKdnjZ_urR!eL!V-_S2PW5r>pBn!U>1kECo+ z2gxt+NNi?Olx!zrlZf^*NBSg+S}ySf?Ys`WIg+;?<6=+uF+a7j<+OqGAjU|!Dc?if zugymPEF)s_tw`_3aV19n@DKB4rc|c0R07CRv9@wP;iwsbBn)B!b6$VS76ja=iy}Jb z{bPEb;4w^Hbxq`aE-V*h24rzx`)=7>70UQpmp;v>??w9WY`0R%ZI3LOsi*5q@;<~d zvPtd*ZpJb#p_K7O5+Ut*PLF1zFBWM}I;34IMGm2`?)VWt{K$o$H9J@aIAV-1K3?jM z6b*~l)LOoLxwIrkAT80;lZ=1d6Y|7{{Z-3dN{r&+Hj3}8+Jje3AL3~;wuim6%%9?0 zjty7szwP{g?HRaT;+PxIpEZ4FX8G5vgD_Ma6Kjyc4osB;ZH7al#!;dX*A&Szk}}?j z^e74?CEB@V2ooKNJGQ%H5L#GO=NJ*#G2tYLYbg1eA`%~Org|K2_9MAnPe7>fwc^$U z)Wcd>+n!1--k(v<{DEV;NOxFl)@iLM`*_0hQhX&;XU;(?^tHn~3gjlVhtH3ByR8-6 zt69@@;$fG7FzdFeL$04NXGOnlB^q=R5d3mw(FFV71`oCDr8ku z6&g+eIXA{XO4BC_%|LCvJ-AuS!F{&FCGDWP2NmVYNJLz+$-s*4#!-ghYpQaxeKxJf zev*j7IgbvV=IYEStB7B(AS;IWP{mn>
*L0E__hx6sWU0J2cN_lAyI*kr|-Ontw9sjO>+y5_8%AH6B4?)H6nvlUjZKH^ zJpz*BS1@r+z(8VSIr3RmA?@)uQ|YW6ftRH|_P2av0-Oe*|8SN4`Z#`EGd zoLx9L&gM=Yv#D)vSh4Cn=xmRW4q4N8_Vt(PLn}=`DYI$5K&BsK%V_jjKznjnC?q;DilBal)nfjz56_Fh?Gs!+; zt&ssQFR!t25cXwe<{Yd_PR7TsFm-3ePXs=m%*uYa{HlRZ&oYSXnp_c7D~j=N5626b zTz+{yH}U;%WVPbSf}L*`UjK)$_l~E!|HH@cq%v+KNfBB|B4uSOw>0d%DPeDhkKQII<=4*vGLs-{)KReSiA=zMt>!pB{a>KcVwl&*ybr&+DqN3Tevl zyb11V;BMQA+<_^F)7Z?U#-3Nr48Pzfq&zeao}dRX+I1ijktOc^3xE5iW&^2tcO~yV z`EBh=vXFndFz@3PnDH`nx}>{4e&G2X;59mfCPf7f z_M?4}7V*$9$xz$UR->bsD{;a}?g2mf$y3OU785dd?z_|4V;?WNFVzb>j@cFGrx_VJ zs|?JgT{qIkXEBaz$%xa&$OIW!CTl&}-QA_hcq>CVmU_4SPqs+# z5bh8U$Z=Q=p1HY(JvqNCr=BQJbu|2~c~klOG`^C8k)jm49AaKJc-)c+yr+hB8`wpy!7@% zO~1dnFUMfAXcNY020GMuumdWkB#p1k>iFFW#hTWCLjFeXk%_B^OlM-bg|r5%wGZ*A zL?C^L;FB8f>fY?J)MjZBGuyfcwheN!HHIL$cE-hi_@9y`cX(-RFWqYR4RZR!_YT!b z2`?>b9Os4VTpf%)`Ak*h+4k!-ya#UIX}(W(PEFwB&v6dyNm(C%eOp1fy#lW5LXG1q z1|(F}Ldv(ex-b2u`gdAg8Qf}O6q;xf_!0}u0<>`fJEN`-2**Eba zwMZ}IO{l)66QAw`{vBq${S08P-%|W4w)HbVuQ2}Ii;wV;aejJOzslMd9%lBg>&&^o zR7Wc@q@nPzY(i;ikGK4jK$OG4VV;$YYzSvFye<&}n+%prNThGBKe=*?N%7Zp5OhqZ zKx}R1YKu+vrWrr`ylBXleGRR0bAWnY%`8v`=M6 zNfd<0cPYN!JJiTo@FXwdG`H9&+7Y5X(O#aM5)z!<#=n9zHp~|nhuezr>ydyqLT{RG zr))&9=I1;lRtbHkQnlPgBrEQ>TMoI_Wojr9v4WqX3FSZE0XBh)Ukx-km;`eM5YEdb z%!6>Ap=j_d>SFoBYt%innoX}SW_ppGlUNo^K!jm6rUzOa7ej^I-!(b5o3`zvl1FNQ z-q(+yjd(BS@PoVlEKT4=Z(y|JUWqj=+T{0?DXjFQ8 z=yp_3sp%nXgu(8>IP>49GVXM)g<%qKW(ChHZ55=6XRp=>2=577d~Z;Bl%2li{tYU< zKsk$>M-wN4&SC6JTrnvH1sW3#H^5@Dhvr3HUEQqc0n@$hc{Ng|XS!1?KJ+Y_#sX%> z{rvp07D!T3Qph4YSIOjD9LQ>a^@k)s>V2rD6=~dh0Iieh44@btzF$$h;Yq*uFTaa{ zziI|n&WznJY8^k8_P(IyuI7e|d%EV$gt7uUO+X)LqXT`R9Cq>za;HN%ex@_13c1x+?V80Wyp1*zNNI|k?DESo&!jw;j4J>S3&UGIwE(a5;EqmZoU7- zZ!2FTKn`eRUE#AP=w46zmU;J3w4IN+AgMIscmGLg%1NmQ-AX?Gjj?1$5p>q2z{io* zzy>KX+LM*ZpTp{MGPrmy9gA&kb)NFDk$vpA@bWHg?BiM}FGly8sNUVT&*{9rjojKf zJ8}Nh>Sg@;-`Gub9U4>6T z#0o0hxx7+F{bLMPJ_RmhEdP};t!jh`4F*{x)_PiHLrhUuH?jr)CujRW z1?@H9+}#i{0l9%TD3vDfn`gd%{}&8~gHu{w6$z?G{T$8cKn$kjy+#|>m`j@7PVy06 zN1qP;)r)2Ia@!MDZ$(C5UbB3)!AU2K9@+nNnX)JS#{ZV>nWiClFPArs`IhYxBFjneKGO zP$ZhGS2jUv^werZj%XuN?k|lhYvvM3%oVcA334h_&f5Flpv8D%T-Sxa6eS4s~ zignln&pYVW%nOZCN8J-@$1R)UbU1Uyyt+xT;?8=$S9tXb+QFDI3oK6b>e;0{bQZ7> zIoupkLtwG1P<>5LPmGP)g`c!Wj!d+)baRSuDQkh3XbFW;ndgM#6>p;qdJ7|V)y*>_ zyD$&M1p&Lu|6n8XYnP(-;3;xu-o=du&*#d`1r3pK!v@?4C&ehBN@R#QOK2gLlxTe? zXeNK&M6R6&NQU8RDf$8*pB99)WPs4x!()ck!uGk>YHYXGoOG#aMf344=R}qxw3gU; zxO{=$MAeN95n26^pVLR4Lc@D7N0d5vW~j9+GASp-8O`^&lz#E5ucmlsq2oCNhdRm}ax$j&I!d4=Cx$(~1}fRJI>hrj_TSDx0?7eQ;cD;(pW?AyPTYyW8RzT#BEtRDT|=pVsI3I zsz}JC{nUq)l$pnL(p?PFJC>5>DToa6VO~vDfgq-@B)x&bKJPL!GmAd4@bjJU>E36{ zhkx8VQ}y{DEx?RTUE1sCRMjih)kvNIfV6h-C`jFM2VfvIC|K)H0QS!9od{uyUohDv zKy)5iu+yCF8aP;Z$2on@F$!)kxT}P$3~2WNGKleLl0l=@%bR2fH8nD@5x1%^A<}7u zONTIA@-$P4OOM?|*AC{3!Ny96B;V7>B&SAOuD(c}8%lg<8!gdZrh5pa11B%#TK9X| z+-Xg_+%fW{HR=kCt2g426prJ*GcX|DNDMEnrG#vBB-z!_IjrpO!@l>X|MSa9h=wXX z>v&=>IQpMI<9!68`fxIB6#-B2OEI_Rh z5UzdjrN-`b3(CxfLW9Z0`77Up`wv7YZ^Ls{wv%y9@d{JuDHG*=gyybpb~9_|tpj+d z(pUojMr()@tG0}oS3HxtjR;G4TiK@2_0MV}9M8iqp~7o9%8df%trmluM8u5y;Gf4& zF|45cS`?qU4p(`i{wx%^tO{*PCtVfE6OV7(omSpl9dynF6RQinyxr>68$n*gpP^d4 zdwL6tmo))4{qJ7I7?@J%@5h=ZB@4M(3~;1!wO3pgug{|>$*DQ=&Q2rKXDI!# z)pW`Slvo$_!qYxI=E96CvoK;J7K5|(sQ!Kh5{AgAaU2((;Y}(BuY!E-UE-Ms4<2Of z!q+f5;WFR*j$e$7hRNkYt=Tveqlkx(+sPA0M^d-UgVP%69pn-=$S>?~=6T#wSy`#M zqq;$y&`t)z$i$?E z%gAkw2b9pZpDlaPQw7h^RNvD0X|;fD4^0IU2LLbp9EW&p*u=!GyqUq$pw8@&C#Oed z$hz$e^mOkSXfPQHwOo#eP_s)tA)xAIavAHyG-Xf-RC{gzA?Jibk!~HQ-^T^e!@wLvSMuFP73`+cDR?*orNZ&*MpdaZnKIzq%qIz&`GI4Pyu*n zT0aQ~`@B9kKJbfT_gZbLV&GV^05s5pzVU7^(gd9x3X}D-9 zaTM3Fc)=~RLu6RIV#7Yy zTZt06}#TR(Q+uSAs zmi8aL79l$MjD;GC!G`EN@HhXzK6Z+m(?G&WMY)Vy zqY#?(w>S0uj1Mg+1{G-EYgOjnKozveknNu4>hO91h-H*0&FT4l&v1SjkboBSZD=e8 zY{d0W7YhPNSz>~c--KE-pE80)^XJc>=dYgot4d0Wih|-*b#*myXGj7fgTxCOAUt97 zpYBY(AR_MubZ2k3#s#B8mMjO2YeR>MkhN`SYy@Y`pdQ8B3dc7R>jN<(%cv9u)y81f z%m6{7XkojaneI&Dm^_=RmsgdM$214x@nr>}Bt2P%nPA^G9Y`mgRZ~+FaPf&L98BK} zzW(p;+w@lLoT1kz!^$^)=1#F&;Siz}ocs$O<}z}r;S%K~%Sf$a?z3lvAcm~$i_0Ea zE%WW8%~m0=X#K|s{*vMws|&$*B%z_rIdserseD8rSaN$gy3`G~&t^a!5I|d%OF?Yy z^+8VYYRG-CMZImaE5`WlZJ)P^c<}m|eq$4^u|N1M7!t+ts;KF40&*vPHuK=8#i~I; zZoYwh`!x8rQ3@l(&-#vKS6V#k{*ZI9>A#N_peIx01rlBT|1o|fj?`np<+l}o+W{pB zG7Vp?f#fQd=#pqR9xlK8mRhU!4SlZSNGHwLzEH1$84qMLpOL8(zUsEugqA#kRW9zm z5zd!%Md3YkCV&Zw+5hmbtKay*9zLXT3@#mtuG6o=!cyAXRWidV(}WWzs;a8A!2iHM zN<_H5;-a`5+|e`FRh?od-#BMlJTVYeJ^+HTAF|Z=SvxToh>`|4c$}5_t~x2e=}PTS z6fPV55HLsS=@VTSDpUJyE4%yL^M||jp=3wwEbMFq9FfiFz-RX z`~d;k;Cq!I)A`{;t)LVyv|kuq_SXJ$2BW&aMEALV>^7n-a$>sbDy)rA$b*fAYd+{~ zwyf;A=HbVwa5~1wA5lLqaPj;I9AogSMqOr{jpz14r>DF59voSzCxN^}6hU4GM5 z<+(Lsa0I=lu)C@=f_OJxyzsGVGSJ^&Cvn2d%WHXcm9xE~u1XLUxGW--L@hVTSI)9a zkN$}>4}Me~W7e4+$xlEUw$!=9(VHSgovHDjDYcOD1k3KWL&OO=&l{k=RJyOt7&sN( z2tIyyZVLhs3LbWx*_nODb-y*lc@n!t6iJJyaI>jtWrA~X02$BEO-6U@}+?26)*EzwdN_-z!e9&zJt5H1xPUWI(&2SV<^sYaX+o0%DA8E#N_q}s#5wluumttnd2I>t$_{zG*3zKovYVU%D}c5mS7T#S;Z=R>x>>R9QK@O5 zX14DobGz)=A>#7IKQrV&0LtLvIC?BrGTsjB-TCSG6X#Jv7q;kx!t6s|I_qx{#- zh<^XB_0$pESFc~c4(KH3N?&txGuT<7sGFAQD01scS-w#*#Hp(`k(eJ@bYBLo8uzJ* z*EfPjpFSoK2%1oOfy=b+mT_eyOI(CEO9c9p{~*Gj?Q^H{5a`-gGwo+Kvkm5IABYqG zq(k8nP@^5KUXTyMx;7b*BTdxbGPXiRqo$F>^CamQj6~fx9uKj7n`sdSm&#N%q zQdzy{c4Yv$vV^EBdk0%CV&k2?r(o74k?tRMhy#U5CY+t3+rUQQj$L)w&I+?t>`q6! zQY{iR@7h1pd{r75Q<{Df5!hQ$`D!!S_5dBvVll=M=4%mzEZ#BSKB z*~Ve98A&?}Y3n0o)7K+y^nZ@?R>$T49G;|g4ZP9o^k*gVNz*a(hKHs2|GbX?-N}y_ z?z1tlV$v2LM$5raRpfJ!GN>qyWb$(NMLufTY*!Q*x`OHzBe7ukFtmu6r z3qyaWTe}q#DB}bWPGwO6y4UKVwekMW0-@=r#3y^>P9mMlE!9Ugz($4!G;|fU4kw@b zG*d+2rowIdb70!wz=3t{>fBzvEyg@ap)j0*ff>8*d9rN2#ilx}7=YeJkiVjq<>qWV zHp7wUMb5{qBG4jn6K(#dJmS{!KW@cY;Jr&(51&Ao>VN<9$+HgydE}{a^FZK$=Mue{ zhWU~8N9gBHAHojZTznzXS|G5O9WRr>4O3IXPp+Vk@ALcXDjo6_+K%Qrzj~U_-Q(m* zprcUf&&|DYiFo~1_U&Md#&o*P1@Y+jaM6{i#Fz%*fod44H5?xl)03JD0Em*@bt6E~ zP3a)=gGgLE#U-LW**2;7p~!+hDeN?nw0kR|lq-h2>#2_^d6@OB?%=n{JtGW({;0no zREYH~Hf`_Tq0Acelz~oB7Mt^QIz4YcrBIGdpeuV_VcQmIcg=fduspmWgngm!iQqjV z7z*~#oVKK4(1GZwBcX2u*M{6#gnfeK--U%W4b%wm^S3vgotm)N=Uz>>G%KEo;UN8_ z#cg`s_Y*DVFxNr-dK$~FM#U{5wMH>A2{Tvp)(`2BJhr@S6fcn0)S|<#iG_yR?G#g9 z5%HZsI#>AEjC6B#Cm&J&93TG>%?Uj0(9x-u4r?-@`j*E+&JDR{`qT`+$@KqofsNS0 z(^}pitcIM+fBx8(^I;2>kaB_4d4`e6O!gsXCMc0V>2qqR3O z^zTp{!gp}!s~4IYyTT-WZKcph@3n?M8}s&l9JVvLe7gxP^#wfl+$?5mjM&sl=N^dt z@O;`Pe2(Yzj!W!|2;mEQmq%Igv$!r+VVl19y!yo#xWwh@>FJRaMK|K3RS)_n0J)`*TTMe83B1N3BwEn(*`wFv( z5E9n0#qN<{PFk0zVP)37^w`cx*tdV7npDft7;)LOOs~Kqu?f;9h}{X-9$T#_D=K#P zVEP3g{iGny?-VK{VYIx)*)1(&ND%EkQ`4hN&KpGL=uX{KlwsRb`g$XCn;$A3Vl$$A2Z@c`}67AY0zG+%zrc#v*%pM68z2m*vNm1uqP>%Mi4UTr~+p?#e)x zXkm}rTed`8cAH8(g!yd#;K6ipwL2JR0{vUa7L%Fo@or3!TPeB~q?c%EZ~{J!us z&UNRfGH!cb6i|m<{`}?3g6lX%84u#>h%6m9H@9wx)TSvmLaMR>O?~WQ`*0koTxxep zw$OI4Osi$QS$k?sS*kH`~!9If&J()+Y^%i0MUw_dS65%+g*Jh4UjLBYG$S z)4AdJl-0RD!m~T4)$@Iod0I(aV?|EE{f^N_kG$ZEn~#7!^x++}Nhq7Q)_jC;8xEv({PEm@LyxglJxY~*D`<>&u>93uc zpOv#gp04s=o7({R|Nnb)ms4NtFEZ|bBan4P@f3zK<=1&Qr4sH#S)*T>DbeN8t1>XZkS_HRY-D0JZV{*=hN1BxKS3pmF@L%fh)m!`*3!Z z8`3-q6(7GJv9N8UDb-Nf5SdKF#BcP`v3co;icVsf6;D-JnzzPu@D>lHL_{3l8C`4B z&|T=wljVH5(CW}V(H7EpC7`FJZj?}7zt{rgHKip1z~L=BQtfXF=YFufLV)0 zi^@rT#hRf7*%Gw`S0W3}cyG4C;m5#Ug=685T%=~};yEXhS~^9q3^>Zk=sVeDTH zizdD=L%-h^eeok?ZI`Cfd&ZIQxv0TTInBbf~ncg4sQc~lt9=I1^{ za~&}oD%fo4=|XPNJqvNTWA)D2h?Rwk7kc- zUrwHg7Kz(;?jS7+VX{p>vH9-ZyFnATZi;8O33K8^m8@Ol6c|9x*)M#EESrd{JJvbSg{XMo||dL)m}`jp`dW{+){J+`Q@(T%z&=!*pHw1Ek~E~ z%kb7}0`r9N>@Bd&7rODlrDS6vSw7^#<;$uZ93P%PJCOjyv=-Ks49le$^*ZzyCgt)Q{FQjcm6yg*X9D#W;@-Y#t-N8I#tOf^86@3c&^!t8Z(M zjo|U7qLGu%v%TDx>@Eczmok7{z>4>`WcOpSRXdyM!xn@ItlMZjNyWv*rTZj;#WE;w zD=6o$XPAO6KdpDZc5E zTlmsvvUNg9#v;!5A%^Vm!|T3G(nAQ)zI^%aMCiTlWK$HE0mq%|HBxX^`Ws)X{^wTy z?RU9y0PN|%o%(0IaPJ5yoqYv3!m;c@6e#mHHmB&pN5;%f=PCH79=iFGy-Pp&phGd~ z+%LmfAD>VNvvT+rWWV%4^vcaopDlHykkipawn}@%UN~z8C&F;_zF+M2ezL9}+H1P4 zT0HnYk=;5pm+ch*0%G(EKVENFP)VZvPFP<4xJOgfX!(x!uc1(C0o|So*2?&6zlJUn z`1Ub`6+e=X>bCidG#_;{trYf45W$?~&AV4#71@}M0@aS^mJ=%9m8EnOCP}-_JL|9I z9R?i*_{z-~hPELcriaRxj+VCP83UKY_`A>*Li|q4=8060U?X@huhDjTMP+4ok{mUU zfjB2;1J#PKu>dazhvwR#clGYl+9WYhT8f83m{sKd(>Tx75U^kCK;l;Eq&L4%#nb-z zrv^l)RjswlmW>ABF=L7e8@=|X7{@H#{GO=(?Un~*SkhwPu<^%(Ko58?c~=+s z*gpJ$8v#?i(v{<_Ij$nQ>%0HZO04^QH{h|v z7xAPlBk8q1;LTcnMbQ%$aJlGJnqeQb?HhZr`X$DDqC!aI3V-baR9`}5*q}tpS-at? zSO_;Zi;Og}H(d`LmQEh3tgbr!X@1>Ba%V+AE4P}mQ^Y&UXM@Xo!+U0+6wO$8f*|8o zHsrO1$;kQsaTRi2Z+$=}>TRg|j85 z8f1!4EO5r4L4GghE@ixN;PaJz^&3x&NxBAVJrdL?Ki!2Y;ns{D2c@d)m(;jS>f*G5 ztO_Fr3$OK0qLI<6nng)()EF7V^+@=+IS#Z30GvJZQVAdcPJ7?wiHR~1k01kEG3x#_vvX*0_HesRa#w z{`C}yw#zX0BDq&Cwt1&{e=dQ_X~HotGpFpf^MHLhqk-*aHL<7PZOoYTZD(yTRo}Ms zJ5?f*3tv}Xk2!4Bsc_1{)+i2gEDsJkP8MgyW8&QB?et2m-WjA#2uu)u1 zU@fGuO!VF*uoni~FOHm!lp5ZdH$cKzwBnnC%H4=oJ2N=t>9sZq3?zo??kHL~Z>_Rs zE#lqhOL0^p-ka0Ix@|(7?H)iZJ`W1&hJRWH^b%IPTMPI?oKf*byYjgnJ$(9~g4LTd znE*m(F?+hL&RXvLiP9sE5YoP!=jk2F+NvgPIAeUrtG5O_^@==7lai7gw&sd02YT~* zc6+*CDqi#QW%J(7V>awBL>V&<8M)H_WIAdA38>+chk)D2Ze;T|2+gTb3z1w+bByCS zcWx?jm~^c%guVKFy9c!7WiuIHwS2tb-GtQ9_wl)U~rk9C=JPJsRkpV5y#}XBzd&TW^ef z7T(1CLs8zpX7VnQhFs;0i3{C{_C6<(imXe$hTJ8U?dvyyoOufR)uSozRJpml2g}v0 zh35V>R!kDV@5J!7s|k4AM9M!903sxCrN_sJRa35Bm+H` zwQvg#r{)@M;c!H22j0YkJnH&Ly(T3H?)#!HTolv+{15fqG7^Cu_bTB3`XvN_#)0JG z_#eNqWe*K~$IM$%qkVtHem&ha;OPANUH=8-r~;%@b|ydttv@&QDV2KU`waXyCU(vfs*diRbA)>STW+mYJnC6)sTMO? z#o2LmK{ng z;xBpcqPyE}a2j~75=AU}bMLxsI#*Zzbb&)M1^;6PSDi7Ff4BYyL~mEOLtD;Z=sqV@ z$fkcnVkkp1lUX`M?#7Lo@6x-qVrET3IIG#-%Wliz)me@&{rt!jV}%U`Qj~GYA-laZ z=u#QN&!6`tRp@Vf?#zDI@`l&4%#j7sm;GOnW+$uL)w|Q@d2G9oO$7Rf#`^~IDvM?ktHTjp5esYDNX5b(@ zl$55AZEq~#2VDvG>lPJVb}+>QNxJ!FT9}+7(I7=NwPiVFPrN?bVL@_D!*j3)Ju=F^ zt8(ImJh8Rkj{DT9gqiip-Bl5&Ii}@&Cy+XGEw&idLdx;p(YLE2hV8BmlXOl`NW z)+WFCGH4E@Fz)w$&8Pb`0z0b)9u=4S=U-iqK6CTaX=-zrZvxEj1|`5`?^R#ex7SWE zo7Z_L@V}*$zHt7chLLSH<3s%1m|pe!g;Qq&N`G%8sMMRk5; zPk^qbW7wXA*)KagJ22F;>C~YkkxcK{4-&ppFmYu~t;+}Har;FwKqU&Y&UAUe z2wB;cY~}o{(ba#aG%N)6Gmo+hufryyCLG1>lCqP8IDdyUwygAO`GM(e*(h+-J@tT^QMp-XFFzRaa%D-LJp*KPg*{8VhuEh+GZ}w#CrqTv1};Br>hsIT;_RwTgX`SadODR! z**$r1Vspx2#K)cG*fF!gSIq@8wUe)3({FAO+VIcfcMJeW{HAZWt6W=K8-CLJ>l+R? zyWK4@NJl)_&@gk!dxO9siw#n=w}0lf)<4{Jylq>;#z+=pT@1vTG^L*F`ytNnJ}Q{`Uu2X}rjky0VQ{Y217(QljO4_BsCGv{Y`MMSg(vZK>Q z(ev#C?hBPat9m~=q2XOCj8hBRO+wJ>9vK2Mf##u?GA@L+mL_t1De9P{-48F+9NCt@ z#}zO+Vm$ipJfPN`pDN5#d$iJ=!1!Zszo={5=D{ds))ODXPVbAVt}vr0qx=QD%!-+y zKmTnor%IIha)(tRp%k0tuwvp%r^R`GZp!k`$jm6D%G`=5Jrqy-HdrPUPNP8ec#{s; z_GH|eG`~U~r3S;eDgO^wXL2iGr&~|_msFb%k>7(3w`)4a113PGJNg?+9V9QZ`8HE# z4ZP0AJ`2R~?Tx1XZF~^-YgW21&rw+O)l<_=^A%@k!;Xk_%QMk+Si?26g78YMELp`m5s(rZdV$iVto zH>eO%O8Hpe^dxv9fhXP9sJn+3@B7Z=d=8o!HUxxw^**f?GVgjgSJkAkDp~KNQ1^_a zU|A+79kD`%kmAN(2P+dX#42RtKsXeo9d{kVD@k4(?|+Pq5pzV0;DA*kP0>3_!hARW zM_Y|Qd7#D3$;@mW zc$cX)ou2BIEG@YuPs1WS`^MbC#+vX_3h2Ip&~e-Nzyv|8;)n`;_Yhl`qR3#{ zA$FIMkHfw#__#}z+aIOYM`U-VJf`j-kg+&*mBdkd>2n5=w)Z z3f-LY*R~F~9=EWyeSbGwItB1*W7Wa_ZuMvLQ1ZysA3#|1RZn@$zI%1zdhzkLj7NGG z_r(gnuGKkXX9;hW83GaPpdZfDcXQce4j4097o#V=WtLy%GXvkv_ zu*Cd3WzT;d0h(i1?K!onadX|%vmUPQ?$eh+Uuyl;xAjskAoId=yg($L0hu-J?D+Nz zv%hC?dv5_#6MIV1B_f6D$dbvuz_8t6(ylT{l)k}*%PJNkKxccMM=|066mT)YBr zMSHuBZ&Sh}LMkQS8iA1Sx7<<>j`-{AI&=hyJ(edBrbT{$F;8&4ef#-* zIcXnKya<{$yu9Pq%S^F@-N(lyVf1|s;TYWsllUNKc022SNV&!c?oBXR}){NaZ$*%y=6BOTVh0 zu(2oBuas!n-dx&Y{2s)Qo)o7BSLJygl?}-bjjJ{q1&kK+typl2MTAu#W2VWjsJqAW zX}hUJYNk_2fyep%^x`u#73E5}D-Higcm2vLi%jTX_?qE@7mt6^)uZFP(LCmODj&Yb z-k9_?@Ig{Ue2}ae5EMebSmC**Hpu)QCx_obWPWe@8(^aAKSk6C>3ccdV#f3Bps`ES z2gpvJd)xkE#po~YGbSInZ)!U;9^fe|%yOJF%$mATvZYP`Drw)Rp;PCnZqidwe4~_< z@ge`VE-i5SJ2@HU*V3=N!vqP5+w(Dz!yaZ|6z5CV{xNSDc>sX9`**)9tp6$A$UQVo z+I-JGf1#|R_UJhczQox@#Q1~Bkkl!DyNw&X2Jcv{yo?BaGd)o%Xm%Z^l)a3rhu3{3 zuN7UtMQ%WU?#fztp`PoH`hN2atf92V20o|Ss^iCJv9}&y0yrFId#^d-%O=~x4;*-Q z^nvt6{UQU-+4l)ZEiblE(OOCeBLtSUZPF;kI_9~-Vr96ERY2U2u9sb2eO+t}K$&Ka zs$n6j8w5o{4|ctlmxv<6Q%K^pReOT^bxs^cKZoN^*i;iwPOk6U1FW30_xo0+-9|Si zyQ@6QlN2g%+Jy1xrxc=kGSpLp4+Nw|l!dNxjIU}YUO%9TVNM1vzxNcjBG3{Q{Nhqs zT6-QHyHwT_YVYoNd=IzfuvB-JW@nss@{OSDZ6EfLne&V|y!!Gz*jR549XHvsc7?$z zj^TbB!=pHYi)DBHRf?n9CKDB!eR*pt_R7+kgbeNU1mD5v_-;|b8wnQ=Ji3lW*EOU4 zu-IX2TY_jv_=BLA(2);u@Y{XA!7E{(JgB6I%8>6@uNSFAHMH#c4%blnj^mxDGKZD? zqvF+NE5!vJlJrBS>KSpTmz4(mBcl1y3|3w#XRq?h)Vmj}Dcs+ASwN0!(y0cJo~Y0^Mjf6XLGa~X<1i(hARIo56<=6 zavHqq_7YJXFvWTE6<2jadZF}~3m#M4i=q{kzverERDs<%gG|6yQ5{K;P;6m)y&|V- zlNq%W@vvvKXXU4poE`|=v+43pe#5GKZZ+=;%I^9!HmC_Mmh2_FYK(ScWl|4D zf3gU>A+p?;IR@l-=75xl%|O~M*UgJFyNU`5U0*VDI@0htxNhx`i}?%mL&CY8xYGmN z?H;Xdr~Jc~vAi|I%7gki^?bL>RMf3id9OB32DlE8$1pj8o-*Qa$W}&8*MhbMp>@C0 zW_X-?u%1xbMCQ>J7`3{sJ3^e6##`tG_>pZ3y*IzpopwaEiIM*#*#|CAh)?SZARO4g z(uIG2XAWBRn4SN6AdSvKjcERv%OajeD14rEXb?5g@Ymt1x+c5JiklC*k8O>&Vo{mm zi4)d)d3gKSkBqps2OjGmO)ooh^PITE{Zgp>9yM4!eoQ7bAt_s&4l2=o6m=nTH^`Ua?b*g_3GKzqfZ86!6ICH^S?F3LnK#vYsSC`ohOG$2Y zb?Q}lltSjR2F6O0rO1ZNS23+V_pU7A!0X8s{bD6nmXj5xlS&Wn-|u}Gwl%*KNb|JK zJtFs|5UOVeP(!U@DbHoeV@yn`+Q#lXFRz^$_9i`++L;v?^d7Fv00`jgHRTn4w-!a= zn`3px~Rcy}fD z)mc?+ua4&PtaA)AwkI2dD|e2@*Kw9R;lPjsLsovs?uOJOXpruxIafwh^bQs9eg`3e=;cEUyY(qu1)Jy=&yEku= z@`{Je_D3sHtkFsDrtwWW=ZTyg{P^I-?&=y|@ctJQniCSet6M|<&-5zY3i}FC`W6YL zmt%z7iyDI5H6`6v+MkZr+xV=kNqgjUz3m#nlgrWgOKlj}O#3w|+pc{#w?{xJ2isI7 zW9N(MLyT1hbQhQj{W-A|fpM8~p9#PsZ3(*_RanGd%y8Jikc=@$3x{eu@_PA_AeCYW0yI+6*6(VJhnu86pMPE4oH zVJ(eamN-0@J~Peq6lS&%SxpN)K2v$_ZWu&HrzyEC7|O|;<2;w|TE7XUo8H9dh>u@J z$JUWoMJK1ZpOON+*L6j;JS;_-AiiO4Z@;VCrSp#C z@AhkA+#KCwxz3&Y)PYwzz~@8f(J_rbJb%O@PNc;{CFGcu%Gs@yBPWrn+>*j0-=#8a zH_{@o%x1)uiux<<;Ogp_HR#?J(+(fY%E}rOdnAbYG6;O;{R_;SuWH^dXjwF8&+-$R z#YMDUY*qw*4GfD72!I?NRZZts7uTqDkFyf0^=APVf78ZL`3r`2MUgJ_~ia)4#r?#|@L+ z=Zc$8Ca=Zo+NE;NWSn|ExJ8FrF6ME#C^`1>L&INT#d{!VR>;QElG{p0qu`@Y6hX|6 zl{9+%Qk?w#{=-H>7Am^oE=}tkG=ik%7o}9Rw0sYZ%;t*++%jqAy{2jdy9!ZE{jL7; z73<%cH(@0mCu5y0WJtRZBYsllUSGCO-gRiKo;xiJVVsB9;xEDRePBHtcOInho-3n= zz$&F}F7v$aM7GXhhRu7|Bq5~RM9T@`PaF%XDmOQPQds#Es%(i517HsC90qP z;gd9%+bAWRAD!Gp6#I|JmxoMpWkYp{*0?|Z&Mu>3TsN)f^UQmQvB9ONIvNh-sU}Xk zxb4?A4CLqI5t;oqzz}Et$VxRQgHQUBcueUlbB|mWc#kN(J z3RNm|`w!7hy|d4;s`Wdt%KSu>S;#6)ydhWLt8u(tcF>_-UW z>cN;xRf~Q$rnWJnZY{@m2=R1NKVI;OJ=jD`kqj29w&G|ML;_1or)`Rdl0X&qy_!kr z@aE6p7YM((H5$k+G(8qV1W4+;t->qUa6%hysv}twE+-Ge$(3kRsK{u#GxfEhM^Iav zPp#sbckrEPSP5W}?~jfSb4u8lUQM8!tQzr~H-~-#N3-iSNGy6m+MV=d8M5tpxVbXj zSLUccZ)ExX;cN#y)ipG{T0D_A^hl& z;Zz00ty-tlKD-6%(Q+Ai|A~nx(Fbs%V=AvDxY~DJZHzv^>0NH1@62AHK8rRo70Qv1 zC>6;OLCe;}k{d;@=6fzYQc0)|ShfBzqslmtE@5@8M%DL(bat2Vvs*>V5NG}2gTVhh z=g(nU*fp>B>VLV04(OUJ)Iy^`GEUp5JX@9-BhI8?L-AJTl-Fmoor*{KbBXGmdNUni zDug2sA6-Cd6Q4lJMTx1q)Ds8C%Vb~OY~Iv#)SdiDcVuI&e8H;eZF-cbY1x^x)O1UN z`%ZIaxi1V=B2QP8u#H>O^Qb>wNs|mx0UycGBhFY2XUEd$eGv_2lguFEahbP5Ifea4 zVSD7$jr#{ilav({G@#qPa^(t02M7bXC_)6~kNwM@%6Q@EZtdG!p;A4wqUem=gBd6?&#>vv(9F=u`@wx0&pB`(SesRRiWV)7`YNcZH=oCzIL*~NuoAXLik*%% zI{Xk*^Qn!Ahg);%3(H@xC+`QN<;BRzrh% z-Xt$p377UNVH8<~vU3DZ2^(}ZIXRiyW2aZb)@T8{#cVfP&hJf~e`7+=KfRtjD!lt{ zT|c|mPgO&=X^t{d)mBr+pCPOwLPFiyriE7B%Y!mS1zh*ZYKv|9&DPXfiOHcT{?V~$ z5xXLhav@xk)BJ#C4&Ben0HE!wckKz z&?MIGq2=M%WBrv@fc??kJKY$gb>e+tByV%%eNCV-@Bg9et>dapyYFE=f)Wx+jUb^& zODNqXqI4q-BHi63C7>99bcu8;-C}^WbcYHENJuxoeSpn2rZ7kGU5leU-yOW?fB{8GCKaYn&lnY-aPA}g8~gcc4NY0*+%tDW(7_6 zjE85={FK!PC7$T0R9tlo01L2GcaN16{%=4|c>v{nblcOneGGFqx`)(d_ zHr2kb4pG44*16uoSlsYXn5%XFhGbI)r<1|RF3nN|?n#VaAv~RQPS7ZQG)+z&J>+|v z^%ARvQKJSHKg;syJ?43J=Db*G%A=oed1^Oz7pnFOs(TCdCfLI_nkbnzAOa3Q3xq*@ zGM2Hovw`j_$wwukUo|u|5F!hQNyjWuyp(rVr>!cS!-$zJQ_6SZcxC=t|8c``{nJ9> zT;;4@ksr?Da9JNVt3cu7$LE1-;}LhmAp>NQ2rpiI1-(Q>96n2xCi48jU?}lym;{4DUc+=ds5}S0gQe=__1>P&A0bUg=}2^8P0rRM zC=hg8CG^^UcQhTO5np6O5HMDw!CuRGXjLn0_sYEgaj6#(O&5qo&5;TpTFEBfl(=!@ z%cg*Gxt(eE>tb3t&xs(-7!eWzp;aV^rWyTloansKFxf!hz=fz=9FC9lkn`+_w#XODvcC=thAn`wsBph?> z`Adh>^qJTG@_o~zL)PkWM}q`bf{;8ri1*IRFz)*l{ldT!h5c(ikJ zP1Y3+FV!v!(av@2zjcKP^j`EZE zHTPfrM&=k5=^`D=c(nL~XlM3@i`@oJ%N|$zw|EVcJ#8Apx`-1Wn#(A4kdZY}YW ze?y+37oB0QNw+7cgCy0yx#+qF5B$1szIopkylI|o9>rAQerH!Qr44vPtnBV*|CTQP zPsE&j3^w@Nul>%L8!XT_$z>F^Js)mT2;86DemXVwUA-V-pd&hDr>voqiMuu6PE49% zL|j!7IZRd8QpX_YHK~OXz}xM2kA6^AfN}A&mb`OTv;E?D@&SMIT=-8Zs9FUm;$7xZ7|?Yntu^bbuq&KzO7`vsNJuGy7TxDrDP+sEy;YvB zAcZ(XhR!lF)2?N?vhjp_Jmtds;1Mp9d6)4TH}{` z9?Z0~1jP#MT-RiAYV1?y2MX!dY__A+Kh0Gy*AL`XbXpdLVU}{AKKM4_twk{IF>tmy zUeJg_tIV=;scO%9%zMv@)O9+F>!;Un$=q(I&ymHM>4n~GDC(XL0L_roWb=A;eftf2 zsM71n`JHvq7DxD4iWgcC$|xc z;Lc!;)?1PXuqoSIK{h&RA zbW@f!TG`t_K%ohlrFGK#wmqw((W(JCr+bBJIXY2n4ikg#+Af~ny2xfQPTRYeL&2<4 zf7@t_v4Ak=E?;C0=3A1e#yd1*Ux%efE+%N+6zkYT`8}=E&G=9|WH573&7~SK4685R z!3ZFlfSCR$9d=~W^XzAEo#%$6`WPMj#h>2e3BCTZVVzRlT>SnEL2kyYGHJWc^lHKh ze{8(|lVjci!YWHO41)iNwIa4lhD=>*U|%emZ3t0VGZ_0mE16YE#(W{2hkm8Cg*mSN ze#Bz2_&2DJCK}$2&taV$jZTZD13&iHI$D{{8b5?^{oIMjR<_)B?Xc?e2edp>w`f1cB*znH5>>ez!E&v(d}6+6SRbz|RZDb>GdVlOIXOws0yHnVtvvT`|bRX2Y zg1gPs=$m%X_||cDquf~Rk=z<}D7SLR5LttQb3P;9=F4Dl`9cd*LD8Ztn`^q%bFQ`# zpyRB)3x+OY=ZIT0jKDwUG+J%qY8bf;^wIeNA77TLta5QZeE|xXRHiI*y%V zE@VMY{u(%CId-yd%^R`c_{1j)`&NNS*DYlCPg`E+riyl zx)rmtGM=x>l<~^tI__KevrjMHE4NA(N-UQmdN0mlEJF7*XYBL+iCxFk@YfltJlmS-@_f+dIfq7pGtFFhY7Pl5=uZtf3(*%-Nbl^Z7mfx zqB0uHP*lB$)FA{l-LO};5dDLHAfSI*>^X!Pj69Hl{~zq zW<8i*i9JA!)&0g>Rj0qwE_G3Rj0#$qc6M*q=S-462PEK;aj6*Iep>c^9Ht=0{NUZCq7L5p*#pG1wh0Pal*cxZGG4rQvAb)AO)Ig-n` zi39@PFpj`Twc>Mn^?4Lyw#U}b$t6Gk0;TssI1Xnz9dr2&~Si~fBZ;d5utGM3%O*;pJ=KiJ!f*zxEvKrD1LASK?d zZexZFs>)bFtF0x$-6r8T1MB+sZ*T^Z_jZm@9qj|{6bEMG0wCt0=S+F9Gn?%EG_KY> z{2@^J>RkxLd~|0!xD*7I4H`d_aav{}<*4yQ+^OxU_d!FxYrM%m1(go&x(LnMgzjLE|_) z=7*0Ther#pDh6;pS@Y8f8R~Nuh{zlNPJbdEF&+mzNZuI2={F}E&*9P zy&c{#%zLA#spXHHxE4?V?m)QXtNw!R~cD?-r?jYC&HC5SXyKH_g1%$;SH8q8o}UKkXvbN4L&&dRJ&J!X};oX?$QuVstn!0(4w zr=62{H~9Oky4;y64pmtCJZAlb9^raDgI6!2?k2qf;bI$+Rp{)oN1FwXgn|OP$b5wnO@)^M%bkq`Ek?n?ByH?p3;{K%s z()qE})IFlR5)dNcqr(!ASy7UA?sv=6iLNR2imVZDP*CME75t??k^s?T^Cz!6R5i5+o35N@ z3ALX9akm+-kw~+y5G|i@&J`0E-}vd!$xm!*{jdVM0$#%+YoH7@RLcAV0~50!42kjD zwQJ=|fQh?LPe-d1X!C02?%0S*8u-n$Mzanix{T!qQ+O)WdYGK6ofSm5HnOpNoZMZb z`|(~7<~g^*SS@+H!IxNJY}W&+oBJ_o`g3Z@!5(ZZ4q?}ol!6NT6dY>MPquG4o}}@L z`8K|{^!6PPM>pff!iqT!7Y!lO^pp;0=S#Cxeh5mM;4qe1+9fG1gZ$9+dmliXl9Y;1 zv01tz#6I?nDaU7zOxofYFRW0&YFMGYSu}EC-8V3{Rp>p-4RZ|- z9w(d(*@+1G>8V+N*(Vy}9=7UBiDMDmx*TwFTj*6LJM%p@hW39dtj%oX!OfvOh{yspa-~KGLyc6J6G-Ls`!J zq7mQrdBc&{FPJD6&O7BJ97|@#op)*a)$ueVLTYl~20{`xD`bHy5DU7gN9RDx}k;!$`-Ot%^rTV4Nth`S)CRmc|MSbNQ zYMg#$VLpF%?pBr?)UJ+-l49+(c8ReBNR2A;4vMZf>~eGpq@q`=w;SYl--Smp{7n~g*~h-w~_DdWr(mkRlzHV%fYSZ@vXgly+>YnDCK8n zvRg(kj54hyADOR4GPpa9GGSqCPf(0j*hM6H9J&dvuDqWgT5BAwO1F3S*w+eN>T5)` z%bM=1`UhtLtrOu#$jvQ(7jbw?3of^piM2it(vHDRTK$Q2#d|50W+UZ#J^+|0bqXA; zU$Qv*9$^;8X7|dtGqk76;Qhv6+S4qAxpo*x;>fX)bry#-Youx1;LNf`Uyjipqq$Ya zqSw|~ValZb!9ua5(?=q8NJBp**cFms$@;$~w&lC?Jr8>l4Go{Z_&Bk${_Jiw5uu$| zcR!7~x7tg*ktj61>F&uxPtZ6{4}9F5v)o#D`y4e)#M*~WHYEjO=S`H!v(M(g!HFMu z@+;1_@nL~@%)r?+Ms=3UfyBo@Pr)>~?)0b|gG0Wv`OR|XfrZBlr}~)}WjPe8?+gcg z8$nlj4XxjLD2=y1uk>Al316GX!Cu0^ttS@A?$i#Q@lIcubSvC*XA)g0UB7hNd$q1< z_NtYuIq3-FQ&UX_p^gsjha6m2()Yz=x5+qLykD>!)OzbKhHH95tMUvJ`$7c{J7s@v z)GMY7#!FGy?XQt(ZAUP<9{ZU&Y``)O*aRiQKmVCcZqaZ)ep9< zP)U<4(XVJVavfAS`ZMRtrp;GX7*e}jkBB?@#kL`*I{jG;Hn!z-Kw%hxUEDgB$uiGi z^vg!c2fTRzoSlF9A>bK%Ca;JSk&$_P>atWn840Dnt(zZC&iCUpUGlT! zi6d+8(time&shWZkakTc&$#;nGeYFiE`T&bwqffJc1Sw0srTZpIa{G#~~PnV@tn4!WzQHkU2*$iDsk$Oka5YnMu_ z0kx+*OHVc0#rkK}yC28f!W%5mWPIlzC#wzbaO9Gu)y;DM+OCAbuwT;6$ldX~kICaj z-q`0iGj}N#xLaL8AE38u!D^Lh9@V-u>{Q&v3%#2fG5xOzABWYOIg_(O4M_Vk{ngvH zEa`r2ymHbkvu+wnnt8LyJg?d}J^QOFxz%@WFdzMp-6dr6GS91&Q$8EZ!zvpVfIs(R z-?qbWecm7q7n*6IqVeGw&PX-~R!xlzrDt%Pe`5dd+boUTW=&SmzB;M4kH702+9st` zDdneT98St^3BS{axa%?`u(7=1Re;s*6!_?cpgyO&bRdFZ6P0zm)Tlufd~}smzr&uB z6Ffq_e)H*1I)SKI1y+J3RkdJDd;}LKIg;6u8 zpv$^M9KNwxY+61c+sbiY|B;H|S!{F5KHIw44B1uFFXNe`fDcBa+ z-a|5Ke>*!n_l?p4t7>_Z4uy27D6CP^9vHIO{$*n^AIT6J5>jSG0inohxIz(bf8_FI zf)~1(&Q>tjshqiv^iAiW7rOA9DkJB%4~_2uJmGy)3ruWm2Z1gDPEJ+Bw*t8Dd^acIvs3~^4bSjnQRW{ zmycPG*;E)rhEqo8s265HJQzw@bpUjty?iupxYV2hM%^d8wrb&yw z-p>lTb0OQ;uMtQ#JVE1H94&kjvKLjss<9WL92E!i4O6QOiDc_dM`2 z=y}*0f?@}9J2-#b)WA3^(Qpo3H%>rLqv~K z#QaW#{&_Vi3n;WlkNHiKKTVPT4Q!@PE~OH!et|pUuynawLNp+bWaw#75>1h7JD1nd z-dQcj+_Qa-(1vmCN6SL8F>oyxF;)cbp#)e3`e4BGm?#ivfvswR5CvTPMOX<)|6vJC zb?Y+&m=islMSb9Z!W3AoQw#xfXb|(OYhV)2(7%D%7ZOU+we9RXAP5^5+t}qBH*Qod_G|U#YjN+nsGp0AzajH%>-AIN zGJ}yBHqjZK4q-hIQYbq;t3njAKsm{~MVChh$V;53zmaiUUyl-5 z!z7?ZlBBpBUYdSWb89e0@FVT%98kiPNpyNgeu+4oF+|nT$$9GOd2d9u9p03*wJjPh zx5z9uv{CQN8S*hejm6!^VylniuH9~4q)~pvwE(gdfq#IAqPWu zmJj#H_m04_d%{?2UqhxfyR_Dk$iJ{uy#$H|DocE|D~(~hK+m-5+G)NpBsw=!F%?9% zF%X2~zC9Iesqfxl$5k5Z@VI(N3r}!6WsLfAIzlCA|Goes zWetV7<@1>YsWa{KpR$&BlE|f6tB#S;$nb_wERrxp#A!JlS)bF1V^0jni{e*5MqRckjMSs_?%T! zc7RRDxr20@U)tS{h-n7lyFSf#qNlBm%1_$O3dP06Tn&4U!I+|OJ*!`(r2$zuP&qEP z323htdkjkk{q%sM_Zy(vTj$xP7V(5vvsh}^FCu8Ik!q0qV++*AQwl+y=S1{>a{7z_1&)t!ddNI@qY{rt)b8b(e%egpKEni&BDd(1VtxF=mJs{R+9RN#S z!yqVcrEgxFB?d5%>iPZ11_p3C_fM;%?^jeU6#9PYOb>ebz`?;N|ayQQ6^_#)9IbVecItbiCppF99+BM*r8UrSn2(bOY z)|?1cQt(gKmRk)Y=tyqN>Z9e-;$hw9VZpNK7*0A+@O2SQB1zBP_~pf|YYUUl(^}fv z7+2j)M!GsD5a|rM-Q(q{geg@ zlA_%Q!;Unxw8M?@oE917X9r;>ZFMb01=^*pmJ4ib5PX3&iR1;V8y$q8LY(bQ3i{BX=~;tPW*kD{*QqqA_h|a zTIQd1pvW@`rM6vJQT)h!r>nzjD0RlLkWcRlBm%)N90Wx4=c;aby`=|O-fir!4c_{Y zb1JeSC;0^rbgvlrHAx<;vAhFnD~r3oPe zO!Y1#GD!9SnyWbzbYvWTOVTb4+;I?w`i7nr^8Rp(fFkRx2e2sv_&3}ece-?Wr|dA*bI)wx~^3& zuE(lrVlt3t{do7H`BFMld&#l=U?J3dmo0R^nY!xDHc%t+)I!=&6a5c1F)A{BmEi{S z^5+~Ml1Rf_bmGFHf@PnhR=LK2Zr!0;V8c9`KlUS168d{d4`g?ZW65(&wDxGYCNk{e8l_d{Eye6QvtEnV>78#fXoryt2TQ2 z71~!5=V19Cw2M*@m7>VFhA$=O4_uZm(qvv%zU5l9>tdEe3N+$4;WJkzTTvPsO&i^j zJ1-kXWelK;48v}#K`VZhv)Jsjw{Hs-eU-WJzx+r%66t69jI94mZf*NfnE`QleDV-H zOvdo&s3tK{t^Lbg1NBD1aoqU?`QAEl?qWl|$3scJzSI!r`5J%NB?3HXCw&{)m4-^JwBH{thkxn$lR5FI3ZjRp1z=ajc*KTDp4t1_H6KEy?yv>Lp`v zK7FEe1bX0;%j(-9MuQJU)^2_(92KG7>2Ehrp^Rvrv9<}E^u%+O{`$}QmVX`YWqc6BIDMMxqA~9@B>*GaF8D?Bt*dGyC^SN{8=y$tBH7WWA9d?*&G3b8Qsd| z7(&!IRgu}Ox0TFj;RmnJ!^sIby(NzP`CTa@61M|#ZmR^$_dQY>Gk-qLrZWSlY)!9k zjkfkKy1sS4Tq#fi=SR1SDpRz}dnpD41(Bs zf=2G5{RL|kv4~vFRz0DYZtbrqE5e8@Y(*S=MP|dY5AFQO#|1094GWciRY43+m(HkH z$CBi=XwEd`{YPFq9!qPI$VDZbT-KFH$_iS*x30WSi0lifIBsZt#NiO$@hU9W9nzRe z6=g{lhFSMhFw$1!sPpP2tb|drmwGPuBosq=?^CgPPnP@h;T|N6(1(hwJ~!N?HJ1#} z$hHquh#erie-)FRHI&>6Y~TUvQmlsi^sN{-a0EeH=J}!E2+l{n9n*wzwOp4X^h7r7 zpUmLohNcWcy-E@vPVk>I9YM!UzpM!eq>-weRiuUC~^0`fpgXl zZ)whtQ0suWy?I^zaX1}cRxF?x^XJMvd$gR#$&O%6s|bJXA!s}Rsua)et=LlR=wz-Y zEjZlkP>;&~J2Kj%!}vs&4djIbxfI#&NXl;g-tQ-d4*i3?Bk$+r=GIBVZBK^%QDdwp zmzU;`%WH>f$D`oQ(fEZqT)g~@v+j5d19M%DB}L6ukZp(8 zzj299Uu;pPLMPGuIq7hOg36ZG6~>b|L{;C=?G&CH9ks6`PL+zp$HAUjfL)8kUB@_QFj0#gHgE>mSn*^}7x$VcLzy3!oI_0MX zV=gr+F_-?clR-eEAt;XZPS>U&go|?RA&qG`&+jzpn{b}P71GH^FUZZui;N@BI@^Sk zoLH_9b&>rymiB44uH1omstbj>y0nP?P{J{_Bnw&(2WUd^^_o7`V-~_IyujbsVtV%5 zvx-a-`WY=a|5%U!&FKY|+}FU%NIjuMiKLKn513eX@cBFiWZe zI1m%7Q9_CY6OdJ#w9Ua`pNMiC91gFY_bhj}UT;A+QGx|`{V3YD(HfG8&+qqHM6xO) zUabfE+F<+?biEZ(r%?b|YiI$XwVwK;P?*Q(R!i2ns!)b9yA z*!p4)TNM*}#zB!1naj1IE3X)Xj;Y|6!|VR%U4^I#1q16D$DsdEnmY-265=u{w)-km zXSnt3SZpq@))>A1dKLD5RA?n1z4=sTjZc;?N`h~$dy6mbIDEVMLA9V;^vEOzC3dYT7meV{#q}X-aKXJP&_-%sIhI!1nw(u zMc6~sfwb4*c_bA{xT|l{Z2%E)na_JvBNIky=Z2++bIhk#JDg=~;4PG*kY;1k1dBQ# zi%@4;hzw*vUv<88&FDUS8MY#LC4?cu!_KPj>22AX-KG2|gytT8Rgg}0V7A^Nb zPuG?jd~3sK`apS8o5*-U;&ow4$9{V#Aa|)XS9Rq zEvH=($-NahBpoHB=@MYzRfUwLf9XK-`n-;K6+Iiok>yc?HmuW~#4+m|Hz8N}`QmQx zeZ?F?Ft@??)&Zi)4X5Pzj835UA>ApLRz{oCKEJ~q1AeyOtF;cjN4 zMte*sDF_0R6x>uszM4S7W6Ptu+|dFE5BJBvx=Ldk#ZZZqKd!rf=lh_c|Ai1a->b*x zOKe)l$}0hcw31m7=~Aj~EjRl${7Emc*`mWmVTfaL2o>TH z!8u(`)Y9Chw2_514}=@Wm#|vkt|CyET>~15OW=eB>DmNTs9DTqV=5){E=v%rgObhH z7Q6qoi5)&TvQyHefK2tc^8bDKBA2i(^TrtqpMS$i*X!9(8Hz#ITXQ}-AXSIH$asyS zUGtf~WR|+1lKO@z%&BYhQ0bif^yF;>-}`c(M+HmtDz0ev-{AeZ5ZA$V29nds7uX61 zyr{N1JZ;W_XqUsnDr(+-ld*F<_l23WC@C3 z=DL!SeU5bCZ|BHD?%x5v-vPaBkvA)Q;wZJP?K%v18@zAZ`T2CVfG&!9@-9lU=jQq@ z^c$M7Qa6q3rc#Zzs?zC(6mv}w`H0ws+kGc@@&8=g$Xme4d-1~#QMmf&8gJ({e1@|B zWI{c8L;veIbCGi^#oiTqhu(Z+v39NIr+A`nTd&yp;gg^8(}oSAIK}N}NFM1B`5P-Id=3r;nM z%akU+KA3V9P$AN}d8ki9YFQ7! z-!vp(os2hD9=nJr&h2K_R|a1?Qi+i3CQ^*l!**37YeT|?ij5g#WgUCB9a)`g6Mkr* z+}^ih-rUM7UE47C+4k}$E*w*1JWn3qtMasLL)z&2S4)3djm0 z-IlH|#3%Fev%5nL;X=a0+vW)-N=SV1$C8mUCF&zF+j7s%<$;@$Do6p>lRD^Ship## z=i2}K%Jn5Yjigdtm18aOzrVqnRv%Om02Oh~&L3j5!Nw#$W0~z!53%!@b^zc?F4@dj)!);MO5c-=5SWx#v;tQl) z&4seXb}KX8_c?lL_7^%{|Gk;9BCMh1Nj1k-G#sdev`j$TBvp`x^5s+Z%* zkz;Cp@$D!K9D08R2MCOpwRq*s7KG@Zdnlw?5RHBEd@726pvkoH$QWk3E% zg~0=xeB0IzZ+H<{>e^4?gxrlg{3bP`m>(0mnPIa3Q^j809eh9|x>9)hLi?rq!JsH= zG0w(-*mDHNx)qn11ymtI%j@vY|IhiDhD(r7*#Pg z3@&6WwWHv?dSGy^rH#*eVv;{g5*zjgd8|dolAS!(O4N)S8;f`88$j&`br5P?lb8Yz zd~MPYDN?roqU@1q_=bjiS%`7Xuks*R$-$z2qoo52k7lyz8*#+L1?~LY_ z7Nv1vplUjxI=#dLG~8b`)PM6W(T%6AxQeAmZMfHnBbN zHpjQ}-~Wt?0Ux9M-r3NT68v}dC{J=n@Pc_A^c?u3$o8C6uBFZ-)#dg2kos-VwmFGD zyvhDnr6(XxuS@%#-)Ywq+-#BnwduwtBpRzBfam`8AwSWzuOSYZ#z@$VMn|$lBk7rN z-%O0}2Py7y?GO(ceT0SOV^L0j1HZ3TseaRRh3L1IjJeHQE zf=wiIAPofi{>mRiiC}q6!Lw)hJ9~S%JgKkU&a|(MHxzp;RLzgpaDCThdB)u)z|O8b zH#aABS5{TcI0NIx*6PQtH*-MiRWoP5Ibp%i5yD*h>n{w56Z`uIL>Dhx)|a0{L!*cF zN{2u78{5Oy*8B-L-P|dme#`BgDJ<*B(qdLZhFILsN_UJgP>HVa>)-piRJJOg78yUisE{ zk}qBAWvDfz@{^Ki0CoXwWKVztSAmYinJO-(s2#RDLs&7%bTZE>cOpE0Jj11-%M}a6 z;`;vb45T2JSLM+{dB8xybO9jpG<3vt>t~h@~j~IX@*rwy8{7 zG|uH4RX&+Yn8i#V&0v-6@f*-(eO3fu2x~KL8b};3M8{(yk0KoNvUF#cMb8`Y_T1ZX z(6U0R$$LlWPAc6C_zc326=wW?&epJ#AFA>V>aRvTrJlf3?tfQmBEePkAKbTuSx!N3T@a0cHvv>=kTCjET*9#@C@df_ z8Waa}A1$4oPes0rE4}WX_&7 zRU|F7fJOny5{xoBBG)R_4W4^6MyllOUhr$?P6*>F_CV~X6 zX(C1y1z5UyaJam@ET7_brTYFyJ^qd9LZ4wZ91CcJMrW*U(Y1}59NoBKhbE;+WfN2B zR{LeYgP8D#UMLY8Au62-Q3i8o|E=}L&5|Bl0uZ-P01SCnp57=4Il zHC#N=4?SDl9I>p*rhIC264{2I4sR#g>k8F|VC%DTVA15OL>Z)!1@Bux+jmy9Q={SQ z*$~%`^VtZx6&S+~o~-?pEisoGmFt-P~i@KF~k zgaPcB_~3eitz7cvpjf@p+oGodvC~bu&>}S%L3!AGU}8|LN$tAS)Ti z)B@c9wK2%9a?!%mO-z9b&NTxm*|_eE|MSZju4$kXbdC^O-~bt@l-j%L4CPl|Z3Jxk zQ>n4s@fFBKdL);sUsZ@+m53et^_aS4@K@T+Ef&RoKh74ZyS=~G#Wz(5SiX`FGu2By znbu49N9E|H*q`3lRUlM9=9$Bwz8vjniJr9`Pe;Bs4xb*V_dFZ zN5&Y@w6E)X3wfKhc=Cs0l96`5O$V^$GI=S_z?JY!%Kj#{WL=x@Dc3g|~}^elG8&94174xNgvXZr*wLoN|AKHHkb z05BX_+^BYJ)ik6ShEKw~Y;s3lULA5pAo3j?9AI(?x398j)r;#Lm30UW4+g}#SV^r^ z&mJl3pG9Drq1 zGJ%-+<1qdekLcCFcE-ZcrysD<+i3jPmz*oIRvI-RAQ{{r-ardg&Hz%{y7H0X_N zna$Mn-7MTvVWfQZ<$&L9`!PM`v9WWYwXJ;$ivY@OeBTqriM4nhK1;g-@z*v7+L9!~ z+TZyeYK>VGvVIo~Klt^cyI;QL;Dz2j9EPHYZ*U6)4ePIvC#mV@zdbL;YM;(=>aAE8!-Wrg#+)z%Jqn7ERNxgSQfWj6z@rK zWE<-1Me$f3`uhM9*m)4r-T5xF##3gW(B1E)@GAQ(XO-GJ<|Rf&$^_`CK^w;Sw9u(G zT%ZKipw2yoA$GLIK^J;T8GuFlvdv_R@K;Fv3ca;5K?Ag6%(JciOq(p)F%^prt*vw* zRybd&|JS#hqCSRaf%6x@1Pm9@6J@alNbH-ij%nslt*oGvwOVU21IaAkhc6S9>bojdLzKio@ho$`Bu zahbxK*b*Sw@PjM#|LMxt=ut6K z_ne*Hhe7H@XqRQ^Omh4ga7!c=TmCe}x zQ`Nv(dbwwJMA?6r^U5=Rec>`)^-Ao4B|h5T7jVeup2{7+p;hda)B4WPqEEQ~EWy65 z&N-@rn|DHdwmd7XAbqTu@?&SCvvp`r$UOk|bg_`)p#d=Prf{cn2~?6K7iu z$N4PWYvebvT%a71F%YCB$`&R)zF`Tvh?$U+HszS?o$cCt1P?;!O_vM-@*wUa55h|N zx<<9m1oKWSm$e%AZLdxnr4j-G{?Og2oZ)bd+AU;OBKb|o%sq&b;w?P8976+bqh z${o4l$U?{euZdJd!yj2HrBM0Lk}@cvp~|TcNS*Pi&P&Vz7SnX@QgzRWaiccLwI7f^ z=ct_T@wILzB)TwDO@(loAcSS2l`Y;#oq-22@`?m(<2&zzC9Ry^K$kh!VNuCUb(XAG zV*F1dd{nd~_kN3$eFk7t2JmuzG~CRLA+ifFDJBfV@rc-+A2o-HQ+#ul?h=%P1Q*-SYlX@!`a!^q7(?vK_;tmmia0X(ljulT4{xW^m@+-Ms>|}t63bP=+}KejkCpN71L~fu)KdC#L^k!$4X?mhF*+) zkmVAr+DnfywJa_lSvHrEc3cJPe^06Sz6>2y!Ks?vB~fp zmVz&e&{RugWZ=s9fpvX??av1N^Ya8E-s~6jQz~OEIil~L#!{FhK7BSWSBNH@PVeJV zyur)`(YhD`4($!mpQ7+p5o}Z-4bir}p;t_0#n$p+$Qc78v(&)nylCj>m3<9nf+|__ zLQ#Y%r_kv|;M?I3{`)eBu|dQ^eC$%c#DBgLljn=UNn&u7?u8lkUPEj9=NiQd_v2s7Ms~Ummvmgs;^MV#N1~RmDv^|~w-yX$ za2y^fI5a(%HkczdcXiEs1aH9i0=6kE&3(jhj}M*RHcUh!3blZn;P1+&*VE7XnrW$u z`mrt{o7CxF%Sl`66u0uDTZ&bWox3%6LP0J#X^nLB+iH@u@a^K+nm|oyM}Vvf|XtE-Mu0K#L0-p#4Sq(U<}S zvV%{(W*8aZJV)UK*UCCW3}*}VJ42-3C_gA-rNuFb;XPt~bqal*y6bvdO&B{x3>*H- z^Xvn7LMC&Bew5C1RDzib9gA}_k0c@t`O|Ubr2cdMe>|kWo}Pjod?tnW82TY`GUjL7eJzOoD*NCx+10vtCA3FpV5}H{$9{_bfkJ}SnipOCqJ-lT!P}(E~g$} zfi?W*781Oz$%T~EpJlY7S7j|&C*Gbam6%mwX=-624yUfK$=4fNs#F-iW4-3ev{h$& zxmtVr^3RjYGmkvDTL-a25hy~ovwn;cIQ>ifVXfr>alu%^TOEG+%mP6P9Uwvv-u9`-Oxu+{&&r5k)ha zx-svI)2djb!Um_R+$x<-o#C04&~<4G5cah&WoSHc3RT*1!6uvi)ER9}8ptORGGEHp zrCoZ#1I~<=>6sTZNyz8Vck1oahe*$yLE&Gbz!lb`EFCCVT)@Zio533=$I*MLS6`p2 zgU?TzjvTH1$UP1?T0dNDwyqkdM!gpW`pchp*&KwPRlUz7JqNZje8sl50wv8&9wF(t z`1SD~9c};(W&aqis52**Uj~rctixSn3}!x+1?ENnXjc=C2|I{umAWrMi{;3RP&Rf1n%-3&5K;rlpWx~VO8sAErWigz{ z=GggonCczFQxWZ!M5WD%PM_l9_wcLz^$|zyj*-$ZY>F73Q^a7edqTEiP&weRZ#g=A zxEd6@fS1g!_#Y4Y&jW2}Mu$Bc-^rR+5x4NK1%D&1;OyP^3pq2@q~P#vTt#gnN5ok) z10Jj!^lDkw*gj$a9RGa?J9Vcd(U@Gr@&o7&;IK2^po4|u!FnXS|upm3CaITZB zca(?wh3c_cMl?j#kZoJfn(+*cd`ZK&Beo2+hX=8%ULz3;4;d9|MJXgJdA zf5Fb1tRcsEx!;IJ*4^8IrQY80O~&EGin0U>^*>K6B>LPs=%1he`M0t1bu(mITl-B0 zqk{)~FX>w*@}XLWf^&4}kZ?W_IQUpVB*@VBo#;B|?XEhyEV5egH0X%gt5l=Rl2+ke zZS}r~%Cy)Kgs(efIgFQ472#d=6SUj>@Gb)1?>Y>B_|t!m4F55>GnnOc+#!G1GQT_u zwY48R&KGUmg`Lfh{KS)W`dx2d*odG7Ca(fk{C;MvBa}1^;Y&5=fO*<;^Y_8j2YArw z^U-fK4>v1G-W0+iC27-2^}&0!=W0F3(;}Cgwbq#L@Y~mF+2H^9cFPfS4XdHR&EE~! z7%=rAj50dbdp6*B$}m7t%gZfI|5HQ;-Q&*OnMFkKb}`fP?5h1(#L~(WRbpioN$Tl`qsf}4FD?;we1zOJIp4&j(R0yYeU_d+#;pp>lghH7 zP_U&4VFIf*S;xvn1|%3C05_uX(mo>Bv6QmDD-*5_61WrM4i0NM(u3dKg|XxCe!fw$ zrHdg!tgq{Sm5(~5q0gygGn z$fl~_knP5TCB@sEV$G3|@uLRX3@ex=*r-}z=%=jlyUH24>^=``B(bGaxH=0I9_)ce z!qk|n$VmYi7Y_!p(^c4veNqTFTRlfOseD>T4BrztUNcXT&I)C<)uVPLiZ}tP$(FG% zz8%G)SNCn=7Hpl7gcKOoXRyG=f%#`i!S|OnwPLXBPpDd2abXcS%>gPh{a7=&k$T`n zAJqGDr-CP30@3ojt+oD0E;b$0O+@QxJ#SVoH4uK~ihxxmS0@D7$@4W$e<#Pgh2Q6) zo2VbEqCfSzbH318DhvMRX3+r+OSHo#Tyx!YI#BV@&9Ko@K6BdVln2q3N^oD1K*V+= zz!SQZUQt0I>9*1OMLkPJT^-HB!lElx81LeuJ7}T5zn>}Uqqr$1Gc)tpZ7!s#ky+}( zKIP%tRNBW7saqET;-i9|4iGPoJ?d8~<{Wln-lb*98UMC0x1iwwQ;G7T|@`N%1Ql?LO9Dr05QlaOkP zIE|*ZAB14rs!3QQhrQ6S+?9p!;BL7V?JD7SzmThd?HqAgQ`!x0-X96+au{mloHfc; zGMG9NSLm=0h{Ss@`fi+7d-yK1HIPgr{XSK7Kt+(;>*SzCaKzTQd80{T5u%`EaxV2I z)qp*kc0lr)X-3c>?aN7am_N9mtJBGX;1`APyfILDq3KPkqHBQm)Q0QKUPQK=z`H|- z4(SDYNU{sQwE2rN$UEthBU<-mm5tmZaepjG$fcy0T{P!p_ggA0abOvn%)cHx^FX5R z^VKCO;JtlL(IN3QlEzPo_{9yXJ&eNx+{fO?J zRb}aIx%p+>m#7TBXSY?fLqSK@@^qn*q=mUV(r_yA^s8KOPNQh;4qh&2KWvq|FYIUE zuUz{kCCPidIU{r;uxMt;pDp|9>_vM86TlRR`b{IS=n^cFylwsdsJch$sje<{a&mGP zbQ=U+2}W=oyy|3esCQ(`5*+=HVOAo@|IrEYS1wNYrG3Z;_g&}a^Xr%^rg}Yh1C_2D zCwON4fIhpj;=j)w8UKFUc0w|U42t#&)r^0cwx^#&I?8d9QBDI3bMJ`$ z6{Ejj#b`kgqoq-84pUxYhf?JGKh#ccNMO07otwsR`oZMr?!?c4Uoc>aK7b<>y}lk@ z*COy-pUb*}mxP$fex#>PD;S`box_UCieLqCfdy3|NgA%v-f=kf%|%UtBO}^er6h3) z)U=D#6&EuGI7}T7OpI=XoZ%_yLdby{2lB*voRKo>sKX5Kay=BpP#l0v1USmaZt=hJ}R% z9Gxd)3s5p4+r;g)=Bq!ku8o!Bfw3|!^Gl-kW9VF5Tno=FSZ;~L1tP3BIgwAo4u>{M zCa`q@L6ocomWT*Q(SmsKl+N%fIM}BymGGi=SJEmycs3>+3!^(emS3EqTShMaqm}fd zz1emXn}DDVcDEQCAAhYWtVYtM^Sw8}^`2!Nn0C0HxG?agU(El)C!%9-ZS*>rd|-8! zsP^T(jA@FpMD*DU)Zma1##<7Y&CPc!>84%u6%-VXTz6%oH}3S+dtYmvcCbS_KQJi7 zak~DnrKKf(G+tdzjf8~^M;B*;`l0!H<%war$3WD6qy6N`cw;UYmzyIVH1D{4S z5m)q|OFseN!f}Y~qn%riejuht8BnI|5j`#YN!gI*NM~wge&fpp`pM;okBdXGZjg~hnSe46q$3@pq|si zO+FdE7hL}Ojr7Vg`(zC#CpP#ugu((5D=nn}ZT5X``ux$2Nm8^@mw}RvZ4V#Y5}(WA zOSD+iZzNnU(Ew-${=Nw*Wpe}cL~YICnNx$Tw@-D3Zsnxp3nSY0gQ7!An`at#ha2az zKDsq`cM~v=NZ#QgFk4*IIch@FsoFvb`cj%ktccbvb9siBr&CSp=jUfh&q9dLAWf?* zeH@&e4gFjO66C~Z0N*Q-ToY1@vZ23-(nidH|V$4Iog=?F52i| z*ba?1l!HJZp@$am_Q)f!#@fWrE^=yi_G`5pL3MRCm9X{uWcZICB!h#4#H(a7lCP%C zB3#EtM!rH9E>0<3sxX0%^2JH;h8+hA{t`=0;Hbtr#A!+hY(7a}k^;y10dIjKZtk)o z^$qTYVS!E)KU7eL<%$0>mpdECd{lS`kbprsO8ERf^yRL&U8fR^f{&SF2q@9{+f8CUpbe zZI_qdMHI#*!j9sK+D*4+yLD97JmS27`c827`FX$m!To%-@W{}f?~M_V-3Z-brx_Qo zh}8(3!}z<=AM<5ib*|hP?Ev^kD~^JlGhf511p#L2hr7o)dhinsTC8i*ThXK_BunRiVDb zB>O-!AU#wud~f8wbe5aHqJ+7H1HSni5XEr8x2EgdPF5B%x3Z{Gy!cBeiF znu&eJ&OGatXD~U)(_NmbmjoN$+96QIEl+%4Lg`HnaCt{2p7n}CVFE4(o<1pVcI*t` z=QXwd3LtF7Ab`C5bX2)@D3fwGHvPigBVU-rocCV${VGq3N;E8@x&7hkrWeP%#g;$d z0(p8zVNJG~YT>6F^_8Uxb#@m~n28SKH5hJgZaf7FdFS7jcsLL)M=s}u!S6`wD;~n5%?GTQ>Ow{V4|*!6@@kUDussKFJfcK z8_p3nV&dY$QJG4xY7x;-MMcD5Oz!>X&si@nDjP*=lBGOJnZ?cz8~v41uV*QxgkU#Z zu9x;c>x1cpZMJ>%IpH9rmkK_d_9sHa!tXQJrHw$9xX!->**(wdXQKbaHAd%KYq}S} zm?91}M&4#ci~{nwx!e$bsDn0lRg8@27XEEJl#mZe2N%w+|A$2^bAwpo9w)Vw`A@Qh zyp6DXkUA8D;6yf~0;2X0q75>#sh&d#c@Wh{7(?`8p=ap=Vq>FURd(qcHg44#^8Q6+ z^l8Ad%aBM%_JW{+aOI?{kM-fFg$^p1(ibhOzuDJ=zru?8C=o@R;|Kb}8U`ehN5=1j zLh_t7F+V^50oS10o3ID>w?KevTE-Y+kP2PsI+-4v61}AsQj^^KRaWf*ZzmV|&aS=E z!Pfd5w`__5-TDl|mQRN5!p7km6aRxo9Q^=2)D^(r2DanlKOiy^^{HQHmC~mzvV6>a z;h<3Gv-Qa`2emu&!5+lLL)53?f^uLW=g{HvXFNc{>y3W{yjcJt`p&D)BIiTu;}bh8 zlR!$u?E!tPF4}j<;G&8f=D!>6e~RJ0%6vJQ^{5{p^M23H!!CI{)puj+lFH(Y45^&- z={feL&YO50#oq_l3sf6}gVAZlozWM`$+xx-9v~LK3sm_4WWKe(Z%3={L3h4Lxi;O% z(CEJ*ZadyUM@>yF(5hc1i$%oD&rb}-=zx_up%2QDk0k(=05yCm#_6avd>jIhBf|~4 z$gfkg`OmCRCD6gX&fU5}O;~l`lR6iIr%|lA!I8KJZIiNkGQ*mLuuQ^_{@WN@c{<_c zHd=5vTy`;gadA-~Pf|vPfr*J}xj(DduH*gt_cJXo$@Ht8sSVE0h_BNT*sL1C#{s%~ zo0#}&s^0ti)?S9Z|65a`;Lr#e3o|n&4h|e);qtK8uLBwz{pY2?#D}$!VvmdCX%-fi z>p0;!%Re*mHmIa@LV_!Y>6~gO4?~;K zBmq_QF;}tMrEVA_4%QV~^KvuGt~S}A_{{{P*x^mE=eCadf-qCDnm=y^3NNXUt5VA% zdB5$L#QiU4wJ#%~^Ggb%k?&AgIBC$jHA#!nKn_xaIy&t9HX-@-9+!3^j{ra8wYRgg zTf6(J-rImmRP}y_B%q!sL8Jn9e9Tkzhr3isunD%_n`8s&9R~}M?s40#N^{o0J4lp9xbz3tJQ`zf*hJ13>y#26z5{?aSb=a$mX^pq@KwHGfAdJ`i!w?ECC<*3Sm&I6_tr#h8Qq zeXoUgqPg_Vb}$Uj2NB7qF{g9%(kc$B#KFWDck+9>P`ueZ4Qhi7TEqdN`0E9roBL7u_kXDR+NsFBfXl%gf ziKn?XDr|jcvD!v4f$O>2=hq}9YscHiz+Cz%zokNt)ovNng|8=AmF2=4ltzBxn~g?+ z4h{0#2IT08-J;H;e>el#EL|FCaR)Qc7un zht}(mu%pE6@?~TsK~7H2%=~;1pY-LEi@Xsv1!d(9St7oB`uemW2s4;4`FUoT+h7Y_ zjvGxkzhROcka{)A-Ur$Ts4N>m$L`rXjZ4EfX>afFmoUJ)BoDb4*2wr707rXsCvZ9) z!=u*ZBIUf>Vq5=+^*_M=b|670}nDywAA0yVo%AciCk8lWq*?-T#S4k)+;J>AMrq=y%FSF z%sQ=}JBH;aCD)NuqB12G&;%b<5Qj@kVNdsHI8KR9Cx>%+C*_mYhgoK>(s4_weC2{TF&wm|# zlC0=Je`FTM-#l3Z(+*%mJ(rq6Ja-7YS#k@MsEJT9+7@+~?saqJEZXw*FktM@7w@Ss zX8nGc^>`Xu!!z(f8F)|ojm8w=CmF|pif~$$E5~3{by^UQ9lm8NOWAbmISP_j&DC=1 zZZ`Q!s^dwhk?SunX*X4Zfp&5j+Sn)q#x1^*r}va2^xT*bpJ3;Wn+38+A!%uP8WH~2tBqfuj29DE+>h#v;}hDOia)6>g%@SCkp{ME|FIwN=Q+5A$= zix>P}mg8wvV-1AO5a_Oyi7TC@p{7C5rh7`<<|C`z(NR59L;c2aKhf-70}>*6-7}qY zxRM;?Fj>6RtnVOSG5D2C(bipjdMRw=);#h z1H;J7nhttWWM&KfPidqtmSvW`p%WnxsDp#Ugt(s+qW2@4zX-{B%3_a-}_jaK7 z!tPP(IaAmD@)aT>@n_v1@toFe~N#o&-No+hk zc%3KoHXs?RDFF)C|M>oWFvu3u)|k5hwA=R_bLPdhOL%~rtRby5=(ih7GfMNjpmuy^mAp2?RwRh{5O ztmE4Q6Re_15x+~Xxa355u6w)%UaRhva}ypFd@{rLFExbsNtcu7%a{hr%KA=4MX z2I&M+?aT6te;X}d(XXXlF?Yc--Ls7xcOr*=BOz@|AyiN?E^?dJEnjhUD{3=U$C_7j zV;Wj_@OuqLA%Ew!r7$kg7`m&=Mh_pWJN6Qrk7}6wQJWX-+THo#0)F? z&?10+PZLCe3MA(aH#rN><%VQeg0umqUx98ZCLRU%8+kx3K3lJG6@Y032M-Ml7@w3` z0g|!GP7d(ocC}(87+nt_QW~!P1qPABOs#Nr8v2~E07m+Pv8_H$Wg>S^x_g6gO%QU^ zGYaL+OVe&us2E@+;uTD^sQFy>Q^yj`kP%6cr6HIn>Pqzzy+^zVruaO;`+PwSzlZiXQ_%2%66{V^MZW13dxQ zoY~}kc@mG$N~su}tNiiybueGhV`;syOd=IqC^|f{Ey>?6qquh#F29wfZP?6U=!N4x zDO}uUO7o&)a$@4f5*eNM{>n@D%WZehuHbNYlh&|VkMr_jJ=%j{N#Mc}#Z1cxU z{(Prkk9}%#@@ufykhE9&^!1siq7axFys^O~+jAfLnBj5{_u_a%W}!xs)RGsWw|(v& zIXefie3iwD(1hobN8MSdOxX$tYN!8^33-E2F)DMFA$oW3hdVU=pB3wQvV8_u29Lln zW~Qj{$jD}+X;1l(@lw?$9rP}aK7D-|(&4vq*Y6^j`;sG(C`=l?1n==ycQ^m;hO~V` z2S3!e2pXkCrc*76LM^_(8M);Q1(DTMqWFfA;-B=&KhQWK2T9nwT2%A?!M`-IVu;W_ zZaID}Rb3%If0AaQ9g>)|@BpeRU}@exB?m+$FY_bGKND^S&Da~TgG+gpFyf(XOH_F| zFc)mQs;r*o|3lV0@l>SY8B^}RkTQH*O%l5eDET)@r*Dkx!blvj>OXM_NoM7 zvXZv6*a?~l$U^_DJprMU45K_qkkLeH@yO*Fuz&@Vut55r}bvG(s7OKxaqhJ z(;D-~)jp~kF&+JQ;$aRsk1Xsv78%GCpD*yKZ1>Y7?MZ&9QyrioUH0}L8pS2c*P@&@TYB8efq>I1-6I__;}B?8p-&t*4zh#@sEt{pAq|;L?r6~eSD;dCXs z8bxRjG|wXm*E~Bvf;Web?j6~x84I@sH|vSg($XSPmMRG~R8#^^&Aa0Qr@`{Dgfr)- zfryUz`R%y~zS%+Ti{PpxqG(W|u-`ZupS~EgOo~s6$W&--1uNyZr%n}$?ALEp)mEN0 zxRP*QfRX3V7GHsk{fj^L8dqUM$X=Ncx6y@N>AR(FqktJ0W8H4gIHxj0v4f=hMr$X7 z);FxVy@*#W-kaySy4lBz-{YMSPf!H}1d9QIbad?6Htv6nCk0lHLKI`~m!e^eaTxOk zB5LROn5C+QPhFkwEM;@@+@_dMe%`!JsIn z=o52>QxV%5QW>Of&+&SOf3<`&g6pAv@x`%=zHXrKw!qj@MN@XA9t(uwJOQc^GTBTT4m>nQ@Vi& z#Z_{qc9}LKIlUp*V=Jfn`}*!Czz({U0cS-zed$tjd*JL4`k-m-RdWu){g&fZbi?QC z(_afO5hEX@Yz$&Hy`z$);gH15ZPE|DVJnM({}k4!Hyw#UddCkq$Wkc~qOr5*5gl7w zGJi!Dx=fmzts^Y2IGMrEqFrILyNnfs_3Iws~^ zS}5h+U{5T}gSvHnM`ssn{H3W9GcM`lJ$08=M5ro@Jjh_tFE3_fT{h_h{2NXSq$+Or zokjDRwxqa=L{+*^OV=GEo*pgLUP5ebZF86O6#@}+=j5g4y{cS&KI20?JAr#V<;YR@ zA=UopgO}w;`=u7WbH6N7+Z@2W^ZqR57~e5mq3J58>r+N0=pX$~aJ)i?H@EWx5dbyn z?0seN0GromW@Z8!&(9h3@PryK179wWW`ybmA_(xbIAf3YN_&gE_HX>nls+vZMnv=a z;iF;VHzDWrt4*_1QT3DaheCG$QjArH&ox)cGE9WtK9V$L*R7=YO zHk*AXYo5|+u4S-2(I`>ovDrDYE|8Gg6j}1vr*T*4)%VPax5<^dlI*@wuVlbbzt;y@W3@Js)3$5NYbXx0KyQ6sD7DwfNHNMuq*kgOmz!0i!=t~eD9#MqR!kO$J{bD`0L7G;e;=}&(xK)g zkO|y9An+%CRMy_M#j`=uZxD$7s$s+Ydwm>um!h$3HF_+l25UcRCH(ir{?{Fc1;ims zT4pMQ^8dJaq-8*iuH1ZN-*(10+EO>`P6P0Nv@Xlq=!{mTMq|Y2y9UZ!Bw>om6fUA^c4hQ9}c~e=EkwH3< zA*~W4FE^%&b7zz`vwf2$J7HN|Axc-ol}LFdXr%VE%4F*3A}6j1NtfJWXKe8IJ?yt4 zi`VQNJhwk^9GN%GX4UiaYgfBEkkSNo;xfHT^zVvns8o zu0A_IkEX3X-0nB$%MFTHFSD}P;{1+ZHYn-#$OaPPBsjy4qf9x(V&C!jf_h8)j5G>e z$y_t?&JK`QC2GH3l%zH{5Dkv60|rC>j2fvzyBpL z2{p-2IvV<`ddJ}~GF;BF@Q8SC|CJ_K zsslzz{OiV8f$6|Hw|!N; z$96itFr{cf>hIG3PKc2cnuDI+4ZlC@{0}h`+1S`jJ9<)(L6IiQYxDf@Hnbfd9RuTw zb~*`*mvipl^k-JS{j;=nlc z8~0M%hBs)*UIo_Iki0@oVeXrP>_$;onV6se>F|3^tqeWY+yh5|BzSQt)07zUE_4f+ zDk^2#?}ujB(_eA;@~}^JxYO%Wku(Hph|&=F(C3S00^2JOVtj&1NAPBFPa^o&cjv1* z`ID>!@}y0y%P6NQZcNB((HVW(fs3gcAo*3ot4d+4sy(B3;# zfVxUfre$i$8+I5807E%^wl;4H4Ag%9j2S`iNd{6-B+>Pw&`2hXc;k-u;j^QnS!_bW zd*^OJ+C6FxXPWa;o8gR=IuJ$8UBnok7G^XvZo6kIVjcsfq zCcWJ<((6!>N`_B;X0U3iOC)g)zdXZo$ESboy_phTU{K3^dz)MOat;r8{+aW`DOpH> z|9l1L-e}w(O4@10(@t2T13)7?x9yN{hh5INry_08}+BX{w82K z1eN$R^bjHj-r=oFO~${q0Inxp)V5P~7@3)w0@;95qfx$dj*p9r>v;L%IPBF57RgzI z)vo#4WGy9#Jox5MJ{IKmzn@ow#gSxB40JN!I}_X8Ln=aqbVp`L}h!ksU^}YZzR=yF&hF zcd)nDWV?l*&EI{%uA-jXN>tlB^VskP+XP zg=1`C(2eDDuZQw4>tTZd&;QdF-tJ)49cxkoyNsVSa&$yl*?e zTOV)(HZXG2E%lzNRi=KM!zK-;ORG_;sU#_K_A2?G@68YaaBwf>K_?TH|F*^MI$Pr?Ui!v9#Zrht&3w zY4^SIh*z(+F5dai_od0IaK@H66dI--0UbbRXidbesbMe)UyIs@mwu;Vc{bGP*6eG1 z_{CD~W~Vd<#}}Qm5!0i22BY?1$;~>uaAtO7wdZ}{uk_=iqnTe>sjXk%vMf#m?wS`d zQfk2$=YN>u6HpIQ6Q83Z6P-Gb+h=DrBDvK}eRa(RPb=-Qaq(M^ww-`dXTWaNhNn+I zL3(HT*{96RU*K;twmR)X!^rRPg+d!P8XByrz6ffdt?N8#JDlp3zNGa&+z7gt_U0qh z*}3KXkgo|;*j#)QoqcdE6`RP=x-04G0|Y6dpHxAO;aQ8n@63y#88Kp{$D=^!U7Bh- zl$pdA++2wgpQkeKx!zWW(OQo|Ee^`7>jsFG|Kma%S0THyChASh{sWE%C@gPS`)w{i z3_fyKJ=Jmh6mT17fb)KW4Qj!{Q~*Z67nT#|IxN}lNGl>;uB$j>$qVw_?)4i{YnE>w z9;Y5>^E_6oB?gFJC5!#;=)ogv2GhkU$|%$L+)1ODD6n2u46xyyT%0rW>ycgG<7bza zLc_1$ni<)i2NPA^Fd@?EBs_=%0|Udt!|$4z-E>=<2+#WHmE$yaIOWeEXwd~xQF(JK zbL&cV8u`CUzTE#R`T3z-NQK=vsEn$>cmh*8)SY(j`DPziEfcpMAP7#RO!v5ek~YfQ zsLqSd=HO;aXD4aIt&Wz-(T4dTXLO`)0=<(nx7eqnFb&Z=C5nFlKzohv^Q(|N#sw(b z(I~@EONaV3i$dWL>kQ%5HZ zEaGXJo;Jets2q~RJ{io_o?Txjprni+uL&<)T3Y(qF*Zb`PfrK*B4NX_<>NNj_C;s~L z2?W_IQ53F^`kxmt{Y~Cc9Y#e#!W!93*p1(zcGgIQi5iBB(!LS_9&m4C*6y9nV)|d# zuo9^iH(ipG50ZP|_Jv($3wtGJ)t}HRSNAts29-OM`v^?U$;DwF+sPR*XAW)y*};`U zD>f(iQgaa2ECLbI*QbJ%>Oq&f0&{b@l#;~)ThdQNt0LS^_N+YNORy0g4==B|{$6Q# zZeblNsQI#!;ntn^NFJR-d%qQrAis%=98!tTH6(iJ$I;RSnxa6L6nAKY<1bQP{l~Iy z_V%S;5K2k7@mluAlyv2QJbCN7qXRC66uKKAL40;Jt4D651>LSv4)Eko&K1HARL~tR z_HszSJMdGB(6BkaDyZk7ia$C zYxcPMga&+&#T9`8{YILm(LGMaDM$7x5B9M;@Kczwa!BH;E1DSf)xC4c0a{z(`Ath$ zbwYW?3@c}pR2FE56mdbZy+;AFJ!LI_MQ(y1l#OfZgu?XBCC99G<9Mk08f5_BFLwE* zCbjdGg@>@(WmEvDOtH^T_hXDMm*=Bz+b*lf$;;0JeUQMG&-Pp!9ZzTnvi$r8^^}mI z`DIzzgUG++`~Bg{51Yb+jb!!U$Rg+R8xag@%bx21Uo7JXPHs~=otbANmAX`vNCabQkuC}BQb8r{>ky*QSdNLerTSTPRDk9i4VXANa`w%W}2 ztu%ykFDA3%c&XDl(;Sz%^YR8|yFDLUQTCob8ki_HF(hQIO>rT*-RiFXwyxc}Jbi7!8# zdKw>$AU1^sU)(H`!!1()J=5!R&n*6rvsZzHf=DyW#2fk>1O4x1eblIm4v++KPSiA% z)D%_BrB4Bd=vo`nL9dffRCYPwUKtLsXhXyz>tB~fmUw2>_|*L_O(5c#mYEYL=e!Zn zi>c+_*BPmT_^^Lpb)dD&)vZ2!>D!fr6t4_w+87yKOu8rB_LXQ=+_M?VYkq-&r$>7_ z1lhG2E||?NYz)cI=drf7-b%t^2#$}BA6l7%01NQM)6mv71ywV^Mqaub>NxVZya-B6 z)316Tf)~&Gt=H45%Ji{*@>%MDmMN^-^P{%@9SjL|OA7(*T$EO$AJ zRZ`f9o)h@x>M&xs@G>@Jy;9j-ZCi9M z$TG(djFBC`B>ds2n*7_IT$s0-b7ZsC2IeYDLz;Wq^)kd;%frUT^unfHImmFy$jBJQ z#B?%>J&>pX*lB1}n?k&?`|in?hzLAdTH1wjJfJ?Kww#(8`hjIz<}Q68ijQ;>H0_-_ zFAFe$#z)1_kdTOo=$M`uh<2K)(4R2%`SkZLIq}v5o@H*vaG9Z#A386Ar^|!!S{pK< zz&fSCqxa?`mig_j2@lbj*xZ{yR9v1gg6vzo!n*%EXYhTH_qZphzRI__MnhThY&pyv~B`d3!SS_Fo{bAB;W0_j~;e@jd|!k zNfP46WZ;U|{^N=hA|pN|4nI_hXy=EfQXm+Mo()q!H{^P!u>ZT(*kv-R&+?y${=b7U zZbHJtnQjxS{~V_TbJ5~M0a8AL7}+Nbqm(9-^%4TK(V0Lsa8|^I@@o{dcE*H;urPle zhOL@8{q<%$5cO4j745JRBR<5oeaUV(q9dbT4V1|AYSYna`Me|qn#DphZL+;OimrZ_ z;PomHiUFOas-ok6T}c)cQi0qK8&69{<9#5)+-=9Pnv5S37-S)^1$`EhXKN`(^m>iK zGC;G0Rh<-Q&O|9(yK|yG=baZA3)j-jKFHX56jMiP=ZnuMWyKiElG64_SJK2{Wa2qfQVhO>!A3)pR zmE%s>oL;g5%KK$`$b=;8lq8RyVbw-DT9fPVztU!+o5|B)j9V`^h$#xQYZ z;{P4+?|-?)U9=BQlgiq@MY1bXm|Ulv4aEv56^=h!rqWy;p0Pb3^feqhTuCga_@M@h z)Yc`3>45s_Oy5M+l7Kv60U zP}NGyzo}~f%jdA_i-QPcXLvpyE$D6pO$#OPzZBWds*o&HW;vtaUo?6&KML7Ejww`D z^8C)X51u0~V$|j3c34mJp6Wi^>6^mdY{vR_W8pywJMOX$L^Y#TbX=M764>N?KPG(e zn_)+(v&V1W6W`P`|3%D`2@gqb(hVujTea;Y-RCioSmoyAEQH=m3&56es4`@_04%dC z#gSVFhlUo{o?3cP3IWB0ID`-CM2hR80b|P6Khs8!A0HWM0?5lRj2{a8>T%kmgzD_| z$<2fBq=5a;$;jOCU?J^WJf(ge7MO`_1mKrMF(nW(@}Hr7$G7zTJn^db1`@Q|n0UO; z5H_4J?~qpS&-YCeJlX6}vj%ek(YN2({p~-l@_$}4&{ha8#d0EG45t!(E1b(y1PcAUW(M)+oAjh1*)s*!4Bw;vGEGxTFxX;+Zh@dFCvpU= zjfDkp-~#;*nR~2FdVmw|ne&FgLF(g}HlmH|0RZwwLYeZ$EYT~jGSbyTBC30WMD7MOpv?DUZMJcK003 z$93|oPM;sD5nPZpdqmck2$9Y9l=bkGEvi1M1*8$aparaYsH*!JW5dU0?uri)NV9TG z3b>7#cnMk*c_;7%KmOJmI9gmGsQUoKc$pwrFVg=r{s6@!YCQovK>HkSi3Djv!x5ZC=0?oChWSLol(S;Ytf5FP2>2$(yuhez zy|X;gimJ~(Hn}3N2*{$r=aPT}V8Wr5@h7iU)_;GqE#%Zx|4A5AY=_7sbe)yjyB_K{qD8rw+jR`<%qMG?nRxbo!m4bPlZ)>HMWSu5hx(?UI1CKEX9bs z1OXf0^Iw^*%l!VY1zz}zu3!YkP}MVj5V3mj@qTA4>LZ`tE$QX{n8Qq}{^NE%4&yG=_>uzC{VBQX zU@$79%H8GDZNAWQbqGkAx_%3<|8ZddwuQcLAUbU>5X|iT=NR^G7OgL1Bv%8G8Z!4Z z&#rD*7FT8iV-(yezG$ybbKh}t@Re~H8g6{h4kh7XC{BlW+!=$`RaeEeJ z8L^mtSS_65IQn^>9hCgH9hF7pxf5w~fAvX40Vi-9#mvAr+tc3UgZ^m7A^wX{JlSqV z+oWn*fVjHQe?oD$;Tz~x;-m9mYD7_a#mXCqtg$D2KOD?Vp}UcQr4CU>r5=5$Q(g$> z2@KmEB(U!-uN16WiAiIW@%9lLP6@TvF>UGhe*-nGFUd{}9fyKchZn_H!-f)ZsnlVf z{f9Sq{KypDlaX{?;uRUtS`UUKQ-^e@G+Cm9DzebiwtGl}_}7L1`%mK`BqUf}Uz+># z1<>o36v)m->(#kD6Z&0AA$??`Bke?{Cjx6a(b9JPleEvBBB&8 z^L8Mhp#cS(d)xw=&O z;(BW<1~`E^ny$qw#QXoE=%zm=d;AM#tH>iU^c}c&hO#n)E1@X^7#!48bH4P(`KHm3 z-x5p(e{HaveYiROuair}-g4b?EB`EdOQ#o?*$DH@eqf`L7ue<{X@kbwWqT1W^in-=O$kAED&4Zm~P{N<}Gw*`;bH#DRE3gd!_a|+96~IXOk@kAUU@i zySLd3)r^72pJZm;yn;es4C4lR+@{#e+~YP0lwlPBP%+Rv3m`9H#a-5hocZi_SHxuZ@086Qmg0etSq_vIJkedV z?8XyFx4UuPU*-kIvv79IBfk(;Wk4EcqBe(h(FKGQ1P&8Zo|djt=GMjtC(}~k@PRW| zD-kJp+Psu>}R`VV)a`nl^VF2EoxoWp6Ha*T%3;Cd} zrIlWigS%*ECNMMfv$K=9GFlk8I7M`-JKg=*L+IPSxfLhcfCK{6IcdO;KsxLv^vpD&{ zC>;K-I#WNX#6R!!KPRy)g+w5!cP#$HnHdwKN=9YQXgmgRSB&|E4?#LF#a$Ew>@XUx zHiEeH$Oyu_whsOVPvE!z^7NP-AmoA$%qpBJP+tb^36s$M-2W)qGxvtS>6yW#-Mi{5%ycEleydEHMcQK>j>^`jpz4x5sAt%6T`b zp#Ll>G#yNp(^c{ya-b$`+EfcEk<5eZV^A@g7fANHs>9|{r#HmH^UeUBhqd`C#DOv- z(Oo~51!)I;g@45-hC8)2rae`DCn?DwcZOiJdfSU!BnQ_J8YUAr#*-64O%tjE?S;Ot zxS(7}r}tOF)Nzero>@guHKdP7;Wf4lL@dVQ9y4Zi+1xKGEsh)J3ObXLm<-1N|BPUA zoOPD=tD`ojADYDLmlx=okaC;y(f-B{-JSF7eKHu5VJ*jvREMKZ0QuVF)-_EZ1qhCYM=vs zf?LM=CRIJGEbrcPa9e129D}|@zEpt;VmKGXKhyT% zEI=&^wfkkx!#MKSNs*?;!;s4?M9DT@A!e6tm45$v>Xe-3!<_O z2*^+7>GJ#KItZ@(kErYlqJvo?8qCuF@fz|8rRZ_7rhx0GUf!!?*?wdsM`FS>94N_b z-&fQ|ok2?c8O+nP{o0sHSb8cB>ftxIlwh>ss41%ed)KGW zd{)7*D?@6f0&@DtJRN%X8q6=t@ty>Gn8mInwE~m2J5v%ko!hc3vZ;9r>1I)6_xkQd z@L1B2j$~|C5+8!)0N-zOG}zOEVfR}$)@CFm|8=O3;0t38vGND8a- z-;)p6Br+TbItbar7-+u<{Q{%AM#2!Bj=P#DPFNVT^sCa=@s$F3IXkI zt|Gg$B%ie{W{sN|n-A*&>-R}glx27o;%i!GjQ^+ND^O9qppaG*do=-45&gZpotU0opW3GxwkuMrmNr*C5p&xPatfNx7DDWrz~mERH+?JKBvH zoZQ&Nz?LR!y!G|ofBC6T)gTOS zL&_S>+b~s4hB<61T=-mcl$%W$T7vSpH(s&hFJvmkoh9ikO#|DHJpsndAyw6Gdhqq7 z$v2ujjzEINh0fRhvjMw|cMF@;{3n#K+h5JlN^~wOc9f=}tyAlyOxaYnU37)UXT3*A zQev{(8%Lznc9M=X#RR&kxjOx&fJlr7=|50CNJ3@|9yJ@oZ|{L*yi0} z!m_F0huF13O0G& zS0TZbJ!UThTCcAjt;f7mG^;s_;GSZFRmig~7lcJUrcuNsXST_ZZDlprS;7ZU^?6#W z35L{Mr#?zlB@}^&qDu0p^TphK9!Dwf+K&q>ZOk_Boz>-PN6NpK9J$&-O)pFY`?C2Y z#DbU@y*u65CkD=a3M6qNp*-j+VI@_KlR5ekmqa@1)dJk!f7E{nq?GAC4##C{8rY#D zn3qdgLXLTGO|`?8FOFs%Rn<%stc;-=nusOcy<4{y_TS66p#|N+T)9`lel82%y?vH@X>$=Dw z^%Wlq(O9mjGbl_Qwd3cViHqn4r%{3M7H2I*`?#Vv-^e6QkqUhF5yG565g!G>yMnolYJL`>`1#UCi<-+SOFb=e8YK z$DMj2huule=F5@QnqyeRg7 z)wS8Yxl60@)VS2EY-C%np$FTCl6l(^1|ezn)JFc54MWps0Ww&g zMX%Xzld>YVnWr@g1br0n#x6{fx_U1|I!x_TtYqX_IcHo4&U9>$p8{6FL~ORbIbFnV z;>;Tof^$+jf>I%#G%Z)(jWGyiyp`H*IU%ibn_v)DbSV05{d8QbhG8iBz+uOMgyfjX zEB{Z|nq^_cm+M*+^aD+iSk=acrntFi1;oL)Pc5WvB?HFE^3wP_WR~^P&zOjdV0|Lp zh8|&{zjyqMmUKtG<}Ffl)%Y6IapU(0SOwgBTu#``N0Vcr=C%>@zs}^J(*bMxUmii> zG~VBVr0D-Sw`L|1C&0R9L8qa}dm4v%WlvjC1lG94RW8Z7;N^kv?@7X*c|33PYFg8x z4l4Rb4I@qkwnrqD(5F z7VFBV7CZRtn!&&Zy#kjxK6*icwhW_3b#3Y?WNlp$_y0Mxadro{y~IH>5ec_`hLOA) zw^IYE?AtY57q5XoKDK!yNhYXLs?V%Y^VYK>)`2l~fifys3LQ{35LqhtpK24(^#`UV z+gU(R4g7oEzL5!13!w(*{2-w{mG4zoo(Y1>ox46!OPpixnNLL%90Agc#FwLdX;S+N zEMYg=5&wxQThUBDFUG&s(|s=K)^BeSO@1;}psyWam>7HNGpuFRE71VMp7^YcZiO2q zA#YwByKQei>QVO>W9{_l>5Jy~+rV~x3F1l1diCAtB=N)q@y68K(iK0VT4o@3y>b*4 zOJXl3FQ(*|O@VO>x#apx@!tKtG=#~uG!LSC@vIWJiD6OXE4w+DPh$g&XF@sw(T4^Cw_A%3P`H( zmE8JL0Rz%(i-TIHpqTpKE)eJ(C?L*V6^3+v|9N?89u^_7*b~-aR)+cIy)5Ag_&p;l z;L}Fy=O6Q30%4_v3P^dz2$7mVzkg2yh!{1E-DTN0O~l>57pu=K6*5_x1%tslXsGDy zmg2eXe<=*}qY$>={T(;>5j!~_-9=o|T;~~!OggjtqDt7QiR;a+mOtz6SlvLIeyVp3 z4Ef;s$g|z#!abx2abyVTU0;={`yU)f1HL`0*(x+#(~SYXM7E5cU>~C9Q+i%G+dXqy ztIJrao9U;4(vta8kwA4Mm!0L9_Rfz7AV|xkFKvsNGdlz~)?fb~9+&rJOGQ7WQ_uFt z>0}{+ONrEEj+xDj<|j`jEng_#cT*JBZ_8cez7 z^NhIN2=+7EtCN}+MMkeRe}&CnQLRXm>ZpgiJj(()5Iv|pLSC?ysKamm12y^F1N1lf`|=G~3M z$7ZArPG4Y&MT}dE$Nk%#bl_Tm%kcz~}K!!&Tr{Crc=oir+AxaL>2v^lPWtpD!k!OD--i%tb1Mz8_EP zP7z@kmYS?YoFWMDSXCkGU>JGJGF`_J)qc6RWFpJX_&6y3xrZzGZ)gh|#oAs}j<1n^ zZ~U$gvU`70BZ9!rucQ8#V;$!KVZZK`G3g)9c!iFLd&MTmPJfCt9Y}%XmV4Yl6@x?1 z0w&eIQt)9?BB3(hkGM+b1zcI1ZTFKDJJWvtj ztez^FmYaQ zfn!nCV2qEI^0ASaP+=CUWZZ4idxPd)^Ht$QqyKZ zSWDE&NLKz+syZ>}&81&fnGV|05zFvE;ZNyK^%7cUSU0oe;vbIXUoPe@NMp@4I{tha zxl9h3{iW(`X8%?cvY6t+XtgS9*Lfc|bikedfpgc^mF4sjCKN{rup-htf0gEp3gw`7X}Q#;m0 zmVYtOy5Cb!xAIee>}O?_<`gmzh$UCMtjrBVyvP#R?Y@ENSO5C-BsP=Xj&M5}=|G~w z;1s-dO+RNlLn20t@?MhQ>wssoE~tZ`3gz(VY3IRLsJY(8in45bIpRH_&xmLm#zmk# z4buE<@ovvu0#z8YMUr65Cr1o1$K>;y2Y+ZJ#M~hKF>@5vQr+WQb=#y7eR?Jq=>o?- zI69;j0jVmGz%im+1EOalDnR+h?zQ;WwW@;lGi1Iu(}0%e?nn0tATOU?dC%+5H0}2# zX;udoQb&%q{nIa5(i^?LVmdEEjdleJkoWrddC>?I|iX>R{4*vdkPZ2qyX_} zpqykuG-xN{2oV|nb>A9D&A_M9gsH6L(jlGLBx2NbG|z>n4pNI0=j3P^8z(&KO3}Af z4h8zL*#elIhQa#m&(Ru@M`lhp)G!xF7Z|_ugQ2cobz)?+!;f&Vu@!*%7l6kndEnlIVQAPHR>A8bNq1LLZ8%xoOUHYUBhZonBIEus>Xg&t% z4N)y;274rrS6-w%J*5UTv8L7P90P-Di{4*K+7%=Q*~>$ZTmuHO^bzWHFH=EQi(q+7_sWJifz@)GgoOWNmtnp^ zVFwopHL(kWBz#_>lUSW%2n6{_vGJjDd zTXPOm1ZV3rY^bf+6d@XgL~{!S9$N-#tm=w*&iFQtfbAmT`L+l}OkrJyo?A?F-dfPj ziAv45^~Ef(9d%fQWSVPg6M8hMamWlpu+XdjB9|SWFtiXx=QMe{Bay;|eL0o&+7R@_ zBZ$qI9V}KwLbP4qiY-3EJM~<6uWWuv5ZK;IRP*3O`10gd{&8W1@1`CrOlYl2ip(S&C9-57+>LytJ<@aD zJrCZ<236?qKo-}!xs=z^qpG_{ZSh2h|6#@(IST*p86?m zPAhw99~+%KK8!^by*Wbg7h{kZWUz3P(Sb>cHpBC2G1ox(58h5T0osv}9^Jx8ki~0A zYLpcyEM8ire)73C;u4~Li6`_hCH#*gMJn_Gp?iYUp~!#_*U+GsJ>8p zu(hr#XUieWgder{Dq{&7ur#YGh0h}hsICTi z7>97ya+oCj;;rard8_NOB-6jWs0K1Da4(Ba;L;#Zx1YQH|qZ~K#jDh$(= zDO=n-aZvH_Ou<1c#p0E+&f!(tQ2ss7NcHJ(-tpX$Z=A!TFRl^-OcZ4`f47X+m_^}D zY;j|$Hd^?#&)3jPkcqi#S+y6v+i}{zhO7m(?oBM-sUX_b(R-XB~R#H>S}AJ0~q}K^t6DesGjRs zrI)V-FTv5RSfJ?7Y37xrDYPIIfCK6WE3Q_%4${)NU>MmFS584}k@)~P{;0VOxyujG z0amO=C%`W%QG;SUF57Nqs#FBGO*4K82+(5|&=Ik;CFtgRV#YVSVpiId>zG0x*nPyTDp839DCD$+ar8l!EHc`l?ptzmC9)7=RAtW5yz^>qW)*8t1}< z329<7kYGGmf#-#{<2a4K!B8Wd#^uU23l`qVw<^(uM$*z(NJdiDHRU-kz;Bjj4&!2aJvoQg?nsBKHV4e!hdjI(F z*#Z^wV!6BMek(>fJ942A7~7H{a)9uQ78uV9D`E`oW)v(yp0hthgP6fOdNaL!NLFp! zT#bve$}V}#6*SG#YLV)Wn7t5=G$dOIPBC=3KNe9U(OrM1uZ(|evs8Wk*n@JNcD{BY z7SnRyTK=v(BckD#&!6?qLmz)Fdt?IlkQtmS*;YDq>{SbL1;vAlIzu^Rm?X(&8hu9q zu8i|R8E8nCM(xh)T8S|LVmS(?RVj-vKce*@!OKOkGZr$D}=qD2UpEaT?2BI1>9D|=;_oe zU>%jP^0jMbfMi8M0rtY(AKUuzh<(&AjlX|y^hv{WfVPnO+|LB>jLITE`TUtv@SH?C zZqr;s&(%Z>K6*A%rTHEV)L+jk4&qhLdJV-Bl`<|MpVF-)9a*0C>zs@g7y}xvjRjhv zsnO3pC$oC*XB2C#e(oA#HZ=}3Qnu8noZX|m4})Q>){s*xS;?&q(BFmvk(JH?-}$ys z%6B1>_qcj@^8<%|=+BEIcNz7&ZV4ZD?bM8~X^&4Bj)3g^B_{3UABOyoomT@p=fJ`! z2$%ftFM*m?+k*`zy6iuJz~J(t5c>dwQK@UOK{i0=X#R>B1T-wfL&6iO2&f z1Yz`CR>x6jg;gLbK#9U(&|+YpUkbL#Pr&JVtCivlF_Z+m1^|U-me175`%52F2zB=(rUpR-H%b z9W1=3M4r2B)nGn^uZQTQ%i0ezhg@9j;-A>x2wf(roVgHMuJb*i;MlaQ__r&ep3b*v zYcbD-p=5A{6Ub$tStVq}-GaxZWN!JWbG!t1>EO*PUEtyKfhTwSZg*LT)^~coP%7T1 zrQj8)zqVH;+5TYYu=vAR$7{ZzJ#@^&e~n3Zem z5ukjvQ0oL>H}SZjRsBV2P~7eUta!P``>#>ua(5r*f^eiMiJVEJQXMsi;jQfJ6XK0c zrbBj@i3^|x)N`LM{OBTBP&~3$@M$B+W%Z?COMPzIhL_UjBg66RX2u>0C;4kv*~319 zO#gyh!Al`lY5|&u$$577Q%e0@j}fxvexa!ah1IpB43iQmwTBbZGhsbJR?wescBbUA zfMJCA(&cFmTF%1!FrMl=?7Yg&rjXgcNKT{vf6Sg2YTh_X88{A z#=f1Q4e5I)UmYLL`N!V0TPjwzqjJoaEj>a-u|>=pAm1U>R)pTzjC_E4_8^n*Zoc3r z*_2{qLu$P^>cT=S?XO%1sn7u9EFMlzCXG(yWD}QDaOt|5RwL__1RXlaixd#cSS4;M zi887F@#?lBk23Sa5A95rBx_g%mis$kpY++i@v)RPTI7CPs4b&^#wxsd_U#D_z#w!< z?4Pp@X~%}28@)`K%{3JQip5=Q3M)JCD;D*4viLRZhp7gg=Ijz%UfAK4riJm7Q^UWq zMsZ9l7r~vVQA$d82Vyq%O&Yz5e--#wW5B1AG`CVRC}O0yTkl3w25 zzM19&K2NheK!n%2g0h|G$uAhiX09z{;Ewx7vi@-Y9VOtu;RrF|D=MG~G(2z?h4U`; zH~~2lKk#G=OG8%;?am{xm&=Cp!`6F|zW6A3RC2~m@b(J)e1dTvh(`ddNMHjuxPbZz zaAvMsMa@g&^gHe&-eqro)$WaB7m`m;odxfgOzc?dxBzT;&n2ld4mZ~CsI`0A=`t=# zr8PxJK(8k*)~m4~?M*3BI-Qf>Vz0`y4dm01!2NYni&|D&SBWpnyaHL-^WJ=sJ@5ij zmqh#y&gn;%EH3Hj*9PWDL7dVOvBObJ6>+i*k%ng;r7S$BQnHv$K$3C<`$R+YSC=04O8G~O7>oV{D z?6?=zP0KCw;CKIPI#O%(IrFD0W(-dF31^*?16i43kFswPFVGs51vR~Z7w#CNcZ*o_ z#0$}51e=wIY_`i{XsJI%Vf9{&&e`ND@(TrB_bC?l6*6qpL=Mss%pq{kBp7U9t|cle z#s(-Db4`7PWoBmDg@a{x-d=OSIn=cGR-D^><;D{CYU|?SLf*qza6X`}8?@)>f2ux$ zQ#wljQq1u@XsPiv3WB~ld|7DX7b-}2SpR$hARaMV+U+CNA71$gOq}c#%1^~T#UpZw zGvi6yW$~mBw8RB`B_RJO%)xWnVTaGFGmng+qqLxYDe&{&06RWA<=0KEpmDYN18fZO zb8Teq7LTWEcCJmVSv^bNud)l7P5gR;bEv+b{ZW)#hNIzHSw0mEvv~XKS?D_a1fRy# znNr^Tc`kcEz9OcWjivZ1d2->vkpajz27`SK2G;nxLf-y8X~XOs8&gHh{?^l#?Lm3t z=edz{O;s{th=Q(7wfkg}XTS~R_8*iT8bIL=z3~0{BLHs~4PmGKiNRi_kY~?dwIzvC zI^i%`O~(y>xjhLrCq~!b;Kc@qj8S&$aFO}*r1+efXl?P$C2;5=g2OpB*%44SJ4egx zhG3_HvL}`kMyVcJYU1>Eo%&zo0RRl1ZXe&_nf%9@k_`)i&$REIM1Z9JiH+UYQ2nmE z<@`aZeuFu|mvKy_utqS3u}dU~McY)W#^)C=2?r4#pV>_-O!QHc#?a}jMYP2A+W%40 zeSQ})S$(6QkYpf{^u*CA7y6r;hF^Kp33_%_C@r9$C?M*FCCP!)Dyav#(BRlxsdSvu z7qJ|sbnp*let^G*Fq{{VP{fEl3z~U#!+l!+et)jHK*;wrI49G28PmKGwcZYQ<*&ZC zcTSNUJGSLJR345D0uOC$+HSp!;59sf*Z4lx@1LKWXiFS#$cD8Fe$F|T_DRH8xX}{v zZ1Lb44{K_vVRfyk7Yv7k){^aqa5PAGrX^&h=U zVe`v}HQ$EuWPab7PtvD2PTso-XSX$6{||qIV+^j8QX4}=qd$P%SGs%;%?n1z^r0IR zd|t~!I~OF24w|6t#BO+8M>HK5?8~#I+J3I{r1Rt_D)!>v?a`AnoR~fym^x_o)RP;@ zi9#;t5MX)78;X2vAZ2NwW$*IKyHjEXc7B?G^`EaD8-K^lC|g>{`v|}|gYh*QNm4=S z$ul|U)e|J&?5$^83iW=juZMHYpUUK;&*N~OaraKU5)$KZE2))EA&n0<@6FcTJJ$u~ zxpW)ul3C-_f7lePgG{ArGDZ9H|Gpo-8X!UF8YvV0ZHk|QZq|}HRGq_e%%GXqQ}FzPU0Uoeu!(D$(Fo&bMpx$qlQumYr&>EwlrgobvkA$Mu0^@M}i!61=S+7p`P*#)*mB!_!D*vy% z$&y}qonQI(pNdsmHXR!RgsUaN&rqkk^ta8*WE$G5gEsAlFSnK*L5?HaaI^r*etxAJ z|NhQ^9t2<~X_baQUPQ)_^&b~oF6!C033??msxWmMwa!dh@k**+rZgY`K!HNH4u5_t z3ZP-ZWdov4mr>if%%8?XZgD@Yb?!KVm$fTh%rHB=F)kh$`LpX{T_0dE)lanFzTS13K;B=63XCr{#+6!;qS zC|HY3JrxrK`w+ z{OQwI4b{=F3<^yW`Z&QpHL!rbAMBI$T2+@wh(SQ-*-3l;Jb!O^Y6yUtdU@5ESXlCy zhb+&1ZHkiuP~!={`=D>H4s!}|Kn+ZLq!fih{0&Iw$LBX zYf1^0-@D1@H6~Zat+*EGVB?r+fjXW*TH&i(xouSJw&?Zslp>}^kKlgx02%A*!HBa| zMYKXE#A-XM4oG57E$@k(`toYL9%btsJ{Q`O8_hja+%Sym?Tyi^2jDdNGgJ#&qS@yw z#A<6xUcNjN8XjKf&x})To`yaZ{zY&jubLycIfhh^`nu%+(JsVr7MSXu@>Kn+m>0hg z%NFOViI)IYire3;lG9{*5uc8Onumq*-m7F{G?YIij_oL?SrDmO4&5I>!#0S~sUYS2 zoZT`X(t5i$NZjx<3-+5)M@Q@6sV{^q-HxF*mnOzGQXmcw znJ8C@h_q?@U_qhCnM}*q$2RAEJ_n=*H(U>2{do~>JHFE1FK}_`X&JpkXC^?dCV4@a z4i?1L4qXu7DUINzUYd2~(V>B9FaYd1_a8>bA2$fNld~WX;B*x){FDDRdA@`{s7a?v zf4^jG<<%04G}j<&`zv0EW^o$SeG;JVyE!weq1(!P#nyuNFl}z800ps$bzDvl_BX2k zyDV+0&}{m373+~1Z&ZuOL@gojc14x7B2`94yUl~0m3?}N2yB)Z*g4Ls_t-LRYs>dI zyVSMP(#dV~#xuSl$AxMS|GBnv==bGdFO{vG-C%&mty_^Qk*9(`mxA%CLbHmS3Csyn z!CxMH`5NHl{>kdYhxO{2z0uWU$ByyWBFbxh=8N1WYCmnQSH%=FUhGd0vG;7pNC39Ejy9+*j#Ujc6CD-3^YL*6PBLhxe0CyBoppU-MEA{`H`D{4 z+Q=l8Kv1zi?;jlfn@e{(j%F_1I;hsK@jO4F?kF*CCKJQz19n@GVu;uBDaX|ss%yaX-YE#r6-PVbt9Hw`0JE{MA*7*72Zgtx_ ziOO02z`X#R-v@yu-48#Gi+9nTkk-c>leJmh%A%6-ntQg5{t7mTK7aP?EceXjcnyL@ z#D7hh=(|ey_ER3UwHfZ1e&a9OOcveWoQuGsF20pW^~{?pcpBi@|BddU+%S*eVbw9!1dBe#S#t(-{T*v2&CB)u zvLCUG#{+%_CcfKJ+jTDNTEJb2)ZK~Ywe_KhlVEE!_izAQBl^*!2(M{&pP5eS<&`^* z>qV~cv~79(kJ`zAgCJ#9)qJ8cE&o;N7H3w~4%*obz6D!`jk5 zi#njgyHvC5rk)yXn#}bR?Pp_i`wsB~PPx0+K+o&u_3M|EhN6&Lqd&Bl#0q-JW3;^p# z4ih^sYf?h+LUY5V{7CFp(CTEs@_b&(rj?(2a>7PlF^ zpNMs8e<29=1PZHDC0g#!89sVAyQI~S6p4h$64LxLveO}@-r1G<03>4_R*GBa=^qd9 z4!;T2do3hRZr2?n>s=K?KF~T%O0sZY;M39q9ZtZ30Ub``10@NIECa#0Cco!AtgjqE zQR=?tB`f{n+esl>2>ligiF?GT?tGUt{YTl!!DVuNHf+uphE4I=y%q8@hT+=CfBa9Ig+?pC~2WAI>lP=LsIJ=8GiG^@Y!@Mko~z}jrzd|)cLXN$*H0TvL| z{3|__;wpUmj-jt&KD6ZLPRprt*Ho1qKfNc9dw;e&X&zuJ^~z}*)3p$MWu8uL2$7a< zn&Sv8kpBh*LLkx-r*{GeAWAvpS{H*`^^XJ;;kVPSYd;v(0;}Cw=c(92*h`0VC7A}awb&fwqD5KK||`-DJnPfJ{C>Y==zFbkHhtlYE%f z!OipT#YMm8OL%xJ+DUGYghbV{=xJ1w-UxnMJe3vgp8fV|h}EiZz%dTFKqFQOS7ErP zBpe@joKwz>J>%uvEqyJmG$u>`8$MXCxLU9vYZ|bM7qzF^h-n?JTaC<#jV8n*dLEBj ze~+UOT^`5?Z;3h;+%`)tIz0*?T{x}L^F~X6Eu%B3ZY;d~aX-Lc$+#bhYzIY&53?Zs z|LzMTImrQTt(vHw|3?rEFjad&2cQvQQ|0vFGlYzx7+*CUG;~}aFgy2OAx0q}0RRwHBy7j!?gAyh^b|l6 zp&Yy;R!g-1MQRTH`C(KvVjUS$j|Z-AIVecdCwjEpQAVMpx_X#u9xRuv_TN~@l?&Q2 z(|bu*U51#x$S&inko+=3Op@oj;#S3FAh>X?&S%*G2zFss)+(Hb5)l0l!dVYOX1Y(? z-no-gU$5BKcEjslK%~N|KvA`#{7w%|1sofknVFpnE_$uY@FkJ6dpfOE_gm*#tH8<2 z?#^RpezbD-^|Qk39X{^U$m9T>z1ifdgKQioAMfUu>jz}j3KPoQ3>6jcS@{15r9?1; zeLxdvF=sLBx4yD#Q}>xT%6Pi>-an)lz86E)gx2zScUn^Nqo*(jw%#uS20JPW_MBBX z4a_~|tvrTK1^cwi+?teb+z484mETK$)BY2zyTk>9rIZ$@Hs|t-9XFD$?0|K!{pm`i zhL(dJG0i*xy4!4s$nXa9Q}|MrCxrHnFgu`-2vK&ZO{5p>w_+IK4KGvuuSwwHCoDJ8 zB(MzU`7Z%r^{FBgZq?qRYc(O!p!gD)~ z<3:M+eH-;MiKJw?nS-8XQtfFBlsx{Kc@GQ2HMZr#z(65hZi6v|#f6u<&YZ}=Zl zO`5xiA=3p5drKLh(Hhxlhm1O5Ki`*6zvkU@lJN@M`ytb?Hqo|K~-i{E*QUul(ZBWu=R7QG&_)5nQvP62LI2_e7NP4(Ulu%dphuC9N4 zM>C(5n1!AOi`X(+BgN;9O3w_K)fE(UP>CMA;|vaI<8UDt4cVD)x^#4Gx&seWaqZJX`@xVK)T&kv{#p45(`S^h@%6QJ0`^<#2HoRe7GxWiOk7NQdj~?~TA8gfu zh3a!&rDENI_;aZp(Tzpn#bUtyh!%HXGeHtC7w8zAaRf#8kb?6d<)%1Z z$98vGLTd69EiFqrqs^qA)x2+F%b4^GP>H{(t}bSo9}yEX6tLV>JX; znUUu}UAp-|%K6U}mrV5hZ)i1|c`!TwBIkRW4<2n>MMydh>j&3Qsm9ER*RDUxBAwVO zqE05HuUoYM$!KhRw`R`+%`iYUGhkvT*velHii90~C|1?Wp(Aj3^{|A@0U*xPH`~{j zUKW0m)?eR@QDe7Ge}lf9-t=;`d~KMQ^|aKc{7M>-`*k?xiS-^66>-=d3#a1`ZcWDa zlvpdRf1}roM~y&rnMl*#bB>S&ZS@2lhA=l`Um6xkEj~UzyXK9zp_cPLO$QAYe%tUl zQ(3rrnqN3IyXW`!57Ac;Va#T3kq6j=$wAYDy=;!^gJAVU?|kNajkiBgeE9GoS1m5D z8x9ONr`kwj!ZUWMK7)U_m2AwS)+NCrV4YzdY-hI6G=*WB0*1_;m?w3Fn)a&vr-!TH zO_7&3Cwz+SI^(UQ9UUft*v))glfOaJ!32UuF0lH_B+!KHK7F%m@5^-U?ovR9`|5Pc zZsB%3Hwp)~8EQ8L@2`EMm)B{HW?z4^Fyj9;N;N1Z>OeJ*X<-R?)gMPN{`QMLckxp%;bAJJRTj$fYM!(3! z1r`Zr(P-`c+kl=%a9s0br%rbz?1CZ=&JkCTVh%{{olDw|y2PC+`4nPUpI3m{u;d(` z6Lc*i>((11;tN6$Q1pUyrSBNH2@=En8ZLt)V)EVFy&}i?!&+(Hm9zM|tD)f*RjQ>g@11uT;6Y)m|1%)Q9 z=lk6tsFAV8rHqmcdS!zK{8GQ2AmQ))uP-a40L|RDj+>=}@(Mz70evY+Yeoa;I#6wZ zX8-3q55{qYn{H1Dw|xE+_#H$Rt?;zs)HiY|j1EV3?aIu9`J7_Pft&^B{pW9j8)VlO28U z9;^Ys!@Bb`zgW+}AnX16YZHFc>?~JqzYl#n88|P9Nj-Qd=X)S45?GJh>Y>-nt1q}E z)Ufu2r@iTOOKz>>oLx!@n1;~U*Gx~<2V;3f&Ll=#40|D z+kLE|Q^fbB$`&5%f~eC76cZ%|{g)?vPO_PK2{JG-&DYMuAJZA&V>u71CxgK!pAT5+ zI@kmyU4Pp8Z>?BQcx}p}rPftM%)oG+CI!ejZv+h$H@NS+ zxlVe0G;=tdC7Rz+HYOtEijJ_eiMoB0^jR_kl$G|Rfc>!JJ2M$ECjqDlSX&}f z34v3i z+4-Pin||YD#6mPgS>NCuaX03BBBj?~R72*mq;yYLlf9DsN_BXCggaVUTVjA&^;&le6_qfK;BVR@fxCJ6 zjobLDU2zzuHJUXW$O3)?RiLl&a=I+&vUHY(SPL)X-7CK(2pwd$VdtN$+y2Zo9g)X z0XfcBq+8~U4#4x4J1ki%TR{5%cmXe?H=SRM=(Yuzx_&9tp^@_+)w`x-vC#vP+dA- zasH5=2AG>4TC|`ByH!SWcD`_h4IGdN`%8nKcULq-*$YzwoVd!At6n2+7S(Ngi zbAWGdxH7W>on`{)#RM=V?z<=rrKCW2eO44=Rw&1FD1>c}U-Yv^D9=H2`V~oN?sA0( z1rJAC=1G`>rRA&SqMMll4=iX)!VdX-0s8UVC35CoSFCY^!;*RBrc;Zdrq2TwBK_p7 zao!?#&;0M4p3D6S2z ziWv4E-wt~(&g3AiFWi4=f@PG{w|aoKpP6Y>EbD27Gw0f+V;>mrcyD?hGIf#51Rw8; z!nMf){yJF~DSF84v`YMTSICb@(A!w+s+!buaVc1;-Q{4mo-8fB%w&H3v*25y2M8gf zl^TnnMKP}>w!%`I7Jj+LY>U9z;<>@XeEhOzh;UZ}Eo80^z0VCT;^9CM!hd7La{d6n zrh1%N_}fz^mmrWv5APKAxs~yCkCT0;20*b7UX>%Lg9;(>wrXCw5{@lW^k1wn9FQ(`ifLkZXawc#1Y)_tf1yVeBJ}R#X+k_r(zX|U z#&hGBCRjo0%Wh$5i9J}x9uSad41Ox80uB$zdDXMaWEq${eelzs=iIs7PEJM7+rQd{ z>iqSfx?BNF4Cyr0*iQRPgpgiMn@RHOV@z3bX*2uT@3%mkAb7d$d%IR+j_u;1|R002Q*!xTdZArYs_wCgk-)-u}PFZUMIp_smyN{jIib${iz&Gdv81DH!AyDagx1GMVHqDvlw{=zWmFPQk>>oHqh6>8K9 z>`DQce~#|Ed3b%g4>m|s=wPw<=FOYEq?{dt&LIbN!9P}0odFUtSLm}ePP6_~px9w4 zX~b!)vhYe4h%iu00{udkpUgI$?k@H5y*}U zEt@9iL8gEeQ8C)@$xvPY)E=Vi>FJrgZ(Qk81DdcINaT^#U7+OHlV9AB6|mf(T4vX| zHoT5`O9oa4fa&*IUPkzM#&K{`?{++)Iodr+q#N`wA}CKSXP;WmKh?UPv6JINm5yV? z>U@GLOl5o@tC+U}@h|e>(SAXGm=JNG0YqR3WNc|=MF3zYrmu$s3YCr!QKBK}WDL?4 ztdeW%8D)QvU~2d7e7`lI6R`8%fu@%K!yE|zOw$JcBP-8sLe=ok7ceUarY|*T2aM^% z-v_8U_M?z}zco(_ zPx7(jY&k0{j3!lX4LD3{af)ofTqcv{C8dV;_I9tXhRxjSYNHtWjhvm$Wg+ed0d2jR zEMj+`efi?=Z~%asPM_u8a>pvC(ZVY9YU2-_>1e4JBBEN{xPzVyS(a5+)(@4E+h4VG0DZQ};N1|f&dZ9uHnl!O zh_3z0$(l&#sX1p}=Wl<}vB+ERDckJuY}S>i*crS?@tUpK2S0R z7kbSP&3|CB)Y8E=?yS6vS*wb(90Xlsx)XZb3NCyzf?|f(>vH z61?96VuU8kRau1*n3k}Or91&0zz%3I&*BDolkMTSr1?5Le_mz7Aa(e>rCZ$Op4rq_ z2I=zEW)EHKod@{2$x?g>{mvEo#a$#aqj-M%2+Fb&G&e2Xq}3rrAIMpQNl;=lhz6M- znt&aH$kLVU=^X#tOjq=Ql?Hj)&r<#w|Fj7#mph2c5q3c5t!*p!x@ra1@&wi9@pn`p zb_Z*NPNd_^I0%^-9%6wVEQlrhH-UL99g+S$Fb`x`x@jqY>xp2ZU&v=YXqp5H;*?P2 z`ve*|E?s03&I{LS zQ$ju~7n;@RfEhB}@Ph}wLCZf{L09<>e&@NN<-k3X)WkQ_0J$HK^}!apI*xgQu$c&4 z$`!f&1rewix3jACxTdT;3$p#e_{%mOmUX~&8rifx&Gg?*_9?gT;y|c#e+=yZ_@wp# zs28$Nyq_y5@5PH1CQx{SO8<0Y#mvppH%jRy^_&jFaLA!7aIIa5&#yo;5-&-`H7^5E{a z7Y0UVb`x@8_2MsFJ`L`4+_zg*0%^h4vlKk}Rl=;LGKt*bIDQ^p@Y3t5ofA%OJ;|?J zOo?%scITZ#2AY2Nrd+N>T_!WS3AwQg0~bD6fCgex1XMn+XhQf1VI7SR`Qa!ZX~*}l zb6$O5Hha86be?O94kAar?R@!9ZvF4?rm}(c?#{OKi9-+aZ*OL0OLW+XjIsgCcg(Md zPJUX{l7<~8EPn#nYsY0U8s58TcwF%pue=HB3&AVVDuP^EdOBcUo2wXLQj>g21C?F~ zNQ30|kb*ojo+%0}wJ7iI_`+4-TX z>6b@UY+6-cZw5FtqMKQug0e8=BsuNQ2OZbu=p{FP*KxB^$zy~`Qve<>4=7B7kf8i) zO;MiKseX#mE;$MW&gx{<<4tK_Xk=j+N+=GA1C!mc;WP$gNzf(0GYy#`zL9UG>1irlnqU81}v6^CbYYtH?VmBvhz4XBtt^fL*?Gx(rAkTJ! zfa+!EbnoUHH;X&bk`Gwbb~hQWZi15)LkSHo^;ZJsg>%@sJWJ4NG#FEwt1zGH(@z*J zmFSZBoaJ%j(Q?#Oo^*f^^2p;+4nE-5P1)vx6rWATys;m(Pm``vD&`SM#3Jr#Dz`^ve%M#DRuZZCNhNsWrmUbT=l%!Y(1O z6E0FBB;Xl@&lk1bfAaru_93PrC`&IMv-`FC>+e)xh}`94$G{i$fDV#lyw{w2yNQPc zTRO;mjjX0oUw3?!LH?IrDTvWpZEnume_R`GYUOw6pcfdcXZ%+3u2Q&s39neNNTLVi z(r5_d0&|uQ%TIK1n@s`g6jw9MxDT(2Z!VbDCixfFi6Ifp?)QrmTX!ce zx=sWQ7i@!pq}=}_?7QQs{@ec}%1BmHC?X_8+1V8;*?W^RGqU$6rDRl;y^=l4-bY1c zXKzZ5y|VZ3dY_~2&!_KwKYsss;2h^1uh+G&=k>f`((iRf{B3fW#W&5&FR0vfe4K8) zbw1H@D1B(hXYK(F)wR0@idkEEo~Em95>tvEuM|Be2*pwmnQLO-Bo zo(_?R=b2U!Ztmw$r5bY9zKVJUd^mS4fw?W`tcf)jWg4x?kg~I!{Nj5ewtq8-{3qO6 zkVCwey}=~Wzr7bNGM94jN0MVF_m!p{lck-!Z-a*wCX%T79d|1_-pR=hdUZ;`xY}kS z9w$b(){}fTL`po$o1cwKdJlNJtzG~E9Vj9Q`2#3_zQXPK3 zT5qI>IZ*+EnXk?2nr3PB4Go8022E9prQ6R{f`m|BtbU@2rs-6}eUp zY$^PY8yLCl3zTEp1@}Wr4<>`hGO$$CQF+m6_0i+Jk;LxAJfTS=m$jK{tRJNaWd zcyu`pMM%BO{GygbCM+z_G6_n)ZNG?kIz$j^kD1xfLm3cc1jPZ_C|0Fx;}MSlNtR8n zCW7Z**dOu|(P{XVEu@{lu9O$t?KWEKxbcyKms_ka&Rp;? z5dL^nIiP#~OjgiVWOXC1N*TL$kjoI9yb8EoPVDJCsb(y7I zfWeAF{{J|BpH#$YEFaC=$5{M+nvV*Q2u7{V_X0GltATCl5+Ux;IYU2b8l#+7ug06` zFURwlCtP{BfqE%0N5zNf@Ch0)jJMus%3cvM^E>AcRB#?lcqm0Adlx*O%xhk+PD~izoq`oa3C@ z5k_cG0O(fS*Aw7t6|vmA-vr2ql4dJMn2J>Yk)V!@>nB)8xCX+A@O@ipc^OnWV&?6c zNau$*GyYvG|6|P!s6g&DoL^V{`3>es#E$_v7pcHth|ZAvdKmgbe@;OC&B73{Ifu`2 zob3sbGQ-Tvq2iIL@zlW-4I651>-WYUC+xawAapJs1N0u_zFyViO9RoLs&FY++Z#2Cnt@CZz4V+R&2B|HjpfPTO%JqAGc$H~{-K3ZF4c+Hxs zR-ZU&fKVMu#Bwk3b2@hOu~iLRsKlZt|7CJ8Qm&7TA9h=lJo@ViJxqq%3~`GGUF&KN zPa*gXcETB9J8k>$|yqZYs~XvYlI%6~4JP(}B?90Y?>}YFd^~Df%+u@*(Us z>QRYkK1np+nQ^`l;rEBe8Ap!#l7?G#f2YKs)4cg@R%bHh-3@E4XHsOgk0s=QH_63S zF0XWP8ikVJX&eB6zZC77nX!6K-Ev6hlb>_V=Uxec3u?f(82%E>ZO=8#QEwjry;FIk zI~4nB{2%v;{SL(j{z~}K3oO^seUrG)NTV*HI<)c%|??tUn|VsPa0{zx-10-b?*dt&|< z6v(@gB1J+Rhi4q6m#pFgxkj%~eN*ZV2F+sBk%@%s_hD0{yl1+-2N@AfTeKon;fATw zPW=!!H+uk~)s}U>13DDrFhkFIb*X~OW$LLwXF5fcF7DA0xa6bWXAAXJ>1jeYr6S_Yr`bPzy#_~trdKu~3<=Pd= zWB=<%MO5R@#+dOK9&?_j#=>*_O%B|ZHwnlH2+8yal>FSn;|kX}>BwoPU(XdaIOit6 z!qeL-+uds^{P?&jd-&+`rN$5+1H3uBSHpyy0=SLtUMm8P1Lx*O^;jJ@+ent~`qi~4 z!T_vKKE7L3E4#SO+v7ij9GpHnjJx@ke`r*pTxt4jQZj`1+ZXrS z$KJZ+=55%e*>pm@<6UK2#1fu|XU@0?xwDf4Yud5>bnVR8;K3uedX4XWW*pGI>iK|J~8{j~P~G-MQ3jpESir^e4C|4U7(krcQ)wD&(6 zg87c)tnE*SNBs1cjn#S0I~YXe(@GyX`73X8+K#zp5ADsA1d_f@Wv-o^CcUM08xopb zClfKuTUZk5mMUeg72DGnpyw1{(c*W_i6)1RXEt`l>xN}6erzB7BGH0%@_xGe$6WR3 z7-Aj$uE8-s&+E7Nw!?bCVq8ff&9(WiY@*56dUL0`DQljcu1S&Y!WA5BdD$MGhR!tt)*JWKo?*6c@@ ztCU~~yxgU0cc{}!luRE-6&Dn-^IhyZ!lw`rGP&osKV0e)gqJgv)$ZP3O4?`EaIW(^ z?(}MG+f#eMcTjBzMF}!~{C=t(sprD+bx|(xAv0Lhvusp|NY+4|MC3&Ms=+Agt8AZ= zL-V~mKfWBv){HRTOPN4wxwbC=e`I&+vSaUz%VL32RJ8Db)L?r?Kc1Mda?V5MxM|O? z%ip5po>cc=z|mQqp0*d&;g|d7Nx{%lp`d%@Xre?*i|yfzK!1~v_JaFYars1-7|F)oU1G?)MF!rQ~L?6)5>;ZjH3Gt;+K&2c^*z51{B5|m)iXezWi*~ z(HNF=zT%uWd`)`W&HYdNQF z_>rH~j#Nl19p#UF3=ZoXZhuJFw4(EuB~O)nKAScInKfDax#QgWpKez?uN5R%bY3eo z44?D#%rOlYONS!Dz?p@v6h^(tqlwGTpS4bYb(^d)-;H~{L6#Sb8q1)mtQ&l+`=wmKO zmjmV5S{tn}{rZ?@b@i>!4Wi=LSJt-)qj)WzGf%%ghdsfVbJ!Dp!;hnMu5fH#ND8 zH^Z7Yws4Z_wVD~)kApK>sLqQ-5r$Wn&*y!IgLCwcT)JJRUwUHX0OFY1DORSEpxtVy zV~)Y-VA>x4`a;J7aob1!FsI*Q3I7!0p5{0e9ncy4r$nrdemNPL&U#$lj~M4Ok?Npz ztGiA}`nzPg8;cN+9!qAa6)G~I!A9i?si>8H61U=U&jnw$n{q$JzNkHrNWR2Kc*GuVu=K>{dE504Dl2vo%Q${(&9b<% z5XGe`noG#MB|$RE6bMun-m?A_@~*$m86k2hYz(p)9I772<%-qVl8MrxC20%E)7|b8 zHIWs=i1nOa`w)ZFxACrzbUd2Yu1x)uo1goo<=ZFnlU}i*U&->4P_vsXm8I{#Y*(x| zkjk~UF5eMG%7qLIRJhZmVUz3QM(8A7n>O1DGTQ{ohP zkCDnvSY32@81UcG{UU2Mhf^#LaIH-wF@7Xpi1%5vV;f~wsasr#xgT}e>B%08Da-zw zt}EjhJPaY=9sht}p$FLDiiOt(yK{(d=9*dhvcismJYToXsvA}EUpFxJR`OVnl7sx= zva3zh=%BF0T3?{ZaH1E^t*nJx!w;1?=Y6wCMJJhymUw+rx1}yyk=H|}{2 zgOLuGjSvcdoR1H~4y(Iur~bQE3(7)C)^wJ2@Got5IfH~wPmW}NVeNoG^>L5th>2Cw zNpxRpM+P2GheyC6me2hKwDs80odg@)fx}zqS~EOc&b*D*lc$9Aj4mvVWW9?L^D;{a zzvG2HIo*8&nN#Iq2GXXBFz7rJ82;Qv+;F}C)Xx6(MXiG?jkm8fd7d3}fWKi#!xetk zZ0_xxCUmAnGTHPU8NrN@mn4klH%9a7uF0LEdT?Ho!q*)+H&Pw=15^fL#tREa0&{e8 zXEmN8cF_>6Nka3yCwEDR5GR#zhP^6H?{l-IgmO%rUQ}wBpJr;|b#a0c?UDAK<1eRF2vwaCUk$j(=+h4`e1?`cE-kVk;iYCGF z+>BS*3HjFgf_+yhOVqmGIv3HYd8%YW)Y+)Gv>b-F#doC^>+qMaCY0se@ct>*Ln(ofk=NYeLsx68x=^P|H{AiPpZWlc+jG4@_!O2#rFC3f!ObTzPewn6i3e6DUBE z|Iya&x%ipf^hiwAkbwYKI3%unmy){a6UyU=~5F9hVogMMZG_q+FK%fQwFt%yCRppDNa8xz{5+vlV=I@qlq**{U{<>(fL%^YAX6-!XoBNX~U{#A8h&NU*(~|FqYYrmcHl2v^AkZGXLV zIu^@A94B-}7IfjA!lLSwCL*Fj#~;^$#xLS-?~bo?rbvntoY?bPQ}7M3|Qi~DVGec|^Oa4COCf0sYw23+IzJW=vIS4&%e@+Z10FYoM zFS}D=;cgU=`B&G76&-)ia_p*Ev_LcFjLXty@+w}0AY!)J?nhK!X)3Z66%!AeA2Her{u{^hAQ$n0r@$|~Cpw^3tMu#~9 zjW>EXHu8$4gUOP9}LVm=vok>JdTrY}gWrF$Z{>8YMGZZ6G&pI2`hcTpoJ zv?BcW3UWdXm=ih(ex<ABk32QqQLJ_0crCOx7f@ zYvw5=ah{Z#+-X3hbofk0Y7n?Tbt#tQQ^EKi5B`a`e;5y1uh_k3EsNi zG(^Z-Snze7+t5)j^bN3eF}v2+Lk2A@DvhbW^yv9)B@Du9fLNA1@O`tKtA0@}O{a2d z+ogrFr8cpyoM8gD>X0|Q<1(kQBzzJS1?1*Bw`u7#K0USXF0hUtuWkEyNoD!RK|kQq z3N?q;Fdg)B%K75H(|itGyt;zQdKWwwjvnAt)KpL8^lynE2$dmeGhSjXq4k@)%7~;R z&yO{|K_r+SZ+)kQ^vSL7g1%ivM|WD*M2*l7+b9Yd#bwNIKym?`SziiqGuOfw8q`~#Mb69-1fyleE#3H(}xx@xgRgI|C?>pMSUoW(LB?o3C8 zg4dCva0z?M@}U8TYsD7P$4-(%lKIoz#U!8-K|W*dWD|5VFWxrhv4juaDqS_hXoDcQ z)b^K?Ne2rk+OeNu_rTx ziNpcCRVssyoH=L)j6R;K>Gg{`>=Vhx$!PmF>q>O_)h7FVocSyi{iGOd=j zlg7N3w_o42NFu|-JtGm}%AgtvFY{lejUW~@H8J1x?q3fR6UPWT%T3SuMUkFLFrACP z_uYbx1ZNmeyRUBrUB@_>Wu1+0p7jl$ z3gEH7^7?fX-DuR1`Tm+AZ{l^DZSpS?OF65D3JrE{of07GaNP>KOv~QUscuT)C&kPr zA}0Gio$}ZVG1(VakF#@Jsu>n(#DKMJNs*+E7ne=ZF7c-2sslt!tkcQzsm5%t?<5NpH`R77@oUsIyBgNo;S7}EMaLGJcDSut73yg+J36|ho<5$F_JW;C6fO0Lb!i-TzV!sM@L?GUE0=cr z@25E9re4tPo)Tq7k3fvJ{Oex$7N;9V``j_&n6EhET25nBT@U<9OOCM2;O=p=d)DoHYcE(E2VA_0 z7{xWd5?`uAM4i~!IT59oeK^se%^*jJ~$YlK;vJ1ut_JtJF%z_O_Tf4yA$UJQc+e-?nE01r}>J?9RXpT z_N$!4jyU`?UfGvI!~38~oK=!xe?5cD4Qs!0A!g`+sI~ko*Rm9VTX85RCT7}bX^9+n zoF0}w0M)mc@HvoOSAcyzP1zCRwHjuK@Cnu=EoUh@p+aW(mD$tj6QxC*fJxqI=3}4b z`W139&-Nk%IsIaQl~dgX(y0=?AO1OSpA_iUHm^s12>rZyR}9MlRD$4rbDkIyhUt}^ zVXCMVJVbiEgFS@oHaUlT7vjFQ&$I%Jz-HM{^m2%zy?4nae?I)+aD(>Eon({y#_tbJ zMAn98Yn@XQl14$666~8m4h7yaQ?5H_>b(y zutKJ_^oKY6&+l;=kWcM?Jt~f=L*zjHEpsXyrmU$oS|T;IS!lbUcfZnHO)FI^^2er< zxKK~zMxkznNYLXSjV;TXeKdyF3Y8{l8(m^uzJKU3w(2{gkE9{n0|uuI&q{AtnaAx)zjR@?(xOuV?P z&3f%+o{$kJU2R+Dh(AT#Bwcbx4RV)Kzo-0QUyX1d-KFZYTMx9ux;cMG8DS{WD)zU& z@irJEtVkkHxJ^_ig^6{jT+*$0yrBV?YgB_q=D3qND47AqeuS%9D1C#i_c52=X&S;+Rr975do)zbMlbmWj^KCWp%L zx-hZmg5-$e*Sl8pu&jsoyh=z5t4G^mdHKQ;XeR^*(Zytphs(cnsSPvLKwMUDq0JOT zht9sBujrMJffP?w-JlT&RJ6~WqjJPVqw59`jqb@slKbuw9ShU{ z)`hFE-x-K+A5IqpwkPCOy9uCJ@zXNFb##@w^M3hTjrk|bS|;2Z@$@A9`iiDP#rF#Tw6Xys7rAC@}nkL3;df{;Cpb6ir zv$<}E6ofAQb)J8ITtk}Saj;h7^Yj2!{;s{DZ+F(dCJv`yGh~wEn_ub2oIFT znl9&8uu_j%Y%e%uzP_o4HNfk7BS9oGs;4w|*d)Y$2h(vPJVoudti+&0dwyM%#) zCOCt;a2L3J%@D7i-Fot2i%24Rl5KIbYcwA>pA3>6P&)_;7Sh@K)F)io?lylp0u9P= zB$Q`R=GZ+D%&AN-i!%x?axjCrUh0!stqO#+niI>2wx6@ zs&=c-wc-N#_zTn}YW;7AvsU~fLqG?pi0!GUDJSiy`eaZ-xOK83LE)}6hhevCug2w4 zWdDZlseSkMuM{1A=TnYk2;E-o$j+L7JP0KsdA*XHPN>8{Bs+x<0K&5kyy{dF8{a?d zw-Pgwm8r3RoJ|khuL?OrT1CGCOjP-+ z1vEusCQ>*(y5fQ@I}BjlU9ciiOgS{ai|GYq zPejn=+HkRUh=gs`^uZ^WFu*6;ue=Ye-|}7T#XX7_b6yc5(v9AWqZ?nL-B7vR%8O|B z88V2)^a*a7AoQ&$R-Dn6=XLSSOVXrmNlPs2ywt2rhSa{muCX~=_R*xY_hEZuwRo*G zrHOU;PLe#H8zr~?ka@+YcEQt8qViA&ot!;Z72=Z(753tlRi*#cH*4hrIoZOpOaIF{ zUx&6CRf*h4lblpWiIQc}&ZiG_V}URcWz~%}rPg3>C(whb&Y6UCqV{UEq;6NR;qjn& zuLVLoh`G1dNa&DO4XXtniL3NKQmD8@@a(4Yk6*C{C;Ibd@g2Lu-1uO*#rZAsTKPR2 z{SZ?INBdS^<7=cDrpk58!(aD`yeG`0ptQRZl|N%=FaAo!XoF1+QX?9 zn$kq_1cLe_b+dhl*ark;q4e3L8A-5EY9NR87#Tv3>QT?4u= z;am}E12eZ8x^MYnC4OBN%y0EsD3lN5?|1ak*WlWh2iio2S??agzAGII1ieb$xJ~7K zQ)<<#VmI{k&83fOy(w|sv+M3@uFJIOS&z^d_ZB9fH3en8hD9$_7c&UKHe zla<)c77Y!$HF7X>!XZPS@{v^{^6Dr{-w*GJtb{!3=){qv0U3uAKGdf$(l{0k%a>$i zQlS<*MH|wbXF#cXPYCgIS~+KkkjiY;6~pmw_I;3xumm@@20RkdJTv0rn=y50$GVcW z(POz4$0Wkl;f~+vR*EDTlZD;Y(aX+-efQSB3yt!=g3`ggO3N+iC>81`AS=xNC7Js_ z`hbKm{&9Kx$BmMK$iBNU0}4c%CIR~JiDi`Ji_1_t(a#(J@S%l<2+XW4O;VjJ@;9n4 z8r2UEMuHg@i6p==zzb-|orG=+`WRwg9^F;(hzz#J`cc~$q+_{5$ZJzxAm8M_H)Pom z!RDPhagl3?uWD?)rPB?a-QvwD;+1yn)!Sy87SBC>nVGD;#I*08N3N`uDPwE~c3-Qz z)rvfqetEVtT)YaU@k%U}eU|>E6)XgYOmM$jV(d@S(Y_}4;V^VxV=C=rGo9mAb!1X6 zDN`;3=IC;f1`TnrPj1V~0~O{>*X)vC^e^X&(=)`cFgLA<6rPiIVLXd^_m&m4*dh&s*EgGE zFT9+;XpH7`Q=JySMn0K;?8QY{=>%8PQ8m7M+f#YJ(q>Yrgmn{wpu796&vs20mH@$cS z$DK$OU@x?^ArZA9O*CoXpaKF3icNV`p+;^%=3>)-KQ=du-+Kq7p3iZ{Fzo-^V#cdL zFy8Dezqe}sQH<7diAiRrj*4s2tqSVW@AchmwdYwc;^NQ}pTMDze(rZ)1oGLG!0!)> z`G@4Oy9OqbpgbY=;3A#x0iqZYgXBVYg-G@zatd7yq>Ik)4%qQvx-$UX@gNbK0?KG? zeD}#R`E9C54N2vx>{PGx*Dt;I>W#?FO9QI+vWHTBY+;0<5?K?+e47u0S6elKeu|w( zVAa}B-ON|lVYUH|%izp!M;v@Y)WN69Y3~m7*RxQM>iaJ}(9-Gad-eKQYWM3FWx%c) zZzaD&5kj`jW&7$P57_V#abHhp4o>&Dl3WjH&zD_lq>jALFrw-kK8X zigp4%1prpzO>QWKr)Qm8fV{NKrD+Lgz<)fjz2n{0EKL?Hj++5sL~{>ujP5GqZ89s` zeJ|^pS@cUidiwcWjnk1sxvm)Md$3@vgb?6$#7it~IzH>{)Sjj?zP8Cx%eCp4YYaxc zGjH*tV_~P~SPx`|%wkoQ-5Vz`263Si6wv;WrqW1#kalHZ`WFsPHZkd8Xo&~(Uz3Al zMu}p92Zy26k@WaTYrZT2-?-iV98_`!jc3J@UzAS&tCuG-;h5F02_~YO2NzKeXej=o zRBN-~&wcjxL&tz7!gwu_8<3rE+Sr*~0mgWZobIXYrnqtKQU6rS+7EP(md39>o23|I zX!Z7WEH#pbU^2VZQ&{$x>$5-KZ#6vb-1{a_x<8&6E}v<|?2B`tG-j7@0nBYOvyKX&@Dj zuGzqP#CN4vLAhvrbcdxDnz!cqbGDj@I*d*8xw$VXZ3TuaZ)&RO$3 zLafmiieI_EXhgy{vpYjoS36@VoNKsKZ#B;-O2p{F<0JLUWtK48kaF9Q0KpZ8l1CWP z5x)Dj*^o-eM_R+5cNS!+)yCHt8leD;a^3w>lkVm<8Rpee`xJo zdtn5F2_UKVc)KNIX&2NwBS=Iq+f@95kbEv?FgX;qCpN}R|6T(1S3C%fycQ(Jjr#kV z7$k60xrRHY23b45^(OzWPF{~P&t_a0f+)$mlM+Zxvo1zm6l*x2thB#q7KgfIOH5Fm z$E8#T)ueU6*PU>AyS&Her(k7~2frp(sY;ah9cg#2PF7Brc5X#z++{{4RK;kW(NgBl zrV#|=K#eUd(_hPHabf*%E}Hn6yxNb^{z{q#WLptbF0-?<`!rmx-5nbVSxFZ9KAeFnH?$utC>dPd|AbE;$w#vNE zkj%A`0O$v%;)e&Vg6nU|f?fO782$=8z%^guZtLm6Y$!M}@f6%X13CSGsheFc3VuNu zCgAqm{o=#`71UqLZ%3Q|ucGxtKB$K$%P1aJy#I4=71RrOldsZ}@>L!lW|^b{0On`o zx19Jx!(O`MNc`SRm!w4rq;6x<${0FoiE6wO($!}{p=1P4P?79$)z1o@9nSMzR3Fy5 z$jUIyy}y=4{Wy{#iTk31`VCY+&r;-Set7c|IxEiIJy1vqFj$^$@y<3H9i6(DwO~<& z)Le)6UTa|Ylt2k1X=U0me{*$w_Q==9j$emgNA9`LzRoVwR$ED(C#moFbvJI_vr{s` z)#i%FFcEHd#`KCmiA+atXL3ozxg9Ei2=pAs)R8Lo+u{w4iywJZmRAm^xOrYUNS+ss z!1^{v@^5$Y6`kY1+_t?&G%7AcwtgN7_Y)BttSOg}U3s*Xj}DOd)`Xey7^UTEFcMQEjLu$0?0xanTvaal3q^6#b>VfhVbNI;);g$Disc> zjEG^ut^ZXh?9qoPuHWVi$$$I@<~vP2Bqz}>OucsMR4k1M!;M^#OM_F)D)hKwgeSzG zXzAZ?h%x>e_$^BGeuTo({r!y|P83iuOdWiqo=SYen??{)KCdnNt+%BR7D(b3UV zl$1#@%nC(YwhI^Lme`JDc6F&QZFzg07`C*r(NI-YH3+|hB;^aQaPdEfWG=WY>KPwO zNjBeYJc-VoWk1)^G&NOTCC+5?-UL17IaUF#{(G-f!j#j)p&rGw=H?4L$ChObbPU7W z5WFoc*HT8B=4I6#1t(s=ctcHpwj+l4V=1nHCGFjc6QxCoQWuq8xOvvztNpwXgDMrC zb2kNaWCYnhiyz-)I>oEPr~v}2e3*)U^k-oo!xK!6hqbk0w(T+> z{qB~R^GShu>Hs>sYFDq1MbsTyqlCpv=qIr&;>Y;5FWNj_wQQsx@=$3JUyJGM>o0U$ zvGCk^MBVZ2TcTXFKxSInmm{1Cw{CUVw}@qCWpUUC!GN>X(ED0C)9t9m%Jubiuk03N zZz(cKN}!e7Vyy2`B-VvO^8CcirH_)prg5d| zY9%XX6Uwqw0^rp=%UYJ!sy|G}i z*L*Yru+C67t--=mmT!z?H%XPXoiefB-s@lA6FQ75kK}`2%VmK95)*#@{RPl3FaR0C zl>hg`t(hpjMD%`JVlANVfDW-o!Kh#0^pN0j1e#U)(Q1&i7TXhPrG|*v^V@9>Twf|d zh&QSXGXV0w_)cl_d;8MCa)x~D(+tUf>tv^TE(8xZrl!KL{P?9u^z5eU=OA3ZIk%=Q zp${MK#?hWE$y*rST`k^REw0XP2L6eR}~`@Q=!w~<)tn0 z_1!hc(K?cyUmDeI20IJ>0neVbr^b6_q@YbI7q*v%)@rYVrj4A&1qayoZV#n59Q#5* zi)ZPV*j{0wPSKQwS|_!Mrie{WUC3!qgt4@AW`@N!KSim!UokB>SYAp-dg5~nXMqlJ z2PSyc9{E&isof2m9(YByxWr+lX(ktezkoq|YnF5IsqWb_7AZgf>2h`x_KRY5-}Tz{ z0bt~r(;d$zgn%ajCv#OLb9e3YR+G8^ky~wm07^a!FdrLJbpB(XMJ@Bu{M&UGU6&a| z`9rwvEoY9XF^tgr7V}e0LcU=C{`0s($6KYy-N*L(*bikS71`+9NlYtAxtw`k-+ptEgzW3-z`4@W1yhUig&XmiqzaJ< ze#!F@<8Zxtrv#3=i^{03sszODlIn-dH=w4bEM|MlHITgvZ*PR&!P}vcL`y$GcuMA@ zrtaK$3X2#l9!F5argmT-2MXEuLUj@2<9pjJn>OBiYXL#b1<73QDA-O9Hl^yp6{_&p zLn|aU2b)+GA`&)u=6Blk;68uMoU_d=QmWQ5Fx#cQr+UZF3pUH2Dt-|K{jyqIK=GN+ z4ymO0kUMQqlPWmBJCrS~hXCy6twmFG9OYoINV~H}qmmsin6Tlss?~AGwyJVIyTDk5=JvdPxSot(Y@-3NNMyLndUWIl2czxgFA~Vt-fGDWP1LwK47nhH6G($ep@B@5 z{zkabW8=Zo`X*#*Ij7M`4-&5IasgG$67av36yvVJhi1+ato)^?Py)SI%gJ*+7o2%y zI-%RjyU5`A$U}pih8~K;>!_;x9LP{cs5Al+!jx2WnPF-|tzRzxICTk(iqEqt8QVv{ zNn%_cHKo?BxLvsY{fvD{~iq zzVp2NxxYr*WdjyX0oe0y!|U|4wCg7)CrwH=d~gmnnp;>{sKQEvCY_=P$#EbUQG;bH zyX(!uo6$hiP1oMjljgm-(XtZTZP5Mv%+(6LxcgwLP~k*bgYVTeGBf5j^_8zYkUmPg z>Z-XB9&}Ou#LLL^F;b55R1V1Y9h|7raxB~CyQtH$D^*^Qf8U&3+HkUZREGSo8br%S z_~83~7hX8;VCz5z;HBG}`lR!Xp)1V%B0RqI&Q_&GJ7jhGoF9;g8De<=6K;-8 zJw(p{*jpPq5uXJ0hsYVMQ%K%P^d{48-U)|lXnjPD+nozW=rcnUuVqkxGkF+G$g{@I z8LFi^5)=eIqWtD8YiO`|j=pfOX6Svxsd)U~$?~5nkdFizBo(BL{IZxz;y-TKRwkk1 z$7^**|0vV9EECaC+`liVi-K!itnnQE68|zAKa`NqdHpqZ3QK|%%&_iJ0!*W%SV>}zI zpq?!#V8G2t$Wv^f_two+&+US3CcNi(mX^|o_C^i@e?pYxSc}L`fwGE9)BMhK^-gqK zdpn=q&+D;3w6Bq)`^}(Y`@MAFNUx^%s;@oRU0{xe`l@Nz&$v z+pcRrVVMVeQ!{SybkuVEG;tHPtPB`Y8-0M;HE-RR1-%jTeMzjQoj)GdyPi-0r>b-% zbikRaBy|+sgHnp52_EmexTLXc;CmaP&gHl1ng@An3vF=*}x#&?%o-^C9}n zhW`1n90`nyPbKMNZR?-kezFc>7a+-oYEE(z9oj-4cE-!iSn(nNGc)bk^ z3)>C*AcSbidyyuIz ztd*fcRHB4T@t~JVdZ88MMd@+zOpD_wpfnGW3tk9(@;ZW_tq;a+H6x_hg=?&!Cxa8Cm<_+$hr zC|cU!v|sA6r9UZ&SJd%;YqOIR?t|=YIZiT`|nyC-YZBt^a!P z9*f~)u#hhn4_fSZVefU}j4`$f;4ppK>!_VZ-ymiQQQbWTz;c!^m`&q2!o;@p1xs^E z!RAztiVH=jtl{qgecrJ6P@mpW=;X6TLfk?UfSbH7I=WP~Y1qr-^`Vqc<)jaS=P3|< zj6w7<4?i&6{)9KFK=6x)qDJWZ7vT!s={30ofBRze?e@x_ zmAOzfX$P(NbCYdDSOy?}ocjTjf?f&qEw5~-ypR1uo?sh}iV|f${~e~|e0`Xa;uX); zCd;YlCb!+yM^Z$jthyZ((O1baZ{bCbpsuQul%v@ zbH&sk0Z&Nu8nM)on7K|DgTvWd%PMlwmtirW)@GB9S5mjWdsED>pI<`}B^(g4M+lZ6 zLCMz7m)@KA-rx#&`t)1xFT0>qJkqnXvu@L~#e5z;+?;x49o=>aF+3SJzSB&9?tA-j zvF-?LpgY&bCg`R6=<_r2y~2HiYru9rL5Mm+1#gN*XPJH)a2Zbd%=#wiu-If$#2QJM zJEysZzg-S<@qE_OR&sY*uh-PnG<-L2@=1=PKlPz})7#0R63J*PGO48sphSgj~*$OP|e~mQ+1O@RuY={RgKA_wNcN*%oS4W$XnWM$H}t`x$o$PBAumv1sOfd+jlX^sucGBzx?y>+UAfSs_Y$l(^B&vA1B&Vv zhG>Egfx;>Au2bsvnXDb#^Ho*Xjf^T98(I3Xgb+v*EMt)Q(ymv%sd)**0K~6J?24xg^vZISLwYmVJr!163}Xm9IIWWm^4aP8*O(D&BK=`%pNA4|7=p z7=YTmg#AZA_5^CTRAmoPdEt};^L46}Cz?Yu_@X=tlqqX}QGxpFM9#Yo^b|@%l3$LalpKcmY z-k{3J>vc*}zHIu_`|lrOm2#ii`=kz00=2WB^6GE@>iBtt7S z7A%%ObILT`turCv{b<0n;qH{s8!3JbR|;m*+H2a;Q~9h%+h3j>61OB#`ijtbc#^HR zC=fgB6v5p9zL+KO%f!dtBT^_Yh&TIfTGB9UGmwZ76BhpGOI`*PxYY+wPW_ea+h$9& zC@vMeJ?d{1@EZ#tSP6s~mbv)Fyt`m>shs^wo4=k+*-Bk9@-Chc#ZGrzhr$~XSzfRN z%(RFNxn9A9&*C0#RWL`IrNV&i;xn|$AbB7zxtUk$qyIWc;3dp){>Jx3Eh2^31f=jy z_g>TJ1)=9m+;`+uh4H6oXjBd635TxVx}~UmW!QTU_6f&!2h*1Ee`xeBU(KU|fei0W z4>2Q4>mC<37-afP5L4=*k_n@%@-XZ_RnCqUOc9`w9BIHC8uCyL&+U#FcH2lar-_O? z67~#3Yr=S58}?h05$L8>WJ3XlN8_{r$KVm35CT$SNoJ0x5+nG*F*&X1tEP>Q);;V; zDz$KY4T*tIgOoTF1{6B|$R}$q_^yxCBRf5_!+Nf`_$xrZU_~O zTX%R@V^%C35)l}#pA`0s>c3B$UP}6#*I_B}_aNsM>a!x|<)eu)gVh6vt*V}d%^&lP zdTine)wP`ARlEbcBk8U;1D`qFbYI4dmX2J)+`&n+x%b%#2uB@C9X?6FMftg+5Zt=z z%3YJ$GkpBTk*2#pOCJRU1Wt@{9KlR75WIp0h5(Y>08IZ?3|Z2Ab_{KXvL>}}0>Sou zDCB4S@{6hloFGZVb;9~G4hlD?Jb*XDk>}+d862(=#n~7Yk(|s^*He1R0!x9E zpnx6x*Mdsq6=QBd(x+M8gME{^YTeQ7ClUpv1&{7`-JJHRO3G&iSCB&MF3e;OhzB>` z*7JQ`i?93{28-uoyZ7|1@$gr)C-Frx->O>+m@U@`^D9BpGSFFew1=fq4pxxldLpsi$#i zkA_WZI!8>yK)5zPV0kZKsp-}TZ0Q|Z^xM-{@BvbGW-qjJO1X9cG&rTY$ zB9aNylI_+i$nvTYaeyW6n0~$0MP+6+-J08dS{ahVj_us)B8iLNUUYFrV7lgba}?)t zfzVC114eN^m6+{-z{41&neRStOaABaaJg?^B-4?3H|Vy~fH+PQ##DKz(9eq)9e>Sp z>8b(;z|7pruSxAv2s%u?FQR@O-QE<$?yjPnjZ?6o#vY$~BRAX#a zz>vzokPf<+r_OW|;@YUS(3e;+`n_`yZ9I;a{u)fhy?b=E#SWwkY`rVd&!-Rrxm<`J083kmbgq&hf1!cN zUOIC^Ev)7huiPux{bdfZ!2{#xR+zqKoudt13ulwc>IiTD>Xq-62$ezZ8r2EJnz(Qw zC|31ZG4r_R*okI0?@LVNd6B4^mkpaUPrxhf{v_Atg{^?mR%gZ-q0vP_#$3_kG zxWz!8?-RHwQ0!BcmAroqwfu?Q`~bGK^xOsq|L=gJwcLl?qRLI-DNS^L7}g;5Z{2_? zggV^lqjBm=&@5VpQAa>4@XtNQjt7xVL?iQ9t`}*1C5Q?N3a58wYY}Mcg{ADzup^LJ z?78fv{h==}M6uH{GiB>EWMurcwY60>G*TxbPLR-XqipytVMh9WR)8}ss<^O_jhR`B zkdP3vDWz-I{D89sS@;#h*gEvh{Bcw_Ur_|-PAAV2;GoCCRwocP~UTPIJRB*Vn>f|?_nE7KPDER=ODGhuguI4LhF zDJg5~K+V=1y6f^~;g!rzZz4W{54J&yx>(*ncf^rfJ&vN~O6AqRX;cyO02ze#C>ix@ z)-N^xe{@}UAl3W(uM=f7kX5#%LQ6WOam_9!7+ zMrQn;&pF(Czun*c$0gTsyg%>v^L{gvqP3Ra5yCbcd`T|fd^aJ)-e+5eUat34 zI29t7FjX7PS)=ea8ip-qBT_UYco*IP&$J{_Lz7t1&s*OhluQs%^S#X#scETsD7$FaA#_Cb@lU7Hx9&d0qzp1l92C4Z#xf&KG%5)x(0 zLq%2s+Zr~sb;s7JWoBxyD8S!83V(a$cZE$#zlBVhEYyX6b9R9ML2$8fPpTm+f`rc>yE$!%JCIt3}|rGxPw zNkB!;x&Q$Z2x5OQ9gzaL@TAe|5`i5WR0@Xv0nJbWJP`uA6b%z_`uxjg9~L6mXKoKg<;T{aX^dZgG*T#n;Lu7~XifE=f^1)3PcO2%riM_+ zy;`xO<}7}w%<7iI3R9PmP=ZycUx4s7Pc#yAWHI!pI$L`H=+%dXMa`$I%LhV`<3P={ zZ5`tn%Om}k!*DbxQ?kUYdqoi>>_v$|qy>?fPlASTe~#F{W|Pjh&wiO2yKm3qhCBWV zRD+c8EGaV117$-9zw_K+o)a7fi0*dKVUyZN^ySDC1PR}mW|nqI|%%%5FDLwO+15bPWf z3$pS+EsAA8M5Oa$tOZOFQHc0Q$x*z}TeIk}3=YJ(?p8lSJ30Z`E;o_km}I z-7lj};d8YF9;b2s0F`!Ol}-*tet+P}a?`1fO-YK0|Drk(RtPdg^D}4mOy&Q|Ag2jUE6vlppm7}(T7iJK z;H>8wvQRLMD50<8+qxD@{@vRtvnW7;jUKhTW`{{JUT{FxY_yZO@UWt(JcEP^-{0u$ zlSy&k9#rB4Sr~Iv!m;E}j|+*;@?Xuh31#S;{{}M-!@`a(fk@2B-u_G#M5vaOCCSu@ zI=`EY;CF%)K}+89aIn_Zo{!_J`YMY#igLfx^l(S$PIG!%8u{_#R=$9JNl8h^slZjT zN8MpL29s~V&^Zf-7!sKr#7ytEb+Z%%2iX*SPRGuvbUOCVp3fOs4bH#6mu$)MHEt0E z?%HfR59VG1#j84P9O>uVMguaCKyB7PHU>GH6AB+1``(V^dOrE-L{wMB zC~+^(fCq4Qnq>7H1D-g={v9H3@JoVjvA787s#^~fk7}&Uqgr-3%5an-NdRdBzocz! zv>LSAa?!fWT-nxxBFqGjz?3ibPW{#vF z4a5)Rqk^aF&fvTZtZD_a3HMhK%y39#9$@E-a~Z^16@gTO%82b8h8eX}IpyyFaisXZb1Sl)&=NCe^EZRF1oOLY7V?5Uqas4|9^`($H22OCHeE4J*FcM0IFu5 zcYVn7Ap9XnAd{Sy!Z;Yf;-<&8}OlHw7S*WRtawg_o#*WWLmB3 zRv~GpP60x7nYhONbU=3mI;&kl3A*kB&6rw$MV~*9#2p^6tt_ZD-fcwv>)Ysk1c-NQ zR~aNcR%y#MwqQ50Pf+)wa>~RpitjeI4j`AHd=aLDdtriHSnRe*XnuDgoeMy}wQ<8M zCtcg=Eo=YrqD^pTGv=fmBjL&&J5-FL|qRc&JcTE&$cCd(Mg|v#wu@3a{db{u0Lf^Vi}Nh6)&{_tJ@g zMyP6Dtt4_FtLv$wX(ESx2cfX&bPvpyo&KIhvww*&@pK7m<^xXGube%`_);#6milO` z_3p9iG0D;j;iZh`Ef$cXNL<}0%*3?IoMq?XY#C@*Dzau(_2y0bAsY?BOSWWZ;rV=HTT?nK&}!?{x!(VXjcq8fj=az z$1$}TL_^v7WckFIHogVJJP-0~dD|8NJ7ubrwxoCi+zb6aen+3Xb{l+sKl+^}VZ7|B z=NARcOH@EjGogSxmvBge+K8wZpR&A5S>A?80+q56n1aBV?J+R^eTY9NT-3-=Rs2l8 zwdZUmL7-li42V5j6$dhe*o{+Y! zU7r@&SSWC6sI>KS+$?_BxLHK`BIj&@h)d8Fwz^)#gF2UGK_)q|%VKqNbG_k9F8TfN zBX4!QmLVy@BM_X(z!8vtkr97?$&WMxD#oIO|FOu}NH@Z~pF-medzo5%zohjHwZ-}b zRdlJHb@Vw*EQ+1jsi7AQ99H(@LRaI$GsMq1agT6-(Yf$PP$JKb@_~Sf6dHeU2w}%} zOXiGPg#Y`xapMy)*3XR;Vp#uu=pZM~az04$ImOrBtA6TMw-bK>^ZRkfbn8o0#N?(g zqiaeic+FRSj(y=#eiRyL^lt9`H*iGsU$|))QkX=6?_0Kdr}J1~yr0XGw>DqF2=;H{ z561jH#MxPHbg@s;_5BXa1pYcNGagH)e^hg1q=f6{&x;Q$J$_f?#R*2_YX`GWmgE4p zpLkXhX|dI%;u=%?$ul_jt+TQ4@=<^caTRo%Qa4lO7W4I{zrcOiK9CwGgKl(M;n4Ame0pL?4bd1F${pbt>$>HXJ+UnTsZwUj7e?+B9!eVTHw zv7jRqqHY#__}MJ1qRYGz{8$_ptqMXg*=ZNVYg|6^j%H{cC&;2wGpls9Ff6q;e!`;p zP~aR)Yd|h2z(v1;2N&zMiPN^1qA~?pcm;ZzWhJ)p|7I6I{Z#!dMdGlX9upn%?p+Lp z$#ZtRH<*cu{0rK(X1|A%&G~i5+0@S0od-;mU}qHhz@HFbgM8?b%ky`xW2!ot4U6I( zYCZU@r}%~TL(k$$ny#yquwO`+x+vLQkB8Wl^qg?&btj%wFv|PwF zq6iM_j=bVuDq!^deWJQ0Sfvr6QUCvYm=`JX;osxNrMiFrKmMQa=DxgZn7c;du&w1M zyHv)33`j9YM)QP#`0Pfdl^(hpRKwrJ?Y=W< zC%nXyZZ6@r7M-6=66H~e>|C=m*_#MbcU&yqU45}Bhehy=#uuA5esi>5AcljuQ|L{D z$syur!?l~YJv|$zrzbAlGD-qPcTaJC4m?#hS)su+qWxtYU~TI&1|2|UV0ZwH_B!5`ib>L$kQ@tnDHf9 z`NdkKL}2@xfSt9j|9?7lFpk_r=pl`!JAXa^YI)ha@$-$m5o{C=a}%eA2Vb>N-_^#4 zp)?I8w{$yYrecM~<&uDURR4?=uV9Cs-=7qqm`EhtYiv0`*{pMMl0bO4z$5yZX80?? zLls!k$HNG0M~#t~JX*KW$faqkY^UWP%yrodPm0fZecY!vLU;VLoSu=~=Sbz4yvEDe zH&sWzHn=TSvV$RY*nWFtiG?#V#+cegM-TB(@-|L+^;}+B%1y;DT9Ho1x0nKffrNWqvEu+@t=IH~gUwWlnLP$AqH7&3#`u7@iyF{0Nz04iT-Cy8^Fy z&ZpUzCb5hs1g&27ar!V>s-lzUBu>r3h@}2PohuG%_ju^+`lR7nXtAok^L@n@IEnV< z|Gw(-AOP1rJreb2TE>5QKb=F8E}QzxW7eU`;ojhfOqx*W{|X2-ihH+adpDbjwe=_DJ;uQd) z!RJnAxc^VQgHi-866OrL8#%J38VBuvkS5U%7 zcnaZO+hHE3wqRHvYO`jW_P>2^!$Xd=Hr(1`&X)Kj)hx1sf#|Ul0eTxL&YAS>A|Uh z0cHA;mp6s-5_3i82{+>ZC-3Omj4}Q{@C~CiaLYA57X@}QLzP# zE~4jGU|&NYZhRko(;=lDT8Hfly5=jP45{NHrTEvnr(Ts`y_s5mVYR|x?v`;ZK)1(E zDA>DFbPn#rHx;`^MI5ZG|qx!Isyyd)@=dm^a@@M@?gzm z^7lW1M^7x+ejz&h6O#=`!bwuA!c~nM1x$S+SK;L-DV(0$~t3k4vV2Y7?+Pd zOQ{l@gnK9LVSZ~OQ{4RoOhhHG`h@@4Flt zx$>if#(yzUkkd

{RfcVscZSaKTZTuJ}VzkNDmm0DO%=Ap~C_n zYBPJRdO#+}JdTtvWbO5^xBRnjOvF$fH@?6%Ke;5zoy0oX0d`3O^z6)*DD=+usJ&-T z*Qx#6zJ)wo#u+3wj(4)PzbPXNf9x39%F-bmd;RwU{^PSy7FguR8RvNZ48O(NDMhLJ zZniOv0bh>(T=^NzP#!y0H)wQne>-s^U)d=Oa?|d+YRS}We7P3@C+XpCPYeg)_vpdL zqkxT760VbY6z<*TKHsK1JFL%rj(#z*u%`uh#%}QeWar3F0*J;Q61{B0?O)OOWGBf- zupoMgNbieK)59sn>^!IFy78lvKc*;2`3R{;xl-Tn7dRtj^o>2J=}oNGl8DL}_LX?4 zsA;(ur%DgUQIpOro;AX59?V%3&+OC1?G&JAq^k5#TcAu17s)w!PSz(((I-ifu6aT& zf;C$=REtu0>n?=N0W#pMh|oT^P0zn8zBGRjlUOPjDIChZV5|`rIar>rI#4X8{W(L4 zro_|%RO#&a^mpUJX{OmtVn}V~SQs)Bv_SoL{OH3c|FyYkh(MWJliIP{IJUR={yz8+ zD3buTU4v0&mG0;Yi7Mxk3t?jx9qRR(ha>0$4to!+IX`K$({5(GYEY zwX6h4G1X>a9K&=2UVni%1-u~nb7W1FV#?i@)4-T@nsR$`omHT1xIK4POBAI^E~f1v z-xf9WWx~2OiBq*B13VNosLl3QGMp(LnhEl!!2gw0$^HC*%poH|r=S+i2d^(DEC>2i z_B=IX8+!-NND0v_7aTwpG;or@NM)o-T7u{4;Muh5mUq_A8@^`|8aRZTldK_B?*RGU z(jYhd{~$CQq&ChSkp`+JEJFY5gDHzve-EcuAsr}uhK3evVhT;)2sATVs-Ypb5sw!o zaiFK+lr+esd9C#Vr&z%pfwdg;Z+b!yDm&6}m#DGo8@SO++s1RNJQcXpRg44I=&yut z+-@~0)$=v}K6L#ynxW#2X?aCO&^u~FCd5qd1GltgAJU^>%DwPq0{`Z_N`?H5sLY9m zXUf&CrfMxWktfoR*T>-2?4|VJnJ;7K7DKWL_h^0CjecM5P?-0oVU`;ySo`kQ2`t=_ zNF7f~Y8?5!?i+|bps|{k&c#c8EhnDDLCJVML%CL-Vr^M3+qA?iQ**dnNJS?@;mC>( zBBeb}u(g&>J2^GiWs&TJO(^gL(?2{0t+BL#Ox_=D+J7w^2|Pknt5SEu;2$eW!XJpK zfJEycox>cfjJJIW(^MJ(-Tz?-8MSs$ABd73- zQj4!&n~z4TzHm8vgJCxkDVn5IW}CT9M5+wRX00DHZy~c_nE%8Z@SB9ceBb`dK@6n$ z$jbyBr-r*}QP+i__sl>b2f`k&4dX)@YRn8UY-gV4M(}J1E5E;%%iM`+qVJ}qr>7WP zv#1JQP`$cIE$=_CL~V6c5AA;f|6s7B3^p+k{uFv$OAvCFweMH%n^x%Nw+|L_t31gh zvyo;I(~!fkAUNQiHEZ)T4s&|@C!e&(`El|6;meJwo&`qF>%Rvs<$d_?Y=Iy&4B|)n zXbbNj+m(P?LpC@b{$hETU=J^^#&94L20}T&?DnqVd{gQ`&h1ZdMJ|5p>&+YV@4`I* z{(^n&=MEeT{(SAUGxtusY4Hqf%O@fV(d}$3AEHH3*a^_|ly-KGF@wFhpNXN zsh|UJ_QSRRIoJPOH!yTYwPFwE|DJt?W(-ot z75r}R?-{;s!t#C;Sgrcyteaw}i3?86_p50(KHqJOxY9K+Sz{b@)szFXddl=(qYgpO z`H^r7^5&JPgM+gOj<$u7Ng^jIc=~C*tDKrIM1KI++5Sbv6#HhPt%=~?&x0LGu_e~* zYF2)yWn;xx@&1g6dn@N}3_UwIO6`x>NCn7g>1?mH&hP-Qxj8e?7(`SrTL2d8j(mQ5 zQrx+XbX-E*;ZFHhC#@Cb1%2EL7N3K&OrvE?hK8OLe-aAvw4-uziu)R$W50ch%;Vz} zfpGqHXJAYw)>+9$=0($lOQ^wzo`lgRO64;mZ5la&c0WpWq3gFz#d@3YqyP_Fr{LWJ zM3>|5-+?kaTd~-dS}k)oerLAmuE3=&qs;EFD7+TtM_%h;wCz=S&1R2;R1DgI$%uG8 zx=EVUY3qd7!oKkJm8y<$M;5W4%_r`-v#093)nRyzJo(y>HP(_F-8ZUa%A^!*)WfL1 zMI{0rvmsdvKUVlWvzyeWl7~y-8*@ObmWVJj|20sI1gqEI-CMnXT{H&~0$`tf%D;+= zQamYO+1&IDLRrkBUnMkhW!hG6&rxtxnsaToM^CG>DQG;(mx83mtJWAd8d4c9nukJ1 z9L~vpzw+sbxCz`d$;s60R|RY_xKc4Di&*HbbmXA8wT|v^+Uj=ZM07*(tHAj14aT02 z&Tw;|aAYAzMq$Kij11N&+??=@$U{i3`{9rY-;#d@#mj=1vhGgFM}@1pe|W%-yk^G1 zgob974a zSpRcVo&hb9XdP|Vzx*r0i965Qb)+f;#(Q~_lk;Cdv5L+$Rtm+gv_bXJGOeNG&zyGBuL9qcfM`vlf)`5N2D z{(g2R2F}PnxcZ!&j2TnU?HAEaF_R=DH?QCdzL^i}ckCFlejfX-h5M^O{waHP^vQXZ zkZ?ewk@x+VPzy1J@aSJh<_>`5I)wLZrNEodi7N>;Jm!N{ILG1TE>wJ=)xwi z#a`LioQ;L0oN2hCpYvVCG6K{lDKq0|*SYIS9oir}dYvZWMR3KU^mHcQU}vjMOK6lU z@$s2YVrIDe{6fm}3fIJr3lZV%%1XBHymwE3yvb{< zU7~+2-jJjY%ezBzt;rTqY=Yoq(GzG7jmEj$AG^Exoai_o^#vIWj=vM(dsJX4*ZNY* zrEJv=h*ZeYYJV<02sAQ&=bvmC`s?huly$q1*9@rf;~tw@Xua;YKdMFf)SpD!YwzWr zBlFo(?*#O1>PT&*&r4{?W5`iEzqU_nTe#;Wt2lwkoLn%y;W6RXwru49jmHi1YaWlv zi+txAD8D=W5hDNbr4*7I1&{RZ7B~O?PCAj8Tx;{QylnNDwe*;n5Yg0eMLH_i64{Z( z*3ClpOtt(E!E$E%njnjSt1W}9*n7HiyNsdzobJPimwC8TP_6m}B@#C6_Z~y8Tyiasg?HfV6$7^6if5QYmm*36X^*66^4_#QAyT#Xyq*Om=)_bI& zim(GJ3gZ6?elKUabXYIx6nEhU-C;hXI6I*`BxLRY>H&=INs@6+nuz+Fy9K9-nd^& zkW0TgH_jXd`0Tu)>D_CfdqyMiP>B{NmA^+R5{alx?_h+So)&K zPqHuCC87jE3=}p{jJ$=a>Q820Wq5NxCMM>npyv0hDjltl?gaDlugwoYZl~&f?Z-#H zaWz=ma#&k0oehO6Q1#r1Q;aS7s-%cMMGgxa=x_RGB>n61|L=vRMje5L-F&6B#QpQ< zFA>EXkYUi^alV+c1~go8^OjwTw=1wgj+R*4)qVQ|h!$vtepqre7vbQb9MlDXUH(n% zjf0N_p+&L~J-4?PM@OJ(U}Qx^b?x5g-|kOQ6q|hjd|9PKoWQE zHAVugV!neCd+uugBKe&k+@hCG!XC&WM&iVa>3G)!i++C1G`RyWhXj828jUo~N~|wO zj@C9b>ZV_57BH`#n(IfyEG^>K(nwgf8phAQ>Oke>#Mc`g#Z4IDaVB~I*{@?X6fC{-p^`-^QK7BqxbVruf}=^VB>oOONj z&-=6o9@sBQkoA$ABI(=g*mDbC>J!x!PQfME(INa7Q4I8DEK%?Prxa|a?%M1^d{QJ4 z?Xn$Lxdrn7@i_V@2`>J%+J^hO%&xJ#!JCLoI+=&-l%*nic&>sGPTqz~+0@ngxEo(> zt_8%CQa`~Y99n!{^h!T@^ILqcfH2z?WPsdu{Ev!?SIBrMMUQL<9Hfwy6is!>|w@_A3rmB6*hk#!UTVSTm+-V@%|-BbWWr} zsU9vC&SyWSX@CLa62sjg)E7qT1{K!`tsaf(O#sUOd>(C~A#e(_ZN z2M)fhhN@c2X&WlVD5jZS;WbFBJYOfd&mrTxnb-Z;!`N%bFys|Xgzv3gd@>|UH znsGFDqb_tg&b>iSJ7RJ8RW7@9IM>9>=eOy7LiW(s2QC@x!5Bz|)<>zr+CMLl8LSRb z;Ki49$8?eMM_}@0nxlaH{<*aB7)X0-Mbp^0rc498M6$KtP?=dxQMXw7+}A6>8qe>N zxljDW{sY9ztEruNy#kw;=-U++*60)wla`@5^`Xjc zmU+6r+8$bZ;=bI$JJ$dSYRVc$UVFG}96(9F8jn$3ko(aNL5ctT%4#Art?a z?Y$}1+J%2Q zZn5xn2vZA-x9l>QB;MaoxV*B`Tvag-^6n!|sacLWyDn{%MoD%GDzJna1NWmyEdL<2bWY{udaADvs@r;a4I6C81CL zp#0aJ7UDErEuqN%Hmm-kglhuSW?aI? z#QR-{wr;k2+B^7gY+HF-_ZMD?qoi?YQ_MPvW+K>fo5#;~a-`zpNG@s&*3hE0GaNV9pwaHwa2VHrvBr2Uh#Nr3xWd1pf`=)NT)JKZ z6i%46KwW$NsH-;2O(QGz$yWgw{w(GgF+KZmpVY9K$*bL#$)MvS;&#Q4wH~$N6Xg#@ z$(IT#KJM*KDsQJR1a zRk6fS!(S&3q&@%bgx6SQy8m^&gTe7m7oTus|NK-m`BV}4leh@7+9|S&&Ke%B}a@GY3$bPtf365 zBAI#(FNu30q5bCb)aUY5v}0p$U08UZ#Qcypeke%7A1v!+k-W9J*;{I~;_~*o@o6#& zi6PorT~<^LxrbDXl##hf@|l*XVgz{nO@98*XQMFI#c}I|_P?&OpyM7NH?)3TiMh}U zEA8&iP2neFQPZVzj-dF0fC@lEYG|!)x79E8uawi;`*G1PTiCHQmMKZE}!6Pj~_zb zt0s}RcbZY2zVHt+5nheRHGV6Pb0!uF?-n>oMGm1-4-?FIPuxkNu&QfC2M zFK)Yj@i3$&c6)bcY9LY-hMvvh85kVaqr>5!Ed?qDrgIz zXs%-yB|g;Go0ywRny@K?zOm7>Kopfn{$p}BVrLCQYC}&s1C{}YnOX*->T<26;Lds| zdYto5F!~oPbH=+EKzBdRfGs~zAyjX74_xiQ0?zH^+!WygnwaJfP3puagH0>}^gJ4ENo0&pCjH>>ck&xQ<~cpW>Mb+U(nQsHy=Ub11w%NDhBjzT8QB|H!eEeRmT#23*Pr#KyrnR5945+D$A_w zKz|(G%2J3HS2yswH)#LL*uL-hx_gsyLwI2RaD)qadr;)we{Nj6UIkZjGCz5V0mf*#Qw}j`A@~2}o-Jd=NITCO>ibdAXf5>Qx zlN7wz3l%3ur%z4c%T6sF1@vZl1U;8zzTSS!<(44m>#p=KUb!F3KXkJ76FzDu1TzXf zjEj96hjafc5DoW5>y>W7$@%KonHee5Iyi(3Z+2=D#$1(Fs|rpr=k}@R+4Cn?!X0p=ZBcN8G+Mq zY4K&q<=A`xd!CcV24~VhD`0Z7FiR)q*DMb)ix3Cqp0y4x+T!C$iyJc=!ZYdSQ+p&X zXvOo9f(OAEzev{>dRVh_?K_X)0KD96ht$(P4W#_y`%Xr4V`GyQQRx8n1?A%+7iaw% zh`bk`xRUT!%KG_LZQbfNp8PQrJ#u5aP?*aYi2;sVjoM$G_hJS)gg-hPdOAw6f#=0X z_v0OA``FdNCF4tO0~fjPIi(MQHxA}JxrtN-tUxjkYb^mJ7gvkJf8$z8Ko1QasUm;w zcs1sQnAGuMPhY~SNSi0U+T#m&4m2iXF9Yy5sLlk`Z#DywL}I}JkRr2DAN%q)$OTt) zUpv1GA1ddKLme@$38YM;V>C2^NLqxW!SqI6CkmV{L&QRr%=%<(cWK_}G|5?hMg$j(t@x7R`V=+z1qO1t^YXhg@SAr&1TFO_2a~`Bra5`ev zjO1Edg=8FDHIUN6P)`hdg^!O!qTXGYNh?`bq9A61j1PN=6lyz@V`TbW4d~rg8UlY> zxyF{g*aNS@eYddUDBL^$8_pu1F@go?aV!%3=LdgPy!d|lrlc7G zsJVZd{@t;pdL^+cS@nwzDPAat^Uk@1a!-B>Kn1LJiB;a9k%Z%B^+5*&@z@6zL%cQS zvS5-h5dwTyjO1%Zlsv^=CZ8FMAAWpgo@KY&IgB=~V^0f^M54vl3#CG>;0=Wp0p4;ST=x+N(^gS=xAioHmboFt<=-WG4COW21LH(O4p zRJs+PA#unQPPm~eaIw1xDbN@=Zaw2)t=MPDaKW| z4%AIbS*GFkM1;%d-oaB$XwDWXh0E0h?jpl1*&bOanL$@YsNbskS0x`63@17v)2S*B zx$I%ylqBn&l~49&)*m3h*q9-MCx^IOHg){hfK(Wyl?oaFX}!}}>!bgPK4^9#p?9uR zBo$MoHa>GQXWyN#d&t_kb>BJB@*=u4!_9L^wsQH`%A^HGFLiv|w=!ckxOz8oD2_C@ zzsLVJU*CK-@yvHq=nHWMVY2t_7kYdr$jBM}UR$HNVr+SEM=OZCV1C*9^aMWCIa=;?Che2pEraV^Qr|2ZZS**>nl-|Bh}h(v{VTcJ|j5s zNb>h;hjIX*Ce4&n|1%uL8l{v}=>EF0BaW@o=gI`Oq5bvorxGB6K3n0lVQ!c@ZdDJ% z2D>~vuxvMG6iPcKr%3ptWdSRD-z?PI*xY3G*fLr#yH5P@uar;GawqQQ=}PUK%|Tqn zzBj}DVW$Dw@-6?ZObFK;YlaVO0lBwpruZ!Zn2$?dFl)SO&AY}NPfox z<8o}{h#;&?jmTn}AWt#zEd5XS1V*TsqR00trvDRkq_k7489U2gR?6xGAJhbs|Ij`4hOA^me_1B@2Dm>A-}iJxaE+5nLGb9Z;X-|01m zB0jgBjG4XA3?sCQOnJ=!W$$JmVoa7Qh?o$P7L-=9w-S4 zid)ohsw53FRh1c2$K_A3pvUF4ztKW*^5d@pRo_>e<;%Z*O=?ZNG(H_Dncx(vHxq~n zmudRMCkh9FPqO>jG>IQbA_{_Jl?=nT0>M=Ea0G7<7y+z5$`-@f>is`C3Jk`B5Pjw2 zoBRK>wBQ3_M~oGHXO|)caHiXwYT<~wG;1Vnc)mR%FUg$FCJz$uVldyu?sqp5xF3U0 zccjPRab7)%@RySS?0;JQ{tm*F%NdK=*sd{*9O_WJ+2fFIhg(WCl@N$5^h#e2m(118Zr2d5d$T3SFyBZv5~CLd{Np9 z^ZbpOMe;b|I4u{dyXm2*YvHEF$z{ zNFF=3A=Cb?Gu80uC!moy=ZVMuH(!3m-(IS@HaRyLG4gY}&}HQsA@TUS(^{%F+&tu3 ze(!b~>ur~Nwc*|h;HbuPVoN0lU{=-q&clghn@UPW{ zmIcr#<24HW86_AOtl@^z=zV%ttke53-oZ8byZ+Yrh^%s6FU!+CACW~5_Xs63`Za4L z!1#8AUeFogOAeSCqaXE5Jt9hkqCZ}&58Q{ecCMd_QHAq_WIOmTy}DFz20_R!==OGt zsI&)V7cc!zGZwHt2nx+AR_=b^t6rHi^vh4$tNM$ypl0y)T9ptMZA0nfH;C5O6kqaQ z?i%ngj+N?tjsHp#dEEZGs4|Ucz}cc%Kuu}f1ncJrhwe9 zq%-^zW&6X;eNnRXil$rKK*{j4_U%nus!0otQCZ9jtg5fBQfhK$j?|CBq4G?G*U*ca z46rtU>y;0v;qMu;7$elwbOBsXxfaEv^Ee&35xx#KWdfGs=+i3ByTJBhVVqp<_1l@+ zUW9MX-tv~&`gOK`wWg}VdjBP!U#0jzkSZXx{@;x?SgoC0)_T@a|5oJpkrF}BKc5HH z6DPB1xJ?O#8JJGT&={q>%hyCA!5i0Gjcc#0zSjy*l937wVJN(cgix(#r`zWUiggfp z==<9^&s>0wTMMbHD_i<=y|d(j3v$6}KKV&yr7s~N(Z@^Ucyu%lQse=cdw8A14}43f zL(SzYQmmlwC=L_iqjaUIwhqZ6*96m$(e8ic-T(7hJ7kS>;$Cil%D^xpC<%nzojV*@ zyfyebge6wXrN3o3?BNTq?T0>8-!B=49}U~us9PtKN@Dbr93oyu3P(NK5SZyQHQE&^ z!R|IXypkijEsq|E+UWWD7J-{3o!EV8c?k_&H#*L5FS@UFZp8^ev7Xpn^{N{s%#{6- zIxc#Z!7j+jF^LZ{v>7$IdF(lJBp36Tdth2_knV1DhTWVp6MSJ59ix%AZOXeanXOZD zvrHqu%-SCMR6=g9({tbR*T&n}Q~)-^SX)N*FbKRsfF7NtCD*#s=M8bB$xM}wAXF`- zvcwGO@iAwC%qKYR_?Co#Zk|XHwgiXV+1wnmZh+kh(N+)5_`8_=F^}*&iGBQvrgNob zZo@c%Sm5wBZ={LiBMH=;j9o{qW+*|lVYhYcYtk2gF6!Tp0HcnOT7=QoIH>lIM>28) z4IL`INDS#`MkSS~aPy={m;Z*1t-W8-%3D9nldUS{(&YUPTI3vKEYW;t4~beYhLj92 z6L@H)WTYxcOPJ^GI8KeuV%2$vaxPuPK7C1I+7d0Mbwh~6pfG9J`XDCh^0DkLerL$h zE>&qRAn|#-Ru7(%C$N9L&|nWjEs}+-J;AP7&0=rI6_q~n@Gmvv*yquP$n>!~Lr8Ux zK6uHxdA31KcrzBRoDrQRJ-M$GncV6Zwj94>0TwdX|d^@52odY8uEk8TZC zosnc5*}tFSa$a>ySE~73HuwtFyHt5ul3%;;Z-Uo3@4qz@0Wy;U+1^U2D8Kqa=GHVt zGT6_`9se@-|9g9^X4m+AC7d*$GP*e4z)IvY5 z8uU8XCs|h8-fdD@$)qcH2gQh^tuT}*i`z#XTOuFHCIu8xORJyM88Np?@b;KV+b+wF ziD>|RMfD?B9dc|?UD<1z8~ia<0s`knmT6J-;3D!LpuJ2T2Sj{p$HK>kp6Pl~`Ek3G zNC=@r%R__HSJ^DjFEiPNLf5B$T-y~3@{)o;mUHag)bd5FK-T+>>KAKBx;Ph_2Pd9q z&!&d{TzO2@-4+c(#PsN?$EDC>Mj)BMJR*SZt202d0&_lI0VAX&CksjTc(Ys`*^gd>eKad60O?ao1u?U?(#O(Fd{DBC1*B80R7Fg!eQIv5HF=%@LvfJj z%HM>lU(9Q~3yOiL6F&<%tQR>9F>au^l+|=f_HDF9IO>Hi*AoI~m_2TZ*ivD)NIxNM z+sj9Ha=J?AttWL?WcCVrI4$zr^c_)djmTx-Q4?%$>q*d}EoQ~}j$LG!N@l8j<0fLk zcTA4uqqmqlc{iiwVRYFF4H3)CHtxjnzK{WaK6C{aCEK(kc zx>s?d%0U4~0dVh2qxL&}eCXQ!{ySaabKh42;T@>9N^nC}6j?9yCrYs-KeL;B!=L)| zVg=PHGc``klJy)zYm-97qC0imaK3Z$cje+TZ5+AyCB0uZ$FZvnjTL*52ISz%UuNug z8!Ip$P*bmkVw`{wNj4Tz1#?L+QJ=f+|qXtPe^ObT-nCxyhue&)M)4xjzneaP6#L3NvTt6w-3by>P1B@52jj zfBze}hKDB;2G16&QKO;37Y0}$8&9w_{+EDfFL+=IAtsx+y}^N}f1nZQhJxVWdapTI zzLiQDF5_1r&Sq(E^FwXzqNKsDb`cXD5boB^XY=`QfT-EQjauQ7n97b%d6r(h=%GKd&|~+ zn?y@rApTorRZj zgy{GckYZ&5N`1$i8y(!p9rMpCZSPAchJxgPiB0v-=05Oj1HqE%-Qs~<&lJ9G;P=TC zvr3j8nO-`H9;)R+HfB*Q=O&-)K zGUSQ?S$I=`0j!IAl0`KiO}KJo2=);MaXA+*1SQfTf^-QGq{oS1`QI8`o6?~>guDI& zhb;uLQhtJ1-4Ty%*TxEOC8{b8>%!a?u+LA7cn0#jf*j09K3x*7+4l_>zEA&oOXqt7 zAy;jhJ7Y-_Zf%c=5DLAU{b4^4xL0zVY#N1HdXaS_Qs@kPswIHZq|{1Y-9}Qq`^Qh+ zQSkAT#3aXL$QXxV>w&uc^6O)eRe!k0*jov%5H4zAoJ!2_56a8M{~a9WkTm=E(GK-2*IH^_V&(Qo+|QYghc|EvPAp&5Km=Fo^{|nK?&LUj5OTzqDJ9?<2}9XZ zk^-vwBDkhvQap~Hye`pcrG);~=I9BX(+~rH{Mxy(c^SD(!pO0p8rhM$(5{{FJv#3W zM*Y~afZ0Lbf*rLI^5Lwm%`Dk_ASQJjjyQsa_%o*$6yCdvTa3fAh?PA{D)g;_sl0iT*4^!N7V#T&=8hW)& zM|TnvCz(9vg#KFNY=ztBMpTiOic#h}V^OXrIR3R=|K8mG$6>i8(Y4uod;G6&L7gSo z>?~4e0hVHgZFoS+q8juo3}Rd~aw9QbZK}FCr&?AJ0fmTE1Bt8lt}s5G3FG1{6xn+K zol2OMUk?enk4stQ$b7OH%em35V7D{2xOX!mhlZ}#o25Nqs>0~`B$v&(<8CRpwGjHi zL|()5tHPzZy9NVxyF;k`74||4onQThc$S9kBkOD< z+Uz^>P)_s>F@Vtqw?Y4LW#a>XzcxgSvd0|-g!mx3i_z4G{?TMxcXyiK#e%`QWk8jXFvJUr>%rGgSKuLA^?;42+)R&yuKY3GN<^L+Ek0c#(>D7+;Er-So0~&tB3AJSw>Q z^Ot}XS7#{ZI6jy+j7=mbbxf#-8C)8-7pUu=xZiyP1=P0uUIxx9!pm&5Gnjxt;V{l% zXg6*#9bCh~0Afii1D`vtQb5O3;uswm7_z7Fw3*QF{7~}mbOApFc z0H0u0u}^%!AwbCem*ZD&JVnhtv9psHDDJK`U!ddz+aDz-)QnI(?6IeCt%dO~K~Iy! zkDhS;rBAf`y_iM}(Dl_Vrvg@piJ_k5I-SHF25oN#gX6FnG|Z@3R_;OO1pI$XEDKN) zdc8e7BL5U^0xu8zA(kNWAO{vmmszgP0kzBE^(ca& zip%rV-k&$a^QDB9*nZN!X`Qj}^uS7}$KRtshWH|6a~w=7+Eg<_MLDpNhHH%2F8ETT zY{^#Td!UaeyY^9-r%(T{mchM7lsxifoDkXOugKCCVl@!jx(Fu&#G*$N%a~*Gx_(3% zwm#)0M&{%k5L7*>JTfbPSI4Y7m+LlE^Nt=XsyUZZLYJWyZbQDOHh#{oem@eFSi7P^ ztcGDMX=!5s1W^(#1Kssr%H21yvO-xO4NV_&O}YqX_8)%r(B-~8kmY=3FBDV2gF4vs z-@5H0L|gdl-M)Q)#$sp`;*)Q!Le?0Bh2sTTP1YzRlb%ZGU%Acq5{md~@}@;1#JI?6 zc?)r5NG4h7RUc^$Sl8(Xk;laJnKJccaF^e=f0Q7Rr-YR~1n3DDo4TfryTH8LO6Yxa zz@f1*&Wf21Vw; z;VN#(mvOUlDg*5kKpi#lJLR`20ata{f=^OgYF0074Kf z?DmKLfBP1_qX2${jz|8rrTKFah&|JGI)bL_NNHXE^_EBuxz;0+d_*n}F-VbegAG6z z76XAu&g@h(t}Da_VeErWYo|ZO!$yTK?|wvAZL~<;KT7;YcXJu1yCgw_LCP377n!MV zEK~P_1;#nf^uu^C?z()W6xy>t5$`s?=M4u^;GzP_i`Jqq(q_xF6oJY*f+eZY=fEkF(P9#G((?WN@|I`?`!D1lJ>bAEA@_9ANppmy*SrTV5BMQBW>m*4I4F$tpRF> zABNlOZ$AXX;Q+*5$nF0P1XvgbJ>5X3)kom~);}W#Mgb78x28s%sUJjxOG)SNlBG>B zn@69?!q99kB3&DX?_69<)k2O4+dYrOCIDcvk5BJ)G*2bQ{*2Tiv;39^1c%M`jw7GP zbr7k7OlPAu5m#~X55a4T8I0y5f}IQcwnBTAv=9UEqzq+GL2c_5E2FD(+{d)$^eaWLH%w|p=HMSZMAv?gI0h2mdokchnCE75 z7Eg**tGkoe>2P42COsfE`Ph=oy7!gokP)wQoO}H*#n9eC_veAc;@wz}J;GJ}&+5An z-db4(S%3_0^3YR(5!3q|Qv96Jw z*GX~xe?G9M5z`gZD+LM?>9|uNh;z$quV4HJ2;R zza4y)Cp#D*;%ViViDPGXV+lS$M?z0l-Nk&KcV_Cu!5tjJ+F=~R> z*W{C~;Cfp%KnrS1=?2Kpqj&q7u3qa3fmB^RV~Lg)v18$vL%WBQH$L@Jza15m9G~v@ z{_$TNPw}p+KtG%M!$?q6E0y8>lDF){E94uD?0^9K8`dlW)=crblL(d;Er`LCeD1%Q z_L0;fN&1wc2volFY5X0b?PwVl0JDmpYf`KnLsSnvu4(6?8NxMWYMy6mp3guMwo~8v z$@)-KKowPMb8?H=IR`gISsz7x9|L{5*KA4+ubXufOA=k+rAAOlM+cFcK|LZv^|gMn zMrz}@kgYwW3?9=A*^J$PqN~4iwOkLx&T z(U1yh2_X$mOIt~33#FZucG2D)B&0G*dr5n0YM&&fy-S;Dou>BwUgw;+z2Cj>&+qrg zor80C@_b#-Ydo&U^|+D`+sb4}pww=Ee6aT#lOZdJ9hU2-H>Sx40!@GF>yvFy!W)g} z>f5ung^xrNkzBlzNBi61Eo~6U`=9Lh@ZpDMU>*^#DKJ9H&!Jv1Hy4dqA`j;-J@u6V z$FnD(4)~vOkP;2k#y@->V4cTu#+tM4-FqvNr>}s2{DQv`O4rH36S{BsBQXgHSARkd ztKEg43N}ieeRkx643OV;`ODE*qcJO4J-=koLvc#ujSLGTdvPqGL<{3UL8@Ww;{Jq- zHF;-rj+wRJY7G)2hB9Ft;0AzTEtK{a=J^71JMR#`?~WeZ?^?@I9l{kAmFFZOEd1pF zFz3<0oB0}%CRLAJ@XE-D;yn8elw}jDzZ%ghm+`)Jzju)d80S|%9s|mgfb=-t_79fg zX3XUFHI{$deg8P1q<`jr2Hp#6e>afUF5X>B$Q5Sppw~Iu@BfhU5?67Hy69F0fMg0e zAwf88=i;M!q87wbQu40q;%`1PeKkM{ej_4M^{PX$hOPUh>cvF&=iyX&!uKoda-?Jg zwZA`R_v}nm1;xv7#E(0zWH3wgx>j%+TiA)yeM4d&g@Qs$Vb9A4T*r8qUG9xH(k+Zo z;14s&>ZOFMPIQl4=;2d1Ne@fHVZ!aJnWhrbQRn3sz8DEmS)|~D`a*Yb3%CJR?J5~$ zEl|(RLCEsAH~oFA|Crq z3%Wc(OZcYw`HzWl*S4D-+ziTPl1c6_UyVf9n%tsB>yx=UuD`n8Z_(B%4xCh@PhR`X zmhtTX!oyW?Guj+n;!+klVl}-Lzo#t0mC{VHLLybFb zGN*(|+Q>bBc|!iAb>VXS9o^z2PBo9nL%>|*vE^!`j^>m zd*BgbKob>1uJ%`NT52S)1_i-aj>{WH2dYcePbK(R&6WtFDE&ht=o1SE&P*TSZtILw z^m(Q5C`81fnwa$9Eu4f;zi4oVTsUBnt(8?hwbjQ}84>LCjyR)*bnLb){m#Ss9h5MK z;5;Lmzia*egFoSnH$ZY4=<9r<@UsnL+)8D z{(c`++fJwIY??l>zdaX5=DIHPUW<{Gf8b5vQJACpb8RkB|HG5V%Zjx4f-Dc~AU&D_ z4$hoa&))LmMJMNS`TU8Bw}glALpSLSJHu(di!E)JzZRZ3bO8SY(*o+l*w#rkuKog0 zvBn6?x8tYih(?HkCVrG5qkWX3vo4Hn?zJebsg9QOEybVVfxl8Z-z8mf%S-TxJ~Vxm~5QjxyzMfUN0yOi-ps)Z3! zocH(u6-U3A*1H}#AOAPLa{GU4xdFF*1%~PRidGB8aHb6igJwU4y(x?=i715W>~Ofh z5Bpygnpg*OaDxsLAdv^pAtSZ+1wbbe_CF9dWW_cx1i0s;*6%54Q%_UE_lHFrjpa0h z_f8=!skbBbLQS!C)jrG_{I%jeMntC`_aLS1>~Z0XIvOHSPr{g*(Sd_UK&Tm)xCZNe z7DyzFfFl366VZED-_s?xSf*O_E2Gw{)?t3@M0g-$1tkK;<*$BgFDh&Y zA5;7B$CcQQ#j)&yU%C=&x#7ZYmOosaoxUt>4s3N`*O#|e8mc>KUmo`vu9euT$iHLQ zu|Fua>L^Ys2mTCZqpLrho7KdY2I?);$Ooc>!1^uzL*4l-OztpKkz(&dkONOonwJ* zBs4=uAIg3>9mK9@{#)Tf`$zoor>_pPSWG-f0zxz{|6?F8cKM(@HFLx^=A;~qO``$t zTOT{F3SHhSrlLH(heEd1^Y+UAq1}t0GJW9sGwD1|GK8Af%ahz#^@7Ftp*D>S0f7nB-7fWq9h0oq5MUD- z&`Ab{mx|9^4VhTX+roOdb8QWjZME60ePC-^SGgy#+%Qn%U%EtH&0BzZzixK_ z+x@^PsST%?&0Zh?Cc}a>mTD4N7#GRD`>7h`LyF2DPaUg`L^xnIf22VRe;Lhd18~r! z6RIl_i^F_y_%HZxO_Rp(-_uuH36!S?qIn#psJvd}Lw*AOaVb>g*UmEygL54W9BB|b;V>>d^Fxjlg*_QLNE>RnOX76v;^*3%giEm9FITkV3^W`-6kX;kkT7CE;!}5&YDu=E=SA_Vr zq2;2a4MATR(%*$!iJY$e)v@@O?+s#rv+E5PYN(7962jV!9iuELDX;w zqmOV=92vhO{bH+k*;s*v@n=5S=1`e?+}8Tn3^&aIf7sL(JK*|_bJd%rWTGcB>9OZ- z;=>ZV^jEtsgfaq}ygUEpo00?7JOytZ7T*PD4|y+jzDhc)qw~cC`eaBnMNkIT_mcjw ze}oLgUVt${jh)pJ&Ub25WbQYwqo&e|0HFrmJNN z<46LQvBuR22rIXM)VGg$JH6w5m3uQuqdF3{HB{~Cjn{=g*mjfp!dW-;$XIbxXO=S8 zo+-X_Li?P>qwgzLEyP6)PvD2~+(5Scx|;hlk)y5HBZ}JX-WTK={}ox%<;$$c^Dp-J zIU$T>WfoeWeT{Xy9hmQNMb{i@;RFR_DEAA8*=PNISU{av;1gC{^jc{O z5JZd=S|>Bw7)4&odrR+`?--)`-2FjQLmDH9$gnsc_sdLB;eB2&5?9=4-sJb!dH7~ zek%PgbLhcQdUYzaCmA2*EX&!%jGOg`Xftzf5zbc|ajGD$+rDmYF!|T9hHKe%9x#@Q=>k(ILT*&HpZ{5PHaO99ltD*@7F37M36Q3im z$r;P!XcJ9Ub8s^`6*F93JYX4>cJIknW_7>DoMdXxm0&!$j!{A+ImLB5x4|}Hb4jZ- zwv%6!S^{td+d8{7>nWwG!yv{&5~oQeKZ5(dlnDo_R}Gm^w`2J@xVt%qEPLK-Ho6VD zh$k&L$RMDPm9{dswXT+?vy$my6nz>umf?IxE~y|cUc^Im6ccaI`bLhpA)+jmYB3>X zjKlYN+k-0=TBpmqNRbJc6}iCGx%6Ww5CtqRsFGh;0&2O9+JBqwpR;Av;{hX{%w@49 z3K#Q6xi}gnxHEZS|QCcS>cAncSp{ z#yI`uO?BAPr7%PY-{~c`4VST5r=cUz3BaclLMp6WW%8PSj?71-^*3KA$G()=M8E9<4mo8Zxf``X<3SP|f?IWxH<0Eho0jhebyVz2^*&x^$rI@3ErUw<9BxltT&}sZqWe z!_nqC`9NqN<@DEA_qBXHCyD#NhP_?)iRA6{dhKoYofKfpG7~<+76}xQ4vE{PD{M&D zqnQipZ?4&h#SBv^9(0pnjt-tg zXUqJ|D&^48)wL>Ruyj)biDY~lq|pIDgZ0YE*(uRM2xa$ko^2nCTE`GFwq z)-V?SMj{E2axo0rW&V78T@n+7=<$zg4+-C| zdf(DDC*I%pm!XsCc2hghlWtJo%|8=@Yl&3h=*myk;zGaI)Yfk$?Pm>b$~rsRP4v_g zBQ*|Ae>yu#Na%?Whlqo6#;hNY@d>{TiVT)$AkuC( z<5p^hc4~!lFnU3GHzo4H4UBVC&O(VkHdxp>n%TVEOgr=NSq4~je)4ote7-mtYC4vm z>bc!7p?N=8EBGkHrSj929jEulGeBAiUiV|ec1ie`2cb5G14adWohd(nt(fod9*2y} z2)(ozcX~<6>(IS^xb5dm^?3bj%?aPVmmPy;6+|Ln)6L5lX^@#IsAdoCF*BObbK$=% zh<{Hy^~@vDgp|B=otQomtQVcC_E|ycLRHogSFeHrGgB;Iv=x<`{;Z>e6fZyS{5%JU zv&eZ&q@~rn2WKKRidY+_&9d;m%X1p(_l|zNDa2LPdg2AI*g1oM>1V2BAj}$GBb?Ef za9{rJYgrl7%}@IEo3euv(XR8f)rw%<28?Yj0+XS1pNCt}+lg%te~x9(|zUoEOa@JptD zSDt@E*BBEVJHw)Cbmu!lxiZ0K&WTe(6I!u(gN)xw-~@xP)Zm6&QjG~T{G@OBb)5^v zmn$q#nX-JWq~8ZXW6)Zd;SBn&x&=W(b^mhAx<2A2cyB42|C$Bnk4_3 zm=vj{S5ay2ExTc1d|jj$HR&Ua znEvqYHRFZe_h|Ju{M5!bpbwxK7*$EgnZR4&f5N}N%v=S>n-MIuJv{l>Updr13OIND4D zZ``B;=wctbZfjm?hpCQavk}VGj`2g~0!QaqXP!#xkKF*A$*$;KSHrYP2L7pF39=4P)H-dtjwC zk#;yMEzuu#TNv#<`~TNSjbDLlRlqHL_}e4kteKP^T`zksP%+Ud)11S`k*!In&dy#d z$LKSRY7jFf;GHn?DQ0!|SPeI~V5>UIV2*h87Z9^a7kAWC_$N7?P1ufbKPEnk?QW~aGJC)gpd!pJxmG ztMySLa+fbV7#?R@G}Td*!kj`(Pb=MMSRrqndV8vZpAD#V2@_0i0@{P}icj-cmPCUM zAmr5hG4{?M)q*3-qsw&nTWN?q&^qwsf?MvhjC%7THNIgH^k=nN0-0W#&rdwgQnR z(viuwRuPq;icD2L!g-`h7;FvaHbvs>RteYODEebdO4eqiy4y&)u$^&65KGjdi>+tL zalNs!>#z9h;eKT366sia-MflzkD0`)H8tXg z3QN;<2G(XJ!Unc}uy`cS-g~dH@+sRx#^iu8b5Fvh)&#|thQ77y+HRV2!wuJFy?mU% zQ#7WOmg>mSH?(5QR+9R)%dXhjMZU1XRyQ=X^XRT@j7UMlC}Zt~r3Sa2+rHawT(_Cz z;y<5scieiz5Ql)e=d!SaiU@6%fO{jobr@zyc6b13l(No_~+D)v}bN|}U z&Sd$K-D?X?sy>d&@i@HYU*iKTMS~Rx0^#>|ykk%Y%>_5_&GbrB7bKzlXI_B__RB%~ zF6)!hx4eStUZ4zO`9!#dKad!0@9;QGW-b~KQ>Uau0tN69s-?j_7oz!z7mp90VvDWL z;T4ZBqgQ%rQg5%$hznDgI7DSoy2%FGwy#h-mU6OZtVpTueiG84=)&OlpV+KY33aDz z4K{6&G01+}^DGzzpEo?m`(Yw_<0HjwWlB#}>L`^?k>`P0t*pDJOtS}1on2e52 z){fbx9GYj0^!jstCRFHQiepB)P3g2F@(HI-+k`e5)Qu>7~(HMFFT}B@#n}zsdB#AHHob?yj!FbdJ&LdFa}EsIkhn4 zhX|XfBw3pf3^kk!<(qsr`qEX_>@5~ba zAMrW+kXb%FW*bCG%FDr{yj)@D$5BP(ccNF`{!}{2C5BaXfwiK01Sz?43Na!s*8+6E zlc98l-5!13cf78+UC?XK`iZ9H>AN=H-}18y)L5CR93(;_cwV@~NKH@5@l*IeA5RI) zu0ocQ-Mq+(fefGIVEE7f4l)0n`AiJXeSLa|AH4dz@Fx{g8-yrXV8HJRQ`ilC3c^d5 z^yXg5$Bnpr)JpI_^sZpY+tKFt9z5y;h+@h;l>+B3Qj;B#Z|H2!kwU3VG+B#@y4|5x zs5*%^Vnv#h1+LoQpj+$5MNE70eBCoG{Zus)l#roklO`0&590U=GeMjfZSB95bez?E#8eLJc+I?yv|M!SvwA#Q{t2Nem|2m`hj( zZSXi$8QaDC^Mmdh;%4&+>CFL>a|~r0>`W3)tFMLW=+thgsv5X&z4lm-`CL_L`jfVC z(=I~5Vm`uSC1hpe*OiU-A~mIrwXIDr@vh7p`Bnp^2~qyL>l5mnE<2b_yZ^cy7Z)^T zM!Ua7`_>ijX%}V=R=vCEvI$r{+>#Ps>3tW5(_dJNE75;qD+vIDViY2?A4nFQNk_PA$=u4$o_7)lxu6$FqY5%;(tr>yXr2b&L z5KqQm=9*UXD8$39ozHH(tDi+qg%QV3bY>0;-1!BvSU$2 ziA-c)!CS8{4N>!nH*^NFwUsLHgr-X}!1z8vBJdZcdj z3d?4hM~lQp)IfXajoRzCoU}8xX1O-T+a*Rj(oAhOs?Z?t``J@}c8MuWa&B$^y$AKg z{i`Q$$ryIZ2X!>krA6`F#{oPX=X`RPY|{@-qi3c0Eb5~5m;wu^t>YviZzw5~Xs;7L zog8%>=|;f?6_pnUlE%AhNt-R0dQzISh;t+ zXF>xSoV3V1rrK*)E5sxW=OydIc-zP<@G_Y=w2h|Aej*ieQF$%^d!(+?AT^Fz^W`d& zH2w%X9J^;0wIwKEDWxVOp+&zttVQJ))Dzwf(2%&m6Q zWGH6uttGc2aAv+YTHE4ON!A1vz3~>~N1ORzPa5U|cC<4)taKe#ANuuNJPfI#8b$b* zQ_YJ*cYQC|Zs|DR?iW&X;dPy%;B#lKg$zj{@lKC`$Hu0zDiDKK#`A4QjX!c2J504D zrl&WoZ{kA9MnX`X)3WxRsHX;sTaSH;?l!WH#f5qcisd2i#yOZiQc3hf4QuJpKRv3Q% za-p0L%KTfH)xq}*M0c>kqNlITaZpkW-wVM_@Xb2+hrP@7``Q^@}$cwODTJuC(@qEp`T$9#I1CF+# zg?3X1U*z6G;%|&LqSCN)-bgypX`m^6wTAt5A29|8etA|9r;>cqpn8_;S570AYwsRj z!SU7&DXtqmJD`1g&*Isb;mL02Qi(RWF}aP!(GR`--NtYC?+NvAo&7XBl(VuSI6pDR zW6~M9I|>;p>lCGI=I98Y?{H(@Uw@nBo<6tC*6@lgO|7}?$A6hU~=ajy*#u~ z-Z0AG^hI_d+-bT(UZfq+K$E?=5?aSDrdGM#fyd(v=cax<$2W-6{b37j}Z@QjhCxEE#V& zn1}^5lA}h%B6=Ch&sg)NDFeJ+{{*bB{f7#K@i})?*cv`{aD%5XTE3AJ&TF&OhvW`l z&gJ5`v3W1p2?ssG78?qy-IwrH-#=mgpI4+f*^P(Bs6#u|T3tCaCzo%<{osRjTP&VW z$47dI6CZolBkd!E543_hz z98IfYer}<7D4l?FM9UyMN{4!PpJ@QZ3wg^WY2)5BHkgZkUhB8LTB%#T+H zNn|KpsBqa_Z_e0Y8D8>leAZF6UbdBFz@d05Rae(-&Wi^dBQwYE(0nye`}7t#u*Hvb z$t9X=SA4q*HRz(smJ2q#9@(nhY|+oR;FuFuA5;?AZ#VnPF4wH*^SZ-9RAR=%gcv)x ztb>=KFA*{OD1;}NPyY3#OHweEa^ctuZLRbLl9u|5u_WFmE2%0M_?Ti@XJAD=+^irn z)X3sLPwu~8u_l5-GF9^Aor62V(o8M}T)1641fI%?=EE|H1sPA1?xN8Cijl2j*^npA zo&}WS>hpTxcT9x;d7T4;jova(dM;^$O!b~rr((?X8{I6K|5SXh9tvr~WzD%9oi(1< z-|u!wEq&meosI@dS{sT{6$S1~m~=#EifGL62oDq^WqG%go$aU1JMBU87QR2G9C4F6 zhVHU469F}ci0>$30_w+FCkde6x%wa5)i(Eay*q+r0onyI16Cpym-5_oW?3Xw-aqqs zCJ{6^Bsr%fV$$*8XH6{+A9}daV}-)Qp{A_N3A0`l*-osHZ5pyVKV|41^*StrWwWAe zRQ=+{p;JX|I3$WRRKmL9-zAEUJ2O!eq;*NCGNY%A5)q=jK5J(dxw zN+hZ4W6ZYz#I3T_hrBkHw8#fagXSs);-V0QSZJBz4N+t$s#0yEw`Fv!b>S{MR&V@y z8t6e>Y9O=}n6x7`z<48IA9v&7G?j;IE1AM^)R|G3Db@4Bfp-0T^b*BoZ{%U~h1PS?3m zH3@|gmgsQDLp~w=w+v^0p<;anAn)ME>`-2}`g|5ia1xe@K7{z$X*r(D70EjL>aD2T z@@K2-+IHE80;g=Q0MEXmY`rdgzSYC|%lfqECQWiuQghs|T5(N(Nt-B@Yt@YaKY*E$ z+ZqovfI6?w#N-IwDSt^U8KLjw6_3XEzn&1Kb?)T^kK0I`^{gfr*e_8<*P8kfz7=&O zUS8v0yhN$%`$aA}5Ug`MH~x=&*%2qMuyk{K#NhA0;s)`kT%>V*3(qiQaXYb} zXN;>Ai>*clO_mW0AFoQ)?>1}{#(hs7B(Aej!KReB;t4baFTmZ_J_a6Mq|0OmErMa% z`10??<`!;ib~pNpr+OYs9B=B)r*KRL$dc-Y>8i%yLRy0D*tmk-#2}cgFep&yGO9L; z6MFmgv__@IHP#AGKwnn8NScE*M=N@^Q_c)|pIpHq9?1+=tOWQL-ksw!uF92mAH`+bcmrkmfBA$;V%HWNE2`hhrgt&g0)vCOe@@9Ix)jwIbi z%W^TkR(uyP=b7Z!K*rS#0i{GIf6It@2s>#lBtG~iE#LM{54Pl<8sNC7t935M$?F3- zkvFMUiAvglr95w6Bu{m7N4{=rJvOiu8!2fsaO>Ka=HIN5_5uSJXc+gE1;viUI3dNA z@Fa@_m;R_Mz?45zO;Z8g2KiFb=-Y7%b4Tj7F1ByZclJzIQofxu3}~drojR@)u-~Ym zgs{2jZ;SnH<&sUfJjzzHM)LQc{CU@)5-yLeHS%jYC{@4lMZtoRly5V0uhqN!^2bdu zk;&>QDM?Iu?B|$zh4&=`??+gDabKovd`Z(@v+933k_)TiMI8Y z_ON&_hMV#?jF%eH+9|O|2i4FbxW5sFX5X!muW__={V7Gdo$rKj9|2lrsb!iar3(Rv z#NU~5xVh2A3{Mr)2E*`6_-R7CgFr!3B0XOx4Uxc(XRJpAO~Rs+;$1eQVDqc;qo{?` z8h>A6@pxb5k_e|Hdf07s{^r$>{cCm=QS5-nJ73AL5KpQNynzF{ zU_dF4p5M;y1$Naljyh50`P7G!lE`xu+#ylf>LkNKd?=Bhcmv{i zC&JEd0k;7No8Ok34QF^7(o9_uocnzRD}Hi+bSLk`|s2R?;#AYiHUw&Qv|L|9+(+3)u%Dz32a|lb;n{g1e@fJ*=LT!h za#jb+40325`&B{L-SL&SW*kAhjFmnyEv1!FQCTBSq0P--JEdyc-aDU||1i$Ax* z*{(I{&94&8GD+2(cH+%Wk4>$u1s}DxI8BF=nIRAUjetm=whjlK&Rp`w&W3t%!~x^Y zk2bn(5?lT(d_@Y-E9*pbNH6FNIA4Y2>RLWGl)5X?naa96(qc$+_RO{Geu{<>f*WTd z#HEHF?>DjxtB;{Uy0X4_sT;2#drlz^Pa+W39~Re(dsGjjJ^3qpnwfVrCH~mFI8G6` zDmq~2^I0P0qvZE+{Cv3*8cvb*4rA}OX$ts`*`jgKRbBzS6*3b0y*n^Uo$=7J*V!m9 zNwNXD4P}kA&kek)G}yAXJAFuvXu$tHx?jEn6xC=fL-gDg;QJ64?(2|dWkqysl+Ic| z&LS5pH&^0%)`@X{bd?wxg(tHFkzK#u-;xrh6r5B9sH;_4PbaB)z&t?V3A-u39zoiSR#O?C$m_nTIbl##+jd(Y5rm(?6&w|tcLu2-bcUl zKn8O}w#?P$6tLB~_BL5_9j_C06bQN^t_se?^8eTc+{*zO$l7A~(;eLg$N`HK!&Pq! zu$-A;I~8Zn{Tu1wmZby?*XDBfQP=NKtm=ZYjcR(*Tq zy_tmVTLibpBvC|cdfQ%x>* z(!{Y2fE~&o%>%}26d&%3JX|)i{PGYxzdb4JYV2m#xDZ{5Fj+C|{&gkT>CqcSmgeuF z2P8350A}~Nd5`YcbMsGPvPB9id@O3oI~Z3mTzc38gK-|3h4vPAXrxNtN$WFdmx1h9 zH+uHr>bMFJBOMueQDE1D8fb$t8DYrzqRp&!?a7ajyfAj7q-5>+7-x>=-IC1v$&=3S z*zlj}KwA7Bbp`qc^_h*Ld@3|0FkDpC021-I{%xeL(PLc^3B`x(pzJmhfoa2qMh{S? zNbIl@JP|A->|mZ@B_YsSMsba>2POeQd|Yi|k+~60e10@}-p7f)*W9wT`a^bfX9hKLV5+tGCk8C>^sRmkJj3%DQt^7i| zEFGO(cnMeIbf#E_Ma|s;pn2`lvcW0Sqk0s7z?CfX;gh~kDYIpC`2fQzrMX zR(#h7edq-G^4bhkU#o1u9ln#pC;1}jK3eHm-yP@A^nK@%)@3daN+^M*_ znrxCbaDWN#%065hY%F?ZyZMSEaok7l1a;|9O%X;++Da@muC4eQYG!Eev&rQxovA~S zSMV1Qal(4iDAzr^oYu5IN!q1kT_|RlsNyc}d16QqUU6y*L61qUEfQ|k?1dXwS@l@Z z6|%Gdpbgw?Pt%M~60qnQ{~5I&v@%ln<8}9DKTBwTD$DNro?Np8iPB#Kp-Y(5_@zoZ z(q;9*&uKlYLyH&tKG?~M6*-*M9~M2B}r1T#zR4#E9BB z#&cnAKX&9q2aVtvDJmMHekm1hhX)Wz6}yf*;~T;MJCb_fB5C8Bnw^pK9HHia3`L!9 zbqC`sJWXqxV|M8X{Z~yh<|q69MmH7j(3?%0z`1i#XZm1PeqG&gy8Fr`L36}!b$EQt z-o#fN|G>3Q%nYaBq0=oiig$OOb(C40#Cd1C*OEBHyr3HGG|{E9+8MR}@Pxt>GYyGwUr!eJ zkegT~kyp0atA42@I_mnv-%1MC^p9UXsz-&ksA@QUyc5cw+fel#?rmiDg>?m_%NJSs z^MND-OU7yCp9x(8e_mxy_wUo3tUx$M)Nfpp)BnfsY`?OGev0zkaaDr@P{K1F3jQjC z;6OE+HI5xY%{CF0EOb456j}sKXq*DDbqVH6>Rh+Yv(5{h1EjmUE=B+NWw&8+_w6_~ zjypnlG>#u--pc4pFmk!UH2+tI#Cf->R4In|dC#-~(270%`v%t)J5Q z*-7dl)7APqGQK`A3f7MC0O(&}Fh4Z#t(>|YRSEjjCVz+l}Kn^!!ah2pTffbX0>(Jg2YkS;z z!C^{5wMQv>qGsR5J=wS8 z$GZG?pI_QLj#VU$$A9~o6g(J{vQTxMC&{fSZ?(VstGl-UclQn&yy1=0X{HH&ljC$u_tluXH9UM~r!J?A8Y>>@S@UyX zaILu|CRJ#*oEbCDLenvE7&=QC#HUZE%zth;c4MF*r8Fjzcdis<-`BcBoEK?+b8*>9 ztxRp_>xzGK0ixVuXpyeRf6r%xP)%EjqcG3}0BvFB36VP2|2p=+e*5p>3aKMk6DVBF zwjK0k=^wzFou?trqm$`yIXyO zbopBJ`nbY|zRO!vEDkFcaa($NtMrW0w#0rhy(9F2=>nk59~CU2*i2JWT>6HV#yZq< zA({h=R_f6AQt^E@K9WO2AXWmW9FVWkAV@_Z6`kzPYhUVw*y?E!D+Bfd-iP96;EC!E zVJS#VI@Mrv>m*GtY^;;-{QCC(+#nBUbw|(8z<{Wp;zqNoO-ae4IqJ+3$(7tNTyg{z}f%gTKolMC?}q}NzNTo%MyXQbXF9ZRRHQyI1va`{?ELofGFa_-XXGH z-llyI93?U?JN=jW{{7p`>|G$h)X(I+GfkJJ=!H>(KZm zO+SGTJ5|~VBv$+bD?f_C>SazGvqAbu$`}T^mrdqOb#%~J)1L{e!6oXR(m*|b{dWBo zXZ%{#NTuoJt$xagM|m_K$}o|w=Y>O@`oljE(uATdnegpa7cFtJW#?!R%Mn#=x03EW zi&&P_u+~rH;dm*brceX}k8Wp_{jpGbTzYLKDqO9NXUaC}fFp?0YnsF&#Rdz_s}Z^CJZYbf`?F zR&r}7M7lIsS9)b8jU6*`7QTAIB#U_;Pd(cp1={6fU4>MxC7b?msde0*e|IE`I7jlO zNR}Xw{Fi;R>baoB67JictEC;x!b4_<^wuIxsL^jokBtNvSIuU}UxZncH1@XQ47cLO%M!rs^Z;Vld~`N~E|YoSg4O$#8nQAHgaJQKVW_7&%_pygR4DC5Kc znK}gF_RPyt^^?WA^Bw1Y&!EXLhn&3zFhhPSs~RDxnmL8Yha+de`X{BQM`o-PNaMZ{ z33M#X|3QtTv_L|I zN-oe$dD0J#BC-$2pVf=aMkrXe5}Xdh0>d@!RL|RIE`O{GE3ZCI+I15GV~^!N-xU>j zA@Tj%4lR>^?3M)B2~&ghu{$ z)JaOoBT7h88HCUqSDb_+b?(r+8h4Xc?(-q-{ho@CDuaj7<01|VK2&~5dFc&x>#+&L zg+}&!aP{Sb3-~bL9tIWBZ^kJvJ&JY40pFkkY1b}h%WhklbV*Dp;>rlO z>0PNj6Kj~H;R-$1TUy_82&Qg60P=$CEk2o3F|7Hw5Qw|DtvF8ZDrJkr4g(jG(rX;k zil{pyP{JK9sznRM$*0ohJ9EU>=C0;07{58io2d&8!;6Vdc%l|OKH#GlQwjqgU9gK7 z*dDQ+dEo(cwnj_?x`LYEHuo*Q55X5-n8yT~r4!)O$>$CDZY%3D+Fy|)UA{D^cfS-E z;i0#E5Z9L}To(dsNZdQ*t)W%-Ln>PzJnWVYj%7@NKdSNp;?;#)pU>D6UiHPzV7)y-$8%iERzQWxACUZ2NM>%CqAf`mOLfni{)1ceOE z-;8X&P>Up&%NU;&J2ecVgGjm8n@U-P_G!Qpd$g|*B^Q%i)HbuBS zB?<>FZ}a?9PCP#tEdxCN_lN}cLEOr^i2S>@{|A978qAg|M~I+f@V9+?rVuZl7#_cP z>HS%74(%{Z@VN2h$=3J^@C`)3L8j1gFf9<(2Hdjv zIiSZTDKd47n3H$o3H79V(9mTK(02X$e7oGGc>F$?2(3gX^hzU9`tGm#sQM_O>#t?^ zUBq|8b`eEUwDqR7HcAL314tXcxYSvHvnbEPt(1}&ZwfHfSCDlz!|Hro;i~hTm?qXG z{|G7aH6|idqa<(P9j?~tCcbz0NdKHo6?>Ctu>F8r_KzT~W?=Ny4Lgn-2+;t2jcG#9qx`8s6AlT1TU);$ z#-eVSYd!KDK&CdmP!o)5^3{YV5!6wq9Hhv!p2zG(xEaf5&{S0MSm=|k49OZj$8|RJ z*r;<5RW0OptY4u$gIQ(^6);k6YN*k}f9Es~YjBhj9$Sf1z&G%)nl#U~f+fz_Nm6L| zfoahuesGtAVcev`LT5X3s9~IL-^2%e0q~`~+AuhQ8=0!4+*qI9O=E01SO2c0@j!Kn zatzEMg-ZC7Pn&$KE3zLRvF<%r&Z+0Mq{+6~@gAr%dt_ZVcXK{ad+>#tR1xh`QOBNZ z{VQ|uNI(*`G3a=m&)>bnk^W3Y|c=DuUYJ8!ndH76)@zgT8TVAqePa z6GP&>Ffh&XazPS>T_$i|MD9|_Ea5_i4>CPic}_JsEk)IP(PE*G!>GvE`O-dnG)zX> zp2ild>C(~~Gfy~3TQ@kQFK3Ahy)b&5EftZ*Yr}l{NVrS=b!K$FLzD`@VsnjH`cEPF zbvvZYMA&JIj)8$xgO=*cT)`KEon|JuU%S2m^rDv$|H%LMm!<g(Zx_Y!gA;nLbyzpAhnebB;EIeyftaB=9&rc%f;2%9IAik`XzhD-&?2RK}c zvodhFlG@rO?nPsd02&CxmX?}^LY{AWZJ#26B778-XN-7w*W=L<# zOu#&?yFDouVHO(pH&s7_czhfSC(G168Cn!S@4y@t=LdStOSve#mZArlRuMD`EzY09 zmIqAsSy*mQhh3nJzi52kbfWNTlJ_U;+ft*2#vhq9JDWnZaSi&^x#tyLU&k<5P;(AzC z4cnSJe;+P}0|91ZD_R2lkdMj=hs3CvkPkEldsk{#VcaR?Y_XbySW$rTTy($nV|?N9 zK^EF8mZZoDj+q``vO?zyxX>SKlE^1JzPc-bt{^-$$tDVO;qavA56+=RzMndKn59)> z^sbTQ5;-3wB1Bx^s?AVrpHKM@{PT6ETh3VW8(n0A{Gryr@p=L!^7JZQ_;>hAc;q=j<(dM%S>z%Q%9BG1E4wJ$;+wE0IrzsMoyfub%4!Y=XmS-U1rlb{?7lvMDDz zz0vx)7cJ;;JZ1S6^s8Ws<1omj+T5KuqJ4BQ0`sK~fEVGaa8cZVFKpH9gH@rP51~AB zm>F&s{!bhHbDm(FX(yrC&G|i>Z|7U|fM3fG6h&o)<89%L?A65gd9II^xFs3YWJdPQ z$9Z!QuY7t=a2pt1VxSOON@Cm*8Ro(u!hzT(v61A&isUmIKXM2gmAQd{Q#NlE)K=%Xg=JCP~K=Ng2Xu~0f>ulB~ zHRSvfNf5?Nd*XfFXO6+llXbk&AoA*I%TfOxr4;Cnul{oD=a7ze8eH@W)HtE%CegZD z8gIAP2L^QkKuR~10m>yK#X3NN4MA$5lulS`G!sSM>SJY)j}N zT(4OoD3;LqqQa-gYJw3>5s(~=`$vXiE5-w)STmu8cQe&H&33#=hetwu&W3@bNi@@? z!nB@tTcBk4J5Gq<_M&mFRcD@4C2$K!NY_nd-*W4eS_*G`{62fQDTvpG#GH}q=wL49 z>GRu@3dibt&3F~}lH+EQ@Y9#PbJ1ODk0E>h?`)NjXG*dv0~}0pHPmkV_kX<+y+(TE zazpF;oTD}%Ti(lUNlg$X0VsvgZG};oqKusDfd0+9V{SgVXjxeFyp7e^$%zx=oK=ZsT z*ZFawJ#0v6Fae8j(fuVw>X@GB`&NxMXOG9` zXJKF@+rnx&Qn3zG3Q51V=4M$zV7}MSjgvD~OixdnkfOG}zakqS;P~X9q5{P!f(yC` zsc!r9hgC1_Yb$;#O_=7ehTL?wV#5QxJ^arv$Oyn(F677U-HARb(hI!^&oD6YGI~@1 z)N!{7Ry;4US1meoK6x{1?fLl(CI571%R?}nATxx-XYoVxH z)LrY4ew^mL51KaKe&@E`wog!#v70wxa|b#|XVzN3QL1vmi8!O6%Kp7@f_5||di7J4{1S6+uocC2d^*ivptF?qzG*~5-ZMe{ifBYaSR7p~W zYZ#c!Gx{s4Epa~z?eXXwrH1P@L)u$tqn2SVue^YZRog|tw+k2*!g)rb%ZcY;q&PgW}L zRiidvXM-POYRLPCVK=;esI4FTmY+%UW7?k%nZB)5&pbh(LK3Z;DiI%+k9#D#{0cC} zcHWv?1LyU7Pg$=uXm7-;z!7#d++4EQqqyuO+2^5 zEI?H@#tK=y-_ZhlD$wJIQK{|Qk1o)op*zCCHb{+c(ZU`YX?q_5x8v|4<5<#8@sfY8 zH%>jKm*k({|9<7E0Lpb=I-A?1TKmF37}r1X%`!>I@$$4natEl5`$k-eS8tq(SjeSQ zbyE#KP58frBq13hG2hQss5s~^vj4{YmBNswc!cKeNRj@8J*LiiI&Gjd19>r<0XY3C`-isS|_8oghPY~Yvne@fY! z6#~iwSW4@G96XOW<3>n%+5F5guZ4+WapZ|htWSvj;^@XD@0W&Hj|X3HwqAe18u_Lf zXYRmWYgRQIsk-ogohA%3L5rV$_8xAZ;(sOWgSu!ar|sUcfo>6JmXr^Oei)&BK;Q~^ z(e+Po$_~U*^$(qj2=f$!R=9DBH@IBLYT|O6*JI_mT#D~}Ld6Liq3_rU{*$50?pOH! zMjc+8hJ!G3J==Ui0=2tP4adn9V6IUH>=~LaDK~6Be_(j{g;1QIhVH|KGSf+<(0t=syuvcascYx3?RI{BaL5!bxt9zlQZ+^p~qoc9dRJ3SPm} z^FCkp#OZS2bBdo_sG%U1$an6*$6s(qg|8v;@&~}j#|ff9r88ATrX_T5s8ayzrqr<( zMWE2`48!=yjeY|S^M2f3`@aJ8c1&MCgX^Dkd??RyzlZCUAEy(XubND#eA+*tT}j&V4=w1;wAv)de0rou!Z3R1qW9WR;I4 zspBp+m#R0zj`P6`eMoF;~z z!B{7wUrKV}=K~%q?}5nwzGRx=?NNmIff<3s-kv$vuETNE%h%CEV=~=Q0e3gedz*mD zDULXWt1ki-IBb6wLOu>+KR02-<$@Sb1>2wiIyT8m*zv@`^ZLf_-n_M`2uOgIro>+V zducOhh3mj_$-C`LfS`%*eU04qSRCd$jEj&&2SBR^Pxs6N(@F=nXR=A&bjTh;Fq#Pj zM6UGJJ4!?;t)q=v)-xV$6!Erx!J_uP(}b`#826i+9WJ&#u~o}?e&7G&?7QQs{@?d= zBD0PpDxwm~j)?5EWbcug?3q#7PJ-oy9($M2sW z#);$kx}W#BuIs*Uym8`@$ci+Wf}(6!(6rfK|4Z=LZd2$s`P#BqjS8j#XmjB_bk%>N zub0Pl#UT-S4$Ilw?wdx-CzZB<38TX za2Ug$*M7vA!T_gK`~oyg0r}D6ZN@WVSI?9xhlJqaTocx0iMXLi>W~b|q+g-p;eu|@ zdWk~2o`S+W?8Z`i&-y)#sQ%wa^~dVwL%=(3`zLVhahnZLRp$w^-85<%zJ3TldFg8n ztNbBozWRgOl1%hS>Oy$Yp}C5i;^KA`!b@f;<&9Vk+_X7v2%M9cHd4J9qmFN9aPLF& z%wI+oylUT+tkP8UF+ZG@hiO?qV&;~VsQQ>#GizDr3uZmzkUdJ*nm?m1qM-2@Bm~#W zoB;_~5>9{}LN>l)+GUV7R7YE3p*2v?@2i*a5I6P zr|l4JJkz3#SI%USa%`Mohz&+ORK(zl)F|G4{byRp;J!!6e_FmhcFV20lT3``|J*1C z#mffVV+=OENA#X%u(3{d3^c0wnP|2#eJBbPIRMN;!+LAr>_9?%`OhEr?rajck<|d` zKo16c!P7)7j(H#wl+~R&&ZUL(TxU42>`+8BjJ*%Jp6G#(T2U~eP)crhLZLUG`VkO} zV$ekpjHUn~33$QsNadPGTKyTUf1W+E*64|^U7}%mz}>3*?()Q!4p$;+3_8oN9IMls z*-5`~wtaIqmpl~ZnGeJjHuEMmVl^@sMgj7CIZ#pW#4-9d-Iqz^MgvYIAL>x#YaL!S z4rO(V9;u)}Q^+KzvpGuipc7MmfO~}UV;Zw5F6#bco&UoDg0Caeft&pJfpr+!uH*aP zOCKr6{`B%R`gq;+P~4b!aoelq_ZaF@r+*q^s))UX>sshPg|^JZr8&&kRI?Ht(n5JP zpEi_g{1+F9=<^v_6Xwz=?P8{`fDPk3h2U{P##gcw^p$6I_C!%)v**rc>X|5 zH20@*(#<HvSAE!e{ttg!bxlMFl>`VU_^1$mM5=29)?B+BoO< zi+#}x=y9`|P5$Knox~m=RbYf})T%H3C3M?|*v3HGu@c5Y*4fb*lXeWqbN}#eU=q<8 zk(z!<@SYO)k^WDyCR%{BWlEMWjy(1S74b$`|iQpg-Q!15`kbpcAg`^7HJ zYAkrQ;sSd`ijd^zag5>r3Y5Qoq=O+YF;iduk<`GaD->A+CYEL2dM+pWo_q_{-*m^R z{!>E+sMJd-%K(ZcngJfZ)C%CbtF*KL*2~e5&R;eeZj9sYA}KB4R4JlnY1l-{(Z2(w zZbqJ-4dyi<<>U{I%#1gUj*Y_=CeJ#}J%bL<=U|5Tf%M*~!}96!WJVJ8r&NiJ`))cx z3)mZN1sVVLVnRXyW#|7?&`n3zmOY0-V%bYJ|GSxPeAdXuVb)TBR3xPxD<|i~{!9S~A=%O8Q$nZx` zquKJonG{UPlXPh2{q8KLaWFuSXzj}i7{Qp!K@#knUXvSwe6gYHVCTm$M89srTq?tq=W|#PiE*YSZGoE7dq?=vNH|(M6$+PUe&Y2dP@;XCk?QHU; z$ZuNAEo}Xeh@RWQw>zYFy(#RJmeF!Flftd9%jB`RtA{aZX*shRhjvNA3l~#^Hx1FSi_v)Q7%Y|Ehd`2)1_v{!S%1aA zOqOxdVPeSwUC*2emJS3>2{)DXXB8iZHFKReebN>3DmM-_X2mbfpF_Djiz>|yO!9g$EpWct42)f)e__`lRb zT=o#yysSQx{rfc@y#xn5!#Q6q1OyR_TV*~+klQ3;gkqx|+8V9QXX39PQi~hwA@n|m z`>*QaV*P}ob+E16ckc0d?mqL-qnb%K@P$-|;@ha-zKK)nDBwGaW|BB)bKO<#}k!M3QSl=Yal9a)hi$+TB})a2N+I%eBY$`!twCKw;ltr zwq-TKw&I7xhE5}DNX^a`G|(B9^H<9S*DSh8a2&HE-JEg`vz>GEeRXV>ad04CzWRuf z)$G9}!Fu9Iwv?c0(iN`7gnM|C)cf&rFw5*$PU6O?{VN;5UI(Gu;8B_f=u`f!hQhZe zy&I$xsPxHUa_y-?c{cZH_0=NUXC8+MtOm-NMY{ms{B?JP$T_)a1;wx{22v$&nSEUG zHHfjSk1#!}f60U#l}i>8s68#;ks(Xw_x2|JV`bSe>{BqJ`23!??s?^j4#mPjdq-Q1 z+_0W_YJ58KABC;#6JdN4rA|srJ~Zi9jF`!V z4bqs2@cc4*dY^kQ6`ZZlm4ptcgAvc^Sz<3GYt7xWVVEz3G4H92nWd6Z~Td?x%o10LXyU?>z_NG%t^O{Njv(Krl#?Z)3wXuN33P0;+xQcmHC;f_Qo-QG>JfYH)Zij$1B2 z!$fK?H@0CW$Lb+aD1Ga}uaRd50&2oySv9%Bab|ct-FClL;Xg=k6iq>M>fItj zD4r`t3@wS+Sx9P|EPEP%!{@cNrBv|y_#2l^88Ho04~Qbqr3KO6eypikl4QEdcK~5T z4P!^A1*P5peRF@O3dbbC4h^P{sQfFk?L!n3WOH8pT>EBQe(|QRM$oae4Xs00Ve@jq z+(1Z-dnluDSsC}8LMpRzb=Q5*cTeajzKAP*`<2EU-oV?CILrA)vu1IoYBhD`zC(o6 z5Y~P_Cfdv%T!*~_(ya3GU(ViGn2sAeEz&mf?&$l(nV@R&LYJ-Jw}xNe&MX`}&SUnZ zH1~o+qV%!-7ggprD!%nilO_A&&VA#Io*1fR)oH|-K00VaxD4YJT^@iXil6;+ zw}(Vbo@yuFh$p7~oblSOBR$1Jgx@^3KOQs51ucYl8q{dZUvP_;^5TPVp&S_WwK&ZY z<)S%M=iTccY#Pv+F*SKwj?-E?@ZFIb#8d2(hdCT>1r=h#S0!kgGrg%R!U9f~A2@=w z0e-n5Z(+w)hnYmpA#*vl*Tpww7lzTG^xD#p7Cq;iMMOfkh8~K0j|6vDH56qE-+GxDaSa&X zoawW!e+e@GI7Yog5OW&e``Yi3;<{Xi16+SZM6Z$KA#cZV#E!JD#2U$4@t{Jj)YCL> z>}3a`|DS+^cB5~gn5n>c#o;9rd=%;f`T6&F{+Bt?M21QX*i^n2|3#|ih@Nc1B#X_8 zvg3V+$Xd)Sfo-KB&DE1f%?A1$Wv-L0!li~=D!$9jR}lKmVJ0bke+i;b55(=_^9n|?Q9~a)LQkM}C|hWhGgkR64!5wzmWd>n$tHV`{uIxK z5Ht6V*307?zLWFDi0<}XBoF8_8t}q0P69kk-yHz$D zx?XhQ3I7MIBnb}Exz$RZ6nAU>>HvoHP_(z>!B;5c0HLp^mAH5l1%|iKhRl^;q&uGY zG<;4yO(gUq{4E&!B0==H&KuK529^8?Eewt-it=C5QnYD@IqQe_A5;`D#F|d1WbE5S zl@()^Yu!iC;Ljwi2Ltc5AkM1*4mIwpQE-nVpnXCGmneO00D|Y zqmk_#xO8fk6^bX!Ghkzt*X(6-ZVpb}b~Tm_rtYl1-TA1xk+a2hBLm|n@x z%9uq~v?8B*(BYMdk2?9b!Z7a77FeI5=E4QWMpwl&dh&x`Qw=>9@xcVJ$tI8mj$a$tun~vwJOX*7h0ZEjctoBi^~ht!^Zs0R z8OIh$`pUW(c2>%T8(dl+vNs56fPdk(uCn*^ARwS4<3aj=y5L5o9BZgXY;S*G^1-T% z8vAO|lytO^ek=ddUN%CNs^v<*01+eROTB})QQ7+8ofKRuvHOSk6@rLhI1yQq{CEKM^x8k ztz19r32mklF8XDxYBN4X) z?iRwfOVw`oUjQ}wm9m^qHc@TN2&F&!@(nRhL3L9}e*JI~_h@rT>!|YeV0-QC9j)3Z zgT{PLNiEwH7X8*_k@coF);^6x=6hWF|GA175PU?w++%i1)@v~->ZlJ} zTu$*=*S9ki9tRM_$nSn8L`6S-FRF`2|!_BJNo#t`LH z&a{`*gU16J2l%$I@PDEBP!z+b))p%yue+0B8h$ejW;xi4_J=oikP!p>`F9|rF0nAb#Me4rKO%> zn3c+Ce~4ALZF{wQ?3L_NH)ljQ18DhO`Vyu@EZ+0>Mh6s*Buu`Z9^M$8e($;vG#=yU zzPYiZ=7}7SJ4u(LK>2@< zLq@UFPWbA&Po$gF$i&an4-KaYB!0$KFM^Yk=^-%dhAbU;WGbd{eYB2j*gi{ z^Wjg{OmSmWU!62DLL~sblj6rm?(`nbn^j`Ha~9Urjq<`&2h2ealWxw6p>nmey}}n= ztA+(_$EZnv9AxQortKth(G+t|zOCWv^=rzZHqM{?dZ>Wfb4Og+x6uMAfx~z8^|9cy z$N64y*)7iUM`$)ly_nVqp+I?qv4DCIY z4WiNd;*~;Iwru{p@0hoT^JWrIl~1pGg^XgL zp@KAG!uh(Z1a*rD`mO70Nt(gFaJDuk3NsOV6(g+U;d+5?78PRc-&*~kmd})mT;hhz z!WE%GePTpeA)VzE$HQO?P11Ij8;rj#@1Qd)w{v{;?&S!LM*cdF3wryHp-_kt9*&#q*EXi;dYtj{R`I#Xxl+Ye(@Pc> zwKYq6a^_Ncfa|i8%EAX8t=kxEB$S2LJ>!rb(orfHd_yX9&i*ec+QTWmxZL~QkniRiMdJgXC1mlkF%1g>P=Qp^ ziwNVVl$S(5S`NRl38Utw;l!6_wb>dw>9`zk(J{DGJ3KNK0V~L7jM_pC2@Z`a-%>cL zKNeiJPpf_Hf&08ccTj%wwNzoJFqHn7M$M{J=X=hK8Lz<|()Dld>rL^@qeTA>Z~wDc z^m9ms1rLY3!x5!_i-U61pE<4lim156ndoELk~oan7_ z&qvk4xNui9!?Y(2QAXa?6F5LB0Wn9<>DNQ$oV*@T|Aw*8SKcnfYTrwY!KN7&6tss3JlzIPyk&qJb z);x)?LNbNlqX9EJj-WcqAF6cz)0X~ND#as4fx50Y6uC3fsLJmY-KC4yj5#hO7ZDyY z%8(IqS~@2XVyDF<8_JdJzz-97|CKuYIa`~zkiYq~-{tuCYtSAD*w${-cFyrLBGWC9 z9SQ)2MH709R*|9Kg#`-&3X1HuB~wb&qZdX3{%Q$z-t!S0y&>0V66`0jE#h2$ViFrF zj^j7qPns+|xv(%}Nh;HRGX2!N21?ktZsdw~$*;<$(F+ulQwNXW3Y|mLYm3hp728}S z8%ui4rIK*lw-JA?apS!wyKWHtf{uS4LR;D{wscA-NFzVRJ>7f zb&>!6w#Ns25|;3hn>u+ZmpLBhgQK*{I&_X2^?`JAA>N`0;$DU;T5==y$S#SPN@PQy zTPNF=q=5e-MRP=6Hi6|54z9XzYoZ;y$5HPLD$&P$VddMIjxTTT#g7Wgad0a<$bE!1 zCRmAL4_VB!oFtXwco}R{F~PMf9k4+mWurqTnZQu<6BHRpHLl>zasDz`MQ}hw$QWSptAtHY$ne@ow94J2+@hjWe?{;@ z`cmr0W!GlK=dGbSBzFI4WU7_QR_2+8zU(ek>IvPF_2WhIs^3yZ%Wa}+4)Sy{^}V+Y z*xc0Jshts)|G)BH%$cggQaQV+S>dRExl};ci71sX)}qMw-UAlrD=K<-t8G6y(|5JLMyaSx?Xj<^?0m!hlD24;&dyI7l4)BZBF0mOmQZHKE4rc@waw zpq?bPOGNlLI0JhhOwXNs(50TUCGcEIGbOnBa=C7{&kT+7dC){<@5GB9nxsASpP2&f zdB_wPcwzU^zuW*IHNQ=$;q?$^jpxVcq$-V_~lS%5$2Zt6P-$c zfqE~kjJ-1)myJ2cnE`8_JDkx@MEsbN`DtMLSNhAvPU6qbUV{<77Ivx4gT1}1<@&Q_ zF=V_ATD?{CEqVg?Y(hE;0=D;vN52mc?F})jD|5Jta<>znz)&l%3 z>nNkZH%8gM8%H2M)M@x4yAr=sB5AKWRb!RDjWL(SH#c#DT@J= z4T?&Xizf=yoqpYaoKGcVu%UKgv*#h!9x+G5MDe4vhrOa-?UbvlD>uM->)Sl%nI?Ty z$=A}L9yNn{R8jY9F2C0IN5)lufW_Ro)x5clyq_PxLjW2(ed5p!qbryreU5Oy>?F&P zudTo;RK%uPNqpq~oBZ`eoDWze{_>>?Uu1hH=9^B{-QL!7#KSx8g?iF#T=S@iavr97 z(y29#ch3tVI@wsV<}8XLGZ`ED-t^9O=Jy{r*%k|3f4}AL;4)}%o7`mkt9>MHis3&_ zX7|%W6p*Njzn0!ZRT&CoP_m=_kaV{{g=s$31R<)Ks5Cm7HRP8>qpms)XE_gZ{O;dr zh_5pkz#5X#O+Wj=wS~J^HlB`6zWeL>5?O8eqh`q7FLcFKxaWrMK!jxU2M$ixhYSpe z92dA#xH;6Fkih}^e4BUZ_m9kKS#!L?t<@i~uL=nV4pxOx@&6+?deS zsxuL?5dc!KpdR=}1^iM4t6XV6_k2D^KV{pb+7Vakj+fpF>u$r}e)v}XL~mx@vu`>q z4MOc*y=}MN(&5uGwcMZZ#8htKzJ#KJuY#VF1KC;z>$h`78(b_EpPlvGc&O}3X<&u- zfFNA-m{GZ0w$B_r1&nr;_&)q!iZvS#$e|92-6g>p=3kR7bQ!)=$we9u z!pcS1=YK^DeW@(Y{n;1p_+8YTZDYxTLIn&v%`B!zuv zAtY~&gP*6DYo{08Qz&d0K7E2?+4ur{OD`EQcaqbuIJn;I1iKbLw+E~)2-p1Pf&~+E z9))!{x6^U2HGR2bI$4-V$CtddBlE2JVrouH#d8A9l8pM>grq87JKzkNlkMC5V4iy3iqEyNeTHGI@~$7q9G0S^-|?O%jj#@CdwzL z)FM(x(sj3#ot&IHV$?X~{64P7xIVlw)=gX6#QyLHAME@bOAQ?Ot1bV2BDk+{d18Ry zugodf#Qd+11<)84d998!grdZ}G1$^7kB;gF`Y58JKZNt7T5*SB58>Nf z)ai?^C$7boFTcRV6qX0ofj<}Wn5mBauZln~M?8Rx$Pq)|Pfp%w<_yuVl5Rf*g~WMO z+b0Lx{G~U)dOJw3oIPJjh?Qz%rcY);0utDn|IV?C*{gPw3&38V1`I3VafCpG|DI0D z#%?+hHzwQ8x807bB3uq%UOR(9;o6&@Y8GeIhbk~AhdK_?4itPmYM}Ec>DFtBe7DfR zQrXa0(ra&|f?DD+ypw9KHj^nu67*!gNHrnW`VzoG7YDQM2W_t8xd*I1NO*a_sU|)< z`?}lDsY@O7$fOG98$L1qJ6i!Uu2yR9JMP=s9D^&0x-^3iwDZ|shE$JHIj($Cdz+al zx4m7lbMwB1^A(?H{w?(S#v!_(svB}5$}hz1F6rK6^WEFgV?E0i2$Ohw)GZzyC=_hc z+UB`?nXV3&MJq^Yu#oC1qp}VL~oadXGm0R7I)XTXhhyI7Ye{*!e5mN|MFi z-Xp~JgXOFhvdu@?l_hE17yGz>E}ZG;yLwxiHHPBzxpyHvjLVbOYK-_&wt<}2aXyb< zOHWr7BH4Sd@Jy*gK~K1@l+ph02?=SisK{uWJ#CaabC$^@_=uW;83PVzi}Yhp-g-%3 zHCVZ#u6x~=j$Pq! zoT7b(@>Us@iHN&SnuYtys5t9k6A=^cy+pQut_*hWh@O1n9`cX|HZHDqp-Oj83y@(n z^vYOoAu0srPg!Ef$R5JPT%_!ulSkhsBx&~=EkbG<)=adu5rkjPsO|N7sT`)n>=Oh) zoU>DHI~Lo}yMns?V74~1)poS0Y$K(lVp}lI#S-wi-G4fn9I;rly=gsgzPT>#hKoF0@#Gv>{Y8O*>o%_ zNx&cphFJ=g`*jP{@7T*<>j0d zY()Q6)quT^Spt|#f;?<Y7~0%)2k0pJMImi8i+Z=(5*V+nUun%n&Cs5Ihle z9hadWdr0qMcJ0*@8~TwqV(4^4PlZ(8j<%V>E@;uOiF}DILe-UqR{A#ej_ri}J3WP=i^{DcD;dU1dmsqyvKMSr7Uc}bwLz;Lq##uehck* z4TI(L7M7I7m-580NL8{hCd;{fpTqZpL&ZfekD~5k2BAB%S2bv7Sa&uvMMIDe<^lvC z%nEtDAqZ#Yy!krQb$lacbE{u)bz~uk)%PPQ@?h{0!Uw_&{D=PT{QuZL&cGt!85QN+ z-D~YA*LzH93HZdq2=|pnnbQ8;PR@BRiEFJu*Ke8DEF2?Vg!bi^IOgs$25QRbvNt0` z**yrpXVk!n^YF9s3ur=y)rYgKu$%RCJU{JE3EMv6y|II3KnI6zsXjW1E%;rXO2uk|tk!4BT~x-`-p7xW2vRw_G*V)V4m}a97NNes+jcQuxP8-E zj@=I=PT`pfm#@U?p6cp6S3_#v9;0|?i_t;n6yNViFeGo4K&b)+z8d2JDciT1Rb6_R zY-%5Lw!Ag$d7D-)!7lbNelgOUKL=Za9{=JIF3M^%T5Y*LG~ze`gL{~~>DhaOuh;fX z1jJrJ=OXghLq@lT0YibxG#jo$+bplQh8j+&_yLrG`ud?CK>!GY0QL*gTf{nEb$QWO z;=U6gYc*KDSUX1uD{C${2yLuw%lSm`ntQq|j#7`%aJp+)j0Rkn^WZ3J=bMJ zPS(da_HmS*j>R7kP-Htev%=Li^G<={o9O=IxckM%fQI7hwoLqi!!4EU179POQaUOP z^2jxI?K^|2MMQmPa@Jy^+;GQc>%jw#;GYK9i;BrQCD4Y5^-&qyixryb1z43NVUdL; z6}IC)%Ln}p*w!=?)q|PRM8QuLfcG?Boq&e;hEuPBaR=f(1=vs^xcIurEWcEd$VPKre;U>d@=d%T1q7_fPPQsPOCQOf$>h5fa~j~Y$Q<$< z=(_HOhSLW$!lYA_$1Gxt+#kLnq2DR}c`w${%^~C?Q$n&t6J0O!eps{+o%A$hZhZ*3 zu)sPPP*o%QPHb^~@s8m}4(C+bwkVRJ#iiwLB*tR@1c`rqbOs7e|Sn6lSLG%}8znFwZ}EAMl0`kGF8c&j$7gwJJU%vFz7J$nMPE zQfN%{8x4JNT-fZ1%Z}-W*V)~>Q>ZyaU6MU=-933-cUGP42xfEYq_CcF7x6BBnKx8< zPE-TL!9`O`8kjY~aQeI0!of@|*S(e2CKQDM7@5ewIwwlsg1ohh>FKRIFfNwqYv<`a zTooa~;u+A-(c-wAIDJ`#rKi~uGvb*V?Cr>Dw|0gU+Kv#p+kD2&~ zIQ#wcb@&v`gAXdh+VV786={I-rnSUDOFd1d!ml(`X27TjZk7E#BctM*{l=H=1jcZP zCORGMBcfEv{~XtMD^D35PTDQ9`=7GYunC9W1*~*a7kGAEI#3(HRKtR=jAAA5=xtE0 z#`U8vmJyS88Xu8skbg6n_c`Z&4u?Qo3e@E9Dno$qVKlxi!4{lT7~j1#3mI>J4JGEn zf^(`j00h!Rzo)WKJ2)eJzsGq7WNvyKcr&L@26=0zoQG;6ufS-^C<`_A&b&afc`I7( zn3I$9+xPFTZLRNYe|IqbQJmmrU0?q?`;qkWM)jD{dI|lGd}oFZ$IiU3s9##2OPGK` zvCC?&Zh-fcYW;#kZ$eqT5!Av1V9=sxz6C*Q~pcKy9`H5lezS^0fQPaXggw;huO+0;Y2)_x-!BGB0fNj(0r4gE|Db@( z?KFb$iiJFC(Z^-1mN71?graUgnBam8m){|dc1oh&w}hz;q3EZ_WWml1p~3M0h@eD)K@ zQD3Lv2PZS0a$BV~mEtj@Kx@~{QKi(!__#(1al;GVqy*uDnYFWI5hloYQ6i3|7E<2I zJBFw9RDX+>WFu zXM?7X5YqK*^ai@HM=Hh8GYF6q1?W!K z`9}|ksMPyL>vB|i7L~D)V4rSQEE-eT)p_4eS+us0qyRf*OBSnFJ$!7f_@T=W+U_i_ z2A1?TX6)@D1;KO2t){03^1ing?puC|^JuiF#{xl$S{-jlbg+U4BHl|)vjT~V*qqi* zTBYGT3#M#l`MO@6Uczngg35^Q)0AOGrSZuEqOX&^jKVq6>B5|M^DVR}XR+QBKazR= zL+zqszr7@TtZC#B>%RUR!+iq&_no#MpbVqBtWtEY4el@<;34uw(x=1knGdW41Lr;>1b!X<)rHFC!-n)a{wjD#8SpwN20u8%TiHD~e zT)>wdXv|K=x1>=y#eG^OL%T#Ic|rJmgBGiczTzX7rP+wblc>kI^8b%5{@n&|VAcrS zlo`W0u)llZhhjq@Uzk4K9+_Hs2c$<9if->E9LhKZlqo95G^IW6V}EiQ+v{Nc0Pfkx zs^$1U`m6AroHn3QAkt586~LZBccyFCeQCext0*4A-rb}4kis)-s{!f3X(_Gz4SSxk z!avRnS22~jx>B6vSIU2TH9Sw{7xo>&jQ8rI%K~--bY>X@-^@^jAVG$|WS9u6 z$y(7PnZY|swzvzNt$%tosPCF8+_2dh<;-2<{Kn$;3B~~CR~Ot2>^;!bL?9Th+fE}{ z?f?igo8vqsD@c69&^T^7d(vzXBo(l!>#m@M_x<}qtGoafxAdnaJq`5;!R?s5k0 z`uZgvUNgmysUzzXgvKL)%cNw@3Flp{_Mw~5xTbgzd!&r`ZaE;9&a_X}smMMp{*?a$ zMipjg5MqLKnVgsjO7=LO?O+MH6k*WFiMf)CcPF zvz6|}B)qF9_!^2&*<*)q4^g53`}O}qZ&uD#C#T8;@-j*jCQOYGdDf;h_PTBTiH>P3 zCgbV2+Z$P`SUs1Pxb6>?|Hy0^-SV#xDkG75wEAP!gBlog{(B0QK&aBY@<_^W3^3<^ z{Ej%<9ylykzv9mNluQ7O8JSEHCtx$m6j5$|p46SX;v0OWv$fP`jXqE~^mWHOGj4oD z-H0B3vH#Iy#M$AS;jF=T4&uDu-|zqLuMLrcc6I#wUS7iHxd(7+tvrxf67#)$_zGQ~ zGinPdSVs=a1$BQ0SK&lHoU;@|cO&-CJ;tcWpKrwG)P~WcZjfwFSLNVv63%F?s}HLg zKH-o9^zq+de0%$De^1nVGP^TFhY|btH&nWmsd#kHf778;pt*)Ebwh6qO|QSS{iPLU zc21y9O_dQpB1zyf#!0iC!ZCu-JQt|$E*V8_g33tmeuD*3G?cz9mSk9Edxe=J`P+0> zTXjf}i3WQ$IBhp6d>bYKS!(^aK9-GD2EX!2VOwx6Tp{R^np*Irst38_AlqeY{pObm3JFV#*zO%%)h%)?3rdILPp!! z_n>$Wol4&sJ;Kmls^40G)VbHthoaf*-bv|b)hJZZ{^1Q#p(0MYk(*iqLb1C~x*M zVj43~#I0yTeUU@bo~IKGotS;)&bn7zpugrOhQQY7{p~G?ah;wk@^&*H9`)=$fUEke z5A$m%vvyOTQ2rowXVXvv#!yvv3vUHYVsyfh+d%@YDhMDqCV4#|Lz!IWV23?Up?(>f z(GKJ`MPlODa%gLF;GxVtZyTV&6&|I|OCYw;R={kS&L~Tu@e9#ikERv5KgmNGO>4Bh z91;_vOa4$E8Erx!ik07jnbeH>IIG{cshY0eHnsnZQ6q-2H61uPi z!@2A@XckFELN3*Q*);2jUD4s6DcgrLDJ;a~v%Z z4czbL>wf3k7yU6#Va}b!9fpR!1!|6c*f_A~KM$XQ0n=q4-ixqMmyDgheMXGV@zh7r7-@ejuyjsejY0X$f_6_O;e)(2 zZ9_&Ee!52qKJ?PqzG*RSfn7RTm|;8f{D`FHj@s@;a1>9!xMlm>e67)6 z`f7(O!VGBg^z@G&1T=M^T!c81N9Adl@9|Hon^dKgY;Cr?O%hvXbEvj~{b;z-cEm#D zM&%b3-ykrx@}agy7{~@|G}c#jH#Mm;yO}PK1}Aey31r`}m8DxEO5W$LyFNANdLz2K zsDoiL?my+gVn?7`V`>j4B8Fy1j8Y5Uy%aZQ_1;)vm6*0E-M_NVNJVV2R7~*`Pc~vx3p|#|*IuE`L4vhhZMnRv>wX6%9rLHh4LSl=;?9^( zmL_((VtAsphb5&4sIH<_5Hcsbl#|y1Uit_w>8K5#Rl`j+cI@iZeF&<S&shv{&pc+~jinD#TQPZpm%4!v(fxm=4PhnKTN zW}LSa7`&XX-&00;9D#@DZTn_tQb$Z0Tn}EWf((2^TBTEQlM6sf-n+ zl6lb4#Zn?06U{N7x};TPyA{l`i0yf6Cyv(PUdC!vL*<8Ns;<2u5H>g1<$wB~^h!%@ zVFVD2!fi}yCDt!NQg1}<=ylGVZ0F_D7C8;y->H}=?bsi>3;6zV zsQ+*jNazoUWW~qiQU5Srpc}z%8KLV3WM(X-qxDl`CA*>tZ2P@v121EzuHraB@g0rb zv5X+5%RR-&E-y)gZHD#ra(?)+TK-7_!LBF^>FhzHbGLg({UwxueAtd z>z|GrQ|)ngg6wUWG*Z}IK{h5;$r~6=KVDKm6n7fnsF8!x+jWl*Ei(Vh>wuBDhiW^DPu$7x?WA1G#d z#?SoU^90~T{|iNkWCASjd{&P?FlO}|P{U%<_YNK@#@!Hzcoj{8D{#A)n< zlcna@QD-RPn|&X3-^%ifaA{K1 z3$jyeRTr`wzCQ;f*gDzE)eIRN#_RA1Bl=^KJ2w10Vb^z~2tXA+dQ&H8QcvfzMR(!3 zK6Jl4X5=&UL+wsLI3Y(C!wR)ex|iM?pJnXekgFFx%@c9~b6@UiF;0(VP0!&EV)2xB816_sw5W(L)JjAR^p_mCdhy>Di8aun zpOEyry9hSzq46QNiS?i|i-yt`;=$3#B!VAMR+XTiztOBMYKiU9qMc!`A14eeGyH`s z^FVwZa4pXtAVx0CKn?&G7R1o~zcoQB$2rrysRzRX`n4&ha5TF-4oSAva45%N{+jZr z;Pf-GTfMB{2%^-i>t3B7R!Lrm9*y)?5m#(USa>rw>y5@Cm@H89v>{jqw1hXK4KcT^ zhR8%z>Wf?A8}BDsP}hdZ+tqw7cB8^!U#^5{$;6SFrU9-R7_v~*IdnZsAJeWKs&*>p ztxm3PPm5b(1%Gw(Z)jmd-tVG=&XF0be0E;ANJ+PqALXZG#)}2rkI?y#(id`i=wp!x z64>iCbW&nZ!=cx*K#i0aqe_;0nC8e&jK@G6$&wP32F)zkm@IFHfo8FPESbWP^1bxC zK|S=d@6YwfsoK!fzB!k~z-5mbJbCUlkmT)GaeY#WWUh)vIG3aM8UgGZXGdd5yGBIF z)tk~SY2r=jZ$!s##7<4hEEgA2S&3M-@&g5?S<39qBfDQ2yV*jI2=%6pN+9s|J2UTt z(Ts9zK3rG(DRFHG)Vs4tmN#&|_t?b)yKVCODUOwo_)h{DtR463*-}hgWdkH98mB;p z5-H%Wke9s0rn?a)0^y~B5zG6hJq<%nA$e9I+0qh}z7)gE1)_xZn%nm?p5g5-!uUTd z75*;#a3sa6s=ZD&k`*IMg%Lgz6Egtc0fvhKkKganI4w5q4nOCz71OkX?TQ-;oWRjWPx^9{eb?0ppRw=N~z}Hok{%k zje=UJ_lp!4J%WzGX5tsSWOJ5e?lf5GC9$Bx3Jlp?)*D=-&Niop(6yJKa6L%Q>T1<8=Z9XGz2GK-$(1qexc94OyGYA%bfT;0(p7{5IUi!gsYF=ht?=Ep1l z8HoNCmuMM)r8b}q+hci$7#answl=^3WiU3OCFq^dZFsC@5Nk7ENWWO}11UwcHWzjX z5-5qpP_O)*1e7XWTTpMMpQ2wA42Wo*g{-Mv2&7p-Lq%<#Ld-{SQIkvkH!$fCPSu`B zkdFat&>(xq1jlskF2mNsFWGk2UNuBs{*X4)N{vN$BJd9!xL1we6xetk|6Z{vt2z}t zLLeeG7nlUXb<>-osJUCPpM(K}aG#HBf&R!^S7 zxGC2-afh@rFBxY}XoJR>=e^J(U_i2A|EQfMN54xP%(v0PtSb8(f&AA`J%(X^$b(2m z9&BFo*YCi8;g^q1c`tPzZhKOanvq<@Il%gChNh*TdKiU!|t=Mp-bAlHUOevoO8T^;(lD+y5RsMU-$O7>m-t77#Odli!*wO~8hR6x~T zw_|Z*5iK`Gqvn70fxw4mN5UW~HZO;#~U*B{~kUPft?2IZB{@?E~Y z8~|v6cpaWosoR4-*GMMf6bwqS-#yJp_Of$HFQ=66J^yBBXsMWNOm$0TH)M-@K))4q z$D&S?>^3qenBhGFGkJ~{x-I&EmRb_> zmE(d=Z%KG#1YQ0A0tw)P$*9@#F18rKqK{qcgsM4w>{u2p%|)r`Q+n(7j%mC3VDEEL zDIO`u=l%F>g%ecP>%T{>IG*hMPQ8C7LUky8KS8V0geTeR2`11?FgApEg-6`aF`YgF z`ro2s|4JwSdW&l?VCzFAqrF2odVk!Q67%Q!2ylp}IF%fe#X6tD;3ehMln8ph8=cHv zjwT6#yYps-aRRFC4ZSO0p^|B+5~jtBP9T&09jK#n*`Zx;%b3gxvD=soyAEOKg_Nmf zM7ZhlBXY?X^Y_qc(kQTU(2Azgt#r4zsQ~7S0<>zZwv&K&s(YV8fyo(h3X}DaoWu8h3|~OUHAvxJ#0@r z1o3mHv`c35;tJF;^HCrT`mjPe@&67t@OMEV z-{*IJucL=>1EPJP18gzoC>wQ37Yfg!p@!MR2!Z?q0tzNbUfq)hZM z7~LqidKPk{<#e^XBQ~6lPAZXWjgixTfbeewFm9nfn#VB37o&)B)yVzk{00;3(65~YJf#3GfFMHUq7#fYpP!Cll9isfKe;7tXa@N6@7Aej`^gJ<`AT;AYMt`pSPN9 z+O>P6W7`PR3Kt2?pdI8z(&e9g0H{1hj|0lxWcXi3UFAqHl-3C6(5ceb-PzF6u=nMjzU&~*LL=D0Cdc;t_19Pp ziAcXTT$*sK)B_u1ObvD^yfsPw{dkXwFi_vq@UDCjKiU+@i(HN1kfSiO3QUj3XrRT2q3tnffA`VJRRuhryHl;_?g}a6CSC~T%2b5} znVSa=Zy|M}aaZejIgC67O5DpX^=(!wol!>FB^hVm6FB=E+jcRn=#zm|JwM2b?li1| z3fZgG=}-6>(!%tfPSsEU?euoPeTXvIwES!d4-~<;hGNjw>~{>SlfZSQyXB>DV4G5< zlZ(8pjv8Vk7Qgr@sM&pN>Fpn}DV>>LL-efPg&MUT|H%oVat7SwRWi)vxF($9LNu3H zfCdjqRS4s9gr}99UA1VM(_RDs<0xEs=N7gG;Cdt0{ppZoeb&3yDwi@tDDWBb#T(%b zdl(YjGV8eu^J*qVTR{{p1sCQB=K*YXzW9;OTSsXHypo1;YR^qvG4wmvK_PwH2Lcky zE_s82jZv(D9&w`Z4w7dO5}nf`17l{dt;p9fO%g?Hd)?GOUmM3bNf!gvJtGg)IX!P& zL$^8N#ttbPvdB@NOEw9H`AI1aU`z|pWGu%S_G|ZQhC(lcmjd@;#GxZMMU|MKL63KE zmtU-P_@vEAE! z-Pd*cyw5pncf8W&v!koj7WNIJ6Me_=G47B@nZ(9tg|BgrH%KXG$JvE7K@#Pwu#79% zJrK~w)LP~OQ}Kg+m5m|U$rnNU_~D>Z^L3}9JJb^ZmE7usji=sQkGD7i2|DORHhX%Z z)?&cB3mZ!cM~6U`U)sv0FntQ@dkri7=z{b__pZ|ahY9odfAaw<4g2~Zf7YWn83sZ<7w5^)s#gV}z7Mo=XYbgC4)ZVOmAN?1N#hjQ-A47T_c+Js9! zJ75ZW2bSJJ_f`ZD4(4a4?7T3vNIf)5v%>``1}JYA$GGd4u6D_4FrPJRBQ>#u>}Zp! zsF(oKtGT2CU{BH2##K_#2e|cLV>sh9t4$}Kd;>wN;N$momZ=KwwLFZ{b?lp=JR}r! zpu30AxasN%ZSq5|F}j7uw%&JtEZQ^V{Znw`7%=aCPTV&Ea5hj56?;eB22&0NP|GIs zH0l^e)GV;SI4b z7ljo;rQm;B=3^W{QVuheZ6j`QiB^z)RE1j3>JQS&zNBdv$P6$OE0l*eP&0!Xh z6j6%;B{Mz86%P8-Ndq%d-7Q)y^irazgRJ**7{3N417*kUyl&X&|l+ z+Pf6p^Lu{#ddf*WF+&ERtjoN9l``V&qc=!MGp%M{o>Bx@=s?8X2y>0kLN0!nF(T9< zUjp=&0a?+Wi$K2p>>-kb#j)nwyJ5()yPQQ<^e#4JQIr13^&aU#iv=rpP*3{w#26n_ z&b+9vjx46q5VQvjp%T*DS<>@XqC|H*MPn!P-9|NRfjzW3{HNBZrrZrJ;4$S0OX|iYJQdI<@78qf zBZHfFaLJU|PT$1GufC_3U?)Cv)0D{^x!-z*&WFU1IZ;O{H}9d zNc}0i(|9j$b5F)b?NxGcGI_RdiM20@nmul6^?hS2W)#oOkeVKSA4WzfZsGn+0y%!HIN7Q|PL>R$bbz?JeYg^$tY>6cURU^Eqj0}kYq{Fdpq2@Scc zWm3zQJCq2gfQ-w4p4WhxH_ZCDyYiY_rvZ8_HkwB(42{}fxcC-jUhJuncR4!DTNAnU z%m_US{Ro7LcwW%sZUSc>0iS&zo60x`m_*a?Rza|{Gto)5Q7GwBLfpNk$G$r6(!Mu% zG%WFij9NP|jKOe`XJ3{qNJM{4{z1nxUTX&Y^f7&0dv>k7mHBf-M43736%@eqxAvYv z;No^q<*R8JBy9{Uuv1&k7cOcY=CA*jCKb1VttxP%c)ykD-(*ODH5d?S{$+hE^o-RA zm&nbvFfdlE^n0rvJ|u5TrPSyvfAQ-ucIp|gkr4Ywwn@h@{31ZOEI19S+ioOM;XdnK z=*&))LQuXF9elgDKi6!`4l=1rVlngB7g4lxU7+vDv+GsWcmTbhhijNOlq6sM3dUDJ z*CQ=D2qbUsNh5SYFZ4LxDjlq&QQVGO*p_x!LI8Ypv|0g-og0(K6+T7V7t5sE`euON zI`c;)Y9)Qu2L22~mc{BwG8VTVo3%QXs6_3~=kd1Z8<)7*N`zm3CxTSUm0NASH$n8s zbmW{_Zw40E2-7lR8{YgSi-3pz9Jz_u)VKt65I?QfN&68aw1y0*3c;HN(>H-r4X#zVUH3JiUvB_je5P1S#>jE4-~wE)4fF&2ga{ z_yQ7)Af!lAlM#$?T$$;)t4T7AM}cd=z6{Hb8z`L1{5r0FR5(X7DE%)43$3VJnWtxw zgy~Ad`yQUD9X7;c#VFYxEu*z>i>+73recNcJ$w8|l{_V^0)I#B+)yH^+mqwFck- z>pYp(HTt>{`6~S2ACRIy41#)~_TGRT>5!AIB&ZTTcKD~WiSu6LL@%t*y z-R}c;8!HL=C5;9lyfC>;0%zM%5fuT0JDHX2{9zX{h8CC#w<8hlsY*?EJnlo&B?3Wd z2IFxt_CX(LthG_OMpde!a7Js(CG2g~WQ|m;g?rvvB9Z5FGMbu=ZPUWDVJ>t) zapVnpe##vr_#yCNTL>$;K(W>C>$|=yJ2KAAZ{%mKzmtNvVs~UE`cqBfd7+p2ie$F@ zk(Ov;Mh``WBkE&EF}qq>?N?o3UZZfo#^659zA#!q$3m5|pytoYE&9HVBPhme?>Bfi zg8@j;YP^xR<#(bg@j-K%>eUE47V@|J?rB9xBG`>M9sb^a<6(xwaB06igJpEJKb?g6 zZ4CSV<4+$E1%0}}hqzEBFtqreAbqIxk(NBz1?SBmGQ9T zw|IKYv4gfb7b1bedt*CL@KAmW_Uf36ZC1->X~76y$bOjvA+B{9eeasJTMQ4%W>ih{ z6c{K(n0wdQ7_#IykX9-T$Wd0WM;S9T{G-xpU@sj%= z#hmr_IM{h>{DWB9jrXNY8yOckwCCpI(<2-@eI$$D=h5{8azNvEnThOi#|JrL*=X!8 zBrr=mdSm#Qb2B28(Pb{;Z)7Uh)`1la{84w@pj2iS+%&K?78E+tMILQ|BaXqf`M>QDEc6yluGUKdym9;?P!VR3@@Mp>~ z7HEYPG=uQL1p+|L4Ja&jwE6pYwg0yrJ%ZDY_G&joL8J9UE+Yq04}m=U>b0R#?h~&Y zUPi4F(H^sy>WP-E2lm6ipQd37iS)=nepYItD2nVBD6Hd7(X zOd?s{pmltAxvI1NwM3KBHghiQ5wxAws-MfO(=Y9g&DI^f5=zwtr|jlFj{AmGtHdr` zgNc@Vt~%G=`{WZ#%da|DF%x&7@wh=Piy8+!9g!hu8y2q&6XZ0nH~ zx8bd}@4O^guJ;~xb;$9mAa-wiY}WWfVumOMs>hca-9~TEx~oAej2}6U6OC8Q{4}uY ze*N4;c7Y-&Kp!t1rk^(d${1nt{a)+Z6DNkT1>oI!Z;^D=4R0Za?EcurRl28ySDP*~_fL}j~BP028`oxJ2(>km&x$`&4dz!G+5{*mxN zIH`#UZa(?C<)HCSp<8*S(oz_V_vd$oe8bnI*rQs11Z@~@+Vq+vLFVY|3Ml*Nosc2$ zD20AUd6zoP-6(FvQczw^m0>j2F{p=rGx@r?JcvSkkZ1hpx}^@1pZ?^Se!-cQ0YChr zwMR7{Mhn=}BZw6QhsDiUC{?D6)9Aw8Wqqr?B72u|33%#j43F#gls;Ml^%9B% z6av{?c3Q?X0;iUwzr0hNzb?NS4J~QcWD%}cO1goASP~@QSu16Q3Ty%7y1-go{$bp^ zPkhi#z~Q?7;hC6TT>r3J6W`z-S1sn{yl~qSUz+ID$*uwdzJjzX8G|>BmO4-PZjWCs z?m18kgT|wom^R2zAzTrX>y0n8(IYDcXk}N16{}mXdY9Q}=Nxx+L#(v!2d<@XW7blq zTSy0C?=W_)RJD)`UEt}$9B9|ctrDLWoZ{`I+CeLawO%*dM^%_dU}JHZ&q1>dk6~qiV<6GE3~9qP+&{IkP^xHV@jkD-Fmrqn40A;tlIy*Ia!kzi=Lt z)eVra#b0GMpJoJBean{(0zq}7owk%sH%tg^!mkEY4mXYF>eSe^%3w4D zS*DDkw7tVGx+ww!Z1K;B>}>_?h}$gk4CYM`9ilC2uUf}x~PVBGS{?5j0z zxt?%|G+ds#!9=MnZNyvM{OJ@j`HQE)<8z+#SU^TJ!#LGy$Buk%bRAE}Hz=zwarQ%p z{y>wre^A?B|Fs4}(r#fVX@8vU->+o`>U=0F=51=tIcXwd!k$2r<3f&Z>5|ZB+~X?T zd~;i&W{y}I@LBJV7M8}Qmhw-dm5=AR!>|_-VjcTQa{61)I8_4t)WHz}O(z@M*B&fibET6OsAorVvQwvb$?cQ*Q887Df%4Q1S%^loQtQ zn?G_=JfCIYkobN49^mw{lj#XaqF7S1k?eO3Bnywv|3PE|nf)1LK+F3dD`6@d_7&}c zPzAmcNt&spfuzc3>TM}pK7h!;T1q78W|jzd>Q*tl>&6}+Pr9N z&gTzSRtD(~Y2!hf@%Wc+cSf?7#Yk0^*d+u03BY=9V{VXz<6)L|A2ghY-C&G-izlXD(@{E0aDTx+iq$Z2l6^ZuXarxD4+37l*?Kvn6d^f>%IuM z^aZqYTxfGiV6HVRnX0!tP7~=o^mT9!BR^yH6Naa@oHpESM`G@kT?1l#b{O;*$ZEIuCm~L;DVXr?!^~NdNPmBiCpHFVNaR$)($EO1n5@t$5HNf zaIL;GAY*b^B=wix(L%Sfm$M_5KFnFIP#McrLXJtu*ZDnXjWn^tW4qvRgM45BKr*+uTzLYU zI|PGw4qV5X0e)NHI8gSujsRc$E^g#X zTcmaCF)H{exM-ij{ZX?_bf@g)8<2?=n%X^Au-~tapDIcm0}XOUf595;ffW)F6qiM{|(@lJM~71eE!8##eHa(Q{FUE@kY;w|F~ z5VXnEavA9LLAvhtN_6;I{SY_kfEK|xHFWq|%v(C`_glYTDV*n$WS?TXe3cm}z4tg? z)0^)V(DCcSzi?aTW0cDj{2xMK%aQA@y8#R)s`srmmH>D}gS))QCDVpZET7A|Dwwlj zIY{A5zwdg5n7$qe99*x0*wKx&Tt#vd;%bm;#kt%P&mS~-BamnjmWIIHga=;FF$Y6EZR^rr8$N=18y2YF@yZvP4a?cOT4hXOhN0C0zcRfI z{Lf}@H{Mp*S#@6e@W0ki=s}*V1Dx51RfB_uquOAQBG}DiAcXm)MGZ8!^%9ZY+c5(g z_kbL9U2?8qWgb4z^i@Y9uAa$EgN6k*u55JWA=nn8`Fbi^yn3Bv6tL3=5;t+Z!&B$R zrDI^{bY;{+Yu~~UWO^PQmEo>95}T}iGjoyB^^BmxX)J*%TxnWWr4W$kvx~Q)={vEQ zOt+A1J9_RUgHjZ<+AvSqN+w?DlSg~xj}cC+J+CRQpTGU#-lL#nSH<`rb2%>!7*tgT z904#As^6sc?^gjkXdyZpuYAaGV{{uU68e_jnunJrC&*bYU6D8i;ygF?(~Ghtz&Va= zdF5#vq--WtP3egF*uZO(v4k^43?fcG01=Q_hFeWS-v^xJx7{U{0}{Z6$|+NI62sCY zoUA`GHtDOl4R^aW#^UbG7;tvL#dSNYRXzTsZp$)K+iA27=K5Khc0o-H3rXvjU=S5H zv}ex*0lU*=xm({k%WlA5W4eMk++kqnQCx~W!8e6C-&VMW z6d$nh=z9}gF|L;)A_Hg8_<{2wGWzJitLMSbQin6eiR8l3p-0DVjl+IYS!LC}lYhxVBiUD<# z_TrZ27Cv{dmm)4hHVk4MGQbaeXU?M*8W4C8OGZrJPB{ib=%3#6P=bhy+ZjPpGrR3L zA+a|=|Ibsq_9_H$A;H9B{y*7CW0vStO6}3y!+N+GQ9@E0op}Y`6Yy~=DH-XDN@iA? zu0EF3V|EZ>HMI9v{_$-b8^F8Q$KKGoPnvfF8gD$aC75Jjn31@XZsuFxSz^(9MXx+` z{@MO8Av%B@<^=UE?fb)5Q{i}9nz zj^b)p;zxr}&sR$ii|2l>v`GlD!i5sR-3FJQzi^hcZv&iNI;(>{Wr*RU%te6Asm;UN9iUCR0v7u zah%3(YR)|yHz(!WSqSD!mTNCu;6K(>eQZLmgJ5#8e(KOH5rqIAx7~^RG;5y?(Q#dP z+=Cwg|LF*c6jx9)cFfu^h`^*i*y{{mPoZHEapPau4%@GT_X08i0DNtQq;Ov+9K4S) z<^v}2T9uHWE+LQJfZ({UOjl^Nz;E3EU6dIZryh>P8lFK=0kLAJFVOK7jfBN~_YEmv z@*-U+V=*@1V3z?0yY}j7cw+ow&EwPB^mQ~AXwcpATZua|Kz&)|Rr;koQ5xo%y%-Mv z4kIqmDwVPBv+w%GD66ib^8KC0Tu)XC0v4UExI`CBJs%^mJy^x5PW;A}XN@6U{#mUiOV*B&v7SXb&7cN|| z8qE(qW;kRRcfD*)iwaRrH#)SmA zov*pX&3Si?Zhvsf8?BITx|+qp&W@tckdO$_DYHo5_4T%v*b}46`KYztTG)5IK@Wu9 zfR*YZrA327PEfPrm>dlHAVJtvb+my5W?dpFJ9NB}Hsd7A8O=JDDqH$P+uyup@-(3}NFbK&x_3u78s z!yI+p8P&`LJ0<4Z@riGLdKmcaUaED zhE3O4hAd}$FIGsejXK95FPApm9bCSqu&}|Tu^ZLyFWAEW|@42}|m z9#z)(yF$XspPACKfj&lSODf960sJUh9Abi4O0$tPb(2ua0T`}2=yUZqKKX~|Dae5rs0}z1F95<|AVGl$`c4N5_vY4OkEPAmNK(?%aD{pKtiP4RM1`P@cpfw> z?@ngu>k7ALrfwR)qcp1%7gB}bfRP~!G3U${vvwR1Rn=>Y z-6^W^ozbq;aYA`=h^o!zZ<~G3{M9XPJ&{A~O{O-4`iD>-p=<;}nX7DV?=yE zVeet+*k4vnEV>0TQa%b}G5np&B%sgmUUob4aT?DxDLMO#@{6@SL-)CF<9zCBHHL()3 zeqh_+COWQc$DqP@`b!fGzOK6je=M(S?NDZ}Fw>tDXSTO?k}ovu=Up5+9oMO(al}b+ zxt8XhchZcZVGC9x>#z3V8Rmo&5%={Rbx_#n}9!8bh_I3=L z7RD3ftuBfu#@JOW29eOazMs#JavBTp+guMUSL^#+@Qk88G}L-j@Uo%!Ez|=-9(Pz6 zH!E)ZIgcMHcoDBP9!7;fol6Jl4bgH+gPNbTBZ7ygl-ST$RIDfSt}5GI56(z{SfpFM(4%T~T1@t?dd|Jit6^y-WX+QHE==W? zQUH)mAS34vDpEPfD7=ySI+b2|&omu(SH|t1^vSjFeBC&g5ZmdYU?U>H9~NXsk=v1Y zBr@;wC*b{4LR5_rCqGJ^rzcMV0mb;M57lcm7#8{+cYbiTTeoc&unn5rx>cAi#;*-T zeYL4|D%XL7@DD!O|F;o+Dy>hI|8f|=4oHmS`O6nMo`fJ048|tU5rWzE+ri7BtL@v% z@8Tpc`Ixv*W9RL_(ZK+nw;N|N>uLlHBo43uM=lh>1;()jZBxYer%0^^h9VH3_Cq#p zhM(lj^_Jn1!)qO{$`%&s_ts?PDFk}UP<(=g{PE|g8v)aPnB!0&2crZ;IG4k<30c@#U!5@% zyUZb@3~UHL)tcM~p)uvNBTb6aV@Zr<(>6n>A6^@teZyBikr7~vwSEN5}hZY8!Ak&jSO3 zSRmq!4d?SX!%WMBgcC1L5_L!koW5wiC7%X3MFRR5w-Tt10T4o-yl}%6wS4knsZdeq zxLvL0(-uu3?w*$>Ua0Bxf~mHW`?mQUR->IKU~+f4Kb8*M6zG`lr{K{F`+Y2Ak<*jm zz-~S|+uLa}o=0s}w>Ng-WZjC6dFkQ{Prt2+kDI81%bxdb$$;oxI*&dP*STqB;ys$R z2@-7LP;vEpaA|1Y-W1cNnJ@2bfMv-0u@#^?+&`bX@+zzif)ONcr8TMI<2R9 zt%XKfi+57;U@Wy@Iaq;+)A(t8$8$m%o7|MRU?@amZW=fi&HEltzJvLMAKrNAp9DrA zmG8Lib)QRLHEM_Xzsch7W<`hPOqc8wdP|nLjUBc>pe-K~!dPEtBA_uxqQx6&ts0~Qu@RwX%`0C@v_0`byb;9QK`M}Y zukCBm?T4~f#>#yJHvJ{inuY?Me6Ok-1rFx~gI2!> zNfTC~;+sf9OMfQ%*RS|f32$1lMoxDPfFubpr(1=UQ$YgkJUz9^G1vh>fenYTqm#gm zH|)CWHtHe16pY^Ur=_omd0ny2>K73|Kfmi0&T$*nb|5M#0gb|yW=iv#nP_)p9gY1E zC8}x8fps+FO7lecdCD)giU^6yogolQ!OXz=SwGM5@Bhb1#wh<+#ZudAU$m*_MNHi}fvAL%^ zK|0B%U#223?3Q5bJ=2vH=(oMeGuW&6?J&h~@Lm8X8qm;Et+;gX&R^^cA!DvsQJTkq=@eg~7~wPJ;i8`(JXNH0tAQ#Rdt*7>)3Rsc^y@j6aXc4*N77)p@Dp_=-=MelF6# zATzVU%?>gE6nHYO`7TYtIACNC!}l|BPM0!8>Jx7Pru-mcKKsd-Y}j-vBI1Sfhizdq z5Z2vrmm6Pt+c3%}RHHcd*m~nm$^vn0Aeq+kVWnCE;R?Po#o}@1@3ONs+j7^^t+j>{XX8Fu{F}c2O77w4 zL-@g-c;v9ls)=GLt?X9Di0Lnt%o!+`Bk}IYwXB4{x^VX4hH!gC6ozx=FF?l=MOUA) z_{t?_rmAtm6nJA+L44@dkWF(r$B`bfMfnX^ zS4DsdIgGLo-U|pqM`MQ7$duvsGYS&#`krIc$F7?@oo`-MQ1U^1Uf$ks=Mb-D5@#X1)U#0F*#eRyB=x zR>s^(tc=u~HZOS*8=vAyIQTlsTT=PtTvQSw^rB=fy0JH!LYChKs2c_`b_|(B;t?|j z1iUH_K}@tgqZ2A%+t1@1 zhdeA#mDi`DU2nT@|lYLY`RjPtvqKAorK&m8gZ` zENd_ta08yFxvK1ZYEKNz`LH(RQ3Ji5de0VqZ+BEA5;|)UU+7r>#&*PhL~W$PGedyR zJKStKsI=M?7zY9k+_;7@ybQ~5>b1?*cpsq-A1r)hfw!^e>Bk!1>X}nG3FovTTy6o> z@wF{}yIn!6Cm`_*qxW5uba4JC`%1M(eD#h%!R+?r;|7v0*(F8y-A}E58Y=}H1{Dy? z)^Bc^I3U@-3h26v&)t*J$xO!aqqiEamALDkTpStD9LP|lCwsf|@$!OP8y9{)2FWbD zRd_59V~egwL!-h2`%cUz(*ar?V3MdOJ3qE3M{GyLgx*oHD_}z_V-ylA*LK5=hNh9v zOb1_soE-?rxq9xAptCA#{CCYU%b`0{*o9;Tv34iI!YjB0{d&+l;*FxWXKp2KXtKIn zbT8hQ?ji0yYQnL4zmh}S`}3PXog(7`A$PTpTmZcGx#k90&>HbN=x+KFfUxe(-Ea;J z9owzWpIO?80nI|!-$Kb-%B@>Q&KJ+w*`~N?*RN)i(@dKXmCO;M1N=#C(T8oy@Aoo* zYc!?vPs;)$c|ktK+;2HwZmt1yyK-FqV0;b$4nS7!BIIp50UFJ z@JHJudhB$=9D<0bnro_B{QLIzA&03FXNS*5Dmr4b=Q4_hp$y+ z5bRVJkOD!d*V>JLan5Wupmv(@)G-}a^qv&@Y$)7yA<j0&P6}5*xD*Wz?Bkd3DZ1^;T=2;Sz&9Bz{j(9wc09!B*n&)=fBUL@o+?8G_MT&s zkW}BS==zYx8{}ts_;5jz7acNJ*!BMkf<~ytel=Ph-t1M8SnO&fZ1LKBL}oigRN{Qs zQDEk< z4<#q`+A1}=+4AwaJzw-(zQ(Ro)JjwDuxqoiv1Qr)CbhV2uW!!Yx_x9P!cGW+h}fey ze(1vfwNR0n=ouOh^>}SA@z}Qur5mG9oU!0SK{+Th4bo}AfgX*ZCnqdr`R-#$I3K|$%x zoq-vocs$QuuEa{5@Y-~#z-Zpj<_jG)cP;|b2_VMHU3MPAw-pjeV}u~~fwwxc0v)iA z?X}+`KR(m87z1d8)|ltfODRM|T=pbGIY*b6-*u2xrkw|ymE$#>o;{_cUduo61zFN8 z0TwOb*GpM1KH__6IM&Kysf=o3beK{d?K`VbXw(M zeX9y4b*v5yOsb>#BUzw6=CUM6?p2jo<<`Z;T~W7>ty7r3wab}vcdMieinD{3 zTgZ0xN1htea*3Yml0Lv?(_~Q_LqFBudVU3&si9Jo#R&*J)S*Vnv`vzn|Da0 z*9l;{+#>=OG!5S9N-+akU8j%3*?JpdxEkbFSgwlF-m6=(Xqa&lF1NCI9MxAqZi6Dr zY)3Z}UHc%P#&nnseefPs2AyKJD852^h{p-_!<7v)jiGOo8%W6BesHfCXZ#~ENQj&D zJA;t%Y!H5oA0JZjIeq)Tb-mm-(Aw$jke=c!_C+OXF^8s1DOt zPuu_q(+FVhY|sTaHZ*GR#WB^}yA*f5;NBx-cwR{aSmJ7YAY(EHoc3EIE8U8F68OOKUWh~WG zpjhDCCa+gFyAt}9qXb9FE*UAEMHbJRW5A&4cPN*T*2Pb*C6-JGM>qP+J@7z4aD_FQul zr;4BPi{M~6brl_rJQO9i?CJVa08Hoio>TD#)XjT8mmZT z>RjT7B{XkZ|=})>+NX&FCUgfT}5R z)GVTOFwihCm>fE>zcR=GF&=)8`psGfIFJRq!fcmreM^EM>IZpkmA3HT;@~h7sR?w{ zxK8;2;j!o4!%EDX07CuIo9p*aQg}ra6&1lqqGe>SUg1*OIz`95XM-2LHUpP3X&6;r zAR*)};HPB%y}(0Wy#XB^ht3X4V7rd|PmemLfWt`9KoBT|Oz3IV16rxN_(bo1g+4PL ze}Q)Xl30SWX@ShNbiJ4;-(s(~VmKdN@w4FIR&m*fL6(D?H-}xec66dEzCS>2Y;9Su zn@XXkC$@TWWJ4DHJ%Z5(>RfZC^_`$`l!33w_`-@1&(av#_%A?1?yiGW9awl*?vQYNa4Q zdp0-5jv^(<-!=R}-~$&}ziunEP<6_EM)c-qCZ>$OD_5?#5cqe!7H4I9AR!i1NP(7p zf>*|tI7K~?g~Va`Y#rOf1-&dF_zl8lKiAe&EiFHfKT;0|GE=(ulsbSWfWTtr4Xr0s zkB`Uf)*qGdA!s)rlZgLsf;Qv?p<_3_NFS?`C0j8ena|x;yYfef9l* z^hA$+EFTQ+x;&awZC9-w$Wbdp?gfKLIBPEPBM;N#zfQClUEk;BEh+s!9pNvt67yA$ zP-w{4gqfy{T{Tm2^+yJRR2F_#7Z_`1YXuCIUp0ifz~2%gB14UGm;CgS>+9F8B2e2- z(4_<~y;FCqQU<0R4|3Zc;n4NLMb!^Q5fQ++aVC@fD5%J;R`2(a%y%aW(Yke~eRqML zouDbap*O0oV~)vqU>e>DMCJb?VPMsx$&r(^-Axz5*yl0xigrJ+x$QZcwA2Q+geFKfBq~c67VbMN%S`yMnM@f>J8Miazk2MS*U5Kgm2N; ziq|$f9`N%asu?4v-=J$V22N#T%BKDzl@60szu$xA;0=*l(7{vRsdR_MnVRESo~U=p z{4Vn;#*n#VD2IbR8vA=-TF4?1ulOjEYTUE6Dl~={2ffk7HbsJI@5`9JNgky`3D%${Ald`(|??yGq^i(AK$g`rZ}f|}ho zVmsT5xoc{hzH1>GTxdzn+-J@Q6xqM+6=2rwb3sjaz#ZeV> zZ(V}iZHNxKpGbt_0dsJ-Ws0rgfo$027LP^leVK!h*SsTlN3rjo2z_OyA${#;`ySjd z!CRZS-Z1z3_j|x+((zwUV0N7weuet@{ULF@p^k=?*s1JUt!kSjAko$NLY6QbFL(tF zrbAc1fJ#I2xE}yl1rm?f>Q`GNkR`1mwaCfn;)XRF`n(IGgPDG{M#nYHC~#L#XDTFm znidSIt)U(_&0iwh^@tw)oQrB_=GC*Q`q429#-drr{0qsRFsij>XPrxN_d z)rU>0nhD;qT)hfEUM$v0zx%U>63>c8hD&zMPQOjtqv_w$I!r68gN_Es|K0OM8uLVuUR9&G$wx1hrpx2cddIf2gEhQtcHSU@KcvI;sNNXx_O>FTd8=1L$n#kA8O zB){x7S)_Mkoe~uV9di z%h;licIw^m+}JRq@G@=e=)bW!y)y&1O#oofKRq-ZdNkrkYUs~DU-r*WJ&J*@8>y*Y z!4#bb1lSXT1d;BRd^xxf1d#UYe^}z~ZBL5A%Pc<*uzf^#8UR5qU7K?loEky@Ei~EJ z+puFB8R47N6fUZs#R5U_S4|)4H2+exf>Pk_9LN9UKK#1&H-9)pLFd~MGo4r40qVnD zetVurm2aj^cc_%+Afgw5kAHatl}N^ZyTr&8&T2W{Ob@ScypK}2$BQO7iBfzwdWF7> zX95XpHP=9;e46XHReKX5LBH}?nty%Ll)-j6t(|z%c(y4qt?--tp&Ai$dFx|oXa_t4)`(`ce+%JX?=7M$oJ0?A(DmQn3s5Aw#HO3| zqkPzWYlJYbXosw8{~o1eZ+}*sqrT-TT8oA=GZT=Ibj7phh-l+t!cSsM%R?bdQ!8_5 zbb>wItSSlb+#v3VQ*kw?*p?DN0xU1UQoS+TFGo-z+%cpsf9^Lo{NC}uztUp`I6P}# zfVliW9b5w0mzEaI41+*h`@+jVbos2QY!CJoY_1gt7jnEE^~ruu2}#K2U^es|61_7j zz@|jVgxUxG7f8kk#$JRdV!7%A%N z6;;Ay<^tBxSaebE+suDDlK@(@EE>;OKCJEGA5N10Y=!&JbDQ7imTc61d`%;HMw_a= zq*!jda~@kE0RrA*$*e(!-)jh? z&~s7Ix3pnh&e+=tO0VCkW1q8!7d_J8*zI~#s)}YXBXh`*S&`Hqb@ z|HpG0o(Bv??j9Ha$E*JJhz`Y2V5`KA_)JL&6zFVCUJjwp@!wtuFHLwtxxa@{Ry?9- z!7h`TKL#qj3l=s#$Km9>v$L!=ngWFJoMerL(KsTn3bojD-A!beUv#&P={kN!h<{CwqiziAV&&Y1^P^NiJ`YXS z1i7F@pii-IX%y-0GM8;XfEZiAGGRq;*u()czN%wXuR5U97D)hbj(W6IK`ou-jbnWWizvrRA=u0JC zG|j4edR9txuWxKvHa|=v2{k>9JHnu(qLba|kM#ECHit|OdM?*hudLY9mHNbC$83*P zn_Tl44Ub}e#Q+i+;*7OccmCrW)f!$n!wY`{E!0j-AwmgVL7>Tnp*jMjC!u<#Lf3-n>zXY zMA(=U=)STNa`$t1wZ8Z2VmWEZ55X;eB$CmWJoXM2>3(>rIobE>HXf>*EwBAB0CCG9UYPk33jpycKCxLLGc z1^{CR%5C#-b_mB-#`p`-0xA)E)RW-^Afgn_ZG1(CV7)}*j#V_j-9YxlYqf|s5uU9V z84~l+2`WEd@2etgttPJ65|$&laMJ#F&gF}~)3<@!ol%wHb${FTT;t4=zuy3(buoqo z{!OO`=kg~!^e-#nf3-J8XytJ`?JPJtslT*IhUgGaAP_U*{=PSO%=|UxD)sno+`lg+ z?>m2ESj@2|=Z%rUzog;cWUBz05z(E{0Pp`po&4YaT|T+bQX8HzC?vA`HKCO6(FYvA zDSqhUa$}!Z=YTq^i^UR&X<9~BMJA{ph&PxB$*5~U4$FjIgr|6Go&>R%%OTV`Q0S4h z-j7y)-W(3JfyI=27u#9mKhNQR{$Q*H%^FT4s~HM3h!(b$1Fa62=02nkk*l`&H24S- zKn!@TZfP4k7i;|Qk3QfPJ_g@3IcW}?otnzHdhYRcPp0(W%}18i z(aTd>e0s4Mz;b+1EQ$7iI!CB4h|gEIM@RhM4)<>)gZ+JvVZ<`ayAne7nhIX>cP+9V)}LS zfC9qPW{cLs3iW?lP5>WRPI-fv68^6*{^!#F{6PRYnpK~Eg`*Kag~B>mDT-zaD>6I-u%eovwd!xqJ>)>F(Y-EVzDX>6%=h}W z^_JKX)Bj1-g|WbEe=~S?U$y=(*70AL6b3@eKnI(8w%e1Fr8&JIBM%zfWLwW&E{%Co z{QKx?6vkS)kf5)S3%fDGpuCay_sS1p&3KCye@-)Ae&Ov%hp&jmDubuPL zX^LYUh|xjWRdvu|%9+{hFQY96ft;|bW=}Et6V*WH(6-zr`@z`eLwMs)U;pcIniKh~ zFL=?4y;*3zs@M((aQn*!osCS+Jo_y&!E*=>?{4h|)T@f(d-kn2g<6|rlZs>!+zL^&h$y<;dZF=`j_nh$uc>Uf9xl&lqq)PH2# z-F$KcOoJde%^(qQ@WLpUh#)!~{;JsSA0Pa>;(vZY;Rb0RcCfekI-=g~nW1PG?5v-N>{O_AU48cOS`2V`L|M|{;c@WU*^5|&~H+|XdzHmCB0OnIW zF9hP(iUey+o0Cr6$2+(&2-Pbdm5sZ{^C)U}4bLXpj8+R{gJ+(-0})@4vS` z@O(Ig1wt>j>@u|0KWnVreO0#nb0ss~H8$s{)H;0bsJp&L`$aJaLV=Ha50Nr=t9hNpB5#zziNY0i}?B{Zda zsGuWHJ%6|=Pxj?=P?;I^d(d248O6;ADG2I2+hT{bM@?4N;2rEMTIno#8a|4=cQU;ORT@%J=aum42->Ge}`cdUoIy9NT$@-5M~U|F*M?U^Rc z`AJN}q*)oU;sm0S%!w7E)4D>Tj-uU@(}vk=s7%&1US1 z**p1t4zKa|(@~(q&wBBPHs&__o-HRy&o4^t_#0gt|Ke{8m1gQTs`Ks2GI`X0uCWY= zLW0DSURYfc-e-YJTUI1C+#RLK#0s@l$z z-s!-@TyJ&zQIj?Q`<^;$Nw-5c62QAWT~K!UsxJ(~hdpj0kvC?(du3j>B!17u#-7Qw z9IwVp-BP*vV_z$NOiYBXYMCv~V#&GK`zgH^#Osn@-jO@rTy8J&Vw6Tq5A%ke{fHkU44P54 zY5(FhSJ9ubWR#It)W+s*KD!&p3Lf`iSL-JFP#wrBD=VwJ#LfPWyL;+E61tyim0_4G ze(&`+8+I_6RrwwN_s)-mJ_`!U4NI&DMh?yZrco z#%Lc>=M-_J?`drcA~X2H5w;qOqqiSm4f^8e09u(}*mdP|d0Sr})5^*dIq#F_pZP4k zh?Vg=#UYJWaI=FH%OR=B`b<-8b+F-Kh<9N-06Mqb+S3VR*|%N;*AaN^2S{T#Wis0W z)Xn* zhv6h0BSt~)0ahkKov@x<8_nkz&wj$cz*n4EBg32uoZhnR&uts4Kvg#bgA_04sMV8A z5{}8Q0>Vv86O?ftcnhvcIMmKRs-!s@JR^HEJes^%TLucWuNx3fIa zl8;b*FDm9wj*2~g{ZwPTv@lSbLop4nJdQ-4b7uQR?7Or-V~d^PDEDLplq1q^if@+k zWQg+8Qbif3es&0{(w)mx^)h-H9$Y%jyob*6mj2TVz_$_kFN%3+7N;rhLrW@W$x< zrEXqoOj1^iPe|ZLw}i$=qEiZ(Ai1-jLMdC|H5((&BUEqi(v$_C#n_NE;4%UA{;ra1 z4ix6bjV{g5qENA32n52R``tkqcZWzSWqu&XdgZB*wA2|fGpjQYhNP$^f9c{>9!P9E zVR@Uf!Dy$3}jPX}!Ql zW5e0R!{1y^!#tCBeewMH!SHyS+@3nC6Jt}qob%kVcRr1jB7Q^cRSW#w($#m)f9HDP zRo%S5dIA2mw5lQyQ1NtDUrhf`UcEQ&E?xCi)t` zNEN160jYH(p(!r)o$AobD;ZwT&S@Y#Y`6-ooQ!?(*jRa2>&93K%j0$c8n-w389~xd zp59j7I5A!42*o7-%*2ZxfM7R|VHsdZ8{Gqgs%qv|+oNK=ZhN@7)s(nRV5b9HcB~5Gkzj_)D_a?b0=ERa4&O zJ8lHR)ak)H>9yQ#jM)l)=ae1#cs6!R+r}@bwU#yS>vxB_2hJ42^3?J{Jmci-94S4; ziA7gXQeNxj>e@N*jJ=9OL)4qzRYP=T)ma@Qc6KFkx!SaZ6%-T*J<-w?Vm<`o?!wSD z&V_jZCq(rBIIp=eCy(>-*-n?j@pI$f0-Jlcdv;+VO@iduS5T9xoq$c3?dObC$(MqZCg`q z52|gw@l(u6aK2HB?=P*zrE#uhBj9$S^5&L^H+q#up^2B;dAZC60V_S*)RM6A7 zCSm|>Wa!hUPazw8to5pHlmx=&?M?Jmt^8|?D*#ql+v#;pbYp6&S^;R&ho|VmhynJJ z=YG^-YZV45vvO}Y${q6OqNSzMlq+^2#?R{_Aoaw&Q+w6VsjQqx9M|VzI?vV;{E1#w ziG!0f#Xw}=jwZ>tM)twyuht@UP=yGJgRMezr2m=hRi0Glw;tL5Gqh|hAa)JlVaUyi zik2%&bHrE9Lo5iD(t{icf^@iJ7uMWjKI4zxeC2&;MQPLJ&nXrVTKFx^0-Jl(FtQ^B zpC8{>wDwZ-BEZ|g^Sw$iB&6tqz*QJoL236{x$I4n%XjM=4R9c!cwq7M?Nyfv<;dCvXX-U6Y3-0YYkFS>1Z2ilKUiMt zrR2K$Jafa|mAi4%NW{44I0%=3Hl&^;WehE(EKFvEL5edk{7$pc_xky=@jQWLzuK)Z zjNXPx_%oU8si?braAVp3Eyezi#~uH?ZE1O#e|J2gJBPnB+l+V3?u?fUY#p8*|Ey;x z58ZuBh{nW3G3AE$<+5ptCB*1d1e)j7rK3N|z8q35Rwn{alzFWAf~p{h+q+87!FUFZ z=YV7(CFb)mbp%+FleX=+i%*bo)Vha9u8a}RJnvw5aO#t1Z)*9P0|vM@4Kjh+(rme- z_{KP<%uE0x-Ruueoop?euH^m$EajWMAWt^eebxw*-6ZoI;dM zODtEkpbUnoC69ih?2|-K)nJluf%4LFprwW@Ap9rIN?Wn3(KGM<>n@lEe9gxPw3Z+5 z@76u`WXC;_r12xQ^wyZT%*G%&RQX771F9f`#}Ob5S#9o*fKfJ>pYPh6Pz4^4o-VAH zZOUy{{(W$f+&+<#*4-8t!sD&Al7 zKb2$+c@6Zq%)imB=~G?ok)rq~>#M|s*E1!|dzR&v%9fP)(BBD)SCxHN=&@Qenv$J; ziA25t0RaO*T7K4i?eI{u3L$(8n)h<*h2VgI0LYD1H*RkNUv9g$9g@hT5hzO)-h+`& z)!_DRO@5Ma%Up{(HjwY@I5ozxEWLCnyS4@47;<&N+eRvhbe?v;5lAt}FwX1{iL&Ew~}_CHo7?k8oLNcd@;2GEjX zIauZ;VTlR*knAOsz#_F!!w;det|$nY-bU79VOFUDl}hf@SIusu#xOjDE@5(kF8KBp zIObgc6tLLWLgg#*UIyMggIo}4^o13<*ctkwG>xl^@@>`AZe+>UL8$s@E%zgheAT5l z_PCy}318g8z9y4JJt!j6p5N-v9{K>vK$hRH=i>61SW|OmB2C>KXJ_ZX_IsHzO^Vv8 z_=xLoP!>O0;bTU#Efq-Un!V%ZAI3Ms4PM|a$S|DfAdyf&=7>wA( zp`2;t@D!YC!Emffh?#v?ymQZc0Vq_1Kv><1R#!-><4!)=S4?GfwJVL-UrCOcuxRK^ z^l6m!8^7P(Pi$zx*tJsZWe2&3%IBUd&%1wUh`~6Q&o?dxiu;Q5_&Z$HPBe3vDF<;J zT9IFcqNxwcc-?Pei;}j-bA%G{4J~20Pesoih#Eqv788iGE!hU{R);Iuq9^8;lY-K- zEBO^lz3D^JLEf{f7vd*DK1b>IhQ|DTJ z8wyN_Z^Va~W6;P;A|_v0$;L9%ev4y^oeP9et^AT&c2{dexUje>D=oe$q&X|eb1`QW zYouBvzO;1A2lOqBR~H@fbFyasS!|GV`?RrZyI)&{i_ucQ+U)WaFU8@oUcL0qQk|U7AI?(OQ<1BeCbfso~qjpeC|YIxA)kIn*+@Wi53k zw)Lz~s6&1|AD-5&u;hcCr(!`eau$JEEMz{woRI?CXpTToclS_`xLQxI5y1VbJ|eWwqJH&^~X2+ zbB~uJ2i;vVjB}4p`_8;ExU)DZH@EnJxY#~{rTWfeK8!|HEuhO*qJD@j)F6kbR(ISN zURq||B(U$jTY20zso@50E1^Wh8u({k@~Hinx~0J^HrjZ!*B7kk0zi1=@^~aRVrS9? zvq}nu2^SKo6RgPVdm_oOSS9Kfxs7(TTDB7DY>aHUHzp~_@qCXjYWfz8@svNngqZuFs<;fF?AwC`v?JQ<6>e zAcy4V+-!&tTDXcm-__64enhr*sEjbzmQyYno*_7tV8z>#)x&H?!8l4U`*XyqmG3%C zO;)>2@Xs_XmCve}j+jl6t;9FVIW&t~j@H|B4cRj*syv!42p?V}?RMFx{rD zt$i0S&hlk#XZ5%UsQ-TY=)kyP#PbKr+Oh6Wkai=|Osi_^LE_J{2(xeQG zRzwFBMo+x79If>k^46uGTl@v-?h3Z7%%Lk(IJC%%GpZ{mE+nd{4&0RF<%Cn|swhk*&%R-@7{eA6VX-$J1+=M>zy6pU4=>J5)4&p^5_p3q zoczsiHG(e)&L7ppEUUP?O^%PB!`Bah0KLXS;&!p|Ql;ZBdt|4h@u_ZP%f|?$iSf`i zyx+00yg*G?4|wkmp6~~o%;4CUY4};B5T}L{6x?4*5VsabC6gme28eCxSpzs?B(;b0 z%WDtD6`d?xq>9Mu@Kns?{y`lTaTXHs4Sl7k6QvD-i|6fU6IUF6x7a>Ze7NHFN+NLu zt@OS{V3J1)fyFu_2YQIvRIl^>E3F}HCi7~oO1o18Js4M$y89nikm{JyapM!yL2jG{ zsniurgH9x=Md^q?;WV{ElZ(<_<4Ck2lt`(N<2WsV(GZu;Bf=qw&06}Y?J~sQGU>Kz zxVBmg^aIJo&{}a9Pw*LiC4rm{Tl_?iJjyM&+h6cI!H36N zVd>ZtWsC|j_7m;{Iy-C)w!XMVM9La_8*-dA%dz{U(si6cirQUi%*MM2U|#@eA$(F7q~e&KIc1qU)>c&yUv1r*U)FiaCX5_IcE(`V)O}?56Ou1p5P0 z2#l)5V1|^P|2R?eC23{3&8iKm}mGpw;UE% znx8FMtWL{Do{Ogae=2>Pc9KU@)nC`%*moRz-4rzj3*;tHAn4<+r?a{2*}Q|c?6~df zqx1?Ua=<09fhKLTT%5+s?Ocv!AnABUAgi(7xyHMn*~W;FpHF)P@K1yn5nw!C5iJRcwWsI%2S52 z*|A#Wd{%=6kFdP93XwCp_i*%+Q;A3-8Nm8WG#UzAmYs|FROUt! zaD$rjQzyJEF0VxcpYRtVRTpPs_6cbrt2jw~CaMnaLjjT4QM-IFTzAT{YGCfW=`Or?AmZ$HCM1 zCuuw^sz^I+hyM5cD-<9$C}nZei&6^Vui5GLYP+)nxaY#C&4$rxnkUGAEAK_wS> zdJ9MlRSOjFcrip+sf)2(Zq7Q}xdKJDD`b7@V)zG!McUCGqgEv^{M{Jw@FDN1IO2#s zRne&!XESEs5MjiCoOw!%+o|exIICi{*)Oa3N+ZCvAs!@ku+WrQlc$ZNlKLEpP(>V? zI+wA6T*1li)K1fmV?dHsO_|zLr3kXN6?e`Vl~EI8F#1`Qk`>fw%^jo1hFx{v=q&`j zG@A{7MWmHS&V`%ZkW=y`hDd~(-biu2e5VU>r;UOyH2$pgeoS%+;0&Bnrq zyqb1P*fc+jRrYb0l9oR6{37VYI{GjPN;**oSwMz$N#`DnGwyf;>e-1rWsaMzXYWIy zlF0>*eHKtX+rz9({;zy}_FNDMl)YW7a^s4|DtW_Mgu80*;{)V~v1FH@U&w!@I=4z9 zw$jB5wwSs%?_Tq#rM!lZ0{o*H$Yq^lH{~cKvr6e>PwW)%ENtSTUC)r0l=6J9`VtBP z+YJ`a0i=o|ixPNlI6{G;_H)KMR?$O&h!;}zr;pM~+f>|`&-Q`8^m z3b7*y+c5gosV)l}8;_;cY`LjP7w!;ctegx$73N6n3Z(9(LSy~ zvz5{%rX(M=oT6{SDXiysb_kI~g=!5M*M|1%BbT9g`%9%y7cflu+*C}VvlpLUR?p*A z`Q5p)GR(LY-b#ff|LcY%@$lWd!cL=xk)y~3RitHPqJRXckKm&O#R;<{kckK9KIJ~3 z$=y~`>q?+5>Vu?^M4kDBGF4VK(QRC)H8RbY!Z#-->}cZT?-e?3e9s02tzT*Rr-KjGOQFrAp$g^RzCN6!+48xJp)z5u@TN}^ zeizUR2M7H}dLF5NjJEZ-Es!&9?_8n^B~>4!%N_$w|01j-e`4^~*iDI?;)C4$yPbyS zzFj6h;hYXLNmL%QiMvq!K-`R@(!cG!RAZv?ISOTBs9cb4_rgN0DTrlV3I6THz_rri zPE&^pE!>u$n&tHB1KXatq1ha&>Q|eN4fI%5s<_iMHC9?bm|ZsfSdQ9gxsyA}&7V52 zi7iRsJ&TtA4&s}+Yz1k2bCQCb8KWf?3ensry;Z`JT1K(-{u6g+dxpom3xrp3eIC`r z!QsTGWF2&yL7mtLr`L|O0bggmBqoq+3|MV zk29`^g5L{vi8XwR{HqtB7ZeJ5s7o$Nq<+kGa#rm9Do@tGK>S2e&9H|#$iL_){M)vo z2mGl_#NzCgMSlu&E~4(AfBXW z%DV~UbH`7CqO4d%&k>lI6Xxf;!or}cZf>q*XT~)qsH$tQ+8AK#kR+Eut97U+GdH!m zfIIP?%k*=Ds<1aqDF%&ck7l)Am2@49_9RRmh<;%>6&Y?+khY)jsDv@_XLawz7)_@Z# z+Uu69o@{F$ZH#ABRP=da+1I>3pW}_>32~Gm$YV=aNejk2f%!U!KrpB)_yuWjePJTw zh9>4(LsDc?wqc>X3UO>AB{zLRKs?R9D?-kq`Ek)q*!CRr4|iihPu5!H4`j91+G!!H z0$Vf|_`nyVCU6#0c?@g>7@dUkhA=)9Yy^OP7tkcDmt}lFb|6Q|sdOQDZ5!Z(bV64Z zM8!LB>T?Qy`KSEjSTA+to#}p7LEb*rG;T#fRxxAt=p))-%ZBW0+S(tp*1i{@t=8z< z{aSmizv7=G){B}@v&5b5g0;Cx9j6;~H7zv@YY zcjhOhWM%209o!3t*E}tz}n^ zoe_&UZ;1yDdW{Z$KuQC)v(qcQZ0^iIZWq)s=-^;WEQy7$jGaCVswC|~X+X%0(GO%-Ad zy?2u2l4oKBy&0u@1jLA+_f_A9K?O`ANK%UwFL7>m&#`11P$ST^GB`NsIp1T0EAT;w z8BKeOfIg5jR=FwmIeModv)U=R)(A2$H&x{2f_;>0+4ka$gbTLX*1;j{)N_U&2bmLb zjUU3NMAyvp9q$$iS2LK6=`A$*pd&83Jm&z++TbpAfJVgDvg~Ye-~}y5;@w=nBKui? zweq<+T0-?OuoWm)ju@3A4m4!GrF9=1jWG4oFmKTN%<)7^00erh6P=l%+5QXA z{!1#rbE)wzClmw-?~tf0lRit+hL=T)v)d&+ru(6;5GW|kF$gmji`mg+0^O!&{(5`X z5+0O)NujZ1Y-iCAW(m@B85th91#H=J(sgJ%9Hy>4dILnY6KfqBLhop57`d&q(C(J;t6kJnt1R*1z^o_vF%VRPEUIR_I(WReo;|T37`2%TPLT8OK%=y8gqLx zfW0YsB>;P?s)LG1&&uOq9QwFEP*eYw!Dg6y;B;tjf*PX~Z&3Wg>}>VhtLfNBf}Pc} z6;w55t#DnT#{rI_N7lA}o-+x>_`K+EXJJdq5n^pgV5Mah3EItcMEzIl`61TpNc4e{ zbKz?a3C!bI|85?KUkE7p-NjTG+=tsJx`?0w)e_L9_2b8np!xavB7AC~C0TMJ<;_hC zbr~ZB*F120z>3zp%j7%^pZR<)v%PsU_*$;@nah_i|LT1LXqZ!ZO%Zw%s*MkzA&1Tf z4j6WgUj^JYMGRJKmfN|2+lXnfzXhTJD9lRlatvzmBW103@!?tG);gf}ok>o!*S9+H z#B*S~X6@wIWeaG3_xi{CwzjrG01iQ)85l?MUXKl*gB~c}x5*1|L~+Ff9Dfd`)?wll zxJ#%QzF)dM3jzYD8)|O+tIJS}Ud@8D8P9`Dj8%@FyHmU#LyyqVT5q5%!@eZDG~OM9 zJP@=||H}hCY8mBEXbOpo?AQ_)1MbIN_=c_o?sM*OyGi1^B55&&8$`Lj=TrY=pnnA{ z>?^=fQ>bAX58-Iu7@w+&7(wf5y@^nKrW2jv_JT6A-l@Rlun~h4vzfkhqMX0j`T?AIZEU9|s z5&beoDrLKVc~Mv>+nH&^W>n}Dp6y3?Zcyy*`j{hu zKSr2qa%OO?4}fFOTK{t|i>r-xM5vCUNUBaE2WVW-w#3uX(dmk?^2aos`G4K=a?GGR z^mH3Z42A;KbC7BB8X{6)N)>PtxYdrpprlqz~(Gt^vFPaVeWbyg&QAnl0MAAJ8lCKJHkAq&LuN*zb7(g?7 z8i0A+thwW_M%RBN!5n-;CqA+#CHK}Q{gb6W-|l!p{a2UHrQj126LXvfN(?H!jEsFq z{B0FCjUID=`2+EY0c}Iju(1vENbOa&tanLtEcrf^he-Hca&3&06g;9GpQqWV1O^pK zo2^dZY!?dF8jU_dJsbU4JS4b{`2P+Gv}c9W>+Xhk!2B4(I*wh3bxFgZedT6{?`U&k z+u$G%=->#o_b*ZcTg;5V;vDJNfrpT@yOq2i=vYo?)Vr*{FTPn_mY?r-+}iZm6R;Ja zDU+am8gGH$d2B)+;%9dP7_}g*b>aLY_aUe~3cz2XrRFUR)WTircu=L*0nNDSlA4>F z4J!Tppn8QNN_BkQ$R6Ee(i&E|Zr3fMA(a5%BCwmCy>sT(rHB;P#t_M;%@M&& zf>5jRQZ5()0KLW>k}V^*!9*wio5+2@Q%il2UQH$?K7ldeFh~YOB*y*h#&Uv_g83Ct z;IFN25Q|oZn|xKMn?r5ENSX)AQC4l ze*}^A4AYnZdfcuY3yzD7`BXp;xF5y{&0e@-KVD`Hk9u+qewr}&&*WmlmW`AQj(BLv z{9^BXAR$2Gcn*VQWU^0R1laBo#sy#HJQQ6IVo1=?D~Gi&fRdyz&9zX?#|NDJ%Sbz_ z6L~qpKDfS#PQtM_4@?4Rfbq$_m`2xP5^SLP9U8n)v6tK|4$T~* z*{Tahy*T{*{Km>HYa>7tEX8-cSQL0SbST(X)I1U$?wiB@z*yo?!pK@O9SAk87k}aO zD=%*wG7EotfC*PrlZ%__VR}(qEKe7QcqS)77bgg2ToD8Z8DVRGq3OZ3^6nMTl*R@# zEBWXDd46jAl=;GIkm~|q0ue@m(*TE2fkW{0^t3@v2|th5TjeB^a(U_c;UxMA{Cjd8 z{&u~f+w~iemB@LbR$uEK(|w~tjntggU;6SK^o}rUHlYuYtfkMKK7AS*$4k8s7p2h{ zTCaLYS4fGvEEB^dsp{$Lyw;`b1c0|<9|Ra1X$~d=#30@B!om_pw1tJGM0gA$Ny!U+5RAKmCg>f66`jdnB)+4Ea!ooo zS7CV`Y@$0P#(dr6)WK_7&=8+wT;FoIqSU9m%vh{8f?M&64}{EJU2MwA$~oSb^}!w; z3%8M?rI8I{a&j_!@V5N1k<}k9N~%eatD8FlP4Q+u3_f*`mx&`(qWI|Ur?Qx^`tUY| zOlD9`T+!q^av}ENAT-){>iKccQ4$%NK221Lscww6|7KI})hiCIcW-zVj|52oAjpl- z0BiGCmAX&u5aA!?WR zZThl=3`@Q!|JU|E{a5z*t^`I_-+D!iHkh4gF)^&{c2{{xQ>s}Pttxo^=V7Zskobj% zhqrZfJYMx+6z4743D(#$oH#%@X!7g>q?-SOF(WneXV6A*^u0V-p~Gl8?y5PTdWBE7 zQt%V{`weF7@`R}=?bD-M+eiZ`c-+^ziU7@T;|V+=)3=A-UFbAutaUcNMS0hFBZ??~ zoIwJC9e!}?`f*+Dj%-~}o1r||PZ}6{LoZMY?Lndp_dvVHH|w7jnfJUf)Uk1ZGpKC=P*-Zu zNjjMMBv{o_bKJh;&`7;VJ$mOf+v>tJnx10fsBb+>6uUKnK!av214WTOC9nE^x#j!Y zA>uKWRcf(HJ!9at3utkQubS1u0%rY00yWX?)s6OV>|sg%1bW3)l$xzKThmM4K_ecP zKz|`8yT$(9w$q)Dsy@4M6X$qU6+{&MSBh(EzKdQC_;ua`?I-+J#i6dzIetsy9cWEz2e7*CP zE%CjajzPa+yZqk2+74dl{~7C*`5+vwAJyCww1NkA^*O+p^lvU5$829E?NkkyPAKTI zVso|82^lJzxgQ_qcyV3Lt8PIXI5Bx%a7^Bd1`cxOT0$_KU9PcrV;_rBTYkz-93d#P zubeK6xp0K3(vKJ{;nREnAWzS&^;Mui&?Nc0pov`v;K%n48Te8*EMLNCQMGzbVH2x9 zr)szyHPMBt_Rt#uH z9UPDBgu&ROky*;-ElG`gm(t>JZxNN4pL4@!bjy_c(#upia$T{@M{MU-@4>$Yo58#x zNKg$Cn6<&ejYP6H6KHa)H^4Ub@=ht0em?pGp&$sh1+kwzQ4`ANq z^yXx-_A7AM@wO)WZT1GgAkDlQj5BJ64OYYHrN$LtyXs`^zuZ1^8y~?6BTNYwigRan|;T{MV|dBP;p; z>IL|>*hT})pOS5r4@_)w0}aR+B?0XQ;Uimj{NfTSsGHx~zoTD{@bZE2#*70LzJ>yH z1;tx^o7XhRSNwZ|oxh(!GCMq77p~YGCJkPj<8IM;egoTvCHj|+SOOdIZRC3LU_Gbu z0q30@m4OCk8e$TrHS3_D!I=bQz$D<#>_E)8B%| zhQwo{fQ}d_h}y5ecgME*u(-k+FG21t(8TV4soGzEK`B6+oFwr-r~VJPKLuH}js4oZ zI>?V?XsEN{iZ4nF#kqZZbS?1tx-!T9jRY!m{GFMb*E~H%i)Qy}wHvQlZWOWHdhWKR zS?@z|h~BcT@U+R9zPI^v-T^jcN78kO;miP1mX zl_DUZ_U*8|pghjcG`s9Rp}4Zk&x|k;@Uv?zuwBQuUmm)jiNQ9>N7B{euhst>RU2~X zKkupAzXgStKOt1R-W3@|^Rdz7Uq{XT=e_H~8V7Hkc7juY4W+tntb2Fwl4@bdc>jw= zwchRbbaZQ-ChZ#y5w; z32u)e;PlBzGpJ<(PK5t%>wiS_qTCCT-A`#ea za&tPM{U)?h4ZQX96;{}C<~vqstvmn!TkFfie2q#1M?zus z>_yQ48!}D4 z*9D!i1WV|~)L5BVL zxINYXgfOQ3g!J3DZ@UZ&uby+++vD2TZA}upIbbHS&fcoe*YTy!UCQ$V#j?!sEPr_h z@YRr=WwRAHC|2E{QmY--GZNaR)mD7DlwIYeDj1bnlQW10FH(y)rDnUqebFwn=tCK!K8? z{Wm31x>lT#ca^JbxihB;Z}O!q`u4iU9^8|`WxYBzRZ^Rr=)-pCUJ_i+#$c-fB-Iq; zC=739aAXT{q1tdqFq1!P>H`!#?ASg9&Wb<7yRCO1TU`M9g0W?R_hq7xFN3zS;a&uX zmJhd}-k=*pa;TC5*T_Lz`f6no-0G{uwAP*3gTohP8+~)x^IWq}*_ma-z9%mkIAhl8 zLh0XtD-5Z_g;j1ye~F%NuLSot5;WY_H#Dq_AzlPKZmjlTiB*Q%z-KIYU`d2|HMqp5 zO~Z?nkX7& zSCTfP*U81(8L#6J7h$N_4oXJ zmYXbEb;{pUTXkStht$B?s8ZrV6810$Hvg`?_T}IVJ}-_~*rjq-^NqK?uT5d5MOvmz z{STgybrJOl0v%qq#;U`rCq)x{9Ya|t)Z6By10s_E+LDtvwo_7YHcnGNI{eIvPLLQx>h_{n1% z|92z(xAm$O(1H|wez!dDX6y^RO^L}szRdWcR}!6UOP|;G@JI`6$AP9VBT%02=P^AX z;?r|qO<}vM-eFqJv@PzR+RMEAnlT5-FTs{T|P93;zrx0=HO0#OFj;qGaKfa z+qvHv;XmtWa?LiqeUjO4--dkt{Mn$)>f9CmtGgwfbKZ0pNzi0#$F;?Fam?u)`lEze zkRUT|BEH}DC<+@DWqVogDW$ahYPwz<7-bSVdh}dC0XDtf1n(g8LX4SFS{Ip zWnd?$F8Z3Bs(_1>|4p0!OVN|h(FB|KsXz3>rulxjYjDw&hg;#!*?|5fhO<}A&%CA0 zI~E2u7>FE~W>TvBw0&K+lK%Sb_BxCO~J4 z6%_?HN$tZqn&9K4>Xx4)4Jj{P9I99vPyaDc>d}er+X6+y$wV4nzggWolid>6lC=|L z>MxS?G7SZ`Ha&=!9sCNuA~0M5xis{1*g+iT_W+JgB~=W<2G|>W5i0|}{nn7;f-i6C zR+yh;KBEpk>!y$!EG+evByh4gdatzeK#3bO8yl^ZbNz?zgg;QM zEDY9zFDNpwOyYyeMD2gRhB*cOzhwO%x^2&T797=m_39b$?{Q3w=FOWo9g4mO6hR8k z7rEWKC60-fO(dwAy5r7|)`PtTjtP|I%9k(Ilf8IaOzc6|5^#f`fE)ZgQor425bYx@3GStzb)E_!x(@IJdo{Abh-76(7EX-t^#EEm&0yZLL z$hY6NBDqZIskj*r__9RU{8XPHbrryY&W?CNe_yb$i$XMRpBiN&QHt{-k2~jJja@AX zD)r~0>|i%-Huec>1-m-d7!34}O~e3zp-}*i3#dR{vf826GT&9o>x_&rokWGNJK|#= zKL+ngF8#7?mlYbQ=ww1L6D+K^dICcVFC-n=`28EmVBL?}?>CTd^&R{2D(BYsQy`~@ zl7&5L$wyktUc7iA(^>|s=U{8u9|2GgrkgRXQYyW?S$Nx~ge|nHr zF!;U5f%}$_6~}Gg7B4GVGzD0tfO_(&aiRY@iT#~rONL^~R#>j6B|is7!FkMj)0-Yg zfy@!X_0X4+h7$ovWt?vUz&^;IKqfoPufY!As_8)b^2SAe?F5^3HviLFH@JlA2Ze+r z#oXJMz{_7=2GuVG>92>>_+lXU^(F7w6F7mQ0-)`S*RgZ|ix>Wf>VR@>>w3BNp$A|h z$>}8rc=>je!gai#Oyrgo@6?&60`O0-f!2N$o@p>H$-#|K zp=|i}#xk^gHFZEF-7W?pW>m>_ys`z_f0f%%D7Q-xh8WZ-W>Do0y4(fx2`O0JvIgG; zRU@g#l0T#HrOfva%vHdAy`n zS2`nAnn=W#plX8Vx}*VdCR6k_d}bLY-oE+na-SOM}4 z9-5R9P)j}lm0Y*J7lmK8Az1b`MUI{D0^U%mANJA2?Uh0ZG?rfh$SeFz+$f5>@jNqT!ca%n8h$ZO>4UdO8#L%Wb$4xX2!WD22K1O0w7KkB#(_XirXk8gCGJJ2ScDIuSh2)|FnBmLC4h%}WtqScW9EJ>dfaMh zfKluj8!wSPnO<-YU;}CJUT-=xeEU>9lH0xepv=IX_WZ$Dsh#H=iQ%$?VF=X~sS?Ky(WUt@CMa8)zIOF03p5i8 zMh69ub}F=NVquZ0t8(7+lLsa;3r&9#-=gqn{2t5qg&{dv${0V zwIe~?s6fQjZ|-ZXq>YZlV2bALA&|FZc20miC)&rv^LwO4po(HO(vP~F^F4s`2%Wu3 zdm19L{&K2%!h4x>x!|>(Z%E`(bnRqMZVCde;+BM*ZPTnDT9_Uvo%ag2!Dh6lAsGo5 zyakJg3O$CDwY0SK6o=T%eD^z7uDIX!SDebb-0w5AA_2bS!cJYN{Hj4zfAXWMK2MX{aNod!vET~f~Mda@>me)ppS}lY6$sFqsxL)-?Q1`*+{ldl|^cx)x z+x1ehwe0A1yfj^b)oU_1RtNjTG9p|UIiK5oBPJ2|`nhK9_E9u%Ah)|MH}y2VvWSl2 zN}g5F;(76M=BeI-@Ept9!=K*Qsu0z~INW?rEc%Q^3FO!kv2vtFNo;INWR^#O_M4bp zw3VLK0`+RsJjybWUL?HW=|-g6+}Adcp$UnLNAgD~9n(=Ezg+xKFW8mzJ-^E|^gNOh zT{PWmZ&5hleqO~)x|PzH+Z+MDM${?4aB?R%d(6sg+M`|UssswH#VUo|mZBNCIGKB( zE&qI1(Ol=FHb9pG;qa;2K(x1EqKzh(zo)V1_wBmZt{vcaE|*?i>T;=HICkt<)Tk=J z5O$f#?p_b41M(+$kiHknW+;maZq4!wWy1vLQa7t9(*4n3!6bGC+ImRlQXX6VuyJt$K~5E>yWQ&tU4Ui z;%f(PT~ahdWeZJ{04UHGznuDOlky*}PE8EdHCrAWm51L}_*Y!>_y3@{n9tgPP!~Yd zE~8@|O8eg??&{)E#1n172&=I#F=+UaKPiE8{DSQM*nup+MOM`{`EHCd3j-cV3Sd7r`QE;e@$vB@ zT!bR-Lm*E`I+BdE$S$AP>a@2_CP%$GkE`R442xc!Sk}FAg;{pc^D+g8riS%t4zTt) zl{&u10|eU7FIIebUpJDdpYaSS%-Pb41PjDkvdN|E4%F4#Eu&eppxgk3#?Djz9=h0!k1EKrm)|{(ijK z9b%2Ho*`@H>RfhIt>fG@&xOqI7RN{_2dKPw59M5xX9YNM}?U3 zh5p37QrTn*g-yQ(d{z-Rt-2xs3U!xC(3)H>R+BlSNyK(EMXp$7|6TuK-P4w>$tV}{ zjhL^UXZss?lWuFBnDw1a^f-c+m1_0vT3x}tHKUXj;Dxg(&c^QK5hCuqc=$c~Ri~e1 zGMh02+D}Gu)tBn$=3PWgO|a-M66|8PT}>+`MC|1CJ?`(ZOc7*p?aQ@Qs?4&Do_PV$-D4?+Ns zMB<>&kYCQ%r$!hSed7vDj_fONumuU5k=qjdfR+t&J&>E@^bYz6ZP|f5cl3qr@s%sh ziV_yp0&QSGn%%oY*QNF3PL05Q+@0Q;`gBrgC9m7hT&KP2kCV32D8 z%xw;_j8s0tNa9c$Ze^D zgKhJc0!j(gcM%69Wt=KTo=Ph$OmvAmRg7VJ2~k^y)3;f-pjA~PlQ-mo;Z{}ILylgm?u&c-J!)S*E71dDBwtraHhfXmRzLapj5 zvBk=4NR?QJH}cx_I~}Z={Qem@h7LX`+%R;g zb3)zO7B8sqY^Hg37@+`~nWy##qw!0|w>~_`$#`){Y^m*mTY>L<&!|OXcMh@j9=$r4 z!i^rvJo={+ney&aidkg^F+DxosWqqlDk$C`OY$Bcvszquc-({V2Wa&$CcWp|n`F73g%=aBeLRQb{ACOnSO}bo$3&`7+0{ z*0#5TA8VoLgF+eA$5hT`VuPCSml|A_8xXFHh zzM<`3fMVX#vU%<08W`6C&R2=xb~lDl=FzTIQ}Sh|62HOXQJ`R&0+nyY|D?Qc5C>me znfU5CgQ`@I5i_||p#lQ3*y~`!F0ov!!c$$uI8Vr*TH41?T=Ae+IlMGK#aUVWeW}+i zg-{|qT}oJW0|j21FWHsf1K7P9n%dG3=-vhW0onbj{&n9Dx^(D*;{g47$+fe3Zhmc%l@tr;FzJB zIGaRnPUkY0dmslQp#7SQCEUh4JS`?;ZHFrSrdIV$=7xya^Wrs&l~l)k6~-+@C^PUX zU}db+175jD;lSu2wPY2@E5o1Tu&onxQ2P#O=)t-In4r0J7wQh+M*%`}jsJqpD?d^q zYcdN5SQiFe5qAg`V|G!&x2Dw9$eH}k=lu1}{vd}Pkiw=&_b? z#W%8pP)TmCq5i82y@emXX0AQmXB9uH@EVrLakO&U`DHxl4*( zHUYLLF}Jc{xj1v#B5N4gGw!uqAze**R#d;0T0bX%zmHfWF4*~lc|)J`-?qK^f6GLq$58PSZ}^4VOfijY*AVc zuRVssBUDKjjFBsJE~{RnHIKlV!$GPprUxHF<*-~ER-IFSR+WI$^gAW#mzi zUjBcqeRn+7`~P@}N*W3Y87-7h*(;}nN=R17$jByp)48Q#S4uV^n~;5s%BYM(i0sJT zd-Hp~ySMM>e(ueA-;ew2uO7}h@AvEV-215=_6UD=X_#Jg<)iFN^?cip9Yu5PP7`$% z9Egu3o~V?pU3|x-DtSpt9&0lj}D$Qy!rOR%2 zY%#+2`ufsPWVfC~DSEroGxa>ZH zS>-o^u#e06YDq}7SlJQ!IXEA?Al%!2o6CHo64LKC3^VXUOYA-)j!I$ob1G0809BZf zaNvrAa?5B%NM)-EP!WtSM%+Ov25Mes5=;uMAGnJUAUQ*C5Z13}8rl1gr1sm7116$E0R7FSN&r(<+?rqk5f(Y?!fWAB%|UE0X*`d6 z5E&QVS120V4=j-slv#CEJn8p*APeX4*MyeqK}7rwki`|UM1m1b0`S0)1hLf!zsuc8wG1je)>^iH3{gYm}<+zjX7g|JL;gEt>iDE6mjA z^z?q*xBKx_2Av5P;vBl3Zs(pu-i&jr63RL zo9vxpK}5Me{Xj(csod9rc<+A15ipYoeuOyz@NJ-pLGZ2wXaY(z;STo{ZRseUJj0cMwpLCYX%(6Gue4 z!2usabyw^0A3zK0wupoNsN2HU11w|B^p1g}xfk+c43dh3eeu`4U~`XdxSfdx2@>p8 z5(hm9B}Z@#*9*HZGNmG!_y&F+!U56!2->>7@zeg7z4njMkG-)U-d#~=WeYIpMw*Md zM{t+!VBRB%vC0aRVYb{z*Npr$ZiBAd9ZUh-R(&_Tn(`H(`&~$W3MqFsi2vUG*@WvK z-67$Pt1-W`O3-##Ut0aCK@amB0pa9k0S2rvk_Fu+R!_L)L;&H?K8fBR!`C-J>y~1O zs;m5X9Kp94P|m=9Mc+->XCP|w_x!hPCf!^V`Lh<_uf%IW13zW&Hd7`no7N=-2c%+h zOfu;l{60wz_}25>9n33Yq>{FYYZi)Nu9(IUn&OENToSnatdXMx&j~>O38G8U9Pr0lO2wu@r4S^>fKd@0+NJc~ry*IKs zg((U-(x*gzsM`HK!~{8arU$8p1W%AIfgIlJ-8sTyVqIGKjzqSWLF6E|X#)ITAtvbv zhKULr%n(FQRpA~OtF5<-FoT~t4%mE}XSBiC)}KlxuGRnu$Q+l0Sp1aW0Ab`*&pPe} z?rBZaA5MGUYnYt+a{$j@3GycyL?gv0Hf(GgLhr`Xvs<`58atRT=S}-61@H8DsWig%IqD^Hs@HjtfXx1F6ZX{(XzE58 ztqk~fMI->9;$s4ek_s+{Cx=D9gpBhg1#m0@PHJLkyA^2KKXDuqbDj zcPc-D5U>GaG)vSuJl=#wdH`t&1BOWmF)8|Pgm@5o|N3N!sV0M5s`J-qx+v{t5oycg zZG+LQLsL=A4dXw`rjo!D%%wYj2cttWct3E?L&UZzDJ=$vHnzx_H2;X$mb=P z)Umw{J&Yxv8&ka!9OOTrS4)38TYD=Y@nuf;bHn)9?Z}<#k%o8JKw5JE%nxt5som>e z6ai0=EQo+9m6i>T-@=?DjXqL?Gnx%f`|jpO$#$YQwjm|Xdc`2W+*|ImL+qO`zqiR8 zMs}-D_2GTNCGUsa(i`)Rv(0Y|DUKaG2Dv@|Yia$X+V;jn%I^7~5h2ikW6ok#n zzca@lfBA3;`)X^Da)7L7DQD>O*;7-rmEg1FZ?;3|&FXVwB%<7sL6T(HoT(NEQUW6$ zos<%h6d|GQ;{=foDMERuel5CvUZE;Dy*lHW^+5PeX3d$5{)O%+$JP4GLQMqGW*tk7 zxerJXUiAZBovKexI(oGqX0J2nzIF9YD zXkRc@aK3GRd6V7>$D_~eGI1HU;yv%K^P6EVj|G_7So+W8o{Gu*(ZU8{J}3bD5#~D# zcEXR-ud7eUKd^&P$>rgU-Dqtj7m+svuQ|f^dzS5y%Eiwvi5@5o%}U8AoP1hT27Gg+ zplq`*g6eA;=D$ys1Z$#o1g4&=|8N+Z@8uXuHb^|HJUUE)4=w3am00grQLeibDS!2DN`~ zU4jIs*9cn%1>~-ax+g>J#Xq?`o5??VIh#MSdQoqzm7I#PRdXpRr!D(1fOl{~9(wMj z*Ak;Li=X5r^QsbT9ST35(2hL}boZl{_L0{&hk7-5sMt zR25KYp{O9k_|$T3WNRzUF?HMI4A%*%SaFMd>6g(`Ypes!qWeJHdy4vs<5NVEa5nhJ z+FO0$F}Um>l<@i%aEck^NI>*(p@|;9C4>^(?h6utBcYG{o)LMIa%(QXBbDPZzx-*% znt!m$|BDiCZs|I2kDaml4?P6pNj^b;?++dHld1Hubc{jd&ngn1_`)y)<>A7%TX#^P z#P)s1)MY@jP{CLP0F#cM19l}INK%K6`Sd&Zs=xwxtDbu4{c-f|fbt zq;I?PFO+!rtFpC>Rc?8Tv1P@l*Un6vI)e=SgayU}+sp?bhP!a=BV;2}8S60;e6T+YsK#-TrNLg13W_z1)NLxkOKjkqqS z681Sw@Zij?qePX7g<&t2Rn8h~E8xRvANBEsf0A9LmC`Ia6XPfzGgR&*J!nD{^{Z^Pl_1l<|ZZ< zppLgM-#f1~a+~v1Tk~0>s>WmAoro5Y87Xf1iCly!2n->@W2guS8Zd1A9TE0P$3^pAA>g?DLCqM({-^z5@EGFHbg zp?GKvM`4cRim#rmrZXXT8qJfM{K^KUV;Ozb$x|yFE=wg)GM8dQhV6})DHbGJfQmlh zqTYBq!WT_~$ZKmTf!h%L2z)gVsj17;AFm5ecu0iDjxg{^fO?fKEc(Oh^Eb{MaI<;S zZgTt65MADQ`_iaq_x)X-pL!~~p@{L}7`>ZwdI{7fYIhB#maCZ;P)Y8gr&Tk}RGf6M zv9S?ef)!G;E#@q4q4uk7W6mss(4SV5oDAJ^#YRMA``JCp!(5r6aFRA!UR9O0LumQ+ z#pUcmU+`cbt6pK^M1pvw2Y3k06om+XCSvz)GJmd)(huQ^4&zWAa=qs)M9BNHP{P~YvSLK2j3LA*l>l3h2e)UpXm zPfEm=c^6u+(Zy7{3K6FvUA=|fr8^-mX=)AoL)9XEA@@zp5i92l>-eW3^OERz`61^3qX>s^)2v4#c5N{lD%f5Qdh9!h zB5Uwxd^t{7Yd|t?3qiOLkYTzPBGM4Awobct{^qW;@&nIVBw+I_61+&8kCCUFc3s-S z;M3)!#@ipNK+W>5LUeijJrp=^-gc0D&9^{^EImVbjCj>LyZ$^GJGpAjZ}(KCjK#KJ zx^um9ciA1U&|NL|2g|!FOBIeO270!>>gA(-Omuf+^GAjCO|iXag^3oB2(GV4Fv{G6STI$W_7l`81f)*f!(z;qD$lBr z8*2fzxjkb`4UOY^z9oK-vP&Ojub#}aJ*zm`)~nL-=qA}}^!KSP0y+BlFni;XX8X?7 zrS6ZhVIF!F&r9!3bT9b}YDO$PJ|fxWw%njuI=9-nM|<-7$1R3$=|N^r@4Y_L9Mts2 zWrT+gFz6S$=b`cn5xKtJm|4WDb}MK8V$fCEWe;7n7Piy;Xcxp0NPWa?&EjL`J zvb`50ABU~$vc(nHXj15m7eQ8#)g8lA8ML>x(Yr0ZXDoxF!Y4vV59ih0*j;p@UX5Q; zR?f#?BdRjLj^p27X(*&mM^sgjc8F(tv@(bdN4qE#ovCmQJc?sB4IAxG(!svn8brO@ z+(##|h_N8_0cTtje;&I;d)gTp+>Cy0=2Sdc7$<{)0R#P!!s)vPCV?uS7qAS1uFLkw zzP|q2C>;pTq=B65rrRSziLB?-{oq%phu?3Y!F@7pY;e$HZF-69MO$-FNZT7zHIwEnk=fz4mcCIwhGnB0!j|6!#7TmdnzrjA zu&}i=K0{co-hdH=3-0%pH)!!~!fqzr37xs~2Kd$N?)f0mNA1-eA=wXl1NW5I(Cm>c zx0-uaZwzOiPnUc-kZycgP_#)5ik3`H<}D7sfZE#S&TXO($Dn3jlXZa+xW!e}WqE?% zdR)tSF2BP&QtZL*tX;^~xf)5W24iFGy4jJ~wXa=?`%9iArVLv3CeIA%j4bYgzx||n zPIg44>GhJ}pAQxLx=lWvUu-Pg4@*QQ=Ajn+{T@;0 zJnPdRmdC%nuWe|cl9rbK7$~|LCF+sfl2u9}E4&xBkktY+h~vBPd_@aY*H5{*=Bmm+ z*n~YuW^HR*hId=2XmT6B`tnqMCeN*GnXx13hAp#AKpc~Jj{NB-_MO#2PuDaAJHXmF z=%yfnPbv<)*_*9dN84B(`sAz1E`mM*Twfn)WUL^_{l9Pqe!>j|L(dLw(T3KKyL>P7 z^)l{CX#7Ly>0afz0X&F#PQ0oUw~%{_ji(Z4uNmR+ypTNO$MiWily_oZLVTuU!|SD} z_OjYVIHY}i_l>?)~OmVTH)pt)FAaazK17SjM)McKRg=d^nQ=Al;i)jN%OQ-s{#}*SGR@dfYF;knn@+Fw`z_*ppA}6>O5dt`6z%$0U zP52GwkUk_}VE90W(JiF9T^E_Pxj)O`K8|dfluNS}NHXw=-M%Tp&t{rK0xWB!n^5TE zm+(Ur36c|iW}%35uNxv2A+x&%e2W(VeM{$2q(G+$yxN6&U5T*XEB|mf6_932airPu z4v-6!4py`Css}Xws2*^H>&I(8-bxyx*jagM zN@#y}*=GUyiv%kt-~w2r4a=7~!w2 z`vhGKa*W8U549r}YJGeRObi~v=1x5=!6V3Pi*t!#d-;?56tO$Tx=|hppZ~hVj|n@SO;Tra-Mt9gn8-E(_bn!)sdH{mwjb}nByX$z9Ip}pSsrW zlzuxRsr|w4ki}%lqXPn#x|2>wGaWR3M5U$4ML6WXZa8#xD^`-h*f(YL{Ivm}(&RMj zYX36|ifF4U(~;V(#9*EcZkxeUZl?qTrKqi~t@i8Jz!22!N6oqwS;>5~ zsPrnrl*~oy>gtzj7UFBBx{4ML`Q5_0*}JNT^baRo_I&?fm-mA)4TWdf!soSK6UF}a z$#YG0CkLaTwZTq0-jfUL_XGKOc#ajltK7ymauz$eU3l`kleNuS%UWC|z0|Fe&siUP zjwk)TwP}6s)l~)A_^Q#EA4L$Z_k>JpeyZyltdvi#PRXC^jXhs2yHYS4I(P>JyKB~9 zK~u)sMa37)J_Y=)L(dl!9V(6xe>!ygME$aY{X)FfRF|8XiOH3Bl_Ws{Vye4{?o#k` zRW4T_E92czFQ@`5(ce{%X6;VqgAvTgj%{s zr1KL$cXfSz+WkB+HR+QY!=Y2xvGV77V$WB2Ztm4z-ND6}^m>W-(-G*@6GkiMWJ(1_ zp2~BuBCKB5XXNza_~J?VL%sU<1C?{B@OuyV6-zqpE)z{|J{6I_QZVh5txhG+SrlE= z7{YSZ3M>DuNB{nd@EyXb4py{GemWq+1vCn438(t5B5MWoep5iI90_a0UlRiMGqDUw zFtu#>!kAS42qm_8$8xxS`@<~{e3joks!)|EnH$wqt>vR+xq2MS^}d26Q2DZoI?)O& zFK8F#j3s>ZJ`}j4i^lvS_0YzTor(Eh={ICh&)Nyl2( zNI(0O0_>2U2<6nIpeXY?VWsz@sDsIz$Zf&E$$F0RN!r+rGe@4kk*=o0I-nphq7o2T zu`}V|#)u2~m9C~%x8zb+yz*Jrp$N?asL=})OiAMTQJIfjhD)J8iBhoO%a7N@Y5DK8%qs0+u36>WEdLv*|7)G0H$bbTmpVvu=qG|ejy18HN+u{ zJuVL>5Eiur@s>+&?=&@PKlHxMqH{d$NpC@t-i4Ef!3Tl2P7dIH_qaNpiCo@Q22^_; z%V60|u$uz8wjMH!UrDC)UmyxkBy?8fK#LutSKHE_^0)8HyY2OrFL0NP_a3q^tQdb` zts-?L+}iMl!$OS1tusQ%1^wk9ctdmg8R6)~Cae`C1m-LV6AA(30U_=nU0#sYkU6n7 zkZl%UL-q-&^TC9HC)DS#bc^7uzdINkgv%RSVC>#TPvCb1WW9iD7P9K;svZ!D;?_A7 z&a_0z2KyNAOl+KHBP>A%u<0ivcpf06f20C`K@+MN?Oz1XozX6e+U~)n; zHVHgr5~;xqcj7}vexEoFdix1#JtjCFV6gKNcqrOO7>go=MFhq)i|f8D0&^4SU1N`2nPgShkgysy0n|Y%ZRP_M z^mGa%X2ri5!yZ9IM9(7Fo$8jw9KRgfkrzY6$@*iGqzW~pI%akSBXMK`q&)+rusB!S z7E)Ld@VY(Kg>-Cw55>+e@`c2}y3zAme)9#?YeF zoBn7mc`Qy#a4`)*`hj+`*Lsbs^IsF@WcZFkV_AMJDg5B`2}tfI2iKzc+>`+SC4vKR zQ3L`ekc2@q^HA2P;O)Ew%+#4JYzXwdNFl0NWP9rdm+`eSW^R1WNz?LhUK1|NvT_UY4?Wz35&0hhsOcGi#z-X|M>1HpD>MJ?IOy_3-r=Zb% zJwfE~Ey%8e2o2)uom@qI%_?aI zUrHPe)x!zP8YVw6#B#Wi_xN9!0n0?eq6@-d_6sY~<12jCj~0}Dd_~tjR(x~=7`d8L zAw~%v@MmOJ3xJdlvq7UR z)@wUL%4SL@g9J_=c}j!Esp&AqN4TPehmJ7U62hs%jm``DcFXwi!XR9R$tsmaMMIrz z(eWBw*D?blaMTgqmS|&$ww1D)9MVTtC`y~)F}G0mAD=Gsc$WCIMZV0}$GpwPCj2r{ z)wbZ%h1ScZMLRLKN-|_ z_-h|{In!N4<>e?GA*}M4kg-ixIo3x|&PzZ-6&I82rWavwo2sX~g!K%1P{O!Y?cH}0 ziYz;;%@E~F1}DjQEzX4|yZ<#v{8?X*U6ouO|C;@z4v{c!D~stol_&>h%0BLCmSL$hj>k$FaBMO0^*?igf?r3ujs$ZjRpgnIPvE8cy%=tjL)!SHyPu;e7jw zlvKje8r)H4#4hzioby1{*qel80bsDR1JTixDBmJP*u@USStDo3MOPZ`e=q6Lktnqr zRlkuQfSGy{e-Lt}7-k4A>1%u6Cj?+bQf5H#WKIQzs0h$4_|4m$bEc;3(^po$r#>yu zEO~FoIT-K^Gv#U_0D&89-hL>=Y8Dy792~Mn~v3) zVXu!mUD@X9ry|~x{EQ~nBfEd{R0D3IC|s>OAXm0+@7rLfF>+5``A%=|@DeHG>|^gU zrRnMRv*kDM^S)7-jD2ZS@jUu;1mdirUR+$ zP2X2vUm5k$Ekx{uCG!xjI4D-!}q2W@s)@t2P(OC2uuYk;~JC^l-ui((8sPC5rVrI z2yqjP1R%HX&D_%s+TFMjSU5;8j{nHU6QYQ? zXF$TLADsdS-=7d!88MI7X_`JX&EIo$tRpRl=XrJDwZ|F|pZa~MgMy+~Y1Bw1xx2pn~9OuY9pn{z5fDC_lrdf$7P&xb9^7=?KFkBQUZD6wedT+Qx7D+L&T0p zvF6!khPHQ=iP|G*@41)_K(Zc_v?Bxt!i)#L8Y!}c^US7 z`4iFA(Glg+=|=%d-j^dB8sbD?Fcmg^dy@Sd5l6=zmy(@Q%{|?@nEhi?4*wl*|NWPU zb|g5pv~}iRs4u9E4vuxDf8Y~#adovSKgEZw%r_ z_e}JGs>;Fd3}6*PMpFs0pdun``){p2(=)Yrc4}&~Kpxthudk4|32SQ$+TffU07))o z|KRAOB8Nfme*W6P%C)xClaD3>e3BlyW2S;$J0Wzw@(0x3RW7;ro8WELMt|fAAv2KD~lH3ARs&kHMG{g=}g$+Q@q2@AL1}#*w^9K*?hpFwk8OFtOnQ1 zRs*;ru0HWvThD3IjmtyyU8T!W6k5l0z5~0K)8spv=|BK((bqdOwn%nM7G0++*n4{N zW$*m^o<@nOnpX-CFaIeA7q@Tcnmb3}DL+2Ku0p5YSWzGy+OdCudF1i{J->Ze+1V9l z*U8keqit`z4(@l$S_JE#sD@ix43xg_-V>my*6mX`k3%}|FF@+{`}Lo+L_DhYWj~oJ%lGT=QC;;2 zH$dA`Uk{oCMF8N@7_BLmrS3-o9a4fcLXH=l$5vyG_YZoq!)U%9Rc`S+nB62wNhZEw zzrjYJl=crODEYVbEr7j*Bjay<3MQr#>7JG|d(lu8xs7!V3Jc#+hT4x!RaA%+P>GOz zv9QZDO>6PqnW6}koGL^}3c+3(9&5UXa`^Q{$_KCFd^J&TOg26&*x`FJgFvd>=ZEFoI3$hLHP(uel^_I zy02%NIeqSXM#1Ubk-w5qKX=3AYJ`J&(xs>1`d$S;a%+ImQ8eJh18{;Sosj0b4Wf+W z==i5a-*E_VI{t*5F<(Gq7MFR>`K6;uCh>{LF$2-<#6k1}H4! zv~X%}2>&nU}gM0lWjclaAh)&6F1ir~G_INf@ zE6;j#`&>uO{wepszNNdT&^EpKD}pJYf-=ipYzv5_x%g~dxoE{9M=&oq2I?EqM`-tQIbJc zc*61xnlTiJj8M&eMvJtNZ;Z`nSjKgiwoQDicDd9Ie!sU`N@4oyeSWEOm|vDAAqHl^ zc>v1s8y?S56!h;qSPC@WZ6)pv zf26*Hn{)4{(*SmVR-{B|3&f)bH43r_AfFkn@AX(EL?`?r?o7X zW=oSTMnaBnN%C(uhC2Lwy3oB$SKWSBT#MxzzTe#ij@>&4k*zcIFhUtRRX$VQTjx~_)KPZvLqjuF218OlN`8e{hm z5f386oD0lkI#8bO#{*bXX^C?{Vb1k+h2MEBMQB^vq`RH=Sfo#MeyWS1MrEP4$qpfQ zb14V`4#h*DegTQsq`Cy7Wpe*z&jH|ZPy@+b+D`|Jm94%ne;FTtx^Okdp;plFN*iAB z(}S7s1T)WmK%AwtZiw( z9ChhfYZeoSG0kHs8W?+aBOiv(9YB`oZjQ)BE6*ZMV1)#`M^hL|R%Lw}#e5;j8a+!c zTQqsj+IFVo#q+%r`PrNgYmab#T5ReIk%if$%I3F;h!-J6fn&VxgJPp>!qOs<+`Tw` zR7kFOCO;l*Rk$;QY*G5@Jf|I}SD!qF6KPT%dBCS{TIpH^5jf2oyD6a323vTu*Ggyf zjfH^1sUIU536KQ&MPy>&^w`A*8^+tkg5t8!r6;GR+S}W6meW1EBU@5EZdQq1>#&QV zgPgwM%^9%e{%N^IJJ@o4rro_8&Wu83S$jtspX=&iS@hs{3-*Z`dNQ4h@;ZT<@pwz3 zsv#@$JZ4P9B$PU^nGd7Z%3hU0e3E(v&ke}{gw_Qpt{08e%?I!VKZ%c(&N<4EXLYlh zxLPy?V->yya9s%HFs;gjC&|Fq29dF9Das|MdD!{vVO0MVMfQTf1dOh_DC-p`at!m~X^~y1n%Ye`S!R z3X%%Q<&)V^%fHi z!F^w%eI4zgtyIM1k}vUg1u@Y5JpKi!7&-xFB+fGH#D>oTEh30douryA5@@{oth;-a zu20vj%yKu>euM-WffbnwZD)aQGmyj4Z_aU~7e}*4FihE?G_3L+H@X}PD*fDuQq7uZ zM#e@ja6Lj*p@gw??}Oq8;If8Dt8*t6i)W3U1eb zkb-o?0bPxq+?=aOooK7eNM%BSI(`p$YkeaFp_{O8cO+fU6?EKDaEaz-@7)G#l&PQ4 z<^}WZ9ZXjWWY*VBgjoVxPljL(2^K};V@#iR`yAuC)?uYeOKA}HT)H17QW}vhmwsxH zo1Z&1waq+;&a|#fF`r}%-8a)i)^1B&LFzvVA7MRK0j&}6#mtkB*Y$~)%?ggK>x+0@ z2Cuew-(CX^IgL_M@{94HQvEq3)CjX0%m5`v3=nMJiS=HEdcgFPYr~a`XhceQZ(sc_C}gMpvx>1)pOhK4?V&-h2wo21W*0d&iRii zO=*2v!%NbVA^czI3#bNTA`fZXPt_c-8~E_z?8N5-yw(@pHLmfF5aHJxt&&>OSq!J7 z$Wp!N_Fs{9s)!#3OW;J~%j1yVJ^EU^XR!bHa?4u4WW=ed9mm;FW1&V!89(o+#s;NwEs2xibW&?fgH&2^QPNlI#o+vrpaF}vR<>)c zrg>@<24SNs{XUzplMpiG439y|Aqi3!lQ&?#E{944onC+WsD}^dvfTC;&Cm4q4;-(r z*J-LbWHC0A5oJ2q6g2y7VsN|g)L@ytd3pQyG@*dXhsR8xCQjX!(A;YfR$EHzxe0rg z$PI!GlsgJOiaL$==GOAs96W?7J(zUh&|Fzpy9wWIJ(kxM>ugI7FXPnc@K3n;yn~yi zSB5S;A&gsI0~@Qcz{KnNhV!^1J~KnRHtA813)6!JFk5a9NHF_xL3~C)Eyn`I&O?*T ziN`L9{Hz5)VYq0;&N?V!l*AW==FQU5(RJ-9Oh3v&Cvw=Pz|i0}Q9(h$1jLlm2DZvq#okuh?a#WmDODzO zA_atU5c^WZQn4vZ%0}|hjJ*wpC0I82UQ`4BUv+9kU;N=QF@|Xdy!0t-`UJhm`*b9I zuh{qou}LGc!+x;=c0=ReBH7&@zN$xA@!gm6hZQaXjHI+JA8x`5QuI^Y0-yQgTIVB1 zbfRs6A7&J2)@_W_>H~`_#)cpAjE!8eY0TybVrazYA8rsa8huAZ51kFCrjWwYNHJQS z1#c^zUjGUX=h{cE;FpY12fPP0h%MGkxx=Cf- zr}&F^rUiT{_Yv7vaV_zhc=IbC?``H`%JGwfO6NLnmwyEC?$K^6d~YE)<#*k+t`!l; zCvYJ}EWmB%eay^$NE4z;d&*Z733dmD3P3e1+O(MUE*pLEXVpq{Toh;48HXEE!p?Iq z73Sh{t;h}vItqum>gf!Bbvr7dQGXEen&nw;{FZbcaLGoTcycq5A~bbr*jVmCbrKZ- z8L|z6+yuA7tcwvpJ1mmmpI_!HzgBh1&_v34i2)|ZXnYn3YH^#tzVBAyTxYETjljw0 z9sGPAn`d1AW3pZq0YEln%&uFMKfczKKgG{Bl0RM|fy5Uhv?+KPKBht`brYXOhBgajl$ruD@P z1aw?K=;r8ri}poFtbR7X$=vDFaprhji2A1o@Rgo{p-_wkxIUad0)wc1q9(`?%POkr zjgAVo1%s~L=S7y$UVFzfL3`-!%4fXO+%WAJjog&a6g8(h4Zg}Xs%PpZPl5LI z>s7hh7-0>~>(uxnZce2yd~a0eI#(MkK4ZJp)b-Dm?>L#Dws(*4gmz_6{wa1{JbktY zY0I9Wrk9t;t+Bnw_^sI~Sc!lu#7|v7ZEwZe!upE#>WD1V2K8Sf=CuG(GD(nK;_yEG zgN4S+cpa`rQkJ#;vpPDZ3HNh`#yCsjB3HUTh-AwanXk(BI^c43Rjvf`vapZ2L_H{J z@6Ps6NoDsawPDl#aAzGa{GhrIKy`BO7xj}#X3&HdggBrOIBbi88u~YX zdHW^>>=&Y{r!I4}MT)dCp-IwVn+p=VD7KAJ@~uuhx_&hucdTYP;nE(-y5>i{##A=5 zk`R|$F*Xxk9+qMc-<>=_W!1}WmfwS^D!Y+@Tg%Orx>Hjcit1Au zPq%a+Yv`E4j5vlUjiBeMC??t+j4Kd(Ut^2mFOU5vo9NfvM9j-t10{Q->iH!!jIM6W zt8U@G)O{RYVs>=&dU~PVb8ABEZBF$yt`^_JTFUbQ|AY0%tA%dO+4l#2otP&}HJiRb z9AwU|l3(yTq43c2lWJ6%6-s4K^w^?oza~uM8>u;@MWw>NyW;dONaOTN?p(apGjJWy zNIx`YO+?(x0g=fOB_%YhV6P!QriXkZ*G4!r;sQzgjr5c4H*ms60jZ?Fxw0J)Bz4!w z%sV81VriKB%+~1?4=08d~o;EUY(?!P-)&^pW`Q+$d{1qI;*-yt#~54-W3qX$z2@e&(yuKi9b#odyH;9ud8&7Cap(El`1EN8QLioG-6Y#4 z6~%QFyu1}`kNXZLeCk(h;91F#%>LB>wczlIRY^p9X_IBI(>{Z+g}p|1Ftw0==3Lxs z?6MOFpo(?Gv`gr8}`K+ucO2H zPK_S@?U_>6sYwqLzT;EWUrITsoO^S-n~~9%FW?Qkz02C1DZP+4!#>fXzK`}gwQh?y zC=6CLv)9;ZgM-u-FaL(`ShYSrc2FmqmXaciaeoicf54mwm1jUoYeeZEVwvon)L!Bp z>Y&0RWiPrAUseMZV~E$BL%WNX4j|Ut>v<;H7k|yCB%G&~GQ}t6;@5nX`x;+m&JHz* zWHGdIW_2Vm1NokqU*v-xxuxW-WpBqic%Pj5oEZ){R+e_;4+>g?6(Etl`AYuf#~+Ly ztkZxgW3EPDwuZt!fn}a+TARV1GOK}^Fn<0wp&}Fbxx#ILu0re=@WvH~m7v)l*e)E@P*sP+p@TtL~C47x$ zYCpTQUAsf2A9p1#UCKcy+<$4LnX6`bQB-)pbX66*I3JH>J%?K0{pSpe*wYg=bs0Ln ziDWO+(gc3mDXkL$@u!VP-|gZ(Q6oGzS4>)p#8~Wa#ZwTK9tMecojD#dx`esI4~Z); z%-C+MDGIZj*mb2bexfUpEK1X6uE}ay$xzEqDSUP(w_E<(&r~xORpyM+q72zH5iee^ zjQ6)i886N~o7pu{!9?Y zhW~<7Kn*30u7^J7QeZ#1W>u8Uch9Wdf}O% z;Fhc?%v6?uia3;<8jLbPF##*2RLJ!94WjDBub^+js&eCleoex^JlcOOU#7!hfeWgw ze0mZ_6W`i8C_poOz)2Nusp2EK60z_q&LLI-w06MY_ZjJk*Ti3TbBP+^M|6TCS9T;~ z8qff^nTP~QZFEXTW6)^iKPUQ=RKd=WB8p&_o3rrqlj<~x0<@*!dczt4@&MTv5CIhw zxv)tUBMBmXte=!0H8xF&tm^H05ygQ5mOmZh|Hxr8(J_|s)?vObU*9Xf?AvA@>CCo8 z8Z54T6_G8&iA#~?g-7xfblqFAJK0Z5B^hxQq$u^LqxI(^xS=O409n)f>!<#Qdn}QT z5bA_k)HuO^e)6Y#e8??M-gB02&DF)?pzuxW;Zv4c)%c3W%|#1CR;Q;LNEQUmo>qS~ zs|b2Ak3Ahcof5F!KM0_4EjY)Ol+veI@hOAPtKQx>5mB?PXR~OUQ*V37qia4t0pRUG zy1?HyCaZcmHTLthtz7UAu<@}vyNG2SYRxsc%HT5E16EtWj=b;{yLM*VX4~868sqqh z++mX@?kaQSZlaiDuVr2=Xtb2`iUDlD?5aUoqXcXH+~A-i=0=hmqr`(`%QFLCCw%)f zA5BDMJ=|hP^Q^mWGJoZ_<{pdp>b`w*HQvG_l}FkcMe>!+zNp8c*Pd?o2JsD`&^UAVz;7p z8T4=d>hw*-*!11sEC?aLeI!W=X4gP@0kUpsv(xR&j#xV+rX zq64~&MDa!{gL*f`wh_u_R6Qh$0ovOs(*Z!|!+e^zQwIDW>BdLR(bB1radD<>9zq?U zXpJne-pz2Qdt;Q#d-Bvu&w@qckvf>nYIv8dqC&7dGT-}A?fWHak^!kyP7k5gGdw{- z?K_x9`eQ-)I_r+5oz}(JNCtE{69pnGJL4^mKgZl6NeNoMT~R~>Rid_DJ5VPtk-+3r zTts=)#^!`#FLd6|XYeJ-tl)cCo2op=KT{LxxnsD2&$xT_IG6TnmmYm{V}z?nw^+W9 z2iC>W+JJsHiytzHMI|ICh*THZOp?_bql(5veu~IXLPPR41l(gsf4~-OskHRMn+591 zU=W_mH=~PsFvofM+3~vGk_;|QPj?%($!5(pjW(Tf)2xSc-V9F~t>`5pULbO}j(g^O z#5i$E(DZF?9==$2`hv!$CdZ2%@7S&(tCk3}5=IVjiabsmp@y%1^`NWEM0~9?_TbYL zwo5F{3^K$*jY92_N=+QNb?L*&T65XyQY~u(l(oq(rI1L~qeK{kTLrbQg$}Om%$Ux$ z9~8mOL&{|*iFVXY*kw2?-Zw)Y^_zdvWB-8wue{b`#Z-4Y;9hZGZ^0LN6*-1&BYCD? z4DD`Qvg3mAqh?L;AeMrgk$tGJ{&9|hPHoSqCt7nO9LG-{Xh5JRQ{b0xMmsOYX-Dhr z#_qHT+XX>2#D|a(vF@7{F4KU+8}PxCMZM!uViNE|kmrG2bOY&wR|iXJWFggp;G(YRQ5m26`OOeCt)3}dug9eZQl_RYzJ zI_klU`3yZ70J}yGZYgxRJ(t)65hxZ_@_cB>VDdy#Is804Xs7<=Suew^irbGgH;qty z@VnEYOhfzp8YyKQWa^3Nz0%RJk9mZ+ooQI(4RsCsiDLsaG$}LsI6QL6jCABiJg&%j5bSO0iQAbHOnblun7T8(9hDX$qyacB zCAvTMA^u7x{nEPr2`P-^c3~bJGvU)NW+#)>+h27rDcbphINjGRXL_@561)GE#~zW6Q%;`vA1 zX+WM5;{<3i=e)E;&dQEZG>>^3YHaQ#A}rte*I)b<_xyy%pSk_dWXXC6OT8*0x;j2* zSlfzokVfK*yIWkYc+s5In&O@0h2Qf+^X9^>PKRfhN6>-7S^L%)-O@u!t%(@@Ceg_7 zm&b}Z>US@2ZPmQ4IkRVv+qlU2susoiTg2NLvz*GX)0h`|k|$f4egw@U`U?9RFU8 zG5gP2fF?hvk(+~xqAbW*nR`Cr`PKFQ>#P__NQ8}DbkX0CAle>HBwO`@Zf&ZmGQ{X$ zPDR`SQ6tZgu$xHv77jvnxk9kX)|klnL7`XJK+dmlHY!Fi4ktUuY{9_58o2 z1#{}0)s%AWnyu;&1-VjE1;y^1*jGO_vAa) zcCUe%nOT5~$$6##BF=&=RIxirNC# zw__@dBBjhhr20Q$rwzxiBQ8Q5gp*oVW8T%}?@9K~iy=7c{E8QmX>(4Jy*(!% zkQ>NiGw)Wphh)c^jLt#i*-3|m{KHE)+esPeDl{ZTyg_0vv&%OB`^*Dzrq|3k;RUOa z@WTeuWXBGl8gL7Hq)c7k8`BcGlGvTIVpmzAvind?7}2GN3(cY*+kdNSk>|H_g5v(r zn)Lmfe8o(VCXt>pH!||bbo=5Q zW{qPW$Ia(8%B5{zo~}Ng_R`fxqj^B->#^$j@e~JvibKS_%39J|3qed%)uBS=&7#I< zJ6f%9;cD>y+?h-vY!Yb_-K|0~lU(ueq|68nRIY(!3xK)5GZQs1^EcW2l^T-CxU{s> zN~s$370O8uUzJH5>ix=Se#vIM>5YKH5FhCsB<_j}?PDSuIaHIIbTUs#=~YonMMXuF zQ~-yZlG5}0!DKw$XE#2ai??OHIk6=6G3c;Oa51Tc-ba zItiq@_?zidrm63-St%TYM#fRFeb4Yi@&k+-Nl;5(jUW-R;1#9?(S*3fM9)!0ML7+n z{m-5~larHsyjm#h`UEmZ-;jcU)~|71F#Zt+X3Mvzppo?*3MoCEx$HQ=bn9bw7% zmO&CkJ!+yL!K8^8RL4dRqEZG(9jMBRH#SH8=HGOW-x2K5N?d&WafC85ZER|fAKtq2 zfL~Od$&V}#j5hH2lj;u*}>4w?OPlJXu%lBv=8?bg+24Tq*F%5E#q2{?`5XYy%BiW*QBhIVW}A0} zgb!^(0MO5mB_X3O`<$0|ag{Fu2&FbzEqi*-O+_UTGvz}kmB>QIZT{>75s^4z92!U_ zB7KAZr8NI~f~!vezEYOMLFhFYe|Zr0B-zn(Ss!KP<>ix9Gf(W|PEAUJvf!S`1Z0Pw zDfva{NdRh&j69T(m>31ic~@3Ca;^HfYlIgjD8m3k?}8tBZ2yi_p`Y~+MXf^L{#_pI zmb00m=j;$tm(|G&psip$87=nV=jdp=#yvyKOAQGXg)uXTpy zHFFKFu&@wjg#arZs=>XMgsG>m`=SJiM%V$r1>z&<^V=vr0MzFL?+N||egA+qF?4XH z?7g3m)s2*a@EDWb&^^H0_sWPU7&1=I^7T0MdM;h0w^E5YMg|pvf8_|2wZeK}yEbqZ(n{)-h!9Krl5x^#>+Q zsgPo-CYSQkhvy1f787hx7#;w>s)Jl*%|FUj{>@WnMYiP~<1+FF^G1sv{{Iz64v`1}K1B)xX~bCSo~5UL zziq~BgsS5oxCCdA#Z`6P@@T^~|9&O^mq3lzLh{0Z)yctR2+sbA3_56F9d-TtFaG+M z7^I7jGB!mYon-$aus^(kcVF?9od6s(=>iafuQWz-?%*D~>iU4fzz%%O5g8*f)W^ae zawsA{!>ac`n~IyTJn+-DUvT9RtS%bW`0G{wPL45%JLw;rYKMBtzesW|kPU zmrvS}ZCQC7jAXB*gZJZwr-rxs(w^0}ch<^oo0O9Y#^+3@S9C`{VDNC6Z5K*#QY_aO zoeJbF3Ql#0O|2G7BX&tvH+;iHv}+>HO|(yRM7FFnKvy*l{ym+SV z>}xgW(Ts4@2X)Q*$OcCK$q!N5MJscj8F;}&7v8G39EnQF9(Q-2J?c0&O24u+=lkka znSIYQfi%aN!MOPNM^Z&I$p?6hf)9qYEgEXwKW^g~=77ajK9Iy>S{-Srz;A*IXGthZ*HrPYJ_qC(8nQC8QrExWy@@Irjd zG9gWeYy|u)bJ0v{|qu|?ZS0C7YT5H~6>p3rWf0~d!%E&H{ain;W>u)pknI^ zUkjm4Et+sN5zxM1QnWG)&S6&d>Ln&e2M3j%G-rx*)+~cN>|;vo?lMG zb*rQ@kh82Qt)(0`C)bHQ@tZ7XbQ6BguC`xj3};1qdDRTRNL1CBRImsuraRVF_gD;l zza%FwUzc7QY+gu%Y@z1n<&Mr|;YnFJIyd`~CEP<31VIpZcmRpRarQGEsUS-M@xo)DCp6U-~>`cEUe`m(5R#P2aWg< z(TKl3JW3{1 z%zvnrEH`(ZYMHO~b;Ip0KSu4wKHKgzW`C!7+ZXyXSd6-%s>> z-T7YE??2al-Ol}fzxIALa4xngsq|k^n=ex;056=D%aWMXrzUxVKpns6xQ8Wl(t4hv zGzvQ;dE0i!j?RXLojoB|CLXOiL7Bbm>YhK!{iD_o=h+dw!scfr^gj{jLaAV8iTRMl z*ns+ykfTHCP@mXm^PUkW=B69w#!x%O4n=K0%Dd~s#10Gz+w9r1r><~JH_U+#)^{?w z({V};C%L@v58o81hyA202uVGV1)Qm5@Lx{J=fuY9b7J)b6LFj;DDwrxXY zLe6lM*?@6ITz$#C^&7gRQGwz0SNCw(}-wSA*?_1)q|tv0}Rkop$Pb zWE>0E6D6ABRl9%qt9!u;#sGo7*EHP^y1iwI$~1bNX@<9gr?OJCmOz~}sXK{s}ls^)m@phX3PS0m_?S^e%MxET~^%R}bhjgmXAH}NMRm#4SkCN$glnkGp z?5nR=F1SE7@je%blu%a^fYPJ1!SR{f}% z`mn{FxWy`3v&mYC;vO+#%T(2H2T3Izr`ld-;>_oyO1`$DFSsQ&Des;TC&yrm#-6U| z1Ku9rJK9VO4w%ffRCkpym|WOUF;cL!I9b8_{`+S}$FJB;+8}EmyScelf^_~+r<*^c z)o(l9qFcOg6LYZbL82oeN2vsq&Q5;Ze0c*e#oeV+@yH@E;-Km_E5+@ke9&J!TjEAr zVhizQu1#0B>BT}^HT~lC)!ownDR^4lVEmPGVACIvh3q{bh&?`wlSc29I}%SNK%9<( zSN21t@SOhfnp~-K=i2XfQ|Tv8JqmT_oVDF^GXHR*9mD{3_&I#vE|HpRJ7m#RY@E@- z_5uNH##;9OhSf$1IcBu>+Si=w3mix&*mqbu zbgy_$UkOixedWYgXD2UHRa<@g2?lj<(dp&`3j!28PGEX=+2L~7I)xqQg>(;M@xmj? z=JpHEq?E;Er}KX(6}Yh%*qs~9ov7;T`MfYY`c0xJz0HIHm(yQ1)tChpxs$!MTqZ7z zbtk5KqNLrO76#O76VwYbM?Y|81TST!RCx_|WEWe(Z<=i@l>>1J)S_x}0qJ067En-LkU zig=rDFl5Mt?&am(P?u(SL)>Z6hRdw0$dAA|JI7zQZYFGLFf#hxyTM-eetVK2aGUH? zD1>irfO`B7!*V1+FzD6Zr#W}ENx0y}KL+!C$L>_VKQWa@nTLhq#F zH%ofK6I(-1WPh>9Qmau8pAEGe4%p~guplWCW<3t=b$wCV)9+fiz!iW9A2XrT+$#Gn zg8wduuj@CZ<~rgW2&Go>nfn)sQBB3smm})JN8R(szq~kk>*8PrF5j%V=p!OmBeX= zXR1A+(3!gAjlbG1@!2tNt(>8B!`b;k^D0-cTS}akCZh%z%L6eJ*bSRXp6olbf0hU; zjxJ}2Zy!h2Oqbv7(bqlB)Pg*gK_~WE!f`F8=YCZ3mqr_>yCyhJu_sxNbqP#xhk1hN zDbaM1_BcZ=c(B8&(kB)(p}RC&J@bJspPrYO*R0{GM9KP1gUq6K(-l)!Q^m2ti1)wS zScZR>UZ}iU5DnCDfYyqVPAbW18zo#hli&qpEwLPuimbkmgY4?=6c1uoQ4ZH^Ui|dz8EDgy3JqJ(MBrV zCOI7fy2J49%+QDeZ`b-OLN4jQ-Pw)Qmfc zgDJ8%W`1zKK~Tk68OoTE%2hMZ=`<^4-yMXrl?b2B>Iq>k_vbX^t(gZ)!4nJ#QBh%v zQ%+M~vc}5Q=S8xuMnWCaZ+?Cz&;?!yxL#Zum?f(Qag+8;zZ263E9}SPGD<`V?F{a_ zj)UXYBAh?-kn=1kpaV)k9H-3j6|O<1S%((K{R<+eLhg3Cn$=0N?i%4F51~y1rZDnS z`WepYuY&-Bn({>BszsD6iTdD%^H)}`I^JNp6Ahy;J|f&CW?EbKVzMv=if1&P9U3R! zx^)xUxY*dsge$Zw-_xm0`dW__({+Q5P!QqgN<-}~iUWdq@PgT5QUX}R^06t%v?H8O zu`VMHOZ}OkclnRj*bg~}+4jH9oNvRqGF`oDRxiyTsg7X9kWPJXebmwbqXlBDdWrP+ z3jBC3TT&_`bkw2Xz=p~w*)S$uM|_IeAXjP8ZrxnkJE0;7mw7N`oVnrHa?3b-1LFP? zItWG7PLmM=lQn0$+s&)IkU#(;LCs2;a;iE(2w%G~`i8UADq%)uFu9zgZ!rUBCUL{O zG7XIG&zI%7H5i+!!<^JE1q+zvSscXngZ4kuK1;-v9`e7j*KQg2sG_|J9vdjvR7L=jERivl_wSG>S|eHL*H0hf+O#AhgFy#6Gz_Q_zYN) z*^*fNXCovTo7}`{nlEUQI~JKq^tL*eVbamapyvqj1CaM>4C0w{#H4O7;q+X)Hsg%a zv?f)$r77oF?eglNt#U(su^20OEXD&n+!3 zG}+O04nI3KH{VmRP0IhcdzhM)@j;wZZ@6>)?b#7ki(BPP{O#7-?e-JL<2D9XhY0h_ zi1cZj^&gEYl4K2O9$##$mj2K{E%v=eV7x1VNBW;yfKLayDrB9qS%%~G|5HD~7MuoU z5xTqB_KjMCxEe+={yKaJIHb+w)}cR#{}FQRjZJ~Lg-??&govJscB237qiAoa3AJrUPkn|AE!DKn3g6Udj(HM zicDXd|IXS}WRfHOI6?i6B&DVVczo9qS!Cv#OSR{{giA6C9Bh=Ef(6a%<}w(0*{bF% z0$?m#;suftX6vu-8(zJ7wV&#=sh%EUVm{>|Uue+{^F*woy>~wCGaDAvjUon{S7mW6 zs4uz6%ZeUK$C>2J)Ni0J0v{rDc!w8=-ZG|FZw@MM z=zh|1J|mkWjFOM9M&#|#B5}lfz%-K!UmX_qNQ2q3S(EGLr>`?(-cHH2So{RO(%mqD zs6Rhs>g0Y=U_XDN&_fK(k1qqyx))JxEywpi3VD=W9^S*#rQBz}bVdUeg z5?Gi7>&ZxSuopA&`iXj{J#bXF^w>~2r#l7B;n!)EFSriG=k~|E;L_HaBOKf&Hp@Yw zH`0`#eknwVH!XnASh-bw+`Y{N`%${NKNJF0e3mlVT?)1>J35;iShc^#1YsS|lL-t^jliDqkvvrr39!>lGt-?hw9V)fbw>g6 z|4W<~6HijvgBbWs)_jUz_>F4bM9N;>TY&Sre0@yu$=$}VBJ-+XK`!gjuSeL~+XgMc zHSY3NQgdYzwLJ@hDFR$A<4*J0@gHzO)1pMpGxeiG??k~E9>WJw*2&GJIX5>=CTSJB zy%4rCX=rFT3sDwat(um9h1S#@9(FXG26{HJ5vPz;&%9lm z)9A~qJLQM8%o|my{iV9QXpzRUQhMe3SnHrKyH^)F;fzRn?LcH43Ro^vHxR{xz$z$X zR!zKQ^z5V1GL9c+pq*Yt%6i+U_HRKL=^8{SZTJ$L|H{x5BMY7ddScjD5-L^;nNEY2c$aAhu?sIeU2m$jJ*EJBldUgKrm*% zCGIUp{6>q_Q<>X7Im5q;un40#?{bx%8U_D4-H?jRd`O1IJrUs)<(w;j#opW{AO}8H zafNl&yJ1R^lDBJ4Q7H0T%cu(L2|bYcwKvrOL_f>wtMT+?KLg(!TS1`~b4jSK?ukEy zwy4|_`0&ktj0Tn(9qbfYppt^(`GS0hwp^Eo$Yr01B5Ay!>sONgqS6**N%X?*{uPw9 z9Gu&Z9E1OS$V-i)^KCg)u}B&=;&nd)nT{d7@p8zn9rr$2q`%5Z;>Q~-(TrWT_vCgOWmkDt3o+E5pl?- z?G;uJxU4u}C*ZRE4MGk2Khq%Xe^EnKB!qB&=5&`4&%X%?0hS-G_}s5gp#LQtRsYKh%3*<|u`0=mPa9F(5bS%YXW|%(r=i}< zd}dBbH+KCO6zS2EEWphh&Rp5Q%86GX07SG3B$9}5!e2`YLKuM|TLOG9t{Nx78X^73 z)AMLZb(v^9gruNJUE*&6B+kNUdLuOm=pdPZ6l6CYgZY)!&1Sj1fJJw0uk2+%y`0il z0tUMSX=ph8u@RZM*9d=yRt_Ll4ZwrnC;<=OE-b1Bi?A{Yh&`H2;Fy1P6-Al&C!~vP z3$<+D>YrbBAh|%ehm`p+%ul_C=!Z^3C;=oWRS=`cXX{>O=Z67w(}gIwZ0AGxfmieq zhgV~sU#S^rBm6mVlYd?6)I}hNC8RnYZ;Zet>uvUJFpqzh&8^B6J2T+(U7-oXfBt!L zM3Q`yOGEa9@xkX!H(XiI0kahEow{$W+>Tn{r> z;0kH3Z~wes>p(Z&infeuq&{=8YV9y z;!VF&B?CTk4KWvjtWN!9W`2Ooi<&@+-0BU%a;?by?H03F?POej6YLg5BYdrSjx3?I z1Xy%#eax5$`^L6ntZvpK6Qu$#8?3%=7N!hgQB4_I#*c_fLIN;xHUr2cctb?ZOmH9^ z(XP-jMxrEREAY&TaJc$!S`^MdLi-!xx?Ct-L^fDbP^%9tzwL^zFUQssq=EQnl5`tO zVio|EUnx<$lTNRbYgnc-z0lW($!)3pB%My^(B+uW<^Q}w{~XzmK!xX09EvmlN|zXY zgq}PF2cE%4Od+}yS}BZ_AA!^?1;sfcV8@EWF64v#z@Wn5U~%-`hJbGW)x zj7KcJm$gFVOt<{%Czc~YxKHEL>Z1miUkTf_LvI8#aaBISYi@Tz^Rd@%mzllGl6s6A znbeTVK^PB&@B$S$fS?_O3XoFjfgzq%jm3L~kw8B`i=X}&``E2J^%5`>k*xtq8vt$_s?q9b3AH0}N&_Mreih(RxZzMA!Hcb9&gqH?2C56_GF zq3YyK-tLiy>iK6JuZIo2B6en^+CD;RLs@Dp5#(jCz4ir_slUhI=uT|f#|rVqmxL1N zXs3L`V}a%jxiIv}Txkva7jItDFej;0lFk$A*PVYQ&8Xx>)KV~V_#k8$q{Qj@#%icG zlE8jGWUsGwwQ;@j&rnu4(!UYMK-;w$yh;IDUW?ZNS+52wq?K?LfN9i&Y%|Rc;YVQ) zE&DBu3%QX&xQ+af$F=D~F5~zt1Dr~Pd4h4%^@6z{;zebw94162;)2ukut?Q#az5RR zmCiHClL4PMN|LXCc<|sc3aK3|_l%M$&Volvc}`C5RP2|=bY-aM$jg|%*fx-+oYY8G zxa1mrt+(5U3aHIT~$x;>_U}I7)-0YsT0~mv=1W? zY&@47as^{tq$_Olemd%j<^Z2QdqxZvG@@*|mPFJ;;!3 z$n7g+Yk-m&**F!CsoJQop6cR6aA547=513cJti6HV@-7DO6Lv%6{O#$#Vfey6cK74h9qc|HW1Eo$O2Oi1l% zzpHu;oWF-t3ZB1(;xCY{VFsQip6Ni5j9N~{;nXCv5CqA$RN@gID-M=rygS+xVcAvO z(P(;ovbuJ>i%P{wQ8h!isPIwmwSt@e7MrT)UFb8dIGtTorQl<;Pm(i4FO8DBj8a%3hm2-y;~NXf-%>Ifdw9GQclB zQyU%6K*yU??GaeZeE{A{vbn|6nKF<#jwJ@uIa3p_ROzbx^df~J4i;MF4~A2SdA)@u zBHBwXBfBbBkx7^xfF@SW&9;9iK9M`+A(UZ1u|Ow56m~Zkd-JWG)m*u4d_F_Fyvuax zj&bFu4H3f+81BUA{&Z^wZ-5dJQg=ZBEZyV)L9tG&GqkH65WXXcxYDonVdupkLKbEv zuso54F;h8S-c^27f(qWzEe<*jjKmP8Cd+gaw-URm$5oA0ag3`wrpb#d@eh#~T^G@NK+~MYd2pz)i4wIUe z?4v}7FNNZyS4==;^cr-PV*Q=IF z=$1bU_A(S8eEvlGA|t_JKk-XC-W8<9!IR=6bE)~Z5v{t`;HTQP3fmEGU4K;)1-ITuxK)o{c?~<=vJf$oKfCB2u@F+6_1rrKOI6#Foz&JE z*r9vABMH|smje9Y;Z@0gCq{{Tyf9k$+oRw{Wh8QPXM5%k{{jyS(}I*Kq3#k7*A~{W z=L?HfM0`=%m)NDzoFr|nX~_a&N4ywGrQME;_z|)|R&$PQws&A}e6WpKeKW+i3rP3L zL78*^jFbKYPS>DAq&`3A%*9lWC7aIpG#?JvQ}ts09k{uE##)gjQ}cM<+hOL~qncR> z)mft>bbK&2GyIhEE9l+}3=GtQ;zvQ>PXg(wsW%C8!2aP+NG9lxyOFtv_9@=UczU2a zdUt(_xSjRl{cD8jwhl*eht`G{T*j>&ZJ_%<9rcZesj+p}h2J^>8VTMx^8ZGu*d>WA z|I`Bf*Y)0jsdn|hS+9AbIi4>*3K8vO^DfidN-g|m`RgNWN>o0eD|IDGxNCj z+)Mj54m+H$8nDY5brGMte8c)ZS#4|Mt_+-`oqg{s_vAxRfKDS@5ymVlI;9Zo)M=B1 zb0pq!g7r{L1=)noYnit-Q`6GUIXF1n7=2G&GBeg~XO}t!MBgl<0nLZ)jNY}ed$8m0wUN|{_)Fm24*puZ6IY?4h zdgnh6Io`tzBlKVe@?F}BiEevH7ISK4*<1_t`7ecYdg{XBeB#!(hIwOR4&+#2REOQe)Z@X4;Z`hzW?z%c0s% ztMJ}>vmRBeTLj0hZsw66pZy?Ep<#!8Q|?#1!CRzth^{_L+H-e(r13&a2%*x|H&)3s zV|M1cM9Fsw8p|?B&xCM7W*f0ILLnGRFuI8>Q(7inmp=&)1`*(2&(rbe+K}xuOBe)` zFHPJ}I6E*NMre(;oq0|_*U79)Fm@b`sLh{t4L01;-qTKR-;BfO=JQhmB@DeFwBbrp zs>K*KG2WHCdEb#+^G87Vc>L)2rMv`nE7f4LxxNm^^dZ6O<7#`6iZH{3tVsS+73jjl zGHwQ5dIfVUHVxXY2CEf@mz*QX?8ZPVBkO&8dT!JhK53QoFACQWbDvI|(4KHsnl@Of z@p0Vq<>TQg1KD_Y?r%Rh^CqwGHO#;E`B}hR(%WHG{V2$L53hk?KnPhN)US#u#wpVh zI<3_CNEe=*+4^}(ZvYUOD328$38GjAgN>nvA`u*Z5=;{%e0#^AkK?>@?1^c(4ZciemxHLX+Pr3hiTKS% z3oeaz3J{XzwR8PLf+KMqBX#sVQ`~|H)w$9ceD}qHU3xzt>?9))z?RrzIZwny$bRFL@3)?up=LCY32PlLA#t~ z{zC@g_M~$#E8}vr{Zeu5VpUi0seWB?`j9w=h_O)aJDu{}U7+>G9tAh`q};B3b#Cm_ z0q-JwWF$Se?cLnDR>PLtQms8p_1>;5rUgbEBxeH7_Iioc{GiJ6h)l>?_I9aNn#kcY}4QKUe zEj*$!gSz{(78Vv2VdCN@1>IgVv7Gk%Hc~USH~9@hunZ$II(i^!@`r!M#YU!6`edV0D*50uV@ zJ8xxEQ0a%M!{11bA3tu^6D*iCJY3TO}`qGXbu`xO(_zq0uMPzB~8q?kmS;lMP0~R1U zDEPAO%MLv?AwyPLMUA!-6Xn$}m|%J!-L7lAt19?=m@>d?l#xd3A7}X1lRVtYQ~lV| z$eK%8Et^Z(AGfQvN|XB1wVp52Of3R)Yv1=yZ%~tK>d~ zM_jPaG>5+*+g~H18*}zJ@Mg4`-eC#suqK{cYx40+!QoVoUj@ucs)Q%uH$X}G58Ukd z^F5qpisAGC`fDM^p0(-Y{I&U(j(2k>?C%<>Z3j7>QVC~0QfQabAl9H0<)VEwJDfy0iJX?kqaI#R!!YKLKje>`BcbfC&gQICd`186w zBW|jWk6@Hj5*vyVsSA1FoiupYkfG5}zq}J(N9wj4wyOFKBL)!<#NK7=Qx|KXo#Ad( z+?AX~P=MWp>-Y~9>{Ht_`Bx`v4OWPbiBhdjMa$9jM;TsNg4UE{fxpS_A2WkZ zy@xhh-RMM;Es-ftm;cXlZ36$f9X`*lRly;-jAedH2fw`Y12S~E!I6C&z%ZX+6q(Ji zqNMWC8WG9*n(`{re9QXw-og0}Q%-U1^BzoGJ9n)P3jiom(J8w60K;Dnf(Xq24H^k# z`Ig=7GY)=Pu#04%WhD?+Jc-^5@bu+2W%vWPy?sq)Nth*$dk>`jd18>YF zlioeZDH9K1<1rJBjg9nT_SRb%g?Khn?b!+4FCb=p7se%#aWmg5&q|=z7~i4LSVZY4 zVxq3N#Q**TbDA_8W@-uv?S~-3+a#`-*cdJ7=%VP8V?a(Sw*|{<*oYWQddB*$(6wR= zlXK$ZVd&77Q4%nE)L1Uu+RTw?{9;z3>c#dPZ+hiX?wx2Vtd1}PXn$}^@&9qe1G{<0 zrw4%<85t4~CreFFFUhtT(E9Lzg7)B7B(xtbg7x=1?tUsQt+ugo7Znv1)I~puj*Ihz zkbqHmmMmgtLkz>W^D5-50+NW2voErmIicV?EEA%Z_ajjGGZ?cxBthmKd3hPVurW6` z=P_;B5yZfdvOePrFYnRZr+yR)e)oF&$^xy_O@n5|6Ppvww71ZoU`glUFRgibCPm$O z6SWs~U7feENW)Cz@24{>z)bA#Vhi!dWSp4b)-4(S_%NV{On>!F?}%;yC!@Jg_0KC@ z%FeKWUpH%DXy^_RF{5Z3yblGRsi|T4qY&b@3+{#Wobeu2J9t&VP}n5f9&t8G@DWCn zG$tli8zU{v!^em8jJ=AF=U~uLQ&9<`60FW0sPO*}GFp94Ok51fwL?)5Fo!saBahhr z6bm3!9JhahEJ8+xZo$cyc$IXc&yH#7={n9;Ij5_+m!|eTxrt?7Fwo@5NcDSNyw7=K z$)Tvd%FmE_fe9q4r+x%1>D({hv~@4N^G2#N$6FsN48b~5|4>0>Q*8&^zmlJ3U}7;JVr+nN_@sHzozv_p)d z2VLVyp%-wE-R?E;KruuE0(I|K=H#bSaaYf`xnQ1=FRp zSvE;|&gqH_D(;ce^u5w7y4WA=IIl3V(MweW#N^TYG?B$Q)AY6eJEnK^(qSQDVtl3| zhoqYLW}gclrp1WpvQfITATp6wx5}gAQ4{UAorlo)v~0+%(?ge97}31^ix>*uPnr$b z_3xO*(VE%#U&<@A8nG4WY^_mfup8ui$02qHU-2sRr2tlo!iYhQ<5TXnvf{VwHMs)u zG1JHXF`S^9c%-Eqh2Odks|t=QVGU~>F}o?r`8d13`L%orwbwk?PMmQ+m-pqZ%Ltvz zFn@fs?h%>r8j=s?l*g6lY@r^-bhzkoyp?|vI8Nu#@cYiw0Kk1azx<(q{+q>mQwpgH zl<7_1b=33-3A3GWoJ`DwG6wf6Dwl!c1}{SOE8(&M)|J*klr%Gvy?afRx-_L-n=O;aL)Y#vT9M@d-V)$3MZft>-w0p15va&%Nd))d)&u zd1Qp&Ki0?`Tg_DCNehU8UafaT!?fZMG9Q*kgXxv;9K6UvW8he7N++SKi))4I7&iiQ zN&!d@u2$)L7-o=LgzYuc!4S*uK{xOk!wkxju)bOm#mQINwAe24ceaM|6#+|Hxk)-_ z)HZoAiyo5+x2!<`BY3l+ z5Sjhp_M+hCx!g2Oa~Yx)gCZSwq=)wz0)v0OEmBz`X9QZQcvt-395^m^izaA#3f{mi zt{4daxl4%LmW30mq?pIZnP4rf_^xf6si~e@q+jFXXt#Z78??SB?n~-1`KW~xl_(Lj z^Qef;{|Pof_@LJ3m>dwWzQBpmnig`a0q&5x7V(>v+ig~T^S73R!>(=H+I3HZlX~Roy#l2}_v6F05m%;n ze!(FjSd{xbRcvf{Th8iLeh|2F0#9{>)28Ro)4|9+zaM8|5ik{EpxAaK2|39|&WY~q zPI-Lbhl+Ch=6Do+9T#2z_8w536&VrUc)6{rP|M+RG<(D9 zcwor`ud-fPI0S{6xe}#pim(fy*sHUc;{-y>n^)ct&66vvKmis9>Q7+ZXh#V#S`z9{++lGJdBlD+2qi-*)z_Upgyu^t z-?_-n!jhSa>eKokAlr#S!0^U!H#rRa;OXl2_q*94Vn7ZQNACadBLgy?iS)yJ#Q1TC6=-?hN?wGc3Y5GiD&bK zI_h5ywk&cq`}ErE?SMLLF#lO>RTf~e&xEZacbl658u;#n4G1<|3SZE~4py3XM`8*O zROjt7r_0}qC^R3POUL@Jy8)Yrb0XMzrF7lyVSrL&ZU<7KzY3u~;REdG2fc9oV=EjO z)}X*G;h$On64I_&rKX}G>f>GxC7vFXGQsDOE(BL(K4Ww3!I&h7zDg8*di374UzU57 zL;WQK!1r3ckK?yDd`r{Z(69qnV0Vg#FRf^{RMykATjI^|);)(YEVCrloHqOX@-vU| z88y>~*rXF|*o-A+X{m4qvzF#EdRXCg*ZKA9~0VL+J0S&w(nLon#t zhhjLbTmWE!-F(<&4HZ1(+b-l4=AJ7*Fu|)oZ(`Otw&~5H7zb#wlcYkz!Z43zt~#?X zDx-wGTwUtCe8Gs;NZz!EyVz|R`|*D7vqObg*M4d4S#W!F7L!uE9&d+;sB8_;Zx?N|IaU304b=Wer?MaCt0yf|R@FyQ4~q#vr3F5*Q~i@{Q7Jbp1bS#>|-n^NYpEN#panfCt{SqKt=srx1R3wW$5-~UT=)1 zV*ChF)%wgwcnwwYaPx2&))c7RMYQ64ToUPrLza7qMUwVa_c}tvSO(Y~sk&VYyOWSQa*j5*vv-FA z$2bx?chhL&pN|h{#(^Kj8(%BG;B(fy135z2GT|rA@>Z0*dB6El8KS!e7=luWe`m;eMwIz>u*e}D zFy-d)3pVVU_=UG4Mrbgng|q`lfMofEHowt884GG3mx zvOGmXdWYr{Y#2yS=ZnvpJJ3cuIN1AmAb*UxB@B_UT$U9tW@2p$qv#)A@6)17;I(R>R{b|0c?I4x_8Jq~KK* z%ncsUYOZ;IPFPA41@zaGti9qBLC2(fp)6j6u^ea5YB&A2g*GL{y!8+UT$e1;Kx)Hi z?;g4;_f1Up0*Y~Jc~c}Ij3Hw!oc4mm1*QC%S%Jx~Z_TF3{D(&GH#toVa1A`(Jr*li z;EKl|H|sJhEgE1~EFoiF)VphGS)$JxMvo&-7Zk~w<{c0ca-_QxI-5KCA$bOGwP@(C z2PX59G(>}!cK4zY=;4`&r8E$WY<*l+ysUT!bDz}2=4*@fn5RXHSCwt``lO|t^Q_Ur z&~XYaBY6}&1*3JbUGHtY2NPkvLLjqs;q%OqswFSV#qZiRRdBsP$S&KD&2$yC(Q)TaA@_zz*PTpy| zw^)+Kz-80CDH+JG>J%)M(TOv=Fp2P1<$p~cQr<0~foXRjdTTd)+CC=Rv`~=wBVD}+ zCP-(;4Q%ES2L*Ia#jdRpmp6+KWJ+kPkz>gC1GnIjONIr!{a?)QfRL}&l= zDt5$1%*0Wby^L|j#wyi%CY^QN7>IRWP^ck;@sYf*VquuvCFap_T?qz*fRoKE2 z4q|Vb*+@c<2^Ei1)AzoXdlQ}ZaQ5@DriPHPTbdD+IDe)iJfAidMOzOT*#E~{gci;p zGA#<8<-A4xLd>RGzy|-ii!t&fc=8Uazrd2e0ZL)d6Y$$9= zdVbzZ9g3wJVw=slKUBz{ICvb5bo#$VurK&PmOjochgmhy*rxS?XxHR*pZbP;HHvMY zrH%$BU~=pSs9;$HvdvXW$Z435xT@y5hT83kaDr z#HHCO>+fT;Tso7(W1nL=ya^%WodUzpQ?#c7(^NK8;>^dd*LF7Mr=7Qxu*+R6DO2r? zfB90(?^v*Z)IH-Yn9ERo?(-fLau$0B>7=Ntw?Otmu4cWiq+F~T#WA&fq2U(m^o6A1^E$ejOKO3?jK5O&<)@;IZkbw@x4`iX&`gLpHQssFx)Dz z6x@>37X7q^m-D#YA+aTXCuVOEK5^p0KWfw{W2utAsYp{IELZ9pBv2fzK2)I8hZrG* zjkIO5*T_as3*AlMxvRk7IlI;(@Zo1mnH667FrI-(KRFaAt9{C!-kTwTl*t694Qy6a z47YiIB!e9`jajF&q0u(4kZIij_akZ9kKEE%)nt1>8Q#N=k0o zI-W@s4gM@oc0zbVGT?#O8aM}Ty5ndfKBQ!(lM}CN$8cHvpqORjH`hUVc}NAZ-kuX= zc8l62>W{-e7z`BAKRu5RRiUYq&Td266luWqo7Y0UPr9AO87!#B;}@-sV?qs&;Ui9}suq{bF_D^u&h> zpA%%FXvE1uWGBEC)(FnEQQTRIcesYVxcr4ABUxwIk`X0ted*O){g(A4vlJCsOYdiV z*b_dRnxD2@DCJ)i)CqIEcsg5BmjS&&_*@3g*Y^(9po*0)`;$9ZY3bu*Lv2i+(_U54 z@$qies&|dbOkX>|PB#+WU^_`Ls{<6Y2E}g`%uI2b$lMx{)K`9CbLH?$GywwaL2v_Q z$L~&}=oS2pMf*em8+kl#EJT>e8}FBHWEz(B^##2^_+c{#gU9Qz?NCBA`fa8rOf7`? zh%|1#Gh>NYMtJrCsm1en#RmaVhH9v$DfJ@xm<8RDn`=Yx^UbNL>7`I`v!BnT^I6_| z-X2C;3+GLdlYFfZT|Y1yH{i6*X~}zu^(wv7Y)?~3l(^Zg7+aYuDL{feRC%aK5UH!J zV|^{YwiBM+oSJ4;e=MF?aPt<0VmHbDc8{tnnUaA{n25 zTCA&ieqw^>lB72pVJwME{7QB0MWWtl-v9L-NPzKo5EOFLZ5`4_q;OW(2DxJPSyH`fX@wL3**3sTu~2wz?8CiBnho>e%v1swW?!_tqny~R#W zcN*G{3^XTQMMhQFq-gbiRTld7W4}|c$f3U@1N}A~L{gC}nS1polLv24n1;IEV(%>D zAl7_#DeBaIL`W?jq1YC^4jaF2s33DDb91I~a>9`cwC)%t83~EmiDj=XBzECxp)s{6 zos^nt(9p~V)=Qogc3u}R6O<2O!s(GX!^>78lpENY>Y#~2t-~6_VeF{U!Eyx%Hy;^w zm+&j%F7K>R6zOT+pgrE1LzkF+g_Qg?QcSWWd+CMEQZ)uuuTCE_0&8)1HkyKwmE?%| zKsxL&Uu-@8khUehO2pve-qexi2NuzcB%~J)K^R$~PFPF=4l^f=>@!{My3jBO1u50X zI#wTx_B*O#IYm-%eddnHbh}}TmyD==fxz7YGm3s0cF0acnVikr*BRo-VOoR(&>UtS zISlSn$72*PuVe$3eSf8}l`O~L%^{TrL6 zWe>=pNsF_{9Y(^hH=o3>O@uwUge~1wu&cmk{D+ZwDO0ZOUfwCy&qfMLu$mOvFnal# z)pdmzHhq;LXnLmQ7Lmg^m6)J;c_qu&RFh2j=WaL07d#(=6q;SBnaf~XHKSnYI_woB zVC*|NQnelSIG|e@_;+$YEeMUVzJj61CnE}dINv?CV|LhpH%xi?qM2oX{#RE#2K-qyIMK0fuqGEi-W zETesuXrh!_E;!+CSVg0ww#OoB<(*bOQFsRbSs>@Z{ZB2x#lZBOH3BTBFoiS0D~HKZ ztgRGFgc%JIBe)S!eW+*eLa-NVtaJ+oBJ*1!(;rt?0$6dq_a}*S5;KOniU5R zcOp}>c2I2>BD5IM5Iq=n(*+B}IWgRUK=e5ziM6xQsMh#nMS|#3H2r>Xd7DwWyb8H+ z8#gDCb*n@3cMzYG(r9tZ=)&Vfd_*1Rdo|5IA9a~lVux~^@C%6k+Q5$5*WK0(dyLIZ z*H)f$4ew)hJ+WCv_M7wNT>ZAILvHhzVB! z5+-tV9Iu$)0O)F6@4y*@PVkWA0iHYAIowfs5GyHar~20+PwBCGVwkHHAMY*d@&|#s zA1WQ7JSYs0Fi;+~+3LvN>}Njk4Q(Y7Ozg^x;(kELu1 zb>$u5(ed8?UFDK-8pTdo_|?U9C^X7Q@%b&bm(e#A6hkMDvV!RE#0d&^Bio^8WZ)Vm zK63+!ZKZdWRtuio)4!26I{PFTWJphhV;P*rJOxeJ(>+WQa5|loqUu^tvrW%L-@T1l zd2hlyTVa);2k=a#_?4P23T=8n{~HZoaN z*ompxYpbT$-HMX+PC76^y!OTN@6%Wzr|G%HyOI%BKKa{VN;OA;mERqB@>F_s+7ljEhwua8S0@4X3vq zf1cV=XH4$DgN2TT;^3jf{KA%XHwK%%w1x9=$5pH<^{Th{Chgnj_wMO=?l8d~tJfYl z+=N(lk3+Y3!M_zQMX}tjju_~ASZQ~W)+B4L{Y6uq{pK&Z7w=)RfEmJq6JeCOd9oWC zG#6e2JBXRxhPXBZYa4xJp%s{;p&h9?lhZlz0>Zn}q<8BaO4!aKX95^W;Iy}YF*}k= zO#Y66&~?o$O5}?6kJ!4=KAp zaO;HFUZy4AM$d&{OXg^WeNp_2)2sZh%PqeMg4TfrdQpd>(y!HHS+#9NR z0aM2tccur&jgkD{8PIl%6E|2N1Qhfne~KJc59rh&%Qt?`t+)^|0gdYXXK%MG+(5x2)&_&6ALxl9} zv87?SJ>s@H=5Ong4;h<%A)`DW9Ur&K7CCK_G$uVU0jIHM zCxT!3et9J&ZT`YcR6iPnl#E#fM;t{(X)B3mKDaO?$g&g!bJFC({Q#ft4yDjDuIsRu zcSZleOwfF+!0imkZa6Z~hNAo&cpdu`_)+Z2GniGgGC+djNi+sa$2a0?$E2#%Z!|qA zIhLOhs)SWFaK%h*ZZHUki4y&J^@q^}Jfo5E{Ao7Bk!zEG(fhD;8N=?T3Dz%p%*vm; zj$sF?5?=OsUequmGvKPZ@nW{QQ!odW^?L+Kc;1PQ`SXz*kE~<0pvY#n& z?@pzd`q6UJBX%=4bN7ZsG?lQxo6y}Qw)s=~+E|Q5PM<`Wz>M%1-6rq5zRJY7AWqL4 ze5(4!{Vs)>bTi|G#-jKQ5?u>T9G=(ZgGv@e#D!rFX^ild4X7MAYs4bsK+|XY8=;Hc zL)&Z~ePGz(uIiv@!{r?_N^pvRtMr*SB1#PhH*cRQ`B+^X$+)RYRVkR(y){ztg3^I{ zm_zi`OaawE$3klacuX?r@>ahQ!DR<;zfNIgx{=1kXVj+N`fbQRcze&W7ndVDo*$C4 zBO!=RYl#rXhchi(UR}$MPBU2dAV8_|@*Y%{PoX4O*y2YIBQ3%xgyo8N6fz3W#PS!H zS+rd|qXs5YW>@a)7tzE%a*t<)9}W46eGD^-gQ`MQY-7HegRNaqaLcCQ%b{4!W8CPz zH%bXEYYx+Ipn~ea&q*8K;kHx9x6*Ieo^%`k{hElbL2yp^!>#K{qF53aeI3T)B-9@F zRnl}ho92Ao$#%6Q7TONG_ufSnd(ucn)N^{~0;;pDys$!IVYx81-|0$fram?c!K8f* zx)q^&dN@OOSJIf%wr4exE5sKr&9{0-WQa2_;pZr|`(Kxo8BbaW!PGkwZ<%gXV39!# z`J*&!Ye6rZIXs(G$Zk$+q0wQii``DUJpN4SBb5{8cPawRlzDE}*UE)?wHM4ETeJeX zr%E2V@5Fr)>UXX5hK(bS+5M`#rK$o&@B2z5G*D>bGdR4n74A&(WuO>ngJ=Y87zkru z0pqbz-E$=p*pxJI-@L3Be~2bomWS$%^uBFBZ*g8@3u$s+ww^&nNzo%C9^RYUTHUga ze7udNgMB_;7ODEB*qUb1ha9-0~;4pkYx>QLT85IuW4`WwLBLV)tn6us}nt z>fH6Y1wEymAD1Q`VzssDHdHbUa3`4&7wfF}ImEgBDgqS8jsbryKITE?0%FT%q;M}KdyP}zkK-j7R@g&%Y7taNFVZM7SA~}y;sEcl4h&Er`f<4)5nkI z?iPP0=T68xP`eF{?S$om1hg1lA{@=j|ME_>C3d)T(R#Awcv64yQ0aNqle)_7ne!EH zdlqI+OnB#6*}Q)C*$r(wE4ha!SfEK}8SMY^xfP0JIcbuTH-r~HGA4FIc%u7)uB`rC zY?b=9@+zZPa*!mnW?KSL`~;+mpMpijK7Ng7jXouU#xHD%=1Wg!$~IJ=b$ThcXUs3Q z+SBHErM6J~i3zSB8G>l8h;>8Oj*LmXK81=gf1#6q1a~wab}C`e-Bfh^wEjCun*MHn zlU(bH^AIgU8*@2ff-qE2MBNcIXa4;=3O$n5 zDM=^LN*nUKV zGWO`9nOC*)-+w-#k0K$6WOJxB=d#KK$uTqMk98$W12l|MH=}Z(qiw;Vxaw52arN45 zi*;@S|I`Bfo1Vg6q?zf;2=j<6F?t*Kkx{g^vzGDm&HXyk#zKt-b`rAlCBhPizutIZ z^QL3n!b(Z_n#Pq$OEkyQ{nT4y1=Q>@4?7Ext;3OyF%=LRxRp zi3#@o0U~ei{M_^QFEIWuX6OKE@u))8|8gbzTUZyxf}OFA#@<-<#F4)Pn~yqLK;?|&?0@E} z=|7Gtr@o$q7a3+)!g+5D-P!*OnE!!~h7qZlQ;*vxy3GmMHf#YNpoC`=8Nl>665>QB zU`N@2N>nM=u5wsTY=oG+<59)PL;Y{N~(z(*Hn@4u3d)ec2~`-V>|u@n9Hx^ z2$M|Pjh8?DHb|`JDTocmCHu3b%nZK)t^F%Krr(b^pLajV))eB0aNzp6pEPX*fmZ zF?3;24W#tb1&c?q`RZTQ$BAbo&M&`*We&OR^QF}hJBYRvfgV}>n;BK z6WEu~c)}d>0@>QKR+iCtL1M@^_&7?fefy?XVcD1u&m$jYj(S{Ax_fzmVgMxT&M;&X z5{jSqcmiqzWnt0soSnJFD>1;qt0msvy%Paqz9DWZ{k8lJnMGB~L z>HmVdEt?00Zu2ZI5@WSBG;T`oa6N1PHG2X<$^jKLqwjzIZ0;k-YprEN=6^u){M1+G zVJD&V5kt;1KOU#+OPjUvN|paLpYuO2{V#vazk?H4A)Ct3QS{26@<=QUq!RAJ`Z7pl z_PhRwS4}_S$6;`MfC(8k^&g%5zx)vn*~@lObnpKDXAT^@O%!GC#@IEHD~TqxKbNE$ zdpW?#_W$(=M-pv%-p{n2srJ$+ZsM>&!Vy`=|6g}s9uM{Q|9`L68zm94O^b^XL$y>?-JJ%&yQ^~%RkP?Y#>|JI?8OBm%og(|z7|dYIe9yak@8|ouHTP$} z?tedjd5pLBobx)**Zw-MS6<8;8)f#cZ)HIfmb+%UQ`s~2zd0}M=51VDTyLkQHp6S{ zxX-&so|`O7KxIc<@VRPf<<0o@Om~yS3z=K`;!eVK^J||qS_tyHhXm?qYd`zVS|Btz z9s5B0j&f(In%|IcK@+Ve<|pAZ%QpoKf1sx$Sl@pL6zw z5Fd}tOiQn5Vz*!K_6izXj)K;CwpLrdN2n4Y>kJe9ij@)~^ z`N^V1^u#4p;Ot{T!5q;$KpuUb7Km+kE6d-6&fG3bv_AsPN$z%0zK*eaXqwM^yalB^ zRmC4oU?Yg|=p>Y(^_#fLrhNbUAWgzJiummZ+S+)qd4g9nh@+=3kHB5kcB)auVyjnT z8(w8ww}q5S2L!Av^$YQVjt%wT4BhQn)6hW-{8t-*^?>7yO z>79HO3rR4ZIO_5U=xE>e{{4jj8=1bU2syz>&B9}fZ1f!5`!gu!@Dy0D>_dCNO}G?b zLEFNPmzI~~;}7UPC@)vpQ3i_{?VOE%0iTV0+DnC{D#h!cJdzx(FL5B*FgkF<1^|gm z;v2Vxp(Bp(i$o>v;QADokk;QL5;bBRS7MyW)66S;`ukBMBO`f_!G=dqo=AtK3WO5k zP`VFbN^2nuBKskz%HT>`s4P1VvwB7_TwA`Oigu78!gWL|i1zcr#-Qn3>*5KFOfh5F zI!Ec|*?z=v-#gy%hB=WWE<4a$8AP-1ZQT6e7E!OJ6}Gy%Dt~JhzP;9QVE#hILmB?& zWQ%Re?rv_fU?V4*qYz|Rl+@%@TO#~xwql(D}qttyIwzPvfrQnMo0XPQkJa_;N!bzvP>dsg52k+ zi?}-NeLWT_L$@g-_(6Wp=O`SgEdEj^ZnCS9x}fXsj^N_@ zG(=dE@p$)R9{$rQUW5B1&CShcK)d^G$_R-&$D8~2upzW|gRb#Kzn)NBXLtZ@u}hFk zfjCMjb|=*w4VZUSUn0Ws!CC>z%gfv1TRQbr)1Ushs|2{^mk1k|mjfOY<*Bug+gq*T zupY0HT_Gk&lDE@+*fDPU3}Zr(R}&Lv!>rIX1gX1-Gl$k2lLHl(o9hXI0Rgs5#wzF? z!b4)b(!xI;wTV4@NVMBUc7O6=U*QR8A$4Squ;cUdUMDq40;B0|{9V=8JPecM_T?fn z#Q;j;4RQ<+`{SiFpxH@l9`g_=lU|~!DTuPMMOLqSbPD}SjxsYd^S;v89TG~Sperie zwV!v~CHP^-g3`DxxahF;Y@{|4={vvRh3`u?8_X?F+YLz@J6yD*i%WDxh3fs0gzF~D zYc3X4Is#F%B-dKSR%zI`y7-s6v29%8$<+Dzh765B+u2u(v>WbPJiWfK2$$d!4=0Xf z_ul%_Gw#E=O>?W&Z5{o4WXvS7@Y;pGBu&gg3roxF`}dDM!l<#)l1~s1>;^pf<281! z0We?1qi`?TR%~P+d9s1DY-{l z7O6?5q^8=95R!r3MQ&39EElgYZV(3=)U1hxIvP~^pxJUNam`1+R<(ba+)k!hf>&+m zeDwtCOuz8-^fVbY8*tdBr$X{MM)&fFlD{;U(J!FDf_CbWzaHUQy2xzJNLrG*|Mk++ zQXPpq2g6eGO!M0Xk2mA%uT8KqENSPy);<|FAj6UevTQd+qDR7x@7p1!E(penM7V3v z3=0Bgh8sIobRNr^6$d+i8O62#PZW&GX6)_)Zbq(AD!*Btu?D|WhM~l!luD_!iG}vq z4^rc4B6pS7=>@+{(UvDv(Y(C9u`TIpLpL3ivE``GUJpwa;*Gnygl_nQ_sYp`T3)Wm z29m50Gar4FNw_HQ+*#o0R?YI>~wk&6LA ztc1+hr+ml~GB`5hX4rX{#WQao*45Q%A0*JhkU2<6yrg6#ko$0=ZLM*qZj1_ry!3$X5rdb#h&vG`(piD48a7j~Lyx7aGe#9N}O zd@GC7QSe~9lU2`$Og;%oc0RmuAFS0xhQnG^@4*!dyT0qqn6~!zT^+ebQ7+2DVAvx_ zOKwUz-*hZ>?F)C03;Jrw_NGHdtWbPh4oU#YZD~_>}6-YK5xsc_*KR%0{Y_$m*BI#$7(sfz~ zS>}*&5GSS~ROve#3rDSx-#_z5d=g4^N@(Zx-fPzN$tr`14|=6Lad*3V0n4E~)WkD<}82_g^WS%Prwz{=TBZTVL9Od=lW*1-hP%0UW>a_J8- zb-v#3D&S)6X3qHqZ#^W!mp-8ekN8Q!LC4b4@@soG)j=5^+aFQsvU5Q~m{ zE4?xPKye^-hSsiP-XLAMLr+%aavCBRw1?Tc^QcYMlS#)?!)p<~wZl`6U^v)8vs@kJ z)EE#q0Fr-y{CDhdvdLu#qf^?YY}huejtIi&hGyz?@A++t%zAhbyuEu_KX20cPlOtv zYief3CdXsBNnXbYX+J3dW9mR+(@E8IFvc!H(oJeDQfg-j0e|Lv{lOIUHzMcnIA#GD z2>sf-xAJXhrYr?by)QnH5#VMPG@K!st*Nr_c7Da7q?WDFQOZe~G*b0^yW0F#c01rO zQCD$&7*AmH?K_fe2xO?f_^xOF@bN`pFAP7)EY=RrbP9k^uUqDRFY?jJDN#kTITv?J9)WFirv7Z$Iz?Wh%z0DBxt% zJnF8zCQ&b`L&=M{yj=Dwv%iJ=ISDyI$ANe6c0)2$ZT8|GxJ!>H26yvHdZ}ze^eJB9 z*y*MQ+b9?*Is#wL#L$}3mGd%LS@Kq@LP-N)i>SC<~ps=#^#R@IN+e$CgP zpx;0jmM@Op7hZFVtich#Nu=ekS^%YkCR~bezHJ_0=HmMo&gbdF=~|KfE3vxDT^G#b z{9Vn4sHl}(-o>MD2ln*(hyr8r^I4a^=amI3(m?y8$$MLGHQnu*ni9gGKHtxKav(R& z95x%$lq?^(IF+R8JyEPpu|IOKHAvlxO9L3~tQYj39V$VcL~>($pZ({P|JyHz%r42b zelcwvh#52(Dj4Opumgw#Y3F*N>a>EU!u;stF>Q+b1QZ+;@u`V2H(%!|;WW54M47be zge%j>pi?^gpzd~>CQGqeK z9b?$%Q-7tH{s5b^NCnj}aRmXz^DDyw={#mBl6OOp#ZJL}pe;pP_dB%$`IY4gyS*e~ zSitB~TThQg0PrD_4Ry1Yp6OJxq1mON(I9in>@{Uz0g}2?e+n=z&>?Y|I2%*3Je357 z2wG-b@A-|^C+QY*-bX9~!CbPIG?e#TzD6!|hDUBH$03l2na@s;DX-)DcAn-hWy}+8dU!Hd z2Q}(@N`ZtR_4C$-P!JoMJwYtEV;mSJz%>m&*L9j5a1TR$B*f02Tc-!LQ}EY1GI|84 z&lm&~TMc4Bao4i^i&sgEcg}X>$(}>?nah)7L;(Zd^y)`4A)}#PxL5V* z(fU)f_a*LW7fZLUCXiI5&v<=c;SQe^(oQ5K zq}KHlhcC7+d#d#@Ufi(5K3+J{b1{p}%8zJhf{45p$96V+i2n%a|NaG{O6^?XF!|nT zVq{$KNbGymn4=YHxZRJ~3y(!GyRFG{Wz~`*eOCkyM{?IvAJdRb>PqoQm`o9v?j1C~ zNDPwdEa=~bB2&5VIdOFc&m|kRWfC(@sPvMNdlReg(z!8EBt|N=?t|8wpXr+=g&jkf zk)wmLv+Al32SDY_%_iHm&$KQHx=Knp(8^ln{P&LjL5C*@IWk}&L!utbeS63s5vxXg zfmKTtS3K%1TjCJGjLG6)>MPzIZrvEpLDK3Q%b_Ub(q;9st3$Uqnzu}9(i?ilCT3PK zoW=gVHGYH1iB^1I(RYnL+<{^C-8<~4ai38Ws%N`Ev5XB%sO?D^suRLksD!JeND z-e0qVAf`R*>bqz*)KTkcRuB^6N$)20BbQ4~-^&n#VWubAQ3ADE3`*>id$>xHj|V-G zxfECIjc4rJl!Cm@7$?V5twoVF&L`=giv`}OmJEWg^ix73D;M5e2>Cdexsp9p{{|`D z8iX~Q99k^WR2P45o8^!4MbLYUPG`S(@nZhdbxfoE5fBF7AFt1qpMhn$i?2l7Fm$`Z z2KjEi3g+k!XdvOhjA$I>`zoLosw3I*>b&qYboK z*(=w>(Pb0j25gobt@7#D8&gOgR67sm0pgDQVcV=F?HUzEbIfTd1pFnu?&uidr78ok zahn}%=;{G%j2-P|BS^%O0l?*L$SR|K{s_ga>12|opmp_z_~wx}6Us%dPIQJli4UQ^ zYN}r1=B#Mcc+#@z)622Gr886GO}@FtM|58 z9aUgV&CbLDGgS5|Jp3;6b>0AssyXi!v|5SCFd6!95h1q1Se8!21rCIGsFMk&b1r>Y z%(j-V^ft&(tYs`~ozz51JqZK2dRtcacH|}*&m;#+?ggI5`GNp>^8yRxa>&xjD7&ST z4h^?AJ(Vn2p`n-tQ)+(p`oCysSjXoJM{r9igzfG$o+x<>tGZzSlnlJHo~Q_xZo-1$Gm}yEMu|9)U*L0&t{{Zr|LZ3a$aS zY?{sp+9!rAk*~QaH9)Dmcp>q(^Q6nYGvG8bIEf_>J%$4v4h5`~)5qD{OSt)F&s zqBJzxPuNmx>f?z5;g+~SKybm^+9zarGwF@n<@3A^#;bQf>BL8#gJ+n00mfWZ$gY4I z?@2J%_b!Uuv~v6X=hFdSYG4nUKoLfQV+(eBVx}16@w@hvIs)Zl zDB*dywTh#+la0#qtX!zvY@RHf@%0YaU=4`O!;t$6;7nM*rEY zzmnsDsBsX!P3A9gAjaZwxW=m`pmahK(3fb)hMSBAL2*wi8-QU+ZgeD%6yLUZ;^+{R z6az_)my}8b7ALc^zw7;3c@3v8yb%s>eb**dVwo~nae4$_aIwU;r}SD|YwONrL&()S z*xJVyzs*7XHjq5FzE-ne_>GGTgyC0~mj@Hh+uU^Mbd4!OxqI7}fa(Var%o)CX?(O9 z9fWiTbrQH2iL#Mc&%6fu62$R}{um5F9v<08k<`nMm6sSs~^Qq-f z_d+ii@QD;1cLDt4BJ(^6x;ZptlT}nCxg1b2m~t8scd|qh|0i|hn}+w_c`X8FBZ%)B z3NeR@&(?zE<1>J|N*Rxnzo9O(wmNV%W~z$wC_~MYN~;)%flu}ung2M=|D&sc(EUfh zMCe=Qa|~!B_lggEc3-f5xBsjO&t40CxHjkGyZ01NU4H%4wcWZmkle4f*w>c)?n3B` zQ&ig`hak-Z8bX0SEuI;p6p`tsBKFLF!OQ57)~a_-SR78bps*09g7iO7$QaZ;`{WJ} zrf=(POFMYatz&3oNv9X-wD;{URr9}NFI>0~fx%!NnLjxro0x4PC9<(u;gMa_+5!a~ zzjLP|?55pweKrIYtE2Ab(GMLNcP#I1b5R~zUYPW79ljbg?2h6~H4H`M*=nHhL< z8V7oLAYK2q4}H8TGkU2+!Gk=AO-f3NFv!`3wUwV+3KBonE^M>*dO_sj;9f_~v{Bo0 z>^#iknIkf{HaDxK8<$!YAC7n1r z=$UB|4M35UnK_FkG!0+pi^AFv)J55&vJ9Yd->9AU+G}IEqa)I-(>@18r+w6fVsr}% z3K~X6uF@CEk#W?-t_SMMVoO2tC7Q}mUgI*qV|nTsQYG(c&kk}JsfN#?CGBQTPL2(s z$~0dm|7>KCChXMh`EUW2-}84`*8R-6HHDkH^o16G|I`19p8v;t(1x53k5P>Cc%Pa} zPb>r+hQslI3+eC52O{3}_MQ=Y5}D$#{6n!n$Hwq8AKVC4{G%<=_(Yp3J_Q8@kB`5H z3Bq7n5y=AE!WxIK+m6)x{nE*X8}{#7%Z1L65OyQHzvAh}B6nhHDEcA@uS(#!oi;`uf^=dn=Wdl?|qn zDurML1$xC+H*Je=Z{Jx7idpJzZBtBLX)Bn;xA%F`UpXWO@KCT=Y-o}{#wr$M*fCax z0!IWCVC|u$hu7w=I*pARn>F~?iR-Og)!JH418(JkXDAj=`BmKdB0v!uttD;s`6ZF{&LJe8tgo9O=eyCj;BuREFLRWBka;OG#;I(P3d>1A#fFH%;^3MuFlx ze|d_TH%)o%l(_v#?N)VZN!QGEu3p#b!_RN4Y>M#BsVa7!o(eW7=O1gB6KZWv-q{xl zb&4;Dk^3z)0fXqC$m%Z8E2)8n9p42HnJ^8a4|*9Q5LDZdcTP%ghMy-bIf~?*TU+dH z)HKy@?c1>KLdwRiT)NG@(>{tqF&8W?E7i(;2DcQ|z}!(kE8G@`<(U37hiz}1YCaBB zqMQN8^wk4GF#%qc(?BhD`+e*VOA;$;n3{4)Q}dNQlt0JC2RzBSxT2={xQ8jHO;{L?rs3|4yrHeg_ss26N!BTx<1~v;xovR8ad5_vC8dt zfgF~&!>!{wCH)cR**yJjlKd@3xDo^re}}>=ucc17R?GCMPG0YinV%*1ZubBiG)MnfX>Z$1-|7%gzt5BMrPEOg9>e*PgM(H|hY}13 zEiE_#!4Ph1W5A5iDfXi>dxL#WZ?TFtTg$bUIQw|V6< zMK`;RGu7SI6+19s<1#aY4TQNg1a@`V4v#E;uYbF5`?RjC04D9_(s;1xRP=Y~Ej(jh z6+G$2UaIM1KD}EKWz$llB?TM?=i1L2#wG-i=f=m!xwj|h$y3Bn?ZAZ=yz>3Q-O2E` z@4nlfdrIfnSvKs|aD;Yi5Ur&ll9lva+uYr{^CbeUcr~M@ovK))Ca4S@TuDiXaAjp> zo70O2KnA?%4fF^cGInw4w0&Y8*Kct^sQGGXYX6vo?At{-C;jmaVki*v+)J4as?MeR26SWS_9U*Mk zyLm?72usr+vDf3^+g&$iX$vXBL{^`HV+<#Byj)6G^L=3c1j}HAxIbjx({1f&t5wdK z)N5C0bZpWS{~R-0y(dmOCKLCdmfo(QS9-m}-ujZ<@eD><`0I{a{y-!b7Z(F7x|-DC z=Z~5{Fftw((EOpXB5#!qHD`PWsKjfkMuF?he%=C>e?*X+O9t-E%E!6-_%E1Dr)H0a zo}q9l^eppi4O&g;va9V@{WUpcmCr8cIK8_mld*uD-_AkZ*BY0U=P_qn?6*?}Q9ly; zac+K;;V{1PF~VOfIs{fe&(3vfG!G9DdGVpo4cFGAEJfbN8N>&h%ar*NMYoLDSD7od z+%}#lU$P7bO!l)1iFvW0U{;;~0mVTQbl74h394vwAG@LekIYcevf)z&i1m??!R!h*Eu{z&`J6&*$PH`oxtF59-II8geg z*|}1~!jsj`-M9naypqa%MpOv1E76nv%y^?4G=xO?e4-3E{|>L6cToq8NiWO{OLX%b z6;Ym@rPpf`W24jAA)_=PV}D7x=X%KqZto>K@V~;vo%2Zof-^st z-~+ht@Q!hE;RyL`2)(WLK+i;xMqY_%Q*c6T+jiaq~k z6-gTz)KyC|mFcmd@4y@)E!kUP<{RQ$t{q_$Y(aN{b2Pekk@mN$;jd3bvVo()yuqvz z>YvH(2mTE$n`q6WfKt>w&xT9~C-8YE$FC#Y=#gD)E}7MNeBR6PWU`XnpIIf`7djO$bB9HpFM}exWbVKf(E{z?K+r0qAGut=MW8%|enu2o(d#4&Qr2lI}A2 zWuNJqLRGbMF{4_=d=Q@?NmOb;;vV3R{COSgVVzLBG|(&#MdyGzk}1m5B=X z1{QZY>gwzQx-BhPD2n2cH#oPXKz{rCo>(?vc+}(jV-#L34$i;MpVe`EMbmY&nOqfs zMtz{NIXk7#|Mp8iGyrx)(6=7`hf`hmE?6zB?lVwW+_T*m_OOY|fAj5VUIE~skPkfj z?q9GNt6i`JT|LlunpF;VSJ*_ZGww;qgnq{tsSb`mO)~ diff --git a/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.png b/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP.png index f7c7f9272fe4bfe8758ce3ea71296d257f8bffc5..d65967710fcdcc2cab7fe85a8dc022db0f548471 100644 GIT binary patch literal 131059 zcmafbc|4SD+kYl1ORIfvx$SGol7vzzOWYWP85GGf_I+O}O18E^2qoJLBVmkv5JJel z@7ec#=XYK`@ALb-&)xLA{UM(**Lfc2v3`%`yn;3FDIcd{qd9cw(DA!>ZfYGmbcA^5 z5S8h%BjA(Q%3@96KME%;l4xK%8_vUpScca;U>bIZFJ-D}1H_RS+uKV1+ zV0rt7P|xYtp`nNL3EkEnmG|GEdb6EuUpr;|#k(=i+r=Ahr#AbtudCGPBE^Nus-R<( z*O_9E{&lM72dpQm`O;3uwQK#YJJ%NYN>ftWR9)QQF7UOi#&ih@_~3?U*+y)~m6gtw zQgwRpZ}^t~Aqp7fu~TOifBz-%9%T$A%H@kz(B0qv`0r0%QXeDA9s9!y(3f0z&JJO5 zW0&;)v<>(YMU?r!*CR&zLJ^AzbL zEyGd$sirOS(b3V1moA-2N=mvYB^6l$cM;is%?j8MBK)!U3U$;s#Q^YgWbGQ=kZi&M3fnE$x4FqWiK-ckF8??Q<-5rfUu zBCXA;Dw{5R7?5$^yvZ@c9a_3y&cb%D9hF6CWCUo_djS*pWMyL$9==YP)bC)$MY&b= zRPnVArJ zzI$I67wtJ_W+Ifi2bm-0y1B)Qy&r0QOrOH|MTdd1j4$i*& zdM*}GbEQ}ME7gQ;XuD9PSpY&qLnA{k`+RSsc%Y#++yzswLxPLmog=FildwQIa*Eqj z`*VA5Z!8ru;#!fyywB>E`*gwKZkbpEgB-u7HnzTF+$I-dn0$7RK->2)MSsH@*VHKI zNYL_C-_9AH@5w$VdesjZ=Tu!NJZVtk>B8iioRAp^H|%a2NLk*^V6<;ve`DfIPONYF zHTCi&Wn@@tBDk9f=hezPIv4x|aUE7xR^c7%>lSFs2+d^p$BcSln&M%kP502y<293u z_G)UOH3W6s=vq`9|QA3P1ZKd3#V8*0DTDm{_!{d2AGFEiInQGZy2yT;n zU#KL4VU9_wXdif_(4b(Es>#%doqg9N7Vb6B@WYG!e`vUzZjd(d~YV6$Rg+2r9v zxgJ^Bq|8jy<{C?ABRv|}g$qg-FF6bL^u&y+BNEu763RrbMxjTm!cy_%z}}drNoi`!*(>np;|!I5`ao=TWQhOThLc;{Xro zjvue?>biqkj+{P>{M+}X*T z@4Fx1J|1{@Fso-8wR({a@}QAlNZ-DtXT+duBJ&(pV#S`v$H!;97JA==vD1%EsFy_W zQFNlJP#WadXVA6flyet9!8sEWG3csM>^)@R?Ch$nipwD|`Mjco9y)zdN|r+@^@vGp zA!do*u0TdAV=A~IR@xkcqNOgNL~)6c^RLq?iHqMe4<9}8HQTgiq%z^&a7Xs!}=e|I}{Axqi=lS967!-1u)nqcXoAk z{Uki)-uj;Z#fJK7VI+0F+;t$>w7&xoH}G#9s>dalTBVH`&>b1U>akL{yu5ZE@*vne zd%k>r8|9B<;OQi1oSO77fgv_-?j|fDoa-9f!HVk1DxU~>b7Vz~9_JGfs7T*oTdsl3 z2}P2&h3j#8WxhTc$b8#NKdo$Sne08DlM7}R!U5jsit_UEu6#S=zLg(24!u!j^fsLD zfu42iy^&-G%)6WhiI9a=mQmVhC5AY=o0;u0(=jw>wcms>O;Bv4!c+=t*h+|i6%LT!orrOHNtCx zAcMWf7jpbgvkWNqoY`C&)nDsKIGB?jsVb>SLU+H2;mR*R{Vx$d;nVn9}x>fB11M;l)>dcOS(;F^S|6~ZnqL9B{BJ9>S zHfjP6A06@QTW@gR-coAL%P@a+`x6o}F#c51P;F^fwiC2XRmBNJ&l*ORBuh)`9n z4}}AZal}6+kmCqHPLYOKU0ppgRQ_aXWMFUUDEGcru8Z?+B+^`erehywg`^LT5}n$VfV z6#}xen_1XqBe=`DkYfJROf=0PN9QK%hi;0$<}lGe z7?Rb$a?@GNnDunlzQPtxPOcw%Oi`bT*Ceq_+Q@B*)u92MZ$4o!Vq7XGD=YiOiKs<_ zb2z3C3C_SQLjSow*fGHI*iVYip`rW5t1YTa!MzJ%3)j5P7Di_BE3Yu3M|Ta8BM86w zpo~3*ou7!&?9`3Ok}R~C0^h*S8wCdCh>e=Ey(b!&l07Xp)c1>hyB84E5rg)Yag*E` z(GCJfFr_JMO)jHF5m>lmQu0 zQ8KBYRq(@=l_{(*400bV@VV9mRPHqcqnI|WJB;aw97n9}m82SnpWN@B;8V!D&7U1T ztR>&P6?(2LH7CiYTC&e;s4KL*Uu(VQef#8RK%wOL zhm){m8oJ~0p^`#ZN6iNueXR#euK@#-1~%(*B8mpDWoD@Sn}7iC+bNg*arybuC%EKT zxOeNzBFcxC01n3Yuq=l!`_I%)tiNY^G`@)V_}}?CZO)sQE=k;@tewM?c$A0<{Ds$CIBqxliGpDhT-+M zP`_&nAVvfdW^_T)wktKOPT-b=;SREl3xYPi9*+0Z1V1!OM$NrgakUK=>tE}4cNlzi zrNL%rJZ~v-Ml`f0p__fsdvOZUA6t<%hwQlLyFW5;!6`=DvCD1Iz0adF$%(DgnOW>1 z-iZ@(F3~LP;l{obX4xJqCbqn-QH=tz-=ELz$vbn&=5Dl+z#Z@1ZlBip z>ybypt2E{&yWG8paf87c2YWuzdp z@HSpUYfBBNyq_S*_!SAYqDv@I6AOK35GCugo74GRUT~Sn@y{mu=H6qmgCRBX-Rx66 z(uPjgXBFCzj^E%56rGccn!9fjcCVA#+uJd4`@G!ThZFXUrPhDzy(?2S;2|UO`xLN1 zip~#8&(2e!Y&b1(*dFYVAkR=;WsJG8oJ>L01K+{&%91w|>SGkjM#m#p#ySUl4&LZv z^d9KxvJii6FdyaLnh5-$O7l@F1LfcP{vY~VZ4t~1=`Jen|nk)LOXjgvj3 zl>SNT`&vnDqOMG8`uO{5ExC;;e5{rH)PN)|QX}YP;P7bhnB z3v<=@aom@tR?if~gJd1-M}v<3i>&;qf+?NxZnv2}+xF)2ipsh5ej05a-P6}|Xhb9A1qWxl!<$&%P-g|?9N)6 zvT$=pcyaqmvA3EuxZqDBu|sSCeU*8xi~-n?q8|IPs0c}tMBM45C*zqvyTjJb*kjo4 ztMTY_M5;0OeUficXqmtmN>C|P4L3M<-eb&F%V!+bv0?C&YLyCay>=^^67?iC$QWL7 zx!tFAEkRC8CJLd5@$A?6@GwSsX`-s##p6&kUgQL?)3cGLRQ5L_G!yG9sWL+<7!AIA z@pbzHKQWpb^7#tAg<^qf0-v_$--wy{iJpjhL_^dvgBSYM5L{BJ9tHaCcXOA?a(RqY zWzgU@*XG?&>`f)^i|}50ru=t+#K_GOe%f_uLYrpS!cd}ErO4eI{A$ZNtmByM&+9V93V62nL>mIW#qj6Lp zzGS2i0VgtM)u_!F_B~qKTzOGC)i<#$EK+CO!ZwpDGZcew5um!R9e6izqe*f|rPI!! z%+V2DK4tN!Ctf@++q3;k?GItQBn}G1gU!gE%xcuciu*C*c+xl*xzJ*zlE`!zzZ-|U zkv1|%X->=YqRCfKo*he!F~=%CO1Yo5x&Q74Ze$TB^Hng;+~I1V>77oD=e+KNSj;hE zytnP(PpOybSzEgH>Tb6Y^84QG-`;gxRfw=IEYsVHeAQaev@YDQEq(Cu9?pZ;&LpB{#@sCfcw(7JJ5L zeA)r(%ql-0)TDoSRhxMvl{SG!>0N%=)R$HQpPEmkRypPwAJDZNDv|W25s8m9O%$qw zsViYE`U+J6gK8(?R}SObnw-tij1lQ?XC65U#kE>fAcj2*TlJ3->sFFdIVd`713t`J zXKYcTwuH4Xx(;i4`~A+n^eGGGvQLB*4ulM)wat2*kqnVJk7sfx{DKM^&EZt2mA{?H zV0_u~?>)Nb6^@?RsIGPq8tpxKjh=hIxBm@V+)(`O z(esAy=ib0gatveH8k!nnM8Cyi!_wtr!TO-A!SbULFM@E zR401-hPj$X)M0#1Q`bwEm;0rm5fK_ehEq9mcU0iPQ$;oL1MKNE)A*hEPzDP|-vnP> zPPrClw616ffzXlBAZITacOCmf7QGWhT+4B5lF4Rpv>E*3x*W40zoiAm`Zs=!N|~$I zJ>|9A^*xhGLM1e18XGByyb0NS%uac`z)%bn{yl4wp(MYH=wRyX=BA89B6D+dZ)$6| zTB=K{|K&rrkZ`Q+r6QO8+WLAmlo@RtOsig$k>ldz?1yukrC-0rrkBo$+KLRUGPfUl zQ!kWFlYjYpnGimHdnmz2en-$QhiGMqJ!Dph{V+oFIsHaXTc?zgdo zOrrwf@U{3jx^uYwMQMv?t?%97wNoh*DOrAtxu3DG_r`3*fd9Fg_2EN+g>lrVkf)T8+dkxih`*{&p{w3u)#P%{iJeW36|L)9-5?#u-kWb1u{P7GY;JB& zxb?uvDTf9hI8+!#E<>4yKrM-+SiHMjzf}7xLva%a8A@8?A*O;TIlY3NeLjuec>7n+ z;5q%Nr_d|gaP1@411Bt#6+ge7p~-)m(S4V_tC(t9VD;U`UuAx#*BV?Fe+J8V)nkcE zF*zd{IgKycaR_q?1a|0*y~yfadj)bi9{lvT!}wRPUUlV|YxH?+m}c(`@FjU|)jgNl z>m>}o3iLfJ%E(iIYj z2nYERsKQ5r_m%pi&yCEJL(7RKu&pbo%F4>6-Ib=Ac{>G0R#i&<{ct5Si!AwA0wcbC-w{Yz(-85hV1*f6mK;liFG8t(nLO zBr=k;xw&cC%dp?TJRf0hB*S4??-|MTwEGMw>s_ZhqOo4Ju71s-b*8DVaX@e&{_NHuYXr*aUR;r>O`J=Iezy14GN{acC-7NYS_Y@2qzL#>qEy$jFFKIHR(WDC?X+d2 zq?nW=xEct8yOZV%VNoYnZ*_iQ%u}Ga@E62qOF(@5^Dt1k$?Sa387pP;B8*-7o~=f7 zMW#*(&(QKAvJTP>lxORd@E<;Wa32n29(l!Q99~v38elOq`GPxjx#omtd1^)sD^Z6tYp*Q(24jN2gzt94FIXNeri| zuBibnJI2me7nGrv#8O~?M3s_8F$3rO{^ph*qnaEEXRyiTQc~BXJ>7e@=PQjpr#eeq zod_bs)nV*>`MlO>bUlGrZK2zUz#pgnZG()`9|L{IVckGrsE`Yi@!fUzUJf}~6AKM0*h`*drQk1OJv16 z0`GSuqrFE3x!PzNdq71d&9k5&lZAm2huN;|&DeuA`&k9Z!S>(47wW4Y=25(#eysS6 z?eVYM?e!xy_$wEBUyIwQ6G8E^)*jcENlk@P9ZSEcK}I6SfB9}UcJ>gU9xN;@-vkRz za7=|AY$Yq391I)vGD`jMjHRJ~tpSTsCHk%{yRXbNg}Mku)kKOQKc=QmI(k3^F+g3HmUGP8Z1bzm5b{ ztPqz~@Sw$W)7aS9dn(?1WSGyWksvrbIr+lE_R+7_eLDjScf^Me<)B0y@757S9RC=m zPt3DyO_}Z7{hrBS+c4IbSs{=%gdKl89YPKOe4%D|hMH2tKRJ4`dTF#~^aI~|6=K0h z@U}8vsc}R5-vnRDn^0-4l{Pe#&J2#s%v1+u(5B~3`B|YDAp}qcH#fIW*i2yl8II`E zVcls%(wG3`g#PIv6K$zzl<>}?olr~oisMg=+d}Z>c8S+WE%S-n+S;nQ`EEBst-rsq zodir@#J=;;=JVQT+7t{`;;5K8!x-C!NNaP%H;P(nu!ZuV%4Qje45+ZI5Owvnmbx-XDVJh8-im7 zuu@jnm_D?Yx&7>!sfmf4R3`E?b3)EVS8EhkeWXbJ-I`&$l#nEiEnBybn*p0d$+k>72*l8W*Ug*j=pJ8jzhtXSPIg34BBIq+Gi_o?fftoW;o`sF=MbwFt z)x)NIqm$Whny-p;@Ev_->i+Pr>T2FEuEh`@VW84F1{@88jZJ2DG46tAVUKA$7O$88 zMMx@Z>N!xlS-&HCrQROv_mHPkR5Ewp3qD-QAuMAvg`*AbkLi|zdhUN2Q^*(xt#!e^ z(#4;(Z!U_9zqB!q9>}sTlHA`D4CH=_yn#RBr-v0U(ePPo#s($}$Zfu37sXa&IA=3Z zE{h8eYKc?91-hnZXG1|I3Xo3Yeq2Sy?)zs3RgB0n8UhFZZi~L zF^#Xtq|?SA_9u4ZdDJYX&CYDbUgdsK{tD43h+W0uG9`WYt5pU2!`7poE7BxurC}#n{b5#QAccNGt&TkgspCb~-@hg4Tt}1!KG;Va6|B{bQ8U; zWLxWlOUX3Hh$I0f0COi42EYzo~lg00+`ky5==o}Oe8Hpl*k$%Y1f?olzjv5 zPp>~MXa?57l)E6@z`}*dONXIc?DvBN+=dRhO%pqK1CU3{=u9?Mhs2x%PWwGE1}y{D ztrSV8CQqMY3GFfBv=3ESSqs=#g%+JaW>bia?|&?O5 z)L>e}f2)c2>`=@fKs69<0@^+t$)WlUFJ>uwMJ5khL!@BRGZ5 zkG<)b``5AW!T@1C{XOOV^+^C5Z~*OHk6G?D zK-W`KN4LBv14qsFVE!_W_^%pk%efP^?JzO)Q zYnMq7oFXl8=TB0D9G=;cc2p&xkInY3`XA_y}E=F{r(^}&A$M9@0^O(S0s&5{|Nv{0tbN2rn(px z197GAHOr~rohbB)FbJ=mT7Izaep28U>l>xynthOSfJ3KbMY*}~frX2BB<_=^&cYdZ zf~2g^TOvB(6q?sJ{v@?aKx%b#*n%KHpJd8y)m2`FtF9*E1Fmx(c~Z`! z=RWfTk==UGDL|fQr`&H11v8(hnH%($1H)A2e_2{uhUXhP85NI*x=bDu_JBfzALXIn zbrAZ5WJ0?;Hn9+Lq2#c{3Ddc{`OUF>qk=A_c7=eLQ$SWKcEK$c!q@Ay#*c>uxd9rIl9`l$Qyeiofcbln3+)4%5gLeG`aq<*=eoOTN2dz4m zTHg2HS3OS6pbOFZA@Jhc|BF@^z!H~U>C&i+#VgN5pLfP(+or#XRtP`(H-IfVW#N!^oxgPwXkrsV1=0Gbps-|0Q$I~#tK z8C3wMdnH)lyOdIIjnLcBcuxKO7Ko$FBAw)tav+ZY4;t^?#)a=Y-!r=l)yy4BCaP7< zi@tAAvfT!OQ(V>Z{2%DV!A{EONzWH=Ouaa

pk~GMlhYx8P>u(-Z>48t7Axl9y3H z5aVV@??OnD&tb;*gE8^*o0xn<{bu>g_Y!r1mF0aoQ%&~%MI3a^W86D}{g@8&7sfx> zsk;E5S~nkbc8Dvmbb)WTP=i6cPZB@JSI*csC^uXqN4Sn*qWJeS*6{bn&uC9=_8e}i zF3~8?^=DEkTf=r*he#Xwx=u+GUjyS~IAWOm)Cd4@eVIyfC%JDGAopFRjH%S)bQ*I& z*;b3v((-UAmd0xliw z+>3io@8i?l+Dfn9&_HX`^NS=+B^dqaC^S~zUmtl3t*Q!!d2f1oc`-RAZ|EQyX^2)9 z6vqR}IR*sf@^mIt(&gd`hw75u<_TfXpf9rN4T0Yq_LYNHLDl8^4ZKdXB%BcpoCk1I zYLls=YG#3shKjjuvJJKNny!O1|K`Ns8m^57ZY_#o%=H**oLHF*jZp>#0AEQZtHNq|r1C@b;?EDZvmjt9FvVciiK zdZ!Hy4c{Ocne4Rrhp^KvlVs;ZyD69FsI{p&fBev7vd?pKK1O`>WCa=&pGKXfLQNG{ z#S~U&=Rez0_lPP<1tWs7SO_FpA0>U zS?UlZ7v{`BR*gBWtqsUay8s{yr%2=na_+|-pt5>;VC@0P0suC~%-D92JJAi`h)&g8 zoB@A}1{o*1@u4j_gZ$s_BVZcjRM?qJX>w<)<3Bqjcp)VPlD#tURk8-cO5{43LjZ0? z@jV9TR@DZ0>vCs*1{r{K`Ke;wVSEu+_nQJkx25o)MG0!KX&VkeD^x5?Q6-(F8ZEM2B@V z15pBZw&qUmKC{+~GW48!_*qkQCB4V;t3OUgM#X7&!EaOfZ`A-To=#_Z8|I@Z?Yvjd zj266WdPm1&?cz10=gfA`c9|^%Qw!$c1^~`Kr-(1lOh6E{EHF>)lNvM1!=q z1;T;;LRm2?T(tcrpBY*`i&MZXU)Dpf1+o3d{x~k?f}m>QA?$}LaRzdS80XcT2aWk* zU6H4#!1jw#D95|56Si4$a)08^ zglx&^oLxeOme7FFqVevEpOoqIORY?S+HkAnLlaj|Ub{T?ci*7%ipt76tD@5M4wJ$H z=7R=)u6k5Y-Qn6BHEsJk==a-K>=%bDXW(*Ca=FuUbMHCEosqIk5ni@_qlW53N1-|y z)G+@|bzFor8~t${!@4I5^e`v^`>lww9Y1sPTQ>cLlD;$f3a8kmtz~RtE9By!zQAlx z!AkDJa^lFdtg`)Fi8qgMl(B-8cbNhM;9M-~jH^FC^pyJS@Kz>y3kOmda@|QT*sBMc z?#k^P@tdLWP>xa;-pPX+?LllIJ9)&5B;Wf+N~$2-KSlPCOxJ zf%ipWV>HA%R$Gxr-{2g#8FV!>jY?$Mdvva=%8#d4gvt@!`{9Ut$m5dQq_yUVy|ssv zmkkvH%TW(3;Kggh&gD%y5A>#m@^+s2t=6>aCN}U4sW_=IT4=*l#|RSFiU7G$Mvk>_ zubVoo89vx)r9vg=O1>Y}q0lLSi6ZG6$M|B=s;7Y)|M-)Q4D%_iv=YGtC{IOZ)v1g1-(RdTG)47R{DCUm-J3j~RekhFvJ|JM$T_L!?bv93hP*7e6#y$p?Oba*YMBKM-=-S~Hcc$$3vxOwo& zVf<9%P>jtiG-GEhLFMvmlM_zIiLWc|_QrRTa&nxcdgdTQPoDgL4>|&z>R#?x{gaQ}rTg2hrM)FyZYb}is#n;|6wd}7 z{a*@*YfKY7@pbv)d~d!O9$!#3i-R6rFwtl?pF#S*4zrLSt;_-gp#BZQNPe z+*mkhm;_gf>qSdeb0;1aCQ29&)^Ph3e_E+yS}}i7I-?AxfrP-l@&30grE<>XJ>sA@^ZC_me`}&iyRr=v87r< z#O3v6hjG7q6XtuX8hbjs6=KDFI~FPaLOu%ZR~{~Sb~aThcrJLQX7I<@Q6Vn*ZBM0+ zo;;Y07zMsH`e$0c1aUt=d^Gvrvj9_Bdj`9;3Hz3-U<%7=llfpbp{hZ8a2Go!g6iE> z%Z>2<>G!acG3ZlO)4c(s{m>NO{h^Hmr`f)O)}~7^TBs%)t$CQ-F@+nSSa zw5>>Fk?#!hJ|XdQsk!;8D#!-&baZ><$l#L8iHgZEd_fQjbn(22Z0;&B{1Kx*p39OH zoo5WJwaGxF9~LkS9Z}_Y!Bb?|x{l<&Hzg{ptXlO!5a_mkt{W$F`yPx_LCAv1kvgAk zwcKjalA6fo9T4?x6%wMk>YZhVG-0-S-I*EMp5 zwaf1b1x7>y!;M=Z0-y2+53h6a$%P%NPw{O$e#pwFYV z;1xOg{&z(`XHt*1@D2@h{t&#fzOvg^+wgHzai##wkRrrL$H~!szZq13D{S| zyYI*UDO!kxwikdTUEK;9u%M$qX`Yx!#ZIMmGY^elK+lOsj>vZ#8>V9R;ox%cd&*_@e~4Z;+X;i+>&%M9QMzpbE|52HO!)Ees`b^0aG0(cs8 z13xdl8>oUW^r@hWI}~65jJbWfj^)>6%|BPjp%K13#I`wIq}mht*{mPayceY4*Y1AL zcg*nOz|PmuQMF!1*FpQ43?~N)i1fEWbp-qCFyz##Et+%#hX0_fz)-2-llzI)rFdQX zqt8T9BI~<|@_V4lhu6VRYwa{<*W6HQNKibMrDt`y{%R6O3IVnF`6G8@n zi#Zp>eC6-;Z!D<9ujowJ9ly4`b8&aIhOgIRe&9?q;e54MLUeY2qmUn851}mYXQ|<@ zaHkFYnj9-x_GLnJ7FcUU-!B|oWN!X4|DrYYNa?=D#{w^>+>EkI1|5d10^l74*m|iz zmz^|L88G_BUWBIT9vP)L#sBPI-2OYdaZn|oqicBQ%f{q~9h2gXV1BtM^uIN>#Ti`u zJo6?5IuL~Ub&Zd6ujDdUv(0tdL9Cx{ML0f_no?9W2~kNG&fBTw}yM zyRFES0W&lQL0W}U*Q3Ar7og29LgESjGi^_}pTC+=kXX2qzu>9ijM~l0*_qHP!Qkz# zuJ9$Td}+a!j9*if266d5HHb`+r1P=oe_t)&HY213%Oew`Z9WIK1AiH29cbp-`kJ~P z)Mgb6^?v!>hM2&BH(~S+8cdHlmClE_^_`9?UeD|HIeBf@es>bw2qG-CX=_v&`~1AH zRJJ$j$1xG-)M#ll=-O-J(3D^H-p6%q#)x^rd*bRuUp^FaG}S?bk<42o^O6kco;=9^ z)I;M#_j|Js89kPasa5JXvGt zHptm&=w&n8ox^v6Q=X&K$Vt7UqJMDrQJ?S5T=zoAVfMizI;qY{W zT8LO75cl!<1CYx6Qy2M@ARTDi^UfErHrk5O0}kt<1k2{OLU4BF21YJc#a4p|UB6g- zrT``mkKAK#>K#}o)V>s=y6?9VtntvVQHZ#`vopFNzc;m+9%~mqRv#55$IJ|gBpbx` zkP_H7xt1;nYb(cz)jRRwZ;bcfUD=3DD3hF+&U~)7KCW@gsR@5&Lx1|Xz|XpT9yPfB zOlRg*8=;DH7~Z*QzP~6(w54PU&hi4&lRpEo+6J&XuWF6#&9-jJad5kog6`V(2NvIH za1UJ7cfTWj$4}z6(WZ6n2I1enJu9IpP#{BPp!xwj?g>um{wFKa~myh>ImIp6a+?b^docX4uk#2xk10M!al!rIS%be33oDGG|kLf|&-eBMV_z_7zez+;0rw_dNqt9id z-=ROR^InkdRLm5Czj!VuAKdqS zBXqu`=IDB(EGAdv!2~0Bn#!22d~}x29NJ+FgQyOs=NtL(j60mWWGZDASL`?w%oiWc zvGHYoelyv4J6ZUY&~EACiay^I48#lJkHDXuUUDIW#QjMXly!{uV@WKYt4bGl+mx9v zr>#2;uyZo^e@T?;`&Ebj^UxHiVip|6Q@#T81qlU`x7YiaE?zW>QP+0LopU$OUGR2; z;|MD3aS+1$;STU;HBwuG%*@i~hm-&)j=9q(@tHagcACsC?p^fVU9v`30JZAww8T}6 z&xh7<3{57<68V{B3fUMxq10JOc9NkttC6g)h=4lYUto1GcIpoOBnsqWg{D z;8)%h1pE##0RlYDPe%+23IfCE^vwg!r_r4m>6mkDzhZ@sBIw`TzJ1$dtPTUcxCMIM z8|cAVSXtE#Y~d`=?{!v?AAOWO4_>$e-c9!khTng~my}#^1x&{yE?l@w2VsY_r@xw9 zKS_$AbSITHG@3vMsIL!{k|~K&OOd7k%wL$eyUVm3)cXDW_DW`FHmANfxC8RE zi7Axv9_!tc7IqP!KlksOThQGwD#Y-8IGBKFVI?~OaToNn(jN;2B2(|Zf1$0UbkTnK z;kw_dw50UEUo{gAE;0<1mRi`@gniIX{Zf~?Iu8b`!I1kmA<%Lfo;cBH_npuC@uOU7fI^)4G3omB)4-7TrWe_aAuy$3fG*sN3fY(;f+ zEH0J+u94Lo>|X`fX09@L8@DxzLyvqxj$(<}rTPki|BA2;1X0 zX%P=A;`Ws1a$g?v7`T?-E2;oZYS+GVDynU#WV(CyBz_qLMuWhGba2t<8TK*y6_a{C zIiq^Z3%b*R$TKu~DmhMYn`5(JUR!=GPZ@V9I>BS~R<>#D^e?82G4S`{KZ|e1;7?K@ zuB_#eMH5w&G)f{Ah^lBw)VYAN-CZAOEcixdS<5UmIRJ)x{xvzE1q{vIIe9CA4+L|O{j zbjJMD3lX%}NQMY*^t(E4=Fz<)Dv7TF(^aOeV*enm?@B{Y^5+}pJqL@j5^DNw&;8hh zqLQ(x#2?0KWTCOX?#HaQ?I0$=`8xkF?EUX4!9Qn05J6UIAjX)|n#f2(Oe^5Ic$PfV z^rit($@`Si2iD-1?x)^l28_<0Kf$TMx)Txqd_Q2AB_TR3?XI@Aw(x>gL>MlrrdqOI zs3)qL`cxW(&u#D_f47GN^x@i3ap!lvu+kiQWxif>SYtlyaLqQenKK&US~E6b9bDho z|Al{V<}C=ap#LKhUS#xNYU*$X77n&xG4GjR_wlhL_^it|zOjoa=sUYMQC(;DUh*Q> z6A&yMVM-U0mImcr+&ap^B)!j=Y|EtpSx{kXUm9VRg$(LH)K<}qQj54&nFcWn-_aDx1LzOBtEnA1yR*7G+%%9KsTFPfUZMPk0l~eD)vo04bU= zyKlbRTdMMk7xpR|vtA6UZwkjX_UbnB0=K1joch%q@oU?S+(Kwu0koa_+?>*+*}CXV7sT(s#2l>Y(suu%X=-roUcf`94_Lq*9L}!aRa*F-GBG0 zg1q({Nn&56xqM4a=Av?jg_?TV>pLu_>O7)p1V9aNxAkAKgF-F`; zzq_2Yk0dZL8oY{s);Ts|8=Q|Sz;Ojxg@Otf|F4O@Mz4hM`1$Zjc9yz%t#bJJ`1;5= z0L5xW3aEdFVrszDmaRd#R}Ut}A;Xohxm>Bgq2Rez07;O+UZlfhGG7!Fqg}Gqj{Lel z`5zM3JPyp~*K2?kvq_}%SDTd@eiA#IYs~SdJB=M5c`tVK12jkjE(wC^nUnw2UZ5?5 zP`Q}_fGz@QpptJS>tMe;qZeG13`uaWr0QOvLbV%F@3sForfRB?T!!`8N2`V0s)7SP zY}PjoN?(Z_Y4Y33L{#@+`m@+(Dw}2#`aEZ!8F@WI`IN6)SlZU%*|}Ilt}b}VmhSWg z=ub@2;q`-2iizV?`}+f_BUd%%>Z=PLtSxUANE>n(a@uq!0I8IDA0d7NQn_VxsQ-6H zwuLJSfUM6(mV2UDq9cLnHltr8cuj&JT{(?;%rm6G_qwK@tpe#1sg8B$s)@3#o3mH! zy>GKnAm-$xZ{N6&hwX&NJ@?yebb8g;uaedIzDxvPV4>`so2MqlGZcfv&P2rkA*N>% zw*UnHNBXWNq-jOUGabdc&q!tkU+{Ud1Y80~mES$i?@aa$Jl|uiNHEcpmjbrWbmbhl z{|XpI8x|b0zL(f{32WE%Kf82{w`awK`r}GFIxTRZ_=PPk;QC#Kt#lIG{DqE}eKrBF zUBP5wCu2m0R5ns=jxTHtge-+UOGwCh{;#1UO@{#O%B1FAKS588_!py7o%;x1pQWKC zV08(zek(nU4(pMU4s*B6Z)&#+A>T5UQKA@)MLF9FfcZ2s|5*HO?>zpO``0(Nd}_W} z1@4y*v#@g3?>k8E$zGD>x?pO0QC|M<5G64WHIMd=oSpEh4wq})a@vxJeL&#$L3hzf znW8$`gVC~gV5n#HA+HNBX7#DF)*aZZ^RP3DFL{qK-E>13RuPKk1?vh6@l^fohU`Pe zRJR!D{<`yu>BiZxQ+Ieu%z59ar9@pFJMe7$N#|y3dnG?^zaXo#_}Ck#_=$~Tzi0Z= zgK|yH3t|E^wYA%kL}gYs(dV?M6-mu7v#N6u9Lzs{7|Kskx1F3BP`0<=5qq0faLe^0{R>(^B-W;PMMK~QCD;$*uGDEVn!%6mb zQZh@K*?X@jd;PBa^z=OCd7j_*^UwF6??35q?)$#3_jtYcbsLG=tGVXr2cOlymOXGX z`a>-16M+TW1)OT}J-%{LSL>0M<+sNlA{cd^*}0W56S$F3Aj`5X_3f(;5k#*}wmdrU zZ1B-tUY1EB^KR~HAGw-Wsos$&nn$GO`gv*9{TnJG!)+l9Qazt~m)zxx*7OgzgVYIjrA)V!b=MH*Kc@8d%v*{1u+vNet($?w%yMGW@mX*UVsyI(-YqU?- zyxWUrWS%54|Hjr09m$gZo!j!bB4qE`p7K|w2^QO$@~SYnn9NO}+9(1TcKkA8#0hZC zcRjI_;~?=4!ETc5Y)%N|Pc`slo#hKpD|p|Os&lXXRQ*jc6I$eqWKGAGQFXDNms8AE zrnzOZ74DN)DRF7s+IMYoSPw1ha1)k0#X}1)$4lBq@i)HUNrlOR30A*0>RJ-#-}E3T zn+a#YN(Y~#(=9%Xl{*~p@%bcfxqW4;>z=MIP58HrC*ckD&rN%e`&PSAR zXt4A?Gg*QY^sK`u_j_l_f0H@92qMFAlLPhRF|HMb;aCeHgY;mA(bN?oEN3T%Z;V9v zBnHEGSjtfmM+758z;94-_VNO1^T|Z~3pExgr{`y*wv8M^x6(z++&_xP$hf9@1&A5* z5JbzJg)1B)XeS~rRp-7AizWl2QR(+IpF5N9P%RsOOj$HK10VkJW3+>yFTIfcJ9pA1~R9|p1vKCQ(EB+V-HT3 z*E`VX_Mo&4Yl?;J%;r@I!3&9}ncDXwa}{%ozIKl`yvQz1JnP46Z% zcsx(a!{h3^mlwgZjEDgNUue+WOaW_svZ4OupM(@Qu&R5`q-$aN#b^+#z@0Yf5)qXB zGPFr9t#^Iyl$lM>D37MOe6Q>7R@M_;=W>aK?cCDWIpSx0-4^8e(yyK%q{veNqRHi+ z?h5Lo(e|c_$^RmvA}~qvuBL!)w6c+rTP;cFdH-fQjj+a)qh@-~6bnj6p2-Ju7fxTX zIz@PkhIKffGBL}X4X9~=sLq++kqFv=RW5FqPpknT>HUZkr?k(wS%|du*784J&=PbA zt5VW3`NPbvJ?Nw^SBbf(WKnGCDFQ+SH@I7Qlulk9pf24#VWxlHb@&KDQQ+K+>yomU zl5Go0VbcRucUL8$uPRNjI8A^*r1EQ29P*2f|6x_q@$^93?~)hWj<-^auw!Ir!9BBL zZ$GRdBre_QbTSP5CzVgqDHjGdH&>LnBuy5d*qobN62H#fotb=iyy+WvGcFwVR(f2X zkOKJ%kkHFZX#(VjkS1d-{QpAAIl|F}(Uq;m-08~>gWl?c?o*i#6=l4tWHujDc_o}y zh`Xf~Xo3#GW`OdfIn~GSQ2;kiDba-UpIZ)%lFczk_(S4>}Ax0&dxF&N}q6W2>y5t20Y~86bP%2{8SCf*^`va?^p&+%GR3B3L5+>f9|^ zWz9JWXdW}xl=+Wm0mp-AjpbE@x6<7BbmNgM`x}v6!Fk0AwL3{qqiIz;lY}HPULxL~ z5OiC;z{3o-hkOaxs3)mlu1N{@uF9Qx_+R#n!KIrk*^GTmL4i(GZ4p`d5hm}imzF}3!}uSPgG<6}-P5GKmG$bu`^z_P-3ZOk7iw($AR-Qn z#`^*}xRiflrF--O9L$J?4CvGtkVIRU4Pz zH$o6XJY7+8K~gd;B}D6xih*748HABS;&2Ptmwf+tl~%x=<+H4z#u!W>H{k({_B#U! zGdr|C86a>wJ#HB}&oRwB@ku8#NGXsKMZz8a2Z#k;vjDFzyekihhZ?wsf8u)nS@1h% z5<)8Q_~rY5@8HM(LN9?QD?v~G3hYF*%=Y3_18Ss18g&OaOdAHzKtCwQi`w7+FmeDb zerBjm3{b)<3tW@duTIAaOcaNo>{W0{0>uHXAPgrqWB^ouLZUi0TSKREev%WUkeTkmWvM;Q)wb#V=COjh;A4V6yK z>1u0R&Fnnp5}wsHGU86G*(MY6>f$fkUTn2Z+uL5;4y!ElC;;6^EUF$J9)|C&Db@ks z%QB2Ca-L$E1I=wTdZ7KJb6q=NA>4Iw^B6vzQpE<^?Xb4D&zL09U#O16tR|g4j%s<9 zh~X=?%fZ<1Zmq6F`fg2CpQeK&rc1Ry1=+p}xkiQDd_DKkM3^Aj*;9`5Bjn6ox6CB{ zUB+;7ut(d2Aq-V;H4VAZ5%;5PdYZDLfy%+djz%URPT^Na?mWK-;hI1d~kCE#3TAL3O^qFZ!)i1C_&AqC*IHHX{f_Qn3c2d8) zLwvDRIt6}xK3#~)f`R0XkjI14Zg4ace0x5|1n*J#y@OPf?SO_8pP_6(<04f`ZQL4Y z`Gx~rzgxVxc9`1V`ZfBGT(cUvy%|2ssHMH`^-D}DnM-$7R|k|mHE-QD&@iYyM9)ftxGURmx& z`_wC)V)|B)xLL?3j{KyJOIs>#PprRjxaj)o=CqOwJ0yxIaPo7I`l`rIeaW7=&vwPb zEl--=#q3Lf>`NVDtVj z2c(JB$n_~3pg`VZibs`Rzc=X4#K;pdgpK$!TPQws_SB~4E7Ts_uP>=-Uy{Dkh^9*` z=M(61-zsN69AjKBkxqr=JSBYLkAPcA)d}F`CaX;K^!64Ld+#E&*2qSM&Ubd7-b@g! zN_<((GO(_&U=m1=%<{CbD0=zIZOaw3RJmFrP~SQ(rvF>2(B>~4oSNkgwL ztf_uyPIVtq${B9DfegE~o5dVMUu97hd`02mnwOhVrIiko|Fc_1jVg;6Oq}`oI-Lwk zdT*{j@v4Rs5fSz3Jalp#>|cu4U+$vXt$Zi+WS#My7qe~a^Uf(+!419jz446wKBH@u z@#x3s;k0~7!5&}wooZo#VsSn6HToc97Oh$E(FJ^NiyXW7s}2BrFhp$4F)YN@!({Ds8W zZasC?p!-M=Gw<$XNzI&D_Gc!;3*f}CT=tMKH5w$RmzzNj1vjelQpNqNRZ4vA7(SupYuLGz zHQ?mdzc*4a*i0)p9B{0GJ>;XyR;%!=ng$3ULh4BnbYPME{B{A zGEmFMsC7PVI*)c7cth*p^vAG}-KiysM}tqInoeLFo>Mb%#;ES+@1#5&VPpmBh~e5O zC4|9Q#1hj^0~;vx?w#TR@bRH*0Fb&6+B}PFz9AktZ7iK~ZMxNriy)dAZqVIvL-K*C znb|dF1=~LWFi9nbVfY5aFt7Jw^G5+AYZ*BzK8#k~;~N0+#myIP$X!SW>C@kvn&nUF zbSB(b0HML&jG#PjVrj3h$`b~!ki_k1LTN|OhnWY`jySa6ts{sY(z1EtlB@oDuY+%@ z(Wu5SAhTHIy%(#uzxB#IsZ3OP#VvH^F}?exS86Q#z^SELVnS@aJzW*6zF+-vbHX5d z3-;WYAl%1kobhE8WEwbEo+(u&G&MC{JR)ra1sy?=BkF@jWj@0;XM6wChle#70(Zy!C~^u9aOF$_-E&@;tNcXxDm zual*IKd0nv>3x+5KD+(7J4^dkSB}Zb2d{ne#m%kmGb`pgo;OmvUtkRqUFXE!9WVWE zpR!~iT{CizkO!@SIHx}NO@Td{n>l73Xd zo$+AF)TAWYZS;7>ct=h4d3dSS<28ih5zpE6(GL-`t@K#8V&L}`Y>%zZ0{?07N>?=S z1C7$}_8-Xi4to#?!{Gi=nhiF#r4yT%3uFN#v8qBIXRRhMr;@8Nec;$WgyS?7NXPw# zv|o532f?mEvD9Yn8g3lK^$Oqu7SRDYHLhWlw(!}yFmPe;Ei%OeE|a(lt_9P416(+f z%6-=q=3R{3UQcoPewCQBk95$@C)- zKtrBChzyi|2M%N<#sC;$XsH`Y_h6u`GzOOXKY^l^4KD2=Vm6U?cod)CumY!(MSHKc z@XO=s^f3Q_e)#7f?zt_rmlSfJ+`BŷfMgH&%HNUvg?z^|bw2&6_X0%c#>JZ$xC zg{1VBI$cd<{IMXY6B671);)$$v!Utd9>7(1$?b z#IP3NvG3XdPd4B&$iBVJ0@rCS9CJO$ARQHELxs{CKf~{ikCFY6z4N z$9H~IktA(8!L4TqUB#hPN>+R_{J=KqAp)h-(m;7PW2h#=BNm|uDqhRV|IbHjV3Uua z=x`6j3?MR(&$k1Cpv&D0aexdH9Uryn0jqw|0SuT3DrIaZC56b#5709IX>8*Q@H_W2 z|B<_tr2;%-ri8ec2speqU!iBHftz@$sr^t7NKafZ!|VYYiv$OUL|-$NgFJ2!tP>)l zP{JlpA-N%hJqDM!<0IZ*S*Q$>PIVj*_crtZhZDWsnqHEW#5KINyIUg8`zsxEU}E8UJU)5c&j@JvYvE(|gx( zW+tPw@|oL((taumT{1ks(+_Uywbtyh^H%;2+Ee+=z`+bF_f zjvxdC2koYfYjMLKx-KJvt>HI)M(Ad+LowRwOh(2o%WvVjY5EX@Hi7VdTndZkJ2Sk3 zax*a#1u~SM+;H-MXeH1!ocT%gCv1tIS_IYhHq5ro`=}km(`o5XmCN{!GEqJEDM_|3 zBZk()S_VuoiUWHNsy9oSU0wsDxzS=<4ZOdjGod<-ve>Y$61Av|Z^}qhfS|`E)KT?W zH}8$%h_>S8x%c&@-*tj{|H!HH2P^v1kVrz1-eKz~1|+2{S*_zhrQa%Bww%DIFWrl? za{snM(G;Otnsv|10;~v1>dLsro7decZy3k?o+Xc#LM#0W<&3mWFNNBGJX0#=(-C7p z)%xNGwFed&#~!MQ>um4g*Wil^`0jGr^s>c7ov!;HIUvFSO8t4FM@{nfHoU2^^KO1z zQQ+D5Bju z#cB4Z$vI&8N_AM{G1(J!W@&TZ(QlgtsvIMd?IqDWh~AQY{*fX-KfSc+(TB&M)c=SM zmLX`o@ITQ)gHJF#A=p#FHG9BBk$z8Trbv2(Yat#XJ@Wp3_vAQvXn3}T>IG(cJOchG z$-jnxRnvPCeGhQ-bor$x2V}UIG?f}07d#;qmf)!1`Y?Sjeq3u)zs>&1{9xOW#>U7t z@>}ZA9VKnAw*Kq|fbbRApJU=sezmMBS?EtkMIRI-f4%*%6+yvatnt#2ZbeaH4zF<= zcYER0n{5MTgoqP9p=Xanm1B?^>@I52Bceunyo~364&Kr9&PUx%vt4Kj@DVinCTyevFkfMe2q55#Ko(IK0eU=} z-vJM6bSCeAp=yysxl!#li&n+r4oQj1jrY-o+j>1!X;|{$DoxVKlYI-3Xup0)O*cSp zwfU$9`YRPlDPupQs`GuYYK~r6%3p~Ih^|Se%souXV#?!idQV`%hBm=BaooTn6-=Pj z3iO8gUzQ>IR?YcF$B3ayYGN+IXObaC#5o;3G+8nj&IhllbP6)BKsVm2*(R9{G2sqs-38$jD4=mJt9Ba%{NI^lAVI4x zqH65{Y3$MiH#ejBy%bS*Iok{>bWANa?=PQ6p#awKHa7B!`e>0Fp;z+NJIWk785QNT%5PSjBRH;0 z@MUTL>(PawRVKu&SBT7BDZhESJ})2N@mKz!hwKo+4^J6WGsQi;;|=`L=)<4#RYJrgffdKBV1s5UfHUFUiXY6x{He!!_}{avjALl{V`sgPNZ%`7Sn z$~B$D5cfRy4Yf*jAiN*(f*sCK{aiG3?MhEi+gLBNcNDU z03HUs38=KPTTd+a5vEyV;DwEY&ljc zg?mc{ail%4<^L#wbIQonI311FGBGYz1T>(N z6MkY3d@DrX1=0gaojhGxB81)1Xws72-rm&QDs$84u|+kX6C+~nZFpMn^;)ZZSuMAc z4zWL!Ei4iWONwqvmUI|_rU1fwa-ZFhF^D5?w-JB|Q{;!5wV;aD(??{#YB5B6iq9cD z`o4jd3!}Ph(Oa2G+1UkpWHlSC!*qTnYmD6qH~B8kGARnzlb2lOos?y@hs_GY$BAHV z{rx!$y&xaoRx42CrRHx@>C0!|aqKB@5(4WF|3~iRB+aJ~o{kV+{iQKoOFN@z((3ON zEiZ?0Ry~LZI1?DT^mck7`o2IIPYZdI!&0n6BSQVIY&y&nnYNd8m%qr2kB0Q7<<{r> zezLM;rGV*B?y#peXbEawEpZFoI=~!$>Q9HkRcihS&%89B-0JT`B{{5I@~j$u^%jG? z^_rsT9&UCe1}AtU=Z2ge?Zj@2z(h%>*`i7FJEECgvMlG6sHu=WUszc*KuRIydO=4a zQ1Z5`V_d&VEKs`|(n}8zywhzp>~96o$j#LmWNW#R!=Rv3rSrS+yHlE{*wk#F6j{T$ zTa{-2UTAdToCqICIB{*Ay|Q1oj|MRC%L3h{3`UPb5(y_7J|HW7YW*N3XGkDg!1={TCBbc_5Xj!LBU&Ln5m)mto9>qxU#M9SCZ3ZUqWilmok|Y81S^ z15znaVd)@DLI|NcoIEx7l!N<}`fY~usp_DMtC;7S@L7O&!(gBnF5?m-avfYA`IveA z;4*-%htrAsyj1boZsBTN`>0TKcyg_Is^Mz@75$tx1esP)S7p^+%iP4<1}>{{jayBJwCLr@?gLzc(1w{>o2@&- z9&KG2p|;Rp?zv1;D-a^h0$I*^s7Iqd-edp*&IAh`p5H+na$KyQV=iF7Za%4K_u-EA zoazD{e8a}_?HAtR{>P`&eJPyFyw&fauPIV^($q%LBrHy>Om$K{N61C`M^JE*8dQ5G z-x=(IjM9qJl8MAWS3zN9wZD9!$E{E^IN?@k`2)k73)3A~ftJ>Ym3;ZEQ~F#}`jO3` zIqfW-1J6K2Yy;y}@Ps^Yy#?#@2kZ=FCnaFO!Ii)ULDkQ9)WcKo)+7IsW&<1`3@811 zG*{(uDFjRnFAvGM6*M(kF+<5iD?Jmcf36n@*j|!I-;1D!;Pz+e!0kb5?ccL_|MzbH zHA}WM+w6p4VwB!-fi}uTA#=88^q~Q5@(d!kF!%3zq_@@+;wjTZ3tCPK<{EE+PqIP; zK8sw`qwBj+I&PgCv--D4ZD=N8UmJ8eN}h3A%8g1$U^eUWU6fF;dDEdIWNr0Y;F~aB zfI!pnj-37M^?u0Bw`Rw+4*Z8<9S*`b?)R)#IFJ>;IDNaZe_6<>iFga2?;l3`tsygZ zHa?4(Mp~A+X1&c$lLG39I}MD};50|}&n(a{{s2w~Hdn$DMK8ACs;}|#8R*2hVR;8{ zSK|1Pqb>zti0^VPuGI$_M)TnAM}ep&=x-swlk-Ro~)f zO@P(HomeOSCL*iVCE49vuho*J_$?j*(#9cQt7N_A6eu~5TZhG>nIfmUmbw_Rrhk}x zl(v1gq;Uw6kQOi@AY}Gzc>vg>lNEg%v_cP;P26cb=You6%1wi5r{i93iesvYybNlNh z-jXk<1)x}{c2412F|jImcp4>hLAy4Gu$Xh04-E7w>b*Y}W*?>Qe+;@BXAO29;m0tz z3U-clVk7(OrT|J`<65I$MLw8B*9%V^J-o7cI$FG1lN55bcDV9<>aTb#KdBPBAsZH# z<3#D2Gp~ew#-~UmSEG|>0p0n}GDwR*L{pGJ`h}*U0l0Oa{ebV^zo()C9lCuMAJkDb zwH7$|aN)&6+-!JcO0;=|dUa*cgW7uN^@Sei@zhG&HHmyMH&cq=vpUdbAMuS{_E!r>S3Yxvn)J_wA#il(3m$uDqr z9?Gtr`%@;wP5aK)c%dWE&0s`m;xN6YGYSs{+Bq?>QwoVUXydVpKN%m0hkP`K#_v#1#_RA`)Vi_#vU@$D_ zjzb1x=EYp^{g2s`jY$NG-rbDiKBmkb$?K1@tyu=&M5;d;f;`g}T6gp=+{3y1yhC{M z1Sjenr|{M4)32+uH1;;Yv{d&OUb6Hj;epo^uQ^@`f*PPVeh!oIfEY6EU0vNTtSHsO zDdR-0e~~S-`)n-%Mz`oMEBY?ojk#tsI8K>=Wh%^v%{cWDX^H$BS<7M9MTxiL`9PrR z-%vx7GvT9@NKVdC7$mGTe%H89PfUod-&`8dO(fD&YI-qqtuS$B`C>&#+*9D^z1&^f zZcXHGuRkuFCW;?c*a0?tqWfckV+vsJ<+RchzaUXGDIi)$8`fA{B|V6lz1881fZ4i1 z;_4DOV?zIJj&U4N3GarppluYvlZ5`VC}Y9x6_OB6oe^6k62z#RPGmNvA9dQaea?)$ z@#Tl@LVFq41sH=i!fN^=9AAi1hGek+5#J6}B3arifW{U6gaa1hlgCTh-ELJ?uMV3? zmWLA|wssdr;AOrO4+^cp!N)%wPgbm~nNmjP7~x!O-+1Act=^Ihd1qYIM=a=v07Dv0 zr7uZMq`V8q$G^)2h%zh%h)7!Z?VVc4f7M_9N6*C0MM&x}azJ?RX(J}hz|W!L1pmKO z{3ETl@7Lme@0GR`~5nb}2&Id2R2^<=2A85aS~IO$LktP*4}~qmR067rQe|C)aCp9Tu&#m*q$)! zWD0Igs$FktNIv|r*U!fKsL`1?AL}bBIt|E%I!gZp&+o>^z%$il$;vDS;6=8BQ>$ra z@bP_%?Rf^PGSGNx4g%V(rAJF$s&? ze5deme7jgZMq(h6bp)|Rx>#wKu%^bbG{HXHWHH15(I`)0*jgb_>b0lW&~1Oq%86PZ zN#BLc#}bf9Dggw_BiQeT{;bx+=c$p z2yX&zLPWBatRWb1l)NkS8H~7Y@7i91_-*H>cf1O8nlFuSjeej9^>BMvh8D<|D}`DD zRt2mHxIn{0%(0fQe`AL&*}qIuUJ=s4y~L<3>^zt7ajzL8UR_5!3>Y~~OCtb+UnD*T zO}!bPMZQcnNN{(J?dVvoj+i48vt;$SkDxzP<2(pTq3*8$d7I43u&wvz&6P?XTNxx8Q-h2CjVsg^`m2YRZo`bMijK-0N z6wLB56Q@Jk%}Wu4o?Y*u+e`Be0{719Je~tHGCSb8{ED^R{3vH8Co{jo3 z7p^~=5ZSn03#MBopZutyLE^j(;~m#s8gC2Xtlm!Nq-r6v_GP~e8G0#T7$)AN=cncX zmf1u`y!i`e2uDdEw*rjMDSPY1BBX5NS`sf%@k34S{CBUP0(U*+_YC%#t$WJJ^u@yX zBz~cPww3=Qu8$(VHDJlX*F7J4{_WAG578}!)|y;1Aix+^!NXdf*|3XVEYK{Cms%n> z)9&oO=L}~#GoD`|*aA9yJ_2tGh4#(-=mT(Q+e?<{CzmmTgv=fz0usobLWIZOnV9pA zrGj1aPZfQZ)?X=WX@%%DsTkK!IU46w)d!N}5pA7NzhU*=tOIICyv5|GzA#C6M?Ny#(K~eXTksRQY{cI@rhU$d( zxC$Tv$0Iw=(a#`uy%91A^N%A}syC?@;Pr0bvSpO}J-*%_>;AAD8SF%f_ajXxGo1`2 z%Zi&{M}Q#|0vphl@-+vjnyp!LZ9b^$MRF=X_`BK2-RS4s=K2%!hnlJ%X1ExP4A>&? zsTM6|(|;5+lOhr&BP?EcMcGN6;R}xylbck3iSmr;fHaIXl*sSFQkB5NTUUwvqvbA zujNKYlKEOq9LdUcdW~v&I>`%p+~yUsC=^P!JR}hB&i3;q1-F`4dzx7`tj2&RvdhEQ zMV~fN%Ci1vvKe{z$C&4tD^0*NK}{Kai_^vm+I{gJPnB9*F|5a~zEsp3?{|K1q4**x zzE}I4Qc`l7xg_@M4TpQ8Z)~xaXB3I%$Ay$)bwE>;1JH5Dxs$7=!1&q}iGTYmVR?~4 zyP`C~Vm-Lf&E-A9;jD}n*7)4x0W&%ovbkcG@MzJ60{5=*c7cS8rtoJHqMQB*d}(D^ z#qT{`QN-Lp=v;euqF^1-W&(mQ5VG^Sz{yip47A^c)UX~~aQ!b~fcagjDE(4pBX@XI zeR&dlZDoGTe2tbuWP7BND3@@9@BZ-ejC^0g?32 znZkc|HNoj0l>`P3n5~Je=_>^044{<<2hAMJ&g<15iv(U@)29`xK0B+c_|@2w{86;F zIDP^3V!gE17rY{ihix2X7?FA8@7@~(wEWt19U(}^AfW+SL1Sq76LE{K_bbM&R&N65 zjh!jpJe{7dg-luTW^&M}3$mmNm6mlbNG?eJ5obSj^s+S@In9xk?d=^VODjA(UK^cWTo8Wsk(QSW)!!6(w=qEWCKXOBVMS_Q8(3JG*ZJso~VH>edZ^ zntv6Il6Y;@0Ziy5a8YAyn;Ql}YJBA~iwV(R8#V?*rfN(gsTaE~&S`LkFwcK6<-tc_ zU~h38pZdEhBIdL$8;WF`0?6X@SR)}i{WMxwsH@eR%mkv`5Axk1*kcj?JO6}yA**I) zyd5Y6lrYPlt^q?O59eMBc#cQ*oqe4iF`G+HPz5GCF$b{a2cRJDnuY9PW?=+eyx_Zueg9kRxnCYqXt}8@9+q6j<5JknXtirrmxD* z1F5;DiTHbPi9+euDOT3AmO?*!0m5|tWug^qv6Amo*Jqw)%O0+yAMYa)OFgUgDNr7G zJWm9U$L0=!)usw?`@*TfNZC*0Br8Qg>nOcEyOskpFRgPh(`xg8j-Q!!SS+V=k=9@JIo6&`*{Xp1HKn4`)eD(t+xNY!_ z!-_w|49MEz-!rkDFWpcB=$?7&=;iI7a(K-z7#Y1Y5$Uk>0AchYLhkUF#)&bdyJ;N5 z5`e0$MNf%rOaSMalaAqS1th#1a#rowl$HLifpqw4{wB5c$9KGXQ&vACPGpH}X@MHE z5nK0bU{qLYW~CUUlD-TC;s>&aLDL<52<#uJIbFJq&Vb`!`k8ZLTenQEN=>0k?;hTu z<1LhOQbD#Evt^ONT0BYF#kIX})(x`q@C4waAZvhC-1cf9Z2>l2s5|=eU-{ftl1w-A zon`+L0h4Zx=$6peptmI^P~|7Nt6=vLiwjJV92i+B6`XM5w`sOvIX{qYBgY1CN+|wx z`UH4v_nwBKmiuo*W2t*|4ULVsaW&Qp4Z8bS-&YkCX0;=EE@-r>kx}$o9Tsl8+WMihzvk*asLWy_f5k_8aacBIHMdudKCdT-ACO*BiKG1T%jj3!vE@!H=(U21TxLogV= z(S(<*M{ZGmO#z%>srdL@?@yEWgA+&$hFO2cFKR1;w9wSlG_|U#YDvvoaOIT21-9tJ zr>6a=nD5x7*tCX|GIRuvZnB07_)W9&$;eoel9HaGAyv`Q(Xl*4$Kawk7?FG7B)q;I9zAtu;j&!S_B3`7X zMuhMpPYh4to}IYlkkTPiq^h8oUFeoMfT;4LXMt2P1jd^RTKyxneY63Xr&gwFA34q& z*~DfeRE)yVA&FoF0^_`Jcvp2tjnd**_UVL%jo+W`VYLIOi9bbV~^Y&KgJ zUbq>W<#RAgODnkw>oX@g5p~G9+|Wwm>t|zPTIfChK(CbnPM;_v$9v@I4Yugs&uJ`X zCpUxP`#i59PY&k|3uEgB^-=*2;Ta2ouS1a(a7BZ`#>~yE-jIWEfTnj37%06^N*gJzz8xnShMS zAPw=uKF-G z>0JA43T)m{piv&#Z-EOlM^wE!us!bUyKFzl{n6@u$j~y|W|#DS+#BNl0L(6c%(Zn4 z=?|!!rvCIccWn(V;jxnXhnQIN%G6N!akDiQR*I+EnV~7f9v0B|vWdzo(yFQq%FAno z>{pb*8?4Xp@bH8sD?EHJmH%mW>%P1PA48}wg z?&Xi(+J&2IYc56Z!};wm8;ay_2BJJ((YH!!gvQ8Y@nGP0nBLoYJifY^Fp816YGb zZ}HaqB2d;c13f(s?%7l0$rJVy%Bwsiv@|NLA#M(v8_QNR0IOO3updv{bg~Z{xp%bT z=%A#+1H-2(Ha2O+5rLu2a!+2+Kx<9Htr!(IeiW80BQ87k;x+?}_&bTzW=FwFR;y1> zC;Phhx<%RM1AFtTBLVAB`PA2|6$ER*h%vHLY<|q0owdu#&W^6)M|YnE`{Fa03GaFxZTfEQ@RB;)Md(V`NZH0L?rPpgc;=wrTpx z;p0Qi{$S}&eyzR}_AB)=G9z~PZHz3qYBn0z|78uVNwos2Ghm!wGU{u0NDY=r?IbTh zS3gQNgUGt_4XZZIvy~ASPkeuF5?2U4l|-f}iu|KNLtG z2M)BzUFZex_m0+>w?I_~w#{ zyBBrY0j?yGfmBg5KQg(obE|Vptfg#+JZox z-#I-vl#=5z=x~XlLqXPT_$qxgr3w~eNF3YOciDY5^?ty411T;A=qQ`ZSD;?mV47zI z(^b0W?c2g{a}(RbulAIAJTYs|aQw?d#*5_|NoKs+?A*rk7;4=8$F$UVHvjCFNm*!BR|4RUkNhL-^~sAw)d_=vfNIEYs5H`S*dg4HEYe zC#Fd`S%;+nJWj3N57+?>r4z4w3QX~gK1w{TM2$wHo5DDh#&hEzjwf?lL|bKQ-+dE$ zm^YOW`VJ@r)sCP^N=lkK>El6WoID!za;jcQ-YR1r&#cuy4^FxR-rOS`XcA~x+pS{j zK2EO@ecOQcL{^XxSP&2FG7NhfYsNLSH))iXTDpHz0KENorPHfgz}NGR|ITtrO(@A& zYnboOXid{>cUOE-<@9;r-|dV~kvFX`ZfBtvqL=mx?@a2kwC|PJjw@BM@DD!Qa%I$+ zewy+4LL20tDLwJ}0cH)dvO`s_Ti*7TLF z4%KcWTxgC^cyR1Dci2N!ajWA^ zwiAK-D^H#YJ%+)h`#qh%(Ur}tY1yss4@(Y(X20^Zv;<8(*ouqj*qxO(54Yq6Qv`tj z%3J69n>oi7z_u0zRu^-D;x@ z!229a?)6Xo)6K5J0`nJ?ngcGHIZrTX>0XP*|N14 zSwdIe5i|U8BeXb>kAgTaFz_K1sUu(Gn!3>qUEUzQ?ekT7s%eAr9-{J;suGxjApy^x zsV9G#a%^nj5XW$np%O#=&(st?*H&r@I={gCj&%XbKMZD$W|8_TM)H94%t?OaYWZ16 zie!_FSQ#B7kY2HO#(T?z%I%&7F-qu?l6JIix((I&|0rKd5GN)fEu5fGNCJH z*rFvRRXT~SwQvC#HG}Oo;gIH3lCd*`l0_gx+O2mP1s!Ntv87mqmjO7v_79PNbMNTH zM7LX$uzj(rj!ulSBevP-@+ST}&t=_83Jd>eAS(D6wkfRC1oS@*H0MdCYlCIb;Qb~q zB6bDrTvP%dHAz{2pE|D+D;X?{5W!hjw|jkOmxX1iFD!BzjO=QF23qm~m-w|;KV zWpbkw>gUq(^4>YogPD}gb=aS;rXm{@bhPS)a!eJO6@7&sIa6}{_esE{6+J^Vz#jTQLX-8~dmvd-Ln3|obKuFf^Svic1- zy31qbhFhJS6hO5vBz6R!t(?17(kRGs=j=?_{m=2EkK}zXR#-rzYDO0tFW`}dQ2;W` zX@fPc!#DyD#}A?&Hy1Q{co|sPcQkyI#6m_PpnOW?nVObmLDzCpAnm5yCsmmHU6v{!p%>#&WYJlz<%(H&7@0Ih_tJG z=LftX)>)`1CB*_bk0~Jp2Z;t(7G=0`cZ<-gNAlc94BDN`mSgpk`#EVlf>#8g^?i&ud~G-xn( zSpo7l%^wC*ejJh2O*{=+?*XEX)rU0i?_P=2?-o_b%-i3`iP*~x?TtRs70Ia_`l`AA zb{{&?ph^kM#bwL5|8cErZb(dP(0BP(BiVR@h#@cA^NYc!&cqMH$Na6uG0cpYPf%|% zQX*}LTNVqhHL4w+~P>CM{oXG@s@7h&gnr7ad57DlSwJQSG~ z7@U+$zUxGWt=Dh2vPR~e)xpv3-l}sp5-~i+FEPhtGwX3u%x>CbD1_N4cQ@X<-ezQe zS!LVqjqjHF$Tb35q$|3x*}S{zG?JE%&Q7uv=7(8h{aUMwt#PiS??`kAjLxM7zZCL4+TBK^w?(A3+^~w9>6l6X{|I~Qu&B1M zZCpnX1O-%5Qjl&WrA8&B1%Ux+5s+?>W-OErVL(AjT88d4$RPwlK#7s=?)=ssJm)>{ z?{{6__t%{3T)6jI&wBEH?)B{Y9bNe#+ItEj4 zuMd{c?q~jN3A@ zsWT__0{%#RSZDrvW3q1B_K0HHpGWxcqGsK#?s%zO$FO~GX4?oUQ4oQcY(?wSJ1Ghn zxx}?Zj>e;?%DgupM(0Z#W62jJf~lOE<_$L2UhO{xp|Yqs>>_atK1yb9?W>SI7=VVT ztW%TmIx+;w+v=aM8QIz37DA@K0532e)3U~r1&_A(Rvs=!WlxF|eYynlR7?T8q7aTf z3>oDoAf+!dW!uQ47S6siYP^%?byYwJ#s=z&gx8qwINKwfg?Rwtxj&1f&*lR2xyaVW z>pyo`YG}FNzV>u8`NYKgGvR3SHR^_^5W;1U=jhy>P;KK!advG z*LX*8gHBfiBe*zC0}~rtQ}UYXFSER8KNRn3)%}(t;5gr6L+~=}e-FAMQ*7)CREZ_` zqch#?aVzq$oKtz@DQq~YW&Tol?HO(QpSx^3Szzc7QNgB2a}C>1bzzp4%^c^gB<-T+ z*Z!g739LkC&FN>Tq#cUOXh#IIB4}-wK*vaLgZ5J8l`z{)nh63*m?b2p9Lyl(x_$6K zR2R;-C7wVE3R#hRft&riR||dd77!6X;U%-!Y)X zc#9;J%qZ%rbd|AA@*|S$C((Kx0*HMn%-FNEv3vG9dy}G9cs=QMJjxb+^Y@4gl#^;(2{%05+&GEh7|Db1tvUm4h6sj8`B%m{i&!C-8_5sO@v+E&3y{_BkDpK< z`3r3w7tRXs#?l)`t*ix;h+fUd%sL0zTv8Yl%q$T5Ng@d75di{%vCv?K%yl8$z|C98 z8PUZ!wUxvRRe+R7GZ9qda0!}YTZCV~+P%}t$Z!P`;cPEG}ZT)EJ6yCmy133EFpcq)8>FY-awdt6L&Q1iZbrEY>9P-2#J zgGp@D*xkoT_)5<4jlf?@-6bH6%rf?Uz~JNY{BiYj?orL>ZD5S~);FJS1ekC%!a`(g zvvBaCM*AGP)o1J7;Aaa=1O;0dWRq5kHNNBLN-~OzwGOy=c*sXTH>KmI1|YDGv>q5* z&?Uoh4PO`@`%&vvW#P@MC&zK4>vX_p`o?qJFVRTd>s!vxRfc&YM8Y2(fT*(uKh5t< zk-%R1`}>vD)WUoZs5C+*&#RGEqJ74sa?trG;F;ztl%-!kv0u1%jYn=YzP;!eD^vh^2%l;e(nHD$gWv4`73;Ya{TDO&e&jCuC1ff22j6`+1dA=eNH*Ofg>nI zNrfw1o`R8xlhwYTZzPByW%ahzJ@wxtfVf+dHT%-E`_%i+!O(EA>-x1LfkpKNp?z78OqIUu z^@|jRKN4P&6*{i~k}^-bkK ze!ft?5B75o=CeZ|8BjGNI~j`@xaBQEJkuTP7_gBi^%g z2N*`V3{ZgIt((zHK379jCA(1kYgEh_!=5qw(R}s(bUmEa1y4GKgK^cth^z8f z!0rp*g)A_nD81#upM-t6W%1sEkkL0+B@mC#WCffwMm-#=JxZa>+`A5Z?%i;D3AyQR zaYg3N^n)1d#th%|IvtL(@g}jdbj}@yT&4YG5s_C6mI~XNTLCSj=2`>aKjFLWZ(Oc> zrPr-nYtA(xZ4Q!x6%e8f23}PF=H*+1k~MlStVUk+iQ*Ru!g!|dqrZ44&Jj)Shp@Ln ziC}Bwb&&a{&})Lq2SdVlwF7r|+9{@SgLbF2`R4V314`AmLoW;+Y#7U!BkyC^*iX13 zr1q)wx8@hZqaXSn`&R8eA7~F7Fj>m3<~Wa31rcAUX9A)tV^2yv+3$O3?;uYC>Q?go z#yl@vSb`}9>b)GiFe+eLNH5veapNkjkL9|CkU6c8$M`oq$)cDwLFyI~)5gHF$g|gP z;JubVc;%7mhft|o898yy)5#yuaLn;8h%?X`^9&~maTuxI+2G#N&}r~=1T~2K*^;dwQ#g9ZJ984vC2T@P1$E1a z-$(`xJ%2O{1%-u>|1dQtzv~HcISonlSF%>UKp3LgjqY@YLZCaetY5#l2uSE6E%GWb zxgs?mOKVZt4NmJg$`D};JWIGw2a}ldb!t85t_2t=tEI1ROZ8{!C&M3`u+Q3RgroePa@NUW)dM? zCr}c*Q&j?%&|sQ?+?pj9B)@W)W5F1=t*2XE%)+ax35#vHV8fwzE>bYF%PEZ%arcBs zEATj+s#sMTPHpBJVLUz>>JtD2mQK<`)qi)_g_A?;w+@9ljvGM6jC|#|iT4i|0Ibm3 z-XXeRSXAviDFe^fSC?)Q8G>>ctka6TqL2R+uOy6zasOP25s@T$FgYF#N>&E2+e#*~ zd%SRD2>0Llsu6hFQ7RObxp{eEuz{=m{!Bp{Kb4h~suWqU!nm~=6AFv|Y)g@0bve+P zu-IMwBV^imhLe{!_RE(q%Pcb~7k=5;ZW1ysBQVIIA!rlkM~uRMd#*P=8h z@EE-K4(0t!9JeKj&&iXZw{g0`lhgB(P71i`qozhF>36SP zvzc7aVR`)X?QJ3d!>2jf*^$xFS2#I1utx?zS*@YbxN=&iO|SflEqw-*`GO6jYVqQQ zVbVad&bOH&9|ppx5PzrCFkFbo2g7X9kUv7Qw1B~ZRl)W|((5zO9s{Xh)7vjhYOQlG zGD^V}LaBS|q|N;OW$^j1cYu>3!^6WFev``_{kk>evs(K0to^A__#ev)~8H?5;AeYisaF@RuQpYF+qwJ^Bv%UkD&cX{D1aC6uU`ydXwjrSF)EY+2*7{BJ=rOpu4Rtb_nwpxo zUw|%obWF^|ruE!ucj+T+#qLmBW`8nLu*TLZEY|A*hs#UhK2>7mM@VhN$x<4dME+(e zqOfVvmtd|jK!hypbaod|1Fcb4MYObZQ#-|Ja3T-%LpJX}r0FZrcBp&w=^}%a-uX+{ z`s$=pxg2u(4ah4OYg{0n9+?Glka<7^d`iTEyeiFCLSToG=sq^s^m{@v?^#`^q46|9 z$RC}74P5}HsXqx?;c?FiNZaF#6em3$KcSwbLHf|Xj7Nw2CImJF;AABbW-*RGVe#d4 z{YYMgva<5W!otFuN_iv(wd$k=N%=b@WbxkOAdCHDY3ZF8J0-i+^y<)SA2WULxqj(VnUI5? zNtMSaq50NNFm3_5D;pdf45mCJ_Z!d@y5Pjph!1#_GO?r;?)Hd#Q6b#tkh6qfzv`b7 ztSy0*g21r0ll!-BxnyL23bRGK$q06e9#GFlhbZ(w74N7r$PB10M%MYxcjVoNB}>JYt zjnCoqQoK^N^D=mAxIpjU8zkHKfJGp8q?K3Ml_K~l90KKR+6}v>`6l*lW6k>=41qz7 zu8Wa~Unx(#LKKG6VE;B;47|Bo{>9oX8yu-p@mhcZk~p%J@SB6qU~eyTOE`Uu>r7YM z%>u{hbBf*61{Bj%6mrea-$2>nZGaCsQk04ODMZ#yHe(c(lV$uK4;Gp!IOkPX4(inb z&H%fO!JTrpi&~FqxFH3<2q}2%4@JzKV8hRZbm?-9nZPN&Hx-UZJcEyJeVKRx*W{YL zK~|$<=IUBPC+)4>^+B3jbw&ypvtI&xu%9QG~Q`?+#;1f(zlqroIV zvH_)=D>{6@@5F-XlMGF~W!@@&dUX`LkvAcYgxex_L>VLd4M?fYYsY&vo1s`l#sEbA z=MC#kXT?AmN)o*Zr4PXGTAX#wyR#+3r!xt{PYm$QD(>!OwYwk;KK-Oj6dat9k}~L$ zEDUkM$()Q+%F2`;zJDKTf1w~*QWad=_9m}@49sJSvWa)b93FwQSSsS$hN-}8llhX> zUQHKPc|N|Ycz0NUO$(=t}Qg+}!G!T=2s(9X-7# zpN7*aW2qAbcbSfp3~ex90Er{LHRHHy=6>v_qsd4*NqrUx ziK=K5Jq~=Ymv%-^zQ$*Q<-qSC!%3{|9iz(QDCZUzBR?N;PxfAT{}7#gtM4Nhg0&OCAl{)8;i_a&x&Lc8PRQ-s6SkiQ}3@VJ$F_TEN}5ik7zLXO`~?7hHhpu zkrAFP0piMGXngmQugpG`%S{J?P%$@8Pt3D@TX)diK5A|is$(>*Xm6g)P^;{qJ|KI_ zaJZ+a7<5lDYfYoQewz9lZs%D4Q$}eTz!QheT$Z<+4N}R2R!x-%( zIaVCzAGXOysk9IZvf=d--^VID%7r`uzrh}d2{@-8I1S6K%#fK+o;S0zOI69A)iR*W zHF0-$Z=QcXJ#8uBTdk>{oR7*a+0q*M&b$={bm|w^(o&LwEW{H-au8)RYa1Jflao)X zcqv6`$B`?qjI#DNAl_V@Gq~~c<;!N&S-@`#GqK^mQ>KME%+PIpxAIE}Vb7@;Y@k{D zE*_e*K}Lrp1+i=9xKMf9evCP6M*W`3-F#<_KLd(Wzb}6cYOj^JIrZ~BC8qWA*TZW> zGxAJiK&G(EZ0G0FfpcbDlMsRSdSnQ8 z@8GX3G;@V4EB>BK_c)D1@~dMO=9FNq-0X~CooS!a>QSS?t&>Lq2`Bv9^ae%v#jhg; z)o|V?kf^qF(|vDc?AX8@MKB_pt`Hs>aIz-b+Ck%+qqL(ZD6;~hxtC)X&2v^@)Ou@= zK+X@TuvcEr;j#>*f=rrt2aq7--!J5R9=(&4%OKQP;9xwwfddZ|AuV9p%^l0Bwf~5Z~1sQ z2}v(|PO;G%yg@yr*JKcS18-Ufj$d*Hxxrl-2yX-fK;qD`x$n-4XE0UZ~|7CLToqaryZ9+G%+ts*-gt|!gdk&aLD682mC_bbgCwAYP8^Rpi#qW zqlNopKtnw;ncynC@dC7Hj$XxhDAALs?f|praPF7PNfX;*D@rHr{#@Lz9Aokw@2YWSm^Rgv)xLG)#>%UZd zLvnFr9rgw<^XK2{7dqek$jKjHHW5-ezr*X9Cb@qK$N?!cUtj&I=+7m)S7CzZkB&I{ zEsNn*L6aUz#e<6|AP%|QiIVvO1*VQ33y0G!f{=%SNs=T+qsGRTXZ4pW9|fy2h&1-d z%>8q7f{d`Hk(6-{vDelhO}T4*JZ=@ynlCm&w(BJTxJaN}ntH+P_d*{49P#Ox;Zq@i z6_J91dm*-8ve>vSL)T%X-btv5m-JCH=ifhI@&#u8h3bLj3t;7Fa0>@G*Kyp?)6+j_ zeF(QlRQis52pwz77_D+YN?fy3iFdy-3nfX=hSRvfK60b1M$JIfrel`}z*mj0MiebZy3)0DewZqKbhO9;MZ3188nsQ1blATu1+;QKUZ;HD3HbzZ|3&#E zsiVb^^`(a64~N|ZCx*w9c{^?VAD(I*&-Em;O6mJDuH+xzt9Lp{zGg4$Ibgs3Jm^@V z9nBVY7s)Hx!Wn<3?-==PyBD-7?~w4hr|5s<;^)4(@3lWf z6}IEZx-Y#US7fiH7RF0tfBwUCDkWBitM8A63khT}XQKH26%Wu+C-dh2ImAkC=rj~u zI-_f@khCfzF;d@$i=9?ekR$SZx=vNJR^AbDXLdAug2hV8AnDc9DE_ONgoEVR<_nSJeJTbV5|(?r7r=PwkU>J|i3xSk8HS z)`ceidwnD@&=uxEWO%hDqHgxvKlT-@U&zJ5G23G~@WF3=vxNU1V8v>F4?a4|O7<)A zDT~v`a`7+hdDerxb#JaaIWoX|(~6V5lZbByeZiZk9_$d?5=m3Z4c200;*D!HL(0O; zU%2xmR;s}z@6YOxZDw0#svnCZ?61cFmRTCu4@3Q!aj%v=4NH;0!{bYMhmH_~-5GPZ zlKge_aHcOXS`Wrp3)^jK*k1rvLGO9azv{OPDNswS@#WPAKvk3X6D0|O&wED3+I$KF zgID6|VYebY+NSGT!e}}Y1>_tO#jZD&n9cs|FfSn$cy+t7sYu1n7ZJ+*}1{qo?%X4HOLb5?_EEDrR=tK`(KwmoJl^< zFe4UmqKa;qZg1>m91Q zStd6B*(AIY&-mef_2Gcyp$?XPYq=QpczCeq{}E-tnOdqTOt_zo-diBAfObpyTgi7ixiU?9XUG5iZIW+lYF;n z?ym_m$-zwael)xlLp59-r16_*IC^u~Uva`*IAMh)6bD!|##(cq_&s<{q5Rv^;skOB zGQ`5dW$hX!yN%RMhdC@3J)u2Ue9SXPLDcKakO}Z;v1rcyOQXOEY>3!*ckR|*hjc)q zpQ6m>_dG<#Cx4%u&AAawP>HKD-X?iUV}_L>b*v1eI&bh}(S!hMk2Hx)f7EZ4)S=`_iTKj}t|%64FUN;D!L+KA(!dnPSeb7N1Ks zwX`D#q}$}gEIad;)<6F|x4yQGULxub=67HGejNMfvl-hzsu-vNgHqJ>qX1uRfE4*% zyS@K|gkDIm{y=Oj?zdx=pr83eCbHYW6fa-A^`IP-0~kuGuzy~E7Vm8%a$@H3$yy1x z@)?_W3*ne@k@3DYd3p22IoHctxwIu35lJFMMnM|=)Gb^2Jh4&Fz1s#;{VWa({R98? z8-$NJoDRP!?QO+$x7j-Kp^R#FEC)k2f-cbrKAh&S)jFP9sb}@_qN*pKI!u_oj5Gyy zOyqG$U3UOZd{}Jyl&A={1V)5{Z%2OwHj%sVeiDoZF&dC1O_E{f;+0UZ|O z8?#z+LwVnkB#N`M=g!kDpu$gG$@kkS*-R!}?ZF?5OBYakD-;>>&0lXxCaXGjXcy&` zr|R2WdzVpOzmPoLAXZU6L<6%wRgYCQQ@s;q7Ecn!LGC}g_4SuRud-m%8$YmEO}_N3 z4mOQ+wE%l4w%aFm@D~;)lLx8YKj?|vUHDR;+2U|d-E+kOJ_ajW+9_FgX>0EXI)HpBy&u z(%G`96fV2`A%DHTispVFxTOZ24SD&$?Ko%*F6~Y9>A)op;%s_ZlB7>@TQ%X-D<#@_ zA7|8P9LTHt;$HcZy)JI7PuE$mi8Yc(Uq0v4CN0+ST8O|^F(n9kBN>RFT@4m{vMp9jfZ;WMaP7y`3tt9^KD ztfE*OL=xVsiklTrZ*>06WT1WhjVXMDi?`e!j*gU?boB{S@5BYT^|P)rk$EA3iN}uR z4>KnvF@Gi4jP{`_iRNCX!awuHkDTf(u+Yl$WUUWPoAyCFuf>eBqx)vPQH#e5{g__d zwPpA>yh_0ky~YGSs0M{UL;@UPDxpG5Ma8xT4FBleWoBi>OXDj%+0{2^MF5MvNPC}i zhxY@G`;}=%XOP}8`=1p!DusQ*Dyzsn&nC9}<*GWm`?TV-(*ebU$L-l?HQCLMPu<-h zB}hRct=3BQU!}zHK<`jYr z4R7{PfF!xP$ZGm0@WA@6X*zQFzkW$ht|11L-Hl=lC2c>gT`~P@mQ1E5Kx_w=bhy4C z*(GF|WO(cEg&k!J>nPu)@+x4hRAFy!s^Do6LIL-KjyyUX%{<^I*7cU|8`6Pk*vj?ysbzR!uPji_EBK;|vmC=cG?S|W|63ne2)&6gy7v4ye-Ec1_V@<3( znFAGWk@vdsd^8g0rg!;3sj+h1^bAgt*NC${W%4{_OX%M>-+uI@o-mtvpv2KJZhJ$X zuPmAy#f;)F!hSp^bYh%}khHoK4nijOTX2*&kJG$ioz&W|TW#H#SVv!n)XAwSZz-7i z={;`vQ=kdN8axTO-cjHN%*N+1S*qgUFUebz$E+ox{agS^Oi_X7JNR1eQBHKXVC#*z zt6W_5+nTm6UxKQn%T|^NRp4bEOX5P4usl&eE=Dk0>?ZrgDB2k{!achL21rie0y>eC z`81lp4!1QtlYdfD(9619{G>S^tMQtK37gUw^+2TA<7FniIkyW9hn&Pn+;8rLa>_$Z7&^f4-frPsIvd_c&w%U z%wKP6#3WNt4>}owliYmt{nBphxyzc5eR0cjAU>(jQ~rkw@NF6cOu=HThl^&g#*i&^ zRIu#YZd_(6aIwbyCsU+xpl`zHYf8dz#MyUNe>mC; z>AGCfmPgZCT`P#gK8Nc;$d5>I2Zj@*1L{h>8d!XW0QdaF9EW=n5&m_`Q??admktdR z{#F(a#F2;*%FF;LuR;nCM)H3plb^)ch$KGH9o$3X!>tusCO5vnLe=D5jWZ|bF6=JW5rh*QFy%`Ow%cFT@=#fE_HUYzm3zYy&!&sPBlV-vfaU$%X7Q%gyMKU#6&}R zs6iN~om47|&XWh54vjUOSHbv_5f+2TF)2nA`GCb?h%LG5z!=flcD?*v(1Mfd_rLtZ4Zs@c)lpP3@pwn~s+D8FCo%D#-7l6ODjy z_lsR~n^y-553)b~_R{VX^Zn%8hf$tUy~YL5+OponQ$`=5oH9_d9H*Q5IQzPY--@F7 z;!F(_#d{QDSl2~WrOfFvMD{U<1nj}>HOw4{4TkFKF|$Jx(G}#zOf77;0{2FfWHlJ5 zT;<>OlxDa>Dt$uYwD*7%xDbi>O0G72+Io&Vv)9Y3zb_AFcUD!i?RC=9f`hDUuhw;m zr7VdKSzr|hFL`#ATVXx|C~&~AL|!)zVMXY!M0Ry`eNq5?6qXA9M4lMMORc$#B&Q`4 zQ!8w;A5sFG7k7k1+Lne{$L8@njcNaWYVEh}$5jcUVWNEAI+i-h=)VNHm8W(Q=SsPZ={&}+B z6#Hb_>bMVfW8a_g>KF4?KW))5on5yGeAaaTF7N#x-+3Cm{GRuTl~K#{ZP8`bzKAtU zCGjR?Q$%v(-F{4jhT6ojs4n-bPhEzZL&vIO9r)&x3_%`~fTn3Uy?qaV0!%3N0_#;= z0qdk0=sU;EXT)OqAO$4Z{(kkX8Nmjm!@}>GQEGSJ`9LU-fnyh?6y$|MXjr=L|HTJB zT#P997##PS06fpspVxkzehV3S2DsyMbW*QyO;BtCIMSOo>MsHucPwdZ*=vj+NHCJpxJyqOf&Q@e5_ zV=9;@!*2$$6?9l@&g^OJ5DM036M=|xGC{f^Pf^nz+z&CiH0vnclEv`(Mp(Y>9#Xbe zH%@KVgdU#%bNGjRFyQc$)WJ5T2HVcd1-@7S1wVD+Q-2nC6*f=r;=2isb^a=`LbPFE zZF@fw?s9fLR}4Y0*9$yxbkdnUAyA5wR0NXj6@vrz-wJY9h{`Ligfr*~8E|3r+9;N} z`Ja}gH&WEb3qEqhx1*?h`U(6WlrMBaFq{|x5U zw5~ZT%3BO!t%)p(&MW>T9v>fi>n$*mJ2bj%Qz_uXZYZz2smC-2n9t7NDPU+KsiU84 z5-!!v{jTvzqzfjTJHrBBV_coD;3bmZ7o#j{&>kbNP9(4YPUY24kMQ1753HR}60sse zg8+Ci7{y;A_K_d}*#Ggq>$WN3Y$QMJ`+j9Kni&l~uu6s9@ZE>_OHsMDp)S6A@yNoY6>Aw1r}bCc?xJ~p^62k>uD0NAvCV)r(D z+avg4!h6?`q%d0#I?B1t*>4ie8*HRIvyT(cpS8ks*;xNrncccO^dUK!AAC?4$BwK4 zKEV8w_jR0qKPHMq9Bs`k?t|r(gj~jH$4^BNI5c>u-+X{oPhqBiihA9lsG5JDQ7K@; zP-$Jhnc12#({wdeQxh9}zc9f@0cK5Xmbe5LzZ6yFjfE^4Sbn5$HY!&R&}`VoaB1$&A3g-h0gN8jXU{nO=1=g#UUtx zFgP%LuQ;R3$lsd0>fOg|0h9XL$8nozjtfMb6BkoKa3nh)%PGMXS=wmfZ;Q^)R|8{e zCMVlsggh4Y6gAXOJ)QT3#ora(yUfq`$*HJlLFSznqGLGJ@}~A(-F0aw4BZCN?pFl$ zUhiKZ{x;QjUX$|DGR)Nibc~J8B-efJDoZ8CV8h!D9WY6MB17aQ`g1$?m@JSgb&PWM zD%rY@Q`3|8PL7YHuTf^w8hPVO zDsl->#|31QweLnb>hb^kdO?%&a`*hnT(oWUmuFIY>uM#OF8D`xh-Y^>o$!U7F8;m= zu3z$%g+)KC%P7z1;^2Af?|0xWDxi)VPlK&%OvvTR$;%fRrO*LW6IfYUM+_*6)yzEB z1S$-e3oK_^dq4~TBx;TYF477s?#@V{U<+7FkxaLcW ziQ{crS$uSgeCV1tZ)9O3#evosU^ApQ>gZ|9Au$WHPT+PDywUuuyLswpMRs|XjsZok zj^VtY;WQC&X9@T(YTqT$Dnc0QZ7Lw`5T?D}4^;U80YMfL&L;Bz2DQst234@3P0bho z*bK8&D~7Y6gGdp`Bq(QsuSHqeN5rRt&CSoxXq>W*7l+2)W5WWgi?VajqUBjj{dova zBsaJbyyIkX8Mc9>_YxtNBZ2zMFb=qJ8I|yQhBW^}D1e$>{w{3-J`B}vZo`VOPoJEb zy2f3#zm?WX5x1bR<8>d~D}5)l+Yx*Y5uKUI28Ls#H%@te6o+PrW08Sg=Bed9H;E0w z^-uE3;;#{Yri#X$UD4^#KA1o*up}SiYuz0JaVOz=c+VpFB|&i>uFFe}%CAM^t#MCLSKa zQsr)to4|C&@{dWW?C)?9t5C-WWdheJeCguXUImcCh^Cq{fmH;az;0I+t(vrt5OH5+%c+Nb&I};U3MDe{RRU{N?=j_p*4PcZU0bx8(9t{RWoq^2jRGXSSx7hU zDF1hjou~+2BW@j$OVR1UhGLy@NIwv-;%v3DAaQbD3zb&{;=HBsQV`NInG1MZ&0pC0 zFj-T`Bnz%gj5W-yK?GX-A9Oxc60%=RDP4LJsmJt# zmbm0T81X^kHK}-V1AO=AIW@8r7*g*QeDv)>2OhTzfwZKHt$CwzsM`6kn^w1(KEWn+ ze4yu7@p* z$IrocxA^nC^7Ts;jt5MR0xldlrJcAv_xbaZYH~uv_U1#Kw;ZF>dyiT^WRK8SjD2vK zGOT_Ud2Od4U?Uk#PSa^S!GC<%U_o#4gJr~5yQa=(r@i8&<>W26XZ*rU#VU^P=V5&b z%&fM^NtdH!boeRc&Uh$2B8cu7*B!27u1-tFJ~-aWl3fs-8kDl^S^^(j8nN%4dcrNc zvvjSc93e508g!ywe~@(Y6=h$HoYb?&neFZR#knTG?79WTGIe*xdBu9wZG5fRbQABr zScY!$j-ssgrZ+AXIh$iA1)l*2lTd*u0N0m{l~BZCN;eRHq9 zSOgts_AS37g{p?aQN3OI2Vx9^QHZ)XxyxQ6QO_hSw|t6Bn%{uA76;oR^}b~9OFG6h zV$*+271^cVL2?`14j)j1%$Io*Lu@=8^sC0B19Z z>FJP@AcBl5kw0K7XsdbS{#I)1ROc3Xc?oFQ7|10={D6G`K@Zz6`qIWA!;P^_E%g`r z`-(#r7n%`oaJcTWxwl*MiiqacRTuBpMMp=6j3&h|TUGZT-weBmk5-)$S4TjO zyfu=a|7k`|K_UBszwNq(hWSmCI8Y^&tlpiH>66E^pk76Nj5WMnEpx=c{g0zst!>PJKieE7+e(>9(#hj-q@ik{zkj$5 zdsA*3a+2w`_%%uGy(rCZ;wFbT@ir={gZ+v(Ejwn5L=3C#gZd1`9Dem3*{=-pE@=-x zs-ROHK;$}hH6<%<(XT{5A--3lmiGRftAXrR*rub*F7KNW2c@lK8n^fSXGR1Qz?yxmuV&! z_)cM@$CK=8zPh=FoZJLi20tcX+Wq9Zqo=P~Ls8+vA8j8oMxZ17qvu6zyhOHdm2Grx z$qjf`2bs4K8G88hwVbGmf>!OxAz~ursEXm_;LS1G)QaxSx}~o}=-52h@h|04KfUS( z7Kts_m;TQ{u~bIIzCMM|zkIiW)yCGHedX>^E9&`q5@B^(pJe;#WV>>XP?OIY`>LM& zHY*w|`IlF9nTYn*WsObv*>eHXFjDh0^I}%()RH_UwnP(40C2|Lz z!$OY(knC-JsYpwYLrfG{aZB79N=CX#DAS{I8#Bt2)OK7YjL=$Z2gjtx$7v0&O*8X$ zEoKai2M%v{YiUlLB>agd{L2`cr`$YYc}5YHm?>L1mC*Vkg3{GJS; zD3hv5x42DmVW_=~+CkpcB;(H(7Vph`0{~P)hW8 zkh(Mol6>FcvrQTF?lZ+S3f4A;){norx_!mdj>iwM&&P!CB+uUV%MDU48c-?DzaC8? z_9#M47pq*};CZN=J6Io0Q8~^?$@(s!xXRK1tL%Z^r7*}HX*fAJx#=Lczd2{F$~`2; zVU9S~<6OV7pXqs+yfgUd9euLfZ)Mhv5|^c1LI0K1ps>{3JGuIsMe72>9{$tRY#JYY zdnjYunxkePDsL`*lhf6m_LywFY@T7ByD;=Mxvf5#i%X2s_-@TnV|cCi^)$2YytM&` zL#|A_`a1imKYF=ev<@qNTy0`DLMv~(O7&i-oQYF<^lyqGsX;RO`NVD#;^#o${U7G)t%7%>WF)_msW#zahkLE_H zi!4y>8$h+ynUwd|2MQb`Cv?irFM}pvPT^GKgU{LIR4g%Atj21^E0|!DBJXHG|fS zYNa;~7h203V;%5+SZqvh>+xDOiIl6Q^}DY%&k^0xo%ysM=4kstwkJ+4*ROcbpvogJ zH#d~|zHi5mPIiyuH}$-X2M3TO->Gk%d9YQImQbCD?EM?iV*25Pf1)0B(`F;R>D$(7`8CP2z)4y`W6LF+(dtAq+kK``5uQrTD zH&UDwiuu1ROFATz9Ub&y`<*LzOm8+lHWO_hwJ_C9)0F|R>3(CwR@56H)+LuB7g;;^ zJmZ4(41g7!^eUF)qj&jJGiwHlci5wT5EGOsXL%e;7 z`TG;c1NeW#5XEWlX-eFh!raDgA&x$VXjVVFU!10sM)2-USM2<>Sd>XMg~fDPja4_p z1ijtb#67X(-Jq9mz-=Xat*w~ZoljDY!Y6h)Uv#QvQS&?IV;5pR-HZPm5zWe@pJ8^r=t}m*bkNGW*kE3}1oP6GXBfJm z1jg|e3ZK~KfXkfQJL4fXMF97xj2lvqyC{9ln%Odqtmt>sLdtS4BneeKd!)-8YB zI&Ik)MqyY)+P+weP|r(M>X)=!i!y?%KDMzXpyiLLDZiKK^?5T`B^_U8!{>P*fd!JCE@m2?<-U7$wO%>r#6NfyZRO*Qo#e` zUF~0s1}7ec7|hkrUS7yMmM(u{F%?4aX4INGIqwQZe)LqADzTvr-Q4kLoE<(QH<`-U zXEY=^^RpxY(5jAB)Ev+%_i5tm##5L<7%CW@5a3X?$L4j2(%94!vA0mo3D#>Xuh0n4 z>4BX+!B2a~4~Pl@OZaAZr*yX2tU!K1M(xvT;@uM9>(2uGh~+A?>WhmHmfuJ16My{m zh37a`_0UA-hkZ^uTjZ?SnVbe8xWCpM+ybHz>!gZkxLl?#S*4|1Zq!VF_bS_?nhyQc;xI%1V|gAIygfAlv< z0*EUDk=x(4wo=`m*%&*kB38tg;LpkSV`BK2M(*SoDujk&K&s@-xX-J!&G&>|R|@FS z1hHY!j?UUn-rO>4f4`XpKGn*r(jC{JpWcLW61XCz-oHBZ5i5#;DnlV16mXgX)WLC3 zs4zZo%33?lcS|;y)`+$?C&;j!{|240BQ*Mjy?ql4S?Cv`ic2hBeNZc$Y}YGFKJ>P&pFc%rh2<&3JasW@DsZ~?QE z7zCBer{vOHbDZmr_i0@^MG&+{+4gCVDztZ<&a-HY9G*A?3bZ-{`i3^x~nk?;OF>n}r|Sb>7s6 zM$INp8w&XmAkzAE=TDAi6(d@ucYJ$xg>L?TLuo!ALf>y$=qnJ^#ICD+*f=lWxB(I% zyBq@NIT?U>0ye=h@j-V#$ngz#V8#lYW6_%-+z|9bC9D!4o=J#d}U8{a|gBSY2G{? zI#?ewRboeE$aMlxo}!gfp&85LqiIkeHVgFcE>})$hpab@9FjSHJeFCVB3Kq9%ACI{ zN%>0R3(G2*e> z=I@YoAX)!@Pe>EVJ%n1lGDYXQXlbnO#!oxeJeqv#;r6R;-+#COEPx=ir*)&eb?a|y zWcD(h!k-$@Z5zAWct)6NwX~69bLaUJ29;M3-13;WF--pFiwlxY3m}W^PkPz|U0KDx z1u^x*jsL(zk^D8xdz0_M%aOm&Pmh>%v{ z5Prpc)`4fZiVs&(yR+-!ZhQhtsc~7>e{nZZDMtCa3@J#srnk1f7Rhez^*Zsa;v6+rSf>?F&yZ8+)2%2EdXnzdBIe~!W@kbpCRyxylZ;k@M zTJT0CPy|Y={RcEF{f(CDOy8&oWD0ZSU8#LsDl|Lr1 zgWa0m2D>G`M|Sx9n>Ru0f%br*Z+aY;Pt8uZCPW#ZUljLu8hx?FpU`KyP8!k z=XX7ap>#NZ$?E_FL7Sz!7TPWzY*??-RUg1vphpBD#BMk|n(Tia_XEXZt0>#tP}-mT zJOGNOgvdZ=96;oR1zHd);u8P+ zD8J-Zqo!h}%6EPd9D#aa!*QR(P0>V$L;xyWHsrbPvmh8NnF#8R0b~#mGrT?bpP*`Y zXH0N*&7l$=-cSY^gUy4N_Bep0A=RE#1;OF!%TeOK;mE$!`L@%zToU8utm~xUbXMjR&_tV240O8S zwg059xVMJpAq$)ApX)CBBAd&12MKYx5>A)T_vbCIuU`U>>v}-v4F60O(|SUSU(AZI>~z zq?>s{1ju0*yS!0oCEZ2}XiCOtG_+Fd>VMxcXmX7`|K~864*(LO%L_(9mkWwJr;#^7 z!31g5S6=9mr*bBUC{Q4A@E_8vkfeTQq>s%t$le0+eBtF?s0`Uj`BuhB1%oVTb%9G7 zpbUp95IVw4eL1u=y_gAw4Ct?xAS31CH4sLIV%l`XWFR;08sc^sXOX>Ccf}XEbg^id zAD64=t;o%CAa-!YJsJaAEy=HXsSOymjG@Dk`HcyT9W~iHANJ;( zV^P?V{DJG2bOCC|0yz1h&O~#tAKMe z3N{?p_TSph_5K)+eV=0pwbHUno)7f&oWVsm=eax+%X`?bk`WeYC-y06?5llVH)W>? zE@`N?=p$QKm5Aa)J4TN>!O$>0G87Mw9K_QXV4i*z1G(EvRsOm_?1SeEK|bm7Uzr+E zHKN1lakRvez0mq>;DD039V8>G^f82tsy7ydDC`<87hKxcIc38E9q_UyVy#;~*=Q>xCz~Vox94RgSDsW!Vfb-nI?x73wuGct zmV%dMIbN0wEKBllU~YxD&6WJhUK_nWQKiTg!^&Ti6WXxHsv*XJ%Vnng-52ed3I+iE zTK()W60&JGKz*@!K|;=VM!eCKOI~0O>cTDn#o2^TXo4?L(0l0Z1z6}X)ODnI7F9(D9} zawBHSq|6>le9_TWK$;Upa*Q8u7(YU|06+Hs#*ZGOp0h`hxm0Uz=mOLWa?cleh|5qP z1=2d?m(F~O@&vKv4Wcz~r?REzHVxlZ<4JcSwsWH_dLE(c1|I&|1(V6T0U+e{p?m>2+J|F~Z7W+O)7+>Ttz6N1@G5?DU zjzau7Z8_tGbV1YU{81tW3Me^0LM&7#b|87dV)1sV$?nm+3Y)D>ipR!gah;qcKOYVf zu!z&ib1ADFcR##?HutH;KAHN@y>FLnxGUdK0GShUyGR0b{ygl9WZ+mw3&WZF9eWF)^P1c zOP1OPBThJp3QFpMX-81Merz$f!WMHlWHAf;%Y@o^J84F{^e%l5v@i%YQged}h8-Fz zAphTZVwrG(9aEoGR<;)&$tkKfU;i4sI-su8+5L0#b=Fx@|58O?V@+-!O-iZ&h`D@@ zEmZzvMAE>B1a)u#kxKtUWXZLiHy50KlKCS0alDRG;L!xa>Z9}KsgZ@rez!!$IFtlE z>T)0Q9VNJe^q(;EhSlJcx$ULfBADABI9SRWhi%}rD{;Xch!?m($1}_exG*p1!d7;Yx#~dLDZV#I73?5H=xx)clm$#XZdE_O`Bis;= zeE%1Zd^2VQn7l|%fOM%sJ(y)5)j%~g-%#*PT2HBE%s7gr;Uii;d^;I&KBO4Sjw#~^ z`2d%TJ+-hGjCLpV4*~OtG9gQyMK|hLY!SlrS`3S=f75Geh}*=(Q1-JHUIWjbCK?ty z79d|1On_&s6}yJ3RGx*6sPuJBJ{WXtSj#9ddzGBWDdx`AG;pN%Gtar?%bmGg70vme zW4f(}Noc-q5+)&yV-iY+Na)7DNhokK#>}yyX6R{%Sz2S9IC2^5jk*2tB(;eGPXkNJOA)~!q5%P2_{^gg<)7FF5%{tH_9)Qvnb4_amT0yfF6rA2}dJASWYoJm$x9lKd z;=Qc2!~IZrr=>kF7gSu&GO{4p4o!6W4^1F59BOq9GNTIv0Xa3PYt``EyT-Us6~^DG z^Sa0%K9kwGu7;K9H952H?Z1b zXv7JSXcD`Zo`ir$vU9>iU5+ByOmY)+&Gt>ja@9psoD>#aF^53>K7$hejUd6HPy-&04M~|tjj5i`o^>}u9CXlTKzn4bT$icsLdcjuhJ?}m4sXp5YdBUs!w*mvd; zrPoN9@9`X#?HrA(Tpp;|q!R{47x8atNM;4|J3}!|&{FW00G3)yklS!2jN8?PspvvL z$w;igv(Uk{YHo$ck3UG5!!=Qq_`%$Q1l~;_(t0yhy3M8ZCZl<8PpcRe$;7;V7NZI` z4EaDr@;^b!ca5{`mrnh4*2v9{g->Hc8QRMXEQp_0+DsxlM%_VKZP{R`(y(5M7Fwg= z{&^~4x-Vc(t`{L0g+$un=xNPD`)@1D-+U4CXAI|3Gkzwx9V~#se3lc70+2^uObYx@ z>SY+**R3&jf{;J;91fl+frMQ6qU1Ul#lO04zkzzrs#8Gs3BqI|D(g&CuOt%4>3whFk>!!PyrV#$NLVV@QY zM<^LAo^PpqI#}0gu(7jqm2p`6-Jo~)aQ-T#i~mgCfaL;E`&TbGy!zm)J57M@t(kKl zS-l01Xn9TtiR(I8iZVB+F5U8h1-27pbRz2`b#%Wi$(~(b=1y>1z3X%nnlBgcF^0Rd zXe?P7dHt7;C8Tu%Ks6{OE<@#q;+z%Lo!Kzinl^+IEhph;Q0W!C`mqwsuwc3?^_bN9 zdwJJ`9QpZ3kKw%VokPxn)cjkY7I$YD^KFZN*=b2g4dB1QNY5O^w(aopAdsqb8~1wE)2OZq;fSgy$*!}igTcD$%_c2Rlq5_k%HMGgwI zW_^U8XePb|D!GZ199P~WEOsAB4tA?e7TWHbXx<5F2q}L!YWq4wSq3&HLL-iZIZOveM0ocrZf(gt>x$D41%BOZ_{IP1t0hNgMqiGxALgvfVt{N4HllDG!8|br z*)U+X40OmQ=#b&qkzxo&K+2v7$cJc$iYw}uWV?<$=B6U26t{+q(|Y;xn`U0LY@!7L zIeY2?+?R}pG?_pxc#^%2t+V4l=aLM^zCY-*ug$t9gYs(tZ{9#=R_EM_=*dGYkIb8= zhwlnmX1U$dUB3R%<(F#2fN?tyG!m$`c3Auq+mkGvTg>xRV1%bTWRC>8-#FIIua9*z zgz9$?s^^wu4Zz!IVeDP%wHEMFXF2SIJ!tv=IZ5{3 z{SDj(Xc}o<2tz;(#K7k$gzuAaY3Topg~vwk50BVNcXDq$00pI-ggd?D`nb?^51$B6 zGhD9fucbD_-pr5K?G zCB+DeG9&b0KgP~@tDr$aaVqF&JE%x+>FN>o=y#G&P^;x=4&-y;l)r^Ex6>0@*jw5I2zWNJmxR(daqy!9r zk%@(ic332jeHYl|Rs7rJZOFXEw<6xTSJ3GS_WA+#B9-IP#`;ojKkM7UDA*==I?y=+Gqv){}5ew^7Yb{8pzWbL> zeGJsDvs>n`#Nwhkw-B@WI~db5AP#vu?oXT*ILwjwgMI4U7PaaMdvgx$HkNO)1c3*W zzA|8%S~1xEA#}hsdvYUzVMi7n61$)MwZ_{SihjmJw%K_MTxz#eME6>56Fr~Yqis&ZnPaM2uCBI4`V@#F*TRKS-cY!9_(&5ZQnYcPMuf=%Aec7aOx75jnM3DzUypkp~c1G_4W0cLE{fMty_m!cAuW4alCqzgwuI)U`yfFONuRiNdY^KJUxHYoN)cA8u-CYkkVj2HFXFfDgs)XZFJl*gH+wA+j*S zp?z@!{*QePpRQ@-ulaE3f$~&A=K`cyOgJ(t6l5EU(86q@*!Um?zB@nt5exwZ?E|-7 zgdH_T@$)%yNa=sHd&Z**kp8iJ_{H9*ubKCuA)y~X%KRCr>xzrGtP~r~@7#6$?k-gJ z|B?YXrL^p;$$!QVz2uTEJ?DaxLwmHVBR`d%>*^mktxUt!^I&rRc5-?6!G_$0F*4BB z@o+={QJoIz&7YZCMtJYKOk6z>!C=PJA3H+Yxe5pBpaA0(z>x1`%(r?COtL#EIl1D^ zo2d8f1=niEXYIQnmnP{G99}U2oi|P50+S7(yB97}js|%MlZ$pv#h^r~a6- zw9A)r(qL)cdm}hdaeb55E?JpYbuySXkVK&K%fg~YR#XxXM^1ljc%mld7PsU)wOmIn z(dPK0*wa|GIGyC=tDv`}v~*Y_S4~UH6pY-S=TuuCKhW+|jTztyLFD9rI(q~N`LNdW z;w%WcG>J>X=XodvqMYu$k8imEb-3aC=6q5g=-=be?#K-_YyR}u_JGP46xQ1p@LhS; zjC~j2rFD9f7_?1*K7#p3t*&I6)+ixbUDEUR-iGEbgyJAw3w7cc27^W%+mQf%2@!IZ zn{?V(Io4nzB!Q-BuKI%qAuA1o(cr0;7FO$(dZ^a|G=0p1I=e20^Zqj6I4S(R^l;PR zA!v;~2*P4$RR#So#z^}sT{T0slTCs}*KOl2;Nf!VpzqauNR{r#j>O2lX0wg*;@nuC zkJKD(cd+#*#8Msga>}dE;?IruJU54+Pr$gOu*{4z;tA914z z&WD4Z^&TUW_#lwmnwgB{(TDiPlq*Y!9L(KaLzvt6ks`7DTyWkLnRd8qmVrrs{0S1! zq(9z%xK}Ehl!p*8-Q>k)QhoTutis%jTQa_QzWBNX804k9F&xW(Mi%rE|R zJb*EEv?!7@3>j4uNe#1|H!{Gy8}?N>E-*wG8R9RC0Id>SId!Dki%+H^&|`+kdYtoA zQtU11gY)>UGZ|6LNoTfJCXul?SS+|t^56QDj9ITzt#>i$yYn(Srs|b)RCHZr1h)_V zSgmmY3iO|HtCThl2h;3>uG8IxmcCc?fQN3!?o%3>hnRI&eaIGm2}1YQI}RH*!-;qr zY}Qd>Z(nTJyede1{oW=TJE*KsJ;js~i8}{1-xWC=H{T6j@)`0D=ENU*xYWn(+y#2! z#sh&>1Tug`LEsak5y}lUWG#d4u;CcH8ht>WuSmJ2ZWkGi*z8ok0qyf3OvmOoBWG45 zLx6NgI>hqd!OkNzyB$}g-1)tV6UFn(@LryYK0Z7|HBfjipjWfxh zXt?9SLpURJhaZ(jh>UJ}Ge#Hu@Siz?@4Sh=zS|>fu}`)Vg&Zdk`<4d;75LyW6pI8s zCEy+oet2NUD~gW5d~f}A@$L^WR&|@+cEYHQ)fSY8j(7chUjp@tCf}G@)fs)R7Pk+o zoQ9UmY)qx+W8}BEqnKXpMTm7V9YE`Wq*lo(XSF?IUdSyzg+&CpEI3gAiZm;ZWS_^w z2=wsdMx&Z-`fNsQh(bOT*hjsF#>*nBlFcM=9jSzwxXa3h+I|e#K=~?D&!iXa@PiAd zuy2Ca$TRc`{_yy!a=;JCBNs>ap~MI(UJm^udoug&<0!2PkQXO#cpepd8Z1gB{mE|> z|7(mNXrQfgVT#nkh&>XxbW#i8uvbxkIsc^-KF<^QuxA1A&p&A=1-I~&HUXIaK*UJ` z(iK6td8solGiAk+F9!87bF06}0C_pP+1M18L&+s%9Yv-pwrPwHXazRhSLWJiP6vTL zV{Mr)*fLTulu;nOdq&jl96U3voB^C%z7_P};mB|k7xCR_gyB&3E=oTF961|j^7kk_ zT(bL@I2-6?iD2#k14X9)bS-zrA4kaWZruf4%gHAEP>kvn>K-_4)K42K$Y8jsKl4L% zwcS-GgC1kQsE=`W-v%A`qvO8vAXfk!TVkAM!bK@}bx8>q^}zUVAvuBp?Y-?!_m%HH zE?xh|5%S@H&8V?elF!AOwh_W1*nlnoG`K4szlZQogFE<_hxpJW6L*j!xg7?Ik?J|u zSiA`Qu@PS@>J5?5d`E0H9dB7roJ)bie8_ z0!TOG&rF>PwaIJTv#uq)e9%h?a~IFv{_x=x{;kSH9!412<-mwIeO2_#aR=}R&;cxK z4!tPw;c~C*q`$Za$XC_RqHG5$>QV75&h)Kg2ES=Q&BE%bC{-L)0FA~1-s4t(2|#f! zHC_)O3mb11G;VjY)A$3zczHb&Oo7_BoKiRVeUsZZg#4v55ufQYIE=G#QxrC{G&Vj6 zj=^(YJiCG4kzQFj3Ij<1^v9cC!t(|LQ&8mKwF#vw689}H%tG)O<(6X}1>*v^B2jaa z1ppqSHGv^;$M`G@P^oarnjD>_J(#)uv^D^@ob)Lc;_+CfFoO7nPrZ*_3 z0i&ZPTyy)TknJ~2u_A^U4 zTjpLSo2(a-^6*kOFyMiB?LO`%El>!hLu!-JfaM1-W?m!TdT_I3l_DPjSfV&|S{z04 z+-*)vM74uXuf!%J|R3UdVBdf>Q7>NB83|N@y{)WDK$ajuhG6Z91xM!;7y>OBFGdY%Ml8QnAB5SD0&)VQKn1li~ zetLSMPsRk+b@INN?8XhVr)Hjz0d$MaZvDGTWG7v7lCn*2sbKX|eSMp&=%D-@HSO&g zFj$T2$ezyxY%3>&RM0SB0QLluyU9F+Ikeqv}E2#6XA=~S@l zFL}iOZ+alngg_L@@qOaKeWvmGS>T>mysy&Qu5X}8k?q56^pNTRBaU(Gna^DX=xNm( z{r%0<*|g6KL=spK=+ANhH|u5b6d%d}4eWy+Y@!GpoJjzeRXigcJGr#)bS?<$!2~U6_IOLX@`G&ZYgF{oL_RM$7Imd4) zyTd7Bajx!8=~_c6lExRxteni^4!4GDGx3S*-j~N$o?Z#zE+e*O62tUsU0uLoX?bu( z`;oV{9Tpa%sovo|6Ke9k&jq)!Lt$Rw(0EjQtk;sP=P4{~9K3hjqd(Hz_??L9q&=l2 zacKH6LZ!ANByA%Dq-AakxovI35kYTbn7~&lrS+G`P}_bpvgltiVR1+?%6UPi_#{gG z5DFPtLc9XXLh&;_c-R-DvbdKDoQy@^2^H^;KcDjoWHWzVNO2n4%uuoXm1f?&(RUm? zV!HcRQ95S>Yir9kU$n&Jj&&1)Z%kkAb(%EX-=V&cT;@2oMvrjSHURHAQyH~g($E0U z;d&9X-lP*Dln^12*xBzGKnIaF6e<=pFhT2q^WQ9g6_qOuU#$5u1?82Xk-c@NcB|6y zY`cli>@Bjlpnr0>)a$Ws=(ers6>R1(xS67ul!PV2)$+hWi@31K-_w(wKbf!9g>b)X zMDmi#l1TLV34~>lq&fj+Ugy#Q3ABwjj`(|{uNvM8&~j?zy{_Aa`_+*uM{@JvwX7PI zlHK-{t#7BneTg+RM$6lNZ0B%Gyw|n=@wscx#%n|JMz`HNHAVf$SXhyyGKsfPlX^V| zQ$p^19hep)~d9~VrP{i~6hT}_>;)=hYDmr|s0`10)=eAQCw^9i?21uWI?F_5G5O4sSh0?@jQ0DnC{`GtBU;U zaQbAJxMJz*szqB@oBEr!*-(gzrb&dKFFtacwW7J>v9llW#mUy8d#=T_B12@3RzdQ7mH!{1NDu21Om*sYeS%Vi6VL+Vif5~NL^ z`5GOzz+(We>rdKfeN|rH#YJ?<-4L-j_`-0yx5Ci=mqmKkMr`<;SfM({g5-h0$XtSx zQ}?0A>i~wQjL^El##k4gI-^T50NaTe+}kzG<5i<~Vub}S)rQfYRXN%o{4v4HDf96IgA6}GSoyd-F zwy#~qEFf-s=ppVBOi8|H^5ETWEH#)bb5S`Q5tZbPI%ImhI`gK;J|_IbQU@U~DF7g5*0y6Q0tl_~yC;31@V)n>DjWA1Ee^ zzn3UkHer+(k#HS-P9-eb`$(A?CZ;C#;C-{hsTVqJBd)utzt^Tpbmop2UO=nR4PeWk z0q4k1IFHG*(70md+?6ayh*5A3{F#StBhiTV^fY_szQlaY(s%;t(%G_XL%f1HcJu2? z-wasZ81(#@SQ$i-%-P)YYMCNW3xX&)mwi{)FuV1YrtNxdNzhWDe7q=+o!)BX%b4!X zFCY4%4~L_44C~Kl2hKQ!GKn?1!S{h-1%#3XD(Q6P%HhDWVo_h7yAiM(Pw_C&~-urv0-5ysdz*^y-C!!^yQTvS`CMmaEEW(>F+L^zCn@ zHUcT0o~aMm4UiDp02ol`@EL2@+-E{`R!UellaqAIfD9Nk%XsfR8grn3Lx7JaVZY|W zczITb{6*c|7Y4E|A0(M47&{jioE2sx~7AMM*g&oI_Jn!WGQgr#}DhHi`APp-vZ% z+Klz^FriMi8xBtDZr#{u-!Rk6dK?_2lKTA)`jZ`AN@s^HWGwGKK2}ZJ?GjQ79_|f5 z-coNZ-Saq{zUovJXt6-~xS;0b3NXmCan2|Q)X=(b#;?b7E&w?r_A%p2HhrXLYFcQ4 z@Eag#sK|!i;lr@S!pjY$prBMLLT06jg)&H3mhQeRu&j;HIwwo} z2c0mGzXJ4gjUOHKcm=0QS-N&5XQjP_R%bKnFd@OmD~SI3{<91u5y6j41W-ZlQ)6H} zUe%S#{=COVKmq9Wo5%{%{7q2rIC+G{$vl2XEq~s!(CwkM!q~`jEc{|Cio;kETdTc( zz@Wqd&^$gKP5B4SiNo0SMR}o4mZToT+rEAizJxbAT}}SM4s--{B2SaVL?8!vZJ{UF-&OiLLTDRogg#4pYr9omnF8QZ%UVkzhR4EI5}q^ zwqD_k{K^5#))$6?`HulBBt1HhYTIU`|6a1|;y=p2MhLA*1Id-Pk^F7wxN)M-a-9Kb zG^r}`|3e!7<;#at`AJ_=8K_%kw{Q9TD}9n$o-+?>4%}RysZ5$!NtJRksPylX{##aL zK0-~3%y=Ah5z-^F!_4ILwmwFaT66j~DT!Pnwx0Uh`x!P60M@>Gm47+fTpoWbA+IoR zx;HJj(oI{G_Q^~KHc0-^0*V8V@u+;+!+n0q{_9mhWdnN9qbNRiViTj$Ndd}C=y|YNv#s`7c4zL`DD4U5Ys;`%LO5p zqd+>H>?e-*F59nRDP24b$BywIiVxO9O%`k(t<(c_bZ6+2S>2UI$A{j;K{Bagc)kE) zk0l%aenRYBWWobnTt)dQI#|C>4hBGU-wKtrQolW<;=Tv;i>YQ|m|53qy9_u-N$QuQ z+vLR7f-YYEL4Qsh`~cJK4r%A6y)69;LtpdDt0o`qH?x#(xYc!$=MO!9mbRq#oCWaK zuv&*l5@fWN$kf2r1^`N3W;wE`U~%}T^-ZF`pox+ry!-~apuU+bhEd$JUkiCzM4%~9zN83}}tqU&>GiwruxO=#( z{r`P}0_hb9oP4_XDo+F>U_JeMY*p2cm3Uxz=dvp=Pip0iSBn8qD1Pn+<^m89#pRz* zE@6TLY?pxhxCVd71Oi9m1DwxazD$&PEPBNurJUAC+j=^jYkrH%3o7LLCp`eX8=!S% z;@Te)Fw_{0I;b6=E2(|59D)+Q!9yjRG%;uHQY89B%|pdptAlpNN{e*HLL+=klT!4r zo8m+;-^a`1l30!{*zi^a$D6QsY6hGp!d@^3nKlr*Q?CDRZ7x|UpKzU+Ex&(vh>`nI z=`>T!_`KhZaQhO!zmP}QdJp@HckTF=)Y_1}f{>20d+~U7I)6vbtJEkq3$89=Ajo9Z zVor!T7JpGnltRyS^lh)5iT(rrkz%xzu2a)yZ>CG%$0a9{zt5S?_PcX9Y2}-hWa#;$ zbSXzo#$_&LNo;hQdS`(d6WwS^_;>e{lPIzM?#+2KzUCxFR)1wxap(K@?^Q8Y1&myM zd6w6k3L^i_b=%D&zkG{m+?mxmm)}mlK(a?T5Ek$u`tH*`D3iDYR<W;6ITCkK{%f^mc|nj$j<}u$Y!7cfES_9P%3W|Aq5th0%oz zl2^8*@>tM=rMxumPZB&+zonS*g#&4$ruE461VL1I;@|D8+@?xdQbap?^ztRpr6#Is zd#%EMV}|ms{!vKS%9t39Z{TJgMZ){b)`Aah{FBE384)2aoj##afzt9lt1>XE?wp!K zV(Omj1a-cyc9*1p@*gz`0TOkaWP72=odTFIzZ)~D9`u@!^2Oi22xN}}lmDv|*>e$P zyh-a3+!yJ6$If7X3~BYE^oexl9z0)7EyGF?quFc6mB9DZP+BLtKj z!p8I2p+{V9R;H$GHMO+{Po7+3W?|{zE-GxcocC?Vk+j}B;1$22+h46%obn}y!M)G5 zAmZ!n=1b{IPjmC~KI?&ZP21YqLJq}u-05f8_T5TH{h0s3AxaC+ZSBLCao}1e#6CWY z;H=sRkpnIdS?be92%^DeD4F|ec;7>5!=%kjOjvKr%Nv)5E|cnoCE{ajOYGTh>_{Dq zpBB_syj%A>$YV9yH$X=g=jmC^xVX5sp&@D=9i6s;0WlI!(z80%Tf`@%3RDgu>MYF& z2@n8xu@Ib@8zGut*QbicqwuamD9p=r&=D)Q8va_lo-3Vk)WvkGt=Dz-7L}+QUm(%> z+VW9r|3Ic9jPhAs$cU{=lD_mXH$VS2c=COH%b_;KNFwWL(`s)4TB>=V;2Kc@NcFY{ zr)FeuA1E9aJ%1CK$R5OA8+)RVHZJyJ_U^b%H$l??vY}{T-p18?hbj|9oX{vB&KUHzuw$4 zH&=fpH2o@~T28y=ts=KBZED0;G7910;lZI-DlXB?gI_e=-&Oq&F?dP~;+&_s>VM&& z=@mBGbksEG8DtczDv&^y59;Y<*5TaneIxTr=5fL{*NF0HUYL3eZq@N;t<9aD>(uV= z?CO{n0GO|d<@SYp4yLBpUKo$9Pu}X^+_adf>JrPVlAA#*y+W&{ zswY22tQwoGpwa6s!(<-a>X~%WCwxo%Tvy-T{MupdmnG$+2C)JTLg41(6{MYmm1t`s zc6Cvn_nS8p+ba`u4_@ERbm%!P)-j~T$(i0Z+;@fABJQH&GeHw3BEM6pM!b7U)!UOA z_xuB@*ViAJ_hqu_+Dz@(tmNg+g?ObRGL(aOIB;~T#R~cO<^|8gsjb!9*s zDMpDKK#6q8>LfrkB0b81?Pbm0mm7|wUEdQjaoVOfE~thlBsLGgdw^dRY?c85$AZ$ofEZMV43f@@z^4j{y8#nD`6;B?kIg%`*X8 zUg3%DMVMK>#!1r;Dg-u(x@}vZJAb~WWW+kz!~nRCGULTg^-4CicKeoXx?Y(icojBYiZah(`T!~Nna|?x()l3KO@p6hT6fe1>%%R%ZJut?Lz0CR&^ zRFn!le{3_Qm{-Lqq)XKh!Rcq$EMnZuK$s(PH|fMB2M!6iU6NYWb4n%Y@-7onUf2<- zO9!{3ymI9&cn7t*yjx>)06$YY9uZ!$BnH{6$G?2HztNUmYt|g1y((mR&&d`a zV|xFT4#Z=S{Imrk_~(NxC5Hzj>Y>U<-~2U$$2UtgWACAvr=)dwQE17ei4$0 zZhZs&ic+3VB*ofZ7$37cF=K@hS5Ma>jk#gryR>AvJZT!scLg7O2_i7MHLz@BWGhYz zaK2LbGN)l_Q7(ghw;&3gS>GDQKnO=tj`beLZRzq{3c;<(yTEJuVj9B^?JN*0eaTu$Nh!G~ zFOWup68I}`CJyD}9XTFXs{Ql?d;ETas<81wAd5vTF=HP!@-21Jbc!6AC&ByKq}H0k z@Y$jD{eVX2jBXAP0m5wRQ|o7#!UI_D3rAZ&e=fZFYk+)9eE*T#rrC&JAbM$bcGj{O z>ncp`#dq}G+!$-*<;OQN-0mVv4D8H@i$!+#_Bw)7)6+SL3Kqw+tsxM>*C1m6@hAUi z*Hs7|s<}czedWWHW#HRj@DYrE~=`g&$Ycij%ZP%CcjohMAUD;vBEIl z$j~F#&NF|DMx((od<@AEtA9m65|MypF;CDfF@UD5NQLwu^qAnGD%xJND98F#zPV6a zYgNWg3BqJc|vRyY*dX-v70`RliMB8j2^jkLiVvIG#pzRtM?8 z9uRnyB`5eZ4NH-nfrhVDnG{X!S`38!!H0lHUTCOtPBnxtPE4z zl0$gwxJeIjd?yuVUq3=JscS5nWrBg;WOP@Egj2a?lmy{1L}0W#{^}?7*c+;y2rN3{a&g^b(9%}4sBnOO-dYC} zlmKx?;p%?DQnL1V1tGV8X=&;D`-%!K^lh5btbcq00nqW7YGeACG2lAbuCb7U6xv4M zgY?+*iZB+H&$T3n^&dbZY4UF8b-EJNj01(5h;Q{aTOT^QM)PR&6 zkh#YJ5naan&yTu?OI#;@$jAEz4ZB;}Z*chKK)Hn-7DmD=Do!Eg+!0tX{!u9l zkkTx816Snp{qn9`)i+2X_(IE*0*^(ls>@y#+UBD_Gt46aT*1J`L#!UA8z;QDQEIz& zVIpQroTj8f{nl%b`jOcUeo65AcPu>AvaeXiciEc*5T*8JyEJHkU^xT=0sfD1^pb5j z%e?8yJ~Ut-=d?nRNFbTmO(nhrGI~(m%y%Hqx z4AmeuEwEnu`Mfff%Xh6=j9VRzyfQR26jJ;~u{^vhg;MAba1--@HtBa+;B*C_i(QRA z5c|@-!uHyNxd^;DJ>lW8-z;qXoTt!b*YrjVqY1`-Z<>F%Xl=N5{8d6B|A8*qX>|T! zRqjfdkRB-r(Q(@jx{hk>7j3y`KP_Ez5I~eWR5oz=<{z!6jt{>{h+WCplO_U01s>x% zpWxfYUN~Xw;U;fBR4CYu))6DIcD{g+`zCn%kDxNq0yyu8=&oV|ay*6j(^D8{K;3zH zE>yiGvH3mvWBb8eER^?U3TkR!^k&5Ky%@9)r*>YI z$V_b58K`EIe$=!s^vdNEz@0dgraa()uSlz4&66mCOMunWmLxy%d#rLL#$&tMr#lcR z5A^)&hQ4sM=G<_a^(R3q?2Dt()YhbDpH~-kvPmpG?2j?C^s*T_C=Xg3Wy5U~#NlHF zg8WiPn88Ye6-M-i<=}gFCM@W^9Z&XG8v=$W6eR&f#m4;};|TDnnG%r&r+%K|hI*RW z+VX*ecO-?p0eOnQ9a*YOkX+vJJw(vB#A-Nii-QL zmuKpiFDyepfXIy~ebWG&KPOnl=301FUV)9x#r_)BNS)G&!lR=0v-cUX5b_AyM`{jE z)=lJ9je=7$^QHQIM%eyxr4k(*tt*j`q^D?&EKop>b?DS z7M}eo)f&fu-m`FfKY$2Rd}?scE>aMs=s_&>ftaLGnfFuJ z0=Yu`RlZ!!^v3({_z2O~f zbj216GqbVG_Z%+;uL*2LeB4wJ3Euo#b8erE=N2}GgcS#w<7CYwf4Tohc+r%8#jyZ8 zg^~j*kgR(8GZpx>ePpf*`6;Mf{7!~Zw%3Z43W_YR6JhNiHv@F8v-n3CPn06ZHNtq6hhTxTpZ=l2a&3yvFkd!v|;e z{5P8+vk`5&>=pd!-NfNf`~m{`xw!P9hkM+}$k*DmhmHB;p@cUg?C*^sv3lIrSOwq3 z=mg8SN({yEFR!Ic13(G-Ua1s)Lx8aE&?Fwn%z%n#(Y zcZrl+{tzt|b`!qB zh>?(l@rwof$|hE(6M^D{JyR@I*jzy-=GQ=X%WDHd zFX^)v65b2lisAmQ#cEy%louw}> ztvB9m^RjEQC>`Z}#?W_tvo>M-_B>+AwKJvky*+Hg0~@uik7mWss#yGn)i5w`>d%A3 zMEz^7lVH-MF2KVc(*_$f8dh<7 zurK*d=1cv>S3wfF+<`=~3T5H1#p=HhXI@6fEZ-@WDeoNa7Ud6`eE&mi*;QO}7gJvh+Jt`c zmL-WxJvuh-X<924h3_Q}qd6(4FVbZ)qT0q(vs~nyiZ`bH3>Lc6vn+=SXP1_ggILWi zEOK9&-7U2IhcaaWM1n+PrpAFGt2e z3=ui3&m3{QRpR^!Z>0P8l&$UyAMLLhbfu_0D-T~By<~0lCGhqMJAVBFY}@$V-R76T zw;@#HyA7$yx?*X1AirsY{+Mw|HZw1ze20zLuT{8e@agG8@}v9;b_cJ(^J{2~xnl8t zwvr8)e0>{)!zism?2fP??YOQ4;_gtOXqk91thIo*sK`e;A!{ko5in)Ao6@~|RZBxf z6CY?LNfNfl58AqNI6!#MOo&(lvc9FeaDn6S#Qr%CxmVuR-ahVA zk%G8+_77*E7J+AzttZR>6%8&_SgLg#fd2+A5*-`s4+TR?U+j&Sy%;rXYYV4BbSc3h zhUkCXW7;7XXY<}n`eVX`f}KFqdTZB5UN|wSPoccPO}fwisjGqi`YT8#*fL@Dyd`02 z_gqksT8ry_@!N2Hog=jk&mPW|=Mq!U(D-kpx{Nnv4AVfavBN^QoRyW8y`y6@4le~UPY({K@gsbh-)2*uL2^(!1- z;->^vhSpeeTEX{Cq%OVDlwyn=24%1U{BeZfp1lp08FZUj10`d>|U; zg1&4c5X_FFQR(gOCgbGf3=p$i-JXYLg+jb{7&LrV(4 zyb5QVDl7(QUe$75gFXF12+eQbz7+j2&<|q{5MiOjgvl zZxocGSI8}OsfG0N1&2x;nnh-AK{V^&AP4Y1r0w_8;Uup|Hv;bC)-$r$0*aSJi$d7p zBS_2P5)>6cc@`&|Uwt_&j>}>c%SWlpHJy*l>^IiczDvPKmUh6s{YFJjvB7Y^F=*Lm z!%V#fghznA7cr#WmHw*xBrwth{A1HR-)NO&0JLzjE*cn^tTz*%llP2{>Mw%W$kI`f zj!kVoO~7#kjOznwBv8*g9hsfys#ege8rLA++tM5ZWzUWXno zE`$g+n;lTEb`_ua(t7M9`xj6?E)2j`l4N`HN8+-1!90KSrFE7yhN(KtLR5>AV)F(oylnQoY zNmod?rG((nr;wF$W%|<6lKqytwzf87?IqFZ)}Q}ys0OI8G~+d0st*IAUZv{>0w!)@ z)OZqsyu7@@@^A^5(Vw;5JK`p_NlW8{j@P9}RH`+BIAvW?`JA;GYj^s*pHS)Q;QF14 zNs|f?D~YmhXnXCf$21KWNCH;TCW%qTm#Lthmz`9K=@E*|mSud|xHUV-MWa*)Y$^E^yz9Uq| zumB=yHv8Kv&$m}ztOV>i01r`@Sc zA08gQ<7naF==fPI|FyOts}I+Sv^c4nDP#r4`p4eEQz4m`M}si zQ5(Lc!sWj0HuS5u_I9$kIG`lkG~-YvkUSS5|C5|~A0O{eD3tMb0o_Z?zFTOpG2fL1 zB60RT>LBg%l5e5%I!OoPwKuWT$dv3PkDQl?+$Uy2r;7y?Ndz+O7cK0PRi>xIjPY<$K zh?LXQ)1x$JlE1|KLw)Rp_Ao|mBy{ei#H6(maQRa-8lxrylo!671;ksYKne#`ozyF% z87F}aq!Pp~?y_#;@9$qlQUtP6Vq3NRu7RIR^1tVPkvGiEihhYNdMn&%ksdeSsW*b(U1zO1gcHeNf%$7W_`pseB3 z-*SNs1Q}C4ea?#p&RUnhnji}d5dxGEXq~Ce_K=0QU$Uk zh>)o)iG?oBv$=&DoC_;^9?%`pA+-z3zk5nba`%+JNHN!5Ad{@OOt)A-)a+>Q891vL zQ$A%{?vLi~Ws?lOUtsk3pMd8hV05Yxsaf0rk|H%Kma;^4owgjY)%ltXd7lu;n z)Q5Q0L(;c!Pv72Nz>$_Fu(DRUy3OFrcvY)LEG3O!*2>EJ*jVL(6(ED8X>db{!81`z zqN4oek3z1&2M2}PJRM(Qni#h;%$h&=lFf5~^ z)>28LOmWQ1TCpxX$xAi)oBQh3piT}BrHWSxB|EEZO}BEKNmyS$@M6FXOJu{(D=aF4 z3?~;?*N!9QinIy@eP?uufnsKOewRV%iR|fz;^nhVBt+gczJm``XCTJ zKBQAEe}%cInBYjKfTi~JXI*+!(2J=t3L2>c^hZ+<7t#KS<+8({rcOx*v3QIh9$hkJ zdaO1kq4i}%=lQN{wVu~9X_-N)FkJ(F)U%WN9lTCJ5Nh&nI>vxl!{72>{GH=vNEzq*&}=1 z*X!tb>+}77@8A8`@A0@FkNcm(Ij`sIdS3gwp4W9f9WNMRVp6Q1+~}+LT%X!B6`Jl` zvy$`y_r7@fpK)=Uj0~UprjBxF&DtirBo*?y?q_DcxiAs4zDI4!&D|uNyl;{v`c99A4qFuuzfu2AzrfhKw>&h zQt8gyLFcqQN87FkEz4|%Q?f)9`wo+8X72gW{;6%;qH22=REdA;acZE%nA?K(tN}tj zR)J?Ym)*feH8x3}xXe{Qxmjk6u8aSom1XD0WIFv{C*_Ieo@&dc9^)m#Cu)$bo5%nj zJWep&{Hrb}(O2gFN3BTatZ)a9#U3~GF{UHQT&1HM-HsKhZP&67`p}#vJMZ>Y7m;*4 z0{{DCR3!S?yWNwa#q?_|t&>^XFe@q9_4b>s2e(%60e{!Lx%!B99Jr{A@zmwpr$wPS z`Qq6ksELZ7%UQ9sq8;|zlV!051`(Xt8@5cTv+$;p7 z&#K>Q6NPu{lJdR-#)XuK@BN#PJ+txl>T>&gd7G{C~xnl+VDRJ z#y=tBL=+WQJ!fOL0g|e&&480yI1*w*4${!~lHvjDbvP8u(I3<@@$R(?({L zcmwr^fH4vP!H`p)7#e7|*3#uoK&}w|w9z$N8>StM_Ub--mw`W~Pg@_9h}})5?S&i# zGWYJ-7VFh0_mRZeLR6$Q@Y9C*y>f!e3rBDuns<%-0{soj$YAZ34ZMnRnP<_;Squa%nZX<&97iC?)dT3HhLrq0u!Yh|sn@OGq0vqo9ij+Rt_{w@f*SguH2? zyQiTYP`2fT-S$Gju8iAU20#2icKv_s`u`WZ&e}&65NZLo*!=${*43iNu1{9nY?+M; zb1Pnde5)zC$FVFYY>G)-^jL1UwL(k9+kf>8Xa*B-;eyJN8Ekn$U1T@6(*IExtfWMK zQ)0(*(Ie^LFzZ_9SX!puALHhK5%Q)$n3OAFhZrL=PmKES)V>z|5{`b-58BJ<#&6ZV z>|PoY(bt<#|GBL_kRNoA3X^p6a+DG%0p9HStqK!R|;SU;CDG zVc&|^M0a)7LjgjeJ)$P7K`94W4g0zv8b`}26Y+eJT{J5j#p|Iq?Gjbw&wUxKY!rrv5CSk@&qQ~DP~TtDp2%hp!g4KbBT*x$(YP^4CJl8Gs$_j5<{y77i z$qtv@p}c>V!*7W0I8;*+hwIruVSBY!o(ht3Kwfs01q{jj{Wg4!*dIgOP78+QM+bwG zCA={EKE5Rvfs0j}s9{{1PIXF>&e?DOmvj#ZB95w#^fa{}N?CEf*%ZEU9^I6D-l{Yi zl^4ph^X>m#0ucFJ^FnWIr1OAB#bSA*N36fD;g6o9ZG|QpDA&dWe~iOcjpQG5FnavsQQRyb$TJRscu!hkwU?d^HfkPYH)^q?Y|!=bo8E)+aeB z#gec{0L7`k){)}%+j6&@I(@{SplE4ZcDlI#6T{y=0heNamM$5HWt-{>SMeVoTq)DT z*rRUHq|$0^=gfdHT!6ur%_b{Dz;iL27uF-ZxQtk8HfV}>B~tI!(M#YZ8#=CQ-72U} zBlvcBuDSzquA-+)lky6jIoVg?goOtc@I>HVlvHcsEZNAPxIZr!k=*gDe1~_%`ZW=- zemT|qzR*i}T8-<*F#>b%-&eS~u!{6?Xvr5sM{oE2v23l0ivxc?$Fsq0O#nRZS~-?c z4p4VGNZ%Z)X;W3xT8B$^G|-{ zTqXb#mSS-ac@gwAH#Ie#9pK(@x_Gdom+aCP5f&G&NoN-a6&{RpRj^}S4ZZ^Z_*Dgu z{urg7S_(RrgcQRpl=D=prq(^Uk1$qVo)=y;cywc^%-E#q(7gE$HV3p@-|P-G7HE4-xK3=4&^ZQs_q@MojM z)zqhnbu~0J)Yi0?+`fhWK$*VI#~vU;|893ScD!52F1h%?{)@D0%{;#K06FvhNdD;> zBxVkyX^Tsm-MR?LP1aWj0i#l*cZ0n^2l95;N8-^P!{gC!jns}HCH=P@&nK{RJk>Q- z$j5dQElTEy_dlf(P7!|-{CteBUHykt)|HsgM5&gRaDo`L(GD3oW~h?EA2sRAV#tjx z@Fj@|a=!p#*!eI?T9-ia9J=g-7X;`bIE8KuL&~IaRRQ;Hj98(PGcG=Req5yB5rV=q zCj}&hX!q>d)7aTY57WXLTUwCR%ALv}7tv&av+?Jy5|H&LXm;9*D7e%9#}Pd%vj9o^ zTy}Q$n~;G%z$|fu9%X%Dfx~PsvQdFFoQA4o(8fj2!6rCCL29n~3a~tke-_;3p$;p> zpUz`%0LUe@d%6%-jxj^d`3h~hMS}&}i&{FqQCqZOQgt@*Cc>kG;+T}n`OBB(8stSlwU`7b>*5xT z%AvAmo9d&sZpqp&MhJsVu7SVN{*A%W2WTVosFf1Y41?P6$DWP|=wn)jdXwz|2Y{UG z(DQ7O^k~w`9`=x_{e2Cu#3liR{1DtO_~j}+e4zi`j&OW@n-P9*3jB5{8L2d*{$PgJ zUoxPqO?eUP6%CKNwEp-&P-{WZo~fm%E?$RZOoEWl$pynrBNNKo0;xMvhcideMT~buf#;43*RQC#R zM%+aHD8mFVv-{E}gx9Zt`F(&@m8+LD5|LK%62!bI zZVOQMv*qTTdknubB;P*J0vw~Iq1}n!6014AHSIG!k|m@9QpXc{4$>+qQj-q}9@aT8 z_+5wV4s#2FM5Sv5_~&|^JanNlj=PK6#?*M9)be1!OxnhLT3IK0hUJT1&r0jv{rP+2 zTzXdBM2Z)uOJ@qERwJ)xn`==%Y$oxjMl7;bvfLkGlZk>2IVI=h@%^c0M|Qo-;|y^! zlQr+*d;9XLPisc<(OTD0N<*EC%am>O=2|V~W`FeN*;u2<*3^4S5Zne04{~h_ZysRm z+TOoT%rj(!_F&XMr(WKlclq+=e(8<(4i(0Jl5|t94QM|K{=$#RTBm3@P6%{W&VNa&CE@1Ou=NnoS#Lk6Nk^n0(vz~$sFCd zhr6%5A73!1&tLWaYRc+l0l(XN&swKv)Wv;G4;22hb2BjmFk6iaZzu#CKgV_sPhaSv zHzz?2J<%hHyX?fFO+C8y-T_7%f5a4zCOeLZqqCDud59&;b}P)z$-W9)D>RVrYdO&y zE;*HaQ#)}clS%D*B3#^7pR}@)^fmBY08-I?!0TQ$o@jtna^&>tc~VjWa(ZQ|qw*3_ z-;4?|jJw-zeolR)aPkRC!SS_Aj-|MW)M{RXwj?T?zgMyRDp}}84|;L4*;FLJ-D0vQ zHG1RsdwSH-r`EH{+-cCW_l?D|+{P2c;}JqT{7$Ze`(VNOaIy{IKN?yxoT#Q3nCWZ99wkT^cK={ z@xIx2yZAE+1yefqYvHZUgwx*0soXFAI#V(2pXan$Y+KU4_Mj?G)aMjV)LBVcEQNUw zm7+K3g+%)^FlhIm5>22-ltUVN33|j1EO1K^@!qe!@WEdGSAF<$kp&Vi25YSoU0lyw zEr4QQ*G76)`0og$JIxLM{-K!Z7sgG@jC9jX&>J|GABdEtnll#pac*usb7Dc~^v|$$ zzW3@K(cFoO9m^@IXfyV&x_5Cw&9{p6O>K)DxPEc8?^|rmEuNPv(NUztl22@Sp*I@L zIyi|f%RDsmc573^91yKOvg$n9q`X3kfiQmT8;dr*h0S*YkN-NNM3m4U8xg1iTp>JW z){Jn)tK%MuB&eYMxuXm=bqCyr$yMmY-0op|6R8G~3!qI&ByFE^$7dNozRa6rt3#;KOi!ZkM~o!ibNb8$w#-2&2oJUz(Hi%3OCVa-ylaHBAVUsm+TIUbU z-n}rq$n3TxC$CC3wM(LNZEWSJ;Rx{w&Eu;W4UN;TEx1-xp#3H9LRj^+t=5()Z(yFgB`8rHeL|VCcp9B@5h5Ch7$XcNQZJ- zZPe?@sPOeL{(m@K&^^VjXT{SL??|_c&O4WElHMw0F}G(uD=wiVTd+Be>3Qzq;elOA zPBAN&(w-JE#ECeQcFA5ax_MO*r-)KV>q0y6C_*Q8FSq<-;=3 z#QDbV;gktdY79`1E`CMbGJEN=*W%z zEyznYVh^tCJXE@GtxaZ0{z+|itZZtJUiwYBweo_Ei^|H%?>=>4^b5>Z^hd?9lY4Ww~IHKl|=A{HKiEX4S30Z>CcDgXIZsw zI4r_F#mW2*JHgUC1SfYi7Slj*r18$KGP&l-UPV?q8k?4rUDYOy`;jRgv`AkvlJq8p^2Hk(~ zZZd;)5FuX?##6u(l!wvch-jzDrN1s+Qa z60sr>-V}6A(EVn`IWWTExjANdXOQy5)f9IN`%1Ph^H(HBN5D}=yywnu5rjVZm=mzi zmjdR0&0O&)r%E)%X~7H}mH_vyy8KZ@YNCsx2*#=o&|&V$6@F0&v|3AZ%hsfg=g+~z z{EAmCf&h+>8fhHCVw-^T8q`wF;E)O*Wc#<`i%@nzBMR1U2(nF5f8^EZ1pvlIlwb4< zUZ7%llLj9nJp`PL>hDHsn_{Hk3oF<$eBB)&_AAuaV$71>IcX{ZWqEZb5T(1zV+0-# zMw-@U;WV=P){i>EXqT&;K$ZAY*-ami=Tbj7;mvI+FcxFN;k{5T?GX-`G_OuQOTcgw zL|EaNckG%lYfby<1);4W8D;>|hkfv!K^UnL)Q}&s?Mkb|!ioy!?{xr#I$fPPd{LYy zRHh3lbM8k9f&VkVN9eCjgvJL9`D62~z_}JFphx((@;#6|+D^oR08l(aa{uNlnFz_V zGlubrPfAEbn1`w#A%i`eLr9X$nOl$7weUg}prU!cfB02oj2i9UmaY1|P$<#NV2AI# zQiY94jooV{2#X@@n2Rkb(hL%jLKdcV_>=}CIMOWw@dC(EVzVaTTH{_MAqNtE1wMPg zCKO8!Sb>&dQ9P&u&=F>;g6P}-dt)b%Y$1?r4;R4otd2t_A@b3LA|EYIg^6<@k10Cb z76u6Jz6t;VJvpBug>4Ya5@Et^#$ZG&9vM(`LWD`+PTHph-2z%SuGZmk=g|(;;TA}~ zV;P+1q0C9MtxOMuOo6blx_`$V@GrD8ueBB;#EiK?47x`}_07u{u07sWr3b$>&s5wr zzip-L7p*+f{ViQW*I7hvtXk=<<%CdU@r+R8x9&CpK0I5SfuspJKgAb$;x&>!ENthR z9pwuDFIe2hXGXvY1&1tQZ`AX24r#`L1~=iG50lS%1h@YDz7YJgaN4r5qogRy8HHy# zLM!hdw%JW|2z<2t|Dh|nn5=!IW{Zz>F88tdS6rpg&pm6b0|OWV$2_7qCJ>Pep;cjWp#A1vr4N?>#Z%6PVFprLd@_4qWdyi zHH1O@+CN07A)XP;e+*`{rgR;!WMfkLp0m*L({(<&@Sox4woL=&NJp0o>4VtM-4W8^ z$F(kknUfg+$zm+Ie3@{5a@z#Rc2c|IJ0p@#Cesqwi$H(d+#{YC73WvTUvBS)Jr#`! z+0cDpu#|Ha6Uoft{i)MX|J!;beUW57ANrO;TRy(&wti=^E5fbAz$rRRe|7Lw6M0c$ z{p0qjx=!3uV%G1mkUo^k%_lXmGNT{u_nNd@>*3L~)pv2^O070Xf!~hiA0%-5pRjlr zCp7!Dz<4dJA@JNnuz zhf+Rz_-%0OxziSRrnsl1v=MUPykIptk}X;NpE;3^#@a`E@#&Gg&7Kg6$-M3op_Rvr zU%u0@gx!hDcF?#~F&ip2v-D`f-f%UdF@0WzZE->tp-U*D3QZB846hD&AdmfD29q^w z842#z7OkLR4;XWuUyTD1zEx}c6N9EsEjk)!`6Ig#xCBb8)$Q#>6Fy>U-G7AH+%Q|4W<@L{C$sz4(<*!{#I29tkoaEjpInH1PPB zcwRz0g-gkEP!S96DvHuKCy!K(QY|INCYSLiyDX^&6WQYt| zYsxgxtDa2FdL7()eM95mn?EZ;a^T5Uob z75V#(a`cgn3$i8G7FfFw&y5i{*xdaC1@b;bPtt(m3&&y;t{noZ${i8fYG@m#2Vw|G z-sjqDRl<4mp}AUC&AlRSU9sS@!9LQPKQRu0-ItXtcnaq0Z-bDpN1eeOgVJBC9#@Ah z$5P6f@yv$u*wSYMp4!D{Ec+&>TsZEPtizPP%srT=ZmHgr`j8d=KXwE`xD-3Cj|)Cc z0r=SBv%#gC5cTf{n`L)i4?-DT)N z=jkN+3*ud7pgAL?(_66Ff*Iw&r$U#RyzvJy;n$7QcWcX@S*cvTd3WSl%{R_Mw8fxD z&vW2-$Y0cZbu;USlw=N$(c9jjwq`TrcW$qFJI#mjIVw_rjtz!zBs&A=5RUK&T-y$> zFpax%SqCZ3S|6XspHzz;x~_-|qC%{qpcCk$Y$%&l@r(A>a9A^`TFgp?DWf9jEc}~h zoU>j|@w@fF6sqIgSg%?q39e9kKjKWwX#7PKMW_CL5S+ZK635QIpxng{4PhtKA zTi-RCcQ-o2Q!HdRdmkUXY;&p)dYlF<3|DmvXMC&Wrt}Jq2{qN87QP3YKUF2SY2XwQv0E>c~V4gdZzVCD+zA zFqv1rBMwm_1gt6Lz4?R#nR8+Adlk947%jL9T5mKT$;jD5=%4rmGug+^P3= z?sIMn)ZpKFY>SMq2#1on78fC*lLR^WQ<0)g2OOdEAzTpeZY2;yHjQ>y0>_oIFU3~n zh?W>#GKR@7O#>WFhF4&|_{5LHsZghqlihY{wY=?;lCxpLIKH<+2O=@kyocq4Nf(JF zu=5Qefk)-=fsnncH$Gqsmx&4AtxYo>ibS2^5O23+#S7tGN<@pP0B;E0XjSk8m>Bq? zV(~Bu!ynrd1Jr=PG2b9OQ1mhqoxry)u=1=vI#as9 z-F&9aw2$Hu&1GR~jI z-rrm40=#hJT#%UNuQq;7q{$Pe2gy-eQ$~r=TBfEVZ4_LKADj@HCBDb?fi7J18CLt zXF@4ph0dIzJ{cD$_+V6Xg?~j)SIvWugCQ|t>hf+c4zsuv1Oke2dLBkmiC}V%cy?p9I+u)Z= zjBd+Rl`nCN(OoQ6;g~WGC;3Jt{;sQDnBNy-ZW2{Vqi$PSc)=Jt7{!EC_QSNXqM#=R z-6dLr=9Jq3Idp-yG!F^ok%Ow>a!5J==J(_177Fv%6z+wY6uP?o6z` zk3_F#wT9`2n5UR#o+u-sGBqULcWV6AuJ%PqCxfHj_i+(W~>-6#GX|ZBq|7 zeT$#)x7pQ_ANbu|D@3-ReR_P%IX*SB=J1;@=c6SaG#%3zzDZ5|nRc2~dsLp*BS$j*l$^ z-iZW;gTikO&?kI!<1=ws0Zo!yWRO$=-W43_&Lx48&}{bGA?D)8u(~Lg@L=qO!b^8ANvJX)NZu((7`;-7}}+>#wUH`w$g-6 z^um!mpVfRs%U*sN9BmI%0mv z`st-g6*_W>?0fHx8nFI+bFcUj4yzBpoJP3%ogCgJ(&XJhnRxH&<^_ z5DzmMyqH@;deXiG$hqoVOO9t3p4%+lHTy=IZgb@YMJlQ-kW_x%Uj!FJXr=Mjj7sk#dVHGPmLB*u488 zFg6(r^G2?{B=GSO_84F8E^La#po2}4!##cJ5_jW$lw(wTPHq#F)!n@b*?p_vs1QQi zyZ49TMyW06P&^;se~`6j!o2Dzzows3`;UtMvWBhcy&D+JSRVc|9>O=Nrr}sNL|d#* z>>@2|FS(ZQ>c6k6tWfn91zXE;Ul+0EX^ zJtsiDwKoAsAJF@e5M2aDn|bo@evk0stZMgjfVKbk6;#$?yGs0QbS~;#`2w79;tC9n z+kRpX$&wF412I7=@H?k^1K%gF_ev?^kiiWVMP+VXumwxv9_)5AHWL%2Ik6K(r6fzP zfu%?PS@r~I7_Pva(Cy{d%Dr!GqhX5|uDJKelZ=$Lbkl(DFlf*bB)r=we^-g%*~mBh zwz&g&V;|9)RCOQaJC{;`eS2pG6wv-#oisPE-uay?QeV zBA%o>EAM!8u1gr4k!ROCBOP$UC>ViHDcorXYGrV|2zyz3^EEya$z@Vbc zMZ734fYcD5yNADg$2te+d-2v_on*z`+~@IU=PtRE=2WMu~E@EaH*Pt-qUF7iTO znp0tBHt!&RhJ{n}Q<;B=oU6G^N_}l6x+Cc5s^2_%^Qyd${qHR+!Ilk1g)J!MV9SSv zwq9rb4i_6hZ&D{7pOdy;PC{}fSDk`poVF$M3n zHwNNUzcqEH=-1Ds%KKRCSPgc5h=?zWh}e^kwYPsC9vjo%xCU*@fb!r2ooOQV^d}9A z9Fiu+-pLUECL2F3dD3c9irx5(`n&kli{YJOLnqs=gsi2<{qCw4`ing7w}7oBIv>(u zG(b6X91g)NxATU*&l;?Pi;Jb?c?P)`d0sDJugfBPlq(Wb6oyiP5tZV=U)EMPw7OyJt<$|~I=ThK2{Mj=c>W@2QU=$zietb%A2M&5 z;eiVPJSgwICDuTmmE%yQYUrk|x7q)T#-x4x#X8+66KX>r)m9sIT3aQ$SBHZRe|OvV ze)j`Emd$wpQxl^kj^lxjIs|Yjr|2X;C8BLnneA*_yiKdjAgwFqQkPYe+z!GymK$=X z$54>pQ1NBC?sY+pomzhv(ZXTK!`(7WtcF>0sD)o7L3r#Q;fdksUHSP^=L{b=URmUf zOE(&-^)9xE(5oEf7i?4u(d_E#I6l@b$-~jmX3?|x+mh`J7jM#Lc)-Z$kb@OUBEu4U zaH^N_%5%fqINX?cwTYEZ{59QcD`d+*UxsPBgmgtX`&NOdXIV_?NL^$fG5daBq4~*9 z%934Y2gSu8Nh5v<5P96^tulf@k7<(MkhwR$Ty3eX5)@vZvms#KyNHPrQd3Ou4T^l$ zU_kwdwlC6=pK06T@Wut z;Z;$kb#^ujP3pOVxNw}(dU5)*PYdXjY;L~sxhBW?H-BUUs#;gh7OVp)$9qn4T|zYf z^H=Us?n)|lHE%i9&mGqg9_I;pT+v{-&`?T(`sAtenAgvpTUO=Pky7Gj-!C*Hql4Gw zQZ-w0Z_jzxD7QRHRS^A^KeFD^!32svL4VVS6!SVUQOV)*DD!iQopu7G9rSPBhgcqt zegNYThw0W8mIdTLDX~NjcZ(dRn@z>@Jt?qjiw+OwD>cUKJ-=MQ(NZ53k-HvKl&QxU z-WeYouRq%2S4WSQaE&#{cYe5f3!K%rOoCXG@+Yr|l5uE}68p^-Y8ob{z90eQw#ID^ zWbKszp%|I>epv@5{!Cj$J6?NuQe8z`yS>f0(nvd*pmR-=zH<~D_i zKVFg;%fBGUeqLW&rHEMFTz4BUj_>zkT5&A39vN`Mixc4=+$3Pbeu`>d2XUV4NJEiZ zuBWlMnQC1%`N&8KL;ewq2+O!WX)}R(`nZ>QD7#P!c_LG+^zf=jN=M@ehA6Q?of2_|7p*z|7=}Yn019pb*ZSYrxf3#h`v&3UN8!!aPfz;y+dV@aQ#*3k zA+MX4XmjSZR4Bs70F@ z($&jS`@Ah3JT})#3%<2B#s@7wEudGjk$v++DdBJ1&Pw1-0<)4LFVB>*a1JT_J-ljD zJlU`I#FpG1BSVsw}Bf9SHUL5$lMsbHdL>yQGnBs4p;uF3+sVCSpJwQgPr+I1* zp1W$@7d`Ck=Wkaqu$Qf#lH$9z*B}#NvcBNtNcWn+3V(%TtkY=isaGq*!l~aHx{77K zX;3p=6=K`zd&1TBe?qNEuy-~NXdNaHOCt&o*P);cH|MZxH4{o+@#p!Q{PQ1CVtF`c z`2(n}b&?vo>}ed$C$1#jx!Y2`0!9zm%_NsP2_eV7%<>$&Yq$0n1%|JtfJ{D%(=~|Q zA7}siqlsHJwUd*wZo=kAS5-!g;~P^pSoLzl7qTb3)8LN1OD>i>I?|^%qBLAN__4xd z*UnXCaP^2tPD1SsICwP&^keqI$G9>gQdQI|J3S>fe&=^C56XCyv=wotoYDa&sd8|e zg*kflZNe4?)8|)x> z1LiKb*UK0{3$Y*rIfATS_1$)FLdCA}2(#;I8qv_uSaLT0af_5JzMgeL-Su{vFOGl6 zH^fLR!AWpl^j0s5)V)rR(~$gyd%IJO|MxL3_7N_@wPL8~@q5!NH+;LYV!qnE*U~#s z)u*8q+$Mi;Ho@^^@`^$LfKW-Y;wVYOP^j)yfx2S z9Vz!G3KM5*n>1BtAqu9zi)~@Xm6Umj5a10TZ07d?^^!)w=4A>P$xFuCdwh4c*H||6UBqQNf7Pm} zD68hBcz->|xyG=0;o|$DRLKg>U_Ba#`FyqLkcY{@+Rpji)9}o8pbS zPICmR`0O;S?l@Yo9FFIAY8D{j#fkomhl|&GWfz0Bs=bild7XSfkrYUs;ni)SoPOl8k?oW(udAvxAi zcN%guzmm}#9M?1IA?e6xe&qYR%1kSM=rLPT)?CJ&h5Kj&Yoap9EsJvbqPWho`_0sL z=$zi^$6yiPoXORM7Fx)x8E(~70x8_zlMp%FZ+BV@ejo9r|B!Vau3TT0*gUd?i zoE#X90+%wLgFAQKh3q=vUIyJs*tPdnQ@n?|Tde?l&2m{L06RB&=ZxLw+nNZrn@GAl zY?Z+Uh^upMdL$dB5o-L9Qu*(6#}kB1FBumd6#zP=A7-ftR8>T4exX&p%FlKYJtn`~ z;ehHEchp_YKB`D=(jAC;_b-u=pE@a~N4RpV4w2~cfE#pwPbhMkw{-ySg{_@U;oB=* z=8W-}bd?UVf~+C7^5s*KLTWbh@zw9T9)yKPP9~UULWFDWjtgGrFdg#<(2eIF9#T?h zyiTgA@?s~i_L_pc@jFCkk3sbDE$+)!sCSWkoHON>{xj}(Iq6yrm*gBb3`GWwUb3}fXF0!itlKK|m znsWUio1A39cVQJ~3Dxs+6sN?EFa5JxCe-SQuO#1pp{`}kp!mVsn%ssK3&D{{&_ijrj+qn1j1WI zMB<7Kl@SGgcR~y$xmAN}E1R6Tx4gP-w>SZqDC~0Gr32s-+uR;Fja(G`QC;S#UP_PX z;YRAo>$=L7v}$U5FYW?~uxCknB|XK{#;0?}_z_Cd;)Kyo)VjN;0xR8ZIq)()7BD~= zA*+BeK_p3Y`jdtaJv0mTsU8-Z;(1c`b0}Z#EZeyxN{9%?c~b)090Kp8=t{U2@_CB&7if&`TD9GaFvcAKMUIqB?Z*50Vr$qWOfTfzCFX~ z@o7ZZJ_g{@S|Mk*gbIVb0MomH)l(+q?ID3>#F)L>YY-~ zYLo;xj9*ipgtI9=(sM7UfAD{8Ya7{+%aE<0cynHxgTHvDm~#wkRi+FA@F(R>+$=u0 z1epoA=UFFvXpiM_TXNgM1d^xqhKIQUYyU!A0ftpH$L{bwxLYw@mtE+AZ z)}vDqw7kbIyK{YFBE%vvZ(D=_;vYMMg#i)$Fd&b5uyJssJg7GLYptG3v&(Em-> z*PvNnzGFAeQv*5i(Kl7ef%6XCqM{<|rJ>DYF6ar(u{cUXNwrj#Jn^ly-Snl>%{Qvd zMYge=wu1YJ`pB2|@Ss1^GBNRb7;a2G6F;~Z!A<4JGnVy2C&NbJbsmYp(VaAM1joH* z&TrSQQedZ<=Sb{lgl%bRItfEXzjd^-7fDJ!(cRm5*2RRxJ}~N#;F#TgwG$LC%jN8M zdwaTnB5D*A^rvD;ThEmg7QW^p75(MQm)ke!kB59(+DnOEk$s%_BV|-0Foe^AhgbME zyQkb=2<8Jm>rdKF9_^>QivF7Ph8`T(mx>A{6zUC~O%lH^*SXB2uOr6pYQ=$2r3v>2&cqFYLH6qE_5M4nu^-a0 zWdj}{ehs^bg7+;sSlKx^D8b-$6xR9zyK2;39Z6+xL~$7v;-GmetE4hUYTv$nx|Q+v z4xnRx!{7WO23-0;_I?;4!*|cq9m2JHa&J{Po6td zx~*gJ&xat#0Gg}Fw6cc}iBci)Vw3pNf>C!U$xb|5$wvNtbx+s13VjNbzmly+d7zJm zcw=@&0J_=>F9eRDK>dv@_*R2K^RNc{^10ErwJ6&sbv7lN{vu{vjdOM;Vnobhx2D%l zEaX6_nPKOAx*qC2QNp*0*szeht%-Cs)dFJtIUCIzYa0vi7!0wnzwK46$Z|Y-?W=?X z@2i%bbaO}I%HYPc=@;SE$G)AeegL=2h0Hy?Tn6jNz)jZJ6R|%(2#!W{4sBw(F|?8o zO)^|YTbJu~ceU&cg57z6)9$v@z081KtPr2@3!IaXm9^29)}aL4#^4h!fdv?gyT4vV zr*$OoazXGf<*N7Ml3bpJ&xgG`1*G;*_Ua9C@>3Y4whbDR%R2$S6YY(wq?B#V9mh8} zS@=CsCpD;tUUw><5(^Kkxxo8Q^Is!Cd>4|krYZJUy(tmsz8_Y!fzFN)@s&z0u(2LS z@W)5Awr%rumXRG-Fx}l!Nn%=j1M1H4IXPFFH|ej>EBy030CGfwJJTBZX0 zJ2{1z6M#8&B*gg&;NF(^)+cBhwhm*flK|Yg7Xj|ZTMlNX{Q5Z_h+dsRSEZp>AHh9Y zVUp_~=kzllympy6s^nP|Oo7;Z0^m4ZU z!HOFG5}p#L;oR9c^k(ef$VkCW6&@n+;D}KVYqdZBu%3Xd{$8^EkiaaXdE|b9=rS>iDe}kcTDhxDEXK4ld0^n? zkjL09BrJP;?LGQB?Sr)uRkZLRr9+onLF%JZo0F+iZX=x;MxTh*y@Zyl^Yg`)M~%@O z@2}`@VCYj+NFgaa?>0jbotvFfWoaVzCoyo5Cn+{o?d6F6z)v~!@|<5~Zt((}e40o9 z4y;(m0alI{REM8H*ik{HT$WV^u%bkXj>YJJAL91wC*uke3s;vqlsOcP|8|f<*`advt>o(QS9W6{cyf_#yi+UAKdvN|H~QsSN9#EwN463HYRVm|FqP# zS@7v7R#w~TCc>eF2FQ(a4u zn3ryNdiDwLB=3&`Idu*7yJ{42J5?A?4#Wlez5kqx;aGQ{+{34pq0v)e7w^tJy(E@h zY_+kTdy1D=h2nO(FH=epjYVgU<@yiZtlN!j1p&>NcovD7l0j#`&A9Q-+_cT>mo|?q zFE6hz9+2qZpAP@ztGSkoUYA~%A5B`(PSa_UZVf43BFRH~v7KH*ihQn0)$Q#j*#$f3 zSJZ#Mo+XYYLnw@ zyL3+^FiBPT`XX_?kU%eEt&sJ&M~PHd2jxmz@Qp*y;h0_f(h;V!l|61VV;KvoM~`Vt z1(E;Ax)F3(IqK(<-N&7&z5g2ZUi$LWz2?Q#fcn95>)mb751o9+DqXT!DTzLPmYq9g z)A=!p_=fQ^BO~J}fd}ey6F+j(q$?T54QRiv^$lsS?8*G(d-`{qnvRZB`*l%K(U2#W z=Jk@!i;Cvv$!lpGZeLkgN%mT7?7C(2bMWAcH6fQZW3;V~`|u|H-9&c_Bita%REKHJ z3R8-w=7N0Pj$Kdb89eFGQ&y0_l$LZ7bn>zGoL63M zgL7z(G)&Kt*>(FoH72!0U#`I&5qmY977&~B#6-Yy8;(pqlwYG&P?m;cvOu2qQtHl?=7CY zWAyP1@SC|vi%|)*xexWs3x5}UXN6)cS|D>8fbTWI=0hUcKBZSC&=130=EQdKTB~E>b;gi&5g}3&m^MQ`Nx^ zxd%CG#j(d$cBu<*qtrbGHiY_NKnLSOh%jWVXNZX&?>oX|ope>{sUFuL<0#FPR}ksF zP&S=kC+{{UA{#0?%dNgUM7D7*ijSk{u@XZ`(VZr?iv6A|Q7O1pxD#S9#cw^b%c)|b zL%d)u`cwDCgq697TW-z@l-eDpBGaFKPn|d#5X3h6^O6+Vc@;q89VUvjZX+T-p{Ci0 zDaHq%`-u2xW#SXOe;!Pk%(IAJn>$#1(xSBpBhGr%Jf0ZUCrR4n^RKVyehB2_a^jf; zxaJz$)vVHblY4jE9*lO6_=h621-2p8>wUF%m9b|*ZITpp`g2Mx}T2hK&#SbC$1zT z{sS0h{dCMNk70KkPQXGSqmL+~FBIA%X!_fB*gF9zMXPbKHG2S4$U-t#o%>s6m$xrmGHPK(EA_@X!Ktp2%o4-*&?Vv(@1Xq04lu+VTlQ~KSkVVv7~ zK=j&^oXjyV!zC9qZm0wk8++rcK5BGzG}63hWz|X%qQ$kPs_5q{QJbYRPwZE6gLNN) z%S3*yw!JOlkhQ*Ri|q2I+i%rx-!iq?g{29D|@`$f$ zdqNLcbG~9(uUQ=OSe^98VEC4Q@kbSpOX`pJ+B6$qOyA+d`~-jeTiF*mW_WhidQK-l z9dTl=xK0J9e}fWcBC_vFfLDWcf&6eIA`B-<06*u*Kg;PGOgayVxHe&^w0}VMeMG`0 z*7Zi?CO7-z4th0=j71M9-uQ0BKHhs~Md60a4nOe`gt_G1-r|Kwp-!q>rY;SMHWY8jbP|@4eGI2PV!-prHm>y!SudA0W4PzlVnG9CMxRWU|JTJf zg6jqOq9}Iw3`Bg7jTq<>Kd0TLrNC(^UP<6mTOB7R`Ex>Eo3a( z{?a)ke|Qw}rvG(}|4-tUh=aE-t#EJOKfY>EZ!3768Bq`glVGG4@RJq?>Cem&-It z(k-0w$GD`YqfW80j}}M$RS1G}ge3-i!alVF2J0tTS~`)mc6nXwIbau@41BofzUBGf zquPcc4Q{`V3V%>WE1Z2#U$fG}|Fgt{dxx%*!NHA#d>Wx)Up~Q72ktS)cOo^Q-RrSp z$Wo`_!#I-((R;UUg(ydtDC_F#P3Xk&igBeUyGc~Xhh__ISoSj z1*4XU9F81oWPgc|tzpBo_tiTOE~QCtB&}66xZPP5BjtvRZ{%{URs!B7ygQ%a_Hw)Q z7T#Y6K;4_6 zMiY#7$W0-HD??BDGRwEJ9|H!&o)Dq-&mcTi2=pDQD`pWx{jc)A`=9FfjX$ESN?9$W zGLKOt6*5XPvxQ^kkiAKWQ=~GInN7CCA@kU$vdPNc*&~#htnd9gQm6N)zTZFK+YhCO zbMA57*LB_3cwX1dazuFZ>Q$%m`iuK?U6+*?qpcoQU0hMZ&m8Fh?_*K3M#Cx_EbHA1 z8)3qq;V(#i41*_Jxx@G`JsUqQ>?mHoI>%VM8eQ@P(-0xE^G(a0HFl$sH6uJq1E2V! z;8nXYZWivvZ1AslWOJJz6q@J^YlS{k0`}LF&o|MrvdqU*%hz0XK1s6vW28!rtfHb~ zj`_O7;&*}TJXOl%4*l<#@mThZUJ@8B;PuQ1-lRW)k3-e1>A^Pv%cpBEB= z_#PqI!w2g@IC`;c3Mh=#4XOT#LvMuG1(nZbnO{ql0?^bDnx#cWNXPtA3a6kIXR`+z zg8ri1TKP{5et9?GGolcX`wTe`zr5dN!k45If-xvf9h}NHkwzj9D z*6EO=Ar6aekqc%!mrBk^TI$?=1_jH00lK;&Y#obV97P{QhXQ`;344Nbgy_L)+i9U6 zQTEYr=C&@>OEwNoS7#?_`1X@y(e*=(o!-?@2vBqiEE6~fDg1=2O&xVUR&a_UfV~Jk z!WCm6$JF=>fDX+T21WNp@glc3uMN*!`I=}Sy2X-VI!Y$O{f&=-+>F8!C;GeSn#$+D zu$D=8VuP6rwN=L|5ej^G>qkQYKvh8vUr-PQKM==zo>2M>FpPWiJIZHmrqe{Ik9NO) zRTX$)ht$zd;%1N-pbfGCSlbUcqByKUc0g!n(oJ){$~oM2qs<_N+p8Fl)2+dCMq#kt z+OrgpLZb|eFXN&F&7V??Ugnjpy>e3P1wgIn$xoe2BIgo#`BaFE{vj77;bJi>0B zgAGqV;B5H;FwBf+tLN4?rg+u?76KIbTQXKf0@Z{dGQ7a!0I?&4;=PSM$h+ZE@pzb@5KAN_;A~ZJBZsR4@ zC2Sn9567>AV84q-Ljwgf^${%2Mq3OP8teD?#?WTTGWM4)hV}hueE55=FA&~tVOt@3 z1uPG`Zs8o1^4JcWVX0}(4L|Pi?;1k^n9YMcMFm+XjfgItgxPJ(`EqhnN?n3h@W1o z<*_TeT^aQ1-2mj|+;eUmpfalHPK_or=inpJn=RxSN_~d>OFi5`5HZffhr@uLJO2UwJ?HE?;Mn5crXJ>jY7U8z_jw0a%au z9-lG*XEz0SUJ>UOSdHNSJ?~FLFYef$@*XEdDiEU4pJo%?CPk)nw)7T;W*+PeCFO4R zY+rm6WGmsy-qvURpw@;;db{v@^-!{lB{y`pQyvE@*N62(CLupaExfPZYHRCcznY+w z7XV{_H`zIkLj>*VUQVFob4rP+_3Xf=BL$u-cS1qvw^r+(&7wr+Yf8E_yY&b*7#M5H%?Bp7lsU&X9Np zyb(w>dRCA$;rBj4yc`&oRZsR?JTozOX`Mn!PX6orHeAMiPm})_gV4847!TSTxkvE; z1#V{ZttvJI^G4FUOs#pI%OW84zSR0xw0_O#ZUGJOQwWHHMU~CGq1>>N>d@I~_UE<` z>S~NcoI3`>*zKL$p5<(_XG(L@UAQ)U^2?SMsE7+yUB9)QRpC6Bqwi#O)LLU3qX6U< zbK8R+&TYyfb3!eyC{ua+>ng!jkn1x!cMNdGIcA&g4FEvIn_}<&F9oV)d~Q4U;eJRA z9$$T=xv4;D zelUQ3u>rVuZwY3;#4_2@oQV-{GRprc+TuD!!aQv1wj>7bk3`f6n{GWqF!w-t7z(jv z(blIKZ&nIjDfR<)#prPybPx%H(vtQM6yq`zWORC#kx^-;0b`X{xW?*FhkubE>%^sV zcMnRm5@?dMx9UW>fthD(a!(_41v;lWmzV%FRhB2*75?tVF_ER&-mQ0E29>%tSO%F% z?N;Vi$%;fRAsG{b3|S;gZlxG826`80+{of z?`cg)e}aN10(EO0_?$41xrLP|nn;`kI6REbTiEmtfXTu)6Dub;yXLLH%`jIhUKZ;a zxWiTct#GBHQ8E7c&LbrD-T+XD>pJ!UUvLGA>Gzf`{Ac1+@z6+n8m>K%KFYsy3Glx>y>;bD@%q0@J>x`gH}n zwFaf{Gc@z1OSYQ?7uqYh(GZO}A)|C(G`j_JOV7YLvx3us2{id5pzaE!ikYt_kQAAB zoPY6qrPiK6%b)AL`HB{BoyN1~_IX;sKuTxh8I+GlUserNFO7>Y0E%o`Wug6$`Petl zkdTnYS=}8?;7ReM8H2YKw?NVa8{__&crJFolQr>RTy+nKa`l5qzvgfi4mu49o3`K$ zZ6h-KwdML5F7HHOkAn9B8@6CZb)ce=Peu=dTkeU`X;AAq{+%{w-xF~EQyegQut4T{ z(t71`s0_FwpFCZvaEDC|Xq^po-I6&Ltx35Y_0US;bMVex@q9j*-SU*oV@_d$u;Q$l z_r#9Y(-M=w56lK(=LX(~ECu1Bce2Qeq>}(-@}`7D-F|=u1t9gys6gA_(^F<=f%Uq% z+(4{Cq?BY#eeXpWe*pgC%_uggO=C4OPGxgp$aH8$c=}qt=31GJ7h~A>6ECOBuLqN> zVw1`zK1Q-`JK2nnjV&MHhhsbX`#CE%JF*PNEef@5yw%wpY>ohK)`RGNG~IVv1vyxL zeGc>fLkcRNIdznb)%V17`?!L@FN zB(b+;vG?$}hR$AA2~nGNgBjIVezE@#UhXb*oo9;V_CZ0#ZQ(cK-ejI2c9=k>B_MLv zE&9+0vhPC`G>!9_;0BN?o=|_vAUDO+@6M^OqZ3n_>wx0a&KV0_yRXeYe765&!3rE` zlFMKpIr_?Mb+m*4{uFY9mFIqbzsrDZc<_x{gip1???Oip3%~;AeJ9Cs!HbV!awo-3 z%u|sF0QMB-cS)Qpt9g2;sC}c*b^XZnU|G_8E{8<@#?+!@EO_5itNoQHJ3D)h&FHQ5 z7Vqnq%(3G~3RRFt`rUV!yCRh?1wr;06CkV?NsUDe<=w)3mBTTZlAg(AHP-> zYn;bBf_UHoc)h6>)&VB_qEev-Dvj_J2}b3eDXaPhy2e`weW5<=>FW4lbtU3%=0gA64 zeviZu;$3I}+G_2b@tITLJ_vfn)nNz-+z4MC#>+-db;>WWsUYiK78ua>P$#Z&KB_A>ZT zDX(mT(b+80;~+kHXam@fC5v3sX@ksVD@nbro^IN5y*#J{vV zEWq!q)?z!nS-(!q-^)o@_Pt#Dk(?aiC?@}4zb(GfISc|Lw$@8*1AFl`A3`L7x}>D{ zC4PP>xNE6zeeKt?2hAXlSLodE5lnG$F_b_K3<_eteqG1Fz~DRwhx7*2kU*XGfmyRn z&!ee4$9I0@WQLad+;F^;e*jgi2U!@mih*MwMph+}5JBUC)(sNG@Q++vppuI#LGtBc zqvL2C{>}QesDnd(US5H;x^YTka`Ngycx!7bi2cnnk884Kn=IHkFFXN!c8Hmn*NTiO z%wa%pw|EhE@F;NR8G*(+DPXdzNy_chw+U!$!L!P@K~^HQqE1&?`CJg|9mg?EHXOW6 zG#1->uLcyp$OG61Gc&WqF)Au%Zf>;u!LV{g3<%O+UJztjU=T_Y%Xl5j!>nBM_%WWZ zw-=c{1z;KKB=`Ftd*~2=Y(G7mqaOlGt@;kCpX}GUn?Nki3$S1+uTLrXV8I@DFX)AiGKppCeqL}&}r$X9C-^8%&gc~nos8(bn zzbP)TMTEp!RI4;1fu+~33xDSK{8eZutwoobl2Rb8W!iui$MVRQ*3kr`GcQTa-F6bq zop%gs9p<8>a_;v&cuAW5t1ZGlf-E2b&iP9jTF`B(!;Zdj<|e_;MX&7yvW^W*dsuHr z(qkTX5+gNh$`M}7Ap+;sl`ytt5cn6PB6Zzdx93aKEH4E9*;Z z{Y`8ivV~|+*joDXf=K*8srl+n4Iwx2`}=L^@D$@=D8QnS%hquWu)R!oc)JYY_C6U< zL&6j$(yb(-uDh+f7D#I5kc@4xVhjfH0_7LYyNxdff{R`gA#am>zrhW2P5Er`zJpz)3Rm4~3t zK^}<>kRjII&ca&z(8I4?ENbLM%5BKk&Yv@u3wIw3e%m|LGWi5_aoBtpA~L3gR2!y~ zq`DUG(>_Iwv|x-1EnL%~C<<+A{8aw^XCMJ$vtc!`uR_OA2MK8q$X5#VeS*CJb_n}= zTU?xr;S?(=C@Ny*DRaOE2QFw|zp&KH#DKLE7anG5Y_hucuq4vt43m=4IN zS(x+ZMftYlN>-jWy&EPu&P@4$f=Tk&$)rXM$+Itg`?e9EK+de``+SVMiP@kgeXN#(y%$<864_VvC<0#feBUT==1%HGA?lnA78c^vun2#ofy*TFEExkqYaIH zu|K<{3=q0BaE!0eBYIbsQv5?^Cnsmi!|+og*||VWqDyXAI6_9}4Z2hug7UTKbRCDr zR#W^lHMg2J1NQm`->KIWPjP2|Xt#WB0|e>jgW;e~7<-D`IAo6p_YtBY1@7RY0Ve|M zJnKG5}kJi}0%hEdES!3@F8b{Dc;m_1Evj8f%tmj_Zwe_r`Acq|B6s%;FtD#)zU|F@VVKk0mRmGnc?H)HYF%%6 z0gDJ=cYfyYp^E^jz)*7U)H54O7>;s0$}pcsVTN- zCp-MCaVIG#zUl1Y%jE;?64lC@4mp#j*|9s%uI5-!L)H!k9%Z(L*rg>=aaPIKGPVVP+qk%#cukL}r(DJZ2%Qamax7ILKS8zxL?IwM(!@AX7lW zNJO=o^Y_m6z^l9`AVV4)h50$_8P~E5=M)vqUO}kvtRM(>^?2N}(Hfgpcak!f&2t@( zVFsq#+$!_WNT)Yh6w0K{(Y8aNu;KOcQQMl1s=%1Qsg@1}JZRG?APW605}kU9K$pBK z_Ql!!XSUa@-R^&*4!?T!6i#1(vw>Nc7if?dfk5tgJHwoUATt%sK#SQVycS7LfcuI{ zDl)iTflz!sbOKWEqIx9AC#>AH#hFQgVZut+iw$Vib}7}ZIV`U2Lu=asqNY{#J~>cvtM96P=hcQrS34YJnZ*HiNWo@{J4;${Wb+ts&b?U1*4MOIJOIVodE zCt1}EG>G7Z#ezq+I>qZDYg~x61%%11=C86aMq%PI%M$NrWV{YrxO$NGci2!b8c@$+ zwebrD(3Qr^&p9Busv$2e+IS6muq0%TwhGcp_dX-4$$CzVlMRgSFjPhSseH6oe94Z_ zuxis46#d%oyw_m*#p)j8VE3Vg9)#u)KP??lWB|V!WrlcU@U$B{|qW`5c=P))X_)J1k&VC;Jz$C4o@|E zmBZK38wMJ-C9<&IcC03ml6nC(gPA)%m^Vf=SL2DfD`1y>`S)b|!8Rx=5%<+0=k|>s zfRaNM8K9-aHLj^^${ndRv9BV|Q&lI{jrCKo9~Z25CVyjq`*t(wX;f;*WAwQcv&77V z2D@3~ce_jpolO||cY`+|U`zLvrf+8n+-Q#<#=<~3%kjM=Hl#T2vVb}@R;?pZfjNBq zTQ#)l1_t-uAY40d&(UkoSXG#bEDC()nx&$`HFKfhf=c!C{VbHa+Bx#&z(3uN-)fRC zKjvWoVXD2mK!&K@1)d^*Jadb9XgRo&$pK^r9{@{f$pzIU0nX>(EpAX%169w`I zRb>At`rOrL0Cn2hs(9=aJ=evHt-!Bj20(;k%x4G6+}e5{O~*P>gN&s5$J$T+B@AC~ zV5>fX94b^o10C=OB9-nAP*LHRN#E9P`%QAES+Ka6zThNI3ig%>2^nCuZH@ryg`lQ+ z21Qna?*{h_>wHOpfAqcK8CbOG??wOI+s`lk90O~O1Z5V}GxM*|F@ruLrn+Ul-#Svb z+Z(2r4z;zkJ<_0e?wMX}rQzdQzfKVLdCq{)oBZoxZf}8r#oyP}f7TOq4pL9@y7vPH zB%7q&mXh?l1Q_9+6_lW^W;s|o6T%5sNB;rr!0C&hJ+rVU1L*@Qngvp2w59_umt{L->DjH7S-kDo{eQq0*qAD{iv z@Crxj|NP~Vi>u;V_uEJ;DN%>HLd0Cbvd>K-YiO^TsjB#Ryak$|`Umf|U%KHxBkUvm zK$aQ}ckkasI%eB(*)D)F50tHgiObBEA-EL!#B7dGxB#HUPa2}w~ z6%ge7A$DRF1oCpMtWqidPEMf7?-33Nmo1L@EZk;X7+$btcibe+4v-5GSrSzG}x z5Ph)K*iWbrE;lc^+I@K6#3v)5r6>2-$gb7eqFxs5{f5SgwKZ1Zs98;J@m~Nb9Qxo- zLhjPY+7nwLTqva;eOe>c=ef^b3hCxA-SA%;xsXrwR8`G$xvT}u>>&>SBscz7kE`fm zwBcU{N8X7IX8}eMI`r>Nbc^bxLZ8hMd&2fk4Scx3^kCJ0Hv0R&4>X3QOEBGKih*G7mYZ*#KB|yP3Mrn z2`8C;WGRlF1_Q`1oLTuNvtN;pTQ&^I=+WeGb92-0pr@f>F63bkd{f$(UH#dJXb%yH zkKp;^d_2w(t6=hfMBg}?x#gc!QPmmbycg>3ZOuPVN%>$JhQTGjP~fR6gkU_qL;D1(C>7cMc{) z5&h)d(QF@J=V@OPqyJ-t__Ly^A%@X$9d%RgbR2pS4!PP;pp5_q*<9_$yFT~-a7eb7 zsIG1-*GwFV6WLFz@m~E1EeOucPRLybEo8qHh=Se+N&A3BxX5?)?~-triSqdU>GdKS ze%=%pqL_`P>uIT`mk?q_ApSFaC>IKhm7b$KZUjDZf|m$x#Kw2<9|Lh;xKOLK^JPcJ z$|}p=!9mK&sc?CD`M&O#nVeDtnteD85C^pE4PH54y*~D-)VqP&j7Rp(`;4in`*X0} zI`37x6*qU#8+SeAF;7Ai=)Mt%zzdz?6Cm5mLnL+apeE?{dq2ORKw45#awqJE&M<%a z195Jxyq0egLR&N3pJJG4c!gYNU27uW?%N=tpvV~+89C3yBsMZS%FNE5CbEy5qL^^u zqA4?|bg1Ly{>RQZF5J!TXlpw=14=hc!$7%!e{@>Ni}V9&>6U@T6PHcQEra~!^CM>s zb`!f_-*}Lv8Qe=?zTU)|R!16m{jB0GKj~LdjVj@f?hZ z$J%=$9z9P@^>M!dYo&WRw%hXfOs~KCbQxwTKPxLG*3ebHnA*QN&_ucV_Cx6$+6PI= z$1U7?fTFKFz1fzxb~&S1 zQg*>dIw(F47PXBV-BVLO?v$`&2h0^xEX&Q#O3{K9p5c+1pnVzi zo-`pp4kj$DOl1+{6LW6mot z-ZGP~e4C0dLe_8t1J`4Wv9*exp-xa6D6AbJNVv4NvVddab(y(Rom zF(gb-dcOQo1jt#Lg7E7`(WWHrkD&&d3@QTkY=i&wd-=r{q2xsK{l(UwAFFim*XN=N z>Ux&)kHrR@zxcM)tYMKw5!&yWv%&+>AXmiElkjQmgFs_&hObIpU0tiAtrwN;QR{CH z@Ns0n3FMJLL^xFBu)XP=hC&7DR%E=-y!QN#Y@0vJZXux_BY}g8zGNg>k1Zz}J_euBj;$gTZV^!_(~@4C7;t5QH%>qkp4RewiH5rKClY>VYaO zRPW1I)zX5wZ!TT$aUQ->bFBA`AT?xRQE&~5psgo@-`Xw(iq|zZ2Dc_iu6ge!359Or zo!u`QgUA6l!A`5Eg@uKZh6a1zDt(aZskIk8*Tr1RiJZ7XJD^W;(@f2nhN1m;x(1_n zs%-|HPVaoVC|J^HgK zUaFuLR${ejN&H3tvzfh;ZqcKfj(K5GXMDQunz?qV#4EUMQG>9C(77XJiBivbo$7=K z_fwE4<~9p8n;oFWzAPUymM(FGr_C1JqJDl;MOSyh6Mj9mnG{2-TqQxQ?p1z<^N&*F zz55#}O?4qeYvT0r;|dGdfbDN78^I0E(Vd>VO)bXH>1onD6w+`5t=OndEEGW+)Vwbg zp~0&PpD1k?!#c1tZ9{FC{y2f%|Ej^U7IMe^Zt)8VWw6Eyrmo2^v!6x>(SGx3q0!w( zh5N?$yJy0bg|5ecG}E$QphMfQjuiK+c@e=&75;t>3T=dzX76QL5(Wo#%3PK+9<6>s z<$MX?Y~Y?Q;=2mXi(Dsen@()2^PI1^7m4m|NnV-lf>HB|bY)89bDSR@`S^DO5gABp zjVi3Ju8x|?Wc>0-!g!;aIz0_G?fi38pvG8O+dGvKM0)cF(nd^8Ol&l1er!ETk^5Y= zI&yY+WbR+%(tvRr2erW42@f}FO@y}_x(xgD*E2-xnj)X$-s7pud6JW%C${imx1|&8T!8!?_UNcK0S1hYnV@DzPfwa&%VyNh10M9c z(JgE~Z?jJc9_#?`8pEC?lEob&pK;TayRL9L-Qi80&(>vQE8HWW;5ds^VUe&XYUG>E zz-qYVfW2JGW%KU1h=`LZa`9SK5?Iy6JFiIpKDGyJxPUe4^=s>1s%^bB*fl{)RW=oJ zT;n8BV$$=+F6Q%lue3z>MUinA%Eb>Y=w{0?(ZFez3A3sH%ETN}*h847-rmt3vwcJE zF{_>-%N`o!K&yRy<F2=f3GJPnyw)MYQ7EOmyLlT>Pega2%u`b(=S1QO0~ zYXJ}9;ZoU=mG5?04Tn4GCzry;T*Ij$Wr!|pU!(n^Drc?-Xd-Z}A9v`T6+n(_nR0chQ#&q;xVSGvM<6iNoAo)trindtNOAw!$GDc{8htNd0b%$&mq;H~#nZrr%> zWB#R%%Gr=03vZumW&*?49CLJs+?Lh()_yeU3TOCtvd~{|6`b9Wh^D~x<5E2zAX|;t z5dQI_tPf&#ezQ&xjzMUg9Zr8khfMk_J1R60T4KQiC~rQ0)_2?3a56%4k+)oTOY0w%2 zal#veojf{1V;Hxk_&$dX1LMkmyL!)?_0J98NC)|I`L z1@=HF2dL4sx0QY=^q@?+44A#i)>mY)`6_p>|AHX=xs(Q0g>=w2F5$9MVKWE{+~?<| zjZ{VEJKXbTSRai({90=+za@XkZD?!I+t}M^Zau$cEo`CAniVL3xGT_s6+UjrV@rID zx-#MWN1e}ak`vRijeEe{8PV(M8SocLp87`pT9(~HD5XZ<*#pMOawD!>hsZaNABWO0 zcfljSXap#t`TceLpAgAF>+KR&D!exyMRcVzjFsGWbH?JvB%+ zpt|4t{$s}ybZi|SX7dbp!CQETW2YQ?DReBcA&iMM^iiiE+Q0zREC2lwkG{WpRvy?k z;)w%r_cb1uu_N6%8N+P{D{4uO3_2vt_c&+zM}LXUUkh1(c1j_9)nmRKyjP?6dZ_8E zEg{;+PfKOr0jTar?KYMO930JrSJZe>+u)i^FV(K=j>S7kz%xk_D!jJ9BJz~VqC+?HTn=?Mup zGBY#Dyg%e{%3P1V!|>9$Q(WlNgf7|Pzv^&ste%kWI_YN$-IHHO!-8**8}@yE(_|Y@ z#{DTGJ0V}nvgF;S6sALM-Q5_in_DdAvRam@Tl%23Xw#OE+pbK|a{G~%mVo2bk%e+8 z5%?#5!ri<@WVu?P+f2_|%j-J0j`%efl}_F`KURb5lV z4{1G@8G(~RBJ6@HxrsJBEBXS%iyNi6-1L6(O?k{wR=!2Ck;7)0t8aI$5fztA_y$HZ{e8Xj*V9g^{6i zoC9U4|7NKnIcTl-qaO%?{!Kc=0`Pl23We5H5@4UN5)^+)IMA;D;39cwyOjMQq zLgoX`^iu^6GZPl{z1jLtW@cwWeewdRSXUhveD~(B=?bPC!F@Rgs4o;*=r-YNTv`$P1{jv?NkPg#mNw98T3V53Up=D&RfSx!&6A#5 z6OAJOcMhy1YRuvWn%wUeFePf5H`Ro1P?33=%9tn1;u5UjG0*2WWi#cN26oo{X1;t; zk&*Fv|2dlwi3RU8I=K>}lb$VU{FlzVW;a`eN68U&j*zxA<&?agmC=Xm`D-+XyJU2% zTIUaJSUs zly$fp=D>ji_Qi#|JIjn4Cd#1n4p&eht%J3=^PN?Z$h>oT{( zTNz??VjlW1WVwS`jmTX#fulFbDUA2rq6rR2a0#0#;5;Fcm(ILnoam+FC!jE zYpg6Enf4ZOS1pQCcT7$8Rj+A>)X@wTP)Fn63|Cr!ftFvS2zp*F&6njXtk4puuaxm+ z9RDk^bEs>xMqX4I%uG+W#t+4|l4qTMg*b@Nc$WjG+g-Wbndlg$Ygdz+bt`n#9RyIh zxypWie)21!CUTh9fZ%9T7qh#6w3++00R(42!?>ZmaupQRh!%8`cUfg@6_j)_JosU8 zeLte~S~3JGQ7IR_9HeB+f#w=8v!CUklh=CR+1VN1=^2W+no0W6IqeCpSJ<%;Nay}# z3vuU(7PV-SmDqtAF*7%py(7HiFTWP;1l&beHL1oBDcourX={x>@n({qGdpSD_0bGy zsKndnM?AIO>9wQ{F0Q-sT9EQ|Mzqj}c=!nXBh6QT>r92JK5sa1^<%+ z?rtgWF_A15;ctE!1zhb1Lh~xNhhkpNi0J-^KJYXl50()(`B4c7)+TX(fhU(-e({ps zY<_XP8a+LIdKTz73GuxhXY#{_BFo+_y7*1MyHLf#|8fzD3eux5z2!>{LL7aUGZ~2_ zkVsGzUJ{YCPjuwtzxmh#W064%Dn8vpBf+kjSPX{%u<)Bet6Ymz zVhL$mwwJd+&E~l&qdN0D)02~{Neg6U#Hq}SHZ0tFg$pN|9+Pno%Kk6wLF~xpg4_&f zP_YFs`$o$P&XGypx&^8VlBk5wJzV(iA;02(Wp?HJro0bl)|z-EXPxruVNTrF(Ad1j z=59Fm=w?)OlTlP(riE2|=nB`2rd>R-zMWkz2*4V16mT{~m`F{nJRJY_Aj*#YAVHVX z@^}1l8N5>s_VqXg_B=tCZP|k8rHzOKHYCTZ+xIy`TMnk&S`piEPDyVNmOXW2$w%E; zn6BIwM>n>x2B{*GNtB7m6hpG6nYLL%amkD-9oZHA&>l0hcs*DJ^Jk?GTp)qOtt0<; z3Zxz<0Jp~nSN;m$k4K7SCBjTJ?l;}#oKRsrA0)Lx!FoyPTH32tDTz^bITj`9q)+um zDbY4pfE*)DsV^`EH&4DotgD{NQDr1ceS0yn;}BDRRt|6?qjo41w6tcUl4;`8+HLPB zGtJKDkE>Z+eb;^rR@iSWhE?^mV#d{M{I5!QPrQgKT7(rZ_R-19%X2Wi6r3af=o~+% zHlM)Z_3{IkIGW5|BUIn{&Vq|o&wC{*2BFfW8N^+h!qfu<0=~9dWD#-oL_ohO0N3EN zb@zHMX>R|gL-`YG<}@7Lz=?h;@RI+pzJfv(;d%$$Zf&YQYrftJaX-DZU!){9%|JX< z=M0i{wLIbGkM}wfRoBHsb=`|+`KrnfjjBKQAWf1@MZD*5V$39Wq0{-UvpxNY$NgpI zrbkALp^7z)X7IQF*&kQevUKAl%Dw4Hs=z^7sr(!M{#qwdT0ipz|M$XiaB zi52?O4JU2QWI9;LHQ2!B z6(tDCz0@1%O~-?PncYfWtMvCvOz#nLQ;+-{(F>-pA0`i*7z*k5#v50|RT(=A=S$wE zu7TGs;Yfo5Mz}98L6<===8yife-IYQOj7DlddKBR%-#1SVcS#a$jdXua`a*40WeC? zL4XiV_TU*O4(*7yk6%|(+%oZ_f;Eekm{UCUH_vgc{K(brqD7b=kcguODPievX%`@` z{cqpghkQYG{P^?f6rR!~@xsbWnIq+nYYwJbs#-QioFu?W0AMSDe|!~8f0qThb|>~z z?v7JpoYO{qrdB>eTSg3e)lwQ%MxxqdDVP3!-+=F?vJp_(ZY^RrWYA;0AzEugIbPPN zH-m?1bHP1`u9CL-M_LbJ5#nPP=E!s(jaH@%1~q&sa+o}H%0%XF+~m6pY8{OCbHWj>PiIfJgq4ajvhT?y2yZ+X2 zJ2q8*)h~Tv6LYJEN;;9Zss9E+Ma0aFnfqvUC&{4BLjI7C5wF<@t3Z(^M>6-lf360{ z@YJAb0%|ys;vbjUPx(-QTJjpq@cxF@?s*Eor3P5~@4%6h{qgYS-{kB6lZ7F74rUm1 WMurm}xV;bjk&=+Vi5Ay;{C@ys$%Iw_ literal 259480 zcmb4rcRUqt8+SyZL?M-o20|!%Q9EZ%4>@9n*s1V8?$I3Vy<5X6*5;8)Lz4zwW zd%XAQd49jY-uH3de|&s6=f3Xiy03kG?>k5ZB1=wogY3+iGvsp5o~WHULn?IU42deq zIq;YEQ5u^wXPC~&J$a<=s=qYs=BPe>)VQY1!y9iEAVm@o;58aZ_U^#{Hv39N$x&Gk zm&I_g^Php9@}dFl+~Fa?ymvHDh2uP+rA4=G8#y^@`i zGp}-BTnIRpav+|Vm`D(PQkcv-)^%Tk;pypneCOo1Dg`w>W>`Eh@WQR3Ko;;e{>H{m zjBW_800GkM9`E_n1tXh3!)d59?AJtQa{ z%-`L074|9D<%;)>+<4fMe_%Un$yr512;t;x-Noa?RH;ZP9tx+iY#`fbp>A$vM;K4V zZ%w)^L)6ELU00i*;I@B}Oo%42HHBp<>cfZBjEuVn4}ApTyeX@x&|O~6VrD>#x#b&P zw6eMT)Kygtq?Kl%Fc@JU{xhGHpTu~;;|4Ni?I zhG@cKVhZvuR`7dzQPh)6BukFYQ`W6!dCe3CbAcfviKeEeZ9_uktRK+f&yoF5SDlJy z%O8EA8F#OrKV6+tVMIST_~UD0qod7x3-n6VpsK268lH){u*FhysEvV{m&ft>%A6-x zSnKOKMh*uLlP-Wo=iU*1zd>wik&%$<|A=b)5bh*e_eZoM_uO`KSN1LOu1sj~6)LLk zG6&PltgL}l=&-Z%$4kPO?H1l~Gkct_K?8nLuH7sci#Bx&p6@IhvnbnA^Y81S`zA*M z6&N9^m-c1T&K^_t6~8qH{Lbj$3`Scm^{L;21x)jR=AwFT7K<4x-4MFs5<|b{S^M%n z3&{NZyujR)bA@H`=fRB%L7o~*Qla80VO{||^e}`ZK+_tPmsj+i1zOfblqjM7twF<* z=frS$8KP22%3r3K9fT8#RB8^PpH#7bw>L~vv+3~C%5Y)GB}PG&v+hnXBqYhIqlqXP zks7&2zvP)9g50=CfSe&)7sF!%>cj}U$eaOnZEe)2Pq%5PqbycfIf^{33-m%76YqsL zDr9D5Ctr-bF0A zbI_@tpy-0%s$C?hKzy?j{JtK#cNEU-lZKWQRAg zXY@3gx@Ha>BADbhWH*T7;^l?1v9XmzKph@Kh!6uIm2i#iXf|VW)ip}nL^cBcEPVV}u(V{Q)0888i9 z@$~7NuV24DzJ=V~-92lgDO=0t+!h;+M^FtQjkAj^BlPnP4h~k=)y-oyY3nUbETyuU zPs83GsqQ={}9X~XYu~Z4j#-rfz_HTX{xHGRaT1qhJS?=jvO_YWbo$CfBSo~FX6RCDBf;Fmg0@9 zFL%C1M@FU>6&0!cYErkeP^1B8^Tnqpj}qqy{%44svm?y1kKD5wt=7{inOaOU9aU9% zwa$|1EObHOJ+R6mW53{Fp0deIY>EJ+%41u_*}0@rA1%fZoVR*+o~*z|Xk39OVCzaqtd)87N^qRpfu6? z^2*AkFvO6JOS*RVWjl+J>#KZtxF{lGM2};Zd!)Hisad_dxS(aVE(5x9B!i^wr^?^0 z{<*Tc$4>#JaMG)AF3w-L0j&@6 zg>u}y4!wPPwz$Mesb9q=D5$BRVO`XnC^quMO)TicE!-E23Dmn#G$R(HO=^YZ^z0l>!g-7$6Bfhv#E66?V%Bs>YtPglah#;l~K>oLIY zfwLWvRH;yQ=h$ppNO_x(Nrp8vHaXcQSEx+4K;>7C#5LgHR-Fu5PSpdc`($yxP$o(h z1B0|4bUWs(a(iUsWOQR9bx4b`(%-M2zc;o6`-R<^kKnzeQKK*3U1+Mz%#y(F#Xx5t z9Fi;9DqlN)CasMARMnPBH74@^o=Prc-Tzev>skJILqaR(XNG!x#Ska&t@OWQe*$Bo z%#J~SQj~qah?YCQ1v@!Dibf#v0s;b5Xps9?pVYFU8h;v{%GVjfEmEQ7d3JX8sKmrv zpUT~jC03(*quY*g|2ZUD0!$Vc#~s)#;(?mi!8Unujzh)pffZD?Hm3?9ad6rJ5fBZ0 z_NB4|%XjwVi*8obw0~?#VzPZ{Pd7rNAd55bY>u(q`A@J{Y?bo;p@#{1gvA~AUmeAOE}(-)h-iImSbZXqaJRV4%VE7oLGj?UOWdYujqUe zw@|TCu|;@rG%9wOa#hQ$w~ftxY?jut%|l_clMY^l+x0@8LC;_apTmg%8ygC*8im;? zcO9ib3KbYE|Lc0QSD1Ojx5J_IV!OR_Rf0ao>9aN=g2zXtvGa>gI$L8@wk7q`g(gIo zo~6Fr;UZrcR)SJ68l8nCi8!eN-!)_-NPs*WF=c{>*UBb|^Nl3E0@Kj2Xo=x;-wdRP ziiM*xq9CgAlAc$fALrXF+fn?sN}=kNxr&V3hfi%iKdaM3!_u%+b^|+?#oc?E<>eLo zu-Cn-jglC=j+4Abc;Ixkaj_L#Bxk zBYTd45;~O{S)ZWV77cexHpr<@>({Rfj7_b% z0{`L9O(Xr+3Hc@E`-l3WKG#y|#>Qdf$a&D}zofX=vl)Z!px83RMZsI#jKF z*DPib+Q|qKneO|tzXjJPC8qpDW9PnH#hmb`LA$HF+j}XQqiAXI_dX`lfllJxCD+DL zZ-*QWpG4V^a*~vzekiNia>MezMRyiSc;$|r^u8&Z1Q!JElh~V4#)S}&<8IeWW%pTr z0EdKgiR{I_wtChQP^{Q7kEyo=X->n_c85NfbBl>vgX$`}19PU^E`|;}3&8bw>Z-)1 zNN7~KZ>gD>WRVLo-@Qv|7yOI#AqgG<`w8$mY?LI~-@ZKuIb!+7crTFM^cstdV{*gA zk{Vyk>ZAVht@D`8pYJKQzSF`7#}_ULF}sV4taMzyA;1LUw{!OjS;|$e(NxV*{cEU0 z$GtMy7C3ze2JKnd`?Wv_dyQt99n)HNp{v*-m|=IXK4EM7c7Fe7rA9^xc`t`@bDd*I zm8ef<_3px8RWi0;T+cN50dP8|1H!Ei+%ev^W=-^T~SX&YpBR_vNsn$&W@DqG&DBO z$4S3g%qFet%C|(31vjggANX8S{(UG!z58qBkBq6(bu>X0FHB>+&>&B9L_2$7LCS2T zrA=IWG_M`g%wHz5_>=U;Lm^r2)?-CD*RaE-$)}serd=GlAb9LMri|NFpYV=3b_Jwuo3^R@h<3E72Pb;Y zksP!I!bgb0xkPvFd3{}_<2-UNJkr>C&zIyiK~%LjuBJni|FBmE$zU;B|JzL_w5;m8 zM?#?{@3&FSv;|+dq>ux`eS0Yx$_`TJjxB$Eo!(9oDS zhS8TVe(arIOVE%BQq_AKZ{a1}iS70#^o#pv~>W61&4iQX7d1l(kKy~9Lkf~rM#0W8QG*|3{2MdxG*A@RoveJ+EavplG%J9z zh8Nxw z=^Jvd=or|Xx}H0#S~?`uqd}ie{~x`#1Vv+69+i+dB?tvRWA0 z_|0%@As=~pm`%hHXcyb$9uk31mUn+2z#;C)H8BAK91ZxH!M@+WFm2{Q42yZ9c4D*&B-15=mC9Pj&OLs5obT zm??X8e8<3}I`kS@AF23G( z?7e{gjb=8SSxk&Hm=)+PV^!{|NGVVsZ{s<@-eJ91JYEH}EL|vS8vU}9FiOutVupIM z)w(of;laPSalir7o5n;N5Fn?fj0ho@y-%)RIz5wNdQ512Ys?766ThG&tfl9O!NN&k z(kSk+E>=yh*(uUQ0#ju6cp zD60p}L}S(Zr7#MK<1BGO2dBkOxt$^VY7NiAKws!<+fKh>N(MW5x$S24XS@VO%Cz~a zPu)>j^n#FZiJdU=TZF`Sqq7z?eP{?HZGMsoucLr`UX{W55~W_F>*q++>G{Vb8LK;Z8<+NYQM z%za8PE~j+kRLp@8qKSCeqhZIx2>sqvl%4L6@vE8~3O%*^#Y9Q$_xz$zJnCuIR%8o} zZ7xat2Yp?~Q8&fC5bnxJB|AMfcGTlu6=0LS?@!qE5WVEDNeRnHyvHgodC>_> LTwY_s95!d6ReJIG>-SG*lH z%(z3{lx~m-aUPf`+pJ^M(GcEgYs#YJ@d8L_RxqZ>QDR@w8FkraQL8gFKZ9*bc#?8s`4 zj|W?}iBghX3m+neFwgwT36LD^k{Ui<+njqx9@-T8uSWj3FGkXAiz(Kc5B>5kSx$9G za++`*?D<`EYY1N3G-TV>Q{?Wb-4!3KoMq9M=W?}0-C(fS*t-<*>W6EU5YjoC#i52& z!g@ga#cTO-&8M;I2OiVo$Wb*Xrq83kk#228?w*sc(T_P7v@OwX44@ggPCO%kN6Owu z`K}(ACR-dkYt{|5S4}oLq|?Lg8mQ0ToSzxM36LY=6$>Cg;B%BxHg-|g)b&ItS{AQL z{rR50znFkcdGY!&i;6L->2Pg3WE1Ukf)4(3ObE%!k0<4flL{x5MA)}JAIw_lrKoyY zr#0R?exBk_^ekh#q_{9>IoNcC#-?Q4I`UXR!Nsb373@HAHHeay-0zM=W#{d~Yv+?> z7BIZhhO(Q*Fys#o8vYq23y|RJXEt3&S07Q#r(_QLI40!l8a`&7;YmxEJesH|F&9ZN8j7ox47`Abb9X9nWMqWB2HrEa#Y|5?I`i!6zaW4{KNzKdf({ zdzOp8Q(a;-?p-LVcd&V|ys79>S)=UJ?rrWvgJ|8Mqp}Nb&`;W;vJ+W#iDx~f$%dp+WQj+S(#H!tXR&f@y;Wx|nuGJcV&bbCAw@>rEaDF* zrIm#3i`qoZKNXZMUZ=ay(~CQ_+fnAFTeGaQ12NCDiidL|8|SwrtBp9W2g0cuE`BC> zS5viGFvG2%n{u+tXKb9cm;lG-yrlN_!nWSw+v~VoqBPPLvEFe*ajb@SDy`sH|TeWf*N?``X}Pr{|G*lxWVPrEl{b?nm!fj!Zl zqvFXp*6t&B2@H(5L{UzVDId*EIwKCf*w+3r-FlPhyPx z*;vG`?%H~Y%rbye@{YbV*D!Mq(I#yEsmFStpq@iuzydD4Z`{BAZidWO)%4hF{m=P+ zsSMyOwX)qzl`QM)E-`%asaze=elC8bxbr%yTQZUl1>?@r}&sF+x!Y8$xb~K9j7R6B6I-664hVk`|LhDjHYjy*Jh} zfY8iVXp`uCQ{e5{7+I{HAO9AV)<#>4(dL8m@hw`?N}*Q8+0m8`TOOE8HnLw<4jK_p zQ&clRAb*T`Y5Q~RW<6V5$)!W*jZ0NLwrM4_OQ>Q7s9)2PlgFbVMFnn57g*$Ox;RcMJ08wu#TGe-B=5uT?Dx3-uwLlxb5r`((J- z%DYqK?(jo>e0lSRNZvDI1W!fQ{P7@H2RB1p8s}i}wrIZj-cG}Lg{^JYmL0d0$(T|@ zrq%K+849?=g4Vm2huSV9y1@M8F z_nmdb>Rkku(YMy`970jFah)usQa?O`ifXgXl%sfmP)szPbXZZ;Id9*{w9f+0=v}4_ z4ZlG}CS+{vTtf3*F%^tXx6)FghiN37R-*FiIRxi6n2QHH;=d?9u!ncov@)@PR?A02 ztBMw>2ifu|qtzIe%_&`6CEjc~GdrYi$Lo;rA%@EC25(+zn7GlmV1;J>*(2uWrB1m& zBbK{g_Sjo!7-_pQkzuN6{i>+=_#BYUyNLmRbAHv^fdh|bL=+Li7qm~~OKgTw2aG95 zdAQ0*M%TUkF(1rLv)cKR+^i-d8}Fl7O(X4Z@y+ZrmI^f^d7!*E$SsQ_Q#v2Mz*;&8 z%auvuT@2MkSPjOw4RPst^zx$CHQ!#H3J6j3onKbgoC`tsu(3USWC{`PdvjZ{7#Y}d zqM1J*1q#riNS1*fS6suIl%X_#>SYhjNX&1=7c=z2_hiwP#Zn+3tATM``D&M(JY;=g zTk=pxrows9Nyst|G&O#MK15N84mu%ALY&ue@Q8bWNk&=|_y(4#S363x^O1q0a~K)R z;)+jdSw#w3Zkf(2?4<;hv+i@6qlGj!iZV$*l04Xl<5Zrn6$}?6=mn`H;&;|~JYuRm zOnwo?Di$*!lZJqs=-F70Qnp_eQ=|H6E>bhWxgY3^GT2Rg6_O7>QxEV?zJzn1OU zn1vrP8_!e?K^?N8@}Jmq4@(xH!;5`#b;Zt;mvpr9(^?M09;B?2sf@SBorxipOgN+N z6{}SW663Sa^S|`2^6#-XM@^t|TZI@KbrNPZMW z;|ghS_okq&a|ncmJWJGO_&m0Ippc5o{bj@3l7)zzA1}F}Nz?Q3jEfs+3(eOLM|oix zZK7_U$REeI5Je{^?|qEP8&J2jqAC&g8MsT&`znrHJkD}Bi=GD-ugHIAc0jYXi73?D z;Yhe-A}U9$yMrdjH!^-!mR7k3RD460@>GiM-rJ@LHLm$b$xzkYmC)k_-;raZK zU0KLA)CNT2=Nr{lV|KmxSBic0u8EdD1gunI54-&p7avfW6wa!zV1~kDn*!<(Ek(iy zO)lZ3FyGeV!VKN^-}~yaO4lsv_`sZTPRXJS`}VE3woS~y9iN@ex~;<{j9GQ)o@Oc3{2nf$>8FL~{Im3F>2xKlNg7_N^+% z?!d-=0naR@I8xK=*yLf%))8;`XBr#t&0N-QW=^e|%KeK~Vmk`?x{;PTVb^1A=5s`x z)`iGdVvRX$^G6YI%a$zb)W*q@*?Dyv5lSjk&aB|DoEuxCw`>qkU?=sEquiE*naAF0;i{b0KAE>G^?WOdT%o zx$yfmC6`#}9?*W z=TpIawb<#H6{ZeCLdf5~_UF$kIwe*ZukiNB|IFwC)+PQPx9z|0^7^wcUU0= ztnxag*8}#g zP*JCZhRwFIEk>8Y@Q!b-HxX{cEc+A%5w-Y`Khl+{K+DX^%5m$~EowW|fvaxl9-0U* zcxC>*7stI$53WUxVtccc5;s>4VeT%+7R)S}>?6}Q_0bRcaU4r!5E1%WfLOt2uE-e5 z_%Z+Z=zxQtA0{U!x9%zy93DQJ>mC^o6gC6m`w9;OOSu0Z1B*^cK|3v$ETFloxx*Vd z!Uc1hCfAw%Qd}b0^`con@G5_?@NBDTB@KZI7?&>A7wkgu0#2Y; zK2YwItMBUN*JI7TYnxau)bV$Z14UAyiXP=7TIM3JI?rsa4C{blRPg`?KpVF7fYZjD zZ=b*e5pd@PN(i7B&7q}k8zx>`TP#(ZGq>F;gVtTI47NZ0t1=w~#D~Z7dtT8ZYwyx- zbXMf9U<$9AwUoSMMmk5R z`xu8mAG%=qcU((COMDWAe6rGfm-`d&=L`Y@B)15dmv4HLYlkQSHCeTbQ zL}1cQDhz|caKMTXO`ERwWg%1RuG3pA^*=?laBwn^ZxnAFSv%%1fG zH^DbUNj+7rFpK zhY*q|IJ*evm4y98^*r^2ocj+k;s3&V3Rx*&?X3k1-MO*WO0jWq*$wKpJREn%y6k7` ze&JCSDN&N3C)71GOmw=v$~@C&yes9oT>LA8nv||Z%l_5JPn`cnCdh^^qsPzg1SFO_ z&VK?J6*?OW#VwXX6GF%z3E>%OoDBZ=5ZFwG>Dt9+&qME;;E<4FuLI}b$1eh7d&fMa?GX0hwLB4XvJ3|t-?FE4LbLfhn8UytJqrbDJS=hm(2 z@Ka+D6QvUY5~c_6Dlk~|`o;!KMJ09K)-zMdEwCgwGH2#zAZ`gt55g>q$efX`T-kC+ zT%XQxxl6gn`U14zdYl%sfzy3J?+$s{U!oOP33aGBrhrM2)d$f*pH z3qWX38^uurIrWwLQrRr@FvE~HdwNSUTAG>wpbp8OL@EeyX`$d}Jc-a+10GZ7pBXqT zTg%_PV0vQ@2VSuz7Ts#rQ7EqZ9N_Hq(9Qln89@J_d@(Uxg_bBt9G}#1ClqIQU0q!& z(=4Tfxaypi02#KQ_1X5c6O>A&Cl$(Hz@c)40T%2p_OPr_5nWlKn7AHnMZ=2u8ulOX z>K2irf(W##sVFm1OhPtE)I}qlK|CrZ#-vV3AFT zyW??BTzvRVqMDl8HfqSoU+Mf68y}~o^sCR6s~dJ>8G!hE5HQ;cqJ>eo=s8`PE1^}wHC3pZ-TkB zQS)PZ&3$?;E)}YKF%Q9vTW(n{^{ID_vUiHIS}1TvWu395x9xu5yox*Q-xpTfRjBy%IN7?O9HqY05Yk`$p!V;aCQ1eCq|d1|I{FRRY5gn z??H{VFLk(H@)j&vlqdB-B_E_=-Q6&rnvg;s44;izjD0zCE))q7=rcOzgC({$s$27< z0Gud`rj5PxliD2P_Lx7XMmGYY+xICM?Ct#_SqYI;jyT|3k2PD*SAMsF4?0Gs;UOWV zw?GkpCw4F(DSL@}+|WP>_-7YFezHEM95~C6I+UtNbP2-?a`tVN_V-URGcvLjV!7lM z6fP8}J7{;tzkuHTp|tJd8oKwp{jXM?5+tPPuGl?>%(SmsK)h>4HSBrv7lDWXgf+)W z=Rz@8X@`cBJr{IXj^|`U9Ktisx?#KF!Uc3M^$r=4B{kpWPk)i`%wz-XN^Qm{{;ib} zt+O7;9H^QW+2C1 zRa&Vrofz}v;rK^~aQf~D=mY2TSL}W~V@WmQ0?4qzws;FA+yw^gxB>8N*4S4PGkdGb zcjrljWYi+RoD!b?cKKzPDuGJ5@}x1d{-kDb=kXCFV8yhx?N#hy+zMa=!N{VpN>qWmt(5z)^)ugYN%40nY2;7 zDk&O4;}M!y`&OaHa$KDJUv=r8aUnq~cC?LE5 z@aiWAjh9ZfTE9!2DuPQ>FP0V;>2HMm7Swq$S@N=Kb7b8l91};-ChlCcZ;~lEqp|WR z^$+2=UuMH$)t|G1lTQgDziTH|@$l3otdtB^79P2#_12HZ;Al=2RXMj1F8({5TCvJ> zqn{ie2oZ)!@uB#Zl@r0`B^(t06tl+pMaoBh^_C?I`P{uv?S59hP2e&3+;C~7|Lw^Al7JCBOPE1_MwnfLhf<4gLe5J#AYZ zS;QqY(ev?TA;6FITgPb_j7q*j0HX|Ds(t@P>f!~k*m#|R`DyF?Wxm6ixOyZGt(B4& zJa-Nv`tsYGt)};LaTni6<>A)ZqI!wDb9HKfVCpa-2D$$>GB-i5sR^`9wpI-S5(kzN zYkwr(k*duRb{7jdeGwcTKBgA~-BpEl`Su$M2}aS8@mZ4;3{P~*S?1SNJSYK z`H>F>7kgWNDY+Vx{Vn4$4a{5amAt%Nu7Y;NSKiJp$%>GDW2c~|t-^ampE!YL3{14* z;vgQI4ImxbIefbfFV%IV<|1KI2|q)?s(%5mZAqol5R(WM-Jye#s z`;5y^o>SoUy?@DAQGtE(6NLV!EIHMg`#mEC3LJHJ@?S>rYCVt?{Ub&r4q%oRGM-s@ zL|I(y04e(=rq4dO+nu-YIdss#_=kcG6;2g@KK$|wuQUHwbJ73sh=-2hKB9y(AR<17 zc@;oUr0Z3o7GCt;@dKv5IN#1=?EzfY4+MS2<8B2onYn++^#7wXc<%G#6_B5^$u*e& z|Cy-SKVtl)K@AuU-c`f{nuBvXf3M5FH~~U&l|EIm{?@sE|4Jl3F_7xo8+-%;WcCk* zawVK6qiXzl`_$Y8x0lo^oIgObwp9PabG!DviHQ@S?}` zkFg~`rvm0+$@;?`4?O|<{FhAPe|6^c0`ITnp2&lJf{VV$e;LJ(-oIkhQ3VTdOz{5g z&YmtCsoEfyGk!-P&zK;`Q@gZPeOtQ>D*nL&{H5lUi1TVJVL>vd=es}`r98l8_bz?q z7%!Rs@{7mC=D+2=KL}tfscX;P0`Jt77MA!MKYErITKBAqJE2t4ExShjPY-tLWOvBD ztWC8tA;OMkmfX>Mm*3%H&cjz1?-Sys^dkPX3rc(L%Z1%!ME(cE1%otb=q38BG_P_e zqO05QYQ1sR;E$&@s8YKwfg2w8*+#MNuO~%1?XgX!e`C*j%;XGKsbA^;3@*q2@4nvO z|C+re%nHUN!t*|&QRO4UZd5}FBCklg69>lo3p2BT;#(xpDW6{Z{B;&eSNq^JtSCYL z_~`S4IY8>p?w_sx_LWZcl`l14z+s5&5$X!lhGuPLppT3FyuA1&8ZZ3zQ9`O!IcIAq zt-Mlj!9W-v&Ou6~L7A;nAGDy9Z%3lo|F0**&+#!3|H#Er6;FQP5gY)ReRhxM99|n{ z>L3F5Zs)thHTzkWCG7*=Y_IeLsJasQZG-GH$18=q0*|IF*!?xyZ`eJGWis2cx$J9j zwifABCtOSm6D`C~!Ozq5ea?TrSbEjc(jX{Ufn8m7y7Y=1DT9-of|~Qwgnd&N)tWpm zdi8hKcT{x1yAig3d-JFJ2LPG{rI*F{LOwe?n{AiXb@L_>SFy(9r zaNE}2CFL3oB_*Z8o@=zUNN}Mm%fO2#k^d6KosO%x; z%wG(Tra3NVb^TkbUXIm|H!q(H_`=B}@cK4o2-wogHTCCIc&TWSmLId_Iv=)$pR@d! zjq02wD84vF&cD7x$$?vE`tEZ)-tGX~0nZ0C>g%Nbh*-ZmtnhT!NYA@@_iEDX@0Z`v z;8IijD|u&6_nfJZ{1Orp&SA&T5otqT)RnwEIv6%q)%vm57^*s&x0&5qf0yLRV82ZX>&k1wO6bX2ZHU-xiQzz{bwQiFaB zk>4}2I2Gt_-jcLejHqm*-Ic5 zUFMhqZQ-r9ka#?jrels5j}=*3)%Eo9^_ZF0_dMkx@;u@p5B@p`Gg(6Z@2TwU9Mkp{ z(PPeFDmPFYNh%@?TBC!^V_jkTXG%^_l!{~sknWMBg0Ov09F!1!6V+K%Uuc9gaw$V% z0o(phPtd&@)}Y@{26I56gTa|JpzIm(IFk?(q3%R58_OS=axMdqr$4tH9^S)!Ps)mf znwq*##nMw35fK>~9T#UN4cUUd0>}|M(+2iaLzLeoju(UwKPf3N#9(LRg!wn7gQv|5R4=raAEgr~#g~hZy7R=i`+J1jvZ5JjA)V*0pTR%rg3DLG|x!V&GWW)E3_3 zkwe?n0vHB>%J2{%JHPS(AYk6FvpBg7Qhf%0QG*>E;X3!k2m~4K?TnH5uP;wEuT(v< zfb$4;4h~p}2e^0Z?AB=o#$=S)oIp|)^70nM2=L;JH0J_t4EMiT|NGycxVRlBbndDj z5Y-bskacu5#h?CogH$RT@PY}S8hHP*LkrT%?e-7!rxT=q3`o2cG7-RmSe8J=6%>m{ z=9v0#q7F>S?;WncC&YFZj~HKsV=qR((6gf~(zc4ls zeGHRDD^BmF3?QV6&O%b|51NHuVjM30t@Y&vpp+_(OCgn!P5P(nyYqd@-vEd&79M=S6!b8&5k5ie?LcqjZ_}Ld~dv;FFZY|Rk!&v7! z^4`Ua9H`FW{Za1&`rk={nmeN|@cgou;$xdTH7C*-xTmVasHZe3DXH^viqCPG%|ZY2 zLVqC=I7l!DS6BIfMzPm~N$lSnJ}yjYT6SjqYz`m*-fJOni@whW-J!f0@Gh=$CR-=o9ilHIbhk44=}Sq8TZdT^^%F;?HX>}z3R{_sHY;^y|Ct>seR zmvZcgM}jb2xQip;l>UhP1wL;BT{g?{#rOpz-b6ho6|Oqor*l6HVzqjg0k9P8k0Mx; zUDX`)ee`(s_g(S@k(}odD^;@$N(iCvE6DP4ZHJlGKPim+AzbBikM&;dO@-SBr1paESQeVrJ5J}!H9dqvf#u@;cv8m| z0%TS|B0{P0@vr$A9UE2fs!s!>nEuX?2il}s%n=X~kLmi+tUYt?u>?4#h@IngRh)@ny&( zJ?Zw|;ksjXAzr*RaWl2jFP?-pA9C}9bPQg)YR3DQaHJ|O2WP;q&B=~p#SPX^>Agl!X?(crquh$eb{bNseH_T!|CVv+d&7O1C)m__Gj*iTcCiG>XCK-F$_avGRsv?kr0?NL|q#`su(rjoKxL8uDrgJ9wwn(I^-F7bezC%x%E1? zpcCtTKqtPvJ2_D47DC@!*(-TC4ih=4+}Pf8u)Hsj2e<8=&^0*>;jVr@nx~acA$izQ zzIWuUl)xufQ*+>wcA)s{S3svCKZ-TQv)Mh-0-mKbYF#>vG7OUtal{(O!VO+O^KoDG z>*#I0o-DL=SI=`zrX(TSJa%WI#!?f@GmiAB5vuCh4{Zoa5 zk)0D|Di+1hraqQ0_PSV%RJ!dSiSG=g#%Ptg(c&C9z1OB{n*4L8*+GDO z4=5=(Zt4~}-fbEvv99oTYNY2G4?U^m!MyplPyw#bgFA^`*G&;=SRZV~_LuVvhmqu> z;`?)V(t@A2fg2i-(qZ?Ia~H3@;1C(!E*!Kr&Z9-vq;_?wA9xyqTM|*m?BemOoyEQS z>5*BGVwxPq51fbly@uiQ)3NXpn$G~^*!w=klR-vm+tf%?E(mqxP4|NrHqnYbw^7kp z=>ySuVo0ND==~TUNH(Pzu^+gtbNjlD{Wa}7Q;v0^g3XCzs zOIphmI~pQCypUEHhu7>USX%QV4^}D!9nm>w90%r+i(JhxFI;jPt3m)lpEX6YxFiG#VEd6&4A=g^0*rFTJvXwK-0McZp(jk+JGB115>qo#+UT`L_KZ{i>Rp zw6fk4ROZn+N&@{xRoLTlLdfWDL+@lqxMxNtwrXdDR`RI7eS#uZ@9Lm+>9TgCt|q9d zXhE(ztkaWy#wyk%Sq5*iPf#O&O2`$}Ucj|yVe?Bajh zZND8G5EQHdvU#)co(2+1CMn-D1cXHY*I!h00e=2OxLwD#iqrcjaWrqscXX$Eryk9< zZ`|Ty30{ElOG*zH77!S5oxCPsHRsVF*C2FMgy|9S_BacXJgMiN_#?|;O)BKIU5Kpr z54>R5!a1r#nxpKL5)-Vx2=1f}`24O%bB}EfU*LZK&~RH3{Z3~CRXp>`!qRf`4V~@# z3T!nixfs3Y>i1X2ZYRT8WUxhHUUDJv)!Nr<>5L~r90W+WjhXsajVT{gYuU;yR_?s@ z=9AcKO7F}ih-B3vKq}vKQ%CSQTir-rr~LH>6kP(;p^yIG9RC%D9@mFZU+C9g1=$l( zEelFb4Atw==!SI~j)|J~BMZ764{QauO~vx|=6>ld={Fgp`J7`>-p4_A414ut8^gVK z>ztGHOwU5(?93;A2F=sBfag&b5gvL3NW}xR@ajGxMDnOf`6W2j=3lo+&kcLEi?0oi z9&?2WO{~V)btEKhh>!6ZHoO;_=0!HdR`1peZTA^=PN%$TnC)D=$X&L(!#Sw+<)w`0 zrXgc^B;*F2DZ<-*fA38}w#VLdEM`@ALp1Jk-czEUJ4|C!TmS2P0k?ksl)p4;+4`*n zq#bh!Ao>yTUHvUz>_jH#YxTE5oz`K&~nFa@qEzUqx-+s3yN zo8O(PJ^p+6exg)%@*`CMBqt!9>@u>astIR|)wf^M-uZw9Zvzy3<0+_GDgUUQ#Ndqo%txUlZ2TMx@h?*A$3)L5_X z?&|vaC*{xx@v5PM262OqZgMU?JSbH5{X6tYdvB-Z{*~CNcnL3e#9CQ-WiHnf^La2k!5V@NP>pR z4FRh@5g>}$rbt#U|A2o}hX%&7vn@#e0G$7~}Cc1)I3oLAF z78;A%)T(rSb-4ZsULUC}aUHbr=Y@cKw7zk5z-=}OBZ=l1i!wjqe zJz)8<@@-S$$?-wGVD<4qIXw8Vd!VMOMw!J%ydv=I}ZuC>oacfzR zy{~lzyr^dTGea)2v)#GRKwaB>ad5Qk!M5AUfes<0$;D;Z$whZF7hVslx6U=2n&qB3 z3{qJ!NrWGmj@FkQeUJKZpTl&-(b0=f6IUti*jF}+MgJd8_rD^g4wcd*LR>+F1t7{f zhPq&H>G|7CF=Y6za?BS8L zJUT)eiGns&N0MpLYuS3twmdzUY1S4Tbu_$qgYRBMvtH9aKsHzPj7JtG@tQ)kquFv= zi>r~<)z$UsJ}1YVN|6tm!NYw6|A)Enj>r1_{(qA~y%oxcjIxpt+4F8l5|X`(BztGm zol4o+n-a3K_b4;6_m;h7Z};!K`i$@Ri0_}j|2*n`UE^HmI{Q2?^~WJzCFHS_C-L~! z`m^#Zk63sBN(rKGuhyZ=o3&s50Xw=XSM8C85^k;oEft) zweg6K=JpahbVe*}4Mvz!H~R!5>IF*k6dvFB+LH2xL#cs-#|6K$BZGZ4UkB3LPZab) zS=3?lKPe3)8}|P35}%OPmjrZ3$~6jzq#pWBp(=cn{Mt(fxMTMmkg~}#ZyHF08UM}7|M|xQGobQun$P>uRJ#tlUir6J-k{EhCj$%hItPZEgSj>7!PFqA5k(F>$e; zW)4}Ak(kTOi*jbpzmNVV2~fM;Kg;Csy{}$Fr-5tMasM5OT)Ibfo{5L@KtSj-34M7Z zb9s4_>pb^%Ov6=ZQV}O0rUGa~72o#$hy$=-_MLyxw)~E)%Kf{NwZW;tzDQz)qKLjk z4lB5mf1%fq%XSMH@vyzq;{5hac(^@xq*GLP4HVZkc%CIp<=}FsLzs7+VL{&oni-efXG!Q`qQ6oQR;Z z)p}))@flA=g`C;rvIPy@JjP1AopL2C! z*wHq(ypXft))=@|qg(7Mf;&VWcPtlrz0J3&TCOb!hWeP-YQ<(_c+Tf_`6B$$$qFvU z{Gmq-G=E7r^{hPc@$SaQrBt=+y*d(NWm687I*a<@-`A{C1r?0!?yvUl^__1>BtlLm zMGK@M<;_Fb2Kle!7n|R|Xe&~xry?gxhC#R9o)KGga_)&YmfMT?T(tPbb32dg3bUl^ zLx%B=`PqcuqP|!hhL${v48Mn#8}%&u__F}hVC$k#q)8aq=V{#Lyd_!omP9Vicq=8_ z-v6z;b4&J86F+4Jf0w_pdW7Z71-+4=kkz4?-K>TY?Wa90}xUk9!_ zk?ySxqfvRx=H$n0``ZBoRA+T7s&5mU)qP6xH=H@SZJlL{jkA0gWU9~UiibzstVaXb z(COD9D#WA6>ddXv=`1c9EemC48l?4FB~~TI^(W@fbsPBFfZ=7pDfLNJ~NZ!{aE?6Qe<5Y@r z#-#ym=qz>1y)xW>ktgy9g3xwhYfzcNV%;xO7V3o?GjxRcC4Bm5T0fa%L!JM1Mr!dn zka|r}TLg$K{-{yVQfK6o#1i;+#-uspweK_PKg)7x$NoIe4(_tf6@tSRG%7~$xB#(P zQprk;@<2!riS?ehvxpz6EorMMPLyR*m<%L<*s|S98{eMyGxCi{PjYqHU?P9Gt>;2f z4^yWTmzrv3O^e?zq?ksFWbAdS#g)12dFjilDFyF4@1*8=J8g6e$0kW*ON*`hb)P<5 zpt&m`gxz+lsZOd&e|r1j!*93uqT{a*A=hmdTuS?%*-^C+H zLd%W=Brzbzlst2s?L3`cW>Ay$(ZcO|+x~pwU_f?y_j1To&Q6}7(8e199xkri;ClrG z1XMyU>7&i!AmvQ!vXh*g9DNj=`T30&ME+0`lW(+2a_q;wGY%s-&vkiyz|vM9+NLzEjFk~>d-|3; z`Fg6In1$;tbQQ2DOY=mZc;&rB2_QM$zZ|pw8p-;@IO5)S3%0Ew8{vw#(pP|91 zr-WhDs~u9im#2U=Y&cDZqTYCrv3u)9*)eL`E>+nMr4?209zUgRck9+%8D>9YZ@n+? z?=_6`Ry_pMD!?~~)TSrR-e%2GRaTQXMC-Ek?imB0ez}1j+b($L->XCyd^r*?mM|MIm7I%yUpTnCEL8_c3Y9$p(*4Gi?y$Ft{Ja#cV8S zF;;8D)}RbJUq6lCs9qlqc=gd_t8Ykq)Qi`BFt8#on^)n^>H2(`p7O|#+qb%&_LtHTXoc}{MA>amf7Z&q%0nR{H0U^+N?tG> zzw{pB*)>_Q*+vk z6hq*#kJ~R;3g-+8C&aqCx@ykK2oW7S@%LNERPvYik#1XFDPcY>f5hDuBeL_UtIrOo)_fivXKig>VQic{!0->B!tkD{mL z%=*7-ME97HxF_G{uxo5?E)S9`sD#M17)gYMg#qKm2fNsYnsRwHQySV$EwOz@j{TDC zRhz+#xsJIXW~cq$U`tnF7P>DU&L8eKX(_Q1a4sc|wO?EKwx+41^st59FFJm^hca6- zEp9eva-*==LT>i8y2E^q`D%-}IJ^P{@!PU037wi;$Gv(FHg~8VMWi)6Zj{{++{Djx z;tcf#$gaB^rj_snv8s_GV*1u;e){!6!*qfLS;TmGa_Nh9m3#im2RH4nAFK3NK3T{; z{F=Dt53$xO{0vRLH;#?Iy>JdLn+nteFnT`A9DOpcu7Ja*4XK5o+|Ta_N#Rb$Bl zIq7xt((jTq8t2=|2U_f=TjN@aY!)xGvoCs2H%Pod5uHjoZ=u?yc%6Wk0kVPao3Ast z4`X{Q5N(r;oT%I zsR*vbxG=euB)>;(Y_WIZIwCopa3VMZTfL9CwS@{XEYROesalfBrr2mluh>9CCgq_e znI5k;kk7RzP>__CZQpj8ith?yZ!8nxib>c-o8(;Mhr>Q8_DEktqrI~;t{yU%GOM#~ z`(>iXBTkNIr}`g0t+09w%Q0!;h|YD8fWBSevD!Hak%}L|?G5m|!Q()>|Nnv+) zOC9a5rlxu&)zy&;*X!~sn2V^Y!;;5G!nWl!Jvo+1+_ z@7JMf0C9Uw2%nwiElN;Z|Q3G?*>o#u^$ass)@#f}Pk5 zO1VhP>N+ll{0=!DBDXou-n}V}TpSV>#meRCYGqZqv*D(>Do-PGkaP?B<+%_MojU4-4q$J{@TwSHXND~$i)!p3i)RW@OMGRK9dYrv>Qc0+yLv}94eu_$*Vj&6ml z$))G{%}4Xt$>CuioqIA@7xzf&gT;qRoni|M1?<;mAW28kqW(3}+7u!LXaBsO-%GVh zMy+sLOOW``k7XP6WO9{f7k{{zI@iAIl*iUOhQoQz)_kUKS}@#$3IDH!!iMUCkh%*v z0<6Bp>B*A!T73;v^!2xGoQR(o?@N4>`c4ujQPlaf^NBWAg7gaIVZ=Zt7hq{tuVTjM zk5lSk)r#5=+oivl@TpbY^4TZ4pYJ;{%7gFsBL}oTtZQ9=@+DrQ)TxYZQax>_cZcbA zg?pfJP^N&_+}@-e??}s5f|7z=gyYmgBuyF)l#3BEY{>)rJndi$*r zSM4gBoy~us1t*`d`9nSyWoaExKOC^jrDS~1dFX

UF-*ACR;maMC$~rBMmTA(-wL zBex@&~nb!;e4S9*dIAKiG83pY6Imb64n z;#yO0TD)PDTzO*F_V(eyxfiHT996AbT^Edq4eBV;(H6A7-~pkL330}WNAYh*Mfe1G zhHM}Gp1|lNms_Z+TUe)JL86^BR)WzCrNSq&<^`2dFVR!V7RU*%HuWnnufrr z?|z4Q?@ygVtJAJ$r>>woAIGm94-cCpGn+~Bzs7b1Z$42#H8UqioS40do@8qB#@*+R zJEixQ&nkUhJ8%Au)%1lEOuka+`v5cS9z#9 zMWwfEO*A-jZ{Uw1=^T+LckUws$v}wXtiRU3_2zGvE@jwTKhJwF|CN6{wy5Tg>&{b~ zN3le;IuJ7v61gCWgy|07;z_09oV81IaViHb~t_^)_lMX;RGXy3K} z!*W=BUqvizP9{gDjRnY?Y*#u9;_;Hqg+KZkNd)0&NP^f)5h2=M5;I)u4Q?)?Z; zYP*;$<+kQ?X0agEa9ZF~f*c3LzWxiH0~@qs zJw!G9>%RsrLsr9UGoB3(&iExCqX+$wXY8&3!Eou(VT=8*Jn^U5|BK0KYp}s= zsnX38rd+G1)QSD-Gy=#dhO`30PHa`8t>$PvODjM@iie7T9ry(VdCB~iym(R^!P zgil#91xeA`AfhOX=P2t7d??rBPk(3-cZqJ^^e8vS_3>uqrEYf>Gm1n#g&{)u5y$4J z%}jkk?JZYt4zSAPtYU^2)M^F=z2|<}3J_08z!<{Q+4F%%j!|1s4t%v#PZ|9z)Mhf3 z$GrmHt6#AW@kM<=cy#8w3hzp0oW` zz|2YwD6QsS-{Jnch>G!t4MpO#M;>{qw7=RbrNOByqmWsBw6Jm493Iru^dUW;?0xNfBn|mNi#lV@qYe`Z+?zP<2HHAR?*`2W1O`>weUqxPC|-Xr4ivDnA`dz$ zw+6!dO?kr^8Bcvn(%h?x`H9yW8?Kx}(%ILV8j_AY0Z<^KhR z=ih8_9&dLm%ACVSRztFWIkR=s^k@9vV_X-T`N0Tj+?qbTkO5)ZbH8u*`&Z$lomUNe z63yh^(-h8+2ZE^8q;jh|+927Ye^6v3M&H%i(avhB5@aSP66u?>ii6|^&Fa>Vmetv6 zkG}eCBc%LT`XM9ERLo94!l8eEo>~$Yj2$-MD04yRsyi$M41_>mA_?IxV>EHzj8ksO zPttWG8P_#mFyA4W_BQrF?E^K(7kiY?A9+ig39wCnXp*})%#A-YP#xebGLz%I@QN9K zR}FHi$^WJ6{wR4j^U7IF8@&WETdI^kb<3HXNp(_#MA!pJC6Dncf4)~}MeKS?rRr>c5ADH^h03`fITX_uD5Ct{PAMo5Rh*Eo38Fh8wwUCe7Fzom z;cPHFnu<-2Z8ginfBT zo#VJ1kYuGmMXd>Hq-H`VO}Y*t$#3PhZ`G6!j2FpkXrNikOfw+NL*2^0*r|I1`LLNE zy%QCAfjz~X${@XNc{9^YZt~F@W3w1YJPjN}tvd)7MRI~egmW_yT2C{S z$VWP)^L-lsY*tfacnx~7k5g|Y^mhtBll_Z@f*k$Nc;+n9?DNGo5ZIV%fKkr)HFLCwvjRZ_J(Ieg^V6WZ_Yh-c-ksY z`I|$oqr(cv_4D;7iWy{OHA%r$XesrGU|gs-i_%egmX-uA4l2oA#& zY}OIaH$zOWb8;Y3&FcQ6#|@cW{j2NW;`C$mdzP!MVrG)uH~s3QsBU$5pm>oQ&a=h( zhscgg;58lp&1WRoZ9^&-&WP}GPp~I?>~|>0%9RO4#uqAyIZl&zwOYR};J~+v15zu^ zP=x=PKOU6;V`>uq-gs{LE0Ah5qw&>XOL9CxSzlFt7%hFVKfqXjl&Cfm##%^exc%p2 z`>%>KoJ{6lzczVCw9*^yyY)L~eOTJ|+?rn8Sxxd}r_Pe$N#G>K!sbVc5-;W^9-={e zPa0hwZcok>TJLuDx7}(e$oQ1|ApQAk@^$LosvLr)x^PQ1 zks+ha7ppWyEcNvxkzzU1A@xcr{loA7rg}h?Kqd0jbsnkP_zS&oR=LKSU{y58)r4tG*KD`m<6eYFcpT&IJ$b8&TYW0Q>A ziFd!NV5E;DRy$nw%CXQ>+K;82>ihe=E>P^uWvi$=VOFN~Bz)J5e#S>cd40#TLhKf$ z?-ap@Fr_PYC{Bdm4e70J>ZOSYF@2Oi;?p1@)ZL%!dO8YiGXy6hkZ3~x=(>knvkZ1D1=8OR5U#so?e+ze0?w&{Mb==iZ+32P}qo)+_;JoU#j&t&zL-w74calV?Q5u~XmH`KhjkX}Eumt(Fg zmz%()Nrq34G22@Le-wOMe@&HO04G1q!mVTmk5@*S$bDtzADx&ST^tg5-fv+m#BFXb zBx?7ZD@D0SjD`E^ZyAw;0{zX^9DozT`O6$ z)P`G^6Gv9jE#Wm$v3Kq)@4Rapl&+ALz-xqLI#O=xixc{0HQoE-u_PU{vO$h(Tho0k zC)Q@E#&zRZJxERJnpU!|VD})GIX*t)PnQ{Oa`tXovYqWNB_axpJHPb&!b0S_tcC)S zlfA+n>vZ?kli_1sV2+unrN0{@sapxWhafn%>m0Y`!w%ba+*84 zcrUYQXl zYn!k@TIy^%xU);V7utOm&u5XfBM}Wv_QV%*93|%KH=#xiuf3hsN7B@RalqS5E+Znz ziBLHY3gPlx|8xZ}E2E<|Hk9jo&-CfZQY&5YLf(3w;H$gZUMx?58=^kv2TG$%xq+)DmIS0R*ZFiqKmac#JFnV zh^Up|+!E*=;eC?7{$#J8lpCJeiSpq;6%_9wy7IY1!T8D#9Z#bZ5uNmiUCOq#(IHl3 zl4U-ZwKBo+WwEHEghDaJvqm$7^ekgjPfWzWWm6-L!3@PnYhRSqX3g4Oh?KO>ctNL#y*CWp z#BV70Cx>3_VzVRn0CI<7d1zG6Im~Jp3 zDC_(1OO?FWX==3iDGXn89G!CqtnOa0Y;N2tzHJD}8k8(@(Fx}ISVY+SgoPUzw?r>oRvwIlJw25VF+nhLBch9cLecG-x=K^RPhy2A{) zoL@v>C-oy|@-QsMm-@#vE~3EY6#NqlPCK+5cZUfn$w$R>FkSGLouK2*^4+nvYk;GZBH+TpShHixl zSvvpFkSFW&zCcV#Fca<^p{`-MSsGjT#MyO1dKm2@^$t>SjRUXdLl8~6?445~DTgqt zVvJONqSoT(F4OwVoG;`cAK<{f6f=99`=?F0OFe2`wKJatSEM5;e$6B`C56ko+s2JN zXRBG8Zc27XrBqvYcWZD7Otp*Y>ly>emqb=Fgg^s`mhys9ic4jxN67uSg6{t!IL%RU|P2haBc z_45?HLd1f@a|=+;4#ROtnL;AD8|z8DB>S>?bHj*T8Cq8INI!4Epu1eed}^?-D*o1v z&8)zEY2e(bOJBY`RZ%yeENh)V$-5RHmnVZg5BJI-Iv9{x4;BHa)5klNswCFpFHqn1 zPN3k`S1i7!EB!+&bN{4fk7nnvbBRuuv3MoKhJUO#S0lMev^Cz$AZ?ttW0&i!$s!IQ|=oSs`;)rxiZpOLb2c%q`w{gPpg!_-{ks#*(qhCuQy zjNTW&x0;ZuvqDARy~2xBexV>N{!I!Ai=%HMDr@y@w(}nj?7a567Js*mK3>%k`l>OzD0n*Mfi{`@uM+xLPJ~pp?^>ex2nn^_xYckUiW*$dR@Xn3zLRAXRanW_56*n zE#VaYznu4A6YHrLGkj7I(Kee~ze{Tfv@Bk7fgSskY`PHRU%GC z&vM}Ouae|CFydy&IkL5kgtg6#GM37Xqz(U>c&Dw$ULos(SOFMyoXJ1&RxiWZP+Rx& z{Hc0xS?kfaF@6q{))eIja?vf?ZeS(~iyKoE8S`F>T}Mi{ky9-=872eCA5>AMJmVcsjCktL=;+)C-rid8XXK&i&%3o}{m&S9 zCQGwGKi5B8_-|4@Bs>)8C?r5{+1M-n2R{fkc(QoCvp9b=I=u>ByAsT)ZuRry(=MaZ zc5866Hn@pkM7d*+YtI+=F z_qJ#)(FGo}BTbmnAnEb=9|PI+DCmcP;;++xxHzboKAb^KWlE(XUJ(J6{AuA?nJfHz zUE(%28X9?#DesV_#Uz|WWW7tNo_gWl&tp54iBNQynEuk~?2)0BZ1Len2md9owM2&Vq`lv|$OavlZ z=jA!uVJ*2rtA$$|y=>3>Ol}7^J~sQuPH8_H=O>y*Y%d9aK_tmh{0k8vM6Qu`w&x{C z7WJK;)}l(F;fNpDLwq~LUgIRQ)sr>ejf=DJHHGxPWAYt=9ZN*V`YKbL}y0mEq? zigsR+SPMDneyN)=31GFXWuMK{I_L=9@5NaAN_AYGqbNILFOQ@LZ z*rx0$UddrBy!gD7!-78HhQ8-P|#-|5n!I>eW!w}6*feo zPiHI*mzulRNk#r_5B>}NH|Qu%RO`X5I9pJT)Sqq8k)#ah5?9r7Q{vp^N>kbd@Qm)l zYb=eP9h3&yxr<79WlF?&=d&u}sY0b_AbkHoQIQl%`lffGf)1YMrv9!c(JfJ%*ymkU ziGz2$vhP$7tc2Swe7lO7rZ4goa8aQ;m;v?gr2fHE|BDRhIeetx&!DX?kVQvAN{Yg4 zMnQpuAug^byz(wWGbo^iB0g=ETekuNgT;02?Bo>`;?N27Q|%WlX4b`2flq~{A2q&= zGtV)T^AWV6Wb{1)mw(IbWaq&X{*4os%nL=;Z^r9&^rfVX3KNsK&Nu5rAQt_SB!t6q zqUc7apWhUqfk|>RDMXxHzsnkd`ifY+UgWLp`?IlNS&Zc9YafrY zT#K)+uKt{uD8XX;HJt@l;O z@039i4(U~8Ldn^gOJQLjwaT3JNfO4A3Xw|aq~BfT8m!kG_FMBO_9xr)X^w_6J& zEN4y}h6lm{Am(^PCcY7(L&p+P6lSW0T#7tAcQE^V(Dl(k5&><*tHW14P(<(^2rt1r z4H7IQnyVuPzepbR>rG+)*@H4pG2-~yP$>)TM;aQDP(@^a%qR#f%PX*-p!W7`=(_;j zHSR6|IlS$s-Mr|u-^sN!0~hIo*2W&jsa9RA5sh{W)~VW2Pj3Lo;b|JKTmULb}7J;pSrM>hrb zz$&hh0R5B}dkuPTV9(713x7CuM<<5jsL0zz``CtObg+Krwq;hII3>pcTQ6h>WD6vMrAuWFrZ>k zz%nPtVy+%kQ3P?HFHg%8p(o)=a*}rK@K<5V>IKl|U@3#Y5&63f7$505WQK*0Awpa2tUMmSAaZsEMm0e?nGdeAfl-5%+Cd17G1;xtl)Uzp!z!kML;3H+ zo_j`R(hE^`KH2<4L7$3#&|*-57J%gkfb|F1%u^<4_2Ushudt1)W9g(%24(2v1wPdOmMXv$DR^U-hO=|cWc?GaCz_g;c7NX@XKAzit-qF4uE7ReN^Z&!%dpb2!A6@rVv> z51H14x5ZZh9G(AcT-CSNr$)PFoCKsr=d<~?#{4ZrFx!kqKJ`T6j+aggO~q{X9-q|H zJyTXZ^)Y{E!C~Yp?tBdel7a_hvIh1EBl z_`KXQerGNwARTh0`(CEiGA_&h-42T-0@;`ejys;@L>(O+8ID`aA)+ptDatM6xKvh; z99JlZ-a=0RfwvQ&#Z{@bCDfcL#kj~SD&~G&ALxlGEfrzg?nu9cU%k3GB%0fAQ6B=3 zK=A%(<)nzsod~ntrRn9~vt!@aopB;M*$SVQPgjSVxR>pYC-KeH(&+#gr+HJ!285JK zNXoX>(zPceZ5r1z$kW52qNQ-_ulq7k+4d^jeT>%F6?FyygZS!ZI(raLpYukrWqQw= z7 z&bE?12*!{6Mw)lU=^fkc&=+mJ9DSp$9V8JmGc(%zyIUDmq-vi$B6&?UFSvYrXFiuv zQ%Tk&BIufT!~egU{Ub zcsGe*x&mk8DtD5Mf#-cy&-;vv8ZFhd?#@VR2{0*gr@BkBmGaF;zdGetck_FQL{4l% zw6g#~kS7KAmDCpj@-FvE4W0e6!md5OX@9)`*W(JEV2$VA2=I?1W+plP&O?5K@)uYf zx^)4odeE%N0d0lZQk;X(nEEj-O{Chh=lTf(iq$BmACZFWj55x`q^zpvkWSUPFBPX} zox}lGi)K>G?1tmMWwZx0uRSg??jjqrn@yd5pHiljo|OHt`OD*qUeCbIA0ZrcxxEI- z*_?_iD~*DSpU@GJ&wH5xK3!Er=B6&YR0Mg}(?-wKyg>n;KIjlz{w(vFdAC89jZ$ME%oVR{MUyu*qXhJv@>OlS8O?vPJ<)Xq=_7~gzr?M;=? zvR0bVD@)wXk9nD1b&9>1Fx<4%?y6=npWlOe1Y(X{*gn{*n0}XY{ZocMYNBAWTCA0c ze`sZYr@tGZ1xLa`a^3wVDDl8>xEyW11Q2F)cZ?#|rLL^ecl{7vYj4xP%QPLVt`w3o z?s>ga!+Zu)irKSW57ir;2sd>fEOAKRDD%rX{u>c2uWU!7-@GQWrA(^~N{B8grW)K! z&)tFk;113~=wc=%bKY<;Z((;i51@FZK}{I5t#R|cHQvf&8$(?dYg)u3TaB-Wyt=ep zgb5rNcDi*o2HLL3B}6}0jR3H=S@lT-&}|VjjGKY<(x`LUEcEk@`Q93#)WSpuC1d+L zfj>aMX;l@d6kjHDpSSl}>}G{-aD3NlP7T-jMK9jLyT`;g23%ZvMfr#5Q`Sdm_Acjk zYp(>Yr2#M>PI2jm%aD(RKVzIB((Fv}O>)o+fU$E|rLGugJnx}t6=iae9E^TX$Lsao zKOqHLU5hb8`;9gun7xt7j2dc(bJIgFg>As96yBJdk3i``<4HJ@le*yYD=m`hArdII z3J0~C*Ajkk@oVU*CorlPXwbSMx-n3tt=<08(ymex<#hO&Kca*M2LV{k`i(HO%-*{) z>$slXHu~b&>9?4jL7O&XM%cR<=aX7rzLk||AJ@|Y*Y=82Qs#uQ5_T5LM4fm2qpO>o zxBa_;qgwxJbv+{zur86bL@z_^tkT)+d%{(kf4r=9<|gdu^?Mv=zvkBClhI_*itf;l zDL=N96}=~9Y_r~@b$5rcBhq=LZ>SoY*8LTQ?p0%|Fgq?wwRAq!#(DcC3_{rx;nvlY zBGHX5z)g8ygH4RF5=8g5n#>!xyQ;g`@@Z3v174Z1?Np4L!(B|kigel-V4}){g|fSh zvv3&qhA)*YYKBC~-MV#);&$P9P+2PPaDe=~?Q}U2|83{_mn&^2?*dHjeRV+Gt5z!A z9p~HqRneM5zjHUqn1LjyQFO7m`&sNy^R@=w8WJV-^LkNRTYNt^NBeZcJU0Na@VdzE z&s(jA!+yVdpu3$|3scRjlgygusfF2AV$B7#%E+Ce$*R_{u+1eOmw?h_iSaaGIyaDy)v;D0WNWtIzrY^d@=X$0e6SX2Kg4qq#s~U7zj66{+ zR0TC>@{W22;y4x;e@#GBP`pcVfHXsYz$tS}u*?4&+R}g8W>0R=0yd@5oA9u_z**n6 z-ft4(PRmnV^p-zuN+aJtUm@3X`FSd%O z@XGnEl!Am$VeL#lB8&w3+_>gpT{bg%G9K>B%h07<-)0ApoL)4dB8`HWmt6TBh1l}M z>jLX?(VC{^%=kA306*Bg&5QRFR?NgCAm#c5CM#B@yI9L^%Vzp~Qf(#Z(&{4KO-fFd zOt;vX5PrZc(p&@-2CftEsvqS zg}jUvX~CS;vYDCWQFfPtD+@&%QC40OQ-+->J>~;BT?mYXWRaGpm2AJ$hOi;@!z)w; z0iYiO0T(WEe$OpN_6E|ZQ^}!1k1i%AG^tA-{Q~t&ne<>}}U@?SX}EkBSzbpdW3+`{>Qvs#4GVrFit)^o%>4sO_gdY<@lC z5}>HuYhFX8*6T7I!7gqg+^-9$zE3^r@m9Nad};y`<+SSp67_v20R-H0)JM=HHT^L$ z#l7_a`JmqBtcfVUD`Hx^t^E4=%!!)q+gk{vr3+>!)qGLdCLu6@lYkEZ&b{;%Qs`^_ z)t5SVpAegE_hKA{Nw0>`=*S3VG^hd=a*OSJj)eJ&6mNVqJe#htyoJx?Eye1`f~zJ< z$*Iw0E1{4uRusKER=vvW#IG!!BSre)n4(J^Ea^botk6straP zZnew~ha7uTI_%3O@^#$r9umZvkRL& zGA@3lOkJ8bPWIU&(fiZUT%YG}VrqO+^x!gj`)B;m zWA@doO4Ope>Yul~APA4XiKzd3o%siuq=dDxsLo^3WKz_m-xCJ*O5|Dj@c~~OpdxZ?#&WB4^E<@ z$DgDZyuwgKzXlflnpC# zNafJnpnMsT%QlmXpFqFasM`nvuDSbl5##JC5_x$z;KJlaljycA#Wl;oG|-~c>z#FY zV``7K3R9On^t>-fGW7?TYK#)mHuu6Qr4C?$BmJLY3=}Oc+7W7(^iO7Z$Vt8l_v4PZ zJS<VM5TzKmNv`-H*I3{t-h&Fe>kekoKJwxq@pf&qlYg+5lBGbxW zX=7emJSt zPOlbMcf(~n+8zy-9^Kh@H8heHPriHK`JUm3nRLOV=MTR;HB{}W~%nrc< zzihewXtmdSN5*!+bvCy$>HddLkN`;MwQ=HS3~1fi+-l*RpYdqn(IA$&{`PyR*I1!p z69G9R{6k%vuMFDpc!Xcr@_7q`X*0Qpn5AzL?_|WPOuhH*EgK^?zmb)agZ;4AG`cV% z5049FSktfVFVVR0KVR%QE4usjee*p_Y-yMMob;-?z~qr3%)HjDW_m}mQjMw8_H`x# zKI4HxZof#6YHzCWH|{fwih*;4ffuY5DY*oAYW**~w^?DOk#yyi_>#2VTjt_o-``hD zL^q-~wB5JbC-H0Q%;N6N{^xyqqj@50iK`A0&9ljvy|NlWUZ2I5PA^?o-TfZDt8f2F z(;{1QJ_p?4%{k+|n)$o|(&%kab35WwWM%nG&c7;Xs=M}gn?~JP*hGKQWT_vME(nWy zRxG;dD(cB?*j3H$ydQ0iPS$aVpuV{2fMGSs|LM9E$L_rJiW@WNva_e0Z}wQo43qxR zaqCF4)>5To7tzCy2ww=sp`|Cl!#frF2t?$Jpu>N7kBQBNJ zT^ixRR1ws0i#Ho>_St|6`&SzUW`Ep$sV)i{sZGPtq--zuEVXR#U-W_mdjmrlC&W87 z*=}~z?*8&2Yu{>I>rHoQ@x|13!^L3%0G)Jag-U_noGN8f6`mpjJ+ylXm@KDc=_ zye_MB8G!P%S>v*u0KOdmk_-l%9Da)@_FBZb65k#OJFI&SZS_xnv;H-d}1 z6{|g;_VuEic-ZWl#PkVS3M>ft#tp!VYz17BKqXBgSWc|0LWhX6c@z7?aCWC@5AzCK zQRR&&26PrYYErG`yb^BxA)#!0w#+*r%3eUkriKchbP0|_7mx8(LF;^Bj3Tl2J!~bi z2p4AxV#$TAj=hb9q9+VmG?ZrBLzv0*5fJR};Bq=x7m4SL4M|QIoQHD`GUqu3&A!UH zCX)RtKl-yBf5vOie=LORZ3Ie_jA7$oYb5aaGL_lAptcBKIm6fCeuX{+ObmjAdvj?; zBT8k3q6FRa2>Abqht}pz_2)ftHS_8ppnmrBo$uymE0aw=pY*<4FIACMMel!){`B+1 zm_g%dX#muIhXIXJ>3RP8$M|?gf*i-CQ#RGSm}QsvqGL|WooX`M@r;7pdlfcil=Z>s zccW##aqC4}D>{y|XnBMGn9x+ZyUc>M8PZR&qn~jn%*yV_B55ixky2P)O8#=%VE_0g)3jq;kJf_DRJF4OwKv5##{jS z6l5-|;#%%yAYk4arWZ`S0);+k+?QLGSGHoaG~&S?KYKT=C00D{V&=QEOz~w++`|FM z`ka~yMbBH(UCOx51>vOnMSl6ME2qRoTFdupFw5-bT^cqudLnz%n?LkKBEg))3_p#5K0V3{d%?vuqPsON_ZKC+SBjS1S+x5%&B3#A!T`WKy%4W)Z}#RO zX3wOTT}dAz!huh)JQ+8)o6c}KRtvn>qv&wPZ{T%jnnw7W=LR-6>hw4y%9-%j zS0O_oQNg&Ds#PW;EjXXeb=z_-aPDok)6P0qr99@IXIF{}C1js`M4YxG%ogamvL9Ex zvD%eeyQm^be4kRt)-1Nm@6`*x$Pa!Rg<-S(8e;xZxotC5l6_fiUiZoMd%faqlL!Kk{IvC%hiBZy!6zXm*K_hANE zNO~~6$_z z>7AT6h5QG_h-sVeqJtphq}y?ZA7aCqvL*=BXcTO1`ELV0Y_ZF<{qnD*8Vg1J;9`d=MrJU=T&N#aIOXnkNpG8i$0u-(@WxEawSgv!PCmi;@s?{%hu z!m)Zu^r#pF^!RlaH>~x5v6dlH9>9C=7}O!ee1?pWdyw;y&M4;IRX$izZczz*~KAE9lWs7vCz-;$;NT>VNGk`klLdv9J~uG z(CHF+kP!-4O^7Rb!#@DYrePz0|JC7(!+8~9efztM`G7=TG4PNA(c2K$_v@WFFuR93 z3nUA}o8*AioGSndzvq3hg+p=i%d?L7{KeOKZA^F0OrPb|5cohOQ-m}r|M%tphlaR! z8?r06DfAJf@n@f4G`g?-(lK|Blcx2aD;%ZJ3oyK=1WtM22VXPv zD0*D-J$Y3*hj~Ht_r?8Pea8nB`xDrx805?3aikt1IqH+h-+w`}v-U;#%fRrFeSOn} zKs;XEn2YzIQf37v2sM3=ec){%yf{3@3WP%0ArfA1D77&AIB7~h`G!n*Fq_3(vxxa< z)!BOvUlEi9v=FetI93bc{~*P`h86Y^0?tkN3{eY;mAu@*LO-+$ zIH*6L;$8EiWT)18q4GCW?4etcV&Re~)!%Tr|NF!kET_34~U%i0sqtJ0}%`M!A}`eJM4s z5c7^(LAttPGJx7%B$lEF-fYzy<)@`nUzpqj+B|{EU*=;{53tcs@qVafa8RcV6o9lm z??(-Z;C^JGdjww&ERS@*38RR$Fp43qY>P0T9TPV#niPuUv~LM*j_g{ME>&z-{vdVzBA-34ULErPk5BCBCV^Fj7B6Si0FTo-ijiV3r z8mq%QHz+&Es0Z3$QV)VYMPDMiTzOiWTadH{&0r(G=DtIBx@(M4R`&e-n*nl#gdvK+ zfji^to<+Y!^LHSbRQw7pT9F8@eb}{PEp_((_A5@;m_hy^p-_9_oJ$Dz{x>H2eUI-w zpdAu~RMt);-oALsi!fAl!%<@LJn>%P`~ zUC-;fECKw$Zm|d3OAUG;R6Evx2eudScVTGkW;p$u5J~B8EWm%h9ealMTk}4p@+8F- z!~5L(%y0qpB|;J>FS=V7nF~kf8xflIPeMX*<_6WNeb}rwX3yMpLc32a>LHisP>01|QzCDuuVu{(vp7@;Nc&L$}Q7nN4{OnP? z`Tr&TCDxh_rr?FM)+S12bs2d66JlC3)sqKW*XGJ13|C%;kSW=mC~LIM?M*sXqk>eT z2eikIb#RKTn*luHSct<1^C5sl%sB6at{&JopnmUOF|*zt==Yqsvh|bkMzBR0wnVDZ zcyQs){S$FYMH!z8+~e&_lH7U9@k?>FVLl6fh5q#g=E&}0F~FQ5ZQqzkG%kd@W*gT% zTenIK!D&QL4uY}w0{N?mX??S;&`gsH*zS(*H_Gi)?tC@-SzKpnHfBsR>eE^y7mJq* zf8m>zLz4w%*K9>ia!?<8cCafmPpQ6z7I#EWeq~EO(%O1Go5OkS8Ys|6an zKoU8H@L1qo+|qoE_H=x(04InePqWlUlC!mFXwv$H@u%IiOjT79RIf2sXiw6C$RHT^ zaf_!BQ+`%tTPe%Hlo@8;c!InVf22`jaZTG5_)3?P3mEKW4aZ1tAeov12%7wyf}6 z$R!#zKQ~ZgFKc-HN#6K5=(}g|LC-&MkHI$|JbjbJx6tV}aOg>11S-@(%xl|GxgEpo zz{-#boajj(3e@bY$#fL0uAh&(Dcb3*yDn9_?kIH@Uts2>@JvZ<)o>^}c$Xca0Zl%j zQlM9SxGibdtyD=@Ek<)O7wKEpSm4ksHba1_-9qLjW438qXZ{-Dd!s+UgWg~gP2_KV z7h8W~<9>znezi%DPG2oX5R1^cE|0j0+JW3V%A%pjtQu%s?3;zV{Js7)z;XYbC> ziiyp8`JqB&0shHggM7!f)I3B26FJ))yG5z3M4|^WST^#m2~NyL=L-jP;_A+Eaz>20 z8wTGyD~u@LK)UaU$P1nn2vb~HW05S ze9HdUi=%wTV=aeTigc>J!)+t5!kc8~Rbw<=1m2mf-a11)ZA)1+;O@H1F%_><4U;aY$Y`i5Df8jZC|86U{|; zuFQLmb}x3#E$)|CQb}n4_)}PFw3|1{ZSrMU$k+i(vDYucXugF#u*9sN_68pXdmohP zfM$ckHY)-z?SV9gSZT%3RU%GpHLkodeTzZxv)-)*963duQ@HnET64x18vKbD$J^#<$lT;7mO2eOBTLTw++P-REn=j!aItWucRZ^*X~m^m(xrDcOzJ?-J*1XJ ziN)&$}2o8c&cqn&Feez>gW$$S?bZzl~QIPbSW&O>FU8RjaktPfuqS0AN z!#;?68MYr|wRFHpt{87QpVTs66G?5AeZ{~gXZ=ZxQS*s?W+SzQ2d?1tG=c{Ee zwO8dx)qfLrTkT_k_;WWi+yj&@$gAnN*ou8d2xxq&0p!lpvzH=Ryi@ecn!HzeHx2t;f2vczFtc^&a9kRM7J7US7!R zgJiA=mF05RVi8NTwzZY9eSAPjmy*_LGiIl$O6GvDj-$Cq|gCboM3R>d!K7U?#+VCVmDg9A>vFlpz z@?yc_V<*tot9mz`&XF2&YcMM37m9@Rjn(e#JW6dk_MVTLt{covEr$$MYQ()3Q>lS`;2A6}28JjR(+% z^TLGp`r2{{4BJF#U8_b_HNiciOuRiRZiO)OTP8K49wLx|K7Gj9vL+d<(xKw54qi$+ zdXG#*%b`k?&$y$7Mv1qlA-KxnO>rL3{uZOMf>f?`{o8X^jkG^cPLd%N4Oh0(na?VxtwKPD1sV6d1{yHv4Z+AyI=r`j1&e?p40rPe0n(qwBIJH%lR zLS=yOwFsG#YPV_6UoG5O7qiSe-)rUB*_w!}0y1EFwELG#hikhTAHaApLD>k(%1+ag z<7~e=v_@&4C;wRy%+NDFHrXg&o?E#B2YIv(jtZF?{n1cnk$?16-F6^A0c$zL!g9{a!kV{gA!o*AH@+fxaN4P^+2ySMl2`yOA^cUdOQJlkV-(I+q`kQPqN1#+|xpB8wkqF+( z77VJ)Ol)h~g8vEjvN~Il#Zl7koLJYRFoaR9!=_#lrC5vd7rRgzylL%Md-swON;d$& zBtj7jjhEU@rVn-*?YK=RLu<;Cuw9`{z#J6+bI> z9fZBnM#J8$78Dz|lMw$vX_(cVVY)Kp%D(UP@|85&co{dbHs$5(X{APZcR#j?S5ugK zAGA{a{7@(1C0Y@oew+6x*3bvOnnGkC?LsN1EcP%((^m|?&r@9KKA*)9XD87!>Zs$M zhc>YIu%;2wwjX{ZT?qZ*Z&v!0Sm~B`UMuKbfA&Q%hwp}pOx~ZuGL87G%;6-(9J(PM z*uw1#tgVs86Awvk^F$kOye7e&^k%|MO!$vNYC7J3Wlz2)T;A{Vp7hH&`cDmxM?>3P;@I z&R~VL{EtDCyN1#M*XL5fAKc@QdM?G<)QM?a*Ij-nI6YUZkB9vCs~HrSmHr7ADDpcd z+g9`J=|`PoE&O+(2d^P~h-w}!jtGmNZT?!%AMoL|!eMcdBpBwpEB8GKd`SR?TE#9s zmD$F=!V5lu%T2CiN(>L)h7xHGKeKBpGNcTTA!6slRV^wJ@tTv+OPT>f&kgE)i`zmV z!s%eW8bqC_rTe!Bu(4f1;g8=_Ik>EkI2aDrr8jYWR=iZpj{;!fd|*DkYwvA8mqp`B zxNEU7RMMoFG$$FUsnQiV&)<#oP>@IQ9PXn~3S&3cadAY;lr=qN5eE{%Fzo!c+eiPHsY*`w@zSTN#|3T%5f< zpB@<($Lg2)T!Y|j)*~8j;(^mOtQ`Wbu&K-tT*Z>hM?1JsK<~TQ^c54^Z5VBj{|o5@ zmU4EMap0Xo?kzH`pCw=1W|)c&YUSko9(n8w>u=WZiRw^WFH<@XvoyN;-Z|!$hzD zWX9(V5W%8#a6V+PwIkeZ-HAv#^cIMHp^xK4W4-dOIT0`!iz6OQg5?boM| zUd1t{`~erX#TyCj`DuSVV&NYtmelI|5};)IGDqP&D+}?JVveQb;7MTeOfWOHX4&|Q zM@#Sju-Hp{lg?p&Ty^@ES+?c`Y^fS?xkxTpt3fOs|E=dLIYe3d{YgUZN&!YB zx~(L(Mvx(_IF=;TS>N%8M)sge*1*8fkQdXDfKa}(y!wY9OTQz%`$#_HX!P+Kl?}|w z+WF=`?-Spo0Sla~3m*=:GqU`D$~Ii2wQUE9?aK9K&COaM!n2KE__H zD6PzeUXsZkL%z)NcZQ-8?B!j6uTCKy^V8IO`*iXR8Y;WHf=)ET=XIOjXH0(`^<r9jtDzy$xFY=`_H~aU?h00|OM?zt2%Sze8+lyc3)w$|RAmpO?ByYv zpYb?VbUQ_cv^%zsykq{?n0lJA>^YlVi{l5w@<$RLdYN5CtbZy2)}81z)U6(>bjG&V z*a{!WMlSxY7Tp0@>*4eR&3$|S<;~K@6bap_{I1I_2_pAJibfUeJ}u3yRQs$KiFDX1>jCflufW%UJf-WM9mVofZmm{IVZki=Mkzb?xTfhfAdL|!P4mN_{nx&z{TSV~H(JvTUL`4p zeLg2C#j`E49J+HNj>tD3m)MW4^0uVfL3wAQ8lU1$QhLi*S)SG!wfl++EWf>hcV{lY zWB70NvnA{hTuVEc=ncM9=^G~Jd#S^niI`wCpB@2rk~ zbbr1{9w+sd8a)`^2;@jR7F8JwSs_o)>O)N%EFj`9kMGT0~UiYkhqT8 z!K%vRvSj&uX!)1k-ty0ik@Z?!P`)X>j>3fh$GFmPLS?D6;BnZM#yR98zAyiBY$=g=*kYp_JJr94*Rr`jJCPESdx>9nJv~qIhj~vrWe~u2fAgJix7Fejd)F zUsV^V*c+K6>l2w~jnOtn%#3}7TBs}?)MSNKZAZ;hln~gd8;($g7*8m1eb+5!-b$@N zp7mb-rzOrOMc*Wy?IwvwM^XfH0Zwokxl~{@I+gP6&NbgAQaxzZwPgH`B_!ksYSn&7;jM|wqFi!>wq>m}?KrAQS z2j5|^7(_#w(ciZ?`tSdNg}g~$Cyu_?okz>mADY8V^!98a;N@pA* zg*t2or?M^I>*Is^@Hf#uKR)ua|KFW%{RF@{EK+ABgeEFzsX^OKs4PcWOn-ju)AQAL`wCzx!P;j<(%ongX(C8~mI?MKya`+|Q zi4Nff?$J89E~GjPjJH|VKYJ@Soqq53M?*0i32R5Jltg!RVd?$epo7S6by${JgD>{-29YTEg80Pc+ zD?Ps@6pzlTmGScjM9p_vPX9V2oNi%gqKba8;u^SlNAk=oVL3*qEAAU%VQ53V-Qpnj z8&SO9b^h*HN1D{K&E%0REqikxSDA2e5aPg8q!UKXg#Kk&2s$o&Fxj(A zThqU*HCcA(*SN`em;X+jCX$e2#MMO$Hb4n;bJeFB9h?08UG%hy=qQO2|(XIV5SQ1Vkcz&|9O4; zpQA;GT|7;?Fp=yt37R37McZoOn@F`(sIwNl?FAY3jv=>qGw6l`<`ow)v_MBJYQo0p zC!=}t-&U7f{ON+=^mv$ZJePGZ>~wUL9}$#)P1tGJc-67*y#NoZh>fOc4sSmKC>wM?mF-x2wMl!F}T zzI6h%gP-Bfl-{0xtS`*4mFbi1%+SfaeV+#DW)l@PYFBxt5qf zoAxt6$QN3`hhqye2HTzq(7B(q$+V5yUP3a@JcN#pT4(98C8k`s3!pxy$g$CPc%H)@ z{zHbgW7W5}dP7m~hjGW?tyevOiy~W8x9`UQd%48=(PsS3FW7yPs>aQ0)H>^5Ph7g1 za{&GBGCJ(&GJmT_@@};^2o6plsy8(?q5ZecRB~!P;{Yak7ckh&{V^3yV6plcRX3jf znws^h0_s(S4&7#F#$Z{p7ZVm)G78RL>Mdd)Ec%!!5~W`r_wW! z!`1ghIG{NZ-f95&US6KsMh)mQOyVIALY=)F34JK{`1^tG618pDK%BmfY)f;IpXE0( z&X=^X)gm=(S1Dz2QOJ&^)6@g_!=47{2<3PfNf_Ycp#j%~PaFEncCUH9XLY&p$@Ji> zdE0nubIzBg2=8~|=oG}{_^f{h*>F#aFV2aSrP!RPRr7>bNOM5w=Jj>q#3yJs+r0Jm z)gCq8d?pGtv$*&Kt#+a5NKKv!-ADqiXNl~rsEgH)TiHTdzgD8WJgiIia!QeKfp@S2 z`vcN(28EZ%|83Gy372IxzqNjAF1Ia3%-!~rg{L}H@+nn8m7F*M*QV>^=}?2V$3Gp& zb|tI%U#|qCWUFNui?4C^nay-p8q*+#~+B{wfAXhGGikAj8HyyCL6KLC^hDFpUF ztcbIUSt91grPE>P82-=jJW@|2#Jl%5UOZslma1=|mBAF(RvH4Kts03FkaONg>|0a_ zv#&G)c;+G3a?dD75Cyz$g9?+2dVO#^@CEv&hO%yR*Upzm?ugK8X!&%{{?&YNWQ~~7?QB?|B{(ND)n4Dc>vjJUc*>t zCxt38wUw~kZ>a)w_KRb%OlRaBqO^AvtvTn4Ju%^I2y?l_qs{+?hiW{a;Z--){sMub zbEF~SDkYO{4tKe37$7;OilL)2pW#8G`~Q`@^asUbC8NF5%?AbF##)!f{aVApnLOyG zh1ZBg7V87&fzei;OtY@%$mt+#@Sot$Z6ulMn@6!1sYx&BItKsxNPX2+;h#|n>6e*6 z%yNp8b+isy@Q5BTUoIxqM}aQ?oM!_lS|QB=SCQA}=@b960g1KXn21p3P`V82oM%v?hb6USMB;=VyFHAeL zAouY<2e8RJS%mzSvUk+}nKTs$K%+mLuBM`xYccu1U9f)bK>VB$Fe7PzWh=OFZ zck83hNLsEBzZH4!X7XlpCukC!O8 zTp5`fgkeJs0N|Su`%fK>B_;#J=27PRR<2kXi?)v}*}4kBR?82fB*wNbQQ@aaLxWO| z8=h9L*B$Q^%ku3ms7lB&ln5Y^?kf665hWHG?L@)1iu|vQ;M@Q6%XI$&3)^xZ&qMp^ph2Pb+(-e zgM6Aj0tm|_>J<84-G$4jThd+ZSHFMZKVvo<8(-~l&L!6%SEghu|Ch)x zdK0xw3y*PUx_L;^Z%K!OCYm8JMkehar*stvn4YEoslt?5SxvKV3d#=;mNhtT4PwAL z5$7#30bo;u3PLDmJ#}d&Wxs+g{p^vc4y1~4yFZ*k@8f-i4gAUHrKboMjvR(is8~WT zMs^L3`dftIQ1=Kgi*;1Di_i z@M~acx+#?s@AL#$5jB30fNGluGUo65kFWiA%=qdb*w>S$p5W#^S8TVJZB`oB9|~Q= z-zvzn^=N;BBOf%^Mf@ex^D|(uO!K?R7sWok-e<1fjvWPr_l6%whVs4l!T;=ocoWSp zye{0ZWj=#1>n;FjYtHM074Sl?CMMMnb8mj4i^DvtK7t;(_JLGD(52}Ga4P2~57W~; zr4TlF&*woP!9fJ`x4K8O#ZX(P6pNtBPVR|>FxVd2qGGskmcqp|n&Plvw*6`CG|{y- zzRZ$tO~4a|+d%P;Ty($9$<)PkQgh%B?k+#etiW4G>6QC%YWZ<%`_8l%L|D<;7el zPARfB?v_s_=)RwYex%B`kR2Q{dI+Z{ObmTlUVKJ3X)1mq;Xyse^G(wY>1yQV*uIP6 z7GG#cWN%%Y9;#SJ%xDhjZ2!k7h_joQfxgdup6j{oO%j3v zGfDy~Ta!xsCzVNjsJ}s;`s@sTe=yDWW;4Z|ax}7YzVg*am^bE%O{`)Dr#N;hy{4l> ze!T~}L|;J6eYjjbE!{%)yjvPmwms< zre>c9=P!T%rT`GW=IaT3UhMQuq20`5=TCr>~c?n z^FpEoAoTu$f9Tcl52TqB9gLngEPPIw2$jWAw#z#u9#jh^4l7vbXvs9u**n%L*ja$@ zc^71JG=nHwUv0kGUP@;%@iu+*q5?C+kPp*=@@DIRL}i$I@wR$vVxzyW^nu$W5PqKn zZQ^7*en=wM&MQ<)>_bte8Rq8h6yuf9Ujc2Fm}H*m!2Q4z_qz^oL7g0-Zd&-3fMjWF z4#)TL>x}5=(q92faDBqP**r*s^nNBkUS@Tc-`e=}t&G@D7o+D#nUSYf#T54*<8D_A zV@`){=0@W(&B!(VYro5|HnWW!c#(2p<*PTn^0TerK*Qn2UBQJb-vc6|1}!@m7uAZK z1ES*W%=Biy5m|u**M-+Bv)~$gE(i5}0(h#awk*ZwamN-%jpz00Fo(W$l?Yc0n2Wi! zSw&Y^yt96=Wc4-j;eYl{^O+lUH}T4m68M7k5nOo>n|i$ZhvhU1g-j`|zKgiZ( zB;RF3GWF+9r>`yVTY^~U)h7ou^M4W%k?pxL<1^2$1Y|%>wM`Oc3law)*l~an*L?tspP@gqoOex+_(-m7T?*{L6p+57E@KqPZPgtQ-to zZp#_}ap9D{vWK9k&1b7@xWkI3@8=1RSHsMw!IW^0%%4KF zK9R?!;_175p2Pz%h$oOrUzx_7^L3X7q4y*$YWMiDQ05=m-f&Wq(BMK5L!Mi>s<{=G zP=@jpEg%|4&0Co6Ju-H+QK&7;gi(B9%=1e|``ZvbUFc2vjdAl9aT|k*H!R`%S0FDY zBnLNK{}802-O-01<0>YYJ|drk$|x7av3~sQKk5;rcad~yEGV5_oq3r43YYx$2(&)< zA+0J0xr8^+g|$SpIF{pXC&;tD;R&Kodnk?Du~XTCxffRc>}n?>Pk3O39lhXOrbFaZN4EP)^s#&+31k zf>AWirF7$BwAxO@_EJkS30)s0>M2H>)8tnd1cz?_?R4gB=5l97Z{l|%B^2fmW{H__ znn2;!pCl8`>*MO_P8hLIiUA7GYT;&eB=aQ_E>ODQp5+!C{Coa#csi-;`W!ArZ!PoJ zHv_-kxlaXh&M7z4REV!k@sRZxEHQxlbpKcC^P4=^%m|G9K-!0RRCv-W?Ci-7f3|>j z&@452#ETLeH%@C5h=xo?$+LeQKI)=jYEDDASzxcDdaMke&AZ*EWS*hkD$v!eEwFa~ zwdy?-P#(vfrcMGp#Hg&K6O6ydD`D-R5F#Q_FUYx-TM@}9&aD(@6U`LOdAcx3&EhtB zINBBJe~`0ciGBJr>Ny`&$v&($MnEX|Sp|x@c4(m~BU>u`>gV6_cqZt$^TzcS^lADn zIF;A0OvVi?j7DFaG!HqW6|ogG!}?J``0xU}54v;rOMR1D|B}$3i@y%cYIg;NV_2^O z@JgwqiEsXIhZJhR+;z06Byw$HG}k_>;`IA6wO$@cYlNK2+)BIMg!gC{f0DwJ)8Zz? z2-*u)7MGD)=XBC%n59`uM943LV=K4%O;L9|ifKBn>`t`se#RO$NxR4p+&w>Qr1;?i zIcaSHx<~f2B1@r-o)_Rz{`|DrhSh)#ZZblNnFQ3pCZm;bebgN&y-chG!LMK&Y7`~4 zrT6g!<3u~Dr>cF1cxC?)FSnKXAIQ^* ze=LR8ySUuWD%BZNo1S7y5t5>-h9S3;AiP@ zQqmh19WX?0T1Kqz8C-V_e?}c_5JtmNlul25zcW<&Dg)Z^T(N=z|IIx4j=!tO|E2=1 z3~Or%z8R>nRyNjqdok*>17pS?#JH@<=icphWnDWPsog2~WmPWP#N1_c$+h=^BB{+- z2`iLf#|xYK=7pU-V9p>Kqvq6~KmZnM=&*{ux^E01r5X4->(8jBNe^=L#c&m*a5B=G zwu~D3(M3|9EKi6O$)&fx`Rm72@j|A)8xY?+36HQ^qp0bXDFL!@0M0L|Nbe~lsw`79nIAtj73yQh$QI1{?zBKr&azt0{cMP5U#vu z>dBvMy$rqeMLc4(wfe!xtZs+$$A_FX!fvtHvi$W)i0^}E;?2+@E_u4ce<_sX1*8M1 zvWEgiQ%pOXY*K`E_&8+t0{qj_rVHv!fg%(rb20po;rEi^D@N(XI^Apcmw%{P6r|Ty zJN;I2z>7CXZ{(+OySmy8Mb%z#DpL$-%i)MGxDKZ{aH8gq4gpb_y<<1Ecih;_1#8>{ zi~gEX*Xj4(VV(DA)C*lrPHW}~Hko%(Yub-_7p%myaUMfi`_N9Y((tZMy|3Y+eD@!0 z?AAAbKe6RZ!F?yF*kisO?p`dSZ_MXjNLtlL(xl#a?*t3K`UVBXTJ1bhL>cP^Cu)#z zv|`JKqK$>WD^9p%qF?$jBgLRBG}y?=ev}sc{3Ca~ncvp0ng8_-))%DM<24(e(L*01 zy+jk0?++jN8FhN@5+zXOR|&th-Vy+D&2#kb?ai|G3)rk~O-ESW_>VaMEmMG&fFT1! z6c+>yMVd@Itl~6%S7txCi=$qwBAVi3vIfInja;18T ztEN~5H*}$GAoOW~gGA+-u1CE8>47qnbhV~(xy}HDtfM0l=M#IPwH#kRDb;Re>p1-K z=wHk^!}ig1{7v>yYYtww+$ZA7scwRxC-Nc;R0>x$x^1MpUgO-7+VfB;xh20yh(Mwy zob>DxTC*cq=l2qvwZ@yIhugyuO*fxoVB1WW0?2{T3E;D$_p~*FBa@$)nvL%AqMJO@ ziYog7>$iD#QUo95ZV--8{j((~-_nZ5E}sUBeZ>OHTcq~2I1V$^Z`9?3u3Ch>mPD-=IB(PdsG?R z|H(Dv!LjHC2ZPpT-=n{gj3O@yx3Pd~NR63qx`2;y`P{JAZx4|lT-NO@vlkLx=QSI) z_729?@o!p#BCy2{jAoVchKAN3v+cMy(0@oW{EjD@jq(@4GKl4yOnr0!Zn~@qRV<`H zsZ=%?3=yIovpLKo7!a)GD}P1pUicON{Niq%TdhbEbZqL!kI3oe)kZ}}P&2_>z-$?* zAtGXLI%t<{G{!cubs3OT(VY&ew3>vl-B;?hKDZve8J6QlCZYtTC2y@=hsJQ=;KLk4 zjN@YW$nOguJ8cY$QN@6XKS>aq<)WX(*EVnQApVP0)%!-;xy@a=14X+hWuVThVL$)C zj4h9TE&*;0u`x<)NxX1bK{X5Ev;~~*(!txG7Q<9jnS{2F5?VjlyX*~vo06T4PygT~ zaF6tJRAX(V&wam7k>M{az;7X<#p*v&D4#Sb3Rra-u6Z|S4b8{Vzzw&IGz{j0gmpr( zFG~=!^L~}AJql%UcIX1Eahu1_zfih8(<~x2^~_y2v-&7S!0omvAF~{T7pX0aZKmu= z_8|9oLY%=o2;FDJ8>#c6bH5d^D=Cbh*z&pPkv=4)xCn880T{#jo&w~@M(k@mMiRn-kGM| zg%XqkW}PWqgFLtBXWu0HzBUnRrgZIR>G2D>%y|q-Ezc~u%w!-o9yoQ?TIB9N79WvY zG=hRxT4sgw+D{ybrW`vQ;Xdz47O^Z_ofHyr!F^vXz~P7MBIOxu#1=%vk4E3S|2%;( zvJwhN0Lus&!mqn|0OwXBsR`+U5_Zc)8jG(Z-tG0DEeb|{9IDH5p5{JZLXh8ZFYuu% zvX?evC9q9^p+P1sV(?W+&?{YFjQq$^{pAk26wB6S+UR3sd>O`!fTZ^nGHXBC&7mw1 zk8)5|#O{4HpB`CF>Do3N5j*6*zxji*4|5l96@&0`nf>E_6N3#Avc3Yt4Vh-`yJTCK zmhzgrGeoWPP<pFv8xv5*UXL54-UB%#zH}oS*i;W^b zB4+c)-F-L8K0VrfY)RbV+k;TP`5)ALhU#I%Z5bvEHgd$u8Rw$=CwtnIF++1l2r|Q3 zBSuVd!`y2nx>BB9%DSQ0VPh#mGny(5d4&+i&kKFaWHRzu@lFZc&G&5CXJ}p3v(>t4 zlgb>#;5*-Lj)IH+kDym{z?pM82 zqWd!{6<_d#uueRJl4vU@5=ODZFHZ5G{Q2<~1b=SBeeZoaG<4B+{+&^Ml1sWp7zvIO zk9Hz`j`Xe`)Y@3ZIJu>pG@ne$hqNfa>*cwzR(?vc6Gx-8TWQ7{0@zuN|y#l zA1Yi@9A^hxQuJjzHX3kzE)%J9dvfi@#bpc(aOVS{Q~<~t!+sTGeQIH{o6&tglNW#4 zzUPZN0w;5AM-Q&8EGqAehRWnCQa*8 z8*o`0$a~|Rk{(G2Xy67lPZ3NB>S0r!+4Pw}YG77sI7L)0^D_!$prmtu^|KRP!WVIw zss&v-7Z@&~vIYWEKpUgk z8>Y{8>jZ~&*)9x24X9(pTLRg4p@vA3w(~dnE@yM>)VfBzsl5wfHM5l7n}!-J_y_5= z5L}nzP>92w+05+Gbv6A;an1KyEBk7bwA>Y%5>Fwug_E|OFGQTQYYxxM;?&)Ls3ux= zFN46T&T<%p)zP(U6!|b%J!%K%rKgY=WBVBeIVq1tMSv*1>57GHaNWUQP}ib29u%F*Nj?6fwn?r6Rr|jdgv^`z1~X#y@dn?1yij0N?Rc5u=>3KVh7OwrhGyX)#_1w z^MQK{CKZP{aBsO~h5ZsVyw!t25Vl97D=Os58V#bgpfd<8`=rYfdZ^l|GQDy1L@Uq|b{U!~}+AFsOi`tTEAa4r2S=Yx41L{$8w$vtWlzQ(G zCWcCrcRQU+WRrvZnN^mS+8Q}2;^m`n9;u-6NFY&W4T!XHrbSx|u7nF#Ih-MV-%{;tuihA=EVKgm{zaAe< z>M~h@S+&;f@)!27_LLBVOXx6riiz+HR%Q>7m*gM|VP)vE!8|>pK}p%!>VbiQ8hP_C z23^uin6KQ461F;u)+wS>d_?t5l&F^AyD*u(m#@jmdAyH^Fu9;)_>cw@99-n9@(iA0 z?a?H*{h}DL5^c16`K0ht)4qC2;yn)WJAR(D=oB51A?y(hC&G)DGHp@-_N7nyqyOZr zZSPmINQ2Ot$&DOnneIwX=4oSEN&6JNcIqa!x0jgomn!~ynry7e^*bln*}0A%zj*H4 zIXe%(rQY+K#KUG%w^$87KA0FA*dY+*Mz6@&nr6oQ14E#zq*@Qlr1^~-RX0}x^9+5i z9xJPxE+w1+Yfn9_=)RM)@xHAy=s1pu5guN=D_C3mqqg|I4_pFg<<{4U%-@Hr!7&w& zl7dg9dfn!ROP+0=ZNNMxfJcj#hDJYHgml-gdnzH#lYdYW-tFKiT>vfyPms_aWyqp8SkB;2^NW~a+xGyVnZjF zo>;ta;ig8uVVKKs3z3$M=+CIk&K;qMuD32Cl3c%`gk8gHJ;pgG69`3R35aO+W>Z1$ zW9au`WxNy)QNke-&P_@d%k86FHm4tGDx7G~S#0jlC|(_j>mg*q(>_~#!AV4{l+-Ww@{!vgo%-;T5}eH|OBxGe zba*?6ljtGEwXC*d$JR2Y?64pKjFxip^7Uo$_V@xiaXN;B92*a$EiAm3snPq7Ls~v2 zJzLsO_QT!Pj}vl=imDC{*$*E*GKm%;dP3l=9mEhfV=*6ziv8jwU~z7OpdgH>(NQGd z;=dm9wxi)#(&>krTqukvQK}VT_?r?v!4HNUa(jFABBP^6Es~RKroB3>%j!QpM$h+f z5f8r2{p#~F$hm~ocCxDgIs+6JOZ&vmzE+Idk6wYbqiMOvikS?iO5$ttrM~D);o=-(pF`-bFY-^hdELDdfU}gO3;(8jjGrIjRw1KarDB zF7_sE>e!z9*t%E8RB!m>*F_`zgM$;ke!U1R*{VOXy0#`7<)gN1lNU~so3@6CkI)nvkv%_V3G}G%Lfz)U> z%A{a9jwr(vAjV9V26>7mj^hI7iLmGXAn2E0FQg4F<;cmC+m1I7F|-L^f@U4@_6i|k zVPX4i<+(Ohak_W$;M(D3-8G_>kIx_FnatEon9b^j66imbgEYHNft|ltDV2He>)-b3 z`2!jYqD>wFqDK;+?C2*GVUloCnN048Rc@M4b-2Cz%IdkrCz%=6_tW1;e75Z|dJ`94 zVAH3iZs*HG7MGAvH~k~nZd5V{?eKw2MVD-ov9p=Czo91r;T}{gQG~{>3{K@(i|1T6Lb%b#22u zOK4-wJ*z!&aPt2A-TBGa2`g@MxAGc`A5ov;`GJ|_na*{($1*?Gih-sn(g*kI^!_?HddLDWp~_K%ljCI0^Y zr?|Nl-CP|5&nORaojw-VXy#-${=wP2;K#1uvuajX0=2c$Z^$=|na>Xi&lACDg0&%G z^Q&RZ&zDPBhVaF;G>Y8s79{y!4@d9syk)`UxBq)3SB;1FO1cAH=y1KfmSJ3tpVaz$ zN*Rf{S+}_Sm!A^l6T5??gfTBC@?3Jgo(yqv$Jey8m^S2n&umg^J=W6@lvmuAc!G-g zplJXPXW^Vw8D-+T?5PB?(kCVpbUXcng5uu3ecSfHuc%0hCYXV|e28$~x46N*y6y9U zU$%bJWl1k8wx$psvC)3V-9KR>%YoI$x4B_rHeCfGcQPu=do51^t-VPg)|#tC%20zG zE)5RQ@_gE4eD;U)NB?|DsrCL!n5WO)dS2#0lbwPT0j9N~7Xm#-sotf0aWd}xCb>K* zRhamtOj*!)ys0o&lqkC91#3ykMb5s9=AQm|G7*>byU{l+Bw6`u%Uky0n^iF~i;X^O z_~lM(PgPZ0e5`sD4~?C;pH9QEjEs_Fk5=qzFX)86dsTOj(ddk9(UT`6#y@I8bMLS2 zSX+(FvK3fM=YH}4qdB&x+K7yZf54=){}ZH9WD5p_#?QWAR2!=aeRR0eNx|3(d;Z~0 zn`YY!4PXjO%F5awV6I+$0Uek;-{1&3h5L$6(8 z^L=RYl6d5FFPTU|s%7Fq-cAjRCC#M6@uN|c&DEh!-&6if8FV1o^=mYsJ5QBpeSNtk zY>;b6;atJMj}-T4>*^-gYBHi|_o6eHolen~7qzT~y4)uP>w_kO1+V$ZE@o&M4jnXF zdRnm1Jh=GdS4&V2-h*;wu2(!h=xk$b`iIM|aWw_PJ}ThWirJ3b-l_EI(J|@Q26`P} zVKkU5GA=dpW@^J2o~igw(bOWQ@T_O>aD;(R4aMHQHJ|j^=bBa+ZF_A(*K*ikVcK7@fT}>qE%I^ z1w$jDuXMegJ{*sU`Jk}d=eBW|EY5W5^R2T$jBPCcj?2s1Ub2qV_cqswJN2YjJ)>9DMs^NKBfAY)T>ChYMsc>@9R7@v_*|S z7K%8(*LKj)k-X`QXQSjjXnCe=wlYvu!|<+>gV9Hy4`EHKzC!rR8kPO*)$^UsNhyA% zKfb2qHt)1oXvXuCI=O(7?G|?CU#Ym(#KWF^l}l)>@qso6gHSjl5%kWZnXKBsx+-qn zz|B#Z={Q@sHo`mEQncZ_+Yq2@AC%qf{4W4NhCGFOphSc>7`E0Mq-=^E%zR*IZvos^?%{QXkE|KehwL0ONQ27TkTLFnH$Y zgSRo3W?i-_H>0as!u`nn-uBdiR&L}mCYE!#PLr{CHR|d7q~RCEynP?q|4=Cky|P@T zmYhixtcqJ`C*wGI-})@Srkmrme%{j@x0zvAp&Hu5%I7nx=^5kNvim-UE|=}5 zr^~LHwi|T5uwsuHEa&&|*lX6{6h;qcl`iqCgv;#Lx3_POJn%v5K;JH- z_E3GHJ$5OhqdM8=^`Fi)xJWrE(b2sQxIfB6Yw7WPU$dLbtjrVlCq}Ky1)QfiQ?OYd zeE60}zq6QhHeJXVEu0!%F%5HDUzD8>o$vQ8Qtw-w``k9Uf4sSoIYjNMO5AJQLhGb2 zW7GGi`9B(x!N7N%7#-L-aUgp-?%Ek0+hqO2txi_!oGaY3)z6oP;wB7y3?Nbyit5alp6F2=RH#g3WaA67NoEm#b zSy7b?^-`guGF+kMib|cFTmDZmR0sqgNu#6Pbgsc+5Ksy)AXbX1IE;BZ>@!-{9$s0s zX6)ovvd^sD`c_m_Zb0A*{gaeyLw(7OO0pgvdm6#2zdCrjH9@$$U02F{eX3jGCMWlb zjaZE@bFkUQdPL>aSiFeL<$_`d2JX~(YSTr*`8b*l( z_SMMAeIK_zd-Mb*Inb^@wz&h>!Es}8Z77XiB6mWMC>s2(_I1X*t`b<_ZvKM*$JbYe zRkcNHD}s~(0-}-zEg;I@Jb_+ifqj3; z|Mau4`q`kc*fD%k7cBXbvqqEaUS31;7Mvl*=Nh->d{Wu`Gbx5!2yIh&bjG%@j|FR<&i>SWmpIRSsz`;N)W$y=K$)_pcX zMG$6JpW#|%-Avtgo(<|{Qa*i}KWu%{i>6F%JX36UHzH5vM?5bfRGZFT7(1AiDh*FUwCO4ZnjKW2}`ptDb# zH>fQUQ?2Y|`VG&XMb&o{_X=xS-4tTb;o9|A!i*$~X!zr)$g;<(z6bdd?4{=ycubRo zbrgnj#obOu%6>DNZcUrI%42r#EY8MupA`STyIcGkWkXh3XlxTGuUgseKPMZvZB)wk zWSwhezyG29W$(GXx97Rl_AZde#aWH(2Zve%9WiSF{&gpT$|&hhq%O#N6`-uYGx$Hi6GSClnd~-89i+qek}I zrJq7oCmr_I>KL?g#>6dI=|>;S%Gp#uzdEfqf$QC%}qWm6yA zGBz7VZ{)lTJ7eTu`S_{Iv-}1g8qNyI0k@g4)h!V(!S+qb4j0j#hSV67s+ZwR4^Ni? z#8Q3Td{ES(O&^L%po@Tt0vqD4Uk5bo=Y&*i~&L^Ll z?na;0nKaffcgaq8N0Ss;D#5B>p%Ifdz`A_B+2NaaVD-|DcOb*Y3MwEbGwPLL7pG*E z9Cc?mHPcTz4nS2tjzfEU4tIonTz#kSWPIjhOLqE4>5?5D*H#Y_yi8veS(s<$;o z{L<*%M(90}z3)OZREga!-tC<#zSC)- zfy$}pGUelLMO`fU(?P%O&;Zqn{CZa@?yi&)w1QF_T)!aIlQA}jdEQp3a~5{&imE1;N;Gbm_!xLupZ)sKmXu(q<1^M)r$ z;dS|X-b}8?!XMW_Z{ZmB>&%@`>9l8unu=WC8p+XoKHYcLyfb0f@ymy>B<}6H52p$E zUFP{De}zdYlb1wZuz@LSvFa7Ceq3;Rd_vynCJ8oYd+3idbEe&1zut{?b?dMa+guWj zjVRxYPqn|!r47Qq%Jq&p{pO7Mv&1F5L&aVM#*}<{Zo~>E=wzJZ7aLw#7Q3$e zz$WXdMDKz=k;vXNAvJZS&oshoDUXD1Pde>y;-n8b-t*e&_9Y*n;A)(zD0hg{(=W~7 zT{IANA5n{&)wo5^?@}q~wKL(XRZ%v6;WeSI6(PUNsfJJS)?O|N#dOs(|HSMK$UiW% z0u3?U8fh-KxFrYZHX};hkj?IGpI5)v?!?JRQ0Q3pA>lijY+9*zVz@>74Yyo=OX_#L zpdW_40Gi`?x4AA>@AT_5?@jB?iN60lB%G5pX#T_#HI@Bs7nfUq7{div?JQDR9e1PP z-jCa=X6F2-R;{9px3I^}x};zJhR}Wrg2tJu-qx*}PS-A!XayaYu?*UNN2; zYMsZScxByru8~8}Xsd1MwA+jbL!OM}?&#-;+$YtSnB9_0SPw&>h9=3VfNKUEc=}bIV{0s~V7hUg&t%Ux=B3Y%vkU3C^O1W+ z#~Dccx2l{bm^p=2D?D9&{Ef#u-1uZ$OdwYXlj0vQZdqYowhDVZU%s9iGEEicG&I+4 zV7BpRK`%3Ee6??X=P44T8)Np$)&_2<#8MY+Uz!t%)D(gk8@Mqv6qYK2%e9hP!IqR> z>%6xS!Ixqufjh7tH=(r}!+w69%?E)*O`0U4D)zUqFiZG)Uk0f>_AP2N9ldn?QCeE+`UvlM{5D=JT-Zx=;m& zA6M#rH8`-2$jeaCySOb*hFK%=I3%rp`V`C1z+jTE*(>SyM}im6@9?^&zZ@jGFq|p5 zP}U_s#Ua^h+2^LC$6`D{z5 z&t#d0`iat~Ju2--u4T0hVJT8cg9ee5WV=G2zSomAC~TgbY1N1Goa$1H6l@625OmOZ zx`r$@ou4V{4oQj4x*g}cl6#Xm$Jfitt_ThT@@Uma^=iH*vN9G1)wXtA7N^PKR+86m z@j8K&I$K^=`rzGwq+OVwBGt&3)ttmZWzU<9{BF%94%{Nz)}Q2MwOaGar0jXckP>gVKCVjv>!*Wx1 z8TIZM9A#Jj(k$paIV1m1eJ5R^+i=9LnuNsDsNvhF{|nw!hLyBaiB zC+wj9kXR{Q+KB#&u86~{1pm3rf1h7)k-se%9F|T#k(u9aJ*`Loz`%c3dWzD#!ty24 zoWQ5gUd`I^xoP3GB7Dsk((9|wD%u-_o~CEjEzw4RaG!oy&#-r3@<@u*Gl%xKt-Ljl z*+^cxSpE^D;Jwl8AcIPlc@$|?;aPfeMLswz*dSwtq{wx=Q^9`2S#Be(h$OP%5|SOs zaY=$Eyp6h$_t-jI zO}3uKD-8fGNLYF;tt)1U4cy$_fhr+# zvHeiN<-PFC;*g0Nx#sn7Tj8jp0;nUNd-R>#*wqVq0=m$pf=X(hWXI1wYBzsy5os@}A#B-f@%Y0_u=vB*euH}C`%IFyJ#J65*W&hEHM zzIO4nddlxdCB!(R8hyH+dzJI}brNTeb{8m=bqi%=B%8a=c+hhj_^N zVN&wroDW;{cgLv6$U=CE*MCHHv@gJBU?57%TwWZmpbl@ z;3g&krR??Fx4Fj?q1^+6>bW8M23gZ#60B4w>h>kOUkNOd>s>YFwW6)$atPWRWLsR> zaS&8dT&DSF!0G$_s@pGJ-DElfkZ-}C&kzGVfBz1s4~Os^E{mccHYi8hElLG0-Na?t zCeI`!u96a6==eFdA&h)WoC~MnQv$?|4tcw!>&8#zAYxc03h}I_q%mrkN_{qxpN+d& z7C1}nKuk=WhvXVf?wBBd(x+3%-*huSyjD)*-F!On^N9YexfSpcdbHw&wS>HW=MJQ_ z_y~liSL*T!=^`Qnoj(uNAZ8Ypps1+yl@EmnD3n zp*dh39P@bz6@Rl(l9;0g5G50IQsHo2W_I>&u-06IMrw~-qX3ETSH@_FCTqf(2oMvG zeS#GfM8?d@)>3#`m&Zu)wX%u|*~N>=Sy?x5aBymehGM4V-d!DQM~_dBG0S#aDU98& z@j{>EcQ+CU@Rmq`U%cr9IeO3I&dXOia7(_@9jcNI5X%`DX0dn5r$Yc|J@ooAU&|^VrDp;R5|{fY^== zHf<-X>*-m}$;r90^!uHl%}PfRbT1>-*;dix<(7`s8h0+v@T20kb5B9|2OAq3uGQ^f z`0_dj&)rBty|$FhGm~r_rLUALFRn+z;2lFWr0yBMNIGoiD8GS}rqF5{-3O!E7o z6?&$c#-!92>HKP`MfcCO&;qR|Nj&H^!BS8tQTz=3swx;35NPka2?MzxY)a14Q+8&# zmE1cYdA?-6=Tv)lnJl1~5zH z!@B+*Iv_v;ptFR81nGqfH7oQneGZq9XCH;=rOlpWG@ z=cg#%wILH7K6gkaGMx`P0l-2Y4s!n{+5Y0?%hywKY%cgFNXl>X8I_&xn`bofq;E5i zWXsfs`4>HT`N`b35D!Q<+O^Hq6m`s49@_?<;CuBEttLb^a7Zgdhy}MLhOn|g*b((x zRZ;OlK#F$7NYbG8H|;}?fCsi9cus7fYC!8Lh|DmYGu!uM!jC>16$^{B%F0TMLcb|F z(X85B5Gt^rF8ai4pD~}y2)Ai>fUyw$q8~hmI09lUFIV$-1h4BYSceLqL|zdHZX({6 zAU@EQLM2dJ3a6;(!kxu4$ymtXw{yql4!rRVp_H|uTIrildlrl zz|Fvh{@w(BXtJDwQdyk^9c8c`cq)Sr9cA+Twl0Mb*L-mptJ6ll2f>cx}w8AERfPfVp~^Jqv+_E zucuWirot3yfq?A-H+@RS-4n6G#};m)5%9_H%;PS>ddBebYP$qpAJRtkm^ z{_hVtj8wes5DJG5{jjQ%(&x4|WuUdN%&c52+x_Ke7}YdVC^%t769fq)A&xNII`Q^R zN6?5$CkMTBZEY<8p0ucbupUMd8%}b#8@K!#qN;csv8a!YzPWokg{EC!_b#I(H1#sw%LHp(OAr)}CFQra&RJc_KYexp5Z7KY^B7496vh$tiC;41htq@y5 z|6WTA$gwhSvZ)XJ4Xh2(afO=X`D+ZYfQ^lvzUF7l`pWHbu(6pLugUK1@u=K9B!k?I zO-WIPunBY%#r+QX@Ee78mW9A5`OO7DH_OjPrEm7M0@}Hl=pv!I76wECn-Iy29pKfm z53#(Q?ebnr*UkCT0LS76w8lHQ7z&uN=%BqKG=2K^j1;J2JwekQGZD)zm4S#q6~U*V=xp-d ziAOx|P_Kpwz&&RCGz!Ovk&m$Bv_P1tJpHIa0)LdCgLIFJai06G(wvZ^^2eB`;Dt#I zp2~Y#(Z@LYNTbm&tMK9KaY=e0+S~;ZcE)P0tSm$YOCq2JQKB zBT&^8XU)Fr0aT3La*#18&~mwRDs=IsXmoHytJLs1U6L`bey}Z2W`HGf< zKAR&#WxxR9VS6z-AyV<)Emx(V~Xjgn20rX*oZ2)%#fxv=IL5GdcPegL0^WvGM06kFRSV zy5~~u;qRw$bAh2``8y%`Sx2HwsT1FABpi4L;0dq(U?vMu|7nHCw^@_WcJjcG;E=xI z(Wi0=cMj$PdYIuoadt@La^mtcc>vy=?JyA;8JRha-l<1XO{}W(VOPe;f>L6WWDUp0 zQm$vJ=M5!#g$8iLZf2N73znr0}1YV1*)Dt)vhMwzNt$Wzj zDcRWCWwmvF!R8M75y`?@IcwrFG=M^g+xE*HH>c$aYn}Kanm}Pvu|4;x? z#oa#~WEOaIXJWMQksl$zSRFU;)Ya6~+*W%SpplZ*9x3}XIVtJhIKR-c$g%**YtE2~ zOb3SG!cT$u5loA{ALmlIHWI>8J@)2|ZZxsBzs#NHy5BE?6@B9)K4TaQEiH;#$T)%L zg|Ba)es@%xfrQ*RS2Vkw*8ux^O)C>3IUwu0XZ`Z#1y-Z|vf;B1p%=As<)uR_KpY&r ziU9AHem{cKXI7$rCnG5Vq9;1+Ppke2Uv6g?$)Ew3eQSPQQ$9$drRz z*LY$xZ!>j5luxM5Z5c;z>p|-4dhn^&we{tUsAd{);|jRv568cRLQm zR1e>zvxmcDqZ3C>DNF279{!)m#s~G{sk}o#R!K|d%-{&t6)g)xpKh_9&keIV={ujo z#{z%Haj!4^W4Uyl`uCaR3jDP@og{jkUS%zr%`siKvuddp@N|(eSP?sW?Rr}F#F+L) z+4VeFmG-lfnOX4zSHiC~T-&XYywd;8Ue?NXMO}&VKr8Xw;UI}4(j7?8N6V*JvawU7 zvdMjT=jxpBQ0le@Be6*eDjVR)6Ma_|YwHe=xUB?}>BWw_1K)j#3qt`*2W~dJ@Q*BM zA-2bka85)og1g-CuETcTm^kRz^IA80NFDP;5@^5!$@?(qYsa_Qkpw~vouF3cIUGs{ zQh1WXI8kh(!dTSiLxyHwwl$9n#3ufz)-;{6d;>|lV3WnN0$GZ*dB1O`_k?L~$6m&A zI3aU-)8SUvDA&P~JHJ7>&8(TT08PJ#Z5m1H@sS#}+x+bp*to?>ZdykKXcDkWb0KN5 zLsjt>XMs=h=CxhD-!+ESeEnx^beDApSalj_@ncaRPvHK8?tkJH-b6xF zu<5N&;kV!SpWc=a0ONE==9k>IB&|JJU>%n9p0-l1X^4mUFk1OE!z=&Y_CceQ!yo=c zKTE}K(WHsBq~z)FBoy3Tkve!4MuE@!ICamr=RecTAJ9%bt#r0h&Z@_C3!dmpDEy~a zItaO+f$16}>KB>H5tOhog)kYy`O9=vH&7%Ql2R~EcGL#T1uIw%jF zO`|1m6M^viS1wQgLyWR=!B zEKLENtqHdXRo#K?fW_s&a&Eh?=SHq*J3drLNWcdc%9!OmCu%9iS2UGBb*oc^K$vBh`**8mA-Q52Fw#B%Bp+m0s4Ew`x_h4&@f# zEpf7F<jW3;guZVVN_FIO`xpq!EhD*E1t>*0`rW}~B$iljx@J55 zZ!uW(73jm;AbQP_#p*-$m4qamPF7K0K^e{rFx4H+>i>KXe(1+8mW5-Ct#g0K>rbH409|jsy7R3j|<(zKm2?P+|U-;D-mXV^mX_H)XMw~#-?rV zW^iUN2SwIvlnGp4>u?!@; zFuc$pk&G^4A&O*j8T5}8yO#6sU_rt2u_`>Dgn10FFGTj{pB*>F{Lxzm`+Qn&oUWvN zuhl}SS!l7nfo-5nel#z!IO-SdC88|9`RRaYattf|3SeNh`+uzhQ6?>I!0P6NIiiQ| zs!$WLeXt)5>1q=`yA~n%{qO~!YJJVmb#~QlP(S48leml#3~Ydp>^&AH`FDosR0_1r zMMWJ0WU=3(gi_Z`){AQ8^g}sxnDAi_3m2lv40ytOO9Vh|>rsYS@=!7fQ_Ja9hCykY zEnh!Wc(m4=a3F%YTPuN?yLdWEh-KYmy%oy;<@}EeKLUZn5gCa;k@F6Ki?o#dJoojr zT7t!Or`x)uN4_aH2+E%MAIAkS4???;FEACYPk~hjCI)Y8)GyL@^N-Fx2gALL{B{Bs z&$dZV5&uwB|Eqk8eh%C@BHxG_QO6AZaLY;~<>#*(jBn9Tr=(qs2nk6|akOnG1#XW( zEVDFvhRBazJ(zl5#PV&-_t83W9GSXz%{k17y}!D!IGQhfgW@xcj_zP|JLB=CtkT z8LwYU`X;joC9{J$qB^n0&o)j()XG&WX#1kK@{C;3wUj_=oY3!v%WURDuXu_1$J^Bn zD&qcsMSa@`lK7R{@mp*2LK&0^aLWVt6FT&s4D`GDA=MS)giWI040*103c%TL+k@DG zP-tc#5MFEJyd^Xohv5Q5QS^UZ7~r@Ad0J$lTnBn@3TP6X7KcivYH_)CI1aR)b1Mv| zkCo)^_tVrI)Q=f>Fq>kKDe7ENR8zAIh+lplQEuCK&jB{~eH=)X19w@Bdd$wIvRZTn zACObQ5pwE9(q-*8%fc8Dp_e=#LyOlnR;?h_M`U1laB4@p;sD)gaGhL z(}tZYY?v>!z#STqy+6Vd|A${7#COl$eBU)EkA#`ZTUcuMl`|+3PpJ-N;Ipn^2OlaG z)Z1iYzhu`@%Q(@#vkA1GyFP%xWw5=a7rI|@4`pNmH@VAOer`bf5schos}AA58Y2&r z`hZ}y32-phG9hT?Rz?3Kfl*TLOuU~q?XL#}-|LZB6>k?SNl&6i>GgZ`w?Gz91nd8A z5ez&pOrX*oYDj;*nL2eCb!>N}tg)_^y$xN5G@CF=Yf8s_ z-rE{K)TX_Zti)kar*H~kd6wTQwC0iGLv)^;KvhE~pe#2n-_}2Vxl#_pG$1muL*^*o zbmA}&BWfWI)vF3Ohxj@c=FUv>r$!1FO+tEd`E+Tlgpb5Dq4ssdV4G2 zhwe8T(DP9>)O_<8u-i4Mk_5<_ESGQ*Agi>`^t74CTAQtQNleU2nNWhOAq^?Ivx zHxF@>=O}k>SD|XcxqEB!BTQ1AQ z3$+Oh>$jhTsSg7G(cdO8(}LXtnK>aW>hH!ld(5Ib!G!0^aYzpakDkFXtdMhX2t?wE@a>jVPx4eQE8mMuA zmZs@qHNpJ9imR#Rc`n-mYTNVlbp2!#cy-fSyH`i5=2H4^}S~CwuwL3ebbQ zViiKL2e=)ECtR=VlxYZ^jme5B@>;v^@Cwf%kEZc(=H71D()BFdUR73=a`Qd5f-pID zVo+x~iaTM4i#Y5IBK9A;LhzqBfQrI0BqMYE-Kmzpx%i&e!>;N1$(yBFCUNr7Ot~?; z^K&Ys!wcQ9+Z&kO(6qzpSn-Br;RUt@4d2Sfix*ygd+m2^axQ&aY5+oo5O|AD*M6>| z+98F2!KQEax4pHdt=?vj{ifuQ(!_aOxF9>b zx5C2&vYV5*ywjed2c=K=IPBJy(rg?}xT?wXD`DIELh2dVG;O$zkO1B9$7ZKU2UL_+ zI-2Z#r&y*LwmIwv!S}e4HEy3PJR%FCecw&m5&QDJ)xF@}APNerrT&e7Q(1u8X1c%T zLs88nDEyTy#ZcYer9tW+Y(DNW31O@?LXSgp5-!&h8FGomQw}OlT}67IY=W7B+ZpANU97da`=y zqwfe2kcI@C@6`>!p$E7|0c!Tx)opnr!HXt{UK6OQs!tVUq6w?N^N>lQl}bw*rYj?r zeYAH95jD5WgYC~Gu+KPC_xn&YtWPWF$aaiomY%?7mE!z1ofN(09$= z2ARXlRqV0bnfu)Ioe|6k6=2d~nD&oR`auHB#AD-u)SUO}+RT5ANjwmzYeB00qnz*T z?(y_RcAxz}^Yn&eq(4`!D;^~kJNTR0rXOyng>mL4ihl^}S7qp5S%p=29p~Iht9z;7MV0%fQe$2^wqtY|zl3vp%+aXlCMY;ggLSpLFMKC)aunvaL<-YI@B0j z#N$?r%_@WuTUZ6CtZhFEcL2C;{tLJfZOR~W9*eUSbp8Eyj)#|7RzHF#L3c|J z!4(VgInB|WxxVzL=DXM&(A&k);~jnkmHvowmt`mnpFEDFUsX9;>|{=Cr!%<|GZv8+fc9Xz20^ z=jqP;`h}S$ka8`Ql0|~qc2&!FyZ9z#6`c`XC4xuBmf-+(YV}`p7R!tO_#AiL=#rY# zJ=c7s5;_RGkgQKO5c4d=5-L#3Z+NFW!X&is*-GR>rsKR#PG`Cs&CS|lU(>~zZJnJ# zInYP!po9>65gRYmK)sAmpH<(Qf>va~xUAxZU-awcME1Zy@ke&Z5fHR|FMwR8VO$aK z@GBdofQn;=9$orRT!`JpiS{%uYl>vee_^liw$-xTH{VOif%&H^Y{yRTv##JOG&V+J zVBB=vg+qDS1c>j!g~BJ{g%*NQP$tyC`xLA(S=+7NqxB35V^z^g7%aU3$89qV^(qt} z0Y7kMPq4f^&C{FChx8V^I{9@ss^AJ_+*N6rk4s!>svF49_Z&FK?Y1N?*(IfPD5BvK ztj!ltM9|HX+!Ez>`Xce{gh#ar9+@Rj^O zt4vA1*g=u1rlVz*dg*6eU`EW(p@(E$>=O@M{Ri(CfA{3#VUmaX-0Y+)6XyI0cS+jJ ztbgGQsxXf(-aAlqUJI6oIh5c?*E6q-&On1+;wjeZoHo6y(=AnuhT%CU!@SuC`0EZC zFNjT{rmz&s^OfVrg7O=Fd3@w~ENh(@VlgA+$*I8ZQP{axEK_}^csb>vo)X_3%p}$c zB59y}>uj}06h(+UB-R5*x{i6p4cegmibK&dg~=XH&l54&AOaj@k<0qj!O0?ML-tWW zhpu)gX&P$K2xXU(*tzsDyn9=hYj&;ad zxo!kY0gKe8j1VbGi@QO`iZ5(LqR~L)u%m!DvNfm-c6hF#qa?+6BkW9b&b zd0maq+{l z;y3|Ty#bcNe-EJGLl!q-;LA}44w^v8w)j(~UQJgQ0KXYRj0&7xd@WW{I=cgj>Vs#y zins5Bzcek?SikiLqgRwZT*hyBtjDaP_{pudnxLF^yRcS(;x=TUo$HLm;S`pA4`Dys@JEV4_Y1xxQzuN6RA65G8U2{jIhT@lsCVk@yYyUSK z)j$4%lt$tj5p9crc%cv4&~X(ikXKiX^|A{d)kEIkbDoHijkR0FIxU|Cwj57u+wliy z;M~{zyLX5f;2mpa&6UGR9C(A+v@gmErN!CjhtV}%(is(6oGL?C*F8ZsRrQ|oa<^@y z46&&iz>W0h5Eo*3^+BcFvifXSEs#1Sts>G;$13G48(T72FhN1EbHL2i%wTYDR( zg*Tt+Jth5LYwp8tBK`DpIAEgKd>oJNhop-(#p#spo%(rWaw|n8siNJTTXqa}lp24Z z!>vloP;nnhpKZ1M5^jXQ5?vfUK0l%ZBi_*WLmVR=!Vb&!r5x0Fp?FYL9m^!zWR~#1~X>BIg>Ck z`7U0_!Wx12lZbiPSJSkBrq9qUSZ0W*k4Gb0zy$jl*25AG#~o{k4KSa(LcVYcUAP&s z(molYhDh27FBHEFX=&?T7QS|G2+krlGO=YjblJ2m#YoAjJEZd{V4`_DRK7qN2`|fM z=W;;F(%6iw{>Ie~a%67KpRbo(E_z};g}_yKcra;A6H8lZP>I79@G&G8LLZ&@eaI1D zK~UYLuhxUYpFIeFPhqAEWm6VF9pwK5bzHih^-v)kn%y;?qBl_b0sZ4mHi5Xas|t>j zig*2Y`}#63q*z5gzGP90izz6t;}E>5Ux6-~pbJ|+l6Tew*aR+E3sXV77{MWssavV$ z>;5SS=e`JdRxlD_78vfyh;%-CwAhGN+ypKZRqHfW^{nx;XIMxz|B`)7rdJImU(Uo& zroM5cWu+lqnpq(0bvTI@aUUEgMs|M)Tx%aHd7M(i%R}TJfT%(`LbV_zzLbV*O+EBl z;j!tFUik!{0~eT3CLmm*v~> zVt33MxhoAnaLtDZ)}GG`&9><<%856YZAiHtn0(*`wgMUYNzcQaAK3Q>o{y|CGT**E;1#^{*?36&xjVwU7CY?!Xj z1jqIS;<{R2RYkbB8?PWx(DdBv#mKQ6AvEl=96R)R=z+wLZFFyIe|jP~v`5P(D7&sF zb~52EUTEAj5NO6P@j;BFi0*w=vdMTjP3Kha%^`(xFUhdS9u@qLpFg^Ct1ORf8VT+0 z5(o_3+ga1QFoYnM&e3Hy_mR z$(B`kR+QNp3>oMO6g!cq|2luD35)bT0ld^5Kgy;q_3+)%@Sh)(i&sIM!>}E428`0L z%UfITM%*(b4@i2*toyIQi{(n>GXMKxiQy@yu9=3ON88B<6(qcd@XJ}dioxeIdyF+M z^ylPcPz_~XOnriJJp7umNndrES$k=hyM;0@C9qKm@fYcsA&ARe3+N6C*6bMH>Met) zk^PA2(IE?p%sE5zZOPB(OKmUQW2McSsgYv6pI4pHk*N)JE$W|Gso5An z%P)tLwSoh)lmj0*)aPE7X9;jctf3nz$TzCDV-}-O7MK+EypfLoafpTQQ4lWGpO_Zy zDg}JKKTt}rSh)fpjMxYz4I&T;roK*m45ZN0tSQqj#c4d_=1@^)x!6Ln|<3V z$@aEQ!Q4>z#91*pIyk0iHOTxfzvt-KVUa1gV< zOE5|vJjuS?)l>2XpN~g5AmAtn442i-q%E zCkZ{(Y3B^0^>%DhcW+v#hL-c1pOQUP!{IT6wB89EWS(OE*9igBV`Bq~NO56U7t7@Z z-Ih6Uz*J$@GrFf0S&wEd{tR&#ul&yb7i(!_K_ykTlc$IN9aW23NWi_-^pjMBaz<;K zyW7uLc^{l7Mtt3+g~iuQ7~+Dc!tg-ecJADR;DmRx$sD^S-Um79UBrsULtD1t_^}Vd z0Y|vz|LV~6sttFuvjHFE)5GNO8%gFRT_at-F%7I8^)!}hQkpNG9t5X;>6=3bb9OF6 znakwQ*cfGqL^n~YR3E%@3(EzEZfj--3J`#H%J~#9t_r&sY16qa9Q&IpLiBrwUB{BL zQlg>pGjVfM3OqnMvB$^0$tmG+39O#YJDgs$;rjQ@ymlt%R7MvTaG_j}_N~rgNNZuz zUhhM>JM<^~->qa%GeJk3Xi?OM3y03Nm&EGzsm@(Ko9j{Qb63cY7W*9nq;CuV0n40kd2IYvyP65sdx2irunqZ*(S`Q|mYFB8Kna;s@L)=LpnlM*x zQR(LNy@3-~I-tEeDXx_tUkET8%hbw?X%fw`MzMf}xK!~XDYx@CXw;~n4et${R$|Q% zf3&W02)en(YlUH}LwrH?Am>#~jmY_0e7JnmXKM=xsFafnvtN>%2vpV7%>PLd>9w2v zw7Y$X?piR`fs4e{#c{<;@WwKTx0yo{myVQJ>ozFyn;Y4fq64ChO~m)V&An2e<2NEC zAjEHjYK4vb6V8{NOn|8Yr+SA5R$QFkPiP38Xv(B(0b@JCNoBtDvb@er+fx^;a$4(faL z9>yh!Bk4>(sWb>Blf0&uy^D*mt55Xzmr8r~>Nc0%=(Z!&&;n-@%Qv=;pfj|?RiwOj zfYA80xs}=g>AH`L!@a)yY$$^~;+V``kpd==h zGZZSC5^{H4=1=mT$-z-}$E~4jJ31$HZxbG>_}9k@ zA%kLYrbh40ItUfwGWexSe|V`H1s{jVOcH%A$)xC1mdWvdh7DWEzQBgOp4SPd=04*; zD-lQ%JWK~s1F$IlW&8F}1z}})AEp1*7`!SaBg>KR7Db?mFK?ha#_9pBFhJd{fDx+m zmckrt($JBv^uS}AcJB0#)A}}-H0Rup$|$yQPI*(DsCKaWk&vF$7P;Lrgqew8^|;(| zb$kdl>y1g90oVz(&?C(Jx8EZUx=2C0jM?;#D5=&h3CUc9L)RJ+p*dGT zSzux4mf(>oAUhX^1~oJLbE@)}=lwW}Ew>cOnF|ZXPP?_Q{`v9j`~#cjrea5TvGqqS z0td@+2BBJd%f(`Y&(iW~hshy4`sZhU6-U?vcF)tjI5OyTCh%K44x0Z3UFt*|%YEh! z`AHoa{Va5PU{oCh3J;|c;g(V4Si^+^!?gprELdhReZXh}4m0dKneA!=WR#l?=hUg6 zG;+b18Oj$_akIs!?Wjxa?Y%$mX&qWw3)}=A*?T-n5)!{|!pJ6;4hT%WqM`kxt9?=@U`xe*Ps!Ou=9KH+BMkUV z*WS0deV{LUji-!F9F*|osq(+N6w~v)ZW{IumJb$A#%KrVJ8zJ4bPtTw4 zHl1d__MUTjy3}QVQ?y(+P>5@Nujv{C9J?@opa`_XSfu8*7-C?0`*Bm3cw^bFtv?&mAd|S8loHIeyQ&fEu2k~zrv#=b6y)UwdEJ8 z-qGm0%k#B6`SiD&v@kSf5+AFXo=Ra zHs3@rhsb>NQtl^R<1obVM7_mtU^ChfyyRT}t9{}qT%Sa-aApAk$p$h(?sV3HzOLn8 zW|7nCK57w;wHso=_l(r@Ke20TWz2h}X#3V30#utwc%MHZJ{7n{UjoJc(H2w-D@G+~ zPa*GlM%#Ks20rFfL*_jFJ=u1&hS=}ihol!dBDc;4+xt44n zxnnL~eXjX4=7`D-HgTW8g_k-&21O;Fhn&TV_RCI6 zVw`HtkIuDLuJ=uSV)hl!qQ6|@$No3fwK=hCPrh;3wxgOpaN7SssH0G>tU-o*QH1aA zF`pa6Kg)$~4enayPgw@pN-dquk0%VQX+7!!paeiq1Q^b*VA5*DOI^*PbBHP3|E{yV z9~T!lI;%nRtS-3^}Av-|}JqPK%l zYXehD^GB})b{&`w#$TX!{iI`75ho8h~p|S z>Id6e7;S8=EG91==rSUq=lE}TpF~^qh8f+}O|XwVHQA+;qH&$#A;GEc7_4HssPm2K zKSRyfQgQ59r!`h5SPL-_^A#SByzohQ1j-Mq&oQyyO;W=uMXUU+PE(znFg@m#aDFnL z;_&DR>cqpqj;zZtyH7!R6kW30dPKcis-pVKn7%Ikka0o0noK+OdVLwbOMd>1<}w9c ztBM$*h=D?kO3JbUh|VDTna`p-xGn0WE%-V@hgkXKQIqbujyG1~dtdJ}M<$4OJKH-W zBgcOCOpn)%`WxKIDw<6*ZQLKFF1UGPkFyO~sM`r%xpLY}^?l%sYH)DcI4P|q8#)pa znSvzmX#IPU9Se_?K{2*4S>j^RPQRn~Q9Of*=3WAEV#yY*BsjdFRdrLk5pi8&=61sXO`FoP5URvAR$B zPw2ui7|8QDL8LP^0)=&a(o5P5-x`n6zm9Oe{x^Q^FoF@$a1@aqE$A^UYM*CezH|=O zFK4C17~Qze)Rpgsee|SN$)E3KxQNTS9Q#qaT51;(uw0|OcnRAp-gwwL;u?h7`44@s z>sPds_PF?O@i5&VR^WscV43*>wU4u&=oG>KqhvK4Apiy_|S zgH+4AI(9{7WOX$*>Q+nStlgM}!zLmkhFP2#xpPF+&b^nYZ z_1f}4A%@faJkC3#OSQmEKp@YQRUlbw(}ohu!_g1rFLE*4dCpNY+p%QREeOiNm6Eig z8K15({D|-}3>4mvc(7OE81!lJBA&<{6dkNv(Y5!d;A5rde})$;{MZ?0vSMcW-fTIu zn#X^5G&|zad@8~8eiw+jneXl&RF!_<@Mb9%;a{i~!Qyqk3P@l^C@WC5rsCCblp%w_c zYwO-6XInbC>KO~OaDM$H_1@O-+%>x7T<1M637zB?r*P^6RVOkyzGV3RpCa_ppyIdj zCe@RSC{%OErhQ8HGqn}QM=5K$l9ZS8E+wuFGt85uEWOU#;?%+G34xOqCOD zX{{Uc4!k!W1&rk9^Vj}pEiSw#E)&sZF=(ilnbH4=+4N#jpMpA*{@vo-G?vrmYWA%r z7YQIifH*1eEtUa7obd725l@X9qyFmnZCE2fI|-1T9EB+~cf{THhWf?(kZ_n*}SgFPf54`?^0RSNVB+h1e(STr7$y zt@4gBP-xF$MX0RT;z}08KOUnO^R~su#JXcX=RnDsKfF4LM@iyr)=&E9`ij@x2v=LJ zoZiJl2LsK_Q5ovPuSC+>jJ~Sb7z(LrTNRS6{_^Fv6-|GmX4F?cyyr#WC>~Oa7XvuX z$L3v-4Ls`^Y24I0XX6_+@S|&!`zRp==T8A5FI5_ed_{U;z1_X1@NwqF?V#OWnX1u$ zU)eusIdH9{4C3XZn+Mj2D#Ds6nEMbw&w7K(La8EUW$Ne8qNsRdyys!aYtP>(29Ksk z2(g@pis7#x-awp3fOjPIMXch;{g^j=q5tT$7L=(}?G+Ah6`btc@4@-RdwDtf!uk{q~j@eRD|Ls=^2;l)4gofkFJ;}N5t5(cCG z3`Q-$eZwBQpgZ(grpDoKMT%K<8>MSGKUq%g7}dY{t1oHzio*tte(J>67x&KE8OltH znhsqU!{?K&vu%d&=Q#G!$ghaLTmI^9Z6Whds+|HaL&;<-s z0sOEJ^pCy5jWaZIY_m_zb^fsK9+&tV;PCE~!5mXa=dLI}*v%JNYW<1>*G3M6`(xaQ zJSn_P_3&k$SdzC#8~=FK0(2Pt!WAy_ES&7SHPOn2w!=cG+(|qc#siQL4l#^>9 z(b{wEt3-Ps#1~$tE&>FLWXyU}t#=XhYx$j4P@o|m3*Vp6L#2ig{ag{e5YcZtb7Mlv zrlt?AF*|GmlK!Ec5%y%rlB3m*kr6b|?=T*?!v)~I43EoWSXz~oY};d-l$q%T-EnU< z6XSgYSzbPKtN@y56@;YMt)xF(F4NlHrPev>`oJ@UU}!z9Uo3CqH|Q7L@eD1JFjE_^ z(!Pxo{SR7~ex9S%@BRIS@f0n#RS6=!XnVd&PQBmcZ+D02K3EynOnv9~`w!Y?)i~XH=%>1hqwOv9 zgx*R@bRYV%$YYzFHu*Y-?X(AY4I6G{vSAhK@}@c}uF-9@7YatH@d}l}05o0(-Mmcn z0gEDkA?PfV)$5v{TnKRsJUUqP6r#N%5-aQ`Sb*H<$Lg+)4p>iZQGG0Ss^CshlS=ud zz^Ol!v*5iVQYO{1_3yibFWQ73+iWu>{w#K&20zI+)&k;{Gb~K)eyB4bB)K+>)Wlg(2tB7YnBT} zCx09y&f?z?|B29MkkF^^?M}VNVSwF40z-7+_$&!jFkOsIjbp1@WzXN0!3g!3&oGiC z=vdE>KRCWiI&+pwqvoH6?=RLk0U1R0{W4IuwzWAm1yw3Qxx)}0eE7!C90(FyOMH2A z9X@|qZ~tU?_>AOx&>Lb>i#>)}`8t!eI|elVc)Bxamf zNlP0XC4a<*=2;D69bbwkd|E?K2oSKQx9TS6Ar0}?RN`|s{ zh1%d|ovK4xkD%z$-$e0A*O=7Rt(W{h1)_CW2dvcoq2k4JXgU0g|GxPu+vq8NZ&*4U zq7a#@-rhqvU6y@UX%w^`WM~8QDtZnM)v5vKzygqU*kju3;iVkg6i({zZy1B87YU#WUfoK?1Xaq3MuM(C!=~euW!jQ{1pk& zB4joH=6H(}W0i7L#T`bkTCCCfkMB$l{s+4!YbN9ah;|8ak9+!8UX}*jQ9~A6$YlGt zx#s9ee2CLeFyTBOgS~QRFubwE(9SG;R$hn}_l%+6ZNE?cZ-SO;IjNppc0}YC@}&KAV{YOA}t+5 zNlLdg0}3J~4FUs5i*$F0NF&|dB{g*4=S9!a@7`~%d;U4=oU`i`{F9lB12)Wf3@hWKD2^#yY?u2oEEhl zWj%(Whh?4H$Wq7e(}EmH77_+spG%XrAOFf6S6>GD$|e~2=u}VzOTm42#-6Dodkz`X z)MfwytC4Oj$k)v&1Z?)r^?&iouRuEe@@yQ}*Bkw%bZXSC>NHWW6YXufB13~`(q(Un z_TcK4bH)ar-Znk}a2Q>7K`-84K;lLDnLRWd%dHyPm!0+sxbf{%MNLyzKc8zE%)_tp zZ)OaKT@sk%dJp$2*iSVVN=ccH{i(p{Dl=OjZ||Vv=&0wxoT1KT`1-&8!Z<&WvU6_* z!hij4HcdcOTX@qoGL17E`+d~htrXy6Dev((&ONK{fDy29aB^G!Lk$CVT?}ly+N$GW8a)q=3TzK zN0duzR)e`}(XucJzSA8z0YAB4TmNgY0}i_Ye^HWSY+u!f_t??zFM-wGr}*J}{cH+^ z_P=N(yipyFo}^Bx_dWjClHe#2gNrI9M5vK7Zl~Di8VIZKKa=?de5lF$X5)XGP+71q zag&wPqLwSaCKfEB%}8D{>|XitW%2Q1!+yv%7se$_;S@gu#;VUf$n9SbghOzT-|dF~ zvsxVRLY$Dxp^*@Oz2kPOU!p|9;@OG|#J_z{0MI7>MN5-kC-;VepZDqqX4@y^Rp2nV zuL5Nk1)+jKYFovhlX?Rs=du$^q#CeCBN@eHy0$OmlMx2rm}zoZKId?i{?~jiesahg zbk7X_-ik2!gFS94>CB(aOJn1LA!Y7w!7ohUQ|-TZ<-%4l0e2&%u5-Tc(=+Un_a+O& zB(I+R+BKBQAa|iL2b0loLZJH1Z=>q#dkjs^nxM~$&m=`_=-X-;mJl&3BY>eqyxi{jQVI4m&M zeo^<@a7v}KLhb0&uul~ExRl$W+2(nSga&GRAhqwl1}6*CW*Q~XHxU6Rva{DPy3^d) z(;E$51w+qnbvunFhFP06FKHCS1bI`c8?U-efDSrMWz89|wn^Z0zC{ww2zW<59P0Q3H_4r_MIV}D z2p-Q&Pd`6K#bhnDE4R`(k-0u!*fY{-3pp2|{Dj1Gp;(E;!o~B~p{2Q|xHfLgnp#`u zPoK=~m1gaDxo=D4Ol>hpy|lx@;*6CAqvPAoRtN%XO2Aff&)fH(rbsCGbJM~@W2#D`qN5Su{S(Xa zYPWKEba~0WIdXhlx2iDH5DMY);ygCEkWgc)grS24v*Z(UYuKYlkFFCF>vQ7YzD<`T z8hZUGl88%sTFz3nA)M-V$9-CfkARL%{^ZA`1k}0;rD@%<-SI4P6-#ja+mu-N0O+BYO2h2@J=3XOn!T#>@>mI zOX^pp;ew6f>KhjKfhys%0)@}M7^+B073=uDP6P-NfB(f-ynNnD410CtZ;cgm zK-CiS!s>T^x2^D$6XFxC7dq|JIC8vYJ1pn|7_O2AIU5*Ei|O;tZbC+WO&JIsbKDd? zKd-Io^LeN>2H*TFY7VFX>@Jh3E59HJsR=qJ^w<8#yfC&mh>Lq35so^z5*XQO)2c~T%Weu z`5tl&vddJ^A=u3a2nq{{Xlcc_Wua)yX+_Yh0J{~z=vY@m7*Zaxrm%rH;=Hxd>~a$O zKePw%vu@c$4+^VkxVVOl#ZuDPLcRS$y$NaEw=@@iO-EdZmAzhOs@kv#$}%3v)gy$D ze4(eNu1jC6wTO3B31qNmfs@!7wcOeZr23s5gmGNoi7!5`9&QNaaTrO7n4=}iGE&3Gu3gOPX zXJihh3J`p%QxJ`Xl`4T92&?TvFQ-tYt{znPBv z5tib7Fm0}&;C6M_?qEM022aD}gA^1UP;6!Cc<|)nZ)?b(criq2+AO;GI@Vh4zAU%&8z%W8+hbbwWYJ9YAhi zR3I?@q*L;5U$3hx5^U4bNQVTXd5(KP$I|}sKOT#Fb&w60&S6JrRAg_)!z1Mq8vGX3 zKdpGxx{!b{F)>jBr6)wI5;?ttZubsDwR=W|{u_kJPy3Er-~a*Nf3Fh}*g|^Ye_Qe) zB3ozVHOa|=jMYH0P1^I59}puI3+5|k%bGJ`~>=NioaiWX?g-NA-YvYHY zGKa`f%f5ZcVU^qx!-DMGP7?X{?($6cc8Vx?UGUAwWwD*5zN{*1uBl5UQ`^fH|$w-FGL-# zdm0Z_s-0IgfAXSk!9VI!)gc-9`?~h~sVTS>!?UeXx=r1wLZhNS>yk_DU&+)aZn@wC zA-=0cP7R>Jw$`|q5q!4!a7si}Jm~o7AeyljJXGC0hB`qku^9*KgR$0CBAY0GzQ@E_ z$RbI@-gKG*qdxk;#gtf=FiH3#5lk+YNqRzDF_T#|>{j+W*4^DA@5O zJK1OJ-s1+(@6nf=yEZQE`4iG9H2vhrYh99PyAZ|g%$G1kB2*c(RsLa1RZL?H4u^{^ za~34o=jm-{zw&c^3vxM@FBs=>0pbDrgoPDx@81kKsICDNEbHJ^m-D`AU0S z%QwtK;$E(^?X#S|_x^NLZygJRXlI)3oEcEDyJPia#L=5wY-{LZ3oL=F=@1}} z=6=<8~dv?z`!#hpXkz9i+970t324=pD-HJ?Qu^nO;>rD?ADSjTYD5^&5tgSIVgd9 zglnL-k`#~VR}wGZW^JILAPcR(OG+dEMQ(j)ON`b$lE?7__fZQod{_$gZhK{fE?nKx z%lD>*-`M^)52qX8%45dXZ^TcFVUjA~&ufDjn!_1THMrj3B0`8kAL?q*!Om*9bb_$Y zEc;QE;6?|ydLj6utjc}bjRQIVB(d@@k3g= z1A`G`7$kk>wR|r0t!Vk9%lJ3}Ah*k(eXsQ4UO72;7HXOAy=3#8SU7#~kZFbd{`Ru0 zCZmSSRw(z$A>Qm(@-ZULGiCL}aq{9q`$V_Eg;je}WSjtYs%lBDj-H+fWB}wlFh{%bzXxUr*Wyeu59}HxBo^3Faes-09QiA3Nlx$OvaXqLvBV8=>EFIz z5%r16ZxHc`7H}4iW|g>WH~xf#Q|G;^{S4vkje!00yTlq!G#tW~I^*AoJxhJy!(&4* zIOyv8 z{a3Jmn00>+jBp*z)A#o+-sU7>9EWl2psiZ4FmoDC_q6NE&2Y!)tDNj|%r1GxR~xJh zmsmDu6g3`bj|Qt07!JIqS#%G=MdNZw`I%KLvnm&vR+R6oaLFY5TH)S0I)5XXSgWR2 zeH;cx|5fG_pVLs`V$mRCNp@VVkUEZJ5i>2G;OopX8!OiS zk~E9nk!{|WPqMAAqbkI+J{OIDIG^A@LrpC%@u{MsQn7j5&;F7wW8J>QbuaC9 zfmk5U4IunTawu5r%v2kK(H+kl3a2S#1l9T7j?#*XVAhWuT3p17c^V$5QLf`PFSCw_ zWDCE=VmR$A1vhrwoWEBz>fob1@N%L?C_XlydpZ9~GJeYEr$dWy=7RV2Ru7ePYtw7w zGF3T{eYA_0)k)j{`E4DG)+6sTVL53_eWk*ujvc zDP}!7Ngdjl-?HI~*%`e}VKw_B^n`c&^InW;TY~o59i!g#Kq|4YNU4lM!ycy9uC#q; zKmW{e>zxtX#(@e4!UZrzmMSMF$9}9&D(lJ}Yp?Ds4UHK4(zWG5C*`lHlw`~A)lst= zC@;y6G7$>lJF2DLn`Vql@kP(wkVn!XFG_h5V`W3^dT^eY7$hv^B=M5De;?8x~h zNgpCa5cqsVk4PkokwcBQ*6Y~jpt|HXzf5$}5YIw!cLs=fsE&%uFbCrOgLp>dh5757 zu1*mL2kbH%GwV|EneS|emW!f#POL3+il1(LUmu!RcW%YWi;O2K0a#sOTxV`4<2bWt zdBeI!_9Sf0SOh6^1v9-8N~b6yDOs5Rs$%vT*Bk!|d6e6!FV+46Dg5OfD%`r0);P}+ZveXO1*Q5hY> zMci4gPPj0XD)Ri`Tk9X8#>cUB`$Wu6(_g#LtkV%`LN&Ox(66M@ou#5x#?QLDn3gqD zG8Y?;G%HaCmR9j+Mt;Dn=>-4CtB2#Su@ zE*xsC66oDvC@0r&*$X|~Z%%}17awb!uzDaDlY)yX4(=d(YP#08hfJC2ke|n_+N#LG zbmovq7Q=?H3}ox#ldC+tuKA`TgOB?rbM8I$Y?PHcmKrQFGuvD5toh_afA^Jwb<+v8 z6ox*s>h3~}E+gvLly3M#mMB9rtVZ&BCBgu|q zzGP-Gtsx-<+Mhif`ZR2#RqbA`FeiCRD)DW!wd2Rm)5nV)NXQ4zCD~pgacom}A$Z)RYp@H$f`0(okQYO@~ z6BzRRK{;9srEqf4uRW{J+z7U#j zgvSPvppFf23w=0o>CAKY4_*)EkF~C@$~=0M%&(01tjuPa_A2kLtE%J3me4HuQ3cfE-?`Q5Lcl@|_*t4<4<*+Fgo--G+Aj!{Rqy`9ukUXyNcF3u>bUmMX= z<6BGctinTYZY?Lh^?cq;ga8q!S``t6-eXV<75_}~0Cw-%1Epa(`Tf_pN1i25VP7Tw zQiHVw{^z)8z(WeV3U3WxE@Sp4^){7GLG~x*p6V*W8t{r3Eo5WUvO z=yuZRfHLFV8Oz1gl*o)eYeH8N=Hn0mgPxm~Pn=&ED)Q$L=DRjjD1qdd33;8Y^c+5s z|9)X6T>Y^b|KbFVdFNzE3{TtRp(!em0@@~XVpJG)I55e3^VXClLE~V#h^909<=b*L zgbfpu_K8c$S`D7=uI{%MmRM4jL4pSrn5JfrOxh$9Z(8%ti#2%k#nrt9;NK%z91DkC z4oER=sKcl4u2!{dE=Svru}qZ$z(4ad&oN>$s81dBl=o;;mU*B*RaUs`hp1a{Vb_}| zVX}iP<;$Ys(|u2;;uKaZcVe9O7xXbz@Vjhug7Z!?(<)WN(Tca?G|-@hAOJw z8!9vj{yhJ{U@*}O?YunzPp6!=$7eMgeP~v>71k2LtO(R!bg?%BIZv?!cAW9{#}aDv zqRFVs9I0}J1DJ8#6K+42x0n#zcWde@uiaR>LXwc^{-qduy{oe5#9+d#^8GL6dv!~* z%FL)6W(H4hN zu5(*ivX~MV{F&o}l~9zrMUp+wPJaT0M7T4^Qtq&9@&tbK%#$#UW__q0+72mpLsD#T?<9pSu9iowPIHC_*}TaCSk+SV#3h0aRY^n8 zb#ch^uG5Pza;e7DOg7>w;*$|_-9PLLbA1rg7tj2b;m=Ig1tN zRqX<4(mUfHwdH6|2$ZbXMNJRr#{&E@*Z_>9Q20P!#)&mDiX%_IdC+DlQ6!ieQ?t=V z*e_|mkgGeZ8eQJ==J8SGv6-}IN_A?nzH(9P24K3Z+pooWN?3#uU0G;SuP4)R+Dj^5 ztMN$=08miHe(ZP$Wg1Z1nKaV~KMCJqQDa#w-)IYe^7ed$R(`pDmh(Y5TRo4TO{c21 zK~lBBVs|Pvs|r?sne8e}&1s{xX!@H!Z;}>& z&8sRrcYKBYC75V>q+Iu zb+?(0qp~&%{qpu5Px#n|UwNn1`5k>~SDmNHcUk{Vj7t#WXMf@>+kfzFXDotSqtnj# zg4+#Mz-+TteBL;RJ=F+kEm=uCS*Ylsw&qYeGX=Bl@~fY+dN!Xb0F*$;S_u$9!^}6& z*zBIPG8Zw%TSX8}xVM3c9!r4k6PM!r6(WcH&x-Q<*_N`e&ee?kvHPl2__;8+ylTEf zlsH=2d?>xf8rhpgTfz0t<)WhV)YMW|)gv?9`Sq&YAE#}mMB1^lR5GRlJ zipF#nI(0D%aI!gPWgpdKi70BZF#1pyqu!=B*mx}puVR*`xUnT|$DG5_BWa4G_NDg& zP3sj@1A|z5MXF8p(J#H9b9-jSGuk!0C^_C=!Zkh!tI850WVg3MwB0VheCu&Q$h3~g zNGR=6Z$>y>=5ETR+nkTHUWxexwNZ^ClP-B`ZqLd+KIeVwfl`wwAz9bP%Qg>6zcH%zYsFq|Cc1ZPLc7Xt|am&WH*+qR~iDd2_O_CoKXTQxjb7GkZm|-G~<~DT{_y zudf_MR00bv5ol^L)V;{!Lu;Okv90zbbJ6h*8q7DKAV#Aqtyi2J+}@0XIJP%kS)2N0 zU%I-sg643!u21=XQ*&pr#mX2;;kd9P_B*fhf#}Z4$jlF}l?NdP!=7YKT&v|q3VyyH zevI5w@@FyXYwFLL62H`gTrdyvMP zxei)!>UyM~TGG$~M~xackf z5{$eHpM($~SgU%dn*V&%9;xV@N^x>HM;KIU6pps;^g;$xQBluSlzcWjHi#47TI@+e z7G-vRe)*JyWuGGznIbug%Lzo(AgBA=RlfUDJbQey`10M-{gmSXp6j$zh3_X-gTBZQ zs9-st=kL^5RaFX&l{MeU7xg*LPk7Fxro=p^lbzwSj+a)f+n@htAyZ%|9}C3Rh4Tse zqtZTBr4K{t^HQ57g$HRw1FCi%-!1nSqFWYaJxEJS!!!E}be9zJEZsBDSR78+Yul}j zi?y=8ttTtR?E;dE!A1YvoiAWD?kCr-_X}f>5DUTva=7QrMc}nA6!=KL9|o;*vw_}^*4u_5!;c_@B{!2dTzG=s5q6yFeh~LyT&YAlY;iWLRo%Ji zw*;lto!^s?!=6AyCcyOicV0C=xd65Rh=>b^Bl7vL=!WGBsRdnH8Q@Grb`x$JLy75O zo4ygtG3Oo8Hs&@0wWC)Z@j`lHkJU^*XFo0C?IQe`pFIPj$VMZ}fwksVok)H8ck#Gr zg>`ixGCFDWOKJ~DYHW1{N-D(4uoAA z+FvHSE?4>UC`^~cTpR|@v!0-m6xEL~&z%ZBQRlokF~BN~muuZw{JC+)<)|$f_-P_8 z`ZiIS-+4?4x0lK^=8;@xF~cBFCWAh5-r*zP_XWX@Cw69)g%3RMQ>BoC(j=J z;ii7fn7B_jwaZTQKvR}RRi)+BWww47$(kc9C>&$Fd5Sli!##LB7^*N|03c7nG|@4L z1t+B4BHYPeT+KUJMe)xvC}|c-^-PWiU4a}xA9#Bxn0u>RR!{x{VmCuBRVI*Qe#LPm zbZe=%aRU@6iY(*xjXJ~Cot{LpG$RCa_Z_Rus*XETwS_l!lwa1T#5z+mR2_PkZ!gjT zcnJ>|)T-3zw|f}>EK=!fc(4C|6~i;Fka;q-B}8L@^0HQ?>Ft+*z+b zQW*~^d!xn2aqv^!azlbG^pLRw_7}UkMitDkGr^2>MANGDW>HsgsW?`U%zjHg_@`D1 zN<9!RT>VP^Xjiqd?0JvVbWK*d&o?qQCV(~Fm%gc!q;?29uQK9>gVAUMm=As z7^*h40;v_?XZ@@AKjERRbLER3bZI351JIRj9ugX=TL&Jw<+0z6(8rV}YFAjV;iqb3 z#c*%5bj>dP6SmnOm&_&VHWSSnsTi|N4lcEXY3+evRAPumHo3`teQY`-F(e|wKq04- z@ZqTAPW1hwFa$EJi0VU1pv$7X;>}yUhfGj*-zSqj&dj|Bh(fi^O2rOu1h4ix`)}+g z+vYLPUgJU5?RK+tsc~1w(^$la%Sz4JbJK%H!XJCQtO=>2=S@5A_euFXu2d)c8UL`d=3Ocq)VO4d7l4^IKUB z2WMkn%x+9UDS~0fBd&On8+!oW9jc5c(%l_(sgJhYXl08)RB_^UgL>1=+MPS$+tW1Ihes@m)7DwnUQ>aD#1)6Jj)d6Ym60+Cky6pqOS%3B>v$8+y) zCyLF{>p8L@sBiJTe6x_Ej}33573Xo>4oS-_uX(Z1Ykix|^l@8erj7-`n4-~x1-c-Y z&9o4%A;INbx7j|)jp*z$x%h);?oLMr4#+pCDd*~V<(mv8H^5T*)E!5RPm+=6d(t#k z-O1*fLg}JniQC%RL1l3!EXs_@B6hD&0|R9<7os^E-(KYnu+2QR)|&%dPVC6@m&^MJ zuF@-I^IKzQS2`bLzmXO79$;m>ckhXomR3uf^zr@D7e}VAJDtz*K*SNWQ)(3w52?H0 zYdV6#wW;@yB~OTT{4t$;mRMC&0avvEWJ1=zhtHZ_L5%jq_61Uqu?%e*xETS|FCMdb zr@*k6JMMko29FsYIv-~@#&I>c*;7NWu)PPpxxZxAu!=gor_E=lvAN?U%`p$b%3#5sxTCb}z6iWT{j1`QE$-@5!J$+25&3bSN;4NAVqU?y<=lCsj2c z?@R|X8FVsOZpkZ(?5ya295X7-h?(U=$P_W%g&*CGXNUvrcbdm5Zl!d4+=^j+Rijm5 z+v(%eAxzbQMp-!b4X3ZZwNtM*l(sx^IiiBYhYm02 zntv78GwOYqs#aFWeKI`%et44WMOApQsW~X2;zIn+>Q)$@qDkoLF}KQa_ov8BUO!L* zzhm~hVF04H;5$H>>zOg1(&C9CD7v#YykmLKnPN4gXe_WX7#`L0X0!cGvU(xQs z)M}BeM-xM4t+jEIdW+IYqJ(=pRVP$xW!8^QObT|V?1nW7*cW(gZ0;av9ZrrO+0!W> z?N0e)I-9eetEfaSgb_s!TO2Ig)3Mm^e+drSPu1eFuGuU^nuSK7T0@e=!iXN2%S0i~ z%0`UslRb$-7q(wHi0{u3%RWv>dpRE%fY0E3upNq0LsdjfcW0cp`TnVjnBfOS=k7wU zYw4T7yDGjL#}~*xvU%}1_s+#jt&S!?fAHv0PP={|go<8>@N&{5cxXY1JmaA-B==__ z#c)-o25xPSJ%cB~rX2~MoC}MRrGBw@Im5sMXN|3FBOi-&12SE=4)GWoK+tLyV@5ia z9rsjsWZxzkyplwSw)UVua*-B>>Z%|~^wDf7%14TCBi%k&tv)f$X(7cmt7LW&mKNG? zUnh1est#G?-HxE#ig5r0JLQ$irOf+NO4FLEYnK7G!F~j#nwuM%05G=SgOeBdWp*c4 z`SfLiVh*v9^an}qQI`Xg*`0z+b!(74C)y*AMIG;1cKLajRV|nR?@i&%_&UAOi-d$^ zc2wn(Qy_jX$f=fq*Wr^S z0y9jnrejM+ejB^Z{LC6W^W$b5_zxGLwb|kGNT}kWti#TViFaDMZ~dqlo=TYnl!Jc% zI|p5v0g1i3l3Vcci201XVlzm_;~~sx(^vN=;`L)(XtSzmP`A}`iVb_dBrEN{*=S=U z^Bw0WABH5n=zWI<7Mdzsvqxd?7!VjiH~F-xcNChC+~E(=XbS(mazo0iB9 zOD8!&U|MBzN|Xav4NuG3C>NBpA}0gmuQdd?@m)yqJ~t^A%ry zb>n5v4+dSyt;yq`KWB7Wqi=co`X0%oDXhEPrBI6&E_%V`GDCvE>O}NfJC@ZHN_4#` zAmw^33LGo$$n3L&_@Of<1G)0~yD56Dx3Im<4@qyN@eZznch-pq$f5&epCa!2`1>=o zOCWj&OPCA#bLMMTLB6*&#o8vG9p97ajOj?JgkfK%{Li+?Xvgr!tZH#$sN~JL)a+O! z*ADJnApj0O>YpH%M~OwdlW66`!-(!N<(RSWDwh`BpQ7#-8V}qD!wV7twZvogeY|Br zOp1`SitlvR)71hqjnYOcj~V;u`H}3G3ChuV*;QQNvNW7$I43~*=u*{3!ai+`{RAhV zqaRwW)H>bWmA1Nog{A;Z8!N3RQusJ*fIMD<(AtECB0)_qfQp8IJ)tx2jHgDJc8Uy5 ze%S4o0o-H-nItEYqMOW6*BiMpL^&h=!Y>XOdduHkdm$Ry13;~fdvSG`r*Y0LZ>9<2 zy#+&YlBM8`=))_+wq`JU4ucW@*G&{|DQO>uY=cu1TBL)Gsz7uI5&BKg8-)kU4u5n$`OAs z56vRNcYt>P-St0_@W?H(K^Itofs)z}J!ENv^Ua&T=d(axrGUOFcyk^aTsMB{^s8?F z?W;`Kvl;#O`Hl-}E>(h72TRcMaR0^|=|7z-pxq~kSBf$kV$ zh{<=h2;A1l^~Pa~fVL4rsb`SA_^0(0|2@<m6&Dz{hHev=xn3mo_dxAb_rU_z{mXm8(Wf`37X;Xkgt`q)UvCQB~j5)!PMKg zfm!s=x6PqeZ*;tn2K4PS&_b_%{7(z5K7xVy8)32jL~I3ICGXHe7QqK^f8anD@$2g~ zpzSjy`_k=bh|>w9031dhMQTCNwebI?Fxo<`*eknCoc}KKtS!`q^$#Z&4oTJeqkD#J zK9GrVMFJCJ>ZP;7-tZUo7&JM{d%p&Qz(IS>PF+~wU-5}7Ann@Lg-S#JOZ_5roPPgp z%h9mBaFZaBJjIBw(VfM~o7_omTo;-?|G9R2@X{u>Bt0(mQ;7fU1kp`n$p4d?x*mXg zx6}|Px%RJu^6Nl!UJ?tv5NMNBVAF_4Gb~#FNkq-V0Z;QE9`>*Gy?=PN8C%lA!a^oa zz@wq_Wj^>S7;gf$&oJ&G0a3Yn)uOC>zN=D1f+J7uob4swQ^Gq~<0+(l z0t>@KD+S(v6NCE>JmP(g4x+@i=S{x-59DU3ubb_6U-xg@cLqkQSyJsqh_=&&4rd3F zdxpC7UCsX>QSL?6=}EU|!a34f$p_g|sq_oe$VSh_gC|md*;TM!!EDzV7+k^JdpyNG z?vzyyeZTuZem|=kjCg6v684FbG?5W=0M*6HuZeSieLnlmjW+01T=`ufP2jouA3qFn zcPB{L9R8Xb#BTvhAFtgwZOIIPLx<|=Mo9J_c*bsPH+GF0pY7S0t`u6Qux3#44CW%# zc7+1({$;PtJ_ zkV4l8hpJn(pWESBPQ)KebP~jQL5LJ*fLM^U2wwdRO;Y+-Q$2B%=*_)-e1dU#3D{>6 zGeTPArznj^`tA!`reEfxRnc0CVX(OT?zy$)Q=_@|Q_N6p1RZtqtI}AYF8>2v=Lg@WAk1XUTkIxb8nrvnS zB^tw+#<3?9>;p+J92dyxYU)~__tj}J$CXnyz5oK?MH{R`M^ydn2BwuVjx-C9OiVJN z2K76jY1J#`?AaZh!xFo+QS6Ygd zKj^G%rP<18GKbnFYF1P3YVGdq*iZLawZ zG&xIA>C-w?HTjScGlu->IWa*ewRJZqgSMzsk0J{^ilmo2YJcL;NnP@KS>@LyjT85% zH0Y4*LFIp)k^FzPDzC8~60;8|e>FJCdWtX+BbH6Auus_DrI-pAqtai^)vAvh>Y>`c zX{4W?e>#uq!4n9>_`lDh;{{_x?7L1~qc>pp(*&+b@zvaq4L76q0wuqt*!Nao?gc-& zB5++XSXebk&AQ3UOf&O^)}&EAVW97fc=T-2-zG>2KU;NN#|As)sn0W!S?@R6>FrIcz$)N z{ssiikN~8ok0&CRb;NJI+M5;8cX`-B11EkJTi{ZD2YuwaWwd!1lC+O7I_*V#pbnjl z)cc~-v*Gx4Hoqo5tY`2|gtqYo&rhGPy!8z`o+Gds0CR=*D9F*uN}`;$mi4PC6pgNr7sJ0{iWQ>&^8Fy-VEe)2;sT+oFY zXqq8~TlJ(}8#>&7tk0SXFafe6zyxrh?=9RY^}5rT(;Xqx7|;vdI4wf6+0zjQfY(Ej*Pmm5pRMEItQ9rn z9$Z0A%Im^ex3%jZk9Qm*pcZ$@)}`m5=d6a#b@SKAnqRBpgUlhV0d`9I5d3n zn#!K#>wTKf-L^f6co7kF^|Q_h&YXA8jg=b*%F_FnsPj?cT1G<;eRGFpZ$b7b5JGqr zN{)Gx=Rj}Gqf(ba~a1SvK>(S z=dY=Fzg#OL)}g|9{z+e4P=$WZ3~x9oW1q}WOHx*2990(45Non3v&c^i;~BUZaq=l- z1H(T+1mXCgJOZCeWAOj^UHX4j*}0YjYWV@P4ywK2XV1>z9p=2M5a$929SjD1POM;R z>C!%b@82^x13OEwhIEtNFB+M7KC3RK)6b)VmxbFV(;*sm=TKIqKv1=aou~NQdGD1n8Q^X=TPg`j9 zFTuqLa~;D)Z#&y~Hw4}hJNjVekWtG*BCUm_OJj@h5fl;|z|#x2J?zfS4J z*(yTzfdR{upROhG*b)O=`VlBk+m;}7MYCYl3P*0Qe>iZy*#uODpYv)3fpsyDaCK3! z*+-Y;I&B#;=Q4?aYSWR!>9huplJpB%#h#9AM`F#tjzs5|^m=mXhuu*T&RoA)}a%321-;LxO$ zB50Cj97TTaKO5a6;oA&FA4MV57?M?GMSec|A%naH{dLo8yOU+Blr}pt& zJza-8?y>O3u;n3t=PX0Qg+AsT$M2*B?4gu$YX_sJDIk(lqrD~%(t~NA4%)7kIjL7h zP`)NxI<97f1~ZYz{$8vWXqN|z)&Kr>^bd+A9~XocONu^tuaj}qx%8-xtwLck(wA{= zNV!5}s6OT~|Mfu? zOH-;Wx8_WW-W%K;umXEofsL8<<$9nyb9Hl^pN|xXb#AW^9$6cUih5I0QHcl$ys53N z{W#{f??3g?l?@^Q$3PF;k=ubr>~Uq!jp&9s>;%Q(C5-~m{1pb;wmhsF7Qk!4?h*Xe z7<Fq;``Fm2QM z#r!|RKcPdoa;o;d@63QfJ}AGdweTS!QEqEx_Rv>@o(0*f%yWH^k2a^^K*hwgY~+B< zi9Gz$ElOo&WhR$HyOPaLu~wGXE5kH-`fXwM8*|M<#Oe<~Mk3Q#{g59VU@XDkA_qoAE^1s#(ZrONyiiBq2w z10YI_B4yE)DyQR*wY@7hvI7XW_HBQlIUp)_1S|#63L8JUo!eWJs*bPr0Ao)m@Y{i6 z-?(}UJWc$uP%|1Bz32t8a0Q#0O(Gl84hGI&Q(=DF{vS7h$?FRIMgm|;6tFf~&yMqQM~%;Y#3Nc}>KJU|h7vYwlgy6ic9 z5eyZ*q||`xc$7B8Ua>!Dgjq!$H50Hnb6Lde=;}3ndh!<5dzBs{i+<)O-vElc?t2eZ zYz**vo5*~6qdr(0*aV?R<0a?0g#O1vFV#6P7m$9v=1{gQX)UTP!nr~5HXpUv6I5Xp zrkl-gDpjQ4c6Sf37<7-{V0V_v(+xyK(t2LG8$u7dc>q5h-B+(4*~QYp1S_ zD28FV@l>xLfc}5w+-nF+FvzFm%J+(62`MQyvTYJpo*%v1a5ZD>*3I`0;Ujp_%Hpxa(sW)`K)Qujevt zQdFEAwnpqIvI|%5hCp3Hna{))$qP89YnRJ{) z5Y`2hu9ULwakIsMo%O6bA2z}*n_JnU3NKu_69A8O5QX?0a%l>!YFDwKZg=5}SWIAY z#q{SFT@g4pK9*``i1UHjYJCcD5je=YWy4)3{_{ogENHP!6;<7W=~u_% zo?b8*$kqK++F)~ypS%XkC5rcHSeCL?&F2kb215C9Ys(4;%V#McguJE4byif?z;BPUDvjiY(B zDpv&)#j8>+DUD(wjEmuTG!rSJ<)0HaZ0N8hLCHIqNWz<* zUgVcW4{d1?7ZDK&1l`9X&z}c;{CLyL+necx{lmpwCUED|B2bGy40QHiO3#YQl;mym z(-X-;<>lq+4q#@2!ou_vSbF=uvW?g!P{QG53l^FW!J#p_xz28M%MC<@QG4d)wyZK~ zXq@nJn0j}VX+LN4r0FDuYAF`KYAJu9KaQ}QE2xb2a)D@+N|4Mhnn=toY=VNjE-+epK~;dHrzdhOcK$MxnL}+|-K<~6XIKhg(l)?jT?}#2 z>=5)oUHsYH5a3@)UpyF1#1^eu6@yl-sw`>6^rY$TEwbe59&E#kDmD){1dH%snqr?-ySrw9IM!oIYTzU$Lo97%@q&p zF*KWHZP(%)76uQR^QU)5tt1t>6r4x_<|DfP<+@#6C7`VukmbtGHMxj%wZgM>aU+koz3!LYKm`b9o15%9zDA3%gw%wZ{EwCPx) ziRo?|Dp9}#H@S6s%q7?c5Yhl|JDi>M6ivUzvc@a97)&j)xWY60Sgk}v(Yy&Yk1JUk z6nvMkIXu{f$5B*ORW+w5uDVf@K=AOiH1<1n@&Ty#2ZiZEs0q|rItz6b;GgAT%=od*VHO!7~sfE8DSPp=~tgxGFd$((cd%mx-%qzWo)+SNp@jL=nv9 zMti(;P>GhW)W`>;$EuUa;h$YB?9e1g^Wf@rGYk<6Yua}S2VQK+?HGL2X@0rn)NN!_ zfV@ruVT4KJT<=s&OyE6>oE$2mR%F$E1a!DYFt-NaCY1A12w{~t(16;*5_a2}Wah!{ z;I7CV%V35W^j{$&ew2|i{@thpIOdsV+mVe?e+>y<%y$}WaFDz z!aj;FC&_IwQ+|;O!C;Nkf;TqYhtNfV`WvZKG4sTNddn>FA7u&7W_ zP!Q$4dtZ&ekq{E<9$VbGfl~_*Sr8l|nBt@ZZ_=d9S;qAgp+w12al71 z%-TQblkNyzc1-__gw!vzorWdg>6b0`Lk{kUHVH2xppbp>-vExGyN+gQ|X zND5|uQ?b4Z37&=OLTghTI_*C{1(h(t$j|$itf2>O%-@|sb`SXcw|b_lja#EtUqcJk z?UsvRWPkV-2_t2`h_Jsd0)&Sbp&Z@&Q+qTGRXA2({Syus@hyBGv|-}!F^{2N52S&5 zHHQBliSxTI74i^tyf;3}|LaW7oE?MaZgGMMNQq#02}I;ifAMvP%M$zamg;e*W3weh zL>^&FuCK3yQ8?Ff4xyN&p10Q;5`(oepy{iL_bSNuxDyYD??93f;R+`CEDymwH=L{M z!~3eFK16BNS=I-b-n)H+?HM@%tm=mv0!0dpxbV=vCGAkB$Nfvge+H6($v^necqBMn zxW(P%*}GanVKHDS?!!EuoThwep@~hh-445J6Xk^H&C8?n^RE=lX{Y1Xpzx1k3;qt8 zsgrm*qsRW=89i<%dA4LL@@fke^&0oQK48JRrHL1>UndnbJ3sV)$hz)$s{ikw8#2pI zkv+1dvR9;GXUi-i$|akuTS`Lqo|Tyy+3QAS6%~>YimZ%mDt_mEuRiJf`{(=U`~Bj+ z?(214=RD8zJkNQJe17%ywR$^OB3E?s>e)dqiP>-2oz`NB)B71q!orT7TYlgj9}!p+ z7@>W3&3NWqXapaB&iBQkuE#CMOV%#V{4Q{COm*?IEes}m_N+p+Z>U!6#0f5P20_mS zqV&9mE$)#M7rZ*lqOgXB{9~6RtxRehjE|K{9~)HN{p1T=W=8dqNCMuIXI6NMy)nbX z!`p0Q&jeEr9wkmzz|CZl)X&JyJ`{=RV!uy?fse4CMRw?1R|^T_0He4k$cyU%BkJtUZyp zy`AeXUliPus<1hsRfDeio%Cb#>1W+TjmE_uD^+i{izVpUL~me5f39Wy{493_Jv%?s zJ#4D4Fx|M((9m$ez$wWyWK~Kx@kd?CFBd=luKah`vNvzu%};0g>hFJO+Yytq>EYJ6 zx>1>`N=-HDWj9nia=y!@_|S3JQCiW{VLv@MWY;ta*Dc&qzYPxbG7`$3I)E{i5DDob*JB3DW`no&|n{tCJ=FJe$w2b=BV;y%cNLIWBQF* zxpy>~#K!u1iQEuvwxz2HQ(Amct(INCFPz|zt%lY&nh`I%qK%~XtLe+KtcRIJ z>_gd5RbBWzQt?y&_u4Tz@sAXOq0|JwYurC}sO>X2Yq9;Lul}(@x7Y81p3mG0Qtm3K zgPqay-%WzWQE?2CH?mBH>3gRRlS&wSKl$%TWyB*llgf&ZWS)^ed|8L}(*v}A&Q_jZ z&#D{$$carJ5yw?;cQmWdq?lOfkEKiHjs7XCU#GX=p+XhkWVGktC#wgQ<$f-*v-7-S z9c8wgtphj3c%Att*epp1R)+VLi=|gqR(^h<`TI4@nb_97liV{Lw(WS2ofw^QYN77L zTWi@XM-6VW$j^FpExngrGAlFn^wtKYR$`pIBp zL9gM(9ih1RicHUJNpBSx^v5e4-;wnt(y6;0&KldUfws&c-yNJ7sXgtncFP*(^j8m? zr7Hb)TxqT}st$k6k@4BOX2`iusF~8ZRMGs?>tti}^K9B2l3WST-f%L>JXU&p9We3j znu5_6vr>uyO{Bv=>@QEx9o+L3|A?%X#d+Y4_fQf3m zoClb2>JhKb*#PWgBGV1o?P=9Jrh-pm-yC{ZDtzUTZa}~|A&G=BT9t3NGD(+A_T)(B zlf$)?Lz7Gmfl2C8!xcwd-IQzVJjA+$RvK$g>T}#aSe+#zeF~e1dVDGS=|dg^bW)0F zS4W%Ijfx+Hp5})gH5ns!{*fZbkv7rEkR|6qUbW=4_36WjU=s7mIhv^hKx|0<^xFC{ zh2pF3<>)HXiinxaunP|-rV@>U$I&?75L^9~5-4InqiD$_!)U@NPf|lx9%l7w+TV37 z>Y3YTm#MdVe|>9rRH$vw@_j3bDxzUzvf=o6LhedheD~5<`!2GDy5$0edM1m2iL4(J zt;U>VUUP!yKm7;{kV%^e`TebZ4Tk>)Pi1NGl1MIjeU=bCy6v`H>gvAMHZ#!89rZSy z*5)2hD96Ifti^r#U*=8e1?_NXKWoML*X4d| z;l$6v*r zYf8^++~L*LeQ)VS!Y=q$5*?t6(sV~XHgF;T^=tiP-nBW`^VFBrevg^d8dPOE9LB$Z zgH1&oTAqdl-cDis>_qi7Q#*Rh4^*S1pP7B~d~4dtA5qk2C&Oi497Y8u7aR-M+eOX= z^unuG#tvulCW29v4rYrA>1L6mmnM|Fyn=mhYQ+)md+mX4euf`k917QnkQwKEWIf~0E9 zD=n2Pn7VGut&`&2{eB{ODP1lieT`D~lRBl{oNvtce?6=Cz=A(IpL5{->_vLsL>S{~ zw(BeJK@r3IfYuppmPhAkwH+5(c%!Gg9DQXCES*A6Uau+fFD7>$QHnR zE>o_No{5cDr<*i{lX#O(rYrW&x_hnVCx4N%x@%s~hjo0gao_R(m zxEoSZ3!hgzOwcngh~cyi;chIwz;TPA{n|jc_1*aRvZU-IgoDBh8!vUL4ZKa(YHzy9 z&U@AP5>NgU)_LH`NxMfnDYjmiCwJZR3LN7%KWN&`e~(PtBB1^eC3W1_I&zqq)a*O& zyN4lM{GO5HLOTy+V_HZT>c&3rT-IOU!`~5WKX$nTUpFWTREz5FAt&m&W<^$SrN z6NMb7s0KlkMmOP@^X@?7ln+K$>D--|NVv5oqB%9X)oYUc=EU_^AUlFxg7JTz<~6a& zo%oyQ6b#=uzT|x_5s{wc!Vs;5+ZDVY$R*0p9Ng;KkF6^=9AF zr16J?Tc#-TX=R znJjBuvoiA~amVNK4qhkv95zdJOqXy>`wGNQ0ZV=;X*fYrIEFZe;lg8i_m`ry1_i?9pvR)21YhI_0&rDr zVH-TbEiSxks^uPny(CmlVpuLwLMyTb;^JcycW}Zw5=J$+hflxV#?6K#VH2e%NSn~T z@bz#l$un2ij^~3)cJ(e=aqC^td;8Cqe)KOgYtPXPA*Di>ehk#vzl#?Zhc{QP%Sdwu zgUJ_&=U)^`;_?%01GuqSnKj(I)@+tX;E#VuRO7!o zD9;3ccTz2(yqpDxL_3qKM^}NF@YK`ibJIzF_>I7u%pQUq_$tn1oMA>6V3!Id^Ly~u z`Z^dn65a52GAM#w8vOlj`Kk{AJz6?J_ozc)a;SoF=t3S`rZm+T_(R*dQI;s!cb){U zyOW0qU~X!tOg#?MCm@?s{Vn7j9^o$>h4l{}B#{+-+w)l{$eBE|u`sdl+tW7gv)m(x3+dLc6`s!3xmW$&hQ8usZDw{x_^RLVY8wcVaz1Rj0XWEszK z;Uxdnz0Wo)$5C->eSAgCHm*1_sQn{;?-mjutcAbp-g$dOlUlp@X77?|{hWTWzZ6wT znWELrc;>^jXz7Slt`HK5{*5?Mx7n7?*w#1qiOrfnyLE62@qFxA5%t`C3l-s;t?hwt zw%$L{m)Ve|+faV(PN2|AGbyCC$Z4^#W0#@^cAmp^AqR)p-W6`q4Ie#Yv7hie|J#or zxc9k`XMIJ76TC-X&6YX%TxP{^z zC2u^&Gn&Zh#KY;}{#$~{$QiHOKHd$db*ye#57!X79BiJXPI#oKoP4o5Pf@zYoBOC` zLvCy`L#M4t4WF}fVi3`TRDrl;`Y><0n|<8pE~-Zaojtuxe1%j$nOQeC|Q74|_ zGtOwewohYMO0TFqBNE8u!hhpzFgxeXyU&1DfRzOB5^0*}$B+|Ma>>Z4if5kjbUwNq z7I2pE@Ta+Hhbg@(K1s`l?_HX4cb05#S_`_~$GQ@oX$*Mu>B2*Odh_u=29N*K1so7y z_>Z4IqIs~j_<9t$ZZ2V;r*+SyUQW$+v*At7fC}=TJI0yBxL=VW_wnSnXty^R?_UXy zqB(Namdw8Lp`!APS-sHEkt67f8HVUZ-a+eTndgVOS>;Rwy<#84CIb$&(#+dAw4HNg zU>kXH1cS9A?2%aa+nmz>vA7sD|NTu=7Wu@bKXc^20*r80!yksFIp*5~^hVoL0Wn!w z!Fk!}yuB>UBp+2q-1A|~tjth7O{pj5yWwcISHYll{6^)))B|^tKk%NjKOrDt?C>CO z-;M#{tmrg}Rm(or1w;$D{bHDS0?+2_cfFpp+Wh;ykr(~a_Ib&>wwB|{Ae zn1N?pt3M~O2(m4_%R})MIz+aP+*#aQbtTt3z2mOoZLW!|B@Mfs_wNizVEh@A&d^8p zAERnxFWBQ=@k-B%jD!au}Jl5hctqC>V}$Nu@YWr#CTi*gqf z(KhJgXZ1@ho*9fg#F-!6BxG@%2p@4ojp4|n>A(8mk9?5V>0yb1rg`DpBMr~ERlYPa z)E2vVD`EGd%HMcE)EJWcP1De0v1-dpjb6mczRhwW+@H=D)fDM4l{Or4^!#JgU;aZTCH&3|wS zAq6`e0aZ7a?KPL^>VS^_$_Ja{l&Meg8!#dc8-RYCjfni!1@7D|4-5z(5V76vF|J`necUz|8i!dQ_rq&m~5-8uk2+@@d!p}wQ}o5^^A7LIKZZL+hxFThzK!A^%xnn#&@I76eTsZVPQim= zl;?mZshO6tV*P}X-q(+DnnNAI)YsJ{C^d!g>F|!H3;|;;Z9T1X*Ou_p+-mE?6qKF4 zN5R;Opo+A_ecreq6|GQg8Df!2FgY6LfNWr0=_#A8onNu4Et9sTWLGkvh#iN=piMQ^ z_Zb|#+Q*)wWXEir_$8+tWW1uJv<`zrQu(2zye$I#YPdz>_?`R2Vi3ujT3Jja7YbMrNtqlINHg& zz8vM}D?+I?6|8ktn%~|e+Eq*cp_{Zwa|2ow8s6QwnC=BQ}KeQk;71r*3 zTjbx!jN28PEbaLGZcIL*o_29nwu*#SRhxeMvt5P0Jt!OGK7H%A`hFKYYN3*5BWzB% z`9%>I+nmwYu-e1rQSE!xSs*}jJ(CK?{gdBX}NXMRmQt$EQs zxPBAwZ&-LU(h9eKjY|FQ1EV$ATKL-EPHA-s^JHMwTR^0o+e)vML#pK1d7C%OPn}-I z*j&McYaKk-CIlWx z{CD@!9Wfsc*e}(4!hN#w*U*Gv$0H(_j2)keIZu|`OT9gO_JNb`B#lD-{V>*iPEDQ2 z?l)Z8UM3D|hHSojmEr$$k9xhxJ!qXRWnIun%{KUA2#-hq+-r4HxYtOMh9M;n9rl}8 zJ5WI1=ykpE_$5V6+~ap8cN87BGxkg6&8qbLkm)Ln+S6EFk(9dqZr4H3E7Vi_8UCPzycGY&*jWV9(NPzv{$$ea_p=Izd_hch{_uGL!zk@QWOE#_$|$TIM*6H z>j4jf_TzqXm5Py(`TaoclLLi4KT_+BX~2od-Ot%+*2`uCEGV$;*Gi4P$S_GF@g`ZL z%8o3?^fC>>%FRccz88LfW~4owF~5;055PBS$|~V2p}e#{TUNQyrk2HEiXh+^(SPG3 zRYCxyyrgV5$WYzXRecf}%9;4GVDQ9YT+D6=Os0^( zMlpW_#hTh4|NdgjwX}m0Ip=)VFPGp^?|&YL=O~!)E$x)MSXV-Cy;i^bvt zwW>fBq-sW+?nJ9`!n<<^Ivz5wIM}o>Z8^@j#k_qA-5o<0-T`o~I{wdMFjH{LlhRlXIYlpF zK5w0>7gNz!u5I{M`_rKP{hcKqAGw{kVlDS!Mn^Bz|3+?S9Odw*a;2uY&Hjh3_IN8A z2}Tuq%(aC-kZjV3e2&Y4Zgd+NXVewxZ=2^fYg`I(%jjykc{f%qTbvx9R-I{R{qg=A zT`;`3`#)JkKtMj2QMGEEJGEz^;&1@xn4Z@Fwew~nn9H+!vmRB(`0v0dl93j#a`Me) z`0!vNdk5ZZY-E{Al*JT@R6XPu{v{ndbcq?^;end5 zMg_OPg&Uj`}IH<>_ycWbQKL|3EHHwO?ve81z;3$Q4X|47d zW(y}DFSYxh?IZscg(H`QFeMw^5=)}4rYKZaq@+3SR#=njIBU*+N$pp5FAsiK*eq2r zk0FCBF1--H+WtZBH-X5`TZRAzuGR}E{Qmw#__)EH)t7LFRUn`}>}=?_x^b?`&N@Vx zwPLb#E>JfyX3#!TnSbyE=4ld3KwF+U&e5*=f>Xp~8{R15;kh=Y-<0 zFm?l#ZXpf`$UZ0|S=);fq9lZVoK8n` zwC~#|t+1BFob=e?h{GAyp$2LyT-5Eq@qLrLa*cY$gD)@v#zdcg@@w%sR{k(gGvW?A&j*s-^Kq;&cc9S=9hs(^Xc<@p)?So`yzvfePPZ} zBI|x^G7tN!yxkr&0J{uiiN)Ac*&Ph7X7(DB_mQZD+PBP^&U(Rk)~O3l*`7+ z%>y1t<(u>p6+Z4-8evLnpuRujBiDe-qxX*TG;1>Kb-Ay2$t{|>Q|P?|^`r|KUzn%1 z<@KtmatAw_mlduoDU>z%_3xx(G7x%8yRYl!+YvoT6NsxLJKH*i%d*e6wmpk(!{Tm? zDNlsUW7W$qWH!I{#Q}cSROi5CokzFF`d3JG9q!LiiQWmg zn0T>JyYN9KB>8EI>3rY9PRU;!fx=DJlZR&8<4~%Ck`lGvKRW{LFHrv*z()F-1s`!c0&AD)XS4^oJDiA!#Ra`&aD;!iU`*t+v}94=%*je zdg8)**6<9_wa-hBv$u~j(IHRPA zFWdyCRH@;Y$tdE~FcRnETd1@BAMfpvQx`KP;iPq#P zc#0=rg-Dq0Lwj33ea+hyKI&3F&h||eU0l~*z$L<0#ByR^l&rxoG>3*^*ha`Ob@$Im zd3Qc_*0py9{;$g*w8$x21KOsifnz*QgZ8#MTXUKU?R-GC9=~mWd}25?(Bp-efM6nA zftnj!UQzFjs6(vwU+fvB@zJ1&x=K%vm$xWp=2ah$NVJf^BeQPm!X29LjOF#WRw_RC zzME@Q1v9<)gaS7FGSn@kn>0S8-MD6WwyN#ZlA7CYd$-gC%lnohaV8AA7b7AZ+ZG!c z(cP*4G^$*d;>eDpWaM?KuF`C%`%WTNs7VnIDmq5I0~is*FpX0#PHoT(HEeR+-&7*o zhcaNOGJeO_(kV5!q1U8gkY;bvbEc||p<6xjpO007kL5`@aW@p}Nw9(`+#E4DGGO?s z{Rtu5C2ssrh91<;XL-_lp!ca5yEtB$1es+o`PX z)Ppd>&G(mYU74>Lzk8VV_9;s-RO7ENHG}pwk3}w-)U>tU`1`sW5{gE=VIf5l+56xn zx{Qj?7fcp%txRk}3pB|*)EZrPa7Q9xQS9fqE)i*Y*G^Lw{@V4o{p#Hl zz#T#u4at5m#NJKC#Nc!XRD&3vJkY^gz0(8i$JmnwFYdI?o&3>hmtcVVpRWsHRWTK5 zekKeG;)5|POoCldOC9&MjC}<9vMW4!{{Wo=K>#}KWoix;bdp}>O2Tx~N}9>XA6+pc zW9K#bOhSiiW?ndrd1{ikfMJ#(M=T90NIh|*_A^dy1*#O$v&PqNOPlEyNmO80N{KhV zD+RM~HL4xDS;RQhO$5`+-SUp~$3eD}Huv(-Ki@GR2QIdkYMLLl(?e`uAOE<|bD^Q; z?B%1z>4!&~K3_$8;9(bC$dFRpJC~Q<3wg&*l{%W;k|MvLSkmIHiWq0q`vw09<#dslR%5?t;Q!iW=uNrF1j5MWy()(*`0)b|$pYGE^BE30RmF zzMUvOPZnR87?{ix+7g^i$2Mr)ZfEs2oZ9o~;4=YbU=FPQ6tZ?U!qO5fj5v+?E~L4C zB56$`Wgc|iv78*@sor65J4hi(Y8y2@+sb#$Iq&;$f_3#_Jgo*G^dK3!t?gQD&FIOt z4(plwS0_A_LP!|Tja-~^*!XohkLBI{DysfB?Ha^MNA8LlW71h0dEDNlZkAR8V;mR0 z^bh7F2nW=+NFtNUF(QxYmUuFDJ&kkhnLM|W_!TN==X7~F+}%!4$;iz%-ak$^J<20! z!m&@BJNe3FD83rM7iC{=T5ew?{Q>bnP=pdCcb(G21T|^=U@yJtRwq-NBSM(MFDgE` zTxcf1bv-X#cOd83Zqx-w-Uq924ihNkusn)MVd{0}DNd3YraUQtr}nT{QQVam$1F7; zQXDv-2Hb(y4VU}x?zVd3te=9-NxbolrbY34PUCnQ_T&wkU;>*v>{U7=_ICBmjYiqE zt)T~E&GNsR_8)QJ9MQp~`}=83Ut|`Lphi3MoecZeEHn>7ym!?(d>Wg8s+P!C`JHQ} zp;LAJP3W<2iidXMGz;C)LWfvoDIzgff1}IIsIhUOJQik3Gu&Td)KK)jaoQJi`pAqf zr#0*yItB<3wNHcaRhu|yPR;dPKwV8(M6^J?9in>@4Z(gC3A=tS zEaG~ThE1aMD=8I>0Qbt`%d1s(Ub){dzHHaf%^VZkOY-ac(ls3g(AW;t8lF2k%Cq-1 zneq<4*vX4{c!7~|Hctr)m?G-@*4sM8^kA0GfG4o+LG07);$YN{OR7)=_37s#w58Lz zN5Crpj!GFKn#J4AImPlK%Pmc-dY&)@8Uco#a%`O;!SPGn3Y|g-9IaE-8(dn|` z!x{dLd^`HwIM$z0c@A0jU*A3f0qZmAtIZO5;JB zIGuKJYR|Q!Zs7e!DJ`3$L=N_~#m9qS4tv+d@nw|%>V|%vV|Bh7z#@T8(SK@{0jc1c z`t2(6=rPAo6XfVNa8E1g1@{g_4&{ISBg(?uKH6K7|xu^7aieV}qqy2mtu0|p<}GP0j4I~w*ujpL!(FGSjRFFwAW zA{UwFQ1TcHfW#RJdGQT=oT?vkU<x3yKZg)c;lt3~usvEt)JBPk5_ z35vH!uQiL~Y?YnMnP&xR#x}h=z!C~M<>hK>n%=msR>{w#r0hKqj9ci2)<8_P`(?$e%Lvb1YB?-^5pX6jQOz zACknGnUVTPN5}XhgVGBvarEy>#S@*PUuGvbzaq^QO($E)v(mquaJ`FT@P)=@b4%;xgd4~V1#-J*B09oM7YwlP!Q3rw*p(`s6SKOe$*}lX?Dy6{` zON`qML0+fYm7@JpLsN6HFa2D`XXON}PxkMB>_db>KMg*rk$*VC9qg z$mL6gKF|;-H_DT&(LmJkdn(5;^I@Ty;cDmcL>gwON!{vJKfe>Ea3Ivu1!9$WBf(Kt zP>4CvL z2fWwqiJ0hDM-;K`5WlXCk6o?e<1-D~ltl7!e}8Y4p81Js&xu4q()|gJA9NTcc6$T> zAhd8jZ`_1`ND%f^#`RXl_dfOMr}4U^E2g@$WKqqGym~dL$f%mwhOc*}3k`ox<%0sz z7yK0!!)SHIw}vee%T3Q3KP}}y_S%|W)Rd5i7Xs5W9?(V7pp%%{Y?)M%Ok6hgI1kM%&= zb^T2$H^NbGxY$VN+`!k#ovN`PKRy2X(1kFYb78op=$ut8*es|PBgb}+8-xRAhTHS{m{uqa1oK>>!#xI+)Az_t z1VtR!$HpRqGjwrxNSPeUC}dK3CD7~Ods8c0FhQo{t(A=vZudCOb}^`#UwNGUv6^4A zG%l#=7G!GR!Ehm60P0QNO+w~_%A?shuGwKqP<}iHdaHLC3kd-)8njiOkFYC?01179 z<#~BdD4O>t-N#LKf}ahg)gI_M(k>K{y^5~aNF|fn=t|zXJ*WQYa=l$^4PKt-8Rfa% zN!RQg2dSIw`S%Z~3H_YE-_M26}gJBB|ID;_9lXQ^XH*q~VkmxY{b z<&(CK1PRHTUn-zw!!1>l;c8>PlIETFpb$gaBV@X)+nY9AQU=N2;QWZXA)cO=Y0|)J zvm>U&+g3;zFOHaQ2}!vPJrx?N0c}=dY%+zM1;tz&3i>*X{qq!$Kn20%-}T%?XpBA| zT_Kb%k^&uV>7<{T;k<1KEGaGiSt;sJ|Do!&YRyU z;l>^iut5lrOBG~0Eb9RGOF5wIy|2Y8M@;&G9hK%i4lvxWdS zC^wbE!k_<}O_Ed@faPBEwL3zfMmnZ1-u|u(0vRrR?qlaw(-3`$`*}$fq^uc~GHoLL zvhU{Ix+V2E!PWGcm-$(xNd zJ}{5__8>Agd9^SGdk2(}MX&xR5h#c2YFbSR1(hu^+<9~z+B2v@U_7SC;rV05}$yG6wdm>V!po z-JcMNEQ5h|ePl+KulQQG{;Wwn8{|$5`4P@ko<<|;=H+99xgY$i*iR|}J9{G}!DyuA ztcY4iYlSP648H_hPwu+Q@G;SFK2oGnHUKPk^!7bj`$Wvy=D)W+RuQfk33pHV-<(Nen@Um4SZda8rD6z*P{a^gr&`?1DqXheyLnN;j^J)KX&cpALD zoz=z6Tvq5A<6rp78J{`cDJS=9r|Nj}8eiz&*X0o)0{8$Hl5+37F3CszjCF$$=61e_ z(Myq7m8CJ6n}(laZ`I)QE6)PO?U9K6Qej0ri{Cmaj2R}w@iXqCiTr%O+|`qitRVJ9 zD?j2o3t5QRu{Vd*LC^J^Cva3;DVca*g|hhwP^0ofqccv=b6``pq1 zMb?6Xt^{w(ZhS5aOc|6Va>Y4iOBCk$!=Ia8#s+;)&i;J$z%`iU;?-M`$4?{6XGS${ zF5c}q0W46Lqk2r{xh9Qo2~uaI^znID*Ha-g_lud=EyuI-bevNO2q6mi{p{B-O#r7S zDnPM&k|HD<2weI4nuzlhb{UmbUg*u8^YCYL=|{(+U#l+p>K3#_crP?^9YjP>HStD2 z`C2|}M?+uN+CTJ`1uWW924mrO!wi9!Zu7$lT)~lQ4z`NVS7}9oh7xqGKw>{R}hQ7q`@7?A&==RZ+ke1I>cBff^@ln z3gOk1?^`zfstu^L*>fHx*_gF=nCNngpTLq`xqxe?Ho&C&LW&ALxT8Z2bnM-w-00c# zPAaEL?9`0Dv-t2+=Wc{G0j124uA;vt-FlanFamqfKRnV*xCtQ1%vIC<_eTHqxXmOW zU}$@uqI8InnP%IoZ2adw5~)Kr&Wt!EMZiO({Bj;BdzNmsWL-oJ{P0x^ZdNKM`L8Zp z!*TZ+v&3V~YL04^DNfOmIU!G_PL1@e@JmS?Mz`OKTH!0$VY?uDA9&s^^v?-d>c9!{ zq)Ofm3phjwg`ke-DX1xsxDvV8wz1Zge4uEy3B|9w$_!Tq(H@67Z3$oEfyp8Hy{<5& z#)fWv2e{VhSMkXhe<8h>bmQ=$B`!j!OT@TrR4&s4n`M1uH2eJIjVJF2x0V)E>}ru2 zYxblI$yU$U#aM87=G9ASM1LfisOir&N4fU0KS5w3sAYv1oY`sXFKUI^`*(^cjx^jb&W>qbpUfI zB8(s}>ZpmivcP6}5wk7nbK%q3W{s}mxB#NSWObQD3Z!BC50HVL_{VUma76)k`dswn zTgY@*546|yA0OW*LhW2SQ?EFL+afInN%x}DXoC}z(P?mV&PRglMWn<4){*`;P#lI7 zBRZz*MtjbY7+pj>UB~^a#>whcZSQH(KfWM08$_9<_aIxcOIOlw-7r5 zy`M12jA?5=TwbPZO)+j*Y!NAL*{OIDvJfw{z4)UAU|#_8xB9{yiIg0^HhBY=CNNU3 z|A_R%gNhsfF#NVgtIMdi)DSt}m@ogvMGp~y*Jk}CEe{Di8 zacV{gN^$7Y-;|g32J95>id=y`EH7%m(Un_M8%rT0f}xMPSq z5Do?05OSq~9g&2Zx8>DVTKJ3p$SFpj{@aw`^h+nvR4A{{f9dt7@hBFiP$V<7G{L;n zSFqXGYz4VR@P1=!6LPZ3AS@v1*Nn!|bm;J=y!TP4ZNJG|uC6Q7pZpxR?Tsboi#vM|l<`s1 za{2a+aoc95^7D>68#xAs!SXoAijXSTaVqAv6x2mR51B6>bi9rt+POz8?4s`6LC~qob;cYbt)8f9UTAG1VMxjcN`;*dZ- zO%u)@1^Jx(J&m?jzAkyI%~Y59jw`yC3X(5ZS{KsY!RBH=(lb@szHEPTI&Eq2$TxaM zGhZ$Jh2MLxz3^ulc%SGYe(3L%edJ6mnPCrJC6b@H72rU07|}{CJTD#h-}uJ!V^QY@ z@1KAK^ch~v|IYuJ&~ez{rw){e&ellHa6gm%hCQ=@t@8nRVYt5H-}93de^W z8F)u?`P=?uwb(|Mx{Ssb+53S>OxJi7{>L70L7h1xEg=LbyIk7w(Yw`jUir z@EV1ZW<@>wQJiBNd5X$$)NAXPJ==LxCI=_+9t6zGzNH&XG33O zTy7W#m1hc4D*>LdG>ZOkwXwS3Lh-&XHCvDLq7jf4QY#ps#eQ5DbN%OzU_Akug-Y;- zk`N4#ohSzl=&T1^6NQ^{Cg7Jpez@JVgUnJC=ib;~P?-LhLd`v+!+}K{hPsfbBn^6c ziYWpKMVRkgq-G#o>4|P1Ne8*^RNmO`{6hBELAMfk%7`hKDBKKtBe?{~d=D63%D5zhjr{GGa!0f0$D1!~TirRZy zd2t&y#P|2@FF8#b$x+g6A3fuJIDK4 z^Jd^SK@sG4GomO-IG^FKcqh3tcr$0au79y9+nSUt!7-bLQ2-Uq;3+vs2hGUJyhFqX z*(~V@%F8E*-Z^!XUvtxr{ioi9ti%wZ_wVpKa0FnV5g{t;mYl_`@du#r;4Qu$(SIBv zx8nXIw|45fedY2<)^ygm=nNSg(KWJM`eeN-JIjRzgxwKAt0JJgz*tb9U6cdoe0@ut zX`ykL!UfUu{(eq=ZH3|SpJEO|-r&r(N)-+&-`Wm(FtUXZT_vJRgtnrg53Kcd=HEIO zQ{8J%;C~wWo&QvN3*4a8vULAye(X6pxPQkm=Je>z$rOtHL-EjM)d4`sx=jf*HOV&Z zhj^WSU4}^D25t?f(I|7Kl?e7iy7)Zic0HGYEXdLTF0xIk)T^)n4Z=Cswf3_X6KdV( zTBr7j6h?cM*?!9OZr>54enG|Gw;z8&50?mEk4Rj9nSvZ%)rAbCId9{!i}UtYiQq-i zv*w?oIH2vl<_4kboq(TELB|Kk2c#0!!|5!k0vV_$W^%u4F2KCmBB8?n@%6Ii(0}Iv z`ZGrJ5or0@P`r}@&4WhU3wL0A#FZ{e1xE^8&n`Ry5g#%$2E1#{*WTdKQlXHD=%2P2 z7HY+j^Qbj%{i>+~iUT2p>u)0CD>J7fXpvelsBu2kOG7tokWsa%eOVQ9$5|UdHr_R= zc9kLB`CmN}Aq67I64iaK2=jW+qo$KFNV7Ojfj`e`BmkXHm_L#FDah`npqVz^H{S zxQ^2hly9b8yrXqQ!ShDyYbz7!c**Xg|7=D8v@-w?8w3$`ig0st-*|nrm(K9}yp}DH zbI0vzl*-P(O@Jo{M(i=k1iU7Oq`=UE8q3IEOF_$cGXmto0#LO`v2GA6RLyay={!Pb%DAhAIY@q zJicW2gaxMHl2xRqSSlBvxnp2@626?gIp2+F0ifPJC=6S}f`OL7MMsc$cOn%9=(%be z>~ENxN-?LxO(1~erBIDik^0ezwB1F{(CoKr#&T-E7}-{|mP zEu$edvzGMePiewHkyd4j99F>|MLyWR{B*fJysd0Qzuw525_{7ZmbEpRwNlVv`ytqR z@Skl7c!}_P*OmD85y+51&9-{=c@Q1`g!?66Z-OsyFKfPy8-VAdkjkK)r{P}o5i!)9XoY~iR0@j%O+58 z^QgZJ{$~lG+=8Z&F&n2E5IOdd=He)`xe=I%qvD&<^!HHchC#n7b>|VPiL@gQLFv$i zdJ94I2^ETvK5V?>jdzuq_V^*;Zhfz~E7Y!1Z7&I<@yKNV<+gm+Kwvo4B0$-4CQbO& zDjmjubEIH7v}ka7(L1r@!=u6D|Ffk3hDktEyf4Ngy^6gT>WR1t>?BR&l!Pid{uhkY zGoDqb?EgmB{`+S$4QqoDbl-u>S4k5IFsHDEC?P~v9uDR*?Xe)?kr`4cG0Ib^iAt?D z8+qu|4dTo&n{l2>Ez}Wd4WynCZecFs0>YR#ad&sS6>yO-s}kEL_23z3TZm~qVM2wD zTdi66WTDw1X!;vgd~CJTK*Fe;QBb5`Ja$6T)#6JNK+f|%B%F*^&WuDT9@?u@lX0x9 z^#x~-K;y<|P@Nw)I@D=h*6PG7;4}s)GqeLNBZ^V>!4t+xof61+kG&ei$~$$nKd#QR z0Kf_wjH4tIuhfhLnQg!oV>aNYHBYGE;*`2tMqPtOPzo_|5Es-Jf>NM8Oe9!`1n}{W{MP z!|{BgsCzU1*VspT-?U97%;seRhdoCCuuzX`)3%HPbZ2n$W`v4proFRwO@D}qx9>5j%BnSI{df^BQkiN;o zOXuj}*9kEP8av}b)9L#ve?W&@nrn~9&ibGl+x?Lpnu3wB0C7Yc9hk5-F%NNky0@N< z^n!0p*&41`KxasdgnMRlAQYK#tWr5d6=(_k1Z-M&Hxn_StW-6J>i;yUw*8VijzNMy3kf7?0^1<5 z(-CN>Z%B2btqfX0R-t;ytxR}%BP=+IuC2oLLpr>xzJ6dnHL?M7%53C-ML+h#iw~*x z{NOfr9fu%jA=;dERZqcsBw;=D=jpl`6b6n}yg`V7iVI^QdT)>uejhU3ZZ}f-N zfP~D+hVKv0fp;Gz;c!)dzCIZXfc{>7l?dmIibrJy%rEV zeS`_U*=;D%4z2P6v1f(;$CZkMJkmNkI2&Gb@HDdgF22`?Hoo>hg~*9#Zc`CRK1wK@ zl%uRk;O8<5Ho-&+%0JG=Ur=|wPe~aO58{ZctFtE4%@+61M-et@tkxeA)ZQ3wOcwZk z`+>t0)IBYg`2J$zOauGd9$>-BhxFNVHlW%3 zMB?#|gM8rGFp5yPL8PBG??0BjTwIK!W75+Ic4uH@VUUW^WqVn9@r9a$TFd=L_l6^a z7k&=cCkyO-Jeu7n-mcCH_vXb59prJnKiC8IQWuOtJk_%u9AFTZ*Ywzy8CYhvcQhfN&rRk(R>6q4!|`q1&N70jKBai z^6kNa*!8=L<1qhdK0kT0%cJl?^y_u)7{IcRKut5dI7iyjIR9fbWLyREr&PQ4!}L`O zvIV#6px7DD3_Y{sP+UC)1c1lY0z!e4CM*r_>LJ`TbIr5pO$8Zt) zdJluWK3Tam(N04RXtj5`-6IkkJ|klQNR8|EaKOnVU_XjJCiAQ-;p@Ll4^wCkkPkM_ z8&&5)9JcZFYV&K-806qNxL#{9(TWA;C|Zki_hekeS9k^@@e3JUXL)*LvKsJ#6YNDn zaC~SL)%BgQYng(bTrGkY|k`s^SSp>x5BwAw@pLVXErNYk>uSzf{iK2cWC~TeXfFf|BSj>($}^HmaG!xEGCtzuTG0Ew z(yno(yzq;ha^YZ1L8bMWBDMerL|45l);(#_Vl$@yHc;%oJ{`L#PUNOElx$RuDc#%0LuL(=_B*$_lAQEVF`G4Q@xF_GtA zt>-Rtmj0pbMFBYt=C4%H&qbRmSJd$9;iD4srx9cchUy1sT34R;}}eM9RUOT4*MUR7#2{?hI}*>LM9RSbmB+ z!M7FwEiY|)AKgPxOG4Lo0%}J}W@toJ&k5sR@+uutq3>&M_bJ;pTC*Ynx*$v(QIS_x2MJj5lDQI{E}1r(6wP(lF%byBS~_h6DpuC|ztr zr|IKSo^l~Gicy}qL$o+<>LpXMH6;GDT|CPF3ecz$V1P?b+f_uD{_*0-i*e`b6Ex24 znjtZic99jU8J>6>kHNO&ke_yND+g_K<|{%Bg5DX97T8BM+umO$>ArmX%KWEsViqA~ zWy?*}@4b+zL9ML~0%?CE%n4i8w|gFq@?YxccJ}{2w!S-_%K!bpPAbx{6)BRf4>srs}b=|G$ z+;q@2A&!2Ub3j?fD%>?*9EY5S37m11BUPOx5j81g2y9Pf}Yv!GrHzr}zPp zE$0yeRXn$>=@1lUy%aO+_v7QL0J$?D_*-?d&bn4uoqYQsG|_-+Qq?ZYSDGc_84{w9 zJEddk{v^0De^#+dDo1+bfpy?xqpQJK0HC_+bUUbSg{F^f#bJ!^wn&O| z3!-Y42~fJG$?t)5*YMUKVwoi05|kkv?u&0QPVNG37i$Fr73xr18eN$U%Eb(unyOm8 zjQTG(n4W#G9Dkmz%2DabvKy-noEcv{BiyIjf)}ntnGzi4u#PUe2u;!6NxnM4zyWB@ z3H$eliT92W!u_s^7zJy?@fwR)jPh>Gyb!+2uIrM8n-Nm)b#1eN zGJ<$Z0W-*)>0E^uLx0M;E3kL|!VS(tYH0hXhw$AqfU0l}$5O#hgpkXvET~eYb-wK^ zU;}-saUJBA(kM6#9E@aCT&j9i+Zs*RNcE$0ZRvc?$?FX#wq_qeb$or#WNLT&@6oqE zL9U*D&93j5SuTHRt$gYA@4-doNn&4OKs*7@1^DyM4=#qbQeI8yjH*>+TAi5zsY~)w zJx!O`oqZU<_VdBHutb;VBbwcS0O{uy3do1I)mJ+lUg5OL!vwqThP(Q4S;xG;3B1u* zFR7*Oul(h$;mljTmSV1X;oRqQ>|b64B!5U&bds8}bMT&>>&_5~0l z5zx$pxsUO~%)}QA20By;+Bio#|H`>;j-MtbWj{fPL(DDd`3Pr+@|>)C?Zg9L zbd?|B_|BbYK9A}B{a7~L`uhCAzSw2E%8Ig^Z)nrrNfHGq^nUJ(y*qtOuc+9*yft*^ z%7fDH-&a0yOcE+#@2K}qI288Rs6Kwtuynh4;ALoZX2-K?B4n4!jt~%p7o8%IVf{0? z(lxzOJz=sp*N^VFlLEa~f&Onfcu`A$b;E)tBiYM9lqnVnL8T^CUcBWV$F~( zScZzmzSxTEIUGBdK6n*V#(p-i@!(#RA?u$X1zpn>37?MPDvnIh`TroZxG_{Rls?;DI2^HRLFnv-m>5uR|ocQE#_ z!i_5LvTU=Kfzq}2e>4k*Yr@KVMDweB;jp()MEp7;0hi#cuTgwhXB|s?GUroiUK1(9hrh%ZQPO!PAK%TVFaC-D^)tuX zw&8w+xa_Odk0V(hp$0At?OVF}ptgRU8z%KRrtoXu)}Xk^_r(i%;&dD!pR7kgMv-unotkllv< zie|y$XZhKY=YAVvqJnp%YsuI`%bJj-H-~pNzH`Z3677o(sQFZ}P4YNFI(9xg95I%{9k*nwmx%wXO5r2A1@S2q5BX@p7jL*F5tehZ4JEy+pvPYt#ZR? zM?3{8u2xr0LN<5tYy7X)$&k5Y&j``M`eX}SPml@pmu}p-UJzuh%zGty=e`G@fnAku zXy)9DVy4t6xNTLG;clk&`RiV>es9r7;W8p5IC2m_OdW`y&ovV!R3zIA_W+({0bSdg z&~rlTL#JLCVZrK$cVLyq#s|ozJ7W!L7c0JfJH!-6x?Wfr==A*aRr~?*on`C|S|&AR+=sGCYNww{>Ug8Z z(HVrrvZsGU#r?SX?6I#WwPlz@E(hc*1Y4U>F{F96^IB_q63N2(@mFV;3Tuhc!FS0V znRgsG7mRJ_;%dr@VGKlNUsm|M>fo!`BPbr|!4`&>iy|0zP?zy%9x64plYS}%bWMO_ zJ#%EN9qHFh44I`?nz6@k30D!3Y(;Td^!b(fU#~|(=0gmy?R~K!++meHhtNaL?OLaI zj9NiKVr?p?YX-a7Yd{cU)lPkuyDMO$>#av&h0#<*nGb&GJ8EznGozKA4-nkcPUr4U z><(0OU475QYZh*;e4rxs%K^gh3vNtQJP9d8=xp!7!Pt_n$2c0ySRL6RIB=4l=AEJ? z3Zm8Nr*auY>*}rYVUOwlfJmQ~lR4m@VYH5@uHKS`#S=cG@Rm@bIFejg%1^{sbaxY`>?aPwx4V1Obm zYs;HJuL=u;$G9TiW$2h63-=gn07H76=k-)jowKo3F7b*OnB>vRr`cSrrHZ4=F|E6> zQDHP{d%+@khmc{Ei3o)RgR?w9egEM_CFcD0AL-$I6n%;dZGNuFg^jxWHQU@veuy1Js{j!x9V1eoPW#Nk17e}$19>EW6bu%OUknS zd26lwjcOVliBtY$YQCkV{xfMapss=UL#}aC1^_|9C&*O~34-;ty-I z3@c*TWXMUZ6SBO=b9wg%G>8Q%iwBNRvVYdU)^xw3^G7>@43BmH-11ze{gf9pBch`% zE_7gX(LKbd!~i|MRzA4wGNYa0(2c1^INuk9$&V-PZU@$R;mxJ5@p}FW)4>NHh11Y= z9YBssi2_#r?wr;mjBA3CZGn+(mzaab_v5EK2eZHCmQ6Q|G}PA9UAV_m;Al=eJFG&4 z9&#JZpPZ}@PMq#B6_;%(F!WtAV?__Sc8Beh@>pt+a#uT1kg8sT{mqu5$7_o+dDmAx z3Z0&%iVHoa!XG@F8w{Vp@Djz(_#%8bG<+;nXHkxhzM*oi7SkkiM#&Su>DL`jx=M5k zKqX*ZVlpaXB2x0w= zm?3`z>A?C1Pb(qw64#1y9eL|)YQr?xm?^uuG<>>234ckj8K90hzNNEq>_e4$m|afl zv0+P|!=5;8F!QzK#0M>Jg0ZvKbB*~LOBeIvbzN+tnaIoFP@v_tE^~H z_Ui<{rM8W|7ZuC~cFbG3g?}$9l&m#tRcdXxX5OTxOC-l{>Vo)b<$2B!WU4cWN!dIx zo|cD_zAr|U!P;^;*U!iM^D2eYzC==NhqSXJDp!xOqJ!Ilg6uL; z)I7T0nXA0K4K?lgkP*jgk-z&Oa0M2}W!kDgRl zB+E}Cf_1R*%3Kckn0v4|c!PNX(V1M552R8L#$hV?^r6Bc701SFo`9oys4sT@<(iTI zkE$wpgN99e(y#9@6V}SOX6}Kr&=5%I+Rm-VTmyB>Cn97>&Zy*q(q5$Z)njIg8*f1r z^)&0ORq_P_I=m6r1Xm|`NP|N4399s-frojwG9g+_#7yoPZF}P3L=`e@Khc@UXjyQZ z+#^yXM;1nnMjzpPM$BSjDM>6%wX6zvDA+yN9=Po@3Lx!_mr)%Hl$R7*Qgr-r z)*CHOB;1Tgg#Cp&2z!x&nqE1@Qq%aj{u|8=nhYqo3%&8O~`XpX3amWwq7`&-IrVi4tLvyAG`>*@|betzP%_)<}`!N>7}9Z z@&2)Fv%0qy<4d!wchyuj!w}PtodG4wQ5yQ;LlMEf<@Wa0f+-Cx725|juP=&yOT;vh zuw~$_`UjEc#SE5V+LT?QL}<#;He2~K)*JmpOAMv%qFu=o+{yhC99$l?N)fChBnxVLCU z`PaQ&ob?wQf=^rjS_+*Tj2(!pl}t^ctFNth7;nt6-D4ld31cE&@3vis1KkG)dh+mf zVgf>yl(LA=tOL}kDSoo*DcA4KH)EGa+O5Lc}INNJ=m*G_Q@1(|s;sRw3EE80H08yp`Yt8b{-|=6ti~JIB=7?L}-mmxc}MV7jX z>b}>-sZCQW{xEHQ5W%ut>A|G_3yeSxvQVr35ekO zF*AmfI~1vw>SPo3Yu^Tr%10KvT{=9`L3skJLwr&w1iWZ*h46e5F!N8B?GoPk2I6eR zW-p*wJA+0>;T=cY_aK7@RM|XHLL_`Dh^jh9b#G&AOvrOuCd(W=qJ>$zwk=ni1&op@ z*_HPLbi7?_|tncc@02OeSQ%Cbu>h zENBC_$GE#lb8Vg4vi7=@7GCw)BB6Xs)rZ7*f)w3SdI?t>)iaStEt``x-8UkLct7M? zD=RN|#0j7dK95k4kaglaf_8w&hP6{AOtUq+54u1fL1#gi{q53VYz`t>L6sv8ABSo5 z{_)P7ZctZ~w9UGgd6#taPq}DV9;yRTUYHmV2i5j3^V-_IW7*)^@dYRzVBI?ljx@Gd zV=sIuIr@BhkpxBH=#0Fek8=8vh@Rp{ORVLMi($6+wzl zF%=XY7@oY~$f6}+MUVK%b5m{X#4(94F~$4wVg2|3yfE)EKECSgHX0o}GWIdxP`I!s z`$kWgwXzq?r}i;UM&uYiSo@!tU=_(gL*GL*bR6PV_`?<82-y61K0lzgi8=029^PHW zq=WtN;WjPiBGgg%B!4#P*&z8xZf%NB^6RdIXv5o%rb(rknG+R{eG{ScTur3td6DeW zmBvwT$?Ry*6AUa!dM#@uK(@AfTd8ZFg6bGu|P6DS??!*jR1 zk)bc_>Dc9kxPlkbw6EqgqHY7qsxqnjE6*m&Yz8^luGfqVUr7w%&S-p~g?MgJ-(lI+ z?wD%MgtC}#>H`utHAp2DB4js1$G}7P>DCpca5&~m%7(@kgHp);1cANU)k;SNOO9OO z_>p0PfEV4Hi#VqSoJYvy@b}KGnDsyZzZ$Gl{K?p;1F%qm49tu~@5Zlk)t8Un1dOMO zi?UjpFb_6<{T%{23R4bKR{j2gv!o93agN>8H~~lH+nlWR<<(T=NwLDLRA=fv%T%py zc@PbS&QeEv+S&$ME0-LMn4L8B!ofTuJ;rjvosz_M9>WU;*xj}7H&|gWmabq22{#yu z^Y|3P*&l^(%es$6o{-gOwKU}cnh>&TG9@F~kDel_5A zHbu_!+$){U(T2=-U{W(~l!)LDLk>9%`*YPCVP(s{uNthC$tV<2{d)Iq+1gJvrWlWF zKg9?i`Yr6vCze0@ds&t@%4h^k)}Y-@#7`ixtnP1Y#2dT+sReN^2;=>bOaGYYj6~F` zKlMFo+m*>c{%8+ci4PyrS}=w1V>ZNqUKi$8yNi;>TmTp}az*|@pPmbhJJFi+JwfFt zwjah-A-61mCF*D<24CuhyEt7+U4*mjitpl{juV$v_u*{?*7f%77tnz7|M-Xs8GnI* zhb2;^LDKCB zy-O_z1;g?*{VwyuQjJCM@e>FbsiY#+C55U;efbT6L?l=wAZ%2H`KIVk);=f;Jp)B< zGg2Fwh}Fx6X~ZpjlGl9whGzWii$^#rE-i+tDnq!0PIGr$2*X9(m^Kz4EY|A>^ptMe zZzK<0f6ejVE!g@4>k3-8$+rg55F}r{%7zkK`VZD7KRwM_8+&BEYE3&jlc96SAg=(~ zD{}Br1(|Y^!>%w2r;o1ICQB)%ne^m1&{&SK5q6(hIM4p3Eaf3;ILjYax2?n2fg}x+#FqW^6Z(#(nrUS$vZp%<@oM?1y!r2oo&M^l44GLmu#(U zkf~kz5}%&g%u9p(>JPg1FOlEvY?V)6*T#oD|JwzDe0Y3dV8;tM@FC6@YnZ9tX?_zd z5}w&lb*8xcs^TNbAjC^;dv=NG2$c53l2{fvFU#1Q>Jg%eTm<$sMu(ELx-bgon|RQS z(RRkke#f2e4D$ZSK6841Ku_gnJWFR|%w^n?K_83Np&b{3&Bw=*YswUn~w z`zj6k-i-kv0!g=??_RC;VB+h}w^pt=_`!YqJtSeYCWp)^8aqe@AFG6w9gEN-MZB~Q zg?nW!iDq6hr+=QsUjRg5AJwqr7KMb<59ki9P4y~OM^?gUuEs0w>bM$rb&A4%Qnpx# z#2Q|R>l$=-a`eUOqqGyH_bY@8Gi+vAOBcii;=+Qu@4`_cV)S?UQPQB=!h$-GkH0?0 zOh87$JEXe{(r^4?!H_74GC{s??yxK;7jhlbSzFEgHZay?Ru^-*V`(_L;hn1QaCt|W z3_-Qht;&so^jp^*R)i~tqGrtHgTl9=bAVNEs(|WEgJ;S;Fkl#5A zL<=GO- zd(Z@eEntkcjN0=xBe4Y!DwK>^YW+ofm?UH93H6hekKMqU{Rj z23e@FMZ{?_g);wLRlse7hf>H@xhjNLVG5Ii!b zF&B;OEytfs_2w_2F&f4s+!h}lZ&&}y9v!W69=`h*ya@!9ZA8Zn92D$}y{Rku1x+8( zE+wiN0s*;smzx0ScQ8LaVqgiha*S_^?@xGyp@U472=(R-xPprc6a5{Z5_LWQeRSt%r|pCJl>Kly_mbDagpCGf4{`cK!uNGD~UN9 zN?Qxfyp{^A1J&X6RXM-KXo$@|$)8?v@^|?pPkC;BEoTX`&m$n7l5r!sns0VyX7&P1 z1J2KWe8A-juZL{PPWRYMpIc^~I!Rr1Oi2fsCFF`w3c=`EF8d9f0X+{HhYEm|GCH5P;~hSF7=0cyD-{jil|A3Rx%vcq|B^1z3U!9? z`VXs`;TT~;^X@<-A_hxMfBGPVBiv!DT)M*FuN`rq7P6huSu>N*is^+7FJ%QV(JEN=nY>OmaU8-%7Yp*m9Jg{0-g`_6GPS!7|+?49rOOWGNjO zh|!-2&QA#kM0DCuJhX0THLfete9Uf)J`1s@OXz#?o!1Lv1M1sn+(ZyDFG*#oH}$Bs z7wF|zBhhgj6^AD^)2V0>hvRSH`7O6c_n_hz#hW+ZP_?E?#w}Iv3;dR=5lqS!P!`)I zsehZyvLFJ$!qdaG$v(p%>Gj!i%ETujA-OR>YB-uBCX(xKB_@&_FPp}&Q`i`lVqw9C zBF7Cu78rez44>|q$O@?xKvBIDn2Ix6pM>Ez{yF^2fxyl!n(+4p>r?kuWSBY|OO4`| zX4XH+`=KoAGRPnX0HxZJs^@=wpWAzYJG#GD$r}ouDeufG>mxTB=!sx|gmZNS-Qa#D zZ!~tgb7wA=fCIE%JnBi(RYdM%%B;F|7^;qG1&r5e8t8WdZ#{M{7m0#pATOnI$ic0d zs@0~~dF^+w;HVzW&rCb_(GBVQgo8J48MxXutmNGjtG8B$ScAVWwzF0&^$4JA4jC&u zK-|5kawOFh5fhA@P1LnpA8`<+U}bH^`0VVTF*M_jAbT|kE;)PU=NgPz$0CD&WT_S* z`pEAl;S%S_zu4L#^Uh#I;B*b=qUc9i-+{QrblGTPkVfo-(Tb)BLkwrFX8c$M3hZcc0qDUct}eg2&Yid|0f!3g@uh>Q7RVky zF8fs8lz!WYX>hJL`Lsd((-QggWHJ0+cq7im@lMD1vgYE-{#U8QXcsyT*(k?66FIm& z83gt?R_x`<+KN(%LN1GV^_GQcKd-oCUp4$5vrO4e)(jnJm6ss=E`8S>uv&W|N_Yo6?)`$oM+EZ| z@XQK`>D}K`>TY~AFzR=!r36r~P}^&1dhhY4= zEOW}-N3i4Qd*4n$Lyb-?NM)RZR3S`t4lYGZg!{Fv-5O=yuloX9=>z}2K#UZJJQ`nk(dkdDsWwB zfb*guJuw~(|05r+e07)9w}iLIA;y=3?cV4bXmEPYnYco6If|D655TpAcb@5NJpQTK zTn2KS;MSNys<|QgvO72u@>N!6cZe0^3tEt?&Sy99>7$Uc*(r`!O(c zhE88B*LQipBjk|pFwvNDz7tzpFDTd85Ch2{j+m0-T>^U#7C0lSjrc{3$|#^(kbN_| zq`+T!^qDBju^N?iALKGILqb4xX3n=`H7xmHf149J#`pP&M*iWNWRA%LYNwT+pv-dU zo*MPA7cCAv##LKil1cD|-PO(N+@1Yy1Qu01kJcm}Zn{S4?9$e(kz-?3P?@Z{Zy<&J zl7inMOB)b13TgPA)CX=tHOdVcl`E^+mp#az%zJwoJx_RAA{eTO z^?>d4Yy<>EZ}IswWn|2^ktl~q2RCQZFJr%|KXn{B!GY+W9V?MQQIzENMjFt6w+|%CWA_Ldh1P&HxJg04W zvyf}^6jemlv|Tr#0lu}LRhvA6L=7wy&KBi4&Zz~^FI6N#uM_QYg?!QyPwV*L3(JLL z($@Y6IZvH3PW?IS8%qEg7@N{{oO=9foqHh|y5oCY+lrQ0<|qbrNQDD)OI3vT#*D%o{Q zP9a)f|9cor3gfun)GK_Agssp{1(1bhu*B7i?zGW`Tg0iHSXss6&7$-Xql2*();V|o z#la2du*F`A<;V1NLV4=9JiI{KoT#{+R|Qs#Mzom^qVX|p#6{_*l0})8>RNHN&Oz&W z6jJvw`ynz`?fpsnbEf`?+d%NpW9z`pn^t??OY$?P+0Je_->w?Y8m>CMQn3%9lEyWP z)!Ta^{X?*AE0MJ+9ReY^@u35sC>`TUGoF9$Y=*R}eD5VP>w@gO9|xGQ4@LP}?p063 zrpIP1OcWLFes3}soFzgr976m3rakukkEY03Imi7AC&f=7&{2CCFlq)MUtev>&w&7b z+Xv-i2H}jiVMkPUFn5}B%@3)2%q@9uiwEj7#f_BPtR77gk+4z2v}{AKxU@{)1YW1b zRVY|Byi=OzS@Cp+N5g@@hcQimw#3<{D#Sjf3LJ8h>?`aD^bl`lwbOQh(_1BqpFt>@ zv)e?9v)%mjtl{*_uH^=qm3I>Em4h@h`h!As2{*NIb9GvuboLlpu&)DurQD<8G0un6 zJlmE+Bi%%=C@+h|l5C8#k|;i&2jzD3%`=8#6$ms_e@w@$g6~8vvAFwY96^XTd2cBZ za}C^+Zp~cLZVlBXrqS0Q#SlQ9CFL*mL>p$g`bQcymDEFL)%XY(>o>`;s6c!48D?@n zo|Og=I8D>pN$Rn0>i~N7Lf(0x5=<+=W0lm9bhu!-o6DDh0D2vDZ207jxO8vveBnTL z7(>W&dL)XWBgTKerKOe*o3Abu=uQtOe5&&0uQ>d)Fz)C#gz^IbWP2YAYlz_Y`i2;4 z(CF)jRdyXFAq8BBA|gbRUT9*OX&1gEe#?!S_orz+E$&eGLiw&&yfp;-+;HTh(}G&l zR>@tIzNX@wZe~qod1lo=uXTL;L{NS8R$E2!^h`#w2`JqmK1zp1bxdA-iEYFV9uo)= z&1JaNyei4~gt|OSn*BhxbIh=p)ae8E{;X5STmEIs4#9zTKkA{@D7tHOrZm88xD{(t zc?ZN_dIK&k4sv3fvp?Lt3XeuSMet_}JEbX}>BnxY!^MW{yMuN^aN$&j_uZgJgt${9 zYQYHeWO1A-vczo7kHHogx?n)$VOqvP`5GU<*SI>Mh8jbY_fsvz)SPYqeWdNg{Jf?28YqSA)%n635 z8AQ?aI{l^Ib%bv`X7VVg7?}*c4;*&LhapiS(F^{xa$KV0myU5@z2uW0to%LwN&duf z92qTJn*HYpXT#+j``}T7l}a&X2*;$xrvFc(BSMe{i*G44h~RAq@`tytV9}Y6O?EMh zdrp1f3Qkpn@9x}yATZE?)3nYi3CNvEJ#SK6@C3`wsCOw=yr?0zv^y~DJOuvt^NhyQ zY`K)>2`pu9jeI1ZZg{0my&;yM_-biQY(s1;wzu=jPK84#5DJDT@cLFFHB9EOk3`!r z@t1XYL)pTD0cN4{9)5TA`TE0HJ-vLf?qni#m#~X*=Xu9lz-2BuMG&Gg<*lwxp3IOkmg?6p zDcmH5aRowPT!X5R&4SeAR;nr0DQV(jv+A_GY*WlKb@C&&i;G<f_AZCnJb7Ev|O$lrAtw z2wqzDA{(*}SQ)B+kp>xp*O#pH2FVQnMEDjoh)Z@|=P{ea#&6cd_uCL#FcH1%;aD7x(PJF-%To~roY((_* zIJ!AT6gtQ;mEhThX&n#tU=JbC)r*UgUu0!-zs$(5)<0o*&CAE)|65zQW;{zDEEk94 zT)w&c>c+tIY?yV!&l25%%un+9;hC|B?f9QOW9ShVT1Zt4(NblShmb_*y=B+`F$txR zFEFH_m3{8N#xmd3$zWD9=Xr$tN9YT}rn9GG!O(QjStW4*j}cLgUV%6owz26O2wV9^ z&rbd(Jnb?PmvH=Y!C&H_vK)`fe(Ka@d9%sxd|mg|y3x=Cy>t)ep724dO-OO#ge`A%@>Us*R$I%-6iCDI;vU)VWNm;_%mI~U zC`$7fza|5s#tnwWLI+dY9vAa#1{Q|8$d!Er5>QgPw&sR2XbQQMH~LaD+F~8kQhX=^+*KH-{Jddm)C`@2D6#a**1In%1O3-4F@Q_ z&>T2W4)Iy}t?X;wkj#)Fu+m00a@(m!{epE~WzA+pYza`pTR^J?z5)bh3pOki}5f12BM(|-ZsAF)7JfFn7PM&WoF z_Li0`A4&XfAN4D;f+tU6RFF^EO7M&^$+Iak)RT=HAxjO*xs;ydoQQ8U0&`oY{lhYUcPW)TUmgC;ir|QPHmphuLM-;y&Ig{^!Dg6x=syDmidb*E~=TLu= zk1X&oe@4?9z2>XNggtPG>t-f@fL@iL+gk5yQ5)-h>T^QadLr{KCoY6en03Ezy|6rP z>ZBf0i1WV-w6zWYFkL(-)kf9oIcLAt3lInSL`T;1DRK6}pb77Uh&|X?q&`4qqM~bj zE17jP26w@xGVi!>l-q!%u>;DGQAxB@!01!2)V+MdJF2(FyA7tlwE!DbM8aWb27WJ! z0V!aZ*gAGW;8DGizN~;`a~*TDd`g$*xXvTT^A{Ek!fJyC7WWv*JKn9A$G*=%S$`iW z2^zv*(-~x~1&hW&W^^zCK(DWAYG{kKvt3EtgzG=UC+&gXp{^-ZhC1BxgTH zxSmzx0S;JhH~)%M$Rr?`2P>>o{Kow5b(XTiI)k^?S;}g?^rdZS!w$gH>~R~}M1-YF zX*&}DGlTj9fIipnK|+d-){zp*l{F2qD-EUORM;Fw^ku%vEAgCkGyV0we?*D zIPGc`@C@Y+Msw{Fs;Cdh9U96yj)?i-RXoY7cq9aYr`|b0JwQt&F7Q?J90E6PmAPa| zQ-Pf+u(ok9?{qlRHT9QyCs5UWo=Hgti&md{nhV6LBi?NT2ZJ+Cx{({dC<_sj98kBS zfcg@B%%bzmQAom*eDK<>Lw2~{GTaDreW^S1TmKBe#~Dxn(@|T??I68?;17SfzvAg1 z29=W_yN`1OIY+2whsU@(gNmgS@={P%Dea_Ishj}$fLF;Yn-`z*X!7i7Y>nIVic|!B zItZ>WfZFbp@&RA)P7$Dz3npyM7S&cwf8S z0aPONUn&C&HvTOTbptg|;cU>f;B3@2IX5cGa>P3nNG?Hh z8VC?&cjn%D#Y$Gt%YCk2$eo^Xdu254+5+$qRA7K>L)k)q1*0+FciKwvtgr8@)c4%$ zpQ)#w-mRIbe}mvhKhMEWpDYVDHB^~ABBoZagyeiZcPV%;zdDKylr5|nfIN$Yht5vx z!1Z{`Yu8y8(4=pGIzlNW&b@*|6ZgdeHuELUlG@VrLp(I@-M%S%u;$<*85$@g;1eZ$ zBv71oV{N=acHmPCAaPTr)@}k;JVPo6qOU`ikr_$sPw%nRUzG(~%XJ6y4t3a!j6K%!0qxz7z72Q@mK!j;1h1Y4*@{#xja!Xq)u+Tf~&1T$hUWLnSzm&G!{lW zLSX)-GEn&-z{rj#*&g9amcM5GYK!qWJ!x!$8e;m>?qh)j|5?Yul2yv7T=xV^2Dw$l zp+i*VzmwjM=aLv-!VVs+kp9XpT*sb|RD`^9;ADzpIf+dMD|Z@>myhOJ@{J#Qa?lIk z0HTLcz4hkkhG@VmhcuHC2q~@u1~Zz%{<*(7VeeI)t{VhlYPSYbPNze$k$pqmL)R~B z`3AV0J-ayfFrjLs%0TYG+r!A*zDD4=i;@*Bw>dYeS+@|P#vEUcfbwhz>nDCt z!nMbany1o=D%oGmOCc7$RyV-^&a5(LNcFubp}>POh~>)zj)3;>5;N5JZVmJ$Htmdf zaALw_+Qs29|BVcPVAK$G&c}|gUBk2;(kXW2-Z1G45b~JR*BStR@(Hl5JRPo-*FXj9 zgG^FtXKjqX5%Xj}f}Q~Gv+kh(NEZ#%WW;Yih&c0t6bk`@Zwvqvu}6JR7`TVgCt<`LSBG4P$&s*1Ful~=W^qlHvSjISWmz{e?~o%{~Y zatsZnq)wRv*b2(lv{}GXbN~j#Cv#4MEzq$^+-(dsk;tR^eIq_$5lXUD`FN_lil4e( zYxB2qF7Q_GrG*1cD_{@y007>CPgB{BvBnX?p+m-Aa&{O==^f=blzg>Xr+3Iu+o0_l zhyz35jO7hzgv;`_6Si{4UHBWo>NX(D|M?nKC9S|}dP%{PZ?pMVXLlTyrlF%9(#|(Q zRI~V{6ppRUIOuDZn$hB&f0T9F~C->m|yH=T`V{+u_Vz=Lw}P)43` zVDVWce9HEN3c2UoCy;?~Rl3^Z5$~CxTBCRKLiU;Gk>ZhROO>;hKwf_oUhS+SbNavQ zUp7z`kCo0F{W+b9SVn=)#uWL)14+NGquNM-Jz5d2;$jC8?6GoXU-Wyl`jJUW|JoCF zcE<{K#n})lTm*$eDPW$Aw>S-l)@H3&BMkJ2~kYCeNzj``Y zgt`B;SS9%ao#|R4Rn0(c#Oo6lTDe^EypGI2A8mmX=m}XTsO2U9)RAzVAi?RRPh2;d zr74AuFEYyZmFL4#tDA%b@&4ox%b&BQx-^oCZ)Cr%EEqH(6;nfM?_7~Hxdkfd0C}?u zb}*>yOsDsnqYCMYWg1osLUDH`RF}BxbtEh1pyQlfl z7D!j)Xd9S|Cn#;dfq!gZ2fB~oRpZaEsLhqR`niKYtLBp>G&=0M3NmqIC$!DL~U3ljU$f0X&D7VpmZ#!V?6o6(g@xiio!oAGRGhYEVPy z>NKvDp=FLh!TJbWOnG*oMMh!YTGP1Mz?V?sx>yHzp%f)|7}_kXX5vy5oGn)yymD|# zkrPQLzvinq8kG?`s*P5<)djd=79dzkb-U1BK&6mudw=6RK9pc4Us^PJRrz+nsD8b4 z0o;RzVuLEvbm)gp;Df|yTvh&htit=x3FnUvwh<$G7pYTucDDx9yI%Lv7^)9+maexd zzP`SYVHGc%A%S%zPU^UKF5;e>!OGfJCOmq)IOO0i2Lkft0N$&ZkhkEukwH4WZnfP0 z4=Vv;|I5`=nF*snPUH!wHo+@X6}9wGxpZ%Nr5(}2Sx`q3@H(F09~U4p!ePLx^CIIx zRBdUlu$l$1ihv#X5Ub`)j6h!~W2A^>yOuYG@*d@fMBH1lKgRQCeMIdG@G=_?mbz~a z{_0Ww8b9e10Yat&rhvwZ?4W<7w_Zuk`5)n>6cg=d@HK)FIl``Z z-M+`LIEOWW+zyn+yz_u)vWxZZ`5)KRn3e9r3JclQEW}=@LDA^l&({^+KpCvW@mc`! zEFoJk{j|2esqN>!orA+Zf>Ez>+gh#++aCrf!tjt(h@o`v>-OgT;Pi@2%>XH~XjFvZ z?^#C9sgT`Y2QJCLTKPA8xtm>IZ2xKPbgunKnQ_tvW2XQIi{CHh5C;yQvKqpqF2{2b zE=C5fe^Y-4 zhO=LB1QHU8Eiyw~e}0SN^lNe;KMetj%MH`Q6IdW9RAdUWqUDb_v(iThkKLuWJGT4O z@0YQH{JP+&GWRi|gloTIfF1g?Dl4qEQ&9ZL{J0uRFgv0EBcYf;B^-Tcs!w@(R=wp* z45#|P@=ER>pVXL?h7lk6SPzhYpho;VYiyAsnbZTZ9^rWOimAY9@rFXu&PHoh z&N~--;Vl8zX4q2)WfbzIQA|(?L8*~BkGZg#Vy&z;5(n>Q+acmnMUY*qb`wuPunz1Y zilwS=i3X4XG8s|qf?qLy9Te3r{uoVat=58R0{}@US&Pe>}27cMf@1lHFUhw5ylLwe!h5}Husl5Iu zka4{BrY>Des-*pRzq%L!Hz3=nrzZe-aYrAu?uxB&~B2;J0 zy_I?LIsM1CrMUtUr-vj6!^K!Cj=;Tro}>znIFkDBIuqDyN_I;=h5k)Pc`iMrWdbg$ zFq7j?NACGAE5JtB2xUn$P;v4rOWJpO5Y`0AXf&d5gHvRhd1g4_GAVoS^+1e>0n%AaLYOYAA6cLqz+nDh4M`RZiZG8 zK~=&W1&q+cO8$TQ``6&$!-6?}rM-B;`S1!e!Eo{)Hgj{_8L2`z0@?8u=B|nmu`K0H`cmzFVDnM_1Oui-IP15@REW3A5K3vC4Zvr>|`YG0}A{A z+sDTcf#Q|9Zz+pE0wpeNTz5P07>~w$>%s?Jrw3KIw8tSkItxCor*Uw&P9VYcKr>7& z0==_#UHE_qEhdls^JnE12FOjguh6eE30P?9mis8yYXx} z!KlA$oJZD}rZfNJ^K@fBP!n$fzF)oyuKB8^3y&xYR1%j?miYNeak83#+WMMgpE{sd z{Me(qau5*Q2|#d>;1q~25?xjDHxZ8ccA0`?7+jnGSPDvKutwc&$IWs9pZmw7dmqdV zQ3RG2glheV@j7^NAQp$Jv~*tRO!UktW=)1l zqXei5P#A}2-#~qCRq8{8b-CTE!16&<$`N>xZ7YZnQ0dKgLYD(JTW>h|8nS!OX&Zks ziy_q)IEZUF&Lwx)uth*?n6+Xs|El}l)`a(QU39Bv|krJ?K=33`^W35cZ8b7=Ux$z>XeBZUq88}Lg zp0*EL1uTuSz2(f>`p|D@H1jWljt`Q9>8)kNNyFSZ1oEFOP64iO=WbxDjl*aX>J;N^ zzkzj5Q-h;cu%r<#1HejO$OptH!_RF1Lh=TqxaWYp%hTRWb-1t_cZSCcfx!9=n5u3G z_6_W-5KHet#VFR6r0IwK3*MJywESy`NWSJ`m=A_Gn~RYkzz*G?r+d2wszfV>+*%7x zlaQ*X>O$v{_KXqZEMs7y3!J}p^w*Ckn7ar_izkY}OOzZ#4(-M!{}zsn;aAV0(;Ey4 zgwcxP_)p($_6-0W#;J2<6~Ue{F$coctYGLS=%`d{>oK;F?swH(7iD7gMqv!S&JtjfA~4MR!_~~8rxZ_DK))YdJtsX*EY|sj+9@as zfGRe5=nUqd#{_M4`g zJ^I!Gc>bgMRsNeS`nNY^x@1?Omy=~h0>VnzK7}Y0C}@sbU$wRp0aL{Pz&AW6>&Xiw zAAx;Bta7Q$WQ)o3Def7|;c@a~wI`dbg*Zvr?69)n^dpTtpfT7JXr8g$7_=yjl06T@ z0*JB2I$E*M+}(l@vIvx5{gdQm;H~g5qbMm<6}v)}i9(g23y}AEn_phlYU6{{Kmw+F zpF*~Tp#Z)=AkZacJX$#8r(|D2=NO9~PcE%oQ_|UCLbPiA+H7m0wK9EN0_*NY1|W+x zX?NX9YY8GCIVFJPkHW#LHoJ)6;4>$!6V~@lO9QL!;ib1nJajKa?u8yWsb4+`blP8l zhMiD`5A>ZdY;~|yZ}k4Zgb~1tqD?WKV&zr;SJ2T6qh_4vo!^SKP7xIq-g7D{v2`m5 ztL3I7YT|>U0>;$6arhp1f)XT)nze^K@;TEcw)(q4hZX3q@$EG_S0*nW)${N|w$AF} z488>-aDr)4Z|*opB*H*SAEIuXAtVrlKnaL=jku-pl(T)au@vm_hfEAT?BwMrXnf=g z%>56Uz6S~K$oGDV`BWt@di12fwpQ*lXoI2uG!U0@{@Q#q88ku`*)A;j_;m*C?N+BP zWSB zO?0&r!nK_AeFF*-B(Cn~!^09#d6lItb-cbWz z95CKcy6D|pg}o?Gh|>pS{+f1(__7T>fj>Jux5)s(n>*-ndzhT{W$XolaH`a{6IH2$ zVOz8d69)9jB3iz!!tsRXx+Zz?sxbP;;>S2XiPl4wpmHC0r8?}oAB>A&%<>u158zcl zri%b?HHr(_J&d=A_5))%_X~+gJ_uox4u(@Dx1F#8lXBOOfg)G&a44!6 zg?3H0wgZfPvDI#*wvE%G<4%>doVjsyP~j%|uxVF;GTixVkcCP7d&Xc3&(UgtJLCE1?)m~#r(6EN>MaDPq7<^{#^?31xW6?7j-cwdNFr%Fw z1RQj#3hx{YuFAmJqV#OZ^lWROSOc)p>KUOXd@G{u!{>oLZ#d%J`S+a7J3Y=&73GUR zmb!O*rF@m;B1F1n2T_`bgo<WF41=QL*?1o68vnEnUf~Sqb zspG7;wBNlbjJ1O6hDik)i>tqd*-yV$ZMiCha zbB-&R3Ve-L4n9i3)FW>bW|N zoE;Vjbln|ID|%Kyh^wEBvDc&1U#jpQzh)3WKAt}Jj9L>D-Gb)0s~t=y2!bx)#w8J1 z{2F+suD22y^L|${tDopX-4He~iDOd^J7^D;-w7NjUot&Adiv;h&px~52cXd#jD9o< z-&kpuNS41Y91p>0xPw^x_Mtf!6z$ty0~Qkr5ipRH5gF>%EOAF;MNyGs_r<<7o3E&7 zA~2F8IiFbFs5)#I{#W;*t`55e+}sG8;}{BKBs>;Wic5f5JH2!5pjdCN9VxCkC<>~~ z#Nvk_(Brs2s3VKu26OHfVlF*WzHICP2N}wz)#J0M&Tm_bQTju{Vd{}0A%*GyIVpEM z`A8Jj<)A=RO>$i-ID7!l036gbE4Sa{4f)#^F$3QnsEA%P%rJ(@fH=`4v6a)}uuQJg zoM(P8umj$LTKw(|27E$L9{iRQG%n#$2vEidr<8sbb_KBtRG_S8xAs)eDve;HeC-k_;l18 zdk6lz_x?VZYd)VxsswfoV9|JZOkgy%5Vlqg61?Cz_^~~+5JE9Zbcx0T-i0eXr)LkL*C9D+R1scS?lPc!`nPOn!yHweiu(h{G%-+3^>t(s>#zIEea)^!GRnnUxoEKflNP0hQT*AZ%HL>3zPrrFY|eK`7Pu^Yn-NR0_eYd82IVZn{H+ z=$WCd2IsgtnI$Oei)!Upx^60I_DWe}(X`$7v_ctvBN?uBEgBeX#rEFY1|WSsI=d1Y zf{r8A0E>xgg1*%TlE=2Di{)nfV-`7P2n)J~chtkp_O3AssXFE(3Oo7kBV1USpkDv# z$?Gej*#xvuhjV#HkLxF_#cXwY@l(H|^AMiF5T&%@KnvchBL@moheyGcLqT+ui<6e% zsi)V67c3SyJU7(@cbJrX!BDqV0!Gs%}cvi9NM{j-_fJGu8 z(kr=>=#KVpJZF&8(nuR+8`0|~A*W2LTfF}BS(*438uVQPEM++In-8uET>s#$OUA&C zVX(r|T8o=fO9B?JSbTi37I2}J_e(gE=ox10zsav;* z^B;o1gIQ=X=JEUQk}}@P?%=e{Dyn_^)~{<5Y}wlUbP)i)L4YL=PpjPbYRa|6yaw`6 zT0)Y7Wnk%d9l0<`H8Ep$dOLHY!;G|igo41$nGNLp5V5pnEnX$u&m4dd%r?}es_46U zaX+!?f3X0TW;%jr2+|e3CX6BqVK^ToiKKgb_?w+dwfuX+?P^!fXvKS|tzZTiUX)hp z8QDel7W|H1;pt=5%Dubq2r-+1PS~}Xb-+SKCj{0EC zk}x~)DD5tdC5!QaKU$lwCS>M6O9_z|g1|2KIW32dj5_`(-5i;Fm@fNJG9z|^9(|s% z?cR`W^QX#4>EimJ#s@OT07c=Xu1$$HKP=ohid?eT^L48q3ieOckAkH$oe)iLOOQ z5a6L`r(cYG1pfIPRmW6;J4WAI&c*dY+;bb3Y^~u}48PlUwD0CZvStdN$VId|9GCKi z)Vo|%QgtmdLD~;-{E#=V-y|g-1j>I7rq6V z!b(pWQDa!uwGnh1y(s?hA#c?keqp#6#PcF=#PBfScY*BdLu)^VR%QqI+QlOCXYD*~ zlER!e7GzX@Z;tfSbu$QlpS!WPB!>c`9RLBFLCEZ)xw8_eTQHHut}=4%Rm??~*qj12@)oFM0stUX12V5uny5JWv;Nyn=gDd^>N z-K%lAjl8#hnr8jUP<*k@A?^k@kher%{EOCx@;pBiwD}yr( zv-?O$Axu1RKg7D22R0EZPdPoW=K5ay;N^h#6rq)uM->?C-C)W*WIHaM+r6kdEu$n^ z=g5!`4a7oMLi|V*t=L#$z4^UvHp)Q;Z>H~}uP`GZk{5tTxGAI@hKt=IdA+R^8HXay z{{_GyLo5T=iGeMXL-1&&I)dHvz=9OaP}@!O3l6kb!wmKJC_>-G<_%Nf@{WSWnxl$X zHy+Q15>K-Tmx{;B>$Rr~4!GaboxlWrw<~+rB5--ILzbdIi`f5viH#QuoVAIM0bWP@ zRF-``__DITq}Q5m3_8dvi&B8z-^_d3{POV?Xek}Pm{>F_RQZggG7GER>Ym+XsO5j} z5lOhL8K0gEt#Y+1;BE=GjEYwZGF}@DMH6MnacLwpHytW5*#I95Z;|<2V?=)j|I-2f zzxTB*|9D$F5k{<&KCFS6TogK5Zszx4TtB++0yiDP$#Vlex&@T#rdRNXjS^UFPsN0U zg@SItbvE2fIw}aTuyo}2vmz(^xkOBhD}lt2AVRgu$(*|jjk&Wif>~Ac7wcb0FA)3v zFA``F6oBJe)R~!%7KXw@AhK1tP=l~;m8H>Qo3H$rJ(hnu3wLgi8k@n>5;HqM8#QTk z(Y2kPVa3oZ5+3a%8PayuqL)>e!$aLaaCNU(K%zOoYagJ@hzG zOSt}`cWe1fR8VT^dmps+Mm4o<(ZKbo*BCQz8p~RYSXtJ?9i=ekLG( z6j&kEB)?Y&qm<;dve<_CbxdL|zY@5bK-UIE`zEvCJ#puMDf}E-6}Waw=Eu2XhzLwQ zg>H|;+az7O&ai)-w`;rUHQWdzi`a_8Gw^%H=InEz;4n9v<&>VG2Vl`yy@$J3lxlQy z+ii~sc9IauoO?(1j~j&gIe#JxCRE*LnEi=I?WKl%-SLFhx^qLFMv?A`x;!@ZU%%#_ZsdY?E#b)x=*GzHusao1{zvqTC|0k&QRD| zw18l5;yxxny2Vi$A!})_@Z@nx_r4fUu(DHlkWNy(CHgmdt2DjZ(qV@Dr#tc)$(AGB z;*VGEJjn=t3&b}Nund_WHcg*XS(I9TI~O>q#=lg7ZhM9@?t1{_qYSAR$B~8*j^Bg0 zyE%v8_yOq@7ssg*Vd5Pe**Uf zvlO2naCM)!ZZ7E9kiJ&?_B@xpUh?_$APr*#0VVF0 zkk>J0n0>87HzotRlndXGI9z$Qds0Bzu~L*%0_A2@d{e!`Nr#{T2*uO5jUOsmTz}qQ z+W&tD!vl~x7BAoPYA_n$2nbfT<#2~WU_YnX)x6>fPyyxh2(XEl01I4GUh*OsFZxF> zBG#l-e=3Kdsf8G;SPWoCpr`$k_U%DOxk0=s4OmkIubln`!{W~@PDke5-+I=n7~tYH z8_ndg`WKe+oE{ziQvS{NUFTkJutN4?%yn=h4eoERs{p?b-E|9Pu&vvBtl!6kjC@HNm8d!KO*WE_vI5#RWbq$0j6C zHFWk^Se^bd2e6g&MXyuGrDNjf!r9gDzdQLeTIs;Z z6fi1nK3a}PLl@^1z&EjKtG&)&AMt%P04=V+o*^D_#)t8M4|{1dj6B>qcMeS!t9*Ii zKIWe0^Yzjr@%Np`wetq#GwCu0XHz-7w6Um<7Vula2tcU$>i8lY&S+d1R>) z<@Y)%hw;DD5#WJq#^j8^Z0+*%{|o#%2o$U}{uvtf1$s>K#zpW(;I66Zi2Xojsn>Al zfVK*I{a-YYZ~_4T2N3x{nUnNPml=TQNC2DO?s{35jY5{PgyJb*uVz~JmDF28FPueY zSYN^4ra8}f@Ax_T#1LV@_DljrKbWRkB5JsRK`MxofP=0@gTOWXwAA3Di$W7h1ex

!**^&R743&Qkb~+hyySrS zH4IU=(G8B3gzyYHX;vTX6$21wMKa`Hp15N1`9R|$h8O`}tacN~Rl{RNZvqcVsbeH& zI>rt&fAvu;hE?NFk!$@z!(~@&gU(VopfL;@q{)GEY-4*0V;u{RBHu^>yPSt>3si5O zTs@B_ivzeEfAk)7xa`Ku4v%EQWmOnrsb{m7NGB%~3F;d-3p zS&m;AT~2Q$y<)&&HyUC(mq+13oG@F!*J#XCR)$0BKyBrpUGK4h1QHvH&`U#HC;gnYx z#@QS3fXR*0*HZ7C=Ya6?i(N;!p?O_h)Ya#|Sb1(#emSt>?)fqLY#8s}k#q2uF}a8W zd2u~S;Do)Bgje0s%TWrBGPJ*ep#&_W#WGyRqd`=i8-0J^8?c-P?v>Z-KlIPenczN0fvY2weoV2R0Nk>D4||H1yocp(F7AQU(IoKpt2k(zI0Q{rO9LJ1 zGw8pAM2!|UB1Uw|bj!d7U)KoaaeVRgb1s7tM21!tzDvjY03L=uGH4|?h(D=O)I`;* zOXN%NVmwd;VG2R#%%cA%j?T&stui5l+`6tCBl2~WMGU`MO@9e;)_CYlu)#qGF=9ohU=U`nv6gyReU}&^@OA79Z)PIMadj>x z7-fQC!+g(I{;0^)f&h^YST0NQpG(ICgb??{zf0Ni@%*LhDQ2~6-9MiQR{Rid#mblT z(0iEisTkXn8E2Vt#p^fSa!;h|K*;bFi^#hVYIbZ_jd){^T#wT_1>gw|CecMdFS(jA9urb{ndZ}zjLG;bufYv`wqwub?1AxZ-sx)$ zVol_kI5&?O{x5b#*8p+1c=4+z@1k{cx&0&EK=D#ycV~dSE0;O?bp}-y_Ga`40Dj>s zSO1xSxJXdBqYd=mA4|6XwsPf|_fDVf0s1_6`7G)guN+HGQI_SE!i0gGX>aa@wf7Y; zYF2cD-%1{O7c9?1_5ssuSZL@#%FyUOgleUeQ^XGeU}U&@N2Y9ite_0g{*UMOs+;OkNF$l7q?@= zKgQ{takwlnw|@Qn+R1ftxP;zh&~w>;#Cg zElR+y_GZSW=~8Z<%GR-Ljvm0VJ0r3Il#3}KMOgCq!xQQk)~Hzhw6333U*j|zdB^pM z2z(Wse(wP19Kkto`Z*dWy*D30OYF6QvJA}9Wbu>#?=K3u0pi9OC*n((9HVERKTBEQ zD=dW`Z{hP??S|O|)=-cKnE!8BY$k}LzX#rL%-W$N(_eL|yRtSW$|CN*k{A{bpUGA# z$r+jsE(?HmgZ$z>#*3q(-tgjtMs5Yj)<1dl(J**!Nd~JF_ypA#flqLZ_GY@w(Bj3!e?-Y@imfd#Y>h0>kT$e(Hrh zn~+zkAsuHBA^I*V{FP19`iFi#6jJ-&T;wVHMR8Ssui7pPa^f?S(WWD zhtIo^I$iA6d|CDyPAQoL5g-e3XtQd3-E1bQD0$m~wBnO~<$T%VMc-xM2A_c(0>Jwi zXkpinuZNdG2Jt3M`+Z-L!rxR5b34rHEj?{3F#_c1XqaZg^#+im$Uk;%ZOx$Vx`iSc zYy_srcM3f#LPLPkm(^Vc&yU$)IT0RI^AZdfL(ABF;#!IUi;l?RMT4aLf3`XwJtZ%I)<-Oc?*!U)h(K_3kHFl9rYqjUu*_;Q(Tf**U!03Y zysn~*HT+LN1H&09`P#mPIosx}sPWrdy!d%p;Y4VhrWN6LfJ`v1ei}PDy9`nm9NRN! z2J9>`C%f(iPG2XoS1sBsK<#ulO4(e$3{Xv&e&Unb)*+ZYP|aF^dxH;0JtI~$%AT(yb?ntmE~mE;8A^B5b{t-W8AoiiJD zjFL?ExxJ$)iUUGjt^$jv{2JD8Hn_vjs?Q-09reFkP=Y8TauK))9x+kT`7T{&lE?)> zB2R>kBu_{r8D1T-rBVC^jPha2^C#63_!dQAyTA{Q&(c)5hVu$M=ase^u1WH^`JT_w zzWPWk9v>6JPo!rFLeR<(O;PlW_#{LCC1pQ|H`#yEspZP4VB2a(7c+!cK&OXI(1ZZ< znB37S=?*T%u#1A^Fn0|%4RbfPfg;@*9CHrx1eNgFxEX)$1nNlmdqp3og$Zqy!HQ0S zxyt^8@`u7ztf-g#ijfqPgL+9H!Nict{d!i)mRtE#TZcfsonn5=X+d4So509_A9fG^w=1;)d!nQw-W08jtR zl2l+gp2)jDKf!%brb#hl=!t1ELcse`H8DIKSg=mEAO>rBWg)N@*#TbFNkMNF~FOobv zHU@?_LZNCmO^*#kG*#SaUd2o@p+1ZCPZ2%xAOz9Vz1I;9%DN4UEoG35Yd~au=E2_x z03r)Fi}JIZca)b*%kLAeIj!MXQRevg_ayFP+*t()xAb4$o7gi~sYa$zuD8i}M@Q#5 zDM_-wayW-}fblzMmnXjy3jmvct?R5bF#<*47HZ;u0xPOm(G5b`RcwQ%>m7nOALEa5 zw2-*Ad+%TXVBG_e?7so9)jW9J7qi{Ur6kCMlk}&P<QNj|uVaw&EDR!;qBtxnEmGKUZA1D{% zA!YtskjW4H=y|42BS2%&ft(O0AW5UvFl0$m6s$oZglKJY5R0$hDuOXh9+;cikYjW6 zN(-URmT}70{*qhKQt+WOpAInP&tDkHf+tUxCG2Kh66@+5(k%?~Jg#;l52o*mO=gh- zrktHjDj@*c#s`ZZs}mJoaUOoOKBiVm!^nB#EJXJLM8Dj-6z_g~c20pX2wv{5sfhhZ zvr&jfMcrX@NxYVTBbTR2JMHuUVL;}trniGCdd2>i;yt$BQKCsL_s)V_hZw;9T{*?* z1nyAb_AQ(}>-vWoQ$PPvbKMK74@!@FI?M*d_MVya>uO*q<5XJ58yOQ?L<%anb|^vw zF(%GPOM}aVK>&t92jdT}!7Tcuuw%0b7t8`stzoGgMGPuHM!3IU z4^vDAL~2+Jh?I>O#fEZtO%#9)H=C)FMvyV*IoT6VtKffG5#;MZhULYd|A=>)5tiDq zM0(dd`ttaf^@Xw&{!}MPy9^*iin4CI`X~U%LkAY(<|gqSX8Mr6F;Q4N1*7j7&LlwN z3}93h`dObuy=g!+2xJBY_iFhw{C@WtyBgiUp2E)db~=UO)7X~kIgfKdfMcAy^FyqB zZ48fc(B_c_aw{@by11Lo(PJQPd}6!H0&st zCw?%V95395ZfZKW7NrX8jx$Qg}ll}z-ZN?i{e*Y*1Uv^yo%W_1GcrqQ`EA?qsXv*NUAy(80!YH4 zvO-%@ejo|k)Qb%1zsbPl$Ei+^EluRUa8e8K=XBI7h%$g6lxgN?d!z(&HRJ4ZbBwFKnZOjM1aPHYet}Q5QVN|X?6FYDrAY}KqR{j{J zdd!}*wfQPG@q{L^G2&mXfG6cC0r)7Yh>Rj6mwJYgo z(aUlA;ZDwZ`OBr(}J{0pB5%rIg=noemt(J|aX*7-95%_l+}gDI;rV23)Y z6u&G++VBL)gShANZS=e|HK-MsaSkn~J^4HjO!Nk3v;2d9)G2x2XY0S5j^w{v#=ky0 zq7E`9l5YYnHb$?Ai$8P}_9Z=k9bk;WFJKH6J!`8%J5Vc>;oG`Y*Fk83Qz688=51}H z;5PI2ah(&2hGRgsrW^7Fb^^jtNS55V&Lo&HiP7M6D|J zr-`|ia8-2?(65|ctE;L}m6erdqnypv>4Zk)c&)vt3?w9&=n5v3sc(F;R;INO22nW| z3Dui8eV2f8I3#)RD2QR>Nj~GRH^V}g0wJ)RXID=$U?{RA$5m44oz*f)@@tk=7w^oL zjRu1*v|SY^r>OUL3=)k8evE`K`0Duvl0|k<&;b&UOxoW03gZuRABhaGQZ#OgIIf&I zLEI7hgD^Po*t}`=k3SZL00gZkc(>3P)kKgzu-njz=vFTZz0rK7Tl4%^1)URPPwwFa;<04E~0;@llFe&Mugo)@z1 zR7*;+zqorN;LTaodJb|OB(#Vx8`7T=#c)9grtFm2n4h4E82$*m2AfOH@b-Fe6s6{L ztOXL?vke7KrVVfmoAtv+K*zV9&(*Wst8<=hC zBmzNYZ0hL|5~3P1P{RVW6gzVp#}F43sr>=+|5{hVYQVbk35%=$!?WlFR$1`ZQTS%7 z`_ai4Ks4BaCGFlWfN)p$)znz>YfGw>MenFx2?O*qsp~l^!B3AXa#9bA0-RUo#PO3c zAhLQffTNHNx)*u3imti48u>%XKvmV|GRs7lpifNHF43gPnFr5UU?Gd{!Pn4PxHDeDjpp)Km5B76`82{p9Zv zqOJP2G#X@((_AyU?hUP>N(IRUcna`8q@2mEIVIq@C^mx0QxC0YI0Y+MI8o=|O2Tpc@z_!SgG@YAO zR*^T~3LjLwCK`=(*xEG?$AFbGzPJ7{5((Iy{Z_%udg(!RuC6o>>03Ye7@C2;TbP`-V z@x1?fGI#{|yU`^UN`e0}9Z}!hiJ_@!YB^9x6pj+0>!5o!07N=UIhc=O8d3 zKDw^mTs$Q{&UunTR0qDl9gcETCpff48>0%ac#i6f2JxDRPJPK~iS~EN=%K=)ae;&n zeNTI}Hi2pAlg()O5dIk;m9@f(rACG*wC7g!XJ+X$%0E#EM+5@`a$j>i9SXz8)iNbx zu($lRj4Lwd2Ht)9_GsMbNFro3*S6@g#jiPxi6>`10tKkBtsldEv~>z}Z$-qocC_0r zO&O1mjo_!j5)^4<4abcRB!WuzIi4z)IrOBjHX$~;7H8D}5eUN;ib4-`X< zXVPe6m>A{dANw?9nBMmA?lVrhQOC^5t?tUH*agaSHQ82$Y;PQlF%9^b1E6S8*XqnU6WOn_oR=>u{K4Dt) zYZ}W@2R?_E0`f|4XFpIZZ8<v1 z8<|O7i!Zmy`gp-9_BFw>mq++{D5|s!)aikG86J6Uen1xA1Z0Cx9r7=v`Qm_mHS>#4 zTVBD~^8)rNQa$tCKDhhbBcH`Eo1^YO00HxLOPbh+@Fa-NC0=fP9#s4#iNN9ok{qge z=GngiTh|K-#h#K{@B#?^P`=~(h{uM*PQYjHXb4k-o(19ZQ}|n}5X}*t?f)R)=vSKG z;6c1Bn=YQZh8KzeIu`5}%3%FnX4fem6BQFpRcdm(uA6T$Fdm_Y>&SvwdwrAKF6%Hw zfU`09{ml3v7OyUlD675i@J>-8Rxw;?WHcFI7>&C3;-_wI^|&%?X}MZMInacSNb=~U zCbeuU>5w!_ql)2?kKy~+l9tVKcE*u_189uv35K+%xH9^B&VpXnNAr7Ex}Hu;Q-Cr9 zPA`7US9FLQXxV@Ry+J}SvE{KfRD<61OyB;TCp+ML9HM)jr&Wupr%+YFV~m@VA}nm& zd?LD)=Av@bdZ1P22ExaK2<$tlczpq*9u5u#dc@D2I}ox1%h9ENk-9*%6eCiY>SOh=?>pSzWb7TAQ_)Ur{=fL64ppBx z-y#1e!zv&D@=ZONDaQdUJze4D%aV27RsC-=QygH-No#StcdRJ$@=!xTV@bp5WUES@ zrc=hizh(hw)&nM{8@9=b$Q_~qm7j{@;yxs%975gQ-6}cA<$BS{SeBmt-Bl(gnA~F% zpY(JyB~9&YTuRnrPcJG!CZ2b3ZHwDPox;sVu%VIK$NuWE;MGbDsO)z^o4 zD2j@Dt?NT%4PU4D*FX)&r|Jd@N(h9gtiarZ2%g@I#PTQ8$=RcK)a&2oy8T!N?P`CB z;`C26gjVA$e~|g@cAHBI{pwsthXM&1nWks*mk$aH{O>XY(ML)uhY+OAs6j^6O11EUD#MmesaE)IZ6M^`1p8N znj*u^n>T^$>>r$mEAgYA1uf;^rAokxa!tnsB7#g7~ ze^^KbhikN;o`T!R-jt)7es#1$;#a;&?;T3sNTa}>YVS|93B)8Mupg<6s{*iSpTqok zHjb8@wmHny%uGpFH3OGymgSA7YpF@oJF07a%*_MMX*Sa>Ds8uzn9{!!+Fx?t^j%!i z-~ltxUPo10Pd~G}G4!)LIJojm#=`=2q$wUD95g3bwzBh_D!Z$!qM}hv4|43-cVR;= zZ3D3S-5Mt)r2ty#)LR|ik;R8!Gr%mTs+zGqaIL#XrE!;Xh)z&k@!@87{D{eHUv2`4 zEr%zAZd?5><@}DxQndNY79<+OHyLwv^Tq#1Bo+c@FwMBK`Ny$!!}JKN@1hu#Pm}A{OA|19GX%XHH2&-uxvnjKuDrZ#dg>egZTWMWJ5kNwY@_ zsWFuWc(FX2PG3ri0^9G85aDkja$JZg@; z_XrHSk&~441L(M(;_qOCV<-hZQogG#^^)UirFxb00cSI$5g?tH_DBeXg23hJ z?&(R7j~52?r~%^M<^y(J{9dg5cXbE}-+yNH-$Ff%EN)kCZ(4e~DA}wjx04nAFqiAQ z4CehyL%>Pv|4X+Hd80z{&N z$Vo$kB%NJ?dxyNnT>( zN}En(XNp}ZB6>g9xZ(wrjEVm)w7uQ>NoG*mA%(j@xVggs2`D*fFbuz}d6bl5r($TB zTo9s|BL;=y@Df^#N1cfNQyLxI>nVq-yf5HgJ$4{HQc$0|z3mhu=&Z7}wdJ%C=xY_y zUr;|kg6d_%qS2#9%kvNEZ?5-_UMw^5?&#``&<;-7f=-}kGcGDo<7@}=mH;powz-31U@Pm2uh=xDM`S(O^jEw+BrNzoWGabfCLhbPmHQml)n&cb*!h>=7>nBp}U&jLVQ!xl(hh%&VF+7F`&I&P{ zreC$$UNebl5`-P>4@#tGFU9x$zEKwX=*WwO5u~OvDnEPeBYy|$K# zpMPNBd;Ko@_*XMHGOf2ay*zzP4OAt2s+rXOQBHq-w&w=$kW7QGwf;fBD#0?PjH-r) zDMqvoXqL98Y>?Lyl@NdM;OT1=l_6+6x3~F~KgRXO>kQk@alh(LkifTF9O@tV4n#ha zo7mRsI_f`Y-G;JADX@4mq)JbQ3JLnXuOh7g*%1jxTvXlkSQv3HF z2{q6$6bw3sP|tK-PFeYLX(Ur~nSJrYON*al1)Z5#SzACyA!RhgS}A520tF%B(Fh^s z74N8lm8s>k-E=H;fOp0C8~>8SyPty<$la~go<$jV7xS>7X=0}9X$gsN3Vrm$#EWn$ z#;mfA#+Lw#`clgl#<@?WtlFh&65SZUgBHMu26ZOedr$BG&Be#UlAt&eXtoUOmFW{S zfReMwrIFB(kOXt*VD&N{@w(bu{QOyA30CAN+;~u8n3^&vD=M2TjB`EJOLp2^g#G^Q zC@vv^`HYOA3_W^(r+_;>GppbusGXVrO|NiPS=%|#QwdVX&2}kf$53H;d01{HfBnia zIXQ{k5}&hW-^m{*3b|>A^)2Aypz91(~BH``ek4cuk}=b>o3Aa1BGwIa!}NOgTvd|a6f^yrrI$$I5?rMv=UWr z8|TF(>VUu;X}rCLV!Gmo@yY3;KxJ-^$4qpmNceJaa1fIj*(3c6MWK}Z`9e+C7Ez8z zZ+SA;AIb2CZc#`>mGPClP&dIjM*Fwxa=N;f7}3z!dufwqn==*4Wh7*AiEkd+!?Eg| z*irRk1je4Fr5ei0p{BKcm605!McW$-8Q$LL-~aiCYhk==gsVTm4k}M}5W;E>p^?%FBO_j;7dKDNyFOPETENCo~&r zZKvKFEX8ic;B|*>rL~omLUrr9e3%g+tJ<3i`jRzxzR6^{yP6Q3kkMaE{9kju?=hSV zw71<>varZ<+h{8D3-FVFuH_ZekVtw6s}M#yQ=_t~CM>&|IvYrgq?8oq`}arqlUZqL zzYK$m=@6*MW}ladU*MBE5g}dtLp$a#d2tAcCk@J7ynMUn*j)sjtJ3g#3R$CXU@;F> zkH4k4+;gojvZM|goTrub^OqYyjvQ+y}6YA&p!`PB9()qW1u=s@Op|Iuuy!Xl9})Ff0#Ve zJ^*C?9E8{Fdm6>SREa}YK%k@P!qWhK(IeJ6G|3C5A7zab$$&huYTZA)>n)Os>Mz5B z;+W*LU0wa_-M3^n=Umj2_LmebeX|%J>uRt|<^Oe=`PAZKUU6~p{`-foit4lm z_CmO>fzuiNDZsk9gR(I5l>T(m+LN$XM*(vK7~iu$>qEBV!c`bIrQePd3HT=dY_f=1 zpV`YZuqXPZt=wJUw7S>q4fWY$rW`mK6r_`jeF6E94Sx3jk5GgGpIGH~(1PoT*u#X>^ zcz9H+c2_x+m3o-&-oG^y7<{EmY}C~;h$+J~Q@C?%!ibof9QHP08#!=GY`v3Vv@18- zB?B+zLUgRFxeqjkRYBS|bbDha-OHwj;iMLzdXIz4^pPy{&$S^lW-kkuBy3iL$N|2` zRr{m(v&bsf_&|YR?}GdE67UR&*tU^rO90_Do^n}SFP5^rg6G|=3j!_;Y?0}H3ZNT( z_Oqr$y2H|lq>M}f1Xz>pC~eM@ov9MYHe|bG`~89S?HFA)H2goF$uYGZNnhbdKnVJT zM%AB~6M>LQ4@GP1Txi^VSe#&<(mEL}33)g{mwf^)-I_o3aK?`}SbOsh{>qM7`QKek zZc&Em+EyYrrLUwU=8FnBJITw)AhQG0ZH;DEOS^Tcx>Gp{ zZ^q}Q*+4~xqOw5=f2xXZiB0s^uV1@hnmo)1Vj?2_Mh`_$uDH1rlV$u(CUzfcjB;rH zl7EN4GN57>`CsT4-^l#YPLW=l+_`&P3V|9j28wcWla6$V;Pi77MEA|Q#|H%e@=Jj`YN zOlX+PEU`3+UUTeq%#N%vl3@_0ozt}bJKVCplCH#QC&8R$c6-Ca~FAWOt45m%mUu$Oa z1IHQe?iuIiUg>0zc=yt?%1MS;^{0DF2kYxEuXV6ZbP5T$NXqW+!|Y`=6qP>@%$f?8 z>O}*s3>=FrV2zkzGOTWzzQ&^*xVOlrYuxvKu?{4NSMyYz5P)12WXx+umjH`OHtPLF zp(n;44S^^smidn%)A7SvrFgI*l+@Jv2&|m8&Bf~?6a2=#29|m5J5)%kO}8Jc&KrqJ zgh%#yTT8>}y+a)e)%afeMBYoT;Q+rwS(u)01pHzsJxmdeKTijIKRQ^1mfZMAckL!^d`G&|RAu6i&fO?4_|jA7Mz z%2;-_vnL}tS%F(Q%xP^=_B<3D8@mvf7gYnLq$yFH2AgZ#JNupVP~}G(nnX+|Z5gkz zy_pfu?3o@1_;*iKIeu1tN*|yvde_})JtUbuxc@P--re;P=GWD=)lrth+B*_td%LeU zXQZoNGB-Wj=Is4V==vL8vMn#$?Wy30Zb5OOy%86d zeJg)b*PJAiPp!lEWjGn|dhp%$@tIwKw(2$6eN(yJA{$#Isy^lSHpq0lU~6jjmo*;V17uimfoZ4b-Sz=N#Dn5Ana29&v&jts=JP@E)NV+ggu*op9C$fi=)6=i*&5Y`n&j#HBZ-;4SuURH$ zC%cenMvtFsZ>&-LT+x3^+A38y+hU+{)6su4I4CIJUg;Ocm8M13VE30<+nck7lvSH6 z+pZcFTf&d*tvGxHT{bUj^B8=xyFJsx$9$9ZbEAnBK&QmXu@;b^VojVY4wm=!f&-I*DrLR-Qzc-8*bMJ7jdK`}Slb6SHMsMZMO+ zZu4L_U4_5$Y7(nrcG{rUlv*)1-S#Z7khq=;v zxQQ~QLqi#XDJ^tRQR;VWGW!7x4$SZB@HdcHKRN_b#;Z)FwfoQ>~S&Z4?m+zxGEDoU|EMuQ|oC zf6cDk^C4d!X^3&Mt{-UZp&%zpN}nAdb>HtJv+Rh!k5u{bL+fCxH7=xNY4Bj9H#yc9 zzo`Si($;^2y1Bv>Zt^pp%4wI`2F5QfSc#etGoYSSdB;P~?I1aVZXI5pwk>q9rJ=|s z;%ah*0xcY;DS}S{za?rrVo`(03M}>3U@_Z(75b*8f7PN?%3vG5|4`6rO|CafJM7)N z_?elR9Q5eJ!r&^f!?nN=qvZdINJgUyT}+rCR-BNz0Lq=r&sR!;#&l%I?g*2F75D|p z;yA&?whd;=@JFBd_>AaQNWBh@QBimrU5huDutK*zlT_4$1VTEK9}N59*c@>hzA|jn zcmp16GmM$y8%?ajrkIePqpZ|75R{WO89wouS6yD`Tg%bFk16xMM|zG~Z@D#zY=yY36O zibvzT&U*Jwma<_HF$mTA2TlIetlHnD>?EcpOQ7B#$LPKrd0{UJWKy&k-+k<8-(HN= z1;qoVoo=uJTln?@&{-z6-qjrL2V7Ndzx~Ogyy9U=Y3Yp0($d~kkpc>W&KpV^8j%IB z6nP;~P;J9WaD4?qi_vnV9wE)Jck|7wZ#&tgCB9Lt~@eub+?i_9w#{ z1f6wO-cpKnBy7FjV{3^^1D<3iL2!w*<8<>TkJ&4UW&CM^-GR9xm#wg2XS;l|CFf>4 zk&)Q1EOu;&1!?i`PyDM6@mnTt!!IWsBdABaV<(VJc_aqYVIMDNZ{@vC1%B~tN0L8C zgl5vs($dn3+CLc1*3nAat{wj6=6E2@Jl}Ab4f!h+dBi`(phPl+Ts18ASi#aHqC8_| z<**=Xp{($cfmD#5C64R6m1y@VVU(lPPGx25S8@)N28Z1TBLlYCD}|2L?Ocp0%>2wj}qNndH0zpHGOm2cv}usTiu#-JxHzg$xMd(x8vQ-9`7T0IA}Rqd#l zG2oYJBt^zVNwmE(9qCl7|~z8d=b5DWl9JZ zHzw0I*;{M3@Bh;z=opU>}o|9Jm-zvqv0=FE8R=en=^y03j1**ZY+;&F~S zGP?lokcR4}QBn%T#OWX4bCh^%bw^!GOA8J(Jw09LZhP$F8_ISjac9$ZN(QVCwKDI_ z_G--G=Q)O{Iqeny3zNr1A`fz-I2`=Mu%m*|aRHeJe2EDl-U;Hin``0-0NdH}3TDA# zaT>@m5ylSKih{nn@Z-^O>Ih}$COfohLgE!=b))QJ+nysj&!4k1F_j(_+;J-&r8@|; zS}-fI@lC~vBLW*m0Z=nkLfAS1*vLp!d9>oLjR1miLcuO@6_sFEnBeDes?@gXLalOE zmY!Ta_FwLHy-W#7mG>wl%jBxcft0?`2M-8m>d3B@j&dOtZ0qO%wxm?04?~Ca)GDUbYU>Q-Sg*Q_ z%$5F)Qol*y(^XPPtY&gB7@AMUM;2|J@Xx%mcG!8&*jhl;_t4#mtBi~%FP=_hl)U#v z;AVQ`nOFgi8X;)~=c9is5#2mPB5BVx`I%1Q2+`@-qp$r)njJD$Y>K$*Q3sE%&6;cP`aq01?sa})a8V5CfNTHby zppE{DEVZ-~wpnnIN43Jfw8Q-rlT?8G`3Y)N$ZcqZ-t=TjlUj{g*w8! zDjnmMHW%$f8Irp>+4Np(SGVaq%d6LTy`zPhRnTfRJA)!D!eIrw{$m{xdpp9h>eGah zYG2pS6(#~Zcag{iv(qQrM>B1AT7rKf@q>r?xxmfk`U>WXX}O9QVcQtj@fcK&uA=hV zmAKf)zh*C3-j6DFzT3*BetOHZi&x6{njnAYlUK|3s0dMi^g^40l2RLH3gZ`hg~8N* zB^+ZmPQistx?zxJq!s@8fN-7`8019YB<>3Xgv7#SMRrE@p&l_>$f=(;58=^;*}J!p z*@)84$%RrBZLNB^)kjV@m8Mz_|3mcjl4-+;|KIqgunw;%J-Gyfh#{i{d&EYzbNN74zr9?<{$ z^0;0a3?LN(cfWjV4$VM;6B06Zn%{^|O!eyS)({H)A@S=mLDyJ76x!J4PKR2S^zyg2 zwTo8T4TXvl;^N|%djpcd)CO{xn?BEY6YP3OhWLqtlD)6xW(}5nE_W?+Hpk z84<#U#1j=Thd~}xR6~$RFuo)H5jhk<64oEO`Bcqm3f|PJcq+SSbIg?gHgvxviVsq8 zX`ED|lrx*qP%Zm<;ed9yRr}qvxT&s8-I2-VxM$?SE-h43D)frX=MwUT_Wo0fYBS*f#PrGAzlw7ph&Hb#(H!ukUI8;j##xG5+@bTd= zv7B#>XLDP|^3S%PB>(}KkVOg&cDx)Tw*y8wi*J5nYI-_1@N;WzE@Qa0D?IZ?U8%Jf z1A;NXraoyv>)dxFu1=7v#>g?fJ>ljgmalP~{)Ql#;L2=Y!KeWWiBxLb?`zJ0)tJ~8~ zp(iuQ7tT#p9|FKObOl+@^C3>dncD3ht_KcRxSe8ZHieHFpngrp2ms@yh$Bb^Q$*u6 z=`!c6b<_`p{%3p{wB?dT@bU=Ko#T;+AOSpTQHB^sMn;xyiD|aQW7o91J%!9FnJB=2 z^HY<4_!m6|Os4UiYi+jW?L(_xMb^F7-X=G3LEOPkHN|U3gp@Nv2ao_F8A4YdePx8m;1gg|y||#D;qZjaX23-` zrV1fMMop3UabWyfLj4ReVxsnUlG7__(%T;!O5$p9~WRQs1F;= zDy5n#L+13vPchcs`zIy-J{Q-EVDJq4_vlBbf8U7vkBNhQ;Zy!$e!eZ!U75olka$Y2 zqE%-_r4=_IvJ_M{ni3d)lfzlpxVVaVO_U%FEv?oP*}IBQDeVTN0xOsnT`*3Q7xh0DikSG-D6SuZhZI}>` zhNG3i_DWYr%;(Q+AS<&4e(NH8!P?st&@F^mlB+R5<9zocG_U<~yeBtO4Ttekw|Ib??)X&LOBkh&(eov6=v74$ z7OfpzUYoJ9OwmI8^xT)l(pS2LF|AR%8wBS5J%JYkB+&yTan0pA9aqnk zpUpM8Ll7cMZ3szfH)MBc8WkzQGSUjz2OwKa2gozgZckR>Ht8?49qvmacq2=x$#o25?@y{E~Tx zyNoh73XcSk3Ns^xbY8-aQFD4CiUdShin*`$JDWUrhbt%qzYPON=bcDjjaawNfZK`k zSN}N#8hhTdVJLQH*?~So&Cqp%fr{)zp|D0GTAA zM=6bE+CP#ChFi26pC3r1Cw%pwnPI27zRv7kJvLu(qywsvV~U!Zkr5*SYU;VR3qzkW zpO_VL+dbT#!Ukg!V8P1fDEOU4h5?R?e)I6fxe;A1a7Ft zl2=EgT3>F8T$PERu1S1zCGovRk$pLhVe*GVp?(tZMJ09hB7j!0O@~l?kP95=RrfFX z@C&07Yd~O67H4Og|E7ef&|}YV!wxJXS&ohR-(DX45H=RzsEM-F-(2bUEa%o<{r*W* zSD{utiQP54SkT1YA?DFdI3&qPlW%c12|FQNnX z<%2{;TAd}`fq%ixwcv{%Aw-5;*Gx%^`4QF~a3$*g&$wrtM932#)wBr_Weqd{zV@gw z=p6=~w!{KymRKDSh3V<(qe&NvG!ia|f-56(^>Nl^zo}`zH9zaSm)Y%figU%%zpPsu zNcP}>B%Irjs_Ecg0)A_|yRj)tzxja||Qbi^$Toz_H*;in*X)y&4 z@w*RiW?A~UY=TwN6Cy(1@(2ZGNdJM&b@mddnhHYMeE2S#haH`E}Tt1{LWW;?;l6F#H!58ifF**XLs-cVC<&F_kp- zSo3MnJ=FF`>)^G=h=!@5;~LGxK1K5nJrOh5m(yljby8)Etm9k#Kv%AZM#dLk9mex zyk!62F^Yr)Xb64yHS=~>Atgn{vT^HfwY&t92vXH5AMnS{YF>npE};(;@Q+gGXI}n+ zSE8T9Z)%eMJYK3$+(`pDc9#1KVmcekk{)P?5gtXt?Vu;5!)JbJ!T$ozwVo8{^YwBN zH{PKe9oB0gWt4^iQ#FcipX)qCwUIC-J>f3T{_MZ9kFiAJ4 zZZ(jt0(~U^?ER6{;0&PL6t+z5np!(1`>XaivRrR0WUY?5pv*C`d)9IM# zk?ei_=XVkrWpLpv4Glq$z+FTgy~y}U;pB7wfIOE5h4<8*AP@P^3I6#|B?D3_ImE*E zoi6BXaQtMIM#=bPhucg99$~zX0v9$`RaImUQ}<62ee-;IE%Zy-K}TbVHVijP%i24JH{o}YQ$b%~jC&_Z$O zV2&sugk%7+t#Oyv-S-=40C|8U17NWG&N2EH0nD$ymHLD2eIKGMA+K0&jwAGjR=bIWN1k5P)qPWWP#36f4NQr%x4Jj692)|z7Me+;DV#Fvq2Ng-K`xw zb+Y#Ik<7a?Y9-_GWyfAP{P|_yhiA-SbS`CN{l2fj6+84lS8V4X|L2PR&lTI@kpFYV z_AxhzrTsr9#iGIv(&N#(L+Pv$?#h~5%C+GFX)R|&7;Im3uT_hr&McqBZmoFK@%IT@ z_iXs5Z>5S@+0&ihCwBMHcmD;X+CMxswd1D;EW5D|aD9}@w<`jy#B1WqdTQnyZQKhC zT;tCQTX0($ZewG4BZYAD>-|(r0$y;mnd7v$^+1@X?#VrdzmJDo#sYbzJQ)g#uy=l! zAca&)iBm?OZxiFO{vN|%O5fc5$Q+t+;lY65xjZh0^Y|64MR!R5em!s>$gKcmNp*UU zeJa5=vR1x`ihBjPyrEM^g%H(ta@H^^ZO~YZyN*E8zE$W{}F-vKDgcj zY7nJN_l-TkWfXyubLW_$D#wxS4R43x5uPQAGc~#;Y+Y3i&fBj9C*58t{T?R&Z?&Zl z@?EJ0)oIJp1&QQdPeMlaAbcQcJI` zy(ls_`gFw2@o-o>jqs%i#N>zgsvnbNgw*-JT(=<;qoZSDAKWs7Z8mYzAZDxg;_*ze zy`oY@CwFLN)ykouR-93skAhE7v`U_if6T z3+SVc)ij`y#qJ5dKdR;c>^_VB=(btoMwfoG>CPr*_9v>NmrZL_20T|+PTz5+J zdz~FB)41>|{i{!&5G0QgS)dbYW>hf$(Q5BU6IZjr$Z^<}M-Mu_HlJ^AUv_Jl{ukED3>Gn;GW`qnbY-{iTxGzMj`2$ zhib<%X^4f+KtLkEQPmuiuh5piLCJ70vgx{mwzhVd*(`Z8A`)MesompaLV1`D7pwCy zh*Z!>C|=BZb7aDHf(uV88`NHowC-bLL2qf$+10*p>g}c5n$4D0TT7B1YVVnQKc;7V zZn&)jN2!e4M77O6Dq(v^{`&KOp#|1sJb?FRzT7^Qed}1EsF8IcpN{ptU?HyO4XSh= zLG99tca{?qy!p1)+<(5>tbAMA;Yrr6k-25ke&WcsY7`R@lF3_$n;x-<`PiMpKe#*> zH8_sm&R!p=jFj10n{49|%h`C&?fhL9g9dK!6@FSuGB2<5i9RmycX_;oC^gCr5UP9p z*}z+Wh&SrfL6$-><_feh^Yc2@)>NGnlLI0-3_=%k`Yaz6bQ|6Qe{l4iX}1OX_Rzj3OfZ z$eC9X(!{XJa7(EhE4Ax^It`KH=+Ug$w#dO&y2CSHjh8VkBAn}8v1T2j%P>y2gkm<^so3Wd29MYD^EkLNgDrPYcCxdUrs*!Za|dd#M!mr zPuvy{)hw`bW_2q970t1-EjSQNU9>npU>nM>13V7@|G`P6`Wv*15Zy3`1*PLTRgVab zDz-j(1HpjdV2z-X7hQVsqnV2H@fj~KISjhzsGz!eKbwBRsnU1lW}0Hc#oKR6wTHwt zykGfj8`vLJWEspFT`iE-9!9`yLIe;uL(hP=W~cT4u;_gsBt8HMM5+Ju3g|YtbL}LQ zk2+p6yxBWH_*$=ibs}z*|3lb_Wo>a!erhU*hv6)Y)bi4xWf?bX#jw0sQL|k)t!a%V zy{JJ?-jqDri;I4%&UV?vCzm9wz2}AEk8GQnK3^BOLu}TbxZit!R3}7?DHq#s|2a93 z*|O*Sd$!;CR~0026I5W)DQnKB{0(!gDQs8M_WHCwtvURqrI^yDZz~FT*^a*0$AS0Q zhdbnCjQ^o+w)fRhu6f|D9R94U*)UbM<*3!tY2EVFF1&P*#GI}1gG&pWu9HB7)9f3a zI0T}mb-64SWQ52&Ybl1U*JTE6U~jU9h2plph6}hYA-0!nH|K`6Q$F7w3f0^)pfTt+ znmaI5is5-o3@ezSGRfw8xi}tA| zI>Re=tS5v_)sEBTJ?|d#LKIPsJIBnB= zwrDK;e8;nxQ@c;)Y!-S;t||iB=V)(w1`CD4OW1S+4(+<6_bDtAQ6)efJa|ap{BM%H zPfwik>fSB6QH7-kU84gL2%ZS1m7OUPVWY z9)NYF+UQ^phAnM;3|@_;}V;v<=hm$ied_>D!aLUC=4 zo2%Sfrug-3jh-{W+kUd@;gjXmt%~J#RzampOmX-ie-MU(oh94jrGMzyMdCf=)6;uu zv~$*%3nf@UzC!Dn6!i5uRu1zJ_|GY=3UAWw$$E6<5NgxgYVz5X249=m5Rr&wMy@f* zQI4Th1|T~?@P+lqo;AcoyOMD9)G~A%f^_5xq~@Lj&hkc zV96^B=H%YT$_7=);%$Xk3I*BNn?b`L*ew{)vApQB<$70;v`2k(r3m5n$TK$J3u2C% z-F^KXMp8j$BtIW7Z&|P1QnL%Z0mOUblSzK%+c019-FAw+u4Ayhk-9Z3&@ph9lJX;l z6vl9VsCC0X?C2@e&9V2IUUOj<2Bb=*5C40VK-f|P5;afAa@wI^JBq5X{(#q^fmhUN zmd5KmPBDea_zRdG0J;NUFA)yTx3&inI89Fkt{m}B#orfhb~uc_aB8g6{>N2!iH6gJ z-oe<&4PN4Hr@!lcesq)3!X6Igo`ec;v2$=}&kuh40zDb^`d}O^lqyKw&Pr{oNBj#B za^w>71Y1@Wbg&W~M`}a(I5_d6*=FTw&J>iCN(u@pr>gO|aP!Ie=*4rUG&!q{ zd2_4cWsh&aF%eNad!EqNE*}Lui@y9ya_2JiDKT1zs>9*%D{`sGP;v1@Ljzz@8s1ES zjKG;Qe-p#*=3z3DQsv}lW#!G-zq_=A7#??<0;TbeT3bdv`8;)m-U4O704qPOzduQGN#Y-XJ+r{57xX!XS3J+#ItM+@8XZqO%ZgVxx3L=98#CJ>d zhrS@n8o01J+t_?+clN=oEl%yB`P(PlUabzK9S~^_*yGK+!V!E^4mn5*v(vBteti@z zh}4(b*0TnXRf;2T=o7rCI&Vhul$}IA@%4XE2PikTkNb?b1wBPo6 zqrapsfNA+){3B~-AlKwY#=;>5Rn;C0x81P|KJ9;mS=Z#$iJi7oK4lR@4<$`snwW~0n-_g6P zWa?IqS9o#!{dN53JBIhcna^_+Gn5-5xNYYLJB7C6;0AkV%Gh3<7#sHbi_iyZmtnZAR>ex#;-CUQp zW|j+OgE+k!rq{Z7CEC+8(UcV%<;>K`o1e8DuQHgTMtu;T1Gv?R?ZFaPGyDPa zGSJ^)xLH%}w5oBw4!7~QkRz{M{NL@;-X0-C-@Ks!5wEc9;2mCf`b?E_NdnW)xZ{TD zufzQO?VK(8tkP$4dMXO-mWIAZ;x5g7lqZG(`D!*w8HBW8wz^9!FJ3&zidmy|c5pgQ z%YS8V>XGxyj|am-LPE6Ciq_uqz{Iasc+qxX_(0xQB!2sY+4qG?8~d=-i9E*={h#08 zKF=)~Pcd4l>Q@xy?taEW>ifjEsO@4u5WBQoQl-xVoX< zi=wuN9BO?6R+Cwu_zcI6va&Ec`E^LqVs+E*V*N@wq4cJ9}lVes&hV~GdLm38hOg^@eY2V7nf}Hc!E)kf}#)$cLi&jIQ1mLN( zXR1#Vx(t`k0fyzr7VEXc&D1aWPPxGO0mb7Au8#ze*q#tt{wg@PHQ=KVljCuKTv!k$ z4`Zhhu?}AJq+QDw#JwIK-WX>s8}<>WFLGFM7nv($A|vawTI(|_r&O*0)h1fie$455 zP0@mwDNUbOB!x# zYEty~YCsrjd6)rvIj7$~$Vo_AVqTIilitJL-p4Qx*-E*7)y zHLJ`UtQ3D7hfhJ^EVd_=(Xav8)Z_QAbg1awDa38kCLI?PT`2Qkz%JE$MB=CMS2HV8 z*F8i1OA>)-yg|FiO83c;%VB_X|4iOZHV=rB;5-1!KLYXt3)n|2*ZS7Vbb>VLZTig| zpy~;j_;4*Roj-{Z*sIIE$YLk$QZjxwxV$JI$j|h9`%J_3XSpEOlV@neAARmHgXR58 z7a}g5T<#g@KiPpD>*h7h%IK&83fq&3FpCDSAWdiH**t7cd`gN@$2z&_@_n^=|HwGy zDW@Td$iL;4>_!{)+4>MtFQqKoslIRbd> z@UJP*R3g(~Z#!${*j4RdnE5&5 znkQD0RTxj62G8!0?!3X549FkrOOYlX9BC+aoa0nv^HlBiv`d4E>Tv(JfsfJnI)C}Q z@)oH1?~yrKaCT3nth=e6BAdrFJrA4^ zWQ5_y1e(`GXiU4EmnQ`A@5J@aE#V{V*^9UO=E`&HMFm#-Y$BJjaF{4xKLR1sYdJjE za#DHBs;Qj1(rK*^4Q#Q~RUx2|VS6!=BM1Y}LXccZegQP3nw({R7y+RpK@ChxDB5%l*}6#`6`ZUA_FRzQh!j{;56R1 z{5pDs55s_WgR<7SIP(Po>4y||^e^~xV2W2){I!4>O2?0j1s!??Qp$^K3paqs(d}>d zs3HlI^63||?y?)#X%9NfvQ>;BN4O=W6|>-$D^<0C!S*9dXm*_f=qVaz7%t}z#RGt3 z7guBrup2Sn-u|#ndphfh&k1X~mEInG)_r`%*cp?nJZp&{DwXYWw*(XI;Y{CSRA7YJ z{`}S756T6v&gecvNYqIJMOyL8oAfKcb&x0rfJQ75X47k?yFJt_tNb|6D5r~sGk-lg za3JLhu!$T`2(SA-a+t~1uJY9>6}(&d%u^e^+4j*Jy-jJ=q2^%JYuUmuRKt;`m(Q8P zG|UCmVB_M^z~z9?Uj`x^X3yz{+ez7%KVGbnE@3;Dn_{PGQY@<6%DnRTB)C@OQa<#e zf$1V!VHQJ0YyCdry_VXW&N;wRHOMdZ5zJs73{ZQMizhl9htzdiqGbp_{n0Lk9T;ot zRx5lRWe3&2tcP9x*;*?A{`)oy%D9K6^toyHO>xA9Vtipgnc-+CyN)O_8M; z^tT&zQ<$Pw8W7$bsd?9nE*f`!1B-Nz~(M?*0IS>CDl z1z7)!J|f~#h-6Yf=9=uNt*pfPM+KQZs&%Ro8h^$G^XOJQeaCQ$HO$nJ&aUj#kIrHs zkj%cnXRWAaMev*un}}MrNjfU%G+r>^r5mx~&}+WL@G$Rzk<~#6w5%e$>*1mA$MBjE zSFI4+n)bIgX;{B2$Kx7b8>Sm!_wb5Z)@5hAHtCz;ne}2KEU>UMYyB2BKdS#8t`v_f z9(Y)yUlYJ)woG08DMD)H4HsQsM#^e!Pj{3k5wb(W;VNvqyJMI`6K76mQA@3gLT^qc zVfY+1H)?{0KXExPG z^N>LsxPh<*1Gma3@0~Vl)%2BC)=S- z2`b|JDzWZJ1?vbBw2Q(Op9M-&7 zJ@NjLI9?hWn&J7<6JA#BDy$mzm{`HN!{VOl+TuOtFI%iS)ENY}XKl;|T@RN5n}^n) zMNWontS*%L@Oj%ObT+-xtb(FI?O6~P-!!uq)if{HSWHYy^LcebSg@U*|4OmdtPm#K zruxQAaPG=j4~3~rH-7p1vEdKW^j>L*8N>7zn6?%ON0&)btA|C@SYoZv`a&uC-(QoO zRRrroD$x))i3`u`!zep65l*cFyk$|Y2Zk4aa2W;{i?Rwbd-R`8&1#61_1pQ6F~RlXO1qQxAp z3CxUjg!q=qC023fv`cP0&uc#kVzc0?sd=i-e!yt) zt_2JZhzo|ju-YbNtpN2Q!?>+kBcT~gzr&n|2Uq?jP`1;8WoD%VWreCn^*#0jkoxJG zXqbkT>$TpR(a&Qir7}We;{~^pGgVXTet3qy{_HoeuqZQW*&eK0F%XG$C|q3R2nSbs z80eYd3qLfm?0ze&pek^+SKFu4(W9;7?26xg3O{6~C`0$Yp}OC^M`2^t6*GXaj@#C-oEc#8SK z-#vf;Bn|^rRQO1o5J5W6I0^he#PZ5JhY0#f=t6rQ1Jw6X|Fd!689N67Xa@-Cqi){}=qUW3*SV%bUQimF%pKXp zd=UV4@l6&ak1X#4I9@#o*-K~GrFTGejK=^ZSLPu?|FtaeL>>YF-j4v78C9_pdXRkAGh?;Z^}GUyNfuN+wkFirXR__$36 zCBUS3u*2`r*{i9k5)2kkfE~K0UZUD5)3#(K0%i6{0~LsH%mLK~h{!S#_HbVX_{@2| zy{o2vr2$Xc-T2=}so=MSJ4f{)yM7`H5YFLmyo9cx3t%}QdwmeIoAhP+^8bi3DZ*sF z_~zUMx9$YQu1?;w_z#IeC-n@3G6N1qr0(20Xlwrm)H1R}f*gDMrs>*>Nt2+qBX6A@ za|o5(`?1Z91T{%3bo{jFMfQ%f=agPaOZz-6ke2ijV~#d}Fmc%#Aa^M310^91>_2@3 zBp4Z31^Mb6m?m*n@K*U^p6L7pr-HOn!6;eLnG z2kX1<{a#6e^ytVW=>E_e$2^QU>1BZn2K}n|#Hd7b#Rv3ZLQT9!0M;J@R=23QDgVi4hPWmOX7S$H)dn6A8jvVn$!dYkhduL4n%i&Q%ko+&6o?PeuExo zyj4;S-_?xv@d9xA{{ior!%Miic}sMq&kwsiw%g%g8vLBSmp_O-bY()Z2M~x!FvQjo zVq_9_V6PvQi)I3UgIkp@k;5u@b#tm|1{IiUFh4O-G}XqD?EF*H+cPddE!A4N+RCbE zEswiWM1T%#s74j6T{va3_8V8bd;ZO*&Ok5z+W&m#_R8F245bJQgrNi{HPD~cFJ?1{ zix}{W83gCltsK+(CR&h_gs6+FyfgCfm@BClWb*={T`~z|$&Cwy z;6C|ZpPa6|>Er7^(b2e>o*w203VmFg-VQI`lY)dWI2iyoW zdjO_?%l97s-;n+D7}WvWZ)Kil+2Q6gl2JV13J6^BJh(PZ)zsU{`If$P)lEZ0BkNvI zoFrWP=c`B~WqhC%^Nb@Yz}_ zlASw$w%5auGG0Nptyp(}6yNkYHg<9ZrIcJ|dg`D(h>gCH?>WkN4( zsll2ndEh2RcU#WvN6qr)AVhw5j*_9{75lk`NdL%gzOTOs>FZ0N4!qmVS^4LI{3mKM zaj!)GTT!I@7%G3J`EQusB)9`cIYz0PCyy~~zu@g?&@}3C4qkXk zeb(0mfF}@@f!4>J?*Wz0*|IU#9%+(wW2`w{Iig5`*jI{*Qs@Jfxk3?#z^a$6K>vG` zr3a9S;oXTYaAc)#pWKgjg-a4>D2%}dTLC+)U)c7fz#@Bxn%X#rc$f9ZD#Hr;hG`&W!wMn?}0`2Pc zrEaA|%B|TRcbSMu06P#$!6bkk@m}uk?vH>02K@a=Jf#yL7tS?|)H70$J0en0 zKX~C#O8#@tE@#Efe)w>tPjIF#*V2}PstIL}NzsZy$2E)g~5$Bmf9E%c<@N%YTw>0F*MJ641r+TLpA=B(-E2RK(8~ zrH|y#S=rw$vMv;~Kfa~djQ~>NURtu@T+;Xi{{5s?WlpZ$yB_T98rp~Hg!m1R+BG~| zFz3zWbL0AX5EeYg?YzAX;uF-vzOTr=<@me4=uEd^Q%jFELgjlYBx77^XLI}T5;V6a zt3dxM7BMt_{Go$VIH0RL*@PI6%fHIO1M($w!F&<2W7uCeezW+{j3$Y%cC zG){*ab%z5mRWG_ObFaRd`v=2r7!bNggv8zfnA}po+Z!MH_NO00HXu>-5EMRfwy84%XlWf%S zgHY%sepj2gZLmv~SI*&I#UsX3t=CezmOsV!O)gvK&fP0bfFmo`$0OzC^-xQx1zNS< zA{C8}uhkCh<^p`a9du5nB!MSm6KEYOu6U{Z&S%cd!m}$Xqu1yK zatfSuX<%WzY!P;wm`7Q*X32b(dWE8P=E*!-ccy_u{>SSuz~5t%$cc!4 zuwRY?J_DK1>>k&9b~-xwa=E@Z0IOEA0u;#^GBuWyU$#S}HWSNnkO*|>FkH0eQ-9v% zL3Py~@=IZTwnJZJ-0fYg6t6h-j)5M#wdMmlAq5tZ3TCT3Cj-4)K9_92IW{~d5+phU zx_}wwG`)q`ek@PX>R9MPcc@8uE4jGZ^D!p!PI1uY;^E3^)0(HBkMA~K_@^q&4~XK% z#T{Y>&WH@)bb|}jhn@6@6f3Iph1ao2ORrQ&=WZ>>fv!es`pSHI1y`&)aj9$lHkvO$ zB%RxFeLfHLJ{igz_E!Cz=>p#p&AueTC_wx}6E0vdm7=wklB@B2eu09uVu^w^yRf5u z#qw_Hh&#$*4sjW(c;Gg{eFwRV+Y?EzKu;GI^#>ikxX#Qt>30JCNSnD%+ZZyfAa0Se zn_F|#Q=Vu0e{x&?V+Xqmq69Y-9kH-V-c9tgcU1!okmOicg|41M^c$olCB@HDS1Y$f zvl*c-bu_Q^;T7KFwhy0os{2*&-|G^ z3htm;PH!r+y0DNUMrDJ=yp2ytFrLdHn7R%$SYVV>>Zn|S76h1>;3Ni)R-M)U-mlka z;&4}KbUl6Igwnn!xA1i|fX*FiO3GahcN9~(uO}Yz@un}e_Hn0oLLCdW0(Nth>_JEv zf}Es#9gVprkrN%rVT8DDeF&v8C5F-}#SCpa^4aXCPw_x(Kfzo)7m)u98l@bal>cps z1!PNz9f0YO8A9EZE}Of~f_5!u8S<9MG5WAy{ipt^!a(5vtF^}dJj(l~uCu0+>W4-< zxz1DKo%-_+3S1}H#RT+O1HK53yTdzdMh9}m1?uGL0|ec%IVxyW*mP)Nz0@X=aKafX z1t=o9SHs`zc*V*=Y)A39($_=a@iQ7xV64~a@LWwhPJ_gxW8^x7bB{+rA`IJMx3@dD zu0|P3jKnm@rh_(h@u>;#LHcYUmwPxwdB;gmsvrq86X9|5K*yC=HJum#Nn*d3h`kJe za97G^g$@}!^@JEGzTh8_*ZbyJOk&3ML*(>oU->@$@?;<7x@Og#l{a0JG#oNz;$Blz z6aRN{^hMByb>2h2(vuiABhgIAXmE{&EXeNWM`wS7(5Ma?gup@FQfpgV_Uo{Ab=~mU z496)T}b`~P-o|Q=OFi;kzv60(FtkZGp@bIZfsBBE8ex}W{m_=ajDSw;}&E<1yLr$n@}(l z5j4F#RNYX%X)dXr{;&eIyZ8MF(t~=fI0R(v=80y3HbLCX7m&3|R@G}G9QnnZLON{-O3J{kb%0QyrIdg zx!D5m_u21Gc&XwX$Jy61hEMcVb~a2?I@zyz2jLdXd#%TdK!>vJEUXl5D#KyVKAShi zQ2m@yN4qT0qb?BCqd@5vaGK@|?-pxW(z@2N!S4F9k@D)mEM%Nv#n;hu{InU38I*Z5 z>4>t{a|{RB7qK+_d75;EJ%Jk$73(A!r`KybU>>Ag_tcC%eQv=R-h{J9LsfQ*uUUr{ zSR=j3b!%Vfhi+rVhkF^m;KlF`x|KN$1MDXRw`Doh8SOg1HlY;^Lj%@idzL)6;-GjzRxC&m zw{~NV*mT&O12!JWzLmVKt^F<+jB0y&op5UXMIfavvcHYpxp{q>Q7e3w!B70}!`IRb zg=U^CW_2wf(Q@onf#h4Qf7&{M9QcyY(hSrMVggUgXZ4FQF}`pRG3Ma9aZZ}fLJLU@ z6HQDU^13Tuxk0^sBeme?*hfyKl7vjkR)T#%9za^&8}{yo`7pq@l@X?iK?JUfNy=y$qkdeM^6vtN^@TI9j7rF~d(CoDS5(T`1KS+tR=kVOu#I;HTGntH&S9sy zZ+MPo_uJI#7ME@?p%*xJ#EUPnxV@uBa?gXcL%}cFS_)LH9Oo0wx*pdHlbExcw#+aj z*_2?kZLl{BmuqTUR;GK<;@;;)BDRM+%Yc7YdtxYqR7Js11>EIK_b@ECmU{TF6GVP z-VG-qme!C5VA!{Eg4nKtw^>&PTTfnXAQUw4?JaiX zn~CEHn9 zKhAZ&Z9e>9>=5!8i@aNb*ixkx4%=?jGaP-4%MG!)sac7~b&G@YV;qY&y(o=9pQ)AO zMnmyQhV4$|Fh*BX@VqH%qK0;;vq>A-QI#CtHLNBsAQ&!NMUa6r)&XIuAK~4-C&0c) zFfQezSarF4tW>Q95<~j?5{GNv-;OS5Xy&VFkbOf5!5hvF4q{5HEz}SsDzb{Ls+u^A ztcl@c*UMk|l!fQ^(M4igD`OC7v1%R>n^|}CMgan}JX|QM7DtcQ{1|c=*nXE=gf?p# z`(*l4Y5dM97sLCTfT0_%fBI9w3#VEQlvvJOzh+tnN-_8S z`%;I>yw9RjD~0cld{KxJBSOAt?@QNyr#Fyll&p&825tW%vSSa1Wk~5?*js7u(2hd7 z;9r)idjxa&xvLVbO&RT!P1&YVfp+EW0kgsR4{mx?N|aY);8se@lMl`xaIkVG5*4Pj z2sL2!Ju)H!lv8UWq+0dky>1A590~Np17&l!yY}_IlzB90DDKRUnf0*Ic<^1_AVm#a zjT)=PO+q19MmgxHLf$^!L(`eh06C{l$W^aUtq+wT;0 zK{YJeqlNn#fJuN@$p~Wrs)XFx(PXOQ zeRg)#U2qa|Lrdl#jyP_T<9KHg6UvegW~#3{Sf;&yhgf|z(UvK#(3bLO7bAaA1AQn| z0?P#xTJ997eDjE-0SKyZhGp&&}I1R}V*>r2EOTxGa% z8o#|1Pl=fwEG~zePkPtpZ8kd6nElji+wI8yQYj-kQ5MzwU==x7!AJw zwn)~rcx88K@D3}I{@y$u=gron>PRObHJS=k`7RJMbA1H@AaAQ*v&>&!ocb8m)%SvC z(SxFEm_80pl&MUw<8b!xbCM=}PE~Q>ocQ@t_FOWc^y~Rm6>9l9l@FFqD+f!prU&VD zSfcvOsj3_!7RugJn9Y|I=MB3r#mK(nKloD*u0*M%lyWR1SB?-jX7nWoMCEw7XV;Ae zT$%5W-Vn2}t5wet!x-1Z7n@=7T$#HQa*ni8R=o~|Va2TL$|l;=uU;g0fG4Xy0EoSx zT-|eeMbVL5k3{}(jN@FQZAQxWI#y4Z>#6$aa5DBPjvbcRB6NHs>cEto8{vnnuHRU` zPec5p!w97Mk7et@yVzG5giqIn@Ok)Xh<=mfkLA`-54$OmSKYLabatNvTf%`Gy=Y=A zy$3S$h55{ZLMo1SBM*%BR%NQwVeOwaa@_j1b9s(KgMJh8{~vo_8CF#q{W~Izf`g(6 zj7lle0z-EgfCz^W5NSt5y1Qi@3kj8yR#IBJL!~98JLDh@hwiv*tCR!xdH(l)xL@wK z`oEtwo64!$8?JAhnCux7Q-_(~ZjdiJL)O!*JpX>>y|}Y^_K%{dH0LDVf9Z zl5Ux5FSlDvuT+EiGUFLWH%`m+C1QO<)owMB-&rBDNjwDo!{flegG&MYe09tSTiCnL zT|GX_jI$0?%cUvz=KWrCZAEA{%t~a4JUkEV5u&^>mX|G z&?w%+f4<|E;zhyyl)uHhR_Fd12*c#htPMByFiDGYtKk%(;7H%@f23dGNb!UZ6YZQ2 z-C0*{gRD}PP$#C?#ST5HyK}{Xd>Nbl?V>4$6D`BN5n5f=%XXrT{#S7Gy+tNW8^x0Y z{^TU<{AXV&{F^Hls05X z&*3Lp)o&)vYMQ>5w#5bFUJEg8Y$l9|2JDvBEwRCoMofDx z7Q9vvuu|yFzSmXEeyeE812tVCDe3Lv(!O+=)$U%{g;9lA>?_%o+gQ1sbAa;_se)kX zO)i3OJKtUpDt<;t+i!w#W~Psq$r{a`jWZj%H2qBZvsUfcnD>zLP;O;?PVQ(h#`b~8 zS?tlCE{^m1d>N8gmG$?(fbRhC`6bSuVJCP~-#C`I7nxV`=G=1Q38(2=$x+n8L(Mu5 z{LY1ob({4QB%;p;YsS`-j^LiYB9a|TFuJhAUOTk?pg0Gvw$^B1tIs@~mo~lWa7F!6 zxr2FI*?{zlcF14;|O4!F5HnR!Ye13$Q91A*8{ZxJRIL(;j+$gSG zW30M&Yx-}lhDV_U=xY7h?O*TyP=N%-jGYp95FKycVOviM{@H79Dt6OCQ9FKVd^JWp zabt6-Ik+uf%OtgjOevJY$$;;kkr+8wYdt(=gf28h5>AKn=v*Pzl%0 zP0NyEby{P*FaiRM^qK04qK+%kvC1rKFva(5JokiDi_>OaSxH|{NLt|&9NZ>xxK5!P zpeHsIAOsIBXMu7Q2Xq2qyw7)Ti2oo(+TL+Hs3%-LJ5u+xZ?(g15L zbKH|cP>4l2S<)(KY01hvHFF_{*xtUj>UGXNqnWlS^pR4Zmrk|wZZ0xlidcO_VL}MH z`Lhff>^1f?96@rgA*N?}`>y!iP1^VNjkQaa-pMppR%2~kh|0@vUF!eXJiQhl|H>)G zV}yhxjGGd}+4f!lj;BhiHg`YDe8T~pbi*PkcSpjR-g4#U8h`2#rtw0c5nQ;XDF@oq zQidP`&>#xD*J+Pq$dsf=)!wTZss)0sh~iaJ-|+=^4(bO=gxw%y$0)y!?U&q1EWBA` zP`NqToWbWj){VwvPSb53v|TEtmLStQV&xSdbDYH%g-3@EoZ9d@f_aNyb}kTN)+S&Q z%!C&06hBu<-5Ci?oG!L_{wis;#queCl7KKL7GsNv7tGQAD^}-rZ<5*i+{yZIyV<6u zm>2zo1jY=70kKFG`|bz-SUm=e=>fG}#7O8`8qZaJb<;}n<|a8AI`ea#r25d-J;xe| zcuAXe!^5Lf6=9mS>~N+PkXguZ>>ksDnoIGtTRK}r~pqg?18EL%Kh;DZ5$57>ZZ5v z*$J@9Vq?wvn>^L5yX~jI7ir_4y{sM~uQ?A234N}}mNzynTD~)TK6N%6Wx&lF)DkR+q*3@k!627<&~{6llzX^ z8<5z{wM{Rr$b`vk=z=|H26mxawDlum;I7!eCarfCy8G!#K%C}GhE6+ogmVgEA^|}i z?bOwZjqX=61w@_63n*zN6!|IilLdxM;-(;4pd5kAo%>;j4q@RS(XQWenRZOg0hPXQ zq6Yo#b|x1)-O1YolR~%zT2%)P*L}yb%AM*ixx4u>^|vtAKG#t17&2rzMiK)jZ&r(H z{x9LcH}8@`;5bDI?6@s&u48McP2CqL>Z^(DxVfC(DVdz;IW(B;R>(=#p9#+$tO+El ze%wN{2dat0I1#^K-j z&1zybO!ahfa{F0t@r7rf%T82{^>9hXh=94l3FbzGsXQNT6vNK3?%E0m3P?xKxo1Zd zy*TTtGnnLl=6Ng4ywsm9j7h;97dbPuBVL3!oG3d%5p?d!af;_&>g=q1N=n*V$_A%n zL7~VG3Rn^vGc-sr>@sC{{4@GQZ#k0f19Y{=6X3E?u2#)FZ@2P~ zoD*6d{d>!7O}~TTgrE8}x_n3+bhx)_uu6uZoFnR8wglEk$7f%bx3B;xa246MAGZ60 z8`2Dtt~^?IXCbsW&Rbf zh{j#)^~MkULi7$Fyt$4;?rbJ;NhO0fb|ZXtrTmfB3W**qKI3XL(K&Rzl7^QMP*N>p zok`p0P-YdN{&2F8k2?guBgiPf+ylW$L#VQ2)`R0gZtHAzNxgu&ed(3iVXe`3h084A zBK+h+_LmA5KewkC^nS>mn3)ZC@$$rpE6H3wMPOXzpYF6HxpqDOg)}_hvQ|`ahoEZd zrk?9)J_oy-dUGRn`r+M~3L)(ntDl-2JsSH-Yy8cmcB>07ry76PTxYA4dlFfvpZu!* zzB1uA*QX#i|JZr^>6gU_lLE8S5^1uUnM#rNpK4HGKBQHDR!-bDR; zVLjk^Ygwa(QrYrV`!a{=_41FwVJ$9?HI~D8<6W-z*o-X?^)R`c8mF`NVjQY+f9M!n~HT`Z+fIWA8a(E1jL z(;qs@?c2aHzds0i94rv+@_L4ym78Cf+OpgYG=-h6xsPjldpo%q)jxdVRkm4xDSc1Ok$!{u1>HCugdsk}~= ze)M;t?GW`N`r;&IqIYD*D@z&P;m_+Dw3}P+?ksE9JLvAiJ>Crs?bv388@Kv|$pgrO zY$hdF@|IuKvqsAJznaKM@xbNbyv6K@5B1Q_P0> zEyL~%;gqG~D6PA)$+c=dNcS2J&qt>6dew3y`!1^@3N!?>RpM5wD99SSVr_0rCA1Z; z-pd|o`CMN1fIQ@E_LXG;=01hBv?M~~T;rRTvBvUisF5AU-9uKX%#c~Px_N9zp6CV_ zXHf*6;a?!Vu2G1tnvF0)Jt<>SpfSPaAzFO%D9FvhIc|Swl@KW1nOLJ;b02gFmIfcP z-)-%ASXs2*msc)|Nor20MS7&=i^F($Tb-DFJMtU_AFg<>4<{?x*E{J#ZH*E3S*v`~ z%PwSZsaF?+%vYQjx$%`M;}fdLqC0YUJk63m_|>ajcex`TUoaygrsgW=_Tg$@G+irs z29ciya-Lwz_4;_)Yp57&?TcU1Z$Yb)L8YfzkAm>t8q4fR>Fu8aa-axqW4ccE$o6-l zbfyEt)3D>@67c6R#0=lcP zOg7S7zir~fV>F$bs$W{T%8o96OI4q5mv*tMDYoFf_|=#TeND0{9|c*u_6ApWHvO{= z)8B6P+uuPfquK-2>uh_Ul+TevB~zE2q6o-Dw=-9FR7UaW=Ok9%S_V z5WC-)k3(4WFyP=u{a-%Yj4#`P<*-2EhB$V|DFlg$m{dzJYQnr7ii$qgjlAR1(AP9u zStS?DL&8=WYk6fqHKv^ojk^fc)f{O+ll5$DJDd)K3HTSu-4V7S6|@#mQA&63%`rAl z*Xxd>%_Mzv@-%Nl1GEVoxQs z$zi04Dw%YFD~)PUYsVKu)#X#0^X@0IXZu2ad?-ampj0=?ZwItQ;&8YOI{_6n-xXQ5 zV8np-=9YR!ToV+PJ9w7?&eEyzl<|#TDTV!VZNItxNY2uaZjZE}w8ApT0tZuAh$S}u zYF>+3E57_qC9M<^7<`$8i^m;hKpwZhlT8n*XODn?f#=#BWL+i`>c|-z1yhNaO6I-g z<&4JhK-^a3mzu z`O=?xY4X#fzWFLJ!PWk$1Lh~bcZ3%I*Jw*AF{14s?fyVV27J>H5GB2RU3iz?J5FRS zEvF?@D_Z_^b+MEbIy#T>5IGlGeL~5HYvr{(Vu8Hm_HTB7kTnPKLd|^>f7?ktedW%` zC^(C=&tE0x+31r{V+E!#m=5ov7V#17IE zMcEgX^K|?drr$2Q*HsD;Cn9a&vI)=sZy1^s#B7z>sQtE`T@hIP4>*8IEG(#&vF;2$ zp`}SPW!26rI!L)gHSS4c2KT(}I=nqwm92#xeiLvi*d}5Qi90GuQ zA?o<-RHk?uAk2JFHSEcXw9wqdXZTBt&d3av3CX^~g@6a(X#ox@MEHLLl$D97fX*PcqMtsoXcW@N zG=~g)$vvUFJv*I;tB))4rQOycRSJCpIVL6Ur3SAi#plL|xz#vQrKlU4GatxL4$6V~ z9D6S2T1H*Nx8t2v+qbyqgDGO6Tb#1neh zH7+~f<#SFce#ffVy+;u=Q1DrkA=K7sLSc@r`GOk~y>IyT+O-=UsP{=SAKkAnQ%t`) z8+Xn)mol#N)_oU3#{D1oo9piYn&c#?MsKh9+xe-Igm0`v^YapEL->;?F$H&S+i_@I zQ^(`cwz>Tg)jprTKUnbSJsB{B9sF)>8*_9gUCZw?KezkLb+H?X?e##6@0sN-6(cZg zO+t|Ol;n)xu-p1wlc9p88wW`@cN8A{QvLMS^L&A`+Bak)xho{z6%FaN zRdJ9$Zd#h9>}s;*H`)JM|C8EsJ&h}{wAOz+)n4*ueLCxUfB)?7k?;7Tf|1CB+0fPO zSTp0E?R(pM1wX1Cduq2S1cx|#Ge>lKB`{HfsIh!OW@Cnt91(JLH?m{D-tXD->uufT z`VqlbJO9qG{b#xd#Yk4jFR|NiJUAzV-on9K(+m_Qr=iA26#ncC$M$dce25eWDichT z-PVsV@z!}EsP%4XuJ_ky8;^5;lDLls#e^7nqhL`h2B1`(R-%uEt1D`+YcBl6)$j5$ ze%vVCd$>r~BX=COIcp8CYq9#{?Hp%^)DgJE(t(#wGpY}|Q=vnif^ZdtjbiJQ;=-L- z?DscHpy|OiSSa;F+26O8FEWX<6_#ipo_Y3At6{1qr?=@iFW78++=-@*IUWN0W~2^b zjeu0TvFWa`O=mA~T*CyG^%Hv1*_B7)B(C0Fd#|Bw{xRZNN2f}Qa>6*wk!s{J_$5QPb>{Z{ zAs<{V;Z~y@gyN{SPE8qB7)_RMeggOYx3u5^1B-B0d^z$D)XzZNOe-h-3fosT& z3!g6T*+1qBwl>uK->9VY**@79g0ARtnG%Sik(|p4`vc%W^%Z~CC#x=Sy}!u-s~q*b zoJ~(uesk9phTZ4);xLdE=^K@8%N}Yy#XZTNL;gXS3)2>K+N_Z};;wF3(j&%-TI6b1 zOgbO}5)>oW*=nstILr5|${pZwXAjw16*5kYci$VpI zNLDS8QKhT~bC%30*NRSrIdaZ`)>YV5tbI`Sl6v(W>DEuSsr~zhisvA9 zG+rBR8)z?3u8^25sS9&rS|H;gZ3gG%u)pUs2+!TOIA%cPDw2Z}45^Oq`PG$6>L*F% zk?zKOF6jsNh!DeCQy=JV=WAWpa1**y87Ez=<;I0AFY;v?kWpk?8d@eLRcRiwzTqLl zivyQ`(_;Me_G0!v_dj9$v$RtXokMK;{=Tmf^*K(8j(w>q5*3xn0ytIFeF|V3wJ*v% zXW-`c9dd2me~d`gZBRh&Pm-;Eo{tDCZh~5oAi4eDW~6-PmvXIj3A5C=xH__8FGUkK z1!}vRALYU2)?WT{+w&Jy{PPrk4G=?p{UyyTCU~F(DX;ydTr0zKSsFrI9hpgVEZE(J zs5ecAp$*LO9W2(~3*rHDcHrW+qK;I#)83Id-8U=Q-!_e|FR;k_9;dYu{jAWMkiB-) z$GjMN+6e1Z?8+N%GYfox1TM7PW~Ei!y0ogBh+kBxGvXP>b5bxbUFIW-C{e{H>QQtr zvuqrYBTdZyei1exZ@^Rd*;N}BeUp9*k?GxGZxaujVp8Rh(N1(@a2KKf9pP&WzwxaG z7{8Fr2=MidMMs6L3<{m3t0-jOKCv)M*ke>1&l?x@=j#FnQ&~lKr5Y=W*fb7ef$JyK zhUMLl3-3L!?I$m>K)+w{9Vc25>sW8wX|Mcrj@Vd;Ygg8woUwZ(-uPg_N^5xzcnD7# z#N``zME6-&97e9PWDPsPSe-j{(q^BvwdCc4t~AifG9auw7s5oe?Q(8k8uCFT7ucbJ z^F;I3w^g_9Y=FBqcINY|jU$Vrq?jU0sdg3Jd}pjE0@G8*alHwGJMgMK{Pin*kCF&$ z*3al^`Tfv8xbY_%sf}~*Su%{?yq1gOCWvtV=Nm`FwY6E`+lnuqR=d;EU^U$| zP9#A_wPN%9T(s9EB*jbadKaIk8BC(d!z5zbqM!ROD;*HlCZKx&t2^|?NMdXE1gsX* z9k%w9RsY^?dJvdB`SIlKqa4@Y{P}%pXH%Z+Z*DyJ0U_KvcTjVEzL5Llp6$85K*s*g zL5#J-YSgosE9~W(H}nazfi-`m7fW8{|9rzBgl7CDN>ooppySSzj**bp+n(qGxj8fcB_NBhwk9`s!m8DV1 z{&6SL=K`KS7Kxsw+*O0A7047BOUcSw`QHlKE^5vSQN`o)kQTd13aR? zVftZ}?B&ln1lKJPF-Ag|MYI3veByyLa-=nSw{|OVRDj(^yZUxMSGyi$v&<^9UG3VM ziN9TV(el9CR6ZwIWNQ?}o)rOK{uobWM6o6R18@a6bwsOGQkh5WJ6=1RP1_xYHuHHo z#MiaHQ%B2)Tz#r&(wT%EgwtLsxdDA;Vh6+%E^j??11I!#!G*y~g5c!|WxCAxQ@9!) zi)2Dra{^a&zxoVh)4>QgBp z5&GA5!rp}k+p|79WYR8Sy3rPUL|vMy_$-Nl9wnXw;DnU$$s+SN>v_LZu2-O!e$Y*G zf*m`0FH=$@W8r3~S}1=~40N(bLUa(S3pO-wjy%umd^@?zSl0?`lUlX{Xu?}-+n3q< zAnX~WbCj?F|CS)XA>H?ugt)w)JL{rTflk#I9+&HNug2uAju6o)6vrB8kA&+sr`p-S zRM@xNAC_|iX~m8G_}!Kd4|BI%i@ga;o;0K!L#x|QJ;eg^fyaK_w)UM0hY4}Bk*aud(nN$z)^Xm>7*b+r zpZddbj&GGZN3Qj|HOrIC`PXbnvk*94>)(9#jp_r`jtWkfE24$&`{`Z}D}KeDRpL%< zpoPv9v|~xKuu_yd+e2H1KQEE-xQ~M0`2xAEu^eLe*iGaf6EAsph!bD=V;XiU&5JsO zA6v@qpZ`fbzgkgW?tqZ^-P`V`;;wl7Ge*+&+9N73y{r$Sa=Ch+B2vS(y<6y?_@97m z#R;Jzo?A)1{GdASy z$0|um|3fhlF&5692!}TAc6MJ!e>RBvRT>Yc2EJ^u+?F`_d4jH% z;F#}ZIjEVY>V#eB0XP3@l>8@Vo}rm@Fe1Bq^*D7{lxmTc4dj;?aJlEldRQq`J0FS^ z;FzB@jf2G4I_##a1~pIq^vITC`{kNMJP{`g+d%mTfxby9t}QsyuX>_ZO7L@{zn8}$ z!Kziia0CZ)mF1ErI7`>^;@lvu7ZZJTR41l*hOojKlvnIp?F-NS-|&V9Uf`xB9rq(* zAjh64ej-5<0EF#- z@HFFdtCKPXavR(ij#Z1g z0;p5Q*tjEKOViS@l`knwhz+1;Vb2p2Bq$lN+VK#NN1K#*-y9Qg6cS{pI+OV5$97#i zz{MC5Ist%CciQ`jPZRSNL?LYoCsZJxXGxNnn@Un4RvZhd#A8{Sq&3}L3JXJcd--zP zu8Kq=x=!qJKZ^3`BoNN=v_jGxU|5;~x(p!yMrt-+pAKN0u^X7bG$CBkL7O0SfN(Jd z^iHM3PYRxa(h?t%!QV}0=7N1$Eh;+(3giy!_XA!f+(=RMVe2%O>y@J%)Ce~}eb(-M zz!Et?zwQcNo~4rwd(ikrNIe`R)Fri?*xJ#n_F-$Ytvzk058GS20idkNXc2O7qW8V3 zlarOn=E>o%?+pA&a#rZq+CEP9n51^8e`LK4TbEs zHD8lu)y2cC2_~)CmTPZ@+mhya)dfT-J+SccfzqSQ-1PUiu@7Ml5t}~T6(zlQ`Ay-W zm}=A&0BN4wwBKYjL-6R3Qq>ylw?b^SNH+_d;FTu8rX~vr7p_)}x8+)BK4fGWd>~(D zuvmDtazbfyeeq$6S!Yip_uUMTS%?Zaxt@o>E$|nB0y%IwU;+U|GRke#NNXJZm{Ac5 zKg;BQF1-^%9R4&`G8nPoE>s#@rUg4iU^&Qfim5IQX3);UO?)g_$yh*sJ~SA}E2jC~5+U6v9{ z4C-;^u{;NGjHws|I-dLhpG983Q<^(54K}p5OkGBj?wR#m8!6+SGd)?V^)9y(-X4mH zXZe$OqVranpbXPH_P21^ND4cme5l#MJfJSkX{sCjs;(nZt!O;~gUiz#)cg<|kJ&U6 zk*godBX-SP-lH{NaDrq`kW={)=j1>ks7`4YHzTNfVRbUx9R8AN)kuu0?_9>?$&9|c%IzRS&l4R>W$v! z2dbAjU-clAU8%FtV%SbJp`ujMRPUs9J&bu8bE3x0>BxyN-&@78P12#xHJAaAs2_v!DG-X=6+P^GRj>MRf@4@$YzV%TF<8$sD;DShDt!F7*f)x**< zb;>8%{Szcd^X@jhc+Hcbq_3}tv>^S(YWnfb7hAZRvQE1n`in!k4*`!VDH%$&bi945<;FIK!>_V|%5 zz91~xc0igFvi>>1elS>%@}0@l`DyT8D~lX4IG_6SKM39kjDuO=BM+!k#D@ejPH4hiD%Aei~@fVH8fXwOO2 znR@^M5x$Fmsv@sA_CaG){d)hm)?4BLy+(T(7tvv?+Fl%>(h2rf*YwEUsgJ9fo_a2c z;93yf9hqS%oz zPrUst!3TS5gk()z!-O&@p=6UPDU|P0*>Q#mnZ}SS?P;5`Yh&xlO`Y##PxP35TdvQF zzWO#Zi{%g&J^>GrDc^h*z(qX(Hp+Pi$7?IF`yXQX(K|=}CKW;#K0aHuHlBV=f#pL& zrhh|ofc(f6epPm)glN3W;jfH!E(7A}WmT3N_tD>Xr+*}vFWrdDrkjU)T{Ql{)6+## znGY-Te_Vec&D8iBHynLS2~>NdyS<-q8KqosScUl8Qzha=38QAJRh#GF^+*{x;Zcda zNfMcO(D*Y$OnHzV#=e1c%f@~Z_r194dR8%urpnpmf)x6sK!J;8CnkI+@207#53*bJ zI^Gc@6*jx@nNde4=Y$3)Geo9qYwzAVFG4wl1zj@$yVkz=0+++euyw_<90@1qEs(pvJggsXu^Kl}XEVu5(5k@`eo0}g7B*Ld)@z*5 z--E&@H}~|l2gLzDDCAaIjB);NL<(OXk$|XF&GykXu4u#heLy6?ahJ z1o}lo3t#%q@RlFq)#T(-?WeT6os;W2RwICcbX@C@(AHj@F^EUEFURBc%toGc>Yu?i z1|3RyTI9`1Z;Ar+9k+Ts42>o{&O9uJDF zn+36j7l<>r6L-I|^a}LuZ&Jb>L8_-ot0 z+WWzE1}T*B;vM@QOT2kOb`|+$)IGW?z$@!QfZxs95^pQOzxSsgiXf7wPvHL}2rtt3 z{ScJraSk;CS^fB_`2Zvp!8-&O$MgNDT`%F@`-nPG_?|~HK16Ns z@pCaeUTwvuyRfELum^gSJj>53_?18Us$o&mN4|eu@lSCy^otR85#*NUm>-SKYI>DZ zIr0f}24i8R{Q4y|6!-}Or#1w|dj3aq{djyaKU@&+4}3l4v7b$GQu&WD7C1da8lF5< z^7vfYfmj4TS}D%XH61`>*rQ0S*o9H%yRL+)yw_QVSCMidX{#PVJE#KfV2^RQ9Sp}* zihykl3FSf6?z=}_WON_8EB{BPPWqVR&{t)o@H^NIu=|7vI9q!0J(62=LvT)QG|>ln zywTyp zGq&LOe*|k#c31Y^cZJYL9@>UrL3;MQEPuttCLgz#bm5^`b=Ase*!`0dhZ<21hBH$_ zW+VSzMyZx`V&hTD@(*8}Q+RO5XUY$>kbqj^K|whcxLr@+OdKK}qWe{A1q+%uOjU!} zXDLk=31_vsTe|UWp=5nwQiaS$&CVH3GDYKxg?sM`Dr2+C=lrn3o4Y?XA~lSD*B z5{D91GN61=Rcx@1?Qh!iF&}H96s(C&8GI#14=4~i8jN6DanFkYRvx^S!Io$kA6k~w zo#*{PeyplWwG?<6)kuHuibkHB9!~1f} z{hIK&xY0QyX=Af0G{Fs1#zQfuNaOqtWKiU~h!G%BU(*Ci+>`WKcb*L`x2@$w2j`Z# zJwyB6YOICFa#%L?@6Jr42>1s8HkhQBgD%rgLZrh@zWD$EFoA6z+>SilP7e-rw9qQ| zgivp1nvP7mVKYOnTxud0ht;y1dTO< z*|HY2g=AFJ)kC`a6_l0jR(^;3wm4_sKY<9ooqDXj(t{3ZZZh*ajTtvm3`_!gi-+Rd|Gka++o>|PQD{E<+FMyKh}~c;}R}i9Q&6A z{en79u$$9AqX((>d5G`Eg?Y!o!d@Z%XTZ5&1_nl_aAwIuKZps7s32DDaS9J!Q%esvNujymaiNJEh8RK42M}>i-o$g4l$o;MAyD%bGZ$7$Ns1-8N`ykAbk; z_v@2_U(_P_#ww(trNB_=SQ1S3+*3WgM=HKJ4o7cUeVGWmN(_ErD3&M(g1re4dgheo zNK*fpqQL;*eToK1fY>e>5#tpS(<+a6#e=xF176g?b#k77&I}%T zisJnO9GvOz2-1a$1eTH`n{hzOoZvb_*x#$ishJ?i`hUCuSZHK? zVOB`ohH3m_oirdhh{Aw(PemlaBqCb0RZ3JLTI_PrH0;deWPWXaxyx}DRoX2Z8n2mc z`gi_X6{A`CM3y)RhuQqRiK9P8h-^gV0ysTZ`j+ON``mfenX|* zpt#y2FD#fM$Yz{>?5r;l6WSAM#sj4%&K4+TYB)~4ebPUf=VET3L&k4i@{&qCJUV)C zE({gs{I}!aqBD!CDwkczx6l6Nv_f`DYss6--?9f@Ne1R?BoQNmH-B-|ARM+2OX@zbrE>o-D{Ng_ppPF1{x z+dgjg*;WtGA>@TE`xEM$1UQ2#{jNZ2SzDxyHJiE-z!WE)`U0)%S4v#O9RO^e2inow>cd4-?B_?b``sAB!^1D&PA1$=xqvIKm}NqNF8A^R5gf+64(;$O zi(uWh_k@}=?~OFv&bh1o2e|;9n8(@qOk$-ZwKLC2Sf0V0hCc;i@E%%jFbkApHl{GF zR0fknyD{WnM5>-=EdkNWnR~M1(8@c-^y|mAY%_VJ**iSs45+wwY0lA;)w2N_Y}^br zLEOU8QURphxmJ=N#gQ2h$I1Av4MxAK)`Z&^BwMQd*YAE^DB0@5gqMUjjaZCyNG(q& zG-VF4U&0h_EKb90^`Z1*n}#WV)#8!du_P}U#~DIao!Tzj$(*5Z zl%k@*RPp+Byf}pi#&IYw#bI%BxFf^h)Rob$9E-JHm$mZY_Oxzg6Z0)BfOtbos`h8J zw@tUNh9aa7)>)F`XRK6l;3WwjSwZqplr?aB5vl1VkQB*taY z20a*L;#RcwnWfyKPFVBFD2ec<^30iRoMXggN}DUm-s|iiB8)mSODkSdc^B8l^0BdO zcnNPl*X_<_gXz3vn{zUo!Pr(CUnw?(#JtWD1(0Lb`a&eGLvPCV7=yJ4;WbB~CZ3IP zmo>Zb-XdXKOYMcVvZ6J~kPHJ7>&yp@+=bK0(`jLw0?yXG1(kdOnu8Xun=>rE*FP!- zh}^y(Chw%P;Z!zu%w?_gwXlox+*m7%^<>wXaxV(6&Gl9nG9Vg>H512P)bvX)M;@V- zmtMil+GXwm)3h!tG1FNts~N93%{C%}8B^Si@O{LA(8(E=t*8 z_zpPn zDw!?^{C1NDdiqwp%pR>`^gid$mW88@#ZIyD<;jIvyUc0~*kgp3R;n>hG)eh0ZUcT% zMQbzu-jogNMN4+4I6Cs}EMS-?+4Ki~jC=2Lh!-uUHiVl+A2>`%+`oN@q$pc>W4?ET zX#?%hi!!#>2i_a+$Y2y&`|5QKOi^?^NYYbhtGck}V>DONh8v;+3?AkQR23=0b zXi7PSSF+QDiT9Au`be)+d3^{y2qv2KmM21_pC03TByV>2Qe*BLzg$_P*!bIVAua4# zkV!6m4lBKdWbvo=KirIqDp+cSTlvukw4gehD@>2gD z6Iy6}+BEK6g4AJdqrBrr@jdrqqCgOrA_~UxI>?d6unmRa>CnaWUh8Edr7{$E_i64m z%)H)hy~(Z|vk#9*N~yz^ErXp`MpQ#K233tEY&3E=a>qJsWO7I2;?XW9+2`>Ep{aQ0 z*v2Zx%fxAwf4auRnaWe3|LI((M6upzQ>>oR5pvUFnmXvp{)E*2y8W7ZXLDvmQyD)c zHKr~$CWPDpBY1ve?1*rieu&Yb7+k`#@<@qQQArDn{HgxudfED4-dvvk#^MsYz8tpJ z6w^qS;ym>blU3*YZ;mwo`W(+}H9Pv#P#8tlTJL75jPp!mdig+hPEB$ME)TUuM$X1y zhh`QUq4-6bFz^l|T${%JEx5LT<|)vD>IFMi z_es+mfg!v)5?!1|jS)qekN?see{Z|^H`<{~NBmGsgr^W+;nJfz6FHrJUi35C{@9pM zH_+mx)jDAw^C;AGdETT{c_xhWm968K;d#5hk%tLA)w}uOME~ac+E5CN@QKbl<@AkF z)1y2_#tZE!$R#Z}@AI0+te>W?Q>A$1`Q}O#OriaIZGpShn9X{kBSVj1ghF`kZFb*3 zCt`#pv7~1QYdyx2Rwsy^E*^@haWFh4p}vu}sn?|=4 z(tydTxvtr|@~_^sa*-WWY(Twlh z_1t?p2^V>+J7QyCAa~elDsfLkim=27jqG&--sB$sq>}!mgs;b&e8=wtY&97UcRANQ zM?DK_GLyYV5AeA~l)x*o@{P0u-|RYNE0#22`5(`{X@+!)M@p5``p@+)-RFS$g5`dw zKZVavZZ?MXBSWjZ*uPC$3T6_S<}UWE_9JS{0fy9cc66Mz>9JGF)sjn%X#5wKus>dN z*?cwWis~^Qr=@?6MJOd}!074qO5!n>kNh%HUL~uoEY7U!%HoHmPY6uiahw(2Wam1; z<23lHPVDN{Psd?!4675xdWCp{j>~9c*fW?DT$)j|q1e>Y65T8LkEBliq7yQHT~@6WjjNs@nU>ay9GUSYwHf<-1QwAYLt{xrLgbE9 zbuWYG7T=z5q7xMRB1%aCT4Tnn*}Ulfp_ndBs(r^#g2UjN1X1o$JW&gXyQYZPfImew zI_W}lwiPq{G*@H#1A3wEIn^jvZ#Nw-XThQq2CbavB>gtPa8}^--+fLLK;s zOgn5(hB?kuE-ly;22K9yL+atL21m8tS>(cm*j3y;Q$<1fhZ&WUq{i}wVGehfMK9jK z+`VFY+=otU=&+}0wS4T%8^hwA27=$38t)dZ)0Em2u1~o4d@Wf|65e1HjKlcIOMBKi zt~92A1Hv;gw^-7y6P8ig<+478o=!%zs$)qHs%X(G;6DDISZhX@eq8J+;?XO~FmT__J&+7?!Tm#~JQ=dC~#lOhC zcVi)!?DybT>Tfs3o(Q{x_f{T6dMta{LRCejfoi_Tq3q0bikEsYAtv#{QAk2ZI80=K&=xs2X@S4}A^0>M*pP{1^DZk+pbgqF2@Jgkb zxlYLXhc+1ZjUY;F_nfE%!%?x&zFmc{ws^lfL?7u)V95$1ATiX${ z+Uqqq=*KgA7$f5~=73BdGtk`h;#nT>ZXgSOHO3y6b5SF3{id4j*GDNBq16&_kx43# zOT)05r<*Gu7SS)R9+xQZcG+B?PBd|$-B?YPq~gV5$q9AYSY9fj6(%Z&fbdH7z}dg< zh&X~=@TBT-zGhFV0rpY<0{`UG_@vy9&p!Z+$h%puCbOw0NAHJEt3J+0)I8xS#r zxFbq(TLFg&Zn%?t+?TwHU0F%{TD_p)RY&uADD5hkTilTr=u!Xt(O#FoI2h3*Qk(d8g zzhcByrRKki3NV*h8*MG}q?YW#8&_0Nh!h`JxBZ}co{q%T5dmyw5qq*zY}r(5QM$P?^T;A787NzZ6W&v%_YoR%WVOMPam;)>dKPeyB-KRnY(Jys8{ zOJhio^}-G7d-m(|tr0euo{^VE=O~o3B67UdgTY}xl{e1DhmRiU%m9D+cBY}7`&mwN z?>o0tDPZ=@$fPvHUp$1IRt)Pk?)oQ`zW@6Z#5V2+P0*qTYl8fLui#oheWXAns?DW;ic<8ms*%5A|DQ zFxbDrnKsbtru>LkFU#ZO!|JD70s);X!VKE=TZ8^-Y3OD0D9w-WAOvhD9O#TQjC)H& z9@))lb*nmfwS`rqGjEIe#Xqef2_@`Q=vwcCqagqIfw%u2M|KxcpMC-{7PABh5D&PE zaA8UFHU?io^#2{Ca9YC?8p8rGr#X1nFLozTC>O!pHa9^jTzm5dL=v989Ve94xf(%Y z*^c*zQ>|!mP>{0=p^O4fxs$H{KuI3M@V90pI+=+SA%3fP49ntDs5yvQ%n`8eVhcn$ z@nAG)>>Gb23s_=XH0Tk3s&laPc3Do^Um~Mh0lW$%`PZdNNOY1;7e4)?@jbfw|2Mq* zVz#09z$=FD0uREb4}c9P zKbiQ4Su<10rOzkYvdhEbIRZ zIZ}LF8mAyX5Rgg5Tp-NyN!!7AuX-HEyMNsIfyg8xv3mj`+i>~VJ&PkT_%&nUcJ&YI zQw_z^3zzSvw=lWmqYQ4=y>b(hQ{iX0vFhcO`r*m7<);x5k@-rORSl4`?i}d(!)|23Dt^Le<{O31ooh)Ry&3E{RdOoifr}miS-hbILbSh9Fcn7M zr?6y@aP=U91f6Mj0)`siat-PJ5IgB=!OrKGWH@zR&S8KhbJ(amtk$zdF)g#x!dy*# zg0*ezTc$r^Kc3**XRb?NQ!Y$6FG%1(w{J5RlD42K;d|5up{(a(oCUF1E&3j10({piy2X$P@K{AdG2GA!P zhv`cIS#Y365#!lt7fvnzxb;E;Ux(nd%B3Q^3{9EVa*{tUsb(&b;6_2?V|1gdLyU~>&WJzRZUnv6G; z`EsJ*OdQ=g$0?dZs}n94Zy1PQYwx=nZdh?1YF60Vn=4tZM3)2g1AlY9gjjTkGDM;i zl1+v!Y5mtHU(WT^h1y+<8G?bMlXC^e2W=HQ7lcTxL$KhZ-&~8nPw8GP&Z(anoIP`H zffrrrUY6uCJygH+(YKRKwZ$duo!}sbUs#(X#OL$4O}*8{HiL9rhqhw!kla~0n}>^j4y zkculo(^oE}@;E9(eB$ZB;E!}zG7CWymxuZ}v- z=J}WTDy{Ryurl*)1}_a3Z5l|ozB{P;LDmr7TAJCvLjC0v7Q`SaLaYuRk_=trqR=0h1{2gQ_Fm}tPk$(s%bm#7n*T1yy^5NNV4bg*4<}1(|iD8bYg~F8-DgBFGsE7|Yoca)C88Y7D zqee|s&{8kiraoN~YgypctOm6i6qD5W?KAED`J#Yrot zT3fbPBJ!V8M@C}oM&@+YIT>GJveZ$@-Q@V}g?=wzP>r(PWqbOYD;D8(YlFa*67T7T zU|v0)0*85Io_M5Y5r>X(f_fJ7x_wt$3hVNl!&KhtA@G`U>Jbrs;k9WZvk{r3@nW(Z z_Bld|byLTAO_s`#e-sWv0sj;g8lBkoHxMGpJyQG3k6W|i-2flUVNIEaHt*5PQO1Ts18R$SwlpsYJYnL3 z>9SrIE<@d5^Db54&K~N%bgH)>*OuLUP0BV*__gv`=c`?&;`Z_Rfh|b{sAa zj%$kGL;Cn!b8>QOYHGSCfSM`qPfbmAFFyw$09PsO`vR+m0@LHwsK>|8{zXYc;V8RO z5X&C=^c$m+@yzT)8kGA(T2#m6+-IePr_J%VL{s?{ik#QOA?_*%7^4kxN#`Rp6iQ!l z)#l^J&<2p*&i`NSy>(QSTN^igL=+R0mQ+zvK%^T*Kw1Q(LlEhXp>Zsv5eez;?hcg@ zl!N$J?)&JxDB8A)vu4xsQ00bp^e%Ihs9v$%KUuR#o~=2 z+wGae_RKmTVgis;<%U84q|ODzkew^83bCFWo8$-4IA1P{yCNM~G1E}g>eH-`bcFFT#C*DU`!@Atjxwc6*Nc*)NNn&m}^x!K9=#y@RV?F>V?d+EwZ&rm)m`!K6E(NBu|`&cd?uTuzDXV;Omf2AS@ z1*UNNbLt_?RQo&&*^ZQRD=h{ z!S2*%bsc|%xyE^*)-+Yn>X$5;b&X4YswJFBbVJk?l4}>{Z-J_?m2z&)W%H$4;-AYU zTYwC8X^CWw|FhHM_!xFi z-=c(*{hIrru#X8Aqp=}I;&nmSTADiYLdpBUX4?n#mEf7tHd&tn`~-YK17O=T@L54! ze?Q)|Q58*ap82Fsw)1*EDRu_ud=54Fk~eUs*7WQb3OteN19N3bibanHj%xuzHhVqm zV6R4Eggmrrairt8SqAO;ZtV z0GCAH=do5UV}UK=(-OM|flLe$`zr|&-mNTS_e&gjQ$Hz3b%(-mSamdWyM z15YwmS}Bgvcao2!`ay4AUS2h0W-+BruTGF{w;PpB0{RAY!MF?$W^8g#mgdQ>*?6|xo(kvG!-d`BFj8`=I5;X9(ZDMwuUJbr)>lWY=k#@ zF&N!lQBxO$#$~L5wBmy6LtnI(e&tf@Tn{l7l=Xq?LxURNYW7w*&@8ME0SsUmjubNFZGOuY62%C_)?lu zA%jVgb^G8VfFdZ$*46@6ZH9%hF&GE@N9-|VtNmHOnQt%eiFa;)*WD5S8Cu*fjx&kh zl%)p&A^wiQocI8b0F4i`GcssDbq3bs$Y7N*8plQRBliKwR~C zy_6L2F$x9|vtq!%Ue-@nDH0qSS1g%*Tlr}%Jd}-L98~0ZFgI~f`0+RFk4}by1X+{* z!BTvX8h)xmrguU@!s=$i%U_B7Yst1cO<_e7fhxDRw9PCnE$>9sTQ_0w6YeaQA~APZ zpyS}ie&X$0irC-L-fCcPkFIZ$1Stt(4e)84g zkMH7aYhdppDQP{={6h7Y?Q-yHWj~r!sW&%uh>G$9)0?-^!?>z-P636y_QM_AY@RDh zioLEXKri6}8Ca^`M*TgyZjtuXLSZA@IqDEn^?w2#gC&OTm~#)H6XCq$JKx4)*_F0F z7}h5y{zei9m{S<6VHK2;$fab}T8mW87`u|;77mz6lI$#Q)OawKgJLfrZT6W~r{K`k zKnlgtFhd)Sm)6(owXBLDaY(n&N(@G%UJ1Bew2@PZbOv;JySMElVxe0; z-`F%Y4YD&9pA0hDj@K1)P1MrVN*U-2LEUw0qC%aE3xh`X?dO@wc=d}<_qNwO)XVLK ztgWr>ujq=3if)_ZMF@zXNf9{hS~9I=-&nX{*p;R~Y^?9V&2hJmV#r~~t2I@@*m1*^ z->rY~3$|oqW2h!5SXg)I&u$&q-5?EnUa{3BATBD(T@P19oK1R-RsZM`v(LF9iKfY6EH9| zjJYFryLTyhfvBa@g=c5;?9!5W1#aOWr%+Y$Z*_W7)QvI%pFl_wulJ2%kbv}MBN8(M zBO}jz!)~Ym{0b3AR-*WdBcv66#8lOuNp#-Zjz5!_l0thX@m|Q(w+_;a98TLSP+bdu zzG&}ddk?AZ*9UcmMWJ*{hgb4xDY(wh!1(B{$;ruekRE<5tFNC-8dhR?t7J?&V(9U`fJ%BnUK?35v-s@SGyGm&qU>-iB{3{ex=zu`x1Dx+oBax`#s^i zOAg;{C>eUEb?b}9D+||=1qnS}n*~TyWJN)w^?LD^?LqBOcrw2Rve{-Zd~eu$=fZew z)rYPwMFjV`VXwBd`G91BG;-af$dC<^9AMGbJC z0t!Hkt@D$%KoTxmpr6UQo`Fm>E4iYAZ|^${vAx#X*XHLOjvl3ozWi_`SOLH0!$SOW zNtTDqjsMs?0t zi?`rssmRI2hZOq+rI8_Z>kIAN>W;Im8Nt8qp*$*Rafu)p$W=2*iH2_TJc_;=WMKQe zQ^fZr`RbRf0VQvIRy96YoM#>!=7cxC#R$z5iQaQm5$m7bDU^-y{IJ%T{UW!#PONRO zX5V>XdMY?g%3827*G;n(!RDG69YZcNkttVi!U3uwhmMNy$f|Jk5~V0(7~nd8N57}C zIhNqhREmJF7D^BwN)BtS<0pVg7FUKw_T~Fix64@h7 z-E)0!#Eowyf>Ak3b*)z1bYbKh2iqmXH9?i@3%k@d#PZI2bO+c38n)`{8&S5X-+$8= z2^{yW3eYp;JB3C}F4&E4gl*8UB1E6Ftf5x+z{K9{RiV`$946s8_yKD=P}lAPJOfwn zGP5y>0oc95rKv?#(B9;67L%J{c6QFP@W+B&;Jf9B5F3{(WGwd?=M+u>U%y6;3#`;5 zB~hnqKP=&1f|6)bb`@WQ6!$w}Qa*U8b2)umRTcT>qxG&Y*KSZ!`O?F^zDvB3?0wcW zXm>Expiv9kpQ|fY8L^?=8A#;Ek39IrKc%zaehiNI-_w5&4gYwOnoNLpj{4@j+-ncz z*Yv!c4lf3FHh(HD%)b-d@I1Rg6x^x%B}_o!(uD`s@vruq*G4@U-Doy=eHFaQ5J}$= z+lCoGQbX`g=_^LR1cuioKUFyDYykxX-Ge)F_Y_OG=$c7b<4nUGzMWAD?vDd(FpUWh z3=Aw9iR35V7&@3*v>lM*2fw@Zbdt_ZafAIrl6%~h(nPA>!KWWE1 z6`RG0>pCGUF$A(a$Gh_3Evtv|3neOaw~%>gnfFaIM2ZZ1hohb6Hq8 zj(EyyZ)Qc`XgURjpa&dnL%?_ZtlDh;N9`fUh@ zqF=C*8o}u1_aEA-SxXEi1i`hS0P{M#z`@^#`L7R8?|}{1CtH zx#OwfN(drAN8-;BPZOPS@kJ7e&of>U>0D;PXX%INve+w(x{>@=l?^mGI2P|{wlr#JTqz%ZPDqZu#&Qjq2W1ti-K-<5|?Vt@>JQ>N*&()d?ySubl z=;a~maHToA!5{1fz6(LSX0AP>M@@!n(`jI>x)TFOZaNpu@1Wq!8j9v$9)%0J;v`O0 zU!+{02S-{*~6-y6Z0Vl5yWEOUvPp+=&&04&G$ANM3_sk`xI@ z5&Uz(KIJ)0Al+^Kyvgb4P(Gu1D5SX=BAp+IiHVKv!pLz!YtrnvgbAb@%@4a6x93hd zUw0@WXWONGi2ms-hz64k#bchj=O$R|J@=0<irhM)>ru1l5>) z->FloTMQD9Plm9iIDyIXUlETx63qWS|CYNz@u_{&J3=pS;e=15&W+XXM7rg#&1sMI zyfANjf#7EUR0`RFci^W&MbpZt4LwNO0va~xbRT*h<9=1Yip9q=l5^YqygAK`NJ=)Q zRcWQ^AwGhL5T-`-9`#l4FE|4@jM-;WpAY{X-gI$*eQ&~cEdKpWBSE-@-j#Wk_F}gI zfEEG24WxrMrlyPblvB$G!Xd+0IeB<$LFmrR6ZMLDj*`l4Q%zjA8-9veCi6gJDQ`{z zHnA`f1>i!c)lCira*6l+^I`T9EGTa;o3D5Wp-X~aZb*Af9dw8~SwECd%Q9aFRU52F zlEX>)o1b0UtK>sMUdm-DE{^jX$N+6TTBw`87;4xfo{It*V3exE*BB7b=yGV};YzI@ zjf9lGs%~TNj)yt_-rUm;ir(X5@=$?Js|T#-eR)L*5I2;&G6w%XbcCkt8;e%C)1J#@ zy3~+Y!tCA0zD~qTEkY*`K|I(C15wl+;0-|e5a0k50wTja9LNsOVET0xsf!&`MC69B zeO)OQF~R3rOk~yI2SB-~EGV<;;ADMTNC9fgE;}0Wdb17;*R_!1+5fhi*Px9_LhQQ8 z%T-7B9D2z=$$HeMz6x4vWTi7-PaO&l{0jR1_P1Tz-}Rg`Kk9cDi9{AF9nQmUK+5$S zRGm4$)=7%`LD%%4f>eeh9m#Xu)@0GI$Z|FacO-s5gf}aL^eVd5kgSuZJv0hIqH+AegNqM z6|;py)4YGVY`->Tb9g60in!OQ`ZdSO7tyU@e@t-jEf>KLrJ{;YLzWwdnvcmCLi`TR zTh$nzA)>D|^2x0aSo1i#q=g!C^8RoLkU$1fFr5~Lryv%)Lo+`<5@;MkYx@qP(LL|3 z$=u(33_>Hq2Sc6a>q|Q#!+j~cCSq$~-_wvghmm#VwCX-P$e!1EBw8JAJ}V)EDWh^@ zMlnC*Rtnuu#M?R~IWQh*P}U~~GFI+7U8gyQ7eHklXb6YS#S&h-)@a`TmRWl=r&FJ5 zDlE&zldO%gx%3${B-{qPGEbX=0;QON{ojHL;=j=zO^|d~j{=E+qP5W}?e*P>+7=_t@w8p=! zG#K6-`Kk=NU6=j|H{WOrFQTek7++>X`L00J7a&IN`uS_8u;bC3&D2a7L?UWMxNBqt zfo!A${Q@%SY;E<6o%v^3bG_Z}{2W-wnpqwSvL0LFAb zy#mxsO;&^bscI2uA%Ls{X{;(V>9V~0i=q1#eJ?EJ)GS_xLvryRC|@~hx@4@wAN{W~ z%W?woN7EzdMrt#-E^rh0r9uO2iklY&5reK?J~?fEXh>xT;7q>-OvsdWDy$2r?kqd< z9iynxUzHcIm^h8U&+FzD#`J_qlac4k;|aBvQeM19tqLUUo0>}aX$H*e-2BM6(~+(h zx_w`F)E!bBNv1~bt%BPL+?-dZWo7RS8h-u@{s^*})$*spwe&z(%PL3ZjqXo0_lZ-- zypwaa)=EAQwpA*Szfk-H8G--7kTrq-5Xcry@yd_Cp#U^N7|j(Zru;c$FqJ zxyPGkcr53%ajcKh=F8OZ2oFtv$j4Ob)U)q0OrM0iQ9EI=kJ0oBa`BB>aHT z`W=<&^AFAN|LSab6BMc&Y6^##3BUlMtE*@6klAWUrK!r2=Xc^Uz37f+dQte5$^J>@ zn`vo)afS=y3q;z&S3WM4V!B-{z3SGm z{6Gv+H=JO3VJg_?PUDI+s6g#~ClrMMJ_rA~A;n^bSIruM&VHGnQ#CSY3E8q>tLf?P zeEIUNnK0|^^6}x>hUHx&xlXXscVMLt@5NG{wo*)BTy37bJTlVMQgF`83USUQrs|2QH`9gyQ9XPbuHV%dQasbBbmUlfv=M48Z{TZRdA=~oto=o z3yI0seEnG5V1D-CT=a{7OL16!l<9FT!0~%gc)rsY;R%z0Nrrmv)>r3ZGqRKS=DL9^ zzk;7W5EoZ2jOAXB1M>i(7t?$>P-3e1u=zA?GYH(_j=jl<6L=z3&(Zx5_ookSB-U_gz?ot^UIu?F!o_nFS3{7^*V7d&*jF zvO`X+HmTf+TIeb^bbLk)oNg(*2YWNq(R*WIhz;pVe6!_-|0^SN_#<%edaA=D{QG+v zZDg3i_i4R(^{~J^Hg%aA)HjpA;J?6L9uz(}F-!$chO4+eSyD8aaYO%{tMmZt{)3hL z)j2Pp^trFgJcm`Os2KYPgpC)dDS0C5C(wPlEJsslceI%~HZ6}uSy`nW14w;&?v2wZ z`=|XV>4ZN7C%rVV+_J*tu%EMTjwZ!@hxvcc_UIcBW&!8M7&-RO({UrKRsifO_x`e$ z0|MB#4b16Na8TUEfkH0oQYrlB$Syq^SyoA?>Dyk@XGD`ammL>^THHW24X_N$7AMZh z7l!7;w_|W8avY?7ODAMc%QgQK*8Y1_QHkizw%;jal+;7`D&nmLSy&6>G!*3h3xhg3 z+OQ+}cYZ|Bwp#wP#S?FZJddNw+D`v}wsFBKy($ywd^<2rF|;-AJI1=(%8<3Du=dqc z!+#c_FqLMb`^ozg4|!aTmEl57fdMM!s$W7i&?tF;7^u}UCEEA@C?;wXxP*;)j)Sau zB}ED9EHL~VWLSS$cm9J93x9*#)5;)aV@mr&ryCdb+i)S!@ z+{*JaIL&(_Y68%$Z%T+)3EeC`nC(TG$7y zS)8eG+nc8hI0Ua00I$4c^&geP`tF9874FKgGP zz0cONRug8uGOI$2;X{sxG0%ECcIo^nRvFy5K_`iS|6J^e@oqwNSs=DwUC3K|QusUCVHrABM;-~;_MUIX2#%&3RBLddedpq+uW*&0QxM+Dc#~xz}SXqD~h!;_Z#) zG!^YobH>4Idedw11oi$+6niksHo0#4Fyj7aTX3&)85P?0_cYXkYq$N$v>;sS!Y`Gw2hJOby4>cvb*7vvJ)+q=zt50XwvwKp-oLb>fDiEI z)-IH~9;>BgX-xnXv!#&dz9KvVr<$xrFg76r?Xkk|b9r;>85Q#U6m(aKii?XYI%9>h zWEIW;)xh0;(tiA&OF%RQWGOWWln=IN)ZueT2QGXDwLy9;QcjT4vfSMtT)u}zLk1=1 zf*sX(9&n-5PF0XsyigW>WUs}<#bXzSK{+-6RWXiythsVvvZFpaH;o#{ zTn!Ao>NrXR95T;%epT(Qgo3BC%ck1e+8v#p@duQVAfv1*TBMI~ST3=vnR-{n3TvD$ z$Wp~-+xjhvG4*)Zo%#yAfHc(4<#U!SsEGviC2^7CbK{`%8xhrByMg=R4a4!){&iTs zP&e#+Z^$v<`mUgRdNV1CB}S5Isw(8E-CZJx?F2pb zVIpENwsFVEOF#h$u%U~w`9HSP(U+5d{&-luv$YZ?d4;TlO8CkQajDNV0jO8kuSzZ` zVB5O`PkiZ`*!W#a6trs_26-u?Zu5mZLca7=r!4m$E2K$<&Nh@xvt;bqvH6k;loj~3QA_S~Z}mX|P%T`&!E5QnY>$ofyt=yX z%x`TBE?|4Bfy+s`4KdNqJm?j8kN%kNR-H`Z`8`0)f?^?6FGv2ljhHY;kBhQC7 z{QSwz`E4mA1|=R6WrG`;huU_9Y)SeuJmCynt3@pr`lbtt6;V6wR6$y^-5K z7~;pD78Il)tdDI#EB;850n&=oX#(QnmU(RKLY6DrPn8y?;B>YRX7tp-8H z>R&+waiz@ia`Hk#LIL3+WkS#rEC4M!ItV4buFm{&@VP-&M^d1BWxkvHJQi8l`Ea)3 zMo?I(R&jw6m8H8W4b11V)u{imk(mBiRXdt+r^kPOV6|I!vQ`a?msnDgUgo(Bp1eG$ zO39;WCpz?%N%8f(YHMrt^bI`S-E%nBjS*u}@b7W7%9;wCeS&5mo%-|dZp?z00wPFO6rjmXO@5% zD$5mB2YG9b7yllWGi?tqFq1VjG`y!)!UDB{RF-X}o5|)F%H}wHKJ1ON5V_e~L(|&` zu(ZOhK@C5Tt=ScFzB1l%Ic4S9qLKk6hJa%uadJzb#tfMJD~slT=nE!f-Wg38H_+EV zUi4e>oi1Z58VS?wDzkEF9R8lZfQ(&bCq~268wK7w9*){#@(j zj)OH!_u(or{@e3c#RR2*GH)&TEK8Ob^BAQMV-*ZI;zZq8%LsbfJ`)KerO!Jcfbb-o`C8n8%wSi%bOf#NEs%Bj-=`SLQ{typr)*zL8`dYn--Ov zMa_Y$b4gR1#4+8-2%gxOi19(Zu;me0E$zG_kXI1+SY8rImMM7#`jv07fYV+dHJ!ef z3)kLAk4|+KA*aPlIeAF-g-SeRm(5Z7o1kYCIK(>fYk%m9TPD!oY6XgTB+p8*4=maK zawkhI>03(lB#cMn;&N+AaD5 z^^;t1EXO?{&fkvdcIB8S$19+Bfs0IitCchlJ9|c{v9iCsoRGY{Qo-z*^D?kT4wI;kPNu`ua_{svYZnX#DuS&Rgc&fc2j z*FkEAe-7ebmoy`g85@uPdpE^ZwWaLzidi=!>_+;Ie2*v+Vs;K7#ILt(Qgb=HG2lrC=$>A&3I5hh8GNi(ex?=08-T3&@>!B zcZ%LEMBRxZChnR_7jz2%Az8tWOcl~nFCs!D7`QRRWc}x8=;#cwIPtE3e2&T|rhWtn zc3aho{!awu{as)5Fwj`1wY5CKgj_qf6ss{rfQKh9BO@=X=r#KRC?6r(mJUU7Nl7pB zeFseMK@lIQgX*!hb&j}(5RnBf&GlFGZ3=?@C z4<}3fR|g3}b>&v#8842+Im#Ek&pRn%#LEjO$2DwKuxOzrO9)Xi<=1V)6-T>pb_V?)b*n|X1-h_<2ybh>!__-d6=##(_ z^qywrxj)$3)BfBgd z?7H_J&~<9CLF>=jv*5btP9QRc;#@A^mI3|tl`;GL5sSbd;ep#7C=yoCaAIAwTP?Qz zovkF(U#jtVQxF!NQCb1S<~jVTOreeZ?)Nw~#P23Mn$u z*~u;}s4crrrgvD^^yJ)Zce*>T2$nmHG+V)wl$&jPbp{7`mon<=3?t*D$CmUYUz~)` zfy5a%M*!Q*z}VR9!-o$LK&qerX);Yt^Ws$_7q zm{Mw##j%11ZzmWoo-wi=w~ zMvxT`zQI_LW0qKAn5IE2AE0ACRR38EaJt9Cx935Py1TpkHM2e%Wp-4dR9^%z=bRM+ z4aXULBXLk)p9k&-ia9Su9p@Ur3|K)WIr)RV%_5`e{BvO@Wh>d6h{#A2m&cOUI*z*o z2(7kFwJ~mm0er|^_o@qpFitqBeCNBYnvz}XuDg1Q8>&=T81wKrJ>OpY*g2Em{B2 z1qbR{fc+AHg9JsFil8A2a(OD2+PP!PavlKZF-N%uOs}XH{LDY*a&TFbg@o*t#5nX+{s?PPNbQSa_~$_d_L=tb%!&P z^ZZ9eg>FLF-qy^Q_3@u7t2QHir8P^Yk%Y0XSRdH~Gre8+xl(x*edRBF2GkxgMH}9o z-_h#6{*%i8LI;b?f8-OD}=DRf0T;a5po^3mm zvN|{Zu~fX$-sIO8PWD=_8`qmF%We`8hmK{P-SBL1U*0SfcOhRP$kan3JG8MpHzI8H zBphZZSnjW3?Ra^Oe@q%aSjsd9Sv#H1uj4>LJwYF`{PuN57crOr{wHF)f8Wn}F038X zM@?j(ch}z$d9WD%$(hTZm6i3ethS)zYPky*M`u^pB@S!cHk2jK%h1$xWT3>?KiUso zh;G3;0$A@eB3wkuopG<*OW%y9|tvyWL4I&W?o!l`-xOrEl=I z?kk5m^o>H&im)6m&SAcKA+MFmp*U-xT-oj-xKi=T_4pp%>#i@&`=&in@yf7ErUiDePMyGNbxgeIB#t2c)4i863!MTrK&m(9t_~5lH0#h zwZt(aA_($8Ma3tdfJJi0mpv>p271E!qD1%Wb_|!DGTZiEs+!3Cy>9KPjEbW9U0Fnf zc(Z5a-frX4x59bI{M~8+1M%6c@4Nx{2eI(axw_B39$?F++!mCt*nkL1aISM^1f z-+L<0%INy&;@VC~weXY4vWOiEL^=xOJl7>ZW_jVPnix+wtMxaR{#w?g1dwSB= zLWYh81QEqrwP^ojyOJ2-XU|HxY`j;YP*ET#-rkLSL{eJByFV#Cbe-K9NoC%T)xEfp z)=s)< zki%9l<4)pt&_%WvxHGoyKu%0BKT@%u4d{xdJoxE9H??U?3dpv}TQ z@l&PdEyW?d($f{5mLe*7AP-!zYy+OXyqJoH<2si(U)m1I% zQ-1Ax{IjqkqZfIN#_p!+_Il4q56^Zzuy?7q(ze<88i>=b2};+^x<=5rxD3ru)!HRi z(mp3C)T^B1b8fu)$w-$yLfb5gady@K@ir*K^R9T{V+RL^;YMnh$s`)joh+H>o?pCVZu zo;d+3H3*(xzgjbC%&m>+3OAn{^by|3sCdhF@FrKv9j0ObYMgks;h@5DW2k6fWurEB zj?G)0e+Ud(33Y>2On4Uk4*N_I+UQ@`+s{v!`kWtsxOnB0sP%nl))+SYY+>@wIw_Wj zg*UJBTul3IPP)2JM$$n8+*vT`yuxurxT*5>Iuc6>aGL@^&4P9wC2_;V8d^WB;GlHxwYI-+S8Myo_Z1Z+Ett9h*qqZ>U~tn#0l~POr^Nk?~;bql8Is@ z#(kExFdFD1?RK6CoF*qE+W3BcebF1irHqKl4XOcxLJj~^X)wb4Fr|PhnY2RLzR3Ip z0GFPp4@^F`aV|)w9?6r`GiT3+Ubz2K5BS zm^6N#L)5B}yKjF``cywj$y0F#Qhu6_Xre(0Kuj(2LS-iw@AO#hl=}pfa+A(5sotv| zsVFzE=cKBx|49%~m=p?TvFKIN%=qehlu&e9qZ~!q4p2k%OEP`8j^j6&x1L_)xQc}( z0)xSfdUNjbt&qcnC{+m7u6hkX3mCz})-w$zT}aRUDLtHRDLp^k%RCxNN(0c7wFC>mJvdlO@^9{{K zj)lQeb~fWaT#bsYik>oK*tjk$dDB7$L`L|H+xN2y+41ul-RXvG9~C>uii?9dESs>J z+Mr&Q{s(`p5R@905LE8A7u63O2aLY(fhb-wkhbWjAH9g#YX>*@!6>)`IhOIz7`D&h zd^oH)kj!#u!AD26u3)a#%qcLqF-t9ag4R_bSy|cfm8~BW7BVU-sSfSe=Sn{PE#m)t zfCmGom<8u~J;|{{;Cd|yM8s;ejD{#!M}|N;9h#W z#BIvS8EA9wV^dR8>%vSl82fGmLbK<8u_*+A}l}EzXS@Vt44v~SULVfxie_7fHTyOQ~Om{2$GCs zgWiP!9De!5F{?conP+3ajgWTx{KuAF?GKFEGdMS&=A*?=Bj>!{FXSR}EPXrxBYt5w z9hzRZ0%ICxhU8>pRWv#)ZlgkQdJ44#$mg^iXW-lDK!l3+R$_E?bWe_sc$%Gsprd6c z#i#mC5ho|U@|sjAKu&{CNJ8>)^qZ!t)%vpSTFzFs)l6IKq9i~7h#jRolZac1E_QsE zJxR+bP>DM(bWG(qfhaKe4BrD9Bm=<6Ly?>MX$~(`SXi38`}!mZFK7$q{)w z?KzBXHWd_&c;0R8?Y&`aYz!G;fPws}@s+h{N<{ZVRGlFy>L4ICt8wP9Bi0chLdTqk zPL9oV&u({z9qI8bnR0eTQlDBDN{|324-T*R(cwR)Mo__p-)QJn<3SKqm|&=zNHLBBM1jgPD@7O(~xlY($lbo5EStdXD*2natd}{X}9YT{VcLTfyOkV~b1t9}w z4Y4}RC@e26ox}u++dJ}UV6x8)`7f?1p!7%?L0jAM^J8K@yYrMb;5O&w_m5UrSF1f3 zD+mks_0-aw>@CMxPD@Y+GBlCv%0?Z2pDC!g@yZe1TEuCtMWByi_ zhXqVkt2j?e*zSVbl&NMn4}gZ&*WdpW%nz)sZB3tf5G(;wy8hBf6Hfn6FYJU~nEEcP zq@*OKw3OSVXdyA%Sj4o0ef)h`%A_%L7R*9X*d_+1`tIV*>O|@3>3}noFxlk`62!kr zicV3ECIsiCOrpwbRJ8)%nM>KP_SiN_;2ehifKpVvR|^?yp#BRMdhmuTR5?-6kN-18V(wnc;x z2jxmD-6t{u@&2x#zy@Ivh*Cjg5gS{^p(DZ=0S#K8_t$aYXf9%NT%| zHrX6WzU5f4yHk{rkugwA(;FyNR3D0}n@1oYR71$`5Jx#f4+LenYiQbnQljjMcgFp# z%=-WfTOo&VHu#EeMf7g2d`xmvb#fZF5N%1OTw{QW0jfGKc|MN5Px$`p*N=p52=4wd z&w$I?O=%zWOidXv!e~|6pa~B>cLrGU>BjX@kzGOq#13Xk*Ym-;G! zc9G&oEpuwW;hM|+x^)dW_|;68Lt+5X9I#$m>+`)68ItwER>opYeSON|p(#u6Wgz^U zW3}}62Mnn5KQyyy?{Yb{P5-Z`9emp{D=6&4no_!P(xLQLl!P9Q$XUJC|%#l*+o4G9eu zDU3}u5)DEReHZFYIPCTJ3Ql~814yVe@t0HY{aI+$S9D-`#;1Brq~1S@9;m13Eiuv5 zylJy`wc3){rglXIAg+beinI;V+}=VsNIu4P76bJW^FT@jSTFet$FMxWW_srSO#jYp zu?Ysr0E(F|t6wq2*=f0)ucqd1M>f}iIb}b;0w@CiuwvE4C^aZ&)peqZ_M{PZ1MnCd z$4=W*9kc-c3WY~f80W*cx3_Q4O#1JVkdWMq424~(_KqlT%}wRE*}xLkICy#m?-G+L zq1&erjeVxd2I>Iu*8%~TJ3KocQ!3yTtFnbGTQenQ^G*J$7ugAOyl0S3e)axcQ1ikJ zMEoL)d{cIRt9%Jtz=4QbQF6oZy@_LyJ$aC3QDAMbH-A?9G#*X6l=E(+tE;O>vzDDh zyjF3jEVj)o66y1jyL7yCyyOmU07*ckHg}*LO=1oewORY1PtBKFb{vugh2e;oA{k|x z6LEasM>;8j+>MSG`>1a;O|umST&9J2+Q`q50XxrJW20#BiblQj znVwQh)ibXY8&QJ3hwwxF!y=cxJjcB9p&8{pEjYcN$Dp9Mvt5sArbu&SoC61%nms0$t-YG>wXAlGim= znn;ZMI+T=GoZ|R~^6ajeW>507f#?cp`6c&YP;t_4KbBBR9_crw zZugbO{MWZY=ml~=O6si1-i#u| z*C|SlhRlk+80Nq_L+R-+9lC_a^*#T6%r%Y@uq=`8cD;Wdb3sC2q!MY%QecD(ue#t` zk#DJPS%!>}rP48ai;@o^iTw<+lPq=x!Y5)gnqg@DHtRJm>GpSog=_5)nZ;!Zlw)Uu z${6qq*hmNAUdKB6cu&XsxFAsi?oM%sI8T2s3vu1n;QRV!(?L3MGkxWHA6=7^bsER3 zq0I88bASKnKOcZ=1lY#eQ0qjCL5lj#i=2bY2y2|haXDF8oS?|uM@7lA!_R<$o4( z_>BYsWSerZCr@a3|M_y_U09d@w9lhTWsq#WdR!|cDsd@mV-ik$w3I?y*& ztDwj&WN1#?=EN_`?qoTuNSC#A;;0Rlx3+U%J1h7e7+FU(Hsz3&*48ePpIpjgJ@4s% zo$^qyF~I!sdQ1Tze~fw$Cs%V5>T%Uqky$(W<*9%8pLq2D;rVUQJc0r|d945QGNAML k|CjwAdOrD7b#S)&bx#?_U+=H}1^y>0B=tDsk>;EK4;bo*3;+NC diff --git a/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.png b/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.png index 710b05542a169f141497c652377e879eb1e54f97..375b692c35ee9fe86b5a94b9f5ade89dbbfc310b 100644 GIT binary patch literal 472977 zcmeFaXIPWlwl=It1VI6jqI3lTB@{u5w17yj3JTH%6cp*bMnFZR3rg=wuhKgxRRpB> zB1M`ILnjdO&4;ztdG~p*bN0KpS--w(`v)(H&ok$!_qfNHGXWZE@@GisNRAylc1BU* z)}3R=DB#DAk#Z5A1piWCi+Kfp9Cx@QfAd&=7sJxAV=TuMZ%J#p8vdMEanN5#7~V6Q zvSW4SkPf4g4NP5QT6v`RCXI3A-TW?{m@|7!zsjB2CR~G7Cu#jyo>}(H>#3)!kBXIk zKD{oMXm{VVnd!de{j#_73Xyr$X7?jGms_}8VaI)s(FI$-SK}f&Aw;kG?3nbkUB`hd z$0ioU7sQh`C_J6&+El=w=d{NO2#G0Jq@Eqa>o3MM1Q!~8?^}$##qT+PE+dnam_~>A z?^xKghFlmS=_A!2$NrXmN)q2;iU{GnYV~iVb za*7e*Wq8k|43e*@gdN1!Y3B^2-pOj(-F4N<8NdiRA)kX)>x2*}#9{I%JVkY?i7A1V2AbolA_~OsAKo>{r>$sXH-Xo-uh&}*PG+F zNa1V*gzu`QOrw)^;BtC;dXY*W78e(zPt&QKp;eLiacA!ojsDg9vy}LmluFCVbUEU# zL<#!#cTFVO15YIG{pxDewA7hJz!t-AvN;o6yG? z@;Z0uZBlIYGHF7$aiZ65Cs2)4J$BNsc9I#da4^j^?72^V-qFRS^))rurKIkmS(xT$ z*ajmv1-wuMPu2do%W{gEtzgcQ?&|sT=QI6Dwrl!myKA=%Yqr*UFp@F)b%z>OLi>$= zrDtQ@YH9qyLZ`o+i+=T_l&*BtH7GQ+^_EkOWHaNKP*a}p(*Vl?U2SsOT*KNbCSC>a za&|pRA4Nad1~m@_ykh-c)CK&c$`dC=c}1Z-JUm>)3*&g2oP0-0nc#6|^1Yk^8CbjX`lhjXouztB8A`*9zmk(iIh>0s z01`pNWs1yuEhbNM8P1&>sCeL^KE8uyEPC`%TSB+ceQUXGVPnfyS|~0d%EHIE@p47L zOE$c+7hKrq`aO-jd$Uae=dNA9PSst9u@)~|DZic7pQ`aB@McQMxX#xoAh0Oe5v#qAKwtRKCKHAw;tbE#$ zn1ZRGr|Zl4C_TJ>b-rhKuv(}NlSQ9aT`eYLJ$^nRAtAhbVSx(xWkrziU>1IsqQEB^R&c3 z@M_wZVBpE+FRY3s$zq4oK5?d7%L6@QWAs*5Rv^v_#RaRdYfe4FP{O0LBC&Ylv1J0q zTo$*>MZUAGp{>)?#s`Sd1JTJz`7sE&aG&-5OGMqgR?Gy@vEY{s~Vgsst6H;)F3#o8_RXYJb5yIxL2u1;{4 zI^E(i($9@rt%A1863`hGD(mJbVm(rMgQ;SFRHxqCD_5`FnqN1p^AU_RmkKYBI_9%S zt6&0a7vkrqln-GDn5tPAnDsH2;%Ue2;P3N(E5^Qhcg&z1|d77 zGfr6E#l=NJH>_iRxzX3G`Wu%(_(3R?L-CW#N#MBLZ}JKXc*(XH194d1#2{U6`VZS( z7Z|K)p}p$B3FgC#!`roHjXd|ZhimM-o{oIHtn}dy70HXXN5xyKH-S%+p4yAYZz0J% zVF!$>Z1?#1_$WBk;$PK!Z&tcmO?_Wn)H!?2k4WztgiRVQQDzR9xbCX_ta;+)d5Em! zad&q&nW%EQ4X0rRDc27cqmn)kBc*|-?l0ZJ&wK;#vIJ1GjR6?PAnM3z=(QnrFt6^- z_~MQS70HKY_mTWSXv4b1T36>YBjslT>yet{uBz(#URwh_lZgk0ytjCwa)?NEWkD#0 z^WteWq$F%bko9J$Cxx8jP-{ZE?`DbE?mCvZ=BRMFZ;qs9sS~8;;|5@Qi44x z)rGL$A$ETjhuexn@2*YB%FDal5~|k9n5%*kopCn6TAx4rp#!GIm|VPFmGvDu1$#zD zE;O4I0kEyMv2R$|z<&uZnNUREGd3}~^v1X`M!@_?IY~_3SIIWd-16|C6@(n2!k17^ z?q#aEmAvPwrf~B+ZatIL(bC&j-$Jk%^5GvfBP2BX(xeSq_!-Ftci2f%wRn-+zh!@>9}335 zEexN_Tw#QypbTP=^b|4lTus{x&0L>YCx_M!(_M&xV znQ)oa7!4yMBNWl1I%L@+ZlIFC-deB6n;`Ky=`(k&-;AD_Ido?ViAWsAx*zOJ)m&gS z;9{LQAksd56kzYrM8Eo;;ZIx*UjQ@7A%-tN6)9 znG>i*PEKxSy3r3k6e>wuQ15VkR7_j{Q*oEqBE9owi!g4w4kJZ=INd&6jQTZBWOe@g z+E{)t;_wT{O#f2K?x2ge2x_+5tf9m0j1l%LBf4^5lG6O898U~dm{R`c#A!8q+^bA+806r78m3}jnaS_XnTTrpRw&{!yT`|@wA7>XQlQz!=H447D0 zaAGi+860NCz;3fiBXU%XR{ye>lw?vzqRZOQ4&!SZ#BN{v4(-gvjgAYX3LNg&hQgTo z?p-aZ@%IniEyXn=#drNUOuOqo7g3PM7^%RG>w137()}Tk_B7xOy->d&?8VKCpjv4& zC&DvHYO$Q5i5GRc3LO3{?gv7WCY<|L%D1vT=^KU-HyD(!y;><)3N{kQR*Trq&E@hquB4ZumprUr z3r|Wibk~%iYD^=d8wV##BT&pDp7!?~lo&!7#2D4Zv7@>9mQ@K0{6iy#P;@yrP_)|; zWfQC#Cp1tF>;z5&BYhP37>UHJ>~@ zP_JjIrPprluT(7$(Swopb|-qxuVTJ0ZLvLgB|Le9{|2s~S3;gH%tCy@wUj1QV$c3y zaiMz%5xe9aY#mIqRC~kzz!7Bc#ktyOcV;??jN-@RC}G}uMzQjp{(|xzT51^O!x}=(wmPIj1zFCXLJLEJ$p>Jo6 zkn<=%*y`%)ZBD97e+1NpZ3uu|!5e^FCssK_!+`J>e`742(qG2r2V45QgJKX7x^PZ` z`8mSb#26F}l7)%lk+@oa7uDDA_t(51*kG|)XumA-ZyBw^k`zgGh^>nlHhAHKi7yUJ zGwN#5l5I(bGN$m0XRcfiJfq@*?c-jHAtY_d88|O4!2dWhXyEEQJ}0%#9|;UoB0Edl zmO@E$!-6?g?55V%0e zBD)#IW{2AwcfSpu*-G$#DL;!gsLzupSgT+7FwE-s}>v@8l; zc4MmAt%3C(yoqj)r{*4LP9Y>j^g~^0FfE7eUcGLJ{bjKQeVM#_feVIS8Q!WL=+1&knm8e=*NKUVfTyH@M{~c&;#a757#L>(N5@FH7w?bk{@QmWpW#?gV5;(7 z49~c9>ST%gw|ex0gQab&?P*Usx#9h_@b4VPNTwLWaDEPJ}{dvw5(FIjtCa7sXbDjK_#|G286(H=L!H*rAk2ZJnA z#KF1b5XFA#JR1V#RnD8}iYaw3WC_V^ z?du$Dcb*9UIkt=W%sat|ViIvyi)0zeu=~1Mkry{OC_{*17C%e0uck^5-;HZc3e4JP z-%x6;)ptl()m8O_;V@j~gMP5~!O2OcW|M37mHGgKJG}g=!iLjy#gFMDrmz6aPopnl zZ?tyH-=Ca$HPpsy!GG(**B=)*T85?VJx$|T7#HYvEK+-}^VA6x0+zMF?^-=B*i4pLm#hdgE)!Xp;O%gllXazr^; ziI@C0&cdVVG!xF{BE;mj|uVimjwfxK&`Qi0g3FE0{XB->RzF84g4Cc#%Z2Mc* z`d(@k57?D4cL+)Ely4ri$B&M^j=1yf-^w8YD!L;sv~(A)%?6t_{a{}FX{qZcFZ5c*w0q}`r*|#gZ1e?jva8aiQ=E|W z#{%uNCn0GUS=7okpTJWz?~5zG$4*x4qz$zKqX{)P9ChiMJN%{W(ppUvlCb0bQIk@< zVl_Qywt1@7rE8&mpSkWZ8&jV*Hz2az@1`D1|Gx1#+naCaZ$`U+{Sdp-Jbw4@;5i%I z2!J8uRuSSfdnQ*vO$i&qESs;rf|7N`u(7o1EtZ4^NAhNl{VA{gE{xxf%lOCIx_v0; zx4V^th;|LmHzBj%ZXCQ{=B`kWzKF|e^ksAXRbKCYrEZUCXP^KL!r29nZN|E3uUM3^ zwCGS4hc%5x^pVIyrmpJn^({)LS&4e*6!E^QKJ5~11x&|lZNO#O?%7<*VM~&WH7dYJ zV#EFPnW$MG51W8H7maXk-DCbM`x!|b2;@>tCtgB+-;Yuj~Ww2!Z|R5G^j zyLj))pyvv9ntWI};wDqrn7$Qz&(FE_7GXlj`(;QThb7}SM=;&(PU9sG$_yf&9|49@ zjO|>#)4gR9Wkd--&&<_YkCA5%I09DN+uNKpfuOX%6ww|p;P~j$Uec!{e&)BKFzEF7 zNzuU!@i*g)dw`b6SP=k%f?4@lHCafJ%AAf`Cp~$biLw>)Obg%kt*8 z8%3{L(7Lj)M|4%uU8;q~&h<3rAeMi-OTWyaa99iaQ|+$O>xOhE7ndz^knadZ%B=3w zsw3*lnc&eFxAp2}kjr(7KMIh%@bvn6orTZoq{~DVYnjai#T2f6?cF)$RG6N}klNZt zbuCf%DdzX#zGnVrUWtr6Lp!PjC)+KT10vq3{xu7*&|cJTnX({SEw;1c!O`d&u&i^? z9wkXxTU!hD7eF?Cbu)!U$F?Xl1manKpE`ld`&`$7*gpACreGw_$onj-X({JhQJQ$u zbn-+F+QFX}Hy)9{$L%F~OSlW?hoGNuGkL7f@Ah;jA^=EJ z`CAe+rcMUEN`%zKaWXm#72Cw06Nz3s0HHt}HNNE5cP&WliSm>QlC!kPcCbaTG^KCl#7Yh)ojmbI;TEMUh@4*+?1gD?MaoMT z4=bPWe5eeGmpI3~Y(Tv;RVqJ*Jb`xZ$oKx_e6>xr(BUpu(yOvN57ygy>@WZ2J`t!+$NKw;lWT;;U!{}p zTnJWjyM8!NYaIfrp5Yod2MHYwK#77bm?_K`=5WlJ6F;F>o?`3qWrISl2B1Tueh&dFt4xudlZPjo`R6Ncy|O0E)=FAh8td!k8MDIVvn-(F#QPoJ zj#F}g)H>%AQ1%rS6}h5ncT7N}ZstX9$T>PX%9|B`g);WE5(U)fapjYA?i;MwdKp{< zagcti2m1c-B?e2nJoSQ?gQN1MSA*X_|o}+eC zY%Tve#laSQu}{Nwg7(==#lmDT$mDZ^Xy&c(b}Kn@+aywn5llx^9!*D3()`)z=^l5o z`Z-=E1VuLk0|O{1g9#@PEX?>-%{g@npWD}@G!MDKY>Qb|Zi93hsUKZEXMX@ycBQKZUdHagH} zf1A~Bpymaney@derG5x@f2Y-Ehv~IHGx8eAhiy(OCG8rYQ-DXGR-($(`T}}BO<0%J zSC-}Z0jp!>^4i+kfA+zGsG&YsAC#}e@UOuy0ye#+wKc829s%*s;T(p+5-6tNkPzy# zBX9(?TOB3PO_Ts~zxRww9zNnZ=F`Cj z=?G=cy}Z{UAt6wS(Y?SL*I5=s%~nhU z*KyyOq=tHYzi-;muoPUOOz8t9hk9ZVG$>(Oz1_rR!xVH!PkwH_xx?8?O$B;BElp;~ z(O^RURNck3yveCJav^RXW2nZ=3}zZ+;bXWz{+>3GL|gao(%iV5$0WKPAUkj|k~*k=8)13y9o z?hHCWVKvaeqb{GgI0GcHG!CMfdhAR&SQd+t6=Qe@E$zORJ~LR_yBAVUp71Yein+;L zl3VB;(}^$ni>s@_Yinx`CNMB61*k`}M{}2S_*mJ+@FeI|s1;IS?O@PtxyLspC1r7C zCD6ym$8}EI!vq(ud7HCTHs#yNqw?dwdZAAz3;89TT7Q6a+kB(Q_pkYZrxIFxeLB+o zm%$*et7$^)@0&bOV__r=M9@;*JbBWW{{FL|fqzXzi@Ezf$B2P!eXStgH-p<(7^#PgI;!F3a(=z$rUE z;pvn#!BVCr$@)C40Cvo5F7=_m#L3UJFHF8hqXUkB0Vj9tit|MfE-K!@uD-PggF4~e z<}>-^M$}^E`9W{Fv1A{Sgyo0_`6HmoIDM8Z@?fMOOh((r!h61kB-i45sVvZNhsfJ`qEXVQ~XF3 zOf&I}j*haM0$byG!yVDyUmoZN=6{1?P4UQ!kUeyrRY-$@aUzh6R>nZ{9~j--O5KT! znY|(Mrf^d~VArfhaJh@xL2Zu|k8*%Mz&x2+ttOsN;q2^BdWx-O$L&{JhRce$M8(8b zQhceo?)8Hi&3D}kD|%qkQZtvO(yY<9a$KYp`tNwypbD7$r2$~ey##_dOMMx${aKpV zL`CWL$r4`=O)dxSkR@a@N40+-@A|QVToRj^Is8&S243ki&&qeU9W|`G>L>CQnyTH( z5z2eLQeeoeC+yh&nb2}5KlpCWy@7gO_V8$cg03of4|U1sCLfABK|` zJZD|dEm`OcZBTIVz-QQr6DO{Lak315xtY}+% zEC5~JvPwO4GD#J^(hDU0bgbfPnayel^=h+wyz%^(w|y^3z;q9LM9laPB`zI4ZRuA0 zavO0xYuI7!>YU}e?P|ZRG=KwO#=5^8#376k5pPt7-LEEv_(cSL2By2E;g?Q4($h=-K`u_b3oQPM?MefaJ>XGwWgVFqU2 zofr(p>(4VX=GnBHE6z>()n7W?DI(}02z;7Pfbd)|g#{Y1k^3RBb#V*s?I9c*w9#}I z6zbGJolwk72G|A~FaduK9Vj^z%CFxE^HdFqsp{m&F>dsHLWd`CpJwp6ew|Mc%t{mY z@=2RE89#lR%fzpcc2YA9W^wAP>~uk*>t(sCvkn(bT3X9!*U{Z;xY`RS8+n2}!d?Yw zN@hrqw|&|4`2!X`1G?6XIqkL!TOj zIoxP}%NzER=uM2!$y0PPCxiD5pD;H1Dsw;e#A^Y^e9{T}V5gpwz@wEf{_+N6Y`@xv zc$&X01n+I_TZdRl*GDFX|{+%y<} zL%rJ_D#@I2(w}!}t6*vE6>{r^7|+s;(`qc#(R5rD3|D<&Q8E)Z@aw)p$lBH?YEqOz zUA!FiCUNIb%%v%BXxp&Y;e339$yo}x4&3FF)9;sMe>%BsJM3^hAZqp-x>4Cav2&$* zHfahMuFPL1eF`pjywSJWRa^fYekKFn6m=^Z)vs~TJj>hM)YMcHlGJWC6UtN}=sxJ! zxl(bGwJ;hS^`hCBu(QI)HjlRSwYq^G#T=R>UTbdHitUvUZrU0f>|TimFByhjvd?Jm z^*6jkijsSGY{CZYrYXLq%Zwl0TwOrR6&;c47nS|YxbaS{Lw+27aTH|E8>coC=w2Ju z74niXGS_6<2^FA1)FS`8gl1yHbVIO0~s5@J+}NSvtA066!*})A~KauLmJQ$!a>gH9Ho# zr!z6ZRBKsn>VaCWs50NmZ7CJ_JKq~mSckrm(ogqGNoY!UCKCHGYBb!+`JtfYcuTM|i(w*Z&b79`^hn;r(sGgQwaL z{51>kpZNE0N#H+L__tZ%za{to>BIlYym;jE{|N6t!uuB`@Sm9X|KFH*X{HBI0?X8^ z5j5(!Z7gPIXZ)kpdhMYAEBZxs!Gi2Fsav29If;h={)pUg4d*o{4d3UN{U0n>1x2#aS-{( zy~#BgIXks`z*s>{v71B?6A%z^iVkl*P_R&-e;l4e7n|?Mxjj8#2)T2OISISi1t}u> z=tZEICHObR{y(fLo!E1yXJK}3`qvG1OKs;SVM!zr2RJwk6}M#n!{`6aIyd^#um7`) znnUZX=+JI&M{|9b0Z}z@Y8Y^hg?LU3L2LZR^6O7~+Hx7n|M|+s^N>uAkoY>Z2}=Ao zVL{>QfD70~YZeSmVb?jVgI4l&TVEaXISIT$+4r|9%>U*?s(+A2E)aP%FY`?59C&WW z-|*bCXhS1pjYkE7EQulLurd7ng`9qa(ZCn~oeLBE+dR+sK55P7;CI*WouBQV*t*J* zSyqY7Y_GV_4qAGcm((W^>t_M?(_T)1Uioht(*GS6bV>e^zvRq<=w;1v)T=~616rpV zKVrBOV75MZ6B!`z_K{*5*IDc=y1aVo74Yr*%wk*5RM^iM)$C&`yvHy%f@h5hly3vl z>&m3y(9w7ZK6`7BB?Y$&0E&4bHPps=I%=&_y2RK}_DmTSME-p;un)%P=|{HuHBf3Q zD`hvZ)#x?YkJ|-aMz)CdCT0m+%gx-S*demyHsRjR0Jv)l0mWU~$wSDS6XXZs5 zJ#7tJRfxuF>ckHBu*{Wgru2~wCRCu;5aiM64= z<%VM(iro)v2?Aw-c8bPN4N3nuxBFKG`3o^zy|Y-cvahzwtT@>G5xz$<{7m)NTQ=j< zLgiE>Y$IW|dc#&SEGZ-B+^ftZ5;?3LmLAd)Pbka0d6UTQQN|JWNbzO_hk73o-<9j+ zQDKB8PiKu;hKEo7BpjQrhIf24Q|#VT71LE@Qe^G4xE?hWFF@q+!(-3Wa4M{t zXkY4JO1(xW>>YCFOYv-wW;(4IZyZINztr8k1JUo!>hQ4(Mf}6!{%;rk7k>5j$~Q#3 zl!o*}$rB$&w=}!!X)J|t=`8aF`u4i|-jgw~kq&mkb?~7ImN<$NKCr$1a{R8INmhaN zekW{4?$>ve7+AecX_&$xd7I)q^hkS0vWjD8Sy6iT!fK!1WJw}WRFKBGeB8Eegb|Rg zXW4M$6|$r*ki0)Z0xn2N#ff3vdhJEOC7&J}x)VcuunKo}FLXGKAtm`3 zrAj<^HH?f+frwg5TU#FIg4s~nCx*A(ox-obDRqH#lbmaDZ7l?}>MaoN*WIhCUr2Gv+ycdjs(E70D zCTC=DKvR}mzrJVYXTQE*{Am8;`$|Y=8gm35J8Quqrmd-0FQu!*ydmMv%*zX2UVh>O zll6A~g5P-`s$eNfoo^EpjNk&Up3zadQYWWt4lO~cS?Wifj4-5+*Zz+D*!R!j2MA+u zL(?_4^|{QPoWR&vI^cv0WtZ^Udh!9`o51Y$YOwhbMzMD!@XVY7S{)5<`8-zOWTz<< z2uR7w%b;=ow93jGVDpra>J1DMNZ<;SOWJpB){!K5BM2;EuMccuVghLNvp+d0{MU0( zWhWC5zG?6sl<`l^$>Gw~)x{8y0+T1C(Q4SU49CaLSi*{>a1Fj-ZWUa2aZV?!I2#5j z`G8=l!50`_U4t*UJcmL@3hMM6Rvs+%KB|L>Lj6UXr3rvVyn@y~(o-8s$5 zQrIy2dw}G>hV8;4q*6|hdLPbgYt^D|czCNh#T^0AN=O==-B0neq-Iho{z4EQ7nyZf zN|I-o5ywEqmJDp+R8zU&KiTL1`&Y>fge25D-w?ShtM3SDh`BlaGZe@Pi6c|N!|#X- z3gS2F_F5sC!Uq=fiKLhCCh1G$dGFoN%q`fdLp9I&4x`uLLNcnJh%|6@oRWc*v2<2a zG6uhKnsaczNgvqf7u4_dXm$BEWmpQ0eQ`bqE89Ec8w0M3-~DITcn=@u>R0k-qz>jA z&?oI5BsDn=8Pez6^AgP{ZSk=GQ*xNXej>>S)xNs{zxpp(fH>wmGgxvMf|GgiiZxGRtpjKCEm7#)VC zs@6R9ht-K_^j*Kd;E3O;Kv>8;<=fp;#?dRh%t&f?oY*6_iq4c=71IFT&w*!w%fjJ< zCV`(<)se39F*(Jpz*B+zo?oxZ6ZMMkU!-rM&9tuL4B+nY225>*wNB zjipBq#~*eO(gdmKQnC`#L^fT!@&>PzrBOq$M+R@ZoXe7TJv;@rq&zZYubjVu=)EIhd>Hg|L~dxhO;4Yq<*U zW^0hK-=W3vmzvv$i!;Xl%Co_uAUDyR<*E7g=^`%<*Ev)-S$@wwVUuVna488lZay36 zg1qvEuAq8*w2pKUO!ca6MR;SsXGmTUo^+iJBmbq*NPy*dKg6J~?5>g?`0I0?m{x=I z%w~9;^=sZqFPF_JE=}XcX#u4t7qaW-s#QGF{kSC$(NoGVINx^{)|<0eI7*az|4j2L zi|M-Dcf;I$`=w}3iZ2~zhu^d%=y++y&=<4t&ik||bI+=-uC~B$VgfvHC$w#*?zASjj5D1%bLPScf?g*wr|+Jxjfg)@b4bL2SXXXT_v=%bC7UG~lfZZtD~#snR6XLz!1WN@J&`-plOIo+ zw54~eczx)0w{4TfZN1D!#5pi6kI-Lze$j4s1F_$yQ)&Ou=#wkQQuCLv^vQ0k(C+zHHAsxh?#|hJ ztm~F8_g(0=g!{m-GRI!VB1CMBGg+RgG@e#WQN#fjpLZr?45z$Fep5j>{Of*Pffx39 zBII**Vb5<8(SYzSf!T>5<6A`9A+nZI{Fy^m@@t*j1eT`yHKGoPh_0EDkev?_7;W%9 z^f*n+#8=Uha+6bzUWZTXyqp@sRfUHHASPM6)31MHoBtrC$b4WgI0xtU=AYeOhwA)H zk8pvjG6r<&MidCg#c!`HPcwxn8#m6iN6dEdj#Gp9(q4i3D@VQOU7y0OqMEep4n77)AAat1+p)Ps_3I~De1(>wm zeh!=_$krbVN)8t!^h4X9E0Mt!+>zF+RdvT+_hKJstT#f6J@*ew{vFFcQY_1r=>=YE z_1cX+_wJDmRyW$^xB8>%h5#A3H@s_qv3eNw-5 z@jZ5OC)x_l`r<6x%6q@#YlkyNWW=WxP~l`OyQ>{ME5*##6Dm^=vk@aZ_1GQUS>&NP zlFn!!gA>14$Wn_G9XIYvS4|^%r0^BF_leZ&;;DA`m`}7P^~k6z__V@q;Ur$VZ@-Z^ zITSI;u~d)L_^k1r)TS0&rs4aP`GEfdM`5xG*&TYkZ-0RwKV4RYMBZ%@sdCcF5h`nQnX>^+7qR<T;jlX9NSzEop;(+?a(rJ4}SOV z-EoQZefM7}{_4Bp5)0o_WV}4slDq&)dL?F!8JeQ3LAAHqta%{5YStTw$mN-&_1q-+Ti=_T!l+ zuN#)w4N%~5hq8WR6k|My z$B~G)2>~NEtm@jFis-=N4yUlyyNmKRieA@yn-AD3zB?r0B96~bIQIF^?pW8B@|q>% zqFD2WkWbm8+%|qBQ1FN43!s?}FrU@E_^oTuE$1ZFm)odxz9I7*IX`vq)-%ux9q_O1 z{}A3ERE&oZ^A_y9nJ8|*9-DC7^vwolo|N}=CepS-Rx~;V=e|Vo0?HS4h94ysHj87Q zKV&Ol`+3pr%=|E-@ZyE2U2uZ`=ktb_0DJ&=DL~I~^>!sfup`642R85UP87c*k1DSk zTnTB|f`cxX7+?BC!cJKGNx1XJ9psC1XGXjM>%jKyQ=k+N2wL_%0??iHcz7&J3s)ga z3ZtrpPoeJ@_w(i8epKW^Om|D~2j$r=G3!vkVtgSuZ(2@3+CpruD+m0G=`=p?17o}K zge?MvELY%h-v}PSZZJM*S6lnDl*zqc%swEatgQT3VHf#Seb%6&!52-FpSuO4(HeAH z!EdlR%*6){qCW`}Pl=R{^kiti??X7?D}u;f2z1Zs@Eu<)!;@Nxkh(}fN?D+i0{cYr zWl6D@^fcJPLNHI-UC)C9zK=^Uq)v2?F94icN}HVdc!F`w7x00ChqpZ@?al}LHR zNI+=SN_|{9%<&VzeTZWVH0_5tHaTuk@b{as{|*ND2Mur1g0jL5BqFJY zB*gH{uMR`_Q7kMrVAtz%k1v9qMn(ce^+uGZ8NYLyuhjuxf=&o{4UufbK#(sq%82la zCdolCpkeg)C&56&pMg++x#B6tIX0F;77ob>K| z4-*Evc1tUv0Qyx@0(w_uj55KGCu`;aac#HjmMjn+=W}3@H#x^32Ke`7snG&7{AJg+ z6tru69)MusDvqZZ?Ll!Lb}p$MTH<{mfy*9_B>0_Uq4Ebioe?3r3+d(?ST6~;_0csT zzl}MiVgS3#S$txE49M;y6&pZ)d{#)lVv<9$WEXe2zE$wAMMSIaq?D)b#T*CjeS#I2fqas z|DPdShPpBT3ls1!>3EKfkI4rn0WJn|7(3BZifw!~nfP-#Cp%9jz-79OG58<#O0+?fH_IkU6pN)qrmwP{;G! zk(3(29tnK$@dO>?icRR6U%{M~y1RX6Npb4;gX&bUCBwnuqgR{;b}=1*p9m=cOT`R& zWcxx*Jw~~&C%a^B4Dh?!-!)KHsas6UjHwhaSkXQD4vR~`dPx2ywfyf|wWn+oEKJUD zvMj-Emeu%EzmHS8NlM3CE1Vri`=dYO4;lVV#IgPf($S=v8&%|W{3d4vi|^f<{V*l+ zU_6||`gNjAoPUCmz-q2V&5Y049lj$Q{0NeBSnbEAfP}c&WPuBZ=4DO8a4fF z(6iNocvR|gceUT5>c`T#7ACiu^u-$`H*y5uNSB(AQ=I82CKqXQe{cfI+CESK`t_|8 zze%dLj0PP7Quk2ifU_YBN9%7;RcKP&=u}LsC+;4{Elt*Z^CKv7nisTX&*6F4 zG%Nx#J~CYWf;_OiQXA}j+_mL*hmEgH#e}g|3?B2yU=g0|Y}4g>1H`%r>yfAH08eM4 zzyl0H$^xabSYa}{*CXxG;NFQRKUbe9V{5a^vQQh47uXDa5BC65TOY&E0x7rM1gMTi z;pP7xk^iNDewv#PaBF4qJfR>z+%HnAeIUbj90oG}hsoBR+(2O7tb5|vYPYz0x-ph zh}gdZ?4aeqkzaLtdk&J)D*#oIKsCSvqI?6qR4!EqYXO5iTPyOZrV~gehbs}hRUGV{ zmEwZ9wsXR=-6@^-3kC{j>g86Kw9O^FOHMF*{VdXP?z)lnnD^=Ud2O%h6Ilqv#?NBt zs<8efaGeTcJ#x&dr@ucE;{m>!)N^*y!?Zh5g2PjI6dMeXuv7{(386G9iC0AM;irZK zhC;LUlwm#sWOgmO zed>d~)%&5$oehACZWgZJ>lEpolr$a{9MX>Vd*o;Fhe?ViEJTh*!%$UZlke#5O8YG?LN_x7=mkl@bSba?N8fSEt0H z=ae$r)T-P5YQ-UD#T4A-mQ}=Dxs(o#h=FOQ-F=i7FSUKx<28%rYY+i93yNH0ai=`| zii*r*K1C;K*six4R&j`yk0Y*rXa~LWh#&e)j4P;D`HbWbCCaUP@^0hS?gFuQG_V!2 zxFxwvx}g_MLz_Q3bOqdS_;Fe%8{GO+XNRh_>m1O|AUFlay^OHS+F8GR=Pnl-!`FWR zq<$9UJocLtiTKHxpR(<8A#F*&pJo%He^DqAi!ygGsMoBCF zYWR7-*yQkF54~ZY7_g&nuXy!2i`zpIE(OV{QcG>|-ET7J9zE-T^z?M-tDR7uJJoie zebpR)!@>Sat3HT#K{>z=?dD5G@B%o=2QYikHF;jOWA!SnUPsWxLVDtpUaE5=_Yt^* z#XYC~t4_&5SCY9O?k#9uJfWGP7Tn5=6qnp>Bu^(G?R@}i$3UiAN8vYzT0+rq>rzGO zd)l$35P`6AB?)xlr zDBICBR**p#f#@AA;o*F6XjLu?W(MlMe1sT+7Fj^dRut++;zzaIfC^8AKt_+H#Km!Y zq}ns5KgFWwK!QV=}ra;!R-Wq z5Jk3}fPONqK_`CS5;Njx_kG-pA*KUf6s(5xZF3Kkfwz32BqM@z%|Q3I5_qOw%Bqs-OakX z+A}b6p|i8o%Lg_vFaWWc;}DyPhdsA}i~4l`9PJK2NMH5Z-)@dEPmCFofFC`$`EucE z=}>B2K2HcUf(Z(T?GYUE;Hv2U{{Hs_q?r0__lUpY%ZSdih3U(zE-fj(payq|-vYOH z_IS@JEDKv}-__nYLf-t8i>pfkGI@E|9{0W%8SFW$nXaN(OHW4!9W=`_NZiM1wi+HgDI1=qM~cm_cWlB2iFu5SLP;gcL($`k$2rJ`)=Ze5RMbP zpj60Db#`&dfDSZ(`%Uklz`+cyFlo{LhPMMZ6JB|>T>UkHJbcKo`jc*D^LA&PzBYaN zL7aoUV5>2~xyxZ>mlO`;2+#Eo4$66fV;Tw1sUam!`h6yO;|`-y>CYO$uidLbK(HhQ z-R%ly#Y8h%7)`j-sko4g=B_{G87n(yULn#yPXqrU=OK6Ur#*bFnl(l=j65oys1 zmOT%ESgz)RDpT@(9)1;GCZEq?3QW;f8Z!ZAhWCnTeN1RvF)xH?_Oz$q3IPk;l7c*X z&T`V*A5Zz{!+NC&mo$9Yl9O>BnT5V)Q`v?HtizUY5?+?1u}!eVm9-S+d-wqMaH{5H z$4%q?wG(K+48yAmy!8%y)uxA6`bdwC?r5?ws(nMeXJNDmdkpwf{Ld_Xg<)_!R`uG| zU&*Uak5!|>or>y9z4XQ6ddANuRk$}-tUa(Jn7s^+QW;kygRjy8FmZ(~7r*iMOp4=; zFlzg655N6*$t^b9YFQp)$$>JeJv2NF21wLiLYy+I8%AGe(tiDYmxG%mBPJ2&F2!v%|IZ+;!ODm*A4;&J|3% zO(t%b=w0g-f!Ot`{AOY*2vV3xGM3_fAQ4OssE+M4$smxI3swww5{pfi4o2Jz`b-F4 zLu2PfNnx0O1seR*&$Ly8Q2*HhzMv3n z(FO6#@yX$WbsapzN#*Z-G??(25vU{pKuW9OBAy49{t?-|y$o8nAG`F*@yvJsr`>(^ z9#Ca7Q*8@=J!P<-^I-7AXTh)G7f_M-(djj?^53&VpRNc+<%&!Np7}9Y3SFQ7RG%8)|9Sdx} zJ0T2frIg$Yf}a-VTrw^ks5OXf&I2EZPM#qQVOn|3j5Tq1>fwOAy(x*BdyH-jq>=B4 ze3_alf0pp7^t8?pdUu6cJmSfggRs%PQ`{@z4VhpOL9t&6@p^YW>`kFB3V}AM@k-9i z9F3QBvOid(HkVh9_~x4`dcHX_uOZP-eg@@TA~}%M;QLYHQSdw`n2wN_>chuMeAX#< z{gY~_#wN#&B2^Qd?7mc{0Ci zM3Cu4)Z9mwvs8Ssy9==NrSGN3mUGZwG|yjrdHamj92vw~VTCZP$j^ zLQnw}m6TSx1e9)6N+hJE1r!7kkk07@L1{rkx&-O&nxITVlt?z3v)^}& zXYakHe&hSI|1pNbebw2=d7O7a0O*vi{T@RhITbBtLAdC-;0Dx@nY&!iQOFL5f47o3 zi?24ZTp|%pkmF8+!O3{k?DCvkIA?w$k(*H{jeOGD_O^<~NodOvKyU2B{5YU)LoB0Vzh8Q*`XHf#bme2E;~K*f-k}a!Io$B+ z;qzBYAU@gda!fmB&o``|$}#vYZp@?@-)_x}Sp``(|l2 ze2Zu#oF6K;bQGza?(LaD*tcD?`5~+n96g`egA%T)L^myzHn!#=c#XtoIN~W*bPB8+ zY|es|bYY!%-sn}tNFf{V>c=^SwI6KlK`mP)83=rKvcdMZU!l&@!I`{YG7jSgz@ulE z_0hNgF`*@7wf)K(UZ21K$7#uerAxwQ?X)DXD!#kKwYwTV)9`J&Wv#g=#`r+z+#69+ zP`cE?s=!|yauo1bZ|yg3LL9qRjc0dHOgOd&?+-=SB5_D2m!EsDL(3eS$rAn*389sT zKR<&%ogl)ITk9mZXdz0Df*BcKICd=@m4)M^fS5!Lv{SPa^m1W&VVACmky$N@UCvt? zp>e%LE$8k!v^cG%TrWKRK)hbw5H9ofw>S=OAuM`5BrXMZV~e|Ml{q&1avbh3kG-uj zl?c#OM8ARB3VLt+J`2P)5+W zwj3|!D|q`;W0b9F1H(!@sk*xQHE-YvbazlLMvai^CQl z>pV9P(;D{&9MeUYT}?*Id!9YS!aj?~qm-fK?aeM?|CAm;S87gOmV^61;+5x=ULF5} zjg$BjM;}!p4qfOlN{GyA$%<{fZ4Wj7MKhjoLn(?RPH%J#ZLfo#>PO8F)8n##80-=- z?0!&>J;xggw_IwP2r=dV^c=8plT}H$FMa$VlqwcYaWWNmywTIR|G{y+_#p>S1Zuix zH6f*gCt}C(3thWnhx$7sN3sg@|n#RQr^g5p>y|`km6kNEznS7vThY;E1j+N(mZ?k@af@m zG{u)LV1Uz@WH_cE#C)uhrqv$s0p1ZvS^Sa@z;wRY(GE!v@5VhQ)Df}2JmPH&X&L{F zz%8i^^$Tzu(%OwpCm?nc!27ynL7$(07v%V*9P3A%;~z|% z$Ws2DQx2ZzgVzdnHy=p_s;1X@?lCF(XL0I>7CKE1elIx6@yZZ~P0SNNG|;&{UX)Y^ z5*b@5AIon+bpz=)8R0hI%D8T3lYsIr#x^dTV|8*P4>_cO@U4{NU8~ZJr?NHWB^8wg zaKxvjJnhKH)EdMaRUL#Z&e-iEnckK5k*ZM0{R zBHO9s9|p8g*!o;X&2MmnmH)(2Lae$RPD~jzRrpUgARbkuPYQV))P;aBCx_Fw(#mB; zkQ>CV3=gwz;D!|f=~fXFEg^+4P1nPgekI%dRoQUsc8t+}Pm6n;<=$4U(}AH*te~Ux zwyFUJO$O=Q@|9ThzGiMcLFp z`b2CW=trjvb$WfBqTk}y2R}5*_f`JN6a0p=tW$GyyQGw0cMf$wT1^7$I(`@^cRpth@ zExt+S{RIUh;f*&^=AyS~Vc9-#1U&fNhF-S&D$}wuria~}`hoop%bb4uO5zy|Vosf* zANqQfiME(MB~rnM)5G5P&1gZ^S-nl<7mTt5E#JxjMX=b8IpufbaSfspZhd&K())>sr{vX z1|Q;btF6j`{vk2LZ$FRXtMqct8Os7!)DJV^p=+WwHRvHtbv3E($w~odX;mOL_PRTT z0P68GTSlf2k$=4Y1^WVU>4qCYHEXlBd5r~a=nVV$1xBPgDSHsZ#?z_dTnH)t!3@NF zgzi||oDNX%=W%ELSNO6RXsuE6_62z*qUv*h-+!Vx13*guje7VEnLxo)QKvo}%u`v= zJ<(YSfOb=z2GK-ubpmN(+{a!tSOh=#9lh@PPxMO_uZ+|G#sd7~L%n~m4moyJkon0~ z+IJEr2cjOaPezMeRe!%3IE4?`Im$fc|o}nf_j>}w%E$R8|-52*atZ~tTWR3Zd-aSTNgoQEQ} zT7E{Q`s7pFi=dr&1ean|Cr{cQBd8_)-T8x1fncBJOlkVRpbfbG#EL0h@qLppNK{i( zBe9iiNJM``P@jlqt%ll$CZaJ5mPn0d4f#uP3~Nx#eGLBcmCXU zTHh;|GmD=;lwd10udf_6?;k@LEU*>~E!PYuciEOCS5<0OWjb&!*i>bTE9%iw+_!(#MqQ30cQ3n+(3;VidRtN1H z7f%zV|1PIVe06t7j{sT3>7Zd&_G38K&P_(wanD(Oa5xRzR65iicb|EPt{pO?B6>By zP>zJ(!sfF=Q8`);JZ!u~DDJWsJ!Nz3ha}`Ih6tFtX#tXuyn`x=1?b5r@?YxllUTy8 zbsBDT%Gi)qCx}ILQqxqL+pD+d3xbnKV+G&Id>Nlb3cj;->zO;It*GzF!OUEEPfzk? zEMr`eqmkoX)Q*S>VWOj+gJP`9M0IrR)Mc#j%VuU~=?#3_&9A^gUbrCV+YNnRdyfj! zUQmfK93LOT^Q_GW#T&h-8gchqe9sT06r#0@)+e3N7D`zyk1kzTmV+nNDX8Om~%@qJ<-8W72v;){I*&R2v|70-!kz$oNi{tkv4jAjqy;-%p z@iEmXQS$7t>dUzEhv@GFjjf_JymJmuE#wbp$`HAXrh=~}DzK0eo<_=&#>U1Mj&2@T zkJySNKpnJmAG}z**g!R>rs(0d|57ymi<7!WL`JUB(ce!B^q$S+RAdSwPf1qt?98Kf z2CIR6|F>{*T%LQ`g6K(ds%bK;@GEA|&Hb)fT6(u{Pft$+8W;$ZddCUg;rW&9(_@ge zeD=YUybAD+gBxiUuOu z6tmFa;Xg%p7nhcj+`$iBp)an}+y?%k2_PX!hj?%1_lM&C(FOhMKf{Ht%6`TRT>*$U zDJ3N(!0Ur=GxY3JZ^$bR5P~Sfu$091Os;=m+>7QmmcCw`SW!`N84&x?9_&aON^YB` zd(A_Q=ec>KmYB3Ak!1GV?5#IGY2SY=03tM9PLWBue&gx)X!Y|P z(2X=UO2csk%P)b_HP<~3HOL&RJ6mEbrlPnY?Fg_?o!#Ap(2;iyk>gLd=P_Z`0ELsd zjJ;j6sbWVZMAUL}@xyIX#c#2Kw;_hvj0^x1yY#}V&Xe-OLwt1zJE5*0gJ}X#nG>r8 z@S8fqU@%Him*UG>9YcML`HA{BUy0#fPS=6c=Z}MDLMiOPE+iym)R+CJ6O3mM3=H(H z^PC*kbb#K2qXTPRAb1Z$0>YS@Rd_5u(HZ>x{e3(*&YMeASGC@4L|Fub_u>n2zdElP zZfk`-kAi4Z zn^#7=fGwQ^PX4>)y)d0P0AaupO>hK{-Z>%v7}L8+_m$wl!k5NpW9DNjPGmGzL|#Yj zwK-0(ovionRw=<)BRF(4x}z(rs?dZ9)dkkmOky5)zkT3NNt+3F)XKPdu(J}p(C<#) zrc=V&ms3@HV+&>1ZHk5n<=V$KqdxFk=}T=F%Q=9s!NgQUHABs?Uadz&RS8_o{Iek! zOjF^B=2*R#*vUAv69>XNJb$1$YIPCz3w_U=D-ha|IX$EsSvH_9*r_gq&pwd<`0n8k znxp>ubAXXGrt;kz^N|pj5mg{DpKbz)-00QY1FQMUUwj5r9f+MA4Y^;Kk^cYHZJHlk{1Vfb3LqQ;m<-F=|i>Uy4k% z%D2w5CrJ7+3&^a$3zcNXlwt$^9AAws-|!Y752~NL#F1`dSl^ropOjifoE(zgB9!2Y z($TYX9q!d6a1HTDj{L!7D_vpX565c}OW57L$PIWiUzTMLY&-)TtvMMVYh$b`?6r39 zA*0JWi-E|0&^XSd0j#R?4VRkBfw~GHP~Q7*)#kr^o&W1rKHg0PtmLY=Y|Q2lOwA;D z0f*}0XE#CqHD9Lqx8l3AO%v{jqp|YoXp6?tOz;j`Gfb;Z-~Zt~W8frdSbzDW%IEXa zXO+|}#I|#4Ad?%@zkUynQ_|z0K?0d#8*_8Ue`DzWyA{*gV}%1cBc|-cx3~3@a8htc zh`i4B;F=6%%WjtEB zU|by8;O|OGpkL*%G~T-Nw|sf5IG&(B=bfwuA6xur2hXVy<-V_K(JxXc%$#wzAA0?eTM?lRUR%Fr=y1S^5;0xH$E=FkTZZw@7Aubki z+P4#&jIA`b#Z}!09Y5QL2ko%O-<+95nG9B7CouL85Vt6Mw-EtsZ3adHR6^dxHnUl` z_hgyf8V4)j0=sPAm|JU( z7iV5@wsCgkpbY*E<}ImB-+h{eZv_F;+dA23b*5OZ-K*~Fi&~ObV5^dnsJ}M)|lPfX@nu|jBigPfrNr;pCdZW01FlzM^H|+SZ++$S6$gD%s z=7TZl-yqU>*h|0=(+|}zzo&niqJ`she_rmm0I|Dw%4>G(wXFJ3!FS5X1shopF%84| zjykW9A7pb!JgS2xkOt6T*IB?JF|p9k{Hb<@F`cjgr-W{k_VL~toiIKs{IGI2HZ{bp zf8HWFA3lLUt5f!Z>UObVvZ&AYtwFG%c9QmM*KS(>G^Aeg@9kl0kucuuu}=M5nw$t< zu>ZS_EYvoCv24yyDAmAsg2-6I4F+|~Kmn{_GGw2!#6%|H}{)8{I6r>3H^Be_&R=yH-5mB*vs|;{WeaJ zKPt9<)49*`b9?p8F47B@$p;^L#PwI+MHhye=23Uu< z0(XNjwwK~q;Xv!Cv0l;UqI!%Yw?qe+KqKqLozV%%Cac|UAc2n_&!W9A1e7*8@jtl* zuxb8NE&Y}D{iMf~d+YmJob$okSC7p&^Mki0PIC3CCcYp*_wje${(!;zolB5>vpdmd z?41)oe0(_iNnCxEA}3;^=x)2L`5rKH*N?ZYj)g!xemff_p~>S1MA}b-TgTYX8Bv82-F``igTcD{W#2i=SbUdx z&a8yk>-?!kS7^d>BAe5#rU@2Vm(_KdOZASHvAucxyd{+3%RW`5$K->Jjh0XEAt$bO z1rFl3c1_1Aki26?bznY*@9q6_B=jGrUXwh~1g~SKxz1CD#+`@H%7eLfbBdE-EDSge zms|xsCW*-_nw&JVfmoXaQwcjX%pg|9>2NPIdt7vnss>8Hq(qXSq}^WE349vGbT z8Z^!vH=&vq`m(9{^JyO$h``L;=?q?T<_bEkj&psPXx(dR_ctZDc!7Ca_@&;}m-*(s znVPTf(=Yg6{{w0IzNDq!i-Io*m~CC*^+A(q#9EtUqbtf)@3CA4aGRqUXBg~(0?qRm zKYlMBnEb^|@(OZD`YbNd%4o;IcKlAY@G<&eO!K@WnG530SOS0bkBQGURu4+RO0Ko7lJX$2(LzbBN_faBn9bwEU_H)+71PtyeF zw7IW&U&ot7A@1gJf7MUWDP2vxz9Qg9gwz&OkmjK^W{6d?@|&JA&OihH!ZZiM4-v@D=#K$4doI zV;Q>6c{NBYp5y#Yi^V1>KLadox+?hld(_pxNlO6QuuGuCny3gK!=&pflq)kB4F_~m ziEej=F|ECV&3}BX^^8w524Njxwef8*+l=;hiV8Di$1qWS&q&C~$e3S~Y;J8y zIXXJp+1pE5=;*M25Qlwzvg5e?HlC@Lx<=S4h-{YAGQp?O?9u+VnVy3sj{`gB(zPt; zlZIb`)0Flg()Sz)F^wMh#X?l{-EUXSFkBJ#I-N2Y)t3U0m@cKTRQAL^;uZhW{%kf2 z0s^R#P`3-dx9)xy(*3`oKqR5YnxBZUm9ev`yuN=)MB_?t8oDju8tDjGAXO_{VS>Wx z9-+jk8|wV;azjC;xz;@fJ(ZB{50CdECbl$-qquDVQ{~|hKqMaw{mt|`c>qoS{4H6i zLQtO+c5Dba5K~*r_na^b?eN@|uZ8xga7rrA3Tiiro*!67fCrBECi$Zp$b8853J_u1 zoGGD!bN1|6yrk0#F_?Y{SWh~K`ba>9m@^}l4u#+YXU+FxD9t-7YR&+`TLDw<0eQ|vdq8vnwD3q*GyOiS`#=#u1;91fCi z3F1!|^vV$2XI(Bu+`BzP6+?&1JUd)fu(GmHdTcFM@>cSXDtCEY%&|4z z4&R9=?z?e%K02oY^X5054>O=0yFF*s1$XXpH})$Xdd-p4J|xL2l#cjW;XKN}Dtz z8teMEHBOw1V_!aLSzxMK4H8}nP@jp{aa#Prp)=vfk8rm3Um7lJ5)zRMOL%|#g&*CH zd-^7rr)s>dE*{`B{U}xZwr@CKf?Go$tOWaWRx&#*k6hzi9;G1Fb9(&v%>j)Q?Tf0V z($6S>O%PbfF7ojvdoZCT57x}Z0ZdDpcg<5U1}^|IJ$Lm3aHhKc zHnfVBQH>RB#=zFIi#Sf!qI_#>DCEad{?_2mMt9L>+q7H81** z(8JH7cBlFAPig=^<>$&tQ`FJ2Bf3kTGY}-s6{ck^pta{fYY#`vzrklu7b-Y&3rwS? zMW0cF@ctNu1#_1n7XdaCB;dAVrC90PH`OmSEJzbrTN5+U>`oKivr*)+HQYH+;HJ|4 z;HeG7jTFIQgN#8@?uf5SP$H~<7;;G#wuAbw+}rw6%V9j3@8(v)1a9MJKI1cJ9+c#{TaMVw#1+hs*uKFb09Dz1D^#skzM&+* zjW%vC4Wmnkt%6Z|9dC@b7Y9{YzT5`qnf{k{RT>5ZrP2b&>aRigj}S=~j7y|;_+emB zxt+u0LBBK#-gN)P%Wd@?B(QLhm6!KOn=8Maa-?9u>3pO{GImmT#%9>EtY)I~Wb=5Z z$&Z)~Pn?D$-*ECwYIf9p_joYiOd=Jyi)z|DdIx}HpkGAoJv3l@F6MNc5JrXU=0u4K zFzPZ+7`l8v5V88zPUcUCP#;Px}&lWWgNLk6ocXo?|+)AZq0ZR^9& z-UVP7@b22tP7{(;k0>W6$4e*Ts&q$hFR=lb4?3}A<*LK3U7Q~KQUuVbfod^ODy%ET zRyXqvhh!38g+WQ|y;orvqpJC^zXIyo%EjR_LH*;FO5D5n+K~pN9Id(jkdH|pOP_5B zy^}PYnaJYW5h?MbIVJq-XTb1Z->Q{b;j#6IvIk^Z?_N{V8$cT5NBbnA%nC(~*oxn| z;95E|Bm!x|`%w12*sO9J++wbCI-@&y%U%40#F+LHypx3A2bp$DC;$i6;~sbujcR6Q zQG_jyCn2MR_aR&Mt$e)EY*9<>$IyL_@*Th(zBS)#Gux5mtz%!f^ZL>303^@EX?@;Y9jg} zGkq%9jfxQ26O4Dm0lyEbxm996L$0rP%=Ff3&0N1%7H+Tph1&+XTUr$Vz2D?H-b)3g zkS-8jb#65Dr#Q}hzjEd%m4%;2y0xoJW}(mm3ap;BYn=v=s=y84dQ$m7ggKv<&{$=X z2SQ9qyUAdzhG^jCpe@<{Y!FqDvFkFVFq2Q}`ewxog@J2A>@f;_6!KwG8MKY*z3$KW z$EWt|H`fedcu7cWo) zsUa}VD^UT^!0)nb%zYpa6vzN`6zh9@kOg}A+%FfR0U$RL z#*|M6eh8seSDxEL{YYz|m_K>o@w=j5kSM$g!i7Y!)B3^k?+TW*4C^~nWYA#v=g&;X zr_^={h2c!`ZnuWCbzjfzmN3==_448jg2tv&$F3n)O13tlij3iSMV(|Q@DOXlcf=h3<3 zXlRXFpj?^tm*;X;b5pGNi%J-B4+v&@C)wXzX4Xt3yZ7!e3Y)OFxcD9zr|?4Nd>@N|G8hQ61|HYG6l{e$D2le*kFj!7U>CK~S7>{A9)2H>=nJlo4-wIsi>%H;HEH0> z^_zpjf)v2Q7jiSHV~PxT_YiJmEva(cfiNwmdeR?N7x@B3#%WKTVcx$XJcRbr%*~y@ z#>b@00Z;mY?TMF}DpGTR$NoVd_URMU-?4A{@id=?(dHRx%V|x|e76yfDO(Au;#*8N ze-oMah=xLXy)q zvMsa6p=*uGW^`&s{fSi!)cAB2oF!|LS+EEMBG|Co`W5<{uS8DEskyt6!u(AjGL90y z2ou>OorfKKpK0>lFx9j(hygxXVkq>*jAwZwki|r+ZJkc`!*F}7%=z{+{x+?_G+E<8 zSFEabzX=%6tr3rQLz7U_!LTUL`~E|mr=T3ZheuG(4I`ZcY&z?C`XrpPF$6Ct6MP-2 zNlLn&TRVH4w$^B{#cYLtHW8T7nkMmYEWrPxOAMoNpqAj6 z(xsqCq2MsJmcyX!a>J4AzPs^ff&~k?kBSO3ay8ueA<-{fUvvB`Qr9B>+r)&lT(z&-dHG+T zrg=wxX#hsz4J`e|obxH5x+fd*s=b8h;$4;u2vPI3fEiPl722bTQk{RzU`&)B?qxEA zx|wK-JBCnW+>2itMyY(|PtI+P*PV>m=ReBU&1n1iB!#H~VV9lKBEql=MvK6zaX%_p z*gLbPG7|#$ce7klIKC@z!`i+HOsU(Zhv&&zSz7m;OIi1dUe)V6#(NCmW^{AxsIu05JEgKCsbQf_gds@$MPG63iZYfn z>8g>{7*n=5))v#aZO-x2TyzW22_Ir3dofgP=O0Lp|DbZ6aHVi~prc&h9LnjsRH)_N zD5pBxKnHq<8LW$UwA_}5cSt>s-t_C^LC>H90>k@rn|tJro}?A3(ofQ>_A-yd&_XG}u{I*)qsbK{TP5c}%xB zR)M-hB96yRGnRg2`nSC;QWU*jvc(c05rG{)aHMj$P=h!`RY9<5MF5Kq05gN@jvx`M z!{W!dZjgyfe=_8>$XSjk^Fr z0pJyi(;+Vy>{UV?n|gTf&d5GGM}4p=G)BMnsdFsC$cCY;m=s<~RBn8PE|~J2!K(q8 z(N?y^XIK@Gn70;~XL>>p`Ry|{Oz-qqZ#;rVltjm|=7US9s!}ZJO66i~Pk)94)-w`; zzJ8j7gYBcvev|<-Xm*SKl*$LFS3rZ3;XwWt>Dp0(m|!}vX>FXZw{a(BftMBJlM((`Y9~tp!|z_+ z?crbc2NL^0;_%o?m&h{bdsMo52zD3q>Q)tXkU_PRbv_R;VzHsofEdURY%(L=IV~Q7 z;&&HsVc0~G=!1nMJv4Wk3=7_073K_xvgA~5SQ}OzJtN_+G*Zejn$-f%o1BD1q=6y>+b@| zIc(Q|gFO!s+|)eKPEZBFK`wQ{c1-hRT!57Ti}W>^_7G&Z(>R0JkVtCjPpF~4sb@cL zs0?}y-P-jXvF8D|l%%MFPM#{n=SR%jj;RyI1!ZV(ec5T>J%W$A5+F4ZWfjUNbD!7) z3=osqpHVdfF@qtjv0!F1wp(rmId&t!v5sRr!%~?Tu7ZU><~~?qvyN+PeAJ%cOJnKm zk{^^LuH;d^ovoUjQSewRPERJNaf#r$e_T5a^Wh-~9D;CchtKsdx-Cn%EyQy$Y;FH= z)F-<=tPMdk;4Y-QV?Il39owQfK7`ZXgB%SU+Qv^jfE%(>cJ~B(9as(y*zMkjPoQ*o zU-t_P)XS-RduRYHKB9KMynOw0ctPIARJ}DkMBMdD#iz#ka3*ACe|wMq+|SN& zXqC4+h14hY{sUf(yQ|wed~Zwj8T58ZN+1+8Miu}ET63s9Ky`?=X}xqCDY20e+3(rN z+g$-|H;fdDTtiO4tWnXX2}4asN|6z&bD`o@9(yylIVs;7yB~S!-PGn{ zQq&O`E85Y5ZEkN#!A>MHD{GCG=4^(NoeP$tYHa#4m>NU@Z4I^i{N9~F(8xq@5jxYZ z=U}wCMbNOHAWkSgv~HKVuX+KVjc51G+`q`+C{xR$%M&E6828tWR_@*LPH|X~14ua+-)eG3li~{vrKDDHYe&a;?2T@=BKR*k?;)!38a*m^JqIc_XxSpT<_9_(oy+;s1?v6=E_Gj?#*X-UGN@tE=EF3L&mQOTi`FuVX?WTKN&&vS4HH4BCM?KM{|#F2bG#ETxjNDh+p18=O>bQ&t5YR5$t~8Phoc zJu2e{u+<``iNQ!C4;fe8%K09FqcHChk=n^3z{OyV9O_1oJYi~#V2byL3~>6&#hG|= zi*_LfNYLsN0yWF)JVTqzufuI{ss|Q4K^V#ppt zRp-zM5#;7+Rp+PpeF`tLX8>(;tMIf&pT{^`o7+e|3deh{I`YLOe56=-KDpP(4Y?jN z0lB`q?uwO)3t}lACIFgk4gw+P;7kMX)kJ=qOfRvpUjCnsCkZ zrl?1kYtK5o(eH=U6KQK@runm&kjA!B~-*Nl1dtGa^P=Pzfn;-8v5yK`!ha7L<1&^Sr78LD72A4=FLynSa0y z@E~uaV58#9T10;W^-QdT5u=vaRv>6UH>4#jIsU(#Uv?k~JW4W_ppi(bZf5A$2{xKP z*7={i1i(1MX=X3X116FCX=#lQHrELF^Mc#H$fz1vSlFuSp5*$g8i297CX(Q^AAJZV z$G!X^0KBUfvqw6?AhemcnRmggJG42hj)2C4)nk43w#}HI)EZ4+cJqTJ{*&2)fzkzJ zPk+^B1A1aKGA?Fch**{uA7oO#e-7)BeN|@y9+!f2>yQfwv6O>V`)^}({1TZsFREY` z-(qgt<~J_2FZz>SvO_-epJ__QvBeWdf#gB?eDZCT(WdqUkL#iOUB~u&^MGh?&c9nf zZU4N8hU#m@&obLTH&SZ8~818!Nh-DpYh zJg~O**e1)|+&m!brU;$J%|{=S=M5fxjkH3Mxe`#zSq1{@IDx1>vIm8}cSGdF(zNne zCx=!skb{LjvZ|m}{J_s9pPB`+Z>E4`jy3l$uIv_^bF`Fu+dk+d^u#l0dv{ztOI2f! zt#xp1v39qOfLg&aPE+4W8n~u}Dmn?D&zmSf`qoSY{B!wqSCR2v3x1(StqTYZSMh-B zc@yW?{3aE~e9Qi^a$v*JX6*$J*(@w9gV^*PU9xoxxt@dv>$iCYixTd<@L;ts(cg?_ zSo5(}Qqa@GyYcP`{G`Z6=5TXubS;aN-5*~gK5R+@>cxY5Lh%v&*Rp>sM7v#<6vhTK zArIMfxXMJuoTlc9G(;Wb2rN;AsNsB3US7o7VfTc+X?$$73(*}~PAqZf&8XcUUzCv1 zw-tl069w$wd*VS9RrBz;SRJ zIj$?!a{l_+>43qs6Ab>8n1(8<9C&ci zdAg##9I9)&N>&DoF2@o{W%0)D>UkNd6)e;3QP)1ja`8VcEm1oXId?hT6jYg%-zMTbVNoEI z0$U2Aa!|Da-)#%TxXU$hHb4CcjXj=W0P;wzgfe>z7CVbjz2^9WJ!Tb+cg8=ZkDA4< z-0+2~+v?X|!DS5#;7Cduc9)u>mlc#6GW@5JRbzIF)Y@Hu?8qLXkPmv3w-pNVBVi3D zrx@yg9?Zk%uAIJ~!;}QlORxiqHotIr5=Eu!iqIH)Uo4qQS9I%1DR-!NUX7c2tlQzp z)r4ZGzhn;3{M#S{of;7f z5CVfwd0`!&a7F&A;1ZsOs6ER^1+E6Biz{w|pd8JiCID*D)Arv2koZCqz5X-E45l{u zM^j&cdavWeaadUj$n#i9GE3;Z+OOxK4@?RnL>7AsDoeaKR<*kb1f=Kk@I&ll*!HrB zK-)nz;bFHK5BWLVF?uK8Z2zW{%END9z^D|rS`LjLn}fJzT@#7^_6#%rlE@qR5WEmFK8EhZE0Wx7{1 zpX-#R+mAc|U%HRCDDHG)`K0fCDg(;nNNO#ON{6+gx&%aa%J#tGsWX*IegzNWquZ;m zn8mHKc@kGOR>#YB)QjOesLH!$l2THDP`SA!(Gc01SL608^rv4yr&Ut`4 z@A->y#xhI=tbm0owh*(_Y!^p|>r1ZV!z^)V`+j_(VEdXVcXx0L8l8WUIwQ}!?S*_Y zTJe{Wmp`oML|AgmS3uIq3qo~e)fX|TP=62Jn=}&)ULrW%P5eV-zX#>H;EQUhA>S7& z(VENUxvUmCVc-+^R|Ia0kR+hCoG69u)9elqdsAgnPp{)wyn((C5oa4)52q@E@6Su8 z8DjSRV*JC|!MkfEGCP_jfx<5;>2ncws_HxWfDRvfn$Ef!#!Nj@#2=d1vVd|svqjCKSm=mAS_!Zm@5L7^v|DQ;uY-U$<|&O+Q6e zNi{T-BA*sccyzbGw!Kzh43=hhg4o;Dp`$A?l#F8&iPVMaUf z?hc$3q|G*9Cr%2iC$sGagrwWqnJxN!kSf&0X}id=n;?GNX9oCQG{yR_&?*~)2giH1 zOm80OfsZdt@GyxLGC8;e1s^SOWTP6esyuexK!On-eSX9a8Bu=Z<8KaTG)L>uqVt_? z#s9#cJ#MH|UK}an3`!7Et<*8A$GSXv=aqy4R2=|QTv(ufjENsCm~ir@2h?r8@~k+l zxK*W{`UvNEeL>v!Zqr%wuH!WO(Y4l<>QYA6!H>?^X>SO>O|^fgOX=Rj1Ly;S zuSqzF%|5edE#Dlk^+OIpCgc!&wOBg~YJVMn-0i{oNAE%T_1USvu>gPlA{Pv9>xCPN zh(u_zlNh_Xi7+xUCMz?CjdkZGoV-}3T_wPR?N2osIX$mtq^Gj1*j=g`(|TX?ylWRr zPC!y#UVd(LXo$Q*H+OSp@?dJ*b3LJ*)TCqgzEEu5s}9dSzlwMOmjKR7dP(_F7bAFU zmV~OD|7gvB{pWmU_{&uZ!9?1>eo$V3c8{4!9Rq!TZ_Z#~zPPkk2#zVQt zltqx|IA*0LL=^6a8%yz^13-$GmX<==XHtraY*{-DU99UjU0F5WdXwKDpZt00aYCx| z3p=p6oDjk_mzkmn&R9NsStB;PW236l~adqLd;NgMzs^qmCRcOpD*6|MS> zbBc{g#z!`byK}P?ltJ+NA7oS%!M?tlXTT`>%d{N>Hwa zTaD3`%jMQ+KhTB87sKIA0$QQN$68Q2+S*1gPLf8Nm$=NNWkeGU#!CQhMXEFv2jbR_ z&;<~x&|rx_?Lo&yV%xcon9LqAT*H#(=dk9!z^sX`oCWmPR=$SJDZSJ`yq1@j zwQAj*0lqTgGk)4R((@dvT;J)fUm6NHEDusNDaNrJ?e2&>=$I58(=0x_E@Ai#m_GI# z#OMM9$vSG6_5SBt5X5IVq3=8=!`(Q}5pVA7M0(<8H%Vs3-7G@&6hwO?C4Gs4mkTBj4G$^!m*F_l1>$=nrsaV%%s%PE* zfzz_m2d=m->*v$82kdc$K;t-1*dYPi9yqIphf9Bg)TH5?%_=ff& zep@^huo>+46SV@?K5IP)2t-braF=do`<3ZdiQXJ8##ChPT0YmsspGs!O(HSS`oKwzg-FI9){kWLI3lE&Z$ByzC7O5z}m3W(I+RV&4k zzs*}7BUM@yCyRQ(H#D>!^1Y-tll}ns`iU9XcxYp8K0fmI@4W{KYM5TYS{VvlkcBE{ z(1C+KuM#5Nj;^j7#fcg50TukijxNy4A(c5eE6;zl5Ijnf^XSJNTT(lQKe56gR%jNv z1)fZB?9y?VObwTKj~Dg@56}A!rMQR4*>mU62jcG6sfUi70)k2DBCUdTZ=ya54FMY^ zVTse&BxCGmNB^=SVt0?;A(3mXYfS|zI!(#*>J#9PhWb_RXkh)RQpb+4qbn= zf-1f_gGAz=&}*ps7wtCW8~oF}zOp?0rB?mytXZsp&5gELK|*1~TDQ}pFX@e#?^0r@ zE1eStrnyrO76C8^&P-x#XD5K?y;i=x&at+v!|DH|H3GT6wE*tvb^Y@2mMvxAYCvUTn`t-1t%#jEj8CLU*KuTocU(BncPp#P7~L2MM2e-@ zu%P^+#|gOZlX)gcm1wQ9bCVYSXS76m=$&yL_ z>B9t~QG`eT7^j5|mrcN7Q42KiHk|C#Iif2fgYVU*$ZJU!iIMFy0&0F7{fis|grv`P zsc34^^IA17_M4lV5OkZRm^Q|J>vCm>XC=*(@Ax9T0#}817Kyc$ZJjBunn4Ke@4~Ke z?a<)Dkyu?!pl3ZvfDvDrog@YHcq+z=Tr)V_SDGkb(tqpbYHFf0JfCmG0Kq3D9wl;d zlcdnywfX)e20dD)OTN&T<6mOYujowzVCLu9SIfUKTfZ=?M;tbDgtV7*K>@8gkZv{a z-sFqW#6!4G2Jt@^?v4joa$1t>)YQ~LU)~Tj?Rc!aEgm)opDLi-nkeQ?P^f|T-~|K+ zH|);Jj@WEW*&GFZF95W@v&+jjy-7@p27&vqzJ0?wR|51zj>p$@y1vZcq)Wnyzk-FG z3Fz_?wF~Nr z2yzsUJBqu>7vpoJzsr3B6|t~MoGzXJ27InMLQK5IkN0VD*<{BE2?=dh$Ln|Jy7L+g zM0Q7;r-W}rwtmVaMS_!jRhNZ@MyGI#2~n=N9;n+)Aw_L|c#}%Y$gI1Hk`6vEB?2Qo z>bhTw{RwXOBDh_UR7#Al?0bO?-7c4uC?>ZH%@y%O8pR6Pvj)+KQ=cr=imrW4Qtj+4 zsrDr*hF)JIA(@!1kV~IEQf8%`5lne78m+X4TU{IAe6uP0Ip)}C!8}-eo)Y{4m z|7Rrj21cU2%IUE-J=;7(UTv`iLR6^51+e~k3_)2L%vk>v=#?+Akx^0x(8&Zfz)*W} z11A#&v$OLrZs6pAOHQ=G@oB#REFc^Dj1}ri48Ik`6n;-EA^16;FtK(=`RGFSRjfM@ zq90sw8VIviMJ|5;ydRj&)sqc`)E_g^#B65@xYx1WO;ZGQg`4Z-%cYDt$t1`=S$n|O z)Mq*Ur(G-nPJ@}1l1KZ@{Un^I2WM&E{lsJfw;|Q+|Ak30GWUoS;bdz! zX`APofDirx*L&cHx8uME!Kpdj`R6hWG~9V2f8>V`AKpT2wzXTMpU_#sBG=;LMz3&i z{Jl;te~ALJyLUk^a>+0{jsLl?KWD7~@N<(vhcDnlnAoXlG7Z8yV=4{IU5zR*&4;8` zL5fK@wmr5WaO#HEM*S-ie8=$R%Uhv!p5336nnLJgCJ>`#O!{+6!9hV!GSUq~prhpC zhyVCdKl`Zr8jVMjI&_R$MNbtbH};@5D$u5QE2@HHGBb_TNx`gslwZcwHFr+$5AbW^ z;Mr|#ytLl{g&nins09or^nO%NuGU$>G42rvmW>jwnHeRQZ$Jzz<54OIV239<$(WOPu8!Ia-z_f49!U$U_!zrC70Z$w8$na5S z^_Y6fG5*zyAoFeygR^w^pFWnnK>%WOFO}Ba-My)+i{5psJ%8}~d?~oNs+m#weajVg zv(xQYjI)OMH>Y}Bd3VP6^kOG=mJ8OD7{2k$3ik{*{#CTr@?|zrD=yk1PV4aV<3S!J zV{`A-3qOj9FVvq*h1DSHuulPS@a5#ZO5E(#^Oj7o)-t3!KRtTMYc6&2g3H%m09Hwq z0skTDG9|{PIzOQcBG=g0$0X~+_(o!*x!CJh>b;@GFxA9D2KBjGQjZ1_RyHQ-*+~hC zh+G4;sV>);IGdKi0oS=Ik-?9UJFzC4dL`?!X3{Emb0yzov%=1>-Dhy8*fAkP&tCis zp~vJCSe+HOW7rWXMQ~Nt<8)u}E4}>1;EuEhatV6HMU>E0J}ixqaz9%5!t}^dpYnQ- z)r!)=gV8$Ap~lpA2VV&w)|j8mC|k*c@@w(yLL*iCl!m7z()iU_0#=3a*MpTlm7rP3 zu4D|I4m8&LZe?9G>I5j=cvS~B&hz|a$S>Yiaat+rvDQt$&7JT7Q_3Z%O;^0~p=)4W z%{!cm;jcq-Xe--Wy2;xZC#SP4r26w+OgZ8LX5H!ztXKk5Q&ZGJf?-b>=Z79SCu`2h z+Ak>-=P3SXtTMAN49Sx`XCtKEGT)t5`oKO$lvX6Ikma)YkA@O(Uap|3eFq7vBUvnBd)uw4dt=e53&4jN$U#*)^&4V z+>cl=-f*c}<+$CxB%4ss8%L$1+!xM9Iru?G!h3UfCiTba&fKa5d5A#5C3E>IGIB3L z9Y;&28LXIP`*gd164Qy3JlorUF^N02DT`@Yd|PMSwKfi7S0Cs$e%R^CZ4;hfzoa2g z#(B-ixho_oh$B~{j61krEr9ww`YcHQRLnY!G2xNI$}w;!uLy*^xyho8)!}TK!ZUbL zIpF2EQc)dzyQ9rdw@5@Y1lvi%E_*iu-sRN{tq(!m02y?93otf z6*;}!{fkLdx%0fee{u+;red$b1)I91r)RgdGiu{J;Nbe6RE21JNyTV#AaqQBgFx?554R)zI0^=G9R1u&SGPlC@WY?TdSZs~QYC&qwdtbA&*w3SwNm z_+b)+uqywzPYem9t1RzgtBa^jZ(%?DHE-Adi*>L+6-!ZBT=Dy_c-1MRBAj|h+3a@wqvmBJ)^F5OtMj%WoEc^On0y(& znR#^OVwX7IGJm^EeUHevdGiZZkSazu#iYA-_f3qrhe_XUo8``@X&hv#K5(?5z#`|O z&yY>gC4-RGrQinJ-J6cB+paH3&ML})spbEcrFtD>_*k?k$I+ZYs7-HUQ)0a&Br0Fd z5L*eI+kmtgj)#|y{OxD^R+13P+VG^bUO)cCcD>B2B znhq4eso<7(6c)IU?Mwhh^_`o~YVolNVg5BoCA6oU!=@nHk$>%|*& z)at$omc!>lqMUMex{Cv8!W1y2+LOVt{piIei@V$BzIUjkNS}j|hrG|LDYNS`^Hn}Q zx*XXI{k+Q4e68=avw;>-m74}fWFgB@u6H=V%n;T?V(yt-6rV4hya&0&Xj@rX*^JE0 z-x|BQaogDJ5y908mVuofg$iuccC_@)JYg^8`DfIe(~48KFlf6H=c%GZ8+eRe40C1J&n5J(Su`#=3WhADXfg^ztSzuc%{~f z-~ayd@o^DY2a!ACbbyHOWM>2b#tfw0o%XcDyh!n|o(z&BDqG(Ohrj(XyZ(^3M-C%p zy*u+``z!MGs=lgkwQVMQ$%hD(zc@nw5t7kXxuGR)&(rg)8S#>dx$JgB?v=x7RdTDI&Zl{Nt*NPMO6W86?wJGO( zxju!X73Q5O6A82a?dSE>dR<#RlW0$zj35z+0Vz1u08pdKDbhdZ#^!gBqZ+1ZlmrkE zo0lGcGOytO91@VMSCnvuv2%GaXV>5qVU*b#YrMT%36K^Cj>LhLKaR-mRzSjQoDaCv2c+vfLIu+Fo zVHNCPaqpr9gRmvb!bu%f)8e;)zV@M+tUQnuIlW{O8;{2^&g;zEAokHrtfvU7jKNw> z&N;95TKSeP8FS}a$RP6`dXRKPsr}}6uyM62Y72$q2mTl~9)Tq*MMa`sZ6-A;!lTyL zxr5A^O~P%iSd(O$vN=%E`Xn=M3>{WI&WZkSD8+E=fKg=W`x;-n%wfyaj^< zaXU0d^H+gZ;uP^}8313ZM-3Z;-aveC1rnM_@}S%eVfj@vJ#(A0yqCm}uewe$Nt24N z?+BJxKbW>r`Je+rtV8nfs5?_{d z*qthxOJp7J2NkjWj9TSc>uG!?=`Y40Y zF^SI2d)@h%X-@O_Osc`C3iflK(jm=>SHUs4JE3eSs+gzD$YHj5Q z%(1Hbr|lh&$7GhQT|PAv0!cxU*?jgp#9T4Uv{SN?Bk<@(x6I1?fR@*OmiPf^+X0ZD}vqJI)`eL0g8W8>qm>Ouqq z0W50W38nefVRO)xKk{vE;|)@juYJu9e;Mc#%8_^`19LmnjKvqVP{-1~I~@pJRi)$u zUBUalB}~xfLlFTY3RFqQBi)(8&VIv2eTjw;rE$oIJOe z;mS7CdHm$bRV}S9h_`zLKa{+n4ua69$ee`BaO{+^cgaP#86)Ap@U3ExfsYPJ>ep}H zlta>w79vd(r$I-BD+UI(m*wO*92EBqVS)GW1mXNhd{)J>h`_gVf!cd@+TUrerXN4Z zA(?pwdyYm(Fr%Nswudr4UnHP_n*b6|f6wjS(?=P&1p5gDFt%USm>?+(*8SdTq!**z zJqCBznezWG=O;!kznTtNxAjO=V#RFg-^ zRuGkDp4LUm&pC`RBa&*=HUOK2AyufP zzL%iFBfHf@LdnWH*sBBDwh-={v-l?UAz-WJoecU)R4W4#Et;a;=?9u9*lH>m2XAN` zg}Kmq78MmWzfi+dIoQDPdb4Pw?C%0p`UO?giB|P@r-RT;&idP&$CDEsMb3_#T3Kk9 zIi%T5ITD!PRb9;WTba~gUVpt{5AQB|IupjC;N1yQb7NnjcW+9`#9_LOP6|{cFC<;j zf_F#?k~vL(Nu7Ours-#{=*Q^j3oGngWr7s( zZxONqg>SF;IQR~>s_JFK?8c*l7RR`jujW1L73%pP`4XpNLjJ(MgonTIZyufl9-i5r zhU7Ud6O)fSAz1~sOmnEX^)tJvs=&c`$CWGG5eycl3OWj?6;qP$pDJ^~@(a?z>S^P9H33|yR>Reh z4tbrGm4(v50Rhx^3F_7?E=o2;>~2;LmRlK?I-0-EJpUZpT+}lgpCJyl7}E?#K#%s8 zxi}Ouj>XXIQP&4Nk5?3|$Yjnp&N$D%`$BfPsE{u$(R5iU?h*?BFo&>Tzp20WK3q=K z)n1us-a$Lro{XAu{JxU>u0Ml(L22Cg4t5+GbJlz5^}`z7GQ5>~&$W7h z%J@)T`}~zeQ%fru+;>Ag~c; zyK-De7OJYUZY5K|w4%5mQNi3GY&98zHcGh<1b-JZwzs$EOZsNL0?8s?|89R$S&g*= zlln>LZ`*%waf52!ThPpVxF#@y>W=S!Rnl)r!MeU5;+D$|XDw!vDhHpJIY%>XS2&uz zT#gUGLf>{h=zPO@ReNh` z-2Jb*k<$^gFAX1QOg))FGYQyrD9v8Dbcx~lS3B)gXXkFG){!PAp z>6>TL3hIhV(8(77+wcWZ)a2|eB=NyGK)Y(XG^xw47ab{@hEnOZx)I}Oav;e*Hfsg= zz{uQ8cE7GF+&R({Z@3W^;h-fYdUd?{3$Soi`*w2Z>&lfPau1)Qmsy(06HQJ3s>!;N zk)e{xA%`3UVtmhXTAtVC-#XN9-lC2&m|lQM&LgR&WogjE2i>ZidPN1O4-{IvH6*!JFykZ%V(Aq9d zT2Wa!*b=L3xiC~kd*Z~aZRp6RXjrN6BGeN*8&nlQR-YBH6Fp0`TW$N`^Id4v0zdQ5 zw|%MQ1M$Cj-#ve&6c62LC)BiaxU-UGISD8dG}2k_Bx!4GSZk4!zpL?gBYE4G2~4y) z-uSbdU}kfKVt%UuUS*ml$tS$EX4EAeH38=V3&l}%F%QExDTzxC?>|p)0FRH>g+jyK`QaW!(*_e-$Hcto}Q@f+GPguOT3xts6V^&KmFMs)j6+HvdZbP zvXUyF7Bdd4%sO&jf3s~yy|?KO39EYQy>feZ5~yw8WZ_%BDi`?^dO$C3Qbg`Lpm~^v z=G$6gsCw?f9)k-GZj2{PBKa1;#ea2$nKUp-KOEN=hX1M={@e?H_181Xv$I2a_X~$qcRF8xc3`ncD$)2rFk2+<(8lR; z`Kjbd^hNHc*ghm7c3ZZi#0Aw|MVgtIE@+3Fkmju3yGXaQ1^u<}`7T_%NO|VWnP}UE z^s__#t*%$Ln7)!gD(2qlxS4D)~wYx1iJB3fx<4A>C?icOfqu zq~ITqI@3?FKG3YUC`hvW3(_;n{-7E&g@ubuqD+NT=CQ z0juNKMWVBWx5*-ebSNT*^hS2(x{{M%*~Z_N z3=kB})v*rb%CO3jZcpSV`wXq-!V*?F1cdRZdpejAXgdDh|Hl6N82-SLklZ9=V)Gym z<*DuOHa@TZB05+Rv+ASwl1bD$g(a-d?&pYImra*3j3v?OMKXx`K6Wr;F3puXG^*RR zcInbtMSCod)8s3=nf`d_R~pl4FaMm`1j%yEA1xw+VhhLfVVHJ6wQC-XWovhvgD)!+Pq)j;u&#^L{0$TR z1)LLH;u1d+G#@LmJK=K=GASQVLLy|X)mD#5EIv^6u@3ZOg1_>E6vTDoL`)=l=Zk%{ zHllyGpz-6NT9B9MNi4ejBh_xMYm*~OH?48gyax@!sx|S$G%7fL%g9jo2hQdQWF=_b zmMD*XCV3E)nqkQYqu7t2C^)JgUBKyU58y3QT$3g(TKcYhL0DM0n7$$R(z~i}n`XJv z>ZKnkd(ar}W1{Zj&8iO9{>!oI9|*>S-g7iVHIcb6UD@6gKEI{nCpRvH21?bRM?8+pLzzI=EahMVx(Z{ek?R{r6&_{8G7C|PJ4(a?$HXf zS?q9x?~hXUkbMVId!(|*2U3M=Orr5a4O4GUBiHi!$Z;m-|47aLxM`)MG*IZik>7KMQ((%Ke9VC zR(lWDNn%g7M*EI+IXt7b6C&cg4A1dACilyGq}Fgo0QJ3bfN&UvvGAIhDuVi>TsbUR z%L$qb!IYBBrtlom|AEQt!VxB~L=;#zgf*zeS#yt#NV-MQ)u%CD?w2KOv79g*P8p^A4;g*HkobzO7J5y2fy4mO`md349Fo z3E~bM3c`Eg?NvbV zHFoq4PWt8mUgj|i#U$$L6|iEGgQRG>8_rUXZSv`MkvE~yY+RFR|Mii;>8RGl4+L~D zD=XzrrtXL%^=N>4+k7q1eu6Mp4FPji`sAbIbHbcl@03QBP-&IJeiN6{D%>Y13MAh8 znH8GpC91vNpU~)*t%tN_c(XJ2X_y!m_uz-}jwlnjr;ANi=ml|c2F?Mw%!nIJ5%9$! z8as=IBD;xU{b+89t(Ew}(;o|68;5`hxJC)| zv$m(lm&fo@pKc?!VG%3BYEuN0cxnC2Um!xJ1^HKfQ>ijl|Jw(6_bay=+a0x{rxo8M{ zP3KS$jOva$Brxk+lgeg94Ejt9@3GeB8}KD@714k$j*EOgqy%+#;!BbN{5of0Ng$&= z$4a4HhRS!3-Y2Tsc@OG-(7-k{e(E{lgo^$wxiEN}mNz#`aXIS%UL6aNEnQx_7?F($ z%OkO%G8IO`mGdWePg<6Xr!p~?jtDHm!TVaDG|^X8enE+Aq~Z6c53moBl0NY{0VO6| zl2J;=ybuoI$cS|L5}kGfnVmrW^iNg`VX>_+rq;g--$G(7H_q~MD`%F%g z{+90>-CF7tOGzo_giY?6%^0EhzK+j03^zUfNd*q^J9_IU(7})w2JemtC{EX22Zbqo zAvfj~c(E7f=Q42wP&o>W_2c&zoX8XS&!{h!`7I0Sfb-gL@PE*Gt->!_2>UWnMdKZi zw^L%ORxwPIVEX5QX@Pf78}8O!G%e)54E1H{mTp`i3y>530(pMNy6zxW;bq09%aA_# z24{pIL*^?0+U$qGh2=KHQHkZ#xFq1<5KK56QU_ov=nzE;Y_iknxZT3@Gtq_O7BGGt z9NG101X-HU?icI`XDkiNj-ZD2&%F>4gP;8O4A!H))WA;HlW$Zs34n_-ah8`AzGvjy z&_@uMdp>fXcGUb>Ln9 zmJDi~&OjS)gxJ&wROArr186DZMt$@AH&WRf#zlGn6lKbll>sE<`j-eCKxKJu&@1mG z{^*2AR`Ldb-awmI+sRb@t~@`Lq?>r7G;_kW%~F^r@HOGME>W>TXM~Ymv)|*gb90Th z5#Frf5=t=kYgTyriHVki2bAL=##mmX)H?_#@k?eA;7GS}pj$Sr*y&G~{ubL8U9L?lAj5z)GBYN#xsEXVTR zX)tr#T79riMb;n1l^P21xSfGuN!+af7?&AQ0+6B2i#8vN?ri<_L`~8EnqKR3F`U)Klk3WQPDvB zyqp28fBP3qlw=|WezsI1-FufK1c+qzi&U1aE6e=dJ$LY_0e!z?V5_@l4cU8e&tU5{ z4m#i(iu~D`A{USY#EgPJ(WK5IED2Txh!x;@f!*q#Hf-EHB%<0YK&@Q1+`S$%C~}$? zt=<&f(Ke5*6)~sQRGeK@>Wc@#v?u?US%&jOG0C^$e9x33CTf{*%);JJYXQt%9*)pK|uX9I;8B2$M9 zYe!QM#6%o|{);Q1#xdoUVh0wJ+T4%;@lOm77P?Pj-&IC^alZH`h0KKu;;HwqJk&~0 zO*N3wUVRZi_`@rkN8_YGk_71N33C>XI5cy){4bCv-vDPY0`esI0vE9!MH_F{$acpS z2F9HoCzCQKlM7i~Hrpi_ZC(58^Wx>DGC}Vptc*OliJD;^*U4q#!t|hB*+BFCodYn$ zVEZ=Rcll@5zt-o?&LypOAKx8i+U|lDotRBcDs?gV(l`U-;R*yLMr+-In+B9T2!hsL zQr3zDHTY(~n#*EDc~Vc`E%|oyf?u6Eqt+3y&vT`vC84nzBCb22pZLS!8!JL$y>V0^ zH-UQ&(Z@VN3gi=>>s;|x*BXjqgS`iNI4ZDIq`(-%f9xqR1T-pEpOjWW zzr)Y>zDoEM^vb@KJbG5@Ec4}C?pIeYT;Xx_D=hMt}Uhd5sej9c}Q_zOol14{W9( zTN6`=(_}re0{VEmel;C`_kI`RyI3qQta&Lou`F`X=&hx$l{hvu{NFn*X{*#{Aj;Lo zazs^pvFgEm>1r|SqO&2!5YL5-J~*&76BcPjt~^ZA$IYtxktXEm+uVFFl$BrI#pH5n zb@ZLCVEm?|R#qW{L3j@Ha2VU~9Oq@g3@1&4);Z>yW@SfVct1axpL=_raj>%_lJfAhTEH56;Tn`bB^A^8JfXQmY1P}bmL)M)Bx0{*pj~V z;HF@RUaMp3Hst5ub1`I<;@x=J#ZB;t`aFFow`Nq>W)~j zf~c8~m07<2gRS}eJ|F4=1rtiIO2u;+?mZxS6omx7rIl^JZ1SQ*cmuFqc`GfgRRJDboSb4B*sa~juE zE_QXEhT^}D%q!@vcd4&_Gq=JLRnLY!YD)oz7y5JX!}y+1KKY zn~lW3%9-+T`}0~=k56S%R!`vyUC%|1-jx?+_jYO@oe?iPwD;deGT;ppagOnXMi%!1 z^Xd<@+Q5v^MDQ0gPqfl_?ei1d6fUzO=0dM(szBZL$G`(3nQ+(>=p!`d9-&P6(U`a#e5q*p%96X}i_tSONU6v;_^s5A$= z%+Mama-4UWVLuW(IhGgB->dQNc2Q>a0co=|X6a6cNsNoN;&_J6i8O5YoBVez$*dmTbarOX#C) z?_HVfc99Dq^8pE_GBv0FEeBTr$U*)=l8v@I*Dz8I1`EIN#h{04_FRNC9?3>H50Ewc zoHIQ0wZ5Awe%wIT@n8?5{oiCSn3+1&e?>UZ4gEQdQ!%#0?b}q`?6%|5VJS#^42P(^ z@7!j*bHet^L+Eamdh#$@2{)@icie7boohbCARCrCW_=3?2pk;FTG1ZW524eq{*-Fj z-*Vk@468igd+>A1%a>@wxg>K9p8ru!A)}__mcPoO2SzvjG;9M{XHot91j0T`Tcamn zGVUAP;XpQf|N1)y)JK~*{c57UfI#*XTTHVvsBrxeCR*7Bk(9_~>fi5igUIhpNCUg81{E~ows%EyCjOe4CFYFzcI5lYd)PxQCea$G3&a|K z6Nb~pAUh?A9Tm*3kY7#oG7!i*EH@E3{%)W}f288T<}KQ`MaJLSH=2_621aV}Rps>U z>cPqI*UGm<@z&XFS&g?rO4Off1 z)xTbsIA2K5^fDEp^BH8q-9@#!%kOds);p7!6+D3}~j886O{=3a!p!E0rdExr%o z&`06kowx~W+@1b~2r=3Q6BG99u7vUtl%s{iF>j|#mG@+lR|U(Y?X0s^&bs3e;}dPR zT~6b|DL&V`sH_&~b^{H(XB0hYK+05gsw857x@;q*vYJ{fd` z?g=2}X^R?D+j3#o1*~+yXNS6Cr|H>2vU&%{IAayl-xm28HZUve+plDaT;J$eUF%Kxn!!eyhoAGVmQx{A z;CcCJ^?%ej4h_QmT#c=*s?FQR;`De5V#Vi@HpM{6PuQ&K>HOcw$peUc$!xCG%cfAthIDivW`ES+vq4phOMO0DU zH^=+wMj8lVBi(*DihQuc6YSf)-<>{UTi#{yG>p2zRX%iK8% zq!pfEkCRrxW+79Y_JK2^>yvuh(gphCC(d-24{D&*vgNU{xd>vfI(C{9hd07}!&|p- z8*+7Yd1I$fe~j&236+E%RfCBUd(9(4`4Gy{ot=+qp~J`U$|r)I!XOPBx!dsVgb5fLoF|wttYFF1!qjmsS zUQGgCbuUeJkG<^!FWRr;Ub?HDYss_Dd@S;zLeIW%CZgn5>qYrOKhzh+t}>0w>r(1O z8mPk*zAVfjR(c2OdDnX%Jwvn#@J9XFyqD#qy2_u+7-S-a@RpAp zx$tmltb5m#iQh=&qJY3v85tSw0%$g{d_654`4%r<K z-y~ed7cbZ^d~$2kQVBzDj&)KV2TH*VXmlcM*ZoQ=+Xu;o0V8r1U#CoyF6u5oAph~{ z`fW8my|2oq@`%xgsmCU!UIVTyt)Pq3Ya_##fSxO>tgOtP!MuJ$n$!ta%oUaR1ndfN zZ~D{>?hrEF(&6)9a4_6jC+wvd-D+a`lq5jlk3@RCE-Z)(sQoiI&}jduMoIZS#M$_;dvc^joWc`f^1hbas=t6?;O%!du-D`i~ptiGI95L+4;#%E3$Z{)` z7Vw_leE$3yHlIRiqTITj4ttTPJ8eSHvONms)_A=xwg9<~C@abYLrC|@{*nO2aXws$IfP(BWK87QTPOD#6?YoSOMR$Gx;uXAng2sGm1D!3Nx>-r1&1O zXw*|oy9BTVNr!F9kDNAJ){_30aG*q^D*ugmN3}gpq;)99v9j z&;@8{;u@0d4Lz$y)xHqSy`qqN(qfeZ4ZDowHDi^8-WE6_te5d zq`iF0evXqw6ZU?`VO0~r|NaGsQXY|EhwWPUX0B`F-D(TRH5Ekyfx6SRnqSJG4TmW(=ZblCyrRt+* zeFX{$iujkc_Dw!?AQ}X{q$Pq5tb;H6A$l_NII~6NnaRN{kML?KP-Qcl$hRDg&;JWL z5NUHioZSCA{edM%nYvR+iC|59?;#0i^!@?%h`4+G`$o=kYoi;5chCt|CVQgy9Eb$Z zWm=VPqimCZGcJILlBwu-wf5Fge}4gdVN!eDANan%UKWOstdLX?>=N{I~{Op`O&)K|e3@AA(2n5Lq0yA(!h z8S2I5s9vnCkdF%|UO{tU_Z!8#bexx4=X++i4V;E+^gM;FNBmZJ5!OBiHB!BJ`hXpf zyW#xy;x}51PUkZE*V^k}3vyrjG{DaeE)68H1`Puz&_xQVU>TZkn zV7s9znnTON+iUBV-=?++bpnS8oDY&dndv?evE2>3BbJR$9Xi1x-&QgOn!=EW>L~D_Y32RP5Jk}bWu)`CDs1t^NoXrtsgo~|46Rz zV^@BmJ=zO1&fB}cyj+>QXn5+U-zVg6hC7nF5R2E860UYzD{Kw3?i!KRoHGccstItu z|Gi?^iJ3{A*M4E>Zr>}bwnn>s za<`axd7u>Nz!SbFrS|wyt3d3MSI?+sV`rw%2g-}{;7GZa4Q*tWYq=ixB@Gy4TVJ1%v{ zoA17||1sK@sAb(XyczW8gBv`PMK&xFwe6kh^;Pd!S4Bqe3$%0T^%ffRSud=}a%r~o zxb8SI?KBcvH*6z@PhLG$EFdvk*m}Ea_h_ijKhDBA#YDVS(UttQVPK2S-)!N1DMM2$ zaiRzqXW5Ql4dLHkk<7rQ*sXX8t3>#}%P_@%lVQcYhlD?cca@ydOd=cI!g(52orEQJ z(;OQDrwK_pzZY9Xz?z{KNB&Vdht(e~3~cwg{F=4mXMEf!HUG0ghkSE3TW^(gXT>gqu|h8^UalnN0B9NJ9q~++QO&&b6BK~J14%I zT|RtZ?1Yj0@7hlgk3;@8-jx8Ow8WY(pTwdu@(^GEjKEJ~B z!ae>D$V#jC9esSG8~x#}#a?>7yEhC=>8TkRzA$iQFdNgrzqhe`?zIB5%a)z9h>O`h zMeKJeg_-?fSwLIPz$jUH(n`<4wt#0;fUbYtPAXbl43hVB4u{BxjH{D{cY9_%!+ADW zSEU`;@klpb(4RHXcI;VL>x|ZWvsJSyw!N^-t)7DMp_vWj7LHdV+kQ^G)Gm|e>e8p6 zw-&2jU}w4dR~4h)Zbk7_X7~qu>LHnf8;AZ}qG4&&3v+aIiKKJrTt4g(#Ak2|sAAFb z@k*ienT?I9x_Bkqo?H;koP!WLc$E~!N4(PO-o2a@Cdla|A8NHUW%MYKWdlT-LceW@ z2!8PO9}Q8sc#Go%)qsQZc>eo4o^MBN6HjD(IP-9p=?jyDYokrHuCMC_=k1N<+$e`b zG*etD%o>5uh(&XZR99;@%8zn>Z*S!@#6;5kTI88Z)-Ak*^y8I+_0WAvJk3m7uX{{?h$=UPZd=pDsUw9!S) zE3A!xgpL(~+!jA^cmBxxwQ^@^(ljAuNTr4b2iKqt5}}>-xKsyUK!OK@N!ucw07SiM zmq&#F{28_KNHFR#rb!S6x#ZIb-7WA)BnN3aLDrv{!x!oet7v$=^ zjh#gj^pBuq66xl;Hqci&Q0`@Y0CvhgFFp^M^4?Pt?}ldi4C<$jX45XX7BDjNN`s`I z!CwNvl30oy^Ey7uW*D6HqA6nOeY`Z)(i#&f2F4_Z3jYw8zy25db31-p%2;YPSxo7k z>5~VZ&gwa+IVJeODb#V|BQ4YvRUbO*z3$V(l-7rd45mlqpHJDoQ6!KA@Z-TJ~{)P z_GcT}?T zt0j9UJFUxIfGv5tT~udMFp<1i?2DXiP;b%)7y7zfi?92A7-S0m%k4Z_HeT7_141k@mZ!w^z1S&Ys&5gN zO4N+;J*<7%pzCy-yEd{obDd@|!f_^dPm!@Je;&FqJ^Oq~j%QnQ=?Lo>Pe-JA^1;IH z-c^Dfdb6BUJL{8uFaP26Rm@~^@BQ7O_mEXvTY4Tb;bIoq`BvA(riRNgNNj7aY`#LU zD7DXW8PXcIy?Hj1j0Z^9mv=|Ym?m82C1PXEUAJ2`3^7u!2Z+|K0ia#muf*+sakA^6 zoIOpY`061d_0x1eRZ4i8F_-Z~bF1?$U&Wg&67s|m|2Da^(c%I3KsGk#j# zd!4oW^cG8e_goizDga>w#|6Ln>RVeBlICzZRgxh@%q-eRHyRg9-C!t zLFAyI75AQn**!iqgq^~Hc`-R2CmAFPZu=vTc>AFvK|66Y=&OV$VHs>c|yo}>8s zsDn%Ls2H+W)dXB;o%^12O&89nxjKLPReX@Y1;u-vXf~!Lt>mC_#G8nobZ%MZ4CX>X zh`$^RqS79t!cirI3NBvi)D`5V(r0BcvPfP_bg0PyubVTf)(Ncau((bb!V2O&5;J=fnkI`CyRp-$DYcFTQ0_RbcKwaDo`fzmTn(Dk?7L5#rb#sKBLUfs8x2v;YYR(tN5D1 z_l$@8OyF=#9Xe+H{2$QiM2GSLQSR-~Y$Xh1G~>BM@GyL&{-2cL_)DW7IdFKGepR?y z5?YsQg#H)PdYyKBqAj12G6iuaiK5B*Zb5JHsS>-IRO@*aN%#SR#*^>a;aA?%1>VD< z^zh$%2wwqc`6*Wk>E>|TYuU~YL>AU_o);Vl4Pbaj>gu8BoBOAqVmxr0k<9{H z(bonxpk?Doqr?F`F#^W*I#SEBFk`E}OGdq~?Is88pH?H3tecJARSCeCwK$< z-BJ;1gJxce5Tm0-i%ZmYOM*P#mZeFnUAVvwg>_?3paGs#oCbJW&`6nPNRA6oe9jZz zNDyHeIg*HOgdDNl4vV*z5Hgy9FQOm0%Yh)u$PadjFTz#+l#o8Me{T^xfjq6A#nzL+ zf-BH+SJDGcq~tDMv5S#RLe8LnquUj0gKv+dNpCo)!ngUgkEk*O9Z6oq>~*m3FE;}w z914B*c@9udDd|Oi?nww#I`RRsWufONmS8yjiIM>P^?hrzI2;f{`BAgw!>ft6(W5|4 zx?dUy0zOe?c<-?qbGqJ%` zibHF2DPb*6q$FDnj1bskTNTV-Pd=men_`4W_(bBHcqC8$hn48}9|T5f0`*lU?=K@b zD=c~-1S-g;jalA!W7%WsGt4MtRexYUYw+m#t-I$5!6Np%9is)06-$rPO2OYVno&aV zNq#rs)>Ve4H=j!SlO$*qUr2K1&*-;76eQ(htNuhlP5HcuMHRtbdV0k3!*A@9+ZB%> z+W(%RE%|R%74^j~dCTd<;(Dn9vy}t$D}!Y2fBqe$*|j3=zj55y7esKM2j16$@5vh7 zgTOfq5p1c&u&C@)Fk7NKUGno$kjC8}oUUw0wt0JenI{Ev*@-df05By#?|m*b9JId! zv7B(x?+Z&UFvf}f1%IY33S$KY(#V(5|MKT%<+wEI3uksHB!$$w^PdJ1UOkj3zuzx{ z+61yz8eyS%@L%&HC*jQE;zgiL+m4yCwslRi^)Wcdl?l%2tACdX8y+GBMiS(3I0sEx zy+0ZD6`gY$oinh=3+Gtj8N06DgOj3iC73M7ApJ?aSatX|5cgOqXEN&I;uo|!vj2oJ z)`Zya&y+~x)s>Fz?z*Pb@uD%OM>daV>;&>UvxlEf(6L_K&N&$65<$?!I~_#JKj;@j z&o8cJ7YA*Ck}r_Lva`FvD#@&hH|YZR+lE!4#$-Jb^~W@MKdr-KkO!9YBZ)oak@Nru zYMevP+vBVRuPoLgrfCH|`leP5T3H?Ei}jjx^47g4mfwv~ue?@849bhjG-aO`nUOj_ zroLM1Wx1TpSm&%~SlY<_vc&C!y@rk>$bpgh$R!*!?0a&yCz#SCS?)JknSCe!l4>qk z)L%MYb2Y=m1D*^@=mb5^<2rfsDOXocojaAKZ$sVQ&l# z)62kFO==xeEw4^9o#r80$F1ll-sQ26Gsb-A3|*19^9*h}y>zQpit?*Uw& z_}KRtu(w|cp;g-A{CVU5xSjjdr;^NkcxR4qcFfn;(Gkr;@+mD@n4`P()XDe67w}Yk;uWNoaNKtHx%z1}hhB zy@2X25HgM_^^h!x4CdKWMqDQCZk*?Z8ibCIHl3+)v6dn>%4h5H#X5U~CE#HPG~ zA-8bzU|W~h;`cP9jJZ(q5L*f?a@g!XO2J>{V9vl;NI^n?UgLHbdKbr?JRGhOOG9h+ z`(0d`nW(z^)&zIeS`@?++Ba5~YxGB*X{d@SV6GH9rLh6HTEtsa+6yV;6`- zm%9UUCIZPuk7@}SJA~T&_`1Ll`j_(W9*2Y=@Hjl1L~wzpX1k2Z!4ilt<(%z|$ouSj z=3|oOy_-Ud0b*@tyXC@7xi<1rj%U5-$b>~I7VXsM&o&IGt z11XcJhXw2vjJvJ6#v-<&G+pMRg^{EAG_9?pZe$Zz-!OGr-$ClWgb^M|8;v#ksr8SK z>Ur*Nl*{DG(A0)9$_3K|WIy!_hfGnl`|UeM;K6@-NJ)Z&1BSmrL3;}$wP~L06SnH| z8PnJ#>vB4Hq#(V0Lx;>&xU)^Cce`-IlJM%qTd(UAjSqF()~32rydjLZJ@=D(Z{T+q zZrObp-BPcAoJQAkH}ATkl!84tzQrE5Y6F07COFMlMvmYE-BK2@av!&2jY+cTY!@CN zOQkz$+r3c~!z6fy?lTkpk!J5VkeRivv`*cwXeR8=p7%}HuWh2Ca>{y+-m0+}MH}uQ znf}MscfZP64nt;o(cqR(bRFq=fVv7t4AxH)XYoka8Mw8Q2 zyuhklW$ixj8spPJWf*#4UOuCQ%-ufiNQ@~KiVYdMt~VZMnsN~(-R(@hFf(L+Brhwz zkUy)>&f#&UIlYA`=~e- z{ZU1Z*j%dLmOiUu)wPJjR*76Q<&*v0mUe&#gZ3xwKV|PD@BcGS2rY`+cxBM6R=DFg zX4Iv5to~a%)627wk^0Srxye2Bvu{BBPOrP{G#9zpPZi95bX$ox4rZXJ&&iF<+#9m^ zPw)vnUb6ybZ)SHB1Y}5oK%8!pTB2F6+{{#pL! zdyf{s#v~`psr_{>2I?-*yRD%LKO1Kh8jOP?Yh~qyoMsrAHuE&$*-JW9`nO zt4^C6!>Nl!UL?Kozjed&WF9+xQg9y>_2D=plm5qFqAehBL~_fr^5onSu@i{{6k+ev>R4UBMj+C}}} zdCJIEw9ia~v+)L`xNO4a>-+4hAT(ngkM*WSe;+>GAPt5-!gD%1XgrH zTIsCnlvDp(L)VGmQ#2|P_Aako7yWZbpMaf#4>K=yyvS(vuv9CdY>$06j`k0vzEdalc?%6PR{4>?{rcCMo& zQ*NJ}2MRikg}1xJtv=v?vG?8aSg-&8=P0R^hK%f@kR6gFv?z*FvWY?{D|>Y-DZ5F- zh_d%gX2Xc=y=Cvc-Q2&|b=TeL^Z9&7?$h^=-{W!4KY5h%zOL(az4rBbJztiI%V839 z=9y_6EZ4s^&Bv4?N!DSVRMwQo!sRgWF{a~WDB8RgIONh`Oer)LC^ExMZ_I|*e z2E)iuJlA|P33KwezIpjoYGR zXAsxvUO2WqE+W_X=vzJL>$4zegC|2+;38M68-m00&`b@-AAUpV*@IJcpjN4oKiHv9 zH>*P1)i%8hET{jK(YkFXmr_haSEYnwxxG$XmTh)UP>crD6J(9KkemNW_PM=Wyzixf zq2VCK0VqX%$!T-<4~#h~zzk1IhQ0Cc$9KY6JDWS-cqB?TLJtj-@z2riux8Q+#yO$e zk@UP!bcz(ECt zuN8|AxKF!~g~`95PSz`RZytNgdiK!7C-wDG?ea!OM%ca{zrw0LvgQ)+X5S5UYV-xr zQ0|qx7bx)p$_HhNC%A#LPov7_*I5XnSF(~+v!R6!C&H|1+L4n8)>z2fkYiD_r%mBE zB>UlPEMEt0CNMS&aaV8Or4}j`=cDU;iTBxAde~yLhbR0_eyj;4SCyzbG1uGv#DCgaEV$Y+yAXkB2e_5m@r0S`S z-j|BBGZZq}8yh#L@%*q)YM`@4Z)DHZDcjDqX5{)Xi}2Dwp#nWyP+eW!eBD*Q`~oj} zT^KwtkweaVZv*At9nsuNC^lk)1D^h1h#K!6t7}8a(!3ATD^dt=PF6?UeHf$`wFczz zbX`s@%I~S}joh+&NmF=(vMEJV!*<%>yWCXf|j^M22N2zMwQ`Ij*%?cg{jYx-e`hWa>?AWky#c=%J@e zX5i;VFk5Taj3u+sg)vfw>b*pEU0>#GBkv*59ERTlqA5$|F-XLukI z+~=w!19#-w!AOLKT)zXoKk&0h!)6u!dd3KT3LQYL+uAc$+8EyN5)AuPwaFDl96c|h z=g_S29U)gXuRZ``Q4jz%3q2hu>$?wWun;W8cMaC^jx{G>3(vt0D2op}cS0h(fqo-5 zM_R;k6hh=oB?^%%9-QXLk`gbZPfRoUWc3n-#i-}Qjt~I@aCkBOQm`xj@tuMrjU@(ap-LxEx}LYN@7pQxGJqa3#sOqHM95Ml)8l;5pjkj5CXNidP z*52jt-NKE!y&zKn<(dW&@jln8!#10-<58YjWJz8exb8k8W_8?NO-=5(P$cxN=j3Q= zOFdl|iSUr8SramPdfpo6i)RGA7Ds%}^>_H(4#Sr6y{l{Yf?t}J!$iKnxV_cjkP<%P z-=x)XpFPO4^30h;`?*p7gJwFOjA94CNe+4SY8Q=i2fmlQk-8yiq-VZv^3pN#*>?7) zLVTWyq4bLNP-|4~w;V@YwNfKSmD&v2U?ML0#vRWxn=TccRbJmZS$?? zX7yn!Zd(!Ab{HSqdz5@qigaP?ZEX3oZ8Dj8wYhdef%axo zP7~34w{}IEg;~aT3upgMrM&x+)N2EsoMf>bz0$?!2blxRkAFF&eOjf=d_6{IWB11m zc6WDlui5Nw>z$3bjKz_Jr`b9`S0i)(CFO4!CeL_nlwq1~-A45WMfdM|U(pf6l9Ct) zQ>mn^z94dkmi;7DRP(bla|OLm8TZ6qZa>x4nXS*DRwZbB7CJS>Kf;8X$EO=}ka>@n zEb-QuFp;nWH$-^pjQ1OM9?uEg7yHfwvXFa%n9wnhlKn#5Z&n{a{7JHgd_Aw}v83JO zc}@CV`g1W{*D_304vTmPT5F#wPY}iEkgsP)mJlf8tAV*LW|g1YdyG6x-uq4IlMN_E z(<=6QauVg|e3BJcEu`O~>gnxovHDvI1nJdIhnQDPpE7Gx^WOKl?Et|BK9&tOfoV(- znqM|n%1<7?mpUfm1_SGXT3CMXM(PZHuuC5G})djBME zFkGa-GF?KcCJ=Bw_^H1<*Q^o$hV%i4ig=v|?l@fbhOU!-Zy;p8df7_mueagVrzB86 zI?S?8zSc-gM)*eF_bjxxo97R;GbJTCQ~*VJ7@6Zn3ZZ|Oj0~Qz=^Ee{j2NI zUDwgSic3MYoF!~E#ME+vo0m*dZgRux#i$w$;D79V`d+G0kUC0rHn($cGymnY3~j%hc(6@TZ@l4_!esAvjVKmWfD4B41$BxsJ%b^iL*%t=r3U z8n&ycYI^%MTlHDdHVf?wlcS?2I~%aWjp^VX3Q_Iit=4JZ@JK-N95IZUO5j4^g))yLjo_|D88Zs@Yb{gu{Xx z=ov|=d(8qWwXjSFusdy&eyUYly=TMXdl{h<;>#NFtb2NI0%R0F_zOA7ohzTRS3W0t zUC9*$D#|oMm6+ZO5Ex!q;Ub`P;e86IX_D90ZyucwXKs7YY+6urALS?Hcy$ag?H}Dm zxWq1^;jDw-0D6B)E$^!}|C3M)@T(qNluVw7`NeOz#prM+Xi%qe9xOTi+Eu{zgMY}& zuDOH|{-)RN5DHwFFirgi=C|4lQ(y$l#b|HQK|ItIWc&j1pc`YtMWIuCG_Jl~Y& zZ{QiXS02#Q>l;LE%8W$gol=q8oQwObFbbM1GMlUmC01CNRrz7lx9Gp$vw|eo?c$BQXUl$cOs|$7@N6s0 z4J*;XT-k3M#at#&85{MKjeo~8hjmii`>E>k9qM^;;|45K%r@{!h4&j=C(dA9xddF^ z7!XkWeWBuw!=wG4@hkP?$3R6WH7l!oyKaO;D^#L#q}YJg+rw1#5Aj_x0&-#)gHSBtS!BqKE57DV5mu$$91Hcc|q?B~k#+ zw$VRw9~S~)HJ?5Ezo*CWfV?te?{aA7^{tcrS`HX*_m!mQ*sxcbjYW!+dTnIB`GXH~ z_J44_2@MF0oMi}!xY+zhVq5G4Lu$3R-?a&s@DYPu4<770{k7=CJ%M`asL2%R zB^z5MXX-nZKhw{YPx8|bQgh1fo3qoi+SEAKGiB@OG&og0_Frd{inqf_Rph=Q=z+N_ zrlw_N^pf{-rT%i?!+Gf< zs8dm-?HtGa_{ZJ?=D?{zf3eKa*MGKuOcIoT!bArm>{iekOWggzG2mE@7x2|1NCoO~ zD`4YhqI7-kk(Vp0B(={a?6hd|6@*1Z>EBur$Bs$tz>UMDa{1p?pVivgoWrzQ^Rwcv zF6F8-^k$1DD~rk#Ic`_=z4wWu*=H19nQFwXwf-?O9Z8YggfQ^}+xYx!z(jnygmQ!Z z0KJpoQ|9c5asBp>`#MuN(OhM7A>&x$)YBD3r2k&Ni2APoj5o9_Plb1u@yH)9$2Ly5 z^<^ER{xY;(**A7u)a+Jpln<`$k0b1Bl?e=fO1J{S%A}{?>=cVaM&23gmECE}=F(Y{ z^)!WJK@0l;VoR(;Uw7lk+ z>mu}o-SFIa13%|MDwBwceRKp#m_>ETgBha-G27*Jl*mF>oG^0m>W=nN&m`)9>oAs6>-F*ao`>l zB7xGUdxi<=-3xp9-#Q{E^Q+ba^4D+n;~eZ_~Xi@RdeY#DT_D>w=8ToOHi=; zC~0Y1m~l&5WBZH&6y(_}jZ%avy`Ud+jJR;s6SXDG|MBE|LG=}-ytxF_dbJt4b1GO2 z>WSU=1yJoziW>=&m?F-?cL%YRE&MYa=8FXt$h)E+N zKjFznh|SK6E)n8|+6~}~1O&DIZQ|OT*uYDVhw zYFxVcRr%LUPW^ECzn~P}Z_s?^q&Zm=D==%_xwyyUUEil>K6Q=J2XzElU4H@f6_W_5 znFCli%cZV5RJ``T>eK)D9e6%W6HjH$S?Y4rZSPpwP%<*?Pi5jXfs-odtOc|ykocSnty$Dh(9S9?azJDCs(N(Q4=W2)fBhg|Sy23@)yarP)_cfv>{ z<3ua71jEw0Ilsp(jRIV4*rrPb?r%JjtK3nG7e3|l4COa|gU=#JH9uLf)Ro`1^6ci~qczcQbs1dvFTCJ zFwuL1*ksD9yk6AQd&AX3Sm|A9@4!UbGUarsx0x@x44W&vLhE5(1vck z91rvxQ4-Tz4;$>*x&bCrh~WBPJ#SliS|7xc5*!vn@!gC}B6R!m>Uw)oaOH~6B@vrX z@gfauZKTo4wzTl{_O6@m1}G?-X4~*j56Js!r`6pE>U|QLIaz!Z>!;-4U|)`xs1ii( zKQuUj1m7~O|4wJ&?emLsPIU6Q6>6c?r+q}>vTTN4oQ*4K{85G1jev3j!(!`CBVi8F z+p@|f2o_@B+5-|v;yKpsp%-8BFV~3#q#Zshx)L!!qx$1HogY#$BwNTZk)WPzj;`KX z;m<0h+#yRp<`a;;Y?*C&dG4i6p=sI9WBP`_f@5 zD=TYiLbj4T`X=0c%vgY{aGo!?RG26|E7Z;Fw>835QdU-$$J=Zjeuao1(6Q~-ro?b6RRv>nj62)!UHiy7-Bc_yEwwB@K>X9ChX>pO?*8R~sA)sF^0CF#0N zeuuW^d>!g0VBuE;NfV?>K4Jo_IeEZrnUJ6Obpm5N$#;C*@DRsuIEWQPpPRcU zu&uJ$*V{+4h0zaJ7In9!XFEwM8VFH#-ltNO=2^xzSaPfG(X+_Rwm^6F?QC z!y+XR5uBPTT!7nw%W1M7{+2!zge)09C6Ce6ckvNi?FGOCT5#Tcg3H&hUuo&++*e?x z!-KDvcaiRVsUIktV=@%K`y@SE#dfo%VlAVJt8u#&=rMI^X)q~)8*8!@qmmqwoh=T{ zD;vL(9wj%_9o~Uhj{`phK}o3>^^PCui!&mEA4M_U`L%2jEDHmz$?UV!vnQ>sty5Cc z^x|kp@eRG*B%!RVmCeoc7QJO&D%Y=9Ha6~r`astTmu_}=Gyj%4^+IVRj%#yQ5CD`C zd(?|#Mub{`@Eb&IiWS2a!?Mtr>+HOVf}&umT!IIB*BOQ&S1g4jriQoT;7C51&8 zMCQEUM%ULDfF!5MLWvot0>%eQM-j&`FnG4LwHb`{-#bB0vm4(gzZZrn^p*8DC$m4q zZSj|IcKQ-1E_Ue9p^(^E7zRgKu3-enmU#grNI7#{{2Bs6O1mF{uUY1?XBUW@?A*D z3rNU8O27yl$E%Rba0_%NM?ySNkkQ}qn27R+$=&=%0G(8uWpQy4e9^1(i)@lC^(6Uu zF7MyJPt0?H5l}$dp~9n6a4LhhaKgKfGWk)P=KcfxJw#~CEMVWF=1()w8-T%q2bcE< zA5dI_6tnML&WK&5@ab>(_xQhG6)krq7v)D5uj;rNFZSeVlttR;YDy<66^s>5FC6`)LH{%oCP&L zAhbTh5!- z7WJq%s|t<(yiR#ep0ETlk7dXKv|$0h@|6cZSwL8X@H2tm2ul#-A1XlSN8TD#vier zYU%$*TY_Er9~?Ip3zC`j+zldcC2nM0mpz1s)shE@rwV75Idt+-4l4P(H` zUzx2AGPKFAojy`+8>@wDd~5shZX%Z-uLfO^2JTt^zyK$wZjwd2dF6>jz0z8;C)ijM zN3J7t3w)onvW5c82HyBR#U6Q9Xdh>5;?RGa`Cj!|vDoKUBYPAqfC|FwmMn-0zaeu} z6euZ9LcZO#&w3``tKFGpcJoNk_C17w0mqg(b0Stg%R6L6`IYF?(J7SV=-XMFIiCN> z$sTn0EBQidO#D;*Ct~qB254G>>```isWoI}_8}HPE2>NJw${UK*-OFNZk?i(q%5dA z>Qlf)BXp0{mQ45)phlwY!uFF0GeW+)jtI<%qF~8vIDtDEvor6F4E^Smee6tg?gxQ; zs^g;PT+Fp@1;u$kySq-#x=qeWqB^ra9%uY@Ue{ZNPNX$!*OAN>!OH4t!AD$M8k@{} zh57ln)@$U(DRf!Z$9aLNd1&`20Yjg&nEG(5%jYtlz?mKeBM4CF}CBQ}iYo z{UIM@hr2$mg`p4U8y*oU|_ z*uTXlm2^@DVXt`R8inM!+}As(;^;P+yJhs}mrNFN(CSJ2dxV)z0}0FM8y; ze0JIX(C%kDLSdNk^49&6Fm7df`qR9V`=9H&KGM1i@|LABl_v>qc#Qgs8TQ~GjDr!} z@F34HHU?E1EUvBnk)Zx{C-pfpqRyLb_5%JwDrNS~BPs@x0$a5~9y?`+@jJPU$n1i6gpNCQCSx3#b>(9^ZqW0LnJioC=?NmdW8Rk6= zvdj76sq4A@`^(IkZh>`aeXe6-a&Ra{z$0>2ZaVY+AYa)o+XFzrTrrM>;07(TG8o7Z zAavms1G&-q3*T)cG8n;iaNUMHgIRhIS5_Fq44c(hl5ZzB*pETtyo>adveb4}{@UP>PF-yY6`uAgH4K z{y1M2Gp(`$whuru!n)(uBo+@`jvBwM|=>N?hswazztb zclQ*sCu4oYMmaW+`wzE#E_=>x`fC0qo1lHY7%q#gM#o{>lUc2}N0w{%!s$91@d3{7 z7~_kHfI)gZbH*Ov8{AMGn3C7phJ1r-^|cmKaL3GV!{$G%e1=&(&xJ416u;p1*G|fn z82{4gF#+b#B&#RHgW`}iz~1X3z13#ZCDQfWs7=vkr*o26LFS%0$L>&OF56SN^Gj>A ziseam;@vl7@iu6^4dRg5B`VQa4T+rmj@#YX?)(+xMQj)g;5f*VxZGIoM6DlSS$9X5 zPhYdEPoRxwVX3?9g^2ONi1hnqJY}|Xqpf7M5-QqKX4IbpL$oHX>*JS9)iY<~bsLke zx`KI#?3)@jMo|w;M*-h{9Z179e;2wcl-(|^K1aWL{$Nq4hv`KT(An!h`UpQ3z-jwx^@Ai%18Kr0DYNp$M}VaNdo39WRkHS-fG0TO@%c($Qi4@kGA~anCW6q&{t|Lt%UnH_UEPOyOQf zjm7p!_>{hIrqfy}zEt4NQI<)oZ5n~I?^wY?>|0bGV~NsULZDb>rf$|eC6M-)9XEoa zfsdRbh1U-9SNKGV-@B#7#gNcsL24d#;`7iu%-@U*LvxSW4kYrt@ zi*t=~!3-E3Xu`Bg%DZb`mUvfE5H@CTmvaz7VmG3}q02i5gAounOdP#QgboZoje@QJ zS{FnOf3PCyAwN9ZpgR$0)JD&BDQ<_V!jTtG&LAk)4Q^3;V8JVBeEB-JuWZ?aM6z=M zfiHZoU4uM5Xy3?z7(K{aRCp@Z;(udxYZxFn-!tEOue8^}_w?|?_#je1Nt;#!#ukKg z^8AW#(~mc^U;m*LZB~Unnh!Sq)63aEDXib`BmR@Z`pLokCx!JdGK%>pEBh}Aw|}y- zKiikJ|9@s>!EF8i_s|d=h#?JKnk!h*zv1(h@r6$Jn^=LWT=A1`vpYsjt_3m2T6nwH zeN;Nx+^MKr_b@s1YMpvDO0;8sF3Q$MX(y(wf1~gvk{Vo!_cCLl0`m^>=7 zJe2!JxXCBu;Gw4)+hSWwN}6@?pp+NTga@5N^!OO}E^;{T4Mc9 zRTz(HZ|b<|i21RLl8l8~I|JC`A_q6UKui1-KmVRokt!**=kyV}H81K4#$~tE9#0)f zpbQzRv8-&$&f422dIyQZX>i$Wb|Y7jWiyYwFDQ3sr_wqV3}uWy4G3IBlbdtxL@{C!qB_lX%YDJd|Vfk?XV z3*QN&IrD1#Gcg_b!x6i}LeU|EQRNg>b)!G=&2N%Qe?<@ikemkGoXX0^ogUP@+|h4V zm^HV3LM=cWvpO|vX8M_oT(}FJGSPPbSqgIe#vEW{ zJ!&d2&gV~(83?)+B-GeNP$OHfe<<(jU3tmsjVMbu_I^fSzG(B+#+!lDZT-qtCq6e- zzRKxuw$W2r67$a8e@I?kvF21B~$MSXq+Wjn8I!W&1YFPY=sx9dii-(M9-vR6~lXY*+C$!2?Z zmQ$i5c=$FC6bVXFpeIGsepU3OxDkajrW~hFqry@&ca4~2H-_X1%t0M(r+1_;cc*3K zB)?hr&_ZW+Ac#{%tO_SLoIQh0n)Tr^yvDPZIpxc9F-QU7t4>g(&*2@vEt9YncCl%B zQcS=Ur}ZSZ-nPmyFRqB;gjD;u@27pdB;DLu z`v536EkS8-BJNyl(Tu+;6}8z`d=GLSnw58W=WipB!Z~dz+?M!zU;UW&shOP>-kh zuhn}~%;dMJmHSk_5?747KA^mHiubK!(-gj2|EEH~-?jyDoR#6Hei;?J0CwzLzw&~9 zbsS^M;+Dj*SGhq}8Yw9S*!Fgz6DT+NtB+?DqKeU@ zfewA1JJg%DY$?pklboKJIU%jD&#n5_w5o0?$HK~!VwBfI4_JbA0|#xJne$hD9Qj;f z(dhLDSjP#$>6*K=4Jm0cQ>urkKV^~M;4_LnfmZ+B+HA*%je2y-6}XRFI`ePbimQyk zX$n1Nf4VM>N0ZT_4BOezK9W7-LOal|S!a9QEnurf*}_Sc?-ND-5BL>RI;7Ko-{ewE zeIhota$(SD_)Eltk|7=3PZUAA{N zRq-5dQ<_!Lh{o-0a$a^xsxQC!)!HOmSSjG<`OD2u$(Zhm1X*i-Ew^rUv^H*en>gP0 zaf`&^m1)MYd$v=(XO=RbwV8;+R_UNAB=}s_DBd}ZL}eXEe$Mc$g7NT%PBj<`+$xvt zLruC=wuQ1%%^Vo}AQt+@QFGH+!;WR^oKUQws;X|AtM&1cn2esWXYY%l=xV-F!#aPc z{2*(f!{le1%Z1(tyV9Maw#Y*ixepJ+Aw&H?ASm|P0M*61$Y6ks>tiL6qx>$uHT|I0Bs00bEy0jV~$?(L$90(ME2Qs(e8UoJJLk|65#$1#mlJU(S391Zy#(mahecIu1$*hH}sm{2}G4GEw zeBNC?5-Y*158JcHu~TLf`84JI)`F4wsD8W#jabWe4Zy$o^&tHu{rUM}^bj~TJp+@_ zR?Fi1SrlN5QdLt9S$$y#tH_s#lE(0O9~Id$Z_Jtcf(k_uzwGp`d9Ki@Pr_H@ z>Hia!}?3rnR5;Tk*@`=Oa zlJTLTapxi$)B0jmz7_E+e5$&T#d;O|m-OdP; z4-Oj)1*u!sD)YbZ=+JJNFEuH+OiukNpGHeP$ttS-;&~r&xXXxiQ15o+V)$m#V$`Sa z{ZQBzy`T3D41EV^_;n6|B)Md8Q=ZF%HtA4Ynf0gsj?rtG*EJG$gKzpmAYq`1)^4!( zT0J{CQsu}Pp&qJrWs-p*h2*8L{|}1hzxyZ2nnMXJ zyBG%?h1M}Io!lgDs|e1PZ81-5rPG)E%EV!JgAq;5Hl}FA4un7z-{CHd#$6qglNLsE z8p0T&!~T@i814Na;oI>JEan+g7VPp$2&$xEN=I&z2%WqA`S56;<$r zv_yoIR+koWMTDdc-TS|h?LQT_

^dYik_zL<|Cj!{ZLf2K^oefv;_aul*m?`D#08 zzt3@8(kX{Z{%_d|Hhd4w8E%D5+^8Lc6qIjEhDB&{vLKX?Lo?W$@!ws$4qYe^(M^xE z(qE5_O|+Tl+&iXj55iKEp6AUdhJ1oen<=3CVoq6G%E%}h%19;X-hrW)JOtD z^l*EwL~nTzbFzN9H~eQ{WW=?WdLCWzADENq&G$}{SQ2{DFR4}(TRm$Qp=y2p{rk@Y zb}B6`zJbDdtnEXtS>~HmVfKwpCHI$&rq&*5^fc{UvN;-jaGjrXEkq=NNGPHioXNlR>~J1GNoYJS~?oy=rTW@!c z2{t@`Xt8%Z7B_Euc&an-?#=8gmDsn_n{ylSomSK&`4uiY2c-l6eY+2}izowDw5p64 z8hf|47@=LoJ+`z(P1NCbl> zY1-a=nL5~jZ$7Ktxa0PE_g8CANxq+FzD!!Xu^I2lJ^_Z0I9?if7&T;6r_6lEn!`)O zFY^9#$zWO;g-x8a%t{q&N3QK6L(@jNR(fX1=&J^pUpneASX_}mHfp{Bqq-6L{zqe(AEdv0Cy`7A-RW9PA+93UwVl$*m?CyY2S0Ga^w8Uyo7!VqhDD!0>qM)vsJ}g~WyY zxpDBBmNL{vJU0r%BpGuCQhLmaC!}jv6BGM^f>C&rmn^o_ z8J&K^8yY(I$?t0o#L^G8TeWebeq~|t`pZ8S1e00RRWoxKW!-3kG5D?bk$Kr^}UR+!+!^1_&Fsf_b~K{~94Wg+aijo_}o#>EO8 zI;2`Vz{A61R=JbQmFmJ9147$lFm$zH*j@5!fI$zV(d4TMLkPc2k%%W@+8LjMYQAZu z3!f|9tP3;3d3{)E%AyT&&;0l-C9wbam973Trx3%Af4Euwf|954UBm~jH#3RZFO@_Y zK!fi=%lvbQ8K0!K?Iv&=<{3!4|1-bZ1@ORpbDs?nGuRcJm>v@O!yxGvOK}Y=Iwr$| zj-r}OEm{#aR)sPD-n!otz(GL4^Sur{(ij*tID}gFR|;+rLs!I|PXO2_sxz73D<~ua zUeMor`9XR)i3`A(hRe?Od}p{c1jaOry`bd`+ny1zTJwu)@!zfw6SWq=n5cqEzu!2< z9ljgwUsmuEG;q=9;8gs(&<}R_)gOE{5Ym;k)xPiP5`as#SB6ROi;F0f%1xyIw{86D z<}d64Dn!j26GGby-0)op1$v>MOzJFA1KpA48U~;o-k&ffuOsYIaf#Y`)aASE)%x%H z0xK~)D*kqKGK+Ga_47jqksL{Wp}ihw_~}V@HDDgPKJ?}0q|M^5*5Ez0_j=Lmyi#|v4>$iNxGe1?N8EZcouf>$;j?x0&8RZ*R~hA} zPfH#nVJa5>qz|)|@&9-5jX#4v4u%OPvVf-BSY=R19F|5=JP=`F_ty}Xk&xahJ!e zasSb{Kk)!Qp>Qkj@!GT&oDH`ozy6gnpOvqXRYC3ZP1Prz(r_ImiK8L4imLV6gg_V* ziL#N;{VMZOQFKPo% zC;f)}g`7%9v>KB;jXlMsfb^S{EjDvcjKZ?QHhjBSSV|FYiC>s6)B{a$vJtn|A>8AC zbAbQ)kQj#b!wuOYIdggCT{5^zcf-s~z5M33ar|{LygYjU`+67$^ekkJyU>n`*JDM} zh)ut~BV3nhe#;w=-h#|{b;WwSy+58)<)9_>eNC1pZy@B>I%it$6PL0x-<_a4*EZj_ zM#6`6Sz4CL+Pc&|J^O2|S+Dz5QBll(!dDkih0||Hj#-jBSe6`{&?)~~g(VzoPId2( zijCiOEH-qkw_P}F`}zDKTxl+1zmjt^rwN$Fzl;6;uhM7hv7H&q6S%-e=JKot$|ZXk zuen5aI=_5i&@-RB?-QpiO+oIVt7ch)-T4cmk53b>Nfgy1d<^5XRRygf$CX}6WLD6V zZ+yH=U#HnyUq`F_>vR97+%M_-f^1K}v@YNj_7b^AP;lCYpe(|Auil)15}Y0JeP@5D zlmE=!{SSZR>z`+_WY;x%J+pIw#%?fbxQ3FZ;A&sI`y; z6?vP9e3CSMxi%@m<&1<~Ok}3kazXMPYN3lYI^WJC`2bF{BV(yd(*tB!^|2?BYgAmp z^v%u`XtmFnLczF*We*(4rm&|k|Fdkbh^2-HL1(z5-u!zS*1eICiS~DYn)rjPtNYUi2{qHqd@22Gf%35FQPaumzEPD8z#J zuybk4sG+v&=kOfMk*I@Xo{D>!4G<k{w0* z&H6p$eFbNR>QZiQ@gQWy^$<$tv$o59MhH4I)TNj3535=4^Ln@*c14e)>pj`WJ^E$~ z)1Ah*RFh1PwPTxXYCn5~U*&tT)!?qAnwpy6)5LE$!v@b`;jnY61_(pJ|CN^|5tya? z)ubogDA(`vA7~9!>C5a3moK<2wqmPFkvjWD>%Od(^J2>IRZ5c59kh(ym|BS2XfFLg$?`g zLWVj`nqobAT`@+F|N%pJaFHYoaUsOz5Qre2;SkP z)zY>x;IOl^(;3aO6^IUHeV3UT3RA{+sQNnUzaq`~CW1GSN6dR|sT*MpYl;zrFRZ|V z;f`ThI$}3%Fg-U{7$|PvIbAK!=X)y@e1l*csL@%t!s)+v>AASQ6=#ZeU5v_`Jd#(W z`I%dg&B1g*4@8H}=VlQ;&<2xLoR&X4ieI)87!vX;mr0KuJBE5F#mTmuv{zF@Kq7g& zy`f$n^NcUSdaSKq%$%)hw@zD@?VAdhva&M37^YF?pK2bv14NfWBg6K`D#(PuCbnPq zOj@P5AQJ^v=L&}O_U+r1?d{BfsZ`lmOC{^aErp*aE~wm*4*x;JjToTIw^ZH zV!+2>CD8!B|}a}-_cA_idCeK-H1gkb35v9q@)rQY#oq3qNx$ycPs7}DkCWmpbsF)1*l zt~t~cP?d(c22CvdBi#qSAW-<1!g3kEE`S6_3T9G6)KzEJ2M%gpF4$*NO2j-Yq;M9_ zn^K!O!Me$0h#3;Xr(fo3xUi$z7+J(wI!Kf1wFe+X-QU9_;260A(@F{;M<#jfEP^hs zL3QbMfC7v_YE!)>u?B0C6TXre(0Xvc~k|YDqTYia`6R3 z+Fd|e1v#K>{&1!usB#t*`bJtF7bj4K7)NX$ock?;7v}g$9s45lU2`ZTkU*8y+#5lA zP{Fy?5svc?gySr*G+G0z$b1)Wc>+}kzr70H!)%0e^CC~m9kpNhJ6apUDujz;Cs1V- zUnIB)l2Fc0LW5wO^HG8OmmD#KTTHmPN8hPJ6hQP*C^#cW;KIM3oh#h)T*RD{SeYCr z7f!v2e>?u=;L`LZxkF`tAiZLc19#c`LiGWX*)W(pp*^Ulw?h`LByn*hW%Wd2u_lQH zQ2Z)qp&PmO_QQ?N21k8H<5bL+ul9X9<Zb2WCnkJaw}avd zOsQiJwAp>cY>2%}H{C%tg-;t$fx@D@G?DRIx1?7dE`NjO(3<$LV9$a-zZzs}h zoXP{AtFuR?KXWS8j5bcNpBvSE8rS=DW^9>xUYp^dsrD7@*z)KYL$zB@PR{&1`wcI^ zu2hNxggb6Jd_|}(PD9OFH1+Pfn(X&$DUDh)9qJ6Xv=owa)AHR4 z&Z=v0n+atex@3P-;z^#1@o*e_;Jxr5r+0=2k8*LpNYrcWu3cQ+S~2N1f)42iurOWh6~%cj!xsRnkXoI;@e;MNFDVT}dHiRXuH%!FOeZbT#D|NX zZM?l09@xbA;($rq!IKMGnS2sixCS0(uaV~T!XU@59*H{n?p3Nwvm+jJ&KtkkbHN}9<`0}u3&x+S(Q;sn$SwO!0x~9i6X)$-U-q}Kq zQTI$T?uHUyu`_eAFp^-Z(ZZ>*sO%RgCKmNpLRJP-0A@p|SAX^k@*$?|hmjxoBUSNh zKfvUJSc-pDB;h|P5@wNdpmWlPf+Ldgvu|@5){SSBJMBeU!#r>@6sIUJF3f8`_2MK6 zNwEa(qs08Oa;DYwYYwTZ#a+-5Cq8LxmKb%$C2&J<>^BpIyX4SwWoI)ZQ$mR$Z^g;#h!n6vq=5ToXMB^L5^0h zpGK~u{t_f1p%kmG(v*z7IEzb_<=wepn`$ZjqGr3YLTRRIZqoQ2dFMfSS?eoFzPA(q zBvTwYk-FqJGn7)T#6THh*0S=U>Fs4;%*~Xlc)5Cxm~+Fur~Z||xq3J48NF98cHLUR zwZH%sfy>!uOYP#@rPq0%UH|lla+#-F;w$zuQU)e0`ZzbNPbogjytHJ9AsurlY-V?y z7N33Pls4KRdCTzR%vx%0l_a(sZR0sMtr>k!nL01oOG?cC>5!VuZpY?4l3LHC=*)v5 z)&0m|XxkDLn|W=j_d(&ZO042$ZVoliBl@X!C60CXx8}mTchf2%D%4-FLqCv^~qbw4O+|&#NXrMJ#0~B7E7xzqVO%b)R!RWZC_1hw5eVuN4!P&38+8EmRWX+~JEyvm-R;(Ui zW^AU9*pm?4^l{;S?-P4vE3RfCI%WQI3P+XXXP>x=doJ%QZw9n+fn2Wk7pkKtlGl*$ z9Xer~8`EFzI4dY{$R?D^c`nA*0Yrs?**X)2c9O`Jh`9V6TLSEpYg~STguK9>HYip} z9(pSxI$X$k@A)_nKRthr8TTo6!u`?Ned2fGd(JH#xA)1uQ)|dg_NT-AF=kJB$3?-3 zyQxMep*1k^bMMc(_uR+>T)$(wNjuY)!}AIQSzxk{^p2g<($e~@JyaK4h`j+JOX1Ybgtq!k8Z)D-}TdTuie`lZr!)D6R2~} z65P8iVe0+@a5XXH__=4C;LggtA~%#lEg{9NL_xZ4g?mrXcQ$EpnqxJ4jqAVD$<7l< zQ?F%pM$7I{^jvSaVuF^UC|N!lqOsX~RH6ZK+hp5}*7M3~4RX z%S*@TOvVy*qrJE!ik;i-}EldRLA z?b3AO6O~f~FK21rj(N(A9S^KZGI6SYV+Ja~+xS7il74ggrB;a-bNX8II-V5dv||sP zMelXg>c8BU?MCs00h~QYx%TLc$7EikQU|P)$Y#9OQD0f|ZcTpb0h;0caqGQH8VfM$ za*y99(6N4L0RR!*#AuL0GZUCg&8qwR-7hlgmW4-*6X2N08=8VYQqUNls{;yxL7_w! zm#7;hF2l^{ubma-qmhiIbp&=do4I(&>+pHLa;qxmTvvf%<8>a_+Y+2H7Nt}*l=??UmFgyr9iBGV%DAIma*65 zv8my54{9EFq$U%uRrj9f?2+zj43Z|>_;~2cZ1(6ooPu3~#Jj-Z@}6uOK23GA7;yAX zmNU~!Drjooj13*q$S}W}&qOKykPmkw%NH}r6v{m2qvjjoIJkXY=Oj@AsS)Q`~1 za$K6V>3HvE2yW>CTE@NS+Qy&6J6y%9!g_#tD6HYHbz7+&)lNNfAv#ng+h(E1Pq#i! zV*>A{zNZQuYwXXo$%5f+xoFsh7riRJ7l00-f4qG~rI!X|e%7iLPDFYmgT~;Z_Ite1 zZuR-}U?r52E+EB5Q{A~Sqq0?)Ywjt9WUvZJPlw9{3H|d_A4_*M_^M&q+75-fP~^_? zn!DEBU%o%T3p|igLv{mx!8GbuPS5XB0QyajJbo+D*) z7=J%s;U=-)92*_~Zr=gpw;2%(Wvy4>xM$X-G9U)7LFh5O2Oe#N@hZWRrB)Zv*8U%R z-yKhN|M!1gMuVg)tL#!y2qChi(nTSJ$Os{OZ%#)cTLZ~XLiXOPGAbF_>sZ-4-yb~@Atmze6RbD`|;?X^3dsg-k;a|wa4@IV~!_2qzRRUaoOiqX*evz0fYPJ z4*f158yyN$Ap)4^uk2w`sEs`AC%+gM5M76f6C?OAGmblbvC1ZaC3*WHJx^b_iv`xAJL}&wf4f5VNpGZ&ik!bbhn= z@m@s@CZ-QfAvZqo1Qp&`w#QX%PH3HIoxb@g4K%#%h>%dch!GmNVWGVMCZkT^h zh}CZ0c`Kwplq!1E$JbO8q2*>DTPRVghB`1uuHJFBo&)+PDX@ERz#i8(CPf9RPXd3m zDf26X;{=+g$>1Aae%y~iMzXccR(r99SO#Kabj|jp%mg}JLiaGxYrett1O4r-{*jRT zBN^AB=^h%7K1;uv2xc>X)B3%}wX@4sL2KS=&vIig!js2?*FiGiz;FMFXSO^6+fnIQ zf+G;QM|?1p0@w31%&s+-SR2@LiD#wGXhQTLlB2-YB89>o>IFPE>e6_hCxEyw`k4xT zo~B?Db~o+5)mi^H=z;c?Y%g20+!n7AI>hl_y39}9@D@#;gNK~Z*Yt;vo(4T#NF1cX=+wJR|87 zp?kaKfM(`j`*sPYnrsa18?Vgt*IWvAGq#s!BLRgu;sJ*cogH`xg9-REN!0TfFTi1r zb?mPtB$zNDo!-lJNWzuFwdm$SJ~36Q$@DQR|8sPnmHM+S!^Wd6+Uo5B2ty?;x0CDf z7MtY z-t~5N*)r9|>MQzPDa^;>fP$1E1k`!D_E3nh^rVb1)b`A3uQ!tAM|SDDrW;j|c8T3= z>&DhsQOh!80`}HBMq8^jdbA0dYBsY%J#q-3F(CW?F-@tYt|z_V#1k}(B^I1=;L@V9 zt-7%@_3f-jj5HV^_@;_Y%tA2IAy%FVND( ztWYKWBZ`}wlIyA4lKOLlo(-B$Z-^_Bb}VP2CBH1AxFg`}zY{%*S4~QAg(Q9GK3pv; z96}MC%b~CZs*81kLiKC&96aC;>++{lL;zR|^i}~>w8@#70I*?wa(X^ENj^N#Z3VTU zL;q%bx9Rg6)*s(IB&FUr?~$_NvEuEkKUp2z;HiV9@2)tvSva8F=4zoGppOkhw+nRs zuW$$%=TlR?nqd~yfqOjSYL9iafTRLz-^`k$GL{6532s>6v78(WfO>? z3Q?=AtgP%Eoa#Rvm#-sbSWjNK1i;Hxg(joPh3eABBErX6HftRC?Db?nntjw+u5aCV z&uPXi*?}A^o5>VLN88D@6-s`&Tt4^ZgFK>gr(QCcTdVL1)_uf}z0S?D^dvyVlbl+3 zSz5IOPWbdRc!jp(7A#OBJiQDw0!CU7E?2N51kO1$Uka$`H?ou$7sBO%BRVb82dvda zt%EB!S62hrMna~N4{>rVzKM3+vs`*o>Goj*XdN}TMMY-Np(a4 zwHn+_T8u57d7hTWIbS>){OQ$9R~FB<7{+76$)H~0mYWQ)Z@d{mVZ03MGr}=RFklk( zdwbOlvk;#F~Xvwd45qAC(vnCJWksHmzN&z#mPp{MU_s+0I#jc=*$ zlEBR7Ekz(UB5WoXhyCw>j}}mI_!M#)u@p>4Mx zw+>X}^!`3=pvMSkp1BL@2UXHv{PYt%^oeM77tV2%aoVYS(%e}vT{r1Dw_D$Op-|X; z@T$r)$%U_u%1Z&`Q}^;%z2-v14qBCMeJO@4LKVRsz~3Z1`t*42U`4jEV!Cb>_UYgN z*qUoI@+UhJl`U_WNFeO8vxi;q`)|A9^tU0P{Rx2T_8h1%j!g<{Psl|-NAl2O=wS8a z1dEmOZ8~{c$gxM;4c9#_*!nctx0Z9LyCQYGMBBKWzqA>pw7l-R%LsfJJ)^s`xsC$Z z*(DRvR39REvNT=+ueEY3EbDD4XBOjL{>g=fkiM#okKH*2vguky3L4Vl>*Ih~<{-1g z^!vbLDqRHJZuXyXJMd0>YWD9e`W$kf%6Zl-j2Q6X6SL;sKj3ijqn(I?Fz0yX6oX($ zmhsTGB-X~fCwJ^=YSl)j6BE@H>(|dO=6G&zzUniafqTtSc5PSr5ZEnOIX)OBwt*zO zp5{{vTuk^F_TOFn4`wPJ(V76v>=a{l#>$14hvp@Dr_S}!#T;HnZGHSk<~yI3dhQlx zUIadV)&w-a6hDx+&tw(Zi+w|T^t__*5l0-STUW7}THFK+~BrSKwg$$l&dzs$^ z>T2s_R~7S2R;5Tdk1p!+xpBbW@kxNzn(xhQAWx)R1Li$Q$%jS_{C!JnVd$s%M2eM# z2$u1Z8QqtLoj2GSPEc@9YC0I$XO{Cpa$gm`p-}@g?3+Zo~_aE`-OdR#3FNw70ac;(~U)m?; zAp3Sv$>P1mT&qj(=A@>JOg_)e>wS!gQ0V}CD=NO8045R?!@sL~Te@npNP0o+Hd2L5v#%U^LkQv8|utjjQ zzY#ZcG7hgfGr7YEPBlh$sj$P}{;>1-RbTVV!8DL*@*7A>BgiT$hjFCjhNL`yQ@(i* zB<1s<{e;Bvupk`Sr^OB`mDLx3Ug)QUTHzmI5fIZIglGQed!7S9dzkI#%Zy^qyx$Tc zFCe4o?IH*LjNh8*`K(aolk@XJo&E)_Ca@fN&-l(uW2C+h7A)@sO!E|E4;nZ7Em`-4z7>mNi~(C z#Nh#LZJU+JR*h^u>BdNY_R`W)h^bGlF%*E~!7Fh2)s#}9Y%CCn&n0fA1gv}@{iA`1 z+{ed9?iMLr)8zy%MZ!L1g~zg}pos254Fuj(+J_uYNDyvmqslY-=+EZi0dM9LdbTGI z2Zi0&2L=*GPYE9fZ~q8}+7}q8A7+D--H-Y{H2yOpGo(wB3wkp}G3tdF3`RbI6trjF z`P8Pva3vPUE-SD$0rquP{F!e+_ASKza?4 zrw7M%0E3_QFun!HMUt#;kp{^{;WB9|AiKj$!)*}oZ9>wB0Pjx*Y0FyE(xP-SKb}!l zX+Iywj)bqQifs)^7GNA!W$EQf3wSYbmlHqmP1_A`a!En6RH= zt*@%P5iE3Il|J`E&t9WupKvT2wbW257=9c?El=i0uLzwM7gZ2-S^74D$l*&Bxc?-_ zZh8Sb7PGHB^bVx^uAKOcz6g?DN-GRQThMC!oLOK^h7BO;TdjzuDVrzSyvQt1bV7HR zU2#&fPOi0OIp)0}_rRMG63yehBGFPx(rHgJ|%zQdaa9b^ruhaTnh0$M6dTg<2DtCH*E54zO)(kk@Hu) zX#(R;Kd$D!Qzi68byw9+p7W-6YbUHON;(J4L!m}UQ7mx)X`jhLZaM@Z=cUIkK$Rx^78TW{d(T%6F+*V{YtDnN~# z)8uk1-U9u{U8wMK>u(H|cvRS+3$>S4$i*G5+rsP0T~>$V+g*Z#$MAxWoQCekJ^}`v zcj7ACD1v9imWg)+=m&zx_Z}>#I(GaT-L$@$`Hft$aGE&|<`D5h_F(PU#?F^@f6l&* zQwe+JzF0Ky?Aa@aj4E>r$2_^&9tX!0i3MH$#)h?B*Pe4c%enF{eC|PMOQ}-%UG)R3 zdk;idTE;jE?z;cmp2)f#e3G z0QtF3O1Iw)qttKL*OHs*^nJrd^?M-v>5U)0AwLt0wc<-&&L?&-D~{3c@kG78q507h zFO8;Y(BWkU*6~6{Gd!9=s#O{2}8b{vOHOh5PZ=hYeHnklkFPvrlCgZ)Ii$Qd;Rl*`+`$X>GZ&NG}y~pfCRnUDjpa> z;{3tx{e+Q#MDrjoN7uo)TKtW@BrW$9ylQ+4w-4q;YcPQj)tPstOYHwbF}46CxPw+) zorBGao(7^nYka=Z%jD1M_?z?tV%lF!`-^E0{L-`sera0Zbo|n^B){APkjMPx9sr;AmwWKbrzk)K5BS8MjB(R45$|OkrN`HYd(_iVY1HasZU+%##_W)P9 z{FSr)@vq93@%Kn|BpgpO@61Fz*UaF) zaXY7*CT?qp$p%9qDzYvhhX*5h0T4r2=fGmnZSdG$!WV;b9$cRu^&Q>nUVmg(NV!r= zC*d;aKR@$*Aq6rFypBd>MA|Y~Rl$lNcvZ!II_Hhbb8bfIzEWyhLqvV-=l}S96i+&h2cSZ8=T{>!D z;6(4XPG%GA^xPtNRmH&re}659j=#Oub9=#bzfb2W8-PQRa($j1aHem zR|TE-*Xo0Rh6!2!Kt_bb1T08kVDX;_X)m)eHr%K{sSfR zXSCmV(Ai^qjoV|%Td}`urGg7jyaO5#wld76L<9kN{R`n+U@i}h8BC1yDOPD@t*cO? zXo?22*%GG1!@5`mxKE6NBpmMf*h>f+GkE!I1tKs=p}W<^ zmR5=x#I(emCs(`P{%s=)QVhIEgB?1?;~aQYc;aVz0`Du0i`RYFcB^b*TOd=rtnii7 zY4A?IEEVi)=6(6E&<=P$kYa{S!=V4I{2-ttXR9suPcjC+$>sXN^){9*E`?|&t)wz- zM3jf&iB)mHvC{~&PYEO%Q4shnS`yFA>38cjiou1}zD_!u z57C44=>D@SO?0IY+ZlHxy=&lonD_sOoMC`OVAh9=dC#IcwTl4DOKyMmuo!sr5kHv1 z0NT%ME-hp)7r=hl>(Vp$fA|rZ`rBvHrG|orAFd;Irs+5}TDOvRh89pvLUV`BvAfjp z)cZQVN_ls*3XaJ*9kczN0P=+jAgZ! zaAJcN2*AcJYY0VlpgS8d;#qSuCi5`Z^LFq>A0bjUMb=2cq0toACZ76URC=h{bNzg@ zm}udNqE?09SJgz83>s8EKEa9;1*_rm!1SPs zz+ntW$qk1|w6(QY6~PjLCvr)fad`_uUgY!$9j*qwQOiZZ{Ou5+N|{_9V!v~!ytlP-_}&b$jFmP z4>ywFLfvqFH(1E=T={gZ6hd*IFYGBmKOq|c6Rnz{!LQ;|I7XN5>PF&$55I$NHIe#ASWlM z*nUd+%GIm24c%kwWAe!(4N-4wX5Vh~Op|%*Quba_AMV;&#Z53h+}fR%U;wmWwLqF(%TP;Hi}H(%j4W1*NoASnWN@k#cbX6Bv+TY`c^d3?N%y5QtkTL; zq$O(G!*$?h=o(c#lz8|qbOtgnCcv`+aU zz`U#RUOQj<(;#^{s7s%h-3(UFVFW{sImXvuEA*oSDINNyA~gIeDmHVP+-nPm0|(uk zYlQ7bgW*i6MPK1X$jR0Kx3FdXn2p3msQ#o*Lo1a#x4(i2TB&MV0x&LFLw%&!QsULp zI_{C>Hg5zNEL9{2zvT&ueQ-YE(3tIU|0G-b-O6x$+pIVKTAU5Jz|LT<$!z+q9LCUF|*!kW2 zYcccvEKx#M!2@MZvZ<=CcGK?Ey!!E243?4}}k(d@djgEd`>L7x$!(i7Z zefQVCyc(qsP&ZqCID>(K!IJTyi-f1cto@Ty;@3{Crmx4+!f&pg-g`w+H)!fz zn$2j-+Ipk!fIyn`!cy%N?vcp4aTm(l;doZQO0D+u*2m^9*-z)H% z>;yaeD45`~aWv$@uJnPK@MN9~Ny$9^17q$;Vd!{?sK$%%(>zwMH)sy#UP2=<^W6m& ztZ)tuOl1K}kZ=4RXd5XMl!ooS)>x;52Q(HH&SMEd^Pe<9Ueb^*&Zs z1^m*>s;-#l8e9(c+x~C}4n^{+W9n%%03F^nLMgF14;MuxBqU5uO{MzM+B-O0Oi)Te zxPKjpSp{BkHi{`5kqnH^MV;mYnM55MeITv&axJdlSg#b&M*~gE5&s6#>CFO#$CRz7#EH|(|wahva_gF6ZUo4cAw z=V+wwrZr^wx)e#T0=jk)b}mC`znV!$rBdcR@*r7CP0 zd!pKmznqoiNl2W_m-TE%Lh1TX!hcW1d5V@p-Ny;a|eBSgwd6Y)7n`Mp} z%xb(MBJ>kYF#(c@E%v1kiR_74R(AJm)D+2psC_yJ?2!AGGGpm2WA~A&GVwJqr!ML^ z`@pt@abREocq!)-LOUZ>aRXNjV1rhT&z+=u`2bo@I!bSVkSQUP5GjDg>tSSMH1gJu zYH2xQ&|h*ppvq4)`McDrw!SNyzD9!P)ngoc~9_Z zm7idvFQ)-p3lNb9vq&;aiheQL>e0mtp9-tw2!HP~VFRapk8vx-#QMK`x3vD*YJg^; z(t*RWe5r17ZZ62SM2ta0iG%u)MB)gH!&t=ub*5IY)S7XEOrJ%?93hZc`K&E_IE&pk zY@;PSM6e51I}VH3xb|C=S50g9YUpr!M zBAwj+3fkcV4RB1?eWmAQ6dc$nj|l_6`w7C}K3q*t4z{p$mu71|qjUGpLjvjTMQU=_ z)z^>IpcwNn5}qr{D%d%5Zo%b^c+AS!Cgh#w%|CA%p$$ufBtvc z=3oDllmscrcF^9?t4WfN7+INWTe7O$urC)Bqpzrl`m%QfZm8;xC!(T?Flb(@T%YwF zq=8xpEOL=eQudplpLf-hPEhKOXLrKwvz){`B@U0k(G;eAG=KieenVa)rALwifl1p< zyVY8Swfw50m2fJW;u!w2=p>gb57E>6gMAa10N%$Fx#PfXOKA>ljUX%TDddDo@}sB87n{_~@_Z2zP=($wL^3HH|Q^OY7~MGN3v0i{^0 z&qwBc-k3$o0WxlO0+4m{6i1OO4B&_S-#fT}{mQUkXhhy zBey^p)1a6YlYb7#{l}6U1VB>kNl%bs%hm(Y3{*e}?7HGeZI^=>Qo zAHMtNgVO^Fk8M6rz7xzk(zm!A=fS~Tx)ba?-4iilHt24uZJK=& z>Bku{67HcjYCwsi6&kQtfe7>FP>PBVRfRz;lzasT~`!t`dMhXjsSnRN!WTwY8EJyv)S=!X<(Iv$ZBmN zRGu*9CFVE~sSZ(lj%#M(7iRx!J@Bs`&(4eSe`r9Tz_=;ej|Z`e;p4j=AeWStvC4H; z3Ux?K_g%J!7Pp;!P_WY%^X{4v@;efsg^(Q8wu-%d!_IL!`LNjlE;UZ>>Z2$MSk zvV_{WETP_U7>_+4>lFhj`UZopuc?opQ!vL)wCv#m&=lvRMV(G#Cv_$NXua;QoSK}$ z{%+TMmSVJ$*wW|b5v@VV{>}7wrs~X+GUwH7+V%ZcVZ;k+SEri9Zpp)rn>1bpej}sX*HBiN00)^ zv%^VVG%R@Dc*EpW3*YIA5h0n$>`o%EhYQ3bm-K3O*0U<92FB$2h{@GNRt66Vv-E$` zWq+31iK2CES??NfJC$^!?s2m0h`jDbokMyL%FW3#$ZD(JcodC5V;knropC+R?6UGs z*mlK`%Ra7zc-+pcYW3xSO;-knHsg+`Bptm*bEVUco26ft`=C;}3Npro_ z;k6A!7q6JZnm#b}_TPA$Q%B78DE3R1Cp}Jn$Ide5N(#+C)Gi9e=oje5L}$iLL{8`i zNn+`$SY*m}&&*7SG#5m=U0vHQnW4i(YBVh(4Ca)Pq|0#`wf%YYMHT}BZkcrzc@x9q z#AT?p?G5zDChYr}H%mw~D%Vh#ZhER8CGN2vw%(u25?E&^(UpHIx5aL-cp=g*F;9}} z!$yheR=HtwEsN*0OkPFw4!>}fFZrqsb~#@ujzJR9T)CJgvIH3S+Rj3=t_bb!HOr8X zQLc3RMBc3p78uAsI>KSL?Iuai^)&KXAYyH*ih>I|P|B&m8UQW-S~J2>66dp|00Klk2X%%o;6+(sj)5dSuEP+}(Ix`yuaM z=dy1HLs$7)XXN@9w!u^$T@xu$j3=A*(DY~3tqy)3u*MtV>{#Z#t8!xhm@)Bs&?-NF zhskVLH)3SE-GO*#8B?mECvCtXN>14@ZME+adhN;J**%iz*pGnY(dG8Hk5;aIOrHLo zqNnRT@izH@Xxh$vA7x`~j!o<=b5Jh>Z4bJ%EMN(+d^=h*ouwzWr6vkN7Y{5^P)}~h*VbpB!FdS9aJKNCGRNh7l~N5>sWWWbKh2A zT4&b9svR}C(XYd$HnSCqtgA47)p4jyz(#whLBAPuUUFwi`_JbK}^6S$R^r zMivvRLtKD0FOgGN86$~%ep}m0Sn}RgO!vi-gchodOmb0;S&ZF6j;dbGmMd+kqo=q$ zDQ#nxaVqOw?_HZw;)-gc`gI>D4m&63@z6?TcQ@DTcku}JBPNGXPy0s4cKt38J7=LK zRKaaN64Mlxp?xZw6@$5yEweV^-4r&rR9)elnO0$=O`Ecml;xh-l;0nh7ACe3KuXKC zmRF#(E$@xs>a6!}D(|i06#BFc{HLASHgr2!QKJZbqYq;ov;o&RsLy_~iSdTIUId_f zOYatvy~A__MEPvJ@o+8a&zJ`IVZD>c)qPwI)292_(W-K*XC|;SOLjZhf}$pzWp|K$ zw=303B74R{X4sBL)1=!q=l9vMeUFXNmbbU%K(UUD%_Q0;$BZ5mEhc_OG`_MubVvW* z0_6Zgwy~mq%lHmoUXoA$V5)Hs^Md_al20$4D=LCMu*!PrOM0tv<_8KcjZ^FT=bF30 zcjdZHbaiwi=9?S0SdreDccMM8%^h;FXuyZzBIqqlm5O!4`C*a|dwG_2NDv^pscyr0 z$}zw?#;b@V1S`;h7$Y_28Xb(^ev%NpoY^QOsh!qC3MR@q=5)kNsjo*Cm;1vA)!jj*kNC31_>N59W+%=FP{WQQug$-eeRj+lI0 zD>zWcPnOx^OfaMPIk)tVeOxB{%9_PL0GFwpJLPDfdukq6d!Bcu?kVb92?-lxyJ)!_ z1`B{eX_7?TMR@M1Ip1kFFpj;M@!3TeVEyK}8M-wIxg=M6Z6K;t*S&OC$zhSh5Wb~U zGH?MWpD3gxs=(BWsc}0YK42r6y)xLysA@2@@oCI&(|RjLh_bex#nY<%%VsL+?yiZ# z+&`Qb72b3*@MY_rlK?tKzPZEFu^ZBBlC$P0ERg!-I zTl+*#eC9kaBHP_MUQz-*wR;q5<~N<>G@XZBt@eovW!?ZRpIYrzW;q}vDo}N(T5ebI z#GpaK?>n_V*a&{r%4jos!Tf_@agyxW{3^5h@J&|tvy3RPip@aS!;)93u*>6dj#GMlo!SrVU=*0QnOBMkxA2U1>@_0JRyr)g0=b+@Z3Mq8SNXEL% zhpqPt#l5mBh*r9r&|P4+Ac>x^JXi2>z_`BfV~*2AXOEtr!$xgb z_e&56HntmXwN>q)y33rbw%hvp7(m6$zgC}`%=@jv3y3v);4;Kxc@?9A)`WddoOduk zDK9w5yGjm{7MCtv8Ugv;rTP$eq33DsYt>$gJ53(Il{OJu-b(B0Kpkp~#bnj+oaK;k z8dg3+0wReRrtIcUF2_0BT}cs|RnfOrppx4Ju3O71pbTlRWJgzf)xO?OyLn5)dL|hvYOSh?$_;O5)Ee(Jk&PBv0Zf2~w z=%!l*Y@25YTz-Dd&0ye40sTO&ezb@iU*%SV(=)92(;{y`r-Er!ckDui5C8$w2TRXj zu0BcmPk^n)ybHJdTLdO8Cw6sLjzYn7fN~pMXzHUX|58Z({^@VrMBaP83}wcPP{pE^D`8gcS82(`G@5u_<$zEk z(Rf89`XKJGKxI*PWCU4g@kVuKkHl$ek(OfP!sdPnt`(`Xu}P7U(+iEOz#oY9vV~xogt9JkTkJf2w;CMT7@mlOb~fs!{Ug7ArnG44zx?i^Q$t2!8l!rmTC>>+0u{>`o{Bv2=k z$tMo8U01y^6ke6V$)M^vy56&%h*+K5Oj-uJAia%sfwD5`0S?5f9Wf2PV7bf4&2sC{ z8sdycD3PT1h_`LpurW*6GRnG}%NyHw!0z573tWanOY8{RILykurCu##BVvwl*CzU5 zYP+m=n>(M(lJyN|<;1NMmfRa9-<)sm)JGBph#R1*Cc^JB9@$O0 zcD|zd4yYD)uc*pdk?*=QTLkk}@ot#8Y;9|!0$KoME}tuLeD;2Q4wt2hfew}(vH9Q< zpt(rpMKVHsU7+|u3DgE8c%4_4;@$>i#rdJIAFY82Zpk4Es`eW5(X^kH?o7yr(fxQr z#?nJd=D>TqDeC|*HOPgjp4!W$;p^G`2skw^5XXOFUKC>s5-eP@?*s|qfl@LcaxasU zM?VS;2C|6R9gE$3$JttRNB+XPdSO?=xwGt2de@N6h_!^`9r2>K-vZj}${)U^Tu@GP zA(Z829F`?x;fD?#O4&_o@8m?zrBRqjjw6~N%=r2|cQZExX$XdrvL*sjtY;rcfyK+X zy!iUk=u#WqAXpkF%ov8cdX3A`DpW-T0M9Y}IfO(HeCMZ;4*}s3Unk`7KWp-B? z8-sQ7teY52B51M!h2d&1iWUP|=xmyTyHcKc>e>amYicwD`Ut6anrMQKgo_~S(c0RI zE97C=V*_-VMCmHFiLVZ}orey}BqK-$8rbMHOS!KIQPu$-!f7#Jp}+bv;@Q<-{d^61 zm<&v{$f5?i>_xYrAOXq1=&!Xi4PJ3^Caa27werPJIqP*!aiCPk16m{$t}{Y@V33Iy z5vKu3t|d{Ha_;>D#p3&!#STTCweXLPjRk2gT=^`UZ~qK6q-kg%NFx|(Cbc+#o6A;M zEF^%tNz_h;-joJ@b;CeT0pr zT+mW9n;TC%uvG#|;w@OD>Bva`isQ-&X?FB9-NaXz+4+W_KN#z6BuJ`(EITYJE-S$jp2alI#dcpctP*gIC<^IU@a+h}_sT|Os&a%t7MiBaX(7{>M)gz} zl+tXkSv=Lg^{rW*f=X@bi3lN7n<0VKH{5-;x2r~rIGloI1ySok;oa-4aRH6LZ|Z zR=?o6=+j;5UAp?St2x=1=(!Q$-=YTByBee+;Ie4p;uR2UYlbO4_m_m#Q zO>%Qc9b$c$M}NKFMAdckdAIg_N-2#DsC1Q+sT#l3|6)q3mVHuUD@v#~m^(_}#DoK2 zW@nOfg5;RPbI`q@ern;u^kqKTFxK}whEL8W1`yORSaRX?fTG=c%_Xs8G1f)URj z0_|xqqyQ+?OWnFmeg?^>FW_9EW?Rb%T*tb}W6;HbbA2$57Jih2MLcJ%Q103q(qGH0 zlhf0$cGK+PG*Mye$F)+ZfzEKfi#Ja>@N{JL1{@3mhfzzP*bW-ezg+}~-d><;H% z(3(Bwc#!=-bSTC7z4t4m&hJ&4q&6A+bZ4;bjIjn;{>qaK{wsTLN1j}j>| z?=h(!xoRo7wfpzq9%~wR9^~ff9Yc!=iH%He>P*R%qNh)@#3UNXy2kE&*$@xMwze*~ z{eTdxo(T1!4Ga!8I!~?;D|XloJrAXSy(uH)t)gckzoup{0PE&_UQ&W8w2}nel46O> z$vMP08`9c3+-=|a#d)nw-S9P;TIS8jjl8@({@%Vm{#&Hn+}y9pUX?vl1Fb{(YTj1Kh9u^xVXMME0&LfhNh@8L|zd)BufXqoA& zz;0GtZ}*gg`>WfZ*Wstre#Ur?Uttx^*R!`50Lcfqhe5G|MVwZ$c-zm}1XF2ZYU;PP z7Ho3IEH1C$862rw<>D0)qn44mXEWVyVy=;Q>~xv+ZLa99!vSVap6!9BIa2hRyl2nSvazv6q7CYU zZ=WZBBv~Zx!ZGhW^sc)ii|5(1XNd(B;=P)^Y|o;M#gZA|b+I0;tJ8P3=ePvkust-e)dWmX@??L%-v!%qx(}RVqlz$vy?d zSn0TT_C5k!lX!cgo&-`LuaPZY01z36x-Vi6^@V<4u#C;l8@G|A7~eBgLIp2^@-iaT zH-i^X4JM^McnBC)5vlUfJ&1|H?G)p9`{ZS#s2MeG|EtEQ1Ng(8jJ@`TbKN)ymc75< zsu17ncgO4l3C%HGGjE#qiO09pA-}T&|6o=1s@qA}|6-d$|CkV>+aU$=SvUCaq+GoR zVd~G+kjjQI2Z7Z_!nWm-%r0BjV!0T-SyY!$<^0Q+$@F&;OQupKE1*jv6&MtBF)-%+ zmdkYeWO2j$By#<2|BE)AhsAT^)5NJ1vH@RvNt6DmA+4g)wl4a$2U-d4JbG1drt>;C z{2}RJCjmPd_B^@Cx|j1Z>XGE*@!r`X9NisfHO99=lpCqOn+3=s)9%gD>R~Fd*vL=V z)s{nHg|fC~(K;|V_I==J5TH{KN9cX>{Ct6nT3Tj}3)2r`GuJfoQ#iv<&-z~v5Pe=z zAx<@a2CTGc#CVaCKhMap*s3Tf5PTHs^;x{+^kE(s`5p5MDsDI<&IU?@NF- z;dNRwg1`OQ0P57SP!bBms^l8dcX59zNgvd)2AK|MNB8a9XNY>-eEi66#R~s*p4Vje zX;o899K=4-Syfi)57Yh0zdn=c>B?l*t9hI>S7z6vD)t&;@D0Ys#;}VNXqEA*$JSme z;uI$@W3SA=^UV6(`|)e=ZUn+my_dH0X4HU@f|T!I2r&H=r$cv981AM!c8lZ=uQYHr z03iN}2388ehW*?o)^dGuN!2@>YZa}MVrM>F^DnDN%MkROtBndM>%LC%^1x*ovPX-^ z!otEOC9h+}tfEg@H{3RJJ~#J=dI_xmCX6Fu3Mn{UfzolaXc&XprCJdHj4u^GLbTyU z{wU=5FzHm>yTLZ}Y`oVB%AcqAzQggwq=f;NGD_yOhFCT38wavHux*@YBL1Y8VWnWW zEVJj4l-Dd;pq*6|3=qWDDdplKjekV;Qe2U9}Zo-SG6|_9`iQvCvrop-@(#23B=03R8}eKPzPw8_;5QlqOlT|b&K2yll&hEsbkZuLr{?!<+nXLe~($OMa zmpeBmc!iOwtfJ|6VdnN9Qh2b!bBxGIvYZn{`-Qpm73;Y{HcRKyK8W~!Uy8H}))~g5 zIL#4xz(Vk9Nuz&0+Q%LEDY9D90~6a_Qf0NvNx|d8v)kfJGdz_h)8yLUwH_~M1R$c^ zgM0@pr}O!ryg7Ur-H5D?m8lbk#obQQ)(bCaT~8L7Fa@({OE8 zjⅆ-V30H(k|q&{Gpdxg>|Va$wq>%Dk>^B?Z!^rBF$5_=f@ElWCy@jVIoD6|B!?^ zI1&!dgWhs9`lHElv+&ioTDL8s$AEiY16-2(SX$2(ykIO$aQuuvhX3&O zqt@s*Wg|^-bN(_O>;amsBeCn)x6CwprXc6m2((R?eEn5u^$@cq!Rnn*Zc9)$xn0c+I0s` z^>@QvSoAMi3JGcA2drF1L_cO)S+jT^#C&nr`vGv@^H|B6^e1^L+#?)&@tBnjSD+hrgRlMDNPeA*O50b4Aj$tfV@PM` zdSv5>uIy8?{f(ZJB`n&o3cQlH=oIdq16C0)cUOAu}Xf`S*--Q=Sg z8U4D%7VhNS`uJ#Mw+$Rd{K}1iK*u%y1Kh{Hn9AVE$iCZ0f8fhSn>v5*r9@0@!+n}# z38X08lc2P`|0d}v7JvnzED^9!44gYf1<8W_yi`1fooj7xr?&F!spZSc6PMTtDjRX$ zQ96;$y7%P{ zs%A$tT16%E-i&U`ENxizhixpEL^TH*OIm2h%=J6ssoVkQ(MqRp33dQfo%l^t{lBc~ z|18~jz5s7Q!IeFRsvoVF9Ekm+*ktsT^SiN$D=o!Nee>(%7L>*kYhK2d59Eb1?&xuA z;qUQ@IuH;Sk02ckR5n#Uj(D%(=R{J8ok%OLn?(paS<`6QByMnL>%ARMLs?$bf~SBb z!diCR4n`@XvmF657pl+x<1fz9;-t@to#rgM?O5r0N3neAINjA()^E@V`aVbI#+%ES zEKjw@8B;4MK`p#4`lnuel&EY!a{yv%d>~TWKEI$2;W-d?acQ;b6VmrXcTIA(ZcNNf^b)3T}DL=-qFBQ=Ev?`6VKucCr{f8c?9qXdHZVC6M!ahTz z`FZn@A{})4jf@ct2tSJ?77dL8jm0grZx(Dc-Uyobz8w#_2l%{1M2~?YAs7=TCB8b? zLw3}MTQUfl@UStRlaA*B6zxapL+l~5epdaPN=E6+o!mimI=Ot~P6ZK$=J)XWgC6eU zWm6l7O=bg8rwC!g3V%@wXHTfzb^w1u_ejE6D8Zt~(yw z89rWYx*TaU^|GMtP{O*r6O%CQVEJ4^H{$aJkg2LCk1IKHTEzJJ5^*u?V!`n=E1*O5 zJ*odJ7`aWmjeaie5vZp^jTF}~^4(WZZ6p**+A^*MsWvJ%s}6nY;hIzKuwJDD33 z0$=koz(GL)|E68*;#_h&5CS=FQ!%{5@HZ{`Bcdls=d9oSuy`tb_vq(p>v1;YjOm~* zZI4?QJv_JC*bP2ZgxntQ&vvybA9_U5S{9%7+>96Ryv3`*7{zofy-XRL;nZ;pW`fRu z^!cM0GpudX{HAQQx|PaiTJ?gRoytv{n!`)|#?j~4cLBv07`5Oku%BfnWWK4eJKyq# zxn>nt=V>ir_8C4rXhOUiq=;Nnx?Lvtp)su71@GDX2pRtR%(UFl+iE5Eo!I)3hcUj- z5!TM`R?B6*qrDT+EM^hS7Q)r7qr^7L10i)Xip+;}`y$g^>)(*~YH3ZsVm=GXSUCD~ zcmr*y%t4nGQQa8-naG2Emws2xXwJ^!l5n@v8K5)j{IJWy^d$IR zfP~9Ln!oSNDCdMM2;l0yS{ETqw^_^1Y;dz zkeHAJ9Zwe&on*P92M?1^I2d7P&8=cS+Rx)#7~1o}`JbJRt5uf*(ncD3^?T0be=@2a zFck0;w*G9m62sUaaEM8q@6ey4*S?@@h96Gf%)gEoV?Y9>4x+gXZkzE}DCc?proiLm zWofP%AZ2|}GxR>)u_L>H@AlLU8C=*o8QJx4?;kgwZt(B@V=C}=!1(p;t|uj3c|?Gu zPhg9K%grE7Nx*~C$>EN;&F4Qt>Wh13C7ijKUB5_~_u23+%ccC~D?&9zg#=2$#L6tl zCB}lUDowoYW`9{c=V?jA+!ddwWw+RFyJMRQ`|EPzs@SD1rv^z&Kf1VZ-Icne=d!RR zjM&ZtMNkZ1d&yuhJ6)Sjwh^I^Mh6fmQHbArLBQ-)?P zYtxOgW2K^fiDh}*rJ}w3A1}Qd?9riZA=WET*1jP1xLfVpQ&#%WaFBE zplgNuBE(icW4lYYrJ!kkljC?pQ4BLRGn#(ABB;q=2fQCg6kyKW zR{CPNdanJ?BNq35RJcx%?b{z>3^9p9^9d4*aeNUME_pYy$0r^%OXzmD^6{CiU zUl+O<8bFLs-K>syte2E)zfY9Xb4TBXZk^OcQf8D5Z(;wk2IH*g;fdHB0nf1#I#qj5 z7%av^0FQPz?>Q?7aAd?e`NP|*Q%)hFezzPfWdnM21V*O7`Sb)~t<2yTm4NLR=@4ZSd^~QcQb%*u)uNZsnd%sk9UvkV26;6-x@^rGYYLzu5U;=MS7bL4}>P9PmAPAuHsO*t-qD zz!P(@kM#%7Krb_t9I_CQHIOUVnRSyI@EJe7L7O8!?Uo_~_(6p06*tu5fFH0MedxO2 zZQ0R_5tf0*v1O&t?V=zDuR@k&PBT?Z0(;<<sUa88&roxle>2cE{c5IJwUB2lD`#3YD)QM;>yHBNLLR8*f{BHLEprYq z=AV~0zxUr?J@_wQ#Xkjs+?G{%JLs|9WMXkAcxS7ZGchTt1S@3W`|TT$BGf>wzIonz z5Ykiirk0C6MS8sR@I&21Ssc8iGzNqlw{Lh`E!sZWjcO%`KZ!0 zP>PbEmBdaxwrM?=HgY^7My2&{DJCTma0#Do(Bmro^jbpyh6vpOk3|i!(itT#T>;6aa|Z9$d%<95(+9)fL1uyA%vm1Ide0j1QU_v?J~7eY z@&1lapBS^;*Io)+4SecRnEI}6kY|9ThW*|V3h%5Xo2WADtof8h^lwNqkd#gNE%&4; zXl<3g8qtiy)A;rh-+AC){Lu202!ZJk9nl+n_oq$aTxHWI!v_?< zQ*rQGr*qHPM4ih_c(}fZ!FL1v9j|yE zk{&=lt!2coY8bZd9O9s#2ZeW^OjPKYw`!hPwIh_jdx^p8;te zZgMKc6x?50sTi&7e{z3v$bNN-SreX3UFaML3;3$y#@(QWDF-#nJOLtYC?k!|USF+LX z>RnX|FeFjKOB^%#`~ev9mYhW*;SBjZk>6e2L#vEo;UC-QsHgnwiONdZ4d; zGY6~alH8(wc?{p9|9Dlvok@=bV7u6!0}mEGI#i(ed;uzkBP8wG3=B)Q{~u}Z9Zz-t z|BsibBvDq8sD$jYw-zPq%HAS-B`fn>M@h-b%qEe&_f{banaAEEJ9{4I_ju{5&-?TF zT<`bQ=llEb+zRLUd_MNNKRVjv{+)~bKOS0PW4|uGu-lU<(BYVyT*0w0?RU3Xla?wr zuQYj9`=_p@S2zR8woxE*e?pl021sFDa-Q}ndM-zxUmjYy1m~ZC6?;`P-n4m?y z{OYR)O4uD179(GMKq}?$@AB0()~*=aRYm@~fb>NW5^AZ0eM+EjR&OY`AlYmdNQ1;( zZ8l2L29KjaQ<(KAAS!#^EI;KN_LO$>6DNAsj_FBIY%!Alyt5p4zgj=~pG=A7th$DP9BT&=68TFU6S0 z+E#w`2=x9{rspaE_o72G^M{_SJ+@h?ksdq?M^~UmoH-jFX)L1ChkAQ|ra}Ily7_s3 zGY!3#_^~CDp>kp9e^qXCgR;oqH3&%1S3w}e^dp!FmIKQEW#Vh$3z=0K?R^n6-alBa zhyLM$KlOR?BQ$DzT{OoQrK_$|Vx%s=yZw@r<#YGpUt!#9=3%X=7eB6=2oGCe7b*#{ zgG3JSl6S}>?F9H{la9td{{O+PKfmF}Z~oVDQq_hRyc}zbtcO&(C@TM^yTg}bSPSz_ z{!i?FIB}W4RhK<6DF=DoatNhHGqieM!&g)1Ejave@BTZ>{EdP~r&4Z4W(}V7+LjBo z_x;!ImA{T0*9xkZ8cUdsLgbV=5p>{R9=SIlRwW6(A5%bNe!eg5~?Q!60> zIdQ3NU*;ur{l-~89Cl!bC3jrct;W-4vT@M+i{UA}L{g}ku+(zZK~Qu8;+C1X=fv3r zQ>BNQbJ?5Ks!Ocu?5r66)iGf~+SmwgWj{?tOj_qej=*o}V{WQXR{HH<`D~>eRdj}3 z97U;%a28Ux7%S(>3zl|`W3*qD$Xt&L#_J)riWrc-Y|e()c^PCl+CC>W1zshI?-2or z*0%HE-QC2>8FkCD62UE}hOT4S@(1m`#l076qyO*M0%zzjdNph;NIY*S?Y?D~MBHgKZY|oyU(*r-^YqRPm~Xzl6>-CCTBH5h+( zm9dZFi`s`J^##?5xwWOK+olc*Tl}=+SB^V)KwbQT9ueMk*~WR`{7bV z!~wMWF#${yL|e*;f#6Nd4q%}Gx1;Snxta|tG zhJt26W>@Fl0A?}0J1>~W8z;_L^;Y9@dfH)vM<1M_VLSo)#)X8002<0g1AWIX3Sd-_2wLoqg?hyah$hMvpexRhksef1b0U?mOp9EihbVS(%YsEg}010zoQxNDG2 z5wQr^jNW8eguLZ)-fM>J;Z|BNeav1$4z4;!z_na_+i#}vC(_ocg(A5#rQArRq_Cedh`jhWKJ^KhcB%w4yu=td{>s)(?TeoqVhzMeP5_>y+N3e3*N$I3 zR@1TmiTvD)d0`Si>o+MWmsX@lTKiW!V)yf&^eenPburr-&ihTuXVRR66Du=sXqdmck3}a$iGXh%KYl_|@#ZAOQMe_vyvisB>kem)z3D&i;832?QP z9n3=wj!d14$&yC0GWo?@X2_sHhVmEZpOMIa6yEWZx82cVTbEkKsit5Ma1 z;9~8x3krogEBJ^3#50_bWwR!lq<%g6NJ2`Apaw`_MxrRpc$D(#A!FLfyvU5lIa=>m z@$mxoW^7%VbH2uwVyw;DRXk*0iytqI0)Y5A5{}#NkF{-R^rfzKAthm?M@$ufMz0x0 zHT_mr<4N9=|tM7hWeNF`l~FBd3XzM zy0}Q?=NG89yvaZS4PV+a}UuEfk=M^EG8pi{-YWIhU8bAT16^489l-77j-2?oG*&-W7z-)Tp+~yM zN&J6~y434uAgdzmIew11bakEOEQaLdrpS6pKuQ+8bA zF?~U0q>4Wyt$*!5^50KGpTrb^C0Ya2_;B51>&0)+FTJFax29L!_vvH_-}+kKxN&0) z<|m`0!&Rxt)f5yH^VRUifC0}TU5q?Q;9>V;M6u_h@UNW{dCVmjC2&%At0?v(?S?od zJG&(e4O6uCi);`TAO#+t!0K+b<1n-K?b|~OF>A~6Rl%vc-K`aat>p=rMU39s@`^?C zv>m!q3I!&j7HUA5k00y|n#_LlDJ*O*(T?i@`TaVK_u<2#DZSA3D&zQF@65vKi zR9#&C?UTas6Hz`Pcd6>K%D=r=t1MNX|*4ppI;iUuuq+#NUdf zZ{zb6I-LMshin;jAL7Dm4*|*7v~|l6opT;eTjIo*TeY|_P{x0PPV8)K#d$(jfwQ#Q z1FdaseEdY*`-XU&0+s~$)$B3k$1&;P+TKY4G*-G!g^-Z2Fn2sbQ&SVvr-Gd}B;)?7 zdzU*ym#%^}MFAb~%1;LUcOPKr>}z)y44vJFAAW!wnDl5zEa(YrXNMpBk^+>Xw691f zRxobGM3(!4Qs2YwBxGfAifv5L)nDw}kd(rR+$Tt!;G+hHk!Jj^WK#1&t;o!#e7#oQ zzxE|nJ)p=ZAOkEKU)$OO!|$40YxqRGY6}c`j^O{&x{+*i(ASbzN8&S*#yw8JQ`kh> zY>A%=u|uZ!O9NAcF%#gZXKaX$N4vJr($Kv8;6+j&f5U4O=RP%9JhoT=CLvE)L!*zi zik^Fa*FY;?!bQj>KD^2y;wW3b+GwlalWUk`H{G`M)njtf2u*Oyyfj-44q7W+l8KD; z@|aD`{|-n(oE5xdr|e}*M31(g`r6IM&Ot>6Nzkd%26U zW^S+oKoK@tHyf)4$Si52!K+p8seQd)$}(aA)kO+ZdP}3mu~byCRg7Kf>SW-ofg%nK z4VBTmw!Gjgk%A=DrP~D7kce1^)%*wG_df*U#1|E&>k8=xHg49f3sPlTpEjU@Kv;tJ zn2AMNU8))xx(DokQ*+Azyl%2G9KTV;%EE#za07w3XcpZWMeTlQy29559J|6&Mw*Aj zKhRKnct`%GV!O$1T^h#=Ue?gs-U4%&NW0kE+Y6>saOMBUX&dSa8Pe&6vn5QfeGoC? zlm1hJ0y*pZH)^MT`P}$NrN{1+|Lg@I-7nWQQgCePL_VcBD+)amX9Y-c%bk5=dzNKy z%3Q8Jt?O!}crSx6kSFNXC=n;NX6+(2ou%>>{fWj9gdt3(_swsi~5c3^X0ou1SaDQ-Y~kI`V0mkTh8xVQNhwA|?fe>XPOU zND`+G$xzA+v@hnt&O@|S| zncCDm3$d9DHU@$}JeWogi66v;OY zG%K?`I&J{afqWe?e?Ms~&I{$^kKK|o`0$LlbNjS9z)|or$K_-oO|mdR1qWY{`dE@# zI%{B$Z>A2SdA0LyWs4tpF32P*O!F^^SFL_{{0Q^vTSQUZRU)o^Xpi7qak!5#Drup! zJM)s$CxlhCF4yogjMHA!(9}#QDFHuUy@SSD0Y*4fZG~fy*@J1PlAoQ_|H;SrQ=*eF zxGcvK)(nu}Fu68Tf89W{6C0EgPB7rUGrzR3u{*NqoK-yPy;;38L{j@DDvan+xFj8*K+7FEGP=6*2;mv z{AH-Szbqb+!(8{t4Ux^8yDPFq5Xm}%TNQ>nxZhEa&L#9YK?06k!{dn+&gbu}wPQL zC4FZ}#q5ZUw$ z2|M%71sRAGpn6?e&ZmlOrMV=*ga1pe|HB7#2|2T>L7yG?{#aEodu;)0H6&P5BXufW zyFYGGmzx*luxDtueGlfrZh!|BIkZ~$CgRKFa!E@}S+`NDtE`PF**JIx^5%`7`K@~A z!gwMKj|e}gx?owElskQxay*Z{_H^ex?pbDE;MX<*YEKDXP}k8q#8aiCv0qoygE%eX z6!flbFUdyo$sQe)t}orYh~hgxOm7+3g0T~iuJ%}+vjYrfnU#m^1V)L6OZZAcSjdlt z4#v{3y|V7N^GT5MkD+{|kg7rM{60ysWihIqrj+31DXk9)No@2GY3IPGJJokJo&d(R4WTt)23afV zhQTZtL0MXF{h8!{3~7H_Gp=`d6DAgskYDgtAdV+!VExEw4MG&zmDbym6i{$hEr8EQ z+r1}o=_6U6!D6Kw8FiP@*u57nFA3RhM=mXUUU|DC-?fe2sN!7t{G~xN-llyrLpe>w zS2x!03Tm*tc&u4i-eqm{-cw?RmNn6hK}|(sw~%Di#g_P-j8|#ai))bfaCA0|p7loc z2CdXNTJPyhJ|l)S!ufnwaAo7U6@&~b^Ay?`a4GUQLx!oi{=9ZO>i%|{!R?(YD%{!! z+W#&(&kDBpURCWmwwvS?rk zx70EkS+vVjTIO;gBJ#6%$^Jx9+%BGhfz9#*-QBjyywP0abYEf`zK`WjEBjN!YG3DO z-L}jXrnn)xUcu`dOb0*aOT^a$|7@~=wI@~LI(#kjV7U3xtdjUI!g||3Q_sMK8G>C`BW&*hOWt_KGBfOR^+A*3+z+M*OL$1zQvy|Dc`X zWG-uF@dayUiEXpOX|`%I>H=UEl6D*I&Y&WnU>-l)vc7^x3ET7fFRGYC;?eawU#Kd8ualqbib6BppXH%+5Y+$=%U#MY>=~l@I$>G4` zrh1qeX)>kd=rS3lF;~JNYQ5V_Ge}BTvbX(7OllG^lv9_))~ZZaCJBw3#?v=(dkc$o zy4W>cDTmV?cCg7HPyJM2NQ`L^cSqmQUg1&&rH}y=)!QBE`cEgK8jB_$EYj_Mjjh`m z+F-I-tk|g2b)9J^Yu+far4V}e?qy^ndx=$Q9vIx`4R!3~54i?3#$)pGaN-v>STRad zQ{kvYTVpYB!Is6S8a6PHRRi$!9LL4M%~;*-`ywS%CU*8soQoeNky;bl``GFRoqx#P z(y;{t_bi3%*;~1Im@W%B6=+?#zD~;^jac6?}h)M&VKzD{PE!2 zoDA~&1k;mKEcx`NlXqwqFrYW-Hiy05C>-iQBGIvD#7??y>rSfLyn9QoO_L?JnlW4< zT0sNk!F;L{=5HG}8dJ8YKetJ4J+NMUywk_{^caKr=3XfK*!@Gbe7=T@oa(lxE__cl z&w4SNS(Z7R7q!4TpjcUuw1e9f-yM5;;OT>C$01vJB%X|Q|MsM{uP-wEo!XQBTe1{t z0kn((14qL|w3)HPLzx%lxsKi|i-afYSiz$VISbJ_G7rDDal&8@28*XgO?tSc)E zvOSZy1E~_mt3nvrMXfNJ;1GPgw@teMW2{@Ul(ad{Bqrv5?sKL@eA4!6dNdEtcu04y zhkK(`zqxl>G)*OgdZ-;?0@A$k-QD+8TB0L9k%tdH@G_W^=p;!%-dKSp3xF^ zkst=!`c!f`rP;n`%J+uXiCb-Nag+QNS8Uyz9M_pAeO_gyhyk>6`C}W#Z!DsUR5WS< zE|ZZnTEQ{3MOFjO8b?(em~SkvjtjR>5G6@xvXh&I_$_q};VRmxw}N)OO($b#TqAsf zT$(JvNlvL%GTvR))jgkO>UPC;DIX~f$?|2;1TJPlB$ET1HH&BWq{d>aoHgz2n*2jU zyG(t5tkwY7m)6!-r{~1aaaPUj7JrZG%yGwVLmJR;eSIBViWf;qNi&0gb}A$2RjC~Q zwaRGtz{2ct>7PimFMzLoB`#CYm?T>Lgdko7JrRHL>4LT?Jc%_f$>iQOuLxf8` zzRl!ou8{^Q%eyZ=LMh}giUr^GpaMy9{q=l`?uf5R;_huUfiK@v&E=bj15^- zJ}WMAfJnU4YCb(`Kb@ibNdPlor%~LlG*#NaB3XIhiMabB=XFvephgsXUW>13`!4u% zNqV1D?~U|x>&6fNxoUd5#ks^d$n_{sQjZ}Y4YBawYit2f_n^;>Is!RK=qH#~X(J=fm8_K4VK{Ot(LN(Dvx zZtxe>m@NN91#0BICz*~f-_D!sO?wTzTh!C-PMNq*v9gbAdwLF2KH&c@Zy2z%l|uc# zEhlIv@W7Mi=H~XKPaD#?LB5eLZk3W{7C{f*1Fbma%|*Vfw_rs0lnwN6RepN?)(ps@ zY-!5oQ|$w96g7Ja-4iui`Dl#O<3w%?Q`J^v)hoh>&a;cS!Ob&PjK;~XH7e7Bo1%;E zs;=YP{&f>!+8SKh^rBwYLzUQk6q9H3^~K#Mj>uv^IpO*yzHGf*oFlUxrJPvIV3^Cf z=0SxknDN7sG7j>UI8^u@_D5Kv=#8KX@?&O^OH=~Mt)OY|J{Wlr(01jU8$SfO&cGHhe{Lb9JzNUVykTIcbjLknvbuBbM~Jl zvFcNP_?0!*Nv?dWvnqINcdBalL-9nWmvPmBi_qE0j@~1y*Z&Z4YbjS(h^bj*<%?Rr z$sd!(XebcAdP)J)qLlAm=0S$!@!6v?fTmDQ_Ir8vIs)m|?oiU*Za1*x@3Wh*EVzK)^~{<`A3y2dc7Tc^^4d9naB4W z^lFr3*S7GYmw6lBVJgPvtzTy0X89S3*={eiP>lvJvW3TF6AKx_(!aEq%Bgn{XRQ|m5il~WG}+;5PnRT#A$rkRdp

^(K>8^#d0iO=k^HpE19_t3Tp`l#E_gnd2oi2s%l<}iDZFh(=-QBeu z2kf0N+TYTn7uk4~Z(uDB5gm&jO2Xr0%%;cUysuAHx!zaztYcSt*VCn+v=iG{KV=MU zeEi%+`U?Qi57j$rWHI0@Ze0`lxhQFA2WtDp#>|iLmN4BvKxLstMq<%-27{V3=RQ{z z#UFYhdpN${L3MubSWgHPc%tmD@EydfB|Ls2#>cNK>G29HhfjeyrVcRTxTpG|ga}FJ zsQ5Gl?EpafUqdPSH#ZSW_!5Cb$sW&q%j8<(hhu^E@?CS$edFzb-)Zf#BRu-1DH8Y? z)%TQ%-qHd!sH`fx*&oWTIr^T6lWntc!!x4qC9pT+Z)o+0hZI^|~)O)_QL4;0iC6X$;rrXzdp*>?mhq$4b7S zkbZ4J(i=j>`8`O4_|2)lie`I$eyDhQ1%XB*w2w$1VYR#s=#K-NqFXxJ0Q>E{&=Rf*@$0&?RG>*=KB*#;3>E)%>-9VmM z9o#GNNKy|4=HkoYxVlIyq519W1$XLu01f78o=WA)C|FBI>$q#{J**|1gqEK~gN*&d z`c`ApN8|@L_P)W!u9uvpCcASy>JOEjyBfvl7;Rn0Xoh^I#BomVJO$piOqC6-c)jZx zcNe^D*UU!#F@Q6hp7vtOz|W-6l4+9S%hhz}EyFOszA4)~S$(DUv%%NQl-DQnCd0-+ zeV+mc&FciMH&SFnZKY*N@f6+C?E4rHdM|6ZNXJE4%c-GcX)SW`1x=;BREihp>|MEWd|XmWJPo?X+4ze-PhH zzw>Oy*o`Qgx-&~Lj#cI&0`x-$L3|FEV(-#?LAa;>E+%}>vF$Xj7gNqSxLK#$;%bsQ zxtrg5*~QKJ@rT(l{=wZzLSj`ir)w;6hUEb65 zu)+S$7zP>@#t?t&cHM27^kW2+~FvOH^H;iHpg8V0h!x-pd*<{`*tf1DZ)AKGd?-|K`+Dm+_sx;bO(wB3cQ&tWhq`1&v(eu_QN_dev7_03 zg4K4p!X9A$+NwQB+_%kJdk6o39SPHX*mtr^6+}~pT#}OYazw(#%i&WWBXzNNp^Jv^ zM4|cO$m7NON`Zr1;VzxIx0Y&A73?}2pTnfCPL3onjdJT23!dvQWL@^nn<&f}lilty zA9_6LU92}2;bGpGq1C&J`)W`&w%y{&Zhb#!Dd-Aaci~FDd0?DZ8pjaNh;3~*d9Urz z(wKz&#PxPpr(lUZ;KbY z;9hNx(2~d|-(SE^ua{7jK_cuX zU-h*p(1x#9PN_+RAngsycjF2&`6$*DlDXGH0)V64~#Rh$DTt( zZFM`>iKlyn$qr0Z-dj+t$vJXLV0VmX$Lg-Qp^XomQiBpPGG> zmWR!M=-FTq=t4B_BxIXtUNzC|Rri4=FsJ=Wp#3H5q3s&CGwluUDFSEP{(L@H?a70G z-lo|R^+;Dg+jaW=QnmMWOvs|H?<>NNLWxsqTu?j)9eq4g+NtwrK(jx z_{99=mJ)()!ouN~_*=bq%#v|hzLpLB?S$;4Dhe_MT8grG(`npOmAMwY8Lb*eWf5J}&cQUUoS!9ey)V`eb_abJ9y&JK?*;{Kh1t} zov!6v0z99cuW@XS>-*9b&#UC-iY6`7T2nCvW+DgZx4Iu3B=v;6!cH5h$N1vbds1(# zTKo>t7R3r%@S^T3c%@JYYPIilx^6b$1vo9v%y|D-pxN6S(5d2!1e%vUJ(Z9hUo7lC zhQIexDsfTpQqpKXd+DqX*vb@u-T(PiQPP!2m(Rdc&i`NWPdB3zfxfb z@h*`wJAzl)(QuvUDMfJh>u1m_T+M^H>W4lj;+x$BEmqmCTVf$XBBYC)8!Oq) zBNVw!vq0x;vGG{oTIEcVFBW^~#?qiaCM*I z{gWlOmoVhVh+c!1(yDTuWgn`dzDV{L@Jp4M4oH((reA^b6W|fEWDnkdihzG4BRnN8 zQTGK-Ob~%IalL$Bg3Q6>kwd-vu0#=8@^xSX7B=roNH+!^)Vn8cWF~>QgqbSt=8R#( z>vmUKbZ9xNw%@!?tr0KbCl>j1;>ssXvTm{yDm7^@|5yn4#go#Lf;&DF;iTyC`KGMB z#K)@*Ze!Pu)IOtoYcN4%dV3?7Rx*37b>Ll7h<2prf-5r_jb9-n_~|$emN475v_v(GrPp=R`vI$# za{3{XM4y5pH0$}K_@hcMfXE@_@2?`A6Zes9EqdxOrRz7&s&g6hv`AII@($A(!J@5- zB4eE-r@gPQ#t_ow3`d)`Zv#X7@vkyb$@6Cqd-$3sS-55?>0NVpE|D9?$|>kren)&| zs72%*bL90CJ+D(-aMcR^HbVwWfm1rC5v6MLp=jZB6`PBw?HRRzE+H4Jrd6NN`J4CU z&glf5N^6ZB- z@<%;C5r@CFaNEj^ZpNDWT9s{_JV-FHldCr_LOSTz6rfkd3)0d&yiIX;oDHy8Sz?iqtxBZN8SoBqtEduY3WjqteIjpTU=gc>~oS zt>gQ1){Uy^aKLY^3H!PIm8u=UiuJt(HRK*fS(+ixdL&8!NR%u-iHk!;JU$J}mLyJjdVu3Q!3yI8KU4Rl>7UnO#bF>e$=27$r!GN$A(E6_AzgM|peM70KrUKXxR-HG zyn+MkimU$mlrd+KOEfj$PTP^4Ag?5;o{9v%ho=U)X`pTYL{i_l3vB8r3ke zHg1nqX3aancDvV~Sn2c`)KtuerN$)f@P|*e@F^MY6B|4G5^J5-yt|A&;z|6#JnvDD z2g#hl+fZ%-NuP|B3ceRhwpHDfRVzK3SDW_c_TK5Y7gi*MF<_gb28F13u5?y=Fz}45 z&}q`hi*9V2#MOS%GbVcTX{X8J0Ny2ruP&*qMsnsp@`Jfoky?@Mf)uTsw#(9b*QV1$q+cRaS^^7_zea!lQ|&o``{0qjN0KQQ;X1*=e?GCi zRG{U3DInxeH*FOeYQ)0L;m^%37rlk$z*sC6Y1?_c+atTQ`qKKQ?QH(@@0a_wg5-5u zFuEldDj#onje4pUzFV(Gol54ibvAdMLK~0vgcZg-d;RoGx>g~*`(_8{=n-*^STQ|{ zleayqAKE#_JWu1$Ig8OL=V}(m?LxCi3(PBabsb~7T}vHebrKM79OspEPJ?mtwBh@K zQ2U=QguHt>p+I*izXk&0N#BWgqA=0fiCjwW9^SfrkiP9npq#W$btMPtuE27cy`CPu z!{Q*A>&lA@xRGrW6Eok4h~8b|^r;R)hWiJAI7`MG;uMjE^Rn7*cdo_m`tmNdYGyuv z;wAqPw~BJN&aY!gAAU3Oa&*noWfZrWCv{J~?9I`)*YqAfq<5CLubanYJtu03r1~7n zjs#Gx;IyWu-X7G!X9POwT{X*0VSu}ZL?y&TWVb( zJ{lYa^lD(=-#8yYc5tUOiYq23D5px3gjR?gNsZyKl}v9ks8B=6u***ac8h4cdn6GT1VG#q(uE_KSWA<<#i3n90NsLcYQrGT@ zbVsCS$ediAq8NR}T2j$NleE4)eDf74V5%~=`tbQ^L(oixsMdsXd$Mx(o-$9b+lk8^KDSCrPC*!K@r%mwaf>z*pK^6$ zqrT6&iZ;t)kYdPXHPOVx#4nusAKjBVwOS9QySnaBZ=J4vk~OT^+wgPfEpu~o z9zH%vpgg!=pcImMsmoWvi3r}Kj=1IyAI34Ni~oF9Pz1{y!+M&7FNhK4rvzdY+GzL( zIr=hTH%9hFOD!TG>Tuj$PVHr32iUSgrtuK!c?kJkr{bv$TF`#*sGm^>|9Vuys2QO% zD@MHa(fmOBSJS_T1O-m!79G9(nBm_Iu1;sx~il`h{)61BP^;L_-ZHz{BGz7pX)7Pb>FIs+1#nu z@h*Lql$>V%33c+vQKN|9;U!UvDaDra%W63fjMy{_*^u7Kl$6Uev$Ikkj={4&5-U8x zii}bjW)$_vLHfStW0Tfzfn3omBgVr_kQ}hS&>mn^RJhCzon(FuY*3R-41-l@C3s>A zBf-F-ygPa|)zuQn)+{7HMIuspg|EV%J|eR3LTVb3;`2WcmZRs#yK$p+!0l?YE)Ta= ziSwN=vEt&B&CxVSulv`pqy+^9321_nGYXs`uoO2gP<5z34;u6Xd;|G@iw*9v0ULNz zNg+++u+-;?rPIewUi1azjD&;P2pictK2CW_^?{e}!YCUrH4RNdW+sQ3nb{lgomSQ_a4945 zMPcVw0!n~+gMv@|x8w^^Pjg}2_@IR!N`ep4e;U70zPd7Vx2wYk-YUQsPRb`;Vj8rY zNecsQpsv2n&G|r8seT*dP;1a)0lYB&r@4XE;kNx=+i~T%sw$>!7njjG))wEFp-tXM zk3KAFg+5zB;Dv<3LOx(!Pl|DS3YIimu($<-M#465b~1k3AIMApq!W}7w<2{y;W$X# zF-CZ5gbCvGfL{p`_(vI2S)Q-%lvW5vW z{h>-X8|Wu3#P0ijn(N2n&lX5SIir1rFUontm z)5vEgQ~BE6efo#OB?I#nUPOh~0$ckD>|-OcnYbh~-RXC9gOZPg7)c>9iCt}VC0+gS z2=Ns=SKH(Ei@qa!L1+3>OAC{&bWV4+b3TvgQN1j zf$gYBIR|W|a13tishc?NxB!+J7JS@9v2rK2u6lH1erSTha)aU9sw`y z?{Iu0*{AxN!gxQ+)*@_KYt>54^O5*Dg|yTJt7)b;d%G?PrEX3R7?b^-Awh^+)Mm%Q z5TF5iyMx2`JwgIi#6&K~)qlYbJ0rtg=yZbZ z9hWy%MNE`U(Uf#LdCV|%AxFdthW0spO3ut|#-}*S`YA%?10mS?*9StAC@zBzy%09= z_IDh;#yj+?NBW)#72axjmQ_EzBr7jLk4mL>Ye-#?daGGtNUKQG39A$@4-RED+1kgRBVwn z=A7YSgsiWjhiB3p)*W|XFvjnXfsTDjQS85r&?T!}i1QFam+a?B|CKC4F5ux!FoEK7H#d_6B7c&E z*oY=^x4_AI-~OJ3u{}RJ@pD-gJyh})#k_|PKTG%#Ni3^Ak3rs6PYF~nKd9a}g@r6# zIu3H_T36YjvnG^~)dZ&GpFKN#pI{-(1954Yi)y5iHIRfH5rMx$mZLrtuV;Qp4YoaN zQY2mPZ5@n@ZPi)dvfp_`v=723NDgkf*Xz;?0jEGfg4v$#Cn@#dGv1Tf`^7m`PmUZp zf=qV#ofTYe-uc+DIsH<2%vbwJLTW1G%q-2Dq|D0ATWJVu8!~fs4^g?fRlst%(^H%g z6so#H;zOG~t&0&T@rCuZBLrB<2+^t^lW45vQwU8Ud~Y>+7v*xb422MLj7c zWo0Q#H@A+?4k;y7d57DWed1r>;vvUAal7&rL-paqjVmYzO|4RW9kyr;HK@Gsxc%{I z*yxp+k$oEO+khLU$(C zFV8;jam}<;ZR8hzz(%*0EYziEX6Y`~niP+ls~2=WN0dw*+}G0eBKy(c2;{yQuaUXw z0L1I=7npn#mJ?3^5CbqN27Ziy`|e|80Lt0fS-)=~VQHodn`6+@`XxY__u>&_bMDwx z+7ZP{+Z@Vm@HwLho?UdRJ3(AQc7j_(ARv5BkSGb})SF*ivW?`f!Ot^l@}6#gXIz;j ze_elO=IS+qhCCIuYl1^`(@~L7&&qt6+6Hku{eBqu_bTz%t@l3!oq9d@gMrsRimLnf zJetM+A!<2cI=|y6dRCOCGRBRLZcj(4h_j`%;u-P>zt(kp0H^p?ww_`R24Ca)9h!GaNI){v z_4R^*;N+fuG^Q%Bu;gMsqjIkR9o^we_4W!{rbTp z>W=B>fz&Jt5D*^IvQy-60rKYR>XU)SuRa5zf19HLLsd|aDqLAhn6DVrj5spA?&Rp; zU?fIc4#V~ibYc`<{`R%42HG}n$~a5q)^6#dP{&W4Fy3B*drMq8#xR1%%d7l{swz!} zEOG0g5?%W{{@OWH*&IEi8~b`z8v+LIMdRv#3ki#8RgZa2Qz+Twe zK!+W9{XlXel3BCsl1}^`!s9nHbA>;#{BTGc7(5A#eY%o4RsShj3|9AD0qx8nmA1bd zPui>$jk2<_2T7`#CZj`i*FFP?A?`5w-?_uJrrgVAPIHUjHl9)awRQ{|#UBhd#4?>f zvgqo)S#}>rScwtbQOTL<7@xLv}TfYCNP z12-@A#u!UyD4Oz1%-1WbcKut6=Chi2o#eol&H5IuL3i5#$*TYPa)pYx7b@z7<1|L0!*Ln=q^jkt)T%>MpZm~ z3$AO+*iS8iS&PJ%PZNqUqponv{7nD0!8%WR*|d1d-_Yg<@q$QSf2k>q39CAZ6+ZXL zIe(I-ih?&UODMx_LmsED#1Ag3p!pl4^$3Uzo|SIg!WhtrnpfFR4bu9iRmJ?q<*S;) zJ%|EhFO3jf)D2pc8Z>xvOfr*wk4;IT5f6nMQ#BZR6+{sJ-b3ATX*!bg@+Y;!DaX;T zveBXkcrH(2~9>EuoMHEY|H0EXlvMV5XWJAEE6|ii^Sb z&7^cG%d(w`^xk#LJZ8l zBc5liMjV?*g`=^={L|I6}W$tND06F3#`0~G$>xYsY225MTe}3e{ZYU(rZUJ zVK&FV?jf#6d^#i5T_b;RYs_Y+ec$XhLuMsX_^HGe1koWw5fMoCIQJyP7?PKxEyb7v zBowX*VbVI%dP{I>u8S$EL|1)5+!#WeWB)+TFNjA+E=m73?$HAJUJO+B?&*jYP$5vu z=YxHJF9qR`7bMv2uw120aYZCpS(%t>&#FWBdrQ4#U(r_8&BY{f+9GWwWvM=EtJ77{ zl*ltYR6(Ae{_mbXvDL^z;hL#ZdgDE^&92floBRafEW;KHYrm|)0>&(ZZ&B6HtGl!D zSn%8aU%6!2Ejt5o&zk1alo^hD0%?UvCFIZQBZ&9E@OR#S+p`1cljthf5NdF6QD;6JqL{>;;O%y+JTEJ03;OF~A2IyrxV4 zs0I*K(Z+xnW~{aNDbZP+Nn5)~=|bcmWy6zS*0kl_IlwYClxEfOqR!giUHDRpy-6ds z-ECk4eWZpQE{0=u#bfJz+(Y6!{kAz)1EpU!kb)v=y)#SFe0DnabdmjR*XFwJp5bmg zr`u&HuwQA7FM!cCiECimSRwp5N`AAta=~u0VPW>1>-U<+d!AHRqqSX{c$Z$tyS|~H zHAZ&b$*5FUTID{HP)fT(GugvXH~qn-Cbg9d{)R+AXB%Dk4z=t=}Ff;+t`=e+uOHK z)$Wcjq};yUt~n0gbA)74h)BF9OMJ`hBJ8V}ZnZ~a<;Agf z{calr;Rl|K^FAtO-`acgk^`FkPP$qWk}`XPOy0WB&kXC&yD=3XgnQhyPd)mMrQ4+! zTWgS)G*7$X=v1L@F9+#YaDE>(rf}m?T>ie?RgrW5^PoVl%{Gp6{n}~nzR0muWgFyt40WEG1N-E(Ncs6v z)OIJK_R#XkB81t?gxcJ%>KaB0Rr#!ZgsrMX$t1Xp*XOtolay}+IR*h6e~aJzBD(SM z!)%u!-U)=~U&R+7cpEhc&kK|sBplZUp4T32n46Wno)V}ND0+WcNb#}qAXOVOulqU< zh>Tyu!z3|$h`?b^oYHz;l+wlD?qiOhqD`tbeS2X_C7)3~f9-qq`5cQ89|6a`2x6;w zqu9tQY@f{SnzqEdQdLxHT;UWCi4Wp=LV6-2pttUV!fEho9iy4@kXCea*BwsW)xGJk z%HW=`jMX}v%FN12 zv3AT860y@%+ID|1R#zhxR8uJI-kohsekm~xm(tueH#v-d^zDu66&~8zIPX=+5Zzwv zP5!kO;eTZtf0;&LE)_gQ(Qdwu9Cn0RPcH~xS$N#pu5#;h28u?MW>0%{(b=Sb{mzrr zZPQlQv7$GST~(QX*TyUu#|O--R%&OuJJ(}8_G~tbPBh&iDcj>!tYuH`gxiNfdyKXX zwzoj>ay_V6(obnf9c7|Z5dG#T2<>OFRyXZO6G+ar#_OCnYT1+XCe-ngxB*qCB!pP{ z&uV-SUB;tHg5cl49V2-|kf>fD?a!$cny1x0z^KJH{wa{!*WAIy)k-9Vm)hw>mLElJ zZ(-_)*^_nmJd=fSM6GMxQhE38zCRX`xntDvMI%~yCxy>>Ix$QifWM%di&9=>>89)W zMLOtH^1&x#!1`l94s7`Gw{Z}%e7{_-s7;I^qYtnKH*uLg9fju!Idd0`Ywk`dL!4f7 ze@Xao3OB)Na(884z*|Hw!F~1}Hgp3aFyfCw-*5%Oh=l(~Mud!HDCu!~it4an#mrxp|CM%(`lBZd)imk?P6+Qn13IiDzW?S7+rk?uleYBL(o!Vov%&(e35af zoLIag!l5*ivF_7%-w}{Op`layo7VyKb?_!tjv5+}GN*$&DH{wL!1&Hh6CcML?1{Uqx$^d@H@%P|&PEmbYtAPm-P~)qXIIGn~S1$d> z%);@hGs&9UFOtP^gGl;%fLCMRfqe@KIg%%ui0~~q7#sz66S&|ksdx#&%k#-09{eSW(lmaEh;5jz`zJ~MvarV`5Rj$Fhx@1Wy zqLcyxigYR{T_PdfT`G+|5ps6u`WuaZaln5{NcJ@L(;60ch_vrz*r=$k*_@v&}4&{c#SNQ1) z2;t`rHnW}M1q%0dhVQYDbR|xB45Bn9Abd=^grjd2U~yBSH~y@Z9X)+;%YAF2^cz+P zE@FHOdhOqSjTG|<^qQpRCo)SzItn1@FO3^QSoKnHElb+6To**+3*py&S>jIRB1%x{1GM~(d9G$2WRSL`*Cq(&i0Y8vxuLPqeZ`bXcNLVe5APYoMf3AP7H!GD3lor1B%m%$psot%btvrJA~Vbq5g-;2 zAibMYU?A46#H)OA-6V+=NkK5_N|yd@|tFWqH+b6{;$_jFHXbPbB&kxEU;iNJX_b0 zR#c_S%`8E65eEtFXl0}AC|gN!FE1qd`Mb^tezv{69a<=qf)2>T;k4@Us6(Ng5i>w> zD3f73iZUaztL)rGT6Xo|xW5nUl!(WsU_TT%kJWh6-@ebkF2+=b) zRCQH}kWQ=6x*p0kAV&{jj@%L9&qbScH?(r2TQmSyfz8{84O0c;UBwzczo5xINKo!=4G zvd*xi5J=hwqU>0b1O9_JDjg+{RF zyaY`XO0nVtt%3U;MKPIDhtW5MlS_{HS3<>bXBhL~wERhV;4$GSEJ-Je#meBX>X(0# zwZGM#@#xViG+mCgOe0Qdsk5!%-q6QV%bt6yOYnIAmO>3*iG_$e|i0??J>Ot4(f46CH z&$KYkN?^D`c+FvCi|Fku#Vfm+-I}#K5t)2xYCL}{ff?wxqtC%nVuoQfzW?5N?Fh1O-AnGh=6|sA5&-ff8GM zKg|K}wCE(r{_0*!4|a{mO+fPi(_rdgqXOrycEPp>c9HAE``=z?JN}HwuXBobe~@|* zILoDVN;v)+uGVA=+T_w@a4viLw-I+hU_FIY+2H}-MUb83O$xB`&o~C$_{(3Ah9JX! zK6LfZ{E2^uk5y7ZaoF}!P<)&TOg!JK-5~@@m8Fx@|_bappMN1=uKEo|eqtn)VN$j(iKlg};HFICtW=D;9NwXdtAPKk@)U0W~q- z;goTo8L*NUfb&*Eajvh~V7+&?reY4Z{0CMEk7j`S8R?OqguhQ4gF*t1-+x!SjPlOb zXjF+}Jc@E7g_w&gXHM1tRHBX};SXg*)ECZZit4X@z7Bv(aLY*4MwTYZkF{eUU(25Y zQ?teDbf16{9cwiogC&LOZZ-`GqzA@fn(6 zGdLr`W7Fj$V7*@NocXg(rhND-rwG1e9jhHSmvUKIJvHW)=A3`^a&9J5Xk!%VN#}ew z>Xsu|4s>veV=^itf1TnGm}`=*{t4voN(OL>pQQEe>U(cmllSSdl%aqY?D*oxX2U@wk9EEo!oeo z{7~P%H~3J_0$7s5>z049B*qLmj{8tMS{De(dV7mQD+A9{D(@lBQ@}liz=^YoIG(qWZrLQ=!qB5qgpB?42&vZgs6J#CJO`n5%@QH1JVrwW|k--y|tg^;Od zyRz}{o>nzEdgSx@xm>Ko{40f;+iQKe^c~ zqq?&UsM0lASuIZu1s+tyLUQeE0}{9?cObt6fIRlywtT8IV11m>f{L>L z>!)YAcsq6dJKQksNA~*Ux`>w-cY9apjm#&kKA3soJ((F{r`t|%;04!yWE4{R1e6oj zy*Ux807WMW#eUH~F-xnoJMLC@SR=XEbfTt~g$?Kkg0V=T8OLMW@znAY7%zRgKHRZ` zITS^taEV=SwqVAe3apjId9+CY!EZlhEdFRXF-;JPcK-)kkoZW(bpLkyFLTS325ley zi=5h+u!6b3TEiaF*`|})>M70vn)mk9-!+DX>b`_=koR6+js9x%(nO_RYlwg z<%oq^$sFF$#+Xp=oHJ>h&|396zD*&*vWE%GPRp3jzCI{?okSMhJDtc6k|za{hg4I2 zL52_<0MXw#;vXds#;9N@{3<_V-8;`q<+J^{rcuI0ujERs`(#sN)tCPLmDTS`h63-K z^L|$*s&M2uufK4e@#lF{@=k;#-@s+@B}8*3sVPbAPqivc6a|ZJdE{N|s3n^(yfUX- z&{v+-PNohsoj@GOK^#1&-K_;o2X0e<06+fwz5&hT?#c_#vOY zD#wWZ(zzkWq2z{^K-+ygam1h+Zhck1>>`QJdWb>dpJ82_6+C-t|E}Ydsng~X+J5^g zi;AWu6Ul2VWx<6NtB9BLdL_*42G?53vtE-bWgaZm9a(C{4ZKUD@i&0pk~L0vt<4Qf zl}O~_{AXj2s371V7g%Z`1rAv9^@X~Pbn3Ebi&BTWnT;k2j(X4i-MCWH?sdw?ihWM@ ztcHRtCCz!iZNCafFxHvfQIWfk1_zx&x2!Z-pIUL~ylfs)G3cne6SEk$zo3#_f6CC= zTQA@8g_nMPmz*22VkLLb`p~|})bJx1C!oKQ9re{hs9?pD+V~;=BmsZfC$${WYZ!D~ z+3E)^K^GlCsB~RytT~^kbH^ukhm(&}T~*&X($vhwR&c2&^oQGk>)5zqk)wQLWT)US z)A7Aw`~6oGxjLA?BtI=v63c;UA(5=0hU4R0gA<>NB=mXfl$DzQ;-go=228-bML@3u z-^cRb=QV_b7_u7hP*1sBLlgIw74?YPbjWk>W@=yj*3Cn>KRF-QWTfZv9i;7vNh0T( z^W5o!3l0{5t8z3;Wq`^@T~Gle9H@na9w)>H$ie)p5-hO?L*Kbpx3=Nt{PZE|+SKoM znDxCG@vs;QD~;gm`E7sI0yicaICQNvwW#gq(a+*`hBAMwrdI}9vFlM8jqu;j@ML?hSMEMw&#J6B-&?l$Zhv;Ov5~ALf^@y_ z-lhfKnlp*3YWP7r$`N@$DF=`KFnEC4GIP*8y|~CzLe2>MKRF1T5d#`1$~A5m$kIPY z7R|*#We7LrF*87YN!yfu8A4AmabtW(vCM9|F5cOcdWZ<8$DSU~HEjc7w{&iOv z2jZ{LjdHSd(tiAxy8YW>wVj=O{lxzM{gIjz4X)6XscU`hRE<|qMjUZcrQgl>MH44b zLSD!0-{dkVIIVtO9I+Y~Fzgq06+C`CKr&m4Go7tjmzOK6Vk8>gy7MQRoUseunU60^ zx?Ju#uC8pTTm8FEgwY;T;dT4Y48L9JCDTQY`Equh$SK)3owrFgKR=v>0)*Jc1+MPM zp>%2i$FKLj^xtcIEj&=;=ZG2)r$rJ0^d`idqOqroNe*(Q#=z=LT`rglL zjj0X@D6UHER~n54J1^z?7%^^PW8X11=N-S=Z$DelYg_f~$I{wh;Y3f-;)txRp-iQJ3OId*Kd*T<6%rpaG+ z4>EHMy!QKw-O+nHgJi=1|0mh(|e_#lF1lmbm|uvc#a;_)_6<)q@h;YmMVCCu--@GGj{Ey%OKvxjiJF-rJWxaP;%r?mz@$j8~kPsbIFw&EJj zBU6^Z!qDiWeAd3Hnf4Er)v)Hbx) z)&Jb=+T7VPR$NxCTubGQ{tx4MaXv~Fvg7hW0$o{8I>#Pnh~s-chp`TUk%O(yS1K1k6hQJ&1w40=u$Fi3aqrl) z|FVSE4gpq&E&+-YTP!tj)j|9_Pak{KqsJKmyQAcvrw- z^Xq)s?y<{d`Iocwia3d2aGB$3q`6Vm`L3*I_{|YSLD~JJ*=4IXk3QWvhA%m_Ums(2 zrN3|e>z4gHXn6y1)f2{GELXwpsjS9*1s|`brHdN3%@0>#lm=T$X4Wd5_IdAYD7e_V zc9xRz3B<8O)tWKXh;$_QL6ySiq=N)CA#WlWEgOUa8Ic6Oi08RGlOZ_b(UOm*e}ca` zB`|ZbdmDYK70-^<@^cB%#T_qRd+GQlv*^|np^E(_ZfF+J-tn2X#rkm!_VYMrZ#eGq z9sb6I%J0ur7iXz$9zEQO-1uaz`T5z$WXiQHmcvcN2g4@tQe#Tq$9h_LWb~IZv<*s( zHwWr!#F4SduM$x~BJGng`=P&_M{-v3|KB;QWX1(RIOKqE0wZRd?Au`cdOcn4yC1{Y zh6X8>eu#ewixCll@QOM}cwaI({*?Yb8$>N#XETo_iU@SyfH%>z*S^_5$BK2|Y;v`4 zo73XAb@yDW4jWC;?EUT3{Yk&lL$e}|lI?-VNUWSl_k4FVw)%X;u8q8NhlT3I%$yKg z&U9{p0jcb`BDJ;S$PJesxbTeRUEPB0=jhyDA1rmV0-whSk|^5zpn?dvNp3N@A?%AY z8An8`)9iHe=kePIhet^8qZk)79UjcIwDs^#C3zx@%>1v&zj@hzz^_p2ji6~)`{lWm z?99h4J?<8)(Y?a{eKi%_VHmU-|Fe!Rk+X<+Hl1_^u)SS=O!v;Q6E*1?MpdrY_ey`j zE9dG(7e$+A`q+w}>A(U@b!9Q%yIJ$wK+sBJ@EEO#?iE}24DEcz zPTQYEEq8nDYh+#uzpTUkUx&JQfphdpQf< zQ@2rb{fZn4Wodaj`qWhZc86lc=W?6FrV>Xmcw}~!9}le)jTw-?e2MMK5y(@tHvg+^ zhl2Lc`dWuy`oY>zaP3p495!{y;HN^n$>=(l(9sa0ldNAqbeD1yX$6yM#EfYH5_$y> zlFBhvg>I{E_D%jz9R>a74n01k0gWlN>=r+`*>^{dMjTs4q^NYgLd5B3k=aSsaC6?O zh%tQ&47!fW>e5@I+VVSzmsr9YpChu~rbFR)&*Mke=ra|m1CI;s2!3b`yomw~lz z@^E&avvcEJTfg7j{Oe#*XsulLTG(US6Dg3q)FKYqD+mfnAS(i>5zwctg`6<6ou)2x`*ka)+C| zY7vs(ANUsk^Gk{j2FMaUQ|kXW&YyL|LM{gODlIllOW|+E0v{tE-aR( z!U+8r$AEvWPwn{DuA(9J$<=(-$xr$4F8v$mgU|X%4X9z)xuYR}Q;tCy{G9G&j1*ZelkW|GttlAJ2dFvRxnaEgRIhDT@);!T|>iYp?r zdj`QfyYVj#ftLN=*Gf3c7I+zuhfWkZSbO2+tGI3~BUUrzS;cA0drjlQ#C4jG8%I=N z;6CJNon7E7Xo3*?uE@S!b`#OU{`{+4f1-uBe^ZYsnW@i5l)UBTSFt?8J(oqi7B(j) zreZv?(Zx`>Nx!#hX2bZ+{NaUQ3Jfhn@o<&dwJ(E2^AAXOs>W@d3fXw_+z;y}-AKa0 z*-CR(&E02Ez$cgXE;sFX1AIV>#Zj~wi}$4+n(l9Y{l#9+tl=G@nx|r zp%>#HKQ|w%ZPCfB^!wD?d`BFA%F=3RT{!<5k-@<4G*PKxb9AuXWCLfzF#XaTw>ghBg7cUp+27Lgd!Vav(-DUr-h}tVmSzSE#3*1bO~7 zNpcFEZ%T#~`$Ih0fm^>KKat+zKGZ)HqJNbanO+>hyhOs2$0jPqr@`GnaX`^6;Z^tjegHHap4y(p4Zq8Jc6h)*4|1L*&DEn)9*RpqF(xD z0-O2;K>cO+-T-z1p3V#%;^~5!#{hO+4Snk33;}KY@LIUh1Cd~3T+mAX{MWkgaWR>M z7_>HrYBTxslWf4?J?-Dz==iRr8I`-|e8X3C4-HJ@@H-I?;l3Xqg%q5kpPg;q4>zMs zV1ARCe^rCkkd#`-L%zMEgCv!(`pnldz=1_P9kfSLAxyxMM@-vv{se6MwNFO&Pn7fu zQK4<`7H_Nlny;_+Y|~;$Nhh)KSoa#`W9pree7|Q`BgE$PJjC=$@6H*sJD-H^DU;MNYNdFWB0`9$sAS zzM{{4wY?^QU5ICD+ETKlr)b|*;}*IO4f#dKVdN|br(k^`<8>G@ z-|64)_gd_&*cNkgPGTv1pO7Fd?94@SYSKwOyX*LSIzmZjA!cOjqFUVLWJh4PgbEQzUA?-I#uC7#JaHfVZpaB+irf5PYSom$1Wk!eM# zOncST`^uhMJo7TnF;8eYW8t2MaW@^|gNC*OcF)kC6v;h2+A5CpJe7V30^nT(76g4m&}nWfrok;5!5r2Eu~ z>#L_~AP38}x_a`&SWHgVM|#tbSHHY0YP*8{xfDmuuTmfZ9d&#E`>Tk_y*;5WDRF&k zI=NoT1BOR*3d^9|o|DS$o+DHu3Go-ZBXmk?`l1|qckR4pO=*N*`I9m&a51JId1}pU z%ecW@KG6?d#3g+6sAYF;zNW23Q1d0JW@fn{)!z2}YvWlcPxa08KsHi@K-|DYgL+MX zxSLs-5r0yNY|QkZRFK9|Lfp%`$G)jv%ei@m)#KYUs1qaO{oX-ziar4?#{3y8N(voL4;@+0tufg* zWia32Cr2r6vd+Lb$K6MY-g^zHS@xwv<;$7-4Boq;Q8iX$Ex2zLfb48%d+Z0b1j-PV zozdqtA(MkW9k!DCXN3c^6Ksmv?#v9LJ>MH~#!TMod3H|`ebZ=K;1P`AU#4Si7feS5 zk^y1NqdC=Dd^i=`jFi`@l%;&P8XC8$p0C)SoF0xaoO?EI=p(SI*QQG`>>}(fKQ*24 z76nhJ8)LqcyY#y%%UM}xTtYe01v6uO_AB;o?))^|QBSjsG{3y=JvO%ywBKD3H(~ON zh_M*7PQnlcrDjU>pmio6f|FnHASsf>jze5L zI>wXAn`Kz+z?hUqWG*gJus=IzEgw>2RF0)`VPVn3TcESz_1^gA&m4BGe8JeA!FAQa zR2&o$QvG#N=NA+Y0csUg>^+awjLg$NRSDcE;zoGtnszG=S6aWAlh6M`LKaVUrO>3Pqc$nd^j z;fZ}tuVgXM@50fnlt_m&SKnNWJ#bZmh60mrTS~h&(;Ft=*8VY~vyUpuV9&yGTJYL5~3p+UnL&Mdxpj=xye__GO3OcrQE=UHT3Rf=e@F#A=@IxCl!$ zS9s54YD(qXHo68BDz=ldK+nyaRhK5bx$Jtp5@M<8tSRBK2QXIp|KE&NA8pRQxtZYm zTip|b!;evHk!@7e<(6)ZaXAbCNsjU$Gk*N0ltI4{R$#Zda(J3AZFR6k& zhCaV?ykgG~YMpwg_9^R^D<)4mE%}M%Z(fpkOe}9lL>8=ti^6)8sf0h?BPCL(#CilB zzqU0L&3_5AKDXQ7;^pbSvbeuaD0<{5)_?qgcYR=C(sAo&R&_B<$oA{hRa1K#V56U& zFKb20O~63wD>{c0{>_i<-p9$ABC+&|{e`bh%&WzYW=GYY96{mG_==L^dzwuf#88t5 z>JGlaiz{EK9IJ~9e2%@^ncbbgf8PczKKLxd((O*Zjb2v!h`5_%^hPKSc>9>T zTU(Ne>10p+9>DW4?UNylbK;{oie*YnljDnzg=xh7W)#KeVJdk9vvX#^JJN8w&hjM( zIFTj!bEp6FF8*Ub|Ib%64OntoRrnQ_vX<&`h1Ta2&^Jj;II%wH8X0?D*OfCD%RaAT z_e!QLc7{E2>hOPmJ&K{7^>VjZS4PucS4~?jjM@4Tn4WK1H^icG>-tv(XG5j_fk!oW znq|MdjCp=rJv20>DEYdH@ZNSD-mp^;6bs4OVQ@K9n3tz$yYem78$!Btil=W2V=bxE zKrhl-DmNv=-E;=EsddF$XQ|G8C-PZT7h2!Z*xm3@v>bh+v0KZrZ#L`cxK5(?{tniC zvE6E(xX%8aUY?9Q`|JCwKAmxUi{qmXMaj|Ky=?-s;cJ-WtVHa4qtm4Cvjj=wtF8s{ zge6_@71co(#wCYD)j23Z6ieB|EhG7VUH$)aRDXY0S}(rDN2}jsQ$Hd(+1Q(egk&;z z-CE7d+2Tro2`d)i*V{*lbQV4}UyIq4H?P`Xsf#k#X&l;p!;J_QrswoVb7vX92seMy zfCP!K*C3{;C>Mvhi4W6ViObUM z0Hkju@v?VgnddZpJfA=XOH@BP_pYeeu|0O9tiBe{c-N}#$Nh->Tr*e z%$Q9YQ`da2qrOaysS9M(rC86Fk5Ll2tq$oQ8li1Z6vnO+C!Ck5&6-)@*9WrtTqpH7}T`lr$_i|!NZ zOx0YcRJ3qj@5xc2(7c-LL~vXRp4^@}dlG9EE-`;yF9&b?Re-HpQN^W_CvV9Q&4Yv7 zfPn7$)Q&BA4Vn7Jia++X@gI1MJYndIFJv{$s|MT3w&HVr9GFamgVGvG)0o#Sm5UUg zvh1d%E;MKk)sK#<2%s#;q@|27xU?H>B73E=9^UEYJL5j*Tmqr&-fKF76Cb%RKlykp zI9q(UFSqxBtQY-J@Lj^Ngwy}Gq52=C^$N?vY^Dc8|4TnwZ;HQa0V2|5(i*(B60t3k zWkNWHF9v6#?qK3S-hgmrv6?5%@0;Jzkn!RnLM1%^piWl6_HJ6?we zp<=wmHC)BICk?=wE!#iNz{TX@dv4qADV{u~Pv99fH~n6Us$Fw`3U_zri)Qjk%8kYK z*!Fso%&j29y_R2_V{dp|08s(56ln7N8^$nSF1w~XM>1WTcM6qn7pv}K^;msJ{<<^IJ#lVBWUodLCV zU+uoAE!!Fj}K5V7sHGa7SpDBc*&l~WMvF7h}ELt3sjVn|RNuv9yN)vLZ9l>`{ z+`c0}9*(*dCD`5A6~9AX$eXtJ^bYx1@{*nDFP9_6Mav0AY3wmYkYL%`RXx5p7!((G zf-{^gr!sm2(a^2lTI%;T|Jkffw?G?f#r=(Cha$aKj{n)7nd$+Z^LU;|N`VA1mXRc@ zI=vsX#?~kIhBlddhZ+Nppf;H+cexE+LY?Vk!H5~(yh4CDoqy9|oJQ>dc$e-d96&@U zt!A`cPV~!h7UkZ(J|m z*z9jBh~3-EfbTj+(fETEH#r`xoohgI7SD>CuzkYy8(#k9ib#>T+4Jp-&zE1VW?LG( z4H;|8lQw9vz0ajmBuai)HMQXf4vmsDNDID2f%dc~NK1GS`S>3k6OC_WDb|}~cxN_u zOX&wMVR_Ro-0xaTU+z)T5hS;&UyUfqmT%CLQ{hE@AH;gRQ*LMc!8YkofUd}gjZHs2 z)f@bxfZjCj1j*q^5gHEk-idJ^mwvYuAW3vFjeUJ`>uTVy!nDf?!+bc1(V{8Ax^h~} z2-KP zN7ma=Kg~n=Y{8(9$=5#q6FH!PE56H#+05N7lfLxEh%-fr@vR;2U9UGmipHML#f$ zl=Q2UQI*H`sj0;l@0(bpc1fl>1K&~&@?)ktuw!;R_iG&2$4Hn?8NaEz)>hKI1NzE= z*Z>m-ZK*WG286H<|A`Gy8bIA!@I9|&dbufb)@N^T`jr}AHBCH=A8wCLfsBmI$fE1W@+SSUlW*?hzo|aK+4xM9=4>mz zK)2HpPXgL!WxzCo=lZh$Z!K&cY#U$6)ej)sd1e#qMpf*b*~y-XAvw5gDXiAhS_=(f zahi9;V`4X+W=|E37wB9O+3R~%Jojt$RX=SGjTC!0ig9_gw>EFzH7vjNw}PsEv;@(X zY^Vg$HbO-EZngGYG#W&k>m0+MiMAYS(GO2jQqowMK7)pmK=&4!p&1eG_~upp_R59u zhYxFs!*Q62iz$sN$-t~AJwhcPZJA^Zt({dVs<@$^WWc7Qmi#c%fz2u<2Zc{b5I~|c zu)ducwCQMX|DMFb$mdzic_XDq&m;7fZ*XR?37nFDNa_hPq;tbujK1JO(SZy5AX@o= zq;w(u<6DiT$K9PEF>1=k#liEaFmOViPNl*}=0cT`(*8ozyHy^a^^+{V18cgr#c#eD z?l`>jE?ymX-}$a6x4F6S_3P^+$B48R-udjf73pO$-T6#KrueDdd8IO|{laC3D%_bL zJ}S1mThH?6)SI3knycFm>9I1Ji9e|~WM;X~&IyRcshF6m{%J0nUG5@8h9>UvI_n&2H^ zYsPa4PxL-`mpL&BGPSlUC8@LJ7h5{Vq}A_e_=>r?71h_*k2vvXF8EChpswRzal9=5 z;FJ3;vnU0pHC?nP07f0P!3Md@jlV;Thv?$%fYq|FetCD!7`Nul87~TTL;c7>k}E=p zH>kXef*fDtHOXWj1tYO!7aEaq5vMdwU6=D8Ni|g`yLJmQl=ame;;aE}v{(hG12o=3 zpmBfnIY-2+^!(yTllU9_{?D+3h6ODrjoG|X@kQmV-sjiS$NU^TpT|^%&Vi9u%r8GGk>7nK zStkl|K7i=c4$5dV7Y_oHBs(B^l7veSrQUqZheU5e)57w}P8XR~)Pmd~g zV#;vNTrFN63rWjj%)gEg?f4NfAMhI*x(#CPbix1AY3rYE($r3bI>8BSMmmW8VNT$A zdQ2Ovo(fFP^P6&r+ncCrVv4z6bznS5>Fufmgp;2)XZfFeIhe~*-_X7`*L*^=YGsps zp^5CCm7S{|`#bSdJs%{~bxAo~>$rcghX)@;lu*`pn~4mC;=(7?swDCISHy&z$?}<; zYP?T_Iq=q-TTn2g7hA!y`}sP_3CWSA*I!4M8m;as96;vqC{fO{N}QbRVd+{fy?HuO zombN{GUVVnJ3u@QyQ9F~amkN;|BW>J?EA>qP6?Oa%vVpUi}rheXj;DVV^n*OZ7p*2 zDaz^x_2-KDgF5$!j-t}MpclR8Pp2_hOrHO~x4_3y;H*^g|;>)lV z>j&-Xh8JbNd~u`-BRW_zDGlLcM#8hIyp-+vR*}yA*6HdxI%&Ut>1=um^HCB^tE#CP zdu_;Mi}F%_4>io6-1ym$fUekIlux70qbZB3yo*C)=kM#5HI5Idz`Ok}*F6a0m}zIh9Ofl~j+cFWW_#{!w*CWY7Zq)){D5pBD%dGD#yUc3974KUW@ z44&A4R5rDeM+@32b-gb~rYqAjeEow(P7Kd^1_U9fVim?Yh|zH79>JjXE*!v!+6JQ^7HIpQ0-2r zGjnig!o&3)?}}&zh6HroXl$GLp!5xnnY(S51@Z>&M5$@&^S`^ydlqg->yfCFsMy5{ z!>@YLPb*IubZ0j^id$gJGnl%}=E|=j`ya%)5kPclY5UWQTS+*L`bJ&d9;-jh$~o7G zawneocrVR6w@8UZOOPnbl;iKL1d8*!C%5Q~#ZZJzKXh(d*12->#jre+@r1f>el1>i6Q|M}&hUrb zM-+V%=ksx*A1y1U8UF=~#|qUCWt-*a^^Eqti)rrfXx{dRGa6`%+kM&hV|A@ZvC)s~ntp+p?*6Lbhxjux zjNF*8KH;=u)K0n$q|xBgdB5*+N?`@=Xg9J)_)b8^PN z^S=EF@A$~#)`(r<8S(&Rn@6!)X$c9iNzQU5phve>yr#j)CDqhOhP-~Q6{z`MUUM?_ ziS{$mkyg60oLuWA`Nwf3wuw_@r*$ejFh@{zBsur7XU1KZ({UNkoaxG>KJeWq?$xyGnqhfTw@uMy2CH`yJ!C)j=5S{%1gzLblGAlo2B&q#^BBqRj(`4A z1=3QP2VSy>moQu#`V(al{s~kf3|FtT(YkUA8f+h^&|dAb?d1J6Dz{SaPk5#zBS+vv zAVLfi$Cu1|o1hcan`;2BFfBVf%%TvI0R#cn%&c2YIT5LO3#M21t$WWvuI}gdwKU8( zzfUEET9;8wgpbJ7IImo}xP18*dMu*v0ZBA3qD1%kyIhoyRo@{er&2Y#n4&b{;Cs{% z_8@uzFMRy=yId`*0@=~MGwLDk`R2+IC(s75n<#XNG__q3KP^1Fa3_ z!`PW$$1EyaYxTa}w$V?Dj3j3>D0RJ(S80<~ujlVCkh?iQjRYtoa&i6(^Ydj2flnLo z$sUBz0=`2xdVSfuaq%>Z`OMIlr;*{|-zvZ55KzsjbWhskyF|xDr>9IfBxXK&%D!KZ z!~wp(jY4WKWIMCN*!>wKbjZ{4(vmbZGqY6HBl__;8NuLbYyUK+3CCr9v{(5Uj4j&0 zbZ*$MwwnT zs9))x+@VCU6AeC=UzI)j*l_W9=+$3^SvR3=kj9-5P?bI$D;_lyu~fA7r_h)Hr?)ZR z{QP=6NdrY+Vl{G=Y<{?3Bd1g~Fc43o_U+yqT@QlT*7vW3IxkBQyz5ZY)tkxNqo5(7 zOT~LA2I{_~KJXGi!^IcD*As%-{lz=4YqDo{)HpZkQ z5a<$Gg|<&5ba$q?hVIvVGiq?Y561kG6a+L5l;`MtAT0daUuI(RM@C+vvQ++?XK_hM z$M@d!iv7NO5*NQLx$fRP7bo_Y`8rDhypUGK{=%wdTDr2MV{V5Q@a-9<%zbGwv0mXe zp-4W&Zkunqw!)>w*)ol(<*r!c^CKueS|jXd5r*<#fB55*ar5(AqDe{@n=gZqX(}tf zkG3h$BPdYQi{`RQ1Uea7BB3vyMpqNz$;(Z&COwLrPIp?)&(tY%dJo^4=>)LbW^{@dWWK63@%uXD^W7-w5pyl#33Ks5Ms= z2qy6vYK=mtsaqQ+=&U4WdN?h(zVj@QlwU;%|4Tk>HV;Mc>0)8+ur8}56VNX^}CW_U&H{XL; zi#PndUhvcDx2A~229|qbf}(ZZ(5;0zE$QPYJT}JF8lSOuRo6<^o?F5dxPS{Bo9k0{ zb4U18lcvh({wzao~FknIp~#fbPA(9+WWTG~1~E99y|5FkqxqzR$q z$pb4E1EC}ebJ@RIOur;qd%gFgPEt}*T4rWQ%Xlv86ArHI_(M+Q(}MR=w0DTMYL;!a z@iQ}5rWZ@HUSxm1YBI?EV{G5K67RGqjS%?sw&6zBA{NLZ&dr?%|M2f}AAIF#$x)aA z87<_YF`pmPdCGh3qaalrCA&-gn8_h3ZpVLcp9l|2a&p(OZy^hKJ+e@$sftOJSrKt z{sGB}Q>W73y_4E69hE;X;;dlc<903NCfkA7EEAulIM>=*BO|o)!WqW+w8CgYpb#_0 zQX%ezC~? zf{Q@z`JEKlxfNb6{6F!md~`vWsKWNj9W zjNtzHFaQuxcv{qN){$JXF?M=)%Q#5A?cMyZ_@q^JZFTA|06eGAa#}!@{r6BGvL;>BYr5Fj%eAu>hBiv!!qB={G;OMTaxUg^50^mzo z|MtL$v$J2!@lD5qJxaeka+LF?pK*982~2vhEeQ2L%tZXNUUP~ZZ98Ftf}-(K^Rl8< z-Im$*h&eI0vZQ5-;M{|A`=DZU_pa9JQ&0DqM9uV~B5jxh`?7X8V(DX725YJ4(+93+vS+(sa`h&w6W(5brEw71Bf4~m{E ztRMq|Dne8@Ylhg_6ngLa$<=Xj{E0kkGaK=U!_jJE(1x4u!VcIR=DOA=Oa}~`kua)i zpwJIv?=|^d-tz8UHPA7zU3%=2I;{*Tznt7yNlgekE0aCnZ0DdG*zmV<;SB zy-LBjsFoi;!ePkB%Gw?gm~RikL^Dq_Mnt@%^(wvB%Krm+0#Q(K{eVQ*5;YeailqeP zj6=g&Ryi4q4|U_m9Ei!Lm)8xmZEbt+oZm5vD>`=VKtgjzXA1QpnzMJztv?I>;J zl>Yg4;k%FV!%b7{cr%)t6=nrouZ#RB)}^vdr6e#Lx^H*z0ivDw52`Of&64x}`RTk{ z>WQK3`pj`HJV_SJ(`3rNXd92|M+C7s;`p8E`3c2GNVKk?{OJfE-!K-28S+yTa~=IY zwj~!|+;%J7`{ZYoj|k~=e5@KtH8tYSc@fXD$SKSAo*q{4falJdUa#IbAkIW-&Y^&o z?o3cED|X&JGt2+O=HyKyu`9;sjsZUpfu`T}KCjN$N5I-VX0$)?CmTgyG^!}ON{lxN z!ynz9yDsc5&C)J~Xh<_N6QVtW(2PHl6pk{bgijGn1M6mLhw* zDqH&b)7BN8bR~q>Uaac$Nt=t^n?Kuefz#*cvZoEi_So1RU0v^}t$P#UJ;Ug7$W88# z&D5b>0CF&LI5#empD#=4khNT?4CqQJFE;>z{)noMR(L08B&K|Nzgw36<3m2=XFZ8F z;&To6w;JxJv9f*lAGEh}1DWq;&xKkI=>pjAB&k`s9ucT;*S%-%2N3FC%$Ib6?|CiG zYuA!<&02I$DhDX6e4XZy9n2^aT8Z;oC39r>s}^ALXr_(zw~w>)lMLB2O|xH=AZb7x zUHRjyM5cKf6loYH!Fbx#4O-`5RYW!Zx?*~83Y6CKEr>k_3$`&Ie+VJ-`;yhwNMc;Y^N zu4nq{x-(hAt%#npV~8PGQX0U{p6mMQc>fg(q`yw_M9>`+>j3^_;dwP04~M~5Xz?1c zzyBuZqG?z&JcR_{noCM__cs#HPfb#U)=n#SyjHE*oeC34swqxm>hFHPofGSBBc(GI z*K(;2k2R;ud%`uKd~M|EG80|mc!uuJ6b`Q~1$Fh$6&m~=$5%dg#l>V??pqwj#FuaH zD9rwHnR$}`x#U`-Sex7K;2oEV=M-Jc_Y6FYxD1?4Ci9j}h+oy6mQEBkx_hI8gl?<7 zce=f`^>*1{2LbEA$!v?BM{WwMt=&@2l>}@X3mrP&^UPyu?cubH6Mc8@dJld=gK3&P zFu~3E4<4Hgn<^8*);Y0{5|L{d4tEW&-&KN80)PbqD!y^XR*fI2OE@?iF1%8Y4Aty8 zK4G^LKy-4#KUV&g5g4z4gWRmB&G?fv7v=$aCOM_5N(`a?toq#~?hu`J6D)sF8{UGs zw_MD(UT5|(eb)8e)n~ZJ3N20A^5iF%BUpZpU!u(!=#)=iDU!0$WTe#KJR5sEc*b4z zYM+zGS=(}{`QD7}`BDY4fZ8*C^R7pat??!(Z9Ew`Dv$$6&AfYUedU$rngWx5rJtHU z?z1Q>6s9sou=%3b9Ok5@jg5x2btZ|HQQv}0uA0q^sgrqCB6YbA3ohH&z`#TqEYs7R zEu(9>o6whc)u7vAcfib6w`G(dj6&qVZc>usU^5uUR#WeMRoAKbpe!549?~@p!GEmh zaSmqY`au#E{sW1X3GM1W3BRDmR<9vOao8TXn{cmzs(&t83u(<19dp8oYNJH zzes+S?H`-&((H5He{y{L((B093ujKU=2V}nsbLs8&h_I0iNHPTPSuv#@C>(NU(94p zu6&c=7z;m6^-e^k-)jSc6S3lm0|TyR#Xo>2Eg_+5E4b$)53 z28eu60M_%i7I;T{$%nnAG1kGZO;|y&s6l!;?qgdQ*I54ug+@<0B-v{2Nl+cy^Oj=5r6>u;Q{9p9~IWR#W~k#>Pw zl-iEv`7sh{QYoE49?c^kr7?~!)#P4h$EW0rUo%$AosEvqIYwQjrJR&>y;dN}VRG%H zdo^)_I}S6p4CZRJq$@c{^TG@gNnsqCix3E{?)d7Fnw#Qixj-bBc$gm9(-`XSPvwXn z+}>8mgmBi)Eo(j~FNZsUL8>d~DNp##Zcq&+(D~bfg5-OAcEFbl6ghO-pV9o-7NDAr zzDUt!g~NR5m8L;7{1VJx#=A?`P`HHkvl4#qy|o%n1H%i;4z0z>CQFBE4FX{|V;@UDH! z@?;H=S@I?oWFPElt)_#bAu8QZ=S(Ub@cc++*%freO3U(&;^mvV$wl(yrWAj$sgKGY zt4QHTc+agTsF3QWcIA|!%or?_YTYT##7>r{B#kmb@u$B~q9Hc{MKbH_c6%Z+6_}op+3Gj$x@dOwLh%l zfAR@DK7&utGJHr5Ffi${)^npf*X`w0+~}d27YGi43JgEO!dn@e+a(1PK*@4WF6af2sBU z@pcyxJHP3g$JVYUo7YPD#;{=EN0yF>^R?`c*hvc$EP2Y9xY8RgCFM}a7G|xF`_S8f zM?vSK%>@#`C^dcU#_m0Pt>k!yl2y=?-2L+cS~PD?;2emLieg$xRpK*mj$R~BuSBgZ zJuVCOzbh^-&X-Geiwl)G$CtDbfaEgVMOpE}46F#D$$C_LZFP0}Up_`rDYMa`f98Gq zEIGN-9!)Ie&U7cpbJtJD8Oa$}qGGCx9v(t1$z_XG=~&n8nhVBfQFtUNbz1;X(~!s} z+9s~tHUQ3~!+pUOqK|*33m7;LuVz)U_xn%LQHCZ8Q)0^+MiscZj!G{+94jgl%HisW z92@2OBuB~|BxO-)qZ_fv@YvPl>n9U2ob{Hb^TRH#$#(Ms`lsP6;|@M$#cXcp1S=O( z@auS-cw1qfS&M(f8(%+5F25x`<%jkXPYr(DyUQE1)`0^V4q`a14Apoqq-e9K9}o0U zd-u2mP?+;~qqb*T?&948=DRzv31zC?CAIwN)k4lY{OPK9gJbdZ6tTzO1JQ%`KMk-* zoF`(nUN$Jugr?HUDK~zA<3WFdz*%+0>NGw0%(9+dMH;N&C9J&E>4eh|ZNqxJ?X}jz zHlI@i2>reE1h`OG^ne6tQ{IMXBspqLKL*vOe+GqRW$Jb`R_lkPH;52!cLfZ3t#w!n z&_^yu2aFa*5|CTy;D3l5o+rHa%^T57yY@XBG!`O-qt7rYtMC}I$Pdcs78uc(>!ta= zrVrdi&Y`ig(WkSG{qubHi!=+ihJss6l>3(&{6AO=)ePlyrk_+;XM}R`=_8&!l^!ay z4r9HZliLx7>03_6b@ZNHf?ez{Y(q|Ab}&A4u{yTUCA#a3T2Mt~Q~k1Rr7Qj7++0Wb z6Nc3%=_M0OuOXd1IjE*efEc$gsBach=@Tt<=riHGH#p2mb{* zst6#$BzguDsv@^{rtDNNo>mFMl=p=5_8@`I$+&{pY6h61FNTsj|2L%tqHnMtD(IlE z6p(*m!w*!I`7!&NXJ%g@v%NJ~bGt8?t+|lJPS?%GTddRqEq#n6ENNT7OhaIv|G{;f zxiK(m8Q54-`Z{7ZV{UJ|U1`u*`f1@F$LEShDLC34m%1pytkmT1`OS{bTxBtT?@x|< znnHts4fEn1!hq|*Mu5XS(~NNQ&zu*^aIt&z(R4P~&ai3s_?R^K9=`65lsvJ3c2xOpc)CV07Il+Ti+t70p7*IvodSAgk-<}BxL9goT_6ayWI!nGO`7d zK$&LfqwkOR&~K(#RS0in3%$@PE?Hjh{r|8Sy6WSXODO0GCme3J<`{w8pN$_-0jWK<9*X9s{kSu7 zJ%5S)y%?C5j@Jeu+&`in0OI&l#7BfY_0W)(%UWG%!UN^{qj;1>_BoHYkL4K;XEVy$ zJ=yBne2O4hSBt)pMuA*RhM^%Vs4iD?t=YKqQM@F)vstx)n#o(%x|$&muAiM7OHSp{ zYTuJKjx_(Q{1(n?KwmD_S-+$&z+U!3H0xKLVwYI6QaDh3ntm5S_6y0MujuNah1Q>Q zlqqhc!J!rs#eAi59pwk)O3BEO6^@l-4K-d)&%nX2zOTyso6RUaJ2h0S zq|5?EB)$c{ZMYD136!Kcee(Zt`h5NN8qW#!nqX)dGMaeaoZQ(Z+cR;nbTH{NXa_X0 zJoaFJt;I}NoXqKs?E9ch&CdOH#^;R7%z~|vp15$c(ojh=#POM1c%nKd(cS5 z-OTszt;5255jFHQ%MQ+rOjnD;Y4iE2IHfyTGs4=^9`N{vc>vXFt_yl{uzGysec4JW zP%*7)F`^g?7mtyVS^&rITNiGF`KWcRjxNpm~;4^I}ML zR%Bc$-NH>$-JLh&U0=T2OiOof)g|qOlbIzMCtaQ8)|L}0xVVrP^hgKI*E_V*v(`vd zPr#O?lO&P;9fjApyDr#z^7c|dtZCrg^-vEq;u=%4UoKGCo~!Lnh4(0MnSVSkgC+;d zQ*B(tZ?L|<)ThKGq1QQ15;kQ?NWGr7So(5#YH8Zw=E}~r{CkI%&v@$hms_;HaP&(b zkX#9o}Qj71W59 zl-kg=5zodAbIDTu(<>_u<{VsNn90pC?aJlZ)nqhwg6#tj%FW7L*IpfY+DjHSS{A)x zBN@A1kf;6)dj*F%?0r#$JZZWuen(QoDwC-d&gcoXmn*y8no;?7YMH{k$2iI zT)PH3N}Fxo%~cLWeS7G&_WOBC+!WHxOufnDxVeQb#dV!lE3UtdRhT!JkmpTH@o8hab`092bOQBa z7MU7Yk2eS{tr-MUhYuk>vp2q#?@76w*je3;2lOr9Yd8*u*uR-iS_8d%6?YU+)5(;m z&*Zaw6gaAR zOk|ml?gdU=RXAFvs#`jx-rvC470K34bTH1*&+w!YIbNy~aAlQ7x|Uz}F?o>8vAa8T zSC|@*t)?>F9`od^3gGLfq_YyL>Ut@qBSv$e{k+VXNaEN6O$dA?~xxM`72F z!%Z_<+>HPHqI&Pgiv+)~~dhrxe6) zJ>EH%{FJ2U&5_UB~r1ISW}N!@*^K(4qRp z4LRV=1x3pe-GT#~!_18Qxg%pdnO&X}Yg;8MN}i(lI1evpRT6}I&es%QzHJOMUP`ie zenvH?5*BQR11AH!Y0b%gWCE+CC^;o(SRA{MzMkEGj{LIDfphVqWGoek_vVdIgo-MV zbtdC6v+Gu6h&&$n-b_v&n-wvlOQCO^RZts%FU&sH;}(-n>0}=7KSc)YG7#QW#N=&U zdmMIKM{F+dv}yFCuuAD2!jb^5g}!&wKYSdlX{}r)zNUNK<+ucP(0S>Fzmg7m%b`rG zXwVF5Yh!9T3VEdc5k}{G_Qta<><{BE|9-3D*85^#{rY;n(x{ z4W+Glsj0W!_M*GnfzNWX2ERXqINIK(J8nNl9?!~TAmvgzXh`~*1khwrSFnX>mpff6 z>2Fr^-G$tG-hHe$SX*UdX{@A}SI?>FIM3D0oe69hB|C+=HaKN()LpLI6+0gr%iHc$ zO};2|bOX?Yv9>m%)_6H4V@cqJrya-swdO#4W(Q#IKG7U@CQf_w4m$bZ@*O+qi9`1s z+k~-J4`!nc_wviilA2>Mn3zBAM;L=2bhJXK=32(_k_-nowt07t@1L08wmdIj$Z@P8 z=i#^b?01kTH*6@QyIzzs;3ghcZIe-C5&H&K2WV2V{sih?AR$8pMSE2CAzYAqpoeN< z{cF*D);GZq*XUz0`m1h;lPJ634x~m*<;UuZ`Hab;IOI_$Q&sv@6r)T~7AJ1CEQ7>~1h}Q8lE>B#p9>tr}!B7Y_yyrHZ;qPPC5xD2rztmia zpUqW$jHD`~e|PJbo2iT`c0-Q9Jl$?=_stlEauj$zkyqY6VQ7pEKCQwYJNr>fjs{Ki z{5&D~zD|uCL@Bu4FYsqo&Ka)`z_@zN(<%f`rl(E>G@gBM=iLTpmrx1V#T;@=OvF)! zoWr9mP3S^Es!8&XY$#-4Vd{gQ?9Oxu5Qj0v|MW)^b{PG8h`T+1juXvqdkf;-?X%`o zuUnK^iEGWJJq{BX)U}v2r~L!)zbB=t=UQq;D`jXv&g!ZosE7tDF)1muU|gyt5ieRH z-YnRVoteLGkk-CfVi}U5*~>oshW8W(Cds8B8E{G%?Z!5$zg@{`3ncp4qDKAwxL% zvDC}EmYE+MPOhv&h=T)M^p7TDcuTmlw0=7I@DTPM;@hh!G}&pD=G7h}>FKtx)q5Y~ zrk5#fSIb349{ZJ0+il%v;)a(M5ZNjreRRPw*%n>!43-_NRgrXB5FJ3Pew_r&6~rDd zg_@R~}#lVia+obqo%sw^L|td%5*qIIL*DnZe@qGtW4R-Q$0! zVkJAZQ$suc^=lF+t8o;h93yThe9@==3q)V|ExrvAL$^__30`14$4 z8eV~A<8vu4MqG5kB1S9z1h0%(D9b#e)67gh~>qm_gFTot=qPW=@h+ zxf^w}Y;1xjlzvu{K*BXhZKlC?xG5b{d3R-G{GEk|AL`z-w6vtmh@fkt&l)QWemwj2 z+-#PUxk}=!5?7-gF4VE0Y4O1OJ9_l!%=~<(a;)>s%XW!^StB5ZsmbQ@CF>NCAKp6n zueWm*OUCkQdRJc=hjA!Zd4Kx#?3PmeFM7s{-Wgxo9JeSs zjZ}jXe7TRdu($>p#f37x5G6Lvgsv{7kk_wM5)z))ygNVC{V=3l_uyvP+AOrG{2C2F zZ~Ul6>~JGYdSbq;=5UvlB&vBKe_;NB~e3 zaeS3bj*3Gpf)d+8r0I#wLmWn=-YBv3#9sy8&2Ymc5QK+{6iAHP+S|{Tu+80(YzZpe z|1h9IqCYbC&J_BixzY z?U9%!raVh7Xy|q3%UXqJo?E^_0bv)%CQq#6b)hLqXv$E~dOjFOCDd9uA~i5+T*6n9 zGFo68UbC-Y(DI#WxaYyi(*iMu+&tRZ=5eu%S(WFh2EUqj+ZD&l?ezDhTRgpoMbcx; z%(NzpqvE}uO+GTe=zrWpnX@G_7IBhIxil+9OGi9=@IGZsRDQF|<7B?OI&_1IT&UK@ z$!08%=?p$tlVR!Z>n3H^ILz!*eYKK-gcQ^SdwUMuep_2M-8oyTCP&0p9o7fdo$0G| zRIUBZdcN{kJ0>kD?30G!SSkGqE(txJGRn)%eV3F}gL}rhWKb}4YAyqM(!oAxBKD!% zRsJN{hYYX}1A_vWQ*J^t=^`)Xi-sk$M*5TBd-`I$5;)@l_U{4 z*>tZ5hmIF39_AAatfRW%u!g90-cA3hNNVPm{$@TqIsJI!&E6}#sG9{rKA_fvM`*XlaFp{SZ(+Qd;e zaiJ)&^D#G+|9wE=X|R$)J%hlZg}Zqgm>Q$s2_(?&4LyAr|Er!pORPEl_YmHO(zMx= znJpEMMNJu;#-WaB{zbhP5&AKZ}n{&MO60nq!u4 zPsqK`&bS3L=BJJ2%DwSWe9Zse^>jB_IX|Ry3(1RpkcLP)b3Z{nKv5J@w3?$X`3>G3 z&Z3t2DvcEWBRct?{t$(jfj;93j@Rd_Clw}7W*U?{UYmDwx&1;aTTsg_gXKA5_#u;l z?dK1yDXn%vE4f%a1mc%>3=O}JlWS1md-?eIq@B{n?m-EhifYRkeoErJx=mah^A*L4 z5ATQSh&+k>ngxYNGlSQYR~z%omK|>>^sOX)JtF!GBp}|9HQHM0+3?j z6hA0Qdv>XEFPFeRnyUpmay^P3Su+2}+x&IcSeFi~@1RwFswFnmFsd&w!xuR`v zs+Q4Y9QhGu>=5C=oGZX*C<0>28u>mo+|fJayZrdJ0_VlghiU4E*N}=(TSYCQ)i)tZ zaVj!0O%LP3C{%);7l#oZ1_COONO$JmLoPrjJ_zB2=NL>55P;nBtUtf}HzAxaVWO+* zS`75`X-V(#NLi=DL)T|*rW~PvjPHDgUuSLAq13lS<)Ro?jYP*i^*2uDYHy)nc(y5> zJ}oXG;f7g3WI=%y1|2g2jJ29dnka_ev8VIA1n45{uqkuGv-&Y*a?$*W6eWS**9uM{ zseSCwa6GzNWQV;>1kWGY*hukc4!-rDoyoPDxCLTSH@hZ#%m>Q2_00F~L2e87#sR21 z*{F2q64Y=N0qQajQ`a{X0_vU{M&bTV#DjVV%B>Jog0@?z&^&qK#I%=)NZdmC1;LV{rs^%!;K?x7s(cg$qXU*O-^P}el$6*O$KO8q!6xvt?iJ%_Q^6_BpRG~b(Se%j zliOrqU{qSZQwB;3#!r1bmV+dPseO_AeA^U91cGG<_sLi0LKF*+>fyDyHxm6P0QwD2 ze$%agD0M6_(a~tmamr=?;QJCA3U{v_dOLNx_F18Ye}dipAtA! zD(%a3tFx!)-SYA><9(zxP>l`7OlHp;s#j$^neTHPdBrs>$(=t_W6NR~8Tp*x5)o8x zJP>j^g^v%V<01p=0m3i=yIWi95@s4AonMS0>2@KnBXqVrQoXaIBLRZg(6|iom2d+a z!pk*>jc?F@iKyv0A3vnzMhf~LasOBSk5W>VPf2c6%-cFRs7(52COx0o($0NfmKs}7 zPET7W21h1pgf&-?$K9zk9UmEaPf3ZJE{%FUJ^d+hf}O~+?J8K9S$_m=H;a`9Z6Gc=F3(LoTSkk~m@Fxwlt4&B*x-)Lx=IZ8gIAs=jo`ROAL7An4Yp1*=InbS%t+LPrWdN9Pz?>IS+p z?9;cnuKcc<*J}VpVqjs{QVrd&nw!}2M+eKub6&F)XSp%bq+KuzL?Z3NLScp?520EX zfo!w5j*mM9k$z0c&dyGHT-IWFmL!GH_2un`uRmv3-A6L1DeB|xM+;aAVmfDMX2v&m z^gODiRiJ113KWu-R=h$8>cdC~oAu^j>;Uswgp5>Dwht(Vxs^I%#R=gM5dKd)KK#FE z!PDL+S+Frth!+OUZMg?hq4|q^N%GS#fh_5Z%EhEb=plBwmjy!5L?`?jzB9M6bThZk zyv9|$cTeS{yl`xbktV7~J&P!$CAy(y{=d<%`q?$LmRUO$jE@hVM_L`$c0-Q_ zXOGo0WI1)Gfj^v=l&I52!V320s^|X3)-V!!6YsvcxHRhD0$XF;N`)!IZv)HB8WGFo*Z}9S$a9XB2(HLJDmP z)IsL~y6Y?-zS>1RHn)w}A%7JnwgRdHe8A)xNtk{L7~^*p720ECWBji9+At7w_MT*g zqTGwmW>L0k2L{gXFHP9O110cf{ix7~3)wHeOjv~7{uY!MMRzhptt3r?B~O?sOsDm& zcuHDYuInQAg)6L~a3TwN)z#Hk#ju_dkFSRW&38(Akqo#tL8HE_VScEz3--e@cgLZC z8#G;eZUCtUEis)#fD#kYrdE#9PmFJNWuj4sydpuzLgQm)p>VEYc!rT?0<j+;5OHLM-3csT`I70kL%4P<5g~hQ_?D`Z>W0#QC@7`nP{$Pj{zKgP~F< z^Xx1>!WbZ84R&7MciGujG|y7DA5T8ED%S02yM`|lpnT7!=!H_Xc&OXNA*NOu$tsRp z1#YyFtKZ| zlk3Dk!IReQto9{M4|HToa}+S4CivQ0er4^X-#a&*8&Bd1$<9T7y}|y@V)G>z{_oCw zc?_?3Db`ShM6JO3GBZV`$9aXHQaz0V*VYx=zuW`ceUm^q}>FhWZZ4?wu96o;e0;na)B`j>_ z(%3RzP}4Vcj^i30?)UneO=_`&uI#4WFAR?zbVSc8-KFjkxh1$D^6rLPBf z&*nu$Hpa^EqW7||X*gA2#5CughX)Q-s@NQz?i(OuhaRH!W^E3&he8s zyhy`DQ37F=`0VTz5uQvduX}XZAMFk7^6}>$k-;RP`SDqK!S z`dk=Bk0lj6-Lh7xbgjvc4VO8hqO2VHxcSsfa%NfPLb;gZEoUp7tr)2A}EsC3&6s(O0-u2nH%!wVE0iaHw$6xmKw z0lW*-TT5+tfxbo7Q5?(& zR=X%N62IZ*m_I(|B1(m7YC7H)n#Rw?@n|qV@SEwixcJKMijDZqb)i&Gn$@}XK;PRf z0*;rg!xOeqO|cn$eL-<~FT`f^JG-+#UB%_(VR2~Ykn_IXVq4CvOIfXP0-YN(RAO%) zZ}>6awEw|;UtYFhd(!5V`eNYXaM|S~>2to{+YKb7V>JBY#Kqi?po_8R`bh=s%>v7u z>}$grs3=;5cETibJOCznTw|~3N=Qd?r?;l*)W2eE9k5Abz0q~k9j0b~CjH?t|D&l% z%3YKTD@rakTsgH~R`j#S9JBwgr@7!=CFBSH-5IPBOm_r{#-qGsDN(1=dkGGHbPBAT z-Ojq=wq9*ed()TngdS^fhh&@r2TBHa#`?rP!^GioCq?J2{tcejHg$4Q1Z*ASiMPJz zy}p2#%gxeLWNnb9UcegTyj)i}w$QoM*}vc~LQ_?|dr!Bnxb5%4c2#rqtD!lMi|O6eoBPPa+h>d5UL|8t81Ra~X^g3M zAKJF7R)k+6OrUo3&(E`$VS*H|_H}LG_(_hmn3oE5nfGzWXzmOdd@EI5^35#ITAVkP z(xHLt$ECj-;DY0KO|;$P&b!E*6jYN8-ul8Id5PV;4?~Q@Xl15<(NAK?KGd1Cb9z{;cDmHFe%4WzNQ&ZX14 z3Mn5rXQ|n3(7A>m%UyOJw8RMcYe({!n{l#8xmGOJ&W^2@xSmh#Hubp~Okdk!*#5wz zKG(Z0*o!h12l+@wH2l)WkY=_)cScWzn>Mo+Cr^xR-xbTYE7lLz=X(7mupsDV%6VDJ zRVJE0Z^?Lhye@+H-i&A#^1%A5>y>!<6JLTa;SgLZcV97FvZnpiiu*`~UCk}$&-V#~ z{h5E*^SH1n3FR|}ss;!cX_bDPn3}knFNQ2l5km$qB|>$U?3t)_yGNPR26qI>+)$YS zB9ST;t}b&u*%y(=?FJkdBOEL`wjPWlf#i?5h&)JT;R=Rw$+8MmyExvV+g* z)mvdNcX6FCP>814x#o`Lr`8-Yf1Cip!h-hRjWn$d8;<0g!T6<8l_+wkjm~a-D@eTMKy8nx19pskVhPXY%cK+kMyHY;P1WIys`RYk6z7yaLW%4sQu0Jnxes? zZMh?!>PoVkSf%6Q!AvpsN%~j;km|&KNd2SCNxAmGt-s9w1*_m#p+j8`7t0s-P693x zDKZkygInaJv=t2gxGyKM)C8HV`)sy1;kMCZb4}*1;^6Ln zR$h#)F9zUjZ8!zNrZ++->lmnv!^fIfhQS^U?1d$Aihn@GHh$X*F&PO*n1Z zhQS`=8xLbAwF^PlMBOVdVU_9#+;Xudq?V@xWWKD|uC`17$b3ps7amCYkgIbI-BYxViY@;h&{OWzB7a^#K*qnjVt3$8qu$FI zyac$i$)hj@>UiWCT7SFvOeVcLH50s>kRf~f-o4&}o$c@6RryX%t zOEP(GON3B~YlBh$&W!#SQ9j)DMdHncvcQ^xMORKRH(ko-@ur%53}Ulsn?+1-YWMeh zBa(8AuyCxrb1Bh$u)pWKM|)^h1FN8I7KRCg9qyy%$w+D4LOI!_+~oG7_KnQ$1ugi7 zRNlZ8Uda>CT_cQSxO!uFhw>K>TX1qBKQm1i#7!<0NkDrNC&DdJ=43=95$9sNvGefH zhgCnHK{Pa>>AJgUC!(P-_h%#DxqD&}66cEijfpYDqSVN_;JP~P>9G1-Ci{N-dQbUm zB|~L%6gL-1W8}Hp0a2t3Y^nq;Dy4C`#zegEne{YrhGME$>6$;_aPm+|MV_%S(*Ig) z+S_$`=mC!No|A}=`EZWWB{89$)v?jG71={NSuWb=K&@(MeBGl<;#hjWl6EaFB5QFb zD6K3O^_r^N?xJ^K{k{?BEQ!SdVctHxcK)xfg!D&c?-vE?BPdKG)*pL2-BqOKWyxNQDX6 zBiqPhgDvYvSeV#E*DJSj&pHx_TVioCUotbh@mJ3yKg2i{b@JSR4ea63MG)YT()Iv< zWepoL20*4WkKp3li9FMbDr1Ko;F;rG7UgHpR`jdc%C|phOtJH#@5L3VVh{s5fbBbm z(JjyrM0e#3^4F>Ms}FDb#S?wa(s{K#N&jbMB)Ig-{dhBO2>wU-C|&gR2$HDBR2zz> zziRkcVI*Y62+WOuS&e1CR^T@BOK!3n398&FSd=72B zZ*h2INmwq9GDd*7i8pvVAX@z=Y>=QILFc?^jSK@#@xs|1L31t14VNY_ZA`^HHql5j zM8_j9#v~GLmPD2#;PLAATrC9`+t82Y6{~aoale;w85@@Ij9CqQ0&(yOSgw&&$v?z6 ziRTkVk^MJMg`H5WJZf-#f*XPE$GEVJJY*Rq*@H#NtN{(I!evv!+{k9o5B{;(K>qf^ zk8vBeB^1tlSkYbj#1|f5%zk)7zzjk#H5SwEa;HB#g1!SxFW~O*fF2-b+zHh)7ym*H zE9Ef-Ex3vFgW(8usL=vcD&*P@DTW{UZj;tdgg#PZCy4V$XwZ>=*;Cs8W={{7n}P%9 zlIN#(3Ii2?1_(+>sbd2|P(WJ|0`#W~LJwdGTD%s>MqZI-XGIIR<#Lz*@Gl|X5jOrl z>X4X(HD;Ad2-}fh4B})d{PsE|+wEW<=h+qHP(~dMjFi|fhztDUdbX!6%5qr4^Wl4! zNi2k$)O$AdNZ~~0&Jq0;Fwvs|%?C)_wzm4ob@ygkgxQh;A=9Yw1lfZqH%er;wQtk8 zFL&gX?r2C0-^EC@|20JTt`n-{xZXw_nd+2UZhzzEv499tHkbAH*$&^LEa%NZ{SJ>o zbP(Zk1%B#m@SrkC@+6({KnlXmL!{OI=Iz$Xr4DUs?-fAtQl=tzyaQjO-R4CA>a z4mN&)*Q~0%l|$SJu|wa-p`Dr;kBW8{S{c_JO^$J@$x7k|p#e6+{9`2I_gwt>7->kD zd1;#Y$8sGO=t$S|0{xMj9kIY*bLYMMTh@DV-(`MS<0J#`lo)~s<_qbiBCxJ)>kq_# zp_ii7So_l)1y#+-!mVq+5L~TV*~Afq=u&27z0-p4Fub`L7-_aW^@-&{>kGUw|B4^Q zo1F!FUSYzfYTrf)3E*pdm`AXJXbdDxe#zcBtPW+p#)vTRl-`1;bUKG7i3SH`FTuq7 z8A#8c6jg^7rJld&BeFHXbE;X$wtjrGvs;J_+)u%m4$`-f8;Qo+pVHpb)YusoR&jV6 zEGsB1yz10lgBRmu`AwIY8d(wzEa_iHR#XwQLs_vd!4?$X2=4EWLFKMEqOQ~D&QSe% zMesfr3RKm+c8t8BCgEoAXqE0{?RDcAKV{*mRfjG{U+dU@Ok`VMD=H;LmXepgiEJEg;SE0^B@eqf34gGllh#Mglz zJQx>4o(lh?#kokd`6Ky&Ykhv0s+Kv7kTk~D*?IqUh-KU8#nCBkt7h!@t6a$bIPo;x z#z@CP-PQ&Zud7;A?G}EosR*R2HS$m>9>;->{Wo|H7!Rk%>3^;3GHYCUih~CWR9U?N z_`vt?yFo_`=aulBko#}WiyL(?>pT2BZ?=H**iK?>Ijw%vS>KAy-T7?GhJeD=f#5N| z7QqXV&;1Tjjqpt2W}9-&#Z=1ZuV>@?whXkb#dll14*K6E@c@8f-nt04*_LqYmw^<$ z3Aagi^A$S?SSbkDHwD_t(|F*Dk79Hq7LXn?!=} znkO6`t^EVSU$@0YD6ieg{OvVdsTry{xu}(_kOoNjJ=zzqAzt>!!($Jt1Z1xs9$YP} zk+n9EfoFzzLeF2VRIXSN9mrpPQ8Qe&R`093A9e1DjE*s)Okbo&hRe4?$BeZr=yH}M zu6)g_SPO8NRnMTT?wEx86g9*wJ#shV9?q+u-+t-2`*sTL^E31qsAr_WE}VTZc^?31 zNJJfJ{~Itnp*=EdFL-u%_uFUx=gG3+=PTA%*dCEr85~SB7rJ$B*KF*Mg^<>sjvzT9 zqNeS~kLHV1_mXEAa92@7#%sF~Day@AK@ zR_5)>ElxJoF(rgAr#x)q{|j}%+&;5eWnlK4qGX*jKbn(q)IXC~BtXc@tlyL?aTn|1Lu4Pcw zLg<2=qbY`u#r0d_RLzSOeYJehkL!AITjpmJ98yrSJE`b$2iGq}m6ya=Q>4f-YeJ08h;xKj z%9T`FAWb133|amLV!W`OzpHQ5?4`zdrwiCs?;mx+eXyKxbBU0FiZJtW^Y^2Mdym#U zCB{4?Df>Hm%ppE$IeKMf>=hl}SjSkv`A5v;h){_hfDWvh>miSBztXJ4qt{G<^R0QFXB3b!Rn*?inEA|srz|yKHGL@ zp{LA1Zf23TJnu! zE}aTG%i}k%aO>UjlZigBtB`!7t(0cVr5OT4GnSGy&uh=0UeTA!WC&0s{2~QP9LfIG1HJ7KsZw3~fG0;$e+FVd zkp=U9GW~Wnlj+A@AW1pJzwxhE8gwbfPtH5iwG4-W9HkXX0GE&X;i2PJj3f+dT^dU_fg1e=g-cnL2s0 zq0KxtZj&L(Q<+XzT}$nBO$Lg`M&33HPlOe2rj5aY_D-n1dxYaBuM^~nb?~jp-1}fl z*^QKHyC=C%Vj%s#SYH~oq3n-ZH(L>FG)6BL-LFV4|JQEE(As{13QSI zANueMP6j|5!Ri93i2&--1*TXa3w-#a!M%v?V$QH;nbt0BdS&iYcbWCH#qln7=#CW` z#GZu<%M|cm`)vYm(ZyvjDHdbi{ z=Qni7frM2=slyx7TM&bt95d>eL0q<uVQXn@DH9C1oJn6-;nc3V>oP-q z-jUWbXFnjvTRKuiTFW53T#~&R7C#oVL+OoZ(PyQU`yYdX&H3TD8DQ0Yi31+Ljynq2 zKHpLDm?P*uSalbDCkekSu!$NR10G}*?~?zaE@9lZx5gA$!Hg-(VW<8M?!3|v)l^=_ z#Et!>67p9t)(or981enm2(&Pkl1Mh+ev5KBRf*lA|CHcLmBeRfZA|Q3(z6NoKlTr8 zPr`&H0p70*gC%3ZZtKcRZvtIXmh826+NQ`V3XCO!7G81EIec7UHQb$w$eSIlC><-% z-Qp?l++3VoOzbZ(YiA53jk1>=*zBE6K-eB;F+gI~x8Iihi;}2INP2QBY$g-vri-=t z#2)xFUt@#Q4-Z~+z;bwIv#nskR7zuMH)k|0INZ?SoX)sajr zo00fCkh4utI8_^1d$8ACLZ+^DNIcuBUFP%%QEPEaYWar_b06+pZwcG}=t@Ct4U52N^;GN`(r8;}Qx@i^-?yR< z+X&BL`1OJAqHCbQoel4ae{ZAaqQy?V;!?=s0M&}VOkhFj_NTLv{Ca|)d%Q#wu_QXP zsKs0m#BP!y;ADQc`bOUpxRWRl0W2vG#4|!j%`G4TmqTQIFNo?qg=Jo>;<05!Se1AL z=3&w}o@DdelUZ10nqM#p)oGD~m(~�b4%>5w5Li6}) z6?*?bdB^_-vY>SL?aS(N@u#WfwSlW_PY%`ZKvp+Sgh3rS3DG93LqR>2?s!#eE2@1= zHJLf1$aCU1sMIq7sF*L@_@(j$@7@Ba_^9U5|5{^cY8{KJ|_EJZmfFj_<*w@|1E1N1mJ}Mqsmc&%~oA){g`9W9!?St?b zn&-JEey%5u9XR@@glp75I5og>jpGoxF2J70Wld1XPh2Xg>|Wfw9_$FG0Tyf}Zk9#ux+c|a9XeL;yy z*|0i!W^~uAKF`6(8wvLox2~HrZyqGx;{4}=A*k3^g#+R7Pe^#2l@4_|3`{H5ZEp)? zXF9nkdlBHHoBko$_KW2iXvk0UY3&VgjQJ6g`g802D^Z>chs($Q^EBW*eQ4u^S?+RI z{YK480q*?SyhQ{zmyo1{YrqXS74#DJJFl8}eX8H8q5}a$ipGX6Sll$EyJmW*ziNtp zMoGd5Y51o{r#F4c%>x;@O=oAU#-V89wX*gXq>STmFL9MXyHE_0kACj#2$~G+q;Z(d z?cXQ3dLd4B?r0r7Cd~sNkCxkfElg$A;t;3JIM_K*+_qIgJ_)StssCbaE59Kj&3kYV z|2CwFw#22?jI7v9cX}|DA!I5E5i}zW*QM{4HP3x(_@4X=wLC9?qIrJc`{#JJiREM0 zne+sH?Oe1Bv*Y<%eL<(J^ho217C|Jpc}x%W#i5=0*kb1WRYI!smPAQNfkrlF$Mx!Z zuSY*W2t9-2@G<`}Umlc$N?aUq<|nhyc`XTk!1DO51mqmpZ=lUIBLkyEn1+@WNb#?b zDf|X^Y(HgDO&%@2oqzse{6d^?)Ai1<-{-fC_l~e3_BzwqfXa$J`-=10JKgG@9ICQ8 zr5ilMrz=){m8Uq1?}IqXYhkR(J6bbX{kn)vBtv$1!=ikcQF0A0814ihg+Q&nk%y)j zm-*{^wG%J&*Tm5s)nbL?U4%fAHIFB$5=3R*BN^ zPUt~(?=8A{+gD6g5DR>vY#rR4ARiq!h*Fv1!bU~!SIsB{VTr&QiGOTH4va23BOC1l?d@(l_pPN$YL^5mC$QQex*-H5Nvq|p7W?_AkNKoPM z!=~xtgy-qTcYduA{TTNh;cU2lDy7EA+t^Y;C86TSKPd3BY7aSLm6uz=kr&tqPpt;o zBIaOw`|E=sV~5qhJoOb9fXfp|$dzSkpHU=3KQQ2Z2m=z#U;FYLw{zcHZdE7Oo?~Do zvwVmM!OvBky#e><{o3?59zfCpu=}5|i@PWvR>$*+#>jVGY(L!0H&nkI95nkD{Dbp0+uYU7&Y_e_gNeo4~LI-x%>JIqH+9yW}S73A>$XpH4@H{ zIAj+-*qrvJ!dClf4h?deDlbA*p}XerIO4QG3m;GP8~t9EI4Rtp(Dl*Z82~>C(P&;o zOyx!{x~&e6U5wpqzl*icZzZBN*9O>TcD-MtZIIr{cZqw$%ai-HZAV0GB`J|^@3 zd3JE$4^T7h&$oIbfBgg0>)1X}tc zgF~6U4Vbm$y&bTA(`M?gTB4d$Ul3+@c;A;^f&rE4C4ex=&)Wyrw+eB6Cx{)a#*#K` z(hF*jiu@ne-aDS^|Nk3*6Co8+gfb!&QZmXs-j$4uB4j5GJ6YLIONgY5$V%BGd#}jI zb~q=ykadiVV~^kCsotN@_qwjn_50^@{nhE*oO7PzG4GH2@gC z*_Uz4Yc5L9zVyEH$1OJ2(aDm5Y zl6JmrCrE|G`*Fvr396mC_&28|77*?lQln1IYyJE>!0x`V2}|vi@?2Sm(Md1DNp~c+ zAy^K+85>Lu7Wn@MdaWF%#HS4&Fy317$ePSj9o{oq7(e<&CC0--(CFM{sI zCaOw%L>SIR5u8Neu0PUMc^`3O3~X~CzBPnE5ovig18`%&1fnfqlqj`j7j^sYH+}^Q z-S!jh(|?MiwQu>3ipAOet`F{t9oO8!sJ6a@tV!lV1*p+2Cr&F=lJsq zDBE7C+aYxATpY%Y%rS}^(Xh~NFtLhYc#hq^Ah`2C`0gRTk*e@8T0;O%)2tAlaj$c%6^f=PTaQ1j0Rf!*~OZT&y8yBrw)MM&^(x4Ycz zFHyQtYEUcA|7RKAm2u>gl9&HQ>ID7jOuY2SoLp4tc(yJfYA^+kVso;Jzn!ESLV=KMZ(RPH@`3|{|7_aFQC-@KNX z|H*6l=i@Wr)`~gE@alhrjXxADpYAICzJLCJA1vQab<&UP*GjE*mes1^s|{J(r9}nY zqwcc_hq%vOMd!i?GN$(F8FHfNlZ(i6$i`VAr@{`7c0U7oKg7rPp8)3nwsLE8{VZD} zhGPD}!~4z8R@O5&I5U6Hu`G`n&8I!A9iqJOwvmS-n?4+{aHi_RkN?8%p-v*6460!j zlsD9Q%%eY42v%=6AqNN@ln`$+iJti^c@g6=>CM@81O6F@^$3I8Gs>=QzJ`ekhjbx@ zS7S_a&NrZUXbmoWEcS;8kGLUTX3Shj1ny!Wotv-qD+gO?$=Ko*^j+v(UU>LiXgFZ>)kp;Xw_YHYMw? z;?fr1pACG;YBnLvfz~v?Ci)c$osBh zJoIYQe9r?6Ai1A<5n`St@oY*|K<@Mn49td5tTE!e9i3)uhT{+;s1Xv}EWU!;KD3SY zT$6AgqlwXLbRnm1lY1&-WJWYN+w@~INE)^*`bf$!+91Ns${ptb95sX#bLO%)X&EXP zv0*{8jGXtMV_b*1SIbtJdC6}xtSrh6GNiH(ioUu3QeRZqXgk~9ME#9@E$hh8;zBbF@jsTHCv=Yp|Kg*OmguH7EfXJCvZ4b7LubMlb5Vcgv}nkg7J_H4@;+^|Gl@QN3gd& zH*%jzgIQKjh0V!?3RMW;Ws36J)4n65p(rO|tjeb800djg;i6m|ys_*LH0bXM!#`%| zt}0I>&xXW{6MhU>pLYp8*@*Q?d+8Q^5*8#5IvAE~0YkjiyEL6;J8Pu6$0BI^q|jV` z$jggU936hVmkb<6=PpDviBe=UgiGI6ZVHzzv$Kf-PAxnx9pDm8)@E8!q59fy{1gh{ zUf3LWH^qc_7oQSP8rHfF0@~H2#|%kWl6qE-t(gsP>@f?syPU1 zU4o1SNII7xG_Ki|%_eU964`jS&S1_Y| z>QT6ao9j_JTFXD`1v(`ITO!rxT!%Qpq!aY(C>*0Y5VRqrOAS^c)~i5BS85iZ68kr~ zdBG^OY1CvGmYDVzJKB9ck*Ia=Y3L4!kWNk~{R%b503{BVH?CCN2DQ*t>f^LcADyAd3|iBMInI_;IlI> z^JYK>3_HcZFs_d=BuIqpLzl+_ySjbNoQvY*iCEcmGd&?cxC}$c7WRW=tbvDKiZ^3} zb!e$zqE;MaWBRhWcXS8>&a*KVdZ&$Xk1US<@<>yV>7)u)ML!Qnyv83SoeG>+_Wc4X(kiwkaB1AZj_j@Mdmg!6qb*TvXYaPWfWJdZ0}gDFo*!j7H4ThF()=GN?qNUgH3$ACUI=nAaS(Dm zRrWEVKBx^E@~x8^WxYi-NsM$KW!iF0E&;dd{GBV2tUAV?@<-0xRj}FGeJa}9HR<7b z1_pF_Od51Qf9JcM`rvy=EfrmioIz3Gdz?ZQQW79k>uO59&QO1avuO2|lhpw91jXO1 z%7vC5!TKxT&~@-9U>@u;TS!pNf)?Fy30tG4Xc?&l^%!Mt_$>T!Xa$jqV-GD>AQI%u2Q+ z{T!=%RCG4gg?DLP*IPf4RJA~pefRXl z01Yj|)*JP>FIL!bV z#>K@cAlgKO5tVifKtD7DKpvt|G4T6=>hiy(M|8($0)XaCm6;P;bn`bdfC}Dx#=}b4 zz+;sXNGi*}j;vWt#>Ksk3<8mQ3RuFS-=%KMZ3HBAcj`gE#RVXF9u+B^Q04>Wow&wp zLSB97{w}k^fjfXzV6Ia1{dEF`nw(Oggdk9m>!S?9aVLZ5Q~~3d>8>vXE4coC$R~XK)z2KtunbD$NqpG99S&uG0t_gKLzbv5QJdAN{=)s zGm1MVS@O$$QS@|Gew{I?(3_3(kou>eDF1v6ulMgG?_$&-To+E%hSoZ)CoF4|zxx?b zd8w1sFURfl4!tk}f4g?%xi_XALZeHqK`S6Nkg-W-6%a?QrH0oaAOcds0o&q@4M-ui zXOCK6l?3asa}r?Mj>WQnebNq4J8<9t>&}PY{Er5Y;r=cjMg_!jjddWm@qPn=6>l2^ zZ-m$NyWzu0A3*wo&GY!lL+CYPw2uWaA#02U8-}X4m}zkSc`8Me2!lfS>?}qxf=RFh z%(1JLCgMEoD1WlKyw}6yJ<2j#@6BjJ;7VB_CJ?C+-2v{8@P4P%r$X^gHUrRhYuov| z5U*{=oxPU)GGG{b$q;1 z3GD79qU(WflplmZ>G!%wI@6`t1F$0H5ADa0;(r1QY9b;j`8tP zYFN!}KrT=*>;%faLHtafQx53KXaVH|VPEIr+#b}3iNaw~KY@gZ0&eL4Oo+^mec!Ff z`(igT(i2Dz48KxbiA{uy~<8K+-l6?z2Uy$h@h6>rWiY!8@l z%diKu0K8)^0NS^L{p7fwQMfgFXs*6E;LPp$4-auanQPv2-=UKYlG(!tPS!w~0ts>) z9w)XQs03|-$4%Qwc)g^WCD<5&W0<#hT;_9BTW`> zrCUK=5nwooLQyqFLkNs>-n_XOY;+tdC_R~Prl~u1z~2n^>BCb#NK9a|g}3$LQF-X( zUJ|TdG{DK7Q^q}-yUBDAcjf5*&zf`kO5q({Y|lZ zPaz;n(hw1PieZOK9f`BJ0-rf(49grEQ+z_P8;T?QPTp~YH?=N+$OTC2QDRSmT}utW zZiy_5EiBWPTc17&Mf@n~fY4fp%yDStYz0so3O!d10}?1-^Q!tul+8anrw6Nh%w(cY z(jW`wq<}Adfq~VLJ7_|L6{~<&cQsom1Xc$GRQsP|4=K^=Fb9ONU{+yu$(B}VbvkHu zqY7pewNS!j%Y3(quGR*wwrGLRmHaxSR@&!F@aT+N$brEERu@$%%AUBRx_%eE? zYf~aLK$;nRPPg@gqvjH`q3HJkaXxtH7F+@TeJ!_!44iw7yI|<&PB`k=~shn$irMC^CE{uE?=qfBmYa<5-%mNz1c$eDHYu zrQB-rpLNOIuhA^?;z#~m|`CfW> zzQVAKR3*3ZxN!Wv|Fbo^V`bu!FVv~DZ|xV$<88zMoI^IGd12~X9v`?XLRA7Ka-@QI zz&gKkz4*W`dC*0=HOWy$Gw~T^dTZ_RUJqh^FP-PTtBGf%WbDJNVwN4VMv7{dy}mmS z^(>e3!Bci6pTyf2YVzb)th-ehuP7Xdik9R5`)HrQt*GdI(|IwoW85GEbzMm)Vz>`9 zko-Vonf^nH#85xHTk*g*xXmHl_QvM7A~$uyxz~3n!FzphsY%BoWgEk%$loMU4Ivn%a*GeK!MCDuOPb~9ZDK^Zu?OBOCUyBdRkPL`S zbLrkEagn$*q1P*hfpn&GyQ9hYAUJ=&U>ZC6dNqvUa_;ReV)0a9#MEUAkH3;M19V8w zD820a2bbJG@p{A-7KKi0+ZW`hZX16niqkV4*!ZqgLUmhIuzu?s$Is`J#lK5Ez-z|M z6B470mTb$|duGL|O1Hi^q;BJUieDGC%FUL>iG^7kT9)W#MES6u$&9ZltUjm_vtP5< zfa2>3fHA$I!ZTtCn-e#W#wi^cEEx{GFe8=d*u@Xwt7X4M(@mvFJ^=vdw1cT?l^`V2 zFFyu-k8yK@I>t_(g0c^6@?Reok{~0s;c|yP6w>t{>|SL_zA10x<6^uk3}}J&)^FKM z*d%PGT#O5a_p){Ujgisv7uDwh&#wRhQ}0eo8`ck%s|4dhUl)OEefyd<2$M%KUrZLv z-@jVfv+`MDc811j=|o*kYP7vV>-79UY?E;QN4f!CVJVM!O|JuT9zPHHxIeNsCD?d0 zRI_c*lQKD++TBZqPm|W~KPd50=-9~j&*?3kW*1kgRXh?Xv-GX@(`?C785%%P8v}XR zx^eJaBMLWm8ooBcj7R6ExEd0+ub$}>qDs!09QYKgiOb=+HQ|pL}eU$ul?P z<(3nD>}s4+DSggt^N(rVLRsE0wnhwe8M1A;JIK{7fOOa;eHgkf zsK<}mwWh?xyi%fQZ~~^veQ&zcW^dV;cp9h1cE#@g{>gkF01IM@*~bw$@&th+T;<6$ z^hs|Z=K0uRe&#&z1%q~_aM5TfakjE?`f7H3;xspCBMO-728o_J{8L9xI6u#AC7&eU zu~_kXrf5QE-ZznB^_P$7M90T~3gt27iouQKl!n2N5*G(HGn{KVJbzuVBc>N9l&CAH zF58y7ED*dlD@>=09eqka3`*banJDN@RCcg1YZH*$lz!JYUDa#0;Us*|k*%PAxg(OL zVi8|Z8?)6N^QB9tY|dntkD74DNA?NU5|`x%zdXoq(}N2_O@!Dg$V$}Rt`}vfSbqE< zYqhCt`PGST$ssjsU`b#*`AlcYz$RO}K|y|t z^vm9LW;fat{@_$kEYu%Ua=zDJ?pR_J^A+EEL8HuQ%hGwTGg|@4&3q>C{MvYJc8|wr z10t=PdDI42a)~ALO|S5(7R7w_f7S0z=)uJo5phO@UlA{#dPW2|m5kzTHzNYu4Q7w$ z>0fKznwj0)x~Uowk-00{ZKh~0(Aev4opprekVCX*MmKNoQp)Ss)}7BEzmu`jcY^Qg zKFjY(zKVDfhI|R_%l2Ny{bHqRB+Z_ClY^Tj5?^{VSMwAzuNppRIPTNGY$L0TBi>8T z(@*4fDP5j;y<697qe1;riRI&F!Wur)crZySa#o!$E4L)0H)G(+sA5Hm>(T6}OPP72 zUUx*QPebsv%0Jsz#uqAN%plj1%gOQmox*iGnSH&pXD!TgK3EQ}M;8tUO0mj?No_V+ zIUh|}9dpb!wl8ZZ-nA`oYh^4ug`XZXCCaq&v@E*htFced%;rVL=haS%8oBnTcBN@f zi`9E{;YlB}`0U}~z7>qkMK_IRGLG4C0LTC^NkPSWR9>eLIZ(g8Td|{g9cNt5jko^R zBQ`XFOQ2Gf`6zU~>;oGqO^-W8*159$`7)sdzeFLa(O`6Ekq`{7m8S5Fx{5 zy-I;Cwy;bFtTQvs^v)3d&ng=$jsIi}5a=F;7e(I5uCtSfXw{ zzWg*Z_f*8$yK3)>9VWOOwM#~KZMuI}TEko{7*&7V`87&5_%6HH%rT-FI9d;TC5jI5yOl)dgj@vR>9cqNMHFdVQ5UaQTX9 zg$Se^jp1Tv7!PMap3&!MdcdP%Igu(kri17=ZKNOt@uZYdyoD!OrVj3rZ(ri9gK8#e zz`lg&Ix#4g$-P?g(qrT0khAQst?={qcjC1T%UnrS5!opOuHLTIW~Qjgi67A)n?l39 zCC>AWYeN0|J%{yCsf7){WXOtt^BDxqcsH(wVg}R?2zw0ZK8YCI^i-rJwXpKk`^e+8CnFRes_ky_%e`yJKorPuFGh z0JphI%53inoY#D9|K)sl2{-VO^2L8y^k+Dh z8d-636Wd@#6Hqg4Hujh*kj*pRzw@39i^{D`sqf)<2Lw`5~g48~ed1geyYT=|) z^J0M)QG(8#x+giGnCLmJHRimwj*rMU+?Ao0ccX-=R_g8I!Zt^lbl3BENzJzsKv*_M zgk?y{9ZidfH9Tvcv+8u$>k!%w4 z#OgG{h(S@&x0CQUS}Y_1Us#Y4cbe{Ib4}uZ{|^_SF*Nfz6}#bJxFYV6dl{c(vFo@- zm1p!-%jL7;EFb&DLP}Yg92(sgR0gAFO7b$|Vq*NuU|NY>W_S&um5SzguVb;!H%X%k z0JRk?QrOD?YK~$dI} zHkQ0R)JuPLsL-uyW#Nk=N@)28iTJ`;$KDHm`H&gZRyS-)YX#q~epHjQI;zl98N14O zM>Eo9-;w!qqc4RbuD3O`gBNd-AG%s!$r7{Vg%}b^0l}T!!_?TovSI6Uc zXTEDAIX5bBd=V!YJS#!C5yjpyt|dS>pRLQPLVT<`ElVk3eJ^ANr+2~G!lG-9{sD0< zlF+|VwkSU_-CMxXp^+M8TtTOkmm%RXp3qfDs?blTTIDHrZ!uAbdJehjG1sNz7*6%y z{@F9*$47xFt&&`EF2(#=tzHt?1DwCnH2Yy29bCTK_k8_$Zzt6l@b|iM&AU6FyF^>R zFcgK)wu>BNC;tLPozN1sDTmFh{=8f@vD+nU$(reeiJvuUm!0g-c8%6j-snrTP3P-1 z9GhA^W=hPfA6+3j92L3Y91)Kv_I#1j_vN<)8O6W%c?oWFps+mIyo$}p)98qEXXyr? zcs1aIaZ6_X(N~GujJbFQ7cs$=@0zXUVwdIGiKbW+?>rN79 zJJ`5qJqc37baE?k_cqPG%d?*C96xw7`4AHXb)OsZa(e)roYW*77f`hf8)@a({&x9R z)gwwOGTxp~u_Wv>yqDHvS;dI*cOf$bNJa|OS&3uv@jNY~-*8lRJzdYr*!3o~@A54; zSUPm2hT1L%8>QMMs4FHx}`R`6yP8O!2Q=JB_`*UCs#7`DA z#Zg?TWk!GmE?7DOV`4`@j*M(A^0P91D4y_G&1LaoTAt9)EXs3ZNhe7fW`>ndLhMy! zWb2W^<-hRaj31Dw(jw>IZC|JjD6O;N#d$D2||(8Ha%wDTHK4OB31bjM|LMCZ_>lYM|swE_V<+2Ht z_(tQH^8X1P_KHm~Zt@g)5(#QzS|w|8-Quej84@_j)YY3)HiV;8))8IJ$^qX7U8=Ra zP=$i~rM5g6B1h9zVhuPb=M-#DzcBj;JaKHrDt#flSUsjQ+MK&B)033i-t#ck(R$Os zGJV0Zeo=DtYlwi9=e@t>R`XTQL$F@mh>I>;2PTd4m(5fdg*H|@ce$Cv=&w7ICt}$r zl^lK@-&!=fkvP`8R`&8+27Y|`?k`T^)Pj<&HyQal)nA?DnE61haCw>do_p_wSC%ci zBUa^EnQ|?eLIMe?H#`=c(niy^tNP`v7*@UoNZuE43%z4|98c5f-83{ZcS251cE`xz_mhObT=l& z(5{$UAv_~rSTWD-yk(HOq{{F{|KR#&HM@mk?bcVF3Vf_*gTHa-+)bjI@I#WDV0R#f z1(g|4uf$H@1J0<-BGjx=p6%+PtPIO7vu}94Yyw{=Z;WCu@n_n|mnFP<=CqR*uUO~O zbT6_%K2~_JHx&uf>_O%_!p^QM1^tgtDW$u2C_!eqnt|JeDciceq}k|fIn+Uj43L)R=QgK6l)58XU!iJEXX4KcbvMImOIhXOE_^!Os8h=H zTC%ZJ*Nt?NS3%fkz06jp6yM%1&HhnaXQAvo1zVj)G23{BrqRAzZ`z?4aye!f13iE7 z??AhNd0T%c+;OzfZA)#(Bw7ZiI~r*(PvGnZAs;>wDqKM!J}xo=%2QS@Erf zwmBo8)US^9p7xrH_K_>DkZ8KG-7dQHn{#0|n8L?eUA}dDtd{1orC!j-xr?>e=w#Bv zHms({Sn|{esy&8O7RzU|HLD*PEjI=$QlZ%5u6`!ns?w-Me*vy9s@9^vTvPCdgy3P@ z9owX~EZ19BDA&GwZ~At*)X%v7zG^@FHn-vCI@d(Y_nSxJ8P6|wOZ+V}!oL&mNP|#C zBA^6j;{jX|m2I6q49rp!X^SN;4Q_0yt+)G+NawmJy0qyNYbj&z81BYAxB@UzpGm23 zzGLx9??jy6$n5q{qOsh_?KQI(92?)M>?S^jiHCk`t)?t9O0hLmFCdB46?<;3Day(S zt*-q+*R3~-aQ>Rj=O>^mCsEx>HS*BL4)`kk(vekS)9eR+TB@JIe2b^wA*OR~$p4h| zxkUe2mo1gEPX9|;w;vaJJ%gwwL+X6EE>^)*$L?lTcZYmpEs_{T=e5FZ*IKq*8+=@4 z{|q7BNrf24Y~(t@Mc3!KNi=?WSB7}QN9?%bBCaPb@73QW&$Kr2U!&N^t#yP8+&Fpi z!sWcSs(SKujz+O7MUARi1<%SXylu5wrz?!nlTBaUUU?nkH>#Jf8Pzwj&CnrzoVX64 zwd-lð`oa1Ef+h3X4@)gSlqN&e(7$q9Xx4fXun$IXvGkrV1Np#`$m={|aL)46%t zQ(A7hMpV;U#{2Xt#0j693F{r|eZ(bi2g~Mg(LUu#q7R4XxsFX-Pdt)JiSX1&MMgvNDT$JpdwK)5Ktu%jjF5&Q~#8i`&cDBEWE?8RH(B0p z6cNr^Oy^HKr6=bVnU$;?ZEo#l&AlmKqW8ftZ6`h4t6#B?wx^%Y#yRso*vOa5<&zL& z9UwT7ZkD*UGa9NBE4I`)s6z~N`cTxvks|s6IoxRWmjK2&t8ti_k=p)gnUn`{mP!hr zhH`wHQRQmqEBV+GfJG4tt9Z|d%Pt;stswA?q!6H60Y7=o5~TPevm-!=)m(IcL+JI& z3b%3WnxxJ`gx3#dPuT$nQr9c@9&0&?i#>)`w(OaCRhSO?ABMAA0TY7h)FMX78t{mpd5i_=V6DS<{90h6hbT(Fxs44$((gj@7?vO$WzJki&=GUZ80E2 zL;3~%13J}@%qsA%;;SW$YUj8RCg|jTLoQt)l9=KoreB~}bbiUK1;3lRVbC!pEYet4 zWw~trtH6FY>U_tNJ8h%PT^&Wiwd4~zL#xFxt8X6;vkkV1(}BxQcYK(mQ$ou3kJs<- znf@{7M7Q_&_MKq$Cn{Spyql9+mdvwLe8(K4Zb7E>9^nxBG5PG8>7*O;n|RB+6XH=3 zIv;N>X%Zb$j9;J8BNl$Rqh#cyY~-qJ#6(Q2(phlqa#&wzkttv>)uYQxecB;88#b_p zU%|<(=R77HST71pQV^Vct84&`Kk5t6_=B~8Jh4%qZ@;V88m;ll-y6-2UTmA4>JutY zGPj=^KbHe*Lw79CDAjT~Gp@gEd6ZYPdELw|M)qiY|B*7;&7xIL=WA?yt<*gGih2yU zQ$db7wto4{_0M`jU#;-=yosKq47W!5*_bXKsLHe-p>kWE_D99gGN>T0JPnIxos}yk}EdEt5m6LUADdt*fg{63#JoPE_#T za!#4!hNsslaf0xKSnA>~-;DCf03UaLjS^k`*+E`HcCcId4#Hq%6Wv9-l}=!A>pJ^b zTu{+KpMaZ@G}0z2z3g-nGn+3{t84lVfDq>fCs@=u=HG17og`^&)!so7W)zAF#-{Xv z(RBlcz}-nUPdka2M_xI)LhIuEdCoRbOXG zu_Bi(%d=u(v^@m=JNa*>bnG8qId+SpgL%noG%xe~2(C4_jLPLzT1EF-@7HRM&GX$U zW!}XtujJ7LMPQvbzbK5L+-+VdIi+_sU|d%y6{7sKw~P{qz|ZJ&S7!3|B()nHKLn=)?URd)fM$*rBwoUg?-K^z-6HL_i4! znp^7sr85%{cPKC_MI1z9WD_X+%VB04OzE6@ch0ry9mAgRVrue<$5l##|71Fss8#k- zoD_nX_an~IP7EpyU7~ZLGM_N>G>4mG4tGdnO4R2LKYV026XZFhC>PTv)pBA=`zk17dAi4%SG87*ygO$;#}L0Sr8XzkXSaI!Gs?%2-N5An3*h4y z#>jv;3d#tC{lCoj!!qm{vD-C5J6I|;<8ETzdcAD&{N0-F#3ML+DYnkboU0=*ZcFst zzhA|%Q7w0FO4F7YfAb^7JQSCC5X5`4qct#FxWM$zarRalUyz(Ycb z7k5VKkl%$Z&v45tw|WchZr$opIaS0n;5_XHMIV;xz10TC0m2Fqy!rXK1~(+_0l|ht zADPN-%Kx3JAUH>+jce;l6jLp|&3G89nCJe|Zjk8u6kAB6b&E+t;(FkfsB>#mGrbjZ zp+baQlf}2sHR$$5Q$jIYA_oWxko(ge66QOGC>0@SUfxG5J!npfKL|vFkL5*;Fz-cv zr@x5%AQU0%sl#sVbbE|z0u=($@MA9mhvdLYYG21hB*+dJ_+p7(cVHg+WOdGl`a(8_)dH-mMZwL1} zGyituh*|_w-zE%rA=~Uzi9Un|l^(9@;@?AR``&>6WODzk8}Klsfr>Tv;21P^Qfnyz zHhKMPLLQKRl!2%T<;Rk}sMVWG#gymt-%#09cy5dK@j?T(!7vmVfl-5PyffJcgD$X- zpr*Dbn)3$(w4JTx{%$+7fWlb1wwT7W7}Dsh8IgFmWiyLKS}c@5)sNBonW}WA0GoUSQB- zVk3j$4=GVm=r1LDa_kETuvs3nqORTJfI5ZnT>Z?WaRH=Y-)ox&(AMYFq~vN?%>PD9 z^baEdm+31|);6a6V-E3I>YdKzfi)>uqXRk!M1HL#2Wr$`7s3c@`gzSl9@eA?Yr6O= zK_~#$^ie4UL-Rrb*3@1Yi6~_8fN7X@vYeI!+QFZopA4#3uqJe@8VHJ#S+GHK-=WiB zH?W6}13m3`*Jn}!#Ps1VhE5B9x~pxs0=^q9zt2JAk^EWieR+S4?mARdFTf^bf#>1z zclS;+XYFw)y4q!RqjoPJsJcq>Q#-)8x=Mz>y)im)g-1A%tx5!EPHHN-t^*`so#_od zfTJk@?j#;zgI!*SFs-xcIT|#x3jT9}BqoVH3Ee}fL6u<1pb4$~McMZk zOL-9sqNY-yvUw2Y8G0C)VHmbEFoRQr3C!6}xt0W68@%wCHcXJjqP~)IV0Qre&)Vsg zz{EztdQ8Vi&mwhd{e19Zk2c;iM;%oO6BKl+JpNKmM(fXnkYV7I1~9hR!2UVg!oXOs zn`R?^uPb<@C7x{gX2h3UB{Ny2aHT0E>)3&!IW<&aWhwB8ft~)4fz<+6V8;WEDHY}= zzC(=1#D6m$fA^??ACSya?#>084E3Tg+~uH!mj1xQ#;=9MDv+zvUsJlS?-D3oe*P`< zCM?Yk?cNG>Fl&JuCZy~PxXS-M;0jo%3+7ivxB}lJSBWkJBagCI#bZwpwULV!C`xAc zaSVqaftjGLPe6_qIy@bJcX-}|=;SE%@4H^hjdm%pAb$*ZNY$Q=xTGnl5ApJ;$VjHr zrKhbgG+#<(AHjwRDw8xC4)CHng&7Z!ET}t9?;IAQ$n8f>jsJ;c@&A&RDcFj=52(6I z3`-(=rnx-6Ta)g#kcBilmkXeJfzrN6%WuQLaqHh5xqiIRsF3^OdEz~=QwL$@E| zxUfAtY;%l>A|TIuX?jE{p78_o>{xy>5=u@GtKVe1{iwNz6TSB@E!+*o_Wkc~>%&jN z*rq7m3~{bmz_P6f^?+kZRg(hI(bNQNPF4V;_LPU(0a!4aLZTLHB%P zg{%s+n-EjNGzE@n90D74UBvt-2*crjx@$VG!s*nd>7NB@ItC6%dQbVU=91wSD!llk zZ3($mMi?*zqg`Jqku;e6YLRTNf?@dC`1U!HcwR6Jp{NpyI*MBoFSP`I1MbmHd4_Dx z-Q<)A1+HvhfYGEds~+U*vcUz$!>>Tf!N?*~`*Vl##9gg!} z=-oSVu`wTsKAHtlTGW}#x!#xTlPw{J=9GN};Pd3~X&Ko0J#av!MT|hu`~n<7A#K@< zn$l27*|{ee56#B8(>DPAP!w)&#|vD5m|`Eyw1lsRKPb-7n4sTFMy?9PMIV^COaYLa z><-JUk`t_we6AI8jgz2wjZuwWYojuAkE!sYOmjG4xVzz+OFxa;p2zFZ1)L*G0M26N zb2uXIM-oUwEnp03Zv;<|2#hlXqP8eZiG*=S)sKStG*-~u;9WenH-}LbJRD@{AnNx2 zH>v$E*cd?Bky5W1lZwF^1Ib$!q$w9#&wyS1yNs!@Hv4N>A9qN zVT+3bU@)l%U{WFd;Vd9l*3g`mft8&+1uOI8`!)}6M|dwxv?Zx(U4uhYjyQLd@o*>{ zT6OTw$XvhU5Wi;4bFq@&fJU@z4N=s*|CJBM*ci85yb^l~0+?d69!Zdg`$^twoeU7C zqc%ZdE;PX%p6$}<+f`45q2+w#G2%iGw{F;t0zv5oU(RG4sz`t)`~)s^h@6i$s)-## zvR>cKzy|gKU8QDzjpQC!l>%a^A3p#Rb+O^VNmzgglBf$;E->&zc$LBFOOICdOc3-C zIQpnz4amEH+G0+C+#_xb1q=h?`!fvapb^OZ%0bdm6L{Q)K(v?kyN~AbgH99ACgTv5 z8&(1gZ=aLD8Qz$iDDm0pIKc*kGY*Ad^k^|?-~~Pju77JCY~==MU@+?VfVjs{=TF=N zL@vTUMC76dp_V=RFQHz`l`P6V0MnVFJ{c@_3cFo5P_~%dFbs$5{m_*nj9SYCL$K{Qtz}RCSSQuaF-TKmb{+W;@~KPOT60= z)nXvx^zLn&`GMVgl?u-rJhHZ`^B|n6hE3CR?*lgN*-`kl%BuG*?ImphR z;UFBl90g;sqkHjnU18>WZ5A>kaoQgZU{EtQmtrI?chXz}DRrbb-M7&6WB3cuI7TV0 zo~n1AI1>t2)(=9B_1p81>{|Qh8)!hLy!jLH8pin_wJj4-n4?ljhD81MtrnHpYX4o^^y)LaYwIDBcdI=*CB$IZwxFy36A z_-U{%*e~AS5jFu>M#mGn@|KCQ&(E#b!T<31~WGzeKE)3Xp+sk z1<|z8qcFXz<4hbG5dAS30)|S0=*bI)3_--=9lCoDeUN%D#vaX4H~=ph`QHoC*WbXX zHL-mAg*Kn;{Z6;zv)QLKuZLF78y3qYsCne)sM8Jsk45W+2NAdxCKf zw&vz!=0?nLkM!|h#B|*G6W^xDq)BT{uiZfIqUTVMPfv*b&aCX*W8Zh>r}Gz~1S*I2 zVRVblh@UHBq0g@M%3yC$W_yx7nD4gzGCouB)^XtNsl&SKb!Q$n$2f~Viv$V6nA`!2 z@Q$8*f~MYaqN_6yMe=^$1_ZxgOAy|_F+g7Ke~0846i%pow>Bnr3KrQdVCDgD)?WrW zugiN8uV$_HYgIqP&oZ;{(~Cwy2i19vxZgbkH$mlYF7l#=5+P)mm~Q7QA)Ws2(nD#c zsig-RrySNgL^C2B)I}TQ`%1=c$k(=ZrB_PihQpu>o9R}77eiUKr3gza%Cb1`=X*1A zs!?DUDMpGHEi5j>d-pD3GAu7OK%2-xF3uRH-z`)Jh2f>~E&)yrC$jTdQ-`vVw;ti< zE3d;1Be)D@?7qIR*fDuRY z31&8CANVDW`pc6cc?hz&J?)QCAiq)i7mJs@+mY=rF?AE|&LVnUCDn_21$`+C+y&M` z4Pzz>ccbw+SZX+A^8f0Po8m3>?$1otU$`w>wA0zK0Ty<{Dq!as01UDw#Dj2~Fub7^ zP45pz(=I0P_!ejeYn%9eu2XTgW&>#^5A2~GAPSF?<3rECIQBGm9|RH(^W-BVIfH)f{a(0^j@_B- zVQ23D)M+VRTKx9vTsCP~s9)~W(#u=FBIIl*^q9e=dRI=78+kX`jO-!5&KN{Y(LO_j z$Q&L&@!*Cz!p}Zr1br!0dG- z#T&wwV*7W@-q84_SKE9sljr1YymQ0#yM}U0^K?+>8np6wp}svfe$)szPdWwO^)IYF zSid0$dPQ|ihDv6F6GEo6;V!h_7=Y(zfF(0b?up!E};68Dqw-ZEvq@3a@gEjO>Wj%TiG%ysYG*f%QkE_<#041ai6 zN9C62smY2dl{4FGc(xFGN@e09iq(L=mXrOKI$6=_DFa${n z4QF$(w7g3p!fkOOz zJ4ziWz6l;D_l=_uJ+kRG;TN5irHOgj$o?4a9ySd zjaA0BfE{hw=!2JJQ8~{(msx$JBU-r0JYqu`EeyyouD^jR+`tP04 z#t1?izQ_MfXp=slgr6Vei)tqek4K? zg#%-gy;4{viXIoT2UB;Aedh|Cb5F08gb8kSEQMwq?OzSEdr(&qIoDIZAYRiJ<<;Bq z@DwBj|8I1fgH&Z)cCg~%j6}1w`&zBQaIGWrbq^JxbYpf4--b&_A;2>zXM7MxCgU3N z49Q<_o&kl>1%>$hC1)`MMZbsOkwr-v=oSJu#$VgHE=Gll_ZPU|+Uv2Ad8cg0uDT8~ z4=sNC!IC-6qI~Uoi$j>>@?IwPt$<^DNwa;;kLJj+ER^&`g zHsxYSJ?&9mEPT!zB{wqtqX%?1DrC;AJ7(;B9SicxnE%QvYbkjAN-mr8H?HXGYe}>z z6cNv;;15YxEunMapP27C0y5Kbf|Kt25v0rTtOB}kqdP68lRV#D^b#$4Eu~=nx$&dy zt+Qt2pY>Xe+I<2ySe2aCuQ!a-sF5)#k-_>{8MtrOzn;$es{bpAPb16>6<3 zn2c22D#0+g1Qv)fS>#!v*}aK!1lOdr51CeF>iWbG{@0fd@M~ez1m6sfz)JY9z{?lq zB8+m2odYYYZjdsS{_ra_-~1ACW8HxHBwh3MCK3{x3m`V}fldg#&E5lIb3@>kA&3pQ z<6MhFIRiEz`EAyA3k*r&|BKi-6|boD#<$0sYTpouh8XsU{`y1klC!NGBr4x_Obt%(%AsG< zj_lM;g7Dx5FtL>{$fryHI-j*EY-%-2*AseFccJTW>5{SNEXO~0Ag#T9+t_cFP~hp& zxT^%sgMgTe{KFl}f_^>fdPjt8fTn%lMgAb_0w7&CK&Y~{YyU*>?mH8AKX7vLC1_l7 zL%syk*qWlquGK*6)+ztX(cJ_d#Vq92#&FiN01V%Nz`~w19R)wLin83DLVGOA2T4ge zhWY660_#pQJQ}oECnN6{o1>TQhUUDw@>?J2mmgZt_RMzKZjbRi&pXiFHLtrMu@yO9 zF)|aH8AE(3S3X<5QtwC*vvr%CNF2^+^_WTHLPKV@e`Ib;ZY`>B@!&HI-9`tah%v2> zo&*Fz>cb^DpqUborV^s8Ju(cI>s!6p^$TpQjY>_w_^ssFx^puL>2+?b6O7!1pgCcC z*>3S$mhL&xgU0JU1k;~iL;3~YzeRWO4AQyX5&Gb_{k+|KTx6q;R4ucYJTOy*`jrBN zVhTaexPm@`uT)ig!@#)pvIbAhbCQ#fSMS@A0@AOu>+k2fRuUH23Ae8e@<3Uc2v=Sh~`MX&bR-)OC)BFd3h20R8-AaMp*eau znupPn%oKN+pnOIH^OhCRS-z8X6b%FuQZwP3@4(!@ps~0p>^JvVy(Y`2ynXGkOj*`= zG!=ph@Uw5LL*nD(=YDa&teGz8XM)Eu`0t{ktFk!!$f3+6bL2o?k+%pUaE7(v4r}cPYuk*Wi?~d^5U%4Al zVY{(fGV77~cAGUI8HPxS+jbw=UQ9KX!L`K-JQamUPEd^Ua}t^vntnoafGS3IS};a@ z-eS15sGP4m@9zi%57{3KQXiupeLyaDFo;pA)ptOh@JsH9K5vjW95aT2_S@ens3IY_m>@vk?2GPC z+Tx;I2W6J~?4kZL{IeD-F>r5-n3`F>cBT4J?Vx%&_1g{aUV~95gq{1*gW@4P5N26t zxDg6M3?y#&Caco0ZcoX1ESK2L!XTapKfm7F&<@;Q8{E?0nB5+Ufi!uxT@0oO9R&pB zD0y)dn#DANYnh*bu}TrUnigdm`uy&qAs7yvoH08)69Z5xrvaVUh}_{`o}eH&FO4%L zr6HH2`OyJX#|?zPvzg#R{T2 zNQ8IBPvKBh_Zm5g{}k1g2xE8^mTKD9w@q3s5C5@3H7iwoL*Fh8hT}GAl@tsv`qR zF?&Ie-^A^~V>tE6ivB;^-a4-8t=k)wB`Bd%0tym}2+}H@OEE!0=|&NyQ%c%aBn&_# z-AYJzmx^?!G}0m6eaBpY`#I;?=e_s5pXdHzuvqK2<{We6cf_2u4?Q=S^JNUK$@ZqA z(Xxy@-;8cakX&ETEiE-KSgA5t>UOfocybn{Y0gsnj-TDf4;DI*s4OaExUsE(HBdeI z0CJHIfTlZe=HMl!8vt(11^+zqb#3(G*4|_;3=sq%L^PQsnoa|40s0+{PC@5f`j`WL za53t1JyD+vy1-y8PAVJVNDI6s*|Bs*chma7fdgfiR_K+PapO9~-kpj5g|ic!$gxMM zynl4;mk6%v&%Uj7<+yCWRUO=t-0N@gBhN4F6{Y<8_z@>ZnaZU@aU1dC|(KcxU;PZq}+v2oPf-LTIT_qw$y}EPD|$SX>V6T5Pp}88ER#gVL8$ z)5f|vn*f>SnL6+{BsO1H_O%cTa``^fsFd=Gt!Yl`%^nW*EH9a}e$5KyD$3-(&th(# z9!Ib;KXUs%*rq}uM+GbRO$8s+Ze+tC1U6OixTi3NMZ^)W;b&EHmT;{*08-dq1NyZ^3*755F7b z73M9Mt+k%kwD7r4M$p!84ScmdUDFI8$dJLts4&O7EmPMrw2ujbHD$U2VJ*rIUcHEw z`_0M9t&tWj>`pqwGRyeb40;y;KmK%kIIB5qYjx0JawBLpnFch)jx4YN0qx`DvlP$t(byI*q-}>hq;Ffv;HT6jM^4R(Ej96S9$_%#q(ua zeteU6;gJ)YN!0&6$d#(olNEkX?;1G%9SD7m7#Gcso;jfp(uiu1OTPPvQDpYmY1(96 ze)O=!qSs|B>`US6R!<+ffiA#0$U!C#Bbaan)KcMG2zM*LtJ>g(oA)tcimlPy9xo?B zvzGyjlU{o*@~nmgt@skU;8Jicmxbn;&CB~&R2oK*Vh(cG5)|Z7rDUoThy2Kf^XijY zHwo9pqP?lE@+nTueCX~{4Zz(sGp$)Xa)<$l7%nbZI-{DP)po3CZ8T?-=1vcO3quxt!*)$f1f}5aZJxa-2wSy*=m8H6vfR+HA;Y^I^5d{w#;z zL?^m<6`vL}>uZCHa2%2UyW46M8f6=kk)MI)ev2AUqKa-gU3b3dlAcb6Qn#7mQ~@re z=tc@>V{rh&$xcI+B#_`sJt^awIR%ZL=&Ji6QU^|*JfX?LtoUmK;9CoE7-5iS;YRc4gGMbB(c0=a0Zh)%MAhg`A#Zbhp0~+P~ z=`H*7E&9cw8TNPVeStU_tdj-=y#7ruxEaO$XVW#kwZ|VCTlu)wQRK_L3Htc+vGw z|N1`D)F@x79k$lF|EcSijBj~i4@haC3C*E{{F3vL`Zg+lXAYq;_YQb(-~u?J!yKUL zYPPhpC+j{+&D2Se{@`JBNpqZ8v(fC|ufF+RcWWWg1Lr5wN{;lQW3S+3YW2$&X}KKU z4TKtAxo?fncsX{-O~y_>+!$VIX1|+{pTon%YUfXxA2zue$PXYHvU4aUFlw0q<;f5<&&Pv@$$Lo^o-As6KF|khopeN}>}m z=~P|Jh`5EzJXhhFq4@PX^HrMf%R>*~ydlUE;hoKW%>iLDgytGQ;!tP~ykQHx0ar@@ z2H)bhtQYd3*da7mj()>W!KMQ7cuUW3#0%2!U+DsdIfak^qaumoe z2nE=oAzn))Wl}Y`3DpCqfnOZQXkoy<2sr;OU)mSjy&*X<5uJ@XAR%FRllihH0=fsm zwtdkm=X_rj2evKlA~(cr*f)TFzcENZjkyMEx%RI96r3mTJ-n6sHFwOJ6hy)Ov17@+ z1$5#g7`V9qxP=EG#}tx5rW(_~nrCKwwEUOenfdULrppea!Ss-BVu-oF!ig@Kh(KXU zLqHh@T40_7a(Ri^An*yQq&t%T0>+1c7h>F0&W>^j=@9svHyi4AFgYrGf`CdUa zoC_#h9%`F84k|6@?_p8_%k6};`srG)!vQSzGw3JavQj>#Z|9)p3bG?v^9hIZWq zXwm<#1JpOrRi(J!!~B09Y=r^=Drdwl0dO^n>JSIGm|AxReZEtKjOab>xR;O&TWLCt z-X;#L_MoLJfvD;dRxa4n-vm+H8x+1AS8USTQu_j0l#Cg=DG71sj1!9q!aRQ+RtHsv zp8}ZYPW2Jtx*P~g$iDwUSRxDd2*ZfhV-n6n`}XbEZ(A9@ceVgc6~u-IW8U&$OG-*^ zm%m|2w*2+&$gyLu3JMBFMn{cYSHRm!hvbEEb0xYE!`BZINxS1iC940Nt+R%gh&qeM z34j((EL7u0UP4Z(@AtUK9A&PK*IF3cJ!Hufq8bW-&vHSJE>Y@j0bi7L7u=q0hFo|AwDMN!0XK* zO0ECt(-|=_=g3>rh5%q2aP@|+4*_LzPJ)R=ReK=7f#3+I zJXAa6K>?()!$CIRfaLUM0O8|-1h7uc~ zy)g@jbUJ%xH3gIJCy*TPtfz7p0P{atVMqz3=7xFrM;RG?>g($b*CQtcdz{ZDWc_uF z$8feQ8{L4UpzA@S<9ue{{(XH-UlfxaX8P2U^v**Na#2@TH}#fB2-{nM-C6)i5LsZG z*t=bEh#5mbNrjAL!}R(*;GDcCUZ^5(7NVoU*cVjfY@a~VN@CQI<24IuF(B@0HbJPf ztJ`{iztabr&a_{BS*aIgN!Ig1-=Z3_2Ox6`F_~RpEy6p1w>uD0$OIn8uu+U(dSV=S z@MUP6I0d!gI<~C1_+qO1*B6wmeZ}Q(t$vTx4_S0hj!wur3}+z3W0fd4^!;=D%a?C= z=Q&!<7QaBFAm&Uq*H`L$dKmNbVO~Mgl-f_L3!p@JFN)Q7 z_id6zzbtCx$?F!Y?OJYJ=9+KScDyARd3L`?6+W$(;n2dukNQuze(^JWd`+e*yu7@1 zrnl>aTD^E6?1GwVE!FBA^@Vu=;@+Nzih}GK0C)Z*DdQn&7B8KhkN}Q}HitzIemlfl z9X2+q!XP!)Ek9x^ATRG9MQy8FzBs&8D$mfPd9o1Oz3GfkgI_8r~5{txl#4ij3q@_(QX7IREl;TI5SF}=gP^5(N9BYy3Dn|-l< zMfO|2RIQxv$8k96@YXTvZfyA28F0TP8&T3rAwS>mM(0Jey0)foX_>UrY^YM#+SZg%RbHdaD5|Jy=an6pNhM#m^ZJF*?KVLo0DQP~SQ zDRz)DcE2>AIM{gHC9i-dMT=c?u0AX=C9O(0wN7atyE(+gg zIV@(O?8K0gi~GQj(9aJbjhetw(DFP;3B>`rvT@N`;F!OQWl)g{Z^9_*KIEgNx$Y`! zrc$?T;zsyRz4vR>V#(Xu!gfEFZp-FNGcSC!TKuxFUkF$9D8G#VmghX}LE=bPBbB-@ zNoz#!WMCfFSG~^!>}-`NM7H@l4j0G*|x2{ubC5&JaT$()zEr zuOEVKxRU+yjF6LONhY!FSbXRN-hG;b`i+syocH zjFp}5_J7De^tx?fRsm|8*{?#y2Gpzi!6C6Lb9*8`jRm0{ZwykQCR-Xxz%-yt@8%bT zb|?#TKE>MNpVEEIry{nH7@NA6BR;jr-gVyL7_G2B$JdqbQZoy=ffb|Dymho)Tl{Dn&0Ib}IgO#Cn zao}RqUlp(kzu0>dU1YwLxgSlv?eIg}=QKK1p&!g^p;Br>sb1Uwa2n{47zg}EObOvX z$WJ2&2kXAE5i9s{9IykRVobit-SWcyeD7Mb@ped7QKX1WAogYgGd3K_g)+NA$n2MMSiJ{$ zD^2APoA3bBzzynmp{DaLmvNpFD0n6Iz(tAB2fr4wrUGgO1>2T|!%J%S`i=UCDMcEq zRbGeSe(rqHQgtva8hA(rg{!z?k5Q2RNJSaZax_fDS<4ID0`S#nmM7(1sS+8ElpFZb z#2@iabY1+E{mM)MeHi?$Jszo0#=wd^1KbNRJZsh{FyF&JU_Y#8gh3n7$LHWXqypM{;pLrL%ek8tG8aVxnvw1jA*{BdeeX;C2=W*|L@u+oQZj7bk`_*XWvNLMf(!eN2^3twgV~T*>X|AC)%->f_(X1-ukR1H zV=Fui6$Lm-E5DdU`{zd+>Em;vqF4(YIv!LLi`=}AIsnjjhr57+auKyh@htACcK|AZ z0T35=P83TF0zj;swjZkGIj5^U3%#~hJhf#pvLs{96uQuLIxyC=`f z3U)1oGQbm#-ckq0)2a;Gc6J=c2M0$k~~`iFBrXu>$Yh>CWZ zOaO+=J%fCOXatl&B<bAqlV(3&7juB)GT2cYHRL|Lo2Q8e^s!U`|JofN7~V=(k{?XJO>$F@6!{z6!$`bDWh0(f2n ztlS9k`@-MISm$48fl6=~;!i^O?nyuqX7>vM!Ho~(r9~ku?n{}N0di)(`hEA@D8N0W zr;2=j5x*cr-(}kRsK?U;ws0Ok& z#A4E^1QzLP#G6H&ddVgte7Ac82&@7Uf!PVMxZb+$HN3xsm9V|IyFUC#SU?E6j7&+s z7Yd*P+}H{%V{$)!Abi*LQI~^$= z>}h=bikt7gqUrBA5eCk;{TI&1GD*SSQR~Exgj0ahqhyba2S(uVpkM2L&M1+WnmtUa zyZJFov+GSt zX{-o_6e@Z(_T-%AU;#rKQDKmbz5^<>u$tQ13G6}qfmqtZZPd^+^%9~j)%UVDZ-Itj*AkO~ zK8!sclZ1rtx~v3Hu{k;bCJXSUw>yls6(67;5+U2D2aY-mU}eS?O+>-qnR#gQFg~w- zD@($i&s5;BwwfkrY7Zft@1Ls^&;w5laFn7)wShMP8u;CP@GY-qX4pYIii&Lr-{FdF zw!dB>2^>aCyz3A$Z@*ya@9sQ?-C;{eD6=xL;*`MED|)S!`}Hfo*Zvr7Bp>I|CWmQb zzBNO?A7j12#f4xWl^4P@j88M^HmCd+00nsn6r^xC?b*|?{Wt7U)##~ENslqW-EzMD zjrVo23FF(nsoS5gLDZ-Jcj`A#IBW{;*PqLvw_2SaRV#dO$utLUAWUO76?7y7so%Mo z6XMQPka|?thDIO&1z-fiVMKxCm_6!2PoH_C42ZL9>c)V{u@Gz z=zHfRBqQ;Sj%**jJN7I1hF=MA&0aWREKY;}3A) z;L!i96zJ;J##)s4n~C-{EnkewcW^Y#0V)`2_`3d@NHPE_7_igqQbB{lH&NrZHR^o6 z3kEm@>NWVGK|FkDf6*eMx1JrIhqWEE>MrSHprc9oqjU>k>^NDB_5nx^@PgC0pWyx6 z80$W*G%W;DjS=Tfj|C;KT!%RlQ~X>b@sm&Eg0W9Q5}&?*iVDThXD&W=9y|h1|Ic#5 z0=dJlW~t=CU&FV5H(iX&9)V7pxm7-{=vtzrMjHUnYId&o;hm(m>5 zeVbCrjvd}dMEMz1b<#K|o72M6(o>QqVF6vK0toFx!cB^|62oAdAp_VS4VZ$Sp9h)| zGSa?~3hm`k`t%T$2E*+WJB<5xQ`ycdT(AZ%#cWh$hI<|dxM3=T8S3y89|5f_Nrq_$ z`KM}_1Xmi_k?6hYn13JcIRS^?Y}71x`!i+Numu%FElE&HCI@a1mCTc|yR9wc{M)*72TLz||BI^7bK{18+8F1GStqk^#L;+@O}TlW6&lgIcD*ITf%B z2~f*BcR{1A-q!@RoRPJH(@N;`cR??Nkm85{5Bys%EKoU&rf1%+%oy$)fC34DuH@tU zfET7bqGxIbKmN<?L2+e*bP)Q$(CQI1#S)V~)2wl$Mar(^@xckJRg!2Ye z+3#v>patA#=d97yt`7afILg30KjAa-+WH6iwW z$#K&6BXsOQFWT-d$dBs^qbrQcE<;)uf|bwcnv$IK^mFK;WmmD`RXdINXp0ZwBp#CJ z;rIj*-y;=&Kym+{Fj-FoPq;oC_lx|*LU2Tj4WX5+;phF*r$>H=?SG0j1B9;qUHj#o zgXJbFQ`LSb012UT2(nJ;-lqGl08#oOye>I(K%?LdkGB3iwDax<;0&Ys!d+bwbAl;M zCE{iau5=C-I|8uHPi=GsFpv$S2x*!OYoku5wWmjp)un~UEuDK=H?amM-CqYsJ~O=ujAoT=pve7 z>Xd2pHG(FTCdj-{g!(`Y$J9f(kZB(X!M^8DcZ3J(UR7p!gtC*0~3QdTrv>pwm6^xU{t^{3Mw984xiZ2)-*v7;6nVx%4{pzcJpjY}ab=^3@Fa9o zvZ&sq+p$RCZ6t1c8&{D82HtGHDu)Uy@J-Z^1YW&@4Zj}cZ->iAgGvA$6#F-F!lWPo zVSy=CG6Q-q&`A1$LZb!~UsF*dMU=dG7Z)H9Lx4cV_6FS_f#ZG+GT(6xtTn1I-QIUA;7|!Sf>1>% zdPU(h7^RzoDTs!LPt_S}B%y<7fPZgqQ==g*Jn6xEAx)@)z**z%#}07ZLy!ND`bSK4 zF-5WaFW;W~F4|X?{MM@e<*%$I?^u2=L#kTa2$VF|X7EIvkFaufut>^DhW=oYPJ=~| zQK$A~e+}Zm!u~X3`*^`UKzShCrr{GdRFJo1ANpG%ivjMteWM_b5MU#M)pl&eOEQOr z-mA!4KLjJiI2pZV?M9mNnbs`6VF%3llyrA##oYF5E$| zkPK&v2Co6PGLceUwz$1b3n*J%VXyzzP7QtZ;H*uEWD{|m0=f7>d^a2Md7TT)8dw{; zi<%12q6Usb6~XqsY&dVt!w&etZm<)FF2M(`YC;EIZh;;A44L5_XKm^_B-LD`IMrd) zfA?fbEokV9mPSMLeDv6rila!g{1aLXMe!H|R20AS^@pL@ib`uwK(q3{ zknc*wC2*ZCMF*i@u{?l^&F@-MUI3>|7;w;9kmcurg50C<+99?IK4cw`ZMyyEy4NU}JgU|>e+zRwGAlLJC zN1H>9s2o=AJ|zEuk|t1HFG3L%#mDvY{@PO^H;3~rjYoX2ci}i7&9)oIK}^80A6?e^ zpVigA&#>UJ`h(l>@pXT4U)~d|DSFfd?s(nc`hUmbd-Ffz;NN5T>szt^F-(VWfW@+R z;#0DtCM+ZwMf9Mh4L(p0{4nc;p$H$hha%vp`2I2=nw&tie^2Y97ymC2O#p_8cTk<~ zW5U#x0i3T;_~3tFP&gu)s0w<2KAa1r!*Ml`{~WNvA(ReEfi??tE$JwN70t~ia9Gk= zfECZd{&ix%uL;^R8IFOCjRj*ojenQJqStME*%(#rmU zGIHFf1eNn2w#WnWixBbc)GHw3+g;P{SR)97cj_5%`jsAJh<+w}CmaM((Fa6aU*Y>7 zL>#~X%G00CkV?d0O69$OJd)2pEI;9xpWVIy;M|n9nv-~Bj0xMMp-fw-l20bHHSWsXKmkQqV)10S~`AFo=D!+Gb~PXVRv zGV9b%te>1PxjGU@BwgoMgoGa$w_n@8f9Qv{pf1(8ifBMr>`T<4g(&|HmUcSAxE;{q zO8{n4f3cWkho)DBC+xU-H^Rg0FukwB!g_Ztci~k3MRSmqVPU?(p88#@FxJdv-OxVbrA!}5SS3~=Q{c_ zu_r%yOfwCNytfH=3scaegu_m+UI%|Z`C+@<5cuoWaAcG-LW>BeuJ97cD7^=1T;_Ew;ObUOkpL=_E!H%hC^8UVkfK( zAHYyjMg_@|*iAYy>-=;ZsWPS^Jy^2hNmJbLiy+z5fz3ZGlUIdP{fN}unoI$6W$eo$ z`wR&Ni-J~8ee3E<{{uf-r@GbrxYTex+K7|iA%a$%4U=shQ)V({lc=Hi+^$>yRVm^7P+^gfeehhqX?=j4yjk()1 z-@YDUc(7zLn@HzXsNyz~ccBXeL&5be*gapcdr+X}r-jPjo-~Iea{0aiyLXd+Vkheb zz`K^}Ht>!kX1FsH608{CMxER^WeEojEaxSUEYD2KFMX?#=@|!;f#uvS zr)7s@l3!kXQ0_1dyjSm(M+DH+R#oQ+!kuZ|x+WwGdYb-+vOKh|I9S(iwg(s;TxQkO zhaKFznt1@$RZemT-CvGd*F%USANI-uu8Q9A?gB2;F_$s?!6X}k7yYiW!3ed0OSt#K z8}3pf%&}C?`v*kZ)sZ@0TW0GU92R+$PC71gRTCyWI@Bh#x-?v#1dldS4+fPNE^S0! zKXMRN;(@J_z5f@6wt2 z8Uu7>b#6>G$S1u7u!enr<^x^cOF$)bht4_!7RM`{7wbg@{O`yHe_!Q(ufiEY6 zAwBhe$Il2i2mii{-Mn!7Y_Tz*kD%<7XIDS*fvbBTCMsc zr@1mV`8Z$-+e}PW27OvpJGZ^VQl8-JNZvm=>2_N_?}6UucxBzR+d>j9{U5TX*DslM zO`Y0(ygELE^H{|4k3_ddt(tbvfFJh+5?(;u9LQ5!TWx^T>&EP`?8a{$c9o!*(yk9) zK%a%W2&{T*MTg+FjQM_m5=f0p6KHlI+K7U+lc34eE@6mwaPkjv`*D;$%fqc3>6GbCDcbN>2dwcRTMA7j(#&Ca(dZnhR?cZae7^L{`Vi2|q;q`HPmET3rhCG1s zAwI4$rKX)UAas)7=jnCv#f|O?W@a!*JufU?*>I zg*)q|YZ;}ZjZx>cjpXI!*Hde?8EHbpCM=HE+<(1qm;KY&rrovzuJjd;d^z%=hta+# zM*_Uhv>&4P3aa4Lzv1q)e?0s}3XKIjNCIQQ(9(E4;V${-yIQdUKq}mXAVfx3dkpvV zW>2W75HHVU&Pt40<^#v(%)1*qWQNvXP+0W6*=TGtyvCMaWbZZ`izS?S}q2EYn*XwXFS_ z7W77Pt%lHLQYqO~-{fkZz$_sMZ|Z&JKK$kT|AKlq$qd&QJF7cFP0R{bcBgALT*;19cM6)Vn)`0iDYKZM1-`z(mQ1$vHYL`aj31`Khh> zz=YpJq>{E~T6Vu05~>U+U`*-!{QR9Wug;*oFx~Rl+N`sgS+_VOVDB)zpjs?T$8Bzs z2{xWOCN#`9<(-*sU=0}>Q*<4W!h?-42~htGU(dSS%E# zu<$zO)Bj1oI-c{$h)=|KlH1KGzp|X0Z%Qg@H)Aw+G!`~o7LHt2C=+E=?m|X|(ojhu zwNKSKmsD)!wphlvU&8OcNL!jxR*S5^IBWtRWBoCTbTo#yeIw$M5wATh@^M>n7TfqX zUR~X3H4$OekseUvsPAfSj(U>7;YkB=KeX@9v<~zVCk7M2yn}Y5sU-s;~JG^F+5q)Ec*j#4)$|K%c5n1{zAXN7zr-zBVP6eBk3|lQM`y0K*{p za@!(Je=_})fXC|3=78cUm-$&?uA18F>KBzi;0pjj2Tn%C{QqC|zzM*dn60)bo%)*h zPHbQoFL6BWZxl>;0ac$$eq5TnuCF^5^_q}e|QI#sP5Sa}j(gbLNSw?&6%W(r2S%5Kid4O`)q=V#{WxqG_a z&qBL9I_nOq#=opJ)oPp_0`*&|#0_>5CXK*>5dJR?qQ&R{qK{73wfs#Kkkt)+_XRP>XKo>O#Uv1&l{`LBV@Tp`XqfwLyYB&}{H2F)^_%50VKKhs!8{ z*A&irOw>;KgozbIWyhE#EGszw^0(!RudA(2FCI7n3Ze>3v6jF5Lx@}aBbjeo*|=lBVZ2B` znmIaLi4^U;zqU`78CF z=NDBRHCu2Y*%YOa_!)9$X67?#mba?L$34G({d(lc5kmnkLuUX4m$$wCNMfa;*+%o~7mgC$I zKOME9hHqxU4Ensd2h9@W%dOd>)aoa?$z$uweNcLwR5%q(H-pzP*8KA&j3oduGZG%Z ztvm>~Z-tAcC&4%ZFq1E~<45mfL00^gPoMRTFPUtkRDf$_YRad(TL-Q~MQuxD?^Sw1&&+hWEi2FUXj^}M16#jDvM(~f z1$tHySN>z}Iqh`avRU3A9E5z|9~{Jq{O76Uj@@JXd$R8KD;`Vu8B^ViXh>}WLs-6% zEG`VNIkHoA0ais55+U2^uJA(`7{1ou-;d4_ zU*GGO3-LT@c)STnsEdn=u=5KGMrsNjinsdF_OyGe?Y)1XzJezRHQ-}R@>+7%AuZ3*Kln#)RmVSFe0_{q?51gEW4wBI7ZsG(1Dmc6u7`?WJ z_ZJ#&#*)-%9&ua#GJf08bxS>9)jd8H1o7X;q9E0L2)|~b!{KkZif2mie&(*9MtC23 zXvY219Jd$jit%EsTYLs3Hj4$DD$ZL`wf7AI;d@MQ_0OoQs_a4$sp7qlhEObqE3fs0 z=HeHqxtN-TiItkgqC17;x&S9APzwQ0A?M{JKn!_4;3iG)^?)wO*Y@2nfM3;8?vw{U zC2(7fptZCj)X3lVHo&}7s!-BVxz6XDs_PF6HIcT^F&bzgye!u$h93!^!XvcIQvDoy0 z=giLp)wA?-T93NYCi|8L4yxYAZSSVu*!~7*Aubtpee&pMke~DsiOP}@KJz1{U9km@ zv*oXn*qoxKrv$8W!Ovl85tebiHTsGPIpelB{=0Na^FynL-~f8DojRHt#SD?8W*hNIY3r>ALIC$ z8eyPhsGiTm(PidYSPr)emu}}V&=;w7{HTabOg;q07en_oZ;-DWF3?E_!vB$_T32C`F%^wq)%HSa?pKfiw0l6O$m99__T(Xb1JQP7J&|LZT z`Er_m)HXdv;t%uN<`)+sJ3y6S1<`T7`##=uNz9(Rpw5eS+}3l1e6Dm;LuR%7i6}>o zV5Yon-3B{{>|PyJG#(&A+Y!}#XvaesiKBAGui~37@d-b3P7^ultaLVnwd3B&^*dCA5P>-LQkObS#UP}W8D-(!df#5aG(5Di(szeOmwy|LX@fKdJ1x?TMYw4i~`o8-wfyJWj{}fn=0`|1sLkxT%LS?u;7X*hG#E!7ag}w@Xj+&gImDtVA4TQj0O`$JGoz}w~ zW>9re3o^p9Uc!K1GQh54e!w>X&%;&P+gDOGN%cP2c-B`aF>M;0Y3Q2gGH}tR z5jv$mEy5TH7)lH!L-$Mu_+U?0cLOGR!vE5z^hpccolUpJN&JeKF}eAz#F%K0n1>Vu z4G}!P2IoDku*~?MxNbCVw6aObh)n$=({H#F=*BlLfArY_uFF-QPu9(i@$;s|DdkMRS11p|Vno`=emk62M_h4{;)f1AnUh2Qfwf)LTmT&=G(t`)fi;CQT zcjc;%(a{bhNs-FNIJTePgNIKR{m{MLp{ucrYpf8D^3-+Tnf_84DXB+I&CRcq!ine3 zza{*v>@IXB{+v`H8Fr7yGX8VQ{?v$}-$cGiOinhJeaPWOHvFqscQ34CnJriu_ghKDbPpOL>B8RudhlrEg|MpahU zi&MIZMJ5S@K&*V5w=?Gi)x?c|#x}l+=@i{s9hOvoB{9}SKQXYIVwv0Vix08p%>Y3fK zRs_!}Jw=yZImf~BvN+KGZWH?^g}K&&gYuJ ztK?XwDa=XEvb6)}3Zx0HswsS7YGp=;a7P78Z>%|&OLJmk>n}y0Q%2`M|E2VF=X3~{ zNyu7P=x$(e+w({x`YEUr`Fq1Uy)6 zjH(g2vDsJG!WJ9By?YjW@M!S*M9dFv|D1BVsASxzrii zD>C#|L}aYix=fY|?hb6Z_TNRP@|Y_{6MZS~*811f47Sk|ieK5|0X0~p%1=TrBcfj* zT)+L@t!!&$j=?1EBqv+(yK`6Z$)4YEe@t+u@1`v`@S3lu(H$}zdk+$KZjIj?NEcl4 zcTx|Zy>dN}jb^i&$fM#WA&$Q2ukf>YeK{5DS+uxU;F8aznH-JTG*37XB~^E?*5-vM zxZ<4&8~px>`d>cqSnNEe_(grtO?^9pzUR+eSDw)fW(V|4UlJZ3_%!g7xo23@8*>*Z zx7>3yR;7#Gq$R;G$b8+qDnzt(3nPv0rRw{Lkrj|aXFx&iU^*w0vht%fPUV`KFRw)P zakxAL?IHKH0gPk>ak#AzgX8S0g+=}oiIs_A-Q*@$w(d?I5Vjinm7H;Ya9faJUG)Ud z$6vbc=XFKY_uwQcPM#5|WSFOijj_GlLzn1zw(%9E$26?|*F+Wtyjqq5%3LLC~9oxNyY9Gxt5 zB=fSmt`-932EiD2Sb)m<; zz1wsADI*8dCu5}uqq1*gEModJ~ zz{@<3hliiS38Kwe%itn^0oeZV>cv7P5O{^PQCzWjtHce@)eSi_f}P z*OXsb@%PNdYLJ%YdWlXxCJ?DF`Vp3M)t^)SYz*CMUBT+F)w%Tu`eX+a-2!wqRKKd?sOXC)JA3PF+2BF*EWhX4E7PoX+$ zk~4lKC#Q=Ub^W7s*K6M!GipzCe%cHQ-u%c+Y2L&D!GM&W zQ0%MIaoEloUum^)3Yz77rEeI&tnd$s%CY8tJqfxzJ!_NI4fXZEI;d>JH#0h>*!*%w zOQv3lSSFIL+uPduRXESgR$ivxR5eJ@b$q0i*{9K#V;ig7lV;R7(4w4K_W9ad>HQn_ zlbynm^db0qGk-lf>$GUP(%`51!o0GLW>~M2g5+oAX`g!;=3EOu)SroDxh?SPQafqt zEQs_p5|MNZ+QulSr*bKN!?;w#*f{O3i4DGmD_%1B+}SY3IB$-)KEsom`yHs}g1LkQ zH~l5^?4hyPfs!C|>Snh!+Xp(oZ6Z0ERdNnFrR-P45I1i{g?1|$%XoEk%Zu;NaUI?m z6g@(GSOcWGuCcZk>2o!LMbcxwZtHGgY3*Q};+mAa_rU$0@L#-BfyY%&0*Aj`&N>2j z(T?mjdvNRGmc`7;BUUN|4C_nrv+bezFYa$WFQ*(_FANR2s>$~d`wlav7qsCM6I4ua zgIE#Hj111KRIJVu^qwu~y%Zt%_eY?~<(F7$g1&BtkV}-SuYi>gp9fuk>AgY8bF2Yq zNWT>;exw|f!J@|19NX}gVw!Y_cI$N)TmGriwjq~zZ;6hsqla>E?frN~d>cQ$!G1xa*?wBWNw zPBk>o99*y-?IUGvp!Q-?_~I^iHJmiPxuxahhR>#B#Dt|dXbvgRH}rE@9(GEmgxD&d z*f|cYRzOd-!5zW@S*A&^R=LEUjZx+CD^U!B;uh~-A>l522S)51zxI7<dG;11b@ZlaqV1`@gf>h) zT(`cS)6DdLBO85&;96aHh4659tww9ESx3f=C7Em@l3*gf&UWRE+zoHWSG1bxt^tOE z8<=9L(Jx&oQpuGjW9lt3~5?a$!Ijjv(<|WfobP50-*1G2LHU zMNeK0+wgF`^U5oHFfXj&zWuH~Dt?*C2*lv?4}}|P|T~2TUN@h)$QpK+&mgtN$>QE zxNdoL)K2s-%BWe+L~*}ik?}wBrRn@;hk2oXl@s6wsTAD5J2K_{?RAdV+#z(GP<@kB z6v$T;n1oG_=bCt`vvdI{tfXzc4(6l8IK*ZuU<4~FN~x>#A*txjCy}_xpmEi1rq=i@ z6%i4UzD@p*o3DVs4V*Ef5=gGC@ecirbbdI(0OxSoy|%IHIu(8V8!!(s`0}ZQcVw|# zkE1UVjMa8envZtps-BVyX5&v!SEnQ1z`4%TWJiuN_~$zWh4)6EG|kys;Ef`+4Mcuz__=IL1{0FZ1KSX?HM_R|zluLP71D7EYTg7XUC!nOWd&WY4Aq2~n8xmSB>blu zzuLKw^^B!f;<+l`d?HOj9i4GM1gEXe^thIiN{7;(?}#qUOi$1DKA+EM@C|d1f@JOU z&tdH?EgyrHICcF49I|S?*B{=R@(jC{B~P4C@oCSD0>eGOGssyOCGT}Ndoc7c6zpCG z!LnHO;(GnsGQ>b+g=e^!d>!%f39WmJ@Qxli;@g#LU-|k9L*RHTwm_bpS;}4jf2-2^h8W2 zeV*mLKUZ>p}{iiqV4lJCO1@~s_CJK_BGK1%4QU^=z zw^GOLRaaL*J7k~YdVcnn#|K443_+vT$^vo}jkRK1;|87bm0WJ#Njz69)fRN_0WwQ> zt|2Ayfot_8ax*|lRHsVyG%z70QH62AG7Vyk$?rHgsO{Uo-@w8?v#F)23=nz6Zj+p6 z@M$K67e%4sPIuhg3Y(r^m67rEOA9Y3(1Catf?^`h))NW_pcL5U_f#X2Dubzv#fZoP zmoj-|3FmfBy8WhLy_=e3v^g)Nph}i`eOW@cVDq zKFTOlJ{M)Ud5u^p1>=`iG~TQxDOa;K-fuAWxg|zDZ>~o4tn0diN$tyx!Rr#?o14`Z zE*%TLc{wfj!}Ee46U6YKSaEUDZe`V$qh$VC`p3#(UZ;%vcHBI+!dIOK{M4|j1Ij*{ zTb*P43(cT$^5b+tXty&bm4#TU*;Nh?1_jNkZpH%ml)TMnxJ#w(+R4SzKvd!HW&v~zHFww>LPfBGkjC++Y zj{n|YA1fYdO+h`fcDMf9lTQLg0VX%EIp(XofbP|gF)}fsv$xA(B!`+uOtzn*s$^U`LVIFN>%r#>*93^k0>cW7?07s)A0G)r%0Z% zx48=hIc5v?F5%7dN>kQTK6wGGa#aWkvBvLv^-M|fPt-ioAk50hQp&I*(PM2zRTs7r zvpMCmba!-QBzo-|ncp@yUbZetMNTm_)ow0r zZH6ptT<;_zXW=BMEl^?SfS_Q)?_vdXHurgmh0tan~e&(fgGw<|Dn<; zr+3j1p}P$0TU=S#l2O%RVGNP%S#aW;h|y;RV2vXob+Izk;TuuJcwR|V-xF}oC5K!$ z8pAeE&JEZ4jH^C*U~>{H_U=>p9X90M6B7vO1tEq8({c?@LjIhv*?p1o5SpHRE~`j* z=LVL?9dcnZAcqSCrc(OML?kIff%E9(*`%;s?)Rs6w#TukDqd&fvBo_|ai7TV_gsTo zAH5QODe^E)@!eU|Jno9?=j8CeA!bNpmOJ3a=w}ll@xHaIi%VQwyyW}XU=vM7+-d5A zvnPj>CL#t!8h^QF7K}R7gD`J%`16`V?l&1q2Z3JLiKiJkITw!CYpgSUgpBS&5`7gy;7y?cti@vG9s`)> zPykq;>Or$!-n=rBdIgI`=s+x^4L2jba-0lv8l9A8X(^K)| z*s?#BIcrbF>nKI?Mz*olLM8jf@(sU`L@&-mUg6BG`4YV}ZyE(&K{UyemV z5~&p2*pW&BS*)64_Zox`b5=Cuq*7`T)LFIp2-j>QaMhPmUJq4(ANDX%#_14$Esho8 zXt197NZITM=t{sE%!6<_VEP*P=%*M3MNTlfcg2bYE|6a?1jd91cRJWwDoSU0$F*(@2ie5~( zl9a9FBRjy}{_#b%#{vvm1Kyll=$c`bg|e36{Zeh0*K-OEc7&6oKL+%(X!AUV48tDc zZ#ELlU$D1d7?Zr+G4exKn!yf0l={I^pm<7_iLU9|^oi%gJ;z-9QGo@&ggfHN!rl99 zJk)6NK0HdUU)QKyE2y5DP&3w2{PsMWZ0l2GQG?a@Q<_-G(8~AEJB*A}6JimLmXcVGfjq}9 z=RE#lo%U_RI{z%&%)!PAzl(;AT-vL+3jB4~+dkuyjicoAzyr792L*D7q!av=C_)DB z=!(!gUxQ18J)yL@bxDH%?a@~9!hayIhwjX|&o_h{GQa29#VUnS4 z9MFck5iV{8ksM9()ff3_*AiLb_-whyfe>Fw1@goz2#JCl*a*3I6;aAH`EetC{lbEs+T!I zU9r(A#X4gqTJMoKy=a^Lz<)EHJahNMxY+hzNyFN`!ksLj9#R~5U zJ37JbUjKt%u0f&>!4E^JqDlpHir5}^6DMhj6}q`V_MY)zQM>~)KYzlLKBI68*vpw= zUPi%>;h8>p!sVCNLJ(=hPS3se)b5;~4vS~;r&)2I(ogEZ(PcUePG+Zg3w$h}x3nWB z`E}FBGo&DNFPvWVAn}I%t<8n6s~MbyC!*4AmqsdeToZ{&T7xg_g}a?vDH#*IJt4P* zheviyj)r{B!1oVtZXxw|y!qUTqEDz?OA`g>?mj1v2ROL*k4!Kv5h5GzFA6c1E{n$n zl$jTJ+n2bz?+Wx^1cikttx1UJq&(^wei-fwpB54%OK`dT%W>%Z_*0w5jOb>#W@h70aHw6f}9if_32)o#t7U zz*owIoyufBgcGAlq&8SdzR;HS^Kg@gnRZdcBqP|9>4jC#u|Fe+6RKIP?^Ro>#!6O4 zhRK9>F8jrBOvdP;qlm*VzF#bgEm8C6s5wDR?=k!8kVqSd^BN&z7GDl7+H#|odXV?^ z+C-1_e2*~hR|=HsB~i7;;9IwNJQHrJnV(`+)p8LlbZRoNTM68+6nN(F^lU(*N|iK% z4&5p@6z|=5qUN%&`MuIfkvMkbrjn-D$tf)Aje1wzSLx7z#zdK+`$}$^L;Nh4e**Cs zt|zvaaEpXilOS>TuGi&H!%7p4Zr(YPhPdhoKLwzks6M~wc7p;vRp#Aama4vM23n0thz}kRIRDKk92PmDk@dSQmWGjLIdMQ|1 zVFQHlQiIec<#kfH!<7wE$Wz5;-tC)fm&>koeBgx`>~%px&Q3!>=~Dz*V!%>v4wZ78jn+F@$bqy>EW*Dd&FNc(<^I~!3wtN>S=L(OLUn?uO8C^)`Dy&wCtjI*C~_VKF!f^;)6^{9JZ7+9`g}3>@)KaFC6wi*ApT4fWCu&GIYozGP4LETQsk*Byo~sv)UBhB4!u2}W^KvknZ;}+*H#djv z+hPi86rGum&IoPBHgTHy3;6J}$dh1~aYqS92Ta9Yczsf@F)HIVBtMPWShG+Wh2WX6~lQyX7KG}E7ya51R= ziYoty7vl+B41;^~4n0@)6y~R0DO5H-IQz-(jkw?Yw3w3_b)M^<#5Uv9g{({);9XLN zYJH}UJ3`2QeblggeB~(SXFo9iA)3^Ux~69YiTyd2^F^|22h2F@vzCTFjeYr|PFt9> zn6jp$;2S_szgDg0%m6~mt)#HKiVtsC_e2(<%RR5mIPOdz{OXH^j3oX_XU3eLzDDxV zE7pPArSc{1dXz*^+Pige%hSsyR9udWi{mPV-MA3l>(Dq*hmF$E;3^m8zT?PI|6$Ff zo_n)m2|gGj#L6yUynM=Vem^^1)iS~1@f+2djoh<9bhw1pj!u}>s|BEhWm>cM_wVmv zHBJ;dp76-_Z0_|n{sj4Y6ts=FvofMG*W;}Ywt}hlLfO^n{j(=tO$702Ai#1K67QYZ zYghf@bb|*0W?CoGV4+&lr-H;ANe3gSp;GUjC=En6Ava?1;TL1%=a`RBqnQKJY4J49 z1LK_9l7iedbO6K&;+s7uafu>XC@j2aExH5JBTliGq6ohz6Bers5J(CZ7Pv@s*?D;E z^$mFG+f}VdWE?e|_o#m`n;SBRW1K;Jv27Lij~9SsAu!Lx+a=3o+~q!xYwbY*yx_^*YQjH4~1$ilN_oL`hP>pA%3PbhOc+-**#Sjh{~!}TO}ZaWqQ4%!ew2x$aOwy@q^OHd)#uiGCj^iXlBY=5Epa3w~- zQc=y`{z6Oi+yn8?+a!Db%V#b*FuNYbCB#n+3A}e0N1C4jF?j#SlcYl(^&}93)Rv)A z5W{JK7*v_e@5&NH@^^&$rjUPy?j}K5JH7E>*}*G0S=_?{8abgAtq6FnNNnOqFzJBB{tmUJq9S2jcJ9SYFEDHxNFh9n7d_f?DAAOPOya|cX8v4 za$ux#U~})?DY23CTfmW^@ z$`W)ZLbgcJH#HCOryGNPi1CyaaJA@*?|gr+L2CA7&bcN7i-_iTS#U0X4DK*BEZ6Hg zS^v@}bKbDtrvMr5W!$PQ}idO-pC4rU59P6dPO?aSvL(9897V^c!* zt1syL?S++bWRXo6Ikse3xX+w&gve7wb|Oa?O4;0eNg02vr=elI*BYHjbM4kB@7W}Y zPg^Y;^Y>yraz1R2?`)P&?H;%d!w$oq+{YPPe&&qLS>61gGrycEyP~Qo!pzEi0$STy0R8+PxJa-K$Lv1{cfe{j_RfGf&!krY+Xm3 zjXLjwg%$?oG8roBiqU!*hK&uo7W$DB)PsqO3K#A#44R4MHPYPoO>98#DL+@KeEDN& z*<{k&^~i+g5*Y*&D#-NMx%S>>a(42C)9#x0&lzvctmveB@wMuW!?(&Gp6t+R zQxT`QQn*LfdF2a%OS&!qUagaCCx!e|An^@uGso`*ajKHi*3Uk~KkYlu+?j6jwO2*A zuuWn1ML|*zoyZX=JB~xy(Rhm7458FfVRk_BI(L%SBEFhp9w2%1J5hU3UzS2485jLB z<*d~y2ptBNkA0ZJPWYdvM%M^amgrZk()p`UM$u^;#l3P8-YKZ0BX*4kV#pp1YeCyS zJv8y>GNFxhkGl-X;rOF)9h$PH&vSp<{e&uss^jMnuKOLdGt$z|c{3=>Jnv2@Ld`}z z*KCkKeUkzu6?!C!gR=Q0yi^CP;P>y1r`W=aP~U?|2NU9Aglq;{f6F*@KRKRc{PEo7 zGJ)?xD|E%YvOR?l9sNmu9BgNjh{*Vo#3KO7`_v&ax+iEiJ;cH714^otcE0o_3*1z5 ztFl>6p!|b8kDPD*VJ3WBS9pc~Zr*2JdtD5h%B(|syog$z&*(8LYwOnG>ojVQ5ELeA zo+e7a4w>Ym2#wn@L6}y&G*MiFBYTmxp>!hAW9_?-Z%>H(oPz8A8n-daD)Hs|7H2`$ zk4)dG>5Yr+#3bwT>qi9kwrW0EOt;_gQKCxz;c7=igA0Rh*sikZ*LX~XP(5JOnUWZp zT9%l>ZlyjV$tZDhUuAgp@d?-`I9byJ=!qK{$ftuiHeZR}!eOw#J6xtxw>271rIfA^ zo-~*hM?fL}2m%gAroSq3_$p69z_H7U_6J+ldt9$1R#H``msGI1KQcqe&V}Wp6G%`p z;iqQ5WHMR#JG~l~qOy`&PyDDtX)Um5TRzTYTJwt^97`>+@ng0nuYLG+b#(`_uQ2tD zRQA25>+!z0*CZw)HhUi&7y2AaWt8tmX8@7}$tIiKW< zp2G3MUK>wzfsB}F7dr=T6o=7wVyp#9OFmmqG2s}69qyN8Woq%lwpt6P2B?Nxmu=T| zV{aObDjFIN$ExUchz@97HD1;!?9nOD@HJIgd0Suu7LO)h5m9aB75lCSUSCMqbk8{$ zJNB2tc25&G(j?C(xp^PNK3=A4qe?54eD;kZ{9unlu;aVLWnU#lIZm_}?Q6ETOkvkR z-@VjfU2{v3S@pb`OpTNLA`v@sagM^pIZsJ$(LQWXu5C2wpajO1Tc2LIse31{LDt-K z$?GZ`*U#Z)>X-*s-jWMGEtd)lo2J!jKSG|&(P1Qjq-rU&xb#J@AB)?9u*8VSfs^_C zne2!hn8E786ejCmL5*%z&`HtHs}0ukU19umQ#PSowI5^+{LCfLU+3od7@I_F%lhcl zhlYo*aSz3|&R4D*G!j?68gM33du}#RV0;T}pR3#XLcG^PP3ng9dCQ@P#&+*bL9l=n9^K>buUhG80wi9vVKJnX-nNXLvj5tOFR0dZr_b zC8J%QR*ufQ4ByGX@UfuTMa=x?RD)8Vtu7at7lNUrKfWIhc?HneIVFUd%S?HDlDF=$ zC?YuyRKHT~ht+Q?xW+;ZBC!a0aTj>h+qaTtE%=Jif(Z_|3aM}k5^_yyvfm^^<<_8`BfI4cz81b|_F=mc2Q zP|cVsN_2`moNQ{VG8&sRaIqh%PtxKYJ5TWmS3cGpKdvS&KDflAh}(wnUgX-M>n}7< z{Q}7<2x*3On|+1NBb83q_WH%h_o`WlvdtHOa&lvNaL+K-A#Wh^p3K0Pp>F1QVSD(v z%avmP^wa&v)>mHcyeh^C-??CpLli=ZDv*%BY!vgES3azQ=VemlxMG(mC$fyJTtA<% zsnpw;Y|NYA*gWrmmC^`q>20f<%L#Wg9Y3Y7^iyYl^m9bZ`&ftLxJ2jAQC#zy?|0hW zdeQgGhmS_z0I9ILxf`~g%_W`n2t?CDDc*CD1Tno)$Rox)cP9hoLUj1bb&pe5x0GLB z%Nc+VR+w+Zy=@}=*2ou~zNMW32^Z~w{Xk*NZ$T;Op(rfl3mkQYSHL44liVX^gx?lq z3;_9tst2(0q#V#20m_0ONWn}P(B*6tgyzFbHNnXNF^;;hKXby7tZXjp!MxNTB{L(w zY4JvA&hc6bhxR_*mQayVE;5*JK1zDSRZc;Xa#oNZow z=FiID}p8etfaeD(2a!0&9UGUk!(ABjvT` zfkIRLCkLbZ$8S72Sa(|>=-98=^So?I2Lie2B`d{=Y3;%}Ng-E`7hh+1YqgeYFg%sp znx~`So5@?t9Fo+9Z?GTN`+ki)%eDPGbxT}o1Cxw3(WvcpeOd#T=m=ge8`{f2($nB7 ziW72W{g)T8!LV-tV+m&f#w-j`b8hU52AdlxUrQ_zI>7p~tf{h%orh6}i%fZ~8`vc1 zB8c9VKAS2ln=*Rt+&^PvSX#eaW|zC=Rk?Vp$Hv9j*tq|m$}M)+l|!rW)Y{Gwb`a=3ea%KoJfro0?#FU-wbTY{+od zKM>kH`a}GP-=1H@@agXz541OVS8B;D=48>EN3}8^k=5S0VM=F_<9W(q6BA z(_%~6W}WS5l{R9(9gy9r>fHQbAmh{b3kc-U9+Psb?@f6oyh@4Z--Dz%cT1ci^KYK9 zHpDVGDiC#i;_}N0BG5|`DsQI)co#^B4m7$fvvBD_^^&c^*%yRasQ1sTs02Na<3gnP zl<$?9Rdu!Pdri$U6B@R!urnKt6q@v}3;1k9zHB8*@(g%e+1f_YFfe4`k!I@ktlQ&g zDqB7gQL&A`tFmUMM*96%qcdH7ZGw|P*mx#m&krWh#o8Y{*;`a==WEZH+cNCSNvgP| z#+-#cGgX2jKZpWO@dFn>0p98bsL$inn65&tPc)?o*1NTDqL20ZSLW?-EOy5s&mf+*9DA|iRX$|TX{iMM(HPxJMVF8H?7B^Sv%RW zpsjLo*wL__q-x*NqwBhuC;8&)bV1tOhWf_63@8*0v|rA%TYC3ZigYY~m$6=kkC;_D zy%uU7lh-`hIJ0hGaqZf*UuSVjuit?T^Rk-sgKO|KH%~(jvd}09u>qeFGB6ZX`$bvA z*)7O$n)y1Ze>OEbRaqxxIzrWeVoJ%aoVPb|AR62|40Vo-k&ZmqD=dV_A{O;%;<0xO z9`Z3{@{8e#eV*c)ETc#{ZMMHel^h0QX1R;fwxp0YL$fBYCaYDCeF>BT^$&FJ%g*%p zs;uR-?lPQk-fXF4r<(ei$Y?{EblxyTZEpK&3$DCZS#Jn@R5A!d)=D){3s$$C^aFwyIut!OsK z75cEGh3UoQ_w&{} ztVtn;qrkrmM-Y4|fQ%(jPbGy1{KnfblT%O0@&pMQH#?=%t~KbQp5TXxLR$HZ?PV#N zS5frK0^zsOx@K3NCvs6m4RxrAGWqKrsX_ZEd?%YiGt7p_Z@V+x)jaLBS9Pkpw|6RT z0Ub5BV6@}`e#nUXw?Fp3OxC`_!MSO=*O%jn7v|uO}eB4X=JbRcSq(P1nZ%OkTpcW%!ORngU zFp~*)NK87#;3+m)2}YO-1`}O}felW3c3XoL?47PR5gyD>J-+VV8IqqmWmCz*U&2=5 zxcSk&erQs!r|E*_t{t6Y0-e{$&8w1jySv!Ai!#C-SHPubd$BkkgGT^$W@)%Ub_`=7 z_Miigy2F<)-=w5p!0L+0euRusOw3DjdZH;c)RS#NUycx@DWka__IrOOmXi5;4wOPj z!w4J$b4|G2@oQHLCn2vCpS3n{6?pCK&hlAU64kU`M5D=&S?k!5jIYnzbIy@f+1|!x zP31>HflJwU7nJm@+aBZnTeLAH2X?#5>-$3RoKj_u1G?JA^BG(8Lj%wI_G@i)jo1#h zW_Y7Km#a;kFT3_VzTjRvJ|=HDzApJa8b>Ng4ab_h7z&FQmdS4ruha?&2+=;b3?Q|; z300#(i2Lox??_5J_KcH~{UQ1!3CbOEW%3zO0KUgJjhl9oq!#R?_0n47$mlD%twm2C zAEBlUIL}q&OH+87Xr!2^S~6I7!xW^3gYinyl%$9A8`HIGsMyhg%8FOyrC(1A{GwK0 z*mzms+L1MWGkm}cQ>DBK#PIcvq0BDTNRE?kC5I zd*w-e;?xe-jc|gL7G$D zY3JovYaJVggzFw%&wSuxscV>l!jronp49Z~_KD}uStQ$dR!iJp2=m?D`Or_hCcW2_ z*q_1i#(!8gqIc-kz?l4uk3xAPVbnpi=27S<0m+dR>Xv^mIp!kQoI1f{#97@p++)X^ zxDadRft!!5bW(3z%*jJ|dqX24aIQMrW)PDssJ-^yT`UhJ#4I|^Y~t5nI9IAmF!Q`4 z*|ar#;l4edg7CMPB6MfDfd7M9mBcgelBVA0nap@rC2wA#+x5QR@u@TV?D$@1f!d?K z0sG;y_O-cUg*~z_s$~ehedrGg0C}51i@Cs)*Y0>+5JyKv2d@d=$ARhdTo-L4iC1?g zbei0kBX{vAW;X2NvqpUEXrDW!MGJh58KBas;rexgB->_h|Me@(9eaCTmb9O_1M5ix znJ`}@rj7StrmzWK2WaDYn>wQ*FRhkemKz2WRfswMD(V2V!>pZ{n-7u7qz*4gZA~aS zguq`EAbaw9hAKh;0*@4oSf67Pa8|lxY|8O^JA?!ZH`r#X?udCVDBI*_Vs*f}Qthi0 z+L{!U5)MukjBm%vBjD}I$z~Id_R!W?EgM#1@;b&Z?G7INnvrhHD_knwJT_k&_#Zsq z#)lNobJ~Wv3z};7v=Mkrm1;N!9RHh(8%csvXXTa`*Y}TGI84p5;|oI1nfV(Y{Guk; zI;bHF;5I3}4$Aw@(dB9SyFDai2<2#S<~r|N(QliMN}D$fD()G|^D%6Lt3Mf7WGk%_ zP&a=T3o&$bKcxj4aXc0eH}jDI)Owr6Cd5=)o@V6PrzVa*lkot*%KPI1=zSy@cU*8V zu9~O<{Z&y$>jQ6ZWLM>G@e+@I9wVktzeLYv$$|z)`+EbW*L_HpvlF zZnf422DXTf>4WFa&dz6~D@JZA)~i(_a`k>_3PzaaC&vu22zFd!{8xYZr^e3QB}824 z>wRgNU{~YoEIqRS`nzRV%vLaFl|LfnsQ)iwa7X-53#3H6y*sC%yj>pQ=f_Ju0p+b? zxW{363k=R}o4Q%s8sMImcd8Z(HJ8N(x<~qxTfe&gh(Ajdti$tSuw7@A63j6 zPgW4$3LYP`*WmbWMf9%j)1xw{kN=huzHCs$TB*x!xr5A{R=^3iJ7Iy)7WW7b?u#$6 zGq)#*TI*QVe6%_-mGZ{?mC~}ZGWF?N zvY0u(!Q>PhU+f#HqTAML<87e8t}8QB&IJ-jS*QYibZAO#(DkcWLQy&xyAzX4Ji%zy znpUlH?9Be!Dc}nhujB3bqH<>RN(vf; zge?5jTiFOaWa0;@2}pW7Gy2N`JW!csQX=r+0`QO%e?nXfdRSj={T%HN>hVmZ(&1-k+-V14Td!rW68e9Z+6bP@K_EbYDcTXCkFV}J{dx+ zqe&*!nw}pQFfU}zPNaGFzVqE3ii6YERU4RTXd)po&^xjzHAF=@xWzrRl^s=5my0d+ z+4E@Y+HYVM$~4V4IY-5&8cC;PVqcpzj9FTWPD)Br_xzbaV224ALbuO6i!q_qR68Y2 zeWwZqrygmML8?(L#Ida%kOd9L&56)DQyH&8aPkcfF$pt4hB)3TD?-e$D3Ihv9?wm{-rPrwWZX%E0&CGFcWxY{n)c;T3)Ss}(oK!+F2z8O zJ-OSf?t+%D?Pc0t_S!XE-Se%n?RA+3&PBY!-gT|DDZf?h^rITG^f`Qn+U)fqn?ilU z?^RV*iYi0oJJov~pikXcPOd#(ZjR$&*8H_#j&Vg%?}ov)`~J?1MO(Dx)F;<*QIx z)Q{YBE^NQkAxE0q3E{mcWMM;M(nM0&!e$&V`f=yHC>ALn4hEVn@$15F^X3R=kyn?Gx^Sh43p1v#`1j_a&iTRM2Bx? zD0Qu9S8{8N?T`OX(X&+<^Uu$Uk%$wSxI)6E`PR588|kO?`|)hYBHdGFm4Ow z=9YStHYN>mO}s70G40s%=a_rwO{VN!QeCwe>fGNsR`tuLBh$saQTDe8PBbM8r|`Et z-gg?RPOKA}yc;P|4uua8RUNqf9wKs^IlgvsP{{oTOoR8;z^Sjc<)mHi^qjX^>p`&F zNxpSe?-E?&iFWtMb36t{r!$NbTynOZ`d*LoN{Y#qPkZHtjHOdqnmUi##g~TPi5LD1 zg~bRBh%7q(6%#$B&tiO#s6kW%%uQ<|{K*IIxzFVqB&mnuU6ccn32zEm_W6*Dqa#o0$C<>ED_%A;Uiy%rut&2)~q&X!YCU# zVJ*P+#Nhv#q_Gl5L$w<>{FM2cj)v)2Jim;kli)j#*8*4Ki|q*W{5230Dt?&r=cBb~ zlp-t#yUiOm@y~NM z|4=cQ%KACa)rK%)Qy>OC#}BzX*7Rsehy?X0$%i0W6P6)C^)BuQ4o9OH9Q!LOv*!9D zquYt`2z_)q8mwBQ@KW`!$BYI;nc1(FH-nhiE&ziDzm~M?a#G_e=oi z;*YzRX~+<3E?d)~HP;VK0I@;fqJlFYpMUn`tNj_BmWEAFj(Oh?pPy!|40b%34_do< zg1RxsFu!V}uD;NFgEOt)^l3)JojexwB`t3EA;f*~gbBpGo1X>JK#3!R%X~#G(Z;z3}%V060GBPbtFnyKr=;CR_)a>_EP{IQ=ohu>e^by z(8V>c8CFR~F<^14HOU8SRS6{M^LZ}fl43qrg^lnEo(onmH^bi%KRigSZINmk+PHww zI1Ok6e=|ihG@jo)Y@&v}_zo}lq0&KH3P1Hp;Nz{Ou)TQQ=B{d9Ib3bm<}cmO-HJJh zqUXY~sre5<6|kl*;n|Jj3?6*yPM&Vo3l}{WAB$WpFulS>M@+9cxGhMNO1{Wz3nZyI z>>xs?;;M7|ZMzIbmin3F`&b{|yGFK#zoUI}S=6eLuF5HlmKht1Q4UD>PbDjIZo4Lwi4KM`{GUH4&o#WY0n3(2U%?kRI4SX!E7bQOSA4ls9uLYgwyG&tb+ zM5>aGUPf`_M)CMXN{~gBqLEH+lfx_4M+MTb$7X2=+6a))p+$oiI3h%GuKEjjn{gFB zWnC$|y@0HF98^j@f^_Tn{?5?rm+53OdkX$*igH-#k@vmHEdGjF2k>*SFYf^M0u0p=j|Mu$3rH#?p25HI z1LvmZ5(!=nP!tUeAPgrV&)$Fxxj==fzzP?O*{{je3Rbh#oy**FzZ?#gyv z`m4zRb&G2Rp6QmOR{jO{vF>jK8HZ`IxgH^qhxZGf_E#u7lAEJo+``ea-*YL7NPfDv z?)mwZL)KIw3&v8-lyH2CJBOF4m=g}~VH4mtR%pMkJxuI1;bI<6WoZroLV@~ruoR-i zeIcPpzG|-+3LV980PF=?-H;P_1D^a{0=qV;f6-ruVRw-2=()EEJB1pUi1t`fqyiM=Mx{RS(FUw`Bb zw4a`Yp$i2?nw<@l@(8;*pA|%gJntJKisYvEiWx*xitxO;JuNqozpDYB*FT3{4+nYP zeQr*RpHYEFiTirh!us(spCT9kItzT)8FH`h5q3mmQaxZ3B{Jf}M>9&y2SDscdg1j1;oKsI z5Clxez}7pd3ct1V7zoSH{`+u!(puoY?b>$@&t|Tic(3pf8);+frnl))!G~!;C8CXv zM)ITZm|;3iNJ8W>;2#D@_ny>&6K%WY!_4iQ?ZmmEUvuoeTa-ANnI8WG6uz-f` z)fr@SF2R=lFr%h9in{_AxCx`Qh+OMG;FCuSFZAl2v^4Xs$e!%CC1FP2s15JfJs69y z+}iMLS4mn!K{~@HfYh~iR^PrS!CroExAXXjFtT??@F0_tMKURPTnD7>Mb&s78WEX^ zfo)9xdOP0?nW}U()P{mR3>}MD-!C3o-^(FdP2IPq(enp9KXz${6vn?CK$QQ?pH3&@IMejXm&)SopXH6E&^%{TNsbK3=-K+BQoJ+(^kfPqjk#Z%E zvyz`m#<1iGY$|L8ME{@PDRrwlZ(-mwz<}Fd zFz^q=JARVaW8fejQKJet*VhHy@HDt7u6T*B_fvn}3RI<`nSJ7%FLd0Ne}76_!*wwD zMZc28;W1!t%o@Rm_xuyPwu>q!1ZM**(veOVZ5jgv6V9vkmtoUEN$8{?&@fz2_bz41Zw{!O^ z&se9qtXWBi!!4OrIfBRggFamjreA$N$4ilG43hy1YVSK0A8a>(lIJW5w7wSJd}{(~^aS$jOqL zJTfkPXsbt27(qm=IK@KAo(tDR9sIdqZG}NhR8NsXOx4JyAd0Di<>*wz)mP6+H}!lA zbL_eIYAi>+XlNETlj)%Y@~?4UL@4y7lb{P9zRWA6*(L5734)L6NTx3P_nA6T2@dWB zIMaUUO?=>f54~pz5MM^9kbm~~oi17@k~e=xP?l`p~FwQ*d4 zH@fMT#L=h>3gp*8`LTj%S%)K%ZvGyTbmbH@$IpKju#5P8#4OBHI4Ncyu9XF0eeT}r zWW{v)i-_n4OZIhc*xZ{jfNOXq1#3+^l)f>-hWqC?SA%oKmGJPH|DAK?_K|e-CDKy} z_PmBbRGDZ%pmPJT8COk87F>ETr)1!-IVCyNM0Cky%cD%S&%OD74jOd)(#^5mZBw6a z`+Dy+&)uEDP9(K!u+=~&jiDQi0RXCx{%Zj6M*t*+z-FEeF3nbUF#wu89AK`!{H-re z78T1I=#4%G$5O%M6?97R$-|a_Z=M26hgZsfo(Re-@ugDe)!#u}=)O*^L8*w9ur#Un zF^u(s05nDBe*{UO@lW26l|RCk$TVXDcDgOi&o~I?LyFBH0`{JCZPZ<_D&ICm8n5Z^ z=noq4g@&i|&uW%!i736!YQp#K^Zj+|^$u4Mk>^Gl!h6=Y1vbs-=lbHDUlME*f;30>mJU{>#Or44FZXqlk$Jqy$jI zU(DUvm-f~rxIbcw)rb6vd4tNl0&}G^_=)GFkSj6r*PlEx(UbaFa8eGe)DAb@Bnprn zh6!K^vD07Emeom+9adSNTX4bz9M{ks=aBUjRvLe7@h12({LntOVx5 zI&5xDrRDR4)fdn86o|Fn2du^LL_K~?fH}xZo~s`wO!28(dT~vW_;>*MvvB0OiveU? zJbGx6#}GtT;c!*}Sm|IDjEZ~XPs1uqS+LR&;_?wAtB}K~^;cz)0;_P?RY45R%q(~+ z0?2P`g;mfHW^#s+K8naH>>28`e&Zx3)VV9QcuhlOCtZDdSJ+F{I(|6Au9ZF~{?avg z#P4;+-Mh15NgMr#N8jPfx3UY!5FOMFYLwJ;2OL~!uq#S4jUk75^#ZI)r@MvLcf9wF zvbhtJS^O`87CMoZFkA)?7S4PBw##!m|0sRBMD^_g%Nz7K(4*0Q@cEPZ%x1r zKe>^yxquivcAc7uD1x+6P!8lLraB^F*MATIJ2){Ge5yup@f{p#k!{of-*C(ms}z9m z8x%xT$(xcshd^|rlX%9KSnK|cVdL(D_lZds7&0+~xK20Jb??8h=N?cC(@X#Q?Z4Mb zq;I`Ziypo6A%rAjrGnGqPUr2p;iCL}jG@$~0I&>c`8KT=@=s9S_1@GM+s!YTY8gK; z$y83dt9+@*W5fC-zsr2A9Kmq8eR+X|@0v)C4}AjC)bp>D>4?rFbDw~-KtRz7d`C)c%3V-_ z-UGx^^JEk=zDiJqYu2xlbPn>(uJVQE8_(CJJe~nF=o$Um>P|$zQ}WN(&yin=gFA*K z7EJ#lv5+tCJs9Dj8T3)pKmJ_WJqoE#Htp+F30w<^y=;FoOAXT>PHKUwmQ3zFE4!L^ z?QGQ7PiJ|dUrI+C27Ro4lO=C~3H$6M)LdsG^3nCat=FV(DmzkSN*f`yaN`9C;)hMD z@PF<#M0+BD7KBU~xv4*%>iczY=B9E<}71;G<#K@2Nb z?duSZAntwI=leB+pR0Py7aGc{(+?g=c(*C2yjI>GZr`8&tMLAI0nqk1q{#miZ5Oy9 zGd?_z-G1Z{%vU0I0Ojj$&hmMI$; z8osvi@bH)#_t|&aX$)t{NPaX=bQ;-jKn3zYs2~Fgk6~A^NQE{EP&N^Vxw4-iPOa3^6{i92y^t_kTnl%9b(! zIsxqJ1V9}zQLsvJ!vIML>%}Kt4Vj*MAlYwfGe16Dnr|YB`4JPI?I8~H0%^;M5yLVW zs8vp)Ii$q?L6Fs*Lo^&9rOrW7PVSYk*M9pJ-Z$%32Kk!55zPe~{JFMRA_(QhX zcg=;r!YS0=9aH`Gv9S7hEz6rgH5TSre)nSKWGQ2xt*Hpd`3qU{va%myeR8MpwnlyH zxlBss!Q=dTtK5E^XC4c{EM!7;r|9sqpMZgoiWKpg2#VlBL0IM&(GdoaLk*B~%Pgat z9_gdH7SVE@B1kr+8=t~58Jld#a&&k(Cp+(Vp2wN{;OSv)Spz8aolFMh3rXXl`U$5M z4{jexsvHfp_dG_&ZkHm(gl(zL{T$(7LEb(aT zhJr>tmZ<&=RsHvAmYCrm#&Fry>bL+;B=#9e29gZ8=y+cf{$2F=x9S?ecUFF-Mfu%$ z|B!ff@YeH|PtyAioI8GsazB48jTXDD+{`16O8Ax~y_e&)S(40RCX+FXxP`PKm&v7- zJdXHu9#Me#jw$n{3~VJX(g5J6O!X3J49v`W-T|{L5u;9S42M(6&@YMgC6X7;RZC%M z8FN5bm|H(f|8Q73nk&PVI}|bjWgLug&ObrWMhu2QwtY|MKac0g3@2*Q^H)H_IB!4j zGB4gOsT=&)#4&Y#w;8xPBCY7lhsSgYfh&f80awkv8ew}L^Ads^Y|XCbeS?KtjZ|vQ z31Uv^)zyY&QoH#H-u?Rh*T;Q!ZNCBVC3IXI7-Gnx-Q%++vLb&=!#9I2z3#|X_rJAIDUfo^g1Em1xJL@jp->g&& zxdHDq@{_5+_y3ha{1M!cfWQch!`j8CAxs?p7gxe`hxa;Phx;#XY4z4VetBAH@=fBY zzIPx0z`QI1^RNg1uH?%gL2+n0K^DZ%-*xI~+<(x$dh=O_oe9|xhEBTtpm9xt7hAnl zeMo;nP%W5*pbA76Kq=wxT=P|+ARJ9Ze!^gXmxD(K`UGd_G!FKij>hnoe=B74*1CPx zx5nk=o|VJA!ae9LF7c7FXg#?zQf$#ZG-SQ!y)oaHk=2}2f7Yc}-EqG=qr0o?y4_kN zlC+!vZcHU4?lDDkK6G-<=8!<+`Ny!AwR|wefM^QwydzaY8!R^Yj&|YZ&*L@gex!9( z2Il62h1;IX1HFoS>mR$j9FBOd1q7=fgRqk=4|6t|rFagL>Yp%^jk_F~woMTV@cKnm zL&*oo;IPAyi*n2Wukz!Qrx5{Sdo#msmEKBfG4NI^{#Q{WM2+xjI$CFY9f@Vo^#DoT zyVvZ&XdS@RVt&naDkQ}Ho+B%Z<39^YR~E#z49n49-{Nx_Ms1CYWUS{6k+g%e#rm7B z%Ii`dJzk+n16)%L)p!3aHEo8h{0f6`j{;Hefv$9quP!l()b=~_*3T~m+N_=xBWFe% zusN?)ZIa0RGSVn6_$Zi4#CGfw>uoI|9+MhTsx>t>=#HoWtVUcPQaUK*ODB8Pz3cDa z7@+Fky7fEaT9_9NSJhEVG{~LFSr@GyKY3m5z-nB6=y5`ZJNIi@F zeVG3SmZpCA6v!mmFsL-D^4rhsAxvv3Ao0_t7Y4A{9>Ds}{bqgJmahMfE&VRubW&`P z;o}#i?H`>{=n3Y;jp5Du26IQJma3Pd;S)~kG2D7Z4KPi_H>VhykzPFIsku%|OFQ*F z@ND$X+KiH?r>B^T1~NrGI~O=;?Hw!nLn5|LM8#~fvA@5ck8cXQftiLOY$Z445pCli zXwAu2*6UG7_6tu7@baW1JPz*m5xgeAm*{Fljrnhr9-?X-euN&9+H7g?z9Y6~no+jM zdoAiL3=7$`C#$2Zn7$<)0b~(wxq=LmE(7Tfv0UPx$8u1razFK7oV;vxX-N??=ip5j z9VIkXQSYi1_~j2ou1+ocf-71r8uIsNbCdIZc^0j`IXcWoH%dnd&w9w4c&%K?Gg5LY zIgBFiGWr5aW=If(WfAJNqVm5B<|f93Lg;sQD%1Ab`78EJ+#Mxahvhp4WSm~b1xU}>662-F#htV*WYva{^Rh{k>I+%gDL~v3xG^OLkO*c+Us_}iqx3H#K}}zp z%ZCF9*FySgIu!X96&P@5$e1`t&2h=^Mk38HtLH)YNV*;I2K5u>#xc0!!cD%e42R}s zheX;{6bbz8nnGp2b<$SaAKMYSEft$R76(5t=J#ge8U}QkHR{P}$q* z3Y0ou@3F4_()-s+M&r@VMm)%Aiy(HyV0R4dYgqyr?#FJVk1P(Cw^dzZe9_5m$l8%L z|9FmS;1GHN#hX}^YKf+t!{y=f8ellMct9NwQH6ib}42{Nf+6T@gk# zW6_d_=nbVY`JdAG1yVd9v^L;V7T^;M9C2kt(!W4`b5f#4c8c3a%%{+W>-q7#pnhjt zP7Za3t+0*r=PukE=b7_fPe2dE9P8^f2qp))A<~s0<8ULIprhfvivOXbZdD}f&|pl& z45kpdV18J>;}B}V+Uot>6eYV{M^S-!O(G1mkE{N;SpRR5=bP~RlUiyu#^rXSu}acT zEiAXlqH>C%%SVuvr7QTj*5wCqs20!xdU+l&2Gu=z3dtR>y62%$qx&yWGD1U~n z7$2QsuL}7+JVY-n8OszK55sOH(^c3WL&`UZ=a2_>p#N1K*gMvVRFHqtTc7`u-fE|0 zzEX)(+kJts?b%)|k9y5YFGR4lK||KGtD4k>tR%-Lf`Wn}IU15oTXnn3F(02&D|mYD zW^dJw<)zyjAyk1JH*_MtW#3>5gEGGHffKE;>Un*ceIMR4l(_KeV^yyATmnrgxSMX- z_4TGz)zulV-l&sFtaqhoUq?PzfJQyQ6=$TSr;jWv6SlIldI95Db6_fKTpTS1`Kkkg zOz#m5C7*r(DLm2uxTl{Xa>qmb!;0|&#ckQ!h8rtlW2E9bWai8qMyGrWTm8aGv?C zm&@JR-~J?RKupA{9E*A`xf$#AYw~P4OcyNKtDja@*!@b5Yd^JrkEaZX&JV6Q+XL(rj=6Wj*P0$U!COPXt6zN`1sl=bm* z7>xlo3t=;75uGCpzB;8hobeZHF@J2~Ysoc_U99=N8)z7Y ztEZ@U-Oy0!eZaix@z+S6U5Vt`Jee^gMpai+gr zv^A=Z;Sa(TKesIf%MOjJkP`DWJf;Axbrod(n0he_IRr>40PIkT0EYh7M39%M z?9qcIX4Br}`;ND{${wD&@8eyQErwjI&l^bJH6$D!+keeIc4?)Nir=z>9%JQhnCz|7 zA%)?}n=c>tF%-T#h@wmOXvKO0@JHpNSw!yDiTp>dMyp+(jm(@5x&o_6t;2Bzr3+~U zVU~b$LiP#$*M{YGpCwmbD)GF4>;Gfk#O&hXRh?+`YG+H!F+zWoLk2fryoj1t7`Ct7 zh^BX+dJ(0oeEbmia!$F;O~+)sc_l+eFM5MTlu_EJCMu<(prAuhuK_VE00t-`co@t$ zfZS3-Ls!v(O;E&p)e}-n^O_HB5|KOs&j^tiGu`IiB+8JBPbchY~Fj9&NY^Ze&8 z%N2N9%7T|J-DTk%toN;7SYD2)8#BQK55v4<2O$U$NVL#CoR?fs>uE7k;m{5LS!rph zo-d4%N&nk8+DGoM6p)*24}Goe!y){P5Q3v267+>HY`w1{@_jihp^O_ON1*l#u?FP>cWEikRPR#LhjY80)DLdV}yY`12?FWo8k<2$}Q%N$VEtJfkO1iX~dT$B-3jlbz=%U9)~bVfAZT}Wc881eVD~B3t0`Y_uu(Loq8jOVBbV@+yLtiGCDsT25H0d zTt7up@n9n<(0<36j)buXAom`_5BDAh&LWgj1rM`)F5IkUe8}BpB={UtbjcPxE9 z{oS>^<=!|ZW10Hzcqxo$3vljA?G@1}+M0(5oN^iX>0?JK>HTp*&ZoW+PQwg;;SIp< zsWSA9e7`48A3uJaFU^5`m#Kck624xe#e9@OgvEs-LF_UrzhUnHL-SSS;+f6W;sUzy z>%6D;P1zz{jz6Nzj`mZPOWD_DVa+Zqi~(TBJXh4YuB&Ug$D}Xw_IA*Hi1hwm!~pK5 zYb|#`3h{t4U#BxEx`YWadVQv67Gc^|ulD8E#9ISgI)#~jhbI>QN2U($ zeg6L$C5vdb-zwoO*8-A~H!E+22$$d@zNiMByNZYb?)CLOV^11QhMV(2MU*v?LeKnK zd(K|_w2*Cad02w?!_bk%yiDRlyP%L(gTXzz9&ch+syz#1l;5Z)sLojn=ti-@W!Y?(CVvd;C<+JA8&z({eZ`$`|>P8p5yS zYI!8)WsjkinX^s+c|Ztl6o}N`h;X$xMd-`S@5JE-47BZ};j&#-q^K*p97qeejR$bs zpDRAU-AR7=5sE4ouydl1!L@=Fn}!RG9SN>H!8u+_e@yOf8Y;@a<))E@p3(R?Y{FYK zyTH=|I^2jV`S~1Z$3b3~f?HOSPeHK|9${%ogmxSpPQ}O)eY7E_-dbiZ@b0?mH{Y-a z=d)+ry$dz`Kiod5ueIMVqF*)WyN~00@9sspEY({!!&L@58|+tuJM2T(hAX;2wU?S2ONNj2VjKvJU>@H%S_TVpn43=eTqeSmx zXo|OYPb*+Po81~|cxe+-y0-dhVEa0|P|I-Q72G>Lm@>lICK6c<@<_fFB>sJ(0uQ+N zCf5T*0nFu;;B_2hNu(=kR!ElnhdI{=HXmMK}eyI6a?#X7f|hx9a89s<1V;58A6))J_KyxaQu z>3NGqbTXnsODG#+xuG~Jil@-dJD-%Nr=Rvy=v4L8*S2#ll`Fk^NSQ!qp}4e^^uEEM z3)c!X1!w@(sw$@jpk9jG=;h77fB&WcjR)_Ojl+9uLFF9N_*b5SeO}x=eE4umcDB;q z>tyi0SKSWb`;$)5aGws`Vp11C@~G=9a$=N#mBSPXzc^nf3qm zL=@m_2jBD?8OQ?;Xsi-qPqhDcdwO&)^T%FQF7o@6fs!|G$6KFd&1^zd4kE%4eHlEZ zr$xwPs9f`31?^4Y7LRsbQdkk1&cfYs&Gy~Eaj(TknjcY<3O$7|Ss}7evFu7?CvpM} zvk_4KdUP)!w2J|i4;9i%nX@c8U7@f472ambch_I;o@Y&%o|+1VvAvG*6ABTs*4Eau z%Q6R%l_SF?c@FwO&)g^d1?@ks+E67-7`mPDE<3y_l)d4*00bCT=Jn{v``!@=8zi3e$z*(HWs|(?=$>?V z06E!;b0u}Iw^tLnCxcF%AJ-M)a~&nvm#g5wz))LT8xkGOk&%%h{bFbKS|kwn`{(@g~c|4Z|m%UIOfyLHDMu=LU)$Mn)uciXBq&MU*^~HobRe zs%dEZ;r8~0-JKu)MAO_AyEBp1VFp)Rl)ttz#6*=r>4`i~-Y4juW)mL|s+~loZ~OC( zs#Cluv&OeunwrhP-38LzqYRz!KTK>i!^7D7f`(ZY|eB$w}0<#h0CjqiBxL1skT+uL8RUSz0*tJ!HwM}LmeJ%1j6qd!_tpP{7-Z#Pn*JaOV~ zQnlfiuCAcmu&|SI^70|;>#j6ZQ6241iOV#7L_Zg2Fxw+)eTQJW?rBpQqT}|(=ud5C z{qAoEy9F!Ozf$Vx>sm}l9sT!Gp{o*z^>)ko84zn4B39Op3R?;gs~+EtIO5AJxZyjYbivXh*;}{5 zJ$A#j0;`V+@}3#aV<`H~&3;ACd0~i7i5OR4{dxggFQoTA`Y3@OVfxJcrJI_4;)C|` z@$NtCNHz-Tch@m&L{@QhSDYKar?T~z+>8BO_Y8V|$UATOlq>hOlEbxg=P@clnL`EH zRo6$)+-j}LXg@6uS^4^X7 zxVJ)Cr>IWKT3TkD6>-xz_pQ9=jI!W)6}u77b>hn4NHe1RbVqI!@nu$!WZGEtX@VJ$ zbEe%BJI|{E}#w4tj(T6 zs(KBTsZ2*reW|K@?en2ShXQk7zh+boI(p41Ycu>HK|ImWPVK`f+Oq|$b=~NYiq$_> zdJ}gj3GbXD7GzSX&a5YtlamXHi?i{_*gbtyR`z0*g(mqsfj;IDaggA`cy}&mvhpA6 z37s_!RCjgLYOa zh>$|{<2h)jE@4Yv0-~MfYE9S3^Q0MigYI3(4DNOO;pOq-Grn_qM*nb1iS}2Lx1|=y6W3@PJc%dq1NPA-M|bwW!mB2i+FB z&SZEvh3m^kOAX~ffu8w!FmH#-d>iqqmvRxx;za`ih-F(QBbk)E3YeklTj+Q2q zHC2S4lLR{w81Wu;@PyGLZX5+|^x{B=y5m{uPajYMT#L50I@G9C;;8(5B_ckWtcV@{ z-N?WPVORNb%HArf8osF{Q?E~WRVby_yFE;qSZvhn*e3d;>*m$)m6<*Tc-Tn4%vCkP zb0RwT=(c?=s(9+&aFwT_$bw96wXJ}_2uPLi!6_q?*qmra9>V0)NjZPte19`t4xHb{ z&*!{jbxoo5O;eVZ(uJs=qRgBe<(;|jE-5J~pVmJBNCA`G{1(hffyPP`OpDUyM?;A$ znd(e6wUQtYv1gE-W|CJ2#-|;XXjsN*p4;<{^5?(}e$#K6A|BCLln@%wt-n;SakqR92 z?LwbIBxk`s+0P8WWhhc@8i=6v^<8k)zqn82eUlKBiCjX_r==Q@@hWoBoiZu6$biaKi}=;-%B zW_}H$gNa}^$aqiJ;z^&QLutK@M4!WcF$70E(8s;?@jEd=)8?> z4!SqMn}BOYr6j=#-hWw)I6#Z82*0U`^hqIK&`zpiD3W-P3I3@aG3dMW zIi1H&u$sK~h+v9EzXP=2#Db-%kccD2g{?2a!IC+m^qHcY6a+|K7y)2N=VNmc?#qb9 z)ROYE^}IY6_J+X~iX-)E4z{my4CC@bphzC?X=e=%t6ZE(cymC?w= z4eoF_v4_alCSEk|*%A6CsGj)pH4XSK30Td13pK?zPIN5__nAHtSd9}0vk`n4dy+t? zB>H0`1F;1wgyvhK#5l021b#rsiVfGKj2Ouk{UJ`bFnfuI$-KcY(*ZV>Q2W#3O3|o;y+So z`nQ}&EiRIxXGI@ZEx@lm4c4CUkP&$<7x`qT46J=~%vW}Q?XCB!a2F8FC%?@Q4J={2XJ3ELx|+!X{B2JhYquH za?W_w`r`1jc0+q3u{OXVa}M4|NV++2M5WI%mIj5()9~$1;8OiP}>FKcuiZpGKL?bsJ z;x@Kec7WDKJi#aeQr{8?6U9L>0s0r<5F*)Lwf&N7BOvZ>Z#738ipmfkdcq2D` z=FaC)UHlKXo+|tNm8Y0&?n@_4*s4+DAF^Y#C*B^SWEJMTCBIZ?YAcu1%F!<9az`4s zdHf;h`iQE|{2@o!3gnb7Gc2ysw<~xmsNDXRuWNSFOoW_39ao4%{(6Yg=uvj*Qj-;E zv@W;z@rt0$2KAIlmUNocHA6S z<$@X^<;dZF<4gA`_bp=N3fSmyN*oc6OJMN9UPsZN%?)emiyeEf^xX8*)*X*M{Q{l4 zb8_Ub(j}Awa>4Op3g9AJB0{#)NyY>&;4u|Bl7vb!cvm9k;AGxdVnj7YeS?1(zlnzA z)|R47yUSv*!};tq_aDv;OaNVXt8ucAl~icdD+YLR3ppjIYQoOZ3`PQ%RMv_&f8zC~ z?>*>^cs_V#mqRFZkFJ;HFZ5u13t7_~(Yj>GDhCsKU(v7>uos!H(fh$bfbz22d*x$> z6^yiz?IG-19X;pyuHmf?HZ#b9U5g!z7ET6iu?_fnI`Rb57X`###vfUbcWUC*>{69R zmoJn&My)L@8ZAu82e!=mr0ws$CRTLElmfz zf3_4KZjg8x-60hUjbb7n7^JdNCb!a0+7XeE7_!g=LsUg{aRgGjF#j>eu! zA9iF&D#T8nwr%XUUMcY_bN+m^zr^YVx8o%eRQ?e^8VWz5(u_kyqt!?%cCn8+DH71u z?G1*QU*HXr9Y-%Lkitf;He}&vYOWxQzw+Lcb${_b(XewVgfpyQPLvx+qxOi zkRCVZQZlx!-g)DDTI4;Q0ha`Qo|I4Tap*jXgWO8_VwIev#b|8w@ztTmu>DbBHJ9mmm7sK0iQ4YGZ6hNm#*7J}{E1 zDYUaTq{o4*Tkr2p1--n!FDc`9Q<`G0^y%S1TsU@pf>7W>o_zFu3J6%`%8B~qa$^A5 zgJbVMt_Fc`h1+T3MkxRRc)gmdile~SW5L51J%NBn*W8NWBgA{!l7DqC)4wnsb9cF* zzu;caSz$lLz<;L_f%2%9Ybhd!2QJD~Kt&J~RD#e9nzn4$vENVvJd4g=l||)_x5$=$ zWLPOg7MawdbPDt8zKEPTOHfE;p=?xgew1+pFpKEgM7v$Edfx{3XqK=(!F0KO%4Hm{ zjIe8Nf1ix)K3s^R!1CVyKB3QmkXCz(ND7AqYfdqo**klC?W9%Z4_ou03LyzJue7T3 z0UgY+OuRNFhW8U|B%@V!ud^Dw3i4YQzaN{l9t3%1mVDoLzvR5V!SJDk_u+A zs!^=DbK3Wsz8?K|NDPZfh-*YjpU9cPQPC3F3OP60U9Gb4+ld?=V9IEcv(-Oz>7O1D zM{%L!E%?sY?qy{@GekS1&)+%BX+9658gE=H$$hZxru}bEBY;wE;#JJyhO@IFRmN^5@0uS3@ zvFeng$iqwc@5T@leKn$GJd=iO@Fn@k!{%%Zb`0!mSVz;;_Gid_z62BG6YPRw^f1`Ygl#%g2iA6z_AyuKqT|oeg(C1Y#7{0LJ z>HJB%A=G-Jsh*YJpqh;ee;gpkuN>GzdRL00L0T1DkYKg+-@Ru>42pU5Mm_Eu?X!Ib z23L1JAEBnDeQrs1|Ni}@kG-D+IG@S|<9pfRhcUmv%O;nO%I~k@0Ks3Pp^f#BK?@sU zwxO~I5n}J%a<(NeGVeI3yHcg(k3bOF3uzoalH^qvQ+IUZI z4xlzk^J+99Ut$CUx(>RCaL4T=uuc(oGhF)JDTU-8$Ko?0HYbcUDB8}qhRn@S$=<&$ zt6{K;xwKX!bl)KPbP5QsorSmo* zslO*F81_DPnJaI>;<0|^{l2F^t37wE>(}~lJS1KKsZ>Uf=DMZh5Z~a(j9nHu%i8|C z5S-H%w2VXO1AOB1Ke4IlQo$Ef1D${@9c{|qjky0%wb4uP{^ISexCv_9a>?U;tTdB^ z-f$-voImB%R)6@Np|@@J$%(fz!VFsfs0?D)Ymkm2T;|>`jb5W~4kuMCH?dmI|GH$h zk((>VL-PAKReNLSKRE~k6*?0nR&WHk=i4CSWf2BcB@vjri`P?Jj{%kdLmM=w_N|kL zEL+m@_^RCSNFK!vD+X1ELbVi@s|phlW6g0t^$#bT{HF*Qdr*y!;Xff!-m?jU4}{n3 z+Q?W~8xzF}rC%6UvPR|#H`|>(~I!3I* zF6z@Bw)bB~bTO+r5`bOQ-AnWRt2b9Q6jr|{VI3n0BhR)C5?K}*#^RrvD=e;+3spJ%t zmukQ0{4-AS`~!)x&!gbMb}(%c2(EBX5jY|;++`q$V~e`x;~TOMbYU<4pryh~jTinM zobVBi@3!IIyIapFHru)H7TDN+-oD#CWEnZ^=^*z-{ovBHu%?`?Stf0yZ0mpWR0VlT zW9t858Ehn~CV>DdAo?`AzV(S)8^Xd0(pCrP|0xLO3E}$S*-|9F{2z!=?%4j@-Wjto>-QjfQHH&#~B% zyshumbb|h0D;`AH=!v_0{2}_`?|A%89yxcdM6N_VmJU0P=XZ5;_LT?G7I0h3gcRrY zzNSn*Da~7D^&C&6p39Y>GVi6IhY(=ZLqm+D{ztcWVFB_*a$n=kXN&ib&xdJ z(C2jIsQ{2^F4&M~xGfb97{TJsQ2|3`@1TRsr{dO{^cvf__;jo7icDam8I@VfyDOSX zG~Xmr{i_g{k_m(YF<25m%%slqUB{B?OrZSMD%N&vkFC5`T2{3DX$xT?APY>O{n3k!>4 z;G8_&GI6(%MVxg+_Nd}?oX@6F^YG3*u~WPwhmqO-BC)4YeY68(!xEJ?S%UoBI$k?p zQlIvH?-D-0;Nc(_bHy#tdUs~+T%@1h`qPFVxGS#kXXOczW2K1*y5DgY{-xzzzEM=Ao`7bA1vU*t>*+` z_qRmvQEKs^V&`ge#T-B+|4pXV=ymT+Z(8*$z_g`}*7^GjnTxS%Dw$9TU8gPjz zZ)dYh#V7U*nwXLtiT7QUVMYr+fiGTs5*>Wo*AO79E00bcPgRhUj7V|3R8~rq(=F7r zV-jA^v|RXQtj%EN&F#EQ!?klf)x$+2)gEh?NLbjU#Lu1H^FU}DRCikb#>TeQv{dyl zK^Agt45Hw1(Dg|z7()fVSTNNa_~B^P#x?KwMk2?3*R_nY$#ar8ECo^;g7ch4qW=t% zj>mH|<1o1^dgPkZo3mmM+q6l@NX1^MMBoHE@)RqR_HKN(_>jy*g3Xsnp~$9Z4{r>7 zx`FN`9<-T#HSFaPT;5J|TN>|*umYIoax)PF9VAugst+_xn*DQ9r_#RMMpu+Gq~-Ey z0+Czy^&~{xzrRwkvsSme_k6`-VVXaNN}$+<_WE{DY3Va7Z2f+wwMwFrIAA{46Ajg$ z7@c0^9RlQ-ZOPBj(ehVSJ43EOF~0`+jG0o4^YveKxH)xX*-;nZgw;h54%h?1x(K~) z3>cDui%l8lR~Fx4%_ptL>w5I+mn^kM`abx;Yq#*hIwt$ng4=*C1MU(l`m^&o7;warm#zSpH5?2j5 z8>+X?{RD`#G2f>ZMRniYrFvFGjVCDEpgwAMYMeVHBE)oH{pddaJ3*?F=wKej2pN$- zlgXYc!#!1`>8V5r_CpW<-8{m<-5%trB8_us$RGMFu*uV`&tVh>Z4G*?oAzWx03jm| z$uSV(^um*9^(@cnm5Gy1dHG7iVieRkubzMs-+r`obuBI|I9OHu;K|@G$!9l)R>KGC zWsD|B&Q?1pNK~sR7?_{qV8(kLqfG1-dczPvgsCs6XN;OKQXBK?oEG+{INvtp?*4jE z99P+El;!X_3-xfyT0zP1ex5mc^&Ceec!Eo-9fkue(UwiA9ko7t{%28!U|N0NUmJ=R zCa1>!i_iL)wU-*Q8*LxzlZL$<-nVi#@w=e@<2VHXYG>CsF$w@^4F^c2mGaz(4%zO( zUy8_eunZ%|5RbYsdC)xNoeP#Y%AaVykyaIF0Kb^+$G#}38kW=N+8A;aK6iL} zUwU|BX={S7g{uF%@cC&a`_kAeK_Xt|?r%)f(zJ!>58}UQ#2j{c)qFUvSe-p)wDJ7j z=6!tnQGZ|FY78H6S0cUbbtjrDD%fuIWFRvAhC6o)Bu(S)x~2jfx(27pqe#Q}4Pl*e ztr&>UQbMuk425*G54)4*ih|opou%N!9qcjG?(kvrx9{J`JW*i_GB)Tx+FxZ`wR)e@ z=npDW6=S6h3{54Y7TzTog=1Izg*HlW^6CjzaE#jO^QkB3^LK>hpQ*co`ujq&v4?g| zVz8pb#^0mXe>d&d6yi;Lzr(6`W*?J<#70lkX=viJ6`w=km1tOM#u}$=X!RIfzgFmG_HY01h{O`;o!29;_aT9_E<2ec5_v2fNf^39*+at#b2bt_wbsu>= zDAzSpZi)D2Sd|ZD0^6o@_wnk>&`C2JUb-6J%NWLC(x|8qkyu@1*}QzYrV>>>=psMh z>j?=GL*}I(?;XfRj#oMggaUK?+`s}zE!XUNuK*tePrt>0ee?aFtJ!rkU}fPj}+CDD!X`D!jk^s|?v z**~b!O1ZwMQ5^Tq>Y~4T;t73;+{Uce)X2CCZXKQS&^n`=@(8XU#C`(EXb>lMt@H*U z@RE!CB&Z3}!SZh$X%}o2R^~L94<9$F8+$9I^FB$tge#UiGXTmNw<*`xZGz%*(uE~P z-bwsYkeo`HEug}E`3EGnM+z(}vZ*+IxUsXn{H~s3c(?w7h>n*Yj0lg9-)k|gY4up# zJ4387Mxl>(e61l@^Biuwh8pFYl*xvx!d^2f1T$RcJ>L#W%HXa!F>gt&{gih>Kv z$blxXGBX-I_Zg7Q7Sfn;u2}qfM@MaXi#FwfBjY(2lEJEP9Mv1Yd@26SH$=+z&t4l{ zI~g|L%={VeL>M86h%b%wo$od)fc(Ll%X?#x$wWO`^o8Mj)=Yvy|4;nm8O6(6&9(5< z9jt=9Q`(2j7&(k{j4FNI#sZaAQ?ub&e@q{GIYzhgG=FZlwo$|(?JR4dJAVN|sAU?* z4b)KJZa6!DIu7W~LBWp`dOmVaPX0?^<|)?y3_5`xej|=Lv_9WN8;lP~K4@3e>=WXS zfI<)vCIc#A%B*$6e+}U9y{ZptSHB}v)~{qujL+@in<%>+3_J}xlxKA7WmJe2S&g3@fA-5@H72T2`_1#|3sedil$`x^x&+b9wi)-$_ee4=cbUJ@R^>%*qxZjv+_R#ZGhye=K; zNqaXmZ*Bgq+4(9#Hb|&J|KdovY`g;6_>k(o&KQW{yh&jNNIs);y ze7c9EvHFTuk&_nBio-%GvYP!mBW2lvCyP@!Po~2Ie;ZY*3tTkxuTl}D1V6?VrDg%?j+dUGvm+4Bg47=TlZcPl%mDKP< zkUJRq6_D8XV0QL5ZjQro zx$5p(0KbI*OT(1dPtss4zUMp32npB;CB(Hj*;^KzYXEtT@B07PY5H8!cF%;Ss+=My~F-%y%wm=(pOe z>Zq*xa6|I?m#4U!lfhXve3v_N6bPIa!CuOP<*ppTIFdPgz&`l$bZ8 zQ}U#GD{5ben8Sonz~+$Q9TwP`wdR~`j2JJZ_@|Tl+*mJSt+baTkcuz^Xr*C&q*8Pe zuz7?f<9WiW3yUw^Z_3HIB(4ffAFR%N$AwhliBCNzA^E-3H~diXXZ03#bA6rT{Pz&0 zpSalBDaR1vPxQLY46+}G8QZj3?P_%Q!tuB=Gp?y0hYlUjRDbUX9VuD+8%>7JJ$E_9Uyj%@( z|L|V@f~^qkE`9QJ+hD84L#sJ4or}!F#iUxhS5s)5(?>rwL^l5Hf1G1LirLF5A`h%& z7<`$Jej@r={5{jZ;RaxAd-BkNJSq*nr&5;IpQ#n58U5qWu|fo^*S|`)0rniZ4?;b6 z^J2?$9dL)2PVgbUD}VlwHShjiXvj`%^rJRAJ>JOqO)KUi<#h(5N_4u4qO$y}#JM4s zCQKa(drDG~#OYR?nT&8Fs7u5>Tk?fr2C2KTRiU=D6?$6Fm(R{EXZETlhj6TD;7o15 zES1|ETbBjw!9IVw1MKCRMz`e>(xr(q2_&7}n!{#PXghbN9(C1A7iqa{KK8Gdbt_?&6ft-%t40YC>;0yxx3qe>x}o`CR}UKlJNG@ISDw2`IcY!`tWw zv`8M_`%%~&BgRB)dh9u=aG>{Kg-wZ#p5S2|@pjts(5L-g0K~Ge;Sgx-?+y^t5D*GL ze9bggBbMVtXxi{&zLG#;rIy$tX{15Tn<23kb6y+!8(D-?b{LglfE_HkS4-Q!GHj$j z^8GTrcH|wdazuPHsq)>;OxsdN|dPRstb&hL~S;~+OBprfXH zo|Q<)jhms~V!sBdnlP--)-rkO(`BZ;OnJlr65NFe=j3ozb~X0RnHT28dq+W@?X#J% z1pG=+i!e_#$IYDR({n1w01^K0FSCKOX!sQk&{>QPLX-)~U6E9z)ANDaAt|f}=1R5! zQpRni|LRNO$fq{O&TCs_Wa=-46~m}tqM{?XAcwcKagLo$N)qTu2*w8~_9US#4~Nxq z{SQ4$*q^DB=Fc)sm_@qT_*aG}pU{#?Z3+#lEI$ek{+t&>^)`)gjQ94?S-JGM83%-~ z+-jk3r={%z?C93));Zq73S}Dv0dbxFHBT!rUGrjIVrq^)qzdD1SZTN;Dj-JVcr@jP zNP(k5w0?CL5C4$@skV)8FL{UPT|mQM&+vZ#)&3|Bg!0Md4Q+j=}KpNkJX&%ZD;WN=l({mPp3U+B*(&a@_$r zN_2ak1k^l&7~xkF6F%4mR(kzDy0JO15z$(^*PIDq@D^xyo_xf8Xu!4u2)!L~zn3-x zcxa|mqaK83_ZX8YIZTOB;+DfOhsnK6xf%eB%|(NMIQrxzMOZ1=k=%`VT_Y*AN@si9MFpm* zM1h7q+hdWVqlJPFF}wZK2d@FHb0&VOYxdklzH{}s!% z?%PHlk)t2u9`wI=%2#ZOF4w{6o*_zEonpl|hCu*@bLTg#dhNJT!SvAPMh5UjgD>Bv z6v{mJC(4XCw>$AYARUrhEZN(du=wxWOYQ8DQl7G&fYKj&DMTMqr9iHtffa3%K3M(J z!fu{R8{}P2pZTyS?&n!K1(Gv%nKu=V$(C;lvdV=}o?z4e`gmGe#MNPGLT!}ys9?(U zG~KJx)kH5NMTj|c$9Fg0NF{!U#)5XSIUvF~ek`#HFR*n#?#>CDC8$Q$P%<3cFPT!^izTv3rEwyS%_;3_LYo z@ts=wQ~!9NPMTp~lvq;`<;V_VU9A)&53P{CGcAZ|NT=EID-fkvm}11wr`W>{7seg# zg;GHRpMkLs zsTc~q>$FfLpQ5m=^#zKw|9y(0?juh_OZiiv@uy}+0R(LpP&e)NJ&sAEBm5lW@X(1CiKHn>eRSFuIJ4lx-kAB|-#}nb_++PoC0C zK;zBe?kl@rO5~Wg?sgKi)O7q3*vmanoO|AjP;)GWo)#{bjZ~@RN*apz`vjtFVMeX? zM9D2j=x5TQ;End>yMuqYhI}y(`;9&!a&san|6}6((E0u;juSb(v;IUUdh)X4E9<|J z@_h*z{~_vPZ^4pfMsxuN-CWoG$xJL8atA{?c)MxLcU=1pHMPi-jb2dRGkov8+{w-4 zN2YO)38y^04ypgUH?{tGN($yp;R9@tV+_1C?#g2r%yLMe{RiEz1+BWL+G?|3!e@&~ zgiIMG88_dXZ}EUU*RJ^Bhfo=O&}FF8nG2189_pv2mrF7~^Wdf)5j##Q1fc(*{a8Mu zk54S*m*pIKb<=*Jb8$#t5z|THQe(;V&*&Ql%iG7lN^F@=D-~|&WEAXbk8djtj@FXI z=T2V`F^kL)4*lZ$INJd1+=OyQSwGkG@M9pMo7xn^(|X%OiTIb^ z#Ju$7yCB4aFFPb**M+$%^BpTsnx=_6gnx#KfM>w;DL2jVFI2rb<*-t3z?@`QQLdDT zeY)3Pszi8gm{#?NSoQl>U;yfk`~361B**=wKSQ_csoL{PP=w=0@GvJ`wKSBfg74RN z%8fLp#3omD|6Xra>o2d+NLzeLgwH3`37N7%W=h89Tg@DQKvEG{uyDqp0a1CMBb z{h>fz&5z)}N=Ix5Evu`Wf&Il9@)eVxrB|QSN=j0{pq#`xSXYCj@~T@ye`lZNE3OC` ztO)i?)}nHUDTZ_n|3@nem2?-%ZalIF_mMib#TL)B6z;FqN0++3)3RO>-(1KSI~&kX z`*DfgBHgJl|2n|i(7+_UQPSp!hmR~Ee%zjGyVPI1e6SKU(=80!hs_tJc-;d zbK~BaCrRPG927r4cjtGfsiGYN*r7-v9<52WUwWb<20EJsI+F#Yd14J1KF}Ll)o>lf z2X9cZIv%Xo)30RINDsLR#9kPqg<&Co?+|5$y>CB&&ZE%x_i`R&Q;`m)MSW zbO!?#&9wd<^5q%_N8>ZIn8P`*lLDh(5#St-7{ek!D5;(lfESVGLOgK}Hw3t%LY|%w zIAH-KPUVx_XPdX^1h_l7B>iw@bExyVCmIG%f6J~P^!~kM26RUhjm%rxkBaePA8RbM z$)UCFgY?LHxZV;ltIW4o3Nh@O9ZpKKgm{_@`-U(XQLguC3?0j2e)PAqqLzK8qtwAku`jzCJPC01TNV6f| zCn0`usdz2tRCtd8aM@sexRlKvIdhf=92E|K_#8)Ao!YmBP}9$o0v??;>*zEiQY<+i z&Gm`;{|BY`CB+1g=yb;Jn*7t3p}-S3jMNqXHHR>n@=4^l{v}ltU!-0czWh9B`Op*T zvD&U4hm;bz=PML`)kGnol&qZMIt5?US+0od@Tr9YWoERsxmbBG;^hC5-AiRH1O_a9 zeWo_b8E0Z-p}jNjB2z2U^V<>Nck}T?ol)1bgh@{hD3ShYJgAB@+smBfvvjWvtGwm? zWu)(}jVipgaemE8kk8mksd?xI!v&1`snYS#!oDEuzVNnJb2Ae%g2!+d7()vD7Mi5M#yRLm zAL~2ZapS=pG!#E~Q=hF3It248TUi?Y-dSq4LQaYzX6YL>jg1!CN~8|>lqJqVUm2;@ zoeZ;Wrpm_!ttjp!p^WXhD>9}JY!pG?ZXYS=`k3%DaWyd*EIhBnWx8%Jy}K+ZzHD_K z-Gw3xy(Wu;0wqU)=8t^Y(c1`s$h5EbQ$(BRl-rxFopt)yY+a#Xl7oAky`V9RKeT*c z_`_EmAZMf)nSR_gK1D{lLKe}8x49@ZL$7GWX4tnQm;eyud*qf`oGD@!3A-l)Zgrtn zHjb?5{M0JRJ-TqM{U6E0MP+o=?-TYYl=rFtx=qJw6n376z6o;HvymHm{~JNk3~OuH zIrGNevJhaq`1fh5am^c=6H)_t=2M*!vB1} z)cK?#p10)Q_tq~Wtu!8>E(O4%7W$iM0xjCN&pzaFOqD@f6JbqKF1rVPJw4)Su zE%Vc_7s_PE`V%=1QnVVELQmKCpRG97ASo0owc~0!eOy;c!x_Vq0u_KjV(X0v`KwT>*$F4{x>=j&B4uCz)^{QCqxOEW=|8o8=ujw5FyBwLnxuhX;s;uB zh-9P)3#bu_@orZG6$F(iXXk{i>ShDo1?}Cn45eak?Xfp;w+FN)yb;g}O8=pZSoSJG z4An1~Gs4;S#hW8PHglIWpBFv&)94$$p%xZPacldu+=FQ)^#w0ykq`x&t1h)aqnEk| z9+q^p_z_>`wx4nf-P&4aoJ>F#29Xide1#r_Rl zgviRT5O&UqgdRD)NE#(*ia2;ym>K|li1}?!qVwmoyYC`)cz__D@WPC)>2UrLsJFxm zz{8HN{l$0l!`gU=uWa%1481amocSm*+Ma-joF{c02_kXVFD1P&h< z5o_!0-ng~}eLn9!Dmg$5SF{9|H$N}Wuv}ssDiMh$hM&RrZ$VQiS6npj@L-AJKHP?O zQ_Vg=krI{p+Rn%@H^u$?$m?)OL|@lV%E_p;(Cxf(kp=n-mVncj=rx+!%lSsaz@s2L zf_g*@)FX25hOI<#L-7u7y6A93^*{^zkhxZ%lXyvT_jY-h|Q@KwmuktH5tce zMrmW4H+l7!FHvmFy?&l7QI^s5n#RBr$Z|EcS1Ib+b-q4xsBz)>=D#wWfe$D5>PV|+ zqHwcH2QW{Fva%2`I807_6S_Uc*#C+c zhb|>oZ7`W9p)Fq&k&7fa0+0T@i!r1ZW6w0kW)gJ;mF9`whZs)cG$A$e64^HXx<@Zc z6+8AT_DeBGj~=^OHaiAgdLQlw!=XQoN%>%>f;4%r&Pzb2L6BRVJ+Gpiyugr#3e==X ze&7FbyZ#}uA`)?JkKz<4m*lJJ?qd@nQBk(PFSVWxEGE~gMuqZp+|yoQZ)3)0uIx}`StNXdkFU+L8X8lF%Xr^0`b^Edb^cc)FZYe&4 zdm5mV^NbRybVI$Vv+9eA0?(B8AC$C+Ci@&GoK1&g_OxftuZsdGVZvs*SNbWn5rMCjrxQ1j!gp()x-pymqN)ZLsw zlIBDd_R);xpGv8ZRDa@jaBg>fZB$u_{&R(g>?I~1W#<5Jg#TJ}Q%S_8=S-nB?VRQEkkiPVPQi0}=&xVn985zNHALfU zq!0nOVf@HITD=o`S&&k3hqGN6c%3!gz*Bo3&Zienwo_D`5JDOcG7*_(OXh(AIlul6ZsbHRV6n|J9*>NT`C60Z`OnQ%ldxRgy^oJ+yD zql#Sy?k@az$9GYH>Bd9qrL>Nm$M`xdfec}~37xUI8sRw(bbMpmeorZ}AA9HEXA=Q# z3$j%J0FuyXY$m6iY$@sL7Pp_}|33(i5sH2O3WhnMoGR3EKMjt2qoIS+{eSSMm zFpq!v@|igR%BqvYgIpXKsduR+`uMm^zL*d8<`L%+0gYj)5MTu%u8N%pdpph+&Kk{} zH);P~qgSv6Kg1C%@~HlD^KZ`5v1QWYOE2zxANSrI)a7Vy%dFM#|MySpW%yZh{mxc|TNJm-AQ8+~E!YtNopvu4dq zHV}Y-QA>U(7qijPV=b~@kRIZKXk8HEHyVz9A1HDZ0TX>m}koibI6y09hsp8DHZ;jl%OffS^$X z5H3}fIzzWjUMzritP?a&0R|+60sx_vgHjAK1PI}Rh%1S=hN}DfaMylXy*yR|2r7GD znYJ`LonP|D^pDj?CjJc}KoFVv@2d5HoQ}LT=vl;5(2qt%wH~Z@-FHU$-vp-U1d7Lv z5&sR1K&PzNGerRM1%qq(0yqa~KT5joQ{a=Rre^-15+|G;-DSQG_joe4O zt`xjSYT&S&ws%%-0SA_VS0H%X^EBh>W_T~7x+W!xJADpBd{G;RZy3KAC~p9voj8C# zgkn_ffFy4Q%rv`Tcf$(^`atn*2t{_NsKq^GSOso{F`s}PVy?xJ8QG23E62a&E zdB^5cs+HAY`&P?G1O-7`Ls8f}z%1xWTKG3?J0vZkmbF;}N0cpw19t^71Ypo8Kd&xX zG3VVXB0C|6j{nm^nG|lx4IhgIj-J}zJ`3HT0*dry8M`w=fZGB53Qi)o>}2mGB`8qu z6oj*ge0WoNV1WU+2ypsiZ*dn8A@Rh*Myugidi?fSC*}W4io_jvirPk!%_N=zpM`cY4DsB5W;83x` zq~D=`gp(K?#OGB$5`rpePv59^C9>pTy@(I8V7~`wRWX{Syq*;VT4l7aT4gjr8(#v> zH{aWs=z_Y0R|@3adUI7Nh&SlNMUma;R>q2g04Q2GYJL#oq3Y)e<2o%nJV<5*+#1s_ zP;YV#?%a{1K9>?m{F*sFnOB zL;Wp=)<+m<9|rR>#yHlSqFnaQ*q?WZ9Cn;2-gZ}yPy&lP&58u=UX^q}fiQloYn=x` z3(SUJa4UjWSM57Ko4v#U>&ZY6XvorMeG!~Lib$yP96V3Zw_Sw#Hiv2j~~J ztNzp(5fC9_#c94Xz610N#RtYv+p8xeD`aa8YU~EKpk_!HSRfy>9&kG8im2 zg+UlmY)0{`x|_oJkFGy6NTu(9nVELrUiIy7V8>s4a(%1>2XBfEn&DZe5NuP6+7;Vw zT0BfOu(q#m09*%w5p*5#?!eCe>qY^u_Dk(nOImLsDEAC{AKtWPWqbdG-4x+@pMY~L z1>H}$`f6L8*5Ds=F9I$46;<;U0WksASe6~TzEOK3#b zH>7={5;*t(tlWYN(kF*d$pqvtlcpQ5z*K4wi(?)}VVS$aG)wMSX921J8?>AngO<}d zY&iO%ya6AVGDoG`K-54Te-Wq7OeamRE7J_RIa@pG))c)KZku$r+#w7ZsPh9TlZ(L= zk)kh=BC53DSlE;SJ)M}+L=I^tAH%;6#TVW`O)@iYiGYELG-XQZ?}OvWKZ#k6TIs&v zNF<(l01${mk`D|mS5EWH%i-89=l7mCR$^_ceolLO+xSa=^r;2BHodkGqs1?_jQYg! zLA6Iu&XkY;YD8gu47Ga02XN3z4MQN?TQLBdp=OyV)c~|7XEEIqX`ih?f4{LrOVU!i(T!Zsv^A=9m*<}>xpyqlxpVX2U?lGUb&djM zt|*ZA_$)a{UQx>64Z0!&1g3GU2ZUXkKS7GVYK$|A2cF{=7$EodDKu{blo*NzScOWo zj0ClQ7;BX9f;n&r5kJL11pBY_q4|?HjqlIWQkw7OgY&W|`!l@utnZ#dXx{2GLDzxU&y zUZE`TbHPPNc8*)feq1&6fglS5kk-^rc5LyeL0Mw^|jUjDT2g2W45>@;yJ$rmvBrA5a6eB2QZ=b2*bFE`Q8VI_~|=- z_>ch2)BTuz|K-9&CQXX}zM-B{xDvd24rKl1GS611%?c2p0@jc8hYdpicAmf(0AjnIx#hiy02-|JhX|Phu!&UO^usgpfsrho0Bc`O zbeM5-JBiORl#Q?UP*dx}d?+d}|D&O?nFIBa%vJWJNY22*PW?wyy05RF{3S78a7YL_ zH1Zc^Kw;^To_xo2-zbga6AjG$Om>&;6&9KlEphPvWI#SCP9+J6j#OXF=$tQFviH{! zfhHo*1Up=Us|`(mVdUcJFWkmKf~x^Q;RFoP0mDSwa~lR6q(II@de$u#Uqd~rPp5vZ0cnlIG*qa8=yv2K-EFnhO$@-i zzt_^FkI>LcFa;&P9wMmN;Ka>xZfh3gAzdI}7`DkO)-k>Z@_Bt==|A`NZ4hFxq>1(j z2nfP{{US!Tu@-Ssjd}WXi=QiXw+@2oZej3rbac@CYzva$*jUq7bi&uuvBmJP(wK{^ z4%(*b75p>?w?TitQkiU%Aecx2WnFX-j=n@@Q@T8sa-78s@bg*YdjBE}bj2d)Y$%d5 zp%nZDunY+}Invr$S@2D3N#R`pEs4QpS&)BC<^pc{?Mx!5a)Tbbm%}&BF)IIbK_UVE zZqVqW0n)Fl+=aImBC$XdL4uVez)#R%yiRy9gJ-^8X7EQ>`Tve;0$n=s@rBbdIA}d0 zkiXW^5dil~{_LUXdl>B4-k$x7Fzppqpg<`sE)ua-2v57br=zDQYG{~&01pSIGUirl zxhp@AKoOS&Q;<-9-Pzah)Qo}J_Uw3TmruIydZy6*Jttjw@3IS20iYTiI{Nl?ieD!$ zlAYSjWv(ry=6l)2x@HZ%2t>WFaJm)(qd{+VczNZ~O5$74d!D^}6;(>sJO5_DZjdTo z!B=HVu+#5luM=+gYG)YIM=}ePOqe&U&EFe^F}{|TmZ@WlEA`({&!o(x+N7G}`Ki4f zdWzJ~1>3GdGwj96xA=H_IC@UtJiOZO42^jWK4?8$=Q1vPE$Mj z<-wpN#DDWt*K8VZE+X3#w6$YhD*%OJ!2JF$rT$QomFqkvDml@y>@-c6AUULF zs@vF-$~*NJLjL$cSaiz5e0=Wn3kxE^$^6LWJ z4X%GfSqb;glJVw4)^*3C!(%^1S+W1ZlY1 znfc;2j9BbirJ(L|N-9*|`tP++gh9g_ILgN=N+W6t86@#mUw#ULajb6Dy(PuP@?gut zw{H)?Nk8Z8&HgrjB zh?VGQ2m!6Emd^bZ`;_xh0R|9i;uEg7Zl z*2S?e*pHWqQ>_ic9mrL0vqg8b8BPJslwf!8rrW`mkaAAASDW_kq3Bow6qK-c?u&~* z9t$E>X6An}&FaQ7JT#IH2+R$DXudV-d#3S+c@6M2|mk4#0UVJhnlG^Hf0Cxq-) z!qhZ0B8oH7qlt;o2~OZo1gF79j<24G$H&LBR(0^q@WEI~JOQdcyzKA|uFKa$N@iT) z=o?)xh6_y*%xI^{j7nU7%h_!!IVTyN&ShoBM4=)@+_5mOr3n2CnJWci9d0u^Wt1xH z>5W{~y$6L>bvM28(89UTqgUT5yw8;U7b_g(6#(s%`vBZ$7E^aA&{7+M`}~cSTpf=b zA*vWpN!i27zI2KA>R}Uxsyp_yDyhcCb6Xv^b(NC9*2OUPJ}f_&X0n^;d(>m0L5W!p z2Q7F}8ULq9xEMRSiSx&(9Wke{d#C21>; zB5(YIS;fXMTngVl!-{A5$SQM|9RZ$>7awnFSr@9@^QyWtG(%7F!~Z-w9Q$qfL8~hI4ptn?iHL7q_F7NaNSolO4E#D@98q^l4K?EXnMU|Hjs+9=WmP6~!O0pgdOdVZak$Ix?#mM5h!&PLe zbMDW3MDBZtBTLcM1XsQ0E?8T$f*QeCNA_=fZF!JUFOLn1m!OVy&7W@Ab3Chpik{C-%qsu4X&|sQ*cPz3R<7J^L#gPDP4OnV|6c+X5Eio~S_`_*0 zGL2`&dc!T7Fb1zl-~a6AukdxrxG1mggpbnif{Ebk3ZLX7ODV}=EayB*O- zqHaQo@t>z#hG*E~>wALxLm9vG4d=qg8t1$YgJTKClN8Vth*72CW=Gs4Y3m`%JQxYJ z`5P+bj?sS;!6Gmei%q>~l`GU}oNO*%Fs5Oj#&ot`Eg%N}swNUJ)n~gcRKWE(gX2!d z-F28TaZf@VwzUb^)0rcWQiiEeAEIj+5qInGdxBfzWcme#Qc7aCELKn6?) zIIwP+q5JSYh_e*5J*>?5uPp^KGBcC2vc$`+mOZZ0Szb59Vw3R{@|1TuXJ<}y27LV~ z5=EYfT9V4Vyf`y&yL(WDNooZ(en6}c2nso7d*lXuY{TSNzH)29+JgC>zx90r0uLTMC`>|p{rYuqSlHV-c(mh%1=72m zrw@Ug$roW{sl6P+Hg(TuysmC*aZG36063UYXlE3-Eo{Uy)Jyx`&fnbUtMyX4$CPnK zof-^BPnXB{5lYJ6R3O<2y0Hy0$?yq5?@0*JTRXAL2ZKP(<<%`e&y8j0T93Wcb$?$3 z%V4dD?9P&2kwp+nsMF~>@AM>ljsi@El4i3IoSAX%ktjzMv zqWO!;_g?6d;jpFgaH(mi1x$=-sHubXI-^8PO|y0M^+R&O{!loL^M_AB9A`PnXM~)y z`GX_fM0ydFx-xE@qACy)4o==fgB@q&;A$FN)%QOoYJ49u4cA?@`6%J4FKxR#T-D%b z+Cu>!iw5)G?~v_5gTUfD@aCE(8hrd;@ZsLJFc6_+jU6Rd78z!;co3(?(vpgCoZ7vz zx+;7?PZQdKck`zIfn{*aivsCe51v7W_-bHqu=Q`f7qGK3dwVikq)m3Md0<{(-oUS4 z36-k;_^(OmlnVpF%VBS~@NF6O1PC&YtQ2d`T)z4=hq10ye-Rc}%V?k}9!S z3Ron!iXj9;Drsj@kGk9aB@aznh2nfp64e(UFHzrhD6}m{DfDvFNAT9>V#2h7)Z^x| z;0hz6*?N0*g|)BVJNP=|Kmy0|>KXqI z;$#A%AT!dDH1LYtF@=|_J5ylc=1QT4a82L)NEVX}*ZXg}0c600<7sLnqchh{@A-HK z(fjg@BfY`(;wMMdVtU74nw(0KZtg>Dd$1`y$w+}k>csV6lE|HCj^}W&vj6iT_k}7} z_Oa}0kJ34N`^*%jW9p|p1UN5ny#yY`zanKn!0@6{0nffw1^~`1G8rIt;8Ra;Z#klN z?6*ccUOTJ7`cIcOAIqs)Q~x3f{@Y*ny|YLhW03+_j;)m1%Hd05`tyCWovxZ6Iun1= z54lqYx0lp-+Do&8>b+W$v84h#$Bsb4zErV_qy;KXT3`$FG};GiLb@B3_B%6oYku&3zDHi; zhK}SZT$^L@QUv8qp)gK{33$fEy<_Sxw>2z3%+2cHu_fBf)WodjG>ldEZz z{qJ?mRi1ELg<(p%XT2pM4_EvD7^x-kAdOJ-;v3QA{0>V+zdJgH_C!H4X0c;F%`37a z!al%wB-gz`vnx=g?}3G}rQmGCykO{!5y2sZ)(VYR|EQ@^h%1aQRPpiUPUK*?`BbPd z5OokfGU5PgHv;R(xEb5>bnkS2@(UPr6p|GmhK#aT{PhtIS%Kcfi&U${Uv#Z!_S2_e z>-g3MelI^{G%umAB(sY+nMW?nk7OrV>+e_Xl^M|T-RyTzew7?@b9DH)EJfV7!dNl& zp6~Z+EsNuwg-6aSJ-w!MnYS%YdlEoa59Zs-=AN@texQ$Ze)kXqm2idV(x-r(A*U)OfjP4#%l zG0+r0q79!yR58%>G~@ClO5xJAX|IBuhercXzEW{2bJ{C7=bmW8gQM3M+AIOcP@ZJJ z_}OIa$xVFlybo3;qc)>AH@&dg(5ATDKWuXr&vDxPwsv2{G$e;8Cluz-%!<+A^DpKm zeFVVI>1_Fhy~(KHquIh2lr3NQCE;!*WAG%k_TFydWcA=8`{9kaPXw~7FBbDNjZ2n| zI-VAiYPlPh=vts0?-IGt=s#RDOTi1}t1W=;W^JJ7C3H9T(A`9XyE!fr{*Gk#7P=cl zV_ip@g+|ulw!cxN$X*#>QF{_1wY~c|ePTWT$-SnZ9JYE^=2QN8$(AF}i=7ker39T{ zjrByeG^D9pAD#bGF%6rYou#U8>HH;#jG85^sOeQPwFx|DdRErnM7i)Qy#k{cPehw6 z{LR7T!_tT(FmhXFuZ0Jge)GS!HRz*PG`Mzk32>TmRdX55x1ky33;DX|}|qnV-#UXOR;)`|Xd!*NB5e5Tb5vfIh5yUnIa`X0eriCxz8ZYHo2H)6F&`LW;vR%Bf|8S5avyQcZ zw&e>JoO0g601dZCkD5N!Vp|;!Q*iOt(!p`Cf-jx!iAZh1mmdzYS#<2uW6}NAUnepZ zd)z!nwK<88Csy%v4>zZ$8M5Lgt+WUJUbcMxYc!M<)J*95hTUoj7SMI!S7@JNd@^vY<&WvTXO?TQ%HKy|trn-@oH=nFw%d#@}iI6zCI!+0(+6DILnd>i2fv z$V1_I{KtfxrNlvBrgD2#S2xL50^X^ax@6mxt;a*=vb95gvT1nT|fcRLoPNVF%glYg^tk%7Ezf07gLh{jVV%P*en@XMeNJ zd38V--Rrz&XJO2KNG5YUr8}@lbiRdqyclgJqEn|@)ivUYwLK)ZRyEXex|fkXavGMm z>3GgG(0xwoFX4RPjUmH2cg;fsPCd1@iNF!06f3d(0gr#{)_G6;_0$}=j)MpSZo8;( zk-}dA3nYSAYrL<-~aM0H=W+^@vB0Aum#(lnQY zmii|mm5*{yni_z=Wx@Y9oKv;yKMoSpJXZy4T!O9P_H_P<#n?|avW$1DoYvs>FP(M$ zZDy8d{(OFPe}j}YFiJ!)FiTvA(Y>YqNKhU4i{xL^J}Z8c&u~Y-#&YtKYec*<2p$q& z`$eDl`F%#$Xuw74gk!fj-5>rn8t`7NVLX=n1_`OTZ-;Oq$=>Yucl7_+Ga_MaPYKSQ z8C|>}F?2rrFgB3JjN@3#SZpR(Bdj-Es_b~!Szgn->F#o_L@LBWX3#Tipp%bKMgQf? zm%iUd!(a0SSKF3gnw9((Z6rIk{b?qoD#P5eoKxn3vmb)7?40s?xw=70O%RPMANd+Gt}4 zg&?{4?t~W+K`^Y*RebTKdyz`b57r-MeJ(vUr#_Y!@upiaRIt-kaaJ+$v}mIF)kPSq zBaw`hx}jB0p?-JlBcBqIkX^y1tdo5o^d;rvDltF#qOz0vClGh=?(oapWWTT9pdUKc zGe7?GEbZpUW9Np6rwMu+kM1Ab9sTQ$)|_%*GA1Gx?{-Ex?-2rvYo5@*7wYsy)4Pe8AfO-{H98DOkP>cv(T?R9nm|JbC!46 z{5Gtgc-owI_|&h-m?HA`yNAZICHJ|h?~WqQj_jolQb}f|WrdOopC~-(M zTZ6MoDP9`><~v1H>($#3oAai6TusyGQOB&@`eneqnn4k zo{slSpYyW8wZS!yhSWwvpql6uVN@J=fpR}|yGDx7436fsy{W1Ro`?Zl7Xpc5`&&cY?dV`Yvf|@!M?p#c_W9gG_n=ZDBG^ref_^v`p zB#QCriVC3P_Jfp{W&1>5aGe%*&?MixwiSr8*hTfX><3%$N~suh2Hxh+?a~{sx&vEK zCUT9*Qrq@7(T@Lsu=W(hn4jeX&@QhdaVW+B7R4%#PN)34+ZTA_Jqh1*v-pV`*P67{ zi4wDEb-j*Cp&#@brgmEMzX;CFtE%ng)#9^FhKo(=?={)sarr$qZf1!vsPnLss*_u9 z;AnU{dOxw6a%>`U4Y?v?qlJHIWfKCC_EraGNphL;k0gW$t>|C882U#(_1B381GtP_ zJu5{qA~CQ98;_i?<&_qnF}iPyy@(#V8NsrVsuHfryhP#i*9TPsAZI-OzNWth$HOG` z%wNI|l_R@_j1guDxl5JL%;|@G0LD<)li=`f^}Nm!<4Q z-25_xQ_T(!YOvZ}&m4-4M+(W$MUAWTwY@^-yEG)j@~~sgK8eZR4t+%;!#=WFRFACC zslw0ZCLtIr3T^LNk3J(2y|DnmP_aGv8<`$Y3KE9`-pgN$t=ajL#YM9MbshHmAdF9v?L3BJQF7YYG{gT)o$fC>nQYV&16c$NojdA%jZX33RDL(1z!d+1dlg$Cu9 zAEN4}GI&BU4ug4KZoVw9n}!Un%!PTL=}>6#Ri-uz6>IB*^h7e>FKR{lhXcIPe7`OR zIjy&IcMHFnt%6ddZ`l_7aesgJGgD5vg}qf);}KL=19y<>55(Y-OEW}e>NvN*(sJ*0 zFC9=g$fNl%oC$n@a}^Gk2<^d%oe|Siw_g)RbRdl7xo6~bkhplAxk=z0i0__Sh)hl5 zAj1e=MZ0`U>D$*>hjp23Ni_D&6HzaA4;ODb1p`AVC>OR5zkK*RxmBUEHU}k?iZ(=#D)7R2weV812r1O75b{flFcG{eUVNhNu!N z6GqvX(JUpV*6sk8@{Gv(iM*eZR+_Eib?{vO=$=0h!s*{M9iSYHokT{NHF@J_%u(#R z4PeVYvwEFJOa69jXtEvPsJG&j_{*7;jQiHz< zN$vg+j!TqWsPO}skjFHbOpbJWn*ZJ9hb4e;((&LH};`1xqzEc-9B? zjVqpr4Z8l$PWltlJ##g_?(njIQo0X6ilD6c6Nbr1n$m&#n5~;&vveITFTNN)-X=HN z;mbrGocCn`IP}2dIN^1VbZEKI)YvW`QejN8$~%K>NVLqd4RfdV^OIIU_k26aM(5Bw zzi>@JP}K{5=5@R~x{-&`obuwV#NIVLPV)S4fZpo(o5u8~R8{N7D-B<_nGL%D=xyC>2wh&Ccc0jh})ZDjqhSfz1E-t-k*o zzcsu>R20HxGWabuc?B6I%OyiD|Fc5tVX1@8#V&~N6Q>bJdNesd zJMkT!wxwJmCDCgh3To7l?f0>&Qnv~ba@&lwE!_zu>|UQJV_HcU%Xqv$m7W@#!PQ8; zQ){bJNq{3mF(#fljHaZ1ZoEB9t~?R7CVeEQAQ>bQLV@$b-_Am%^5`|AVE?$BF40ed z^8v<0hy9mW*w{j0QdYSl0UV??A!!bJQ=iNR?)B@;x}Q|z8DMmBdmYY~5(9MRTY~)lafLAxnyIbu1mH*a zex0&2>R(#i{-=!7M8V=sAPdL|v&uYPK|l6(hF+nQxF3Hi7#~6a!lT3#Cx{tvO8frl zXC*;LW;q8seGHARhFR$oUjBY!15x%ze}#1V|8-i<`cSfv5r3~-#E&!{qAHfLZlY*o z`1T~k+06TVzJ*MSZyv*Fe-qcIx?gcO{Vkn5vM2FHK^ryFzVXE@o{5aLiOEkZ6W2;r zr=fJdXIR=ufRLuOFs}4O6m43X&MONTJ(@B%=1kwD@vgf6d&5L%3WMe3;_0U2`+1?T z!RZRw$?ag;rS+A=AgSdkHR{X^Tyg}K@~I_v)D?Xwdq&T}oy3+~r&BGJmgHD}WiXf_ z*TVB_oq*fI*s$91a6RPjqJOya=|QT^ulu5`27LlpHOva^wrex)Q$2_`r~;{?7Q5om zNQ95(iF`Y9GiKYu;$cY2sFIex7NkuA7{X2&;Evc>LUvGV#(Dsfj5p#LZ(xt$Ab~}7 zI%RY9(Ld$as-MWT6b3`I<@(^mDr?sj5>nL~3F|B?ax%_kS-v$Lu#UP@R8{tV{VH%d z6WjHNHVnUx3eE!)8D%Yk()kP%6Z5^2(&&sOb*ngjf&X4_BTvivb zT~5tJZpFx!OttZ1zsCo7jZ;LfXL(ub=fBRDms9b|Gb)vBw8p-k$D4Mq6Z`yYSsvjb112`f@f?%JlC> zeTSc{lSeXiXiCPM&+L0d=&mK^!l{-%qATXdx#skARR(>q8+KPLEcT4v*7 zsG?x22#Qe+XBz!O^fiOQSOfU!VO`|E=NV1^N=gCu|r^9ki}=VDa#}Z@~&rW-GK`L zx|O;_4E_?}iY?)okWpSlvdQapR`NeUd5|!s&>FiL!7X;du3uewHbIo6GTgPZ8@(CY z*e?GnG}>WPd+hRZ_A}x;YoIi0nUmrsebSjdP3gK?h_{e}mmL%n6O+bLJta4k)}`oq zgV+{WfRYCT-X9Q=cX!7B(B=>Z29&V9pQOT7lFGl!lVO~2S3TYIpZK1D`o4ROF^SNM}QNWop4yJP^6vx<*=5Ie};)S|-CAPgu+pD($#RULNtI zJ;e?wg!$6Myre{jU1&Q;0M3pHD!QK$qoy2n6EV$-)ALLo|L#z$-+@{<3_^fD>6=LWR&cRe-G?eA{X(3pG6SRBBOMO zzU%r9?@vi9jkF??e?{v$1ZO!UWJTxbC>>~@Vnr))tJ|ClNGZO*jOW^ob<{nXwDkdl zTpi#6$7Pejy|gYsXhTm&7Y4#p(O&~eL7W}ZQ!{{<^Ib!Sje1D?=si}f3sl!{{x-toWan*5))opuqqRBP`0Vz~>$aexH={|V~pymumrcg3DT z&ftz@h_jJ#4v?l#+ z4EqjhwPBu!`(A}Z!lP3ep4|3j61qEO8-#s*mljIadqG}A!P#mRxCcr+uWCLmc745j za8h(r<`DjHnN7{eK9dt}G+kX4GCx_r+n@>x9S2_?&jRe{0Wy zb1I5kSX}%bse{nkwxs=v-8aX!XNhPIV-Qb;JO2@veXZyA9PYyp7+BA^-oBc`5ZdQ% z5>sTbovKW0K-FUfDnB3TPr9M9d_@GK*|FXv>K_n`j`{YRjq4C{Tzh(WE|EZ8$1eNG zVM9{JPB~c#639Xd!Q!d~XxA6@74Yx?Zyo zwF$b&KZ+H;B%k1BYdRj)%irDB7}1N_z9$Fs-PVv^Wc+EdK2jt#F6%ra?H4mr{zcVA zJzYnaStOM@o3EA`+}QAv^EiWr@lHCa7M~@lXeoHCMlO&4RTuNRob75v)zl`E>jPhy z9Xos3fI_&Cta6jQ1g5w-d~BZ}$D1GDx%*xddH&`Ogp@ZzB z^umWl?%1NK4RUM^T33e?gWs7xk8_vr`^%OAMT5Y8X9wH!&p<8l$7p7UqodPqJd0ml`jrb8s`ueI*$$^3%Cz`bbId+h8v@7W@x*#%#VHw9kH?~>6P zrEgy&bbUA&OO`O}2Zle`@YGEo24EE*E{QgBDI~n4jQCqd0`fqG5rbE6q1U8If8ISk zkA2BKd4@Lgnm_YVyFTr4Q zbq{7hW?QGS%V!4uv)pj0=vYpNz9I9WrfT!6YPz?fOyCj7st-C}GCQi&7I`9mgL2P= zScd4e!E0JjDE~uoO%9R&be^`?ki5<;{C>b7L=BQtNZ%JBbe*;JdmJr9D5zlVN5q;< z{D&9d*=-lX*IPQk`<7dN6OVe;+9T@vUVkn6U~@;LWfQ?U&`7t#5vZ<}V-_p>0S4O^I8Dywu1j5R_=z znQi|x|8HFXBah>88IN#D_D?)=(g+AboCZwoGucBy>$uNnY?>xBWB$hD8M!JTqnMWe z#cgeEHTamAk|Idxx`Si?@c;w)(f0=^I&)FUu{J56kQy*xT70-h{8A5cT`yg(WHJEd zGiv|i%6B@ptREwJ61nQNx=(gz1>V}EqSzz^2(aQ3j&HOjIK^Rr%ma1u?<^_6Z?a@) z@ObC!zwUx_NlbbWNk%JevTQwN-@L9I=ZnrOz^zpX7Vd348`zhpp!JscfaZf0t;#FK zi5jW+XH5oY&xPmU2;*HVU7upLst4~Ih=$tTLj0+Lk5ESgq%B)rT%bzpZjR!~1)d9E z>9FgFkklFW0cPzH8ZRshUMt|Tj(t;bZt7U#OL4k`>mc##>e4dt*EMnT3oKud;JN|K zba45$1OpL8^E<#C_VVahH&Vwd+9lAZcIw;bvGXD|N3eLIBwf||&vIXW&yl-DWMTd7 z-0i?9a7FKT6TnKsBLx@;CIC(d@q2iTphb%)#%m-}QnIP4O$HY7p0AY~We29l+H)I# zUo8fz>*;-=?zgI9iqgd;??GYiH=yo<%?SrE#3|xbR?0eg^IGo?{MiNZ+~UbjCLb<2 zeox4q2oXh8d-G{OPej9qt&c}my>>`LsL4R3>NGaUYbtw(;L~5koz&F0AR+xrLFFRD z!H?@p!)7D7#HM}lfGePsdU!}-KoZ!0yBn2<@2r1@bo&=*G8LFDQW zYupE?0YWRFn{t2(iaI2`s>IjEtB zJO6Ju-W-v6;=!iZH17($&}BC)ku*%{Sq1)+92T@AHJ-hjB9;Io#&bBV3>?fUy{hzSRZthC2X<` zO7+XxL8F0TJD_ZCcPZ7Am;jC^t`(g_F)|mXp70>iqTv&R=$JXEW(XofL29g-Hw{-0 zU@t3xy<}_dJ;ZXSf>f2TYgHvG_HZ``B&)or=Qf;3b|>0w1Uni@C3x-!8?ZlKy?e?Kut`r;W^snZy@R*BU z^@u?*>jiSC0>Mx)mQzuxYLuRS>ysCpYW`-u6UkFOv^PM^oX~?A{7x-2a}KRPUPeO( zhrz%`e_%GVX(OtN{2vBVU;964+8T8{k(0tc5BZXL_N^9RXN$kD$VlP$^Tf}`Ct5q8 z{wzq4qF|kND9N=i>my+q4`~%Fad=Es`90hPMBw(=N!l~x=+r9(DyBd&-0*D0?HtIo zhPY0Zlv=q;0;EYgFP_c=koj}|?!X{4Qr@TN}ZeTJ7;iBr!w#HJp8*y!{ zv)ovUAtnYkb9V?$O~2HG=tcK0Zj?ak%k`Sh3Q}c*(RFM?oEE?s%dOXGd1{U&l`4(j zCf@rH7mTUGOHQ+-FebEdlS=wNbNG685Ok{3J|tBnk+G5tQf>tu^t%P5#9Ho3&)aVG z(AWsnj|V8}jx24+dHssEyywgN5iv&eDhtBhxJ$D( z;#d##wCm^(&ua;!fMf;piXEYT=Ps%^^JRE#G{EqF3#mqs*FLFhHc`f~Ys%w!4a@CD zM%^~du>g{3h0SyUq)&@O!@toVrzwDvStEmlQ<46_!xYd-O1{T)(66nT&cW6BneU+2u0Oeg&95N-~ zz{x2YR)|50(~Wnl^{Tyum%E<{Cw2V*K)ktp;){08I?OOZ#J+Le(hGQ` zB)UM+I*&S!B~L>jQr|fW0dDLgKonv+ z)>Dk^uG5MsF3ShB+Ms^`*gEBB`Xxf;Br8NXFVJJM%D~nM85SWL?1d>O8lc`=W|Q!W zA)ULV_+1F>0CT?Nd`%a-JOBmIlohpUc~KWrnX(m+{$yRPYW))-Auy`BAusDL@b9n~ z2pTO;`T!5gN{z$!J>kvqai?wDtS-$%4q*@`b_GRl!T{3OTK9TpMzd{)W8-0N6W*1J zG34f;LfEr{c7UP5{hR@DB2rDq({q74?&5%=plwO=gQT@;7m&0zDavyg)azN4scm>` z^MDdd#QjRCK<2Qp@G7izai82V;ckeT97ay%&Nof~K6VPCO+x|qtRzRb4~~Tb!FRz$ zlya2sK@@0P-goevxfs!`AS&Km(XDjkSxge*V|sz8Pj5kl#I(VMMA)j>u!~R54>+gY zox{9zrh@nLccUM)nncklsM(d{D-3k(o~L~N3qs!J#t;b3k6t%M_?P z+4}=>!dLJonU?#ped29R2tjB@dLNDM`O?8p$09zp*X1>#_!>`R;23Y(D>+|)4-p`R zItc*446(aWqExWFRvs5_9L5W*stbE4_zRJ?%E%JrTYbK$gza=c>S5JY6F<%xG+ z9}!YvG^xXsl$1=Zzu2f@fd^y{|M6;Sgb3sfoq#tKe29lHw>@0ZHowR^{rr3Q@4y=f z5NMxsUeAEzUT)sd!!%zKFhNOKXp}iva2xzqWRX!MmxstR{3KM0Thn?mLLM(Elt_fc zsk>T(a@bXl3H?w>WnP*hFZQ5(J=3gcL(Rg4$6z|;3wDKQ+;tv`6a%0hJZthpBshdw zAc=8Hc6Y0Q_a~<{w~e@xUBNWL^0r4!qE39Q1rAi7c^SZC!RxTsl?88tml1fBhBst% z!o?nT)7^kCaf#(Rfv{B)@GjxiY7yB^W{uSL<_DYeRhTqfuh-_3i$bGa&iIeFi+Hwl zE|)?r3lc#E#_cjib$iA?Pt$(?4k;5GYX3(M%4VuIrW(sV*}4q(+taRZ5j@*PV$SPl zYmCk2x|Y1Ned1SKGzUuIk_1velFhnHOdiVmy8Q&2|AakRL&u;ECw zH#pOU&#icII?8jD(QU=T1SqhM>)94tnc$Gek)JrU_-gvNEt~h0c7|W?0+#CEqTg-4 zh^p#do(Q!3v-|nWyIf;1dalJ+%T{kPXC6lcUEkkKJ~*3d?42l}UTsE5nQ{oPJZn=O zANxe2_2(^i45bv;w)g+m`Tt*q9RGW9(a^<#yeNqW6w%LKO6@^g_Hvbhi!yy4T;G4U{u43R@5CbRJ*9FU#zZ&TrpAxks zE2!sKZv^{j>kf5rK%6VC3zQW6kGHRO6IIUDYTh^*F_0x%ww$&2L-dODI%TLu1fj9i zO%f6)e5;)p#%c+0y$~B8vjHb1t%-deQgf&_-o)F8H1Zq}Asp7}&?LXD$g5!HOTWae z(qe@Twn2_884**+K_8DB9ri-fBwtuL5J-cofCy-D{rDHuuji%)-l|RONzK%Ap2~Mq z7sDT>AJ4B3Us7{9S{<5PE|=Ov49j&Y<3R?oUMw>I7g<*s5arsm4+u&aNFyqs(xuWW zuoxhXbVw*A(jXxXHb_V+jdX`}t|$W1-61XA4g1Zr=v&_(kDi6yz2}~}=9+vY)vrG8 z9Tlgr?9Y=G_l@oi@QBTcrB7=_zzfok4bhgBAzDd?cQ1|TmOp!bClA-|gOs|JR1ueN z|65LD-csEmepxrCgRZF)a(`VP3Vi~1Ez}}lW1t~FS_i6r?F9!bA~Ss2f8?PHjmpbC zE^S(1R5E(oLgN!1E%pYgl9A~Pa_Z0uPP?P`TQm`TS>bw&)Y%*@nC-GBRuVl@V2JzV zDRo<2^WXkv!=)sKxyr{1X-G)n0&!pD?p<)Pc05_jNub;U)32~#VUM_b&iR&IQH?6e zX4*Yrcl$$(lj{(llEGBA#l{BpOt}yU25bTutn^|+1S8%AEx5YzHyI)L^}Ct*C(7_R zz|H0yV4-s_l{S4cR;L8ridQ&ubfYM-_F8=f#tp7E@$29F$5U;pl1o6gY>1MejEwRY zuW9MSl>^Db^(d*cR=43iax5LltobMzwqb=F&Xecyn+cbn0M2tMvnRKrgvPcSZFVa=Ww&l%C1FCH$n4Nxb0`; z`KBbi$er^@{dWvINV>h}OgkBG4zqcc&PJ9(lM~&DJ3Ff6|EKo|BxsD>czbIn*_hKI zkLS_XGf6JGi!smNOu8oB#*0Lntb+RUk-=fdhu9{o?^MtHxgVCk@$dz|TW~fk4SCBm z5Njlh3V}x%@nf%G0FCv19*Yd3dvt)t%K7ZYS46m3mzA&1&K=H}dFfc_l*tegh3~nY zKM8Y>)*S3eO@tsB!JX&Kk365V|2yonAS%yw3CbASE$Du=^37SY#m{_j{fRqTZ)JBxkfgJv+d8ao2G5v;r=UKQR<_$I0$)A$Q4) zbO&TKQ9WZ;V=!kJ=MKLVEgjnLE)DChzs?uU{eD-{ds_oM!hd8V^qU4gjOPXTX%f0+CDi%YR# za<^~pHz%njIrE`K(uM!u2${gT{6lo)g9IJsMTYj4WH=v;fY?=g=?IrLR1G;sy{~!# zU0Cs?c!QL1K?6J}WbVu34Ia|+Km#ogt(Own2?Sy2O83oI6XbcK;AyO_r^v+Gy&6xY ze!Tz_cn*Um6!3zT7J%mh&9c#6nC=0b>H~(1GDCg)b!2DsOZ?%7hTR+9g55WypCXpC zkA;*%9p`b`lEohpO}e9PfoJw>wQVLRq;K`#Ed4uPPN2@b45JVR8%f#uMBL~4@5n6- zHkbayPW%A|lORL&FN2x`AT=hXSD#0*nqAXiFrJi|S5c#D-i@Lxe#Ya4K+e8&imo_(8oY0H_%tGWq*L> zvB##ZlA3zHmkVHb<^FVrKqm4#I%nw**M7=4rqjV7P`68K#CL@Lll+_hyLN<{Uw^uO z7hCUP=Z2u~c+_Isa2w|z>W@NedKRgghp5n2b+T1h)v?-WhLL5Md-NZ9b%GDz`EK*} zodo%sQNRqPst(&3517Zmz54DXGK!dkZHW)W3s%j%IxB{DN51q(WSc&`J(>uO==6r;2Km`c~k$J{^4?&M<*HGMz{|y4Yokq{LO8{#ZZYq}5-AU9c zglX@1D_Iz}i!aDMBcVsC;ZULE8JFcm4YLgDAqqA!& zGG4o!1_xF%{xRhCNmAXa{(J6q)2R!J>LjisNqK2fe^U)u-@O>lK9Oo19rnfu2I5j2 zs2V>gmD-s&TCTKD+WZdbfh=>+$e+N|Zs9+u`h9|e$G>Q86rK5P%F4p$Eu#dx-Sn{{ zC})AHZhywDOpC(3Lazb@u=6`C+?Z%wW3Edca7aMfY3O>=LO6D(N1)?1 z^y17ZY~wXn%Ok0_d)~zST$LB;IVWPNCm?hXOcu3-$9d#PNA;0xf#WJN4DKiesw6La zB5EZTnMo34eTGc_T1g|`WEC&iBJ+O#J=j=~4og6E1hmowL?hbJHf6eu&s~!Yl}}J% zvGEEeJy)UeE68cUVGC5@(3iYEv`ZB*2eZXo3>ZeWrM^BK?MQ8AA=O?`9@_Nd&MF< zokGV-f1)og3@wmk{z2!<$dR7p&9K3dG?638pNU#S%=*?y6ja@jHy?(&>tXYXh#}I zS{4cfhJ$0|DrBEN^-ECm{HE6AHhOXAkdf@XMaa|oul+qbe{BqQ|2l59|X*B990BRAjg*Qc1rod;@CQS?#|D+7bkvRC_0QdIWy8T6`FGN5OCy%!qDw@ zG4*2wz>1n@do+%3iS+3ni!C}jbum5UDX3aaAf~_tvo)bl4iVE}0m@E%EfqF9nv@AYU#XQ1dlNNKk2H;PKB`dIuv6UdI`TIV3#9H?Tsuc=pc zjWdB6!s|biF>a8IS=&3=-+@skr6i{$ziT&E6EMKqjz@38lp5w zS&MXJzeGq`r>nMqwsZd7U#9H#tWO=W*rD0e3xBBZKd|;!eRJis2ADv1?T5rDgSylU zw}y0)emI0&41ja6az6e9Hh_3t0_i9i1zPtqf^^CZkY!CI%W>F%#@D0$jn5~p%X%LW z>6|IIE$Lj;ipdw~%RC{q#uM{YIcs*IA;ALk<7JO=(L7^QiyMOp?NQ$2DmPfdFk4U{ zP_MiGrVG%l^F=z;2@#_uF#PAvZiBPhkbIe{*z|vmho5`E7nFmlGWw513%gUhmvWXs z-la#LTI_Xw_V4tgHj?-d&&3WdUgr~`>0a)W1$zxxqoVp-DA^&zQ+PmY;Gcq{h!r#+ z=dAi+{q$<~8PP6rp3jyNG~LPiDDfXxkL)H#2h5^7LJ@kKUn+UDbXYatjOXVD5&Q|c zaJi9*6jr9#ll$$)9t7Vh>I~wSe%XCVbXxn8^lWW+n5{&c+n>!jKS_~oI>uyncW_Zn zQYXeF>8B#3aR7s%anjo6a=H}Y9Gm29t`y)L{1<8J+Ghlu%igg`E3&x4(OSE?=q1#T zxd1=_Tp*QZ%i-qt+{0*5C!`5KfgQY9R^(Q;)@qya=ffx09$~m_#Iu9SM@*bxZRcNI zUq0OBo`~ui$Pa~jLrAd))t^^*DMxSNr6Z#|IpTnFrsq=`i-7|WEDl~rnjq*65e^V^ zRw1c8xcDDWG(kdHTTzyak8;I^aK~x<>HQ)DiWpLrN~79aLiw{6Yj%-)qJdqXBYv-v zW23{jaLM!YvjBHrhVw(!J+}QR5Euk`ZgWSjMVob6FmpV4pv;2Q8fb191Uz(TqFC+Z zX=#8A^Zo7x@uh4mIjy`hIaiF;Au3ZGU`J3T!i^dLHP6YqnFE>0Ronq2!(;}x)UuwpGEo| znh8P3LZ+Gs1-^B3#g}5&_uCU+5cDzyEQ*iZNniR9zOW%*Exq|PQ0dAmeJXx7)s0O< z#Ugk8yaw9gmfyS&R`(+0t@KJC6CvitKu*tP@76A*I!7ec1I!8?V+2EyninELLH_Nv!{I+0 zbdCvsv1F#{PrkE!qKNkrm`r$Se9_-+Fuq{C5*9 zKYt3G8BYzp@)BRdU%CE6)RNRfw2ESp<%`Y>+fshr%1^3ib5vE=$QaWN<;=8p zfCNOupE1H;{-c556d{3)jm_uq!F4aTaJc`9+%kyg56Yp}xS-=0^Aca@BmUkVSPyt8M8pta`E874^mZg~3AivU zx#Y;EyF7_GZDTYdx5;}q^9VrT+qU3$oAt56da`cuYdJ8iY>ZNi@qfE`M3?k@AqdK_ zPN0Mj1sLgu#WMKkfzmq;nWYZzn~B?g7&u^qr=D`g-+%{jA>S+)@gJ@PEJr#0-)8H= z`MVcW`$TGaHP?7BEZ{)yhKT0O+^B!5bE(h#xRm{z=Vy@Xgd~`$~Hy-Bu8x8J}|Cc|#E-DhJnh5ERKOdKifBbVN&4sjOjb!%OZoe!L z5$d5x2=GgC8Sx*CVyOCTBHUjT_l@J1JRP{?Sr0kGi~Gr~HeNGNF7J*obEJ<=P8nC} zrHK$>weC9=Sc(45n{dT+EzxitdLAD%=0j}o<6~53|TN+m9aNN!z-}TR$B(y1#=Iejo zN(atA9hO(QMG5UL1bdhh5 zKK2SoA=%`tj|2m>Yb1p_fSKk$Xt?2R6_DDf6adE~oVjXwIHFrP=PvSiQgvp~?x@6= zr@K~bayzwq5d~al=KFM-g(}ixO67I`q9f#~MGo_2bj$=Y>HhWtXcdZ?W@A^vyhyRf1(}t~aco4P3*~I zuWv@@M*Q9SBmR9z%*y_0O8Kv0kg@vU3}Mw*&nHi=)D9PXy%Cm#2GvII>+2)Fsc2 zn2`E%MnFHgIUBEsf)nKEBlRapM3Ngq3nu}i%}5|LfNbW;U=L2%mh^|~k+Thx8Kw_c z%FJ$B$~d~(H|VtQ&r<~!iXq1H56&7=xGcOB%UkuD_tJ{z0rp!^9%=37G&H;n(cW@E`?WbQ87zge(5p!tMTwFC zz>P!xFSuo}Zk1OSNm=wX#Q#h?rWvxalGLAp3|`H zI1Q@^y0na7F%g$o!;3YQ_qEE56E~;p7DF`0xHfDLRKDm(pVzc2O5F{gpp^b~Zz-Hj zngNlh=QaptSnC4RzK0|63M9U}i$!VtKyq;qH6QA~q9)uwptEf7cN<%Bf3x3QVq71C zS=M3_!~+9i_-ODNK}%{Vi{x>L96k#xFU&ZMLnRJL8LZO`iT#}?0C!B%yS{S~ndpDnGFSuSkf#8uJz z*#^qQZA$5sXu77=2Vf#>8Y=yJeVopcYhQG)s)XLgx~3KUw>}jmH|}eWHa#cQ%zlgU z;*WoiEV;f4(U);E>-)srGs5!rAq$%etuY@DOp(1QBbzaP5l|-Lv%H5CIq2_$Y{bHw z)@$?JoIf>cm5Qa0=4Zj~p%?L6V~M&v*tM3}5Bo~myI&)4-Ll?ENKuPf_-5e;$Wh~) zdb~e+2$d%u!m6JC536c_iT_4*^_>YpItbpmahRcprV0$o-qhHjh{V+zMLVnu*y3vy})8~>Iv4#wPpe1m%s`gc=ZaWR5`L<-gbDJIp5h30=#b+D??bPej^{J} z-ENn|@bj8G>G^Hpr#^AYN{gHHB!@S${~<$(L-u*ZBkDOQslClE?@Wy{RW54b8?%8; z5dsZ7?uTC<+HQ2US2#N?RQ&uY^?cUfJ$R_hK{|rpe4^AeJEXe0+CX+i1QACXq$|_+ zC266vK=Bfh0X;ZYUn=fHtx~g3jWMFS>}KTS6}z+Pc`h|X3kP3~BN@n;Wa{)(i;-t6 z!BefaTioxO7Edq;%wI|9L%6C^WL1M>tcd|yF2?`^n*YRG1YZgvC-&7FqcvM~A z&D@lYS!#o!qzl4q6*mh)pklCVPOy$d+gK`MbysgdZRBS;Ao+46bi zFJp}+dGdPJz|sR+GQWYv7aFSZN_5Eks32iq%SoI>H8qZd+h{jL_(|b)?Dpgk?nnkj z-bNC@r#VWy_vy{$CRDVwIi*9nLVkUFU2h!Y%2c*B|KZV{H~j1J6{5z?=XX}qvkeA& zb2Y1RH@;BmI!W$f(lYwj(*w`RRL)EEoYSj`KyXk$!SY}}sR@Q5LC&&>@8YF?T&7C1pb5&*4pDI0vGNDx% zPs%9vsd95RYE0O|vMHbb6KiUoQy)lRlIWP|q) z9U}hC=Rx=F8Db{{j(aX+<0+HGbF_2S8a2WRqmg0xRcXD&_AOE!+x9=c-*i|EPL6TY zOgnx4?QBbLu0Cxb<;;l=WlvaBXevq6X_ws`#jcc9e4B`vI596z@o;s2?fRpA$6x61 z->Hf8khX@}LVYeI~RbNFz|5JTb|8s&Shd;Wwc39}vV9{vX7J;fWK&B@dr&WeRYr@LCt7=5^6V z2Y;J$kI6CnLr`S8Bp9$DvyCMvAm}2jp#PQLs0jXLQ>M-EJbCC+fwO8oB>j?}xqdCd zT-M+$O?)QH_Nt3%h|jd=Cw{zysXVP|M`=N5FsfqxRC$=&lJj-TLl@3>o=)7GzsqJ> zE4VAy6~FDJ=F4lqN1`R6=EGdTW9kDtgLka$^dU2<&-8Ar>VAouF0^Roo2S<}&W67t zrh00b-us~9QqaR(Y$i9G2(n^!M&&)(6zpmZYnX$o)s~_|#=Xrj=cE@4H|;|{#EaJ- za~Qq?i+yi(aNih%C2wX%)@JiE_kI*NH(laH!iQ93y@Lg1D7(m?5xCPm=RYhmU&vhii~lb>|yQ6Gc|ijHk%l5_D0 zXn6o(1+>{CQCN+5fpWxeADT)3emXmXvnwJ-mN2_7pszjOAo#o{pY~JxMm|^bKisNg zvV%3{bWEx!sD5dAuAXP`<^nq-BO~djm$CY_eh&xnr<4Aav%DQDj>zSL=0)G1EJ4v7KzkDb7IFVkKOg_{&Y@O zC!0>%qJ=gvG;?@4;k*uJFJUr4G8DS6RaR||7Gd6JK|+&@5Smycp$QYMYe+xDpJDy3 zbF#-M{j?Jp=M*K&8Y}a(HUp9Pv(QmGd2@>%AMw}s9v7ayGH=w#sCP(0Dz z**9hN!zCYPKO~fii{6^S$=5dMj z;PUg)c*fn_1e0&|d3^MViHXO56z4ACKdQJ2i)9G>K=G}n+Os~8F!wV`S73nxX`S%Q z-b_irr%foI4T$VaQvcyU!}zMn<^{jZ52VULPx2U;{!7PI8Yp9_vw=n@Mk-UHaMVaC z|3WzVGz6*(OR_e8=EqYaMHO%6gsk7I_DZ;mO=&kGlW^+qJlY#)<4(f*@49F4mfAa% zLOC;@jDX9~6Q!VMC^{W)$3fNV<8a5phMmS!(_Hsyu z>4hompoOKmj|bkFn|LJP7v{XqQUq*KvLMH#UQy1?uA`Q(prXN;xHCTzn{o4}zKZJx z>9w`-jJ9cY&z6SG2A~#+t9k{`ZpDSXryEuZpIo_8oRdKgd}XXRFfcGBvD&pUXMgId z9Ns<*+09{uo;}9<{_aon3qnBf#75^V+42)&_t?(VzsvM7fTePZowv9N?&zO9x&?x1 z25cbb!3W6_&GGx3Unz1p9*Iqw#>-szt{8leOwC71LE&#K1S!?{&3^|&tk3Nf(w9Fw z$c7|h19OxM0vrPX99jr)TnFHo_>+tXRB; zrrkZ$FSA#>fnY!gL}02%idBL{jbaRw1DK(z;&{ZbD&nhVXVWtDlb`rakXbBTqR4AVpTr*!o)5N%jRy`b^PDyKJ8tKRT#ue+K`#Z&oPz-IK<6Nbk!hU}I*MS%DEej?Qm;%( z2%jK_V!n4u-rwrYwnmqiPr@QvEorvFqE9+J=D;g856ien-XfWCeOf>dm?q5jpaAsH z0bS>$QTyzuQBybT|A|_?rfTQdBE)?|=OZE=VBX>Q>GLeG6d})OL9;|}eMa287UswC zJ3H#4cgN`rw-$%mlVoX27W+*Tb8=d9-LT1*0I+528&8KzUL#o$V$sc)+e^I}H9nZi zgH0`s{3jncbaQXBKWr^Wdf7G{gqa45t@Y!#_KTTjcpyuD2kH#x*UpDNSX7qx(kj>4 zRJ#zkX|DN1-izH#yxl9dMHK5I^QZ-8=H9F@czC$OIK;tC2aEMc!L~np=Mc;lC7K^r zOJu}9Fv8%NbmXC!qWiQoDf!mM6_AfX=*KC9h+O;sMC4ECm%y1A%@X0z&)L7hcXP_* zL}_EC4VLmvHAG~F*}z+%da>!?alGJ1d$M}v1n0?ep2lbEjQ^=9(VU&Ouaa8bm1#&h z&4sR0X^P5E^T z-1Yt6o#^TkCCA#Rtsm1TeGo&=fT;N~+}V+ct^>Z1^3mr*Z_?aPx^22Z z+tqtX4au6zzWBrm`Ifp1*W;7xEr!cAqIcF}Cd1RSL*cnerhnZ{&!MP%psY&dDmK7@ z%)ulf%aG=Wd>@ZJTvf|;mCI?6YVFd}4G3@1p@8_(BH+LB?M92|q_COO1gO17@<%0e zU4iGFCVdl#VmMrDQf_;In1mu^)TD({8!zL+HejHor&i5(a7+f$6e`oB@zg#peHd;# zl@7WAj|34xex43!?BPe|?2SOdHdCJ4?tdsNIvsbmGQ6}ZX)IawUXuaRQ)maXRdb(kK zd*XGM-m5$FUs?>dqJ^)U&9uHgcPQ%YfNNo_J>qj%G(BGt6!qzS01fHX^W$glp8tpV z5?g2V;|t9tP752Fu34LdPY0ALI5!;o+}228BcT%YgYurcauJZwqdfk>!F@s2TUv1$bJ$HL*Jx?!u%88`Dor#!x zTMYtd`pTW=&$hW7`matGj9^w~hSs-ZYf~azHQwL&C4by?U*WXN!A8&c-U!Amzo2Nz zuD^y#xBO;4J(YNl^|#miE&jJw>s<7{R{9SL77aR??k{$!)y}lVzfttkCnTX)P{g5o z(kohY%21N~PSDx=!KiDZGZ87T*j^)FaFaBLySW>mA)j9BfMfINJjR>T%mu#p6(#f` z_b1l}Dv$8^rz;5;Jrh5av6|nO)_-W<{NP%fz*man0%GyKwM;2AQVb{$6e0e+zVzFu zuc`B7JiW@&AT;FNy)P~Q@QbpZdm%l((KMhhqjcw?+v0<3hF*I(-d^Sk@Hr$b;U0So z-r}ZuxOi+b=sA;De1kS`I22mZUX|SxZT3AUUO&8hu%90P>!avT_cF7+13KFFohGXN zD`{F&XMRV`AJf=;hOy$WnNdt-`{VHOwT z@Dsnt?a6Gqn=Hldf;6w*!r80(RU*VLj9X&q)!>@qbP#&sn#Fob@%+OPys+rSQ(208 zyC#fl}53br!EYni8ig;1em!6Fo7xq_sZFyFIJ!G^C2-zenEon@ra< zGwS*+s##oEFWDe=<38tiI3Mdz*X&uM;5E4RolO3H%*b=&^A7X5*UbC#XJ%);=?-Tk zc1XN5z8EbW9-#ETqFZzwf4wT+9`kucaq`575J=`BA{lv$I~uFfZ7=aiFN0*>nY_A< zNJbGP6KE4=c0CTCF2;UNB)`NA8W!p&YTk;&rV0Q+y7eNv9hcAL+jzT zYp#k7qjL7-h*U^ezJOSM4*t_YMjt?flb!s@B=HrwWbCLXe#wo2rAjuZBF+oX>f^a9 zMFABg2BMZ|)`j@SDerX*SW>UAd=pxZdqd|pU|Dq_o2;|8S4BrFVD3HH5LWv}bUkjr zV~rhIIjjv4B;1d6HRj6K z(v8}i|^2D4^%QFbc8FON@?e67| zU~*@coW^5yy7c|uPOZ6<-wbmRD%CC7h^?JIosvdJD?7cfuUynf*ST_8h=q#(>ht!5 zk9?-8x3*jFSa*Lio_f=OPhP%UO>B8?cg%;|kEcaYKf4MxBS`GeZS>UcaaHgp$wu%8 z+C(CV`k81O_3iMvIg5`|A5A3cGydj&tfjHBvDrwa@GR}Q$73%E-(_i8!(Gx}z3%Dh zYVF|Q@czP0{_u#1__#QRr%#`LPD^9Mtl!V}X!Tm(%pwmNz=YiHI}g8bKicC!ch%|h z=P|k}zdZl6NnC=UQTsLMZJO+V)2=IOMU zBgG*(Qu7B|N>OJx1mC*(D(EXP zOigz%BY{u(KA)kP85Ns?3%b~1dPk$Pp?MUKl=JGc*hpn%WgR}{{1a23@Yz||QLXrS zPW3!u8SiEE;0Z=;-NP4$w6)vX+w*Sb#Fmz7>V2(yLS|do>h(SUlJ%=z3}Y4}5dbqv z5^o+ORc#iCN0`4b?>*o`_R#Cb^;N}reF=*vc<^=!56~j~zS`3EO`GrP7yV~JGyvzG z69mufH$eGRD=PWY($mI{S&A|l$x>(rM4nE4i3oU;!b*g^8A|>fo(yS}HdSPN-zj6tRd$ts6fWx{ishrJVI}UMyjj6WN*A zFZwNV(8#lr<-_IF(Ykk>(yT9!aj^<>==f}9Y(KY2R<@dmsEcGA07)6g6Mt{IAdX|! z(AWz19aWucZ&6W^fQ@tIpn$pMaJkS_b5z83DFql94(>N9N0Z5)Pg1h|qobo;JRa%m z>x-14T%J&L{$chemaf%oN{C1405%C0jE`aV3L z9!Ou(qthZa3Ifs4KfvA0efLzt$U9fQQHGrpD+@rYJd~Qe<=`&Be2KlZThid3scn)k z_iDy#W~_7kMrI}YeR(kQ9*EWzzdX8>iQv3?Y>FrTF(n6)J>MD4L+;D7_YS;9d|tXx_lpM%Hrw3XNz^9l$|$Ha^KdY6`#retMNst4po6LZ$7-yzOFzgLAT zb`GHhtRy)YX|bSSb!E>eZDH#OOE2~`Yt|D*{+x-0C5RW$!P)Cw-Bqie-+UL+YG``p z$lVh$v~~=Ho#9l^HL`UpW^cZEV@fVY;cc8RfIjF45!G$gy9arhQ?jy0@K54Tl5gU~$F%BvSIt>c>A(X=N5itQruV~b% z$sBH0X41NssKpnRCB}jEV<+ci8!XD8V)Jn;Tn}~>TB&r0f@8Kc$h;A3BH`g+Sv<& zV!CR^+i==y0!Lxa_wf(%*cI~7UO3f<(S<~!d~YFt?Q>e8P}#1kIK0VALJ*nz9Wxd(`#82YC>lH)y3K`!g(gwkIQ*!n zs2yX#V39h#(QoL)(zE3!@sb+fqBp7>*>04UO6P_D*exyIjj9bZ;0hw4PDP_g#1?xV zUKP{U*5>8qoro#P@d^(Q-&a!qdOtD9xw6%3Vl(MsNFOFddbs=*B{;wQl$AV0fFW|4 z5^;E&2Ta9VF%Hif*JQ0;jdA`K+{|U15MXQZ*5YkYbwXE$h8o2C0+#E zK-rFa4mw{i5-H};aWvF-+Z+*^t`ppEl{8HG9*n$>(!<~`zOh1hMC?_>0ggWjo+k>v zl|x?^jFrGTD9y5aYll097LMl_!AU&Qb+DN`#K*mej^93c+)XF4&sQqe3RkpZtHjZD zEel=zSTsrYJXu)PLds)#eHUDOGV1M|C6wS-l$F?G3p}B0CkNLPAAekK0(G01v@bM| z!Vsgz??gtWjy}vr$G&a|249ubZ*mQvWLeek(*~}$;;zde?pazNf3j<|9*mz&r z<-B<^vcdC-*o()(eMeTj@HH{_*+y2Y*H%;oi=UvG&Dc|A5=0KlNglLj>|d5tffN1$ zxS$;FeA`D#q8^axrg;i}K>P}QjvmH^KlpNKMx+cq53aLYuK?Ax=3LaTS%gaUBEbh=a93}*yS&FokEdrLa4bH-oD)zBh^#g*dn*&eQD zPR?PQKNrY4hQ&6>jsm4b^5TOy!we`Qug?Glm^VBmmuV z(TyQmyFf&@&ACOLTB7N!W$2F5$?86%(I?z&O$XMtG#;k&8Oo13JKVacr8(eJnnTDbyK-VlxFp4v zIuezOw|SD8L|K7ja>AcIpMFP}&FYyETQw)r2H0IUYS7xG&Ce+2Wo!#W6EK|9)YhNW%5b z9hu0h47UGJ-bH{P!+MoOy>)2l0%WUwr>3T!JbCgKP@{K^)`-2S@pWGN4T}oA*Ua?A zdX5&&Y!&FBhMphXbXpHO-*MkEbc@W8J# zpF-SoaGM%SRyVqhV?O$cqy`?{CQB7M$|tP0gI%YEYBj6lv_IlD{&jA0IQPB6q0ew` zFF5z5*mKvFa8I1%n3r8CcpU>LgKM-G*&aSDc zX@7!JSxt?YmP#o|@B4uX+Bn6Lf^yEY z>&483AK4(JBIHJ?{5k!TLzjp+9j8-?$F_GmjyrsgMzCV>mX^=#?Cvc_6be`lpNB1j7rqCa2B!UwXFgGRzKtPoXOD!u zy!?9_9;S1&wDFadB0%O>J@G?!bK){Oo3#YMSn}9&EE@c_zedSVVcc~Y=t>T%CAe-d zB*{^0*FEw@cu*b@oR+<+9t0c!r}d;ig;)s@Meka~DAx@;vGdb+x+t6&)%iW!!BvC~ z555Nrr1ti39aG3Z4}!r0Wga^FqV8Gw@?w5@t6%kN<1fD@t6hInfM5}LzriyPjz3c( zr4NuqB1p6JdlU+z9-jEFuC6;dUa-*TM{{%Y6HC(u_i=j_J3AcdtJv5xSSz+Fn|t_) zxo>}e{|qdKhKOaYt7>6Vb+PzQMl=$G-nDLQQ11z0i*v%n`|B(zlhg-~9v_tqJbabv)TvWD#t`&D%z(+5 z$nlEIJvDhhn|B(kUV-@C=6z=!I5p0KF`rIvqzTd*^9q`(?IetUV^w-wZGoP@S?vnWhC2r6*$UBC2 zHm9(&A|PFd|6layCB>CQ-&w(rX!#{qE}fC`1HCsC6Vn|`e(xGa?3KlSTqp2UBslq! z^5jdhlXz4UhYz*2qt39Cs9Wh)Qs@@X4l3q!Sf;(s{{Ke-sh8#Mja}lF1DNe=S&6iPn z#Q@IVLToR>IlZ~{V$@yqd9Z#72e*#|Sd7X_oo(4|;$~qtxk$H(xIXodDp(AA3>X&C z+sy(2Mlfi*tj4!sEgR2cfMIDg1dMgBDCc+n9~*LT9gxnYW4REua7=W~$`6lFcc!>x1I@282i$?Ia3dg6v zn}{e!P1&bKq1b>5EA{asgaHRGo1)b~`fqS`X&KGKU3;gcGLUXAQs20iMuJW?!1@#f z3LvIU=216-9(?#4(dE&N{HuQA^;u}KW5hPnbOcwZ30Ql91(xxuhBA6~%@zKTUwmG8 zMS2(gT%wjkz%t}}|CLu1)CA1EJPCUAt+6>giI%*yKi4;8YLFu<2;yK)Q#QBX$0IP1 z)@y0?;-u}V(IEa&(`{}!F?^qW;C4hr#N*+?KI{EliLlJ$WMHsvkPBSjY9&H`oy~JE z#!cv=+hP%2nuvvcq;>Eam9U?~x9|wcHP9m6Do92UmN+vrB~!5>9tF-2$hkafsVcGf z$vM)lF=M~u1@b=$$nT){l4}(Bm~e1ISm2PPWfo0$&QdEw3e)4*SNsyurJcPvnHhE5 zNz(1%3;wmC-J74~MB@@!4@WDQsq9X_AY%zdNB_d}BHC0vjEK2K9yKJq@@ zt8NcJKUIP{Lp>ERV>f?gB#n245GY4rX&fbP2q&O+-$9WR9En*k=3{wu%3JJFNbV=0 zzqM47Zi%khR2K92iEuOv+1pJxZ(I4*;Tp$9ISI9XYk4-q%A_`eOPI zt}2~wc;F`Z-FAAtKleX${JAgq=y9Lo%Ylux0zJy2iqqMfEnwyWJSUmQ0}4Do5dP#^Q972vPjOxE?@(%#Q{ ze9}?|7w&==#2i7pz|L&cp-mJqPF>a&kco9%+@qU*lj88OhS^*D^hGOqiS_G zA_^|Xgkm{vHs4-u2rut4@Zu;PO+tVi(j56lRng2NvPQxZjUG$P{vj;CNW>{<*VZVw z^s=NTqOlHZD%QBeqM5~^T32y!?~y`^BXN|Tn31Ll!;7=(MTQdlqs`3mRaNd+ z-<;X~I4IERKJl6C@$AdC7b3NuaPtzQYW~@8nROo0QbqD|%iVY^?nI=U5mzGkihemhQAse%LF`vI;caiI4y}+o~wvWo&lV;9Ej?^qdT0K3RW(2_*8qofMv0KLn1Xp zyA28vst{1;4;x(u>eh|tl5)fJLcvAc-)AAMBA=}+<$*FJ>Sb0n8p#YlvMTCQbRbpt zcWr5%pD`czyfO!=%%5W&2hc1>%(Db9NUeIHxq$g);bBv0qeQ9qJs&>#3RK1C@bK_# zW)nG#(mF)WLVu?e*g2iJccWq4W%zp;Hf5 z+P0#}HwyTEv+5*b-&^k`E@p4!qMu*$;`aJp%iE;arDy%7o`G&8sEsaRR$|6msy0PC z$~@i{PY5r)x5O-&Dpee>0Z-)uXg@|9;R%-zLZ8#~CXGtQpICk+ZdPihjE|Hh86py) zjV4(*>Q~}k=F`JJKO7wvWk`IhV1Hw~M!#W=ptdE3a_N?xnBfa`VMO2G-$$P+ygX)m z9sXfY>?mw^jYKfV1C6V8zlQi$iHkYM^GD`pCgya(HUE!j7~C1vbzf1=80tK?bYo#z z(0;hni~}A^f~W$T9?xQXvSX$HhrrmkB|)y!!Ups7%~k~PDS52REAp;fi`zTdiWS8s zO3B{?Pq=@WgfE^#?kOy)>^it_V*TNaikj41W)MmP>J1Im7K-q_ zPfDXjtkuor{**x36h?njWY<bpqm%f$4O+9vt?_bJu#Tt>y> z;v>|5QFB$XF`8c_%VqBx1&dxiB4CA7Tn8?zT+9VQ{@8zYB{Wgx4 zK3LUtU3r(1nksp4g99#S3?gWXmTm;eQto;h>u6Gmy06#lx4Wj4l4k#7%A{}u7GX}3b>KkwweFjJy5CY((7fUuzuK_DbaKx;;P@~I%O zb5$tuBB_HDtdOn>P&l1_3kTz&tkaVD5$%cB?_giM<-X}S;Z`wQJ^pygVC3q8H#W%p zN#eM^qc%RAtXd-}(fAg^95ouBLMeFnd5O_#pX~S3p_Ktn5h^X*ey?A@?#%v%3m=PA zj8@Ei5xylw(F-w^ZPIt=W8n^JyC^ zU*0$z6wSg7kuC}AKiZ@;!Fn_(IBZE!g!GI;P7ZO-L{AG7PfJ4`HK#XHnGp97C-o(l z)@7)14i-!#s;^du3$85xUhxZ>KC@sTflY{c1{0Mp|NK!r>6v)Vd3L*abzfhxl*kZX z)0=>@k2tmp)6M`+_fKNNgv`;RYqxkDAy77(4Av{3fG!qZObbJ`!x@5x88(ox5CeQM z>m(v@M9oL>qTQe089Z#w+yClgbb&N1a`K?yYyDAMf(`DXzs&{sx&KI*5^&U6SZ12N zgcHy(#C8xGDCjLDb#M3R-lC9=pB>C7qnNnMcpsiR8?Z2Iij3~jGgxTEWD%+RU3){ zCt_v=Ye=h8^wSGr`cnf@%^9>uRUdKMB=mI3NS;*N=O_l_Cf{qmhbM##X%W#XIKcg)6b z`MY*@c4Mieln6@h!yU-oXX3<<51>#M*!lW-HoKg(|M+V`2_x zLvWC2^qVy18b)JI@27NWT>ND#gs{TT)vPAJ|27;i7LIp3;we&oL@f0I9^|`~5U)D3 zwB-No%+SW6rffm0*JnLiq_#{$YUQr{I^2X6+@uOv6%>r4aY3rAPXb9BE|1a$tQJRv zfPxJ7=JHsS?+N7EIZK=uHkK-%et$VoCvW#S>+%`QcFT&f?q1A`Tcs{WC1oh-GJeQjqH3frSge1NGXgyrwtm65x?b#SNR&fD=CBACNcx|_bRh<(U za&aEqezEj@|GDiLPt4x9)a;K`R;kV%6x`;a^#_@K zLS%*{=0Ro;KxQ;6vQb1Jv(zU+ml_yAW;Q7iL8u#esu_Lfk!pZT?sU{u0Xc16o(r$i zS2^(ySKZxs4yUw6WPKIP&CLg`hDK`ojH5%t!zqA_?Bav8cAcN#V=J;Op7=#WD?ZzU zR8@H+glEXruac-PcXqV=2%+1#d$^zNzQAr>?>tg+bD5q>eR;(+%Wp}?;b4*EMO=oA z-d7}_6`O~sP#H#5{z!$~&20xaK^uNA_&n#aiNhz3&nisn?Kl?$DKe6r|6}hxqoUlB zw&5evDj=XBL1HTkN)!P>GA2+#kSsx3P(d=1vkeML7Dbe-h=}Bzp;3ZJ2FX!Ca?Y8z zZq)P4e9x?T$3FA@c-J~VW-Vt%``){D?Fv_2Rog%D0juUw*dsNBt5%L&Kk?}kQIb=Z z3EAQ^oy)E7SPJIn(7H|@b*_|CUTJkVd6C@qxzUvV;gLqc-Xd)>nHRzg@3a%_utW?UIc}r|;xXOord48U?BH6T< zm-Sj$KwbwDh6+Rd-zLq{FO*TA!CGCI=8Yj(r~OJ%hoEBXK{=7Ej75Dij%or3FYUo* zZ$M?(j`=-*$nIXvi=4%hn1=2qddqp{4>xH^tuxOvlzjvJXw!t8kqXHf7a*2+SL~_! z!)EV$ehKrvLwh>e+IqP>?B2lqYgF`DVX-Qmb2{86v^H40D{95cS06~;hkdeU3$kDJ zcz|=ey&y$JbZA9K!v56uo?2#?K3Qfzc(eZb1vC*swnPReVnmCc16XTHaYgad0aRYT zWB+qYZZA@LLDJdk+YBy?o;}R1TV;{QqGKrBxtW+%hj8M#IJvcKzUZ zmJDosknqYu^#BrQPolIJE zBKZ!wEnh7xMsIi*6u(GgVh;xGk2zrOZgTQ@jno6l<4{>l1V1$(1Jwwh3w61#s8@O> z{VRrAmU4!~*nq`W^Xg`N*+JktVYB>_a%QJ`OUq4w=LkShU22%V^K_)yb$+wQalM6rHZ?PXSy(Pq5n}c8Mj7N=DKP3xIk8B8{5u+SMu_FP?g5lcGftgiH zz3w&A*;jR&7NRpV{e^ZYYUPj3cYT3~1)eX#qoWE}z%?iuhI+$aEISDCh+q8mpY@9gqJ*2-T&B+E_pGdJhI@6Y9=V6OlrA(Tu#d zjRU{nnt#~n_!}>x1GFD-3gG1hrx~4AKGB=`)j7{{te!O6D6!SuDmc4N%0l~obX;fs ziqp!MsyWxLh8Aj_wK=tcccEr=+h@U4jLP4nw6@;1->n9fTc`QX*0Rjrl@_Vs%pX?N zyncWIIRwZmwzYP$3I$`VTFdmBg7tds)Jyx%ZB7Oy2GfFvLc3Q8PXo9Zx=O8yhFTRG zlEGbaSr>jp5K(A?T<0bea&GUeaBW`8xwf2ziATJ74X!lY`;w#()3IxpVB6iOCojNN z9fe$k^$n?)3HPQAp?LvpP1I|@(#5e zjB5ZCwg+{gbT4-?|JG24g#04iA$i1XY|SoJ=w3CFE?U{1-_*aL=WZr0tIwtaC<6xN zL7{Hm$ynURsE{(f;!ea#E2NJOi%O3-vNe#JnihAdX`byKPhwV+i3r)*i7Z?^eb3{aOCp@7TmJS%&S1jDhQ^8W&1E)%;@AWzEZi;p)FO>s5=bu3 z1t?d6Ism7}$OfMN;sOwi(!e$Q;RcSK2PboS zEy`<J|XoWXYw!4yyx5j zC@?M(r*jjGA~X)^NM!_v2th~` zLjLhlfb<24jeeL__Dh(WcRwy5?AB{E7Z4Lk%qarX6h@ywJ@~%4Ib_p&1@B+D1BKf6 z6I+^_y9g2B2?3xCjXn&JCkycz8h)?`bJh2N;2cS#HP*N-=cJ#+rkfR2VWeT5=;UC| zsK<27j~zOolD5AqJzWn_pPKzycf35UtBeFuyZ1d8N$HD=jr8S^n0smb`FpmgEFSK-tEU#Z(&{#-TV9|;69@@H8Kw*ZBSFrhAN_K8}X~C z2$!$7ET$~d)AQ9iAbZnAfm1NA3m2?dxTn;ARcFhv%W8hoew^NQCR}JMC)##99Ovd$ zNXP|jIw*8fG?SGf?(7-Cc$Tq0C^5BWwr%N=fslc~begi#7w=?~n%{tuhr?b+6KbIR ziq!?qGWFG#oS%Db*+B`Apc#nEVCF62mRr+WbjKmh!UYg^VMLB`?}bdHj|-tB2>~TZ z5`*P$ zhVp>A!cM(P;qVR*$7O58d$o+oqV4StC;@#HcldkRiIgAzFouHDF^y0m?%i0jwwM$w z3L-}ftyeeoyj>c1WP0pcyeZNDrHZF}d|0HTV~O|_(BPcbp0!@k*6zNkH{sZ&nR%yq z-Ww={ug~S(eFga(u$Plx=9NQE@dq{x=aDGV-?BHj3;^Mm{8=Y^EaoJE~Y0T3G#JLkMB{ikhcD&)%chXhfy0ZuX{`D4$zE_fk z=79RC`{!BUJTW?0DE|%@Z>HqO3P#qtlw6+glIc5rL=t!$VB%yx>7uCLzP@UBEPx3C z))%fIh>c9VBscAfpJ#BHN21AfB_&3hFd-g4ol{(iRo9{1N`#WV}fY;C8O}?}_ zuMonLf;pk#2X;-Fz=ToTV)+@zz-qAIV5}93RNP<iM2D1G+W?f)28RA5qp}1X zUE>jGr1*@Y85GBenXNq(+J0-#>msWs?4@=bSVaibcw6%j0yQ2%@V8ghL_Zbb5iux& z!2lOhIX(Dok7n?$f2jwYGiJ;1%u!-{AoC(+aKspWBgur35Wx)^JH3k94c}0nqP%;{ ziu&^O#Uce!MOm!lgikbe;s{9gP+mIqQm=IXQWE##c*-A8F*ylwV0F=Zq>1zAGht*3@VJ4S24*bap|DD-r9QKm?0kGDOCHKj_BJY>P25aU!$`Gr z?}oCN0s(T(D-dl;>=fyeQ6Ml=g2jts{hcP7ELyvlY0TUxd_-?;?G{v zHr)6tQ$+}WA!9)YMh81GCdyLsP5h;LK zfjX+(&pK)&-1APWCAnsZHRK^GL8#QXfqo>TDxv($99uipW4F@YoN5O#`xSBtE5)!p zgS)bkUjt{p1VJd&NO=Di3NiJ2*)5OkVTz$K=xw0uU9FN3A1RI8o`~%qXw_ouEu31* z-p`N&;r;wTm~F!yGrDQ$68A0MT+=E2deXDhn?rSK`Q=kWNaoYgNh>4zWO-zJkqf+Y zY(BDm-*mP)nF`k>E}fBiRToj%_jx6}cirqx(npAp{``CY<_`?AQF$NOA>4SA^^SFH z+;C3EL+F;QUYNx~0vP^LOziYlF1_(yx$lyQ$5sH)mE_?s&~^WLO!K(rdzz5$AK&k-QePEW(cfMx<6RG}X+=vMpcg71!+CnqP(zVvwxT*G%%`DSb_m z1*|Y8*QT}Urzgwby`K#7ese|c=Y11=@>Saw|CsS?L@sZ%<7U^H=2dA4NW2_g(T4p{ zUv!ElW-~;s-*emCXlz`Dp!|U;$FpuGYEFi6qYbe0U*5Z*g5EKu;tV)Jc59E zMuL;XyXKLYjE>NBwM3%y15M=B^KoV$QthkTR@#_1Zz!v%#iqGHef+1^{994X+{HHd zF3x6A4wYX|CvWHRr#IFXfK8n60pRwd5Z&>7i0RTgH90t5<2c5%%Se(upF&aLa=y5HGAoZBl)>QXA^&1$LEZ(yu`s3-O*iLv^+ zVb{#EtH2!g%c+kdJlowua}S%ooJv3WBQ@PIQ2%D}ke_soQucez`?)mno2GDO70d!$ zdI(MpLAw}|z&8VZ%^#<^Z}1~YR<`XW=p`~X>s%biO^f6^<{%iD31ekN0 z^41~3qKI-&AhE#C_h}#EEagQhiVIfPq!?a>oxdi$?j|(+ruXtSsb3}d|I2-g>LZ9A z8}H{+3rlUyfn^G%?}BA2z%r>i?5dbDV3|@%X9IqG?sFi{!#A{lrHMyqB=Db9X2&b` z4ov6H4{h{Dg2`~)-1ucO2DhhvL5a{C=x27A&tbXO_gG3_b<;J!P}7y3f0F!1qK$FMU~)c4*>tbN+1-d@(BU6)|i$+`R zG)RQ4#8b#Le#Xqdi`Q&%<)g~*)YeldX>>CV09`H)q042?w}>H_wtLY1ot6x^CnvG5 z3I8Wd9q;|eM1Jo9265M^n-bGgQ+}FLIq;@T-?x0AmmO7x68y&hO_EaTuJ1c#lX?ro+Vl9sC zc$)Y{L>GQqlz;PwQ%=}LO`Fm>CVSp9rk%6zq{@9wedM(qu53+rV?>FcQq1vYtS()%fSXNcg-a#; zExR|9i1YL9DlXukP{7ZfIFc2o2*on={}AF&DPn6hv&wm6!vq^|eR0_W1e#iKt54)k z^7&o=?j!&5N-NyNGIy=sE-12J5A}lRx~J%6ID)N$=v>JYqjJDNdW{<)RbWs&bP0ha zbvQ-1wl-1HOka$1U)t4vv#m8(h7C#Se`|>Ul_VgO+L{`Y)|Ia4iF`(*9B`Imq44&J}Ka3O4&MrT!5YyK(u@i){LfB(~~s6D0$ zjPEaCq*fi@5I_LU1rqMwRC1n0;_DxE-W^K{P*h}+zr^Z%@f8DWcaHJY^=Y5OO|fKC z80r7)di}%BVZ%j>P10{n^joK_i8((zRdEIUfjtVMK5;tbn-VA#dXX#Rr!#@r4a96Q zc6Qp!H}nj-?c=lv+vcF)3LV$Usym4#gTH;y0i0M95u0*bQ|*F$s7+Lk`5Qvs6A6YI zA$r9Ci$Foc>_-anpPUAGIrg=xI7 z{P5vJzlZDEx?N|x{_{I7&%hl0-hGyw1G@Z4Aq8uK{ei6_R1n!4gP}&cy1szOqc+48 zkgNxG1czbfyq>q>UA(44^nMU`y!w^3`o>~w5rcl1&Ha8O6;RLL6#Mf_eI3j_%$u8= z?jfAZ#~on6;#qg$7AfRs4jf6rsr(5m{g5d1q>Ii^%+K2PuEypp`iW5LpT5`saOJZn zOe-93ihK-BTcyph=-*uiLYKmkX6}veCs7M`OgX=?6KO6%Hr;n0`q4ogNe6!ZCQh6{ zGt1c5lZNL>5Kpq-(vn}=>YySAn-4RMG`FZ|t?1_SwB}p7zr6yPB3!0KfyCPSI=Q;R zl;s#AiAo(G0OrsEXjlM|p@$*`V&|TkT>sJT`@84-L+5Bia5%Y4GwT+_SR3pX-eCrv z!(hE1{0j7c+gkjo%m5T7ZGPKq=y0%C49+FOzV#C*1;%jQ|pqv*fuf?dt045(j&jT_ulH`pGvrbP+tqb#>B^ zBk-BShVNqVloO(V*f79_wD%(C`~OWDfRpwc!uZF(j3qvZRJGJIZHyASyXZ7EMcx#q zixkfR;fl7mk+z8~t2AtMKyT^mEY(q6Kr@kV&_W39B)YmI)8T>%0k@csf zmW3X0GNeB^20`){IB;v^tmu?J%sCf;%zxYR{SrC_E7J6lV^ry-o}Oy09#r$Pivp;P z67R0jiY3g4BM9}CgP_wV!?S9?LA*no6gH2CLi}1Eba=oVGa!XzaDu6k=63|;(7HeL z5h#gskIO9(GFciY=yp|iX4W|*T>O*6^y?RXYpaq(2rvS@i5XFR+72y8Va5oR0Pr4f zAf0(JrW#jyp}ut-dM5LDhy(S5NN6)8fI50IGJE!aAXHLNX+lWZ7 zrd!GJB<$?@kKTOzEHzj)!kw0ZVkhIWeV2q*;%FjHOI%Ywwb{2<7(w!=prtX&EyN`5 z6G-zE=NY!&j=26u2-rrVjR7cd?{LC}fDq1vuLvAlXZ_%gd@6lhA?t^{!ba2|?H?2let zhL67LlLJ&7FYS+d62PYYNb_;@Z;EatWHXww7~?nfF2A zWK$D$__j_Z@iT5v=ut*Rom>e0pXcu$`dRt>Z6kzkAlO~9d-pC>u8!p{6tq}Fc{_Lg z)q1{|e+OMo+E;T!%aiTvF2jo!26Lz-Qr7p$$^J+;+4=M5p&@;e zjK7U92UBMmSbUD^t~MN6i-@r^3xw#W6s2}Ljqo|YfXmoT6cy6;KJ|)(V+2~jJ*g6$ zOs*z$uUsq|NU&s-~u9Rez^7I#u6Js@4>Zi=tpm%-ujvy>~a&F-_P*+IqAwzQ_Ls z9Y8`yYX`FqE*cpbA>%|K64o^u_p`HU9|wFs&+bmmP2aufnEOx(`jF75eww!)7$}NVYwM?(Bh@na? zv5r|uMJcp6E-TNW)i?8?%Ejb5Lc}g*OS&#BEnU*lkzZI?xZr9g?{aotpOJ!%GvqJ{ zS?F_eZdwT!C-DOGaz}{c&^Zi@uOXy)yG|^lw+JC`pwTlO}reM*3N>Ezwy;;$wzmEFa=2^Qj+!)kISfI6F6VcT$PL z9FpE%8opRR|0e%XO3%8GL!ctOw>~~JFf{C7)CwTsptXCa>+Dti5Nxk(M#E9B6JYEg z=Xf9`TYMIaW+d1xwbRBK<<@06pVg8xUlcPt;U#cgMTK&4k@UKfTBILpr_c8!<;die zS5i_f@G5;TTD~jql#gVlEcdJRr1oK!5H~b3f+_%X`JW?EZ0XDh=14(9nawp7K?a}) z9uH%^v!P=e7<57uOeQ&F(s4+{X5w*KU4mC+_j2gS)RcFg$Mx%KtpOtfJ8k7R4#NND zGgTXYT}_Q~IMT*0EXUw3(pvjY_7w%NPgna0UZZY|+6cECNkKC@E8bZ}d~sb*HNIVNnLpe@6iV17pGtxq0pIhg`U z#ors$(_OCe`xttKbgX&trDDKv9J>zVNH~OTvnsw`)*G^l*QgmZXZ0hv6Uq`DOJX(#9ui)Wd3)AerO<4(XB@$;X7Q_*e= zjuM9jDLh<3NSK|7cTe#rx~gV8=o0;lAvg9s=Q?^QPl5LQb#c zIzkY^>tX_v1gRZL!&(N)eH%JD=(erqS$2-^b?OautdS@DED=>3l}0_ar(Ea(H7z?U z*_WrFEj*kK84FmCOc-(c4udv2aEF3n7*kn|lEY<0;r}G?{QkO*Ndf7$9wG_NY*Sw@ z&8*Vm?Xgk2jdqoWQy)$m8je3xcteLA1oYcDIOe^v)OTdCT=B^nsYdbI&ke%trN*gx zx3Mup08S#@5CBgoZWkY9OK3gPOr)U$uQObN4r`9jVj{xA{fn(S{?d^*4`+8RDt{I5 zfnhz@+mIhcqX@dYMWXX9^|kEE4_bVDbC?$#n8Ce!m7dgJzkVHrhEI8Nf=7r8J8^m7 zwhGvPRS_d?JQuWY;y5Cs+~GXyaow6c(%Ec@9FeuP57DnvU+rKtFq$kqn(M;{hk@dP z>9;R=@7%8rJIhB$NB0J*_#fiq=l`pVp$2WMJ0InSWac75AqVn_k z@_4KB!3%P$xN;pU2)#2uK7^)gbJAmg;tOVaoAKW3#=7EV} zh~q|PP!u^f?VcU$FllHLWo0B$0A2|6&ZtF2n>fmbcQL5lw3C$$7ZzZZk6?ffcQBUp zUsY~qIXd2a12h?XejFQWguBug#W{c60lFET!))^IT zK`8FZBnvjS;9MNFoO+&GENqPO8nq-KqXyR2*1EAMIJmf*(fw6FL0hRbaLC8)|(XamU}}36p-0-yz15vDUZJOim_RELm9gKiAVQ zFR-6~lbd@M8L5RuHQ$^jXB`>d3tH4iapa$&=HE8kr%%@R_AWy|tSycY=ovBzh`%gJW9_Tzc`m6LGL`33$QMxAUAFuO2WlSaQuGFATmM*S?@u+t~%y9?pg z+m^F&OYpvvk7R;5ect8e<(pC*A2X<-Fkfo#la?~eKigEMn{lddOSFx+*~qT21p1v51Cf(r(1fKNa; zR-6}to*aUt9XjCIrNH%5eBB>|mp226D$ruJ)TO4{Ayto8OZL+dUvTQ0A0cVrcQC$? zW0864%OwaZ;FhgLJ6F(KjPZJw9j;)an;)w2ZitqaK7anx6b=I2%cCl5W3Zy4h`5{# zSkaYnlQa0b*ehr-LG=v{2a^kzG&V+-D*9K0#-mg1Wr^-GcOCK`lJ}Q)nwea6FPdnm!f7JgTooUBVF!gyS9_4!1qv8BNGPRM0(O? zdwWt(kclnS?*u-$AAt|5IVqupkXl)_IMHSVj>W@t2&ooqY)^FC2i#F}W?Sj4st(pn zyrDSxfg*;Ti_`FORG?2(b4?EK(gTdbrvWj7)%^|J=J96RMv3$DUpxxJ{ekuKb=l$ng4Iu3Y_VU9mZr?~Z+s4}N8qzwC0l z{~{Gno!Ib(c(GD&ajhCYHW*7rBeR>t!_#vBUd5SxQs*jiiS6#2WV4h}5qX{pHWKG= z@x8w5McWtd)bu)4_*x8DtCh+}h#rc}8A#>>w#`bNpR%EhYh#FX1#7>b$n+EG2+=O9 zVFXgFKjT0`X%LTFS;-w4KUtRF>vTuUs^MblovIgCFjBc%WLT7miQEtkQUj-EkE#S= zhU_;6Vgr6gNrNX~4|SNR{b@gD38wAV?M>guN%x;uZOV05S1nII?%mQid!JxYX zxN}5KE&r=d9i8Czm&{p-;%{T>4C(=*p?gkut>dC+X>^LRBSu3`ztb=oEt+;5na!F? zJc$Z@{s-0zH#n$XeNDd9vByRZ;F!WWuw!6cP}D*!@eqBcu#1z^NJ7N0Db-#uRPXU#Hfyakqbj#)n${Ph`Fi8^Zi_>8 z#cfuG4tFcpyqBhB3JKGW1rSop%K20jJFW8o_jS*nH(K1%(4zDFN(^U^UNR$sX1j;n z;$Vc3A&R9_R|(Ja-Is6)nK)lNuOy-KHks=ilqbuoK;N;)Xu z!NT0uFAW`LN~HEsFe$X^+Q2**%pXtc5V1{losHRA{YGTlWiKx}H~8(tMkWEthspd1 z>krLAqS+SReOf6ch6E&m=Ng@Rm+J=*b+Ap!GF&{io;x?Et+Ja%)sj{0>H|qj6wu)+ zXH!=uLv~fe@gN!Jt8fqx17cuEZ#cHPN2$ zI}TToftVl@B2A$q_#W5bwJ1g`>Yh4or0qhN#jx1y=VzWqc`d|3>P}MIg1r`cT{9t7 z{q)Nlr;6q#_YM!q4a>A_^iAq`-R|;j)jqf^K4Y*^7Cfzee{+>)Q80-)Vf@wYH2#NC zvH9c2E#>9vINNm6%8%z~RikL%l5>*XkSQIU?;wtgGF*1X^D zbGO6+)WOfMA?RT^lX?CMg?jxF-xOazK$h!M6H|HdH94y6^?o=vja`JzW9rv1QVwyh zC;b;b!o_o2E!pE8d9`A5B{i}lp1W6Nb+P}{Lqnq&EXsd-Lgu&@#sc$kLq9M8%c$x3 z!uZ?91GiPZ_(yyB0d#Bca_Ut2q(4p^sy>>#0Ia$i=qafe?R-Bb|J_{t zNHN}ky(PgUc;|o@dFnc(=DAo@@MOD7j{^2PA$0*r@Jm*CIa_pWtjM*Z`vodBoP&6&Un|(=f8jgi? zr6@!yZ+e}{!Ks94c=?Wtxm0HT!|F|zlv^-Z6q2hHkL(mJEQ+f%OPLiE?RJ{U8GOrk zl3Z9=CG&c^*#&ts9mM88y2=A@iWTUXG{CMnsfbhTdK_BiD~{hnUEYVI3N}ur6Hc+) z0vzLN^K~=3kNpCTt9#ZQhu!wQAeJz=jgiXpzn#cMV=81ObU}$c5C-$9XGv11pAz6@ zDqbwsLT-Dq6JqKB*MwH@Xk~UT$7|#Vkgigpy@ZAc#D+|b#|t|894<+xZVvgokj;d; z(}thfC99xNCUx^)#+_IA%)wu_>$piU#M8BobC39DOFD})2E!KpG#OYGxQ<129EChK z(BfXy$6v;f!=GCqE8tr(bA;3hSDHUP0aSJPfusqbDc6u;DtMiGF5>d< z-o2}P`}Q$ECNaA0t=eMm;cH>OMOXo@c!Avg#XGKd%DJz>ZXs5>|Lf=WFU!T7bv+8J z^AK~rB4Lo(vYngg_g<-7zK4;Nw{7hz&>MJWF^#S0-_9K`%ANk;>o`$eKyEU zg0`7^k&Rr9MC7FoP7$v6OMd0PuQTna#kak6k!*+OZTB*Hr$-N1l+@?tSZses!U_67 z58-N8)^5!;ZQWNJTDHwSC@gA}=~=JyKm@buSmNE~HhKS2K2Q15Eso{VdJmm2@3M8X zc5Euli-@P7Wfr3kJ+n|zW0u1Si5eBW8081_dnm^FCM6}E2)Ys<()+0l;o^1m#21Kz zFc;4r#=Csufw(uA)mirXyk~!HK6$CUiw)P#l_hzwd)V;m9Q6{+9-E#5KK7(&HcnD z-rNS|9aO_OIIx#X*Oi8v=J4Niscb=nlK^jKaHm8mvtOK>J&!?x1JyS}uZ|*|DaGvO z9f|(_qM*_G9;Rer!Af*{W8Px$^V5}Qb=xM-*Vm%8rg$E^okrT5_G2q6Q(rPLd-vK^ z#p`xvnWVz0f@~lUw6e8T`$!C>sR2&@=qp%Mje>xF1eo8!xKKlUA$!a=T(xYNh#*C4@qIO|`MJbYv)&^0Y*X$1`}beS)$;psy~1xk+O$TR z)X7Z!60MQiqo0Ah9G(seU2lNpPr(=(vLm*tjzJjsvQ>`JU9HUD@4H3^^D!gq%8+Vgw`|_0I~pPNtyE7**t>!JqJJe0BPL zJ^FDwt$c9R)v~hk@)a{P<_u@=AKMzECofal>tBHjS!7I?rbl!F8${w0!T3bGv!x=` z<(~Wm%(F!bf9~$?4FEs_xgrQhAVH`Kw0ewyLj>0jQ`hQ-FP>{6WrOSZY$QS4uk*+1fh@7UOMoi?;Kz8LZNR&f`hmnPaNjarj@ z!9bn}t_s4rDaJkb*Hvja17^`AI@|mbsQK-;*R!C#9WRH2n?n*8P^~KlC6&+E2H?%4 z*+=0)Z~zRQp7Obi&I#WtkJ>W!n^XNOv~Dd6^bCu(MwhX@$GNls3tP_1un zhR0U)@`Ad3kr_(U69ow0Mq|L3ia_^_yYnwD0G`t8K!dq@`x-ScFkms$SF+MD;Mrf* zyXNwI9rDX5qfbekJKK+^dKt#xUpd=gH(<0}7L$LbEJDmtcd{ds_tdEa01H~)Ld7WF z%e-n|)CY?rcKPGE>rD{j@bS}l3hxgrC&^nZN=Zq{0twL^77UygMO>NvHzsmv8MJ5` znuEU2O&~KB%P3#IdSW?zt)eG9w4Zd{wk*q}Q@82`7ZOgv^kCre@X@F%h%!(KY5-mk zeX%B35Ef=X{@wwv5CX)kj)?479B!w46rMyM8|0hm5N|d3dgE zUxqRodd3&)!_m9WpN5}i6!HOMe<9w@@7|;^>#$39)VlKpwdGkG9Z!f#PUiXY{r>R;^yQMXqm5mByK6^*>0@r|43>C)B72bm<)9b1ulZ> zjbfa#GP|`P!YO=)kqf1VCFb6X!8_f1FO38p;&44+iBPvGg&KgKot;q8S})TRcj;@F za+4*#eBW|-$G1Z!4>@+~>{;q(1A3{JRURwfjcm)INKO5a3ZC}32!rThSiOoH@k1*9 zxPz!jRiIjuKbWiI06KHQg*|xPT#!nDAeKJ^;=()%4fCn4T)U~9p-)m>UAnSj0PeV)$}y|dNGCIsLNx{8u`iL(5(3UvlZXST zKGdr9?cLQIQ{c{u9uXU)L0H1NJ2V16ul5JF_K-S*#wpN2I52OTn|4Q-Tqb0?Ec>3k z3<>eQujBf>$~pYTLv4hwr4NQ?05LRTVlj4;5^apZlN|@30{Q+S6=G?0bRuEG`C>s+ z)j{?8QO2}l8_4JlZ1*NWxfU-~llhV=)VL}%DWpy*7EBU*DZM4__V%%58 z!b0Z;?J1Man_S354p9-6rFPY|i2tC0oGQD_Ltqmr|L4G?WXK?0n8gl=U7&oN z@&~7l0|p4`=qtaytXA61uu1r{ zR9t$aJmwYA({sXh`I41&qMaQ1PR;lN9QokF1z9=S(uoOK<9u^%E&I`y9J}!j_4K=P z$KPYR^Q?oS+y>z)Dy@Q+5^S#tmp~S7`MjU9HnBwLX z;d3nsQV}-WiXLGpumx;ZB}{nPD6nh>`I2-R0UNKh-pjd@u(GnUm!Lj<`ot?NOve*; z*f%ypoJyYY>_KTi-|ESHWrx|LCRRZ=H=4*1RV;$dtH0`=-HoFZQ#`d?daS)7Z6_3#$rwi9t|?bsD6&==kt-GdwLTAsu%B%+Qyp zjI8|L0Vp8iJ=YdSzYJHu;tSdqURhbO6Loar_lp#!XOj>2{bosNVPkcam6c7;!6EB3 z#1@eJUPlwrj7)J~%{O9Xu=! zKH}-aL&qX-Yn|4ad$x7sf|5YCG|1kuD=~x->~Q;NP&mF7#`>e!V+NQlHd1bxEm=6^ z8Mk!(y7FAhVO?Y6gt^Nu!4DYzC0sIp^Vh*ckkW}@t*o>?`0vWwae#;10|m654mdO+8P~{fyh9JL+V}E4v z?1#JxdYPyfl5~mz56PcbeTOGAkL6%oPD#xzFXRu_l^sFdo7rVTFbO2~dNOOHyNIiM zk#{El z3}&2>=ahsKn)J9jdo^aZ&5x&ckBCNJ5Azl$lf#C>)uok?Dw}d&wds468q}4=l60a0 z%6UQo7>j_C{?ygh>$g;qEG$N8sht}XZ!$2O8{c)jqEcrMkW`SmtJ%>&?>aORx6&vk zVOq)5yXv7=zPw^ZA7_g(R|3s zBHCE(CNHmiYAL7f+O$@(l9;X4`Bgyn8k*`Qv#R7H$^V|vL51EQnQ><$tFR>#ZC8#K zoa&`%)yj*GGkS^iX5N6pKtQHnyIDMfFKcu;;Hz@r{xB$l?O72CpYwJ834N9G5^0w6 zYb!Kn1#26-eGyVo2^`>|gl}K8v%ve@d1jBNYu^b7GH&*bRPxQ1nQfx)>g&_z*~KY) z*%pq5v}N5hIX^6L7<6L}s5fYGZRPWP2-Km}+VvN<7KJ777oT_PS}c^N6VfZy)LEX( z>F=*04R5*)zxo+^KHUne6d7xvB3;jUV;*0Vh(IQ+`;NUv=@d^lybKT5Zk~uyJPE_9 zh;O0d6&GOGzdg+I3RotKH_L>uLzQF19$#+)N?fmtjb^JW?G<0R&EVj2`y$75SAn?8 zs=&H#=etY}ho1AWwG&>jwKrB8;T%Y2s(7{z;rHMdlKp`_L$cBLrpfsEQDYk#+$x|VL({$04NcI#Cbe`Qfcx9Q+UMK>j1T<_;4LoE-3k3G`h9a3jq!NUX=Ijf zCaOR_{J>wVMI+#XJ^^>zP{QjkMA?SkS(eMo+eyE;0Dqmk z@c&rGg*l1MpLXQ;Xd$iMTyvCgcsIA)s%<~pWgC0Vzg*KahX5X~A>7A#9-666r|jo? z3u*qjEaU}1e9JchG}sC)i=eJELm4bN$%xSZ;le_?bB!6F&PWNrf-7 z7tY(B!fv8(c4cU{f5l3va&y|6gJZv1ay}<_uk)>lFRCOU!4L$d87-y$oC5;%5v*Ur zw~&P3f=7St>4UCT$}QN_kdf4nJppjXNm)Jf5h1>5Rl!R?h&JMNRQ8AdVNYM(=KgU{ zOjW9s$ey4;6BSp$T8D)_G4NmiIlCOMPofX5YyiOfY&o~kZGDDJxKZlOD=z>aqLVF%g}g@-w`4IN`Y|a zHYGbRvjr*kF0HARe$VIOJlAdrFJVe5fr|4#YJPhbP}YFxyX=qfI+`CkbPTX5VPxEz zfzN~GdwL8tfjUrCSe;D#f|q*j>=+1^^2}mX5+Y9QWRbK_lvtv9g?VqpIYnhNoFCt- zTY(zatMhwp*Piv-?eU3cuy|i+R;{O%P9IbQ1kc4W{xqJ-4PXD9izAN^Vjvf@5xV9V z79ZazH@F0^F*sVuV3P+3?rxh89Nr~%(Zvk zm@`@`%aSuvTPW~EK6nWE;An=h8r&>Q%>4*_8>o>ZGl7R0Ukwk8FN@K^)a7`MLS^(d@u-~xuHJ|rH5J4W}~fDC_eqU#B;#}fLIro|fTgL>BTf=Rdx z-oLK|IX?s0iCQah)gZOH{VJA!1?t~J!XRePTC|eL3?+Qy^ZMLDS7wt0wJAH#B$|vA zu!6WGnLy_UUwa$=q8scyJ&&h~^2_u|xD0z*jI2K0QV#6Q8jRhvfCWTXdh*G|SEUZV+k+ooB-}Yj;Co2s9PyBAU@nS=Uoj`g zl8Ez!>9opC#I~%3`QUq?Xm^5pk|jW~sNR0t%XT~lyXP=x-3yYVGt1RH@fihy_I5(z-V5@uy%8|WG_sFsz7*;*J0?}G2U{l)2dJC9-&fhfdn*r5C3NIfk!X=-X@ zdOW_M)6v1P#*|3HiNrB`v;|=`>q_mX;ilCF(wpHd#2_ zKGu?~!yJ>8RNbum3GqQG8MujRSsx#t(mvpQH+3^2#8-s<1%$WD23Tf-Uu8V1o!OEU~F-5F@;7w zP>_f?4`?V9%-6s7LQ(TyX%w}GdSXCp?FZydy&doQd$FA)78RJX!`27p?bD{%=y+u> z;Ay7dj$T2gM{S{yo@Bj&f$Lt6VOWatIp{RGkC31^KfA7ns=mg#y=w>&Vgo;MzftB6 zo<0ygLxOZ~Aqv9EiV*a^6c$>*jE2XEkkAzbY}X=u_+sUy=eBo2SC=;yi$&URrlw4> zsIya!=~pS$>y2;C>;D+LXRwWj6n13Cc|eBy18XGE%W0XJlL@KeIZ`4{^J}n(083b3 z-@<1ZSvk2f7-OOLvl#%U69UP7aKICHABnKls#kW#@oH2w;~9;jhkv$~z~dwfqfH>y z9?S0#!lMsDbH^nQPrdv1PoFVvI|YMBy1Thja0hRsf|;OdvQI(75fC>T+`-e0p76qL z;M`JEQ-v&te4tRxuM-Y5C$M0g(8ckRgcAn&kYiDg#Hr)CZ(>S55Xl8tg6BDFmNNHC zk$+R_hvXnsYY?)wlvdDzO_SGi1lwdnw~0Keaq{SB)zrs{P|oT^@)#!M1)2-;7fo zXdyT(l6USrag{z@lLWKk(;wADTEiZ0Oh;|vJ5W1CGO8Ji>RoT(3tH5%{az-#GaAwa zhMd%2+F;<}N9e?_SXC5tH93b&Ht@OkahV?jao00}fF>>K)<1xv_uN`c zR0R~p5G981Mo2>Zf^$VO3bpkGORC8o2>}PhtD)cZpm)UeDfUOi`-I%hQdS};X29@8CWG_`-^Hb zAd3!ZzJI`qpf9IWkmtMb2m&BOOq5KA@uQEZ-UbnK8JN@=CALi9+-`3rcP}pbkrTY9 zRyXg%VOKVnw@Vm$VV)W@^XiP}8*qG|)tn>=yx8kiC#c`@}hJ|3h%_=pFQ<$C8V0m3d*sc*k)fHLCoauKVND<()kaN?O*IVjDHX@&$E#!vLJIBDYnGdftrgPZ8?TY) z+*bvTQ7!9<{$4e{cSvccdayz_%$U$ z2RhWKn<7KUgfrWqWle62@hC=4vLiA>H`u}A zCT4C`DwA-kvzJC`oRG{EhTU;a$X+@n={6x;|vU2`z(kE7PaCyC%zrcm z-LTr@9}(w7w>qE4!Q(gB^dWLE&|%JUJTaS7{r>F5)fj?3jng!HcZZp6`$q5-jzoG; zb7m%Af|nMPxh&QY6H;0422(!n8Q_>*W_G8#Zf^zWxPJ3?J)GUURCz^6GI}@3i~I6t zQk5|!s}7^fFwF>z?bYrtwKq}Jw`0|8I(`Hh**n85@i`bd3Ik=B0bY2?gE~VvAxgCk z*MD_!IDcg8A8yb1m`3#QRcblzuGn>2Mn+#v)6H&mhPNqUI5&6>h`E$)YtUbZg8fu6 z&JasDyuPVe2Vg{9>dV_yD-eeKOVu{K$5Qwn zKt`dYMP7P{tR3BMd*6P?*!BNXe98P3UB@4nzAQ1jCkzvuvUaA$ytg)c7@G9jO89c2t!dJ+Fm!wGM!>_efxuPM{K+M| zjVEln(EDXsvgfM3Y9}e9@9KkP`Vw+(&ptC5o-sC(V>GK0Gkd4~p;fW$|FHMo zaXJ5Q|L{i&6+)9VNQ#!EL0c-MrBZ2Vop%j~41&j;Q+&AW&C z;%E{bU4W0mTEIHy^OHTV#3j~eKF^k7cWOcp?N@=4oFR7(p>+3+iIZ`6N@cDqfWK*S7Ac6FJrtmfy$ubSSGmY}Oy#wtB?^*G0)z=S z0OY>n>!Vc+rfN9M>8%zrRn6ATM4GCqBB@N6;Fvr7h;A2G)rP7XD->U&UbD}KUc5xD zrI*-VHJ$-nt{5Z8Pn>?*2Hi2Hw+*GQDvQ4%`$W;v=wyE2A1RG*i3Wz!cDmm}S>PEf zKVvTwYmz)YZ||f#R+W98@)51b6To_={y?Fn+)<1MbnW8auU>=JPBa{Z$m@`bjv>7c z6MblOd9q-LwmcJA7*v@U0`)0cX6RmVy^oe{2&ztjXMWA8s~{FJB^+-^0uNf%DQlG0GO9;fDPrsk^x^QYb;+V$`ws zrCVKcS<3K`waNLy3`mzaXj=NBbjdDRJE9-LPm;P9l7 zTe9*Xkrohk?IijhQ2-rE=&^R-9b#{y^!e@HFuiOD>QIJBPQcY<^hmD}d*6nTOeWch zmdunR7yWCoZ~<7yZ*)TLEyzVLdbmWa_gqQ>yuOzdUf2s+{?{1m`!Ihhl*eK-1ps%I z^UkR#VyS_0)Q3^n{QnO{0TH-?b^q@RMFB%^N3|#aH!}35`_i;n-S}!TJ;CKZgJGMr z3if@nC*yQu?k#?=LyDQgd2t;ExS~tU%{h0hgkQFGF6CS@at`Z?Q?zh-DRf-XD9vl- zPD*2f>i&I4PO^G?P-J{QRm%PKE5=pXcBGE=Yk0`n(XZN(qqDD{o|@P0!Hup_R!jEM z4Jjt%=ODS5?hOGJ; zX*03HFGU5y&x}MgFdmG>T)0bG0i9NW`HfL}G_~qxRP-vb#$ybkAEjHYGlw)*q+Pvz zD>!~Ulj}E;)}5qQCpr)<4%o(VD_k528m7i>I&T^fTH50XgGu<>3*#|PteTB}3Tl=L zDZ?7%<2ludx9U-HS7pBk1Pfn(P*&L>#x5XhvVg>YD_-n`Y(qUPDKLit6m<99K7gL( zTp~{*TF)|*t! zFPO;Rp3+p8`?fF zx|Y&GZerD%swUxn9miX%GRueOKHo-S_xGnCqX+)5eKY>`Dqt0r%Rib>4H{7x?|CXr z;;PuwSU9j`+WYZ1SCWR2(z6?*UHf0{$;`BkltCXF4I)LNe1R9Zb?AI^NGzJC8yJ^J zPvj#>Ghq5@v5WCxw~?GNi|#0mMz4-W{&f%07_)V4ZSmF{=uP&)j#jk*O1Q>675m#K zP;pr7opE9-oUqb6>F%Ae@|02Tda?N4W5M)AgU6~uF)h5L;#R^n15#J4-mm?}fu4Og zSQ|iTkSG)Fwz9J~w6}*qaNOG3e`I6?HZOT~5F+Zq0nu_2@WVS5V`1@2$H>l7wN@ZgfWy zC7c;k2wV`@T4+yXW;A+;Y{wxO1fP3kuf!bI2P3CDyOD5M9JUJN@Zja=y*dRX2Wwa^ z7=NDhY1P@<(N_stw(n=vV^HI|3Fk5c(euBbStNQW;_fr=qn(DC8kffXPajB0I7rJz zFS!|%{p${RV+3Bv3JO?x-Y_v{z8f%GMh7ln^loIX`WxmO5PD}Vc${+i*&FTqNK^s+dMJ*bbylRKlpKmwx^xk#YXaYsL*H|b^R3*DG8gR(9q5zMlsDbG8N^7DJ%D%LUzwSGun;NS|xj^u%f4xrR933>rSb2T(hpD5D+$_A^kdU}{)iCJS)6HT_gJ-=I5?qE*OLaA|Md%h%FsH$*^&#~xeOzT`z z>+^`(7$ZXd#p0;VEXzE}P|dE$Mkm_r7^5LUf8(r{qg(6=@g)*v`F|OEUcEuKv4>k^ zVN5;-(;MouaMDap7Wjhsw{2-(EP6<#N6qv!=k`7Q=GSU(H|KD-|A)>3qS8<}=V$7& zD8IcWIb!2Og6IbR>RM+`7t1#;tNP`X(1XHX-e;aRi29{ezamZEUOL~D21-@BAkGvi z)u}NWVwWD5ejq(3DysHoYXfLk*I`)nrmCY!KUnE2%B$6BPIX~^PLlc5*bL>g&-jVp z*d>+#458X*}dS*DeK=K~l6o zAvM+41y>}Ty}3G(j;s6@1O|_l0D5H3T7R!F1vlr@6B9P4;OiYRCVa%gOfrsB0i_=A zo{hY6xX_s_Iqo3&DrU6YldCwm!vU%HCB0e!iJ0HYT)#K!F`D-2zFz6>^YH23#kL&B z*@3hMk7Ese(>M&@;@Vlek;C)LL*bPy?qXKC{ZG^%U{RQj0_|OUqZF4raR3H6&#Pgk zfv1Lg+V&7j_#supXsDj>WgO^ZV;OUZ&CZmhvyUg}XW_2ze;Sz^Yp^D-yYeu>;&per z_=a})qdh6ti_WDv*SicP#z*-*qdvZ{>v$FH8EpS(SLv4v6kfB-&W6KOZOu}C8C?Dt z{JxuCLl2{gxYB*?M2<3kAk|L}xQ6xTyWz*8G4>lD*P5Gt@wx20SG{~^(Aw!99nn#0 z)sKBSKCM)@ZXD1GaE-t$wa@m+P?aB~q^}4(p_cDA4guH1#1q9Usn+EK=4n6o-#Zm> zeG*O7OGAXbo-0-lBSRzYTJ3)U(-*`#SV#9UTrrgX-t$IY^3c>;%dM`TRprVTKzD6H zA6()gyUR@mo89QF{c6gRObS8VPPHva{4|%PtYPqXl`;tJpw8boFykN5Y!k zWo#Ex>XC6UTW%+6!gz2uhuDmY%4?E`d$`9;yY|67v!Bz!5Elb&~P6NtW9wZ*VN&*1tf}-{2^eo6sBFQ-%Fk_nDjuOG$2!JyiV|{1^5O zI2otZ=VCGGr5@iS)2Da9Vl~5=CtIsDi4m~q2c$a~wF0uf|8lA%WGKx{+_}weW4QN9 z+_RS>xujKwxFKoQ#5l|Cy?3O`bl&UJ#+Q8#37%wj8hY-CbLs6gF_eZ3TizNQ%jRAG z#fPbtD9SU0(p0?mwRj6G*|4ZfgbCWTD8P|SES}&zfVF_^OX_{_#YSj9$^)#boGJvz z{+I#SsHH?T!I40Q`*lpJ?WYRrv)ixFv>ExAzm@eKD8+97V754(J1&m9#1yfY9nF_+ z)nFT+7!-CJ6drh`Y2eGQ5L6iZ=$C@#(1|^Zs#CUV1?{iylzUW4;=c{s16=G#^q@@6 z6Icr}x_7GA^>YQTx4OHi$Yt9}?6;@1Vr)7ngy8wV8h&|NK=S1sXrH(CgAOs4^F{k3 zm_knce-wp)_{X7y`KmIJjHwT%z1c_4Ev5SU$>_vnPDzbd(hA1B&2TeQ_X}aspssrc z_Ec7O(ep({Ga3m_p$%MfL^xYXWMt~y8}@uQL3}+c$xu`5h8Zp z0LX2Pjd>n}rpmsugrpQ7a_ZxOj-wr@1;~kVvLl;oFY`GX%hXg@3fTaueQoU%@1qM@ ze5LJSSAmMFP%!FQJk5|nM`YADFiZ-{^a1;)rlvk$SLiHo!1;v;m;^CCbc0V+xkkb$ zZ0VKX(IH|xbP=i1CsZuV+1c4>g)as7%#l-Qx9N7(%=mDGaerhj5^2|?ub>(HumxOQ zOWMxP?##!mFK-_1R3i-Bmo+vH;WR}}bHhg(+8g(;F*3&F=byVC8fNsxbAMtwEJsEw zq1CTl0|e(Ue}qGig1d@5Sw`U^@FV#iH7+9gdDr??G^@J!g}ZSg%{kRbJvHC(I^R;#y@kf<&>UvjsFd?mMri8SMQ0BNJTrbanb_!uqE^sB;nTM8}! zo{Endj@8@G4a*p!y7wJ#Z!4cgk-qpl6R(H^7E%YvkMTLe;LiABu*5+@K~0)EIyxt- zSeeWM(&@`;J@u2d>6Tlg#8{r{bY{4YfADA2*P&){!G}2I)v}ZB;0oA#^x|e1DK%_w zyZ~(h<6Puiz~GlLTRD8699$_Ijc?d#*+OM_o#R-dQg5h=>AOc!eDJ5=PhidX3?Sg zqIEg_%VI9m&uo4k6qvIOR@k-s8Y|Oz|Fn6%gT2QpeePYf zidX~$K_=aMmsC08!PS7;99w+O1>%$U!k*|6s=#qoSTGrP z32NpsnVEJf@tW%DU$W`H!RlpB*)Z~boT!;1R^rCS9@HdYNH#@mW)IOG8r^}4Vi`AO z3O{7pNC`)Yd^nOOW^zCLl-1CKrOpe0X>8H6N-VN3+zLq|2+}>KgACIC%TkO zA7f`-m|<^i(cR79!bnxw-@=yY^|bX`W!sZ}etTD$Ld)^C*EXNpNN^XN;7Od^K-|ZI zRLwMKOy#GrXI?}o<=@~D7Wx(%igHT8rLi`!_ukvo>ufP8uFUe%bM?lDj{Ubj?gP~@N31BXyJmIYJ3H2jN=g{bl9F$BCG^7t_C{4rweH@j7HUpW^h(`Tf>$0$`H`+;LfNz` zgV2127YAeIh~$y0J# zl7>4fKgBKx1$w(lHYIqToJh3cL~WHr6~u)7oR+0AYT9ezWCBG&%uPn$BMVA( z5@*)SOYA#TxV-T5x$DY4))@ln{b^AK!onbJqP6Sl2E80cZx1u_02rcy&f7kr%qvgttX$cY)(GLTGo9|E2sbFuV!+k=CfiNtIA;##*fp_SR|HeB{Nx^ zMi1J|y=yF2%{__W`U7|_#a+(JC(%+AGQqv&|Eb>juZh7ah8;36Q{F6JI=|tQl9s597a%y<=FyjFPDW@Pe&Q+nBBM08rD_)lNL455W5X}2PXO`MXF zwpjG+#}iyF%N*v?>`W@P?c(TMBPfmqP+@ll7avX*E)K~b4|n3Ics2U9rZOAZX{k%7 zM5FqH*-398L5Al~P9iX3W^}>ZSkS5sMwhQH2brGhI)rntyu&~7Wj3$4V+B$F5@PwY*A$Iaf%9-e@xmRFL zzPso*@4bCf%xk4z$a%e^W3ZD-f?n~djvAKi(%r4l_^t&M$siP_@Ja$nhK22zh-~Yu z(t^*aP^UYvM7!pBA+c*P{MeZA$|PDq&2?Sy}Uj1X5%__ zZQUg_gn$7p7s1xFYw{xXXZ(GYNDF%EFYFZ(N{M^rpG59_AJba>ZazCSu32F9b8}-T zY&6Q*R$b%TLc-ghDhgsV3;At@7=!UOVS`N03jZ|R^~{xTnAwe}w7P`3`a;4d27S$! zsKO)Aqf|L4)qk|rS|R)Noyn@@2HJQQe0^yQmvDK8V0wJZW`{B5&5O5+k1= zjqiB*-XlLWDebR^KYE1D_GFvhPwCDOVAfr=jk2WR9(!5kabSO2&YINv^Gxp&JJnxdk5B=GB#?nk+uyk*4v>vyOJ`-d3^$~ALJhVd9Ox&`6zKCN#Mb*X0SYal_sY_a3wx1tYs zCL-JNaE3`qFOLho^PuPvGPbDDa5JyY00bkFy_w09ckJZJlc#&kkAQ8iL2B!)l3x7= z8jZxlV@@Po2n>;m!;<~r@PB5`8%|#UkXnGx>gVbr-aY>udy6J)j&@hjap_tto!fST zlAB>)m?GJ+hA!u0OTvPcn-9Nz;9If&!ADr@@Wa@=D~d_}eqvC*{A=Riz+18(J7`22 zHtH8~Zp%}u8rs@Y6qixH=mt`DDNYG-GeB#ao-67^VvWAnB-P%v=~kU#tC}rgdq2u` zK3{55_*(7W>38pfj*ANfQTB%PXpGkThNx9k;dNKWNd~uT7%0!J7_OEtRu8kM^ zaVD5Cug5mu-!*Q*b=wjWRTDRA(S#;O7K=MHf z7}S03bNt|41)Xt|sQg(E2L6p-;t5XT7h{;LB2xVxm`F zxHvnn?kOI*=GHyhj~|0&(^R9S5-Z{bj%rPQSn6@a<%+H@2?=3BzW&0G{uXr(!Z2o( z>SwPgdubvW3F+nE@!zwkMTGj=QzAQ@#!5=5+?UQT@;9~r5_<(j25++s^4ND@`AjWNe>c&FZ5V!z?U@BHO` zhCl;s_8|3xQl7q$f0k=uOj@4e2aBl*RUJKAmcoGrsDOC$SCUs1^iCa+P|?tCj7e|F zS#oq-d6JNx{4Bp?TwO{UFW9|(_bLhOUJDM0q8`)fW0}^WTMOMAPq#UeJzCMG`gyHq ztL*490z>3fn&#SwoV0RJi9!~D5puWOIRqc}<}MAW4FvwA-sz?l(W1SHw2$ zZ0Iy;ZRS^7A9`>!()KEE+QFF+h|ga!VZ*+qTaIT*_l#KE8|S<{)I9p-3qPAzK1(^E zNyBK+lRHkD800}EG-vRo36!4r^MgdQlIgqJ%Ztr4b-Z@_^co-uC1si%IBvoR$o5x- zl@i=$^4f~yPuTamJLB5EL~PkZC_ zPYEkUIh`+CT#qe?@~o??^GKf1BKr>>0F8HP$@(p0i*9>Xjp@o>yK7etN+xMt*5rVf z&p>k~xqSAXxPkl-G2K++$`NRCO6xE?2cz5yk0vFbWOHgSPD;w?qu8t{Qiz!~R48k< zzbBpDtYI^;laF`#9PPzu2D0L{nIuQd=%)Hll-;lyc=Y6^h0Hg&4F)vAV%vvybvXn_ zP1~*$=Z$l6qx`^u`oiVw;b%=Q7p`@keXP-yo|K2L7W`mUTj!CI>Z1BXnSq)m|K^Rd z)t#8|H zTDlS+>&LC`qRB3$V&0G~%&@dhdP=32cM1TiTGIw6S_l~eJY996I@A`mnb-Yj6(#C~ zQaz+CmhH3(k@}2NQ%prY+8P=Mz4^jf=HnErbSyD?3;vL0&|9Ng%(kd zm6eq(4`}YYNiuwN=5tihKE~d*muC3w!BNcCVW)F+ueSoH8KW^OS9YdP`GAvi>xwY~ zk3_gR*fR32>|0KgR+Ag$gxNidHuD3r4+}VJ3xo?lh)%DxduvMwx>V}f^{*q`l;IHl z5?T^8`sDpfXeJDLUtOO!59aXH#;pLHmO=WH*eP!q@|4aDE@s!I zVbeR}wqIkx^|ontvNP(*BF8Yj!beFKjAT1n40Ab^d`ze0yMBtNr}(a%LG5}tT9w>| z9}3kfFg6))V&oI&xgB*zqE=W0&GCMW!2hX{Xs=IDw5pPusfu=F{W-~`$SMA&nAp9q zb>M3Ghox()zt@v2ano79)xPSHh|9>lUEvfTu6}Bf^N~~@IpWa5g>gUiPF%rI(`y&o z{>Q0-omUnV9!M>ryX$Rw7RwGt%Nj{!B<4VWVM*w05!cX8OiU}-otxbsxO#C((Sfh;Y@M~Ra(Jv;A=_D(L->K zz(7zNFAl}uwnb~ib|&}{>BTmLmFg)3RZdsPhzI$w=&^u@nqb-okz1qMB}}5kb^ol< z!s*cQBnDwK$8fPb_jaczSFd1rp(fD|`!rIIC0WQq!BWe$ab3i|;@wwa9azE*FAO)> zxBY5Q0BXgV+t2x5hw}cj06=utmT*!@tl4H|F<;8o*VJLsj1U$cQ4CYDqFH5^ioQU~ zteHpxbCCq*IVz8msq))G&IrcX7)8q=*{aIO)d}&zY{ZUHHx#7p{;6?F8DmVfv;!P zE~3oO?^cMYop1&xsr#rH`_H8adI`uKx7FE6Kae^>Ayz#8%5kK;^=fL7UE`#P%XHIK z3pHh6!DkN$CD)EWY#DigVv4Wp#xkaMls?5 zhoy7GMMSDzq9~qGd4B4L_*oS>VLt%Xb|Z?unIp@Z)dD1$o_}FIXdG7`^UQu3*Hp{a zyWjFv1Q+;{B11_Q-2&R&9!W(~ggOu&5s5*oo|lHXgbqBXWgPI0@ZFx@|K-^po8hyW zgO6<3c4qY+2RiJ|F8v;??;RyhxSZsJFh6~`kY$2`E$V<=MM}#+moE4XD2mgE^Mi;B zRoL>qzdv7>OGwN{8RCRmh=mMvc#l-B10c5d+X65rvBu^G{_;_sf%%(Ll<}3alyOuV zC#C_%NR?79HxXce%0M!ImM`weMB0?$x zSg^wQGvyA<*AGTSL}(YifBW{R#AamX0Nh8WbJ}Ml_qO;Gd;C!HQ>b^; zDNehOy#5_9cFM5yo=^}PzjXRwmJo6GF~|0g(tv8?|E)A&NCuVr43@?6#iyMEZX5tp zH!^tL0T|G*6vP1>1|x)g==k~=V|omW`bjxa7VR?@TWx;v0i8dhB=&RA9XmwpWTyXwQa9aVi8 z&%O=s>Awq-0NICcBTP1g`qsF#v!J0IN8h&R6@N!LhkpgYEw$pt>7C>g%q zsqFqd*iX{2{3lXNTg6HlM^sc*pZgkxtKKA;$eHwViE=&B+#F&T_objdLhUA#*;B~E zKwFFog<6vgF9^oa)mB8D|IGCLzcDBXRsK`zT_?wcqxQ&f&a~Nu-E7ZqoxfU^H?QPX zTNfD;T%dcNHH@Si4PCyamg898F|#_IJ333Rwud|1{=BaJX4inF+%PC`v|i%H;pDjA z?Uuw$Mcx6$fiRD`bHlukqvH~535f%tGRe_M(@39J+~&NDD|i+|!@R-!s^X*$Ty5Ck zI;(S6TIjL&e2StD{!5AE()pxiG69atX8NyOb#m&8|C$_`p&`l72dGeQZ1dHoo2}Wo z217&PHd$a_cXwQ-O>Q<1o?iCLOh@Q)>O_5Qtsd`@Q(9ZqP6^Q&8K?8zV@o94TqgOf zu$sMHjD)2h2Jb=+9(;2?`2s)i?6( zyB@$acvEsXn`v!unxOT{%xH7rnN4?jJdKM2bgV~{BDGh#FFQaD!IEKnB&>hRb`8N& za|31v)B{`vnML;PJj59D=FO3lC%M)-#$t8D-v}GKPP1v42!;AH=2h0n}FKM6!7mjwDlqn>&gGgH-0~*7}n_6A4ZY7=_Qe zat=yAvvP7O{Fp>i) zp+N(;x!MMgb`D>E@JIHba_J|KS1Jo=EXcixLgm%bfkc>#%dp9u3subKNs;JKeVQZ%_ouu@f`Sq}J@>Q8LEWL5nc3TnjH`y&_;(71ozvTABc5K1 zbCa|i&t1;0rE7o~erW)xZiWN*gXx}w*d9F;gl1X)VeyAlBKa|xkvcWi*wJyw*Vk87 zO@|R0vbeH^7G;pm=_b98Yo}I(GUK_DZ837bUj3h+%EL9PYiN*j&%9gMhXOsD_=oke z#ll84ZOeVb@zkI+q);LMP(;^bSyX9UwIfdV&pAxxBxDwnsx{^1<+HM~-jPt6O^l;z zum_81OvvCaI5)7}VAXRrs4?F6yVyA;*HqA$4(x8y?^rS@kJiJI0jE=9$qx3tntjo|MpX`#lFH;) zA{zFUY)%W*YROE%G0+qWiR^9-A9M^GGczKN!48gRH0hHBh+^;BEd?_3SA)eR^2s}5 zG`-i6Oi@?(dnp%=a-Rk{ugU|K4W}-Mt^!7(S^4V~5uMszsG018l2SL)8{zPIWh<}N zri*s&trW%?1l@dn=Kig&g`UjXhzl^PdJlr6E%#%tUcxKJzL^9(|Ez>Bet)Wm6O;~nx*uTr?{?wAFaHAVB zzB&#V5ZqIUu(W1&DVsyBNN=vg9mpS6jP3tC0I~G9`AHdF+6&4Lr0CF3?f;?5jxOX_ zWfBskKU94x%kWeRce#`3sekwTW*63rHFX71@Q8fx*$)Z3fgpHhTz*oa>OFX73n>3v zzTc(UQ6TTa&SVtT|I=rVp=V;wkE7t56@1=MMRu36c-MD2;GhiCJE8~Jo-|kRwDNl8 zhmPBtpj*{OZPR2IuOK%fm_W(x2n)RCsB~Mc+qu!)A;!# zdWhgW^EMIwlBOpblR8xuPzENkoctw6<-z!HmClRs-jy>^AV(X5iI|llflLQ{GmZwu>OE zq%*a$@`Lf;ey_#uTJvB`B~Ab9|{Il|{1r~mi> zrwN$DVKGdR3CgTcvzz}p!~TU$p#-9{p0KU#iOXG+ye6;E`CQ*z=@SLCj2tVB4v=u@ zS!r%7Hj;PkpZ{3-{>EpD#H_UIUOeynz6#Wh?OzT^bKhKFks0BBAI-{QDLZ@#*dQ{x zb}Te~z25puFkuAel{TnjwW`%M%TZ!*&z|cwgndCqK0cfHSOTxO%5|HVRZ{`9SY5y# z}QMYI}bp5og(z%U|qR8C5ZAO?au5 zZKkn4)mj|6>bB}L%{LW~>&P&!)oD4#*Ab78<6BEES!c1C&Kr$$3u|)k-M~9E&xR}*l|nx6bly2G{EYwhxc z!t@@>VW(?5A+8A_Io(@oeJ%Bym)1MQ@y7F2g^~8d!@*x1iWjpBdw#-}vsKi=;;w%! z7;Ouh3(NESb4?;8y=w?SW9;I^u8pdswhws2^o^G0YnAe8x(qKX{J3`o7sKiizrzPJ zO}>pgt4eOX*ciI>GQZd%g?{lRjQQOts;}7GSX1l&>*qe~Q1Pf{>NpIF)pB`BKke>V z@1IYy@4Lwcl4ng7>3l!S&YYs*loM)k3%isrPV26$&m)lR?p#S#f zSU0}A=RZ+)U2p9@;2FSt3;MR@ckXys?@}2XeE;lm^XVeoW}2HHtysXqY0PSt`W_fg zbkR&A$b4=i##}M1kWj&xzfL*OuR)4M6L=8cMv;Is!Eath1`b8XXvcZ|nRNmGFYlgF zQ{-L9-p^?cd}=K2_RRz(DYhR|AVxb(QUW1a6CMA(c3?!?eUNrAOpt`yu5hP{gL-^T z_-hl5e4Q*fGQtr1`hSqLO3WRY0bl9-VROvx`-DIKg*!gr(L%={+3v#=lM4!K)jfQ! zn@bF^14c*0Srmtt#P{|b=z5Q-^kX)O#fjj$WD})4Vif(0PibPwDqW60S=F|e#A3nH zG9-j!D;RlXP~16=oC19Yw;BiP@?_Cy}iWv-h5bB zkXEvPQ#3jMrf3#D%1EITZQFN2r7$6$V&_rKo0DxH^rT6nmY1QHrdZkCZ!gWol6NKd zetu`>TX4XwX+h~iqNsLQeW?eJPR;^@jzjR!&PvKd7u|xILS12QatrV0A^gt=Pp5Z| zo_xBOZL2yyw``JGRi2&G2Nayxzy*IK}15Ggw zDb?@hmY^X#{dJw>nwqcSlb`BxPg}zK^k$MXSeaC3pRGWeTN|2fgBAtSfFgB$O{QU(nAJChG}DH&<&7ytFfK zGtJk~b9R)zk4e4){9S*}D?VEcni3 z<(WUh*?&X6HDDSu_wJJ38%j*`&rwne1R;(n#^jps-+7VamsFl>~ump^9_d~A|E5!}`m@`no@pz`Gg@w=bn*)^;H$<)x zehSo!I;d)TO2?J$SaH7HEff6<7;Ve~V>=3g2M-f0JzO~pVqSwrqnTf5B4R9%mlm2E za7jfP1`f7zke`I*TNFQk^a8UkEl^Iv+8pKVIRpumBvyu)%eHTjb34veM^$3*y}jk% z#h0VkFx>{F%6v-WxMJbN;R;6UNolbr_(1-jDo-cUHcBSDo$hrHJMpc`>%8Qtp0g0c zZlh{5++A_|v<$=fDyfSX1!!MHHoU7A=de_Unr)XCJqu?>&$tgoGUq!J&RYJ+N^UgRt-x0_EH-&xxz!p*xzI$#Nn znk-Y4tYdq2I`%)NUmaIGyZKYNWdDzNWq)5r;W)*QR^1(V{6>^Arj7AjL&5PyyutD( zchB_hS%U$plGUhz0dGDf$<6{^!A$syVEr{xTy(>Upbc?Mp-r6R#%*wkzYy~0(_=IY16kWqbC<>Bq%lzgJ#Ei}C0I#FLj zFIj>w%blB37_i8`@23ROV{Bm3~ z4g&`H+&Itu=NHL(>K67nC_Y<$W|X?ahJzNYI%r?b5|~`-Vcj*`y!<)6i@CYEd3Mlc z+BcohN?2mn0T;!+`;1lv@KKH9^7VRD>MC~y^{4)EaI77wyaFs$*HCU<1QES5-0MvZ zARpbl$?t>LJF;Dr*JoQxnCivwH(lp~!UkO2XHy;f-pDI4$OSmh)YS4lD_Kb{@kxwV zyo8(o>P0{BBZ^?#8<|+@;bd1QG3_HPY~^KcRcI_#W9>d~KHHq$CDC_|64ahQ@aB51 zXtpDIYJG}25tAb>qfWC+zG?yh4t{s*>}5UmH?NOVaysI3LLg1<9w!_g?QSYPp4r6p z@_~m#6yN(&4GxtyARmQ`L{e=DI!QhB5C5@6j^;)vbhu3rmab!=i1)xP1y(2uPF%&U zH1^68_K^ZK4Nb!A`bWDig#w)T#y1&3BA#V|xb0hlAP@>W2>;IA*M6YN!LaNxJ-3hb z#tMF56feO5nnh3ph8lsWc=Hp)K^G`F@aU|`{rj#@Sq_7l=}jsmKx zzdI&~SS=Rl3vYvlUV+>_$$vt<|B7NZh+=+c6Vc?bzoo2kuAA=%ph9|>*)~Rf)gTXwSUB;F z(F82q=I&!dxIcG>|HAGE{B-JQiV!LaDMKH)yq{JPyA@udU{`4Z9`|x~^{Pi>Vh*#4 z5;MrdF&zl~5&h<``8yH^V8k{9xrWOD))_0{vuRSS8a(;#)(qu8)IiumAX61(fegHR zfCGG(6N_{;&E0ywY5#Q0JmJKu+vcP)&Xce(%twP^ImD`x1aEZNK4Y~8F}B5}4q{fb z{arO-qm7#8ULgE=I_9ejo46bj}p82yB}x8wvn)bwK05T zXsL4=J^yy#AtL;*a#T2!I}&>xEY>Zg2y%{1Wt!t7b4}a#$WqN#ZI|?YJX**1pSibL zTkS3X1KruY=<0)7a^^zaRKHhA_eIqiMEuImB@p7aL#8vC+$$9lG#L>;VUDYEAD zcYg90_As(O`?HL^(1x!@Kc#*m)Ko5lvG{d$lsbEZ{P?8sQKe%u-Ui|f?hA|7^gMM2 z>+Qk=R8|Dt#+LNEB*Q4%bvQ1ivL85s!7tK;7%4ac{Ks&5Yt`Iuo+r~@A1z*Pc3iJE zp~%QlqqT2*JX-m%WI6b4vQ8Ok4N4d0De9Iy1V{6f7XJh>PfbC*OA(_8+Ck+Wk~FJZ zWCk;JdM*PmKVtZWtYNNO_7a_l&8Ow%c0EbYmH81G#cv>$Y4Ec(_H(Os>Trm-t1ZMB zZf!VsfQC{SGTf%fgnmo#N^0P-w)U1>UHy1-IH{S;0Dl&`r+e3%4JuYfc{rD^(_VZa z1@qw`ik}FVlzZgQZ})+eK0IsaarYbe-M?o$`bWQ`%$+B!buJgMY;x`uW;&58k(``7 zSPQYv3OU%K! z>+Wp$I_=;snD2&682_uszw6~K{~RU4Qs;f7ThJ8krVVsPhd5i_jd?Td{=j$HMW^%ZNZH7^f zT=8b)3#onfZ-vbITlEbXQVJrV>+p$F2Oz){=i4~j(%rbSgxN1%{ne1`fU5X}k*dI2 z%f&ORij^U6(5NWv8>AodBRCXf3~SRK+SCtLo~NvnbTM-s%W#Tqe9gNn5cMt}U`ol! zfCMb7d7uzc6z`z)23? zy76Km$lm^i-39d6h9$7g)b)I}!N;I`Ics#)b+X287PP7%B7_BN%?S~p+g4xHADrOt z<6`IbF<8NFy*ox(yo9SQpDCOdVRW*+<_7BlU%MJ3)_jz>_Cs22R|mf=+k1?GTGwJ# z@=xc{x^M=TlGVZl&d_n%%h3x+ayNbKMG&<9JU>s&y2Vo$u>CvevLtNG@3CAL?fd!a zWsqFAhC3nBp2y!^=*834sJWFI8_KuS9R)kZK9iuEszQzEBiF74`Ipvh$PdUvnQx z+1|zb1v9P1tt^#I?9NC!YRJ{Me%&Za&~ucRGv`6#fyDwzc3a$%b)uL&clX%l@N-SJ zkjZD6alZaKX%c)%C#i>@y)h>tLyr1`CvO5hP|s6C=?9#%?`R_VM21X zMo~2k37h#*ayKUn2U{GhFsvQd+&JdN(+Jwf4vpR_>^Z;1;7}Js^6_D5HQ9X@3%>$p zC&B#um;B~X^!25ARMuXD9gyrn(sN@k>H^$j-yJ3O{U(N|AvF8jIZHp}K5{dlQtq)~Fd% zlqsqdby`Sbws`(+PQICnixv#`eC? zyL7wBpgGIjXu+5;k(*uJ645v}^HjjO*jiQgD3hy-s)l6lXbP%X!r}qk+&!^tH}`wo zUGw#2;q>yxrMlPrdHimp7)m2`-v$rta0+Vx241CIINRtBKu6A0r*R^@IvU?n6&U*c zQJlt-kDy&4-om>o*Yve`F?VsQWFxBa!)#h{{Q>(QY)O?D=4MvarbW$u5J{^1MS``A&v%Tu#Ge>AeO3ZUp#RI4#xRf=ao3 z?|lam3jQ(gslZZ?9F1PzIv)J(uIt?zlAbk}6#R60^Vg}4stWU*}~rQcWs@=D9tK8RK?O zafDIp(u30XNVdWncCe#eR9|+ch!b)33FzugF#|2g4h#lWbY+~3$!40^6zXW*#HppF z9{$KWo>n9pv+?&@hnEPRiSF91ggUXi=9kAWZk%<}#kkIeKIV^0yMH%KOA%@%(YZqE z9vVYgLiCj#sft9L%XI5pZeyWiKSjb-xqfLu$-a)rx)D>S<>RRn&m(09=+uSBt6K zh99r7=<6T?+dV#t?wPIR`hmumUlSg8kP$SSz7lF4n2WY-SZ1Yf^lpcJ5Epz_mTR!B z+E7HfjU*maTc5{1hS1XIElbNQFhL09nnCjRJ=gJ$c_ZD24IXdqID7rxa+C3EE0{fm zjs8?o&+(puaztdlPIB;^O{)izE#PUJ_h6!gB^~V-?lB*1lQAqSmAeKcW8DtId5~56 zeBUvWZ}Or8^vbEvx_5>eS$s~oXIl1%KgMZ4>nRVQlia@67IxGoc&s9UoQMl`{SOzK zX=J5MoA|(E8p9XgtLI|iH`KrQe6)zlC?cU0RpCB-#6$c=#lV`5=aDk@>}g))rf%Q+{s%VLRT?(nwo!eN)b&8^b9F zQv^-YL?t1r&hTO0;!3nGP%m&|XfYxYpe_pLgO>kO?#nodB%{ufO187sU1;c>oWXq) zb;W|?8?Lp3QND1`2XTV`(9Wx6yz3vIviMQb@m!W%>KJdHErZNb=S`@ho%JUyDBG;j z7w@wht(#hNEw`&Le@G?qded!gsCss%!RpmBXO^YQ%Q|4ogp?H=e5j@KPApGDPdhDM zJX0uVQj7u896uX85~(W!@BheW3owG~IlIF_w-MQ){O2c7(Bsbl>#o2j$PPK@Uw^w& zmdxh-Lgu__?j0v}b>R!(`!wdSD}>-wpL;$Di}dqKTKyVz@JkK!K{(zo_sYH5p5eGQ z_0b4djQKD*SNlVBfr@>MMJs@U|KdhB&TT1ERZZ>X=D9^}9R8t5&s8|sKU~HgBuskU zv!w#&gQ-kAp)&Kdgv-X;*FvhM(g%I?z0ab`05;P~8Z`FcEmOp&KMzw#*--9gf6v-% z^9!Wx>~_65c~;fETlsr^HZS4fSP$N|!bSbJm1?EB-Cq|WI`~v_{YF++4l}+@QMkK_ z{(1n#ndMn!w-=jk(_MKST@u;#kUeCHDwxVKH8o|pLf!(Fm^B{Q-?nDz{ptN<<4P49 z^(nr-op^a;$q6#N160Kev51*2pNItIE~SKgvPbPljCt=81k8=PTZ-;HRyJ^O3qNb` z8scplRoVc0VRv`k%VA`>#70sS{#4+>!MscIc@OtRAxoc@VFNF4QnxP!F}Nr-8Q@?3 zzJ+bA@pS4Ygqz)`S6X_n8S zo0g?uW#lz<$lR@&MQK4f2oaTe&UJ)KMU`%^PxH>U#$9qJB%0UzXU389+!f!o8$w%U zDotW)N(i^y>2M|jw~!q>)m7@D&h^XbW;m4AC3fFFy%xui9D$BZa90ci41@(VFUC3W#4?QpI%N&x=7AIQqOd1B7!F$=!8ld6Y;7Urq;@6u6J@sm3JN3a(aNYuC z^jM53`_l5?V71qL2ms!?llk0q);+1PK`<0HV{BCfm3jyke ztBU@w=Ds>C%Jl2s9T_P_8W9l$1SCbeL20BBM{)$EQ@VF>6=@K$NI^lQ25BT$U_ePp zY3U9bLh`*I)cxvvz2E(<%>ME7uerRKXP*1qr_bk{bMMzJ9qAM=l&R_%{9oC#svomw z%?)$38Ib3VtOp0bdwEh8_Lh93h-NUf(}A9td!r|YcqERW^|+1naSC=CK)vw`R=y;l zm!w*ATmp>g{bl=mR29hrlo|2N|Cw>z%;5yLpKR~NQr8p#f~;igUO_DouVxxcfI7}^ zuqRMHxc{9BD7JZw)gD`(sf(YsllH0&K%7^#lr0RKzv=~!q2iD#_71G42$=Kg4g2+1 zB(2v(vK%J9z*PnOrTa$_ufXs*RK?Wn#hk( zT^BaKAk6caKMWu{7olyXDmWcYW)Ea$*Vdpt79Aa3bv1+(pS2^Ps-p~}FsvK}2c73o z>%_~PoCpB8eVLgV3Oa(YeIbWX{e%)F*3M~v#P2tD>opOMrEmJg8wMOvU=-Lb5O_xAvb%YaykbCc&pFP78*?f%``8! zYePdVzGg!I?n7e>k;r!}z)yeA&WF;qly!G^2WTm|8DYCc&}-5xwKYdRt1S*ax7B1g zOD#6JFqIXoNHJ}E%*W@2oqCy`9`x?rI~OF12GlCZ5WBq(Jr-88rr+imTo8Ylz|Smw zM6nok*u=JGuN|Xl}od~kbAlY)6wf#CAbW^rvOfmYujxr<0y+Wy1b)P+_28AIVzHiPOk zp7SGlqa$#B;y1`nvifh8b6i%T1{**x>6Pa9-VGQev3$l=6*!HHyX%X$N6QGnRIQmJ zw-<}fJjUrm7b`8-It)*ZABA0`P=dFCL8l6;s;Z%z`&jPoMSh0PF-7gbCg7~!(y8t2r}?_ z8XK;WoH=iZ8e|OUNK8itfH#LWpj3iY9x*X7(?#fjPb%ICAh(%dkSF*sXYl^u(hPBP z==)}IX7AX(AektLEncI}2~Pq}zNNk(^TSL1zZv=KA177HI4}aax*SN2Jwk=Odjh*F zDG0m6v-CdAI3j*4V(fV%$Pd=A4Z0hvH{T*a*%DyyQe*E@V2{u|uh3v2pGHG%CXt2s zs5wH3z0E?8&4Q-sV>yN{=3EBs`HbGBZXB#o@FKunFmVYa7Nt7k575j^aEh%}I-ils zuyt#JK`(N%H$>(PvBVA#mhq-}(R0hmp8Ovwm%;z?5nzvyVegVZhY@X7-l3v=OWBFY zhVho=awmALg3G6xY*DE!CwLGG6w$5NVn2LN;DDh`yACq>n3<`SPN|hnyHz?9DMylj z4vdy6E1yMf&ou~M8(gjF^PK_dK%1G3xVUjr*hk8#V{B6l+O2e!kxkBX@=(g!Sbs}h zBG+2S>+Sm%apr9D$I+68;#AP8)Z`Por8A7&jNLWKV*&%__m*1U zJ0+#N%BjY;B4|vu>pzf5zMa5RP)YI^K_vx5X&3UM=7`J6?7by+-x*AY@dEMi7`kI| zbB|PlhwZa#? zu%MT#$V%>A97xjJzxnhh*~h-reVIoxqOLeB+*34>qHfG{*=;OdV0s2W{N&5l2sBS> zo4=#F9s+7yGkJ3mh5?AqCso;po0d}ougYs^Xy}P+?A+aK87dY@Rky7FR_6m7QOG=8 z-!^-Uy*M_l_%M#2Iosrd_xT6|)ubs%`w!Gp#(hiSoccRE^&xuoFe`5wsJ9Oa3_YM43Xk-&R-lMmNpiWe4w1aaPMH z)d}-0f-N$30*DX!j>uD@0UyFnhky8|I__r=JJBG1Zwd-KccG#EdfaFU_SWl-s~g#*kJ_>Pe@Zh<&VK!BW|U>!&h za&PT~i?nt;)jCXZa@Mp#wB2mEf0{O{=xd-draHXZ=+tAWT)yU~Qc}%v zVijmQE&6?Cn_@$|y-)B!*5&*T&3;NeZ z9-&-1?06W=(1or{o(a7$U+%P*XVc!9;63r6*y`gpQ@Y_3kk%d^vH{qD17qo+ql_t6 z9j_WE9L$AY^*j@7wrC+_E5Vbwe0`gr71MN;=R}mVtqS8K*lzhlRXYo+6u@+*aZjKA zdV~($x5`EEYcVw^1ow*|J9t92eKhMl($xCr7qQAtKnR(lULxg^EaBVUS(b`vOW*Nj ze^KVwK9m`NpDO`H9^lml!{~-SGC;|07H==pg~p)eHco1}D>suV4LWsb2{zXCX^&nD zc?+E2^ITHIq8Yg-x+?V1Go{0JV|KyV6PwJg7-uil--=8r5K&yoKSSVa`QS( zmKcnUbZJo#mxu^@zt1eg_`{#^77>u1s}HJ5rN92)5XL!$nq0nB+vnwe_9l)8ima_f&txGiU=g89?Jz>r4-X^Qo$ zyG7|~gkzdjmEE`Q&A&{B3i%JrbPfW60J`uT!S-rPg4$l!^xk&*O)Z1@Kw;JEsa{Y4 z1hq~CoDEH}{9#LPi$*a!Lm%urxYkvJuwWT2P>*I0<~w&G0t#^MEn5CpQ}A~ejrvTz z5r}URzN41qv=#WMX3S}IJnWe_^elEOFt_G-EtH*mSQswi`>v<>3m~_2Y3g(DE<-Em z=fgy2OvfNC6_*u%Fo_|E(;iNX$O-Roh~JI3p{|>orm*~~o9|P5ShRd9-uqb4=9ABC zu5KS1VVuiY*U|aVrR6E-_f&akCJ@-D)q;afWj%z7CX&GRZ+iHyEEInl5zX~jaM6au zNhWCwUbtwd5=ec@$}VC$`s6-qo9(>3zi4o~7I>3M9u{ez`ysqzSf0+WNiBH#S5sA{ zI6U1ggjvaP2qB(S4>@iq@#t&o3p+82ek;5NP(JJ}w;iAB$YY4|eA%*=ve%AQ62wv> zH2=7yb4wkn13l=wzW>5MTfcwuM!OMJgO|9MBPxw)ufzmxv?Ll*$HWjyd_6uFp4+@M z`MUHQArir&TB}jIkqJ(knhm~`_sQ;R)DZG+@POWrkeS!PHu08_0c45j}{hO1RApDrtw+viPiQ zjmrF|<3vXDoo?Pt`uHaZBQ<+gw2XEk%KIPT__gDHClb3EDjPsF-(KRye3~c(ef)VN zuUFK0&5mX5yGEi!bK)K3$1@Q$-p32%Zr)_duC#PB6mi!V)t)Lj1O>3enh$g}fz%UO zp9(%m*%uI45!EfU5E^LGA8EgH`%!aS1#t zS+|kEn^5_DV|M6QZ<5cj>jE$Bju@@$L7=+8L5``S$gvH6)Kwn6@P$*@gxriyA?C{7 z)2})HbErv^A!?1vLeVfj@6A7o?HlF*bU@$~%oDnCVK00dXtE&_?Sl&k(>W?8!%*eF zsE|QPcym0KH^}KCv5Nnc*nY#&I)QC}g|xP;6vTR^TAh4*p$&ZgU1N_$J-N7HqEH&p z`4&Dklxt?9dwlDFZ*VoKAd7#&bEGJD66svpaNH22_Tu=nTA(%HwVa;9lwHHI_IXXE2Rl?_b@e+hYs4ML~(RZGst}8-iPxMu4 z@Htc_R4L?0Yf{k!0!m17MfG5Msg@V*Ia%%ESS{`y`=RNwWo8J!Ivt&bMk1-R`DL!% zBd%Y?=*T&=6$S7(39f-l88AD2U zXdwFu0lGfinrj)%=@WnR+A)CpyLo!StqDdggMxosXME_)t9OXPrO;w*fBR5-epSGS z3j9*K3Ls~n=z38HF)!cs?Y<)gBU57aPR`2^7kd+p*}YsD?X*AsEY1`*3LQ<4p zp4JNt0fZ3QD{g^PQ`T$7XrUo(=O#dO5M;>rBkl_Uk_FF=!7|*=n*_t@U>|X*2@^=; zv(lBZ6;6pbPrkXvbr$gE3jwwAzcrUXp69<=+sIr9aphs()aBti+FW6gs$m`4;ye5& zb{$51AvGU;8Q6~p)58S^KwABDqTj3dP{Kv?A!)_~r+}tZ^RIN-4TU-i0N#fbb{N7+ z%K!X@1Kc3HHwxq?Ya$rDxl2p$TZP;tZn;NgQ5dB9Fs1ANO zC6)q;7~|I^=p+H9HU3>nzrp*K`a8Fi4r+3@zr$g1X2*N?Dk~;Go-i_qFBIt=qy=hg zItSAgF|%SN)k|iwHy2YzKza}0_p^WdZ_@dUbjO#g#s}4U<^I#W!gKKH$O=7d$N7Fg!1ghV#lCyLpZwb9 zgWEvtAIMf!1skf|n*NOjZ0(Ay54ZqzD}urBxNOq>>cq3r^pve2xBG}46jTiqS)wJ= zo|7YnS;<5||4WtH!5sY`zLhiw_c}~0R$7`;o-+I3G=Q}1mLA%G8a%UMICBf$t`Tyl z%Xc}4H!~uL1FC1k59Vu{@SVl(}YH?`CWwYI3(91P*sFXM1TKQR$g8W+1G>zcchfNj= z;9`J9+@U)31C#wIiT_;AWK^JDs$5S@bx&^PIT9iIu&%Xcfy+jAuAvU6=-b(Z6hLas zu*8xY43THLh(y`o{)^X$Gkej@U@Zk1{!@MaTaQ86N45FMX{aJ^Sq_v1G{`hvUC-p7 zAL73pJx=?lY`Qi-t8m?_>O@Tk;jv3zgO~7vjleJEYH04@{7Xmmkpq3+qu)vgtu1T* zNznNFQd_^qL_tr)md9fmKByb3EbPqIdG2|%(R8DQbUde`%I#E=NTD3Uh;GLL-~~TR zB$(2wXV*g(QIXF#yR|m7bT?$OW~8KD5qmV2f}Ik|5L_U1{h8zk&~@jNVbUH;)DKIM(iu3uE9CFsDY{E32|+@f=I2FHpq*oH8t*)84^ zj`483Bh0PRag5P9_<8G^-9-D%=|A7`FCY2{_tF9~pkuu}@oaR%)ZAQXc6RpE!h(9` zRt^L9`e{bsRWh9R5e;{9nW(wpqUP$eocaPf{0rVlA~q!eHE_RjBpbaZsoywplbE-VxR0FF)Au}yp$tiSp56L9L# z2bsPH%LDyI>P87ST2rq1 zKr>=%ExV`G*MEqgiVEY`Dnw3&*~RWRNh<9K3*48SmiG24-I7yJ6q1@qkUHBO@2(%p zpp!^)9-0=$XI3W%m_V#7$=^}7@DefTa*4y`Jpt2Pqf&xXJvUC5_P$L-!XOn#!hv{W zb+s(tT-COxOuRfb`8CJRrGlWET!zfBm-W`%P&2N~G$B?FAiY?kjoLapsU!!Crl}_z zpOS~rG=`QysT-P525BjJ>uU$Zhr)f;4yfOL_JG673;+s6SiBd{Bx zJvtQVF3e4uII0zMwP1kndVK!+MX)Df6;1=}o!8LYc@t!{BV6(Tv(f+JSnwf|dg>U5 z5^MByQb33I-m_GXjp>41^U<}JFJFc}eF`vx*=H1>x&Sj{>%d1cdiwdc_I7&W=BFpS zjfL1)L+z9TsUZRa7}|$wc#s?u=QB7cD-%!BxM=^s;KgdiZEc*YRZcjXBWI}UCYYMoptr}6z%4x?#U&) zoa`b5;utK;_#|{~Ev0Q>fR-kXpWnXB)L1}3pyt6jo#gCn9u7{<_C*MZ>CMgy7FuYn zd@Y##5NZ5cB}PU+NjNhpD~lT%(hQ05`lXy20A*8joqzc<`?UQ2#^cZIU?~lC{Jb5X z&1TI;&FZ9rnVDIfTd$Rti3tM`)VD<3AT5rm7JG`5de&@&m0yQ;M&w$wB=mTr&n=WL z-s!2>lIaM474q)YQ&W45d2nm&w5WybaDZG4OOLLr!wmWRU4GJfqCHhD1RyT2-=PN1 z;S4)JrUM&fC((E`*CS;&KcEGSj-`x0{1>%J4i>6H$l@?|(O0aWr1)!e`v zVX%^6Byqu4YOuFd+*+}lnA1@Mh@@r`3``8r9|^Uh7>O3<3MHgqt?5YDNl8s*rPqhd zLAFGDD}eIB#Vl_gtaS6;+abF06=*s-Tz%VVxC*t=>0li4sM|KYSIbrF+7+FbH#0&Y zZqUBYZ$#fV*mZKUC6-K>CzdXnO(R@6nsxOKAP*sEAp}V69~9sB$N#8j{^QmBAG{5^ zcA&X=>tJ@P*<^G4@}D-bBNZ6qu$f)}XqDvH!tafOUgI^-Hx_n!I}V&wIKOFKC@t6` z14{b<+k6?H`uX7Dat<%;J;f#5G&fL-C>a1??(pu;Hp=zwPS}WLkR)rk!2~YJVk!SD zbXHAv*u0`aa&ofx?pw^mn$UJuOyd*&6yRFC%E(}jQhGjgxE!?duweI!+;du-;@7WZ z{4EyW98y{$B0VHu{hZQ>e!y0-Fhzeir(>0|Wl-iMPbT(MPt$gN1``iwh@$-WGANcK=jEsvOmV94*J=avf@5BW7W zJ~>M>DKY6OHFUmu-8k$u?3XQU;D*|c0r_s5LbxDe>zg|zfv z=8m6UP%lH~B&X8)moHyVoIDwvSh=aU{jtc8@{6hH=Px7H@r9uK7l`y5f)4A>msc!C z_!-{t+4l_4T{ZD_eeiyIan?CURo&Y1j8yN`jn2A?S?d8wB++RpIi zjD2rA4YX3|R>`S57q9anB3T+}TQsOYXyDV~Cdh|Sc?9{Ua2*{TJ|Q9Mz0tjGqdET- zr3d0d=bLxCscqxkRe#birsqC?(H7^mv4!p&aR#MtCuH6EaYHz)=4njMBpz9UDDn1cNST3po3 zkKPO3hAZDMGb;dBGxZx9T3~Z5cWA%uS3yyEL4N1rnb#j}S(HDAN8i7L z)%kPZE5?Bq$R{$Jf*mf2iHQ-1@kwf;Tgp!P?~Gne`B1{gH29_V%J0y#(GTI&re4-e zQXVT;oF=#2>lOyyq~zuC2iK06qLH5YGH4|Ckc0EVww8Y9k9@5pDz3**o&;SAB&ijy z+%YWMexJ+k?ozP)>Mm5pM!i3K-g)N6+`?k`(Dsy|(`x5cMc|n~P!KkrKzc@rY<`6zOYeilP0UiB>)cWA&DGyD+ZIrp zcyCX8Ox)@2^YXn7pa8=vR4<$3f}7}6m#Z8M8N}TeLbD8tc#aSQ8;-1w*+e3QanftU zK5+f&eG}-j;V6M+8;W>RqCgoEvqC>p7VZEiHug4SIqkI}9x^Gl@d7_N$3my9%zr9> zy~V~6A3`crU4y^soMxZ6zpi+ zTzoz+7$m!HFZFo%eBq3!IBfZ)c$6Y-&}rWJsw)e)SiKyXlU$DzGwK$77Z`5C$8P~& z0J8JI>&S0lBc5ivbC9mczm5W3;04r+>HyG&D|eEso<{YNAR0U9jKX`=poYKuvj-s$qL^qE~U z#XCbkYrB|(-Eo3O_83~D^w7iWQtmc@hZg|3iSAtdMs8Kse~H|kr?`r*YxvLkuElK3 zn0b$Wr)=#WuTfoX&9M(o(mq=SA=m%tD$XMPvvIE93WawZLSA;2{*J8Hue?2hTVe!p z7M3B3*r!xv)o1ocG8Nx={Qq@C_cl78 zzNMaGWHpDUp4#n0C{<=ggrn7|u!Bs6{Ev+-9)art$$_{n_Kox?&~AO5Ag{;oJ-XBV_5sttSr!SRbEuU^boI>Z2ajkMDFYB3o=|3F)C+2 ze$Y^gd z`_q|W)a7&g+q%X9W0u%X6qqpyUk-*K><3ra$xFYFJQa3z|wC&AL z2Tu9q3UG#({0zu(5G(*sw*!V-HcKz$tN%9_Qr=Qd9n%~}=Co<@(Y}x6=>7-*P8Kw2 zyAFlZR@mX?XLMUobdU=MSeT<3AH64}&TKVu1fx-Y^ap;ppnoFxRi)4+PD@EkGX#>* z2Pal+n@fDIS<&Kh2SJ$ujZHoQ^mq@0B;&-0nMPfok+` zUE!h%qDMlUqsN;NMaqpMpn(_l^-9|q=`YvELSEEQssdOJU}bv34(mLvjOMz^9jqFZ zWZ2o+X#z!SM5wJ$Unmu@k|}id=Wrp%A(R{O^R@s1NMzeUkTN~$PZLOz7<#KDZ{U%T z6m;R4N&B&qEeFQJ&sXE<(W5nmc74g(>2l9B0Xeu5)n7;Ysr2A*CHvPFC(F3QVGY8^ zl9CdSl_p`c#k?HMasO=uV7o7`$%DAWTeIO zh&i!Eku^GqMR_n+yEQsl9C0vCik&(n>isw#vEFC%Vrra31}RA>a5C&=_beY!sLagF z%VBJOz((H}rgbb4F^}=62iA5Cfz;{)*uE5spQHLQfAJ zqD)kllhsY-zNVBXgmbOlf=sD0{OJ*5>jM3<)h>hO5l;Nkw#5q4{VWVj7!o1GTi9x^ zp>9UI(_(ygO~ISO8lX^I+}sq>b%TARh9E(@RYyfco%xB*VFouAj`^yWQ)szG{I)&7 z71VWCtQsB-Q&T8Ou{oPMd=h#*xX~v%Y$+D1XQfu7*5w@>9I#ld9O&hz45>BGWQ=Yg zpw4d?+`rjhR4M;aJ1AG)$Rou1Z2{H=C-IM;4z2XJV?Vt$NF2rckU5bz+xsvv$RAdD zfvEo#km?#q_k|!EH~Vl%w}7JaxAc@Al%9H&$n`vt1m}BNWCD4z#+DY$#>PHfMm2UN z*2?*)V^prnvA&If-n{F+ObS_hJDVA(w-;|67EdWE5-xNYIt^Tc;9AqMTP3x~>W>f4 zBG3=*i%X!~+JBDwtGvw<4FVUXb+7W%1^V1~@7^70t^c$!D!r#AaPkR=e0ka%4fk88 zdE}DBoH_14KfS(Jx7wEXLL9P)V7P}CM+_5?bD`KU7Uic~ABCy|h@;#OvNY~LhZrWJ z{A$xDCMV6TtvN{O#VA|$-d1l6wr??+T&^6}FNIy1j)8cBMwVfwB@emjL3qj#&h z`Ocpw1)~+T(sh$H+2wd1guyrEG4qW5AxBgb6;EHk;r@8ML4zbIX`0TD)5Z3V-acbH;-*_`P|>nIlnO95 zFx^cE+0x2xR>YF=MZW{ArTX!$(Clb5nsnMYr`yclo<~7JVWcLAV!7VkB=qoGOfq8O zo~@7uv{)BU@0m=wamY+#`qWSb-@;Dom0Ym1Yie=Pp^ix9g*GM8oqF@UC>CXB{~R^+ zaQPqG2bj9@pMU}6Lj*wZ-D)Xd3iS1>PV1w`k3;^kE$M8Lwk)#c)$fojgDle8@7+ z5l(@F>)^X^f!qwkI^w@Kyl94&S9tFAct8 zxMBq&*rx(79J)rH6qzg`x`G*7tiuo(qn#oRik0di`+Nm5VGTE)J_~RTqk67N4w99^ zUAQJIuO(4&15?*zS&hZIgocIHj*Z>e9>!GOORN;5{Aeo`TzgB7HSggg>jlWVc*DXJ zbTjz1a=J%KtLL32)g%F<1Es!FpvxiuOw+QC==H}rPYjVZX>~xsI^r>I;)v`d;EJHu z&FB;X8L>DKCnjSbSC#~?h1JK2Cii@DDZltQbvE|N0bxNWz^x0cfmaaq{wzpg<^Z<2AQ1M9xrLA}r+gz;tDzDc5zji#TflmU3BAG%L=|x#-q=gIPvSD}s`_8EO1LNCCS6T$cGu#sTLN zL+6$o7ig$BmD0Enj(oz+B{&J|Z?F)UY6^VStDKhmB~ZCQuR)$fV{>!e?j_9Vi*Ciy zre~u~EB9?@L-I-{Og6)d(UqU)g@8^Oen*D5hjq72S#~>R{!D7faPx|I>1b(2QEl^l zjQL|Es4DHAGJ<-_m>-+Q!+yKav4bqh!*~+fn!@9Blq= za;&bYk!x&htO-hgvQZm5x*QT^#&^r(*77^$&ucVR%+X~#*88<7OM#PQVRt5G|Gem{ z_1xX&>fFq9cy&Boa)zO09ifnYzeks*EGRwRzu{Dg0NLOWDwq9e;77gtYpy_*6)dZ= zD83@qB-`jD4@71#Cw4+gP_T1*cDU18kc2)yC}lKlWMd=!@#BOL9e!uNs~Pg;6{Nd< zMfjmWM_yqJBfgQRJhoCY#YJOwsRUTx@t)G$Q{qB2DVpp8qddSxXe!Uh;Qah$dnDog zI8zwqb8jz0G2_w#W8SVS=wVZMJZ@PsMn?sdfB@RX;STYKZUNoMI%4&BF)B#Ai;MU5 zwO;NE=AwW^bhzJ2g323U>I(x7)D1Re*$O$!^k=U{p$haWVbOHvs-fyB&d})LBr9=oB;h@`lmm8@Kxxt-W{_&{bkd zXc$^$=D(vIdP>}r?^4`KiFlz)?GD46>9`1YM$|gFW$h7tvH$@ka1Zjw9x4z$Ojt1< zHJNIG6Z7acd*b*?liX+lsn%ffIBs+FcF#)1V+sN;vYxFx;Ssi+V_Eka=DXK0Mny-n z>kABT>=5Vwd3ajo5kBF=z@rZt`t0ee1Kfz|5)bYnL*CYKD9nPGoPf#$*?Yzj=^}C3 zcjkrL(VcKUhT^T%p3XN`^4a4|SHr75n&NTNpF?o)ARNaf{Pn;-9UMGPL?=x35~~uE^PK+xvR3hkhW+!D|l2r=`316&rwtt6u<&YZEy<(AWJy{llJu$ zN$|1vH^}jB!C$M%>c$qVo;<>a*2e?U^ZWSo$8k#aK=kP4S+daB<+>Ywxo});r%$K` zv_m~C47JmQWoUtFqTnEvGp^VfnIvvl3MOsD-)}K37mapQ#%SDU@tdS5Qdpd5Ru#*x zCdf4ZtvaC7$Gs8Px(vv%^DMnXF)wHB6)oNm-|Ay1k;?8Xn7vDi@#9~9r|5j}SDrm_QZev$JZ8T)Ob@I8j8CUnQ>=}8{ zo{CAom)ejh{URf5_6ne0`QWu#oY`Tx3~%rheT48`jM+xdjZlr|n#O*gmF-(+XkvvP zq&U34dt$DS^6I+1SdJ6@Wn?)K$l`U2+Zf@fxAwoD6b1``+tmmjY^cls(jSN%@UYp{ zW_=tH*IyrNnesbQmd@!I&P}|~ zj0m*xV&(y-O#H8>2?6fNC+lwgH<;u9Z&ur5FiQ#OrrR=XJ_P@YFbU}JiddJW^qDQ48MIdxRnl$MhR3MQW z>759nw@3{&c{}HKe)p~S*1B)qdr$s*|FJClyZ6lOna|98W)r5Rp-gp=`Qjgc{6VGi z=)sde{-8dI9X(m%?;I&u3Iyv&8Rg`v&ISEKKG2Jz`j!av6Y{{zki$J%Rl}k zBfoHkQ-K6O+&AOo<`uRK=oeMAB~B7a+~KzP}s(85u{QvCv$=lZ!2 z{8n;EKr4$&ecMfPYp+LEBr)4-Gi1i^EaQUpgY^n^vvqGh)YQ~W=w8@ehX(m{kFkN9 zQ6u!e-Lhib$!}z6=m8{CvsE+5jH+9=6>Vl`qd9)DYyGC-4lM~TPl%$h7FC<>8L`e$ z9?rp;8Fo`s(?HwpO1x#9b66MU_B%&kAO=`SNt@`Kdt45VjyVQ`O5oqjyVVO_7dJ-Q z><^KhwcbxC_N5?!8GhxYAJcnev$NP6o2H_cXCj<03b)mF3VrHmY_ZXx-aj=$Q{v3l zKWrMFvH5t{#_#;freFlnh`%1^U}{*(J<0Gl0g(;`QKHpD`KU%~MpYWbd^Ue%9J6Kd+t?PUtHq<0A{P;mRk44;&pGohGVoHZ(To z)K?3!n>XFcFd4YotyhYjRN;+}aFS$+?NyRYWtx|(x=S=MwvflUQrSBT&UXK`tovU6pNG+h$+l*^_Y-+%ki$g*iNgQJgv}x(krpO zm$%sr*@2YK)hp!E=DKijKlir_!I_gmN)6Gh0m6!L-fI(Ts_}Qik32 zy?Oa7i(ZxTks><1HppU*E7ZMZ|A<#+)YU19#U)sbJ=n(DO01s$YItlnGKtaz~xn)jX9xqk5Rpt0J?FX6!rUq>I2Rc$X zfF$|?gjLsqTd{Gi@WjN#T#Is2dvz_8A@|9R?T(2bOA%LzH~X2$g@nhZ+N-OP0T7ma z4)15IzQ1>`$+%gmW!#n7J`7+^9B0#JQiM1EzCHbl6jr(J9O9ssS5zc0QfAJPD&-nY zXgTaRI5>#=v9PTzIP%b{(%;{3Q~Bi|A%VtOPr^z|qxq9mVPj1zus)UZh)^1Ci-Aun zK&2e@Cc^UKa5cY{xcgd*9}4Q}bzMm-z5thchzjnt#mnbn{a@l!#Hc8oHuf*C2r{(uaa3#jx zk$)D2mzI_qRNAN)JG(@25OB@qZhLR}M@E!O^S)5qkKH0(gffNte7OeM$sE}CWuI>N zJH#hgjzw3(O(3jRRiX~R9ru((l0r)B2?}?3b%c{F_g07dr>0oZ$JVs*_R$umf%9&M z=_#mZ#8Zz|k}bI1Y>O08j6Ytn40nP+qF2W^)B9r^>DH49(ypdaF`qKUGY4 zCTQfI3L5R{&ljSs}H@j5Ad zmIyr%Pv>}lKTVNdNw`0UuQ2|2@g28$aa2GH0~6TF1Gp-HhYsOfVUpowd5P{U@@|A?~*!L*X;1mV` zMAa?DgoK33U8WoA)>Do#TefDQM@O+VXD(1v&XpK46Za$^^7zKYq*O=9v3lf=2AnY} zDoXVE_rLhBUL;2IbJk+;p6-SVUF-g3QEVje=3j5q{H?daK{^5b(n#e@BX(%ZYQ_)7 zwd3n1Eh!=(|i4W@!D<3_rsfcajJtZex-I zsO)XELj4e%sp-ZRLg#YWS@(Pd{us;Q>FKG>fA#1U@I^MM=ioE*!ROBtZ^6H|?c1M- zPP?Y2#-Q2H(_|ZsYac|Fg*Cj@zVE=nph`UPB*XI96!Wnr3yUjcAuCzZ*(j0&3JLG9 z01&*Tpr@wvYQmNh4JnWS7yo;5Ya$XbtmI8>{dv{=a7H~=WJC#KE=TTd*-1R@muiK= zA*S5YJ|ApqOyp^vM)b;HzOu9Pwl^eGiD=D|{p8k7sw5DM!m|q(b#HxGURepV?oRA* z#>vx5O&vZM8jT76Ve{^niy)lncFnG96+ZCycWl}ZHH7uNS`qc%U$?Wf3%&R8{W

>o(^hou^X$atJgD8m%4mB|Gnjc9ju!s| z;iL#P-W}R}HP`Ldzh09dj9$2Mjh0M>ms7^y&(C6IAQy%)jhGwp&kR4J$>E;MeID|y zs?czdPf4?$wp+gh&E5UE(;D;gl(*w;RH~)vPM*A544b-hhb9qa>vvOM?{^Hri zb*PN2Y@_AE>Y~2%>+TDb^dU2Lu8v`r)YBpwKE092^8Q|t*F>*_D`~D}vsMt9)uZKG zGonHQcSU}EAX&}L%fq8RoL*qA!f`X^A*v+0;ccw{G+$VLB)cKn8*OD;k}8*zpWoD5 zeX?VIqUba+#bkbf6Ttm2LPoiSmf?pv5M@C-FHC}_1O4aOp`xG=O7bgSx9j${2K_;~ed5bXrZhklS)ir4LwA`oj^T8^vlq0;m z)`m>(#?NwJogO$uvQNfdqbE&991+PxS6y9Av~>J5h_p8~UXvu!{-S-9Ed;^`NKLW} z3vaf-#y86SOpULuG4CJUv(?DF5{wJGWafrmOzed%or%Cq7;}V0_ieVI&RW+HLR(;4 z$JwPdzbjC`XOuIdTu%-bH=^NCZ=-<4`%4{knq{FP!N(KLc*uG$3n;3nJLCMS&o;
G$%xP6Vbgeug-IkfegDBnZEY@5cW$a{lgR>;~0^-&-tp zJA$EunE;DxD?G)D3}~L0KOa1s{j?mDX`!U`njqg7@r>mw3`B#xn(rLe-60UQaKSJD z1C$|;sN8o^WL&1nwc}1<(vgx$_i;Pb&Lt9y*)~3+lZ{O-op6@0UmSR}V>#AeWI}Yb zQ#`0#>*1sAF@Iz6>!@gy#Br_%iB7D*c$-?`=4Njv6x7;EVqy)>gX(txPc6-4>Zw*< zX3$3yg!qYlZNkSs@>t~PhbM+djcGsAnEj4W#ZH`Swlzti7K8juGZp<@1e~4{Sgp#L zn;Eh_Y!;1bk13r?4W+f;(Q?d$;(UL$R=bUaK|lC*J*ST6R`FIXmuX+uxt)nT+4uZc z9_vG%&pp`KGX0uR?|jYx4k_f6vl=t2vfQ0&3RW(EHvLRwyv!!avUW;V%YBP&%x)@Z z50BX;q3x=#Z+|PrRPmtBAil_9`q!^lFb4F!Un~sRFHb09hDRlw{l#B9k&xEU z?1#)Ag-VWgPUQ;NT?lDcZLPB69kX6HcZ+8qi%VogrB}zRFOLbT_ZmqL9`506ehH7a zJ#e0^zhEF{73aFGW)?T$zA7XW!!HA=76pgrxy%O4g|;?9*_iy2Nr}NTxG_Ri6VlMf z#?Y_WSFCyDn*t3><)dT-@Qjz1lv`W*llZxq<~!fP2B(T09aPj8g(B;Al`PbDH{k-Y zTzcS1N2(Ch4#aaxEqM$io(rM?YMbr%EU`u5-CD>pifQT)PtcdZYEui%bj~VyEVL6G zq9n!%_+I@Cx0S=-ankg3rvVYVWOKdvwZ(Wwml=?OFpL(2KWAEJkwQog7&q z=^;tvM7r4Yh_dXNL;UxP;d{GNC-Yx!>u*k|>O6{Kug&WY4_7)`{6w-9(o9u~rqE{C zpkP_K>=1#CjT96SR-PMspF??=%gpn~oe!2r%iBMHmamoCH-oITFcTx8uEUysT&3f= zI_B61{7^`(&T&~24hZMy%gxsan5$;HB`8}QJEAy@7UqrO`WN%6Q{Ud2%I?Hgk7=3? zU_MEP&dS1kT3nm`UMF*&>H3eBJqVY&ZOnO9A2tIolE$Q`r&cU>2oRH#n+17t2hMMg zSoY@YsXCia{&`jqs4?xAyVO|NDrP;eO_Y{o|j) zIsRd^lP~MCry12>+m3}2XvtMi#W=BFYv$KPVypi~w=iO=L?~agk`^D0m>m6A`wOy> zfpRmbu(z>wOT>)PwM+*!uB#3*;ayeQE$?GFXyjkibsR}-k?OH$6Ty7R=?rDGx%$6a zS|L!P-n@X`L0k8n=jOjVpP~uYC}4jnVwhQAj;*2pYhx~&v(Cy=OqbHn_J!eMrG;lN zPFYS+R*5}5MbhP6S1xHnO=@vklXBaJ(aEXw(#c#VCXUGS+mQ(Bd8ZTH4K$ynubLZ_ z_AawyjvE*+4h!a1Ysj;BCS0T@+z)~>Rr4&}V}Z^#^AC}KetruFH=NIYAv~ANp%}Ua zMi_5mtv0|kA$4-P{b_F+|2n}a-u?caJGCbRV+bKVqhYBGN87bse(ID@LqXWIOWF+K zQ{1y+y>;{mOaM6&ei{+sr0tbk>f!J$*@FrxlGBv&k&(%+E7hv3f+tnPcI(YKyypyZ zYrnB(s+Q&+?{$)_zi(<=>|)MUT2#r|Y~zsAhzF42zrP=2wYeg&`onMehtM1#g@M+H zm-{9SA?1loQg3hePf)siP7#gz@#E>3!vO`tcezX+A7~xN+1Llk#qzdbFFH?c4QBHR zR|;)^ol-A&mO_jTTu1c5mIRe++rsQ(UQ@c5FZRG7j(Q9^k7eKI7%RS6*I6K>^2K~S zqSg!Tv!jfl)SNtrpDy*TgWr9BlP^(letw?JVT&tMAtgX~Z=#unJb!8x4H^THp+I4C z;`P?a*5F1ARV}`*iHS&V>s7{|N3gu6G6Zev5#!9u+}DJu^9pu2Fm4cO632a?8u2Q7<>%M1+5= zl+TrNzs73_$2&y*u_VivK7Q!~=EK)drK`dB73Z-(RbTQ$qU!Al)g1YVwl?W8&UM3- zl$80n%2kCdm7J$y@`i1(87%KBAD_LhQDWYW>$#WZhg&Jxm|M|G=Gb?E$`mS*fDkJU zL3Qk>?;ix+C@n@j&~+P1{bZW5?}G# zbw#LZCk_{zF*BM(Aguw63l|n6P7Wmq32STTY`NuU%=23ZfW>zD`2?tFO?Q_a5CR{2 z?s?zAhLAQ(A>vVWd@#JI5;E1~kp}$)Q{ci~HoKec8gU1iq4+fH7^m7oc^qx2x*rc2 zVdG@kcknakibfUQVL%GW^SIZXI-HNUzQ2mTt)HrF2A5=!D$jm?RPDL{#g0;|u+I;m z7?Yv$JQQ)?A2K3ifBIryr$_E#mP(5c0m8k%!zcX^V?}8~p(=l5bir*tKB+;+J+D z^@xE=_^G>Rxp^R>H7+NqH<|>13myx?8=+ z4Zp2JWjCa|wJ_96*6Y(0Nlmj+Yjn=6?PaQT)CbSw#d}&V^Jlb#%p0f{*& z$Lc7H5sOrJ1J|gL;|g}Z_{IS*$K(AO{&3Du7hH$1{cbyYZvJBJU{C zXc-qqm9vypj4HC{|D{4eogs;=aC-iB#;0|&Ha$w6i$;mAE=@3D?AN~--og(vJ?2&E98S5Moh^!037ukQzVbsw#UhSIG8}<4XgxUp2 zZ^dFV9hUxh6g|v&$Aj1$w`oWXUj>+&`kKNK6?IR~#pO~io9}-xJEbBWCTJuVv)iO> zuTHEgBm|P`H^_<1AMHq}p|}ijaBvV>EfHbTJ$D=u0{OrnNsm5}uqQGZa@=93yE*+< z!?Hl^{<+4znfzBl;n!W;BPo}PClcm|11cKzd=)*0=MC&p7mNr}ui=hNcn z7p-av8tmItpgI`a9jsM9%Zy=hPi=~|X7df5+%cb#g#>)s@#5nXaB6TXR-_ZPxSE)l zSg|~y!D-x;;FfmN*dm%j8nX@9rKj#85zML`*w&Eya>v~^az;f-3n$VaQO!XmDVP@2 z6hyulT6;3K@4+zwjrHu+;&T`99(%F^h=(uw-aC%odGP?1HMzrjMHL>q8>kJ9oogjx z2JGx|St|YVV{Fvgcc77Vy`dTNt72W1lBG5akA_=eg-Qafjk!k%EJq^4>=T_+d)vW) z4pMeGb75X#MUlDjk)Am9YYan{kz{}%YPYmUYchuK_v8L>m~ZbyFIg4(&|Q18G&49L zJ&K5~@&7UQmSI&cOdF^yK}r;)1OWp<8l@W)MMb(hghi*6G)obK&@J7eba%s26s4s> zLJ*}vl=v?EWXB-3-nA1j?j)b#1uLHec%Wk&$7l zY88Fv)ujmiT(T6cDD^v_B}U@4a3h*6go{QpwaP# zC|lV`u7zS9G2x$s5^@>O2u z8@ZemFN^>4m*zP8L-Bc*%jW2;NhX9DL2cVcTn;GyM{>wkfk4(t|zIq!?Sz=hK04m!r*At*sm) zPvbdCzBym47)v0e3R@uN?V|dJ_%`R3Zo(d}7CAxOO+S2ltv~5weo~#t*hBANzVWNT zp_5YhE!P3Ar2lfAuygUT%s}d;*(L7(&>;Lj!X6r&4ov2}SP_)BFeGc-%eF;b^)TD} zd#~o|#B=hVTx(62nXVhFb8w(An#ZayC;FkfMQsJ%sQ0=!r(Ve|sOR4ZOMmh1s3js~ z^;AfbbL=1U|M?7h!BK;pYG&JYj9acUDGKN~jo@a=l}MbQZ2B?S^OtgdNXegO!!Y9){7&$W+7sJ_R^vV-r^e!TA4xLhs@F zpxl+aJZeS=4l-)H1dF`?gi3x=O@wl~Map+xx?5CydnX(!i1({*cu-VAg|L%sRE*w) z@r5E5YQ|B5uxKG}ZJ=8a$7kLV70}c(y`Q{Y_^=kY@%h>O{Q6A|#07|~J5wHwdMuN8 zQr_nG;avL9T(aThu6(V>stU9T!v6Xzxp1Np3F0$Q7pXuoxl?shl;TIQ6is*J$ThU< zykwSr8Z=bp)brI0d@D=hn@QPB9y8q{u_M@tsnDK$J}7rN+Z`v81oIYoi!3%?5(iT= z2ScO2Ulg2LwY{`So^vv@r|-b!YT$jHM7i%*EA0oyWU7aL-cu6b7rAaUm(Z}q1B(?e z@~*JmhzgQ6OB5h;NP~3Q9_Lnd_6_R99_s z&e;%bWJ`@kih91knI)dgvnLYnqgjrOvB_8_+@4U(M_`|lUkZzeNCQV@WnuZ4dqs!< z^8lBJmv?pRjJ?ILZ;9bhv=kIvUieaPxXO3|8Yv(t-yV-)KZauu4Zki8n}N(k>b&x- zAX~aTOneNr^!vq=h1UDZ-r|hPm%4e?OI6%=U8HIrw1l}H2!TC582=MjOy1BFz~zD& z;3}%>z)(iXqAG1dsqzNRNJd}Do9OqX)VV3V%ODs)R61hiaM2VjF9hY%+#kl!4yQi) z_|mu#sH5i)G2MToCRKnYdyuCc-S;B^DjcyFyZ=~30B*Ym?Z_BFMz{i zi$_1KtOkXPII^j#vqf|pa@(dC`8RJgS*5m06758kXgg`zmDLRw-L@rxQsl-x9E8G! zJ;)*~J{TGpLUn$gzf7}uo~oXk@w1}Q>{k+EayRh-_fyidi`<6*s zZpoJYXi`LgbFgC$9$e)0<3)768pS}G;*h)Dfc3t#jJxwcP9txiRjnJS5r-V^zVd$@ z+a(}yNKkz!qsl-GZaBfUz%MV$EEb#9<}TKde$}^@=>W2l1Q1|zE<(h`Mx#bggk8yU zB@Q2i0dieTLI!y{kD4&wbwPueq@p*e@s&rWKmWj+WU}pyi<=9H_-mZ@Q(@(o_3KAR zk+l3qRQ(DY5^3}>H8^v%Um1HPVx+95@{XB1@3o|m=#)u_%1r`vqwE(NrU~v&H6*YZ z^}c2J9W*!uGg99`czIu=d=W)Z!43T9ZCAQO8gL*ik4R5V^UC?!5kpUP$eHfRp*RCy zej|^ngX}Q1qtRDKC{Ot%NQoxm$vzQc2{&UKt1@nQ@7o46+j7H@dKS8Z%>n)yGOM#? zKjKjblfhwXmZvaqiia41aIx~!^3^^!9aqmHO*w;Krh3bPX8pYIDV(!Jt-7T*oHR@y zYsXMKwGmg@5bP);J&@}MKjhippEZ}L)+;wJa;EG3>~(Kw2yxC3$!V7uwDkWdVLLOB zS$UT*v~Zk5xcqfn^$G2D{8p-wf{0^oPaV0A#e)GbA_nk|uNz*-KR;eOWYb1~9{(6J zt;gLu-hIHf{>PgLdyNfBjV*bi6#eqzl%4_7QAQ~6{$>_{rh)ZMMTUG#a+sG;kX5-$ zqvuII3V%4nte*M!JW)>b{V%l31Qs`(9o8>+>&bWO=Qgv;EL=e@$o*=6O-4(AlmTMt zpAJT!EDV^MH?-cL`IW0Dp-_I#@oGTbsQK-xPThG?IWuU|ms(Jm^{c?mSX5^9iP^cC zry5gNNUUdg-kQ=?5LwV5sEHX+Q=0DK0%8~>Ya8kLLmd6#Ifd@VSf2WC2HZh_lvO%s zpK<(TU*tKl^k2`AfLL8_mlIOBT6>S-m`fSb@gWRzT-!?agx*q~)a_%2<5Xi5fS4yA-?AtIO}{{;c<*yK;X`K}!Hu8+qav z2T#1Dhp>rqU)(5OmAA;+Fmn+<8%9Q2P$)IZ@2fp!@g6996NC2*ELlZQ&c@Qf68KwZ zZR)(lxN@TD)BnfQf?GH03x^Qj2e&5NU`@Mv_M9T zGdFj-Qb*Mo#cSBL8Y}~wN?EQ!#}zd0=q|qCmJ66;#%~kLy)dSS$PkOJJ0IQxlTrpu z&6;(3TT})x7aeae-(l&KBPb@0-@_Zi@RoYQ@jQWK@VTbF_A+K4PQ!OknDf?|H%G72)~^Sf2wxP*?(Q3@gu=~ZKLs++?Yy^ z_ab-7HG+Fs^DvPeAD0v$4kPhgL7R0237_Anm(-JjGT*|d|M+=)4{!;lZ+&JBXV;Yx zB#~9Js4U{3!QD|gXP6=PP=|;6SCKHn+ru-T>l8-<=uOP`g?EQ7V*9T7g&xwO)e zvq6kxOGh!cmqWuVSVg5QZ}n4IjV7g?Rg-_JKsHb@;a3NeWvt!ui3I1QqK;etK}y9P zCIveu;XC0NfOxe@!pxsu?RDw*L}Ap5@)Ns+$^xuUjF>u@JwE`ArRvfyA=cABqmKLi zc5h=6WSys-VhNoTL{<)I`>%=gmG?d0dG^noilb*!Efh=UY2R5~+RvlT9Z7?%tQ{Oh z?cPRQYtv4NB(2JO2S!@Ky)=<;U1GLuVC}a@&99ox40{&&O@Hm3yXj%3thaI*};K=j_W;Y`vwk{Q}p zX=MC#SyzYt_}Is?psSrHTbMY3%+MWG6&n8hmZKQ$7PxeJNiFR+kXgD)8Fvcvl?+0< zd1M3$davO8*wf!{;^*~56D0raQ!cqA1^uO4=JVJ`yX4Kapue4gV#VS!tM|_qB6-zS{{T1&M1X-x~;+6G0dlljA?Ysl(K#CEbEwmYY6q zIzBz1$I006A3I2#WU^LQh-&?`SorMgBNxdi{;9AE<87bd_|j%8p)$vcW3Imzyz!?# zcC&(viYy>L!zL%>fc!rUW5*CCPy30|A|NOPlPAImC1r?TYEnqGg-n%p+{G@!~KxK1O);txP(~fDCjG}g)^aq73xtVjpbUg;)(uCpTo*yOgA}-qZm&C!L zhX?uYosn(Y2)j_|PM{s~rq}Tr+jUY&hSqhD{-*f79sb+TYm9j`*Pf_{dhqWgS;;y- z!y=R`u1j*vd5#ra3q8ZEx!sqb%dQ3=>|+Hn+rtI6QV@hS3PxsWya)uV^m%oW97Zz) z1BOOx&(zusOW(7FDbZ|qP*WOco%_)eA3s5xVVy1W;=GdS?*~>jy>|k!8`L#W&*nMi zJXl4)h5mW0MSzP32IDIWEe4k9JUL3y4{s`FI4ix7F^EWFOa6|!yJ-2=9d)OF;ZslC zk9?SiPCsLSJxNPS#K14Idmwmym~z9;?4`h>kP*Gl?-c$wz4Cc|US~|3XRcNLJWV>Y zOZN8d?_o2z7#H33nQh^0TPNQ)gp(_PLhF!ai}JlVRB65X+fa)*o0Da=uGt1&Ja30Y>Kk7J0yw$*3 zki%tE}J6i(&17VGD>Z`k_U_;^V15-q_;vZfQ zB)TUkCym!uunN(qJfbV8@?qfE4LZySS;6xIn}08$RNfanuSyp_V1Tp-fLG`9j1>{j zS$gJ2e-thE%H5Z%sG-F$y^D8sFzmaC!$tX2+1rAKeFp065$nxymsvogSnKaFC=%@c zv%ls@E7b;K`nYwZ^nX9QxVUm=HH3Gly_A=a{ZG{QS)^rxODf?W>iH2?dg(EeVe-Kz z$Zm}mDNan~l~vi&XzLyo5pcRSRRW1t0r~thc@@7L4&e81LTLL@!DDpj)7&AJx*g@QFLH*l>{#=QcCT)8E}3qzR$T?HK(j<6i?zA zEnm2-YeWo&PdXstjNqIK?#pJMWo@AZg>EC2_d+OJQ*BRGw2Sv2{^U15tOC75#(&$rLYkb!l=f4*{m;GpF_7^x}Kw%Fx*nv zaAb(jl^Iu``u1;Qpm-V^577(bM^@mJ6m+#rH$zUw%r&F6t^r;oBYvsoYBOlYw+i|< z&}!Eir>AkWo(Q*8OOFYFecn&(fO8)CH6{y#Rbu5a-069r`oteoQka5pI}2M%KrEx< zY1A6^M-it+qFJqSmqf}WQy*6wt?H~@;`D1D2y#YhG$nUp=$X5-ZriSc2=Emr#a9GE zh~7+kyO{UkKsct4oV%H8nfBp;0k)5rd)Q%Md<2EV_(D=GEm`CP|M93%i+AoQC=`3b zZVYm}89>j(1A5CfHkyt}Oic<}8O=i`PnoSehyV609_LHME<6&k1ew8JaZs*cH99O<&e4Vmc&nD;@d6X_j{rC_HGBdoVa8QD}t zZUGw3U^V99YA%eGBr-+EcWzW>m--C(uuFlQA0Gic>DehBC2NCX_k5p=a?DEUk#*q6 zM*!|?Q5`n^b7P#yV>7i>_;4eSE%}HK!p))Y!nttS?Yr4-M9JW6+MSkwzOw?jJL*UR zpx5cqRD=}`7q&aE?G7p$)eGJ4ZX;1-h;Rck{ncW~^fNiUTh6~!7R1l6@m{{lp9O8a zYCMIjT!c9T6?Y`LwagcWF2k0}Vs~@u#6VL$68Dz!?J}v5D3XVrlH~3V*}X}r*XZ9= zq67@DTF+}TH?faV>BU8S5CLol$_!KQ;Ll_wI6`~EK|*M?5@oHjKKe)kRoiGWLnD6rnV&01Fh+O z+U9_DVANpO>o|dR&C+J-N#}RG2kA|#(lL^G%DGL1}5zLA8_ z(Df@ppWm74$jC7m(MO67eYl=Moy>#7U;n;0=%AEm&5JgoLp-(~cZXG}@#AMswZ@*6 z`rBakQT#uBYfIv-)S1*8>+6U!)^envaE;;fjbGJVPFX7T)_q7WbrAVU@p6$EY)9^+gFhYDC5d2s$;qc|e_&gz zHfmEEeSmh_QAtC7r)~{b+zF*Jtsfqg5V;0@w4+&)F+YK010C|?VZx#AdLX?!yHdy0 zEK;JOZ7J%^Jdx4soH-^-l%=G2RXsM_xeYfwvs*f~dFevk6#D}*#NhgIcQ}KJ2lKBv7BYj*UcRLp(@_c)%1z{rINda3it=diNAEri^MfLQoHu z8&6`(vT%)FL3Q(m5xZQP@qP9B`G+ZF4mZw;!-;|%jpp`;8h%}g9*voH@^FK(&?NCC z*{y?JO!LP^rr_cL#1 zpkL)_-WuLz2!8YCz_F>RmihsAhI2}zeGJm{w~M9GcGG9`muCH&m&B(Ne+NjU)Ij}o z*#(>Gh~BBSg7(=?t?w){L;gUt+*+r8`-Ov!A5 z3IiF4c-rutq~4gu%M3Kvo`?o#MGl)yV`2GKVZM9EEuItv?Wl8z7F2_5|J` zJwO~b5?8|zu=7vk6+#^qS#rbao-}$k+jFilL=Xq-i}z9mSOzuoU$BFD?&7O(=*ss} z@oDz;6$uwdyk=AS!KBbT2|Y8?*@3CmUFy0Sde!NaYSEELpW%gF1;2nAbpxP?CED?q ztGr=R=WG@XgJyk|c@sN+nnR{(k5h`C+b&mMn62@fS-zcoq#U=;ZZsQEwh2A-T6O)) zL_R`Z*5#MJ0>7*jAz{##<6kEj#FIbWL-WIS_v~YJ)?{Ab8Oa)qnR>WJ$<5~dwwrgE z0wACwNf!6B2K6^dx^K!hwzu~^;V`#ZCHyQSWS}yze8=t3TOb%v2Y_1Le%xgfc~xE# zcoc`?H}WL~+Y30@ltQ)I`-&u)=TS=GL)+iJ?B6`#>f@yxg_sPZ(&Wk>TI9;UPyB63 zy&T-sW)0=dko+v?;Ij83Tn~{h4Z$t^6Lg=(8y<%zB;)~QhJ}w$4R#$>XS!0=v(#AU zo{tEM!mSV>W4X?Y-tFAod|8&&5E$iZDAVJ{fceI`&F5q1s+6St!A!h(Guo`5v$AmJvo>Xv-CzzdG2MSIWYnGHa=0sqOt?ud8ha=7WIhZ`rn_*~e{IN%U{=)@eg`8Fv zNA(P8LLSQN?PO8qR)Lc_w@T|2GL93!`+}#DzSs#JH67a}($e~lw5e532u0me(K(D~ z!UW7s3m-Sdg^?z8U%pWkWRCQW5s4Dh(~PdCKM`Oz~Ls2YD67d!e@D5pAGGM2jvQ zh!)}cW8b{GwDQLPJjJJ^ffD-t+?R0YY z<03=8x=$KaW)Ik$&$zU6eMmQamDA8fEm3AgtUk?ORiL^gjQG1087_(m*`sPvivA68 z`-1fP^Mhx9@!TWRxK#c5w$VWY$1_}A<^Jlks$}1q_~uts)Cbk^IK}(}Fj;uyp^3@4 zfv3*uCxCa)sa7tN>Ng$8Ov-ZW+=6L<&j!D!Tq7>LFh&LA-fM5JVFgg^0`ol`#QnOf z?*#MH>lR`L(gcW*1%VpmxRKzW^65CZ&yahD$|VE+%CIyxkuj5|{on8C;FS>^!N3^C zYV8?CcIb)U;P6OQ3SK%<&S1?=$-SyRt9n=%&kl+7@Y_-)UX&DZRpd6)uUG){>}Hb53LLj_yam~tXeDxVZtS9At!=but+4_M z?E9~n8xf#4f6-_$utwYt69SW^@MquoUf&5qD#>)#l!&`jm#udnS6Y|2bQr4>a;CF; zyvx#1hs(3k(c@yIT1e6M4RE=&fuc89qEx6f^jFU!4Ts0thgDCZf`lewG&a#h#90*r z+3;^I?SI;u6af2WP5a*Y?|^s~UNQEtCn(XJRlrYQQ!-kZtnIT8<<~usX^?1cAQK+` z0%oANV3#D<_ZNwX!~$Dnh@#0u~N)RYAVJ$yq;fx7G|8kBuZC?D1W%MUo-qP)<}waTzNO_~oRpG`Ek0{dqO z`|0kTATuU(=N$W7&?v2-;UxuhhSmFDv|ao%MVI;~y6o|C?L!F+~=&>P*Hw0*M^Wa1;D4$OENmouF43B^2^vwOjW?d#AKbK*Me+`YgU)5pR z2ClhytT|3^Er>_uL*;dSwu+Z*Ct|$Y>;863u3%$VB0GrnpQ{+8CVpWL0E&>(Intx( zRz5DBYI)uWyCSoa-`R5SGOwYW3!H+e%cUff$q3?}#5j3yy(n5v0)k@(ulZ{oX0iv=NxEm0_=tGxM64 zmccEc+)ehX4_PwdM57X%6O3a;*rHX@6_`->?Gbja_K4O!ZTV1i5G|i0oR^6lW!}T! z0mBadI@Zn^@6G}VfB|(+=B=d;H%{FAh6^C;#YS8(sL+G}?Doc9(YZ-D^ zGPXXDCXA-LUQ(Krn{=d){iF{#^pr}pNUd7k1pDS%o9s~LgrwnY*Uw7PaH66Ima^gF zf|saCLTZt&hZ7!(AMiY4Xji&5tXdYO`>yK^m6y(vvo(~bCKA~|#xv}Ii!bJCz`SBt zOLLw%C%Mo_gZ6~ib)2aRd^4R8=^4bDOtFejlw@h<8G+Ja0UtEG)yI%Q0rbFK7bUZ1 z!vW#9em0lJa{cb2zV~k$KuaJ3R5i$;emz+D=pPSHArBUo;$B$(5Q+R(L*=s%=>THS8B+`c)HMcN!b~;w&EXh1a+wuIie#!DlbctdGFa5yG&h0TJa()RL1t z_x>l6CCcuUcL@fy@9HQ$s#0-aLeneMja7Ua|msFUzcqe_OwogZugdie~tsjmVBay6{$h*6u&Y+34$nxi{xyf;Vv@#_pYIV z7&LJL{giG3sedS%kp2Va6veF$vE1^;c2y`9DMJJRn^|d`mrKJ<_frioz>;rAZ(u=^0t-}Ol*|O z%O5(i_mg)}D?}1)SmOP=*)L`Pj3LH?8>jR8_gM0CPFDidb;eXwhtGxj=pL^p%hm5O>`Bd5If-m{ln=`(#S7r~lr6Kqc zQGGnaMvjOmF!Mbk!l|d!s<%yCP4OFqa57}+Tu6Qb z9z9}0txKHqrRo7I+rb$6os_d$JHAnTKN zhbdk6&qVIt=%82B!{us&Y*|7MX2}zU2jK$y2rupwiwVWAfSaG0)FxwTp2`jaeVsQ) z^A3NOYA{ovpCQrwfZKJTMyXBCaHtnwLw{xiTBYIIsf-&C!$>o@R^T2(`zawuHfeh= z!44~t8l4;La*aElfg~6yN+IX@*T_`M`|)#jz$PRMqu1205rz`>Y_5F(rPGl-5DCyp zb$jwuNf8Dcj;LlZNFTiI(iUY!#lE^lvWa}yZ!)-1IG^=2M=>9_(mL-~c3Ak>fWrP|nD$9*OJ`?cMyx4#tMbT4z~Mbwa*z*gV2 zb$P?>1chAp@=v>JY`4O>3{^IK=8>}!xD`?!9#y@@Aj>c^+jAQxU>_rrd3Zy^iYEN{ zeKl9DG8;jqzcfPl<2p)o{cJBVJ;EGC?!Y9Zdv$k0JrC~c)FnpG6G1glaOW&?d6b}n z{e>%!w0#ILX*2b~+)4`eyx$}K7)9L&C%5((Es63Cl%=cRXWg^7l~i`e(1+#4dVPb- zlg#`C+cVq7)L}u$PvL?rFsCv9r}@+&eF?X}giE z5B&PcAJ4mz4HS6Suc9!6UoSMcu!2xRbj;oC2Bi6QA}sUM!qM=&K`z63bDj`wUv5gh zE9-L~n4SB<#vWCZvZz*&c>?Um63q|S-n`w^Bs)^ZY4|+&!Uc-{n#x)K$Cbm?-5{bI zL=QJ6;-g>73q$7%W?LVtdi4{eU9V#mP}L{sdVwav#<*OPBB>jpw3 z3wiX)5n?t0X5v!!YTv-72DgiqTGv?KmA?A)0a5}roaMJ$ZpAO1$37BTw;7J+K7zS3 z^vI`%&Ti|Jn8liLwCtsx_$^8SDE5Q%GeLYsw5kjmZQX8o-Q_vzc%pneQ1c$8%h}3uK3XIO^=Hu1{zl z9G>)b&ayqzMg1Hopm+==tI;-_%9kR=#=Gt#1^jyqum0!Acq9o(k=;^M?5{~}DX~*s zyQ4`dE#1q(vz?ml6071ozu`EyFBll4mcCI2s%kdLxuVcEOXAQgR_BdO)spxf7rpkK z>fFbjCf1H>$on@_R5=g6X+%|@Way5p&r$N2v{XMq(zzP>F8i7=NO_2(p^Dh3@@YRf zjLz-=tff(gNWi@1W@wVdQzpCHPY?VYhJIhb&!ulFYFYc->OT!_c$cExlKh(U`2gN# zE~*GX|Kc`M!8#WHf#V1^w4nWQR`E!Bc|J_22i)v3{4US<&+-Ty}DQLx-*4o zmK{P~Yc{ON<#X%(&ucv`YWZ^QtXSBPLVN*;Yz=+b+V;=vE^+Ee_##PsvO7s)Fj3#a z2^55`XjcFv=PK9CXdTebHobPF4K8^L@n>q*7O;ME!nI*7nEK=h1dn^E=5b{PMs;<* zx{o5*#lAI1wBg=TMy8$wM{S`lZ@>*ni|-Qs!d+06Xa3fdpwD4|$ibj`8+^X?BGN-y zwTiwRO_imUkoYF9{M7u=&j-MVW1kXV56D=sGvO5xgv=xU+a7_v#Ry5b zNyv#x5{ip6l5u>phr4q~1#+(7BG53P}>l>2oe$;@v2Bm%8n3$H9tZOE$GiEXFsE4mM#d;4Ws*Z3AKF! zL~pOt3;Q(dEK66tC!LSASq*d!Q73fz!veEEv1j zV2N;g;^jI@48B4^%B&ZV`wcARf16u%*kqGSt9vJ5VPv%dCi>S};`hz(u6Mlqi(o+7 z=u7g%mYLa0F#V#wofmnWYRPoQAJ(Givo1qZz_u6Glc{8YfiOE-MRpl%T1pCOnSScN z<8;Wt32;k*wuK{J%Qy8DdHX3J3J-q=_}D(sl_n&eZlpdUw)yNR^<~n(`5oW!ZnS<1 zvE&nR8+Jq_3q&p2O&R(N2}e?Swe2d^==g4?K43>CJF>C7U8`4Q@iMq5VEZkTXt)KYOyM8-QV@qHk}pxFS1-|02f(vBrkI zz$?> zIXQEN^Gw(0Qm6FKOc%8V(UB0Rr__@YOw2-5{9h<8^Q{s zmLoXSRqoxZ%de&d#gCdwk5PlbIOIw*vSg{_cnCd|h(Lq9k^G6Z!{|ll} zBfZ>rHv;CmLfUE_r~pPl<7 zE>rPa-?|lh>%2YL4@AvXeKv2neR0uT%-maUX0N(Ct;BCPJkZ-+j8Ny5lCXcLTdzcQ zA`>5|$_NsTSVX!94@9TFA>+WLi+F2iZ+AZ? zFKVzl)0=7bsEIU3`6Vy5QdY;PoG>&x!2)kBnqLz7q}M=OX2x>Ni<)$U(=u=p`1Q^q z)=7E(O$7#U00;{sXTl}IH1WgPfetBFq?xz&2dkGea(;<^SwAbKMCX8|Q8UB2^iJE6 z!K$xE%=P7>LYHb)_sqqqM5li7xjdJS#Pt=CIp_76C2_LZJt}cD*GWlV zyunevif5Xz_<8${NYuMu<237|9iI8`vlg>zed~X$uZ~>B)=GYwTmqzOwqd4s_zoVR zgaQ4ef)oS%<*ZhL$x8~|q1goCh1+t{m3uLBZY!}3@0l?_Ul#o=;(1()TeB-%nvUTK zP|<9X%&PviYmB*(zjHGkKpi`;( zxzajPBTp~WQZ+rR8g41iCGOqkuH8sMy^Qb;qkrYl(q6KB*DpD zmr2b`(=NIhUm6{>B*}>T;wX+N5gf&v+2tnc867mK`)2RoEJsIe`$5A-v$*^V_duR8 za6~aLPFdL4^$&UK8S^}qiIP)DlaZ0}55s8-h`+@FVD^|eor`=+c}grME>5T znKO@f4sPrTn7jhbmL=o_EB8{x;p4_QxEvsZ8kE|2^@;{C?#{5wKh!x?@gpD}OGu&7 zH#epY5VGc-rN=Wsuj9p`9e51K!=rQPh5d~-=mwt?du%&d*~2lWvd<^$)9R|xc5Xsz zGbXgtmg+;)idEk7@BHP0M>jA-Q=a$kIyx4Dc2DYB$O-v)o*R+*dYwTuyek7`wj!~S z=~Y!Cyw@9rLZ&9!V6z_tCX~(1(@)TeWt`n_`{Gr+u)i+3_ZU&sVPa+F+Jbw* z8+^u!n7%cx+WLAW+xQW)jMg(lRMslTVL2`#4PO36wL~8>d={gua4DDnG2bT0tr#QR zbo_P*-PNd|^aMR~Z%n{Y?$)a2RPRW)`RKCDm?_12%_=_iHA)8VywIP5jPW_4^f@s}{0eHY_Ti{wy+tqyVnrAODML2azw?b405j zc3G%{PoQ9!YAo9`ornFT6kVbnx*A^!6|pt-{4(MXW!{`Tn;9Go6=~#@>!6QA@pnCW61Ei zke>VmQMtCZTdVE(l7`Tqv%LLO_Kqx1WL`#|#toO?ye~DISdIMofjmc(Mlokk6q-RI z8YToP<`zRmYW9uOq1KX;26;sy{XvP^@p(c1nG)KOH%JLeu(cs}@To~PO5T)_nTCtX z>;h)aNi77KyEVH$=U*3Cz|_!&(P0@RGO9Z$Yoh3=t?Oz;FI*TFSOvMP2Fi-jZ$zOp zGYhKshA;A3ygZUR&UUX(67OC||IGEL>~dyp4}>T25h;%`Q)DScOyA=Vo(Uha=-pP? zU3vx?za2Z3{?C%;0N$OT64G?n$8Xn&p*Lfe>+R0&rXS|a71mE$+oJdOsu-{V^`mXM zp`k=o&oeA0w^sQnvnF~J&(g4whySX&5NfE2xDK8TEW1H0yYY_8by?hPFHLph}-OZ?(@x7 zSP!X;qfmy4VyVw!V(j^fs9XDA;t?}^YU1Y7xa!y>xX<-FaP4SZMWO3&@z`}ycdq&?*3V24M|atxqERc|)4uui;} z73hML7>amy!*%KFYt?Wy?5jzsiG08XXk>(i&e@z(`Z91gplM}om7R%8V~9|x=uOYH z?03VaKYweY!r-2ludp%JaB_9tt?t#*l7siJrb`~XtNr`aUG-;KoF*Dc zYS;I+kvkvu_W5=DwLdIDRjH0G&;=6jJGjkUUAmo}-{U+b=}&&~KU{!3*1sacUYERn zhp)z#Wv!;HZ@X7L@RWRIWwLE@>b1QnL74kWFnSfP3Tm|VLiBxZ=g&)8kR)|866)Y2 zh+Q{mlX-@U_|R`p6Kh!QzXbDtvxjnqkf?CV!osR|+mIrLlSZ=q^IxIKOG}q8mEPhe z5Ibk&-{iG{{%dO+KaBPVQRq{GlQ#)*S_tSw4YNZZ8uJJfPg<-#5RS+UzJ{a&U(h<3 zIH}(ECkKxmxv%+%Rp}uU(rtQalKd}Rt8-(hsjR#?Y_zP?mmp!))z+95zkX~0Y<7&j zQHs_QueM9bk1(T`B)AU=#1OA}*giM=+u2_I%{t9^nN%N5#;N_DY<`q?;rPJk&skAX zQBwA8K5#1tg{nWxwp(BDKmb`E18$r(Y>t zJ;RsX?%(UxYlGti&p&f4C}P?d4Qi_e4LKL|Y01d)1Q~R5GX0x3;)aKQP=Uesd}3U?(&Dk zJtEW*_jSFss#pxaqz7WTqpdTi4_Pio=@fAM!_wsQ8zAw<8aq1vK>~!>V}VJ@n%lYy zH@LjpDVA~UPvFk8DfK&Oo~0MDk4QXqHhT*2&^${mg!=rW=;IlC5o|7oTT0?CqNy04 z_4&7NDTU1+r@S;&y)XC7v)_RV;u+~(6lHHOTjhOadACK0PnBdBd3_i4Qkj@4Ie{)R zq*in{qjfZtTK%4+n%Q@~HpQ4pAL+QKevfdgJUmuI$k@93QVAH<%yc8t zAt1%j?*wEcLR3Gk?#dgClNtL=ak_=)2}w7Xw|X<<<0wsg{<(&SHzoMv> z3DU4flX+@}Nn4c*%1`1l5QIMs>~)%(+B8y+SSs}^mrP%~nbf+=fbTKXvogcVD zD`>WnC`lMbGn#AMq!g`6t*+wTVDs&1xTVeuKJWYTjshquvgw(H?jg@#y~BN(PnIs% z*4Y-ODZ&+O&556D+jxe(Z;+KfzjT!JLw=q~xlUgH`<}8*E&^l~_lmXmH&Y=A<^6O! zZq0K&B1k@f`U2X=J5MJ4j=nLEH8rzE@6O=)E@4}M6dBO(AR(p1d`sYu| zZ3Xp=imEqyt3N3%b)w*;^z*0MTvDi7?_CdT#e|q2E^J~Pa`rYYT`L2QIG;xbhwg9h zJ}7pX1}1b4*JVB}MqcBr1cP|H)t8wkaq@8kMwe%tzz69Fv~G`KE=S)W)Zu@AnTEaX zG2m6~I$|}WVU&MbO$=f+PF!ke9K>p{q%40{qYzB750iO9OBpY9KTuaWg<2%kt8>(> z2XK2kM))?j4P+1TN^IQsg$~#YCTxux09GYwK@7BW668%SGFrd(M1QX0cwhX;>wY+y znWfjhG2L@c#qJae=tqBSQNf{@p8L@ckk5JDApPyz*Meo7eaEk%YZCmxaqjCMAx2;W z1JUta_nw+}nI2Y@#ykuv_oC&IXQpvVo2GedYQt0ciFNswacO&)KK~hma+a&?FqDcP zhyA$oY%qO#aw4JZ@Us&r1B3dS^HRyK1w6WY37Pr7z>{RQ%Y16gwtc4F=A6kq$sXK7 z$u<6+ z#&eMv!K~CcMCgF*vKlEOn+UP7Ow#CfwXBTUs=xK?KtrzfQI zJbet_s)>Wh2j?V}>7?xAYXfCkhv^E!};Go z2*So0q{hwz@M*~Xm(uy%5)0<*?6C#W@Bf2$BxXVwzld$AOCt5&&R4pFoR5i32tMyF+2e8X+emsF^J~XUyL`|E?l?< z*Bd7BKa>+|T~V9F4$8)7J3nf+(T_-ZpUF$Z2-k$}JFRPv*v(v?^R;cc@LrMLe#qc~ zb_EzdZn5hcl(nD8GxF+lzc8>~Ib#?lrvE%2CSNOy4?fM_xA5yiYE7%&;ZLX}-4#FKwydvV1fT zQ-*ip0awt^7Y{_fkUDnN*^Qlv_!@Dj%nb-n__jg zoE*WHfg-*egO;#m*Mbx5qxBvNnF~unsX|W)7N078!D~dN~QY0O+e-3HrYtwH8&#Pb)Wov7zXJjNdA%TIPpC2m7rdOpE2bmhn zfQrn@=I3FPt*xzvJ?OaK=Xp~>P>NS6purpGPC)ZF^~{0?N;K=~AEPy>?jw03Mn9P+ z-^L(gu$x({Qm>`A(TOwS3?Uv|*E>s=QSa0DjEb&|j*#%Gx)9m;%-og-`z~rrd;`K1xLmzo`Yr(gCJs%X`$-9r=2Vx~Pw>EN_4mgZeM3NV#~|!ZaINsYK^kMWaSv5I!d*CWz?QXu@HwD)}`uKqM5I{ewMQ>lwvVt z>3BH0%dO;+dpps``^~V0a`SQVGO^zM*rKDT22!CY&D6JVjJkpYLrXXqeNJmSAsRSF zlF)0I7vyF8bNC69A(n}=ni?*CFg+47dQt+Q;jmHSUPWBCtM#@AMk)H79EQ`I3DUdS zS_z@YBPANc&Z^RO3~#uIrpw3<$!MefueBApoemD$dXiBsEjznqXL@Gl%0sio$L**0 zze!=6QD^Cd(nA&#{K8JtQ)c#;qw!3+1+HRsG22(KG)e}KMSc8uE0|8WYv=M?(+d|a zw4R)(ce>AI1hs1L;BB3Vc4AC|VifyBPWUAz-v<+i-O6ZXy!qCN^ZCWEu)ss`Qc8P4 z-rFZ-c-XsXSjg7kCEaV;0V)iZKuzDaEBz(_U2Rt0lHkkHSZs0N5DLFTBeS4rR4nla z{fODbb%0=nu*f06z>s=)Z_>}N0|6|;ti&QW01m|Q+}`?U<~+!uC~k-3wY0V4b$oCN zVQhD>vmDiLS33Rh;Z*Alb9wrF&2o-k3&(QSlrZE>F3sYG>EY4EC0y*CCYjrqE4#b9 z0CjfHMQ@+yUEi<%aK_<03g^^igZ8S?0ooTMW^xSaQ+;j39}R3C_;KSdK5ia9`MmNh zhsnvhAk> zPJ;FLBK-dBM8`>n3}P7495rWm$@^6` z=PC2xRxTf{6@+$4n7U6~(u(*q(hWhRGa2esuBb;m^vl~Eq&IXZ(m_ZqSxa+08PI&X zUVCJNWR4Em{!oe@lUv+LJ+>gJpWN!7>EYp0rFr8xN%)lq=tbY-P>}CIt(wE(P?Dj6 zN168t*Z1t8rK3(c%bPDl1rjI;vWl}5PLh0$1TSc|ppmK=Rj&<5S`P6YZQ31bnUmCN zb2gjm#f>C^peG?htV`Y%?9Z4Q3_OlN46MFE``|4T&j&xY}4q9fET%|PBn=0`Ml%%msP0^eZ=|R0-k!R1i}u*n0?$l{<7(Z zN2gjzzNUxtTkBG7+Vg4%;APF(&z0YlS7s+R>wRzOi3Utg{^x#6& z0cKQ+R;pKA7~c2XCU%}E1BOB6>T=jAYU?T29SzZr(%*$O_9$jMxuP+(h1c9tS|bHN z+kp_ZMpkh@Raq3j!8GR-pXFI`HWGgqhRK2rXg&)W`#*IlHzk=Jeac8j9&dxDjfucWpzg*qmoVbcsE-xg%xuR30FO_Ka zM{#o&H8Jb!)EUNbHGI%zIgC~@qxHwbWxYT{`>Rwpk6?@mPGj(7959ZjlU-#h4s5C7 z{$_;hWJEM4SM-_mwmUE5hq-D8m5lahh`@vzjfWE(y_*p*Dx?k5mP?9}qlceg3ag70 z6qMgQJ|JtoCO7Yx9D0lJr4$ygdDd=rc_L3KTDbet^mlpUqXtLMTo_}=Y&BBt&SHg~ zDl1s8cz9b!K-(-{@`6Lkw<73U#~AYf_qqPW1N074OH~~eOHNKdK+ZaYHOy)mX!1gt z>NE22J=s#}k?|{aR4(?l!^qVqd?r=4dgi!m;Nr%LXP+N{TnbKr8YEbUQ0 zva+z^XJ1BRQ}A?GGcG1r|9lc02o?7Slyv<~-nzxhb$eq{*d`QARZ8Y6pk-m{5hs8K zwVQA5LxqBn%!K%@Aeq_Y23?LWcbm%eHIgD5A4htT6xS?k&wtnX(?+5Io1Qqsvaq25 zvD?eMN%qfIbOfcMJ;LcNv5~YHXGy;D%j_Duf_t8QNh+iD+v(am5WevJe;9k~s4CO2 zYg~??2QWaS!$4^S=>|bS1qtZ}De02Vqkto+(hVYAD%~i8f|PWFBHbd=`dtq?zxSPi zZ@%9@vzD`F*37w|>%L;|eeL`9+ETS#bs?{waJA?5l3^e>T({biyE;G$th{;SP~nu* zz_xxSe3Dd^M6&J^N@^vJ@Q5kZfEj18vDvMT9cl`Axzpf*D&U25GZHCBLUDi$PRWNX zxbUH=dw3vBSofnD={N1bF1lNy=zjU+LM~EtgaCQWSIP|aDN2(=S_q+d{Szw@BgX!(rx_8vDr4}Jq0xkTtf-`{8Ba` zFe&}yZI^yWQl)Pz@4Xk1i9sbU7vS@HUW&;WtT9y@61u%6!+}^4vs@ceNV^2KRX)TL z#y|ngb>paY1h3kcu0G>Ej&dU2?7=v2h_eP8y36@@n##YjUk7e8_et`y08;*gk z7B_-C0}z-WwwJH$@L+Oy##WHs0;L~xF)Jw{_I__ zuj&4l!9Nb?WhtD?kHm95JBn~FyMKM`JS=xq{7K_yR+Zk*b3^K2wq!w0#%+PmGfIIx zNxpDPHv?dsT){l**xxYK{F<;j0TA`bJt_E>Q{!6hQ6~KE_Tx{Hml=mPeR8o3|gX<&yaEi$e7l;v+uXcoET9cPqcWoXeIj@-LE>{ z4WxypvPEyLwc-QSHgG~KsefTxihT=CWEpxpyIRT(;o~UPGyM+FwMorwVlRWMKw6Um zJ_@}l1BJ%B>GhR=7h|LZiS3u5DumWA*ev@u|A3qusHg*@D2tg(m5)kgwuG;`S)PH7ao+bZI!j(KR1LNv% zY`ybNGL>5R?;C@9pOxD+-%9x0yA_WpJx@rFt1ITo>6TgQK1(3UV3i4ba{J?b9b;u$%aM*Yb1?&Je?t5dicn-@w zYo^Sm2I2~H`byX|bSqn{_7OcJT)$v5WSAaM20R2=d>cMX_>Vh;q?%ns6jE!X(f0#6 zm>t5-f7Y1&(Nmui3uqvavTTExxe3}4$`p&7jL*U`Zs5Y4o0^`!#h5>oiC9tvZIVzL)w0`D(m>OEZC`+_JaY&hA;H@w=h? z<9Jf~d;kJ)-}|K>-4cuAVB}$o%tq~@QCYc5ks6&PlK|qz7^Hp6M4vYFh*rtrH}* zq)U;MqUAi);^_UeS<~-P7}JE35s5?45$~~yXvI!6k{mUabCgK6*$hA>G$lJgOwD*n zxv_+o*iZEQ%6viF{I}rBsakhS$ygFUh0GIr(<`FzOyo*w-6scb0Ts7~VG|{%*OBS( zx7=lVrO#)gpu(>=#M~-8_SWcu03MI`Up}jWxXo-p!_#ObW=jHKRsi6BJr2@n1C%wz zW(+)VUr79kw0G|Xsw@T%LOO_>1Z)=wYqVZN`1WLjPUPLde?bxYL@<}`Uzwjjv08(u zGk{#R3~Od2!ib(NvztyF9a7W(`6!F1ab`#U3a051>UQhmplg*Z0#1p#^TU%MpGAf- zX#}?Z$k7DxcjBO&NRjFb=(vEkf>r00_P_f48*Vz8rvD@$*_`Qc?cqM*-|X8FSnQEN z^p;l`F2xZHtzVCTl2gyH8K7XCWT8i~=<(xoD)Nu+v)e>PZa*#QOJ!_$&a(epnz;xW zBA)6p_~&N8op51#?|9%x`P4lGD#=#*{0adAnfCsxBJckZ?JqXjL$}z>s-pMH$K+i| zR}%0HU@e#titr4wG3-*_w}1#U()l=SZN@8+X?@bac~@#m@ABVTfbVJC0aS#ayM)zG zU{&I;YzR9gonNO#)X$RK0+3z?o~(+Otlo8c8TzNSVlmWktKu;M^l>5PW$iTT95s`w zPCc~)#_HpphzNoDwFXQ3%X-uOMhfANeNN&8b@0=AwDFa&+*X89o6_l86L@*q0$gw^ zK97q{y^;YcG9leW4UOqBaeY(ktSh?KT%~Rv5N~wyr{9(Q-YB{aTM@~h3a=jc@O%o0 zVChsuqz58csLLpn^*>kebG)u8$v6meYR}_y+cxE9^BQ?4nV~NTmGMNPPJU zIxhsDdERlwGGgF+h2&#RejC+$SRHwjI3j|o*#XQ5;h?ZjIKc4RXd2FPaD4#;H4q%M z{}~+VKIDl0%+qrZT5F`He$kJtA4R+DV|3p(KW!IgM7kBzkcu+s`!+8K=%!Pa0{HE{ z@zy*zfC3Aa?QeWpb}xfrq0Ss74Fj7p3~afV;dc+9u&&?`uWxg-ub;7U(u{}CTS7s( zetx{9&gK+pjtS(UkDX_Y1^JZy3mk@PSot8~51(bPp+Sx!#Ok9`LMH|EO%fb z1zh$^>=`=4_L~Bwb14QK^0_y<9({Wb+uheWFhYX;$N9P3dt`262)9|P9Zn|HXn&&;dlUfGEG zm7k^U1$VxGxG`q)E&$yx>r=b@YM_pR6hlC`xvd>6r^Nyw$ZOr>?W3n7Vi;-vdUzD8 z5^s0P_OW^X7|%yu@wlKBI(iz91O(A10{nu{w&czGOAAdFh0?EU=bQCp-1 zvpKsmQ@WHS^yaR|;LUi9DN!kom-F`rOa(kK)1t39ZsR`#fQT}b2n+=xAy4$%TOymK z|4J1+h;`F3iRbUe5$?%$c;Mh(AT)~CFfx6yMQdJ}El?pwiF})FL;Kandq;Sx3;V!d zm6B7_`{(yNJ3NMOn&XB5-|35kzleHSM@WT&g5W{w^A|_(AU|NeGhxOiAd5uqLI7xN z0y!g0&H)WyY(<{JQBT1{uXSr2uqI`lWw;CB3At&rZO}T*Q^}0jpMB_)hZ7|FE4bij z(8O<&{vIap_^s8@vt$(D+_hgzMZZzViJgCfN}{Pw&IUGi%KTbqk(hP6F8pY~Dd6<@ z_$d!GR$^#C{)xov(|bO{;|{GWReT3$SqNiqR8;;*Z`<&l^&jgNe=6nAdK2T?{d#(q zQ&SX}_lzl4E1f~dD&_THxaPH9PHBx&(p&dWlSshY-LLtuu(_GJPh%prw?5J0s=w}9 z$Rx%n5Fo{3OXlRDcg5SUdf^-rK*yi-Q|w5Uz!BlU^IQh%jGTu?{In*O+e9Y`3X7!Q zxk9`lilRj)N&V)%Yd%{8SI{We$-euUb3fziUb4HoS{`S9$2l_VF#N{$z z59UBH(v55QeUCoM7d#6E#Swwjy*=nBLuNiQ-7YF|HZ!%3nWNNddG>QokeSQ+`;DA% zX=*gK@;Km(_w!y!!W4UFI6T^CsnrBN5zJN4Pcr6Pcho4s=|S(bz8S#ftofM=n}u;k?a{_f0>X>|)0#qx6YwM%8Pm&+uaXfUoBGugmNRAU^@Yoaz_zIF zPYM1}W`@9m!4CIpxlBbdDSDOPTnD_?Qt!gQSp(fvJ?{kGfuAX+Uj~P9LM>=b0gA|&(?gJ4;CQp@t z{X^eCBwv29af1%8hvVD#+2l!W6F(oTKiLn|p1rKMI+|Szt%g4Cy>-oR_(A&u3;O{w zQEjNiZU549hX$y~3ZK{t>gGj7W~dnk8D(_N`jzD(SB>atvy66_w}ZYwa<8DfAc&Hi#L)pc(Ww0_)UqhQ$4 z_hmJ&&JXQdRM$4lp;NVh7dB8sCo$`g?pt)cRZwpn;8o75Pkbd;Zht~xFVXvPj+?N* zkX`QeK6e|5C+QDSt#mia0XRck@co$^xBgXFko$}{l(|g5?>R*RQ~mMNQN908C6HN; zqsdN_EkhHkCZBZoeQ0kIm{t2^`CH>do9z||+{DO{MIB*auO=y-TZMn_&ZY$flP{L; zsgq$b0}yE4v$KOwOhS^rEc!H$k*HBUO9&y6uz!k;{}CYl+UxwzXVrYlD^nIhVZEwa zav6WCwc5TCyv(cXIPVwl=Kvix)zA-M`%0*({b&ieFez^|0o3Ah2Gg-?l*cHKUkBiW zSwItH*aIajDp0ggui4_xkLTCDe-x-9NJeMqk!0*q+wlJY)U)A4)EzmxiSI*x#ob0T zAlik0b2EE~XF=Ve87>|zd!&EhE*a|FIVM%Bdg?Vi2nVe9Al}p0g2=EG6u?7P68`xk z<3I;(xQ2D7<`<$_@Gi+cNYDV5A&50msE23^y~D=j@vG@_tN;d}v5SS#mvQn(Eqfp7kuWlGh>v++ z)FNt>(t0fyfFO|m2>g`}Hv<}H^T-$x(}0qKCjEN=a_u8Cy`x<7dcxiz_9TOB%Kp=u zmhL->d?+l^&965egU~?L1qcK>?nL$&pVOF=N11G2e|;U20F^g+#*&8x1F|tSoqC-$ z3fkN*^x{|K8^^PNi9lF}jLm_oqVEWkd#=cZIs90d+_8fbga56ML;ih#MtxrivI~S# z>hE4aO?d+~yZ_u>&0`Rjq zMn-*p1&uY)-t_HbX_5J;Wu8vB4=MD6`uJGP{>{p|R-MZsy6k&XZHael!rL%DIygV# zt1|Jqd0W1zwI<~i<1emrgM^@ey)D%m8^yfxJ0BqP@8Bys3C7h|7*?MV0`$we$Ik>n zc*p7N`DYZf#j$);SBmce0?nS0vU7A{DWI!9kBsY7tZ*W!?+>n@p4UGLCt}Hd>DGx5 z769$J}nSUf)hI+A|(x#zdCVdi0;ZtWGI#A#pE4$M%R7Qhyl9-okC;P5ixdy5Wh zYErfze$io;C?|1e{5R6-a@RPPF7{j0a6>Ffhpgl1W~?&eb6%RT}f<~OZvlW#A+1Wri0kk zRjw(1OsQw#KQcaqtWZ7fN?-Vz9Hvv@q?P2MbGP>?g{Ve*K6qLGCZ2vI<##|cJGG7= z<1m}Ox4`)(o@jylg2(-Wz9?|HIEu6vi-hSVZgPSsXY6d23m*z3K>}CF=+=-PHHpiL zFUsKx%8PWfoh|VGq)B1T!Amw7hzR49o!LFs8>z_=ry5 zStL~ZBTN%zn?byn67f8K^I5GQqfA>m{Tq5u13pS3pV8`w=F=PZy7%V84O&?`rN^9f z0<~rWC(JN^7EHKY%wZ)!2GnvdY|!{Tzks6o&1C6EgztMM%R$hLX}msjNYLaVL4#*s zZHNTTtJJishXlW;shMQqidA;wSt=2 z*%r5_<_fGeUT7%2-!Y(%yk19vYOMY_+eg}Rm*^1kv(aKTFgT9SfG@!@;t^qvF%ba)>~V+X8#S0*Cn=5HORo3Y0MaZjO)h z>s0nUS5%}$f(Ew>l*FT;^&&vM4={K9_JCP-YPM&#SvH#DFDuYZmg0yAslUi6jU}do zR(ARf-9!mBJ=8y8=;vNd4`&`^`Qs6Y(7{y3R2Sj6qkOavS}pPZME0lk;eW#gF_dpJ5Z%im~p!f7wbJ<{QgRxdCO0) zmG2x-%bY9=xPU8cLufi#C=;IdXR012a5+5F?H9`oT3f2>n4Qtrjlg4`YxR#xe{T_n z^B|5Uz1@K|#X+x=5uP&H1!BF2w}ipX=miw5j`&#*o8^4!=>etjdq7?Q<N#*%Rd@?zyyfcwMkQlgF$ix>l~Ua zg`+YgDyzCs8mjLcn{)08h>~y)d+kL)(zR>6&Z$fn zB%kk8o|d_`fnC#F`(ih+uf@C4$U2^f?PkdfLXfrDvz+x4>%blz)60YfM+z(7rmsc> zXDN$rzO+lmt`Sj7?MhQ?SxnT}FFmMY?w#}Fk#)z9x6NuA25xzNLO|qJa8qUFlY_

>wi3+wx$(KfbTQszk8?cVIE`FL=>5z-RUDbp9|$v7?j4@XXU~W^je)7<{r&kB)G4mrr!t*(Mg|xZ}Me z1ddKMgdk&?{W7UF^_tBxy5L1jm`63v`~`hnO!}15qJZv?+nFu$dd-So|FV_omLf!w z&OVY*zAwuJiFZqk$Tc=gbus-Y!TPUMGI;xH{nt4rR)`EWr(u6;epY%?@&bVZ26(gT z%7VJxL=(#*=g8dXK*1W0O zv8rP{*Xz_!ts4UCBybpCc2nocE+|g|D%4((l<~Dpy>{vS7c{m^olE}+I-=ZlI#J`T zysmcY)2D=Qm>zi|;$Z`PD!4UOaBJox5hcTy7X}5N=kfm*d>Na{$0d{Uwy0gl#^}^I znN-)IsTgxV#k^*oGWoqEW3JERWJsE5VR!Vg5`pbYF(3>^hoTB#eB~4yM29_&qna2G zF*}K6cCUZPxz~iriUdeI(%v(hlcatXquu8I=GN^^%H~3%O2xgtnV^91KpMXSNsZJ0 zj2z_muT(>+s^K-3e1zDLNgTULd7xbe_;w7fUEPzLP;P8KKf~i~0gl4MR8A!9;>M$+ zaRrH^A^<|C)VdoKCk(wZT1+~}rUbKJVToy9D{KMD$UT1Ualy8^ zNP#WVR5%eL3E9&y$ICIf<5E1gW0mf3nHVix;E$}53AOYq>*W*)R~-GCS#HIoypPnP zMFxX16+*NQX0*l&0!OS=Ymk`JWIrj(0$ji0kAB*Anpl~+V0Ui3Ju4{r6#Px2?%pS(E!`;gL8R#0=*GRn)%a-anfhED)^G)s0)4oa%khwU zJpZtqOOE#~WbcRnoEnH&(rbx9tIH;r=PB7NgWGqK;eh9J?X+UvR@Tkd_MhPGTF_mGae6zA`RyY{*v?yk5u+=RROK39X1QIKK49?0f)1uAeYwy1E(ya>iF0z zV*qWg{ym>B4)artmqmI>KSH}JLgWHmEV;6!?>&m7sB&pfsgL3?qA0>B$s$13e28%5 z=U)&n!z5^->wwagasTf`^mks0XR=*X4TK~DRe8Tw1LTxdc*?H^YPj={sT>#*Xj7$T z=-F~l`IQ_UoJb6ttWcQ1i@54lX}!I`h&7VbN`MX*lW~tCuTX^*VCyaD5xe_mGR3Ug zMUZsUhdS-sY}D52pF0lP*)q@e6A|QOWD3I|?>USge1usHle|h8v zzTAa}mEW{w6t)JaFv(~#(H$34y_z7g7TkT$gmifd%5cs8vlubZ5>RaHt0SeOWs?^M z-V0+k;Nh0dn)fGQ!WgG<3=J-XuiuEk{4Oqsyt{IN5e%ztge0Vo5JKT{4(B_5@ZuqW zA_yz;CydRlmXR3PUUkS>7{qg=O^z(N0^&4z9jQ!NBVVs?UnrD4SpG&_)jUmZSHMQ# z`syi`M?T!xOOAj*<&WC?HSbP_5C@QRc2YC|@Cbv8e_aQuwHh3g8@_MzaFv5RNH&yz z)%lpng?y5sBxPXYcpGdD4dFa4)o(Kb{AcO2k0Tr&s$Oa@-XDt50b*+M1>~6)yC;kQ z8{;g}AG{81F~

lhJiit}0BKnYW`Y{cXJdQA=Ma1j|dzPgeIr2eykU=fV}+yjKk#W~1<_$+OOh z!q&-%DMj;oTnfj|x1OF6i<;!!4L~w?o&LW;abIGD0)AcES-o)o|#MJjCK`p+JE0 zBAQuP>VZYh`vs|5VRxnCQgD>$f>wvTSb}_ru}>xD-7$b=%_+Z=YY|*wu#?#0NAWZC zZyonVXc4vcW30C580$Iw1woY**#B}+nP||Mz|lN~ z9na7)+G7YWlh@ewSuP)!XX|W47%G}s z`nhaTdhuDxiam}F_0Wwez_uA?C_aI}R$@G%dW%DxlUDlrJrEB*!xgfZ2v&jvYC|rZ zt6TTMnIYv0T)50Jtna@RAYXr;I_!MV#E`8UUCc(&6YRP(yOpG>k8aI>pB2NXf>cGX zMxes2_4qcz!MA5r{krehrU$=AXrI_i-|;w2a=i`@CB+x9I&BEBTVcGYyLlE}=s7FD z&P-%$)K+HvW0ee3W|>K1-Vb`p?R5 z68)_Om}yVY9V`>WMP!h}B@2sQpz^;5=2n1n7=Glx!-e|u;<0M{K?_Z^x*{@o$oa*x zT!5}9lI*DDKWpFb1_1lUxSLWAWby1Y(C{32S{Qr|2WUo|DSS2Bi*MIYvrU7!TZgvW zj7@--rE4rn8ps)9ogb`KF3rJj?$&npYxel{7@$GBpf$=22{@vlzjMZpMhw5qJPQGn zLuIkV@=_}=*xj^evDs(>tYo-U)?x8gc0h%iF_(w3J(^RpJ+}!>21pooP;4*(q$Ci_ zkb^Q`M=oX@FD&M)M6|4e|C@9yqJHOW@rIs!0>cT5cOZ?%wzT092mhqfjjvg+%5@Z< z5)Rh*vy(fwAjxv4Mp;jihetlZQ2o3PfOK5uTNnr}TFn z<3?>eKJg)BS{toF6$7MRnnlB>l;xn(*ScQHDx;!0ccON&;Vl|lDY>!~s#R8gtySde z$ooQW&(41R$akagzft!RSxJxKm6<2Gd}`j!JKm!d4rhT`LEa{5>si(6+ZCu0Kl=l? z5uNZp(>4yPn@PfwLk=h~=yqWBI>$e+Y#^dd8EbhoEMNmkrFVjWTOsx&6C{#VQyjn?6Dh&(HJ%liveT{@04_-a-V` zqx&WaJo|~#xLTv5H;qvNoZ+w=e^2KC$RtAF5r|JsL> zL5w*%5XVMaW&t9Jsla*w2ewEb^boFuiT!M_*k=0mtb7{;*~V2y3(F6uHFsHCw$a$q z$qneRfdo_k{M&IxzD-8vZ~GPBF#78dqMy_)5lu4XRhupSXrA(my&Wy<^L3z62Ww)@ zUP-1>N-BiC{wQvkom$8mq@#Q!9XZ-}AEf!wyD3PQMEqY}lDJB8N|uUXXjGHS8%{vW zz2!4yGe_}4W`)d1Z0CN zk)6Ciw!D8E1zo{kUiaVR9@?ZNg31FoG6^{tpX z2{<8ttwW?UV&}VYD6Gf2@`vvLd}Dvz*XtHU)7Y7krP{nyt>ux^5#T%5uBT%$@0F{* ztF{#t?!6kTF$g+2%|t?*1`g1XC!tSx&Mv|}3AgDsc2e%gi*WD7&Lf0)E+WAty^MW# z$Y!J-{nH%)17Lr+4YZ4NN2(Miq}I-Ob{v<$qQTvl(3vu|S}1+FyFTpp3m$LM4wRnw zd=Uf%`o6?uDL9RUy!?$PSjXG1$%F(v_h48Vc-3k1R`c)3)lNtwSkZ-ZSU#x%RdwMq zlBK64iw~wCpGp8d%9tBmFVI5`yTEHtad0aVn_!a`#S5nbr0Ym^UkXqs+mE6gY{lzJ zP~hhUD%2Fsp~|zsX6gafx~4&cERoxTjoEhY^}G-9ll!vn9JGg5mA0`XZ>v2rn?B~; zWbILnIq3)qI~C_o)^dFg<5y5Y56m|q`MSa91aB2s>%NG-3Kz^RHr_xIvlc~B1TBSz zCiqDS*Lu~ofBafbk`(s(JQ72?!=4VM2=>wJ0<)UsePso610{H5W~DMUExT&)p7lm! z2}^4{yj}Hs6!9K&Y&Hjs1poPSt-dhu5(;%+w!xRS(6DnXCw)Jp% z2B=IpytFuAx+iubW!F{yIr&q(81nctuT@A#rAFo3fA8Mq|5*n5*mL6=c=h~d@L=8x zB5epJZG>(XF^d%AfP0cAEuO+0CL99AXUpo2n{|pEib)6MwG&LRKDh+LT4h z;Q&6GO!rRNlS_#WHqI4U|8 z98r5=?@26R!qu~R;|6-U6`RVo%os>gC(1$9{vQ!kXA6=F@_e%CM?pY&`L<-59XjHl z#Kbu-nN90w%7P)A*NpmKQ#Ods1dv-ba>|S|on1LC4Y?!vXX|+gt3s zM3_+8pK5e){9ff~Jz1CtaEOw*N3OAXDgksAXcCf`-IR^~4xFZ^XLPb_ zt*nvhwR^yn5A~~LEhu(K0KxcxWp8P3|9`AB64-)9t3JW!KN8Ln%yArucZisZk--#j zuz^xuOmG2M=n0%j*cQ51b6%gS*2OX5?OV&CkjwbL5IJ6y?o|t|Lj91fHy9r!oF56< z3U-bU2S!7RV`2p@UMp#(!3%k|$#s}Q*h6+5S!h9HINy#x@VpSp@;SfX8D|_a&IQ|f>$uT@dFT;2M_`rHm(&*Q z+Aw2OS5#Zq1x*6SJcYEn=z|^YE5DmaV7y0M2TzdhsW_+Y#aE_ z9UR_YWh1PnjmVv=FP9?5)D$UKCsAPSG_I3H`t7es&QHcsBuHRz(miVv4s9eOO^5 zwu-6oes4}cm|vRh@?H?hDG9L-{!Of!ec=-~wscTZoH>dzF6Ld|!d1%*BBWXUmhPvE z4}@u-FRYL%>|gbbAH>n_^s-6!{7HfWCcuDX*<+T4pXQkn!Jrl{yi-QM zQjnCO3V4iEXaJXYI;Z;}_QsX3ED*$X=|~TB-!}Y^9>@iG-R$^1?K2c0St6ovNS8UR zm;Q`TRx9ZW!ZqvCB4%*?5%qRlTp|68hs|=a<0_nyGrMwQSyJ#$Y`rr|I?x=MG#%bV zteIGhJjWhmZ3D56>^PW*CFE3CtFC{ayKhV{7uw!Frz>5$ zWj}49^_q*(Ux9qd&>b(lZ=@687n9XSndSn^A6Jl}e!=yeg5y1WWR+)Q1GMmGOv~OH zNlBfdBN}w}E37>CT^NDWpv3*f7l<9IwGg=iuE%*wX zb3*;b{N}$9f)`?|kcC#4l9ZkwoC^%mT~UCt*VvJW5?Y&P z!hUc8@iII%Kp|}(kMxNj&|XsnK^iYj^|7~iKpY6pAk45%=e>QsgpP=gh|I&uPHP+- z-DemU)x!+DbQ=F#=yU}02qZrBBmdPQ9>GZC1BPQ}dL@M;H1f*{LG*p6jXAaBc*a7? z7F54h>_enh9z@AYJ6Dy-H9oRqxg8411EZw;_PdCy)^8e2+_>cTG|LKA@h6b3y3tb@nN|f64)J}~!B@2ay`ltZi^s$Vrc=n{0mufzVVL#q#g6{re4X+% zj-O^o*~;6BGvx>WN@S)7%R0buM%rPv@Cu+0m=70(*x9E;0pH(f&b>#BfsIZ9EvFt9 zQ$$Oj(OPuNZ2vVBp*u(hlKS*_{Us(h@V5ow>eSO}TNFz5Y}tJ<0P$GF`@JA!NvVqf zLF#td-M+9;^0zBqtt|LaQuCAJot`!|8K!R|Muy^gBVfT=$6p|MxG zQlc^#ZjvM5YuAa53FyK=2G!BsnF54#6M8NfeVVtHj{Cu>{RZvd_eWd;v4o4})Nwlx zmy9Oa4&Gos0FQ`$z=NI)=++p}l*&F#s;yA{?Az?Su&2M#*s2ioaN20NuW_|2%Kj|> z#o;9@jqIO9m!l%wYkG6d?B-;xbRzHWXC6Ixph+#26KLYgyvFnvuo%u3Wy*>q%mS3^ z$%w5D9aF>+?V|McnRP3TU!v|CSUL@^`R=>dP}rFr?!@R0l4??1%M;Nimu#0qWVF9T zzGI~4=jY`wpZ+==_J!|p7tzpT%B5pN`fgz}lIML1Zgb%h6Wlm2wwE8n`q#^o=7q(k zCcjKs3$QJwc1AZg>r|^84n`^&QcsB z^&u=3yvb6B9#anwPp>LeN#Sso|5AEoCo;arlR-h7n8{%dhQQpdw;YcgQItxdW_wp` zV4Ws2zrxkhd!EGfGPWh%OKUZMo-{XjZI|kknxU|;rRs%AIjQ7y^%$QxoLe88TiIjcch}5Exzta$Qe>5U_H8P2oswHvbcO?J z_-MdkN8`9m@cA8L{Dw`CSquuK;`A@z=YoXt|Ncu|4>AC{RdMwp8zp9c(excwJ+ZUv zX5Zp#hHn-CjZ&a=uYH#&KjgShnqKEH(J=6?1EJVA!{ zYOlodTl+W$7M?-z5UJPh{Kd1xZ=%ZW>hhxT{r4h`-|dCA)_Ar;OiDGk-AiF{oAh8hg}c5@EMsZIoYTaexmjQWMVBj?y4Ws-?v@&dGwNvg!Xa4% zK@=}Nf)2|%NjVLC*h54D#TA<3;X8KcAgD$=2xByQRlV+x-z10xN4)Um(E?n*#G-xfNvGT>NqZ_&^;WiSNK+nOgzL|c$5S@iQ!nN8Wd?Ec23-5KZEcNATNBwk zDnLz(6^Cot@1Xp+vO0z1m4sW|uYDq1j&Rds&1+F4+$z!{LqE6Hv*NbYOXD!Q&OP2x zg}xuY&3u!I&)afvLZ(S(7Ktlcya%$ZGHZA&y15^_vG@@!+3C|C+)6lZ^-#HK8oAs8g(o)Qt zi6?lF+smF+k-_3rHfhLb-dI~Jl~=yu0P3_RwVbY!^n{MNY=Grza)`<4`PKCe=dR|B zIlf!af19iu%at4YurlR7;D=n8Ik4gM|MAK9O||8&KW`zD5#_!HAR6O}u1$@sfd)t88)B6DC2Xnlf<`KeXiPS3^#Aku3x*Wt1@f~G}IL$ffw}YF|F>Q7FPED8l7d)i4_JeFOa8& z;m(g&pqx%dxK0*Y38;*pj41y#^?9!M!h@R^!SJI+$fQh z#jhFQlv4MmrEA;PDtlnyNlgN`#jY5s(@h!luFUvdyR1?5NS2A|8Uxn2xNBaJrELTI zWyjMto*7~LmY%Xm*;EgO%2@g*6{;i8$QLK(9`xftm)(Q}#CtnTmj!G|C}sFH4tWeq z?7R<7P!vAN<#Zj~&zn;Tugv8#Wsi&zwpmwqqa!q4$qZ~ww@M{eTRqV9=W=jT;>q#S za!XgW5;aogeyJvX`JL;2-O^8}i!372EbO9u&P7-8C_QMwV&qHizEo2kN!13PTm}kk z=a$tgC-t^0E9HpK#?X&Buh}}n+qq7*@y3Ffu#EQE^)$iOib3h3&eT$EYJ^uQp(Mw_ z0Z@V{WBrqWO>|3#mkyW1u+I_YFR1{*cWGtbIm~GH zL}@U{j;9r)oM1*a6X}MPmR=+)B|}zHgRJ!6;e(c6@|Uxv-RBV*@V`?xWO8Z5Z1BS? z#ruZHx}YILA>ujzZ^B9}867X|t%wgST{c08%_w2cRO^GIX`b8nV|;j(O-f&{wZ|kt zI^Xjt%`i1LR>^GfNu=hoxf8S=_wpi&hp@k5*;jRW#lJa-qF+ZzdcE+baX2z=bhGI9 zfksp^yQ&cGlzYZ$rO=Q(3u}Kc7*Fw8bq?|NT7t)*NI%^P9pRX|6#<+vy>~&d=<7$^FXM0~6NqPJHuB5LUyriTB&crUx52^)g1Z3%? zbO!wfD)qAwnK}h9PqIg`%Bc>fVDu44Kq&nWMe3qZ^|O*F)eh^5&fBtLpj|Oj{Gw~D z1|+Wc`|EyO7IYj0K4WtLT$AY;Wx4}HAP*Ohf6++5Op`dYayJDxR#HiA~ zT^T&?Dbr~ZK*H3Z&+xnr#c$d+e@@0Jy07@8O;$ns`hJU)z*v3+>mzn&=w!^BrpBv6 z**Vs9vW*;CB(F2XKBb-E9A6mryIXw9%D}&=$ox(Fn+5*7y1cmt=QAp*x+y%LStAJM z6;0t)x($X+Y4%|p~`>XS1W`67&nJk{zQ)xgR+(yapEUGmd2!bz?0#XXLHsEX$eVeJ}8@EEXuciB~k{R08!X8YQ@np9WK@UJJs$UoJ_rH5WP(YdE|df`;N9@kqV zrw^O*6BbVh>AIdNOxD#fTK4ZvvXj$#u!*##wprC%s$ag0#6vH5+8HKXW)>3V)zKYsxdCy z@?<;g{8JH+yEm^1Q<_dtIBmV377PzthP3TIr?5UZ+(_c6h>db2=5s8$QNZ#8-mE`m zmGa=Z%#`=9(dw}IinG(SKGVu81%GP+#DsA=L%z<1o!n{3kv=t(ZkCE0mPLO#ivRjJ zL=kMp>y#-o(Pq|zT5`JV6uIt^h^-u)c@a+S~==nRY1Tdu#J*uxJgP_CCs!OUeZq-5HlWRbE*u5`knKX-GDC9-(<$2zAF z9#8-0eF8WEX@TMe1(`Np!EuNjGjTm6abtW)8CWV_`1Obz|EXH|E~H1|8TElo8_a8| z5--Hqw45t|WW+)}wIngH4b7iJ>!{A)On#id=AT+Wx8W|EBv)a4x9ESWybMno^Q3Kv zYum|sTJAPLa%7yDDw#SuH$~oVdOZLe3#5_n9upaHOS=#Mn|zYyPO)`~K~$`x(bkc| z0u`0k6gQ)Tx=e0VI}$OlaJ)4tnZI*0X0Y@JC?mNnG)pC68T%am?zhGD>`b_Cnks%x zzS}O+k%(+-7b)`Idjp3|8MfJQ7IFzxjys5AJBg?eaVI{QjW~4W)WgfvG*sA}L>z{& zi!Uns3)ZKgCW(pNOpODeeT$~{FdXIcE5@@!u2iMl2dRQKtNRHX7jM=Zn>(GYm z;^aZJ6>8EA?_G1%BN6=}Mv73qic!bi5*(DaI}-#n)}2EIZ780L=nV1%9FIG%UtAaC zK)T*14`Cl{WxW5apf#sgtNPa;jl{-GrEWT&bem4sb zLxHS7IIE@2xa9LHPi47IoR!NAO53=-9<}9m-#pJf<7DA|&;7;sEOP#B%Ty@+V(q75 zc^Mn!CKVCyB3m7-O8@4nS1eo2W5P?(9M_-f07j<@Q|jcjX3(637FSy>2o;lSA)~BD9pcmuR}cGnT{(UO(kC~%5VpBo2tk56 zTupgyM5VF-2vvTY_=`|n?}xi{*cX*C8Kt_vN3Y?~pTZu7rSu#5A|o%`E!#Kq3QOf^ zzV@ol!a}_^1N1R5yiu2#3z<5;{h&Oa0~z{CcgE#XeC5;OSKYWDXaxJHg0I|5DgC}T zVVV__KIQ#?`fG0dLOc`?F`xU-=ep1`Ha9bOms>?IRl1hN9y>lzq}hz8jA1t5$kSrH z(3^V7O8jWVgBn=+5JRl!pIqyrJ9rJoCE)XWfce-T*+Z(^A^8Jq8W&jCz%yO>RsCDv zcUSSOZo--h-A#B&*^iK^P(bp%eOv5#dAcB_>-W%nBzP}OzRnavhiko9@AxZ-kR-qD z4!U3F{NlYtk(;+T13AP`2dy04cg|x(NulEjkC{^Oo(k>mk4`LM*lV3^YHnfXvH&oX zgf`_b0X%K5{7Hzf@9#r-4GxZ09OBO^i}3s4-Y`b9ldH84o3+A?sdaHr&~Sp`$>7{VUUkXy0?;wfHZM~?Asg|~1pY`{g^5)fbakHfZikotY_=aet>9GQpTXS8- zc}wve@2Xon$$<-(L#747rxf$Az(iIHP@?O)m|4%ElMj0e+y(mvx}Lb>WQ+FM|GfM7 z=gKF#!U2-jxViEn`ifFJ0SPd_6g+KYw$=M^>I%`Zjm{S-zD=9a@soQjPxM?Ay?zSY~n_k&Blk>)jIY$-!7lUiuh)WOSy zkpf9*x?=f2%T0tuGSln^J^O*2J5Gl+Az9}4*geOuIY>$UBLOcw@Pl;;EM%%m1tbB1 ziq#P%6jjZGHIP@|NNxx|%aP9(Hx?*8*(FgZrMb@>F=O`L%g4O2ASRBO>nRUjN)+h+ zpAy~9lg`Xd`(9|Wk0NRuoWE0mv) zdC#1Tz%}btZXW|*<=g%qR2VjRlRYVoc&N&NgXs8%>Tt*Cc_gH|{7ApUkRK!LG*6I% z3?B+aZ;iBt??2);-QAst!iRsHddQbaq&M{kgp_4KI1*CeHlCh;H~tW#VrVFkP!c65 zL%Nv%iwI&<9=JA*@aS|R*HKczq*z|L&v_swAG_XPegV~J^U2d@orbze#PG@*^sB`e zl+!P~(5rA7`y|9^RL>U_B}0=a+}ybi6RsdG6`$Q;)!4_6%-w}b79*Ti(f?D!5z+VF z`-rEB*-ySXm}@HL1_a>MX8HMYsTCv&pY6P?Y04HE=h%`YbYssQbOog;FYWShYUau# z0~^w|M~;KgE0!0(mv{NEymhzuzr>R9E#=$0n-?F+`uAU`ZuRCPuq~{ceSp8cV+yx) ziJJEQa?$6DGL5Z7&bl^}#1Y#n>qrTM3D;hiRvD3Fbzg%4LO>tXP6qUyjV7<1TKBO^HV3kLtCId@(`gR#1lPEuM<_f!OV zDm44^FHsr2mtHQbCz4+`rlQt-H20JrW&)$e_X*6l3|*8=N}8%EOVk(dkG0k(fPFhH zn8~2e>Xaqx)qI!U+e@;^$t~)3@)TY9zR^=7bGk5pE9`D}t?BV0M2ezJTGs2p8g;Ar z`_Kk&bOw(FMXt@r&CCFumP5|sIZjkO@`03t(hzLfvu8v?d{S`$37Cy&FNqWW zKGUtaaYlJ=#Z<-hfX!dFIYzassCu8Hoy zHEyd~L(ZghM>9Wvv3|WSh_EC(^e)mN&7tB-Ec6^*=@G0p;0SxP{%P|X zz(JK|TIZK7pX%x?oD7>C$SPg}E^g$gv%a(OB(d9S0<_^JaB9Jdm1r;jxjMx=@PO5S z##sUqXGEm*$Dbi_#%1Mps0y&KjughR8)P}XDXa_H9K{!Gbub%!3r`8L4X6M&^DYGN zq4~sf4zIur!hSWDID%Ojt?wy*wf{S4P|*J+1z3Emr6Svn(- ze^Y;LbV4&O-XPJbe&t4R;H*a1We+MWY5cE=jGY!Tke{jrOF!u-fvMxU0OuqzGgm(^ zPq50C#kHeBm5=b6Km&+jgLfwCSrN45-|h0a4ALiLeH;uS$((&dDa|Xrdf=ZyI&41K z@waJrSY?NEfR!?tlz$hhG7obF6^~SN9-RU_@cT-uaYf6CwMOt%JYSyVV|N(*vi^+R zfzJB;*bB6_TsyhoKK80i88YhJ=YiA(C8`L-!U1> zg;Se+q0ikN?x(*FE)yk}~r4%|lP93^+1a@B2Tby>(R8Yuhy{ z3lIyBYCbLx}Wbm&tC61 z?-=JFhr0I|vhH=?SIle9c}0qcJM=Ad;y>ejbP-}?W<8$e)(qOTR_h?SEI@ttnYyA? zL%1Woh@CcJNSB(ve$unAWNuvGYoT-M#oMbSoV9#Z1`L6DVT(FtUC9pMYQg>z`Ob*W zZ7(O(rHmi`?)77zjF_JmUnklKT8(sXYH~X}8Uv0hCm$)~v7m>iwVSW7u4myspAu4t z=IL|>ahTum3E#ksred#t64JZP&uXbAXR%J8a>+h_5zq7XSRx8}zA&WjEDtZM7haab zWs{$7v-XklRh(%TRU z$cNY@0UR^)=JQ_Il%B3YQTMJ#jP&iB$`c;>e0Ti0lwu+%u}({$#(_Da-{OZ)JYiuP z%++_E#YgkE{~c-2bg*%P$ryWhB!`}-=MqKCom-&#Iei~xVq&ry5Sj9pkep_CM|FJn zx#Wl8n2nCW!0qw!oqfb4$mt*VSH2TzI<=X_bUmi6dvMn23?zc_7^`IIR zAQoS9UMw~Tz>6L9p&x6I$MWBg?5idePdwo~y8?=d>|oxXD|iCaF-p|GN09>@5i}Lc zTg9m#Ib9Ye_}DrBqE(oJcNN+{EqRa&J-*HC&Q(93 zI2^9E6Y%#Abx zi&-#@N%o(6`+a^#SMFVkL3K$x;Cb~oVQFg5?ei=@(*wK%i~;GO;(Y}P9Lv6N5=Sv! zEUiBR;ME;Ro3vqTuq3pTdg%JT;ho7&n>%$YI~3@7Cqm4>t>&787!;)knO~v~djC&J0Cmzh^_oPc#;%#QbI zsmdwDW<(}`P(rA>GRaR@X3;6%F(ULHuPXl%YV-7Gp`S!yELU08U9wJ#Mscdc6Dg3f zQ-jEeb@^Az_?|My!KPBsvY=hV#YGV(MSm{%#~c`MSfVc_aRt$56H=vvTEB7po%hyz z>7v~j>5cCDA9!?anZ8O|;hu4(@AMOGYVA$~-pFUHQ44pL=?gF!nKR;279E=J`|_A( z5btJ{#sokiUb|j*BIS2&FMo1twbeapnc86VQ;yMW9DhI+;12iprIx)rdVUE%7M~3S;Rky&G9RvkB6pOusrSYlLjShYk*WERxAEriSfmv4txY z-zPWRP4=cH!!NY0FIYidn{CnFJo8!1QxOSGwg+z{b@=*22qw?c+(-|oNxi{~Uv4n5 zd$?lYwx6>_Gd|O_T%B5wEHm@5Btt0Db!fqC^NBAN&EVilO{Y&0?%b|!%kvRbP08Je zK@Z7T8EgpUd^o)fXhPqOs-XMEnLupViDV9(QHqpj8xUxCkCOg6L*4SG?bOcJLLwAf zG$Tass+1GmBIWxxzaf>8BQpf)Sfn(nht?iM+5hhSL1^p`vFHG8rX+*kvjqu_N9Ogv z-Xn5Y@q=1VM^&Q`Usjn372nDlo!1rXw3?cM6R&L9^V??vV4N0VLAEXiTtXG8J874M| zsoU?1TR?{qhwT+wrXig*Labu# zlS_WH?RF^g7jhf+@V3fM!JP?IzH$HAAiY>W4UuIHwUIh8)r0YCi6>|gpKrD zrsv#9>|cMx2{<-drVfq0NR6eeN$mdn2KW#m*W~?a=J)X^bui%WXirCc@Be+BoKKvM2sej^#KrF4+)DQj z;HlBUt9rOkeC))Rvw)~@f9jT_H96U7Pk!|fCZ&XKD2P70L|qnOzQr*D%NvaciyA!Hv?Wh1Kit3+DBgRLRd2MB_t;9ixRf8ivC*6Ie6lCc zCgFHq6Z8ohhCer@hT`MR^~H{^VaxQ)j<$UqH_j3L0a}YlvABmVpYEHTRSd&oKtIg5 zQFmw?GH9~}|H&4{Vx|W?z)k{6AZa>=&8NUI(}%P_U`eND%m7991D=zzn0DMrB!;6d zzx$~jS-u513<=N-Nn9m8lRUyFD6mfN22Dl16BTessf6}vHWG%cvyXW*xb!UuEV`fw zHhc4KzK8J^LLw^4DjDKNITjgqj!Hd(6Mb#k2R`6f47 zw{{?DVj9OI#d5|vDkDPw;3X?7Ypsg;hw{#7ZsTalkJ>CIO3`AP+flG>z0Dzp-zL{A z-s6W{{~dL;nSPGLchVcggFLzQv1B8{#)Qu!mBUPQy`^xK9FrH_XS#9KtH{v?cwRJm;dR1n!8DwkUw z*~u3R*@C3U|8_Lc^6wuc!ya?WaHN9JHQ9(dPumH+)IRl0p3C=Tsf$K3|r!6Ig zXYIt0bRN^i#j&^y2o(iKD}8%2f5+j_g7VyrborbGfiLl>giDL6L!G)s<#=X6=m@88 zn^$|1?ofWCTFx6xUL%)lJyq+xe9zxWauCMXwwtm1YK+2%)vl}EYfV>*P1d40e!zQ{ zNTfrR5QS>lKbemCM1Ni(>mT zyW>4`CAXUe+(u63&2;8unYP!-2nxEsz$fmm{c$NruTFWeVr)4hAi40Z%J@MUegDAV z2FfJhrTA@GRqZ>+Cfba5EM2^T^K#?oljDSYKg0SrLJkj19`~CE;CgM>OmDQ38k};p z2&frk_=OX0C7SpHo2jjFTK-vI;%7x)e~Bin%eFkz*<%?eLMTVdicEtM=R50Tcs!PS z)r-WvKvcggdcyMDcb{e!gtwDkhvb>ENm)$iJCAsY!a`g<SlA?RHaqx5383y^^in{oC)f^$!k8LvP7m*yhzk8ZVwtiNQ&dL=xTh(Y`PFv< zInV6Qi|5x;Y{=WF#E((nJh*JQ7rPitZ^LIf*I7{VeNyBELr4j{U;c?B&D zv?z&0BczXL4bIX-mhimvm$UqL+=fc_0$N)=7a0oDMf0k}5rh#u8>}k1EotH*JlKs( zzCJd0_MH0D=4xB#SfGY@RIy|+OfdNZUjlIMd9@_1_ejY{(rkmj)h#eUhSh(92R238 z+P*rK`k<@BYei>&qnE$7tMD4!yFl^b$lRU)nj$~*-Q{Bs?OIP)3|6$`wy$ZwQ)o<7}C`Dr#`?pixo+B)_@MoZ*%@_)FcqY zHtJ~yM(!AK#c5v=3kULQ(CarO5{W@b3MUEZ#+1UTZUU`X+Q^jj@9IoUByA}CGzkBU zJRUM%8Q-f1`fR2{6=&pW+iZyq^04JP*YZloXSNSGoUV%0{dx;17y99stINaA4H@Q; z*PUX|@$%|U>^0n7v;6T~1X{Am72{r@PJSde#YJAcY$CfaS4^pOe~Y)*&lh@~zX^p5 z)b1U){?~JVvwV2a?>&<{{C&f}t~OQUV5L+sZqsYo`*%4F^V$!G@$M-r;oQC5y}cq< zHnto)eR_76o0ClenJXfbPa0ynN~Yn5Df#d{#f_l#S)C4qmW|53aq^AexvUa7@l|Ka zg=IJCE#QvRqzLu*{ZJpTtuOf9zl@DCT@sN49@FPg}vjyrF%Cxsx*>GG>kVH!E& zqkX$pPq4|3WJyJhk;~D?3Q7VO2QU4&Rn_&xofdm&Kg2tMO#@_A7FGeEDf~tVT3`yd z6R1goMGeR-EAToYGe`D%K<5uM7xTx>$R_QP^XLePsO#6T^DKUA)a{3OZN!L2ALgb? zL`^^?vHyv|ZLYw-r_hAZv)s18>vxPe>-@b^*ZrRoQ5?}@Udzct`K~&FJ&pvS*T{4V zUF%d%xo*V^WhO`yE$C0u#rjBC;e_YuX8F^3=klcuZN`f4Z%)5R;Qm;;p&Yq}19Lzn z-~(jd4q*g%_C8eQ?Us*Tkfej-WVT05ooTRZ!?S}?9#45S+T1BM91jk|Cp?F)-^d&o zxaAq!lfRO|)J8v^7HWkAxZ2yQ2{o9mw#6A3!Z2PCqsxc)kFzjij)AfyQU4SLn5cGS zWU5qDTH6v`EbMC?f-dHRGM>ELOa6D39p7k*#&=VRHMW9Cu)5uic`T~;R@<9Lg>=A| zc#oD8h`{E?58CMPc`ECHL(Z)>1>{+We{J=tM+TbytrWK(TE>XF<*)!y4#a%L2~Bp;M#I`=Oj}uPP54N0JrSOjAuo!fUK8;Ak{-cT1I)-1SZnw8%PZLY0 z>h?rP3eP**HdQp56uRb~1Wro+zzF?XNoWvTq1)!M;xXbHVctB$`624Cdd9$r3jkK6 z2&#FJLIqE={w|aYSC5+rVoFslNUDkr#T`Xbl@8-=dQ5Q@rt`qNn|%8FG5pBHtrSVQ z;F#|&plSFebzfF6*2)Py{x%+qI45ZWAH5Gin6`$5BQD{uGXWc2+4u2$LaK=IqB}?1ojJd8Blypra(&th;mPXLV7}`kq#8Sk0p$8n;*^% zT(59V%e}}gY2mb_*tvDEf4IYjZe+d>gVQ0`^DWs{M|ddAq=~jl>)a>=?J5f$?DtD* zF7HzLDwzxS=@gQ^1c<3=e#_!;Mb&}|8AJ5P!8+I)YE-fV1I;dgAEreB8qTM_hF+@i zM_l*ML7;&|D3wOz#vnR_l8d2(g4ii4P%T9u)zaO`i$8?_udfWN_FXNqPq( z3WnD3g?Z81)8E(;Af}+pwWhr|S9x-p!I0XwgMYby2>=H7R3g<5MF^*Yv4jz_8=Eim zg!EkA>u$~>?5M(uFr9odR4EBF%N71QX*#HUEsUkJ@NNv5f%JmZlanOh$E&OVd00vZ%OsQ@5}mPU%Pa# zGDxHeDa7mc?#J=VH{z#qqvixo=ZE|u;y^MRg9?HT*%JK>S+eAD9+*YMXe|unYKeL? z2(8-z;ZNh(Ap~?Y-P*?(0(5l}tKX`;JhP=w5LU4a^k>ENlVt%Qj0js<{KZZNBtFG+ zE-*Sen(0dZQ(G0<+x!{=60|8UaXU>C`{IXvHKJhvLqc%p&Mih(q@6hpP&0f10zMOM(WSOnm5ALX`X_jPXo*(XA;&FK`a<(H=1 zdD?t(J{cG`zcU~7IU-&%>@=)wz08IlN;?O0qC#&xrP)A8MZsO}gN?;cm_jf74oDtt zWP!`)7>Va6r<`Wnd{JqH95c)C&ZO%jNY-yg24Lge1}`5p6QtX@PYoDseU72{koze8 zG4ZTB=>LuLT+u}To|!;(S$k$%1=ia^5`b;S2ChZ9%SSf@A!j;InFwF$ZE3!;-dK3= zXS|>d`|d`CaSvbhyFc;m4CkZ%P1+W2%gTtn*QL=!4d)G=vHEeEtM^|t2Gg2QZVml7 zX*K3PqHELjRV44+t5=J*LYYMW19zMWJ9lnpqs9B$;eKEUQ>H_jqTBR-aGlCk zX69REjIDi73IM|_*Bo|U>ieJ+kzQT>L8Q)LTuipyWGW(8)M@X@*x^j~yy68A}QR^~VUpZ+@eYvwBw#edKSL?~EGY#W5Ip0laV@^KQ2Z(nM; z(wMhivh>NEwu}-nGd+7hKDcxg951Lj0vv#_BLOFV@x#Yr4#C@&{WfY&xm%WHc53Qs zbHj(5#%pzl)4{b_-=y%ad~5fwwQs50|8|r6hWTJKZ{@=bO;yIGxf^}AM_mv5P4-6r zX|ZN&g2j|?KIOmHC~%5KAX|KIqh!AHdZN67>eOTeZov7DE%me+7i(W2RD-&8TaakW ze;9X@wypc^C7Ve3g;!%!;;>x&HY|X5`B}7RdK(zT(Frk9(cpNNMu`v{H8~)QY@}vm zSigP#E3#aMCzroU@D@yL@Q7ZjU@GSkx^|(8c4)E2Y!i@0t2u43Smn0w7!HPG%Zj;l zWq)gr@k>{VDD}!|vWlVR=&r4WExo^|Tl@Yg8YfEyyF2RsHXkkq@^vp0SrH4d^r!Xo z2dkL}^WFxT4N;q7ChlEaj*DG`s~7v1h2FvlxYg0se8gT~gIyDH{NFm#^W8^)knW0L zmwfMbcAUlzzGC;$bZzI=tJAK>rCD5^Gk;IF_;S@84^Y!`b&bm=0Q!VReY`F}49-9q z;m$)Fu>oO2RH*cnCNUN9Ni2r?Zv0iApmId9$O$`AuenY?jB*B!IeRW0BWdz0)A#M> zKC*BwzHY!uP$lMJ$ApUJBYya$)C9PL(AHB{$v+apSV!L1^@R&83;a535TQ;E6~%0z zT1x5AtG;l7S)_W>t^jg$rLOj2nqoXq+(ks(LxFQ!;zrmfRnLcd$)9SeBpsyHL96N) zS@${?p#qeL*Qc@#JI;#+3s5l^I&)mk+4*E9dTB}QEs;B9dCL42GV1_|sB6i7mfxxl zzphs}vpU-BXq-61JXuKHV!9X_3RBTS#dEAMx&Ce}iX=7Ad!0h{ouGIhC+(AFCr<^W zpyOMGPT1;FiN2@`vzP1IFs~T5UTp1XYa<9TPh^FR;4_MNo9{kJ$Ka(akyr}XtVjLD z8cGo`4l6lR} zmZO1aak6_~bEEkewfbjvjx8X7d>oCVRQttn9eiB_!^#M0Ps&Tj<$`o;NyQS^KS*x_i!7!r74@?BZzo^xJz9c z=f`{BMG!oJvOyJznP?>>K@l{WV5;*3=&QMKsZ#GBq5Z zMjgA+8%vVu0f(vY+lkI;)@~#^(S7EMxNz)kQnZ2RJ`6U)95cV}O+4n7Ntdg#9e?mC z6MsNrVy$hrWcL+xFMZU0fRCw+uXpuIkk_xtgu#MhD$5fD=DBT_;pwVr zr+DLszmoDT2&R4-m1#9$JURF7Hqa`~(=({^@&N24->usplPNJ;<6AQ@;6OKSyA1PL zt<#Hdhg-)uzdS+MG2821n`-!F_Wm9Be74~V1)&lnu30!^1g1EDHkn=tNRwwnyU zk`ophn)&wahdl=cU#0Q>8CI8LfhO%0filMgx0)W=Cz50T?Mq(ozu zML3<_zQm$nF0R*AD+Q$jE5l)ZWEoyyfQ)QRG<7lZ-_q2R28fC*a z{*KfYcdBU_i0GBh&m;%|3|2dgkAV@`Uvf1j>C5If$x&%Hp}H@#hk;7fgV5k z=?++r>N_$l@bt-j-@YYu`-Ugp`L-i`=v|6s-^wI? zZ6Xt$=T{p?>)XP)yuv_AnY`;Z2U{xl_z0`4Mksu_a`pJI9MyYyrAa^D>NyI z_xv`#vBD$=*w%31w+XlQKNw1wfy?#9i@;r?aI_$un+Rg2^^L}LqHpe-j)6oD%FOO` zUobj;#(nz!jlWV=xTZj|ZmXN-zbv0h!c?yg{RuJL$i1ZYcuY4k5D;N`WoLC`T<*TKzmVtDc~ZQ|;ZDk8!z8{_=!asA0hZIEDnHWoB% zySW_2Cod`t64M;ctijucy)e902MPg5_eDH~1~ZOUgi#Y*)vr`JbXn8OQ5w3JoS8Cp zfsMy=M{R$2EjSCxbFVxrOOVTtxejC-XQ%mtA4UH%ud>e}awFIFoV`-mhO0Rq8;BJu znr0Pe%O9n!k;vC>-=miGH&#^B);4Nv#BlS&EUL_?1(i`p}A!r z=U-xn&4${z%W$ncsLVg_X&8%$@;n8qV{1dgO~8?-vgQKfgfu8+f}(u647|4wIO0|p z2*n}XtIyz#yQ-J9Roz@1c0F{qoB2iJxi#*csi0FD;~js^>V^LPnw&wU7!#8c1EXRU zI|*=psvj>DIU6Y#jOka%fvhq^Y90+3XDcF=9=V#oCJ`QPBYMA7!1H0KH2CpP*$Eex zWrJwl7)0w;E8HKRXa+xe3=}QGn@BNLf^hsxRbu^-Ui?3kjz7PfxCi}Jtca+^Rt6NQ zVn0pnFadfvG*=K_Y$*tV49c8>7N33~(X7~iRhniNeR_?FSOuoESL;~D^updEfUx88 zQAl<(XoVG!fhbEL|ClV>6_pH5;#t^^w_865i3be(DT+Q^Y94;Gm`480k$1QsJ7O>xl)} zCUa=*9HqGG>+Q5x&UfdeYCn~^7- z{c8|%<;K+Ny`uC3QK86$n8%Nz2eNKuA}Qo5=vo`^qQfyPD?goIf^;%;#0|d@7N7TA z(Z5&pAlGV>eEWfMr3$xwtE5eh(W|$WWo6!-YR~F+9wMlrgcpjV ztkvG~=>Kw!aa@Z$pc+evV6@`9*nIsMKyL%QYNpe^SJ}qhzGl1i)GtK~y+B7vR6i#O zCHRz4l{U>i%|4g&vq}wkEpfv@pB{PwYq#SGy1!@;JQxK9gEI}E_>BR^t!K2jh-NY& z26mKc8F~P#$SIbT7lr^ODAUN+H?*1Q>1wva$h%f*SuqhYFFy>S} zcdx*;c))w=1*Y7KEHwrJt~}i*skGAAGdFwHkHUO-ym@>)CyO*TL0ATxUQUO*cN-lo z!rG_{>!2)gn!I6l;?g^su$5ptd1~5sudyoyi%2qowCqE=ZD^Hw$|Rm|H(t~z@wkjr z>C^XrBWw}bq(kOPMHoXqPNRHuMr(FRkaeYJRjKS?Wn-r(+G7-V6_BmApH&Zmu@1gN zR{(zLGh&;oJ*{zm;=C`LIa9G|8nhdI+rCs?{dD6>0?%HlcwV)=SSDeUlTL;>GN3~k z#m2&ZA{fBoiAWe?O!QnTkCSq6TIyQnE4r6|y&n=43Y{ea%Wsy( zJ)*BP_~myDKgK7^jx2%{-29$+V9?UiUj-v0dVjtoPSWI0F|ZXg#Bls!_d`h&U8iZi zx;UL>FU^?JCEJG`AN@{ty$K$-e@J}RfZtaYI0b#H_w-m4KxqlOht^ z$ojw4U-ppVxQsx+YkN;-TM;-P4Z@Jy&(_jmPp#NlGgy|B{}{kzr$`jJJ2J#)fopERxbl!kaxxz*&@sQW2Rh60Ztr zc$V|s!Q)nnF{9vEJUwD8c#UxA)<0e_*)xCjWk-VrP_kMfb%+Dw$)3c|?WGeiF3YhN@sdleM$k5&OK8swXYv$R&g5^gni18k}Bq=jbh; zeBm*?&W>nQXwJi0nX7|IFJ8!k2slbSB=~!Tlz^dqD5lVB_!MG}I&-1l6@ZxSerlRy zrtT#WTpbL}4F#ygHRLXj5A4>|D#~BRRbLj!&e>Irq^9Huzp=G6v#Wspz(2U}-CR9F zLPuyDrC%0z|KS2q;0@58)?Bn6bJw*D;ciW3B7TW@4qy}dSi_F;0u+7rV6v3fZ_|Az zSiSP$Y9Lx}l47hb%bKoxyrA){zPs;_(Tr%(!?7U)!;jqJ9=qqj*tpp*O!-YOU?U)J zd1vx-uCo)?5h-i7OsU&^bOQwvTwr750(Vz~Z2c|(CA}WZ(mQtnmrt)hg5QB~PFbcD zd4MV5{I90zfKCx!9V|9r@h@tdCuMB7e?Ez8qx6U5A&7ayF8un$zqakNufGT~Al=xA zHV@<0%uSMkH%^k4PIP>PFaGGh3YF~C5ShQOOnq(=7s#dE%w|n#2Z~gumCQ1>_q5KD zlkZxEUw{98ZY1Ne9}#6rOxjqYGK1gm95Q~Jy^S=3uVx8(w)bAD+Qg>xA08AkSflFk9JpVf@w2#so=dr1vA$(f z6)H^&bymG2?wCQ545Dsum_kTtw+?GB>8ogG9`1P8^^NPhcbA4#*{$C2JRI(b#Nwvu zBcKs<)8#(1)K}p!ougAsqHZx(9VKQ^F42komdc2~^jDe$^nf)5SGE2MO97HYNCDz< zcWrPy*k6@{=h}jx>5}otT4&8~t;CMb!9+!rOku~&=pB|R-o}0Nk+lEs1N+~>afVU# z(=l6?&UauZ)3AQv_)at8PTaR3lFbGQy-Yqp{Um5Rg6)m&Mk9_b^X*jP5>h)(1xHIk z*ipmX+$HwA7m8y4Dx#fO0ufBqcm4$2$d&1>8?$()W~n>84a{fpXs#8IAC7y^EeTHv zzEw{Cx-`y66r*reb# zB`|6T-h|qUVJLKtDCG8e%^?t0`+`0Iy)p z@}XMrCSrg0ufiFkITnmp<$cDF6?45@|>H<;)`~qu5$uA|akQ@9jr8Ge> z>j?+N-9+^DtJjm}ZT&dfy~{|&iWurxi^Htbnu2aNPi24{VJ3$7)WI;;bo&0mDDnKj zN~=)s;&Ou?znuFp{WuDh-&vkL}{iN@VK}C*nXZvk^ z|278|=md5vn1aD5kk7+N9ofeOajw`Es`C#>*i1CTqt=i!_ho)%w;C{3b%wF~wu5mp z_G{mGn9|fEQ<{9=ZgvcrTp|#8XSY5P__D&8Br3*(q#pwPf1gOcBBU_5F$RI-s21eL z{GZ1pTyk!>Z~wMRbQiFMH%3KD>-=OKORRFv`bkLP0{qyungiAHpUz<1kNpd>hD0J6 ze;cShNlgjet6`SZ@070an|Ho_+Q+_sOVs^gk^P{LL5oYSiA)!(3H`{seLUjf=8yPq zD&~W5MAtqslxDuX>%s6UN+X>=0_b`ds}P4Jn2k(QTd9}4l-Njk4V1Bn477}+Z$QXz zHxM$f8My8|>>7CvT26oP5Zp!X%4N7K%E(>$%R$*aTHJ!+!~d`P+3eGQ#-Zy6eJ+#l zJtwieV9gLKdcVx3BOYQ7_y>A~CRh)ofi%C(F)jFc*Rz9a7b`(7!XfGU?VbA`aXdkP ztz1eo0ws^06u~xwn(0bcnA-yNxYL5+Qq7wB{;Idv!obd=rpv~(_9-(OUMUkmQ+um= zfR5K@X%LmnAH5RG25&7JKTq0=uDaFx`cb%Lpu9W8N76tBxMt_4MkxxjL0S~C=!$!)QkN=`V zTQTz#ShCWu&LFm66F9zGeGAIc>a|)H#yB!!zXrIqE8J>G@8@b64+U*lj0%0|6dlNL z$x5&+a1#~QQhsUkA3nX;=rD^IpLARF@!zK0>No2dQCG_7yEfP5i=zM0@vBgpoS!&% zWTOWocPEH%$H2gWvHrMX)qj2Pqdz(#%s55eSejcX5oXd`-KiS?dOygu^5DpS(1LZD zUc}s*$4s*L_)YL1ad&k31&%=IC@pBQ@gef6a*Rdhic$(rRq_YUrFCLg{gbOgKMraa zexYXN{==EHiRel{niS>MyJx9}!mD>}9~rps>b5)OzW3&h%En57(;m;k`f$P(ulAEo zTSgJbv%PW~<~A0--=M7}5r}qB2b{%T1`?Y2KiX zMHgDo7t;IRLFLa|lh7{R@OeWFSS96sv4KDL0)C%(!Lv#L2`x1)s+F5GFgKH@9Mmv= z>poDbenKiS33cTBVq96#`p0p~=l_Hj9&jCq@A0e@Jjj)vZHkETn2&1O7_|{yY+*xL zSRLJo8XqcYA71xMy8(cG+;tiqhtlq)vMoB~m}=sv1nHm2$uGYz$oOev5mHj(D7Mq` zmf@7S=dH+q(WV=o0Fo9!zd-i55TnQDKQ(Xj3FO0r&hU5<=`SJt(|PPqyxIkxBnOgfZJbLnSwW_H-p~;8-b&QLhP<5;{SrgBOfh> zG4b5@@SUscb=idecBIT1MNMxLb&?#GY++4(KAys`=+Hj4>#?PMmBVm(+B3eR zis;!!JiU`m_qBa3Pk5GYLB1)Sri5o>v%B4?i`sT4lRvZ)FWO(2aKc*7Yf6X|ROtlr zv}X$~|9EF1729B}@ut-tZPAKzn=bOy{#4SZxal#y!!XG3ni;p*Gze_bjdzB>aAN#E z1{CXs)uw8nGw^Vk`YgJoT)>IGGC>PFO*~>%jPdxkl$R`1>t(8f=jz+MNj&G$?<>eY zx0nhU@$*^3S(VEyd0?4qeM|P)iEc@;?1gHD6k{AowFxEaQyJ-dp@RD#Sf0yLP?bD^5LFR-3|Z^(3ys_7|w7%1M~O5w)a_A`MTW8Fv0 znm+0`4Wn&Ju{6Ck2*izsr6CS~l?Ciyo8a>#rjK)h396aTR)X048a|J?+QPnzVGPNq z?`PCkwi-7J*>`#D)e9$zE_=9K zx&U9)ZySyjT2)xwFHa(o+L`~Baod_UtODRs6Vw5I*adW>3CHuBlbT0gE?MAhN@{$X zD_OmGF~l)(mrfD&OR1iD@bw(q`3VExJHo4BdYb0!t3MW$si-=K>j+h7vFLHDKi&&S zv}eeV1zV@nwp9>otjCR}FoAo2)u!)KuiywUPrk6ahmY~YKHz}wv&irRe&9v5#!YwW z$Ij#f_W8Gj3qjbj*4V(pW_@0lj4*rDL4G&L?NK^o+6@+Cwc>^==u=p`_%v);P;BHH z*q|3Cyxi`&6?#S|lfpkUL5K3z_P%xVTw1Fzndv3g3#{39^l_StUv!iZ>l}Uf+^56^ z?}Ng7?|+%1ahOY)u@x1F;*2`&jw@+Da&CAnR8`HS{h((-`Nc(f#!KVa!o+a~Dmm|T z9NNf$Gr6YNNeyfl7N|YKqI)n>`Y%HXFKJ#D)ysr+s(JfULmQ_10N3RN)-qzwHyKJL zhc9zQz?J7SY7BstrUr|LBZ=pof7Jf$H>K;YWr#;d-TtB+9SzG7cb%f1TNBWTe*>PS zTh8@sk9Xz@C|M?u+9&9AK9^c*g)bL(s)D-PPD#!W#xb5{($?#ijB zmlrPt1&LNVcTdNA={_f5Py;^-m>yUTw~Ll7doE=(ouwN)Rc~2 zI?#HC5DO9~?!|#v>gSx}P2!nkc+ADuHHwkyk%tYrip&hkE6PR+;t&0Wqp6wK_Ln{7 zUXqXHDe+mGtC{r5B-~$Qis>nmasIhDp30Qqtp&Z(UaM@4+eS|`@nPb8f1c%jYR=qf zR>V|Wd@jG&zVQBTumSh7LDim;MR#f7DcW|c^*ts1-FGKWyj%vKb}qJ|gDSCm8x>?( z^IF1ey(l1-!d2tPCRDk5@!=t?dqvgYWs|#LF{FINpXbaqn@VAQ15;cZ)Ri&S^Lgb% zdqV@|P!O5`vW+Hzf>6yVS`bs#+C#J`b@wvnUEoRzco9-!=%}FhX(Dg|NP?O^t$4sU zD8|>1r2H}xam^lNcgdVYHQmKpHsEe#lD24^p?Im0NCVCl%vZ%tylj`CXL|8sCMV4_ zxKPRAAySBqNKK4x_^avKHCHFUgH_%*%_)Jhoo|`+%Z+6eaGR^wzZdOn^6U4OXAnM| zYSk)g^m%6MI5(gSUI|lMff7-UkPKyjTb{5L2cCvsmVWyjMQF3dVl~1P32VEOa8k|F zx9s~0ee1h&1e-ZBt_iz3Sw|oD-#Ge8>ksjNkZG91bzH+!@hASeN5C+FAnUpaO>Mp` z5)0EQp|WXoxB*b*D;hL`Teu3-0X_xcHj)|sU%f#n1lDSM6_z) z5_II^HXnAfC!1S^jmYR@PG@M%LQ5_ao#}L%IadH`72Rr&JFmahtgpwal@v%BuOHpL z3%{0j9&>pSap&Hoy!|40ZaG9N5oJ=lITx}1yF>KdbMB@7cXAQS0}L=$vx+mYDcylm zX=6`Fq+y@&m8u%pci9{#`*f;jZ^h0_=j8|dft!Y3!f9yPHlBPD;pb3zyaTx`q9%zr z_*fm^8Y48j%!oSoMOAw%riXQaIJ?ki_B?!g49`TjAn+t+qA~++-?C_KtA~=rrxCjX zDq8-}uN}Vfp#17fr5dLAC!A9VsNNn%AugL_iD<&c^gRJ)~)wF55n?BQ>*NMXMz^&$>91z zr=II>+3c5TgT8PpVeyaDw7fUw)ep2}g3isrg(0;Xt5oH;9=ZQ8frPopp+kRveWT3! z&}ARdoEeP&aH`oJ3EBC!RX6;@bL6WCRu-)M(93gGwT+0wIYq8+{__+VFK91Fv@ysx zDh^9=c%9icTr;A*lEs@P&TmtEd}H}rS{U<7i57q`%%iB4VBk}PpoW_VotWr4J~fD5 zyx;3b>&f`1*X3*>p;#URCM!IX@G)+rCqT@RUVFcyBXA zQ?gD11u8=9P&e7nX`va=9gohvf>aPHx}PDHp271zv{Hx?P?QNiH&dtYuDa}9zUrjF zfMyhAsqLgXJTMUNuRGi>VY~pe>^Gm&sI!l9K!V@5sYJqiAG0vtz+?w%5ABMMu&jAj(IN}=;!k}I3O57pHbjoip_8^y%d96Z%GXV!Z)Y7?Il zxAt?4?c^M+9PY*ZR+Ua{P0bnJu+hij>d)2hE}8F-DP};Y-oBV%oqzOpJ*fO*9<$n} zC&E0D?wb4gSgv%P_usM3y4V<(o=|jy{As|cjlBar9tp2-3qK#{ujJlM-6uJ%A%ms~*bT9N*X)4scZb4nu;U7j=#SclyI%;g)x3pGj6M#Qy&f@*ew*_2hE#o>K@{P&artKCDt_P9KL zY?D5#foyv4IP~0v0@bY0UCi)5$#Czo?Jt+7eG98kzEF6N8}8L$lcTK3x4ZqMSXsqQ zf_{H^^zi2T;?m~ps1764Aa0m;3HSJd+ryFbZM5X``2_b7yz>__@fdG&frX?0Zg+jB zfX3KOb9ss2He|&oKT5e_bMyZjMmqXqDOe%pNx0j$w2r~Y{7KdsN{kvVdRelO$fRa! z>K4#Q!aDg_f6aQ-KJk|DsfbAaU>Y%rEd`3sYPJlt0<{wTr1`ZEj^KO^lpW8U>nYmqbN9&GMVnCq2 z+EJkDkX9?UC-=o}YToEvN}lQnQlQ9&6!Ya*A$ZV?Zs6U~wHu;YZ`kcRH|7tH0Lzs{ zj3R1iFpm?xZt&!bfaUTG8N58$^d;Z2=z?)z=$i@w%Ut$Z0WjrqOO9Y`B{%zzTH>if3WD%I=-uggsqba3YY zj-&uhfgO*lj4$or?$MIgz`DL%f@%@#3 z_jW){iu9kGj{m7>dEHN2pDeGhWne1dTZ^p7C0R0m;(;ItzT9HXg=gkKqXHP(}M(|Y6R2tLa;lwiK z+ZiM|O@~JZQXf7lU*UM}@Hb1$nt$ZEVE*hVOTe?e-{O0*sO}SVgFI1a%3*7=z!L5H z?b9zvSXCXS9=SbSOzCK&&sov~Rx$5YTxhG8QGrq>Z_beq=5)}~*$K+;WfJvz7g+DKM$UMU|tbS~dbmtz-NMctuB32wJjw0IV(7uqeXCKWP zA#uQ+Lw&tbF|IX1*sEAz?^(Q?KFAA#vSE>-o5y^~5L(e)Av%n%`Sl2|$m9F>DfF3% zM0w^#z9NiL$%(7J3cG|QSEj)kVum764h-Y9gm0CNp~iffAZAaGa(dNpdW~}CK1t_f zYrVDJA*pt={y3_{j6E`mt2b@FH%CrJRNT9mlKtaTxK9Im6U6hU(xDO=oceAK2ZEwy zp5(ZKGRY1rIm&d|ap4x~`1hv3KmxdZq#?;XY`jA+3VS5#`%uds)dozKB1T*W9=6## z8<*r8`>4qtwYmC#33v|kabrLKL=*!Ukfwvl9;tXD+xf$nW5UD{_t$(cIy^DY_{ek3^;t+$fyr`}Lrbxpf$!k( zvkUthzj`j|Y~EJI*Svss-b7pv9OtSlAI>FClLx5hS;yrtD}cHL*_j4yd$7Em`h$Do z4x-SyHZKi)-o4xoQ!ys?qq&~|(^m(}N04^d8*%d)C6P#ksTm|o@Z9rr3$ z`dKpFO7A-R-fnKVh)@g}=N|>0>GVNTBd*dRs%Xgl;!wCx%IL~s96j6O!3}U>J6-+~ z;)%=ufbZ5Xp<=ekEzF=Knu5MK`qd45|Iw|0gC+K_0&0xf@C8j2YM$p_e$r<~%b(SF zbF=%q`4_T0i6g7Zomg-mdb?CDp`(%FF;|DWmK48>l+1kax|MYg4fXZuet%)+a2n z`fVyd9v^XDPw9i5UrwTYUiqehluQ4sY~F`>y=q^Ncg{ijma3AI81~@+GMRu2DtDB)4=43Qck4i}d91h;V z4bXR2q#Z8nUL)-4En}j;RMK|56Cax0J4jSrzqc`W>78QaPnUwjU8V8vwGNS`ZNUYu zznv?28hY6nN>RSWEssE6lOO0c>Z9ksF?aP&927Zw4Ik`qASNRL@sXV{#(+qMlzt?akd<}UDYq6`NHKZcf+eeO8{UiJHQVQcW5qp2 z(UBsba+0|;@bO)|C+z-!s3&|gu!Y}l;YHj%zR_#Ut%4dpmUZE@gfA3)U|JT!Yt~z< zr&E)EUT@#ck;oA5DiQ~Z}?d6cj6xV8|WyYRtJ=Cla8}sa0upX!vbMu(G72_nUgI}x<4ksmgLB{sU)bFl_F2!5?KGhmM^?7V@sQ3?%qfv&Qv2=HWcH=6aOk6mhJZXsElMe%}6yH%cxu4ZW zwUi=Tue@YTH!D-T!2V&|iF6>wTQXsxhLSOaA|ooU4KDmt1V*!TO$ld7Pq9Ar!EypsgE0Y@C%k-~-QuA7vV z^jxQoQXAdRgs15*zzL3Bx7Nb1IaDp4ugcZvdga9(kd8dgNdn88`;rq|mc;4VI{`t{ zbUmx%b>9T?IBI_d9L&-m^x1h1*BJeYiA!GAi#EeauqP(K(rt)S0r;{xI&Hf8D4VO} z$*R-r(c-H={h88bG(OyOxem+zqP!*NZT!9jCXUXU;h%&O-|b2p`1x35>MtG$M{b01@0KmzrSeJ!G3MH zhC0V}QDk}VY%?#n zT5392Y<5pi1^3l^i9YD2Kk^WSd;u#mZMW2O3=VRQ6X^{0UU}`=94#vt4RgOD*m)EB23SHh-I?p}>--a`v{~yNQIxOq8 z=^7RU0SQq=Bm@ybX{1z;R6r!9JER*#x&=W=5$Oi$lx|QImF_M@=@9Au<_GTQKECI^ z_WQp7?BLjLz0T`AXV$D)v!<1?XP2pC!VKn7bMlf&q4GmwrTeEe)FmB1GHgzBx!f-p zf!;<1(WnpV_E~d2mE5JF1dnjn=C8@qw^=|!(RovWj`k60YDzqhzr|iVeRjA1l9Qo_ zccb(CP^C%PQg{=gabCl(94L`LK9$LAwO#Ax%=GB!kNAZws{z%8kc?{Ei#op;O@=K#Fpy zBI2EO$Gp+_wlxByuippGK{_f>v7{H!6FCwprrMIZ{wsR` zToAb>KW}yC$YygZ_)KFr=Y$0Uwa}d!kZ9d6^FJzSq{U zUFRPN1!>61T-4v!XG7LxNL;h>DXp=w#YmarQQ_h4(r{yy>qgA(=4^@xRK@+(>YdI{ z_dcFL%aMa6_K7ApOm<=1KrFRz$;$N5s!4wIxhDr^ z{%uFFc#d#_olS9kkM7er^V(jn0EiT{p>c;-0B$J2ZU6pGQNQ>TzWrUD9^GPl$3#o#)w)~m zs(vZhgF;E)oA5z{_Ru6~sGX=-lmXH$Z;9wRxPT3On2Qt)YhhdE3qO9D&G*$7lQIyE zXYf{=y#EU>S1aD`y>0m0c{rS{v9Wm+K>qSP*qK+@*9sN5RY;JqYAf#9!)tk9w>&uB z$H5V|25kGc>*u;k6h7+5l?Ob7Z4`A#eUWo{3uS#lr~(%OeWA^i0A9$yf)3DpsQwQL zwDRfaO(}^W%YNHYAI~e8f#+n%s8Trdam4R)#(S&|{ej($su^3{hOu^y&d`%wxuMYX zRR8SoBk+v>#+b$J;_PbZ?~A`^mUC!)yw*0XVTFIZfQZY;>TsA#uJO$94Z?*RD=TaQ z+Y`mHHx%enz(ZK6?(@m32rrh)dEamYmUddz-HFPs1k4yCP=++v$@ouEV`wm2{~ETdEz^%=(XIv3 zc6g5QoDAnt%L}kbx2Is~ihv3|>`f|XIH47<#W}!oo{1RQ(gO=iT&jqw0LIcyAB(0u zq1oFp;c7;G^#vsm_m(V*j!G?%Ipj|~IfIg{xT=q7uMd=qP)B_fFOV?lL?6!=tvn|` z)6puByx|fOn~FdjU=S@Yw(0fVKFhuca%= zG3p(Ku23YPULa_K2R{+fhG%Sik%72cTkX)V%|v0fLw4~2gx?(dpN!Ro-R5(k{UE#b zu0DP^l?47+lfmd^1mUVh@*5-tndXoa1BXuss_UG>bofR!~Nb8~69%GuD@Hlbm2@rebWia9s`UBE&> zEn5-I!8EHYGVx`^PKmP6xSENC&+x?0OH2?xc~=Nf?UjJn<4FuloQ}Df;@<5~)G@c5 zqlgW%yaZ*D?%?$YriRXvvb)x6DF%v0>w9)st><0r7IGs=fQ6qvFyuDbXs6*(kkyrA zYJRBTs&JVJ`9CgU)`0yKB3e4VH<&(?$UKy_28RJy0q#Q5A)iH0ED`zpW5O!V*mNL4 zVA$>fR&h#&Ea?Ph(Y3#k|S< zlK6|g~(0KJ#2hVo42?X4` zb5}^b>pM2G6e<9c#~yF5^^|Xw-Lf$(M>QL1I>{rT3`!5AV3-0z1Hi=pQQL8B!c$e; z+GmP@iI~@@!{yaULa+F{X|TkJ2s-VzO!?buf+8N{G1`tUkzz1e4*i3)_wzkCz10EH^)4Ra%sCaYC)MMd&y)<;J6G z+g>yEN|lC~FDb;L#_~n;v*kgp5J{QG`YJLb>(lQ$; zs5>qHZ};GOA!CL@Ec_8qZvM@nj$9TZK#HV90xHFbirbHIz8wkChMH5_K^`0DVSrXF zJt+^P|5!Y9qb-3l>S6(Cbjs#K41qQA;>Ed)W-Uq>XEOxbuxBJ3=FATa?B+YQLZoGs z^c`8byTneK;vHXXDh}k)86AEuSSLgN)D=y+kn)iY2@E7Gntd_?zkR-~&klnH8;$2w!< zQ_al+y7tx+pU#t!a$J2mR)|!C(DVm(3jfCF!x7R<5ZHQr`DdYBPSEU>s>SWy2>#&5EfuY>dV%>i6 zm|P+N1r)m|e&5fx$?X(A`3PR70=>X0T7WuA>|BUUOmmN29zI(K$MC!!>luo|1Hlnq zB!ltt*+F}_Z7;rjI@iB=3*NOmiAooPmmBb97Sp$iHFlu`#lhX5-Q8PBFY8vNRj*a6 zeB1J2Ja5^6HXk=BIiP?-{)GzmHOL>hbb+0j-+>8rZX_i@i^Lwht1wN{V!yDyBQf6z z%}#M81s^wbtHrv5lhYVGSR9`CW8u`yoG&+0W>I4OC`A+x`Zf73BHI1farKTO0_s0- z!sY;=YH8gWkNKz|)F6DqH`+%@mVkgyRV7{y3CMhikIzh9Co#%z8(`>71cv$rBIUVZ z4k_yL9D|>>khffte2X|r0KwRPJz!bImsRQlA1zf3uUiA2!bJBl2g!PlqDvpdEgpO0 zjCyxh|6gXZgs>*gd{8-wuhPI!Vy)>5J+pn%fAZxfLHJN=&kSoeOujllgOcn5Lr-q` z3A{4vCmij4s58{B@he;*M{}f1Eh;p#;;TCnBhgmaqLE&v#JM2bjT*ceNv}3&ws2(h zn!6+1>b3v3)>av^cAQl`sFMFT--$e*=ZI)6jQ`2&X~K`^7nyYrl#o{8 zEAn@hQ%}?%2Z^m*NBS1-r3~@|@E~AeZBZb%qqw-{8`0r9n@XQyhD z75ZLC#KIJxSlh0N&1o(xjkt;avwa^kI<$LPm6!WA7VxLBbn933MKk5t9A07r$C3#g z%aPnc+^xoNN`X5M=!_&m;9Ar$LbW6>vUJzh2Xt+6@DiS@k89M4+0C$ITf}lZn;ZJ4 zV6EG*mrl5pp9r!DCf{I^ky#oKm1$g|&%5PKN@8%G!BAE^Qu51XfbEkIXb)VoZb+tU zcjWK>@YYKfZm>s(+iU8OKeJGq1(?Co!x$S4W1j{{T@Q^cR7)j21=)~;N#{2kQ3Hfs zHclCXN`VV;{uIvQH^v@cCcwwD=e;={%*{QO3`sF^5%n4ouk2bA7(AB#iQbji{pByI zSv{Uq2DVeNGE$|^IP=sxj9$!G0VOompB7C3Y6M9^eW67DfCI*V#k|S~7Uf0arS2Oj z>1Qu5VwT#^-_@1R!< ztho7Q^|2B+a$_2fqSjv1V))^NvvbTpapDBtwNYG2wRsh4ZyKU?oJY?h;WCnuL(ygW z`A|8m-{8n(t#-sZ$(|un)#aY&8!DceM}^SmRKtEo#=n%0=7dZH%bF#)+)3S$%6^U(bt)W2<chKUR)DUx20ikIykwFMil|8(`L0=wvG z7%)Wx{&Z(2HD2H%QH6BFcD3}>%Do^n(P6eA8L}T$q@)lp3Aam-i$R3)V)*#N14(}0 zAvuJOR2-**#8AhGtJg80Mij-TO2Q-(_4zc4Hz)1o4SP!r2hQ78gx)&+Y~sPVQI5kd zNS%RtUmi&YYn~_mKpz=xu=gUiiT_9kI^KrfZ-a>pIN7md+HTV^VAAm)EkF#D;wWB? z>OE#vn^0J@vJ!UE4cl_y?>rzCf)Y#8=Cg_2O7~-2jtj)3hKaw^1zifYjIj|l&uwM> zm_~xdf%}PID8b1+t}D+C3rVh|uD%K-i1oBb;==^ss@1W;8z?{H$)fnNyStm!5G(ej zTTz0qV>%diSOOhwQZ8m5TJmc>hxbJoGhl2`^R~rPWHurb^_W9M0M=_}Dg|tqQ zusD6xf5ae@BQ_wdc8B&cbW((UVEu(@heju>GKeA1Y^`J&&7@U2Yx&xy|1%zA?tTXR zc}5=qNsN|=eCp^xEYzR61c{L2{4rY@$ft(60+i1MywN>Zy>O?zNt(D|;0Q>dkNA4G z?!P<>TY!&(>VZWS(5{kb!ZHn7D4>kZZNGvOzFL2e5ksPZ*VW?5)3@nq7Z`|gYjre% zGOTN`QZmZ=)9bY6l`-?q^r2(Hw7}vF@5GK{y>x#Zm$H+i=^IfWM;N6$o;sQt_;Bmj z0;^_MQC=lO9#3il+yc>*GaJzOzeWBqmH9&EU0WfmF}$!>cneuZ(=bbY?IGo#oQC06 zy7};CvCGtrwBG*emv4lqgRFI~PvFYr~KW3mLu=iWSL0`D(5ba(Xo- zv!AcBdg9vYtgDNm#%Mk3_(Exg=ShS(<)vgSx>f%2{`H;?ZL5mpM2`wM7_*=SR;u`S z5Xw|)@iqtxgFLrZ!ie7Z8bi()Sr?^&-=|>=d1DFDVc8GKUo`JqF1g2NLXZKbM$T2? z==IpcV+w**|8|qv?==!WU3TcS_vWY@!DrN|r|g7Qgx7q}#%^DB?R22%&FJ&eO)osh zFhD8-Zj&-G7HyItT@@J67cCQ8hdQz!Y4_C96QjdxXwKjTD{@A4xR%&sYc-FmLvjRNc<1+8&jE}+L9P5K;-E?Xj&N}*i zdmysjFJCN%S%wA%s-);tD|fRG#9G>TjncjtgE>)~>=d%}stN+7^n}nZ%Kk>uFCgej zMuTr?vOva&v|^k3mu6rZ`Z!gD%<(n&tge>$1RFyRG9Mj1kH$G^Y3!eWsEZ@OkIuET zzoPEANlUFjr_U{bfyHN?t3kEIZz|0X@@&JjbLWIGMdA5o;2=l}(UGkyWwyS3K#PZ8 zD@%IP`!iXo4nIi9tA7UrSc;&&adUol3nuJ$pOrtwF{RewMWgX)-F9oN@FkedyI}+j zT(#6$x%-IjGuGjOU50cEb`*YpUz!9-pO$Gx%az?si)#Dn0sW={!~g4?BCthJi22^e z@TvwewXZTV-Heo7|NAe$rNAR*qNZYG{2v*z`5Rf%qouwMfzh;LP`GM2IX-u`U;0`9 zIWti3H6{UNK_{?ttt>E9(;xR9P=%9(3MCpw3^gLbk_y%3i(OUFvD}%ufu$(tG_0|h zOpo)3f{Zfig+-D7NxC3P_bj)W-lt_Ai^%aGwgtslz$IyMIp`;$t$1Ue$9^YhFy?e% z7zBH&oOM97VXJ>N(ug_sY|UXy`9?d{c+cv`C+c>C`ED+4(Hvq&zw?y2n0T6%YJpY< zs8|Y@L@7WHl?%!#v>C*OsfI6g>J$VJI>An+e_?F$FARE=XuvfzZ3l^2P8s)gzg2?p zTl`7puCmcB&R&p5`l0wR{2oaXtX!}hpQr8Pk3INcQdTHUX#y_?21*{nDBSQnj$!1? zmsx%<^tmY7Wslc@8|@h z$$KbfUE?MOj-AVsN+E`nDmP(W2x_rRW`_>a!xz6G|6w2~-LTddXX;amXWDPi z*sG7OEfv&f*B{Pn52ldBAYVou|q$5}J#!qB0 z{k8|!lj8w{9WzVb{yaVxA&K&z+0&A>pyT4G*P0y&V%O(>Uaa$X zywvV<*3XAtySunCdy_;A4D@yyM*@4RA?v@raVZ9F<0BnY2RIksEtIncXc#q6wtsgM zoMeGJ^1TmL96^4jcEfrS#Aj7k7>LsS(g{Cy@jOl-NQZu*q^m;IC1`O(E;;J$P{#8( zbmbm=#%jveX61jmKw|7aEPS;bL>T42Vrl~eNt5>IK#LR*l#BxqETf@7X-RQo&Ur1t z$l?;i+F`o+mE#Fgk0&*9Pe!jW=p7%)i{_(8Tt?6rr65ga|L#@=m6w|fVc=zkJ*sTm z2*t#%l>th&FChVo8J~N=zNOFMg9~iu_z<$*GO<4%deIvTzjL|GtT$bXTx?UO2l+CX zp*(RU`QPF4ayj?Y3SPux{H@aShVy7k<0xl#0JT29oH{M zL}QQr5^2Ex)#Z5Rj>L)Z54x&+X*O+B4@zR8DQwA$JOO4(4l9*`)@kR;e@1z|JnvR* z*7f$m2Aw3`#WMbPMofUz1ajAWz6D+&e+gED0 zD>EqgPPc)I*%((LK6_w<${;KGyYFzRh1r>uFQS{c78lb|CgW3R=WjMjc>bR!ps-bF ztS22`@DJO4V!A{{Y)Gj;E!>cWepf_M?fn=LL!;l!etAH>MrhV>F-a??Rt>8re6f30 zw-{&$^}T4)xD3HU$1Cx81o|%Z*DLQ4%}Zwq0@)+XzjbwWli9w6YRI_P+QIj4Jdvsw zX|GG2?{$Jbtw0l#br$%M!X6|SBcpR7TiBe`vKmfmEACH!Pfx567B%Cp382^SP3`UW zPaHIKU6-c|8c3XQYV6|Zgx|?0AM#9c^_Cpg>>lH+jKfJvaqY95qpt6e}_o)X5S0Y5*#bHt*pX|m-BOZ3ux5|7J$UV z=LCBHLSHfP812I%RU3*)AaOe^Iefiy*+XkXvEyLtsLkQPWUyEKo85s#-2k)po-a-tc|{3n-0=@3?;?VzAv%^Zt>#8=K5-Fr&3kubW^3L+-8NiV&f-xA6;%dsV=Rxi0(Fn$L*>~Kvnc;6TeYIQVlyln z{m?dr@*MOBm3A6%>n_45aGHP>G==`U3A`3c3T^0NtxJ(ox4)zHYjPQXexjgYYDVW2 zyud3E8va#x=M{lSx#jLA*w(^VuTlRQ50#rAL4VJO< z7z$68d9Kd%AX=6Q8GnKS?=YOO?;G2>4O1O%;v@Ep_V?QAt}I+UPdUAP_cDB`!uLVU z+&O5Jj#3{1$sLfm((4&bMnK{NmdxI$kvM`Ti4}}Dq-8QCHS|5;^IrTJtU~D(fqOjt z%nd(=p#(nROv#p8E2}?`*%+uwgN>%s8Q60pwfmEAqQhu13~|GW)IDw6w=?+u_CcxD zKtDlV7vk=3t?X5>pIZL$M!aa4wRa9DJp=R(l)fl@QB-niqZazv$q~kCw!? z!VrNpA>ay}>IWex5yK#2cYj@L^McU?J5ep-zIQyE6vfwQT{-|GM z2g+9wk;}U5;`76m-m#+kmoWHgtV?p0B)Fk9DBAR3whpYne#eYz!e<&s>}sxBL!T6* zJqF|hD4x8vH&m;ZgCd5%k=c&@kB|O^-4vWG6SM~a4bn?$A8(SzIV37HVr})M_Q=Qa zzhU0&HX-{56%seVvY-Z^i9`pO1Ej`D;A0%oK)&mVtHY?9 z954*~cLdos;=A`AbZ@`qM+Hy|ADbiKd9dY2!8bUFCv334O1Hn6>c&v8;nRHYmf1V# z+^l|K?|sm43BAd0Fi2Z@o>lACgx%Er#dux>Ikg=lryK+)tgVTe3D#4Vb-{q&OM)u} zYLnXZ0Yh^67ubc96Mi>IoIV&9dpf7`$YsI zW3-)dg3-ZOc;|BpT)%U8PZ%3_9_`J+!euH-qCAmvES(;Q>m;TyX-w1o4o7dJVgK%Y ze{Bwd!OZ+Y8l&BG>yT)N$L@zW-R!mH`XXVod-l2V4;)p(wrr3GONa;O`aHQk=D!aW z4*HHZ+_#w(YNBm%I9K=QX{fz)v9JE7_iB6*uI9w6kX}F;FO7`_b90zA0mGKQJbD_3^M-7?QOI)hNWD~S*`ln7V&Bro+hmrrkp$pYdf#1x~*6psgZMA$m`lEwyRq|Fouw)mef33bQnwbgybpCRoJyC4D`yvO4@U--gvHJ?10 z-DrW85d!xmgX`I#=Z2g{CoJNqreMHVwx zR+ouy_5iZ~wK$fmUArcBu;8)3wKQ`hP+}mTPjz}L_Ut@f<=7nsjCgK=CN%Yn zQSh_fhh>XL4rW^m4@%)ShR%KSzcShp;nsZ-T?zX?W7k3lE-}gMd{y>EDV(5z0*xTf z{!@{3(+(}R1%djjnx}W|w?@?JE@@TIM1g?7grD2?Szr?_52HfUiNM%SVDYJk?hbuz z`S;hB56SokiRgNgp>DPxqT2l(;_2|!>R5FF8<~$DR+pPzMK>5OHOtZSv!C|^ztOoM z?OIzgNl0^h!M8}!lM&;C%;kHwC?TK@vf-&;RqmSsA}Ag5WhX!p9+8(U+_0zpiO#3- zyt-)E7U5sH`ScYKxXt1~y!%u451DAjnh^1>;_Kl*D&wN%8nD2b9~Hr$9k_qa=z5mX zZP1_>-bTDg9FTJBc$UTdB119DT2xUm$g&LsgS#BDUi_^9r1w2ipo<5$$)d~>gP5iD zp~9ZMMf{z!d^DZrUiV=Tzm{X7#zS&nr;U=MW~k#S4SG2S3~)RBDyYlTj8-jQou8Lp znD5I$u8q%5m%veNg6p$n_syn)jee`cq?q9<(OBz+9UFO)+2IYda*zC?qAJzcQmZdK zB0hdx3tE;)-rr{imb?B%77|julb|yZOT!!!^KP3OlrknB(P{6YQE-h$Asu?( zFSh3L{W9pX9Jboo5QtWGsn9mF^;mO!h|^<*v`Zh7Juz!hZ~N=2Cb(|;XZw{}ZT(!~ z4vkGHF#T_!7Mv=%1)dm*82?a%Mon}NOqHAiWjbs*PEK#9WLU4m_3?;) zy~W0Si*{$EwzH6C)w6yq3FWy7_x%{@2xU&^!yYp{vV`H>wrjHKs*Rfp@dD?~c+8MR>ooM9ni%0?GMNU)%jb@AeHlK&0m6ey`Se&#+F znrmDNsH;9q@@GWUMH$x_bZ;JISBz}kdpnbJcL{9jp^+Aa>HMhbcB07#I z4?SQ+Sz!d!XPn-_>J&`J+{v(8Z=4Pc3>gN~Nj7~LAzklxgUffAR$#giJXY>f_w-jb z85vpY%5CDCwhPoWlGESBNak4U_eJcMd&Rd{-IYG48I&i6$i(O74CIe#O?9WWw6Xus zLAoOf*N%p_C~NkspAgvc9^Ytm8rSEKQ1mpT%?%XS6S=aJ0$!s(7@*cLViCmlJBrJq zxa=hg4Hq~^b9lbgM>F_-3M%f+Ob4AmF=$2o_Vh?iuj$}=ftm@X?w|`YKTw==Nk&3$ zB0~w!4;&#=< zMP>Z0sBiZ}{k}`_X_MtL3*d5uf#U$tP8cHE;YazYml62q=Feau@o|ym}z1FwJYY477U+673HWXl( zDcP5`2Dd8!PDklT3)Sv zC@KzcK0%DWh8=#tt~+ozdXR+2dL0I1A5JzTQxIQ@oc$rvF>v!k#c*a2kNr}zUdD)o z#c(DfAA1{`Ir!E6gRvhM%1)JF!+(_HUb6RY>g8SSLmA5;zL{bC@y}^H*FsK0P0=4E zN9%|#)?!+sUp#X^=kI9V2eYQnj2?w^g~9QeTsLZtDM0LSn^k+iedCM{7{6hdZ_iOK zZ$}*UfE2}bA~|&|XofoC@0h1W&+qAj7sE~*3UtUI?+EALELq&a&nFD2ZQscOpG3zEkZQnN|}?@ponda}ZTo4x6+5?)(vnu@Sr#8u8q z!%Gm@@8a4W3~!8V#T66`46bt?tREf79?fWbvi0V*kTb=!{r|$ZL?TulZ-Vsk7BGdEk^(oLE1-lnke70aKq%u^(iAD(m>;;(lunhU6ZrASUs~f;WARjOp@da&v*ZsV9&D^lS0f64)iXLkMJk6j}Q>IY#VBX$;03u z!!S3w$w{I<)0`8E6p)oP6Z@gZ0+LXqvqHqD%6P12-z13<3DRy1)NZLDEL6MN341xV zJaQ<#*bm>Nv7m1fs%&)KaGqnFC=}y(6LU7Kvd>uVNlibChcd91@1<7$^?+c*cGF!K zkqop;*e~FK=nVd?xM;ZGwf}|;K4mJokG0AV@zBY$6uggf&T&Hs1QWsDV%whQBd;Zt zwcqo}0G&Sl%(khC0qkiarJGf-AHpCJ*rB8;8ufw#hL4-(^Zv#Q#1*x$7-0-%R;W_h zK;U5B!O{hSc)E#qZ*NMKf>z+9d0W24T%9DBV-Ly}Q35Jx)dUu*2dsO0{zArHOxMt0 z@EvAIr5*u%fnm59q)&1Uco-rKx(-)a@a8EqF0IsMFONAuOg$ayH@MW-rBQ32u1+!` z&A3wSXXJut)V^=9pqLYy_^b1n71Y89s;+ZBUaXZ0)Obmt#)GZ&hn)c)7{}vbZEU$F;L>x;N|J*d6I%3ofq*}Ic0)VTi)p+{E(I!t$TuJM%ee^)ykg{wpMjU z%p^YzBaaRjEh@Zh-5-n2zh~&<`o2*=UlwbXE2mEOZx?U|u=97OtJdeytZE@7gmlIEA!MC1!=5jydql0btFInSwmPAqeLkhLq%>wsgQms}fW7hhN zC~MF717Q+?TQcYR;?LUJ*dv8_HqzAJF3S|D9{ayA%k#ay{R=8wgY#MiA;uFD9LK33 zc9s-9vVTbiAmDWgPB$w9E2}3y&4eGn%em6of-%=mNw?x>v5zFu((#{fEPx#G4uxvB zjM%KZA$DJ;Rbcgv;O|z{BrOudinzFJm;2La9Mb&3bS60uNwSp`)404 zliG5f3!G2I#(mM8D|IjXGx=6*Dd~r2qJr_fEMgM_KW0})b)O!_k#Ai$`!HNPEm6zM z+4Hgv1P3lMQ4>4pEw`z9o0rPiqH~jsS(6V7&w(-IJRQe$a>hk6%H+V_i*1Sgs-#(E^|870T&}Y^2Qw2y zIm2=Gs8T8X%oFTU@UYOl0bOuqs zMtMqdQes}HCv%!2Yy=B~EQ`YQF26rEeo0_|RlNAFQzL(If_qme*|e`L>EDy9R3*2+ zVfLLzJxVe$xQ(kuM%^KzaTL4afzD9+X|>X+mv?tWdwBp zf_^)Yz0Vw5LD`yDC#7yTS9k`{qkwM5m#-XmP}tytqJ|uR-Vq0H^lU~QpJvx$^Xf;B z9`#+nr?RCnl2diRyB^(3WMRwXApiOr$NMpL6WIZ!JJge<=uL?sO^IPmiIGiqE#aEI zWlpCHG+A+h`(GivNyX5kd_Ea1LN#iY@}ncGuEqh6h^flT&B*@glLskrt37sc-)(N> zePupqq&3w))UaGsDO&aHzdj79cHJUl{7OuvwSBs91Dy^AH(vcAw}H`&BgMCgqy6X0 zwPt}|`lLRy7%Ep7M&h zUbtoKYk1>&c148`VQ@^zs#cW}EK=z&T4G?KSDgBNbvzH(AWkxXN1u;vzp*flT_eGgDpcoADtVTDWAf?lLc>d;8%-Tm}p7y`dsbehA zmg8lqxnFeA$E{NX8`&-+!faHO+wZGhwc@1HjekTw)B0FDcGf*M{frI~c|JCcS3yHA zrD?Z|Lkh+Y-{SpxTAkgwDvEhZUKUDP zTtpDF!gXu+%vSG#Ek*CnQ!RoPqhYz2X7H=sc(@0C^IK@j#ip*9*{nOV2;H%|KqK3T z-OrZKm_oxg(9pj28isW(%8Fz?wx?+~n1W($dOG!ISz^;b%A%*7_~% z+K89>iZ$iS`x-xC$HB@$PN9x_M@4eM8ETZjvc6FDZ)Z>zyT)IHhIJp2wOCSMYNI|L z+>>kvf?3p^E-COGNl#zCw~(*U&|~#B>zNlPs#8OLR->Y$E$3^Phzp&A#sG&ZL#CyM z_e^bSWn*~arV0WNw?H5CHb}c_&J%XkJqhMZvc<)p8)`ZUL+7Jn3*}$=nV)lN`Yf6w z-{PzEcT?6`Ou9DJ)WuPb>6u)hMNC$19h4Y`sH(3Jv~i|b@n)=~oSd38)*UN!n#-No z*qr%?@#?dW#=lg)sTXYx53`lCl62ITKje^tZS@iAwmJQI>%CTAOj?<3B65PBo2GlN z9<`1T3G}`_l2jHFs{2Lgd+ti^1ix$Inavfm%Hf-ERVY|x`vjxQ9_MlG`kJxcoctY{ z8gthyVP|)&d?Nca);W6JzTvaD_ylKr`5Y#)Jiq2MFm3eBh27v>3-h3-*@zl)pM5Pf zKUTbl=|-fK-!)%K&Qj?J7uSRP@_AGj(JKZq`<5Cs=yy~_PjF3bHDHdCMtQX%QAFY_ zN;LN_ZeM}>I#k!+`|ENt`vl8KzA%jf9h2-<(7e1neO%S@uh?^@zcw4EDU=_ScXk5v zbcZbfUdqmj&hW)%(tfWd!?*P&(61}c zeeB}xM=P}l4mpwHZd?y0i>bI7?k@QRFOFoLImG-!->z(uwRee1wjg1+#3aj0d0nyP zQrnm^HV2KTXA5RF*-eh8pV*|L*MsX~xRhyWX$|a_hl;h2c4vv!rZ8=djKBXdaNfv! zMUqRy$@yTSeOn`->^l9HWa#|%+gXT5oNEgO8`C~pZJPx(ceI)k2Ld9PSO+`~Ljp>4 zy1FHX0c8J4ZS+BTx{kZjOdmJ_rewip+cUd*d+8C; zlPnxp_IvG&R_Q@ugayBG9ebgK1U}Sf#EV>}!P~?+T$>4E3iIt3@pwP`!PP$6-}~q{ zxc1uIh0HHU5QDE^6W$Lv$-haAzOIOV-J$w>?yi$MNCYheCJmhx&fv0 zZ+@-?_J>1GJIxQJy7uS76h|^t4(;Y=J3~{a9YvEQJC-%MoLg({Szif~R)3pC5sH!U z{05-(Wdusg)I9cW`!}wNutHYH<7v8KB0kcJB>FLjE}Gd|-r|r6J&_E{wDULhFj_7v zPXxEwDJGUl$A^44Zw)hT?m9kKFArp*UFqY>eqSx|#2v!?r&O}pY zab(k`UD}eHVYHWCm9FiQ(fc;(*K7U;GU4CIzyR@nUT!5Z7#`4earm( zs%0fwTB@~*aDn}Xf{j189nKnK7ZN4)t?J%@RLy|@$i;nr2oylh69mVYZiOulC~lQ}Yno?xFE*dr7L z@fCHt(m{h{E$w=Znu4;%@9m+smp8p?Os%WmAKU=q^JGa_`75{~L>Nkz0=d6pEzZ$z zEq6-N?3USnWWsypX@}viQmd}MIV5b5zc3**Hq8BA`egg1!d2wDEnx*OREL+zMpG`u znEoUVJ{NAY?#3KU*%9r>t-C-?dPJ%$S*|qgp@DrzZSq$=c=+Eq`qI@{WnM#77oWX6 z##3$1Pbb_!xczev|501BqJ@C=XNd01y6hBqz(#m_)_SoYoYBrn`H@o896}|-xOecp zlB2|WmA!Vi|5Fj-f-};@msR-N_w2d+3~8zTjd7Qw?xJl)24-gF8#)-x>kB;+TLQZe zh88e)UNrOAq{wAazdy~n)FU2VmWqawqyo`U9lYr{EDV-wlj66V3typp_{cR4#|0Jz z=M}?MpVX&JYARZjvX3I_G!ruSKVB0yh^tVCWy@XNQdq5|&ZSoAIeU=a9$5O8c{a$H zZ5sDzjmUIze>@jRh`|EiTthQDRjXEBT#ak-C!5>r@{SMrTHaPq>10pm4Vv`#)LIZ} zj?{bKH?uuC-{b&3tHSL(zmgy3QIh6c{baqRX~pSJM#-40ch^Zpwt^Lfgp$87jN0un zJ0DoFI+-6_Ty{cFY}GF4C34EvY>~0K1+BY^8RqByu+Ehca}odT4y|x;8DF#3u0c}k z4oo;^(GOP|h9>MC-1&?*o5AO@wJ^3N&_6KYuG~L?{nlyru)0O+{nHJev8OZM;lr?+ zoc=sM${Q${gpMH1O9;}G2c&r#<&{PNLN*I@z#;+L0wcZM3x`S+RjVvaInsUMG-hbks0hOr0Ogt;pSe;ayXE^L}kE$iF98dx_g zNPv#rDtM|`U^{vXR?0?`@6q2IMi9Iz0DSWZOK?$ z#(7?v*kLxl9D0w|>a>&ms66^p>91Y;SZc8GBt+}t~r_S}+&&&*3wV!#IX zZnan%wqreVU$3~}0V(~Mv^AQe?3Bb5kAUoSq%QkfhK!PEHuJl3vl(gU{VuGF4hIk2 z?(7IS?^szy6_9(e*SgsESU3nMa2tw?XPrHJmSGGV-GG5MkDt@QdWaN8Nf#zFay0nUanVJrUdYx6Eqg9O432gGRwivwk1q<=DKh z$x3;>fZC=p|GMql^KK(q4t|Dx6rs!T2s~{u+s}nN%{IAbTP4dzYx?zY@{V6(=wZ%& zl~3OJf%x3H|?C!DDJH5oh89eNPOm|0!wqn5po+)I<8 zsU6QoDsB*88kdC&$|E2-y&oLH_s28AW7ENZnK&n`(#h~YNoM7Y7rT8}7eZB`z@*nf zpnOYk@*28Q{bS#te-UT_$>j=jltrz6JW$RE-(i^uP3Q;N=DrW{Jto$@vGnJPp@n8Dnc3UZ<6?io)7PG&XFX_nP-Rf50mxg<|W4OA-c9 z73yJ9T)A1SGj}%alAi|naI>X&b#t&Qs;Q|N^8H0m&iEAhQ(1GczI0Ij>qnHY)H)GD z<8rZ)VF0emjwoqB&*Oi)d6VbSvE++d34=K>MKkdr`Mfu|==9jD@rz6pwKzB(985Y- z-|y83CK;@_p^DqT%!Rewo&G+b>S1Q!R5)qZBdGP32ZleT8j3eMi)CqNJY)2mMB*FKXz@E-f_MscBO-se9NqDNFcy>)4!XzYhU%}P4%YAiUxTP zNAVt`_D#o>N)7?}L@mC1?pK%^V$hEcE#ujXWWFK03YT($7E&*k%@#i8MaHUQl_a_N z@(wWxabzWN1;DU-1nBAVr=!S3b-~-RUdFBrw=#kYh@Oybf zdhK16b~IybnPKuXde#`D%!T@JtA=boF?nO{jMb92f(%9RyyMYGACD8mgt@8DBI(Ln z-qR(%m}IL6i`y-8-BqFa1xde`{G)PT^rH1<2aAO zH0VZ4FOrZ;MM<{tqUT;l3%O7Tt@p?PUiW)awP%84b*x_|>`w{2jnvM4*?EdXvSquk zV)v7V-kC4^2jNG3lTm1Au?yYK6+PQ|#J5*paFc%M(nCE^b3Hp6BiU|?;m{7@+t{bo z#Cf}#sVDXxWp-8(1)*SzIpzx$sRsYs%_?m#ol%7V;ubH#V6#u+med zDL&2CxL2YG1X&L6^@H=7h#jkk9ak*D@1wyQVRoum=R!hm~b5_ zIVJMGVTV;NeYio~pOnllC(r4zt8egbSon#%)6ULLwuruMT80tBZPpH51&ro9fp5G} zo$3N) zzAHF@Klh-OXh;n8@2=6(W*#RsyMyUzwGD{hz+cN?aN9CJT zcix54_?k4obLc%OeYIr=5Y92c!%;3El5VyknPz?QJr^%fyo-;$ zPy+ER?Ol4r1}igtU(eB6#-jo8B+0Y~oS7;Av?2P|3M|efm6~2q`kcUtAd*qm*H7;$ z)?#T|I8Yl#wf+zCi4kxsVwba6Q5>_uzjE)Pw)>wt-gHB0lsJd*w+>P*Iup)ob1+{ZL_i4!ymY$iZeN znX^s2knh28nNx*jWl;{1k)AR9X$zn3=`#O+oV|5iRo&J$e2bujO1FTDbhk8$fRuEn zl!TOYi;5_z(p}Qs9g1wEMY<8BTe{!5P>geLo^!s>Km2XCd#yFsn4`xv#vF6~Om6^0 zoM0X%CQ3*k7jSfV@?trZWwQ7a)Yz9MvuwdOdy#MoC&rZE(A`q`dOsE zXA^-*ySKq)lD6j|)xN(_%e+UtKj`1k1U7!H>bw`yv6CYb>3`F0J% z&gx06d%aT*qlwp{1BrOw;uLRdN3jWB&JdX2HHl+JN(ZLI{0JOl6?W?9M+OU+8Wta$ zA77atEqTR1V&eOx9!V4A$7g0Tt2I>Sj#o5HHBFY9}pLv7xT! znjZ~xzXf0jBoom0ri@9zy=QMeVubcAXR$yJkZfH?d+!-()pmPx^UV4g`csG-3J5Wv zfG`FG*feMS>>q?>d}h*l_B*$}w}YzR(MbH$c`(jGLF;|S=GdtNsLqw1%c5eJsV=5| zeLMld3@gyI33h0-sd87$)Hs(KT?@q!0Q;mdsqtyq_E3RVE^htezip<&nCI186zKQa zm|PLoHx*aS(r^})fY}08yR|3b^eo$eIO;u*lP^`E>be3tFfsUSYg5nzN8ubK_ir}|ixVGDu?uC7p zK^MA=b4@Yjf<*;B6E_Wm7;uHCw{1P2&i8a$S`v*nWZI2=0oA|RsN|tG1a*!pUHxB2 zMpQ1bk&h#I7V`$0u3Z56#@hRDhzyC^2F*Bam*Xuy&G`p7rTUve`D2 zl8e1`Xu)gi>pl8`eDPy`l`5O_Jw057GYkGGD|EZz3< z5sWuhk4iJ`z6UcvQToGTV;mo7Sl@UjLb}P^JTb4lh=>TjmUl?KfrSro^7iOarP#{3 z2DqNVlP4}vUqm2pq4Sd;k^c>uZLK~r|M`o~LJh%ZH1~mLfo{$8fykKGX?%BXMZa$e zXT)PBm5&X2Z7e_leDw9zZK{W+({IhE5n<099Q<8Vh*`%8L;p8*}}d zz$+{kQVNFr5KT>ps!em;dk0j2W|0XIlRD9Ovq(;$1YhG2EZBY4_8VD+?H2=};vNm(`IEB^$m)H!{g@6qg zS-L^&sJx~Kw>brJ#KvVIWeKIwhr5tavsAalsv%WdG~K#KyRv9Frrk!ub*knnf!oIm#uf;RQ)2HDX&6Si80QdTmvfEpJvM3@pb+@rhsxwe3jasObgRnu*+{(?fDh{cZ~L(I4oPYDO1&o*UyR;P@)iu0XS`@Z>Gy zK1K3e0Jp{7@+ZPfYeHCYE0l10h${6|OiY7Lk&=T>CC=4DJ55TeXui9|>r~2ZQ~ZSL zwY<#%_Ce@=YAE2AZ^zqNRrW3jhP@X3@5ISGlr6XkBh-L_>iUFP&u;jI*M|f%bs}-1 zfD<;ex3!%9%JMkwXloFWLA6NH%gd{RW|`-3&Lgg81f4GhKo`Q0n)%iieboys^vk*5 z1}3NFrOm$evw7&AB2ewD8WA~2f5U3I;|@6Pj#K^3Wq^45)GG_lV7Vne-smOCJ{M#% z-+gTA#bKQG3(?XT&7R~|KMEzI_Z$M#OoCurcJJUHP7GT2&>-gk3pfY5`<|0~7E_FN zk1!KDpYcwDK9IBagyyv^=kxkYA#1tWjh5FHUnG4kM`)U(;-Grq{rLNLrHJ%yN1uw*^K5Q!1=!<`W9bSJlO7MtBXcT7ZloT zY;%qFJk)VFbieu|VxS$45C6(FU-!N~Y?u!aWk?A#e5XwUav{h6@n~qco9R^lI>R>U z@(;r%YBlNMKAbl3RvtH+J9)8wNbz;pQV9p)${XV6-kFlN7cUcICGBn24=bZ#pJC`6 zpy@bT`%R`-sjaA|o~ImFi6nU1*&T1XDW--lQSn*B$C5xB^Ex_KUjV}d0%*N=TDA4m zC#2%wjRioDl_X5j%?6pMRuiHg^e=9GAn*Lh2Ii1k*L&Ewd6=PPgb5`*yPu$umDpQ) zwL;Srg7Fs}xFqCvzU zHPjxKc29SLi_We&F@cqkJ9T5lX`!`1g99aK?b%zumS#^@09T0&dYx7+#`bN-?0J)| zvI}YNl!pL1hLv5sU*SDqjzhB?{PsI?RpvL!nIrm*IRcT_0=)83fqn(y8*oYa;8P+# z1u%_5mwoi+AVr?L%3Hkbu~d+yGHcDVu-{B(Ia6l0(Qc;3bw@uZX>MwvdS1U@I<%l- z{5*!>y7&M{k=W%bu-a@6pcA)p|11UZ*a=(^s~Z8+D^pB?;WZ*WNfHr&FshmgN??ZJ z4jM>s6OYK4n#nBdH!e0CeKP6&L=3{sVh-JX(}UsY zFpU~RLoI*rN$u`tIT!`p^Z6Ye0~T4)o|4Q8)Lh0~G-t>5*nOoyiAlXjxQSUmqbZFQk_6?Pd)aY+b*a;#+}z?-KHCgijfJhRX@-$> zRNBM993K)#uaP*6ujx`PjF^pg?DvAaN>roDMb zW07$ji)3_{_BN7NgOTq&fFh!-P~YUfAqxWsfIn}#D%JEBWUGzBr4~{)Ny;C=?$l8r ztkLxuw~nBf8!$eU{!*hA9C~!CMXjDK=OU`q4(;t-uZHJMj^m?p;QSfQ8X$XNmSQsS zS!MMK@DHl=$<(}pkZQDQgkf#|*+kwZi>u4`WBtFLRUtv-Q@Td6{%-f5WWo<}Eiy6z zuhzPgWw{V|Vk0sKKxKKUcxE@KBXuE(CT;=P+t8u4Pt($yuB0lNOjt}CvZ1fS{B>~U9@ACuh*U|mIEV= z;UBQ%Isgu!y&TNq=eOc@g+wr+0u3IJk7|X*q;j5Mp-*M{@%Jz)vWiHfklUWkf za7(go$E1J_&r+$kscU{PC13RN;%rtr0d&YXTzRakN0Mi?;h=K&CWIoYW1Iw5(wZcW zN>|V}cU_L^e(YApdUS-{om!7Aq{FJ4qu+`7(mZse9Vc^5N3+tW%#wu=GidXeXcTO) z?12M$SFY^?gdXB422HdXWJ|zh-$YQp6cSPVsM7Csj@iD$XUP4cZX>?~Do5GCyQzGW zflX~QFO@)uXTP(90y3l7o%x-n1L4esm0X@zLa|Q4==4eoO1>zlm%1~O*KxJuj?pts zr`wiBW8cIBm=!4Aa2)#?V}bJ=xK_B#0GXnMOpS7m*1JRj8oIfoug}$Ekg?z##NzNY zy^ufX`AmVCbEDO0La@(0qdEJ+{S!z&&-cgPiDYN#`6pp$;n%N%H0m3(=Tvep`z~6HNMEm>?aTtLb;K7WnxOP zIynS~kz)-8?a=YGubQ0gW*#o$4rA`VEz|lp7Er7B`L(?oC{WQd96;>#siHxi5WM{O zH88K^Dq<5ed;*T+LdKwhvjABIIkZPU};dUn1P;BfIie0^{byrApZ zO|Nn9Ef<)4a!|Pz$#qP15sllU?18Y}MnkX%x5o`5p*k-Jfg6#)x{D-Y+HxsaXUsJ)JUCSU!lGZmE9ILHSd}d1?hN6uG$ZLjGTEC*JlP5dzL;UR|bxGwj9dKPure^eU8uYY6iGJ8z{3z$;~fz z`$Ug%SQ1QN=wG;9CxJj^W3#!qo@<X`)K?FYB)4NA0GMgVxdCP5H@W= znGh&Rw5e7pf#9rF0>B}6UYw0dF!KC<{i=ZT^w#^6@*{wDbZ7CkiT5Y8Mt6N*->h19 z9U1{p-Kofyi&i!Os>r+GJ)kh6iPS|t?g*d@0E?a4jzbIb4#2l)vqCrlZe<{>v}-1? zA&D3{1(wr*vo$B*3G7=ZneOh+1N>4bQsXy#9Fq^NxJKsEAD-dh52-y+0=emTk(UxF@eKc71IsECnazQV2Y3INdf8K)bk{w0?1+i zp~rZO$etUE3X#~g!mwPJNSYtHBH@`cVzoWjg>SjKxoyxVu#Q#^aOfI}&K@l~YNYv5 z#msaU*=}BC9-eeC9(X!nir+Ih+4mj+#J_cKx*xGA!gkJ)wGqDnP`UT#j)b59G87ju z@$_2MMe6vRg=cw23`05mVr;gC9h~!HyS2BmfLq}_lZn`slMhZMz&5{tra7Ns8sGX# z6SR;>OpAjgK1aO)5ZsbQ0XYJM04zrr(JEA530oc}mHZ{)5W5?a$rKa;M5D{r2Zx6c z#%ObKv}d`-c2(PxD}_M?0IWU;&qwI&gWzbi+6bUyR&{_DyLI^tsjF)M9@%FOR`QgrL;#Jz2N&Ed2aA>ru;~2V|lKqlXZtfgF>Ty6FTcw@Ke) zKYxC?GRL939L?8fbL$cy{+bi{4#feeyepvuH}Nhy*qF8_wp`%)PJuo@h_s_X7%frEz(g5PW7&}plVhj@iT z@C7d|1qfab;yaf%JWw+*S`o}VtI=%{m-)^uz~HpxGr_K|uIwNc;DTaedHtLWZ%3Dr zduHnKDis=vwl)n@?P?aO`*>eiUxYTY;}fCB6(H=PVj8EQwWF-`h<&ftGsMyG5={z<Yy?sDAw8Ib43|6dG{z4wt|YC4j77f7 zC7x>l$-RN?1l0!o78Sm~VITc4v)e*AHajq*laD%L*vIm1Fp7PtI*h4OkOXrT5z3~3 z7B%LAO%)}?1tGiI)R z^AkIcrLYb>cvpulGpyGQ#N1JcC_SD03K9x(rgZ>T2VWyuGTKZVr+ur&s`c z^WC1y%7x12J?SoFBg9;HL0Z2o31|8&95+1!$XO?sdQb3)jE8~aCPvtWJU8bZC3eq> zz5$!+0oBFV7EtPCMS$;-yEt)Km&Y5`vDs-WR4C$o-;soy-irl?(o2f`_ySqWpM~pn zk-=F`JK~d~j<5?KL?zkADJwl+kB~^#rURa9MOc3SJ$HCvjcjM!O{ZB&304#;f1a8P`b3X#T z>B_>0vUy~0sd_{=hcZ|n#0cLF2A+A@ z!yNOUXkPjnIn{WJm*6bqoxR0~O7R|KRgG~dDwFYW8yOUd&CYQf;@le_>BAXGKiJm{ zq>jCDR?J5QB{OfTzQ~S1a7slha-4K0O7MrL^Uhze(s0kvZ;%UqP+fqQAJIIA zFx76;f~+;rMRa^$9+bZlgfFB!bS&fFqR7%r>M`R=yC1^?VW2lQvz&NrzZrYQW~<+w z&l$3mD@^e(c3E+6JGOqawOn{O^u~I`Z9m(zn|k7D%?}_`zU1;7OzQR7GM8ebMofkQ z17aJYFg&6!N&a2ip(q$uVRdr{cNj)&g*3L3!zpY{2V_;YOp`tf9bN9#a`{jN!2KrY z9G*8{m2Lrb0M4ONVq1#`7p#8c;<4q z%_`pDPL-YX$Fmy5S!-9~CYYUaX3I+BrK;rD85ezV|K2lgibKLcpXBw+w@Z6F>y zPc()GT35l`3ygci#bWhhBlCUtxGQu?z0|sJu-GK~JJ@Q?J>Lhk}>z%nHx}pQ;%zC2o?Q!Zer&5Qy_9_~HJ} zxnj0+2+LUgpfKyIQ_aNPMgPDmu$QPmIk~d=fi@x|1~WpvJ*h-jd%X#d9c)WrCu3C3 zbg1eabn?`bE=2eB{TcTCO0pQvn!<~*2k(a}w&pXV`7ckxFPQ*u79S*8zH8j|jHQ1a z<01;-mY2!r3|ovxirm%8q(I3twu;a6EH??mD(@d)z;tC_*kslvx7*lezQ|ab@Sp+_ zLdwJK93uYdQPe|PKwwf;lw2L1S|S%6wPVte3gf=mY91TPG1oTaV6`&G2yHjB#1R); z_jtd~-PJYhJ(DF;fEwj&M7^>KiST?+Ld0(Tb$oWHRHBlmnafjP| zqNo`vjYFX=pi&AFKOmmmJtTLi4;t0nL!l<` zUb+m;ct7jh7J$<>#lcGhI2(&s3YjL)?ei2(@8+#NZn!4XFTH)DA0)IlfFHd z*h0}=E`PZ;ClGQZ9xord{iUDx!l9!wxu#T37{u~ zQNeP(#cl@A2Sr|Ff|TX-z9A!`Ce3Rd*>{Uou2bJ)a!D(|{*y;aLFS3BvVsZ4yDymiewVC^h7b zIob$dZ;8W1a;AUO$}Dm@7w`AR=VTY@4P9Sfe^yb_?PKoU^8-__ko;0(J9QSMFbeL+ z_BJUX0qCUeg;^ZjFvY>J3n$dU$2TU$)Vn}Q1d8@)mrhO@ru7s&K4frPT}#c0Y&Th_ z-~CE#XFS$xGRemLZ;GB!8DIy1asI$4m!yJ9AV|VGqgZo4_ORo?ZIp0*@}N*KqL~iA zJrTag`15_akO7Qs{qvziSfqFLIhRz zyqr7d4{;Scbl#t{Yt;ee%R&z!XNbwJU^q_ihH==z=r8(x8@+DSv7>mnw_$6Ec~UQi z$A)EUpap=-@}I7=^!6#=K3PYqiC*)Mbvp`?pmLsSSOaa?Q5Kc^2?ZsvXZ=V>NYjlV zx@H;N-P<$W$$RhoJ>R>h+N_9lcf=8LRJdPYQWvtjdyU>=5=u$SyC>4n5YoH-WnE^W z(|TKZFyI1mx1uKqQh_#B2Heri=cKO2ooZei%a`4?>%|e`1ytTY2q{9KA;uZBR!y-R z(T`?8nz0&hfLhTZVAk4m5P&)D=qKO#WP{#)}o>ppBn(Y;r7_zmkUy*9Bs7<$A>bvO4w#Tue+7N&$AIKBOp`mD%C;c2YnmPoc*X?~XU1GzUozP`bE#<4Zw zN5#8A(SejCUGbiW8_UEVT{8-`UvzZb8Xs9AHfN3Gi3bTBWes2bfi|jq_YDe?#2QD; ztj(K$R-`s%mV{hG1A>yX^S>>ZHz2VNLkfCPfVBMw->XxAtST!BCcdx@kyHvGEna!F~iS zn0s2{h8#OPJH`hj&swTSOZ9EEdQ!7bi>O0GFYJ|~jJ_`ZZl@Evi~(>ftB*Jp_`?AHCz)1_fbFhwa!@-H|8{Du!x5A&2V3K) zj8q(%4!+9|pd_I~du#o%A9NYrdBgJKzIg$4Lu?aDss=7~y|@XiG!f-{i{6(F|9NnG zvpdsGfnl_4%+*{qmwJgWIt9vb1zP?9fvR5ggAkcNcQKk4G&&KIGY>TOiD{Hlg=WtD z3_ZU5#J8EAw1}GD_L|X|T&|R4I{GTkpdA^1-a7z@^Fo9Vov^7V>D6FR zK^VBw;OudkK$Qn;17Iv8ONK&AM|#6Id_0p6Ds;`$#(0>C-!`tUPX;jDC|bBzvAYj2 z2zHGxN$+QSz5hd_QT*BNpb17{8G>YLk^Uj8^sZ~9w#!0w!O`LVX77A)$!h)U@oP)N z!SVUqe2G&inTw)8`&+Q`{He-MHxEQQ_|T|Iuc+p?zX=WhQ+yRj`9>rEl&HLdI*qPL zrEecj25Lo?8w?@c1fwC^c!-`O&b}w!Q;+Z){C%J3Yhc0w1S41)sgO9{-mBa*Zl1x- zc`8Im^@vdzz8wFqxt=l4=~TAkr%_tLtSD$^RG`idH1h{G;t+pVuY~4cV z0Nynemdh-x+pZIz?xim#434K-ul;0&LuR)b~*^sZ>aiQX93eC z3dKn^1igOxokBfGkOj=JXBf+HC`mFLe8ndnQCpMc?XjfpJW+Dn-cLy3l%oNf9t&6| zqn`t7a2abs3)&2i_lpixN5p}H90&Xg&{mH)oe89z)$@Yq{01NsD?F{TSMXoO{&vU+zrjD!V8 z|EKsrxd>Lxpxr>x4ghg3qEAtMeWXKvOe$I8zxVQwZtANvkd__19K}92+0iT=_a-8F zxQfsJDvOi?Wpz?NrZug=zIK814A;Sgo#7ya#Si!1^bEuY;%F;+-Miv?FlzzrE17CxXYpdgk7Cs*ZZi z_e$7kR^Rc8OlWQp!cR7+D@U-ruaN`72Aj7(7;wc)GGHgPOcQnVev*0KFgjTjpm7Zd&j4oei34jPGss~2!^40_^q=2(qeXve z?}SNfgxJ!9Rwt1wWVIRR_du2d=-T;#YTp|~&sBQDg(sy@I^J7WgO@0a=GQ(7X_g8d!3~FK(r@ZNjh=pA6 zOi1Xp^liVVblJs#XS|p^5-&@4KNMmZX*t$#6R$UP9J3V zR-AR8dtGz;6&odsXGE*Bk@mLTNZ<3I{UgTQm8PArm6wjDQzI-U^3nq<^%syat_eN) z=Ntm!pC6bB&fSi9KkF3spa1dipPqb^bZvFJ@8G6S?WGS@$L8L6A-kc{r{;tF4@->RfN3mR|8qSELo#*($ui9^n0JJ+Qz!;xT7% zNKKuvVP%4h`v%iQOzm!OfmW>-HoOPwrXeC4zL5BG>o0P_S;tS35_toA=Bwx9;fF|9xcCa_CT3bvJ zsWF&XoRqntX(xbhSFFU6TEmIgp6-iu*^WHVRN<7Jk-=0QkHhU;7}fD|T#_t(Ko14X zx{(yy<1mcuW!HUf>(-pk4}S{QuN`70LU_uWlwfiHf1@ArrDt`LB8H^y&Tf1=-}d@@ zzYOL^ESP0ZzDt^ht@%FOUT{K(sQ80&f}V}Bt^!AUE43IMS_1B)NP` z?;PtFw28xNzrJP3r}RC&-GF@g!rsPy>%S2{kgdze#GxUz&^bGX>wUqxr( zu^ORTT0Zq!G=?{cvt7_ct~HW#?)B(4)+xUTIia$f4-x9rPQ9VVak&w6ztK#F|Ay&0 zW<%^mnmM(O9A=?WJ3;ZTv=lrp_k4_r5lj;nRPeu&Z$m+MB~6MJx3jCO10VgnDs705 zWQQh}Utg(Wg#nSgB}fKq2BHn)oxWCQr}Vu_`8IBn@|S<{(t?8 zuztc2uL&1d_r;a7hqmH}5Yoy_o{}AwSQi`KN-jse^|HyY;d}ul+?#F)3(2OC-6OsJ zi;Mox4?^51fW){ehvNyebA*FRsq*PN*}nH*s&!FbUaAu%KfRa$8$pj%e}aJi>8U#S zi{#Jn05h;BoP*28r}y~%y38erHSR6s`4*BbdGw~seuF#yXaQuQ`IjY5@5<~9o|p8{ z(g^NLUMdFqUe=c=5bk3B&5%jdtE*iLlfC7E*V znN!VoHK8}nA}dDK=Kc1bqJ76|IV@YVq1FgGm=5|#Jc2wvK zS1(YV(uRQ0lb+!UXaz0u=%HXk!$ zks()r6OX;y|C1)=FXkX1J;xI9)tZC$ROJ48T~Q72mPImk2mkkDe(Wo@M0{%M!#hiT zMqMQqp?@vn7X?J+!D?<6w~3tc$SLi9^VP3!n7<-!UHP;z(}8{E(+h9K@p%mu z*d7CeFwgY+3sG!IoH@6S%P=EaZeok+t~g409PwEjEC!!E_EPqf@Yc`HME-CWp)U>A zkQMWC6Yl=}$HIcE>yEyLf2(y7q{H*=?CHTB85xnI#*x?_?Fc)ZHrG`|spc}Y;vR4E| zVCNF7*-_!{9IOBch^hdI*)IWxL!?t`QPX*jGD}$sQSL?{8mMb%B!NFG_XURbBMgEP zSq<&F_3iU@s^>gs2@`rKG9}O3-=!8G6o#-@^HmIPqFzyh-JTDtt%X zFH|>O6|&Syi!HYlX|d;Qd2Yl60MGPNChJXb=VqCB)x}rTc;vfUgIx-XHcKMD+ zt+$*zv(ln86;NBddwXHunu5rq+CnE-#qSxdR36w{Hk_s*t*Aw?TBg3W*LA$d&G z&A8wOQiiwSo=H@nK}O~}YQysE@^V1z9S0K{U;I|T$uM@Q3%-*S8V>>Q1#zOYu+_cAZ*ZwGU7 z3JTcZ&`)2$G&OlrSV42uV&-j>lqd3}F9ej@^r^q%GbO1nr+-MG8bJYHW7JupA~#=3 z&B;G?F8(I@-y#5u5wg6OqDminhqbBN&PDQIyj^K+hi&0TNb_A05dqe6AL~*F;v0~2 zhCyv>C;ITA*v1Bq-rR>5x3)uk^#+5*lhdTMw6qKg2jo>LWA6Jl`+1!&ya0(N0S8bg za!Fh)@ae1t)LwUB9m3x%4WDP4MdG_-d)g$cB;qz`~dtKbS=euk#?<_9`!p;W@l0`@{e&5Y_Y3tnG`%n+iN$Q@b9t#i8V501-&t!n9pKm)K zE2VTK4%@?aKfn#23|NzSLnJ~h@K2r^jtra_?61K~Z{SjjiQyXcB=McU_xSIXon8mD zkh4DP($Z4C)B3criOH)>OK0X-twNf|yUm}bXbB-A)KR0_+7*kbh`F@JDUgN5IM_mJ z0gy5=C55tJASwYtjLb|CL(10DI#IAx=6s;ND7SWp_~CBj7H~V)-2UA6Q-b}As8$%B zqv28svM>FKxkPPjY+R>2-iAxre9O!r4{FMX%%msFO<8JN5it#{kaYi2?IL=xp?cty zH#s#mHJ|2pU32%6<&%egcptDJ$QN&>#_@e4o~qyQJvl!u-<{9AQ~Q((e^W~LAE0K> z*L|mk`xbv+Q}+?`o*rvc$VUTC%h9V~+VmRPSUDB6*WZ;m06WcO>ZSsac0^rlTI=$y zM_WaXT}Ul@V0?Y&=g%0pxVS*XDT8R1?kT3UUg>=dZTEOQV8fcLe=q5jKzX%K;{8?t zC=~vG|0!FZ=aFyTj?l{|XlrZBHyw;Zo7Z5ZlbO`wtEd$}3U^H3dIqZCd*AtSQ=`u|ZCJ<)_CHqkgIA~MWa;t9%cCMA^|ZQDc4ji&aT@e^!2V8E($ImJpbimd)_8~{UGe&8 z`NX?$UNcd4PEJvQxIj%t{5jhS+sczW3UQ;pYzm%CR|BY2I8PP550v(|thT%VonF_# zm=%70{^amhaQZr=x2=~zv@+R|6*xcNg!$pTq1DsSdq6^}5q%nr%|{5uNIA(FoqFUT zmg`ED3G@NB)2J{xUWzv4&JP{ZEFmP7k`>UR2QlEk7QjpkB{n`-$irLre^ARapZfJj zgSVBHmAt*#8u)<%yLzsNdvPL+I=JPU?(~cUkXWN%G-RjO(Ah@GANqaPvLjkpdm&M1Fd9tP^kN?~XvhS#rAD&RF5yn(a3z+_`X zzT250`QO**79jz3XDMs6G+4a$DWk`F^YXT+fDTE7W`i+P$4P+4jO=+w<)N)@5o|%* z&X!(-k7~Ljj!a2ONls3#6Cd~v^3THGXP(^lzc`haU}2L>cbEPbr*ix?WZ5e1mwbR? zhV|9#7dq~FNy{lIxZIm`I*Gnvp+ZB;q2Yq1jLKD};;k{fT=NSHV ze8T_zb$796=S>510=67ye6T0;xC;~W^I2%=g2vX%f%XWIkY>l)rvSJ0WW~S; zqIo7S516aUV1Wr zBs{vqwSRcAe=`sG`K#+d1X$V!82=XnYTp5=0IIj~t?eE2e z-K!`?#Y;Xf_U0YCoEq=y>+5&-^@#!f_J~shwfUWVx^$~%qRa$96V59C`m)T&J}m;{_T6nn--;j7!h?8h>b3($7g2p zSMUr@@`uF`*i5&+8Yp}y2BhHIWA57#w-<;`RKyFQ-i*?2`k#pDzllW$h-KX|+75TM z|G{nUG_Mg2K{T7CQ!7B~dQe_A4ckvFFqMDDrX~vAnK=N_$7|WxatIecu9`hS>xWqO z^z;C+#Eg)lluz%zHJF_Zz2$!~2(VaSLi>5K>Ha4ZdfW3RWzaB4S>!u!&X;X2>wFAc zabwM(l796v9~)1#{}y=#T7#o?eJ^JBt8flC38@H8Tp9i`_Qdsoj|SB)E_+@nAfxz- zu>Z1y9+ra*7Nz^4Rg8S_+nSB?@C3o(|q4`)sYodG}@49LWN#c4vt?cqj+Wi z45qw|3}PpQjvqP+zUuz9H&aYt+fB^Od;!uNR?Ia@R_kb?uh=6++Sw+ZlkSJ)&!*>K zCYGgLOM&V&A+YW-U2o|dQ#mv_8CPuq=63N~^6<6`*okZIeq{>%zIf2^&*Sq=iWmn}9s&7Y-@Y;V&k&c>R)2X2t1UYC42PrJd)vj>U|%N9bdW$8?*OpzdsAmEb_9H zAjoxBNtRE)?Z0ApLI-9H5QlpjJDrgO-2sZ;`XxVN+ z$o}He0b5vuWzH?~qcys*K(RPgwybt0jvddZtm`xP0|SrN41wmgr=^VjgwUgeYu%9i z@Z6$) zMiT=)Q4_qS0vOU!4#BYt{yC7+5Y-FOEDp+;Xy%F`S>WVsEVZavd19vX`4<1to?BQ0 zASfE~!;fO4+pry&w4iU)ieu5rA$Fh|#!Q@(6g#Jsue657MEic6AMeUg-*m9bRnlDU zeO#8p8qN~-6+ckQW2xDm3;}GeL^P8f7LC`HBIV;zxwqxkYuCix*eK`S5#Vvq+~yXy zLKf^)k3`kL;yVMIK)Rf7RNvd5U&v5VQ85{JydL_6SNzd*0h$cs;UlvZzf=`VzXeN| zw4y5@qwx%Xr$0`c)VnQbg?RSW4ClvG0T1E1+T(-jFxcDrhsX0Pv07wtdmsG0*-fy5 z=PXuUj#VG1+>Xe|$oMq%7o3aKaac4_g{q{ zcw=Q){k+tLATzQvJ7eLaS@XF68SC)^SG%u506*X8x{A(j@uwEgCqeO2Uu>F;x;l%T zT(Znf1G)luZ>01pH}>V$@>*0ctkv|rrEVrW-V(`o9tka*`T9@~ob+KmZ!PvQsKfka z?f!(cTL*<_h+y@1j?RG|5<$1sIb-t`YX9<_^m3+81s<}LLE??x?%Qu6bLhILQ={NB ze0A12J-!trwgR@RmWFq>%{*`%1UGEwHYGcFuQOJz27~9MPDb<)lcO}!^XuJr-M_fq zc)3(i(|LL)X{IsmU`u3eJ+%+!76_G?IjooI!hrQU$|~yk2FAU*Xx(Iq*>+pZa0}fW zrPJ0L)WCwxRd1m;YwpcsPs}#hNUrBN+q*p)C}FFpKwB$b8OH5O>HauYbKKTB{6*bo z_~uxY0U1-)5SGqiZ_MQU*z-0Fg3F#aXM=}bbj*4!{WEiGD>piEa|Ow-M6GA`OMM@( zD-}?!xadrAI|A~4I}E8{ivxv82?^Ih-Ui9=0_vO-q{nU<05v9@vVH^p_H8JDB4wN` zDSYYv`x=5cge2VHU5N8ILUtXGsdAU`A7KTHOUf&Fo?-zKDRuUyN!AK=U<#B19vJ<@BX$Ifmh(VCptaXWQU`dz&-Yuh?|+BB|jHK|AouZ?cEqfM^V>{QFYrf^!e zJX&m%i|Bxf9q+0<2!BLLGVq9Ukhel&WeEsOBXL-x8WkB~+`+-+wFBQM^olLW4lGbM z6g2o-4~S5S(MYY&nI#oxvrV^W_~#dhEA-6O7LQ#QWf%kJGknfrQq&3xtfps5){0$tym`UUecPW3%3x?I zDS?y_E))SDmuQ_hL%L-krT#*)x9sF!r%Ljd+RQ73@-U8q(ftAB3oms zns>q@8Z$3E6|r2V;-%6>O1;wUj%n1)VOJE)7wU1GjJH5kp?+!}7nSYk;*L6DwF^Po z-oYdjF0ICxWgDU6y#7mr95I+@tf(R7bMJW;NHo8O-68;PK|HE$o`jeCa zx?yj%IR{W9LdOM|UfFtmR^r!BbCTRjk!FV_Z5 zEMDQ%ht{>MR+ck`-Q4TXv-I4VG>k#jrWM=G95J= zv8}S2-=$0Cq$QnXZ!MyeK4goSi1b9Ba)!0BC8r+gi)Y0txS6R`GVLSkEpw$p?~Hz) z{A%8FSU7jR>QzD#qo_J@ZN#y}R#R90afg%6OP>^=5Z685b9<+*&mQLy&-akur>5+* z9`(u}cj0ipJCR_}la{YJFo5tf%kA=!`X~DWSUU&MYrAyKaz`ewMjFusMAo1(1SAoT z6QQG_=e*`qfjt9*UV}hjM!bp>J4^rK?T!Cn6mMqS=a?w$YqsdHaPI?lp$7kb@lDa{ zfoe79hSL^9b_@{es9Tj-Xe#H^jjJ!3sI3Jn^nFx{Aat4a?sdzQ?mWonVlEe}tE5`+ z+S-x=ZcgsXo@!sH&K`HH;sQDrSu_?}Oj9yT)~{6{8}ny%mv#AEp*%afR5ZUnHLpqS zd7$x%vCxO-WftL@`MEPn06UYpkwsH?-qesHJ%>Fjd(_KiX?R|{b}2cgn7S@fiev5b zw4Q$yM;w)ntzpsnN<{t@d2+DHk6FGAOcb8;rx0?8*p7GtkDZJ1Scxqo^?gXfZOud+ zho^b=8{D}NwA})k34n+H2nCTV0pWoQ{|NH$4)%^CkS8Gw_y_#X~b?cm)5TC2*&Hs|nM?n|1t{LEHD`sUASLM_1o{zS#;664&*` z%X1A~Z}`_H*5}6Yec!h;* znoTX%wRhVDapdx?eaU8ZEA4Npq;{S$UUkEpbn5gz$5x+tdF;18uL;@H7 zBNEtjE;qaO%A#}6sYZu&zbhfyJb;~CZvWCMXY^N#VlrqV2-X^JI#z5 z=KH14#y-uVRWiT()rmTv>4tTt=$mox)uFF35iYZ`y~F#`MuqF)l&UxfB680-Tb7eq zG+POKB0<$qrmwd;smp@bzCQm50b-@z+w~V(LsQ?0K};p&vR-7PK`Kru#J~3G)Vj)& zfa@39w9xfw+1_!^Fm9`>D__BgONHE+esdv6SDd?IH!zl(WvSrgg9w2Z9wn9#C}ZWw zzU+US?&ZnMA}F|4FYLsu(e>K2Yqj(B3A|HuAC}Dx*B6(-!aD2I7W41A14k2nQGcaw z#M}G4Wq%n`A%ooUo!n5+H#CA9`i7O6hJO0ZB`U0jZyWj+A|>?7rPynazsnO;Y96B? z?ON$YnP!2hSXfT&AvO&Yd{(b?V0o7hVKsH}bkyZI1&a|`YHxjTwk5cpTfA-9*Y{F) zUmrQo>KU^lOv6V$5Fv^1!Y`p1Of5;o@%a?TETS8iFS1SRwFbOBtGU)s39u4LZ4K*& zs>!8k8IR|QEoJi)ju}M8=Plar^WM22;y5+U;}^vN^0mS9@1)+0udnt!q4%hmi=WxwnuXyw;fFLnjBwS-)g{X#74Zp4PYyXw4G*rx483+Sl!Bb%UfT7#^);7br-(2*_8^Ei zImYcj#eW=lFDu01AK`fI%z4K-p?arJzO7~c{eqv9*EA?8P351Bx!M$1t3X~ko5(Ld zAps&6*2n=wydpIrL$RtgMTp%Q+V6{GWBxvlBUIlcppgRjJ_blO#^2xHz{tpr)e*yx zW-&7UPN~`B-7dtBd>#-%De;odHI`QCh-B_~%Wh2gEQWQv(q<+|)YXx8X8ny07 z>l%8{+D@fEj&L0JzAl?&+A(LWxO-nU?V+N+S9X*76ZWPn-@-M^T8k`|hPrho0*d?nz?0Hm zqVTa=`;=1Ix710+Bxt$PFpa5A732c{b|i$=^|Rwpu?q#i&BUHYNChpF_6iiwnB3u- zXro-8?atS({*qu@NnY2*z?go!$7A7BKC7zlIGaHeziN}lasNnp*N-^_6yAn z8K2aA=AKkPYMse z>Zu>M{}#XSk;hr!roUHKH@oQ-Ar}7mSAjg{8c5v{GHuaOQGn^V`_ji{h2?vOg#bd6 z3!m(sZx+*^Ue}{bP&KdMj+B_Zgp+zwiJqpNHk3_99e%;DUcD1->>p#zeeR}~^`%H})!(T1Ob`hcoUMe|1eOnL9&lnp4x_+l^5chJMXRVL|auw>7CxDR2Mqo0)D5SWrcqQL{z zcde|-hno{IE%{32Ve`Vrntfw0T{4nNX^(<0u~F@u^RA{a@qXZ1b?JLv`6IihMF+cO z-;+~bPmltx9DPXb-fE9ZR)0b8!f)aOh(L_6^BQ*d@S6{$8j5JJ|8cYLc=QI%o@!bf z_?M)f&rP*fzHicVLXhzJb>EX=RWb(TAxQ1kfZ&Yq;=7!0N!kd>m!%^9(lJ}C(za;b zAxk;+=4UQHERENnN{AVuF&7t?(}kdGOvio}oS|6di@R8LlNUjODzvt3WyRVWkvxnD z7-zb_HtkmFqlK9ObMNo9EcRmOeNYN2u{{>3!E-)VHbkwX$KRA+TXMSYf_dhTB1pDo z_L<|yk86#0J}}9IcSZ=hRI*&GR%qNhMPbkogRr&?Mw;0u5>IQJd^P_Ik|R) z2bsLOIwgd-K*7UmUhx|oN3&OAIcQ?hIN+{VhJ0T%?&$-WHjf$}}#wQi#B#N~j8`m!fhP#U3J}EsD6fA&v%+$is^#tVi1plXIIqF*bK*3s)(mOE5C3#8{6ZRo$a9 zk)}41HO8+z-8FLA`s>2TIrVCu0OID=t5;8e$M#m|Y;Y6G1)Sui=r3egkCKp78qTtz ziHB!Ps^#$D(9r3fx{&JZD<{$PcrKgdYVN%L;@v>vDc?j=&XEj4$`9nh%|JC@51w$(_?1|1sNZkxU7a{=b_g_!?R$XFx&eZ+gjk!&; zot>*%H^JV-u$de zamI#mqbOFwNI;awA01uD<$orWOutCWx+e5ICvfa_x2iAGi%^G%36#3?9Y0lq1{QQ= z#V(nVp&?dXyD# zE&Mq0HD3XmsW8r9u!>!bHq*8AfgC`+JpNnAonHoDfjw8myQ`M%-DqE0PTGjf}2GGzAy?;by zgOK#-i#GaqGZ@%|BrN_O+814vMc-c&bTl(FbGb~1BS^|{XZ$szKt(NORkV z&yQf23G^zQwmmhs zsYPdfxTko;4U(T&=U_VIVID70X{1Pe%y_rl=OHI%MmJq+>Pr`K`dSuazr6k>U6mdRHOhV=3eE|W*GPcz6z*I zx2mo@q;c;b%oA(x0TsA37Ay6hAiaA#u>WlnWw+z461MR(fu9`(ej;e7yn&uHPUk!8 z!?s4Xv6o{w;FcV3sgx+{X#2kqncl@DH#qE3SLX$d1!adVM=*Zc{7-L zL=6SdfrC&Q>Ju9F4Bi;kke zkfvPJziVSHCM(N+JXY3Ao21@tF`Zr%B;hnIr`^<-tC#6>p?zsc2C)Z6KaJdShvo1R zAyq;7X}D(x+v5D(p&KYS)X!=w(SpYwq*e0a#TP`+hlYpU5FP=jLsVg*V7PiGg|}cM z5o=QSjT@Fs=?o@MCB8SMc(@iSBS`0p6qGE{zK4uN^JV$=d%I&|sJI=B&Zr>1agtYc zb#)-O=?wttWD-4#zkE_7w=29iJIEujrcF?d87h_~ul7NBv2Xi-;cJXoq`xvYdIy$)>_(9Am7Z`q^;@W?q^rV z_E28pqa4b}saaTl)OHw>|0m_n%v~aKmxuTyF75-*rP7%yc9*#(W!`LVdZp`ree56z z=M65?yH)|Fu4q}VrH>M!JZUlBNcO0Qv6&{>!;8PQQ+W3t=p@5_Hd2?tqu66N%8k{R z{Np!l$_RE$t*V~Z`L&I5EEsKTV68kGP?dluYk=MWT?Z?&EDAN0R7Lg!>}Nsm21j-2yx}qeiTq;| z|N4ZK82qI4`EGK531|8fL9{IC&?#bIYU(*RH}^4YMg7PNiSZsA-||^8qer?gc7+k* z^{#x@X1{6}McXpjZy6v>pcF#kj4nLIRu$pPCUwLIvG#zCc$JdEvTAe0d#KRi6h~G4 zm$1T#&zfmuh$V{b0uQBntSkw~jD=l@3q>k8u@!+KY-7exw^62dEuVR$J?C8mj*9<9 z&ccQu5F^x{{bERuq?m)!{LM#$^ZD0vO$t`;W0qD6VA72r%KQ?&YbmrM78yt#@o(p+ z@LkEBPyaHob~vbq?SScqFhkuq5NF+3>Kt&7t99SpMsgjS?EfYmY$kXTr1ZIS2jA1W z$n-&{(|m-(y2FIcBhy>E!rAb8ml`l>w>s+%w@-{NRZYfP`g^{M3V9jv6APe5A4G~* z$R5~pS?Y)f(DVW4vbfHiv%VH%`-WlLe+`1~NUiW+t+$(0B6^YrNJ=HsK(!T5paMuk zORv(@V-d8vo??k6?6KCY);yC}!n4D4QZ?0eU?(a89} zD1@Nl!(|$A^tx;oq>6%)o)bar#mf86NTON0ZCy-^4ar+FTU!+?^EGUyUf12ajaP{0 zP^t53g9D(F`=knYB^T1b__`I-LmlM*OIW`j>QR|bpW|99ljnswla`A<`H5P*?K@w} z_xSIhF3RJR05fAW>cLT0o}`DZ_Q*6jZ-p5k8So7cnN^^i9iyvE(O>tQHGs$Im63`#On!-LBrctiZWa( z&5#fgc=P$^iXR*W?>sc(*YJYP55DQRhoIUcbvlE5Yi}g*!w*+3JfE^YlyIWib~OmF z5G!ONe6fH3dL5FwOp2WUN#H+TSAe`O`)DTh7GJk=6+G>(+w%zkC8m(r7|5V}lAe=S z%>0Lpl+u96?0@wLy8=hQA%PJP%cnB7NKmjAk%pZqIjeu`YjyYgi)aO7pG@&TFf?-G z;Oc&LzTdJHcp{uB+L=ILWoF6tTh(k@a!e+*taua1hlF^oCx)bcymgxDCt%y-B_!!C z8-?Hq2CAVuJ+@1x#vVKMH%lg*7<7D)1P5alXKT}(jU~@zXNaomD_wdSm2i@L^Ei_S zf#p9z*67a&LkX##!l9%V2ti3v4;YYaKKXyW`zI^&(xU6tob-nZk*PN)3Mc4(a7M}H zz0fXgY_3Vx{qQ$;ow|xH5XbHbJnX>Au)AC$-U?xt_!p54>R!>pS+0t_%w{S28YH=TQ%C3`j zY~P}g98^I8PIsu_2bDeUL9bnI|J-wV;EV01|BSuawEF*_@q&%;;=^Hzpr(J!H()yn zxy(~wj{aghP#|biO0xwMo@*}OE|9U)@Pf8*YUXnK0_MMkL5kj*1;Nd!B92x_9 zBO$egeT2ooU&w}rhtq%i+{w4GT2fJn+2zZ4xUjGN|JA1fFGD{-7}WX)X-}O6UHGxD zA3F{h?TWZx4KiKMI8@gkvmXQU3G`1&e2uv)J?8}=oSvk!39WsJ@o5YwlYcB7LBo;t zgXcW{LToo<$gfcJ(|Vd^?=40D)}DKYu+d(r18m#DUMRBW4#U~ck3dM+V z&5KMoe(1k9r)i|!0IXl^x1&WCI z1wOI99s=Jg|D-$|PrF%*ho{?h5C;eSDOY}hB^mR2m8a^955FHde#1)RdOO|0 zF5UNS!;PzwQkQ;21SoF&zp8XZu1n*1>T9#@XpRx?H`s@8{d=LJ47V{kB-&=RK8j8- zE&5ai1xM7Nee(~`<*CE=TO7GO*{5*O$AB0HmTpxGM&j>`E#%>+vRm_1)@Xe?T$J!e zk|O85e_C_gazNxGxIqg!613D_AnME58~bC~kENNK z%*L8#{s(H|iIN*tKANEQ)3t&XB`A0Y~r0zsNf!bF+_}Q~Pa3 z5PPbg#0~wC)_n2NjONHTXLrw!H_Rc=i5#C?FdpYXQ`s0s)AdnB>?=lAZ~1)lqawTK znWguu<5C9#hY1;d86Mo;N);J-jgH8tQag98mA`l}58AoLn1l^b6KyVWFVZgbhL73z zN`B`f)Fd$R>7Mps5A0;#tBQ)0x>a94ghMm_`K#Ar=+>SvN|&YOCgrp!?aR8lx|8MI zSzgJ)f|1$}3w~r=i9GMI1x1m?h+#kZNCHrOM4#m{u@+nZ&6H?bseW{^bS-1qi+t0g zs^%xJ(MP{>+W@4X@rVfN74C^x>R?wxjHf{h(Q%p8ZYk|ZBexfix=xjdM|kOKlJc{5 zv-j22eG9Ckgyb`0LG5o7eqdmBo`S1|Z;E~WnJf8Y#d2?fsjk>A+}N6n6v?~O%xU!N z!c7@z#bEMtkv1MeH@!|r%&$J@~DIEw%O5+e?LpM!fZ(WD56C2yx4q!B%*l|gwcgPp_ z2x`^5JFLp08af6z!!Kefx3F)85fAuAlu2-vWDCv-YJ_s1$`4u5oDIu9PT?@YOUvNU{uhdVr{Y2X z!yLX6Dw$B@6@zmv=e>@g{x)xA;|-|O1O$GkAD$k;K96bh@z9(__kV-weatQ&?b}b{ z+0lF}c3IPRWXq;!U?6KMwsEvuukY7k4IzB@5_RNc`V>R_S!H_Pw?=SN%o#8RZn{28 zSQoJkeU*riQNc~275mth&9o?C!mHiRffSgh;ue>`JnSzabHtyz{)tCB!aK%l_WXH` z`GgdU>KFN6kfjX1LRsFFvV1CKXJ?nRVz^cmy=)r+2UC6$4n~%8|m!qY?{u{M*|}hqLY|#BEOP-3i@Bh3v_kUrduA|$&Lsk&_P8O zM4imLem%xH+h*t^U7q#Wai|-|-zIy(LAFit{x)|_k zwTf)>W_I{xI#Bw13H*knoE)}tWOwsWN9Y@ynuy@YR;G+2bhl{f5XE!PFn0Hs7QO!C-eD(&dTtzY>3VR4(Nx-?8 zaIecq%UOh|-+-v7E2uyZcU&jzhIl>}^-4C_X|nle#^9V`?12L#&w=aW*WYC&eXpb# z%va7H96yg-Kzy8a534O5?k-@;6vQ3Bq5!KhtW$5rCjgS|-n93BWET~W7>DN)BgkYz z91HmM?VHEo;Vj5d%6}eyMg3-fXmF0x3UkAUHlkx+zp@+6n`#Yya*nBsa>4OLIX~bM zw>wF}KQsLQWg0Jw!#?<~v>+r~05&J;m9n~YucTwAP@uw58`zpOuB}xeTMLpm-USauezBl^KZfR~?D0zgp}QJZP=rJ1{E!2jnwgdPMIfC2VYC3s(K&C=kiCb3 zp)Y=?+Z&8SQB}aqr*oefV~3IB6TF1&<`Dd^Q$b!z$NY2z6;v#3&!bz|`Azytiy8)g z_HH-4b&+kSJ`IYd6Rh)_vq>9>axCP2r-^)(pPT`gZ}|Hv-n~Jw?9laL3wpjo_pfRl zyPRs!$2ZRc1=YaTx~YSTNRw4|`TZxqIR!V7Xt!$vbo|?=*hq)=Iri>)WKH!gj@mYf zNDsLnpF;cN45&z7ApG5_Z6-iW#hs8kc&_xr5B%3d|} z%~1J>+$?a?iSNcYbC+dRDW|baUc;I|FaIeabipx*#C#6S;dsC71#zpUBE$(w8 zg+t1#r8iqE6JM=Xx#a#l^-8a3Pg0PaxK?;=f-Mjn~M+b?3fx_OJDd6G1 zIRl>m`x1mH{&gVm2^#MRc!H?XJGkYDYP}hUuJ+VLaU)m-W@0g+A(XS?4KC+sy|D`0g%IueClzCeAE$d-B|UC6lGO zrW08M?FpDr%X)XGxps!EZtD=+xrzD;;cyornd6-FV%|b5ot5$tC`FJworl-u;mqWL zn;H5#5eV2OZuzmwFE2n{2vE44!tQ);{?!*T8dWrh=^kIh@pGCNb*bzJKQDAoxKQ(t zzIHmJ_L_|)fAnM5{!@pnRn#ME$^taKEbGqmm=z6qv)g|AbTDk{+bJ)P!>6p>s2$gr zDHD9h0)*j8^%Z`*vCLMj5YsHUCw2iN`=mM{A?Nc_uii56@X>c}u)L(#Ojquq7(m+$ z(b{(6h+h$Zhw;DsolVCwx>x6vT&y5)pL)N@tC~d;HNw@US@$q;k0%itcMQ8M=hYkH zWFr(G1ajzJF)5g=h@a4Onr*h7D4f?`U!8XcyjfEo(uXRnX-9XQ{J2*BSeE;R2fLE3 zo>C?U)J(<%&{r%^6jSfuAtfz+e83%iqL?`o0OQ6h#8s4_cPK>k>o-J+PS){Hl*NXa z9S1g-a$2oI1*xP9c`!scayUDz&Q6w6uhDRm^0Kw4niu-t4Ep*$pmMrim>Rl*+-1$* zNEr39sOKepGzM?gC^fx~k3Wk%OWkpnS<|)1X*qU(NQ6zV6HlyE*zxX!yqKC@2Pr-z z)Ir}Y(iX&S()L=hR~Ee4+4&P9k1`y4M}tCVyKQ>iC43oT=9azHtz7}re7$b|^JD4? z=F|e8;NH1Tb84R6JH}nWtL$s6E*h9F=LJoYikcu!j15oE({7iS2}j@gz=56ln@RE> zst$D9m(Z?9*w_xShBSyZEDNOA%3v%Sa=f5}enXdG_^V488B_Yrzwd(>iI+cIpVdsm zc=4Bg7N;Q754R9=oOC~>I_XWZSiVqE)qDA2j=*#cXG65ZJSqR&+BM~>w%t@uj8h9) zjupHy8TzPPpd;Zp9THa-;3aU!^VI0&LfWLSUDI{4JEKhARK;okeg9!RVbJF9&}0y4ax7Zy79Fl2;&en_J6WM9#Ach2ZXNv(k}8yTl{I7D;jkxq8gjts>C zp-=Z#G0VNn8noM4<035d&ZyzKPCBxQVvTOGZMtd9C4OAzlxGj(83y0e}IwtbP zgvJI3VuS1|2odhLl~);yaDD$vjx!4n5xl;5?V^y%KSc8gzKD%uA^kH$qf-=MHq_?+grIF&P!l8>2pSrAzn zuOL@IvnD$5U7bj)q;f|DS&~hPqj3^L?JYRpg*2A(6G6lDYvACvoVmP_zDFZ2}!7p2dMm=jCy7U?eldf2Ws)%PglG zCHtbig>IO_AQfKAy4(TL+P4oax~*DcdnO4PFM-*5$jhZqkGiP~X_RrCGhkkG!#Brw zW48jEP6|9c9VQry1j?~=5WE)4IzgTUro_HD;nj#H_VL2`qMZH?W4Kv$+yl6*_-i=r zb~bfpX3TtXKKrrQk1L_pOJs<|0X-#EizF|q9Hiu8@)8;zTv%!?&g#f-d1gP~?c$CA8Xmp-bFJ>Lg}do`Qt_WDTQ-+ zIheUl?N24!*Ew<~igJb%5;6TDYk_c&=j65yEa(k$)yXRxVIq}K_Y67xLXd@&He zWHfgm+~V(@1KExN%2ap1otVs3xAE+@?o2*5Uz^=^M0G#qap9HEhZG$S^ItXp`~J?! zWb=sQ?!;%^Se-3&DDHgwo890;q`%XfV~o?)FC{E`>;@{qjA5RX9s=HP6NbD^W{ZnK z1gH`)n4$I^L-A}utMk37&G`~fWseL_e-k+*1}XB89lCQ}#;G}NJ|*+F5-@J@1^?%18P5`Qo+A=Epl0r9~p; z5YtipGSqh)S{Bm!7C1XV(0AdRFQaw751YmA(ETJjN**Gc#d+n4Vi%K@;c8|j{(*YO ze$L56W)|~B6{cSS*@QR7?d8|T@ALD!HaJx&>s~9IWgY5O}8w{ z4vUu!#f5cj5UXIeMb+XXkBpabYA#<^yIx4tN?2t4M+n*#_|jWWqqTq&6{H%QaDf%y zrGWV!T}s$OOi1&z5-*6rPoiVF^QDbKgp^SJfnHi4*_3e3dI4tt*5>l_`Vq}W?-6Hy zoSL6|yZ|#d*qW+2te?2=o`lnSxd?_cf{bc?+BYI&s14L4Bqt9E&fI2l{Q6Ynpew?= z!4F^*Tz??%S3h6Xy4jx!LCt!IE^WGwKdz{FWIP|!VVvsDZ&oY_?#lqW*#fRxQ&oDC^XSRZ3AaN&V_3DM4Ty|c2xZ{x9=hDZO ztj=rc{#HC|<2DxW&t|7U5VPmiVtc&{m6G~mA}P0t^84k8E}lK<=LbKD^nEKmv<%d*}Kw`tzCM6$HX#HYHBT8R`4v$1|>e^Q78;;L8^1bNQBf_FK`sIJ~eQC z=`x-@k}sY!IZOLA6$0fcD~>wRd!Qg88-)|eh*AY-CF6Px+(n8b@$!?-5b8x8ey0;D zb>GKTE=cWh741L~I4GE5;}q8r^Ssl$4pC)PJNn-CrKRZ~PE3(nHId%VhBQPUtqdhn zHA@q99O>+JlXV$ZK%zKO;k8NLp_lBCI?e6KZ+vDSpk{9fL&Pf@#GQ~wQKS}3T~V`b zaH#~Iq|gtu6EiACBq_FV&EA8|Qp+TJENe1g5`zJk)8k7)fV#cJXu)({ycLGpMZkFl z6H#_7V4Xu~xxGHNDCCC@PU|gNj z`4KrL%ALidaK6Jh)5)1bj$UP^P20O%mNoaBm=^_^Cg0RMkT zY|G-$<0`rgIwDcK@D7Im*6iO;bdVM;wY!?u^e*kSSWd|Db4FNq45ist`7EqXn5m7? zg0meAZpCun-1=%SDevu)E(58F|wz|cE2$Bdgp@Qql&+C!8 z0q=a5tE^rS^wNPZ-3IP}-T4*z++)QX85?*>8U;8Ej5$Wm@L? zK7C*7!2#|k+`W#|jG)$3c+7hW0)<_inMQTLI{Q2ghB>1)IrU#y zoWK2DGuV>Mv@}0aTro|juUud&v7budRcUPPPMA%h!0p=IVd67O?KC4_{Xr!10}|OR z;fF<_CigkA>EG&NcfNY=9JeS~36Bn^5K=zd+0TyUsV_uuX_LrgphX9h9`>tHHftbM z1Az`4&2}TnS5j#YtB7iMHb9H0C^KZ$48#-J@kCER{*AHX6_V!Nx`NwRE$5|-!H%1L_B^yWNQ39Dmro@CO&E6uFp%Z(aON2uq zXk)s47z3Q-^yrw>J(Mx{9cDO6wLqE!2x;W5Z>4?$8Jjzlj0%K|NIDvQ1PNO3L|RUw z@sN7(Hjz7*aL`6B63Dmr?rpEFv>|>#N)41e*AO(+Lq^yIVO)O=zMCYZF)eBpcyLgk zrWg3}OXsD~t=wKgqYvx3BW8-+Eb`?!98JOT$EAdf=YddkJa-P@iqb;&5%^V|&pm*> zobvPhzf0MaC?rpcq~4xKxK9;!lslUR?N94alf`gjliiJ<N$U|!xDG*@Id8Cq|U>0(i(GWRlLFZarCoOXnLU+R%?yXdT2TfoPVS?M2 z;bD=M@VdKR`RaT8f=fKw_hITP8AL_26|VUORKDuYc75?+`T6k&IDye<894vOJ%d@a zn^pC1r~c0_-yMSYF0${AgOfm|fSLMoqstlpiY&;Tq?Qx*^43i@NJdIJUV-7!9G0DzT#qX+j}FsvRdO68s6i zprJS_Kzjew?;GCqGXyWkf(!ir`?mh6h=NiifxY*UpqBC9(0~Qq_v#7`qqZGy49O3f z@v-9k!f$&c%7b-ZjEI~@n9K=IrDLG~EC@ST>5AIl*RshzO-Un4NV?4KJFPcM_n*JI zLl1JR-^7gwyT%?kltc^O{pkCkuoOOEENyYA_6%5zn{~$VExCFDunVg_i^$}Le@^hu zSs+wv-yF^-d_?3n#n0+Ddf+@XQN->IiY1(Y^}a-O-C25f@HO1;fkyd-;oo%3@YHwu zh$snA>f>C(Zv=dofa2bvt9b5=*CQ2KF-+*5hKx^{1~)i36`NXPmrjp#FjqV5cbl5c za&ucd74=@sK~yDRIB70{7a{)&KrK8vfx`a-je8Hpg2?H`cB-vx+V1pIPgGEBFi-S& za%a?9ciLg*;EyBuNdkFh9863+!YtJehomPc6Omm+b|c&)Js^rl2h0=uC3V}6ew06n zLi7KvJwt4DCc@FKsn9~haJ$%HmeBQ-R~7Qn`JnSaukT*Hn)P=T+Im2;UljQ&r&! zdrt_F^7deK3uC1INCGp_p$eO9D0P${eo*1h~3H71W&qJtNjmF%TMAHnqs0<4= zfADZd%Z&|q_6R8KbhA^;1b%rX9^NDsVX{(gf1ui}h*xp=6x;E3BIpRzuCIYxSzZu{ zfqA5qLTyNz?TWl1^(*^c{-}a_|Kyg|;`umb?$2*$j7M#hkRzS5--kG)zZzRw=-IUA z-sVhOfY-lqHx@Q}$>ji}@3pa(*-D=G!v*x*uIe)(3(>D!28uGQSwY9ydpX)a&vd62 z<_;#7kxUeO^J*mav3NG+$3u}4`L7?s78x&qQl;a)d-mvMg_{+X;0rPQRrRt;7ssd) zaFY>lW9lxO*T%HP|3RduPUtznx)>-^xL1skrA3`i-eKKt5HVOZ!m65VdV_Dg6#y@b4B5wR`8cBxgidGn$*=TjcqU`Hjs^! zT3tR={)WWm>72&(i1WgrcT<{|zWO>-S(*2AOsU&>d!EXhbBlf0*m5Jg^GU>|R@qGU zC-h^!Hy|U7{wG6!7ji2vnRO`#M2#}+@b)^nxBKfypJw1ky>DSTKH)?y6M@6m6 zB)72I^^?o@Xh**SF=g82@dQANhE++*D}x=ST6t#nws$)}zs;D>+L&+wZiXD%*`}vX)D3SWz|SQG>2q3DW&JW*q4Rksih3DnOWnRy=7DJ#Tp|WZnIgQRLfn# zih^Lje`D`pAWzOd?4$v^%8sNCE8>T@(oqapafCSbw#j8!y}QzFsUtJxY~tuq!9#X;!e-AP+=9-8FwjDTfbcSsX5Ni+C27b?TB?R|^}YXg zN~oJ*cw>9~;tO5ko*a`NNeVmjs-r(dK6m!?h??qrhq=~blV+-=y5Do45`B_G7}6@o zcn1xG39mhdp;KeS*CM6z+X^m4zJetYHS=;|z2FXED94LnhM93prQ5U>xi?78W+<)l zfP8~XoMI94FiFgsMoXst`*}p-n1_v91$X~wYePpJ3!H7JWVh?cu+^{dP!u%dv%S5) z(d~?x7dP+>q!Kk$bR!1s-uW6PXCf{4)jGAiD4aa6PlUo#Ls1FOy6BOtQhSU zxNc-wpM1Z^v*pzhePahuk&^G~_YlPa>H9(xQ*e@g>n)hyNw0g)q-<|cM`v@wrC0qWjA`oPlShkyIK<_T-;o5Lm_m=`nZr|vMPjfHh3+E z8L1!$E$5UB`(2DSc>}+!HO_DR!)R{T5M?wwAx!#SW93%9Xx@aq-Q9MBiKgYB7A{{g z`>?QAN(3M6*sQ6#?ey8~GInul%Gm=4CQEi4Dhu!yrj!Npm{q8^l**D``yZ+CJ8bawbmL8s%GJ_*QK?a;7TC%{|z)E0Ftc`Z>eHNCbxQOQ41L@q15dY4H~ZzMSzuuo9BDwAX_B-%}7dz025N)EF7yKX*cGw*fk z%t`+W1XsTPX?Ca)6F;!lFua@pAT=@n0qUNq?wn!|Zxw2ng6j7UV@uR&U!R^Z);Y$A zsW{9?3FjQcX&i<#9DtM>o{yAgk{6O+SVCfSj)c{Hr`l0(~SzcrD}RCqSLUF zt9q}W#SnqtBaq6Ef$2DJXZ?RPMuSxLY=nT?lMB%uql)M6-o17}nDzL8)Dyb;(5Be= z#QA&(Ob?kh@(;1dyw&cpA4$IUs>XSFjD)p#<<9=WUg2XbjoIeC{v0EF{p?m;8Tv5Z zLT=i?*WJm`hI6mv_|A$|UB?YXyH3_CKmLvOn}o0=7}8Zal(_!79eLp=U-Z$$AZabQFrI#~)5@P1;G8$kfmqKdc?r?q3^T2i*@ zOxr+9Mr*eI=a&+`eNdryrvq?7$@U$6h4a1Mp4=UbMc)?dD|eBbe7JfCmJ9tZlli^t zLI||5iJuC1Pv_#zDdWbz_5h6=G1vIe9AL{TNwa1ZjRhW|f~2G_AHZ8gy7Gkw`fv=` z2WQF*$tt#VZp?|sVTgb2(~kB-!*>R(;$$d?Xn15ap`cz-zHnkJ&E&19{Cdxh5w(aj zjEFNemvaKiNEkagkemf@4^k!;ix6_s8vO9WVwuvWEUl8_XraTr7ob}+{M6MWrL+Q* zQlXtD)%h!eo@?pRwndV^$@oSjtX`d!S!+%~e^r^B*GUH>{17h20{ z&ad?1J7<4gDOLVjq{n+PXfXvBX+X^iXONMBz#cnm3%2AW(IPRg1nKbs8IPFyu);dI zAjBMw^haxh`xqAkh@hY8fEy$Hd4qpHrg9q-UT!BnXCMavq5~EmB^Z*gP61@XwYPh| z>*&7zdhb-HG2;ff?$(Q{bQ!2?K=-XFy}o?JytsR++pF|(xlHNf>>Hf7KEAXy{P@Lx zBCE?Jy=}xYKjr$>NDp^0Xfc8PZM2yDE=IqO37;TC6ZW_KYpBX5!Tj?la-TL3J_J89 zEFO?yX=S|HlBq-+5lhF}8n2kvlht4v=N?@!|G_Gyw&}jAdH&gh!lSPlSy{au#&a3O zys5gc^6l}72Ylbs(h`h`znpv?Gt-Dk1|v`eSRJr-1_lOC$~f(cR=%=Uz8=eZ-_+1_ z0u}k!PDlx8buCP?+pOL9d+RUqsLWr4+n8=@X(k&3CPblkR@J4DG`H6|zE=`)bo{=> ze6$Aym+$H7G$S1I@CgV9??DRkAkKS4Hu*=9uMwP0W72EKsju?$71ER!EU*Lsj#Fxx7al~XQON1h8(9Z02;@q48b`q=0<`q(x(jsNVf zg#}{X16zq?8C8%(2fw}NQJPyp0k{t}AqhD10O0kb{?qIK-Jkr3lpc5a&;bP)FT#dId9R&4R)|Dw)M>kL zRXoxAk?IXi?A3qhwn>6E(e@$T>pPHf`}#f_%N*S~Sw0{S3nY8wI@8@2j;+?rm3T zla>I>N%)Qg4Y$Wv`ou^^7p1U3w{JHzm1<}}7_0f{3kCifl-N8Hu^iKn-5TTr*|S3I zaF!c>^Ts2e;QPo0!94y~iHYu@AOrbr%=VLUynMpfv@t@>@#-hgl+g)qIN&;$CyfK&`iojCMs~5K%5W)bp>pa zn4MiNa2{oG-Cikh16g2r*J$-Z)g zde9sp&LkE4<_*U&4&SbkFBmX3mLRQnQ;HF_g!Np}Z;`Uz0%y}!2BV>N@AQGXKt)9p z!=C3VMUHmE3YwY`dxH%RhDofAoOoJ~mn|@N=S*T^ebwQ7C2P-yh+d(Mp$OtTgCA)5 ztkeI^j&yQE$P5qgjR%wI1gpE&v5e2h0&yVb5fhG8f;fX)z2kq=5&A7zKTwcDZ@J&z z=Y|J;3=akwuGv+IY=7r~c8IX&(yL9btvb&$+{^6MW|<#4s(TbKh|u65eAV0VpufbL zhK5G?USB}j>@nm*{E5K-_9v8)fj!Gu3H!SSLXMy2q~bxiO-MIbm>J-fE^|B)HIVEi9w)z_N^`xcs9jEu&sy}(}kf?eWXO*Qo`4$5P5LTE3jXbk1N*o%_} zXvA=gZ>6fc4ZVKU;Gl=$!DlMxrFI=bUnI1(X<5k`iLW|;epue&kh?Uun(&Wd7Qv<3 ziU*$=9t^GeA_Su(o)&@LoJmf?UB>@^&GWbtd0v^`(Eh7%0MUKDeTttdc57}760u)% zE_5h!eeCfLnOgGBzohyz`+c1^F-a`w8DQv_=DHiBld*COjXKa_=!%LsHaYv_ROCM5 z-PgThzp}G=<=4a%eW9BJFVaeh$@Q%cmG9BHfwGl~6>UBR;2k)L@8BKmXYiU2IRK;w z`+tf%e8)}dQ%j|W*P;F@9n9&+V3MWp5>WC3~xk$VgV^ zDP)iA&F}rF?zg)4oc#W|uXFR9^L#$EaFXg;KL(+|k zrKiou+;-Hwr>Z0J&}&1^al-P_SUUc7ec8p`W2;%@M zI1~{W1}gu{sHc_(PGmisva>`3%RCGC;_7MOA;IAfgg+hdU%&a4dB5vi-%l8gSnT8} z_c2ie3J0W+eB~=^n_W_jjRGJ@6t8T@orNlepYZXWRu^(Z_%O?n>pyy}P}|K-(E?qH zvGzFbHYM$Y}D&ivhW{d#VQ$oVUiZ)-l>`io}JkIs+HQeCV@ik3Y*HT;I=5KCD6 z$mZI&T7Ym8dB?!i@CFIm{6SMYpTBkXaJ)Zq<)!JB{eP=ok0W|~_<&iTs&i`_KjpbU zQRRKEq1H{Cy{XKe)96+H=6Odc_N;~f8ps=$3aCk~&p?toR*)2?wP$3Tgm1xU&^6SqC(wZK+EGCD%5!2VeZ;4h(5V0Wbqej>*(f(d-8zky#Q(!~OIN!0WemC{=MC$pxx!qm^p zByN2Fojp7}^nX9Q0C6K*KkLGd6p zZ?$hYzl_rT56KvSlm>>YhU)K9Xvt8bH1_#bN7$;dXwk|f@@1MM^{$%8Wo&bXF<%C% zpK1No*a?23sqc912bpmHIQ{)P!mE1BuDJCMdI-Wl41yeU;KYRc-*LJS?<>P~Y&YAG z5pknKOux5|aF1T1gt1ra$l9ZI+4UFKRG`(0@E; zr3YR|`h*_w8uWphALR`_utMw{!zYMrvZ)V3WOur~}3K%Kn?pgBPbVMMq z6h@s|_pe^=w2-`TvoG&_2uswd?MK`cGma)WT$<-6U_3Z51iT@ z!x&`xiFVH(py0OT*&42me3VmR^(N2q%{#|BG+upB)d(W+#znxB>r3y(Fw7B1)(=6U zLy^cXQ79z);R;%4qk4RVz=t(p|8?q^mXp_4N^i_g@d6?G7EC&d1ttDt!VmJBgQ zHhuz%%hSrYZ>v}4X9OZQ(#<+@SLzKc)+)JCteO;vuA_(0@GK=}YM4VtEDDxf!dNr) z6Wa+;-+Am#y*2P~gvEWPx!h`o<-mcU*>}hbpxAWg2hRMC(!j^n0(~==C*6wqEI&Sf zoXa|sWou+vOJb}4z03o_&5S1hpyTv|_Yf)Kib&p>%}9(i@EVB%x=goYO!NGB(zfi% zy4I1wEVshb$HU&Yk#3KP+qSZr)5%*@lrLcdFu@%I@!uT;pPJkDQwDt#BT1*BxR^l<;xizSrY%N-M76*)^o- zklG%MS*rrMJ(wLh0cr>u<6{;}Kky@pV*jM`vaZXrmZmgqIJcRVi&=ZdS;@09iDzg% zfC2)@L3J0YBwYT18h#*pDrgO>d9&O1`QT3qIPl#RY>k$%{N!_P*7<10dB;CM?a6Z^ zC1?%*iCKL&=AC(iKT^p*r0XIBu^rCcPPRTt>|l*{p1m7e@lfJ|#ZB>zCIclOLoyUA z&43jWp4=Iq*wtppCk<>7r&mch=piEYf=tsxK@BId)G8vlN}^!_%5 zTZ2oRvkQrRVn@YCntd{xCPe!Dg~DZ99g%{*6cQM6*OddSdI z5eX&CB>w|(#=XN~G3_I1Ht&xNQYpVRsNY$ga^<*&umc(Z6jU3`j1ud+aS5Xz zcPu#-#AB)z<4&#i55N60P? zfDE~$$~_UxS73+sB6&8ad%HCsBP!*|?W%^OJs!O(u+Ob_Yu*%KRi*l1DnW|Q8w<5TxGIw(qhN_`u6$L4WcWoWP9_| zGyWiij>?zgasWvMNq}m5@|S}7|Aefr2v{ikHxppY8fIkw?@!~xA9w|OD60Sbb6_N= zAg{L3d*r664T_a0-u5Egi2;f34^$oeN4Ea!11r*67iiMD%h07G(aL&kDe*q^gjmgb zZ?yQpePL?`o>ZZ5ueoAG!V(dH7>MaQvAO3vO@1>y#v2P=K1Zx1-ja8idsfeLI(f98Oor8E4SB1LZ2*8-g}yqB~bXs zaFc0@lRLci3#*EpmpK%u^0UITty*@#g2OlgxO!V{jO1?SUIIG3aJ^8!?c9FYMeAMr zjJvsBLySNI?Wu!7DF;fP0G8=hs1F3Hl$>4LcdstUXBe{(i9`I^fc-ydDHL}Dhu?s?iZk{-sq3D*7t6CxmzR%s7#hXMB#cvOh{Q=qt`dR4U0HkZ ztHHkKdxQN1Hk?w`fP}y66#ncC#smq7=_9??n_h=87B~C=C7}$wettKe z^39>dr@q6UlC%4cqKOG=INORdo%Ji@ zPk#B6z~x)pEio&#vE?CA0Qh6>E1#!YWJp8F*g)}pu>g)$UkGnEDX6OaAajZEU`u<~ z@hP(m-T%hum-F~QM7-faA;oTbj{!kKV>r%7V;{`$mz{OIwbmv!>v0r)bM2KP&pDaI z8*l3YOt(l;+F=b52Km>v!7*jQH2DdBtMWZ!>NYmFV#Ldj#Jh6+pAd!{hjsVRN_VQ7 z{JFC-w817Vgumn1(t<*3A~sjYNb&zqv!pGyGQYsTN~hUOdT)hQP0&i2$IV3I%W)FM zO7W1&7{7K4{V*_lEqt1k^gG)+Pb!g<_Q!*NPuN0d;nE6M+M{=O>9&l@iIO9=fh=Xg z4TARi;x3CXh*I*uMQTw|_>;U=3^xUHgu^77mQDFEUp)`8$kf#NF+TBwq_ARqHkNUB zHpiDYa5XcApUG_<6)7i}CKTS5b^R`MXDfgr&C#C%uY%$`uOg|H3`_e-Tm+a)sVNz| z8LI(@DI#(h^R?IRGjV>jni%IeK9tn9J}rT z^2KKIGR7HAKU{skuJVT>CJWKow3VW-{#0zZ5kwU970J#DQPUw_`Sa^KKL~^$en9R# z*eum=TF5XH!S~OPkti>B#~^ooBoeC5&*ru%-jKCrKazk?xqt zySDHClgBa-GMoGiEle6$6tHbPxE=|Y&NaIxxH~%275OkGS)x6-v`4Js6uy4#tL5`= zBxXX%VDMK_uu<4=C?AMt)r}71VxFn-Iu71=h*|Q@?%vp@`N4qPz9zBY2(7Pr#c2IX z9&czzd5WwJ6gCqYQi2guxgQUPX6N;_2y%UA#O$}Q#O$wwfHDFqyJ2mGu_W_*W&}Kh z;>C17qv4q03))zgoKmXJ>M!TY;eq5?2@h1*1svb8qozlxpzP^kuo335B>|2|kY4NY z@7RRx|A;0zvC?1Dg{|1WA~Hz5NY|Y2j)^n-o6s^CwD&x)81b4zL4iA*#PVy#khn`E z9ybPG&KU#286IJVVpMN6JG`p3ESFh`KZ!g4~5^&c0`A?d3 z*otmfey2UoP2E((f>B2#q@QFKv6}%8pp(50Yn(r3OwX<-mVw6?0KFq+ZQmCEc83b{0L%{6EY)`C6a?~cT(~!{>Ce5P47K3i)Titigm<# zA^P$twz2y%idCg23`U$>k3`~J67~y6j|g9Vd`u(yR7-zHL_WtNX1zcyBMP!&+^|dJ zzw)&I=BW>XczZpVMJ`GVf1d3h`Y(6<^4k zz~a$}KJuN znzFOSMo3tKDe^6pW2+!_y1|lTn8mV81%hJxW!haO17wzQz=ii@pD2zWX*gGXeBZZP zfO}zlw_RLjTi@vPH-r?!#4mZJ2@X)rI3J}&+;kBm%7ZFrKC!E zQobx`_p1_y#uT&sj?O?N{T#;7N>vYw;1bmzO=F3|BF`gI);pGLi2G5e1t=T(-!qSI+y15@XFXQsm}1!HFk0444W z=&G|9xiJU4zb8;wKaxKwKq2ThoAGoLPf7E5#Udl8zHN}#0yNA0kEgod{z)ZQkD%V+UBE8hMXaLtOjJRc4T02%W7`IuN!V2s()uA&TVN zL4D+ugNY4%WmmTsbG+jJ$5(Cfm0;o4G;>T#h-me8kZG0LJMyz0;?4OQ@rXkhxvlPr zFXqToGExI%`%ISxi&+03eI|3Fe0!E_TO;l0bXXz<8Oz^x$y(r^ZDxd~6o!2Vj=j#V z?D3EW0aFt1ev6*$;JwlD$p=gM9Td{0m^OETOh@q{0g`#U#$AOc&#AsQ3u7v0Bg0)FE#FFVu%n-*kiGo@ix#x zM@rZZ=2;Is<_#G#eL3e3OE)$Wp_Yf57qNkI7%}(tLUb5fa1w18>2@bCuV+^_Yq|5r z%((H6eIBm19)u8kQen?RE@)%^lDCl7Z%4ZKH7qbKXG4@hDl$IGse@sc353%q+pHQ8_50U88_k8!g-swW7TlMvgVUgkA zSw5%-$|XkjrKPU!+LpDpO0`K!=Z9F44UIIFR$$Dk!z9hRYO=#vQo^4P0H2obYOWMy zmTvyz6Kf3H;YT)34&m-{*pGN^^UPCxR(utc9-gBf!WQoZnt zkm{F?Fs4@ee_o041IifRv~S*=ujsbup(95WOBVKxOOm2VkM?Ds32BN|X%!&M^7|)& zSMByG#AGleVLnx!D@hSNEt~9`KZHI!N91cJ$XAd5g)q)yQybI;KsZ(XVelZtT? z44qHTfxbNhBqb4$iACSO4g!5Eks+Rg5kmjSF_g`I3V{xC_w}~4F~eb34Z?$i18CRj z5W{E=Zrd`bG{+&K8Q9lce%zvLUel^&WLo_M=lKY>d~yD0BpUw*SUXB!?Kt+O7hxfi z`;gIPiwcOvVs`#RwGoG1&7X)!wEu&5LSbr8cRihn?W`Ge3OcRrWJAX&l? zW8bWd;f6r)3_ZL{p2j>eWBw;f@RvbdoBCgQ>JCDU*Sh_qe=Yv z3;37HoLOr)InLY$5qRI8eCz_h**Bgi3MEsNU>~sR?jZ9 zOcB9Ke>YS1@>@@Z<~*CNhSBj-=5~JL=|DWECd~)6u|34={!3Mm|8Q7|@dH_9V@ibd zoBpn#bb?xj0H}!lwi1?Qe$@8>%W{Q;OuJyPcjy1fZ(4g_{8~!$v{s3UXZ)6Lhd1n%Z&8!VT z=GYdgCf)wkVL%&3cJi5sJjvy{zB z9XhO0+FLm})@V7^+cC7RBoR#taqew7YdYyzC_L#e+t^GqkoHbcYW7Kl#QKVZMQQf( z^{5$gQoH0LHnoAYqnV^jQG4=;xLTZ|}HWUqgiefrSZLY35>xuQ5ac2IY;g&GQyo1;PnxekX|q0$=}xDn3TaETjMK@7Y;Vje=UJ zTwg`q2}74|uW{MmrbZmS^X4YLEd3>XtE<)SjZvP!7oLZEmgxKn&PS6hXDE}F9F2Yu zST>^FpB@64L{j(lp+qj%%o&0Vy!xl>ioNa&3W&xuMcZF$ika~rlc%dTxXJ8gGIC%~ za`iA6=2tYJ_(z2C8}Z@?o@9DFf`uB#k#dSt=er*4;&N684?!J6`r;T7e&C&efvy3A z4x+}{^;or&XqSOtt`6%Z=a(~jWPPQqnRm`jDI&q6{eXaiu+ANZvX^D!P zeUb}D@BZ1;HB>q3#hcTt&PSsQ)!pmb*#@^FNvdJ7{@cf)B z78k2c6|RuM8HZ^l=ywJ;ltv`r)=R{232cqx+gBZR-x8VRfl|o6yh~(c2WMZ!T8JlV ze02t0)Z-coEe8jr%Uz_?(WP`8=7JZrPa{Q#j6Hiu*7gpxh2yta54%M1SPM8csbAmX zb1CIqb)J=X5#%9m@bkmVc~Zz2+l^?IjEZsaVvsE8CAuUm$k(xt-5F7$kW?QBCa!p~!RNHY+!$wTkFLg6#P7E6b1qN4t%~%EF=Wp%>yP z*6sCuEY(mU{U$V8pwoVJ<|rgq%#|JVOyB1VYC28`Me(BrU1aIxm@Zi8i=S7!z<40= z-2M8Mr$`w#&r%#d4z7UaPL@%_{?MWCgrgTWo$(vWA6XdO{v9&D^Jacf8EwiR-e&hB z|VDS1L-)bVeFgE+~0|Y%v;=+E9gU9@#d?Nf6|hUs%UaNCo{}K>BtPhZq1l9Qoi|*%_}um)GO{t^%iZ68=BHrq4^h$ zqxf962$-Py#uKT+A<~SX4zL5YWP}db+TWH15^%W1_Q%wn$>v{S*xXJbPteIX{qhreH9zUD_Jn0sBHnM9Dx!7ot}Q0?4|a;ST6A8yfV<$+)#xY_$q)%*yi>$o2g>rc8tc9?^N!O)?bC!^gdP17{C_y?8CYu1F!slJ7 z;#N1CGkmVrIt`{A<`sA-5hoGSPhZyYKk-8a4MT&`Sk6TK|1o>d>~xGdgNyKxASrOZ z04QO(w~(6F$Kw3h>ZMZ*25}8qf=gD1G)f&DOCNh5=Qn7gJI$Lmtw}tg)kDC0l*0SP z3vbIl_ME}3U~lb3wmw8LN}qv*S0bkfixHR~flG(S{DoW(Ak{d~VuO0|*pQy^Nm>p~ zHyd%ek`_4|6K2Q>k%6pwYRTyI>tvr5oy>+uOUV%m|C2xst&GI9sB0ZC4NVaBA|>O{)tCW`?m|T%Caus%*FU7zeZ3$G69D>yd&f)EmV4IRx{(g^_B( zQ3yto&<2JCk75ZfQ^&)1Sc|#Le(jKT9sd?lx#Vl{03yIT4bj}}yp8VHl4zj9wl^p-o|&rg8tXuK$4}V?;$Q2}jS!P>cxu#F zXbWjybFZbvTu68F%cr8PRal?_BVWLSZHUX< zMLbIV1kz6FKOh*i^|gN1Y7Y=#M)rJVwnDQt!eij2i-X5Z6F`i}+OEF^_P2!sO4hmy zjIbz@RAi@5aewNsJw4k$?ko(2uXOlpdP0g|V}zye)ZxSTdL_07I$VKM`W2ezp#(kK zs;*aIIhh;B2()crh~(&9p-l({ro?JQVsSX*H~^BygP9DN+5M~f3$RA&?5n)h(4G*l z@!Dsh7L{h?zX(NteB~G0*)~12Drgd=Vgi1`&r$Gs7qboIu~~7DCz3GRRK(_9ebK5` z44azyB%Zc_ktW;yH0vksN8PM#N4dgEtqjxRC+Ko&?AK%&z}F z^>>CHD)qpQ6iFYMr0Xz&P#aR4n!2dqdu3n$geMZXg|u#pNRfZW#Uxwfjqxe(!TK?I z<8F@u+~-KwtG8M!8)|ZYsq4zMbd>`31O5MF?;N&2rLb_;eqHEDlGq!XsE65Q{z~rD zt~eIcykyem?~j9BFYvtRfTZv2+bMDFv5oLClk!8S%n-{M?MUyp9K-m^EJ5oc)HoKV zY^E0Kjg`KmvU>Cz>L?N;yaL2@4pne8)(7&`_v#c5zAwWje*~awz()y-^7;lx8Cn#= zUVe*Fo3DFRlO+AJvWoL0g5Nnewgegsl*tFppXQ zx)p0?w%KVj#zw6Bhpz2l9qJH5Bw8U-tv%MxX3ZLY5i+##0B%0>b_rb2W)i>BW~4Cn zu;I=Xw_T(UN$>sn=Y82Y$G?9=MeJX3RV1(zJ}`vzCY#?hI))iUC<NpuX3>@(44ab~nj_m! z9PNEasnit4nmWP{S^#B*=+n@r&imUCBXg}QPYjFPeU20XMMBrsFQf?E=qhT;g37lx z22DxAqDdi7f_U&qF!s%GGg&J?B^16_DuZnB5pK@G9Y^+AZBF%Kv*@}Y`4U(bJ%+gz z?H^(H7;%F=n#~wZ_Gyhy9%GQdDI0p6`oal-F-?nA$gjJpAvDDcto@73^;b@3C+2e5 zu-WL7j~p1Np5tIO?=4*E(<np4B_IacXZh}LsE^>c9HJWu|=n$6uyihkMOk25tQX%P4FO@eH&td9G(rP4bTSr_nf9*2R3#* z1RZrXjK7juiUbbs4nEZ3so9JQdr^6jcGWPiBIsk{$E-p#BemWFtCr9EqNxK|QOo<@ z><<^~vbt|18Yhvzl%R&wj%;TaYkiP&fZ5*5?!W&5yG3R; zY^*7`I^=`xMjA~$(QY3SQ`_YJ7UIV9I?Xz>&Ct)JoEY^oxJ3NRZ&Q0CLES=jer!(p zN*ruZu)w&k@+&7RD14Cnv*GPqnbPfvcgx<@EO<={xyM5ZNbgo|ufDj?)!8X{pZtcq zja=)>N_=LIxO=4-4m)8XA*uDb>xnY-RqGYZt`+y07&QI@dOHz7aasmxBN*3hslnpT zzDDee-mLe3Vkgez=*sn1x_kHSi?65MF}xqA2R6pl2Izze%~|9%+P?JIL7W!c#mYy7FGV4k;Fp^r>>_oVI_MZ9{SYj0F=R-t?) z5ZxDnB^tL&n+mLR!n=50mszW`V*2|>r^Y-}Bm5>C+1e zIB7XKMRl%Tl?c0V8deKGLN8ZmX(#(gJ0VdZdrlr28783d_D46d?cEfz1<|EYt3rfX zc_ZSaEgGbA;tKnP3&&htT`h-RKUB^&l!*REH)DfLaMB!XxACs*2(uy(8 z>OdS$)D5WYO38h;jz!r5E6XI|R11Z_c=2L%V!}HnCdSa%*y|*lep|}@Z1|!K6;7=m zm49nlne2vpCG4cudG}PTZf5)b{k?EJHw1YO+^RG(ml3z+0sBi`2Kq^3Y}m;|TGn}; zgRvhfKn(NTYFjw_Uzfy^6uS<#>PfC z(v`>X9ASmaJ1D)Pb>(e24gi?sclm>oh*sW6e;J#s*j=a>wQ*1#Mi5X?NZ{x>IXmOk z583z8Lhz?j52YO^(VQZW;J7tWvV?-Z_3c|YMD+~pbt7aEHNj5ZAiJ1+RH^AYpz4LK#IQ8pr98B{WvX z#aKGh{uEk6NYh=E2OGp8=sJwpLgsp8U@Ho#z~`WQ+2f(WHatat;ifVG*iw7Fu*KG{ z-vd$pwJr2pl;=Opgx8_)n9Ee_B>)Y*BB;m|xiKEPFD4Pn3cz+QDX|0_lr-QKvU&hm6dKF3mOm(q#o=aGID-hA*0@h|-Eu|!s2cjN= zvwJc{nWqUqNUWC9=5kyVyr({8j2W94*rlnRf+QK%h>Vc7DI%n=iVwj^v7nF|C;WYJ5`nAf|YkU>{KBEo2d?2%}QZ2t*Y+v}|!cK_`H`l%zd2 zGI*T{_??`V!fFIVi+ct<)|M%v17wh#44=K`ZcbW#8Qicd?vX>S4)rTr+ zv$e3W*yuxVU!CkL;mnNU=iOS6-ab>~OCCD)IQ6}&y}fbooT4ajv|T@AjP5wpzMYg}`*hOu1or$BFG(|Lwvd zgEZSackW!EbktqkS1%dPb9T5PoPaY+`8ZfS?Z%%%$N8Q+*=~H&+R9o65MjOzda@y;YD=(+6ymk zQfC>0*QOV5_vi~IXyYqFga0_S$4-j;8VHQav;BZH0M{M`tCNknhQucnxX_`LctBBJ2z+vsiF z{z*uM4y>csHN87k)r4SbJ%!!-j~BHoj$1CN7<`h@&|=p8R3AL+yGIn+t%Yosl9iV~ zMdf;lmw}NHnWt}A-Rw@OX2BmPJg%h_*Pvn$OCaht|KPnzR+;Kk=Fk(+93~WQN^h`r z1at(a?H?#paGUBva-A`W8w3(Vh-lo12sQqNML>en2$@G?m#vq2mLshe)%EqMi#$(X z>caH)lsn<-PRv`gXJNIJPvOY)_TLRda;_<=0xKV0t;|@s^EPdNJUSS6S7cb#(RQ(I zZ#{)|LyP5_QPSDiq?fvhrR(PE4j=us?;hrOz-wNS0k>0w8q#Egip`@BsG{u6eaP5T zg~zSVp-d66ci(Dw2BeasJRNdj=!T;&!4`uRas&BT*Ibkm0Wu7WX5?mis}429iFC~y zXDFQ=jmtKVPN6xEPzWUV+jglxgXshI{f=}T{SJep9T{q+n@c^jA3dn5-PU~{ynFW! z7NR^DYfY+c2xp5I56#SOmEslY%+#2;!NS5KU5?g|G<%YqOyBRi+!uDyTHiDe_IdQ> z_hhzcGqmZ~2c2tqtW!I*ewefOf=Z6f*gJ>K#o5`M*lj*P!RbO$fsG37R!L4t;~V^p zH`5=81=7}*N)J~PM_N$!m=$OQ1qG$sxiJJJN=7~!?ab0@h}pE1h*}YG`NX(Qyk?8YKNMvhGKAAOzNz+^mtkHg^#`~qw)Svq|pKwZC(eAzDp2) z{q_yG zJ^9&^$%{3R zzrH+N<<{NykAwnAG#yU!*o_`LDzGBNx3w~837g|;9-S3Ob~!veC_Dzs2sWk*wplp3 z4db6K7_}zW8YRV2Ds5~SSiZ?9puNlt`yC%fyc$c2Ca$Hhw$bq3Ual3aiMH<#{`<+( zm$w8~hXT3g8`uUSMJbLiqXjwK?E7rfEPaY5>9U&z)~nP4X{&>kw*Dv*BwBd1#z}O` zx=WflBaJ3+_K~>ziK*`3nt-YMXABbll6AA5Vi)^UJhfKGpO@o6gBV`t(<`dR#>NAs z^G&`P`wl&z(y}r-uT{=>;O$s{ne)b0G5YLjUK8gI5_;>+!<;qft)+sM9@k~sk*6{H zsGR6CE4J7s44HI^Om$+iIebw#nB;Cs`M$8SqsEgi zhA`5+*hn3;L!eAZIGaIrwcwWJ33KaLixvJ)o;(>URfuZ<&oNMyWp%b%Y*b=g%r*94 zkczA(rRXU~U6%D zlZZaYu;s~0hbLY2pRmNN+r&+ybI?(6<#Lp5$MWFkS4X_t`kiOWSj;zDV+TSaEu?UC zW1PlQhMKx>g|+eWnfJ0~cWOF|7#SG_f?;@@z15)Mx;hYeI;rCal&9!;Z(7zC+F@&T zWH7&HE21zF$5zwvQ~P^+w5!!Xv?4C*J_vK8WM%Vo68b=LYZ*M04N|ocuZumf31ugH zejyA3EK$R-qKSyl{p0h(`LP0RJ-v3P3F&)vPp|07ePm_YY$Ks>&Ck7LUiNADjIyq4 zv!0Gy#NVZDdlNyQJ$-rO2=Bt%;tbAS2c2H)<}%BXQw6p6$<0ZTHFkm0-0V&KBa@{3 zP7A78*YT>Otj1F;Ki(s$LZMego)0HRn)~t26fR znSWVAKnkzEbm5)&?1a`fgI%{}ZTs|fy!t~uw#pke4PnL2@&;(P+EcR?N?Js(?jIHx zkS-JS@DaGQ_Xq`P#a8=vW?oabQ26D$Fd6@<2kmXH8Hw-{GiA$~3zJ=J%;hUjiq|XL zJGxr3uX+@&ji-$_-MF_v!Rll~VLK!{J7uwL@8kLbwK8Sl9=c)y0^OvyNVo10sq5%% zWb0Xtd#sII-*Q&jlB)Vjy!ZHDhH_fH&S+Q5%|*_tKKnjI14(ss6mNarH&UG}8$Z6} zzdH6w?6>CFZ5xwZlg`WpE!kxP!{@-(v;_IDVN#*$-+c+VWH90<@r5qOfB16$xOs+o zV6Ul8jUo%7u&8#_Fu`k>qLjK;$0q1ms~MweL34F|*>{h}(Nud4YnEgd8GShYjla~( zH=gp(W!d}091HT|NHukR>5W+U96Xurmf-zn#$ZK zqoAMXfbr_=+0dG_ta36M5f`Q-l(u&co#N5Wo9G~>4?HLVJSo+?)LD_9k8HFNIpuPl z!hHj{{9Mu*bONx!3wHZnw;nRrr#N~`-Oe+GpZ}VlC?{WTV6&_yQmUEBTGucwnaa0? zipeH!SxrsK?PU+abldZJC|1|?C11DAHR18)0<;@1EVgt2jq$wrPKZMDK0iKsJ8}U& zJGAR^d(+y4SwVHjp1oBGp_(T^UVE`std}Y0o2pQ_d`{*v9C|&}+nrQ|qt_pC>0FcG z_FstVr*M0JI~$Q{u--LdUC~AWr4PZQR@2-@r)NUp`k!pMP(DbT+WvT0qWlk5{`Dc3 z43WP2Z7|~n8=i!gaIKhR^k0X#>I|7X9;2U6coy7N)gR5n&Rnr!AgicIq_y5%4(5W{ zK)6AyXQ-Cj*{!X%z&aU_N%OFXZlGRk;|Z*G%F9noq@{G8%qCs0-1G3Df0usb<=H`R z7C%YOzDwLDW++y)z-rJa2t@Ve5_IP5iBq2!EvjIJ9XW~CLi|t(2+Q>x{pu;Bz4aS| zRND{UxG&AKH(hWS{a ze$4O_!X2ylajw`*CEWd&JdovY!z}8=_I}QcH*YFr6xbU=|VIzBk%& z)}O@_f|6DI_UOEta@qJJer4s*26FHr_r?PYMC%XE#rk=2m~HjF%E~I@h;bP36v3-^ znH}Klcc5{b6|C@Sisq>XR(a%-moF3^t8S+v5xv$=X3L_QOMirS;{n&|kVUP(h<5t7 zT7Uv6uG3xUM<`bLBq?8nSh?1c;|CU6w@I z&^1~j+Q5UsD(Kcsvq&zxim7;M|0eDi9dAJ{tu&;dxtZLo#u8@pvZmBJUlD<&7z1k? z0S8a@^rnzp`&@xrw)h77SShHJ&u?h4k}viUmsW_H-CUucb1%d_UeeO^Gwl5 zf8oa(^1~r54LNVOl~?mRDk>@)@H2lbZgy5!-a0WoKcTg0(RY#)Z6)4o*E6-aw;miN zIzPdWYL@kNbhQWQD6|T;-z+D-G(AG$CwL)@wLSVpf3qYSOR z{^JukT7(Yn{Vxl(AkT`m5)vf>?xGQH1k*26|1&p4^*c@`q+E3Dpj-62{hb$Z`RX1$ z#CRUn@$+ru=sDlSyWETTdf7U)H9G!+l-1SMhvB;eo^*q#eN;a3()?%lTI5K&TynNk zw{34fo_2GG>Mt}zaWhJBFSZqaeu+O&Y2iY%nx2}Og;K=WL*>%Hx<61%-BEY~^Nl@qwO&%DewYPF9| zCr6UgSE2Gvp=I+K;)H|*v15{oingG>IRmL93i_QGnaSr{Nx7|bqnw+%>bOUutj#4{ zXUe!f1qJGqm=*XY)%tpaRmRV~{f#@GgQ3=3MWm!&r23n*o}L~OsmT5)LS8K_SbU+o zz=8_)uleOP3GgnxclAGWAsO`e>}MMPDv+@h-}oh8Q*!y(>o8F4KC=3Y)G$uwlif*F zF0Ou~8mSK0ReE~Iv1skzaZJF}oBh=qUZEPi2sRo0xd!Qh?9ikRwfO+1^_tgxd)rHx zBk{?|=mS%yQj%i4BF)Rs3T!U4p80#|!`-8PZkrr_6PfF-clYQab~k75iig8&H3<#T zokvdj-NtDv@IRv4TWYiwSrFl0bYw{W)Y+*{01K9HJRR-Z_uWur3J22kvhAVt_)NRG`p{gH$-x>sI=yr^>D3?#t#GqN;eIs zK}h%{QettjKArN63~gF3GmT6ZL{OYO&;Ltnf3I5N5dTRN8BqNFzy7Sup*hPMuf9R6 z@ccBz^3C-0WL1ksh=+OUh)y1xy0Lv~=;4fXy)~>>&z`Lz7Zno|3+zcrP4)5@Sfl5$ zpQb2tTJ!>MCAV1}7@{F^SYrUXRb;S*=(WV%@2 zw3t9T^<#6ug+M|Iw~_FFL(w?4k}{!uh_C9Z^}1pQfg#>bknG??u^qpmV>#EPht{vp zVtuqV-kLF>;}0NsD{)8*m^ae&8AF1EQSTIL81Z0B%cZat8NH1Fy_1`0G!cx=(uJ`- zCk!F!RI3?57HHrqXR(jQ zIzSANAKqs3tKouYkgMO_**{{1Y$l#=HZ&tTxD$CRz5`AgVbghAY{e1ON{DK$KhuU~ zaX0;N%rsq@I9#I0tTeb|V>3d#OtN{MJ-dk8S1gMzqQP`(KX zKj(XD{}Q>KT{UgU^a_E;y&IZ9Dow(Q_h8*`;qpj{Roz=YekSu}k*>b$wk@ z_^AW-mlv@gZ70kJsq-=>3kI5D7Cb{pUAKDp-#pkJf(*G3*ii=!!&IUETWAl^(52rP zJwkx+9^a-<__Dp%fgRgCAL=B8@Y=Wtf01*0iL`)|TDKu956O@$>SOJqYy?3Kmx*?T zpdw_aQ77#aWUD)tdlUW%_r@W8LJSYR-48(Y6?%hWg3QFN{Ws_hp-2OdU$YULY55xA zSZ;1&VQdcpQYt{E4J~gdz!)M_4H8#LSAR22K;Qa&%bdj&-gA#%s}I{xyjFzw6!Dz2 z#r6=q#~*pm?B^h4axg7olHq9Lo5Mctzg9AtcXc16a*~^$vicYA5k%fI(yIW2G*OAj zeNu0|nS`hf>$Ex3uI^)t+(+Q_;xFEF6nW3bw?W7-=tD?G;x}!4C_GBUd#j=H7AI$z z*(bZX;*?@LyR4i#Mf@@;#U73^mACvRSi7rHy~wynwRsurku2PU2=`s~ktF~cGJFP< zvN!Nk71V-oU)(E9_yE`n=j2lkY~(dm1YhE#ikrhGBSADE+cm8$8H^zrCNvL~EJkjF z!-Y@-Vx7#B!wxFb$XC9T4T}MX>P4FUBCTaHk0RQ!Am)(vJ57J-S>!^wa5jGQK{?0nzrviP#r_Tn}fT$53+a=bp-3IQv~;j)M84RF$eJG zM#0fSaxCf_p?UKOGzsknKdVTMYsGNFFIH#{Ar&K~q=A3HwF4~SohRuU>rnu{my?fn zM{mg7hYx!?D6tSF{7Lmn9QPi*n~K50?Y-{T77YgD^;=40b6lj-Q`IAKRoe2!3GF9I zs{8f{i)Gzz(T^{SPnJvyp}vER?Nmi*XoI5Ui@lM<0yDkVhhf;(&nEYG$}`Rq&_p(( zPlEka`_o0^xS?DqM8eSEIda{?UlAd`w}t>7 z-$auZUx*|Hp+7mo1X)_?y$KRnIRL4_*2Km72ykGbP$ED_s+@x%aWg^8HpJXjJD1!_ zGqC9yQl*dE0aXyRg6Lx?)>Up!MFXUGd?~#TOG^_Fr#?cQH7)0`^9}W9Jd^~aI?snw zei~%)9v7Bp9Z-9x(_>gM|4FvjR!F4DdS@_UIt(p?6F?Q<&Iv@}1a?tw;gF!*+VEALopa1i)wUFo^uAFd>hZBtM6CG~n^Wd1M1WIkzxWFeNroZu z2J^mR;UuZ(ClK(Jm6JOmEG%5-Pq&O1F8vY;LF7>JW2JK>^*eg_H>t#ZL@2~uAEtX^ zJzpEm+cs#tKHI9jijS^y2$L}DN|6cobKbfLq;WwU`SO>6)Y|&9^x)N3*(vrTVcTs; zt)0v4m3J6o43v`?nj!Qi*n9~_$!AHx*%*3B*oKW;{uGi2*j*BC*2E5rW6Ehl@;E@J z#k35G+w4qTc0F3h64Xu=bayKTztQfZaZb#uu$c&a(idRes%o+m&}c&nc--RE)u9HE zBFsqi*D&h4iIjnBx`pM&{ z=<3RwcY-=qu0Y0Vxt(e|-MWx42RGNk+$l1Wj`o-C( zcg`m8aV~k|11fiYrf@`3_MJ&+dk2gAM_$=p%XoU=ycmOtOuZ@o9B!;u)V*DH&6tpA>`XiNk&8b!qRVU=`4`9O@l zG5+IN0ZJVZisO4ANM&iXA7r(d>So9S8S$y*4V^L*B}HcM=X9bqsr3mH8fpsN{5(_( zrez~4JECU-shy0qc<_bu$bs_`XYK4xV3W}SREVvmBbADkKcNEcz$IE4{jvAaG(hIA z`Q$DlLFU#@WhRXMn^)7LtaQpIo+O_srdV^@oJfcF38C;I2XN+8NJt1rsywK4ZIf9^ zQ0XqX2VXw{l%3Zu!4~}b4MmLP{j?XDv9B@_`gjmYRn+oZcs@q(f#{Re(Qma#izxix7iTV{Ae^)N}^)QL2P(9Hb&r=8D63rDCX1Q?y?;*wPa z=rZPSIGK{4S}x+x$V0d#P6l_{ePedT<>QlLJC5;II*}>PKUOy%Ce>E=uFh}IYd}?( zaaBcy8XCsDeiw%dCxFfsZgDz<;V|;}|BHwdU0!~YU45~~cRI(Wa<;{MbhU1){wS5- z+-zuq>&+gfBmPUgn`fpL4{Inx;(Mw)&l_UI%Guh&HluG(XVA#`5fKs9X(C&qS6U z<-h=wktJA{{h~sEms{u9WUwsxLf~;w3XxgCRQzP0vb4Gly^p-g^5r0(3Y=td9u7k& zYbvMvXbEe#IS(sxrIpSebMJV69tMWA)PctylwLai+_c;St z@0}(x0-Mv)(gss1w)ttLqDZ0q3Ms4O8h=d_uT|l8xUAa=5yq#V<))tp#Co22mU>zm zYHTQ+U%z;`X0HLm&F?=LZc+usz=j{JdlPI~eg0^y6NiPikjO@?N(xq+?sptVnzvy> z;a`m*;i^=T#V*G-eA%{qYXx@>fsl$j#%l(IM550NBx@IzFWvdn$cd&%in6-V0Qv5I zw~^?Twcq!hp>tVi5uM%IM^!c7EEtPhZ<^D{Q8&V-jnqErH)6?pJVoGaX#etd*s43tQi08|0w&)s3^C# zVMS2EA_YXkprxg23_y_XMoDRrZs%Au>d-Anmvo0p2$Ir`ba&^sZ`AX|`<#3Dez+D( zhS_^x-4{|BSQ`l)KI(C>;t51g5PBdh8YJnRZ6(H8*z)6Ktysy2NipE#>TRD(O`Y= zh48)&{@t9f7x_Or=h;bxSwfa|~=z1@fVWSp_UNkYy=sujZLd4iY!L5PSEVtKE`vQ4)Y;8&0%yWC5MAK0U(=Z6T(9M^{YebXGzm5pr*r~Y{0m>PDqFJwrlH14% zY_;5DbJ<#&>Pu`k5ld&3ofzC*@CLnlHKJtZgko3S9BdW`%h;&9K?oYzff?mIJ?>!H znZ~JDPI5UX0}+Y@)rQWCTrQEZ&=U=QKQRo%8gKbzv7l>>r2-=YeeC~PVE>Zk?943z zpq7B`Z;LCVDNfr%Dez(3T-`h4Mf&M-bDRFnjodD7!=E3;Q6uBQI)3Af%J-uO%SONY z3rT!=T<%tRvbDf+sQ3mb$w8^V&2|~@P#FcuYkyG0t(^;MV%g%4UdV^6Ta@+goNN<`!oD2MJU5`)@R}e!N^mAVGTy+z zs_RASVVUHsy7O}t2IuF7gw<9D8$y={8`L22)Y0xo>iWQDy4^VPJ@jts-|uz@334@D zJsk(yloZq0kA*y+gat-t^Ph) zo#ItJ%ajW#U%S-NBV2O^;Gm{i_j>83ixkvn!;7a{Ybm_R?Ypn-tj`j257;O~fQnAj ztJ~whO5!iGsNo;32WH;4va<4_6c(az+WJ|z73&SfDx{d|pmbD~HA~smMbLLio3+|< zE$e&BhtxWs=-c!(l3|*gJ(WxaK4tb~<=TQE*0TK!gcd=y{>~7De{4981Y$t}P<8=q z5ePsAJM&wR-%^wV6dG>_Y74i*C0x<8>cz4rsppyOtN`5ZT+!BfTO;Jgy z`a_&pEvUi^PR@?F_Z-1U425pQz*Gcaf=Jvvy|GAnYS*$Ttlk+^7lMB@(d%=qf}*}8 zc%W!wHV`5J7OUJ&XoC4EKD_W;Q3ZY?#U+_(czk|SLQ0;g|G1N; z#xBTU*pC-TDL|5yLQ~f1?G-ma5f^8ZIvQIz`+RLf70k{+D$^_heqwW+X@?Bi4n7&I zy7Q#B=>V9c^MTiuoBYh=12CkoywUvuI_FWR-&4b$o@)XCn(nk02A7D3k|Ae7`;Vk~ zd}>O4tjU6K>`uKK}Ij9XAk6Y?@tNp*crsvNlVC~We#)FAqz_Lm)e#>o+i#4d^@!6W$W7&P#q zKity`kmg$`JklfEv_}q1ZOfUe22f>CSDH)!>%Y-yfH!t4!RG>uZ%6v7LBooupLG4R5(k%)Wd(nPV;FD+eqI=20kVH1)smp;UOiAM zOKQGh0Qd~nLDKc5z-MR(=Y#hdzCd|`EsoBkK*>K}DVuo-^nV93s?>mr#kgFplBuH4 zr`15q1VjLD1(Bfe76QkX(d{;^HsQ2=k z0+-Q>k+ibP0@VXiAX#yhLYk3TDnyczqP!Cp*T2iX`QYvg`BR-VZ*c;XGcx?Vyu6aq z(tMhQ4+VBM7cU)k9^09CMmm^zO}o~quXBBE1JP(XpL)4{=F+x3B2rD?aYN$8mAuZccK_?`1O z__lmBeKU{O#4rfcBn2%&Dt+KpgPEA5?ivEfgPg|eVl`kr~1oGXE_ePogoKh|aa2u4!*?2N2D>!=87IBX6ic_j>xIXXSo#8M(Ev zPFSD`_e=-%#Uay@wEl5?j8NR93xUZO{F5&PiSKJ`YDT=Q0|Mox&1xhl71%b5jEDk& zT#HCU(`;G{=<-KkHf-$xAc!l}OVzTWik~Fsn~A^b%OB2Pd;1-uxoq35ba}8=joxY! zxv!f^p8u_0i}_lMBC*fm#Pmf){tEI z-(o8p{mU<(3rc&^Nya_Z%O=hHL^Wsd=TnSE0LdkiJM4||{Q{FX0mc+6i5Z~a%ZD3g z%p-JmBUG~m@CvFzU@u~P_H2;&sk-+OxDI-~5nH>aZQ*%A`}X9x{N`m=M>hz)j7xzs zZk>w;0}6I0()UGy{Mx_JA`JVrjZpPh(W^*wZ~zvFPvyLfl#jo##*bV3YqJBKenalH zhP-_rAmJYk9I8bzE+|Z?&<9_;mJ2P}PPbjzfsYD9(71Ao)$;R?tyz?1Rf^Ju!Q#OS zA|iN0J3CETKTk(;IDcw`RNb#yv|Dvh5sMEi9~yA4g94xA;BQA|jqvnZ>5e(LKiuXp zRZUMy&8xrpIjeD^jKe7bO0vF%<_6frrO9I`5H8q8ixc!GYa9)Jb`@h zs$O6(lRnEtsf`uL(2?OxiyM*&#y)lgR4w-b;G{5f%d~<0wT}NQTkwxx3GD|CsH00f z$_c|?uk$(pb2bULo0H4l^n1~~{!II>Zp+}4t@baPe0wbk04CU>A_;}}O={s_wBRCC z$_De4Y{>LOS9oxAC7cJtzQ)$Nd+oegkLp%(i)VWB^yb);bmj`zMUB%7JRtt~MW7ms z+dwKW&e_6d^AO*m`Ykp00(hwmosD&U>7eu#n`zURkk#$?s)hO@X-P>w9XuVPFh?)shXFv7JNnaJV@73Ir18>=U|{&nDi8lQ>(> zO3&|^e-3(CmrGTi3V*w$Lm*U_8PHKJAcwF!2*f>(7(Ot2(-3cIGeu2RWBdca*myVR zKQE{TuSZ;j$n^6EI!}1<2j2M2{p86D+rszAai1_@9BAhSiE~>O$ilKJkEL z{S!5KED+5Ix3s)!+lcM-T+Se*XFh*ocRK);iwrY&&l@ z@SYn1LTj5J5eUnfpf&)2(Wx{H&AY)#>Jr2D?#}d}VZdjRGE2k8tSdjh{wWLi%?zlz zR$zIDr32i$(Li{Ci?D#KhWYIzbcPZjKLsTJ!GU4JfsNJGlA()P#?cmzy|1#dai3g( z`0#50N7v|;$L!7*{Z8&X87^SJXS)F9qkuhhJGA8_TJ{CC23S!J<7Ez}HKjbmj2g9m zr?~Dy13Dw1`tqE(x}q2+_s z60?r;+&u3A^@f5_0E)EsuCPdm4-GT@I`pBg@}0tdHcAfrf5C~PX2OPH9z+H z!Cuu%It@8Iu{pt;`7;G~9&@LGqIvcE!vo1}BW2SZdUfyPvr^s>39QfL>QA23=_!_@ zB^0?I%p9pVo4!+<|KbeS%=z$VDvx|wLj}*&K6e9!Rrb0J@MMg538K(wQiBlaVnQ*s zBi8PGbdx{y-+Z%Jro}NZq6%&oUYVklI#Nt#>B+xHPPXX2BqyC$F-=2O%Qhr%yWGB} zPOdlKT)HD68Xiqf?J&tF@n%gr zsSEJ;qLPKe^>Ax{|EP`_QmkKqI=wbadIYG!u_r)rYYo>WM*CVuyIE-GIgVOp`rW&@ zu$mL`0mv2l_PQCk!EV1$^o<_rUdqOy9m&q0JRQD!-t&OW z@~y%;{p%CRexeXoD|sKjk(d2UtiJUNCHo0mGfP@+s>b3Ep`sjm$4%H87zEWS5W^sB zcpn~-koc=q$69b-m=8Hvo~*MU;&*YdG0~BLN?F!%G_5-Fto9H0lLu{!N{9PsDacg( zis*tLnswx1ql`O7y98kIfdx(SKJg}n8to;h?6EAI#`07@>5Iq@Z`Ur6R*Q%fX{6Ny zMT3p}>UUsQy0Y^!A}Kyg#7tPf&tc>{I9mukR7(Acy0c1Ki&E-)bOT zWq5`^D%12J;zq@l`QCivG7>&oM2t34YjaQ3MZn0SZ1$Ps=hK44wPRh;-^cMa49qzu zZh4&fKY6AcCG{t0MkT$1R!6=~NCs>6;8+dZjLH%-qYTV_NK28P*&lrTHBRBpkJ4l< z;A-ltJgOZKt=ij;HrV`eeyB74;baKka`pM>nZg86=4R{_RR;g%-^_t2QzS^)fu3Wq zZap2?XQ^IUssH%3?P3pSvHgN<<$#IrpSG6>*ICHK7(ioUJO(BP{oMAW<@4y@hVwbD3ps7j(pJxY)uqCIJx?0J-DG(JZg9EL_c8 zT#A!!C6By3W#{ATY-|40OH<}Kf*FtysEZx5XZoVQ;_Q|J8wP!jIA**F;Jw8Mqd;(7 zv|-!K_}SOi8~Of?yLOf}eOINPBZRO&g1Sd_^(#Zdqhp-C>PiX(UD})Ob(6bu>m48o zF4ONibjsAcqOg$XBBda^-ERFSI-Mf+nu=v*fvs<&a#~ubw4s#4%WO{V+@0OK-=!LB z|I`Bf6w4Vc&+<Z$<$b4#2L|;(gHvPuzz&%1jkhl4U#@moconQWxVLRPo{^$PBwYAJ za%FcsSR0q$LinaArR@*(zM|`T_rpmlp_H2@5^WkcO5eIpC- zmderd(!_=jCI|hdDcz&ecz(x29D$=$k97r~&U(!=vGyEGd8u;NI##_Izk{s6{x?CZ z_5x{d_k-C$eRt6Dth*F*l5IJ?05xQK%7BZk&{|PRh5HEus4lMxY_0yH&t5+bjfwp& znf})g|K5c0%T)cRPa`{TE-iU4)&yLdpk<=uad~upzT&Z|iB2ZwSr>6CG9-J+LbjfO zLvys=;R}CIRTEm=NeT$QLPY`eXf{e#|F6^kb+KsVEH2&y4qDv$M5wZrQ8qsQc40Ta%Rs=ip3 z9C#@TL0R1!!5~XRbPMHF&hCKfHcC85kGFNjr^3a9h-Ig$ZS)nfj&`a>F_?!LZa--C zL|~<$Z{*`*1d+S@#C9~@R(@As)V7M7r z#DIGj0~;3`Np%nL;(RQEkWi#=`bny*`uswi`KGZ-bmsbObEn1pXCYVhzUicgRUfeQ zW$~~+kZ`b)u)p*iO`qj_hpboZiCh12W4JV;_*A`h0NdLb2-MUJYQROGBGy zSkzWp{STG;*V}eS+}%dvtVY8#d|$K0p*T&u1S#DQlAEjaWNwKc?9MP=uHvp(X=ZVB z@5?8*TBuejy&ewkRigAo|8#R_6TIA|Qv_zvD?VOZ*eKG`L#P=)CB$>O?admY4rENP z5^$GK%)QTR;X%sdPCbliK=4UM-DWE;F4nDW>O9$}9MkYzjv}iS?=kzd;;mABWl2jD zl8CQ!usJ}$u2@j%<0H{{S$Nn(gj%_X$z|3@FmyQ1QAbQG!$UuKP^|J3h@%HsulZyR zSxLZTw$c>VP$YNW4S2!k1qGtBB;_gLfdw%~9d_=VnfK!0uHui)v8)@TmooSY#?IfC zj3ES4Kj2HiZdV*@=z*geY>XDHlm`-5!Gxd-3a`OSI$1>w4f}b2%R@8cA8m!GnGsh@ zp3J13w(}=3@T^(N+4C*>v|9+{L_2D|;x7@|T-uf|Wes&f+pYh$0urG1TxcRHM`~(K z{84SxspUrJpqr*LSLDbkOAr1MDl-CgaIdaCZ3IK}65Vr3S-o6C8Nh5@CW@_XbF6`T zLWC@mG?WQ3r{NzsRsoo3FZvx0yg)soz*@rYj!p`l5>vVCjEn^KgRMqlidFJ+V3PQG zWX0BOh3{hj%GWP+8wM#Zv*DTE?%Q96F56uCss#Y@GwS&&{0Xu=kjOStW)n-NBPfp=-iX%A|n%h&OBK|&8%$+GB9H@J@UC$ynGT&}3V?b5b3xUAub6Lz1pdrG+21RtKOF%LXYRLWhNHC?4Cfrw1P0eLw;-N7fl`JNPrNb)!XtGfd zkv=U)a|m8V@uV1*nzIlg({Zpt7zD8K1?>#t-`IGvIOUZ&SVVWx){fTna4z9tY^;E5 z!zP$vL* zX(2V}+F?wvTOlTMKR~42|0*6wf{gb=7B^c-W0Scp{O_#Ra^5 z`fe))n$JNv#K7HZJ@s98U_whgo?FLCT9Q;aBeeX=$@SAmr+DoxLVkw^+|1 z5p*`X?_`yQ&X)KA)(HM12!HTU13H-wM_00OM6gj>}koXca@;i#q|hgMRn&SU}!**o9C$OiBg z=Z6GwX*gUqq|rp=*q|WL#Pkfb^9v1VmvAsD+)P{r%J*LBS1YX=Rz;Aa9Dr>23t;B8 z(bO0H*R=!5@ZUiP4S9%XH4uaknI18Qw&?IX1G3od&5?XEku z7JX_Q1{@Q~cc~eH9pC`4bdTdMSTr;`M~H?jJU|fYGCG!oZgcgrgW-JVR?lcN_2GU> z8%@oujw>HI2Bw!LSim@ZNj0Qln2aB`)fRk<8%QhEn8S<5UzE&qcerQ0Z*)OSg=Q#{ z*VaYTd0Fx#Ky$`fsJ>W0W_J8JneBkp;hKwby-ILFc{A{vgR1UvYqUm#t9=$S4F3`BP=piSNrc7L*! zaXD0JzF8(iB6xk!y0QPgP0MYhF32=n|?^6x%tyQ@L|89rf@W$gY@Nl{Ov^OZ(Ag`37XCT;Jr_+@`b)ryQSFY~4)1gHa9gWfNP8Vdqdq zaiHAUC|kU;^EW4r4z-{~=%W*m96u4uga+P_qKl_%v5UFkwl|#JUA~L>aUf<{%43pJ z|M1=2W=t@^E~a7Gmj$5Sd3EL6Sro4j!V*42^}I3$fQ$6DIvE;BL1NNNXSni1Q{n!H z@z(4(CgTl==19~ul=ggQ-y-lJ>*tX5Ro&W91MGw+@JLo0Kx40)dd1OE7$EgnLZ0>> za$#d_yk^UR$hA$R>11`tPFU=mk^-ie9B>m36Br~D+_ja_JfN}#Lba1M?Qu{o9h1sW z00oXZb8~6R$|l2#*dDKW#Lg<*`*r3}A~z%XJ$9B?D|J{I14|c;cZSr9TeYn*_+@?v>o4m z(f1mQHAR!FpoWsOFJGrCp%q@wD`j!|cdKR`Od5m6zL~N_ks3*p3kTHl1H~i+OfyGE zy2tFUrT0M*-7g^i!&AXH3XpM0wW5Pr68^_^lhwqi(9GrvN;44;bJ|ap@mGoD$|}6l zegSzMSYp;|*CxK`FFetv7zj1{*p{s7P?r`m*e;7n(1n3U7!#HNr+~bUIU;NWxOfi|+HZoyXc#4H4$+N|mURHw z!Lc-CfcG4Jp*W)Qg^VzzzhDVl@@}@ZwC}m*F!`r~bRmc=0C3)CKu>zDC(NQLz=(%} zl{SXy3dcb4Cmeyj@C)yppGA8&3Gp(!cC*a;-)ck}UvrNZ9`X8nlat!(DC8?6}}!E03WvCw4D=bGTqV_;81i>-;loWBC@ zOb^L_cN7X4&~Py#h6>d95sq~e!pB#Sz(Hq*jBhsg+r6AA9>z1`rTYbI0v=+v+yh^J~YZMK<=+fyQ9B<+;zQL!n zMao|cQ0vQPw6N5s2$kge@pnj^Zk_RiI~wYtdkPSQC4?A9b5#iNIBLV(v-#CBlp2A# ztmZ2r4&P0inaAwfr2*h1IAsmZADZ?Lmfi)!We3$o(0pGdBM>K6!vDa>CMV~f{;37{ zjq=|TUg^>HYTsyvm@*9~2%a!ll#fIlk-CIb4B;sQZG0LIcaRM*qswcZ4gQb6{J$qb zZiwVNv?B{4qD9`tSIx6Bg0vF7BM2)kFLXs~JQz<6MBF(SpdRDH8v0jxh8LQ2AyNo5 z8&01>)1dmBEnl!4B}9IdUI%LM35gOY7#!Vx;hscr7S}@_CjgIT^a~mYBj~|#^sne= zVH+5K@wO}##%#fyA3vow-W$FWJw+{BmnT25u;h!_u?aH}$zX9WioTyed6 ztH6lR0KE>vUw`|LBBIm>l+vi6(Va)^Mzx5kZkJmf>7VA2e~MhZQiOTx%Nr01!`rGS zm#KmR@GrV_aA|#$C?f8?wo-Y_{?%g<6es>)D*CtoA-N2A>Fbw;W2Bc(AoZ}#%m;|= zg|gZ07ENV>+}3KmV-r$FR5Q1M|GiJRwb2~y(|>5WSZX4D+b?}_vTwUgGepv@S%{EuHkfT2U^D#5-X>uKDjm{3wPfIX6ZE}^$T>*my(>I(ZJ=ohNKkybgR>RkjS!p zts#WXU=DjeP=kzx^w-jQz@$XZW@}LmZG3BJef`a6j@c1aH0zl z)B?>g!Sk~ezFgrqapq!dvS<-|D_clh{1b?}Xns=qhU`a-O9DmAQL0(=%%QFlD}+0= zpwLho@3-8I5C$PBEM#{Pxn5MJ=OxCst;jk)TjzF{70pSdJvWKT1=`Fd5iU)&a} zClbiUUvqN*k!u0)sLyQ!rl~XyKyrL$s$amwQKcgOk-JvZ2n7^tUKvTz7fJ(c#r5;TVo?4#Una|Swy77d+h0V;CCj=pc zqo@=h=BlOSla}ta)0;w~w%HfGZrj0Tu$T0eIjAs)6I>2 z`(D)%wl@%>tNnQaMkyLTb)AQ8zWS{kSzjKBVZd;)^N+;l_?P;k%PQ<`Y%e{g_PhS} z5Tht2G)E>9H<6R8>f`Ho%N_j0)eElkS&tTSL%4J356L_{IGNI|-T)+r1VY1hVUauq zK`t^6bsWfn&j2eA(ngC1_p&xCKXjvZiw+Bfxh?w0L(Q6hs)LQbwjF`uh=&W-`+I6^ zt7BI8)J@$l5zw^hu+5^mNsJ=6NkIL_b@4wg3*5bd{wKyx14wz++#94NJ}kMwk)6-J zK|bd*Q@>KU%xNSxTDVhsn}7xttS5&~MU8m^9VtNilKr?q(8NgP&a3%a(SzG(zbLHv zr5mK_&4Zi$if8J7GR!7T;-HS>m8}5RSd!wR$T30@N9;~wg1i?wu>8%Et7=4v>5YGs z<4R$n+dmMtkQWo3Hcz}3lx4Nx0vXMq?&}MrsgwJYC zmi+L&^~<{RWMwbV5z-0BWf(ph6aVL1;ml6t=gXj;G}3DK-glIqsBeQk0>46 z_ff2&Z4U*)~;p*jCK;u>V-y`)b*hLv|j<6o&hIgBT4b^Nfc ztK-(R1IF@|UMgZ>->}+kLGyx8iK!C%r&#QSK^DrJfq~*Suu~}c9FpV!c>0?V*TrqH6XaQ^`Nd`zX5f11yDv!%b>jg--QT{^7K`424^ zAG5#sVuCJUL3an3$<#bHOlTaKKQJ3s#n34l^}LBlNKB;dy=Yf8xc}yQAcJ>J*7_SA zbN&`QN_B^klN?|4{WveUqqn=DA&>TqjOZBa_vy0ukR?dwt(?D>+~vp-uKT&)*j3#* zR|Fgv-h>uk!%09QX`-7q@&~NA4xW|7mgatvT)SSNvW-FLU}L*BomO(9aJuwp&NCc& zXoFaf&v$fI@ZaCSf>-E1-K$!fP3@%p*>JESL6z0M*J_&jG5dcTMWemnAO8Jk|MUZ> zmjj^;biHAJn1u@D>R1MQuZEg!B)LCKlwV#hXclHJ;sohCzc;Vyt`bKDqf;7{Y|w$% z|LHz|i06-}0tfB}XZVURYWVFG{Kn&c5HJ=j*;!z8*wL?$ZcxmhI2cWt`QKQiWBT(r zkA${qMVCGE)!hr%Bol`8wg3LiKmD)|xdq3#({E)HV}rS%Q_OWa-HbQ(=bvZYeE|Bb zRc`*gU4#hxZP>caKW0O#pPrfl#;oPaMmK8h4{E5HmZ~+vQB)!Qw2>0kwL?M`Iuu{@ zcd8B09>sGFoJ3nSX>d$=Ls(I{|FEkjHjqg?4wwYhe_1E47a4=NbwW0}NjYcFL;d6@ zALnADeg7}&^wJn!v~*-OUP3JvrZxN00FU?YNa8P#cW1BsXl~Qr)cn7GKpX?-emkr*{Pka8$5Tngc zEwa>B!ALK=>k6fQIgdk{K+26c1OrvBkWG@zBW z!RWJtihTF#rlzM!TL$avuMfJe_lK|=Ry|)Z@2-ZvQU5I=y~A z9KBs32J$dgH~zjb{12d%OQ*urDmS0}YI_sJ6#HFK!bwKm=#09vxIFSeC6gUfB_r_( z9NcCXwmxUNaop4z`t6FmjTpy8iy*4IpdjZD2mO;~IieD(OIS`$PAi`nsENEGky;%a z82HD0k@_ZO97yYNdFUH@9Lt{bS2gn13*{~1&#oOmmm5XO; z#|}z1OU$^)w6wHZ2L{MPC21VBOWi^w?9ASsb=l9TZXN95ygAUWs9d$1Dd_&7>Dhzj zb7Noho4nf$I44JzDjzoJtojOcKS%CA=0J z-h83Qz{nU^T+9be#sllHe@w68UE`>ru_YX2f(C-r8A)IrwS-bk zTH>vGMg=(~H9Qd8viji>M$*U1PUD;EpNtZv27SG(p}oDmNvWw1qvBqDAKP=fXDrbn z4?h!=umEWD5j0B$|B%MYeJYR&+||$Nd17kn4JOr!7#SJOS@cnUkLtr`?6matWlDd; z$jtaqj3LnLK|F9OzN4fA0KX!C5`8mtzMkFlZC|6e4aKY35Fj3>S3^HK+AvL^yY{X4 z=A(r2av@Q_tE6DCs(7I!^Mi@%<|Vrk8+cwl?+0%G*(wjsn1EljjRd#9-nN^={lF0P zW{JOT@Uqp=Th6|)+`p4v7nW_aZF%pK{P;VGMC&10DByuqA)N9wqag@2v$wIg7n4cg zR}<8m*$Uyvp*M^W;KB|f6?C$}XGWb1tP?Eyl%e@aa>a7deIFA(+lkbLHm}`6wWBFz zKe{tw5PR&4zEkwZ#zuFJkqku6*zX;m)Xj8v|F~jckW81E=Hq2!aGxR2UXTt70ANwS zZ4^~W;3($jk4vN_lOhnSeKi?zB{7viAGAO~52pd#S6U+~%A-K-^OPV;xB*psrcHHeE%0m}qZRz4^~Tj64+uz(1N zO&yh0RQx!yq7qGEZNym(`pxvdyu_B1lY58x{cIrpj%mytIMSpB6T=cd)}*V!edxEH z0b*EF7f{nvQy!h2ojgD+^e=xm(p}D8e(q(09(Xr&_qLV+UO^Ix&k@Xmd|&$p2B+XxufSB9gtv)_cE`D0DL%Lzug#R~ zTzA$DAYVp;N`k9;efxfcZ8b$3S{@S9j#*rMQADNo1CPP8d;Lqr9C3i5X(U5%ZEbDk zw6&QP6WW9Q|VcxY3r+Av|`9rPE$LY;KaSl3};$O-xN+)faNW+Ioc0 z*1K4eIGSVKNCDi4231!D)<^4ZE(|RDQcix+w-Zy6GXK~{^i?e?2YUSQCMJ7m#?+JM zSM}|+eHlXh5Y3}#W&8kp-c+Osln?=1;8(U_DIXEj0(^DC-s5yFgK2##7(g-f(-PC< z=+*i?G0nR@lk=w*z|{NDxi2ouZge9lB^gAaRodi1s~V_(Uh0z#J!Q4>k!?AMvDuGJ zujXh8L3TDfcA$7-Tb=F)b_@6c$gjZK)`S+C1azyyj&yb@{x>j5GpDD!%-MdfH;>Vx zVsTov)XWu3%oZ&!WzRHGf^G$BQQl53`1svBqqi~bYqeg@q1#_*#b!6x{S^#sRg{SF zc?g?#Lwp8d2Qcw~J_MdSei?Q;n9m-w7bTXJ3Fe#i;QI@gF)wV5E6B+ykrNShY|AGc zE!Z6<`a|`FE3q6S{c66g-Q6VX>+7J`i!V|d>;m;iGg{~OSUrhISVH_w4vw^M8x3!4 znhg|ls^?qyv$#$kd@}_0fI_f+9>Y=mS6e$KZXXd4XfPspuGzZ=do(sVnI5ud!1^7? z{z6AsvJhd_e{4Ta9tRMXprD|5NW);6v)*J=q}8mJHxT%ZavJ>Xcb5>_jS_6&Q9KC< zF0wP17QEYJD2Odx8cEr#Myg2o?aUOFl|>yL9r5WDl$Gro%t0d>oF+m*#U6EU=#$XZ z?nA5!R)`%TucU-uU0r=7REed^-hD+?QL*E`h=|gi^;j@J>MZV7IzmN7%*Hmi);3d+ zu}Q#OS2B{1)5PT2VTQ{6BkaAbFNCjSBm4^ph`S;0ufWN*KfJsm0jwufqoH1NlpyH8 zZrYmh4;y{e=p371p|9PMOak3$DjKnibY-*B)athxp9|r!()A(ZW`+=0S}Gu)40cT% zSgFGr7?rGm%1LP)YSAPgj(C7D0l_Spz%6UomLRpf%4*;nY?PjK5=wFcn zQq=J9U_T2CDc;&3_phFrED)2@axD)`Ia&eDa}l|5%G^p~bV_wAEEHn53l}cPDJc<6 z+w43|YOpe!C4#@s`A~43YjJkCkVyH1n}7HL!FF~Gj8zJiG#e@x)b1|jEZ_3ojs0aW zcz+NSglKIH*b7IB&!PECk=4o=c58b(VMj-i`y?aS-vWk1zvsq)Cv7+2-_$K0X9^!^ z)@;Vi?lA-QXf0TBGukDS<`vB?OqQ3oj+d+$rId0NdJ_*b(v0gOg_-yEWYm?_CJV1N zX?`Z4UjW9~u>-`nHxCL`%V0f~$`*)-_)O7F@%u$Yg$NlL833n^`99*ld~@&2gCt(< z?qY5e6H!73qk1TXfFwSbTd?Twc_D8(s4J2P3`%cpX~6~Kwt;C71yaX>fhXa^G>AbE zVyNqDrSmzC@E*c+I%QzD&>xCfzc(N3ewj$A1DI}+mhmY^mXS0fCUsWU#`db$r9oD1 z8kwl8C>klRu&^+&c>>haVq|E;n#GTv04aIiH%H+gsOCRz=!KvHvq0+fb-}uxEd8G1 ztwAlB`?if958}Uj$M7>j1c=B)aJ7-Y>D{a)V-6?!o5f5`;{d{bOxpnHe1>ny`u~GY z^xx8v%d8u>!a?6rU}-BQiJXn$I_9~twzPJT%tI0oPkFxB-K@dNk@54^=A@S9pU)*> z)4dNCc935Tz+D2gIh zQY5BEU@}6&4^+1nrfO09hUC8TcW0 zuO&dGxU4uo8c*y9RWUJGp!f!Or$A^4?PuDHIofu70?Q6q$)vB~MIVm!jl5zi8EHFo z>ccBX)kYIqme1^ka2dGR*xA?4tZR&l32P9V@Ah5FBvVrX^B%TWww9YOi-6JxQ*CSM z2&HfPYZ`NW0aXy88^4TU(zAwNR-+c80xg}Yjz#a7&T!grfYLex^b{nGXyq6 zx3>e^O5|hPG#w)&e}*f(egTD{ATP(!{bd7fei`B(91!oUhulx0eM@^W5vBD{r|ZWa z32#KD>Nce*jJ$~6aRSX#p6hBHVIwkw&PsEG&a4!!&ukTy18U<}n;sl&^td02oAs2_ zZo4)l6>rtblyL;zau$*nw$;6*Gk_1OqDEq^6KNOs)`j#SCXBIisLpMZY~#ya`h2JZ+G>LAe_a%2wF(G z?p3(k>7@ZjBP~X-q@Opn$NpeQW6Qa`Pa5 zy7NXYnGQeg;LhuFBW*gxOr4g!R+v-O)<#ulhRUf9#t#n!qBP5Y8k{nC#^O4kv*=H& zV&>t#+vHkDQMN0zyjBc)LjAfo`#EI9H+KCs7Mq7orucxa77%Z*cCxzR3J4GAg#Hzj z*p2~EQaYNKVe>|B#X$IOW} zw|>htzF7arlFjNLM%-5~dh_;%^`B$xGWTqD-EMLNgYnSTDvZ4YK83)Q*Yf|xz5f$e zD=NdAK+vyNEPAfYqyUqXqCGZ|%h$JJyZgfOehH<2^uf;bjV8W$D>IiJ84Hj2W+6(Q zozAklA?64UL7_dr@2JBj*Ta$KymJ#(8W}}Y2VKI4MrQr}y_ty6bIp+yl;uDLY?wDL zr-}t%GHK=lGPbf6Q)nr_t7dOi+PyAX`|9OYpm7=>MtNtt9wOa7Phc1nU$U(_V-Z3C zEMbW#$P@;n#clY=4GawSdz;Y>*9rvB|M1@K;{SZ_f5HTGctBRkU>QGTl|=9RM~i%9 zc+Dhh=yK21Wo$r2babnASw&~>u~}ac_cFO)3bW8*T|u?=Y(Wiixn1+)RggxG-dzp9 z4oW0wh22eo;NQmyAmsp`+XSEMBzHz3u22H==zLzKQgD->y{3KZL%(@2^a^P8E1N=V z;ckHu=K`kdY--#~+@vL=1bCq+WnNw$@DRX~8J+j=bj#Wf==QaGzvFK!3--xa^etp` zIrfW#-TCGkE}{EwD2dcEiMB^e^7!PE+Ow?wvRK_Tu)BlR-P%eKI4-!HVcO(ZQv;@#zy`|Ew3=q#K(NQ|{@K8TB| z82-XBn!v4z%h?fFH)IbK+t9)C;ZRfAVW(r4{fWbf-Rc4!ZhotN-7swurc=Es=W+=; z&Ptw7F#b#Hwp8z>y-&iA-M?(?x^-WYM1cX*A&BRNX{@r-G4elx9 z@#Hsmv{`5C72zoe#e(rKnm2bCOze{WEioWX3 z^S+}j%5lNQWja;ZvCAQ^gDlHFjnI8(Y@ba~ko?TWs~*pau2$=^f#`rfd#HU`BDzh8 z(C#j~yFH}Gp<`E;mJ0zOFzvZI*<7nqZhc+4%#EJm-VMP%4SYM+EcaVi8Vws*_BMt? z(=S)JyWI4ucF`=&CP`OzPVIAmCjTx<#HiEP4DHWPj%3{1@L zdOClc;GCHh6^Pa-=k)l1U}5#S3bz~OI|C@WjPqh#!9%?XQIHjcWI88s@Xd8OnU=z< zQ z6VxToA}u0y910Pn1r%bOr*5^qG9D5c>Fd5VNh$I{(eLhue(Uw4*t9WTx3CcY?xvqj zZ`reTCr!0Nx7u{>E2gbU>D5Cn8=pfWB7BmQlci%MlNG%*nY*x2cy!ja4e(PP9)$x@ zVn&c=ejHJ9T80XwFTnC-Vq$(I`{9ajbZybYt~hy8ic&*c5D!BVo=eMMuB~#Q7TT<8 z<#{&t;405ks+0~BLhou{L@43vlgR%~LBFUBNdc9@j-HaIfYk}Vpov&KdlSh%Z^u8g z?o_&5L$3lTHnvb4QIegaUltCEa=f=kB(AAt}|HA_tLWyxY z!ul6&Nz&jmZ*`HPdQ4aH^0vH%_a0ph6~Jw4Yh$~8n=oFU{)h_*E6CL0{JItvzy&)7 z@-xTrX{NA|b|vKL%8USOdUkeP|y!KvW z&sOhdw7-1vm7=>@lQT+3k>&n!M5>&>x;eFw?c8AD;({w12M58|uV3YugX3iBY@n!e z!@T8`G(6_!pag>!!u}YOmYyRHagIo;gn+?%eWoKMJlxxTztfY)-3k)b`+Xtx5R*_T zTWb1yx^`^E`BwRx~S`gN=#gY6gn?4C3*IvqZ4CJ0R$n-u$qfWJ8u*gS#M z#(w}zOR)V)p>mS)i_~f<;kOMW#dSau4(`A1^ zm8=-6ddmWARbvnB>u)uOmqXp;piZ%5bOG8IdvrJq7b1l&Po1v69p0#_s_IcxRJ2v2 zP~oGHspDf}d-Hnu{OCde==DMp;^g*aWj_;K2<;`45#l39p-@&!!=ICsQ{@-}uSYjq zV%C3@6$7KtV2)dZvJFCHA9 z4~U?nD$UQeD_h>DY4d7!Upd8=Who;mBU8Jy^fcf*U{joT-^W20o=p&%c?f090FPa? zABBzsuP8!*$KH862xQvYevm?{I}{`nc9>8kln_60r-*h|`KVK?R4Jxa)mzk@DQatK zcf{Usqx#(qF&+81nzGH$8=%7M}+EgUhxfy zj`sf^%u;I~Ekwjp?!qiFZZft~t<9(=2;u0HcuYr{n7KJMMF=kmN54ik|wZU3I0oe zsR=!|DwlFzgjr>(sF>&|6N8toe8VJ_TX$wy)nz8DMAyYd0LU@E$L!Y zd>`61XwXvgl8cmLMA8#N1h6jp}n6E+3XG2e&KkK zP8Av|^PmWks^;IT4#pN-t@UrLDsTP3SZL+ck~G2JZ9jrAYkhStY%M0D0%}hv z@JvQG@Brfbm`O~K<%SXp@nY0Z%lU6;`cnd+XNR5`jpAni9b=Wzh$5Mh{C zeDj{PcS2a+`+P$o5;yeT8?YR|gYMtl3S$)f)m84YG3)YBOlI zJsy$rBVsHdf76vy2^ey+v+;>pw0*$d^sS#cnbj;Z(f*nlxbgDT*TV;@CCEWu`AFu; zrKXFfc6gjIyjYWUhE`W!|0d8A{L#NCkrsj@HcI>_V=Qd9!3(Gr`dI5uz^Ph9g`A2B z%Bj`y4}(X*g5>3q?>Wn(1ey19iYQ*m^Wwbvk^cPr?+3f+R_V`-qp5cQbqzE174d8#^=)q)DUBdu>}^vsg3I&Uuc zf`T)#BF(|GsJiiI@6se`+SJe_oz@_O%`Gab_c)hyl8+%{XtOAY>oK$IT%YaY|G-{1 znfm{hAJ;p1f1PofzOJj<pLg<| z?eFGx>{f3}&d69HtYU0rbcu74XPDjm_iI4K^|Ji7HTX|qxaSF+@37_s9kzhK1O+z> zbUAYPrUH8la|31qYdYYZPWS5Y^~Zn%;(N;S6yvH&_3l}i-?vnpyjwD7!s%zqvrntu z&v}^A56o{0zD%z#=51Ycb)V$Dt@pCZX6=7{VP3_9TK1%038tr>7J;U_zP-75nRBA1 znqpk*p|k(D@0?>W(`2t6-t#$0OBHdz0H0i=w$SKq!py3@_c*6T#>Dghryh4~+atAp zZfwW(bLWr0S-P~>$#~{$NA`(l-ORLO(w?io0A9{i6}aGTTt6`I@8%u?%H$snpChlqsjwVG2Gm<>!8ue zbRm_=EvJF2!IZhia~70XQEYdouHaPqvTfsc?%FtBkR1U!Eu>g}I-Eyqj3&0W-f`pmnz=hDJu z-gv|J5^%YjS}rk1!~>ge>o`lA6U^98t0WrUeJ~^1IStqcRL@u@ZME4lB<=dFf)5TH zH9uF1CvUxYXJVXIYt5ghAMf9txLL;N2h&}FnJO~CF_4^=V=4!YW;Z8Kn!o$L>iq3( zCrX+#+2VcL@dob_P>)_}`MPwxeu0ENuuT4u3k=$F;A-qmX8-T}t^I7gJ8I8icBcog z?SF=zITwF_VjSOF>CW@@j}FROo>qJ*@S^QtiF4AV12f*eVmo(7N@?@YnI#%8K^G_D zbXB7XaP5od=PzH0Ia^`FYNoprW-RG=^8DSduiww!FaN)7b*uHB_pI~&9ew@r&dbl% zmyRF)?tAooeMOr4xuO#fxJ#N7C;9DeG@5On|97AErk^_xhF?;|;~Yk&Okf{=@;7sb z|2UnDq}^7rAbW?;_7&TI?^EvzbGgqoXJ&NA`oBNIt%LrH&#N(bH&5n1Fy1D~HAXk5 z?wY&*?)R4yFKQwgfW;CemQxkPZN~Vr;J`D5nQ}V*p3Dj#mcF0Uv)Wtx_N|lmE@sty z+}xk@TGCAYg6ItyHRo1*F#z;3a4L54vzM>&4sO65-FSs-&xcd36|au0zJ2TeNB90? z?(b~(tR-gqPQ_~AZlrt`xKa2SL0TW={r@VRi;ufC?cH*|o@4Q{|37SdlS^PT3$S!} z@D@1wS7A*|83I%@A*gZZ>eC<|uIe`~2TGn1P1{_FTM-CGDY@`k)VFm*D(%V%i`;odyz2#o^N* zyPw}H^;};+cjdyB%!@ysZ0|pIO>;2UsJ+0D54-FRmzfg=>qs9vDYdT&N_ z$8~+3BdtG|MnpvQUaeAAG78jumRz$%sQr8Iu`>@pR@{G55&vyDp~I~d3_x4i*-AJ4 z!r!NZ*$sCD9)?0G(8wV3B3>f>gU2YC)Tk>*!;)|x9i`xaB^^Y*p-sB{&;G5xBx0(B Rr2+#Gc)I$ztaD0e0sus3O?m(T diff --git a/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.png b/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP.png index b1abdc907a9206ec031d068446d8260199e114a4..f357cc1b672aa9d53b2e0e5b3b702c95f7b94580 100644 GIT binary patch literal 130651 zcmeFZXF!wLx;Cr`iXfsQpeRKd1p)|)6zO9@r4JB-Bosjefk^Mo;2?q&9SyxH(h^8$ zfk-a`3Ib9>??~@8)bOpi_daLuA)fR8|IYkyM&@CayIyx&LE4&kS(vz(4jeeZa{u0K zodX9B;|?5PKr$W%Kk?r!KLP%A&`Ia+%>%fm^HT>7@Ey2+`*%He<_3@NT7% zEj-un>`#`|*3%uF*Z}ew?>-Tx!YXWxUhdIP<^GOpK44#maoTT5!wJe7h$n z^yrzhSI%5KL4V@^WSM5@}I|G#K|9`bqf(V3S84d zPMVD$oJEq}(9jUmV%v>m!qulbUZ8dCwJX|Z^w29ao{8a0C;60crMa~^C@5%FK~a(C?c2BAT4)0({5T66-}eJ_b8~YoJw05T z%>@Mo_bQhQ@g!kMkjr_EekT~)NSwASaRr|bQ(s~!)ZLEW_osX|0dM5Zh4 z^()j-P$tabBS-Sclap2)1`4}XZ@SzT-OtNAUkp2b?9N_=c1TEA&Bg{RT_)z3b~2!G zx;g5!BB8KQ1!j3S)3AlxX4})O`UN`2qZ%V)-Y_kauX;h>&dzRK^LKsB7s&CP*3(!A zo`@k#7%$H)z=VBbFriI(pin3o-yL@jJ?=T)mw~+fyy5a>omroy#nsTky+Bfj z6%rX_^(3@ob$iuD42bOYY5sN)HP~<{LsVPRj}A@pM!VQM)ykBcv!}B*uZdK z{4*tOI&Pbom~fb~+X)*?Evnj+LReF7(2!^=aa0uqn?GiP$y7x_w>H1DiPadfDxK4k zcjAkMsxhVY^dy&-^7r)gwh6FE!K*I;fy!b?H8b;;udS;ybG#UTNG6)aw7E&c;p?Zg zx@bA6&%x}%W^2==2hY%np=j7cpS^{F`W+)-B4({;CVU?u04qI?p4NYm;)D(3mg5l6 zO87>Hwd-5Ct#7opn}wH6mJEO*g)*0^I*STmQdbYD`{CYW=yDxfE9J}kBT^JHdAw@p;h9hk3Y7CsVI@wj+moA-a|3DvJNA+&);zT?KrmrkM!XB zJ^7stg%TC>F8r%rjXiN6*JpMGW;@bo#VuH7caB^>9VfuhqnNI zVJ4yl%YeQmTCveI=$meXs`?IL(0^i6u^_*p?mblyXl84Bu}8KjHxJgj2{oqbueJv2 z>#Rs+P|h15j<2N4)-#E#eQoA*Jp@3+D(uKKHXuyJo}hh$40Lm!ENM%kgXuItl_~$7*DvTRQ&jHJ0$ejogUT24|!VQGk8T| z{VYTFw0Kv;b){4J1cJqa_e@2=873UZhjAWSCK7Y`b)f!~JQnDqMAp-dkIb8t z`+VB`s47+Lp(DpXqpIsh*ra{sjOFcr@HXX6<67=H-=bbV?`TLUi>0Lrav)pQcchWC zcAUk=Y^EdY!5GP`O1Kg|5k`yUMJEL1+op#qpF2!`f4}j?vYgj21%lN>j@_ZIxyJt* zgVR}qGU0vax0rKRa8h;y^4!LRf`TTmUgb*YZYKT>jpJGwq5vH_KYzY`UcvKv*!df$ zcz62>bLS2Q=xb~nM9CbaW8r%p2$L(we3e)>?{C{sv3f;*1){+p?*(mAvxkQLWkbse zrDK$taF+!HlFQ4Lu=!hkqU5@MRwZ+<3Jk_34xAQ!@=GC0$zmqbVHavy`y?%%W2O@y z-qh4ITY@cF#>5TK!^Q+Zy`V(~Ao+0m?HEIvQ1vVu02FOZ@fB`N?q6SpAx2W4DI| zMngp|Gr6LN8ZwGbAtbvT&t2K?gHdCA+6KtAkym21yW#SYP`Hb;%iX(o$&OJUZUA{r zdcsg!`@$TUE^JZJ(6_7{r-`OqERG(gvE4gaGz~)1;M8CF%*VGBJ&blE)g*Y$}j(I z*`FIlB~pd@^5v1m;p(N?6|q`g-yaJfl9PpHnpHd@?5YU4yA z=NdeE##Mm#NIe-9bte4Hd(_7JSFSZPSGvy@yUqm<3=B-p&c@-2VvgRjCtVMJ8FcDD zX!7&$>8vR4*oyb>-`|^n?`~R_oo!x_+hXmd@2EQy`V-@E0KH-EE6EY_-O`w_oIqqf z$h+KoCA+k=^oJ`DyP9Gf)PAu5u8;9YCFu?S-Q1NdU$R#DdE{Jt3#nf&Tps~24lqks z#IMPpVH-_evQct*VB23L3GC8&1qFp}S5#J3mc&y|K_Z3>l~mlv$%Awa>U>IrkN|zM z{Hk7`eVf|{tk<1`YnYW0_3$5C46Q`#oTball^SUtI0_M1>IN?gD zlaj<^E$R{eQ$&(d>4fs@pJOKyysnfvZo7@n4ElFT#?n?*@03y{Y-;5NY1W~jtD4%JrL%PwZ;e0#C}m6U!G%u_q|t160j>0E+el} zCLg@<$8Pz=7hBrwOg9_FvMiSSO?SBe`0B&XI}43WIJ>ae^PM(qVkax9%b1JQG<&8k`p3qFh zr)x#U#d%IZH&)&_i~jxIR7$XOerYb`;^7J7Gn=?%bf2S+^-TOZjTLMBZl&2NjtY`6%xn*Q+_{hRaJ{pLX7$-CL zMtLu%9isGX}9w&wmHv>qrIfm zwbP@(`d}AIt{2#LpNf^X3rk2y$Q;3BWr@m7U=}T~6)!eNpCtXKmG~)`Tqb<1H~@*R zaU)!uQ$&-?OoFr`mt4<-@5^5B1 z!QkQRzXnathx|z7d?6$>)SdruP3VHgG+vM40Z+`>#Qnz8vS=>93<5-e$dwrNlEQW? zEzU!-&8KGAn9FhrvFvcV+2?Yi^PKw1eKHQ-Ce3|?W8G`yhjxKtxcnzO&-y3FEa!Tz z%^@INaZfTm7^QXX4H_oO|JZ^Y!|5yOGz4ysLVKkxbkCeQ9~NupCCL0rhcDlv zEoOElKVfQZr>we-WSCKJb;qvL`I+}3zXiOMv~%nnr&TuribQ&G;` zy!xutHE$4C^!5r9W5hnr&;l*#CCbSF>K$g2ILaQ#m*OASes`;mTyn~$pdwA?osi3% z`a#u~-6(4ifQvCwfG6EEsE*_6RF)9Kcg z=9gaO+qN8xKp_;C+siUX@b>Vk_JO80Y4t!&rR`CCXdsW5Vk@Br?^e2taUb7|G|AaD z$q3G=`Yu9%0(&rFF$QN*Bv-wk%A$*O#I3+9U&<4=1e84P>pP$aGDaXs_Vf|!vKXAe zezT{X^not)1fo%I_cb7TC@lx{cU!1-&2IDc1n)mAnY$HzN9UHX zN^VHkDer=OVF9A7qwUZ;Yi#@7jG<{vLzCwnh6fIOP>4FjRqLq)0an73m*wUV`^my# z16uE+*sODBZ&A|9yrz<5dr-^a`@2+x`=0l6tn==8D0bAw&DX9r8zLY|&@knZ;Z|^6 zW=9*K8F5Uv2!@R=7sB5RSzoZ8zd-8(m+98dAjT%{vD2Nln~{cfX?qvwWJsWS{2u!i zWDTkR{_`$tO|}p99MYlZHQAf;i1AfdKhD%EbYij_Rgb`g(ghLWHF^lN>>*)ZzcTJo z+Zm(jlB|+Y@0nVic_#%m$<60o%JF&^iK=ZH=+G4wT&s_escJ7H$jfNL9NAaUJ(tCe zV2#1pXyBcj!D++(x6?jswLOqh^+Nvh8J@GT1Iu{5bUlMhs|C`=j`dQgj0HysZdvkZyz@@bZ-iLLEZ@{Ovoqe@s)zW0X#5Q97s)S}p;Fy{t>+5u;L$Fmj&ExtqX`lSD zRV&%54;XQf6`1NJf2{X*c>q0ZQ$z;}bs)efMj1%DHgaCP13Ix#Qnxo?yL@{f9T#W80e$^t*pBvo4bJ~S3k)+b8&MgJ}q=d)WDg>CtwQY3-$#yL+bG3P1g$n2YrRf z&#`p?PJ4S_AJ}H&tn0{vo3D&FHW3X4Q@3e4?M&db*U02LYHX-PA&b@h(1Sa>ko60a zuNlH^?V*qg!8H$_$@4PK@|wNbvSlk3x=U}G`=k_Fbx_Uf(7R4Xv0RPKDGc;mOIYL(yUunFui$dB4bT)BZL2viHW0GQk zS?mmp5FeFQlCZ9}_4D&n^C1A$Pn{6_sFw7WkOFkcDOGI=y%x_S=rj|uunW5dkEc9j6WEO`P?eZ z0Gont?7H##UD(d-aEc$S-yNEMGhAsEw6uXPG&!G^=<8|QN4)Ck<&~VA46Xgh8L z?^@`9ld*yxkzh(OavzJhY$Lq{B9VHf!XiSoAz(atkhO#;)tNIkhQ?pDyg9*b|CnQ+89LW^M||T)TcE zK0a$Hfwx?|z;2M|oRsYs2mr*)>@K`C0WllM=wh7DoIfA(6B5tr4!+zyqIJ7D7|lMD z-1lOf4UrbSTcQHro4I{AMO8E=e;h)!&(@b>{?f<_3jZ4XxzBl9D1T= z(0jNEw)(*Rg&x;8v68uZ;#$)}>4$4JsZ2z(!oK-}Vx9(w;Pnw0KR3d- z4q7JqNKxjS?v5;!ueh(SrwmQEJ85!|{)iultBTM$s1|?Rzfqle)^yW(5IZ|9Kgn$ap``l6ik*j%9Pg84zj|j)3)_~>G4@}M+ywK>(L$aN4a&g<`I}ktj z4Zjti^X8<1A{~equ3lB-D&Of~rsfxOEE*z2h||;4!N6yNg#SVntU+%}EP#`iZqQr* z_L_448UqX@v_mEm{S+zFPHwf#V%#8L#9Cjc>!*4sWl{PUn(K8>W?-Lt@i!!}1%}10 z$kp|A6-&zrXM3pp@k*$uz6vi5aLuUB{9^(U8X8(NQ0g_>A;%kv_uX!poSu4BP~fUV z{e|pf^p`K!nm@AQGxnma6Gy6$IX0cRS#K=B?~{|0QA^&~>&QydH3M(m{pk+A@Ap6? ziEjEN>%M3zUrG+xNG>lEl?C~*WNg}-RI^O#4%#YUs#KpWY}jZ*Z9S6+=xbUx{rJgnvKJjZ?-Cc{PFX>Y@?x!iTL*B^w2-4L2W%- zRB*n=(0U_wbgOeNc&@jwZfk8utNU^`f#6b`3Sf@FEQH4L^bo< z#%kn3Xc%rDTo`An74x%(V8{&8$8}v_?03GPEo-|iZC^?>$?*4H&MubQnq|&OSf1 z3yMSa?hPb-a2C9)zP;cJ6k2-TMXa?8EHZk9GTF!Mg3Rf@9j%NZHr;QEw^B_3K7J=L{Yb}3s$?5)5;ba0KOY`ni1M0QK-%=|D z$5<0y_V;$w5n#5>m@FyVuGjHM5{bkP7@VgMPXYcqL6jC3B5o%Ury&e5v01+xAl>Qq zuRQQqqVvzR7BkzKvs^DDBED`+Nhh9*mCg(W9JYkhr{-nVXB3=5h<@ugqD6eYdr8^T z)~2R>z1J3Tfr+nT%Qx?Vl$Hw2%`U*R^%zy)^mI)hxr<+}y*s)VnQ(Gq&XAYt%QKCN zr93@7bH8KatU+>15_Yeb*81-*0qHzDr6486L5=vSRfx!^Ucd3U&jw6RPJ<-md~T1! zN$NHtp%q6& zAXYLQgVPrf2zS)f)YcPbE)iqYzL06%N6(0F@R~R)zSRR3$jTd5zG=c*s}>l>jK`GG z$pWpf*kM@yZavylwvi+3_8DZG&3X%v53JC3C!=m+^`1aAt&yi}eL4c9l+Q&Y$DLYdcn=Lw~*d%1qPCP#gW) zj;zOBaV-Dp1%M~x@nYC~s#OJ*6gN;q_yc)~X!zNmh^Dn=J<|{P;nWozs6CnkIWYF! z9GmUKHv7!I=_=m4S72eNNe`+uph74JOzvo$QS3-Pvu5n^ERgoR>XQm(${KgVL5C-i>;|!fc4k_; zSumXrgaN2YEl$mT!ye)3b@B1>IZ@vsp&IstY<5SQ?g@HY@EE=|8YWbt3WXhE zrXf zT=#0T~&P`iZ13_V;b?wBrI2vMq{h9JoH0;St1)G58XOQ*&0P0%_ z-jsWNyQLH6dkwqYO0NqF-BfJ6?iQevex6$d!G~m!xuM7bvQTd*R|ZNRS|HrVpX99M zmjU$gYHg;ot{yF%2f?mtLiL#y+A!|#{ILP}SUDQIpGePDe&{Xnz3?Mm}67?7X<)q<%t9YBqr>0)cJ3H5v zd%5X`xw-9N`#F&1e-J>zK(VQX4BrY5+ai&ntH$anP)$Li^+w>={lWzdh#gA4L{({J z5yD_#Zf^cy4BB(k-pWcajOAF(+vf8@Y3saAnC#TOllhlGtilV0U(`uQ`zHF%fpR74 z@#&~IkWkHdnei2rynHSX<0!=y|9}4gr?aY4Cn!PMD25EEly50uZ3U( zp0XMckNIOCdkZ#3?^iD6=SP3+rN;!qY7XjSNmu`ud% z7AJthuPwY{Re}M!S!@rlD5;0Aq@Q{Z?P$__7*dd)QAFcB;DjW0!OSucghxe1`KCcK zS2am6p)aaRy3f#xYMm+BAZ|*eJjpMzAsx%|+v*6k;qXt@9>8;Tm-K ztbvCN^vvTFlL?eQMZzay5ccVhCmClMDB}@F%&crnF6%B#S%sSr=Rd@(ro0^!UEB@E z7R;(+R`ZDd81W=X32yNiR(=Dchlai<4q1CB`91!L68=*xOuL!Boi-hVALV!|6a~p- zQqtnXWJS!G|IrrYGd{ywN2wODZk>o&6CO<)Od7#l?$T(z|8V17pw5&fMRSld5K20h z=?IYcTlr_H_xB@l(@#vNUuXxwkB%QCsV5%AN6fTo_j>fZ?n!`1M6BauTSHS1M<=2L zd)a5|(I)fhBia(kUD!sqb9#HLj?4K zt*OtDqP6Fm@f4cWb})@gDowsTD~Bmi~FAoJOfb&mf$t*j-r zBFX8#`sw-7W-o6>dUY>eQM#%7Q_csZb%=5)GiV_52?(J9;i#(1b(1duW}}%Hpir-O*^DyXJ$#6qz2S)3=gGyQ4g1d(G!C30+0L(Al0Msiv+H*ROTf2k57N zSGI?;Voi_jUy1sY@2BZ_i-rqq6BhhBB{i;^y!}nwSg0p@V&ZVB(07iDtN15V#IL>Pg2If;SA@6ZGCCeL|Yorr04)*f~Pv$@6 z(gzI7R}NwI}#ku`V&5TllEPe`>EZXkA;qX)MTKCxfF@N_=VgzXerwhb~@TaAYfrkW?Bbr zo;_2(f3OlA_`G5kw3TWx(mWdQMsL6!RlXNJF#wFHz7mh3mF@vpG#SVf7qTX#umfDy z@DCvVhp6 zsj4#^v=AUFr>}1gLIbwZF!E<T=uJgo;TS{k$Y&)9mu8_nJUcBH{hqcJ@fEL`tt9ZFk1 z8Q%e4@(9H#x7eA;(V-58u69D35YjRokh^%n~XE85>$okrZF_tBhguNUpRy~Sj+3#RsJ%lNeM}b$0HO6~sKjI1 z@{ukK+IoE`>vtitsf8v!xJAr|4_r3%U{n6gzpm0~52WUR`k6k?9aQpN@p*;Iha{L{ zO14sF#Bz|P{kReo^cJxHEKuYxezlF!dn96;(>s-fxHt6;3qp@2MC4{dMea#}sbW*E zpZvu!2^BtCv#;Rup1GKQW4D?F;*W1x(79Wq^wW31eqzE8&+lgr^(Wu$>HHkp`W-&{ zWn)H-3o+6I+Z_$qp1|6p?XQ5xGS;t>p(TzocTBCVgBejp9PaBW$xC}abMIq9mMjO| zAI9Z)AT_pHkD^o=KT7m)EQ1v8?M4M!o9n43i6@=XhlW6JNuJo)D%Gkp3NO`uo^TN- zv%TtGor1^QH<7)deIHeI02?O`TBPs$AZej6?E+;Uos`6Yh1_%Y7f_ctHe$=Y_>AS- zP2T=t+nWvX9d6_#eH4p7k^WJc3ClE?G1pBeQVG4ZMxX`NlpoM}Xj2nI0Sh}T?JuXX zxq?Rdf71E6j=GsyIcHwxpPZU~37V5^tXm^B8AbH@SW}lPFa&}m)8OWW#2P;Ujb+=k zGEPyE$`7rm4P+p-cU4~g{8XohDVp+!gpqV-vxkd(T@7It``75x@q*yaOfHT*1G~9cG}vH@~p(?v_Y^K?>-1hca*~ z>(V0iH__L08G06yU@B*KclYWwSuTbC{wE9RpX^*2s2<~bSVg-Yn6I%wK|S4ETr7Uq z-*VwGX4g`&C&@I}e5A1?moXo{K=nNd%;j((ki7+2!xR6oin5kZ#NzS?ZMp<*;CY%(d7Jm zQx!HE18UF&6J7-x+Cy!?2YoY!Dc0DqrY3{(r$%j_KO384eji$V!++I&I#Pou zlv&$qC|2JB3Y!9*_9Gbal2Zt%)1`b38jiFg9~2=|g0ZI&DOq$3FrE{DI`sJ7{w0#;>6t)pQODPc3ZRwq`d^;`tH$tfA04|!-BN;D0Osb7#}R>6=G~Fvrtu5^!pGEFwjKzQp=a-A(TZ2K ze+M>@;i@Dx33>Pw2&%rDorTaK<6~gBBpXy?1;GE)1o42!MOyYGT@I|)FB)_ZD0tFk z;D%$wXMUFd{`N6y6U1BpO!|oMQp1M_Y7#WssIqP8t+^5Xl4*&7*8K=H&VQ zvHl;_Lgu>*AmBLk^%AWW+VzuqK)>00aKd>42V%EkG9xV^*l!K*$KP~gB5q@Da7!6X zAvCiXj06u44}-sNn#ylYCcE%5jjt$z;WDXMZaLS_ew&MaVW3t2iaX`$Z?CCH>JSY{ zpr6)Eim8O&cn?*00aH6^{qfnfoLm2HuyX1EXg;oW>ojt!+4fr*EE#!VQtG+(;pPYV ziu-dSQpB&F8@+=RSMNzOMHk^v!>&fLT$yZ1UYc3hj$CTq>)umTNa(x9Ypytdy{qPh zo0{UoLk5n3mw$<&4$>4g5$&uYYsL4_(g2tc-)1~3W!u&u65;Jovfxv0ymrL$#$i|u zN;_uMZ#!8D7n_tm{Ytj^_+uvAW9y3n5B7$YD1)z<4o=*-9w`Pg7o=-O25mIPKEHpV zBY`}~DMOO3``R$;UZkyzoZI}%b4q&wcVOgqE8f>{*{2v{i8zo8B|m>>Xi$ z`W!}NG1~GikO*2XSfB6rs&|Tp38%ci$l9#9)v|Xoaj%LqcgA?Tr?ZI&MHrLbN$Vrl z-UT|A?=)<-J`piH8NoJBw{=GO~&f?$Kc)Mgjb z_X2ncN~H|4Efq``e5-z5R#w)P=S3D89Gei|U6kxp_cK1Dm<3wgYlRw5KmEwe zd?-|&F-EB5OLgwxSG2Gx z^EP5SlSDoA9(mWU0}u&ljrlXwS^QV1<}RiTkm0J(ZS2odwh3T-ZS z#~ph9+PBlPjrwcXbnm@6B8C4nvV8VX^!34Rf9%NjN2xPv@m_i*3=cDglKZwfK}%Gb zZcUdu=}`(@spE4jd8bt@!3^GXLmQm1Dj27O(#e?HT4u@}5r2vc#ya{7!|AW|mcNL! zH3L)0$(>jCTib(lDfEz&2q=HPVelfxKDMG{#4;5UrBg{#Cr_+=DV+2g-1haUO)>A}y2rjKOSOo+1kb3WyUL5TIw zqwi8jBy|D$lP^m=V5H~yeLTGHl@f7J9cT=_U+ zjXUz*kR2w$@F)OnxJgdgO0?;F#e!q%ZGK*@GYsXYhk3X^Fo=f+1!F&TRFdgAE`qzg zjPd%LGx|w?FrWuWry2+&9M5{(JC1iRuGma)fHu)Z^i<*Fg0aqudN(X(QyjjLL$IG} zjlT{-cn8(dmQ%$ljJU^!fqbB&BRh=P$ibNEJ0nWmvh!Q5Tk7d7lk&O@reP#zema@pPQ|k+ zHcG2rdqS;JeouJzI*<4YZ*6an{`E>M!B_Kftlz*o@Iw;)CM1f^cl$QrtYaQ$XuR7G z{gg);^<;^v5+>gYP--U)$553K!y#71|LO%0g{!`x3mC3WQ1DVc40}S6h(AjJ-IN=R zA&_8VsIhHbifj2(t~cx}q84C0MTWqr5Od?CI|oP+T`Krta?%7}y5 zb)xFHmg454ofh7``?LMUZbjWHa--9UlpcIdBBeX=jxVmed}CryWMH$&t<21Wxl>BX zX*QX6m$%y`VAyi_#*-&=ltorwCD(<4cn0jkUZbCrs&U&c8r#Ku>yZ@cwL6UOm`-!He1souM*wW)04B_f)d6^_WvwL*lGaNB{|kXGo?Gms3%8^ z5iU7ph|W{RWk>@ER+{y4N#r)bFu!V?hN2AVVIbCc4~0hRj{=Mm1qDg`gESzRGQh0X z?9>^ro7f_+)5l&OKwSof0m*LvSX$GIDkst{?9qX+DN82Y&$e3ADF95=Eb*4KpouDD zyDTyH1QjD`|Ia=coX&w7lRE+0#W?jh#?X+(e}{Qca7JjT{?Fm%zo%zKK<@URqt{6} zRG(1lt3spDWcq-b)ELW+ISnktIDnju_kYmQx`p+B*Khvs7XQGz{{gxG|G*0Xu}SS4 zU(XEgtwqT=YpL^iUB7&UT+`kaWScI^4Lb4MZ1Qn81bUQ!G{2c=Ry z+Y~@K|EWG2apyB-0zHHq5h}kke8y+Q{1w;JiRgtO9P>b7x>VoKoZqjDGVSqH&j_*( z-pxnMM!NXfqs@C`oRYV5Sutgpm#HdX=S5Xe?MkEdG774QE&aB=q{BwpnXQg(GwW6N zI}@F)pJY9a$-`D~zx#K3NoT0{z72Ap4F3?F|5WVu_zEy!ruRg0Bb2N!pI`r8$DOpj zRj%y;b<+w1VdnQq0NqtgejlY#kIz2Fz;O=2GO&fqEjVJ^YwxjIMrk&=;J$35#QV06 zHx?>|JlEwl$I_rZ_>M|HXRuUCUMG#H64b8fIoSS-eiq%XrCZV;oXEwRpIohN`3^tz z^m#ybOV~`9EE@8$Fq*kYH4{;AWqZlOH^N})zgwUa={XfQpJVgy41L8@)Vq_7mTI-` z%uMHLe)6?l;56GvV0|}O8>@(HsK_NC06$UPKt>X%`G$RKO>3IIuOuz{@P_1AD#1Fu z4Q2IJ2H|#IHH0x+HUoFvy0c1W`y=1+I-@0JIH_UzeXx{9(PAo%3`bG|1IHM&6U)+5B$+D=dtl!d6sc3*&nkq0k>_Fh z#rZB&lDbw*LWYa?jJlnor@XOm0x5hdi94U2&t;Xu`DOKMe=OBKMiy=_4~B-#*$EZf zaZ=rB#W!m4^e`>8a1qFU4MNFY`qZQ3GK$y-WVJ=wH=o6Gd%qca72fWxZAeB|kAWd$ zM@+UYr-57eYpSFq0rnm?lBvGDj~jg1any@bB_&E`{a&|-u-|f7E{@x0wb|^)8>RTQ zo&w1Ul?8(IJ5s_cDhrbGL9M%uR^y3s|51_Oh+G>Z=cvN|!0A3ouN1$xaswaFb?!@3 zNeq|V)fs|lJT`ej)Fct42dVu0AF9MZFFO5suSCSmIydu^bNsee@=BaZ>`IR#CM#FP z(9nELt53qx>k3%r08m29{W&LUVuvl=)n2k~Q$M2!(vT#(l}b4LwCHgYwQ=^j0^)@l zHA9k4#LSFcm7&4HMxmd?hBKtDWa(&2I!w;bD)=tWN6AwRPA7Ot7Lb{*0@F}$cmU22 zQS*Z;`rkkWBak6RiwF9tdUW{&fG(96V=wNPDwGNvh^HjicR0;A=KTtXGS*Axt6R#(Sh{xw z%GX!AJ5Xa~MPhsXlUqdB7%VpJH6#5YC0Xq9@qV`FgYI^l$ozb&y1$B8XCE7s2p0yazTgB1*T(yHGl9ivh@qdVX!XIIhItN}1skNMB-)G7r9-Exb(TEAeT(}<)aFAVbX zZhpBt@?&U7Xw+i{J}Ap=oMJj-r?~lbmh4eOs;E%jnX^UMIVzFrk! z2oPDjaFXA@UH`xMZG0j7`;c|+-dCATQet$Wm2VlT1eC@GqU?R;SB=e<78Qd&3l zbuPY#JnnDL`>;$*B0uTo7FQCJ_0TU0=}%e0y3-m8p`ICb<+t zn+xWStbm9ZYTYpvS3o0zK4I{h>PGV|hK8gE&gmxCP0T7O4O%Ob^r@zZyyo`@NtA8{ zHPL%$9*jgiEguadZeg&g)#=U}8Ci68J3AAjoP)dbQxYI=@1)2CtWDB!VDVkD8DH!- zrofXS?4522c48L5g-2Q2vS$=`AG>#3C089mnc7 zreWn=O6%rIQkM4U!x8?N&{(M&D9kt-DQR&25$VyQEC@~hH>7mi9<34$!M|A8tjO#= zT;QA;vYK$dPkQ1rXc_O1^vS-A*55QOqpacU#v)C4z}qb^kMMYl`>t-y^}i3FMaNm+;2Ay(n&Cb5Vao8>#IM2%;elH3|JUgy;11zYreg2^#A0+=-p4B_Ky)y_uD9 zmWKFRxudM!TG)mg1f0a5E}h$KQF)ErXwB0 z#k_3M15yQwjQ-dc@N0)?dC(mID;oSl8>tToNl;7KoHW1+V|zTc?h*0%XWfGhM5-E5 zF0@+4D!hSst+Y5&pY4bU2W1!PU=(P_1|=l+mi~Tj@H9fJp%U zpJQL&C@qe=TWgJ)<`nR)K?fam27~R;p{vH)4rqUDM~6N;tif|kgI1j(p84aVwVByP zmAiNI+_nP0&7~z8Pb5ppQ!SoBNX1ICQX+$1#)vg|^{l0>jSY1Cx3R+lki8K5tF80k zjkf=U#Q-*#8q z>(<}g)aT~r2FrqEH$pL)M)Ev+mSK60PS*fTNl;(LNlcl>u0Ejb<_3yaT3lEh(iO94 zwiPwbFdQQlOLu+{_BoLrrQE|Ljyx(SBNMgD%CspLpbtig@LiY1UBHtPW;oj3z3!ce1K9KTJ4FZ;0%eYV$3nwMkIpE>b1%*Fej1Z`X+YA8#@9@f3HYxO0@KH<Vk|21{bFOLko>U@Z zRPrZX;_miBEw%gln!o4_tX9r%V+Ztkv(ceXe5uCjfyW6v&`?k~HB7OghoQfB&_tlG zPJwX?ooDEB=37`pWMx5m5b;w6!&9%JZX$V!)5gqx>Ot>F%&Vq!YVkYU044t#l3Akq z5K3uMO3dJ8|K*vPPkniwA)l%9gutgFE&9H~NsK#G%Wro$CS=HR!2b8yzLEkeIg~Fk zEWgHxXU1f-LKbv?SyLCc18)*Sp!zH0PSvNFcg8pu!uWTeL%C~;pruRUgN`21?e8)u z>!YV%=;bl!gJ%M=p3!_@(IEfX0h^XTxzgYKcYi`Ds2lxve*#2QTl1czZXyH+DLvIg z3qb(1lX`07GkE#z)sb!NwFznqNHM;c2tnGsQ&s>tXxaf9LaVwASj(mIvwvhMcHxyO zj43r3ZBj(}tE&Wue<*V79S{v51MJQ;WdIb#ODmF_xkH)3o z(@z@#G_WB2$eV`ZQ|;mjI-!y+&~kF6Xc+=EESzqmgeJ&-D*_whh}z%q(_Gu$*3I*`h95OW{X=}(tiYCg8Zemu z9d-T#cA-*FY=pE5ETn7uMKCot^ zWwU?`qyR84y2dnFJ^;A3R(7-Y7gTHjMQeg>MC)w~HEnt-^D!-00}ij8141#0-%VXX z^dmr{)(nPV&da-AGnRF{c=+&Lb4P0oCfV-Elc2JMCK)8sB(4C5$M`&nQ=j{9^CKf4ujNn=(9sj<^F(-ce+F5(=F;$Xb~ zrs7MN`%b6U;G4#c-G!pmpvO-!^!1#e4ZvpP&7{+K3qu@qF=(&h=RgSOTM&NvjIJ!YL@vY)NtJTn{sGU%8Xx z(>C4Xijk&cxh$@D_3YkSo7?BlKRym&Dm$9&ZK%E7S%m}pZ^ZcS(s#yQ`f)ao>Pz_G z&N!Q5@JM3E9Svdo&SbIAS!6{81wVH16rW(!#;-aHQL?9rqr;_3jYkr*s^644-iu7k z6CH4$ntyQy`}-*a2=1@D>Dr?vyb8QF0Z))$`4pXDwii>CWN59G| z0J6o{H8#3?FwH91izsfAj^usaowR8V7W3P701X-l>paYB0N!rCj-gQ{&<6eP&`Xkp zJEl+Q4+qwbge!Vkc5Kcx4W8^oIIDP1zUT!-fV}gb$P?hZ=OXVO?yr|zj|8iK>gctN zOspuoB`|_7cQld8$t$pXndrXj(T!&S{nT0iQ$Mxx9ePmnZ5nhjM7V7x$Xt~<<+oW= zoVG1W+2Ji8TQ(>!BD0TrE@nig7K(1ahb5lGE7*DE6AB)6hK6Z;7IjlPJLofB5x3${ zONzUF#p)Ug-?w(VZ|^h3wj;J<>hV_|5HeojOij5K_cwM#qrk_QCl%nOYexxYd2(yc&#u4KGJc1} zuCE~@tD)H33hT}Y0zT;^LUN_eY<>(F#ri)SS@sFv0TdVWyK{(?hwS}LrK?UJb?`Qo2}?X5WjHq;hi;5&RH-%zF=4UV2AoN=E%9Hjle%h3Uuy&+*&!A@uOdquj^h*W{jDs)%Dt1 zfn2|jno4!G0_L`67cUE>MR?14ph<1p;k5-U*xa1dY3z<9%pN^B*xAb-7|t5er(^$B zfI60>ZAuEpiEQ-eA$>lAXN~^xT&Xm5R;WAiz{>uVvdo>K=-s;)k-O+77g_s9Ne`V{ zUH#;w@j)#)LAp)Fs^Iw)(iW*S?VCmFGl(6(k&L*EPRFMHo{|^&;HA4R6J9$??*)!% zyuL2MlpLqsboA`Oi}(2|etRCuRzS{@u8^J08^j?E#EP4bZf7mQ1s3x-JIcmY!wR?h=PgI^fzJ8;*#K}hQmKL@+O;(Sbg|kbPxZ9dOJ+QaC!`yvWsUIG8@Pjt} z#S{0)A61{a7X7eT^Nv<(Zd8pNetzW7>(?rw_YjELn+N@cIi=z+@jp92$H@1ee;}^d zzc2VhYEI!&ad_O^uEttqt3{1Rt(SH1a_;B1F(L`=?-KCu5)uUjwv~>H=!|NIG3hyF zaPu}i4u7+i+R@;uzE(I|U#RcmJk;KDDWY09j433)w{PJx*i+gimhggK*`7U&i~P53 zfByBikY}=6S`7NJyAA;KJ8DBctKDu{EYj4;=j4AENY>)%B-0yo(H(R&pPG%|ChVsX-2hOU6Yrc0{xsp*_xKpx3UX zSIwvWN|v)$a0(f567giEOZ(-a|Bt-C4vTW@{=i{DP*OokBo&Yt5Gj#H5s{D*7&;^c z>25~F0O=B>1tbS0henW2k(N?YYDh=Y-@b?Ad3-$Q_w~8nzuxP8|2UVI$GP{t_g-s# zR<9e607>7=s_;DT*gH-Aop}1+R|YR)HpI0lXNc(9Ql_|jq?ha*(#DWvN?YFq} z+vc%<<-v1f%#DT%GYDE&cz(DMuPvz>Tv;7VAcP8<$0b01$>|wWrU2{cwqy$rLhDdl zO8(0_2ozD@GhF4LwE!+IZf%7__ajChQ|pMDMt8B}m$ z9wWRY?GQ6XYT@~BH1oy(MlZ&0b7eVdBNE36GjOML_B^VuOo;Na^bN2P@^!~zVsMN4 zy=Jjb|H;9z~zJT(=4qu5^F8`!A%%OTXxFc=wg~PM?A9BNO-(=B&MD(s_t2Ai)IebSzBI;5^{cpex0<{^jm)*xuO9tBs)MGnAP0 zxQ4oD^Mu+f5^nBvb?B8MKX9)m+hnz`y*o~?29v!&W{>kA&%-@n$CZW|)mJ0a|Kwke zPF7aGNV=E7EL@B^e8`?RGuCv1R#S^3Q?{ZRW3%|uys3fEq{n1Fq|WnRUSid-)jTD6 zSW;ZlCI3<-v6rn6Ew@;psG4^wo`|>jeR8J`kIRve-ab`G6@d zg>aIG|8fnfDFLId+wED$`$h*pm!q~yG%8G1ukyI-#p4SDGyvQYxtYK~`ywUkygN@) z-#o|7gXCje*QKQZavgYGm-Qkf)BiefI``T?#2%0AX_53B19&C6jGyzI-ssG1$jOos zPoev&wPRQPt4Uhho;sDEJ%xA=h@`O3SlrMG81=&DwB5f^zY8CCrP8Uv4rVl(^n}a& z6Cwz;Qp?rZ6-_(cZZ`P+e1dz@23apWU`k4aQ8DOk#Gf#2r&4RD8NBvxhr z<(v+W0?mL%)uE)LeZic{UR3g_KgG-TdUjPL1f%lv#F3jfwt|-**hB3;#Q@X&2oMPXd&5fYcKR5za<{x8Cp>d;V{HQC$C4K**^i{U%rLVn!BH zC*jj*h?BraarN*xPIFmL{-S*8o6(dD)g;z3#}Ifx4=AKs6jAB{8s0ZCSN)eAAUuff zOKG3i!@zI38boFCL&{+AJAXW1S!dt2{v)u5M=*deNP0|#Ebw4?k}Q(`iFg6Tc-)+rDnPniROT){9qI44&oW>?BPbtR+!~S_Z)~EHg z)AO@U00640#L}tQ*x1^-h}l~oZ6L@)8oR)I10V)ZCdPXJBy#=Hzv<ua}vV-`~;u3H`&q12YE-E>%4l=v=GNzL&C9yqO%X6pF@l|Awi03< zvjZ|D)48Aj7ZkE$UdtQM%cw-Q4JrTv&LF6YZId3pBbTn10KB*QRR~6^0ytP)coibW zuNT1l86VW!QTT;$_m1GUboaM1P3$vY3`Q+2a`LBVFkf`$BgFkcri!+je)Spr(P-*2Cc1_vDw^oHvak8$5+{E1Pw8&}X$RCD8L<5w*ARV%FLvU}~mSmOzj zt(|&9P%LQm^eMoo4<~bf;sfpP*HT9G;(W~RhrNzLd0Kh|2hl#p$gTY=v8x(A-l{Q=Bw7NsE%VywOTsA+U1qMNWIWYH=>hnZNi31(B zHiqi>d9S|%&lH&SR9t)qOzO$V%#`i#>8e*a$jl;oySvAiknuJVmf%|D$vv4oVnV)L zFGAXPKVJ(nfUke0eW&R& z7C#^Yc)I&5Rm_FoB!TR001>hiqnk6Xm0Tjo$;JKLL;nQU@a=`C=2q&STU-iprQih3uavyv-k_hB$wmMmj?{{`FA$-w-my6MhZ^6sTd`+PrnAvt4 zf+A-;4F^plxMlUH%e=fj!>*YV?&hng3)MlkyoAWROI`Q7A>-4qC;K-d9Yegq>zq

z=@zXrTi`l)|6(Ngzt#xM?yKqsQYT9un`!MXjhZlsZRX2mQ_h{6q2V8XccGM*PzZen zf@^DuhbEQ)@h#!M#< zKB7GYu??XLaBc`@ct;KW))v$eS!Wg8$ZbJhG85O;B0Oan`)@ge6{g zTv|Ljk5!V#SR}bt(Hx~k#k^5G_j)@w5p()Dm`$&RSG;oNF}>nU4qjE4@=V36qHm#|au3>KCnfWO(lif^x{Ym6+X4a`38Wfg8al=A$IGGcR9ohc{ zdFu+Sj_+l1-0Rhf#|7?USiXtrk2t*31>w1vY0-YBCi)|3f?X4$H8+~8q@DO&WZ%U0 zz7Zz0n~ei;4J@{ghlBs{DfF*#@j?qSRcUB~es&WG)Z2M{x2V~Ck?kzqQsk9fZ@&5dWoiVS95>fgu4(n>uC$1nclA(2}?!}qK36sL8&(o4S^E)eW3-|WV?JLv<@rLXq(CHNEI7)pM znbf^>1~ikmP=k>!p7qE?pLclywx=%c^3bn}s1mxRix%$xzrN_P)@`L@`q)(CsvpPN z_U!L=3?G?SfY#MeCc#1OBX)Y0(O0>1#E^0dUk{4UF8rfEfh`~~3To@jVeiRckhhiT z&7?*j9A`&NKIWZIDTSN2E|-z-j@ijmAhM26>*92fxQ?wx=lOTnu#!B}Ei{6ivDcV% zMl5x5$Lq4b&y8~8TC5lF!^g~Q#5*Ug=kRT%<$P_L(|8!%{WG9#wpBIVsP+Xmvx6)b zPR)5Mu#MG*#^Z$J3>SloT?-vbIs4$WciwvPyR>_e34rSg5Tlk}+gkiKh{v1%L}vWj z#O#^=D!w!hWEvnv(^cBj@2#ZL#^`vLGYD%yAtx&%Q_P3U+OKWfaCLYJCXEjX+y8v6 zlKWyueq)NhR4(4c%pJ0{SwCFpI3lzy%X$4o<>p23IgJJZhx4RB4Sl%?OzmY6wAiVK zYMdxd6t3(BipzdrMohgCX<*5B2VYSZ+S)2DlJ*YhSjxsblpAoez~Vj~$>|=7vTd}* zf4?LryfbX-J^RluKZ+{jy8Ggi67MC)VtowE3h)y)pEOz(D6Z7bw`}2Sr74)Iu&xMu zR69n7M4R(g6kDWhQY0Q4GdeUw-=jIGP=?ozRFUOSJ%{_cH<$-lCyDJqW=k`eixMPj%Z5es-{SOxlV_?(!|7Kb)I4aq->u z<1!v`?$C0f&m zz*!|--}kq7hf}<;3uSq@uPt1pMM=Pc}C-duf-uq;D&l=9^DXgXRl?<^GWFtDOr^*M@q~RvD z?(lK1RJeq*%H5QPa>e^j&W%r&fP8m9l#VSINEzV`)2i-OaV)}I2CZe*UwhZ^M{oLF zjZ9NdvsQDd+>zIxF5B2-jnwxZRPlsy(v}}7)D}7~g}Gr`=epWuE7hq#APljda9Gd! z6d7X8*GAwzfH6LpicA@;2tE?U-p&q$^(gbr4&<44Xw-AlzM~Zx4LNeNL?}oE&q1NX zs7VMg*2hCJMwFFMEIiz2=76$c0L=0ZbOH}+0C_)~`6#Fp@ z&TyVMu>POX$v2cAIBxqLy0%E^8tP5|zncF25J*2~L0ea|O_brQcN?X-aiYL<{ya^i zoy_L2VK1*xyIM{2P-NasgYYk_zr;x_=}7?5krJ%&XRQf z;{jKIdHg&hPz{g#aroK`s|$IAkHhgmAA@`+#8W^@yS0eclE_{EQ7rAO2}|wF7Iq`% z3$&p0u5V+`xlNF;Q3@yG;Q#Sfbircm@L<6h6I7krAqBReXr4R;fptH)!)~<&pL-F( z`;YYz&wj=4zg%_hTZM{P5b3!{N&b9q)t{~TtQR>w;UQ#(t1xzUf_3p~RGcb_9*-YC zrlFyEke{Dl#v@96jF=e;lPVV^-0FpWO7o490v!*fJPTsq(h_=Rw=xP+ufgM?(q|@A zwE#6ug{!Qc7-*n!-OA+E8xupr#1ytocYJbklkRw5RI(|uKYMK9KttQeR_%h*culIk zl2TQknL@9;qN1dxMv;a6`N`RVR8*=&g-+3V$ELYokEJeOvEjdV?b>C)kxsc>>_)@L z7%I9t?!EM4#g7;OH9_sn-^wf2t_8#x00iEVFK9P*ojxSkqsVoulI)q@ejGc2fLV9& zpWxd)%g%Ng=A^TEGbRK(_|4HWFnB(H{v47|992Hti(=wB0-Zm1zR`u{_`vI(CV|V0y1Sweu`?>L!bQHkGKOqoeu!9y*~TegaVU z_=p_*(RDw+JQw%7lvGku!to=nV=Ruv*KeS|BVeh`c@o)SN!`l1h)^SKZHW~$D};qu zCB@5n$|#lXva+(0BbQ0nHVEzE!TFtbA~N7^J|n_|vDu^XXb*7^*b!v4=} zq+%4B&c}7(39$2OXqcVtP??!5)_PuMFY$d8JGpJRCUw2w>t-4DL@x|>CR*@lz_|@q z_CA790^v#{oLerl7RV(r-ked|RgG$ezzz7LhVUszo-jNkM-`V$8`F`GFRt%K~&oQc>vWGo3 z_G4}$0wykD`H#r$XV)m#s%+h;a@#Omom>5}oz~z;#-+AiBT9+oC!;^)ZJhhQ_^nd@(bQnMiBK?a&%QO& zs-?fA^rx_jR&|}gX4!BpvfBTLz3-03`tKh`WQCHEEqg1nGNTX~nU_tG>>1f4Nmda` zX7-l7M`dSZX74?-x99!2gu1`o_wRSk^Urh6bD#U1?|sGPJzjgidoGk%XKOXq9*3W5 zKn)<1cB|3=G;yoN@xx!*FGLtokUvTFb}O*Wom9kj=a(P0bB=$`FwX636yW??$=~&iFeZ%($b@q&tnnR);>w& zNa>(F{TA{nuq#5sWRt10fW&fG^eg!Xg5ckcF+=L77$$=kHrKgHyil>vrl#4!YPaV{dA)Lz6x+kp`-*WwukzA~{YQfJ6$x0wsfp zYtvd_#bq)Diqp&g@gYx!vN&L+z==EnfQ!W>00LJ&Vf1WYwZW{zX(?FOcFeM_wBI#JS|~*l;0|cR)!7qL48g?mDQvdCmdntn1)cGh))FEU49a zBHBxO2Fx>H0Lnx2sEZmR3|tx@2g_OtiJPJ!V>-$&rf#FcT9z>1hk7B%pwY` z%&vCFNuF`W|FZw%zm0MKZH)VGW87aPGZg0fZ)4nl`&9qir}~#7BuIh&w@>xIZR7uK z8~^{fZ9J65a*eG2;o=UBfeeLAo z9rfcf&(Xo=yU0ir*nE|Uo94kQGpm-Ad7DZ)lryut9)#+d|K|pNSWs2;u(Q1Yzg5vF zKYc(TXmGChf2P4%R+E!pxwvswwdvW$Y1b*}wF9nv|4lD@N#Kx*wI%+=m4`ww571a_ zF+w}CUVRr5Z1G-Uj{H*)OuUrZK+9{H}B`M`7ZV|a^TquZ^r3sYh;hwDe=l=Eb zF}v`6(M%XlzTxp1xT5%(1{h0FpS5@O=}YT>__QG0a8XjWx@44OI1A6IIZYdHI-;cF zidWj%i`*hmTO5%maV9j1Ho+tX<;>gqeJK$YXw;8XJMXE-b%y{9%BUYybfO2LfSa+V zf9w1JUuJj??+cZ%U-FG?mHk@bLk*%eB??=wMq^?86;#~OyyWZyW!$p;MFkh<@6(*# z+=B%yoAW=93`zXMckEpIzx5qoOM4`3k^A*8Iq-tE-B0Pe1*TU5d$gS&nQ9gqt1Ua7 zI=A2nV<-mFM$2UfH939Qo%%~K7b3Y#bW=BH`vKd!OUppm? zlRrLL4GPDelJMDw$G#%giz7M%juuVyI$Z=|;9>4e9?hAXp9^f8V^05K5Ne7`tSI)S z1e^idEZ&?Q;}lci1IOj<&aes+xuvLj)3P}*kMByLeZ?WI8Bzb)QphF0f&c_ixe-I8 z0{!nRoEy zoMRrIuh$no3SS$`^Ecs#0)8heq2)mh$b+A2*-OCjexEAx+f_kq7Lb9D%0otn%iDAI zpamT@VzRQb3PG&-7~C^2!EzGsWE4PXI30;cZuac(r+dF* zlP4=Op4z&jleJsQyfVu^OvrC9XB+>r8H8rYj=P%U?V+yf=KTtL{q$dtk)LD%b!@@X ze@tFE+XI76o+MA|(0!2xgXHqHs85eKe8s3YzXlhy$%38j=7>u#0Pq{k zd^}Dg{RS{_5C+g08ZUKDwc$txN!1&NBA}t6VMnJST3I-lMFuSm0gFw<=ctu+%hr^g z_Ub#g&01f~n2%pSqII6nc;W5+(AM^bxVZQOQ&Ur+7-h1rsjf*3^Gd(S@7KKFJIXuI zZ~-}X=v9?JHwT%4w@4e$RK2muUQMWi78==N@MvV<{!@#EfpTHHWxk7h*yKJwo)QnN znfS2g={;DWl*G&(51QLtygw+YzldG0u)fiqseXw*s^})S*_FT!?u-=V?DOZ(GhI!G znu=X%k4kr+v)oG89^mV~2j4#j)O`KQOQkG$J$i;M3`)J0?B2eo_<20+`l>Q9WuAdM-tKp@i#9 zY@IUY<6M!A6xF*hN_1_|DprYG=D6}EX*?5^+?Om+NHOK3g>E)3?#%MhU3tonSjGO`J5P4LclZiG;F_vM=~>!nXrW^^SzP(JMM zpRUZmGmP?UY*-{DpW+LOUx6A9<*%73rxSXgL5#t{5g7!YzNi6`BKr6e|__xqFjmHh=kO;>R z@YI`5s}Rqn!l6T5ft8iuH=69c0s^?_#J=274~6RH<*#`3&ZfKz4^P)re7c0mQyaoA z%-NlxrVQS-q<@gmgG;AcmUt`uGmC8OF~f@V0IgIaZZY-@C=vYl`;C8zcE7fVw%7E{ zH*AgKeY&FSymu%u9@<|?*wJBg{RRiIm>9K#&Wl|jTjVi3W@j7TMG1hP9sCRrizFkA zbh1v@F2AY0@{I6nTU(o3<*qVX8eVh3u}Rbhl2_^2lpj8}0dDp(KYkVY3>k1Lo)DwN z(vgvst<7x}B7wMy#Jp5^$#vvA$mzX$^9DbY_?twU(k*upcJyz}H4_tWfKeNO*}}&+ zw9=USuq##Bs{Jl~S9wr&*yHqHO%X7VPwj3m6Bu*?+m`p(F#kmtzfKV$h9}HG(>*^O z9o<-m&bI9SijU#pUW#hm`xZmE4uyqRt*?J?G=gdHL|^Ht*t~OHNJyIx-DI*cWK9*f zB*4-rG3t2na;UzkUoPXQ04=-vg~JKQc^z;4-e4wbSv&H z+>S)H2KnTWj#>t09&poQBQMdjy-w8-o-_b3l!WAL6}Y^&x#%nBEQGGJ==%o$VMrQi zvw*gBMGi_sqYnfFG=FY;@s#m)XKImvXOsg#Ho2q5pwzSwu9 z;HHz=j8cEe-vXMV0ZB$+nXLC!A8lDwC>PsV>eon(rj_x?yMPw*^eQ<~nD3B2 z_R$!u&|J%Opy)b~&(m_Br7VLwviDCepa7M0di;m}a#~E#z6uR&NKtj#TJk^Io!lE+ zLM4B)I1)r#4%u8SnDITAqU<+ApMEhgtO2D~55OarYgg0PY0_I%AN`t`N_moZIZ4DE z7to!Y0uER(>90KvHIS4KS59z4X~1Ea+Ukqhuz&2E?^lS4S?ihJf)tR)5W%}BA>xi; ziSdmrUV1hGduh|&9NOBtI_9hC9v+CQmo_&yvya~)wFE_Gp)&uWL>P>~0BtEm z*b3~dXKq&>j-_4a>Cq{6Y=b{_j3+?}X1-@xa33~s5!Qtgn!XH{6XJvP+vCR!L5kTy zI<6-q;RE(^5%~|}9XgO^yFB-{mII+77lsxU%;Zm>8v6NX1gzX~=?H+HITB$*o|+n4 z89isUnL;v_8ZAW6Z9Xu=^jY(U`0?vCzXsg;yjlh3T}YN|^6^ZMKY?hD0)S`;1bhR1 zwBH`Z?tSOET8o;t`d0vm4Q7KF@a(u3N@5cIL&sIgve{SBuLvVQU6oy2DD6Lm_fkQ~PunpLSVIGQ34F;4-iEW2ypkp{tq2V*@{O45TBTj`@Tr zLS{$AGx&%QNGxA zfzixBN5owhbhrUgWKGHkos0C*&enbbbVrdCsn4?`+(VAYQ(wbHe;(v2MV8dEd4jtU zl|07!i_Gj}d95kP%gK3JPT=S5{lP-=R~pOP-d9LS0%w*j*1o-s z;(Kt&c`akW+eXI}leAU$3O{WXmKhEK9+Ut{1d#gq(+AYFmTx98fv)zRi`dxMB`+-B zCu$!ncmpUWEKQ#grv(J_Vh|VGU-k(?1FeOC*OZW8m3#C$wgKBzJTTm_iVnOF0);K&!j0S3i}Y%&w;oCE&;rfG;C?x)p@bS`+;d! z_{)_$Wmw>lAOTP6`vrBYPP&z!OWW#@5unQOYpQbE1AToO$O@*{Mb`^S8&^3ll?;d4 z9aI`^%7LcqN{cLnm)@Kjna3YwAV5+}1bhv2+aKRvXtu8b57^PEq-zd-?JwV{wtDL~BKMynX-9iUDCH{<3RR8k3^)szt>m zduQ+xb<+IykLjplzM(BlRh6lO+{%4pf$f!+fS%X)wxxyb9W)Qy&8+qc3+w0)cQ-RT zbrp~#u*qI>7DQYWUQ5j#%LDI?fFb!;!9b6PmX`9+@E*A076g-Iy1q0Qt|tQfEd0SL z^cK(=6yf3$jG&Q3g36PuRz|9yf~ukMqr-*8pWmW9ujf24kPtcil2y*dU8%dcHr43F zn*d5HN`@j^7kr0zXQtJ;D>f;#a4pJKX|MCPxedUi(H#=TX*^lzVcn~u>ZFud1SlYE`LnDu8yv2;9nvSqZc$X8a@=$68yX22zCL=`Jd)wT}5d} z=mzsF9)j0{ewMmfOW!_{zkuam@I>&g$W)GRE8BvRbW{1WYbKrINwf)i1!d6;1)9ML z&r?HJ7p&)vrpg~>QnIX~gJx~}fwgmB{6Owi06AbX@^bUzFBeaJ{*h;-IH`(TMNCdk zP&KC@cTXB_{;pC2_2|u(e6{sxcm5J)m#eLHNlp}h zMJ{z})_cvF+nIf73~9qUGtrWqdWq|U;^5hi^8D9M3gac0RhqMy$@qJ5lA^8Kt=zQv z&2u&>1a@u97HAD`ESQu>scbEg*dI|29fYdhDQQiUQ4Dt66C$(ki8@&8(cxYLj~{LY zE%@4Ntu^j2i)RV;5ZOD>7hSqs)x6A{b9f$ zcr0Nm9Y5)D7s2E)P4TPL1JKi7{pwL>z4SREr)Yj&3eps;;rLd8)i|x6Z-n8TT1l~HXKg8N2f1=Ae$-g;$Dr4dS|@Jxv&*>l;Xs>UIxm@y>1zZ^wS z`Yd}l^{aSwq9bC$WG4M}jryYAw$2A8I&&eeEeZCktfSxr7YpQUXp(fgFo<1_}lX&x6Nx6xqiulWHB%sg4;%B=%Pm72@QNc(PNIcuaZ zy_&ksncOWQ)4&nx_2da{^(QleMIP`n->bl^d0~-kag#Ugb7gl$sA^O zAMY=!$QjL+-(5LF-i1oVkyvRX-)!Tn@i~nK&e>V%*)`5w8>=SON`AMl5e3=x6rO1X zB*y&ZLS}a^pn5b@^68CP!59z|wdIm}mUFNT$4G4xSZNW9EV%D#Dj||Fw|m#)0WcB* zH_b5#ri?lqy1H!4xaSfJUcK+=Bq)*1)4s;0reS8GDO|LEq(kMNZ_839gc50E=bknV5GCNXkP zyZJW%?d9z7VrzCrT}F?$eb4&wtBh+60n_Cj&dK+;7;ZM}JPf;oz)VK{K8^cn&tt7- zZNqnd8WxMq;Jq5=z4pu1K$)fr(au#%*uf=ba)qnqr^~geTZ;;tPRxLvO$&dZ!)7b1 zZ^#!cuFF{U)))%2>#MCEnHH7_Af|_+W5Kl+vJ@Cur`%YeuJi(2is%6`yqWe-suJl% zHa-WVIBYHaIZt8-4ejVC zX+>~fAWLC*Vawmtbc`<8V$4e@2iXlrDJNc3j08b18;!=c%j%D184z*XpNrfhL!+@f zPcOUh)o$!o&UuX>E)x@+lGf61eQJGuU%>yIu!au=9P#4whc+srkAj|NZ1gYhW%k^S z?Xp~#ox2(}fFIn5rK?qD1|EK9LY9}Mq%FisI-k96m3*;%H?zR>M*^7t5u1VBjQo6E z9=0Th4mc}=Cum7sUJ=!PJT)X$Rze4e|tT%`{AR6IO_s@7TfgqBi?hSd>(JX zd{#ks15LHr55xSFUEl#Ml#Fj6Iq6lndLW6Xevk%BHm;kh2+~lUTde)4S3EyNVYFpa zku~d*+C%Vs&T*IfIeR$=Q`mCfyG2lt%PFinIkfCGr!r%hHlQ0ZWPebmbd$AOL`1wL zioIA=JEW3H>q!ZQZbp3AB+rnQ*ZS6$w47Yv*KsR!FHz)dO=Y9=o(M>2l*dDy0^%ux_0%GuAo zp|2{sDup18vofQxGKtv)o)l~({K#Q`_g(2nwWadJVd)el$FB0&!dQzi7=yd=!ftU- zOJQR;heB4%=G4a?)w+p(DkU6iHVJ)<)2{3Uub3wcHSafX zuW1`UVJj~mh+ejKqj31SefzyFWi-4dxhbJ-Qw~-JR5j5W3p1p%R<2wnd?1%Gh4uyx(*3w=$6nQD4W!$sHvTaDq12sX=a z)KRk6uPNQYWh%-@?2S%y7H0P{j^;OyGg#UR#ckj+f28`6*%0MMliPc~1tgyuhgnnK z#z>y!*VWaxW|x*iAKyqdyEU`5*ZZtZZzI0+m}WYqfESQKV^o&`h-yGxt=8*z8akmX z5iDdtOrJkLyMTk!G`O`KMyO2`22+&AQcpq$z^)=j1dPHRZz#ha(K|P`pKdy95vF1O zg9QX4LjwY^S=|#hTzqehu#Lmhha2B19VgsOd8X+#~bG(saAy4r5A^PP}h3nRcute8-!&&NPCd; zWM0L{%&ZFuR;~LQA@qY(GwgVM21Rh=_qwD@z=wuKG4q`h|J&A8W$qZdDS=8%v|?gn ztLvEb6HBPrk~G~c9wKedVx&F*N}y`ID~rinHc2rE77^TUKEPI5u>P1?my3(b;2caS zI*=8Od3y5R@wG@a%(L4bJY0fN523Muz4Zwl>z+zjR)e7Je;% z+e`xg$z1jf4-#6Dyhw)Qla74;{5R#6rZAxmujLZUx82x`?=^$;AKVpsx|h)2-_LyR z+&OgwW?Uah%8PBERp&eje@Td^pr;^o%edub(`9gqC_)M9f65Is$`L+9{Lc!YNqyFc z)qNwx$&E^EJQvrO%cC51Tf8r;HZFi13!1oa`e8Ohp6kR0Nbb~FG-d4+BOl% zukG*%DBWuYJw&VkqzA5^5YwL*msb)&$>w_THmsiQs^+SlIRPW1_PPc-)R_JONPrL|Zj(YfPY@qs8vy%^9T zKn)lb0aSwCfG4M!M);OWN*mY$8=^f zw7R-_Vbc>%MXYJ!Nx!rYc+)3+SIvgj5Nv1tXmEz>*PZ{A#82?$nRST@ukP=jlWY8` zI8D>tsovvic^ys^CddTShWgos%I2l6xfd>6Nbhx(&v37SP5^O288f&*X};ma6f&Cb zdz&$a;~)PEmk6-Ns8j=F>2ok9$wh~HO2{?{;t0{ck<>(r%}z4AA^^@cV(VdRt%mD^ zQoQkEG3Q~&&E7JH+#5VR(l>~^3MeihBbkCHOsP8DjyFif1GGU)nN+F`h-F^-8^Wc3 zBEMM@$#x(N!5@595}RjNz2Mhz!dm>=Q> z7QWm*U?b!EA_{<^$@IFR{`2Q_Q?i-2AGR(Sr|D$qRBDg?EV@l~3H`ihy6a?nJ15KW zl^XE@bThBiIe}@xp*>73PyY^Gc@Z5HX*02R_vj3sK83vyubuQg+Ei@N-^cagQvSh_ zbQNOU8={n-c-e(?)Q1kHwAynswa%lWCKMN|ef*yMT=eRF0PBz}*g@*0uF>%0yZrz$ zjL`DATNVrSfVNz@VkQ21=N~FnMHt-!0})`Jc!S5ZT!WbKO_tb~j=B{2X2Y{rAWE-F zLu!}^qPZ-+x|_xp#&!MrRgldLLER(^^<>AsOG6wca!pgkiPR55n!JvOt+5)eG-i&? znxn&_flFV3r=XxMYNDEI#jrL?3AF4lzr9bXsPS+VZd=ve0FB$HOL0B zIwus6D}nb%HgsK#tCf#$VhIw-EcD9072KfwK!v)qnC`D)0h{oe`JH!?G!x(6b8>KT z(dry+85*n)_}zYBB?`mNx;`j@fVhROiKfFUX)h66w(-KhFVxd`z8VZo2Sl8KI;d(d z{v3WM@bndU9#!-W_W%pPXmgi=>0dDlqXC>V7b2TP8zR*J^mqYo_m8i6&hvY%4Ku|? z1=M-G%I zI_!lqCxA6qT>RC)GHn@cjK!UI4f=T(A&P?JEig(4_UiTcxHuSNC6z>DlM8jPumU*g za(d`n-wpDiHS4eD(c+|JWn~2$zmdG{$Ei zpxT>jv-4>7#d&3c=biIgzdu&`Jeo~#K{lTAq!yq;fmtVI1b>vda1hxK6)wI!KnSoZ z)t@?}NEL9GlSxzkUx_@~SHv7Hy0*8AB81(vu`76~oVF-Jl#C}0)Aa7lwbQdfWcpN# z^8LNXY1$~BLdByw{y7h`W%~O1@>Y}u$O-f3z{Xj_w0;!Fa&rwJ;G2e3JP+`I9CDZZ zh>w5#CmKA$F|LTgjJeV$Ck@`edsnn_U646&Ntls65 z9pGZsdV`4nuejjC1GoUjH&D5opynveE4y?0VG{jh6=srwzO%TqP$lvgJ#>`MrZTWE z#BF#04oZ~4Z}c726q=fHa)RCrWfJt3mrHPO+>lmO3??X3(7;X|3E7ng|A$jK+*;sC zUT$!O`*`a~ppuzX{l?4b085zQ8GusrZ$ zJrAl%=oc3kd-1b?T>{QnX@ag(JSwDn;rIZZ!1_`-NG}fJ1o-01HDCWLz7YE{X0Ebq zsG%UQQ-=11%AkLsjel@ z!Q5wK*VJU2Z(O% zOuh2e=pFyS#F6~Z;q9n<5apf)p-rFhIZS{wGMizm0RW^P{wU~L8TN)&_zU5)#uAz`XtRG()PD~PIUtw)u6&k;;1j)rax zIH#oTU%5Aqyq^7bH(f|+L<%JfXwI(>uKU!D_Z_L|F&~JbWUk{J2prgqi+>LJ1)ZuC zz;zMoe7jogKfBNlA(e6DrilS*vr+s6dx;RuOTZ;l?z97vz423GvtQL*$8 zMPz=aip`!b15!Y?QcJx~$!z6Lt<7PLi9-R<4o@Xwqvn?eh&nU{cLV-zasV49w5mg*wf@UqV8|2MV$|Ur!w;Ip<&^^+yyU+z zUq6sxIc7#P?_|Jfd*d(Kp8M^Wf3QG|5Yo}=3MYrNU2TvrmTh5U)_}Datyu@dZ*tfl z7bGni95UxYh!`fDf_Lx>&i`B!yb(Mz5#hWMo0QP4p`DsBGUV1D(%#>z8SL7Q_S=ef zmw*ZmlWM~$g$`JLvRN+6Urpa5=U3Q}f*DVy@tY6a-EPd0`hM;7a3XO)WN?)r zX$~&|Tr6l`-Sz%=xX^v?-WRZfDn}kXn#+l=^)RMXdB}EyyMQcRGBEh;2oY3(@)<)u zMxVgZ_uno^;*k^>^@d(YfErLt;%;Xzaafv82fM2IGS3qMRJfo%hR}#Ugo;dZmn?7K zNjfsvVEuvB-vzM*TEvyeAk~(84ex!3-iNEbt(kn=y$s`JAj`NutJA~uVUK^};}Eul zpSLX4iD?Vy3=?dSFCUM^0~E8h&688F{2v$+QAQGYocby-_>2)WsjA9;(0b`#2?a66 z9KX;PXTLfF3;a_ATa_nWlIrWjGY;((b$760#WVWS4B$VYsa5;p-+@a$1OX>Jb!=S! z?CxP`*VyguUL|?~9@fleiA&Hs`_;dEO2S-;X_&>2KRT1Y`4@Gy!5hMTmbrkQcvQna z{RZ$e$UvWzXsbLEQ@44KwG6}uRkTRoe6AUQk>7!beg7vj90I*E`bta+laTCL*vZldVeLT}UXUJ)4$v8gI`P@B{-phjmN`}5 zL`4q|H3Ch)sKq+CC^N}b_5HWSia^yzs5C~yH5L#rG9Y5bIz#fmP!X@%NL_0r-bSo; z<;n|b0~5ETU~jSE->4=T28^E?+lU!3p&CZcc;m~z6+sMgBNY@Bpk!{|;qvLP&b|cyR8>~hZY_0K$3xx}b@2iid^PM6hm7R9=5I-JN(cx@Y(O$j28nW9 z0B_Ois)_E8MX=9 z=LR!YnF}>Pr5-s&JF0C`5Vcoq_AeKy^o7R-5K~0nIm3C30w9c#Myn`Qh%ge`{r)Xs z#KctP)=5lO*XguZ43lD-Xy8ma9rU}A2919S?kf~p4=_oHyhvb=e@Z3psL+xz^%p)d zfjyLeT5+8I>R&{qdk0Fz{@^)lbH`gG;@3vPblm#8+P~vA@uzzw#P2Vcw>E5dMrO+SJ|)!zUou4G~!F}ue8we-QS;Q ze-rw&C|QE)eP}f4O-4D=ifppcfNHj4yPos2%f=h=)ShQj%CZvdv(@wNk_zxB(rya3 zoc-!gG+eZN?T#T+Zo8ZAC)X^^6#3ne935q%&zGkWE9^ojSCFcBVjg98TQAXKSxa}3 z>4H%(>p^6WnXZH@|LRYK}ZO`!$KP)-_09u21Dh!;tM!P zHHX<2o9`Q$1ZZy$*p61ljq2X%8KXIo9RQBRwBXA3S2cSW0f$B?Fz!OB0ZQHXRXfGB zeAhW>>BW=u&8^geQt~#jVH++$`U(_nltSM=5JE>m!o}FV<0Y#6RMEvez$-swoqID++C(v4 ziPQO4c%TW`L29z!P)OMTn~b8w@4+_-K`-OrV5FC5ZEEsNh zR{u!2wiT++qvVLLTt993nJ}9MR-NP419)9HW zCF=Q<-7hxGa*DIQka<49gYOssl*eRI(D%`skUZez4TC3p9;a6o&pJ4at-L06bYSTR zI&F8nrlkAn=HR2b$Vai!<>U9tFZ=&tT22t^Mm0yCW=}vIUuCFAWvn%`-c3*W zFs1hnAD64PY@m#9pNg`ZR!M?H=3xG{dV*-lC=OMq~ zsfLIdWAZalr-9?+7?$GLGq23Qn-3xkXAwmRHj|jwTG@vEI8S7dhc!wk#$i%j(qsw< zM(+;<-4?yon``1p@Kr&BU=_j^$YPO$edc1naYaBOx`wW}V|AT~Ob{Am-8wX_Z#wr` z#S?IEFbUfrgYhIYGn? zGO$$%eBehuQGk#As-yw!#i7d81J>CrY>9R|sPUggQ-w>(70`OdA{X+ZT7?p@0MZRv zxPY+?s2WPr4n2@~K|^}s@$&hHrMIR#1ES8XkRPh<4h1eIVy(YmSVe+FeL2^9i@LSZ znuE1RC+EJ?I3xSX31L`QI?psp#%tCzxMMa3Z?p)kmt{=s8TJ zjJFd9)>{m@`agf>(N1rLeEbD`$fZT_R}=sOqe*e{Q8rl1-5xng_&VFL%fd_3IkT{> zik}={`sSN6U{UJEBCMHWS{a>MKgseVCO8ytV{|D1O9-+J-`7^V=k4p4SXs&!8>u+Ya!DQ~fTT0|`3O(#F)54%VGbHdJMNaMPpVp! zf1LP9dQ6Zaw2&Ecf1H#ZDm_rhCt?P78@c3>J3T$gj3dBU?XKf`G{_@GIkHt>|A&pz zjef1Qpd~c)6eY&Uo!sBuoLV0SwdhYA6lyWL%&Vsw1=t*ap&sPEd`ZszaTEIN+9FrD)i6J!MF2sSWmgV0fmyyUj<(l+mFj^|BBN735W)`rl-mW9&t#7Bga zniS#LmYWUF2DK+he+5z5a9-O5dFbgN=*2QCc_# znPOr3uy* zcnas2h{-1atD4;JJI%lwGlNwNqVnKg+X+|HKuqEdKMJq5NO}K!HNAGwS8Jwa7}aP@ z*<>FXNOEmUah^#N4@Zazlel}1g&;UfBcX1EN(GT2d=Vu;s%hZp>o0&1vFLn%A3|Ct zA;YG5))O?;r1LM&1fdP$R4*5O!mSg56_bect;e|W?s4Gy4zQ@Koc`ou zWQ_8D->xjp``YJEVMf_T3D&`SHl1?H?I3 zUI`MZuy^{j8xppJP`KBOpZiY%kNWb$Ayq4q6bzQAp1Q7HA3t$ z0AI&Ms!8NTg#Z(Rp-Q0CV_Wl-$FE(ja&AV(JqEWDs2oT$7A3YU29OFPd^ZYdG40FO zDxj;Cskqdh1tWArz=6{AjR;RjG}#|I5N|uizdH~U;)Z#a#nB9k*}Y}w!5ZK)Xk`*p zc>ZQ8##}=BmP-=b!ga#Ah-(1sAnO44c|;&DoylgLWf}5IWHX2u!A>JYh;;5zj9ll= zjOpY!pv7)Juwgt!9ufdLevB3TWbQ_Yhi%*s076C{}0WgquFd{vLfx7#Sde`$Ca4wPu3%i4^N^2KBsMY| zXE@P7*jhjF?O6)q6QCgHde)ml`uAkWT5p}u3HavI`#^UQrnS8L1&pe@02UESth*3V z6oHYQp-#pPlIc)v%%3>}E{9+Y*KYFB3qM_bcOg15WrhjzKN8al?^+nz+?lq4Qwl^& z;B@AAx>1X@sT_2_U}PDLu*Sus91Oo*3uHr;g?}I41@X4jEFM)jyCy4))Hmc>4+96! zz#t(t)LAHcz-nB!w>YIV)$X_029&qB)@mn)e^MlYR;1>>6aFEs=?6rHh5ⅈ*m23 z0R`Nm;?rar&ulF$ih zARx*C(XpxDOLXHHFlfAz;IN*r?x;dw4}-#44jx3>T>yotbn$RJgMjgV)0fuzm0lug zHma!z`ybLaHfa~oG?ZY>R9lL4O+R2t(__p zdSa~3PKvxh13)0#6~lhAQI$G?!2tg8svzuYkYwCO$PWccA1cpWhAvda)<$TJHHsgjYAMH<}eTDy_t#?&V zrJMYV*5*!wYv;5wR;4W}%Gi3wsL(nUL=HwjZ^!mc1rp`sB|<4M-3%ZpmN1fl{bL7$ zd2WK>Fg;@LO(;iLJVZyGM0Z+J;}jkD@|P*zavIJ9C4RW1vSV<_HuqKoJVC;O_XyO4 zy~Az4kK7H;G?sW;e5lD1gPI8{nyv`1XQjoiv9S^kBd`(m2|Mqht7*!18{GJ0De1Zw z+0#9#u8HhnjIu7QG=t-{?^+4{fvOW(3miKz2s@>pu>f`kpZW_vN zHZpX*@Nokp8XZo1}?J+V;L{Sin0yi1dc=U=8|E6~LH`4DJQwJmCk)!jF?LhVG6; zJ{&4zzXHm)VDx~MZ)&JR!HYAt?o_4JSuu8X)$a7h&`GIuU^>@(QVUR=iqPF87HmDW zkQX7y!>nlI%fVU5;A4nQ-s77Dsaow4eALL!PGyf|zVllI=}itQZ@GZRlu@6BYc3U-Y4W~DpF=gu z;C9OG&Sm+A^vBVvD(z}P)fL#iLPgqaL*J>%SY^~Hr4M9s6B6$1X(S%LXm{4Y8w1+V zA2^>~+r(|>oB*0~>|JKaknquyh4GT_X7t&~XShyo?Zl_0rF|^mMTZ1<6%o>OOJs1u zZBb{cKK?q8lgGm_D5SEjWtgD_GE>(A$fnIqoN`F(r2{kA%!|p4N>>r87+zm;GIMk1?2N#P!1*hXE(Zs5@bIUZ*~AQ8C-AMw(YTa@73(rD4*c9IHAu!P zvpYhj8k8Ne1KE*th)$SSRLj*hHQ%mHx0+~RrH*vP$&q)dl&rTl@dL$J zrf4Fr4iXvZ@X!G$DR8?czuYNBgA3|HNqqoH%xY#JFF>9IaYOg9-6L@)!uO6z?{*)0 zIZnSjl)Wwr%eP9z2c~Z(VC3cQs5jK^?uCGUoJtSS$02frWJaFfWNb zDVvW7ImEpLCswk16Y{z+aq^_5GJ=VnT_{3mlkqo8$ZT*%nyYU6ww_mTV5*^^!R?+f z#F$tqeSr_`gaB#;-WjTb8UdiL+=Ibq{$j^yilfM&u!@d*Q3 zm`IE}Fu%>QPGYH521vESq%5qgMsB>iC@f+4??)jU&H;HHRm^x#P0$_RUpzmdWakTV zArxkiF9-JT9F`H3F1Gv#KuWLTFGMY`E)w0J!jmm~?_T}>ewp(gYHOp1SQe<-4U(j( zRq;$9;zI&|keuOOklXYzzTn-{Ksr2>mZ-Y~YU5ky zJ3pv`W=dwz0=$~PEJRx;=YL?@mB!!*w*s*6BLAB0> zG!s}!SS%OAHuIo>P*`;J2dF*^$w%xWD2Ky&abh2L%7Rnm=f=|l$Wul``T-Mss`>zU zqg>5id{G;5yis+0eB9d3Sp0CZKd@=#NBr%NR_MrImdFICAH{3-P@xj_BX!DQaQ|?{@fti@%v>9$QKfiBr=!;NMR}*zlUtf zSmk+DBh*V464;@bE4ua857@v*auCd1{7K?I3b@M<;;w@A3j+p7#%xL2v$i)&7e|B# z_Y^@joMgJsN=VaOGhl@(K_o&^*jmn~EX5(0riAw1UdHnBa!^c@%dD63J(UvDJK0d> z?nbRZk?0WKNcC%;`Ih8MA~CK2_Vb3#A&`vchaxnJTtI7t zU?vx9(glB4DG!f`cx&Nu6hq3pj?s^;BHIYDn8+aV`XZYB@|D+6&HLcsAgBxr!P1*$ z*6Yd;(?mnWffTdlPofe=z}kuLc+n82(ZG%Q@;@d)f6WT8p(HKS2gL=tfgw1R2{uPA zV+6|g!xO{KCET`YD_>t<4h{~gKniEIiUUu>W1fA|qf3MZsCh);SD9e(Cv*mWtsd%9<7Na@M&vFMJm z2B3i|j3DVj1W4l1TV5!}V+oPyR@d804ss$H&Iv-G5!~RZt>$5!>XsDUcuxWO1U%*l z>Rs~jV_U;Qb)2TVINCZ`Nw`g4OVUuq%1d@K!QiF$FsP7QT}R!%0`SLl&+AK+*-|l4 zI4_j88?RJRJ+Enof*dy>?(ol@ZUh&^0;d>C=8S{lI@W+JY~(0MOc7n?t3gFRpZ!wA z{`|q-WZNfBs0w){W~jF&VGI0~pvOIN0)j^db+zUWd#&Z-poFpaRhyGNBDHxoPz2`* z-JAL$!dR5Pje3beE=C*Yh2JQ1xi^#h9kjGEM=QwNl4l0M=#mPugT(4SppIgAsM`W^ z$Q}(62}(Y>gauF%9mh!miEeUFajJ?t(2kfo1i zS-vV;$qbcGP3Q8)MU6|23);Fx{=gsXx?-O>2cAcSwWQz+-l=*kB1nE=5>sb3lKQ!F z*}dWYDW1tp@Zym3REHZac=U%$SrHqemv0au`Qg?ayIP_W(1K;kkehSDX};w*uS`_GD;GRDz@KtQ)XoQ=lH6( z+xq?c(i>?#wf-cN7D9VH?ccwT=EW9OR00v~;zL9UunPlH*Ar8IZ1r32qE@uy)>3Zt z0m)8_%a#HAp4-9Da$}_ZklM1jr68z(Xoc55Oe3!sYtRM1iH*JLFtu`br_Uu&ng%ya zgkgaX=R736i|$fJYKGo^aLe57OO5qxfopG`QE&l<3NLBP`D`@3;*>GJ8d)F!7L>4d zA4q@;*`;H+h{j+bGE-c5kFGPTRj7z&Vq|ppuqoP2Gk}y&p)e$=^IQ!5CdKQcRYQv4 z$2Y<=k_Ra+q#Pa$P7AT`kju~9ia45JKp3L0}R|W@fa@ zk=~ z;TS;d!YSjz+QO=0s;cU+38+C~9Y}zlS zHEkNnV(SX#Yx?`M6lN2w%Uq3hk$>>k)^{7^`?- z9E-%f24-D8$G6<(qq3Q`d$}5;@3rz%e(dKckt9qd?#{f*4_?N)_-I$(_FBPDioMMY z^j%ewDyDThthKIj$t)njHh0OYwj-Hh3drvzD120j+z*VdV89XFEc-g1LFHPh=zY5q z9&7ab)dDroHq7G0)=vq9Vn|{lof(O!3qDH~ILRgej@sX+1$1zC_)BU*ViAqF5A0F%;)rxw-()0Tp}R$D(F_6p6aK%?V{zD zRD_W=b2S^hgL6bXT)Zr_7+!03+po}SY15`S?e6TYEa9E;z(#uE4b_hYJ)9MBU{F@M z0*>?g;X(V}5PkH1XOfB;e-OL7@?5NJg*VwQhSbrt#Zkfjf$+ZP70>&RRH~SsG!N*U zD^AnI-{ZRfe>i*Zc&y*Pe;kojk&L8lksVo?nMFqSCbR4jvPmjZkxmjBaoRg0TPiZL zvUkbed-Hp}&+2nu-^YDl_kBHn|L7Fn?_<1<=W9QY>;?6O*Mt{Qv)&SUW($-=b{XC+ zb|=^DPe*zu%vgz47H%Ci0`8A&Bzb_E^8xY7vi&NyS64Eyo7E>aXxDzjF)MET=>>z? zX9QNc=9907MD7;2uKKFhL_2t{#ZI)Zwb`Di@2*_M%Xc|?t1&&Qk;%osc5mwFkr}Qw z5{gofE;*eqFE#4t1m5tV-!fgz3X_QVRjvZv_X1QYTCma3%|yV--FjmQx|#NrqoK=h zW{~uF(6tfWo;!8w50?rCRk96|E*iJ&C?hk5tj$p`0$4WcuAYr8kk zml>!|`!72>I7HbSlujCL%uG3yU)pmsf0CJ;%(P^rHf=OeFNLCYxwM(M^t zJ6j}$2Z>WlL|9%azIj8->pY{UYf!L-vql&lGVjxp!>@&vmq<+6VVG0ld;84oc`trfu3% z`%&ZfvnGd-dcwh8mn|-mhZ8M%{?_2p!8hw8FXa#NzN6FpA|e?%XH)akPha-_}{SUaK!q5%0Uj5Wy^6I{8 z?2~2s>gw(>8^llO#^EUB72*Ovf=$R!F#TXqYT+Idpd=*#XgFP0Sbn@{NdQC_NrrIg zKw`Gc?EH&>Z{Yf@+XNB?-|aeGpMN6>E9&s^!OYA|r4|pRZpOs`bktWZ0~QG|kv#Kk zPaLBlnwsVioUl!V4y>`D&>^g-%lFqlk{rIFwA!s2J$O4`aiEkFs%b+k?b|FnJg0iN zoxIwpdVnG~Fv{){c(!S?-=w~`kFn(R*I7TbQ$Dovn^)RUD!w)QTHoaE#i%ASW<_CLS9`R+5WC$Q=DNY znels79j>K2GQ6&^-#N2KlKrM_>QTe$!62u{hUwBlkJ;y9GRQ4++!(k9Me4h8%2k&f z@7%e5xB(VpU9&lvtxbk1{`vbT$;0+R%Z5n_Ptzs-)o)7|oW=-j1}BULcPC_)s`PBv zi9ME3pBh@pD{G(W*hiC8&bbY2EtPL6toCUr*bY)d_yek2p02$wbW1cESuJ01>5!wk z0j-Fe=jqR$Agg81Xuu|Tg+v2<_*<8w07o3VV>`U05-CX@kw;QwnRdHwa0on-&eEKC z6vnQHoz<12sf?u*Yz6Y|J?x@W%ig`@!(lx`BH7iXW3wl1PLQT)dTCU2(p9Hc-M90_ zUeF64UE1v}{HJi;qY-~^YfGj^xl%^S(;XC%PKK*eah~Y@kg|}ajt)nUL-i8MKxX{) zI=&td(OoKkBbBlDWJw4yDV{k`WrBLU0O~ET=Z)v)07ZW20rM-Os}u0p3ki;gsnu4K zC-EoZZBuz>{kC8D?iH>zm`(lKGp?rS4s&D#zN+M3$MeI++o$@zjL?t29n}o$B7&!B zr*~e&=^;!PLA;5wG7;(v7f?q_CR>etWg;P;-(**$CrzmC|L{(!Ni***-V}G1t=@m; z>sIE+LIpDEHkH%+bX(lsg1vs z1KuN*N=PGWRu%_M?dsk^c7T@nWiIe}0cnJA{}pM(&#H44pSayE>Z4`1SL-rz+d+^3 zFYTLVX?DmzE*xAv>)CCLM zL}gu!0a_U%Qw#x83%Jm}9fIq-8d$m%1+BJUcQ@vWv9#I9$)L#JHI)VT9-z$-@xR1T zZFWqrcXTm6)LL3b&3Y7IX)GSYE@mzp&|eB|=4s2lnlehcL(7)Fv@lqz>b^8mb#XsA zLC4NAv!Z&p%~qSL>7*S65p~94`jU}LBg+6fG}v!7IHBv)Ga%$taVVcjt@Q9qT7K>< zTCeK6T4P;Gula16pLl>9VS=PTZ!LRZ8;s zGIcJ-w;e^&b`wkKZJNR2P}%oaI@RtQf?e)`Wei0wHtCXGyYF8dSa*~Lak^IxNmR`D zrj0-T6vWUF9gYp?`wgJlgpG7y}rsSU$h)qGQUjUjI<~ zh_+xS?_9aH3>+LmP9h`e#3uo?wMZPyb*i<|03&}e&fSJjn8zJoPM!i zH$G`PlcgiR`Adl+FTip}S#BJ17K-#h%79ug+@BQ9Bi{&<_D#nE-y9fk6vKl^*^pj9 zPvi3o;;?TcSt3mCWl}kGCobjMNb5c$Frgs&aaPIE=WBueV95h)PPgZWSU*-8=-LF6 zq6!ZpB@gewL0Ky4JQ~ZZPLs6Yt-y&Ii62ot@XxCKR^k7H>KAg?a1jrR=wLdK(fnv+ zt9q*`&v)$DfTXmGNpKxhHm-`F?HuHNuH$PDoL`Fk^BxqVGoJ7KQAU6+IF4C(`- zN3WqYi7 zqDJw8h#2h&kwUwBP|b249Lx%*<#^9cyg;)xyWy`bab44QeV85|x{b%R%(H9n_;odj z3ys!rt$wRoJJ`EnBsnUk;ajDP#j!Q&KKqRyu1)@4BCq2()NWFi#BEOJ5@dgBw^&BU zo)OH-i@}LB1h2`}Tubg<QQ6)6T$Uhm&{a_e!36 z6;V_WZColn;RRL&k?t35Y>kh_vAM%#Ho?67g2DA-knf8p7fJ3=WW zWyo#m1w!f~u|5)8oODjP*z@T}tpm^@2{R@%BHqS+_r_RuYAcLcy-vEe^@_VC8;<&H z1vk>+osy~L$AJr#^;Nzet>o$))17_BZiAOCMPEz#Fuv@}**kCpuxYo_n>k^y+M+Z# z6lzYh(VKn=VsOh)#E6ZvIsF)OpbMRs$X&bj;zLLQWY&o2Kp4>xg1ejARn+#k18qi% z0yuC~kYbb1nH|s{hR5)^u{&UeqI#qsm`EV zyO((qXxkhX(jLF9Z&S`Ax;=xPiT+$Dwh9&!DDAJtDvrHphty3fHdk}>`=)_eDb&x8 z9YuNIwYxzT9rgZNuFn=K26&?usI|Nkwm)rM=R9Y8hLXc7xs~I}q)V`C*l!`jH@UztOEvD`~6$F7Y%2+)FP>)^!0d;$|^1x8bq#P%Mp$<|3W2+E9o zBn9&qjw@0PU<+4E=;7EcO=Wv^49)_4>r6HD6Lc9Q-ooY-P@%XuyEN1O$dL01isowP zGa}#NJL%77>>OJkrFCtscSnY0>1X6k5qnK!DI|4Qv}Dg(f=RdK+&s3cbQnRBS&N!P6XfbZ#t7EuWwAfk*Wk@lH$`)$GChFB_!!S%5oDM%YUB z*S-?zy62obaQWK{*((FsA^xiDIF1{6{_4l@bB|(3DSu>LrHoT5lcx8GjglUG|G_N( zL>(UlbN_Up1VE`yEEFDgF$rN=3%=5t-k0{}b>+D~Vg1ILQ4LH1?Mn>R zFQn`tw$t4c*)zlnA#z^5aFsG=1tO-*vn@2UXDgS=t_%R(Kp$ z2SXIeUA^CMKeXfqpz%>%QIGt0W4w!!e&w!eK3C4@E^`S|-_d?msDU+y){!r~UF;*+ zx_c?56#M}gt#4J?If$@)z=s-XOpz^iG@*|^Ugh6ffUfb6;f&2x$fyfrLm(FzkPM^# zmG07^2dRWakS%=5XWWQ+A%IkI9+Q0|mG~UT9XN(=&oLzQm&w@+pp6W6C+vkx7|H@; zePq1?n$I?|TjOP`Gq4=IDb~eqZn+9M_JD+#R@0& z>jz#BKTvzCF-MWVF4*f)Y$@Yr^}x|>KjNo4LEqoFztKflXG=UwVFAd`Yq_eQlT9qZ z+3?~`k-vN5_UURHyWz5{a2Oz4wFm)1DWsUGzh}1-`9D(~`0So@;y{|dM#=$eZv1Es z8{n3VNRCE2szT04!8Vfe_!}|FXd^;)lZJKD=gu^eZiZ#p*-uMPKB?Z-2KNy!KP-u@ zn`(SBXyB;Yrs7hp^r`w4YMr60%R?M4b8{ZeTeQ9^)jL(k`ajL*<3!Dd8QYp4DRpNv z2=PfhjLcB~vHg2+g8d^{}x92rqC(hV$s?~@S-q@Y2g*ldUiQa&t4HPG;FXrLuERNW@EITwCAzp{n)sx{7E^TuN?6> zeU<7ouSO2%subVi3`?m_)Bebpn}Qw~Dal~1z|pC~(XFpeRiDusB$@qk*<8b>rOX}_ zu-16n!Qs!&)l4UC5$sGLLd@jZ0Uo%$uZp@+2YsFSPZ1-R5MOTOs7J{XV(JhBp~#0a z-1M&}zG%aQ?X*r^HJ5=2|F+DKoTgTCLmA?byMh7#YiOXu6;9hDIBnKlA;w7ku;ZdYrbtsd-kR%B6IXqxjsb%k-(GZZ6w#=f!*!iM_iS1JHHWJH}-O zY_q<%8YJ?!Vzdl!W~X9{`wPnQOliCfc5s~P{U!(4#uLO`Z(=NiPl`G1TJ~54bZ)N62jkX(NVLv8drkp~*=VJF5sgyyysfr2%ASWonOB!9WCYFBO72$9d zsW)}CkyE8%0^j!Xq9Fx#GhmLzpEk`BO33r(G|NoEF~$R@#z;-}5iAISCOsHsNVi5} zAdVN7?d{vw;Od5n#l5X&;=C}W>w?aaC_4wsPnRJ>JU98U$M8*BEH9@mZu}KvXt#}Fx1%7?04J5jBmYI>x41Bnw+pF8(5%|w{NL()l#vA~KD_W_z_jG&jG&v%0Z zFUK)Z*v~=#aGih4Vqs%})wR^=p0e{<0vrLd>;DUJoUMg2KfyGjaH#%8;Xn`^!ER*z zZoueb9{%J-k`U4WTbR;47_}38KE*>nycHMV-0HqLuSZQy9ii$sgHINkzL5Sderz)vvBk8c{UcZdg@#sO_^3;XRrRA280q{{p3LL&qST93986U>uCN)Wh zjQJ$EZG-u2_Xq>YaBN1RRMISw!YxzZiIIe_?c3R(&A#8Yy!l4MJu$q4yD#V%oll*g$WsXH-| zkq3#|g#HHmKa^s%>@Xbd#!hY|9^#3_Lx2=V#QEpLdGDX;`(rCikWmlaKIk!e{ku_R zmK8(n6=vwsm}pp*rBGr&coA5M$bgcRoG1iN;zri4RuG3LVsbtX{ienN$rr8DG^`A! zCa^#KrGo27Q$apbexp6xiO|!~*FjY$WU@(@Q$da#d*0p>HTX?1hJRdx_3YWNXJ~h4DBLH$@sG)fL zK`kD<)tU7_tMZtH&Nbb7dxDz7+DMoEE|Cy{;x~W0gY7urbTb82<+u!P!~znVe%lNJ z^BlCN+FyO+0mZ;BI^s}~fw77(d3D(K!S!-2g=62FE~M-9De-(VIaD}O!=#arUVMy<}B7GzjY1` zaRM3BpdavZg~+XRk|w;txuw^C`qa zT{L2Wp=eE5@Dk+XF>C?E(vN8&;8DC9MuUwz3qQ>=?leT?GCvwN-Mc$zgx*wJDxo4H zhu}=e!?>$%it*leb*op}HON9gGn0qDwhtXgDiv_;nEw=00GZ~+L448oStegFMo<4T z1vV!Q#k1TGU`j`2H8q-YA~jdo?8=Po*Wuj)>It@pvH5>lIyyiz#{raJK#*HP)Kf(w z$?@2PI`V#{+~*~a#j$A-WG-@l>PqIM(uOLn)eH`7;0_+L7Y!`HF9~H=8^G2>6;_rD zaxmNU?aO(DB?ig(5RikFMY@HLJmUYx()a-9!>Ip>><-mS|C^=qispYrc9&%N^Cvgb z`M8S1UzrI2ucdtb7y%I9;md4h;#VP^EwjM=kmPm46?D&XCTvKacDyqbVD$n#c^{lI z-B+RF&3zysB*Y5TpDtrN8msLuPARdyqwQ08DyWmz|6qS&0-R|}D=Rsfn3!A+_dUz@J_fn0wmdAM zxJ^%*neE()>GI0g{6CoT645NsJ%M!V|9tdc_3{@@Ayta%s!WmhW1DeRRh-;E-N+di zf%=twahkaJiR1{+;pSVi>2m!CzK*0O`Hhz4CoqQzNdwIr(0Dg@e{smEbS)3P?N!&oI7v|?D<~$S-yv#Mad+5sNKK-|lb*AAc~ zEuebA)I;HY<;?EWl&l;*C_F?L7rSX~E9Us2jU^J=;*TZi5PX0xz^G=TCMO$kQ?n*h zt~`-4$Fn&wWpkc>U+A-*n|YjKI3K0K6iF5;%R(L+H7ab4C>?^Xn}5#5p!>3N z?}_V5O3j(eTFhjpp|bN~o{hY!48bdMP?0a6920}_HIEBneey^^^0^sWc~SBEuT$FS zatYNFeWPXb4u!LBcgse~Bgyw-WQe&4BL2@qWIw~(I(_9W+*0Su13zk9yrm>^O#qyAXPDM0z znl-M?iYc4;N)hMbI#Xexn30B%$p>Y#UVm+zx!ml#6<07llk|1qKI8mb_c_reaEMf! zF(Q0r#Tj9pJn!QyySXUIp3&9Rru`{Y(~seILnkj6fPaxz-h*oiLr(qj{g?YLLcx^& zHaqQ$r}`VA%P1&xk*(zekcsN(%vS=Bw=5<6#4&86!~v*5p2!MT@XwlrawC8ChZOz? zRC0~rdsh zy4@eH#MVsmc|Jmz2CrxXfIr)qngz7-gY&(ZcNs$#whDpG$!e+EDxBSYZa~X{=W4z! zt*uaxyRp+Zb3nuo7f*AOqP$my zK4i#g`@6n#g6FTltY|L+Yyh(|@Q=j4pXA`Fo-BDo{6HMU+7b8{lU#G{@6qDcV2o&% zVE>U*Q#sp*`W4qQeB`Au^|;huiZR;nb63H6Osle*KFkCCOc+zwEe}P30$y=QSAa0m z74K@R&~}=a>Hp*lJsdO}Hx_n|M zNYC8I9lFYfb#&~={nG70_w1_@p0g5qUaRJlgZICS+sWP0e|iitv;HsauwhMXTkEo> zAZ-uQwK0&U`1~e5KI+RCIT6WHwg%OkjVlp^_F9|==#opCAF)>UxP2xuMYZ%cZr6}@ zlkUw2yGl9k#TjWvf+Qu1N}SojIlzWVbUZK2;MA@Uu5np0=^dy#&z9E-m>V>LNepwy z9+9$XAd^s1^*4OUx+vf#V3IEP#&NWCQkQ>_gC@m-00%S>0yrrg(rJ)z|i z`y`JQSPt@(OCvyq=rcP6uC*r;`3ZC{CQf?Iq9wBO11>*7YXi9hS>_8!rP^;q$ucs? zOi@k@byeO}`PRH%SJ=YC-R#15X=XjN=hUAbAa-U7f^F~^6kRzPa|-f{N*hwLxGws> zJq_V2ecfVU?A=p?{tpz84f=lJfS#77h-DPj(#3kazh#?+k+4(0z0PBSinJ$kQYI}I z4`XGu`BJ?|=PUHgdXF|T&H0I$_>S5KZ@x_s|2ozCz_8j>!*dE#*BkIJ1>i{0bqQDk zuz%PU$Y%_DTMxlmolktZPb`PxouJ!^l9IA$fv~$F*uI!g(qLkudzpfP)7It}T6+mN z_8e|YP&jx3&7N0Cbb&rw;$w7|^+pno4*Pv*dtjk_dP9u1_pp@6V1|y}3GF{UHIu+K z&#nxi+!#1NO}OJuZD0bd8a7hr58|J*BE)N z)tSFAE2cbZxK@ac@?= z@rcHxD@4h>-b;mu~@v-;bBc4pPmruM^xA(d4wf)%H z5aB$rVu2{WNh01>!QSZ3KTFzLVry}S3TKk=^Wr1)3+xS}0yB?>Q1MK)1)zW|^?TvT zm12=cu)qH83?CV7X-WmlA>+<$?jTpjQ^g^kL{_7WhwR1gQSlaNvI4U+IqOEbW*!xx z%H?Lg99xnc>+PO6%%&ndRz-dK*kt+H8>xc0H>ti_+-7?_j<1EUxO5P|J!u!y6a8bW znkg8)@iS|fy;{UTj>VL^pW>-GfwDg{&;sF#G1k_FE8r*#otC0^#0h)9Ca?Mh(Fn$P zXRW7D2~DTJW=Xx1tN`~=Oj614zaPU3r_4 zZwfDDU69(r_{;Z(lSZQMlm3e7Gmh4kJwmq6UM=p2B&~iR039PmUxr02BX$9C4a;Dh z-!{+~=Koyyyl{?sAUMDcr=U@@K!H4y@-v;@S^pfjoRo_~MDs`6h3Cb4?QZmzWZS*k z6XY&P;bwQPk+Q?l@_C@;W2U`dyx5!cm_XP7hGpIGq9>L|3MXo(zAGRAjT6Ip;$*c; z&CRe4YMZoy;mq}s8dc8)+52jbjQtHS*75sGr_rmiOsH1I79w^G4D+>KKrll*a`Qy3 zA$EQL%TGR9jzO(N1Uw;ARhbsh`8~ME3a3m`TZ#o3ba1#Xn4vu;lNO zs2kf_Y;oj-KakGY{@L+r0;u+3rD|JnKr|ozd(qq^9ZSFF{rTg!ob8cnrp{qWI~yun zcBP5Iiqbdw_`ytx#7>p;aKl+EB|Ua?|4Q=4Byo6vW%XqN=&ujxCze5P`KkK2mfW0+ z99U5FrPyvxJM?iH^}Xa#^QJNcms5$3lpVb7UZQ;7Ujyx(KzE-Xf;Dazi~GO|851Qj zZ)?ffxLJ&kn@V_Ia+J}Lw%RnaDOWVAIhEpMYR|PFFbl-2hu2?lPNAA4gxAM&u`q>G z1>U55)G6{H|L4s3JF;9xBZZ=+l~yLQ1yPRKwvD{yVw1+{jw6foqx0A9JPCP?g;N zJ&Z}fIUAzV@OotcA6({c+$H#BL?0QP^uxnA{JLXgQVG>IheLmVlaO`RtC77ejV+R@ z!-uku4NjmS04%TQarn8t*bt-s!wnHJIrVSF1V&QH)ZQb`cC@|g+_(`DJ8foR-w|_Sa+AQlApghwH#9cuu6bAgl8)K!AmF8OJ); zy=f$W*WDUXxgEPto;NI zJK>zp<5r8RGf@LOvyB(BZdAMMtVwSn63LHyy_Qb~#W&0hfDrrch6yQY$3>G_QL>P) z;QX98bxM)`?5lnOfg8RT>mOTy)H9yx2s_d2QNxON=n``80t$fFzB25A^rg`%6Qa2H88A_0 z!r~PcFphiHT9n)33PND%R2*>i`EpJ&RZ7`=$z(sl9_^+egDBT|Q+cl;j6}lrwPE4# z!}0!d<^i-{0yL}R#?Z>>>J}?D(Qe123h$42Fn79r&QFhNAORxjCKA8pW7Owp<9p(V zD?Ds(=oXmF4je%G;Jd114i~|}8jt@a6R*jbyP{^)i{w;@xOtM9-eyx>)&xU0{vm7?ZK)pZ zEm`>HW^kgovd&q24?QmQzFi2m5(_&L54MZ?_0J0kevivs$0vQw9X?a1R&?~>MAe4f zKwRJikD}9oNlMKg>d7nd?U&@*+^Q8S$wKL07!LZb6}M}MTC3FI#rIvvTeslUdR(sK z%c3~IH*h=`i5F(W(7&?ZorSnj9w_-kvDKKc_ua#@)#Bb;O|ESc95n-_s(Yrm3Zz~e zLZN<4&<a+>K)Cn?joy^`Y$L&3c`7y^|rpC3LzVt0tNU6{qxBK)n|D&p<#zofnc1r)Qj)(soiiMi) z1IdH_wxV$&kq5kyY)&K~Uo0SBTAf|sY8g`?^7V_K+B)m4Rrd#d79%eGqC2yrH)>aB z9mx;mYehiwzCFXCkHJRzx;kN1jLr#&!Kt)v=|bBH5dbJXV(Y}mHN!0gY5H=aX6=Ej zSL}({s3kwui*?8N)_2DrEv>I~?Pv6njLWym3 zX$%yzV=E13k>#$Ns{;^xT49U94fKWstd33jh;t&94e z2*8MPzkU6J90+`=rCBx)i~a3x_DkMl)^`{Dv`Eumc6!%X&vpcPecCX`?`EARp}orN zvD9}NrHNwOQ51@_tovIFFq}sBbhUz~nr&iYLjM-CDcXk|?xn)DqlYy<`9SInjK3S! zP?E&4eB91=9)UQ6_|wn#+&A)0zLlw^fS(zimcNSBaNm~?2zG9J_~tq07@ZyykEC*E zhe#Bm?kOTlWx3iXQYFMPna{s|8|Pd7n1H@nN5tuWYrom}O649(v07b$a@Wd{uM?G> zC*nT;+TG4nPA<4|qsL&i&-}$*Lfu`Q@JxF5G>$51l#`aIN3Oe=;=700*);Olh_yus zYBMH4F#+Wi!itJ&}+j`;CQQ6lv~t=frmtti+z@*P1ZQie4Rh$#;CV@8eIdqyCp~^VaJt z_ZBOVi<{t*ukbUhs!ho+#NHjSbr)PJNNDHb;6ge2t;OmyQkfvbdkec+=z8xCTsHLK z8a)-Et}&hUTpKo_uEX{-U`)8L5a3+mVWzB#Y_a@)Gth!v*aDF}ap=_Pb z7T9smJgLY-{W~!Tc9y&3-#j^a~pP(wS%;vL`TmXI^1iY>83g>5#bZ9utdj8&* z4;YSe`UD)#uqlm%a%63{h?nD?{ljK%yMtR|In^*s(5F({63j5@7Ihr6EH?@Bc|U(b zhWwfXPNSiTB4TjOv%}}yh$JHzJr+&~uI|~XGI$yUNi_nt!eYu_EgVOzE>gK&MEbx3 zIE8Gw5N!IY)zHjux(?yNtF|_Xrw()-!hgNO&oN-JlvA+lm}14a837MMm&HyKu)B$`@U zH}v#kaD%R`?D(jwsU`ZZVIn5sWw1Xj3m*_JG9b+#w_{a!QG!S=m#n>Au}f zb`Fj-vV0<9;v2Ot&O=a)N&MPFhh>5t=G)E(A=l5Mx-jUbDbfbLur=D5em3sxC;fguleXDFtt% zRRh!cVw#GzM9uGZY49Y-WEn%~I(DEiHk@$xTJ=U9sQ%zPN7T679$vzvcdRl%{2idVo*vwWMaSCK*qYy79E{+Hz zW-b8k_fL^t!km8k40t{5DO@Y?o}RMeVp9=KHzcPUsdaJdvJ)!#X2@oL-Tn|2_k{{a z<+QM8fpQnW{TH2U*8=TywXNl}x)40lG_#LrLlRH}xjJYxT7MNaaG=OynK7mRcf+e- z!{<+4`Y3@o!e@x}%~TPj2qVrx4g|&@b;kIkV9@?IG-f7kf1%Lvg7HMK^gFobL6`lq zl8IO$dqFTgLwH8*i_vXe`TDw;k@y~87VMhJ?dAHS#UEz4t1OAE+8O?tvK+;OTD)hw zsyCAHeI@7`b#{nIHy8r~Y(X7V2o}Z9ogKGp3ywQQLk@678rqCGIzWL?_krt^bTaZ? zF9BeNGTY3P8?ZkyxJm^CzYL^Q^VKViGMG8VR}>E_c6IG^M00c%;|7dLL~wSN*(SVCe+py zqSfo%qOdsqJI-*09vs3$0Eo5(aRFo(jY-GE$Aj6vH`oDELtfeYbbguC{LgU3&z&{q zk$HXC&6C$sJPVILQ;4|d_LGHtX&)1;L-d$O&Rk4*j+#5zYhe`dH_*-g?A@b@+lJ5LSm(2o-k; zPvKB_)cO8d^*|33PnCDm%R@=;qpNzFI`%h=G#^ND$Uf+LoFw?8w~ZwIs^vz+ zd_Hz*FO{2@+39zf+FT%iE|rUSy`-s_Z2}o+8TbirX%rMMn}8aJsLa?+m{MyPO%B4& zL`r)5c3c|r;eS%J0L9pWbTvB#S3EXjJHOWtD0({g%4;;Gs$p!C-(Tio7K5!FN%k1% zK$gi1hMqR{r5p1fGla|WH`<^#G9N3gQ9om0qfdt0JF@Z6-go$W5{<21N;V?an zm*(AdI^i=V9aa9Ax9KyF~irj4(*X^LYD+#lzb& zf&wUXp`}(3A|KOU+!$Cx#s!=H6ojwptQ+FjW5(nF@r)sioe3($7sRelNU*4d7Qm&S z=~U5gOePNGuorhJLo4VzY$~Z9JqZhYW{XDQhNhGk%AT{*X?pp{M$b^^tsK`7#<77x z!lMI9!I$>t7+FU$XUNOrcwjHr%&(Im--*IuDgYBS_5xr>p$z#Q3=O%I3f@_)$ybqe zm_PXar5zr#Mvt-EkS|b^RB5%e-F_9B%nT^yINECijwP@bR>T?-m={mroWSB@O+%=Z z{>Tvt;K-&__zdIkITHx$2dunF{-iLD$mSq26yGOzOyd!;a>YvjZK!R*Q(PStLoloK z`wMUDB=z4%;?8r`-v2hTl7z%`fNK7Jn=k?&b^s17l&Ls3caPQXiBkFro&po8J#s&Gz~6mq;%|c(rI>-K6Y?4>{af?#s&S&VsjP&UuaQJq7x$Tq zJn_t*%IzBs`%A0>yIR>@D_Ji99X>dj4XtEuZzdllRL>!!@)Q96>s98|Ft_8oJ~1$9OH#=NC@{E^wv_>brD*?|g5a0(nA7)@ zo>SZC%I<{hpB244WE5wUVhN7#>ZH#uwTrdo1a4*;2I?+wa|Z?SaQ#a<5skMs%lQ?Pu<@PF;f; zqZ3|8=`(Wf;z`xkj#te4P>@LYJD@6;+ZW=W1PzKd3J)%vPWAsI;bX_aMju8T4@53? zz#H*3mua470Av;aDaAqhK~8F6ELq~VU2k4!XX1Vb)l!k|+MVdfc+V3YBZNpy+Hq+s zT+!Jk+Ecermj8XT0~KQE8SgE}?mj^G1pIy?@(&qGE?h+K`?-V=+NP3dqneg}e zz&2UKfT$PIfxft~8Dhn!^r20Z$3@4zbjH@{knTZgFP#>uF9wVGW?vfG?9 z$RA5h;*3Y6@0Ug+mv(j&=}GvPh`Em1$54HJ`)6ST0-oV@JukDFGGz7f-AEd={5ZtU zdIcqT5%A=j`9BQJ!ZM&JtUrfnBgaRD0?f0nuN@9q2*fJB@glu0Gv>JE!*(E(bY<~t z8ydSt^>DqvVogJ&m@!;xY&nKzwY5M=T{P>aXx;n7M5*ePKC6YAoqx2)(8aNbYTKZKN$V ze*XNB$!nL@WQ5_PR0Pw2BGWL>a-@*z*JrH~o_FS4?#|JMYeWxNHfPFvIyLicdBpz( zgMcaAQ*X;J;;R@t%hr_UI=sRcbdHF#N$z|j zyd_$kVU%x$ivD02u!yk&F|$17=c3hBdZt=1&#wLDuN{|oFyyAbgi-!o2M;7%<}g2l z6afPL=n^$pd0_TI?oq_6Xt)?YlnEByYhezwU8q`pU#en*mh_rZ?9b0u+1vUpBr0Wd zCBZJE3s03Z-?kW`v#N;We+kJ!BmO`Uw=C}+J~ggOg3Qxzb&mRkfO6~17uUXavBs`n5i7$FCU zLu_wk$F&f*_+=_>8sZis!lna%H8H!~S$3YN=-$b%M_%I}w0}0?x&C^(m0N{g_xD^X zimMo5c{=&+DN5a;yW82t_xxBhtC`BVk&~*g$@X&e(OLx!V9Gi zLDT+{JYG~gf|w|x5=E`aIPzrq@&2YkEeQrJbn(^PARsX>Ll0ax9(&{((O1_!xcf5b z6NBf(!F!kDDxJMGFweEDbWkcruEjYzeutaCoEBV39}!qx3YHf^D@pwwL~_Q<~4a5up!kv82JDCI3NNydk}tNWDwn4 z>vX;Ps3{`Ds{Y7xKTfJ<`PUag&xKE}1O6lLZ?6>Xe9;w#%v~9Mg0X{Y{{gs0zmjsA zHH;hZcBlZ>j?T6tIXBEs&}#s$@T10mvph4wf`_p=KZ^#Pvg)!vQ(=!6#%!7~>=WNt zt?01%;wFpIm!lYc`u_6FThHU{nPOQ8OvHp6IwfeJu56lyVE zC(A#-bzh|Lqm51pVvlB^4X%1WE|O@;%jqJ^i|W#$nf;ERU>tqG%5B^0=e>17T|>`o zTH?Q~-+6Y^E7%-|LFYmwS|Zr7Io?`i$r^(Ytz9yUvv2#*&iAH_t*IUkhrn5sEJ;~M7a>jg65lKLfuTQ0=gbu z-qP8q3kB*drWt$P_`*M5NC^#?ljVmgP8?pX?=KTV%l@4}Z7v|-pa5SHvT06_0f0O{ zM;O0GJTlLcSM!&#QEV>gVueApwUfooy7ALocV!Rw#b{AZ%#0n=vaMQO(qB7wZA84Q zlzO=1IUMOKm}hlKH&BpKFnNNY6k|t77?p<0$R#3KdX>aN&UCJAF2^`7Skv!$NfDQK z(mW($2IS^=s=e~aQ)51(?hX(AbCKXLb*XQXBUfFnfwe)yu6?xp1>Hk?H%=qtn;x9S z#td%_7Soxn=;-4UR-;b!bYr|-y4-~~!Iib_(!`|Q5M84SB^V!AS~M}&{vrr(Eu-3S z5-`XT37TAIb}B12=!!V0Gw6-3^5*5azI*urXggb_dB#x1+H%(goD~Yc>NeGPvRQq6 znyf0uc9FdjV$souY8f7QU=e4q5i45G{3<YHSK!vBR)vEbEE&(BmYB` z_h%j5*Y8&^VahC!Q_8DEKe+Sws=U*!VNPmdg-A2Sqw0j) zk1?m~#-2ynf^rJ^yb#1e9)CF2##MmJwYq2|6^@K2sqWxu_PM^(HRPury0Jfppq9-TyaZL%$= z+!CLIN!0X93Dc&=f_!AY@B`i;{3iyh-0j1XoZhFdC@(zRScAWe*20wfIYL`l-4XaV|4PB@exT4rv{oJ|a{kX#1 zUk$ti@+T_!XdQV}{(G2-sKVotekAlODjO&$EH8E8QaV}QDWTzTwflxvD5|IW*VRIF zW<_;OW-gj$e0kALZ0oo~?p;o(>$Ue?&xZkw_$4mu^BoZtIf478Tb9^RY8^75T&5rR_DI9Hyjf}xtIG>VlW7K4o^=kUZXU%hf zkii43I%S82GC11pOZ@lZAfI3MTw+4+Qah*yZ;~s@2gXM;?>(Ll+<1VLvHeEzQ5^Y6 zI``|f>I(7xUS;AFrze?BC-y=LOZ@8ld%QFt7xUZ4O#~~p^*u5l`u`S-{YVz*f4Fd| ztZ#@5Jbc7Fu$*`xlG<&ng%jmxcYWSDXjWrhp6V7kDAH8%9~s~WJy@;SWTjCTu<*6H$uE7{z*#z9!Th*wC|oK+HQw9QSLFrG&4o>$2;;m}CEY&{CYi>8Es7zHDI5Vx1*K2<| zySzklCvs0q{`l?z8ej!`*!;SKM2^Q!z>Hg;oXKfPK#aWiX;%0I`}+%#E?|PuR@j2i zr*EzI^k`0XG%_TFuz9vQ^_}F->M6qGp@o+oKw$Z8fd2Ub@BABYL|G&A52v4cD9YV! zcV9^Pd&S5Yci_D#y2mO;k;ho`gmG@qf%jnA%%@Or?A|l`UrJ7JNxcDu_m%xIV zSD5c2ocKm?UKS1|@7u&`qA092DTV&*Iu-=s`C|OzD*GL}UXIf#vF5`6mn zUa8#UyRzyKn-x3%=jg)?lz^MD)=G_-|6tx-J%QLsxY=MQ4ZX+NQ#FhNvFE1I>1zJu zk)7Xl?SjAirhXdQ%}PC{TY=xIQ-1LpJxyRz2Z-w21rXKIgF3+&BuXHdI)s!;BYPHt z2LrmdexmV(pKsUc6cbOUAkH|U=F|4*h)GDx2#&r!_Xo0oUz*v}lYbF&**b6#ZG}OZ z!?-5mN1YQHcAViYe$u^6$aq z2TE~I(be4FdSz%cQ*tfO!Cu~tzQ6l(oKw*mcieP*`7x?O8<@RWn3X}hjuUE7?DadZxB7g)-{0@?ef<8p@7tYT z*L9ui?DIV5S~$0pv+%yw^Wfok`zh*Tv+>*2mY?p8R=hZK*`%^@eyFOFbRf2p_HEvT zuh$F6>s_nSL#M+KuA;=Bd3cl&_Hci9lr`(yeQ9E?SjrA(;X!AwGJ^C8gGWJ5ZiRQ) z(Vz&p{#p+3^0XP1(Q`a)A&;dqt-#$$4tcEVlGn2=xL^LTyHtD&9a(E$EDG;>*G~Ps zOW)AGcTZ64^Yx6Em)%KJWRpD4UvG;Y0D*82sl4-3E80Ic+fjx4L=?g(T4xW;tXvd) z4nN!+UG}dqc@Qh&Hpr2vX|z0lq37`uq@MLH6&3#x%m^VEwLa1{g*$|J3N)`IsF%5b zV5zSqN4Y3vw%Gr8E&Gs9O^Xl`vBZnNc)?Ak& zA?NV0%vYzmneh$v-V3i+6e@k$gYr*&&}rZlrk6fA{Z9VzdhaXl`yTcvs%fkL$mHq% zS2`*7L+NgWZ>8O`uDMD7l+lbNHQ`D{Hntl5EHg%;wmQ#d85Ln-@QU9@DoaoLRu}YJ z0dSKFNGY9P5C5bDMGSe_GyloUI$^G*-|pI8g|}j%a>7YO8{V3hz*GR(&7eEd`_Ep) zo#;{%d5oWQm1hY;+smMQD}sYs{3n4Wh_iX!g&z%k^9N^B+CS*-PgT&HB2(%W-q`oV z10KYW7cJ-C=^*-D33fJ*+0@XkKKIta>L=CnTsxYPcW>0G4oJ9ynJjqKJAE@ zii*HiJ09ym%}|%&Tp6c@tYigOVSY1mvoajNOXWVk|DJVtz)AQZ0&?R>Z|})EV+@T4 zPoHD@{ei>%r#1+F06;yO>rS8^2z1V~87jI?dEgT$glCy@5J@RoLQuD8AtiYl(%ChImk@e)Z0t{hLcNzgmPc@sySSpRMX z29*RjIebn;Pqo-30SAcJebF@-Su==iacJruXcN(n3K!uT!l$2DrUtL9oUU^lAJD;-uzUFzr zO`(Lbw`i@RAX`(>DO%&4%9UH>WGTJy?;YeXY(QNcEWa_R6n4I4&HC$Zpga*LQ<-Z4 zNlKeY!_~Tl;M+q744#f#@EQ9ODG6>LbfxrtJyc4giXU>wnZo015{Jik4}GP*y%&yL zOAGv%xVEL@(@y-m2zUZc+J>=Ef}Rv1YK{{i9?^eNWeDecC!KJFEWHbMEgA|z?;2pG zt#D%QFBvGIt!X-A@wClO?KMR;VN>swNX1Li37>RS$uJ*~?DT)Q*6UIsxzu~D!8w`B zA!X&wY7gbfEfUEftRsCI0|B%qFUc?bW!y;-V4YOR;3B0?=6K63Vp?fD3!uK)Z&@TSsqkfy@|V72N?FC8J< zQrO7(D?L(~SDD4sd+mEg>BA3~=G>me{f$K$LlAb6ASzaZjE3t#-@l9olr>Gq{?}^a zD6W^o1Thrwu2+ac;J3aquCMs^=|^IT#$n8&T3;=(y0Jpnsa(&2*1Uj<&Q+qfe=Bl+ z{>W-qkR-TM8CWkx`g-h>%8&dR zJH2G#gzmBco)T1_>?iDO&y@$?(zwbqw7^J;B<>ocZ2pNV27CjM@-(EWfh)s>EB+}W zZ{W&z%3M|mS5Dpqu6z)};oY8vvL`8KVPSbV%-eq3B&kujg{SSuwHsWjNP%a#+C3NP z?0AQbkB?t_Zu0l{up)r-%{2*Du}CiF(*_j&5soN9OF)H5Lz~MSiiM6`cWR( zW5kH5l;{hdEQw;_KUIqWoK^=~d(mBGw2(qYz>B8FeznYy$a{QY_t8E{FCQ!J!ORWT z%&fABs5jU9wAu*>#~%P_WQxXbsOdc8@hT0K<@TQn!mhTq7jS-MJ7ey5+?Vk>hKaK_ zLE0=a7@f~Yl`dbpWmyrr`@C%Gj;#av6~4J*=i3z1c4;<$nH$>X38sxgMGg_|4l`3k z%|fqL2x>R>VioM%A>5qUOTY746`I@l#Kd?aWu*4+V|=bAj2qWGI`oz{H|MgGEtA9a zLA!~4cbHcxRbE^S2nZN?q^cUZbLg`&(VxCVK)ct#s?X%q5LM=Rp+@k}j$yv}c(40E zwyLF# zjv-G{{3n1=^oQJ`Iax+LgmRu*HwDY{eL#9PFhUD?RECtxu89*Hf@`D&RCS|!rgb} zE?csegQ!1e!(@&p1O1!(9_U2lL3Rl=m=T!@0UbbmNzU$Ml@{pab;z4zex(Rovd*Uhc3tQ6g*}891B5Iv4tBZgzSDcp?0Iwc2$qM!b%jJ+HHX7bwA1 zaSOsiyg63)`Cs4fo=WGS!0zeiGuV2(b5mr&~}!7B+QQ_b?m0&JqErzr7!FC zw73#DZM8e27lZk@FXxw*s&Q~|09IX-PwSOo$(4$t#^mR`t)RH{PSXun-hND3=p-$^ zC+=E!)T_j7w7I!y9i*)oKQi+>m-FG#!lbpR#Soj32q}WpUA{Q{{iEzlB?^8-9BT0j2S-96M@MS#g1SQfd_4AcW2&&mF6OFT|T8=t5v$w5x2Q z19}`7`%jL95_;!i@Kg@c#IE|3V{NhS^<2exA?TYdHX@=1Uiyzb+O*!w^Duj6MuGlf zETqbtTbj-9F>q`w<;@n3#<#ZLaV}@Xv$e4)XT;x>Dj1?Ec{p$ezrDKAAYfr|(N)$q^6qEtao-p#7& z%*VVb-`Gnj-dCv2u_os|vAhyLxP7B7m*DHGFv_!7Po_3-YHbwJA(A>a!;h;})CATo zWQDqFtir$acmyrORA|=nSnnl{(BpT>O+s7C?ELWkw;?$1xT2viq>Ljx z8ByZz5NZO(3e3EqVq-2sO(oA>E2N+cQUaF;)D+S)KqnIb*!(LIfX&}+F>lJEw^*WM zXlTeMD9A>aTFX_mdMx$vN6yaErm1b5y8H6J@O{5pT>np(@t)sp`o$ZAvuePeJoqI( zI2b?ihC|xU;ZawZ4>KMo?+4kk-gn_fF^mWai`^6L3>8VVlKc&T8+pi0j(+qu_QETa zj+rRZInZ1*yE#2p{}ck;b`=H_4_fcH!fh)wyNt~f`xTHD|7i+WVPm@C@I59Ymk5+#qHo>5F;Apr|yUA!f>lnxmeWf3N zsM_BsxO1*-HW6n~4&JM+B-PT@9qxQoE5YSHIKkk*KfE4)Q;uq;u!aovDpoe*QGTmxGR^dc{vTXbb`M z?VBkOBEszjP|CJ!F<0SR^l!1a4(G!oBZ;l;?PCd*4WdLHyt$4{N_GyLl;(Nu5zj(| zm*{-BoFG3(O=VG(qV2`3k`h(G%2zOPrFXTc`k!~d{ax4z1{(fJ8qljCh#NWg0`0xo z!xfEDsP2KKG9q&vK`a$zy4qhnhKS&M8RpF9aX_^z&>>0|_HYH{NyA6|k_rCMW>>rlVU>o_?>e$&N<4{xb(l%n1H zU9`W&aZV3_3}vK&o&V~@A?*`(-tvyKqWY^dk^UD!bpH$LzcqSYP-^TAKbl`!iY_eV z*&T+LAQx}Hh>6n*ELQpT%+gN`9P@arSE^LBv=OlcwzEMKy3DSwu9xo2ckj>%x@!Uu zCa>bCvw~pe(RCgtD`hKWLKqyrECPx5p+7PS+Bv)>?V8Yx_Td%qPqg+-+rC3|MaQD~ z+EkO8+N-06)j77?&qbMV#H%?L^}X%&uNkjSl=qp6zC^ml8eKpqiV(wpq4u#-1djpw zSU(p*i?AXnOgAK%Mr*o(R#EY#&T=cMdT2w<9Rf^kE_o^lxDzyBIgVT@>ru zL2cgi>dpv{j-P}H2gVB~t~n8jzm*BAbKl>;SEU`Q{cOIP7&E#1gED4jufL>;>W^Y~%x#nqXpJQ8HvBkLE^6~+Wr;3^ z1WOFgy9oc-;~WHYA|ov^aTp8?ZG$%Qg3>2WK&N}N75fQ88zG@;M^E-INOnb0pWFX>#{~?*HA2f<-K9M@4oKP73H5@>AX!% zi^m&2+;}f&ic_{<0;0lo*mtUQ;I|?twK+WV{5KZp!q36t0{ePSoCfSGA+Df1VqZ@a zvKgX76p6+kND5E{g^mZ|y_;WDNabzTklq3_ZsgF$%gdn9u!g1KaI&D*XI`D1`z;we z*B8%eYlIO|66eu!wi@sGz?k8YT>>w>5FA}v%C~aiwl`(LrM}z56a-$6_ue0DO@k>5 zmKgr)UrC~&$B8@HJxUSEqa+dMNkRU7sxM`FphH_dTAl$?OhKlrO4A(5?B z{&&yJuI&%B?vbA>wd!GD=jKiodRF}MwLiQ)TyN^frC+Jg-q8U8ZZL$3 zZjB6hoat+A^{b4QNweTERy-NtPGk*tFpl-kh(V|^qXI_b{8cpgt+)>5i8yBV$HhGo zCuUUy>3hijsA!4YV+TOqbO1(vo)m~B01?ZL2V)WGE5cmaycP1Yx&fcwTNyeZ!!)pn zSoy`-{zqbQ#`R90-v{R+Lswh<8e6+jT(&99;or+{Q}7ybmEHdu1s)MQ2L}T@xm54Q zHq|cG04GmSi0+a zhdu-#(`u8MxCnM(Pz!Vis^IB-5%2YsDoynLJP>2$m1ZYWuqx00{ektb#OrB? zKjVKz?^iPWv|LCWWKJf`*(0s^+ImUymvd>UvaywtAWr-J!Z;(T>WlCKL6tp1bp0;g zx|9Bs|4pnT_%QN|ij;+fgl3BBkDrBv++n`JB~T>5@QSr6NA4bJ~$jAQpwDOOEoyN3z&f~3^?6>MtP z^1Vh}OYGCFdstGL`07?4zc80oN9dL!_2QO?ZjjGi%(xH6JUnGm^k553RQP{5- zb9y>bU#vB1!Qks-rfL!l2mC50gmlSWe03+;mqsPv*HQM1<;XLR@KEh9s*_nUU@Ej8 zJ$mQj>IzSltmHEU_^j=}a2|b9)!S#>_iL!MH?n2NqU_YGBemlno`W5Y-GLf0v19A; zM?vjr)}~S=EOP$6lx)q6#JPnW@siSAildretk%^^v182%rAt3&nGdq+JIeN3YNqvw z%@4Y|Y%-5|%T<`JrsP?7O(`78Xr*yvX9~XbHh%y8>Wca%G;i!Rkm4(=(_f;E4QfsB zTFO;aGd3>r&c}jBEgd!+urtU=<{`Cs}*Z9-9(s`j%GTWpNgmR-KWtoc-&N0` z5i&Y4Z>Pz=;iXa!-A~*>LO}*mEBsmUseQw!iGNrCD~wy)YU%g2jXBua+_JASw#g@Q z4P+)43w(PbpVxGO(Obn^x#D-U)dv>M3DVeHR+I5%nwVWzfp1YuQIO)LTe>$x)&BLE zgsrIq(+0!bi;HQ(eQyJ+AS#LktSiJD#Qr>9f+t-F%B%hrkhI^Os$(*(zVgKd52FPa z?S2e=MW~s*|G_V@{f643ysHf!#p>QK8HN*l-;|PmE#XVdUvRzgB|mMCMxkOU-pohW znhg*%jvL?>cn>vj>$EH_vtcb?6`DI1N9T36 z?e#^u*VuKC@yzOwjI4PQhs>xTxi?qbEOX62|+$h*H^C>`_k=eyoWVz zhx#-KRo*V@Y7J8?d4Xdiop)1!oaDG|eFuw6lvsvYrHOWq(t*68iYOW7IuqTozS9{> z;yLy*a)z04FcW@#;(8framZ(8)l$totOD~E_B_G5%HvFt!{1s9t28MiPMkg0Qd+fR zYkc~j=!c zF8bbgDSWf2c%5*6W_iiZdZh+Elt%g6t*pGP9%_{By(T zLlo}?H%!RTg*5XIf0X6hmU3+o%T^XEw$^)S_{!~qyHV|tIM1F#7^?mhNyF(lp(hbE z#b2(zlh0-4DQ{l_6T)qq!fm`q6IHxSLOtRK@!xtZYPM-tnq_*!r6mVeP;kLAS>AX6 zDCYjiz_#YOw#D>?(JscdhDXV+^OZU-9OdXi|uSVM#V84=@WE>Ibrotwe$`i z<8}*+$>AjBzQb;&o7eDNH%B$vHCc-iVUt`aTQp&SJl++vrrl?|Xm6W`OKFj>> z(lshihl4fm5^-Vg4Bex}Uq)A541($}+<2taui>3bkx$}%PwYB|eC+P{+#?%BwIJvI zSc`W|qs${K^oPdwt4M8{mkX6yG?gm+7onT&`q)}B)NA+1_4|T|DA+=M+?i__9kv_c z3N3Rb(^DFRilsLr#NxYKX4~3T&E|)u_x~*2n+wPdBh%hyqE642YgD7t=@FlgS_OjD zGRIyPmu_6aG(yTnZu`*+$7qQ}W=#`J|C<~!#sWoZd*UqdYKmfeOf5TUv*UH|V`J@p`3v&?%cs;`c}F%?Ji( z{rFq_joB0(m70K@nj5V%~447XHKio)klloS4ElTSCAN7Um?-=!#b z-b>+jcZo~UwMdNfcGm=B2%f{n z6iNC{)cky<)VXiRA4QJ>U$}(P^Lxw~@r2X&?Z4s`NvR%USkmIIvS=x+=%8jE&dw!W zSts+w$}kFF{j;`^j~K%cXeNk?Ac66N0wKS)|N6Y?1J^8>FyzS-7F(mFW-}K(U-6Lw zV&1~Ix`(~YGL}`bF?dsEt~I{AvFd_f7gir;>yD00{b5rm+I@(RiIJfvB1-RK1%R85 zyVPV~mYe(L(=t5=%CE`HUE)wUe#>sv}8uvw>mj9K;8%XuKIj5Hukw!73dW{}h zfuyFqy}gli`0*g2FC(LwDikvmmx7KcNAJ{s)OT~0i#hxH7`xg=Wm!qqcP~_WMy~^! zdZ?w}gk=SeW5|m~T{*%HG$*)_=XDs}T{4?mw=dJFf$zT~$q3{GA;yJQKU!Wpyn2x8?ME)5|$XF1$wv31(3v%e&9>7>B*&=zR08 zS}#|L4h!B?y{QG#V4ugvo492ft1-Q?15S)H`E1Op0e8>lut&lXfebe8%&o=_BpKlT zcrpi#gF1x~jtn}Al=!BIC{kr0@;a7sMHq3yRSeFHp>n>y4doRTZN~?@p1nTKGEbN- z-aJwQ{q>ej_1=p;_hkl@Po12Gnsm+K?D5bw`?cH0)k3Ap`i?`T>v4>ST0FVwTb3pE zfr=`<#|Jjf@hMjC-!OY7LT8hm>g7s%kB_lOmaj8@mp73dcBy->3+bw9mcDFZA#U1h z*z0Ubl6_UQQ<-P0q0nhy6PtE)Syk2?PHEls;V1bzv{Xh;z4Xni&OOk0sI{#9YDVyI z4uqhuYdX41L!Y9nC{}oYH*!cQO7!^6F`t@WHr8!MNi}s%uC8SRb^;2nh>;OJb{?LA zFnTU7t{L3h%A)7eA8q}KJwN=&YQ1jwWTNA|D&BjjdfX>Kd&1vhzowvr+9UFP48NVB zC9|O+aqYq5>9nV>!h*G>11*ysV^+QBRq3L#@~X zOb`Hqvvb*j*M#X!?`la%60eWnUzBbn^V5(fNm64EU@&3yi_E~#9l0X!W^c?OAIB95 z1tD$>`4!Y1%(zg@*ynFfI)YOaKH4Oxvp4Ktk=1d>J*~+w>2Z?zSdz52!698qv9k#v zgW@9<;LC_iQ&QKaKmEfTM@S(_trI-L|4eF~e?Gg|pTGVygJsxvCnY9MJ4nWldQXWC znxIYIyq251-8ha($|o|!s{bIF_tEzOdL-@G-Y&cNHH z(}?EiL^Q`GnvwfBNc`5v&0Kb*RO7K;9ZkqD7=pSBg2I&VhkX1X6 zPNPMYd>Wl#on-KHe5~;?Lv^=#)m2Sf zn>92vR1Z_@$_29Yu54ywsM`<;dcKw4q7~sLC1r5V@0g_ykMwUsCLL81cas(;_|7y( zt04}LFkEewfDrKB!ROxVe|Zmz-Br%_?#LraI98}_Io<2CDvQOGB`wxq>|+SjJGHR1 z1jff_XMO+SYcmNsx%RhqjIQYVMgrFrK0daMJo%Y6&-jjm-HoiuN-a5gd1jc%#B7o{ zh86rMqOp3(uyjr$`npn1swPXr@eTz}McNyf29yfG&7qq@N1dZQA%)cUK4ZoOBvhK7cWtSnS~eAv0TU?y%_ygpWEK2yO{ zMUqgZ)|5QH-JhgPrfUi40x6PHmEHdF8Gk2i+hIZcmTlMWr0xC-=N6e4b^Xw00V^I#uB3D_cpHS~9qsPB= z5rmxG?0E8C&V8nkxp!#jamU(I8yv2BA{iFP40k>}TM?4jq;`_stySShBn?_h0#yKV zI`q7|N=lO>Q!c5Hve27O|KOSmlu&4A{lCZCfey=6&VYoDqafE{k#Rh!Wnr6q5lys7 zv4+@X|8<{4`Ai zG=+JdPZ@|R&f}Du5mt`!w=f9jgu0gz6a~A`ML{DV&q7n2lbeT;0lI_@yu`p2vH|Z( zz+FLc+p}50u-)w`x+bVTKR!M_qUwKKyj{%yZW~E7|JRm4ttQ^6(MYTE%x3R zcoRma0Z^;${3lN^yY{-BrZMC7G)Mq%-@>S-X#_(P0_>X|e#*hE(BG91f2QJ%>%WT= zj@-*653;S6XeYP5`(r1g3{de%-2}Rukue-5^^m072+jR4jQI>ay*m*A;}|S7j8^Ux z=-@RHXE~`=S`u`7AWH5v<_|}ij~T?n72eeaIx5#H_BDaEu`vB|XE;fUMfOnU-S!oN znPH5VsKaF}bW09?s56;bG`4c%J~l$@s>erHPr;QM0K%4W<0W5b=UABVNj2qn5(3?O zA$W)+VGEE}j<+`|ZYm>1rp2iGQwU-YUN&^J5xDfLK(@~Gg+YW$BSwYyv%#HJKl_sS{2YxeVHh^`inStOdi?pb`(m)`X=R z9WmqduvA-6{+~>d3NQ6rn)N#0BZ*f%w*fhEGqZ*tnR_Q8f#-ksS>{W624f$q&@aiN z@*srt0DVz2FyQiOFzy5XpW}3Em~wBEnv}B*U%olSlu_cu&WqRD;IUVz5d4D{=7|=g z>Io<|2nofpTwuhb0W(nW#t(D!FshT(SL0VmzSi7){|Bwv8UQ|Y(1M~E(nkuKi?^4v zyK!)EW}8E)AI^NUUElL#S;Ogn;$2ebDTkhIgT?<>+gCr@xTjlVUWpXx?|)6oTJgyW zqXoT18)JZLV80Y8ij!pSVrS4Ee0seo{W2aWWnm1GO#v7o`^X=146HH0sWQInu}DeP zSC;$#lv;s&HXZ<}sPE^|LBKL`weITDgn8pdF#fLstWm4hq>X3MvS>FGV@7eznZtF5`f|}x24rB3 z2n&G2%rLTR;HHJ(rhod!I91*(jQLwhq(+e4=xLZB5yoI1kx7$f&kCHtogv zTNV4{0HEof(VHBBK7~&i#bh|aGZQ}U(uMgiMIcFD0{B`=ocKb(!Y_ekN}#^?pDFF2 zHowBp;$Mk#Hi&*#0y>1c0%6ICSW5%Ii*%WsLsyA)b0sA$hY%P5oY zZIU?MzL*y%PS{BmUx5phT42`7!Kb8C*E%bk6ZH^l0(*`EQB?}2ut!8Sg%uQ=`_^Wg~e<+44vMO-Q!?mlOTh6GB5_&_0o^-`2?&3vE6T$zdGG%$iV8YlA%jK zV^sPc0MlG01AAa^KxL`Fq=^FYoktY@m@uioM~OL3dy4 zkqk^uzJ!oN7A9HO9=Jst*sf6c7V8`w-P`b#IEVg@EP@LIEM0{e4&B%Y8#y`ox2U2g zA6|Z5^}4f8P8gktc|!=gCC^AVe};Ka;+|nlT-WN@sWEOK7(aFX1sJOd9lX2JKCe0i zq1~kKFQ?HU=|VFNE2M>Gk`_2^HHcaCsx#<;=^1N$-w+2Erww3rtW zBEtXUMsVeKE?A+Bn;z`6@EkWyN2EkE3`{uMK^qFlDD;kwayWM90Ks_7 z*!hRg*{^`4Sfirk1-;FU0>JoIyKnrQc{G8leYBI8QZsNF8(R#X!30nzp9A-!{{oko z+i@|Gk`n6<2LhTP)=Iio_3l- zTlf+QcoV8MAtXGs?X#4|;*syx>goF6CAotgVw)WL9?xG1--SPzP>+&Pk2!{>Rxy=C z2UIOLf3GmJ985lbBk29@`f%v9U}3`469N+t96u~fydGg(CjV3Y$Cf`A*l&x-{*qN+ zP2H{QlBN^B;{5C8#I+xt8=_yz?HEpbRz&jHM=`Urx7pS58QrwvH=+`6=EMn2zZ-gS zZRA!V`yh5$vZ786^RFq3YjJa{$uk}bSinynxW5l2!-a^M0duH=`bDQl7Q1i9-7XdJ zS7aF)o2$4B&Z1>R<#MCYr!17j3T7O?36;9WIM&rPe+zz7a!ShNBE~OYzs7dN^U7~U z8pw7DUB(IfnWTE>4h}WOy)UdKfl{gnitUu29(H@v&b7({uI^<$BfWdHl|1ZTvXzZJeOx8@iZ%94rp7c3j*5D=(nZqCmuy2Nj^+l+&u ziKXA>wITyx4Rn0}oOSm~)joXB=`I2_H^e^+_7%p$eDx93tS5oz& zkd6_!oFDkbS7{5$TF?rvUqd;nNU_kY~Lr!wRwAe`IA++ zj4zWKbDb$Iek>Y3T)hohUK(u>9So{lPfj zBdiW9WEIEnk#=UsS{daf*$TrKEDz_*(@?XxmC7u5oA0_q&lF55J4Q40eJix8U2nTH zRl@JQL15w6;~z_D^>Hs-xJA~>Af%;~30}`ERtFv9w#eru2#kR%9b~3KKDqxqFV_08 z!Ih*5 z?6W6)=)mNB_bZ;;Gh8TY>i2gV^WKODVPBeny8fZ#T{PPa+Nt zQWG6`-Hw#u%V-=#RE5pmZ$9$hX-M5YXv)Y~dYAr8+YiG4>7YWh$1p!N9>VmGA^L%16Fzddg8oDqjtYHGQD z`R<0Z6tK>PL}oTS`N*VRf_}UEz)?eIzx@8VO~`{;1Z?$5pL|wqRDY9+`egMdn06t~ z+$U}xd!vw9HjkO-Es4Z4T)ZYxPe(9EOT*eMlS}Q-tv5%CT38irRd#-uL@sv%i-*i8 za=ZRZg!&x*m%au8&k!coZvWYLODHcyNsS{)UB4-i65|-pF@2>WDf%kf2igYV+x7`< zL&lIfs-s++6}^8B+(Mn~&<* zHo%d2n*NV9NMB;e11E&P#bkX*FteF8`gu{i^Fq0ebDNo zkmrYkuPv6LQE%G#O`YDN?7mUFe0geMJu6Jo5ERbM<2y5G-EQBQx*Vbn!_D-XZ8 zGe?hVO6?BNRFmV@r7-*p$@DJL*bFY+mOSMrhb(vDWI0ehp-zXkGG`EqwgW{uw4V=Y z5CKI4IEbEdVm2>H)DJ~*ODoR}+8&*Mt7g9VJFV8O*vKOVDWdT!Ov;sjhT&=H#5y|b z>(VS^opzg4>yyS!1du1usDvS~y98RBF55Syf~ z$!E2d)dNxcwZk?<7>l`=66}VZ6&`L7d}_~imwR>g*EgeQTQ+n9YnRYXt0v(Rs$@-hy`9`$OEzAkdT6b^!uxp32RLZuGrYEn ziMyi*96LD6x_br7suBNmkmSK-$H~t(hkch*E(s^|&aLydWxXP~w&q`T!8$IAenmf1 z=H1rUOxw}>N2e~!!#WbD{idS$+&y>0+Ow&A?Drh46O%G;&G@6S;**cy@H>b2^uAbq z6q925D|koC%ensE;6h`>v zx9;W5pvgR`3TJp+UYr?#`UzyTHIn#<&g1@0JvG7UrTvfufwf&CH%WDhNp9mO1Fre> zin#O|CKr9D;5Fpo1d~_^_v#-13ib1;A`a(wyT5+Qw0BM_E?Bp?gx;wqV$+LwU&9lF zhuBqJg$*>8=&*x+vK&@Op|C{e4mKLY36An^4BzFEIIT5vKjjB01_e<%SrR|!L}yIj z<9pH;qytaCJ(H`UP!x%0#6x>(kCj1rf6r&9x;!ZW3}2_Ex{l5R{RYQ~vsOp*A(A`o z1Kv~3rjUB|=F~YIn}L8FG9nWU)t9*b2!HgcH$JBM@qyHj)l}5+8pi++TJOiE6;su{<#JEiKXq+P@DK{Fn{2 z5#tuIh9-MUtnWsZ>gQ7gEq^*6he~EjawZjvs2h+VyA)vq?LbHo8$MFIK}DPZ&VXi0$+)0>n4ak$P{2qM4d2UDXgtLTYx4B`8Q zL|8UJn;*T1m8-q{8*D0kd{E*3YTvEiYDIMirn?kq!laSFx3k-2`EYk`qxS8LV-lGV z6N1H03Osoqo6!J1EpZJj<5&EBuVn6Kos0+DoJj{f90`9hR47wo(% z=2mYOx1x?~z7rB>qfpV94PFkZ2Jh9lChE-!m_D}%-4t*}NV5qtR`cB@1uYp6ontQB z4t;EYiQW=9@Q(pLZXd7@g*Gmx0B$kL(Hf!Pcaq1yI$VYy@xxNvF@C)j_SYPkWf1Ff z3R91uc5MO77mM*~gHxc3RqQKQ9xNC`dPFiQHfp@dqK_tJ1@_RON{yHl(nvB7krYDo= zT;>?x`*&xTd$dAd1|s=-Ty@m`@|6rhq*o0{m<($bQziUB$eE6~x(Ar_heFs^jd{_5 zrw=$9F{cLGqha3FW5dbASgI&*COFmH3`TFAw{uapf)Dys7jX*|#hLOSU5Zd0bd740 zd~Z#3^)e!I+5}+p$p3~0`#`-a#CXAp<#!QFN1}=!Ik^LYSFug}vZz*#%V&6B0>+-dvt?rgM{Vszj6gn5L6FJe`7{Y0}Ys1Z?& zErGEzOC<5vNC+(9lf!rOI>=7Jvw5e&Y`7~CL!&4pBdg#Sknh%(2B#WjHDaw3u8{hB zszEF#|OA0xcFD{oso&MG(A$u0jQU9e(Wy_@E166=N!zTJj1s`%KA8olO zeQvs&to*?yDdnY6gcPEe{n;D6-4awToeXb81;B0T1h%Q5R~y7F?sQb8SE&JoW^fs| zkG>J}V-|9)JJKdSN#jxOSGxTLY`w%6Mzdmlqgd6^oRx(|@%B4+A|N^wj#4dpCky48 z?p{I8l?hs3nxlCQ{b?}wDDTi`yG|!1JWkpQVuz z<5TA7rrnqRjYrdSGpVz}%7Sj0ndVLF8h7$2CS(B$h5UvR}(xnBJ4~O)9R{G$}=7 zi=TK0qO@Vpoe&r6ZyKwKLNd`gcxWY~3%aQgdC(DlD}~s^_(YduV1XP7O@kagsseTo zfbgxJ6xiLcO%@rDa|Ju^!TE8a%J8%E181mC{_-XAR?aFe2i^(xIUWPP!OLc%Q%Fw- zCy1r35S)yF)C0KDNgq(&H?N3b6vcQFb@TuSJi`X z^JQ`CFt?6`?|j9c`Y-O@{~KIr5QF@0o=RQGIE~t z8UL(=_c`U5NG9ZT7GQ#6xX<~qGf13{V+f!>y9w;qmybt`{HhYZSNVhROl^MCaS>2G zi?>MQqL03u^!JyFO&1p^j5?@^2$^N_E6bvgL_xO^&}~It=EMl%6BHL^I6C1XLF{i7 zxH34wGWeDF-6#uA-lt1kpwpc<1JMs|-JP7?^fb3rnv~V~c6T%CgXpO4wJWa?J&Q|E z^hTmz+fCH-7gJC${)W_fLd zD6D!>;1xl~uR-ix#z}0%M*s&5;RhlWMU?lsevaEBzbNLrx297ba)^oLtwWv)|Z(e5ut}o|~>bznKc$ABD$PC0M2BN5H!j zk8i@FEAM}#~x10#_jbRLK;D1a!cLrDJadcrA!z!rQtA>`=TnCTC` zM6Hl3>Zm{4j3D;5{#c5Ny^Q|IM>2E_uUDt9l*W0bYv&}vppancj68nwvJkwM#erw7 z=->TA0t*&-5F?Y%UM2&ZJRoN@$_7b(sF$)^PHckF^F{*;Np1>q{9bs&HJnENm}Fq{ z)BBFrdK#M4^fvTI4!9lbCri2X>g1JX&LkDrd$;Jw28M6mz#j%*iWT(ymK2rjNtN3I z)UN^0sc(ot(E_`yJ@%6=`T+D4NQl6wMGR$sdlb@E-R2Swb5qYRD-)ri2H+O$`5r6)VVrVH+;`Sx=40jjzL{t_~3La!S5$n_mL{EI*}y z@GgKOj;F|xSn`r^w1b?N?G|JNU*dJl#bYlpPU69OqN;bJ(0g-~1^$emOhjHc`5goV zRmN9L+N5}ikq;iwyeoLeMcN4mKsLW;1YY&->2~9ueV44JCJXs0ednGLw&SAN4(y0y z#_!-=rh?aS!w?UbXEHTCcfbA|InyGU!uCD1BA$^|!&#g0he`n2oXu0I52$#7%(Y&tk^ zJDJ^?NWY;DeX-q=*l-G!)yIqC#V>Y0Aq4~=P&Pb9cAnpqMvUC*qlev38S4S254j78 z=tfpWkc3eyD)hKBsMjysqQe{b7#jnqWtq#klDe=GqA;tufl=JB6Oj11Ti#@M;L>o6 z`{%PGkMZNy__@SRNGQmx@;GbA?xT>)dhN~GLCcT`3ico+#V)kw_#dGsEg2Y@r+1i{ z5gtJ@Ljl3J*yKQ0W|`~a%3%Wy$@3)6!dFp7m>utCTi=XBKvr@n-0}GXzv+VJtyf4$ z_=lp(oZs~AFgJ8sgA82vt}0hh>=kBzg=j`8BvXQbt>C{ulA0JZim-+up#V`%`l%&_ z!!f}Qagc%C>;dzO8K($j{7o*QC#;y@7YxNQQbY97Y%nOxa&F-nG9?yhABJbZ!*Mm; z-xY#l=g#L2R4i|knT4;5lOh-6hQtl=T+?V{{TSg#Ud?C&WNol7mWX}HWd?(zw@H67 z01OTp$C(V|n@M{M_J!Q<|Cy12%E7X&V*v6s+@b$uxqufD1!o7^q$D8r7V^Cb+=BnZ*n0p&%rh#Gcil{SaZI~?rIrdCTYVD3!hQdz| zW>Lhr^CgrsouEQLN^uM#2`nZFw>dCcV_ozgTxbZk#HogeD6Je^PY~_nr6IruPMs<7 z=xK!{`N|iVXN3>PPlx;*y!hhK?Dv?SkGL%Lex3j{J8td*J$Q<}7pJ?PSp*%3phkBB z0aW|_6@V0OK>^22P5gOq{|d4veRLPx=myE*)I6UBjhhC8Y5rRV`lD*v8%9{nF9m3> zTJ2!G1Z>ra5fK}-wvd#cxvsCxL9VkHJI89(eg?rTSG(kyTUV4(Jw}%mbWJoY1UHig zGN{bO1#1m1L>w}mS>^I?F09Z2DV__#i z0#@950BmAQyM1V33 zrCZ@8%SDGIg4cOJrT1L%$BugcvOjW@APm#9Z2?>1B!O;hfC$ zRbe!c!W3nxAhpkdTNFPm>Zdx_4+Ly}!Tx6OOWkMJ3RL;Oqhgao?f@ zFVq&qSr%83`UGP8{KwyHclH{V0ohltFknGh?B3g#A0(2ye8TrH`itd^ew~ENrRR4 zl~E5H-nSU>D@m3*_SIp!St?Y7l)Veja4Te9#)W-Q8uSg_%y!x*k(R?_zF%`nGC={0 z?L>2xDg-PNf#=ZP$=0)AL#x6+2HBsVyzN_68mTw7r6(c;*-9j^lqvO1C)Zm#d^y|v zv%=?DcdA~KE?&V|^8ZG~|8F@Cz{Ew?zp3;fDcqao!c$>SprWg~DU6#cgZan_PYQ!T z*P!uN1a{c^-H%F;B9w~jt9xj^|2nl0hkZA2!bzg+I4mn7(dl6wDANk^%LK42lA?3C z`|azGVpZZ5%s2Y#ql&!l+Hk#5tL}(&qT6pIz&aAg0+=kF8=L$t9=^Z_xgH|Eh>Dw_Wz%Vr6jp*+M1HS z@*!51TD$WwhDIOYO`&sAd` z`M9Tbz|+1bi3%g{c@N}$*{rwu{80pJKL5})fz;if+#xm;CZFLfa$6MK@Np@l)A_yL zKGD%k7#$pe!9A>+Z)qdex7e-ohH!Jvd+(2shp0|I3yBbn0D{1B@rtOUVCf~CSuLMb zAQH?l$OxQ!*TzNy~?|qw7NiCWfdW{l$3K5@!U8Ou(RTg~p??OiLwTXH)ak7QTZ;rwKdS z^hX^OE6#$`8fnUTti4{-c!>&_3pe{g3 z1%e?%0>!3B+)>b0%sh&6D%(0PLdXUt!S*?+Csw$klyg%qRS6$~QlI6u5)RTBv%;^Q zpSFK56IN;N4pflGnKzc#mbG>6Cjv=&*ovfP%Y7=jTDRxW}l*y{|>HMe&^h7mX~2FdZq)p;usw>OhdT-mIG=@8od^`#8ZFVTRkJ13rFCc9_|%V1%nHkwQ!;Ao=Tw;0-CVLYW;H8*KYUxX zZ*4}i>s#ixEPUmtW0y-ubJY&Hi%_CP6Y&BJ8oZ>8J9J7%EqJERMm(;LRt*O|rKEhH z0(L(SfYJgZ{uq~Ts@)KePSCYW95hU{tm5G_?cIgd8qPupSdv1d* zA=_Qr=AVXB)n7EaG48T`77RkvCoZIwC^PhEjhH`1&&j47l}=Pbq9t2T4uwr`fIzTG zBv3h%NQcNonF4gDC!6rb8J6pV8b$gU94-A>tG{^UuF0K1%2!D2KAH3+ydNOtz#HX= zgAUJ0Tl;B=nvqWMljMJMlI?o|-~9!>lb4Pu<6;UPun@0PLU6gY(P}8hbtDSo1dtQp zn2c7U;VdguA$)tzHI)#EN)ZQVnRu3sv!Oq~&GRJ1MIADPO(AtqpI;d*eKs(8357+# z@FC0p>UlkcX-qiRL?K?Xv??W#5-!7LzAgvx2><@=>&Z|}?XU2{L6B?#SmeFX$DfQ~ zkwa@%?!?5Ga1Z0sJ#z^M>Yx1D;hac!192^DPyBdUygT571=GPDW@-OyMNF%kq zGIChRLidOjp($!Bs7GMTUe@9&e1_SDP}sa15U+?nk3cEmPuVZFQ>YGd^ODn3KcZY2 zw6=|`b#oM%|2*^L)n0~=E;x}Fdc{6#u{R}NTx`QFjh;MT2~x`L3}=N;e9Q7zW>lq) zZJc0p{jU?0RlpZ(bjzm~M7zHU7U`!34~v@up!T~%@mfyUT(!49rgeg7gO_k-&b%M1 zQEYDig6ngob)=-vtfMCGe^WYYn))`L){8$55#K;w&Ct2xtp6jnNCtTs#1$Ulage4Y z{8yUtG*L*FDW73Y>vr-Whaso0#G3{*sRZ^Qlh~a}k}tS_PRz{itB7K)Jauf>8Vjm~ zz`dm>-5FyA0D-*6b3O787eM3WP)V}#$==pr>qy`${!xabOr=S3MRMJa&axU4fbK1W z%CbZ{)UrF>;4BRV@bR-D1@YX*;xTUeR~iSl?Q)jI=NVb*<7$rM61b9p<7Lya1y;D` zG3@+W+9~^q$d`GC&LnQb~NvrO^tu~ z>T^EMPm!O7Cb2Gxl9s1k{b+`7@UiK>+IUy{!9&8h)q@lM0=U|zh%WC9qflAxjs^z$x}idT}-w$aJmg1C$~9zj0|RHZd*zZ|{&Zl*sorj23b2riuW z2EBSMaGDfpddhKd5Zx2(=aJyJfz9YwlEn)`z88tWDJ+0Gi{$}j7mdo(soB|Q;!%ox zzAN|idq;i*i}47`NailY@{j`=qj<$xQN@N=Z3sk>@6%uUUwVCCP187JktP>^PY+#l zNCdfwgIeoP0We&$6qp zq5^en=JS2Vf@w_su35#(Zp$GqKAt$BW303fDj0~0jG@;8U>b{A9{AlUMx5{uy5rAZ zJ%{M$*HJcopG1ej_#slro%v>D!yPX{iJjD9@{=BDdUBq^92NPALPj6o>9PYd8@Zbe zjZsCXlEk9>spJi*RN>6fzZk7wc3DaJ9H6Do(M;;J^75-$($m=U`x26U>`RK9q4aRH z#qMGXqyERF!e0s~t@EF0X}GBoUcgXM5%*@-Af1}yOc`|=^hsm|6_)$h9dI>1MwSDdTGK7|iJ+vk}q_^Y_No z=>}Dn&i!kISe$pIg-8Dlc7X~k)+nWM?I`*p8c@=WVqT)mCt%dcX#B6w(fk>UY>x!a z+ALeU#?gt-bgXvC{%>)9nDX}H`tKT^h#tem%@q^yM|WeLQRJp*LzD~ddluR+@h+F7 zjhR67yUKEgge|U*`#Yi*nzW}7)dkT6IHDs;1+wHq_q!;hFr!ZZC|v%eoc>bQ|6~#5 z2wtnC)bFq&j)kZ9S5<|hwcahV(*tGktS*A21llA}zta;uWClto54;nP5xrL$K|xBH zPKF^qQyot9a%$PQLolYiI^qXz_Dz#=rc2@rp}X8Fy2jZ&=b3?Vu~4#ekN64h4%S+5 z-3$E~67*IAkh1iss2sO^AbW*ES1a-5?dszDse(yIbzg}ph|Qn>@zIra%Qd?BedPrq z+9+nzOxa#}-h|@(XbWDVo@3|SIZVFkrSR(nDY5a3=}!)e8n?>^qBOp2eF*{GmRj?p zS)ulAiLz@kTMi6!Ukw!@-MNj@EPggBFW{XqL7;UOc9)h zAb|-5372D<(d5qS8el9%XD?}@H`GBz4t2$qBBivB1No-!wegIjJ z6%4Zx@tHe@8P)0FLZE!%Z}~iWdYsp73AKAC^Pm+TT8CrbDaB>vmqx$fnYF2h46g z1>)QION$E=T`{);9geZ9btY#!mpAOAz>EL#(AtTU%`3f$k37#Rsl#E`AvWBbpeQt< zc=Z1waLE+9@?$Z}QGVa=8-DDB5eUZuZF)WiRnYCH2C1+s#X`-UopB8rY=MDcv48$} z1O^8SCl-Y;8Ovo~eMUlvf09@=weHLvzQNNE;({}8XhuuA2&m|aISZq~ei&I2tkk2< zrz*OQCSHbEZP$@zRn(E#28!O&<~4*wvFs z@8rUqy`Z3=@tz!wt{U&VkKUW1`^};2l-SwXxlP_+th?OFtc0}HgXOr|Tjyf3wg(t* z0;?6WiI)QIAAwS5N!d9p-dtn)6qk~zk0bC7<;WMU%FNF<1Rirs|BLXYOhQGd(!4>^ zr!Cctinib~LY@9`8M|<_oBdA?&Cz7P#?Q;oZ}XW?TmHo}rbxnPP*y5VFTbDs(;97y z7k1ugp&3(2h>VUl7rRMU$a<(Y=u_|LQ}8wnROb>+&iIKZ6!C+LN~yWaqW0G1N(v6( z65S`zQ|L%gd&kYk6NMvP9!e-Gmw?FB4~)iI;b}S~l@dTpE4Uo<7^%l69q=3@15_2l z1h2(R=?YJYq};Qpj^!5PSJfA}v!JZmwx2-_s{cA<$W`w6)@NQRibI9%^yz0SS^?D$ zKgC3z9$@BDRst;q465Z4J2J z{c;A(M`-yW9E08zjB3X|AMxLWG3*lx-M9Tm=+){gohO36VrXcY)FAiBt%`~$vU~*c zgnbXTeFTkVY^#Gld5~%Q`1njv7Xj&H&2#ACsBb*izaP~m!wCYTxQv#_#=c%C z1!Ey%YE#NiT`S4S$%&!R{rvg!B+tj&^*@eY0-g7y6=+RN z%~ZT6N8Ptw)ud#nTv|u@5!JV3>$R{uP0kkI6Nc3_4Y^g0j!ghr)Lrxx2NH^W2oeX$ zBj7?gs(M&HAmq7$J=0UZjs0Vp>TfxNtMFV+%ZBhU`FhF#b8F0ve5(^Im zas;llA=>~82inB_PL!e3d#i}K@ys?iBJ zsUL9ic#hNY=eQ?S=)efNPzd$0pduG$0oFDP^**%SJ;;u{^rEDIJp@`^A6=nVv`;=j zn^v0}jVNm%f?&?r4=M?Q!z9Oy`Na~8I*iKAJJx#`&DaH{`>^rxxDqWM7K6}6vEv%Q zU?1CfaVcvuUH+H!XrwDVy91r@VTA* z>K~GG%%+lV7=vG=gru1oRSEIg>jOAM}UuIg)(l!@GVJE4lxdWXfrrP59c8J zpQ!yB()=rQB9PGw}2f7xxeeR^7gLw?}3HQ#WhyF1?j z4qO!Is5<(EE}hi&jp3PUmeA+V$Dvh6Li{`~?I=d7S=YHcIiH@Xc&l2aL=d?Hba6W1 zWqrA31f;Jkfz^Wp4)p@Oob#7UXo$E0qFx;GvPxLOM`0~4GJh&E?1$NCJEpj!F2f)p zi_LcNkE};JVp60kxu|KeIBC)qaNM3F2H(H;!@^|=nw`vd*g_Bi<{a;J!=ry%4_mDe zs3q+*+NZO#2XgQ}YOQxgZxahx$yQJ7K3YsE&@&M?U?vg}EdN_!9D(3DeCF1E@Du>d z=n=o&yz1>4wT%3H<#s%t=UxuGQ9_G3O)+5+qsWC3(Q`Pmh<^%*(V>J=u;s!P>z*^Y zH~pP)@U&PK?C$ml;Ai`N4jKPjkZ!#pxIZv>24Obi(?5_@|2huuQFZUiojQ2-`blAA zLefIv^FVZvES00y=+@q{*~U()@m`{!4>nQ9rDxfu3oPx1B5F2t79eH-L) zZ6E8rJBb1V9WwNe2cT~a`Jh_I5B#;fBw$SaEmz}nfXKjuZ6Mp26#T!J11qk7_&wrh zvb(ZrGQlac8}aMs=l2gto(e$%K2faMWp7(xk}F*yJa)0}*K-kvwvlro4NuJ0K&X^b z^{KcB97wk(fBVJy?fJ>L*lv1tZuN-Qa&*dUsjW$;Qsdx$5A9j{W5){y*egKlRu@kR zyb}C8b5Jz^P6&Jp1jj3Wsdh0MQv_=7yj-Eeu1bBpA6GV(rGR~N!Es~$qdHsv>OlT} z{UpjQVOZh?5U9Sr=ooXAPV*w{n`n)j*b=B?iI0yLvEb7F;xg6IT)i<8Gicc!ecomA z%<*LLci%U4^1?tOwT?W$C@YGs`FdW+bHJ|m9odBxV!yqTkW=S*=f=+Cu0xlV!3ujm zfZhJOeM$I_U!`qQLsR3=I1(z9dg>+GT^xIPOLD&RkB@I7iFHKeV|0T8d;`Qe!4A3q zSqx~RFDf_|^D)sRLu=RmWx~>rv0LNca{M#gO3W>M{3%#YirHm{oZOf7IOxnHnD794~yS=gAJf{Kl}aepnkTOww3 zsdq*MwU7QVdw(H59m&@N;t97EzL3>*%S_}V zpJ8daaj3TF2UWt@K`jcud&wt@LU>OO@SdnWrr?EoFA6myB`J%HO_Z^vA zdhEA5+-WgD5yhAiGmTT$Axgjxdf!aqZ)~tF+-X0>3h4`nfOkpAs$~)s3Jh~JbwZ{0 zRISBR^*cw4L~a~FwuSPsE+%yOaq~G`rkj}nzb_u@X+3cSVdAEAE%Jo1pC4=WH{FKY zqhAeeSFaCrj)gHo0Y37Dm9HlJq%zkYG-l=T6b{%Ukt>-mqY_LhtN|$4jfFX(KhM4L;!yQ@a}`HrsnqiGI=^P7cuQ zfEf4?mk|d`$8t{XjdhyY%Ddf**4dpu@A>QdR&wf7I-DUgq$LyxAx|QLJW0m&fawGb z4}~t&DaP9cy14g_+o*g!S;#D6EO#4PH(#n1DSmjm_t&7ZnxD~1)XNpyBT7`u72E9T z1yGxIf@y3hDofR<_wg~Cl}!;-tvkHrYZ)1%g>)|W_A+TR0ZiT+-x%n;$1meCVIlY< zf132hYfqw+?IElFE~VDP`Y?Ci>ILo0>+oldqegnNbX6|op(0> zSoyF;z{B{_VPF_X&lcMJBI__(qbCvb)v7r_pP;s8%35mNB69ZS^?12Q z#no>H5&WFakkL|Wqi4@)4jn!mya79pJwU#_);;e$r(Ao!<8N;Ty(9-A&b9yKgShUr4DKG2#>*RJc}n=8Y0rl&jRev{;{ zQ9>Qj@c-cSj(Yt$&t4X1LD?zLr9B#cdT>T_-H`9+j} z+W(-A*d*Q5!)}qOzEo=C__%-RF=#XpIdRvQ)St&H=>$zc$3aZt+&^To3cRPNC{U#M zH&+NnmV*xTEb|60zKBr2$JNq)GQ$=e)?$%ITVMiP;A^We-a%5{hq1`80#xt8c+-e! zOf;ZzmSlKW)0aD(N~u>qKY>0VWGq)a?n^I*X2#7+R1^cY=Znwq%_VCC`J`v`5ALfi zk*#@M8cPD%qAQFdr?D*xJfk~xy>Kn>&U?cPE^mr%L053kb01r&#KjaMIv zMQiQtU1Foqb!gD534FDgcZSuzKKCAD`Hq!;++-Ght5Po;EliC87^kl$kFz?C#-q+R z0>1{(_~^H#3(H?!jlMEPcoVIr{uZ{*H zH91sH1*DcQtREYi#)#^Gr@p*>@uIrAx~2c)S7D}E+zP_&FAvOjENILWa0mY%RIJ|cyNF> z(Uk5uT)F_E8S-1@N1x@_>t2w(%m+Hrgu;&%kdD zX)vq(O)Hiyr_jAqx9c5$ z*5Q|EPQG!~#f5uIP8BZehdkFNrYx2prM7gBY~A}9ofrN}{DK09TB4EXTu>%?#@)_^ z{-mwRL2?@gVUH#9&h{wIRF5kbHn(s`TBMhjQK}40MI|fNf=5Oq4E4oTiaoV)%$7N5 z!VPd+ghn8072WmpeFXayeEdI&+i)OSc;u&Lm{lMHDc>D~)7;+m!0^xr?>i^hfcj^U z;!#dWPjQKql(ehdX)I5b^bJ1G7gN{4{CFX&4hEMH5XiEu%-%m<)uyr$)%QBiWxbGp zHjwgzCMj>TLbTneTUWF~>&}7VO8mSR@~y z!eGw1%SKxV$S8E(jNBG>r73h5Hia(`aFc_)^p+@yZ*+7Ee4KGRS*Vy(aDX>`!{*~C z{>rveVM`Tx?8kst>EpCA8%LVIy&16^6_N%Qx|}l*O;f-~p$m*01_UkavBkyCp0;11 zaqolA8u*PD72bREZwCj=p^-#R!a9APb5^s`O__=A zQ;kY;(^ogyBE`lNe;p0gpKzkLjgjv21I@opygu7?kh$3veVzaqr6YRdK{w`B8+Gmt z9?gOX$U>Q&Pz%_E(E=^imp<5x|61XZc@k&5{ibE;z3(M;kg8{pd1+g2HQCY6t)(w| zMxi9y`|d>lpPJpBtw+@%EY|fx2T1yU45~?aYQ0a6P+Ow$X>_7!&+;mIR)D=;*m5Xk z>PphHgt|*L4niJM+V*1k)6KWPi;xbiO<_$MGx1vmVmQ=@SZE!e^Gbu@#L5Y2*C&$eAN_@F zH&t3b$jc&IqJv`4YwXP^)Pcmbn|ymEWsC$41BL3y6KWeVr7yPtfA71Q2oIlr^`G49 zxnf^V)KS?Ts#p!Xz$V3dS=_whnUq4$oUXJ2Dqc;mVe@SXScV?)>vZH#Y`P$p% znQn|l(n&j4vM>$b?U0Z|U(4*PwmVaIHRHW)Y-Y6DZ#Ui{niAiY`XUmOn8>3hvzm`w zRZQqrt#FFokm$HLs}8d-?lV1#_ts`dG{p+^dW$rrtXP@SEssb#`h8U5>pGC1+kfe7 zYHq0cTgCjAtWDADQh^BtbXh+R8P9@07rHF`BVN>YQZ&>TY&g{Qx1z!i@cy2Qr^D|h zP6CK`C}c7>nxk1%`XY}<$g)}r%>LH8j4OYhB7hVIv?Bh?5&fh(cLO;hm~4?G$-bJh zC9YTDRkOl>w>^bRW^cKUhlvv(eJ=sI!veG3$2blk46l%f05InQK^RJD!f*_!+tv4r z%G72p6`dD*-X3M59SgfAWjWC-x!+8BT@_sA#I;MZBxhJhH3|DlR#T(1QarAN=)_cS ztP^-{dXLmKVmM8?T=XbOkYdqc-^9&FL*+SsW9aUf>GT)wUg3%e_{zg%bUdfqxzj(q z_1heSePqqOE)UPK&brSW#smnbyHY`BDef8-QlK={6`SJ5YBNQ|U|TPgP!KZ7lTMmf zrsiW8GUWZ9*?O4w>v>{w%jfv51Xmt{_VuG)0wCsMFvSEBBBm-Q#5Z##L+V2JlCw;n z^v;U4B$rry%oC6i2$tCvF?We^y0xSgU_V$Y)}&YC?mx6MIu>I_PoZ1m?Otbd*sO#r ziSt&?U$hkM#)0_$a6=N&H@#X7967l?S>me18|w!JO-2830cMQPwju8A6=uhg_ao6X zd42MZ59uFCyY3CIyw@?l&U)fG{05OEDrhK>DZ(Av7|e6@n*_2ZNR;?8SM268 z5pThMA6FI8H=_vt^G(j}-xuSBu2z<2lD6{OHp2ee676nIR;>)x?bau}H9RqqT(^6% zF`RMYT^o+|;(=;Gs0{?IR10cBnmI&H+1x1H%f-|FAV(Oh6&V6;O%A|UpLikd!kSiw zF@R{QWw3D1I9JT=GbVHW^(9>XW`SVQH=chh3~^d3@1?og_ACF6ehm3MN#3&)eHYkW z)MCr%RO>blY`ib@dv3ptqYGq1D!JT-<}?g)ldU&^efgHl`BfJc?$=)6az?j#;B#3f zt0R#etz#9w?SB}25(?e2xI|L)<|E|QbwZbm!;?fA7oJMWdX?T;@TSHCfF_0gWfbq+ z-R9jx&U^py^XJdmIL*=<|yIlO2dFsNb zZ^`;z0*XRV>9Qv_-kMk(SCH8XEn7ZFxVKYyk5|~C;>MQbRd`X#>lZ#|yr}1j%Hvk{bI=@gp(xy2;#d}ul2aZ*a-GoAK z&q$c?&S?-AnHl9+SeC3V?B0V94Hrp(k$8aDBsMt%7g=&c)8kjZ_=6Do2sizXxo4zr zhP#Xj`Wa(q*_qK~L)r82<1sv>_=vNaf?82D&nq?_fc(APK8p&Pedvo^Uotqcn*K*> z5Q7;Y2<|s;S@6$lV+IN@&ra3nfK2xfj}PN70uf|lhdv5!qGYDb0sIvallgDP z^?q)xF;*m%Lrw6a`%c(LA}AeGO6%fxqX zaKLIE@|e6Xi*QYTU-Zjzh$gMxVsaI_(~N$qThrH$KHvuqv1r7V4D8Mu%(nVUEU|Jp@Ic*RZo6XmB;T z>p+G)P76ue9yZ5cU!3U9FI&!IrFTbF=p>gU=2w~FCt$^QiT9g%2~>2&Luc48dzHC} zGh0HH!-NcArUf4H$rrh1y(sE8p`epYD~`8$_vOY)aO(CW^Tk1dyE1<~EC~C49FY+{ zS;?{kl-HaSO(?@CiuSqp|7D-k3A(2wnFqVvZ4!;*R2eOXgO0q08A~|f>^b_!M2J5&=po-ECWn>TNeF%<&Qq_%Lg}kQ-CHPN&7An+HlJ*Mx zXX6J}R|T*Y&VMO>Qt-JeUG+*J#(?0hPIS4b-{mRazXm|W^+X3M?*JcIeKd-~+d=_s zR?l}SbC1-+KapVwBL$;p!Dd$d?rf%FvCq^rt@&DIX#cnZVXPUu6}mhrO%>@O+Yj78 zP?Uk|5Wx%A@I`tk(4riPB-{h(Av8jh{LvdN*kXziofWrMa5Sp>wz3g7QXJ}vi-K4`Z#V~ z(rzM5pMT1G{NBd<)R8AlHS4oaPQ2BjDzon%*hZ%JBXSYD-bMI4IO%@xdw=1M-?9k+ zU=gWc*&f&&%q@6-9&O5Zh`0mOI3>nj-H!~LKz3iX1%v+JpMC{}dPS^Jy!S-T#z<6K z%~w@bgTe|4_uHIx+s%1GUgJex$(@Su_pl8CJWF3E?Y@@%e(L!rmc`=@c|pye;BNoLJ;Rpk33_gnj~sC;*G{|1v}YzL(7en{Idr z3|WCJjJe&O3imr*x0Tutg@4|mZU(7^ydy)bdn>;*A`>Ei{H(?`IWmu$U_0N;MZNS6 zOTeQ(=oa&eP-2VLAL^_1?)YyYao+Il-p=o?zcJp`!LpYVy>Y2=ADHfOtNAT%QBAeO zc2s+FNb!IsQE0(pR3FQ0w&U%zsRBW@)5&%cf)Hz z!A7mp5*+$1w~n$&XNLazDSp)<{_NGpUshv-ukW8lzLd!O z@Wb~@_v^bt^&(?^hmZ?hNq*oFax7CU!gbil4ueZ^ zJLwcqhg{0ton~Y^%derg0B^YzRG*btZ0@a{Mj8w+keNG zOh2SjNc0%$@X@pge4+%zc!}5iff6kD7juY(y?X`0gpcdg?J!w?%a4~7UQCQkiq_oN zdg~HuLLz3Wwc|V19~>M!p;Nb2vi`o(;WUQgt0R;EHF;ylOi~eUWbs=*+NY2LDnpsdWp!IPOR?~Lml1Ld?d_y z=PVEf>zi|MoNm}+9H$$Ls)#NsxWE73dKJ+MgTX2nlSJMGtigrt6t`;agJhdAex{~1 z32wAOXnk%ewE2xaiC_FXa-z05`3fvc8cf?KmNTUDfKB z59F^z2CF;!Jcv&D%3?7koSDD$G@91rEb;SOiC5Db*1NK;O#&Ux8{QgFiOqh>_S+T5 z;8}_XwU*{NH_bB2iWPt^5FqU)(1q6)MEO`;6=$+g%Y~i8BjElwh5q5XgMfJ0&zwuT z4e$j$dG&hUNNc$9*6T((qDy-K^I5v@)L#7mhKi^{SiEh=HSk-UOS=4eMm2Bs&vbf4 zySPENf+pXtGY|I8(w(ALKtODb7V?d|?nyw`pCRWRELIcySBqy0Pg+kQJr#oV-;U~* ztfrliX|%f9>F(T}ZT#)p6FbnQ8`!$KRjki%6Juvr)e9U3+Y7ToK0lc+JjAJS{arY) zt%7k}Bjq_X3*wA;l=Yd>tAu?qzxp%I%nDHa2%KGe(s1PINSfd|9OEg?9nPZs68!co zbj?hDoP;`boyrrz^rW_V)#Yp{P#TJQuWqS!mF5h_)Hbl-2eKFN7+{ch#* z@IDDp(bQ=3wBGA63|$vy!G63?&{vZzTo;6j6>D8G+0t>yc6TuEr1gmO>hX>C&U-%_ zd)iQ&goiq4ky>m_1`=Wm2pEx@J;QBkK&U9*_sDJdlj^9WE;7Ks0TOS%dYR`YPZUaJ{ zLE35+hc}G`s(}2&?2}ig=u#n4Xl+~eH3|}Ejl8i}#(P+5eJpRTmd8ZAn zI6gYM|J#s95mOreI)VKD!}4z!P6tx&IjTIQjcbo7u9kXj=};YZc6qbzYu@{xNNoOt z#?z*bcm*#x|_rf|l&B2`3$r|6QZS(zk zGO|qga-z9IvY6KHpTtxfY5^=-OeGSkzXO*(p?q6sCDm&eH2l*@(N86)c=xFGfo1=c znDSG6S+UlR;@kc1^QP^ zYW5s9Iw4^qtxA9zLtW84Md|cDzmO?XFsOLI!CPlcHjXHE zb@LWt0get62T!Q^ZB*HfL=+ev-8pzT)-V2dxpK1P z#fmTcblV_^Euoek>(rMl&D2q@tXhc zLkx$`z_4aQ2Hbp%`U?bKx7J(Nlj)p)j01I@&xP+*`Ii%1X98n<6k|DZ+RHoLUmjJ4 z3>8eqv2g9vxJ4&7(Rx>>O|ciVc!9 z!Tpq8-_;TA?>Y+Q_cJ7E_v<%9E*A^&L7PjV5>Nd3+ElWeRESfA!Gsf)Suw_`iCe_e z-F4{JoK$5TPoGnSP#(sXK<6rtk}>E3lDAyV`#9)(2jtD8q`=%F8Dl}A`=E6(s%y3C zeOP|;oc&EkgXoP56~$X`UY|NST$;*ey!WQ4af}(aKM4S>e#{`L+C5!#v;XD>bRMqK zZn`?Kzfl21IQvi6GxX~gyPBnu=9xj;;Nru#9S7>|(2G(4D{v6g@&rE1K7jXu`D$ph z|4n!-%E!+eec!BZ98DV=xa^wO5a^e^`eo$@K}Gp5Z7zY@>$9(JIORl2`pPAbIe|FA z@64k!dw_mMhum(+_lmY%tDxVjyIHZ$TMe_!xUM(kzZthwQQvZci~H?(mfs^H4WBpS z(SQ+{9J^(AL6Z)75XzfoNqIPyi{V^@S>Zzy8vAk1z+Q~N+Uda)7y@!wXUQHOP z&FonIn^pS9rQ>03QR7jB1pczx zA?FY)^{`eWn4daC_500(fmS6vd~XN~=GH7+cZdzG>#rsKQ2_L{%`G)%t<%WKEmpD8 zPadnByE?6dje=NxPaXC0{HNSJuaA{dm=j;Hoc=4 zsI-<*tlqtIld<(8P6S0!A_$j&>ETC%L?LbfMS~%D70^z`zdxkl5$g405AKH{DnLq!ID=pd5!B5#{Zo`t`Z7mFY%am!yLE zgy!M?BX&zq55ZO-*=Hj_b0kig7>f1#u-`0CZDidwx^+S2 z$nT}c;ald@>U5H~pLiM%gfTj=mRiS{nOj&ir|$jsn}~SC6l+}LrM2sI@gjEnd$?b8 zcb1w`p7zV}R|-rqt-Gu1SNj5>2(#E6opUEXlx##(2LVTA=xd z-5y>4?Y$Ln&#Ky{6GRoCG+BnZ+Sp7Y;9^G&yDX-E0H`@I&_{3~>QWR6Sw|ybmz9>3 z^Fq-sPq5Qwnl`gVtQ32(r%IZ|T=~GEG#$^UUOw}Asp+u|TeGnCHBDvpKT}s6&2QX@ z$k(gVZVW%kdGN@o=x(cykL9n-+Nt^q3^?KLHNm|a8^Tzpjzqt`s;^Hh7;G7=L~MrP zV(^9!ALPznz|{acP^_LWUIJ}0-~O%H$%7&>6&lv>x~iUEL8AJT^NH_xKCkX;C1_}3 zhY3cKg0|836e&^00LF$vGcPIZP}(kNT0bPBaVf1CppWJZK4#tKGu0!EeXBdtPbqe7 zo>fs}*FpQaW3QRIm!-=WtyimS{!QUbaWXs8YR<2UmU2BT+n(M4hK6045dF*hYV|@L z2IaRSBpvs5CN&B}vTp9Ig^G`t>6K&{Rk`1sYQ!R~?gkTjp05LHhG|u@o4ZjfpDXL5 z3@*G@jq$#7BH#O316l)fTD&YwzVY<4cnITPm9E{Y_8D9MoM0ha4nF~5!;qB=gbfgA z!Hn(ddk#ss4tdHH7$W4M$}nMqCf~QLluZ1fy(^bb*S~r%km--|xLV!Oh>V=YtLf1x zRGoASr1HXAORxPKqw@7%+j;ip9k>kB{?)34!YHJdxqAe^cXT?T_l-jDo6~LxXHSC- zA@!h?g$8Hl;$f(QvVn?C~5k6RKf}Afhd~R z`~f8|uE20#510>&OTJRp!u$TwW|&sPP3nKgGhL{7qtAq;OBv#khSEgdxHr`>?&|mh zUkAg&M{M`%w~N9HJF$o@AZ+*L>;}@4?Y*y6N6wtjy)ZJi*X)^bqr*Ddg?{3SDjD;0 zJTp5-qQS?bDtBJB*ABZ4e7Hkle9(^i&^ZjAB8KSdRf1@jj`LZc$0b)gUTTLMq^BGf z?$vV3tMv`*@UqHX+!^VtYv8N8r%A!+^+6+_p4@bPs6qqo6S7cN#LMGa@qyg-93?Zx z;*kVcOUy|kcSdO*a{fm}60e(M58h!|cxdrz-(H3ig(cOZv3C5uqOT)U64=5!PZi!+ z!(H7&L^~>xD2!bBV^z$_vCp1P`z=GR1ardhAEm#El#iHlz3Wn2j7w0eV(Dv3+Kung zqET%AVZgepdZ`sZ@?QH%DyETW!d{L1C1Telx1otx)GseahV2+`KkRcD!C) ztfalx zW=4$q7R{H%soyypMd?u@8|8={oANoG-;ztOsCX@Uaaii@cN&dT@C~IgW_E6A|9*ut z_zod1r;rknG^oQWVqwPf0qj$vqGQVK4^-64yd1tzYCA6;WaIjceVlqP^PSF2%mdPw zFDv3-JB`V+iohL*?C8!&1BVKBJG@q=mYMFXaOD#+#+r|9M{0eArfRne{uG>4W$uGV zEF5J9YSF!7=xQiZFkO7Ly0TzZOR2r39ltV>s4$>GQiAk^#6x>@eB;u_VDY^A4L!c* zK+=^4DQYR(x3KT^QUr!pRatTQFstPjXMO1Mm#;!Xup|uLMUxJgCPv!8i^=5BhW4qE zCA*LPRE_KwftwlzUP6X1pBrCzDlv0jDaB_(!18Ocg^<^;+g#k-k$eVkTH3{j&9_^a ziU&%p)O?5Orl(hW3-9%k*yUsy?<{1-jSp40bd}i~Yz(A_)2qG5&CNWg2d5BKbs26e zN{a%mr#1f;#3Z1)!Ifu^b_gC-e(ZHI6m4~-cGSUn0o@WkpIrv zR@*WRJ3g;grWd{T1Xes_=A$=@+v^CLQ?vq#!&ZvU3p=sWYuv>@&Y_M|$5cFg-rsA{ zG@x!Z&>&L3C>!26~`7jJPA}c!#+&C$x@ovUCo~d~i9y z3uEtwI6>RCyjp_5k28RjChpgj@d(}$f3Z3zOi2Px3a`~f-pDObGgY5MbV~f{eCBXt z-oe@2pb(Qh9jeBxyODolci5k`pHZAUr}E>d@K03DMEQ0i=xeeBDO`%Kf2Ogq@<#0q zovlMmGJm)#XTU@bHRc04yTg>_*RON?8CPn-t*N0lDJjBwKgKi}g3(P5X@z+GUpLpo zTHxwHcQ6Iv$$YH1VDoWNr{i&EO8xp3yyFx&5c>>33uXXuk0QZSOIY_fQ*Y)~A9zqn7rAmyUCTWy}VoERIQv$7U% z=J+=@QO7EMn2;yQ%PxKQ^zMQbH9ME!+b(+C^ux0Tm|43LIXZ}aU6BxU45z!p8`f`t z5Oge3(G2jw6O8>({gH@)9X{WfPlK_qj?d~}l@K?E-dVGbh~OT1Do4`#z}^y9ok=Gq zQ{o;Eg{9q8thh1tdm)9HOEEC4ApQrEbw^O>N7O%lBgYD-?48-2kK&>t7*f@E>aJz4 z0;rjE&2u!Pjd>DQdP}v92puAWj1Kc1pE>fI7Fk&z#qTf$|GgtMmMpuUvUYdblIzU+ zgQ8mRej-H`jsOd5YP33Kq;an52LLov5SI%U-0VJs;~QPY_{yhS-pJ)6xJjrB*IcP< zYO*zRadlN{@fZY|qh}*#$~Jy}ZZ5a==jRX1&CRb~yB5U8#&*@vFlqS_5($j#DzR#k zKy<&%fZd_!_*j;aT7OFIRV})GzC1lP(wXMn083m@OGu%Vw0Ctz7KfZLQ4^B1Flu-$ zC%$J8@q%$bId(c`6~tes3l~kAkmsWm0{*E14>v~3P@RQzdAaL_N@6zWC^ZL%K7Z zTTsS{(lJ<8PcDXvq}Jnnz}ozUMny~gVuRQwXg7tClZIB_rOUi;$k*FK9$I* zsM%BuF=97jFckz@0-Kj~-P~?Tx?Pd-4Z!Uq9)UKQrlwYF>hU|V4X&wx)!GUHv5aeW~WoMb@P{wX%Gi$53 zz0P)oI+`oh7q8J$CynkPH4v^t?enG|G~2KkYXWZFM5zC=v$Hp96n1rYhc3l>`a0_Yk=E=dZ1H7 zztyB-Ynw}<+41t}UO;*y@l9Y4vLreaYlkDc^(b!|Nh#n;x&iYxV@@A+^o_XQXk-OSxWGX0z^ zqs)wq6Mox;rq(YL{ONWyq)FBTOHQ1*((*j?dCH~8=%>ssi>Cu?OT_sB|R52ejfaO5@#Pk97lWQPEP!iGa;Gf zc@q{{#wVO`p2Y;2@HrYVJ^SX|mZ)6NAyl{oDY`L@Y3j1gl-}J8w2L;(e)Zf-G5!Gs zEbNo#I7t}JCkyx)lnqC!FQka+R^I*i%AB9$V!bl9zMtyAfs(c)|5vzuVWIvgpnf_( zR9(x66^zzOk8eN`OVrpIoIMpLHa4iv*|qL6skO)`?Q9lt@n}Tui5J;uXJ-yDP{ClM z9sU<(?;XhH`~8n2%Bn~ak{uaY*%?ukJ;GCVvLZx6nPoIcA=ye~Z?bu&BD-Xy2w6o& z+52~{n|go7_w&c^pLe}qa^LrLUFSOEaUSO!A&F1u)*q#TFT%YsbnGOeCdprau{$W2 z)cow#RyqgT<&Cw;(MuL~YFW0(hWCj{y>u0nASyUO>eb4UcO>MAFxLI`F@-VD3Gu`L zJwrYA-`B4FnU8OL>>I<5MZQ#m=La>JuSP|TQ-pr3x&Ddt=Vz(rl*d4$!%Wen!>zs; z05`L#!6J&bVU_P5dSIcl5^VY(lb<<+Cl}*BoqaAtvdz(7eNCgOVREsdIE3-f&E~tZ z374ey++jC=MPR|ZZC634pXH|*Z!W*yospjTxJ=@)&6t{yle5ycb!JiU2OGl21wqu& zs%vG}uS75niAy5j(D@}e0&Tx2^jMLxDHHnUrKp765?f2H|LRDI+eav3G45c_(lbf?qM#HW+W00 zR35{_{4VRp{z7vb;*=35t{Q#TBGE;LYK#o-Tp}lUm42=uEz|L)T4?y(pb{7=@f%M> zV~&GEpr&5$QicEd;N71u-_vtl&U&3xtF*JM5ZB1WQXWHpS1)}LMzio|K ztPbhbhb2|GhjVbey|V+CrV{y@7V14rEWh01Ia8vTdMh|83d>db`SpTPjN@NO?`P0N6^i zui)^%P0M8|qRBObr(o~L7Xt3bBWDb40tHFuBBR#1nUmY}?8aSC!+_%J$%{3jv4RMw_)594oU|{*c;a_{A|5&i* zIO9OI{TK6}T^V{2^+T%YY;=hsOirHfZu`+It=BN7@gy41Z_Jp}bC63JRpkK#bXUq6c z$Xdv=M8P){K)YUXQji2iI>S51i6#d6WUdRFX_#_HuGa}4&&n37S69`DjQ@4=XQ!0W z%^OXRk1~0b+&(@?xt(tzAZk63o}K&nDQ$MdcVSSOmG0_~Ixj2WS`|i{u}{*bs48)& zJaWqO zdJ0q&3og04P1zyG^@?{qf=Gy z@v#u_pG5(GdJG>4VHl~i*&Fsy>lk>RpE_)(*lUp-F?b#Fs4nv3cV8;m?!^v2mv<$e zm^kAj?VEEjGLrF)*W_YB_>;trc-EDj=4Eh%YrPu1w|-Uqt~P2|hZq0;b!p0WYUSfxEY^RrFtiw1XSo=nh8VPYMse!zT}-2q0kZM}^K-&`P_ z)F}`MSZFo0zk3hPPYp+pHOz%w;XAP0f7>nGYy_NLZ|lV37PTT<>z7!BE05>O zAAHbXIQiaiSZ?4^j}csPV$^x#Sv4%~OX(vLmcc9Vso9f+ASeb({ z{muwBC^uZ*s9SJ(p5GZg|M=&NRJR)yB_vpLYk((6zL}LM-#8*=DPb%vY@oCR_`pg8 z5dpC=3kV5C?E3={`NGSLKVOJK=0gG^$@o zuSH9AlyK8uuD4hi~#2VZUm%JY#3VyeU%kqX2 zO$!eoA-)H9PU9E3sN{JBeZd8J2=agJf;2bslF-djqgo!`!#L8%2}%<{FqO)9H5w%= z;P9azveDs+t@9kJkJQDU$_@@;?&SX?;EI|x4{E{dn7$ltQUFFbXfX3nh6vm;e-0Wf z@UvQKDrhkNuSy^F;RfKIw;aL50DfMAZ)SFQRPhd$buQ>4Za157wr6xCg|!5408m*-?bFV_t^ z3ftL+y{~z%jUIdl!D-H}+$ zt;3gF9nTJnr^l($E0I2!gN*+?xXeadM+=D%WK$FLe?d0x`Ebqd#3|bS-NF0#tOsIE zKSAg2aXfM&;p^o%;S+bZ1(hlT&&9a!eZ34<$eV_Jzj$_QKfYg zjDHi4Vl`c9MHA9815o?ZQ~bOrM;?!2wSW^^cOsCsDwpoG&Vp^sSyw}WKH4l=iuIo_ zT3!BlJr|nv?%DgqamwhTG2y4}g_)T5zPwX-?U%khZ#HklsiQXZFx`*V%0$K>eb20tp$i$!YtbbL|fU^7$OM7newfD_D7y zU2~+4A@=KO$D?0+=8h47+;4)#o*YorM|qY$m?ov#i9P|QNy)x&nn~|t05#kVeeHwb zRSaUG;oI?-JpQ1+xNI+5Lp$wZ%YMPr20* z*6edr5@1c@QBubBmZBAD8MG*7aQw+JiMAvDIGkEbjn)%akP*o=x(nY0VJCw{16;Q6 ztvp@_ni#_SAj+DKm%_P7)6^9f6QV$!l!Yb9Nt%tflu3wV_kx2!Y3NKaLPP$GHM4~y zlcO&bc$%d4LY6JMu;TRqK`f@XB# zdqE4gP4DmO6#&m*^Qe};BFSg@BS?KBeFSS)B_VR!*DvJxZ2sq$`i^bN33%sS(hr;N z^Fz92%kiq!SPJ1YbjDxM1%rCGtQdb%p*_G3hb45|3bz68n4e(< z?05SeuEaZ0%B=(4*^RqWnOXT<&9MS1B!(r@VU2~Y!6CzIH?FdmY92lO+Z}6p4sL+2W7%9r+3QOmD zG`r(>sQ9~8hBc=#?q|?l{Mm7FI$HRB)6W>xatqv-o?amfD=n0@^WNM3DlrhfDhghO z!+Ok9;XBGaBaa$^7yfxw7~_E;Ddn1lWI*F{U9i9*_jX;DcUQozx;?&+gtQuFE=aPf ziX9Q8ef+ijNuQ)!{tkREf2OQ$>?Hh?A~2U0Q5?hA^&tktVyH@HSO!@hl~gH0xvax2<*C5d}pV@vnq+$l+1DFyaA_{-XdMz@>>k7e5#Ci zU`tZbfT^@Zl@1=rGflLYq(I&?AD}e_*kn@{zf{1qdl_H@?c-xmK^uDEJdKAvOgQ%F zpsTC6>Lo|tSyb)w;2E$6;fFaSVl#4_%sKrw+0T`OkCcypVZE3a{2eWr6YnNA4g}bf zNFBBw8d<}X&~uOt2{}l=$P+veA@)}y{wyycx^q$l{`Dl^OlwT`#e;j}$kd~`dx{;x>yhIU4` z{^%a%pe5FT(XwOOSYp@3-$c2s@wUJX`mA4{rBo4I^)xSf6hIj|2+bE2o*J?fje)&< zW4zNtqYN^;K_Wx|4-w}}C{o#;@!K1qixKD0{km&B*x!Dm>6<0U{9ey$t20R&f4xq? zUr(F2e{}uxZ5$LwFyv`Jw6d!o-X5)X3;df`JxRUPAAnB6P~jGW;TP3#X!8?vT^Esh zy6I}&2`@Vnp`?vfdZ48%$@kCei`RCIuYRnyx@@L^duX>W5bfhp>d)@Ks;cICH7rXY zjXFAHL~7xgvcN|}2s1wurY05(C5Y7yfqZ1dQ(|iRgFGxt_y1g$sre>d<>e)6a7HV% z%V7xN_>^4+Ikiy6l7rLnMWP7{UqM>GlF;V%@k{Sd5}ham2c~gy;N4;@_qGBv z`j-Kv?U#}^IT|DT#fTsqs#T1SgLv?MZAzvR)PqfY=^~8H7Lnft;hzQ>u>u7Z{yXJq z2-L)=G@!f^UIYL0>?hGo-WPW1eF;Llqs5Y+hS1BCX8nxyLU}X!XUB zM7em?A%My|{$`d5euUQs%PgJAbnuSfF!JkneB41Ec$q;-#5=f#1p1U(^c_rKnx}uT zXKlZZfN+gi7FVtOiW%aum-}XpTkg40l6Tm8J8n?jCDJbSA@5<{hv!)A!5$$<^8%ZUTk-)aCTY<;~CPd zmCO(j572(0D989`jLRq_@3KwGdvTl4(6LFZb)AF`Tx#W4fypSiTw{1u>PLh&%YY)k z9YvjO#9+scu?Po9!=>))HPFYHLh#UT3O>_HgIB+n0`rgUpJE-}<6cxlYK{4kv&Hy( zu7Q768{+ofX(_%8U8aXmO}z%ih-X5O#EY>>KrCJ!v&4KoU|6lsPg=X1y zO18IZD^h3>irlQ~9!-z!Z9BJp-ysR|N8$0h-S1<=??XB-dpd}*W|MxF0FuLz6R?YK z7|(c;;`qRhJ$N01BIwy@h>aQ;+FV}HviKbmr8k=es_k6^saC1K-V~32SkKf`fT9^b zWe`M>U;6#eVt%4~FjDd^E;TooBDy)}FBd?gLnnL$+H97(+{EPG37+9WH^xZJUeZ6o5+9Dqlbz9=gM;WL||3q4Z5sSY#MbXBr&%^Y6Vy zEAJpPrH(RF$00LSU3m;ADdUQEPKbI?O8Qtf<$ahR1v)a<>L3D*Y&qe==~Z%f?}oDz z!{$dhu-u%#$Fs9UC}`k>2qg$2l)8q!6Fe~avD1nA0){s|E5Wa*azeUBT}Ri5cZWez zV!9u|LINTcr2m1jI#{!N9Q$l}J_rFXLHAQfATo^xohaO`3uWGY{E~)t3zpsmQ+IzS zaqX^R;Hphm1554HVmjwfV>bWC)4 zcc>q~xVK0D=z{VTdjg2`2Sj-KQWA0-Eh`6xuZp7vok#nf*Gt zx{QTozzK+vt*M=#?5_8G@Qm%RLXa2nw~E`>^u+`;cr>BOH~{&B{zWYd07sKJBQkPEUH2jli_SY$5(nYw+dPHp|_we{7nJe0dy@U*#p6k8uX} z`QQHTvN9aZm{ORj^!@wykr>H<{9iwIxkBo;94=AZWTP$V4>o-0H4~|`2_QgFvieKp z=3;1O4h>Ms5=2ELjpb!X>_2{~1||?waYy9HnQ~7xvqYcKSy`POd>DMT{7cOihSkIA z+RN!a2>^DNukzo<2YmJN#(Bv6OA#_N@$wdweQ>Z9)zfXY8iZX!}5N*I)>iT2xGYl zcfOYvsK63bG{Yh86IqdRRkfx~0$UFZHT%WSANW2@jiSk7S_suA7qw3jX;U~`p1LAj z0}lh$76@dHgSaCT=Rw#L9i$&Psy!=6Gl$;NZ9CJ-0NY-KnU&IP6Je_%KR%sze9sM`qy24l6P9h7-Aw8ae5>p`K>Wn{orn^3DkuG$n@P~*0SYgEy+TP(wv-%u3l_6lONQ2AfrI#5d+DPiWH z$|7lq@1My#L2*PjK_FOTthtdQFx(7x%<73=y;Dbc1P7P2x>QM9RAPcl3IrJ~|Bf4` zH{oi>1Ni!#@zK}J!)^$BEBI2_*r1Vza5`Q@wK28&OP zxR3fj1K}Efi^=N$qC{S;oSbI%QiZq;SR#U)fA8>(=r4njz`WT#G`x4Y= z92t-e(Jv^F0|D$d5WxHhXl?G=kZ73kMR77NHiIjnF8rfU%qW+!%SfuY$)RIu?$ z4(2*h++t#6SkH`jO=qoSdhTJ4$%23*3mQn1*aDRh_V29oqgdME*$m$XC<|{z&`uVmijj^Rhp`;8qAB+aW0AzN3suFV6YbEM&hb))w42d@6 zgFMi>+mnb0;4X$(3stCxV?T^G?EVL_UyZNucas;iBpYIzdsLLv`TA! z@kzPi`o7)U?K|KXsLFKA$A^jvoktyqgJq=0-uL%V`lG2J@bYF7QC4^_q3JpJJ-r zx7te-kyqBRDDKUx5fQ6gD8&j+5f|UD$n@4%;Xs@}D`tbD}x*=?XiQ9s#eQ!`WGtxTCu1 zclo}0Xmw9XI^H{LT6;qH>SclL4>?Fmd5OA7ST|~$DwBNxnB4JIOXYA9Io_(}Gg1mT z{az7_5QiTi*_{7qE$LbFVfl46Ak5QKMsUX-1>ap;wxt)z7qjtkNe+)`o^Ca?T%z<y7sxoslM4c^&zj#Vj zNdZg{xEQG?EU}z5Xu^G<30V*?yeu;(=LueJGbwAxlYurZ<`ap}+_#I6j4w=SDIVci zsm~UQYI(;2SQDN(|IePh@595Kvte7~tqH+1*u!Ah4ZdcWZY1H5bjb0_;;XDn1M(8z zRD7{$g=&_p>i2J2NuON&a=W`aBVV;t$!(OC`fw3$Y0g*W-$xO1N135j7^#Uka6?e^ za+O$NcRtY@15r^?9X&nHR4XeTBVENGDsi;B=?8G7Yh~vW&eC3E^W3P!ouvQ7V*XIx zOW}6P%ap@g4w`Cektr!0=g*xJtiuK5w+LAu#P-OZWHG6XWiAS6*b`)_`}-vNz7R$4 z-Ii)c)^>z+*|5gP156 z5$}ty;&u}F>Ugj#!!7ER$0t&oL+3<6T2Q;1<+<=2m-!Y>%N%z#dT!9czu#6ELS_!q zAd?PDi&0O03V@2+xb>bKNdXtc)Dn;e83XKZ7j84nOwYhT)ygV0Ugnnm&4r24fY^*} z#;Xz$R5+cy{c0j2Hug#YT;u|n?h%5AHmR^|;PM7*j5ZI*_FK1ndJdm-hLm?~Obv64 zoJ;U#QI1d8)4=WRK09*C{$j`uOUa_|i?b(-^X7;Y( z-T64N^)N*Z$73ZZ%4|I(;k#KCX>j3O{9WMh9%kiRkW$#nB8`)l9oSY%_Z6dwzF`bIi4j-B`3-z%l^f~dOOKqq8oaO|5;*FdLqLM*-u>aPa$#O z`Q;7-xBqf4gC~HqTbY%VjV^(6EU3s&QVKE}G^7mpKeawuGK5*l$#taWoM|bL__?^0 zjyhBc8p@O8gN&W6_R+7tuO&mm%gLF#Ne0rbw%Z1I^(eIfv?vZ=)9(}(C0AoukxfqB z9+?aqtTLEm^>uWx@xku;oZ+>`!NjTUv0pn8PgOHwj1>kIqA3%23s6$~>`6x@G*~VZ zsLH^T^I^0Pq-t{A4x&Ab7I;R43nU?_pR_S5w$*0FtDHMWb*P5T&#Fd}9TR;Vuk*Tt zf7S0sTFVYG{*KYC($H702(Zp5AS!4614Gk)H3%BHfk$BYKXq{80H}ipv5h)tReQi^ zlgK|FIl}FqPniAZj|)s|I_5W;{z@B73ZP;n^d(TO_UVRiP**=hge&-MeF58zThP*y z7x>=a9MryHp|J*ObE1YIN_ax!R!^X_Kv@W7zzzZ9CSyPsoX{djjQxND?I004p=bB_ z&}DJXhZ91X*@p;$xGSbbjGjRWu^(Vk6I3U}5{N>`q0GBgL^fk6kJN0`LnV zg9jlOR_gf_a8Y;>#4Gf}A0nEo{mco~S|UC-rqYe+`}0H;;J*Vu5Oxvx4n2r2&mbPw zfz5u;bmQGGgv>}oKDDJ1i zmARDuI_1^9+$hR^^ZYlz6BupaZ?s{m3kPPu1NcIl_N0$MJhzL3!zWFnvA* z-2eX^m_0Wr+`Vy1jcBb(u!Rhw4|J|l113Tt9f733?I6erq&H!-CHxCf7?Y$j3a+yF zvF3BCQ4Q0FZCba-GeKzKhY!wLYI=1iEi_5(Xt!eh{)r&0f~5qG>tboxcTpNRF6+H7 zjL`>(K=9hipi~|Oz;j`IJQ>>7ag-c(bV|oCALxV+ocup)fgpxAuY{k1LWch;8V`D= zBly=e>E&Wh7FVhr?qkBnkN>6W*>k|MLSxTnppOnh%Yytb{~=h`aq$SGquT(^9R0Pa zg{mLWvR2Mo{i!6G3~Ag(ClAyWDkW|o7ZHi9X{njml(gOYIggs@|oI^RxpRX(Sp}hbqi~`>; z{~xz$aE2%;dq9A331nt?w_C*VH#hPB&G*_1YAyG41UEK|3km_1hR3ukI3fPvvv}ng zzP|3|d1*RA*z2=kjPw%OE|kbM`fjY-gvZ5w4WLfmYVzN;XCxyn z>2Yw){Iixs8R=ER*p*PX$?nFbts&;oG`W?6kW z&0yvZ>q$xVIt#tlOfmb$zN?-v?Ee`J=~`A9pf)gvj}&#S~b~Goc?R<5}S%PL?Q{q*h@!t&-?Yk2F4z2zgA;W##oEr7O)+|7J@TuPWyl=lZ z-2LAMc))6I) zkp!Zn$OZrJnw61ZD`s@>Oiwwc2{v>n%W4ICFotej=Rpe9h2dp1%2JI@3t}>|?28w9nICb~{<~Z`MAo zbf2kV9~()MVeJtDgkD|!OCiy$QCfV7*zya$>i~m ziIT3$@MXPP+vLo8>@D56@Zy$qp~ijW(y#$zL0aedLq!&0(3Q$#&_WR{MjaC2cCm~D ze;)d!67s#vG*wJDRX#lZ0{hc;Ntxu#x42sTwbNPk#x48IGtw^cn-$bu)2!8*G$72T zGhKgj{nzJ@gQQ+=Nj>0jI$wM<`=sADiJ{HOnm{!nE3VXmY|XuEnjp$|(|2XuH@xbU z>FFQEuHiQ^QG{V@S{F?@Yj4_=bar>`lssO>Z~rXcc<{khvG$Tb=l4G zt}W)nDil34LF1132GW^A42#D*e0I0Zh}-k|9m+8~`8-prLCkBfP5!q`%eHtK#*?$+ zUZ3-`OoQnqUP|ph>ig?!y{9SxZy$Z*3^EH~@LtLr1_}h|=^AleyT;bu67#)9A!B>o zXcy7MaomI*ZbBs6UAf$jl9kUuJpLW)AR&10G9NBS+1>-i!*5}Y@d}IJmM317p$OB$ zM-k|swJND9zx*J+Re;R!u?rn<~LIy7rx`zagJld5HAnAoXw^!4?b_mNWyo?S~}^?k3@ zy0W7gCVH6oqQPzw8wHd5k?c0SEtA3hIr{bO6aLGa1W^+Y$TLY~Gx%@>ycf6d6}uFb z{rz8PZNy1gsdyje>Wk=vV)&I^*N4`LOk)2WEDk#TrrxyZr#PjtQT{iQELPmWorI^a z$4JNNviFB>h_J(BKHuE1*V4pMP!^tLz>|xt#1C2;Fn6wIb|y_CZ|raCG)(m-o>w=koTsG?&%rYqUd00zUxRA(^7l%#e?Le-HH!iJ!YyQli%P;Ed#6Q+7wrq7K2C+UiU&yQ>&dMop zJ6U|iL2c_|C(WJP)tUUx@%lLz>0gU%(cES8Cb2lV`C36flq8fvmbFo?J-X_n0rAB8 z`1N!G{lSRp&flR4_L~LCo(z$z8kXZq`PUdI-icBgkWlE8OxolR-)^OD6NvS*$afR9 zX5jmL$c`YZKnr)$LP&ZuMwy^_pWE2B@zZ_=nI+TcQk6`B;Cv{1=&~o2{7n$uV8 zumVXrLy)-wNq)`N{w>@V@w57RO1cWW!?9$v?_)(>l|JBgb=TR+%mc}NG9Z zFNKNu9s1GZoUf(nak0o+ePd|T*~C)w>6OEob8;s9(ROdNw9~naNNR584P8@Tuy=$_ zF*i&htUQ;rJi2A0kiOZw(Jo1ZyW#G)g5A*T2hub3S+l#6H}h6cxeahY`me{1tn)rB zmt~O1e*w5t9ifmj1h)O<)qu?txI?NSHv))lF*;qe2pkg2s`A@jNcYJ@`{Fgq@jXP( zfw3YwMEN_Izms>Ob8@CLi^zBR#W;sx-vJ4SQpf%YP|<^7TMK>@5)1w3z)m(sxW+QV zFp`PWdiLoI44Wr92%@%bg_f{=rfFC&Szq&AA3u~AG{47gb7-yoy{6Bqh~4trjIm|q z1NbY;#l=DPhbCM#>yss7L(H13o8*Mq)-=Ls1N{6Nh&yTWO+9Ws zxnK&}9nTq#^J**sqXjVj1i9F+C>%b!DnvO*n0J1xg}i{|HNPoQZSyY9lS&XmRRDDtlW-Q*)Z9ug;MqS6ug7-hGu&Eu=F6lnOUT=2mSdh5I@hx_(#JJ&XFr_@HU3JjF9%`v zIWzCi&R4B>=hszd7Fz7Lgl76BvZB)hW*!AT8Jiz0u3WjY(Vpx{q@O;=8lLt>^i=S! zJC{!pPR>+7V}Xr`;DK!v&ACKg{c6JcpQ$IwrcaY)HTy)g!)a)qDGc4OO8d(NK)N0A zBX$ee*Q|^pL$}-K_{pJc`^T z134*yt0^3uP4Sb#hzkDoq@Lh0r~oEXWY3HavPd+ycouYa4@Jcp8vLK&>ryv`I-LuCpPE@vUecx)Vm04m3Y|O6s$!k-l z&j;md*T(pba&PwAylK3XlU3k)9A_&K&Sjn<$#{#O4TNS%JZ@*xo~6l~m?W&X8)c;= zH!TT7Ly0O`^5z;P3T`mP{JC%|5{M-2(S@2%yImS0PybKFd;%qCni*UEpkIgs#q8in z@JZSfwyJxZ@o!W2y-zAPiE_G2_SdxnDLiwh)^L`=-m$SU23-;gg%!m!X&MO?Yy`>m zTD6QPZ9nKe=ihSg%%a$3mP0#XC;M7KX9A|{Z3ea^teuJ2g&Q)JIc)nYk5#a5*!Rmv zP2WG3jm^y>`@&B8r9Rv%_HuP4`RoI$FU1+B-<RTCdwn-keV-?*1&ed?3d+g^+Kn zB26Ra()`;k!-7kJl=Q+Jwk(am2%=&?4MYU7W}8>*JWn3w)$dFif8J)Zz)*)TA(=Gc z@IT`_z*wVHc--d-pKmMjF2B#%zxjPzCYA5=O-71SV)MEU80FLd8P5}0C+&9;yn=(zWwGI zgHOoK1J}~gACg1EzWiq9{I3)FQhWwxOYHeC7C)+-uF^f~HA^@=>0fJ5tNS{4WsdG} z?Od>1UA0E**4pjcw^zfDdXG?-FLWD)Y;D~u*KC@#c#})I6~Oq3IhkyfiO+a6?>WRD z1~Q)9v9M|4g7M$;6iIqEN0YYBck0$M_$UN=F;H9=ZIA<1m?9FYfTQ^xX~cCUOBksIhaMdVVN<xlxj>rIDz!|tqPS^6T!GYlrLc&-;X^#mVEm~EHz z-AfFeu}~cs?C1xm27H*GT?dtbGkub#5NuyJA$P+RhAmJ2#s~Tp^CvUDzLQ-UPx^qG z{gU^&14uqZ#>O_TVyK-AGxM{yc)JuoszES0au$fAxo64k{o<96n4MH2N z(s$L@XbV+($kGY=zRrCspU{g5t!De=M!+C&mmsRX^~H7US}Bu(meSMF*S6}MU;gzw zJW++TS$l8tVWgXO5dqKcNg%H~Bk$BlA?4|E>$`jOTMqy?YYM)pviePSUO8kUoN`&V zpeD5sv3Nbg|(HI5ZIf@v>_!GY^2PKLK&DiZ6wY&{(6xX;~kpc!Bfn^ENsZtEPQ4f=3wXV4dRJDfN9O~O8*2m`^ZWkU_IRN?TxOE%Cjp|F-K~wWZ(y_<3ak!3T~WXdR6&;pn!1j{ zu!AUV{ev%mW|_p(=G{I^vV^bJ&AY@YdpspO5y$8-k{dP_=Mr$gBzZ9vdI{+IG^!@` zH|_w$Ab$NZRxWi602^U4)N>jMsVxhYhwBf;1I-&hz|K=_0B~pZW()cn2^IMJi!Y~zuvqm3&GLYI z&pBZe2nsJQseP$9TX71w1ojl> zD0|Ja8(!5w@PxGlLG$`k$vF6r^3ouYsCtza;gN^qvH7K32)lD}Psg%q_^U)fS+ubE)2t#Fdgg+Wb?fG``C-NomM+X%tT1ggNMK* z?c;ho)6WBPSb8JM4Z}G>GOj5xr`MIk7RG;NLkN?Blv-2SnMSRCO+!W`}vsfa?I? zw(~&L(+z4P8-G4HtJJt;B7UKw#3@5}k?w`F4qE=Ns6On`Y?3Xuhlhn_UUXolA*!P5WP#;Ou6yGG4!3K%? z+cbr<&lQ?gfG;*as8DIu~6D_!`>5AK9USba1}u!7TQ?iVBS30Hr{A*%BhQ zh@8$I-)-UUI(!^Qpt@l!^Kk+S$Xq5mGkA$`SK0@kN&?F z4WJJH^*xb>mPkMQ%S-+yZTw0}GBfQ%sq~@a72$8_V8|iF`t2)sHuPgDMzzOlw1s}n zaG2v4FjwuraWU(z3*mqO^pJ;}`_b0wN;`+Rc&SfhJrQotz9Wy)5`C09-F;Rgm|?p0 zd~jKJwjujoGtqP+qh^EbvMXNV@z=8w9sp4Cr?qH*~$OFJqc$LF&~5aW$l? zty9&3aek=2l^K7<<8uqW$ZZ%)T0juBTC>`ZAQoA_QD%|PM=Tp2R)252sBSMXfG$8X z`ke&2?Kbl)=1=iJXE_G67RFBlvQU0G1rbZGsh|Kt+w}b5Vy+~W8k`4w`}8dIMKra5Y3_1AtqB;PK+GTE0{Wh>Ycds2SY z&3@ADKsWk#ED+9YRh8&80fJiN3KVD6^M%jJUm|?&6HfR!i&S-IWyMy&bL*YeJ{GDyvXzrQxvv^;PoE+^c%WM zBLQ)s_PDijL(;hps8B-J{3w3_aUx1d@Hl$>HNpj{y2ATBibDmx5L$`$4zuwA00||q zQbtSrZkGB0H1ai>Y9i^~7mBopll*WcDA+RIRDYXzL+ z{}c<*d02eoInEEoKsDaLepb``=%daD-&=(MuhO-=$%%5IT>J5K)Lr3&BBXl5WVKVh ziG=n-(#rISlZXD56H~%gfn@x9&P}9`doV;DkEKMG&KT877Gd!*0ig`Zw-tx9U(z?e zac{o*y>VHqeevdrfJ_XqEvEJOozSJDqi>fz6jxNQa$`3uUk;Y|JHkthJ^1DbqvxeH;1%y&tl1?6rj;29e4$kekW zupvG&FD}`WTmlSEvxaBmm-eSO20jdj>Qs`}4`|jEE*e{aYd`A;&fETzF`U~j=SB0) zaVX3C=vvRH=wq;S+c^<~Q#`lh+T{#VMMb{d&#ZhBuQsX@8NGp8}DZxBn*S z@5j2MKcEhh4*M(B2Q%~6bd^>;kBjOR92tNrL|xZWn}K{rst;O&Ju^8^>cU-K{84@x z7S-MRlOgvu%B}d<0!H52`|J+*AZ|Ynh@zFPLIm;St29rk5`O-lG*as&3D48Rb=bOZ z34KXZJ%&c^)+F_fv!16vC7x_4iSb=os^E6)^y7tt-A6=WFddZ;3@kLphWW=s)zTAM zV%RH4!Cx1j>rpw4TFg8#Qa=ARivENVYcqg2d0^zHN*+#@nmUF|_K5HxD|`I_kW?~^ zIpoJe)F%IUi0euNTO3S)cd}nY}yItkX+iHL$XtJhzSey z+hxxF!v1xCf)MR>MN=pGk7*INXd6_py(^|(p1KV!XwqBKmv$net5?#{P&$@quv+nS z8i)zB-6I!K(|(DpEP}WF;t{|G_w)inRd*B#4>XKG_Xj39+f;#*-Ft!X6A{j>i&Lk{ z`TjYRt7l3$Zd56C)Nd>uYUqwi3=e--sx-f`dguH1P!;(6+op{;croP%umS4z1+*EZ1hWdefa?zGq|Lw8U&vzv zMcl-=?$SUkKm9gW3+w!I6!h!TeE5^MO88;|{jP$gRIiP#du2_L&)d&Ik6nW!W(8B@ zI^|mnt4Z(D+z*^@3jcCjhP6SRX~UN@WAZ9>d+TX(fYLmLhG9%50`E|q`ZsvZK?m9Oy#=|m9;n%x(S~)&M~Y}# z{Qa?oJDDx>jRNNt;V9i0bULmirkl=p;#)x%Z-)lfX_Rd2%qw8vOGe+CG;AX+ntN(VM}CCCY+a+{T|x35aB*n-4+D7NhUH7 z9q(cE&1}zk3O6j-XL{=blL^ZxV`8Xn3H+0tIvlze*lM(#^U*iFsP55QCWfRNKPk~fXT{7mts1ZagYgZY1eix8uWyg1qu_t{5 zmh~B@dhsew^NR#o^PkpI$2xNF&VLUt%)MEtrx5osTz18MVL-spE3PvtF~qhiAZi!K zMyxp7--%ZYfF`}`#o9{w`7IIaJ4kY5xi14NT`yqbNr2b(9_C*h%u_9G9Qw3UUkrUZ zxV! zKJq$2r=Yh)EKr??BX0JwX0Wr}x~LyPG4cS`P!+Pu!__OSAh?qrvL>#rm zV}wJfpa%`;2S2|BA}9W@C!k^Y$zzF-a)mmj?p3yE^m~HZuu(KZ^gL{6qu#=tWOP~7 zfhlFjcEoHh1l{~h%Nf;`)vZsL%ZjhHt6plbt6x%$`esuVF4&4OBO?p|Ehw1|BeH~$%r`Oa+Wlj;1BA<2dwZ%qeGathm zh(kNlG?UWDM=8*Uc7a{WrnNzwDA=xe_SuzJ?1e60sb4%R*j3pC4Yd+&vj#L-1f}*yFyB%KFsO|J^V}WVXWC zgSVVkDy=Jfbyj;{JPxC#69C(J&iInj$iTht@1YIz%B4}27zvBpMG*{Y5F+L=RFwWBh0?$R~bp*fBX;? zK32ykf`&!j5B?wBIU-!+o->U-@6rT9pC-9CMfRi+5D}A7rOWs`4Qw{!N`E_(PP#o! zWU$G`Y26~#SM!t4C9Z03)05V%KFl1FRv~krUEWWAjHIgVa!nwumW6*INq)E#*G)=` zjS$@z!-vfH`AWtg4um~VSb9?ROXa9snN@Sta^JWtUB8Tsa;NK5Ne`_8?nQ05eO~QQ z&~lD@wf$wfY>ujhCwV?4&N)o^DvlWxWK_`#goN40--?S8qOUu5Pu}IAh06t%KW-oG zREL}90`qk`7_6vRvFgMmFV;w!QI++*dIXBKs-2$GlUauQ5Y06mu2lx}T_F$hH zebGN@>(5Hr#*hugS!0ihaF2H+ylJmkiqHwjtCRQ5erg!Lw;)Y!U;Ac2!RRj+VD-D` zwKg8s>{u@uh5^Q^4iGln4(;WKmXa&k59&HUHedTkn# z&psemJhV$6lA)oNQ};RjM5(VWQLzXVC zdx)*3sK5g+>)|KW^rh3LuaHH`_&quJ&GoCarR~fxXP(8E68E>y{Wm^(H`}Y$q*?rb z?0t7Q)_wcGt|*eoPG%+9gzQl&WklKY5|t1__Pi=3vs+P_N%r1*7E&R}-ek|q9v6P+ zNA=wI_qlU_pWnaV<9UwbIgb0NuFv~?pYQX1j@LQfBjZi(!!H!d+>g71eE zh;6SN{`8_&dA5ktz^3D7Q+GG+z8!p(@7yDrsi$@wu`d`G+N=1j^^p6> zK}=|o`)KA$?yZJ2;_=)UR; zwPO4Q_}kYhs9uv7!Oe!{X=UD|# zrWL2D)B-F&IEmhNE?Fs^rK(7hH&Hz2DZ`47pTQArruai#+%Ow$mOf0q9wHCz8j>zp zFI7YF|7;Q!awsmS{O)WXMt3uX=sC_tX;vOF3)5xlXe0QgANibA*N}?k9wxsRy5AfT zPVnheO!|#tDxMHRV-9R8b{lehTZ7tXB)+p(PcF4&Oe3-tzu`$Gn-ZV>r zN0M$R#caEN_9{ZeS@i_7r_hDDI9529J*XpOj{SA@*asVt9BR(XAHA@lH0gCRE%GOj zQ!63rcAizm_7}a|mLB}npnsUxy(z1NyU7{UDF2?>Z1a=>DuXoA8qR}v9ASsw3P9)3 zdEjw*C}Mo}W%y*TNUmeY&?{d2zM@S8^~rq<+$Qd~uNfD-LJsc=7vz13SaztuzjETK zYk!36T!d?c-N*X{BSET|9}N$5Xw7h28$Fwv%j)Ts4}p27;^FEIe@mIp zbmcSX+RS$b0@Q$?im_h)QFfRl{0#E9H-uBR;>+pxf+iCY)C<+scN63;=Lyv;%T6jb z2-XNsMsB|}+$!ACHy`9udCC+L1jR%J9e*8^E}+5X-KNj+P~Fma2%)8-9VPAD|Egg2 ziN6;yuk^mBYK@@yZ1}0hULPDCVug&(P z48A!;Vqe=I!c_aEVZ+#QmclD$KPkx+FU}hDz1zlMLX?w^;OA0iI+{|62|Dql@#{PY zM{@vBRm$%hB-$aa4izX-DpcmM^2}=zeQzFDu$d`pkjj@32ZDBgpP z<44%46&ghgT^}5Mf-J}k3sSxwy)6$5CcFwkv=Ze3Sn#^)^XD9h9?O;G2eM!4z<(z$ z35)M6_#w0+rqR+j%p)&PW!aRi-d9-9-MKa7wE?h#>;tAEB2a?HL9!@1BZ#K_wsy%> zH; zn_gkuXc2gH*7?odu0*za|4AN?CdbEjC3h%!nNy+cktr24`+ah-`9;mAM)8|pjp=r- z4?FBkZNkLClF82`-+_Y-I6(~->qfMKS-3p1n{UFx@QrIHnLUHE9-Tti54!h!KX$2W zs90K(zDlR`j%5iJ-Viuq8gUv9_9-VOO0tM$#_@Y$RVa^y#pRMgTyUXIR5fhO1=*NE zBU`Z%Y)s?JCc=kw8INt56qkutW1Z#Fhm`KVa**m#Em)Wjo~EFS<~bIp97dh2k>=gn z8bahha1v!oO)KEp($+?^u`(Mt5)$%Kz{Nha?G2=Df&Fh~_&tUA_{aoqefACr2)J!( z`sC50M+wQvoUR*Si+5t)-T4?HQ^O2u1vqIW&4tvW2tW%_OHX*^60VK|?skc0&NWxPol2M57# zZME=vQuDQZG33U+Mxn$VX8dL%BWcHG0~;C|{=n04b1TKuASfY$sj@)i{K*XacMSzw z4Ydb8=@j0u$Bley_}oRFx^pn6neR3Z9UZDAl~PSuENSr_O7eY}ar(;{R&wUMD9~_{ zjIjp@4TCv`#en?pXv57%{@78ErKq9W{66)(>JR}>b*_ml1s_09 zX_Cc ztYEG}o=PLz-69BT+(;{&iNJP08vRt(E)O30IhxN=G~4SDytP#X3!e<~_YkQm^grB_ z0>1VQn&*he{V>>-^=wLXW#y$R?J~j}7y1$R!rm^qMpIv3KfKiDx=`Hd{g^DG6P2Ac zj~$*1Cm-JyQ7$ksRRWIOV*t|D^Lq!Hl`NrH@1Ddbf4YkP%9iRpp=ttMtjU$v5(o zLqbBT9I#`Rj~?wCNKQ0+>h!~+)DT2=l!%wD4S|AxM*Z0@zkGhmFa6RQvYV$DFpr}; z$-$vXQ(5=D63NtNV6Q{{0;z5w^doePn!YX)2@2KZ0c<6gd+u9vV+~dMmcI{+ni#mf zTcwlb>#G|%m-Ue`)n9FFQ+uj4iTl(soc zKVM+X9V#H%yO<@Abo#|*!soKDX{+S#Yt%XLdk5o692Z~rq<>_wIEY*yW|c5hqh$w0 zU%@nuS2b^#^zmM7lC2p8m3{kE>!vS+((;(wT6yoW>LDdE)7dSy^ZdTxNd!rqs3S?qT=-ZfV5Rklo$$Bw3JlOwK*`p9V_Ox*#>2kO;i z8sr6Zo6}>Jbq9*!6*GkROZcr;Jx9?SO~(oRVi#_`7f&azn!kY>-u~!I`x-Mr3IbJ@o+|{D(@C z7e6H*t_T%3v6rxEw1}k{mPfIZpJMk^PjR?6CXdH?L0?V&GAgQcysW*aMfGbgMd@vO z6Bk_XBv1I*^vrR-SX4~lk$d0!pXXJ5M+8EKIUm(%)klL~t9<9R#2wjnqyFV?>Ix(8!wl>%`XsBv_+b1R>NzQwJ25(i=kSs>#4IAn&zLa4lsG+J5(_p!;6?`W!^Ar1Ae^I^lWT|qn z?FSk^yOs;dgJ4TI#U57@J=c|KPwIYCgD6c{=*o!<>)Nu_`BY$~?}%bxU)j2Z;STMu zCs4{#jf%Gwg*y|{USWP=Apa0n__z!ZH-eASbQpOMui9t@iGH9dr|!zzON zFi(gT#XNqye~PoiX9H4@%d8$(y%#-tf80Xx@$e(cjTCyy23mKFR!4JE9IUjfa^!aHk`; ze6CkwEmYcE2R9=GA=7l+N7&m_eN4RYbb!ZNU5pn27g|K1ciAU9yOt%jQZ! zzc~qr4@#z&GS4dHAsZvR6kU<6yZm0*a^pgD*3AWz_u>Y2R}Lhrk;BjBX~228mt3L` z+B!c#hZO#(hD}8tZ?fL1&dy~7?j zwr!RfT!-ZGHn%yet+crXf6{K7_q2QW?#0$Adq_#GW0k44aD5(Qq=Tf=bCI{r%*2cW zQoHiX4L`?din!^>rMRu8VY$0o@UI;MFEZ%jshA?vW#ruuN&fMOjG%~g1CI{VD$N#) zs1D@(c0|kOM21BpW>tE7UFP})Ta%nx7qr9m01Xp%M7*9-VMg<2o}_P&-6b?1FKKWb zRUf?-d(RF6mHwBAk2&&y#Zx`ZE#C|{LrG9WQL#Rw)E6kdwoop0vR7+Qiib-N0rtzg zz#3hTjZLo&>1Fhmn89|DW*~k+5MJwS`KUfNFlzhjrBlh@c!&^(sYnnUr`SwRvm_rG z8~Op#Sr3jg(_^7uToDbz$*VQoUP&}wh{OsAePHg>3G!yA1Ge23Hof{@Hg_8+v^W)pF2~%Hfk( zs}98NE!T(Q^Z~e9cEh{ z^)5yWX=&}vEk{c?A9x+;3O#D9VWP_w*?fePy3ywuO@qAl@W-FwGIFA%82t_B!EE6k zO|8$LfkJnd6j#Ak4&<-+G4TmgdbaL08W14j6VgNYVm~c$7^Ril zY|aVlp&}DMiK=4V-}gmLsCxYSR*SBo!0qqS?<1s(N4;$zQyP`a0e3z*B7cUT0QdOg z%kw-x1rAnHvB&i2mtvKLdv$3YYI0gvD~|H;Y|!sR(1SfFVCLs(v07=nb6w-jVn);N9BzI^Hvxtk6=WrL0@&ePmUkMV2oSuq2l=!`RBfb!%jU7%yAAYtXIDK&_ZoNfhDePRPK zl2SN6tXScZ@I56uWCvVDPT}cg%%-Fpw!F+%&Y_Zu*IHgWbN`Q_ea|`p z^=p(IRg@zO={(gotN|(@KQ%X_?!YQ(aNU8TpN<&FvWye{p~dCeK97x2ugXrH(7{0W zg|G7m?@;cj1HMC;(*4du0>bo%u8T4{(BI`@m0`{Wl^LHWM8WfUl#U|K7CbY28y3Du zyw;q6fa9$a5Ku?q7DtC-n6}keRP5Gn^15R#W9>$=p6LdxF6`~;k;Bh|_-boz@9dMf zxVYmrBI`xQ(aKS+hs~MFIB7OBygNZRB$Y<$T0cQ;$;O^P_2O6j0UGAMOk*Wx^?Sa% z#>>RqLjJAQ`WNcgHB@)(0OmMBQ4wj4w4R6ZfUtOH=nyG=;N)Qz8Rj9N*rWs_7d&h0 z@4D1%25jduz+6LV4Kdg*{*1xrDLmHXo*fx^xN^Wy-LJJm9qerqDvLdfeeQ`BPH=ty zqrtw?;jG)HW}ionse$u{$PFyZEQcy}+lzJBwh?(4Tq393oBR_yXrZQcyQAr%po)u* zIFj6h0vuQ67UIer6!UrqT9BnI5%B;}fSOPWo+T1OoQvk^{8b7f*X5cGBTY@^lF?k6 z_a(37EGsVs{8|nKEb*{NyEN_gLfGSc7Awm;-lSzqtbe(&MWoBM@nv?aj(Xw(t&1^+ zSbUq~p!TG6z?uh2=@02u-k4!cL|ddGo_>!TR&wNlBw^cJK_i~&eAq_e*bG2%w&y{2D!Mh{SUUcc!wtYilXUd8EpN)-!@nY)vT6wpD_M+?gW(fVAsNCd2#0J9xEfC z-b6=BHBbHi(!-F7? z*=yc}hBvdVl1_p)D8#oc7!O$$_Q078)6EbJsU7!R%G_QbaIDpJk1;amQ0s97bue-@Z?dT+wP2uT%BpP{-0yj%ycU_i7Q3 zH2UtJDaxG-LJ)| zII-*Gqp%@T>BUhh?VCUd)8+?sb#d=i+L_|UK9+H zPDP*jvy&+w@laao*Uu1v*j?kD8whmelG^OxeO}rizc0gmG{2X6d-$El)#Xrt z>lvR=?P4$RA3bH9@kk5jGjYw{(Gg!3yLHilpZr`5J?R^f~ox<)2sC z>~cSLG_TeHFzAf$s??1Es>-29O(F)FRKI-{Foahs$SyqqehA(>O9Gcf75FjyjcZ#A z0zYA)W5ACruDMcOD_>>Tc>(N)n84thM}`j>Mz~K*tU7qiZD1d@>FbBAA3SH61ZE#` zMjQPq%5mSD5CrR7>8!`QYJOEhPJvR@Q@^gXjKzUF?Rmmw9K$+eVpW5{q$`$y>2h%O&*mQ3t8C=BC*^W~Ap&cOQm>9T&OC|gUdz_n z_}-kEo@`#lSvpm;LOoMDx!$Pc=+`jbY+OH~Iv5LJuYvtqECpk&KmONK5bD&VC9nsh zB=_$hoXp=mmNzS^k}%sslOABJ$t`~~)#n!^4Z5&DLq@qzMxyY#Ns61hTuNV&!$Z~% zs>!zm0x_kr?47z{Z>BY+PnKJn-KhYV1UC4QqkkzOC4Ap;8D;`FRE4t?0ax$iX^3sS zL41er7a(N_$Cv)PApXQCkz3gowN20T29zCHn z^)*9RJv|;!J9rptNRJ$0d-=)y3K)VB9m~pLGDrJQk>|+FhXUT|3O3B#2?T`B`#ZWR zUFUQ>y(;ZaX!OG@033UwHg0Nm+&3+g9`v=FBiV=h_ z)5PQMH&UNpwE$N4Rt~+d=r=q_!X#!S1fy2}c$kSec(wYmq%{Joc&8BG_Xzo%*fT&( z?c~9Ik9*kj)`{ZM))KCB)S;#b{*US1D&cN~jO3qD$zO@U93cGG)^iM*D*X=&+wFwq0=q^Zju6W1QLY%ddz?91a_ zwqv5#HURwnAk+F1_Myje1Lwu9&-;h8-41+1V7WVljuCYiqtrz0;5=1LtPs$47Z&Y7 zu~D|?ZOBNJyP+lKzQ?t@^cx~smM?R62O>vm9B%2dP>$!CiQKh=BvAhsXJXJO31NFA6>JTA%03>|qDM zOWx_h^B>CO_q^=Cjk&=F9q-t7Vnc}XICt1Z1RIo3pc7DrgK(ON%iZ-9cC3<{@*N*0 z$+^YDlTdx|YFQUi%}GcAu5S74rV7L`50q3-|BW$!iV)^}|7`i@g2H936!-dG< zVB`tGVL8|G(g}3iM^)j}oz%<>o#gNI4{3n$=^<1KamsvrMNE@kS8T<3MA z10x?i4rHOMNGe>`7lUTHyUbbK|zW8D!9_Y zS>hWlBMaACV6jvA;59*@`a&2Ero`^suBro8u;HG2b#%rb0zd_wq0gok*ezi_wXeB6 zKkQH~1Znek$V4(B3&QsB&olTNX)-nVK1>e-)$hIc?y8XqlulLtFCE8f;n{s&cbb_bv} z5uSZgUtDCQtZB8lNJ6R6)cch(Tdd0n8{VLm>8KH2a#v%YX8a9=otMHujyqwRZw?Uv zt*OT+{=^3V&eyy2JDEw)l>t5alB`GS!J8nyqEA1XYM}RZ>6bi%dYISyPvrR{LEelM znRLl^A|xBk&js_mYCDo%VyMm)E@^RYrFbX4G1L8t+Z%(a^SAhZ03mv}BUe2+_kNuL z+fy9rE&KS8QqrTMq9Vu5oAK4ApGK9;=!KEnAu|mdZ82y}b#w(W99ppXQ8M}aPhygY zP7EX?$sX-dmv;(RXsS4p6Dom#ryd|hxRv$;Y=B1ziAp>C!^I;@@RqTe>Zh@Cy8Bfe z&7iNBMbT=7c8eS$fg><?&d_+loP}-OS1_8%z;#8c0d{e3KkG z{SRp%vJmsnPap=Vwu5UoiGaG$LkwciV_LN2JO33$sk2YMX%49g9*w#dT&Q@h3k42i zE{Wk1{%IbtD%gD-<&f>vqGCI<F79IyQnygNv>EIMwMdA#-^DPOB?WUZp&+2Vh)2%bxegNB_sH$q`APKNZ`Lo{t>cM`x1RH z$=_>F+-+%Yrf_p}JKk3}>tA+KJCsagA6+!_YR_L%VPYO= z)YsQHb#~Hmb8|QK_DYd|p<{SY=ccUDns^13ix_@$hWuVExKsX`pOGxwzpeY@Ph@xq z0;ozRW@ZAuixWZRgdXdj6q7SE0rld`)d3M3#*LWXF|jX4-8SniwI1(e{;kOPeWE#mIWZ;rmL%0+$EhKbDd4makWVi z!k3ScSmj_#x^u1o;Z+Gpd27G(5f2=1BbcxaS)@D;*ACpVbq4zP$cb?R?S^1NM z+53Of({vCKAzOMJ*ge1FC|+&n=X*ptOYb=L6O>g3dy?rUx=Pjlj@ zGkV-I@7@@*&7A45@Zy-Dqa$X)tgpX2i}5ZxplO2CRNm0EAECO?mst$WqGq;X0WS-8Hx?02zrPY8r5jvux=6{xtLdQ*~V` zmf?2|ruWUY9c>V~+b`3-@FClJVY=KKgBiGOX6hdo7m~v(>xSqsuZjv8^ua|2xUK7s z)xK@-*Pz2-yg9!1J^}HY#Kdt;x$*>aLaCe*1z z{ZYWA$Lgi-m9gxmFJCCRxh(?d6y=iDpv;t;=pd;a8f|rugyg+wJdb}eI_qSdQW*8Z zXruJV9}jcS8>ixb1xGnJiRdB1T9XMg)G#;>953El z&qJUR+}5B&^FNvUr@r7j#^*emJl&OF8z8BVjh&ngQ0lUmQ!sZC6g<<6*iH<*VnVVk z*H;;-CE{=qSCib}vz9Gx-1O#xS40Ng(W5cZ(JT)$u6;Sh`YjwJt3J2;el0uL@hf~U zcD3Uj+4kt_0T=>U7h!Z)~!v)Q$L$Un! z=5!QI0K*;ANwP9|m%S}=o-*|ZAe&@Yd)fC^ZCJXPz^%qe24Wf>KN!yUM??mB_zht$ z=q^w*06$>9=GKQi*lFHI{Eid-ColhW^7`>nm+{OU9SbrhTV{HShs32FMP^(UwQCPK zBYB>udoY964^2{`E(x6{Hc}r(140fnZm1lpK2}_Neu;SjB;}P=G=Un#R>@Trk9Nf* z;x4{+Tr{+@vbxie#X94@`l?{-G3f~6+$%~~Zz0tt7;B<~2kHGVWe==dV&iL^ z;(4F2DukRjF);y6{^d*msVZyJqL&r#L06u%9Bt@CB13;EUDjPhCP5T)V>J1@%VcY6 zrs?GJY81MJ`_bb`VmZ?F9eJ4|JRx_uwS@$7+zw~CwE1{Lc=UG+*|%?$bv#;i`Ox{m z!3j1@8y#bU21UIgnSnFI8vmn1(Y0;0FUnmUa&mIyWK{(Ocig~?iZ3!Ai%U!Ib9p_kh8LPybD_&hGKe*7 zZ5J-#DG+kLBhhe1FzahQjMcF+aA*WdD)3Ci?^je|#0<`8!t4)ki>|!t?ZPb+>^EES zH>ok%5)`yMNJpI7>-=KQ5Z=fmZKb$Ht*jfDKfe-)hxNdm>Sx5|2%KyzhRyYg-*J0} zbdjaJ-as7k-#HbSZ-g*9H99)Fz0A!;qTI>cb;?%SJ1(RZ&Q3|m{{Rw$K}FWj8-NvW zi(q2oHXu`Y!Qns>fLtk`pF*)z%X4!fh38NECF#`i*fY{?0%rbu`S`|~m+2|Egh*PZkA+%9J)V?j(A$kbi#;W4mU>46)Gz~Wlnnp)4K z=3P&L$0$&u6l2qpWW=L6wP9$di`Vz3KxL}GzkdMBXYF)uHc8MU>M$*=kO+_H{Y$$ON(5QMHDzQF{;{_ux~qV!5BMOoq4;KI(m<)I)F+jt618!i5QbGUOF>baX!TVZyb01Ena?WmwSpVbmlf z{=u)lz@uW2`C>(Z2sE|1FdMj3k6X7+RA;)b&EK}NViJ9nk(OpDKXIBJBLU&-aA9$) z#vxeI<`mton8(X&m=mtSuB3+!)vPZ~4z(6D`ZD#Ep6QIQ_a|BTg1m}Dyl9WP9_Zp4CYW=h3O=slF`D17 z@rQ_-(wy3t;q2mKJXGV4Z8blY-ttVxK%PT-(o#q$5sn>B_=ml z2#ha5MpmbqUAzul$d>7=dI!K7Ui*R%{TIKzDtl1RD4+@R-Me?z{S}z@B0FbV!T9|XED1wyUye|lE;rw2o@Y$h&2AJ1k1cm^cAGPVe zxJ)Xipx{#N%kju9=tGCx4=-MfG2i;4%X*KV}>4Kz&lUB*i;EYt?5 zc~i}19f@iBj#FJp1swd_dRW9RdW!7SgP-@!2ygOTR1rH}m@Wrn1)VaXDKO>ewzG1{ za3~Zc`@NGpG1JlJ_BrBhfD~%Zv5m^%t(k=>T@yWnpV-w)?1cj(U5q|fZrf!v_Xf}J zNg3MIZh9-yo*BR)u^#%sZLi!EFw|%oS$zOAMie z=7{80Q``gDceVN+M;Mi4Ad_Q>A`S+IYaDjMY1iy4I2bcue$)RbQLCeA z)AxCN8cV~paq;@vGa^IQ6(+0wDaNU6iK8j1FO=4<`mk?Bz4%J__8K#hAqm7CE9K+3 zsu@khVO(CehgK?kg{w{o-Xlws8vV0&V^@4$g$k1h4J~v=94PwPb>mHUYq?~T$Ua7o zjaOk84+d^+4yHTIO7f8#h*7U*+CLF%J)|nv=Td^FfnC|Z|MA6h2F6~IKDB#7$aRv{ z@XX)H@oNmTAi4P=a?nBny?Z!C?|(U@HT32lKPCwDgS?T=RT5C3Eq52VcN3lO7YsR2 zTGex^vz1#x_R3;c4JXGcu4ZvI-=s-#s%&zs<_{8m*7HVQ5@mgF?)EJc7d>mNDgU~6 z)sWsJgB-KVe!ZfTV{4pHq}^(H-D$1Q(~c}b2+mn& zvS8^-E{L+4Lj}$hN$I#e{+NAyE(v$>2cML|{wK%q+Q(d;32_YGFvTV`-l>bl*o+K7?Wsr|Mqu2Le?KZe)pf!hd+$t+|I z4b|aHQa^}&ZWG?;2*|9c4xea)Rmz&L-N}JuUe}EVk?H3bSQ%s;Q}9}`tyj%%PmMjI ztTi{c;Q40Xws$h%=p9ZIykspoa#WbK!^O+u_th7#pB6!63hc*&O*d>=pNKFuw~pGX zrMbB;1WC7V-}VMj$J&1s8mWHvk^V2h{!=GJV>U)gX2SS|)ek0RG*|o7uz0OEN7Dlw z%CYlflI_wXme+=$WV5!XbVUYNU0Y_|z4hF=r)eMoWIjNsE)ymS*j0PBkLf1|I9RZg zwl!5I8G985Xf8aluW+94;09w+IR23Jgn8lAeP|zv75pfKf9=Fm{ER~+OSLY2cP+UL zN<^r+w8*BXr<=ZgJK-7pMv9$P8tl>9cxm%(=H-G)NgH5(kYdLh7ddR=2>)6 zZ*MM0d-rY)K*wIXBUN>OQ-A-L4~MSQy{&$F4eMBp#m@+^^O$$3qb+w@x`5@)?>-tR zom-fZH#nma^G>C%J2`}xmdGmN)Y}}l(XydOB>^-^VpnN7I{q-f$9?(I)JKIYf!nwh zVaf@Q?XEN~{8pdJEMu<^0aSDH_DS+(0aBrJTIS*gd^|^vcbHBJpo>%c9o|H$;VSt7 ze0@efHaYoZq{h3iY~(ZIZnJm>PkBNKD!Ya-g$Q84A&-A#fxJyP{`gf3uzN-bW-vgB z`P|&ydvugD)4eHEJ-|$|d^zc{|sS|SOEZhG! zEhTA<}^|z2-;Vdn^dgOOoL-?ff25E`~UmRXZ^5)jf zd+)I^MH-XHDjJZK`~IrlMT9BZWVEy*w0qt54>_bu3Q+Ut(JF*+vEygx=;%N}Vl)6f zNXwv#6zKPPZ94W}X`)?_VN58+rE^+<;q;ZcdEvE=mTzXa7r1%k!!bt? z@kYrNy>9o$qSb*O2-g5?X@GWzYA@9kxO5M7w*Ct8=RrBaSWaYM{!(&1cI(a`?f;$36xVz(7`i_zrP3x zNitb`TgQwE%WW1mv5Su)np&H*Tf`K1jxG2wG>-Yen}sy6MX|z2-C2 zkmkjt5FaF21guuMWc_PP=B>4GtxTf}ieYECb#!%!Ye~<5_vy|zsiXmED2SrE=)7Xj z!@8{gD*JZX7c-v|2BK|fJp{KO(3$eP?@BXGbv1MB6r*tX7m=gJutRv>%S1eqQ#)y3 zBhRH*zz5cb57-D`q>H5e0G+_0^+xWRq5G{Ll5Ac0P zj(_Av09#S2pD>(F-BiK+o10!e=_8F%Oo(0m`js4XjD7h>(@Ad5{}_>Y`C7)BCgnSA z6$XPrV7WWpS(01hXm`eU@0Oarw(?j0(X%5!sw_yHX=f*k9np+nBp&(f2Sb0Vb4;7x zK!_X~8hT9Bov&l<acI9Y>mdh#`4>ae1>44uIYh&`Fsvp zLI5mj7hWIqD{qPX@;7YutRTXF^!V{{=qIl1%r)1Xf~dx_3^Fc`(>1qEEdn3a+;T^L z3dy19%B?Z+c8d7amrT5(E>{QID+!3H{pclMPPy+SE|)KO%G?AY=9n~JoB{{(X8B`{ z->tZFVd-TJ7q33t+}z9rzO@%SSh-HSkk+o(7ax#240j@PN1Ia~0BwHWX0bnLO<=Hv zSBm{seJB;8Uty9<%>HLR>9BZJ4Lf^2$Z?@Xs#ox3kSWEdk9M z3xdT~HlH5&zBNK0j+W;)zqX*kGuFG6%irOM1z6NOO>v*(@6R zOP>fq|Mb@RjA7j)<}Yn_wOC)lVbPdJOvr-=51N{rRojWoyVBgS5lpyac{AOkB2`~S z^z#s}awhHznXos#*WXT~#rrkRe|LCCO39CHnZdLLK7Ue!xZQjjr|K`j^i|5m*6 z)EqN-^&tQ*USvD6gka`YePyf5fsBD9y7qEEfclZn%0c90?SG0>#@(rYPF_87(CyO4 zTwCDk0J!f=smdBFzCR>H1Xhl2%fFOjj*B|a%RX+ZUI&%-!>By_Wo32~Xc*EHaOgTXP1VcOUB%V~C33AD zB#JD}CGt%jqJxSa8Iirt%%D&>uTQ`!CHO|V9$?vbYxi(m6T|HXE%mH zEgLlE&l{6N)kJ2HG0`(-1oL~7pD(=3IOZQ8)kUFf)uG-_mAo2Eulf>y@0+rjxj>|9 zL54Y~hroDMWuW%EW96V`R#(eBfq-#!R>RBQRy{)9`j`Ae1(nH7a)(-5h)SGu2o?Wh zxIs;k87e2xb%B?)4DXR~b{ysu4dPpqf^_utl@LUG6=VzB&x{B3xD*+ql|AmQEX!?I z$Q&eL;P4wltYYq|rw`xK(M>=Wnm;Z#_q>U&?dR|gYN$4^e$&AX=2(v~`AXQC)VT>B(4DV*Wdw$PDSJk*=D9Kj7 zsPzJV4d|`3AQ|-qOio824xn5JobdBYaf0x(fhS>cgvm_!ns z>Yf;~W66F)NkT@&m@!e{A!91Q|7Ki+aUx=lP=RGNASiIZJ%V;o4U(cvz&U2eUnj6MFv z$B7sBX9iKxyWJRQYP)3;%%K!hF-5+l zTg+W+%RGnbfa0!?_SThIt?E+QiwdAi!JJga zl5dYg*Pnx?@`dD=Jspg*#miMb4cG6YF2L*B&eViA5KY{*sS1PP;A&gl*|*CFcbtzQ za>u(pBLz#n@ilghj=W_PZ`6@4@1fHAoeCzE2SAlj`#lB57Z8RP6zIVi;oS(7c`f$m zT!m-cQ0h2aG|}zjXQ6@+0K*sYG`5`0E(}A0fg?S>>9?Ew=@31?U^qFm7hA2%=x4*^ z^opKfrAsr4hS)@zQz2sCPVNwgWSh!sHAF<=JnGg8ca3x4gk-AmBelwpTds}|-DKD% z;T4s}X_pV&o(1fYGTlTR+sJ`A36U0VNig`zA; zEB+wx1%pGXX!7$lG#G)Vc@esQC?7{?3K}BxaNJhSG?i<6IHGkrUBJMplB4#}l}n9E zhy*|x?vek^lR?b1AE88nrEPb)z3tS@1bgCON5r&sWuos8Ox92+>bc|W4BpBbMl3^Q|xId7X=`e{d4WIA4fF`yEhR}4frjX70$ z5K(x06~xV7|Eg*z0vvoJ`KQ8tvX`Eoq%~}wBk+P1RG4c+FHxNuPYO~AKxa{MbJx-o zaERn8_75TOA7WVip*iGhJC#r@IJBHfJu3fDCXa_9B3w0eMcuaC5t|?wQ~F$SxQY&h zFsZ3VcUSx$q{bcJl`k^NKnLll`+5rIKmK=woX$uC@>q^M4i3|1s^l zEe#XBV@J(dvw6%g{WXPF6kcT`}IxCY(tee?Vq-L()89A}x5u0l7GI_2q z)|bj9X*+)_xm9yg18vbkd7e^O5PG1V%iyt`BR}`ybcf05XWNBLjx}}P>plxKN_;AH zjkF!Xd$v)QHo3B<&lfJxXRB|pW4w|GaN&ueA0H4P9@OojV5QxCv8POX%4r*wdDW4o zbio6wqR(p5w0>D=^IhW=(C;b_Jkfq_o+DIW;uf#5!oRr`;~6DjI_2}rLTBvQ`@cKOKmJ6BaJAZzIX+DiKYsI*I6s(Be)I9~l-JL2 zp6tU*8Jh#G+zyiDE-owTdQO_74;`08*~B(EjNNjPacgfO-Nl(2k(rhQ`ODZ?iq?PZ zSv`n49&umDrRKTg=*=tTbbI6FkQ9Rs)ZrS_hAcKy`F8KpmWTtbS1$nMS-qe_Dr~PD?W2v}{acN8O z4JJ+Zt(PoLs(RHT$=V=gY7p*JRgx6BLbgLh0_^Z6nv7N(YD5nGlLPeB2163&@P3+; z3DE87MAO&>(%FC)QKhE>LWNS}R!Vm!T~!13IqbL9rQxZ7*0GC`f0L5G+=efwF)hkc zM}>O}#g=FLq|=0Qa&xPxXt)BZYZ;}|tV?zvwQ7I?ISd-rC7>%aCDX|X>0d`q=yzO| zX~u`f91>~wgtP_ywV-ES85104eDKe|BaIu|k{Sc60L9ddj#}*c3HUn6;Y(=@xT@5Z zfQ|3T1HKAZs+=d28}2b&mo2)5Aa>uOpqewvOy9q@BBvrx_|50^_f6gOwh_PyA*ir?3p&dqSU;#+JcjjVMXLP$=t`AzJs4B zMuhGidVl~#GEzX#e3P8IATj{PI`85?NFKAwvx<1DBJndTQ%U1JX6R6mj9$C7uVzdu zJF`hBkxrh9dQE3_&>8CdPP?}3LX`)+B(b3Kh|Y#*?)@Wf>};RgYj*Xrfv?Sj1u?hI zKtC*5!ebd2>@E3-A4(I9Ve|mq@t3v4NHc0d2@OC?Z*|d_43c(KD3yvv{ ztBG;Xv!~w13=L)nSbfwx$)ci+i9X8}o#OnF&Q}J?`MJdZHysC)@@?8V)+WEC>ro}X z)FXCX6HkWGGLlM()?48-j?J7Qf;$Aq%a9k*tq1#Yd#fv7H$E(a)K3L4^JRfTW7yRy ze82dbz5udR-qGmcSvD^*5>Dai1`C#`qOG*{p02j%>n9zq`1O@fgvTM>%tKVC_NRQT zOkQ4Ird?Ox+HxGlO6@`IM~oZQ-;LY<5O<6o^thpyR#u=q1U=PRD!y-h!z<0EX<(2t z(`ZTc@J5)LmG1kjYB^!k)6HZFfif;~a*7iZ9Gm%WRS${yt^Xf;Zyt{2+Wikpq_j&V zL&i!7NivVOvZDx=6RmS`(3B%dG>cd?EQRy z$ML@ZyuZIZ$FsYy>%7*v&b8LL)@OZI&!?fGp_A^(50XXm5dQS5+a0ab zM9*|Tv3|hy;fz)nS~}~=J32aQn>s_iR({YZRPP;Qq<$P48v5d_jmhPqp~ndc38>Z2 zJ?R;j>cKWPq7j6Tar+lOMrq$R=lJA1iRC#QfGjVdKCy3E+`gENrSlpm(ZRoP(0*;Y zRQ6nZAJ5IYch`1v2pz0oQ@hZ*W8_v8*hQZ7%76=CCQjK_25(zi-$?{uKxn}nZu`(T zhg-@o6~%QcQWaIz=I?vd&Z`M^5tN(8!ul1n zNP;FPg%c;;LXg435`Z3`ztygi<7!*tedPX*I2iYEu~?N*jktwK=2kEg&U?A%C}Zu- zUxnQGRu-B7I|$|Lq=m6oasbDHqZR^vyF!4qBH+k&&7dm^=Dm3h+-CT)%&q@g+&hu} z?nX-l!;E|3qH1FbhESu|ylD(#Cc|h|6__f$wX!Jz>OF-ME#We(TYo{jF&^!LPp*0@ z6YN5Wjyl`cKZIYL1DlY6%r1gld$!ssXG+2A`6g~uA_$GGqhaK>Zi*PiWA|W9pTQck z-{?~Apn=ynWxe7P0dw0r91yTAPJ#kH?bhD^?>{!Ybw?Z{X6lcd6kI~%YU^lov6K+u zq#x*Na7Qj$tAaul1x?)d9JXy-yci_Gvs3NTl8G^D($jYO0Ntf013_BJEAeej=xI$| zW5Wnk@8%bWMu2Q7LF#ki>d->hjhnH0Mi6))a2x?)nqaHbOFH6yNmM%@9y_lRiU1p1 zKIhuW8gBxX$SLKQ=V2+YdT6_rq?|YQ;wkY{wS|7}d#RdSECEsBLFU%irdHtWaC5A1 zwY|^-P)Cg}q0{^AJ8T&JR#oCX{d5De?)d@E@ndBskgq!OogkP*f_&^{1Z z{AS(zk#R-uaxgEO*uJzwga)9#G&=*O_jrTmo4&rQQ;oiQLNiWcYsnpbVu6*~l@z;2 zH^8R;a4~yWU7F+k$ion#fF^Baw!8B!27aHV6V^wUYDn-VTG9Fe+J2%vkFy4X7b640 z(-OLO#C4z6%(&&Ts68ufS@MiICXuY9#Pf3r1YoLAxVv(9VEQ^}vmO-bCK@#S)D=R5MR-Rg)`# zQ#R9~+vo$Koax%bO}yfk8>?}$28cm9yK!gF(EuiPiDjA2Y3$x*tsvFvabV)iyTR8T zYjR#=e#|F%cLP*}ah*V}e;c6$a{n=WxQTTnNh%>PV3*7|`#`xsVyYS>hMcpc--NrVCYG6USeu4c`8k3S;Y6Czo-h} zjrz64?j&pKLN8`hyiN-reRpSlp8&(z2Yj8=?8Gt8zAGI%E>nCCnkSgosZCODcNc$% z=M{}p-Y>acGMXTMG)cwv&D!8cv5HYV*Q86e-isKzF&c*bv=f5YU?_;vJ~A&CIJ*4Q z&t;pGV|4rH>DUETZ_4A{k3IPn4x}PxfyOFzyHxnlU}iIhZBB?p_%XtHQoTkVXXVpr z6vyIDWX*jo@wp$(rYvj|LuV{(Q1)zRv1(b)qrx!fM7kCsqt-glXl5U~yxN2cQzZi2 zwRk48I+-1DlI|(&?ypN637e)io_|!4RNxh9;Je49%{4Ug;o(~JmvBxvyCyqw*!H5p zzom&I4~>3eeLoA=?0*JKa1T@r8B znk~4`Uu<8>k;r{SP$=7Uh)ua{k%pp(X8hgzZg&+@P30NRLV>jh@s7kv<;}Z%DV=jI z8e{LvbJE6?4zCG(i``8Jt(g@QM{7i3Ed%PW*nU#SY*G|&X-2ug?5>+|Jl}aCfWNc` zH@2VR8`~ofP(l?;w|(>mLp$fG6Y0z~ko_Ez8O7c#sg^zc!)F75=%J5eyNnqyO&GL(J z;JjlGl^bleS;+KB2osM$&sHqXXg9948}~FJkk(bM(^$1xEY;G$c}bGd`;tG4a^sw% zU(n^?2W91>E%{D%d6U5y&*|59=dqae)TP|Q^;c>cw_1;x#vV?hS-BmF!8C}#Nie<9IR@kF7TqGjLmwu?KO~w>q<3&N=lpK zgQQ^k0+}YUIzFe5_l5f<>W_d)<7>{Fyvq{sQG+XY=xb z!MXs~OSO+kH3JmJXdGRxFZ0H~d6U>(&D`rU7lA+E7pG1R{VTM;nfTa7_SSHaa8zn< zbOJ5PuKaR2TGt%4Ui?13o!AmUm+@6KeIa^?ZcF6|!Y!%-X7PJ;HXEug(6_ z)KIN7qYn_};(Y+3x!+g2z%^;jXNIod=o!XswcRaR2^zF!A3<0=V+}MRUT#Z6U8TkD zdu1h`-;#r++va+t~ z7u*qPCCWIJ&)OUl3Gnv3jJ`1PS3w1H%*^#xdhuGa4jbJCFE{+|ex?FWdR$Vxs{LNr za*ey@<(EM+hOyd|+xFf4MrHgv0msXTKnOO9Rc(pDgL)!heM1#4mjd)U9%zSuc7K>| z+efw^xo?h_#;1;*>gITbm|H6$8D)}?+3JZ1*vB?-u6N+9)cS~So2-1N7XEZc+`BQ8 z^J>MaY@J5~rS3|YgNL_j*Km&nz2$J1OMa(>P=vAcl-u@$cq@n3?uh$CjLALeL1IZ8 zcQvFz!o}e;<}G!-=o{Fx04M^fc*+_ zoMDCyW$3TF(kl>BqmsG*w&|I9N@EoQ4)w*F1A$Y@`64%grF^%y9E2*jbV6CqAl%dR zkVEEfSlfl66q;>rM-slo!AFW@sQm#~dWld?99fncgj;TEeU)twzx_O#?ODnK(G@?J z!nT+oHgaQI0uIA|&Hb>uq`%w?G5nlULclNzq;j_LwAZ$~`}0siWR9-X+^Y#AzhdiF zxEqzrC&oSB(iOmB-vc(wP!nul_zSeyvD{cqCXgGAUFr>K*i(`Glxy1>=X;P_F#~VxblQYT~0QKr-MTV*gk2w-fkTxJ`g!6-R+Sq9?d_XOSu<*x;}96tDe;w=SCZQ)~6 z>N(JulC9Uw4*si^5|;jdKlcCb>@Owx|Ct)sd?9Gsa1k-+S`m5cR$ortk|Vs!Hr{L9 zrCk+rqEq)I#0b^at2=0O-5lk{COcGAn=`78a4+YLzBO2QX+z(< zImr!LbquKv7>9!Sn~ke{E(hlC)sWyb5G#1Dxa7gJ2DBk^NJmH;Nb@*EXLoplUO&SNb}VyT8~?=!?mqT^IGv zb_RypGughk%b9h{(^5Z!WRIG`({GMGp6`SD5l3~0vZffkW#oR z7q-h}`yDfaM@b$P@J?sp4C-Dsl4Qhcyncl8i@$I}|C=l?=Z?7bRofEZSEoH&Fjpvs zA7lr8>YEj}ElS;)+f-VmsjJzzdY>#kJ?Ng68F`fNxY%Y)P;?GHf}i+*rRsqMDqUO_ zzG8Ox%-DUo@@{T$9%pw{Pr7`Ms9hbRA}MSZH`Mv`X_z}{y!&8jNZMRs=_iBJI7f3b zl&Jh!dy$xhoewrLi@JrPr&J4-ZDCk>N3Y02{s)re^_R1!>T9_N$98_TTc7Hv6*n}$ zLs!5nJaEeA#9ige7`23BX*RGyR~TX6R{%LKfn0mzNrxy@%)T&D(6(h%U>!4C`wI&I z>)TIc0vfl{`6|L~R8mcv4(d4 zt0RbBkhR>?(v=&}{;}^4j*V)g;(hhRWcxu83m3Do$#(IcRI?Bs{We28Z{bi9ln?w_ z82{gjZPhK5KG`jt{bPbZ{-`iar+HtkV!fh#^GU|Si;YnZY5MA&n@8qHvFd-L(#CfP zOv~NFe0_zC7{7K-aeL1SO9kfB2eL{<_uXfuQyVzc1y z=kfgVEjI%;;56C*pMKKfVbw0$OW$MN>N_G6U8+0j!J_!~t@bN)wb2?>my@aV50e(h zz7T~{GWIH*K`G`L0&EW0>_(qD2_d*-l;1Q6*p83i^ElF~=EY7rWUoEn!f4_Pmp^Vpz3omfSB_m?cEL%w?PHhLjoOl6okVdeq32gjHtyoJj(g$v1hH(pq3?SnNm_jb$GJ~6>+5UQ;% zj(gJ!XdedEjB1P0-uMWi1LulBytg*SS#{nZExk0Y!tDUqDHVJbb?DgmxDR8OgHc}J zy}dnUtYO|p0%o3jt1yMU#WhbFYoPgc{lts;D1icQVG)tumC-~lF}Fr#RiEoO{E$mq z27Rj(5HPTWwR*NY1*oEGa)^KQmg@ugVxN=3hRMjp%+nMvz@YgC*}`jeE#NPu@lmE@ zG;xYEyzB|0g-x?9$(cd3XG#-dV?tqN^9{U|+X<`Y4pw8Q+DU z*za&&g>!TUT{dZ;%eQeibostVz$c@B!jzolgo$@5*On3{^MzJ2#g)=OfQnGBu4Zid zwt10XX1TGtc}CC5s!zB37>uqDL`?Q+O=Oe3_5B;v1tK{}q7}jz zGP_)z@&@=4kMP}9-mlBN*SVgy%f4tkm<{l0%yK?WPEZUB{aDZSmNx=2|A zV6;pAXZ&UixV-)==vCk>aaf^C;ZYfP6qB;T=WFUwNtk zP*LUc4%@RRM@!^Gv){;qxV`pV!tz>{=P!lqrTJL#f9TfWV!&~PUuYlh&-ad;f8RS4 z74l=vEkof-Be4My%uKT)MdS~Pm*kW?$X-W~scf6bYS^qcIj|w~=Q29^cteiEKyP%U zuJJzTanOcfwr7${d7d%mmgSwVLLw|*^99>jF2^U6CL*mYQUjGOVIOcHOb4B9G#{+g zhxbuLRL5>tw#=q5{sYEP8j~_@hBc5dtNESz4=D(}dE!%QD8W;v@9s?7`uxK$Tu^M@ zYm5d{{sGA;4paKn&QtJe!)&Lf&fmb6-8lJbTY5_47obfajrSp7pc4EjGDnOuhzEZ3 znh&M~p&nO}n4c5B|I-9vZ$MDUr`WCqYlDfO1S*b>*O`~$N9AsQ%7WtXl<8%MZF?1s zlZ$Eynt)y$DPV1DBSorFrO9;pWd-CheGZ=_Nm^N1(Fa%px6Mccq7MLU0wVr&S^jtE z$Xp1@w>%zSzNK*l;T$6>hx;iO3)D6uwiDjI3k!e@kv}$~dICPjlRXJYHe0eyRp;gx zr0nb#^$2kJ`Pu}y_pi=(>_euQIv#6{Qt$G*AZ?9kS!-z--tp%*Ann7 zR4;!Y2eEv~FEa4MFldK_Aku{w;x3MtLq&za|B)yZm5bda+`|hEg*cCvsPcCpKbH0z z+cW51!2&nf>$?FD5)snEX<@=gTf{C<{`Z@v7LPW=C!s?vm@^039Ub)n5tM9K9a>kW zTGou}jy<0|u8QyAkY?s^m#6^s)aWGKdl6dxz=_>?q$UZq7sfP`&F3Thibiu{XFegvedEA%e)wRJ z9g006L7Zkobh}tpevAFO_ilNXe>`16ifBSR^|Xq3-f09-HTj&H6aA@`wbF}6;e~4B zEW-~=5CG0>Z0|p$v(Q`4!fYTwrh3_E>UUU+B}W?BjZJi@#_CxOK6ue8CNxkv;Y(Hd z>PRU)ACEzR`k#BZ|I1#0UC>jOxTEsNxVCiY@KRQEND2pcLu{6}EfNkEHpBFt3iWQw zfN255IR^D^o67iu#DjCLbN-#AO%6a$8BI;zrrId)T@q5{3n1BxDtR>}9NW54NY`Nq zUAdumI~L*bZyuhqhTiS}7e7*>mN>K{hll@GCxeLXd_w|Ec_PXgW();CQea{#5 zdK%%N4_<5_2UISC{6WnrkOKfTLgU~_8Kzq|ZJR}EI5AaZK-&{4-SnA9)3#x5!(KO7 z%s}R~O>v&!>?em_`tntxUBqkp-)?~B5n!dD*{}Yhw!t6(_c+M3m3D6BOOVXZ#1>8D zyG&PxiPQOskHwSBlRztN(r4-7ht;Zc-1v`M*G?y%P92Va8@#ARpge7%!FRx`=IQd8?SXKYa>XUrK3D3vu4KOkNzDovq{D zCtT^aK2ZMblapKT+KW2Ar=*)JevbqF&=%SkC<(8k<5#}4ot_k733c%s_hW>XP3$dv z#r37~mMLV@ydk&l7vD~&TiE-dZq>r^^E1JL$4B`5`Y&vHxGR?c0aEZQA-c801qi&x z_l;8iPn;Eumu!53UfVdI(saHP+iYw(Op#?*nUiJqIUv~DUrRi1Gka}l2o`Lg6_fWH(``Bl_ zaA~%;--zq$1??XUa&st7kET+2CJ#cnv+y}~YiA8=AiP^N*T!gVR6w=q`nwXc?vbn# z+Cj^QF6%p|{d9AAR!DZq^wZlle6{}=8Qq_(^kWqDUK9vDwivk#uQ7ZpN4eQ(vX$H$ zjz4i9C8@B{b{?3vtSU=578hB4!PV&VNOX_Wq9}uORWO5y-J}nFu2Zjoj;+k8*O=Td zr%cei46HD^0vu_$oejZcxwb3?(8j$J*+t!j?)DWFkZC%I{?vms#F7oM`C~u_tYEm-Y3URZxE-P55I^{b5go ze>2bd3NkTFFr?h(9v~2&>rIGp1^*;=LPt>dOt5~UFXYp(lP@!vNIDg=DDl2 zORX@VB0Vit{xwyiT8?qUpy(AXtVN<4`C`1fE}@|QK-yBgtb$jWHaW*V=gH1egU^x* z0UKiiD4Yuuz-8TL-_%1(&_kbBH3UK^7;(5CupPOz=cy}l1RT>2^VzH=J;aX~4+PR| zJ{co-N-}bLZApyY5^~6LS-MMYj1$ zYVgucFS10nBtS(8`L)ZoS_bGq_({UXT}g-h-mvP>TYvJtFaL>#^KL+1n3iVN+F+qK zV+a1z3lCV*<-ldCg}DhYGm(W)86i&krZdg-)%f`!+RT!I4eW=NfvQlQobyxn6sdmK z+_xuohO5$l2Y$(iYQN6Ymktud=y*f-6KJ%Q*;{YqInyiyxAUBy>`#c4fcPi!j&O}{ zM}BQ)V&P$xOB-#O7DrcBRt@y@@Gl(7qjkgzTxGw8)oas;K<;Gi2q&hXH2l=8AQq-N|?Ja_qn-XQ9?Aee;K!{ zT8&qr3S)Eb1goyky#GUjrfe?ps5=4O5J()cT!!@Zc*0;Q(^Q$o8ZYqFaqgRb1ngGz zEOx#|f|Hw-#wvKDRi|FR58Q7|zdhK6yxNv~HNrMEKZ&7+08Z$Jje>_)ARQGe15flo z_bZAb_ORChr{;bdr1Z3bzJ|C24|)>k$t$11J$}2v)pT;I5O3`;oKx91OQIS=+o4#> zU=?R+vYE7lS-gOtYC2P4_OnCf;xM=Q2waVT^v5@lLSp; zM-=x550vfG?2X1~($+`a`Ru?Y&hk(^)u6dE768WKglZf4#_mPY=2;vW<1LE8D~k!D z(RVtcf0`fYj5SpFrv&@8V@V^m^OmF9rZT44Jh-LCrlOm$iGL+T8zCWzEBKp{q9zAgnlT5$vX>|7E{O)c zc5pr=vOGj1CA0+d4|2}XydxkC%U_;oNi$Q8sk76{;2lsB9FHgXO$H@8v62v0wbJ}k z)*x{2+L(urT>;uR zrS_-Iy<4^%Zrw{OhNy;7Ky=4HBEqm4Y5k;OW2Xalx2C1F zyzOl9Zg0i!t??qgx`o+iS?;8jx~*641?o(f*GwBD^Q(;Q2Qp8&y)*CSvkLdB78S3G zsc-c1(TYx<<(h&VAv6w;uu-fusfHY}Hd3f|t7YF5=Rr6m(6jXq4Sll2u1OKuPBpC3UBncG2w5!{F*L`R@vxrJgO!ZI3dFq;fQ*j*R zOcZ4rVC)o&S`^!io0idFa8-=5A{vgn@``5L!FJT=zDJ3umVO=fCka!Vtr*nrZKAha z%TvG4I)1CQK;(3xo~1S&X0b9L*>bch$Gh?UxtwU*&x~3&<`EACPGf_K3LID0r~7y` zWhV=UDP((IFx_b2^$kM4BW!@~7vL9#$gN zHrI&RF0g#E58HP*PIJQX#KOV^F6(1QYxy{+Qupt%9Uu1ERCsP4Bu~>p2L9T#0loB+(f{i^lXQ1`_HK# z6;PB!HWl$m zf4>x7Fv9?)T^YDq3aa%8@DurmCO`>tr7(u4d z=@(pVOV0uesyT#}iPqyAnZwBti>De&-?BG%8f)pG-MP9b&=Ahqrr*|AC1}-@_CmzT zQF8FCAXaLx^K3L(>3u(pV(>tDP$-=j6-wR`e%ex+*X`hqO%o6Wml{5ww%?DSi=J`s zsqIoiedqLsesn{S*_s@!G5ObhL8HX98p9^aC?YqZ!%N#brs$Rw& z{=cm}A9ifdiD*4-d_-6frE8!_SIv)neT8y7o#~ zzUT7b0e&(>vg7FHuG9r9ixVm->Dq=iXD6;WQYpvs(Vqxb7W)Q$ZK-_vbWi6 z>Msq^vLy0}*6L8f`OD%x8;3;rcs(G+gA94b`HWNs2`Cf9VdEuH8rsFPuZ zGQrCZe}m4k3H#c-mzLkI@+fLx4G$hYqxF4tas7B8ek~}{qR?viElM>#*)%`WARi%< zsB1J(1!_E?g2sDqC7&IHABq2*-6S%9(hgjPtMy1GbSE&`dsgkZ8U%Eor0O2Dxta-MECeyO?UIvAGP6>=Rjw({Di~ma-&JsfVwOhPP9JctR+3>jKlOWtcNxUI7%tGYdv8Hy?~j zpKiLK_qeD77v?+JIjc4-0_mJ9W0qij&CvSH_a-!WXp3TR;ldbgA1z8=X z(%OBSX`f2efc7v&DCKAWl*m?3hp)Q$<`+|h$xu0prR}r}(%x88zb3%0>=B)6dAQUx zBQ3Kt6y4ybU&37M+f1A3AVe!bBY*3jH>xk^VFNd9-Cv|6VMzqcAG)vgm4nr>to*k; z-0%}S<<#-Cr^PrC>&cH2({3mnHX6M6>N}mPD@rba@9VBx2|69h7!;a*CN*6R20amZ zvOq#0%@=1E2Vygzm=)dfV}g&K;l0Id-$-;@u|e*;uM>kG1sO&;b6SeVxb>2B>1QLM z3(;&XEHSvEnxiVU=hex?vboLIrbnI)s)tx(c za?jz`*5C0*UpLJD_*rc=I-!umc5#6(vZXA9ymv8CIGWA+<%1%7;_@9htEpI+0`t%{ zpb*pPkTSCo93AR~U;0ojQz7QkeHEewg|Fpx@u>_H8;H*# zYMO$P$w@!NH=gcf_uJg!UTr?oj;wtL)sk0Y92$|vkaY|YbUvxbfMwIw0F%&rcofH)A*x5;IIyv$0O))|L{Qb!! zH@%~dPzEn=h~b86GzxEQ8C-J!TnIQMAmzO83^_rh_2` z?Y`D>SXL$gtV?X$b?*OsIix+VhC8n`{$zzmvxiC<-JB1yH6R2<@ov$LrQXPJvzeE` zdBFA{;PqqWG^n1hG>fP56?nc-yIZ0qiQ?2Qc~y-s09_CAOJdk29%axp5+C_rgi zEF%36Im5$GW^J-k%;EYpVm(4axSg8f?%_^`f!-`r+MCY~v?RMYoxtpj0u+-!s{%uw zXOeOAfk2VYLn+*v^9b11$f-=#%q?9*-|4Xmx{JPby9-#hB4?rA2glg@X7F0zkT(DT6 zusCtIG1W|Sc%>D!d+!2@bm8NBbSe1m2Bf)u92lQo)(j=Po^RY4XTSbAno>{tB)TFE zL+B@C=N6YR4`wTV5=-${1xD|`qKBQ?g9Zkn;d2J1`yt;rNfJqZ^a|ZyXfwnLNkUsw zm^P|2C)n24Eu|~H1+*MBEcqYFK>YUPJc#o!|L14dkO7IcRoilY=>;f0uxpey%7TUt zf{IIZ?V-(_@UC{THXQyy4Ea?Z6&Qg6hNd- zVyQ4_Z+8QT7bpB#PSdW$2*yj$yDWLz&vFDQExz4EZiXj-6m0r=)%L@ity+|rk*WQw znS1i5cCaf7@Zu4^u=WfNaqHQRNUDL#Vc)Kebe>qZR{u@WQNcfe^uvi#c(RarLfuxH zd$ABcW5wwYcl1dQ;JV(TB(ON|yHt|>HDVz;*}B%ZXKbxz-f z9|5BGcO;0vF0&3UpaGqoYG^_j4Wt(NY&$sH?Me&3EjjNVeGGNa@kAlhvHSL$I3W`h z&v{hJ62o8iE2#lnk(EfSz|pU3Cg(sPHPq*9qS%>Xpx`|6Fjt1FTIiNZUT?ZlGyjuJ zv=+UeK+xMeK#Zg86nuhO66fZMQR%q`k)O1sJK0Y7xD~iM+`QWgKn(gIE}x9H zN3$&GtCfy{u_b;cO^W(EhZZ={DCfU^H&zAAM0(E70f`_v zJp}qvL`lyA%)g~D6|9A<8bI>vAXO-ga{?q(iA?=q&Zsy;^{sEzj2ks126gW)-PCCN zu8~4nw8_^%c&mS&OD8YOunMLme`}*`JOOI8BFT!G6?f_Fc&a7)Vohr`pCd4!_(#j_ z8CUr4)3h|ly1;5IPb4C5^dD=wm@N?jedDcVd=JWO9z?i21N__Q?)tfdMX|a9<*YJ@ zu7f8|E&2FHDSl0Nnv8LMRW0lG^>vnbE0{(IL=Sn4kU=W9{}EK(`ehX~5Gq9Omd+38%U{kO#85QQH>~mkWOTI2I1H+AM9FnCLO`-I zG=HZ|12YxvM#*#I>q+9rXv!Jm#+P(7r~Jd&DzU|HJLTj-iLcjOE!#NFM)I` z0kg-Pc`^Va8B#H;ZPQOd(xByPG^F)$r&@s4BVVz#YH6Gp=W46)ZY3~{Cf^Dm!+eGG zx>ZhQ_#b?%*rj~ZQ`+I<6e@zWgm~b!U%Y2BKNq0hB{cqm9 z|Dym{e`tQAQFavAbHHVt7SByR6nlsGx&u9Q5MYesvaJUh4(yU0$XhH}eVdyrva!%xT*K`!utIB27Z-i) z342U`iviX1CWMer8IaT-7j%v{^zX9oXuSU+lXpzp^yrm%(1`SF>0-@*d0bKwrR3FawXd+y*yVAguW$<39z6Mww!@_ziC; z3Ec_NiR2?ABco?e;$34ekaWNMu^|E2k1|VJ_@kECtixZ*v;r@cGxfEg-qjs(K<~g%)6}iHmw{a{ zAWx~_^mMRkr+}K>%zEEQ>6>PLmM+Be@~v4$^>~J3VQ`oPCs>K}_de?(>j$UZ3ev5n zPJBT&?uLAr=mItmwY1*@PeUQS}14G%RY$_Juei_V^HG# zL9a$lzKDjVh~4jH9$q1A>5pN?MI#txnw7E zajQCWg=|K#yzK9(h%OQmy(PU|%1hg>M|WGmBXPXNW410KvA2&Uo2zWLV!pD{r#Ek| z#n**vPgcnb{ZeWJiN~E@2hYE~_}U2w26^ewv+1xGrl1-||?81C50>9yo=f0EE)LkN)CU;}u<&(NFd^N@kF+r{O>WAD7 zh+#W|-{`L(%aNM8I3cb1xx3m1h8VkTe0B3!)LNX#>V8Q3kU{MAxfF4M^@>6UrH@Y& zJVetTer40*G5ShP`jkFiK8*Y%Gi-ZLTnQ(}fxpS3!=GWTcT$70o;8y)`alGHN%&Vd zf91D6JlDJp|L~qa?bh6D7^*LJ1f!4q;ykHzI;@mt>;PMFO6>Z;)pm;555_yy9*OMW zus&Zmh1=DCZ30qg%Id>qoELAYA@U4{GKo?%JfO9?AotLF62b839L(82Ojh)WM=M zma@h>vxC)`lNb4d37R}9$V$fTzHxs#EBXbvaJsQ?FZaIN=&oj%2+q?dNqVNib1ePq zJhrU*?Dc4AMwdIr6CS;j>l1_eFnul==2E5&=h%!s6ldIUp80tBF?&7B@|pqTs=}~; zvTJWMKJg8KN|biW4c#>_JOxZSyu2vn%*iSjd>B8!=qdn-iyp4RIn}4?U0-R)FowA2 z3rQNg>7cV?)cE}J`kKh1IAfw&TL42}#H1j{4Y`mPT|4Gcy8SF*d)Q}*m0UX^`kIly zwRHubPW`Cvj<~+^4}Bva`bdkP>hMIRp>xLsldw6FKzAQT6hn7gq^U=`Cfttcv?lSa z4?jv!qtSM48WUpPnsW-KC=FCvQT_u48LyiR7NN!8Ufw0x(<$+o(FNxJ=t_ryw>%e03Ae(>VP{?m_| zQ&M4!`fNa^btqo85ubqQ_mwGu^n%b7!UD z$&Z*e)^*p_*NStyUVdb-fnCRr!B0}G>tY>27O{5Ym0NLIVh_P(kR5yB3Lz}n6D`?( zj;FftY=(Ke&JxyIut(ZrO=7Ke5P#;8*oY?xvlaY|;ov*vd8m3QPqw|l)tI=pL`1k;NbK= zbm=}0ucn}ME3MMDY|9R!u&ojGw(ZO|Dvj@2b7XLAVummIXY%^+$Dn!_J_(?Vh$m`4 zRde1ESL{gZLx3%Z1X64sA78{bcu{|oqQw@vx%&V$WH6iFXYs;rNqmMBI)yD8aT4jM z880CbJLHRSGffTNRw#+0sgS=_5=cT%304r%Q-|oIDVSgdEs=+d*yA#xcJdyP*OhB3 z@|2?h*<5V?PmFr6YnC;CVFCWF+}Nwg|9i?BAV-hxtk;9iw!;*4@!8R7+QOCTi;>qz zD6$+XnwH|LH?9K_b#m5Zf@Xb~w(b16-9n*_=Aey< zqzk@>i^|~|oYZLKhF7SoX2s$z?Db1Z?(tIQN$#a5FCsQz>f>HZ`7mn#7PB9n2i&icI)ZWnfSSRrqFQayL`a`^??M~ zYjAaA4+yv-9Rs=(FjD@0tI{Sm7G+>O4f!v@Zsh@59hda#?UfyIUR?IFYx7iir?0_6 zOgcKVCR(sN7QydfH=8@5FQ*RzHx2<`#~9S}Q?9Ma1IdSfs{kl6l1cb)aO}(Vo<0Xm z7j|=E{0^H3r=`h@R(y2V?cZICdDH3WzrN@Lnz;mRbb%dz+y8O_8NuTPZ$M~Qeusq? z_xQ2gosaSBqSjqrsg%w;f94f|$_?AHfCr2lMe`)?Nv}cm(*(~9}G`tfM5l}4fL8pgq{#rKt zvw+-;8-F@R|B{=;5jea7AC9x3WVQorO!>}{-P#b*1!$Qrb!bj{S8r^Dy-Pf*l{U3> zKY{tH%14R^tui;I?@Al}hJRdR2x`jZ)G{0qWO*L3nu z=CRUHx}Gp;r!-vjRzXMP%ngthcfHT>Irx*jNtYrC3c|nhmmk{77975Mw0TF|1XaOd zF`NZWvo{T;8!t_e>kTaz`%V6T_I+-u_z)Z}Eb`Rs(2Y-`n1Vv8xo`-30VYMpyQqNIK3=o3^(Q@Ko| zoD6>{xC&yn3e~PSW3`BqR_sLSwf&q~b~!Ed-8s*<&;RZ68rOvmZlnG*-H^?a@B^?k zb{~LP{;Q_ehFe(v?6~SD4E|#fsh1JBwcWoz0DilFIQxi>KxjF37OOBI>Kt(F(s?z` zAm_$QY8SpSJ!FvxKZ}&JFhNy&b;I7Wzv4&W64bSFXRXQtud&~$0X5X5p!SifOE?rH z$9AR*SpTqW|I^mVNa*G5h^unKJZnt9Z&P385hz7_4>X+4w{VWv>pg;|Q*2H#Ao;tb_sO?KfPpT94&TK* z%xJl0;*v^(yzq4RLjLH)<8_6Ns|zk#%k-)TZ^TC)`xyqYSM6Ue#;@ReEbz&ql9#(S zf)YP{rYeXOye$RzjS*N_tm|F^K~J#joLfScAl~u@qA2`uwe;j@<_%>BITQWMS+>is z+HP2{f1i4EtyG&)&d89lr94&;EY{I02b`1q>#ny%ZRKyRk&xPOHGc}38xJ{|C> zi&2hor@$zbYbc~{1%rU(Ldl_`5tm+)WV{DHaQ-r_0$z*v)Y_MGC|dGTGo$_lrmSu$vCvf?E>lt=3MHEo-Ar@h$&y5ei~1AR{zGNL_$NDa*Ke z9Nr2uF2TGPHmuQMQu?jiVtJf8iw^#dikXwnO7xJ>e+_(; z5{lG-z{mBr`fm$kWu(kP9kKn-66w;%^(G63vPQMR{n&lV0Gp>@%(qCNj@gG~_=COb zj}us!N&dMKP&voS5{SP!L zg!-(Dxo}&oyvyp2kCsxDbQz|IJr0)_q^dnZEkvcL>MJkdx0MZ)&=Vyz06MGz(qfNh z3_YU5S|uO0>&jr&*Q<`b=o;!UpODM6fLWGSmxFjoo%<%V0%9Xz0rUYE@8b`&BuDcU zSXQUjW)}(!TsHMuESPUFHorWLQmN;VizqisI*a1Sj~5ir{z=aN5_kX;2wY__pV0%n zX6pI(m*kx5%T#{4fwObYrP|G(BnC_3R&c*G?x!W*ylVQ^?jE}}>1nY(m)+9dN}n1f z@4cvFYm&y#=N+}z3`P5=;hsoj;*7h2DUDIeVAWovjzR^I~vLk zYMrwux##3SXxjB^An?AH7I$$ zXS$#wu;jswV{vpmqrPw~z*+r$Gr^VLvB^Y9j$KRV#@u=eeX>UeW(yC`r*g?+x~A*N zA`?%1U1;Dn_W{6^RGw4ci=i{R6|(njWK%}=N@)?wO7<4FnY|_S$jaU$vRC%z zcdomq_vw8f<@vpT_167d*Y`T#^F8N$Kj)m!5x-@8dGVg>1p(^SJIl^3EmiI&uO)6d zn=CiHh}M&qmKIw5EN0R8n6#=Z+eEi}dD`L&4r#0-8Pz*-sxryTD%A#%JbfA+6-B#c zJ)c>-5<{km*!bh}u&yC%YRaw-dHW2{5Xrt?H}hL%4HgXPM#MiH6ao zM1vr;}Fq3~ZfNN=S9OXS{9KMDa}SV&qA_&E332|v zm-e@uf?DV^Z(>XyGb*p3ynY%Nx;f5(1g&as$P5Ytg$%*H)y*rmp`|{bGvD!A+ zL|Ef<@U#{BBtwYYnh^WwWi4}M95FL9U2k_|NOEH$Bs1B^95wFpOf!qlRteN#O6wG-#ljn7Fn- zxwb(mMU~`(bS?RfBjJeMh(fLpbQ+yQ_orr`tGzBIqsYzuSP@vYS~i?e$>FEUqLQDYOM=@L$no00WY=jBfnl$h7IzH$)Eu2MrQ%EOA=4yu#~nicDcUO{K~t*X!Ua2ob5-?E2q;?IgLf-jg{laL`7*E!j#{1 z7>Go=PZ-uS^sN}(qp{qy#l zN(dmPm=em^oQzKh5OYfDR^6`p_oB@1fHI!=j(0-L6WSQGVP2WzK|?tX7+ zr$J(%qfp^~1ojyrt;_giKXVNWSaB@6Jp$&|<24#PWT>f&fX0+t0k_7RR+NSp1etHq za$^`&Qembm7%67@`;h##>3TFTJ@+YIsDq+uh@cyvwG*|)(qEmY8tbu>fAh8LeY{=- z+n?1+Z**n~XG{1-L#=dxq-So*s-aRawM1a+_Q+Q>Fx?+%?d@vvJ*vXZ!&7yDK#0)i z;zM$z*bT(nnA+`GpeC%!?=M1*-!A2_L6)=>uoo<)t2o zRwH0Ut?ap2aU{yRukDY4@Be4fqSm;`wXt#HuTy04g_~vDkn8+bZQlAf40qo55aa8O zNT}_(i^{mrX4*ltWSu=u*w$lYwni>h3Q^{B(6#`UEF*7Nnn~?_s$CmW%2shKDa$08 zB&9w~*bfJeX*jA?42arXX=}M^{N6EI`-{XOhY1CnN+Set{tGx|jXSwSa0*vDMYHsb zv5E1Z7^Dvu;-#75jQvnSjoRjJX4_IXDcwG`sByw##`We-gj)zQlX1`#uWs z34hp>`jWMLZ)ih&FRQg)x?3CpW zYhKevj|nvF9Zm^aS(11L3GB!EtG>bjjX=}nik+vxh2Z5hcadY}3UDBor;VIka z22dy7AzF4aBHLu;lWZy7fmAbaE~xPJ@w7?G`^d1FAY+AYQfzUug!-}oliORnW4_1X zqhrdNkn8~o(g1$RQ{@l2{Gs;&8J5#-glz}Ui?Di!2*({xQarsMD-QXEBswZk772wa z6>eh^R{y(Jg){Ig?i*&&uxP$(kcWP9E~_kzp!hgjNeQ>`)W&%=a)#PBs$<7qfb}~G zY5ah>LB?VlMEcr1yN^;m3Yiz+J_Jlg0Mszas@GF^l3J*U$z{1K@czkJ=gGtj^BIoH z^VO^1kPtn3!{UFz6RBV4ayYPSyhx*Cw+{`aB+E0s6i2+gENbNwWIL!~#c%Jp-Q0)H z&E=(sj9^MiN@GU{8Kj4A%gOnH&w2XjSg@mohfyUi>D=wjG(EhUWnt2<8+Yit! zLLI(nSXJKjf6mDF=$!1aDE$L&c6LH2Jw-`Kw6wNW!62Wjjh^wy&t>jnL7j+?cYXcX z^!RgV`+!WPnOO=9ZDG|v*|rfQf$|>J>yo@N%|`g@96#wol@z@JNk z+-fsvJyV5D70pXdpi@&rDUkwu*|=Pqs;X+!7c`7FJnJ7YHTiY=N~8>ytw;uaxQo56 zL!QZbK7J`-OmZ~x96VOGD7O(5OYzP!yUr-?M1+Bv>6X4_6;Fnh6hvtbT>9gLxp0ViuM&Z29I&1+j8U4P!SriZV4i-Y& zb{&_QxJa@@s_#w1jYxSqLbBV?biKpEGu@#^7}xpn<_n5G2jfds7jR)}<{g*^_L<4v z;GuGL`y2GZFqZ&)Bj*=a1`?!;k4YEZhpqBnkh)(!piC$%7Wohql*!KG7Ape?h+n$} zZ&zDe#l|k=4%K!SX1{!4X3+BLS0Pve#EuVft{gN;ABEsv2-c9Pnvqf%26Vwsn7{jQx&%IqeR-#`D*;ZkpN zJ9g&Rx?`TeJUQdIo^5A3Ofmkk-)3fz&m@DeO_^0#BGMOms}Xk{9X0Y+nO26~-^$1? zbRXa)shd8e>H`t3-^AfkSUZ^~*R4AEI*p$pO?NC*v;_MJigWDKdnd+8TOq8P2zyp4 z`#DkE$t0^2l^~Xr(zf9MqhTR0)FQe?i{W%1ZrwF2ifze2^DIE{hVZb`z<4Xg(9Fm7 zuhuVf!wS#UtFjQjRJs#3sxI2WG#V>V8&h_mp@fQH$5g|?o%uEE3q6Lqx*@{?08m?y zxWM^wi;^isKssp;=63U4;LSvFpdxjJGecX=QB$AC)l{lF*|bGRA> zL2)|I)}xw+i?sE^_Ea!VED5bE^|vsVwbTy8m_k zYtC2fC{)3EauB!m<(xP}4BN^Oq20H&>{ms8?Ro~3)b~^_xSlG8b{jWK1kGs=khA?B zuA80u#Vcg=u-H<1PvnZ^T}a4;W?DLn`G@2D({cvL``O=>ePB!WJQ(gM+&k99>Fu*1 zO;Y~O09QT)&VP1F-kLYCwVGtcocY*Cl)lfc( z-B*K2owdw^mz7_Kx~QwCFLv}CjpT(W4rYs?V_!>H{G8zar}YKTQjG=h^NLVDJ&&mg zbu-tf)ICqwN6YDfphXNbcn_Y?`XGhH4rf}NV9{6>&Uh|FiLJ;LkaE&AP!|dm$P2?5 zezCWZH^3DtcF+~dH`YZ|b|Nv+j5T8_mfxankY6Rc9W&{8p6y%5rzMO2=Ct^O1?J-! z7IWhthh1gPz~Yd}M$v3;Sdu`3fvzCE_A5@z$R=#f{vu}0?mT9m8ABh9X^qC#=GWmm zR$|UKjZD1xKW0_VS;bdaWX8*PwbVUDVj9|St2ZWx`Vx-1r`L-tb>uA`rcL%xR`#P| ze+U5c^lz)$VQ0@JJwT0-1oRKUpUM2nz^qmXOPBb%EEma*d{k=?a=E!>_iUfrJmI(5 z?0IDdg%ik?-ER5nZZ{>24>(=UwrF|)bj&}YOpfi|iwL0%dX3He8zYs&24OPc#J2%1 zmLP$r#T+w|83t>iP_q9f((!{)^Z#)p$JNT%7Cnlws-QiftOF-pvzTMXWfP1+sNZN6 zi2>UwM*|qv8F>e1(=p}F>#N#yr(r)&<465!j)Y7KmP?dU3iG`_2**9jI8AseeW=yK z!s`)xi>@asPx8;^Ccrwme@8QubhkYF)GM}~f7SvZkm)!4;^=t_q~e30$ZjT}ZVrMO zsTFI`kGUKx(&1QC80Y~x)^@QX`DCO=6LKhfvv2QuKLSa-J+!~{Gx~eNI!Sb3O^Nqo zsfZb^1P_FnQ#s^dUX!!~>UN7WkmvcQm-TOUe`sv& zr6`^2!;g;RP$&;z@Qsx4qbShLt{&l)t@cHGi-E>8KlFWDr zV5R)WmEBG<68le(ATX`&Rt|JDpzEKlandWWxg)uu$cNa95Mj2$lj3SC ze4Y=MBtdSRU!p_i-@?+bR>pDcu2GP3GJ*bINB(e)O#Z&@z)A~{X#R{QCYqHw>-M_s zu4gy3`Wvb({~`T~Y|?P`SjodT9zfe8^rkS6tx1BRNLnP}5!qE=;Ts3Bd`ecY_UzP} zfPKif7=HJdPBUd5G3r`eSm-u0pKisXAeXOSahit;JOf{hSOEHYjtJy&Oa)iZ9|0t) z&wG{c?gSpdJv3Q0m-Vh%#s%*XZn}%+l}4=`MwxJt6eYnc+N@e$-97*|lz~!^wa>ZH z_iajI;_3ZzbTZo@_~Ftg`Y%!NqRsV*uwR@vLOzeOlGO0LaS7=w^Zf`$tjxDUrjHy= z8Eq_+w%KQD)OH+y96YEyS7c<-Tgf1yVP^KYuIWCmd@8JbI5p+X@YU}n6T4+~FsHkU z_S?XM$r*cwFX*%G!OWPblZMNSI?vU1?6#3Dc(*+FfsH|BiIsrbD)NFezB> zJZyqxVj|lwWREm4Nxdg04ng`sWNfg~?)IF_O;bK8?7U@B9-3&;d*wznt%8!xf(*Nx zF;YU1L&DqN2oLvCyy^I>XF^s$>is8tG~&i(EU}<6k_2&)1&-^3tDSO9w8>RZ)_u`( zm#}d+!MNAl{ar~i=H$4SeUnQ+&p(uxH_)PcBl zk-M9sU&D8r-HxaXJ|ftJ+F4&3l|ZAax=$i+P~)WZ@=RuF5ZGbCKI6}$oA@EQRL))q-0jS>S$nF z`-X?Z`B+9r&>^@8ROA>+2D}(4CS`En4@uiwejy*xI9$YZ&5e29 zi%qZsZoR5FgHuY3a-0N+!tse~)ucKDrj=T(!2u|$x^1H`pS~W*k3>xsm|$(fmXhG2D+(_tKDvNzPN>!bN> zM!p^jO=KiGhfI+9S24&{#&rD;-g!gsUq=JYp)=E`fSMEQk2lX9;f6RuG#}Sg`m!>> zHQhG0;u;!e>h{a!d{%Q)mW-${Y$l|7C_1qD&O8mEN|=HV(3;(j+Zu64p7Xt)rH&dG z+6WOHVZ=M#!4@cR80*hfrWbP{>kCHW5KmdpOL+gT!2nr49o+!w zJYDuF4+OW@#PKyToOPaP?a0n$Rt=W5n9pb)0*9pAw|L#2QfUD`HM_-pSpFIK{rLusYs^0YMS`szGI_tS8}yUYGj?22N}y>Hi>gZ^D%EFujkq(uFx zR4W^dpk(ikbrhh_D5mv?yD*>_(sJ73k?YP)Q==C-fmK0VQH=E2JaIeSEiw@brBL)? zZU?1Og1@a12WiW2U?EwGPubl%!(AyzHdL6c^krJmFgFpr|CHiDtCwK&rR3NB9Yh+v z2e+qIPK(lYuZ%UFtw8m6)#JZ)kV!TYIWBZo zAGiC)re?0Y_U4x|X!hnYx83XJAjW=7Z~5Ni6z0o_oMA4jL((|sq^o@Jq=BLtlru+SK%m|21-W#{e{0;pIZ<9{guTy zF=grGF7}qSP$RQB&wC=ATgCenXX=)eRUmu{$PU*R+j}`=exjD-ZO#DB6fWDuMTm@k z&9|uR#0Rp@*zqV#*LHj>kJ2v={!g+i!^H}*new{VvtYWobRHj>UDjKe4{qJuS3^(x*J;~Bqmb1N+``(qzoDC9(7zoOfv?qh7W+S7_nzV`x<1fI z+W%}L!rp9b6bc6M+&&4;g*{(*39B>oA>9ML zWCAS0W$Vg!N{hqBP1C z&a&6r)BnG>pE{dv+`GKGBB69e`rZza9yGv`V;uySJ%#jC?6rQk4~I6_SZjRFo%w&h zRS^R`L$>hMb~3F3DK|H_m=f_JtxhiNqew{#-rlbUIOX`Cp$`$$$K{L0Qxe*7nCi{?yqUvYj5sK_b@`tXt1v_9`jO(^DGt z0IvEBTAi4ofxBtke^d|t@Vu-U&07V?QdRwOeX?kLPIkpRzmWF>ESvzU`-*%=L?L3vR43Za`NT+o?TNaRKK zcoclM)(Z^cX)ClSd-&*4?~JDhd|F#tDhkFQ!|{tNy^7)M+~e!M$`6bbMm#^#-DTBf5TBXf+&x&88}{aP ziM3?paRkt|P-uYyu|1wb_@^Ic?|OaGs^w-67C3k3dk!X7TFnbQsmJq&0#?PuWcOe4 ztN-+H9KzL!FzE`|{~~X$>=e3-_S5|KlwzaUl2<@CbO}`)Azs1cxsVOo}+Y({g0Qd+)TVQDb>K=OQ?&qeoP^xwypTiKH)fMc*&`%&j%N%hDs>zId0!DUABL93MaESR9v(V5(43(_+78e&QQkR|Q%5Q|g z#i1_a?g#IvU}NK>*axGR%L3GprO*(L6CcnWD64jR^k_@$?1F*x^U4K-3Py%{xUi`; zyCp-uJBZIhXT6~O>m+^ttPk;vx zu@zCFQQf{S(ebGlDUZEP5hgtT?5#Ei0zPx-aJ)3ZDY7w7AXFopn!S;$nWc3#H2aPw z%S9VifoI%$pZxEWF|TD>uO=#wi#VECE*PZj3ryLKM(AgeU|X`VZ?>R;6sx1y(RMxQ z{aL#u$Qd*zXn^6o>MSM}J3)Rr)G}a*PU|R;AAiyD8((;?W8crFVk%jR2r$Tk-ClwrHOZ zm@5xH@=Bep%>10B#P$cLAUL`a3}Ymxo8_ONJ_fSI1JtlJ>h8raA&5Fj7hnx;DzH=2ZrZ|LS z)6?F4Gh44DTdPP$!^jNS-jEVA04pe`!BwV!bsse9BX#+)GNv*e@`wK=*MA;HILE{# z6OcHEItFo|w(GHJu$rsDPrIU_!9-3GqQR}a)?IcOuw!nRJ~uWqIPi+#;mhViw$uGDeAEy9h0U??y!hdvGE`VroD1} zY`Qn%;t`Ygp}K=ln5B^dj>YTBP(vc7bj*86;4<91&L<;nXutF1k(y&Lh+18PR z7QS0D-Pn)72CBw%e^8_dm2PEP(rs$5ds zw>ce#C2Q%$#2)!!6Myw_eBw}Wa^&#gSn1-fd@BQ|9fpP~Vz#1@u1kUlunIMH`QG2M zh)1hhNzZ$aHz$0AGMp!umEZWKzkB1cPmxCw5;DL05&(F#v7p|eu%JK(2K~;BWu{e` ztq2h(R>fb73s%N-FP+3)T%Pd(eV@z0m-5IAtn~sSo2zPSY9KTvrPoUe?pVrt=^fuG zl7AgVyEPrVCRHNY7s7kb8;H@XP&+ln9PBb7KX&I6W_RM_MYfwA11o#p08mwAkCZJX z$}=Ie16LX~v6Ll<=Xb9G_-V)BDwFSEjxgfEL0%mR^ZAHx0*XSguMQPnmPe4GX-8W3s+DK90tn zoSbZiBI=fwQyHfFlV#O!V}{!NO2gorM62=OMdV~;&z2_JKXNj+SFzd(k$ZWu-hOR- zF5lt%xS>w`#g%1oTU!Hl$4#r zyi%}e7ZdRe49t1f)#VYIb{&pSK{D?;d@ zJE^pr0TlJ#U@I%8Ix}PP^ZA{RXq%Z$Yp2md$Txm$Y`2>9pG_OnZ7^eqajx>B7)m77 z^irE~Vj&M<0ASvkPO2SgI+w}D+S+n%?9FEDvmW>5Gn>OGSXNfnVGS{5Ik^RTiv7t+ zz31tHqvYo&f8X(+{-zW6ER?tPwzrc4_ncQDwFAeD<9&s!n?c8k?rmRj;&C>{;CpdQ z>||jZ%N1%;f;{K>oLyMd^VsQc1`$Fb+HEju7xzzoMw~%n>izx8q5Jlow7o8VNj|RN zAFumwkw%`yzOWx*6ICvCaduj$|2R~slq+sES>gLunh5#nOEu8%VyN=`YWK0yb0}}f z+q2q_K>|EbOM5%M)^MQe?yLxZ8*!Nd1V@J7*LZPwt5II&aZd zs9pQ8!BuCC=}SXXvol^HcQuFzgtG{_OPzqEx5JL*ifrOb`)Yz~c0oP1VQ6_{ZiG%N@IRFh`rA+j@1 z@FaY_+@PP@N?+Plo`At(8y$zV)-=!u1qI#1w5jXj_Yh92;k zUE95XmOHy7l(w3T)`wy2J1DERxEYgdV*Kr8u7VK>U{5OEoJmtBPGAY9sG)XbELrXy zj+s<8K|B-L?Z{kP*Tc&z6>O!W$w9)7HtS(PFGfxd01)M`UDtQ@f-?w2uKoSg@QphQ zwj$5gpHxNvk$zst(ZXqQ-806-RoZDyZKdiHH^tL<>#^3yPYd6%FKp^IlpHJU79=Q` zFdqukm^+BttPcq~I&Iq??#=5Ztg1GRE%^f*XKSsMm(S0T7Awnz|d!Fq`n^L zM^F&{&3qaZHNHyzFo7)P_??uSr5~hwB-g_P>@WA+pY*UBOKgoRe82=LM?e*Q_bJ|6 z*khZm($OOZUL#q_wb||xT}OZ)?^xM< zDYO!j&;g=wyT<6k9-@&kb(1}!<@_ac7FaqNDsJVbK6@IjN(pTwn(CRf&RzpRn)Tt4 zW~C;<5P%aj7`n+5ZF|98@&RR0`;!}Xwg_TMqB!786bbZvTece1cpY()tu%*`GMIe( z6ZTu*$(@qT6i40RU@wa-X56PJB|f05y0$e!A_{3iNVbSVSMKDvxAb=T8xCOPS}X*U z52qwLHT688CP$N!_1V`#$}vIp&nNRA0_01EI&omlOGP}f)0Y|%kGHoF-sAie=4-la zF#V}eNMptDvO>P0Ng)!^$bzo5X~8)fEa21y7Ay{{ky=o;=kiQ+4-^tT?_w_C|9H#a z8~0KKF%3xQhlCfNX**{N9R7&T$e?q5bhY9YG!Ugyg>qU+-bp1sr71p=mGmWoZrb2x z$Z?UPl{c$>J`vY=sbO%PQN+0IUq@A{z=zIrq{1=nBJcKe>c?gVb9=<8%VHN43dTfT z9DLoE&oxpX76R063|e?v3ZD*z9Q?@{?WP3B<-dpY;*O4vrhP^H+v92k6@iqLa8n6x z7l2c_UeNWZsxv!5cdYCE2NLr!s|^?l8Ly^PAts$dWqh$~pW^($mx=4^n%k>MdBe+3 z=Z&L~PX6Pvk%j0p@lwVf6z4@a5He4s)i6Fjev!mIJ3Bj-hUKdc%whih>OR4Jv}|H( z>ctTXo{HQVCm~HIGZTn8S$3-5V47@;u1BJE?}Z`(+VsPrq17QDA4a)&Fy6qk4XK-5 znWKM}0$ChrL~D09#dq(lda{Pvm0y+qrpL43+spBo*xo;SShSW&rXyJ433@h%J0q*44kY0EvvjX3ft)2LKY$HnWvb^{;;+ZtM`E1*3W+;|?Yw zE+fNP-vA;`6O_91mqBIA^4di_%r$p^a&R!Y5}|ivo9@p`|LFxk%mVb}LoUMA)z!2+ zhn2^y>-f$>#4JRbmXr!|0ZBnTAZ#W%#N{m7%=-9f6mkKp8;R9u{jG!POx2n6$lIrG&D3MJETP^ps_#sP}jcrUHJ%pQj9esXmE#F0gcVg#A&754lJ&w z);$YjHyWFoPTW=tiMX_cfsh`Pz?GrCewlB!WzC|^_f3XjV>AMNaq;p>K)*v*R~IkT z(H}ntJT!V2epSr$L#qB!h+;t4hQu`46g-vv+mn_+1OG*p2|?v0j{T`FvKnO@O1_|f z%V%w2lt4oS0$jESdXsw^?m67EFjuei$u|lSrwagf2nVZmS2d>?Ab}1LfE5UI>24?I zCW`z-z#uo=ifhR&c>h>@Fx}%hKTz&Mh-56{5U}Fvb4NhMRBi)sG%h5e91yg z0%CP0WRJvY6k)U#s7Dd3YG&p|E-IZ*O5ObCDc8+8qzM>dIz)*mD=FD_Odj-;!bvwh zzlV>bdHGm$guMK$dp4-jqJleb@3x(3M-x?D3UTJxC1T{iKBs`hnH&p2fq5g*#5!%s zDu^kKf)_xO;JU)CTXotsq-9L43JORU-ETe**WVwU!6*0hg2F=G-U92n%^HfqLR(>y z#Hx{NapX6WG%FGLi`rln7xy-H_mbQz)Vj?QE@C~lh#nak!6+UIu#VBhUyk(sVbA%Z z|I&a$n`z02ht`w54V9nTbHtIGdzY#MvP$Sk0j=!J=RHv$M*ccNP{et?^~Fif=(spK zxKuzNWTL=+bm$57l;3_AJWSrLmQfi=8gmenN&dWdlz&a!U}J%e1y=_Xv1peA7j{Uw-&f+vwA>T|NPdRT9 zdgL_2bOeaN0@Q_r>c*9-Z{nnX(k)il>&i`cmK^}vYC(P+laJn%2%-7v7l2czl9n1f zT8>#S9ifv?kwr9MK*nvmBz&x||0Dyo$eHs3&Nk~^?-4R)4dI|r7r@6tT&Sn%9$0hH zB0LH|OyI76fS#Zys4E>{K9HvE-a^}txh{*Q$-Q}JoJq7bG(0E}rSp#zb#=XWR*9fK zjDxYyr7wd6@aiBzTVMc2J`q~|>!95>5l<^%;573u$AbQ~5=oTSs)BoOZ*PXhP*q2^ ziIUS$e}rdUcXv!i{uNyG;_KVM;V=KD%UjSaD7LB%`a%vG^*Oq z;J`cSFKGP!Kmf%GoCrzHt*xy_Fjrw=VNmRsGu1)dzf--CVZT8IdAuj8Y@mF9J{KM7 zdOt2lUlA}$4YMk5Jwwn&HMQj@};byzs>EJgbE}X`xWosrnT8rnPRGlzILtb4;)-9H}|G%5j!~dFsOW}3( zM7gT6^0UOm#GsH6Pt?x%*6Ql=&BY}Gaa8}li->?auDCgDX}2g*>6;xyxvrTXCLq{R zT1|q~l}A7t4@HTj+Oe{(%17K7-WbG0{37zWUm{9X&ZJmgU^OaL+tBcldfS3^+kQ>I z%_F_El)SOGca0(kX*9U+D;h(@%v|$Il^~pN`DT&Byy%IN;Ly<88E{m$6XoB1Q%G_O zc&M}^y~=bOSIfEyUwbbD@Hr5RLQI*Nnb~4xrZ>-Z$EC=2%_daPl}=Hqz4Yyq*8V`p z^mB-!-ip*jRVQgKE!$M0`<-|+`7V&h#Kfqq8k?K5%eJDYpQQOh7|_{wYGW^CN`vU! zlXO|`WYv@t&CSg|srd)z+81~SKlsdERZ^0cXWD9PR_Y9}4n`VT^+=V`?a_*A&zF|6 zSG&GEw;QgkChO%S92y$R0OOH7p+Hq4sgRbVy2fM+42K&Odb>Ak{w@2@7uJ5E|tfa=kBXhU_pVRq2d8`9U#Xw$tQAsews zvU16QbXi=qW}3k?u7SS(;Fk|iEtZ8h%#ZH>7kU?{@ZjO*_T!$s+p zewiG9-H-Iq{N5vUaDaFMW*8x{lp(8De!LV;O%k=EHr8e$-|~h56>HBa>D(_6FmduNDgFviq1z=U=uBC24S3|+_%@ZA|CkEeWuk-(xv8nB^yl{ zfwg+R^Z3UP$Wt6pq396i$|Db8XOT}m5S#c$x4mgQ zTT#0yD`(4b@dBC1#`~IEVIKytE#35UNPAwq+t;S=FNDElf44{oX`h!>GUpCXt)XxA z*1b^*_mTTZz-@i>5wRgM$;XBtZ}Rt|#2m7$YXhVP{azs}BOw>MzigeE^W$XW)-!!{ z%uoV(h!Ba%o>>`eT&~+%#`?5<>syr_gXyly54A8Ld4)b)8EK(OvA&pL#{R?rz*`At_L<+?uOCuS1=O$gv|;m)|Npxy5L^{5!lurLB~tDcKYh2J zpHIWjPh1MwZ4lo-?JJD%g6gx`o70&7(%&xxMD2D0ex8ln#r1pP{WuK%(y(_<2F4Qq z?&n#+bb-F|IsRX0FQPS0P^>mAC@1(YP7U(&EAVsHhdg_xy}vJhn0WP+`pl8j`Nsx= R_QC(IUy%||y{z@{{{W)V! z+2!H7(x=?}_vkOO?F!c2B@z5cpECUDm7_Wn(Ek8vb-g|MuW$GUmk>pWQU451b)x^X~U z*HMvuD{O?iM*fxcS+PW%c3rxB59?x3T--IdXQUIy4Ov)Tjs-uni;K}YIXR1;jcDIt zZ+CI>9dQZf4^WVkYqp=7ntIVVm5Q7{jW*y7^i5vwh0ywX>{JCu)o7Yz8s6{DGlk~wqcV}AbG)lJk*3kw5l>we2I zio5>mQ;RZjn&Y2$iL4v)5zF8u_R*4u{RijbFA%>jAi1h=6?e_E>>b1wRL@KJGL2V+tqWkuEx_s3En_?qmq4|l%gWR zU6sLyg2UlmU0wHbmqN$Q>4D|7yj=loV;omIw05A;cFu=`^vVw(B#sFQrBzmH&mVg? z{#DSjz92U%VoFAp)MI;NHNa{@S}vxe9C+Ol5)56ft+)Ps@6G)OxIBM}uBi_K zZeWFg`uO@@GPQzQE`JQns2}5Ki7}vFYu>f;>XdQAg_YC$@FhklQoqevMNH8XVr^i? zmsr--I-8-3mnX`}$>sU4P2czMXxT+XXw&ZY&?`TEI@cg`=D3yR3wRKM`KmwdIeid@ zhE_Z}M#y_Y4_n{#^)sfAIS{oe=(x*>HMMk1tPn`*?v}6ZoaXiQ611~g0B5i=$ zYW28X>RjsyVy~p48>@(4^-&}qVP|Kv+qd7rL-B(x#3#hG75V&AEQe9WFg7j;3UJ`Q z?|1aisi@TMHmx|=i{HHG&1UoZK=Y$X0jt%IYed(any{zjf7u1H66R zCtX8Bw;qw8?Zwlc?MFEb-QC@Lj$+f(Pc7`jsont(Rq{8oKF4w(J<`7`Q1e%=O^JL@ zuSyLs+7q2+TYh>qzT3>wUMXMjO90Sd^ugeq7Seq;_t>}QQZ&Cq`Be+>&;%hF{+=s9$Ok0ay1Ng! z%bnimAVg4yUb*(}+-aBARFU}jc@$m4hq+}9e5)*TyP!=(KwC{xHAa#g;4-D?DCfeM^SihREgUUtxc_mff^j10T zc7qRFUaq;Y3+LLIUOGKpKk*^MJ_6+oe;scX{RS@m z8pIDLv-g<=+5@+fCfasS*QiU$M}oht?fPnttR{xG5b1dbLI`m$l~|9^KfiN-;zI=# z6&BXacV|v)*C*B~c=*eDZ8rR#Iul;0!}RONKXceMG;XJ*WvjGk-0>9lY)gKl3^nQM z>2bM3$1)s<^8N0|T5ayR+_lPPQ9Tl=a&MF2-551@hZV)Di;(!gVt9LF9Xl zlg!8JqS*&-7hk+`#fsJ*YFL|mwDa!r(2p0bGm?po2J>7P`*IDoF~rHqK-M4X*vAeY z%Ks!cH#d$)=zL9lul5ns%EB|>GV2Z3B^A{dxv&3?(lnFz<(lu3geD#brq}vs$j81_ zhSmWw7vvBDRs!|lFEbG_;}9igk93$^wE)N?s?4_* z0G`J`NkGs8AJei=%KJ4+coM7L<`J;eOBNPewygjsSPO*Ut${a;*gn%c+-9NaekF%Hu zfXw#X6lWhRFDtt{Tm}c?R9X29!wdgFIZt}U?+y@o^;eTbP9LAbONKUXOxvx~DS*}t z{qRo9KO5LGldp)na^;UN_n{E6RJxZ1>(={T3?QT7_Wu5(jfo0znxcL>9u?HNFF83e z(sE1n{b7Hdrkxw$0dH^pWK_))HJ3j_w@M$~0YKoQfq?&yv5qIua#7>MNU+k;M117+IDzg*caMe3TKQ|+$L3tv7YRpDwcYg?+w z1Rt9ytSYC&jr2?B~xXEwgSNu(BsRY8Cjn-|UVSTRmew zi>#u|k1V7Q94juo1cmncx^2$jHtF|=I*wr&=-z!-vtLPd)!??5#A z9BGrchC4Sa7ELGdNamqb4)w_eC&U3n?!yMJvZuC`vEd1`>ySvTrR93oW2+>7C?~XfIC{Io;Y9b!csvT_C!xnnFVG-qG zK@vGQ`bw4?VhmX8ia_8-KH1R1xz>bC+^%t3g8U(3SKWJ$c?1_H$SFDBb*@;5etLJL!e0qK-!&qRa&`SGPJ0Adwre|pB9MC35gC2Xnripc6ubQ__#n6(N}c~_f;tYTfEFukiLIzPUzr+ zdaK&Hvh@4+9~}KD!%M&E?k@L2AT{t&I>avxCwbDSn-^ z3N}!9`uxK_KE|3`ui@+IJxXLGmmbA# z42fYekbyWQy+4>ggfKrJ30~OSVcX)h)pV3RC%Ubwe??VH9fDmeC?6+LG0ntc!I0dh znepgD`y+M>wnX|Dq+j$lve8=alJRUd<|X^SWVDsz4~nFutPErD^f2Sggl?6G5tw13 zW6!@^4h$0S_&}0agkWNJOo55U3DR3_l^%~TaW(|xsb%!ylxi{rxmDv=-)~qSw3cp& zghDGQ4euy(JiHzyPuIsdmJUHvDo#wdBnv0am()zO%Ev8u1fJ6(6w-K?YAO$dBs~_{t#0MJgwpQ6IEhiVz84FQc=zzdGD6&I?-#-_T=>$40C#%30UH|!z`OGFF)!Rq*jjHxw zfmA9|t|NfDCkEoT@|9WmkIxBO)fm9EPbJ8{6SAVMj+8Q1ddXwI^+_?xrWz;KY)kSa zmQlpb(zW235l3&@0cyQ#y$HyD#?KDB&7WP1v-Jv)btux~3ra+EEb|;`5T`xy?;M{! z$vrNG3vwh!Mn4?R?s2$-M{}ZA}NS^lXUcD?(bU77M(Mexr4%p zhcnv)Bee>Zqallk*`n?w-}2(6l<%r;#%rI&QBXG<+8<3c(B-#p4H{L6@$m-pkMU&b zxho8FHP-Xdzq<@hw5f99g6Lb6AspijNVOlitHiu#gI4m$sYe;4VSJ6GDem1~4+Tzi zzZCxHp*o9Nr&igx?giEQU~VWhc*S9ubPJ|i+-A28lgFLy@pw2p9CH*Df>W3vQ`+b| zd|fkHYgi}*U-;wnnKKO&!S#ukCK7torj4lvTosI&*5zo;Wrkhb)^h{z2?adbx2s#V zzA_Gb$4)fZ@vz@ZrG zc@L+;O3CescNv??<9*cvF6SL+b-4kFi6rW0XSag)$TCrUd#_(3>PDx(^GDzku4u?48J*_#`RljNItr&fQx@o^ct7 zQ3`xYw1_|KxoopPiUV`&n3M=y_okKQJ@U0Nvj49k*B98sAJYnC2Fr7nQ~gF)5+^`& z?VgpEA49#rn!99#dW}T5Ql!$4f>e-F7gN_+{wL9WkoJrwSq?aBl2V|&jr zG3@N`EFl`RP%bOG%@?G)?5@9q_QxH8BYX8IT~l$}TJEb9$_(zuiJZ!*7o}yU&uJAU!lI{3sS%9L zr&&*t5+_nGbTY{0s+a8O2@f0iiz^oo2^!>7Xl)Nd>|TWSm_OeVgTOs|l(zB}97Jqx z59H@{p6acefo!(;IoEEL(iVE1Ax3)3t%2ho{U*O!O~^nhPIALDCi<#LQE}V9-ddBl z*00tV>rwc77}PkNWNMJB0cwgv6}m9jnwKe#dM6ngNC=t@9hu|mT^0&4MXq!=j)<97 zmY&6~H!l?Aef3`#gm_=c8g6S7vLz5oZT+oLV>mnEh4bg@aHzE{`zZb_MifLt6HAF% zDA-R7rKjqAKEE7938hS1l#qMglFn=Y^P-CO6^R}zU0;%Nv0H#_go-&+U(^L|zam6J z9qf-XsDrBOz9X2kuC}(@y@Uv;{cWH!Op>c=-8xTI@68#>z=e){9wII_X6Dn&h)t5f0l4DDitgcMyX+~$m+_Y#{b8@KPsAb2 zKT&6iPiN|@0@Lf^CE5ZaB6j^H7i8@fWstW%0j%4hlWSW*hnZf!L>n+&ibjSWe>U zILm9NrH~*@+*0LT*S=A|j`PD?drsvpw_+v6ozQ+Rq_*038yo%KnQ0x#H}gTtA);^@ zQbGJwx`c(^?JjH1`}{*rK;e!0LpS4%!%v9l)!1y!Dyy3}XE|{~ltXYb9_57o?1sz1iv_0k2QgS$L)PFH0fRqg+7-bW2;4K98KFK7$A|*o;y15AIk)$wawe6JeduQTgryOi%ssVUg)J&QOMYd zNww|op(}Z4iU%oeJ63b?ec<>jF+Vq2ZZ7@o0?}S=_3+dR0fR*M#9)cvFANa)zcZQy zb0en{NF#Y)_31~YM1`6DM)K`2g{AMOqv=vJF1+HO95>2awdEJYx5*6hj5T=^Ti>h0 z2$p?M&&6Xu;6BxD=sOOI(=Zh?g%q;b&};VY&Xr$LrZG0lfv4>4@^nBV^8Agp32ni9 z_Ly1MGdNOjm30D-kqPbT6ozbW?Cu|$BS;DVkfvUG%ma_n%sM~p_SKCV-#bhWQ<_WK zJADmv#EQ}T^mHHxYVu`g0TC7O+Zn1y@o5Q1GYTmiB60O@nW`H-=Y`$mx)eC^aY?;= ztXB)~OW7lpI58Tzy{g6chJP&_E3TP`Cr$KFQ~#7*AZ!0cEsLsR-j1^NYBDaSNk>k8 zK51ro`xpa{qp2myh#1OQ^NFGH)|LM*cBO0?G3XtXo;bp@a?t=Cp@IT&+Frv&vD2JX z0v@L>it=*(B@@Q#L$NkA3qmWmW1(7r)au)340Q0*&20Z^74QM9~Rb2u1X%XLCtAzz1&7Rj#Ft)H~azo5&B!Pb4keZ?;xU4KG ziuCQboSE@*_H6n-Uuz)q|6FUCbI;DKHleraGyF6GNfcsk8%#Z+qp?M`={EKix?50rH*(6^d1Z#6t&Bx9!<;&&)BoLD#anxuI|>wM zmDIlbJ5VeqQ?cl75Ms)t2=jgRiW=-N1vUCJzu7-le$DlalTX)UQ^;z?6Pp0ucCsJsK{osH#K#jHwxj;VC~pABcYcgy>pT*fP0UAS4cu5o$%Y)Mp=~2Ffh;{H)}u!Y#Ph*L6%SfIK zq~GLroB1CXAS>Nnvr3Rl?)2#heZkfk^H_Uf2i$6LHdaMEMxESMogZ%90}F8KrL4#B zqt|0!75qeQ1$yOG zLM(?130-5g*#pLRX+J?8ZrsLinAyLLv(54P-8hU`?xKX_N~KBXIC1!jxfO&MqY?zD zMjJ5@BSVWzc&ai~%`cOg)e^3B5xHU|hO#LvhTr=|s>%aSS_{)W-=euh9C<`v2`7l5 z1Lo!`e^Ic0GZ;F=Ax+ zAuKiZ8Jh9Sc%_S5W*oD6c41cY4wp=Z$+iQfp=hNl z)2+BHK^%pHeI7nmTCPWV6=yFD!ESF~<_-D;^Sz8KnH#x`=Ti#2>i!8|-Zh3xOOt8Q zalWz$L0^LLZ9isLp6GJojfQPgVzVX~pbzj7o2OoUuEfCDLPuvkwWLNhr$X)>V?i&m z@HrUimaacJG{J%EE1N*#4N?PFKY&(;u`O~Tt>5-*EO)EcSy9w@{0L0qGGpX=FF!7j z61rHHi^COy0D(m$3&&{}$fo*j7d@QcO-?$jU)h6o1Eq0GPcfykA ze(-4#1`p^|zSX#jUQx!0;Y;U9l+oIZy58Ihl^bMYl^N#;{G*veo>Or0#7@0eZDogwGiBw-yB#6#N@<;h2tj-6LyXnt1!R3fe0&{*zELg-f6oArz$N8(-0ggE zoo#Hv2wxvY-TeY;%$(3tRp78W*4!@~dJN!zx0K~pLQ9bE&=@zUoV6vf8xxx2IpL{< z-r;l40XDt@dCP?4nw7rjy3ZT*&J6q^x1L@oFW2H?pBdlwtiE6k21m}KG~1ch#Rd5j z_GhTAeLA@kE|_|xcWC_)X?}PnV&Zr+y(vm&+yNJ;kJI9r$NXI0GiItW|M-h@W3TzW1hu!O0^tlDE0RC)-$IH4%=V~?@EY3VITZ9 z8XS%#Vm5zoD!F^Pqm~=3pdz1mZPhe8T2uX&i?c8e$|G?#(?q?vRz+> zj*rKpCiKB%L*uxDJT<5g;X}gOael~nPX(p12(Q+**G&t{8fM+k-5RusRIRNxt?ba$ zfj=`9$s`1>e=glDF*V?t#xm>0_n`&&w$nOx^3px?BofICByP+zk1L0=Nc!a)9&4~@(SH&2_SE}~F9z-v|&|2p` zJeuT(I|dHGH*AVm7YLelY5c-?da-3geoU`3$$~@Z2j(Pt&KNOI!c04x~Z`Rak2a!*&}G15witWUMWcK7i&1hx9t*V@EtN-wCT#4;z;AS{z^ReE?6`ashI zYK%F8VN8~fe~?P7>kTS|4-XEO0>ukz5MaoZ*p{5qsniT)`3xCh`)=m7lR!NasdLML z$@d!q5}4e08M0vXk%q4TfMsVtEl)5J2{PS;u|nW=<-8{7|>d zu|4{CQbBDf`||B5M7~B*G9V~>fyY7P zKeDUm2U8O-49pb;1k!!W%>?T*_*}Vc5k9_kpm&{O4}pI(ElT&8H*OvzoU^+o^x_G? z*lYNxOc+Xf;eBfB%y9!3^O+4Mz7tr|RA%;>^M2eh!qv$Ix({168m-;D`5H>Ko@K*n zE-1*z#k}o2b&pr?lgGxO>#6kFuHm(zRcL9|ML$p2?1DmBqEv=Gc|s9i_|~cE7*X>F(0`t?-Ze z4{Tp2#K&EY0&P|$Xx%4f3(<4@Mbx;P)zC4r_EyIi+XY>P`Nda>HJ@P+CG5s4kU=>x zgcKckB%_97KFZ3iIg3lBfxlCQZa$8tXw0l==13obx$+lLVPqJ zJ{TJt1Ny9DC0QNJS}?7KOj^Mc!4QQq zcXPfSSc!Hpe;7!&TU%SQoD7T=UPz`#<&s5rsoCCy3j?oCb=8EG)wR7qwHEtf`pxfd zCx10FkB>9nFkTs$H_i(fo>slqgZD&Qh8BSNs$FnGLi!t}uV>`doEdL45gyl)&dYtv z%w)1@KxcX>S)+=OlfSZqHqCR+PvR&90#R5}QlFWNJ%-Ss+#T}5dz;zW37Os2IH6L? z$$Zy+`ML?H@HZN#<#AfCwwd4f0v26wx*C;>>T7_5kxz9wnHI zd$Kp}36sV1|B3oIn40E`(@6V8#-fl87OXR->I!uM8|Mj8L_}m|z%93SqE#*qGeo>R zxz=r#ka?u@yZ{*52fvVS>uwiycW?G2?Ts3LylH;-*AsRnkD<~pS=aEi7mZJdCr_Rn zv`ZJKUB(A)usrq*Hj{n+gczDbOgir#$&@xZCs5Hc$Nky2cPnXrQwf*AquUh#14PN? z+Sk}MlK};nmSg}7o1Xng(v`!b>|=(EK*vy)&C9WCFR(6&efXXp0VWYc%Hh^gNaf0l z-&2{#6C2~oRBV`zRQCk%@N9evi)yT;7R92bjhC19I9OO520wpEkWU3e#JCYpRal;K z2AfF(Oo{-kQxGwF4sXvVr9Oi?SPOM`Pe@)hG93FR7Xi#O?bd&oOHO0Se>?}2*77}w z|6?5rq5S>*VSGV`Tqm{X&>T#%Agg1d_m|nZ?3k37k7;R=%*-ld$wV8A*x6e@6WNS~gIM5Op%Z+df92@sD20bw!<7}xJ9FEdNa;!Y2utBIZ;S%CHD zUtix9SYE{>`9vO;8UK)xSRaFc2>n2DnOF+YkMUn-`sD%U5EaZAGK7D?gex4cHl=8) zo-#>(1Ahw0MYC3_lu2n$f(Ppq6t+ttAUGgCS-4%Q;h zQ->w*ibS3Oq^(;;o`KM zkcu4;Z}~%+eq|4|-99oRnrW3A+nl6YZ=tFs+Gyz>4W#}$ek$^#C7_jqL-g#jvlD6W z$v+8No_tWT5>qAum~MLeDs)svMg|-L5LL`>+;~~(3+JpNT>VXDS@(~1+nLdHo(m5s zD}YRz_n`aRm(0v4nIQVbto}B>&2J9?y}e&96r5ue9^9)>Y*vEbFiu8R=_q-Q*D&Kb z;2*7rjW#wm7MKv}dw*r91MZw1>j(Jx?7(Hvv;CAq1hnd*p=5ZNLwTM~&X3JMw+cS! z{FjP)x98J!V1m&u|DmE9OHe#Ld-ihQz3OhTLI7^qpzw7+*MZXdB&ogC~&|1E5Q`Q&Q+i$;ssJ131ma`;K){x9dN>8*}Li&}t* zKoACu^I@FKJc|df&hslHevT7Dqh{`6-S-?-*}3jeuqk7`Id(#TkLtM=s8D}MAuBpR z-*$4%;=t$6oa916i_ig=x6-4Vg!z+l)IlLQSoCQNd=A8oVSbMUDGApW$X;o+^kR&R3v z>n>P{ncNcK!3qir5r;+!O@$R<7p}cgl;Hja5|rWmE?kKOh3yO{B;7+M>Lkl~HO=Tf z?1&CL90r5M#R#clx4*%n%SCMk6l5I)Po8u(GkX!2Z(BRN>-#YvUj7JOD?=ne00yR} zRs9`U=P40 zx2~>Eb{}RNHCJT3(x#kSI}hgp-ga#2@ZlFSna`x&*SgZzJJV6UM7Fzw?L6QQ|)5(!xLf9#O~z-PZEudy1gfdW1r zm=y{$O&K#kf(0S_JZwamnIL<5di?wi?6fvJ-uc06>#~+#=J)P?>->2N@ZA!EZk$^% zW8$Jn^Y>C^l=crHZZ{>_r@(_u?M9_clKTe#1zerVZGRif z^WqYeMdb>qz*SAwkNEE{N!#~)VW#MGMU(^|eq4u z{7Purr^$`SF7x~jx6klHs$d*bhr|_inM)$pGvxJbA#H8D%7XM|!Wz^#n%(<>6UxFs zAONFyr)vLh;%PRA*#6l8N@M};2$85wvLUhf{!(7rVQ< zUc;3=+}xrL3*Ek}Kb-Joa7cKg*}c7MNOVa=q`kZSkoL(f9$sqt8K8wb2c+jtN95aH zne>`c%K3Ku)Xj|dNQ-MJ*AEw*ngQ_kIMVO_P^o9X8&LZT4V<8T=zd~g`Ol2deHS@( zk_`ERZY^^QvhE*jd(7U$5EQJ)IJe!nxpWX97`6`$31??#_sdi!R;}eCw3q+b&q>qN zpH00Bc+E|l?2&T%BKq~R#6*;-&DjP6IoKCAt`8d*q{#dz(|;)-X@B|lEfTCOEaFeE z+xvYUMUHis?563mk8-;K{PL~*C!BSK2TL5D6}qRuHV6(!^^H;pnHU@#lw_aeW-JSZ ziFH)jJ?z>`n@z7zD@yae++$&3CYqS+-}l_M(cltJmn%1eh~z5HFd>9~M~*=Q^$DSv z&k*XK(N`V1;iCoW@DMS&>ifg2qp3XE@0GeJu%5L{2*oYzfg})K|FWT)!jNYyVGo2W zxYytMlU}c^w3N(pLQeEKO&%Xy;KEcbhyFz3al8iqV1LSULN0meHUb2|VpZS-NUhII z_lJ5AG`ar3G<~xMtr;VGhgSMJ{3b&!kg8W8tvd6M)mNsg1=qa`@38rT^`uuw{Bz_O zVQ$gA8oV%1aW>cx<4)QMDNG|+gngKOG|D6Ml7U{MWpAyi2l~O~9JFTd-R2~iZ{H>jb$A%^HTKbU_%Gn!>Zbpj`um6i%tTyV^JT=5%w5GASp?o?Qqp7lhsYtae^R76MGJL$Eq5*KHc;6%~ey)@}e)Z$Gk6Nd?Eo&D~7v(vUKJ_7{KOHDI6?*W< zwSV;}zq(XZcVGx0+H3PsX2gcyrfkd^;VU?xnxQ{u1;J_Q$cL;Kmw$zDO_why#Qlv| zxGnhQ_aD3GJ29TeKU>(@#)c(8{1E3P?3Z9UJ~0(_ow?j>P%P1KS_6pSK`-u8tcd)7eGF-p={e3YuPfLAi;8I#2B*Y19qtKzO#TSercfqlwu4qQ zvjf8nvkQpF8-%Ms?p7B@cF?K?K~J#;99e(gvX>-NZ8h$1cjkGQKuV_F$KP2Pv;h*V zJnW;hGqwFI08a0Cy)%Xxa?MIU3;fr6SoD|YC&_1 zoaaacM{MEeuZch3a{}zem3d`n-n4Eyx;eElQHI3C<>V}_l=Xmdd%;;=h(TkxZM{I z8fEC}-3pg%kTbsF(=rVc+4Z9Dg=jhAl@J#YlIoi*ZKQXi6kR3m#VnZ$4`OYF_XDB* zKrdt05yq^eLZ(d*axQ*heuc;3T`=I72rJg~`Tx4(!Qdr$XfF@;@_ECf1}A}k+#LL{ zgK+?eW}w7zxAGevtzR8>T+#%dg+TA{49A19c4P3T3Lj(4u9`7}e7CQ3*#9|-|L+|@ zM9ks_Z97~kwLf~S%6xxp?OJ*){NREVanHYceyZ#{(aAr-#}EC*R~G94U)kP^KOL^? z3CvosUgyh`9i3?(cSTvcyuG!BVCMPr7ww#k3Jc-)j#+HlUOVP+xFDme?n(cvyZE=S z>b}4He29_)5@LDqP96Yg!h5y0#=rSdHZAhLe)!>V_}bU(*ffFGh-yJF4fT7<8Epwn zs=chBX9tVC0Gt)>ayze5E60oDm+4hqG>h?0@2-1mxFn{0DsC`sE#;!)Cnf+|7rD8k z#PRdlK|hcFEy|R3D`=Iq+IQRCxN#5^2#&&~t%a5E>i@7^`UoQ2PlRS^1x`}Lvl(}@ve z%K;^))zSm7d;hX+$pCh#!|90~l|`J3p+9+H0kW1ku)e6HzNq;j*F)nS1^b0w|1iG# z{s>6sQJz*^I}69(*hB+8Er!-djh>dJ7sOffhbz2O`CA0v1qe$aA?5l`1}~3)emP8; zhV#~@hfV9*;XyS-8QnDG{lBe$7mIa)hCMJ7Y`gU3i1YJhlofZ={ePVC-djm`x0@pL zz2pQX6!~_6Q5^DIj5tj+Pkjf~@R0|>*bj(*DIaxgkZf z=zI{PsX7dFGcGuav)`ap5@eby3v?^QX}a@CJJ@1Bay|G0u@Y>6Zeh6~rh=U!LArm8 z&vWi_VASqz?-)_yRK|HWd_&3Wtdg9Vy^{-$Fm^6I@`ZnxH%>4=gCBvjjgc+!o2;iq zke%0gej(s+13WchJvip=-@o%EFTXm#XKF#oe_|5DZ;++J8L;?%X zU^)d5YI5G&9ek-CC=ta@-0B1``2IIDSfif4W}UXcxp)f{EW>~;9GrI=lzr#P!{1nj z$3MR?)7as``^>8<`rJV_A3o*H)Ch~mzb*?(j@tY~^UPja8|V@8W|w5{pw+Tl8l3p? zn{+VG{>jM{gI?0-n=C(F*U=5YF9aJnZ(TY_?R`UtOxA0~vptAGHY(5zmH_0z3~?qS4%1O=}}TbN4YcQ>lA4* zs@tc)gk_wz)*1zf20Vj%=#v?cm|WCUre}A&Ro(hrXIOTuh#e)bUNmkd73on9YsEky zCTe4p>=C11+x24T;|X#O0^TmI5hsljYRn8pHpAAaEjG7rA1iQajSQS#Is}+SG3x~P zxGIWrtCnQCNlIDwAaj&V-@wJbGSOhNG)fG^9H;}ml1sG^hoDX0h2fMdgdgM)$|96u zSV68t9})9oP!Tg-5@OV(B#+1>81|%nz})9IN=^Z`;9t*%KT^E@BJyf#z_6cAJh0q> zF>MP3mlEX`wV&;f`531R9eZe+5yO1ert~ zCVgTq0|PdtGI3z2#lTcj_vhwUFgUiaTsU~S&-|hR|3w4g((fK$i()kfG`@*=XePsb zO3M}tV|%*4WoO$gWEEs@Wv4x`c=Uub^4T*k>7?h1LA`4f&C@SVB!|43OrG4ZwUVDx zCwt>D)QulSj0$gaGfjP$kqr*sSa4-nZ8RBgI&7zEStyw3}-eE*NxkW>{#~PaA()_~Twc$0m+p9LQ zMj~7|S@px}R*OSNFObKU+UR3?8iFvg(x%T_`}#Dj{&S-3K}kc8;!At%TX;c~qRl=% z!(xa6wi@ihS$LBVds>2Wt$*`in5hRZqZ7jrws9|VZc0&B4WchNsOT5F=F&FH7RI-! zV$X2HK{hFZ+$T91ZBKbG0=m)DBomLDxQ*h$@k|Hp1$oj8vs50h&M3gxoC z{mzMMKum7EqorRUXnbbZ^G>#F>!Q_jrQ1N!hBripO zNs$rMqol(Nh?ja1+XC{oN5ExcvA>@78mXRh>&a4E|DIc;$02e=DriPCwB*X++~c4X zetieUFS|_JK|RWJ$f)vT%@|=}%u)4HW9?S0g{)b?rg~W3e10X$Vf)N7WpJrI%`i?w zB?eqC*JF=dT3_q6N6L-(LvN!<1x_EcvSdXPL&6*aHm7bC`?wx!5IuMQdL{BI4G(N` zeR?TxqOO)5LUq-UKZ*wgpWkd_uO6ekoVJVeohY(9%L)^?uEoIJD398U38n@di_p|E6=%#`$wFucx#zLzGJ8(d`Z+ z`J5D)ql_W%*4oEKJ&|!b??kL@gZ$n5uph)xch7kYMFBRYh>-g^*_470Qc6imPM025 ztkkuCHP7(r>-tK#m|=3#RqQ3<)sM)?sJrFvB{3euWh!dSjh$<$TI!Y7SZHhNTxmQt z-*0975;a*JIb4p2+nb9Mg;j1^W|fST<@LKH8CXN{B3?bZF=v@ltQ3u{C=qqvz6q2M0{(j z)2!J&%0SgJ-3;} z`t_a-j03S?7F=mpnW3B{jylzZ-gL&r8LJNa#QVS0-TD>_PyHNr$e0tp(HXe zp_JvZE!_4=o>$O1$m(p`*FSmnB4W@Kf0xCg-kA=s+HHgVHZY)e_BDny41VZm;k0Gh6BazYllBbN{@x!p2mH`4UlZdZyzeY14 zn^)Xt=_~bOack)HiBihPs1AqZ-&)LgKjgF4yb>2K77605O2D?IM~}Iw_Tiaiq&sosaaFlT)&jAE3X;0ZJN5sKsES-d_ z#pIUDZ~H72DftltGS|-^eHDU{y7q=ob=XgTEAZeqd3pI99!IIMd9m$LYTo8_QhllC z#CR4V5K`P9ut1qoK);AJ^qn_r!)}j82fJd!0pOe+`ss7;Eq7Lmvo+{W| z<>2+_vnK)15ardT=q|-#}>{QmPeFC6!VT9`*_$t}4h{ld_W6kKa zjXveAg~?Ya(nG_X;?z&ssWQ#F0^hdT_)vWFWW>3$lvN zb>HiAO`hSzH1eU+54ax)V=T{Q82VfL)5ZlMrj4a*E#>2@GC6;<-8x`elcG=Dne52V zr>tRejA22oT2iS#UICi4Tr@p%pcT-%?lN}of2O}*=R~Z={O^EP>w~w%K$%_E(qMY( zF+IaAH$p-`tSbm!rHVW3J<}3nh^%};8x zKX<#;;{#i@S4MY}>kY*M`5ov3y`2sh)ku9#^E_2zk4E*B9%N=Sv1{Wzo*MRqct!3C z@7eQF0&Y1}f>QobmR*IdZbD8ir`PAdg&AwBEy z9;T4i^PHGy_gR{=z~ybyqQolGfrIB zd3e8CH8U67r?enfa*?r3e=u{+LmLD$DFA%7Q-cyhnxO!PhNGus;627wZ4*-0zVP%h z6xss4Pn0x4Qf5xLh4Cik)@S1%#|K*Rsaw87eiO#7x`8S19_uOmi))Vb8Ujj6 zBYs;!8lMSm?UM2jTJ6NtnVZt3Dh~ureWx|NI$6?hWoenNw=n4ncG>nWVZ2GaPEBu= ziY5rynPop>Fh>U?Wl?G`kug=aaJN7I^PKzUmD#`&JA^R~Hx8z6EQ8m^w)mQ@=ahvfb*Ur+x9>Ua?8TfXM1{)r8z=NAQSw{v4~wP}HkSW{hl0Y|;Z2~q z3hR|I-+>>TAhE1=QCc(2ZEC#hUp$rEbd8x=E+<47p~>X|i31>1O)%jJJqN4k<>f>Q z<_J{kx$Tw>(i`E-+6ixAWRucH3%*O77K)?0YmxdG-FwF3G`8Nn(MI}a;kLh7#vhI^ zQXT3QoHgOPN=g}$hTN@5-{?sk^1zb72E(eIQ}9O9C|Ddh#gi_j8c$vxM#ihZR4(nE zA;-3&T*4{sn==`B)$<@W207UJtkil=#aq?XRfqS+I;ew)SB0K@VOV=f$eka*)uTGm zR*k(O#fhnS%{C7!-zZ+k1a7TI5K?__FMh9{4ItxRi=(`R=%X7wjaT@#JAsq9f&EHa z_CJ3V)NNYMdb3L8syKkmY>R)a((BOn zf838?RrHB}L`~GEx^CUD6TxdQb!k9H$HEy05O{A>X3%kU)bKyXB}pKM(w)|t4eMGJ zO5b0Zxo`ZG2*r4NfRkj-H4~WFGH3WYpU&E*SWeklo;WD=-k}im^jqjS2SiKLL}RXo zGOovwefG*_KfnbF$}?y8;Rhrrljk>{@~WR>h8eZRHvI+NN|3TW7d`9iuSlgH zaiEP$=`Dj83DKf1`jPq>=@LuWKb*bmB-H3!;pQ8X>$T+I*w&;xgP*n1&?<`nmm zVNol4xJ5FuMIF@t<*I&NLhoSXH4!V#us}^Lxa+4Qsl6aDe{Yo(baB=xHl{X8upU%R zFGeg={l9(tHa=-?^8c{+=J8PW?f>wVD3T~ek)?=ANcL@LBNcKfLMXD7WkU90Qc77X zl_W;VQucMSPRWvFiR{eSmn>s97&Fgty6^kj~+o_Ft`;yoxba4t;jvWs=Mby}MnY0yWPl3Z&gZ)4d8 z^4lyzxb;<(!%-_Klul#9n{Wt|T+;gXs1jec zmVOo8<33QjL=4du^p*=(UwnO7LLzl(FA>7VXWhU3%Gs)`<8W(^d`(l3j@$%J5~lj< z{l3?ZK@O&e8mnjr<0HbRt+9xu^Q!vWR<~b&aA2&6qb>@wG;T>3qb+g}X-hI8wHaIvT3!kB)%*bPbn>sN7koL9e2_MKnvk?1LX ziIqyrsT~061w$01%yC{3sQ)bDuIl|{_BgOT@HK;QYaEPBfSG2;rkA z=g&`EwBi6BoJIB1g|>(We~*h3kiez>ZURfV&#UH8RF(P?(F{(-`5mFJihls{UJu!M zliUvBf8%_99LXNfNUiUA+SM`gmLIJjy-Shkbvo9kY$ZRl8vH;AyA;Kw)V8Kji5AEW zc9i0eac)rOpR7$r)AYB9+o1=)Kg)Jpp7ok49J#$Z|4j&^p%un=#jXy{OIWIKz6qkj zAHl&&;9so1KV2Aj>(-FU9f%&K9*T^mCkRz@>#IGZ?fRY+<7`Tf!(4q0CA)_midQz! z-QD>M$|KB+AB~feG<3Z?k1~^9@Wq_)K<2m|S||3(*-ruitL0>>j`Z`cfhZ|+9?&Ld z9|??GoM;6K+#iyO-i78*jUl8gx0;Dz!NF2v`wRV1l->vPiz}NpuT+!4*@Ff8zOc)r zF3PLnwTuWT`p(T;Gxk7t(xkMl^}%yts&g@!$L_7a&q^&PJI}GSCA7@<-_hOMaj!G+ zM4zy!?00jp93zK98Hi{m?EKnX21S7`V~t71F${MP2fP9c|5%sp8y?Sv2~s&z*FFKI zwsX|}C_*TQV)t&)mnJ zXt->dER3Noo!bD^RC6&FeR0~98d+<9@$cyqvh;6oHTkuC;fCC$;-OyKBhf7B-ElZlc{&jb4+#o5Yz zkq^gDBAQW8{K4Q?A#EGJZFwGC{v5RnD##NIp3~$)X+KS3JR)N@wFJoKLR~t{F9u+s zpVSZ}m9hb#iTx{(V{Us1;1dGw0|HK(!qds1j=@`weui5wfM4>^yQf(Vuq$%=8s3*t zNeW+Tgio{dpen&;#CO1d*CovzWcVP28(ZNcPCc6th+(`FBKoSHPmGIRa|cq~yJx=* zo_BXVNMVzLZVlrf{~`{*u7`B%RG|BXsh%h{XV~-wcp$|DsZM)t_&xg^_;_SZ$^VUa z`o|v7U1p`LeycaZaL_EGkX&ij{f+EAVeA43UowW4 z=Mzv~&1&ddkzf1a9T@&>qZD#ZXZf8Fu$3-o4EjVgFN42}^b#-te`$!)OF_U1=?Ge< zh-f6jxa3@+x#{7px66U8a}ez#O98C+#TAIW^G-!89gyLsvRt*Cs+wqW93&>2Iy8D zX}ng;Z=Ymie$8Jskkv>pOUX0aZM;3WKki$?2eQJiTfG?uzdxP`QkC6D#T^OFDO{q6J)y-Zh*W%BZ5=5ZT5b~ zs3bw>9RjXx?Tae$ak;F&GS26e>e$|vfXQucwcjC)TtdwOxfagZ~UibHWhfZ+EgiAIhy4mXNLibyh z-7gnHr4ppWpQFr%?^>)obj=E+B!*P%pnnTBQ0>b`Mp`5Fu?ZhOhysmG6Yi&B-oa%o zJ12vBhFm6LedbmmqQekBT%E6QQRe(==k@$Jrn26+cppl?KI8;QPy-}1nH=SDieUv- zdHdzfmOfr}4=)hVjeO@ret4bDlQ@4Kl+V>;IMwW5OBZ~c`1Ta{eD0Lr4u|kpzyzpi zF8;)G#t-(pY=AslxwQ8}e@fhZTbjq^vgK%lg1$cYs*Ds9F7~M|< zS5YN{i_xzayf!0nj`$k@bx7U-BI@wffZ;8Dsa0!Aw~1w{seZgKJwh^8)ysagKa3FM zsU6Y#c{}{(rLh&u(0a4jnE#z$ftUY%>@f>$FWV`R)9INUP^=yGi??N8G3Hn3RmwEV zq|{P1B}J6uH?R9A`%YgikE=(a{cT@3d3nXo zT(BrS{z;s4b=AbBvU6u*kCE?b%!rfJ<0ki*z3~l2eORJP3b7EHU$@DLvl2$Lzgc&@WiufccAXr^;WJxX5wfZYOyv_WYjS8# zX`jR@*4W8suMhNO1p}h@^afZ0cc*E(-JfQkBFP(FZm7N8P!mSpqiR{&nJsafr=mP) z>B%1XIer1N%dN6SQ>*Q_M`YJ8CLe@kp2$Kw27O$>{XO=2T>dokgo9RRjeMm@gE0mL zGi<2>F?CMUW1?pd{hItTVyueW1hTOwGr|6mF`n8VKi=fS4g=e4?+xHIzi$nAwWHj4 z0;Bt4zNe_(D6)$bnVgd6FgXI()FvPQ6+8P}7=wDtFAoZ!z$A;J9Jh#7k|Fvp^{B9< z5$aX4JEr?&?r74}V24e^n;)7CY6fE7NX&1z11;~6GP2*>S{Rv)c{F}Lcb{BqtB#`` zi(STmHIjMWAgf=eijDZhTVH#-?0rt$FLzRP4xa-u6Ve%?>AJewY+YT+k1l=b{LulL zYYqRi@Es1BQs8XNG9cB^dVRgg9Y?;-8h;fX@?Lph@ zh40V8GDKKO9~Aa(fM#_t5_x9%=BbEJBMr9}6^cU3lvFsnCH=5{2|<;!h1|JusdEav zXU2+FZ>pDl+?)x0U#0n{r{CL-HGN(p`VL4039M7=1kqgbdS6@ z!#j`71KJ~)A6+8DV|)eLtTvd1$0F~IGc9z@JH6n|(heTS_Lakl1igplaXKpSFJ@k@ z5x8nJ_+f=*%$eKA8MS3x!cX-PmB{>;3p;esNX|jRe98A<@cH7Z924n^_u}Do{^9TY z&yglCKU-7P-S0h_-&Q44y`LKvcR80R_+$9Ipho2rDxj)>qAxdS_q#)V?+ks@W~-lq zz8`We{VVrm_Y`zh6?8fC!~c(MS_)S!U|YRy750c5vA#sF@pQ_PY(s0ubTZnPK(>si z2<6nc#$wayY6>!%!EO=wb$h-mkTRI zc%2ZN+_(mx@TLXMVDN8I3zVeoR4AVed=#yqbvhu$vvW-E0jBUI*0b}70?}(g#qiL{ zrD{RnV|vtjPb(-OKx4?bvO|M<l>AnaSpGl%o|eUK3dhDO;|v^a&_2ZcgH_v%KLCv_yISeGD`IRE%8gIJ(mSH5-~l z+9I^`rL}WJ|J3Q25?cjn(RWLLm5}B5hJdXsFf)~-ZFn?aFd1qcu}1{`CbB8h4>AF1On8|*xF)`;uOI1_Nx2b-9Abp)L({Te8dH*QaJ=;1@*T}e6O)k z9qj)+5S}XFxxB}?!nt^oM?|3~Pua#R2%LF76WxC$+ROUKiz{c0b`(OLm1O_@X}f#S zFOJ*W%2n+**?OFVN*5BgOf5y27#Q+Fh2Roe1%qPdK?h|wF!Dz_P3 zhkh0Wb-`!#1^FdDjik56f3BWR=^l6`*0aU(a;wNuk20~~Vovi(s>6xvGyRn_gOU1L z5rXPgqmA!eYN1AcBS?@BDVgcTs+{eAfiW^PW1NtZa@gGYKi5Io4krM0>#-$` z;@v7I3*g@NAU@3&L%9)~xI^_i zebmULqj&cHv_sQAGQ*JWO-xQlvyx6yK2U6OtE>9$^vs~~hg_1PzMUqdEx5qmVzABU zR~%c8YAtC@YdRKI^2pdX#(y4uzLF)GeQoj$C z==+w1Px;YBM|P-8f0?&kfI+Te`U!#3TV?dCn-Db+;L<)0nal=@^9|sK@Z9wMRf3+ zk4tAN#PP|Qv?IYyU$>s=X#AG&c{QtrQxU212wV~_Tv%&)!tH<#YTy#xM5%kksgDk6 zSlk)dVDw`Hc3POsYzoKLF&O-YC3}7iTb&c#Pz`Z_^>XKrrue4ImzC+dafK~3QXmf+bE)X-3r=4^=m+;9Wp7Al{A`UD-h!DJ{E z0rw+cH2iReDHn?1lY$VHG5FiP^sRl7$1$!FcU&bf0LG3JpN1&Zi?+}rU%yCH2Zl;Wc8 z209k5$DRU2+3bEK4n%&l=J~vM;UN^;cX5)PziUa}80+BW-bdJyy;oY~l>ro7Q}iOL zYNxMr$5989z%OsM-DH}o(TM!w>$>U-(D0SWz}^ez&o|-pgL)&~S^C;8lQu$17{Yq< z)KtwRS!XYb`(8uf0QAZNdp<}C-x(oThV087!GHOgs;8WV##8#GL`-cYL%6;_)D+u} zV=J{|nyH~9$jT)J%1!f=lxw3K8JM%*8SwJkw2m-pF4vV6wVWHIiDIX&CLWQQ3R^Nw ztT5o`2sSUcO1RRR!x|vJ=X>{j9NRbXuS+knCva`}aAE43KO5QUXKxU2u~D7d-;)~? z;u=%J!kko3QF5j)rAi*3`(!AX)Aju-Iz28u=ha!(!M}yMeE_)?$MysHA&k^Q-3F$M z^Im`Xp-3oZDXV;~+kJ|ujYz+Skwd$%*U@V7{ECb#eyut;zjt{3R`UW|+I}DOvA=L8 zmaq|2<%R|08XRBA!rX86ww+0N*Ivc3Qp$*1q??@CS~JGE>qhoaR)A#DqZ+nBQ{k9K zUq6R! zt%UxI`kD65CHr8t>ILWDv=s}p%6mj}H?>?)_Drziv_&l&hOaP^qD@}BUj93JW+_>0 z@UHPH`Lm9r+Gk6>5xIQ<7$_JuEbaIh0so5OuZ%Zm6TLxMrO6&JO6zNxuF;*gr2MQp zH9h&~Zu`Xos1X!$u(qS0m|W92jiy=ir?Q4SWlw)=l)0t(y5KCPwLA(yzcE8rB; zY@FZmX#+H5P=~$FQl;x7ZSh)39rXsUl&U^IWwFzY(^9p7ufW4-fa74J1yqB(9PB1H zFs+MxEi*B0#-&7lAmO!)gFi+N>vCE0qmBdlngw5JvHOz%zvAjGn|&)+Hv8`R8Mpg< z{2}-iv%lNA8J6&RUj634^mvS*K1pSK+WgH-fiY_y7X0xd$y$|h{x|r=!^h!MOb)MI z%@DSpmKw?Rk|)ED67K@FZ1KPi_ec=Ws|NfJ4Y`jFi<6YipZ3vum^bN75^R1+^tU(D1!Hz!Icve2v})cu?1MYuD$I8aA1k*yvlpmG1p} zZ{pxf5RXOvX_*bZm4L~0gDbk%mU`KmuE7b$aYRUv zr^(J?DqX>$x!E&`_Q43Zf`yEc0;ybolO*q^^}?W?RN9i zUcJ#z##+II8U{@sih@%t{4K}30Z#%p!j@HSr95VaS}~SwM0TE8Xh82Fl#R{Y<$(^v zb)Ur3fVlB|tk5O8k#E&3+g76FtwkLmL^jQaQ@UTtq@X=dQZP=hie`Z^3WYX(w;{49 zzz-e=!MV&4EY9QozUakNOfRe?Vm(AK+Nx}eU6;YWBn9u=K!F``d0Ux6Uj44H@l=bg zm$Mz`upaMwaNBNAV8f=YBb~^gP_c7n-3F$!0S%O@DK=5|wX<}fw%Exi`69gVW6Mz?UyII=&4C(Owjh}qEA=T4mxqW*2>`uG=1s8T7x<&C3JV{Y-imYVU1i$vz zn-6C;Vub?AdA|pCg@gq67Y9x5{#TWroj~$v%mFQy9Cz^8$d_$mGT^^2Efq`_%rV@} ztGNHZ{%7Vs0Y0WMq_22jL*|It^pY_5ZRsOY!G@efne*p^jf>w1Q*S@nKH3WpCP4kG zeM3xNnzd|HX=cm)$@{6%qc6^~qCRSIl@0k=4R3rt39;PXVo%v}#ru{b%koaY@Hh%9 zCr?t+K5n0gN1iQjrhsvL3q;P1u1pd^z53Lq9R{s|T$sOK3S(*)s(wzMhU4^`|0Ts} zlDZx&&7KkFw$gXLM_)XdkWeDG8q+Il2Ej+9?NJdlc;dMN`E47D>krEXs2red#z)NN z=+$-JUkAPY4nWlQQm)g+)OLvZMBhSA({sx3rY`Lf+ef{T+gSR{GW2bog+OeR2@xI} zs0e}B9x+At`gq^c*-xN*{7Njj8}?~uprr^(+Vd~CpF0|Fnr$dNv{w$GKkQYlbg^t# zII5Cq0xAOI*F!5d|D}pJ2|r~^^OPFjT|I%=?_oJ{azSb+(d9QP;k`rD z?Ar{fb*OAUQt9$&zihUl02M^{^7OR!l={)4D}xHmxXV(kB-b@rw^hJZqJ{kO*f;d1 zMqJ;Se@m#q-mE3QJv|a`LihCx4zQB8)#aTz33i0{?&|Ihd6-61pnIkIZFL*W?BsylDzlzJ>cP7OXdE{x8>ROJ+P_R z<48y*#v^33CH(?>`aIzl+zUw6S%4AKvX|rXMlD?)*tZUdylNMI|Cd$-YE5hjo~ef; zPA~1eD<3`Z!MCf3iD|~Kv8V07uW@tf*{@{n@rS+KP##*uR!!Wg0~K%k+0ez{ z4+=Lv{xWYe*Wb~WR5>`7Yu5A8%_O<~c0#^2GS0^K9l;zwP1h6)B$mEcD=S(3KHBx; z0Of<;Ns42!%{6TZ2FWS0cr=4Lo0s)PHnWsFf-vvFo|&^U7HRf&X`i~U>)4OUd? zZbaR~zPTikZ3mv>n4+h>BYxDoG-imr$MS>h1b}WrP2|%LA-K=fv4`gw^dW#Vts<=5 z=w8CL%{faWwI_pBXMxJIXT6PM?n86QH=vUX(+0m&AEQOLFz?Dc457ym-fI)W1*jSM zg29wJ;M6Y4H+6bgA$#g<&Y*x+8m}rk+ux!!=`f&7^n|%p$Q}7^`?H#pWa2%$9`$m= z=J^6uP9v%9@HXY6kw+11*}Av;pI_?|7gJ`*vcDQ-g5TTB!TVOS(sFM@pei`Qv)e=( z|1d>=@y>KMx1tLu)`W0j?nBD+M;nMP5I)rF9EMU1M%uF`z4g_WAvNUs`jK7h$IP*H zp=O+KkM=#yan|2#U&(no+ecd#6~EeffMHaz`*QRlKyWQTml`TF`V)G+!NqY;SVB_g zGBRGWce)Jrp7U3Oc9bJjC`&wDxv6?FXXt9%zKX~01TgtX^OUi)Fe|}FMC5-K(Elw& z;R^v5@5t8nIh}BzaZ8|en}m-<4<$K!9|h`_Vlz)806P- z0aXwP#WI}ue18H4Pj9d8DaavNsh;JO`tJgBeSF3sMq`?Y_^l*om^1Ee0Kl$3hglJRU>K zYQ;>Qjzn+-?V}6^Hkv0{VIEYdvDm>e%Y*FYLCw2bhB-S~wzBjol%s7b(jVoO9+&Mw zno6DU{-5%zBZpzc_5STBt1cvu;%JoAVZg*76_~}tPjvx;v6Nx9;|W~-CmKC; z%#X%QJDdH5ODUA*HR*~8?~o>8>K9Z`e-*Z@UAVc%l6EoFcc9d(e+chToz_gyj^!WV z_c7rrQ;$RW{uyPGzYtY9ZfI9EPW~BsL>84X)NbEXmc44keGNIqL>&EySD zx$tAVq4D)41Aed+8kC>>E>zxvFoK$zlx>~K>mBET{0jOG#e&%M#YCH0;}1#EBW_(B zAYVHkEG|dxyl+v*9aB2jOLr;mAqAxQ>S}Rlb`)X)T=W~ zKk9##=BTaN;iZOtrN2K`aZKV&@jxrx^pHbMyR1EzQMWl zMkpWZFm1NCozgqNl23+r%7<+-W`f>@i@7(aY-*!2Pk7!+?r(SeZYtwbQS|HM2c-tD_Hm}DotK3R*Vbss;#yZ0 znntg+9@)YLc*2IpzNWoD1&~loYuc7wNHPfsfyd~v`;fCpKUO%x82Ub-fQQn?j;?Bd(%gJP zq3gQlgp%u>`IL$7R-2)gmGpgqnG@G|*i%1^Ptd=YYFCDK%nkI>^=|(@%Z17e53_=Z z3TzGW7q}|`L~t|e=2}>9mOrk^^3&qfe=r?)g~fGWpk*>P;`36?j62Uqi=tyZS6V8v z+*c~fa2-m5SeNsNnS3Q_wlgM!q~Rfyf08;$w+O=%S6@t?8~+a$AmtZ;XH-jJsOvts zumg8>!kmCWg7j*ol`(cgVKR#|btFW_Z@46{9&C8MdYPDf} zY$OK#*(g*n+hTrVr6!$vrRBo9r3s0&ORDeUp&m% zhLnJU-IS#e!~Tw$=B8cYM9-Mfu7vlJwKc2xF?@jym5)@S+=FME^kmQmS479{<`A&Z zO#lly!PW*+t3Z~28RVBEzCphkBPP;}VMPQxMO|_j>r@Tj|CZ*($7>$~l|3IIK-n)( zhUmW&)GA%lx%3nmLFv5kk5P^Bn1*Rnpbr~Oz$!n_fFY&|(Z}zAPTmJ2j1z+MYD7%wa_(GR% zO8=*YW6DdtwLC@8;dfzgx>CqT}Fz3XzG$umqD%q|v`RnI6knkdwt1FgUyf zEqNKBi`gF%^;@nly_-{@NDtTUyBhZXg7>W{ zaYYf(OjDR8E_--gw+kV$>(Z5QVr(Bvz%c7IU(%e6FY&#W$v7fF4jkDn~~ z8p3frHM*-IpG+0GG*T>=+HbdaW{<6`sbYlwf>_!M1pKf~b`L%SUUuBajIquFw3W{} zKg5o9=wyGey;b`1C0MrxH2zsvuUjJ?^rjjzptJ6EIs1Pa(RTxFG$a#pTju}p^+>4x ztKxD`^8(lrd|uWvJJJ$|2*{r?jcvUepKaFHvxQJqBDM}KvjtzSxVcV30Cs?sozCyF zWi0AX(T{(Jd=I%~y+dM#qzo@h+}WX3Q+7!uQID~wF})mLhI|X@{h%1Kd?Y{%PELSx zW7p&H<0s^w!9j6;BCn_#i&LsUGd^{1o>r8N))8R~6y?%9cOa1G_N7a~_kE<#9@!Qc zAHTbj>G2kc`@&Z7Y|>6K!t&=~M8kUN7DrMfjR@{2YuQfD*`q|NY0Cwr zoV`ATyuBrlYsk73w}LW-ZwWvaQ8Aq4QVCz?M=Zm}$v(%{GW|R|)T#(hd->PJe`zO} z&)_VxykL-OD#L@n@$*dggAx@B)@OC^O7{Bw&VROZ8S&k;P`^)`dL!?+6pwEyZAj zsVT+$oQulgsbTcH)c?*%U0`3x(c32w0V5mWJb75}BHPUZ5vlz1L0+0;k|v-uqzY|J zGXWUB=V;+RS{A)ip>&!$DOqX0SjEuS4xa9%iQ84-Xv>#%6jx~i zRh0?@TCeVMM6QoWBP=F!E$HIOGB~NFIyJ`H2bz1>u6Ye;3@j9eoHw26gzV&*ul}(y zzJJ*(4A{MqRFX%RA3Wz&j5i~_9N~jTX;;4nXb!W)#mI|itkj;i`8e0xgAWdCHP1Z; zm`_a^W|)i)mI+gadx0ZeqLU@QT{1Q%wFjAlk7T(DTPT&i&KW+~s0uGYT=p(n1mojCsPkNmJyk86Cu{Nvd4xQ6;(>AE57oY6BY0kD>OId+oy+E}H9ECxf86J>6&tgLQ_R5!E|D6! z)>amE>5gO|J(g2Y&^mqkG+!|9Bk4z3%B=GcnwO1u#Qh9{b44+PUkY$$6Akz-`WFsU z7po{eTo=p#U<=3jZ_iN7+xA>F7}XqL zmg$Ps#%Y@D+}~lz8zwvkJlZz^ zj!#bq*u{B^ZQ&GrJ5^#y@V~VeRd|4yKCP^_z2NOWkn_*HQwR2e)oHM|e!&2wHsu8% z#4XD(-g$X>AMjt>&Q?tKeUrEn?v7mj`0Y%YWh=Lj-E!8W{}h73C%$#U^OY4Je0kJY z(k^BrfGLr$ag8#Z`PhpCCOb;f>=ki~hUZlGyixDF(?NeD&C>urp4V$D<1$!c$vNUC zkaaL^Z8aH7Qj-eY-wi^!xzvTGazaD(6RUx1OyyTF5Erbn&8JQ1nu;40l&^B^*_fo!iG#k+sZTd-$%1>J!<%Ea0v=X z%23^DF!|<$KMKN2eXkpwh7cpM%t$hT1N#0(QyDm3*}vjdSifb`&KxrJ8k%PhQ!qutbfox#uP6$`aIXoBrp$K`lRLf6w|8W}XP=g^C#)>mw2js;s{Sn64 z9iSNfObhHo$ae80f9;8at_*}oT5zGrJ-juDpP%0v1~X;+sbbkgpYc6vBQm&^yCsxz zc9+UMgmC%Rs|md$N0p~(TLmAB{$48w;^f!AtgV6s#H!k}t-H>jzds7x)fU&hEBC;t z^K?#>52YF<`0Wu#h!BSEYhziQ%Thd$(|{6sZ0^}5S?1OM;{8NlT5dx)Kbqh zVc)@D+5>MKGM*p=lWS)~mk4A(nOjX?e>FBe$>u`tELtzit9 z=ERh^y_|Q~eYE7DIk!UaVCr)mkdTvShB7hoWplCUYE>d_QSfDxO0|!OcGbOr&DJ$A zui81$kqr#{?e1;n{U0*@Bv)Xe$WS-$wdv;9Gt^MZ@U3JU)V-2BedS7XKXdyFH0a8Y zfM`EKD=c`QtZfBQhBn7kaVp>ZyNEQ!Tvp8d=j&g<75qM(FHqnAS>K%H>s@5;24AbW zI>iuQnuk7hO^AMO)ob)!q;LGxvtx)wC{(>&ix?UURW#`#&@k~Hwb{R(7W|K~J76*s zx0QQ}Gn0N?8#|7Xc`z*zG=|Iu17*FN=(~Z_V!FY=MfoX7ueGhr<8SI**=j#!AUp)9 zJyV^~ZL~!^GG5&7)}Y=@hLUdCWRJ^{g|O)w+|~#UnwMiihpkhkphtV(uitp|HA*h7 z^><-@G%HZW+|yhHEzND?-eYqC44c{7C60f7+W7ZOiLB*IqRgb=OEt$a+9xT<9*8N} zTVe0)9ImUdk9VLdY&^>@_TgBB`V{4EID5T@w4Xn$aTse8i*bBTjPq|$U#ikdPzcto zj({QcxQIg+c#<_7)88zY-gE(qZKxJFGv}Kvv^R8}OjEso-W;1mD6^KpCY;e*9s%sHGDJiMlHpZ#{ z`332a@r+_A=i&u@fj4jG7b2};7<*(0d^mBrFM^O$td)i$4? zNe0Gm8aV>2w)XjQ!%Zyy`v#@uVLQ2Ke2Ov*Eb-Pjl#ErZ`$0BGGH?&O{87|1Nq4n7 zNof%Dy;ee78FyK>iArh^+cXNI2v!=HM^}yLQ81!6h9d<0z4rTz4pKUGEMd)$pMumX zJ-a4-*7CKh6`vK+K7nH(OpzFhY>~m&D~X6*Y(Ehz&88!CV)>~Tuub=utpXLN{;*mf zG#NgJDTc$Ej}PZg5q0)r>);4*Z|4T&q&270@o++m|L6(zv`f5&&1 zD|ytdQ<1QbPFdCH|C5@Dgo>U%vqrqojJ)+k2iznlx$}8Z1n{6LjmB^8 z8ZI6PSM7g+e#?g}hH%WSYjq;gI~t@yYk^voG9amlXCXv>p>x)&$|$X+nhMzc%uOqDtdJ~!cPrFeaBh3 zQyWvlkImU@$^q)p(s)RISQm@|S^!U)0u$zG{1YJ>`JcV?Jxvbw-LkBfpoCO zc5jXIF|2V(p2K+$o49nrsvn>ZHZNLg@e5a3;T~HVp$)#3qDz~YbJ2KtE%!%R_?TeE zLd2_9iA!a2pK*a*nI(Td&GRx7m+L)~<~+n%vA-IyarMy?PV}{<3+Q0N@+-6cAPuU4 zj~hlCBKp3$2tg08lC??IiYJCiA5PAHz=`8#!<44l8>&#N6OpaY=f##E2C#99eMo}c zOM2Jb7g}!h;HVYiR!tus6x($EdEQN7?}*p!jO|<9m3XM zK0@G{8?Fx{V@A5hOng?xlAA4w?OqdAE=@X?7aVSt7GfiMJR^=6mO-w&Z~^_4-ijx1 z*QBqc!Xku|K*)0A{7=8RIwf+6TeBVJHh6@xf|Xl}`7pI($?umJ(geYLRDJ8ue^iFQ z0zPpcHsUIK4FODrYfzstuNBFYux5=c#xc}WE{rD@)X#jh4u4XoNIJ$NZL$mDRJgX( zHQqmjCG6Kw9(lW0*7l-`vBO_0)89BRKpAT}_cj*|-)7FM0cSkGt3fynB*6Kdrq7?w zS3o?YsJGnUw7_fOWw1`yP)c8RzW7#2#!qT&dFxV-^z&YK?RV2RyI~<1zqX+J<+pyV z(b)^F^umXJLzQ&jhEl8KSdU;sJ(^DxDs@X=WY^eI7yaIR)m*0ELaI}P_<|qxu}G68 z>*vvO_GU6KU!Y~4y@85dPMhdC!mM~cr=nDpIBbD|SX2yAOP!&08#Sd5mL-5)&i;_!3A}*) z?`3&qwn#1iAH4tNmzpy7rxRJf;t#%(-A*VHrtUGmwvU%OpL~l8Ls(l3izO{&>_BVl z-*%3*9y*-`%o%Iz*) zvViHu@l4WGbW0CUT=%FyY6PsHQwJ!_Xg1+AVILLKihbT#xd#$9LO7KAx&!Ccf4d7pf4gGk;%(*FnG2TTNMs`>ec@f*WGt;(>}IhMmsRmS81e1B}C4pH4;6u0VP>8!iGU!1Lf&+@`+? z(GJt@H0x%sd306oP@Q->wZNYo$EPjeeG>@+TBZ&}i?c;o`qX3=Q7x@n)`?60w`VY}&e?tJ;52c5<;5T<7xH#|h!I zGjCTT-K=u!6vlJ#TP`OVh+ma8NxMkN`elZaaXNlOjodIL{X6IooF4Wh%h~svVmKX8;0%R}k zE)|W{j)%{>gK5=f&U)A};jy}8jkyjbO8kTV*Vd?xj5t`2qVr`9(r7)jzy9!_QA7KG z3q3@-Y_E{|#5Con9ZEom))>^}YJ|Lp?^jp>2$?}n=krK<^}0QtABDw$-XjJ4%^hLW z`sxdJ9dl|vBlXcbs<)lUB$7?CGIbzj01N%gFC@W|IWC-*XF%4$+jdK^;vC<F@2*Wf9p+*XC4BYlgihvVN}IE6CESV$!llapQb{WynAPB;Nv_R6^IB zF$V^pmj|o*^n(#9Arm`Vyi*U7yL>n;Rt=1*P1pTry^-iPw_1=_d;iP~WmFsW++Vs- zX6=IIitEKP2}50O?&J*4J7 zdKB0;cKNl4+DvPRB%Q{^2(O=ZhZ0=B`?Ux{Or{>b{5yGIvrxPETFf?;6;Z8UT|eTJ<`0|jRE`B&Q9wSx-YxK5}HXZ8>~O%@<9G)9vzTL^;aXO+wz z{*&i`uKOOQN+=HTOKI&bgKb407O$M1Kq$U4{TCcuD1AYd6;HTD*zD=^cDz+Ro+N=N z3s;@cy#{6ceT2Cla#d4eZGZe`jkk{q=?j_I%9>=12(rKCeK#xi8`+;1wsd&#F_COz z(g!R#)pw7?dio>Dn#-&upGe7!252kSwUR?}pyfy!TRWOYD@zL!L+_q2wE2|8$X%MvdGaCsUbTj5dU z{)+n=u5 zVq5=Szf7&5Z3(`+<}IZIyYqn&0c=stPpe5NiwQ9H$GQvA#uGv$XpN9<Onx zVXou+RG_NvpaJ_9W)g(xO0ZW}YXxIyXvmkM;qv1JvZK_LG|`beFshF^!4XB84{HyO}$zR@u$swh9w-Z zJ`Tkvq)MI6i>nwgCKQQg6v57Pw=rN` zKkYmWNXrh4KAi0Kub!=0751%ZCU73XdzD>#?CtGSu3~v5O?S)M)ramB(W-#rPOydc zE@pkE-qS%lCVzG7_#uUjl1V4D1A9@Xn!&D4e<1d2iuZGs@E#YJ@gGZ!{*`G-D(I#D z*>W4VhE9;6vwO3o&(`Od>Q3ibLvEucEH9Rq)deBs_-Um$^ew zv(EJIa#{kfQ;Z%)+5rEQ4A*UY0W0YI(kHHC3-^Ok|u-wqB8)wO0| zJ_OGxLE60MA0861*e67gI&;pi`ts>h)6vS?wjIzEwuA3ecKAGLgfPKh$mrq`|fgaXKfaVAYfFYK5%^1Lpd_$U<7*LTB;O&n^wyirZX}iCKC&|QcUjFA4 zjq7_T$l3N^Oam{jfQ-_*c|Lo zE0S6nP_0xDi7K*);yV&*qX5F%fuNf_u$PU!;ah$zX|gb&06(FPX_vGI^!%Qt3A|11 z4<{L>f49~zty8CTW6T&xgwr4gBVR<`?|<+5fncMJ4kM698wjnWCGeH3yOC8FT#+Z0 zk=JvXbBg`v&}yCEPZppt|3`8D-#YMr6zBij$o~JOIGRVGW%WubG%=UPS8EZ&S4+aE zy^?;tPr`IK(Kpj!|L%p&Z6PZMVzjE$M5h!e{sw1`q8qbzt z=7w&{$i4jNB>B%KO0$aPJa7=8mOk41uguy3dZ{~?*AV^ETTOXVlaFl=$ngCMCpoZXKacoO!)0-**K|eh8 zTITTdI>Gk85qjU_z&0)VynpYA;2u(iJ~06Nx_mkQ>PgBV52eyj|A`G+&Gf~ZTw1>O zeAkp5{u}SvW>HXSFX$-(fu}H1yXzQ#5}bp?BJ4O=qwF7b)JNePuVrzf=IE z0(=xIGZs(&Uky}bAcm(XehUK%pvCM1oY<78n(T?N>Y{GlZ&^=du1DcYZMyGk=m!s> z^~m$fkMb2FHj&HHYX80Oqa5^$9rk@_7J|F4J>(R78_8;0>p#Z)v!%Vn6hH)Ns$q=e zG?r8EfBIA0^5mDChih>*sCqS(-}A`ma*|7sHc3*$xbf;bk~Q7|)GQ+`RQQrJ{D*6Z zS!O5vZfd&q9|l(Xytovfe3CNch6`oE3tYZqv)Pky;!luclQX7vjt~MGBZUc9_vc=C zP|c%8T;EMF3Lc&~Cj3+#er#gl%-Ifzwi=8yF0V77{=co`|MM>?DVi|g6p|dvCn=jD zk+N7+buzmO)W|9Jm1pYuGQy+7kjJGm(m3+pQ9Pp>oAT^F`nd~+eaE3}Zp zsmMY_Uxq0mZA38Ixo!`k!ov!h73?|5uP6iMI7_OkW&=Po8mSwJU}P??kHIjhfwDNL zZ2pOcb-Qbhn82fQB}-wq_cEP9{qel!%Lc0+vj>>A-g1<2DZXoRy0Y|8R=!H8^F$05Q9lpN!bgVbeb6)UL7-h`mFLPt%d~Higd+570^?jk|nKmlraW3->b$k+-0wSpC%QByStqFna{%-=51M209+j$RY z(P`Lseh9o9rzqXh_vMtOmomo-^WRS{w>S5>Kod14x`_;GBI|ih2no$zOY+1^8cx&T z?t^6+_MrKj5F03<&5D_1M97_V(sRtWSzlJ)`NV&H*{+X0rFGeeVYetg;7ZVg-Zz6q+y}t@AP{OTLa?9DdZ~FEqENaPs>qj}-DlImMlVP;$}p(Bv~uih%W{>&J|5E=?#) zOkc0TzGPdSS1k9x`y{(HJ6f*?3I$=qh&&GvV6&R=SS%e7WUPu15#x)a&;1Vq{A#1$ z8=ccO)4_k;aQl}&6ARe3e04&n$lCbiv=FGi?GE!-$pVB>du`SM>oG;)vQbg1Obe55 zzwb=1bDlr5zFe+n<#!>iU@9sqMex8}OYgc{Qw#JIbMKetP(f*}smFThKkKiEk+K>H zkY)8s0ik=EXLD2I0;mIuXycyO*$=?j+@G8{G5J+rG8f8=P#n6Uv9au#tlu;D^)-FT zo&k`AoG(fmd{}%nv4&04oPRvPk+>82{&jAzUgcu(Fk7_k8+7QE=X)yth&Fos-Fff>Z57 zb&M;HYDe8|ol0$IA3Mk$FS1DUtgyH5Ivi%ew3YRyO6E~0C~C8o*>}uTO{@$yelyK0 zK4GGkTDasg=&{+bE!W0E9Sb4J$;z0Z?A3Yv<+l*f4;&i*Tn=i!i-%+y>TArc@?#b1g!%QJ`yvv~b%e#0e{XsI_!XTVf;^H8YXSLk z?|fN8GCGv|Fk7m6{$JfSCM8%{^eKuL%&bji?GO%C}c2uC*{3!KJm9yTw+!@qCd<-iwe-pu^sfH_QFO(k47{nZ!m)_oaQi4FCTj$3 zmJ8jjI9?80ObB;4>D4&(h2(IKW%r631`8O8HNdQl$gVLBNMCW;-nQyH^ZJfG3v;zWep;6(ll&O#YPRI-uF3X2A||yF zxyx4WXif7Ws!WbepHNzWSA3$4cgC&%f=QWy^LWd+v$W`Z+l(_5B#qbJFNYfVXa$^e zoRXhUe9pR_AO$QI5p{DJ&0Mu(PK60chl@9nR-t)Db~h-s9>V2AgwDSvg1*!!X3$Eu z@!<5XY_B|h-THDLxz26sdG32%PH%7P9Zp~^u*qpY`VHFo*JkRK<1a5r&V4z^;?RZL zEp=Uo$(L2^=CxKjC@64W-zxq4FS(FmT-IP(Zx~fLABa{{+qKzL=$O3w-A+9PDk`dZa^8uJ zr0!J=2$;-q9zSb!f4xDV;PclVB0K#a;dY`r4V7+rdS7ixlLo zY$gil%iqZQK^15B;~(s zOnF5~d)i==1^$+zj3Jo+a;sed`4Pp!n;9S;Y~OxM8@U{4#SU83Z3OEXDxmx-2C`HZ z>h|=vmA6DXeKjQ{b70*4$H(_26d>3Uo^$EsMH|=UV#$NsO07U~f$}=fHSu zdSnPTxNal_z@g z`uh4Sy;1A_t(N&bO72DRD?e)iB96uCdlVhr`x2aEp(EDIP$@}UC)Jvr^HY6Trm3?! zamGo`ShvoffcgWwR?`Y4N$CHX%Kf4d0>OH1$IT(w8z77C)9P&~fFUX;Nm54sh9h6m z(i(QxdqxID}zon%m!r~Oj znp!N|?DB{bx3`2QkkimNBi5g56co@`9adrGzTE1t*ts6KY4euTJ&qr7Tg$!oT7Kzc zp+e!-{Up$AVABhUDbVlF-v&SK3WjX~Yd`jkM1c+!oNF-(x@KlJeA5Z~^=1P0s~8~d z?xdHpgnXzp6E0%Rr1QwZZXyA%&G@*qLug# zfHMQDBu(`8+1c}DM7;g}w#+TvVSHE?=wpKN234#!<69qUzLrNY8xZhQMTzp~>DHf~ zT{E=|EcM!&L)Hy_d1R1UVxj*Ay+%^;0XbuyD3%g;?B2$alY7)ZR+pe6@gJ*8!Uc?` z(jD{BbQ&cxl!_m0ZJ<*K;|+ka8`<@>)fm{~Hzv0b@#@P7oG+sL2c12di15f1)efMb z)jvD@(Gk$2CG~oz)V5MoIED%hDH)HR@%m$yimLBunJy{$3?@2tYn{WPVv_fKQm9c6 z8U|<;82FT|Je7-~$xZ^5KJVLbYeyuZ1UYxtEEM?RwGuF|*;%HXV<2@v0I}?)9f~2UZUjZWWUajRkhB99XD-i;J$5_1 ze*q$bGYaHIIiDjr{=44Hk4!g}E!`nYoU&=5$=YS4E??+HDJd75_1IX@yX2PXs#jB$ zm%VyC^m90?bs6@nY{xb6yO<9a3eiNZ*t@zGws!g9uJ0fz1Vl`bMatWP2#E3{YF2mj zG7Kl}4#v2QG*|6+5PoCd*+|<*pSxOW(!0iC9D4QB*oh0$cI{3Y7tl_V4vNf7U)!MEJ~fiWs({YY*7D(o0sAYyG8Hr(fJpo%*$Xn={+vqjS3K2l?n+IKFK5xZW5F z9T*TjI7^e1ce!`-PPt7&v<$W!w6N{3)^i|wS5 zxG8}!&qhhoA%9`elj#+LWZ!rKk+WuAQIfNS66RFG7%HYs69+3ii7zBTl%TZ>uCVX_ zzrz0+3KT~#e%>{3(N;OHpOIriw<(L~`&=e84bqv3)pi)Br0Kv(9vHONi2H@rm>Dv}ym?;`DM9X2 zuB?7y?3vpdX`u(f;&0y=P>dC)1fC>JFCxA*6}$z5=&M7o;9{l%CLPaCP{OnmR?6Q1 z_z7rOx9lR10U4lF^W&kzM2xBc=&0!8OqFZ=^(LITI!+j#DZp1f9x{aBx{xqI?*7P) z5I-gX#Lhg)dkcJ8%|lk_F%hXX>xr2L85*hi3KAq5xKIOus+*rS4sJ_-{OsM04C(Jt zga=Apb@h>f%Pj6knwZ5ncPvj>$lzbzY%(VJ3vb8@f+%v19s5}iLquvAUQV-~jyX;o{hi~$_i$U4_vJ{1^S+#@ zeO$Ic!2fMD~K+I=>~~>M{m!=pUv|`6dwV~buV?_4;2}BTD;Wozq3XG;JjoMut9;})91AW%L#~Ez*Gna)~hfT zq6*n=XBgGFv3T7HhNVNpMP3^zjo>R`d3dMSu;;lf=Jc|Mkwr=w%!2}(3aT! z9rrkJFk0Q7k2FeT8%zIC<`-lqz2fe2ebC;KaC9%oy_P{QE~0Km!|92!f+^wK;7-?W zA0gbS8QqEf_(`p2oL0v3V@)b8 z5!q@2*(Te`>0dxZc8;Tg$O&0Fq+joJQFn+AkBsEay2yKxQTx5QwhIAgFcw4)-zG_e zX+Wk>r{P}2YJlW_zMqOSh_aHUyu1aModB^1U6;q6Fp2{TFhUd#teQs64HuO_`rI(n zBW~v*&Vcg4G14eH4u>xz3=atx@I??KJ+0o5i6EBK-2cxv`f=-q&=S};LA#?vlxcXx zx9DW)+h@U#2mvc6IIm&z@t|)oMNvw7Ec?PnZzP=9$gL7cb;gHvEA(Ixg11usl=0?C*Re!|y#Y3W&Q@zfPhpTjXi0tn7GWx(m!tK;3T2KNfH z$T21EUI#xic&4TK(eB`~AeU0zDUlqR@l*}|wc!=ulgGZf!xx20x69fRBQ?M%*@Z(L zQi|Y*JP-Nqb6Wx?Z_(D^+feK_weQ4vBIp7WEk>X;7wzN68^U6(OW#6@m@wlrj|MMw zwc}I|>SI34OW&x&9!I2L{nX z3(YE6#)>de(x_1-{L2~1|H}-;I8rWVPi1~mYQbBF=uk4D4M5hHJ$u3cO{l@CcoP|> z(8V3S-4)DC!4jHXM`+B&y&(nr%JvvnF)-!gSm6_*?5j$DjMgdqw%@xh8wV0fu`*Uz+43)a%Qt5OO$^EpkX#Q<9BtEQK@c@r6R|DErR382Wl)3tZFH<$V<2WgZwB}>!b(+pINs__smi1O%Hp&Fl0 z{52VImZM&@E4f?zwbA-}M`%jlp8vimvN8qEvedKcB?E(zk^JiJ4FxQLVhb57onYC} z)2_=C%hw47l7oeC&;->7l~y2(tafZZ5%a%5YwW=_VX#r&OCobJE&1Du=+EK#1?A7l=Sk`C(m9e%dig*Cy)csa^!8$)dCREbS+{e!8M)OA5lTXz2M&lb)&(e zdLKwioj;zmlW;XBxZ3BvdQbD^CZ;;)Io5=zJVyXM^}+1N)pIjtK}(S8IPF;Tt{xN zxt=VFeSi`vgxfcM!~^xn^%d3IXuK*$kefvtc1woUGeM9r7nX+%?C~)Gz{=OWp26 z;tJVhZSpOVQNu}Sz@)2@_}|m^FZ5qofKfe#k3G4K#ds~(3^Ds_8f(@*L;pt!&p@Wo z+YmF;4pbdAi7Z8FSpQ*%a3A%gtppk@aec75XE-_!^g`oo77?TN2q@Zq2mfgA-X8Vl zCwo&q1Uwu!Ia)@^5-3Y36=GAd08nM!Nr}3JSXo(Rl_*dp9#VNn<8oIG|MJ|{s#oY= z_<1+Yf6C33xQKysNOtH~6Ln7DA(aLim-n)G{F(T-SR}G>y5zY*W>2pN5qbw4oy>@m z<0@phZWXPF6oH;9o+C%OpIQnet`vCHl z$b4Bm`2sZY{P8||dhndeaF1n9qs{7;ACUG_vXlXwY)lcR6y&AF#~4fB9zM3p>b^|h_ewQ zJ!n=2ACj}g*~@97Qx3o>z9P3IgP<73O+q)4h%6y+m*A%T3(eFTczzR~i{c0{2>_TF zFLgV#XV6^E;vjK=*|wc*RQC~6Pj7Ps?HG@uDZPknBRPxG&H@W$g3#x1Ott zPxavVO=!&u;e%5Fc}b2;grb38tg*WR;HY>R$Lz@I7h4Xw9nG z(cnvn2sTUHBBJdDs7D7w?q=w75^rs2*+GaJRRO7UjhJSwAWzpSPK>B!$wl z-0sATXE9k1t9Fx-Qdf}o380rGBzi0-Bo;8#Axm+GcLEVj1|WA10{S@YSxBil1_mq$ z$N0lB#{#w9qfRV0lO#bRpoAl#KqTs@bu)8u*NQ_BuB+RjOoGs>+z7fxQ>O8eBMN!e zAD<=0epR^!3|-|9))U-=;QzhfmK(%AFfg`)GUx8)V#LHhI6X=#X;!TC;a0#mx8r#o zL@tZ*A-fAh1|&-VE>nXSNYqwTOOY6tneHrxyy#UugG6$2d?RB0ONKz7cV9aui2!|; zJCKBZvM0t!Mz$?pbw3P?-!C=jLL2fdsPIS!B}x{Jm$t(KpRI;q!8 z6X9ofl*jTl7lTM%RG~I$oJvd*8Mlv|yj0ujcTbDTo_?2t7m)Pxuy zk)KaTOdNYeYOYq$P&c2(C071`gN~`{2triJY0@@%TGeSKv})b&xJ4l`rt}rv?^18{ zi3vriw&^2JA5G7!ql8B*z@vG2sToz^(H=6*1W0UvNtkKsvaQHYkX9o3N!AlY3|#?0 zQc7EKZ-GFG8$V0BixH4G=0QqrJ_2ho0f{1+pkdzsD-H98RokW6M<4myYkjoT6GUOthGALQ^X=?3N?a^1)_uql+=RYHwJIRnHqlHG$LA4_gtp zchHAsH@&BO1)R5^6g%Pt1Y~ZrOdz1AKtQ!*{|Z+-cT*H()xh9l=<9g}BDb=>d07W2y5iZlJw%Ay zO(dFhyO}+uCG*5|lX4%&1|4E^a5%KzozTl~2DeJQ^Gfo2Maa+#A{zWLY||uf_b)WX zEmXGN=~CaF&~=$YU1c-kkldh%O(Z@<52_$P{|6GhKAmn(=jRVE9C`F^(1MIQc(>O9 zAPf};ur|A4M9D$$_{0w&TG>!$#$kX$DLz)@#&&h@ekwtTHE7am z*w{GcdH`FK?aK=#MmLxp1O>Wx;M~OjQ6V&(2X$`TK;L-=|FY*f10mPD4d{X0qd(*n zm}HD*ZI6iYJ`(N#JM%n9%JJ#CJbOKbkgqTTAso5ik(`NMh~2B}S)`=YNr%mmZBDa02sAu+L_El6-x;53LWGRKC6Xhv%+0JOoShU) zKgh+$<)Cx*QZ;fDO2UE2j0~q#a3JO>C0vNv3P7%*bmM6eQ3R(g>+Xx3CLq%+h8$KT6E|QK&nmwU_ z%e+v@A)>3*0}}@z5|k`D$iU~|aQXl>`dADVU`_~=EgJ_g5`uz) zM$W_5SWY)Q-=;5o53>#*+l^qMHd(C{Qx9`dSu|&e*)8wSCVq^@{5tWtJOU0 zP@R-K8g2ntyk4g~3-_q>13|+V+#nB{viql|+yDW%Z=~KbcxIl-jvN>bDI9&8Vwc4E zD>PLInWcbCGU?yGN`sPxXq3dps06EWE3)MLlzl}7LHkhKrpQr)N3D{@j)=ft8=Ol6 zfjUMQcVBdkwwZ4O%77@JvR6-=^N2hG9S|6|i zr1}#m|C!JT5X1@7(0JM(FXsje6Rv`^1x5&2m?~MukpQ>pgbc^T0=z;PvJ5)VF(*`4i8AzWN{BpAn1qt1 z^2QW~^Q0_b^0W$=zvyCE^W>AN_0BN}8RM;ggp6@!pwJQzo3|H$moaelK1!Z!#FR9g zl-uu=$Ju9=&z{07m63w5=kVyKCqO+Hpbkc24eD~Q-IB<>G1M`Cz%%_MR;y;AEL2nh zEfe-Ac?aO4&6ze90C4#Um=LpN?gk%X@o_(8e@8*F8=VTSLHhSj`4t_4u^-x-)4ybNvqk8QPtlmV^s)b;V_eN&D7xA7yZh~64CzBc^zm*-u%!qLt9iAYc_!eV|@1mgik)2S*-E~=3 z^n0B@EuA&1B2BIN9SD)})g%ZJ>R|tw2P%s|^Us-t-`PP*oxy)t2w4#8AX-=IbbNxr zB#DZM$|1^|I>b-6d3mAKunSf z{KA-1c*a!U#SAfc;DF85F?Wzp^zDlf5k666AUx8}I3(;GWct6m z!ECMYNF@9l(X`5@t~% zK;jiW47pV6boGr{PoE2skzWD8Fs*4`)y?=t@GweXS2QO6GupnhXE4a)DAGu64jvGt zrl%+gqLd6+nI4mQIu#V7t)#&RBJ7A)9Biafg%A5u3`^e@C~8QJsOukgcxXMcbz|F1uuoT-yoBFy?}61Ui(xOviC@h=SDrCijeOqpJb~Pl8wFCp`T? zoI&FJcgDlm0NhaUodb4PR!lT~MHQajz`V<_zy&FG@O&-L#D3fum-cE^{MUN~LzVin;eC!zK zRV7f%D-S-k64AJ-vJdxZ|AMA~m9f0dqh`~7|n?g(~^4N-9Ba*6o;62Qi^32N@Jn($>4^+?@!vee zZXtq51|YpUcI1{)2*6z9eJg5d*nmI@wF41UnI&Vux!)rnm{ahk+ulzf90E}sywC3$ z5tPuf%Rz{=lcm`p_gH`JV5QdP#KZj1`0>#OF$azgWE6^D90A`xUV=G`2pM&Z4P-lR z{}G#u&??&7GesBys&N+Vpu;-V{U|{%9MkX*b(19;vb( zkuGJdWbPN!uNWj+?|M1M>?2_m2F`|ZJ6Wc&eO84~5vjDLG~e?hKzRKZHDIVI?iuJw z-xD^gfw0iqt-vtypF%@4JLe@|^Rnm^O3jTXwtu@J=}Hj2dD6S*S|izm~JJxIw)e&r~1AzmY@PF<565qmfNWI z=Kcj2rMxft+gKQ!*YW`H7%rep4fdyj8pwNo;-B{qlzD%b!@|P=n^sq44$XQM0az$F z*$M?$Pb@y1ZHnhaSE~#H^9tE6kh5eFLv^|Tra}UDg>-E^bgSV=t?T=S>9411rA;qf zbf|iDWkj7&XnX|==Dc*FWNP8Zu&xYgRpxz4zz>W6mLCr7SD`2ggOJa9&EroyS)H37 z9tlez6mC?$EE%L(NemY(lziLH`2=cVNU4LaeR@G8+_3_CUPTKcIq% zTw<-QKeunZQRs{54ZRhgdHvl1RI|Z)?^+3z2;s3)_`uUU;dno&OhQ6W5-8S5P*qhI zq?PH1e_RT)jiPNiDXeFJS~~2~)fk1PZ$bm_W@?+hjcBkT*>nXWK~mxwYNl7=cLWdVaN{V6y>=ez*0x1iD>9 zLdjfv`(*56w+ja94r7a66U2V17BK0Nufv-#r7W5&z73S`tUV1fQ9;QJT#Qy5>kz!4=`MTA5Z zQ=Hzo0dtUa&g+8F#J=gC`+|XY1DpEKSs6)^JfxwKsCgGo2L>Om4eCd4NE=cqL0^p9 zeGh|wkam^DB|4sXlP51lvd6zL@?Gx`rTA7u?`H%IG1=4q#AeurGA3he7WbwivYjq} zem1nz+|-OyTG-y$WVEGoZ=F?}s+;{$>8RZPi11G>VxjVq-y?M1WOk!NfzYVyv{2+& z{X)LNk%L9{cg#~D5K2k64~YKu0R0_{Q91Jro_KeM+yw%i{%8CRk^3Je$5K$G>WFa^ z-K^*9?JCta!-_cTuJpGm`4z*EiZ4a^;;7EzS!ycp39C-=#MjP|4g%Q|Lja%hg-Y?- z-(fOO?`x{o>hi_);j+$;NziV#x1d{nsii zj;~$Pjhs#&G7WcI~Z3td-aaP@VvGw2EYXnVRl+xGMX>y_>z@o@{ZNnu(#S7zSUmqOPp(p z(|LW}AmZh9%cGI?A$pVnJHvnX=;}V*P(UD@5YTg)x(!Z_XpBqi>Dj-F_nL9O%vr`H zJDTbNSeV-jUDJ!>i&rY9qUPshhx}pyUuUCZvP7jE$3!PTL`g6uh1U7ah4$x824bmb zA9&*VEL!O2*M?)eJHJ~(`BaW<_fys2s5lQEt?XIv zwB|?)3_nq$S$iEIE=Sh6bt^U66Pu>zyjD{yV&AB0^XAoSn|1Y(UJmM1$)2?z0>tUv zz+d5NC{itz;UE;Ls(~L8%TFfs91RDVy7{-A8oPGt@VoCt9PfVH&_+-U2+yAjR8 zx7Qo}$u*9VOIsNajN}!~7RC4eVRE88b1pP@CArsd(R0tIhA%2^!d;4*dTe>+~bz#_8&EWL_SIMnaSYOtWAjm((N`Qlgj1rWY?0QN| zC<7%nkgCpxuUQJ~)suFARxnM*!NXJN;}TX{4i(NRCU*LT=2ZWH6r6&pD;0#+kL>AL5GVe{w5{PG3(87z** zMr}@=_32l}XBN8XLol1{{RSJXB~xbKy- z5bjW@S3~0ircg)E#PwTRdjO7ABD#Oq(R0P%PdHkM&JK!9yo)*38MK95L-*1Lh1MSN z;swpvu#`$C@S`T*o7V++FXj0rn-Iq0ARhVzAoX)2nSs)0+;NaHrZp$&hakcnFTOYA zZ@hloBZ@YMis1C6vJ{)X$J+1i%Gae0b(}bOkN&64D*F0Hn%Menoh%oF8@G<2ndJzc z(3M~MHd#rj9logy1J@Hf-JnQV%w=WveLB_uhUdL)xW^L)%z|QiKIX2YEsE*RSgVMe zGb`b1Bb}YEbK>{;BL$sAvOW`B(X*&1et-XK{DVH5wX+JrFXRaxBAkhn04(-j_H{xJ zo&%xL67_UPA{q~=k4^eJEFK~|hjl9+N^KP27jgKq#Kbh*n44WZ}aXx!J&i zS+m)H7ehQF*JWjyCvDJCxc+jsCbEM?_@blMF(K~TkRUQ|whG$XoE$W8qG@gf{~>_N zrsvai?`VjE+^ROS+ACGm3Wj)vZ3IO2g{bHy!1>&6j3dwiAT~!gDw0%L&n$7wO-l zGly;CwJoSA{{&jP#Tgs8|l@S3=I%nA!oD}%+e zCG^ApH$2c!dg(+Ow7XrY+#-Hw`NgvWp#pQA8T7aJ6O!shnJXK5`)!Xn&F>+p9Qre$sw7p2!UPJkk}m9D6z>V=SJVr z+{H}(*CC|7ypV34p^bKjpFIaze9mY`;u#2qNwv2mAUOW{ald@gaQ@P)pI&ddc;wLu z`!U%h!!lJ{v+SGzbd#TexrcINX0)mxrb&IFdXx*w1SRc2Hl^!1{@t|4Z@MMxMm){E zjlUMF^wQwn35hjy0Tm&D9%S4iXyK%Y?P_~}xz#Tpj=5AoQfKvbXPw2DoqG*Bn8oev z<>zrlQ@boaC<fZJ;nN_3`v(_d zg>6lQzPmqP_}3R~nmC`x4jSs@4w_c`30C#H8Tns(!By_f>}3obawJ$Ef1dx}u-Xxv zV(WZ)5UT@wlU2Lq(>#W{G2iMs3Euv?;fRmR2ETUJU|>5nbq2(UQO2|rRFF%ZwtX-P zffPKY{}n-hUEc#UMS@)0BKziGP z`)CXtPeP@aL<_AiQ8bUk{_c1?(sTP4COQ_c$Wj*dzX^GRr>D>QwORiNWR>EMQ)K}L zVb0}vOi!)BfDw3ktdE1^|L#n7vJ)1ad)KW;yn@$ut(ZUNbKSFc&`MeoKvMJE@7XU> zfz4V3O!EORgaKlm1@(@#c2ejibWIA~_$aIR*Ik@!(F2qMk zX$9AI*bf~^zh3J9X!I)WuTr4_(f}_Rs^$>u;|@YFJ@C-CG)A_QG=yxsatQE*zZDEfm!7g_nOuyVZ{^(|o1E8{NO5OZbn4<4N{$n#z zq0)ST{(tp0neB%UqP*&i#7W5?@ImssrkefGSdJf3@>e-Skame&_^&0-L+;e89bH|Q zW@cw)-QC@{Z{PmFees-&W`$}(S@F&KRq#5~*dI@)K{NeP$MrYER+-z6RRrTLGQ~K!arp`8O-_quXQkF^fVIH+sr+F)&d+I z?8<@?4ct4xFsjXd4i-3_3sV);HO#f zA?RVfSXJplYHDiu2@BohCr*UQOv+$=SQkSUd>Kp#{f-2vLDet|gJI1h^`gJh=5jds zLg#K6;2qofUdjVipQ>o$yaYt}X*PSUe(LOG-MV$DI-j}N#UR4&&3zHKp@=ngJoTS(#0N`)frP-<4cAJqg>NcjTI?#06kJbKyhnwax@lY~3=jtE-?g*MGyyLP?y)Lt{hw&P@5 zmZ(o#)vf99n>byxUwkiMrKNrJV(v@Ar?&-Ry?&gF^95$ty8Y<@`ko((Mn4_eR2bpF(8KsA(fvuX@>GuFX`_$GZ zv2u0cv)&uL5^@&^KrS%{T6jW8b`ljuKT8gwdoM4qzO)ihF_J~oG4efY6;XcQQK9rq zPL`n1pZ>&!$fBZO@7MqR$p3 zZEtT+x9KgA8+>8}HWqvV9 zNlE*>t*%|;bl=&b-5oSKNO(7pE(ThFseiNpv+0BUf|Sw)CXin!?(zdyKOy#Av~a0F zq2o|Q5x1pi1wwu5e7}@g)gFzw$$YNX=&Yn%I@&i zPiDv;eF*08RkMq}Pe_0*j$m?7Z^2*J{qY||-*K_Jx|;5`y5w+kR$;PnqJvhE#{zJ1 z-)%D&lEk>?ZD6a(VXf>ht~SvcHKtP87*YSLO7a8f^h{5S-}-{5!b_<24Cf^8o~ z2|AgWau@!qBr;g9&eygki{^OjN|<<0ER}dniqY2xjaLYbwc!Pr`69{mOP2C0N!&`j z?(}ZsZLh)P>Pf-}$7hlJ_}G6PI=CW#Y0w-oLb_#pp2Na>#vb#|d|_SPuQ5+wh>8a! zJV0b(z`_5~p3TX5zCx2R%{Mp@OIIDr!|hIA^!ha#X6Z`b@$gSg#EFV0$cd+b)9CY^ z=f?v+JQl9#>~v6;SX~LdHZu6=zSDI=;cp22U`LL4C{N^`W&@W~M`5doab2YT8kdWV z%vEbMNHSBoBu2K4OJk9(S9XK1&ZguDZMc zvri2-5B+Ibl`wWcA)w+645pO2E5Lc+GSD5g4E@JR%5id+tgZQ%mX~|W7_t6QojGEb zg}ryLSxxvRq(wdQ9R2bB-TVAkm+dR=#IrJ+L}eZdg!ONOgM+{K_xE?Fz0tOlN&3?W zy`l&aEpu9R)K)PCQIx8Ii?=jUJ!#bi-Ma*a|H&iYc>qQpJSf_NrFb*ZlEHDps$<`G z%2UjLmXad4wcV5;&b&$U^5@GvTgE0ks+Eqq?{u3RZ9%p^ENTIBWg-b5NH8Vf@^S`(bfE!MMd&;(wZP8kFazT1|g!Qz#g86ZwEG1dd zIReXZA(lIhwNiHJSrRn-^h`G0y8F#Fb92AAICf}Ye5m(x`tZHOpootuDx|=nm1$s? z6lXMExC$8y?%r#JmIcI!KX`=j#f<|h6mO`vZ-3`awYLXX5fzZuc@vwNeM`<&#z;x5 zflyZZ0L;jxn0RNaf)O6>-fz8(Wv{MQKLfu3)-l2=pi;(e=AW)DbjpC?==NJC3Us4+ z40pGm+VdU)-5lafcm71rFThtZ$AJ$rlT=(RZQ#&-XQ5la*f**@U+k-Ry!>hXls^dw%}ZGPNLe)Cp#ndj?zqt!U(^tAji(11p}M0PLFkNesx z88BH%^(BbReKCpw%Sl&P*V_w!>(*L}H2b+fqe?Jw!y)|bQ!_*ld!W+(s`a&VsV~50 zQG9LjpT^c*QGKyYxcXAT6?ep9OP$qOP5hjO+QRCaD7X7lDvXdsgfo zow#g#c~Xshws>XS>fJL(K|}X>oWpPn)#PGYo7U{-0f?l@PMef>xJpj;c!%|3ufVpIz=vyHQ@pWb@lXO z($mvdWF4UYih1jw-HUQa_s}3VC&~sf<5HoBrrxomyra$S6Ktwt58t~M2$&3i(lBzLt-ZcWscN%UjQxM{F5S)9*XbO_7=Wn>X9GW#$Nl zB^_B+5C~Zs8tY)pFv%=;=F{5)o9i@c9txU>kb@(@M~*#mZR97>97A|3eR>2n5Q+lc z`m7Ul6A8obf3!`Ym;XZLm{90B!{^(L`6A)wzWliL*>XwgHB-|hGd(~kYv=6gw%M-w zPby2NTuhuJG7Zlb^o`O_CYdx<46OAp3y3(pOuY3xcj1dyCaJOZCokHq-JNW8U+GJ9 zr*|JuHl1vdUct02SAJcH!mdto2DS)_8!gwms)`*vvIe;<5qcp-x#*eMd1?b!w~G!< zkE^N+3XH5)de$2Iq>BfW=~b7UU(MK7tePX`YW@a$cVcAZuGi+RJ>KTZL3bz_L)}9> z@vxZB6Cb=M+Wuz@3r0Ce)O;W10CF1Yu=r2&Xu#(7BA99POSa%oxyGhI5_@mDqy)2_ ztXq0jTUg%6y!yeGZf%x)&b6*!?Xs}-X1*Sid8rHi1>M5DfkJf_z8sMTjLpTpqas5K zhbLzz+Vyu>hq;}@Diy7G(i*+@ypZ14*KV`Sr(H2NFDWG9Ys#E5d6)VkQ)kiaT6j|n zQ&?mU7bs?Rx4HQF6|Ql&!H23wj|FXY9Se;@YyHS<9C%#m-7n!UxlHbr4rq7I2d{#+!|l_1o2K{j6$LH&>2A}3H-geq zT>EVNdi1R%dDf;T+-L@(++0L8u#cwW*N0ov#2+2@QeK~EuJ|DBEV8y3x*X_m6C9Kt zW-HOdwNi`W;i82H4ZdbdTCQ|&o~)sK?9<89=-6ReQND+RCn%P3;53M^WJfo3m)Y`s z!-=)X?twrJ6Bwd+(ROi=|7^>Xo`yCg{9UawY~5VJL}_nBMg@0`i0&OzjTGhZKNq>a%kPg7W{oBQy7u`YOPbs#nEMrJEzP`Spu8A zXyuMyyYVHD?j~Pj!BR`WnuSS4JGG>~TmPtf;9a%wHTU+V>V=LV zR<2@cb0_(g&h<%|beoY{s1)*BX3^i9KR@>%O8>Z(oJ*gc{e#Vuu~9?yU;iKWzC0f4 z{r~r*O{r)>k)lUr#9|r1e=0;@-+MyQw{Zu8(%Vw^S^U+csVK?IXDldOPGud0gp?! zuG9S3qGiOmQx_@}6q=fNF!St2_o)&yo1%1yZ|G@862qqR`M|C@Zw^L3(GX;|T|pRU z%mZHo$EQ@o-Hyj-h2?X$o1vC&O)hGtE)5= zXtadaSFhWn<#A0sI7acu1ot}pSd!((QgQ@?K6~xDg%6Qh68*Wq^I55Xvb2@p8qc8H z9oQKx{pvyT#4Lq`#@joA7_g5_BDW7piDUEUQW=zQ-&<^7(Y|i${rJ$|2>Uy&)7LTI zf5gp=lFUh<=B5pmMi-;+39fv@xwQS%?_|^riTKdhz(H_|J$C=q-)UuPtvmw5k_o?m zE2Ff7S~28|ebBmi?rp1tXDiBO?kE{e7|j-U|Bx}Ey|R$eOH5auon3xUbtLJk-LZbx zN@-HFB8~1!bk?|NUu4$pat~jPNjrcd(@%AjMhFRE$?pw{8QiyCRFjJgl*gEM3EW zSK6~QGdww;#F(iw0au2STp3iw7(>lnZKjSkQW$u0)fkC$X&$4SI-ReMa(6mi7#E!+ z+3HN*VMA7s`1X6V5>y8^rM3v6(y345x`HtDF2_~@rEK>rRgX|4=R!t#tNX2nGtcH0 zV^V@9RQOJazZPX@cgqortQW`J(ih(Z)4g5q zd&3N|vG(BAIK$KjoqlfGw61CS_sLV|OjX@2X%qZHKFbAPkRPKD=(}$9bdJqF#fWxj zIH0lrI*w8!MCZX0OfSUskc8P5?-*@tN%b}%&fE)n5`xY~~HT-J@)a z1@5BbubJ(-eqQi|00)n>x}!8cA77Dvue<(O zVdNv#N>b1+gSA48*%?DsOAEu6mPO{v+XF9P90rzmJQ929pH!ATbtS@W`ibLv!sdXX zl$UO`++3v6mS?oYLy3WOgVs;xqU{tE+EMeOO_loxwX>>;->4I&=-F>VTLUjg3&pLc~BirJg0W{uSQ`liY=?||{4^alKL-+`U z4k7+?1Yz1T8wFN>oYomovD`IQfe6IM)ul0NFD!j?_rUl-+@oXS%slX)E$iPrJa{+u z3Dfei=@PLsO?L)8_4V3l974|Ke4prphW>W0zF1|-xr}dAWTa+^be7_3-MDNKx8LP^ zlFBocN2qmG{eBZTCq{@#h-5(?k%ZYd;_T#7;)F4B>u{$QUNt#3v6G$Hl#wCfGA!(7 zX{k=5RdW_(GlB(A=wpY=Kj4&i4O}&%O0sk;@w!HnfkCthssJo#nCxWb^^~ zsOacUULx(%L6qt52PgXWwp5j^h@&xB6i@ zh9a50GMCq3oY0oo)L9^Sd+7G);9OzBqAOb~TC7OYQr8|(>9TJny6~|A?LzL?bwj7B zB;>D!-yY@9>%R2U5>Yt{PMGewOm)ODf59CucqK)4<+uCbT^{3mz3Nxy$}*!%!@{&W ztet(eoZJyZLlXi|YWH3B&S)W&sGJ--!$TF#8;7lVLdo3}lvl#b6O+{Q^7g2g&?o`e z*6~5PJBbqxb2ozw>j)SPL=vSQE>{fQ%#op&%&_b>x87TK2SekHyoVb6kOXSUK zyp;0zN1|G9@l!a+NgBnR}MZ zy=k4z>d9nsi?*K+_s3y!I*GnzwG(c1#ND_~&tk36OtJI#@84et8W?B`py%?o$k^S` zj&t~N#Lb3WbR}z7`ypzu0Gg)^+rrRzz$rMDK^cCZnqTTjQ_OC@2jEAVe7uaLFVFg= zW<1lk*By7rM|F;?9ksXDahr(l&5zPqOLC@~8x!?N0n0`L!^ShIKKx1t@$Mapot1;6 z2j8r-;syhh92>U#p$61}T*bt;)ooP%q@bZZ_vYI9j5mV^PN>MIo4N+~)`s}|NxM%B z+b~6f(vUdn5~E_%^PCH8R8qF~X8TbiY1@8vF6EhNqcIX;^^E8ticXj%`E%;Xx)95h z^FEvQZb!mAv9TIl7*$~bR!Q{N*N|FY6LK91CyJ{s8a%T}PQ7RwWGy&Ony$A z95It|sE&6k#AN1EWJHV`9;O&AZFe=$bNt$}v^^wbpz4MbbiQ45>J}gm#W*L-)rRD^ zFURk^T4uzBW_*8dm>Fk%oQqz;XcAe2sfz8lnsr1?oI5x<)Ld^dF?#$qt;s@WI|iGN z>X>Z`55K~5{djI4Hf=W6u5LPS_sn~b23y|zFwTRImi1vLYNiX`JnJS8qUe&(b{VeC zB<A&hnLHdYt8lc4$HAl2Tm%vVxayIWYiV0OG-O4pY2G?gDlCm zW%3J4$>y1=f%~{bdizUOEx_$j3B6dKd~e>up@yVRQ(lIW(eu=Oe8I~m&A+>Ex*He$ z@quVXc6qep{Vs+W?)|q5of%LZBtcJ-aNfes@TUs;|E?Nr>}4qyqip4Do)I!@$a%0q zmM9uO=kdiTXjxX^rRk1s-#W|dTGoqraXysKx=uA(-tMaX;}!!uKelF_(F|9aGqP0R#%G=p6s@7v^9H0{}kwd zpJ?RbS|?klXS(hlmhn2y`;3U!yE;o!pAWw^jxVU?hBX9FVf5M{>a~>7bq^DNCsjm^ zXWUaC8SgSJ)oc&4TS;tjAeoTAc{4ITzfX}u^ND!L=54VK-Mn5*!{^M~V@FL)OsebZ zA_x}R6jRqb(nIqNqaKO8TnBeid4l1>mfYL|vhOIr`Wqo|cc^RY-m|WC{<;v>l=e8x zg=t8i&6K-lN79En+M3IQc6>M^55pa4!dT_GA=E4V~D3aK)?CWXBD*53I^h93JgF z=6@WkaOv}#ZPH`|>fL*@jT;rOJC&f*L@zvx?VEBb!bxAu+Nb*|#rmA@7caTOww{9L zvW~yoIm9+cnk&2j5SGV`j@%uELYqVUn?xmL8dfMbti_aSCW^Qv?sXe;zFM2Le>g%9 z-xYMpMKQJel!0;O)h{N5?39NeQyO<3^V#@l8N}Dyfz6})_OsNmGK8bY8}yQpVPNSi z^!*=juLM|7ra zxIKzZ@Aj~pzKJL#sCpRQP0JW)dd}sR7p0$a`OHwtm%C0iYeMpC4Xg!Jz1FDT8BI=3 zzCC(Ab4N9+@k%@aMCXIgtC{a_S*h>eym5&Ol%_a({mQ;oX+t6N(`Wi2)6x6VRceGW zU1dYAnLc7t)fO51q0~1}*v;yK+14dDr2~d$@r+hQ`{6a{=Qq~fLNr@MWkN55WfgfEoay4B%=2K3Lkg+(EuvA+BW+`# zVp*$Scv?BPR=|OTg@wsDjx;})HP;QLM~A$LeJwLEz_&am7B8sJg^xRG=>MAsou}R| zFQDG8E5PnKZ*OXzH^&7zm#wze{!378DkC&*xElzr^PiV7}SSy?l7BQDI_ z7ly2`o)*+|dtGTd;E60w4;FVZx$5#PG9Ok*%kWo~u^waG$8$$daA6=_V#Y;pK1I6U z+w2uWFb+!}s=5cZZ#MMvuZ2G=oIVoHH^z+?Yj`{L&LogC@ zJ4EigaYuM<5qub?F4G5qmOc&SBs_Mp>-#5GES0@{9`an@T7C^#v5oim4_TR#lHxSm zAJGX!)1KHpe(_~P-t^Y1;rk7aTBBz{q%FG7C#tYTY?^jC$4yC(VG8w7UA;6)~rfN%O0R;eWz1i?rtqdNa>~Ld9?T_o! z&~q7EU0UC5gSS6!%y!SIDr6N`I6kGu-Jh!ECdV?Gwruwi;6?-!Pz-2m)#}>XmAQIT z!@p1c6f+*@AiwL&Jel)cVCTN(xc(J^?|7E^YaIP$M}!;J;vp-;BY9y%($&(3-m&TO zFQ1c*_pRnTAUwH|nP{EWy);vqFJm)Q;WYlzAfH0+G^vg}0|gJ8CnqP*Xln;9YiHJP zGw)-k0l18bRBL2KUmt?YC=sTmrVBzbsd1D2uX0YiFR>NH0%ahjZ!g`a8k|PIn|3?~ zTlU_)p2!c;Lh%`^n9xN0(iIJ@JRd)PGiGF`_ztJki>5SQkKTCD>Bc^}?Tl{!jD75A z9i3$I;&fKp873n`fc}|1bpw+BY6jZ4S#@%KzZh7jnA`TOAjc0P`pHPedcxqiIC$cq z(5U34k|M@6zeQ%;GynU(YsY6aP9szPgt@*2rQ|(V5AJ+bclu$1Nnrs=5n3YsJgm3u!c}gO-;YmC^$d8Ll!KlD+tvW;}u735o(&@0I5sx zx>|uukDD7D9Qa8$e=^aZd;sH+`2G7@i18hF^dwB&^XhoiFMY&zJmCJoz@D%diJ;uH zUb9K)6(nAfOqirRA{Qua56}GUFQ{|?%+sotHgj|HOz14%dAV`^1?Er|l)*%Tf^lrM z|Hrvhh%|HXBn=JuAo5?q_Ub`-a}C;y3&-^+yCut-xG9D9F8r)HDa zaHhLY!)2$_q5EZ)aSComQo(w9ydb_D?htS2nz97?k4lW%V5EAx_+*aDIo;v2L%#tu z6z6XlTYjmxIXz?@J<*AmPaK?XwzVlIynHZdt8iJce-Ej&VX|4e8tmWsdGU3?t#*s#49 zO3#pbpJ;1$QNhrui~IJ;si|Ae-KvZH4Y_jtR25S-gHN&gJlZLI0&&jWX&aSX>=4gk z^=Am7TzQl7t>#&HNu4a`Fa}|mcvj>6~JTKlbU~xfwH>|Vb~%~Q&ZDV z$;r(6r}kV=8*(ydflqJmQPrwfksm(rj~?J=Qob~A-;jlWZTBe?THo&pjA%LkwIavz zK!#MocoP$o41PBt-E%rR@BbfG1PxQ7?6{$o2+bnQLmMwIgkqeITyw#P4boD6_rkCK zPC0FN5-H!J#N`Zd(Go!czS@5yuGEAw+Ai~Z?%j?1u4(D9<5N=PT2>gbw}#Ct*m$T~ ze(ic2krIi*VB;O;tq!;X5@eU-uhC5}9|j2`hP$js5nV;FXh^g(rSSGhKKy3ow*M+2 zO`MM}(+_n0$}(iMM+a3{Q%?Zie*X;^#EuJh}XOw0X_ zdh_JJmq)EDF9{a1UkwaW_xwdLH#8Q3&b?-hUOW6z!Wg-!@{!J}QEHk^XU5^t)vH%0 z^k|G89)0Q*1ej7kmU3wh$YxOfCbOb&f^cgxlHu#C)e3T@y9HGPb^*&)nE#-4*yAvB zEoksM^|PF8nw@$B$rUDh--d@v@$m(3jfy^{|Kc^WPhs6ypW52)?+p!t2o=NZ^6mFl zZCYni=%>zTtgqh)ipLDbAFfbdk;Cyh)0%lS$Q9LY1GZ}Y=WO+2y}sfqVq+s87~~Hi z=UH&4>T15EBT7&}Aex?}=%(5;pog>okBL{bwg!)|p$!bUU9)eF*IRYOZzD)XuE(atG8I=gZ@l1SYw@F}J0LUs!d?EC6TIaPUn<@0mZ<1v zU|>)Jb&!+gZ=O-8Eqgl>OnZ*#=%`oM$sbWSoIB>zgWz{?=?AHpx*7oc6-4QTfdp1J z_75v4h(F{jbF=GfyC$NpP-qdM3&ggIR|U&5S^Xg#LA*OO~Bu zp5R`$b@!~Tt&s$F0c~d7B>y2dxyzQLqh0K3VO4qQDf5p}=LNpTe2DcO2oCNFSrm5X zGl={EcMqL}#H76k^kV7n-|B=3m=%Ti^8@W|=3cKRAE8JP%go^vQqD48j?`AwFz_Eg zti4^13DjY=5_}B>H=^eP6Cdx~J79*bO;(lsaI%C&`fGj(1D4as=DFK#tWIw!H?r$dTkGsiTdpSCaUW`{7c5vXLqG}eEUXGv)Tz~E4h-j^K9#19owlUTh zVeL(7qROP6T%MkmELiRTv4GQei~6KlpL>1$?}Mvy#I{g!rA8fYJ6g|MUKR)%#l33^ z%o?THQ#mfx=)~9%UXW;6c9jSJ_hW^YpxquIirgL(w!bcwT}&=oLza}3>@SD9h{_fp zAlJ@x-k?Hnj%Nk8J--=$Pps8XjFD_?Y#rIrlIlqj6*N zIUztReC4WbaUf<#fv?5=+1c5NATQ9_q4ZUo_J}?XBXXcT1={MGmnzF_xE=RNvB-_3 zm-zv1EscCHmMK;Er7tNpI;rY?O$8elPc>&^=*`QUpC6uRT`Fy9uWR0dk3Z$M?jbtE z&TN-K$}Zg){YP|B?6bSQdL);uopUFYJqgd^-Bi0zw>=IK@;f_s^60uf$~0fap3@a} z%TB)Hx*$E&^>PU@@Ha$nAwGbut?lgeiN5U7z$LI=^O4`Ae?w^*?vwf{AYaiyRDT0w z3)TVMxcdHMV1)H)!b#Js?U_TI{wgDPYFsK6cHL5MRKE>V+S0+%P5~F?INO*f0ljw> z+Qw;na|9cK(EeHfd+Yazx{G!B!2{-$0iu9Ki5meS0Y37nn#49!QXLC77yQN-* zr5TRZ$u1s!@R-YuPU7B+l&>MHn}`5v#SUc1G5^p7A^@SF69tF(-k~*%b<_))tWVEl zgpFL}Xg)$WqA(opkm_{L4dpYOzEwY$CA=3MCt3t7R$M?x?mpH-w?Xg!E}67;gwkFaEE;^oe@CSpl*S0xub7&B;;qUSF5Id!^~3Il zTV|5|hYJ%gX0R=xPvvOa5KYR1E{A7Y$}1bCe$(By>6`EjufDC=w5;lgCj-YG1IRIM zL0EzLU2};)g>8R$=gU;?N)Ui(7Wz-V{;MNwgDW#Qa)Kfkam$tXoag9xOwf=lis8g| z`X%JouSMSYR3zR(7{7bm-W{#5=juErtkz0!-p`8jGxIdH5Y4-Q3qZx$!QG!EEH1$@ zFX7J;%wy4d{k^}TE*;&tzmAQNH8Ap=;N(mwvk81%YExq1K&q3u7^-sUQYqKL1(kzy z00CEz%ZO#dv}QwMV^X)+=IKt*Gatg_nf-i!B{6WyvUBGAQ9|;~b4LhewhW~dU&9oE zx;T@x{XglJNg^k~sn)-4)5+8nj%>9e(@Q-NB&e2OHk`m#gbUdSnRJimGaVh67wwcY zs+}#=;Y#T`hcgTBb=5nNJ}LwJ%x=t;$Ya_5kB?1)2*pfYt5Ec;lOH4j$*uAvK9gf> zMmi-j{}dNphTs~vx&Fj8ju%YlV4nau71Emdkjh^ULxI=nazS(2*p%9=-7{cB7+UTnx=s81i}E4fzg6AJ|I{WGd%Hv-I;`|sbt_Ze(S!K3m3BBR9?j_8Nt$K z(i|I05b}!~5LEc2;1H5^ekf!3YW9KFLkoW=?g%t~lf>$`A3UQxdyNMyA9f%%p zpKsYCIXV%ulw2J%BQu!)>^U*D$f)P} z)%78rpLia7C4`>DkAd6f6KuQl1Xu)*Gc02leslgOaAV6CN!Krh$*X@s$&#&ie$Sq!T z=fTLC1^=cMbF25Qad#*){^-8rlG4B_^}6D>Ac_SuuWS6>w%B1o4^?bgCC&)Trf(Q^ zd-5$Mcmph`SOXU1AgO)h0W9d$Dl1k5_OEgW&?%&A6aO5T(Yn5_Bwg zM053l;ngbecjyD`@7RoD($_AyE8+MHIpdEMnT6W_$ZJBF>n=RyDOZ!$f;|J`==hoN zrnkuY&-s8=WqiT%%~2>|=3UYI%i48VLx4Q&X{`3l_yV?nr4M_`FIHeS#>}1teHRoQ z`vb_{p=RD{U+`k&f>hSRg19|;HXsD|^A2zBfLjl;ltr4oo`k`IhAxD+tphZcppDHp z{`lJb_mL06(eRur$$JMDbhy8&W_#&>Qqqcv)z=5N)rA+XNP=M?ihnz^^!U;&eOnRM zLXZbvO1{-A;>e74T|SiK^2Adra?3Yh@be>oJF!7!1w2J!OA6D;`stv3{R9;FbFg~k zM(`=~KQ$ilMgYLqm6`qBo~&U{-5=lf%=^i3UJ0u2Hri7Uc_8j??c2D{;|^iR9t=fdat3b`y@ z*x0x0rqzIk%F<&hAC?{zdU~PR33+w}+}2n3L$6F>Fs$R>;vEL8bV}$sw(!9@2s?~0 zlRp0_I)WH`>)eW>^Z;;9`nM=zXO({B?IxVhi1tSco2_JG_(r2%s-a>$NF30 zY`z(&mCl!4!n2KGPuvo{KM3a(91i+=hOQv6`FOpK?E(t>)ANq9!-AFsYcF`w*Y|Mi z7gK89Aq#SV1tprlxP1!rCEEDLmjw%7xG;|x*x0k0vPfnN){lpIoaJy*-kF?6M*e&S zxAlm6`#%|U@GW8PQRC7dLF%8k?ok7z)4T%t>mNlmkj-t|FlzkqZvDLldj{Bxm;QTN z1oL72uZ)+(sBu?aUoQzDk@(~LBmQnrSu0>qseZxpO?&X{{FSgL-7;q;;RM0q;H&LE z9t645n-JZzP|LDN4Y{+2T(BVaeGv;TGvE~5db&mQ31mS-u%Ih-dzJ?2!-DeK?k%)3 z=IG@4tv8ESkT&Q8ViIwV1mE&zuBN0h@=%8khEg# zm6cKnupm}i?7 z$GIGDS^4>V19D=zzz#RXkk_d2z$4E0-RAo--*F^zz9Z~Uya|d#E5|!|oiRU>`Tw~> z7}?>ZTx{pM0n7rAhil^nbxudCe>x8S!`AlDU-iTMwrJ1iC6=sO0Az|4?638}^#x&G z_6-uSKYfK>gcDTINc87yRq`10E8q%agV)c$`_CW555wZNR)j84{wh*H0o{oow zAHagLnoq$a4~_xW==v|xfAD_s*YK2Wd2)!U#9HbLc+8XjDRE@|+#;8hqMqx9Tzdq{ z>u9dR-(6gnI_xRSzIs92ic4G<_LOk5j7dcJ4d9Z!4>#{V1NlgQL)pI@^q_SY7IgHL z!hGTg4)!9*pyL0g9t5`XH42_{e)vz2)8b$yyglp9&$N9q;I`7G{||oAlCxkzH8Z;< zSeL;Pzr|7$e=Yc#VgiGPje|9_0;e+}iouao=NQ2y6Y zo_CM_zmF~pEv1k7tC>&&!eiH3VV#c6GSEp?JcdL`i}QlZvt3T2blWTEcZ;}EFCkYr zLq$d_`s;NC!c*s@# zK~acxaNvuOKaGW}MH1N<5jAG0fB|)Rv&4G#Zb=Bhwa#fPE$~biu1fquo1R|F`f(oV zK{8GKo@}Aa@?oQijT)@PF7sgu0DJY!q^=sOPdsSgRgcwa?;S7z_Z&ZI#~fYrhv~-h z?}WAFkfN?S`Z)QTu%aP);~Ow~6n&=JouaKd5|X zGbgRImZ!Yg5yq+tLEfPO<(IaV$C<^vFOc%fERSN6BRmTuCigd|#q|}R6P%gbv|5=u zcXrEygP23=cL?}cCR%1T`0|rwMQ5HOc$Mkd^0o_3W8u;&wgn8W#Ligyzr!+8ve9b; z#jH*)h$zEx!Bh1UKFT9Fh?k)r^2rAW@$GjY^s&j};p2r*T5zj5DiBhZ;~FSfKzYL6 z5Qs~x=axmHonsLEdRk|@w{OP|e^n>*zM)&&;$`bZY6DK8CG|5J7(8#0_jzK>0iCB7m+0C7%oXto;xIUNx= zhx(iM)vI_c7sPQ-YlLhllaNxCXO%DA0oXM@W&5aBYRazcthkx3j_)`JXgY=2*tLzCp_Z+Ot2U!DjQWJIM;35d-KNm3~^=`4U5>6pkFfsh5Yr8 zBh_+e+Z^Q&a_#MvYW*5*hn>9(6$p`Y4*fyqnc@pcVcA)z5)hvBWtL1p1?3}GkN=#m z2+;O`c64Q{H0lFPSPR|Nfi5;tGEX6q2w8&t|WANDR zUxGWI-}zDHu}~x^*JYww;49Kul_2LGrPU%*;VKB{b)cuBJ_#U+LX6PJoZp=-B(%=L#2_`;LIS#5&rESV=BoP;M+MVIhtN`X3t(D+Z!(*Xm0KhnrRytYiN}^aG6oH;kP22jA(a_EC>9!o+_QG6S)o}B4EkhEj zuC~M{uz9|6-SQjS&``jfz5!3Hw+Uqe93xvms$so;R>KNQgQ`SI>}F3v`iF4Y@K<9m zfl2iD!g%e5O@J+$U@lE>&9*Uiix^c=eLCMA43A0OWvJYIQj+I>vBUICM{av!rcA0e=uTVRf? z5hoyJmPq?ltw`#Btofn%tNboc@$>UT5Y+(FGVk4qKnn686~Cn~T?RgEJYaY2z?Xu8 zf_2Fpx}{i+k4F1z+jd{gPxoBOlZBx*w_>ax1Nk2lOU0m^@EN- zWojvkP`Q38B$`|PW1^WZ60oFQQBe^ZC3vNcLPu5}yxDb}nW+gd@o*mREqwg!+40(2 zTU75I0nDjc5+gX6?+|74^dI{iT+emzB9xRN?F0bXrtg39wS~`3Bt_mk@_~tF%{q~v ztmL7*{y1BJr$9RtY*q;aO5q)0H{6O$q_#P62du_`M;eaY4>{Zn3AZs4BiC7P#Ffqefk9L6_-$} z5L55$3TSK2_vSh3>gu|RUoJ+19bLZ`Fv!k@?PdX03L60DGz@rMhv#a20M0o%oaH>N z3!IaB7U+*KEW|Nip^m`B2TT9*M>xx_hHMfhUg(M=W)rt07{z^4A#T#}C0CEGU)EcWNkcY} zAsB)fof%*yIHFmPf>NOWu482zVq|Pe_CVNZ2iSn8lT~F{#0cjnc=gBmsT>8HcxT4k zb|MFS$w*k?PbMDg2Q)~-_7V!Of?*ArStvu~oj=tU#8!|-= zjZ69GwJ{&C7pU%qndf1I>b?WjJ+vYeO#@~op7;1Ks|bY|Krl0;giW9$q4wdB)AamI zWEDqv79@~io&TtAL~9Rh|M3}qWN^?67)4QjPH_XPxaO-5_@Y-Yyhg6<+$T`aZ$}&z>xSua2%^UZr)f5RIPWZN*w|Go4*6rH3e}@sBzH; z6vOkY`=w)os5wevg?@nrG1F;hg>KXtI_9@bH?NoUHZTS-g9iW@s+7`v^V^%^v@UEC2=(L&i~{P}*H+yjFzB1oYcEKf${6hMA-ONhlT2aN0yt)yd`d|v@Gn;oi_IE~+F0Ejdaof+We@-z zO~$&4$YE8QNV}1Pp(!+`+w{CJ%~zKvhL%aJm@EfaOCD*X&4q%tr#CxyWmcL5W=LgF zIwoA84ENE{V|s_TboikuQBnHHTfYmYmY%k$&Boq#h1By&rfTq?Mdomd&DaUCaDrAq zP5DHBRcA>OUWnw@+nz9Ojt;5WQ*-oHIUFc8w0bGaXGurk1)+}~k$+d9x_>A1*Q=m_ z`=|HDfBR)qks#aL+Pj)pl}$fCP8%)odXt>}R_#7CEZl7m)S{_i>6j)g+iEu< z+mhu~yPZ00`>zD$7eAHgj92AsXFna7t%9hqR*#C|) z>ZM$rJWkEf7?5JeZEmWq% z*bfkl3w$D~#sgbM>gb}AVsl_XMi_q$c%3j9o0)aFkaid)cKSKj7cWjtO`N>7(QM$v zHNej%x830^$Z{Sx2{LrhFh4&YSbc-&K3$kpuFU_o(8n*#p;-pn(Gpu*_utA<0pjGe zTkgZM`oD&Qu$H5~*@+12U=Y@o2dwb?P?Jx1ZS2Qt|D4yVh}sHbo7;3(Gba{ra^Z9s zJ=bM;O|$LIq5WnhF8+h%i={G$#wec~Od}Mdgxp3AY89$G{ZVU$lt>*#UY zfe%EVCI;Exu9uPw<@(&TNozL|x^o?>^YJM<7qn$6jeV3T!9x?HQ{fh`0%dC#?NGO| z6D>w2hP~UDGibbo`yA3);$@6s=SO!-12xCI7ZdkSRy$GJKO_`w4>_{#xe&C-xsBLH zEo$Ns4ouIh8Qo z>gpJVt)(9;u5P04ss~(HgVY zq0y|6o@Hnll5-3$(|X@)4%YqLga(V}|4mVK;*JX9AxdqEU)pH+a+9*#@0Hm0Ro4|f zqGs(m=D+daC9R?|BHSItX(YY3a`)s~wXD4kPWci>x|&<|hYbm0Dj(n;WKT6ptVZFS zYo|Md&0`;sFw=^LzmH5VZ4dMY4_4G-?yHD@9trDs=ztNx5M*@DG~zhjDQWvg=c;g_ zRT2>u&kWRc zG!bX74yE_L?4Q9=x*{qCssl;eHD7LqJ}>gqIE-w#y6dhoYH7OJH6;X*2##}aOa5F} zpoU*~cmd@zXPIA!6<%R=h0si_W4-~=A-5?L{Tb7)Mh zvW+9qXDL%=5rvK#C`rJQ_P6tz4YA5lFq+QD)^-$PI}hGZ`Ax_9(YYI8VAdCpB>6pv zB&6v#EU{i|c0+#V#O>yykuGo{PB>-@D%`w`n<+UTFDjKqetiv4WyrxN*p*j& z5qnMXm=*OH!T}4|v`p4TEE*7fH`h8XC=l0b9vAy~<>!8FWom=dc*rzqR=Gi8uHwrY zZ#}|n4f(w^MrIB#e~8kRCXMZmCX=uX#g_i;i1J0t1vk3lua{F`+s*d%hK?=VRX9w> zAjz@iO3q7i+l1*h1&UZa({KfvhSBo=a@ua(W^87<_1+!o72P)%>nO0c(4F$d>_p4b2#)0Kip6!+ z=L$8;&S#srqL;UGD$>Ga%qrj6Eg#DjTk)C*e~4Zm_i!UKAupnOwA)n zXYIz2z0n2RuxV-Lz0|Bc7|XI-gYuPe3hU9;c89obxq#CpK%K$}TN|3J??V80;y!F< zflnS@Pb~r;MmPzq{F0Pozi)!rU-@y7C-YwEAD;HDoSc=HCD{p`x+Wbt*~^sK(S0Y^ z-PUyA!-Dn^X%INrFqsLmMGZAY*3YrYJA9pOM?NBUz2myds1lMs@ud&JZ_w7Rist_W&wHw8#BKW0UYFJ- z)|>aFD6n(6DNX>?vvc!}IeWv*EZ$`bGhO8cKBg}pcuQyOo{P$ac{j>fP+a(3?2M4{ zGVk#+>hP)Cqy8EpJZNfT9SqJ9X`Kj{FL+X<-O*!U0@kxZ1&uh5ht(yP9 z9!l#b(>%#kTCxN?j&^9>Z9-p%HzJgMmvZpr@e?Wc_V?$l*GByhNS`wgg=wKnPa&Sc zLr@=rrE2~gH>iyy*@F7G8YR!5^|p{3v^5?`yV1uJNOr_M0ZD=F6$4vlyz_sW-k>SCaw>`vy&(w{S*+0#{{w{QudTn;mANo|K z0j4qLy@VaM09=LSI-@4jLzLVl2NV@M2cqL1Bw;CEK)l@P2*gn+v-LCuk3|4OC!~eB z!!q9YAahU}YMJv*xwk<~BGMtmVlDX5f3AO>_bwrYIpN5qyn+DD%%ZD^RS~aa<@}nb zpUSx8wJlP`_cWTDgnUf(vrKK7+9pe586}vBFG(g|0uB^wF8Y)50y>pMv>#Fe?^7&{ z*08^w(wXUSnPkaDHz3j-nq3Boolz2TP7PB1<~)Hz_vkO*68R0R5{|m{!r%j2+woJ^ z4HW@kLhI#bTuDDz6k#J1MwA%+gsp;3Z65U?TC3t_Mc8p^+b|3g!(DWZ;zWgADA@SB z{1oYTofy zB-{YmYH@GFGuqD}(veinoJjfC0D&-|?#v0?CCvJn$=J_w42BUsTs8az#C*?_Z077$ z0KR22_Hd%@Ov!#q+Z~fSLx%^4?gWc8tfr4i#NG$9;Q(fIF6j-l!b`BDjPvgApL%X$ z+#818bfRxIhQttt@hhD);>#eq>`b%Wc&QCyX_9dESBJ93%laK#JTtM_c25wDv^{=` zBVQ7Tcxrh2z#|bg2gMfixNIqKhc+cNq}kYj`;jNtWX1n2NYXpR8o%xFZiX0Y=7Cca z_)hjCI(mjrYoC?03y_>#`QBj1K16hsWAXbCmzAJIk~e#Wm%cp;g0!yE1_!`G$1yT( zbgIyOci{T{-A~H#qHT;YlAF9$8o2-wL>;nm&h{lvJumi;mn2mJ6mN)aCL0xKADw>l z%4Tw`h{<@VyuYUVSm1YXS%QpQ%r3f@%9;sTr_nP$)fNh2w<^0e+mO@C!`4wrspwfl zM?y}38!nA_^BcMo#P|zA$Hx8$@QY2e#z(&x=iXgGu2AL74>tfp4A6pTMtp`9 z4)o*nruQ7IJlaiww0Iuv5RAkYi;>u3%13Rd2S^ZWiRH%sEd&E!N|da?9in{D%;wS~ zDp+R!rf4O*eND6Z75PO<78He?S(02HjZ65vZ(=GBEZ~_~Z-JE6(x9p!w zNzIlV$t2rXW_Qvo|dzgeke$6Sw3#Oq>X$|(omo~V~Koq0ofmlBH zB`;sP{_sKeW5TpC6W`SkF&$Q0+0gJpP~K&tZ~v?k$?wjZ1ASLApP+!WY^FG|8#Pf% zB9Cu5t*a(p2|}=yRT|Der7p&pZr>Z&dVI?U4=(n~75CfO9uW>@v*~?4oV=dv=-R9| z`#5&;?20_MG;2EQ{!^))_l?di@zfG!d%Yy!CD&n>J%M9rVtd*1oF{w5Y|9#Y70b_? z^IX1)C1R$>F_+_#%BWNvid4K%qsWo7h zo(OepotayA7Y8_O7oEO4c7g=*A0oUTN-kG+E&LD>I`*(?_S+mS1Lc87;>0>7PCxHb z#T|m9wQ9JJNcF)7j(Y#Iq=4Bdq%LH5>QTFhrLWbKk{fUOI6RQ$;kn(iA0Fr(jhb zu-|xA>U-lJ;T8UVTX}Zrb8+xW`KZgc0L)oPUGzs0cI>QK1o!P$P1Ky-mdh&D-VoTc{;f@Q_mrn5^a?1>~Eqt@+j;k9pqJheS(QGz)NKFNuluv5yURU z=dM$Hon6QAZJ%&b5$4e)1U}BLuOhMJak}zMSKuSh@er5{x<{=icv6ab<*xCp*0Zh6 zPgIy#iR@QdjpwhBQi;KL-=9HV&LeN>klF+Jp%z7-Glup*Yh zFi|t6p>_v?Gm^e8UZ^`Nj7NJJL|*p1%J}6}u4FMSKVjNrYMI}8f8{!ff<@X8;#^-i zeLyOC(e2R>Ow`*aP$q4O22>MNSJ%P{oF(ssd`5Jb zHuAi&ZI@8RdZ>@#3?#ZntQKH>Y5oQ9A@UIHlFuUeG5li%CoE>}Rv*vLFL-Q*oLx`+ zhi6a?;lZ~dUa00$)su^7;0F(HhWu)vw#PYmllG6s6D=e7-q>u0;?JGE0`xad^JLor zKz#xcFhh&KSYWuR{6*^q__sOzyd`cP1^xj@Zjz}EI{^;-MWF6Kd z$VGkhT*?Lb$9Fp~p-w`F?a8AM(1%10EBCpOXgs2j$n{fV7qa(YczaEsIuoA<{yq-b z``tgAf9yrzf>knWAf=|Y4aIx?Z@`{^E5N=V$F=EYTPBtyRb4uWe2|vCpqwD!5=saPjsb-qnkj>DA;i zrLh<&43~iv1UHrGs60f{aQAHb&%Z00Jy>F}04_n!guh zMzGn_!_lH3WVbn0v6i&(tpU$eu*=)^$_|J%3eJ9BCYg98Wct{kpO{sJ(nY35LHZwD zktFhu?PRRuIyi9=`3nq|ska*dvhN9^F8>CmA@aEjc4>Q(cAH)a%_0Uv#$!HYn^jNA z+$io1TSJr%wt`k%4?R$3u78}x|HUhowCj}4peyBUAzzx8-=i0MZQr3g{^<%_1w0S*S>fA-pt@f#014i{U-g zfxd@B#GRF|UeG)I^UUEWYL>|DW5UYCEtsb{UMh&n}_ybvBH@9pfz-7)1e|*Yvm*!6$K2$9CSiL$|n)>BY z!fZa(H7vobL{P?w=#7@K>L+pf%W{}bJGoay4x5Z(f+i1mEkdY4D+@FzS@#(0;s;=2 zYW&L#OJs)QalIVO6D#X;&+fr@_}sPTll}9%f)6@8^#Q`P;`6;nnp9EZ*Oz`&#BG)| z5K3>YPaZyHTx3t>v3LI_NAj%|(A;%BhKZZ13AS za`eNfq}R^+tCafu<2GhaOnVgudnS2jsL4e-e@o5JX;J>4d*?QGLW=u|UFlXAj>Jet zl`UFNN3RN=EuAcgJwJ7N*WB=;qlQF<$k!jZBCR*>PP4At#H{j+gGz~ME!N?(+aVZ{ z=?HInYyfL?huxvoJAh#${s!(;OUC2u?a^UP+D_eOn`7T)Q%2lwezI`ya_Q7-rA}UR zr6iV-WY@HczH!!%6U*al?u@zCn&rP}_Kk!rB4H*WQiDcir=0!CDJp1ia;R^v>_U$I z$*CO7IjQs0rQUGXMhDCU5DNVB)h=PT2vFH^h{Emoa?`LsT4y5b&UCgY2vK}1<9jBhx*jFMTyqoULo<*Uzd2@Q4MuqqJ%MErw7# z<06H;Q+Vkj>Y0^*{8|kBwBv8EP0yWv^+cGKh}yg<8l6Sx6v^(Rc;4v)4wlr% z`m;@ojV-Ai@LG^uub0zb*HJey&+h+O{K9eP>uEf=pM12Yes-Yq&6P~fsRJp`tJ*l^ z&8|KCeL3;_;M^)ioVPA*Y;0V4%EHWShuH^EDhcUG`3`ct0Z0o$b80;sFq_tTM5$a0 z+#1cC4e6%M3WYAb>;ONN^gE;TcY8ajikPIQI$lvmk_K{*i}*~idnD|3K+_*e?IJ(r z>@6?#g))mm6HVpx)@lQ*l=DOToo}Arh>God4DLwy9+q~~LO9#L#>yLUM-pKnmkr*= z9|3n{z1iJ83m3p5yU19C+_u$aOVy@G?~EG#-K&}V{HXinxZ?)AZfT}S?XFOPhG|8k zVMdmmZVB!5nQ8NDn>ML((p1lwtVW8^jFu!;5v{YwW1Vi4h2}oKw`SA2CXME(Q4(jF z^FA25ae*>z2@vMl;X}IBJIH_z?V zS8ir!X2@A|o+Wa^XLX{#`2(-L(2rEHvLgIQs{dqkK^s2Ueu({lIxU@3WoBC4)) zAQVvv6!EUVlp{UWAnvVzM#dCD1bzopysIH zHObA?BBMXtvkAqZjoUOpUCtP{1k`72A;-S;dkEtok(k40L?gdWW$Wd;emp^x~&W|*v3?GNP_KZylY*qnIxNTlRaFfhUFTJ}>0|K!mh zzlf63I?07W1j@~pPxti=&d#ZF&cf()PT!jHa-S>M;4?HOKEAg%hHrh&M^_a-LIS^= z-6y^yMQ8=6kxc2pMnVZC z?KL%b$Wkg>qMcBdO47bc3(`W`m#K#KWm;!ynwjTZQhS-_}x++2yyaCUDVp z7)pdWX3hXHGQ$DFc?y2W<=h>_IL#UeM3s5%5xl zv*h+!ZKPU0``!h)aYx8H>#5WS?y(6cJ|Fm$RxUQ?u@t*={(ah@&8XnZ;{0pkEirHyUu{ zJ7r|`7uyun{k@gZbl}(%xyv9!4fE_BYAG+lCH5(n>zbeH%(9{X(Zj;P zjl}zq_Pp=ZxCCW-QC0$wPhSL7t&Q7aJZL@`C}==j^vT&hXT5mv2|43E$#~(yWp?}9 zQU;|{L`Ujuva8J?IlAsGiW{{rP8qGNYk8v~;_me>Z8@p;0^mJZG`HX8AjC#p&rU+WQ~R&j0`r zA*s&V=R{FpVM@F?AzWMO07pi4hp)}`enO#BZLeo;fFfY0{oYS2$T%w5Sk34pP=%#spk)pMHs*%Aq=h7+m&_Cav>N3&s zAg_h_uT)E~f@|U$lR9~thB`KrFW=>cTgJYJw&X{qec8)r-j&7(<7k87=6P4S5!`_M zUK_Xciio4Zd=V9;+4BWnHpW!FIKmT7t#51DQ7FU@ZBA^P)%o+6M1>1O4*XMNqcBFP z>&5onD(QiU6ijaC(f-em`)@z5qGwwiUrs(NX3blt6=IMwd=bheF4_tETC|p!*gSiS zAG<3ccYJqpIdq!ZZDBmsEi4XHq=(z-6R_FQtHJM+bl4YD0Zww<<+QCov$4Cij_$Zf zthu09n!O2K7~{;yclT(h4_0dMx-Z4@T@cwk9Aa5(ne3fH?Huc3qzh4^K`Qm@E!4Tk ztdRn0l26KTaa@C4>Go>(){pmXixaB~APur;=A6H;50BXKZc4;+?lGxTvQb8!Gq;tG6$>=O^T-|9a z|1EGC#5um0a(=vFrt7R?5!M8{-nYr#!gDniqeLLU)W@ ze?h~`>VziENI2$}OVc&xSCbt+l_|Y`#0>rK@IG)~UU0xy+e&H&g

vDDhl;9iL2-dL3;t>q zsu9^Qu^2^_(%^_xI8Y?BIACBaZp>$5w3w4Xnx9$ozze=dgalmgO8*bnJJ2}-iPw;% z+yNi|;6w!t<1I_z{&akz^5=gW*ByYDTPts7rCsy9>m9ccpxx5>G(U@l1u)Mid0&xPv(g*>Y6H zXK8cV2O7aR&2APH6r9yuRBFTYMBzqu;mUgeT!92cOTar#66=ob163?Nqj>etq~hx# zQO>t ze`38++H0=sXUz8mH$dD`*9`kS_`k!@i(2S=UupG?gDAE73t}e3weIULEpG zIMkf50Xy=6t^c`xjQFLmnH*odbMPV_Yby1kt1n-^TrfXx;VIH^4jQPQj@y0hqG2#0TE5%xX6pX! zM|aFpVC$_>O~`R`9CHJhO|t~&8+ln--mFVa^18Ld%muH7y5AQ)w5O=Ex(hd?rNON~ zAO(l={QETNX=-9}XtL|dxa~`|aHY9Kp&4YqbJ)Vt)8}oyVJj$RJYDFvHzX-#}kX#sIW$^82Rx=?mK;@F7;C+wh<#>uujKWh$B%H z2HXMg70V7s!DMk(X{;=)QwJ!O$AI+JDJrKeHZv7d_BcCD+0@{5#*40cOL7xA$J6bO z!{72^I#QkvJNnp&-wryWl1a2tYG)y@UU?F)i^?D~=2rUyPjy#^4eTq8&q0;B0<8Oc zURsnZoWj?3($h(K$iCj0^7e#DsURjnvpcQ$(yNl@R`xL?wf4+x^#%sNBfRAXQe)%8 zU%cUO9UnMYhTTCy5{PMd&sn>lMahwGG>_BR@ohu@mqDKo8@ryEUnx9bQ=Pb;xo5UxDSKSMZriRJ)@DVf? z_OvOc3$f1g8L*)kP=%uzr+!7ZMi?7|dX*)M!dSqmo4Z=cEMaG?sj*!Vm74Y;xqGm) zy7#a-WjM^5l^xX+^6m>K^X@u$Sc|dV>8%^gkk6XT91mo`_3Tt+a0X zL!&|*+9o5b8 z^xoUhaOuHnlRiW>GkKiZL8XD~8e_jV6#fm`n^4!{sflR|01Sgax5Mc_wd2IU$gVzD zwL`n`V~utpr_Wv9!=znr=M?tdmiIMDzOVDe`QrD-gKTtx0#0n)HjGrB2&@fon}~k^ z5(kWmkrUct*6m^ba1W=_NcRQjp^jPoL*wf4M?Vc1G*$|8FOZ2op>}<#%38S^OXo9* z@1v{F6AtW&`+>mU1_YBS=WEp=@(mCfNUv~ZO{Q0VHY*_T7kS|_tuGDn);}bTFa`(g zZ{;dr0iz@SSy(B4^(?B%VXp8kJ|b=HA7DPvasc7$97Nzh%zOwuP3IX5=kbSB2L5C0 zP>#o!@St8Mw|vml>!$yqHkVDsKw`R$2ikKAV&r~^9%=_05(JFg5{Qx8>|FV;4zBJj z?9019(4Ie@m7)6Vb;>AuC3t9*n{5+}+`l}h;5IZ}lwCND$Jlfck@oI3Lkxb$!$ji3 zyO{XKa8|tLl#K_4_nECxWc4H?w>8A6P~1@x*l@FUZVCL=oHFK;j{;frv#hE(gGp0gEk3XkQR}c zZ>_*09<2Ly;~9w0!RfTR(XV0K1Nh`ckX+aU;A+5lqD=zN&$6A2!?c(k`?7T#tCZ*L zgXM8y1YLhyiCh55c`lmtlx2Xs4MB1sii_GLeDMWm+1l{zgVhKi#?iL%S96kwg9Qx! zmCPbzw6ITMI052qjCFucMU(?z0QD!yN?qx>Pg!?F%& zV4fFXuau^d7d!9Cp{&$qNcST^-|dB_sJl^vScnY&irHCL2PB6#PmY&G3GU$p$(f|& zP6MB;Li4%g>z!b`7d0ER8XcCOAR6wAh#{KQqg{I#cI)6bW5zmA*Bw>u)Yc?1JAP<> zS5VU?7QqhN74T2%B9`rhW)xJ^C*c6na9d%wilI*eFI)rTHl%b+`}KEa4u~`rgMB|V zqd2ML>1kIVoE-yXT8TWM$V+(#Kt%|m4-aL?; z3)N3pBun%ZNY1T4K)fNbZG?jb6#j;+6#kFloa;Ud=|bxep$bkN^=XIcB)fdfuh`}9 zfF4X-RA$U_gn{flLltjZ zCwPK~8=$5xQWHGfbANWrX6)EJ*sDQNmUE@nv>KL2X`)fW@5ENnR&4{xIm}h3%OY8; zBtddMPc*OT+yzQdJ|?Mb5h%fZm+Tn857u{13J)}|S%~_obg>LKLKlX!H^7du4$xGL z8m%hZz-;+}Xu!S;9zz2%9_zUXwo8vKXdlahK{pB#YLuW3zlmstb1n;w67*4{gxsbl zKjZsA4}J>bBl$x&ioI}1bx+w2GVFvt+sMk&iN00J%UPyBZFXwNNC;1(l+RezM7=4- zknZ2fK%l9KuLa4OcPyBd!~YRT&fdvJ2@PU>hcXZR45;I(s7znT*?N_c~K`;}RS zdq*60>*@Jeh7zO!wq`i$iQ6QleBv4wg}}0)qB=+q?p3p!%c71_xw)=IF|h!P!Tkw5 zn}~WEeF=e`YlTiW^8g2-FHmpK@^aR-5+(N zhS#;*_n}TU+$AX3{WEzKwShwhO;%!90w10SVdumTmpGu`l!b#UM*CtPH`)KAl9eHj zbz*x#CmPPRlwvs_P}<#yIwkOdOXL{@x#9|A=#*dvHe=q!U?yOgbs^C69*Kh}0cco? zWoO0Ffqk4`%&-|IU{IANIwg=U{d7|3bj*Uia^Yf~^uLZXixT?(ljD41F}Wfp!Tf8P zXXvK-^L+#_9NsNTQX!kva*Nlt$@F%SftL~7(x#NDs50E7h9MOZO+DB0}u zxf}m0ITvF~pl_9qO?Pm7VVe1*kavNl)%BUATB$YJR{OQ|tiOYT-~sI>aMO2Mxe`fF z#5l0B(M*s({ay!#$kYlwwlw}wLwS*_vw{z9NsdoY0FrS^4_qwUaSL(R)>+J zfCQwOAW%U$Ky$TH2UbfCe0Esxube2WU80J-GB~yW1hv?q2@n^9#qy)ZdM?62&43Wxg6(d$E)O?7`@!6bMg}!qKpncEy=RR?Tg=Od1a54 zlK5%kmF`LY@8g#4V9~-e*c=csX>v^RIhgD!xMJ;vw8b7B@Z8@_@Vx$PzPdZWoLA_` zi?O_P9lG-!)Bl1tU<_$tOleGt4cdUgjnjB1SswUxS5vrM%i9c&@syJQG;P_(`G^EKJt~ z$?3pyDE841iFt^H34Kd&uz;7c?mlyiZrsVSlU{!fUyR)n7L*+QC{0dKamACqEQjkN z%C8@FnXsBQPeY(qeGxF#JW>RjN9rXv!wUqh+yDOg^VLLM5VImQ&*BB`Mfj(wFvLqbnGpoY4mH}t_3Y!vQ2i3v+R7TGVV#Q3CblCSv>>D2 zzA9JztJ3FQ&6LAmidnv~8?d??9$QDFHaf!+;Hrc0x!A&}^S3Tx2}*po0|ETu^gS$kf9eO(yb~e!#Lu!0C)sc*c3Sl^ zl=t38Gft)#AIol7qjy~DHdnj0r^C$t+q^l)3#zc;43LNch!K3)!5{M= z1Rba^4nOUqYo!;lawv>y*AN$EawE4(t7$;6?^;x=^s{$q@`9U`{>I}1Cvy%rydcN% zp%-XL!*hF?QW$Ll;$J&OOG-hsq>|rI-tWpYH&(e|o?e}DHla5p+0&JIX&51VDPNmC zImp`9WHG(rIi0Vlu2$kz<+hmO{x`|pN0@o03%!sD0-j6*(sKeuP{F@zYQ?OKVEd9N zQ7Gr~6#}t$0<{b^Qo&3Xt?tU2ToM-b2^WM%Icdwu70>lG0D`#QC`+mGg{kDY>20AH z{6m{;`g?Cl70$o=;v1gu2AA$+AKMWT|8(8#q$EC?waA8}YJgeP03OTbi>2q|MRI$Y z@U-Z&XbpP9JCQHI54(#1(BB|CEgkrR^3yfA&2~g|BWI2U#s}Ccfj~0l>H zF4el~B#s4I93;9(JfY7e`$8YJjSM^SK?)3{V*FeyW4PcJ2u5R>LtS~&#vMsm zQ(ITZ8TCefXC4&ZQf%0qP_)GJD?7s6Nz~QO!?i73vhfkuWgBa2zk-5YQMqDOlCzkX zB5@#XG}wB26XQBef+=dxVf0)6^%U20WV;S`=AI(@@JWh?%u{k5vSc!oj!I{6?Sqv+ zvrqtdo#rpy98DzQ4jsBJiuI#>pJ*dY)Qx9=p)aB@fo5Oyp*0!-9SnQJYNteyMQgXq zd#?Yh#&*RxU?@3(JE>9+xY2nWSHhw^T6besGrzRqVwBB>3_8D-S1FCww}m_F!E!~3 z#_t(C^wO>vLM5t<-3-B=QzPn!I{+;ZRn8gkGh?Wu?&$}m+bghqmoOR5@uFB>iW$m= z>+Xd`mo`k<0E>>`TA|y>emu>ynk6dc4lnc3(V=1s@@fs#fS#&hKT|HG3QIj5rV|;sp!jkd5J&>kaGeHR&VGS$e zQ0K}i&1i|a_ATounGc0r6I75=PNTbTyB08$CNR${3Jv}tFcYHcyUwDt)+&IngtIVO z?nb0Plf#RFR?Vn^zH32`pGmXlJxdhw9z56m# zC|S4i1`eJzPO6>79THMmlN_!LL=Nm(^TeJp>~g-~fDiw%9m=xNH-G!Uo&W%md38ELB?DICeK#_t_oq5<6gS$j?kTnZMFs zX;F-13{V>0ac<~(q7J;kfe!T!qz0MOl`ouIu8AFM(c>Y=#?`D$YIN-?iI;Xd1Df?y zq(R-86f~Yl37?x7^JhUoD(M_jLB4jo;gR zs;k=lLoeWS^x{%H8Ym~bf?mGA+r(h{B$++J-8z5 zcYl*b!SXB1mc_)x@b(0}=YYWKG$?|oDv0T5$77_~BJRSOPOMi>)JHV6plYXlA(lVD zGl%j>{iGQ0BAYa^Rw;v8!kCfK>^$yrCqLWB%WIm45a?2C>+tLCmTpZ&Y$cJq{QU+? zs9FacPR{7xR633gaj4`sA18m9O{HukA*}m2r_@zM)pB{hurWu1#hdD=FjsNJ8E1hT zmXN`ci6yeqMoH_lMvLuQp5W;!z>>uc6ksQmXk~CI( zi$2#dJ~~L?#3)H1#HfJ0wecAx53CZoYzG3(YT%k?B1*&<{-b>yfb`zFsWYBvxX`PsNr6m7rpW?u(- z8ouHE0y_a32E_#F51D~iwPC2ye~zEYi;kk&CF;9FYK$h+zet{}cnG39-?8_?YTMC1 zny^Hj{&0JUR}%o5_`Ksrp0CWI2E<{vnx?mftq!~$dXLucPq!E+&Y|-FW$uypq;=nN zvp$A;4b#a{s`)aTPUe|i5vpCX3`cx3htLURf&St42RF;gI^4A#>#)e{ajNGQQEa}1 z_+=EbarpuI1reSz3B@)ZcFk@kTTeb11bQ5K+mhrgUX5iQ&dcmRUY822;x?cc$Hn!H zydLhpPbC5q8seac3U_qvPAF~kaywy%?dif_MXV=UO8w?tp-uDw%1LuNjg(zjmEB)_ zPtnQR*uHsImsfLw=r|B?m>AIgJ;)aYHXh$?k$HjmSm}Q39@G#uKQ@|~h|zHeU$B#; zHVbJMKsqiFEkj@F_em$3CA5E)peT+IR$M|X;gAJA4mA0 z9C1%{oJzur#Kg=rZ^?^MD0;7@fVjyxqwXaqCKl3Zee?p7RMwV~ErcP2k#GJ&T+fA< zv4*+^iE*}ESdrvhWrYj%KK#;tb40Lf0mgf++Bx?UoaH-G+FBT(CI!qn{p#o-=IYs` z`-^L+uc|hcD%JJWODCsOdfi$c`Qwxt2Ya0gDR_F8=_!knj7=)G1Mh9SWeV-X#v2>d zmA85fUGi54s4tfEkTX3a|_#D?Q2nzVeMJ`ua0D0K&tSH3{KC%lZgHZ{bkUiaZBb$VpWkN{&ff3<7@ei!n=L zcxnsOdf7iLxm5ZxHrv7Rqw7$rX~W<56t+5sY{{y!{kBYJKbH!pE`7jTqUG~GDL+th z89G`cnWtkj#If@!Vn8a47a2bqLJ74g)X#EtRHAez z$ec)SSfS`i%NQ*6?~0`y-Yh3qQ1)PlIe;Az@he|$O$|xGG@IJ9z!uJZfp>s}`B3{O zuN)GP_OyH~b(iy_lwC;=rF^r-jJF)IEyBQlv@!5V2vV~U~$F@I4a%Rib4#mQh13R8y{=(fvBVJL}GxDG$Z z2!WZ22b8QceU6`02#w|&hl}BI_8_@63Ig@d{^djUpg8qS92|_#HGA2<&&NxIu!qlz zoHJjbY{?}NK(}U?(WwL=AiWAsE1yT$tfx+O4psMnhOW6(zLA_x{v4RStS#Kh`V1YH zSnt;Nf?Rz~tl;%2N`aWR%GTKng_l8{#x<8xRS{GRAl&A$wNs|h1@b$(NwJEZI8 ze!h3_-c4y5A9NMMn{d(k3q|}%ne>_QeZZ&KriwcmNLmNHX<5Lc28D%7+d`eJ14+)~ z{kUCnt@q4N=H1j-c0i!K+#Pr?RSPUsolXLmtVKT1C2|r#8CAy#>8*jXrAL;Bu~WRA*-A zJv$)`tCu}ToZ*0SP;N&3!)PM&3xv(iov=wu2I_&{ZvanK)=P@({G`PB#=?xeelf;Z zU*n(j=cza+!UC@*=aDoJ@RqOI9?#CTki%)?ZTB{{eIhqHNp~uxQoSYOt^?VeO(su4 zLKmQE@n@4w2!a^8>v98pc~{IFkwrF&UvD@A*W4k2kxx7-e2CkrdGm0r*7ni@dwEh( zo6F#gIeA~Iw0wa-d{e0Ehe~?8xxWK#D`%^Am{KaS4Tl??5npBMmT#dt*kNi^-b{W# z@bl?O#yK<(jUf{sn>O&wc_h_>Fb<50*LcJnUBdlx#sF7cIaqTt_-soza08wz7Q_$r z0RyI6p@m9=gCx58$cvmiimYmXIDND~S5_IRt?`8NA?+>Ak+$#N%;7Hp8bL6zyt)0! z4UR@3uC*Qgi3!`MjjgHBs#BEvHNDY^i4x+!E_gwUC_$ zzXax11$a2Hr>G9U*Di=n?|s!cBxsY-?}{tYI-N}&Q9SnPp?ZI)4Nk(b+U!b6IEn9) z>hK-yeBgsD&|fdDc$QX*quJHdb7uCphiDM`NR5K&+V>Y>Mn42{X1_d_<2k1Qm`3@J zxHn{aFUZX%gkIsxZ5L`D==L~bFn-s_dR_h4HL>vP>)&~_Kj>ROKHAggY=J09yL|g% zFUNX3IQsS7O`xz>EOcw6#^$=GxjC>`s-7S3mx&m~WOK<_eSLRN?yO<+tK>|o5UMw_ zK7C&m=W)DCvAb*sA%&n~kn#iwHHE;-d@qLE2!7Vt_CJPKn93TL<-mgfkcRf+*;NLj8uFgs&Ki6VXc-UhSn*%;D=zsJr>pP^ou@i}nbdEU>k4I&S)LRoZw}KT6Xa#fwC-u%Uiu+Gtz4PpF`+ugKD!0O!965JNT!*A-m?FJr!1T<| zwIE>bv{6S`@3XVI1^`FO(zFcu8(9T(n#tDerJR=PHff0up81DjXA!ofW^VHlE(*xuwdb)};#s(k$6n>l3Hpv{l&UP+ z@D`FH-cQJ>KHg4wq4LnVWt2Ay3!X{?o}OSoilMc%L3fPyTypoN{*``8;-92shhM|#>Vj;S9!L7D;`)*Y?-mdBjHt)H)7GmWhE??4HWZk;Cq0vEGm7*{G zX;hfExgYiD8!FQDcHX_cZlm8+ul1Q=ZI|K3uMiN|bQ?JqngXpGy8q@Y@bp4;DMp$j zoa*$YtgOt1x)3)M$)Hq>rB^tFHjh11u3odI%om~*8cY&^|3#GIjv@z+3Mur;$kO4o zu$fN~m#JT$gYnim_UtJMhib$$gND4HKIuuf`53Zwla_MN5V;ms1X_@+e8oj}!;@&$ zXA+8Az?K>|2cc?3Kl(cj^RX_B$flFagicrO+JEn*tv&xGdYdZ!NJ`;@D_NWVc5hQ$ z$!UkdzJKgR*?<3)kp-7WNr(pLwlT>h=fl{qWCG_KN_uaWBKTi)Uuj&&3rj1jPRHKZ zdXK?iJhbiT_pLsjd&!wnhv&PURI}!;v=Lu6ohs5&l|8B%;@nc$5@X}CukA6kO)&`> zjIk-KG_n!8vh4i140zZ7VQ!08T>q@DlI z4EmTVw>|Hr(%AH|&gTT+$kl2V);H}h%9UPq+)v-c-Qhu1T%&cmbIW@%!gGwW;;RCX z&=7il8tF2iPHmzirg9CVK$h^)0uzI9QHfA$^eoZuX)+|Gh|Hwak4AaVygQpXRGAjp zgyd)B>pycOsJ<)Z{K9sQb58Q5+ER2|Y|o zbvg0$&Ke7Tw$C*Zit1E1d}eeV)O5Cj(pVd^DjWJ4$;6OjgjV?UcR@w&&mw;+4 z%Ucsfoko^|9!B=T7OcDD?9}w2^mJKexIy>#^kJiP>N+c)bG`+ap1;qd>HsuTm=o*t z!DS@Dtv5A_OAQD93TIR$^t;Lf$6=8eu7yYDeX4bg= zuWV8_)o2;`I9?bf15yR_t;(vZt`-PB^J>qT#BX=w>9lh5+SjMznmV9UMvO~=OkqK! zze??rOX28_jc7%|UAP7$rMa1}EWW-zr0si+Cs~|i-bG{Ii<*JmFJYoDJdMF)ZB5H$ zgr0*CdUgNv#fGav;fcQqzB_fl`~HXL>;GUC-0QcO7jz|7 zeuD~c)LH|+H0mn$l;mo*WcKkHLz`5n_sJw2?hv-~cKG_Y^Ya_dLn*BnMh7)1YYt?C zo^#&mWov=_2oi#eGEOmb3)f(#YZ^trL4X$+MIqw-*|KOo;C-`>EATUoC95xZLkva7 z5{Pbm7od7dInywBP98S}ipX~@DCT*ZsJpERS#5BNO}f)dRZwFJevfTObN-nT-;-3Q z_h9LvMbQgj9c$Zfi!+B1fXcUiAA!Gf=hh3vD!hW?N#!x)xU4z*LzgLPEyH(hnaQzu z<+=oxlCsb2)x98g(L;MrtLrUx7c9&qNO2^t(;AWt~_ zSIuHs#2s7Sb4ckw;wZ4&)YU*|ip5p5s<7|nHps%dtcR!_>e~Q?=a1`iW!a%_l`Ctq zZk2J{QGw+hx&M(7snMAYR&j|=!$uU6Pqm7gYCOiezEB_`ik*Njs+|RZVU;6Ym)R_3 zZ6E}ZQ;#<=njwy@04y{hn1&Hej=xFr$)9*F?55!M^gTeKHg`}pRTlUdCV~SZMonhS zh*1EV{Pvn}sNoQkjC5KwiMob`XB6Lh4yBxca0^0HnPJgPzy%}~n#_P1X(n1e z$ji_CZ+Usq6%f~+jqV@XAQF=Wg^YK)0zX=}=DSiPA`y$=YQJ}FaO7RcYMf4Wv-%mN zDgqBNa*FR~--%ej1)^+)R6bLFA&KE^Fpw@PVvdCslC=0|HHAk8C`XtKI;jJehC0raw_e4ZDYUo1*AHF)?)BjMp# zwS)N`);k!ZM;WwJMH&jqnYkJ#%9+tu{y$4J<m2u_D}?rz2y?7j-p#(9 z>w?-*F4~6`J|9+GS9rzFzL?8Gx1LM=+#7CnW1Tm=Y?1$5{gAa*e8s#A-HR6Q5WTwI zY#&?A?zDvQQn&r2;~kIF4w|@kRYa9^%(TxW_4avq@b^AFgg5@rRq%#(dzkTwc6$oY zFE5$F#l?^p_^9;y52(4Id^gK#q6^?bIE;H(y6qi@1leRtP^StcFAcid1)`u5+bvcM zHq(pcTAKw2w%_f{WwbNUU9d52>c8M4v5fKY_qfw!;S@ZZXlnNxS*dw0u6ftN~BQ`-+YvSYY;I)BzkiGf&L<_**NK6J}=fay;i?Wsx zO{r4P7SL$?lbs1m;JGmj5It&63w{)Um;%`*L51^jwf&YAEtq7Tt zuzv-M(VSClGF|#V36}ekOPF|jv-P3FR}4lzyT^}z!{rUAmlk*@jc&EtQBD-ta6D4r zWl5f;F)mPGi*=l(z?RqKCPp{Pov`PuRBG2yzP*y`8xl(`qy}r9%cU6Jhxkvu51r$l zSsc02;Ut6CDztJ-w}INLyhZy6rvBOOuCxoe-ZHfRc4E-+!As^3 zPkb({>|A2aDC_M7ixe}J>-PL(5sud7Qc;}c(eEDab3$76;LTdWss_2)nkwZTMBYzB z=)o_*XR$eqtPf)n_F%~@P0+{RLjD5_!0HRcqLZpzagD?A2A{_Es&`pinu^WtbF|(Z zn{2Kg-i5dnM7dBqJ?C!$`VSKmWr2cf$&M?3`$7j_lDw9Y;^f=a=zNZI|L7nLMfXk+1pTf0XICEqPt>S#Uu!g`U_LfvP zPX;<4tD~T!l|?ZVpz_iY?Cj~bHfwkVSM+rN#ccEoJ7^5bv1O$4;}6eg=$3Y`oZ8vV z{0$1L?`Dqg_FpL%o4rri5<^WSk~H!L^q)An;RtDU1vfIKyKLt(NJi8;KsFv5rJ}Y0 zXvjK%FupSU<*XerZ>d4E!bp3!$XA;|TFcunivRSL7M_W7bEWT(6kED?-@0|OY+y`# z*WleldZ~`;br%fIy%k>FfLCg+w!A;|=~k=*1C>04qJ0TBC790x*Uj0$-$WjPP#*yd zcyFAT_+IF5s}kc8%>)iiU&}>nfwlwNc-_Fc$ZWN~vVFM3v7C1?`l(qxn5x1Sii-Z& zrV;9i`2z7L-dCkFczx2~W|RD#N&SxvWkkK`cnhWUdXiY&x~Ct+j_T=J4 zxQj6NO+RmX9S^{sK{=mM`yu;K=o>ysIm= zo~sWwCtBl;ztw*8Ihmguyl{O7&Ch4)(m^%%w>ir*(@QJR9=^N`aS`?J0G#^(z;XC} z))y!w?AckyK^`ev$3b^(^&Nhp=`ko$KPIk(yScDrD_?N z@bJ`a)7kC&V!t4#ELsG)upNo_nNBA(opG)fl&nIZ)i6+mGPbwU&Ik26xT6&`MI}2a zevDl{y;?_$%cGxav8(QO)g7hY8_H7G3x=Iczm2Km6l7-4U&8O()wjqu(&^fI4$Oyj z{hGnqn`ZY6)!Zs{M35Q|dnnbnIWcwo{#;jV-9}bV*1CpN(Rtsu_T7D!rhGOdxIUY&kz4^`^;%wFQNCkMB-^dcOGfEn{gQ-5p6x}@pay_ zgXx(`4_rb89Lr*qRiODPY;sv9Y%=c@>Z$C1v&n53<*h69?&z8qb*XR_*M)o`Bt8zA z9j^N5fy`w(C3EssYtv9?AC-IvU%z@H&Vk_z4rU%)FGRVG_0dEpOcoI3&#uX>d&TI_ z!Hq9Nqhvj`Xlov=EUVf^hUp2w7G`|7G{IL|{?ZRGonlrhtbGyJvt}FFUXQ_7nw0aR z4RiHMl(s)kg*qg@!zQc0K;~3So`AgL{`afr<_7Nn#yDn3un-og@^HE)3QD{Oc-^hD zzPXD4^Q--c`@?^X0>%}AoAm+IR*G4i!6&)6N4ZzB37+pR^c9(=$G6f;=0ViE=hE_EGX{EdwJ1Xvcr%c1qs%&)pYbZHPY3T6zoo_JT?Pj%1T1=J38&t zeeJvpUYvv3c-L`qwflh9>d-~fAng@q!jntl`2k@_E6dB#3PmWvZP>-S_t}pJhjsbN zeAQTl^44kaE@ZV_ZIEN}s&JMNNjhUR!XT@?=2lo$N^g?P@xG$HX_e~my0zXphqK2H ze+;9XFSIZ4UBWY`FWH7xDnH(P_ugXe8<@iPXB8+&%WB7{BDATey9gdoD~zn7&Hn5VhLMag6$7MWi5-e5V&-tZBk zc;JiV-n4j1$?ZXWgA1N2ki2mw78Y7 zO)q$p9x6DquqPCsJ!v=t$6stq58>4eUS=>boS8|ywNKjj?Lx)%wLstmAy6qlrIxEG z4pKiJjL+M#Q27p>dTA~XBNhvEeHnEmSH&b0-F%srGY*uI&oER42%x)pmDkrV(-0mQ zc}J_Qfc4jZB*o;=fQtMkGpIz|3BQ60MJghlkeUIyl|3k8TG=V{kd0v?LPW>ClV-&? zT~=OsO#KLtfFm*d;e%5K>)krC42Gh3_TqNE{pVeu(3VF-ZmurhP)>zR@b`}j_fVjX zkh0r6Nfu!)YfwL2=eoK^zWY_sJ#UG5fuFBCsU`}hu=RBjn!@FrNJs*nb)udKz{h#i zQWj*VuRfVc%w0pIQ#FLH^;~rMZe$Nv z8WDDgj5jUaVNWu(>9myujkM8Iu`gX!I4r9Z$VI=1jz7A_V@?VcbDF!3!^Rgm&kV!# z=O!d|8~Iz@$E#l1sxPV>StBvchBzta?$br!odyW zkVFw&s6sw^-4sVvTC8gICHk;%KgGz#mp=@r;2jjVUX?Hdb6C5(=(gyGW`_-lwz8`ScV)!Jpr8KPG4E z9q6BgGtnQ&EavgMc6X16#OT<0sSs#XRqsTn+7h?Tfwq1o{D|iDy3nSR0UE{Os;XJT zJvN0DXk1rq8R@&%BQC_X9`He)b-fu9!tO2CWJUG|O6Rdh=G75FCJG>UHA=&V!z-@#QHcNituH0|T(`Tluw+R!QrM zH5lrAE^~6Iom_QDJ3j?zSW)`qx{#tA?(65r`=F1!v|q7Y-FiCpLtJm8M3gWIj+-ct zGg+jZP(ta$%!~wT^IjmNeROt>~|Qq1T@PJ@!`qt*V4DlZYPk<2s57V8t@p+9M+$ zJa}N9(%Wbh98{06?xURi1*Nej!}PG5UQNlu+3IJMJ+OZdwST?YZWl#LzNL}2$jfyvifWIx=CkqZ}2nA%jmjd@F z7(5~1YK^z=_^c!lp6RDF@a~<~t-j98J#}ZR2uddKTBsNU>p-{+S(+LlFTa zWuerO=c${ux2!Q-<9;S4tQp197w_D6K|Vac1DVc1^CPJ z19)J1C7*92QHj8UPc!P+`(h!w474X4VO|ENF?Nl*28kM&DPbkuiq;h{1%HGJfV5O;i;|sChm&fP4Yon+7A7=sm zM8J6_rA9;+D(QHRKZ(R#7Xm4WPU9&m>G(X?foUnH4I+-so%@naco{OBL#cJgYJ5lq za8oXXKu(@_<>+YLg5tO4IX8UaetGTF7S}+5lsBfI$~M2iNX`e4DU>|k%RXne-r(g1 zX{YL!4`i_IWu}P3^Ylh}=IfXop0|)EHOb*wT?*H3YW-htneGe}!wUvb*kVszLY)|UxivVq(ofW#0Ol;L#> z3W7phPVb*GG)xZ9C9oU6#o;*=tmek$F*@+=CKMX22d%tx=`p~PQuS_oGBP!NvrMu5 z`N+0>s;phQa@TcW5?v^;0U~UDqrObNvRe1S`g>%d|{<6(6&(# z2sEe4baf^PG!wwj{4D}aRA&WRha=pp2~x7ld;-^BQ|IJwee-UHuP;?E5azp9GvdMP zB4c$?{&%#d@{G|zbLjOGf4skCd=q=8Xc~inUY*K832uly5iOvjvpfcwnUeh~G-C~??rH{N?MSrh#t(0w`$85Aa&XoNi zU&@gD!h)8{q-S@wq&!~dSBoorcKrkw+i8h1;d7<5pjnM@>oqbo90*^}j<2r1N9TAG z7xS8e1P6JWiINZutD_!L1_|(n+@|=GZo>Q$t87H?@f?Xj#GrhaZ5HMv zUm?`t~bkv ze~+rfm8MV*%=3nr@H87r7f*jqWU1bX+}p{GYe(wM2ARv?@!8EyK!r0aZoHgENfaui zPEF^}Cw~e}-i_R_hbY@nlD3}q{)iocKUvv0AXOxZ^r+hYqQmozceioq9*j^P$~sTZ zR9=gDZ>z)%v8qjD@#F@Bq2B#$>tR&sb}J~1S$8{avd!#zDx(eSh+d~{n#DE`7q}fO z$GnbPik3TEl>weSBO<}(H#zBMdk~T@Y+;Yc|4YAsV#B*$b7;uey9o@#f zsCc8GbVgVZin3ZAfa)qAlS6j05S)Mh^z8coP$&~BM(2cQk;mXsrNPe`DoY$9Kdo$u zraE=sws2d^s)EK)I6!sSmr>Z>1F7TFo@yk}ReHZ7`&#=l$Ih;`aCNqasGhE~U(L1J z!VHHf0YxhVukda}wKKJ-?KqG(TA$}U^lzfM9>;mP+D###Hjjl8XDXkE{+Pw@{PjIQ zVN6l@Y5V$xE`+XQ!Nt4uhwclrQi1%8#IuIFj}C!qSr=_wyh={y+6)Lyw&`D=c`Es&y)<-?{a%%L!$)%E$1b$=(Zg zEs*H)kY{cmT7U>W@L*0qKGca2neiZy`Mq&9F%aw$&$X@2Dw*us5Ac6`{dcO3=*ajcn1Abs-gF1e0&FT_)j0slS8bH%+=b% zNyh%b$EW#vKe(wIo9kKShvg^i-fNnC5+6Ez!7?8LPg|>>(-wLDTRnqYDFFCc4j(K} z@J1Mvyx5>$QcLcD0ZljWp4;b= zSo$Mv+0G(FTgFpzc4~{K{}Evc$4bIbqnL#-$MgIwtctjPi97nL&K|J$t7Vm+Uj^Nc zOd-n)S(n*!BRdRec90S4iFgD9@;dW;5B%mk8y`wye`vbQsu5UyTVUfm_9Gjg6&z9B zv$h1ru3Lbu>ALXWZH?#+PV%wh?W|&+a~gL1$e&Rjs?Wf@ILuwA!?I>Tc{un3<)PfC zjc_=NF4+mPstDF~2!dmUj616U8qWy#{}5ou;CsgJM z4+9GDY~}l|z1Ziig8?nCvpNXBnPTrejMzIjrZlq*f^{u`y))}S*gI=seGVJdJEM0) z@`(B_?Z=c7>wcrDenl#IIyKzCDtT&={#D8Us^ouF@^`iKuS)(`CI9OsPg(YVz2twr zWQM=E_Fpe~VjceVlK)F1fqw%R|L+Gb+}EBXgqE9!nq5@bm116ddla8-ODR_HAPro| zw=L`Cp}d^u&qU)eF6%(#du5WyH(CSk$;yrmA#Tv99Y2X~WWCo;Dt^xk9Q)~2KDKYe zqY7VrD@qSNU{3gFi!3*F?-Gdkl9WkRH^&(~L{4sPO! z4XPDC%M_v?y_)r;@tn=au;l1EN|oT&Rek`;d{uaECF||f>HtJ<`O=>-^0|or7h=Q* zPQW!*qN{_+HOTsXbdiiW$^Pn4GtQlK-QaWD>+&F@pg9F~jt#Y^h_dAeP;oOec%!op z;UY% zBP`!;=yHEYPgVDJ7~GOwl@GA;8Bdv2_ye%r9^&JelX~qn@-_(ha(>=j z4o{e(RPM8bA*zVU{dDo*^}8`gzcHwuJ+gIKpM?i#;Ydte6cQJ;QxKs39AbPp8*N6N z+oqpYjG^rjVk@T)A2W8NtQ=JpNh?f}vAsRq!CXLwFj#|Vb|nq3K{@Y7P#%dYh2}ya zPON(IYDSF6Ky|?s7T`xwg5S_kP!1O@c>DW&JQqXY3Bl&k&QKwi)*07!vR)CU-RP3a zEYF+1lz>Lq)f5g*?8U-D1xri9`0d&>_rF8 zO%^;XF_?eU*1-XOyf&2qDIWv!xi3|@VHjv=MVxGC^)pHJG@Ylkfl!lTGnOD@f!c2w z+vMG-c4^raPq<|JAMLl&09O*@q=OP#YcInA7I5F}lLfevK1CyKR$cOa6%cWslDx&X z`tx}6{*OL`AD*2?*@0}x4#Y=Z4sghx0^1^y){%fIBz|7!0Ov2F8g};>sj9mYvLzlp z3zVk?8PT^V7jKm`(O(R6y^B7+`-MTg<72taoAc`MDVk>zI@%N6Zltru;BUNy8RQlp zSPFaCxf?WvMzLH46tguK9kcsYR6AP8b3Hq*LC9bCb<>WXvmW< z3lfo5@qj2U5=CiLdbU|i|5pLVpvBJCB^Oe@woXqQi~J6B^PeBHt{DEY2-$M}e^hX2)dl)h@Q(h(gN-GNB-n#^#Wg28CR zYGLS=Y@XALU09~c*dQH7CMG+xEnX$G!H9Ntd-oPI<8Z&`W|j@%icW&Z{z(`)B7%*- z@tpR@`y{LI66?&HJ6gyW9XrZpltNe~sR9)cC#Cc=PV6RV;pMO`!VS?*cI? z8JUX>;*Y6I_nq4c%tYgMmG$J&nDS>EiOrM@6}h^jp^S8G0GFkuWptjo(s!PP9FW0T z*0E1focA*7y7FcH;}IXw(%CNs@34+%a>@XbG1xjJ^%q9Ma(#hsowESrFpx+hM2hK0Wgg;-2?j1*x%v^2Lv(QEF^^#U@sfW2&WSNIy4GP}k#c;Ujp9+ja_A z&Eym*Z+dg0Q{nTNvxo0@HQjx(rQ?PPBMbc^M$N4(Q~57dCvNfN^B*(%u z!eVQ`CNvSH>dxpU_Rrr5Y5$o^1<+w4h6j)0C0 z3nx1^s2zaqRquG@G6aO6Sj>A@sUO6hF%((g+g*|H7j|Tm4e(d0+L)pa( zs{WKe&F?QLetJjyryOV(&EJ(hka-y|V`ylIxFzU)?jz+M=dszmmPeWA&eMYzik|g7 zE+P|_LkE++e%60WvXC*JBjrtjQYK4*`m#TlQ#y~_PZ&iquI4%GWJ$;pz~8*H*kV~0 zp)@}{l&epd%qHLPg}LQ`EE2vuSr6H62PQq7M=+uQT%*&_*WhRNGU7bj5eD|>Q)T7d z@Y#4S?nn*)*!sW182PC8b2G>-KJkwdW$89F02~c&z``=m7ub;Vl=$9Z-!|rv=tO9_ z(%RkVa~X6he%JZm!tb7RUg#EFbXT%S`(n7fjj4w?G5SCxnK{SO`#hYjrT)OMJc;_D z_uE6l*Ky8xae=+oAy#w1d#@z(aSz3G*+nU|S`fw0kDMG;Mcv_lt6>C53Zj zAAf&Ki39)n^9o?VHCu?Rbr4zt8nh_}5Tk(1v7H{`*bzK^gr`|>>8pg6Oy=6McWS}` zZd9<&g6HpsCWm)UVsr!i;GGJYI;<^*re0573wSNSI+k7_0>cLXrM^NB0pto)EQ0wD zn!2op2FAyL$VzA%8QwOl`FX`$!lX81{|Uo#s|kZe;2@(3(zMCJk0Q$0B<285wCOTv zy$)$J`$A2W3XGfkdQLL{XB96HFV0>tk41Yj8I}`3EPjt+8NK~*>H@@*2<6oO6T>o( zG^54g+CZlMn_5TsL+1=QM#$PDfkE`ViBngHKd=3{Ks+2N#{~=W8*RNcv)JLyi*B&C zH=9!OYW;9heDLO*5L&?kJgLg>ZN1^+m5GnPMH>7Jkp}zLsv%MNpGkw|M;F0@?o&Je zQ!&bij;GQd{tO6UC_LAQLG;W}R`5~S@b`J2pCR67S*w|_CBMV_{B@!W_xsgT63z0* zVhp%EWM#P>Z~~#CfWwASz{*(5KQ1r;!K#Q}@SBVZx23nio7q>fHe38|M6j^EEu`xC zVBbKJL^CEz1<|>)cheD8@jY+GAb^q=e=fz-^@<*I-{>eWES2%DE4bGH2JjJAJ$-13FxQ zyKaB|nnrQ~ogeVi&yCZ8l82lx?Xg7g%m%rUMz=oMFuOt_r@Rc8!Ipn!{@rey1?T!| zdhggiB?a?cAMYzG$~7J*I2X|4wzmG>n0%p%15n>;+^7&=t>+?{Cl_R2Tq>SKe&=D^;6`pauMjsL9No=Hol7KiThnys_Z=k}RkTSOvUk3Rsp<*d-U&3ZFoo~H<7Mp^eMlcj<9 zfhuRS-dyV6XEd(gjB>+}9QO#aNeRe~GVaQ?Ra2A@|dbmq7#j=O257`mp-liB+ckpZr5I zKJ?k7b?Enp0yQJz)T!iIlUEd%vFJ#d+w+(tZ)q&eF8%-IFS(EBrq z7ZCTAo{QeeA>b|CB$Y*eXl){bCC2p!B$WCg##y;W%Sfe{D&_^|H@#|Lt>2;|5r_Kl zm^R>Q^Sv!M=^?=KGQ3zYKRYS;Sz zu=nQiP_J+N@Hs6frJ|##tksF4NQJDURi&ti$}&YLYqE@WCR&70Nh(_}m7rnl_Qb*m3H z0$vEKuM2TF++k}K!RbC37UFV;$rWLINxZKG%XMnv0Z3{YVztD+9TlT@4=t8qfs-r@YUR+4G&- z^P0euO7aVLMf~LFXMnbl6Vf=1*oUU`6W}$>G5P$5=empB0WQqP$*Fh3w#J~wHNlKN z2Klj8(P<|GH2T!>yqO1TLf(%b@0Z3hcm;cQ7-sJi0@$k(4P6^6D_<0&gKI1jApQ1K z>{BlC-@wxt+jU+fmzik=xM;g61V+y&V}p%L4gUn80(y~z-0hDjF(^WWPhPjr8Z z5B;T0rCkCz9S2})M$^Oc(w9EyJW!T$Eq^wpA8d@bZcu43Zkq@P9fNzi>}!LbO^$z= z4%Y{>saz73XMCd+d%(mZR0IKclh;6Xr8vJ<;=FE#pMEn_ttPxK*kHP5-;g@mrxim? zG`@GnlPt{qT5Q*B`FY1FVylFm{9r$&z_HniAFWIuw#JW$b40X03KNZ}bNx8g;Bbqn zi#@k}=(1I|4p*Oh94$SQs+ujimn?mvTY^LyXsAh==L5$1x zjx}L5T^(ZKq|@ZQR?(tYW5%x8Nm5eVwzh{ZeTdHrtNQe`YYL^m@ZJq z_n-{900y(bIW!{Zqtxm2igH{7D|4ooSm4|j#)lN1p9VGOE0wz*K-0{y7ih~^6NF3w zSBLcJ3`4i-T54^KrthafjE`oRi+Qn0{IZT_3)ENvk5TCZwWR7hmV$z=!?xA6Eo-%; zvUlMK%9gB8S{mN)EHNQy!h7HUGFC8uDBP2bz~5%~Ju&W5RudKkR9shAOZWPlc9l#W zH((T>1{;EVdIN^<7U9}ptr7>Wuu?JrwwN#$dZzwUlam7!s^ha^m10`%!xh1JP{PW~gN8)jN~H;V==HM?#j%{FjSB7xxf`5PLJaX#?Y(ch>eod< z+z`&+dTEBJuDm9QgX(pvn1>P9#>K1rhZVyQm(UbA2(KKj>SN2$UAHqhvl3&XoG%Jw zkcNyuXMQ{$mn9`>&c(}az%k7%(?`BO69 zIuU2YD9&m_M%UPu%QO^Ga@oxHWKZE9v3xm*96LzU*P!ho(wNPh_T8@Ke-EHCdPrts zC8T#<{?g9l-HZrCwhDs@<3ZHXnZCj_wqDu0t6aruDzxgazy+PPn%Lc_L^n`qW1Z?! zh5U}Ksm;l{kmRu7y$~U7e8g=k)UK0Gq+6c|r8a$Hz?r6KjaD)`am5W4Gv>o@%Ou0b z%}7LGkg@m>>)|&pV4sS-P>dH}r-+Vz6hWL@sMCk#W1|?h8WyLypQ#rJi>;~t2j!du;}~o(s;m7%-jxvX{NzugQXovSnVZjd-+{zS`nDant?sXmw&+f z>4NG`xIcV|1?}+EdU~-2vEN>?4b5?o3<<|mc#hx zjW7-b?;*N<4uYi$(&Jvt8`eh=<#`UGvCF6bQ_-{Pp-BgBm4n!YM(CN@ChCrr5w|<( zU3Ee`MlFYl%xO7iRb|&!S5nT{CoR-Ew9*9USWL4`z|%bucZHecWrAYqXosmf+cxLE z;;pC|TWF2Jr7r8hG+iyG0<>hfS7DZ`AdN)2i^=U0v;|DU?qHJ`XB1$okJXe(j_mGl zt@|1uP@~eYLmPmF^@?#|Osc=`+f{)gDb7T};ow|mdTjHT@)ZTJ`#J&4@1){R`Z5&t zlK$94M6ncZY~q|v&J;jUv-6f|_#pk$Zz(qK$BN!hK8)zzKMb;m%IfrCykoL6s4p2y zCWcdC%*A`w9e#x(n~h)Bl3W@TCvdDu5c7cmm5sV+2a|xZ7-bFufZG+l@DlhP+y&oY zLznGXdKR$=R3lG}TPKfg)&6CUv{1*a7YDr{jMPiNTDB14xnai^ZEsq(Ew(8##0_Aa0E>I%WDlh7FSKzxW(NRoHu z-t<}|KVp#DeECO7qWapMs6(O#yB9WzI3Fy{>B+A-bsF9iopY-gWofapgIL%<+BV#2f z)*8*vZkvUk$?kLvSCX$#p-apNpW8=%e$$AQL-9|@O)|_`^#RAG6Md~jHSQ6ZOw!m3 zF8A3<2467|?wzPM_jB0;CvAKHPPp6cH8P?hcdXn_SN;WdYGdx0pG}dUT@UFZRd*CQ>BPk5Y3 zTQ*}YBgEQm=Xy2~O*_+qr3=n@la-m9ZcaDp2sr_qt~9o6%=rr2&&JI-xM*ak8vy?O zz`Jn^8fwFm^Jj$bzDKM}iyfgZQg?dU;se3a+2BYYGb}=#%>|!?gx@L$vEZ^x+_wc?i9*; zT6xIvI(-ly!RUTiqTy%5^?_XpAfqVOm}Vy*im#!Ek-L``ZWaX({uIz!B2!C~{tQ`Pw+dOV2;9h$ghPtQ)?Y3%I3qv|{Z=96bIwxsMA!Q|T zqkjz|X>aPmqf8Z@yy1yJr)B3y&z4{#|7U?`2^U^<93Kd~F#Ev(9!v&9n10yrJmv}* zz}3}Xl-|7SlyEz{{ntLrlExIX;^bl>J{$KTy@^1ArV@-h8GeJoXx9Kp6VM=lis!;^ zYr}PVKe+w88C@)3XL+ynq9qX5aG5Y;`m0rX>-a91`T!m01W5SVeoihff~f<-1Xdm1 z_{(%N2CzW`NksRr9e}wW*i~j0mRdxX%9%WK0vx~WT&eJx+YDv}03N$24lEYF3l2mP z3~K9Q(MN}NbD*G+k#U(O==gP0#mr!%#k~v{ZdQdN$)_?D>+&u_mDoCd1)msS<&2>` zeyi~|u$c>{5IBA0Z>#D^9^Zq2As~h;#xShT9&msQuSUo#YwTlD_YJ<@J`<_H`2o}L zF{l{*=Hh;Rr;gh9)0sn^6A^6v;hYA;b*%JHUFJx(fH(8ik-2l2omFFFeQ4HLf&X~< z?0+{_oP=5XL~M2BC z#HZdi)`c|7^8(k}_mBBw7_N-IWhzxR?6wW>*`U?vm2D;8Wx?YS*e9(~|0cvdp+IO5 zFs8?1keUb&$@;6fe2d7oJyAt3>#)hRb5UXxOen_*zHcsgvKMO^&@k1rbR@rXhd@r9 zj$Wd4Z8#u$Q(7@->~2cK+g()2tOCGs>H6B$#t(B2Y~8ws&}F01>FTCs5vCOF3% zg=y`}CZ1CeHJ9E-^P-jpSNgz6O37kF_uU4!U#IMvmIl$4$|fHWfFp?qQR8WX1jClG z&ncBfkG887Aqe6@!D#;w?9@<+#tzhY$(C`gk!Ccwbtx2Zy?w{Lnyr1y<(d;f+JPrF zis8B=#{dkacoQIzTj#R+r@BBp_^M0g?BIHbcCQN(G-esoCihL%YWDCpej30xn}#S^ zvYUx4$bs(plNSc?9OU z*tY*_;|qC>g3n^%chRkr@mI{P{VT(5U98(!gD1K6#BfEpUC$oyv+;4CcDB2>UV3v9 zq2mri+ez#Lr3ZKR3pP!}t%-ShzUiF+dXlc*_I_4RzJ<#Km;ZQ~prW#d)$z2l_$1~e zsoMDquW?sitJrMFT?LM$d1!#MaJ+aS7Sd#0^!%h3v%+&%M8;6OIrJA=y=M)R_(MbfN_(uR*uhg)rTtwmb=Wnor$pP(v;9)#i z>)Y8NM+{x|DMc4XdJZc&Uk`N~_c9*-dY1jmVct%dWR<%CL0);6nhF@^i;aADrj;CI zj)+ZS9B3}vEfQ+kcB<0}!(3d5fiH{z_p{^xv(X~bPu2&+F3!463__2{q_VC1t6n&_ z@`zarlH_UqfXdM=-av`=Y7}!-7os)+-UFnqkjSc%-@&vx*vwRYOU!*=8a6`86)Q+nLO;(A<^@1DK zMzapS+e_f>l>8#0SPd{q832@U{#sUyF7GYuKveMfb9+tvaN|Uu)ZLS^jr+J<@T|d+ zugZSuG9_bw4NT<+>eJI^6NWSS=WnRQ+d>LX`f|zrx5Wts ze&=maW8PZhJZ%J5ma}tS4#5zDsV95PtS#SF-`Sd2#)_+X?+#sPL`u<-IZIvp5_Y=N z@nkvh>$Y%kpq-RuA^{TXgYI`otoaPl_Ybd6BWY2y4$6)t5w|VEG$ z=A7T)_7DIu)KnTfph&oluPg3^EQ01~VwGYBL&;gR}uQQVswlXDtBC zoXG$9syPzr9Rv_5=4qTg0G!i`c zZrS**i%_uWSB3jX_a+92L*LT6#%D)AOPi|5}!Q!_w5dPvFZkXo(> zz}4=5a`jOF%+8&az_m+4)qaxdC#jGUuAf}>>!RDscbITv9S0Ac7-6EM-LI*A7GR$K zd~evh@ssgXYF(!8k>d8={&NoJ?US-pGG%j=%?%dcPHaYI5x>p^VXVX4m_iDR5EHl& zZUdV(AXWwR;l#GvlCL+JfH8fP75PI$xq|1Mj|k&4IYoM`CB|sHkiOZ}?3tc=;-1V( z!WI|FTnU9clGfJu;t|^^f(*pAR#-fj4~&A+yd4g%JCO<#t1azH<{>)U?Vo~261=?a z9kPN2Ms(IXzuH3Hy4Ru`Eyf4mVC)RJ-<&b_@#rHd`2lh=k)j`iANj0JEph zUih5hz9tk^wN&O6fL%mf$JG7^)j;*qqQn&+%+Maf&0}8D?%iHHV{`1Lda5z4II;uv z@s&)ZtfCFj3~Y4gm$nytfp=1~n_CJx7lvCLEQK{}$Ef|V-F&TR6;NyPMX~W@bpU|c zRzI#c7?KyG*)Y!8C*?#(Q57WpZ$9VK%`X-{Tx?vz3puphCAiKI;j7LZ z*wqN&c8gnp)JLi2)zZ?xE;2#99SgHW-&u--Z?O+tr^1;HvmhslYpw~U7F8RRBGWJ0 z+AeGWiu~=IIJwWkAh?2$n8L{i24-Q&cCD+VuT2yaueFvmjNW@1nbjvq%%F|0ccSN* zg?;=6+?x%YF`<(*R~WB-4BXJ;t!X;&_*W9`O2^aX#MS@h0&gL6c$n~>JHd@*#0C@= z?7`L7u5iK8C@=duvnt*@I*vOD;M#kmizt@#)c%}t%(HJOup-wSfv;2eGv;mtzd4_d ztFTvxOqlRdZv@_ zSzJne&TgF+mY1V|*{jERbJK{D{Q0L%c74?1F9=G8lUh+^`D)QfNv|%oH)I$g2TX2tpqXO&a zeT)S>mG^SV_>zudN7m^RFd8emPw@Rrc)vb|xuGF~+Kck__c&RdF?y$8A9oOduS|1) zC(e=G#d?V=ctoUbv@B^sF{^rbV=KwkF_uO~};#kcLMe`rQKs?{&p|qdM!$n+I zqvj}M&{c|d&W^PZ!%m`%-5S_WC`}c0!NqyaY<6&WNM^Dx!cgt2K=H`_S!(u=m7lXG zxmY-RtEt$XkT_|2Cq1uR7&Vld5?E~9txoa-Q!-(w2g*vPWtx1R)VBzch$m3J)wX(G z(OmfhV1UrbnZpEvivJ1&wC#k5CO7MAAKv$FW3>6OdzsClN)vWxLWAst43&1$JS=(K zJs@lfD~UX?ajB@N=%D)Wz`!RMBt_M?{B6!bJ}w0X$~0a*5l}`=2lAY2d9BWL?}nI5 zYD;eHoUNH>fB0}z?PBar@?tq6PuNfr$~eEVftV6;f#Rcu!!kV5!=^0AV#}6)h)HqP z20YE`MXu;pVa<^?K@@hTXHRtQ#i9E5*Xh$=-*vP^tN(t>=2_|O?+^Dljuf!QweqTi zq+ebds`e@E$R%&!F|jWke?qU%iv%!Y_M%y$zXzgwg^0WL;FW~Vlig|U##6-D#Q}w% zt6Lv1XId)f)JZMVT)D5nr&-8)@EhLtjzzF`LdwLL6K$q%Nd1EJzV*R|_LrCu5m?sk zeJZ=pu=~`dGPhZ0jy6T-B7obETQALN0*`v=ib<=lX+@YvBm(qZM9AqnfCtBG;1hpX zvhIvXgr<_4?g`<>x)+3G#S{g&4WvDhPmYPDJ0#^Q{nm!H(Q3#< zP?k*AP+QP!2LT1Q?%M0JfVkGes?Zx^Gd=JsYh5WMHXE1T(ej>IABdA928b{kZ!r*@ zH)L7QpFwzBH=K1AtUG|>^__--4NY_4^H_&N$_tNl&Q;jqs~Qf&i7QY(pZEy(v)aPd zNB!I4vFR$-TwGjK^fEnN&OG(PJ%9frI2=26)6=@iNqc(- zhnx=CMxqJYvZ9Cv%&jW1)KO{X^03=@>>le3$Em^h1GJ$*+;o_rVpmniM>7V~LDyhI z1KOc3+l1po`djtUIozLZ0g%;kcDag_K3*|{^(#VM@nPTyz898rvv$AR*>9@nAzum4 ztq8`ao6^%?31vBHEPfQPK}egSFltW2lj<-ZaXzCFE;cm{Qj;GvSu+vE%TQ#GC!x=L zAm@itvF{6$-m`}XhH?gXLE;(9j7Ya?<|R2(vW$C5gQhMrkjew6PH!gmY_z zsb1_|X;3&=6>EUNi_38c@Ne+0WKI!l*Ij|FHb)X&51$ZjStFJ^ z^Prb>dgw0gYm!HA@eXpSCfrqzb#USK8G`Il^SN;6xUvc3r4q?@eHGL~G^4O2TZP_O zS(L#qTaZX{Qo9!rP`rgm(`jMUr`HqKvh!|o)fcnMh>Y^36~otor?OAC5A;O@;8C>J zJ*>_tv@5PXo~y8pNhj{2KIX?sO6K&xlrsUO?k9$j+Vi%Zzw#+}|gc2k%klJvgQ2avkYmnd_- zM>{r}n6-#=mY^8qk7Lb*DLtDfonBdvg@C5MmOYq`bKO*vg`oSdTAG_;Y^Ib-|IBW< zXL^&YYfTiAGr+Zml&<*DY(Fn3|J?Mi`cNqVMU}bJ9!nbU|g{&1pak73&Ar2G(*&n~~e{|bOa zZ%H<W>swwpgFr_b@Ax-kBA`+UUmXNkW)1 zW4h^pk`N=F-~&Yi3ZRyMhwD#Gx9%;%v6Uek+0`5|78<&pZi^Ovch&R+w7X0H5K$)RLj3%-uU9^T&GPVFzeI;%RiOqHcb<(r{z zp_pRy&2G~s0KYpjXxBNdXOqZQw8#|(=Y7&(uFCm!IN0kc7wbY$nMY4U>eEQK_R&KK zC62eA;{5KD%pLx$btn_9ii2t2i;5x`T~C~*1AQ-OR;Ho-+9Xh!uU*$FJK5Xsg-co^ zn6^44l7pc5y*txBb%`pMg-O{&wagZAlThrQo1f(|jy3VL(} zyjlB{2z`*Qm4%6*DKG@~^WGqU7fWmC3}FJ+x6Yr}8|H`;8&A|hoLFseV*eXj_?v`9 z>T7OA=v57Ok3DIkOg&K{pZhG(D!6A0zF@dJnTBp~(K%9__qZRVS)qZ*ZNP8i4bHYn z>Mo?Cu<3C7*OH?GD3vo(m_ncYbMpJ%w|@Zu=@X`NP6M>)d3pt1NjVHDVG(EGzVV%B z+IK@tD`mI%1o$g|I~LWAi_|yV(lovuhY-!<2r%mO|3z5jNxpqL1aV`JL7H2vZgt_@ z5jumDKwR=~hCveGC}+Nn>4Zp$!)7*8nqB`t*8GruS)b|+ zqIUm3%s14&kmsyDFs4Z>BDebA}4t5*8K?0K;}z)5a#jASIgNn~n?-(mr=l zk^?0#zhN!~H8SG&|4Is~*OR*Ek}^<0wNGEu2!qp5k~t| z!+nj=e1EqpKn8QgH)7(U#}+`sDEuU5v&WS)rXXW&kdI3vWMHA?0o(8LLx89eXPjSbk8b}dX8EJ zg_rRudyX7AG6-qW_3K{)S~x!6tb=NaHX~r?A0M|J!hrHzy>9~+APj&tyn<$~2$+vF zr&{OE4q02?+gY@5iTp+z-aEj1c(y4TK?}D7v~U!Y`{?=hN&@51y^|++&lursFfGg^ zixp4H{#e2*v5ODT!uN1yo1t-}kU=_V?0Bn{8aFpBb<>r8!@4qDumqB#Y$+U9#> z;`NTOcm7e36-A4mr@#!qzp0GpJD2u)jv{G*T@3wSu#y5O3dJg8-(lV3?RIGP{$XYN zg!?i!7t(jPvC|}GS8`#~F1|YvoH>n0(bi{>WI z+|e&P$I{}Zwq2GC*Am>;_knz#%$y`Ey&5)zc zTPhz#$e+NVY28j>F18_vS2R0mY_fZL3!>oO1Ed%)VxQ-DVrcQ74XsU@kgR38L>s}z z9)Z!+E=szfB>|ljda(m@wr!y_ay-&#pOhldSGWx{>Cu+Dcjl7{Ej~u7XI7*hTs)>} zlXdA>-!;2M>RYe5^c(zwjeYcOrZo_)DjZC~NTVE*4tQ<}GWgb^*5v{WO0Vy ziHOD@*#?&q#YwRlN8#u;rRTeDgl#z!!UeH&QRo*4t+$m#dkiPufcbXp2LH=?y<-4B=;A>s3prEhmJ_y{=? zrhGG3sl)1I!sJBo^89qB|C?VHkfRqF%8WvOA@aXmoFGrWy@+n8D8x15Bx@+YD|9GH zub!(=5l{F-HsSmOi|n~B@>x#1!UvZYjsuSrApLjB8hnNfx`l%;|c7DT51$BTk-Ur5nsVm zwzdit!s?&z1}#_muIYds+$yY7eOO>=AZmg!8x+TGwaBIgRp)H+gi8N zS_R>OD}S^ry_Mqlj9{^Q{V5^~xfLGc@T*k4Q_@8bVknefGj@I3^ z5?{c24|&P+c=x4Xp2cg-Im=;~as*Gst_5FPKueKRvapuY`qM)TSWg6hqc1Z1dJ)29 zU>!r%5^L@8$i+i&a(w;2Lt?+q;gtONuYT(B?d>zKA6cbtLnI*#Bx>YBbh{^*2F~B) z=IUAhRmhK?g#*`CjGT7}f#^Q4E$w&jXOMM6hHRoFS7aB&9NB{N6H))w_o)RrNLjOR zpV!XhO*{yj{oem_PlYUN=?bT09g(!y1&=v;A#WZcTpVup<4(ly+#3V3t+DUpg0C$+ zZq>#m+2s$WJjxKx%n5DCD;AckeWiEUUvaRaQUPR47 zTv@S&?wR-3l7oL)i^wTHP{Q*?o(SLmRKnls{8I`4Fn9J-3I9~WKb7!zmHtx+|MY}^ zdcr?F;h&!HPfr*z2|v>j|2C!fGad0W9q}_A@iQF(iP%3oAbzGJe&&RK=7j&6AN>DT zPMCuOvu&;xU^d75Ge7*}>wus6;n#lus?NWs^M889KfU6gmvnGX^YfDKhs|U^FX?_> z(jiyE|NpL(cyntJ7uF0Dn(~rVyOQWKUPwc+8E5+)`Xv16Q_SJ8FhN`T z$>752iTa?+J&zZ5ih4jPlu-EhQm8kRaIG9ACwtHp>Z8&zZ0#RaCL{LyI;UHwM{#Er z+1t4oZy>`hoI7%-#cutAaaB z&S|86?ne(>D@ry+-=@e=KU}!DdBHapjwD+OwG`_tGq*||g&|J+^(B8a)&@~(Jv>(? z&pM%RN}(fW>-E0B&!ZR0r9!^LI73y|#FYWd)(ioNjFB>}AG?>oc(g3SvymP4Men`; z=h~rs6N>U*JwQ(0LzWLp5TLA+&<)R0*RY)Jfn8X{@cno9bMppf_c%$9LJFzpUinx@ zm3-~0d+RK6)iXF)nZEA0K`0o}O{eI<6tN#tOk??F^lbv^fx#3TTdXG)Fw&P8xv;3# z15l!bbke4Hzl|Xa{recQzdzQahns99?9Z2~`arP-f**j0i!z7{(g(o_bGpz^ zg5&?4xLjR=%_d#Te$#htSbnd7mzSEcz0up;G*lXR9pB69en zY#a34hN?!9TG6)s2(ZO-0T9mXlhxvnHGrXj84$tx^H}E3hvSc}Z%CuP}+))*8>~_M(3*5zZ8Wn zco9q;i{#@fm@SVqPSi_{9yu~!#0v}~atTTpZ-qqeg@tM#g{s;Y zrh4X*paT|kKL5G!Sq}4_Ou<>`s&le>(sK{5&y9L%J>RVa+U+>dWV^$`ov@_W zNl<8%nUg-=3pMN^cGuVam?GR))R8LG08Q-GzL$h0Y+9ii`VM=p4pp7+@WM4;R6zhY zW_#ZM7r+hV5O}v=BLzp?)m^<>YFyIK%fh($inGP7v({ugSCh)2r+j- z5!ze6|6Dxg@ovK4@loD?6r7nkVmR1N%vU5PddZCxaDc2YzuZSI&O@!Tw zHH&BXE4L%H-V0v-oC7#w^P}=v8)OFBBkW`eQP%(}9S0TjXg`urXhCRfY%~dJF6iN- zHdXX>B@5^1mmI+L?$qnzOUikDKjXw1D~}6_I#$2L&lS&eZ#w}>eU~{8Qq`8H1Vv8G zH~&+S(~95sDO1}%qxiHRUp+2Pj>R(!hUNF^mkg#Q2>Wp5Obj0A-F?hqi3V4W+(c#F zgXA-Fg6FXrG=T3Z*<}drLr>;8+skgkp&fw3<4C^@%`ayG0WKa}YAEbf$)dMJlz;wQ z0R4SPzXo({GaGa}gWm}TWzHybDe)Tf1l~@_Afzj*xHYf3{n_N^WT-M)P=xcUxs2mF^Tzj0EeMGE&S4h9W>rXW>xQij+E62#TiTlLIJfeJ zlJfY(Mae1^J~yN*Ava>5?dGE5Vojzg&XFc_e*Xuudi~?$tyE26w;iUO7i^)`g}`bX z;(S)V_bj)QdwWhyj2MkZL%Psubb4e;%EY~EjG=?$XLr4w!0dx&5Q=yp zb>rpo8F86lfa*qaf)+~OoaTG8WRc$@@|G=I9x$OjVmO|3o|}~sjP}i0=3nG-v$&Hy zR=r+DWn&jlptOuMPfF^`&NB61+8@J~&)rhBO5-(97OZZr5j=R)-L}GqbuQh}#PR}a zEuZCuvoPmj6V=1RW4(Yt0$X-Pq1o0@Rx0)Iqs!aoNTPZe1WKaGsSN3oF#@eyu<>PR zH)xnZ3vbVVQCG9SxuWXnhqZR=y~;Czsz7w_Z%@L1 zU?DuF`Svj-$mg%@;mi|Oc6ldsgE+;=bsCQ4gRaWyI=%}-!wMVfhx>i}D=LOHn}qXL zz>eR%T9hKaM_I6DkCwEI%(|2st*OQ|gKO6Mc8&F49osTpM6gqXbyKI@c<-Q?5@S<1 zNT^Qq3d%*Wjl|zjnLQ2+6ft5PiYNAi&X#q!2$2lif~#mk%>G$Z}SpUQ={uHo1;ZVjT{|C)2#Ic zASEp;h68qSkxEf<>keyG6v9h(FF;2=C!gmq9=@2rR&3a{2>m`-#h8j<43^x zd#bZ-LHY0;XMk7B^Mn&RF+D050dDY%EgzvVW7sDq+w%KC?%z4>@lZYkyMM*v4r!fFNN+@=5nLixc2^G0B!K6>2|np$lci#H#;)` zwxfzP3m$v7AA!eyoelCkuJ=pcdEh^*H9wMGj&5#PlcuI-F#tz)!HB%EbRupOYmi^F zsJr`wJ!SeZ24mx|$Up13aISk2DiH8#EV+Ml^e%?c5@p+}msSMrV#Xiutg3EpHQ*}X z{3xYehqN8d9-KME2Rd179i$6L8)?ykR*G2g_F@1q649>z%3}8u^7J{dZf;7e1r^qU z{Mr%^5(A3ET{bBwW<{o_qh3aCX{4<~n%>T=0R2a$UOAzuSyb1YUgU~peL?0{hQj0y z>0P@{v3I*o50#OlhI0?kz376Zh||~WXXIvKh!B5B;L06sm?@TfW+d(0k7$E5TX_oe z^ZPDdwz_~!zUDTVFF4ksPG=K!+v&WDx5toezTxor^eLIv&{0XumTkig^+3m-HhVXt zz5ODyjQoM@n)1p@<~Jj zYPEonzblDuojpEiQQa)Z9cG|B@@AzBf)O~ms78xNTE%g*Y?9tOl55{t+tFt)zP`Jv zHT(J~8^Y2#hP|*E2=Mz6Ii!Hw<1k=l@h-pOGyo2#I?;%84tVM>_IBMOyG>L;zi^tW z)9oU6d>j*tC_6y*icH6ez=`Nd`?(@tSM^;I9V2G!wikf33YQV>OcD%p6l87M1l--- zr*^risj1bPr_%69^Y8bk(kC5mF=G~2%NjqNoM5(xj#B-oLq%IjH)1zH-D+H%HP z39c%muKnKqqa)B5nQMaA{1qYYHAjRQp9l#1Vp`uRC%KnB{`%HLedVfEbsx!LVPR8J zAL!zYMnQwQApZ43=o1Xev`T~@AJv7f8fzQv$9F)nZgf92-!QyTNWE8FM#C~FBh7sH z;bvhrGmxwJ^9i-dX)e(V$#0R}Jb#c!?LS&;UNdHa(HGW}O$bQTOFv>`V*_r7+VolK zaKro|{Nf=G-m>d#sPMmd%Sh8Cy!`-KEkMZc<}$9L7-6cR($sMH`t|2FY}%EPkRy#W zRP*lGwTDMcL%>(PQcpO&^{uk3b<6sp`owtLy4?8qc%fUAv(%;W8|SpownU)8RXvMK zK!Yn15cTP$swbBLgbQJ1fAo)}Lc|>g8%HoT!1F@pL=lP1!1olET4Yu_Dl^Nq27O}% z;)wznRbXJ3w7kkj!sN6>=eVz2(NaErZYHyl(2xa=PKwYizB}o*2+3yE;BF*vnEmv> zkz)C0_f;&IbvA|1$1(N<6lhKhc(d|@%5(y~k=I`wTNJsa*rnLGHFxQ z&CNscWZxKvW#2_nH5MEI^*Rk-1mmX}G(uCF!wMwlkSlVfW^QHkON0+qDvRvUHzS@t z^+o{A!@o`$xefXf{o2|*`iDoaM%;cqtLxfCb}7rR>FN>#kO9d6iF7OfSxk+y)bQ|d zz-J(zb#k4Zwmr))pp~y|LEiO0^|PGg^~k{I3!|_~hJc$wO`!|F2>IIE`L2q-<^7C1x=|IL+IP2;bEn9cWg%Pjm`&zRn|y|TrWL^DAG_Q zM4qmTy8x*8LFv(Zgh8VB=ltsU7{kvhRC162Klg)>+G>VgkeCMFIV{- zh0ZM%una%C>+>=+_UEP&z zJEF?CsfT}!TZ0{GN(JuYH!v`$hF;-#a@q=HrEu)eJK+e{5r27%_y~u`t#FD=bYX}DSb*kOvN(qU=oA(*I*6+ zwb9cHIez^3J8YSXGL5mZQ0xzh-QrDK6)*F1h}`&P(UIpliDysxIb_m2k3Cbcegb1K zUlbG^Dl94z7Z>;OC%1^sehvOneZtADv~q&~#>f`<-Rd>%&fWJ9yjfYig8LT6^6I(u zi{`%g%fe4f^zv@Cm&d23o&^y8+P6W?lQc!epeLcC+c$qLTkbt`-Rsr%om=;3aXpHS z-15ic&zraUiI?bD=w+=A)>-*X?Z}0PZ}(`~zkYS#WO?|0y=6RJDXLx@2jgU12d|aO zr<^h_x_A2e^|zg!oo@T7cR5(2Tz!hSa$tdjI=G^_S^#7{s!qu2NwgH#CETic+ZQPX zgq~Sm-=Y1hCs`wL<pvdPIh}5j{rvoZ7GI1j@pWnLYLD(e`u$Prp(97O zq2y}r+$@tY*FIwyHSK5?Q^xL!=Cscr_Rbs%_o{7bsuzp-)HUwVy47rGAj%@u0(U+l zX=Jp!|Mk(Rs6S}Amj};l5o`M#p0*5$q4p9DDSa_*0_4o!jBh-8<>a@cM92ML%Ie1g zT6%h}!6polzm?B^^0}WZzP8li_79P6uo7NiA_f{EiZ(_IEWkY9B3Mnt8E)iB+>!LWJ_95k7O6 zpFQorS`dGAeg9ieM`rEVQrd@NNnNcJHD5zRyz;VuZJSh%q(u9tc?^@7y&D9#DVR1K z`}VEsA>%t4UZaR$#0CCVZ3|D>C7T8HvsGB0BZ#Fu;tR&m?)63D947dN@59 z?V{jjO!-@w`8E++J!6@YA5BdDh<`aqB*|}r8H+PoQyoLS{cX#5ud+KLTdh%#6hDL{ zF(}xv-(bc-cJfIIr8!AabHda=eajO%CDB1~gj7y^+8Zug?BkF%S<)HA9Q~a%wl_91 z@i4{^_jr7Ke7I~$2TZbE{(+L>sDEc}r|%B~+M1sDCl$~(9#y>U&TE^djHf*KL^y<< zj7|ThfoAFG!M$eJerj5ptn*DW$orw{G236cKDaKEc#xoqg*YU~A z$d~UZ?Q4`-9~9%_k|+lJ!hDhHy(j7mq@Be-mz_CioKkPqh&OwjNcysdIX)3%e$?e{ z4(m>tnfdg)>ZbQo&xOusm-@^6vE{IwzO+{4ij;LcR=wg4FHMHD9p5!!TlsGhCiuBZ zhdGbW_I@Qd$kMedT=S4XoW(tp>07lR~4mcdeN0 z?>y^bR%1v{EsExixG7Ie__+Qly1cou)?|s z=k`f)`k8t~NP@hXU#cLR*z9~RKq>t==m?_Y=FOY!M<=BfTuYCxs^otOns`LvR5VT{ z>x{!HWj#X$jE~B7rZcVVgWOb+qN0W?*VNiuavfd#Nl&7@BPSj`;Wo=D7ozYvtct_+ zKeK!E^l<`FdE7iWBPrubrs%zjno2gqD40^Nsr-H>u5lVW`7X_(X8K@Ul2uh=LwGY@ zBs;OyV|Py0$a7x(>uI6^Qg3vkCulWNiCTKDSzpfl?$F>R`Q^?|daB!$_cPak$=XA$ z&Si&PEJju*Hrl_`bG6CE4^z~S_z1aTgOak_KMRp4T>7#H1B-hsT1s9hXkU0S*mT5M zDUnu3G@MSnbWS5v#cAe*pXBG$>K5^iB&ixLDX{ehk)%+tFz$mN`I<=&zV=@+a2-1j z%u&l`jmj%h9)ZFbL7`JAI(;AAq@F1-XdNawwB;NzIhTIxxJA#kkG#`oGGp47jMqjn zm`3zIJg!&4HNb_dW*y55=ah?%-wSuE(WdU>MYv@hJiq^LsYZSMdfQXdvDI@1=NAw1 zS`nx9;SOdEpeAqBEO8Q&Pu!ePd=)HCn9iE|n{&eQSG90cv`U@>H`#x>l^(Ly$J>|7 ziMwq{9f?ljx9r34>==zzO!JWbwao^{T3p{Bl%Bp#UfPf^d{6Zq1HxF1m^QJ>l3;q^ z)zweST`7aqn-nTChrf#H>w%5~k zF0;Hptse3I%WtVfLxSF_ljRC#P3zYMpPgA$)k|~UBlfl3^^8$y+OYVS4aO5PZs#5g zc6kukid5I@mns!qLscAx+?d1peD9ofA28oia_aagUuA5*y5!yYR2jNYU&dioCY_~L z2M)uC@^wH!ONfn}%21R{-G6ycwET(nZk734#MeLDu0;={AD=3ECMd3Q#sqf4KzxB| zeI9*weyd!3T=agMq{d5?au&*`+)m(}2g@Zb35)Zvlf zlHoBeBF!#9B}{5mlEY>+k>ti&Ec=Vi^tpyAOVs)Y!GTFAl{9@)c23IFh>Db_InqMCvCVgZcqxd!91N^~_eaI2We7 z$tdM&;GOtajQ1yw=ETrj8IvA+ih9c2ele!E{Vo`v5EPSIj@?%v5Lmpf-&dHRf3|Mb zg;d*gBjcAN%fvokIxrg5Q|wM@tt2>Sg}a;FlvK8PJ1wN}a@=R5YvqZJfq1;zxH)qs zR?aFX+v}4RdpNu~m2@g&)d#Q6ODab%8ioZN+`7)CJ0oa%=Y+cv%YVS_3D?XMT{IWZ zEy`ZG0WG;utE_x3K?QBV(Stc^D?ZK4`N=mpmvRVYzIkoA9JD;ge()$Zo!k3Z0C7q8 z_n7XUmzFtOI%^!Rz0JG0w8QUH&qQ>8y+z-)-MbIyVfZW>oAoRkEK{N@yq0eac|IeD zn|_6F&RqVHJ*bGe@@a@<-l1+WG9aptHawl!`xuAeXV>>7>0+(#uqLu_L6~zkY8aku zW`z`A)0-su6BGavt}OQn@U71wTzFNAa|n?$NRNz+tgRhR?sLY=d5o$>phxuZ%SHHB zmRE@p8trz`wf8&KFdJ|6=j5}R`9fpLdQVnsvfdTY>@ky|L|exQ)3FvosJ#c#GabgV zs#dFcqANZfuR|QY_AWeT!+7^|>e3Xkrkpl5y-;?S&FY%%3gC3}DN#m?mqeUwZ)=XC z=dyFF?>L@JA4jQVwrmV}GrpL}d<}z;rV2^Sk8xzfmNUipDmIjKr%v?H7 zlk#;9(T%)myNU*e$UchCEzIQn5VDK;IX2RsxVVzqEB)(;joY+>iCJ|25DNRDAt+aB zKee*W(c4s$KT?=I=FGnWbxF*9@+Kl6duW2UD^uidMuUZ1}0-L>&e6>qss;66YW%=el>llbsT^VCX`!b+C&P{DU0DhU|4)Iz4_Q0tdeWy8i{kASU3lZz7jHfIA!gBLYN$8GUPxd=? z87Ty!F`v%M-m_FN3DKzILQSMeDOoORC1jC!Tud7knm1)mfLMuYx5{%j&kTuP#1${= zZE8mgNb8x9aqkD3VNKIno<1L8Bc(~Dbs#4`|GN{=89h6 zl*qIicT91tCpj#uAjG2bsmc-2Q_LzJn|^S>vi=Wg-yKio`~P1e2N{JZLA3Ife$D6W z`FdT~P1i=_HEJCzgHJ-Af7ZI|?68wXrB}f2%Ep`;X7Ocv9-qvM{!kYTOF+eCLC0rz zoo2nnMx3XV9A;Y9O{AP3JOAhyacSnWb+U-&2(zq1SNA6ll|SA2E<~D=AF)(A-o|H~ zCX5+-WlFWvsxctYW{!jSnqsuzbJD>wvQz|Fmao^Psa5ETWUP}GeqCO{K%9pxwOzo)Y=UJ03?Icls^XUj@)fzFX*-1MZP4(4Q1GbK=&)H zq2#2Hj9g@x<2S0&QVsdiEXm8|*$wa`KkWv7pA5eJ#Cvz=OYqiEm$~8Q?1F}jOp@ht zTxjOb^wptFfXsNJrd+oWL`b#;uH~e;L^l1oRFSRq^)P~+2;}nRVYKZi{zC^#dESXg zd(N-m$S023oXB@2Wv&>`KErR*rR(gQ-${v9^yG2J9OJ+6?L{e3J3>%6w-x6agMd_N z2o=sCMUP*H3g=YV+>L+M%s&z94RY#vhEm&c=52>sJpI|gW#*yQ0dOWR(O`DrO}JcJ z;zI}BB>%C=;*RHhzJ4z|cemLNnZVfq3c<@|HmVL4ByN&Zx%tG4xZia=Nxt67jYmqp z3Z8m7Jn>gk?EK3yo231uM@x&J z85fQN*sRpE3Sd~?$V{ry?1HA&!!lV)rQO9Gv!l})Y{j;S#d1CVP%Xi!V?%VVwS!S= zJFPZhMWs^Uh2GJ{ff1z4p{HHf1YB3G19%>X#jcf}8s{?Yv_Ox&=x8xHyWgMQMc8n-A$pw0n(eHq>`cWg;0@tl0ySj zzh?8-%osdSwxibhl9Qy_XDyIAE~iBu)IO9iydJlPd1s|%a$ztV+kO2Cn zWvg7S&rZicZOZjmTROhabv0G`gV#gs}$*q%|o z_h15DIZG41y8Xj;0nMYyC*7yv^uE^=o(U>iw$_T3+Gk1I2VrFeP zkl&pNj>eQCMDfO;vVLL3xi~)ah8<`0W~DnpO*ct&ZYoI zS6nAy*-k6T!k|{l>%8+}SJpuki78rm6vb(p29lnJ_^QyU$WmKmS{g%hIFhPQR@I z@yml1EMiO38ABzThWIoEXI7pMJI=z)h0lLaH#T3FBP-vd8=&IZD+Xu;mC7d|2{aOU z0chlXA^ZaVO9oj4|J|N8E+ zYRC0A?*o%}cQzVP!X&1tqWt698i~Njmk#@DRipRu z#-?HfZqt{HISFl6pJunmeDOIeXB|oFwGMwcV%^P6U%vq$Ngv}Ym6?e`?jfBP{A+c7 z%{}_%7^+eJ7Bmaa=Hr!@nV5#?kci+EdgldYi1MJ{eR?~D36BjHLq?yfLCWBPtiR-!Q2C1nxkiIGB zY-g&3ZK`>&1<#0ejn%}&#DI#Jn8%~Xk0~iB6JX1a`FQtf#cBo6A5wiEB?}R#{^Wo_ z{T!IZ;6nf?B-I1v(gA!!pG6OmhZgvlIEmGcYTcJB8qFnT^CPn^%E~!?INj+r^*#Z z`RFT_oQ5dD`w*PP0Qg-%3*kBDUJG1}&vd$le&s*w>bf4uFZU#8LB}JmZdS2Ri_;YZ z8zY-Sjm)xfF9kATX8y*bugb=(a($ZGVp4`OBI3<=zg?u`NT;<;!( z(asa2BVA=xGeG;YFLpo%I^R`>k#bf2P?JEZvFJynFQ2Eg5+9tuhFL5gi*Ri6s;+R_ zjW;q{+sN4MPG8pT)vg|Z$K2G0bFQM-E}z_*Y?P7jrN-rKh({UaC#0XLr+6(*;F>=+;^(~2o9&){>p=N~{Ho94J zx=h2HpxQPse_G_EOkb8xO;AKcDnz$``9kJ}WIs1`c2D^nlni#$oz*$)z_A&=fC~A! zYL%*4J07eWKPr*{%hc{0)~`>MpK##dO+D86U{>Wr%+3TQR{=Pjm*cFqw73Sbmhnz`4Hn^n0}`*_4;|n zTARDvQI$>p%EsS9b+)#WGJ6~aNQ}oi^L=0W^)gv98`lNB_4W6kRU(6%YdV?yZJqjZ;q^;~z~&b7Up z;og}*(`Uy`xZ8LI_`U4S+#Qut(iln>5n1(~osGC|IcuQtbVrfqya>2gzZ`W`(q)%< zLJ3Jp15o@xq!$xQ?OYnC?ovj3bx3b= zM%)9ytk|eyrircC`e0~evX*RNka!tp-pWJQXs%@u z4Y+`8k+|5hc=4$=TJxG!=54yy;QeEqlKmt*ljuoRrF5hx6CATLiEfM>3PF#AZi7-$ z(dpxz0Kt+@7nn9O?wLTsy63r6?!^u^bMv>KFdouv1+Ju4ixe?o??1-4F53*X>@-mI zt!%8nIR%P|Hbn)o(#2hjWdTQ=Luf^t%a$Lh?SpcHs!Y|w`)s`nImig~Gk7z>S`w3$ zaI+7uj5GS#bsip8?qYFUbuNj`%}s8YIe#^|7xLA)sdIaVwFsz}>DJ;LHpsBLA;VIu zRW;9o4C`U!=6~1}7T#56<1qJ+z~LF;;irRxgJ(zsDiRneSAC^#5l)B8`dE|Ol%pbF zp5{NVkyw+VmN!EGSVGah#SI zMNby*ex4DVAi157%(qiBwcVo99Q}^Icxcjj+1h(v#?kR1t^nzTnaA@7@nHq8HHcl(dY#(HIwLq?yR~hY!s? zQIqIlD|jYg7Dv`aIwx3oaaS&99wK%D3}O!b;?kMP9j?sQulO7hXP1ARVe3V9dInU$ zrzp8VuY;3aj;A>$wz^tOS6`n^SXeVVJKOj5>pYReo=1MyeGGztoAA~j8Q=oB2yq>7 z6A;*c8h+@8U6PX5>VA6q^HXIk0ce+jSJAU_aP&g$vNg=aom+PZ2E%0#f-G!GluFhq z#s>TorOe$CVbLa@t)Qp39%an$Ii;I4#IXbl#?czw8?sjhaYF-?d%c|M3o1w^`NwBCgh!&XGi|($f%Uz#g_$LrA4lC!q++jgQ)3K zJLA8ajyUqm+!f&FmeiFBh_QLVjBCE8%Wq?ATM=#J#t>yu4A3+OWF+wtQ^c#y(rnZ}3LrS|wb!aU$9*L!u?}W`=7rfk*(O~7lLthTq z9)DCKXDJ^^u=2D|g;tt(-FsnVTz0u~yidYh4qyCrqwWj3PoDGxTndvXD{qTb-*ZIR z=R2SkklNUw2b|9R4JBv=KPeC2YGXYY+x~Z#^gBo{a?lM z0X|2O#w)8{_VSYk>kFMwH}c%oF~$5^QkT z`>}Oa+XFQTXv~xkAI_N$+lU5KWXUZNH2A*uUHtk&-2bI(0wwuBKH98&A)R!w4SrAfLSZ)qyE z@$ut%Ei$;(JkRC-e?l4bnF{msXTWQ8SlQWo0?s%nU46Rb`|>4yp7qtM!166}+z6^% z(aZE%^zaAyPXman3hmT1h@k$6__h1?Ak@u9PB|sTmj_C^}(<4AiSPI z0q}ZbPR>OUFz~R>$SnRFsvXdnn*gqi6x6FzQc+3G%To*}`>g3ma^}96LW%%)JqP6K zSExX5{@z%-qQ=w33lmdQYytug0XgjJ=clBo7(`rcxvzJxLa6A=5GesV#*I7&ioT1% z+H`W1py=yv%;NZW-B4dY+(ik;9TPeeKteB^CM!TP(-6W9fZ)A*SF=3}IGCXdl8pMZ zXhf1kOAB$aQ!B3@{o90l@sbz$_#P}RO|rOt>1S}ddGkvp%Ol+1_i%r664-6$#N#E% zZjB+kO$;(QFACW$Zd29)Dg3TrAiISj7YMZ;JouE8a}9$j$_MR>c(0E^?IYBX<>Hdv zee9h6Ecb+U%W%hOeyikXmX^UmK_5SV=GEe{^FR$>*uO9?X%Rlw3L+VRBnXtWiRDfL zNqnEp;{LtL1J*%JaTu`h-eVCF5!Tb~XHDTsX-V(R?#ifpJbLu)sIG>LFSO7rR}Kdx zJ&2x^)Zo@ntE1H0Dz0JyCd$pN3{13u2E04cozD`=gV@N8I0~3kv*dG*SPRht%;|LB z8#-KNz?^D3pZd$NgqR|j128u=RZ>z4ULdS67;qdc-+gg{{Qk%Kda{vIO^`;a6=TaZ zh>7!0zl-^_nM-KOvk@6d%f!q)XodoVPN3QeCCoPc{haP#LW#79?!Obq^~2^W*gmr0 z8A>Xu)Z{#MQV#X>wY6KdOy`LQ2Sc%K`&cASi{Gm63xh7%5IF@iy`)?C4v&Q8i9N^*UVcS~{E$CY0~S1NM*+I3#u@?EQlMNZ6~65P-l@{$B+S?RLDup&?z(L^dZ0iRb=jgi@&B!x^#yuPCTu zl9Q+VZ)hA4C`sAmP-P{j^?O2+Aen7+d53D957W zlmC}6#)vBelI(NHW-Tpq!2p>epdh5QoaA-C8i6I^UO2ykM zZKpE8oDn4j#f6I(8>l=0vH;Rr9}nBd4UKn|raE0|S4`FpM{- z_ON^Si5RM(*rfG>ZUVDmf0oW2S=ogX9y}w6mK$Wk!$|72fV}`!s^x|_Yl{atw;MSK zX?$^nX;lqSA6lKR7c%JmmH+l zrdw~{-cUbvAFJWyGL4oNKO^I1gKx>SEn$IBA||He@7_5LUK!KhuS(;=14`jT(PV<_ z#J_JODi7H*&wpjh7Lk<=IvbOddch$fb6^+9U|z0bQ{SSpvGLc6;+n5~W|&Jb@XQwR zz`adMD!~}KL2FnISNRoLLqkJu+?deN3tf28WTiB0ZP9zS;9d#*`&cA9BUTD4njq*R z(|I{TjZ*FNt48@3@f;J4wWNky`Is9T-jk51eW_xd4p(!$3pB-c?%bX1?5DoIFX<{x z)UipR{T-AJ+1XoWrwzJ7w=cDX^D7$OUTSP^?tXJt+=R-`90s>?Pa+pwKd~%_ST2It-szg_?d0=1VQ_MTu*%OL%OnZgRw)ublA;cpluo zeVhAGOkm)nBdAGAIyzG=kg|MVyvRBbk>prJQ79`hCv0+Jpax#&5!Xx`cL@w(1*Lu+ z{C6@*`z{{8&zP(}aJqFnL4KF*&#Y{0J>A_O%OsQrOOs^qeOc$#7(dA2UW-2$PkD+` z7k;W+=n5aSS|@js{KEWC>44((=O0vC2=tjsF#c9=LOFSUuoam|Y9FgWd`3i;qX?F$~dZ^p*P3#l0ytu~xy zW@gGA*^+drDJnfnN0oT4r)I=Su%8JS6r`Jd!F%-#1lY;UaE{X*2WER$MkX(i{88|G z1CK?5(}C|}OPhJY$nGF1DH99JkjkAqzA{s`$flvg<(5=-k8i<*hZoPUz1my*F?I0v zoJ!(ThoKc}BY-^|HLHg$LRe~XD@WkpLNEaHA4I1XQBeY496>Agu9LHK+3C}#ySuxe zXiXY33%Y)od+OsHR)aPs3u#m2Ah-LG-$K|c#VS+3F}ZnPow?rTsB|Tb+Pcj%o+?{% zw}5~Eh$cTlPQDN$J3WHFR%MG!wZyl>L3t`kOhP>;tmBA*=&S?5D=7AwkpTei&6?vQ z3II6iM~=sT35op#RwOx&o(ph}rKplx$C@Q}cJ^zB?U6A8K4Uc`0mNt}#9Q5n?(c@H zbD=`S@5yM=NwxUdFIZlEiN=$$8}S;I%^IW34e1ZUGJrk^~I$^NHNu2(74I@F1-hcNQ^1 zBZwnvzFBnJpC%qEsy(0y!jLxI>F}fKI4*plU+3CwTa7W<{t+5G3)dN?#PlJp?TqYwAc@p7@A7mt5(#o z(xpXV(|)BBK~b&LF_}b(0fdd}GT&U>Tcd^re1^*^cyL&JM$3>zT0V5Yi!>OnG|)=c z$1r^8$_PbZKA%O%c=G|CSR~t9;+_V7Er;P2ju74mK_&jDLpt0oRh_Itn_KT==eK}u zTz_OBd3W+rAnG_T9~pAQULNTaa7^I036R0OL0;6pz=saAyVjJ5 z|HS0zzH}fHJ9;0uv-T_}4|Ewf73k79|CdWQvKp_VI{jv+QAlRSbLUn%*jg3L^m1JB z^{yXy)=IFyf|Twq?t83=8KR}Y!2ywKZVZC9u)i(*5Do`b|5H?Qw4-B*mTi$X{Jbn} z^g`d&QwJwYEPO$zPg3--h8};69fbPQxwb|5%c5jEE0U4!f0c`9JyGbD?Qg+D_`|2* zRvr~*i#NqkXI-VTe#MQSR>uo^*y4+%*k@sZp#-0aQL1{r1DHXeh(C?^z*i4=st93_ zQtwR9s-vP)UZPe!BzG{_7aS2boHibZb`KsK`~Ag%bIt3B0PKY`h(&dW)bKBO;onGc!=`{N$g&^rgnO}O9c3W`Jsx*H$pc@nj`d*J0EsB5M4`Fb4 z2VLJWq4N~{RqjDVaUMhw%qHO{=6LG4z#*pUETZ8>gpj#P!yPrU;qzG zdX2a1e^{L&w7O5hIvRgoj?4sH?n3{!=AVj)0)*Hi5w0A&C|R@s?g0}yDDkvIyIFO9 z2aPY13{esAnH+0Y|5x?|x~j*8N|7|Y;}M_!Fi6qL4xH`vxA9Fi-@tF(v%pRu3ho5G zcnk&D?IzF5anPC${GlukamyKu!x(Ex!sTIJDT1e0%?8gn9;CXr&V!8>d$TBH3_vG` zJ#zpogVG&*dAzky2VQVf09yIb}7!~sdco&sk&t10>(>r6L+ zGf5LRaN{roXVT6)_IGCzorYZ+&5}2^r5M1|5_XJC3}_*Ws?AmS(@{k$+d!bi9BZ_| zY7uh+Vc&h3n}d)M)B`$-CIx?kuE190apX%29^iwa*ARV~`aUMkI=6kK32D+R9b~~Q zb|D&wGNWYz^w+%!?W-g};>gMmS?3Qd1AJp&=pO8-q*`Mor6GePy0DPAhm-QeYbQcU z|NIJ>#cK$02YEb)Vu%hDhSQqbCLPZL#7%W8@_$HA5qPJ=1-CG{$mIO=k-`?5%aI?h zZibn`xg8JMfCI>^^)1+Vj`%+k5RlW7;kx(rB72IXYHbo<*5u}ox8L(?Y3n4Wk|U{} zmpPaoc;!JeW!b3O7cxl;z|~UtE9tj6gMp<{D)!cc33FdMfP~P+iSFgbEQZ;3cXy^7 z7w@v3Y0h@oNboZPwB!H#h+62pM z9FYIsz1(*QO3OCg;BcpUO{XDXop0VH^1w$jZ42lC1GRgr=s;IRodJYkJc%bnz>?gE zAgVR?g~{1ih-z(YLi`yd4!Sw-Lj;d}rn2+>SA;oTRztd7^N);YBcLq5h9OGy>n?id zBj8A$29fjoF$0wg)Gy+BjTQ=bq7~q7tFQcCRo?>412ttt`abacXNqZmfT-;$$+OoA zbDjf8j*Inj&H99_gJDmH5xoE0QOthjRQhmp`$BeQ_H(W6LVrTMkrDXqv1hp^^Y1PJR+1hdXI}YlL$&*r69xur(|trLn>J44&);z|i_8V# zxT=*ZE9LvGMV6RHB_-F_UpetO_0Q)c^9NC;CVLi39a%(!tT5H%Mad@(3eVixDx*IX zyRTyGCs?Q`*jMSYvq3nzK_x?zV97$YW+aRhDGqyAVKGk2^rd!XmS67ohBxem#O?vC ze?i%g3qrGt(8yAGcn;$(NRaE9Eb#|b`{yDNx7>^CPGW32j7A4rsl(!p+amgt@`bZ3 zf=@>Xt%b{94o%Pdz9Fp9*6`O-;3d8YYNIu8%yfH#6u;l$BWAAR^>qJ~evz*Dng17AtfCR$YJ zv46w`XxG_&)+&B*DR&gK>kPiCzn%nkow+(N{%pAY!&rX)li@pV0o{eZWj5Q5UZLxp zwcd!XcjK6XkOX5JUBk_;a&t0y+t?8yZZ z7y~Udu<*ENfD>p8AqY@IYbpWTv-hAX)$j4_`Df_b7ta+2ccq6UGwJIj8+G+aH?ZV9e!$=XB=+!uATi`J?mH06kxAS4{1sGuf4Yu7 z7z6)MhediNr@3iYM$K0zG|koP8hvd7;!D{bH%6D&JSWt)!B{9V?6LQ3qh%ewGqDU9 zTlhn&#}q+1D~eZi26~=KdJqG)(jaEW(#G^T|{B;m{tmN4T2*6s%8o^z~ zz}{yeYLGNM0a^OT`u<@`xT1&-748`e`+W279W~cLABLNs^-%7rX}vR3u-Zo5No%WH z@jtFvw?q=$c^xn_#1MIK*XyxBfb4E~=&NBx%mHrv`RxC~rhumwyNjTg=1KYZp||iy z_T~d_T;#{rIUj%8zHgu>U)~VEJ+G+Yyod`*J+D}9=|9;hcMEdBM3_R1RKqh;#wu);hHYC(!air!Yiz(rMp-?jWhuKWM|{2(?z zUBlH`r;OE@#(606uH89Y`r~7zWTm!mCzPz!a*UGv&tw+T&B;=`4E781g!q>InV3Xh zKs*1JaB`qghRS<_{5SVz0hoZW)fH|P9KQnc%i(xk?Z4UG z)AC%FfW{s!OXihtM*7h?Ny%bOJd5|0OydC#(&ZnLr;Sbr#-`5^s&qi;{ZPlIBrsP8 z68c;4z_breo}6F+_a>#`wlD0uAP8^`?}xN zmD!iv=?WZQ$OMt?NYDgy$9*j#R)Fy3&A*(&irJkC7(3YC4KoD`iPI2K{@sB5 zbMa6ZM2NZDt_RIdaFvwIn{4$9YJg&s$ky?ZG_mX%QxVmS1^j@N@2Y;r>kW0kZdbXB zGs)6$zOME{Rq40KP8Dr3x7#h_NRo*1LwLi7S(rf`eWZ7|0IMFb*VpR{z1J)=?#Oaa@ zaU-jQIW7l;w=YJ(uEI)l7qZ}Xwyq(V=Fm5p(t59-ww&4L0TAZy?|Zq?UAm{k)#fu- zC;Rlk)XS${_nZ`tEy`4b!^ogdoS(r$Vd_3ndz!Ayu3pRFMPzPS9BIAih6fvd%b}8KbGI0v z>KA|7<7b^GYN&9vPkP@xdW)$S1%70LG_vb(?ew2e;-GVtolpg-qF@os%MJsp=qu$Us9Gm{^KS1E-47F9 zFU*_WjaD<13d5>dNY9P&8E9#Kz6~TAk=&{NOs_1alE{ z<7z2CNCoFb_`MV$)rux!_2gOGCG`Ck+sM=bVa0I*#QYDBawx%rF?fOdKDSs>b+`*?7X0U7 zxAztFk5ARIh!LR#2WyOGette12lJhlX!5fg()#{A1LHo=Y4Fj%i8R`asO?6&##^_u zj0F@PBnj10HpigCM3NZ5v4N)RYPGJXKV%LG-9n5RP#x4TJ zRdB8~WB*b9u@syOs6lUMwZi!N);E#Vsm0zW(dZ_9zpj<1_JTMd=)j&haCXlXE90+?&|mQYUjEsAt^sKVNE%|n zSNAXVk0n$q#HJM7%S<0lEn^C{*-b1-wr`{TS$`5#`Aqm#CI0$Tus?!Ss6vjCi#SPL zOIhv1VyRx@+TOBWfnavd(xmG|nYDcx->YM_ILtt1I&K3d0|&mC&(raI2}bo{{I- za2K-_!Z~{ZJU;HLx*I7< zyf?X4Wm!|xaw$~W!eTGRKdX8E-1#>>c$UQ?B?AQ}^NOD3Xya}(0|wJP=$ID-YOWjt zQTj;bcxM(AQ%>sYz5A>2V<-V7mYh?3gOY340W-G_!R@n_*8;C+Xuoh~*T|Jlpv+%0 z?u+KRr~kTn2HE|yb%QPE0bLwjT-`-14BL=#ck_g%nm_Yif*O4=MsR-JOecT-<7TUcCH^9sZvyu9y?zdvytzxCqP+nF8V3%t8V&|Bp;LR9{O}@@+;~RmsO;lf69@>KyGFDt5(HC8g6Qr0!jyy8M0;n<*^* zW3pLH4A@!6&h&U$EhWFYCfx~Ry|@3i02o8N<6&~UwmY&x1Y)|0=P!(u295{64U7eW zX;jqJUZ)JIgIvp9K)aPXdIWu&m;86m0OLGzi-f=;Zm{FOV?+Qz?Bjpo$ScT;s-bzR z{!yGmk&>XPTL{C!P$XxVcm5zo=gpzAIT$G>KN@5O|)-*MV+M7swMZ| zIz22z+x86(bg3CCPi}ghY>s#$Q2Xah^Lx=LtevC}W~<@ioCUT?mhu{Epfa?p06l@B z^KDS0!swwI)detK>YtcWZIVAFC?%3tz8JRhqYlp?cs{_5YCYHi_^qcgMg*}8l;pOG z-d!(XU~}Sbll$%CR0N?JsJ4uLGg~XnroI6Vy_wZL>j6R>XK2fVEoTNcte~LWyBl%s zLkYy|r$)~+!}g%jg3Nu%DWk>i<9DQeNvoUx(S`WE208MLu5bA%DW-}tRv%9`3yDAe z!5LL>^N*u#+VKy2NIF-3Q^Zy0s2s)TxO`;@YMO|Fp47b;6u!D7V6V-_jd=ZUcPUW9 zip_(W{I(v6{;kBdrdfLbo~=-xmGm(Wl*H!Ig=^6AJJ7B z)KW+Y^gWF}{IyOmAWGychvcb?1gGBzr`)T#cKsQc#^|ek0(^D@L@xY_qiNVUEBej; zi-ud}ClE6%eHhxM-F-sL6b&WPh0t9@dTi`r9H_F7;|IqE_TsZT3(7~oFS)oJ5V9R= zSIkdTUFcH^CH_?{x((rRFLHEjMKPtM8BX^o=PHnMJr*lZ3}~9`*^C6yBknRVkQL*4 z5-2+HKy7?*+?qH8SO~sCNVW#!9w=R$vgCM-^4_vNbA2=GShojkuh}+#1T5+ zHgWgal%ZDM=LevB7?Iip-v*5`IKA)dF(dbMbbvuaN|a4NVRKB%Tl?*L0TrsqmOl&Q z-=W2V(0!CcEgi7rLzim25JZ-psC{S-JMK=0A7Hf9NH;q@P2KJb#xtx&hF^yB3Ob68 zTY#M@ybl2)&7G^61yXUhfI6@o!Fn+murXj%i!XzSW=}sEF+8`)H(Z~1$&L(M*fWED z@)LXl&bl?DWMuH;0^it8SUE!knV>Dif&C1rtT@cLyTe06m}2$i3Ic)}bZ}4=nMDw2 z7)b?t)0fz%zFp+Mna|9{9JmhZV$!MG*lAyWGU;(STdRh%f_!rboZRnt<-;e(L zlUI=_IFZO@c?C@BIR=GO>x-jmygzyu5e{K@20*?jCKa2OBS(69B=#`3hwG>}BjY)% zuax>1c{us3uBcwbfvuYO)39hu% z5$=WvjX41|*>J9Ld!BQvL_n0cx~m>`?Y!U^#TNpH-S2|}cZ%djEWSHP@lQ8`H33>-`h8mpuIC=*( z@!L`mkDv+zGd93wWNO^^ChsQHWfAWLnfCK{6YL02EIke#9UbPguQVAfqtYErmSsCx z-etzL*XkR6XkneMnKq$}x0#=`3 zUeHRB8D_qtGp8tJrT8%;jPoA3H|f*fqpJHe(ZAOQS@DKMEFeK#?acfDTNM-){X`s< zSi|y*wI93G&bK0WNH`Md)jouV(y5vLy}KucjUTyl@Eco!p|=yb+ZWsU$mDs;Q!iDC zyTT1$W4r!fECtNm1dkV6KoutB*h!Rj)0@^Qye$D=n(jzb z+tx)0(yDadyz+f%TLM%W8aj1+hFgU+trp*e{2g zX;_LYJg)p}g)z9LRqJbOHr6ioqdZ;hba46pW8_!dMFdME{n(@3{6_5&UZ1I*9jfNB z8a@X0*I2C|MSz3;dp0MWU1OKMwpKwcUFMNS4;;q=wDlNmyWeVnVuZm76eE1Ncyc|I z(PpT#s&{`0<$zuRk$4%`pDwd6MoZPat-0w=b`;|NJ6P4ahyQ)-W2m!&>A}(7Ugm(W z@!oZkVBGn*i>+bHNO5}p&?}DuE^^vvzN;bz%U6%%?2x^9?W^FV9*HRt;^$WbZ({KE z_05U1t43LQt$!7&qsHp*2vq% za4)rzZS2mE;9Dv7?5r)Z(4BBVmaWg?-MEX&^q{zRuacwIn~<=7RV`b^M1>4Dm>EYQ z?S=0J)-pzklv|h29u6df=kp+6d&vaezQ)PNxfz|Ws-nL(FjXkxNIJ#8+|9e zHpi259C~8|V|b&FGf5=3w6x^w_v${tgO46Pq5y;HyX8Et>H=S<9=O{(>3I0q3m#Vg z+3+E>5P5W#;Y|?`gE9f?#-WG@kG2bpT-HyLk9*1=Gh`Ody?-l(g?LvK+%+;AGg3{;KMly-~JpTiVNB` zC_SHz?Q%9jFmL*>p&J^P_DVdo9^W3RA~_)d3WxICk4a?5d2LnfY&=QdzSRAxxqrG} zBvY2<=soAHg=gqn!8x__a;R*)4_AIB5Qb4Aa3ZsjQA*&ucME1HoxnRG98pM(L)c9B zKzp>@nLjM($!=@Ft5>-?(6NcneSD_oG{y+dc>hSzHvzX2MZqjY2&0QWbe4kP5W};m z-ZO@yk0fj}Ly^Q>YJ?)&pMHk@Cqo3z&^m4JM|-w~2TDzp_uJNp6&d)iMU=Jw2shX(=)|!CcU3a1Zxwz)=fVvVu7#Y%Mmg`)&{YT$WvhmokJ(-L$Il%Ucn80@BPi|^;3XRUf#s1 zZ>t%#M1__=%(-2%M%Qv&JfTyfyGWNknEl=bsVU3-?KuY`#fFylLT_0(rpduEu2|{L zC#jMxLLx?7q^o@fcAaFep-%79-eicUst0_eU7I&9sbxjMG;LOjLFJtap|biIunwU%fvTGAO$Y66;PK#m)X(&Mrjp4&&qw8E>>js0 zOzyG!ZFl!rP9}$*%bl<*rJ2`fu;chxfB)l$`!G@3@HRNNWjk)+Y5}`v7h2YFVw_6Uf!bG{ zzXr0t=lC$UlNqM9^)p2LXXHc4X#-0QFMN_~I{aDkfwiGH7$xCT`&o}Ml!OIsTF!P~ zjQZ&o_hn>W-wC>Km=yADQ5eAO>w-l9L)dk2LWM2E3!nzPjwknwqJhu0k=t;DQ{jMC zXfKbe$;w>9WkZdJEk+^hb6nGZY3K+NZD*S$O)6l0>08_9u|r%V2+22lnY9CwoH z%j)?p%6%D6drTB>{{-Ax&>}9~LACd>`R!o8`|MmL<^qdR zp_N@p6>B(`Jv*8ntd)6V>MzRB)b1Fh+cMnLT6?LN-#8bzY*d3K=zt3hP{5v$fsIaW zB-P~JZIe$rpvOSPL5>iLOX~c&ei}=6Gkk>{LFVhr&6^B;H|&=6VE8z4RQ+3RXJt2C zltdd#6YoD(Vp9=h==*jKwjsuF=~6S*Nc+J#7OcYoTu_k)&xlbm%kMMSEb-XMv`!aH zeNOaq+XPuNjypJVjn2c?K8!(7XG2?4sN4S#P8Ha*249{(E_iHGNp=C!(=?P0ql%uK z-#K2dOtv%ME^ydxR|ZzLC57-wc)0S_J8EZUJ5uvuU;0O)huyIH{Le6)atdAn0J`D4 zIPl|pvj8DED+ecTA@kj#xN_Kz+>1x5shF~-NLSWX)4%+uYr_oPMS-6_M`$E_jd5ye zrmAH2W>#=0RJb^Uoz+yG#&4@Y&p{j5t>YTA9d*BTeGgWDpXsxYlGVR-Qvov%(<7^O zK69>?&u+BdV7QFS>{2LJvPMr_pTPE>^+P!o5Amy4+xl&MJl|sM@*ryJXu`)xg|cGnp2QZ{&hBsgyYnvbk3T3C zDKIIet10O=27wL5pYA7Jx1QB!Rmn)>C`DCUwOv;Kd>6d5M=69uBj=m!;~yio%Xx-f z%*Gv=S|S?l zeN{NIUm4vd{JzCmfiqC-!lcn1sb#p5e-(obG~Y!IyB-}YBd99*5=G(7Q#H+&Sv>fj z+p3<-dSTZ2E?*Mc^pJT)mx`8ax{9XDMOmsUGOy8G{eWoaMZR>k{6X)p;LUq!;MGTi zZjK>M99=Jt*L1x$oNCo@n4L+=dpgdnbU{lq;ZAU83=I!>PsN=8k+o#Cd?VeV(Wg^U z1u=JmS?8>bQv7L!Qozf{lI@nhIiTE+8;ulOdk;?zw?q^sTYXZP89YYITS+IQRbrDK z?KEq+FjOetlcJQ%Wdbi9aM>Ii^Enep&=TVu>ax3KoXV=0919LDTNo)(ndIvJ)Fn~u zh|;EHQ*IvF{@(DeI89nb;^s|*=4nzB?Vb7Y29}tdaT0xHY#vZO^&oWB5U1`XCw{0 zI%@i@54{{YEzj5v2ECqYJ}SI;724a+Gi>(`vz`>aoq77Yf%fje%5rN7GR3jbEJZ2x zy>qiyYr>T>bnDRKvMmyxo)qmODNtbE_my7$7P+7ZO>0-tl-!4brHWDOzSNsb-%j)W z;8XgfP|JN)2kmpl<;&4;Qm!ZwrOX}VE>f^ii_?s=)ppcTUc#56Lu$N^m6^Fth#3Sm zfq@8($urW{R6QHCepNsQnjv z=oWyxecY??hR4j74);o2Z zR^~b7hn8g>bC-+QVCFbKz=;!T*^i!+(DEkhwS+s&cg-u5KbyGYhzaL1P64mOGMwc; zYrdQ$7sb!-u#)V8v3{GPoNDAbIC-Uly24@A$aJKj#Xr;V9kUH*!fXGh^v)jxgimLx zXxTq#iQsALv}^XEpB)bn=@2jvxT7*u#G+53rMlQ%Ja##FR3IO(!r$xhbX1C?2^ z<6R!gB^@uaA*x27|pDev)DlHiLECH-i)a_ouaeGG@(N*)fiJmiPG-7%5FdlZ^}l~OokjJSyBbYQx|*m= z@uYlMlZ92GtAmAqe$9elgC7&@Q5fLX2t5YM(Xg;gm2bTIZQ>_E|^WQ_|vP1J^El)f#KG0 z?opaK89i{XRJyOJOGwzM|BCg(U@e`O>vSAGmr?i7nxzwY7B>xT8EX3$m+4@)^CIxh z)$T6&p^*Vu1Gp1>6ofv9jX0lSn$a+A%$Jw%Ob{;h?PwDeW-`L8)4Ff9tK1nqZ#GB6 zZF0Bh*@Ox8(0uF8aBf?&)lBCZt?Mf5<&u=FL46VCrDHv>W*bv8lvj;kkOW zw{L!9lD_V=0TWt594Y=DC@r`)4i4#kxPHb)YKuzC4*r-vv-C%bURzjv7-wRMh;&oh zr~vY`NsC6wR*45nk7IXZoV287+lSsiJEkUVe3+rM!Eji_d8{{j_R4E+krr=ZxdLE$#_*jJut;}1NEj4yGs_Fj{)isos-Gne2lQ8 zV=b=J%wVti2%_fWv0cyJh9e(;9>RmfYmNwKc^5c8x(N=t;67$mLVA^?oX0Zf+u2Hkh#K3vByX`uN z&(6GhuZekM97DO~MV8aRdlZx8MK=3|7q-&s@)@1NuIa9z#7R?bzhhP_FbR_sM8&G* zo6Nw|hvyevYW)5mXI~x;WgEU-QjH{fB}KNp$Sy?LB~-TTAzMQB%FZxZN}KeivXkuV z*tfx0D#|jlFU^cC`!bfXoB8f%)VqGauH`(>>$;?;t5-~0sF7`( zc2UbsNgK$8O8D`)j+_r#W_8V99yp-qEy`X^a-3qI<+w-EIdN6hj;MZTpX-Kh?|jqn65on7BXxq6N5ft88oT)Z^iPopaX z(-Gx9*^e2zrR-CDvfU{l(RChgdEoHT8;dyOq1tx32Etz-df z-SiCU-SOn5Mkq%*Iu4x+xGN+&Ga9>>zl6ppNYlw zO}#U7U8@Myv1EPWEv zijn*BxWGJYz*>&yl8IaOQdK~64_-?ed)GVIn=RkGS3TTMgN}@t8j=H(Vj?cMeplbx z$`QrN#-Q3w(AFUf6=T|TmFw&vjyxO%YE0;5~_}4s4g;H#Odgbj=MEdwx@8o&ljmdjY-s!sqa~IeSZcjv7Dn zWLCF|dQ<#`4Oh_1<%)cj_j*6(gX;6uj>d?oZ|dwulkEvEajn6G$PCRwOYwVcZ-G0j z{oSfo$SP4nwiO{~U2QHgd1xd96P+xLhqvTsIrfN?nSL*hL&uQUaRE&vnSF<;E&-r% z(IkA>THA!eX;gMALFlWQ}u}T~ANC@(-n`I^v!a zXqKj`1!@(5*TgaqK@j+irZdCZNo=CF%!FVXeI5}gtnsx zxB|(f-I=~}x7b!$e!` zk2rMBsmw(vAeZ9tnc6N@i=f=e0p{VrHvtmuAhU#=z)J!zjDv$ihd}|6N2>-*z??D?$k6-v=#0%fcI_ zj?;Ogx5vKAekZer>agZYk4edXm3Hp0vk9PAAUp&~&Z~(_k-`-qoiX>D=JD!VbB_QY zJ%i&?!2%1*AL)P?u#NI_Ml5XddL+jBnIdbKi*}i8R&qY$0$tylSYdB9-8tJDb+XD6 zb!(lDZRUO}Z?|j1y!~QFq6r#!p%;OhKa2w|dB2>;lyX;to5>z0VV`diFn=MOG>nLq zAxeOxuN@2=!Nf7_fXs>bBg*m%{CwjaToK-1Ac@-1iCe2At=Av+iV8eN{eT-lBgO3X zjo)(x_Uc^;Z}+WpTVCtb$vkrBbg1I}(a>FbA%Kea@YGd6Ym7MP6B5$%%MFIV1BXAjT> zxJeo65BoBGKQ(2azOj7lP>nE-x{*xsFNe(Vp&pC^a9nYduBhE(^8>}|cItkS>dkY_ z0+nXGH?hq3ttcz-Utko12kWS+>yKOA6Zx-rjQwCbxx|RoJCUZ|+toy0c-H93 zFXbo|=Wq^ZHGfZ(^@dW|aGUE)4YJZGFagdegJ#3L@uhlUmNf z$OP_)sd9W^`N*_hTIb@Cq;GE&q#vXPZaDh5pF$yHowj0XYGC{_3t`Pu9WWrd4A4nrShTbdBbn(r{Bgnh(7&aWZPVWN)wyRoJ z!NT7qRQ`dPolHWMq40hA=0j!cVE#`8YZRBtqJGXhVVCy-bN%!#{wt<(-c8%viyY}T zG&E)SV)`+I%p1x3cIfJPE}K9rjuEMEykS9nK@sq=?_W@_moPSnm4--w&j~pY{rK|4 zFx@eAZCcemK=-ec{0d2}K)xR?H7{e;1iznS>ZqG>xt2vSWKX@yDS8loI#ha$pn6K7 zgUd&My~H8Ose8!HsbOO&+kk(Ud3kGf-aceL1?ShLZLFreks#|m(@Q#Fkm2Qmy+6s8 ztyfv3S?7pQ(^`qw+^Q2PNRHRB=6Pj^PKC~9T~AUt@6k^ z%bg-l*B5t#6o1LRr^?gG9Dd*4Fi-E(!j=ND*uk{eE?nV^gekyj+#`lUN$A}*S@ZtF zl=*Ui@tD^5g}(?I(8ZR<)uKZPcJqoWbH(Dx>o{Y}yyqfS9SiB?79@HmCE|0ANmsfb zfatpBZn-&LzxeJwYN1M>hUV#Dm1j=i#>nAa07ZGuVz(XFFG>Ki>k#ilx8RMQY$HHw zB_T!*0t~P7LJiUgxISkq+>V|S*z&G9nBwv#^Xl$8eirMEGXf~q@-mV>pKY89u07{V zMZ>{;lV$V?9$ZZEx^za6suCjpnv>sT4V& z^6G}{JJHo+G7oI`zLviCV|93e`UDdTafF#u8rcEvHR^f7Ghbt zPE!6gM!sx-be;yz>kF&2Yqy3dIyanEdZ4zUv9Tvzixn&F@#OkDq3J>dqbVBEf6qVv zlHdA5p6p@;b{2FYoCLG${fMP~0K>eTmYzNs=-8J}$v^>)P(n@wzBqKcDI)1TzkbFb zwzbWAriS>=th>}HO0#bngjgx}Il}uEuqdoezDaTVA-rb>-H#;y*68zHhwyDLrzXzn zRTRj0E~J95Ykd5zZDbL&6Mt+%<_PC-3)$ITPulc6tKY&CWpO)XelqZWeRoOV?xCUf zZj(|+!yb?a_1)?+v#Yk}h&ea{{5uFT>;O23V+*yc@himzECxUhrPuc5+WgRT@?j3B z8!&2?kF=e7Qs|}?`pviZ$|0JQkNA!^YeE-r7D!e-Da{XtsloNrjy~wP*EJGzjM6o7 z|H)yxm-|B8Fa0~AXSheJnSj2Im{+(%-tAm*%yAIDOc2^@#6wLbJPd}koNjC|9GXj- zJLAg~jL{AsaPS9n{pRrqB>*E{Eza>#3y7{1Lp8;j*XI~yIeS0Ce6gnLM|sWbO?Rdl zR@@tL_O`yfD(f`|UO{vl{#H4ec z?J;?99+3MOzg}eo1-K(Bo_4310Sfl&z<%6t^M00$pV-u27?x80!E`wKx*7Qrn4Yqn zB;$Ci_*VXQ>Vco@)Li=z9ZX1nJr_EnA`HgA#|*!yJ}I_;6&T2_bgej#A8%{swAXl^ zF&jVqjmMx?&a%ICc5`H_mU-CyHYOc#G3ef@J+<35z~PGAKA+wM#s6?ptQ!=7!R`ov z+avVfPF%2(I-me34Zv9Y59GVdX6q7*f<%I5f7;GEGBd%R0e1_`Mw8?6d6%M34Vtq- zSZ&+xvIdwOJXEwroX-JDfQxBYW|Zpep_?4@dN>*L?iAY|%zYWqv?7Fy7c5~H&%zeB zPRp&NAENL+00Sf(QpXLr+y48YET`0cTr|4dgyZ&_!nPwb4)uH;S3mT5@7h1Kq22+( z&w)0fqdG9$d5xgU?Z+>I^sIF@~DbhMX3Xz#Yd|6Q-=4^ zj{5>KNLt3nhP$p9^8*TZ+^Iph!}AMY_$%BA`fX!%h-t8LQ4?0{kJ`$%EcJLV(&o7r z>?m;_fQX*9H2Fs(o4L`p5P~tDurG1Ace2m5v<#N((_Phg36aAbdv7a zJ3eqghK0ZZxz`K7@gMP6vH)R8x`nt-N;wkQoe~hxlXn@WU@#ebpR$tFQA+QF32Kk% zx`LftZU_SvN*VNpiIxC?tywtD1|hIQ5CUtPo+*K(UKWC3bZ|f5UyYF#d6o$CR1mp< z2K*wEY?OMMdoTC7-7EP0=j;59H^Ngf)>@=v505gjv!}Dq&*W(T&?D9UzPm@jJ$x8N z1%~E)JAYolW^4Z$JLx^nI;ffvI*n`8^ee7f4=5W8;z_`6u`o2>;?xNy z!~kmShs;vOVl4;-*d0>vZfZ@-rsEQkQKh!`vIX;Vc*QTHXnFmJZeU zmj~`F@m+A}yh+C*d3AkfvMVD8P#%swMYiu&?rd$@EZuh5aZh>uI?}LQo6Y>e7qace zrj~c2QCaRl3X!c_^Vqc9H4WgnRmidIHlh;fzzs;?WPl`Qf~Sq?9V=St&UEa_b{s0x zip{7d%AoKB!o9c18y1EF#=79y?vQrBb4$BVWvu~vWh!N9tP~)_fKu*kpMD>700N%9;rnT}K^lMbI>#P}`luD^|q&7SGWX{oL(2k0=9$gP_I%*pWcoUOv>fEWqn zp6R}Lgxi7dAgGBv9YM2BKZUmp*j_7iF)xK^uEP8GWqe0N*Epb@T02uEjCOU3I|2;B z?6ff#k(CfxDekc60NH+5f;Y~Z<7<9Y4&Ko)XQn$#e{dJ0SQar@>g4p1U=46wqgbaO zcaBK}D|pRCyH=K>1&ng!)yY zw@LpYm@fT;U;_MLl7x4@=Dw{wz=kzGro$5LPlO_X`0s-6*AwQ5UC$~IbDTKo#e2v# zc*ZT9CG8lS%+%8+4)^u3BXMzcTcv##DYIKd4V!T-hQNu|7{A?cX$WC*+$gYy)Lrw9 zp^IAQ$YshQ21Vm&Sv~pX<`l2V4G3qCvc&ZS$QN(J>!}WQr?te0s#iGrlQ#d@!uU=O zG-*!lw1}cRosj7K+JLRQ!*%=F`yvD%l6s=tnHU)(M_5|&`zm*1{aP31MA6IHYYW&M zfHLucrmZEIg)??*!D48J8|AL%>(#Z(GfuJc{$+Ln=OuIy=JkuBqny>ikWr7M>WYJN z|5vOJ{-w+*=C$zKylnjY=uBuI!jFUwhgc1s+jEi}U=uK5k?pS_KJgk9fSv|{%@2wr z_$#oP)($@ZOAAn>R2NLR1PI&Vc!tLu3b#Y)RLfm^u5%|Ll)Dt-fILod`z9bt0YYHK zVF{w}GB$X6W%Cj#W5o_#t7}7xcR#OUx@uk)#UEwaFnlO| zap$YXe>!0aGW|&&IZk)lnig0E-KIU+-5Mit z;`s687)v-8&CEIh}bGkQt)zN3LGNi-V=lWnttF6?(_+ z%yJjP24KUz4lgk$a%6$Ht_ovb>R6iSx8)F{0O+I8Oj%$<=@nOB<+YsQy{d43^mo<@ z4)IlmnBna96j{%i)YeA8JON#7pRu^Qyxx-{Qk*tl@!F9u1N_li6if9)cC;Lx$o zCnJrX(`ixtWx#9aTakxSaC!hp=p;H&?LeS{@!CupYLVSJ$@@`TQ{Y84dby2P2~mgD zUffHH1M{@z)LgxI5I=rIbp!ZV$ddS(u#OMx19tPfY?Hl*o}KbWy*EAu9IBZv9fkG| z*Us@TU%_B+u<0iY$oRt?{hQL3yqN}Buk!>^?i(u@S|VUQ&IyR?*?xUjy7C=BkP(*7 zVzaX^Wx;S4%@Q1ZEL>>bf#D{IkYKse#{ZVBa=tmJr>`^HSgGMbxclMA=PN)n*i-cB zvTrj54gk^Id!QEMSk-TagknKwXb6`I?WKalE}3dWHABEJ+5o?(a3~G+ijm+?;gO>J zEFO*6x5eg_tA%&Ap6+siZIQOa23}kE{`etD+dw^HGd60F;^#?s`T>&eSzN*9@()2t zK;$?-849h``Uj7cZIt)g)jH-ElQeluOI=l!Urz2jTd1gh`V02JDP<6lTmc8a>&anu z0|0sucUHJv5O&_{tghA9CKLKhd9Q%EVqEk8VR(0H)Njw=*R|VRY%B_2q8&$@Wr9Djx{LZsK_E(mdGjd!zwE-?nb| z3bB&B<`WUFO}zcCUZ)UCk0$5!^9wekzonD{F^_+OH{RC_5J9CFd!|qXpi))`?7Jkr z+vkKr=F=4!r=&|`%%_WG#E&$fJ_jmquldbn@kx}l2*8pUk$_TA++B@K+*pic+5BGY z*p(g*ZTwxYx6-p%cp;~_xE{)Tu?!&>@WpC%>U`|lrsTH9{+=9T%(KYJ141A{*?(yA z!N1HnEHqPTIm;kC4s|7LG(s?6sf4cHSR`_dSxUuY>L@J*Hx7Ca`T%iscd0Ky@&3z$ z8}a=TZ1s(2MESKTb?QK{w$9CQyVLOMk&O$m#TJHY4Moug!a5d#zWu>Q^1--!*$a$f zk_c;RqKxXN=j3gPS^!`(u?ZJzR1R!nJ)_O*+7<|+wHv|Ph2!IQh*JaleXF%<<=-C^ zH+{0Dnsw^SFYUXueQzE{8j1eq5d5(m8wlF&T>5a0QL(g5J>qnVXl-;FeAH$>-QF-Y`?+V;VR`wwjSA8m-+M+T;3b+ZH`4*vri*pzVn>eYfEKlh4; ziN%`jmmtzfkzK6P08Qjsh`n)Zo4LURdim9YUbp`D(@8q+mhLU@(5u@VXcW2T_M;M~-y!9pZR}BWi4IsOPOoG0y7~1w0+o#Inn*&9|em!s|V)s8#s3icEThE z+5+oddw@J4Z`U<7`XhCo?xs*A0^%VJ5L=*OCgPdkKQ>&0>Zbds`U#% zaPz*(Yx=gv27o9fr^<#djN|;fi|uvRcVao=VaM1cZ-2bEZZpyLLBw3tcu2~nJKr27 z=~Pes)v52Rk3A8rXe6JOUW|AeHXzpg8v+2Y6RnB191=m(ki^FlU+a+X9#_u1Qx7cYvL!qp^#9`FYD1VzTRapGIO?(u-rpRsjTa zZ+`I^yy)o@qDHOx!tQd!)h^QtLX=R==;-L3+H+Pffg#8jm6O|QZk+jES&Rzsnz+}Q z`o)ioAnOAx1Dpi;o?3I+2+P-EXt7ry_y?4Yu*BuW78M9PQGtv6vlkYmyM>)mjLD6t zHO)?;;WPYQL`{CM$M}(+>Se1tNB6oz20`_f3W!#T6zImcGeIelQ}8es66$rZZ$BR- z8g3A}LFx2te_mF?uC<%hEpfnh=X)b{9Ol^SASb-(CChnuG%9N#dH0!xarUjs2Lk3* zZ<-Vitu8JWlIISMSO)%JYD*%A$ifgUdAptiYLezzl8gwn^h}d%L2?UJiM>B-J_u6KtBoyEc{>oyE|1zPz5^ zlBjnm=H7n9?A6^!FMlUVQ5tYR{%e(!B@ccG1OQSNFnuRM2IC7rO2w_a)t>`a|47%4 z$pwHv=J_VmzT)S#f-uE9Qvqul2h$gGj~Tm=14d~|9eeb2b#=iQtM(bmZMa>Kr}1G9 zxY%G|r4^)x`f%l`$8N0jInkQj=k1E%%_C)~p}<_9gXqfX!Zw_1)Q;b(6H2(1fUYHryIu7x+A9aVlD|l3roiHRcSJ zbPbBjQ#JqsFQto)6Z2A2r*KP)==FTMLVy2wFp+sOh7F(OGm7@xOk?&W7mR={dVW&4 zQ-xmfgRCnWf>C9$wt*W<>hhc8`c>Nt^;Jd2qTAJg9|4LUk1;LjECiXfHPeFZ2D;dz zA%y%DC`xy2f_ITCl{X-@oqoEe7UM}wb7RjsP-b-_fUv?$YN$Pqv$|#0Iigs!2;j%^ zTm54W)#9`3ASwb@2GO!}R;fPtAl5UUEfnK;3{y*LPe849wum|bwdU6N7>$7W7T!|$ zCP+DU^`2yi%H5%T_BoIdkRa%9ouDZApIH%?u$9-tBtn}w&lw%PrG|qpuv+J*m$~Ha z4((A?O6NdgME}XeRugiiy%3l-@MPG!*D35I<&#K&=^aPdY(9ErZAd_W0zd2lhgUCDdOvx|CTr(y6Y=zEp{)uiHJijW&-$eVNgr>vlB*L znwPP^`<)Y^puFZaM8{Um=F55#4UH?ezbu@IjcsUX_&$j=Ej3;L?vLDEZW=&AdP^`~ zOiIhlt&eG*iW`JOLH8#F{8NHt@dFAt7mp-Lh zs07R{JvImeiyWvyFtid3IxW*4gkmKyUg>*8yclga7_WprJkmBCaQrd72MpIO?=m>a zLR=e)6$`8e%B5&m_U%9UE`=yvhCrYik*c`$H?|9+0o&r%YYrWqLV_eW!fCwgDI>A| zaEj-UOUNpM+0wbO5$MEU0a6!?6(Vwo-2n6KswNle9XnH>Y8Jpr^op6-&3S_qHBW!+ zi!BLE&Bmz4mMcz5%GnWf=S$u2?elMR8Ay=)cqu)u6jb^F!Hq;0 z=MIRLB%L>4U@S_GTatof$NSn3A3n@)@M?kiqw^r*iQbMaw#W1W$RZgMa~dNB4e}ff zU2sLJNeBgVpfvBrMdn>mFLW&y+yVyJ(c==@*Bek9BQ5aNVp`~7qBs+?$M5#8lrxZjl6VfN@Ll%vII`VVi#m{5a)fZ-5w2~CeBYCw;tnn|vY|nAPlg*?> zS@r@2lC$N=$cWV40DK3RfJsqm6G`jtF3GxazH(v;iz;8J9`izidlTOnMnBurXHlMf zhfzsd9UyZai}LH4){T$X@Dj9uYuE)|QPOtCfc2hKSk`*4nX4|~59N9jbe{}L2JRB2 zC0Cw{b^t}o9%qMd!MA*xF@bMsuxT&P+DSj*~!nVZ9GuS;(i{An_PSy&XDqy5Xt z0Or?{=WQmF$fOJ)AE}%y16fklkBPXRYQW4|G`Gs++!Y-NJKj!wo-SeBuz+3uRjFm^PWjF@1lYV1=WFs1VG4 zrhnRM3ZlP#jBl!I(P-+9-m~k>&x^S>UaQ^?NrTV)aYHv z0v2JJ6!^ku3ITAT0bbb%lx`GbAJGIX_800G79MorAjyGoMROnA8U}HvHb0ykbIy10 zN?o^uH$`ytDUx?mzP=UA7`TRIF1=G8A@9G|pFjplZ%R2(=qy}MVh%h19pLjIk$o;qNxj!CI0~Qd<6?8htF&6xITKVr=8`zbQ$#D zs=ilWE&MF!Cp!TsHcK2Rn#p8jV4=1tD`%0Bx3 zUJZoglfmmt-@ma@xdtuP#%270QAC0pKU1V3S}Hr0k@|ba&}nvY>Z0EOQ2+DlfM}8u zQttgA;W&_AR*cSV8f1Tcd(K&f@aYKCzF#`F%b<7;4%0lV0{zVcPAIVX24kPFI)8sp zJBtC_$Y%VTV=9`Q!^%Emlb}Bj1N=#zHmI$iv8jkvf$nelP0#PaJIdisXR2G+#8#+It1u==o8Y6%Ma7X$}` zR21-{`vFG6nREoolAZ$6O2?AnD5ZgLG)R@hv|v9jYD0vL8dovI{59n<9yxM02$*p; zAhiZH1G*j_9t?)sSs*y0JI2>ab>W|n0iYJmpn3mePG8q^-uP{mfTFzHDuhQiHt{Ax zzigM%OQ=}wNjTJL4*)mN+10;F5SxmUIsh%#Wr#Vvs>vNfNKr}zcRgC}(Fjfb_WiPH zsO4SrWq=RfJo~S=2VZ+_7>Ny&^dt#v8~hMg1$}q(Ipf3%OrabASiK8Cx1KDOLeU`- zv?1_a_PE@t>uv`{dQ*o6zHw((W3gWJRfe)pqc^AoVt^AwgKQ!fn359ARB|8COx zP?1_{Q6|$tF~7{*nBT1R@vsf;mCZ4|)n9nOuh1}tb7%Sub=n+BIb%&!cV>j{y4Lr! zt}jboAFXvCF|nKJj(nOC_+TKY`ff3^pt(Y>cX*j{qmM(Y;trS{a`mB8&}IX#4Q_NI zo1=U1!#?GWspwO0g>)N4FT{y~QHTtQlnx%8i-6PQ26e>$fyA{>^jFxR(?xGOY2+B? zS5%cFk-^{o&=z_dySF|{b%&`)u!anFY-(y-l7R1!=Cnt)x8dVQg4vEbs(o`AgtMj9 zvSCJ)WxsS1dN>bI4qKhN*Jq_J46Gmg$u(mx{^2K_@T*_N&q0m_1{7u7Furg~qp`nT z9R@;V-PZi}>L<*s^I}g6voUa4OpK~9oX&TTp9RX?)Nr;?#mcPBqxdqNgb@_m5Ol*4HbO zB2_AYXo^$uEkB9%KMA8@rJx?OwYv)+=*o&rnKVE!cjrpQ0l~Ci!#fD24@H9s8OMaW zmQ+{I1rPji1ybz0X=gT@0N0Ulfx`e=yYVa#9LW8c9Hs2--+qi&);-fg z5s8beE^MWOZ;QA#o)C6U`!uh7dB1OOGnbV(%Rz$62pgxmXmTE#ERERqycK(K)7ngxTya7Zpw3ah%I1LVtO=jlt5z%GS-mJ>e$ zUayW1tWiM2RldJJ59F1o6Y5^mp(NeD*qM3PWT&~n_U<0AGRsLyuE7L8V|03I_*l*5 z=MLhxzFpW(bMTkhjDFcxTbHwv;)G9)R#T~V)Zm6zFesOzr# z163Qjz}T0wDccQN<*jo=K4)(TxP90l^u7C_p21=lqy9r0&>svmL#cpj*cPLX3bjj~ z4v}8Qy>dd~8owTioo4)Z7(#|exyjD^m3D@oq34~==LQ9BISzyAybDGRedaYXcoI{uTM0>;=l{2s|iqOfh7Y9txL+_zo42|$ZCXvat`n2D>o>^W&gBD z-~$3rY}gXLcB_}c9-8DWSB+N>23E6}|5`9H%7Xpe!&&Rk7GkF0#-%$XRam`muxSy5 z9N8OJ9x!CvE@~sw(KuUarK!4BijJ~ua!~d9+-1TmW6+csSfjty4*_c=C)*7jZ)(u_ z0RFJPk}`be?@zY>YRE#tGUlF(ocH zJ=e{-gks1)=1vsIniLx;_Jax%4rVfBZfB)06uW()>Y zmuMQAFn9SAw26-K=ZS8{9yLQn&a-W!iOM-E@XaTbS3MZgPMaELR$T%0oVE%xQopXq&Fn^Kw;+?PvZ~J;hFxR*Wy4< z53AJO+4cm7>`bGq*DO7GIm@;!KIUwoA%OukeT~Is$vws=1sr(A(N52+P%D+E4tE%! zv*rdY`}XHQEPig$p2dQ$$FsT}ThJDuN+S6QSu!*CWm~pvn&iyhM(*2x_y}YmOtii? z{L%tAw?C3e@c5YX?ZiTxU}c`z;5jbzl!99kM0D@c={w5-vdEt*ZeBGZuZ;Tq8oJqfen38f)|$D zkXz5s;gkxQ14j+bSfIcq`7B{G%5tVIxp86Sji|mFR%F4M9Iyt8?fn;Vh$KNXHLOgM zuSjtSI5KR(VJ3NJ5-D}@uu$;qO6T0etstJRwOAc$((o_>_?hifZx;T&8_nE7z8X@X zn~Vh4#tN&U?ly1e@XB3*3ZcC-qs#-IednpI4!`g0>X`_Ms$S1$4sxxDNeS3tt?i%Y z<^g;@S6dDgH$aW0PM%B$1yng!^}!4JFM5Ec6UomXjW>Qi zHM>&e>2aUuE?)a!5qX(}+n%T4||x#H)JsLzJ;9KYJZDAln-1}@UO_1n`=5q@1YO;QJks?(d7nFl9-t6fa#=4P#4 z$Wh9%XELnJ>6fPw;1sTJV@jR+defqA zeQ0<@n=u_Y+nXmoX*rM+#UkY#jn(LaaH6Yx3`wuvW6(R-!A$9a&ZjS58sXWowj}8k zXpc_^hYgrIN>XBRLL_wK>N{PUVbnsfBtMVH*HVb=aTkfSt}NXC|0#t4(VvaX9!dM_ zwn2+?oC?2FtJ@+yUsignBQW@l{X@DEcH7-FI7Hxk{^(An}x2;kRzU= zX8qOA?5C~#brk9af0aJZ?UMl$pQY#o4li0|{^}sJd5$2P}^dZai+#|-4!H-`IoG)nzc1})nNQZRg`t9hx* zz}d!Hng;)L5GK-6hAI9%Ohf}2y$AtVz+~Www?1-yxOsr-?&j~P#_cPS+K{&ZV=zWc znEv(JFzSrDsOO~aY+?J$1ZF8@^2&_yk@lb)5RwHg&3G0R$WFMAg!n+K5yP*KM>XD@`@=3C4_>mye=SodNnvdX zNFg);m0nU0P}~S(aPDau?EP);QBlEsej}6&`HxgwG|V&j!u9}jSAApI_G{+Qrv!;m z9$*4Mnuk;cC-fhT;?BuXMNg}km!d4$UDwp%GNgj34+8xY7gXOkFLVV?Q>NQ0d8tQo zgWg~K{MSJ5FT-26;-Lz7Z($l*+G51t1_1mthIJ-X?g;Gr9>jd1s(JT^$EJOt$}#u! z2NueAQwOVa0)RrI0h}zu&d)RhEV-NCrHghRdAXO4&s+KgxN-(+!PghCrbQlERpx<} zc7aQe21^`Lifq58W}R11ut1`h9=q23IBA%B^IKr;a&M+?Rl2vEVg4r!6$-g8ueX;3ViXG)-fB|G8=*9#~ zz0hzJDEa)1_?ZsA2RQOt@VCJ2#|SZg+ZLElBR(*^yB6(NXKQ6@<%+)-UAfn`bJew-(IeYR0iJl4hg~sWJWa!C`z0HsLKUeQ{|yv*^?Jns0V{peOGBV1ogbTsmbZUd z<}zg0xHxeWh?IbiCl-`@X8{sqJoN-+GRb$UoIbY>q()Ra;}S0nU#3cXA=_A5MGHXa znkpcAYi?~!aE&0pE*cMu!%gM7HNRAVp4XXz$G*GJYllVyWFWLZRQ$}| z*8cK_L9b3mm)@)Cb&+KZMpqaLmuBj7r8cz;|2iOKDCGr6P3Fgg2WkezgsbnGfAWld zlLzL9ms$@(q|^#VamW&r2YQD9UL#kb&mspjH3USP-sdlJ@8aWgS@Y4j-RD(kG6{8z zO<^uE6VyfY?+chU$}>P($dh$AjloTQb@GYM)sEB{2ZTK6M+{2m@I`xf3%<5rH{`oEEK}j|RkE@_6rx>De#{Q&3Bl;1pdJWY$iwM5_t~-yI^CHs&me)*V3dip+ZcoV>j;K2N zViO-zPX1{?4;-fSf%}_}+_!&{w)JL#5n`d=jkadBdeG7IIYae|efSYdn#BM+1{Gws zU2SXsWr%Gr5(+XK#1VRow9E?Q8U(3U8zbNE=oCXuF?v3lS* zX|8b&=H~TSTK&uDr|vv=`)zL{yTf2Ddbxa}+YVlLryO%M0DzWh1rr{>dZ-fu9#B4Q zJg=)}^t_wniJ3M1sxlh1B)BnOZ zm2S{zk{!Z9$3rWpg`WjBH+pmme_D@W=lzyIqnaXDIb+D<68kDgc|~xfa&+ttz=f5A z+#3m}>AnpyR9{L0kfPvka!2c#8C0ON7<>Z&(G1!wJckYH?3FjV_-SOMP$3>NJvsZY zyhC3FAy{m>i{q#(60y}DaQkKjU3Zx3XJ1cqO2iDi1IgNQ{|w>4=TR1Q%|Qp5I_p?d?>tg%uT%fdU;b>3FHq^C-tGVB9F`6)Q;41~iLyK2*d z&*J1b5^at*cIzL;vEfv$s0iURy``v6{{E2mksrWY`J96k%yB~>z*~x*)3PV1;V1t@ z7D}&aMvgqo9}v~rj?A$z0^jyM;!%^)t5(d2ZJ`Q0$Ot2l{lFNB)S^H``!S%Lwf^fr zP9b=Px)`dY-2ziHlEU5RvtEJn7cz}L$2`(w`f1&%OCKr*6GUD?iSIHdLZ;NMaCb-g zf_0QOU(--V;|E$nxv~!p&wCB8OdCBD>eB_;Nbun6QE01`Xg>1&KGk1H?O%EM(Wt>i zk!{v%%Yd;MIO}sN)39}~97mjSIPl|^5~utAq=O?mLjKpkm}U6Sv-#KGRej?alO8Y{ z9CRc?82LmmZ;tg0FKn?*WJ$NjFAIPYHGhE;;D!nQr~maN&990z+F4wF;*2p5^wIRVp9QIhJvi;^A|Q}ZIwdPAg3 zxdmcStIBM%w36Z@sXt=^1{gm854bKQ9ED&zf++-z>jQSfkLDW%Myrc}*o`L|eOz4N zadrwXG0%8(9!K8z1x%Q&toYDadV7+8w@~8?Rb@6zZb38`DY8&vuR9{pG5$~aSUk6w z1Ma#D-u>pth&7<&G9K_xo>2ca{v6a|fx@^4rl-Nc7tU8{kQkd6pqxKClPR52mG(i5 z^S&4ja6mA@ge3{n>lykr4NtNVs1LK)ceZA3ULoZPp^tJ1Od3UV5y0Spc|Ekh^Y9FC zsi~_^-pvF~lw0awqiMluoTOqznT4_AV{ zHmGMSd88^2SlWw0SpPLg;$ynODtG(X=SDdO*T6M2+$^%K7I`dvu{!<3KS#X+zaMz~ z;#)t{$cem;`~Y<(rqkBm!AO(BP|JMPjGso}VO=GaJ#d+ca#=VvIkybmn8{^fNlF!=H zYzV;+f8rKQ|4-aP)o^N=<0nK7BwVcvi)az^bj5P#LKT4%%o#ElvWE~P_ZCZ;cdx9- zmD=Gfjzb?RjZq&NL+Ri4)c+aL29cX^3HzEnvFnNC*#0;7nM@Jg=e{E*(p7vW>NAU^TIFY&77tF?%z&^w=>bBw!^yiR`TPAhi=VC zJly9NQP_OBB64*j{Xtut@|4iY$=9)a&hm+2kQIXh1FRW%OnSv&ueEEvgI_otB8n1%?xsD7u<`LCpYZig+QI_c=nTKbR1J zLUSY34X=vREVLr$RuiMkjU2ppyNI*?_d3io{*52H*+Vz2Y6-O60 z^vGmRlyFb1ZHw9`ZWyNK-z_p-tCg*D7z?Ti=A^1BRG#K@Z>zdN z8l0S-p5C|@is}1toQ0t}k|j9oTX8xcwB$iUv<2+>|G`pnb?&8N2OD~MCH2IH;l8KhYR%tXpzT=hGTz|3~V%Dtpx#D8= zc0MFj3#ftge>)v2y|hXbVmc?iYBtk>jQqCzc`?-Q@UdCT@<5w+ke7;nq2%p`wD6yG zapHTobY@~P$xU%-BNIV?Jd`8i+~mJOSTWzAM3QpN^0)gJO4kMCc?Je)0*&fRzDR3A zqvWCGd00n%P?G^C*P359Q3GRqEFA_Ki-tYUU01ur@PsMIW|BqnOxo?X&weeF%&J+^ zRmz-lR5T({uYY6g85(kOITG{ko!z71HvbmhGj0n`EB9uU2_0Dym&1g zeh#Fvrfs07CuZAEVmk>REjF6_%hYKWj&7PA%XY)iUyizdkKbm9@A}p2^t-Y56E{Ks zgPG0Aq(0DJ#bddfUyxv7Y@7jVxTpV6XD_sX`4M}J4R74c6kf->m68_x7qgO+>yNa> z@f`*|_c~wmXq?%lwvL~R2OVO|k6+Z+Pl;GZ1UBlp;pPJ-w>dJCv!(@wzZa9Vg;{=# zY0xyd5B-~)Wsncb$L+6KUbxblC=j2zV9wex4S}k%4|NoD5o92&`HAa;?;Bjb9L(!Y5^TSIxrc=3x5qpQcF( zdfoS^fn99qNC=n-Q0hyKP#6fTU=O-VTfMe)?Lvu{dKGKV?r629e8Bqa%vDuBSf~o; zsmJt>aUnrID|nHpmL*g@t4(m&NJZCON{|LVGFLs4X?)9v8Ro>G(BY|F!?9Ce(e|2I zP7qUsW+A&0UU!!7Xy@l199xihL#sKpyR*4sbSe-Ck)UQ?%PY&dH+I_guhV-k8g=#L zZ1tAcrln8V?atXNc3JLhCgo&jf0ZdODd}E9^Rqs?1R7k`^;4A(&dW>4o2N6gQ;Bnty)}UxnPQAiuV6r95IvqjDd&%%(YTaqM$6dYJ^+%jiuGrFH$Xg+Y9zs z>E=PT$0J&t3LB?R2ivP}6uj=bNlmSwV4BltKf~RzY#ev1Ci99nGMe#i?G$y;mm}2P ze)QlE2m#~V8@pfD7-#z!~GZeR(Ow)NB5xe{WJIG_Ja zzmI(7+NX8L;bHPwd>R{J|I;_-{}d=Z6nx+xUe`8&-oxtaniyJ630T?m^}3_d@EL zlIHtj1_zOuFOF8?MPTT=3%9Vv*1ImM;DQzZ=Yp98rN6Y;B}MAbOideW+hvzB!mVA^ z?#QNj{&{$U!Qt^2+iBM(Foup7@iSKRcjV&(;AaJP5i2;`So1e*l$E)6gj!{hyK%Ap zJ^bSK(@$kE_Rpiay3jCC1_U@OOVSxH&Q()cgD$MgTV4ot(#z~uf^ES3G}gKjYgcYI z_x)}sYBU%i`Up=*xSaDPIhkvBE{Qxa zxP*n{&w!bTew)VVPD|28({(MaQUw+QXl{r8mb5#a6llx0`Lz4f1t8pU4r1)dAPyv} zSSrJKU}$Tiqp+|jN|+N&qQ{%PpiH^=)0-=C7Ey(}Ulcx`tU*s`UL37qe2D%7 zbk6_iD$7Cv>Q9C3oBejN;9}1oRL5x=4p+5j0oyAn*MEsO+sQPhbCFD}@CwnnnwVaK zvUnxvR3AOBGZ9K61qN(QXT(am#DcCM?=8s_(p$ZtmQPSn0}um7byzrNa%DP#M4)Ga zU+x$f$Rdxqk&Vb*2omPH4thd=Ii5zcGE9ml}N+ zcS|@{8uObBu+tJ3N*(VyRw>V!=_n+(ijpm=n0SB?`-AIqP2Rox+hFm`uPpht9?lP7vd(!bo!|0PW zO*~5?Wu*&$idy=!-@r47ewc(muGTj?z;84W90eD zhXPdO0Ud5qZ0FFjyPlJgp{}^QjqZye?V`cG&unE$;A9|EaUjYp?H!$v^d7{bG*kC3 z(ZMrvfw#h5l84mgMPg-**PU-F3LI13*g$)q`d3Z?qM&?9Psb*l0CAOGKvC9Q$2q^i zD|GU&AQ8OU6s&r6;doD}hiYo^>m4Ea?cuLaO0-hIV7F2**e#} zAAyk8tXN{FuAY1rq2A+?bM>D6S2?NxqD{Nu?X}x!xto^Uwf~2*ua3$(>%tWTC6ts> zN|2CNx)Brv>Fy9EL>lRoMna@p>F#bsK#=ZE>F&mRelI%1%zXE*b^mcOYv6rP?6c$9 z&)ysR?7N_*{qbw3^^CNi78QFdS$QiX`Uxe@j-Lxdw234tsXN`G!CBDr$dge8z|R;M&RE_}FmA8^g z020^&&+a{A%HA(6w6$RWe#_jkk?CI(@!Zl;)!%|bHky4qCz|N^3}8a3xydP3-gW=u zhMz0o#pJjoc<(a(YG!2YK-Ui`297Wr80l(|)cW}jklgwPpy|-!9leM@3CM$c!z$uF zn?8=1uPWELi{>F8i=}Q6!I$y#c*=K$Ve1P{iwbxpuDl5Cxtmmy3AMG{j`=j$u3D;! zdh56(D^D=^M|IS~9*+G!A)geF4C5XUG+o{JbSP`&V*@vsWSgMV%&y{=jyU7)iH5%a zCVhq+c!V_FGC2ZTHC|2=gF)EiQ5Gp--@`Ogzg3rr(bS3{i!O%{kqt<4C*RmP3DLBIwy-F#Q|-vcX*-~g z`SYs+)R5*q`MguTqFO1)c}}|+=`v@kQY7%Kf&jZR{sXYG)(A+isv>p&Z~=&$JJn?% zZYD+-WN3J*{OJkdWzfHRCmD>w-ky&?AaQ*!@BJ$fyZky=ON7p$5*6--Q?IjV1*Q&^ zhO{(F?whW`SG;!&a(M5q!PV(yF5p6V%bS}hMh}K|bZ2@p3vwlZu#xlt%rkAiAbboD zuAh_`GXFZb1VRr$W?e)!q7=MkH+*PlrY^Q{#h)Gi-fJlqheL{j=~_Ne3%v^VK700MeD^t3}EV%u>XCU$E z#4<23QPgs&b98raYip|{_OPi?2YiEfv`ni1w4!bp2$C8Gy`4@2gHfn@l0(=rG@+qO zC^KS`Fapva<57iz!BV)|E{zA@gEzhDz7*4UInhrE+;llD2EN90_!C=8-(!5Ox~aT| zh9^;RZfa_3tfrGZJTQYYt32%}5x~>hdiU;KSv|c}Svk3|*jPs=ks}UbE}?(jlz_H6 zJe5)2n<4$Q93$M0w!S&AsHNGE{$|hbtyjc&SQ=c_Z7R=C7?EV)sv^m3D`CC-%AdII z`+(soJ&3}fOC%V?gygKPEpS~k@5J6AM?0A|IOt%$S+ITszIy%5Awi*%(`DEn78?3s zv);7?yV@=}Ir;m#HElV0bxmgKAAI%CSsymj6HUhLZjhT+zdOaoEzXI-8f;)sr-~8$e zc5mM$4wNie;O&~<{gBj0P(zAA>4p&TLe$rHWqrNG+D+=kiz2}-(0K_vkll1)*ULFF z-|!z#7bt{O#K1Vy{;>ot)P{(NXbi_^;z8aJuKve|6qptU<7US(f$q99y?K2Dq7+?& z<3WJy{gWEhj>*-a0`@v4Z35Ty-KP0x2sEx5EyUN&8-z%;#FuX z=~ik?7v!z;=*CqsJ(B%wqb>bw%IGxb*U9SUcmSa5aj1h?r;Vo9ydW0O@Ke|Q@08e2 z2ugAAnUPH2Z|EJ`fEkT9rrl?31-DA$lu)Wfr%R+HGry#8(=asIMcJQhP{=HQkigC4j%JAgK?pSF4$lta*! z5(`+c=Fog{G^()sP}KN{y59bddx&tW3=YymB$8}{pPid)@FW9viA79E)#X{T#u`pK z2FnK$KlM_Uk8_O3M{fp@V?1;V{$c~a6)c;oapeoa0^O9cIHaAPRiO_kQ{<^DXM1lb zF|DqVrFnXk{I0DzC1td_`VI(+%*w&w zUGJ%Dx1b>k`M$tVNl?Cj{Fat!nY7wiL|6xDTyQ$&Ffcv0f|iVp;#kH0pdk#?Fh=;Q zBKY$aiB$Q&e!h0H*i%JvmQe96&5k0e>0JKDRNB<1(`8jb%Ys7Q1Bc9qj7o+w2ci8> zK-NN=1W5Zq6e%l5ipt$u)#u zN6i+3TiaHaOt}A9hgoucS_{LQDPN=eN8ET_y}Y!GTz@q?g87ltEN*QpTu!!2)vRj- zea!pb=y?`*;pUzJh#HzMKM32-754?y5Ofv^8DruYyj|@9Dj_4c!btEu^rybzk7z`i zwvNc|eRUW+8usab|D%oW#w)_OR1^}C{gRC?DyK@Zy+A}q{vSz7OdQCk%yY5Wu_p;K zrta&l@WfmXX$IU~;4}YEKN(@B@yqjjkLb;g-qxVS=PIcwX+58dj1Nm?eNCZSkZ+L?KVGb>(S=>bmjs3pqDLL}cFWK-O!KJO<))lG zz*LGG;zCH@+`vp?j>xB8(B{B@tjZ9A5_nz3qSmnF8C088vzs_k~csi-EAlydbTGlxZ#r4$fA~I*>DV9B%^cho;Z58$*oQt9cipFcS%8}RENvrAM zWOt)e*1~e2UlitASSq*}T*U7I-~It7c`!bUU2PUeu{vBpLeYyc-zk$vWl(( z4?xsH_C+ja8w}s%i`NS&@KA6?e2^W>^6xqq$j%E+pSM|ZS*1>9&QB`r76)pO7(ZgX zb43URk`eEYRqlT%L!auFcw$`{@9BHyCGwZ}?OHzHSo zYtIkq)viX$cm4K5{PBON8W;l8(e(~DJD0acz#}|W?CK+$Xa4dJ@AxKCe}CC>SdgUS z>tvVnxGEwhdoMuw!NwtFe=Nh93v+Lg(!e)zuo}`5169;Am;E?3AAF;SXRz>p&lXM% zsd~3bg@|`Z8+5GfaLjo~3uu5>wuw;(zfV7rX}T=0pQj{rA@J=+bmUTRu~m@RP9Y09 zBkjxcZ*LlZyU?c8{P&-nkko-lM{zN<64NIfoW6l*A8evwy#dfo<0MG_3<4PO+z3Et z0Q@zQ{EL`!6=CV)H z)N;1291QR3FSPTN*&GWbB2KSOobY~=-HY|$_6x{G;&(b_SgnHwm%8;Jd=D^lfqm&P zaNWP7f$@^oAc!+v9QjiE5Jwv>O4gYRMkN2sIKa;AE7{iIMIV=@<-nWO--up*@eA@R zPh^}91D|*>*J&WLa+qhHW4>s&mPTiQgNtLbVnRaY+YZkWIA>dBiwdm0g!qwc zgx%Ya1Zdv^!ZJ<<`zULWg(++Vy<_6Q&5ePAK4UTP7*j(NI{#}y0jjiivQ{iPsEOLZ zUv2V5k&YCB-%$SU-wQ9#sW;^ZjWh$+OEIH0B6CcQRZL>+6IH&ShAmnFFK!?Oxdt5_ zo%T^r3WovkuIKgYz@hV#XzzkLdz0Op3>y7ine$ke( zgoK`g-GIT55=#?n{RyEa1OpT6m&{$Z*Di~Q=EV%tzm8*ce>p5bBpnChGlQE_V+%n;rp#@& zUnzl_XA`^oZ}%N6iHt_u+Mb2GA)%@_(*t4IR|1D7256GRB^HoYg$V#~{E*d+S9|KJ zoxUI3b=d5WW}@3Y z=;;gn|37^}EPTS9)qom>!Hpn2?-$tbwOD8wlZ~!A3m{qcTPur~M)_#{+T(pu{P~sr zw^Luen;JFO?RB+ER-&sy!Q>^I#1{+4PsA)fU94qr=SagI90=4c$U}POU~q|>8NkCm zUwpEjRRDEq)tz*6(Z$zLzb7Lbf)o1J9b)*TyN;Z11N8avOj7dG2%Ps?Ow6@kc`*@_ z&Hwscpe7=4!nAClfs0bPKgOjmpt4hqPT8DMeCIhQ!BSXOFwkdu7K@LRy9%j&w+F^(5ffKPBaZ zoQB2f$25>K8U*(HrEzmQ`zUyIN%WE~kH|691ukaq-J2Jc^oy!|2pg;Z&x7)@apTLA zg1|>08+PNO_Af0f7I3lO2OZk!JN}j`S63nk#!L6P+40|EcP6!A+MquWFmLv=<=~W`NWg94uk|N+G8q**xcjY-8zKioJ zZLCIp<$ve{!u#FaOa`9Qj2i3mVui>JN(PcLf#l7dq<<^9(~ z{#>q#FlcCBo~w;Vy>bzM>4UGd-F=G#fldRJz5N-*cgg_B^aY@_GwU8#gC%@#0qQ45 zCG!+-Og0CavWVD=t5dU|b`aH6T9pXV;@(kn+lUF8V+~kY*;k!ntBQ-+-LZV!Ke0IA z>1Dk-Djk?NQS%g4caOIVB=L>#j-pT4jMDFgw-5S`W`#e|ix!!3c^k0*q7WL=B~T7d z*h?++0Jd66vU+R{6)iV!e^8!6PQZT}$sKW2JegO{Vy{>pE4^{5Sy8K;NFYmkppiBBm_=;s2H!|hblG^JCL%?jf?cH~Xe~-;$?)VZy({;Z2SE+C23P(mQf4;9oY6#+7j0N`&m`bb^hFw(Q>kH74XCf008cp#AUq^YPFShRNsXw-m* zvB_Jg+6?0g`GkUS=Xq-{tk|O77CepSq^1hVJD{TN8|Vmd9~o?}P{q!EC%5UoMx*GT z*Y}rphvXT@U~{AF>l2U}Q5<=GlV)DTuQ8VBK#N7DQE03H#%*^vu_Xh z-)h`3{B_1T&KC<$N~{i4G=gwErt)8vDn@j4yG&hpdY!qMM;MinRs-HzT#e?teKh3; z>s@5&g|6mO;#G%*=P%5&5{m`qQ;yp@pZC1jBrXvA)z>SxHzA^k`JUuZqaG0?Ej0n+ zFo!b-14-PT1KjeNU>Mt+C{WTo9hADrSwJQqF(x~@tlp)dqVOtly8AyKJ^-&j=lt-P z&ax`0X+f!tjGO+DrvLRy@ZoBVAP7n=(jKgOOXc>N^6{iLS)zn4hz=e|NokOHBY)L0 zS?LF%sMfFe5hADV#j*=-ZgK_ibV_hyrvQ8*yb*44&z}iL_EW@b&nXF{Nsk$a)0_Lf z4k80ReWtvOM~&W!DpRmLEg3z)yn4SD!+MMWpKn!$S}b<%6>uCR#Ep4vqv(sG;5XlU;e zT{(+n(5iCq#cduwjo>}kJU?;QeY`ogpqIKbhMxOzL?r>@C4tbYq49r*Ru4=NCAHoR zPR>R2_a2*aKYVJLZ`apbY_5{groSjsq;~Q@e6N?P)89vK(0*tBiLT83(qv3Iwc5~Q zTGw9o;a?cKkFMJ`!p!Z)1fBxPmQHrns)`^Uaf}N`rKbwm)RWe5~RX ztYgIGeVLUD6oXDwRC|+d4fl#W&^9TjFVOQgm85XB|} zXuserxP|s>%72EO=`~nintyyC%pePc$8OFI7z)7tYT|+B}|puBp<3Knq~!Xpc-ZMO66esOgORpbYIYU98GFTTsLvoA|aO1S@Bkfu(qLow4(~M@tLW%lk-EBix^d`1mpw0yQE0 z{oWzgdlDnfV@|MeMX>N!PM4G;QWlW7>W=03Q2}`|+=u3zI|+5~o=dFrmJ-I;T|cZ4 z85%BR^ZOrCoJcW!ZzpTz$5s{cMkF~qtpZL8;%IR;i|Xrc7zFX#(CAK7&kIglL?o|g#mCgO=LxqG|hm6AB5oEsp<9XolfdqR) zqQJXr-{<|1bn!?@tpE$^t+I zL{Gi1+#^2o`fo57U{bgn$AmDD0J^WLD3G@|0i6fU>9aXMweCWD*7ED++I6 zHx3#p1f4##?!0DmiRzUSZ^7Vi``R3%WR5=u7t(k>w;@_@T+MjmK|I{P!_5KqX}P+g zG``IeekUQfVSFS7GFR6*1mM3bZq-z?Xi?ay1m5Gn{&!m42OVzrL;SDeUDvaVVcQGi zAyP*Xsk%}Z)s!q_UYhofZaEwJK^A~bZ}TH336P>eAa28h#|V(NKm*4-tBpk<_!RQe zLnE4#9&U}H2dxUul?3&buF9x}=IC!|nGEfuUkR&0Xw1+(IgwYSr24KlS0N&X%UF|s z{=TbgAEGR;iA0xJ-=3jiTZgzpsokq&YAR+05X`3SGC}0VOBL^ikC&cZn~07+U;ykA zgT{LPxk0USmuv@P!4Q>F%n+ybS`F@d#gt8R9VeopLpVY|`83RFp%L>wi8sr7r)H+7}hXCX0oYIPhxpqPDF6eKv~^xR>+ z%N9}ci8*aH2~t1ML=oeR{uT4VoC;ivS@nm__}MBEn(yX;ZC>r;S>JN5dzNX_30FAj`k? zR1e;8NuKHmxiuZXQ^qs;xEfXI#~Q%LTG>6ZI`VgN--2SMoua-ZbQ`[W*Y%v%jW zuliQu(niEhr#Wg;gYB6xg2v=ku+9FL!x8}IcAb@%a}Zp;rnhuJhQy+XdfRpQUdCxm z8}q1yUhz?(#bFGA6f~<5U`??8MEB>CjG%quCa|S6x-Nt@UgDfd`)0km6ubHu5gxmZ zox5RCFGb>=${yrt`qO~b+(UrA?tiUDI~z1X3(%SLR|gKj&TU3PoS(@?7yiqGhegbC z@-nJhVb0w4H>?T|R`xf$Xd+WVFd=45l~Is0b`mwTNK!QUHTD+to^<0|kpDKcFywKF zk2AwkNtND}gtta>`C)5kllIT6zXI9MVS(wUxUk1nQ9;(?3E`ygOoqIxumts`@tPP>H37-0y5E0s^N?NvIG}*MW;D~jd@?%mB0B*+XgI%NO?>Ow z08UmJNK94Q%&QNu6lWz>X@PVqaD{uirg#jT)@BTD0-CDI)#nc~wsYhF7g&y-i#cTM z1N^4?|GYnKKg9OjEmIeB#mR;*YKpU58tj}WH`ub}k?|_==F*5(lSeJ`{04~Q= zO@}~@@{5Tm#6GK(3`_Cbpk+ChIp~t`m%kB+v$V3m;u&`{J4ltC1YMJjd#V8U)}KZd zf9;M%*W%?YI4HJ;66T)W)(G$w$ zxcPWfcK3}(E5C^Q`ZBB^6}R1OQhsve;el{|6ce-8+M~MKl(kKaFw;WY47Kq4{j!lb zMCy53j<&k(=;P%+8{hj8$80A2uPnW*z%8V46Qv`NcAnz7HT6;J9lgfmy0eYLn`CTa zyUzNGl`SZBR8$ng*$LA3_#9H6kr3r7IM~$n@|aANSmY|UGotKUz*v<4Bi`!%zhT5; zZy}(7oxH+ypT~&msO%u2CxOS=`(i$>@y+s5$qfQsD&y4a_{#Oj28UWUQq z+VX&(V}gMo43a8cL|E+bUqBZVR}y7rt*jqndyJ+;y#ojFt2Y`*&!k++lrAv2zsA&` zbwCknisgr5=T{punQ|SOSd98v;(glgx{NCRG z1n@dI_!YF(A)taT;nPI#NEYzPORV=ZK-6NaanAl0SC4Ndx4KvW$8u+0>^V{vcL0>| zmb)*oWk%D#42v(O^}r@JkpJGq9P(GjD7AEvP4(ou)BX5+%_M&wIuGF|2?+DHT~$>8 z48V;>R$a~Ap{WXoc1w=SnF_z{Pb|e2Ak8Xhyan_fhTfgyXPtL>l3+wTf%+ME;KL0J zaDUF_%d2##8M;{8&CD92&D$K!&HM`ntd~bdm|H7zSY)AZ%JJ)k4~tmHdcbIu*_NyY zbR{Vni0jC|iUATj*v%YBC*7sOPveGqv(2UQINv19fe8?Z1x#HXH+lx%7_1Khw%Bdt zNG8YU;+KPcE}yW#I0}?}D`b|<4cY_@JsfK_o-_f@sEolw?#fe;`Li3p%k;a7AeK(s zTAJ6g;u$Pz&Va$TumxD-F~zvg>!qmVsr}STrJ-8=!Oz_Hicd5K7T}8jz-gN!%O4^o z`0xUAG91H96POEJi6#3!H3Y=31RgFk0oU2rkVx>uOK3wz9!(<1@Nvp!S-#8JIrYx@ z+~$qLQffl2 zG_uBXFUYI+w_YWccXQ6`vX|H%4^xb*>9s#E1kfjI5$OxV_*W^ZeX`zvSOq` zFW$axXMBHRD(!W$avn27lw5kYl~inCw9X~p1LG8a;k*tI5t<#*NC-3R7|j54Ns)mr z@VtQ;;zeJB!{qr%2~!pS&6><%0X)cA{r1$ttKDrEVw+EuCpTDl2vt7-0BA692lxTN z+a0Q0x_8JhP)$(rg|!}H&Hu3&q!@VcdP+xSbsV&t(3AHDrJ9>098|klvu6YqnUQkZPHhkV@I{A}rr)RqP4e4HzU$Dyrm@hwU@=x< z)&ef&CEpy}!y0(v-Nd^BP{$+?Dk%rWI^SfvC;-U~s1{gPm~`~Xk#Bt@>DeK%2L0}% z?+Ju8pOY4I*U4Ol{5VJRUmZM+{`n6UtB;IZkF}>h`w@PeeA{I_I8EsW^7B@oPyF^L za8UjBw<!;;z>=WRM*f*79vz6WhfIPCXR1!XkZ3Va0>@0mbSNus|0BL>)}H_OtP8M)0@yBOO8JD+cL^#cdQHOC`{tTub9?h~a2>K_*GeEU^T z@Vk8D5kvRzV3Jm?<@1nnqzhUUJ^dqod)qJ+OXipAK0DCn7s1(CP5vHS6bO79>sXvO zg&`29z2ioSxY%^gxxQ6(s=2K3)05ehU6lRdlR`D?qQj$SKr73Fw8;K0XA|d;&~~e+ zZ!kl^!PNuRMnN!{#EGAnPSeI(f_3V;=Ej5)8Ng+|&Yjaa370j%@3bQMI>qkm@O6pb z7cP*DplQG91Ja{pz11VvR=Lr0eV&h9G8Qp7feH*RO1Yfw+6|6X5QKR8U}}iXLUqf0 zx>UdVK+LJsnEhKoLrs3Y>t~{-OUjg;`JqFRbaD;DG|+JQ;UF3&$S$r*6d4jc93_jVNX~ewV$onXsGrLD3XEd+Y?-LlZu|;|E9t|dH@l~ zCb`WR5^?ygS_E^{l?i+J3}B8ZX*IAf5Sa-kFW3OrjE=mg#0m9CwOruZ5aIfXzVyp! zo%#03St(%__d}UqGt2vrUA!#%ORO?Zen>k`xiW^nxMW`Zb~0cqf=T^D?C0grx>{RB z2N%!=DbbgQ*zCWHzbL4US70)3dvn{SMW3O}V6pa1)DU$CB`(06HOi|#^Zx#OpU?HE z+_VFO19%O@$v{uqJCBXRO41;$F$1|(no_DTpeiyFcYHbvH9|v`OpHu*&ttG;{46#$&S?Sl!nt?e8Rgn4(fj^tSdi(m>6){N*tYo z0q7WV%%vCDs(hK=5l0Uta47r9ZKoFJR`y z`rI9YseMo_xKBNvSd0f)z%vjFI0yj4HK2?c)YOd#>I!Ry$Jgrn0(W1nUkLE(|2}S} zckq;SHUREW6*?<_w_C7m)FxJJp|jnOBhhvFdrzN#&Kk-J!OLA4J{Ep=a7(!+GH!-M zy-L8+&yuX)=qQ?3`W>Jw4=LY{)>sEvvH8*6GzxJ1zzHLF-~8gZZpPrnFX|RC#hrOV zU6ZH$DIvv_KmX+?97|4kb`($v>b=A23}AvvpclJyIAH!FsRhtB;5E-5VE`@&$?kV* z6D%f1zgmasSis7Ul#PK*!88%-&sp}3G%MnzE1{iR25$N2VA3Iayqw1FH)kE2zYUih z@12uNz7}xq0QD$iMKGjusI1k)MjU^#vks|r^XQqA{aNDc0w8?E6_zqj)eT^6ia*tN zxY_JZHEbfn!yP;Ffo>G7n}=%X*1k5q6PP0fwfRM|pql=>_0H?n4C1o*sY*5)rykKW z)JPZhDs_g{U{JwPHfHQ(TuXB6+s(RK4FSH3FioGFqeA$%pK(x3As!Cj!)on_fGd&3>RD#g(k%++aPH zY7y4eX~RaH1lz8Uk(*5|hl7*lhu_)ax9pQaLH#ScauGR|Ai(LbVax8ZHn;=vYyHVE zZWZ5j-vnh6j+?8iAw#P*7fe(4>;erxG4Yfsav)sTDW!Nd_DCZcM=l<8@s?70Fmoch zbt9OdRZ~$>(Na)6BMySvd5VdPSKlXev3$-~tjU222c`@2SZ$0mTR@T_3E7h9+iwbz zAY0Oj!uss#=Q0=Rb9bRkV}rg8p&`CP4)qq`k{X(r=gNkJgvLh`=IR;3SZ058-Ana) zk7=8=9F$e+_+j-Y_&V@tL~^+hi@6)kJuu#za}e+RZh!9w_flWCwm>6t zj~`=8A`>gQs{jw`gIiS84@W4Z3e{AWAA&rv!sMPf&Z54dk8h(K3J8wx0>5}QHQHTdcoT+l+;`7NybCcKq0nAqJ3V7|*=|IoRCJoNcaoX}k~ONPcZ;zJRhU(*aQZR}&|2Ex>0ORW;t zwzD-WKx|EYADiK{zTR=3_AYTDQ=!k@2+v?3k-(e}^%mrL`^46FRMpwMdzS&K#@yZA z-)ye*_%h$l%rx##sT^E=_TYi~*nl!agnF*WcN~!)VBG?@kP+Y;Wl6Q2J~eOU|FWMi z^0O??FBbTKcZY_Gc><+b|MhFAQ43UjP0d%%efC{rR@Y!D)K5Sj;3UGHQIfDAp&3vY zXK|nW&f*1P*)G?RXButzeUE%`>GhEJvIShFGYG69KixTQX+JYO>2#-kiSFrl=}Q2j z$!{|6AWq+7*r>R<#o-?ezVQ6= zp=Jz#aZ-k#Pp8$5(dKpK0sak+SAtwDcF9V0?R{DVEx9SZ{o??Kh&Pk|D;caCqevT&r& z%(&{|&KsQjRjA5Gr|s=o%`Ys_(9^HmlRE!I+YVU@dx7ag3p_6K-+jG&RKN}+5zuCV7SlRvG+NZ9}4V7UkcZ+ z-7>ZIv7w@Pv+DJjJ~|9@ejfTle@rnJxmoS>v4;O)Zm?YFh&`XlRK=PUf zeO)Q9nG)v^Y1l7@(8O^lrFnQfrJ!;MU6KqGWVM34I1Z`$&3paRpOqRLofX>Yd!1JC zsBKieaJ<;Lzo{kE2S-vz{CK^N($%@uStWwModbA97MHy<{>%Q&hsgLtfG|s3dLV4H zbcvxZt&8D=J?TNdxL!Td7D>9s>(oIQdw;0;H~96fu)b@GD?Rl<(+Ek8 zJ=Cam{JqcZw3@1^QRG?xQ?E3>b=F~Pn1;y%ew_dl!sg-WKyPnid_1v}dA6ddvxPdJ zmVk+r-?&NF(Y*x}$bWM)M?G@XJg&ZOQKeD&tMi$v#v{3?s3by{p%TSQ!)AGbcQ`5Ebxb2nl`zuL1_}Uw9Tt2}zf{td?t|8g1C8$NMPUBuU~%yYGsv_A~Yx8NiQ<8I#r-L`dKo; z#_ebe!6lg1j}p~dHCyr4ye=p#EXFevuiJL)g95d^sez*eEPm-jhH|&l2+xk)y8SN}m z%A+YzkDhu%cyb$%etaWq=@6kgdQq{GTiP1(DfQa}KEp=CLj+Jt1m}QqMAm){md$5d@nGpmO-2y<7j~E6Yz5sIV((4PB zhQr!gzNjFMj4t`fJ!XdUSLuf z>svMMqU%GmU`aLq6vqsjfeMuuhuN{*8DFBLtd7^cTUa@M4uLeWJR7%*?7BHLDicgA zn09c|>&wbg%FC>&(cpLJ@R%N(7nP8EnK+ig;t%zM%TIBg+6*b1@|Y>wYj1oJ77~&~ zz^tddDH6?e#vWfH{)Y?D5o0xCfpN!Ezyq?#Na1=gz1vIyh?5KqlGdLEp1N<9p?uyu zIB0|Bsa0Ro6Wm(NE6(^*A=g1a@n&;bNlB`%+8sE-H&|jZa*kZD>nGeNcXiD{#PY%p z4PE<0HIkFPcjvW!GL5Nys^4xAOPXyojtBdF&@IFL*hg@;T!DJ>)+d4LoV4g!m^bkC zLH%wJ)018>c!NXMb&(`6*7`<(fI89|x4CEnag}z!>-|Imd+qi2$l!_M4?;}09};nu zNsg%-YP_a`>t;}a`m~kXw58=Pv9_gUQDtT2-tG{8-|-8Ho#g1DeB=i1b7Gw{zzCOe zGtxQI>|p2|U?*1393NN5!NF;L+l@0$5PwLx&S@i$qXNMQ`V=*~}+=Pk}77}HGI9F6y7#bCI92P`FSn+}fYES@-)VCy{GiS{e2>?7K z?g@TQ6^!GA|plS9}76kJ^LS;CtjJ^9Ag!sE`-mEiCG0y-DZFpit+=| zu7#4fMW~KyYBA2gE@Twq)5EAJBz#3%F<>~#uyQ>=3-zWzLO4B5Pvbp28h(B)J3G6f z#;u098DkyLlnlBP-9Gisro`=h*xj}h zrOLtGh4L*Xh>qopZIKY{XkpKYkaFc)nlxOkW0cX|*{V^#==#rC5hP}if6 z6kFMy9Cw*mT{@$Tgt;EM<=>bQ+4yRp`EzAyNm@%Q0mpU9ax1&!)Isq5 z3(?kA3o1%A?mA1@y^0HxVtnl4Pyf>Jvj^=JFlu@|8_*>Amz`cXo`D09j52KY6=+9^%`@r)Wfl1=30j}BTG$n-M~vCD z3C@q!zEP}mT0i-qH@}=wg&Xvaiys#Kl?S+vkpAGgd+(mY&~S3yuXz(hcm_M!zDJiq z!+khYmpm-2vy;gXBYD}#yeMXU)qCa@6DCoh3xNA|xHJGWSha~WOG2BU1e-sIC&`Sl zcgqKTQSRT_g^xh4j}b8viI_Z27NhDMczFN5OlvDKMdk5uV@85C4Y&i_J6oqWSUHvk zw(_-bEI(LHoglWwh3k0Ebf9eyQkgxVRArPbP!r;rgoEWT%))`#L*^MUl-H>0chOHf zka6z2*0Z`*E-=*WO=7MZ6%|#D5b*K7+Z#%DDb13lk8^^OsxKCB1!2SOnBd@cc_ykw z4EQK2Q&OJQP1*^7mC@4EhXfQ*PPamRVCzGH-vHd_FhzR|46w^u5 zTeU+RDXhJm@G^j%gHK^l2`j3@SAe=VAb{=-U$H#Uy`;~a>-J|ArKEytITW+l`8gR9 z7`Ns{i0vbx_Q%)UsF8phwn~mVVG^-XXBn)h)GiPDOQ4{l=EU6(jJsD!;( zq$;rCub0oQ-UHG0;*ky)1DH>Sgc2!TgH|jrJW@R zDhnZ3#*u)cf^Aw1$9O&#mgLGxE+TFx6~^^p#xg1e6ZTE?=FN8I#~=pLcQfibJl#L4 zc~NZZ9K6sTmDDf4dssO(YWqQ=Y}W38VC*^2edEAe1D|)LxQvp>1HHC;bKh2{a`XH*XIN~+Oo6>+j`z=j?lr*nQ%ehX9woPwkM&d(gaPXJ+@8MHY zQdAhFx5*S7C3%w|BHpY9^qTn^{Xq=+5>oh&IF0WF2vno)?V+!bXik~lE+VB80^YKC z2JxYi*ZC=Ln$?2Ehr!S=13(Sl?)-WL9k34)f(=MW;u^EHpQI`A4a}dQrKIW$C-dKh zLS&olom%b+p_>3G|!sW6V%kSfCC{`)1g$HIm3_ z%Yq(CNUuRtj*gCwm6es=A5~~8XDO+SHf~Y`Mb|D$|@=< zgPmK;%gciwcmpf zSQD**h1&VxdjzVHkDT0r|69Bs-=tb;<|X#xMUKWyNJz-MMa3`<-y~)1_W!0Exgp;K z%In*3e}D4A0Ygpkx#fU{aR|&#RF}VA^i2cG&MeT?#Xx$}jSpvDqE8N;PVR|GxZj5l zFej6Hkxx4rT0u7I)*1Pr{>Kwcf%=D#?*r2nFGW6s=4YTm-=bmz`ecDX7H(&`=2-=8 zj{SN_$nW|>Vs7_DSxBo0!#7M!JJ{P>?XM`DzdUu0tLaYe-=n*yAo>t?me@E;o9nWM zqJi<%Y3dXd6w!Q6l_j**BX4Q(y%G$@)V&4hfRgg}R7n&DA4hrt!2em7K!TZ{2$XmJ zJk>-+2Zt)>gJ|T2vL7MQso%ckIe%OG+4l1d?6tNc9i8*poq~}NFS>ZDFHA-u$Ve2GSD}@1pD=Y)i;7ZrI~=_)ROj#-(eAsSRt%- zn>|XLGGvk#PH?FP4-pPCU*}2w`siR`?pStJW#z``DejNlst@y~PcU(wJw=d5c$$1T ziPbA)zxivCdpj`X<9+7VR~Gu9(F$|bW6s0a&9hDky;_IK-T3n@_Pb^S6^+3dIEkvG z&K#&&Y$Ofcp&aTQh5|R$7GFOQfPXMOf$%^-Vqfr42Uk>>JD#Rihg?$4Y54S#s4D`G zzpM4h*zJfw;jV8SV8Vb<4&&Vb;UBGi#B8t7yb)9}K5uDr|pJ{7TPp__Wy8nFs+!f(@eGD=STVi41oe+@}?eT8n=Moanq@_QqYW1tn z)DWPzY#bv{^X#2*E+Bzpd0tNhHv64O&-alvl^YuJ%>0+|@_Ia6+}V%;?t<4{=8^F5 zI$OJ&odx-(&>l$LtdUsyhZ0jOu^LaPbPiO`F|e`S!CZn5`0*n6JGfvs&`$5ct^2%N zAhC}jXcmGtyN<1W(ZfeR2>zcLksHYB(w*3|7fOb`Jo`)>$(D&8?&5;s5V-jA;K&)j zhrQulLp~MsIa?U;s-2pOim8$xFQ&X#%^#;B=vn4_`+sbNmI8-`0k5Di?-PXbt(rh6 zl-yBX{*E}M+y}WdQ9lHpuxp;)@mxiOc+jzxG?mBLN_|W{aDOKp>;ey0H zKR(~!WZ}!dCWVtga#`trNa5jfHh`nfZ1wSeRtO|}+!);!r(+9&!Y^Nvf!Zo%OA-47+&ZB_s-V7IPiu1#Rv2A&HaC1$_nwsDVe{XMX{9x+h-Yl#Y z+5RNH&3g`ZCqWOSvw5XN%YdZ_`EIDR46I=wo>8zj&IbS%ZO(Km7I8 zkKKo69+P6OUxiHL>;hvDfE4dNb4?IAiAEPr;)l0Jonck-1`euEQRC?kHr=jZI)ocu z*Y1d~nCcN=LTion70@N8q5aWar+<`0@e6vCy;6&d!!5>#Mw>k9_`l44LWI z(!oRRYp@ICfiAG+6Fs;0`wQ(1{XZ z7zn<$LvBW2^%ZRl3675To1WHwUHF;_zhAVE$5{1d-#3g(4>(v7s{ zB%962aNS$S-EG)X9awwAd)g1!k zzv|M#jszE>c)TVv69s@tZ30G91?rLRg6ddxd3orcX2~$I3Eo$~mwh#l^QAy$YGp^O zo%`mZKZ%dp#opbO)q7k`t%TD-nxZ{Ox3)y|B=1|GiggXgw@#tgU?l+&He=yMA7Fh) zzj8CuAL;S0;sv#-Zl6LwnyM%-1jPEO;RDfYw*vyG8FF~&`6^OvWLYweR)fRsP(Z6a z_2yK{f$(vcQon=-Je~V)Z~So-Skn~xnrYUbzl9cmfSI02Ei^@p8R=xLRg#KN zOdROydhK=ov-{Ofw^V-cB1_vY#qTz!!*pIBr1SdpLg&oc;Ho^g0(L$omMd2@{Mu~X z=ZI2REA&?BBxV^ShrJ2|N>cQkS>5+$^X)oqIDC|p!WHb@IPo?}&~<$ju)*pcpN?{| zTBN&FkY;>9$#?3v;es#X64u@iPa3wS?z4F0xkWVhJqw6ob&P9xRYXJtITh8-U(PP{ z7E)o2uh3R3n4IjJXTy)>g7NWmma{S|aX-`zdzi9q^yQ3IGJ9;1oz)$;8RCEZbd7{| z?)+S&aO=d|C|GM)7K6m#phZF{*1e!nmd>Q3P)ED3Gs$*$?j7!vv*X2EEdzK`Zy(vn zO0nTPmgpqR+NWA9N-XOB{2Xtr7#x7&V!PnYPC<+S*sB|MOEnR|AN=SDq-AjWYogyJ!N_PrNcZW1cmvndBv+#T8 zoqK2Qe+_Z zfdGb0O5(H+dF7~@N@zaSBGcCk5k)wMd$}(JNQ%J~L59c`~(4b90>CK^6pHxmK zFj;;e>#}gtyuaP5Lde^1Q&J1?I5?uJVCy;V`|O|#OiKg>1fb|qI1Xt+2EZ8v0V*I7KKfI0qqAO&k$ZscVWhnbKH z+!&!96LtyNn-e`ak&!rO7S${U+>KlVs&?$;60up@Yo(W1YQRoB6<6zBo}jXdGh8tu+O28ZummxQPk zJ17Um()#SI5%p{w%IfHRCO48H4jdG9u7uc6&ETv%UNsEn$v#f~_3I(E;M{qTZ>mHX zv42R2k_aq)&_q>XQxOdwi)x36>xr@$&9`ZYnWCYef;rym$(Sy(1Nyu;Ds$+Q-@kvu zHvWWwH-)*9^4^bk@jfCL2_c_TyjS`VsPz_FWw$Pb$ipvRzWd$u0^@-|)zGXREBS5S zfgz8E+VlwWxmWWDfnP9Fg2jGBlPF4!l!y(pJd#c5q5m-W0aEzqt)2?_%xdbCV_uPKW4up1TpghAx^o!>GqLK} z99auTD3Gi@>K*!2WBDrT9~P!$5pGlvD&8=9u%(lK8SyBbwShbmoEp%LIjye#%+4{q zup%WvMn)!FD+aMNFZd}T5FCK|TFSGjxet5k=+s2mr zuCRWb{?_5xVauCA&bP1l_UtA>I=pkM<35A(!sJjoSb^zDoVU0C{69!x=7io|b~!^e z5RN+YTkU6)05#NHEjWp=ooU-8$`mf-WDk#fE@51}4-_DUl@q#r;2UfU33bnMkX=$R zyFIDDrw~&}(wFoKW31i^9bXDTdev!clUXY0p9utJMQ>oOPk!opQZhc}sJG~b+%TH30I^WkmTkLP&KU~2A<@9iIyYE0GscimP zFhv5pMp0B8%}NgN zXJ;4>Cb}4kNYoDY$_^ml$)Z8TT|AHC&Y?WW#Kq5+#erf%43gO3d>1*Ln+R#MzqZII z=ah2=@qH5Jn*4QB&IC~-9I-6qPk-=;zm%o3xmqel`M%3fJK)3b_ll*;65E;jO*W^N zv+2)Xx|@-5HWqiWm+of+8#!UeU55eQ*3HwMux*cI{hj%q?&kh*-x)7~fgpPi{MMiCVW`6<-q}*ZG=D;6zAS z=8I_9(XME-5PO`hwoCTEe7^MB}gNjPftq&xpZ!I6-`@PySmAxjolU(5o%Igz*evm6vqfh zY_|jv&oe&-mJ%pvHf6ELt+`*&bCG<^e-D{`8w*bW9VUa_xkPZjbjqxX`y>K3<}Yqsn%3%C*qXqTdp=_H6%=R8;KrM`-c+e;K?YYiNAf0J@;nV7BwH9)!+y0^37exkglYCOww(_@qZ@5-D zEv0IDA^dMN*0m+(wKV#Sct+t} z#J^BCZ&?ffNdY&?YsL9R6!+kx0|jU{s|O8O6>syb4)P`6{#@tsK!ONJ2AAO8 z=I>b7d&G$$iZ4tT3S)|$)vR}Zqrmq#8X7Y4Qk=HLO4xqH*1uV zTC#}b{+g!YQgjukWmmF63PRZXvPHu5IBQTIvO^Wwrwe)^?kFM0hx3M{{0kJU#%;90 zMA69Jh0G;3LA%E^v#JSgDAI2(F9zdxJ98LM?T#w&^zkEHL`5l*oR3O5fA}|OX$-U~ zU7dv0dVechj~Xu?+h*#V zw+L75{5$#n$4!0tXT3%t>K1v~*t?tWFb&?-JiL*cbG=fPtFf^}KkMdmS~Mq9uloEs zb}~4m%Mku1okWjZlqJiOJSWF=ucba(g!A6`OY)ES_*bLi(;Jp9yY@%NmId+ID^l0y z-6L9@OqcT&LA&$#@kN{QMC;YZ(<}IV_K%*B^f$8InBx_jioj%~ncd#aGS}BWRCgdz zet~L`-awM%MB;S+=lXLV9@5w31pU`1wgxMBJV%aSLn4Hfp& zAjH^=v{HjS5>W9zQh&mO`~2(flX*QuOmc9h(PXIoL=bCXAq|>N3qB`|zf`D`Pn)>d z*-7c?AE}=ZHoJ6lk~I)wXnQA1ebJ}6TjK(p3s9rBJ`?9UY84Cn3rqr!x#~m;}4Fux8V5GApd3b z8B-DSy{~)B)6BY3VQWrUXlo`?xg)iHn&+PF9Kz5v&oufzi zG9&?K_`%A3M-^h@9#?-g#C-0*)UEqyz~%{A`Us!P@m`4g{+D!%D|r;Vtq2C5YJ;?LzxyW zvdgX`mm;fw5Bzk%;lX11cuWe;t@D6^4J~51=GstCotD}n+Xpm78h&AE5$km3*3}UM zsh&!?F3ISn6_!_{?mbrx?1UP7YT^%$V?O}f1h0B1zAlYDz>W8*dh3bN7yl{5E zn>9lld%Na{d{Y31{fy^p=HsHYlC}kI_tvvTmeuJGU5pwnW1#2Ko%9i|GFu_2@!6d` z!o1pQ=DZksy%UUe9W#~?6hLvY5Lyq}11d=iFP9{_4Br!*-r*%Oyt<^P=Hl;2hzYiCX6s+;jQl+fr2dNVhPAV;N(h%5Deis@*MAuUC3{TXFqVrEwQR+kFXh_dl%J478$ z-t0XR5jOcDbTs4{MjZqbUCha_TvLLotDHRaDO6TogZpL9XKQvweEXxv#)K8z?BE6y z6sLjMX#01q`kG6t*KNtN#Nl7*0y>k@ip!KL^NTyLq6uE4ZgV-2e%@Gn`$^&Sle+NI zT3bmVTl>$DpG6t)-pAMrALZ4@bWTn;bsJt&4nUEWo*J%AQ6QK0ZwJlPx=`@(5h5WW z?H(MYW7SazIX%9sE<{n;$@l-D`XUD?fKMr&*QW*W~qIEeo-(^9HZ1 zrbhlK2@WOa4?QEh9Nt5*{sXt&9gG2grYzW+eKev5NhWv^O0)eV3>1yuV{2*`9+J7b zN)seipS&}hazSRUEnhDSZ}GaBxG40^JNSDr?DEn$1_X`E9m|A}2yf^4LT2~ivL1yT zcXbdpZhU_$uvowz;xS$zacT1$fjnd{wD8>H;4=Hvwf6~wR$Vr~>m?7m-6Jn`aBD=T z{(16fWjWYvSngM&qAEouA)?knSho#84^aRx@8#2+Bn!;j3`LFQs$R@vHM&jy ze2C-^=UMhokeUky|5-&*ODi-Xf$;L;svKYkPa=6benZO!;|P^u-Iv*t!9hiriqnrl zd5u16Hl3+ndDI8_Q0Di_1~-M!jh4xG)Nu5>Zk0n{1}8}u#ygpod}TR5NKQF9@>W>= z^p~fmj)`whN7^mE4EB4X-Bb|poH2$GZ~mYSg(%aqc1+5k^>L4p6Z7nBrpEG`GV~x_ zGp>B@>|zY37*WIj@kd*WpU9>q#Xc{&VA6MacDtx2pKtg%PnK~|_p;Ym<06krospl- zVUZGhbcMTxTSD3}6fMvRKiHBC&diYAU`mqrsgz`%<^@ifysA>r=B1v!Wx=e?TA4+8 zF~g~jOuXRDNjld{t|tLOUr{%yuuLqj6C*GBRe%1)v?jz1Gc&8x8B9J9_ODVvZv^MVs;Kd z&6+qFeo-SaYvD*?ITq@lAL)4w!0Uk@yLpW%thc{7z!eiGuSi$5+3n)ZTSmknkNmN%%3*0=6=)B<lIC;Ak3!UOEYgVOEFX7LPjz;fpVuU ziY@~ULUT?bif#T{`1w+b zoc{7vyIlAd0jg0k4GltM6cm6$GiFNh4wKSHdd6ev%&bx4w6Y+o(}rerfCo3z#5QlR zdpUgF1!U_w(r9U6zL=6Zjx@DxCNIAN3c&xC-;<^pTWf{;$&&99bCD};nYdp@$&Ez# zI5YHNr@`yZ7C#|7sEeF->R-@HAX~HC0Kg%kqeH?>F$>!lgJfKRXntHxCm;Q{wLHjH%-!)MmXCMJ8)A|e!gs@C57AGG>=@sFU?d|9xOx@bN>X|S}6 z{i(4NlQ*3cip!2hz-pmF@^nYP(De(>vtEnG`|qVf^M^wX9s&5>)r`9@k(;1+FcqfT zh(GR_Va^Ia_LTCuH0QAdJ(^`2|$zDLq($MFB_5)ZWqs>wibb^bP zr2_iTW8<;OBvx1A%>(HYm@RE>F9E6AkcL&KVB*Aj z7t4w6VmYtQl}hWgGe7>>A6sD^931IQ-g`~S1+Da!g`mY@Og!Fv+9Z|n&6tyuL)8Xl zOsro^vcV0)a$}YJTQ39DJ47@M_cKCE7o!lhPYU`xRak#-Z|i|&-uAw|*fOqr_g5@$ zTGg=$`&~+#{lLL`Ib`bKHE;hS9lpInIqOS*+Ke*8hte8S&63`^@gj@N~O=?ANt`6OQCOP+r!>b%$y zwY%%V6mU*rYax833$EFn=7>WL!|2FKHoQ`5Oz*tESL^d!j9i%sVpr|jT6v?z28*7t z(wzZ)C>NAj_B^_$CnRI&np8evkVj1<04HSqkg9Tg}>ym{oXg*C=(T4w=1E;?qn^NLl{N zH?_O;08KO)gyNbsdDmB??h9?#WzI@CEz6n3pBXM%7T%Nv2*I=kY=f}}f?ix_=2ohn zM-`)@#f9VIdllBrW+pJ?J^H%qd=)Y(r?F56+e#=U#mvp<*y*Zf?6u(9=TdO@$mj?_ zy@PFGy`A#_vQ-Ub$0dW;*9(5#J^xKafPPyWG5|8U|FZd-&f(4V;EbcuMY^@7%tY0B z$IhyQ8f2&1e*y==fUl5jb7%)g10vKGwaRmt#~mIAVqXoqiIeN6PuZ_k&jo`<$tqLQ zy5*vyj|iY_a)~ThdxP`uE*X~%9LQ!gtLNF9382lh>^p?zZz#ljCNK%Ro0@*U80L^? zO6I`(L-XWItbKsz)szg{aP?#&S6_uXgxR`>&n4@#6tB4I=-E=4DfH*N`b2Ps^X5~% zsqT}8@s zeRhXp@{R%`FJe>aqFMcaeD^;RRIOD?oH5eOlZ%MHU@A;eeD=|NHr_~;zPP}H8uaG> zmNV`_|A2PdNp58u0H(wIq~dxiM}LVsY;k%AXKOqbd7NvptCn*EIewfjNJ3$ul))E*X=4G*m$Q= zR~z;|8ml)5xEzI@tm}WkYm!e{TP+^*<;+DFbDa(n44CFiv2bBGoOxrGITJM|JjNR& zajK`$rpvYxG!@*7XbxE6slTKvbY&B5piBYGAMZ3!q(D>(>exq0pK8OLxQ2G@Gp1q7$ZngH zLXqK^HGFSSt(#yHyD12#@o8y0UAv>TJ0LJxuBNZXXk%d3Lt}xE-^%&3-gUK$Sa@b_ z$v4*#%fd1IA~5g5LK~g$_y9}?e5=14TrTGngN6l2ivmGa! zRKq$$24N$Q<#*Pdzte|B6*e9dnFFF|n&Kqo(nHCf@k!>g-oJJ8Cp$fsC;0wPr@u6$ zJ8F6*p?`>0>9@;Bt!fgyN;V{V9s`-*$ThXvcq)iK|8Hr4>^t254w^tgWvAg;At~q; z?4$G{87f5UOMXq5T<}?-x3jwAlU!-vvjQKKN$B43l2L^XleKG&&Lre0QF)(c<5iXA zxAO@XDXy%qE~=X`GWq`|?$d&cwKX+sm&aYKeGug%NK{QAkVfeza6jl;83XmKUZ+cj z8;`0~ovG1jb|B5wBh09XHdCd*qn za86^?poOn(av&?;NX(V!8F8NM0}D5s!r>S~xt76_mCS%F90rjoO^YJUJCR#5f-SrT*LIcpe{SNh;95HKIhLwBE! zj?UlTf39;VR0P1vlnwAf#>^1mTWvx+g8FTjp+j3TK=6VG2M2o{^vTU857%tK2_7M- zwJmUlP%!qt@qp-O7#c+JMIgQ&HOntZLOHhno9WX-vZYu8v$iP5#3C)>Gbv$t$5L_I5jr_&Iws$8)B5gY}T#R7f*LR}kXsUPIXGpT~j8 zxB&78wK(j&j((&#A}FTPj;oTRLHo+=LEGaE?A?LGe&oNSEzHPD$9LXeM4GluXpG+|MM#*l)5o_#7ridPVY?;Iu#F9so zvn1!wz`yYa*<3S-=X&diZ3KGY$iG+6#kSeoYqqR$5o$1>>~YOgu_;i%d9D^S1sGKC z3##mpB7B(_+1D=bKa(Gm^fqNTy|T}%G2@FS7lBz%fbAeI>(2VhCQxyPdM|)2#SAhU zI2@%=PV90PiMJE=T`4CrRgBR3*G6HrN!sK+#@|s4qjCg4ayUi1S=Wb70?TX2%!`4z z3dpqPWlLLCz+p-d_IxDSm(sxrFerEwApHw-b4Bm8Jz?eXm}D&6(o1tQfnOIL!i7Z4 zxUUa$rAYgZN_ez5Gx1|SW*I-epD!EZQ1s~|4N@W5fEtFS>0BbTv70)sYacuK*$@hj zFC{q#$J5l*)OV1b)z$XMpS3F%2Yp_zED!sfR&RAELY4rW%cy*&%jZmy!b=9f7sug5 zTTlo4W}}TI>_y05dD|2A|8?K`{m$fi?oklq_7u6V$KL$LcS-fo!$|Ul^HJUtlJldV z>jW(bBB?b**wzkTLKLbRlp+$yjm_tN;))u3x!VyW^}RU-*BbBefK4TVqHIICU@8Pi zw8~m8#x)NHC^CQn@e|cLr{((Aa0Y9UyccC zLX#k zT6VTST>OGLIv)IXMVKI{x#lAxWOG#EyL&8}QQ@8&ExOwW1dD5kU7v1V#QsN}+ic>k zTF~Wx-38jDEKVhVp_{p4GbIVJGaGjOtFV&{O)S;UEp-3VwRA@4MrxzZ`xCM|77NJ3o_cL#H|6e3Y9)9O%JesPZm#rJs!fy~#J)z> z>O!yybe+YgSNfLfoTFU<>fdbh&*nW1ZIfz$|Hw~}It`n0ZCFw1{lLDl{(L8`9O zqjHO7=4^@gX{1@v)sg+Gu^!ZRmbbeQVp6grZv~^k)dgCmz^>wiM%H z8I@1vsPU@36ha5(BFs7)GjDgg0-Ym^54Agc+ z5G$lkgtik9Dr-@mOMCk{K*09q&4Y>^UN7+g z+rQHA%j1{JfwT*RPLM-C;~5Dp;p}RS7DDoMJnOprSB}Rj8n5)rY=DM02p4K&`PY{4 zM!oC}5enV*wka2hViPuq*?_c7JH5IJdHUJ=%SVeE=hxW!6bv_72hHvs-7_lr?W7BP zx+ul_K{f^9+B-)N#c$~GjuaoW76aR+t z9%rg1F#A20Y~$zB_5`q5HqN6ZEu%eIASemeKm0 z^j!qs$)akp)?~@xEW4wZqJ-U2-MQ-15B7?E886l0@2YAzzDqf9$PeF`U<+0)B;Tved3oU*NT zt&e%!|4lT1W+0(d^7rJZ);fM2?yy8K? zu`!6^23VKEBmb6^mhSbKYX4rc`xJv2O;qjUnXrNfc#6@XSGErssZE&vB_xJ>qCvw$ zwg)4~K8xAJrLCdARxjgddBIGaBl}(U-8*>^SY)RG>mPtOlzw-r)k0^n9Ny?*VM1VM zyG#gVv*2vSgoq|Zoea*2YrPon)@S8^s@CJ53>c{8jK7)242Z1FZN>27Ykp`O&U{Jz zpl40K23$PLs;|n6AUw{qCD!Wn^qkh~3Z>uUp0#I;o>YhXd>OQAzX_eOWyw6X!v0G9 zkAxm57@}<5j4VFHmkz5zn4`9DmRn!Gb({N*$znKt4@gOt@I+4QuPvCCQU?;l>h*0` zERzJ4H0kXFrRbITP08Sw>Y)NLGH94LR}@q|?)x+J{cFbpHt*%AwksU?V;p=G6k$cq zLiXDkjYW8y0{a&$Du#<*{Nj@&tSrwy{pj8PK2mP~^24kxt?2Iwsf3EaHk%19-re4l z3pK^uyaI70`+S>mJf!L>vAXk_G0rJ$2??I{Ezs0f4)a7}xliv3oF4V}E5u{eU3`G+ zGy255dGL!m=l95IK>V-ZjrtuA{ePk>Y6M;XP&T+oTDSx^B?iN2pySP9_I%!+X6_L( zETgS=gcZY+{Nte%tQjr&JP8B?NjdNowOSog7}7blk7=HsmCy5ZugX>X%KZX*bfwf~ zS(u#7`Q&nMLVSHT6j7H`=X*e7Vw68F{b%hpCMZ_DDN2xncw-nEOICt z*k(!M)cs0P!e=+X5I^(WgWoxQ5_UTJ?I@aa*`+Rl_GnEi*{-z^eTveH31|e>STOumY;U6l+k*%1?!L8vS5A&ii+C)n z@jGo`DnManWrbj1pvpyABomod2_i5MK|eyI+x`$4(H}N3*kEYB6*>`tneQ%?UCj~2 z=qge=Tm;>$3N}2&B$Cqzerqb%Os#uhi>>(sq5L~B=lN&tgqn|nq9TXZ28jK zQC)nxQ#`}wB6+sxvZ@?QtA%mlAv58u+CEW|$6OrS!}-NDk-Z+0!jIdh3*Tm|2`~U8 zk*%%7zH$z_FNbr!^N($NhcWsbqb4BeZyoee`3D^YXAy6>!uv4RYr+?bEF&}$%H(%IXWiRP8X6oH|?;lz=WJsS+{1v*6hMc37B%)OoU zWM-kL)k*gb!U~Lgh(W=4C;^Jc^LU&$K=CxEg-RJ?X=Wy7Zq6v1!0iQ!$Hm+bG$3sU zs;KHQ9RgqqKqybA{!>MvH-BUOEJS#IycHB4juqQ$L=f`k^!)r~Iv-HZDgsD>-`0Mj~wPO^E zI-Adr0Aqy?7^|nNI)ke(_F5}zWFJYP?gGX@E`UWWI5i4ERC_daDEb#^tzTWYO&H@M z_>H;Wf?D49B0r!j=9sRl9U{0TAffooK(2Gr z=d)j>xP+$5^UsK0CxrlxHLVrPK(x{JL_0s>rD3y(xn}LT6F|{pJFu4F^>#;`tpfbH z2$97oOhuA(8*a@Bv{v(6VQ@p+KcX(uXSOF4R^3W}Se&G9{vcQ4{hq>ZDx7tOJi^Pj zHW?uIDJ(2#WVDqaM`#_F$ngFW5;k@Gw|$5x0qqBXGY$Yai=2{OInM#0LNR{x3o^=g zip#5hMiE)}fH-p(Tej?}B&-=AZ}+%9TYYEXu>_DoyLPJ6gIU2QPz*+l8M8ML6 zyIGe=8QESi*O%hGQ4p#upmBbp8|s6=E2@({jWX++6F8dbT??`Oayq)%4LRFKup?h3)f9Il|xxI?In!% z2vw@h*UEONz)PSynRa{{YP_`A>A|cdVw~TxZR9jS^ON3ZmrNK5b{wWm!Bz=bc=u@w zV!3;yr1#m@^Fx4q$$lWC^^eOdt1%!y7fME@A}n_3wFHz8e&AwVu*A93RdcyY%|Fjx z?GVs|@8u@86@{u;xDaFB6re$Rj3X#{RE)|=|$Ma|7Zaw za7p8_#fIzVyg5|rm&1P|h}E;y1a=nvA*^LPC-Q^u;t*!0cwkL1F}wWt2FJM5bXB^9 zZt`TIUYD5P&U{84bBLJivZ=qW9jL;H7AP=F;+}ur3zB+6&dLe}6V2CEM6JR63Jg12 zD}QQw1l9qxP48~CQ1>)`c#Ko{#1PK!U|wUyI}nS%PeBi`hQgLwqcdMlM8+r58JE;) zTYwtC969Pw!<#4DUj_MZgoCC&ncNUpokTwx`KM^}F3LV)`mIfKyVi9^>&3~m4Vg2I z_+lkE9!~Z7)u9?U2>t{#z(rl3|Kz2g@NYzVCIL)o;Ex##!uSI;_sHLJB}+-b&vMkH z4?cprix$Y=9UM4kZuICwGZMe>&<;oX_1?*R$AF@bR@}yw)<{lTSY94mPfu_7Jk=6%`*Jv^uL2k~2viE4{)LG~7S; z2uh1!fRjX@jsJf+nLuIGDe{kaTw9pRW^X=fL4jN0yLU-dXprc9!?4)&O?Oc7M#Edz z!(}6XA&r)Hecxl>h*!n)v&Zt+npER z#zxge1omkcAvJlMex7r7s=NAOIfwW;p(owq10Abb$}+r#K-!xVt{z|RuEKK*%+O!U zY$fOhuLWl{oZ`~c zcf08sS_3T|>69-ssvv+$#2JJ(zVoM8ESh1^1!rhXz-?BkOV}2a?|5XFKyxIjXNC%F zZ7+si$z|VMpZzozo@U)~`>Y!zgQj`h-QjC5EOed3f78Ihs0W2!o-?8`#xqifZH0B} zqv_}*``{gIyRGvly!|y%@ zyG&|^G?P{p|LmH9+-`yazWe9#XVHzpLq4TeD4C1#SA>8wak8VvwO1Awm&;=(C#OL4 z!`rXRc3Gj<0=uuV*PbAPtM}^*V7USgHV|C5pXuCyua*S#sI?qZ#VhELtE)9 z8Vw%$G_LKSi!Kq|DvwOj*@s8ce*MBOr9Kk9(fT0y_N}m$6$>)*(h}zLPflAQ^M)wK zGi!!8ee<^#Hd(+EOJ?FU7uks-bP(3ow2X{O?a!`_2VXDYDK-Eb&(K_}`Fo#P1sV)7 zSGy`~Ln&y)QH>PW9Nsbn5Ns`~De(^DX)cpD)9bG85gZOzr(4AdOHH-@2n&xvZE=_T zbIwbwXGTra|4@dDeHYe9F-uwog{KLZcG&(Gl|kC#1}4*9AI&I_@i;kXb$8pxe1Fjk z0PLi4-kUvYsX^Guw&Y!G*g)StRFp9NJpn5~P~boSc+=!IHq!o4u5OuI*Bpg%+bcLkV4jc<9Q|#lWN!ucGYXDhWnKN*;%aUk<|p4 z3wD8@#o+Q`^U} zk6}8s!%#qrFvHSKcq{T+O9nLQp`b)?kqdemy-#6Yo)~cd&1hFVy9itTeV7^r>C;aa z`S4ybbiZqz?Hl&VcE_#`RZc+xxG1xrDm*A$Lu28^^B26*nm#GkgQ;C!ny9m*eX~Rs z!*B5eAp&Hag!fyQv+{E6<#UfY(tDM(gz0i}rgqd(XRuA*s{XWb9u|GZN&4($+SLoY z@n-9Yd0=2*@1o_|Vg$}3Z2jgBTB_b@-)uDhn)VTpOcjL*rA&~V%nG3K4*% zkGISV;%*9JgMUBVMCQ9%HzqoNL5f*=PU)+^l7YLth6RP{THDQeGhD0$l_L%ykOj*M zsdF1&4}MEcI>1yf{i|hR)UUap$;;$5sMA2f%vh|--(mK-4?n1TgxXL!x}%7c?=Zf* zXsMfV9hEM!6Eg9NHgwX~C|IO^W)F7wQ_gDBpj3hX5fGXp=+0LP!I7ZMQU!G962mt$ zU;_o_Xi0&>SkvZQ{zx1Mou1rX2#GRV9KnH;EoNa`y<;-@&R?<1)WExrcDAEz>ram9ghd7LfqR zNJPgf_7umtVSon}n>(=q;8-Egj2}0Gbf;3eOe$-T@C6to|Eb<@5l8;}CZ(L9^&=?& zkx^u_7?>Ml$@p1xCCTL#6rj(a=lJZpySv-jtyN4Ix8G)0e$+B?+ZB=-w$+L^uW31; z9+%6l4$1N(L@g@`ybtlEiM+ILj(Y!a=5+-qRBGEYC0&lm6TY@S5BTsG$_#>~1VT39 zgSP=TY85XamVRGgymAK*UkeP#=b$FVefpG6`IIWxLHA})1L3z7OmfeSfjvXJ>t=ZG zx*6Z$3`uDcph=n2*VhL|kgVys-wqwT9q|wr%fnw2D+r`rQm7t*bI<{))F_;< z>YLw3;4vMq+d;)+oc(gomc{k4`?-J8hj1Z$tSX&#D-CXQ%9c)fdJkt^RuDLis|P}#WxUzJp*uBlk3cTTgQEb2f+sd*snkCBTxhRf+kIy$ zymN6D`FXC8wqG_At0k#sD$BDY;5Lw9a}<7EpD$n!k8!Qp6ai62DEYARAm zqo!;z4|BTP!DpNeaAas8?Lh!_!lCof#)@Ec~aTOG^eoQmZcejgtW5 z^WSh&KMVG3jPho%!5j#Pm~UOg*jD5SpEr~`eqZu-gQY6Dy9@jWj5V4(^c*~m6dI?< zwtBB6*U;bZdAi2pGA&m-f|zwtUXS`_i1`l)34tFp6FM-8kr})l z(n$AVZ7?0Jsku4o1w#DrcaGn@i6_Yc^gd?zPt+HvT*RgwS-m2eJVq=!UVN_PA>>7=s9!bUg`rMj$N)nEbBqy>&33YFJ3 zIRKGrI!d(xKRXISPK(PIM2Jg}N+~Xe?qe&Tg0V1$W#z70?wfqEND4xv81C17TjBY4 zTLTy#MBNxa=g_mVP~jP4$_bg7F)S=B49BI$8b7;52y*Zrp~FC23z>QKhmZ#G$ZPS4 zguyQuTyTL%7%^xc%gf8Ttrt*7Ed+uKIf;e9WQc~PUl+z*v}*S2Fu+W0d=S&1K+zp$XkpjM3YN%cM$jiJLrP{Sp8d~5We9H92{^?g08s6@C?+Q6^IBLJma+s9b&zo?(7+c; z$jUw$dR4l&&ui-BlUlbDK8Sc6p-hO01fiDOH5OnLgl%kIefjd`d#QJFa>qEV0T;q;)=M2c|IO162edzaax8uTh8$o-&9l9Ti+gThXqXBF zl{;?5k9acQ>Apgf$CzbgYnHuz6`Wp1P*B^4_<7pLPAF+5aw; z5KWwT-NG0~f@M|XeoS{M`~G;@3MAXZ~rp@3sGt@Dk5 z932J)LELH3z%~o)UnUAt5g1)b1??MkAQJfO##)(znw&QilAu7vav!y6Zgr<5cKmj9 zLb#_n^5diOtZY1}D~plrJ7Gl=ENmPcka8wPP=VD?-Xy8DrgI7r&MTg+!fwNPG9sM! zJLxK(lL0Nd78oMYoC78>CGa_6^I~S`?**FQdbRh-qTGLdi@4o+i>S}nKYvhA2vChY zPxUCI&B(|g<>pr5AAj{cB%0z0k>w9%#NQ!SwH+j;H3BXzaRkD*EdI1DT$NOxG#L4 z=|_G)!UR=FBd>3;zL+00fm~f_><%It_q%VAccx^D>wb+5-;dwx%YLqm=dk zE$HgrG@JalLgfE1UBN9;UOBpU1@hYcJSL;sYJdx(Qc;qazu?>So*8VpC)9{99)} zo7c)E{5eQ%vFvb~a~eM~1_tSXIWQ44N)-<*n!4m14Tus>TzC6q%?lCwSRMrn_ai(@ zQoEz=_;~+M$uf{F+|SlCe*2agkwZeV@)$%v%TxXellq8Rsi&{ch*{M#?`5$Ix4&E5 z>LBn0+vNT3h}V`9gxH7VMP>-WTq!~@r}_nci?U79=rH=?JDyHXs^Q||ve&=sDgubv zlb@@N?d|tGJa91H+#J6!e0=wo{BB#!ii!s^GLI!?0-LII_aKiR3KG<6PqNRQVg|!T%J{!FRq|Kv5+pxlBZ4R+ii!j)v&kf2THA*Cb&K7`v#%geZt}0ps%mj&}Q{`R{|ZtlU%&`JE4iV6ZA1@3GL= z886`NvkwSK5r4M^;Csx!a!{1pqN)ZgZV|vq5lIXOJghwq%s~oZR#B*Vt-E?~Dm~c5 zrIv<9Fo*<-%F2r-Z=en&os9v($gLgi0}LJPr{|4hI^mA+Z$xM^h&XkOV5F&JF=(`-7JX4Ax#T<-)y4TGA!Mv+CZBHhLfm9V-~i^izX$QMwwF zew&sY$pBIA_=B!(LKAfp&?TNBAtCEjn7>+nk_ifubdPPf_jy0N4d3mH4{J=xCzx;J zoM=jF9UjL>6hSO@P^ljcDJLf$z#ZSAGGo>(3CH-)Ew|p9{J@v|D+5x8WB{$ zhnQJ(Cjw2`K(|85-gs7uhS+sQ)F}b;L{Z*P)iDiSGY>vA{Qz#P>z&Q*uyyusv9 zv}l4v*Nfbai{f=pu#aS<+DT-uXk%mJ`crJ|G>qc1n3a2$Tgc29|4?_#9kJV|h{224 zg5H%`U?hn!cohXHJp$7|JVk+`3r%6NIWsSh0W@RtwagA=tBQ2eD?)+uf6qd7Ho?~> zew(7|BOkElPpZM4ooVBOsFFby#6S*nnxn#OIrZ$Outa)t8=j}5Ju6uHE}P9W!@WSf zg^_{duEqV2@D+L$9XJ5L|Fy81fz=Nq1ylYkx3DZ30}HdVgbWR-K&LPw<^C&?I8(DQ zU(*>C_et6mgyGtmOQZa!$f(YW9Lc1)zF~WkxRCmvKN{19iE^mBdY*=y@lnsBFV#oy zmB&D4%VWw>_{PxqH)iHc5+ppG(hpQhsBQx!P%_S~erTWAd$&V6Kt={n86+0#M4`3z z?PsKIq{(%pSXD%qM)G1gJ##@54*iB$QajnZ9Z&uRv#sYXo&UqfB4AjSh^VMK*zBn> zxB_cKXFjj^5Ffw$3OP=J@BouJ9`*#xGH5VI)Ui|9`g4er4(iybKYa-O;hMi^IWL^r z3_rDo8a6h)P;QKDqh_DT-N?mGTM08|g@^jKzMl?nXj0<+psBp`t)mx+pjO~erhh?+ zz?lcGHQKAm+Y9(pL+vm&Q;Jt>y7TFmN*pA~)H}%|*$P-TB?rCD1n2E{AJbnIrodxth zk-lwYl$5AohS&PdvZUA+t(diUk%Qa7GK>KC?gfq^Bu+<__mB`_9aJ5d{QXb#!AJcc z%Kic>s_%OPhh+q%lm-C_MY=>W&wlpa=iZSy3Z<r0(cU(yAohuwlYT$SYLYNlbn{=H%_Et01n=je$Y1QgV1)6i872 z*2_;rjuJbQ4fBWi9yyycsLd%{P8!j-SXdrxFVK!rq^z8%lj|nV=SFvveq^k7VsNh1 zeF$#1MQ1f~S4ps!&`+4X2w27Z#S-TMaZ)ePcOP4OK=e(s{kjfm_ z3t&egDOa|oYppi6DLqb;z&SKhS;bt~(aEXv=g*LzZ}}ow8Dk34j$BbyJ$vz@$(I_Z zvwlD>x{7w5rx3>lKmAt$-kQHO3WFJ9GT>JtYONPhV3eK*2K9DxE^79Szi;6CAKTg0ac@$BbZlzrDvEWA{k>fL1s`Oe8@Cp;; z*VAX9EqZaI!5bANf4-?IVbs=+3XM5gTM+C%%fJ)~TD9CERDfe6{QP%zcHSrC=Zl(f zJm`fhcsjZm4m{CLVfwXRwN-Np|?$0?TriN4kF)b z$t6kVaj0%-&BB5~iVE=rjNMB_w}kL|z)ms9LZAlvtw5Z7_92s5?;U#g$4p{Kb8|Mp zp|6AIXXfV}Pq*=XUFMRNd3HUGbnjFm$*W_QN;nqEwdn1qGwLvfRUuC7?C%VD+&HbR zrhQ^FJ3f_c{8Yc(vF1W_%Z@qt!lk-8;gc(>>4iJk54FlP$S0rI;kPP*E+8NWuc4Ev zK$KJsU_<+MK{Zg3rGarFE%r|Z0CeDlz~=ozx9Yz$M{x7=&?_a$7HJLIr9&>Pj4%g5 zWZhS2``%V!MG`QP4#LET#_-^01FFMD>>jSd z)`!?1w|NOntKKM`I{AQY3np(V^HTL9$9b9<7wT3 zR2%}n4iK=mK)%9gX}Wva)E3I&r>^dyXk1JvCK}FE<>p?iZ2A5@KFJ-hq6<0(p!Y@+ z9xizOhVg^77L%X7J+EKqk!dTo2mc&v>uxIqSn!#S2*bm1DpK)0%K^3XmYPu->2O=< zNpY?-UBuwsW}p1|K-pY*`SNAXcI=>*XGp0JI$>3x7^~w;WKDQ2xh47Z^tB57}4~43>8W z&{N6e0m8(k<`tNJg@X6qCBF*kezaoZ+q)dudvY~Vt0HtlP(VP>*f1T#f#bQFfO@0*|XnfpYiEza>FTwHt(9E25Ov#jIAPJe>5Q;dkFPIRcCy4xut*1ApBiSz2p#Z;%qAlSkq z9JBwP1pu!prLh_T?`QhEA_FwQCU04+OCj@mMQxF0R4(rLmA;L8WKh_GuBorL_cHO? zVD*QFm1W9Tg}zGY?ORJ%49qLF5Mrzc_u5+j(gS~WfeBxll8ArkK{MWzV(by^)s<9K z{yhkx!4G&jBh~B^m}4wu@7Ik|^(8m$t0)y?N1g$}u{+iq;3B}55V4c3elQ#Z_w}Pd zCx5+w{Pdgef^NLe-ESIVuV0E~h)!@lkn>Uy{qr`~H-Tn1Z_LZw#$(5ciKc<;2odn+h+2pHemkYpTdrE?M$25)j(=NFS0>FJ zc0X-OWm`tv`0`Lg#@;4eYxfRss&36-^RUTO-a#q#UE$!qk#*!nLJ|O~Ooo`m$eH1* zV?%6B1xtD_w94!c$7x$Fy2;k5@?SZg1g@|pW>7UAY$`xKXG1VE&H%tNqXW5 z;Sl2gUM1{7i~hKHR>)#9d*Aw0K*JL`eh(=XL>s7oR&*dT%m_BW_TtsF3<0^+Yj%in z3SW1w4V;CO`?DkXkp=f#r{MOPAJl~PA5HeGkEWTGI)hv||KSmT^a=DQjT%KLLtnb> z@GdA`&PXd-uHyGZAzMXa!m|)-P(AZUn>P>sXI{vuy(G~j-=&6voCDOX;gsI0bTK@p zPgWhE@Pito6p;Ugp@Zte8DWssZ+S~sro1xtC_Bz$aB{iA3&QGjKB#nhAw`f{$* zuTyO&$*K|>g=4}{B_b@|=Kfdsbx8R2S4CH$t#@(}9ai>D=AP$)KCLJMX0TQzI}^&r zrF^Esy25Cvjckhk#pIG`>Ff8+UyeTGn#fO5AYXk}+wSu6&u9TiK=}DA4539u6oDZ$IM!?U2!RJ4A%ONG*Un-MGyEpV5dXnX2-xWQ zH{d^S>}kMZ-s0)F^uh-<=#NOD1J`Oc$)$XcKPlyasetFt7XIud#E`ll^CG4LypE&6 z%=0P1UzVX$mCMrhkuU!wsEy0O3L6*bA|Jqs_XV(mudrnaVXgpDTQK`TQ`o19gd>ku zM&!0F6g+6^P$jofnJMEz$Piik>%`a|X}aT}ANgOv0>GiB7Tdp&ImMy)(z93D_3Ljo z!U<$>niPU2UbKz)pUcM{LE%AonI!FsCSpGj`=?%f8nO&(ICWqBuOXnPd)Y5Vo3zfI z?O!C$>VErDuk}nl7&n-@;}Yxwu6J8UCT3Y-D}9x-yBPTIBhIFv7K6S>Gd=n)oVn<^<=c3#qGDmh zsbi-tKDV$v)pz&}sZmV$SI15P+D=l-s}0XJzZ2WFnxF2T7K#2skx>8Uom*3Qd`>r! z+($Q7^U|S<0p3F*yW8_DL4n>50}p;_ha4e75R+1KDu*a9lQ?d1MBG{a`YvezXX;XYbu(}l#jY7McHuAfNn zKFoii*^)knV0?N%j^*ipavedpk@llrvcOWNZ6JC_yOILW5*9gze$v<;+SJ$)uJU+^ zC4Fn~6U&X*qtNegBfY0#Q7I{K?BaC|G$uU65?}4#P~QLcCWPc%gaHj5d<%j)=nL>! z?PV?D(4s}cRtIf9L08lWS`autJsu|J(0gCzux8l0gGkO!@|rshv~}<;Cae@8cS#}P z?-qt^W;HxKmgNDIWnf`7Cuv!O=t9c*LPGu#rBi}vFDAqPOCtQ4{&LN(Dd|;f$aF{0 zNHQVI!i$GqL*j*tO9t-k*8>~!sw z)^UxWI98H~LcLeuEIYIf!eTvwR`~0cpW>Mz32h8(c9Vt&LnGl;Z4Ac3$ciV?Gnq}U zK|Z0|Y*lKv>gbuE3+dHsstT2#K0X8Ohmp)E#-x5``ZTo4rDyN@<-scJzkXf)D-4jo zn`BWb(RKPHym03Yq6IfCl3`u=f;H}ffVM$gw@XLk1n^+yCsYwcL1ohv$|aDaybcMn zJ{cim3++y?Cg6GP8&ZCK1k1R%!O2=1jT%JkJIByRf0PE+@uuiU-SiEzg$*)5UvOww zEb`_otX5+NKc5ys_w8;`xf6;xB(#tq;ha{ZM#MK&VE2k6$yL+l@lvE|G zA$hxcEAQNYR#8r~MQm{huX{>EN}#?Q9kN*}>$nVQfe5j~psw=(Q|ZEw-!-tjpf!24=|s%P@I}d0 z*MvWT+eWi;VCnhumkPmDy!Y^)-IL8>#pw$^rcK6bOUx;9KHoU*M?&7FPqf#V%xEzP zne8R`CSq$68l7nv+Cs#T}7S$Eb*S%#hhXuE zZ+@E)bgqP!PWTWy8s&dMd%s}(U?T0c+zi#FMo7Ldz%AQ(LpC6}X`m=0KNHzX4*cKQ zf%ujy@c%D@V>|yd?Hbqlt>1kUTf7iDM_g^97ND z;GlY{{NVFZ9(PCC-Mh{_5N9u3fozp_3WRopo+J;XLkWYLfS)(T`ewA1xsW3QBBQDl zM#?POzc0gECwQz0-}&`V4eo7~lXuEp2AiIYmg_oqzjmQe^O7T&p@18Bm5au=YF>f| z(;HO>2ko!SKk1qZbRHFJzv$R8+yB~JQOpKx4xLQVFFlP!sAGV#m}v^wA$Rp2K># zF|ish+gwdY{gkNn9jdZUzUZO8*y*2itw~4*5{EApXnWN;>KgQ?QA`Ewk|QngJMpW==)?98!Zd&2S-I!`*ch*GryJ&XKU9sN>LNUUU3CtzhWSm zM>z=nX`#0%MjEU=3f8{h2-eo1t1!L{M3#p{{<7-<^rP$pvd_T#N9slVX*7yS-ZTcs zh=n+r`R-Hyg;HYDscUIlH*wZmL&94FmA>so2_o=?>YX)Y`|z$zH6MQ~WI z-(z{hgA+2;bcSU70AzHiRDeBEO4v%_0yv!_ltwc`d8UAwh$8g;B{%}%wUpnJIO;ya z4%iOiR#x|(@2;j2@{b4i*j}|+ylD}Gvav^8v)vx}_S zMDnyd+9r^+Z_SkW0!z%~f^iX52IdZbD?mPap%; zFalL(kfI-hRg=yTOL18diAnxXi`0BiYLdR+s{gbd715wI8h!N1^64j3Si|V^;ML2} z!Z$0yy4h9rv;<^6L7r<-EG1ID^=u=N9a>uLM3_k8SQ`tptt?)v(YqI+Rh6MtjkE5b zDgtU%{N6)jYD^-;Y5RNo9=v@x0=_W%&Bgak?jE@aI5DxKyG|Km{)6lWng%N3<9?!XjQUY zlS--J0P{AD6@_wF*39VBv_o=aRo8t)K!#Hu0Tg5XmirDw0+K+saqhi(bASc}Ns3A6 zIcpFkkqlR4V9$W}@4*v;%TD)+pwiIMWu!f-oUUV zZWZy5J(~TWsOH@I(8Bg&hCnv6Asrh$zfKEpH0=jM@YaVg48FL8EVx|8_9wOWN>s1s z8L+c8fcq~&_(KHA7%18H!`X@EL;yy)23O=?(G-N(WY8lBi5a@pQz!HzH<1`ID&5d2 zJP)QL#rN*VUP{b@>=}Q^`h1bVqsS-k(!;KxM~2u;8Vg)1Fi*bVq3-2Fi{yT;6A4|G z1A^3eM4aTI!Ed$iqTwI=0ndJ zc9svOa?FZ?n>275yqN(O6)1Ln!vp)CHiKW_?|B?JSg7Tul{5yNxSdT-!uwPoq?!MJ zxdiFCwiRpkSEndOvK$`c7r&&x(O&4aBE%Tl4$3&M?zwWo>oS}xK!SB`D|v8Gs^V41-`6)>c`7$@~<@|u}FCbrL0KWX`!UP~p zz?W}cKK+Ug_%dKn1QH7^tDKfv12N^ryS;ya|BD{|qt5Xo zGcZ%e`)6mr&w@__@@*l+?9y6*OXXD5bOA#vKLP2G z*jAl*#AwSW(%#IDYpCmQ z3nlO(vVQ3oQ6mrF#Z$qT{CRP97KEt!i9f8d1D=#YC_o94#-CkjEMj0y98btNgIa4< zdGo*yr^%0zf&cazq6#laSJ6b^YzPV=e<$00A1?sKa+|ZKAt+``A-1%#tpixii2+1y zC$~HoVuzA|9fFc8HJ1#qLzAoZaUh$k+i9MmhM@+IKw_3NE7L^`V!O}6RtFa(+gAS4 zf39UOG8j$1Wdf*JGxjxxvA~Eu$jpvC~?&Lf$@xyb$e6+Ap05BlJ@eARS{i=VKv&f*l^-^|x*T>HZ?* zpGEA*fwHbf=JiqH!?xK@4|(0YfE1S$24O)1gl-CogK@Dk%Y_EbEG+s0GU#(7)3Yk}3P++dgV?Nw?@Mf}iDN+1+ zAgm2#0||)C%x7=IQ zwO6>`Y@Y&)PTc~?SNbjiB6b(J0rK6HC62oU`V$cN7M-yoYF1^t@-GGbPTXaOQ{!nA zq9rD0SBJCFoQD%Hs_5*U2GId&&xM@P2Ci!f ze2|MhR|5jeFQ;lk4#7%c6w^xje`ZxZVZ`?li}+MZCHvYW2Ti6FA1kjeN=xD2@o-9& z&n8sGV8fiI5MSz1 zkrkU6^Bzz#-GVBZoUqU$D4CjWQfohkDwx0di2w_HFKgtI#zkd*hx7-V z^42j?_A5g=&=Ujrm-F%l8C@D+?jl}^O4CXVfK^VY_&uq+LgG{1iM9EQqd5UIa^ zZaag`QfGm5_KM>F_Fof{7x_kP=^U@9i)VV0DN(ijdrezIuI3-+S|Z>LIYZ*|5McUS zM$JAXY>#BEueR=ew@fm{qy}0Bpp|Sh;6g1FLQwqN1ii(q%jDdxMF4R{Su2m*n}ZPD zBoBl81q6GdUyuq}ez^!CpIuuZ7u$5T?ub&Eb0%{Ycg8ZTw-zXLY>*hC&&iK#4^B1caGH(0y~lo&68(}aQz`_mV&{|4%Ih0=G%-7ivxz>)qd z$q2-oe`TwsN36_3d|yp>P^rwPixTs_nbQGmeM%1qD=Sn6>yfh?vCb$Oq15MeUumiH zb)i90@2hCzd$2Wzfr@*~EeAldNxK288h?Y|{e>3D;a{c{q}RcctqGu?{g3Y|b2>cc zSpQc4a>oSt6o-OC_3WTS5+c$W?nrVzb%EMT<%(}$0)`}OHT@`bhztbT?PzS=m}KpY z6XF}hPM8@0ces1|A*gN8$)N4$aqHfklrdO0uKCwfCII~w0>ZkG-Twp)=w-!$SOr}O z{zf&OU!p#OqT4>V-H9c{t>8 zpi4Pw^ruTHpivWWQ=^C0NfvZ@5>$r81uxeiZqV4$67m&cWfEHT#PKG`yv}zY$UX5rY`qG#VkEuBwta3{Z2S+dt{P`&uR4d*PP9^;1zO+H7tD zTugsN!w5cj@Bmyiu6;LT18@;)6k34r@qhnO9`btFw2;3Wy#hcC6fIUdZG*$h-yWT< z3Q~h(NI6Xaa8bi}+jxldk=}f&e87Vn-d&{5`j3;FYSg#!{Gt1jGiFPH8Tg~%&Tpsfk+Cv1*wfHaHUuL zkCY)>a6UogiXQq9c0vvA4B%mj?;hkgh+BRUyyGLIW~9i&Xb z@x>XYzh?oski~PqjFy07Ip!Da|7TuO>i*=K>>elUjXJvd#Buy2F6fO~f(x2ZuVzCb zWDu`^0k-fZM81$2t)a`^`y4MNYB@^ONUnQ@n-j1|nN>V-!V>BGLujG1f~ zKZX~@kwZ4QnGPhCyk(#RuFR4L%;|T}wfc7qV3=d#ru)61Mi>l0mP(iOn8vv#?K1HG zQ>o>>2a8d*f)n)*j@!ymyoU7(-3iz^jX$8eo0`uLk_ajx5)_RM8bV z+u*koe|7GF1KANe`w0+eyW3^3?JjVQk=*!8d%@&G8=ibX_!SP71fM_OfO0Ykz!ZTj zqszh(P)Se_c$bkR7`5KLx*PlZ#N!f`8J7tz-sOabl?G6}{Luqg{0(`oX*F2<-esum zH|Hr)#}q#VF*i;<1d-@d&5%VJ=)==MwDI~#DC(EEl(+iH#EYOd`ISVNc(s7;RBo~f zTp#raSt(>s&$oP_20lpf`fg-4wYtuu>VxL@g&sYL+SA>j0$Ck7>f_6TG`ML>XjBk( zBcWz>u)FE5QfY^yIxQ_9;JffM`SqXHd5Z{;e?W`#2xL9L`=XM@%9}v4zUkix6+=hR zj-V{dEeUUV0tAca2U}<@3oG*iThOv!(qQ21?0mnX^B_M2LH=*=K9g&{5O?R=a3>|| zu&~ZLb6MxH=*PlU*fBo?-(%?On}v05iDu3hj&{PbB_QtJ@4(7Gl?8Uoz61b{C7bU! z6ckke;MSb@9!x+0mzV!TP|r#~^Q+v6Dg*_;4Z+u8^@fYwt9w9qXFmDSoM*d|9k&0y z+RPiJ?xWC}A<} z(b=>G>;?w1-1@{I_OB{S+SpQDOZ{}-73HCsYxappyWU|X-dy(w%xDSTre}r*C_t@m z*C$bj@ogO`EVjc<+-FUJoRORdSh$w&1i>|Lpyxc9n!LS1cW`3r*@I>RP=_-DBhRjp zrGh^&03DU=#2cD#)q#;Ch@JXd7_(5YuFGG%`B&FC(2W}JPzcEHe>bz$fXd<}+=~%R zX@6c;E+r7|07SQiIX%7th1`uhQ|@?QS{Am&MNkapq(>J)DtZT~wLs(2IJfeTcZ{*hNX?Ir^Jp1RqxUsDla?7L-I$f}*RAgoN@ z%viwYS#d+}YOkp5ZH302bf>M@fy;y*Xbi>X{hS17M!+0o>^TN{R3T`kFq!t_7zC|| z-uHKr!F@E?E=SN8$j(*kCGX#HUz455s=U+3mO^Qnal=mtQoO`vi1R9Y5Q^dc`!(P5 zg~Cw^dY-fuJbvBq_%B-CK@2eE6R)kARijgc^=?kYWKUm0 z{RFpL(~zK{+Q;zzGV`I?E{BELN|nsnzH+UN;X-%nd7s}X9%mT^Y9wiaTDFTWbbBY~>A*L0IsV*)I=hf_ z!Ab%x-bVQgVmxh7J8_X~JF=>B|FZkYbO;iHaWW8g2AAXO;dVP1b~?0!3CIJ8qHjim zk^1u)2QZI4S07PGYOOa-_7{tUFx8>JwR1{fhSc{zZ5g#&zsON_V6|H;LGnF-zN=AyHncx;C&j{YUS>+m>#+T%Mk#bDqE@o@Ep zb|;JjMCkXP7BQ?6wf1SWm*Kp52h3I&fiu7kbqc7(`ng%0J%~jAyx?e0T^*i^xgTML z!9m}tO+Gm?@Wz}z4RC9u2>tIlh9hVJ`p7d^iGc}%|(pFbF)thghJa!J}@uIF6vQXMLV4J|3pu zplO1Pj==Q&jN`$H#at7*yPFxw@`kx8?aeU)rovW9Ga+^j_PTNHF)Ntrk)gh3oAMxd5$F+3Q*BRd;yH%U;Z8U zehsjp{nN3EWd(;1+N0z!i6%dhF+(UT@T#Ajtd8@9@e|}l;Ex3i#$Gh>G(~jJyc@>^ z_p^)L<81@29xbTVlg0wlLiS^U7I=^xE_@!G%{W#3nk+bN6m!t9R!7f|}RfOc$wSLM&v-@TdK$fA9+^L8!o8 ze82P5XZ=!59koT+2DMO3-dlYL&(pYRUP^dgiu8XAQ&H|S+i(jIjLL(o8_Ca}2Kt}6 z3H0CnRjd35LfG}8B^bu0b4*`G{HA>gz8&rJ)`&Z|KZHTdLB5MOV(tA&(U(a-I`(8! z*PZ%b`$;*S#5Ks-BXacKg?)!7C!>aadnrfn$}_>yUJGT(Q}56aoTQPH@U$m$NGn|6 zZ@Wf^WMDMXg!bIY2b@w>>i;K_@JSEA3ah2HCU%pj(8Lw5OpiN8P=J(T*AcG4ox z;jxnK)YDTHId*=2gB1d=Ws3jsp>GW@j<|L zTN3WGNn8iOcIAA+j80lDc*Uaj3K&C2_2d{ft(A^KOy4oMWBBI##fO;04b3%H)^{3j z408HW_b^@Z-}Oo9)ziF_q<*{(+S@=4l@2=Q+#M=$`RLHi;}YISX~}6*_Xi4yNu6(v zLFXL$PqeK7(56+9s7n%tgW+E;4*E%xnH>?PPDx|Ox56j4IE=&!DF~QCuLUx>QBfn@ zhRFc+C^(QYC{ONONTcWwqI+muq zo=KUPgL8MGwR2B~_D8o-#lcTb35VFAHQlA=RrnwUA*0f3S*6?IRE{-0tx^cziDTLnkRx#FLG$DbFtGn`o?I}XiW}@6>&rE!1Jlg# zo%Is?)O3;xWk-p43OE$VN#><%vBiN{8C8IGw~PsBcLSi^ z3-U7PObc{$NeG=Z)ztG$L4ztF^|$JaY`=q(S9dO|#~wjfQ2Yc2Hu;pDM^mNpQd=_Zlfu5%YWT9-HpA}lHzest_ur#*1Djq3O>o)M6 zaA2pV>IdPlrVxOJB0Ul@8>s*IB8Lmo!gGkTh1Dwj*Bnc`j__4FxFIk1Zra8Vgw)wT zA$1uz?%zX0*{Ym7PNvPGEW8|`E1`cY3{t-GGYI4 z9{itQCKw}n-iQ1K@X#1)#&fH@6`UXQK&3%V;_C zKV$lm{yNzBzPk9_unWWPTT^o?k9p)YOHMqP%vE1o#ewDy?$h{k&{>kSmRVX6^cRd&Q&Zgrz^5m%^{nKJ^ zP&@Zm3C#(;T7Yc~X7aBgx)~07@dh`qy{Cuf>DP@;fRPru1sqhfeC16i`PWnO5v-DR zSUJuu=AXRz^zeBCv>jwIN{Ld~^`=QuQzdwpgM3U_GI?;V30iO~|EW8WE|N*z50Wkn zNXPr=gVFHDm{ulUYgn;r`Gg$Hv z)Fa1F4$Ge8$Rn#lwD7>gUEmpj5L29!2Y)nm1rXx6%UZ<)pdd-o?%QW=is9ghQP}cJ zMjiV9D70?!O8ey0*ErvklMXPZjiW#1D$Ps9pa8SLVei%5g@}ooqbEbf+x;xBr^d}( zYQrzywB$niIG&*eH;4Tiok0e+t1+pzChLJYECdg2B}#?lKna7>7sBVfDO#v8)BZhZr!FXZY}H5VV{VD?NL$i>g%E0^LcwSN|SxnhuUWAF{mps z?8Dt+BD?)f*6oV}t1&1uHb8e=;u=%rd|l;NY96@b#-Cixx2PQP#%@agqE;x|4!xeP zD&=6t)JK}^y(L>{*On-=(Rp3$UMbprt(n(0I>YDW&to91m-gExq*(Wv`$mCf?L|g> zkNu3@!R$;42q^l>AhOts=eXQd&_}uJZIV+tXCuFx+g#U{ywR~v2TT(RpD@6`9+ ziFs9Q*H~J$({>k-tc%m;zQb&#qwZ?^I5j2b6=sdNL#FDD-?+o=>V#CI!}g9jtQ^74ml$?8l9?8yiGxA8jjM!AHGYl2*+2AeZ@8QiAL3( zlylZfNLU)}Ye&C5X6idjy*}L$Q#u+fSLQWGi`kvx?Y4~lwq~!tuJnENmZvkzc+QtH zkH39_DHTqKBN{B1VmoNKcAJP2$Jej>83RS9F+(YrfKHrG`O!_htjfuDsD?PhM7+3V6J1r4RxTkG1r~h z{7Ize1UC6-^J(p1jd6RWJ%9PVU!D%)`wp2YCfWDoGw%bqF#KBsLxG~lt5?l@xB?DT z*SwbNCSW}lB>v{NutRAw`t3IuuZ~fOchR35v`&z5#!eq_FK9|p6HYDjl>mGwd_*YQ zqrf?2h_d)I@;PuJ5emVB6`wa(n@uG~i%}gihiR8U*!45*FRy){o$r?2Jkwa@p6T3y2G>@`ox84F$hBl9OQcwaHilgxa3l0~-Q%lG(QKpf6JH-u zOn#Y3jWNi%)v#Pn6^TB2Jfp8QWzXan3V-0f!(do%SiKwX6}eP8s^}7$kA1ekR`XUP zZsNB?_l*dJ$0vjO#A6HTsvWvB8hnPl!)dr4t7Yn>%;)7OS=xfU7|Wj*b#y_6BV_z_DTxLBwLzR4jdeTH5D zGk8f_`gknvaFkahTGn&=ZQK5)c3hwqjr|fbb+=2a&~>S--?QU3cK6-=-SujzOfov2 zE7+0BZrS+#J@?6`t9^Oq-PHkldxmu32cvlT=zJQ*7=r}yKY20jB1x=1OljW`iNP=1TzIUEd!5L<)=#E5K=vEFPRk{8vwy-2cCyD^qS}9gn-_ z2DL*lif$1an0uXRr+TYr81n_ENu)<)E(UL{W18^DX>kZ6UAC_4XI9ZOnfcw`??WBf zN3tvM+{!b1byy52wah|p@x&xYdDilXw&YjT?;Jd6Hiw70i51nGOKwe{-6yS|u=#{akN9z2^j$t}x!c8LT^+RjA+WKIN-5T& z&nM@@8?}y9hslks>**7$memq4@UKlpq27=8TgQZnqUN-&FRU)P1&JT7G$}PE%jUmj z)X?8}#AHT2lNzWqEbdyhGmSgoI6S5GLMY62xa^(wyha^fH2AQ178HE}=1YE~`;C2* zYl3-^pg7Hp+JS1k(ZlIJhi-olkH9X@lzsV~M-MFz)|h^jc`uaBocj{IZaS(NR61an z==dR{vG5NN|BB?<)-)( zErywX_sOoZYZyg^4=y(*ZBCl)e!@pRpD`OPhldDWliQ|xC>C*Y0&(z&nX*DvBeYXOcO)L#sT4?_#6fL_Ff`E$^@?wjSH2pAL;s(wNK z{2fj3?`%o;O$E{V{RTJ5Q>Z;3(*}PvEQ3Os^H7(3QV@Q~t(pyZ()EBhTd$w6v&_!nRH60zV zPGq&^W~s#C+qv>!YhRZepR_xfEc`A}4%a&@SnjkKTGxltJd=3V7p%BB*HI5;vcS;; z9ZD7nz850qED6B}3u69j&vEOR!_#kH^felG63g+r78LIz1N5+?5^FXvUw8=6#{@AnR z*q6yKW(gwTt2$`Q3nVHvtzG4r_$!y8p?pX_fpc;ukk^1yL-y;0&TZy&ezARW)O zP?UwQ%Y*lQQkSH?u6Na24w2$Fx^**8OkwsG?I-K$bhFBZWzQTOaNw+xJ=U7tR~s&ksto~hnha+@4<%8$sw z2OA6;RejNo4V(xb&<#$uxFI)^skqZDv-DAa!F8`5B%o#h0ovB8nQgPpGX$oVHtlst z6+Cuyt|M>%0Ba3iv@|j3ba>s@d~LlWco{Tn0=)MZ?Uh{4S65ql8*I!Q(7Cw?aj8;wy!SI)~}d>4SHoL1NKzTm4a&HFTc4 zb!T|*Pxn>ppe%A#ac^b)a4VIg4fn<$F*S_TJ?WGDia(go>DF(_FW*WmiyL)v(`5M; zr{96viNItk?KUapg^ijA`!7~*k2oCN&3eYQpyQ!?c<_Q{e00veiOsih8;`|Ltc@N> z9Xom2h{>r-=&-f8qj9}MiK9DHTUR&G@{6Ovui&8%Cw32Uya^3#zQ1UEN8AI4jhguv z)i^wzlf9>3t%B-E=wN52dZoeW^S#@{Wb2=plyGAY#BNX2w;dK;atVeCg)XLQ>L#{r ztYv_Du){b$Xky|cnW8LF_2GfnU?(1+5uZKFv^qET%#DOX*yXcTvTM{QSZ z<78GJ(oGa&4lo-Df|_hIpy@qX*u);;(4E;(9~ReDEue?Lx!orDmBR-&zPh8OXqd2E z;lDodYrQ=t2DNBC$G@)lhzaxn{Pem0tF3HQ#$FeSPZX|7^49U5;L?~3g%5X5nSvr2 z*=M;0Y@2ls8mn_{|B{SFA>p)j1U&)GO#hs1vic6{0AbcIXGakXKS-5wEjwh!$JV63 z_UXjGB|FT)?|nKY?P|6^zHO*FS{20V{19K?fQc-9AsnG}xJorg-2l`A5+~Df_Iowu zb{l^SqcT+-=3sxueKIP2GEWZMpY>kh%j!Bn>(*pR!MvTO9`8x{gI00(CCNV3HI#4v z?I$=)2a@NcA}(!XRQeOm;c_`P42#?@XO;Y_n<^JdAAl;cC)Jf*d)bZM}!4*afq#o_M4k5X)T^{K_r+D*8T z?W*!-JonuKnnSkgjg^|CRE>Srt5LXdDirnJQaM(2(tLBfx+&i9P|=Zf-ZZg8?tx1d zP4E^dpI=kq)y(|HN!*uZXRh#1BG=obC%f`dTp8D1#il;5o+(hUKD@uPI-`W=KCq2Y z*y`ufepeW^(kv75S>}VSAvaMYE@ao;l;jKej)lCa5|<&V01?S|G>5+vETdx%w@KWa zXB3%ulke@Tc4WEq>*{=V8!q#XVBH&irK}RQQhl(5ok(=b|KKDqYMX4iyJmQ&xAhg| zIYI~A;ZvR+mD`P_)dy@*D^aPB-c{;xA^$$@2*cP0f+{A3IVKwOO3_FhId=d*P+|VWUVn8Mi{w>cI0Q2d zt)xj5P*Ov|?YjBApa$>ilVnQA zKv%t^Cf7b_d`&KTwrk@r*VroUxDR&<8s2bI+<9lBN zjw7nB>8{B_M8q+_iaV(43EcjY0^{VCzYhi^G5XCuVqWc!DDFbZI_8^CKD~`S%xPML ztp%V9n&AF971k*OhNhFrX7QGgz5eT!_2?2Fx%77Ayn3>?>_0=~)#C#&1V@Dk%8jEKV{+3(an5*SJOA`>u z*hR(ZE`{|gRW9-tZjS_JDrxBmVZ=a#(7R`JzH4W%$FPaP(2N;k)u#hn#T--uK$SWg z@2U?fN21`B2ON#&zN2hR=6<&$Py4Gw7#O@3_r1%0e@7P;2|8#^t*^u#sqJ0fg>$f@-5_COMdL75ax28?Fynk z1GWjc)=VWfXn+WK?HSj~rIMeU0D;xlT^uI;Jl6Kr6n94pkvnU+sRm4F<<_7e#PPR> zQK(3H8=DR6s9Rij7C(TkBfca4_DE2cF@bvNMzVh+bK#waA@`l%hV@X_02{oQ|0!f>SS^)R`GQ0Bq?l* zsJp07a-zspgLk|BO@p?jeybCHAZ4fPVibRXtQ2)8$Hn=u zC87Fs(`iqyirx7f2mS2~oqM{j*L3(WV%DkwCca${tG;vq2<$Ed-96Uw#UjrKeNx8- z!?+vGavK+snVc6uJ)Y{y%(ucRbbq7yl<+MH;qBqG6ShBAXjUwu}^^ zsI06cGP@Glm89%sgpj?jl|)6#$X-SEwQ@6m=XG86`F?(n-|s&@pS)k=>~o&yyykKj z)I@Xz^>caXV-rRs#ntdBvETPN41M&2e{6emIVrg9^L(A4=;7pLZgE@4+uz?;Z1ehX zte%n55O(P&q*BktoO^Hz5*S@YnKi#Uor2Q~dWvbUu)chNu$>RA%+bw|vYV>gq$E7f zOG({U*xO0Um;2Z*3i@0-?tF@*Q3F6yEa_q+Nl7g#C=^vrb&EbOH~O(2ApSp^!+0)& z0N?jsG7*E4@MUHhumev$v@kUFu!vUC8TgcV6p4U1$UZw9riINw-) z?Q9O%MjT4si&PKW?|uIq_24?=o>a%Hpe)E9=EAiii|Oxg#Vx#jExj7;61_>idw1vo zGNqmO0~NW(0XUp(!20N#eB9L_LV?Ul@pl@r1vRh#YV>Op6fhbn?E&C$VQz{7ap+YM zf;yA70x+%puJ-4p=H#F`W$X5K@!;KnYPWoqwhwOY^Fx%ZSqJW)iSuAszT&zNbT0}M z8}?kc|~d!NlxbGXCDpo7=t$s;+cLpc_S~1s) zDCiF!I^iG`OK1NbV79X|+}}0sV&{PdIvY(dXULVxvd2EIM1qHX92fMa zMw5C|Ik;g>ao${EU>YbAj-7+zS!p&jWD2@cV^E1^91Z4K$F{AXRa0iY(h!?z;nQnt z7b|8NyXgnbyHFC>nL|l}DX6sqZSOM`&NcRqcnox};^}k*)^qjO0IALgeN_l2jFkq* zYXpkMI0ezF0;^t`+dn(PxX~&)s8+tw*-5GmMjR%*^=_ZWTAx^sld*5cNAyQxewv_v zdKW0nq%;d~wHNp#gqHJczC_eEKSRQd%RF+S_dQ67{H*71dGoWv+k zzyQMd#-u-jy=&Tov>na3N&&I(I&1O7qx!M?)_K2|BGoMCIuRC?rwmrx=p=nmxHJ+z z(9WBg#HbkflO1@En&fQ4O`b#LR%Qi+6?^|2%B^OU;WnYD-1_|E4)|}cP;I`&z~K2t zxfO6a>qX7sq(o5?&g6P|cZBG}62uoA4sfg2*4wzTEi~p{nTzx)q*7?ADjceQ+YvT& zs8?_(IU4Tq$LLUd^0vaaIhGI>)A$hGpV;w zD!8#+&JOEnNS#0^6v33VI7BT=kPF>#y_=M@5Q+bDS{@xuAC#e<3g?eMeXW{&xMc1! z`URP#n-a@CCG-9Z`{MTCFSH^o8a4~SL`U-9Orsm_3+7IKM z_YhVjqY+-2z=}*PdX|(hgTt6s;T~F10eGH$3`aY&=br1Koe;%{_j( zz(%_SJp?3&?Jo8VBHz_^3>pHI3NU3|LnTffRQadeBC-#W4{$ml3Rgz5lZYO71a&IJ2R=qhr3Q5>;JxX2 zvf(@jH?yL4i7*(pjDMWUc^=M5IvtLWN=oua7zi*lzbuURo&Z#{CUX@%sq_pT1AhTN z5r^$M2Vq)PZbWEbNV{#pH?xHvwc_5I^$&sCA7{b=0* zh6HdcT(E=YRo*`W$atv_G{(Dbjq)eKlBB%LcYYE5ITyH4_u}P4AcCr-9!{Por2a9ME6oZnJuM5|josThV}3x@EEp(MbSv z($cHfvtYN-8z+I8r|S)v@9%*S>`&!WgoUpfgE?N=>-VM~6&C~-dL6UTTaB)p8-^%dC5r?6{`uxQrW`;_yV~;qg{fdO;b>3 zj-#Wkr+qji;pZG}nn&b=fkft4%nE)21Us~Bcn~tW2cJBWKO%Vm^%MdA8nEeA@ye*5 zf|DNF82q4(!E4T)agmKlEa=P?nl$ELhZMa#yrACqhO=`d_knXl22#^S#Lx1Z(4A?my0r8$MczRs z*FkX6vF9mm+|1=vpF_81+C1HQjezGVET45X2!vr1g&M*##c`OgP-Q2e9Zzd3wXRFF{cG9|d zd(h4$w?q0)9qAl{dq_P|C(+C+g+Hs)@?=yLTEOxl8cOWho$8Wrm!MCRr3GO0F=-!xzXI^t*f~lTjh~!! zJo<;0JKACc3fR|FUmMR~KgD3tVzcyZG44bBr=8U_5*d}~I2ZT!J z5dx4wg;O5k*Z~_8wmL`-vq;zQ0Yk2zh_hYA#NxQM$01QTieWQdeP zz+En4sg8aO{0tg-7PR~I^=Rd9H_aJ<1E_l$uYOjf>A@J&JQuFEb@<7o?$bE)ksfAM zFu_PU{J{@gf5XIWjDQ|9>RS8;eN{b%gMo*9bT2c@p&HLMq<`Dz8KgmC{CVwQ#@#!W z%;qSJCmCl};}%64wS#0A?DqBCV^xT&8o=2@V?iVNG@mFCe=L;Aw&I1Z1XSjZ{X54`p-=oPc*Jfa8Loe9`NClmx0qk_r?{sep!?8h)6T zv$Qa|*UZw#mN#Vy+>XzOQ7+)^59HT>SLid|Rk~ZS?PMjp6pzpRS4?c=fXX_`zZ5F# zO;3;@fF0ie^2YTA5suaxGp8l3CY}>7=pB1(F50&olwnxza*?m(_h*IfUYkDO_?0(} z!lU{uNUAE(~PGWj3WpnFvgbi3bis)N-Ol-AzH1>X~$$6|8!M%&cB%;M$ z&CdY2Zgf9!zOnGdxsiO!62lv=U+zs6|4Mgl405zpw`ty8cgA`tWDw7CR@ z8{%kcA~~)n@hb-d1;h1^A(3DX7ohnu%Kgc8qAH^TEtsx6h?8^;jq2c@w8S7y>rZD0Xbp)tJ{ToU0C4;B;-!U`=2G8*j|hQ@LnL6A`kCI;IS%54Dp^Y~o_lws>~R7tJltpM}yRpSB%0>muwogy|q$r zFYB)>XsEl8)7m)~Y+lmMtnpy#O|Mh@M1$ImINMtZ0$_Ep9^lpwC$}CaJ0!55q>8uC zX9trMxe_ZUIvke7hRr__+Fw6;1zKwh2uSJ+|C@-MA21nZwwFGB#`GRPy)iil`S=3^ z%A^)bC>5o~nNa8PQBYcW8&7wMn$8EZ?u~wX(${E@b@4<=)BFea#VPYLwM_G`*5&43 z-OJDJ?PqmRcI(6^EBewITg~MdlKMd-kuqNIDp94?Wuu_Cx7kD59s>NxtNgOg+Q#UYN+d#BH`2$A+yc)P6&X1z4OY$UYYIkX?JG8a- zp`oj=JtmyYg?DJdg^>^Yfuw94T$pSKpr7i+T@E6Aun`9abjdl_ewZ7Nw6HrsV2ipX4OtU@3%2%B>*lZ;oVri{8rRhheSB8X$5#m6akR^=;8~Gsvt%&< ztwRh09-aSjWz-d*#!Rf0HZ^T6?cgFF5P~Ljwf)s7Z-B@y0};pUIWvR+T7R@4jBupu*WON+&Z(J38X0HFav{%BH^Ky} z91&ru3dHMKMSr_;u}v6KU$<3ce~DA@Y>4A=x288cz@?r6WZn3SsMsy0ShmVTu;;pvXMH^rQ^@(*0-B zBU$6=1z*-mUDsCa2{MQFIx3ec5G|jx&8+J{I35gf;>}@6;;zm#E|-Bx5RB|%>HxoQ zxgY~wDn=k;`5o zwb-(y?fGL;Q}Sz3_j>$#&c-h&GtzTZ_PiBPKA*+&!CyB@GMGWKu8jS$>SUMdGVht9 z=T^06Zt`7Bh~RvFdFt>tKlOi3Pn9jWXiknh?(D0kAUrW_?HDUCJNEE>SHi|zkt_{ z zr=pgeSV00&Ma9IG-Ye73mxjC2_z-68w`C7mUN12cx_%mwPAg1Blv1u{Y<_qh(QGVV zh9Q}G*_U~t!=iOp{6t0Ps#)2M$NesU*@bLemAhM{8XHdhMGK-mza;rEb>g24aZ!)56u$ql0HS6 z_LSaHqV*X6mKA<}b+()sQ0OuA@fm=mOJ^G->l}NRY)&j%UJrtoguoGKz449Kwsc{& zcJJzUiz$urW##d%oMCOAf`;M)3cJ`nF7llsE_W$P{B;%bD~hd`2J3+1i)M#Sv6&gu z>4ME`w|E2*_nH^q1$Wx!M>PEWKB7Xy_|iVfUu;1g9TCpNB>MxH*gWdgb!CwtU*TXX zF%*Xk<#)r1;d4Dx|Eze%V4J)M_k+~=S2fNRj1pu$$6vrN4$6wW zOgTmLGky1Vd?b9=d#b9E{&kT>qH$I6a`!I~jiZC(MYB!idTm7aE5z~b8i^RH1i1>9 zvnjjp9Yn;wg)8^GVn5zx%J^YvPm=3b^f0ErHbFjGUciO87ne2AglRv!Ve!9aHAEn)^4U$uV zoGMRG_sY0G)^vkr8v*|5It~)#q6S(+WLH_%2EMqicEahW6BXHm0QoO+&1wpYBo)^v zWyW$BYz&LvK1|ERGu|xk@*`|sng^vx4`0JCySHWq&Z(usG!-@7*w=7 zhYNh)hb|xmDeR9Zj`C?XbGW?-|N6m`)~t0k;i9!;#QZ&TNkYC@9$_uGnBO7N&3frv zum4VlwcNTX+d5XK$*w&#Ed2gk*_}CJq9jG3frx2kX@2ROR_yjF7K+)~;l>bzU<~hB z81|fIvG24lsPUd2G|=*~f=jnk>I-t}4G>`!^-xZ*f4_3`6tSt=rzSne%<#N6ZBG!X zV7N{lSBkL$_6J3_?u?GZ4T|My#cvCyVq?m+SI=vE5pt5% z0{l#CFEO8|?U9BlY9u8OycbEqdVAjk?q2;pj%JN#df}w93_guR9J*?Eu@^zj>zucV zM8Q=8g{+6ixp5ggzK;BqAYYmT#7cE9LEgd|peWpfIz~!#=;~*9Md~iLp3-f9q8qk8 ztq`l^MHmiw9l&7gAu13hzFf4U_1A6&!%5>^=h9BIaf@P!ZS5+ zUwP#F(jZ(QyxWKtFA{3cPrel(Sp7EPoz)8?O`NNJo4Bj>ZXdkOjRX~sMO1|QgPy!) zV$qqbr8ru*ueqh`ZJ(%WJp69R{0?a@-xFofa4A>Q4frWIsjFD*8YYbQarZ8LZQM~^ z!2bI}F6;D#P>p+n-hGmv7Ek4lxEo%)PC(ewW?pR*LSH37;#QAAhuM^eWiOnY#+JCY zy4*PUu06-JBiCYjb!n>hOQOo)Qtz6_Maz5`JJcdbcvmu26A{EJC?Y{N?6rH13vXQH z)6ZZ2VhoRzU+9u>ZDq2@^rx-$G?7vPB;AblWM{O=R zA@zPA)Vn@zSPS$(!s))L7z0Mvy>f(*k9*h;ZCOxOx>iqiC}CojgQxn0N(;K8FA zZ`9nH$i#Dz7O#05YUSEAYo<|>xii^@&ADUD_l<`&#))0(otH#pB-GbDl|AU)2Icm9 z4){6G1sJQU-(H)~^kjoJ%5RC~hEx^o;x`YAPnQ8Uq|SBq2m6}++-S?u+fzMkva59( z@nFR50YyptHMQmeW?NSaXz{#@J%5vH9NiR=x7h+c`Mmqb8qQ3?)Mm+D+p3dYO;RC_&;m|K zeNyTU+^@M0x3)4~_09FCbFNh<*Z!Cj0t(ydy##|_>#iFOTmb0$ZW^Rn9&Q2MXYtHy z?-xGJFC5D??=%G0PDNc@3Oz5L%RZm}^Vqb8L7qa9Al|NDZlAP^aIw>r(Pa9BBFt9D z$n5bczw|+EMJtl@DK zN-c+6l7SncH{Z8ziv%#S8Jkj2AqOH>Kj7ITdlF8f{n^9*_OQpzs0e621>GD_H9|0J zm8Elxj14Tb!&?NkG%J)G2syn(*UK};OHe!7fGWoicjBs2ratIp;%`YT*Q9RSgiPn* z3qL*G2~!10&tsz8xUm2Hllj`^uvW4yucI_m|K11-@eP5%f<# zL*jbDhuO07Y;Y&CX#b~R{|7q?tQd@=PRRIds~n!6A~AN-}QAGj&_2e16Vg>?-l8OK~s^BtRsd z|ER?cPL+J0qK4pu6-D*azPIPOD|fNM1SvOFqj1E0C~k>iJ!)oahBiRt22xLMq0nQd z^>$i+@`7{IDQD4t)o4Z;zvUOeh#p1znOlZ)=2X=MbUv94SH}DywxIzVSf|s2au@zI z%Y+e1dk*T#f*`>jpwsrk)BzD*GR4gstj*{3W_F%(xagV4PSQw18Gg8ELv+zzgh^7m zr0_5Y)ztMrOLJ&;Q-Jg8*ISx(P(3OmVA4?HtrL6H9_vo3YQ2SKN0{I81LKDK-UEMu zEv6K>R7iV2v~Smb={;;<5)HWCimbRKl$f``KG9)xIs1yTQs1TQfg8Vi9?ZdY#bm;9 zYBw9&RphOLr8Dn+AwM_SlBRmCog|J&4%i7%8SCk>NW08E5HKu0?YomL9<<&$ZSBzI z83nlfbK7QL@Hj)E*xDByJy(a5QHL={YWwF*$aa$b6-kG`<7OPZ-ee z{B+SXba4N}eY3C5K75*@k81>vub6+iuo42o8fb%!w>wT)U0E_E68d#%UI?LMJ-ASQ zMgEp~uS`RXG%Lb^!+4uBOTQ)rqp2FnUq@sD0s7|HcVT&P{zny|<%Cu=98?wJcoBw= zok+iL!8zQgUDlo*Bup>TE{EGZr@gmyTd=wze}ik>^eY@*mXOA5eBtPu<=LUFDIY5_deJ9xcPh9n7xb^(fCeiuUQyi_{?OskkkhVWS_qF>$Rad3aK9F_#b%RlE#t4&rkkG#vZQn0< zCpA6A@0paz#L)6@g_lfu(v{j?i*PTgOzd{CUB_+mn*|Pg}SA8hIL}GjN9E zCC^ z{oWVcJhzV*!}(c2ap2#K*Sv8(u)UY4H%RN&@99c+Hm9OAG185hgk6W z6eC>Y4ww#7zWY}BZVxAVxA`90mX7uz!>xmQnSz2U(9&gXvVG6z96r}}Z>$idfKLyr zZ?E8%9|1)nd4H}Gv}QrY>LKm{y-faqL$x51_e1+>xZk=WmD>R}LdTk+1%Trh>BYX% zddYgssNUlD?z4^Dz2ds9(#*ogay`3phnCRw%$IiznWqsJ!ks6pds5zHQ>bmLGUm&g zuA5TFWsdia_qgHMrE@rT?h|iXrirvalS%SMKbpT|>QM$U36h_pAdEZ@Q2x6+9l5@W zN1@Xn+GJF#2y7it$7S)!e7kR431W2=*6ACkf!Orjq%a#D)qw4#%3#(c3)BKV{^qVY z?t^@3i!pK{qw5RubyMsXzo<&w#Z$ya{fivLA<L zz??)pt&gDhKxbaMn!3*vh~E9QY*azl7wn@+Xl2z$!-UkB#2kliEPv8oWAs|9p9qcD z2x(9&>ss0%JQE$E>jK^FNZ8Qb3U1KoMVwTZE@EkW*d9ybbR!qubrt9_=S}(A?qxCc zo#P*kVE*fzlY9#cIz*l2fv{`#Kfl$PcP5<_--B1-zCz6XsK|z)%2kC77r%o8s+>j~ z)ugIioA25cPjFojU>i7EpyuBrNBDGYjx-7Zu7m>ln|Ezg&{>I3?lvA0rNkYjfpnVu zOJ~dsB@^!SD2bF$AZvn$g1AH6>a~JKzmM$%7t4BY6~XX+ z|Ewd!&!^ZhYS6FsTT%g&s>N#u4(jqenCM&bRI6zP8vaJz(U{o!E4*ZA3@kpZAWE7a zns5sA>)xa|A7R)?@*N4wqbU^`n`;Nc?vI%)^&H~wFth8Ov~Qbxgi?FVhEoUsmrxHy za4%s?je?g#Mg7MxGoCr$4Ij$OO>BR-YKY<&Isx(Pe+^_P8wl){v+`u$~9wxg_#zS*1&y{7;pY)V?_-ZTj40ph}nI=+AQqdUn02&U!U}v4e}Pi-=ncvJE>`31y=ZJLk2x( zcpz1dYBjj7Zpvsw=wDMqI<4bvGXmRpZF9>yl#p!k zs2FwQXzdQn&|cWU0xY(FP%&M5#Bh#*&Xf3lM^l-KZ~WvHAkmmVWk9K$#nsmM}PKcBx|P z*>_uCk!IL#TmUUkKt0 z8{BX;>bdMjKejs$BywhD9@xIN;+v_VzG)s+-6GJc5y>y16(RdDs1L}<$U5P{_RLFi zD;6}cWjA~2Z*Wd5Z(mVU5UG%4K?|1AhxgTiPY}3S#00|-?Y_+k@yjRwjv__=Y#?Jo+qBkM_a28Tq43wh{(IK@^@NwO_Un7G!dGAE1 zwpp&-$)B!I_&#Z-uYV8w6_Up%Kh>dB z5;iUu91Z0$tNC$I&t{%J5caKv!SUKbSm_8MDm6TjUhdFdbBqB&N!vvRQ{T ziWJ;%KDdof12agnX?Y%jXwz5f=Uak?NxS}JFK>Ru*QwY3AtxvNwq6hMqpn_LalJE! zv^SY>hyhbs#GF>$mgnwsW-XcQUd8QEx=eZ_2>6#$3ycmVC9@BI7Q^%=E3POJJmPJh za=jvh#p8;=SVkTlT0xhhxebytiJE!WML^EEH@vx)`VUdg(>gOHU4|?$>Y5 zQ7CJGO+-%L2=%vEz_L-JaC_Co2Daet za?8)QOPW(6-!?Llxta956>PvfAN=O)p+%(6Dnm^B3iIme>m%UUr0z|=?#~M$pyBlL zl9kE$L;N&BZP33c_url|;*AUpN{)E0K~>0+ce|`KwI(Ss{}`gX)C7DPH4+7g5_;1{ z<-tFt{+COP(dUA!$u*k{q;jDrmnd~4Be^A215!qd*Hd2}q(;e3kLgig9+O1br3%@q3fH81Pk(~uymjVnCQN0>GFcg4Kr=g$-;QdcVvGnoW0y7 z;dr6z*lL6czZGhd`PWV!8sMNVqr5iy8FY!ClF+YM5?E zUpjR*`-E&5Iwf#(4RRv)DW;)QV8_6T%xh?DX%U1&ubgPTa+EU0`HsbnP6x5c2%+Oi zLHnEQTQ2=g{;Z1wBgSJ9DBlFx!-A@w1_ zDTRb7b0pij*4mLTc0So)LLO9184%MaO_0{-1}1d$$jI;jCPdDH0q+~P>PhEcWi3tR zW^KfkrKG%@A{)@EKli{w>9IKQ_*>T0*%?n7S-*5o!7I*AfPDSI00Q~@^~7m3(DN6& zIGwDE%PB3pepl$r!w1p2-QMyF)jN$7KKrJf&H*3%jPk_3Vf?i~vFEic<%aV~%?cOnxI!NNTq zKnXwuHktjNOCPHe`l>u15?vS6gZ3VPvbrXe)k%C<2S(y)U~3in_49U6kDn@LS}$#b zd$>6sVUtpEVk#q;iPecad~H@SBLwoc`L{@|F@J9XI6IaWoRY*W>#6?lncJ#Mq(RT; zfjUs;zX6Sz*&J^cK2H;S8&7)oxjF^dcDouf*Pll)8q(eK0Uvy*y1{^cCGLX_*wAex z&&`u6dZkN_{n{rHb7|fd@8OV}GXL^aq|#3k?BlP6=*y5Ey>J~(y&4}3XBDUtwToy@1N=L{?< z1w0BFw=E9}HU_J+btLAWzyBYz^qP8k{6}Jz?rs??Q*A-qN2G!r4r#-i4rdr?At9Kw zkq}H}0y5{lY(Wig$2lRDsXeH5gAz0kL~$QRX^Ebm^NAxzH8=-RqQlagFGd zJ-yr4`O@`Qv(ZCa!|$Zj3^L(X&Sql!XJ2t0Ty3=NdfanRS0T;|q>kxrf#WaA)tS15 z!S~Z&l@9gdZT08I+C`SsM*fG?q+;c8rrU0V+w97zcg81EgbHmJp6DdOyB4XZuyHT; zCcT2Uec+wnB}he1C(^nt5Qn6-BTKv&NacIDft!c=iiAX8wxYb37C#47?C3O)043~! zcefXPHb0>})^PWI_5=FPE0c!W0}&q5+1(FEH@sI8)7-`SlSJQs;Ynd}=I|tAkRmVU zI6pwWN2YmW&=6!)QTJG0t_khC-)DgRNuK%2VFt|RaMEr9z3$tq7w8j*};I95~&iq9tr#Xyg^YHbuFI>7CcT z9vmsZD_Lvb5nrqv*DW{s&junWk&({2)Al0awCp4PPoY|@(B?}eeAVpy5pYc%QFGKt9pqq_(VY6o`b^&?o@Aw z;;_o);nkPZ3xdtQeVLP;hwwn8>xNUG$RC0iHXz=dotp>KhMS{;T!9($5v61Zh9!pM zQ@7KU=3X}BGs-zM($|_&J>WClcD0Z-af5T#_kz1cO;w$2wLkU1!)vfCpN0nL1K~4R zDm<_9pF(qCDWoQlNdksF1rohpJizpSm14`gcK&kD7q#gge}1Kv9Ii{O1*&@@+Km|h zV{E^05z^Y8*1U@bm(O#ep-$*+9l?V2kqfj4VB-!jm})`K8$aW>tTprHTX{Vz#f8X$02ZG#L48q3Ay4x$= zd_?OuJ6^gzY5_F)1t^^?t&hp(M?oXZawVuk&F184%T(8ek(=Wh9AQBFlzjp5sb?kR+WhGwf1ed0IpR8(`XGxN5+u3vu%p|2u#(U%Y@>f$0<=tI z9|F0HzL@d^z#BAFm7?ACk{cWw%iRY9q`a5G3LukE5p%D000A9VGDhip@t!Uz1vxU% zeFYK8%^Us=k1Ogwxelfj=y7p|0L)3s<%2h0SmvLm&vjmWXo>T5cE59@aJNsnyViC# zp6#)tINo4T2$;QE!rK$U$!Ek(xQ4tP6l{sbcv`Qe4U9Rd3)B}guXnJcJOqUMM%yWPwX;! z6R$=7H$M2mV!qD@B@IoU9drBbds&fU4)yA)`vb`7z^5>w`+>NY zM$Z=B*U1R6c)7L4@Pxw2DU&HK7?ggB7`0tLGK|H1+4u8i7smiw_x|E~mP8Vy^^Yua zXmbA179&GP3p4_+YrhbaNPL_pfQGySPSy_avR|$m_)b4D==E6N3RVPm z@_J}w6xHY3X`QW`e4dqC8f>`RHyG2EDXu{UTku5T#0>wNr3z5xvjOzpG2Ie13;QFU z+tPObMV13vTEM zg~7tU;8??Ll?#EH-9jl(IxlXB&O=EM+9K8>A0)I#a3>sx2W(>vX;G}5*)1;qo7WD) z9XEZ*{TiNvOssE6w10WT(y45R&Xal5nK1g6LiZa&h>&THetoK2X z-j=^(eYD_)Hiv7VqCj|y){}s@xHaazTfEST?tC7on3lsFpEcFKHq+qTsBg5p^LVT( z%Tsw=ZX}LQsCzZGvBepzA203_a^5(tNgpQi;f(Rcd?zO)b~~xF(|xVo?sFOh0KA;; zy_h3BBrViw#(eq!qp|Z!)61NAmE>Pcuiv-+>!OfYxR4ayHMzi2{oQz%q%;PKbQW53 z^RgFAphC(awq1UMlO8-ONBF_+1u+*A2wWF}1b%uYg2s_FQ==FP#ZtE>zX`1N;r28Y z$(J;@yyBp+fHbhihr`W}3~)Ka4YeV$#*9n5V$W{JFZF%=*;1x$BQ5+N8vr4Bh^+^s zRsN*PQ@6RN)I!R;@y|+I4?eU2rdAEnn8w`XeFK)5Sd#{@5Wq*wFn< z3fR!Em*}1ER2E;zy{-ta+xDM!h8&6j1b$PK91rO?FwT#4W?dJIST?&lsr&_hZCHbL zW}@?M4+Q_z$Y<4p^2Hgj0zBJZo`FjVtw1$4mP`Sa+pIFL^p+c}89wCZAhZvO)W5;` zeAe4OhGr&&F`_gv!q1D@7YhKwzIk_ZvMc9@EKyuD%G-OK-u5xHBGbrtKdaNev-+zY zY@w#_@21T(IH#*?H8oWvEO^ z7ynG7-R{X>^ceC)o-;eoq=#j>1ei^#?m9P(@#g_Ck z$ddQ&|3G2OK*0--yPa)1_CyXMXUxfQG1|4yv|j9>b=*c;sl7M&6?23GECCq^tPVlg zP#}AU;Qmtk8|qBCYH`;<%b`jcE}NR~LY}mdVXjR3)Z%p8TWf9KFl$@Z|HNpP%+8|| zVOiObFaNAIXcBeIO(ev?79+#S@wqPv&L2dzEs4JsKuFsD%^nQk#H^_lYXmvN%;p7MNLH^8b`p@i-n~9r@G;Fq*p1cV+|PXoDq7}xE8~lL-kG>ta4m^BdBh#Y`gD%~b(FWJ@xw(WoCX8~=RHk@AxcdD30b)v z-<2+d*a|I7geiRh6stclwUEXHlm<4|CjIb46}uaMHJ6#|p+20wIauKe<|g+Wo26Ca zCx{ngo#&oT7oGSFVKhnPfJ8B@U&WY2fU+<}#k()fG`RSzFNzpY%Yz#8g%WGe<=aLp zDaZ5{#^`zrt&~GE=M~ofm>ju4s6Ru|SXy%A{Ee>A(thwMOskG@SC<%5>EztS%8O{| z*@7SY#-?+Xs8${OI|QGk;Wm985+$mr{{SgcY##EMeo>F1(t8*k;L-z24ATHjh<7nd z%Q?b~vX#rDdDoPDAt~o)+bde;U()htzSR2pd1C*hQ&?q=xvHwdKzg^xPCt~uqY{1+ z)_EN~3m@#@JzH=Z50do_ZVn1`s=cZ@Fn<8|8XRmhcdt>6mvH>O$?;qiYP8@s*r7Z` zouuoniQS$=!n|5xy}=)8BJ*D(gY&QMmaNhP+dbFDg@n%SUY&gpe))6cs($~*s1|35 zX|?HQDR-ZJnGh?~Hs_}ZuX%{%w2)Afz;)62_=M^T}1>2hpJ(4)v1Ja663>Hx5=L7%xGU+=zI50#(fTIl-+;0XtASAGt6a`punvu(cd z38_r9-kBXumVB8M&~H(LDoS~szqm0W-6ur0ER4kH?fk#=F|`}tcF&bp&yL@`+|-&6 z*766qnLH?u|NR_Ui7kfq)$SN!+0`w4GGx08Igdhh6_xY3YLn2!1|6L~xzo$x+(Voq za7gj}&ris>Ed0FG6mdfxfGfZt?p2E)5-aZ0umErqqTA5b@|#NuyHCC`6W|vn^|+HI z1MU@k&8n?drX$7Cb&nS=$sS4CR?QOHrjMyV0`3iJ7kQtE0_4ZB1NzQEB#U?spdF%K zWM~KOBNSFYj{ihy44gj|Ri&PHcM?X9wnq)Uv%bN2BZPkOL6h-3_q0NT^#7R387jCE zS(NIwrvtvRm^9o7GH`~U zTGz1{+CLQ|emsL!`si4LGFQ}%#NqGT$XbCg&f9P#DD4s{JnUjA)!9X zPE*~udrw;svyWhUVGA{*9z=_UG3TKx!6?q2%A@Ly$8^PbmiZsWdK?U)(93(;C()uj zu&BZf1G>UMSk&MiH0})XcQa0YO#6=Ex{ zI0Cx|ZoB@0^-&6Ox(iwMPExazqY0f*5Ut&uQ~N!^!FofNrfLHNIyUI)!4Y6O46R$% z;dFWUo)-Z{lHiw==D4Yp&i5xJ4DB)9TFdrT;cBW!&BkAo?Sb&NjZ7QwM8=*&CV(Qe z;L}zE0|eQvN`7z|g(&y>_HpkVV_%@DBrziSFa06ddQDZLhT>ytP{OK#N{==GHcEZ* z6+=$3yd1M$fh`)IqZ4uuJmz*($xuD+JNVC>-1(az zp5yB+l#H>4IzBkx_G^6HmBZJGd&%lJ6>!0(x*>WFaDMYFIDf#%rL$1o^CCbKC=c!y z4I}=UpxY^9=b)l|TdCt_mx^i5lcKNw3(s%BRCFM*W_o|?Wmly8G(q>>mp`X936k#MN%PP9 zv|Z_cG`tcGYl6ToLS9DFOxvA)dUQouGA$Y!SL{>9DyI} zK#e;NVMF+)c4kQL5}J~vr{^To9?xu6s;{VWeWG=N-ISFq6_W|Xq^MmLKCw8ISxUOFq2um)lIUr8b}*7==kY0u0_f^qI(=p}t>;0}n_TiFbaDBvu5mhQg9o06-{M{22}!7xMkc=oTI~K)7Fb6a=c?j{r(?Z$T~yp9coeOz_BThFa|0N8$8W#dT<`vnXekEp3;aCi!y@1RWyN)wNN03*Z1TDA z#?m0W-nwl^z*w!}*Lo&^jA64NvFXog!A9|$?n1GRSt+5iBcY%7(AKwQZ6OUBvwy7W zcTM2ToxT~@fHQ^ZdA$49J~R$-dcwp6n;jG*U>`N6Zs;h)jiWvcr7D7NaJ2HTRdQ`B ztZXOifAoVTJt-;JOY2kaIQpjWN+|?RpY#OVnLth^$92@>=qcEDRqhIO&1Bd0I}Z5Q z^}FNHRDip<_BJ0O8MU~eP3Fmt)8d#64oG%D;;qk=0w65`W<7>%;Hzn@E{aY)-+OQI zRx)Y07Lad4L*~l$<<+p7tk#1uxZiKEX+#Uv)XaHMO--k$;;|zHTq-EzqW8NnZ=-do z@Gu~oK7pJ8Mgbf+hsolG4De8In};(1*Rrra z$1aLY!5&(6fYRAMKhAeu4LaKP4`tNOfe}h@I(g*KLoOVrmD9U`*)}dtH8$~MlTc}k zc=wVS?j3C(s|3RF^hw(Q{CYMKw9}E=cpeHp$of0M97wy1xOcL}WrQDY{VFd1mreKq zOSkW4cgq#I*!PrI-V_3G1N^h2)TmnnE1yQZq{_iU5zsdIAbcoO#U)z8@-iyc2rRZj zDT2Iu87g}qtmF(QFk^TdL|_scYsRnSC0ozs*0B1NV$^=NTo8)?rOz&U834s_?Li@JxcSKGVWW z!V{n?h}#E#!G{+&cEO$!jt01`=@+0?0mI>__O<^gG@vlC+-Nu4VhjCEOA(I z4C?f0F<5v9`DT;Z4EgYUz9@QBI*51hz1>t~TB1_!H2Mu5lTP7Rv;Z#N;C0du&l#T; z+%hdKFtO5FimHEO6KSE^qPQ>6U{t|Js)t+C=^_cfl^^SZ7Pgc<+OihQ%l5P${&YE+gL zB7;uWRDzoj4m;+WFe3}BvENw-C3#xEwlAY!cW5D@phUlvY9q0_1=Uqqf^<9`9TZns z#6CC=8BGXuPg&-&$qYTIjT#IFZ?=6TZOU7^ov=RNVP8IL-TQKX9q|D;E08rcHk`9H z?eD(wpGf{bN15azQjBLQCr*p!AYNOpoBB>JtjXbBC054qfQJN18sWXXC}-^2G1ax> z;L&dA9>*ZJ%4`p`eeP}NOsGvm5alBfhFlo}J#J6z$v~*p$IfhcWfRt$dfu$tC5U@( zsjz@r34xr5*kxY9NcI0}EdFd%Ws$W*Wr4K=sr|@XHh%Lrk;8*DD0#>qD_a^(Q3H*~ zPrZMn^D;oXO27`DO@O-2#0f}n{ddch&%?1HSPT5;8N}PX=IKs-x*9aiyh0A}P51o5 zwgL^H*8QsALZD_%lHTo4FQ4--OyX$LKSceXU2!GF@b(`IGzjbtrOpclITyj~nq!wq z)&ghX7i&(P>$PELF=8HGO0y9&nF`+jQIp({|q z$7NVsNv%p|L%O4_ANfOMY8uA)g_pV9!aDA{1~i`gcNtevIIZeaxHUV~g&K3EN)cPy zAZK&R)3IM8*Z8=SjE+x8S=$x}z~`2QoaQRvDFa9LgX4@wXBmAXER9M<{v zgMk#w0r;h>?3R@8ByCL1U7gC}(yf!k-#)FHb3^$~WdAR*E`x^BPif}Pkt@lah)c{~ zhzK+-$c6I8#xsh@!yJd^SXSB?BFFA_{%;}=b=Y@B!}@{ibtwPB3J=GXnttRHfXX2) z2n0SPN1cdZ`;U*q8#t5~CZ0;(ro1Ho+a-k?hWH?Nuk|C*_A6KcZ%$q(nHm76)nBMz z18{JP?wr%YJ(w7WS6b#o4Il7DasYo068R&-$#+G%j{$SGH|D9B6>yH4)u1|{?S^MB zpr#*?y3FKTq%7G340*h{+a8Hx%af&g=;~XAU4Oi5HKZu#SE7yb0}>a5FYtW;AvD>J zGO$M|`9eVa4m0lgRA{@xS>XYst3PlA~afOmuJ@E6o~No&sQKzq!>Pew5&O-bivg>xdKS{k--b_z%8&uq zVQj!Wk72Bi!6m)#mwvQX2(`lQF!z9AsD$iZ{WRUcBCF*Uxop26poWTKYrjs z3F_`~pgTlfu!=-55*8_8=|jgP=?%&qWgi_IVEoUd7r46pNbM@@f8cJF{rg@W(U&E>Qz`mGiU;Tv+~Ms*LA!MB|s4S zLK*1YQ_5)aBlWvSf|o<~VUERT;e`K}Q`k!jZl8N)`5n(MZ(Hm&8)p>Xv@Xl28`#6% zKMa@Ih5C4$08|Bj%tWdQue8>yv!fzAM~>+1O!`+>z|uX2BM%G8Q70vb7u)VZUi^Bh zww>6t7?P5j%Dy$qB?`qjMP-u)1^+8|Hok#bC5>DM80!hfd13u&yHCc9ZoO*6wVsR+`z;v1#eJb#`@Qkc0`@R5Mbaok*j`%@>kcxlzwd;g-i0ls{$QO z4(Fmc#L>q4P;Xz@J4r#gcVBPrcId7_GOK^K8#GrxX-L=f{b;)E>v1vsAk`O-O7-tn z_k0I_@0lwYV^UKp7w6R|m&FEvV*-boWo>^^#Soj&3CL)6`D4rb&{~`}ouaOWCJ?{= z4>0~MtmukQ?PVZduYgBXM(u)m*M%5sq~v2ZLF%~krq!?V*PUzlhL@1fw-HlkA3WYa zO`*Qe6oG`q%gD)|Dhwrl*ZGzcM7fbo*8P@S74CqD$4;&x^D0Op4Y?{8AVNiO4!?p^ zDFBDJ93E5xfB}P&#|As?)w{#4ak(F23NO-Gxr}AjyWLXc$y4O~qbI|~a5={EjwaIL z;qTT&?EYN^2Ks1)#eLjxNc(I#sAQz7ft7}I?ri@t40nIRR{{6>BKyUs&ok1mBRCJDQB_crjFoiWdRSF#qsj>6 zkM(>zkIs=hzdF?ac^Z(bUYpE(aCel51P3D6m&xObqG}@^;@ZsuE4Scb-qj7l&Af`I#5v}D8t$wub)5tdb~&9 z(j1rp-^^p&mwp0s<^NDEp|11`xcq?>lMRH9D-;ha%pQ#b>x~*@B+h4)8}*Cc=l#o= zFGL(v&qF$*|Jn#&A@Ct?jHrD@&~rCmC^Xh-n){<4WS5&E>$rjFNX*!I_K54yZ-LO} z{aQp3E4CiH=?rw4YP-!lX^_^P{gc-HPjEp{ep9udT**Z|J8+S=lpU4t!lglYpEA8D zu%_T+RD!{ZXD7erg|M`Lduexa;MPJV8&a70iVEsOEOc|^S+n3!v=S4_!PzgaeWn=b z%-~TVruXMJ|NWSg`d3))40h5|c|fwGiNMMD_%4K;pCgcvQ|7=P#D*jA&)ubjYZt#= zVI$JYm;Y)VjcmtIB;prS!`58I`a}+Oh*Hx~r2|Ul@ruLH8;m!*U76}|;$DMds-A!9 zxIxp(pM7l&q~O`A&L$pJIr2yDW?^UM!=gAM^x%7^KPi4k@$9c$9Zq#wxsCQ(_*`oL zt;lXibkIi>;C8g1=0=X-1pt$Df$hgpnUHO*p1hLDMvBTkNzh8G7bnL_?jZfYKD+be zYmX72A`hZDy0ZXV8uZc zhCj=LVFy|XU?HKp4G^76(cml)Ty*EM!XN1xzDNy38eZ#JA;&?39MvvOE0AvOlyPm+ zXVftzCdQR3?OiW@bkYumFupfXExQdJ;}9zd`>fmv=bGhK83+9D6L81q>7NRasVTz- z`w@%5l@uU_f^)2gmFb(+6VS*3vO5_!*qnA;m;Yqz6fKgRl<0&{7V?l85N&QEoMJEW z2!cfj2%UX(_ztCuanpMj12k@PXRnmm;Y&^Zijh$%JSSLDb6pVqal-y8++1J={i0aA z+p05E?c%>5%4$ddyJB)`+n?~DVZCv);QedxR*!G2M!?M}Myx%i!q!DsdUn!UI9dD8 zHUYmD0PcYgN1#(44J2qZ+xd!Qli$MIPVFt0fHGgo|F4iPZR)t?aVVst`#*(r6Q^(e z(=`~8)a3i5S;f<#W#rOKHs4+YME!Knhb-R^{Yh;to*Eg#R=M692F$k@2JdFL37Rt zZXeZr;%?x>tbrr-RU-Ae-UGi)1rQ^Z@?)FL{OK1dkx!#dNs5r+VdTNWfkw z;&oPFq2F|Ov}s?0h~bYw{rbb=$gKiL1K?pT84>3%uD|ma4O1|VwLGp&3zz;4Uw?p1 z79i`DY-6I(fw~cJT;rA@jhyk@f6nVylbnH`W88BfX^?Xc7}CMq*#mQjAYV7~b?HX( zN67Nv7?r9D1bB4s=%ok?3(tR6FgAwdgic9B*8eyO2;sNOwx6yhk>eot#pBbjWZ_(B z{7Sfe+4ol#-?`XgP{i%JlGq`4Qo5;Qhu-ZYBZgoxs{N1wAJqfjbk5mli>y!=F2;AK z+>5b-_{030$UgJ3Dh!n}*=CML@?7xNL*FC@aJ2Rh7(Gbq`MU*zVvD% zVD_F}kWktMwK0Ik@CLmQ21QuA?os-)30(2{AzJm2=npB?lSg0#gA=#vS*Ekd01DU+qkP`d-RK(qvk z5l&GO+dB^2h9cHew^p%H(@+`gF<<81FxnElV-^ldhQLnGCq?<;>N#@d7+2lF}8CE7zUT#ZmjnhQx@fUu)T10}wBudnLZZ`B9>=tyx`pq6)sbf#b8S;))lBSD?O1pCk4 zb3b`V@F+gawb0rrko}F${*NkcE&Q5|HXT9Hro8bm2u@~1rqa%X-!$h>%LsUUIZ9;i z{E-@$rG}RoH#JwnA!;S5wmTzP-Zlw3nr0NLt~<>KhwB4a4x#v$Bwei0@Y&#slyU z9tI})ORHJMbXy^z3s3b`sRbJk@wDkXu_>SQ?Gv$iVH|v@NxC0;>oCsr6@`e{^qqX} z0v3~Pr}+vjm}bBApu@TS(t$Yy2L5zS3Ad?$bVnf%8pZQ9+^}xv<@0&jwFg+TLtg`NaV(eFJ7SY%Zcc_y!w^0nu^vNBcRq(X02S zy12>Y+^Ftk%EW#fSKw}h-VMZqzV+Ti_n;lrkAYX$3vD{s&)@q&In!UFwB-uFoF8>@ z*||Z8N_<&cTopX>AR2;B>ao1?JR$)NP_wklNY7DeHMA5*N;l9je|;ir0bFxI z@$-SytP!Lj0Y?sAAp3)hc)w|_-`BdjIGzGsj-em2U6>|JjdsXZb%dOFU!Qhb{rCv&=U>fre%UBr+5^))&LPkb-X|T4DtkcdPh0 zgigV>42&Z|kjpV${!2eW3bdL#RK*cGEAX(8s@G8@$LB4mbe_kfCqdj9zGCac;}cC8 zwN-9QA2WiA!I_Al@ZH>Z=xu(ATx6S%?O^%kG{wXx-diOW9aku&SW0|&{yH3m@`jC2 z!qP!U%VBkpN!eS#L&u1y5nEomN_t&Nm#Su?b-=|F*Pm~(*fqv$H~$bCLqu->ls@3C z%&ZXx za|WHxqwotVdUruUN$zmz>^$811kmk8a?DcDtV73l$r5<{Oc+p7i z#3i6HegqIMRy51e98)?pE0ju;vZGntH%e7hRE|(nN74s4C!m!mllGziEE#!z0#%Rm zXh1d5;C&N;?kVqco&K-tcOFxk+nOFE-E+97WZP$rqRb$xE1T={W-o3um9dSS@ z$;cIaSD<=UX|BGRY%Rqev(2(=Q;NYu;w9NBeRNOf8}yU~NMR8q$Ui=bu=)LE>(flT zPzzk(ht}MFBuBDKlMD>lvzIKb4o;L(K*{4!N;-+2liN&DgMCd-CJkftxO?}m8KuWtH-y zG5d22R#aN!)}B2KAh1()i-h%VTsG`tVJxy;-<37MlQWsFp)O0<`XWAgY3D4@!G0&D z?Sg%>Q)J!z%2_3BC8gJ>y1PF;LK91CTckxSHzz1Px-}ftA}K4wogXdymAbo!S-p=xTq3Y7R@GK9LOp+r)YWTL$SZ*R_RSfCzAve zzQ|FpGh3x^U)IZ$|6GLxYDjh`P^Z9at4RZfX8PTo!hCq)uvcE$x}?+k5t#kV=#fP= zqR{p0w=SOE_g5f&NvQaYh;3%P9h?x3Fxn&@WMRH?R7$3As?(-Yddop_WkF{)qweAb z;>{Ct?H`8y2MhL@U4|!_ogGLf7eAz}KKLay*HVogHD}EI;@HlrAR`XOp5tf(l}xP$ zEXtRNhV!1T!9AMSGtqc zyhuEB?A&P57l|VQy!w?fB00K0k|g=KNTpc$W>%K^3b{tcpHfy*2n8JeE8MzgKQB?ug`6B`H(E_6?E2l9H6o$aka-M2C;GQIY+}NbL1z zQSg3w(}3Xh3-5rz!C*Kl$`d!fZIX0epm(aM#jci1%{HHaC*x;%E z-4uc==zJ;s@%@)-yWrP0JzjnU5$p3hh`u>V6)?{KS2Ex)rTxdmWA7v$#70HsF1&iE zWkgKB&!-estL?=D``N~Lb#)gP-%^QV-<$Q+`QrjB`^gQM- zTMm{NiKm(?ijti?dGfS`gl=73ovn7=N~&IkQ_j|g!(+Fl$&B>$)8R*4hy){rSOIlS z1J5GMuI%B*!fpB{Q(ZQ3;?B9}9VgTG)0}bf*sP>IiN;1#;=yM8-D1rH$HK1{Dh4SD z8xfzpyQia5PskNHG`b3A{;qRxe9itFt2T*SP60#x!k+`bUnfp!q%;2gxvvCV^YLqM zNl=t%I~cS}LD*X$i6XrOXYL~;Al+{#N9nbUjW2ZS-;!wl@%csZq&gRN{G1ZStxA{t zE$wnOj@wG>A?vMb4PzRP)JYyXipKtb>xpI zoYBa>RXuiZdwEhGm%N>BFS9 zVw|h{qw8Zrkulis(sbNkpkZX8`-<(eGwSj=Iz<}LtY5eIiV=I<#!Lx=xKjeVVodVg z?;mN+GF#kR1uH-FEt>7wvoAxx%FWWXQ@tzxU`vr{GoC@hk+t4}JzMZR+sFx%1(}YHsE4H}Jt--Fdd2uRca|r9HrVd7J4fN6dQ9>Mhcpbz6yD zcf3A+sQiVi>M8b97QGKU<3t?7mMr#;W$Moycbs);aJ8BqDAK_zCdOJFcu2>as=!6J z_ilVoyaEbb)|P7o@9lWt9ECfP-vjg{{vOum_#bP#jQDeST!90M@|@@4jetE}4+sgU zHfpet)n`Haqbo*I`v#~2l;jmVMIAIJYTHY7vkp;ky-1p2xV8Obf~z}(x9TO_aA04xP5ifSBc0=)#5>d46023r%$W9&*Gtd8jqI!TTz6gX^&aw(m6a88{c`ED zoZNbgS8F^qv*)zEdiJfGSnuTw*^3tozIH7|>2#(lFb;a-tE5yN6a!Cka7;C&T>(#u z=jQg-rmo5y^q4hG8Wgtb%Dgx6B~!a7v(tdOyk0cu3I(hI_ znt8xTE6AEg=;n_C-HHp8ICcsvA56!_v6#rA?bVh0MIA{qjG30ueitv?kC>F-sz>HH zx=j^M(~0J_q93+YW?}*yh_!>SF{q7eU~{A$n=coYpFm^e#qEB+tX_33dZMD@kn=TQ zNZ}|h;9HgFX0@U3m2fZZD)*%?KD(SbPoMs<)|iul_r`3dblH^PCT9+}>C_}&AWnT$Bw@&(;hde1+tT!es=FgJeWT;eogJ*ul03h@kj7e>Wfb}3$=5WD^eJ}s$p?)r znu}wt0@1{YG_2!~&umN6y$zksWA0L#dxu*yR-7p+8rSamj3;@%Kfj4va~QAP6}n9{ zhC}y!_~;R+Fu7>ZIqUpmd;feb^4)gNYnuX0JcSwphC8zPDxoc+i^+Qq4|}$VL>bWY zgX;&|=MK=B9*DJ~)c?{@rJdEE=wCDx{;q3tEOMMDNADt+W?sQoKUF|YvWD@i)K}lL zw7|f;duPaUgm0T5`Muk*uRIt`YjNj z^yaqppk>+D9952f0hn={%_+kD+O)R-Q!sA=Os9gi=hm{cQe0_Y3Y>MCKlWFn|U5_fq?u74b8Kes$dG1 zuDBvA8Wy^|>pU4YiPcGiMGoVNIeHa}6KP*^RD1pX{j!b5j(B%u4fqjOml*BmJYfV= zG`q)Q(edNQ?+z?RaeG@4BG}xf^W_`|i@MF|qaz{=6O(H&+fsV>h66S5pEhIpSK{;3 zvz+Y5st#4a*pEz))dj6Fp|*aoEsozVWlwhJ<=OO?=wNaod*G~A<0YBqHqvwf?0H73 z_FrceL?cmVV1m!%u4UYkefgM)OFcn?ON`7#0PSs)W~*HywO-SG65S?fskzHxGG2@f zN98x?Xme4W6Z%0oc{2Bi{xKzna^TfCO`mtaQi~(ifT{x0SbQrU?_{eb_saPAOlbWq zcpT%13+@r3YmhANPe|?S^|t*2^O6?NR$dJ0%hcqyN*8L2*OeGrpG%v7fs~!QPsnAe zriGP#vL!8SliaR!++QN*+Lv(2vsKt;iD(?IRj1|Px3OKdl4SNN;nmQPAq|(t4R&Q~ z(#E+;$@gnANloBj8vlqwp82ysFHvU)4N`!*Xl3ACGW(*pSxb=jWH3 z_wWtgy{mg~*Tb$qbecCW(E@52s7=R>XR&WjM`kb!Rq67+l;-p%KnJ zSkSUM>%FB^VBS{jH{`xDTO`}lCb3z_Q;}^{EG+Ivzu5|$PdhI;=Kjd&G*NMc$U8pV@f-G zO8zuI+Xegid4}`%uI6G{?PjlSt%BL`|rG$+>C;P@4806m$Omg4a!zArB;6@#o zU!HArk=r2OkF`>eg5CJ9z5~a-nAH9OJx2pa+DonN`*+tnmuQ&YH4%zES?~6`fS$cL z=Xon6nx`#c=EGy-F1&gy*9!HpQif`z{2BE(0s4%KNvSvDxgC7o_C}vTO71yDV-{`f21D_+brTVGi#b% zCfS8QGIY`fKYc(QA`Bc76^QIFrJ6ld&v7bkGQKS9-q0Q0T&H29%U=uhc0c3NYO#7h z7Vx9)Vvr@wssZc&45oNQ%~*`FKk_oiR$JmKW3Nd5jG&1VxiHhNB%R_ecTlr2jGk?c zLVE3LC{M+WP)5;W**fXXp9T7EtEOC6^~Qg4PJ|`ris`NOEzfjjX)19MY~OpYe%D+h zMk-~qmXRgK6E@~*wrvwX%$&P6fXY-LtVQYA-o%Q}MTmuZw#1YOZ+9CA+fKV{l#1qA zHAitXxUKM6)%fot|0uB0(I!!{O3Zl_n5xIYX(~@ zA!j+p#2><_8EIx|{ZyQ$fqQG8!Au`L_GHB11H$UO=-3H4T%J?6ZVHU6v;5i+ertFG z48lYP2lh4T2#W{tG5FA_<5+i|#kX6}xHK(BcT?PXdw*D?ryphp^~T$;kB)>p4hPbi zG-F|U6Manq$D@!C)ka0pEcX&y4I(afs(M{cJ1wJT<4Z^sR_xuzgn3dsJacK)9GiI~ zR-j9Wy=Sx5pCV(iRn&?|aL=xe8J~O=t*;UNDN)$EXRzzsh^gY8x$cs@wdEP(s+;vc z%?Hbu)}}j@vau8nrq0JbE^N@Ay_KGJCA=#uuk!Zh!7(ROx&YA&OH!U|nQ-oI!-3;D zqI}ka(`gBvka7t?vVd)6dvqcV{UWVrP@oh?!Te_+JZsea?LZY<| zJ_)0}C!b1rTNNg`S--TM`EoNqpX28Q9sbS$vF%wz#GS!8AW>CZc{SO~LaF%vB12&M;p3IWM0Ia-1}kvymmRAH>McP}a?dA+@*BzJ*E&+&mSfWdgEv;kk4tX7rS5t#Av$2^nfsKz z&|~GbQJ3_nr^MEYsZrNP8Wt8z=jT)fE6I7{NUVWq+l}pt**EoT>@i-;QnOXg0p(5; zPsE%C*5|Cgylh$8~SMZc!sOj)#a0+)nyrpU7M z%WL=9n^&(=f!4+qy*GpLJhmfZt9a+Rs!2!|jBz&vhku44eZt0Tg)Pk6n=5z*A(#8J zzn$Hg9WJIq70T=~J`{%%&sb%O)zk-6=)`buhJ$g?wBOVHtyfmbZX^KO7xPL0>5Td&js+{U-z6LLoY@m{jn zH>SF)C0_a%<}E*FuU#cuZM^Usk$==Mx<`(cjq@^#;&$`edWuT>Wk>h^wTEm6G1z^z z4-&^X(0KD9J8q)GwXy7`CeE&16k{K`(A&#D+;i-|H%E8YR#yonV=y*7g_jdCb17d7 z3tLz{W`Z=&oLXwZJF~N!Ns38Ta8m_1zi2-=&*}TM@SXxc8_|;(bY(n)yjFNb4Kp+*HXK%_NH~!5J<$ zC!)Df7)2N9bvMlPEd=3lFl&2Lzu3Dctd+>(MZB3;33DT5dic}G>NPWTPdUg_fAF4J z>K0zuS{G3ID(x-__{%_Pe)&r$n;e}Q+$ zu2xErx`C6X;ss*kr;HKZ8i#QKtiGXCq9J${T1k!Ta#G1Bf+@K8Ij`-bVE(#qF1!FI zLs$~U-{M$PN)qB<9CdC?U>{{+X0{FNW^xzw6n(y0kOx)HlSoj%)NP;&?varBr(;#i zYm9LVgC!b0INdPTO4pQ2MV53r2I8WC{npS6ntcqIZ`(2nOkiG^PP)Fh2%}V)r#kk1 zsy>!B1xEh*?tKSeSAVyr+{$lc?(VYb7qYJx)f$6Ha*9RTgL)@uM#9K*O04{1>MV)| z#~0n3zFqEY4Hyow7mx^-5BfKXygqJCiL-YYX`Zwib2iAFOQu@0z+qx95D!=i7yHex zmO+3j7m|;o_t%qs78gK=XJ&Br|DSj=rbA^29z)5$f!oC83{R9B&lJzae z0SYw(_uh8z^1BI7ZnVMNw}nZ&z!iT&n0_o}CD~@KR>2jlhlDtZo>1 zcNVlsrF9#)cb=z_O5>_vtt6Yk<8s`SE`n5yp@Q>ZnEJn*T< z*3EF8S>3mM$Er8ivRoI(v|y;{y!ZNyvyl6zgtHf13e5Vg`b_r@hqFlACdObC%XxK* zTU>=j?|fzzRQ8+|O(d_!PC3s?jFF>62YTuzhs%5&1-q!OI-`d1t}A+;+nYk0KSwCe zsGOYQ;FZ`QoaoDUNTV5Znx2_fE;Y7kjHhJwa(QZ7IlLF(#g_e#MDHjYP)HGcmL^Es zBv%risH&JK5-1KGDz=sUB~`zD8k6j3jYsN+$8q>%UJlh<*@yQSaPv*<9 z>vMy(Y|2m)9A#NzX=<5*1Pj zR7n64s{U7moDmV~#&&`TRe=Z%PBl-12#FzRdckt+GYP5yX$0kotyDo|(bnH6y}gm* z>%Z6P>qUx;i@}Tq9(bxF+xUcDjn86fGTUVrY#U1}f)A;e*p`S7_D%Z{#$GN;d9GX5 z`s`Z6Cv0cvZ?3_Os$UbQe#93l^M?x%Ao|XE`d$GIiTA`ixuSCW6N#1YDVyl3)l>I+pBnyr^4@l7?O7#7T~gXQ)l?I`RiKr7br4f%Fd z1>$u^a7H9NNu@~T){woMN#iGKfHuWP2IP6;dEH_H{pm4b)Xai4E}zfQ9ly^!&*`Yb^* z(Tv>GCwzROA=Tqvw(Be)V>|#RSG$FvMyaG~}RWpjZMrZf8~xB)F@OxL|Ow;8yW zu)V1yoT;e^(^3nbt_{nvOvGc@Z*g4h&e73~WLM}aUBP#&DoJHnCPF>vDS<$RL3Fw5*u;K@0IZl*6wYIjyNX!9SibO)s~{1N z@~Uv0GfMQ69?KCGY>er1`#Jq8gtz)CrYd&c(cFKasi~w)#rfT6-91*SdD(egR%+Xj*XYfqiiJv76KLBLdRVW9DCe_WtBM zdGhU~k(1}oOM2Nz()>3+0scDbJE}$OD@{m(DkbY^Ktwb{=y7}gJ71V_7&XIi0j5=ZZ}yD_r<{@9d?i?kxL}E3N=>OQp5NJm)vYb#-bQ*aX@( z)Yl8mMZ3!1SNi7hF0@ zK)X)V`tF__D047_abR1YU@;HYoXL--YYSUV&KfyS`DLmXf%DXwD6X`7-=WuTQG?$< zvR1}!hl=9AW@{B70Yec6uSlnF=es0E>Lux8_d!iYs;I6U0wAw9No;+$cc;ESc=BEW3p*( zdyh?|3F<6E20{x{%-7aM-ffUpG}WcG9v&L14iJN&Qh?~x&*~AyXFPh^2o$pL{iDS& zi}!~CjO-Y2K$bW}7kAQSZ~OPg&#m8K04oTQ`3P#y z#MU_OnPTFX{*<|*)C{$Jzm^MB`zV-r2!-RgtCTp?r#D9T?pm}shTn8!N8#t*vkPFq zef*op2B-nXR1QOJoDAz{6uNGowp=d-TsW}uA|8hZK=1qsYb>imnzI^ciWZNJ&+cMZ z+nndXT7p44??Ol}N+7E)!Ql0sDVT2WacAnzH*Wk1rEEno&vxpivjZG&!+vzU>PYJn zt|vbZd`Oy7;k0^+(kY%C{er&zaTnqmfGKxAJdyIY{3jP)=zj3A$^HkxlKH7d#M)?Y1Amm5?rTD4BVDy959c0{;yT zWT={PuM9fZXyj?7@MEf8HS;u|+lBkOFs1{h_r*JbrFhk8amUF!dwwusP<$g{EYi7h z%$_&mMNBuuoSIG*39n_O39U_-XIGIk2=O^E6$Fv3iEmA(>!gLPt;}H(nIW;<&$7Gv z{{QISbEhKWqH$M#)HRcBd(!pmO%4JzOPpRWu z4blepg*SWPOll4(s1>8wTr_(G_U$N8nIQ<8DH8PGP@^a#&~=MP5E%#Z55?C{V{dq! z_YD8Slg4s2RPI{lW{zEoh1BmEiR}AI6D*Q$U-#E(vf-_G$i-TS3&Si9gs|t+rgU%yFmKp;Fh2 z!LHN+WTjZoSk^TT7Vj6Lc#n$~78V+>2NHU=K#>CS7%%E`PH|1t$`)Texc>)MTh&{7MCufY8yC!?>*EO(WOea; z9=4h;cc_-E@iO1#$C&GjjC6VgNWD(*{hT$*R2^3t6u*5bDo&wv?foIq4DTAR*b6Q- zy-yYPpF(3IuM{Zkyl)qfJXj?+pV9<{U%#P||H5d}OJVo3Fz9AaVv(oXU%IxI+qbcz zk@kMfJp%Ys>Rg&%zTwA4Dx4k7OkyBkk#!28r7nCRz+nj-A>3fi#4C=G$f0tV(9uR11FPvT{6>iAfZ{Uq0!`h#3IOdc15{xCg;s>%;WYO7mmDS|*&K~E%UM$#;R|mao8*W3gdwVDWP?uk4

h~5n1#g=8$?mnyi_E3f^-$;?gBfex`E@!;bYkqwwAJJDHgATf1mui1m5qyf*m|D zlm~(NW|70!P!iJLltt-k-U?QaTP~&Y(PzFlR=l`}EXTJJ#A5u^+m(N5C$%i7V@AXm z!(%4IwKJM;Vx*rcga%TUnvWXCo%eKNGy5>6A-Zo^ToF11ogm*7q+}pli z#~_k!Fg#_v7e)h9Mn_~fEp|`Vwm+iWs0~wqgeMGvX8n%PTz?BuJQ&6ji;-RtQm@lM z1EGk&(ge~c0PEvP`H6i1%1kLQ9l2I^uRtO+Ed}WQIRrG(uXbNY)DIWk7xfnf6@&6% z3K3o3w=RY!Pa>CQp3<*5)?xcfS20Yymrhr&c(z?V|0)mXT3jnE2PB)mqRcGEX4>+c z>l~M_&~g)W2k!fDp%mGHAJqM$w*6cnEm@aOSnClc`q_sWvAh3~`F`YP>oxcCk$Q20 z0yAdkR%YO+TQ}W4&9Fni_7Vl+@_)G`h~trz>u)yg&X==L+XW0a$X?8j9Oin;Giywv z5|+20@(!W%ld|T8JvX3?o7d_dA%?6j_!dmF;y@WFD*{({XBje;wxevYiw1O%!!?+r zTw?R_;eadPF5BDK1+OzEe~yrkYcGOGN}^f?{s}c%hwObR(si{B z56?N>riIl=BVWo9de<}-HQaUwcubl#TWdOFbRVB`rX1i&&pg0esXRP9?yWoh@mW?O zc#=p=WH#NaX>FZt)|Ql#m0PZ&o~6;cPzCY3#cZW(UkRorQzPTW+R{{p{mA=VYc2;i zFjuY!nL6_RuK)R}M$%X#Vuaz+9ee~|CCkbe)mPMa2v3EkN_A@Y*KNPK5**gp>~a2m zG92nlkyi2C z8ul~U4!PpvL5(F%(IV|#;3gY_Fwmr@vmBAO0Ni&Wb%`qMk6Pgjs~*nSFZxzzn8FWKcT$60GACs z=TBsme$JmB02j-U1uo(8gyWbZSv}SQC~w;zxp=1*##&9SVS>Bqp6=+pTSkGy7563* zT>Z)F+u|g3pnl@3H_lTI0^8ONeWwe=6uIzBofYOx&AcRi*VR`os$-hjx1PH$dbRJS zc%-JR96^qiMXFqIlpr?bj$MBXAV8Ls4tNNS@G?n0PL3EdT(VX=itE_gDrENE>pe+Z zWX3_s7;S%eW4Om9FqpPIS+Vs9J=Okyc@F5(t3KVK{}rm(#X@E``lbMorBM-}=SVD5 z3v}4f-d83ESSv@w-~UJ&K7r6$Jy-F(N0<`r-D1eQHd`6>6_J;M;g=59HYDts*$dKI#IA?=-jpiza{ZD5Pix z^}cPRdH?;r`}SnWtp{bw9>ponI9ukS7!q#Zj-c3oOgc9GT1|Go)aLQyEdfLEIyJxU z=AS+AvD)J@_(NOC3@Qx#4nQ${DUg?9@C&@SPWop1f*Z>3Hr!+cLS@E9*yT*9|3EXrTjr zL+kUxV|&69Th5UsQA$vd?c6CK%FqotrmTl*fpuJ?^QWl5f67E|oh0oz`ELaniq*X6>FwF4KTom;QM60Wk?-r z7vAEAv?%t^L#i{$M>$YnE51~A3e?0?4+Y<|%_S&rh4qr15BldUm03Z((cTY@hYtt@ ze@gFulNy?p@-=+R?&2ab%p;Jccp&+4a&ne$1u;6R1|M=G)a}cT7w{wCtv*fnc6obm zwu-Jz7qlTP6Hab!b?4=YtTZfhPF8=RSl%u`kJkVZ60-kdGJ~tq0d8Y=Jf`}>QCyI; zKe)LVr1mCCV(MSq$EReER8o;za5#0)iW7^6jVCF2br;oSlR|9*iS$IY@OdwRo0l6d z3XhJB?LY86QqI+K$8>@>kVcZnIGE8q0M1M_2^+C8fQV!UBiO(J3Q{7yKonGH<3`t5 zb@MDu^ebHqI;asoJD3yy34p%W9+0gE8^b;5xuWbi*Dlz|T4}8AAiIGe`Ace$VGmtu)#JlpfV=Wr&{ziVgV({7gbQKi2RdFj1lrolAd;8Z0<;Y^v{1 zZW_0J3@7p!P6XIbzU+$skFW2Jr@DO~FHvSGi6|r4Aqm+UsAObkhD3xUdv#kP{0`w8UIDA&xZYgjqILR;1HeXxESS7o7@3s1|u27cBuyTAsw zCxFN>-!8g*kP_*L|B$r~`u?m0l+gK8bI*4UD<$25>XpIeu`|{md5NvdmLcZOdGh2X z4<5a6R${c(y7N>|u_pAf*8P0TbK_?iR1#iCiV~qU;oYF>$52Sf!GNp5($|gQf3dO! zK}@55!lT-uw0A`YEz&d^m|Knp6HgPz;T@cJ+BuWTpLRMbMCQw~4?RD8)KJkAtt)c@ z%;eVRtG^)+;QyEj)HBCj<48!!kp|RLNqS!j+R?6q@SrGGq};gHa{N4QV|^w0c0+h~ zv2~`9W$)XVu|{z+qmFghV%+VB-PAQb{aI_I5i+cFK5mV#(s(+Qe)Vo7e* z!5KUtp!%Pg>iwZ(fF@Q3g|y3|TG*=`iWACsQ_ZdqLe1QNc`x)56n8GgSakFTLcxY4XaL ztAVQH{mWOy-e3DsE5s$?9;_H2nf2n)g~#0I-o5jbZ`HW`DuGKSJJ8erQdhzr5)u+f zWd?JpCB-IjtWNd_Q9$!54ux1xW`|h+VrDra$%q_X*f9UTeX>0d9suTW90m5L5g}bk z@2=1$4a^th0nh^3+`^1wx_}ku#Uo0`i(qE-E1N11PO^iVc9$@%1wd&7pfVQbA9o?W z9>ME6pEh07UmS0Ft9mpsdd!K4hkxq?8{Djx?t%#1EDZQ+{hg&ZcX!))+}m8^7bPQ)FHlo!Vz0tt91nx|kwm{a4Q@&P zYSM}W6Wx`;DTzoU?Qbj-r~;r+U7GgZ4>Li0EQKg4gR_Z44)U0}xqI9}9h!&UdB( z43uf}SGszA_T#-iAT|S@kRrSvfXH4Z{dV)E9Fl2$5m5~F@8aa_N%Sg$oxB zA3l6*eF(1y5S~7H3R}IYVK(rT>PSVpW{0YsqR)ZvwJ7O}()k_MLJpV*#F8k=l7abv z3p;E*$x=QcyE-2pbpmq*8t?MQqR+1zO2> zZH|gQ`GYy15W!grFxswU*b&~8v;+p%0|b8lt_4`jy0E%GW`9+Fa^iT1JW)+eXSEXn zA)O;f3C}&u_bUo7i?#heCHn`FcPJ}*F4@a#L96<2AfiqYfbWR{ylRr&^1{$?@kr=F zXY#KY!-Iu0^}awsomWAcrgukWcUA5k9QOE;{@!?E?gbfVi`vt4Nl|Ov-V%nZQe~VS zs~4}fUcc3o`BV4Nwl~)Z_Mt<+|5H2`W4dXL+T6&x;G*O^XnjXjQ;;hxPx$h~>1gST z4~5#5@^Uxf$`8CSag~Da=SJLBL`?Ab8~hk>?GigC5ARkYhK-wqd*cpklxl`%C#oopf2-F}>|@;KiU;PW9&NoI>_FmeJMcGABY*5G z9eUbzqA2CM_i5KyiQ|NH1nF@bIWg;UXB0h^u3k}ppyuUcZ#6Adt;&g~goO@)c^Meq zpmFeC4oGg{JpvK{HEl!(^%#6%a&?{@@Q-jQZZW#vaZT;swe(ZNs`ib_L+_d!o0_fO zdB$0slZZxb0Z9ZPHumEWpKafi9Xk@t{eJ8V$wWd%`a}wwA#QE=3eJpxLb5-07mxM8 zL6B%%tnqI-*|;uTgrt~RV%LuMB+UfgJwIj9M+Qo4nY1ji`|Gb?Thw>DFK1|EiQs7I zhe)R5iR`E;J+!2;XE-Wy_9TktswtbEMsviuDJkTg6 z!M_I~b$TT7W7yKQ)1?nob66Ww$Ea!E^jgazIs-c6Z?~QCj($$!3Zn)eS}L(9&EwxDBwxxV zreGsv#2hzu+4*@CQ~5-V^!F1k(&a92&r;K-&){_PAx`&rer}H^;h?I0gT~NT_Q-Zp z>(f^a+gwbJ#=IY;VBK6-AMNmD;lA>^dQO~K^39LOr0L;JyGmO^&QJoEW(9+s*b*K) z?EmoL1X0<_o%jujmo{fy$Dolv;&jQxQwebv)ZPP+dK?SEPUV7|QhDaj+LpKPNTM|* zkl7m@0$j4?nh<|qy~>`1Fb@+j&wf2g(_qNB|3-T{b(eX`h0kX{osryFI!_vumh|L| z0<}tB@-@o-SE@r7`NmWJlZ}hgkJu*KE`(@5{Y|u_?AQe*?%bY(KGsgj<_5}n_o(jY zYZ8G`9Wo&Fct+&KK~E(Gc}=J;6iiYT=$VWP#N%_!42Y%qrTr>W1pNmgAa&e919ai) z7M0DA9r6m^jL-iXlexZ87^u*XLp>8JiJ9npa>(v**JAyZpNb0gOo)^N#~XZM zWqjLr7lAhoZe>ip+YM77*xbOw*T(8KNESREe-yF!`(^8`9K8B--7CXuSY|ROG{^@cjJ2IprrzYoBgtPN?0lk;0DHy`mam(Q$jxaXRX% zNOA$A=y$cxe!8`Ly{nTt73St5gSRDQAp$xQBqYDZ>RZ3)vS1sUQs37d^g)lq{0?Sl zjFoNA$$@xcT7I9#>XLFA+gi!hJ3kW7k@QCfYpQ9djObpQqM z%7;%9dkn3zeNBFl_`Z_wcuJPM&o`0wS1p+IE1sU}C3Ww_$BYrKp!`mN6#pE7k_^)K z>QH85G|Yx~Jy5YaC=y#ui?I#k_9an0yJTKg@)-vuQq*3w#jAnCYcuB&dGyL-7az5r z+8!~XxrlB~{A>zgBS@sD$V7}tYCvw<;bG+29RLZ3(&VP5@6$}Kw^CZc4E zf8>%>iYZh}|8?zhP88TQ7PV!-<=lMD@iZcvbPdTwwBIy#6Hr)<-Wi6Cy1F>+RD<7st0Z^+MO-{P8Ba|RipLVS3)?aFFQ zou=7bdwP4Qzl=<>M(*SE%~Gccp{RhzIU5e?=4}sThGi9_4nfviIeP!%U-GN$b5Kv{AIH6Sh#I=_fU2E% z0j+$f_w%aGE?+Oi$0w#|2MHH>~%Z)SY@YGrKyh?XAg`y=t z$9tR;d#Ue>J1HME7)|;am#P%51`iCkx-zr!s)IQYMOTOLB9k&<0ytGwasrCfXEm$u zkF;jHiA{JktvO{ZGMu|N>M~N7Y+M{LGh%OM))o=T5Ho<mL=H`A`bnVcLh=~m>t`296>6t3f1 zl(Y-)$E&ESLYkQ04yw1HjkYU%1A6zgp{`FOT{~XKx=;rC%j;*}A;WhF-%+1CNR!BE zyJ1>N!Y+j*K%M)0uZ%85@Xs(2SKM4K^K`8Gwu^vNNA|lx}Nk{sGXW9+aca9Hs2Zw zbErf(jOQ}thMIY#V&h$&sH=R+KdMDHGGf0NA>QUJ`oIJCpxB#W(nNr7DdM3dDd)a6 zTT6HP=0p3L{&c&Ej)|3t3{@4CXGc!yCP4ro6|(M2F`(gT{MlfuW zRc}gOzT+DzDk1k>MvuDL?0w7doB$T4N@(M18MUFW7&@N0sVD_^Lxrl8aA%o&)m|uq z(`4~E(Dd$uj&V&=RiN-8uciay#s{UDG*MDvJRRK%H>3osx}crEJJ(L;d5uUTOoj5r zpLYYq8BqShpyS7k#{r$keVs7=0>Xsku9BL}U!EwP_AxyOYu{h8MN5*D-Sy*Gn2{!q zmLuHJhbU<(jGb|;-HUZ5<#XUcdCv`70luMr0$d~3iK@9HXNhANR`Z8O`=e)~yxYE~ zV^LEPcL!Ym%@r9{`lVjVtIbo2CII%KZ`sp7`lt80A zNSvWa?UEZ@kQJ3EW7-3)9;qf!1UsxCd}kGLQ2l*Uh;dc!Wp$EzXNDgj+{L%wg&s!AysN zL)7Omz8I1CS)@qPeRWD$;`IHukfM9GECB}2(=i5!Br4pTs!>?6UH&=ea}FxW-`E(p z6~DC)YN7HP>%z~M?j{uHgY5L&Xk*6Z*oqsRH6n!XyfE^z$pe83<@iD#wd)9w?k?f5 zbY{$3P`vD~X(25~?1%&>X=Y1v9~eHu{>b*=-dIA3hPaA1@etOwYP1Sc{j{TVRn`hP zp%bWi??IsW7+?KEFE2tKtt@E>Q9u`q58JiKB!<3XZc$ND`Odzyr_s?Fi7`&HP|%nH zy)Gua@|0z#k7M-VO^TRHx{++x>Q;Ung?$gH-PI}T>EU*DqcHFVYzq)jOm&APLhFh^u$;E6*lXGC^hJAZWmK>&OIBv)aAnF32##Z=zscR~>5mIvtNZaB zBY#8{O;0~IW?zG6Sv-8mh>-PGAwYpL=wUMcSEPW|dvV~_2oJ4{w|YYm-!1;Q{%bE8 zmO1h&U*O&^+(MH~cZsFWXc>J+W+L0dgsF{I z-tEB9%o`EQxxZ<=&7Y}cih)&VD_-{7*OEMW+6^9ml6>ak@uxu8YGSTMFLN$pN8qsr zFhi-2&mRw3(2U5Sid@1?x{|nW7H7p ztXl&s>3QOV%YLH%WeLz215)G)T zsm)~LQ&WGmx8U4 z&_d@WwR(oVGUEAQgL=^|61%${iiU=Ug^CI={K{!-_|=ZiEzrDKQyJKu#WLJdnqi@@ z8U~ulrDE=7l=LIb<@MXMmM%eNKi2}Ph(CvMC6oz6FlOLvFkak?lH)CyDP$xcr-*UM zK>Jdb$4sCj!g4Fau#iDoDfazYd(ictp?svQNB;yYrwc@wna}(A`T6_#0St5zS(8ZE zNKrNRJ|lelZ*%uP20_#*i%18>=zyF>oiwc%{&FLmO-i2FJSW}GouV@McQ{menw0RJ zzPxpf_zt1;*Rr|9RW3!AgmmIO(^3=bb2A6smL{}QF{JTu`30c;L>D!vCHZZ%KAZq^ z<-4f-?F+~}yo%rR@IKx^;$t!U9rg}deng_3yLO|Ik`v+dH_G@h%knFql!4({7P7Qu zZY^}?*C3)F#r_3z-3onU5^M^K&zTcx&fKBA8DbsNI|2(F3E_5;j6% zXjS}~=Az-EI@jWxDR_ct*Y14e(NiBzJ$$H11TlitwNpWWje=_c?>dfk(-WXlTe!K9 zYw98%QAl|GUlsPm1sWJ%)`;BknSj%4f(j|AoDhLHaxS8a_-sK`r#0ly|HY9w7sTm; z@8{4GFd!cNb*m%DeR`3Rd+8-*BFkNnop^gP>YU95!@)r=y_6T$N3N-Fkq7U=dk`Gk znkgCwL)^T5eYqjEc>etPcD`+^eg_;gBx_l>9&4vqvZ+;dYqX?5zKKzBmEJMvs`LdNeESxzR4oEUi~p6@adV z9brrO5D6^B`rX})f<3GibC;37La{@b6YD(Q8U)!Q9v%gV$(&)|15GhnZ7J%u2#iFg_(ED=Vv>YH;0FQw=ID@z04aSCZds_iu1X3(U1t zQ)oaUH$l8qX7_wkHtVkt_j@?Y#N+*YM|p6(wsM5MNW4QLqaI=FUzHh{_yvWnQLz`W zAh54qyQ<=<8%Z5NzMo`PMg0`Wmqt=T5wRyW#FyLYV~ms{m7kuFdGX?V0FeDIi~4$9FbjdtmMcqyy5DQC!GvJ; zPI9uwWf;BdaZqc$Nk2+-sm8;vgb0LGxGnBCxeJNxj};aH!=<2iN#`9k0fmsJdIKv{a^#^rINztcN4ky-vz4 zGhl`IuPqw~)9^36xl{Ajok?a?VFUbTR)*To)wzJ2il7Ep_;~Ax}gi zga%UJ zu_b1V&2Bl`{)5gAghLG;`}Xa#r7NiwtMvTq^3oebqdWsC@$?Ql!g*zrM!8JnF&-c8 zPD4%5AzAdRZm6PR;9`VRUC zS1jdth?Gq~tA2^+$0ACmJe>fY)|rA9iUd=oM2lx!!*0Ua{$-@}qvJ)9*|jio)(niU z_RX@a3nX@EAIcK9q9(=IBo$%aj0=nV{Lk?eoVa`4$L}qx1)BFM%Ws)C^g;(gbgsq#Xa9H`!5g_SAAG12*V1QEUcU5~}h}xW;{Ce*G ze5wB#J2OohgJKUOnWe0AsH-HA^v*O7Ghe*3+Zj|2plTGiv-hwxiKhG;ul;{@sRRz z44IPd4y#G#o3h>s?vAvjQyC2r3su6+>25YsP?+30VXeX}8`(xOFf$uF5@^+nO8=@=T=SbPw6*?5Q--*kIjvC${?!8kvl z-YQ4*&;Ce&h7nwX8kRP}mT2ONFl5~{tjP+5d8p>H@yf8?h%Ia8qu4CkeZx6Y#5S8< zesw{f*AF+;Hymf-Ya#E_+_Ho1ZM36EN$YPE@*GLy^%+bI99PBFDb2x#lyK{i1okG1 ziUZ&KnHc~lEx6X5moQz2TlmrW8WFp`0hM2M9>~NMStjAKQN;d41ZCHApk~sE!enaV z^_?msvzSH`y%wYYIru(tyYcFv)55RUrWAX=f`IctpgFZZktQL@t1BGG>|79auJnqEqzR;b}>4r6X zyfV>TsMpJHcvE*^u=_~q4C~HYwjU)eNJNJw9l+V)YGOE9Txu2KRyAx_)uvg$Jo%g* zmH%B`XR&&YO!%<7rE*iyEGIK=l3Ww2*tgahz_ZOcF#TE=U3I7m{sUyNTtMi|6qY$e z!FI(nJXv>#qa7{RqY-Akz0j4d2PHCJS!(u=x2KIs{2J*0`%6Gd{^g!+Vn&UhExqq2 z1bja(90<9xFLw#)p54E%qgk8MusXCXQ%$*s(T^G$jPS{~I&b}F4F-HA_DXqa^L3^t z*I+dMtwtGjxMWfY5NGi<%EbQz|4 z^p5w5yaDCm`c?SYxwiT-@h3-tW|JZuB7MOb@ag_!nsR6ZX>Ep1#GCpa|_nb}XvMwlgkX7@%!qL=ST0(r%jelZrA5 zJJ8%Z3YIM&$>=+p$vdE}HC}VD)TrjA`-qm1tp#rV^@HH~Udpv6{ZU4v4-7n&mM*F9 ztUqCL0>=0h;phL82WnwwmM4(qc`+x!_qq#*$-`l~L3;nNAd@g`mYfdI46npK_g(Uj zs3oo1TpwIre?7l3k!94^YmJ++uDY*=w|xz zW#TfWF-Nm-N>@?#Wb+*|{X_#Sw-KQB@&Mq~wf+XO@53w^@G3u2BKJ@_g-BORRYI~F zpAwKeHXPRan#HYe4!Y=cnrZKu3=e^U`VC`u4-Pj0{W2TtHKQxD^4O}C2Y&k!DHIH- zxY(rsJdH^ZAenqLGX6|7Y#mFNDXA5Xg5- z1<@D`=xRyRZgd2>dnApRrW~=3ruSs*&zBcJtxjBa#5RllH-YRziIWrvkKXBaRsd1v zdMNP?8@&4@vZ%vJ;QGPc1nQLc4ATkT@%$#iUzCFSKwOgN?yxqVYeeh*H7nXCm9NTo zfbnYmY>63jozS!&P3T=Nap5-xVFe!klxs50;yZ79D4hyu(@`+nO~3=YwygQ1Xb_!- zw|bAXAWL-LzckrTD0#?-v0K3E_<)o(A>)sZnFI00Yjr}Ca8@)$g#qJ|($Qx@mFj<% z+yi}#!$GQ27bxDU0e!?jQWb)Cn*%)>usHS{Vp7%t`siNi`MnbG_Z5?1V-o%12fm04 z)l|NV|Mk=yNK#-X>1>-hzE;V!7EQDyP*;)UyW*NC5=a$qmyfRDH zL*+aFUk}?i0dl@C%5|!av!$Svg2x90r%P?H)doM2l}3M1^BIwZve)Dfn)v`O1)hj+ z$wEdd$bWOd?%DYAfi)wiNy!IiB|XMEzk^ifr8v8@eQ2BZzG>cEt|^^;%t}uN8!O;! zTUs9)v&+-V9+vCVxHgLjGNK@cFM`vrP7%iR-bwzmweq2~J-|9gOecyJ%!6OVL--Zh z=^J__8Fu=n^0vvnLSQ&wc3O5|v4Qt3@aT;;GK`F~w=XfPQ2Aa(cNx$o8?vLWjp0r3zen`E72RyKv^-L;0vwb8W7DwJRR3 z?s#kfcgWJ|b*qZ~Y;FG6W=L1hhc0n(=VO1uV#g5SJXo`ftf3^1Ss%twFc84c1v_X5{w)H9S!V^Ds?O!+?-jSNZ0^)BNE~ zkGxYb(fAqebLnv0oLvVco=x=&?;1DTLfvN9Du==bYbnMV927rqgbfnWJ+ti%OY5QL z6ZFQ+-QRc?mw5<};3N@!*TtkP0&?;5_Nq81pth!-4-4`S%Y6x&cyt+4^CyG-0F#zf zd!h3FkAVAis&?$`(iJ)n^xIkX0|wuYm|d>1F+hZ-w#M3_HC#pCa8Tr$AK|AjnnZYn zPIKs<^#e&_HCeDj&tzz@0;B7L!k-g$a-(9REZ$#2y*U=f{icCBjJk}}qc2xe_5V2d zW<&e>?4)PH>9ukzn+}RcXC|1xD6cm2T6I$MkyUiKQ*wc(_>Cn@35etUdr?2hB1P>) zH|B!JYCowa#;LmL)kjK-i?(-!c(8CI8~CKHz!3nAB90pFGvxSKZ~$;1UsE$?Fc$ytH z>vTUI9o?Z^PAdUCEg+(^_3X&GU>}T2jpguaM*?Lr{z5~{3FJ^>)K6GU8&=!Qg&cYh zoFGT`N64Wi3yu3`tHLy@>8;U>EUS8qOA1Gyxlrx;A9%~6?8NrhOcqw3UQ61oH{4I| z4J4l8QA3l_bu=@B!<}SHmra~w#*Hgg1mXSoS_U}j7VIbBaK(KHHE!>XuWV+g@Z+=N{+8Yzoj4ckK=i&b-{16y{P2|{V1@jA&>FfIxb5tf6k9y0`W8D&qgN+3SZc#$tuFvsCEFlg2o%iQZY8Fiw6G*8#=={8lG=p(8UE#wk15-r0*m)oD;ZdlRxK4vPDebOK3yVx zu{!vg;Ul6{hYyh<;PsGIXx8@f;+_2hbZWMEkjAGNX=CCI^qQl4D^wtbM7nS;gxJGD?mGm=MZJvmGiY=WeuDGD^=nRuz`(hUY3OnwC=~d8YRbb z0Lv>Tp6A@V4LqCL3Xq-gs7u7emF!03{-FA=5cm!_^WAQ;z?~-Fe59llT*q5{_6lo? z_y2%K0HsiTpjJs=gx+W75EwGrIojGe+0qv+=6N@!Vb#6ybjpbO3ve2tXQl|+*0qRI)t_!$n+J{7OcVb5VZ*)fq7{rd3LiPLLRu13zfHib}% zY?A&jU*0-@b8ebt_8WI9SvvVl4=cmV@G=BJBZ@;M>OFC@nKd!V;GWGlmk}C>SaRc; zyULuPgsy(l7JdxOaU(J%8nFFjKPaIG^;be**RC`sFn@s0Yw$qHtfJx4fRn5C`@*4j zbZSQU(U&b^mHtVXHz{&R%3Y)s5ec6olY_l5atnSx;#Smdv!voPRBR>41nRwcuD8M1 z5)il=2sS=b2pC(*$0FX40DVdu)4DH~_;h-_rS;kDH&z|~EEJ|`;j;RdFMwd;5Korf z4E=0emPoC z>FIGF2-69lFa_naXb|4}2CHl($M#9Df;!g4G&o59hv)@R%VY;Uewl%~YcfjzbFKSK zS(b3EDo{~hB%_8QmY~v{3(HGu&pM3cy+k|988-ijTm8`b^a6H-I*;x*o5PFRKvbmV z6|8?{!^mUrM7(rH>}v(U$K6JCDA9d!1C#Cm23Dyr{4yhchIKpxwiycKjQlMxcA;L7 z-tAeEUBgy`QP6@IBpd^V5jppDPMMKb44j3)(b2AA*T*`488d>QoYM}LSgJC^*~zre zPatQL!P&Y2H=e`U7ct+9YmE@R*nT%NEcC!8(+_v2_Pj8@WAQ%_P~ppR+l-iXKx^Ol zZhU#Bk>A$&9U5WIXcl49>O8Hi1RN_aqGmpjlf?^D$6`T^C-Tf8n5Q*C(kYcpz^)V( zw7K$a?VQce2Me0@MsYlYiC~AboLS>?eru>?}?~DdTJC z0-H;j?R@4CiP-tT$xFbl%#W01-vHfG3GS~(J}rF-a=LrrUvXT=L@fo^rWINkFI528 z(Smb6W)2PNtQkW#_+Q!jAt54r21o9V89vR!;q<+!s)Kddu#=}L_`ZB8np+zGnVx-b zsKGe8tut{CgClSHg?MLh}p~Od^Am-b-WpYEG{Kp6oE`l|AU? zFBCR?xs_O+*m+VsQbRuYU>De1GKrCj<6)q;r?OLseJ<%q* z=mNu+l&*DxrTG4t3UJVK(W7>4V7!+d8DBh!2;@-^pu%#W1mM%>g3F5;j|Bt2yqV=T z4U`&iyr=Ts+C`B2Ur_8q{Z|>2uq4cPicgDtyo-||T=EpJyfUqR>}!+S`8a0WhD}vg zG>^_l9Xtq7UM>LnUAgaVNeZ&5Jg{39`O7Z^K&(e%oe&{yO4KiA|Ax|M0B~I?wX(7Y zM#dD2O5=ZHn=S$kaTn!=t=(;e$Op1H$vy6zfS}P;#;UryybnV@dfqhF;I*>BGHgD* zW_r9Ie=7q>;CZfM%1Y$Vj3crc`j-4%&45NA@j!6U!hQabv-yb2O8kNieAe)=MBpVX zKWd4-3Oh$G;h;+EeiOoGU)~$qESuyW0B`Dr zy(l=5148c7*N%0^y(bdK_W@BaARdr#_vUAw;)i^{BdkoY1^GOVG*%FyG zKxsXTrPs|iQkN9|YwXZ_E=7DCPa$lpmPVGWC2S8wW6RR8+5QQ=qJT4D# zd6vLeF(7FueU0`6;ee}z5}t5>q5%r!y`o~@2ql&kcb`N15hABkm;nkDCN79TK^e3A z8{*PkK!RoVib)o|M+?!ETKtdAagQJ6Cf6T?-nhX}E)^^1>uA=EEg1UQ?RHc@cF>55 zdt*gD)7p=9!k&7=ff+aY%4x^5+=aSJTp)bgIH-sNwvv}U5U}3jxhY@}3sY-TM8)1) z`;h!now$mT^TATQON~s&eoKMQC{R>_NlL@e_BhirD1PEGY_Vsj2(WqNh2e89kih$C z=>&)_3J5AToV{2chKWFZJBYC5Y>CvFUCIKe`Vhl}tmOes8+P9Rc@l02R>diFy?pD&r4`*b6J zbB?WBf=m0czrF)ki7h19H{dF~F%)^)bvSG=vt;P!Xj%XG7$IGw67DJG8pR`{Noi)B z2BQ$!FYF@h{NySStXhylGY=(1w04KXOmwhD_`w?SJL-J_u<@q+m4N9`vWSK8a0ak# zjzfT-zMj`$&N&N-ga4?Oc(P;86Q#JACSIPB&ivUrY>Q8Ih-C^Dh*TV|#J%u=YDt-) z(jd)rnW1vPK~KJQ<*nt*zoZJP9-)-mFX##%LO6VQi-_*P5^kkc!ZszuR;R1N(%Um| zwXXc=k&}y=$ds4q^Z%D7z_-C*b!MtJ&w)MKElCFn1$AnKDj1_C3z=~)YzKmx_Y`S3 z&x7-`Lrv0eK%7%aFjR+}2Zka4FBEwgDjYH+9j=6=01rNboYAzv1qDMKyA?gPTX9~K z{KTJ)!GEBstBm>ByflQCQe8Xa8k5mceX+%-woOxG5%HAJ44=s4g{$8ovO~=2Uce#G zCF@i8IIJvfX8!mN;$NYOslq@8-{isiGMH=U*-apLBX^ z{HFf(2)u|(W*1jy$CUUu)mm_gKLp*6Zj5thCTZCbP{?#cWYgb-e(CVWl8g1RLvbqx z2K=^U__B{l0SwbS;i1~{2cZF8rY>iTKpubueXDfYjga`3;!QArwDLeH4WmD!=r0Y(oc5|lHB;GFmMK4Fu~0h8>61J7(Hj^q8@J5Egh z%Z9?yQf`=b5VLC?ZpGvRG}sl990ZJsDsP!sjD1Ta7)|&@)fy#2Bqv;u(YkIs`lY6B={Iazz|DK zU|qU;e(gt^5p9`f*ovdsN>;&WijX(jAlqD_MAX4BZJ&fGHRNgGOGaktAKAChxLuI|gz0A=#4Qy7a({^Uy*~G8NbpG{f5`;f+4_|0L zgG*o0-IArK!;tt*G}F4uiomdmSBudiZ<_C{5J+6wuR64nE~@Pi9{&qxUk;(-W*8oC z3RzqqY>U<#kDD{Gu8rAPHu$h6Bd_yLw|bz^u(AL*W$hthRqW(ky=307_X0M(d5#zF zLokBWtEuIEPG2geYu;F@7(&8&K*BTZ(wpE)>0%0rCXDS=Y0GAVR~WhzZ5u39{zafP z6A6Je+Tqm3w`7^@@9|^C6_1-(U%!3ajxF`T2I6X^aE&rCsnvU=blx*-SoLdmu2kH) zXspF(;F(!{Y!cr-69r}0!q2X*uLV^)B#85aN&|K_b*o%qL82Z_d=TKv1I50HX?@LK z&nOq=Ud5>6^9-<-4Fv|XExS#SDmtyXi~eS+Q~$YWNi%%Fx^2i;o8?8snS z#{eJ8KzJ{jMlS64#^gvEt|LP7cZP8n%8OVWZFVuueC0&Px~k8I|J*y+-<~n~i+vEF zn6qFfo7|5M;1&;<=QwdYtXFMf_sxE+U)3qR>ZC8Vv=nt)k@3hy=T$0_f4qlxr@(z4 z`EeU94C%%uEnfuBzvF96Pnb})=z6<>z>7w=JPdJ!fpVOG(E;2vgvhFJ>}h9~jcten zPm?_?`uoqDPf9boT08qQ1;{Uhs2JpgU~5kEDv-N#Fe6koITpdmWErg4!%PLL8d8GKFFd242q9-B9lr z9O?oVQh>0|)1xd#U>vJwR`}o}@NzL6*3JGha|MFlg4TVAVOpMvq?Grkho|o& zb&Ss|$qW^97s!w!|=2qAbZ$AScNuS5rRBYzVc4zFr!%|l`~ z+ML+0?|8D`LSF^i=`Q-Ec!?&r=Da8#jf98rlCfM^E2+`Lt_xjy7I z@Bsvrry47A9w%hk{lTGZfu7LqIZBVsEokmTXX>_n^q9RQ+;}^7by(=au-vobQr zwO8Cl|6-a2C`%}i`rZTiVx!I@_?c-3cyl4W6BpePPo?UYhqu&)I^uSm$V&$}D)auS zbqb9@ii?hOk{j^qOzgmZTU30aG*hH3)9bM??)&L9`#F**d!`(9fK1AE<(lhe%vx&Y zz~+RlIY$LGq@7%4*K zFkoY`RvojEh-+4g32I4vJP0Kvf%N$w7&n&<^eI!HoyTpbWQM{pQf@upzqc$D-6B_{ z#;1&r{{i#M?tS%I2%?H-ucagRmhJ*QSSNdj8Ms7E6VpbmV>}oRiSO)$Sx86Prb`WFKIzf>~pq&z#CF)sReTt z>_!dU3uAWjDwG@buOLndG!f-XnhRw_LrE5%JLHJ+B84dTgVQ3XQuzrteU*6s8)jFM zNn9xc*VgetT4vpAuh1=}0JRn%H%S3-Z*^}@f41cJu;VB982+!H-#Fm3>u0$XSA59> zpkz96m88;RB7gJxDeaXNUn{wwlB4X3ksNF5-etrd)gxiGO}95KADDUQtrc(LykqrLc~%(5?mmH@|Yx2Vk)zkccWTr-FNnT)qxMqan`j4YYUr! zQp+5z#{z{c|P5SW4Sb_tjB>xsDT~r*b#GCP%9_*vM zT5HUev%~B|^FLa=(P%BojY;_qg8`AUjghA6jpF=({ddF}coE43kyhRNS@UU)U9aMnF99DsM|Ej}EAT zxI$d^;;3Wj4q-!03MeA$A0nwCtm4Hi zF|i^idHTz9yfhp5s;h$5GP-+pimK6h3VuA3%tA^>Ll3P>`tOx=?cV>#W`(Tb^>I+DSv0a6^M>( zB`-U*lMH(?(>7xtP=e{Tqxj^4;2otxgz(jj!=}?I{h~=0oyo3ZKE+7!qk#rqG2(Yz zUFXEmOHU1?9^fvo#m#t#O&3_ou0=@U4rJf^WYHXNn}}N!M$;|zI_cCG*xo*N&hdK{ z)7rckgTE@f$GQwoHBqTLqtAt}Q$rpN6wg>{D(r)C0CL!@F0Pfy53-bJofrR$UEW`S zH&8q3TRsJ!>v3nvmTVFMN33ai_ZP|C1YOix@9j-X-j&e$FhazqSMZLqeZ=V-NMUs>lgm%nXL6>tots=Udl;APFeN9~*n1}p(ifa0v@6$BY)WN&+HWzC1 zeTigpop4xQAcch@fmG~@A1W?ZXJ&;BC$=)J`8^Lb@HC*0SUSdecXKN1g&7{-k}Jb7`DeW`XxAoOL0MI92uEG`UzGHP9C-CMlhfNau$sz6^x0k>+WqqW=2G7vu&U&yu?Kqp;;B6v1 zKLvTynDr5jxrY?d^>rN`PZc(!Gw=eyW zC;U5^{i%a{#plS;;;Mj^JFzmrURI zTR{R*Rui>n^iVqVZaP*kC4bx7B)*I`TI+0P>=}AA4C#Ms$Ttpll-X~7K*HLeRMPNs z6T1mm5rQWkoqY@hZ}8&dwo;6}1vL5WQwbvF?h>CGC=hnfzGeLS)p-fAn#9`yA7zb; z{?UAdXIQX(Gn?+>A`@L|i?*8*4j*DRo6(zEQ-RF58({P-x>+A_pRzb`Eg)#h3!^G> zO9n5%_v8+ocP%)7yn&=bGpcvXb$mhve-=ru9Rb8~E@r2O4J9F3!y-&pCH6lNg8PJv zQ&O}`l51U^9+;c={mo@r7Z#?5OqJFLzPA*Q$wj+wcKRXgIK$_ILH{c2xSjTWE5`ok zJxO^$h`H4{#W9qw_NJ)<2)vU@;m@W_V+r7YTGeh=LtXHk3_Ypf{0!8x7n|Htn8+5v zCoqIkFuEx3#|Dr2+=h#18^vZ42%w=~Xjao>!(eFihpMECwJ|Ybl6E$ONm}#h`5QMK zW}F(i`qM22*>+RDsQ_n&8S}ZcT)>*J=Q3>_fddjL*|Qad&b~iahPwfQD}(&SSzLNt z(*KCWLo8W&hHh)mJ(l-n&o7MlCI4{s4mc`tVgv25z6y?joYYyYeoGjp$p_;x_xcK? zBcVf#Az=uQ)ITC`pAMEz-A&4ji#Y{WsUn_LYOzpshy!4^xMBXA%;4%yc>WjT-Jz&D7^G2k%n~_ zBNWaVe9u{0=%_ZeVvJgj7QFnAEBICkgB@haHk=DR=R6;Egl6-(X2;=vw_7#;9m#CY zo66-klSY5-h@p2iN-sOfW zmQLy1i^ySqM<6CT?|2yE3aD|iw5}qlXgy`}s-2dL#ECs3PILs=<%%sb((Y-7;%5qWq3)BYt@LYUh^9Y31rE%uhKqv8C!V;$O@77O zIBwjW%G)zrzh>vXE^yC)m>R!5jCo~xOdiw^rDA(Gnp2t~6 zQMx{BdbH))|ArlQiHOU|`fZc~oVZ;H0Vm#t6K^%i*&&ScO1cV8d;m1+l4w8cUFdOM*z+zL+BZjM5^7`v=wjuBnaTQ1)|SnZ8SkJLD=fma>&Nzw8T4B0Bo^ zDk31R-GmB7@6CrjI9oSgi{ZMZfXo{_LU<1UHuPS|$M&LpYADyz3MsM^ISDtX)Eb$a(xDpAZJSw&`@ikhn4H2^Mx8C z{l0(Q=!UY?N-T}c+!iHk-(4@E}yVy^$A zXatxfzrt10OnRWRe}spb1Dz`ipeV!+P?wQ=tkl2y?%F3f+qTNqns(%W5DNx{a)xwO zvjaW2F+z(B?#0Sq9T=hx*=dqi)h8At_#Ur=Ve7?jZ^Rx$`Q-Pn$6^N`=D~@*Nf!+V*kr5`xmNg zfX*}LwSBhk{Nf78tZPp~LArr+Bs3#=EN4{c(lAk`TTkjR{Q*cd-`Q~fCxUf@(o7+C zu)%?D3%tjj5~XKL;n)zU89R5xc}E^WwAGg&y-?VwJ^?`chidbIYKz7aowupBE}8{$ zQ-04A-)wZJ4n-X3Q_j)8yHyB?&n_J5vGKpi*1~wRi*jwaW#}_EFSngb(_d^YT}h0Tiz zpgX9f338^P4o-hGM}x8`58OxJ6g!87P$n!z?EmgMin6Y5Y1>G^13RCRnf9%D<2JO*-f?{+fEP+eZ1aM4JTYx?cL9qSV9 zi_Jd+Y9Bo5O~$7#5VuBYMBXLk{|By1O(9vPe#@KjNrZfq$dvNC_=1%#A)C}cX1@+r zao&6mWOtLmgUiS)5rbgPbivGLNOs-HJ%8(czXMNCo)v!F8!OffYGBj!#^e8_tnVsE zrjxzbDK&_JJKY!xPRQd_F1+|0TT@=^a#l1%!x)8qH{5ZenUX5FQRHmw-hp7`0I2Hr zNa{aF8TAjl@#4qH)wz@3sw{TU)FzHWiNkCq^Q8n8#toZBcR}f6e+*d5mzYjHr}sr`a5OFB_ey1c=~>V!j>d$W{D9@@e#$k z7Z%vYtznON<@B5uZ;=9LUXEJkqrRAoEcZl3Q(ujiO3GApw2rZm&&-P>yWZM< zWf17;qA4o87nueGIW}(8U)zmOg%hIm!5ys|5=(YoLpfHkn|3L@4eN;Tm5o7>%wXPc zZXKpjLI;Sy=0p{Vn?kN_&yI{d-vm62-zm|JErQq7(RnJv^qYNTdAZ_vt?wV{XJ=Tx zCgKAcL3f4bYe?CM7DgSS{^un_NHWZ$-q=M&6Qbc}6u-tl#{~d#P>E4j#+k3fTieV! z*%eX}dnunOt<3L?e$%9t;^ng^ZL~wr$NgHvGGlQ#%s6u1ImiE6BV8+?8XPFcg&G_% z4FEoIS(Ix)**2ly=dK>}p{8odc78AX#z1-1a!yQ=@&OamA{_s6ljClCsIzX!-e-AH ziq%Ff1`L5B2bkB0*9)oq`xp3^{*OQcK&&9xA=3c3a)Df~28x%X;*4F*BI^+z3YeNs zOx_a8ej{4%_;>Pw?nvr3*+~pS` z+d$6ZL};qdAvHW!Ig{?>#(5FJtAh-jFBr=HVZAMaccb1|OUl=@`C8~5cKytuK2-#m z;y-@QoQ0H!Zo%NkHfl`m;@{WrG4X}Ny8AtX;ptGaulNt!{c0$_McWVDUfG+(R4u3g z_?YP2~3T$mdW>l1&K zITG8o{0zdVFi+)B6f9+JQDxU-*ZDcs*XXyEn{fG7tJ=wn?2Rh{&_Q*MW~%!Ts{0W< z&wd8b)DwxWQt>J*LjemcW;2&n?>NAm4dP%Pej~SH7WoH4?YPfHMKC0Bj)g*Q68zKO2J)?z<@YzZSeTvs-Zpqr&y*#DhmI*H z?>lK-s2In`~*sr6gD0UxgcFuA{) zGKJDQsn4AZ05gSCxF86LVwZN5t9z7a4+xB^-4GMc-JDs{#jL?YlOBe9n?&$tYYD$IEZxG7~qbIN{>XRH-9g(jX_1 zz29cv~q8`Z)&5Oh% zA0W#f3F5bF5h(Fp?aycxz~#rlG~WN{M9oNxZtS0W4T-9$>y_FtxPFtIrYEq1wV@lN{* z8ojY#A<7S2oygi$j}m7w#5 zh=175l}u+=+~8;oJ?kN&3;vJsHVJehq-1vF^eQ@E(C!A{nMcpmP4U?3cd1ke3U*}I zziX;sSOB=?q#=Tit`6nbNlD+`QfJ1}X@Z@0A9`tD_IHVEPj?T^&ozVKixFV+sj+i$ zkxR{0os!l^|Xv&1doF*RKl0Z-vDnJ3T*fS0zu-+~$uPKoL+ zKo<_eJDtN{GpM4qgABQeqK51=QTtVnFB00Q!RCqoew`ai=3zM%p5iB0Nc&btzXE74 zb80CgC_frIp6q;#kaK)+gm$C(000fO(#=}b`dU7ooo;PMChFpk7nVX0IH-4}kb&IE zPpnc21D3CyP4-^?+KHuFB7HFwb&bRT#@35&bTB3OL0k{TB+#LJ2bub$YPN^U>rr_P zQ)cJ7zfGS%?ITeyFP>p%q5q+0Mw}EthFYY^HBYWqFURlk<9eux*jUWDxkZI(S`VR0 z_QUg{EnxUo-Nrt{lPiCYf|@rhXhM z3Xkiy_Q#@B5~_=V=;(d;Np(#1HuUH7=@g{6S@C|Q)P|jXY|=h{Jg%LUVL{6qv9WQF zg``^I4_Q4HaQe^B-1Ep;;c2u2t~~fi%9vjdU9Q$22f2FvL}LZo^T{KPN)mCms0eXd z-WOUqJP0q0hwe49Po_1sa5dbhOx zQm~1)-0QA2sj&S)4I!A^&Qlx=GEh4A6%{~@N!eXgSHAWH2lRxApB1}-rsxa7GH>6Z z-UF*3ma!>1*&Vg`q0N=ANOvK_W&g0ckZ>X-cm-wv8OzQH z!2DhazDupsi_~RPbc2yCIP(>$V5ui(lj?_N$SpBY0wl||L_Zb36A^6?T&>rG@)GPu z3MyhWuZ9U;yh2*Y5gwAX11ci5Iwmx?AABDf{;pqk_gq%fGn);NJEoVQi5_m}N{g=2p=dGgXk5yEtfJV<$O8beD}H2dherij#(;1(Pf0g4)%O5TM_5_b0)kZQBzp(d5?~wQL*;9w z^A~%@`zIMtKO`Lo6_~V3*9|QzPl<*h-r?2M7rJfz!I8}He>mbSaD?C@qu+Sq0A$AH z?DjytF<7$L>})!FUL$7hql#?$Vn=%bCPD|IM-48*i~Kd_WVHPc)CAzvOfRj)mP#F; z$`AMC;oR;GC(}S;#pph0xG_!*9ghfs*81QWSAGNZ4p^~0L15*KV*{UujaybQg9e(R zJCEwnRN(CV6B`sn*^SmdD57aZvKoSt?L-S8IsgE-mghxEx7Z)Iny5XJ_JLbndl!x)l9%>?+59NT19kgpdbEBqt=gbHF;IQ>y59$4gVnhs z-UCJqBcOSTv-2eGTloGGfD$DAqTv8Q+O*ZPvyRGBoB^x;D*RFrPop=gpqlL5O&Y}i z2aNzD97pvlz#1FEiHs`EqK+xWnU!Fxx%p>8^c7U0E$QSau@!$BAQ&WX=v=jJ_sKZC z@B(tO*Dp?q*V8Kd5glL+0du%{tfBroQkjNkg_?|&XU7Zu);TA!B&>jh+eC@wffaAf zsHjDZ_UE9?(_&Q=kL&M=Ec&e*`hxM$`+`C5Tml27Y8f5SE1;^-yd zk4P$r)2IDjjrwhEbhQcoGH{B`5Y*OlgjH_o3fkRUQcfO z@jQif(eUsuJO3aZ#*DFNq!!43n-2hE8$Qy3u_PztX8yh)O=a%LJh4xyg^$6Zgg}VRbCpaG)evN5{g) z%iNwfBV^|rliD4ID-_PI`%0BnhH+>;0^Y01oEj8%X6)uL?I@Rl33?X@9|bj< zEQG%Y#aCsE#MzC0T{T5jBe3X3Phjtb1S%0t$$6-cfF;y}euj=Gqfq3x<u>QOlW-p{)s~ z!tV4o!+qq;E(v_Jn8*i=n7cZO$5q^)j?N>A0*7nL?x2D>NVlQK8S47+O;6;){#AR1VMb)<8mxr7UCy*Y&1voYY&nFNRiG~uPK3ACbZPINR_|EQC$w)v*X6(!3pn2M6 z3Gb%s!#ztDsV?(YE9u9zQbay{I=FwuzrIQ1BbMaz3({l`3Mx8@PW{yM0YHo}uEUJ< z&+@DEwUG~l{?^g^Hje%sC_paY&TNKeF`SbNd%no7h6-$%Z1cOAq*E^pP#_5c1qG54 zc!7!)3mkQM!sBXJ7FtI;Ed~&lIurPXD*W~ZDqtJdKnUn_sP~D)q+nRx7&mnJgEj=~`&*=`B>Ay>GYk zr($2b7?xxM9D^Zw_gwx;xh?nbdBwIi7Rx?pYsKrSR$ZY*FMzz{k7`6{#zS;7 z1CP~^YW~-;dB?EoKX>F<(VK?%-W4wq) z{K(s&qwZBDQ|sJ$b}F4Jc$PgdR8X+hHC}vp;JaL5Ki<}&BQskcc%8J*&-5Z**#cP5 zcoIgAxOp~qK6T_k7f>X%LbIt|fYguD+G{PpC}Qy)Dt}#jRZmmQ#;FM}CJzuEE-QA9 zd>h5Gl}I}_-5fZ>)LsimdRX@m5Zd+f`A5`VSj9K<4Jo5&nz^VV0WfJ2T5=70g=N}V2pDC# zoaBy8*ns_<#=gbzq~mkA$HHPt@vBxhByX-4@M`?za_}V`5K;x+WX{NTDCGz8v}&Ci zhW=Nzo={#1ol#p^Em_`B;W|Gc+H_!?PFKnbrxS3fY@e zQf{JwLQGOX1IelgFL9{jE2e#iSLMY43xxpS9gfygioVoo;TY#0) zhq6h>*|?tzU7Jf&mbCv3R3~q)1#&EPPPq)K zY+E$;O!>%H*>o34RbAPyOcQ9jDxusZ-S@EM^&GuRV;=Hj(58InzOUsC-))?*7tM;7g{43D%pU(34Q*-7ue^Zce5wcpTb6wv6yMEF)aBE#)HEEyq4&!6^ z#Y-J0`Y3|P%Z!wy(VIiYpiWzpC3Q5=)~*c+6IYK8^otFhZJ3%J2`6UOxnP((DjZahk1i|A(6|{VpV!AHY0QbZv!^sBm z5a~Soad(RK?mvSQ-;%66{`6MMPmQGv{14K{vFUP3MOCXq8$srI7blU9qm`EpiAmAr zMK-ucLW_^bvF-6I} zIF6+GSH*iH*97%@<2@GALH5ciH2lHUx9M;OatH)TYwqgMJa2Ua@~GmEC5y786zzMy z3&>|k7veEWG=PJ@Ay;%eN2k#5oj43PF6S){|604MKwlYXZdCbv4tU zs;#v|``>!2HIswd3IL7%#3l6^WyD~q*p^N_)EY(!L+kR&dXB|+bT`d7h2L5tIbEb)bcfL`l-|Fvo+zSmS(p+ zvf&Z2u3}ESyL^T8ildU>v{*W$33uAWz%^v4sai0rkLE>b)0i((95kohX?t4DK4g3| zj{a<(;%hG)F>ra@8S|vMA*bAMQbmj9rVp@^Wrxm2u8FQH#8!#;0D47Nj-UhC81dgT z`g!xC%=3y9)XW}HU4u?!5O_i@!T2;N+ zXLM#NbSIn$8+Qt;wdq`X=u;VVf$ek=*hSw~4!oZzX1EKBh@4sF> zP4UP!IU^+_eb1n5533*tI*{MMCB4@|0spzNHjx|2vB~go2i^0CLCCZ0s5(FbfcY`o z+&}O&Y~VKxFZ|PCgN$2y@6C!h-4!{7-5>F8=oQjIj!L+1h=j3Ncy$8#;4~br(G8RH zG{g!iaxbte=j>H9p}erqVEyY>#O^2o7kzt-_RTmSrc4XZZe ziMdW%H-~%pLD?$2tP$0NNl&Oc)WS-YzS#n}mP&lhIZAa5ITnA*IO{NBHrP#ZGzYvu ziQLBh@vGnUbLi$u;-!idxs=V1Q_A+SbOck)A>QO<=N~}4$+$@3 z$RCj@Yz)nE(0@fPM6v}i9;$C)dN0k>jWH3Zkb^R0{O|# z^Z1W#PdkVopA@OdHawC3dL8?83&1S>LE(7h)?0sif4ZVF-XVJY4_28MSq!rtsL%P1 zRvpR1Cg;%SXJmV=Db+%)ZE`%WrTM`Vm*r>d_p#`US>*irRolx?Enqp6KzXwBWNnAc zTa&(v9S>+8>Y)JOS!er4G!qDDTz?Oz!J+o^1>Pl3p(CLxKVQ+va_{(+Y42Evawa=- z@E=?Bh*eg0Mv>&vv5!))z1~CV-nMorD$R<0^TM;ClW$q+t$>BzP18+nuPgc<7zTG5 z&G0Os+LAhuN6T*(IJH7G~Ywwy+yD z3ZJ*7vjithq)pPI-3g49Pfe5OST}6nezxw}u@zH&mi$YF1;w}`p04U*wtYu*7v+mN z7x`$gR|`MSEb_qxRbB0cl~$e+%jN8Q20|MJvW-XS;uDOj?gaQp)!)+gtLF z>fgyXN*`D|9hyD3A`Gv+Apq&|bZHTW1>md_Ef3UKc#%c( za*2M()Rq7``!u+z+YHnoN62sAu26dd+P{}@^A+AK8vf9+{s#*VWHy_@(wGC0kIYw5 zSb;~Co7H=ep8t|{F`IsQ)&(4PSyvk!5f;1tQbSVGnI3Po+h!halN~!dDQ9D~bZ2B? z;0|v#5AN{KOEK1>38f&}Yzh|kR?TNs=E(kO_w1JYH}fZiGC%3w+K%l;5me9UdfM;E zl(D3w=BuFaC5&Wt&3#DZ>eFS_2RR(ED@}`2?{?xRQa?gAqsk87(BuR924j%yxIL_+ zg)xsw^!v1*FZwHVQF(mgletpCrY&xo4M}rnXq$AlYEG%UF1a@J#Zd)=7-&g0n?Rx& z?NXFMheIVwfVG-j6+-jbwT?Ch-7zT&83wU5I=OwDYLACSwV4>J&10`zukJ_M7t&U- zfHp4Ot<%zpY-ulivbH(XDC^D3cL2YAEsOoK1F-+DL20hEu;QRZ|BDYcXNJd1K13R2 zI2*qS7vYMSjtdQ>sS6sv7C_4&iTcu`ERo1p1g$04_&ob=y|Kc!{0qE=Aggv7O0YOC zFFqn->5H%T-T{1}%X8;slzVzu^(huQs2>3ncc!N|^0_uI+1G>lAavnkO7B^R5ps&9yT>ReOD~Af5- zEKl^q1G&lD*fS8RCFXp?3eHH&AgA%-N(`;#Msa4|q(q6&G9in@g;_0wLubmL3%9x% z53$6qNTqP`u*o^qg8wvfFS&GXlUJkIHG2%4rH;^@9FG39fZp2qyZbA%PPlL7^7wfU z5LD(W{}sy6((ITngZu!Gg2@7DmaIYS=JH@-7LV(_ihCH^&sGCG4xdvBGxE( zW3Rg>{pP=o3tAYEq_)&sV$fwP{R&BAWLoE+o=*C`k2YiSvTx}wR!~bW^VlT7av)A_ zqu}5+cx$7VL{B+hA(;SmU7meP`&6#?qn65*}v3zj}GuDk|z+^5&8Y_{4I99u#+k@`X zvJOM_~fmN7x#70@wi)S z_vM<+*>Ae<`t8ULtUbcCP*tqtBix37q;YvF+k*=9`(FBgI=Il+I$u?-4Q{GE8Qk;` znDGgiDF4$JT8{dBA%(v*~(7dpRPe+FFf;O9t z1M>M2jg@{ZnogBqJJB{eJyrMTTjE8XTDM;}cK*7S1CP{37l2Rl80W_ci;giC7x@*Y zPhNhUhNj@%-#AcH@9zL^P`rT5`h#!g=kpm47h>Kx(ra-40u)dBj-z;+9ofca6ZFc@ z%!%Wym1SV}LrH6YO1K7hICwm;Ey=bneBgD&@P@@23Y z^)Ixo{yqbKk2EiN2Sivk;6^pB?>Q+RGdV{T$9T z-Lg|Ic~QjWuVE6QS3Q0UKOlsaP@5r!PeC_KttzL6GfD3qoihh7zHnwb~+I_ESl%A+ua z3W|TPE+ zN?OOs)0CIJ#~SeC0Vt8^x;oViJbfu5F(ZFt$^OT;(okeyA zf4D~FhdlKMkyqGqU2HTy8y)A&HutTYdOvusxO>BF+L{y z+N`cE3JSjpd)}7NS3rIRRCYM+|=#MiMShjseYxT^?TiF(YP7rsN)ULIr_OPzR;Ll3;fUC5SPBG zH=}uCXAd}2pLJ_HzwRAWxjj>G=@=)igY5D$xm0k_(4UOm0u!Mv9 z23UsZ9#LA1hHzK7zxnf1$;q%|kaib4nFbd4%*(x-V3s%Y;@t}i>|1E1!Wif#3U@t9o6_5`=&A^?Nz$mXLza0 z6M`PO+4P9U6_PtxfT2wNJ5)_dJ~BURx4G^SmrP!7A^Fy-w64c*gS(89@B~HR8t5e7 zqrwWeRDzbTg3=}!<-emIcBQXuX|@iUWPI%YC27|bYh3!DNyL&GUs<`)?E)+wKRZ8! z&Kg!Yq~d81X$UkJzHN_b-bicY$|N~#r=9pE0vR3_m000=_@vzN74`dAww|-04iM>j(8CtaOcB3oE%r5yVR$pedjMM-rzWHf$Gaed2JLkIp5(2uBRkL=A(p zcgs4LuAD?S^N*WaSn58Z^DU@dd3HP-7#jf_{FRf!%tYi8nELRahxA}gmuUZ2sAGPr z`{}ma^@sI}8i!0SzLH%|AKbe z&vKJC8a_;y>U8SAu*Lf4)BNq#xwK#+W-f`VfVVooU8U6s(LYu92OTDBR*KCuh&q$y zhK10QO|6Ef+M1;YCjP*qqH)95(k2s!E-NO@#S1`cna=l!YloM>lTkr$ zT(Gn41jkNo+TWIL0|fV;`kL8S)S7yK{j@P$@7}KpT9EG|!g6NiPC&O({V|rFuNR>2 zvD&ANf3RE|t>3^%BppQ)$wmIIqHv@AS$62d-M{a)w7e24m6$1H>ic2fwU%|Canl*= z!l8ZoiKYBVkvov=T5Hn-Uom&`YM+|71V8t=^Rra&(n;hs@2cy@d^_6Cp*1wo^?qu! z1CASRZ3NDJ;}?n*(3Z=hP05bY1@zGCysUHPEuAtTzF+43@sT*`wC7f4HU7a3&?|eu ztZ?g>qnE!hdb0b&<9!~+>x{5-yCn*|TU8QD3+A^TIrVmMQOom9KDVE%%Dpyn9WXmh zc^LO?CvyNWU$L-WZP{fkoOcvt!u(w<7AJ=%6d{+b`*aU&VzQUm*Md7%S$9ZpMih7C z*p?h(Ju^~cAbfxIT>MHa(Swb>lO0&_BXBN|K+0mzBHCI=)$H}|R&Kio#(yejYwC>` z8X3yPnk6s8j4E}5^uD!08*y5g=)op8+U?f|W^&sJ8%@n4W zzHg^jA_N{J9}uf4IvWqSGU14FnW?T_rzujs%4&@7!(U8MndG|RI=tUU&W9&qU6?t7 zFo*#5y}a8;C(4oen+=CGc8~w{QZAe0uedSCb+Y5gaJ(+=xPaQI4C|tsHp~507EI8u z7+JbG=Mi}Y-?4VEx=j6LpbL4!3z_%%@#2Ttb`PW}49LiweDF7z8}CQWW(xz$-S_Yg zyjG3ra?lkLpevk}GqFrlpb(IJqPucEZKHW>*zdpkzG6}KHpMaF$-l$?x!D72Rq;ds z+ybaI)a8dUY7|&u1^LW!%oQZ6z)9==xNk^P2INHc`yL6Bs~w;7dRxh+IJo}Wc$$(( zT!lZz|E1QTA zA*?7=_2#8gu>{9=UQ3}vdhJJU>^d@o+bcKs*IySZvNC!Q`o^(VGQ0VOOu$i_OlQ0> z%p&u{VrqDFF5n4ayZ2OkZ}vd;yoN(L7Lf8(?%DSwF8S$FVK?k924NBOFzE(5?Yx$p zNVc>=H=Ylli$*$^O*{H*b$zt@%4xhBy#!mR*JK_cTwz*36a`HB&eJESH41!lG>JZJ z*pd_3?lu!9)&LjAFd*_80Ik>m_agd5m-G#H@MXc_fckN>+4= zm$27Qo2pDSr+-(TJnP@P*eG|nIi&6>U54m4-zfBqr<+^_7CJ)bFviE@SvKu|6ywjB zXqa3+xsDE9i8|bPl{?~nSwz^qKUJAJqm=fah0(E!B@7Nje<9J{z<9yZ|8gO$xX*y` zJuN7|&-wAVi+({5UP4Vm_kGv3ZpY`+!jmygPC7aQqm5R%W30VIIae3olCba;W~`Ujay;aKn3 zIykuyZBvGOr2=!Gd{wPZKRH=8fgM%>DA_U6`%|bcQ@SX%4_;p?s=zLZR6Avi%*g`% zN_>wc-R0lX%^?W+Napt9kkF7b$NrX^nqT}dc!*h_cPJPZ^l|xPIyf=%HJdGPNn!A7njU+CNGMLa7d0*5H6R;j~KEdL9 zj@VT6I<8z7tHAd(lZ;nHB@?ll*;WFoaYiT(|HOwn?{y<8&iwjW)H zARJ>?)Jy4$epXa^6=nIO8?mjW?o9zDk#lBah}%RzFK+73~8C_>_wRSOJ}NKa7AC3Jjbin0(e?iVr1$l7PgpS zGK~*LLSFa|EO{gh(mknt8S66~%uA0<^RwhD$<%1`Vm#$zPM&IiB|ngT{n>giCL2D_ zO5kLEYZvs{XqdmAkx<{oZr@ukpy+hj*>=L4;;-0{VYBy7cRe?25W*N)h^s1J@OtGr z_^4{tyQCP_7g_!_HI}BdbB{bp1{_dUvA@<7T|~uJc(jZRSlgEM+V#F;2?P+; zZ^DW;IG5tCt?I_0vesHPbkiw9wgnd_+8nCVX>)B`o8ZteMJW@mA8&vRc%8lVpU&!a z>*~z!(415{@3A*!<7_26!4|zk^!vOj#w>&?1gNl25v50OW%<74PLn2zmVP<&DFvdj z)8lb`MUqMj^4nc|3UM}*C=A4q)s2$G_!*WN6AD+1x)=j2Wk)Pm2EC=acMMAvT@oSB znYVVTW#GbVr=O**LLL_@(>i`;3U9^Wr{WjBga9Btg^-I@(FySVy40&lAeCDNH-tKRZs>9DtRdWI6RV?RWg{BCSlTkhSrKCFx>*ud4xfC8~wMVbEo71CUg?d@q&TNp$Ugr24K`I!7m z9b)1iAnPSGM@=?oPgoj*m5{{!4_pH28l-qIZAJ_fhIw~i{IZ#L%A_`ScWEcpmxj5r zoqzp5mHF(64i8LUDTUp5(A?zBDAH|h?u-k3K|pE^E+7S(6(xfBQy&Y{I5kq8E!W*$ z^`#zkz-e&*?o{zrl*=e)-YGmI^P`|Lk9`o1;N?UZcJA9u#-1Xd!D&hV(#BHp<+2Pk z!r%ZcNp9X*yT=G`Os|l1;YT=p2a@o)0EYXqw86vlaHSLDqCcgtHCN~PIZU|7c$5sh zp}CmSv%sb$`|4?ma!>x5;?7CU%3ykYnJSY_6lh^n3JT04e~g`fEDLqvEnm4aL^ln zjY9au6hyq56g@tauW*KXj~VyF7*zCa@W24ia#zv)kiCzVL`P?xfo`k!exAcLYbg`$ zKudND+x14W1PTz251-JXvf4^sFn^7eZy0=}j?(qI77MY1GLz_U{4{j-`(J@OK9+(W zst_ZN90|(6NiL+GAxJM#{Me6Kg%NoQ+ z+!~|Z>q~`fFJ}mRU4_$>?Aw6tBK|vY0q4w+RUtOx5c2UlL-om`{J@8`e)Mx})oE-3 zu>Ngnf!njOWOcj4&y6^*1yTW?_*4Lr#$j;b;;$#lF$BL7bs$Lb>%f94kRVVpG~nrb zCGOP}zskk_qVYY>G6dqU?rQ4kWXxP99htF=S#o2*NDfz5M|fC5Rc9jld;Z(`YK zWmyx9Xy|w9rofkb;~V-JgRoylSHnVKWeqzz5Hp(29upi=H9E^V-Kqof7V5=g1GqU6&BM-THCo8wg(ROhQ zAD_|-B{K!$37BVr?AaI)kh=bv0?~Q^?1eo8tNvyYEYBuwPD{{E!I z?fZJ4T3@Sj1jg6YBLM$VhM{pm`7B2*QPZU58530<2G96-Vi!iaE@JOQ0XCud<s1E!R`` zAgT4Lao)}Lh?PrA6}RW+hhV-qb&1-r-gvghOBe?a?d~ACl_UOHoN=QqM*Xbj20gl9gMGkN8^|xaF|wdE_U)F#80`@mh}4FG4UgtiX##^n2^!pH6#4{q2w}Q| zgupZRICo(;)t0I9=wUM zq(|}1WWcKP;H)~>hc{p!qV2YiV=-B+J&=+7)KbC$I>D>`P2oMh6zxZ`_*0*GaYcKc zc{?Jio5PvuEqH+u7xLGA?XPZZ8q(Ql;Jf;=*-5*K#<>oyEVm;mR53UpSB@pg(7@Be z;6zF@8KxrxIIO1RA?8CFt2Pch^&KcOTIF#t%+2hi{J|9pHY!zkw_O{E5HA{i2FJKs zM2OtX4rfBNz2M9w{)}_em&>c%=r<p(om z4YrKwhyt4>LjEP9x}+29&Zq937rNkh;R~C?rzwjs3K!Y6c;D41zyOa_F8%i|2QMI6 zG^7jXO!wb4_HBFi>_L@+)DJ!VM1}iPO#NSlN&qdZ#IaM1+IOn!o%R4E!IihSFXHE^ zF>+Pi#s3Abf7rV~xfm%~=-@P6zc7lzF~3Fr2z)6fqlH;@k_vaIh0i$h)bvg5fwq6$G$&R#stq``GeP{N3*s*0dRqH+s%P774Ml~ z#bSuxh9RgWpBU82*=Mn=IVD3LX`<1ZeW^jJin{Yo8p0hrE2;4ni{f+Qu zDr>ejat*A7`?SL*OxesLzk@d<`0R)0GD4v-k6>wB21Xnf$*$n8bV=@!3`8;Y)JlR;&b&w3xk3+(4l0h`~c&=Ml&Q z|9+b9vo&QUlY4kXVqhtI_^eP*HoC0Y0U6@Ar~StM&CZG5oQbg$z+CzMc8<0!`T}aX zx}5o`$>BVyM)s?>F@FyVm-;}1xis^25waG%dme4JDuih;5DgXvnPKq^(gwDnAdeNf zp@|}!Bs;2>Hv50_Y7!f;#U=%IBHJR3Wh0S+@j76X_`tqpSyT!#R(}Bj5r*vlU_b=Z zz`S?Mem8%RsaLjCr00OG)P-N+wI%5y(9OIhR+MpO0PWg~hjx+2QQ*4hJJz&;{CR%X zWc|2f^Kj~&9C%tJE$y$(x@|I7y>X-^UfK!J3@b+50XCoqn!RSP_E9FWuETOiw=qb) zP%Odp*SKSMGI$Sgi7k+aOP7l{V{<^-ec&4jxk%w8RSJ>zf`BuFv?88B+Qlgr2kFz0 zIM{r2+;{_~+)p2CdUI#I0508;o@O)h7QTV zVeRMd&BczfO06+F8Kop2hMsh+w03Kbw@OQJ56Z-apk}lE>zZ-G%a2Co1p=7mArb9B zAwAc>>5WnRI}etCR8E3)@6Ft7jTH(4pDAs0?rM3(#C|lkbfYFDAcCc zYF;6&VLu+{uzZ~#-@G}s1YX8H+IRklX^lRa*YRu420e!Rh7#Cah z|MEftQr=5Mgoah^%;~Eb7>y9p)R4c>{4sDi)i54IFt3lvrWpSN z8^!`vG?N$Na;y}1O~^5T(KHCUAfR02^ibwX zi)g50-WvWf$j=vlOK@_TXno$Ptmx)Ee8VH-=n4htPZb0lxgooebsZ8c7)fp2&4v-v0gZdxj@;my0{NG%B}?gxfzZ_ z8g{`ez(z(^shB&&xgi09`2!JZ5PHaVw)L^9mwco?#4vxz68%Az$U$ZoGivb9b@K|z z3FiKlE{g>dA<;oD(RU~e5Q@0(T9@Qv36uHZl*8bZdn~k>>Lc&~n7GZB zN6Q#rn{n?(wVe7XeYb?)#aNqQ2LjTRuX%e($d&)rPlB&TQ{tHk49 z0KrGVBlrmWQO$L)o3UB9;w558i2p5*%;;4tWnce>7!Tb86&m~X5iXr=0M@i`TQIXK zZPFz5slRj*f@B>%a+^{wd#6QMI1iNb)7qd4NP6iaux_QNVdbaxivnTos0% zhS(dr;q(vsVE}T|H`Kz_zl+pv%Dcctnx5;G&e*~dm6-)QW!wDy27~R`rw$>G7|2(u zKQd*>h`erj$doOfV&qO9(rg?=gObI#dx9E(%m&NMB$8mNGfS5u6+g1#eIcp)tm2eN?3k zbQ1+d@FF3$g-H#lzyKtBRuEH-N3H;oD)^SPi80qL(7{HZvqLecZJ-{xPo8qHd-n?O z>B63t7EoH6KVKB$35Zf;_72fD%u@z8bL&C~vf_ zMX>>ryuH=yYKHhRj2+t1ID(cp)Z$vIbODmsNbRBnruG2r<_nXbt*v8}4P9a<_bKk) zkkYr=t0~w0cY*ciig*31xp7Ln8t`WE;ZF}U=>maKc6?wI?9NR08VdZV5_7S=H>$E` zqn}Ssw#)Gup@tja7vr2nsN5njE4PpyBkw~uNj}EJ&zDo0)>$1a%6-#I8CsO;>*wy~ z{4~R;gt77 z-E7TV6Ww&SP3c&z7ART;z2>V@Pf?rl(v)m9)H=rBkJ`nYsuHqd5&rTW3~PIZBoCMD z-_Lu*vBM@Oa=8ELsQPw!E7vqQI!mEcC8Jw!A=3#Uf`?i!z*OS^q4>gO`tMaNKs+S4y!GY-W)0PdF-KhnsP+^7%u0?50!HbjU0?}1>l5b$V)k#p;;8Tus{^x=< zli_KoW|05af{FH}Rt3-0?ALQ3MCOW16OzC9Y;d?4@;j9LwEQ&}vw%Fs=*3w7`xkhz z^MRI%;PtY^=FUQv{sUy`@57BP{*}NoK$51u=1#{IbwUdw*y4F@9NwjWC1j)*F&SYN zSrNYD!t8Jmyqxmk&X=?K_j^8Yc{ugN?0kA)g~FEw)y(cKlK$-<4hGil z5A8kY2aX~q8}(itu*^r9X{|6LHDY1p(;h@t6>apm=^f+F~?s>-i1U)RCN zgn;t=7s|SflXA3w8QU(*O#s*`5gb?!-8YOTCI@&a!$US_sxwMHbU@I@@J%vjKHtEq z2h6v&AnXrVA_k;oHd`lT57pWYZ5d85iRcHTUZ}kl&RBo!#{N*gw!)8#6ji(G>^u8c zxQ0w$G^@UZ1APac2F=YSq4t}x>vXV+Wj$tC!7b1taw7~ZeOjB*kdk;5tNXnBM(VlS z2`&h&h5Yz}cPqK!N?|oCLyW0jCRURDc_y+0j`+=4T!9sfy)d$Dsldn$>%IgqPse!1 zeG@vFKqDuK`yT3$BHw0x;-QTxmA62s)7{*tv5Hn%V-|NDdE%^pFG|IefH;;J66k&BWAfB^XCZnx# zWE0z>+(hF2m)`^bpt2h%d={3@66VJ3P~8K5Gai~r?%RGsp|< z>Iv$R&$xnFQcQW7cNUdYA4etCCtXz^${bozFM!+gdRYJ3i$7m7)_Y-T2jOkQ-;S!C z$UmuOByPbfJp-oQo-AI%u(Mj4w1Vd2uhb43%2*!qHI+*b`BlyIvPr}OAp9mn|F4WA zy^IPQeh=fEE|LK@u~8`V-91n!H!uRV#rie=@^a!(Pd204R~p@}XUF1zQ~t#A z#h%kmPc-kuGf|LDSbUSJCTCt?h-z$VM|F7@-1m6kYdieltz=iX=8#mlE@QE%d>EWp z6P)v!!{)x!)h)Y@IdCMj=j%W4Es+^7_7~~Tl;JCwIEPCc2i$0*zEVZgx&KtF2Fil{ z_#Afx7rujD#e|5P(ia%EH*z%_#Ha5sUkchYN_qZyaWS zie~(V{Ua~M`0p!9#S_gI(thZnRS-4usN(C7W9OxD9tRJxA64s1FikkLpE=@guKd|~ zbh5S2Pyyvx!~#xyr@0|ag_t{Z1^?Y}4#ZCWvEdK#~Hu0?C! z3YqRdqFUO_X(5dVJBU8Fbeu+i*hldbk`iI6UMYIxld+=^R!YEym7-Aic$G^zBYaHa zd2cN-^Vy#ZZbJd)VLrPFViA7zL`qN?m)awU~TU3FU$jBix;gSBZ$y zY`GDcYoC2K3jSj=(Ep{Sa>3kZ&t&`<6oP1?G-#<;PGi{p5VY*fpcgwovhE^IOlXGj zF-GFEa3LhCg*I_Td^ljn7$XuDje2>oF`r?GMM+PN{TpyQ5_6#BuxHb#z?vW1Fi4Nc*2%Eyf#%OpUeemA*&OoPMCU|>H8w2}hx(G0`RQTC zu!HEHo$43DL@AI)5clWqTgu?DDAK9I$I=7ue4i={(~FFi_vq*`xBd?ZgIo$$-l6^@ z?utyPg6f_e_pg==^H-dn_p$)$H9J*qZz=;^)=7`oTU|?aEO%q;CC|Lo@x;79G`27k z+{wf6s?1dkTrSZX?$TETr9A{(X%Cdt=XEw z(Zzvn)j7LS>xrQ6Nr~)-_P)zmC-PY2@rh+Rya!II|1^tBd!tvAk(`sI7bb0X>aO-7S>_iAL=sQ9$*kGzJS5s5m19}*>)W1k}McrNl@Ys1(FT6PS4 z@4DWDvBmTi%w}J5yfM^IPWo)cXxr30`@WY+0qeLT5*E!7P+|;!W7llYehr89yw?~6 z;Mu@-t?@}KQDhEtH?!IGmVp8jT|5WdAN=1=M{?heWnEXj%su=B6L)pLU;>az=5*h<$g*8rUoZ+IK zH|@*&@4)v=cX69Br@Wz0me#kw@MEI7ZOXS-wte#2R@d6qI|TMI*F7I7C24(xm$^Tl zjnK^JwCDMijFSPX5Mp8Q$jjSS;%5BIcOoH=`kZ%Db__=w;!-4`#1TCpz|=-^VA8pNB;J0SB)1cfN)YV>$7 z5QqsudE-3=&L*Y3TU`UXM?xGcAFWu!{O>EI2Z#k%KK#Yp+hf%$sx$ZtelVL8#^&*D zVs4kfzVB4N|B~#O@+)U-#;N8@Y65L&OPDh zcf0yb1*PI@m9WhA)u|uDnM(lj`XdnIedD%AGFxXvpn(``a+n*%O`T6rU7Mn7*IGddf>6^5b4oo${E}qcn^E6~Q zB3*B|$E@dv_Ijfy71!mr>0G{iOLeEmZHpb5o6V}y6<0o1NDuyRleacgnZUNlL;{=} z+geTLfW-3S`T9BfBjX)-Bj%nR=Z*;b^Rbd09fb&Lvf?Pmxf8sqU%aKYb% z5r&zoSpPC_y1|TtN3(f7ndFAQ{mXwup1I_S=EK?JA9UId8|;ee z;xiFk?5(ZK#ymUnd(eOpjwYr47%9n@2opmMntw7gg}922xyM;Y^0dQ~?*xP@!Ky|0d%kc3}`!qD=yl_7RUY>#j8&$d~i4hB? zy`~$P@aFLJglT%Z+4)Rf1M9Z`PQSW>lXRXNRxsg!TTb^vZ1Fd)maE$Zyv!(XMC$V`=CYc|!2}DG|xJ*w2A;2!w9Y7hgYZ&ymvUeemB) zWfQ;uW9+@-seIqS@e(wDUA~BBC z0rcbmG|>i4*_5@iGD>>stC0L<6fCUb13Bi=`7L^|7VT{f7?)a%xHh&mQU;~{`P)Ph z=g9dh1fvfa1E}chK#RV`b(TED<6XGBG@Lu&s?`u7unOSGn~VP zklM%>*aQ6dPHe3F@DMjN+oACoY(X1*ISplnpKiQfUEz_v3eWO~QoGDbuv`XS@uD1k zP7Va@1(Kde?$4ZHVIN|%j-FjrIooW#!B48!UbV~ePpsH%2>WPU(^6Yxh=1K^*Jxvf zH*s`$ZRP_np%01q0<#6nPOQfAI^O1YNwa4HRkz3T1wzGqc$REqm98FlD0vZY0Z|1T z)WwfX?gE$<*&efjB&2AO)#1^Bn=1(pc>fAV(4qfw|3<$t+^s`xx0&mnY9*IU@hLdboww)#k&!$Hf%z|atB2i5`na5@Ym=0Jh``i~In znI9vKv9Ws6GRlVAcB*6pE9Z*3n!`NAxb90uJZTW#vF3kRMo9+?bed~>>JW69p{s|o zH&aNc^3S}L;_x?$|6lY_b1T0){0 z<2@@nV|8Mj;bdz$IVEgZ11sfscRtXhzL-yz^@0^=2$h~dp#|Li8W4C1GeSQUhlKYw zCNT-gQY70pf$PqAbctWrEeb*@X6ysZ0m_?D0DWiV{lV*y-z2WWAHnTwH(zU8<&Epj z-H9riWZB8qfph=XFvNEX-DRv9++32Yt8Yew!}~TTaI(ILdU35pcIKKZnZmalAGhgl zf1|9?Z*H^sv#_R^cJ2S43>RIrTHuLIjSg%6^4IhIsXM8bvbQ63P~#a5MZj-Q$jQqN zJz)td2-a2|)1_akA)TXF0A2I&h@w?{UmBZIt#a|t+4Qz2D7$j+tSXBHFTbC$8%r8F z5`?J-aBejwBQybpLB0ZlTljDb7y_<`EbB9D`I5*MSmnw2J;<9UPA65W6KV6 zKy&2HS86d^p4}W$IWkER1831=1k%EaL%?&ri zrB&jM*)HpWG>D9JPIx@$1WI797K$O7BSI7{y1+)N_5JS0knD{*Pig;bb6tXW#C)rc znJD3E{aaoor#Yl+KmRL25EeyOb)#YC|A-t;Vro2rNGsEtDI+l?tF<)46O?aZL#$!I z=I3!hKg7Ez3;|yIM~SpcziXsLwXI{%fuW|98i(II@}9uJCUNnJfafMD12aX+&X4Lh zA_jr-r?AId{ncT1&uhQ%qM>i>f;Z>{fh^)~3$b36%tW>l!itoWOig8?A4T(TWZEu?Y9tEugnQtjD3S<`EL1C%73hP08cV z=%g2Qd>qT@mF94dax#veWzd$jwJrx+^4>p7yY`pHt6+}6p6G!-%)a>-zV${L!B*!f zXB4po#`-xNob-Go@A-qDqVETA!AB5~u9ntn(5qD&bbY*4*xOje8DU$W^%;I(8y{IA zrE0Uq`x3Ud9dR3oo!H)PH#u8QMqZ%0zIhJ=jeJRvVX~-wD}+jaG}K~TY)?*k;;WN* zXBJFY5Y`mLyH^Nhf-7g`rmFSvuBH7Np2yBLi?&>IdXDfSvyB|74lFgb?W#dvj;2l^D3!Zs#%Tzg}B1^e1(= z-DHA?BJLZPGXHieEe=$q1Qw7_UtNs^`OXWqSE}9|nxS11*`o9l?y@n<;y`bRF7HZj}`DLqW-mowiPOuGE&^u z?_j4>%?Zy^0f|~uvx|pW;8H){S2Dq#cBU>;|Hp4fbFFx?dZKOU^HeZH0xH6$6p-wIoFpp!_ zIUggv0Km+%ZiS=V0Lq#W3K5K7k^!H=5rb9sKSX zq$iN+IH|3dLX74NFO3{}z6eH4SP@nEy%b^8pSjxuNE;jkq|x;r3RA!_k*CaGN0QjW z9X}uDK_8s}+;!%~F9UqkQ)xgrtR}tm`hRj)s*IWgbnHG^g`<@6psJcB%sv`KKU!(> zckCAtz~AuP@k-%G1(X*d1j*KTk@)2UhD0YIP*ihR%Pr8ci!8MT4t|U1#RSC=W2#Df zR5gmY0pU^0(x_mT|`9CW}=-ld9$amI&`esWx*^f?%r(YZ2Dz;>D zjXb?2n#2C=daS;-tF`%bSV#vMuJw7Nqa(VLLkh<9(-bBu3k-rplkH{*9mi3oY1gwl z{O3QF{#bI0v8q|isPEs(89b^zFOo4L%ju?HO>L&+g!2`59&^BwOHwspP zpF;>mEkoFk){cI7?1|^{&70AUQw(jo8wqcn2Y*k0`ReO478~cSi*3%shC+u3KnKl* z?kKce+kaBvI2s`wIjE@+wDZcU)r=?y=D$emC`zG|la%}b95?Y(IhICMce;;UX*dOj znUl|Z=WkEY_^rPHSix5p(awanxaOGqxQUhLu9Vr!LAtX5g z1mS24A;EZR7&#pkAK3vM$C&8^hT(r!(@lwKc~Rd)Os8f?a%+jQ|M;n2{T%f8Xr*gZ zpiuv-BZUc7kU;SXXd}Z*e-4!v8rd7V5fGb!MFSiT5E8 zaBjes11Z{+XoyCDX7K_3ua#f^C(!Dbtmd76P)A3d9}oOIEooNvS~;;+qGMrhlifQ@{2)}WH1B`7o=XN|oaQKmZcVW%;uN9}>^XKo{CRtR?-uT20`HX3+Y^r^pnBY>6zS^PNc1h<7(Wf-|>)TkK z^*Lo4jH;|bA{IG4o1In#x8Qw?OWPQK=MzhD_W|+-((gR$eppTyrwMJ9AIK`jiwit{9w8nQFMp4lQQy0#ARC+Z@UH#rJKJl7NrHPjby5TINXL1}gGOg~FyP|w zg{M(Cs7m4hLC7eAcDWPz+1ZNaRj?uw+uCQhe=XdFZ5HK=;!gu@h@LP?oC%Ca`BzS9zT}Q z(~DW_l)Krh)|H}U>%^F>yay-fBEdY?MFNC00Q8oSrw9t7_5&Q*uLq)Pvoo`oE?tU= zi<7pq%M+rBS*+=_jqjBYqwDer@^~WD+0!C_*@O1e_g|OlDgi}!FP>So_4-h!vwg#> zT)@~=tLG(ql&TLsaW|VVS)){qnyr9;xUH1sDpyXaU_;gjHEd z(_CKD0g?7S9G{V^xMb`BU#-Bsv^xG)3p&RC@#uHi<5urV^^2bv ziDIwh$n80Wh5a4kV`3(pgKs=v0d@6Zv&kRZ{J3r8Mj;Pi+|QGr9CiFazkJ{ZG{x9m z>=+bzJyJ`E39RKQ3{@qi*yLoUmgeSwldG>(x792h#DtQ6jlB3}WF8RQm$l1TorwO0 z-$U_o{C0W7BzBcmGhy%DmLzws1p5UB#(0x)P*YO=xCbxLaa(1LtBl{1A51Wqwz|%2 zr^H9UB%Li+h!^&*=59VqouXI?2-?-+(L zX1|x5iNb5{&pC>Haa{@Dug8+&M#fnPavJz^L3ER#>R)P(&F_sb7f3w4RN4B5Vk1T~ z=MM8ZV>5R)hf{7X)E;FT7Ox|jZJWuiVnN2=gl2BaBXO+P?TW|etse6Yuk|Gv|B5Gh zN5SSE6@yRYlLN-=e zR44ga5@Oe=%Q;vl@K#eclIg)wQr$TP5!25IN z=H{Jg`u^0^)QjtGs(M?WigzrKmREO6^KibCK9RLkxP9UJ5jQ-E;ygXir7+t971Ti# za@!UY&kZVVBQfEtC3Zd&We)k5Q#kTAM+wG}JiSCIOHy~yfpL5Q4~aZteY7Y0>pyj< zR*Q@8PgBR&>(4T@E(cS-%$9tXc29iQfpy0?Y0RJ3ZO&3T(=0k9b|r?MjM>lESJT3k z>Kr*1_JcE!b|O7{j+k3RDPR;~p5-PA0ZdSjK}Z3hGOnT%-8ia3?y`VxQ9c6S-!{ z(+UX*F{wV?TO5;Lt>f<{_6;XtXGWO^qXFz|T4Y=rRuA-#wGo^^IunFZY!-Ey95s#| z$QuNk36+{lzZWnhvz=+eKv}PkHa}D>_#s~VNBaJpiRGXHXlWUIsAfr+uh?VCKCvm~ z8l_p`U0GZEsbt{!%sJz!kGE}ezuet`)Xz1Vxz?N}^OAVWhw1K!xb5~5hvqVZFC;FX z0}dm~JvD^@m*5Xje60=qC#D`mJL0>ntl4T4tbX|LUmlzOYlx*q<=)1z3i`>4DD3{o z)iL9%%1k!#`RUNuCV?d>fYg>~smPJrwo*D)se8uqd2C_9HrGST-Yqqy$TzE7D_a8= z$|fC@_=(QP`a3XjMZs_G_1gMxOWmIZg+EV3AMQ3BAzU%L(^`at{!S#D zdW##$>Hup6e2z+^jH)plj;hF<`_ z0Rsbr9MF0<9DYgzjr`Tm&+JX%vvZ-eKPVh|@8hi6#zaR;@5}_7kBFVV$-$u%%x=z< zQ`}|1$_x{eTXnHzYKJ0e_#Ge}$4e#vA>b}h7vob`GSFSpeb#{EVSug`E0#NVo`d>} z;@XyM9_#ekj^N+PUBUA|A1(tPhF$;SSTXdeLOIriiu7BNU2;o`ju<5s2~XQ}vSPe8 z94M1wuFD35z!t#*0TRL_jiZEtcO`~ExpXqH)|C;t^cSXVWJ`2t>aQJ z?7SlFFN4zLO$sg%{d|?MH~uQ|ug>PL zzV8`uJKxa!n_+VDW1n7!98GhEoR}B4#rK5OC6RUT_QA-;XtmOJr(*CxV&|2;=AEO& zb=GMv{=Z{KbJqi`BVosR@u;T@!M;oSwO~Ld0ou6Ob#x}@XqZ4X-^xoyOm;pe~%pc3MXG0`dSraEi7qfj5 zT)lJ~%oIzMd;R)#XLdNRPu?BjUEhJ``y|u7T_CJ5IYZci`;a~LWniM0MflaLS1+?X zLl-QV&xQK=T@1M|zvu2IU>09;3H@7X3Pi7ExUD-=tf19tG5+fX7h@6kS@eQf105(f zWY@V({8PqZ(T;VaQvCeR=>{F&?g{6&Q7sh62no49OL8$&-iwT3zK(T~fq^(=mR1a2 zgdZZg?bdIyu*l%Lg=f*&22iW-c2XnnLRD>^LH82#H5Rrzv-!Q#61obX*H&7crbfS* zXNSBR#Lr{fqTrfeJiET_wnTR^Xr^Ffy(`tKuhJ=u{#W=(CD#6Vnj6jM`JWnu{A< zM$(BPJuJpW1lEi51(Q{YvZ@A(CA zc4P#?7ARICmx7%RA1%x5XBj#7Gj1~P($7VC-=xIeI49SZp#0I-H~i0^XC2cPpjg0j zei!CJehB6{b$;`rx&(vX%(}Ly^>yoo*=@`LFOzcYjPfsc71>m5KH`!wJ(AlQk*!&M zX0fp4FPbg7KtQLf5}x0yX+M^c20DTC@7tpE%K%;JZUkhm!H!${-!k_L(-Q%l;T8}Z zEDp1gES6&n{}B@PEz>*O5%^@+g@xOn49(y(Pm>|G*+iV5Zj<4%UKAG+dP|Dy7AH$X zHc;YlJr43uOLKVkixDEFRRMP9XHb`8IvpZm=JCm=eTC$`fM0rLv3Y-@=PEodM7Zu?~~v&5uYMc7-HLRCw0=I@t5>*bmY5?EF$)u_<6|@ZQ8AS|A+* zU0-pWCe243W{|S~zd1-}ZmPND*l~w~uuK{_Njf*`T57*h1K+yjTLVk1b3*>ugQZ{7 z&ABRhk$kgtPZNkt^NnVtuK*1Xu(((;NwxW_9#+htkOjWol%yPPQD^M!yS9M?d>Gka zvud??`Mif59+eb|wLwlqv*>dG-Uo&*Ei_zvDZlwaFGc z&sXapX0K$~w?p-cGi0mRxY}|mz@#%%x9a4|LpXPsrVe@x1_yW84TR4;x{2O;zApmE z`m=Yi2CAy6WaQ86PswDF?R}gqKQjb5N}e`wc2ZDd1n2TWyHDRt5Y=K z)kJO)pRJkyxV9!}>6Fv1`c*Nr0fGstsf8x6FJ)dOwtrN2nc|Z}&g0P99RdB;+2_8& zUCK0(BH4@8Un{Gsr2OfXK@JK8$PTg%`1vBa-H-wSZe0QBxGKtgDmwg3=d<#F*9qI7 z^q@Qb!?P=B;(`D#c@Izw)yC}mj3}-F#MRPaw_vK0lHb04yVkQab?&!@f6ok#uCf3@ zg`2$%k|^7@f3`_lQnp1SuNqgEntrR#CW#oB)&UK>J30?N@`7!r;9FB)B-X2h$@PZ= z4-ai@Hc~L^dIlsk&eU~-!xoNh+yBm#V4wN5Jpvoj>Ce^b3sUvre(C5L>QT<((4m;e zZ8yMY`DVpxqIoR7?b0Y|!j~_k3tE^1WVqOTRw1Ih`oj^cn9Kz)lb6RByp2b7u>?&c zAa6n`w;$O2doj@QC#VcleU8HKSlQ2T7(ll||3t{{C zRa%I>c|^GvQNq=&g=Z;>sb<5c^EQ4ny|T-{Y-(0B5w;-8A(@wLE+G=HMAK%_k`qcV z#qXR^mMKcs$WlbwreF~yGs#AvH&Lxc-7aI~t&iiOYQJ%oDbACIf=F`&9%Tj?$ah#pAVV<|FTccOxCsd;T6;in#!{F8Jjt9ueJ00`S(b?F1r+%vuIPJ z+}NmH`ZdpdecmlbSljij5KY>|MttD>8cs@VzKICu!gF&2{|FtG(4KDz%wmKQC-Y1f z{r$Q1>>Xwio2ydZ^;frEwj}DLr~e^{%}tiQBIX>j*%mp%CGg0;I9f2!p|!PT(yfMr z#jy2d3NAh9e9I}!V+)R)x%au|LVU-&M7PjjqwOtk{c>Hk*)KbG##^{to88#hX;Jtt z#!;q|l?&ShE@GmhtQ^Hk@v`j2?>(pKszPqvgFGy#SW< z%=U?&=)U5f_l_*R*vxI7m))qn6T)ozJr%&4@%Xqa+w=*~Ikw?B_WIk82S+ly`;+CuJ z*7$3@pbDa*xgdHT<)x6*bgO@{Tbi?K?qv}8v10#T!3Afz++#8P88U$@+lDbjwS8^o zVTjGBfi1I^hg1`5ze9Bg{*qUBRe0TddO?)z>qFJ8FrY9hVYzq{O)|5#$$uFJRpM9SweeVqH7DKfiaT}RjDCH3UiMGBCJ&)vstUuRHjRnFA z#ydG+JTu=*STa=;vSuchIHaW|Z;3g}B|ZsG^q!VnDx@QbO8r)TZj_|XE6GQs%VY6x zm+6HCa=aV?ggZt#wuEO}NZTi}GHbie`wQ{HwO4-3DDMz_VC%Ip9`PTcsjmV80i0>Q z;uk3-wiXuYpezEyU7X*0jp$PSJ-WcoXIW_jNY!Vu#yj6tLpqSX=bCw#6j;)hDr+VX zB|}>ZRW-PiBL4WcT=u0Wdj9rL#w3^r4XjbPE;bs^yed04OX6Q*q`%#{Y6Dsd%eTti zE+lNN{kC3jQBcg*<2R+NAZMwc@;098TIEHWP*PHU-e}LM%2&m%L;$h5eA}M6ERQWD z((jodFLimHPapSY_L}MScd@sCvCE?4DCQu=WiQ6Y_$|MysHOUYjN8VVQ>Xx*J);wK z+rRQ_*pnNehp&&Mft0+l{yRm2COmtl4Dl7~+9ek@jH!n|K5D~yLIGXnWZTB`BYX83 zH@_+|+$rf7knhgKC28)N`kSw#)@9W<{&RfX#{MfF&xWEDk8%V*wnbY_0jIL@6V>lx zBk`TaXKYRnc!{qMkCG?qs078A(X^8PoC5B6aF?d*gjb=Jbxc*RPD`huw*Tm6G1J2A zg*wt`#_-dVZI(N+52H5U*}uwOs!X!}lZ97}J5AupC8QH_`-xZ{yHu5|VfX0zSDa!z zvU-t>rzWo4Avu!9cBv0k66-=WH9-f!>eUzB@3&aSi!Ug8cIR|$khOU>753ia37jrt z<7wN}(%+IFcHjq$T3V*Ii$ESs0Z(q_F3YLypU-GjIuw*sZ3n95X@digB`mgSKufFO z$$uaaBvLPemu9v@NNz;g3A{DRob9uZo@IbJRDDmH_}uk->Vwf!0r75_Cxb!~-+2{d zk1Ra$Zhlp}423$e?I)UIcb^b=b9J6;P3)7*>>~zE-FVw}fkrv&v{{o}+0z5RwcVCa zDU0x}e$-EYzO-)JVQ|@tXBZaW_cRJSw4*04f1C+p#4cNBe6l4-Dc3kdsRnm?$4cLO zglQ_m5Fugi*Toi7fx?1Xudm}YXT=30j?7*brlFT3B3;LeI%*xYW@p<&1g zS6IlWr)VxP>7rjy0u68M8jr++Uo0Ys$cCz@W0qE{$n~qdH5N9$o+~C+snI~ZeE?CyRKlugTbNZ}*CI@sPu~Y9JH5vE2Ip*Z6 zRD{0tPB-crs2Cd~Ze*bnHr2^b^!xK?jM`HV%^3kNszOy`IDzvqCfxfgcRXaC^V|wI z3qPyBltm8BcM?vMKL}-3_0-hw1Y0)G z*=J9DyRfuaprbopc^*i|MHja0a-P54*u>0wKj}$1Bz-v9lm$+hJG22682ww6Xyayl zR4e)Ry0>k9fu0fJ?k+0opza7gvlfHC{p_aO=u zY^=RB!J$8!3cW+ywVC-Z4GHS87oX!4`+xcr^Yf=T9`{btvm`f8m~ooC*$&+(4G0(o zLpH>f7A!6A7-!qRZ05DgFv_v`C>>}Fs4&}3FN4>|DuI<#S@UykI{`St)_+>xXh$w# zhklMI@A+)Dz;r*%)x(74by;G;iVP8O#fu+!8OjP{gIrmlo^ze!7d|Fm%3`OM5GncG(;Qs<%Hc8&n`fx`{ zbDF*!$mQOmq)2WAAG}u@-Z`k zZTJ!hxaeAblwhwkK9N@N?xa|>ssxGHy*vsm9kWy(o_QqAn@L?@4Xkj*(UNA z0!;$BH)!$}emB~&Pcy)bF~??e)@;*+g>J6+O%Mkzt_`+yDo7_F?XvY6v3MHVVl&2~<#YlUNFADaQ%2HA&Mr25 zxdeHmNmQf}iW!1E$sFmhVjrOXi5S9zavSD*Gd<^_@GymWYjT#sFS1DAezx)rRg}Iz zuC>GROT%83XZD7e>%PjkTgzYDTIN)n-tpX_1r;|O!kyY3+tD&Q3vHMFQHBkb1^;-K zJ{}NZfhg-FaXUw3S!N&iA_x>L9n^mHRZS;+ENP7j4P|_gm6fFp&;SzyR}b**T|Geh zsK2YFZ?Z@*v|h)Q-~nB;m;iZrUyrr3>lLP(divjQqs5dbKwlIvz$0bot-l8@%i#S& zm?a4r2@N$hlyDf0sBWqq)PoWZ$volA8^fby#uhAW#l7WPF1dX{YdmtMXZCerb5MHCD1dHbd3hlI}!q$=|06@6BAPKiOlpa7ky3$0NUqMrt%@lGtX~ z`Y=zt)5Z?36&p!xOa<;BW69~2dMq8%AKh`dHS_}RJHXeF1Mh_J=GADonDcOSkm^7E zG2F7gvT?SBo=bs;+`#~(1rv>e%_qMzYo#cdEh#gwVQ!=LT}; zHZJyVGPF&U-3rC79!!Xrt*{UkxohH>Z9W+Rb7`5U%vl6!1af`aFGq&3CJ!X+pKQ?+bRn(}tFC;T;(Cz%t! zdFG$KkvNnm(bv;UwcD@|*;b2|HKvt*sb?MKZ^T%DpHMsAs51PKrRM95+C?=pMT@%z z+L`&$7dCqrh`-jwi4y%?BTkDgg^gos4m$^xy!bWKT{|VJ`cyWnPEqm$*+e%ZKc$w; zM%n~Wvbb)_K*!?ByO$U-_hd}n)Ju}pOO{e*VwQd?t7U&TY@F%-1Ld4lITE zY3z5^XYPZ#j;BMLAE=W@bJSU}O{*^<5G~HHN+4E2OA=azqR6>bobWqAEE*Xn8%yLw z1?$t+z5&7WpD4I!q?qg;33{(8xUmHR+Fj1O|}=GF={qrKbxikbPh=GE)Wh<7iOD6ngylJ*e{I7Q6j`@3k?ylYp*E z6H`9}v}RzqyDo^_80~B?`W)k+-Twmb6A&o0E)o&r;l##{UHMM=wK0bhGQyydi`v8+TIbj%rB5ve1m)vgY?JN^SXXIV@oYll1leY11 zO?VP27CPpWts;OKKqWVMmr46QJ1~H)2dy-q@3dK)?wGOozjougYn}|JfEtHhy~+X& z1T1Ue3~5HD?>|T}4_dVuK+R|1@_^0>9P_H$dR+>eTcC9yn8Q-`pi~k|y8Kv6|ubT8RB5;Cp=5D@1s@ntZ&iLiO~Dc2k}g4!?{7H(7RhiyRFXe!oW>a7Z&?F zSkasx_%NhmHyv-{{aeKXF4>YF#~X_`LiZPemG)r^NPMBOT*E1pg%{dr60wDpGXa59IlRtCq`XV<+uQzUNm&u0#sv`zSFuE(fm zc-Qpw`}+D0zqtD>Nxs@>4jgZ)|0dMa=FS8NAz^{=JJz^g4_-Rv#QS%z)){)>85%!- zF0QK^-Eql&qWYs^o=K#nWFw^qWzp+)Ziu@y_k^H@DkEH!w4r9|bl(qQf*;?%2lVtC zvVu3cxyvmCvUaJgeh~Rk3Z*{K+XRViG(HvK(_I<*O7>q> zY)8+o*o%aBgWZj(QF=>t?XK77b!-}%E=S!s}H)RVo(3ZThNSvK~g5x5S6^e5Eq z7Dfj+q3c^k-m%>Vpumt`xAouc#BV`UB95wz%nzWibvrVY7JqNHBy)K6f2VmH8+ivT zdjfd_bcTsuu?!Z#n~g5YWBTatAGti;71YxYQsq7UucUW1^FO;%LCN(2(1d=Zm|Cb- z;y?``;JPP6>!^mb%w99l)3+ul=iJep(TiWT5BidDQNhsrk^ist-NRtR=UAJol;y&a zdD&y_{HD!-5Fl*$eAOzlN!P*|)Obcb_FWUZGvLa&ti3G3E-OO+xKjc`B$+8TAHL3p z3Jxy}%QIoFylQeOCO=&{7I?ZDlloBW838WoOH!3 z<<9Zu@SIrC6;@eO!@@sD?_V`_+Bi)Sl+K^!?|1pMD?zU*9b-V=IHy$6XwpJKM#7FJCiisgoK5c$^~g;#HFw5yu?vog|9QS0QP)w8+tX2Wup12 zjHb_c0-y*D1A`c3GOt<%)o5EdQDHjVF7Ae8qO<_C(XaAoS{%MqvwQr~aL|8a#VNCl z-o?6)nnJ!^Q_hrKOrpLT7)YGLyjeT=5;TB)#CcmeZ1&@qo+;@cobKIM>)}uKTJ{8B z+#->rO~RjvqM=?nCMG6D(9mWyR}QLW0qeWwxzvsK@x%D-`2nVd4F02j;2}-ZspEZV z36Kt1noqv>Pefr5+{Ur4v2e5ew%31p`lL^Vp#?Id z9`n8p8k}oWm~q4+6mx+`i~Df9ks}ItVAh`#GF=kp2CK z3pgdGR(CtMfh-?LQdwD9j_UBozzj3crF~0U@&jD%w`WPbyT-KsGU&~{Vw^`jG1<~S zCS?(6c7EFb#}x%#ArTRlQ*)qoSo=h;6{x^3XeG(}p-Q?GBGEo~QE*qy54AnmQKS-^qa9QBwSJ(GZ3^4ZT4{PsxfUCpCSP0X?G9g119U zj+Ynfb^0&aFvl?Qca3zDg?MQPy#PJFH`bKvoGr(x$ex@DL_O$J(;f)p3zLn9X zERwCE;Gp&HcfVTNs6zdoTSidwI`YQD%mf5&Y*HInRX9w-+tp*|=L64B zGzRtgD)qB372=Tc4=wTDQKss(24)0$gj#dj^cW5O&l!M zZi}gQl~Z$%VcZU9bA$SYI~YyDZOLKmSR)y6?xB6Fyw`VB^SS*!#+xEazmG&r(3U40 z-Z{H_VQpanxGtRx3*`>h!+UITE zSo=Gi^m4dzG1!*jOkIKXq>0YDsLC1-b{fJ%F0C+e*6MEM63wN@zgFk$EMoK+f)YuQ zw$Hg7d~N=-6~mY-aXs%bP~ukMj!)5;=v!~I9gNwxFgwFmc(zbZRCU?~Z2j^2JC}Zj z+T=hq}4m)gqT67-G`Mm$Bh!xL1{>ha!&P8rf z=g`Wv7_vjVmSS^)TjD>b#I2NX;8Ic8q9C|nokuU^=yq~m#}i0BXsk_yQ3nmmea#0z z;arrLLvXLfZA{Ou737@H#~_hErIh`*R&cNkOSn?<_lQXNP@b_Vg{{I*=Hy@5Mz6(+ zXVwaBRtnA*>iiME30=z$u8VeJ!1#6x9T9`zUSpd4hpdN}NCQar_YY&o{EJ+Dma*2= zYjgH@;=Ocs>eMQsOPP~JIvOLsrd7##J?Z-1c^19dwE7C)m$9<@{`7MF3E8o^_EUS6 zYe!*vGHQ2d$2u5c*Qa`~?r?_2F2kfj*FP&&OrcE9I5;=&CD`I+GXlp%rxBTf%b_+V z>YM8;K7LxGZnMlR>D>n5$#Gimr(khJ?sam#U85cEC3YvmF3PCcSN+YLD<^7b=pb6k zdio@kmGTA)+mbo)5W1N0%7BaA~(*fcfdFh}5GLmd9_m4h1{PG0S z6Q??mna$p2M~X6jd)nrScQBP0?Kts`gF%>!f`~IkJDcT1?>8}Gg8DZo#tvtf?V>13 z0BAV9slcO2>1ewbDq{HeF019v2?;-b7FYpZGRJMtx^5bDFudb7{3Kfu-h(=nF@1n1 z#A|>^v~+XX96*7#<_RP{(*H8;8xP~pmx3R%M#si_;N@%jx0`iGU8^%--&a_Lg+L)= zkBsW>|9|hyQAPmViJ8!&o8!@z=4C@xga#3`?U-0di1aSB-byObuOKiN^*!L1(_ri- zk2qi5;l=aN&w10pa3eVz?CH=W#2)Yu^ocd>y83G0rmlqa3_$0@@lAUqi^(WsWA^x*4?w+Y;`2|x=zN)`YA-crO z*DSj7?^%R!CWXzPK7g|lnk*)2sDJSPUATFFK*+Fmn>xH8AD!<`)6Pu^pB*wbB`EJ+ zqf7d!^)T+ap@(}mVejqhtXG&hS&fM=C>iIQ7^HQSpHiv9JkUCl&}7p4EnmIOG1B&b(Ge#C5R!>O>ZGha7IM%BI_S>#}wLh`#W+V{Uduj1UQ*)q2T5f2idaDG^XPTJ zqu2NXUD0@SZ^A<>&EbTH!=FPB9RS8Uqgk1~`B2n+fV=+7RzsN(2jCN*hFGJQZv&0# z4gp1SL#*++`qVyayvH12P`N_TdxwIZog@6n=e$;9M2ybk@5lf{Of4$@K;y(iYc|IK zhOr1D_fA824jisXJmbdUzR*K+3_wu4g{<(O*qh_4kP z(OJTc{U7>k(3OYl3W?8^Uds6jw@~4o?N8B47Ix{+f4{vuR>M($z+o4a!P;ZrZ(KhF ze)r)jY!?1M7)azS=lsemlaf5K2R1ep){~@?p&rh?sr&{zog#Xj{3iRzd8_RqXj*OzV&Bx-1U4q;U1-fl5F8%>J zcY)!ab=rM0B50rP(+W&mkDHaX$|%yAxqEYOJe;32K;!q^Lw95!chP`~&ghsur1xj| z*!1oq-?rZFVPES4&*@#B-wZpF9j^ptqXSX54fLE2{oG2k=kfSG1?Txwdij7f`+v#>g<7zG5)b~% zk9TEvk?2;MPrJnNdjb}DmU`ouV$K6$4+rTX9?%}%-9rA6U7g&%%@M!$PB+nGS~cZy z#DpB}p6rM}1)?-)9q6@B`+dw_1Xe;d%5R_Z(7yvpfEh#QsfDFtm9F5d3^U6uDAECY z-YkIVUK4-JiT?|s>1Yh`-oE?$H0KtkFwl7x)F>00j%Jh=f4Y?PEsZYzl~qZ7yH)jE zd#>&igS@r!q!w+Gw%pek`&xPsI0OV04YX+IF9^*E06){qvRY`Xh${oITUr=$KqBHeqQNJ~^Dxfs?%dUy zP;Eh-(ZZ;SiHX4;n0TO_~oK-xL7fERBz} z(9yEbG>9sUl#yz$zTO?_$7g!;EB>^<`dj)TLH*^PgoY)9(1HeBIt0qZsBD%E%pM22 zr97mj_|j1T#~xVj?LLItnfF~kVBZKwkpc;<9Df~*4iC~CcqSaE^S2JaU!<<@=y>eL zTXvRnW3YI&B^b|ND^zf1W4--lidSXwr-!hM{9y?R34~1n&H&2KKnK=6t-ACC4P=>{ zfNHNrQndb|dVaviu2>T|GQ9qIPnhz>XtmBDk}8CuWsz&7N7IdN&@jh9>Qfr+{jdOx zo>TM1^JRW41Sc`lpxLAz$}$&F@d9i928c*!AtQoDgFW1=Bi`ZVQ8`#Rtf=GgpE(y( zxU;pKIA6T^DS1lWL!`V^Vx!Xh*{oPHW$@ZEzOH!)!A(+6)=`bj4r3p;PvgA+9kgF}Y10 zNfm^>bJ7TMvpVd4)2ydv4x>EeW9%WoQv9z?!Pv(-p~#klk@W}M3pQ0dkDR%>y1cyn zTwmW~m`3)2piRzPPLrez#!8)izQKlwQ%TNj{nPX%+6Q2;bk_PhVQYK9wgEZQvq$I1 z*zZhCPBw|>-nM0Qso?{$Japvy1TBYbwfmp|{Kh)PiWbyi=ll5YSH*aYU^-JsHT#KD zSmUvw|GBUD;*49tGr&S5?hbnw#E1q0|l3GYT`~Ws%l{h^^5r+{U(tAwj zOYi_#)`fs^tZQPAlJ@bF8%*Vd+%_n|Mvm7L`X$RRz@i*A=z7t zB%>%HRFX|dHXUi$m6>&vosjIzWJQs^$=)3M*w6i@`s5tn-*Y|J^G}zY<2CNRUp2>M zk1TXPu8xo{#dLkGMX$}y&N^du4Df*oaUGue($d+JqOtjgANPXQTk5mB9WZrCikBUC zn+G)~IYtJg$D44h?IAdh}PwjKD5{E;)+zuOcezG=8 zO-n0oO4iPH#w^fx5q0rAAo0EQSTgc3Hdt3mT3WYmz?|Em#W%37?ZRef1fJzP2R8pn zqacpWhSfR&)4Y(JXI?J%W7i(4i2^WfpG9=V`wMUqQ)A;XsC%d9hYq;-NL0Ga&$Kl%- z@9>iTX4Zd1Gh_$A3klO~Mxu%9&&ywtv)IS1$N_lie7=Y*PC$9X}JpcVr z76@yX&?Vl2eU`yG>bS}*3D4W=ldSr~vWE%LQF-xxn}GKTUVcL-IL2=nvj43F5Lvm?=& zCmhTq@OH{a@$CeCNZk4PC%(;alGH&$uu@E;Tk%*kVL7df!Z}R)6HFmS$1nx)B0lTWnh)#-oU5H3Q*RLH*c@GU`6qgEibY9=J=oVt3aTe>e z+{0wHIJCxmCjm38hKjCYd$@JVeG{W3uwTe8 zp4Zk6SxZ6tx#dR`L6RjY8R4Q3cug9YYVYwPT~s>MxZI|^BOLbd_~)~ z=vUX(9k3hCv$LO8@AQgKT(Rj8mG?A~x%gYy=BL3yn2VvOUeZXwQW7mXlJRbbgLG_bFD3skPiX*H-5zYtbvG@}~T_N~0-R zi=^m{>!@C6r5Rjb?&ETDB?A3!n9+7d!>a7%VMB zx3V@Xt99k%#^AzqiA229^ULn9TxzMuf%?Dp7;3E;jD8;BeARY)wYkckwPR)ciQOUp zC*+P+_A@Z;uxr|GJc~_gHxpx{hLthhr@ZmSk)Ae-D%l-9>?$8#=u`xhmP)K9TX))Z zwvM3a%j{*!mV1@t<({;un=G{4Ow}`^b6o2*wP%TzZ$F`?rq=y(=y}O=@tH4J%yaR& zwC8|#3HhZYt|Hpb)f=P9rHn%ZhCBCC&8PmU1?ZAkbyX;#R1mG!?j%0+(aC1LRi#Xp|YGsie>KU~Wet%bIjQ`JDT zg_Rz%xFWjH>ti-AHXrFA(;(xF>0E3OuoFesE&HIC!5F>eLBoASLu8@&sgOng3^av< z$!b6Nl}X0Vb~Kr3@`;P&btJ2;(`pp74aG;;MmTY4llBBXX9H%UE{^-WF1AVt-9T(X z`BIg{%{$nm9-%IulCtN5XvFQUL+qzc4EZAhc21C1=BI5@*{kFq4eBv>#wUA9WA2Q= zd!2^%tC2q4MU)Z@&lzm>jtWGtEjFr@Jk7^mTwZo2s|jEHthwXOM0%@bOjS#yI8?)6a$Dj^Eblsb_MaL4_PS@;-JQ2>U-frHR zeEWqd>@<39|I+AmdfMeHbH0Ra-h$m_O+B8b9!d&AS%zUn{jX&?J=cWC>I8p1-ti9H zILEn^=^i(&m6Lgs5^GvH3qMTd2SyAj9E;2SxS{YH`^(9Z8Htp9=W(LQ&mTz?oM^MS z`<&s?rGXG`?fW6-!*R)-c}pcHVnPlfS$t_mo1?4q!JTeStJCO_-Gyvt7kuQ!kEtEx z@|vy`5pXDRm*himpxrq728sKf!;ky@)Bq#M2C+r(mz>5gSA>nv`FV?;O5`)|K@Di3#V2`&#xS}e zlVgchuTL-7?G-xeCAjc-{Rm0vR{W9_*3_IYuK z-2|1^YE8iB{!5j8(q3Zxdn!O{Ees7f>?xc`Um7=CbaKiythAfR<;t7s<0^FueWaE% z9XfGIV(q)G1U*;IX#vjcnb(YbAq!8KiuMS!WmYmTb2%jdZF(1u; z@nBj`AX=bxo{uEIvBR!ZKPJyM!fEQViM7P=igYQP#H6d>GG_i_P0|i>VZpf|evUkB zG1tt^>=fa#;7czTmWP9fG^Vt(d zc9b5XWWpA3=dQA=@sK!yCMb16JKEY0i0BrLXOA`XWXW=6pQ@BtbIu&Ck=5=l`mytn zi&LMUN;ihZYjhV3O!;)Q!=h|PaP;HX?ji-J_oXelL|tgd#Ua7f2)3fEfe;3G0|I5DM zV!Q2gQ7F4?#%?cU`b5D1JE|)|9j~U|6ItbySb8FJwxPAVWhBvEOT)~DmoJwtRZZoA z*vfMIgll8IqrvioKwfo>kMf6wme$rDu)gHa_YgBYRJ8SR5XU&wy^<~|6@PTDF>gG7 zZB=kAKaWD!en}lPm|Y}#ZLypk(UR`$ocW@xS7^|Vk7oa2=cc>v91W@}`->FLjWlXF zIoPj^Xt`&M<<1M2CeXT65m)&9TtyM**^)V}&OTvUK5g=Op+B>)Kln&MMX{o} z!E(`3TU)y^vsY@N*Rrx%*U}-KvkK_;TeH(Z_Fj*Kj1FN(`;IKJ2F*@SjDpzgL!*rL zUPik?rIbCaiiZ(Lw}zw@JdxYrpip1YVcrbWvPi%JYipw3Cg*M4O*=()00z0x9OT)p zHBPa-yf9tcTBra_`--q6JAdlV7^TF@5a9WIt?BH+TWd7|`G-IvYjwL-ta0%--y2i! zvJ)}f@rG;Yj)sPYcbtOwg73}GMykubr2`kIR;+TSHMn6o4z|N8zm{*@8NDV7DyC)+ zSlhQ(tn!xH1xKVMJVGC}#EmTQHOigCP6%Vd1!sN^O}ctJ*@s3Y(z-y0r#p+6=*jdJ zgLuK|rOpxC`%u(oR=4Es1wc8Ox0b6Skv~&Y(Y;K@`GRQ$^BnezUqXUR_REy$E2do& zh7{s9t3K$(hoX~3lx8cIjU{ETSh5==R%X_ytvW3f+E%kW6R%58xf6l7sGRcNlh*hG zz~#w%jh67t5lB9~l43{dr2a9%c1uc9IBv6M+#*4s=t)ov>S~sn1p%o2rwMR@ge%1d zLco%D2RaFAG|<^!F7G_1i=K^`vCAcDL<4gQ&Smy!XMgkQp+qlV$eH6ya?P?BC>hJ> z+*iuvbPEjW57U9W@8y{~EVU-vTG|~l!!Fg(w=#jjiEU|I6WJ?@DVUMM_WHFwS}XEV zC^0K#pcly-x17vwHT7PaaAJPF@+g1b>YT{=NR&=^flotIi-hooHnO z9osU^R(2Jxb&)%HBsq>5P9kRXA-hrO8m;4(OxE)I{MBpu8h00V+E;K)hECWEh+A~K zf)R1J9;?t1M*0v5!|z@%5uwC+G zTFW&7+STtaa^EX^8OT4DFd3)dc&5V&yHCs+^X&(gNvuozRhz9NqL8$G8Z)W{BiIj# z+f4QHhC7ZVWE698eLk*fI~4Ws`_H%Md&*e6U-Wp1r8ipS^m}3!P%<>DAt0Xo{rzVm zj{bBSj*BT8iIE@UR+)G3V3H7*7hj09{)Hm$PAf3Z-Ha>2eVqjtyJud;DpwCyg1k9f2#w&mKY&--{4JJN5k_ zP7sgpFnBkV#>%)_4~Yg95?uz-ePcp_#_{7h%u~Zz<9qvu9sB$is@rmGc=`F~#=0y$ zI)2(i$?YXmG#XSmxP!I{v=B25?bwz-6dhawAzHh3g)`&e56YR|RWP|!m4EQmO$st< z&MW7K+ec&yXUPtpI`km)o2q@+(=2YIo7%QZj;2ZX$SVND13y+)E}EE{Dj4t2o^3ul zy$1H}l|8v6%Gto`X;wd1N$c{ET;Tl8r~mLdSnQBeamEza@j^aj^9OLLlN86VLyJ@{ z*Bz`H*%y_wBgU_wh!0{Gy35;+qa~k0R9D6Ni4jimf^s-)NyK05kA#kJj8orh;l5|F z_d1`tbUlSK;X6o~@a=Xuf&5MgibB1cR$OQ@*XENbHpAzB?M&I5N+&jstN0KJ^!V&a z;@Ztcs5RpsgcM#90RvGN-Gc%w9i%{qC$n$!NhFaHoJK_+zb&d1!zobagk3%kAJ~xv zFFp4_f~)#qyvX(#+#n!aZkO69q&NNxtZQUU9>T?OudvEZ43Gnazh@=Wk{20*IaL@${_bHMu3@cBv5a zjh(d64ylPN_yw0D56kra^27yP;1@%*o$J{1m@e4MQZiGV!|cTcv!W54_pW;o4i&CDqd=jBe<<`A zM1r{Xeb6VRXbOK!vAolDH!gK90)Kas^Lpb#4gt!2*u-Ew3`r-2uK_)-WK193POw5v z;XIKa%C;Fm+fcKxugKvou5|{=?a;~3*pUj!H8_yf0Vra~05E42CrEGRmH$uC>nF!B zQ}1-lsyTQfA|iN(EwTc|jW1s@FroV}c5`zzCfwyL+=b5Q{p-!BTPLs&3gA;N0AM8f z0g)-qR@W(McB2BQIo;h&sGOO0+Zk@AeAFqRI^DQdgDortiY_VZ801d0NR^jfkDpxl zcW@eXc4pwzOO!#8q5ZSqq=%dN9uccXyE6BQ2Ro?n0Z9;cg~Gp=IY3Al+?mEr;IzYe zLy7TLfZdUV<;|~tkg!BK!D&Tyfq=gT0^av?KW^x_0Wt;?x3<9lR>_BOWw=e$Yd$U< zzK7U9I6+7r9ESkFz9;PBX?OrRGfBvmI%B+`MkNZ#5B|QHZWn{yB|vLgdWvuRzAB zobG-$e0KabVCEIG-1*0nAe$$caUt_hwgY!1)EVG`0NOTl_#l=7C~lX&i!nv)cF63~ z>Al;(nfBnNN07*plzzDS0yYfi0!TSjpFy%XX)K_DMRJu%QC|*#1AoQA@c$PX?1q9b z$8cvP*S-l`|K-4NK7gwbpswxg5>erDujg77Z_#?QkHMYM+pEtaBE?wd{WXDy4|}C} zrA;EnA{>3%wabcfBTUN5PEw>?1Y)Rr2GBH~xk^R2Qx-P<*qeZxM4tiiFkyrXWq@E= zpyUZiI&&yo9H|Ys*lN*u@!_KbtZD)7Z`B$1@A2{SY6~t>Bk|Url zSVY*20u&(&C_*N_D%`U|(#r)u>9xL*@=M8NFa&&=+IGsyr5>L*0dw*3;|EcfU9jC0kE+>lqt+CTo`>&XP9N1YFh9VuDv4 zhFXzAc^fDW!i#RkJ_IVhJn?d6QwjP843B>*kbDC8vADY+#>8PuBCd6R|1&1;FDz2p zShHhLb9`DABOEez~AetA?xaycHZfSPbPS1WNuKM)QAfvWOtA9xieKggK{nuXd zi#_sacD)VB^6?HVw}+ngEb|BuoT|k3VH}342eGQ9vGPeBIo#hnZ~U<1;Gii*UWAVP zsqB>(&W%i26I8G0vo*XYjh)uyK7>rB6%I5_l$UwFQN~#BK!jwt6@W742`E`ok}o1m zI4es2AMG^-+lUtFU9^OzXY}mGTbyqs(F+SpG1$+mX$Q2MDL*{r_%2-N_1W_o!l#~% zP1QS>(yx~*{v>ybphr$&nIR#&4KRG`R9G1fnodnf6|;3>Vn!<6%` zU3QN7rA=OaTqU2>$xjU~B%ZaL)ep}zDSMG8rpt@q-~*zC6e07=31o;DO^dw&&^8zg zaljRQ28fUYnj|P#4&!(Dn@^h*P|k~+^**^T$5O3&cg3aBW(LbpoqM6g`Rtc z&tdmZ>Kr8mw*OT`@1g>&q+BkDbF1+E!2ayX>~ot7ZP#%S?n1CaT9_1KW1A{wW&9DC2C8mG@B+tul_uzi@8kUpFKh5Z1p3tPjP^_+jn$ z5bVxt5z$-2!8gKwi^qSWnU|+TyuIcwrjTjs&%909Mc2BBRk&L}%9Lbfv{I7fzRz@N zUT%s=&SnWy9zJM+RYiJOl6fC&w-<*6P-;l^g`fQUttGe3J1cfAJ-=eM4oeEhz;yqriR5UWn1A+tqq*VZiRAQCjiAo44~L78(HSDhHMq!}wX)LjCZ+ou)%#F2+h16ZTrXGobaC&tKkiOv-&rtde+(7GCbV zs-i-TGz3F`sp;UWnI%_kJ3G7Gv}YnWny|tZQMBX|hj^GABTF&So&sJ1W9f#A&AB}H zOO~IK+1Wca#)%Z0D8(dNkwU~sAtBB+z^KgXyA&M+$fmu-@0n1 z{lWeh`-(qZ-oP8~d)=)y1ApZ6udHWdtDZEAK|9D8I~!5dTIMo`Y>M_(r`uZIa$1?4 zT#fL$9D~G0MNex>Ezc%7dCoIFx_Ko`RA?m!a(E`WW9im|Z=cuXv!U~Q#!S7TGH%{d zAL&f`=wI+!r=lCs;@Z&AAU*^k$)css>G4aeqhrTNI@zv0Ayv*r+~Ewx?Kn7q>Ov@} z--jbA5#FMu{6_)wGR`>adkSO2V(EoXB8FqdgiszvXxRLfxX8T=T~#w?y+qWvC`uWu zZi%ifPfreNdq=&U>z#$t7?v=|$!9K&XV)?>?-dz+>9|@*##QwF4Nnh54|Q$Xm#?d6 zP*L)?^Uk$eb&4k%A(cN32d$^x=yoSAt+w^h8+Ob&ew{G!rq*(_Nq9crF)eX7+ca??D+@^d!&~&hKwYvkMs+-|1;;aiwa=UY!nY?#Gw&a&o@+~U;IHs(7nd5hvsrAL zvJ$YHN!5AF*O=u{s}5T9YF*6Yr<`N}_sy6BgwR+NW|ougAE0yT)L$Cwk;@)y ziT?n#QPRxx1Z%f4c{%eeZy=rO4xH4rF>{JEf?5+^Px=haFfV_h36Hjw^DO_XK(oVaaoS(CXt$LDk7x$Ptpza@ihD2&7FVo_WokRe%pt*(198{&8Z z>Ns({za?$BjCF?fXD73LVd`+#g!G6K^}LJ`HcYqVrK_pCA5R{mu~UBDFI{?8r_*#+ zi}qi7mUu8we&RvPqg(QYnBf4D?HSD)2umJvAr*^O)1q+v_WIc56QSQq9#PH10=WgS zC}~EgBjce$771~?NDK2pEojFuq)%AVLs)e1r4Wg7G?brhRs80Qv|py?-N!L@k&7sr z5$xDgXqEciwQv3qQ)mJQ{Ra+#M@uwW6MYV!_v9tsG4cQv3#60%Wr6t2?P52o$>$Qw zFqMFTzSSh#_!g4uL=tw8o45<*JsL_$NDhm&r?sV}TS5YZij9w_FS{X%gfuu&$141b z`x5KmUenF6CkjeGdGHi#0pKGTd2rKu4oF3#(*sm~;;peB(`XhuS_oRO% z+D*8#t<7a5I$MQ)RvP8EG$4QcN9T;B{2`~2i~C)wDrv9jKZ3@Hlv+bSTt@ys=t~0;KdEH6a>A(`8`AGGUu!C){c~<7| z`}poaZLgulNBbX}>g&sxIwU0}DU{mx7g6>M>4vSRRG^CeE|j0YvSv-1&tF?fuJsZz z`6#~w;qAjHP$`*RbFJE|g%^i@LQi(D6m~ob{^`As?X6FplrqCOE=5TMG|caJ>3o?p zK?x4p;Vm7sVyM04%8R4Lm&qi`sfc^Ma70DS{C;X>mYyV^z?Ie8yyG(q+kbT30X)~e zE(p4V?J!{HB}9vIk!Z=XUEoj!1Gs9DR8a!h4UYQPl6VR67!l%4zuNfh46EWONR!6u zDdkjg2URfjH7@8%-+5=5Mf17uFybhF>LAc+>i0m(zI8~BX5>js6;Wzrd>ydzBm8C6 z;c*E@35|0r7_}>HgLKrg7zTw7JZvH-kD3ZbfvXNW4r*7n9 zm-L);q#mBK6&3cc@&x01CB#x}ANKXKT%<(r8+>Xim zU)a#4D)dC}*M&>NiI?Ps85@QC+P!73s+*c(NL}8BoZ}g1xUew2{lnz!$Xk#&5)jxm!v}6&5)1QP5^Uf^Z#%;Kg>;rwM;^;lP zReGhG=ryywISa^Itt@k$54X}z`g5uK?_{x*+w;$*po@b}SCJ9*9%9c)Zv4%V$=E~%{}f!{FeV^X9-1)F zIX>zrAN4MnCp2}LU~(*8CFZaV7eW0I%ugjQDcv{x>flTyp;KXSR?2QvH%VQeId^29 zxIc%we+PlY-J%yDg201y>G81$%>iuF+(J2V-lPj?<7aOX5&oxZ`%Akoex92O>bSJN z{7By1mb`(wr~}ZP^Nr)nHxbgWNor{)9oRC8*tRd&-xOb{b(cIwcFVl=N%E((gj4E= zIs|#Wgl-SOOqG2EJE+Qt+h9IYft~r19Tci8%AdmkH4dpme7Giz?eqhX$0+(B+=xIK z(l9t@o48J2IJ6TdDLxq1wi@QrHN72cFDSm|aEtJy#;@UQMo;Pit`imfY$j)f_qH0A zt{476@NlPurjpGn4HEqhl3upL>>9)_UlYWIc5Gk1|@n)(Da< zL?cZoG^!sE(dVmuW zNSS`GHc>omf$9LqAau_b5GAywqIh8?`2OPUhLEhu)+O}Gp+}wnHfk0hq_E{mk6j?y z4IS4o0RR49ME&{UC}@yM+|1>ML?@|pDTvAtqv6V_x%OHOcWlikh_j@{a{1f>`s*2|7;EEKOWeY^i09T*=b(=5#)Q?9;t=GHrKg+ zv0~qwz9qn+1{6dsU6Ov5G;JQW@|Tikw3ta5I>dY8tnX;b=CkTEO0dp#8n+^|d>q9l z4zFV#44*IfhR^@ihzEx_UAErBORMnRlZc~&tVO0aa9?uk+>hkxURNSdfsOGvTgQ(H zq0^rPztjH@TqKD|M3-s`v8`=Sxvd;!PZ_E1V^?cE@{aSFz;0L1(%s%af=h}Tf=v&p z8>gEQjW(>eWrVjNUDLTw=5Vto%1?l3_#S>^#6kM+-NIwno9u-gV#&n5xr|dxLwHgX43KX1drxrI-cYX0 zo6`E4d%j4}j4?3$S6E3&gL|fJsQr-L4IpVq{T~Zv0nPcf(u+VD3Dj0+lIGE6-><^? z?*H3#rGE#&NOD0_j}`A`$iV5JK$22IaQwy=DRF?*Kh+HX8#eFd0XD;G_rKyC?>B5t zBcp6kyKL9T0Re2P+~&Og?Xo}|^3BKkr$2D>2OBGbwRQGSM|e0Lk!DanFXu`Eg+1R~ zWf%^vAYnb1t-^Z0CD1O4o9UnUDzg^z9`+)1R6zM`odHo!U|fsr!8sRL%}B7_L%fLy z@678*^OgD49B{BCY1~>+LyjWv%Ah||kmE^`L+9*t8f=Ak|4n$Ii<76tTYebSMpB|< zGoA?gEol^gp-Q!0h};(stvo^^A$i3cvMS8y0kKtzDSjKXIQ|2e@>AfS>#5&ZabWU? ze{K@w=Q_!M51PI!3@>mbEB}DFJF4X%G!`1qt61Wk?f;q_h+KW~#Dii6@?r}vj?3tS zE)#6;O5q?c4}(Fln@>Fscd_e0`zqJ7jkf4@L>Ak51XD*g-2=wQSkO5NN9Ld~pw9o% zmJ5|TNpR2Exys7_aZhgomG;?7qAP{Yi80WTO`?Yc9KjeM+{ze;y$rPV-Y8gZi+mN( zjHDLPRK^!?x(*6imDFf&vcmc6)z(11_s;*Sr&#`=H!=9nY>7`-b57!&={mI8X&v+Y zB!^4%8?;RmD7ngy&A8HjW)+LE7`g|Yy*#r>p3UGY5|C=T&W9V2g1G`D_;UsRQzI1C zzb2`>z1}EDo6|2p@5nL?vH0OIG*8sUZ~!^NAm=Yu>j7L-ky%j;=VaI1NIdofH0G)OHTeC=Jr?V$EpI1gNzdj z|D)Bv$Auq$^*xpCp%$pRa(J%Q_!=^TWYG%J(d!AP&t#dT_~|whWi&zpv){e&z`ag+ z;oDGt3GqGBDyt_LvIe}8Tyr}N>g+sBho4z)Nx9?Q$6nW(vW&mdI#mLMc)~& zk9tFH*rD0^n7v==o)zhK%=c@`LG0S;);16XcTg(lG2{TU8qooACl@z7QwFVmT2H&fFRQrAPU9{eZ=A!-T2RvC18odBs zA{+{ROV0CkLO6+x{lyiLK8LD>kdf{q-$f^;+vW!xkHJ$oZ_g055o*1$XhaIV{)Mk% z7;sIWkctK_ldgX&{4U|agq!sF*%MijonoIY-DEp#lzno^3I$~DA=Y-eJg~Tqz_rcO z4nZzZAz_p*uE%p*lJ`p;l#T3-QaN&Y8MVRM6xmzWB~AC!SV%fgvAVE-r%bS zxS1{Hk4Q^a1)e>$L6mO}1m-@_X`92;Mb2%vd*n_YYHOXcMB!q}?}x|ZAqYwC?H`1U+KmiR38pqVO+UqO9`X?wbl z9`3>mQu9I_rSs@3qW`fhD=N;yzo^~2>e6L8(c9jF6UM|DnebNfK_450;@2mAjs93Lz^ER};h`w_E>^5du?^ z!@z+`5=V&eqGnT|JJ8fp!T21F{6_LH5hGfdi!tQ6{J>HgQ(?p?mwA3*!D9gE%wS0?7ef#8Dh~g_UKR z7;sIk-w4U3#7=A1_7rEy`W!3uU_4|hX8l0(3t`uExjqjZeq%V<%w9ZdgVARcdA%%( z8z#UXrSKQaIhwx|yz>rl<$o4ks4;s!N(}>&1SX*F$%ZZMFn}APtb|$*&57~ot*4ME`~A?;lX*`!gp|13mRohOeU)#HSt$8Z{L-!+X5c9t|b%o#UAxH@>(s z;DNTx1whMM5_xH}ME(6e-;9FUc?GYh6^1^n3iJY^CA){Tem*1WA}cqvfIm2ZjD5SE z%8v)xd*GUgTd*i0^pAHD!gASP0`ubZvNsZCgM>$#UU8d0=yVo1PNMbTE-^r#d4jc?bo3FQ-=AdlV4^)wJX^UW#E&0AE_((y;O~#zJm>rmHhrTCEUhFcD{dqy z*oq8fKDpb}QB2AUPX+dkM4kZIkIX9dcpi@zC6r_bd8)qk7$LZlUT{IuxUKMw29rzt zHWRMech_=l(~Q3!6y+f4Bse7t3S(m$D|rE4?Fz~lm@($z>GCb|79dT8$d>0BeD2PE zmXmQGKtH@RTAQSMwUx?+>tx1P0Od~u)KhkYo|614uFpzJViVuHk@iTJ{5)H{(0E== zBb69mRkmsR{e~D1k5oYBT334-eh*8-A+5`7AEWXPuP%AT++B(O9QndK`aVDa zWik8h7$4}ukeav+bO*|daBJnY4~Aay{h^S}JD{9*)g^WwXk1-*6B}>(V((ad&pVzH zDepu+BC(XXA4FZj`==aWabHkEdA#HDcy{_d=t&TFS5o5HlJw6U`S|Y9`Q^oN-FI)z z3?B|RiE}F6ph@^s3m`sSHdqsP{#!h?%Wpx55&%=v?gTy@)BvrW`#B8p5srK}yqN&l z%e}L0$>>v_VT{*ga*CIS7sLDD75l@~y9%kVHFh8f$N~gZ{1DwduM9resA6^6F@qZ% zS_c-2faJSYI;-Paz<^Jv-NOV|?@&u+WtBAc0-1!?YZQ5wCSgco?=X_!dTXG7D*_}J zkfQH356jJio_^yR^={X9jntDSHiJ)lziYOOunByL8Dk+qr@O{Jhs+$5946I$8wuVZ zh5vB)^AWfQ>GUml9@Pd}uBzPbU#6NYmDaoh1tYov2*t#uLNiw1%>yvF?J1PNsWcU& z;g(ucl%;@h2|H_yn|s`V!)2;Kek=X9g{GOvl~u%8L)%&#oFME{5}|tvqmd3n^pxt1 zo-v++*oF9xlDE|H%ET z45G|ZPzE^js@A3BS?vBTq~rQ=%ib4sMlZ841}}O?F28*;=V8SpA@M__Mvh8-o zB3^XdByd3-u5;wQohcCiT@ow+8}AewMXIZW> zLjfa{a8{Lt`{IRcj-LnWK6B{(Rz03z$*7^|nXJV%H9oW2EJr327j+TuH5$7S=O|Ah zUf**S+P`S`T{?$xdb58IcpOz_Wm{~(4jX);i@A?aQt+FfwkY~>^dU0;MppWeMgJW= zzuxXp%U3N&A8=7vczeBP&T&=7AAHqMne8unsQM6+^de0mRpIIQ@6wj+iq%rj3eNfBhHgV81_@J4=Z6K^%DpbmFU}>(CCHP0`JA<>>8{sxC(BBG1 zWzyiJAs$#>B7tCKuZvf4h;-u?$3qG})sOU$JB8AvjR;5w1no7eoFpy|7Z=-Qb$gf9 zK^KKCMc)gLB@GZ)eq9OUSfwYCNr~@DlWevE`$;)w>if$*5nRQKo|e_QvT`{i*eCCt zl1%(cC}6gPfcYLu=AV}#wtl0~27h3F_%FaG5!)jic>mT>HHS}|ejCnQF|EDZ)6bDC zogqItPAMfl!KhJl_13F+kR4|-dmz3O2^JY^X|x{h`6P=W<*M>MmTxN`7)lm$KHb&< zLnJk}wdSQuXQxH?;9zr_Qt@l}qtQV=`Nxtx0Fq!*9sFs?lHWke{5F~K1@Hms+x_ts zJ(Z==(hldf!GP!MuqzB4Y{}9#+p91H?Pez!JU&5s{VAOLWJx$~RTNMJD=eRTWNUP4 zqlO?Z73zdOsGcD;TAytfV%HrQJJgitA!4Fw=#2Sc@yQLcKVU^9<-8f$7{LC|8DCxp zV)-C1-@fJQdgp#cWy$s=mPWJ1&yBb8AhwB~mPRqh5jfCJ_!H}hfIh%B{yk(rZbnyZ2xADvIuBu zRc31Ee6wy}J@BSdqW0iREH|WW@sMuJKll5Oc*FGwd~`Y7me_t=siZ&ipvt<6G{XJS zqZ@mn%&|POPUf*BH%#E#T8H*RDZO~-yE%MTMl3i|qA&-WJEEAG50TDy?B=~JyhLJM z>Lcg%&SGaOrF4*DAqbBa&px8VR~)N=+G$;Vm`{p-9TH#Vzu`7MkERUMoaqD>Sv7?q za%vZa>4$Yvk0p~qg1H|XJB0V=sB=K<)aUBMwpy10+UR_^a_O8xMcIUA!&jDyX{Ei7 zn-et)gW^!1z6MFW1*BjxKaK%UNfWvuiS%2hF?hx^asdcDc*})SI|ZK+Xr2dU(Os8u zC~%&q+!)HS&4Xhd!C`U*GM7#LfUl4*AE% z4X0I5Jwh_U0G`@4B6FBY%PQ}>`0O8lK9}9^d?)_(X%X`UgYn(Ue38^4Teh4Ev7U-j zp>#?9N?hFPMWfct%rOWdPNJLs`;m||xDGs*J@HBG0Cq|Ad81nlrj)#%-!8?zoq*>mH1~#u@Z;QORm(pSaY{NS--EMhNkHabU-E-8 z<^t%He@ym-*6&LA*e1LNuRfq_z8uF*XadJN5V)&+fU)@Vw}yAczc-*}5*vFl*q$Og zY@nprN|2WcX&>hMJ@a{u~i6r{eoob9$n-+mDFd$D&g7 z{soVgsvm0$=crw(0wNtiPx^oW35tGu5N~1BIk4KO)tXlE0ibjE;{zMxTTW}e%Jb%3 zw9*&QVH!#r5#2#-AI+xyGpCb>xUH(+m$hS^8n{{RV)Gn==RaQm0W}S#2YoJrJ9i08 zx$|GIox~U5nuq}32=Q-bdz3k~b?-vfWRd&ywf6qW=i^KW>%TWtzEw*wBG7Q`FcxxO z($DAW!OM7@YbUT0PQ`(2xG$g>92zKa6Ytw`jS+vtv#=pqp@9l?SJ*2M}XRK>-OwtPqTr}n9_Gt zh7pDXUf<*}V88BAMIjrm8{BRuPdlj^x1BM&TqnRQWqJKNL=w(C+dGx?;(#T|UVLUb z{s!dWw?PJcIr#Dz%5ZJ@;VG?@!}Z6=M{8L)1>x=9`t!Cv-8bq?!2OX`NpNS>Fzo)I zEhRNhOmDx74Md-yx(JM6Mv9-i1x23X8Jx_yK)XYsp5>cm2=cvaNHONSJHDzXru{#7 z5r>8OEr(xB8V~LHpe~q zNk)(v(=YVn$G~FYbR$OFtVi*+k`m2Is#)HF!AnYY7L0I`GA~em%%G8o?xd~1P`HT# zC3hkMPmuQ*evIq@(rtFMIYjOO!CAD(JhvFQ_HzVt+8G#`@9>km^CMxPU{h z0CF4X>ZlTl+kxW40dvXK1Kdx>zeLDD8agN-mq1muK(@V*ZwX%(X+@FkgG8 zku{w@?S-IOZvB>Jm$4UJPr6;s&wDq!-zXkVqt{mKWUP)bjKPlOR+W7Aw9Jm8a#5HM z7I10~3S9Np;dbcw)bvqbcCHw7u6io`0`4Q5=f`CUpVfUQ&L_S>U;2fBYIh6wCPmqR-_Q5=mL6_XYnQ&T#74bNKo%d2I~$~ zy!K>yT5Eh;yw!Yf`V42NFss0QtGFQ=4U2rMVG4#8m6&(I8`8Ztr(jh^dbj7-=j3jk zZPP}lRMSlCR$84gYc?aD5nYx7g#!fBB2L1oNp96kZ)w~#We4}woLUDn( zShus%Ub&|MM@S-}enfnX@){G;Oyr!@);xk+`47@f2Uw0{`V$_7NQV0nSR71nD~(=d zIe02w?$Ka-gzRpHRNX_VPHTg}d^g6`a!S>}t(<+>qQ2K-qH|_&FOdmZq0?H4bcESR z!+omGIPE1Qf5L4%USmC&)tv1hMUkf(d2rt)AckBL(EnFK|9dK3-NHOq1EE_hOlyhf zf0bXj4P0K4Dh z8;qZtk%~*JgWE=hJ)VZKT@bhG5W!1m{htsaBB19tc2#GzJ?x*T79h&^2pfKsP^&iC zf$Wh?X^s8PE+@+YC6P9g&P={{k5;04pYNy?ynjLTjE($vwU0;W=+a9d`d5s^Mq3%f z=u)T?+c=&v+Y5J4UB7o8P(^QX?HKAZ(&z3gGlDZi6R3?D4ToQ-OWnc--Amwv9jUX{ z`BIKx>5$dn>YHq$)!84tJS6$khM!EdHI|pX6^?3&TMs^_vHF>Zgq6Ob1?uZdS*ogB zzwuD>Ej%J!FLOd6?;~pNBp|FoW_kL{#NyA9fT<49${idCLmP0s8rpq-JizK?2g{J9 zbnaJV`nn6X&}AgPI9iwNQ1?)eDUF`LxFO+3>s5+88~Gdi%AnNLjvNf$Ct&c>MTf)I zn??UN)CXWPT}$&}yy}6-o4*!R-MjN-czkws+KiUbaA%sj#T#qt7w;_;NP5qp0zy^l z2MhV8McML=u;BF5g!gOBVk~AwZ2EztZH%fA*{nB1d zB57&qk*CjM{q|@2b=dR!6CR&t4Di^E-V#zpgFM76+!?zW9EL7BP*c1NX%x zUNu9oPqL1ENgX8P*^pz2m+@p)ya^hpaIpnxqS$m{c(w-0D7;6;9a&pcRElFd?XH0D z<|ntNkR!;&Xya(|eo07wbURcK?LZ7^B(FiSp4UK?Bg7w~I@NUdzzOEUZj zA>$iSwlM3Vdc=P;D}VL1{QUq`8hv+Ac9^`S0uvhJ4|1Iq2Y$#4oaKQjoOm?+zau~8 zYQL(yt6oqKoRUFwnthf-`fNZ+-d=kC)ACSA!|NZ-N)QJMcRf`cehNYo73Lp;@I!=` zP+;WmdKON&8EW9W-yj;dHL{%V`*}Zzuw}O;vkME+v`jwHfCkipC>Cx(MU2bnjhKv|9*ddXV}kZ>bn9bOcwI!ss&c+I=T8b?kr1o}r|!blmvBuSAGcJJes*1(k|gqM#z z_@SXt3b}`Dv23d1f@+p?r85}kly3In){j0 zFc%!zWhgh!$w0w;EC`eQE@8kCRfL)_$Zwt%Z]HD)XJ@0KJDg&$uV@!5odHe2s`yY!|9qh&{C%mzaPli{Xk~VQD^ih}AiPxeq%n8Dn&WuE_1%Xt1G6 zzd?FH2GYcretO}{M`jH2I;AEN-Zm(HveDri*vrsk_`{kX)F;xMcI=MTanvWo&Tp+Y zz|Vj%7sGc>FnZPColJFK)57`-s5<7uM-|t5Y((rrDa(+dmU$P)wn#jN+rV1u;eQ+{ zBpFVMYV6!K!Ec>Jww*v9Y)geDmpWv+$2m-MpbviKKVdmi+blZp9IdBe|U=A9gwH1LxA0&;^)esq2E8V=1O?+I)f^eYJde^~qScqrTN|4*VsMM)}aizSJt zRJLphMWR$HTcuKo3E48tqgB=xC0Rzv9+G_Th_7fjD3b-=67z@^E76j?_a;a zn%7M3`&!O*&biL=ey{p!nk(5WWx~s8R9h0)va%aX%A3|y zD!z5{mqreNZU2Y7*J*9rKtwhm*|TqjGvZKi4Rqy93$8CC{&ldu;nEsyM1tUA?7b2j z#0$~C^uc*`H`k)0+5+4Qq~ZFwMK)3oGv<;_H=ohTaU6lLiFT2v8ztR(yFLUG!q>n8Sr<%7cyMfZm48zYNo>cU zuKE01mz%>Pn#vfZQ4>MhG6sSk=rBljEbo^G?L;yqHMgErmEpJHAwE8)axqaLvY03U zT;fAxFO)H@jB$*2&|I&QmvVw3h9biIvv>=lnm4V7PLC-$JkQxo)qv8xIb!2(UN_0R za0NtKmfpJzy;QRT$ui#6r@(N8m$5uRfFN>{c^F0=v@x?o=DEeEk4<-{{`yrAzVR|D z7=-A86HK)Y($cSi{Q{-)n}VE9$bW*GP>(azi@!U6VdAT%EzMAt^L*D%?X}(-k48>^ zlf4P)3JB)I?Er%L!$3XPMqzTG{&l#PDp66M%-+Ok3(b*-cf$xd+JTw{>D}4ym!ZZ#n-%dn8+9 zjXWMBO=s5tGxU9DmF7=Pd-0<^vw={_gLJs%X)Bzt#}NVBFBP5 z5eaA5XpTReo_JE?RYCeU*HKafP4b7w0kJ2Ri}e*7rIIQq6LZ>Z46s7B)T56!^hiD8 z{t~SwJx`r8&&p%#oZM-WnFoCvld&!&{j_|U3sllFl`hxK{H{<`| z;^HLDXjaV)&3F9zIFWGTS@Rs8FV70*Bdt1LJ~H#9Plu({-d);-jO^#Bci?ns`kB_y z8DxVa9u1G$`2lPNP|uSuc9j6W0=K)&j@-OS>9N`=wk+(AFBDu(%LmgOdAp+U&XArB zEH3L~;u8Ii@84fW7#V5K@Lwyaco?8Q*L(3j#PirK%YY&#k;H^m{~b&R2}ka~>*+?K zCW2?lQoAhuKP=^Rj-&PagaqHw)*SJUBf>0|yb>qpbF+HRYD4n|tDS0ls^dsg|MxVj z)TBf|fYtB+k!&$RavN<(5AN!SM6_zC{Rv)=OB`R#vlVSzuEhnndp{nPVsh+Vz!Sl5 zk4m6F3n8(zWb<~H+^;+r|$sfQEyM28|BQC zzt4bIZs5WKd*WT`;7~@GHO+CSX8O`La5Ny8l*Qj+uTD<0YJl?g>7xDM zRe3b9+NqP9_FEwbp*qD9KcY^ymMi2ejGokk;@3WtQ<~uh$h)4UF{+v0%(6(1_YaM1 zaFr#As}R+cx)T&A1b?r})*~Hpj-nrSvzr?kWhk=~Vhy8VCM3!>cI@bEjGvkcXwAvk z>q{W}7guor8in=oQm5#AsxjKOr$V2uYFZaIC1HD-Uj{P!Pz2YrccYmA}y z!GGe$djNj`WDCGQ!1G*wis&t*vS`E6_Bv5SxTBW{x29q%{ZaZY+=$ows;P?ZqU-Sy zsd7XdT6hHtNy}CSYW#HfJX#S0tjc5^PXRY6`bwp72Hivq)L>UwI-8IP*lZ-#;d)_RsVIesn2XdYt7w=pks;Xu?j=XNw zI(0mp7X&6jP50AwP*0ogu4hk$s4C9)Zy^S!3&v>+Ysru`dLjfEQyoNiwAQiEly_xf z`oeMtwYUZd-PxCNW*sbJ~gGvl#(BRVin@IS>%BXE-->{86KPyqi z20b==Hv7hc&4U||1D+(f--1%KgzjffZ7xPFw`=s8ht6i*xKdkZ{dm~|O(q62wMV;D z6*KW%G|9nu8Q_-MRw)p@GO$xKnZt%y9X(SezK@`u<)>3?EPxcvQ^jrWu!V(2?%d$~ zkB?V$r-mA266fnPF8%nhT<0VW5<996jnQ3sL>DIkrxsh$*orr-KWmnI=CNCW#?DY_ zy~Im6`^oP@nVfx*R@ll#Q~LY-BBulZ1RlU`r^!6~hG`4AAmB%Cq_p>y2uM_8Uo)@O`-Tm^}?<1Wzj{JGPGkMz;w=h8V?I{K~JPJ z=!s(aCI;XH!~=T=OaLlZmY-PcivDMQmyN;=)X5=VY8!PsN5!x1dn|kP2u8=#ZQiKX9{6s|Cw@cDKs@6@Z{VkEY6AR0h zuh?N#pJ>Xjuexw-zBvQOE9^|8ShQqj6sb^#pVtOZZnk9ZF>}6nL(1%<{0#p=;L+<3 z2Z3(8NHci?4$I)Ceb)@WV)I4B^xdWX6bE-#Cz%tR-TY-Ot9;I-m_4qJ;PP@KwaPVa z=d;1g4MbZk%uVlc9R9K6EA=WCmOCS1q1qpV$ctqQy2iI`WUN`GB2dP^FB)36=H}kb znD{2qy4#w8YFFCKZMv?%As-+$l@+s{h+$IKuU$Lx)sB+qj&~TUFK)@Qw?IHbZCcGJ zM(mDj3zN+96oXp(RA>*J2`+ubz|Y1rqIBDH-Dh)GRr|bSulMad19-iZwL&2w%{aGg zch87dv{3n7%^-)3A%MyXN_MauDZw3{9bzcKg=S)A#V=39Jr1qtuorDxAp5*hv^@H} zE={ss8Z=j25l!$%Z6q4HVwT^Pd_j> zHNcbgmlKS?Q=B%91yW8|(MUW{;7Vsreb1aQrfqC6b2448hHv!?3)UD-pK3`MXjY*u z(5U7u&Ru#(Un%ijGXHq_D0;q&wt?tE%IU&T`~1hBW2v`S`t8C|lWYrDi5CU%nR&)1 z&N?W z_8t_I%!5vbb3K6=v4?`U)X+Wg=H6@g5A66vQ=a(&1fMn79jXE!;_)EEs%O>l`Q;-Q_DJ4+N{hoRa8^vo_f>|ZrYT7pqN{q3c!RNHE=5r*ty4f43~Uo`t>^; z%G}{JK&UE?tGX5{i~|jrgvvw*7fNOzHag5phFTHW=}K5QF5uGrw5-8tZK1i_v`km8 zu}$L}Ul2|)+TMbr>ZArM zIfuZxnp503-G;ufcLM)PXLnC#N)7 zEf>%}pTA6J>rirtd#t}O8T~A{n@`3}z&yXx>nskfIX~b}d(Qej5bh~`dBpkdbdt9W zPQt};qPs5wMNlal>Cb8>eLa`b*(FRnjGmdO=n61A?gv-49dgB(ehuN{HjnZr%2A>h zCmK`wiURW|UhD{u<8>s}ZySYJ?{D!M^ z*-8O!)wvF?bdvKdP>y2fYE?^fsuaYtJQnJWQQkxD3qzSRudSZ7Q-FID8yHyQPPJ{k zkALtUAN1Eniba0r++Ze<)^(K-2;9q8to8)f;Gze7rUKa6sVlZKjg~|^ib=u3TW=XZ z8TWBc+osrPF)R1!c&pBmU>h%Ub0_Qd4+%3t^5bvF^)HM{^4%u+5nRUZiY$?NggFjq zy-8gkG`LzjeBcr_{M4e0-^e6+VJIsPMP49wsp3ejo0J@HPE5B@CaY4!i#%2eZBivu zF~c9LtkubYS6=$bqGZQbYG9O}cc8hu!X476pgDCSFda+7W3#2QF49~Hl+l?yJ5`gh zsuaARJ;BumJryDRSd}`UKW|Axl>ZQ1eFObjNxToB5BK{Plqs$?fflsHaCX z*l<34lRDXi3mU2(Lt|C-WhIM;Q~ot2YfyHkZ}^~YMs+l^>)HS2s<0t_vUnB#=i>T) z3Lx%q*evW#O

?t!3X~?j~ePz;pdJDjBSmFkyDosVg7j;;@?kfYhp27(~4RS7C88 zU^2@OeMOk2tCa*Y;zj29Xg#{gw>kuTzXEAr(mf&fU!JnVJOgTt|s|rQrXpmy z?-O?J2n%kW+AP}{OqkDzNlNn1$QvozvRqFY~aWT45j zkWfy%%-Iirxs#d+he3%xOG-GGA|@6xnb@s057s014fP(EinFVyD)b}_^agi9u*COt z{F!2S8#nA=UxZ=w@e?s3=)~~Z$-dHQxfX6N)%k{ZI8K!@kIeSFTpK8=#(nF)c*Dic zY?C+cu?V`lOz=p!CWI1pcYb8((*Py2NGH_&V?X^}>jAff7O*(PIoNjHGrVMP3W}${ zA>Jy4Hly)2%7Stzwdt*LaPB(yXc08TD-)ga#Q~9(hcI8lTa8<=Ql4*rr0NBn&l#uH z$qjt-;O!P?&=!=c6Ra9CN3*S-qedjzX-Vd^J6~Uo+qKwD>M2bH=V&g3IOQox=Z-~; zf8vxrf-@=?nFl-k%(xY=L~6;L`rc4Do~1upKX;Eyh=+h1jJsMH50{@&93_mLgq`0} zCEw*k{u(Xg4S|*tC43k+5y}Azo&{T(6-!^`b5g>fA6c(3&QE=XV>uM0Is=ddkQ>u(UY*@* z3c)n)vK=p#evDaYYIxS%p5d05JJ>wlkWWp6g>1PAQSS`5Bm$tio4AfR*pjeBuc}Zb z;$C(P!oi8hjC+&E{oOYKd-azYOH@`*J-N8fs1!pbYd_67r%c*;gtKV3~hH3afhp;@%*R<_=LtrQBoS-ZFDl(W?_!pQaG=HUv-~MR$VZZ zY%|tGnlzBy%lDKs+$zc`29Pd<6?7G5(7LdozhW-$={z1N!)FJV2Se(Ty)+mis#n!9 zW&7Cz`fv3Tch%p0xuOF(!?~nTVStiHnNWl9hk^BXe%v490|-OnadC0y1@7mQ+9;j+ z83Z9dbMy%xfj!&ILRD2^MTk8o+jH{PsW{0lAhwbJz)erQ88v9r-pfah-5HD}H{#ue zw1t(Wakj;KDb6#$YXNwhSLp)dR`MlHld(@+#cv)7tfx_lgyVy+RWa@-X&#>+7MH4y zkNj@jEO!VnRG0aVW#Pe340<&_ zQDIxH$ycHtp;f$`OJx(ns{D~Qgu0Kp)mfA|Q6BF|{^S91+#-d(++8b%(~Qsq=D1Cv ziVj|&M@pilbEMkt3>!ZezKsNsTU;7U%M!+H?#t9;UR0GK6k|9|?-aOj*oK523KvDx zL-j|d=yU4MLd#pghpR6~{NHol_r`PsrG3p!7AnXT0!=9Eg5#(xz{r!!fxB7b;V^dIWoB5x zwz`mSF059}V0A-N10 z`}@jZ26U@|FQOY?6Rq#xvKnXxLZ?*S=Z(9bW66he`||omAy{#kCJgHlXR5?5(#~Cd4#?Ih*#VoMr0mJlsZeGK@>_QT3^pV&mTDZTTj%C zr~S{aUR43#lF+q$Ws{NZCbN6u_|tFA*5f~CJUt&oyEGBux>NQ z4>g~o)YjLRO!Vw}CM@Rc_BX~@m|xE3n2k61k>*NjgH zR&uhLxVIvSR5@$itm?FUK3!khB;T$lPA*}WRn=gE3Ak1_tDpfH^2`n{5GD=mGjU+j zn;-rS9Nq^T)9HchPx+{A1-E_7Rhkvc`I$IsSo6j$1oItkGe#L+sHf-2hSqLGy7u{pRP* z{=bWY{#J`cBIKe(6S|`&p#%&1kw5k!=*VwU@cHVVNSmi3=s~Tw;T(_#P71$h#RR@t zZ5dn`IX$hc=pGh>Jm6Q0{0As!Q3)pA{W-2-(8HFPhl+pRK7JkgCmZ39QjZ-13bj9+ z<0md25J*v~uRTmuCVfStwjh7$A%`RfdYd8c2BuH38AQA>3_D1_Jd2NghrHdI=L8qs zvR(#84waM$Lj;bp3ECkDVz_6@Qtak?@2oV6fy?oOwPww9qxgAOVv5;;l+hLbDx>qT zMxrZdzMo-dOW@96S_T0VNQLxmwA-OUI;-RH6{%}j#JBic%?uWHviw|XCGg~Gjf8VR zA4bv`pBm-=!?<)|TtB-cmp;tnJxs>Z`qChMKC2e|;b_Nw957lnb!5ZKjXwYm4yTrt z1q-x8=JL@e|9{3Z?>s~bat<5IRlS*ou>ERwEUGA^}x zcxj4?`ZRsW{{{%Mp)AJ(5SQ>6c&uhmRr5u_=88yN=OGAvdwJYTp0oJm4Z3g#UF?oP#7!d%b^2S1U*tL*(}7-8mo_6lj*-DOI}n80>{H)tj&8#g}~x^sU^c4y?2iuq?^2iF+A&|U_uG}pAX3An>dl5 z%T)u=M%b#X7-r<0SxA8o<^D8%ga=^7?*D=ndm;&sI^`SD2uzrA!R3coa-gD%boY;Q z_fK@d0Qs*c%ao9e(!bLzM}UWiwc@tIcl(e9J$EeD81VkHpGrvFg9Y0x@cJ2(;~0RT z{%u}kxa;31!Nd&yX?Xa}M}cmx;=PXw#zrFvB}UjO_-lzYcv7r*JNl17!MFU#a&3;( zf~S7l2A?>ixuY_(cNM@p0IezkG zJc?S%mw`yw6@nA;cb~Hi{kP5XcI6bteE8LGSPpz$5r14-rEM5^9)-sLyZGTDx`v&dsC+g&c>7fYs z>d)05=7X-8C@XJ~lk!P0t{3x78~Uakm%Z96PWhp>12(zZJ*g|gl#*C{y=f;R3y2Ot zullJs`OG29MeaS$*p&t6oOw;)zMWud(H0}`V_bVk$vwgu+BdCletdXYJtwaJFY<7| z{M5pUx~{)_l`VLYF{dKCS$A91&43&CZhkG^6Lh}TipXPhi}Q0od65e9H}@Lo30J$# zMF{HTN<+*B2U$#W)FGv{6oXnHT&|w0^Wx3d5g|^jlso*>JsC%u+$~3TFnK)dd1&S% zD9Y*6NgfzD_HJNu%3*V_ku~>!SXVRg)+DbqrvG-4T(I_!Voky^aioM|+%qIF8 z@}Q`uFH3&=CgqV1w<#;jl84%=FG<|<>75XBlC_6(4akfjU%r|B3JP@FZZ#}Ta*owKYuoiz`fZM z7aw=2ko47$vvkoZXrD5}wxN5R-#0Rt>*H@eCFRr}! zmt?$zdWC4}x4DQgD4{W+aD7wy$Umf!H@WH{YF%-%Z)Sooi2LVMNJ0d|5}zVsHM{QVXc>PA$NlN!-N zDYzcrm2Yhu%`f9hPpf*J8tL|FFkVE069*xYsmjpc#>qo^YSCFF)cVmGi(hZ()&>_& zb&0%t?B(va=Em91HoUzu>9%>*=~HVSf0C0zw7NfJ&;U-*`O&AI#YW@XIf6Pl8%YK^A&Yg78(BR0r`gdkk>>275=4}m+( z3@C||{{YgM(}E*_Y6+zWei4;G-dhn29LwKT@n<7?TU31pk2(pY;0EgQeS4<~$`g6D z1>@^ZYh>qb#nISk`{Ry}T>M+5OJ_HzR<+s1*S}}$@P@L6DnB^7jshd}H8?*PUX1|m zA1NWfhR&de-)FtUb02~qY1bOj<|Q1<``QFwL|he4p?-Ty@Tx7aJ)tmoH%7os{oTE> zpqBOK4s(^&wE6rm=?hz#Hx zA^R*YF2ahjL(1&wM0Rn?;UAD<5-XuNIz8gCZDYS4H?>_u*we3f&L{ggfvj?CRMjab zJ)-BrzJn7T{nr$}^)z`6zS%>b6VGYIvmmqSM{JEe0nlAL!O3-%0YFMuB}R%I5I2KY zup|!@_)gQ=0=0DLM%%85K+ zkfpM+@~C%RU0vRd)7&_tn{HGfM#TE7ErWW%yZG(t5lp2T@eSHy1nD~+Bc-1ViOd&d zIcfLAG?xAqg~I4#B;!^H&r(0F>~nDCpI1U0m^r0bRTkFcQXfV}1d}gSzIJx2cxkaQ zRORBKudfd5F7Xw7z6U}-C8yZZz|@A9ym=*nR5WonFfFE=iiLq-CzR-W8Fh|^%c+y^ zak+~qo*$IGw8?JL`{`O-#>n~C=(JIjEpVz2&rw3LFXet9W+ zN6bfnm)hJ6$?|3XCMyUzoZoWrn!&M9XRQfJ8oyler-u)_NrvLbeY`D0vDLfB5s`HK zDUz+Spzp%q;?F1^f2-Mo#p7$pJw+cmVM7$b{2TF6&vdu=y@PRYZ+vmJxsxQ|puReU zg4Yg1Id{)pQ=K}aMLE4zY1ay~@m8Nj74LC!T_&kd)xXu1BzWDj<<%bB&vizk827Q{ zQj2Ck!Th<#AMn*_;{5w~FxXCq9?U|GUtx%M+((dMtg@~WoxuE3!2g#t5i;kksz1)+ z%$$ssXRBfq`gWB~DuX!X;RdIIBWSZhtwMxg7Km|1L`8{7N=kN)b$s4)q2O~ZTB zN=(BJ62>Z;Biv}OeMp0tPv+Wnu??2FxMnF}+Qy+f6p zO1=YkZ%?4PpRvkZ^{c&CbS4(k)6>bt5&k8*GI<+-pbe7q?U~bE!v5LW*TA^IRYNAarMm|KYg?9st{O-F9By3hu(tdsvo;C{g7Rdh_s0iFSYz zfr5a&Z@ zKyjhF;A#q1V)Xol$r-ot=h0^lTN%5aiaNOmGdlI^l-zoLW=;XC4tPMg9i?#qviyhM z>E}cgca6gVY1;YJo4BM>(ddWAz15A}Rb56A(~)kfE87jF)%8BuJCPGixR~g-L=SLr2ojs`iG%mEIOIFrJMDPyb!$pnt5AzXr z(8xeDuj&Xb(KqCE+qDE5I}fXq7bv9CnUUtM>QW)y!pXi+Co{3q^T_#ev{L%7VmXeP`d6y@VZAyk*Q^t_sG?Z8!SSzR^V4>yj zC)b9SU6p3;G?IoCYi&0UlVHc1JxNE8&h}Y!6h0VVX+C!nl66UPk5!4LeKHaH;SNL z7qXE<-hVBTn4Vbs?fRbnaw4h!02%QiZjH7gGBiRJPiY7Jo9sN^xk>T%HH4%bN4qCn zG?LM}F)b~vl(i`bAbjyC6v{t|+GAcqM334dWfRYLmZiWDJeRLoGrqu9N*&rfz&&64 z*s`ehF%Qohuzn>?zQLEkzLa{ly4U#bx%@4hM-p(M`#8lGJ<{nUB!tF5#Dqv$Kn@t{ zto&tjbcLu8JPf%Bh08~pNBO$OQp~;ldKXOVPa_uQ^=-?Nj8D-TW6OKd+aWW*P2!c+n4h^m^^Oe{k&R_n+++3KL-~aYV(aw?5HxSsB*GT++zki-z{znr&(y$R`Gx4Fqz%Ecb_LZ{cWdnS}P^>s==c-OVHpPkZ1)#Oc!GK7-!=y1|X|E-vZU;eXz=oxmlmf|lRH&u`KH z?ak36Z3vEY;|6D^P1M7#mRs)XtI9y6V^t4I1`PK(rJb%UNhkszNhNLD`R1mGy)V3G z?W0TIWj}3HDmebfEB_ss1QMp(w&mqXy7L|Wf$gKNY-Io;D6$zQ!vknrb&txs^%ZpE+nYuh{`zLymI8@tE)yqz&RN*ER~DqKgA?j9Qx=^b1jycOvYwv)tJ^??4_O$c^Zaienx9vvTb)ZK8Vim*YV-1Y zxxCDOSKPzHH!hgId#LAKeuD3CzOAsQm-{`tAF&BA83RR@m0PxSwtsr~?#-urD~q3~ zE7K@Y1}#qj)|Ji>lS3;WV<1^)vVrbevdyH5-a zj-J>BPMSG$kVFF$9@Xke=k(pNNwjNVBkJRFMd&wikHBB*s2|x?O9-g)|+cvBBf!s@p3%jL)CH1oFM-+PCnS*x1MA<>fIkF-LG{ z4uoKO?CRUMPKYvG#Z-d7Amz`p;_-A7_**T5B^3OFnVBOiJGc()I~@0Ro0h*&>qrW6 zy#H1k=NN9ul0_`i?#jv&#>TD?JlBbYTc`7TfRH^HvR7IUVWmiN_&v+k4Fbl$YXSb0 zm^%<7CRps{`n>`_N8!Q4`R?-=^chvRvM9$^aH+e zr0xKz<%e*de+#>LVFI56pss2vlst z=(xM#rLkts(ZBYdK6egoZ(;_QS$H+iB-v5Uh%Bh8)CtRTL%p#QGr08f)e;=Yc#h$Sz8#L|2=~x8udW` zQAZ8-wg?W0oL7}mxFt4v7#+Cj?dLat%J{@O+tGKnvkG5#vVPoQ@Ki@Lzr6e!)Lh$m z2+QBPu>P(-VFh+=snMxZ0Iu=?s%*?(+3zfk1Lz0a!8^=?2GD*E_Z)-NB|fCQjtD3+ z!uk-Z&ZCat*RP)?P3;~Z_#16`R%Icc%j3{S@~DiN*XPRJE<0`298R~mjC{=v>EUJ( z-}PoIvmbHZ<)wd`pvQa8mK>nDOCM6JCn>i*?9y8E z*uP3iNd{?yJ;18?c`Wn|sY(q!hmSo~ZavnhRy8hkcT8bLx?2XsZd%u$``2dvu^r&V zf=w0qXLA-mh^%DMhJEoMS0zPgK&c3RS?=x>$q!>a4HmOa3FlfT4+mGiKF>E<^OB!xX!1Nh|N^l*31+YXI zhs^>m@%+ejL(TV>@w)7!bOqu)YmRRY3rrC>BofR5^NsjS3{{`K8D^0LvB*M8h(!ji z%Eeimx8&T?OifSIz9Pvx*>~LksKa(y*B_Gf3;laNRZb~ZDBlI9z4ngcca z%%HU3{EN6E5}1;@1a#@kSv3(A3rSAO+4f=wRB?pNd;E3Y1`~OOD(qgBXv-fVYCt^K zma_XbZ2?lwD6>&<9L^dA!mwZNQy|5ANsIBXiF|}h5q7^0KZD@u7`EpCWsh!5hiz`k!RlXz#1wYfGtqPFfJ*bsCTnI|<7eEJ8J$Wt z@7X*T%a;7hr!$7`d~7e#jV=v}_8l$TUJr)uCp1z->IpuO_Wyuv??xz(oYEZ`v_n9E zn&N6&K~4PexvOL^FHe7yZLH=eWgcB+-|z-J>2+%pzUXYcEA#PZ-yZ#80SomON!(^X z-N{f?`OS%?nIzy@8ffF0kTd9d`fzK1Q|67CZe&T!elitbhUBb@@v|9)u>WX*gQd+v zvXgmCFakuy$2zk!E;YVRNRFo7(#rFV5!{p#?dv}o?SsFDz_DVMyku)5w_$}_@>_z>KcmhyoGSL*y8Kd0%+@`&EuQjj zEo09Hjb#CPA|Kv0j{m@|1n470u`!Q-o%7!Z4UtTblSsn7u56G2g7Di)mb;N|i;bao zMB9n+X2~uwoNyILTB5Ii$u~Ga>`WaXo%3oRQs0%vE3k+nk9oGm5-YczmC*Me9AZ}x zoZ^QX4SWBvP>UNZVg%#KT5P&)+&D%$ovvBor25~B*pDRtam=7b-T~Bz?jqF4cLZu= zV7xa$0VCQ=H|Dc^Hz^Gz9603}|M z=Kb}TY`bAz-xfI<7N_%%&JWLo@pxOA#fchJA>-*Az@mx&9o%OR0m``fvR@pfq?aMX&tOj^0BzF!3}q1a)V-+P0V8giZ*2M%m5L2mVNpjf-tLr%S@(7u8g_z zA(9)tdG$GO`jP*f!UkWEvT7e4gq?~`X?qm%k!kJ|#{_I{JeFy*vt1n%D>;AnG|({o zEEn&0ZO!CHCk-5A&S?~axa;@pq8J`Ku_3dsI?$q`YQeU&uCMt19*qhfbs*u~fRG5E z@QJR0 zH4QP)jzJRVm~=qG*~Ee95&5A5iEdrtVCbB@FwL*jMFk8FsI%>=-&M7x0ZL^ zp37g_U+ukqDP+Ifjii||0|@ATVhrg1+6j;2$Z{|??*kCn%iL^*@8-{kv`Vy9Z#kYJ zr9+mzXVU9{JKWz(vQmx-LU5VPbp(vK8q;y0$SQt7zQ3%AadR^43Fz|OsEnj&U zcO1Uy=R}l*ffEC3PxyVd77p`5s3h@FS$}ro>*RPTttZK%E2`4%l={`uFvU00R4i=> z-|6KNcy;FQ(`@1&t~ZB~2MS+QH`NQhh&}ZctE4Pe=PQ+|$V;Cl`ez*Lz|~w#c+o95 zc$JyFDnsuM>@Y}Y@jp0o7(JIli;bD1mC|PAY`dl#cu!Y)`GQBYcq?L1=!i1uSX3rU zcX7jmg6fPyyb^KhmHiCG>#dC@fZLx1U}_t$A)8#~wZb-1?+deI#a`$XZ|B4bTVnSo z#0*OJU3$=7;WBrJE^hTpGl!o=3b2@g5pKvVs2Iv9-i}Ywjmx#0d6#+Nys3xLd#Kdn z&})}dC1E=|w6PMYANR)fO}GRWDHG<*Hz%aUpx~ZLsV5BlvqXP>=ud#tjbhe>_bs7- zN5;m7?~L`)dbi<;&3kO;J#Dbbh<3W}(F3dpaxD{OZ%fGIPDDT5UX!!6$^m!A;Vi3M zTwrj<;Jh1@!�zXqw0HBZpeMxPIP7{`Aq~lC$&LeMRBaIyQqB>%lPJ_Q$fkpcj5kQqwehwe%QC) zI$3O_vPbSDFRz=))2>y>+k#P)+XpjlySxc(yyDhZCBI9^Y%K5X=$ljCe0P~zbHvo! zA;62#*M}I&QolW7!Pw&qw@1^cr819S$GN+m^^I734`-kIU+K8CgvB|n`~0ZbD^j1= zfh+QCE;oAT@zeT$?$B>J4v2uAQaEmkU-}~)C2|QDpSG@*tKD25Dvameic_Q$qJF?m z_KoeT8T$0_kL38pH*M8eQTjUYcf)m z7JZDfqmR%53F3bFC;#&(L@F_cXEzu-92zS=uxFZ4kAl(ihopQvGW%zjzen ztE5Ufj-ZY>QoGY+E#_mI1VSzWje^%{P|Rn=jhr1gKk>C4JH=F;cq}4(X;cd>T?x1c ztS47(mnlhaUHQxsl|R_xO!#pzuc=f6;=y5RV!#hRI7lw+bDvbMbV|)Am7`Lz&xqzK z#Aln7t{$6jFC_``?F5~mjheeyg6l3)hDR0$}`wzVY*APWr54wUxBaE&-@_u^1cHHig_oceRrd*y^U38jp1&z zuEEqz6Fn4+;ZvO(SYF*mJua`Za4y5fV*ax#jVNu+)bfd35F;7aX)4j>?wk zD<(Cs0wi?ZfI4JYJ*f=Hb&Fm!hZzj3UHhFH!?0#oN!^*9cJ57+dsZT&+?U#20hFE- z>-&##Qw^Qmwr*6NoL?8-+xzkw3Z+kNG3CZhzDc&wE;Y?}*GBg?5PeQt)fejt(@sJ3 zMQ~N2z7p}-wd)IYzGJ?=rELP3+yQX1iJ`oAkwOE;)k4gn1W5M-1ZbB*X$fo}8@56f z6$YB?;{tKKDsD=-&^FMs{o8Yqd28(4O{wz}!?w1NKz33&Xw|DQ-mXtoc3;TAZStqu zbvzZBr$klh+#Oe*g<`40@g%DU?XIZ4qe~ZH@sw>q6#X83{gI{W&0{^^+4QSc$j*K5 zc^})=HOMIz=v>;gT`k;D1hN?(%U2$b+s3<+e~VuM7yp5MW^UBS3PH55J=F%xZ7MWyav9Fg|8)_1w2ANdADzKFg*u)D0-d;xG#rS0@u_ z<=E0mUGsxc(HZI1{x9q6j}X{tR8Grc%lxrNrSs^9QRQ)M%-C$^T)E4*5slQ))yVg< z_*Hd8=OlLFHhS#!E{nGPa>ah3Iex4iGC6Z4*Q}6TvmUWdzA}_9E!fJAZEiTmu9AUs zWagXwt@Z}VF3bVS=N}XLsb#t24-kD;zI?BO+mfJ=G7*JT8j(2_=U)`n zKsa)DEPr}HA7@#{mp_l~`h->8h?#pKQ?h#!<@t2`LvgDEH_^(}F+5c=%+3AWMBh*% zZX0g8GT#+H2}e=3D!+SBIvOGZIf19xnTB{4^&|6uG;Fejy~nh%Q)!-l-b)G4{Ob@4 z5afLgt9G3els`VIfNUFmSXWnfxFt==su_@md?#M{-fy?>x?#jzfRK`{WW8f~3<9)w zqjT4Y+xSAM`BB#6{7O%S>_eBb!RiCcy5HAD!F;C$eiQDY(J<2`cqQ&ezZ zunpy>+7nEt$BFsQI|tn7W44Z$S>a_2S6TB&AUDeIVJK8KSQX#bNZx;`w+_$EM%++l z_f4HM7bs!(#z!6niZA$r|Dm$b(J0y+U&0;`U+`Wx@$m?XC^0zmXl;V;=?Xq@)*hUk zFR^y*#68#*k(Qt=`L7ax6A;aedjOWGe>sd$Ma^jkgIz8t;~Z{j;3mv9e!LuU@gAiV zMR2bECHY$I8k4H)fcyR9g~0*6t%l#Ur!)GK&Hit?A-EUNR*QiAS(PC z+f1#nUyd+(Yb@s5--G1&N_($#z6U%ax84^B(*pDTh%J*5Z?DdhD}^7^#xpRcwaQZt z;Muz=FY9C24P=qSZ-KkP>2yGnu8U}Kj$hO+U^Fby_Maxp%3sHolNbEWUw<-u3H#8` z;;))4;XaZmv*AvVX+23FL(8!J{3vnfpwQe$XDIQlb)v6z|Gk?WNFDZ=<-0=+66s;X zx>m@>4<+p^-PEMC?evLt=Ceg6SK$=?UGNBnlQp|@Me~HCU2p2n@e1rhri7Ku{kIR= zIWKbDU?M2sW?V$h`V9IM<5_?5rl2G0CAn{*%!}y>3VDZR04|XpE){Mkz;E4$(8K@E=_#YICU?Qm;ShycTy%;=s9$^(Se)& zAs?j>dT`y!D9bup;aQQpsXcEZZQBhDzt`}o+_7CfY<_z0!u9)V3LNuYtpvaPITS4~ z<~*%S2D8T9_!2MPBCrI3pTD{eZJSc+Zf!R$)?=x2;KqD>lgreJ5&-o~VTLn2412x;~o^ZG|) zJU}9NKPFEIGW@6}!>YKgvzbfAKZ7K2ER6bfny=`~o8_*_&$VHdH+VFhNq9_~<#H-r zu1e8-6L9;Opm6p~IXRDzx2sC2Z}{%}q;KBq@5)TAie+R{LDcsHguuvokzVMZ(fs@X zDQ+C;N5y!r-$I!UcCLNaw%l{;xu(Vg5YTy1P;cFAQT@!)VkCP_az0fpslxfn=b7$C zd-2fklgi&|8G4$BN1lAzb7i9Fm1`NLt9F%xGNF{`KO59w-glrRn83du|69iY-R=#( z1^!r*r}w35u=*x$W+94KuT|G38nCe1iI2&Vq>de+MJV<5jB+bEL8hFr`{|Ohk>6J8 z77N6Ik{C;~)XF%e&gM$i=O)VzOj2a5K02&WWMB$5>c#HuH;-`i1+rMi8!b6bfUvIj@cq4W8 zFVG!IFP1So8;Hitq-H~EXon6wA7LqQe<;O@75*=(Q2{V4%=6sxTJ0~^G-x3vdh)Lf0_jE5y!!~9y zqma8I@xhwpK_+RN`S^Km+WSGw-I7YFFi@{x)j@z)m1JQB{31;M*n{8CgzX9MgB4Jg zn`B*jR{vImBz+#~0-9JI7?G8>d(MdDO`!Y`y&@KF$`T2-2QvW=R&~)(VzSBb0yQFR zDAT)}$KLfn(r5f&!= z?3NBc#yTS;FQ9tolIF0Iv-|*=%O*!^?sQc7J6G%V61zcxw&4xgaU{nuMlFIo-D4Qk zuqFOGlM=ftA_jzS8<2uL$6>1@*$a98rt25tDKFIf&hIcd4@;OA9L12Nd4cZVYvN8aTH_k{`?iup*@otf4Q?}syzBXm)bHUGkR`8D3VGILI*%NchP zzL7u}x=)6_$1xt`xx?*G`x=TNxgu&wxK$QpTR&hi_iin)cz%Prg89d8Ev&?R`j+K? z7FS{gJoeJ7XImIc4!m^QlOy>rK`qhIN?|muRvzq>=IQ)Ps{-!9Q^%u+#mIKflxfE4 zA}8rPg8l0Yy=%W$|DQz(FJKLGwzbIpa6|WG-RTtZ;^FHKY-irsu?GOk&Ae+LWJTI& zdi_kmG~rRjNE5+LrcnOX>{4h5iOoPr><$zRYkgIq)V_^1eZ#5)EN|2wt2jRe&haNf zn-${%Ld+YsZlLm%HsgPijltauQi5B41%t9g8dy-)e+WWsV2_7_cJfm7rl)!e#)u?#+@2E!0{3UQccou#bQz)GC+7ab4Z9Y zK9XBP5QN}+P~>sOA301efB=mD_`c@o3rp;t1Bv<0=NFT9k-H2=)t#ZVX*4H6mib5# zP_wLK=dq0MWZOFSea?E^yRShs?U=Fy6|_{aQ*p(+BH+UIM_eK+ zk7bV0IYR{5V;d+}nTchR^o$C~WWvd;X02q$`T55EM>{Nigx3k@qqWBOzq!PsDQ%Fb z4j1)p7+VA!onedMoBt{bV4YLD&@-ge`6=2+TpSBm8g%F2J7D4`{}#gI&-2n;Rs8lh=C0<)RWFu)Borc`VZRR zH!=n0ntD?(mym(;URa&0M=;Ij0v9@vLrnK>SBJp zrhXU0>Zqx6+-yph6FU1*a!asrgrfnC+@i9$(dndA`uyTPwglNdSRva zbIjuo-3+rWrxzr3KWc9!KNE;|mPm}QVrr)W;XI6h9_RIOo`kAEn$BO4GqL7k&(T3=U%wHS+69#rh zkueqvrPS6rTt)Zvll<~lt`)Cy8-M9-p{93w*_pTE=<+@)Q& z(MgsV*QPfny8n13lk*FQpa22v&)dRmipMUL;vPEp57Z^wn`@jrw{wL9r;mxk6^XGf zaigM=j2Y;(sPfy%qth34dnoF~_0HV6DInuhN%^{tm{D z;t$-Nt5Tu+^5#Xp1Vt9j9b+k$^+jHKs8T2ac^ve-l=noBxb*&2pJdK&wjLQdaW2Sf zHc$_WKO=c2WFBw5&S)_fPv?JDNEi8~f{^p!!YX~>`gunhclkEUe`KAl%)~wKlo^xPP zhJfJVfOT{5{SK0le29S3Y!N*D~6;)f^rU+2o1Wvg{io3nFwIwCBuC;F|68%Dz5Uv*8{$y4v^Hr~i1nCi3=6 zO$-@FaJz7v9D@}>R1_P#r;sjYd}4?&S4h&1Vn zRHcLTVgnmQrKvOzD7{P51Y$%~x=NEn34(xtfJiSUC`~|VA|NH9NN))Ugck1Fc+UBL z9=G>C&%OU%|MGFiy;qqvYv!GqcLE)sqE(;!T-Rqh@VzC!IB=~Y%jSW=&03hja4^2%Q~rI6=~+Erd5XXwN}$%o}<+a=)n4ZSCt2`)^OPwh@Op6B=dU2`V&6|>AR>w5Uzit;R!K@zrZ*w|+=z7-a zl9>pReAftmB#S^hx2E&OexK2Dxz}jp<9o{YKy~cg@Z%KU0c3^-YSjR%>_Ej0xO7G) zO_duul*}U8-N)8-8^YuC=M(Nl+?tX*NHLNeYxUlbddH*(>f7L6(PjrW#$R{-`ft9^ zj`==Iij=Yt+`U&xM8v{_T3hD6c3(>dL62+IOMz=W2fibI5gIjr*c;eSLILeQAHhfS znrog#C8c7!iFZa-J=P>@7R_oeWxDiKsLz>IN%r>krgi9({EzM44I8Tfs6JExJqFs% zz}qbTLa&!USwJpbW8=x)E0L`Pze|Ef`w9Z4=dJ*RRcv|hZ%)ZDWUxoT@`gbQa^di6 zuccVZ=t6j-!{3P)nNdVlU3#tj{=L6OPJY;B(3R2gPU6=qV|(xb17^_%^`s!^@pp#1 zZ(F4g=e<_m;z0OCO!)v*bSUa>)2~|}$sH9gPqJS=%12qdF0-h#M4Y7$ zXwSBHa*J$&L?a1`Sd5K2KZFwv=&G}ZGQ~@RvwkM)`e#I*(rq2R0z}Ht@VCU~R&8PF zKLZ>MTD|t83~sypT%P)m^oc8;Z*#@bFtaO8n>oOlnJ|-~9G5Q^alN7bo}&}bEi^r%!UwS z$0(2%HufAr-NF7<`6-f`!Th_IT7j2t+)@9HATXE<`5)N;){#JI6M?X6UX(&3Sh4Uw zXYgNfOql>?WT@*6hTq7XIV0b^38J;-qk7J z1HFsTzY93gu5J+lzqv!LAk^lm&(B>^{@G0S7$||&G~+UPv=8aS3(^8Fg_{+?Zxkq; z10{LKWJlq*Sto!t0>?ppKe>N6WKql(<<54`YFi@<^QU69eeZybgLv{HC;Wc~+X!l? z-v6eCYTG`ijwJ^*BB&D)w-4~<65ptE9^H4ZmHXqbf#4rHq7BMIwoJJVpRi5~3WSzs zkv5;rkR!PRO9iD=caTwkmWThMAxDkV?pn%|Vvl;t5Ol#rGCsaP_*wZ~Y2_ZAB9YbN zSL6;_O`YdZ8DP`DDfj+aNq^D5idagm5u4A$9J#Nm%i1DxLgNkV`LD{*V)rFMg)EQ~ z{K{dW{{7&`PubI|mo;~T@XfRhaK$WRtN?(Ym#nD@xfFEgO-`F703oBB zJop>oZ-Z#31nyn^jp9u|`1;Ob3*_Lnw|jVQ8X283I(53p*Xz`OYt9g^hEPk>Uk48T ziv_rDk;maDmNG*NiV4@_UNt!qvqD13ZWFG8WG>?$d~YyIp@IV`4a&dvi{Jio)4A>Z zjU>HTET~eS*F8^U+RB=?t?Str*xY0YQ4qilF+~QP*Yy(v@$k=qokQHLJ73^!>Tl43 zl?9QJGFw}N$X+nse)fMdLfc&@a=RSh^TB!2vmo5LX zmhk)rf4^Jjz@GliK}M(~%0OK})$2NHY>mquUaO~Ei65! z^jmriVpG&m@@NeZu#c*YC zpcLQT-Q57*mReq}y4)og#^F?2m#yD75}sQb>2>K6xh1zA)K^OyU#cFEfbRO${q}D2 zkL*E)r$~52M2YZjteUIe1yz>|iAuMf0bU@!r@kBTg+D%cGSvzna8?|*=tD_!3vRU< zHGoam(QyUJKRaOOYnqY}Iz)0d>gX9eBr)1%EPEq@|8q8H{gvp)wWKs7|K0r-Eo9`5BoM?(sY%{}jm&VPC4 zG=6I8W%err*MOC6x`!xMd$-8gk}-Q1*NBLS5u#4;4kLz*B4Mxo6bLn1k0uVmZ0ou6DGEU1=(PCnBG9u0Q^82kf&569 zTX;xF6W|;PZpxnOa5Ps2|5Kb5QxZF7@9G)?cJf(3y@W?yVxye(#Nc5jEbgGzDwm4n z5#g9~BBk#u58!lmWx}r#lMjVC?S2ZcW{Wz z{*!vi*m&o5p3#C(TSo`Glz#Xn~WutVw05v1#1hhpN z88yJ*XB!6`t=$%CO1oGD_-yLKg2Cw!Rj$dz_cK}1*Ib6Zr!;}nIiK}x>DLj^((`SP z0rb-aBxbsxqeK5<+nXLzeZ*E79Zq{2G?_SwiH)rXIN#^`$goIDZxg_{55CC4qbOc} zz>*us@^Hi+W^%N5KpNQZJP3Dip{x7MJW4`Nk5n=yhvvG?2meXknfAs?X`9Sed)um?w1QDItY;t%-s^kDA4aw=i$4a*KBJyD8KAyE!)CtDVY>xxi!OYU zdg9QO{@PjuGP`w*QxuQ!2-gG_tbNNX`yQTSO{lsp=R4O=mPL8XYrw;HFF;UG>r-Xg zF&Md%U@D*VNSX*s9MQ!QxijZ!CU#^66OSUmvYzqzkDV5|3bNsB=ODDC~;_P;1W!Q8nnz&gHeU0rOG8Mb0OO6Q%RSk zm347#f4+B&*{(&B5tEho66fJLM?NyIs$RkQF?4Qj?!)-vlTWt7@eJ5R_#ERGpsYzN zS3OM{W;|f7qVL2&E*lQlQ)q`UM}A)O`_{0jghj=D z4E4pWMo-Mlgn=g2CK>OQm6VL{kuu&RVX>t%Ibd(E`RZE0?X4*AprUR$J0C4^BMN{{ zBjuEbfS&0q>foENsHSY=ZQrzt4P)(bI7IlQ$Je0D1}77*`ZqV5Q!kzg$hQ-YYBah> zdQZwf)u9CQdU`%LaJ!92&B1jhax_X&W2RPPcE&i6tk%{l{9GF_;zcFh_Igc_kB&KY zeWLB%L}EA3e5IfFP05X_+lz;=tqBbCOMhF&|I_{z`T~5hEP_BCj1zd~p^i5Xs@y!n zrLUx}CZVKONtqzHiaLMeO}Q6))^^f^iX`T;hoY|Tt`Q5j0R6-Q$4f^oDvIPewBnji z+t{RKk@V81L}9j$HUq@@0VYBS*HptTf0odE!Mr7Xs&s zwiVyWhif(t-LL#w6A!m!=E>BZ8?9Q(DV8oPg%jD?QBB6@P%CvIT zRZVQ}{UKf+9?`-?h!OEutt>kVme}Zu@F5S@6bH#a}LMech)-X~z9l#?c z#lJ5+yqK7{7g9Jvspb*y-cePyK8||K9T+IEt_!huaS1np~l_@nseMteUzkV)Z-%D-`bQR@O(wx zx>5M)bLQD3=(!GiXw46ul+iL*E3%pxh01#H~uGB6Vcw07{_9-jMGa@{^E>_BHco``W zUO9)>xYlcX>Qs&5l+ku;238N1UAxzYtG=AKo^|4C2;n%Anwu-Nu)5*LihKTUKERFP z*G>Bm%_IO}5e-@|;o^0YblJx#&!0cNTNTpp}y4$q_fa^3gUcpZH)~#ELKpTpJ{`JW7aNBzZ%H6o; z^RF&4KLq~on~sTz=@g(#+!!s^4ogDrI%H*^)ZrNC-5O3@Uuur@tH)5^^>kIr;JnuZ z$=_m=4A)Sh0A@+yq`k&ael9-nWWyXwknV%Mb&2txAmQT-<&ud2nmS@P)E10x$Z4qV z;xFaTK;fwY`h)za@UCB~^TD&UeJ^(nt*@lC!MuL@_C$8J~ zuaKhJ+f5#wX0)wKXw_7*ZFLS$m_w=HJf_!7tCAsFZCMLi1B(K2Y1OSTmFe#{^@_f? zA+X_nU7Bo>n#Ci=#cJ~M?5i1%Sl-_9_VV>@*jQaW0>~ha@!lilhje{{Is5c{HsH9} zFgdEiD96udQ+VzZOWmwyz7~oFY=xGdQnVFLa7pesmUEmk?TXXJEe3{5iG;`aKzm~QEMSt0V3**Q2=c?Jyk*1pem**7^S9@0#PrWhI=x2 zlkO?#A7T{Z$V&Z;4gf+mj<~|ACE?Zbv4qkuMi6XWnh8a0tpYYCoIUj;CFp!ha1>{2 zWP3q@-*7yEvX(oYhQ4mUQL)@LM(Np2U?Wy}`$sp8`mHBeab+Hz4?B4>Ev9W#lSPw! zDDno+CP!TI{${S$$al}5P{=l|b;@o?q5ArB1Sq+Uj|8UGof!Y2qM% zHuY|BLs6dg5S6)CT>TDte$6Nw>^GFuUZ1fFP`~5D{}QE*)O7-Rbpa9rsBd3YZr`@k zSgT#;7Lcm%RWLP~TOH6|)z#=O^hI$YtiEvI$wTLDnwK>_<{yaJjCRm@5T;FPM-VHu zf&r6b4n=*}KnZOwNIN8deUi98GFN@MUWtgyTxj1-+^oOyX2R~^>bF9-0qXV9#F-}m z@)xcl7c{qKUkIEB_EKyt=W$Boi3+$JJd6ZLw!(T^v%tv1#Y!3n=J)8qH^m;4bU7nY zXi8*z<+_eYH5DJQ-XtE!(qKp3c%Y)Fc=BL7kYdLQ(o9RqJY1Bx`^E~D%;!LUNK-i+v(7%T6`MM{jFjv70*K` z={SXb0rHRY;38qyn}BPTnb@-vMm2Wk>0ApW%~#m#SFOyB8;ibm3&>FJN-Q}XuxN^w zrcx7p8GnLTH@EeTd4QAaq z(SY^B?pngmo#YnA?%J4n6&bBfJ7uE`JVJxu*Og7_k+Eb)ulW+gnIm0q0}fu#)-Tx2 zGtNClA~@0)b;-tO|?X5Ui|_cD<#Sfb-P(T4yQpwrC0ITp+15 z7kM~uby+iN%91tUvbi)|;AxN+V6|8sR3yy9$3B>%T|-;bc(my&^9muY3DLMc7;~Sd_S6Yx;zIFvPEfj3&pSXu8a_v5eAa&kU)q>0dy>93$1 zk{XUk_vihhcUOm*v8uCZMRT2{{-pMRynrXVJeU-zIk4Z|Tju|Ag{v6@N!Zm; zv(zkA!LQDX(XqH!NY@QQzLh}t01Ay7-_0B8*VU0%PM#!|X$Y)M7Lx7IXtPl}w=0G6 zTGV%?MpW%p)G#?Ow5t|L46xjY+*%Cpsj!)UagXGta_c5)W2akie*bG}9C|*@u(z-d zTxO)pG=lzHK_1kvV)zNY{U_&Sxb9o6433qpRaA=7CD0BvJkT3Xi^~rVV&pPuIq{se z++12d{(_>S;sr-dSRvB6o(=5l%yV58Fjrj$Mn{Prf(UzxolH^7`EKF%ACq4TZEUFW zld)P}9$ufY99x@_d67xTHOZzz+oJk$Ei$!d%G;!vy)wKM+_Ht=1$IuStmy-!)vvb%B+1~(j zdzm87*4%)Tb$jaRg6r?@0gx-$`PdP#YiD7nBn$aPhEmS{F!!_4QDDxlEG^YR{>dU5 zsrSREkWIHR7JEK$%#V0rrm8ZN6c%Qf=-=RWfBY zv^C<}D}iZ&em+wx-|iP=$iAF8uv)f}YG_R!u9I^kQ~``N!d#jQcsK2BZL*U}1HZa) z;9oFVVAfa$V<#BQ_n9aSxU2>TuR9ZQnt5*>{GIREnzCQ(Gwl0=t;1Z_SC_q^-g=%I zxA&u<3%T*en0cOr&)lTK9;*Gm0lmA`FX(^)O!?Lz6Dq6NVp7E9;%_3wtEXQP#C$x(PIML^Wd#NycD0?GhsFCKNOa-qdj-eXpeF_(vL7&tOCKk%fd8?) z%2CV@Z*6jd)0+!2ulR~}$42 z9rv0}Q2_5QSqQZt<9av~&T#}xPmn8BBmMH%QlYy#=O9<=auz#;6DB7oQ~KlZ0MUUw zRf*hdSAl#zqte{6D{kojIvbYfZy>HuY0h5C5ia9wCxak0|EDhhb6K>lVEp2LM#Cjt78m?yl1 z%dK^!eHu(kzbvt~ww9WiDVDd{0y(Cdm+WWH=!XN!8OVX;;#TVv3{_Vj?od7&34u+@ zZk9zwMW>|WLNACK?s=~cx4A-(MS**#IQ!rl%+nV}LICdsCU%{*#!CM!=(6zG%w;*P zMP!S2mQFW5vdyt+8LX3~!Xqpk=+W3~?6J_HT7X(z08~n$V`JZ}s2@!3k(im8^KVFW z!@*8EgJl3B5ma_$f!S+dlmm!FjUxbbVQ%m1|FU42XZ)D1+crU#MuvRgNZgb z!IwAiqLbq=C+7cznDPJ*k2e&w1ToEcPjp|8wE3){o|c}jnOabwt8NGpGfWw!Ku}v? zL8_CFx!2rqlOknxaU2Sl-{e6V8h!@n${?r+_FRQP=c-Ee91JS-SQIm51Syp|YdHui z?z`ht_k~y{(==NDf$Q35qr7ba8MNBReL#(!nK|8WzRw_(?v`ymB;5cS`ZFOxIN_77 zXp|f?!3+lOx~t;|eY{eM0q)~km|(-9-Me;K_m#Mis}ZI3zTGY%&RTm6j%DWCb3ll1 zbtvs$p#VBNsnG7D*!=?o19G>0o>+kjsG2Nhw4rXS zLZ;a{dZ0c{Gu|m5J7)5`cn|0viS0_dw0%MRd;l=f42KPeq6z^7I5A=W{rmS?5F#9| zFjKCNE!C%4q_f-s?(VPU4+M-8aFi~7?O=kY|6f}n!f^z;CYPix z^6-W~89Gc$r#{_pw zSy@jyF2_K7wr9rDU>DBkY+{w4?#E|x zX>9l0fZuY1p^9~*2+gbrbNsGf14k1vJquS}g&7f+m1DwQcqquvAO04(qJ>`O53B5U z3;ty0d-~)_QO|M|2@-q^x~u_Q+!MB+snA6yNODSSes0M9!)yVEH~0_8 z^k#b?!x;*-w&(#^EE5Y$gJIut10s1Q+^%#s*Q?|4ZLP=g4$dL<7erSN*YQh288{BC zDtx1tCC-hGZ%s_NJG{Ew`7}sjr1R#YHF+bp>D$T;hK-N$3Jqe_c7*C41723(Y zxKeo$+#N+l4Z*exqIJs080wHUK#xDBk8XY#wRLJC-<40xoJa3$242QOMIqML`xNq^ z>7KW(&*VmK?j)V1$Ekt6^_%DXF`A!!qGG6!wYf4AF0V;~1ByUDLFu1J*uRt9c%Kru zo5iFBgTXW@jzGGw#7=y9Mw@+|g-Mq0S3VoG&nu0 z-|=%dvF(M$OagKO?agJlYF^sQ!m=J}8?}4LUnIz9#i?!2Ps*vNaM#q-#3-y@WlKf} zOp%A0;`zShXE_)gR1$OFTtTxnOd}+pJ|@R-f!1WY3kivhZoS8;HZAF2mLujF&Y^rJeV<6O%2A~&`GfbSNF8{_!7*eDnv&k!{x|37?04H5{tB!mss>2xWKJDEIhAfcMki92aPc%_@E!)+xz$K zK=+jxSg||3E^lF06H?oB$21CrU9GmhMN67{&ShUIbR3G-su_lT7x+B^T8d5PHf^|b zPCIpBP|y{rQZhe@eVSJ}=3OgeQDu9ss{|&>`I_}}CUcgE<<;{wTF%#>?~Z2G-{ zxH4DY2<~GYU6Z$nwH)0RRIj2LCu^j#i-WjXG|#H6g-*IIp!;q~hIJWmAz+ z2mgEUx;PNTU9p8(S@1C(3x>mgPFMryD!14Psx ze503mk{^DNx5okdC?yX}dfKs4={Jk{8zBap+6$Cu{-$QQwEusSKidR9@6G?qPEyb@PAV9_#YFlY;Lq992B-2)T)+3f01SAikN^Mx diff --git a/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.png b/Packs/PrismaCloud/doc_files/Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP.png index 21e8b6a321ac66c3341aa226c7f73603941b39de..342a3cce840946eb3f755b97341e319be6fda6fe 100644 GIT binary patch literal 133972 zcmb@ubzGF));~NTD1r(|DF~=Ymk3CQ1u6(AF~CrYfOL0`iU9%!-HM>pAUQN65+X4o z(lKG_tZoA?Hl^D&6g2Ej`}?p#-u&kF32=q5Q}TN(8CkX%j4n1Q_?8dVD|8o-3w*9 zhv%NMU0}9scTG3B(m&}u4@bDWexeRM`PtaX{hNE0%Nedp3dRbJB#*l ziHV8FILRrf=*}t!!N{Qg^5gu^^Fe~4X&V3K8LEfm&9x;HaC}m)E`s=f6f~l>TsC4U&_S6f0+iX$O9#@H?@c zIrC~{WF#|ht*Z8NrtLYSqnLQQvp;{5*Iz+cSy{PxdaAsyY6BwY1yj^)qazLiUjFPjTGpbP_${ zq6kPlQb96)C`O}I;8vt1@nfRP+SShqqkAe5=>T#N_|3`~@EKChypGOE9?EWa~d?KNJuyS$^Onlah?Yh@)+ zI=m|;!f5pzfGG02z%%pFi60|PP0Rdm*%4iJGIEz2vay4Vwt7O%{2#Ia_p(*#g@b~oXv*#p)xTMnLyt}*M@DO7l=a3JIoE~ zxZGe}=U)6!^vVv33FEDM6bdd{l*rmF^!xYkr2}@nJbpi<9;)`hGZ+*j)YNQ?JUvuY z5mrwH&;s)z=YZHBAxVhhe3}2|O>AP~i-m;lIyMnm!M4FNMY*>w3w_1C^ike)aD95T zJ`35v14;!=NFd2jtSkxZR;3RM`?JdoaiSN!FK`5`q~B~*^YHMvfl%dDBQ5fC5N31w z=Bro7tQvKa1G^?mH;z}BFJw&^P{jz0u9)-F;9nqGBq*Fh+gF7k<$C)V?pOY!=d_&R zNF;J|;|aEog&@zEmd4QD-pS6+ZhVF$kW^~&w6t$xvVH=xvW8==c}h|u3W2^Jq5~Os z5J$rBGr2$4}Hi>gFkyegS0)| z&m2E#B!ygie&Pne>A+eraWr#^)~{wZH{l#<@j~x0)6*5Laxd_dHom{UOO#AfgVpxfXXO;I$ zVE43W$j8jN#Qbb7Ud}UR+Mmv4X=o@GGzUA(fP3JP%^JVnn0i zG@`3P)0hyiU*TbIH&iJjD<}5}2xqqAO=P+sg;P48^&c+&(>5SaQrv?{iHW_@tzuX3 zk=UDx;e6rC5zvtTj=RVDDzF0S%-Yg2Ed$7B`u6@qP);1gFkSW!) z`JWU?OOS|B4p~>ic+AuiihC1??Y^48z{;Y1vmGVQ z8ZI6l!@@LPf07SN4WRgSH&R%5Y&inwZeZ76bgsk^$6;)24BP>ICbfuv>pDHAm3w>& ziha7+YiE^w3i9$qPjD)pNvWJz^xAByYVWT&|KaJr7ELS(zBV__9-KdXM6<5U%I*bv zcPYD|VtCS*F&&0_w$Y*UFF*Ugsee{N?o2lUPvtd}9y9v2(d31u-(mvTs0?7EuA|S2 zla`4D-YmR*5#VJnqmm?!z zy@&}W?0LOak{*i#ak^jKJv=lhoy3Ek$fX_Wps-EB%=a2zbNtw`I^>}vqj?T{D)L+N z@23q)T#yPrul~sSmf7^f!1;l4*`f7}Rdaxme22mE9BNcsPX;UtID1+LRT5xjy zAU00Uh$lyA8)$q9jd=g@=6{&QLHFVl?*Im2$Qeo%Rn7Y8rOeGne7QthPdPscCWC`B zgdN(&#|ewK$P%SOAgvV*<4sk~@UXD@Rjd-{{!(k>XjerwTUC`Hmmz|sC#~@h2s0>n zcpf-?Q3{y;P&gXW?GRyH;Za{;(Oh88w@Tvu&O&SxB=1=At>t&T8j0V-Q+5h#c6}

= zz*Dr5m*Td^L}db8$ig{*qgT$Q8E@3uTR9%n(3OiInY;Fmj(6lSin4_)O;Xz-_1VwW0RS(u(R;IOw}kd!ffcb+8R;G?f1BI=iZD(`Gc zPBjKk*@Y#^d8#-%;(v=p0$)((11;T8M?WqJ`==9e$-awar3)y0J-lXJe@(=ci9Rpq zDMpoKP}hYno_=!3f4Q6n`$EvPf~(?)!`8|K@J3OChhoS}N9i;ujTG?cGAMuWl7IT-Im3-~Hb~KgTRpnR4hwgC-mksL1 zBs1W5Uvh?|H69to?GJrY3qU0vk8wF6wex*qd92&y4DaD*0+vP^*})sSVV>6SU02T_ zZ&MvhlBcgI$qnb+eeXKjB9494nGIL<^z{7bJ51peMc2&>rLQ}@uW|dAFJ7c067UiG zgm=E9m=Pq9uAY0S{F1e!t$%$F&UYn!^JhxH{aIos)t%@|J3m;;U(1YR-8|h}%Afnv zo=K3@->FY2=RtW7dOO>ANhogg<~14<6z;BjeqcSMH)fpGAp7b{st$7G{kwb*UC*60 z1U7C7Thn+%?n;{kytD!R>TWe&{x`g;A>Cr8Gv1uhfBBreedv!E;W z<4|d1O0TD3PxO&1joTU;x({@@Bn)nD>N*s;w7fs#AL(mc{M%G=DBaM|QM`46H?QVA zVi7m!<0&re+g5ynmR1Gst5!*{XKC12=r{APUtftkg70b2NT&wY0;lgvHxo}gu z2*qNlYUllTd0v-;UFAwp3EO+X;qwge^%g+%DK5a(wWTLPjLx7eKs@@wiIoQ47NmdkHq%j}oM;tSbvvG9!vEVJI` z1TKMJp12UW+L775G^YYiPByV#bxF% zzuX*U$Gybv>?-s|+_s0$>)E}*w^m&EO&UrZa^F*Y5EWW+-cxbzbWfhF#W;?;gNLRQUPq zTA1Ut+G~`FR)sAxT(hU z6m@#4-PpG7r{H_RUv->sm~!k*5OVLZB)3ZJ$C<!pBrK6VLqEn0muY&=8iP^q)#Dw)o+l5mZw8_EL%!wfH9* z%0*j)_eQ#Va@tnUydJF^X53o&~fs#>d7`{><*?VMI zFg!(QQ9MwD-5{>EYRW|ZjOe10tT`-Z@tvSu0_T;oNZTab36*g&BWFq@*~j-N2mB<9 zc_HG>AdCe0IvwT?-1&0K&yUiTYRBsDBZf?=KkV(|{bk?93zrI@`r>m1a=mtDCf_-> z+T9;%bgUK+*s{uNjc=R!TnEIUV;q?$m(mP2o(Xp>T6iOopHa{uW&l+_KLFREV#YVx z5se3|mUmV|zQ+wrt%_`MudL+ffW6J{l#qE(h*GyB*f4e4%W{L0)_cGeO8<5=q-E{a$wU z-DpK)2%bj}^(xYDur`ZraxecFw(l#H>LWxZCtUtLL#C@<4$|g88V~Cx0zg5j}QNH%?uG4 zTiL9OrfFKoxI;S4HsRN19OSkwv@ z(-1e~fF6~J`sHvLT`Sqjgkc(Dk$M*lbKs~sWoc~~4im{sMcjnNXxf+0R_s`bvn#~~ zDE6~EZSA^d4%$Wei?d%bXrnIe7}~cMIL=a-Kweru?HvsnBXUzQ9&zH_NfTA^wSv33 zxy3BGc_*|?1r*MZ$5s9kqAg$PZDm|x z_A6!1yIGlBr)dtA7NM|#6MNpA*9;b6BBr(@i<&G{(WGT`kiQs2SQ&X{o-=Vi8%xL| zcL)fKm}0|l<0?4)WGh02byJx3iDg#yZQ+q;PMv96G@F}!lp_1!QZY6#dC}W<3LzSH zO?A7lIs~7P(1$ff6jGPTRd3y_{DS{p6e_6r;}YI>|9v%I<=8^c^1I%eDMCfn7sB@< zCCw-5=#txc?g4UyCtV=gW;-2jx~mlekgCe&Ho(xhT@^MSRp3QJ>s>Jbk+W2w%`iinz1=)tX}-!)V35!)(0O4^+! z+aHxh{HX(zlkcS1{Eui7&Tzgo^_!~Ccc1I(DYDiEbwd?ZRn?;6;u~se&DO?fbsql% zs>6H+XK9DGx3@bAi|*4JI}rI!{r8wjJ~fq__Sb7no( zMWq4wy^6|+2j~F@>|lgNl)5Y6an}uLdTFxCAsV67!>jVKT4Sh zbI5mmJOy1prNe}Uhc~!l6o@1ih|AN))dJ@=YL0xS|7uAS$?9AcYOI~bfvE7= zD$?}~W^&5>kQ3=quj>|?lmckRs+nCnd}MpHfTpBzPPB)$!eb$XROlfy^7XBNIfy7K zL3&(ee)3Fm5&tldWQU4YpCSa}dpCcx;9sJWC)&HZOm4Hd_p7Y;@1Pwrxa30dW`f0o zJ66L-$tjq*E-ETAf4g?*PswV_%JGN5FtA9MnJ~pgMbeL5#4yREGYv7sEWU6(Ho8+HQ=^Tl$Tpw-Il*6QSjO65p}3bxC3FNTJOrswAqsfR=0 zXM?gA6eQ)KP-LS6b`}EzgV?1@C$Wk|yZNmR24^CgBW!3Wias}2Qr5QPPrmMbR9(Gp z*etMe?=ib`(^kR*!s1~5gZhx^nVFa2;o;W!K($?(;mPzIvA@Je5~v9?5TP6Gz}_x# ztSn}uo^xkC`I+LgUqc`XPwk~x8RNz6rm@s*w6Z;D3}@GF)C5%vn&J3`;4danTnmW4 z78s_Ec)yb%I>e@_5Gd^votv{WtU}5Hks&n4lIA1W6W|T&j?#h^#N5rzrmoWh$+{R_ zKigxF3QnUQC;Y)Ojc6qut^Bs1-?kdz1|05KrF)W9sI%eqB`+zG|k=57fYV)6C6HTIKok(Q-l0 zMj5#-4c(gcwYBS3R#Q5gJVCapchHPb^0rY0uBM@(VYDaT+<_|Xrp8+zC6i#BS$pMn2z0P~sBiOo4^0~4D`b(Y7Nj?p<#EL*6%5XP&+l3g?gehYyd|vzWf}ttR>nY_F?+NXwQ36#+Jv zLFO9(J1PvP*cF)4zI_@Ei%CA6r)XL!yBp~vU5{?bkO==3s^6yLlMiuu`0xTKgs?P5a7JkQ z&mg@V@Nee%ew37ipY-|l^q+zP4VRheCVMt`eMIHnD}B%%`(u7^B+SmDOG-*^Hfpqa ztUXk8Br_`Z{OJYpF)E21<&nFQ-@bjz_rwoLgV1cJb>HXW2Ipb~D%s?m(YM9wVEVIK zdE}zc9iQaiZ!Or&7sP%KPgGac6hV~O3HS-FPv0Uls;Z`(yaTlA}vc2s<@||+Csi{H*!X?l(CjnS_Z}_4b<`#iBYPfTmC~U z2Dkq;3!s|z4_GwI7c7#bZ>9)3WuG3nZR&W;k0V5I%z}D3(!zdov$G+!KhXESNs$fs zd0at2sfsF+Ps@wb$mFQ!Fa|k|$47_;&SiQn<;N7H@l}-joHsnJQ-Sshro6 z*%_q(c@8f-(*b7!gV^QETe~);B7P+8g05$K`$*1gZdDaG%5UMc^J2JezD;MAkl)@hebDbERf{<}_nc`sU3WX_xWu&8Ggmqqd$(ED=h9 z7Yz;jJ`@%T_Q}d7F#N~@p@Y_aRadgPw6uvAwa8^T?!ragJOU%9w4gI}e*R z1iGS>j-f|!6i!S->VweQ+tes^yD;&RfwzE8WOr+vMs+M1Uqweev7!1u4ckv?{8h4G zmHIhAmaoDi>UzH4RM*g`n_L$ht#!Rz-*%_jytlx@U@02l^D80%*MAl7CzzZ?U0Uyu z3?1cMe6D;Sv|UH;QAx?l#lj@1?vpVuyqwQXsFL#&c)l>_I4Ey>DxqccVOcf6c ze+U*Q?b;TBi>GHi=j-b9H+(%@{Df@%8=^a%hvI;XYlw-6H9|WW=a^LaWR2#grJ2uu zZ|dsmdSq?gRL#6fj}cbE7D8=BI=;JSX-9sg%qY=KT``i4zC`H^`sQMwVBL7+*=VL! zM7=gK{GqP%7B9PY+}<~*qLRv;Pk#c7I$)aW>K<-b$(mf+|7e3wO3-UGkke}jNp2Ie zQ}e89Wvpc4kSXg~5^lW$o0_-)VL^kGqbR_Tg5nHzjWd+yNvRHfO!!B2(?f?28LT$| z$5ZL$#dm^J?zCz|(yQvPZ=_`;PI9HCfu3*N`WR?3A}twjo-;ro)ZE;P8ds80`n?^e zv*CogZC!rdMCc}L21GT|)=Hflc`HUq;H4dUkK)e3(99*(rud9Pgd%vdm3%RgRCiAK%Qdt-$Lcw4)l@j8=FE^ zeE#)qy5<(ey+_ek(To`rgwiTM&&g(-;LeX4xK|_Meh}Q@5|h&eb0;UH@t-_*(U>lV z^KRUJ9K5>9ukp<++Iz{y@G%A#us+h`Iez`9FbnQsb2-zpw&OiAwAU?#aqd?FRoy^n1!x2rpI`zLPz$8$b(gHF>~CF%h2DMz9#`~7XLwpn74V(~Z4GMsYz-XqSH!B8(vl+~aD@>E4i>L=)JBcwrh zIVJ_?qIqV4GiO?&8#Nzh>O-7hV!t*;;ex!)A!-m(07Efy+yCuA|NNqSh-P5FZm4u& zkyo(1b`I6U9+OyD{K0%WQ8|~2YS_ktx8(`RjY7N*W)65Ah#Hk{pKH#G_mteXsGKSf z75s(PIQsiT5DdlaS)T~;7Riq*M^SEYvcHJH`2%0-sgc@C}262hvJuWBpOE?2lEJOp4C+o z1%u&9IWGq#UZ&FlZiCCk4&s)b>W_d4`BlzEfnPrMqKtdlVybLxja=Hg-uBsEPrXY? z;S^S0*ac!QNJ0O&ur$ACzT7foo=>q9!-DdVIX)=K7JGc z;gPs{Iu9T%StiVL5T`b9AjJw_bIam$Ko4R57ikXCgA_S=X?d>zgYkJXvVoId*`RBL z6jZ;n0dFRrZI#*FfMRr!^FfGu0>H}pkV`o20iYbxKKo}50peka3_wtf(3$mv_iT`0 zN_sNHGk+ke4G6|RNDy|R2Lx{nd;f{LAs&`U0|ZZd4#rP$oefHeh%Pw*K|#t?!<7^i zmMnA_?`sfrNFRkEy@9AF>(iYXz?@>dQ-^RIG$g2mRFq-pQwrG2B;B3%=w&?!eW!uS zEb4yiUIPSKT@b?1Ne2a$js{Sj3_?Nb8A(1H?E(j|sN6|G;iQ{(St|(;oOK&hPdJFf zs30%{GaiNz1@iOh4C^FXt2!Y+ozGtpr>=euH0LGA+3P`^V)W@Nt@YS0-D zc=Xt)RX>PFW1zd)2MOvfN5SgVUN}BF2!;_P-UcLHQ6yBv_cf5xe5kJXVndq%;I0>FPeK(X zNJ_W44t4+++kI9^K>*0!Trsf&l&qBibkaA#QkcaKcwCqd{*(7Z;09R^TtjF5<+$;a zKq=95xSt2uhExuc%`UZ_G$KJs)fb(}O)3;EzAF#8ECF%5UX)3&vD&<_vL$(K`r ztp{uJ{l`fArN_edAZud**ovaph9Bn#1i#xC^Bq7?O9lvT!ft)w6lq8IsAfasnv7f* z1S`5>eah|v05u(9;`Rp+{GtO0rN5POs3I9Bi%%`@pjS-w`vuqmDwk^|Z1eyi3lZiI z4${eGfSTemQA=Gp5+HkN#19gqJINh~+FxqoCTaOx_4|Xog#y6otaEouSv;UgdKof zU}2Y7OiOvg*N(UKJsQj!+Wh2LafX|Woc>(UD(ivYETsM@P%7$ATt3BdI-$fEZsof( zJ=dnYJE?Gf$)AiY5so}Sf^@OkW+ejBosO<6)<3~Ph*F+@r)H?kfy6HjeQYMR#(Mu% z35AYn@T>~%{@g*X%Hm`!3OtL5b8_#{0?$6{(+E8XXi*G&sK?s7dNQ^O-DsfEY65ot zAWiC$N|8D>x=}-B?iT=x(poR+LW1qjgk~o7;$&W+XhK6pz;x$wmUx%wdgLq3)Jb5L zB+=YF*ALKw4PyA3)It-_<{n#K=EBQ(b|g3OY{K-F_YY#Lib}p>UthkEpg*thi?eb2 z`GZFfB@%oz!AS#yUIs*W?yJHQ)Jt)xyv!KxI9}xc5fEtAkQ0>hr563|96^F6WKC}i z-)OMN>tiKlSsyo8=^yC;JCnAU;||&L1CEoDdR|GE4rCq=L829SMZvEB%cUWg-o>6u zkFCea1UjS-z+orxM7$F8R;A-h!=z!^L$J8@N1zHMlGP24oOm_rPStzMNeN|f(lUHj z1uQ5m#>+satAGV+s*g(xuAYkbx{`6;>swb#3qoddI7sgFi`wMP10*jX^g29gXET=| zTE3F&6`y%>kp)##=N!p2q%_za4X{zN@y+gl01oq(%5Ss;FSOZ)F5^jDeCmsJXTf&1 zV2?_Ga07L}nZSsj2B1;vJ=AGNzCiQNK@!dY)DA zCB=I+*m-hNQulQ8S&AR$UN2rW`mTEL+)3)q)QffumEH=ow}!I`3hbUr8xM3d{OYqy zz`V0Ug@F0#r^+%Q>o2``Rffz+W_=whN>J`NI({FqUAUAzb5^L-fpTxMnYK>tIWhav zzWp4$0b8~HA?uX|9r*;~&G(2A_^fZqSq&Im!`~kYe?N7|y@xN0iO~m}ZV?!s*_3AZ zaL>Br2fD1H%^y815^%-O%)c=8?w-rK6n%wCNbf9d&&qIaaj_(I%?e&qDjf7px09hF zg;ah@>ThV!P9&XA`uhHT>?ux`a>)s{yEUQJ#C8_0EO+DkYIRIg_Iaj4;*PhGT_q*c zi?crh(BMBX89*8hu(&^m#>nYOoyxT z2e+cblhivMbA^TT19rD9dGb8~Es09Z$hYTXzn7efuGf(!qv=H0RpU5s7*LUthwiWB zP&SMYtsJoP5cC2X-@3bbG?W+HHY>c^Bf&QH8AbRR1=d5n8V^0c=IZC4_wn(`2>&3Y z`0O4GevQpa0Ls(e2-3`e)2L_oyrm~?Gs%n78+cYUGqZ=@x|KbpuwL2}NcPhqHD6Y@E3WdH^+sEF&1VOOdIHTX;z7++st zB4CaV$FDHuL*{PG0${>1N!DEew6Z9iXzJI_0NKyp1P!`h%ip}g02>mV8ENN<7l5*f z#URAUZuJ)<9Rk!b1ToeDmAaorz}saE`p|%bBuyaHy0b^FuLwmjiWCC2>0yEVK3f1= zDvS>=gW677-GE^Ekm5VAB`}WxMVgG&vrq*8UzOlzB6wwTz%v^P;^6EOXoj9;dkj3f zBnXhRzupn!hH{~-*HZh)29jtMV!j&tkF+(wim1V3zcYbN(~xQ_f`ZX!f27S}Cw@P{ zW5Z9KiuVIz!7-ySkQmtxR25%>`bM;Vsv()t{mp1m8A_+CrQ88z$25bKJ3v4g?=dHw z2obd)Z`0^-1tp01G1Nwt6sByoSdE%7vhU=BH8IPCpoFYLgQU80%Id&5^hsYWq3*J5zg^t!C@1 z*IK)(t>Qq-)ON0;zpafV=XTQmNw|@7{o`)@74lmkA5nk|_LYMv1Wse3PF8n5ph7c_ zs8jb<`x6xMsG@BYf)X48JaPV>mHW6|&O9%3c&=gb=P!b^!}pYG_DA-a!FeWwC0t0Y zR(5o44sGBjp-{34?_U$Y>kWooHaiKsbETUfLNlu2bNIT)QuR-Cflt>>8VG{gkrJWG z=^*rd>R8NNo1Qu)rL>t+U~TNOT(A9Al^gd`<=Ak@liZ?){pBNpr-~W9bX_!Aet9~> zq>MSe`3NY_YA%P;k!Qij#!i#R1;N@vAu}%|^--PkL5Q0`oA_B8PnB)MADSGG=Lfu1 z26oD@qUC*Ak;M|%U@`C{?udGha|R*S3MKs9LCu0>I3kUbXi#?J9n^annm<*;U?|l$ zoaFO_p<|bFnXi`C&VC3LDd($jo!{Rk>`z$}>?iE^CTccuh5Vn!m}w&5Le+(Huf*G8 z#p;@gK6_hJn!fof0{M(B6X%9imA2u_W!OMPTf%mCO+X)=VBV!>xdaroFuVH}erVrz zS&nl%@695U@08q-nC=AJ&u_eDJ7)hu*K4a1F1}CMZfay5o*Z6gKhnG^owKd{zrzQf2U5h>wmNN=wK z(s{rt+iq*6<|mPy)syiZi}Uf>Zym~C^B6E5w((AtG^UGs9zfh!NT5cqlrbKD;cXV( zwULJ-WRrGGCPATfgmYs)uKZJOWZH=-1`HD%qp1{T13Y)PlX`EkAJuIM- zZ4S9Q<5VNCx^L+8V7umIvCfc)l0^R4c##}6^YnoIVcPvi4b;_J6i(J*nU5XIXR8N1N@^ksDV~$CB^H+{g^d$fZ>^FB2W-R`N_?@BnQE$l}vk20qY@dATHvOSaLg zy#rsCG`=XQ4U9&8kCCUZ@P!~j`5(?1Q=x~7;vT2XJZ>mDV!aEj#6Dxq9&+Eyu-K?t z39wKfSRWE$)ncz*q2sK7>Wl`V+w~mTfF0put5lHSye&`T%%naF=8&PVlKl#Em1Nta zR!L6jFN;Mn35r6yu+N){1y{>!$BtW34`);~+GZ$*pe@Ay4EcNLSe9e$%Qf#WNoqSq z!av<1?5KObNiSK=3`#)ZM~N%cNum8xzA!2Hi@6wfBYt5P#pHC&}~rY z=2N7F%uUQJkuHawtRr1?YIWuO)K-&)F+U=1wLEzP&NKgyRUP%m6FWPcR?p5o&nufO zN?GVF zMCny`&EC59{a$t7losv&0j}IJrGVk?G%&v@QnoqTG4w9(agSdhr~g{}+r{Qpxd<@Q zM_zg_vIsJ{#*kC|V8^8M3-LTfge(cudX(7pUNWD!d;dj&FJbXC7=Ydz^=Ep z`-{6Zmzkd4LF)z+zDzV;j5Z{TA;e(C_X%!+{hGVunhn_f9p3`SR%T3kil!&+Pz7$c z5S#@i4p|EpFoTC%Qv6n$zzTNKynwm=Bt5%uqBL+%u;ygo4sYN|&}{Ez-RrE`VR8O; zT&nVcFAd>x%{zP==Wce6@%WYKX*R5IoU)w6j7j2ps*hp&%XYtVPHBajS=b@;p8GK$8lB z2kHZzET8pY@H2p=teS2WP`Olo57t3E&@+n%HD4=T1BSzo^l`Hpumm+LN66ABs}YF& zjGnj}a)1xds(@fu3Ssd9!YWbyP5=uU@@Vk`(V!Lwh+@6Ztb;SofAfokgMh4(5zu&~ z0UmQ*tk8wpoLZFNADLd0CTEbWpzPQ=oDqBSZ)zZ_1oE_f<^LxnZ2=8LDO0fpsEG8e z7OAUzov#%v`llIC@!@{0W~jZA>H!2&T*zVx*hl_%zYL1sI{o(fU@ftrEaZI}N|^wi zU?st3?%-AoBrB=dvUxa;B+kDcUMDpUa8=@@?$Ey)bdWB|j2Tq&x=DTYR#F+d%^z(8 zL5?B|be*!v3&70_XSJSy1+xw?YD0CXQpLc6!}25aNV5Jv+ySV5Q>C8<+_S2K#hbC& z$o#zykQ)524x840=}9PSlghC+6~d(ctv2cQ704Y#AwVkd(d9Uhur)?n3GQqMRJ}1Z z0C>*z3QtRL7Ydjf2CcEQDd@rPmh)OoFb9|Uhp!fhHm^9VrFg=XSQ(!9n!BuBznl;q z&eYylA!!ItVX>bR4c!oS42j;b*!a`@%p&n}vIu&DRFPze7PrFK~s%u0( z>-)vZE{9`Es&IJK6;+|;tMcdi82vAx_4U<_1G3YAnJ1q(G5m~k&*_!?a{i5c&*asi zX`faibLaEtBygK~00c<=8BqKSMocI9;INpiA&o&I@|4ovO#{oml5KDu$^4V7kslv2 z830r&?}02O7s|c`fh^?*JtmB^OzBzmR(0%|8NoRrge?39mQC@D{hSEDZH+8R@<=MO zL{OoHf-%!ceLEPKjyPPip=LpgTban9LlMFPQ72JXiFshYFCJ{t?n+~=$qw} z4GgnOMZ3*E?B8xq18;7GbSCcns4)M4&o_X_g{RF|ZDdfZO(&D^5BfW{sNE7nNc{7C ziG?|Aj?gxKXW$gHE-}vAEuJ25AG5aSRXy@xI9e)t&2LHuABO6#%==ivN=muGX;<>n zvaljZ(O@1^FtcL72rHOE@8FIon{Q1C>C&A_?h07j!Zv35Drxy}I&KxE@u_wFdJUK> zqydKR9Mmf5KEK9XJyfbq2)wA0vTJv%&}K%Tz8P0N#bmE06Hu`9K3qKTe7PvU!WThn z7ZPKsw@3wq^5tmA>CXvD=98E^;YqKM2-M5iL_X`s3kXzLveXW`qfg`5V(2^cp4Tm` zrlgH^>*GoQlzHkxV}HZfc+gK(Y}I&BBl+A)7yJR*p50klv(i zw9G(=`Ry^@uJm$5bG#l{_37a&ZUn*$8kTAQT z$=zN(Khc3E1dbV4P_@}S`}M7M--SEe#houm(6VF(zESQkJ4F&8h}?oHoIWk?o4ryb z_EKU$yApgq%+&@aC@7`OqJLM9wWPdQRJ)xWjaZ^k0IdQf4=K|6%7ZxnH)P4k)wsTZ ztFYFBMe8zs_r5*m9aw!vt4fTPvcRSQ`%%cnueR&O zEiQ{x4a_LXhg#kv0n+N;ne&&G^hCJv^74BxzwF>5|fANJ+CI zgAY3$ee_RbpAe%Pu-~8Q8>pa?vTxLc_4udzyzNl)`We5vnkhIMVXf}@YTS*?Xt~O1 zW=n^g;EE6M1P7STRScg7-vWN+pmDKBvdDT0r=zw@;cVtRn_S!#;3^FsRn594L}2B( zRi9o8XI1x*jtenZLa1^qcWJAZI7GT9p^)EcZhpRnqiSn1VXQMRVBNaYl_u_;6=@gT z0uds&`#Pj?*QOD=9Hgdt_e8)#%mbH?jv9^NT97TBnqoIp$dJ^Y_l=0;7T#n|xiZ(O zw$fEp#prA{DxSLYUP4@WYUP$|N@z+T);D7@hyl~OCGZF&2ggBNWMjsl4%G=pHZYQ$ zw@yRE0OvKFA1?8nQTcwZdAILvRDjwDLbjm5evn)DYYo1dSYXZt&jD9;;R1YjdLnjv zK#3||pL*c3-M}fhvA2cCQw!&_@Tev>QjoF=0{B)2b?C9DNC7QyFgPqqV1yL07(}Gm z0cSX4`@jjG*rC>_;bFS*HA|;@;@#FPyoNQ#G{Bp5%^HW-($~%Qxjbw@B)nQ-qsLr( z)ugMRt!6W{CYI78SV?qeFER8t$)2i#$~NMv-!({d_K;6d54)s~JXboyrRisP_fgVR zrBu1eYW0ovk^7`=^k3#nNRbjqsjV|?O5c2P2x*^k2nUwleo{EMJ%81>y=<-_ORp;G zvP>?}@c#^ULB`)I6aw^^3AKbXa;MFS)vROB@nJ8=A}m!kHNum>2PB4nuv-{p&CSM! zmaNCz0QT&L8nJ-&uGn$FphPuDYL*E-)KDpp{(0o>!%k{N7rv3w2<4+-pPqaz0hRLv zVXlH4fadP%F|g5QO+lWw@B4_7WTF4lC;k2mKBywqP(;G*eNtwFbcY(EP+ldK?mh9j zi7@0OZ~&5oJp^QpiHVW#*zmLG&&TRsGPL)0GR<|Na)&>clNuJJ3$hNCf?K8Zi*0m; z5G6wYJn&~|XjqW9({U+oue?Lyz{5Y=ntBVLqiT+ zyPpX~I@0v4(z8ptSHLs~V{N)7^=Lz5LxEGTOc)ec0IxTLy^E4g(UXnWX`fuQWqNYfO5r5csK5GiOxb7 zxKhY}LRGT_bYy`o2JLNqe=OuyjU@NRL}v}&ql!7=IFr%=-&@V7%bzYkx!I!RC$+&Y zb2m!H(ExoO#QQXV+R2gEz$uS=KclNx&Wh~12CRLAq0ao;{tM3}gkuPl)YnQG>n2Qt zM-sp#Pina|^WMX~rTFETtV^wG*g@uQBR5OkhD%h)dg}47h8(r&nA|1X@-*I6FbdQa=0TMF`~NYpFTkzk)iUm;s=*u~ z7?k~6V>$*3%V6-R4h$Y?Nx?{?B@PwDrjRy5xu8cQ_mo}k^eI_hEeGVi+LDo&F$g#sT1{6i+&$-Tz#fG zry9W^N@THS68&d)V2*O}ueYF@r=)EvK>d+!an)0yeEN2&&eleFb{j*rt~37F|2Y6B zdG2+1TIKE#FN+_qQTghEaLj_o{KGr*8MlN$3gy86JM5sT&{^f-J>HFms)&WKwB0A% ztsViR*Yn0d5~5F&QPljj?gOA?J@m*tz%)Y zEEEWCC5`b>3irH>d$%PfB&x85ILFbJMM2w8;F#pZjE?AktE;Ut z+#KouRK22g#^^&9I?l4f@`mP4OEF7B*2LA)t%c8Bq>b1y(@HoPOL(-~T@0Kx z3XL8AJ33$%T=Lvsa%$D7X3Dc5Ht0H!Aw&)5Pm*R^kOkE8#e_#YgK$o8Q>3o0RTvMz zXc2oc$6uO9zNO^wvkCN@K}5t11n{$(_|Eh?*L(NJJa}YIn(;715>tBE(1W`lK|%V; z|EpX6yWmr;DHXSC7PHIJctfSQ1`iPg@jk{Ki*JG%&T9FR&+M1J-lIJ>Gj^i1ub)#q z>tJ;07^E(pNE4t{z>fqh=Cag>hhmj6}>}MD;1p0m9mEn82`rRqoU_2yHqE zdvSkxk)@egMUO4-{?XQ$#jM3t6;MF~R~|_XZYWoJeb$6cEu6jh z98?kn|E?tbj3oC|Tr>KZ=d)?#v)JV|H&HQnKMPFF{jY;p<`$0dHQEzag1Thg7&Zs% zP|}EE2=?2*3z_7<*Gc2H-AUq(EtZ$3({Tr9veDDkXJjd^JT(-WweR<|izp~3a08_>eR7Q@*`vsUda!8qjS8w-YgcDR7RzZiO;*XDf;dtPqjaJLok`EQQQx^wPv2H zaH~rsQ3&T_BTkkWlhD?8iTP|$bL?v}I%OCc#ee)Uzz2$+4XC@~SuadS zH%cv@ikI3Z(&iy}xSB&zS+@B6^7rO_T|%)!f>Roi$`0Wk#+r`$CcVx&8!4r)-4rSh ziSX02oDEWDrZ5=_xbDFzlNTnR@!|Sng>^OKv&Vfn28;z+;yDFwz-*>R!KwdT1!+-f zfh?en+No(EgBW#r#~NaI(B9{w#(Plr0C0yPo~q z(*Gd|IymML3@+~RGzTH6#%d@#G1I+qdkvR;^ewoz<*9u>HBZpk6%`oLjwUh7_U$|O zFqg`W0wWun?u>+syZBG_piid6&li zI)p0(|F9|6 z$nI^m)BaC(T`n~X8~5~_WT{&&E{7vp!}jPf%P-Eo)(?V(^HM;3SD8pQ-?SRmxA?rI zjbmnk##ZT-Zs5YgT+EP@{xA+&ea ziH#yg4y(CO+Jm#r|3Av!G9aogTo{G{lu}Rxq(LO41(k+T1e9*1QA+8Mu0aWvZjqLf zF6kOUrBO*~kdp4MckMwv>N)qj_xmF<%wF+y@5^Q%149xi0pR7sq-xN(dX63av?a=SAlCvP_aUc8E;Yx{%O3YS5VyKb$`L@((R<51- zp`ovhAr-1Tk@UqHh~bA}iVslD{Hz7Ap627m{TFA^jya**r>5eLl+p;X4%fJIzfOg#6r?=i-JB|u z&q9y$2rv|ro++4MiqrzXRhqOvX)ZGFb?Ud-(eB&^!{K)qXANtx`SidwcZFZyas@QJ zuxaA(Z|*^!_X^6>bvEwWw@tQLdDAT3m2KElefPCP?e6A;H=5_gKz0^QUnJ z0T1?NMA*}hX`{pVX107=;^@Ff0U`=m|Gq$os+V4Ep?pw$6keI4BRIaHIob6$C7UW`IuOOZX2yL`K8*<#i(hwa(scFF$8H zDvRg#DCFT6OlzU@fP&$BKt|6F+GL1genp=N7Acnc7oJy=kzM(V#G7Y}2J_>utY-wR zC&RxnSb@o@BLl9T#2l^0fzh#1a(3dm7oMZRjsQs3B@;D_ek{!NA6L5PB`v$SmO|b@?VnRl5A65egFdNMcI5S7BtN^a!{EAj6{h*6&M@ zsPiPyK>zo;){)3*VJ3h&6T>e7EW1r>WY`}F%fEi*5Ix$IQ~x^TxeklD=HSh0nsx`1 za0Ns=;zak_Sh^rW84VKr4;(gPn}4;v!y<*}H^*I#&>9|e;m%CAQd`%P{y>CS#9zXCMG0TUqdx`g6y-I&;8O6%WD{{>w* z(gx-y-`DEvc=j&eP-4Lid;BS?Y~$9PyD5}qr>bym8?HuBiazS=dRL828v^3?K{FU$ z?*Y<;=>8>u5Qx*5)T8BM)JnbQ`@RP3cK4B%&>pcXOlMV z7Y;s$I)*Ka<+)J3x_vJLhk98`WsWjEL1~GI3x-GfTrhy^5G-_9Ia?BUY6gI$P>&qR z(|;Y)gXCEmUeK`B$HW)HlAl^#X}SkWDe{WmDv*52iApQ}NWuAv6~ZzFSiu}_BBhQ) zh^)xcx#0h=m9Q_9JS%~g$`rj$N0y8T5(#7a~kYn#~ zWH)*DFN}`ado}4;FL1zU_?{QvX4JT9;t5VZfJLGCdsEaHy#V00FIUr zRDcA{fcMM%x5%@D*+&mf_QXq04W&iB?Y-ggIA*B&ab-X@+ueB&%Uh5^yHW-qS-1ab zE*!4_gQMb{`d{`b^lQ+0zQ=Q6LUmIi`1tsSD(Z4_K|>WTrEPg+@n86c0w7q7fnFcJ zLbJ_#mwza>a%q ze(Eo)#EmWKv?b_&Ilr6csrRLTqN9=EnRL{V)qL4q6Zw3G9+K(PQ;y5J_nWn4p1{*# zF39xLRuvT$(APz~oXdgPp9j3PiA*@)3X?zY4M%3cLdUiED5FM3fL25JU9Fw2w_%jB_aG0?AI`@9t$Twhzed=X!Ymhf{u-z~mGkqc~s z^8mscOvbQiJZsFfR*E~je~GJAtZsq_sw?TWnwnZ^C28U4B7mIN>WyhQ4ZgDVV4Og zOqxQnKMDwY4T*M$YkntlHQYC7ay9F+RDzifbyL%mO>Y!aa@f2oPzYipd6SSG%m8#LKi3tl+x5LYtXqdh&rDfzZQLLF?-r z%Apd~*3}icfW(5Kk6_G1`yuQ#fuJ)XyG~T00+d!-V2b&lT<^653q{vfSC0mbVds#m zNC+$<MwP98M4YO-xEW~C4~%= zud2P1D&Uz62j9xLOMp}&wDv*GULX0501cOHib`HYa+5ZW1 zfDC6eTOeGagZGD7`@Ss4Mpp*=$=o+2B!Cn_c?H{PU$2|~B{1(W>)WGkZ|!Hib;*m>6Ei`Pu{l6|@wvoIcgPs6iYgwv z03KGtoUr{9bLca8_sEc$E9~3|dT+a<^_xBbj6kpOEpJ6d@`GSzhqG|5dw(9$-!|SCE4J?9s#AFhSO+KdkzqxY_YfHhf94!aW{8F_A54@Pfk}i>u*dfH&3c}PiWVJpM+53i}VvCX9dZxx;RFHt43A?>b9OO z|EeSrl%(RWbv(3Asr+c;zTFplz_6wyX_dNwA~x9#(KVnzAvagUUzX23&X7Pfj`)>! z96IeA7<^2p;W0w?V47;U=xxSz;AS;b6(>-n=rCTJPB%J;i`{7I=C<6bL9n=eT4 zoX;b}ndNr&E${njR(paQ9?kQ!%7Mxbj_aIxe-Xa57os0sn{hmLm`*zfjidL=i|0W; zG8evm7&upIv43_~&-2J+jbL=I^bI}JrjB7|ZLBnb$!v-AKOFNcI4PtU9F5Z) z)W!+e4=A8zEUR@VHa^5CG2Yxgm=R^tbDj*I+L-Mki%GI!&E9Sqsq!lJNJI~o=aAw9Fy4qV7!%eDDJ+wAnI*uzb|#~5$o~)y za9S@!40;^dc&zT6{kqw0ca7cWXFoky)KvC*Z!mgjvKuQ|$3aX?tR6|qiSWN3MP2>I zdLfu*_k~RC4U31>-}PC0%jd|6linmTaBF{QDEYpkKoIu8hsE@u?r?hajH|p(QM^Xx z(wzVGgxb6&By+D#d?u##^N#^%OD<8o$)7pcT^DO)|M*J1LUj9Jz2Ql{jLhbyL@krT zaz@s2Rq$c>R?Y{!F%@Ae^AVwL!Nba`g%&jTf5jox!|g)sT+R#}H7Yl*7U z+#oU9K`AM56A6mk;?6PTtrmlyiB+El{&a7GabFT6W5{aziR;Dvv|@MNYgd<$ zY1px`_E@Qw4P@^0>FsA-xNza2q{h-nvB_7#FW+(*_MD#^kuUQ<+ZN)`EVpiA)#b`u zIvm+Pwtw@{NsyRmQD4T$(V)naW5?YDNH+drPL(NHAX%)oB2{C6m^DdYphvlQ|5ycl zw~+y892DcRRCLx4D$~p8D1|?j*SA*s%?^OjT;f!r0i3e`Rdmd~R4BO7R8e>@( z1`P$+$K8L;KOsEuWj>IUI&(izmtwi{yJIIA&e*pa`i?s;oaN0;DlKIYB!>V5~S;$&ptz(&|ji`c2aa*2kKMDHm9 z@JCyieED5QArNIiOLz>9I#u;u5-VvkfEfsrJs&|Qb$4e0QA1vVrsw!rJZHu(HTE{j zlGI26l@|5L#dkyV@O+-ThE>)7MnibJXq`af)3sFg|w^qZ|`O zPqm)q%;BeBl2i9Qs?j*Ok^VyDJ%gU)dsaZcK#X1rX&ez(V+SZuBe-`v@{iM@!LDGx zJcrDjEh@z8nA=7&;C=GD!De0?#C%0SDiZD2erf*C7FuHaq?WA~1>p-cF z`gFx2GXM_lK>^${5QFKs^f3J|+pItinS&;$YHo~eV!x9<$9q13LEy%h?-yMhm50$u zS+OgvS6`P-WEB_lOkaH}fl+?1k&_%}?6uhI+wytD%Lsqc8)W^tq{~#+v!|>jWQl4p zmaOV_9mVcj<&-eEQmZaL@0CL{8BQ#bi+hgN@mwdFF(07OxuiI!6})nhulO?A=|ANI z@+!>ul(n&swS%`+VSVwv#uWzK_9CF)lWx0HJ5RC>=ml2O$mBC|zkg2JbUR;~<`{^o z^I-oyG0GYW`QzHG-N5!(KUnHL^k@&ONy@A!&)t#jDXrs`ZKyT!{(Np$7P-JTMV;+A zv)IX@3cCh}%O5NCjz?M|S^buRkNgw}vN{q)IY-?W5>sElzEyQw`1IU%Ud1%|;&K;& z$fs*+7A^%_$t7lfE_r>t4s9=!muEL`3(S9N++VKa1TB<3ra@CVo}9h=I1`)QS3Rv2 zpMi9_bvhR}Hq003SNy9sp}_zrZbNQSe=2b&RpbJi90(EsnSCiU~v#KZmVR?z-5 zwaS!m(X@_g8KE3bBkZD5yM5?MO#Ez?hG!H#<70qZ;!9kkqod{8E5`?(N8(_bHskh? zoqW9~=A{OP!}{;~l6C1770&nc)BR-U_UDLL36(~JYvp_#@JKl#esSIH+H4tuk`2x7 zlDT4w{h)FXaktp0$(l(#c+WJ+ljy8a_5LB6Nw-RS#@yb533bHrVYDYhrC83Gaz1;} zcIYQd!|LrUk7JK& zZxkr7z_6V_e7i$=(eUb7DE900l=+hbAo)QpIQm~A!5Ht}IphcE$+jiN2}u5a1V;8b4 zr;I>|B>E~H#yhLc?9}lsE?=BrF*8B{4lt3n#i=FZ9Kc8tTLPOV%@*<-K z8(F^rXcwap(@224K|?K#i01%{j1Rak{9&Q~;|oC!cn+}eiZ$bQ4*(2iW|oQ_=)p4* z5#^`Ag8w+^a3mNSWSwV9`T_Fg(jl)?q8W~T86>ZyrQTzSK#?vK|`kj{?cywE*lj(rW*u<`K@9ne*iDG zQzim^VBd;7qYJ3$+&>r&0X0w@F@$wczR*b-tRCxbq}lpd7T0maSx?>hA@-O7R z1cYvK{&EBKF$WR&u0{iMUk`LiOPUW_kl&Bat^C(B_gKNlxxB>?^~nKe$4-jrO#=aV z#^XD;SsUmo;2;uS`YSeNoeHi=KX^+K&@=p(pNbD|vdZ;8n(~;|31(ODpdbnKMY0Fq zE@8@m{djyrZwf(p8lNt@_9uGsp;Igh%>(kTgCKZ_qkpIdz^{?nu5Af{!l3UB*`Fw- zO$Np&0hE>+lLw68xfQQE2;wv*!Ggt=kkKYw^BM|%|4wgD!7itg%kjZNE1=ILu93XO zmJ-6!_br7u48Zb~pE0HWcmk7<3la(1@)9VjhBzQfPBDWNe7E|ucy9P7%)Li`?UHx@}9z*1mdIysLq?#*nz4Sm#*Gp?>uO-UO)&dgy0zGCu|Z0*0D_F1`}7tVtr|Bf z(BYyC2{YAz`9EbCCM9RcU9`TM<*T#&YeZsZ`0P78&52vc0<+UDgQ*q`o4!k*5?4dK zr-dJU*W^IOHUICTE|mhAnZh)vSJPLZy(%j&ZMoZazi&IiL$}hQ#B5dLXDxt7&(1|& z(FVl`-;#1daP%J`{r?T3KuKGo^_9#k&I<3cik0%eQ@T=Nu&&xi&hNp!mOeHaEdB1m zgjam>w-ciQil)j_d@8a4lBU=v{;m#?kTb816@ixiT@E6ydV$xZdDS{R8Z1yVOd9=s z*;$oWYP{t5+QPt5(0b=lr{tMo(Z`B%c_follf)SgG$(lzZ3e)JV*eM*LJqCZ)i~wx z;*NAfUg5}b@8OZC)Tb{@ejl6Ivq*5Fq&(Nhy(dW6_I)v#@_2-JNgRcHp7tu zfFtK~Vw&TDG+0`oQ2i@%@e;h$&-NhoRps|R8Y%tm&iks5t9Kci*|Wls-;K^+ERj(` zGci=BY*bj|gPxoQA(xnmCT8r5kobN5{<;U)X5DUEL+}rvfJFXd2c*5Z3%p+T^cnvM z54Y%KGuN|+v5#pEZq}P&&`;m_5-3kb9_){jSl<9OuRf;L2k+61v+r%2lmlmW+zQP4 zi}KE6rxGDcEUIswa(Q*8B5T+J(6eMGM0al;>(6YIGFIPUs?(P0tx0$+1hnh_oiMog z5oU+WX_qh#eYM5xJml9*jx9UQ0v9~GPBk}2b_OrX2v7r!4xkFoiBCHQrpWSTJboe& z#{wv#yF-EWkIN(A1F+czgfs)ffAfg9WKg!X^9h5PeVN6**vH$0W3nJh$Qw%m?gpA+ z9gwSh|F?Umfp@pK9LM4g)o%*E&99XfOs(53xLr${x4p66S+bt(yZ8QF1S--B_yL?N zI^r1~Ar}ZBbzGA=wFX&2k`!Q+*KY~}4P6uu0Q4u83a2oo^9TA#4t2}7qI>UpO6Df7 z!hRsCGV1?7qU;x4R9xhbSSd?d;*j%}1ZeFH6fMrV$AU6h@ zxA|zU#V`nfaj_j&bCU@DAa(NgYQ$gJ`H)(;0J`>aOkiip1ZP*m+m(UF%lUJs7LT_2 zmimHHukBsAw{-?bPTOQ-Eh67_H7(k3{0Y{8yX)3cuthsf0X zcix8#EIHbEG|QxXoq-!U#AM&)TT>>3co~@PT^iqu?_8ZG4GazqXJv3SkBX~)FtMF# zZ6q%rTwP=2uU+O+0%B=W96f!lbE?^I&y`lM2bq5@xVdkigJ!ujRMBv&0=%IBm2M{i z=g|5Z)13i$Sj0l8^#;(0CNE#${ly-&(yB|mJOI}5lVE#;%|A5stv7DRG~7cpTekb9~Qq`q$YHLuhOJq~y3EDg1gL~;3>JGCo5oP;0A#AgJ6 zE`sRxh702sFv;QwVmrc=LFJJ2bASK8ZwyKFjNaZ8Z4@36m05S3Yc|uDy1ilNyWIXm z5AEzd=1>8Zj+#Y=&%ZA}@gM3T;Y64{d>9f+FKN2$ro8-ou)rq8ZPs5eA}lQIamyGr zgnTeHf=~Ko3?@1_OVDZbpN7Pr=uaSOx{Of1NEJ&RV%>GKfn)B_3Zo_$CG$s#E?$*< z0rcz2=B)O`-Jr6jefrUD5>|wNLTl6Y+3rRNfQWv8Qe%H^YS=1dUI_eDWq`1L+h~m6 zO9mvBE*Le&>P2`ZOsC%1+aFcxKa2|3;{Y;{D_c^2&S$<+uD83pX;7=Q$v#`%tZHB* zIMf=v#!l8_Yckw+TgTA`->8%62_Co_BwqzLV+O6j<{tBW^RlYIR9C&4C;7W=3;d^Q zcshEVrhfVT=*PADcRC5>YL40Y7H>9GjjHUV2j$=co96k1>vBzok1@#Yt<7cUw=9;8 zCR{@(C&%yQ=$1(BXYaX!8lQ~iI?t~)QEZ62kRb(Tc#J6_zbRpI13SExFl0~|^2&Ef zis65lqexGfF{ZVY?4tMlz;2IsqvABCw7C1GV>hFZTB95Zn|pUyyp_w<{JNt`(Bmbe zsikG~X{5$>Ft^OKE^XOO&~0Z$Vfcf%_?i!=+s#|aA=RLPvdDh$#^Sa_Fm?O>XqZDZ z1PdGh1G(?8>pS9rqv{~ZB9^al}hu_C%izy2V#fZkZq2|Ap1*UKqa z%TbQR&#JcnJ(k^%9`{OW(RcnI8@NrBN&U%nN9m)tr`d)#jdS?&Aj7E|*sL=(2}PG? zAbD8Et1=DR?D$MJyjcDe&jGF&zeB-PW3PHb41B%!AmNz4aV_1PW%416T z+t`N#h@#6TVM5$=3VfI1b4+I$0C%m0Fdi=mHJT8I?i;{O#X}J;eOG{C`y=u(_ zK87G+t#|hxlwBXg0~uoQGNwq7mb${h5v9O<*$WQ0wY7cADFR%tAaEl7pnz{bGlhTN zxR&@cM)}c^ha$SRmTMKJt({T#8^zk|_s5~5(O}Na&!^R-h`G4Bq~_$9Gb38t+Zhn+ z4H!src3^22N5nR3|A@bG|H1tTxGg$yy-&ma+1c51B}A{2lW(TW#lJd`$U`Y}>s(~v zL?c5)A}5%Tq@=0I;^X5JmY68|7NesCFU1;@5?U0Qt`L?2`J+8&U;Gu!<&uU2&*yX; z?kH%JOwF#+5*QdPp*qK3QDH3Gz=z_3vxFDFFGo*DkuY5|h&13OFvWDL5-CG+qnGclMFBy}L8eUYx;RAz%B|28(;^LY+=?-<73PIa- zF%s=??ElYzK{0IaYQ&ym#GJeJob=)g<#%z^of^dEP9(27?#J|qiDc_opQ1wlvX#Jv zymD~fOfc&WJ6~ILtj~0;9j<;X&?sk|D~1n65S_HZ?FSEy>|+2S8d)}B|Gx9dK@b+O zs-W(cj)oH3inIoWGf>6)W3>{t1VxMQE+@`DoE8jaqWpvfdkz^ixBdbn^eX{2RNh8Z z5~wuz`BETzd}n`GMs60Ds60yxZkmf>j7(-;Nb>}XP=RI?YFB-zdU2Ra-y;K@i@!#! z`#%aZQ|XWd5?$~K5)>vHUVM%5~J!kFZyse!2F!91BG;1!%_!S7ko9=-SG?{7nlu3} zRdqQKRTpR>JU@LMMxS=91b68Yy#2Rz0k#13BM17|&RnxZ$!9J$WSt4VvQ4r)0HfQ0 zQ&iwDO3)96Tb1j{={*cbC&UFAbL6mkC{5xp*8ZBYtya$1R+YORpy zEXhizHy8C!C~IRyqd2qtZc zqMpTp3D0$)Fl(5EBIB^WW%oGF%IeyVWGr@lQf`wtwY1>(|~7UtXiJ^gKO+2 zJ1eRPu?$Xr-3M#sxVzo5>r{G7SSWpck@P#>cB`mpv3ULA;ec$hnM5n7;=L+@rhcN% z_2FPywDZwBn&4;OqRHw%%l4n&dAFC_**OxQJ1$GXD|#^`f5XwNLBL+N?Q^5UCc z0laU^oS5t0BCSet?&J}00F=ZdPFe@gI>zwz5jJlw)P`(R;8XQ0wVj*@|<%413O)bZgo`tF!a zO|o_&-HjT~z})zv2TQjr?ti&3!||d8 zB>=P`o%rI0Vrn2b-HmTN*Z&a!j#vTU9UcafO_i#}smW<}%xwNgBd@T+jrwy|izZeo z?$ha{0-G2#I4aOO0)Dk^Et<9czQF)>c-;-f84EiPvZcUb;PYBPle_kDiRksne!2+j zv`mQVy6Ia_n)myZ!hN)#Y76!D7lU;LrKe@7=F9CBPq@JqU}C6?m8AsAD^WWd|C1wI zDF;B4J2zBno8FdiP4hHXs8_ z>}4j^{yC3UXbxK}tixE|B|Y$y1iGC)PN`qvQtL#ta$M_nha zle627+rCq)fr6cyIOy7%=0i|tg`s#-c7}YnO=$a~PG{=Tz>S?g9@5xU&LPojCOu6` zF`7D8AZZjAH{N)GiPgLzO3Zd_Qhc#U)KlN0sC5^@B(PQ<047}3|J&GINk;759DzD1 zJ;g_R`{`@k?=Skf%;nd(A9hllmG(SF5Ew0J6b)eUmSo*Jo0u705#HEjwoKLM(2yx# zgeIqxvZM#v3BC7E=eZ=t39~*xRR?&PV}nkm+ly`qA|9!4z-tfWT}^_wK+!PiaH9L( zUW8cn{4d>u}J;>p^M+s01Jt=rw) zyBfCp4$+&Ep*JY_J{eXXX~!f*yIodA@c_#r)Zk6*Hgz`7#u2Y*Rj~s^z|a4y-SWO> z^O<(4qNCiWN~1zf5mSjHo;8ya2UQ>6KEDX%W#GtSND5f6Ef71zoVPAWaQo(ns2J0!*qm{rzq#n6X%NaZFu+|Sf@PO3C6kS-+ZBG-qZm7!d@~L zl|6dS-k=v8yTsZPoXU0um+b5~-xKa)T|1Nytmfq#b=G+)_oU95>W(oLGUfSXE= z%rv-cB2UhqzrZK(_#icls|QU^ucu)?>QUXbHC;Z?(IJ9|Dp2Lq7_)61ljA$&YZ0xr z3Y^5k9*-O1F@;RrpS93_%0QUL4UoKX@zki>LGy!6Ol>Bt?EA4AFQflq7sf%tC z27w47Sh)fhEof=Zp%Q%cT@1~no#!1JB-@p-ILaJM1;;sbcSp|z50yy_p8IrCTI6*b zTu+GR?*eBb=9O07t>!|z=rjOfsE3?~DQInsCBEizHjv+TmcV~)2#W0c+0q9e|e%6*R{mDW$tNDJmsQhquGZTHJJL*!%LsBzRTr4eA= zbw-CYG{0qM`cf5LPo`c2j~= zCN8h^Qn^LG7QE=wj-NfJM&>Vz-oc(JxS@C!`YU+bAz$O$C$}hBfa~OU!}nKa!0Rz4 z%6795d_C+kV{d0D*Z%#n?>IFPCg|prdC9#my=8A(aaR0LtF)l@UnkH0Wb*d%D|}T$m)PC+nJEfp!LOTD3l!z0N8N3g z0wq(y@uYZv`BX@E00rIl@LQzK=58)6s2#G8L-pp5oPTIZGlb)KB!%5*`N(QBx(70t zi~--rBsX2ug?unuM-7S}ieg7<3~KqytYoY>9Ejoeoa58W9e(bA_`?{HV_VF61vPb+ zY&Wg`z^77DT8&nM>pr5pmte`8-g{yfrKF#MVCRJM--+5W^xxYZ;++NaqrE{T&piEJ5OEJ?ke8=oNoG(1oh{; z05WoOr%L!BlL4xo1K>hAp|s*&AYjl`wg0K!S;UmGl4POQEMWsDQuO@5}p z$85dMfX-X-N8_Jag5n;9_{&;wmsBccNko~BTA43K2&#Q@*p(XAI`Rr972j;0O@x}k zKk#J7>oT5rTwmEf1ED`ZDnL8Kac0STKar+RO$rxh+}skc3z9RXKxy>1e46BdS}bpd zqpFF10GH3LQuju+-JSaJBX6#`i!Fj`?NJ)x66g=Zkwk#f-0l2ii!z3_UD3yz8@c3QwZYH=J)EPwATK1S%7`I$(?3KKadZ>fw;W9b?c!xG6{6{YzB4<48aX<*MCpk7UlPskAhmghfTWj@761*B}>a;U1<}7>M z)Qe#8*8U`#O6*fDIXHxT3Ul-0Ijc4@jrR^1b ztYQ%w;1fdbt8`Lvl|00zaaj~YINNE0(bD3NlIsZXp@gS0z)9kb1S1L{4|sr|{|oc$ zKiXQIg;B@@XRGG;+|!i-UQS<>r>HeYx~!dd*hm9nhR~mYsWk(F43%v_1ak8lLXmLj zqHv_zNvmsd39-ycJtx8ntI~DP@Nn?-)a33v!liM+sOF}kOQS9YQ2!zDe*cG}DoWZU zhj+Q2^9Z%(VYBHLsFPZOm;rS~pmRnsD_u`J*2jMqE4OdGeb{*O$GJdt&P;o45z9K{ z5fmF<{&lV!=tsf978^1@E6UEn=5#XVO9+>WwuU)#v{+JF{I8;9?Mf2bv1s>GS);q@ zfGJ~Ie#EdKMRy%GN5%SQk8EuDzj|bQFT96zFe<8nB=$xoDe6hDXDnWPhF-o&|Fs z_gEAzY3zW6)zG4}p*hyE)@4;mR3hzXaX>WG`4rcQGk1b|fd6mUlmhm5K^X52c#jk} zcT00~sG$0%sQ&9IJmh|{zruDYFc2wkRHPQ}xCcBKOo~R zx^PlA2U20kifXTjM0?0_B?3*lKcSp}5O7$_;9P8Rn$g-=0CLi#hoE*R|5KM4K58BV z_#V6kHhzQ-3`PvwNh$1%qp~~1blNRJLlAQLAe;5>a1sdJ* zx&u9@4o+85WO2bF8Hh%ouQIQAX~56KtpremgpCR@<7`z zh^f$oG-Lo?6Si)>6vOo@-g?%>7S+WL4e8KXYnz9X_+^h@2>ie=k{8A_Pd-(r>pB{? z=`okS%k8Y~gX+xv0eQkJNe=Z?BJPj4y!Tgb#c-ul(xTXu6ohvx-e^Rag14l`u`htv zJV5rG1G@d=vox4R3%KSC243A<- zQ_hlmN@||As4K7_fL8N zNisixIT3RKX*oa`91I*BCz3xL{`hnHk?ygsrzd#%;g*!1UZQuy{Y8Hr8xI$OqN?6T z-i45kgpma~TceHogCwCg*Dl4`HPI3^=e}mUjAEm0UA5IC{#Y474)dzO|Qf3?4Ycd-25NJYY_`^|rcN8)xct zT248fMGDtwvPmhET!%3{yQKt;gAn^6owkil;a1v_h^-&x%{ZDw%3esmz+->3h$aB z_ibrwCOddnIC+-3;v>p?g1@C|=oBrtbJC|3y3Jjfb<0?WlHSfFDDp+;1NIPBR@U&& zPNl_iDdLYG28jKjR4)Q?jCrHh?jD$RmBfB9LNU`EktKCZSAe1zEO01}hvyjvKvk0o zt7tgNKKjZ|STQeqSa1)^s=d8kbH!oBDc*e4Q7K4!SM-?QOK8#WeMQAnQD&0n!Ya3E zsIY;OgDYu~dTDvNYb1uBaH(r9UYAFLU4b^ahG_^B!Gjc26Z&4%-z(U3@UG9oVG+Ah8MSbW$8ZT?=uZCiCmLU4`lMTGoZ-? zB?#3Z4L>tHQp9ZsX>}XJ3#bR8almY^fz5O<5~=5N_a#mX5$64%1S0!tLl2KTuy=0J zxdFD2NOHvXc6Ck7$j}l@x9y0qv7IRCN-L_qjW^yM#CLeFrOEMqg@KU@s<~4?9hpCR z2p+QS=`Qa{(12;@P0ZytMR2 zf9bY&b-}Lt?BZgy{u}s{cZ3g7-y*@@*m97za*W1&T4CGO5>sT@fw@>?ZO|ALsn6v! z^?h_GdAmVF;k+^=tFZZG#`?5GL$-s@_*&EGxdyhqgaiMU1oCfpekOi=f#C(RD0CtvPzJFaw*cM zn6W9huN{;HohRclmT9BEGF-xUGHroN3>AIX751+3$ZLDa*Aj4_3IGawm+AeJPuvU%WB2WfZfnriwne^Zpb!B0t zr3&Y~h{(uCg5%x$;~Vr>Hn;2h?=dQ$5dP(r&Qb!yPhZ}}TZ7PSUfX5w;!GkLXs!zs z;9kA_%Sr}kL6X8k1xGn_tC^$8wI-W4wWfxATFx&taFz$A--yt3A4&Q{N3NTP>0GGNUZVYJ4D&X zFaW_9b$Q~1>gC{~E=9$~%230Z);4AIX8uwXiiu#2Jr)w5Ae}lz(+$xrcrDO zJh~r)X*i9Hj5M)Hu`%DG1?gA|@q;fSJh42AC*D+Vqk~rTL^L(vi8uff>d*W%WC?lL zV$p9EpM;YXgX4iqp9fmr+Gt1AYF{_k2KnS%$Q$@bou<)`(9%5jFsKo_j2 z&;a!^Q!^B$t+gp7N-8QW^#rEjtE>Caxr;IP_QAABRbx4F_IZ(O(ypYGl8OS^;;2Ub zuk0&x9R@|~EBv_uCxLec@8T+^HqZ?-0-V%!k6?}a#(*_rc5P0QHW*kNDNOr&dr)Iv z(e?_N^IC-?!$p<|eXdF5iz}$E3fdUBl~vh>gJVlPuQt71MqqezIFt1KygA!^UJF3QqD!=jt^E(TxFdibB01nS(jksemwg++BXcc!jXNCEm@YGVqp!mZhf| zlbJJRQp_rsz4U7h=F?A7pOdih5g-hfLIf>evaYAAOUudzmf~@Uih44GNeR+RO~eoa z`mlb)C#A7xHYJKd?7Tn+aL5*k0-^!nlyZc&1;rtEWT81Gy}gX29NHnrR)>PN8mP~FI$|hkvv@+WcNCOiHsc$?M9D&D&iCHol`*9218){NjY0$1_X9Hi0VR5I3y$D z4i)MvWRRwTIK*vfiGe%QB}e8Z*G*j9?!@&vcT(+B4R)+3k>H1^J8G|83OSEOZoX`< zZeq_QZxsQ>YK;Ks#CQeA2?Cnm?y)N~s&<7|72STr5ZJD9BJP?aPTK|5Z;k3M5Jx_r zoK6?G(1()We2PH52nc8zw%1=Na(jmvbHn1*1yWM8MuoYmvABCTuA{urukc|=g0 z$6`$@N*+YXvKFs+Yd}mx09e$yAd{^bnh>JQPX;v~K_#7sJI$b+ZE>ghgrf2^aPg!U z*!(L{{)P<6_XYEC8+!lAa9+KXMMPI{a$9Tb#6_v_Tr%kBD^HLVRq`M_^OSDLFIqO5 zfd^;2`m=g3AjU1=8upK3uvnLZD;MvJ*`ok>1^YX?w!3=`3DSMyG^g!>A+CougpqP_ zxTx=1>o!~H+?;7ELKize9Jbq-M2qH^!>`*ero2P8lFc}_S|+-k<|r{%7pgU zf+BF0wmafQbk9->GmY+T2VNPDZTDB_jG-fNcMH7nLEd9C%G`PR&W(&>w*~&L?5Wo6 z;WzF3%koxXPbJOR^KZ)T_{ir)marPPPFwg*KG!oZO*_RXo>W|;njT0)SC$(?7tSOf zb&g)*4(Q8$1C6p-bwi2!%jcc!mhU>7jE>2bQ$))|0v{6%RbCka3L~`19}azE1%#l#v>#cXs*BczVX9aV~V+SpUSB`TUOo6!}4Vcdju->!DQw$f`ntCG!z&p7$Y96PXIclZ3Vy5-K zSp~y>gQ<-L+$HZ@oCqatNrVymd)vIg!(pCB z*UqYH+CWQt?Y8o;4NTNk9gnZ2$fCVKIcJ%ZLftc@nj+c6Q#Zo6JyLtC`(>!$hX;W~ zWDmr9Mcmi!Eyi1}n!fO8dw|6?=gLYV*ELd8YTVzJyxLvUTwi<}U3+7B)^~>Udh?fX zQs1CFm8$m%o)+qDj;Z1_He`#``CEBQBgu}<;?z9kR+73Kim9R7jr)?{=L$o9+IRQIW1Cd{HMNwD(T1k2sdMo$VP zF$syOAkavNEowec1Pq88bU%G9T8^kLaRgr2fKT|;fEgoMMW7iJRTu^0a`)&Q8trqa zObF^GMIe|kFJY8RM{_*K9eYA&e?eo*5t*xV)%D&AF@Xxfdk)@`Gc~;I0&ZXO`8}q; zeO3%`ae7=>>-=@UcLOaqyGl}b&=#KH?%epfd#^n7osMDC+o>A*fe!8xjJ$kKwmrAK zgLoZboM5*AQsfo9&F3QAg$1<7S^7+!SK`s+0{aI>uE-xeD5ezB%sxZPn)Kp&X_n_v z&T}!d?mi+7*U7>VXJ_>OqIC?5Jf}m2cTrihqlqJ_Jt=)*=8LPa!h4?-!N>}=(bvKG z-HlLB({)S3moaSjHs8~5u+ ziTSl_(xqD}!4UzD?ynWt_g;Qcft5S;F=|DRds+0OHR#CS zTt0{Jif)17HOl76Be3P|@mIAUo%-GnG@DFbl(?Q(OT^xL@k_9WQ1NX#qnruylt$T7 zhZMoHn>Jt^x#AePnMVq`_G_C!5d-QydfzlYX!5d`Y%&y@M`FO1{~udl9aiPmybVYR zNQ#Kkh^Ul;NQb0IgVN=pyQFg;KtxJfB&Cs(?hup?k**C$Z&F}`#D;G@8$IuP-tYI9 z*X6~2R?W)7D2Ny0i1GtcBlyU#N&{CMu$PI%k1UYJg1H^0MS*mp1+pkrliB(j zX{$h$_Em6*|7VJhq1HbJi~o5Mok2yFiWtk_jch#ks1JJg zgyzC%YFCFb`d=#xVkXgP!45G}v~m}5r%?^GU)cZNFH+hTk>e7s zC*WDUzdvK?j#AOaK8vO7k)$_dPDq+u>!b zo_l$TQX-uCIVYFRB*#EggCsYg`q;kHWg@Hc(ep>6Ip?Tk^cGnx)p}BJYW=fIHJx6_ z_v4u6J@jk}H&}ifm>(V2mro*0KeBiUmJk$q*rOtfhf;IRPn zAQuqXc~f0LgBxBM0-rH8;bfkF^L*Q%=Z3`E7`4cE)sbe;HH9IdDUXw)FgW85TfXWV zW~kUM$A0|af`A$BAMQI667DXsHhao@r5gK0V)VC)4Zphw>XGMgTSaz*>aWSUxKxJG z3TeD~^X7s~@ojQ)a+Wb5f<)WQF6=5=VYZTO!D4;aO(W}ZA!lfMnjH!q{7wh$v&wS~B|c;nQr+z3G3Y4 zyWU~5;U6j-%?%ft+YeUvi$6YYZA-o4Lxig7bqC5o$_2OU)|%CnL8uF4+?qc{yw{So zHQS`;#+6}!iMzQ4FRp}m9~^ja`<}XU_^S)e0RY4Xx&p9!uZ@E$7@IosR;XS>wBj{s zzm0J_h=|<4OUv?vITjFCX5^gF?O>EDo4-4B0=Sa<27?y8o}Mh zzm849`!*$E$|jhe{%WdcQ+3Zix$bVT9JL>gb_ao6@0U4J0F1i_^&vEhlQF)>KE;L zc(+`qDTGSZli@e-isQc(vwd+Gq)$Fs_DNpC=yH8*3%P58+uaiq7IB8puH@uujyAb9 ztPx9a@RT5jcBA~ZiwxaS)TyxNWN)$nkD-17C+lc$va_i9qArhEN}}c??MS*A=TG;x z>d%KCY<%K%q8mB2pHjce>k_WvZ;@t?>LA^meuKRJ{cNSsCqnH>(+KEFbgC zoqvxMT3qqdT01_xeuaTlF}<=@^;PUr53Qy`jN?Lk*Uo$!iAt9tWOL&J+|-Y?Q%P|84u$EkMhV9?7z&{_Py-2MQ9MndF157bY^z>npM zF$R3Glf&%IaE-S;=FmQJ;ems+(mO?MZ&K%b8l zj>E*n1hzx+Ewp|WUoM>T)iN;f6AVmxpi#^p8Rt;^!r2Ifc8$P|+|GSXYz0Og62^Rp zenwy}3~27KxvXq3jo`~CkL+exo4s697AddFYiLyQggab-$A z;p$@}BVe5S(R33qar|*iJ#+J18ZlqJdu(h=v%Uw>i;MXkQA>D#g%P1yv(shM8ylr3 zb#)h+`3B-uGiAEoJun7LcK`q>D=RD9QS{k`h6SFLE>@5bgTtR%fSax~@l<2T!ayOv z`sp-%>#NRq*1FZ4qS)>PPTd=^uQB-4_WisyY zia{r2>s?Gb4oL_B=?6nE6pH`%`djeFw_(=S)-gUO2VLFOuHEwXb}_B3YEiwtEnzV* z=)6B%TSY|Y0y8T)H$i>9^bB7`fr8udaaY=P}7xMHjw{dt(X#-c*>7=YHOXnBLvUGb@(J z4`Iq3*PxwzfOW9Iy4~a(A4bco2k_CclV4pM8#Y+{#%9qGP$c)6Y`kXgb;GABpi8Iu zOHP{^`Jbt2n4xeO7b2n9|JN$TF9Q-wqzBQ`!a#At44%@H$Eud;?OjGd$zY!dfD(1p zsAfCO{0JGXpFI}y<&L2ocp<`j9YW;NpBoMJKRxQ1Oc7z6j&-U%z>?rEqL5eseh2WW zlUaKo{snQZe~ytIL+fP!wNJB`APvGJp^NRCBJQLZuzlOmAko#`6?6fP7{U4v9$DJj zMq7h;)so^>H+VBJyQW49kn$FFD4Us@%E`#Q`plfQj@G2xgf{T!cL$nBC|diH)Huh; zS`&p+_5qGe4wfm85uzvo$~veJYvw!P&&7AJH#$^YU0t7o>koOSyCc3NuB`)+m7aIY z{gRm!^cSzO-``v}UHm3dyY@ql+iLg@wSbe!_5$nkUpX4hWGz9ffkt`I36S70N!HZH z$aW#Al=fb5t&xMhmUYA8^>-!y~47>jtD=Ot=~F zu@Ky1W#x+HB!bX{`}#nKo=@r~Exl(^H$l`eHWthh5D?trkc}K|^b$`se9kD~aTFaBL*MDha|bft7Fe5`9N*!SObMxO5y?W1d61#Ny>i2( z$X7iw)dZ>g%`EvRw0WP&$IDjU37@pPTC0@bj(D3C--|zrL45_BC%_>%hld8{D1Hmr zg%fdg6@ef}=4*UT5%y36l+T<4#f5MCrby%rd_S0&uDlnx?+F3sfl}$^nTk5P?@ijj zkU9OFc3Llu0YnEIKKmws!yUOQhwS>z9qdavUUmp(;Hix7wk5#4xEzW~F#iGxt_3y|z4QdYZsOwNoDjozk7k^cOwXfYMllY@$)HE2)4Xc!+GG_7!I?R8ls1DxI&9?J}w9sFNU7|-c%whvuXf&VsOgn1anD`s}NFJHcVqOKlO zNxn7SrE@eCy4^WQQ7Ih3{mmRB0GRk8p#Mt5^m^=?9HO$X;wXDSo+rDaqCy$c?tBuB z=EO&B`&7`ft6N5Wp6~9zPbIZG{x$D3#S-W+FUovf1j`I4SfYsEKHLY~l851z;B_KW zaq)70)Sah*+M2SJ_u<3N!A#lgsw$0C&squMXBzTK22G2Li`H9r`yh{F{+floebm9| zHE{Hr95l=RVv7)vE$~9YQg^a>8%k-ewG3cnR*0OJD*-$q(x`AjX~C>4%VwV@Ov|_ruSHU)Fs7oF!K&CAx2l zZ7Hr&2&8>Z_N{7!Q}nZKp=mw@>Q^-Sv3g^JNSoWOLE)z6ZII~F_@w~?DytD)JG{-a^GRkf5UJ zr;5oia2_GW}HtE%O6bqij) zxpgl-kTe}kR#nr8<&u0w6!oI*m39GqV@DCkKG5E5fUglvweXtr(`JjKcGE|2rN)*@ zE)h%cD*;)({{+N(>0KEGIsl!n_%wv>BJx*)ooxrIM`jh4lvGRbBUg$8M#}8gALkc- zj0p=<=<4r_OD@!-Q_Oe%ZUHLw|7HYMcr(TJ`{3y9nHhaM z>XFIMJ}04?_~1v^!t%|p{yv{7dVbCxrCn2n0NpT?oXuVdR zYYKJ-12Y_INY=TWD^YWB;JWS@3$laXzkg?{Cw|@&pCW5IJ8xBxORYUI%KVL+$BQoD zcJv2F?1zxOddKjM12H>ZTui(^JF(SITrjlIgVz=2{HmvhOeFFhFtvF^Hy-A>ebrS` zQrc!_<>BFBVP20e&vjx0eE(m?!QhEQrj5|wXvO%~VD zN;=u|R`#)tg~cZg`--Zn?hh1wP8m6>AFXd>SLG`LSUIbxQD0D~zGz_wa!CVK#e+<= zwW-1V!|@fzLrv!`TL3O)=ch8PyY$hlwY9aQTx=khq??9Njj_s3Lgi~*pW5~;*KE8i z+gg1;RWS^LmGMhj`Xxo!=0Uf=>0d`i9@~`8t)ZVgK_S2)(1E5jCc!*ye+;EP>~F$A z4gLMau$eU5q>EpNdJCI^eEvgTUhT--XK5ml&({STyB8FG$>6U<3h>raDL0gTEx)fB zbaT7$Z&{i|@1|e*+pbz>V%%ytmiOFy1_ly9ivKP21b5I$=)v$Wgx(2Sp=#}Sy=g;_7x&JcBwg!mKm zJzLFbeRv{bC$inYaa7-_e6r0n`|}$0Tu@-x3-p!4K>FNh>_beMjY|-Sf4Txy0~S%5 z{n7+r_jaJjeLE+R_(%aLsX2v&8~U=|CzK-mu_60x(r=P&))Vgd1;K|Zzg9?hIzPgp z=1~TZc^pT=5mnD=j+4wf&S-gS@*Y2B*+iP_6Z4Yj^7CiHg`R|6a;^8#5=%}#?(-`P z$=@B(&q*!j^mf_@lv7GL*Z{B~6=w3)agi)@nbw^RP~i6V&>mXtsbzM z-~!VlMA3KnWBh~$IxleYQ$QZ<2%Wv5q6dYv$Hy0eV~BX6fB0M<#o0IBvU7`YkQ(y% z`2l|Z=*6%R*ZYic(#u~6#_(q(UXtH`hBg!(pr0haN~5*X?PYfjndvU9z{9)7xP}I} zir*ntpU}t@Nl-IH^|zeaMVD$np%kutKYa=_6T|LM?wFj5eoVnt$)|)%6ntDSE3Xho z_;a)@un170H=gu~J}BSs(R}_yS2j0{*5LNx4)N^pg9(skqyavSb6E5x98e6znNHF3 z>EZ|CEjF-lp~y}`Yqwg#*Vfk*qj1z^>nCyX&?XsJHUL}87}=YKv+GtqpPUpj?cGs3 zn&aI|5x6f41v_d$pXJFSW+VVr3Dx_2vvjoZLe6YUiQ)LI;K;Gs@3wZ6HGd2cG^!@f zfi|OFP(_tn=jw~>-4E86=k;(_=I|Nrr$bIB{(n22kSd5$^6ShnG<*AI@}oM{k#|~1 z46DUuuG~FX>shlRZ*q~XueXhjA(Fb7}lIhVz!+U5Cso_VeaXk<0K!VEN0C3`r_M52`l zxCURaZo1J$A*Ujrxag}(5I_=ix|V7Bd3f-$?SRbhQ-kj9%Xy?qB4rKv+4?d>obi#< zEl>H&&ECS9jEcb*Yn^2W8i9Mb*Pf{HTYxYyWpNH@i=rB3trk1G1oQK)AOI1nP8apUU~us?3@Xv%4NEjn5j35h(3TGi;10O)3|~{@4t>4l z2g5oUF|cR;&?g+!sG~EXPdGWDi$b9Ji${V_curfQ{UY=yl3L~$T*`V0=5v95*qoK75q!htggumq6{pUYcz;kfJ+HCWPBpuTy zmN4%h%hICT4`#rYQQ*`N^E!^MmM4IZ7+4McBlUC9U?QBKowWY>hzg7ugc5Z*8q|6j z5;Z~5QBf~eEmj|a%U0EYT}7;)z-KoG9AuhVKog`}=$*Yw;4mMf4<_WTIPUG#H?ZIY4z!3Oz9KZ;Jv@2P_|M>T>|ja!cmEL# z>0 zLcrTm;H$}u|A@^zR);cgH&?2@efW<|zErL@JW6U&raH6U)MT&{o%LjLAd&G$gS5;GPMxtfIEQ2fmu0SBfr>gSKvt88##PaVfIIuGI78%2K)M z?kb}wf>!?@(*TK9=?%)(=T8)U%44rCcLf)xGP5crzm4cuveobH?~fi_%DlzJr>RSC z0UF5Fpt!Ryys;HBrm3}NS-%%Rs`AH1YiHJ*4PMp0@A6Vyw)>9>2ix+Ua@=_*Px#kN zTIbZw(WfI(0c&*qrKo`Qfv^`_}?j&Z)fVMg5kABuHS$+@v+RHpaBEL~Jxo#*V0@av)qXG=Y4 zF+#J>G4>}M!QBzKRf`OKV(b>iXeB zhdXdj|DVeynd;YQ^SKHgs%s!c?329g>339G{E6tETtY%;yu?PGC$a-CxIFl|c}U1)gm^I;;7<+HhtevIGN59|;*#jld{Bg3QiYI->vV|rWU zru}L8wAX-_&oFb{-{POJ5s3Bd;$p_7$Ed?Hz9OIVgDOIGQ5iY8sMxspoCYx=ra5yk zxYz)(&p$To2ma}DP@mJPyKP$0?XVlSwws+eUH=Fj5RfNd4^o^)!riFvMx~^1SQ{8H z8h7kO7&EiJRXR~KYHP1va#Q9^&^)ixA*K`k5h@zNNzamCSSJPd>L_xW&)D-GWEF&g zhF#E*bI0j|RtKn>ctA^gitJ)gWqnq~ePzUZog%te$`yHA$x!wbKGkajH*!B{KK#$S zGjpu40pFi#OChY9zw+hfkW0pgzT!r>y8?^7Bj#mx@yg%6jB*PBb~jXnyW zkM_fx(}WUbRgY~Dt59q0g?1&1J3EIeB$jJ|1_BZ5p|w}t-A}XsYO_|Nk6&OUy$55C zlU>S8t5b%1RJXo%R8HcS^F0HgQkL`W>w|`ZA>zUQB$-U!mexJmPn2f9P?LZzvBU<-7VhY52)3z@Erm!0X^ZuitW5lxjRh zaNR7TQ@+Wk0C!%i9rcsNbwHe-{~F^cJ8`H)Rw~0iVMI)UJQne5|B&O(g|(cYA>4N3 z@S2u-KR={f>WCC(ub%bHY^VG75NnyhdtoZF(+@RpenY@N(t8!PTU6rrwX_Flot}ZTVozIH-s~0T#o_7nWJs&diK}{0obf4Z` zdKDIH_uJtC)8}X0nH58wFMSAZ-v08Tf^MOnM2z9EVVk(fC*2Y7=J9)0JngUlb%UZF zKDF|ki!(uv!sBZ8V9fO&{S+-h?z_}~9vOVcsNzv(a8_qol6TmYA4zBy5yw)_`ous< zV;kcb&jCSLw3)Jd9FN-7kRDjLGxA2DavOMhW<<#b|Cvk{*xH0^^g_%=4dSF{SALzE zpDT%;llWPm>fQHu046HP8BYC&qT-jH(fOcy*|tUahJYFeFy=aqv_cKT1n}GOB%%d} zgIN4tnT>J08l-Nk?kPx3;N6&>c5){^^n9&A%`?10{u13Sd~ts~hcQfhYZ{y5=zTQD zI0@39gDZQ>7UxN)u^2PN=l;^!4;%806y7HzX!8jIL2FXuL$ ze*Jh<=tuXPJ+Cu%#L@QYv`wGHMG6Y7C~pDYq9^FN5$b=0MP=v`x-sL{vI+|WR`yZj z&*(wp^u2jNu|&8%&Eph|Gkj&pCysa2D(KbnBg^g83cJ*gVpBqOS&ilDAeyDMi)%yQ z=h)BFEAA+pDbiRLselAeLnO%NE}kJ&;{k)v+Y~%yE#6R)3pF`qf18-dD4?w!9g}ib zU_yJ8D>6?kl+dY2P{4PQLDeM&{2jk8!yv}iVe@ITQZUVF?Vr7di+kt$M$Zsu9pk0ek$S!}o1;|+XMlau=fKv&CbmR)hvTSCU73X6r_g_4 zLxzDDh9h4bZ~VMNeQJW$EAA>)*Fm4P_xGE1FmWef{JK0!d9i%34>UAFJ*CFajB^*Y zTrLS-*p^!?ZxdoTSfoMtKfY&q?k4vl)rIFlVx$RHP3OYL`^8Q9&w+)^ZYo_-K55pS z5{h2Kn!1p|bVZ}yPih6O5wxn;kg9!?f--IR7T2EK_D|yW$T)3VX}(ur;J03A&;cGZ z`t`^Uz5&0#8O=h~>F2#|Xgaplcp1= zlg1bmvk5h$;A#n7k;9-;eqF*$3JQ@UcrIZ!f^GCfS|<4;rs0UeLW!D@Xjmfz|6wF#dZoma8f zy1#p@bOHtoVcWF!3qR&MfFdLIej{%@SVF|9Z^s^O$HcfOj#f^2af(pUVN2Y7tAGIt z?x+qPylHrl`o!N%?2XfKC)uc@Mv=!5psYTA?GhlSqeW$#p@m7+J(TcRhynbf`bT1O zGG*$N{`EWl<;~4}w(##KBIk|4^s%~jbybIrZ}0h^Bt`nFoUKqbZ(Ug;r={qcoW`2oD=uM|Hn zvWYLQs<6$U?N4f0uZ|h=D=sV1QOe-9)BJ_0kD1IAsrP`#Y8d}$bgY>v1lJvv3tr9o z!umi`SssX5zi-1LeX6J6GJzm?-ytU|W(Zu}dgYG^irZV>D$Hc7ZwAO4>nV01o_O~HGQR7*JX?Vvd7{ZOP&jd$Lgq^Jp`ifZ z2cL0t)8IdN!$oEHRoHC9Cv9TdlDGmYrKr7}@JHEG`xLMWoCZ*7J;G&QJmWAbG`ry@ z@e{whA~*UH!`oH|umP;lNQ_3eruL3fGo$e&t(yhEG~G0&%VTEdFU3O`g? z&XQR?(Otdi095BExe)Ky9O>}2BKT$zd_1u^ai5b}qIyqBfYHqUXOESlCLLDma;|fQn6ZPHg5vPTW>CIKL(h%_C z{n+NGqROHozCdG~%q75N3H>$l+67ce;*4er4{|P7-6~kUGQ9m+~7~%iYkk0)xwQ zr=G9AaY39b)7O@NwG$LhH)w)Zg!JFxjnxMKDnI0 zldF~&yk!iSi0sEP(wh1dzqZpvZ#sDb~N^7-D0(}Ihp$KX|42GTpAkDtGp|d^-ZQcMwi6R@qyEsH48j*=h$haKTGi57CW0- zH>0)Q{#@ewSoElrM95W`I8gi@c7OeZEX<{Pc4b5NqUKmF?f6uktiF7Ul!ivi39@DWV*#mn1MVBGVYCh}bmmc$Lv$;Mr z#Qx%1IK?$*#1l=<)q`#HLOFVHog)AN{l_!iy^e+Q6N(X7B z#hZc>t$UHEeOZ}ESbwl4IEe=5flfTq*Qc9LG@2bhqJzv|`u=rGkoI2;N}6tP{Nmbb zfD&xQ&|6y6=UhxqUA?^D?$+?ZH^zV^F~1$#+WjA2FR)Ki{kdx8Q#sMYCA_fZqvcD6 z@sTqpn3)~oD{Y{Qm(c+=_3p6c>(XrA*S<^7%MH)*1~oK4@L#@k z?f(0#W>**D26GVs!LI4hI+vWBTxk?4cL*fz9ElkK=rZe9{{6T+VN3fB*@f;lQGq@6 zeY47d78Vk)r=st$>*fey9Jz7ilgE;6_}GebE0H3c=ch>fn*xO;XA3^NYs$XE{~dbf{{Qf<>pB}wt-$}l zyT<5DwZFeB5UYc`=@?7%*o zCp3%`6Gm1TckKNT=bLp1Kb@6rUYAy{fcaYkceHrW$w(dh(UvgNdNq9%qAn+}PB^PV zr9Vwn=b8d-%C`e36$I%_4A5#;UV)1QqzX=6!s8U}cFLEqB{1yN8tK+n!E*PnsDQsk zP1=L~&9QC=IaE)(7o9H3&i?Fu^@`L1)LZm(Xh*Dj0etbw?)PJTr(f>+Pkm^48lDvk z`n?Ie(aQ5$9m|9jI(1kUu%2>`r4OKy#h-w|7*pI|(cXc9bbi)fegjYWC2GVKIRbvd zTDW|VbdSy=eVJI5HBQp`%-uc|R!D7~^s+9g(>ISLpfc6*ZviPwD7-#}Ct);owovw0 z-y_g-sAMfnO-=38Bh6#d9yo7F8=P_hW&tO(?(5M7Bms)p5T@SDRpKpI!N}EeU(fCp z)B{YQSmFBDr~K;65x&QU>7Y9{)!i!S6j?cDdJ>`U^zl*U*UMH}SNd#6{Xul6PUmiE z8KRITs2y)mrnTic&=;MMkg!`iPKMbGT(=`znbpX3EJTLQ5rRN=suuYpG0-96&2KDR z7tEy=?O6K%XD)yhW6UO|=)_Z^26El|sd>jM7{3`}V{z?lH)~sl|CB#uzjCTY&485; zL_9mAU9_DbuOsSo_bA-5#Cx42U8B|KR~?RU#P@NYfCwnJd3F`ZyR*S6`oTc|W+3lp z?@2rZz>)h%)UYjg3M>UWC>=Yo0~{29Rhn;60h~Z@_o>aieXxB|tvRu?N7o|N8Y#8{ z#(E>GsSPhedWIL62#wZfHm@Q1A^i(%f}q{%ft*$_&nIY$NPf$#nw)h z<^P@PL(h{KOqzc=Q5EeGWwDAkDhxz6lHHe^o8YVJi5CHRjIBEFDg^*QSst%iiv!mO zOR$uv=K-wZQVoD4It1HbK-P_B2X7pqdbVp^eu;K0eQim-KlC~PP!+v;ahz@k!0tX; zHkY31+RT+L!oVWCTCN+7IEZXck4Z%tf6v6QYg4Zj8S;?31NIwl-419fbN2ds%z73d z6b2Gb)%Llg0JO7Ga+J<@M)BmHe`o{#!r#4qF>;ZA5jNDlh%B7(?WD+%9s&i(D~h{W z95)`f$iX@ZE7J7}RjZSQCHdnMfF^TQTJ}7HF^qEPJ3nq5W>KzRBLJI7X>xuaAG_4x z?5K}+x8F`EFo`9mgXl`zGj17dZ-~dK$MS=^DESi*MR9cwr$wcS-oVp;Y$OirFq~!w z*%gnBhh|#&-oXB(R!B4B^WRP9>}3)gDOJ4kBTrW;m6}FA7{f(ASkU(UZPKi|?4DH5 zeEC$@6!LTfL6$DZzu8HLJ&&f7gcdi47^i9F&AVbtK{>N%Bz2M>6zvM}?f24SIbPxy za#%+oqM=;+$bGFVE0JAURHZn+Wg8rpcGic1c?^8AqApW7=qY5e8R6L+NNby!5tO%JpN4x@W+xew z+(3zMz0VqZ;!}L8tf6Wau>n zGbo=2RW)z;DKtK-RuhS=K`Atbx3B!WT-d^2y>2=cw)1j+o4 z5;{7%ERs^7U!)M^Un9QzUd^s*+st3-Xv ziw0p@_LmKmH+#oLn&Wx&qfWo)SHs#-lQ%*GFG_M9Q6 z`g%O4D%$QqK!8ZKIALm|gimz6C7;sao-0b=@RqY z^5#dF{=N{fpE86Yce9c8rl6RAR2bkIL;%;2N?(rs%rHj<0>S29Y}8JH_%udwcD6Ji zQ33id7ywm|k~*lgG~HK^bga0C+ zdL3c+wDDzZOaLTI?f8MU22G&dqHt=ooO~-M)U1Ri1wA1s!SWJ-YWz+OU|yA~ldg33?G?=D5tfK_22)fVHzy-aMSf$%Iu zuW=`l_HV?zho3-POML2&WxYWrcV#H#gDzM&Nc*EdnYUo`K@kig-t3?6BA-BmR7(&> zZ=ok}z(meU?53IRCm5%HtZ{phv(4|PCRWg4gRqmKm&w=xV&_!UkAQ0KuHQC71X1%{ zy&^QY3aQcDTkyG_5A&=(*Ab@QO*X(TLIrD{9%eTTXKFOzANeg%UjYGRSF&6t)`Jev zmGK)U9fO{}Q#X6#3mqdJ{yWbX?N_8pl!)I$fu;8y=%}UT(3cmq2m|0?7@jxVO|seB zZC;*-QfIv>3i!E)MA-gw*O`7#Q{XeYWnu0UG|d;U0!d^W z72dtM0`09h@GJ&W`=R2dn}H56!2#+pIxr`ZtqLosbW^}tS{c&cF&wnuWUS}nUV);e zrmNtT*IKg-5Yf5%(1w;^Ai3+#yZcTS!`(=<3>&uo&gZs&S_==!aKR=5B|bb3-&f0^ z2iH=ahM>xEz&wLKk=5@L64sh-|_?WTt?6=rOLa>m%|{+`rc28L4&$_8Sz zt@>V{pCu~eQ}x9!0L^4Q&}^D(P&^G0YmRn@y~#}D|;hdONsi`{aYc9eAz$}L4QN1lp5vW2sYxi6l8 zitD+D5wWMmb?wRC%3cTGEaR-w6yXEI;5ttR*SRRlH9ukPrV}=HE4z3jjr)P2mseUt zQ#PnNtqcW8vwYyh>>UysD?=f_09O@pn!h>bbh*7v0)XoAnWJe`!9!5`{jP(T)6jMA6zt?Ud*7!9@Zf# zci5^B{&V(xbE?c@FvDGuWgltbYSnROD}1yVvpde^=c4h;JTkYcs_M`hJis2ug<43+ ztn!-=qUsJH@m2(_AruJun~eVAz$X8*s`|F!x~1^`iJ}@ZnF(iyIq?B|)W^s(N4Y7a-QeSMa40H(TDt-PA=t-;aNtg&3<^UG|NaDx$xE`lptFtQ` zja!=XcNBvh?u8AZ$Tr*4eM(iewb$xNIY(|L+VM~EwH+I>OV`U?ym24GN?nbp1`fXebQPNnjCZJ@-6(N&PHpGg(~~T=#O6s?^OCl^(FD?M$W(XUNo)fa2wy0f@i(w zvrqLtBQ(5PU*sNXituyp6CE`dMfnvL%ZMI4m@xh-By?hEb7e8LS6Z*Z^$4V%_bKlq zTYLL%z8Nl>@v#coO}9gO&+eD3T@p#v8L3=i)A&+|I-vSX#J5M(74#qR(jWT%k~9xe z{ppJva%vY@)oq*ZM`8>}s;0sYUVpOStHrYt+kFQL!lqrpblk zOw`8Exj8rQ*=36Mo5&vBoUzA{GvbC=0-oKTD65^}3X85a{@hDck9hqHfHvJ0>wzBF zYIHy>bnmhDNJ!Kyl1(sQ1;_p2of&T8EB|DiVATh)foNH{Z6 zsq*Z+g!n3lLRs}q&@Q6qvP9`)_et7oI{3I=O!O!g`7RHXY1eL_4TN|`$}gVilGnZq zp#(JY(r}efw?Y%Hidf0T2b

XmrYAB(%E;*E5mILdLV&9{9|ji0dxvy?k%=Lz&v1 z2=TuuG#vC5eT{s*bcW=ew5qo7OXwV6Ks6&{^ySDn{MY^V1V<4_kV4h!c($FlNq;I6 zaW^XM3V8~lOQ9cXw9UtNEA*gTxnktZRqXV*c#h#3v^mAK=?1A$D}p5}?+5$V8%(Sf z8`c%{XZb2Z#YsWLp5ONa%IaCW;=933wD|+#9P;JLH2)Ox^j*dTU^=2kZaZN8{N~o6 z9fowhwlSW(eUbjy3awcbh50Pe4S~O;wli-Six}LCGGZH*R;t)3Ilp|B%|A)Z-XN{x zNxP6n8I?{H=Cr;W{I1x^(LhnLH16v`yE5dq7+-zzFIJdwp#DF5((i4qQZ1E1edmLP zi{R)09_mu2R;Bt(SlFom)8qht{wY!PMkf2oc^K)sIn1I%5xfR5k}Gxm{s~6Hs-9HA zr9rv?YU}6e{T(i^N?!r}d)Y^cEGrQn^Vl+2VcFewTMYZ6gG0Aor!sa(w#j6a0d82N zw%5YUr7|aHpjvGGNw-4H!W2<;oeZlmU+wtMD22Y9iToG(N&`R(0LxvBCKtHvU-uuLe<27_u{tMvH(H|8`Z zuBzCtED3rxBD>rgi8}yZVa$rvC!pZ8TUU5EvUkXpT$`PmlcA#>XF{UQH(nU?> zVjF4lxW}fcIlw>B&E_dm<;v`FP8nMu-=3W^DcSo$TXJsm3F|*5#(Fb0nxk^J&{M!4AM1BzPM&294l*mBMJ*hX64@PNy~01L{`l{!xu zJo^%_4wRw#sku(3fg0BcS5S^;-#eQ|g{o1I3X z^dWFl)BEl$IO>S&Vwj8ky_;Pv-Kc4v9!VAux_C*mFQ#GICbuJX^yl&HY6wzyBr060 zULdwNv*Cxxv1(-;;%n^W7>IoaBPcg>W^JoM_Sm;xYPKjNf@1r&t`0>{KYpMdB>7xW z1nmjOl%1(#MhNL|`U$G(V^V3ijR<*cM4lBi#%N>meG@bPX_s*@%NM1>v3sg=ZW|nt zQ{*3dz$15#5kcv2b~hfnK>i-?`L(OJ^7Skz4jgfG5ihpG&jIBsalrb8F#YJ{a~MiA z&zU5q$|>xY%!9WK-pGcY>D^fzbWz5xz;?LzQhh$DE>Yl{tbr2nTo7o_h4uR24OKoZ z(3p9AI$Aebd>*7-c=$$&&N=<2N=Tu9x&1+GLPCdkZn7a3{|WBAseHnLho9c!m3HuU z?&PCM>Fb!uRrYu{h++QuRAzRwDp__Z9$`)(pQ^GRe{&oB-b(4+{ieeN^$b)@Os~+~ z4^&K?f(Y^ltwZVY!WRPm6Z2}wyfv~B*``U^RUMMd;nwB%64bbxr6kQHI}Is& zN7^r-7h#eGyxyoGnOu>p-^g1;K=0!^%KoRQou071neq*4d!Df-J43xZ+~LgItjei2 zm6V&WGJKeGK+E9334Hj$@R(WOdlwB0s-y8dDR{Q=tgza)Sm?BY{&1mAvtGR&-;jV zX39E7n&VNcgY<_UvX;OU;2sMw?NT{qpm-=YAM}Tu5|OW`v7eBAi&}W?+F;QvmGyT{ zbFtpU36EN#?|!w~l+R)PYz(cCTQ_L<^YY8TGkF#z#wP8>RVY#{<@@N#OU~nS1@a@i zyiQRmA-s*|Q14TB@tz?2SEe9F!g|| zAb%+-BbAiFi9@+px{iNUnoJ>!= z6x7dOF64HlC%%J_TU~Xw5p6I6(n}< zNAp6jMBlMPTbu-KvGN;&xM4h(f)y%9pj1fr^c%zH<{=hhvQoGrsB_v7@2lB9g=ZbF z4|$#x`Xyzc^j?hVoiw@}JVMa?`pj&uA$4HS!)+06!!z4!i%$pIU$u{zN^hQ@9)C&uD^>6!r;9eo zS&gwnQgC~H1Q6d*qV7NR5!rkFQJ`b9pV?W88D!4G-rW|=S8W->=-)qFu}Efp4*_EU zN&xO!5pdTyl$C^Tgt%A3Q{1NQiXLsy8yb_pcB+Tj*@PiZ(uhZ)5B7 z{BkO@yjeMUKdog1;!pMMUI2*4lI6Aseztx2h6e?&!Dw}#2I{`Xf2nOMM@Np*dgK|? zcH)&18fKDu2rC$C0C>x9&`c8~I#bW=778Xl@IcXf2LzPVIs!Cq>1P+!?(#;5uYT1_%d`%dv{$e}XFll6_Q3`~M_o=7 z8Z(B%?naOdbVH5Vi?MU10LVX;=kYKrsI>uaD|52*^zo}x?y&pIR|agLYv1QmelKHR zDJ7nCmF)EaagD{c;#Ytu_2Yx!`eh&EzwnN&6Z>&TEd#x=a`Fh$ejj_C9f(xZZ~5=k zU+9-e_9RLmXp7?l;8E>algNbD;fe;;`2P#tQQ>O*Is0khbwiC^!pOLEc}EY6^T5xX z7dnr{q4F6S@Ar=+0C@7+G9w210N-!KC}}SM-2&1KMgA`Z)c&=cwAP{)`PP!d@51;?m1+YUah{;a` zrfl>M5>YCie;x1f>E-$TiJ>w+@IyHN(3@KD?{Yt_2$Z^_p#qu}cJoa{8UYO{037d2 zv;cI2FyUW<*LVgB`R@%h*0v$O{APPu+axVwo=XQ)3V26z?=AQuELj5=ssqaU4T-5I zZA%?`?sl;*l^UKsZ91IU?p*AOp_mEZgk%Z8NJYBEZC@<>|7WC+NI=mv*jws^!^gpw9xWosY2~aCWZC6e6@1FS|JE2NQ`(c3xuG4*vz5kYV5E^RWpRPe-5C?V$hp zyzBb*hQK{P-%NnfWKbI~z1h>cyb_uCfocuPA7*wmy#W3qVH-OSL~_sY_yU@8H~V|6 zSf9=CxPvQ=cL79sckwiR3FZJWqIh)ZcT&Z!Q*q~W`TIWbi%zs1a+dhli5i@Dj#h67 z+y;-<%^Vj5@w9iwt^5omJMSeHk%KgtlK0>;=%mqmXO;x483q<8poYNN9}}2*=Wm|| zS%`V=ciauq^u?e1wG5%x8E8G}yZx_I_C%djH<@lf@HjxGl5U-@883d^yF7o&E4hE0 z8n}ce72}V>z%ji@c4>!5>c5a)9Q;p^#2|}cmJNG*vfa#;zYYF0t7aUO@(4q~p2w5n z+`Io$aOAP9HEO1@W04wkM=27CJcT$GEV*6r6Tt#HZzs<~3%GO{E$3fz+iAD+ z6_c|D4dTkl@OP|Ic}s z>iD_Y#|iHpKU(iuQM}2a$(8(LAmTgQ|3$50@cXovZ&gX=oM9#ql$_N$nWm8{+Mblm zde#igO6zW3+uR=h8S(si*KaKAEAhZH<&Ea@OJ$evh&zj_r@!Akl@@|;&D1aL8UD%u ztdyB1 z)TqUnKwIU5WIMkVdX1y3?z@;?=xDPR5UuAvs7QJanr9uFD4+d~^9l2j|3}w%$5Y+@ z|8t^5MP`LiR(6yfQc{VE>{<3cHra);OCi|_+1Y!f5JL9ed#~*Ed%ch9zCZWl_x-CQ z$NPOl?u^>!nyttVO=$h%e^@gB}05^hV^w8aFT+C=VPI9Vp&|D++U>9IOh8 zO4N~}@oMR%ZbXd-*|!LT562w-g|71JQ0)RcM)Z7e<)=7X(jEBno;9wT&XS(!0(UnV z+Ez@DrhflGX)p+o`&jb@>DUO{ zqmdpUf5b{A2+%GLCN*Kk%t&6brWu=nO4F8?Um3!LrcSf8&_mgr_i!hn2-SG127scD zIZ^2VDj+`P#v+Vx47zImEcZW4gNh|ac;G$#fA`+Iy?&%dw;T4}`0=6T*C*lyIw!ja zguu!zrW)4XgMWD@{WTD4m;Rdtfb4slcXnWOK5(CPXijUs!u`m~M)X$BnoFL+7nK|` z^!l=#!?6gXi#eLC!uAEryxV_lW$!myT`7XS-G9EJX%wqPqQDgyCmvDPr;_rMOo4P1p%^hS}Y!X4bbEp>2Kv8 zM{Ym(GLV)(a6!{`igKl*b3eX`7aD$Nvsc)l1NXuavEsm)0=vOImrH=F#R}mr-rZvV z@1L7%7nuUULM{*>^$kd|qW&ZEa;EB@=oyQ*>izxP#sHyXc$`ixIb?1UnZI?+qY^lS zBuo3L{aYSxC0j=+ajGZg-BD~kJ#Chee}%{LE`2sSN9WXgI_0m8p>r$s3>S-;&$Rd< zxL;giNWjjAr0-7fTaZkBz(2=y@5~@2OHXl^yKWAe+x=@6Gz%J#BPagkzfv!lwkX_| zO`M)0<%zyHmcYQ%B0#lsVF*AUBSt?`acQBVaM9{E#UD*K%;Bn8?$-Jl-*bO^u7`t6r~G>dmSw`C@oJHlb9tD$pjzTIAPuTHe~gM_bBr=1{l zVI4t;WZl5}9}=~iI!^+AfK$7|^xRB{Rnu8IKFynWq3M@)gqWbn7r`KjpWw!Xtu`AX z`O$Pz+wk~=OsV3E-e7dcm~Cbw*7=?+XbLti?#b|o6=nUbM?KT7*53&g$7dhQG{ zb|dOG>*hbxx`eO<4fbAfD?>aAakWux6PWu^aE05WkZ_ z`hUF?S0>d#m{$nN7+{&FR_Au!MHkK!i}N!%3n;9BmZ=TTlq|qeJ3iEg|16p$?6j4?#GCfFNY8vAF_a0SiwjOD(Gc%$)F5YLevlxPva|5apQ+`y>64JA`#F&Z;# zb}4HxS(ateu3%`q_!e4P>gJ{N3)@L+B>ut3;s+Lzw7**RYrvzyH+?r!Cq#NS+j+;G ztR-vT*qdfFnaQ41w^9YuX?6lh6euSni2^4{guV1IQj_#gR|f>BNu7fY9UFg85`LrM z@D&Q!A{A#D0vzEJLn^!?^z%DWcfSi?OuXr1uHn#;=Pm5QZJ8KhWfr=N>wV1jxJ`gR zvej1@D$gKPzJ1@?3rgVb7+2vv)_$rjSz7a*jfy=;?t*%5?=fMs z{Yvw@jRoPvX5mPg9Gq`NghT3p1mtk_ILOu(=B!u#bJiQlYkM^^FoOSHwbxO+AU>O( z=S?tLW9vmOHLBoqqwuKAql!!{j<6d0q((B0ZMoWWwl2{wyrt`WLCQ)T%3mq&c6|2y z0KTF^)$*CTn~C8_*aV}{5E)2~L$S_x@hHM*PM8?n;Xl-O?A~_QhQapxczl^opD|9Pdrs2Adq0&&eH6sdV8It$Sy#-d-p%;iZcR@W#6y4sdtxbiCe$xM^dn?L{|IOfTI1 z#N)topkS%*#Ilg*o$8W(D(LkkhDBwX4SN$rKZ1j;5B+JIW``^`fK!|XqISv zmxgeGDC80M_*oY=rXR?sv8k%l`8SwyyL`kS*1IEP8?tkZ|=HcyXZ`rIxc% zp44up5E3HSC*%h#U#-5^kxhcFhHupbg#|ajMUI9<(8NQHnLTqB^sI1ZqqM>u<-K&nUUHO}jXFigVCQ_J5+4DU96I(~jySpM|`QE*8bRk}M4O40sJ zgY@dslEi`u8 zL?|TKlPyF%fiK4!hybZ<2_wfOH~wQ3%X3`Dtnm~(+gP-{LRDCYSF9ka<`zv@e~#7I z78WCCogA{L=SSH#E3>_;O6Dai`7_{_qU0x$&H}Y zr>OxzqDTlNBDeRAieYdMLE)J>r>gtwvuxq4r8vK9!z+hUIyWBk#;MGFQ~)l<(_H!` z3;x{OTMwL8je}mxu|+aWbW~XTSJQILjZ8z@tUPYl!kKpZ& zGRb_GkP1ZZA?v1y{XfDLxO$(H5T&tsy@RaI4YavBqm z)6f4a>+Ks9k{6n;kbS?l_k(AJFM1QlroPwwI#fs8>5vmJUZIyaRiax&EJ&cnl$j?%#vghxA`-E zWKGLjkDI4i@PX=Wad@I$dDKkAg?ojM=Aw}GY6IVf7kZELXPfQGlP6bFG!InFiq{m3 z+rzgHpp^cx&!L98@B2M_y>7^zVIp3PVNht|^!|15QlZm2!Z!zjPoPKge0OzB%uH^S z&OM}_5;R|k5KyZxv{Qz65AN<7!)_a&Sd$ zG~IThYDF_vdWu=-6>ttd*65TUuur#}Uy!wKCkav(WSHh9>A$WX(H$81h;_h=kg{Xa zOE;A=czv{lqh#pWK!REEeBRA)T_m6s^F{pdqyeO=MO~4!9Y525Y@tlm(#k3~;>8st zf~03b7HsV#V=h@Ld{OYH&G}ACnP>+pn0>c~o+6tjH_={EKvJq#G!2$J$du&BQ+NS0<%5zg)#d-+Y?%NOcC2iat znA;&45D7ln?isc%yjZgO%|%jdthnz9F8Xy~;utkL>3cSSq)Z{%DzTimWI8=g6L1Eq1n!en~m26Tkg!~tEL=lGk>tZzfm3<=sc$lLXSbZ z+eIp6%7Tb@rr&t$eAry);=OH%gE9|Y{kKoMFN*%OiF&Hf*J)YQ_@DoOo7Em2 zEs(!@5_~6lJU(c`D%n`+mVG3KN8#6P<4THyUZ8A!){RQXLC?I_kj`)xFX}ZKo#|S1 zmC{>NMT{pn6N)s~4DI?{=EjhlQP$pHwOp2hq*A%6{9*EUt#29H~-8ujAsl!pW4ul!*L_IQr z&b(VNljHx6F)cDR+3@XnO8#9N_3RTgkLVXmp9GMSR2oK-$em+ydJwO8cYB?rOqDkVoXwRMDbCuHe0@ZG2nhK3gL(6` zjmb~WI|t=V)QP8oiD_{W4c<~3duF{z0xPtVkDwSd2q%WPOHf%I!)S)Y*}0Fi&;ic7kK%HP(~HvYcqI`n0AXd{QAA*K6DxwbR(m`igH4PE$oX4F64&duGfr;8 z?Sm1-52L|&jbtU)$V@~ZykcSH6b8gd3Co+(=W&Lr(QdQLtY&M{?QBqbV&Y(T(mak%R^Ea} zs!y5et8L_<8qg~ixBsXH^GBmB9;#(U;xZk)wV$)ZjTxxuA|A?3Ip`lB5@t%g{uM{< znLjHp+azjkoSq z3yRf)m9>t~g85gsE?D+ZcY%^+B*BpP$WAiO`cWARVu3o7OgrM3ihF0%I8!7a>X8S8 z{J73TZ``#Nr0!CvqeF2v@CO#+UdSPN^uunvx7i`kS}XPrQx%x-`%jpikmr&mlje~^ zw5C+|g#mX(gshT`q%uq}+H5TxGs#6sirsXiAg1E-DTMQ0V!Snn8<$_M{&{ErxBqFm17VagBbpqUQVZqoXo03Jq0DEIu;fC})n~0x9W)NNl z{7x0>cXT6|30#NyY^2RJ%JxqMuyj8mUqgM+1eTg?_*tPMDHv@eK}Cbd45Vs2@^3V` zDWt&->N*h^z+ryOw)K4f^RVj%r4!b8cK1Bd5?dX}oEhy8lWk~qml}L^5l0pB`dzE_ zQ^@{4{_Yl+ZT(S=u&fqF${7D!ySZ+-_vl787+&r6ld>vrnHGzmq@TE?%b@mPg0I~I z>MJZYE{{*Yq^!uz%exELER9W!*Z!otQ8`k{kA(0K@VhAV;DTPbpp_Bs`i0psCS^bn z0oXC;?d6LrNQYt|&&_D$WbKdzEEs$fWm)4cJFSYuzSl`(G>%#*tocnpy5S3Jh-+U1 z;nq*{pj1)$l*p4aLjXiVMs=4mVT3|WQ8DxrW!Oo7|DfQoOJBWCt}Z{AI=p4J2!+6E zRVOeSnj6D~x-A1(96UU&FR=oOf)~zKAl>tB;I2cpxy}|Mg0`zia*&acsnZbQTM)uj z=Sg-1M2_m3GG`TT;mSViWZh40@q(B}yAq4j82Ez66fe(JTq3ox=zuH9OifKcD2M|H zt}LVUds17@YGfh;M@4HR>RM1}I4ewD%F4=Kz{SNy!10SwjZM!J|IWY;1;7kRJ@xBN z$#{)wz9&fL0bsM+>SG!{?Ju|SuBUpW!0@*OfVe&OKyNeMxT>FAOGnEh}M5uMhEB6cpN9zOd#=f-|J6*@@HCEQ1c(_UUeOu1&0%` zFf9T4h;)2XB`}UkckfTP}mTttNnsv=F-ASJDic z5h5;$q4|EvH2Fvkr%!e|4Uxiiz6l1%+-Do7f{woK9RN|yok{!r`6t|23Pz=FYirM( z_t~Bj`%H*-BJQykX0iU3m-kz5;lTo@pCw>Y27HLc{bc!r7P{Y`UkTr*l5&(Ue)QM3>l{Qi7 z$}#FpKsbOB^NWE<__<*AK9%APt8gTyI7O532Ed34cUVA)?qp~Gs(T26Cn+GHgoS(b z#88|4Mb5@H-1mED&z5DPINbDaRe0rCu8MSj9{tP|CurVtMpVD6M(=dVg`T5nI zk$bpiucH}-pJtU~+pzX$Kik`*73*L5$_B9mK2E0DwB_MRGQr@6jFDyP?~|PHlkh|v zG4#cb<^}d;>g3X5ou0P{$*^@LL^H$8a=Z@IW z5K#pfwz)g1SDwLW=M1AKVCho{zGVl`gBcZ%$`y9c07 zjlJgMEPQ?T`zqbf=iA*pvmcAnYuhiMy2OqE8~kkN<>!adh?^pMEpH`ds9zjG=hO^q!nIZzjA zVI0H4ra(q3^{x|9Eb-8beeK2EMqwM8a|sGkAqxxm)+C^yQ3;0pGnMQ!dC#(1Vr9V|7v| zzMB;;Bf{>!wuCY~hIXfT;^t1gxkeD4N>N#~d|A&v$!Y2RmKoK1ZKRNl=kW-pUt7HO zyFl$?q3(c`z8QIfphQ-{B_ayo$uW7LW z`%b_-zeQGew(W>?mbZ4zdiAnkfYg(kEZth!+jny4lf#~zKF<3Yn^p;ns8svGQMt@X zm#^kms7~pXg>CheZtzY1z`km==r}mJp{8ZMT(dJkIH09Ddv?9b5C@NlmMhaOT6N(B z3iCPFEjm<=Qs5aDHY%5BYM#<>hsNR3I+Y-qw7>td_98`P`v=0{k_4>uprY!=XJDBL z)E|A#!LgkaIJY61<*YJ!&t|D+v4>bOT~)CCaoK%0co0qk`_N=ZPHlu3@{<7R(kk~0 zX+^kNI*F*@r>Ig_faON)o93=ABGL7-*$dqgb&|X|a7*D-919B*ty@Y&+Ur>*S_l4} zl{g{2QeqC}t@TWy4AQc8iwtRhc%U-Tk`*f~1NvNW@E)mDG}YfFpp1rJ@Q_T+()jJ1 z?>=8l809y%*b)?sP6=&{?$&BdX2r%^jmf@P?pFwY5uT`W_9R-k8S6*mcwm!x3ompc z#0!g~eV%8F1rKj1*=>$^n&|fW2baByT7Gm1lg#?BTjmE^k4LD}8ZtkF{7~3c!5o%F zw~yyE^LMu6M6_bGttb~W-J(*Ti^%J^k8e6CGv59Rzlgbq+IxP(GZ>vgedhS^{>09} zY2#2%=GG~%q&zpQ^q!IQP+lNjkDy+eJjv3Lk49}AfDnd_(uHG4Iq}kq7J1$e0$BbQ zIqNGdcT&6)C1)#3Sv;h!=QBosh)zi|k43St!NGEU9&TkFI(GZ1qy7Yt^?Mxfp~GC! zdt`Z9MJN{y8O0yV@QY7=6+=JKeH%+s%QO40gVE6ri$YKO@mYsi;?xTt?y02#hh)>y zy4ByJk$;GdEh@(1W^@}ls88?UiDYqCxe(6Kxecdw;;P&w9K4Sjw8w{o=9x9ST}vL+ zCk{HMDVBdsO>s$2NPV23Y6H7#uT|$_N4dCtjF+2$25xMWHzFf2%Z|v)zhtDH^vpRK zg-X*v#r4v&mHk$xYI&BAuO<$uWCJy9$n9ksJV8b%OcloN;p}3CdB3-U2Z+Te0PWlF z4%lE0LK=3Okfb_s*G)_V$IFYedXKQ2w0Pjeu!v1lZl(rasL%RN;d>w6FrAaQIOwb2 z?54NLf$n8H+P27YmK3l>^ZQOCAH}qcuthl&c`ac=5XXp)%jxp*;k=r9b1GJ~eaS&9 zX|;jUPvmkI4TgA|g@Py9UQEaWMniobYY{0B?e0U%69}E!d||6=Eyq_e2lFvbq|0^Pu9v?p)%6UtY)r z>5nc_%>J5C=bcvioO4Owfnt|X&PSdvt46zCf%{BGCPi!%FD3GO0fBLn+0e^RzU>8; zkP2-Cqf&y&{9 zytSzqT0g3I9vJS9EFJG2$I^^D$#UqRGhIiT5)s0n=+nq{BMImiJ$je*@HT3TGXnfm zJke_%+)c4-9j8~5_<+w!ZN53p+!{&=ocE*96s6i2$hwT^1in@7)0oY0y>>fBvw@4e zgXo>wP?-9$kuPZ(-`ZzGYa|y6P%yI#+$=U!A7~Od?|4h0a_@V;Vhtmmnz~JcmBIh$ zw{0SOgWlQYJ&M7XvwUfOgnd~_B87H?I-%@yECbnR2=BmYp z&8!7xD|d0qcE1O7l}&!Xjkl4W@}%`W!=*5X^~7lbK-yOro&%Mgy=rCah3m6;%)rdZ zFM6+8C@v}K^4E42L`&nea14E6ny0?vitOdnM?|D|J0@xTV~2+~y$J`1SSgxP#>V}m zF}j3&vo20(B)qo}Hl3g^xB28;P| zRz0p~a>%*3iP_)?Z$7H&mPdY~jYO&1&B2w!dn(qP(>~>U?z64R9?HOrw38_98wK}E zR+9^!K=C)Xj6wKCN70dV%|&48r;D$)+8+&7^-GSV1THKEExfn=QiX7H3@LC|JhK3X zWmj01x{u{omBl5F?(v!XQSv#~*l8>tu_2*-<>HH6o!}E^LXrRs;iFF z*@zc(dpGWyVE6r)j|d|Kz7yF_ty9J`aU9oj+VfWTJS}3~J7HgQRP|xwv(_Yp4<2B< zm%g}P7414(sFZEuvfH(jky1f+0;3CYS}r}E!(mLpitt=CYxETM4?$s!+EdVC~-gXAe zypa2G>R3Re_raFGKE9;6MmD|6rn+LVeZp4^7fGXB;iBl} z-4tL*$;A@xbmB_+TxcUqwk%e{2c>k$8V5?5vUIMFv5 z*{Nl7^r*aF`5vnWM>BSJX!d>yRjcQrG3G=u}5+@ z6%pI-4b_ShVvSs10@u920$U?oLT?a$OUX=45D1S}+EAWOx=5%w76zk( zOHSgTgWIm!l7nJYp89akh~t%sMb@gncIK?Vwnbik`NZmF%+^1piD_%!$hmS=Ldr@z z=L#R$zQwJT*}i~|%DdCK^%OTdBl48*b1Uzy7jKB3uFY^=bzWrl3*Yq|TX@bykb)f) zedh@HYvmF5T&T}b1-Qq?o;hE}KWj{htPITgbFr1xE8Ti*TU+mO(1*uf(PiiE@>^}j zJh}}YFrCs@y<4DF!xUIPYTyKME&SLjn-UnL&~NnLRoPuEbN})*EWrUIC;qq!?9(hb zdMTj|(aYq@Rqf_d6hAKcWlk<7@jH!}__JC$ATmw+Km%0UxPw*ChZL)^?9IVd!Crh( zDd$5eUq%s{IWt6c+r%u56ZYo`3}jx%Q}iyriKTd4UR&=DtR&tn8F9SfNuLPZbv%_H zS9MR-WxsCMXKMOYJ#aB`#Q$p|L9YRsXnLWOLtl}u4O^IK;@B3AfCI0{PJ?N)DA%tL ztDthfIgJ*1yfHBT0qK=e3PZUig~Xi7v6IgapM9ummB}|J-ei1h4w@ogN=VA zE@(;eqEAOLdja%BRPEhdzJQ2;M9l%sE?(}f&b@pSWp%ufAa+)!9sU6;k^LIYYuC01 z!pEHB_{- zwmWY#lVUxfjM-@m)WP(jIv@!_&)hTL9X@j3-^;wyTrmekFw{dN$#9RIJlmu$GGFCF67yfvWuj$#CBwvaH*$E5I@IT{P{buARwiFb?^K z7~13d2LQF!j0Apg0pRA(wD6IcwR*Wn@ktmBhWSe{g4-zbsFo{Mg1;oJq0^O^#j}oqPt-1=6-EecDigXq&!)j zVMt1D(m_P=H=Sr7u)3Rz?imReYJ-PXns4Gq$!pVT#1dAR4hhh-N4GseqR5_I1psx- ztF##5Yzhw6N<;AzU8eFHmIF?*;veiqCTjYo39Xau@AP+O1ooz@@Vpt0yz%E9h^gtr z_j68vdeA^gu-LMG*$VrA%;VkP2QPuDEw8(`Z=?6e(0X}!Z8ntK(|d7h_|+?L_}w40 zGWAKmEdTGbZVRlii*jJkGo#t6@dx9(CV|B#B&x5k2}iJZKIPT#BZ#fgr|Bc#35enl zCOUu3h9j@klIwl=xzT8+iO5T-)o=fYD59uA=ZReVkp`j#XFk)H;ps~9qHm;{?}70# z3Q6j?38zeAOTqA)iuXX<@P(NKwv>Kk4Tuy`wC7aIqSnn~kN;nud>2_^7wvE@s%!t& z<5wF4Ido>^mC}@tu=q^5na1wHYO}pqLw~RK#lKy)=HmyI`U7X7seYQd0uxaFq3nZ6 z6k<=7H>J!0|HbTOct#GfnIJn!g|uXSrUL}Tqgz(GXU}MBSOI(TP~;6YN~>f}r}_9iHEVNg?D2 zzK2$r?^j)HZtjp}E;85R;`l{KzF(YMX!vWk)cMG=RdgAvCRg$wGGRE?6X$$So>1Ar z$Ux=PV&U*gfsHRwI;j!1+NHYzwb@|dn)(%?tr%I;14WeP?kvS<@LrA7`_^iC-_bXV zWknygsWBn&-&MaMa5C>*us6Blp-Pi)ru^Il9~(PD)uUnz1vi-E{gI*o93Mh1Iq7K% z*WHDrQ_FzChLN1ZeZ2Fk*of+-4lL!$B3?M;VB$*YY9_bv>W1;3YWR3Vmff}zNK6Ia zUt@Vt$HJd7IFsu*fw5qRPZI0FJ?~;>C%mnPXScC7J8BD)VX7={Qak--`@!Ty74j-w zo4?=bZis&`7r${P-|(4W#Ni4KAKgl1Kel!4wG$(aou-{~AIPy`L}c_0T=dp-?p=LG zTDS19@a#Y9CL?)gLKe|(PNvO=iMjs>^)1|LFZ5#3LRP^Iyp6nKz_jH%;a&@V(*n`& zO^Z?Es~I7GYSYCgcbE^stc(`SbJ=Gm*aqkVp+O7fJ_r9`v^FKXTm6`6#wTu|L)}Y5 z=08s<#9>sy)n8LBwD$iWQE$Ns+W5k-=t+5exT7kvGnIAz8x<9UTmAJn!TgX4>Py{> zxc8fZKSfk*%A*y^(1_21i|Kn=QDm<#8a>M%qQnSC5b6{z)X`$Rx?zznhkf7lVSS4X7dJ^c^U zW{1yoZ@~f9q+I@)*GX`UY4N$#072*^VN;63LRpX0X`+hY4`XNkY(E&smPYVw1`Yq& zV*wlAYNH1D2l*ZpSn8`vvCYlAT&PmdEOUIUmiOdwu-+K=zc)wwfYg3Bo^K>0n)>+g zLV=!X32O~q1OU(ypxzL`HtGJbi6D`^UZ*=)7EB z1Lo^7!ibqj*PvW1;)rG)#zBu4M*G3E0k)d0V+!}-nrU%SFJvP8&9AN9ofGZhiR(^R z=^0QV8w?{=GTmLjvd0w{_>`etiwr2>YFO;Y=Wn#0xKld@REN^^pQhl{h#-4-&Kw)ix_Ok}lcVcJf4{3R)J)Bq!uR6E>Bl0KyNlm`|Bv#AW>l-`BGmM@H>TPge%Z zw`u*Gn(x%KW&@m;BNHVRD#zJ9NGi7auWMO?3J`+X2+VdK=(_9l){1Uz^JHsm@w)VY z0gK)oI++)jYALD?C`W(x?CwMWX3*7XXIhZ}4>SoiqMy{x;CdV3L;4RW*~Qel3*hYWICkD*n*P#s7D8$cGa7p`^&2QPnD-jbv~%_gJ7o7n@w9j8Ws-~^>=?snx{`)Jpq73|9YG`h5h#U-f{yI5U$^8JlTHH zpOU+t-mTumm`s5Y7$=PO*6gE-uMm>sI#emv8hGm{e6}`RV>qDu<6| zRv(%UCH%%0P1U_MmcXh|wPRMNhsWf`x)+7k5dkH%HCLRB&<*+3t{BD^@1}ikbSf#X;jHp8T zFmFlw>XLh=yXvKb$fOZ6IUBgL#!8inzeg^3)|PYL2d2nuuP!kncShM2$Yr8*`;7=M@&FI&$R5 zWq$rMz~G+uQ$}WrqYdBp(>RUSPR-MNs(UM>qB@dTax9&t!=d0dao$y4UUHG}@bI|! z`1qy4+D_l=YRl!EWIx8g-0}Zs3DpEhRO+NXn_d}e-qlCFp~noYTsV0A9tVW$FEFOl z49DlX%4M{ai!>^Kb+SoPQ*&@ieu z3SNsf9s^EWVSeRd(9q!D+|fgIZIQZD>vf~muF$p*;=@2p6(|xdOMfwOnFaQVj>ej zagglo?O9|^nv{GV)iN2hVqRYm6%lOq@_Jp)A5i_8z0(OpMN)+mHA~;?hJ7hs+`7|| zs&*#4gUvUEmow0Fb%GRCn4X^gj?Y}v0rGvu?#r^j3-u7GKKS%e|4g=GmV) zyY|&n<=p%C1g>}by7*Tps!pFw`qYf1NFP8j?b-hI>(}R=c6u6A=h*J)juz=!d<|*O zG@K8DU>`kPDSjq&w_DIwUTwH(;HYayN4jhJA47`x@tJgeHk69h$K`ug=UR~yZ9AnEc5I#nZ+%dFhY*+e7%<7b9(nApKreMJ7eAd?VZ`PH9Z0M?P0 zf3zdGhT#>f8Pq=I+xy?|7TB36ou(-=wPHCAM`#j$NAV#z&=Mx0m{e080qNI#opx2? z5{BrS`)l7iX?o6cmSl+r%`>Q~_I^l;&s}+AfeXhl_CU)ZMs#~;2fz1`nR5Asg+ga- zw)dj>M3oGzBR;*d0nU zSLE(bHbYE&ZRff&`5o6ygqQnfm%;t5si;8b%_6UVB}J4Swnzby2+Tm%$=Q`Ep|7T`9Zw;Hqs_XYAG}V6B0rUjAuW$ z>)7^YfCZnC*Rto|-hQfWU_hH*{KUp-DZSyc-9n#Io=LZds%(ex*?+mCF|sJmG8g_b z#2alGuOEG3R{lXYlx3#?Rgm@O9G5n5tKZc}0ziiEablO9ilM8G>e|yQPoF*=$<}lh z)aZBIY>+pfchGsr0}MTLOG|4={PESkqJ^sE+6{Fwb#-+pTGj3h`>4v24-zQyz2QB~ zp<^_KJhA=q+QsGe8e7tI+lKA&LgpFV04)&^drY_A{*6MWVErq*0tK3uQ< zt@+Kh<;0C^=XVIBU*@eh8W^po^V#7eufDEj@L6=5BO;JYYNCd){GdlE?-Q#+x|*`m zaVC$H7pKB7rAUluv*T*?IMbJ{Ox?z_TZ7lWCiMWPLS^7`dgM{CXXlD^0+4g(iiMm^ z8MTNLzf6?yS=Y@fdMBZ?rqq$1X-t@miP#<|x;SQ7VmOHQ_+U_A zY;0_^DbvADXqjf0ZC09gz!H0V|5eE0WU+A(S4R5gvQkt94me69v*ik@N~hD((&AW$ zgSOwWUph?Y07WpewSG-<6bccXZ`BvUqu?;NOMIHh3ap*}ZWQ6b7!I5uEHiuig3mMa z-@Hkd%gYMcqnw6qdSyB!?Cv22=QjkT`Eez-tI3-~kx2}1y;2uOBMimRcii3G2`>M%qgyD2jN;?^WTjjqd21URGVy|hgamOceX0-65p*KG?WlM)LKm|KH<$iW8K^OnJ_0WYK9PK`GbCFjb>eu&1ZzLwr0#kUaW- zQb!JCU4N@O)gO4Am5Bi>3qS0LIi-R;x^G+A{ zf9)?yN~ucbyP+j6PXQq7J%LX>P9Mc0*cvD~2a}=`)3I>UGs+veBGioE{ z=0jiVqv~Nr_5~zWAQwd{UhuRlT^%cQVW)16l@kbClF5pZr!X9!ltGzDL3yRU^}(_w zbcw~#BkLbwiV3V|FeMoyx}S~<_fnMvnM9lyb3NtJQlT8|CKBC!eQI4^S?BjHW63$v z533kJHL)1x&&Gpb4Tgtb6LEA0WM#(2CWxU5-metfeNCJ!l# z=hDy)g2)NHk_}b7P93;I<8lcp_9nDngj-rEjVXZ4bu9|db(BC24^LofX3E5%hV`4G z{J*{+tT`xH%(U0tXr6l48XV8vjx-K@tTitVK<+6+=qwxUCWpT9QwBl#;H@Zp=I*2 zeq%%>@7pSQv<SKNqxiL|gBJ^DiXYqG?$x1EOk8u;pp+3UsVyT}n6 zzBPm+rfq`S3{z8tfLxc$O1bm!u>I)I>8YuA;rirA;hNS8Ra&aAT{Y6U*}S2yu7s`F z=ap4h*vtD`^y`P!LOVWQ14IGEd2bLTGv==ToLgky0{X@ZvhL3E3m@+ zENYtcc4ht;kHbN4)HTPEFOr%*iy~z_f|HGbc&v0S-SXLx39N|6;i%rqP8{tp?yRO> zRFbnN?CUGEiUUitbiRPzjij>B@$bv=O4PON=sbGQLmz=BMrPCEvkuV8Sd%jJTySke zBQ;0{Hp+$_sQc8>QG2k=d3jQ^`y6MfEx+KzkCbo+^X@Kc(bX_V{MD_}CTFI+a?2Pa ztDUOot=lFV<=p2t8?%?I%!QS6XB9@pmDAJCxujpGO+%GVHh%MxCm6Z0*hdG?*Z%)KI>ofJZ=l&N6NN?kH4yY6&Ea#tIbn89Dn}!Qf zg$Pd_gYtEG7=!5Pg}ZzN%% zOExuojly>#zb0{@oS`FCnM5jt?d-`R2nSQ!jw0PZ7{&BGrXuP_B0kg)>H3Pu2;hSP z3ka$1(otDiWmvTC_?0ur7vHMJoT-QuaTY|>L;3cx!IuO3!=Mb=HsS|(H7?KHDO;}5 ze9C{``KjXYyYhoLyPE!djkBDkS)wj$8)ffjuolKU3CWF^T}X`=N`GpuwL6Vcf_~p* zUjWBSHYQ`yDd#HRxBD(*JxZldZP--vQi&>Zb8>(fHV@e1dZin|kSlOcJx+S0fP_irTc&o+$l&h6k<ksrO*z;uce)Crxh&@^$P^2MiN*a-4v8En-v5>;;$+MgA(|yI zQQJDnsCI|fh2XmswW8YV4v~oi`oPFm9Xff-J*iSkvn;Fy*+JI#q~_ne^OC7te|VO; z=ck_EwJTprQp(X=~Tb?JaaUVkDBUS<5=;s<<>Fx z4^|AXaL~{9oR`b@z7wJf0s;am@ewDe(s2kArXKPMv_E0=&G&VF*T=LSY~h++0a@9l zPDp-FZlmJ#7UY%3iw}~)mlo?M@H;saaQ@o4J6N49Atn+E0B{nD@56{&;7MixPTRz}LLyQ{#WKC@7=jefOo-RJ7n!MoWDu5ZF<-33X2&hBLd z%RJE~nV+{!t9;0sq17GyG?6fjpN1%IF+rRGe#;^d*g}Fmj7qU=40m{F>seBGAl| z>8|)|*nPgr~;lRF9sWrVvc<<$vz?b@~bZ+7PQC6$8z~nbV+iwGt zlM=LDaAWn-ET!0%Qn_|jS&L5ueOE!Z-=TFP-_&1;>SEzU`R-a%V0u)z5y6klFRjng z8w++iShbU_f_fkC+WKpozg|}5lgYWJW4XJ@by;8`*+1pUTwUREzD7K%z*~VJVKa}< z233fhZqc3(5-DNS#-~>mWpUuaG_J4LB*&{mcbGmUm;shHw!Z~sBkU>Z2FU5bqni@pmCkl_tORDp{1&#SHUpbF&je*i!b^bVY%so1Mq z6eem&Gez{$L;oi)Ctb$tlF8axWqWbp;@v zen@a!zEheZaV77Ouv>Ve;}F2(kkwqXm@yevHxJ!rUMpB0?z$ProGF z#WeMqE?KjPW!7Fs{8f&tleG#JrMuf-HroexW8e(Z_>E@q59~9RX9`+3(K9IW~9+j{QIH^yUYicoh{w_+T78h95Bp89d}0f z1qlBLPL)N?K5{UW7^i3hB9LN@cuty~}PBhJQ$4e^7it4#Q(neaD* zf{kixHq$OKCC|%#G2p(H)v~Z5vJv@g(0XuGaXGve7gnl_v4p&myWd`9c+00KkO6QS zF68NT#E<=x&|S6pzqh3CJEJ=h-7Kkxt$+A6w-OG`j&gX@ON9KFU8Y4-4*e{ez061Wm>3o zq5_K2lC!t-UOO4gHg3-C1qQg7ei&V!6D9A>TlD928Lbt+o$s($mv5TQ|InU~+$2lh zwCdH|*tC^-QsU-X<|uuQllg2Te`ha+FGZtov3cQzo?ew(gke+ECfb9|Ayn^_7-{k~ z@`u^4>stiWZd8{Mn3vQxcAlz^I#M$lV%%9%xg}b_S>04_#OFtFnwEaKFI>z2Ci~zq&z*Qqs6i%4f!W z1D9;l?81M2#>Qw-8WidM*5_wCE|H-@wg9I>5r@|;94wF&uZ^& zuVo@BP`KyJ4Z@ipZOVV$6C6eoe(MpFzJnzxiw~#S*e@X#@1qu922=(ljn&+2)c7(=RE$qHrIv?|NF?tJpeXXY`iqYNfR*Tm5 zl+nDDVkGKmZf}=|e06v@F1q!rHJ~m3e!F`R?x|>qwdO5W?wPZx^5=tPdxX?@bTp1l zJObCewVE{?G>_qF&<$f&NDx2YOVL!4BP6m>@#c3_&?@V7n4&$7x^d%qbEhM(i2YQP!}g{5Pi+tupmza1Hr8Ef`__}l>`Mgv>s!Q8N(_=jqB}Wu z2VR|MmVzj~OQf)4s8v|}nrh~^U((urA-buMlf%&aI(Yxd5NU{69qi?MB;s+MnJOl7 z-H7Y_=0nE%q&-<4vMp(8>`0b=SaoIkUu`_@b$C<)4jc=vWAXgWt&~y(bbTR8eeD9n zRnUhu?fx(u{I7Z$PI)A7{((U8jLF|H zVbkn7P2<>Ejd4WPi>?R?3B~2++FWs~kMqSesUO&y{# zu#R~A4e136=isCb=iUn-9=|@)u)4OfQ3J4iqp?i3Rr%)!Pe(?opZ50`XnlY*C~~uK z2~$lrZG1CT%yz9cTTg>5+whBK(`3DbSXKashuwh9-^G zWTQVM2P@a#{I)7IZ>|#j*(aD~68k4RWt$5;84|`;a*tW-78q9XApsWAk5?B7a}Z`d zIx-mZqk>18A4_%aoDYN;qnAA03#zM+Vyp40r1;=NmYU_I zu>rD3=4h~zWH$=R%F4Qm?aYM_R`xe5JEH?a@&X`D!#Y^yhiOQWC;6R$E7%C|&opfK z(A;hg$%N*f9>H^EkR#|Iruge`(k}73TTyI}a+d8mLH{L(S$CG;LgBC_cEpZH1t~PH ziJ!AA4UFR#mhv3J6jv zDk6%ciXbVWbXass!y=TDE&*w<3s6!dML@c{4M19u?iA_ny8m2&qI;k3-pBiJUO*RX zjycBPJ)m+oLwjSkU|jD>%+-iuu=5t1i89buh&TiQ`+UskeeFL@_Lc}OQScux*$(XW z?(Z+ZJO1_yx(evl`R}bxEMyQ~740pd4PezeYSNMzG}CRNToN4{7bCH2yHdY4@?aHM zxHZvX&(vevtv_32Rsf-nsq6s*ByOD)F^`U0$3v3p6XK>LVp6s^m#cVd27+NG-T?ti z@lbM&CPV|Q0|!X&L`+{R951gPh+lk(M8wi`K0Ww6mZLW=p3rOXbByT^dHJ6Z>p2iu zNMv65fX8a0i3e&9(>y~RL1T|;#3D^bL$W&e?{oXq>ydQ9EWkmSKn`i3PTkHrmxdN7 zyQ)oEy)KWGkKQ_eiL;H$g|x21e>|{Eb6Qoc%?^b0@COaq?99v)*YOxuR#$>vn*>3x;8=L#Hj)jeK$8Za{l|5AkIn>zTT1DX47{c zSOAhg$3<<>Q2<2+h!#=%B+;ob2UAhynwc@7axW<-sVm|2LQsS-p%(=7*>=0e7T@NH zS0;agRrJz*8nQ)XvXfn`?u?$*@;rz?k-I8^c#H3F%FS=Kx3-ev9wC3`OD9_%zS(SJ z^-EPY)Ak-ge`A-94V^HQ1D)&dTvg4tlyP41%6iO9=bJ<~QWL~MR^0B$?wh0nv&42} zmGBd6ujLSLp_M9MtlUG3iWmLim`df%Fb)Xrn|cvH1A@-471v1fV1l66$;IY zKPFjha%s4mjmCt4b-ty%hMaP1Pje&4;62A5yBz;SPNY;1Zr~$JB(Qt^>5;P0A0G!L zdwVFIh{B%jgjo&IRmGQ2oH~_z^neQ~L8nad^iL%=i=M)qM;6eh&1N?oJd^aK)*9X8 zg2)(5ELuG0#kA1bf$^s}mb9uo=Sx6XZ7gXG!x_FkDs5Z-M56K;$uA-4v|#TNviiv` z?Y0-`NlE7-)7XeFGa?C?xMQa%y^4!_#InN*tvAzi2j2}po@W>aUKUr0r^)G6O-F;ROZ7J zmqq_DkI>QkOa2dMJ?ZT5`?^lROQ+EL`IcYW1}|krA=E46>O3^R5VX?MA}~AGa}L~w z6G`A-H8sAoJ-!I^7;ypX`hm@c-d<8t)+1$4ppY-XMCB`#Af~}xQmW~C;;<_=XUPX# z{Tk98LyTln)7jwb_hG(>#F6p(eYCY5 z25<1MHlDGX5tHTQUhU4y8P@G{!wtAXDkmLTCC7m4s7>0SOAYC$sg`1Wrtfv0%2uPx4I_9+oRt$V_QEXgROy0@n% zhz9|M6!oPmk0g~p)6#SSfWe8aIbq&%Sh z*O{`1SEmeb`s|ArF6h zQAAr?dxEd!OodF?OJchEveEfXtK=M^HQa-D?*6)Sn;d}voC~O#e&+wOBQh&1YsQ=8XI-eqid6PHDdl_;Azza6GW#MDl_FZN&pG@((tCxm zu$B+R?j^ewC24`c{pBuSKu+J}S=!cYsjKqUvpZ}KLgZFk8>^p}{3=JjWgCC7NS<4{ zx^m%BLU4AB-P!Q%IzlBv8(+&og=LhlIwNrktH&Kx6B?-~m}_Tsm$g(zt4|5hVTs=jcw{dA zR@vFR^IHLjXz`V$jFqgk>HBBS^bJ3f3i?Ap?2zxPc7931EeVC0Oqii))Qlc`OaF|~ zTwZM>D|gOph(Z)p`Nx9Mx1*%R>(?Lv5X0cB39*ZfUrvec2?TaBEbI*ox##s5T~A)m zA7IEENWu43vf#-R_xl~6d5yFHCwC;ZorVrt19vF2fh~yTl(r?EuP~PnQoQV1T{T+~ zQ(&Eul7%inmMtnQVfc}21Px>BYl}$fmY%kbsrwZ{oikK5o>pA1^BiaQ+%eKjOt*}Njwvz={T_SqO!b=ms7Wt^q- zuYeE1!ssrno#lF$o)8D)zQlMV+c!-;lfgW>WvuDDHLVjbvsk$j<9i{P?RX6WoQfP=mSt;Gfb& z5iD`MJFS$t|=6(=HDcdCT<;SfF?6Gpf3#f9PyKw+ehLB@Y;3;)d+ z!$1c93O`iUkf!pq1mj)H{T5^D`uEEFe|LVr5AbUFsoK_jtovob9hc?LNMU4C%iV$B zi=ipP6=-zLDfU4X;#rKFAdw<8*C%50f3JB_U-{R!TC<+lpd(vSA4#+6O!XIh3flSvUaP6zeNJ@nCz6K|7;l~RtaolVOb8x9|}*E zT3UbY{?S7X|9(UeN%%iS&eyQQR2Z>M+G;@PvHy_R%hRi!m=X3ZOOF4m+NUMEphhJqb6?GJlMGobDBFi>{h7ra9lp8)^9R?^YL+Z^XWGe|L#?0SxR z@=z^*vLOD#e!N6!!#4hxsQ;I!VKB)567~O=lKRJSq`Uu4f1y`{4W)ytY=6mgzFqgP zR++F-PwyUw;mmT|zq*GY-1QN}CX7a@iUbAmM{K{A@CbGCE>ofGJO+jNzI7!qZa~nn z!r!W_gElVlN7SBbK#N3>Ias;>O;8%)Z+ub-e+3a#S;xA8)zDc5syqkvLEg7$1;3{p z@cf_&L`6ngS08E&1OJFhu_WPif+-Vdl7`-9;+F3%9pqH`wi(S9ag(Xf_rw~)jnrr0 z{iX}@B>u!8sOwtxnu|P6<4a{DomZ#d@ct!!v8!N63L{5sKRX?WJ(MKLu7-`$?7NlF zm*^_#WLS%gx%sUP+7TW1F_0k+)Mzq$vdEr|QX`=giF7p8zG(VKrHg>5KFxO6UmSj4 z=#1ZOqoSU~8dUiN(TydqcS8Ht$4;k(jVKE#DIkW!svCX~Dg&3-y#DylZ@noqu;YUZHTxmvfinV$muxqF%9l6zG1 zuryq7W#U!u>XqhUU;EFSNlq!@W0!jOY@=Py%Q$|tv=)p}9_W1;j;NH_^|8i8_eNkS z-n+IpH>JVk)L+eu*mKPAZu@N|p)4@ljn9ehu8CcBVb5`5?YvKXI1>zS*R>B^Dhp%> z|9U<2UxClj?ba*{3k7$4Lyy^cjfD&uh|vj%d28>{{Zyu0+j)I8{*v=rQERzA<4NUV zb(U)ps~d{X?rNQXj*F)$f6 zHWwEcbVEpTUcOB7nVSX`qn@W z#oRxB5JSU2!}m5-uYS*~2u0eSwY0jAghwN7>Ox?E%?l(`VP?ks2&%D@=*OevW6)ni zvmW(Xh;$y<*BU9;iUorZpmr4^id3RrFOA3=mOn1`8d>*Y@PDwLF%s$?ba=L~W znD{J%z}zmm?oW>cPd+Np)iC81^8Cl`&8(rFi>nh3;qU+kvJ0Eb$53g<)Q9&n&4E|8R6nd<)kYw=|Q!mhv06QxA20c@|F_|mJlPmsNO%prPg z+=vsw=uOZc0Wv{!2#%0_LB%*k2mfhDj(skibs$$XtXCm+KG~$TIZ6vXo5153?38b3 zY8Lw0P1x30iKv092Ef5=QxolEUN{zOfB`j6x(B#vLNwq;LaZzRLvvjZdSuIv{_xxF zesBOd3}?-c!HI08D8wk&fiDYhoFpqXp=h{ zBrG1r*p|ePEw1HS+oq-uB7?PO3AY!*%Vf8{_Ik;>&iVQmslE`|_Uv7$y>Hi;w=w9pK=e3Z(e34k;}hr)&(TJP-|Z}U5p+g0h#)l%fKu%*O|)$q zb39fLLq%dm*_#GU)!Lim+RrKY?7pUKceuSeeCCQ&8F#`oY0C1-pm&K`NT+!L^HwwK z_AMxssUIWb5O9dZn1Y)yXKjSGWe2D>zibPb=M4u09ii}T4n4G%u-)HVZ@h6@Ht`X0 z1=MRo4f;CmD*ci%)P>K!+}_Y`vOP@eH~RV&AdtOBXZW`o(Yprletv}^@&SN=V1NwW zHElpA7YBi}evPyTjt+FF1I`b45`@?xa(`b9?%WULk#k%1b;5p{I^Y{2}yEAaq-1j(!G&&<{nw=R(Dhi+8!B}$Js^0!^A>k9?e_Ly9 zfV6~rv`GGtY)Z)#+=w^oM$VI71xI0cSn$WL@z{+T`=LOkSvQ-PK?;ys6KnWLp8;`k z^L0FxLo$N1v)*O4t(v4IGqT%iuZT*@%|E@Z;b}LvM5I=yl2@;~)nrGO@00t{*p@=8 z#BNRtE_b3|X@?B<6gd$l>W&0%OrO`|cOLqtk)0Dl&q+pAO8e=D+t%dvTtKk%#Fe13 zB+{3-QrVAx>e+g4Ybu6RKqir}_uaR9k#eSyCQ?l$1B(|rmaGehD}`eF#kDtcc6 zIszR7J8q1~aJio;5g58*9_ZNG8C`5XUKzLbb#~JcEYfBLuA1HXM8Kh?Uy;Ec2ls`x zV>LXiL6hP28Xx=Y+3lL1d&eYF?&mF<>Kh}ZDetHbwR@-uxXD>_IaZJ>$A1iW`w=R1NTv?rV zTdXcQ0rSx<3LevSw4~qvzB294=N@dzSSgtVcmB+LZJ}dTtCw>1=6xz0jVN@V%Sdh0 z4xRm1Baj$t7_aa6Gl|3p2}@3WELjp}&Z!)}B$mG2OvE^rWhRNJJZsLHAXA(!y+P7? zNw3vC;TsFHYV0V>+)a5u4X*GuW@E7syV291-BbU61SljeqH`T$v`B#HmELNiL#hU6 z<&rUyyJ%2ZUverxC(Y7)SJWV;6tvb;XN+K3WXT*L$kyH@+7?8_;x#8af;x%O^_8S! z)qtTKGXzQ_2)cDi_dD#v;H{Zq;pCMiYPscWVi710mE z23maIx1btb@~W>?S`7RJ z`sdJ7BBUJ~8tl9WYs(J`p5Zbt)PrUVRmY9l3el%fY$m-iuf1Vt zwb-mul0@N)BVUH`E4$PD%;DGNC5FtWEhkngd5DBI#AxssT%}H)q^&qnvfaDAzD*y( zenpk(iA0$W<0{Z~=Iawcpyr{yV%qA62A5&7MX_2~=obUbzwPSZXP zn`ZsOof0mC+9p4(OrjYV@Ax$fOd_3`SAQM?-pCg%7YdSp**5TawE-UdCg%mRKth!#AtzD0eFL$7 zZ+jRYv@AQyvU(YRr}sp75_Xl9VUKjO?V3cd*;mx!VASow*Mlyofz+q$~BuMK3*tSmhr3;wDW=Ko#a1 zx_96dv9a*)$ijW`2Dy{4n%b$uKFF$1f)mijHbQYrN6>LNg9{LY*f(tnaxO?rQrfIl z0!(!lPfZR(`H@$TT5xZ@wJ@x`;w} zdd`sy83SvC7_xgql@VONHiW~56{IZPg1znyRy95g`@}DJ35*x<6CQq-Q~De4V5RI1 zOyB`b3~wBi6NFujsR1PFyV>Asc|1iK_&1Nnxj)fYdT@f0Q9k9B5CUUK2vtJn=CXsp zsum{pN9^+bB>+1Hw-V?JrPE!*w}2ldHLIl%gL@TGupe6)K*5%(0&3U)?`{nEZUV?5 zcdG%6_fX++4+KbKGiydtG3;#ZXEHjJN{f*6BWt9>jva8l+rfsw9G2LP(f&2^iarIN zE({Yv-1_~4HPD{U5P&3bWGbQP1V9)@nW4)k-yu%>=c!0oG8VcekqK%$>!UeR0XFa- z)#(6!58v-QdE(1K8V>RicfwKIr)MX-)1J}bE*V2V`Lu6rkZBVTt%Y3c! zZo$tH!^=<53Dm!*H^D~#2e*}81)2dI3uc;F%f81=>d%_1r_y#vPXK-hH?HNk8g|^B^4{nKTulz`udDr76mOti&eM8CngOv81PeI@4 zL0I%z8r+!s3b%A=-_}kYrFQ3V|4I{flG=TKVa13NzL%OKd>#|k>7mr9we;ZqL4_E% z>pm~3Mr}=VQsl{6nKm*?W!q^6 zuZPIiya59a_hvHTBHUdl^dWaKiF&@gqYIaak{-C1eFHhgr3=uP(AwQ_-qYkHT$**d z<9wRs^QhYGt0}q#?--+ux+$L2P4m#RXc5j09Ot;k=lubV)8ymS?t_v0;83~+a99dI zMpCW}A~kz!0`6dg%eI86VQ8GaT~g-M#+fh4n?>76lfG^NOS-H}iO0gV&inY$YTAlo zB?qgoE&Fg<=k*uyzl}Q!sG(3<$HeDTV|ofGiu`WZ+|4b_*tv{dS&67 z_$d?vK2CHb7WX-OxTaQu#Sqpi1$Uj>hFlHjH})_v8G+;zoAk}N@IW-*ezAbia;_qE z2w&ejF8;HjSx*nW)ax#&_?|ZT)a|U<(=Cp^H2gf@^DdQ=Pg(}4kqyGtw|ITIyu0*( zz%;c4uK3tAyzw}VgxdXOl2E}pWL4~=Fk{RFRiK*RIesWFzM!*_bc^#>T6eL?WT<6# z@e}uoa@rBGpL3p9TL&@F3zq^&Q8fFA_`ma))R8_iS3c3Gg6h{MRZ&9zL(jDjIVQd- z=*_%2FhDyVrn$Eu0@Hm*#|~iu*|UIutE3rTq)eD0h>(hK8&-c8CaDBQYwvn*Q@6Q# zK!9Jng8ksTn^&h@3#`HOYy0x^1_Di4cfP({^8dGU6AmBq+qw8Pu`ABS7S(eR@ctEU zVBKYjCqKWQqd&}Mbrc~QMW7)1W4M3h3iVMNOsw3u-tJhYuw}z}OnFN9UZ1`PbhiCG z>@8+ENps!QN?c8)yS-(($WnSdKvKmf@BQL&YdY~YpTI*D)mPC_JV1D~)XH|>x;hA* zt=B&z&}9Uk&~UR8Meqk(0G`MnIXxTdc+RwS$jV!yDl^4o-(I2CF;u2;S=+TpOiG#%J!UX*3%nV!z>ur(qS zST8X9$j{GjL7ngW@->zR#0U-21Nq*>3}W7gjc0NI#%sbd_C>InaZ#y<$X;!5pcyxx z?_HEt?OC`#HI=L$m8Le}!ycVs9mr|nTD3xEHS3di$M-9(0n}(dI@j6RIs7F_V|WdR zaA;xlhjm{1t&=GG(Cp7GW}SMq?=E-LuOGDZC?@^9M2_6fc|!@_8Q*341Yv%J=z*S8 zfw*p`S@}Fgz{F{)4!22ShaghtqvN4vHosXO;`6$rjARP)KUu{Lhh@I#DGR!$M@C+A zUCIa-SFo{3afA+;2I9|g?o-1mS`Dt<%SUpBdpWwOanHgVuEcL%>8D6IFXg^o=5%~O z(7#Y26JOAAko3d?K?h#nD+z0IEIe+=^3>rgM2a9Rxx+mvfK`W0f{1M$INGO2D?5Bs zgUDyaPiDBv;!f>^G|kB++ex;q_FwIPGJhGl5XjGRQ9*@FP%z|x62`}3gZeP$wSqnZ zLPDp2v+jhV{x-l+$*`PV=poyEXPJQ_XYS;K*jNbVK1PGIO_|yUL*{aGVgIqwL;<~A zp~bBnbM1$mNd;eKc=lwIH_?dj_HyoO`1E!$7gnyN9uF?)c?Mvf)=C%+w1*rFcq8fn z-YJk%91LYv=#S+|pK-b?ct@J{Z1~;FX~jv>blcXTw=XFJ=>(da*<~S0D|f4{vf+bh z^;3{_V6pZ6TagX$X?5FAVMjk5`RUKMKL$OcgezsAN}MtASNc3EGpHp}UWcabcapZxab zoPe!i)W_-(p>2oC`ue~?ZHJp{>tWmLgAcAC2X+_s0~HW?sLl?3teqc^Xh5PIB>Q+D zieBp!24mC^k*S7dfMe;{x=SO+XwL7Dg-GT>x*Z(>*2y5jZ^I0p_#f12=>&$1S@hHs z6QM1i6`7KYjotb+LM&Q7BE8I&W!^Uyleu)utWE%)`@k9EUas}?`c1vqU34J!i-Q{9 z*H!`FUv0lTDqk?DfAXLG^&sB%s<<2wI@8G))O$MxV$hCe}#!ata+xH>3Qg`lQ zj5O>r0#b(Lf!O;vWC>Qx*nSmzDH|S5TQszXZ(+b`w=hu}8o|)TA!aS{Vu*$is&4aB@O|q#{OZ zThn>`+1Xoia(!yVWXP!tspZtvE=t$d4wzU3PE1UMVXz1ahGEnZl41xTl5mIYxUa!k zj_F2zJB66wN5j#V!ec)mj6Is1k)Z&+SU0=z<&~6Zbt}9MyPg$AOB8P9zLn?1K0YB# zkks+<_op>7GV%!t>9WBM(LM9Qa^I#=fa;OR+l?=10TuzN>GbF$t6?#?E7+ID%_L=I zDXDjMMCHYa7o0oGBG{8?riwmv=|QY+P0d>>+N{r?KW}X5i0@vFDZZtkKzs3`_yS*_ zsT>3CKCRs60En&E#=^ip2JCPg%?_zq?pvoMY)K#G6C#%{et3{u=XHcRWbmQ80`?MB z3H8`JuX53%b0&_nsdr7wDDmE2h}in_;_D-9BV*&nDMv|J+1Afow#&f;!}qs?jhdJq z?Ewt9_bVLc7;(CLHIOYzP^SZNM!KjYgr3}TI}zK!H}CiWeRTW|+C zJ7?4(g5x>WcrZ)=2^jXa%biA`Sh|h(3o|&sQ~I%`<4lZea`D3SfhX?WI9l6%5sHeJ zZ$#I8-eAg`F25+>{!;qrrR%~({fggXiWjJ5Hc@U1=P^T0Hzw}qK^{2NPww;=PH?C$ zJ`G;vP$=3ys?TxMGTU=Ry}1YKl+M}fa|ADi`gDudi$>?P4?eAqJgpmdgH5nF@xpz z{xGoKfV#YC{*7P?} zYQZ=6DI&DE`3|tpJ$V$52?Qj`gFOJ=Q0u#9`(fiwHznJ8owO}(gKkcp&+UioAG(fp z?o<5;OWy}|R%b%|u~!aOx<)d1e~%YSu|2+gWUbbqqGZ1vEyQHiy6CGn@at1da^;;p zEbYB+0mOZUt;auZCbb9_+}vEWX!+Ita~xmq6zbBO8D*@AaY+H7ASK;m{Q=N$=A(q{9vW0V6iAJS^c+0> zRGKBFU0!Bp+TSgTqNS72vU_)8*s%KYO$T-Z)i7PBsQp3=LGTC=2#?#7dpe+@Lb8ez z(cUTo@f+t$sqUT~7}VRp0eIjg_R4(x%~YmwGGN};S3V-UWK!yhwc%0jsSr)~*8`=i zSQ`$_s~k}WOaOCEf2KZ*xg|_|jA}>W|B-sC=S#y?m>=k?wIZIVfgk4{y_lcq zBjPjJ#e1X(&_?DFXLRqYVgTy<_+@xbL2=aG&1KUw}(^aiQ@srs{kV z0O#coQOD3*;=pEUy;Avj?4XgUd0_ICIY$7wrDtv~ccqkMz zJZ%g`hyNlk_h1|VOYlcY3j^47(ED#>=s$art_-cr|E!H5bCq{UTe~}+WVTlHWLfs99TyJGemg(FPsQ-6{>!ikBa!Rx zOzGLa!BX}sIme@KKD}}16YY=lbiPOHGDt_ZIg=@$uWfV|WNN#taBoeePyc&f}fq&uDn&zDaW=UeIv~CM0J~3241S z`90owCFV4{wU}2eV+{XaD`H@#01zGY8y8L|gWZ&C9r6_6;l8^tH;DBc9~DKGEs>;w zw|^e7Xj{I>iwtEQS+%^voWZx*mCW-JdOvfonQ-a-rZY7E!jD5>2b_L1aH$>%2-z)g zB9wk#qi>|7)2u*L7KURx5_OSIhmA~LbtrTqIi8TJ>he?S6ifBb6Hcf{OaDl;2@nH@ zf#PycHG!%pcu$X^O{-L?((NMk0JA%dpZV>+pBKYr`O(l$yS+B1JUTJf7*EB)Buk0n zt@Q|%W8WvEfl}Phz%pIjN{;Ni9FAVj@{v0+rBK{;maxmpKcxrQ{Je5grC6*h`fbv0 zFXNx)rI&oC-Vv1+ttn_Tc;X^un8ln76B<&#jUdqJzW_V$gRP$AfQl--Y>|(6okx$p zNy4rB7O?q|{I)!=RW4I#tu8JF8nZEdE=67$^$zE`e!7oYGoXo`_hTGc z;aL`7CXudm%MP&$*B`|aAyiR%50gYMmX*%gz?-!Z>y%*6@iqlzmg!0E3+2uAu@ow#@5l6xE#~9F#UtFCEV++4%D>qvh}_aL_?@Vd_+{ zi&gNDjk}K^o;;VeC?`s*ow~%?-dlNmtYmR{xEV zg@myVw~Ysd^9}No%NB11MUq4LZyg^P%+$_V=N&Eztr+U7e0g=fpThF$bCgwS0biA# zh1%nm>eq!*s}qezJ^?;W78YlgLS9omtuyK^aGO;;t-<+?fY0+nOBh4<_hb5T44A{3z*a z_b##9?uLwZ;^Ek<7^H(Q%LXPHiPvLmCnr}d_zUF* z29mpOSN`Rh0MU5d1zNm$JxCw~OqY?NQF%TD@es-pIl!HjyG>zn?&%Q9Ruq+rArqQH zsj=Gd(NMp7OM#|U5`&aIh*{>Y+4SrDa^*M^V}JEU-9dkjETh0)K~tY6j$)rxe56Q0 zXDrA7XNpku6=>sUnWPAP!q7VH$R{s{V2HjwG}Z)M@Pc7+nF>qyF1t!sS34xjvo*zhWoa;|B?0>n6!u$^;fW7 z1wSM)_T=I-p+)nom(89r3o(@EcpO!eGuL^Yiil*GlVRXO$b#1T0%_)`N$i0$!JUVS zwrl+c)XrbPx+wnK$N$aQ_EDAMg>b{@kKbb7=f$*Uji%45Al4Ew$G3R8+ilxH71T2D#g!@>jE$w30R^?ukphYMnaLp`lE} zcO;x6F=k3RKkr@$CufePEv`l?U*DQ}B&9e{(fzmmN4-Sl$S8eBh&EbPawLLNuG_54 z*Q4l+E{cb7VeYAtUG$VfA0+p_j;Wx#iWmzP{{1_-q9POhSV$S5>4^6Eo>u28*>5iOt@7e@|x*V%vWx( zw4fZChH9)HTX#3fM@~5tE~H(@u%8@yV?8r;(_!Sp2TT)Mcbgd;vJZ{ho1T*$1q96_ zZrxQAcwT$805)dd-6-!UUg-R7?Cx+RHwu8?e;~>k@e`To3=Zrld~8JFlM87xKTQ9j z-|&i!-Br)yeNrSz>8O2OTx5$mUu03Bj7yWI4Y2)_o&%y7hIgaLn?(DBdN;(zf;%#M zHwU`s&(obFIron>fGq{_4-S9dG88@V!RPml$ASL)a6Aqd$ljf{l9Z8pjTF`LDc2?~uVOIKP-|0#z**B}cqA#}DJZsIKeCEoc#|$A&HZXDANXfAiGt+&U zy+S$_!swu8)MENIexJZWqY`3t^FwV$yl`u9?$K246KEAjiM8&f^ex}JI`hs{p{tJ+ znE-dx=WB=iuBmqoJ;d*mI=I+oU7yr`QE9PO9mWpQ`)^Dne7WQO=KFrX4Bq4}4pejD zYWge0Fh=pIlU)a_c3u1q76anq*?K0W>$Ru`@fqFt=6SsIu~a$!k(2kgCN-_|vc<>y zAn*LGIQq90y#tiCtAO((3K0kSz+q^2;B7)jwk`cjQ+j$?$2N^~>Zw?Nlpi6K zygTl}k*>cTmkLv)#G{FyR5$XJHS`2*qUdL;?U%(I^dGjgBYqw@@uYU*lK+6b0n%wN z131^YA%0#L=lj7NF)AKnjj=h7Svfw(pPlnxCl$MP%~_RT-CO&$y&x}HOJ0MZ(QING zJL{_oQ;`ChC7UOulGBsEHi6@rcc_Z=V-B%?vlHo8eEyfML9GM#mT`A_K6+q!0W7%; z54j_VOf4#ljF77OWp z{Y_UMn>6L|x&B~-Z{KKmSf<}D{Uf>)A>EpB&Hr-uc_7^wqeeo6blE*FYY<6lDXYt> z=o=;s-7@>|ikYlwex>l;lap#`I(NQ>Zf^jhXmS~+~)jPAN(HR+x zI;>-CevHY%^u!`0kD4-wDX&)!(p@LJi2Ia&rUMsuXl2!SG7&dG%GZQo{u;{T%ReMm zh$zG1(H{lJ0Ep)#$R8rGJxc5`(lX^2pa0X{X=Eg-+P7NrOZ+s~86wcVjF^wQ1;5}L zR)65C&(u(B8f5q2y5hp1Kf;ieJf+RAR8ZhYgus74jzqw?dPQ&bDiGMCkl)1-3H_O} zL`*$!8X5f1*wWKr5q+`pxpimZEKTob3~Ni*n6GwGi8f2;guEY5P~2Rfk5Lh2iP5~g zeAq*ro(^lVBjI_8wwAq-7un5k6hAC@fA4QG<8c=sRK4Uomk`Jfj5Jlsb0MfY<{@nV z=_cg6>ROvRSV}rwo37Y@_9XW?ms1~3ofi~G8Fb04TD(trjLJfm>kK`J{0eDXNgj2Q5P;A}f z@Jf`?+U};FP05`!nRCxB%}<7$GOMT^U48Lq zucgIs^rg_l{_WQR^^`Ud1n8p(c?jqar;m%}DYkN*u|Dk=%3^cjL}lXfsX8|7@~e1{ z=u;<4Pq!Ct``NV&sOjqWL>;3^F75w^|ICRYWY~FQw89jaJmaPs+QFkX^&o8aOm}T% z<8jLqOuYPrs4hU?ro1xsYS8V_dT~7JOR1%z;bHznOJPk%R5^8D)r7MXu>1pGB2Xa? z_g6B_#bDD%iE+{K993q^l?8pZqQ%sE_V%KgN{}e%%F~IIA{XF}v_(QV$tT;aRzghM zT&}H`AO0a){UGkc?SD+7nOLAAQC!*1Cm=HpDOgb>G6h1T49-sDU#`cnxIuIfuV0Ep zpA9=1X3?v&l=M1Ct*^pLLtutQpyMomC}Ac7R>OTNQ%wVO@c3)lCp3TzAl@glb*DS* z*|hVxMqobiRGNn2EVo1kZn-1gvu{1=1P=D1K?ZDYRbpzKgJh_`Nei1F)Xhkm#}D&w zfH@jpD=hRDgWv+79IgrbVw{BQMZ{AL!G;I5vP9=aX@-fNgsn@)MU%ss z-ymA)V0<$!+9{PAOY0=}y)~c2t(jDjOHR&jAb?O;O}_9uoQU4)eI($<@gb(+5^VVM zqd`vW38wGe-DV?mv4=6G`wj)4%6~E- zR>0YK$X)Q%x}r|0ay*N~#0S1&ICYh?6F#o}RJ z$8v0oab4JEzsHVCqjSI`(5*zaPNhXO+NU3 z0pTya7%vJ2`@Dg(s$yF^yBGB%zCQy_j*d;7zc+Zz z%CFSx%gBvL=se|q1Hm`$s;763J(CrC-Q;&-(yf!2m>5Z89Y20N^HSXuO;@|5ZRC`- zQuy-^xYe4ivUei>c`XYfVA_R^D(-=R`5~@$6w?H!N&9PjpR`Le7pK^Dmm)nwLrIi# zVb+-pUWC|%6>;(l@}r82wHi6t&$H27y>;u>c^)1$!v3bfP^z185p~+hfsl_#2=b&- zqh4kTAy*Q*@-GgR;f(t;8I;GrPrHu)`t^Eg$u95SsLv}3zLx7)nMe`Gec3*^kEz4$ z?t8(wxHxsZk5kVw)-^5Td*-SfSBDE!uH{;tn;R~^sZhuz%q#L2t)LJaqVZE>fDy2H zjC}f0tQNvp44I;NX#u-i-J2(=Na=8Ja9S*Cj-Y|UMjV@%=+}~c?c+*Ns$OLR$eRwFWcBk4v=0t3KazOc$gOi$;YHDge0Rb)Z^b!S-bxJI7*>J%A0Xh4-}>!{+M>Rk-)Q$i;;KTDqy7P0&jord-`a#WQ2(f`XXWZQh`o_k`GAoEihK3ff zE%EX3z3vl*Y(GPy`STXjjjkqNUz0lw#hj*mOU?YZz?cHUw;4f=R`CM`&NHduV@l#| z9LQ~HQ8qF)J@1~O7*d7^MJGr|hB$7dQkKRom-4W=D?~yRWv;6ul*}9=3>yv19Fv&R zB!6um18YxdP$Eub-*=<-AfSZ0kTXh%WA%n0m)Tu`64H2c6Yl^FsT)iV8!c*Y*sahd zG=D_)-&e*j>TUuJpX=>fw0(D(M^9+vRQXZb;LkZ+KpF+bebq-T6aW4NSeP4&#JtL9If zx4d}js7_Jr#|Z`&CFG&!zeN~vfK8B_I?8>_;}?jio2|j!h?p$E%jI!bC|{H|n+vya zjj|%Dk_n^>43t2HXfDJZ_)C-u>mYVf^5MODp1z~--=~LOAasN2i_=9}dNKLQ&nv6m zy;}JF))|dMal_HasbmQZ=c2z_|9!SNgu|@U-x2~3ptu#)tv>?6@Qp~Qz}JK?VX|Ud zRz*O3tbiEm2{f$PZw*(HMEkrwO7-d~DA+%chJSqpxyvFlV>%9X=G+ypUR*0;0WMx- zbl*BAT$+HTh2PiY9IWA@j;CU~>Vx9eyx<^ic1uHp?rb;P88=7A{1e(7>L+W$8Er;t zUa3)-qOIcJZ)ig@nC8UqDGLze-0W=A!%}q75t1l!=fWvGQA#0bEwweOy?xy^XKFc{ zd}+bRceq-6qcAad(?Fv|RQ|7H3vc%ZVn+Qv>nK5=WYRXdOrnif|B-L~j1vaom!)R{gOp1>)Dk>PXx zz2CS>HjCPHpUQnQoG#H&-t0BJ#{Ka6-`0gaVp^Mo-P1)9%BwMn&)jK|vKtEvp|cRY zJET5MF;DlcDed}0$_mU)!p!XKD*NrJ)2Dg$o+YAImEL{^ubS|HrvmC+-x7v-FI{-m zvxO5w@0|*qhqUHb2A4NlU9{ zXXc=C@bG|_f#{Lfk^3P6$xy6ZNL98UfbCJ9VrS034%?HdM8zBVflZ;^;Y@+~UU4Pn z8aGLK`)G!7GtuxswB%g(G(R(_COd|tk0(FE?J0&ezese(7G*=Y*$nEiEwc+VFEU7A znIGvBTg0DgWJ#B`P%UMYJxc!d1Om# zp_|feLwj!9_2^2nL4j=Iy`@7A<$r8pQ`e zS^n7y0qDShI={d?+Bo4zcq?n_zT8S-JaorqCo48K=xXx7cq=IVwLjsoI zCe8I?-P_s_Ypy^^`k!5LGh-w^Y8f|}r zrHpGyQ1*QKA>m251%SJ3i^aXTzd_hTsaKSZ%%McXt>VyvScS(m#_jK{syZ#b9gcX> zbrio`91cJgp|s1xZ^hF+KbGHeQ}=Q*U%~-o9LGXF=enS}bwr<3Xp|6(&2Ux9(n6A}w!qqt z?X=LbYL!&D*Ws3W!t`2O;{l0nz4NeA6=;USJHDHgh36L{>?pMJ$T3C zF1BUIIr`RV(nY~s;cyy<({nTFr=ei(l+CQ%fm{#Dj8j$T=r^a`#|a}+Qe3y6Cb&iv zrPLbPm#zwBXO!3%;p87+`Hu4*H{21=P#)!r?s~Zt1AEE zM&XDGBB2No_+TI#_IK1Yhm|nETz11T`wqkUF+qg{m5Hddak{HMSP`>(qyE)WSQfX zij(*HOsca+w&~h3^LVkzvXk&iqij^LD`eNEIxIe}`#Y_8MhC>k#%hmg=QkpUX$GK=Zn!U2m zYtyt~nZL2m4kg7TKJzMMsF#=lJBQk|t7U@If3Vn~ZmaP1YqFJ})g`YAX7Ux#1`(U% zGeQo=!W`>E!9~U=f3TMqlLxtw_kBBe?Ya;}01-+C%(;T&m}Kp>6sIYT{waGWcND*n zQ+L6P+vVksXv49snyrS}ZH||2 zo?id$3Xni;owd!Qfn$iWl-JSW=--^MsDic!SzN35tZU(M#or6_;)LEtHNIgtCTF8O zNBj;fP(6?@X~`lkkX7NhMYs#e3Zn4(69B1T?Vw-zuVbpQWDZ&|yWub1{v3W}U~(Rh z$4wz?$@zJxBljR6lFaoH~6MZ;_DSRYa*|D{n)Hp0f?uSA~e_ zKvBQ+nS|3@bK(83-n}~y<<24ZKa@O|cJAMDS}+m1-t2q3-*xDPNZYj6+FbDFM+UcM z-=w6Zi6wUag|(lNF0Ko~{ej>ju6+JL{c=@kU^L3NP0U;2v+{YL0^@I!Lzx#V6$xMbxJZGl4^vsKzPx+8z z0wuPlBD+4IyLYq$=!sxF%fk^hhi(b(XiQvHnmb|;tX?Wsqp3wyxtkF1YzkDGo;p=@ zXnroW|3_X7+c&uFfR-3WYL{QyQ^CMgLNl%kC2ceQlDBUC?EEtJyUN#PuJEmW=`0~X zdNbpi(jFo77cgwv353vC!z;qe=l}ZTL%osh#DgK2EPnmiW3Ei&cQrK7Xj$CKGnVUL zc9lMWZT$pHY4ZG21`g2VtX|`HyvAXC)ngcekjLBUs|GlLP)bZ9{@5lOohpGf7U~*d zxSej>*}fF$ii^hr;xw7SB(MI|6u5(!K|+9!z<^LA$4vFwi&8mF%4UkoxeVI)R?9}a zHh!aFSd;M30cUn9J8qox!&#$-6g^Y{b2Dd=l2k33&=91C|e=&3!W z@DL|1Io0Xqo}fYjk`Z&h+CpvuHk_)g+s3gA5Y;vye)$E_?ZNO?ExZA)i(HP~efvmm`_fP^60tERvt0vuZnr-k0ssVqVkVY+w5WeygkrSmP zmcP$fE{V*=nr;{xI9%Yplw`WaTlMv3&TX;49iZSJ@>NCFT*N8JuK{cB{2k*+1UK=} zuwy&4vy2C>>e^4fEoGODE)Ab3`^`6(SM(}xh%brG?xub>QGPh5!S_}^!Qe0#a+^8Y z?x+rU3`)enw$^qU_xNt;%FBP4HgffXD!nJcFS95t!XKP9cFou1weR;6C% z=-*1YypAdQ#Qu0=?{-7r*2=x2yw3pQZtT^S+X&haDs}!i&BU0*swg29cGnfY{s8ar zoG!<2Vo$$}P#3SMSWiexnrbnW?{zhl5lO*TySh^y(SH$M7j=rq8wm^*;S?Unj7yg+ zc4y5ErD_LEQO~5e2E7UwQH72;WGkEfE@BXIG*zN3-)ql)LX3!~m(Z6aVCNFe@04ZX zD-RvlxdD(tMfOV_E5SGaL;ejyYNmjnVO=3IB0@sa`2iVvONoxjJ|+ylfs_W?B+X$R zr}vy=+DB+qM_I?ETC zd~WT!P#`Nt*pS$%h^f;Ia0$77x6@SMWrdd>u0m`ODFW-9IKppNdlf0wYO&A`3WhW|;h>c9-X8-f%vzrppk*cskE6+M z?a_g5ZqPTwlI(N(M-z|&nip?TSQWUDVr!~wa2oxu?#S!H-*rbfop`s(OE|fG5bab7 zAr<`o`kxnNwch*bl(^D83Foy7=@E7jfEQ@jibWVXYy2&&v*hGnF-T>T-S5t6?$wIB5xZI{lp|E#zd z3K~KSPadbO$yJ6!&x(oT%)tu*bGD#Q-Cl?d%6p~G-TE3y3pHSa=KKoWYKT6_MF5$b zD&-K!pPQRmGI}aQA*706UN$`AukOBC(X&^9$Z)X*dKciFQm8oz^2IP-SScCCzL};v zOubXK@#$qyHP^MSCH7?ynnz0PFS;jEz!{|_0uM%&EJ$VT^_p(BPFz;<_nGJ}imyzdVj?|(HiB<^^o zd&(rRf(M@~(6d!^M*W%pNTYw|U@NyqG;MRDdRm%kn0>VlG^*Xws2zs$bTwT&w^18p;AG zb#yzEF28I_BRh;N9I5G!c=%NFqfrZ$cqd?!VxEsyJA208l)v}rV)$F*J!J5P8WB+V z{|oB6TS7ElsKH~Vh4NXx*Z)POzJUF&V3Y8XxTQtF-YMK5tnynkk2nt?!Fn@~>OG2K zM;Jn3$suCPr=rlH5@Y~(iW)7H0De9De_gz9vnY03t(}!)%Ox5BcY4bMrYp7H3UoZ7 z#PyvDagMw9CkMo>c^K5L6~WnoBT#eA-`|gh}=u$t_h<6FE7#N8x-fN(M62bEl z(6_;!b|617&Xq%gCYZ7>{J{45SCIhgX3%Y=e%92F{T$M4Q}Q9vaZfGB6D8^`ya;#8 zT}(54Fp5f~j*@ubSm2>o{5aTxxKKL%bZ%LqRToN7>E7OvNwo{-bG%FyFFtXOqZ(oWpw!5-*u z6cUr!jd^odJp!NPv2eJ4$%N<>yWm8h&@&%1k#!Oy!TD%xUuh5;jJ%iZ%B#G^ktiKOc7O|P`)pDOg@*p@45icQ(4t3yvbq$aUWeV6- z^k;D4{PF3=v`aJD3(w$>XuE@2z6ZA704mRp06?QvkiUIZlO^pR97IpV8cLrB4X(5c z2!D|8(%%W76$P9hwOAnOtJczwz5w@wAQv=#fSR~?eItobAuS-*6Z6x2DE@$F^;~c; zZXV#?335EHcy0G^>hS>tl4s4OkVR}RryM32z76BrafgU4+G(pwZ41%u5&O8V7zU3+HtLb5vl zXMJ|@%u^Hf98J)_1j)g#1SOh+3-xv+*Gc56dR4@cGM0|{#E1e-20(kO!uL6UHzt`Qi(GoBZHj@TV!O2o{hx>4^6-`$xoUe_R6GWNE53&*W*LpIVO0eW~b_$Q+9;m%OPq4RjkL3rhg>@3dLzA(6ca?p(u+MQ^rr+efvS4aZ*t zpXZ(?METcBZ9clF=Olx~0FXplkl_9BEU4qDV|zZLDCQkY%U}%2!7FNasvG7`zKoKVhl`HT{9Ud_}@`51VxT`Qq= zj5>Ygu;tGsr3*{Ht`SLCTc;PUd=KxMweNS%nJwl=l1Cm0?;QQ6o2ic$Px#me1w6qj zlAsMPXPV}p_)bzsPhrOuu$gkN?-anfT|*YCXfi1Lj7!+ykshnFShG>z`oZy! zJw~e4)s?c!ii%$wTox}H8JkZlHNbFNM@V{nD_XB+=}Lvj;%|{F$r(n?^m$8t=qynm z#Mr%~0&=84rXno=(xrltWH`Hy6=sQ>9>LFF%LETT&PeX`QrdfZxUi)2m|?{oc`$wm z(Nrm`x=opz?yvCXmr9;GEromNv7(iRGAf@ICNz>LI>d`W>b{dV_stuXZ}(~46vniQ zAG{D8@Oozh-4V*9fG_UPb9U!uNItcE9yh5OS5{tL^`$1h2CAR_eSgsNcp#U3_n|<~ z1oTeN1lte)w>=Y%kYRXuc_Gx{tgOtcBRp`%da$Kj01+mnKq1QSyIkv_mTk%^P`qB* zxExYAJ``alTcwHH-DP&9$&RaS7y`e!TWUptY9#Z39cJt~zWfezip7MixmZ{vVP-BzPQMHK8wc7K{J$4!r5w__n zd(YPechE>?AOcqJ1sXR6jU>TAFwxKavI>O8F7Jv#v_4i&q7n?fG#2{4XC?V@Ca^_#{?baah@Mj>*F8=<(Wu02>Sh4A^)3Rx>cL8&=`*YIRWdf(c(3$&`BZXw^Mdw zPY9$Vk;qJY{qqjRqkTY7-68gUJmkpu+kuUMdahD!7I<4bm@1BCQd z`r7mFeZC%g`M$^7-~4-#p8toS3b=M5)d7b$UB);&o#){cD%bJ2Y$xSpFMZ?Qy`1aN zmyCV&`{a+E@-897TpJv027HwR;_WpL^R=w675LQD(~M>5S`^q7N^wx#|8e<`@9}q# z=RDv*Jg@uO6afW|J!NW+VSz){m(RYz;hh#>g36zyyFHifBWjtMP8X9p~$oJeW}FsRRlkr|XQid3yR?@7*#$h~Q`|d{2hWmL})>7I1TkeTNf@ zTePg0Lz=JU8y=+e!T~Irwv&A-pe0L%gkpa;{b^S5>;d6n8e*3JZdQRq(qT8?W!mR@ zOVAXlXmYK7e<$IW^Uf)3>rc!pIEr)hgmX|B8u9$O>_q*EZwGj7bHbsG(ttG4==_Xe zhTw-qf6N5+>A;sCp1sf142h;&>gA_nMt{OX-N*d_-6gtOf~m?9qbGc$Xx%Pe>!LI< z6>(7Jof1ssL4TR&Ouxf?E`pC39TVr#9-P_;PvxCm%^BEh>2 z_~~ym9Qn%+ENQWKm3i9Wr2Q@p9B&LlIbyzVeU-S%r{dFs+W~+ z5Y>2AYnwiD3x$RhG4n*)e-r3T8++3B3#x0Yu5Nz8nK>FQv&$$;6NPP{ z6kk6Gf>TVYkhrLQ;uldbC>@7``~_o3Vad%WYRZuC}W#iv3=ta-#k?;NZjWV;+P94Qbs7rp(T{teB{Ify${DCEjuTLMK2 zece{IP5u^9f-=y1K`sBVC(WH~th?cz?>>%kq(S+CTFC^2Hvd4dS^uHI{;64z66;C& zUqfj0==!LmWHp5_zXny&!+1KA45UxYfS$XMcnuWms%#$cXnH}TH*R{BpP?b3Yu9mj z0RBdkwWYIJ0yLaV7}++`nf*krTrVSn1+6W%QRuxg-;tc5*YQS*{6iyB5l5Vd`3rrX z{Vf9Ti+*Rs&{uMp*!Z{i3sTezPS@aubj%;Sq|#`cpuXds7Is$aTmALwA^uBfSt9EX zklpZndQXJi%t<=zKVEHfc7m`aPw`E2_A_JIWaE44WLXge0q$#kEhJ+TcDo5Fjvg?@ zCM`|wbL1Zq9E3ofJ$uN_0y!$^H%O`$*IbiMK};yyc| z2m&oZ#wS094x(3VMvL3oFI?s~RN{Fq?Vr;6@e=x0vQ6vxsRU0ch9T~`dmjprV}Ut2 z)Qv7Sj~bK6z;B+_+TbymtPwyN1Ji$<t@YYE-i5udJpeYIl@(~hN}g@T8Iaqj8%N~7yK!6-j5S5njW+7J zj8+rX;g7-!DW{lgQfZ!Kv_E;jTY;?s3w9ciDc+OCo_5O^(|msfA#8}YZI*-K3V)|* zixvg^P9`EUqLik(cwLz_#Bd{iat|B(kPOTio#x{@;*$=f75KRmX$2#C)(PIh?j%@` z1YEBk7E|G0oz3TjtNuJ zA*K*s1lyTF=|fV&yAH(3EDin$lq*R%IYqRq?d=<}DehL1Fev{wj2O-u+LJAl3nI8n zfLqd`5J0{KpDVLgZ?8NOyoI^uX9M9PtIwPrE4&z&5V3y1R3n$lbJ});%MW zDkW`zR&?D-MqB6Fo2JP{7iM-E zipIt|8gKI>OeN$_UA+3%ZV4v)sh(w$SdU9xO2Go?xw|TUM6q1bQ%g28;Zs7~D$|8` z{bLho%kxO1DY6j>wgI-& zSJ<52W#@{FQq90ua~T3{tMhnrd+7moUAMHIkwftkv&r zL<&|1q}-w49stSB-_Ad_xtJ+9IA_xo*?DvuWWGb)Zs&jyuSuOAxeNa$B8qN92$JE* z>C3ht)`VD*fWASnjQu_Q?H+Ks@&oeH0c5305J|lvlaDk4xj|58tDnmK6p@%aGUYsk z!Vm5#xeF8(HweC*W0%mvlU@DpRQuO;CYm!!BIU@w&B@+>H1luOAo6t7OLLU^mEKw2 zg%(`-`)$bn*5ELE_!KU2semP*DXYAVvG90=Db^)TpC0BiOXyBH!_n;d@Pz(}j!s1A zU7-C2?GBJ;7P7KhO+Flv{F<-p*?AwZ|A|EZ^>Q~GcyGi-7G`hg38HD*(@Bbu#M!Gz z_4rpPXUSA5c4)s`RVC$ZDJHYcEEg2+tbNW%H|m!#s~UQDB^@m95&gK(yn}n{bVQGW zHo51~(B=bnkxf|$<2JDRjfi`@F#p-g1{IV3)qsNU671(rlOyF?cUatY$C9pZ946r* zVDpa(qa_h1c#TxXczhPf{t$3)hnuz+2L&;?-|G0kXaKGDh4J+wN0@Tl(0rjPmCxyX zurWnev3aP<`HPjaDd$uOLhl26%%XlqM*j2*6mL*ooac(akjmf%h4Ge7zT7)EhMX}u zthtci){zjpk+Yv*^V#O(v`A6NwPc^+XQQUhpX09vsjUYkf%1y4%nH<*5I^)+Iz|+8 zqh<#S5En+zB&d?;oEV)XYj@+rQOZCjwQ(l@$f$QhGW-lQN^6`v0*y7AyNkcvrr^t_ zBIl2I?P*E<9Tz%BG(O6OV(qMhhxHR`-oF*#$~JuEMHyvLPycZn&;d1P(7c1qL(nn% z7PO>^|5$bYe`E;!uX&c~oOYAE|9bIpw2Sb=+E=gox}_jR7EV)$pc$rCnuQQfVRoOM zHV3E1D=;$Y=R?*w;|rYUv?0ON+IK8r`olMu5kh>Gx+vr*Ls4fUwdA$>&+`z}$@hLc z&$Ga$;$mueF2v^h&F!4uAN_+FME!KGg92*9tt&QA%Z)LIe6+A>b&e*`uk}6N?Wa7R zA~Mu^#5682GC8o~^`dGZCTjQc|J)7;9B?sdIfb=BSkRplmKhovqLsORDL+3hFKekk zI?(HD@I<^%8x>`L|8uN*<(RmWlwfsqS~3Q17oOfpaXT^$-C|;k^Q0-lQr6#Z71p)i zoxcBZmtxxCUVhcHLUa;cf|taEKAmUcyh0{*hOS+P>YC1r?7|^>u7c94m4 z9e38T`;GAbu8R%avyF);Qe*&!CAh1i?`{ttwOWh90RYWZe5NOapn}b>UyR!wG*Aok|nhbu@i!KF+2nG49N zY7j*fLY}9yXwbXHFR& z(h+I^XqS7|@te$pn{(kDv0wOjxvv|!Xk+ClcU1JAfPnzgpS-AGMLUBU_WbcN856)k zSk^DRQLV&x8#^ca`weJFf~~oc5*hlxVH1A_Nc=Ug!rhj1IWkrFSj=!U{?Z9dGD}H# zs~^l=@FA;Fgt-HvZvXxi=EjlBo28VqOAW>JZrxwSENAjz^l583*Y*e(7+~UDR<4;CxGB)xRCu9(Xi{_idGwlJSVW1$F;xo~ z)!^t^09o?C4q@*f?`hl{T&6-#QWR^pdZ7!l%Q-eXB9$U1Xi?#6qF6bhD(xA6&yw4_ zS$8GkW$y;+WaATTOiA~wo5BZZA@mx%$Hg>x{h#MhQf za{uj~O&dhDZ$CUJsf*%)xgJTM4st>-oqcacE(z8C0p6^fl%%gs34>0$Z#pm0|HqPT z>CTY9u^Qs`U$5vL7TiK%?&GNhK4k;tpH7|%e_3^v(|OW~mn8B`-jD9iV~5u+ z4U1ZgDG&Ve!ZBwAJoq_3l6|)>>V|1M;qZO*v%}B0&nKzEKOT9LL_=*~lEpE7xksgS zMdo~(8cdf7x78Oy=C|zk4%K+fw_grU!-*uEmM*4hH1qcMWrt^kPZViQ)#Uey;rxW@ z8!9s_+oL%D%|<{lqzAPxKNQ~l`H5WD#l=M|hL@YWtg;_%(vx3;78}kD5fy?7DL<`R zYeWCzm_NG1G-c-nYM<1fUqxn%X|Cofk@Bbt!PJ$XcY|vE{_9ttM4Rm9e5qaTmj_vR zCWI=MZj>IdHx|#Um@ruGLdMOtIffAY$EG`o-5Z4FCexRk3L2jT2o1VyZVH+|2yuP)tKZkk< znc;MLpW6J zTC9B`M_C4yo3(pv-tKGoK+Jg9XcWV?5{6?Q5D;*i@dTOA2s&tt_8R`+2Q0g4f`gmC z-X^q7Y2CW|%5}}Jz=EHFf%v^Ltg)@B>3DK-vR~bOn&<`&oCiTyG)H+_`wSAt@CIHp ze|Oq*SuM8CKxr6()Te8cQ*K>+IMy z(67miubvpz)p`4wRb3a?FnN$Yc5kfS>{CJk4dG;G)FDd*uLEJywUKAFHL;4?u^f4F z?4DZ(wV+ArZi@ONOx-DQ1Ha_N{$#`J^B*3H`{c0vW7c7_Oq6ztPD4GtG0^BPK!34O zCTB0GM7#(Mz1kH&_w{pM?u^j$cP3~wMJXMr)o6BL5V|Z`j{=n&^dk?Tu=`My(lZMQ zjZA!U_Oj(=hs(2(?L%*4`n~UcIuUAWqQ|A?gPcYhA*%e|xtCAJzv@v8i}yQA_SouK zC>m>bsdp2sS%gfHa_GiKil4dJF0x>fjU7>iG_jF++zz* zpuEiE?48spJ^ty196j<0Ol}$K*>Qg}y&EjNdfO2UvEr8itOMiwP_{W;J4TTh~{<`y+phuxQ`e5R+TJF-mLuj00MbTGPg z{}8iw-G>%&vR{klEsV6ZC_;%dJ(cTp>vA<;l($qi4_9bg^3y>hxE;9!7=c zmk;+*Srp{)5uWBJ&eNQ;5mHcMxdk=7(9n6Gqh=vyR4LKQf54RNvR1_5%+hzV@I+p= z8OzDmZQC-f5v4#99FtSP=JI{ByO}u`E-;f+-^RwK>)Bl0;v-NI^FQ;THsIf@wq=n^ zagkhf5p-UCa2dU>=d_th_>YHHsMgNBN&m1>cS7wrw=DapE_H2IKb0E3SR`)9NaqJZ|r^ zXz){OB#>H;@&?w`)wP>lOGMS10JP@c?{wG44LpzwDj^oTCv{`7Ju_PK zS&SsY9}_6}b@b+lR%3fRIeKyOg(iD&_FGd^Q!g;_s2y;yHIq|6tnBA7$_1cCH~J49 zK0G`=rsLfpvV2|7W~#BJMKjL~Fn@b`Oi#pD4Aabr9M7Si_S{%o5*LovF}wzn zIVve>U$Ji)1QtG>c=}d%RRF`VU!}H333@&5YmSAl2ldA%7(iKJqZU{%PzMah%wEgs zKe1G-tCLTpiAJOKGCChn=hC`qoQB~>Nn;DV_WKbW@AWsQF<>E;!!++ z;1fzNYQAln$RZ61%RSAvG~+?NHu%MA0OQ{ANmm@2N8Cs!ioh~AoATbigny6)hU^&Q z%oeY(Fx9nd*JevfEV=8oPx_jsm`NWLUKzA67oRSm2@9u4&2M<{_GI+NT+Yy^1Rd?> zHOdIskA~8l3p~fPx;2IqL>|yCPIZ$P*iETJ31${i#F5YNkFLIfqnhP7o6%V%U zu^!boav@%(HrLjN#4UV_&`T8nNNdJo52$*AHC^FSzn>51h9NjujotI>mn9+m-=k^U1k$p z_~YXZhU`n04Nr@3=Kgx`siC5sq_4lS$`FO7WA~QUZvAQfYx3rLLjP(8^&5@L(_ep- z5%r*X3cbN`a`z^?iOTH^y}Diyy*h@)9$XVgidfF$!j?hQY>a%4Q0!Nv)NfDsWeHI^&UY?*mOSLL-58ZE66xEzmZRMoHK#rn1O*JH z^vsVlCzRTPDw99vN>)sDHJXd$=c8k!L$KT_@nCY|rweBgMl@Q`u&}Tg`TY>P$9rHM z8jS99G9O6ax5D)H8gqeMgL7^y&yBwXSEPQpBWV4eLwF-&Db80T<#j<{Ui+%c3Ocpe zYWjoFSjy6du~sCokGnc4<6%ormH~gVK;{8s+t%9ujnw_$hTZdzzaPa)v8K*7QA!MY zt8%=JZn$`9S|jB{rep=%VYCEgtx49$k4a*@YOp{>aKH-*_gN@N0bO@>!U1NM0kY?& zL9Cu%^5PV0g1Y6keODaO70I*dC!vic$^^nT8W+_M?B}3}4!jgiK4j^+bSH`44Lw*U z+I7PkhS}?X8w1>!8|FStsWn?9U3A*->!!JwA*|_=_0;F@^5`f-r6$7arvj*5RGdbN z1&7e7k$J{5StIeISZqdHs(tNKH`o|ix|P`J+|U_T?I$n;@XC&}2n9wmm8EWuocUzX z5HdKTQiSs%=nk0z{yt*jc=R?_>9ef?bDveoRbwMny$^9s3Oy%DcowCJG9Qly}A+_1eOYO&^=RAR!}2D_QlI}{AjE5>3P{a z&JosF?L93HtNU>LA(gle^XT*b0F4KfsebkQ*QU_J zy%sZ`;TFXLmo8mu!b-`@Q^U%!!XK{RmvZTW?j(IWJ3ILitLt~^#BBNVC@<3#p|G$p zzUCN5GGIH?hwgcKos3f6l?P^oPK)<71t?>(va;B4EC~n*)aA@qa&Z1dpa{vbkbwk1 zOry>96@HuVQtRy^%Qy7WB?QykNPR7!p%hrQXWZ{uT>=MjnUA`F%@K``*}nGlPE&3k zp145`Yeg4|?*Uu#%X>q}JM4h*$MM%mrpN99>zM+xF&MnXDHC0AI!|-WzrqS&hA;_V)TUjK##o0ccob9S4=$rLB+wqnH1+g*P`2R;A=1={eB!)pABxboM#$M=ZsEk! zSKQOF5WoB@>hXA=g=e=cuXe(a+QFV%En1LH`PU0EugMr^4ydq_4SVzTd5mdaCUsrR zN}vg^6IY1Wm+W?MKu)&+qiIEdi2 zg|2tb3w8S{Isy{LoVO96dj|&xGf77cN*q}a)%%F0m~}s^tMNv>>N}&`E``NVxMWqF$W%=~#ImCSK-{=!{8Xruc38)jJ51@nY zp4cc`Mmbipcd8*T*JgxHJYTY9Q!E*^&NDPJQp4@Xv9!(2jR!35zfMMU3Xz4tGbc}- zl1LgTUjJ%8v}|HP6Wvc{6}jPVyj4{TFiVt%;v2=6RaG@sHm)i?_6^0Et7c2n2<^cc z-mtOx9j;tLXAJDqXkV$jA9bW%LX9%##uDhKllNdSq7lM2>@HgkC1>K~b@gn_l5A*V zwl6jx_e4DXySI1Qg%{q^G-lX{gTR^zLzif!B8S6XGeZAwN&%j>gG55^?Ck6|->=9f z3=LYG`O9yqlNne+D3A%~W%)QGS^Tj0^d({o!Q6`o`v}@i-c0KEZwqKuEWsP#El(Oa z_b)<382g|*1W~K}6hCVfI&dO}4AB`Os)nKmm(r7042{hbpBnuMYiNq!F}I^X(i~tl z@ws=l*nU!?TV@ft->6zWE~AO6k=#ac{Ax0vS5FiO=*Lum} zGL^?K;J|4n*4Yx6c#rnWGSM&=))5(r>sJ&Lwhzn^AL2wbpsz~MXs6{~J~0CW1912f z1~s59r20l%OUns~?kYYLA+@L+Eb}6jZyWnGil~C9D<5F%V4+O1N-c9-+r`0mo*oBwXH3ixLB#%5xn!XAyb#--T7b+zkji# z*cnYxJonMv+cDcxErq9MvX$x~0q1P_N- z%2X`LM0!4Z7H?=&bps@&$<>F(u(OY!5J`Fe{t-?Q5pwYQywK(|-cx4DjjgSu;Dy~v z>Z=~qI9`}c>qLS{p1ntbn5+NhThFB@lIrr>#ZCeQgZ`-ueJ6bwbR1})Q73$`!qD94 zg_MG4Tc9?Qmi&lFpP?S9+WOkEbtfi>E_!woEtPFXEgG7bNIuSq9o0Kt7_@}en2v&6 z)d!S$oadP1KA*(F?Gb&$^+b|+5Tb~xtnpKf&!0cnb#%NW6G7!OrbG3z{qVEqMvAbo zW->!>ZF*N}4MHnTb*^oTt4BREk#-G7$~D73b09w8~?|p|(leYQBcHEBowx<`Y}H|1+~H zZHspNK4uM>6mBQU?|>V(KE9tvdM6Uc{}#TH>kI!_*w>Rt<`XGGz46G^Gr4|(&K;aimS* z&57=luAaEGZ`F?H)7@2nNS(uiHqc(t9=*M(JxXN}gxzNxkm#mic6)d~gJ1Lx9;*Gw zP&FHKjZRIFg~}qo{6;p8c7pP`UvVX9;d;$N&GJwd5&edGv)M$V_ih?_vB#>BOuXdP z?77>7iadCVyO8OHs1498gXO?r@?zGtvCNTMajn7t+c7PB8E%0;7s zK5IA&yQ{V5|DC-Z=PtN3H=9I_ZV&7GGJsQ!GU?P#r_jgN>D{lyywIP)3!YqA{9Hg} zB&bG`WOSSoKqK9_woA18F$ZE_p8Zu@^LVyJ@-gRSUbR+JxFZ;C0gl2KXQjv)fXXNV zR7Opu&1PR}2O+9-+`-w9R-5wli_f0AoLs!53KuiRzvjLE{$uj1Sbx0_e@FYN!;XR~ z<37*M$@K&9X;oV!1BsOHOW9zNa01ZDo6TcwhqlmBrE$h(cD;F@*u z?_K(jYewF*zy?G#vv3i;pV0bq*6tJ}fKTXn6taKbcKabwXMnl)hNp=UnSJ_M`W;BD6GAE>K;iI(6#Qg@+IBJwA1ciucqh zO1txC!T%_B`){2(#c}H4y*s+zW@}Sk-f1>Iihqp#3=rj3KJ7iz7sp<_ZlZfO`myWr z_&1u4wT!O*TU0_HyUJDGUcUU}`a9^4>4~xL6JpE*y<0X_MF>2AnnGUT;EaR|w;aJ;5G&+AJ| z+V2zB5OR%?R*S{;@#)K?tmr>~Lmr7BeL>JCKPb*X!cqr=N!&H~MsRSJ&B@~7fIhi* zetUN}Hr&JL23Qc4az;+h(?nrqC_Hg9C6xp@KXD+(pN=@ak08E&zXD3QiGnuwhQ$Y4 zD!lK$L&6Gfa)flh2w$G5!}X7BY;3Fz4Gq!D%gc}H$J3v?x5`a^CQ>(}u~F`kswyY0 zs;EftF;o=yXkz*ZyznaJ9u!_18ly?VXFi*T9A9fS;S~*Va&d`ENJv<7@csDQvi`Aj z8NsGnHiQ}ITdS44E;3@-fl5G6Pw&3Ey87;;nLJ#7VUQO1n^#fy!N;D)sFLeqa_c0LlZ~^Rvc>9Ue6wnDyc)J@Lx8N2yjuOn zm*?X@YQqdKq1$xZU)ColnJ7v=lT-^I(`mP!ZQU*?F77tt`<%ot=**_4CW)W8OA{X- zjM92|HH;KxX_4avxN5q@!{Ji=;t`(aso7a#ohw2l>OR8-s4loj0` z7gt|jFZij}M|LUmA|DlRY+G1Ag7RcbZP3aH8fqOZxD9)x_O*4}<7-7H8lhqq&XaD8 zDE@pSl(w@YyRq?lM@Q#?Y{T>UTyALamj|>en^_4S_&O(Po(NQ-k_ z5k6wv&xRm8YDupt=sP<*rR>O>ur8QiN5%A7ER?-b5+qn^4{CUu)xscb03T zWrkX!6bx>6klRwyxbeQ*Zs~MdlZJQFc}VeIuc5-JNd?>`<}C_WnVGGIl0D$--PEWz zd5KT0bai1W%F6MNB2HiSpaaHtmh%^LTH1Qw*mOdGEy3pk9Hs5omV@;W_1T;wszd^r zR-D6|A)T}Z7a_s-e7Q)uO#}9AS&-^IqST8Vl2T+zOPkWx)24^P_>v6jmC%Q@#NYWx zH-l$-u_e-^3LC7B1~d z9(#jVG_#a&u0~oiMO$Y_NBKxkr5}S9OLE06DpGdMaK?4^uhvs*J=e$gkT6`E7`1tH z`DVwbf|B|B#E$~7HWhQ#H^^AxuDnAJ@n90Gd=a;-A4Ojg<1Wmp6}zTPhBWp5Oa$pk zHVFX^vm-)4uPB_paHOp_$jwI3u#brzHl(esZQ3nkCnlqWJ@Z(g!p*nlD8;m0x$+zF5Jo931IvI$H;hHRh2}7kTHXo!k**NLfg6W zgr0ogtSI6-smwX5d^Lt3nu@+NNiBr!BvGsT0EQ(ZIZ6Dy7jq)Bf-Ps$tLRBlQZ%$6 zHOY(!31p{U>qwBV&i3~EdocB>@Ua(vwG6%I;NbQ?@qXj_k&@MLWxi;@!S<(uf=KYM zDALl`33FL%67f2nj)Y|7KijISyG_k&<~~1#{V|}LRqyHeJ|W?P?LShNz%M{8&TntK zs~C44jN0@#!*?kUTf07pS$%s+X-JRU+}tFq@@3ExjIOAp0{A&Wl3&6ZepGpC4AJR0 zEFQ822nPo4v;N1ONO1bPFn}l?(#QX6div^A+B*E0?;P@upGKTv#WQ6O4-baNYV?qr zkrhKIyi(!zuKLL!1eu@7PV3I}TjZ-0} z*MKK~M*(3JF=J_Iz?aqTCa7fB=L$dS?C?Umc0D9&K}qn})D-=CaX0)Z(+$0(w9q

a26M=hz((b>5mNdCJI5-FzmfvV5!ozksS+UBCP5tuj zBLGAc!viM-^U5m9BafBVZJ}$~VavqKta(ThctIpyZIqP+5gJgqk|EpL+6<~44gHTN zM(!Eea+Q^olm-U}pE@B_RaI+77Yw1I zEjCXjPX-56n-XZt9+Ubl0w;H*X5u|>stuFp?&uJRv`?2*A{v(Puc@Ic>rTw5)OQ!d zU+g9^RM_-R=XAS0eE3r}{0v0pP{)cuf|^(%4`y3Upx97Gv+z~t0P(<}MLKO`DTV81 zS9Qm}+P#{$YUoX6nVOO>vo%D2jy5;byXt1M&JeSjY_*fTVDZ7q@5OGhg_B#6S%bsy z=Ozh;@4dLBCgaL#ueN@Ahe!+AUFZ{L@}|E2M&VdFTTd3LAdRjRDUr75D|9dzOj}Pc z0j4!62hy0O5E3ktcJx|^3A8LboAWUgn=I64(|^*v-Rd;L@5c0AT5pROThKE* z|Mjqu=+=2-v5-5ImCgo?em%)7Hf%LEAVZP$bkxbeT(Kty_|0y`0sOZf1&PfE1zNUsQ<##})~3CsLV%QOnWUIo7%} z0h!nwWLjD6p$tz|{dG0ZwDdYh!lx+$&Yf|HET4Ydm zU4gJ(n4MQ6SWrNiw7+eBAE+9sKXs)A|NTXZn%`GLmA2bF-EqA~IO_niEPo0}Y2$K8 z?bDZ4-qS~2%>)c4HjLdILfFrC*z!o_v`4rEZLnfnD>^H^*-$!u>mO8F2Skd(&oK(J zpx&6vOisHoXI19hU<>jbyV$*x>lPPlZtAD$?(TfGElt$JGBp5o&G5&qP$3;HZ1rJ! z2#g{FX!}2E7&&7oH0*TdgM<1M~YAgJlTpS|$-y*z61Qy$g;lJZOpCPoYy!UUdz0BMN1B>r+lVP zH^Aewe!-w`hv=bAuL+^Bp#1u@&sR$LYLjN0Qk+OfV5Kp>)_Wa%TtZ6mJ&cR>$Iil5 z>`w$zx%28d*F#Ut*oUUvud)-y*@X>a$16i&ZN$_eGxHkAjLNAZt*xz%VW#3Or(A@R#5AG$w->V(^S9yqrFi^k&b^I>l{|*uvlbV)3w0e zRb%w43AS}=Uda-tScq=@YNm~4fSYknRSt(G;q%k0Xy7;72!4mlW!3py)DK~L?~&Lr z%)1MO(wQT5fVvWwk}Zwf;?%c47TD7$G~eu>Y-g|bl52Tt?LTX*zfG}K4bhVGPB+A6 zdLcegtR93h)Oau$Q}Zsg5xOtnkooOww7r7)0W#tTX0$@){<(4$RF`WreE zOF`ZN`@PMQtzN_)wd6EopGZ))HA}~zILfW9i8QV12eIZId$08JoPIrox91yBV%I>rmX8& zL?9V*eB20Rn}Np{R89`mOgrS9*D{g{uIH{qh+XAwQ#oG$)@=XMn2NUtVa6_?SKLYd zux>S-up2+t(sI;PSYGouYFH%TNFBZ(gF{;53ohp}^z(`DeeER(rf@P&tH$p%AEOw>nO%KnA2|2=f@J{P#&I4M2;boP=Xj8|x6{c3}NuTYTu#D$%kFhBQZqJm~>79j>|i*I_wD1_WbjC&L%sUz`t z#y~cqVphY?q7(+~e{-yJBTp9-N`BI{x3vVVUBE8Ai=u$k9NxIF@#>fiDOv@4!~Z__ z)Up#!o_>dJ1vUAOCdLJS)FxP4gK4ybk7LiZv10JCQm}X6M^~aRc956yZIAYkv*oYYQ?=yUf102FsI6$>C}>pe8^!!! zc6jx8@40wQrPJnCg&F+0xQlJjL$01}+0=sY`;6 zy}AcOS7zL&MGfaitVK$?kE_?jYAh1hC5lBDwfu2~3pVtS0Rfnnnh*k}#WE?j;e2w9 za4N*iZ%;v4z*-dJZs?K1PKdtE*IW~CXH~MM$-PpU_0JDVHG}Z|MG}9G@Xy-M z&A^`>?e#0Rse3sV{Yhw;KIpKj82--JRa*`ZXv9utqr2!X#%lWS6UzDH@TI*0OCE-! zE8orcly^M|!6+A(KwgD?uhPia*pj_(HNu#QPAJn^MyWyFmv)MJc_C zlE?dniLI#lAZPu<(6~kghn>`KmdlUsl!G6w3K-&bvua)+YHxoN))m!qxUC7S%A=E} z3Ej0<<6?eEQ?8-NMS$=3o?`lOr{JF?>YR^T8kitdC!lD&eVz4?tOPS`)wIPM&-z+<=@M! z5lPq|+vyvtEAzlLm=hvvkB3z%wjPinm1sug9VXHm%-q^$4UOjp+x(2lknTY;6NCKn zBdFUj6E&EuNDKD(0ZgmL^J9w;5b>Ydy#n>Z8@Y!%&*8KEFvDM;2{6Sn;lqZ_m~<0% z)2XS6e|U3yKk6+LGsyrUgx8Rnn;#fT{XV@$Liux~f|j^+%T=kG~x!h}ZWzkz(T z9}4R5?TXE}k8y-!6XoY%TZ0VJp|OuSL_!mLZo>nI7k0$VTLh`~cUxj*9WmZONYR9& zzAEe&E0NZ)84tZRc`u_zTzb%-x8MCnC`x}695-Ri1Bn$&&_z%gn0F!c*tc-$?_dFI z=6ugNG{5YUN8$@_EVNDZAL9@cw1mCpt%?pfpLjwEmx1Jttmm41>>_xOFh!iI8)wvwW_=zkg813g~=o190UNqzS77q)!oYx!QEjErd zH01=iC@UMXz<)J1i>Z_KpT;F$!tCdX}~$?@NYKXoBRjh}D4rv@RI9lRnKtBWS=x%)O=Y z^XHJOy)w6^31jKczJ76c5&$jMTe+T9gq>`MiiGlfiEW=emaBw4_LeSwN}x$;Z!?A` z2fLvyQL-CBGRMm}`+vB+j%@R3Zo>7r2>~8mu z2K6puf0mkE7SNM&iu;6FRHD~XqvsLV z{6lFVG~dF3O2&%;D!cjH=Yw01ppful0{N5MxZ{*Zi;3T&mdA~tqCU9^4JlziT+unb zdGKQ_SQSK2b+&f{ba{HFI5VVwtJrBtZ8$=)9yY93dIe1`;S>+<>N&Y#rkKljQOhec zsN49%HGP)16v=M%5I1V|UPpWNz%>iMb}x~}Wv)A;+jR|WzLI*yhJ?3GANf=BcMfQR zJlq(PdQ9`!{GfWv;xHSv5x*ICR}=in`gSjD=N#(4T!5NEjeVp9_9Mnj;>l_z_!y;5)CwNh4wv@Zs_8(_z9{&Z z2d*s=wkm0;SrDAGTW<-|$w{cqPum%43F2i7u!qkCw6oOPFl-$Bw61vyyH(@iB$Tli zJCa6QD(yNW^h)V4E^*=ER={jZV*9&Zk(sCbU~r)L=tVvJGZ_+cq~1bUm8!J9HoD!A zf{5{0HLgflE0x^}-#Zo|ysipY061@BtH|4}qF3Bc!dK8@hFWHroDrb1Dl(qA%xpAn zrRD@<;60vJma=YHtP==jobjI)#a7HrRwDyGrsq}9<#%thZ>(#Soz*JuhIy_ zbUBz=vCch^4La;O3(=JECG2&Mu*{59->%6r;ds6kY+3MS7qq*ZqcU?=hZobC?yUn_G;NCh^QfY7qk7zo;_j=W$G`QDaVyP!I)&(< z!==^i%1UvCV`Nl$uue(S_QIVGT^N>{y_v(o=dd_^CMo8P@ppAEIR?dMcdNoV6Q=SY z*_HKW8W8v8DJw$?Mt& z`y6M^GHa==|1vh3$Sx?jZeJ*XZku3_;z5`ubSK?)TSSN}KGQ7iEpVFl$I-zTD9_<2 zAk4YZz5K4ZP?UU}+z76rJhMu^Ev`7`kljyV!~e;EWRG1D#Bthar(661l@tQI`J%!T zJ0&mQH$448et@qssbQff`7KOAy=5`~U;AXSP(e2`*bibhZSVPXvWTs1e*QC%b6Ed|_!BzX#8%W3S@ODIOE)(+ zLDPEi=FRWSSyjaX1@*Dk`d5=;y7mA-%`qGBOPZyJ^(ta!;Wy)W~1;lHXGs)YWe* z)KnCtmiTBN1-hM!_7RJz;)=r3t3QgWwqw9w#naCla#dB996QAfoUxley_exDrC$G_JICCy^g?|MFn-Zt}Vo7L7gW{o?~>x>b-I-H(Y@NXE~ zXFrBp>Wh8-!_5zk=O^cuarI5v0@b<$rHw^`ZG(FEb=-V~rG}4~Wpic5Wn?M}qEgIx zSewk{@ZX{gtq0akmtF4p?v#ERC5Z7sKYZ)t`%?Q+ptzx^NSs=0BeH4NT*uGBZBX}p zn{m%=-edx-JXB7hk04S*a?j!dT3McHbDj7B%Iw z-Fv4>U;>Fo?axs@LEJ0Qkfe*7l%f{;xcVVfc2{3UTtv_z;zNUIuQCQ&Q zw1h4hQoQ$Y+Vv5O#}77<54R|&gW$+@cspLxMzIrCIeFC9Q?gMz3({+by1LbQl{LCj z#lug6Y6&H}cDG{QeY5{5Yf21vzYPk86OAyrH|;$&gx2BfLNqE=UJE6I+>d zBBl;0MySQa83rDfGEIh8I(OiHn*D$9jX}09d(Xz)=W3caYxj`!HBO@EZ>Ktp()+Eq zqz_+Mwc2b=_Fn&a*tXGtVFSE}=#`a~BBWaZc|LOMIik6Y1OiO<17b@YFq1;58QYZg zr&*~H#%vN+ZE@#A2kRwZ+{R`0rZc{sk5oCU{7jo&r?~0y)s>m2catx%2lU>?4zZii z(a1O3g+Jdq)bSQ>N+>p|L9RH}9qQEbP|V6S04hcDf|E?{&8bR0y7Gd5^QkN{&ChMf zi%lQqzN?TN&hK`n(&xt5HK>QzG#%^}eVaTyo>vitn>hJzV$A4U>UTH1*YddxJE!Mv z`P?;4_3Fqh8`-#EIN!O*P(1mxGk@JvS=q-EQP&aiLiA@b7pzPb#!S$?hv8CEV@gD% zbQm;m_FDY<+J&CZWK5FstC4ZE5+E0W)_eZHV3e+qe#VW28DFFckm=gWO5|dCkb-k!IbzUoc*VIM9v4VHU!5LfE=b8`k;PlrlU!gY~H+O(iv zOK;JiYo7@?XcwWRWFz*-iA~<4RVk6UJcPNzYe)EP zTmiFd&?;|iG=aj;q!)c8A>X6Y-~cTa0bm7Di^NbP+$+f>## zg^QUtyR0dC)g+18XaJ5&t_Y|H((JK~=w^k#W7!kh|GzYeYS`F_9V*msf6JwcikfK= z1*6IAg8FLS;-1@ffhNy~-}Lp3(I=YuX_~lgDJj?W&W`HZo8sSirPJ$h$3(@)sF%4T z$BW3Vzt3UeTT_~?y&^3_)U0}X?}_aqBbLhEB7>GpA%uD3Ezm@?+UVlLj*6+G!&;7% z#7ib_vZ#u4laWu*+JZU8MoFwU+UFdS?LP?@gH{pXPJsEiU@90YULs|v$aE_N@>q=w zd4XB7HA^`P6_z-~7L`~Ul`M*W;U1iFbTaMGICjt*I7JZ)Y&&Sc7>WzI67s+ zTh6%=jr~-TAJt#J$;#BHLd+mCex0drXvk`+x*e-Jh}4cc^SqZ8qtt220udy@={Y%(=ylj4sXv{)LvV!b1Z1nfBIB#<&JEbE^+yz z$xs_V2Y1ivc0fGhc&3?tRqR>Uk^=_J+=Vli`mT{M2Vi0g(Y+&D<>PE`ANf%=u}!(9 zNeU5YF`qszm-tU_&V4T8$X$+d`@TI!uF%3H6~5h=B;lYpI5OhWKYbfamHR*bYl(>c zA$|g!i9cgW{{RNjfr77@RoZIH?d^Tro0q@=c7z8I5#wt0I*}BVeK(_`LP%y}0u_zM zMKsx{M^1Uo$b&tZrX9EG-!n8EW0;WTVIf0mW5Y*@?Aa5BiBI;CYfs{r{X z-6YUU(5zX~ezom>Yl48og_+3czcXXNiK7$hR`0v%W0LANIhmvo;H&oG*2mH&H!2>` ze+Imak_3SaY4N-#kQ2Wd{N)op=vbLNAkNSe0K)~RxO>;cbv@vJcstp{ZEYaB-F!fhwa)9A?-e*N%> z*&jZFDA!a=xyARaC-p;>XGuv(Y>2L=ngG34*No2x5(sNrgXH)^UP&n_n_>hea4r;( zTqv~l%&x$Os+608QaAyrrtJLxkU~;#205?Qw6{G+wMNio=jL)#^IXjFwJfLA5=`Lv zra;2JC^!J6hHiNXSiHkBBaucSm4KwA;k>=GVHd~(TQ2>7DPr6l9s@39C zp){MWq&J~-ZpCRj(xNa8mIuY7J5Wd!ElKwb0XgPj-bhK5=>i7D4j^!=J>pN=CSIc zuDocKhr;}yE24o%dr2}L_C#_lHIE()rcA}Nz|V70JT=KP2QW8e^~FfYO(Kl|adXZ5 zp=c;%q{xs?Y7(m^w>|fkS3n>R^rd)(rVQdc{~piSzXW(1u|2!PL~1mCVVyyR{iXyr z;A4lxcA;jpz&YOJf0$8KkE0y6zr3 z_Y9R`dLIR{+;wHf#DNeud4AEYudnw_jj@4g41DdYn`NmX+Oj|AVcCRp12LBE;%dvw zZxyB{jmuzw*4I^_qCt7~;JCp_hV|tWWQqN;+7LwNfhbJdq|Vj4$gD=;*c(TUo%_b9 z^PYSv?Q=ihRe(zBBhfKG zLG`?(8&CkpJTT%hq;P-!@Pq)joR`M~829BP2Rp0TWo4qt$;qf?8aLfC~or`frXIq|~l3hHVVcigAzJ2Y>|8uzj@5s-hrb zIlh29S06fZV}XQT@ffYcaCK{a!mh3Ja(HY{&(g+P%=G1*y0boK zoOz%b56(RDRn02Ox&het*(JHR+D7z{dsqokkH@BJXxdwQO3$y{ADU}kD+3b)cR{?5}Hz~7+k<43N?vP;`$^&+8H z2jUM4B9_j}9+8`Dh`9JlZw^IChPDVxFMlD|{hafL_cb+LZm>l?NC?WSyYr1Kot&I@ z0|+-kKJ4SExe>20Ly&lX7Eo^U?F3Jj*D1iB+b+#bq87~kWg+}>RIxItSrZJKF3R8n z4w4TiGq^p)Lb}fgHy(erU0>^nQdPJ1Xmnja|O88ZWI|yQ>^s8+92C3Z-Swv0qB+gmG!`8((HKd<9n=RaWh@~c; z-Ta25x_*W zph z8He%DJr>W&L$7mW81V8~u%4{YzsqwCNjE1z1r5i<1y_?qtxX!|EBC+Os=h-B$qEj( zyoQLBAffp{jKHdA5~L*CHA|aBeEq^a4+iaVPBtu8b$Es@tbe)Bsr7}NJd(m+I^pl3 zk`vbkJ*Hp_vamJ@T>bZ2+TIa*H!5IJ?MlDsh5H%5!0AA0{L7-alTk#hUK*)$UZd!1 zghrPi0hacqMOJ~-B;09ni#z8*QP(PJaE3I2hjM>zga=G|_llK0g$-O3a%y`Ihj&=` z-G5QtBRjXK#AyzN!spU6SxLbJs3D@saf(&q8v&LN#U-mQ+9o_i+oL}RV;a>o=$*u86SYqWc3 ziL;{%b2oc&i76laI_J(@Q3`27H0A&E(R?zsn@}c|{#kXz!j(LfAHeJrkJaDo>u=rg zzv>iH3BYuRJq}3^&T3kcvHZ(LqMSC*0J`?{2Sa!uQ2W-Z6Db3JpwY;CP-xkMi~W+X z)PY_`Z7-0LWPpN1lp3I7Yk7P^3&7)IXqMK zCRcxslQd}~BmWLmEnU=jR)ie9e_i^X@yQ1ch*IMq08#8qNuhsS2HXt8Me8ck_6G?E z2nk_%X$>g?4`110LP>K#T0g+|Lj7fi_0AI?o>L8<3`?R=zl76)^}$u1ef43W)#?(f zT_#QEycdBuP|_+5ObXy(wnE|-X*yRH1eVhp=HQ?NJhk+V=(D8sdq6E$2@YzX|vVHH8wl$8=r-2A%gBLin9|7~xWv%HZA&P?EzNrh| zQ{u8qwWJ4?`|!Ie5faiHAhuU9@EHT23ub4)`^wM5t4UKGh!VglxHz}HAzDItPp3U; zmcUC3G)8{=d?&8~c=%WTDm7?Ekl+b3UK3-_zI#zIEpSWJvydXK%8Eu zx>fGS2M41*$vCGF`=BYso>l| zS@m67@bFUS^I6i|%KcQZzHr%F)IAkI`G~LTBoM=a4}ijn;%L7;j{HNEYkKh;(%cHK zB@pLz1ruZD%i!Ufg*XYPI*IztCZ>OtX|?!^df?%+9c}HU?w2zK7 zj|r|u03w_u6KB5y17@DRQtOmJnhr9F2@?N9Gz7RM%Q8e!0BI57Cb2~L-r?})I#G51 zDpgXDrn*fL5O;#y#9{@3DBpOP>5*m$&=8{Pe%vv*PfS1<*7^*XNP~1JG2!`$~Ljlp)myJjlIBi6u>(D55xG-72GIi6KnEn3FWO0`5Zrxrcvk zwd4)(p!Cg_mNaqRPXU%-D+@nl1^FuK338H@3tB*+2?+-gl8JV-8k7J$qcHicw5eP)NWSuWHsd3q!bDW2*kL>jY;i(kgq%CW%2OLCWt;s z<}MW^THRfW=Ae1`vif}Ml)_SWbI`?E{Bx;ZsgwI=B@s8PcH*Sr23!jP({5ZS$;)cW zc8HQKDiDkli<>mwX}vBVG;y^NVCi?a|G%W|QJepBF@IzMPi%kKx9S>@3@yz9Cq~M< zUrtd}>nUsRw33n6JLwWji~@AEA!$4C)O(@|gMf4ThOl&z`$S;L!Td-B*6108K`nnt z-Re(U%u>gKmOOm)(*?P20B$OKWJU_4p?aTj$(*?Mqr(*VQ{bIqqut6Mk+ycK2frgi z!6Dij!5@0t9f=tB!>(i#Xki6}JoFlXI@974deWdCeKSM^k6Lgu(W>Gxbj%@JJK(@Gl`@x`R(R?||rk zBlRsQS0RD??lofweM~p@odYIrI!!38cFbOf3t5u}|K!>0b6fcxBof5w%+!}2q^aO@ zCq-Z&{&d+>>w(WjRtxXp*oA=wn$FR)Tw37(DWTr{!+)>$IT3HrX$m%PdqWd1oX&R{ z%(BWFxCAI!vdE1o6`Dzm%^eR7&XI<>2HoF>`qOlUDMqh6E)Wr6y2z&RfBhjaoCP=3 zMR|Kw>-|ICD`HMZz%_(zmB&k^`akcoOM0DHr*`)V@0mxB9(md_fsU2s)-@7rGeij7 z#B`mC%lH2Mw_h+AKgo?iOSoBre`~WCx>ad$-dgw_Ez_fr<2%TZmkbn;u*Wk7CkhS> zulZk7bLN)f&9mQsuU5(U5-KIfq^c(|Z#^%@6Bj3i@O=)32$Uh2kO!Hq$ED)C)&CN2 zM9Fs{VLbDN7xIJRGMG_k5d?67*R|E*5CtYq$IhAkZqvT;z7L785nWiTU$5dV5w{O7 zzw`j&dU)LvOFKKe?V$PTnSMFYX(_~Pk+KQFUy7-tQ&X(qU*GunxV|zRGBA2@p04%~ zi|m_dI2|<|Lh}(iGJDuF8uHWs<(CpVFsqINQz%C=Kx_bPXSU@gh~A{p18pdLBrWj+ z2^Pv}2Kae8L#<%wZ!j|Wo&r)>Sdf)d>E4RzK1-~Ge)p0$0iM~gf2fJ&WyF)bGFSJxe zMpgXO9}~ezO)#JX*HPG9LkhvP!5vd~y_HDF2Eer{e~uQ^6uAovOUo-Aq zf@4=?$c2SxWXNxF{Ds6>@N254WJvJ6!V0mr80Ha1tuB}rkj!J}7oZ{4Y3Ia%>*eS!+3-N3EanwA7?hlP`5+r4$nbC zAyI1<<*b0~@E*uITt+yGgg!>JTnM-YlR?GaxFZ;tdP;)=jAVQtDMbqI!6{DbSd zDRxt^TmbbiFX~m6rQNIKgankc@aTxk#=hOcVExa#D}!vgq;_?fgt3&ZN{Hh*ND39tu#gy|Qe>RMfvtb-a|;$ZXOpnA zr!fZu>8OKMmvC9<7WuO@Y=f~poE7chS$Y@X>DbH}Uz z_?Y6)7$}|`m^eDg$EbKEc~T8(T1_bV6psFwqokx}QeS=P=*z^{MB^|H zW=*-88(_&xCg=Igy!(_zpL_`hNJ!c{hUp{ay$E*2i|+4!8MqdjZgy>~mbS1}JnN3c z?@p8+Gko3OT5K;Y)rbVFtWJNZ8#g z3tb=R=y;mnzB+&I!okx1($0>#+XeNhj9Oo4S;>rkv#Z|V;Bf1O5%cuG_@W@dG!=E& zU1O57eZKbj`)*%@7v?_U;*E_6AJjX4aL1a}!S?cUMeoC4OgEnnYJJ(IJ;C^5+boeFCl?g61kCYq!-EFmWnw1{q+T>PqQz$`3pY1&)8bl&PJC$ z>DKF>{??;-KVOy(HwCVqk*is4N!XYA5Nvt8o=;Cg7QG7bGn38AstNYUjqLh)W zK7)(sa#fKSQ_r#67iEvarKRfnHZopZU7M(dpKH(0OS>x4wCyT~-yYB&&Q_W9nrX75 zT|Yj@7M@NxIv9QO;zIu^)5{04TdL-foUzjW#Z8)lgu2trv1#Jch$<($FK^Whj@?B-`H>MY<{gWl` zUN`nE<>R%cIfkzoQ@C>U)vE6@1jLOEzx5_B6Zct)WlWw%8be-Mpsxvb3e&3IvajBS zz&p!0yO#7yqqn6Oma>`ghv1Z$nALqF)hV7UggtazTurVSM!j&SA7O<^L;|>-5*q%*W`4@aqFV0P2g>C$ulZXasQzP-Z(3%2TTP=_jlEh zBt&}+u3rgc$m;Vv!?PZ`53nKU*rL--y-aV^4D2lRarVe#j z1ge=N1$%BUrZUNSYh8V&>fA4jYurK=RWx5#VF~p1RWiRUr~1uNim;F?9$vG+L&+D2 zi^M3q`ppyv)pFrI;BdH%*_4ydPa(fV6My(xE&7x9{(J~aC#7|fS+Yn6Z=5|k3Hr@lP4e1*Q?LI$ z5^|KD8RyR!O_*(!`5k+n58-vZuWj_$i2bPHaKjIE!0a5}KycSTSaX@;q3obfe4mr~ zeW-=dVQ7Uay7O<@xnD}?rEGAnuw@VFfk^KZCg>f^xop1QT1l_xm~?Tj zFZ)XO6`=qARsP0x0PF5|zsK=7#n;odi7#nZ6~IZcJ4HqL5$Ps=>IbmP9ex{ii>P+R zW9>CLU-y6pwZl?Fe;qR9-0%OZ6^cU_kCS2EFzy!iM7D_zNxJ4IA|W&MoV4WwWoCOWf9g<{DzJ(9IkV z&+h~r?@zj6V_f{jgpbEZP{F5nHCsw25+&NxZ_a+K{r!y^eYDkE*y17fF4*$c!h}n2 z_&d$pTs?}INhT@hNh67tqs>nEF$H68$PYY@@aZBuc`;~^ImRHGPqrj7@>P1%=ex$uMNHF2Z$ zgPcm*lZW{Ex#~hBd zC|uUZ|2~H;G(Wy|KYG+Y%}SC%%LGrkTrc(suYqWWM|^5I*##eiS6 zFVLe_aSwa7H|+|8EnQP=He20HN8Ou(>LfTmvyqW0tB^9O;3x!%5MjOvH+_iWQN%CH zG*u^+2mH2~2o0R8V)ufucdxfQo(SGD}t%G%L>`etLmu6?!^kbUheDca!bjDmf! zLw4FQR!`f5N>Ad(QD4JYuC~Xqr@vwkIA0kGDmi1`t1n1sr)Ow~RG;VNeqn=VK<+lm ziyD5vz34BYrwc>+ECyDEjF_|g+yKXBkGJ>d$WEWlX))G^isFxdD_OR)svvPCwONLF zB~`$7{y)y%I;zU8Ya2fzsEAmUfP|8YfJpb|C?L`zA*mqUotrIU(F#hJpn{}?Y#K#E zO1ewBLAp2Jygl#pe%~0sae(Ld#~A}Wo4xLPt+{4i^O`OKkf>PknH(M-mYT5o=Z%kB zU5$5XUoWGh+wQWW6lDBX`eJV>Y@@p|!_Ri)bjq3a^lrhDBs zz|L<6aVjEK&t2-lmlV1i>V2SSxom#*U|IR{B5Eu#ilVCyA{$?KrvkhknGj#{3U$7k zIZ_F3?-i@v5xSAEviwVV18y@8#1z^t55aj9q;>o4wN(-W`ekLi{iyFk$-3^vy=Qwe z*4;bh6oGo?yEQ6ZKucjBVYo_n!h7NioWHJhX5}FqE+O4`_M^TvW<3xR4h&VihqEqa z$=Kd(965vC5qo}`rm&;xqW!Ebm&@;88{LYSU|dGl<6-zvl-N|%)7H|J58V1W^85je zE^8HoI9fQLyKmmSNwaU=bLq8QoY5P+U>t4h=HXVh+j3TO54X$E3YYZg!y5}rV|635 zIgP$F(gD6mW6t2-Vo=vIiF?)WA+7hzaPRAL_aZB?%<&t$sTsa++02J08|lcREV5;a zx298H_c6LQNgQ{Iq$UkPi%q>JF_^5nITB$U=ffB;0HII*PPXjKC#%v;?BceTl}sF3 z?APO?Em0gH%W9BQd_m`=5p7p1&CjZ)u3kO#g6T4^kNT8&{V@q?_+LzL;-2$A;^xyD z35u(&2=`pCBFegyvPMu&EN*8s*0!dSB8i_MVuF|OvMGQXzk@1@v)gYpuX0rFTLWKjZl&U826S0LC>3(-iu?L} z|LoY8Jd8byoE2KGBc@NOJJ>BsSWhcAv#5J1LwMn(=kAuIoxRarOc1SThoDC`77{D+ z){=5oRTk4Zz|GTI@kVQNteMZ7P$jNSh6ROnw zYZ7GX;J8`D#0?xq<;|S?;e_IfDE;&*!6t#BhmwHSWAfcb|AHr78F-Z!u0KE-Yd?u3 zeEK-y=D|rfNI9t@X(VPM4fWf~0$izD<~ESF`)_h7@g<-IFRPuoa+1Z!QHvM|GQ3s+ zpOF!E`{==G(Z9SpPUIS+xIS?cUSW=7jGqMd>?3$INGxKzW^{;=4i1D~Yo}SA2=Dnp ziV?*E$ctJ0sQ0%HUKwQ!z@ypvq9iByY_2w7tHzw%4g;rq1W1JNBf-pYRzGgS;fwU$ zlRZSuc@&V=`W$o5HKAzHk0Juq6fhJ%`B4oZtaCV%B|aD)=nDHKdxCjo8=^ z;ikQcf^8@$;7oz-Lm>$C9CizjL!2B1K-6Z3kAGbvJUf|yo?C*CI0`NhLuu%16r93q$V4njp3FLM-FlN zh53)ENsBg)e1@YdL=f{~{cc2uK)K}x!Qb^(cO%WHKX_qZw0qC}sf!)p<}S(6NAa^} zXcq9O{oIvqtB*VT#qZ;-xop9#6gQcx8cKb_C+nU|JsfM#>wTo{V* z^7jFhxW2zcnet$(MbC+!ZR@RXxtW_BiK|YIb=9j#>8X!Cc{0&u`DWsyx<%zK}k6Ias~kavaB_U||IHdd)sO%ce;N5Z!` z911C)eYHuApOqQQtfr8E&5XRHnR%6bwV$JKVapPGCC}%h1R|*jzDwm01qH+uL8un{f+ShnWH+bT6J4L@L}v{+|3UT52_H-sRyN z3&B!}Ue$Io<;7oJ{##-G8-uL-#v4#aD0E@2b5 zV%)h?(&O`;SE$z8G%dMZ2V7SbD!&K5oEO%MY>uWvq6btfs6d6oKvz*}1e$id&-l%5&=O)7bjqMY)=3eNXAlF&d)6x4fBg9f&}D2GDTA&BH!; zU%ZCs_Pb<{#VE>7)xwcy%GqNZ$L7@Kwv_M57k$AMm1hSq__|9YryJOdt|wD2Hs$sX zpj1z}1P4$U24R-kn{AfUciRA=6?!31VH8olUFD{Y1l5>qwSg-!-(OE z*v^=Lk6OuQoyKAnXQYKzn{^Ru??f3trxDL*ssDbv@JZQddxX_g-x}Xjx4Ws|-KCd_ zolBYaMGgbeeIb@acebQ5y>X=ji#!PW&g&!C)R@DdNWIcd<}$|Tk2V(Fsz~vlzS_U$ z&)Pk{vYOX0x>n)v>Pf;Ry322dMiKGoMvG7Yu_&wnoD?~`Dk@9TLg)~I>4`^IU(G#+ zho(+6`ISLjD`O=qCq__NGF_JGVw1T#5WAtw0$abXCJb}}iVx;7VlQh{K2``Xl=eQb z{m$3T=yXBw#&Zh+fe}d}RwKC&hzJ~X_fWF9p>`5=kISA40h<(1?-@7nfWwBe7@MFvO}2PvnFp*vUt94Inlx? z#sj^>uCiEBhC6wJqH}}My(A%P|D!p2h6_47VfMrgC>A8f$J2*$>d}h2t!U_lZ4GvI zbVv=~zjyDAEgdmHC_amM5r!~V%7!rWoAAZ!m30|(>a;AxM*Y4E6m*}zEjUwtxj8Fj zb}!^65o?Cxz``L=7x5%{nd&rvJ7S^DZC60U7fzDo% z)Y|RA$A+l>`B3qlOM!x0lgUswIZo?BA1J!k<=~GL{(v$-f0!+^;x6=P0>{BaCBx8tEMG`Ck;w_8hII z#fVs9b~YB9)3vY&0KlJ$_iD+rW@I{L`Z<@GIqXQygr3RuibyO&#wKJ^M@pRcTr5OA zToPM}So4gGR}P^)&uU~Ml2Q}TjvgyqIsQqY^%e|9!R7mr}-;-E`?;Rc4&2;Ssh8u475E?bB|65A@uNA zsAU_eGmfP^dhC?R&o{`nJ}AMfS#AhP;wd)dYkfR?nnAil{Afvr4?byUUFMO)TzzwV zO)8}{_BblpIDx`$l`soOk2isZ@tar{sauV^^S=NZz#uK>ay9^m6PE z>?$&D?D7bapZ@+Lpg&&V(eGau)~9x<+DVjV%a7N!974?Jz(Ig4X0NY|x^#Q4R-~#C zSXv*en`=I`gkjRFY1`cMS~rHDg8$Ly--~@e1ar6y%4In}@G}lL@9kz)&lgog{g(RF z7bB=o@(!RIMYEcvs4G84Sy4guMlsG+Y^s7p>+TaVP?;w5zenvGtF^d|(mrInZG49G zUx${(IroJu_rwG|-_z8G*xyJbaT z7+1(Uvc_&IV7fHwGPF5i(7iO4HT3J-;?MesteU2Gi;$f9C~@1i;qfp~jtmE3`w>S* zO^w{gcxiMwLT~Ht%1mb_(+4CY;N|93V-2%WblptZU(4b7y3c0I&VFwAA;n8TN^=;r zJ7V8}b5mrs819?Cs_LfO%(cD;k5>BD*NpmOHI%X?-he}3t|;6|RsuOAm+=T=eQ#pE zm+5&uSLgGWeQkvOM0SzJ3&(fpoY@Y1#7>FH+J!dbz5&!L8HLcri#zqPL zwR1`q4L>Ij(+Klf*Q?_gX$YYidGW=%IB|Y8Rdy@8(%|&Kpkel)#*MWK#^`VnLLHt5 z6RR1C>{KEvzrSZKPc~;QR#7Ki`VOgh!}N!pr&yVZJ?)npvbsM;Rh4efQv*D6F(eKL zG`3@$MG{%;e3cjQPgF!UiY(kPd(q|CmVE363A4O!7_)rFo)x-Ln1vX&{xEDX$kt1u zxUO6;kjb(uACnhb*M<-+I1cPwy0d&u&d+}5U8fFf1?`eoTGl1Jr^R=EvtGOAU$jub z5=bXritB{DsQjC-FlnH6BqbyJVEI#QCT()C40BC8|2ocQCOykzb1C`LCm%q0a3VR% z8J)yqAm=}B#iyiPrS%y0(fDkm+#^yT$W!L>P^9O)+OHzOky>MwBVj?9E6L`|ewU6N$`in!Ej{q|+GcB8!d zC*`aIJ58+Jb{<6ok>U4kHQ~$X`SF9b&a)^++{Hxc>!`|Hw|()Np|zKcd-nvZ(bW%! zn4b3-<%gerPAQG;QG4x&EW3H}1S8zjWSteGt=#35X{M>nkfd0m|4&%moxnQ@j9mksL+pnX%19#>;!Vq)M}9NmXu#QGeH70Uk@3v(f=^>6%VKF2Lx4Da-{t zP!%@^BseFN$vFXB@de!cn#; zt8AH!(9}Olz~rdc{TyTIhY}KL+66a=S=Rsu0-(5Qh}Y34`C0Rho^y*lH-$|lY%uI+D$&6>PjXu_@zr$@nFamtYRh$$OryU^X4)?tZ zwMau=>2I|y`;tvzLgJv>IQlXDy}U{sFDCBk!;aOd**PkE4f~SK9*)lS)edPEDZ}>K zFM$IoJU4z(5dQ}Y;Iuv1D9x4Lfi4Vl^5dK>v!6NE9EB1-$%w&(P@nhn^=+Am4vA}N zX;~?g5wO+4vM`SkvgVC2NBkMyy8rpTvc_}7GBQh4Fuu}oj?!P67_Daa-OL-=EQ)oH zbz>j@sn^0mbn(V#=ZjgLYjZ#h1!Zm2c_ledaPOB?oXz1c3T=i9|NepJYx&Ol)FIA= zf?PxNeKeR6N&xgq|sz>9gB~tWOX0`*-ksyL$*n4ikB_5uIQYIu#@FYwXiPrNLfo zX#3suLCahIv|Nm-NXL%W$w%jJSy+g{qxKOR9Ks|ay7?1<71~0-K0-bAE$=CsHkQD> z`pGnZOC`JlR!A886(t;^q=Cr0(5+v)XV`{ArFDH(Q+u4YM#&3FPIn3N%?_qo9_OR- zx(F%I`k@A8s)M%>xj%E9zsKucZTE7lbEhg^%obQ$9mx6^_0N2l{`^nuxe zKi4p~2zCCh$FDf++%4wHCr@5_i(iWFnx{4?k4CJEkEPNf*_sNNf8$=r4*O6fRYz}* zv0t^Ej2Fuq%+RWoigmPl9j6cj{i#{Y3-8GGM``^>H@uSc3QH=bAo*DDbEYoLm`8R` z%rI-_M}Wb^IcnoJT?V{OXt@l}6gEF38&dA4ufp~eRlV?E-{#ojQ1F;?L4puXnY*d& z%0fTG^HZ}l-(Rc*J-oT~WvUn^-QR~qlJLyWPlse{I!(6mjV|uaM48EsE{*1k8p6>O zNY-V{`xox7ME;`-f0%-KjUJ$_97D*OPFp-Vf4IM!M3_lptQ+t3mBJ5mhbC)U0%j5} zMZT6B*+2*p&Z~L!5M>W|qF0Tu%4TsMvx=7qwAsk1;Y`UOV26UKq@ve1WJ&ex- zA>&Q2PdOA7adDpPCy7oDKN+dY8~XA5@~b~>ra57UnNg2Cy)fa9W%-JWZEf_VvgSo& zngVIz1~V$W7^HY;KNogL>YN`(yo7OlSBy%_t{+>UBhwSH3A>nln-Jel5zcUZ?Uv-> zF8XNx*Ub4n^=m1~{^|TQ7a(%ys7_U-^$G;+-s}bEoWp2X(1$Vv9~JCGzCu1b0*Hg?x#|3w-bO-n=C@Hf8>P zp1!FAuXW-YU_AHce4TLQn_WN(*5t3eOaXyR}qd&(5QI*p-}UsxIVtTZVRO~7T%*?3ZSvN zWcU@j4?Hha?}=hwch8;GXV`>nGsE6fUFFKYCy9n12U*hyTVy>Xl5Pt4%gchOSin#L zkuZnIOGn+R_bz_6&r9MF^HP9PX4faI;^M&znd1*c3v$k5)&e?CHIJjuY;<*GwW?8n z*~~x2h>CZ_QyJ7bi}9TPvL$i45B-P{8@B}_aL8JXgNzrb?#hNUWu&}cz6fG*qiT7h zPJECnu)F!o`x)6{Z&~p@y?Uu#_e#RJekOij6@vf53ceEc+KzQ)_*fqqRzj%Bwe&e) ztFn1J(5&)AAsn_ENQPRKB5tMe*ms)UPs&^tx6AS(%LVY45O9Dswxj$&{pwYPPkv38 zoL_WBU*RatUPLpOgHl{{hO#aGl1{uwx9>(}2`7)nxR~&npdia4nNrUFtrNMx#-kr~ z7&e|sIXuo{G2z%~0fr=5+=f$B)j%Tl#}pNrG<_VwK=`JF$nV)G;?VqEa_^CN(Y%@o zLoI4AJ}Bl|s3;tw9T1!#obkX*e)|>I2_f-D5$ES2@2fn>T=dIV!mk@Dc#jcJ_i`(U z*mQd6WILYwfpk}^X%HVAfR1K=rK7_z4eUO!opb z6t$P_n>R|9>`KTb=@Ga?cN;I?!B;s14=cvUHD1rwSkp7@OVyNgO@Wr5Im!IqMK6!@ z8rsS*Kde)WYk61FoLyFcE6%A$vquHAsOXo5gV`EKpTg@YSa@GPG3x&{ZSR`z==}*- zzfdV`Lb=9$6)n9e8~vXaA%6?KgO9QF@h}~13;!3rv?TLjIJdx5AnW5tK2Xk-bk{UB z%S47MJbFycr%r$(3smA~Iq>b9-oZZ6)LPr&2{Qb~h7AP5BryJTZgQA~@43sm!j|V0OKv23(hpUPM@>sS(1CaPNpSExkKuPvD9NEpKkrS3 zm$}?Wl-)F1thE0lms`cFjn&<~K=v1FLEqPV#B`$;;^U_|@;~H_{NXJlt@9S^vJFBjV?+ zbsM_$EsvV7<`A*ueU}PPs6$YF5$SnK2gYCV3iKf`;5}fwddL9lr#G;dnXI8p_Usvf zZPh!vAY+yWfAxxOM6?vn0#ps<&2a zdzkrep_*Npn)vYA+00v%hN*MLc~2a(E}8n;Wjryon7R!EIA7c7_l8qHL&ZRiIp;sF z;=jkw4uW2gDkiK&v?(zUlVX`wS>^MrPKEC+*Hz@_QvC6Jt7owWX~~+D>tefZ2zEV6 z{^LywircshcHP3uwP9)>#i!!JRI9d$uIewg1jU+h&gfq3wGtCR$D${{iYYQZ zM|V}8c{OG%35t|0?bw0k6dm;kxZw{|tv|+ACEf-7{ddh?Mw({#rw5R~gBgQA@`nZ} zT3F&jqDb`IW=b509r;;tJFyegeewBV(08dqltv`n{rzRE%jg=*_=L$h?hkzG$kf2w zy!@(9yKrvYyCp7ro@pxkDao>-b2>v9`0e(t&TR+My$Shz?IVyKPVZhe=!quCda#(S zaM#huFxKT)MpkkH^l47U48-PVk0&NY%;5Q&2WGoXUfI++|FXwCi9JCvbAE9x`b;ZJ z!r-2bj8TZWgm1{%#FTN_F@)i^JSlSXj$H%cXQ(O$!-~5k!c^T%8u>#OU&0& zR(Nc>Z!PV7H0#c0Ay1lYiQ3`IGtlfO@{Cy=z(NL{- zdFEVb%QWuWZksU;&-oO@5^F!4%zF6@0qmrW3i}mfWG9`>Ne|pfJM{-uea}n<7U90N zUJkk5A9{0Jdg=XQe5t5C_V=FNeS17#P%0y`FVG@ZXa|U;^>oYfpaCMt%DwO#NuxY_ zX*~UKGFnPCk=>I9;BMR*2r#K9hZCJ zv*$L_?=bvr*R3)(kx$Y3_^e#q8em$nw>i?&%uqQHm{xthv^)IqxSmC@94d=DhV_fn zu_HqjKR?Tw)$@bm_UKifIWRwd|Gb9UeHv#R`mV?4&zEB!*8g}1wjlStR;W?^z-LQJ zrQ$^|41c}^m+Mxc$CU46dm^KPpbOT;v1fa6x_3c(v!%An!e&rll7zuvxUFDuw1QHe zLkY#@zHL34!9pM1wYt{l`@fjkgWNg#34(dgr7z)P#u6(FD&+1#0|~ADk@-S4TE|E` z`|_FU)GCPAOJ8}4Iy{K$vaS!Ek`H-CKw$cci;xAk`(a91r6{FF6j%o~%g&#iWyCA@ ziFuUxCL#>`GIz}NA1@FXBo|&=SV;6lp3k@g78&7+O8x^7L$qQND?Irzm`HW zGO2~^mKE~KRRWTkariePR|5w}*!B!hytJ}JB<6NIUVmVQ%1-;&TT}ay*BE*ER1ud( zOM~8q<6|zBGn|pe_l7EvALzfLp0-Y2BpjQ3Ij=7tW5E;eytSLaR5uc@Xc0o8A5HceX`7UU+P^qr2} z=+|SeNbs$VPDzzEwe?uEFS-R+BRWNv3*Sx|CBQ}DEGdtV1D>==o`V)Ug7@jG{F%}V zM73eOpI(ayMvI6>bH=TYhgIwBg0xgt#I)r5M6rxHVhPB;>EDq(ryD$HFO*ImeY4S>sB2n9hfH(+Nif>q2)$8@G zum@YBA8f78pA)t!Q1Zm$OhTLZpbW6A<1=$U zGdDCpyWFqW%H;`FSCvjP^U*(sK6$w?%)!r#dc|J??QYa0L4t>W{>ad+iN~l3AdQ^W z-u|F@(2alP2q=k!@C7W35luTjl*To|jhA-;p%>45AffB6m16x| zj53W^1{)Xy$Mu0)VJt}C#DIAFftE1sM4G2xLN7_q-xlE9-as_U**n~Lf=JrhJ1XHo z2A8I050%E6Q)5ixp2zxr}vP{l+f{ zB`bQkb*Afo$CYTd>9K$)q+Owpo|HTLgA@FYogT&11N{z4!eT*tU6J2lQDF2H1cLWvt=FvR(CE|GA~PP~#bLL`D|oMjM3E{AJTPt)6*hn-8!fm8-H(LMPV&G# zh%rhfJuu^-$!RlVKw|K-c&Xz|Zs0jS$~KlNjFE#{6(8#nyiM4*@VIR=Rs3n_!H7AK zjI~J;pIIS>Itb@(rlwxBXT_ku^77K3dee!~7og%jXA@P=ngIWL^X7qSO6S%u#7!U= ztIICzIYRxWvgUX|&Gf}%FfeDC=md)sP87H)BOtmoN_bDae>B{|@Y$^WsuaGR=C7D_ zimDh)R2v5`ZO%eq)}|D?7hzvBA@X|i#Z~i@j?%GDK4~e00kSA-WcCi zv}1y^2*`RBGz7Bdt_9qR&p~4E(3rdXCrD_Rl_+kfrKbn9W2Q?LPufT6zpxDQ;U?V} z+uidWV@u(-=r1%9z2i5sa#O6MP-2C-NdeFCNJZfTeZV-T;Z)Yq!f!*cttVK<=Q=bm zfSBWx(j0&g=DGCQ4N2)RL+7qOl)zW9tmRM=!pH577iF2L5~Wy5Br!Je8b!Th50|5W z<}Iar_ehzTm`smUR#qaw#M`B^<-ULWruR||Rdj4l$se-$@;-u%s7d!>Q_t|P92+x5 zWx1Q0l9G}ep{+;|>xkMWOiM`*0DcAKwsfsG4m0E*K725Jz(sf!%DlaqkvkDG0$iB2 zmOCeMkzpK6W{|Dj$FMgs;ZIvB%9Z=Pg~@%vOG_7o+R|-w^q1L#|MKEsyT0A;EPgV9 zf)qjbOk1ls_~|bPJ+%S8ffahFeM226FR|lK^V+{@e^eA<8(_^~5ZKt**c7qm(c`Br zau$jI0Lu$lu48aJJa2S0l+FV1p}E9;o#*`|dFA-rTUeqvm-$sDvP5A{$G&j~DwP1r z=`e0>D{UD@zb0te+MWWaRQm|kpF-kwHoA=eU;!XZ{q}?)3t&4hdwLKwh?}4OQk%W9 zva(xhLgN-h3Z2&P3A{3(m8UHjZp)9OL$*=I3VGX zIqkx8R#%a}uLz>|M=F_Q^$i^zS76kiSiFX_H_R;_2`%@Dh~s7_bRYvul9Aoou`k~m zDhFTf46B-&8p3M;$snd=E>KiLNq|z&*47<>eSlNhVu>Xn?JUUz7jC&YHS%y>YeFBs zMgoh)vC80L%j1T_^QIjet?V?%*t^MzR!+9HT{hWLr=$Ana zfX3jnW_v~wHSvKLKv?jI?M{9BV|jjn+sX9@9Y|k3x@sOxg%?U+QSti%g_gb28$Zd9;y%#+X~6VdVl}cPAgtC z&PAczCl%qGv){Hz4*bh&2ha=J>o^$sxL$x2!s`Z4xjr<_cHcWR*@ibqrlc(jbZ*c^ z@{Ck?bx~Oa9u>0OwsQ?63bPf*HK*`}kfgUa|JRj&-DBj%M?a$60V++Vkk)$kuJ(FC za#|X4=~!7=e>8ZvK1qQA--{Xug&TThLaV9BQ3pZwV}YKF%czr!%WXv=ojNVRoxgf) z9ou(a%OXqCe|MCn_r0%i9GY*y&D<>7WtgJ(k%+eg2b}uzZKmk1f}fdYgokUY{6Y91 zI=LgGcW&Fx_d%jZMX_?geU9elbBnfw-A~ks8TS7VN!$n*1+>Rk2Z)PF1zx1=)U|i? zo1T2B07P5oGfUPq>mx;lp98$si8@DXYp}49ztq(fp;PJunx>wT;xpnq*8@eSmu;71 zSSl$>Z9Iw^2iu-D*i!P(|LQVdC>cp0;xq~2)kZfU?En~`YC88^&*Exmt)Rv1EQa%; z-A>Vp2n5n$v}X$@Vl8jPN!UTbda-Q#QgpbMu?jD~P$Kx0#(liJ`^F#;1OaRqAwj*X zNp*B<-Fmez;wi}tbIr3?!$h3LXDRfSR`aK~2ZMsp7FhE1GAsW}H=o1Q;`_+R(ecJO z3RTtitn~r+%1+J##zM!Lj?pdv;w?4+XH~C7j(oI3iw}EBqNp&tR^GLYg0-I8Pb|?} zD?SguKd*$=0hrM%q9D5ZMqn-6pv5kdq{4h=3-lO!p%IY72rv9$K(n2^^x_s!I*f2) zcFpUf1-U)9Ld*?-fxvpkl1ukEASOL?kCgk+c$}42q*p|`d>=8e@5@Qzl}GkN4LT)& zTaV1q;dT}4DQsGgxsc}8?aX=gM^+;4Ft$WKKh;Qj)mEBd3qbUYhE_b}FvMVh_;-3y>1`%y*G$PRR6WL>W>RU-UO z57=Bw1q!-tDqf!B0#1eiH$F1E9pHcPjqHhpcKexDoQwc#K{qEQcY)>a&51Zg?}s(5 zKdp-wrQE28n%>=hhi34ezy2RYp=XLhB-z(bLj~t`6INSPBUKS%2 zK=p?VqldYm!M6Mm{`>hz&7B*sV z%W*tP*nX#8Nr;hl*JW58T1IQQCi zEm5%>KP@)e)P>n=tmrn58PjVKA(@;$BFWD(-tCol5swA}<*skk58U=WPdkcUc>*Vrjq?GS&D{zGcH*1PbM zt#mtPW4d4hnPKa(=(k4=q&#J6XW0q+bZmws7i*!T2pAm6{m9vU8Q-jxuw}edPIS6m zEn995^fqzF`gA>P|7Ju7?~3jf+Z)ueWBoHRBT=uPE(FIL4wj-vw&M0g5Dv__sJ=I0 zBCR{XxR-RP=)K-jpYz?iD@i<_BO`n03E{;|3LKepzoRj5Jto%NEQNM-K*R6M7S0SK z+-qVb?$WA`sxTS#qvA~rE;(_!+8vlNhnK9;!Wjiy(-%bDlC~Bwt227lme_vUAknSc zyRF?aCl<2n%E+usR@JCFdsztxK;kpbA;;YGI1zhH4o*&9ClFQsCSUa zmPwCz_aLK%+t_+31zgwr=#m+zJsfGU-Wzn*uYGgHlz5?Z+lned{$~|5-pp(>^K0Uk z!piRKIcMjM?pS2kG{Gcg%|!5^cJ$o34Hrk~cCR~i8;14mNXx0RlTX$jksPWZr=zAJ zJZl1ueslAFUOw>J3gP$Mi0>i?t#n@a^85S@o1u-7vRB7QLLRG~zXjxO>%+V2gVsE0 z?HVYqg6{c>5QV@jgX*e1^tRU24IlwKe}Ve?15~tUk13*%KMb-+x*1}?~RXJn&VJl21Ee%BtoVco#sQ2QzA z!?NDq@=V9}y1CAg$|%fs@5XmJs{lWa;_D?JI0+kem(~y{Ii+gt?ITX`}ew-`coz>qPDY`C;BNa&evyS)92c$V>=SSUpbW&M_x^9FP9@1vWVMk#8f4Tm*{Qz z+nuLH@2+-^49k|%YMr7c7vHS;vYH3yAL~A_nf1O{B%^rAed@lv)z6)u&Y3UMv9ybO zT}8{kMN);Vf0Z%H_b~UX->EBgczDi)?A4RUY~~U`Bu;8$BPB`cWjo;9rflq}TNxlp z5F_yrpVXxLmgL#mf$T31@7{1YByNW~$V8QPqOpWBQF)5NEHybE^D}N4&qw+j~Q`i~YTgJ3F&nOlml#|0f<{3U#{e_a}t9G!My>*`GtqJj6+ptyH(mj54&r1W# zvFq=T$SV#JlA5EG1+spxWmBH}K>$vWwgv(3zuOfsIj`&y78xV%XpNw@=1Z01<aHG5>ymw$zvL-WG=fW7rKS9h7d->q>Uk9-}K!Se;( ztD@~T#kANh%W2uN_fsO*eW8dGBqOc@vo{?!#oN>%S|e;QAj*u})EYF~SmgAymF-(B z+oRrF)f@EVN|a6-%q+`u9{q7{QEza2z-r=c^tAIPS)AfgJ85Vt%$XCjtBSA%+B2ik z9D5X(V8deZvUue4Yct*stE=cW`!Gq@Fb>-~_Ojd64LtE1!+xAqof!pu#JYT9UR;Fc zp0iJg)-Nc@{q0Y}+(+l!zuC+4RejH6&b+fCG+k>%TD(|nSM5g7Xm0r+Zh?mQTf_A9 z^vc!IGnkE=i)T7@Ixn|wk&y1K2lhr4JI`=pBA)YO(7l#ZGB0X!mP^BVT8*zID?6jNTznccgnAi`MOWIb?mHA}o6!GP5e_QRWzIjHp&jMbh z-M%4`*LGQ+pU;&g5p#~GmdH#06f3ysl^ypOy^4|YRh^;A{^O(P*k1)a)^`WLZK5Ci zgKkr43$~yR&=bgS+-Cim5F}*!@(IFe4L?)gq zTNz8eT%fyY%s<%nK8W$hdIgDM6?M+wOa6iIm}85jzhRWf2!&4DteV{4n40L|5SsP1 z*^5eY3WPhuVWrW}NkUqWQj3e13_Z_BIPuP$5q}f=DBKjah;<%_h`kemzZlFGJQD|i ziO${cod%V@W44Pd;@$5D!CzWlrW0F{uLPJA&P6->&_vP=d2@ms^m9qD<7{@v~ zx$$m_<3>88+VYBkLF}!|c_m<0E{)R_ox39ErB4J0Lq0CX$A(t`35akuws)uZH}sID zT#Om(>R+u#d=}w_LbeiS{(`_wa}35Y+NOLh^@X$N^!9B9u8Z784pc@K9{M`aoCwV( z3+Z}gV!?mu+70WR*Fbc@NMzjTv5iWlghx!NT83Ses{#GJwT zFSv0UaA_o0Q?I7Bu)PT}cJ?Y)L~n6}KYW}IpOl-oUk6iDTC`S(xvf}{R)%w*;Kc!d z;l=eq4CbP3g>VuJpYBV{&Q_<&3;XIA3SjP&9+B1C(GPL#(E;mrdYb~<7kuoN=rcCp z-v={V-d}AbMXwIty}cn*+rD)~lma0_>m`>gs-Qgkqm?8?a2C3c${rArU-RGF%G~pv z;x>BEvO)}uRAFEGwCDo#Ody4a>xT%X;^rCgi!v7$5W=`jZAaCu#5{b`kiW*+v3*qH z8$dFhoERv#En6-Ngn7yyxMlTOyOalLcK!he`#$t~ziq2Lf7Q#O@9X(k=hMR_(Ac=R zSypf(qi8KsV8ow0ve#*K%4K}P1!4BE0=SJ4>aBV}TeR^zPPc9J_d9<`;+vnZ0ZzA1Am>GUxZ{@z z&kij4#qmcM7c5hCF1%wjaRY{Bel5GD1s6NAb?}i$`TJcALimb^SUDgR3vNu7>Xe#j z)6@2?@kM1pU{8{ht>f_b$f=a-SnlQQIMOq=Fkq`c=M*% z-f=z^$Pv^_m)bYhG25L+ipmz5kB5IcGOl`pvb_Z(4*EP=*P8BY;rR}3jPo1dcCf=3 z+_pM#(Id$EEk?+4^c$dTp;+=d`l5ix#%~_du8rIuqfe_wQ+{p5|N1FWJnB0|#JS}{ z6)pSZ^=jis`KXqe;4@;A@o+kOdRudh0vltgrRT$R)(ST2lf+{@ISI{l*U#*oMcA8f zq81A#;({_UyL7E=pF&bU&BP(>?-LwFA{=G2*&8cK;_b781mMs*_c<&#KoIM}pddWg z){jHKHbrr%wDzyAf8az5f)yl1jL7q^qd(1~b-(R`uAGQ*% zQZ)$Su`2OgFv&F*1&^z^oh0%3B`doamytXi9=nK_{s}~%43zRR;1wW^5~*y7`?szN zsnSQmO~2fI;);`$0M{qieiYpT2)p!%678*br+-mVr1Ff{Vgr-3kHk_*k+3bem&kbSc|d-P0>d^ z(~&NFGYH827k3x-=u1*I`O7vPk>iJ{B6=8A6^dfvW>n3dV9x{jmla{5q8YH4(7RNG$HNKm!Rg6I|EyUdCo zp{Z6r1Q+YMH6?)fR^>z-&;glY+X>f-PhD@fU0^-ho@(v>`3t~seQA+%aM$Xl$)b4K zdWp+Qb6LeiX8vVJS)fhh`3eGy6A}_GnM6E28}fB@aluuQYDuoAkKfb7?T+En>dzyU zn7yDqf1ty?W>vWO{CO+2@G9q3Z>%5c9VF#QdJTIg-~8p(582Wls{O)$=yZ^x?}c-J znfH`b7{;`>mDuNB7d-NtA3I39-p?;a{DTRaz|q60dYgBO7tl#OMR7fB@!`?*;o3+ z;wW_q+QTujFyS^>#C_nJd{|%^$~OoSWX>pAi$waIx8}JUMW_dHKb`fF=?J@L1_Zel z5svphn-Tder@5Y7o%3IdfvTK3BQk>y3DbN>rzfE7BBg3*=mDn1|LAD}dg6h0y~XHU z`M=)+|9RQ_Bo5|ANDmAz?BS+2n!#Wg$J$m|0XbnWGBf5(#@<7b)i#wWk>H8X-%rcm zjF-M>duyvP;uu&Q`K?q|&L9cz;~(DrWMqwqzU5j;7FJC_x2-|4u7%mG`(x-^WI23f zIZGIK@3-JERz>XdrQ6P?FZo>0FV}HyYlo!fgrGf^8$CnwWHP>s?dG=XSNu3<`<CD^cd8|n@5V)&jPCn%GlfiS7xt^(4=9xat_sO~@m?>+} zbNj=k{Fu1WTjjjw9q%tyR4M8g+YBX4cBGr10-J_4V0l;eK{o8;?t&#vZ~^1DmUlN_ zU?OJ#X>fI^Rm)QWCuOE(bJ4dE|3&^hW%)?FP{;L9KVM8ZEdlO zTWztZ+STarXV2OY9J3~?lF6Td+v=|d=x#?EyVL|7_k~5maIjow6wvaj0L5gMl2foN z#6#A2&q$R>73#75NxFE?fbdbn#oX) z2JDjXV!NyI-Se+u))b;$nq2WVY2nRgi%Se(M79%P)^geQNjf5b;*XL(PRjnL{xSL- zC5C7%dxJBdp8VzI3~s{Q0WIx34D|6PS`dE53lJ>v!e(ehZ?~rrjsiuYen#f2t$i1t zBn8n@c*qX`0(>DIdb*>KGmR;=B!xtY72={0ALOF^KWnr9vvwP-?FVa@roGv}ZaAp~ zYo8wDLs;ePr0C<2e63)PB`LT^|Ml945Wsu4!rCwoRlhVneE&k&Br<~i^g}*`49!k~ zp6<`uSWD7d|NYu_qW`Sj0&61^bW1a$3-_({n5e_rPGjwY$l7Z3VaT2f7Fhzg_`iN{ zyZ<@wW>~ujSvxa+YyY(=khLGSUqRN^rKk9_c9|vV?Zd9!r2VG|x3xM`?S~ZmPHND1 zBAZ80+$|S?`e)ko<*3W>fBs$W*ePtD=+`wABfJfNpZ)OxQFNDPS?%eS`anNbmf(!` zMZLlSy zEoBjlmTvn=O_!CGG@ ze!hKYfAcp&kd1ya{P9y~_4s}47t_mRFLci91Qi#`qh0>+YOY;tdJX%1tLQaI9aP`1 zt&s7F?|WLBOs~>ONJCUe_!V$!7CNHos*bZeckd4>H_zo;3(Iq{MG65r?P~^NPj>o8 zR7M&k*;?^3iZ)1Pku!P%S*2?~40*5YyGYN~R{m>l?WQ53m^ccCs!AJ+bUU)eQD zMQJHQQb-}qb;&pF1*EawJ|$&S#61fk?JaB?fL_(F3V3rgO3{Lt`~GnPqBN_+XNuXL z6Hi+b!}ltEhEpIY%4Oc)*lXeUxINKtFo>(2)SSpZV$c#l^iy$FPwbqdxzW7s$r{JT zw@Cv7p{8zOi1u(gZ_@a9xZKcuWKFyzI&foX{UZ5-ki!WKY#C`TTxSW+%$j|zd6TAB zUUYoE>GW!rYlkHzasTS1c_N5YRBpdokywYgjh)nj`b8&G2hpYfW$#?$Xo@{j*^2{e zy88tjRsI*KlIWa&4EQx8XO4zgZJ2 zmf7yvT(7RG8LTf3THoWi<4#!k=+sAqt#FOL31}hi6RA~{C>E0+byKf0G!Do@sEQ8l z-KC34*pA2!`t%g68}Vq%xHeAOu8|bwHjKJWRB^tg+i0G2n&rPirNV&7TUQRsoq&`@ zgjdw4UW?oyNbLH6`zS6HA-0o5CJd9-Sp*~c>|fojTwq0IVYTYLOEW_!z@)FGBlX>p z(oPeE^0<6YNBgzFY3ZN!le^EQm<&yuvfj%Y)(x~q{yEcgCP9yfv)kJjQ(rJko0`hN z{K>M|{u(Hd$FqV@;in%VAB=qP-&Tj#;@olk${sAOZ$Jpny6UE*=vGg%!00gZ9KZY~ zCTlaGm%3D4v%vb6Yh$t&w|&sA6ZLYYa;YBC|I&l{O2>=h`6`y);E#2+^z;|9QHtIj zI9KUy`Vr)+1mvpO`p94Z`T)qY@vt;Sl8|cImDt}f8mqzH>VDiT|2)%mX<1oQkP%Ue z*h30aNoQWDH#=M3O49!Vq7BfHkjaM&3I-}V{)D(OMzTNj0LF-|AjkzveBC;;D_ zA(!#lcVUNO6bzQ&4MJbd%ZLrN%@S?ITuID}GTynyCtv0oWLdWr=v%8YDCo+S7|8pF zMMwuf8!l~$iQx`z@e|j3OyfrViy$V1i9G?JC)ZNO`1T*DeS^$I9%Z}hom7?AV19$@ zvf!nxrBS`vFLQZ4tIE4SBC^t*`e}PZ@2&XI8jI$2;{IV56(xEk9KW$d4U;??8+~6N zKjm+)K;?q~fFuD4t#Pl;GJD_md~~%b^6_xtwv@C*YMsf;42H6^WDFU7=Dl(XigLnN zuK2}H$oH6Is1P&XM8Ib~5Ul{{p9EEv1}Bv5aH{>t)TiYUQHB?lpQ>s5QX-2HCMpjw z!u6eRRrvRjE}#p!+B9&avNpupC;LcZRQ)AEb}rXDweCC~nBAjEv#To=bDThYGxNL& z95g}p&l__exE#mp!;2nBgb1Cv$agL9q8OBIY2VoHcAsVy+nJr=8f#!$#5KRDm>jyv zopJLf2m|R85VA{Y34;6FFbIPjy*ltg$SUm{m-T!ZU*$V)zF)~P?0yeo%^keZDgI@7 zAt)fEETXwjdolW42n0x^;V3)JVQ$V+(#*0=BcU7^cxww${|CJ?+<3Hxo=%J>8h)+z zsiui){^Sb}II!CFCcMZ+H5yZU&bI3_jvx>3BSNYt3YdtVOZy%XBt+tQk5ooha|EWR zCK-?3zdK+b7ILl*q`x)<)BM|WmBCn2ry;?Ai)}{u>Q%)O(ZoE2XgFR8f8KRtNF&S4 z@w>zGQ&gnJm|we7;^Mz2qzx8ZJ}m55{Eipc-tEQYC9%Mj(V~kcW$S3GFmAj+%^mbPVMXuHL%s z@bw*NPSH!JyS+ZbBTed}epsnbSACsHG1F*sYdV1c&O-`#FZuFUTiC{HJ7Iz-G+gw^=X^=6o~EMgZxTMFb%4SUTDL+AaE9>{LeIpOwTH5 zdI!2}Ct8Bx9o*Y49hG~H1%^Gurw-rT&x3ItBNxKS!CDGLwKd@I(XHeRm5%Vcdtg%7*Np7s zXLYk6NjTY`M0aH{*Aj{V*zBB898*HQ3Bhb960-{S_Pf)5ybJLjs&|r#zzPO4U{)?$ zy%AC}5g>AEKl6POYXHW>6XZUndB6pk)Q!Nnx*=~U{G)st6^_qy=Z1g%b{8B&Ggvn;OaT~o^wTVV^Wg|%KrD4cu3T_>H`9>!#Zs^R+K_&tUY!>h<|*46!^7ryi188$q6k!cnY(KxyjJz!$FM=Cg3$LHtY8(9AX|1A_c!bd z{sjbdCdiCQpO2)^eq$Onu+mptu=hQc|D>3OUobZ*!R~3SvqZVZs=Ag9NMVwU=4A)z zXJjCFX#k~eY;5?l`e;@E%1RQu9tli%x3HBndts3jDd9nee-1qY4ve{x z4JjF@m+5N?XIWCvc6u=bQa}}u)~T>D49OB=UmF$A@)#eZi8ojWN`TS{u=G%VFWzsj zAll8&es`Vwx$p*w+{vMgJ>n;yc(>){T)(8;5fTKoxO7VQ!*+y=9@JBSF*i{Dq7I0W z`>UCi(q@5pt48A(Upz0!bQ~;ju&!8MNbF&XiF2EL1wsg7(@-`C$P=^?AG=5ei_bx` zt(rS1NeuAo5+mz--W`%63EFc>n(mK}XW2;;V=@r#R<@AjC+D6&@+s)Wu=OrV;RR#Le{?d^J^WvjsZ~x1spf4#jK`;;`;O?IY?$rax zzhtsWxa9Oux!l&Y7xd5uS)Rjl>0nwKNQamjcUt$SHLoTEv7KOhkcjgt_w4j&9UcIg zL6mriwkV#a3xPt!Kr2Z{(bLn@(KB$nz6CyN2pBNnHX&rWdo)1-(oCIJG-2#`E~eo4 zf}k=@J!z;>=>HZjvd^LXl>U6vNJkfwSh!jgJ`;BN%`$Qac+}y-LRbh>LdbU=D_R?? zw+YZa8^RytODZX^;=rP(TL%re`5-dXb$^-fdGN+-uhOb9;iUAlqx9tEiW*>yn67LGakS67Q?29jm-*Q1d->o zceapV1*q55xPQU#HV2DGM;oSzSMDe=m4KV59NU{{2=Of`c8F)&jw_b4o>*G-S^pdD z@UcLXgm42EB4s5FvgHA#6t>+3IRe29)ziHccb%58O323_13G`0{SSS$n~QGH2>e!0`(Y6 z7kof&Wbj4&jEuxj1)LYJTn}3Pu#LpU_-^JnH~1)5n`wX|DK0SEYzSC6EGz`Ftsme| zK!dISk2uynN-(SH{CnsoCJzsD=HyM}Jd2U_rb6y45p}M5NAX?gyZTTTHPF->3@}Rs zPRk@}Lufzr!^aSmj8Z{{ZMRV*XI9x6tlsfO7 z&Phcjhy{|%si;Jp#%O`jc{}tBMK;8sKL9~b>^a1J$XiV6<0SgsvOtVQ)~(I@+GEN4 zJ|x^G;&pGD-*>1Ln|L3_>BD7Xa1H1YO8RV%_Dsa?g0r;TraH2zmu;l%)I&V4He+IZ zbYcDl*ulh3bDH-~+|B4g5JOYcSg)|$3fe{zhdTmRqvWm|( zX2olt2ndgK53UMy?1n3j#F}Z8*QW^En2hjma3iqs#ZOP9q{W$;m?W~TrG+%gZKcjY zX;`M9;Kr)L^0XVdEBnQrRopni=@RVd;17_LB>@atnv0$OTR}uAhPEX0Nb=>IN0hmz zoDDO}Gt>ADq#C?0R;evI@Uk1GW|#Rz^uD;qZgj~9ECl6Vxlc&~>ZjNbz+93Uc{d}S zO}GoMr5)9bp#RySTFZ15eM-Z#x{LJ(DSlrcrX50tq$VU)`m7j3e{)aHA=9Z5pI9XpAlQ4J#P7(ssMbK+Tkg!!%DnJfhzUK&meyi6= z+?J{*A}uw;b1BK4HrlRpfR70s2KC!ak^#1vfqIi@vc*k7x8Z+Y)ddE`;W-@_hOTCB zGFtO!6O2~1yjyFo&PGLLBf7#wF^*4Hs%7G^Z?sUN<}u1rJTxJFY|_^3y~B0l&`q*2 zwd^}pporpCpn(H}^F?l|~+cbUO$7pAT0k ztRC*A`?a(a_oUlZf>KO0;@7w%*Cap1HLaiVbLp|E-+DNoik8!-g zpQGfwz9zcn>r#HF}G!Oa#y@LJ(#tH2!R4Ig$Ujf)L#LPBRn$Xa`EW(h#z$jij@CVXqKS zTz5$|j#2wK|M5Nngu9Fa{AJ;ZB5_y@7yse*f@Z2bGDftb04lq(MIgKGf8G=5Ux->l zd&B;O@VnM>pVZYtxl3amZ^lEfB=_E+s}a+j!1xlHHR$c{_sG6 z*@D(K2KraONNTT5DOe8Z%6B(XkXjp%I_+0QRHj0aB}{12V-3;Z_8$pi3~Vhmruj;p zYsyv0baax@gw1hcWO*{tmdBF~oG#X&)mIHU_>Acv%BLZF2aNp_CGn_j^kc~Z<36|aVTN4n;b1T%how~m6pG?aq79`!wI+$tp z1gJmknl!1fr6agSc%U*IIB9VfI$i6RK^R~~1#B1lk5UTN7I%NS#d@mL&|I|GXR~DK zB_0MYgArnNvfeP)YW3n|eZn{f9Wd}DAl|u^3`ORCd!7s^h>0_}QLARj9YB9b0m-9s zaEqd}U1ru$Aj69_0w+vx;s|d-mVMs<8Eks)Nq-d74BS6d8$eX49vn3^joUrXm6~wI zNJ5cN$_&J4E^J@su8$W|uv}A~6j6gp_*kHc_1>WnQ1#n0k4Hx};_h#3n~w8^!W^Je zbc10NnL27dShEz=F=OAmM_1vR^h!BR^k7f3_b#+nRj7vi8Vh8_|5hY`+yO~vxY=Dn zxGR58V4SNBX^u=Bb$B7;HG47bd5fu%+{A=ziv$)hY8OEW3IFic%YR(31)5Q@iGNg+ zFa-&BU*k7d!Kv;*Ql*j*E)F2WDk`T{=U3_Jci;Trd`9p%gO5P7Gfh_f*8PW=3{&pg zs~eZ6a)~A+Q*8fIS+97dtf|4>vH*7rta1g&UcCW%^FOVUG8@gTY`s)jDWCB#HV7H8 zmb(kuCRJ2gxj>Ov#q5cz9!I<47s|5WX5R5gL=otZuB_ja6k6vKM0EwP09~7MxU0(? zM&0xmk4qs`viK+?b>2NXJBR*;yf;=F?)}UKfUbp1$C@a+9h7SZa{@akO36ZcZNHPg zuvqkp&BiJFnFAHW!V5=F8|K?dW9Z*Ag}_EoLqDlg;4Rg8pFnZ}oxVt_Zv+rz5JXuG z=>NbH=MdCH$~iVtqZ{)|#Q3cItEs#e;uF+L>?b-`mGi7LB*nAg(=``M@%T+{vOseJ;pb-L#A_J` z*ifCGp0H;#iU~|R20e%d5rbY(DDSrdqm){<@|pFh#d<#0?3E=of;d54o2+*!*eI)X zIra^^#xVm=&2i}I2Ke`EGp)-Vmcv1o2&hD7UfbdM)8JT!`v?MKqpAK&^jr}KaH6;; zp4XDqO;Dujyajbf2ZL+98;USm!_FbF0TEVY&HmVP7tv0jT;gmxdfF65;={n`U9uYj z(#pzjJzPge+>GXRo!VB8ijE$16XVTIR};Ge)ENkD0pYIG#aik8+d^u_GY$ZmS7qxOHg zit%`;$!!|MICljTpFN+fmsUo7VCz%UK3PAbInQv&eKZXqL0Kd5~A4rPi-9xD0L8*hF5s;qh z&4z_-?|;u^s6LOs0h#7Uq{nO!o^PQe$Koa@qsW_^8a6Ql@;#}5bw{dt<>MbOt_jB7 z_D><`ak;6!K%a`J^{W|@VDT7dMqoP!l7u<;pa zAay&d{~sHi!?sYM2=tlI;p1MDPo@U4;~$x`supfON5$0C{@hJAS?>>09IFTE!~ygQ zSat5?8Zy`AclQ)Oq^5S(czUfVxqfaq6RU?%nmL(FcGTL%crh|O2w2^g)>lXdncCr* z)|Tez`SdW*vJ{Zk)f*&Z{^61qU4}&9=vKY4oKkTnA}K*a#ksH9yGR@tofC_GHvrf( z4;A)&sKZMcAs62bJa@}(^(jaR`K^W#y?NVot=s#!@-O=K>Xpje7 za8y$dgq0Q$R>v9w?|)G!U=9ViHmty3CoxXvX$;MTuW~*XQ89e9owWpl7b^r0E^QkX zTiQtegH|)yHP$`jKGjusQ<_oBLhZb>)%VAbW8Qtmc+L>y1xgkIBc%!#zZD*Jg=Ctp6VQOVB;0=%+F`B+8|6pT8JD#|-6v)FdIkw4MxTaNF)9f8n zeCy#F18Ddc@Rl1JY-Jc4VRPc||Etx)$7-=REw9_2@Sacpg_TAd{kWSA=pD z`pfdjY3P6ZXpjctQe4E1>^6t;M=7=5LtOo8YnZKSZ$0r+8ob)ns4?gRfO0CkOh32w zGR+V01L$AJ0QIl?J7=Kd$JTgsw7wabV{RMrCgc9(1|{zBsm1+Mh9OokAlE>zU8_H- zZVkZZEnpwyd9fg)9K0xwmjz@M&#e$MLNCgMI3hE8?{CBbVqqQ4)qX%e*P*39I<{%T z&Dq3;k*N)8DEklAFVNHmxa9WZ5gx)UgYHLGR-<9UwmQoKyL5=VxZ%am6>gr_01cQ_ zZodF*8~+NN84GI9uYoDd2igFf+V6W1V(oe-?(iEsyNz~sbhbR=|E>gbZ6LK6@-Q#R zbi65*P~>t@;mw^59seSOc)m^#z2sP3SOE%V;eo3y`L5s>owdr?^{I!4KbB5dc8|fuSxuZA?(CK=u3*W9&G5n|dIO9?CwUDIS zV(RVtOMo+bP5V@r1TE4NZ*LKAx-q~9gg}M|GX@}knUV<72$l-H zzt-!lLTtKLfAOE*UnFk$+3wQ*R?<+evlM(geTCTAnEPYqt@8IxVM31794KgPx9v6p zLhy`>>p?FcwCZu7&&~mG%IVh=_jv;DHbdB0(yu-{ECsXT7q$oDQpTKoKe<@nS{$09r3BA-!{)l}Nv*&Re5gTk>1e_zqvA%y(Y8Ohyf&HE?55`c z78h>-2<2>BW2KTb$Ax&k%rN2m?lA9m+6#Ertfe~Oncf(QkGq-fD~1Pu8q zCO5>`*Pm{*8gKPvgYq5o%BQ_TfFN~^GGN7ao_HY>4z$%;TS!)#gpA!&;;3Jzn1ga( zu-bSkm+6=Cfqro^_Eh~(%_W@}*Pjq;UAJ>S-kIgwSXu$yA2gX5bpZh8<9j`4+bfc@Q&hgE1hQ0KgsWMUus4?^$VS6CMjPNOb&P5dH5O zd6g{))E<|%A4G>dte4soBm!JkKi}bC=Xf|Nkx%$hbd4o`f1GA7P#1fI$Cdl^U{FpzLA0rXKHkqCL8diA8k$6fZ|m{X65!X;KJjYX08u~PokOhLXS$}nCh1by zH`31XZ6#VBaK;ETLDS^oT~Jv;R5G01T*Yx}@<@#0t>%F`1vfaFt#M5$8$X^_Qs>MVw7byR7>&0DVY-Js-roaGGw&nOPEM!Z}Qpl~5$oN3`*J;88F5mnd z38liXykbIqK0Ktl2i*Tq*d_(xTWy`4#$hP1!0s?t>xBWb=|JOY&WP{w@^hk_X>PlV z12obUF5#@onv2#-x6>@i(9O%4>$d+EJ)hPvRZx=D<7<2%r44LhR-= zzQL!Gl7RkPUOUWUsyQ*C*3JA2U2YXPBV;E>hvMg$perPjrwb&tcWd8oeBcQ~sN^ws%O{DuX>iC%>B-EmT;fxn+`2q9fUD*4g33o^6&=3`n?~^h6A*Op9MC$NfMHIP9JT~?|GuzgPmUWmmMI5HnrU@1S! zG6y7@0i$+w##tg>{ycIgLSS3)OaV;mqkq+Y7hXcT8rmI*mLLuBBbZZ19s2H_NF4cC zH&aYV2myx+=uq;$JK*nP7KF}YYYro&ET>&MKB8@>FA-{8--~T$YW#xAFaFK{6_d_O z3!O`bBwpZ42cX}7c(rlL&ndk%tSFG;CU@4;J3R4~24*;EcNo+^9ew2?R4$gOfevQ6 zesu`^#|!;nRu5{W1Zur2Gs->|58I>TLns+2gBmTHo~hrGAt!hNm}dJ0KoCHtG-xH0 zt6-w}6O9GEG*9~4Yne++h0>{El*JJEVJ!IcAFX~jp&Xj61opb011xkjG)Uj7 zFFSutWnf}4H7BEXhAK%4WVOdf zGN#+bv`i<}$R>^<=CAYGS>H$a{}UQmk&A!Cn=4javI!97;XAL`Isv{~pcQSmi7Th5 z`eYxE2dYN6Y5?VBWGq(v{Q4IbguvOR5y-pX7uv0&nGX7JVwJ($2UZ32qhi*`)#A~! z``C*81xXS@RwgSw+4}7RX|Nyb{>kOCk|@BuY-kh6g0BJe{n+0^hn>Z(s~z6|k^q25 z1%s-^EGO$%=i{73-a(jwD}))KKZoSNkK8?^+$ALxcV)C#$IBL7PdBrieJqknrsFm}vOndA68fo`lZWnc|!?o-j$VB9*C z#((VtCXIRbv^#3!cpJ^KTkcX41rEea&*{D|%nU*5 zrNd~TET(FATz}Kf(z^iO z1TwcE^ODVKKXP6|*h;-_Vwq1m?e1R>`isY9zoQsu@IVncnfW0wZfQTtdR*hXHTOM~ zd_v~H4H@acGSgabTclnq0B}t%+-&?OYuiNDv>vp88YZ(L)#4`NvUl$rRpW*DmkKOSC8;=f` zV*X+fC_{zO$IaeV(PVfLUo?fjh@>Uw)T**}4 zSarcsRMbJG+&>W#MSrJs{0o$f0dUUiynMO9qOxolS~pX2ZQDZ-p35Cgy*MW(p5 z-VP=1k0IU<0Px1#LM;QbP8>Wb$Qx#z!oV-cj>iWjCjb2if9Ueg3J^Mtk@G|0m|sVy z_X4*ltC|nk?D2v?Ymdk)P5h+3E#cq+ax)wyYyUVI zH*phZ_xW)FAfYA0@kNr75B=G3{i5M?-5$x+`55Nt@Q7$da}VS;zdV?3tUdP2A+nW1J-$- zEi3J>g}!3?cRon?xG|v=js=Yy zVSIeK{t22LmjHa|tW3)V!9*57FkaSYY4iNSs2~+0OpnEg<3X%jMPZUaoDZYD~F;j(? zJv&r7*Yv8vwX0HP?mu$@q(|Lgek9AP^V}AW$f%(z6sf*{8}xno@h&pj@4#`i9HC)r zC@Lb4DUtu&{KyC71S$^*+V$Qi{;x7PQ2ho%Xx=YmMJ`>Ij4S3`b2EC#zx4g&Qe#Oj zjX()X9mIeCEF_@RM}xrET#KP$+cfiq8qJL~9P%Dkm*scA9?xIPDy7TOF_l6ZclSWf zU_OA@3TdCn2%t;Gm4g?m^5&8mz>(RMEFk5|WW za(L%*s8;#C+JEl&uMhr^6`e!Km{BH_qzh%8f*U@|)9m26hNT>#)WPz~rRa zrMN!N&zC#ahJ`$yHh}yL{|rVVNI{;l%=paNf@wzz;P;Z_74}s=&;QQ0=uAU~U{i%Rp~E8;P_u=vyQ1qzjJ)e!|rG3)7<^4{bHsAO7$wajD`BNPZAX5#3~@D3ie4 z;T22|C9rZ|uj01uJw5-C!KJ@)f<_xPE2Op8Q9uf~6Bs1%gJ6Fx?#CmTF(BcvHbTP+ zx6%oH4iEV;gNxq?3Yu&H%|W<69EAjc3SjY;lfcogd0VLq^G@fOs;6LWrRLi3Abj@updLz>V#|8gyP;)Ncu8kyBC%J6(J( zI>JZ-hV|ZN3zpzgXGUJ2&I!st*y`H?rM{7F5_|MZC&4CgqZU(}s< z%R1AfJ2C!`YpHFH(xRl)#71#VdNe8|jwrOo*gCY)qXQ&11l-lujs{_iT2*Zb>VU;U zQOE<7TgZtEc|iVnDpNd`JcUXwKqu%VH#(49AAT431{(rH+2Vl>bl*WWzMb+Q7lyCP zT5DIsLzAji23a>9olX5~il0(b->i+5r^JDbbf@MNOIh%(RprR6fAc-2It1j4yH-cu zJ=$Kz4Fje?jne4$HN?PN1sRSI2S>wI=>mF)&3?tMW2igTZ(G)RVHq;8ADE0+@L|!l zYv$Y`WK+Xy3C;FZSmvo8-XYQHnHwI=D`hQuZ?gPu7#hKhXeVSCQoN>d>oLG^9UzC% z#nC44{E1Uz5IFoAs>(!AI070==H=Zvxru0)@ob2x^J%_ItaW*8XzPy9zd6Ab86ow9 z+!|N>tj8!o>Jdwm;)Ar{1guJjAK4KFfsheZvV{C=Q!;+zk$3aJ@<4VV)CvqyuV6gT z)H^`bw9O}>b6QJ)#W6x2|415z$(w=E|Ey!&kHRIcBk9N!? zLT9gu<;Kk23cfjELV;V7K_PHbDf(Z-{Ld50`MeaqeCWpU!_uRv0a&odVz`bhQj?Hag^DVU5UsenL z+-CVkD%~nA)v1q8zgdQgaJS~QG?DW%qlvzbTHbyQ7k2La837m?SnVV>i~Oz!zQtPP z;P9}Khj+4d0tQ{ykmI1O1n1}Q@888=Mat@gW6)Y5Uv%YZd`5=+SPa?Hib>dk052Pp zN@dT4IKYf$}&H@Nr$^o1GJI#xLvXmjo(Xrz-OJzN{d2V3dc*-EB$ ze3gZc)w`r=Ia{J4qD<7(KGNQ11Nt!V&2I_({KLIn{YH$9`1*!jE0d3J5M~z?aFRT& z$cv(m!FMqJ*P6f*qtT>!I2UtgM^=gf$;?oF&rQ~A4;l7*18Smzl97g*VHrgah|=F) z0%~@l;z`ZdOO*#K`}dXib#;BrdBY$o8lkO|dO6YZGV<(e(8~Jy`;)T*xJ5-g4L3do zNAlCjG&eVMryAV%QL>dM-B-U0J^i2Dc9j9e6Ys(cdKED@RNyy?`8q+zh3fnWr1-L} zUMxg@-d?>1S9)b-<*9~73^57G&Zae?L(O@g&l4*}e^8tE+x=Q0`4UM-_j159WfE^Kkq7LoT2pEbhCcZlEwwLs zhw-E*Bx~Zzb@{w`v%7f62(czQAtE3^5nfPui^(*6t<3UeUiaH~AtAZ~jMtuA2`zSq zBk$y|=R-k|nr7ZTZElt?Od0)!ZR zTS5V_mz`a4do*9-@UZI1(klswmAhg78B#sOU3Zf*?8T$7!U>4}xnDoi?OFa^Fmzru-UdUcv;aANBSi{8~ zfto46w+PrZ%J}Qz<;|+d^$1aGqxd9S>*(qxu14=qeI*;to9Auf-^zlB>`M8Kcg>;p zi#kh`!2O7bh{sY=g;WhWIk)-v84o`{VZepR2~q5CKeW%G^zBF;w$19s04aTq0w)m7UY(~R{zyEn5OMb0fCj^_GBk& zBrChGUk*=yqwCv^*^zoNZ;y-?T^o(lka5SdpU0h6BbTldGPQge`U27}HNx}LH z8GcX&QG=VBC6GN)F^f)*-Qyuaht@u&jDg|;9a8A?rO=_o93;oVC@H~3xmeGghYmdj z!GuOCCcwkRHRL|klWp1`OGDrjASG*Ha9taD1O8Yl&)D)toFSRch1LkkMEoe_OS#KP%VSPq4=#ZppZp#0h=uWIf!kIY( z6Y@|NXkoBmA{6LwDZinDU)J=CT^j7*P7ff9xQ*}#D&$E z1KB>>o4VpBGFEMqAUMZIOWQ!cBS|D$J@yn+?8j+9d-?gBBPzJA2RG`r8TsiqZGY(F z`;U^%=9K3t2jQV_piKdLwc*={wW1&NM}fQbUcHYG=IWqZx2=rd8y`gx5gS-`Oar8Z z5v-kEUFiWuiX);(J zAFD$bhlEvWCNn0qaZPCBmx)+Y%gR)%9UMHc<5J}$)f19}zP)+|8455My86?WR}Ts1 zk{7aG>8`MMfQ~UmzBrhXF4p2!?DQ<9jkryQ~gO(PRa zFPPfQZO3~Il>Y@_=1)kg>Tjet zkBXuSKrfg%oA2@icMIz5i_r35Iha>vuk^?0k3oN&!{kNr+1c5FBqfcoi~O_6U>~0V zteU>Oo6wf+(S}u{`uc{l*v15;`1ts~e*OAHQqm7x2Tsm+y0IR6ecC^)%fIjY+a(l& zLVri-^j}3hDvQ&NInf?qu*^Xbz*aJ9n4_`1&QFi67&4C(vd2=u=&4@4zJt`n+l)Ya z%-QSXNss0orN%m%h9o3R;}eo2h>=S_hhYP^P0ieSX{K`fA)eS=dVGBR0DA`&71j9y z)zBX%!Y^ll8USmEcqo`_^;$#rnc~|ut-I_NgiVjHE?)rr=G9)-Dd_kOyML_U5*KNz3%j!?9d-&R-W#dajFrTWbrUPpTlJU&U zt+ui^ldi9Kw$~zQ^j$c4qIAT zSyD=qn3w7F40bp?=*h4-y>DC{TRGhJ?AZt6(C?FSqhn)Zw(5BG%N;KwlTW%%e0zZb ztR-AsCLDO!T8UxVb*ojX=hYnddxieAjPl~oIHwaA`sdv%F+uHMp{+Y-R;d=}N{6k@KjTXs2>S{Hf=cQ6J3kwy% zsL{iT6s3$Mn?#+dYgs4XDc2dAJ31*`Hyuf2ZPZyZR}W7}ND7VWPVWV*l{Q_%lRZ8X zE`31blehgvMzcRSgv*1q+Xn5pDSNcXm^5VFgm)mRPz}fM;Hdn$WHvk^%k^w0^R-FN z2GhhzCja4$ii-aI*yGa0$NLSJ2wRkSvx;`5D+{bL#?>qHQ(9=xi^{B_=sG>7*MuRd!l)d9r^0y5MHtkqPD6j)H*AH|6(FKvCOV(v!9r{`+U!Az?Phy%EM(95;n2 zBw_6Qx9&4O+DQLoXd$s0;65d=ylZr_OLK>ez<Y9&p{VzFuB5hxR%HUu%t|uSMCWs zww`>WRN7@GtT8;A@=XLg#AYMoc&fR!f!L&(q`jP`EK)u`S9eryi?Ux+2fWDwx00GQqqmP;r=+^^redHFPX<> zIP{1OEA(@58n%Uc>>6*`=^1T){I);L@_KtFWBKB!LT+ZE3e{3?ot>0|nOWAIJ9og; zpF4K|Y1SxA_DQc4ynYhnf#(r~}};abt=kUB^>u7TMq?^!g=qkA(>z3fwaZk2+XWjwc5!ZMV z8h+E2j;^z#DbvFp>x`Y#Bzqp+kST3Rhzc0#tb0xMsXYq5s2f3QqvD7`f3J z8=e*3>}@#=&ykd=EW5W#79(iw>FH_EKl4P2L@DWI^iz@`e&+;LnTkAVqR5fMf{Kl@ z4abG{Qpc48E=Tj}!a&q@rg(#Z;wrl#n}{rUZdWkBoLq*|_)s$5Y#2WqKbWCW7iF3v z)3ecYaJZR5n6YaT6025~Hn7(=KI$;dX{_Y7_OjoMFO~gcX(VSd=oG|t=8w}(Qgx)X zmrf~AsJ}7ia&#)ARd{x6r&XnqD3K?8Jk<5rt3q3tCQ#59E^>E5X{(VeLCctkS z>gxxweZU}Xz?zf_blUAmthoxbc+sGKvfJrZQhagg>b`jroWov7;d zjga?k595c`5r*O;?4W@wH<#LBuqS2pJ{YjZ&RBJYnEq17vRkbE5zVvP^I~4K^-C0| z$E>f!RS!OEHZ+MEPPVcyEv@wrxa~WUh;W8s?A@fTH#({cNf)y2zepf;y%iN_LcKCW zUmWi?sa*6&kEV1^LmLDZ{hGj&XLWvwkMnjQ9fj4IIbu6#%fK;NDz5-PTnt$sW^div zN)F6J)b9^6tnxk0vZUEGVX#_`op#*jVLB=(AKvJkbHWoNN?qDkp{*C&Gp-1{%n+#? zaJKz{#MHhsJiNtoTe5_MhhxYqNb=m$iT{y;T+jDlnxMAek+b80IN1lf`HEWDyzLQp zM%VhXxvnjjY(>m5zTDI&|8h~rA@_2QHoXk&BPQX2RaM)FePTNZ84bD?%6 zl@~Fw&M#t4LJ#)pkDX?nBXrx^QmU22#4`AYRd*Vkgsw0&Ha1?9U17Vq_a7LL86hwH zFgmtulrPvKAA%WrEd=09&n+rQI2+?Z|Pj zr@JSpw00lhZKsXsjl_?R*UdsI!A=Lq#vvv{Bv<&Fcd1JA;qYGU6J2@V%rVdHR@`Aa&OKlK@#R_P7w#Rs&zDZd!G(M# zZ5>g0hm4sF0TY8+o^?Gw*_&oEX%eyKKZPc;ZKF5&!Bm{wZN+~M-N;9_?*i4x$`py_Rl21wx!StOMvP}lA3 zuuVMkc^cOg)T6!eJP)ZmUN!yGN<|Vz7Cn|WscqYRv;4Yx!#9>DEBoRLelFKVdEcFEVJ9iNWBbD8E^{}B^#m*xyOX0HU;&*F9jM7eDo?G@Ozd}NKu(gY{`eoE+vQT_Kbs}Vo} zHNbD90cL1XVMnJ&i0UQlZZUOrih~RC$=oN{?A+hn}vIG3bx=H|Syw+ixj8A);l$x#j($~o+utP~6M23UL?G~UcwlV<4ty!J3pYTWnD@W&+8zGI9=h8c&ez70vzd}#fuSln5Es08q|cj z9SPZ;SVzmnB$HSHd#Nd1jDU}&NXI1rvyX(pElEm`qXQIL` z8#U(yyW)nk!~O@mE(f1G*vM#HJMtFGroGa@6+7Uz@_6vgXbe}1sNd8{X4ezvXer*H zcEkl9yebjyPQ6YJG3_rH0p&LmfStMMQl!?FL#)n7V^#3H(PEvj#^lFG_k$sPW|;Z0 zC`A7SwQpbDr|jI0y=rM_2yh8Fo|_0C9(ow9uk=Fp2rZ6pkK6G{N}!o~;T$Ndt5zsT}uby5KX=L7FLCVvc~+ zpr%90Uha&IENNb~qO;@F>vb&yfj62Ce6MkiFd4GO9L1~c=PF$@vwv8Hj{C9AUz?jj z$HGt@9Uc4|H_`xr|0}>`|f>gQnllZ9lzU$o%HD_-8XHP^=F&a*@HPz(}%~ETc$*! zN+>>Q%^QaU)uj`*nw-<>74P2XhheN-XR=0Gv}G?b$Mr#0@v?b12*aDRRiVE zUcPj~QTk$&z%kHQCKhSeLW+07GvSs#5Zt5XtQ{x{$f7#_$>SBX1?PQx}fWR^s76)p}s%f<>mGTaaHbP^z;s9<2udbxX7sK z>BWBU>VguLfB%gM3p#xJ)8yYq-oOBo{O`cXSK1vQF8rWJKe%tu?1x=l8EltGX-%Ah z%&zSC0!5(gN0&yXqi$3|2`JES(bOb;IFvW0_P{bN(GWc4>`Hn2S%Ck%<<&96%AXNQ z(Jth7Q|7x&xeEW%E}{t?%ndv~co$}^(4hn6S^&P#eH7|cde3kwq6p-y^2r-p*4jXn z=gz;p#BV3vUR^HLsd%m8VH>Y3sebb6Dl4!;Cd`d%RRY^#bFDp<-MypcjjZIGGW{*C zfQtZ#=%)i1R(;UM9h042qA%r)AF<-kZbw z78Ma=;&0X|kE^|#ziqxAo z344o7c<JpmE}W}jL*!C2edNwLntOn$-LCifw)wq15K5eF+98O4B(~i{+VM?xJ^4kt&r56LpB_n18@n2Bo(I^E!X< z8Ewu9%vh`>V1wz&58Iw&cenlbbJb0>5)bt}B-8Zt%4Kb&GvK` zMm`iF>l>^XAc0j{$_?&co}26Awme?5sIR-cKKMiym-RN6qSIv{*)@CD+CmJk|46hB zsPA$Lt`7O>bTEuQSNJ_3W3Ppe)R}bl5$rupzDdO-NRlmrYxm)e8+|h}v+ZQ{Ruwqh z(U!l${rMX9ttS1mma`b0O;%)MX4-hR-S9v1wGBMGDC@h{)Lf-Lt(z_6P}*0}+qNAc z7fhV-rF*b9wNPsecT8pP&TYCJ2k3ze6&WM;(h zf}Cq)E{bTM!NvaW9*5r5wR5ixCuQMmb$H6`G|=B8RMB%U(Qo;4hTA1NDz?hb za9Zocn!IZ7S)KSoKuKwP9;&;d_NoGL#ZG%{oL3*W&JCmDDmAn&YWukZEWr_c@~2S- zKY-t`cB%K%(~Tjwu&j=M%;x-nZ zVVNF;peXNQOk5v^fl0gfYgvI5Ng!cRo!>|sNmPS;kDm}EX;7C!Pftc-qUiBnvkNHl zWTek({6xat=l7|Y_(aUSeovPvn77-RU^)p_JtEUFy$zyH zj@*~X^e`(rj3(I(7DU9X(~+T^wy{9emsPbF4GIYX@g%7ziob`0GU=n#hPe<7faL0a z{xq&{XkcJxFQkp1%_t`(LIu3P`&vvIKRngTdxx11V(>r%MOWL!ZLJt^7n#J={B!eX zcu)6(4K|Us^(pAw;?)p|MOKDZi2*YgmzUKfB?CbHt=QrVT6NKcZ=%r;0usVy4ksl{ zq)35gBvf@$6Ym$7kxnjDous793lF~`E+$3?%5}?u=Vzv*e%}w$jl<(5<6U^!WL;Qp zyto2GW63x7DIcwbGBJh-TOJ(LS;3n{;w&N@myx`jfwR*tD;;A*EWd<~$fkfxh(nKR!{}Rb`5_ z^YhbAr_C+z0%|-Qd+HSo{{8T>!6EXGV?m?IEWKs}5{BQnj@Bj8Nwz-R-=7Wuh+ws6 zR!H<+hu!d**Ecf)rI3mdg4_^(Lt`Nsw@saWmM zz+HP^4>(7}dF{u;@6PeSqPF6`dknoAa-WNyjEDzM0N2eBg;(ZOTY#g_%> zaouyin||r8LaOQ5aO&UbW`OLK+?X!NZ2C?z9F+?zacsj3W{_4^RD2^i%Ev!=Ku(ze z;B$z}*0-1>x_>cel?dEba8#(=JtyZUyDv9aP5umT#JouZMLb>{(DLGi<>u!|AR6%_`G_Wd8T7SMv}=6iKGvSo6<12mjzO`Spx9VUN!an zFi#QEWkKb6sm5OcK!0f8mre}Hf4n@9UB_qmLqkKVii!zK`*QQ;Wu^3}W{+7EX%bFa zJ&KLn?1Jgr6huTs5CsP7+uVPmlJQK z0Sa;lfuR9KhqxNBkr7=BYoWaF!zxUXZ}NtRbwI6&fty=RQBe_;Ez>*<4XpXHkX~;5JlE!CRLv`(e3O+E1eO5}F`7t0d7=zDYweZ=vY_4{nAUg`a}Z6uhMtoa zXh3myatWYgpb?7iYySZmNI0IExw(?Y{j%js`WPFa0H1IvbIGIt z@Cj~*<>=zl?8(p1-`&v>9~ntfUEp5pOmRnDOr`kNt;DA|&w8L3#GB@%F(#O~t-}eg z2w;_zjg5`iq?p^cZY_4UO@H|>%^t5nbOyN#9v@Nc1E<+H^0BKHgL_dhrAL6pAJ6n< zTh}e1Wz`8PuON#w&I3uXNfsSGQi5w?AxW{76&2m!u?!B=w)E0cwf3rVWm?7sD>9W%|Ur1lf3u!auYzD1a8f%TUI9i)@LEkTCW2Yux>b|EQVZ+Q|Z-UBIgA zqSIK=mix^FJwVTT3RyKvNvhb$;6GavN>2 ztjHeL-%T(k`g1@gen2L@%5XOSxr!J&Lj$WjSvwkjdJ}bQZd#oFMlo)WPzkA3(CQ{` zYr%o)sO!U!fdjA=-#;*r0T86Bib{ILR<@qIM_Hz2yZvxcpNl_)jr?jb$Qt?6(&`o( z2I{5dr4{7lLViq6dhpXe4+v;R$8QyfzbS+Iv;I&kbU>!@`{FTrK&VIvT`*oE_NpIg zO+tN;YzAAQ{zyl%1Kv~=KOSVsM0p2a-^uhD5S@@JSy@;pfwFE}tY8+=*hpSsru&e1 zC)sWbQchSMVbk|by97JQ7CgUf=zyL#dJYcdz`#K6=o{(gtN3+W;CY3g*HFi}zycaHSD(K`npDsl6Y@II zfmR$($;!;EV~8}wqAvj(U>L?*3=#zH{d@dJ#>R9sGz~{yWW>bg0<@7vF#zTK@IXZV zlb>*eGDNEaapDS)Ur0+Q?h62o(0d&w3fL&a_7;=w7YUNq=%Kz2_mRD`;$7lvEfE}< z0xo)%+;QCrg=_orbM(+_FCf<6WwBEPxMSYT@|~k%N_j>k+sy}Gek20G zZ*o2;+Y={j`lA>gFP6xbBocdLZTmoC8n%7ZG(|m_MD};=VgpIYQ6jr%_?4BFJp%*g!ZYo0>Rw*epk>?Xr%H9{qCiS!S8%Dax~psQ z=g+tC0c1NgjDQ+lF{%8PbLGG+KzdP;?)1u!>|%7;8*ef`x470fHZpQ?sbXPam0Bk5 zhUW%Om?RSy(eXM!U>Z9^SyjnkGB#-9Ug${wg7+tF}e0&Div zzE6__qO9-bhVWNd^!!hPQlk=Yr@Kyk#vo_1?O49u!>_1kS}!UpYJHy#Ij}&Jecx1E zj~cLhd=i5>v-!d&0q|KO7U!WMoWggU6?D40#03CjDg)1O9S_eV#KDhE+8zjKAb2#Z7UHx_N#(Mif~XLrEphIX(%#Q5*sTElqWa6X#gP?4 zbf}jWF|4kJR8-KCe>-^=lYzg2-r3QyUoL2RcILwe!We6d&NuHi`Lz^HD;YpVM^}-3 zA_Di@Gon`EsJwEp4?hF^*_!m_7epy9Xm-35mC7zZ5n%3ODqt0msxJ?e{yR_ww6lR5 zg{)XR(XY4C-n#W8Qx}ir(5v~s+=v~M-ABy9t09*8SF4gSF%F?nZ?$;n;54VoOmjRO) zOB-cnhsr?#{_Y-oMWTB`mnID$SA_l!{=eM)9P%%9+L4NV5Y>5Lal|X(18E?|d*|g$2m<%u|03e0uYzrZB!n z*?w~GGMEIRv>~TP5geqs>!}81M(3KKWSN*GYbRYN z7hC=q0kUEBY;VZ@E<3#YNtk%i~xc#!XH9kV0HXIER} z)c5zAYy#2obgxZQ{L9qC$L~R2`K`io_ z^ypU>&O)%k7Q3l89U&`x$8$B(H|YD(0WizW31FxyTr|J!uq*ta`W89aJ3#r?pgd>e z^_~zrn(!NBD;KknLEs-gc^jMTPF7E|<@SI`Bk+rD(s@S)$By?&|mpF zjCX|QJ(YYOip)FzgY?(zuF%TSef!>8Bw1l@DTX65b z@NI@UN;yUZk^W1GKz);dSHoF?C2z!bAF8(X&Fj62Daa zN-E{dfEUspjkd>#l%EmPA7PkBfywbqz-KqMGd%|)Za8&CHQIdRzEk;J;NHgDZxqB) zBL6-ILdav6>QD zB9;o5n%B5<9L=c=jMSsm=Q)u5xqpC3B-32Q#u48*+^3#CXynI}+rVUdx)+a#)TJ#R z?c}rf^qZEy^Xn4>{VC$h1tS7$TA~MJ(DopT+z>^Z(Z5@f^->_0G^x{nZkZ$mHTiRP z;!{c@o&rV){@vUm#0ajnGA(=l8TBW#Wxz&wzgs)o+PE&-I?h-1z9mXW+IoP?M}%BB zC&X54D2q_Ii=EHCB`) zf|!gHChYpSgz2X(rOr4hh9bu4|MADCF*mdg#sa(Cmmc%l|5~+Tn$no@CjI4mjFmm= zrbD_FTj<{&qmb@~2gH1gS&0qx4KFB(vUDcoFgUQ>=d5l$IQw6UDcA3w_5%DScbFEC z{k=Az#cw30;E}&G4onNJ9#4Y8^jQe%2jrP8f9qY(38&z%A^Y$>*z`XJtigD04y`Y(=k+YrtwmUdN7)pIA zOZ+tZ_HyE=95+)Uo)WeK>^(@S?cZ$3LCNP%9uzf=2r!)Wpu2;Lz%TYQ(K;1lNGryD zU>@?(y$cIh`agqt*s&wUH3TpjS6YJ8P%E#h1JOUKaOe&`RifX9vi`YCL@oLjMPBE^ z!qvgVw3jWNZ|5B4HuA`m2mL^To9u6rcGMom$AF1D^f*qZI5i6Skj=aH`&l7Vf&Ba` zC6q2JQdgN5g4}Wy5G;Y34zH&i*H7eSCmWnMZiM8-Ie{PQfK1CmM^bxU8PD-CRC)eSnw%WO1!s{@FNud4ITATi@p2{$wqh-u zD!boo?Y2%sXbx1I zWcu_^PWc1eBM!_Xq-Qqx^2MbXWyz`e2J;l=yY)<%J7oaW9*+uVq9g+WUO2-aN%(r> z^a}`F?5f(ykKD_Zj-1bTh2>k1{hIzCs?|W9q0!t7>O3H&5!0G*{S}1nX5{aDC*!Ae zZ;A9n`KQ%KKzeGb1iGP)Vw&yTa z1|E;ID5RA$MatqN7cIoE4)Svs_TFkz!fr)>1&?8)mQlx}ivQ|yHm9+Zfo!JtXucLY zojPwO9;53&xj>qBwXgdPpLYd&6B6;BZRu1-eK4HKb9$qm;T^i1&+vr9R%`@PnSfVi z4p&JYfPA6ki7y1n1yGXwky}V}qSKhzevM(a%Ch&~EmwO-$NKo>=@v~cwET1(5=Z6U z{zDXKA%SB9`Nq@_uC|X&L=FB%2enTX?JFw%14J?my^Hp{_f)XDPQaxv3oy$Y^|}eC zOTx!VU?KWDFI(ihbk`f_FUseZ${#E}#o72VU(K(hmxcu}lUwioJO2-^!U0gE+P4K? zh!#lXOzE>HC?c$a8$E)A%Bb70U5N)?r-7UKwrd)Z^bNGUmL5QYM9bS-IpxItk z^gxzrDUy#{ABUFc-oKObNDZODpCynZdzU7z48Wp@&GW5m!2SspUVD$?mM;=1tX)pL zdj^v<;}2T+1j`?%9rl9hQF<1y@Wa9Kr-{2W)s2=Lpp9wEw5)|9WsN!l{vXI2tm%6Z z8m;UFqm=`1Oo2N4vfkTEL{w_OvS|JUFrL0}xkgdLfcGfPa8#Y+k))yK^)Z7PO3#W+QF|ISaMi~_?r?^4~c zu!Br2;dj1HRsQ95BR`i?iXOGkf!OQ?Ybdku@xUB|^wMjI#xAf_k+vXy}pV4}W-D7(ymavkW2B41m>lX6ppl}QacIAp#u<6`Ttjnhu+-ICj13|om#sryLBlH+TB_PbMwfX;<^ z#}69UH0*jQP zw2%&Hzu2(Uv-wX?L#2QbEiVuu2!_(*mpK;ZnG7oYBMoxP31#U)8;~3BS(FEEmyYM9 z6QVf#$_1A3;cs@|LEI3g{IKicPs3J{sIiq@H3XjubJDhD*!omt4^CWtk)y=Qj`bJ*;%`qzfI_7vE552;Tco zaT@o4vK8f%IGnHS5?8FR6O`+MTOdBVT7cVZvWtd-iBZ9^p8@E7zOiU~ZsFA4%jnCT_ToE#=A49_y@;VxgfJ7+8U)XYe}ti6=p-E zQ81V9Oa{%uLS^oeD=oe!veW?@Sl)!4nVi)pa8va%aLam4L4BKZ`{pF)U7j9mj!J=e zGwiHf+wb5e3lqy0S^4fXoA6}NRbQNF9SL##`NcRxKe@uu)}f&OfB-rF!peM4!l=Q-GVIH z`oa+)iodkOWa4*n1lIR3r{Gri`K1^OnJ#(((`C$8>#Q(EJJX!fvL=gtP^YDw)P6029vJEr2*cEr$+F zcm4RVi`r@6tB0GOZrxp!<(yTW^q`>gn)_Q*-g> z9&q~~$LoM_!6X1AiS9cz5`8q%Xn-Tqp!TwjErk<%B?4xK*ubO6;-{Ft48o~z`53ZPpNUuuO>$dJ{1N|dX8`uv&kqyX?+5M!6K&-1z5`;4 zD*HVx~v- z-jRL1&0;6~`s1{i9~q#~MHn0uAbJM!?cD-^IE6>=N~6pf6-c;?ENT5E}|X+;>5oraEZ%LFEGRD>$Hd->gKJwvqqh zfpZZYb+!Xh07~?&@XlD8hYd=hsUC^tH1AF3rZsN|BzHrjVHkM>PNJZ`Jy60DtCcvH zwEn!#57qzm2NVKlVFmqMVGDwiP+F}DU*uN4=a-vHLK3`e_e-N5p# z?w0_TGFi@lCENE&y3)hd4Nkkf>Cs$lGK2Mi)z@)_xhOnvIQ%$r07)VSFNE0NVTvEvYrK~Cd9DXoBCzYExAdJ$I_}M zH%{kna_AoD7(Ry-%%PCom(8zju-~2G|2{1s^K305)hlgdG-Pt?6UMt2TpoA8eZ-8vp4DPi6->l$fvB;} zI!O=3F3zd=R zU#25THwxYC%`d4|#)y#OPQF1&I_2>EfBB2ERY7i8A4a+r^L-v<-B_Y^vO#%cQJ?gF z$@%N9UOg9LYL*9I|ZL+k(Us;+Hs8kXu;V`5eEUyM%#>UXDkOv4ore>Ml4Dx8MHL>?=@*JuZKilHNyUc>;7+G4F( z>4-%?&bx^2Kki#xWda9pE_R>6(#DU$^Rl!}Z*YL+lHEY(N2UH5eLF8fz;NEO-t7s2p^eszQ0~yFSd8^_JBIxjEbeW7q#Yn3XW1NCm2 zo>qA5iU9R_p0b~Y8#`(6FS~?8Tx({Js&x@hr0OFDna6AiC*{$^FJ`VQ-c8}7FO4#M zEc$XRT$%1afPycw`6cZ`|M6TXjvt%|MA)+eEqf@=V1h^cf<6_rXJ0>I*d8vgl49EJ zsW72dYjSQX(~8~8?XsJU96p!mNDL-zE7T%=&16)bN&HOF+MjScnp#n3!Kwd`u*91t z-&;PScd^1TyJ&ZW9C+#>coX?+AOdIwYbRw?%$;~}RLWs|=~Jm~$5x3pFaGrL%al{5 zt<`dbm9clE;CD9-&tg-YRmAKOn8U`OiPTzp(+JAwz{v<9uy6DK^gWav`MOAf!sS(9(IhqT%7v^6Lo_31nTt0Y#G zP2e=|#M|iiepe=y+cAJ&B;L??RJ~+pUcnG~{QNNz>|Cmbi@Bz^_}nu}y2X4*Om2S6 zdGqo5nCg?sd$p1(zlkrL3JY}a$}#qAD1u~^xsPUZ4+c~o-HN+w?Qcoku`gN>R!4<=e@m(D%4W ztN9(iw{VI<>%IeUHmYO&iO<(tGlj(j?cL z|8W+saozHFW8-)8x<=UyXy4&CH?4gLf-&$8W@3zimMzHYY@~9ZR(e1k2;@MOqsn2@ zDDck`1U@icXr; z61i?Z1ruDqUg}|a)fif2l)yDz5>sgo z*#qb9x*ycw#Oh}Z)p+3UFBr@@GCm%Ejh?R5lxQ=Mpu7({?`;nNd3s)PUMen|^A+s8$>2mC+T!fc4mK)efdY9F;{L z%Pbtwo7VTSkVhWH315*QEnRXt<~Y_(b^O>CWFF5k6g}|NyL)1!p2dR5sAEA{>!+#T?t@;-Z}UFcm35pMDMdqE z#{2BTQOd}_ginCP5Dw3eOOSW+dwZ?lWi`L%&@1M;d@cwPomDR{bmbb`wCVolYT$@c znC6$j87K41Hm3Q3QYIBLGtWK`ZFksN$pXpfpY*Q3b0{LlFK0YN$Qu=Zm#C8kfj3!&I;=Jie%AF~Z7k;55u zAak8&zw4Z*4lEj6e%qNLC|@af-F2n%(O|JrE%O3FQtD==o8x6#RIrPS2_(W#VI~$y zOmTu80sAl^{bK3Mmg=1ZUV}uNkK0aDg~%c~B8Q-}T74@9@}Z7kmkX|0wqNQU-&6fqq~Ra)T+P)2HgIpHyKT}^Zo z?<$ReE0jI2W379#y`8N7(Bzvi;lmQe7e}L3B_He(@9~dJwBEJ<@vNn^%~I|;-oBG< zMrn5R?5d*3I!epzQh}10ZVBXU!N&tqNH;7$tHq4uCTzY!-2n-e7~*fVRNosxu2P77 zN2f+=TEDM%v!_xS&+d<<(O?6g15G*A8%@9pzBVq7pgWqsV&DAKfc*r~|JT>>@npoz z3$-k1|3aHrT-tAoJ&td3WvT0yWUA(S*Bp;O+!V+nFhR*Hx(?M$)uSgA(_cw4O-Hd^ zc@$Bwt8Y6ePCY}q{&BC*(y+^Yllnap)x_>!#UwVjrBEXL zrREE16p3i46a-ufht)Q;n0FgxfkMu$tJ!aSJgavADfGYrxA(goEAA)a{JcV2sx;Kl zDbDgY<0-BDa6z8!hG>kGauDt6o@p&3JzohzG*g{9kL|Dme?>wEmHP9&iXL9(=?fks zhs*~x4WdfbuzUEoEWTg-HH}sEM8f0h`pm10v=?N{6s`$l8yiO}EPh7M87XY6crg%~ zV|^PGGyh66Lun9hejs3Xlp}u6My;=A&t#TYn9e6Xc!y&I!^qSx z;yl_k)796!$Sw&gGq9T{sf_8!5y2CMroNRw-Y&+ZHwPZ2R|qgEdGNDl7~Kz!r2*~( z1UrZ%mRs~uV=TEDeItE&yavTmDqLe=uAXM!OP4diz}D({+Jkp~h-Vl%I6zf)Zk;d* z$q|GctVP>-o@xFxv;)8P-G&JtMWpKkIcDK6@*m`(j-IWiQ6Cf;cWuC`ug~iq%#l)a z!lE5a=u1c51P`|P9{7;@x82ivA}j`Kn>)YyO8DOz5s0hFU)sw}dIEj)Hb!_E*}xJf zG{&5tb8h{Eb!AAvDE*r z8?q;M&%swX_9E0EoS$$DQANNYC?#;pe((ohnc%!{6el?SCW(oIib|bKro_@V1(%TX zCcuOzf?ljUkwm5f;4S-1itN}~U%9kEXsf|st5(BqDiE>k;=v;41!8Faw^d$IDoftA z9~|20gmMASqbjr~rES)gI7hVH6K}?4E^X6+O)vIdq z#(yIn6?!EQ>HKZnO_Y^oKvdPc{$^XLiqXAyI23DhhYh*rf7mc}=SnSgSWxANPz4~? zCW(V|!>OZPof%7P0Mhk4yGZpX2pHZJ_`xY)CaPE0)#ayebSDLC#j2gBJu~fYjAoV3 zgOH|n)$0Y@sS^adh2O_H$aj3|E!%HV0)|QNyKn^y(AzD#PM5YV9DN(^bpsq~Kwe1; z38q3iV7X`@@23oye03$lVsGb~V2m`p5^3+O{z6neN@`2YL=wSp)DRctoRO;;`1oZ{ z)B!A`BJ)mb%NCyr9)Hen7~EBFF_KSnVv?Xg_Xigh0b3K4`0u_ zF4bx!x0unwSm0|WJ9nc|Fw2((NQ`HOlqT}mM}!8Wzsgvr{wFb13cp}uEF~>|X*IOOE2Id#x|Vj%ej*@D==3>Fa^=gucG5ARrj5I-gOq4HMX+ z_*= zej$29I)|kDj-JSg-Grk7Dqp&a{I~#?ahrCQV`8}e$DNu-X?kh7Cu9V)mc!jSdUbiv zx<@T51K4;KZ8bSZ(K3OG;JL;S#x|>ks->SzfiuO^5%Ecq=)tFs-4+Uj7#p2R30SW- z1BAR&d~|+S^oO!Mst=Ht8fc3dQd{!h0R@e5e^K#Uv_D=BB(*(gn|@I6x8Yi#}d5%GNgJ7_7<&ho3xJ+B^NHGw@R+mzDaBuc5jSJ%blhUflZVL&GklK*kC@nBe{7#+6#SKC(voK&qD!O(edQ~VieukUJNB) zFbVupEX(Gi#(H;4_&mpcF|zpoCfBbYj8{@GZ0^sugaQ!44v(e+@`Y6`bJ~bcg$vZ^ zd_tSx`CBJ0xF>HrS1+TgVPoaT|F>SB(7vw6ZVds$$RF0c0|2KZ(F3yIw)J zzXuL&YvoWl%8`~>DSQ!uaT0(HBZXo$&Q~55L@O7)s(+cD7>yFsYPdjt#iwleA~k_t zUB1v#ce-=WXZfF((4UA=-MMq;zJ=1`9)nQ^KFj5wF+iSNY;>kB0k>?r!I4uOhG=@AHids}u47de*gl0~6q;<@_WK(kqZ&<`c zU8wYMjr?@rHw1-s_b*TaeR<acnx1%Z|9qtExl_a#ENFtBn^9OWiG{hNX42 zd;7{`qTYY4{)h#u!T-89en*8Okna^CD;5TZeO?NH^^Bp&G z>7RPT=xF-b;TKIbk0T0~NK}kRe@%Uj&xT{N+G2>tcnr$=x;5JfN_gGVG}z(+zfOL; zTccVl@krNAZ(m_L+4?2}uJpRv-_F-sPxEc`L#1u!+iY@rFI)b20=yELlyEAqrS^;$ zdz38bpO{-twLeiOT)3a;`Ji05p@hWq!Xt;n;qI6o{PX=!hX-%_g&FzuOeD=w#Apw{ zYZ8Co37|fH*^OMucrkPxG_k%fg-R*X^b5j$?GKXKg(|StKfI!%r-_Gr$JETU$Q^(u z>SFHokTEGFuB#an2a|r?W|F+hOUfmLKf^@2rmT9xN4i8rS#4eyrDdt6Iv51GMUgh7 zMCHNDCiAq-ytOH?bWw`ow8-p?OUD`?&h^v&V8@15$p`Q6~!&>G8&z7H^rxO5WzQ> z7qx+$j=3vo&0?|I`s>AgzvY2*@F8Dy)N|z5^n=J|N)@@GF1O zYNOQ`zIlVqsG9lH;%f|2 z8@J|*ukoRl7xZ!feO|lZ_Mo5-4KBkv;m9chO`w0x6zwW!Sz>`GZA%#FDsG}S@W-3P zE4FVG3dP3hf~(0H+nu2aZ=$a}@v~a~P0#SULdZHl{WR{$YRt6rUb$uixqoy8gXZ3x z2$79^)=)AQOVjjSWX?T3T&Jv!3)%7df9p z31!?Sn8(&)=bPJ-*)$U3;u%&0g=+UZuVm3x03#(NY$TetqBa{ z0{$yXVH@iO&((2}P-bO`o-EZO&GmF(>VnOOfhPJ6yxyS+ zoA!&)sMdr)sDJ zl&&CHi`!tk_;U~Mmp0&amxevMkr5B@l%nGC2vCs>Y(mGsO3p6^XH#*HMwU-8FoEg1 zc!lis08RPhsitM$L`$&jRXTQCwkn9Era-UwvTDtl0Pzf5&??)son6w703jhYvXh2l zf$zY!|A1`!s}4e5&%bo-aqzN3@xI9CM)$uA#k*J8Wlj!J9+Jltcmi5IxZ^7&IT>Ud znwFE4!2ba-L7@<q7VY@RXSbf)7Mgbbq!fgR;_%tlgjl36}Dh)cf`)OT7 z^xpWwSnqs$$xu!MC|?B&r4V4?Amc*oLG#anDV#uFKx=sV832IY9#@2SX2;*SM*NMi z-EZ#pGNgC!!+jV020D`@M;Pe_+2X%~82H|EQV8>)5daiPC(MHcW^{>Q@tj-S@48N8 zjS3SqbzFFura%pz&apEDX)W%`&w+wkS(?@J-qp0fL4}_zVBI$a_{5^nc{$J*_YjNV zwk7uC7Q*)I_}P~Q(u~kIZvzJN{x^fqqB*OHy481#;7$a`LDu-{6GohcyHF+!_dZ&s z5bN#u8($T_Kw!xa0eFbf7At_1U3^_c?z&p1b`!zrZ|}hLk1N!Ca+^VnW7p1Yp;s%B zuM+G|HBRK${ceaqDirTQK-hP9Q4R+f8`k(=IZFW_WU9nFf9L=iq^iRJXL{*t`1e(r zNT?s+Cv=vM|2_*Z^=eO^bbiZ2bLQyr-$I_pjd-3 zatkO#14nQJC}rKHssdedv0Ce^OBsGmVdJ=e{0cY)oE0Df45K^+WSHl7fWF9Y+nIE7 zJOg3S9kR8+VWD&PL`Rt_uS8#>EmiDt?+H?;Q~w{J+mS&e`Tj__7l40_IAgwNhiZny z4IA>xPZSWjS6d!mz>g?U@ca^)95c!OpKF{`RYUNC1ArU z3(8UvnPOk2fO=HAh`LX!GAB?J^|Bn3LEl9a5GB`vJ^ONiXexSOr5Kqi$b#g((p}jW zrRULft35218-07^YFz;v7Fi}%whMI+$J4pflF3zdJfD<2HjG$RBI!>Gj_iH(iCpqB zjN}ERs6doUaaZZ$!{5G5WWRPTJKpRCbIMz2wQZQQmq7zz`{*{GIut`VgSe^CVMWme zI-?uRIi@VSPq`RbCjvPqY|q_h5~kbHX62;?c}%k+K^2t)U)n+ zABy+FS{m&Wlfmb}f;Fr`3pKerD;ffpo9L?s~}f_T#761%P2s1JC&VsGc2yrWH?o<(nV#0(MPx{U39 zdU#n0^H}~(#WAnrmJ`ugw$`BHgkXs<%QDVfsEjZ^y#ub`1&%FlPr-vPihC6u$SY&Uzp2 zUsY(=tL8k4trX-RbNU|4Gm^}tT{>UQSCn&cp@v^AM=Rw~^9Rer=a++CzEl8DMf4O& zUJYeXZSs0id$jieD@)CMb}9_K^*DU!fX5%SzoEQfdbqz??JeU^6c(uQy%s zwjgs_vfRd&-@pTw>TKC49?S1_jfMW`)j8V$6>+ZD6A=(?XEcSeHHSWHeMWn4B#JMWjhU6$H| z#Qo*tSD9)#k(MQrc&V=54GyDf5ev9>Rgkfqx&(Q2Teo#X=BBDC+1;9t4Si_!Ioija zMtHOqOM@kux|O9C-RTKV3%v}tZYfa{q(+y{}m>s!-hNQji~8*BxuM=*djU&(F7#FbO@1vZ?4~ zPJ{!M6XQ>T;ojQFn3fcKhm+BL8k|fC)jh@S2IX>F2;p zCwJ2TW5NxiCRE_ORk=m}ebF{-?*3i@%nu;IXZW%jY#ojAYv56egaEF`b(q1#4mq2? z4d@Sr_GXP9MSsm#JHRRZGIY_T#-=gpl~5{%@L_U+QNwH#W1gMxuvUqC34vDCLYu&_ z$k!^MkhS}A?`ULuFY~(ct^-gM%a2JGi~Wczz0a`3qG97Kd;TlzGF%fUtkuFZ@34RU3qyr?X> zvvJoaZuJ*qo>^P;_C{v_r3T{`fpcSZFsljT~SDOm8s?EdJysoS9B}$zia;#9~zyNEKFCV z^E~SR5#hGb&1yK>bWB}h-enR|UT8INzr=b-4Lk(gvTlrbNwdJv-+8e=Ln4?&bBGQ+ z(K5sDa(r~CRk0yY&TEIzDj6ur%-6L4DDw0I16};=H`CYIJe*nhwd-wnT0JM+N^C|d z5Zl2ApLwTC${tTiTlc?CpVjKLAi^`siHzRtuki}lT9z&JETotwao{xn&O6lJ>Z)C8 z74h~eh04D3Qt`tt7X&v}Z)4c3>AY{h0NjsO!4KOM3b_)YG%lOy!=v1$#laG7@I-Pa zu)*xYT_qNwX>aD<^;oJgR+tp?JI$w)+EjJ!wR|OP*OM0)uXydo$U`(%_SbaI@MI$0 z$}Z>$*x;`FhKVl)0lYUP|3}t)$5Z{jf8cMTjEX{{&@_{Vy&ICfj}@ZqkiAz@p`xN} zBJ(&l$EGADd+(jivG@30uS0#lzu)hl_e0+2cwMjizV2&0ujh5$zYdyZ&J8+xbDhd) zUpyv+*@6PQ5Fa1(XhIlygQe0hkKEJf43SzA*@4Rf_sl{pEgWkyCuG%RhPhw6y{Ot~ zEro?jrZPISWqWf=LDa8pc|1A?wKY9Z?&-aD<5q>=2WHJ4v51#T#SXK|17+^^d+uvm z=byiReY6y=2yx%+GHy3}#{A?V<9n<*ZTw_QVxjtJJ70=gRF%T^n$&D()}1IJ$Nc=e zqToDqomY6=*N0xBOwQl9(d_b{<5C@;>CeHhC?My?N;WV`3q=}X9-7QW!A-5OBa?pB zEaN>djxY-+zwz@6=b2_$6G%)0!)jL7ou`%g(7W0&EQEpkIEE|DX%#E9n2vn7Xbo4wAQ#TggD-qpU zzNwa~p#Q$1g-MyGL5N%ytU?B8t#N*CqA7G*!Kdj z$75V(vixq`l2iFeYUVK0c+2yO&eR7lgWjYVv$0xQOjzP3_g^kRPY9=WJNsT-z}41S zY@d;P;*FQ49j&GdYJp4WSRM6~5rzhxLnpN7PU$FL@6b2GwZm`+)ZGCFsPLYcsp}gNtRhHxO0sEWUX-(C6E{>5mO=~bVdT>IKICLlM_)b z;khx2mfBnV*PS+f!`BrC6{k*AU6uWbrvvQ80$jNt=~B+;h(imNtBS(brPu zx?4B0&);eNB1Od!yIvd2wmI~YiDv6p^_*IU4*Ff;?)~q}BcJp z99QR5O85HDa>z~yf)})85b}61HYBh6(s{ytGQr2b>(3|CWi@rpq=Iipj3O%78iYr5 zHJhGa=3)@Ot0OPgN5(bk7)tqdQm1I5Ns`ea#sFpLGU!cOgzI;;AM&LgbvE^Yv4%B8 z>+fY+G1`tI+l@YRu3-;{e#k}i?)9ZSlFTz{`nG8WnwL{AC{w<(8i53P%|k;jBX2r# zEIcjh?TM+E%)W11m9srPGc68~YJisxKG+{Xf_;^Xq0VUET2zgZD6eP1dh`&J=*)?IyJi?FKJ-&b-Lx_G*5(=~pLUfCy`tO58@`ot$NnY` zuJSKqbrHqrL+dNtQpDt=i3CWbEFn@WtZtj$~bf;QM7rgmMOGQ^Ng z3JSALFMh5}Q+rvP-@JTm6-<|iR=DQo_I@zK`5ugdG7%d+2ka+8n^o|hq2k+`y zX>Oku+hw$$X}sQp%eD-eTqF2;jFRLQ0!DH8d0kjKwe-=vU#rk2!Lsbn0E&O1WNFjL zmBne-mo{zob@{eIblz0(hFhjZ4{zyGIW{M1Tw`63q9FMXN`*XWn;cYu7iN!qrD(;9S;ix;@%W zJ~w@RwP;$c%uT@YRaJ}E@Xp$vOW8l`B$+ zE(awFFWKc|QtGybo)L?g_HEj0VJ%Bh8M+oLRge~#woSDaE&PZ`YmlVXbF(vMO>%U@;9g=YvqUwqi%%wgx^ z^>H6heW-w7RWp2Mv!!07EI)p*m_z`gW2)1g^M=0N;Lly0MB!iPlai#wi<8j*`Wy4f z_jBG9tVKn?(~|l1zximD8Tj_QjT|%YsWMM5L`k`>!5a2z>q>+KHd84GTk42f_0xuL z3mBVfB{dznP3X@&vkqy@S1D^-za2 zp_!-St&*y0aCFSVgLFRMC9Z--vf4f&kCK&QAzYEn*6Li#cfUYQf}l^j9-2$#QC1k{ zvkVMTIAbCOF`vg6FH$jGyM@a|>u~{g9XgJuHeZA+RZHV z_j&$j(63O-Temb;r!p=d)tYCnZZ0$@$rO>C^{83{t+~70qR{TpPQ~OZJ05B4fT+eP z!ALh3!X?z#NO({f_O@$3`;==Lc)YexdXLFjHDr5<=(B7L6qm_E=3~U`pAHX3TeL#+&R)g;;wIMf-d@Di7|!Z3u9kQ4z7`8- z6NcP{i0lH!OE!lQM9F=vFN2hdQE@=j{V|G(yXR*3EJ2;Wlrw{oIcE;x@JfeH5=Vw` z9{V7Y&JqTsw;f(0XHC~BMs)-h-*W78e!01Zi@{NnzVM2h{@hO9(4ZK>YhlyIQx5e7 zYnUhBEI5$HY`;>Tt`s9$ifQzkJ{PNT8+W|-$2$ZEM4be;!a2s-LFPZ*j%k7L=(p`k zNlHuNX4)lDb;tm@hrYgiJcf%z6VCNu74BRu?j`#j))*-u8*4k2qhil3qBA); zY1Us7W?8sl1UX*&jz@3@Y`dt>=*kNtQI$|J!E5@`9la3)XY{}fFuARN)^*ZP?2lS` zyF$l2tv_a&Q?<~dAY!=V^kaz&G+i_s6;kWMv=sL9bm6xMqsu=p%Y2+@DbNVv((Bjx z!bRwxm`QNx$Yk1FpJ9G=y^Gu44u#8;;k#(YADg9X1K9jA4~H7+uvytUeN+=K`c5$_ z(hd`6igM;fix@+q`f+CYS4l`YADBQ?JI!>!Vzh#I*5iTdf`}Xhs}?|iGC}GqkbHdw ziV8%=&%%RWi`zhC4Aj!steCGNBrG3a3p@U+V{CI#26@GiUWO@<&L*fveYiQ)L)TS8 z9W&_Z=Qj87_F=gQUL{b?oT!BwbcWgLjDXAT2Ax??;+uX?&vae4$%H4`H^;6lR#J$) z@7i35rw~(YOI5?@F^PHfb~k6~SHAE)OkLOBc;}_g=gpOA^D**SwC{T)>(mhqO-`}99;*jhgF-wAIB*(rw`rqJOaudip{Rq zW)?OX8)25C*FMkNp+7ds@iI{H!;d$RTik399IxN0&=PRo%uO*HC@bB1K=sUZGT{@C z`zCjuRfoLM(TIv+9moEZocbwCchR5I6pV{xtS*ammol(i9d2g3CI-DLU3VOew5MRM z@7j1wWDI9}nr6H;UvIMc?h4l%M)#0nC-XC-XRN@gY|F%F)NF4E;cA-!Nz=F3m?7H^ zd-$cW3=+yYuVIL+4eB-&ghe&`itKGanWD_NIe6>wVZ@C?J^~a9qGyEXD~LF?%X-Nk zhpTbwRPXFLi~s(_)v<-E%M#59osH(R>W|xVot9e@(8gMZZ1|jn5I-%^f-vCC8NPNI zu6nx|;~zgDgh{#O)3OXer_jT85;v+a?Bd)ZB%qBP!1^OPa(y0W(R$8~7<9zfGO+Q+ zen9$6eQ-$vz3e!A75%JoGgl?PJFFp?pOQq)dz2ck+exvII-=J8oXR!7&9o`xPF`Uy ze&jd6nv_o?k(>$-Hh++5roH5`pV)Iej52t3c ztgQhaPf3)EGQ;dX%C9SOsMTN)b<@E1Z(4CcO0Vm=S4knbm6n5{tONjaCBrMVRl5M=L;7<<7TtDHu5*R-*WC*8{57z z3VmcN*M{ni6J@i$9r<*O?uqYNWfc{ky<%M2K%aH>EIt22FSYS)#%Ezma*a(-KA7GP zg9~0^!{&$7Q%wO?_#v4QEn;iIN0)i)`_7rWX1Q>U43CcSLpNjkoU3Qs8$5Sr`OH^t<%AEw5qTWtxICe>!gNis z)OD>r!RK%)R7%?&s-dP{b868MGs-vCZO&ux{b`_>&*&P8dt;$`Wfr?+52b~6|Ee(x zR#e)$HWG_CT)!SJ?EKz7g><|Pqb>P?S>EmlON`qT+jKXQ3X!Q2h(>G_PGI;3 zo@RXfn?FtU7Uta3x}nUQ;(RU3Chw^wE8dFv{zDTj)bG)Qq31RUQVT3l z5Nm5qX;~h8PCC_@1pxm{3<;yCGl1@%K9|abCW3 zDH%ctB5E0v-ADa3XTqHWoH>9xBGNRdPHk39#^LVTj@cDYy&+7cxTj!P$ zgXgQO(0JiMnYDpr@N|tLZ)rc|$!K+e0XNkLWq0_@x%)(bM->=U%GYU^6g7@jbEhZB z6k+io=EK|m8RZL!9_vF#roZM2)cUL~HHazjy*`t~u9jMWeuz5e<}k(0`Jh0Nj*hOq zp>Fjxw$BCa>iUD$sJ^wtSx@7Z$Wlcw(a~M4d|3!5R#;%g`$Z#@;-v9?M>0u4}pMdUiPFoRwH@t5)uT}#^AjmreutB>F_*YsMEe-T!9g9qRU|sD3c!_n!?Zaug$|lOoQBf4 z&P824kP(BnyM3KAgtne*2RWoVt4b)C1#q?{g^|}YRN*22F~>w5K*$|Bs?wC*>v%dQ=3M6%pu(trM(&zT&CM`0U3kM~1<{RQ zUd!&sJ6O{0*TuVn941qOwZ^#+^VN1+cDqGG2ctgWYbqAG_6qMqy>L5SxSQpVqwb)5 z?aoFkRZ4*4wT#K3G@x`YV-)_lzh<@;!Q=)&%K}*NTIO8pUl+OjV>%e41A z0xO^2lk*H!G}X1>S>yh!KqXw;)gQScB_q@FmO;o4kR~=LA2PKi)Di-XD0}1@QeWD1 zM`y0N^*ceOMhw}B?f6?M|Ei&0PcJTY7{7FZ$kNTfmSJff#pk9T_2z1++Pm)Pnh=f% z&e#bes_s`_EKs6P3J%2z(_N25>LWx*c@Xumtw3l$*s7=ec}jk!NB5X{mQCDEm;ORb zEsgw48*0TI<#3gR^Di5h==OvETcfqn{ad3ImdE2m^QCx4a}gZPpREN6zYX%*oxwwO zksEOc2I;akXMtffK{4_6utZ>Dm|T}nL_xWP@`9K6ao}dFoU7F?5eA^idyp2X{A_2p z9*oU(C3o9gV!s^O+rCj#HrobaeyLD!H!V9kxEdoTPKbJ4}qwzkbqQi~cB~QN$<$A_JV3Fj5_;-6M?a%8@)q&)t~U zp&Or5w1Cvh{gRM5Dq zR2peefMi!U(x$pcMo0{VmFuE-^lj!6Jo>l%kJbYwl@MIWoU3A`q^?IYBNm*n83)%NhuUA<1_e*}HX8K4FDl)g+xCMYO^SwJ`lSwu%jv3N$ueR#iDfQ2vzOoI`sY=YdpURx~p7w+dd zgnRk_p@Bo-(A5^W5jE+YX!$VTqhLqVInf z33`z;F$0s0n{;<1@Jz?@0}U)cPELlLacKDaKV2cC=Mi16KlrNmFlp$lg*tRAT7TbQ zP%St5GfeZd4Je#Q_Wh^SKo!oPPf17eziWC2^$_OEN&+%(rvkOFbxq}!Prx~7ZU5$? z_xKay@9)2et0Q9-xp?soB^Bj{5G>f31I2e&R=3^KlFRS zj1rDnHpBq*;<_F0D;Zw2>ngNRE2i%e?8)Iv`FFeGpb!XAmhWY7>AnsvqbPIYA9+D=DpeLWH`uq08+2RDJoo4csJ;JRA0kQk9`_!|Yk za}f7=UuHsX2!tUkF!pXE_u25(7oKSqc-x*V|uffA9w_uIRC(5?=9{HZAGkbZ2g0VHMkjy6vF4Iw64^gxI$3%N!LX)g4e43i(epkp%PZPL13YgD1l;9&T51sEsf8U5jGCx z>~Z|RKyW=`15d4#Hf;c2X~MqwNI%4Vt@IDjOVQa%F0y+d3KHoyXz0U&kK6!F|G$}-DgbW%ul~&9$Z45}8Y$N_7 zoskozlkbg*OSXX$t(vC5b@9Hh`y^fD#Kl6x?&;vZ+X=`&DiHHdM^L3QaybLQ(OF=x z*>(N7)0U)Q1yGq=K0&^Dhb2a*7}z+oDmg}Vt*L70C*=)Xu_nEI7TsTgA&ZQ{`^)?*2*(O2sWxfOnq=@2ja9%*FVy;a?;8`(@OsOyA~VM~zipzyck zcvC}&xD}57RC^CV%^t8$xfUHt)?CD^%t`Ff;!wPnl>F`2Qv(=z&&5;tZ^$u;4(Rvi z9&9f18`f;Z{hm-1ZfgT9LOnwl19ft?9y0%8M_l_sO;asRL+M8o5uN1Q)1LvKD~0OwObFQEjEgTiv@mM@&Y4zSGKaz?{0G@zA0!@_+Sa z<1_J)8Rtd2TD~}*l#l}FNLpID8E6TUP`1jhcYXNHr#mz>Su>}f&1M5is4a)6m?t{) zJXIju1Zu*)gan4H{9@i)zrwhLxu}#!;UKtz!|OtqCnG4(pdF$m@;JWk{aJBdNrTGY(3R7J;kBs4k3u%h6nstq5#~d5#LO=h0aa0N7_%yHKn<|MDFPS`4XIPlDheT{g zX%rt6J4B5&#AJNF!-a*bs8dpkW>P0)D>Qy(jaAo@yeQh$@}u|3mjiqe4m z$GAxSKDT#uk7c=zh|6+g=?G2k(MqAlb397ZW#tO30f5r`U^;= zke(4;9wg%UPooi#ufuQXT%!^dViH$pyET)>uvND8HVB2Nba4v3$$b@NSQDJ(VF7l) zaWYPl$+^>gvmxNrr1uf#i85DQn=h^I!=3E`Y=5FfPyS?|CXV&SjT;T@W3-CPU$%>J zg_59@O?#y)iN!N}Tjf|D*ZQ+{TiZFp*ofnO>Vlki&e_5H-cI5&B}FuW2(JkfXSxrX zf~|=}bu*RCv2$7er|oaCK>K?Zf0Z>S;VrJ9o00svjzVo|xB0J62)!jkc$WA@BcPt= zhu#I9RC)31UOH76%hqmM+HilzPat^&e1jcGgz9%`>LE*i>56bzZC8S5|(1l}S*xLx&HA6e&GE!V>K63CGq&@J<$vC!)cJ zw>vZcCxFz3hX9RMc@C4b^Y!)!rus1v%(71B2528!6Z#_-6ZouYa6xU@e~*00XzYGf z(VEwWn)mf6Ey;skuTlX;SuaNE5fa_}!c&xcjdS-q9f15z!g7N*k~wo+Jau?jy=FTD zt_YuHh^G(fYVR@~@ml?NGN9A{tm0#02`j%sgp8XRh}g}nXTvGiQHnswIAL76m7Z5; z?Q{6p^57i`)1@)au6&XHB71Z?y}LcMF+f2eMIolYXk@jgk8f`#r-A!VSBfq%HLesV z%Bfd&8&~fli4a1UBvc~3hO1-T;+&Vt8i8(+2Hq0PLbE8BtQqXl25jDS{{1lZ|DEi3 zzo%R``8uHGXrn#eMC+hzk#B#M)M4&~IMOcckg8PZ_MiE8{E6O=SZ0{__iwg6uNAq@ zm$m5cE0sAAQ)iUV2?B{tOY-d(HvKkspbN`-?rwa7YEF_6uAs8$++2$SkNp(42*3U_ zL5G=G!{48#t7!GIQKz{%$cyrw95Ao>Ev9m&8bABk&jM?7Dx>_PDHO;N%4yl&(2>%W z_B}REPRvhj;fO`vC-+-dMt-CyRlX?N_!t2MLJLlvBGrMt`S@rjw`^$Y!f=N1F*5_U z?AUv3^)b1r?P7#gSptRFw&Gg9kS^flC@2J_1;vrx3C|XQjgE$79x06?=bc{-DUzvd z1vu=xz@SeRl483U`@Kt=<@D}KEN$ti6RbqHwJM&BKgqY}?Gb_~{pE^f(i9A4C~7eM zHw9>r0y+KAfI;C=g9QA~WDwSk#;t``ej8~06C))j&mnw{oZUT-omQ+B6Gx=++tyZ9 zk;REeTG@~Nz_z#MnyT~xjtZ3K?8C>;4#Lz@if;FC)q{oPgc|SpNiLnM6>Zog0Ve`=t0i1i}Q4JAQuJy=0j_;v7Ke50c zH>bHx#k}06|6}N@&r1M`R{Hd7hChnfcXOK?{&cMl#6J5tcJ1qL*z5aZRn^lQbPXxs zEvrh8bzJlkCxyWme-1l-D^dGa`ML+OO`-@T_Rr1#@U0l|;y(zxD*d9=inWN(U|*zO zR4k~N+hOy+$-%;$l&ZXO|JZDcd>aQ$n;Ei+^gi%{B?lVs z%VjnD9c^&Am=;{aefG<%#EYt_$~PO*hpylcQwAQUW#RzZw6nMtbnSoBSkS;yYA9`#n3>ArlkjVLWp~$@h4tx+u#5I?u1*yk7>l59C zg_VA@YMA#phXzs$5iO*>XP>VS6ax}USfLcT(N14Doi(c0GM1$%o~xV2XD5l(nE8t~ zeL)6Zp2H$`Xv2&c2t|$VYFD(&9;hS=qw6C0w6&EZEK*feRO}&eoa{DFSAsnG4t62; zs5d2K3d36{5(=wum_T%%6-gC{ik~s>d#k~B6)(lo8aFLi)REac@90>%wDE8WRc^~+>?Dp{`duzx|!9YzS>)Mw7z?H z3j5G^N}N5uX9~Zl!I8+W$3cq@Dpq>OG_9f1@9HTkfYIlX0Q*?&oqmneKEHPI^DTgB9wV;t+3R;x`qEma)UPm^01w z{D)=v7tRfRKQ~RE`j0#Q{Pn@JLpOKs2j<%!&uEhP<606m z#=f$Wjrg5CjZnqX3Xo$$TsaYs@5X9^1|~Azku6kHHMKhO>|Nv}{86AfxNGHHCsFoG zDg|}Bw&aKC3oExOk_ds$uN>LczVVoU!M|))HG!~4aEm(Z;7&9Iz!?Rz)j~rZm=>BE zZ$7a4iZ^>l#NR~lLQf$}GsR@1v50VyXxxU0#E;&gro#QX6p96i*3lRvTKBD**cg%I zE6f>Dd)hGX&Y>ZB719fWBr-s+Y|K2HEb&S*PKpduvi&ugs_FYQZt0$Pj@Fa?<|F7r zpsAUH26(lE+nUDb8ANf!sMvgP5pJZ7*l^;4ZXLlveZQN&e^Ei0=Y$5xEtx z|CFDc*VeXZpqIX5lX&Rvy;oEa zAYy&QX@3@)Go^#QR7YYH_o|eG>ja4L^SOF(pzXD{PrnXp#1Gv7|C+fc=VC1cmqX`$kmJ&3mm}FZ~VD9+j_0 z+m`&GY~5Fxknq-(AUfa??7VCSOj;;eS@khxM`-H)ci?Z5Jb&-i0C2!SVC%vThe&=3 zzf+3jIHS%=_S;J(s)L0?YTe0hI28^q7u9R~L(N7Zb3b&`3L$=#{DH+!TN@t)B-&9dMnl ziq`G<^` zlTH~?TalLEWjVR+`>R(Z8R2GtQuGsng)gDMfFE(QuIlAHUC`Xz9K7GfnW~G? zDl4ni7G-duMuzk`T^?+8{>^a(X|e*H|NnO<9|r^(ebe_JY(zqR6=*~T8;lujB|j#+ z%#2Yo+>#n$WOFf0n`y?M(JV%~cg3^j)5l;K6|hTYg&a+*rrNp-?9KC;c~kZDu5)Uq z%419dBLG{lVjtrSd`ZcIq*q9_Lu&VU`%Nnv!J`7mn6G&an1b<$9dG?WvSi}^Ez2<8 z*-ooAYuUZ4sk$j{iXES7&MQ9fhPoC_F%0IhW+?o3gPwQ=AE78Y>nTHYt-sHw8lsbd zxQ)I|$0uvJ8vabJvGMea?n_D1+KWMwn8yLefua0xx6EzXinRW$iNFM{9DSd*Y%(P! zv!*XuD|;P~n0yYVp5DWnG~ewLa$Gb~lVBl6=y)^4w`@VS3GiO>_V4%*_H!)LuqssJ zZp(sM{4N+ghBt!zTF9i6Cm=S&YfU3xN#6`a2NzO^q{l`aM;N$v^At z<+Vrbc1lrp$K&~1oWgwa4+yizwCJvv+@lS_Eu?O324`%tU9^vo{Nt-`idifjSebYr zkL==YiNScTGR5Yy+VV{v$*2jF6|szrl|8X7hq8QJxBZl3UR+zb)fkRUFp?U)3HuZ7 zc_iAYz#^4T;ZjntQyUJ#%19%fo}4M;RO^yEYF?h4OO|%8xxZ9e^r^T}UJz7qIoR2yp@mh=$*Ew4(PWo+WJs>j$C=}_>wB02DV_`} zW{A@q!^|-Hx(^HssU?@)Y`jYJOdWR0Y3oJ!fq|p;7FhaZx>R2)HqY2oj!sou-0qTB znyV~CjwPO9%PMfWjviOJ<)BCn)9qx|6!&L3A&c0AC|#n}#skxGg?aj%2iO#Lo$&|L zo58sB+NZ$Fn1xNzYD zx7(l>A=bq~8ODc9x0V==Wi^OyUFmpA4-7uDo_q_X7j)yui7N!u(1wBxEUbJac3r;e z43rj$Zo^toPW2wly&NEiZtdd}>^bkx9wGd^Z{bISFShfJRW_JsBxgevt;Ss*nZ~j2 zFoj6huf#eHYxo~`Z&v}+rMAVfye9>U3s+8GMgr4u!{;H&zPsc|g1BVv?=&`@QJ#MN z(GL^gbs{Y9s|ACE=;sjRo8K{r14=pq__bvl$~gXNiE)(|aa~qSl8?#-Yz!f`7ddXP zU+51*CM$UN5}NZqX$%bT{IwboiM}}2JKSY&lVNF`D)E7NBU{ikz!=KrOYI9I)j7nv za_2^Y^V7kJ?Tx!(STlbEiLd;T^d_Pq!YhtyoU=@YW;&s|3LwJ-h>$-$eXu{zRGbnY z>hZ;*Q%}ktjqCr+z6)c~CMeYKK*0Vg%qJkGJ5jmc@{?w&jf})f*rPlS@WFO&4LC+@ zQ%sK#4gfo7&kaBbL=4^7j_5C!7^Gxc1jZxdPjPA$O!NQgGH!#9JRzuJiE)wc(6xO7 zhzA?hw$o^n;3i;yfmeUbN?tWBml;kKX6tD5ChS7NSx+xx~m|3%NicO2kJF#+Sov z)u;H`s%$5`EnMHz80Xu|*C8cMX9m@>E1q_`7uI2l(LtOfUh#+^<}mfm_Z@78yNZEU zbAs37y6#Kl7Z*>US)~1^gwzw*qq?;UfAVn+KFiJJ22=wTaEc3svu((G<`2{r#p2M@ zNW-_gp)NrcG5IMI!`siUme1U<=+2dzZqLBx`;8$==Fbt-G4+ZjKCU&>!`*THS~(5% z^j%5xp0oQB=2;8kk&{rn_Q(8bJohkF0kq~bq1USzQXe2i5e+bJg-4!Y2_%y0wB3@1 zKZQNx~$wgY1(*`q&q2SSylpOWv-=s?;=D%)4Xa4(~;=h%M={$wvp8x_qdrbKSPCtMF%3NuvP=< zmp!-jF+r!#&?e3G6+tVZptcgAxmb&yMCi+6Uzyi8@2QQjD*8pnhc|;&H0#z)1{f*X zS~c1Bd41>-JN4!aT7AuO1NGGu+2dYmh@wOn;}>J{?{;RGcd9Yg5G)e3FvHz&jGI{2g~xEWD4B zKRSFh-s~W8_wtG-c4JiJ4u>GFabbs)u@W`0_d)&(lWL9nCnq;Krx0HD0oRY!a|zlW<(&_QjN3uLY@n=4b3+e-}%r<7~y6ou_3f{e=6I;rLA>8;7{F80aAENm}LwG?B!^DVSbla?c-12Ss<(D!iy zSzYQ8JVW14$QQ|c5Vzq!-1NQs!`{pd*u9Jc# zE-Y3(557!`#_%ab2|B0(IU2$LO=mi@3ey|t6njgYbH+;6qIcbYbF!E*frp>j0u2q4X!KV{C1=Rd+b{j=JOS2fEXcwW&PDl5sHjjHpL2U|}(I_mt}a2~o` zCy;i9H+;PnfzioospHX;xpjGO&k&HkRCnUkN$2N;F^!Rm&=aP%GM4VP&Q(r;*nNVH*wl zd38P8$k|v5$+arCFVYl%=|rI`*Em?iL#XSNO3i3ia6Rf!z9c?{8}*878Ru--McTcf z<)XPQUefi(QGp}K+CY5GAr!&|{y!A_|DOe!*Wgkrs=-W%9!}ujx9r>J=I8i4O{eE- zbxME)K@fVuM}D7TG}Sm14`^h%WAfiiAYiDDKB31k)*?%f1MpGbo^5{ZM4cqZjj^`| zAxh1(NUs3dwQ$bQa$fK72Qopt{-x1I$gC-U(*xWxURb@i3N=U^YXjk0)X5Fc)wyrl z8Pg@SD;!2f%)f8{es2+W>CsWCqyDqshj=YoTB2yseg);q(FdLN zd0fpJ|5)nq_1^|YFNE5$*vL`_neO?o&&JQ(x#*YI9*J}7r_11+9f(Fl$@_vZb~~)5 zT!w@)ImBxmg&D1btAPm!iPEn$vPSZc|CngQEQMIv5PKgb=RVHj5Mb5kiupiwvsWR3 z>YOjRc&sRj z!a=0E6Z5@hZ$FxoQo@79{}6j@4`+84jXyPw6FVuNCR{*gb~PxHTF`2!rsxBet7CxG zfUAYw)L>pckJW2J668zBdxc+C%<~$qO1&B>a?04TgnoRrjA@)AoxQYs<6GFpgaLWo zmEQd6Op_kh+qu)8cXF9*By&v%Fq-5x*Wug#>`zBKvmou%Fx}`Yb_`(b3*W;vxNogh z58ZirL4flM5GtB5+SrNSLfc8|PF{=dV2^|a6~EY*<0yI|3^O6o;-$et`}6Nx2o$1) z>7aNQaGXKtUU`|jcAtS~zZuVG0+4jRkWj+Ivg;%fBK0{=LNOO>%}Xr5F2{&P+df*h zvoX-pihoN+O2UF7Y0t!e2zfO%+GH2;tSJue^B^b*x2Cvw)-Tnom*BO%sY#qH6JklF zku~sUCV#wA*fvUB6ojk?iK=3(HUC25L>ESd*!U*5cQ^SZxQUTm{YMs6(j)Q7(eIN@ zS$B%NX%h+I!w0L#Nl6KjRJb<$J4l@%!>Qif7!v@0ZG(Egx5iix;}1VO)BK#W<;d8{ zyo!A9=i7?FQ&$2kT&ES}w`=5@a?no=9Ey^fKaxD@(_xYqW{d1RDYo`^lSsZOzy(h3 zB1$JfLNn%|HmgvzMVba4^A~=|?hpDCMr*5IvLQg^|8oBvx&cFdg54K+9WvI&Ymw_Q zwud=qk7wd9o9fL`Gx<^_1`9uWs9c>J<9K7339w@{j%emOl@@OsOQCe4? zE}Stku8;JC2?h6n;uB{(Uf%=-Ym=5lxk+_;P||K9rH;Q`0Mi-&a99FGXMzSy&6x;q zM1UHWptf<;2GQ%g`|8Frzx>QFt8{nt?$GzKu0p{G!kA+$9^++`P0-XIQK!m-yaV#y z;upO+4pW1#paDX`n**&_ID!11x5V@wm1&?_30?+}1>B%fT<)z|IGo1~Uv;}zVf*_d zeq*nY!p4SNew2s2nz$&@)w_3XY~r38h;EwF$Wh(@=4VTr{%VA!;d@1Y-*C@2KRF*; zntxAcCc1h?QP^|WE%+H@^;?PJe2aL`z1=X4;0wr##~Kp4uFY}!HaA3zY)z8-Lr?-W zs4)IpO}1!5cSlC%y97 z>uyeeIBpz5#BP;+2o#}&YX&D3XJF`p-DLA+D8#OVbUYksq*Sh!JOsZkBdQk$cCDV? zOaS@0Q2b+zwt&@}Klp`}CVF2!Afr27@@U|lvV`a2&$^~knd)HGq@#o(CpxpIAJ%FY z+;|%!NOfq-E^suj{+nM&7BBn1HJe4&OjbTl&~{8VQrJ0rnS(UVZmzeGT370AXL)Oq zoX^1hbeY|?@tyHMb5@h?wAELdcaD{6XYZ!<>rED!uX)Pcq)INU@Ld`o>0B5|c)B^M zk|dqsAn$Q`uO8RU^z3vbIx?qJXKBNB zT>AXSOC-a0&XE%`r4O9=g+8CUVA{fL&|Pr8Ewtt=krrnob64iCB)JHaj(m&BffXs% zEEv<0&_ea$sR2T(+i@8WAo*qc%NE_H{p~+Cu^EMqh{K@wIqZ7%Y;?dFCG@m`XZ)uRR2IH*qzC58Z}S6Hx$D5P$#`D9 zM9<;&eK$rz$@;qD@*#h}iYiKjlgcIQspF$!AM}1r$H1%)o4P7<^7xP6d_6Wl^{?dV z%>1rWURvGyWcD?oeP?+)!FqAIt6)CNDk6_93bzr_5aLnJhQak_xx0<;(#aLJ@(?MX z58B>3FF=RYDRxNc5MU{X!859x4VNNAxBHFv7~cDT6H6j#z~nlNVW(?)Y$v4~bYLrH z!7g@RoW6iq z?ryTk@~7uLTEVAzZi24X!8z)o&QX65tIuz(xTrP0mGtR2<^1`5Plq?oh)v;oA@W{) zxT=Nv!(Q}uk&~91u5}uR7@?S_yYoz^>lb!%`sQ*;VVAAo)LO%ngnuaSm+61pmL~N7 zm2oLJG!kBAEnw*T6=G@;Y)ux&YbA5oC@sf|ZPQb*bGDAHC{^#6@_d-~x-^c7TOBCk z;tEO{|ERmKU^a+186Eu|wW24pI~mU>iLGb&E%Ii8cG2kd zn4Q2&j-e?yEnKoLmvbqobH1a>v%lLp)wz5e#gkX3#s)%5|Dxxc2G601i``sepYJ{r zVPFai&ZDo!dSuil!^)o*@z&~=1n$#m}c z8mhjhHGa#zxY`jHal*ov3f=MFO~jrc_8-jBpg%#?m+TiA)@7%+DW%gi8)SP4z3YT1 zzANbM6c9V|?tRSY6X3abY_4VdOy8~8AB41(ua4dE(-aU`$gzvo=INJBw8{gUg(f|w z_#enk$lZ1F=EY3sYVY+)^R|tp_7O*2s*6X~>R-RPP5OZPXN#?j`hHMkPAqyxemh6f z$}c@iDAz$_jp}}0#aNUSzqLdpzdNt=(DyClyFI+}^0M|V)RKSCx+1SPGch$+efzaw zR+uWvcsf~{aBqEPxYKjpNy2!#C&zsI>mfc>yW>7o$-&~4*9=fTeld9qy{WC1*DZO7 zgt4igpS-<7?qq3L=xWvwUm+%1%(}`Xs??OQGTp`FF%W}gH+wQ)Lpr)ps3yR95m5~B zXyW>)a!N6+Om2rcF)gjcrv}l*78bO`@1G9$`f?0EcIRJkoQpZ(ydmVI!~9R58>zjG zKvJIAOaql<9TjtA+<0|BK)YJ*Ygc1knwvi;FcW7Fvna}Y$L(HzHI5Q+e3!+3d9YB8 zO>@LZ6HeUkJ{8w~;?#xSBCE0WP*IQj{cIR6NkR#C%RkA!A8#WoVt5KXr2>}*eeu;7 zR7}N}iyUlVOk~)xPdB_r<=DW5Uh$;O}@fMJ7Tce-D38C zV`_G`r*qpIPA*@w6)OEacRM+oB>1!5kN%MNu1JhJV$h#7^qp~`kE@=9%U=H0qu_rF zq-ak-P?h>2BJ(5RFY}Ah;pLaEK47(?vFN_*wzfMhEw(du2fynz$f8`88o>u1JVdYu zCl%`Sw7kWv^87|=OnkPT(exJFM-Dt)>|C9nSM$26hEi3@Fzr!Jow+F_Z@<3(@LA(985@H zvA^&Vr{HQ1n>F&1)zJu}hLXJOHWt@h@JNhB_7MDduf0byl~{T>_-%^3_*V*+iA`(3 zXj1u7{cbyrUjyXird|npPW7Qf5O+#GExTmWj4jht64bD^>vVI5q?utV?d9#XZ5UQ(`e=4<=3w1}%ubF-`HisrnYk)5`lM|(pfa`afehIH$l=la*(w}Y5s|?n5 zK|;9J`jTpI5skgal3{<9B`ZsrHPgC!H?;VvAscXkJp+*-R9OS2ydG#37;+S3Q2Dz? z3RzxOp$P>7(if4#J8%+|m+e4#!Iw;Z{HL?(r}%AG9|)H|?6Ugir&r7)Xm8^A=Zwy+ zbCrZ=@^OLAQv3@*DSgqCZ1-jq0R51=&UpK7;waHoe8M=W&E0+^=X<_(Pz#rugpp_BdN8>J#t-sJbQEXX< z{0&6^99)xZ;HlI~uvD*futxh5oC`#P|<_?0w$x zrLs8oS5^W-^^=r}CGUdomGVJumX3pvZaJ+iqJ zRMNgWx$)Zo_xVwR8Y#LuWUsQvA;M=(w?nAwJ%b33bz}#D#ZQ3n{+;&b2i|7!!qd&#LMIpR zrv|#4rvDFP-yKM0AO2k@%BUo(D5G#}kIG)BVH6J8nMKJS$tbJy6orf@8HLEqrtDoA zDU=i<>nO52l@Re>-@{SA_xJws{zu*J@4CL%_*|dsy7y}_J)+0v-#UEp^-Wi+&Q^qF ztgC{d6!=zH4Q^;RruLkT1NjtUz$QL^CrXaPu8qYgQq=Q{45T#!elO&H8T!=VD5dva zi`BT!DWKK7`~XsSNO!ml%Gb2augB(OStQVGR;jvH&qw9^ytNC7H9>?Hrk!PK57q=% zM2%07V_N-w(M4@6e0l_Fk|K#*_$(p$+#-1hya@~M{!K3`SV7^-Ui$~SrXt)4Jyvqk zlmM7!*MdIOd)aWi(r!M=U`jrk$AD5qr#ojw!+RQ8dur!hL9EYgAMZX`>$7^>%Gy|Q zef8W2F`4ZNVVPs%p?)_bVue;Fn=h)}{ONR9x8@LSvF6#|rG64#!>6#=(%Y}i;WXE; zr4kE#JZ3MA*)iOk=l`!Y#khQAd0ks0#~;DDhhadjsArEMS$!hexP~@y_4DMDR6qIQ zhV8}p;5_&asgq@E4g+>4*BjwlkJ*yEJ#Be^Mhg)It2DJ@`uhSEm7*g9+L;%3K&oOY z(+%MlX4A97H{*$U5oHZ|dTLEmcB!FZ=jPV`oNyO;u$iOcp}*&_SUPM*^|_bAq3Dj_ z@d{ouzR+qU@E!NYSk#~`MHaReE^E-!T2AYsSX??Y{QB!uC4>45Q ze1B)t4l${q_Y}3PE8;rwZl4KYBjO3hn=OuS92Ya3R#9?T*_1F0 zVfNt#3waPu805!~V<_O|cC{m*FrP_WB=}&nc4PPK1J=~7^GzEv8+nWnmHE1ftT{Mn-^IwX4`CcMi7^j5t))VJgGu`aUeYD(GiVlq()v18;OeZsI0>3WTHEbik_Rz7y#!aSpFt z%t4u-Aj`tEE77SV-zomCVU7sqGvhkU@*R&CVR&?!@*Lna;h-j*j)Iz4UH-UKG&WSU zFc4c1L8z&6Lw0L3CJPxk51%!+oRK8{T0FRaTezHJhx7WKp-IyjdNSNl_q)ld!%#*d zFi}@mmb%Nip96eS*fnf+(f?~SWgn+2xr3$RoHc%@%p^bNG&?e*^{bab$!g_NsvMGk z^Pxqr?gq6EF9$D3W=Ik~RHQJ~h4b(jPwR#Gi^e-Z}Mr!@nqx_lo?kMa#S z(6d=J)LW3+eDd?&Xa*toc3o&dqi}*oA;hv4gz`C*HY;{Vgii8rANk)q8_4SI^r6Yy zs}b9gsTS+KobQlgG~XWhv(S6}pm6u8AS}@P9^3dd6?^Ie^cryqEp@8ylGRew)mWrv z4`Nc=IkA6m;aTxFZL1T1PM2y!%M2xcPHLFsa=d*nDyZ4~aMPv#wdI6obiUQ+j1=bE zC*JY90R(*uNbaIkcoSe6mgMa`I*R<{4apC3mtcT`<`nh}{z^xkK+kqyr8~f{rub(|>b9oq zWq6Ua>nap2^j5&NdgW8Yr){V1ydL!X{?pafid{ZE;}Tu&%6S(6#17n1&XJKVN_gC~ zwu@wqa{=NGVUCKFdW^FF`1PL3B^_TCu78a7^)mY+MbBH))rHW{xK-({E8(!%050G8YYq)dCbVcBbdZp~LFh|thr zZ60daiOC%}`%)siDDD63oLPXLss$4EwEP^%2-1K3sW!(86< zs_{~c0rOf|tWCxhI;W!gY?#6WSF6z9AJsSRdvXFu*yndg48^EX>@TNMq}S|8n)b<5 zOX4)YRDlmAd*_ZY0h_9TY~*moP`4*2a;-LNgFgrOYUs_2TH&>dzbgb^DH=dUHkwBy z7r`2<9cwY^yU>$`F!<$uX_r^8iMcnx9fH8{FXwa|oKsCBW&J2!f>Dg~EfwLitJJtt zOQ|C0MYq7)phxRUX2oQ_eh|945+$vn$1v5Y2vOE=9V1b>bNKa*taqUY51R!%>^=B> z5Xva{&r7PDFI;z+(Q>oUNCxuEQHF%?W8w|k7K;LXDc#P62iW^I)|DJP;!VuEcb zGma8Lr$^IaS(ArjHugGlFNk_;@u`O;$TL%4{`8sQpe)a){JqxJqiMq>Vl7bB1#2DB z+YFx-B_}1a1znMK<5Kp^Ir2HV)&q1uxDPv21uB=Z)YVRn_QS*+BR8TdvoN~9xWv$YyH?R}Oa4};fB4Xn z)~y|S@%!B}SAIDzC#{}l!|(f8rUn_Mfqr=-hpXS$N2a1NQysE}iGlh-i#-R;u<;PJ#=vgKC+ z&r-yGEDv3>_bf7Q6PnAflWNTGUv{nIl(^WH_JuFOxSu~RZ2gU3p@N_~%&D(oP)4@H zLhu^yxhpY_$B*dnESUOBCEuTQ!?l)h*stf(Mjf7{pm+8C_nGU>r%I4OhC-U}U9}iB zS`YZ+&{@1cAO}gfBo)}En?G{oWs8iYu~@_B1N+FUfSV``ah%1;7qerh&wd{5C$+}s zoYG*zw_4xKgO9n@dSyJ#L*L*mL^~3Y*zECnB$l>NHdrm%ODAYpvW=e{k~YC} zo>b_s^mVxxkLImTj=>4@4>!m@!K%G>P85<&FQUZURQCk{ zGci%@V5B)AI^MJSunR5LrtCV3h}PyIa0k@(f0a&o7g%~?Z!iy5dcMLQh>%=Ie8gUX-;fV_SSLa_33W|E#u0BYIRIDcpUPN_1@6Or_)vM||Mly*l ziyD*9f~R|%27S$CB&HShEGMZA9eelJ?Z!JQrZG~)64rzQw^MI2S~BZvpL<{hEw&4; z#1^~`hl1l#_aZ~GQ~Q_iL};bs9sIHq;7^KoB_@1`N`ZLIW+`jk>EpJ)-MhSle4QvUKavMR2Hid-Pob5%3J@<8 zX>mSKJSkI@<(-ejkSu@3$;^1)b9VdWugJ+2yKn^jF7K8ziu?FgaF=ndotMH=SGF!6 zpwCB-|A8!V$@gFqZB*{Egjclt6fPYYt*toZIb9%sk|bUyB`oLRdMCx4JeO!NaJkh* zdttA1s0hcK@lAuT{R)cTF>V1#>X(CCMpIL!x}hj;M!-QU?ZB1_*R(X>#0^ld2bGn@ zn!^p%UVXndWb7NL>bUN96QedNBSWufzm_gr4&UTYgx5B@K4 z+jrLJpgppWj1&|cE?u7f_)zkAWh{C3(ZHG*K$+lf5y5)__pfR}7~s5shBTsTcj6+8k~&bS!N5k zgl=R!cZPZ=m;7EZB|-_th6dNu&4)(9 zs)!Z8y5%A`x}-U)j+3uD*PnfOMGM~<;-V4~h+O{M@o_5*?gN7hr5PV}I}ZDvTn_Tl zI9(HsewKvxI7znx77WZ~+}N!$JM#i4b-dUGF# zyZnQ(BSU6v5&aT;VHdJDlq^WK4PbCmTVAD8nH-3$_O~907q(s+c%I(3`lBO0)pRUe zbni<=@@5U)LAQmBARjS0J2*TNu3X4T;R28%>P*Zko!$+B|JKq`VZAiEbL1*zlL>S* z03u*5joGmff+jn>DBg%RbgzsA(PA@7v?u;}({Ic`6O4vbJiyUYh3``~kUL50j3gd} znV6x)Q%U^#inp4lAYhreyty2`_1nY{z;| zyir>D=1^wneCQyPdN5K$2G4&rroweRdGYRs7Q!XZ!7B5lk6;M=w7fixAP-JH6L{U_ zC^hHsnPVYZkKGYdg2oK^C8U?C`N(@9$PsF8hBqoJF8PnwMR2~wj<()sPE1Gup+f%+ zkL&Wde)-bkeaRnO>1V-Nw!sIoxw#XJsn6?Co&Xj45Y*`ol9sswAr*^nhBT1U4#AbN zf{)CKm7YSJH(1Db@B`e3S9p6IOyQI6+1F34Nv~hO4`gcIo+U3UvDj3`K#?olG=eka zOC#!*v!j?C23c72O@>l;$d4>~b=}QyyJVGK5=Oz4K(M4>)g^Ay4g~5uk;LjiVe82U z$N2)4SAedd2cd}kv$tSEbvWT*zR9p7s>v1B9={>uJeL-01NxY(sz>b;~e8683MVule?F89iD z(D@eo!#6;jf#=c8Fv}JJp4HaBlF|2Wd4CH`PnT=jG06dD$J`XM1k$RTDMEfr#{0*K zafcE}6Pe4EMkvplTwF@ogg6R&#c9BS?)>9GF*y;Bvdt_X`LyR%srV+h7 zeEe{#c7&K@{>vZet&x&2(OeJB8u;Z=b$z&>8Zm1Tblz{`e|`LFP){JFOg2VqBAzdR zw4(Q=mA5j{H<;u-ZXp#aJTQX6oMA&~Jy*m>CD}<0U1iGt!;Wep9u?+}1`UYj2|sl= zcRzK~5<}bV+G8QnHquJ)o+DhQ&Q8*^-SUL+%l9v!ebN5(?OaARP`AN9m zE7zq@3_dV7J#-gpUEn@kgU6^HEBWBk0e;ch0oaTU1;2+x1DG0;JX)pue zAdn^)e~$>4$;uXG@Azl$#yVk}X#~2;H)mkq=nQ=tf0Ev<=+b*7`A5X+5P>7bQk+Mn z>IRa^d=c(s?+XWw(C{=cR_4p4q-ByPx zGH>ky69f$$=>&A>X9#&dI~yY`my`8Z7lwap6nOmHkX`kg5d8ZR1Nq$KXtAC%y8?cG z5gixMWC7dt^=ajPiPf5t^u3_rX`D8)cAGJR;I?R9xqjD3lc0AIH0j6k)EVB!!KH6= z63Jd=R#wJj3K%6n0agG~97@1hgSKdut|>0dpG(_V$@w#YKK0KAkOQT?PRWl=c>%{i zASL|=Z+ejq8dR*${`8ey>MM`!XP&Vf3%O#OA&EAW4%TmglcI)w))gwe(EW6w%rd|@ z8!sb~uBFSmc2+vZgx@zO!E5|ARq>^(!g?798*E+Ao`oI+U7cWID){F}Gmz0#X_2I| z=XD)*M9wOtxWo;<)`*+4K`>u%S~3GcDTE_%^cfZM_6TwKjKU%8?R~pIOJ#pNuS)Ta zciF~(gWWt5%od~iZNBvLCFDGCN1=0fj86e|_(lk^Fq-P>%s{9b z{@X%4H{4)&rIM091J(d2X0iPv+FW2AWc|XT$^Y=*Z|ipW{L^L6QwD!V&lZN@-rVI0 zqwRn76})NXt}3~MhF*7wv%YSs+h_VxRjez>F2*-OxW2DzP0)oA<14fqBP_JM;)?e7 zfqXdWs|Xg`E4uztLNU#hysyH8TxHoJ@a9R_XTf%MVRAwOg^ttV#)Y;{c3U&6jCS?D z`7?<_0`T&u8G;pYke;^`NK7mD@2lNi?=_pmc>EWwAgjAHS+x93!BIeV8s|oZGRw+- z>0${ocJHovtIHJ0w3X?u*#qu5lmX^*8=YF*h1c|}Vm9UneSYXDd(a-fR5o zWoG>%JsUB$px~Crv5-Z_LIVV0vcOj70X7e7J;Yn+wzRS^p2HO@^x%m7S%o7GRzcZD z6zUxJAaYZK$6^~kxC6d0Q~X{M2x!Gz6g38GEQh$07=2?|iEx+Jtb7+KR63@)G7sWE z#GRBV4tRanAZs6*`J+-0`jW;rptBGr=pB1%l~+=g5@fFYsQ3PAINUJd_4GDni(j+# zczy8(1J>wjmAL>8%`p}3d5lK4a|9b3kmB5lFW^w7PF7exq5jJ%zwre#FdAQR9VbNP zPx|%E*py3m`Dab1be>SU@SC!KGo82K zc)sn2(AZZp=t|fQF0;*}GpFE=;SN)GIrXtA2RL0B&lj}b+O(w%(Aj%8#3&)Wz9xbX zNax9lgT-3P_2oKplMk6vkOJ?RC?>tG1D`jhuuDA}R+HWPa1W-9ZQ(PAuvHt@gQwAD zz}@Ng9)YwTUllKSmU{_~`@`%*7WjGSJJlV%&Zy4LsMmKTt`iBS{MRfJr<27(pB6u%ZTqG53}5Lvl*>(WDZHqvT6Z*2?az*Y^76o7G1{=iY^ZLMN= zPOo`;h&VlVw4lXsEtNoX-VoMjO=|eAG4gTod&d)p%mwQLk9J3KmVwIzlzPyB#2ubp zlA9BVJe?%7zieSWEP>j&HhoOvEGWyOs~X^ipgaPES6;QOwvtG2T+aZE#(@mf;%;^P zNp1gKf{U8_?G_9Bdx-F9Ry+6@?1zA>;OU%VVQgwQnHKp?%z z4c4ma_)BR44hpH{zH7L4s!>t1y*U%dLm~$Kv~F{L#9kCGCSRrn1z7CTzi6>Q1B}tG z&CpirzRj`EvT}UFSEN;lazSNxA+)f%kheXlZdXmEN4WBRck7*o7ig)(#JLk}Z>}#C z?cW>Z)OOKTCgJF)M{6n$89L=dXiuuj5AHaAgITYKpAYGdTsVmfpO5T;t73m3(sxIa zuV|8QMi`9DjL$vErAf&Ozyya+ET!DS%oYr=*7*nc*^Ni3GTgrD>~YD8ah@QFVuUq) zWt#^=>_FYG&7F>UU0oprxT1OXjDwdslQj(6D|i77s{q4(b~{3chUJU&oqm8uzQN@1 zp87jQ11MP{OvC>qqF!G0nB5ofqcDnTI(nHNVk$hR;y;|s_||~VyfrdCS(pPsn1!hv zj4^h*yhrm4iZ1DytCMoP@L@&AmogrTAae{XAN0^Qdv#D@`X|peX7rPC$^Z!OwvgnV zsdMvewzO-z?~4+oNvOku24WadO;C%wGXsXWy7we9$pN(`0dJ6 zdzJ)Vy+~+=A4C&Z0y;ZK)ERlych$}=HuaOHfcyQqgS=>Tp2^i10GdLv7RI~T#LR91 zINKZmH{}W;EantkRQ*zw)94)6_Vo}-iH`pie1Pi&YtFouDa*C&biPdX3D2v7&we;h zR{&B!2AEKJa>=lR4C%{Ai0(M8WHDK%>BqynjZe;{kJfOUjg&a0_M8Ae$z18WC2@?aL!m{2+EED8N39X2o|M10n~N z(mLpcZrrz4HYX-cr%N6lhmA(_Kn<}fBouhE+R<;f?p@H%(@BI5=5ocTX^_Ez(uVr z;@**)O*MxLUh2#t?M#-%Po`@kWOnP85{%9Tz+cs{q0w%DWD*Y9oKh&U#R9Mx z52E`)V8;n=4#1H_TkJ$z#)QkX!gJJU1Z`5?vjKmq{|v`Ey$cTY{PCgZbMhmBUX#y* zjTpjwT)^X39n)Xea?D518u`gcoPlx+MmguOVBCl+G1+@4hW6~nk-`r;hHyt8Ut+(F zlcIuEc=+mb=_Y{76~~B$e}30vyuJ;hOX&bi?ey6ELZ#AA0OcyZulXs z6}Ywl+&Pd{`c8X#C+T7upx-#Y}g|D)>?gvL!i1iKsUCMiUCN3XCtbAQ41 zce`#P3SMasZcD4RA)DX&bhN~su*5XevmYw=7Y$j-xIHT@AN%DtE@tepzF`Cm?No2T zkq6%APTDp4`CJa3^~rN5R9b#ahpb82yy1HK77f}9gT7~#<{~iD@)pEsSV+YBaz2n0 zgBOAVyN5uNvXykFx6@m&jW^O#$*)LDD}WwcrCA1VmB1Z80p=NA*0> z@Lhd+ub$?U1)^Y2#2qDF0Mq05TJ$eqk1e_X!{v9+76=aK&B`C8XI&HV7Y{VAQ{S~<1sAEajOHp3upVo-);v&jRb!L zt8OlL*+T?sFv8)76tdriQ_kCM{Mg2)y0{!XC^zGeeu>?3WpwY_D0_W~4wT+cAoZ>Q znti)6=u{3a70~RXq|fo#v=V&}%H|+3IS6mvC)ue>Q>>bNPMt(B#WpeXGj8@;wy?#-WJAK8>^%_X4V}Y` z#2)~%YV791L{UvJ=vNLfUsZ%n1Z`^8>N2UA_ep6B^`cBxFXN70Msf#iB}~X(ySs;I zcM04;Q%@Uq>)t-xaO}tcxy%J5K$GSO9rou0d%)Lg-EtRG+(I0q5mY8=y{$18V00mE z=|3ih`wf`O#?dPk_i;1StRf~Hue!QwW@N9_JbzboETqDv6683N9v(3(?l=IaL8vDh z^btSv0en6nW9R)*Fd^=Gz6n_jV8htpc*7f_zC(o+m=q1uyb(IgY~C`jg?VMs!oHEnP1r+3ymhkxE!*twV2ST)o?=Jw} zaa|)|aF&d~Q{=!NqB=vv$qul$?7iGQ7eF(o1ME#14G`9{k) zj{~E!MN9Vp(1WXsz0E}!b#qzjuAqoc1UA>kts)LY_X3OULYOjiO@GUNo2+%=zwJ>( z2gOeFbs`Bp_WE1WETH1Z?c>nGTP=V+{W_U9a;iA)W|*(6bACFbz)jrqNaAnl@Cb(j zcHQuEVPtId0%92-el!g8esh8lG`LW81=a&DzSdoL3e=JO4LSH*u6l(IGC@URB~&E7 z`TAO*CH}uV(!7g*$tf;521YA+CoN65O|$&#_Z(?u!YSQ;HeOaKBLZLv^+`Z%a0EDG z`ge{Rd^m1N%&f@Z?t*~AEdAGQda6y+-QjpGCpro+!EAnZ2~H47R`|981~(f-%(aBr zuBLQ7wnJv<45Y1Fb<5tJN)E#8I36L&N6>8)p%EFyyT%{C;V*NiW-A^b}>fJ}L+-r7!sw?ZDb*ZbB$50#Pn%Vvf z8p0~cnFN@|;EgJ?W88gfr_h}=<3C;g)NNJE=%UY2#AR5QHypPY9BYL`7BwT_g~A$A z4Jp4OiEQ~?Y~9*>3>Qzfk)Mo3JAD-G^c8}%a__#Df=}*~?@mkj^gep2ZNGJ6_xNd1 z!EMB>-*_c||JVV{8CF|ne6_v$$AFOq5plKY^<75W{Rt?65}9EoBA94a?+fEW#>I~T zVyY_OV3XEl*3B)hAR$Eyy@gbkkmnN3qHZysP~9uL*jj0$KOXxBGnb<(omSijWf{5p zt@TRJg2%sv2nmUP{rOFl)YM2Oq_;WwQf3Gvn}B21L#I%-TcEN&M?<>72U15>`5YXF zu{*`(g6BY0CfmT4NTy0lY{pRU@*V+V3heS`Ij7*Y>El?bOQ&V`DPJuDOyZID{DL{K zOp3znoil*%boi;+AME!s=Dqr$~`^m5V9Ga)sJG_!=s!9rCZf*#RQf0pPycbzeCQw873*+y?#~J9W zYaOkt^;SJ*fJZt4QsrK2^@?(P&O;VhLcT`VZV^FYnU>(|SGoBvZk1kR%ddM#LTET1 zxl^}cU$Dohnmd1dVkr+5*F<&{> zSFoQ+TANX~Rm)xU#wPI90L!aYq2tAIAIB7k_3xR@%U!DcS?ZwHEUK4~5clw>;5t#` zMMZs=;!R?+xWA4`x~o-tywjB=IR?+%P-;0JXMaphMYGd&d^-w+F&J5}k760@>@*372{p5Ip+yaJix zpO5w4rh`knGi=GmBDy15fXwt-SB3{*_gE{Iy70;WV(67WGPgKj@4N;XA$Db@3dzJH zPYmoFkS4((Pf}S}JXT^Y=rv^j6h3ZET@-r!GIg{arL4yw`qWMhN_IyAHJh`l~A;&{GJ z&UZI2Gu4btcqCe>mwxgRV{rVY*0(;6NF6Dub1-L=2g^UfH~r)kGOii86+M|KK^-~Q04%69HU7uaz^ zHe3wD=)UtHH78Iq0`Z|TT&?hO4ycR(Z7V0bbvJ*`k_#s|V=nBV5)%e5-h1v%`Fv2$ zt-rii9QSunTlZWZQtx^Zg!=|XqtUNh#$p5yj+8nCGC%2%H2}|!1#W%r2uudn**IPj zy<0u7zK;vp{o^6hTAYktnryn7D%Q+L5y-U0gMsrsg+athuG}gh6M${mXPACZYr`{i z%4)h6Po4Ky-Uis0tZfS4x|Tu5K!MW;+4R*lz8ck}qky?d<6%HxG}Ub5 z2jvm~Q(BzNVqxUg@h7kim@`2R?+p6_Jz@}JK_o0cP^yy%F|?pnc7EAASnGB5)z(XF z0F3gw>^n7}aMu?pq$Y|&LYnoj;O?#lFoI2qbD=zqC!deB@3npm4Jyr(?mZUsu{cu4sLyZ~@SpoZ(HELfIow zzl9AKX%6gSL{&bMuH&Hx^l;(70+Ub06v1t=tlle$lBA9xBtaF!*>78Tl{Vyl90EuD zKBeS~zOPz>$8B#52?>2|f{KOdUr|g^QTQfQuH@QPFV=yKEPsvzwA2hmmP=9?0Mvuq=xAMFNTH1 z`{(rgB42BB8PWhpe#l-tKKD`CQ>68f`_#tRQ~mwy^3tn0fG%r@rt>sdspi)uADF#I zu4|FN|41kPHuskDc|@s%LN3>RC=TfHJq&2H&gQkCFxL4i+hLYMNnR*hf!wNyY7)@S z2pROt6M(~6b_>Ha-=a{nu_js)mjF90sl% zjtTrv=7OrLw&N_m9*}nT)#Or6+e2S=YW*(awj!OQhAJDN zZ^zckjD{{czqxe>Jiu8D<(kqJ_+Ixp_lQfAqeHM zBY?4FWO3N@07I3~m{Z#LN~0@w#p_$x=T981 z7u+f4m->NBUsSRLtJ@B`?FGht(3mkt`Ge_!1)`P_G--#N^8iB^r2s(VY-jiuQk2nz z#iU3=T>ikLj7yjT@xDE?x#ixMh+oS=5l6?jzSy|6@Pm2~6u?4al+WY;!4D1qGiJCc3G^hU&!1R%h7+=i#|ne$e9EN+9mq{6(=IQhzY zy2~#;9cy`z-%|J&MTgO(9X~q)YwQHQqPAmVza?Cg%STjMSXg%9a|H@EE-S3;#Uogm zDo3UxMulk&GV(UJ`>@V|erQXD+Ak1ZfyL^D+9+nNp|Jw-2#+L4|26=U!V*@0m2&a3 zSRks|_ffvqf4=x#SN1=c&%5Ct5{@X$+#fD!|NK~T=Z55L#(V&Grqy#*UprX`(sqs! zY?H@B^qRJZY;$JR6?wO{5SVIWkeRi;4jO@%+?Alq3D~z1i%+9JZ8P@WxYloZ07ws4 zdX!QLTl{`bisSDwP@HU7r>_C%#9C_bePWu-h1PmNO@jlaH>3M^0z^g$L`DFk>@zol z$`0)+S{QP9mCK16)-ZA>Ax!>fv$o}8xqj=Tr+&mqFUzR#XZlCM|66mOm(z|s*92Oy z&fiI0n)9eoAtzB!nt-7fF|9fXxRUAaIEAZc6})pItq5h;)0wz+K=IiM!y>5&tKM@X zJpfJKFf={5wu;E3gin*jpC(H_9lq+CXfxDnfcDerHN3T^GLo2fddtYeGr%L5dLqfl{pK>#c&4B^366BjKcXWJ zTrofU?W8}BZ}BJ#S)|F9_A=50P=xy^AB?6)P1`zs0m&K86TFEhee%&v0@d}~COsRL zAw+ICy@d!>;?R*3HkSxeLq=|a1fqQ9b7~Lo|Ft^R;RYaRld6FAaotJ((qSm;il-e# z<*gJ!rh_bn@t2>b3WO>8BXok{`*ty){(JsLdGP)iP;#Xw+JMt{{^$@^Jb*dgvnw%S z;Y}WsHBi04Gv*!wm#eRySX~H-wBrAj z0g0uT(AmgXN#h_RH^^eZ(%j9W3r1jlQ8_*o#>=s%(yeb9?nLfjEo7`Gn)&E~lCWEa z5#jd6#r6(%6`%vhD?KR5FxX+8ogf021i)?(^l5yH&jHa34=x-eMk3Ulz3x~Ev8U2N zG5rA;o5dyyp64S3_>Es*I6wdJts}#0RO>G%TXgD21_it_I}KH$ze!KJA^l~2^JiGW zfb3kzeEBt87aZ)9fujgTpdc(d8ZfxYM11@v!ee?E+(=;+3bx9Pc93~V=~M1|5b$mX z?zE=0(Yq7Za2izp%Wt<8l>nZ7@n>2bFlKhE&Qruh=m1O8#>Dr@rFgn}JO3 zoksNQhx&~N+HlD@+YWk9;gx9;BHB$Ff&CN6lzIC$L^L}n0PWhjngC|gb4;cTq=jDd?(?ax5N!Qni31Oj(c6CIZBNmxda;u!nI8sVu9iFVI&jBq zakjt9kMzA8m`qcme1U^I12=mw{+=uH_J9PON8Q zAw&Fj=LHa69uNS!r|fXLA#`Tjv84|22?;W?O$@U}9gEvHz^ONvQBdGd>e;V%-~Wj) z?Rov7?%9Hfc}U5TF;pn9O--RMsPxjQxl$&Us|f}pBdD5ofZ0*Sy3Q;Plk%wk;SVY!?F?qp8TT&NmUh0!|} z>m#%UzkhF;)_0RJeW_D_WpHWE z1Ca%kI8Ad6<`dWIFHoWE8p^WumN{@RK$-11ND-W)Xj?nr7-~Wt@M$fis7x~hT~?!ggpy>zSNjn2B|)N_RJTCP)t)A@|u#SB9B|1 z0{kJCU^B2d15}1i15Do`usygHs+)nvG7w`6>YrH$z=UgBW#=(_nHOTm1|s^mMX22T z31q`4>yJ86T3&j(Wo-pGJh{-e&f8DL&I2@EsM-xC_g=eK_5xquLi*!;+t0Vkm2>w` zODx?#eT}ka@}DNR!m2K8mD~r;%P!-Z3)-#b#$I<)BCVvZW8yVmWcEu1o+SV z?$M*emWD#vPNVT~Lvfj=-}>+bsxJS>(*7i1H4;pmvlu(za!uYp{onF8iV`KOG{QHC z3t|S}L3n)r#M!x+8fd`6;x>G&;p=7;Qpuf^IGCr$zrjD@jx2hR#d*7s*(BgzZ*<98Ft|vvy&z%%ZX-%yWs+NgAJeXPf9>5 z$z<$Q6o)c3y6N5F;ieffvJ%uzr`J=ZWV1mH8dOB*iD)#8K%3hKeEIT2sENk)U!DdPF`3@r#?=nVkf__Z_Y;3pX#aHV%(urZ|l4L>9|hy^iyPdE`rqMUiDfycC&B zI0XoEpX@YkA47?#@L+%=H<7FDHiS?Tjv$w@+Kv`L()yt3B@JbBe`v?B=S`LA@&izD z?3t%9)W}~r+bMbvM+YF}Cv{*Ke_F^w>|zDa=DT}fh=1D!$VI9k3p&_B`&SR*i~^u- zWs3P}W&-srz?_p1ar-v^kZ|if56R6R19Fs^!bG4h{u-)_7Xlm$IH%2oxTU5L8NZ)q zKW5)c`mYi=boCQ;$!~_!!omnngiqUK{1;kNWUdk~gEtIZsdATj``B|E_Zs{-l&WBd znBkkr#rXeS0t@O|5u|%+P7`<{?{H^3+qaNjL6gK$vmcZ1ff}J+wACDy!N!6KEmj8b zJp=bmvICA^AUsiKe}5Hp!Pqv(h|jfQXr=6Dc|tw(1hInJBaK*1W_{RS*J$-D)a1I~cS(quT<;AenLniy`#7ZW z><{MnvXUs9fOew-#pwp}qCuMo_B6hamvokibDvSi#xI?z8c$82D8h z!sYH@eS=K1$juDa4c{f8sK$+qny^Dom8s`Gl*byM{>l{LcA0l6!h@pf4v4BlYq#VkZ6dJJJNCPmU%mtFE~gB* zbRDs2JyzP#?dOdg%%N+s0#vdFJ+I~D^3XjMw`^wo)IQXG;m7m`Y6_15bvN56>o_e# zsw|RlPXSI|$!2oF@y2!?1|f?ld`2V#U&FI~zzYcNj%gsCZfaZ>+$>{Q} zccqKO@lf3iSMH8XzYs{^)I!mM(&kCj1+7m_}CE% zrRTd`y1K49H&0S!2MW&GcNWM9yZw;`bi@ zhqL^Gl_y*3C5#p-Ata|gx*Fuo|H3q2HYG?EMppwV$VzP7Yzb57*Z*3c=>j}fMQF@Hil8r5YX4r$AVAFfcf|vh=ZogZaTmWym6U1gAV9h z-Yfl(9{81*zIUe9-|XW*M`eos{TQ@SLV>3J0bc$})s7p|dE|1bg)_T#72M=1y~d5{ z1U+pB^S_96XZ8^1iN*qP$PHr#+I9@xEROMr$WGFUACz|X-Tt2fJfYhx@pdj}KsY#i43kbpGU z-SR<14k&JtOqiiCJCP%Z(}E3kc;*b(;G0+>H1^R&7;iwguDYAeWhlCweN_s!#U6rO z6>;A#v!lF-9bBU>~APTZM$5ptB7!l%e^qR_^si}-HtPleVs+-ao4m)iM=@jKv2_*xQWq*>InVc8?Fo(@^bJb!nig~ zLwIt9uthDr`TI$AQcqSn53Qh*?BSZz9mrsQM(#{zMhVTkp!(rdY-c=Ely*UWOIvW% zZ}xO4)dGz*Q^JkK#0D{;5H+m*XZ>|zz2P_eB8P67X*!{fb{?8@tdEGxCPxWUC zkAX}R7bg1%@&W(S?_2(HLP6Q(3~w28zpMGBC39%6 zb@Q(NdiHN|_&~p0)BKnwKH%E34Tl0~%de!T!auQ;wOo9A%b)Zj&l%s^bYB1TNkYbO z!%ds;5W&=6MwjFr{zCR(BJzNZmL4q4138KOX!v8fI{m-p#mXaTGKb{`ycPGrP8Fl# zn6?|Nz_`J*c++gy*S#(|R0i`)hQqk`tiu+OaJya_T6`kH$M6O5g$ zC;!gyC*KD>^!{BLwDgn|jI17AtdNdrdlxyQ`|H z!6@*ko}jJWP#66y*ss#-Hfr-+f8!5(N(!vz6NzmG#Rc`Dvjrh69P?@MN(wMME8cN% za}TBG2w6O*!6NnSd{GJ~P(MZuRo*PGYl@ECF}-~!(&}5~82(tuPN+(7LIt8*9;ng2 zyH-y)*gP`0Qu)txvGzQk^!#Q^`hv7DuPamJ z0)>y>r_9_-T&=XWTSl!rOkz|qPCYE*0fqc|k`;<#6)NpF!4M8 z)G`-t-ppuvZ)9mu^jl;@WxP2A#~gEI(NluzKD6qs@VKnW-chh8Y#b%j|6HqD2$VaX zB1w;?M$Jj;{QT^A3oNR$nRTa#{Eb4|jX$Z@J_2wrD-M@Vjda{9iP$_Y^&8rbJ=g2B zbXY)op8V4D$IpKFWls8b6G`+D{SFIAAWic*ZP+a|@cHt2L3;`pKnge9TR!#E>@|qH>hu;CDOwB0c zmMxJMR~;g;$Xnnu1FaPz$L+7fH#C6%alh)G@<*IKsl;fp;S*d8 zZTq4ViTcNqk72}HEm?NN&!^=mU+w!6C-c!EQTT+@nZJi!Ll+O8-UU99h%30`3vCXd zM~z>84b8MsDZ@MK=6*i>&EmIonrCtw?E_w00uoDByiLv&J=?C{4ntV<83N!JmGne)_0DlVe?2Ad3$<7whm!+k5r& z-#JpweINMou-Tb|i3zrM>zBSiG6m?zH82;OgC0R^ju0%lyVIOQs4~6a%1G4VRG*7H zjYKUIHA)IbnDIqw{R}unb(VJ3vZrMvBAE0KudPz&GSZ1zsaqQo?i~yrc)UW>0B!a9 znj3DMbH-m5q1a3`v`#3jqD00+5h&I4gu@p(j)(Z{lp07ANQ(l6xDX}JBRBmH=guptCN z?~xZAQ|(8qZ*;bMMSCP*#SqB!GrN`JAieQE@m4=2a*qY`FUMFS0OojMVcOcNI-bda zwC4+@6qkJ2k^q*M+m41T$L-c#p34cf_7Y56m|{Adk{M~$l$oJ`nMMSVl~GS#2~YEYwLFGSAL2cK!RXe@g-Vid zN?0kABOmh+d~YbE9l}SdOWe?lJ8)sph^=vEOPI8v($d21FCX4(g~;wn+)Z1IYIUkk z_uazrQ+ZCw-x+wE;JbBhoP97rM@E9_`e|}sCQu*AP_6w%;9UyxNSM5ChnWV^fdeG_ zW?c-{)Qb|V=Zhvh4gSNJxY@1M-+d`P26TceQ>48e8tM|*PCb6YOK^S-2YPl=Jw5>2 z=k1=9Pf{Fi$i2P6HY4btB~>PpCe$1{SABXRejK{ZcpiDm&VI*p#rjd%#DbdxN|cdT zijG+n4$hG=RvZj+awUdM?8GmjX7g=ITJ($K)}5(dW#R8dU(SGLgPtQ2Ox8M7gb;di zxb@p)q%HXRl4t0w(mz>5pWY3TNnXTgJrC||-hO)io6njoUgRqvcO zXCf;&5!n)(r+0I^o(3Cr20p2Vnh!L)Sc(Im)gyGa^{2@g5pQ~NZPhqVYOr$`Z|~jn z1fr7&YkhZmDlw>yZgEKLh6D(%ZS5-n>*uOdg|vmdPa^oUy9gOPja(JC<6vh>Ql!=9jBIL*D0uCT_hMa` zUR`lse9yrI<1hCdC@oLOGW;3tj!0~p2Qpck34_(8yuhJPF#N{ApdGdXja1@7 zcGDC`fR>dhgfqwYbS(eG!$qFa7Ue}u131n^9Z zN;llkTYB4@R67~7=Ww~v%r70t+-=-ksG9&6qeyPX6Rp0H%K!VXJ3XbD5@`$1Z)P@a z;%N*yV;YBx0U3O9WJk#^+nV|e^KB!GS6;oP4r2JiI9Tm+Y?AH!MjV3sK&^D<$w3Qo zvYPO;ptsTChW<8rF1JehAb_rN36_wi$J)5+pZXs@r44uzhvnG=!RLeiLEvGXbgV(O zZl|_?d7nNPdIk6*W+-~F(hT8+f-h(!-}K#u4lBn`xzD+D=-8zNW|AgK+Rr3LSH3*x zDpny|pd8`1IkvPmY`bQ4XbFc4r>nz$}@lfTLazYZ46q$gkvEk9-A(k zx`T*IN?+Q+rg?Ux{W@t$SH`X38YgLoG?vxzS?_ubv=$ONd`vFamXVk}Xt2rxzSMrk zzs3MtkCIIlym`Rw0T%A^Ojvr+h53iYkGWd!?cU;3byDKGweD`hV_0BJV8;RAJ`|pV zZ*@F3ebre5%)h;Zr!_Bcn>kLhkLkeSqdJD6pd2aWMzp z;2{&ibxXOn9~SlED9mKOT(&6jixY(y1-#T&r9pXSAqDL{YW3R_Q<_79Tt>rNXBR9kTY~OyAmdb>? z&>4D8boL3q#op;tujNnZ!6+h~Kz^CNMY5d?sms(k+y_3Z5aE0?n=Wm*;a8CQiaFmR zuQD!rnLB#J^<5j@HV2N~lv)wEnS_0`M|KGM&l65Uw&4G;_1*DYw(t9&L?sPnm5elO zd1PlcNSTqnin3?+e%_S|86_jTjFg?dJ!W<`*_3SFHW|P3eh;PZ@4xaY_kCa2d7ale zj^j9UX_V6dGk*!%nd7dcU;F_do+Van!xhoZR$|}GvCg6sk2h;-Qb5k37);S8QJhc7 z=4k29AN<4Wu^)*OmC`_Xp7|%%w!-W6Mw_a`$vw$!xcNL!;u_hmCsYQ=9|HMQ?gjymWUZ;SY&Om7~hb999K2jrk_%G@WW~mi6ul zf9-uJO9r;_p-zb`%*!y%o%InbExg>XA&@~$md=FRlA#3x5>-ooC;Bw`Qrlh*{u&X0 zS$rYa8j=BAR8WTdFH}~WWuFkD=6z>AHG8iu%>Xc~dthV*2r=T4gxm9-3*G6lXfaWD zxO+~)9VChA6sN##V&)rWcql8n41C`RXFOyJ?Y?1;cRgC__l7^saLon6 z$=+)%^?qq3>!i@?r4~e<@T4N{G4ipkM8G^V6Sod(e!4ARsgL4x%@}%4r1& z%C;9*R%w9VkB%8UJ2{&b^$41B1)O8Az8s|1^1?&B0~CS_XS zwmFmswxG0lM`j%c=;$rXF;fjDpNmj)*Jt|!xCMoVc<_jFn25BJeo%*QDwn@xw#Va* z?b$=$m0&@lZItXXh>*B=;Pz|R>SGhM^8FKIm3s184pfD6!(=bDidc(R>%<)RKE96ZqgFGSzP?Xz)iGUa=PL z`oPBw5Ji8F)L&F8x{dc&yl1UoXi@o4o(oKT=_>0sEvRaX@4BK}B-j#u*JMM$2tVKe zbGm0(!KzaG_za`Dfg8}*g$cUdBA>O>Ct=6|n0CwkvjMcIXQ00Cxt`Se zxccY}nfw4lL}=thB1VA=T28^to;z~C(Fi|?Rk3biUeB2i4iPp)wjHJ!+J|nX{{f#LKi22p`kpG9- zL}p@kqi#yeOWy*vJsf0C(KzG_w)8MVs)IScXB_CHgtk_;$n=eNW{KuBT>d=7$Vh>G zRqV3YIpC*XUX(=-s-HH^osmvj-zXl{j|i)qvFXDVX*@L;CBpS=1<0$}HZi)tT`&Y0AR?6UjVv8WsV=k5hd8KK zhowLTIISPKH68`(N#2ZSC-?{;@h3VJ$Ny+7|Ht4vy!qvg?1@Z@6U>tJD zwLP6%r)9o5xcJrv_Xo|#{w$iz=8wcYl3FRV1&)EFruT1daXA=E~<=K**jUGpXj{ly; z{S1p6{2>-W6+DnS>%`IUNl^+tQCM9C?v@+VIfuCZz#%ATeqJsd`ElHntXH+)0{1IW zVy^nT&zMuC}HBf;RdRqxKz!i31<{V`FN{Nb}a;Rd1?TtGD z@_U;75#5yX&G^r+<3PMcYe1fUdB7vf`yvEyPr_Mi7a+&S9N1b>G~^(*7m#g+?1!_# z^2IX%a|+c|bu(Bfnw^N@Bufl{1l^_M5_?_hqxnVgcJvQH-(W&Ut#2q!^O%i>BjQkeqoc- zjrO=F3B(T&ilcO!g7h6EyJPa7ra#_Ht=z7%jBoFPs+*PGrJ96sK14(`f0<2xG4=Wc zYq^(s+0rg}3FA}lBDc3*7A15AL5F&KW8jmT`e7DP>zeMohlv4t8BD2#$&dsYxLup9 zFDx6$78>m!^5qAy&@s2LNqp-7smVC5#=WyH3@7suFc9H|;^CxOdn1*cE%P6r28)3a zfQo*Fz_J3=_c2s8_(|U9MM~vQu6I2uB*tft{g!oKw$TCMWW9|8lDnpJ$Tb~IC(}`X zqoa`NxNmO_VEJtNT$xG2c7y0@l!?LL$kv+|dTU4i2C-sUQ3jf6ZUySeQD+`u`-=3!h4{!|)8 zmK|ivsTPuk;@*d!ABC~;V0Td=I=g8wnp^O|@@!a*O8aiP8MCRp2(J13lTJX&h zUrGAwQ0(JE{M>B|LvyGpAmo4ygt{i*IsKxG3M$wFcJ2QnU7vOSj9n;&coMSRb8m%t zENpD_k~l;{kHa7df!q>?94PLJg>qj!urmAFe?<8=R}V2NUZ6LqWyW?1!1L?a=35WK z^PfSmNMC3!BXjCfoSM%4q!Spj4%syj_CdZJTi>f^GvmeCrg$&tBxYP3Q2)%L{XMF- zVk8I6pKE?qp6p8=SX%W#psW08#A~;Kr1BgS_tY`YFTfMkp$rEeNFO}WL(Sf6fP4pa z;1*&A1yPhggoga0I?N?jjMfmb-hQ1zKW^JSST zQlO+JtUI4>wY(DQ0H`?-))8>K;Y69Un=y*3BaMQ&$jj`2?_l>ylK9Mql;jh`cUHTu z>_9D;3+UN}`;~Ta5SUZtiop8cA!iye=S2&{VQK{>5L|qLr$eu%$CpED2qB9$5u$QP z*tN1n#@t%rVq4fh>A`i$nA^Vea?Y$^L??4Z zXwMy%z0ha`WH#=IxhN#y-O1@opveKQyh4N6A?7ja!nWM*;&a_HACF?bq zFvf2)G9rQPok=4*i7P|I+I;(|ubDQ%(kg$FU0{*dKnO(QAZB}68Rv8TJF8#Y3AHWL zNAa>U`cLa-6tm03biyTNxQw&)6QP3bHB7JWwc*VPjaXe=fkqM$IMMx=2PL(j#j-LdrP zN(IL`)1>p$oNO)ezGjg!3=pCbg6aTYkvWMocI+GC$CC->I0jEHLufe2Z>QEk?O>zc zm3s=Id@&iApPT%%&k6B1(qB~mx`|yvOyi7?G}Lo>Y@k8-gRzS3{W<}P68T4@ z4PC@HDxb6ER`>ewCs4u-fG^|XZh)F(>nER8NS?Fz zCb)};RZ>r`0H{Lz=;5M*d*g$!c_Ps1ACssh`U4+A{9N#l>S$ID?=||ahYcY=%EvmV@(hcy!1ec6ZzV`s!m74 zTTs|7_i~De3B$(Zz{M-dHM42wG=)lmn4M#Tt&LvGO`XLpS`q6jldr?cR)e8L_dsK5 zs^#OD_Wyq0fk+7yBb?54QyYGY2n=v&QTcQpVi_~Icev3PHrhfm{wpgxecoiq-uky0n=yMb7~|Iq8rr2dA*HLlsdEYQNl+MsfSLXSxO=a2Xsp=4rsGR zbj$VS;LRpW4a~Xf0o|8;{5hQyd2PQidh>(C;4Cx%*VTe{-w*T5KOziP0tn&m=NhBn z=#U6&r36U~75~tDUjh;yGr{4bbo@-gRUPMWP7d`5QgNoHDEKfamS|;l)+Qo>g_x7A z#?lG7hViUFv0mVm%#j4yC(01nniyFEOV=V%QJrEDZT*$36I}Yq;pDx9lfz+k&^PS4@dpqT1X}KSHvvxfdS=sHCGT(8f}F4=gLDyBY#qk zeLgQ6hm`uR0N(Zab)`q)gsoP3Zr9BQyVf**MhjmN*|44KPT&>Ud(#qrM!~Fqf%iTb)KhMcZSeduhC1R-ok_e%mp&i_$}4440Au zN$DodG{(E-4H5;j4U%#1tSoB4$Y&EDy)XHCUxC zx2#Z_uj&^YwWVB<%fi<@w<0UO5~fc$3LM1qKox^{KJ@|wzK>PvXd^lR7Tdc3 zOU!*rj?}9KGTWggPI&nIeCPY4=sPTNj!?a^?sep6p)|;&{um1TT4lr$aUSImZ1(cF zikU3iN-4b{b%Y|$8-<-Pa&B9G!Yx^y)w16t!NIpPq3o4DV!V)eqyb`x`@L${v23q* zrg&4wL==f2=2;a+TU-slCcqq(OKJJiUq$E0+atcceg6i{pgyKf!tyKAqX<5+&##R5 zqVG?5@b{Hz{0ECBbJpK2*KE_qNg&U7A-=!7S@o|@}fxX({qyqTpj+-(6vL5Ey8ua;9HF>V<}-ifY52k8e6SKI#jhO#N1q+m!?OcR~1@} z>s8?*sUf6!EQiQHA9|n>V?6#n_15*#V+>U?&C=E#kQgOL6-OqqVRxe8_f?NNA3^-rIxFLe){*f<%ME+P_eQ$Z<>q%JUV59X*$kXmh3`N2_ zKWUXEage1x38fCjpets#&(_2Hs7LvIW4$;(_Wo!FC?rORnBQnPC6unHslHor0a0Oy zVGaFWLWev{kHR0yt!2<3PdWot^NL2V_0uuCH6x5o$DD&-OL0FNlNi0x9O{pU<@({9 z_N2gOBwz{Bf5L45P>u6Ig(p1P>;+L0ShMTBjTfP!z`gEl`WIJwN12iEY~8OAEcfc6 z3!bbyXSFt7i`2>OVWfu~Vq7;v!s|ZgNbE_7kg3)nE+Z_GjkHm#2`57={NToxD=g6; z3CNR{%BYt6*PatoHEw@hRwUn9Q?A_G7EB+(bveOF_8y0?ZW{JniXS6{;G7GBblw!( zriMFQc6WDZ?xx%zNTHId@LE2aF(s}qfbOX=ys-*1JyWQbciT7E0|psohE!WSGA6=A zeD~T6{YPLnj3?_rLFYNVfB?TY1IDjf*+Chu38DdL^qqRrfw2;BKc|qo2?nlJ?&bM5 zMY2R|=xa;h9cZ%a1olC785*X$sV*iymIjAN3#fA_+eDVR)aTyVYLzv{-UTEqV;0X2 zU&5-uq=brq_>K-ez3vevXW4rz2jZ|pi^XHchz8V);LCe3?XgDs=VAXdI>MCtQv0AE zz^`RrYT=Mam=6Uhw!>g)Dltx&>fI;K`E3xYnyrFr+<(@q5BOPBJXl#16X00!F32CO9lOzje@oX0(&4$eu%k_7hwKe_sKbSh<-Ldl40F90QAJ5E?=zll)Qe}#CH=e<}phHR*R@IQYg(5R;NM_3ftzzX@ppVyRl z%tHctUNhfZN+@B=H0Jss73?gpNv0EycK>}-E3!BAMhaH?BUVra!`IKDggIP^lrU!) z0-lithLatq^EH(ou1vL%Gdu3QJ2(XMP;oyvS2n`JzF46Mhs-T;Wtw zGSnn2A(eC0leC=~&u%j3TK+v930c$jXJ9?%4eBAVNQuNKPmrr9l7C8Ws@EO1`54ld z>vt}oR7JJOq`T&BYdS-rlS@Y+Lu#}GGol5K(Em{1IS$nJ9(nB#s%Hm2d9oeG)Nqbw ze6Y0{X^sv(p$*c$<6|UyxAiQN@E$|H9T>RyZi`EppuIw$Sfi}BCw00(i6UgB!_3~l z@gyrOw@o+jTSR_s2#SFtvCqtnIpOf0`pB4i)+z?VfYRq=hLRzE{8kXx;0_V?4`Cox z-z~$ei~Jl!r(KJjU5f4;W@$Pl#B2bE*U*vGJR8;`X+k)Z0Tm*qMpn{gG?bC3{gPP51P%BplCJoU##7t?1fYM_ayv)@r`4QwdznyYr@?29f+o@eAA{7;`c4#KGy0k zy+s(in=i=MFyRjFMi2)HL`+1Q{4JPrz1v)056ay=h#2oT=J|E25itNtU+K4XJEOXc z6sWM~fcZlrD4kS&iz=Ok)m7jIVU0O&I5vSRLYUH6o2)l4_a?RRUGWUb1KKfsx}l}4 z)O`G4UfC|yHHlY6NZKP+@V{-H3W~csN9?eGiK)P@D9HWVn!Ml>Zdp` ztaPUnY9;p_ikAMH%<8K>|Es1V^C|h_Wg$BqOyR87rwqKjT5&vA#G3Cf#>yA_L>3ea zcDITbF6qFd8R>9(Yb@!>Mm@<)^=7mC9su&l@&!!Yu3GK_Kr%m6H#wq-i}zZT6MSR+ zlrg6C2l}(#zJ;Szs{kAflw9(;X+azLK`g1LEgVv_FZ+Gu#AwX;T%d;AG2H09Lp==dP- zBd!AUu5V-rBv}K9fhr&3Qn4x=^$tl4$Z1Xa#Z;ZX-Jf*lnaJ)omRu7TXlY60MS_qs zt>I*b63@@1CGj5E>pOs$4~d#eME3#2+yazQ&!Fe#3ET^8o5Vt~VKTYh4uN&ComrP$ zCfweH?qH$0helbhq5R8tTR=nOKPrS@v=U}qJOph|q3Y_jcW(cjU?VS`9!;pPvDijEHUHo=VGa1SY)8m&dpc=XH&`r$9l-=&gQ$h`$?UfL-|13IkBW z!`VT(Y)JM62AM0E9fV#)X z$G6rnDb|l^Z*QCQ3zA55GGQj|Lc<>!*9xULt~dcqFU}qyL9x9t)3E0cnX>PlAp*^J z5c7v#FdVo3gN#)}CD2-UuzP@^##Zk2@JE)~F~SwPE5Y0RF-^C<-Z*JaO?sVf??GKvJ8-2d)1@@~M<(YCVCKB=Z#NYTDPv%(- zU)!9Rp~!HrK`s5l_fj%}?}v9Fs1+nIp*JjifRWF{fT{oRE$zYZx#o?Uxya8Tr{~pN zt>>QzB1wMi+ihrWZRBNt~Nt9#_nW?d;uxjvXi?!NP1EfYlfsHH>9RI@?cw-`#*-afrELGdzl5_brwH60$B4%{Wg!) zWd?-@xDvrJ8o{V%Cq2o0gw2ch8X6@W>r4R(P~?G!E5iVg!RV4Op7ocstwK?N&{Lku z5JZhZMV#+utph6yf-_nh?Pb$bVu=7)SVHB$I>2Y<$;As&#Khx6<5!|9-y=u$`T_8+pN`!dkt&Tdp2TRB*D~|6+ z^kz>7Iu%l$w;JJ$j-ue#`kCD%5taW}t2P`=xhDdv+6EW*8GD)+VnudbaoucDfSEgT zH=d9{7fJda027s%X&W#X8G!%Gdg|c_@W44>hNL)k;}g#LhhXhZkljPn!ZQir1CMW* zOe7`pe|!DTZ%7@o1!FK-NBC5!hmE>M*Lb)~6}JNki-CpI;oGoJv`l)`WD{9_Eviy5K`oDd z-YN?X91;V+3xD>h#gTCVY|_!uU8fXjcoS7!XXqHJ%w!}f5aHa&=PQ%~kx$76HRv=~ zY2y|tI9WfPeH&Y zq!5I^DKJYW{tnz239nou#tFm|y;gm@y|R39f)9j7q%0MSCRw?vZWn6q)Dc)H6n%bW znWc@)KSS4mCs=`cT!%8cttLSt4TguBhh!7r4pxjS61Qb$DT*Rv?;$XN@t`+s^M(u7 zKuTBi0C4Jej|==E5hNt5!cJ#PBKIbQe6?({9!iHfo);oRDgF$irNP=YS;u~1z9;5Fy4&EZwdEwhs=PCn zvUUXqQ*^6?_^0#WxM){3y0ejZ9M%Ld{R8U>8b;c9fCNH!V;Tdx8%H2;S)(Pj0p1qa z0<>G1Pr-lP1wnsg4l$C1uT>+r=c)qqN@pjgqKa=PNjyy!$_GW?a9?ov+&sYc_0d;ga_kp@?3N>_?}PGV;0b_h7(43QRg)GK zMbYJ$V#EF26+agO_w9Fo!+`$>LoqI-32%9LXuh%MiPOzpvTMHPO+;-ar*T4|p*H5x z-7#p-K~V!JDQzAJA_$@3+e9^uT@1h)v4)LCF27PhGa_J{5&o2lFl6{+8`Qv{xcgRp zz~D|B(=|*dZFlK`b+@kyVcj9WA^?O=KCJHi45|(o87jGjEWE=E@7pv@R23{1dlP%+ z*IH;?jjmd9_=_Bbyr0S7MwcJ(L_>Y4@%u?dw7t^uO-->t5N*2p(*MpA=W+%GBhYWS z0Wm+ls0#f2t>$Q0QW~pmbJ$<$tOSCyD<@yZyxm(;DT~v;=2S&*ndaxqcdb>sk&QS* z>9Zk$(i?Iql{A)fEJ3Zg{?78Fz<`lrvXPCczPRq$CyD;_lz;N;!2;a0d z$F$jR4k687ruQiX(NJUJ52-4tsA=of_1OO2FmBtnY_8q;dy5~Eul3$E)vGPgp77Q! zb#Q%21ND-J-?Q%?AVTnCqrm!|D2;~dM$%I&+pe zev4F>AQsXd315|camJHeb9x*#2GugY=Gxp6=71u`nRWh<8sJ^F_3A*N4e7^qJSgXE z00R;)0?<`dGEb1}dfT1b7ZLu?NjqR;_=i}?ZGJN!j&BMI$U%@Ic#DQV;Phl?FpI;> z9zf{6eV&*ls+4rg#a<4im;2AIDOKEjua`o?tnxDFD+#@*{bhH+JkzW#-Egj-f~hAH z(RVzf^2V^g6D52Y8h8<;aN&H>KV!o96>;zgibRydlWeCnt-o{H&<%4z{_zf9qTn`I zF?f$Dx-y5BAz_9`QQkkG9z<#OxyR(DIG5()m+QRG{i0qDmgcj+_K>`oTL}4vx`k6? z#ZWtr8P@&=PK2zlX6A_&V0!0Q97W4F_tpL7mPo%K8mLVN6ER~0zC0J#mqL#UIBdH@ zqnM?{Y4ApxLSxPNBc*tx4IJck4UXaBBFuq=e$`t22gCR@hu@L+7e6FS!X(JheQmP6 zt4NHRf!;q8rd@fhJM7PehTHH81cn{fxyV4mL+vr*Ckby`CBxfd`08nuPvuYvP` zac1a?P^)+jit&H!?^y*S@Icr6Rc(-;21tMf%f~ZRfzpITv<2;G_^SL%;1{dYD5sj7 zRA}hP`=mIHI?vP!3%PS-(n=qW9B*pz*yN{nJte&DqBx=IVtd&{7FQAnRR`cEX`Ct9 zLskG~atMe_4ce&@LeF$?4@6KMx3!v4SV2aRA`$GFThL5{;D%RKx8s;l@9%nAJ^`m&`judyvxU^J9zL6H zJ~y10WGS^H0=fDB_IKdpH=NhYdkN*?QEWvJNYB&XC)P>joXUagH6!az z(xctA5PqSfqw+Z(kdg2`n88I3pA28%$CMom0V3%D#yQ}0Y#l!nG7j{ z!NZe1iRa-yTdi&taG#Xfm|XL4uJ*mq6Z&#@6NB zMZz9GNB=+8( z%?cSO-UqS+giz7y_3ht9D^el?gD>hsNY19)H4i63$tIBg%O-^57;f91O~8(X+P!M1 zP~Q(!d9Zkr7upqYm58_~B9#Oy1isBi+)+I^Xftnw@QIAS=1V_6GolK(Vc-9Dw>=1v z5%8m+(w&+ftJG?g%Sa&uR}&fj0e?EMPZqxehtB8nEjMJ>U;vw3v|z|H^1$Ba*JsG# zwhuf*;dV$13CY)CV!6?##X#$lGFtn}0BNc7H`B<-!?-gp-ie^&aJ487(~F;;Ba}=e z0|`PTb*yak)Qvgzs@@Pjf-pKX{0<97PSfPpP(zOmy4eOKsr+hXy@7_sv(vf68q-ak zJtCYrRn`LZrHj^+4T7Z;su3BJxZ($MC|LJ@2R=ozAsn!2Tm8+2kLs$f)l_@G5`=-_ zYNoVIxPssbfyf;p=pefNaQ68G$Nt(R4Uqd;9S1u9^PI}!JY+>cp0fOT57k81dUV<0d=zAGrMyeHrNAL=li zR+ayCyvD3TOdqh6p+n*yB|u9Ho33-s`-ef(vNIy$pzGr^2s~G38$H-l$gGeMF30ic zahzuXT!0EZ@NXdKCMl(+DYfGrH9EE2tcE<=?W_Tbk_5 zI4!?%n*-jcv;55&m%gZ{Wbk3NGoQ-6vbh~1aRKrANhF5GlGU^qJN`8x&QiE%Gm+f{ zQFo-Jx9%FlC(6ScSN29}%n1I_+As+NlmgX{o%QD%H$qent>6mIet=ADG89}PdFM~?^pCA5b z4-h7Xk*y)t1PVOfXVOafN`3(ifBH@K$&NNZ@T)T~v^`UDW^a{yNw-G2*iVqcuT;5z zI0vs)2bf@i7UGY*n0VCvVFX~EvRn32X~60b{-%Uh2^RYG`Qm)Djo8ccHF8x);{)_` zp?Y;Rkv8dsg4xY!`+-l!0vUkmL1)$g`oHOXIv(sdfS5B@r2e<0S$Lh0{jNyP`&}8ge7DL8p6-qQM(V;mgFj&8@##tOJDJ<#%);YIf!WRgH&oIB~3lt8!7Ak{C5 z^MX_Z5!#Wb57#MTw8ITPhR|9Z{FIs3s3nk-)^fezsD;Twj#Rc)Mg8707J;(q6f6~Os^bx3!L zvJx+~GbbXTF2!~HI-8O&bR-@(lwGd%y?}&-Dy<(NYV-;xd2wZK`KfpszUz@uBZLZ z`Bmrl>wk142E-7PMaa?DgG(;kji5o|@?otuw(Z+P-SAy+#iKg}j`O;bUW~_26VWKk zF-3$^{3_yCHROdzJNHq~b7aQ+?*J6e?IhwXYx+~MF6=!4h?I3{xhcD@{#WZ>k^KH! zkD8V^*BKilX^L9QjV*wNPWKioZ9*%VBVrd)efP%M{Hqpr(2t@Q<*7RURQX2Fd-anT zObp0AN;F@h9Z?4$h3`#-3--t3&r-o&=bsA1&b1V;C)%D#Bf(1Ubf{LX(uL9>%;k(9 z-s?`+#JR*WH$LCyhvD$09;Qwkxf?6vFxsjT@KsTXli069y(fk~k!1jx9Q(Hi%Qk}e zV@)Y%tFY(6@ZEgy-8uW3V=-@Zc8XwUrOVTL=nFb;@>9}?%W*mHtHp%|#SfOV6~VrP ztWG^ z^LxQ#PQn)lDP&_4?k@plr8{=_r^Ox#r;PtPF6VdE?I}4oPt@n2b1`asb@tjuTky=9 z=5nvdQ7FlqcWs&P#x_tBE_Mm96-|di z%(aKIr&@!d_SGc-c*aB%ZiU${NBNQ?;2{1mW6M}5nE5p-5AG@kw_K1fuoL`*Ivg)F z`_NfZNbOk$)A7}Tj)I<*&13ykY?GmD0#j|>6aJOV<7xUHnznT9UX`V}# z+0h00paz*BtRab;@5(7ug_C)JtkO6%ld|m&nWXnF3muC~<94voJ9v55T}*nFhwN?rL&SVicA$kbGEI-aYUa=Nun0rE>D57(~nz z3HNY{aQ~L6VrUp&+Q++Mxi1rVQmU11iMKcEo;GZX^4HN8s&1x>)){x_-AkB;D-was z{R;2J7I7Y28$y(lVCs8V=ef90uUA4++2*Dfk2}USf zJXh=6Rr?dye9FE@q1;*mK$=7Krf&jUxovP-PV|YhgYR7P+rDQVzp23r7APC2j7_Ol z!}herdu)Em8fSyTox#*YnR~!UQg`SYL*b4<1s;#$I_E=jI2~Tu&Ar zN2r*98K_L(7SUM9n=^n8BiH#SYcSM4XWF*_Lg+D3?NOKGP(ZO!{Dk8lnJ5qStuIcb zbpZ==nXuhpa4Kg`zPT7&Nt15ZU%Orm#e-hWK6mUHenPObSjUu+1iL=wMy9v+KZdF! zeiNTB5;GfE>Lu~b`4+50L-W`y$i)0Ai<_qSh(j|1*8{WX<5}aqFnYjrO{)C{2s7|< z8OZ)st(Ae)#=wNe8~gPgWQcZC6?7dEh+Id3!hTIE!@0t!s)@imMLcQfJScEglR&*7 zprn69sN9R9JqIs`67z%LXH%rSN9cDT-guH}`i*<_AwXpWy|6ylpQ67B4WIm}tN-o& z-hain!OR!=xhXK=KFXUI+Fl&qk-s3Q2Sf~TsM&HtJnIqenND*~at>gQ)}~yNS}#6Z znW6*Ea0W-c({5uJB=2iY&7qE006QJzu>fBW;yIVuG%uMF)H=ymc>Qcf+JB=={;)mf zl6y%y`v@dJ?ty*s0gnEt!Sawmg+HLs|2-xOz3fu0`hgUCgCWk#^&=vw5Q}I!fv?L)>kPFfEXij8l{586q;JUz`=#ooyDQ9?Xp zi|MmjMJiMoc_*r44=l^*dd}|FvOp{Vxd8h&fy@A{&t|%Cx?(_w2<=zAB|+F})=y;z z%Ab&!4$?)A)c7A_QX%~Ie(&o4E1n6iBwY4~59a4FIYjQiK%l1p5$I{x9@U#38puBS zI%AfIyw~9@78M7WLdG;vc?+uLU7Ll%H&wZpzdUkJ7<>>9B27eQWD+TG;Bl?^z;9O| z6SMx==jRLggDZpk;i?2w$22KJRkDmOd@>^x>_ht)!}?e!|NK@=C_Uu>#1vOo$)(9} z3_?Voo z5+F-O_0>LG7;etQW=|N@a=foKe~%gUhWRZ$Cj_()Gl9NyLzBW?MQfz70tksJe;^l* zjPc>W4SyqHr~a`G;u6i<1kH__)Zq?6*StYi&HDPU^p6Ou{l~#{$NnbAY;rl7$N9I! zyMBw43Sq>Yke(+5)ze3$E>fIOE4I^Z??`(|LUnFqc^sw@KQNJ4$=FM-hR4UigkkTL zphXzw0lS%Kjrs`!wc+-3G89pHFohVXiydSPF>31DRi+NrNhClmkZE#$1Z7_QtA9R^ z03i~?2T4I?&vnJ?bW5fWOqn;l#`^Ioh#sh>zv52do$E)9D6lthAOQk2 zF=O{6r!RFgdr3dWSY<*>xUZ_NmJ=t~)qijEt0+3pO7BN{3Z7ME&!LI=aN^x2BJqXMwgfS+ zpN7t?yZ;6ICfNuP(uKPV8;39#mf^HYwx8WQIduE6mgo#}5xLJnz*F%H9!rdj1og)I zs7{iID>i(StyUxd*}jSv=vvf&?+A#y@`{Scox`w#Ge1SORs`xy&vN+|mrP$Vf?Ku^w~t81p(m>B)W zsr(176cEY(V#S4y2sQmF85@V$7CWdN8d$TM;EB+9b4UgBl;cGP51g*OQ4XTyal$lL z`v{AlAAB3{FLhlrtb{0y7I0W z10QB`sfQ=d4r*7BF5J(Ss)jG+7Crl8Z{QAqBDlzFXOe~#L@MtPOEB%qWs<|p zIod9G>au6TOGIdtT+XcU69xW3Kga~s!7o5{LHjOzb&g71s(8g%G5Q)D+^@l+ei!rT9R_EQ6k`5S7u!}n)2m;O=Xaj)UCzCVFf6s(} z*&s4Z^q^V|Sg}@Fck~1Uf9JVARJE#F z132b3%ci$nm$yAuW-IDbC!5H&n*V(&eio(BMEoP-eC-YWN9n%(GjtBkdA+kaLV3TU z9X}2ht&YVLTMkT3L}m0_NFVF&K5zsIOOF+UE??XCl$7Ad)1efXPls<`iz!fE?Q<#r z(76!ycC62BWp1%|>09PX*RO`CvvJ+TIdWp>V!Dk#egCfmA~bGOO-s25F=NL*VM8;! z{f@ij^s~w+vJXv_b;=y{&&f*N<{pnvjaA-lJUZZrs_Qz)xc@AXWE* z5=opC$)&UNNmMzN1vAh{(xM^ors{IFs7N)^=yJ9hDQ7u9A~{^?6YGTU&nnzR-4?Kx zP?DZDAz|8{a3gu|A5J#ay)Vt=DO`N#+lvG7P9C??i67u;BH6`0*q^Vd4Rvu^_-6MG z+}<9{Z8%M}$e4dCL#Y0`IC^n8s&`(JC&lHwlTl0iE9;7emj2-tL_iyJKv2{qG?s;e zXh?a=$J>4_P?uI&5q`dyj$YnE`~2j;7)UJ|BQHFb+0$w>EmQSfAlL4*Xx4-3%HZn@{4~ZeH9$@76>hAYZKT^0412&(jd#5;}T0@GfB!G1IZ>GyeS` z>3=uoC|=zKAJjaMgwg5KS%`@%{Rr}}Rjr^;hl6AzFV(?KeNqWHtf* z#y5?a$snG03{L{Wzd;;G;)I?{eTS=~P7+4BI=Lhpldud3n98t&2suy8zava{n^XHw zH(Qz&3tF$gY{`HkaNE?ECwL2U1}tLd^&X+mj3A<$?HBr&QXve41z+KO%LVuIuPmq! zIz1;i&A$Z-yHq4|Wk^Y7C|N-4D$|_Ye>w@ik-ve4)(6p-P$Kzq9siUo#1U`@HSH%E z{ls=Dt*y8CnYcb7-?XEUd%m;H!osU3sa|RB){^>+BPsvail9cv_rHEN+*dYJIc{{& zqV=RTrS5!5R;rf}=Nef}E2iV*nUgE(E9?3AaFhYJxZ>KdwgR+ls%{JFKj(zgnNthi z8*2X?dPq3Q0rNR6t><uGkItv9q}bjvzM7hbNTQ<#P! z8OAHH$4*Z@0c-v@lGq&7bzVLW}4KBtyRyZn^h;OT{ge##VcC4^!Wg}ko&RCVDJ|M7lv=_JjNfq z&ljxRk#;h>_kieBL_FnN>BDd|Sz@UFPU60#fG@PrG#tU~D^Ts4Q{e`qq<9hgiSqw2p1O$0AJS}@$W=lKxh1;dwS zwjZ@YoVHbCJt-aw0B?GURUuy@<59TY4@-2`s|+nEt_)^rakK-crGE&2E&$WR#Y7Es zIU^ifJdB0$u~A|y+-$TN#jM-}v=v_Z&$P}!4Z}<0q@}t; zY`&|q{_(>?PNuD|+ZRw_X0FHoPw?_32ka^5m%crA3CavXNE0U5s`pYWYVp`T=u=n- z&}-T6U8y{K7z|#X(fTIJhA*lCR1OB z2=k~-^+$J20(aP|kl0v~UK#8DZ?nzo)z5+t>Eoc{q@c za4>JRkTCkc2sa3sW2`!NfIQmK*t95TIVCPlSA&Nu!I$=Ks%MG@Zq3B2iC}aN1)Hi} zo*;VoqP0YG{bf6}C|n?ZiE>8LV67%aOr^6rdVXTHmO_rFO6Z;+b95p5OhlyhdUvam*%(b|w)rjDj) z9$||pB_I~QBJhTTpsRD4CE+EV+G~nr8T(3?re~4ZoyEQPS$Tq= zkZbJBzs~D3j9hHLW;62`S=QmMswe!QEJX6s{cqRsMh%v=vQZTafMNbz29e*(!J>9* z#Rws5HCJnkjO*S`$C*V-oTZZoTOjf-u4k-?dj%BP?Nudn>}o;x03txw2e-5aMn7*- z=v5PbA{~dz*L}?n4IYZZneML&4^-cwKC6N2@rvIkx=x9Spm)7x~(bi4M2V;a+7!ZHtA#7Fg21$qhe)v8DD&V(d z;fn(0B#5oJFP8_$HT94^t2QS(!ZOAcvj!PLO?3{W!b-+LnzuH0?cu@Ap{=?`#O=<- z0H(b_kI|UK_6U>8Hp$(fopV8Ae_1MgY$^ou_WezqI18j9P9DtQq|@!ER4j5g>fiwx3JwvR@RVYkE zE(BwG3am9=p6N{UzAdsFst4fia$4cAqDdHi(8kE`et;0U7&cV|xb{c>14CB!9!rdP z=v1OJ?iHFT5?vMZ7L14M29wd(M^=ccKwa!&%vvUVs&sFo*YQCfj_P9+a!YA=bq5%u zIY%#Yf-OvAWG2UIL{|j97;ya39G64L39o<-r{6UFD#xPwPx8>Ce;3)`AhUYnd{wdZ zN#;!PA8qA9nwzX1+%?C&gbtG`HbBm3n56Okhp)rQ)teSkbZ|9mjy+7Y$9)FS1qXy4 zol{9YDc7K-FT<>ivZ?UeKT`5AP{}R&zrWUZAHhS&v)MIkI&fgE3k1l+a@Uo&;r60& zxD*j!`ZoC>IorYh@Ndv07!VebBw-qJE`BSFvwLBb{ByDp3IF;_EIRL4&wafb1MQvG zFZ-<1tllsGovn~2B6$7ATSswFn(q=ZkHU3-sFc>}4qW$EKgO&gdLqwBb*j-zH~*pJ zOKMkHo!}Qv_)F?G127laqV3%0j1=c|JszrS*?+XsV+qq8Ij4(w&eesL8~0ih_gT*= z0)W|3ka;g>9Ok*+fpkqm>pJe@>7nY*nu`4XPtF3r+w@SL=^ar^#RffbbnFYYo_3mW z2U;oD(v7OqT#o_(L%5Uj&vl#?%Rrd>a56`u7wVEJe_PML;#&}iO&QL};!IYOh;?59 zg=}N(G~AQq$bA{hy)|w85DrVrO?rtRW0f3*n#jmdJA;>}y7?Va8SzDR=Fj2)&FsmX z0r0@9-sGG`jP3YSlY;1d3l6XFhv~)vCq9%l4Y$RpqCsJ;b7$xtLir+P z@r8)Q>}i1mZgbv}cNhHZUkfqhW3&msVxZ6$84FZ=0&jYEHJCdf$Qm3}T4ND@y5b<5 zgFupjINaH4Jxn9)3btzEw>3vAePnwqseYtY`VvdZ^YVHID>(t{rLsIjFPKnzC2cP= z5&9)9;C_8)|6RrH=G&9qIjj9^wR64Kykiem_X`SU)j?rn`Z+yg^r5~^N}xK;Wa_Ey zh`yantHtLqb(gH>=h15UpCCJ2u^L&(TYAm;CQ@RHh)ONf$x?WIVI{7P1%6wI&B9JI zo1^BN-C_YQOn!sVk1zPD;D|U-N1JguUM;rcem(VA8a1uL=Fs%>TEj@Tea&@){1(v^ z*I_(#>9{cd)F(bcws@WMP0=E7i)izT&z&cL^uU)%7nJ#=gk=6MSTetZ^Fth-`T%Q+ zLn8!21Hz}o+zWW)1f1Got&DTTb~?WNtB3s7WSfiK>g&Ir2pQA_Or@3xeBLdV5>7JC zTY%*q8?K~xwR6$}O|OD=mpl51fqn2heaeBeX=SH0mFxDvt{cUt1yZVThO~8KajPy! z>A01$I&xD!MV>WO*hIW9)Ao@;5@>Cp8x9%+M=|E`PvjG)3JbwUw^ zH~3+|RaB&9F_oAZ35y&x@7dW#BdLrNFt=48W5KJe&O9)v)N(+O>A-R!>l1ArJnLWF ziD&@k(yOFye9vqW1H{vu9`l_aP|+ZhheR-O^!DE&1y(L_HWVjs3Zp9cSBmL(W@_zf zwHW0)c4-P2wdWq)p7Ir@qcR(9+l*r! zqF&AifQYev7IypxS$9yW$8vl=*HGBN+l7Bl<8Or?qGMV85spJ!`ox}AdOfN)1SdT{ zK9m<;Hi5M31I9DKTKpI(n!^KGtZr_6{6qiC_ zF&|aM(d`q*L8{YX*7PWo`_ycHOKF;wUIOJO{9%iy!X$duLkcbe=x0{edJ`cM!}}16 z^QR?u0H$im&%=0pFaCTkAX6*-Mc-b;ZT1P&;&t!UOW`yj4~DXG>Go9x-hw=xHM%Hu za|_+SI8soeY7obruzT+)oDi@dvE3a1xSUZsGgevZGJW75!o!@9K1Deezz-($57ub= zFp`%T5d9xRTL2V(Xo%cf+-!<~(WY4FzjDAdwCjT% ze<4c`eMbiSi4|YQF{I93hp~M$eme`5rnN7tfoW4~J#jIF$LyIg?0dwOK-W&Eu3kv{ zwx?XiYO+;zThcX(L-7Uap>l#G{#if6&XTCjiaF7AW@p_NG78|hK)lyo!Q{VjgvS8=>tnT0h*n!bc!_g+IK})U3=nviCGfNcY$cV<1Q>s3<8Q9mD83Dvg1J#0UyVigcq=k|Ny#(g@Pc-1Q9ej3~Un`+m6J z?)m09z<%~#d(~d+zt&>L%0fv^w4uI-rU}=XJa~<~`*{v+N_>|Jrfapi2hTg|jw*3x z-%)eh)#%9xpU$j*FB9aLB<2NA)ZQz6zfC*>Nm;7uW4}GSBsCaa+E&}CQ}ehSM=`&= z)awgRE94{qpLPN>GW{96*s^##oPp#>TXP0?Y+9s>?uRUj;s16C@x*p2IO;oa$eR82 zq5=Yw;U2G%p-T`f^k~beh5AM*L_}i0d9Il4tB1fYT zgzyV*`qWz7O4`cHDPto&6Fn9L{$9$kI*i_>TYzxPPXBfoDM@ZG?x^!Nky|#WFpND22_%n2pZHX*dA)I3!3?6INu(apnEqbDnr~$ds|UzZhv>n zNU1>_PeK4hr&1lVE2Q-@Z-)IT5)9MuoUPQM&_wlH?kn99E?gzsMGm>?#_#*`OYFkf zFAf@G;Wvo%f~ zuXK5yRY<2iVkCAzSTDZ|R3F;C6oA`JZL&Lv^WzV9n6=c5thXvHpS@S+iK#)fm5W~O z&^bq*09CPIu3s!kCj2490r0!xOXdvhG5mv*ig`K2hO?*d>{+k*%zjA9ea$r$Y8R+5 zJ|{nrIeZP?6K!_Zr(fHY=x&>f+J|yPDD>5_<8xf-s0GjE8h9=jL&Ms$XfAF;Y_iDp z+s)F@ZTl^Tom79e+%RL2W(3mQc4#Y0WBimyz++;@(NiO>H=lJDv$b7RHNuQ6K)D2m z374$DXwMwIkaNkUc^Zo}6(=(09Y&b4-d0Ny32J)Bx0G1rRG(wr@dWdLCa4X*D?~=4)5Sk^ce}VjuxDXv3D`=#|O- zC_pQJ!bEUfwDoSkk)Ko!p`&R%QL(*_r{YDZ@*g}xG9!hHQ=WT=iBTs>uhh>^g5FY0 zeInibBkgEsEBalY3h4%ln=>a597Otd2lx(5qAy(3@#V&RGY7g0Fre%cNE)n6oKsRi z>hfvb_-Xm6<`%Dxd}1@YnkWY=F#@cNWDY@qCmdBx6`ld#R*2l_UJ$uBM?Zn3i@>~J;4TjsC!YkR~tO*FNZFYMZA8WmX?TglE;IDbDg!d=sGo_zoknL;<(`Vzm8Gn#r)1vW;f1 zlkG$S*o(%xXQtU>xgn|jEp~gVARQJTyh(*5nK&4FrJ#7WC&RGh;|C0^4+v z={$&tNij&;%s!Y-QE(LW>-**iROLC@7A4JfQI_arJJ)K}8H~#j-Z|X5n5w zeu!=#z30n+7zLPCoN_;eL(W#-LR*N~Y?E~8Hk@DZyt21y*S#Og7vPiNvYJ-*S;-O> z`x44v`XSy|G6Wts_Ql6>11PniZ72vpcbwkMppmrpyltjcgTgnvv45gGFwkX&+U1RY z3OQndm)#Js2nK(F9;9?_Tuk$8>k%)VIjRZdF;4uMXJC3W4xq?QdRDXR3S?7#ml6PQ zA-O!T&XuED$di~=apyLPa)_s$9WMP7=)sMp1GZMM(gqJzP~Bo+5`>vRljw! z5E8-dJAUb8-WCx^#jG(>{-d)21a{5>A zLrdGk+tb;PU&zBvDOLP^{M=5tgV~ukzDm(1abc(WTKKXprkZ@TmMo{xvn>PR&ta3$k!@Ik)lw=+SE zo(^8>YCFmQ8>UJQT8~|upYGf8*$o2Y`flu&nxi-q1ws%h_cD~qp?o8fvW6zWX9ivT z+g|VeIoKFDGGCzi8HTF6yLE{GbnZoxDdptoM{OW*T&iAJN^Wk)n}zB67H77``bUjQ zUTDfW&+IHa2M#O>S?F`8Ozm)ix-Ql6tv%t{zzG0_DFE+aUbN!eiZ56|h%tKYdll3k z=nK5-Xy~rboWmsIzNRfW&B7~6r{nQrl4IZqx+|JP2z(>{;q!aaOK22hMGZhQ@V^v} ze7(JR#q)|`njg@d2B_?M9mP+12D#y^J8C2yN6*Px4wOz8w#A;0obC=Z*TLpQnW;Y6 zPf1%|21iuY{e@l?10W{`;%z&JZrpCq6aB{>jqXtl8t+43Na5KCayJCRKh$V)x|B`f zZ>^@uD}VjWdgOB~F386ld-OAUgJvLfFQVG6MkT|=_l;k;Fypy0GxK{U2+Rm`{aE=c z*mkr#r;jF^9>13*9f}2zmwb77#LBb9t4jYIWmGnS4b+Z)qOAH^yq=bw+!cuw(s0kS zS9MWtr4ZKzDS0i;jwDZ=gghyIuo{<4o9%F?J}uMPuhuuocI6F{Xk6HSdqeK9ww;_7 zoGYCpHu(=(QGT$szid z`x3HMdEI;b&E)k0tkud1rs1WV5W$x%0grwQ#?4_% zFUxF_@dE&e$jQQvx6qu%FoBY`q%hejs5xJr)9`SfM&iwo9LiS($Z=|OHk;r` zFshQE*VXVgyLmf}4gDxZExZNfRoF*;%G~Y+8u4Ly26&w)YVi_O6|5*qSM(wT!k^6M z%A6ky#GCI0()_BQ#Tj~vy`0=PmW6=fhP(5c z$IFkQ_e)v#597prmx^kA^)H2@K|P7<>bDYzlH&=G)H5s%hR}D?xY$w$HMljifZ)mKVWme zo=a)4R&mYn&=os)5e%jJNr! zoh|N9vi-Th8hiz~Nr{r^?r0hAVlVMSd)Zn*nB zPC=y{-3b)4ARxE#vunsf7%UAC>3DAl8~Pi8tnY{enaT}85KaG;P5&h`e_+w$b9WuR~UabkF-I`~HMJF+htXC!G&$ksM1zBm@8- zEqh#aF~i18hJ`MtK|&ujU%zC;OBvWF+Oi-MJ&5uKNkS~h1iC$HAT=|=S?oZ&gpiS| zN=mk$o8{d6fNt%?QGL<(*U>+t9FJzhJ*28+?%@gaBcd9)R2HAquc4QWPX}#K<1LdQ zB*PPs`fb)%3{-DI*&$){7f^PaH-=T#oBTW@4}v zfD_|kCFs{Y9~QMDGT?O-ku~wM=cugp&`A=K_n~|5+72XA$*G8&boNOu03g0G_cD2wj zJIr(9YEM8)^*DM-l%u@?7m8mwgPDwRVN!;JU66?qB=bw|zhFU&;}4Z@;ZbyhjG%Yu zUFDS;fawHq<-wTCXxRA{Xn>nT*^NtI!yf{kWX>5t5P}FK64IHgIX_HTSj6eP^7bVb z#md7XT?1(@X~`_o<@@|G2?j-5gB!Cx7}QXc0k;v&?AwpJ@${4IM!*aFjAw zmD~`g^H!)br9&xY4^KdOIQz$td;1bnVGpiN>fWgF5d0gAN2Y}-F!RN8yF}huACE-! z6uJcLR3aBBw zaTXXRdG@+Es?!pIVZO4&R!lFIE&=#azOi*htd0B222dL(BJ9W+WEk58)G^qsFG*%R zK*|mh5492$&&7d71Eh`4C~vUE5Y5YzE2Yy6dDkX9^dpTugZuk-1lEc{A@UFm7$lCi z3>N~xaRLC2E~$Eb-w`}UHr*k+Kh+`}F&Ogdx9^}@X%jfN>1)nkMnf@#O+cXo?+#7& zk^qxN?Rj=SiXPC63tBGrp?~yii`9th|H8ijC70+aAlHL$S!mOSFWj))x(`-kNgthC zXvWP~><8bBg!W=@Qjky6iB4kY&;RdMenWT${Cw zlIW&9*a&JscKv)=)YmB@fLpp*JpVbm<^3S5Zyvw=_yweOO5i026g6GKilbVKvW^qx zf925xuUqVxDT|K>IKkYD^UltD=6du-Z><2%0GlJT1eOs1!veZr?-gA)DhUz6V7V8f zGseQ;sYe2+0>MVcDYak}9z|oJw@|3q^m8DX>u&@boXP;ET7(eEeSojMy!DWx4k`Z- zgI9XA)LSZ40w!2NQgG%b=$lRSV(wzxlUY{W6cl|dbR_Ub2-Cn{1=Z@W(PX}S4xDNYY5+O=@J2}t}JCzSp^lo+`qZVR};YUeEUCcLuY z0>|C6P)88Pd(GwWTXa54gHprH>-riB^XZ0))zRqvQVs~6dErqUulPj^ja#0&1ia~= zUO+K&O1X5Jl$2ULV&&FDxPuj?{RS%^7vt*29qo@Ac_b7`eO%oO`xW&bqUDheD}d zU_#X{5lZG3{Vc<6f1aHE9xDg`ncZ7{qa|)D-m->JI zS_5Iu8%XP2-7UgsYdDMw;@uoCGeLJX1J0y@;jm+J!r-JXgfGSWbP?cYLQHfz?x{EQo zj((_kFBm(bBOpK8n%U7``NfQ*(6-i>$Qg;UHN(~j0knM|NrCq_4SNG5`%azA=d)aC zHnwg%&5Rs)zLA0OzmeJu33OEz_@Pf9LMSMJ0aQRp8gq8S4hmKcA=$;1DuLQ#^de|B zFr5L8#QwOvc}c5auOR-+kIeL?edFIFK6dyRXh;(1Hv>%E&s9tub_Y=8W8%f#OUK0c z(Q;sY(&qHZcUjB}4xe$Ig3IG#0GL8sit!hH!nW@!q{E|(Dd3b}YV9uwOtHjA>60zV z86FU}djcwCpB8HdGBVDR3#i#>jT#a_SL?3;-=L%?D`~ydBA63(<$3YI&)Y?>q8%9k zyFZERGKAj1}m!3*5JRw0be9fY$B7# z>6?&Ig*=WEt|B_$xg~h6==P$$>6i1t@*)5#>i^-v%xVJ-4lG}sKmqkLI3aN^PF1nNDE+(+O+m|xNm=-uHHZ&;4zBcWxRPvCG#7^i-sF^Z;c7=}uVRlkQ zx)%<8j1?g~#Uc8c3FSU9CWryBbvMu}xOoHS7eL*fEz%+n=c3K)4lbbK74$R+Pw@ax z$>6_J!qK%LJbJ&to(vH&;15g$LCr*~xX45LUiAfxBYIa9OMomC4j!+}`L4sLTC_wK zf($f@K09?3xKp|&K~KSrIZ91O9UflVIYw7DvwsOsKPac*IaP-c8>CgXNU_dhe}cRi6P%zN8>WmH)(pJ@3iG7#UkUf)lRcfV&E81 z%UklMC}@VYAd-S^j@=IupiZ%zeu&^0ESUu6uX&@Un9MF!P5zlOCQkST8oXNyRa5Ps2$q=Nb( zx30>1O9w@rQO{>u5?T7`6bq=QoK~qvHsP_F4{^o9mSO zME9YgZuC|laQs_67dMt4|DFTO8f6fPGR8ek!sfXgXgtxDZf86`JdjYXsV(NXB83dk z$3^7YB&JTFXDFjB1}DT^bSlW6~lgG&_}bsBo8v#VR!Ff_OW> zUYj!60x+E;^a58I_?V&lZ(-pbT^ybVj%t$=iUoR2`U@{7GRiO~kOmD$T4X4u5dMzJ z!u>4;+`{`0=E4+?M={XZJ4#JHTWZ8JM^-3y0D3nb;a5A3UOf6)AR7`>cy6RZZgYSY z#fNZWS!0wa4IQh`5FXFv0KyVrwwW!nSM}QS)M8jVSFXfx8|h2iIhf@~-Z)kS{}(5= zZgU|9-97atCL^L1G&4}jmKBHjrE*Lc3Afi*|7-X(1l_h66YtkW zn680fe={1v`aBb=@N{&Djd=Cq75Y2Nm%WWl{0;q{h0X`W9>xC!T;`QeE_Ymm|G0?> zxGWQTfc$_)Tn-iUsgp1i>Z72>zbhU3=P-pKewnv?3?BlV7B7K%(;Hszc2<9Cgkk}( z|13a74jbPm-{o5(tBLmr;4j9}7o8Xin4IH~uejLmh{oi2-(p&)aD_@iaH0OXbxn_+ zZiR*)uj#HftX%H*!tM>v4|5O0Tch_0CEc9FR5V5=97o0!bR-~_WsSk`EpW?T417{u zxgyPbq&UM{(HGV61a@j0dBV_%21hjT!W)Cpf(^p70(evH`shs8;U8t|oeX_J|IpNM zGuV4zK|-ul9hSa?*-tZSi_vuH=0#gsc-_ZvPT`=t1wRcX1-$G=i&Eht3)pYil6Q(P z-|&6JDP6?E22C|!pbW#Ni5Lh?2PU)VLgHRB3Ye@SkSi%=f>6qtLa95OzTY8Q4d(T! z#z*d*98`GjWj~iqTbYsqPpUL|w^dv@u*@*GrSBgbR5a3edxfvQ_(2OV0LX%0UH*OQUwsDb+IgQ zE8_*wZUZ(}&|oKmdWN^CugVi*uRd9a`oB;Nz#TQ06Uw8Q?-It+e#~H%N8=hiQbchC zHN8w2?kG^N1PbI0ax_<)iMyb30V>g8Bvs%XYk@KZ#lFu9Q+ix2(?1iC#)$SwoI)@1 zB2!TZm4!2NYm1NmL4@AgP};XPCfEW-kGOV3^4Y$~R$8-+ThaYIhg?+rARiR0 zl75KUP4nIoqq*TSMI9gF_j-fa6DTDddkN8BE#WZqMS-pXdm#t|gSnedT|xQaJnj2? z7|p7Wn<>A1_b@(skXR1y*(v<-N_c%-p`hEATN5K#=*2Qm^{Ny>aLpTvi<8Ds^l@<* zX<`A9g!!Qdt|3-J5ChJqK6H8&QL;d&#h6%!QtK;I(MJgVP3)uqpT23}PYe^6dR0Js zAiefud@G>-peyin5S><|q+6*sh|WT^{GT%@3BI2pJekWOJ!{P~Cx)Kn4OVbzaHvf7 zKjBk&ws)nn!4TvTLvA{WB7!lI)b6qb#iWA|DDHy>mT+M%2N@XQ67~XGsnZL1@CmUh zCawg@!QG|4gJ&`YV#Mo&2?dk_CYMm zC`LR7S~N|wLE{*qbxxuE*jZFLEYi z7tv(pGH(#?k3d1(zEX^H!N%$_r*uNanV3o`0M}EP9%n`3Q=$ZL;1{3fz8C4x<7=fQ$n@ zR_Gx&Z+vZo34C?vJev5z5YBVQEVRv?RLTRcvR0R@R6`T9sE{BhC9H#;iD5)3sFzCW zJG-zF>4L))%bEHP!#0;Q6ICVD!V6ijkYYn< z1pmU8EVP9~y8=P?AfGg;%D>Qr#&5@*gJZTxh*I=TJ9UyQ!Pr{(mpQn50k8Ihc%VIx z8KSbJ`cd0^cg7hMGb3`=FXIVxD-6Aer`Z!Ai)KlS5-~B50M~p?!P0E7=f}E&-xWfO z{to4j5uRv-E#0AGC%0_n#;(V!0dD2GzZQk9v3u}CL&U9|Qrq}sn$h|a+tcp1^md@c zTxKzTZ-uf3Prc#Z6zDD*itc)Th9EPS^Wc#ZbdoHKCuZq7`#~R$7al9?{UMd243v*; zrj#_EI!TaOU)@)_tn1&MP50p42o?1JHfUp2JeQzANwoY%dRVEFvIls}B4&|Slk#f3 zxarC`nt#8y&K zm2gY;j#UI`4IZiQiP=D2AHboJas)xlXUayOs}cN3f=#NKH~Y+b=0~{oD!ZZS-ve)d zE01{P&l))Q0t(6&M;0bVTLf)V%7L>al zeFPmgl42BT{t6KxS)csK7m`00TowFGbJecYM}viRE0R@7E%YN5TP(!{A3p~dVV91nj~3G{kBC>BqwoUw3Q6hV2F4H0<}eW z3o0x{_*}goM5Ljgg1x>&W)&bDa~uXA{=Cq`AzDp|!!BEy33+`J+?C15KFEtu<(o~Y zqX0yFMI&)xKJ9#Era6v!9DvblRteJr@wPyHjUjK24{D$Fkqc%&8HzIX=wEkVEwuH! zXLR@_$voQ*gBn759gbIIKGzLewi)!dH~imrH8zE7n#^Wbm{};G=_c3vaHD47H^oC} z2aU1CgaQ_(NrxO$y~9yTIDPc*FA#uPtb8^S8eUsy2ZfTOexbThL|}6uUjy~Jm+z4m zoCzKL%P7$$#)fWvfW7WZI)nZ$l0#{C$!yut_jjA`v#OOkR zJt{fMD8JlpBbEh9@*{n;ptl}dN;x|{It4#u`WcV=f13 z%aI3eT$?!G!!5nf>dZjh@b{6dRbqTGnF_`5c2RbPAI=#iF@|PpF+sG_>zIbsBmv~a9?)Y}x~ls6zwcw9DMQ5` zY0c32{_HCXJ1+kRw>jLmpMmp6l-(i`j6iFt5XyEoEI{P*JD_S=TYhiF8{ZWLSO{fk zkuL9d&ArK9(sN{bxNO#y{p3><{`!(ld?{h7+I+~0gK0Gly5Yt}$Rs~AqP&AJ7O<}x z8yobg<7I`PTxcsxC@h%&{Ao-tN;wEF{wcvk;W;U zcZH0K{Mg{qjG^U(K#p-0!ega6Dy3+W9{UEa$@>~7>IZ$-AUF`G%4B--2#zXUnQT?) z50)=Ph=83R{}G+Ov@`rg@I_xlwz!}#gJU2Ac2FLyB`36JH3P5)e-8NT)_Z|{s1}Ss z0zJ|~O6ZYC5nS!mR)2-xnF^6bycxLTFG4FK$y$4pAS4{WZMnip{?%`?RC5YvQQQb> zWk`Q13xC=D>TEX(?oNFS8RoNO(BCw%A%mVbqkL3ry5hOWdCgGy$YjHkEEU5}W1WKx zP2)62j+`>KrQSW2kv6kE)jsd~n`ZmmEvI=m(yWdDu!DWQgo}}(ZpoIWqO79GD_riP zBK{#6lj3@k+n+IH{(0N48OKcxpy2E@@J2E~nK8qedM>{Mw(Qk7}Z2T8jyB zO(FtCjLE!&`PYfHI*ixENK zPU0-3wc&C*N*X1j-{Xd=1nll_v`Kv^2~VBP9n)4@SnZvQ4?*-rl6e6dtchUwdB5=< zsybiq{Wc>M^Gki8E5gq)7eFnzHcEA(F6!kC)`yLxQEvOX{pY;Tm0#KrT@ijxX2Jkd zlxGgmWD>-8p~7-!qxIt1sJ2LyC(#uV8M+KI6k=JPijtj~S_}J<(nm9qMwa+ynMk24 z!sYNH;EfA1dd=jE!f&Dyia5U>y`ulF^S|pvxaB|T{7*VbI^jQM`=7EUndbj&=YO`7 zg7IVnQp6VWh`@_Si4SLI(;;l$HRbQT2s%;WPYSc+b8i^ z2O4y(LBiBAfy!uKBeD)bBE0y11n3k?>1uEa^Nn4>UN%TQ%@pe`Xl&rlr-d6Qlv|KX z&LN6y3TY76D!x6dM0>rE>Bhw^D&(vVRuw-=*XO|e^NCe(M%<-&IW%;Rp+XXI^`b}7 zNc6IZu@?c>xPM;d(9$ns?eQO?LvByxbxd8QMMJ?^kOc8(Ulzfq{5=ygiD!f6Ar$4D z%SkhtsN zO6i(X6t9|`aFz{0XDRZ{Ee8Shaobq(e=hrDz^Nm6Y@Iqc3RHRbySW1{TsA3id`jQZ zB&7d`-J=>5yR`iH(#Y{cJtN8gZ#zqb#&Oe;=GxSb=1|63?9v<_h`DZoJ&4XmuU0N{ z9BJKUyWSlIp)hQNc>g-|;{NyXe#}>Dq1Xl{q3A}YDDlL?u*vfJ)|O{>iJ~ubiu1aC ztE7cl%KWy|>775_czOg~ULO+e(Y57~210G_#`qM%GJjkuha`>7(@Wqq(3 zGka4CedO0#X93gEZAPXauP3ax$o@5x&jo7TRo&!wqP48cD2}fNHog>0)lW{`ZGxFo zx+j}QzCm$~<{XuKiqULdYVY@aVe|g!wX@kmXi{{8n*b0nzJ@*&&23Zo7yfar0y2KL zPz38WH)sy@H9d7C=w`fm&xb9EVPX3OaV<|(58-A%XcncQB2IGx(&MJp>etp#7;V`< zHUsR*l;M;j`aQQ77?@}=>G@(y-;Xx?$tOo#jvnaOLCN?8?vTUA+-eo92Id+O&OFst zDuJeI_WbqEQum~N--}1OJs$)EQ=4ulcr&%x^*JZoaXt}DC(l{HT(bt=dQ@1WOxZBH z0DN@^QgZ)l;-1(Nk2~dhZM5%7KB?1{KDj$XtLxv!FeSGs4f~JpG@6c6{{A6UPnk}; zx1ia!-$d~N96{Fls0zvgo6~alR788Ib6MXiic`1wa8^-{Us2L<@?Gnv{9h|VqS@41 zLvvLu?knIe4mBke6!W&(Ik(3|jg7rAh5mEWq~#OfpAmKw>6@yE=5!e>kE2sxZ`%L8TTzo};*xptSj4c9wk{p~aJ1DP4_3Tcba&632| zN4Jh1$X2}8MlB{LHYfj?-1#w=02jReeAmkIQ&7k!E&zp?Mp{UDbeBEYou@cTEAro# zo+=E<6-!ZIi>giXEc()YE_laqcJK7IG@qBR;g?RpFZC5gETLmJ2f_iqTurAK6w;HC zEC8Qiyt<@)ax6)M(z4deJ@#F&nz3pKc5rZ*2~SCpn4Oy&Q;3OH{Tb%@q#d^y_NFo| zRPWe{s%ET9n|0OxJ!V1@ZyoWov$GK~G47+m78VvyXqifa&t01$3KC;yEiNzRqaR*@ zbKI8GbYK2)l>OVGo`{1}MFlZ%cxt-K4;e~c0V;QBXsABh!ERA+^7BXMhA00r^5tCm z_H~Pc+XnlQ?)4}62mSxeZ^boy)_raEDPkRd)Wx|W_^N9Bt5>`IU%nhunlzux7`(Le za`e2S*p7%Lrgi%VXmN@+11&>Xrdz0}*F)W-^}GAoq`EZaJ@3M=>FDX{ah@ram$4iy zdf;3UQ@|;96L?syf#bRdS1C?3R-ACzjI3 zp)3_{`xy(4U%GVZoWJP)0#B~s^~_dnTh&ep=bwIk3sD#KT%bD^D$UT&Ccn`z6u>l+ zYNJCWgpckKf>}+TVN|!_n>>DB--Wcn8L{~B5uc7e*4pp7F`th-wwSn}t?iONJ3A<$ z8?x>JBBb@q^*bH1vMQUJ7#AF};?4DN^3|VM${#bnD0TnTtyH3NDL~f7jPr7ITwL2t zx?UCHj|r0>^*`dCAX1%s8${eAEZYvvoByI61NT9sKjDWnQY7$5q$0An*w|QEU*DJj zUs}dt+n;{+NqPJ`E@`(hBwgi=7o^)Ojr{pH4DIZ!ZD>vkkFA~6u}PDk%~vmVxOKAT zx6_5?|Fe;Cl%T_+%DTF z0#<^qg~6JBaUQDrhHe+%R-SQwAZmd)FzbZgiP+kvhlXeH5sRO=-pZfR9B+G*3D>E(zi!HWVbRrMwuSdEnsa98gxQAg61n&69Jz~#BpD~g#!9-+K4 zD|r?`fddU{JyFgZFQ5R!CCcO_{H9#A&=~!AzttPj{8;gp3gi2*e`{h`~1M= z>M7Hy8m6h9{_-VHwFdFK%374kLwJ5O7yU>HVGy}T;=0|~tvr*HlLZgAu!m%2$r-11 z@&KQ(jtT^vbuYW1t}gMIPl|+!et3qElOvR#A)~9OZNh=eYfc@vcvP6@%&6O4>SuE; zGd5O`SU+SFk*7&2$c;ptQ?~Sob;u!sJ(eq<8bIEuF34Tkjkvw@=Lj5%gZ=%*pPXMx zn0Oduk6n{ZnfH!}GI?AO#&QMu>w_-TEt*ZCaaJe!eXH11G^{UY*Nlz#Rp~aTn$DbY zfgx7)94Ux+2-jhLFry zfd?kpMJL%`hvlMu;hVxdU@M*4=&NgY=QlR0HOYAfTJ9uy7;aBNlk$GZShX-@4zxh3 zwuT~!93dNTwC4@>4h*=uvr80&oqyTU7Mml{R(n-4{&tHflmK1a&ija|ry__=MbrLV zc8&Suo!hr}sGb%ci+KC?wDa*8(%oId0NrlqPszrZ`hRw z>}21SH(+A-_Y3*O`$mEEs@1F@1_#ZkyM6?D%4G@&$_>2pl`_ATn4H|bJ3l==oj2~a zq}d)b9ult{v;@&9R1|Vs*)5rG9>-L&Wnjqo<*3a&oe-q-h7{l(72Y$^$OCIi4p-Ch{ooqvUv4 zEQ;S+e$?DA@WHKFZ}~_^+_A0biejm}L0zmnb5vack=QkS5{El4D(=a(XOHM+WdA$d zFnW3?t82y!=UUAG1}P^3^1-pyb?@GHs{FW?ag6NZVDW8zKZc|vi+P0C2pH;x1&7Kc2Lldy+=MA6@xv-tr2)GaN6m339Se1fg+aaiRw`%0K-iHeDJ z?anu(J+3at`F|S}u@yN0Ib&35vPShJ2A}-<=>su>16ZFoxS!tMQWS5Oqzr8dT6BHAo`bI#7 z1YFJx0}S}a)xd$6ZNOHpU-s&f)bnAw%dtVJW?jYBHyX~)^gF*P2;=qkU+1ukhjh>N zjJnv?ZZ2QOQ9zs2v z>8Tx>BqlC!!PrdX88s#6`->TLoRw&1t;kFj_b)u}_SirE(78?^(;EER?e#kYn;LZw zH&t5?*qrQcl2rd?kc9`ZwP+)-tP1Uyc}4; zB5D`#CF8GudT2e;g?E9adHC%9*TvrrX}!AZ#}| zcw4{t%4Y$%Mt`>JeyQXcbQH)yCUX1FXXsu$eTBN+1S|D z0e#1g@8Bjazk?c1x*KzE?>rZmil+5Fe${u^uD$F5-=ayDULt#dBxt^fD=ZRo5RD%EIwEXF z3x+{dj+3?@xs7){lZ0{ejwqEl4^P}=#s!r&2KVy<%9lcqAfMt6$uO`RpBQ@FmOe@{ z7^VJVe280Y6l7pvU^Hg<6cKjJb`bK@iC3SH6zMX0!pAlt_Hml!0O|i0Q(wghH?>O9 z@d!E$rcL*spE{{ql^PKxbQl3q;}2}_9r)oq6l-MKkan`b^ifLw{LGkDLw8zOSeQ$s z^3p(&`UH>)KT2iHvg`X@DjYU}y)eU!yz$X;QOAuRoBvj*bi8Ex^fqD3`v>TH6kW5k z7p-k33LI)hpYxO&2JT?wNz4-wirraU;^A!I{-V#9x0QRt-+b>xlC2D#t2_d^^mZvI zY?T}TvO~gHLsVS+gr=ru_Wckqo%hd*k*51GHB9x3xInVeut!&v_%Ur9QBZ>TJvd7w*?7Q( zIMHX~-c0zbqb^QbqFm1CbSAN4QH*Q^H{^MuOJ9GOQtP)11CMUN{ZvW)idfRWS z-F0J7y9S%?88>Zr?MW_RFPG=vD)rsV_u%y-px=%=IAl46q>(}^rvdo8@7KVNyaX7{m}HZ+sOb)vN0QKG+nR)TSb={5xB2V2FUAn!nmpIZ3u|4pQ-{h`lPoWZKJVA9Z0&WBuxr`nf3*TG>@RvoUdeG@4p!gvg3KKrUNaWh0iKtqNE)fb%}z!{#khMCgG~wx%64Tm zn>0S(81GnBi*LJmJ$=%ne0o~Xct@@2566)QnukY1gVW`;tZiBZeHIp`w6^o?%HnpM z6UyGvp#LP)VsJmf*C=73QX%sQ#x&8tBl|Snji|lZbE63zgO|2e>=HNZf1L3`-kWG& zzW?O0f#)g@I<15pq+`=Yg4Sv&$AcECK4xP7Er#c~y1II)ukapvUU5-T;8?k}%<$00 z-$R}#%j#8@u`knA@ZO7BL@Y^mj)81Q?o@@TrWkA5k6&tYo_+Wb3<-VI*W+4Sp)4J+w-1)+2q)(`Y#U%S@UeOip=%}a?m6?pi7jG)-at16vo8MA& z<`b0KyVXxZPFgynGoDA=13boqwsv!tX(}w!HWQgUpBS0UH;*QnF2v9mG)}0Gj!iOQ z0}jUSZ^hN5#haCdO&18z51I~k2?R|sVKWCaJ3D{)1ajg==K5u2*5J%$)H+@5 zV_cH+>|a*g%+pIc*P9aSTa)$#IhdYrzFT;7Mv{YO14m|V;o@|$uR?~!w<8V25*6HJ z!F&#J&P1E@>{h>pu^c;NWsQXjiCtgL+oj8dS`~Use^chkA8bg_g*QNDb8|o(!FM4; z?b0Q4Ox*<86JP=c4!Kt>xe5cnhOYd+mPBRbqEU-At&bTIX>-1)n_Qz;^{#fht=0Vc zjq4foixooiM{eI$k|_UpuR%3|q21p?U8l?6-E?;2qk`8P1xC0eni*4wy(9RzT}i0| zi@ggz-AzZ^ri#qttv{4X{zyHl(_kLeVWMC)mTS{sS%RBil=!|o(~i@2pSC-HMmO9> zo?hIHmSgJ>6}bD2(?urP!nYJ(GI7mSPuScxQz|r|Wx_2O#Z{dykpRwwU=DkS$RvOyj z&pzxv$LT1}RgmK_`T%(pxZ-AucV%oI;39UY=yWxnANh=%DbF3YqUY6eY~ArV=j*PRv9T7OYe_M-J4hTH2Jeblu0?a?1D_)& z*6_}qZP;e*Q$2{ofw_(txF+eftCYfcA?;2s{_2=k^;wu&YOHY9s7ma*p+fp_sNgovIDilFKe>~PycM{@ZO?6c2MVvwq<~Q z>BpkvE9KO-3J#Vx9a{^D-y^~P<)2iTh`|elC9JuTyl~Iv_{WyDE;+L$dWBNq9Gtj? z26o)_f$riXmh`;0=$@9nY+)>fQv3^Z4a42^Renx_ zyQ#wl=P}s!FTJ)ynWM>s##Y|NZlPdb5D|y>%uERaK{13>gP(v18d!=RNLgzCh?@_LB98B}sei|Duaw%UA@Z^J;q<{~{>RgP zIkwu((^-$kmVpKsUt0%^9k~bQuK|vIIVUP{1*## zmGOy*le$M8L?y(I;fUqatquxhDQ{Y98v?aEcA3cT5tJQ>m=4UDpVIv3*dSiZwU~Qz zMm)B`<)KN&V4`)W4bOLVL51n*icb%`J9or7b;O@6ElKfQ912u$HZaL1vL;t^o}&*u z>XaKqTQ1-Ab2_)FqNz*BN_&^-lt54k4{k^S#{f3MHs>}i)0At;XObEG7d%nr`pbJ) z31LJW0S$A&F!CvwORtbz_$!6kM=IZ&M2MAzL|yEl9Ubp2s%%=Ls!?UyggtaWZywH` z<8qL2bEVDDaDU)-e$-^jYOp=3?!ejAkLa#a)MRC&0m(5zG}5vbo>AI$j#*Z`k3?2^zqFXB<0l9WAw5ARs7 zpvCfX@_qgU!N31+Y8o@V;avCGa`{`V?jP1MnPkn4;Ef3DOZF2aRrmKG)W9S`bmxkJ zUJY7Lw#+3Wq=Wg4iVBW|JQLikE> zv7gOBv2!0?ENrYtiX{Tre6;WC%+IuGvh&p$Hx4Y6Q00SrU~QV8F4^HFHN#S+Jzo$Q zC)KUp+>y5LJ+{00b7x0|{LDms@S$gR$D4@32?OCDF5 zdIIDB_E3|R5Kl63#Z7;->g=jvAI;&4Wo9brEWZDoHNfU_fMxUUxYl8It9&_nxrB;E zDLfKb8N6eW2NBSMqe_{g4D!uQn_QISbEIPz2i@oL`F;hJ4uBIF{W0voDq#c+GeWQH zm%PE1#52)?;&2?Sk~ryb^yqW8myf)Wt8kmrG*z7MDO2!xiTl|rKP*=7)Zxb?=+S0d zM?3OnVAunBHD+l|ML*l>N}oM8KV9l$;<=vF&M~gXd#y`_0B$cmmF9T5?x;6w++q)V z=i45Y;R(A8U?oN$a0eIXOtSV5rS>>akES?^{%kR9>a7b-{(G?y=p3cBhd*tu3|x*q zZI(7=vjQVI@(VHZaSFJJ^*Rj+O9o6ZoY<*7e}*$}{(FwS-nS{cLuFSC=UcS1c;y$m znsoYf?OIPrXXJi|4A`UL4AJh2JML`@Q8-U4szQkcG%ePD2r19@&|KnC%f3!_eXfRwO7ZS-wpV~>XqA4Y(K^x(_Vd=qRLNMud3 zX3}aB$q5qK-}mMWB9V#kDyna7F+tsOhR$3 zsU-{Vb6XiJqTLLc;|F&bVodvAo0?9XY~2>6-N1pH@oZ~0*b;N8ps;PePiEA6qr!+% zn@6Aw&QYJG{IkaUP!8<;15XF3_YlJ}#SMDKxivQWPXmXY7@r(UcfU7tz-|-oE!@=H zaMs`NW5S4S#07WN`0g5iB`M1b^R01O94XBcs`e8Fc2m;b1rKL?TPrh4+KBCOnrz@q zc|W2_=o}`_%RLF4vcpXbuNB+npsGIqIgWTycH(2d1I%rfvp2TyUF*};SyXUI{>+3$ zWnCL&Q4}7fj|b>>YWf84B#sTou}9og<#Bgqgjmtpaw+jvhZ(;dY|Axjm%3(alV-IM zV*jrEO+`ObI9@taYc=Odr2=W#TCyBZ?B8v4Dg zbqT{c?6r8Xy&ju7MIxta-jd1o;V>^IVVzeJy_HjL)b(ccHYm6 zh*PnFs6>X3JTvmTAx<=abD|e)cI*am@iHgZ;y~P1nzZ$2t6CbiZP}7E(puu-ZZp=M zkK|;SnP{2T^YzLij~L!`@Te+fZqKiBqhFC5U8?-W)X?47ow>NUh@?NGRpb9!oEfmn z@3&A7wQ2rm+gmxh?)gUVp1f_3O3RO0Lt=C|+oI`#>F}qDt!~$G;HCMLOHDks=j-0s z=|5_4gDM?yMzwd|RoAmx%rIoFa@DpvH$S>J{QKdI!J_-Nb&GWiHV1jtkC`e_iUbf2d@)SEu$yhlVcd zZEZ@nDilEY1)k3TgtC19Py$ZbI%A)I`4pyt6&}YlrH{6q50>7&_+7$r|1G890HPJk zzWG6w9G^$Rg<=vz+p(F5=PYL;#TR64dvkt)b10!8L4ad-_40vH00nL!bhzK@_9~9?&n(nKFfTv zrQAqexAA#*>gfHw@z*}w_m#HLMmRm}MQOVi-aXSyY|Kh|E)c$MnN zQqSkzKlVk}rYo-{?xj(mta)Rez4r$T_9m-_AsgO;cM5g9GWRT|@*b9{Pf5Ob(f!cA z>y!ISnaSJUF{h+LEiT@(7=B##qe**g^4Y$`@9m#T!$*rgx;5x~vWr`7j*j(RaA0{| zI$Ir|B_nRsw?jE+Zax80 zNRlHmmehQ6kDwRusuByfG}+p5I$Wrr&P0pN{d{LgY_@1er|D6Uzt@6ZF;A^OOBHU7 z4pW^hy6>FQI-#1K-ht^&k8oU^CDpFIScv)p0N2O?e*MRW>7RhVMY zqj!#-wW>LH1`gAQlLNNec2&Z{dgTGWa(0&RSTi(qgWQyC058G%OQ|4l&^?YthoXYy z2nt9_cc=`Ylt||&-Q6*K`yQEb^qq6o`}@{e>#TFu_m{WK%)R%%_SN}BX*IZOIG}bw}(Dt54%haFMSYTU$jwl-NPO)V_NnRV9!I!|)O~uKbIxIjg9C}Y^YJ`B zZHgg+qGPXbhe*TZ22spyWQ!?dj=9DLPL1LVoz6)xl7MK=~M5 zwl>e@H^2iX_rAFT-w9_g|F>VJKH|%3FU(<@1k9%=H1m^D5#gE0enmA+O;fjFisiO% z_>*n{+hMt(hD-xc%02#pfbK@}i}--;zh_?v+$Ca||7|{yX&@FQ=&_E{%D8Kn?H_aK zutqBrmun~p_?MrdS*ThHTnZDm`nP!2!K)%t+|GDyVRUDgBw|H>CtDx!M$_g2RGe#38z!#_kuZ1v>)cvO!N0bu3gu4s=4?pHDM?z zNmB?w?TQ?_sOa39Yhi!iIr=J)6;T1=54$x~EI}Z75BFZ4__LhNcqT#NJ49-E69Fy< zgfIWUq5jXHPnQ&dt94>>GT^jM?m#k+KC(;2xP!(b_WhlIn_F8a+ZH47*-~+Q->_JE zy{^2g!Dy$RL_a zjb?Y=cn2b7ceW!*kBXl+LAwNG1L>*;(}7~cZ=WEVV_T&n#qNB40ZfMa&psL|EOk@) z_--8j@!(4DjTI4EbNq46M^G|f%8PmEjp+LzTDhBdQsovif+w zD;XaoOdas%FpqQij_eGN;V#L;rKP3q87A^6I(Y)E=?3fuTT^kf-;?%(SapZFFW&lL zaHHr*^641!u{y_vIhoK91ia3JJ20r})!v z&);Pf##7OCba9KF_}hG-rni4Ey6C=G=6S@THBa6|JuA46<8&0rk48NMxe&AoN{sBG zQR1@k%27;KR#q-z8O1qvbjlz*2d2#OJ}v(s^g4g21yV-q;eJAjDIOBrsAZ@EHZ_DF z$a^CPP*80kKf1lEi@B$#Cj-QrwX!_z+{c%yjDh``>y|dg2>Q8G`f{oEwz{k}&mtNb z{fyTJs39rDAnUnN{?!KvWsugFbrGI%k5vTUwUyx%SpLm(dqSJYKalzzS|{X;H;o? z4Md*r)<-hZax2$<_5sNYAO*074-9(=)KBlmr(9o#GEx`Z3@ORLe$Rvs_z-*fSGf1o zA&_Ijr+K~hU*8B3E8nhZHv!MNg|EQi4Z3b(*W6lKcq$a16LI-6lwkx3iu82RSN!3J zP1(-baYTw)cjp^ui3`zif#t8+bmOy;D$@YQw@(J(Q_ubY06_B@JCGWhg-<(tei%}F zK;TfT%+tfN{lhUf4|50iEtF|&UY_ijLcr=Ny~8k!RH3-DZ z0HOYxS`+*MF8;P1i)Ak;lMSZ;LZ zTIopT8LLYzO@ssY*wYPTVc{H?D;cGwFo(rkT8&?QhoF&tOS9=#3xgMCqN_joNIESI zCp5%Ji@)NJWShU6U6GIIHwFrp5TdUFH5pk0Q2pbjpO@@@wdtP#!LG*I|JV}Pz-zbkE?~C%>;Baw-$70tJ)z??4b7Ks|HMp` zWyL_6#uYU*(sW_En=vCxc5U71@+D-cg7Ip#hNA8nH(P%52nO14=GcM)aW0kU$lbJA zaN{N3mkMsW!m}+%n_rsB12|}?6}$R3*dRdu8NxTB42@$@jNIVIuFv@2Xg_?BTe}2VJh>Fn_QX?uPZSuD-AkpSl=gpGa3QUS?ebG4Vhj z5e8yILsF7h2cr1A9RB`+&iYkzFd;o%@M}!3yW96(cVP^FN;2wPc+OeU%p*#eLaW5pk%UfWMY){*;=^b;%u5<5c@N?f~yWRw?BU3zZdp| zHcOW8v)3T@=F`J9Wqj$cv<`6HRnSmMnJS2tfcOCeG)?{u!u}}qpTE)XDVP$6aQ4u{ zx3AmF^C1CkJV^J=ZLMHVl8V10xGJpNLDpGH!=_#0cwBgo#IZDq=`ef_I!NfGzl(hJ z*{dVQZOvu5

pRQy3?{s~PGIl;Xl9uSr&JIRpOS)z;PmK?+??@lr=v(|RlNW%l~3 zZ{Q5LTTuS@3#uvifhW#0qc1tn`i2~|@v~FWI)8lGHe`%GaUb{HmMOEEA!)0hAa8Zk z?&1^ZSZ5Z1IJ{^x=1b;`d-jz8F8(c|@HoUZZ@ej=GQ!yUxUG8}J;Gx~Nu{ry#hbQ? z>*uts%8No?;|~+Qb7^XjYjn?zT?cm0+ew@~^()!+B9!!L|0<2pZ=V#D>CqD{`f_AVf{eApTkG=OTD@jda%mOclIM_(9~c=^%t&}f}()cy5}iy$jq zEIT@lO!d@*@|it*Qn$|g6LJA~4g@79L%CxRx*t&Z@zYcTV|7rT0gB1DcJ=%xy6-t82Bo#_w3|OoIFUE??PD0`>06H9_;_2Jn=1xQPajrh z$*3BtKicGwOe@X|B13H-kH8|rP)tO zN*U%C-7L+g{p(q!53AAE?OznSV{BJz7RBH_Ho|FjeXyzW=m$^Xwb{3}l=McCLoE>}$Jx!eUcgY85XaH9ZH zszkM1$l!7k$WP5sV0w?wSq4dqRwxT=xAPh)T}P%1M^?f_O|Ew`BoQ(bPH=!^5_rf< z0uB)<0IY=G3y3fo?V~{WTet1jx!IAdzraa9Ka8@kzRI7o)!B_4rv zL$kMMf3XHsHkIc_Q)s_eQ1Kyd_C`ATX!m>noBNTlYcgWyX0As)@v0zI#lLSPb<)s???X;A{MSQd8;|^ACoG(i`vBBvTZ$-ESB1l+Zu39k`Q@VlcpI z^5iB=3G$gjn}oMOVOuMUqhtgfItjYpq$uBQo#8q?sFR(I?5D4ME#IILb!n5pIFq2T z@Ymc^WZFW*TYwPO&?8RFek(8oA;_!sm@kY1Vx!;0?p)OwJ3*){-E#v}%^A1k+_*pv zZLb4BpXy5D`L%Tp2Nb*1hI@CJrCj~}7MCi>p&qXsi?6JK4t5h-_@?AhGBd(Jz6Us1 zZqD9q=jwI(m7#+%-lm$?)r_9Yp$*=My8Z7%5(%}vs=^TRHYq@rW`Ef(hZ4;J@+MiQ z_iZC@GnI@})6R^Hl5?gjGez}2o#EllSDQg57XHE#_d?&k7k8YD6ubcxBIA}kE!6hK zj8P1Rw!Qw$UbZ>G)6zzIvY%l0G}wQs$ZY2dD1a665#ie&I&nqs$8?#e)56l?@IK`I zmRpU@sxcBiYXqVB1ZqHRzrGLe8~k%i@U!5|U$V8|5O=fX+#}ss5+`c9(!*EpjZpdn zLQsv@r`-B-!kbC1?*y<*!)_4A$^!&=ZPQENRp>aduWa*GlSyBGB?*Lh-U28b>$*!A zvPMvHAox88D#^99!M)p}58T=?^Hk93u0q?V*y4@mu(NN(9gYyXt5fa;s-af?D@J0& z_TR<`>I8sbh-FbMwA~+DnNCmP~*LclS_0*-7cK}e(8cQkJ6}B*mS4l^tBQ7FuS41tZ6$v-A}JeVoX!r ztg2Te_P z4F^=2wB!jc<=4;7vgB!EM>;dCNZ$mZX)Hs?adL0c2XC4W`Ujuf41~ux1rqu5GsALA z9`ENyH%rEGdwtIF6Ke$V0fTa(KL%ad#_Hd90A1{*#}8twh!n*!g&d7r*{B(PU-7fZ zhHc!*O#b&wjt3CVJBulh35USZfH5?FCPFTFuhhoZGLz<&_oLGXJFK$W6Lof8REF-!434T_4yxqPdSxSY<$I!Yuu7|`L3cN~zr zN_;iR13y5%kvBwkp{4NSi>Q1>RgA|=Ptp5Ty&0pfQN-TidteY3NA16aPe1r`LzH_` zRKejM5%c#yM3!ew`}-b?E4@~Rby|`|edsIk3?vVR&{P&SVzC73<=zd8 z>fzZ|?*8vFNT>1rCgb`&_lS}n_5cFZz6&5hh6p_3!wp_YLO!D*eAGe5u+i9l#q(s$ zv}KN`WziRjj$Ms}h8pO9piLR>Au1fi*MJAK0yz6AA6+5v#z@utVJM;)JNPmrG|#<-Gh ziVdLV_+e}-+2a9kXh!D^0b=}t;p|wA^HP)=Z$)lI8ZCCTNapvZwD`vMuy-PPz1e5v~#eIat$Z=CaM zO@AR@!~0E%!;OUw$t(2&l9h+O4){ttV(;X%+7gEh{Xx&KK(t}u8u3n=wG7+azs#=u zFdFp$xOK$MDhm9)VlmdflejG&d*aMlzSQ z9n=$Ul3oqrZhuWGXWv0+0)gtJ_Ggkk$>up2vM^L9swKJ9Q))U%XG>@VgMLhPIRGc6 zEVbCZVp-c>IDS@s2j*@0R8L_AYaZ^HNY`7I$@FP`$Rd$FRhq|BKgj zV6IhHvsI4vU-<>?t?jMl{s%qxpTN znpLdGlDw(p1_WG)cV&e0Kp<9cGpjJYhpgA-HW(cuq~703kTx8m6twZR-bFF2&jm`= z@(v)Xts@5SauU56zLyLq==)8)dX^iMa$G?Dz>~6t=0{+L)a8QFk4fY({x+n6(3-TK z*v3PSWeNl3C`P2m&?Eb}#iDG#&rVpW<%mu~I}24bMH|*uXJai-bRfP^iVD^sIp3T= z@bH{n(<8D?G^!s1cEVMeLYQU-_oOThm*Kx7yJzKmZd3t=Q1x zrv5=qg9fFWE_->b^OVY*S9&FF|Jwy{lw8Pjl2gueCH9}KS-UDT+!pJwLyiQl3-gB0 zxegBqH;Ate@S@ub)TZg)X47)ETLIk$K7XN_rZ%!OIgSD@8jTNG z-~mv)r&i|!4{l*aQpgGS>0WO(V&lgHt5~@#E|-oj!gyqqJIxJlbUR2p6Ps_QeZ^;m zaBuU-q{JkuaM3qa=ltn~Okz)@#0)Sn#Mi1TJMibl zT~&PPC5H`^qOTXo-@0{6_x`9#lkC<;6}>$6^jZa)vvdo~^lA@}b*qulM84h@NGC*s zazmOv$)X7cld6EAxIo#{;2KS)r5%GLtxE*hoL78!g66&oU-oBV72PV6)aVF(U>s02 zMXoCV0$z!CR1sJQK&|EzXy>nt^cBoDC7QSTYG0q@Q<2nNr1l*|%;b(=O4c~tKZez3 z50aj}#;==w@4W^%q>i;H2i@tlX=-1PSRb!&gqug>>Ht1t=Wnu10zsJtZz9~AlgoP= z_WMwWn7$Q`{4m|xSfH2enp!nPV5NnJ60gD$9h(QFhX$PcQ=OX9H5pa;1%t{qf11u_ z@d@}|*tzV(tDbv3_ajggftDLanNpJ3Ay?aurvLIq1cVY`DI0^bDAO4m!o zn;6skQA+Ps*?x6P95cM)k?Wh&mG^!*97ftz{ zy$PQMs>{{%@zxy0NZU^th))Rl3i&NIIxiN7>#loESbegU!!6eDgTeWs(_HHv5El3(t?ut~4qEEOp%+}sNqc71gq zhb}4CfbyS3RQ^@ZPy`jPUG--XJ()T@BAx5+Ad#+iCWn{c`~~y3iz#7oQaJm?JI^BX zwPwxohQenXB?U2z!+LZbp9v)9C85-js#^)gbJc5_(fl#wvPP0OC`oOKEdTQFTYbsLLlvTT}BRmnEx99~I z=O3w*oZp=PDVa(yTQ=r2JJdCe(T({z-G6eba2UPfI`;w;%+$NFFx>I`daCV8 ztMZaoOBJ>6;@n6(nK`5ItH4Bi)hs4VaO?2wM$*pN`KbST`=VRK17Y4ZJl)brAsa;;?sU&3usj18;_!ea20tZTj<70 zsF|VA>IowZU}M$=>)alT4hvm~hMV;l;X>zvk}ngep5(#?z�>X44Vb3Bbx#BdEZh9Yk44uTiVWl|Dpui^v*?S4QJ^XC? zfw90hDwy3Hb0sp0LkAG`wXMYtgdOropfqJ!XhB(=U-r~a$1&E3l&*piSI~g~|Knh3 zRH|b;XX%=&tu>RuM{3`K_C%`)5h3?#ivq3Aa1z)MiRm_QI}33>YUSF-J5X??zqR7$ zY&8;={bbW|A(UEn8?y=XgB_x<5$MZy1k*3eD{Y|L#sXqNxzQ3 z&B0W=O&fL~*4fkRln!eA3NHS62o72x7G5)CaSAdT@FAkVwz-QffXz6dP$isQzdvkADy-04uWXtG|{${RIg zza1HP;a~nv7I$Z3ar$7hm8|#y9yY`X3eh86meLiTN>G7Gg%+F(Slj2s9hC@{yTZjE z{SBqQ+*p=pB3biv}`LJz6C5VhmeG4c+)rq`JiRt`wAi;Jn!UENnKA zLU$+fTc%I%-hqJ(OBd5ajLcqCWWt$K8kl{up_J9Rx>@PytU9OVEC{S4$Z^ z@#7WN9&Lha(dV}X-i!G1kcQ$zTdtD<3_^2FD@$FBIo7t={szTqkFm6I^ODP5xmK~m zmCTiCl2+`yC-O8?+Yp?8EJ#2G4G`xX=^#RthZ^;)KfZ!9-Shd<_cEtthHo~Ho{uQf z66okCwXR(Q-)I}qtoS&{a1P2nuoNIWJ_cSkB2tX-(G~lRX6KQY$b`Jb@ebjokuo)< z(ECJ34i9kT_!(b=3TcSe!S+M23!vj#SqkDT?sq3=Ix5U&%WK#Zl&lKWLfhTC0u+-k z5Dkvw|H2zh{_{ORLJ2|f&(ANKiLom%7gi`FzDibqgQp~+Va)>LDY=l;xJgt4VNj*W z87QPH$jVO01&A-P%Ct@pGfYrY$W&3<)>J!y zx2blh+kp^@A%Y&L7wr%vtc=G91al}cw|wObwoily6Zc@`2&5cpF2Y8bANCLGIbE38oy!}O9mmXqm>mITOct7*H*f#&)~%K07j~$w zfnU6nHDM*BFp$tR50oW+JuH@u_%{vSGiIH&`Rg6W)N=EsTJ_xO#GKpeV$J$5Hxs@i z2V5pv*>UQ`Ij+C2_&@l=ZOtF!qgnmY!(J5+pWJCInP);&r$xxk#|LE5#M=EjFgg*? zyq~MPFM%Wphzu4CW`wZCUptO?QR<~pw9BP4Mzyc=&J^0;qxG6<<<=Ilp&;6@_Tad3 zqGzcH9E7lK@P=wA`oL9{W=4RtBUOA|B=eRt;$Cf-w5&v)1*_Lo?yYRI4*ntziS6z9 zUI#ioPgOj*k-M)!$fCBpS{R?Y3~h0yF2!ZGT#;Swh{nXX+&e5wQ8F2q$A=6Fn~>uK zusa`jotWK03cJ5J(``+|%E;B(A2sY%12%W7!c!xvjDX{OvMakCL9|zZak$9~iz_n6IGCd(!hoo=&@c02O zOqwu`51{>V~H!o#lqwqUF&k7TeDo$Rv7lb0~4z`Y>=rh2Rs0!SB#NAh)&kiM?ds^{2JDgF{M}NY3sGxw6YQO3}a=e`nvZL?)-m4a>oHqSnkV>U{ z6mH;K&sxRPo=!W$Hemh`+xGwW7?E~J9#ViGud$zKdcX}&QmB*)9hbpvBrhcFo-Q=A z>@MNtBhbkOh|^Xuzb`cz_sn)&C2N1I+po3Iz2FYVJt+5* z@LS@x&`e;V7Pu{;aWBwahOwLHd)dW>p0qoy>qCK+3j{O08H|@U2F)?Uep4e6`Y0xF z_SS!D-VuS`5IJ+JSlZHkZ-(hsfN^rP9(H5D<`ZPqB#owPM^XJ#U3m zuC{D$&uv!1z+O}_(Eo-4I`L&kBnQL8E#)c5dNcn~K4JA^u9AYf5vcyDQ5`T9sO_)!^Gug8c?t z05Is%=nx|Lq&q?tLg%89vmn0tw)T%nqyGNEgEETybFnG%6NQ7Wua~|NVy153UER!G zM1_rrN&t0QK*f-*$3;HkyAF9f$zKC8BjzXt%c85xEA<-8sswEM4{MPGKhXyuoITWZ zofMmp0~OA=9u@V+xROH5gH+L45$~yO_8tkr+rRY_@#`cH&2IqKvKng>gLeD97I)*m&xze3As7yvmuHC+*UI;LR-*GxsQ-I6Mz6hVe=&Pq2~8jc3YIZtUtXvF^yYGN-w zIOQ@J!V}~jP~_yj)3Ngelc;%^-l3@N6_bINJHPWW9SJ57(Tn3CM4a$kLPjV+w?^9d zcy3;SQ#vd_rHgqAix4rRBnm=402l3y0Dt#It08 z8EnY84zbAzKfk>{*RZ%#2PB;h)ml=t$Q@;`IuJi+hGS0=K16}W-ohRlOxGhtOss*n zcW0sz88?#A8qPSXAA#Q&I-BZg0K-u?_WQT_Px0{;UXF2JnHnjQi-}Fv`AD*J0(I(;$yet`)bdj(kYUiQ)a}%kno*#ixyFN;C?;z5;(nz0o&@#jx8HC08fu7j{pxyIs=V^yBj_+znM9 z6RDZ-pjrl~dU4#wiEs})C~BzPC5+6A7jULR9z)&tI*P9@Of~Ylrg!lcI%z-JPFPVr zLGfkO=L@edW@9wVY}$EgcHOstDu?V64bT!&|8)KSQ0rNFUe?gNbays!YlXp}w(;+2 zXH(j<5uEq8kFkTs5_BFA`dM?8O4q36U5-uOUH6TtvZT^)M}NcOw;BURxBef~8Y6FZsntbMW zc;=3p*t5{{vuJj)ZEI7O31%`3^Lu{FD!;P$we89>ctV7X<{h zAArU^Aa--!;=34N19Vm)aQijvi4#3i5~&@hBvKmBPA|3x!{0y_$lBxP?bsj@g`o$y z48+ObSRVX+MGib?9KVYSnbdEDts=|5V;iDFaW1$|nG)S!Ac>tA4Ig$)HED8?l$$%X zHn1!Ma-4uww3h^6zt3>!7F_kVw(ND@pdKat;~Wn;pH2CPCgIz3#gb0|hBlC7T` zspEnK!GNV8YB7{UQ z2S%`bE(<$ipc3;ESL~LMn{hG5!DLfl())1rTgXAJ6d@9DPDR>CJO(p3IO`RGd*NBu zB_LVR86{ceaZsl4-zrdUU-@zO6tkpdm+Vko1pBn-jFA*>;GCL9u2_lZqs6v>3!p1Z zcZo@rlD8Mz=I|*~PF~G9=i$q@3`6DLBDl$ept|ZdLq-rpH);QPy(0DBPbYDvfM5`mA_aB z9Jt)EQeXMn7=&!?yEnF`v<9yMi+QoyoSZeS46w!SleyZT_YkayTBV`G{0OS7EaK#P zyC&dX?x)`v4qdOg56<^|3 z>BhcKX-oI8>O^Cf0bs?+jV!=is2DWz*QFCi)&3VGd6d37p zia9!$>&+dQfniq3?4TGugxWr)e3fgj zB~Dux%}3`?))$%JHdaSBL4fzp@<`#&S2xd6|F@yl?ahkQJ3FmBhU~+}+&fufE{0q8 zzUQmeFK6#St-+wcVMSBDAJ|AjW_O3((4|`)eG3gYsbGB8WB*+=Gv$;ENNxV_Lae{I z5~_Gl_k6dPkmp=phWu7QtU*JXOGgtI<(MLxYX^oiNcOZo>&DPt#Z+r}M&A%_bFI>3 zdFy1U(;N`iHR&3=U~UT&nyZ~7W8om*`oD`~Zd3Gt+>a<=Z@oJx$C)lYx}vO`vXZT1SGO_}724-N4+b>gR{b9sdr1GYM0A;wFi{RD2aV%z z%y2oZbt6{{cYo^#kB%-|)pW_tl%6+A`b#;~s5N}JHqtN6+o_i|^TumhF3;D|&S8=0 z{2r0bzU(Xk{jp&vPfbxk?A#K=2aAo3BrGPvri|XgVG3rtIrH}Xi~RBEM}6a8)KBg7 zm7GQxzBqju&Nj#>uOR| zhug8ocJpD{O$4QeJaijJC$st=prAOzdGyL7+8~{&=jR&Aq@vx2p5$-DX7zu2wCl3h z(&Tpw8P-h~-MM~)cob$JdFm?8^6$b-c49{{9X zF>J1Io{Cb5+jg6O?J5;H9&Cde1By~+e41Ws;1e49$^l;Wam!o(b~wSqX}_2y2U~T=YE}V{^AYVAE+LD(2zDzrYe&J-{;*dlDG+iP|B5hz&e4!*c-- z&Jwoi`BUDZiud}j7~5{l2OQ2ww46P)Y}K7;G*NbOdIV(E>5peIqI4lMTA`I}&ISz1 zkP=c-B=I&ti=p>W;Wj{Gw?k#*O^sfVwgIx2HvK+Go}|^vC~uXVJZhl4mXzqysvBqJ zK8H(|>v_~ih#dZw&p>4`0Os1-V%}fbNIWj60T{-#m+k009ly3wdR@3kphxcH=t9MF zv*FX7JJfaDnQ_ z>d(6{Ic2MIYRhP6GKfn#2Fg=2JU1tQ>D5Hl=IpWH$k>&It~g`d*#sU5X(8JFhT9>6 zWpl19c73CAJ?oQsy3Fen!stXd)oqu`HXqo=f<-87P=<5-%gg`zuvR0lud+&Q?aH~1 z5um@bPZx{6<#EHhXDRi)u9`aiU)u=3mQ&C+>`;eAMQeTUZ`Hk2j2n_fv}Yv1-eIuT zWxTs4a_!Vw)5y81kyMS;G&>y$w{~{wSXLuFm zhMQH@wZ#aU%=TfZ4%)ReAYt4rPPad{y@!*#DPNFlm?1Xw_OAhUs%I(My5|)-Yfe^8 zXrGlfdkk`i<7Am>p*+m)t#AD|^|S?LWmn2K`zD%H0(+%JlR`JG2oYn#=Alc2n}I;o zt07&7zj|cuy=++fc64^NVpIq*<{u_wVqF_mb|&`1CBJy3SiLT~#+-{?T4feRS~io8 zRO(s(?io-p>|C(vYx!tXS*;e=-^F;&qNHw}lRJKSX}lw+)gs%fNkXLe-lKMxs>xXO zsslOtRRMnjZJT{+y@tXDzs-?fcLb8GcE@p5x^Z$<0<9-0$I~nKG?b$rJ6)-lBS-$w+VU$*q46Dr-UFffrzL$&$v$vIBzWeRMXcl)fN`M_l@H~`+Fx~2b$%y zBF>?%1M$Y+@@0(RE+?TNxEbJKuUe%X2$?b4H#MfjLCq~A;;a=lh5S(;v4^+yeIiCd z4q(O&uJf3=u^`Y9{JXJqgThJ$4)=~ zUWhRiW{Nj^PxS2)>|B5)j^MCal5PZF*Y-jv3EKSif@4BPbN&)KHea3;I+-(9O>~HI zTj;!iXFw6o@quPC#y^J+uxdNP^Q`~8D|i%*`x$d%spa|vhtjF%G*jCd8R9*k`zU>{ zg5!q8ztbQ?B^>~ywNn!gf3dT%OFweCdjrhQf$po?d^&G|#|1H0j{Dzv9sDp9(xJcb zQlU1pJWMbF#GluA1Sz2i78E}%p14Cx;c)C5`og0^t-DVw{wEGyfZsVswa$9;ywK8- zTW;|JIY2>y!1G*P)7rH##fI%LfAs71ydQ3>W~BY=2YjI7$1KPw^BlpD-%$69b||S> zZ8?;Uiv{oo>CfNd;0w~MqWr_po-Kjo-%W)t8N6Q#U_ni*uii#f*I%SX2VfT<663_|@ zJ*#ux;z$B(zLow`CN-+%XyP6Y4N6*O5laR|T+&Ku?m7s+Xw;Jp*$=1#XLC&F5@`^j ze2bc&QJJ5Q&yR|R4jP!lr=mtFht{I(WfYP5YN2lFQa7zYp||Pglw4;$bxhTUB7jNQ z7YtB}Ul%p|4*a&(EMJ_iY9So{^#$G)k?YLAy(@s?oT6#&5^@0u0s``$GZ_~Ak+tmyrPm;ROwEoEV*E{QV9`}j)>oUCze(UKfZ(c&;h0gMt73@Wja4DLO8=48 zy7%{ABhUN;%3Z!w^j8LLsT?Y~@aSG+tlXfPZ;rH_8a(4IJAEA)MB#xV?#~(DT_$-w z4;{+4iI!eKm*L#q+AAvG#z3Q|j2G$35V<8jDSyGMZVVYtQK{NFzQ9Y60LEHH#{x9* zJC;w3P>~z~xNQItM0GzU@+8VVxAi!vd0xGI`7Yfd8qAM6Z~gs*M7B+g1KlQoKl&}` z?HBP17ZI~z0|%XkzN^DRG^It&n|Y*fX2i3DtViDhGDVL60PP4srWvM)_q&`&b3qPWIO}S1l`<`01RhNjgT*j@eyDx!~fBr2G zI_xF4d<@Bsx78X-U#JEse>lOFg!%YhLmx*2BO{Cw_^ZQDqP1?Hy8#vPnsWlQDBE1> z(#pSYl#)@&1oA|EX+c{^i?}g1lHU_yzZV)P_l^6l49SNI3Wi@E^nt8$h8POPT`)dnRmeC`TbLp4|#5bzx^8>2=xyQmITk;9omFZz=YpHvJdqM5|-T^ ziNq!p;BQAjD$f5)3u}p>#h|9oohi5M?_oYZI^n*u^fgyLbzBL6Q>#akVi;4uc(-lb?N#mT>KmJBC>cFZKZBQ3$duvT&3m zWWud*5l9ITchV!_mZ~a{p`XSRsnwVkY%IOMG`!1mW43B`NXG`#D9?HnaEqiNy?4lt zA0Ho?3{v( z_Gl9@q<79Asdbww7&aNpe*ZGWrm@%s1cQWfJI#~tb!6UQi}8M!SGa}R-8U3r;1kn_%A&wr#^lit^HKn?s4kMWXZSE9Zj{u6gRb0Sid#WIXT z{@u$9T8W=KAinS+JDWy8Om?ZqG^Qmt(Hzy(AjVng&q&)-=n%vs7<4s+3o{{Z_x*lf z!Ehw2+hmUBO~rwMVLlq3XuGKb#EOv@Mxbco`nbn%Lk#=+M3Dj0KUPigb++RhKMO6I z&<4jmU+w4VT@FH47~pI*_eso@0}S?%T3l!na-3+-$AP&kcO$GcyiX_kzyTudA$K$X z7wD`BxbtILzHq@8!N#^{dncW`4}(Tf0iYnULbz>-lS0TZ0Ly( z&Mhrv%3E%222=h5dW8eUfpq7dk#sO8k-&}0jmZn4O-IoPwfjvPY_F`72Z`z)PMeFqT!aX-0aqQJ-Lk^j6M%uUTo1cz<6Esil6UEvccw$rN^F@ai^S)nxuyZ#! z!X)Exq=(~A+)i}n-?_FV@*@}`^4dWCeiAX%>;>1`4b$WX3=C*3P|mI7nvg3e%d~#B5c6 ze1vtNaH|$4P)F$PhH8DzDa%TOQC~k^20Gu_foU^9N~f*Ns`Sy9t+-5N&exA_-b^h6 z>QVkkpJLzVgR=f?(yo`jtJ{wKyjiw()3Veh#y%iKS?1(^O?{`yX+8^WFn4OAq@ffs zkx^B_%N-NxS!M~J4MG+RKW}3cT)j#Wu$4dEn^<3}*sIy|z}S|_=*V}LwMKcf`}UxF zYh#*T(MscBs9c%n=BdzP+*9VhpI+=fq5AGd@7L`f4hL#SPoR2-rCG* zduN2vu`UpI-NO0=PnRrv>e|m@gbd545VLaha`QuVO-*#^g==FA!u1WZ%M-T!*Ggp< zv)LAZdZz_MwShq7yU zpK#ko{9Nb2?b4mQ_xo}NiXB&$`uX^%3=N1hjHh!ar28n#fDV~HZ!UUWc5$gVs0_w( zNiPI1tdFH^&2R=)EP~NCPQ3`Xl%lCZzV7tg9hlo0124aD$Ji?9I)7Xhy8om6>tb@& z^mEJ&N?^g*(A7ocX(iS3A?Nzr&6896dYrHUeu4$(1qx?AwIjDSPo-bgFL0kgVEryU z+J)&bje6~A(Db0Mb#uL{0lC!lRoDR8ACTYY%U*RSRG-OhxW7_YMrgz+X{i z&ovqLt#xc;smJ=tXNR`S!}U>3(@901a|*-k(VmxUqopMeNd0(lzP&BSqV3&MogAnU zTo<@?3H*!PN;Mgda@0;LtvEBf9$mI2jax|Q>cb(s=~*Qmb;rWhJ@1=mgIG!0)@Szb z(-ussx{jV-Qi5cL+Qs_)oBC%yA5bh=?m`+)6xIkpGURm5@>kH=#UclkMNK2OirN9A zcHeTyWk)dq|52-V4Tgl_68Z59&^X%IXWw;Zk`G~CAe|36yim;qrz+f)!B>)ivCePe+gta{Z2ALZ@Fes%px z2AfHj`*ndS0NO{d^v+^~a$2?dtc!oH-TQ|Ah+Injxdx4AV|~(aaa4%PL|*siVmB0|f+FpPoB4x75uu%KKt$dS7-$1RR6B09C=A4P z0q%GeN|R6)QEN)H0g`+z`oSj2ht)6OdQ>pl?81G#Lz0nV4r9$?8{VA#&FaWQ@~kcc z*BiWy3CH zd})nooK{8ZSm0JKvUIBpI~6F4^>kbNI$S3@9pV}Km?~sFL{qozJUXl!xyERE`TA#* zAekeOMbo`yD!b)Uywv%_8CPH$%4{)bK6x^|u345R{4`W+8p{-FOaiIjVB`cJN<7T| zBkwzjQ#BM^MOon<2##URQN`iQl@ZpyWt)p>Bdw`jw)T*EYd_U3ZVi-lJPcW6J>A#V z2BM|iDn}Ex&bX#zDW5=<((AkPDvPhaz1NvNy0XRYGsXI5KF7K(PYKzNe9NCpkoDVK#-`6vVkD>X&rPk38}y?AZ|`-RW@Sfi zAk5Ez2FhY9=tq4o)NytX`)C9~5z~Bf^7l3!?({@u85(*4|3?R9PP9&aKPgbO@O&Ys z@rz7Lhtrp#WLnVeX$vTt74r>chZ44CyfXR&B`ewmOTDpMxXy(epzbukWG=hnpv($~ zK>keZNL#uA%T`H0XxnUt7>;tP`~+qTUtC{8^aqIEur`RIg@yQq9O_d^D?Xds<=7=Q z`j)oo$1rD*43moN=C!qTfa#iBYofE?6$RgMs{`_T+OoZP=77DPx)Xrkao zL-~(?b$_|7f==7%>+@smF>IU@T#9?^Ez<<pwYWYca=q({vi>!htHIV@td8FE4U&0tM;mLbp}VlH`xYdlU?A<$tR`P+mJl7@ ztI@J{wS8tt2gmT)>tN9B(l4gqz`iwtMg054xngX}Hbn$VCg!dvAHOD3;AFVpeetv?5`ExlGaN?lz6(H^1nn9OPGi)Xg+Rubtr z;kJby$xj5~TR(GMUvhzIbRhU}e9!mat(+hiR3IF1<1eK-)V!^lVi^+3IR#we0r$VY zc;A?+)Am&zXP#C6b?UwOW`W&se1a$!w`{Ii)7^qQ&pVJn7LHPTPj=-Qn3+K=7c}~Q z%S|D$IyNG1H*_Nn3oN#;>&cyYxx22i0!gE|eyfG=MS@BUm_gp)Gu0C+OP!VL#(kl7 zVBsso!WXqWxC;b2%78YN)AQAXat<2uE^5w9;`Jhk6%JK6P(-NC?|Vm-ufR>VMp3Yr zhs#!&n)j8qSjIvO3#i9Zod93N$Xp;cH6yjFRha=p=u9m5os$Y&GdZy8JD?HFdx>Lm zKP$8kG*|&3X+dQZE#-Fjj^!jv;`c+YSPR1wJP!H_W+ny4-ZvJK5e6A}Xc&OLqLHsF zkspyfpyRdG|I9}ftAAJIQLaS+V-x^$MxjFDgrE#IV$T2t`sDV=~ zOGGTmhddf6cOWNXPG0o=m{ggNDy7B`J=>LO9|x; zOoHnn!Nzk}DSSav9soBIYf>U*n7E{mK~G{D!aj&pkQUgkw5yM!R3f(eJ6nlJ8~K zb@_gQBDqJEsdJr0(A1;gJ7AamDhAUe#7_W1Ce(whr(>Mhg9O~4>!E54wXdJ4I}^=i zEGTW-Rh25gt6YBH2gNO@fV!`F zk(42qP&Wer+)qKt$$+R9+({P$NS*BVurD$+FtybpirHa;{j}3+lWkO;=WL?Z#-#U6$H?NTg25@L zVKs~fgsdK5Q{Q7U4v;{Ph^$(m_hzFyX^kaHYHvzCweP%asR*5aVX}6MNLOFqy~3YD zih4Sw_cdx=jYG|Qu=f4^akpaTlO0n1AON7v!5T>cx}+~602@9EWs&q=b0F!c4|4jO zmnbm8Qz?;I3S}pIR<4m1 zGB0jMxb`)#d4JDWRP?>?zkdJS?#+3f*E!F<9-MVc-{~_fYd$x>D>xS-*x>w~t6E1Z z3KFqSDj~D`f(EoyrM_yU^lHPtyaJG%mhEH*34{ER6}(%3)c-pERFO>*+Y2T*#j2-u z+ve}Q4u5>HNNE2dio=ioNBct2qWs!Dvw*|pL4oowR8YOtgZ*V3zHY_T2cDN%360-S zn27JNrMQ3az@>kR;<_;bUvj$DYaGc>x){!lI*(<|Jvlr5bSZDVl@Nn<)+NiMy;HT< zZ^_=mKP5PlDZ`>S?S8_qS^$fS=xjF2bGG8sOgjR)3fyj+y7W#33<&Lecjx(b7Osv~ zL5t`Hgb*hIawtPZ7bvr8u1@3b0A!@t;`xs}TT9B99qOqx?& z&*z)a8+IAy&t|;FjI6hrAUVW8tjLVC8pmy{sP*UG*{G&y(QOdHqVqcHwLP(NrVkG%oAJ zrly{f&{tJe^$$83+jc}Sgyg%x>@4&Vi`c0R;(_y&SN1+md(pv)EA1|wTR5xCe5(>( zorjr!7H<8WN4ukQJ)U^#TS?q}cU<~V1R0llN>I4XK-sI?)%!H&!XUN!&4-FFRu3DH zL#dc(WnkjIpHOX*jioE3B zJ^5B|%5pSvS&8u`{GW>o+o=vI>yyFmsN)p^bLhA)DYfKf3kFGzx6Mpg@Mth-<(SD6 z-IuK@(ANzrZrLV*-|H)JEa9qn>|?&9Dt(leB7XM50+CtNjASSmy==sxxBn@&k#l^ zwUF>?1{*BCqL8dzv`ASp(h6VQAx`X@r&1Pw@(8~#CKdU%dw(N&? zBdrw!iV;WhqB68{%mLGpNkBm0%Ju8vt3sz21P5(KSn3l#m)Q2@)rK4Xn*X_phRLl# zw}q+vwA6n6pgc~-L&4d?>vq<@crKVHe#CJ=C~n1bx@iI9?r~ul(b)&y`rbbMk%#y*=hNCFYX|MK2{aNQGul0Key`8!^lVz?Ip_+6Z5`7Gou&AMT8pe*5m7U$CBA^G&^3z)xeoVz7bOf9pa{THu7MxYss+82ykk z4YJvBOc77Eq_ufjaS@NG!628OkKev1gZhrDjFkskXY}HL?~11u67T3mEJPXx6^>(kMhbc zV-FnS2fJ238Nsew&q%sx6?Z#92m=3wE3Is%RWDctB`MO9szqO5KOT@-FDVuzwMr;I zSh5;uQT9w-+X`5<=ehTiPPzA4WSW~I`IAHK?Q z%LZY*|G&iLcA9zfXnIWa!kx^K)Pwda*Me6u1K4N=sx100ma+WRp5`yL-OHz`?SYbQ z2I~L}jH4V<@iE(JAymi`CmZOeTjVTIN26R5pPvN>_@wlsx$NjwEvEC^Db4q=u?}xX zZ*f~He@3roTggLC6a0E&e&e=&UHn>kl6`adhQsC5@CpS7f9u$bh1$f3C4a-Hl)i9m zz}(il;HZ$21GDn1UmVSwCnMsVzv&r?7a!lMo~q3llAs`GamjV^rFU;Ke|-StW?0jo zdg{yHsy!?n`-ZGuF^s{2N1G6hQ~d1hy^E98V>H96`??XUwFw{++M`LqJ&*%VDAbu2 zB-n3IZ+@s)0jQly$9Q-cjJ6AN_1QQSPd#W;FFBqqVdYeAbFv_YA?j4FL?51q5ylbL zINt6pYb!R8of*Lh(edaq--E=R{HeTt&qp8-ved(@&PK+d)}qCP=}->d~2D1)~3rSW(uEbA?$qZX%-BGs+@&VEB^m4!6W$ zsDxs=ePYA8{=R>|i*V?7G~Xz1`0?_&*sLw+vK#gJZ!-*f_1O4cYY2?S51pQg53o>D z_~cu~^^(gau!>?9$`j}eP!a;$_c1d_t>T0GLbc4D>Wj(zM2sK6NXI)zCdXUFgIOd_ zmIt!Bc{cPj^6P&I2oIDJYaEFR@zTYQ@f6bQCF&g zSovRpp*#QZ!0Id2!M6w9ZLS3`j;N*FJcAf8a^JfSqt8e2G+FAO(UZ=28ol3$qfrXzpPqO5TFvbjofgoo@mUiZ`b*zTHl$#>{k9%@sop0}vMrTB)^8X@4+ zyUriVJ8m@)DH51-Lh#x%a%zxhkGoUDaI!Gj`b6Jvve@u}^Ejd_hT}6g>WWD+Gb&|M z;hEwtjQ;!=MATMgIP{IqG}kQ+=e#aK>CSehHpSj)b-RGrv|~FW>1oGIc6ZDFw3*4h zcre*$NU$_s6?I4rJe5^ToEXfX9Wj`WSA5)A*OsD{lbDhc_~ONj8G$)kT3TF=NQ~Bm zqa@4f8>V`*y0auz+M!3t*+g1nHWn;e)8DD~)X&3+A_I_jA@b!>L7dYS$|2>^#l02m@&&LGpq5#2s~^<7$#3-oYl;V&X*;s{-6y{%J-%>|hyoWRhRJ&)<*k$d zTAaOmQ=DD-8rj}0Xh@!1gr{ZmoWx}LcNe+PH;d5xJm6YtjRJeKgO{;IE)IQrp}`TuK@n5eC8{++XaM(;Ha*`e*#GOsSwgaCcW5fnw$YJ=45i0tm>mB05iIk z;i~xE$s59m5>);~CLhWz_t^&?BmewVLxw>`;=6Zu3(sYU$a>sdd=)lX{vK^dz7#+sPJxI#%4HYEM>0o`^7hS&Xe(R*WV zX-`euTX9M}zE7aIXV5#MwZqNd%3Wn5^qXGtG$!Ai$Z|*-MYc3I9%zQiNg$4;VY0Z~ zvTUYO-oEwS$0B;R8_c(m9lDPE-J1D=i?(TjQpK*?Ht`2Hk|^Rz{M?aOB)IhhPk+Yj ze($i2O8wlcE$YEmCmNR&1tq@bc)lw<-rODS_ax53vd~;7=Z)4^|4yX|?b**fHZ1 ztb1DY^Yw?MqWRJ=zn;u5Pbg>8D8+;4edI1>^r+TX#Z(D7t=L$9)<2-BAi38=zdE?I z;NJO(aoM*ktIA)zMdx{A!VVS;+gB7jplP@omn4XjB8?OLICDk2B|@Bh#jP{n7|6CA zezZJ)IFB*s{rfX+QE+^zsVE|%r6yi5p%nJbbuDp}x3Jh*eM#Sf_iFN{FS|~=(Odp= zg7+YJrh(S#h*KXA!3SCMbQWy*};#(FvPxR)VC=X@tqhILn{VXZOl z`<9}DGP}X(Z;iMCs>(d+&tpJqd<*O^%lZe(`X~1GlnrdB$r(%bpXef99_`BEtz)y% zj+C^vtgF9${?`ru-U#yH7UE32eY$DJN#%R#rbqe*u9*@9_j2S*@Kq0mR_B-6G|{8K z<%Al!b=~6;wl9knp6@rXe*au?=Lfae!;WqHuPTuFDwgm#W!YS9GN2wTtJ#+H>fQO< z%gwS_Y{!|}Karl_WDVRE0mPJjBJKAad4$L;9lheytju?^?>g>$*H7*S{>xsgc^iJ4 zt5dUs!9j6L4)s;Kf`=a|dObX?-=wT>V}UYF9K_6{d{_#G`v`H)72b6sd=a-bNpxQU ze_e+ON;RTyw{7%RzPftFzr3&oJ+Ku1SkDW?8bvcAG;ycth_l@oO-!-AYsC0XD>Ad= zU(W`#HQvy_iusnu)%#X%8mzV6rsu)Ix-iH_wW@_wI@D8I4Pxn;pYBj?JpB)Wp6U9S zTup%jvb`_gj;1<)zxzB|P#nb~8OxKCF6foK>jS%wW8y#Vi*5ZHnO0geV+|sbvmZ0A zr?l#?v*D&o+<#{`sHAM=tY1TW*KHk6elJW+Bwcl@xp{~R<#3aLd4B&l!Rwe;cbe;Z zyYW_lJX*FH^6FAk7Ma3K0%Am20zHq(rvY6oSt+u`0GHuL`zveko=or<^}z5IrRjq4i-d zR#K<0*Xna&OP-7~`?DvdpJ+$=#*K{PWkv0!g9$_1;^c9TbtJQfj9?ywo(o~wP;HLf zfB*R#!=1EzPIZ17B~C6EG4sP6C&~jEXcG3ZJ!){gxAW=y((WQEqSfFuj;f%!rED-w zr08kzh$+b%NQ4{k6>Q1asCVE7Uhd>}b~(?jopBhD2bq}!Cwy4!W~r`Fu_SfK2B)$Z z+(=8c8ZBkDQXsNExcXic!33D-F2b`p6o<8ZEq<@#+S|z2kRWTOYx4d#=FKK+Rug8Q zv>gyYf+!mV!~eYKc6T~gtZMZXLnwqt_wxk^>8HC)bQ8+Oddj|hvB$s6lr8^yuITb? zZrxvftv^?i_J!znsN+4Bzielk7x11h?Jh_>IFjx%56kH+S)e-EP~vo9Jf3x^hH@6}BwAut5d9-1>l8J_}1~bFtd+ zSJiKt>f|>2B)bsAN9ltv1OBB-#1x4Y+qG63OUMc1J77732h_XcrATJvViD9vo*e$a zJMHgy!K?26s&L}EmyTUQpVWl$0hIXsYhj?aClYD*Na;~!U0CWzvqi#Rvdjq)nl8I( zln;@Kjo4Rs2vBh7I&{lfDR}ghkr@ZCV?u70NtOS?5?L2UduW z=PhE=O*+NtUm}h_xb{l(FTz^e=(C0!4aw%6Sb+JV}1KxE3oBg5?gK>ObOu7jfxoOhz;YnXQK5f z1xo=B<#E`^wwG=PP|Pf{^J8jzjoyOi{H|27LWh)I=@p~$n0j})Ij4*4xCkp z^?|ncMW>4ArOyjzoRM^1O=RGX)IbG$W|GJnaLU6Gyf-a4zrmY8e39jy;)LGhu*_SE z`FWoD?#?$_J9nFQ7jqR8OSy36EFJ3Qvb+qm_m*-+_~xV1HyK>Njyex%ZOq!#+6c@o z9lpyHd!0?n!}YRhdodT%_SLlGWld0#F{Y02@m^Yd0v(Dwb3lv)Oy(9cn8I{;lYoGG zgef_N9U>65{tQkf$EaXcTxofVSf4lL%Hc@Im2Ghb$}y=<$(1A_zxG$A0C}1hjr}#9 z`ODQ<_xWf-yG26TLmsh%^}Mkfp~3&OGmAR4c+5<`o+(rv z=x-uM#%&F5W^Ra5*m#|=NbyO~i=e-^Wbc1FN$AZI1!uNM!QQE3ljD}X6{kc+w$B_u z)u@P>k}|#5i$^R>HgkmXDYB|D-y|W^!0LKts$j*)5LQ4<(azV?9n{Woa_O9_G{L%CE_(8#qjl}(VhJoMK?{B zM{`sfJ=lB7n0O_RFU}-x+n5a5ATX(b!1?|r@b{qd>On_Y=qj{|o8PD>R4&Br)6kRV zOX{Snjw^k)SF3MO@w4yq$OCTqu=$MR*`$2f|Jpp7JKfC)Htz-+P(e~JAKy983 zV##ycy>eR3eD%cn1XhfkZF=7%T!=CMQ?;evmR%m|k;7@K zvYhNolU!WAm&z3zMr-chf91xHd>(u?9E()`%(tQD6ctvk_W~P^<2NUf?@|G!czWs2 zB*eA<1%7{0i$!3Jl;rW0Je!JlgeH@E@mniUBGIggE|$N6hV_#iKKTl$j`hVKi)>RB zZn#Ivwu0Ep|MA8UDX2!leLahB+;w2qHZWR8tei(Z+P-ZTls($ansu96au;)nv$dw? zxdW(W@DE?t7n1DpCf~^nxWf%0f9t>x8aKM9?5wah7O$t5=0}-@^aSU8Oei>6A6I&k z(P(5Fs&wMN&3t%&ERx_07B#ERed^ums+Tupt$quaSWkpB6B#f6MVjbilLN1s@s-t? zO;3WyTP4hMhx!A)&@0#YRK=1V(8zX%N7y!5_O=Z*yovWbdF>Y>)$fIWe)zA`|4ODZ znCg?jUMp|HESRXS4aNXtD_kz$Gp}uj(r?Yi=Vr+8!kxeazf{AYi-nvv z8EBv*cb**hi){~6AR5ilyyMe{*VMr{CiUWp`_R7~+s1wB-ZW?Wt>*aL>F^aH4*TTs z{cv*Z`OUljoA@i?c>I%Ze))^77ib*aAtFO4fAZnJiuYb0c_p^)QEN)|)Z|~a0MIF; zX!s8+IbBK7VfX0*MqC}3Vj<51eN#XAIt|_D*}UmBo0iiM-bjBux?}T?5JZZ0H`7&c zGLgyeGd{YbVw*vbNy9i;ZTkEtyvh8#yZ1W??B#H`G_@VO7WH|TDJhHge_oA9(`lfj z=wD?AcT~J&Icj``=u$7wI}(Qu<8t0WNoVMn@aMa|9&ibjb(Ii5*ZRgRe$O3he0!2! z3q#t*IF2CkTJzZb1s(yD@s?sdjt-pCdVb3JV_RSE2kPxPceidqtKq{tACm1>PYy1K zi3%To1a@yQFB^T7*e;Ij!+CEupTPR@AY~s1EYkZn+n!!6J3AL@Mlx?k{2xTHJ&gw-{y`E`jHPkl8J zo|au+dDSiDEA=JesgLd-kh1w<+>r6kjZ5t;i9s*ORlI<(%g;jBO)l3(FN@^?bX$>; z#o~k#5aY~9gUE;|l!-nZL4=@8^2{Ge7* zxfiV?8hDptuAf&TqPDNH%gQ zUjNW)%*;K^9dY1qoLZb4Vg_;07WwQXcq4b2ijJUi)np4<9^yt7<*{t0Flk+K_WJ9r^$O83;}WKpX}RN_ zAyZeqJ@s|ls?D3?Z+0SgKCK=@_1^dPJcBR^q;ja)MLZsxt)}Z^@qfL6_2JVu2c9_g z%*x=@j(X4dB9ez5!)gmSP=yW8Ys>lRlKrs7HY#_(jQHeT=i~QYr0Cve$+d12#abe2 zK7sz^Uuxd$$mHm^2l(OSH@FTC$}zU*QC6-IqanCg;JsdEY(3!BI#>e3)~D1&!DnBs z@~*p6b!On#_BJbJ$nQa@((?|*=DSf&1V{-{q4-*@@KB*Sf|nJZaMOubRhn;thqIkb zHzwx{tB0Mrvt&=%6SGXxQH2X2E@i%PzuEj|Ad|(H8%M*k9PLDZ1W*V2O`{~TMVc_C z$)5TV4WYB2LhWmZpK!01ggtfBzQ}#@vbaG;VyqY@+&xtZepT%UYa_2m6k{SY=JNNWVowdY3t( z{$jHWW%cf2B5D?Gp_1GA3NFmB2y`#=bj7g=-X{HyR!vk zRNDGQs{6vLrkk7}Q2WQ5?fT0OTN8y&eYsO!Ay;Bjc#mr7NLFaks5#ckI<8sD6pOlC7soK5Mj2uX7C-!( zbmiO{ajft6w{EhG1!cH-F?i9+ zoYH?G0v-(!@Y~E?X)dm#pBkXB?(xL?7eytW`k7T<>_3$Wg_ch@LF8g?i>2jev9xwN zeu%L&q&4&lVtnlp%KOMN>C=3@bzeMVwHu1n#rI63PIedo#hZ;-YZC6ms=Gh=iU{N| zZr;*5tG$(^FOM!-(k$wJNq0xD{ZzhPs_#d){ENhB zoeopB-PCtdN@o@&k%@K57K%@4I_8FU_rY>V%v zBb}JjLK1UtQnNO2Qst%CRCguuGdJyPw6agd;mt(ue9Ktroyzo+`d>@v#g@9LQh$EB zifaD39a-gj*chHi3UWI{C%GB7S3K>>mNSp9)_0H+CBw z!qmxhqx$aLX@@jfm}>aX!XBn?T&ZFcum3qA%X0hVWWkB)CMKDXdK|b^3kE@4j1(|& z$oRGzQd(+MFTZ+F{qQ0kiFyLWF6u;Pn00psZQ#7KRE{%0+VSPDnztF9 zS-t?=%%dj=y@OVnJ1;bQSem!6n3MhNed+=`zk2PSfig9(7n{ZB`YWyX z5E*j*=^>KNqv)I-tvQBfGNU7%9HoN%Iauaxd*K>ijv_%i1^8 zSH=nT1$w83R9dcO1@pT1yKU2n>%A=dU0n&~PirESup@sops%n0<%;~E<%FoOr+!s- z_Vpbuh^x*S*~ZO(Zv#F4p&MmW;1hHU-|QbQ;-vCAo+MZvRbQw(nUMG63%()KB;nsQ z6)!Z;WQeSue^x}ctc;9|_ChfgpYiX4l zI#-%so=FuSxz8Y&tBz-7|NLbe4gdX<4L9piIt*!b2T zgw=a#ub1pbv_rZhg%g!pBgbMU0s)qx%WHX*xO8H-e&gs$Pnl$wNnh{->glGP1%Foh zbB)r6yx|^2Husi!Aa8v3X_9o4kraioj#Z1#5GKy%x)qpDss&A-SKYrXhn;nCT6E|s zn;I#hCTSlQ!?HgxE*yVE9dw?72|k4pS0bxd(qo{;YP=YibhVtwbzJ@mT2xf2x!*!- z3wpVI&|na&7|xbfM2%ATl#6&xu1{~0niLLnUU?5_p7pEQhP0ma1*rVQbL{bJX39oC zQDve$#N@JEisbZ>$TY+`4&5~oE%df6|5r8R_EPH1AQCG5c5`c^R>6}P9__rtQ4v*x z5B*V4_Fz|kE0K>JL{M3hjR7bDTv!u|ftfx)BGnWP)>FbPI52D>gQF!PSA;WM7sp@! z;k;jp7{0lK94Gf?0#YFJ8;o`~4G@0kuuOO?mtlcjJ+otG_<)Bk?yVIjE)Bg{E7lm1 zd-CK-{n>{pJ0kmjgv%pA4loHMC7s&CY*#^%$HnKL2l33$UaQHVv zWA%&4GD!xjezQNc=cFW@+!d%$+`)!o$A7cX#t-`rLy=m;MjGKI z3n!-$Q+4pE*R#1OE_&0xFw53Vb5Ou2IG|{04*i+87DbGLsh!_jcQ?_q%rN&|+~a41 z5@AR3R~eb+4x;fUW_H)IO`dOO2%cGM6<|}iF`cc0A9$t8=eCN;FdnJ1y%cezO7d$35Vo)LG!A{hL5N?fDacaX&!uM`IQ_Fe=2*lbZyHAW%R&P(P zI=78RzF$BTD_Wr2i>v=|t*!O{f7_TB|S=~!mQ40HlHHkU(0wXr4 z0g#{fy>k#Xip{j?933cYG|LXzV1WHLhNTZ7gIf1I+Ve-hDsz*`aaz?iX7M@TI@Fv>POKBGaZyDu)Az=wQ%LFafb8f>~aw(%(Dot+mVd_X&*32%3T`xWOd%aGR7R& z>1)C5+b-Y2Y^Aq#Co?KG|NPR>RV@}Bu`#0Ha*=$(uyDSfgQGXn)m~fCSEW9P{@{c} z3$dBzVH~yMV&@wn zbtqC}Qc>m5@2lVV!5XSV!?xbi`XegtaCtp!rQ-#m)OCbnYA>!;0^*xUPOV7|V|cr3 z0C;XM>Zb@}LB-tj5s?McoxGn~R#=!K_dCu4^@x$ANYjk6^&qv#zSPfl1orkrbK(0vk6&#H)8- z{@hn33#AB)!^cR<%}N9;EBjc=pFSs0R(pG*Z&gn#NeH5(@QKXh(NQVy8I`rO4Q&bq zUD~%iFvF_GbO#Zts>?4<%|ACfh0^ot%8?z+z0>)%Er+-FxsrlJ?@cJRzjW(=UWRZE zf)UAwIF{$0<>)`O)IT?O@e0YEaMA$%|AV_P`bVnY;KO5_p!7Fbbb#m~SJTZZu8a_@MSJmx4=0(Q?6EVR(wV@6 z5sGS-)b3(dC@>CBrkLCSQ6>94TGLYCq|Yzv{Y}O{KTJVTAdJYG_~%=occ4B7#6e^s z;<(CXC(O}|D1~7Qm{4Ny`uv{c#6+KQAar$64k0eXMJnZ*YhQ%P!Vx+!SM@o{79q@G zxQl~M-{c#~RH@g$fHugT8_M}-L!}?L4e;pE&r8f-T&$iCW_{xBzYqeWF#rpKM(d;z ztJis0oNl5C-*#Vw&!%TJf_lg7_(35E3Oh!;wf-gdHWL5NHT=WM>_5Wt(Oxe-Nj?F! zRLp^dJxu%AgxwqkLu*D3LNol291*~-06*ec2|7Xw(MTDVcA_3oePGpeTz8~XUxAvW zmQZE~$#A>zPQ|fb(v8#nm(?0w+$aL2lqXybd9OnOoN&_jVC%l)31#0UyLJ_$wjJPP z2P)7XZdui2b8~_RUJ}kAh$fJP7~0tnP!N2ZAR8V%E^SJy4L)JP!|SUqCdBNx&{1o( z6w-7?)I)NI+v7VIb5nXvgIZ`ukh^qgJvt^M^+xIUS7ofhIn{ODbC!a62NeY;yDucXhO z2v{2_uQZ56yK6L|ctxB=<;13&`Ss{s0PdKPzW8!OMZg5ruVR8Hg<0=#DcTR(7Mm{a z3))@ItnTyXt*`VIgbrkvSe=d4YIF@(+-jdf_7F z4FI(Fc8T+Y)e@a4UMKORO?dis+~v#0Kl9BT@pPl%h242KwBphM_(++1dAsBc)Y25) z@&M6X+|}Fn$@c;FEG!YqmHY zsAXS9J0bS+SS%8S(RH#h{up&UPlPY;T!S|>St8toJsZI#iInodbR)&9B&W$s$C|=J ztFveK{Z2*zz?9sfW6+=1ojITWBMb60>XCN;1PJFl9A=Gc7ohD(imqUlI(>>&D!F~| zwAcTaAgmM|Fal3F3$M9RWy*X-$IhuyfufzGkYaX9ZWIq>68uE15c1zDW{7 zL%fn{>zTZ}_TU~yIx1ipJU+!j>4{Bhb{3`Ad!%Zquw^#~ovzX~((>sllBIocO7wR- zwsaK*^Ee&)YM}(aYj3A&i5OH59EivnLxP%F*FCtnFfuuH0(^-Mt(SBo#?E_6nC_B88Ur|xmBBCNnvUTQ=^!J@0OE$tcZ{vK_`HDaQU!k?Y{0jFE z3{(*81=@-Ygw-)Sv$s`u6PKCz9NP132Oh0<^%>AdcmAuY@W-n9C6m@JZU>O_%&lL{ z2f2G?uX|muH1_3i(A^PxD&r|l2ZWUA)9&|X++{T|Y#t?y4})CI;%?a-eE}7c;tvK5 zxxgPuY=A7>b?tjs4rjhZhBVU~Zb(zE87|36xf6Lp`rT8I^WVi`7}fgkZ{peXVG@we zUdjGJ{)LGMXNzPS#(cMRasqzgS8foQhE})TCX4EesHT}d`EGSCo27?3wvkG@-y-<8 zK%>avEB;jrfPCq74JtYA{W+CbPlS@#T&>hJdjtj}8IA@G>y$R13bHoiyL>d zha%z(Nu9;EEfT$PpM1?enktf1IQty|x27R(!}6uu$enf-p8IlCI<}o`wV=iHeX>IC zV0(B*?BPh^bR#4td;NOrkxeJ?=g+?@13g6V{qwAC?CC>edowK24>dB(ZA{w=k0K%a zM4usz=EKgmV+>ne>;esT%=s8B&U2=Jc?NdQFU}rFEbx#zN|)OC=#*1uX*8ayr_6Nf zKdS4=|Mu6QVid`WAW4SBS`7cYMDDgP&^bf+(Nc8M`# zC@O;58*EiJ$$FD0n*@uEqg(%2QHW=}=MRNf#+8nuO?rEt8=;HcQn+40wSTHJk-`dM zx|%tU+F^T@NP+FXM@M^8v9&%j784#R(@>Gz`*|?xX++={$!a4|W!(sL7w3lOgh(Gi zxemR#e!Xi2V#T{o7^;5LC*S$u0W7YS$eKG~;Xd!o?e1c*`1$5NXS5vum?*V_3w_Fj5YgCypzb2!$XliK7UYr=36NAfBdY*Rh7TEIuPD! zfPV)iQ}eqnL%_Ub9?Moj(e+KXzWGEInX|3B#nFH;Jn zN)m~voANk(wfoujk!QWu_5n8mjGytw+B2^py;#1>MpDu#IC=s>%fErr1|s^(Dm`>|J(q8rIJRCB#>}7XWvb22~TC^o+!n zz*QU)1Ci2h^|Tx_;d~`+o4LwSZc|#4gaB-eG=*}X(_A+x z@3?q9l;-!D|_M z8}~E)>pRwwlKZGGm(FtSsb$C5c;hm{oHaxvP1Zt?A2?f+1YaeP3nWn?T!nk7CU<;s{v z&8Rgutnvwhabm9634M*G9fcx$Ia{u&%gPkkU+?(%bM&I}&Yul`FvI&|!Q5EfJGZ4o zXjj|nFQ=Sw__fAPyLWJAP=7YR)Ev^JkM01?8f|GCliOhur4?lSR~ykUw)~I>dx)UM ztQ*L8QlS3~L8}=|)ycR$J-~3bGQ~2*P5{A`c)*=*+x~v#+>D>!5TMNTnfZYY(w}-; zH^NhYKuuAWbw7%^kt5ZeSQ*N5i*%?P*;*>;jpbG}7>iGl|MEZ9gz3X6vIX;Ueg9_~!z# zcgS1P^kPd06)x z9|fm*SH7xr13zL1oY{Yg%n$H-{NU_iT&7{rKUZ!)xD_ek6afod%hzg2^_cR-Q=&F%!E7`Hsn4 zIr;5dV^?%048@TmhY-a$c1us0!BRP`QJx6C^6tey%HbD%BHu{Agm@;MrtG(MqG3KX zIS!Lq@9C@BWx=oy6modINXu}3emgTqR%3{Z)Ut{unQA#QkObX1%`jPh`6hV*%v-5mO|?_T6o}U7X_% zOI2|p24nF*-HPnd>t{%JjFRs{prO*2;?_<_c@AmOp9}sU)UbU)OoI86FZLHG-!B4v`UakUJ-h4W+Ck!>28d26?HbfHdYQtZ8meSYww#>z>{ViQ z<7qMPh!z}xR8a5Lp0ZCamsCl5n@F8K-1V+Fnf1HQhS_$eTF{?A30Qo-dQ@yoSe9w~Wc@8pyeyosvO&K>rt$X~9Z;v3F&mt}tL zzXb;J1{pUcu-PXWJlx~UUoXy2|KnC+g=`v80}wC7>Liy&86;gbwB4Fj8S87COC?<9 z%DUz|n{su)5w}epW8S)bCRjyDLI9vyo+n-H&Q!YE>QJ&&M5v8&xCk&eQ)=FU6#amu z$;URFhso65>Ibb61`jC%(fVr*dGPN@7}CFtoG_ zu8yuuc<3!J#H?J;&NiJDg_$7!_3q=-_+}mr794Fab+>v1sgEgl}aUEDx9`Gm2^U~YaelER9-T{OAO>>+-w-9EV z(kfCHyS!(i2Vd?I9|ad(<6yPks&`n)jdPu|5mNW*cE2rt9lC?fnX`B{g&3f>GDXh^ zBk}*?O3R3T=-FE#<$m6EJTpeoLswm$KGU$)j~9xPgS(5I(PKHplf1KR+~D~QeeeLqG^hl&{F@^g^;ufgoIOH=$O?0Zm-^ zqW;QZLKpX93^PILJl>XZ)UYm+(W0d2WRS=}7+3|5!H;(;U6kvpBJ^`t1wL$wR}5}a zlHvh`nUIG&cI;u;52G^t`{T>|#hhn`%1d<*h(?M#S({?ACCY=@=p~$Igm1a*qf<6z zSe~_T|Ksw{FJdL#48A3X9E=JPsp2YF zn!&l0nnZ+P&e8MgGM@+5tc#k*b}RrBU@S^l>Lr)7m%n>U1rS$)i3}@?vw>h3RDA!q zv^BQsx^C3j6HjimK8o{xy(AbmIJNMB-pdq(n&J5j%T~?=Pkp4nq;E$#8p57SH{Ovh zo?9FGYj<_`x+B$2gN#zSI%q&WP*(FGDM(}Lhf$Evm5MP+EbXU3%Pk0m&PmCoy!vtg zEbMzguj_+i5i5t`^!rQPmhrh`*)e5+78D0&ld%s}4@Kkkhzl`%H>8O(8gP~V^=_-v zxRHAnOI1qxxW?NVF!t)w;^YHfS4m_9QeXwKA=sT6n7!5b#%T)r)a#k-t20Wg$5IQ% zI|vCLi! zK%m*GQH}$hQ?i0J{yMIOT{Mie?e%>eiHGt33g?3W-zP7loQN0lU;z+{Ko5c*kpYuq zp|mx;DjK^|=de$s!1$*3ZccXqpz?Q_DBvA08XUKc>JKS2UlPMEm>&#MAd9M!+&hSJ zk8xZX!@8Y_htcP9fW=kiy$SpsgS@og^R;p05TD)hlI zBA#@b1zdNe2Z$~RQFGP12y$|8UMxSN4c0@<;QyUp*;2FyEnEJ-zD z4#&6-zXc#D52cC~T+C|KIW31okXPKxaY~)c6>L)C#rWB@1e*{oX5ym7D*I|L@2Yre z!Cc2o`KSKS${6A@J-#WXGj#ib7}u#P0&x{vf=(gM5qkmAPX2Qgf}RlR(4B|l2~C0R zc~$RVbv$jif)92N)8r@`gSlVMbqE-q`)rb4e5#zKb#Iw^@2B0oocCqb_WlaRzIvg& zZwneC{Z>b}qh&t%%FG6wBsCNP?1A@?ISFHt{e?DZcI;~l44NN>LYVTj7#D_ab;+_#q|IDAE*SFG_bI3wJIW)Shqt&KgPNU$ zKqWo4u1VwEh78=^`&H96&CRW4m5({fO0do&=SEC-az~G6-aj1DAA+}d` zZn&ANc=<<(MJKVI*z1oAe45j}Xc1^~{ANuOAh@IgP~l<^6WG z6RRKC0Xe7n`ywdBLj1Fqs``>Ck5!SBg+Zw$<7?{bgG*FdQV?JPQ~O1FEIsF}XD=mN zGz}B9wOB1v-0S_60U4~J9apVLEBvpBZD)4Tuw-0S-r$WA)yhwGUhUONt{C|`~adn9_*$^*D&(GN-dUjUuuiPwLJvt z`~qko@&^ZDwjnj%0zf3BmXSfe!dyvW9^bJq_pn^p|JwJ^Rhs?#X-5Uhi_6Q}^xrp> znZ7qJXg3wK3+Xx*VLH4j=xcs9-dI0?eU4QtAn_30wf)*;h<(^Z7qTNn`R0Kmg~MNB3R9fiAe*kck5OD$f)@XPUN7Kif>JQA8_pj` z5md#2Tlmma?}KYfr~pvRywBPtgdb`8HDL|-2lXD3MU5gN;b$n^qupArTa_~=fC9b8 zR6fWROX#$zf1@tX(JIQ(YRbWJn>|5paX+UT$VC0Fyw2e|YiT^u-0ftGd8d6!rlr35 z#68kQ0f!#xz~79Hr_`-^Q|#oscw&X!%SwgaoUOLg4Aw=^>#Yp8zRJ%REt+!}4a>ln z#;npPNiN*#bgA#cExj-B>~)*(Vnc@4F#%LZTSrF+;OmGrQEv^QriGbKOnQXn5`oBJ zr1&xC!aeNt}MvAC%(7r}pn(z92pis9DAQ(!rIuG?+GXGNC z|3tpgB-d>xO&pl@eB+wq0!FYSj~q!x6CrcC!~2-Tj-f2A^~ZT1JSNR9kL2Ja70i?3 z*G|&@r+KW4UoN%D$a{Kjk@@RYyOP`mt9+(CW0ua*~`?4D_jk4o3c&b zl`M5lpe5$JG0C32a~AER?U{WeSc0LmzMgfK?UWN7HGRplo?E9?#lW?+bL6`aAofT0akC~>`qKD!S}_53Fk0%R z)u*SAQz(rtl62=Gu5t_Hj7;{gR@*o1k0#(fF2jT@n3kp#b1F&<{eVL$V2hgzT^Zfk zS-(L9@9`Azt9M_u-s06r%TM^d63c@g?h>p{GYy7-OjdM4J_xroGWfh?QB~VztiEaF zRY(XK_EfB6Utmcv8?m1Q|C!BIiX9c%HaWVtWJyQc>4z$OwR(sh74~SgSOPGy7O~4| z7HF^z8KepZUNDH-UeatDESY@Z2q?8pp0|ms1<|j<0@~Y;FLX%}r;YSgkec8SwgeBU z*{Fm!HybA02TPdtq%O4A_qLWmu^q&cPWE|t42t22tApNR+DS#z`7pp2_w3t*=zJ%k zQZ|*-XI_np`~@=Bh9;$#DI&|WS2ahRaYWEeOawn^b-s^K1t2N&YVX2G2S%o#;xUX; z)n?rsPC<^bH!8T^Ut~A-?uYKCgg{^X(H(-KsVUpf3dDwKS1fn$J{16HlDw<9rWn5z zEv~)+sZM4EL%=z@u2j#bBMo}b{P=laUgBNl~J*u^vp8SAvkXcS;&(=30# z{T!)>)~rBqw5k%K{n%E9Dy;fvaQJ6wu6bVRMO*!n)KdK9yB&-bUYtEqybx%{!F~$h zw^KZ3h8pmc#L35P7H#Q>J0(7uu%mCPT9V<%j~{qF?4sH=_13b52`2~Vu34LU33|QN zFC`U>Mv>7l!rxVLp-Kr|J*^j1eX4+apX5+%?!@ZSQIT`_S|Mxzadj>SV4~jQa=}(P zv^qV4^hIm3m{RiJ)*d%k94ViF+H3!yb-({(T(5oSY`;-!ZApAH3#}UP>i5lXcfK za92Nntgz8XEvvx*r@)reKgH`}*u{#hAD;0r*|uZ6Xudml@kI>UkCv;EdSAWhNHW72 zN9EN-s2cq}c` z>qBnDm0z#J?#J%f*RZ6BrPuMYgN_LS#=wa5ezoy*s&L`PttE$pXrl; zsdQ3AG;eQ8PWCo)7)uzbd&RANN6rHV5WNvdkZnw(X}I>XH2#ZLbik~Kgb3c}-b1ui z$bIUFId+Es2!LOQDubHEeIsi_n`rW+VZ>|Iv%0G0x+>awmqi%+ee{$#?$OZI?zff4 zbDqUGvM2m+A1f$ik&HJn{TIrFx*d-?&y9xbIu))ws}HP=ihPx8+OEZC+V=IVg8KiX z?7HKr{=fe><)bBvsLX~@Lb7F*q_UI9EXv4A_U_h4La1b9-jq>Rvgd8MR6_Qqu03xz zd;iWGxmO?l`2Er2adUaUU$1k{>zwmC=XuUCj~<8S+h2nc4L(2qaB2(J;OtT+ArE(V z)8-hBRK5I+kVZBaWLhRNl+Ch5xdaBJa#G&4#DA7AyZ8qS5dLp=ebUvysOlWIxBS~A zQuGRqvhDVUr#s6dFsl}qXwSR2pltEogTfYy!nc}F&tlU8Cn_i6`q#(bZrLgTF{`xw zCd@0)i)JNcBGZv)q5skZKE_2!>WVq|>`;!{w|Qp5JpV!RQW)?x5I9T!Ujr)65o#rI zM~uh>H6-ORX?Yu@340(&BBW7avuyFC!?$)FMmzR)jv7>av}pJ-(r+`9!N=#`^}gi6 z^eH5i*L51ULX|)+aFdUM*5h|6hk*<>E089hr9hwYaD=9`Rq&DLU{^nOybQjqnY0PZ^wGO>($|n(4D!r)l=1rUMb=rcC`}!P zFk=f|fr^1LyW<1HYDi9X85)uoLS0iot;dRgHnp?1tq<;n2sjdO zWjkN9^1x{%92<~$6*i>O2dnoilHpEFg_baNnVAHS7EhXhuoL1>d0Ez99wb?XVS%j? zk5;O?n-NPK`GZ>?wr>yHH}9qVJo+0;t&)_I;azzFvM!K!f zWmrrc1pbA}%S@K{f%Zd!^!r+oh&v}Wyp62sp?Hw$=S|qJZw99NE%*&!#=`N zQ;HAa*jBS*-Tq!M${Y#ZyLi~iEhQP3%loobHpB0kAPC&_MxUM+XDB%>UnlvSS$6P5 zIDTH>o4@w6IL0ZB_OIRmf7VWpG`6^{9kbHd;+hL!^YI8e>!KQRU}yCn!f}gm93NJe z#Rk8jT?~~uS3Gv#>!!p~Z)g5IIv!zq5>OPIXOml} zYl58Osq|CELjTePNZdH90AXkge!unW_BWBOiXyUea>&bRes6gxf*eLgSf*75IiK}G za$2se%O#Z~5p{6vEvp}j;8;00=!$(~{%+p1lA`5w242K;oS|HjPEz8c+JJ#Zvu&Ku z?&3qWE z934dg6T3Jq6B-XlVFvpxI5>i38AJZ1DFry#Y;w&8&&@z0`z{IED^SGG0375qKDHUS z^!O;eLBXPzr#!=0+Il{Yo8X&oRNC_uWE5P2N1y(sNuU3?k-}~Uex$Yaaj#U{bshQz zccS0Fe>cJ)WE-c}eaMmEL=Y*5+Hx4nEK~2|^8B=M^bVE&+#Zx1Q74>kDC|}GX5FxJ zePs=!0Kf{G=RN0GA+QiK4~)S;8yOKregxz~I{b;(rRKxv9Q#ga7}2I&8vJ!&tgDzN zo{`$ifB#dj5e1S8q_s|FEgUar`jrRYqk{*ZwhF+({~sfIr=W_ixY&Y8MJN5b&D=m# zSJzpn9CqA9QmnWlSIY@4HUt}cQaf37NeQS#kSVDguW(aC`Z#GpTiM1-A3nMlaf9R7 zpi!KPcQXP}ND#68_T%F}mp0%S^=D*)@j0QD3C666@W^ii6$40O&IQ!pw+V*oE1R(D zgIS(5*;m*=46qlxn5osy?EpC#uHN9Ov`^uo2ZtZ5v;suwZh?7au}IR<6v?`|bhI2o z=iJei)oGwsdL-gBkPzyMh7-_ne4`Vvlw)r8PgrRI*m(N=HXl9Y2tJF0H)TyqbZo*x zH6wO>QlbUoXh+rLu&*{#++IY1Y(hZ4jp0I)t^(cZiC)&L{pB5(5>ABWCRwoC^nM@Q2bliYp_R_(ZnK!KdR3j~=FOYdU$4J3sOALi zgq44Ben~)xUc!nLeSQUh&z`NWwnP zi;_T0!z|?&IcY+29Rp67N*ws*T6+B@ZpryMzmfBE502CEDegpx zJ~8%3jGELE$B6L3wYpW$t@_I)&bTq#E`@r_3)4$hKr z6)d$@;eXq|>>{Fqw`Fu~!6w@ju>_5JJXhPK%f2B0jOBLKF2lh$LM0_F0bly3e{bgX z9dct4bV5mzJ2Vy%N?UWYaC_Oi^@Kx5{*K4ZS&{j-L1VM{pU0!dXsJ< zvNnM@3B$s#*fwFYWer$As`=rr;+i-=|NC+|^`b3Sk2YW{S`(ZpU%TGgnF(5BUJ=i}icR`N8B4w^Yt%_`XkU0yF&oXG%hAhh^6j5;41RaJeYRImHQ%zGxp!D>e6Y$%ljgpksKzaX_!j|A4VSUD+PgTj zvif30Dhzd>_p-@2j1t^%0IE_EJ6Ze*Vdc&HKVfL?s5^ z2n|`AUv-M^b1ISXt5}+jwsi>cuv)Cn^K8PB%U>yFVR1`?OH_|)r@^-q$o+KxMk+H2 zdAEh!_%dkgBs=o%2U5%jR5ii_&xTmDc>hk*5D*gzsiCR4@Kx+=Dki+H&lQ0O!zk0B zpdeFU2sM@8g3h5=&1FYb3^!pl77r*TT~JmUqBdp{6ax2vu6*Ix`n_7WZ2ikA`s^T` z_J`5e9!CU+y26n&pPC2VVlg&WY(ce+lWuHBEV$;-o?m_)lTJ=1RXFc=!NFZ}BVc1_GQm4y|NOcz+wjJm&#B|2ljCFlzCKJ94mc%z5m&iXcUM@cEgvBLWcTy9RX!(ykV zYSKHq$#+y&I8XHLektdF-oxGL!^g%PQ?;4Vz9)wbXP$i#jeG;Gxza*z#M|4`tLS8= z9CEjwtnnzU&y|UA8*3D~onRK3J}=a_LBQf2qSw0H>KG7trTz?1XEL9?RC=_6X8K=W z&%UcDv=`lz5Sz#q7r=j zJDe76UJiD(DruW5p|rEi5%|a1t5>g@w-<;)YCm{X0OGvJOpl0C1~|Sboh?QZi>~7H za}i7rCSVFw9E%v+d|PLFl)t)J{m`$;qckO@FKF0@tY_2{HA-jf1`mlwrYT2DBAJsu zz%b3=HGf-O``xWpKxRd+QZSwtVlZOHRUPLaE^x?S#6*)Il(13KT$&YWxq66biX-kC z)G;^|2S3+0x7TlrbCVLI6q9swuZiY4pXypMUSl`lajy5eahF)ZmrnQbLH$yfN+~G_ zK|+Mo(su_>4r`=g_tzjkv-%{*o+jhY0*6AbbAAVc7K*a6ghmSSMUE3q#x>EUkC>V8 zj-{t!09B!=*MeNi8?Rpb6sKrCs_PJc@ME0o*RrzCkLi`oo$8fjK8m}!i_%U}&_-*& zJw6gexYPVO;ov+@x0Ff8Rq^!(!Ebn?EY!isuQW`h%|L|9t}fi5bGYcW$L>{Xyrb>GRL*2A<6FD>6Dk2DtcUh%TKkJ+D797mkvFJ-R{PLxS$O z&OVQY(dbSIyt~7r{rv3nZYM2!zCE{|>5rE)n4S%{^f`V1AAt2ld@l~71lZ;K6f$03 zO=_x2M*}aZAy+Y6g@$+om850!Za(L(&u#DWaA3q+CpKXRnwzJp6!{Iz)a{1q(#>3_ zhCZdY6>Ml?w}G+?{%&Np+?$d1C9=f}(dC6bxiZmwRh`8hahLZ7xO3jRQt|CMcXY$4 zRDcsjLB7IqBDWX!*qg?%`;B^HWx-r-J|qYau*q0$^Nc=_Avee`bbzpeNCUOSYRdAp~xx(2)9U zygw7p4IjZcJN8BYyHv}Y4HPy2ypf=aqf5-8W!L`NDHQk{W(}A<;mnT8f!t+sx{SK) zu5tbG9Oupk1X@1YRhX@t+}a$?t({doH$B=(*w2sqw=+QbzR&#ZWWcu0QaOzK{DEMz zCr~rnxSV$*->GFYY+!Ds1 zqA=4c);p^zx)`E(E4L*BFBgBhv^4mtzW193tMcilKW^pdRL@SGJX_Om&NKaE{}yXo z77E5GhtqBTXJ_N}H=yo?EnD|VP5q?m+>H0|*vTZ8Ar9(02i*;BjVepSEOQ2( zmr<~?N4~=V(P|^?eR|pQ=8!uhIla#V&gs@YXtb^D7nQ29PQ4#9yRD&HyhwC&bTmIl zR4Cu!V?tK`D4=6ZgP!jTnFqy3<0Ib5oVRw^goT+{Q%#u-C2y~P!bQeMHAn0bN1))k zTYA1hX9cPGF&+%`M-y@T`fQ(+{WnW>jbuHh!G>htuV26R)x;}JhGl2y29#&;Y0ti9Sdy*BqDx}~6Qj78 z3&jVHH3;6Sc~Kb(&bL*#t+N5*fxr#NDZe?ls1FKgrbeR|BOcg-_S!2vH{w8OAFTxV zp^IE^MI?i>Oa5I01IJI4!e?))s~6y(%Kz(pz>Q`nxDgsC%5Wj9l~ofVqv=S5h;tVp zJMP>ND=*tYR}BA3s=Lb^LMQIoRQPv^^|iS{aX_0Vj!^@~9=*X==c>8>mXM<}KKy2V zJTe%j2^b38N4^r_->!v@g)B~Pn0mV5=p$v}1DB4o*jd|3{=h{jFO9tm`pz_~Xi4+w z)JOq8yK)%qeF`dn$YY7|VCH`7*0+hGL#O5!;=&Dv!vqN^D%WdXCk(@BEnvjVN#3`k zf|Y9Qj{;;k6dGUPuU1O2C`(Dj|8(%v#YgP4#oA=)M-GDmctG_q-Ty%N@Pm!d2Lf$A zE3DVDd_FX{XdOm}j)g_M%DGt|GU?c6bG29RiEG`JB$}%mPN;cylbcDAhq=nqGwQ^ z;$O@^tz-Ms)B4v33gPDXP4H$D1=ieq(-RcT55cI$$pi+{1k%uEFCO9GWal`_9_{Wn z=>x4Lj?O!nDnrtwq|0{}PpKgu5`^8`%ecER4?pe3Ibx~)S65D=4uFhJn(d@s@A4iw zw`g&pH9Lm>gdkM$-4uEUbW1$)WNjP~gLQRJqv)%g{PsJP9PE`)IMq+tlo>K}*Pzm} zn^0vFe>4B;hTioah+ZB4S>7PF)Sk5TioiykHq{u4?d1~DgsXCgBsew#EbX5L499P*7!CK3`x9f?T=`Up%(sj zkLG7M^D}iM2WidGl70#9rQe?YD`A+7cxg#8pYi$HwLvE5OdC)cW0hajE1B}Bymz_y zdHc`Dp94iGdo`YU_`-DyIFz)0?;j|FO)gP1Ed-c0)WU=<;CtWHB^u7>**%GfZa_s0V$@Jm>)gXI!&8UeWxL%-6MlhXv{`VX{vw8laL z23?FKY39jlDQKx!ga!PgBWAyZHC?INAnr%~ISK+y6BC!^mT1DN1_XHCtW*wUVKv^Q zA>ON?{%rH$W*=iFQK6DyDKw{xiok!INMHc+*WYvCQJv@hRGkdNd2aNd3WftOeF}nz zS%=*jj_b0h6yPF0y;KfJv3MK9wkl?SeLzjX{nDJu&TJ(IA_`aT9)+cl!AUk17L_Cz ztc$3u0A`68sA@u7PEIZ^d5o)%23it5)#U5X-Ohe_wP646u$ll8dgX++FH5hLcG+&u zvQ$@rAVS4LLgX-ola`h5l9qxCPIQfuXoOn==*C!i`b}8z{Or0hK#Q?iFfAMQzpkf1 z2&9?T@Sv65^7rW7z*Ykb3yW8qu!`X^hF-g>FdiQE$jcvJM+I?d#Jw1U(xeBF+P-Vx zwTmeN9g1=Tx8ptgEn+$E3XNBG(zVoi=IKg_ko4^KBL@+4l#rBUzV+xX2C)n`-*-#L zs7w9Fc!R$3(!4!L-&VmmM^0W|E0NQDslMUjcvz#_&# z@L#t1fPPB5Sr$CTH7&X=@yO4hJPC1~thSD))?Yj@ZIf+^Y59b4Oh=8)xQE$D9(HPO zqP_ezMl-t7p>4sFRpla?U1nz5>zG4NJ!ZMGEfrJkm5LBM2z7Xt5Cwdu@UAftrs6oL zD=)L>KdZY2jmc!KRys#PS=)GnI7hq*+lS)vaN+n5LCHZus@iIS3lUq8Jp29kHmN** zc@nX=w9~xby?f|QvGW#ozoIOw2ieUpJHlPRevMI!S5i$gRfE}jAX3Y-_3(k#l!l`k z{?A9(X0iTW5sD0gIL9CRsr<8i1l}5>W~c$KnS>b-osM#4YmnmDguS8g`}JZ)hT9hV zUAu-0Sgy{_jy!W{m`ue#XVN~F_|h^yU8<~lRAO<$bO@h2WZCdr$@l0uT(M&1%l2nPp=LN9L8MsC@CzkM`%)O*WnI9m9c^e*#?3LW26CYl&1KnSKFbb*{oHRb&&D_+!BCC$&cd4NzALY1lR(exA6TYEC1?Mv+$1l#AN1P>p?@_%v*uREP@cJ>xftH6+j9FwUFAgOxf~{ zGSS=B;QJGkvg)g^VmtKsUs|i#GI?&v3u$0_E5z<3-8S$p5N`NLw1QKkN#^d4^SxWQB#FX(Si? z^V@4)3}l%@+>wsP?Zl;N9bx@kb4ZekhV{D-S$4a%viR@b{d|+%8U}4ME zO;Ct#HNjZuGVa4i!AxDsD8XGJF_>Xg*?D^1Q-EyJ1KDJ{AaQ^->IzsK^S$Sw?)Ezw zs-tzPbn3&R-d?NYde!%?{+{eZyHOO!OHTZB?2yHO={RJx;dLtvEL-D^lT^e#nrMSw z$QsW&0N3#Ct`j@-ef1Y7;$p6eE*7MBQgkc?#3ZP100@>w(}IqWzaBEaD&s1(WQ(J- zm|{r0Pfa;Nx2%u~**0I?Hfl~DRHf@eqV+tbFui&eej%T~)1zp1Jm$^SG$K9MP#kjH zFkz$Zs@tj{-8lC{WAdASEF>P;@S(K#XD2HZ^bZ`AM!zL@pAYXSHO6R0#P4<=mXG!; zle%qveRJXlf!eLl?t%nwGk-_78X)!2{xO01=0{J@9l#$K;C)|i=kXDv%gT49tF|gc zx!)(!QgsBhcnrgLQp zA)=|JPXOTcl4B&gNmB6KUFn}&TOCJ}312*>Fa4ygeROeQP^xHOh~8L~k$6AcT-SLx zFb|yxl-HK87AJlWv(j1<%Wxwcdj610@lFpo5E8GhfZ(Gr+g!)gqJ5>>?KM;b3r3&O z;EXjE&7&T}wOUEmqmpFV z5t8D)5~Zp?mk8}GP?z?GiqCgBnoaw}SYjMf_4p>AOVQg=`4Dy7+6`c#bBpHCsRZ{w z#6vx$4xOFx$r-QY#kLpbVP}=Y_e7quJMLX1c;T+}>{f*^_e;n1i{81>S;eZmj1TM| zjdDr~GUBIPRWg5l_|6FQ=}B-}>Ae9?j`XRmIv$JZX^zu*OE`&>&bLopzIK6Z%S8}` zw9EEd(L_eA;V3HxIqTzsOX$L-Q;E7l6Po@bImf1?U|(alv9nJMG7slB^ivMyy*f%% zU2EJh2n2%8PM)t{?YAubWXIg^k)|~B@du%|-xpao?|$i9z|c*@3S%n(eV4~Suo2!0 zyVSaQHdbquetYOOGi((hGu^A^`HAWPU8(W`RotOw4rx{vvRr7B2ElDZmWB5`WexRp zSSpXPnz6}JCVq(trW34|IsL)e-04unXFbvsj~)9IUlPo%ZP+tp+?jO>?;RG_Y&-XP z_ovPXexR`hvP~LJ)A|dER!E~28f>2b1}5mx!u1P=9|;UN4cKSajB!i zO?u==48){d_jlsO9FSVTm`x^dqeGvBs4}e2bI_6CpBK6j1(;JEb&5Hfp7*#bm&Kxw z&8`4RiM-%ro<-ZBbF#D=nGe2j%*SyoZNHT^Hj2!rv&7$@VkC!;XYRcm?x!4!ax}g^ z*^E)Z-u7GAyv|Gq1bpYuDSHoug|XWmLpL7bS-&?p2(2C{k&}@QHh;89li&c>(@H7kzXSwoGb9nJ`6@e&AN~ z+v_r)OubyhPNx+Vh>zqCKY*}_i|gpAMVjn(cV%dWfd8%y;rYjhl^zWYU?R~uM#IhL zC?iNN_g#n%1ucZ{x-lgfnP&8;Y6Vd5bq|kkthmVn$P`cK4pyc$qcW?@`z7A-Y0}sZdqzb zbduvcpd(#)3lA~7nU}O2=sKX1M zV=jbgq3BNCz|@eG+i@jHLgUnca1jH4RK(uR6hkzNQ%|VkUKATDi*f{~YBo`;h|hGT zLpSia>;5-JZum*KLC6OHfL-fr329aiFftLLJBeyqMTabV@up=#j){}j*ikP(pDz@< zcvAkkEPq!zf4cx1ddl9D*$MYNtuIr!`Yz6EVd1In1J|LNMLLJ}QR%rBV@c-T`L^d( zR`{a+Pz^oZebMtck5?#cSKz;UQws+u^2ISjkhJgqtTthC1l^dD`WR^;_J>TQAEY6Y z)+bB+$zxU2tWnXPbbY<2_71JDc3T&p{&ceWbryuFEl@geJI?L-aeDR~M39m+bBD(o z>Zc$u_#j4fjU^-=73ng>x#{UOB?==s_pi_Cz6K>bQsV`cP9eDd$MZY#^dR=BvX2aa zncw6Zz>KO0Ze%M=km=Sn1teH16mwN7{Anp^sm_Z*90zoE%X2%wO`h2}WeH@xF~~^$F0(ia&6eMHBI<&xW#X z6B(bV{K7p((_=Lv<+6V34`=jBw|bR1~o1`xcb?APjCgWfTW# zJ1u4wmxc^>aSKjJchD!idE;MGS;(p9XsV~0DK>C-w{>rMgDiBy@_A#4-N;Ehj-YC- zHO5!KtRMlbawt27>|*t7$>;tfwP`YQH7)@agbSYlC{2zchszk14&jSqcb%tf)rkA2 z2PK&r^Q+EEFt9-iQHK2Lc7uAd4#l&W`IJ2#4 zh_?)=Wj&*(9vO0F7sXx*0~1_}cq7-t5Oug{a;x^=6Q-a(3qt3mzMqTBRyHA8%R zTR)KX8a*nuEVy)rk|B(HG#waN>Hh1{>+-0V8kJFej^E!KN#Rd#u&?z(3^99hM%s;W ztaif%@u2c$FwC9|VwaRg*0w>Jdc(%n5zlU{XmFoF~ z=xINpn{g;*qycJPLPl7jqZ@c=TQf9aW!Qh&Nz}P6$|X92rLy3ifW@yd zQ$vHf&!{GgE5;DQdk(S{uBuIJF}~KiW+cM*`MRV!eqxzoBsrOhD=3N}h`h;zqayKDRmd<(2){ zp<4S$atKIkQn#Q<>OnktPuPrv6XN6b6?aIuw!Rf{|NU@fWv`HxSwi*5dP*8u88}N> zVy{VNT-?z3@qAjovpv2io>J+6AZNSv)C$d3s#MrFiph{8*DaNn7yF0;2`gJErZj!A zl9AS)l1+rG_C4g9moTidbECtLR2a6KC=v%AvF4N6=xguJmYlfM{A1JoN&iuQmgqJk zJBU2|cNc56D}5T&6rCoy0P+$?zKsNOpFd57r>8HzD)UnR*`zkIJi(0LsK6U7tg z_}Bs5nF1PZ5;Jd4PRFfFgK_yao$&#RpNlD!P6_0f4?Kd}F{Ext@FLA>=x5EsfDA~| zxNlf>r7i|ojrvHhS>URRT*6IXxH;PcMntk;d1b@ktu&_0tv}BTL7L?thui~*2Zrg0X+3{wr`_0u>ryeab&Y@z)}->_}>0{HrSmNfe&S( z;=WA5&-sYZdvmX41yTC8p8*ZWnss_N@kj5Ds%X$#&+7M-$ft5EGq_F?It{yi6s9*N zr2ul1SP!+{BbU47k53$pT2+41)>~TzJG&j-KfKFmgvcAcp%-3_(KGQW+^djqw`bk@ zLx&)c_XBkK4oi7j5}zQPY*J$U;TOZGWtBrH9JS-GesV%>E7mlPLt+1ZFFz)&<%L~AX8Nittv^c!4%9uQqkChrDseg? z$esAiP>kc8XG2Yof5ZuK|ELq<;eG=?|3kF_%bYj#=S_hI!6lM|L=z-^dYiap@3`Yw zuB@q|TInutsL@hU89xf)zBzbQPea2Hky&fx1g(M)>?TJoadbSocuSPCskOL>%jxFv z;>{C&P&|=Wyd^^(Z3~7}-T`m7LB1^(QN3ET$=XE8C1*P^+s$U(@lB&TtYj!#Il^Wv z=iVD-KDe?Yz&W?Q$x@5v^`@&?SaXIXO{CY`SIfq;Rt7?ZtNMFQ?e|UUu_==(ingQoEtX zob(AqV=j$Wf$w+N8P^gA0RX}D+zoHG&NRxaYHQQa&)No1Me$`WlMKi!Z=7nkLCt6^ zQh(Vzo9aSbIXTZ%f5LZ-Yhr()0pYG9+14})qI^EVDG8qjP;+pOj>uB1FjwLRC+bwENcDDY5x zv2iuTAH-%dWWUOE107zKEZ=)CQSCHT6F|rz&B-!~sPoq@42v++{8XGC@nvj>-ny2T z}i>=|A}yKB4cCy^`mA7?scwjjZ!?5_;E<3pWSAg zEKAmeRBVm3gH>Hs3Tr-?!-SQtNm2TP=gfvqt$00Z5NM`xZJL-M|O54FFZ2r~zTw$Dib(z$_s$GcgeC z%`ABOzbU1)jM)O%hr*Q(jY~VC4U)#zzj2%%58}i7?Ikq7%cRWYh(9(Wd^@$TJ=O-v zQsm8#yZr7zBK~if_sTc!`IRKL0^x)4 z?D~=iKFMiC24?1s8N)8~mD-7KuI^@iEQe~B$Sa=Oy}9%5!FdA}jGkW#1ZP%ZO#k63 zD-A6FdE+_7wblXDsyUQ~BbUuQMQsC%-)@G#-E5Bh{1Mii_W%nJq&wX+sx%MqS**|l zb0nyVWOXF6v0(z5_VxRFY>9`boyW`TOz-kd?`%wzV-&Pr6oH6^ZXO^Ls{O8P(7>D8 z1i=N+eAu}fkz0A8J@1J{zaYYQ{vC$p56b(|)<{;%|3LPq&A^|PnsuT#xk3n)1F-$r zw8}iLcR%C(Wz;m6iG&@qP}=)kzgl5ISM^^NUxp)rg1Cywj{%G=D?JgAI=9 z|4>jSv1hG>KtUnBV^@A8I!od_k}g1+)e2VN^iq&-m9@(s-lo5QMBn~UE=o6aK}))7mgugmmD#14 z%ER+@e?c`(98mbVi7HNfEgxv%TZ02gd?pDR$(j0Ah6Ru{7T0df=q_C7H+ zG^0i2B$<=7Z?yoIqOqsz@3}Rx9B<>*Xd|OEo$>emH0LdLH3kU@s|K z)$dK7ExUaqFC`hdx!!ul{`dC>Xc`x2v2L^DKJvHT27@%rd14vyZY@b* z+E{Hg!XtyW({>y2s1?X%V{?)i9ayG{N!tM+kkS|5<~P8i>=!k68DG9^~tPe_GT}c%#4+HK#eK zs*mj~b!)9YGSf55*--osj;l`c502|cyF~bSf!Er%6Zww%h=8OXxv7xOG6fcX{&y){ zZ{hKr0p?(E55zA4&2E`LYO{)_EAPC%_AC%Z7d?;Io67dDYsCPd*%w3z^`&~Z>Y^$n zog*F_B>IGHPjK+(@c2kkdBk9EJ>|B6-rYXYXTT&2SD>k{#?4n8{*qKG%-I<{R9; zB<~{f3VAp;(uySa#r`#``A!BrC)bU}0h&lz8FPTYx2TC-kx|IfBm$b7geTp6QcVYl zbuNqlwXJ)o&_N&s+S{rHNR~zon157Yk0b+ZrXZXh7Hu)rEjA858-R)gOi;~4p(hT7U!`gL`6a3KtL zcX(%zZ>7z?J!fX(d0OndH;T^v5C%g4tq5eciN3G)wVG|;_k#l%hoMG3sIHpVIP`YZ zqhXO}R!rRAw$LP<(M%{|OiA2mZm6NtZ{iJ$|J8dP^SDGt~~7S%EM zyV)y$K=^-&0c{a*|0n(lMBRv@_15=&3ptIjReQvPJ%OoErX>(MHGr#2v&H6VrrnWA zYRVCsRP(@4GPXj77US zmoD6&IUB;GTYc96CXv*n9(fxY@ixasldu2Qtl5hliSl(MDti9Z6* zkA0iD$0dW`qa}U}hS2fcl-0U?#*eSJJC;!W@g`v=Jn=wJ8y)(B5*e2-=OFc$3${<@ zhLD=HOSB2ezRh`g5A&K6k`+HTdz{i0`U%63tr$gIr5OcoT^k#&TPj8aP@8v@giG9M zY-H+vx=Y8gA?GVeMeq-?x{%2fzE2?-LR>xP|4_rqiV7*Wl$0(i+yhRA&>i=EZlmWL zLeC@5#Vvp4A=4?@c%{gfhVe>YthS>!v%%k@ACnKn#N~;-Nlc8%iW3_cxK(37)#@Rw zaNv}{uGUl!=P;a}%W%*?dr#TTEDpCh*+z~#ar}~l(Ik2A3NB`4I(|4V6uxcCd6e|_ z>+*q5<516pO!@nt@x<5k-^lxRgFTYpB2MwMLUw;xmT7Yw#FKW^Tb@qspkrfA$8xHxNw-oulOO zh?`MpSZljhG#I)bl!lpwT=GiOouvnd(Qtav1g3byY%SlSqN2u37bwVWi|_Qd)2<$Q z*rdbrt|>yvTQGZ;?(E(7Pw4jr7^G2SKi<~*x{XV$^Ip2YAGu9S3@nQBSW#AZjFOL> zd&3%;{G&akZ^E&@QX-kKrZ&@IUBsoXu>T7S2dzSLy&RS=@j)!Cz9eqCYV}1CkzPN54IS3>tuKKgOBmAFVJEwOm(|qmF^`O}eLe>Cm5b zfJPoasDK~uo*z{n z1^AV;T;cYX?|?3l-=5PzU9{5X&gTm3^ZO=U{}uXdNUA0N9LNMt@FRShcdcoS`C~8Y zj)=9RqX;F(NK-mTO78R%$Llp^PfTz5>&SB*LoAKRJu=UqANDaYd3U!B6F%%vR*;k6 zg$CU)A|c5B6741Nd*Pi`r043-nY)Y(2Ev+qo*_ANtiOETcU5?wvLAZLROo_}?{H+z z8tU^kPhor4M0Xi^ipnN3Ebcb#j!#uhe8Q5qs|NapLh0Mu+DtiQ4`R1BvLc7@FXc$h zdK;-C3z(wgT=Pxp_Gh2GV=o=Ghhaqd_QO8BuERmM4XOqC`lFVG`0MWTd7SKRw7|5W zkSInbCZ?*UCehuO%+1XOMsn|D$+NAuFGeFEpH{=~nXb$~_*io;tYuem6wh#AD`|NyQeWvE}Q_NUsME3}BWM;k_Ym ziSUS4xWBDZ9>>zCYV>dNr>d0~gt5MrdVAv|ztc!aNbng~M0h_os6MSqkNw&qx9(uv z6K-JAYmEDqNGTZlPP$r@ZyNgB9u~4{+3hh==^*#ImO9t9u8Di%G9sv<{1Y-p_^4H*B7ib#o=_j3e^={`6Mb z?J|5WhW6h zMxt`8I*Kw}a2>i1R_4vs^vM?Khd=K7eydFbE=4MMveOC$9K8L_<)a86 zZYQjqV^ex;V8Eb%cUg#>WORVJP@*sHg@M@0bh1@0As4Xrs^4y$ zq&bKclY8e%>M{S(AGdTML{K8!_?v`{2|B1FXb~YHy28T3w4bru1Uda2{&!6}H*BWA za%_-(^U(cyV3Z;OT!M3s*8X6fHM|AI`o1Ra5aeCi8nlExaFom=_grBdh zNe=!GrA5sdbkS7W8U_gwl4qlQT1MPXYW=pT3N?M>*?kppc?a~afi~JMv)OvYlna-X z%^k3p>&jU(GqWWHqMGD#ONBlyv zMixFe_FhcZ(p}-%m(bn{PYY{k>y7>0UB*!&E-Waxf7CT0v|_zj3wi+LBGIypmgJTs z&As*6W*;{aJ_TT?^^5vHe9rvlqo9^` zN&X5H#%$TDaQd2g#y-!V^MrPXNb2~cA#d0^(}|wk7cZ`Fcd%POwDAV1ZxWlh5Ja+w z+Q%@`^*F^+BZ%z9mO#QVMU-EC77XS~xFn-(fr$LWhlG8MjSP6r!s8WAE$>8nLJbX| ztuP$(LxEpjF~K0eLQaw={*lA2wQqn`$s%NQo{P{en`qb7j74dOg*5}HL zWIp^3H%|KTIZPxTensK6oll3eqIGlIbA(`*P%q|PIvd%B2~joyzApnL#lR6`;^yYA zs;xbO?qganlZB20yJ_a^!c7tZMqQ+ZvRN>j54^k#5xH#8pSCo2$(8z@Zd7TKE63gc zuw#Cliuu>0qQY6jvWcRc1%EjlR*|=|Z?p}8&(yJg53^D#V`Mz=JnN3v1RjP=Xmvur z)=3*iGm|A_T(| zti0>7>#^=Kg30x?db~!5NT8rGIKI6Q86^tx-?k@~pwOkI$Al55N#voRO)Z>8<&2*S zP!vDZQO$^%d9uTB{7o#OA5(NNN*m+G&Ww*j)+&N}rH%9AJ;hNWVR%zZ8$W`|>HTS3 z(@}ZKP(7p4gH6O8|EUryDC}Pxq^+Us~5uv@?SVPJ=mdQ2pK7dK|53ZRL57 zM8T~pgHR=~Q~kBJyd=kIE91W~f|QYg!M82np|m3MROjTvT#v~uOMi174{8nN`DemA zIN2Q(&WJ?M4|5rI*0)dTdl1GqGgoJt=*@Lujf;I^cf1r4qpP%PWL}&p_lohjW`Zkd zO4q`LxX;|n*xaf4nilWWa5Qb8FQrjR^PzUpsAen1sBLh&)NpaPb=4_lf40cc&hGYw zsge7YN?Y#76Gd99;i}T+4xySvb@&@ZXT&|nx z%nJ)M&6RURUOm1O+xPkWT=ib7fRvP!zM-K- zc%ON(&p6WFT);RS=ddu9*H}gjcffP~@dES}#ZC4xQbA|g#{yCkICSdoXt+PrQxEWot+p7kedD|+!QS0{Si8x`&`PicYs>u@$GV@!u zGBTt5r_*aNGG89{%835sbq<%EQq=Q!@m$bmAIwx>d@K`fpmOzTzWs!x`?wcFcWp>E zuqyHiLLlSrCW8Jl_vD$Hy!zk0@?i-}X^pEAZbsp^01EHErBnLcU*AlzNI4b=d zqTLMUO5#(!VQL1UXjIvcs&JBt;NoHLmef%&`oC6(sG^hZgs-EW%8P_7&Dq)#VMa$PBWpY@dI+;~1lXb(08v)ck$44)#`qPBx^x4?D=zPNC zdM>o%c^#$oAdct(bm=2U#EVvCZknrouhfixXUB;tk(d8N;s_{~tvYty)7B&XT>8CyqOMa$ zo3LLF4^q)(Xzuf=dh#S^;C}o$2L}gRd;4?XWB2s*e7ihTGZ?o?(|JRp-pTOK< z>9jXl@@XV$p!S}$D7vwug9R>ozOYo`mjY4VI`V^$c<|+9KEBPp#U68gY*mFOdIt`) zrkPo3l_EBFVDZjP@oaaOxu3mO&l8f5*6fR(9**`YDJhvsjh?^w$UkV;QM6;pz+Qrx zl!JAvePt)1n*kqQC76$d%-hfZK(q?jxmmkKTWI@bW?8^%iRmTC+~eL!bx!6{3C3gb zb=r+DPc?IHU(d+OIwusqS4I5D1&;N?&?*Q3qAtsDfb{Y;@W*q2L9}x}rCRsPe0uq$ zEW5m~89WM#`XcH8iS(mA8QnFiWf!iUc-`;Y(7^!O+d-NVpZ}wF>U%)p;iAdDQR{}u zs7F2KYIDW1Rso0`u{ax$jSY(zitFXLUIP4sA#lqI;n!UkSJFd7)3MmYJEs}pXs+Bk zl`Kg3)j4RGblE3}OYEhap0?|7mX~quhjP$Z-}yZ3=YD$3KHtpx^fs=LN{V4pa!zMv z9#IfBm704?S=#L0J7LD3^U9svHKXGH@w+r!0!rjM^2LIAbPquI!jwXG6IMpmmS;Vt z*Fl3DO~3p&BNAQmMvHaZ=HQEP9b|k2?MO;HbX=6pTXK03U#~9@2=rS994&*5dE6V&i-a$VYCH6Hkue5sSnZLxlD%>ovxikEI z!L5o=!w(HvO+c8N;*2OF)tEflb;qeO+dDvZShQ2M(96QOsA$NCVR; z6*v1_SmH{L?Yf0s>PY){+3?uQBwV>AgJx8LaFic1|0!}(f~mvlSFVYLJedz=X4?5g z(4^9Pw-yM!nlfU;Kt!w9ap$ffzZzw&J;sr(G%)nVJR>tR7W(bS!5GD3j>^y0yNWRiDRs@2*3g%en| z2SEsqu73@VZp$qtWc%QTwzszq`XnOPP>-1mQ|Tf6&0rA~>_eN!rH ztIOuKA8wxvmgn6`RnpjZ-gT%{*?(kYq;Fv0;%1**9iEfV6%HuTs<@VYvs}GokbIE# zL@wriC7dL)qEXFs=g;`Sg!sjUc|x^3FIGy&L*Kl;NEoE2cH(0)a$mAzKaqivqRX!I znZyj{K(GaxAim7Z6buUw=YS5E=L~Y!mD4BSV=-A|#gcjeC?ea0%G|fkdsDj5q z#VrrCxnC!c)mbQJ*kuL{1)hJ08@#o>g(y?^8BvJTtG-@ zAWGz>E6DlAA2A#&HE@=`wJ*=u6lo(*(lhP@(bx1_(m>g?A zNR`tF9v=W1vl0zUwW!o%91b7`eYXIV6*0MNvL(*cda7 zCG7p&ZIpqvh>z#boUWlxgF00v>snR0*v?38t*0156WGs^Q!XU+8^pIJIDz{T)?u)N zl#-XozZym%vwb97AU>#H@bg7uftzwhR=NMy$joDQcm%?VV&PHo`G8u0fHo7}rMIf8 zt&M31Jx>Je59R`mcvDj5bvp;H>oHltE1TQ(6G=k1=zHXly%c>Va`NOJq_wS}vc;o8 zOBaEYO*&n7rnjf)nIh8nf0bQ%Jk(noFPFE)n>TB+-r^c$y|NP(MKRf`DNCZVU1VRQ zxz~%4B`MS_M3ye5hM0_tvR0Ow$Q^?zhA<4-$?f)@-_&KsXS(nE&R^#iE!%G%bJsL_te!gVmB!!cBmwTD zWExGTtgH+GA$j-jTP~TYZ*T#q)QvHOA^TXKDK3JFVhQ;O@l^V0m83A-Yf&r~OSnAPfFgGSz+0M$`F{ZK zJOFs(T3cG&E?kiR%O2uWzk>LwpNbB(wIV5f1@w7u;8B)KO*r!)`VHALV$hiaBrB>6 zaeEY`kb#PikDsTn9pu>?rnL|f-3E7Lk7E^8w~<+J5>Nv5rL`lYqUdeJ7?Y}LMw-)c z7Yo8rm@N_{>PDODVPT|gY)zA_XeA0Jx75#B^WLOFC`KiBe`AYfFGd1 zx>N#Hb%+-TL?8gnfJRdk*$#o6lscai(Vse7-BxBdnq`MQw3Zw7b*$XzngsWeSHf)^8>IoSMX*QxXkbb;e6XFj)-Y$Ih zewIvGK6YA-l{gDrq3yg>fHD`CluUs*s^Wx;ksutS?b9=108@BsHrUiyp^M{cWf%cI zZKr6sVh$gr8R~Tipq!*u?t|8r;6ZF2_?NM4etrS4ZFptj6OXXMkTvpo3czXr+lHCF zy*uX0i*iJDupe}!6H`4a0>tN2RDXXzCKPVfV!#jU9E*R<)s^NXu!JG_(D%&P_7sM_ zYoLYZcwu&&NQPPxC|H+Ft6d$!CFrySp0(-;lj91PL zUu9oHzNUC4r--=+2g@_P`+7AEPstMXGS&UARaI4a`unH#R(KRS3jhS&<2nPA)q|B_t%e zuDjXW>-=bKiLmu(Hi&Rm$=HNc;!kcxNbss35rRv}suzTv?a@|GHSs>L;@mA!aj7F| zWp1<;lpj=R(a$<+0E2i&iC%MkUAe6(K%@j@$|0vzs<5q>H$*C{82D5nLPe|#p7eZd z^zPle6fF&r37y4ee#gizeA0;AI9@zG&O>7FjSs-T=lQe%_&|5Qsh80)I$e-npm?iA zF7IZjrHZU2v1!D4&dvNKCL8OY8ht<(VAaQeL0NvUxpJYRS9kKx@{6~QEY@e&5?@SO z^58H;`;KjBTOClQ`bPEwN_9HLdKwx#flYJR?Gk##zeF^uJVu(mYK1~-_ z5_2!rlcDc;5FhYsoGIjCnk|NmpNW5VL2@tJH>oN*sNJ`txxad4EE}DM=c`6-a(k_* zxgsxz%`kOa(TczXRr|PoG@-@`7hR0)|C$t)U6*b`QbCTPQf%!bA+{kh%v=M(sFnx> z0_vrw0WNqy6L7xhmMvT4c5lH(XJNA9Br@{<2nuX{XfRmO?j^R&Aj+gQiiTJ>oRcNJ z8}@QR_Pr@F)wjy#{bz<8ut>P0GyG6sUml;%sF7CyDHAcXuhF52&+R0BRhwNU%Aaj3E5b+9L$P65tI3#q+w)V_0PQcYC1t&EmbBn zX|}_9Mr&6s^Py4OVQr!S|GlSa> z9_|BH&%fj48+P@qm&fBT;(#&Y`Ir)u6Wt-GN^A5v^o~@MljwV8RiN!GiR#fRIy#XX zj(9jRyl3R{`PmAo16DD0MBC77=7%|Y_$70UJ^Ov?C%(Wz>VywREOM3N*7a(=+u+9 zdOU5S#_E=Gm78&}!(a{^4`X+XH8ls9y;6i4qoeLYVxFjNC66SLnff4R71e0>IYA8} z-DWr{o#_!_@oB4-fRs%8^n#pw0XuQlm@6ELAn_k~CCyG(aI(wz1tscSJoM|ScXPVN zB3C{g);b%zis@PYx2%c#k(@zrPv9ZR|5apcO~}7AG>pMFyXa$ToIU3H@%0$hYfpuH z4kY70-_T0CW}h~3hwQ;!y+iM6)IuMc828)oAvM0b;8iN6yd?HW53S-dJbHM@-eZ{N z_l-C&pyx4HuMV~Mk~Z8;iY1ZEE2~2}{*Jc*;K>YiwtWX+e-7i*MS zZ)niLu(aTl0IX$KB)JE8alMbV{FaGDMInS~lchMlnBE4j+9EXDp_x-tCxAG-nGbqV z+c_y%%#W167fxTo#k7HKyc3mGI~P9KL<;v&S&us8kVjAz#guR=tcS!gAmG9wM4{>K z3^OiQtD2n5vEwu5A8j%(lJzN_yE*T)9;LZv)n_%7!Jr6%i-&&LFug)vX!$^*Q=fTY z?CT~`M<2C7EZt2f2{58z-<;$vD9o;RHQ#_ub%AjLpk1z%p4WwQl@RJg-7PNnGewvfWoYQcnLMR8edk4Gt z{@n|pFHlO7gWQ}{-uOs^32`l)5zpE2`j|JqV0sng!Vdep=NsP0hH~0@!9u Date: Mon, 30 Aug 2021 15:01:13 +0300 Subject: [PATCH 071/173] Nightly test failure skippings (#14557) * Skipped the following tests: "iDefense_v2_Test", "EWS Mail Sender Test", "McAfee ESM v2 - Test v10.3.0", "AzureADTest", "AWS - IAM Test Playbook", "Feed iDefense Test", "FireEyeNX-Test", "McAfee ESM v2 - Test v10.2.0", "McAfee ESM Watchlists - Test v10.3.0", "McAfee ESM Watchlists - Test v10.2.0", "Microsoft Teams Management - Test" * reverted integration changes * reverted * Skipped the following tests: "Zscaler Test", "palo_alto_panorama_test_pb" * Update from master * Skipped the following tests: "LogRhythm REST test", "Cisco Umbrella Test" * Skipped the following tests: "Cisco Umbrella Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * Skipped the following tests: "Detonate URL - WildFire v2.1 - Test", "LogRhythm REST test" * merge from master * merge from master Co-authored-by: ShahafBenYakir --- Tests/conf.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Tests/conf.json b/Tests/conf.json index e3889a89f937..2b32d27dfc74 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -4603,7 +4603,10 @@ "McAfee ESM Watchlists - Test v10.2.0": "Issue 39389", "Microsoft Teams Management - Test": "Issue 33410", "RedLockTest": "Issue 24600", - "MicrosoftGraphMail-Test_prod": "Issue 40125" + "MicrosoftGraphMail-Test_prod": "Issue 40125", + "LogRhythm REST test": "Issue 40654", + "Cisco Umbrella Test": "Issue 24338", + "Detonate URL - WildFire v2.1 - Test": "Issue 40834" }, "skipped_integrations": { "_comment1": "~~~ NO INSTANCE ~~~", From 627ecf6ac64242eaf0c7454b5fcb5d0346174567 Mon Sep 17 00:00:00 2001 From: Tal Lieber <72691467+tallieber@users.noreply.github.com> Date: Mon, 30 Aug 2021 19:08:56 +0300 Subject: [PATCH 072/173] ParseEmailFiles - roll back to multiple encoding part (#14585) * roll back * rn * du * test * Update Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py Co-authored-by: yuvalbenshalom Co-authored-by: yuvalbenshalom --- Packs/CommonScripts/ReleaseNotes/1_4_28.md | 4 ++ .../ParseEmailFiles/ParseEmailFiles.py | 51 +++++++------------ .../ParseEmailFiles/ParseEmailFiles.yml | 2 +- .../ParseEmailFiles/ParseEmailFiles_test.py | 13 ++++- Packs/CommonScripts/pack_metadata.json | 2 +- 5 files changed, 35 insertions(+), 37 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_4_28.md diff --git a/Packs/CommonScripts/ReleaseNotes/1_4_28.md b/Packs/CommonScripts/ReleaseNotes/1_4_28.md new file mode 100644 index 000000000000..b257164e7db0 --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_4_28.md @@ -0,0 +1,4 @@ +#### Scripts +##### ParseEmailFiles +- Fixed an issue where ParseEmailFiles fails on timeout. +- Updated the Docker image to: *demisto/python:2.7.18.24019*. diff --git a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py index 17d49104eaeb..70662ffd592e 100644 --- a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py +++ b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.py @@ -3403,21 +3403,13 @@ def get_utf_string(text, field): return utf_string -def mime_decode(encoded_string): - word_mime_encoded = MIME_ENCODED_WORD.search(encoded_string) - if word_mime_encoded: - prefix, charset, encoding, encoded_text, suffix = word_mime_encoded.groups() - if encoding.lower() == 'b': - byte_string = base64.b64decode(encoded_text) - elif encoding.lower() == 'q': - byte_string = quopri.decodestring(encoded_text) - try: - return prefix + byte_string.decode(charset) + suffix - except UnicodeDecodeError: - demisto.debug('Failed to decode encoded_string: {}. charset: {}, ' - 'encoding: {}, encoded_text: {}'.format(encoded_string, charset, encoding, encoded_text)) - return prefix + byte_string.decode(charset, errors='replace') + suffix - return '' +def mime_decode(word_mime_encoded): + prefix, charset, encoding, encoded_text, suffix = word_mime_encoded.groups() + if encoding.lower() == 'b': + byte_string = base64.b64decode(encoded_text) + elif encoding.lower() == 'q': + byte_string = quopri.decodestring(encoded_text) + return prefix + byte_string.decode(charset) + suffix def convert_to_unicode(s, is_msg_header=True): @@ -3425,31 +3417,24 @@ def convert_to_unicode(s, is_msg_header=True): try: res = '' # utf encoded result if is_msg_header: # Mime encoded words used on message headers only - encode_decode_phrase = s try: - word_mime_encoded = MIME_ENCODED_WORD.search(encode_decode_phrase) + word_mime_encoded = s and MIME_ENCODED_WORD.search(s) if word_mime_encoded: - if '?= =?' in encode_decode_phrase: - encode_decode_phrase = encode_decode_phrase.replace('?= =?', '?==?') - while word_mime_encoded: - # encoded-word" is a sequence of printable ASCII characters that begins with "=?", - # ends with "?=", and has two "?"s in between. - start_encoding_index = encode_decode_phrase.index('=?') - end_encoding_index = encode_decode_phrase.index('?=') + 2 - # index return the index where "?=" starts, need to include it on the substring - encoded_substring = encode_decode_phrase[start_encoding_index:end_encoding_index] - decoded_substring = mime_decode(encoded_substring) - encode_decode_phrase = encode_decode_phrase[:start_encoding_index] + decoded_substring + \ - encode_decode_phrase[end_encoding_index:] # noqa: E127 - word_mime_encoded = MIME_ENCODED_WORD.search(encode_decode_phrase) - return encode_decode_phrase - + word_mime_decoded = mime_decode(word_mime_encoded) + if word_mime_decoded and not MIME_ENCODED_WORD.search(word_mime_decoded): + # ensure decoding was successful + return word_mime_decoded except Exception as e: # in case we failed to mine-decode, we continue and try to decode demisto.debug('Failed decoding mime-encoded string: {}. Will try regular decoding.'.format(str(e))) for decoded_s, encoding in decode_header(s): # return a list of pairs(decoded, charset) if encoding: - res += decoded_s.decode(encoding).encode('utf-8') + try: + res += decoded_s.decode(encoding).encode('utf-8') + except UnicodeDecodeError: + demisto.debug('Failed to decode encoded_string:' + 'encoding: {}, encoded_text: {}'.format(encoding, decoded_s)) + res += decoded_s.decode(encoding, errors='replace').encode('utf-8') ENCODINGS_TYPES.add(encoding) else: res += decoded_s diff --git a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml index 112b28b07644..c07f019730ef 100644 --- a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml +++ b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles.yml @@ -111,4 +111,4 @@ type: python fromversion: 5.0.0 tests: - No tests (auto formatted) -dockerimage: demisto/python:2.7.18.22912 +dockerimage: demisto/python:2.7.18.24019 diff --git a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py index 0acb6f2fbb62..1a667fe0ba47 100644 --- a/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py +++ b/Packs/CommonScripts/Scripts/ParseEmailFiles/ParseEmailFiles_test.py @@ -416,10 +416,19 @@ def executeCommand(name, args=None): '\xe3\x80\x90\xe2\x91\xa0' # 【① ), ( - 'This is test =?iso-2022-jp?B?GyRCJWEhPCVrLSEkSHxxGyhC?= ' + '=?iso-2022-jp?B?GyRCJWEhPCVrLSEkSHxxGyhC?= ' '=?iso-2022-jp?B?GyRCRnxLXDhsSjg7eiQsST08KCQ1JGwkSiQkSjg7eiROJUYlOSVIGyhC?=', - 'This is test メール�と�日本語文字が表示されない文字のテスト' + 'メール�と�日本語文字が表示されない文字のテスト' ) + # ( + # 'This is test =?iso-2022-jp?B?GyRCJWEhPCVrLSEkSHxxGyhC?= ' + # '=?iso-2022-jp?B?GyRCRnxLXDhsSjg7eiQsST08KCQ1JGwkSiQkSjg7eiROJUYlOSVIGyhC?=', + # 'This is test メール�と�日本語文字が表示されない文字のテスト' + # ) + # This test should pass, it extend the case of This example "=?UTF-8?B?VGVzdMKu?= passes" and include multiple + # encoding parts. + # **please DO NOT delete the commented tests**. + # they have been disabled in attempt to fix issue no. 40877, and they may be needed for a better solution in the future. ]) def test_utf_subject_convert(encoded_subject, decoded_subject): decoded = convert_to_unicode(encoded_subject) diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index a8857051ea7b..f3bf015b6a74 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.4.27", + "currentVersion": "1.4.28", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From e3c90836b48b52b90d402e1134e489fb72a949a9 Mon Sep 17 00:00:00 2001 From: ChanochShayner <57212002+ChanochShayner@users.noreply.github.com> Date: Mon, 30 Aug 2021 19:42:25 +0300 Subject: [PATCH 073/173] Update Threat Intel objects and their score (#14587) * Test DONT Merge * Test DONT Merge * test * Add to Threat Intel * Update Threat Intel Objs and Score * remove unrelated files * docker update --- Packs/Base/ReleaseNotes/1_13_27.md | 5 +++++ Packs/Base/Scripts/CommonServerPython/CommonServerPython.py | 4 ++++ Packs/Base/Scripts/CommonServerPython/CommonServerPython.yml | 2 +- Packs/Base/pack_metadata.json | 2 +- 4 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_13_27.md diff --git a/Packs/Base/ReleaseNotes/1_13_27.md b/Packs/Base/ReleaseNotes/1_13_27.md new file mode 100644 index 000000000000..76aea9f15be1 --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_13_27.md @@ -0,0 +1,5 @@ + +#### Scripts +##### CommonServerPython +- Maintenance and stability enhancements. +- Updated the Docker image to: *demisto/python:2.7.18.24019*. \ No newline at end of file diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py index 5c8212f6317b..718a59ff8111 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py @@ -449,6 +449,8 @@ class ObjectsNames(object): COURSE_OF_ACTION = 'Course of Action' INTRUSION_SET = 'Intrusion Set' TOOL = 'Tool' + THREAT_ACTOR = 'Threat Actor' + INFRASTRUCTURE = 'Infrastructure' class ObjectsScore(object): """ @@ -463,6 +465,8 @@ class ObjectsScore(object): COURSE_OF_ACTION = 0 INTRUSION_SET = 3 TOOL = 2 + THREAT_ACTOR = 3 + INFRASTRUCTURE = 2 class KillChainPhases(object): """ diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.yml b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.yml index 395fa83795e6..50f3f0f6e244 100644 --- a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.yml +++ b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.yml @@ -23,4 +23,4 @@ tests: - Test-debug-mode - Test-CreateDBotScore-With-Reliability fromversion: 5.0.0 -dockerimage: demisto/python:2.7.18.22912 +dockerimage: demisto/python:2.7.18.24019 diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json index 75648f64796d..44b1f5c48158 100644 --- a/Packs/Base/pack_metadata.json +++ b/Packs/Base/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Base", "description": "The base pack for Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.13.26", + "currentVersion": "1.13.27", "author": "Cortex XSOAR", "serverMinVersion": "6.0.0", "url": "https://www.paloaltonetworks.com/cortex", From a59f3e5d7147c76615e22f090bade9d0dbbe4b96 Mon Sep 17 00:00:00 2001 From: ilaner <88267954+ilaner@users.noreply.github.com> Date: Tue, 31 Aug 2021 00:09:20 +0300 Subject: [PATCH 074/173] CrowdStrike falcon enhancement (#14476) Added new commands for CrowdStrike falcon integration: - ***cs-falcon-create-host-group*** - ***cs-falcon-update-host-group*** - ***cs-falcon-list-host-group-members*** - ***cs-falcon-add-host-group-members*** - ***cs-falcon-remove-host-group-members*** - ***cs-falcon-list-host-groups*** - ***cs-falcon-delete-host-groups*** --- Packs/CrowdStrikeFalcon/.secrets-ignore | 7 + .../CrowdStrikeFalcon/CrowdStrikeFalcon.py | 247 ++- .../CrowdStrikeFalcon/CrowdStrikeFalcon.yml | 349 +++- .../CrowdStrikeFalcon_test.py | 132 +- .../Integrations/CrowdStrikeFalcon/README.md | 984 ++++++++++ ...pected_list_hostgroup_members_results.json | 57 + .../test_create_hostgroup_invalid_data.json | 13 + .../test_list_hostgroup_members_data.json | 568 ++++++ Packs/CrowdStrikeFalcon/ReleaseNotes/1_3_0.md | 12 + .../playbook-CrowdStrikeFalcon-Test.yml | 1616 +++++++++++++++-- Packs/CrowdStrikeFalcon/pack_metadata.json | 2 +- 11 files changed, 3864 insertions(+), 123 deletions(-) create mode 100644 Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/expected_list_hostgroup_members_results.json create mode 100644 Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_create_hostgroup_invalid_data.json create mode 100644 Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_list_hostgroup_members_data.json create mode 100644 Packs/CrowdStrikeFalcon/ReleaseNotes/1_3_0.md diff --git a/Packs/CrowdStrikeFalcon/.secrets-ignore b/Packs/CrowdStrikeFalcon/.secrets-ignore index e69de29bb2d1..ad8771fd90f8 100644 --- a/Packs/CrowdStrikeFalcon/.secrets-ignore +++ b/Packs/CrowdStrikeFalcon/.secrets-ignore @@ -0,0 +1,7 @@ +35.224.136.145 +10.128.0.21 +10.128.0.7 +35.224.136.145 +10.128.0.20 +35.224.136.145 +10.128.0.21 \ No newline at end of file diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py index a50b162ebf1a..fa2edb2e3ffc 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py @@ -138,6 +138,20 @@ }, ] +HOST_GROUP_HEADERS = ['id', 'name', 'group_type', 'description', 'assignment_rule', + 'created_by', 'created_timestamp', + 'modified_by', 'modified_timestamp'] + +STATUS_TEXT_TO_NUM = {'New': "20", + 'Reopened': "25", + 'In Progress': "30", + 'Closed': "40"} + +STATUS_NUM_TO_TEXT = {20: 'New', + 25: 'Reopened', + 30: 'In Progress', + 40: 'Closed'} + ''' HELPER FUNCTIONS ''' @@ -193,10 +207,11 @@ def http_request(method, url_suffix, params=None, data=None, files=None, headers data=data, headers=headers, files=files, - json=json + json=json, ) - except requests.exceptions.RequestException: - return_error('Error in connection to the server. Please make sure you entered the URL correctly.') + except requests.exceptions.RequestException as e: + return_error(f'Error in connection to the server. Please make sure you entered the URL correctly.' + f' Exception is {str(e)}.') try: valid_status_codes = {200, 201, 202, 204} # Handling a case when we want to return an entry for 404 status code. @@ -1281,6 +1296,92 @@ def timestamp_length_equalization(timestamp1, timestamp2): return int(timestamp1), int(timestamp2) +def change_host_group(is_post: bool, + host_group_id: Optional[str] = None, + name: Optional[str] = None, + group_type: Optional[str] = None, + description: Optional[str] = None, + assignment_rule: Optional[str] = None) -> Dict: + method = 'POST' if is_post else 'PATCH' + data = {'resources': [{ + 'id': host_group_id, + "name": name, + "description": description, + "group_type": group_type, + "assignment_rule": assignment_rule + }]} + response = http_request(method=method, + url_suffix='/devices/entities/host-groups/v1', + json=data) + return response + + +def change_host_group_members(action_name: str, + host_group_id: str, + host_ids: List[str]) -> Dict: + allowed_actions = {'add-hosts', 'remove-hosts'} + if action_name not in allowed_actions: + raise DemistoException(f'CrowdStrike Falcon error: action name should be in {allowed_actions}') + data = {'action_parameters': [{'name': 'filter', + 'value': f"(device_id:{str(host_ids)})"}], + 'ids': [host_group_id]} + response = http_request(method='POST', + url_suffix='/devices/entities/host-group-actions/v1', + params={'action_name': action_name}, + json=data) + return response + + +def host_group_members(filter: Optional[str], + host_group_id: Optional[str], + limit: Optional[str], + offset: Optional[str]): + params = {'id': host_group_id, + 'filter': filter, + 'offset': offset, + 'limit': limit} + response = http_request(method='GET', + url_suffix='/devices/combined/host-group-members/v1', + params=params) + return response + + +def resolve_incident(ids: List[str], status: str): + if status not in STATUS_TEXT_TO_NUM: + raise DemistoException(f'CrowdStrike Falcon Error: ' + f'Status given is {status} and it is not in {STATUS_TEXT_TO_NUM.keys()}') + data = { + "action_parameters": [ + { + "name": "update_status", + "value": STATUS_TEXT_TO_NUM[status] + } + ], + "ids": ids + } + http_request(method='POST', + url_suffix='/incidents/entities/incident-actions/v1', + json=data) + + +def list_host_groups(filter: Optional[str], limit: Optional[str], offset: Optional[str]) -> Dict: + params = {'filter': filter, + 'offset': offset, + 'limit': limit} + response = http_request(method='GET', + url_suffix='/devices/combined/host-groups/v1', + params=params) + return response + + +def delete_host_groups(host_group_ids: List[str]) -> Dict: + params = {'ids': host_group_ids} + response = http_request(method='DELETE', + url_suffix='/devices/entities/host-groups/v1', + params=params) + return response + + ''' COMMANDS FUNCTIONS ''' @@ -1654,7 +1755,6 @@ def get_endpoint_command(): command_results = [] for endpoint in standard_endpoints: - endpoint_context = endpoint.to_context().get(Common.Endpoint.CONTEXT_PATH) hr = tableToMarkdown('CrowdStrike Falcon Endpoint', endpoint_context) @@ -2433,9 +2533,10 @@ def incidents_to_human_readable(incidents): for incident in incidents: readable_output = assign_params(description=incident.get('description'), state=incident.get('state'), name=incident.get('name'), tags=incident.get('tags'), - incident_id=incident.get('incident_id'), created_time=incident.get('created')) + incident_id=incident.get('incident_id'), created_time=incident.get('created'), + status=STATUS_NUM_TO_TEXT.get(incident.get('status'))) incidents_readable_outputs.append(readable_output) - headers = ['incident_id', 'created_time', 'name', 'description', 'state', 'tags'] + headers = ['incident_id', 'created_time', 'name', 'description', 'status', 'state', 'tags'] human_readable = tableToMarkdown('CrowdStrike Incidents', incidents_readable_outputs, headers, removeNull=True) return human_readable @@ -2463,6 +2564,110 @@ def list_incident_summaries_command(): ) +def create_host_group_command(name: str, + group_type: str = None, + description: str = None, + assignment_rule: str = None) -> CommandResults: + response = change_host_group(is_post=True, + name=name, + group_type=group_type, + description=description, + assignment_rule=assignment_rule) + host_groups = response.get('resources') + return CommandResults(outputs_prefix='CrowdStrike.HostGroup', + outputs_key_field='id', + outputs=host_groups, + readable_output=tableToMarkdown('Host Groups', host_groups, headers=HOST_GROUP_HEADERS), + raw_response=response) + + +def update_host_group_command(host_group_id: str, + name: Optional[str] = None, + description: Optional[str] = None, + assignment_rule: Optional[str] = None) -> CommandResults: + response = change_host_group(is_post=False, + host_group_id=host_group_id, + name=name, + description=description, + assignment_rule=assignment_rule) + host_groups = response.get('resources') + return CommandResults(outputs_prefix='CrowdStrike.HostGroup', + outputs_key_field='id', + outputs=host_groups, + readable_output=tableToMarkdown('Host Groups', host_groups, headers=HOST_GROUP_HEADERS), + raw_response=response) + + +def list_host_group_members_command(host_group_id: Optional[str] = None, + filter: Optional[str] = None, + offset: Optional[str] = None, + limit: Optional[str] = None) -> CommandResults: + response = host_group_members(filter, host_group_id, limit, offset) + devices = response.get('resources') + if not devices: + return CommandResults(readable_output='No hosts are found', + raw_response=response) + headers = list(SEARCH_DEVICE_KEY_MAP.values()) + outputs = [get_trasnformed_dict(single_device, SEARCH_DEVICE_KEY_MAP) for single_device in devices] + return CommandResults( + outputs_prefix='CrowdStrike.Device', + outputs_key_field='ID', + outputs=outputs, + readable_output=tableToMarkdown('Devices', outputs, headers=headers, headerTransform=pascalToSpace), + raw_response=response + ) + + +def add_host_group_members_command(host_group_id: str, host_ids: List[str]) -> CommandResults: + response = change_host_group_members(action_name='add-hosts', + host_group_id=host_group_id, + host_ids=host_ids) + host_groups = response.get('resources') + return CommandResults(outputs_prefix='CrowdStrike.HostGroup', + outputs_key_field='id', + outputs=host_groups, + readable_output=tableToMarkdown('Host Groups', host_groups, headers=HOST_GROUP_HEADERS), + raw_response=response) + + +def remove_host_group_members_command(host_group_id: str, host_ids: List[str]) -> CommandResults: + response = change_host_group_members(action_name='remove-hosts', + host_group_id=host_group_id, + host_ids=host_ids) + host_groups = response.get('resources') + return CommandResults(outputs_prefix='CrowdStrike.HostGroup', + outputs_key_field='id', + outputs=host_groups, + readable_output=tableToMarkdown('Host Groups', host_groups, headers=HOST_GROUP_HEADERS), + raw_response=response) + + +def resolve_incident_command(ids: List[str], status: str): + resolve_incident(ids, status) + readable = '\n'.join([f'{incident_id} changed successfully to {status}' for incident_id in ids]) + return CommandResults(readable_output=readable) + + +def list_host_groups_command(filter: Optional[str] = None, offset: Optional[str] = None, limit: Optional[str] = None) \ + -> CommandResults: + response = list_host_groups(filter, limit, offset) + host_groups = response.get('resources') + return CommandResults(outputs_prefix='CrowdStrike.HostGroup', + outputs_key_field='id', + outputs=host_groups, + readable_output=tableToMarkdown('Host Groups', host_groups, headers=HOST_GROUP_HEADERS), + raw_response=response) + + +def delete_host_groups_command(host_group_ids: List[str]) -> CommandResults: + response = delete_host_groups(host_group_ids) + deleted_ids = response.get('resources') + readable = '\n'.join([f'Host groups {host_group_id} deleted successfully' for host_group_id in deleted_ids]) \ + if deleted_ids else f'Host groups {host_group_ids} are not deleted' + return CommandResults(readable_output=readable, + raw_response=response) + + def test_module(): try: get_token(new_token=True) @@ -2483,15 +2688,14 @@ def test_module(): def main(): command = demisto.command() - # should raise error in case of issue - if command == 'fetch-incidents': - demisto.incidents(fetch_incidents()) - args = demisto.args() try: if command == 'test-module': result = test_module() return_results(result) + elif command == 'fetch-incidents': + demisto.incidents(fetch_incidents()) + elif command in ('cs-device-ran-on', 'cs-falcon-device-ran-on'): return_results(get_indicator_device_id()) elif demisto.command() == 'cs-falcon-search-device': @@ -2566,7 +2770,28 @@ def main(): ) elif command == 'endpoint': return_results(get_endpoint_command()) - # Log exceptions + elif command == 'cs-falcon-create-host-group': + return_results(create_host_group_command(**args)) + elif command == 'cs-falcon-update-host-group': + return_results(update_host_group_command(**args)) + elif command == 'cs-falcon-list-host-groups': + return_results(list_host_groups_command(**args)) + elif command == 'cs-falcon-delete-host-groups': + return_results(delete_host_groups_command(host_group_ids=argToList(args.get('host_group_id')))) + elif command == 'cs-falcon-list-host-group-members': + return_results(list_host_group_members_command(**args)) + elif command == 'cs-falcon-add-host-group-members': + return_results(add_host_group_members_command(host_group_id=args.get('host_group_id'), + host_ids=argToList(args.get('host_ids')))) + elif command == 'cs-falcon-remove-host-group-members': + return_results(remove_host_group_members_command(host_group_id=args.get('host_group_id'), + host_ids=argToList(args.get('host_ids')))) + elif command == 'cs-falcon-resolve-incident': + return_results(resolve_incident_command(status=args.get('status'), + ids=argToList(args.get('ids')))) + else: + raise NotImplementedError(f'CrowdStrike Falcon error: ' + f'command {command} is not implemented') except Exception as e: return_error(str(e)) diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml index 5a9fd0d411be..b60a21a9606f 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.yml @@ -2142,7 +2142,354 @@ script: - contextPath: Endpoint.OSVersion description: The endpoint's operation system version. type: String - dockerimage: demisto/python3:3.9.6.22912 + - arguments: + - default: false + description: The name of the host. + isArray: false + name: name + required: true + secret: false + - auto: PREDEFINED + default: false + description: The group type of the group. Can be 'static' or 'dynamic'. + isArray: false + name: group_type + predefined: + - static + - dynamic + required: true + secret: false + - default: false + description: The description of the host. + isArray: false + name: description + required: false + secret: false + - default: false + description: The assignment rule. + isArray: false + name: assignment_rule + required: false + secret: false + deprecated: false + description: Create a host group. + execution: false + name: cs-falcon-create-host-group + outputs: + - contextPath: CrowdStrike.HostGroup.id + description: The ID of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.group_type + description: The group type of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.name + description: The name of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.description + description: The description of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_by + description: The client that created the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_timestamp + description: 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - contextPath: CrowdStrike.HostGroup.modified_by + description: The client that modified the host group. + type: String + - contextPath: CrowdStrike.HostGroup.modified_timestamp + description: 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - arguments: + - default: false + description: The query by which to filter the devices that belong to the host group. + isArray: false + name: filter + required: false + secret: false + - default: false + description: Page offset. + isArray: false + name: offset + required: false + secret: false + - default: true + defaultValue: 50 + description: Maximum number of results on a page. + isArray: false + name: limit + required: false + secret: false + description: List the available host groups. + execution: false + name: cs-falcon-list-host-groups + outputs: + - contextPath: CrowdStrike.HostGroup.id + description: The ID of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.group_type + description: The group type of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.name + description: The name of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.description + description: The description of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_by + description: The client that created the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_timestamp + description: 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - contextPath: CrowdStrike.HostGroup.modified_by + description: The client that modified the host group. + type: String + - contextPath: CrowdStrike.HostGroup.modified_timestamp + description: 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - arguments: + - default: false + description: A comma-separated list of the IDs of the host groups to be deleted. + isArray: true + name: host_group_id + required: true + secret: false + description: Delete the requested host groups. + execution: false + name: cs-falcon-delete-host-groups + - arguments: + - default: false + description: The ID of the host group. + isArray: false + name: host_group_id + required: true + secret: false + - default: false + description: The name of the host group. + isArray: false + name: name + required: false + secret: false + - default: false + description: The description of the host group. + isArray: false + name: description + required: false + secret: false + - default: false + description: The assignment rule. + isArray: false + name: assignment_rule + required: false + secret: false + deprecated: false + description: Update a host group. + execution: false + name: cs-falcon-update-host-group + outputs: + - contextPath: CrowdStrike.HostGroup.id + description: The ID of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.group_type + description: The group type of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.name + description: The name of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.description + description: The description of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_by + description: The client that created the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_timestamp + description: 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - contextPath: CrowdStrike.HostGroup.modified_by + description: The client that modified the host group. + type: String + - contextPath: CrowdStrike.HostGroup.modified_timestamp + description: 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - arguments: + - default: false + description: The ID of the host group. + isArray: false + name: host_group_id + required: false + secret: false + - default: false + description: The query by which to filter the devices that belong to the host group. + isArray: false + name: filter + required: false + secret: false + - default: false + description: Page offset. + isArray: false + name: offset + required: false + secret: false + - default: true + defaultValue: 50 + description: Maximum number of results on a page. + isArray: false + name: limit + required: false + secret: false + deprecated: false + description: Get the list of host group members. + execution: false + name: cs-falcon-list-host-group-members + outputs: + - contextPath: CrowdStrike.Device.ID + description: The ID of the device. + type: String + - contextPath: CrowdStrike.Device.LocalIP + description: The local IP address of the device. + type: String + - contextPath: CrowdStrike.Device.ExternalIP + description: The external IP address of the device. + type: String + - contextPath: CrowdStrike.Device.Hostname + description: The host name of the device. + type: String + - contextPath: CrowdStrike.Device.OS + description: The operating system of the device. + type: String + - contextPath: CrowdStrike.Device.MacAddress + description: The MAC address of the device. + type: String + - contextPath: CrowdStrike.Device.FirstSeen + description: The first time the device was seen. + type: String + - contextPath: CrowdStrike.Device.LastSeen + description: The last time the device was seen. + type: String + - contextPath: CrowdStrike.Device.Status + description: The device status. + type: String + - arguments: + - default: false + description: The ID of the host group. + isArray: false + name: host_group_id + required: true + secret: false + - default: false + description: A comma-separated list of host agent IDs to run commands. (The + list of host agent IDs can be retrieved by running the 'cs-falcon-search-device' command.) + isArray: true + name: host_ids + required: true + secret: false + deprecated: false + description: Add host group members. + execution: false + name: cs-falcon-add-host-group-members + outputs: + - contextPath: CrowdStrike.HostGroup.id + description: The ID of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.group_type + description: The group type of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.name + description: The name of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.description + description: The description of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_by + description: The client that created the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_timestamp + description: 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - contextPath: CrowdStrike.HostGroup.modified_by + description: The client that modified the host group. + type: String + - contextPath: CrowdStrike.HostGroup.modified_timestamp + description: 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - arguments: + - default: false + description: The ID of the host group. + isArray: false + name: host_group_id + required: true + secret: false + - default: false + description: A comma-separated list of host agent IDs to run commands. (The + list of host agent IDs can be retrieved by running the 'cs-falcon-search-device' command.) + isArray: true + name: host_ids + required: true + secret: false + deprecated: false + description: Remove host group members. + execution: false + name: cs-falcon-remove-host-group-members + outputs: + - contextPath: CrowdStrike.HostGroup.id + description: The ID of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.group_type + description: The group type of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.name + description: The name of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.description + description: The description of the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_by + description: The client that created the host group. + type: String + - contextPath: CrowdStrike.HostGroup.created_timestamp + description: 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - contextPath: CrowdStrike.HostGroup.modified_by + description: The client that modified the host group. + type: String + - contextPath: CrowdStrike.HostGroup.modified_timestamp + description: 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' + type: Date + - arguments: + - default: false + description: A comma-separated list of incident IDs. + isArray: true + name: ids + required: true + secret: false + - auto: PREDEFINED + default: false + description: The new status of the incident. Can be "New", "In Progress", "Reopened", "Closed". + isArray: false + name: status + predefined: + - New + - In Progress + - Reopened + - Closed + required: true + secret: false + deprecated: false + description: Resolve incidents. + execution: false + name: cs-falcon-resolve-incident + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: true longRunning: false diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py index 61ec4514f905..86da8d7ac7c2 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon_test.py @@ -1,6 +1,7 @@ import pytest import os import json + import demistomock as demisto from CommonServerPython import outputPaths, entryTypes, DemistoException @@ -8,6 +9,11 @@ SERVER_URL = 'https://4.4.4.4' +def load_json(file: str): + with open(file, 'r') as f: + return json.load(f) + + @pytest.fixture(autouse=True) def get_access_token(requests_mock, mocker): mocker.patch.object( @@ -75,7 +81,6 @@ def get_access_token(requests_mock, mocker): ], "fine_score": 38} - incident_context = {'name': 'Incident ID: inc:afb5d1512a00480f53e9ad91dc3e4b55:1cf23a95678a421db810e11b5db693bd', 'occurred': '2020-05-17T17:30:38Z', 'rawJSON': @@ -2170,6 +2175,7 @@ class TestFetch: """ Test the logic of the fetch """ + @pytest.fixture() def set_up_mocks(self, requests_mock, mocker): """ Sets up the mocks for the fetch. @@ -2198,8 +2204,9 @@ def test_old_fetch_to_new_fetch(self, set_up_mocks, mocker): """ from CrowdStrikeFalcon import fetch_incidents - mocker.patch.object(demisto, 'getLastRun', return_value={'first_behavior_detection_time': '2020-09-04T09:16:10Z', - 'last_detection_id': 1234}) + mocker.patch.object(demisto, 'getLastRun', + return_value={'first_behavior_detection_time': '2020-09-04T09:16:10Z', + 'last_detection_id': 1234}) fetch_incidents() assert demisto.setLastRun.mock_calls[0][1][0] == {'first_behavior_detection_time': '2020-09-04T09:16:10Z', 'detection_offset': 2, 'last_detection_id': 1234} @@ -2215,7 +2222,8 @@ def test_new_fetch_with_offset(self, set_up_mocks, mocker): The `first_behavior_time` doesn't change and an `offset` of 2 is added. """ - mocker.patch.object(demisto, 'getLastRun', return_value={'first_behavior_detection_time': '2020-09-04T09:16:10Z'}) + mocker.patch.object(demisto, 'getLastRun', + return_value={'first_behavior_detection_time': '2020-09-04T09:16:10Z'}) from CrowdStrikeFalcon import fetch_incidents fetch_incidents() @@ -2269,6 +2277,7 @@ class TestIncidentFetch: """ Test the logic of the fetch """ + @pytest.fixture() def set_up_mocks(self, requests_mock, mocker): """ Sets up the mocks for the fetch. @@ -2292,7 +2301,8 @@ def test_old_fetch_to_new_fetch(self, set_up_mocks, mocker): 'last_incident_id': 1234} def test_new_fetch_with_offset(self, set_up_mocks, mocker): - mocker.patch.object(demisto, 'getLastRun', return_value={'first_behavior_incident_time': '2020-09-04T09:16:10Z'}) + mocker.patch.object(demisto, 'getLastRun', + return_value={'first_behavior_incident_time': '2020-09-04T09:16:10Z'}) from CrowdStrikeFalcon import fetch_incidents fetch_incidents() @@ -2823,3 +2833,115 @@ def test_get_endpint_command(requests_mock, mocker): context = result.get('EntryContext') assert context['Endpoint(val.ID && val.ID == obj.ID)'] == [endpoint_context] + + +def test_create_hostgroup_invalid(requests_mock, mocker): + """ + Test Create hostgroup with valid args with unsuccessful args + Given + - Invalid arguments for hostgroup + When + - Calling create hostgroup command + Then + - Throw an error + """ + from CrowdStrikeFalcon import create_host_group_command + response_data = load_json('test_data/test_create_hostgroup_invalid_data.json') + requests_mock.post( + f'{SERVER_URL}/devices/entities/host-groups/v1', + json=response_data, + status_code=400, + reason='Bad Request' + ) + with pytest.raises(SystemExit): + create_host_group_command(name="dem test", + description="dem des", + group_type='static', + assignment_rule="device_id:[''],hostname:['falcon-crowdstrike-sensor-centos7']") + + +def test_update_hostgroup_invalid(requests_mock): + """ + Test Create hostgroup with valid args with unsuccessful args + Given + - Invalid arguments for hostgroup + When + - Calling create hostgroup command + Then + - Throw an error + """ + from CrowdStrikeFalcon import update_host_group_command + response_data = load_json('test_data/test_create_hostgroup_invalid_data.json') + requests_mock.patch( + f'{SERVER_URL}/devices/entities/host-groups/v1', + json=response_data, + status_code=400, + reason='Bad Request' + ) + with pytest.raises(SystemExit): + update_host_group_command( + host_group_id='b1a0cd73ecab411581cbe467fc3319f5', + name="dem test", + description="dem des", + assignment_rule="device_id:[''],hostname:['falcon-crowdstrike-sensor-centos7']") + + +@pytest.mark.parametrize('status, expected_status_api', [('New', "20"), + ('Reopened', "25"), + ('In Progress', "30"), + ('Closed', "40")]) +def test_resolve_incidents(requests_mock, status, expected_status_api): + """ + Test Create resolve incidents with valid status code + Given + - Valid status, as expected by product description + When + - Calling resolve incident command + Then + - Map the status to the status number that the api expects + """ + from CrowdStrikeFalcon import resolve_incident_command + m = requests_mock.post( + f'{SERVER_URL}/incidents/entities/incident-actions/v1', + json={}) + resolve_incident_command(['test'], status) + assert m.last_request.json()['action_parameters'][0]['value'] == expected_status_api + + +@pytest.mark.parametrize('status', ['', 'new', 'BAD ARG']) +def test_resolve_incident_invalid(status): + """ + Test Create resolve incidents with invalid status code + Given + - Invalid status, which is not expected by product description + When + - Calling resolve incident command + Then + - Throw an error + """ + from CrowdStrikeFalcon import resolve_incident_command + with pytest.raises(DemistoException): + resolve_incident_command(['test'], status) + + +def test_list_host_group_members(requests_mock): + """ + Test list host group members with not arguments given + Given + - No arguments given, as is + When + - Calling list_host_group_members_command + Then + - Return all the hosts + """ + from CrowdStrikeFalcon import list_host_group_members_command + test_list_hostgroup_members_data = load_json('test_data/test_list_hostgroup_members_data.json') + requests_mock.get( + f'{SERVER_URL}/devices/combined/host-group-members/v1', + json=test_list_hostgroup_members_data, + status_code=200 + ) + command_results = list_host_group_members_command() + expected_results = load_json('test_data/expected_list_hostgroup_members_results.json') + for expected_results, ectual_results in zip(expected_results, command_results.outputs): + assert expected_results == ectual_results diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md index fb32933d3ad4..b3cc4a5132f2 100644 --- a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/README.md @@ -2071,4 +2071,988 @@ Lists incident summaries. >|ID|IPAddress|OS|OSVersion|Hostname|Status|MACAddress|Vendor >|---|---|---|---|---|---|---|---| >| 15dbb9d8f06b45fe9f61eb46e829d986 | 1.1.1.1 | Windows | Windows Server 2019| Hostname | Online | 1-1-1-1 | CrowdStrike Falcon|\n" +### cs-falcon-create-host-group +*** +Create a host group + + +#### Base Command + +`cs-falcon-create-host-group` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| name | The name of the host. | Required | +| group_type | The group type of the group. Can be 'static' or 'dynamic'. Possible values are: static, dynamic. | Optional | +| description | The description of the host. | Optional | +| assignment_rule | The assignment rule. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CrowdStrike.HostGroup.id | String | The ID of the host group. | +| CrowdStrike.HostGroup.group_type | String | The group type of the host group. | +| CrowdStrike.HostGroup.name | String | The name of the host group. | +| CrowdStrike.HostGroup.description | String | The description of the host group. | +| CrowdStrike.HostGroup.created_by | String | The client that created the host group. | +| CrowdStrike.HostGroup.created_timestamp | Date | 'The datetime when the host group was created in ISO time format. For example: 2019-10-17T13:41:48.487520845Z.' | +| CrowdStrike.HostGroup.modified_by | String | The client that modified the host group. | +| CrowdStrike.HostGroup.modified_timestamp | Date | 'The datetime when the host group was last modified in ISO time format. For example: 2019-10-17T13:41:48.487520845Z.' | + + +#### Command Example +```!cs-falcon-create-host-group name="test_name_1" description="test_description" group_type=static``` + +#### Context Example +```json +{ + "CrowdStrike": { + "HostGroup": { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-25T08:02:02.060242909Z", + "description": "test_description", + "group_type": "static", + "id": "f82edc8a565d432a8114ebdbf255f5b2", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-25T08:02:02.060242909Z", + "name": "test_name_1" + } + } +} +``` + +#### Human Readable Output + +>### Results +>|created_by|created_timestamp|description|group_type|id|modified_by|modified_timestamp|name| +>|---|---|---|---|---|---|---|---| +>| api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-25T08:02:02.060242909Z | test_description | static | f82edc8a565d432a8114ebdbf255f5b2 | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-25T08:02:02.060242909Z | test_name_1 | + +### cs-falcon-update-host-group +*** +Update a host group. + + +#### Base Command + +`cs-falcon-update-host-group` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host_group_id | The ID of the host group. | Required | +| name | The name of the host group. | Optional | +| description | The description of the host group. | Optional | +| assignment_rule | The assignment rule. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CrowdStrike.HostGroup.id | String | The ID of the host group. | +| CrowdStrike.HostGroup.group_type | String | The group type of the host group. | +| CrowdStrike.HostGroup.name | String | The name of the host group. | +| CrowdStrike.HostGroup.description | String | The description of the host group. | +| CrowdStrike.HostGroup.created_by | String | The client that created the host group. | +| CrowdStrike.HostGroup.created_timestamp | Date | 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' | +| CrowdStrike.HostGroup.modified_by | String | The client that modified the host group. | +| CrowdStrike.HostGroup.modified_timestamp | Date | 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' | + + +#### Command Example +```!cs-falcon-update-host-group host_group_id=4902d5686bed41ba88a37439f38913ba name="test_name_update_1" description="test_description_update"``` + +#### Context Example +```json +{ + "CrowdStrike": { + "HostGroup": { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-22T07:48:35.111070562Z", + "description": "test_description_update", + "group_type": "static", + "id": "4902d5686bed41ba88a37439f38913ba", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-25T08:02:05.295663156Z", + "name": "test_name_update_1" + } + } +} +``` + +#### Human Readable Output + +>### Results +>|assignment_rule|created_by|created_timestamp|description|group_type|id|modified_by|modified_timestamp|name| +>|---|---|---|---|---|---|---|---|---| +>| device_id:[''],hostname:[''] | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-22T07:48:35.111070562Z | test_description_update | static | 4902d5686bed41ba88a37439f38913ba | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-25T08:02:05.295663156Z | test_name_update_1 | + +### cs-falcon-list-host-group-members +*** +Get the list of host group members. + + +#### Base Command + +`cs-falcon-list-host-group-members` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host_group_id | The ID of the host group. | Optional | +| filter | The query by which to filter the devices that belong to the host group. | Optional | +| offset | Page offset. | Optional | +| limit | Maximum number of results on a page. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CrowdStrike.Device.ID | String | The ID of the device. | +| CrowdStrike.Device.LocalIP | String | The local IP address of the device. | +| CrowdStrike.Device.ExternalIP | String | The external IP address of the device. | +| CrowdStrike.Device.Hostname | String | The host name of the device. | +| CrowdStrike.Device.OS | String | The operating system of the device. | +| CrowdStrike.Device.MacAddress | String | The MAC address of the device. | +| CrowdStrike.Device.FirstSeen | String | The first time the device was seen. | +| CrowdStrike.Device.LastSeen | String | The last time the device was seen. | +| CrowdStrike.Device.Status | String | The device status. | + + +#### Command Example +```!cs-falcon-list-host-group-members``` + +#### Context Example +```json +{ + "CrowdStrike": { + "Device": [ + { + "ExternalIP": "35.224.136.145", + "FirstSeen": "2021-08-12T16:13:26Z", + "Hostname": "FALCON-CROWDSTR", + "ID": "75b2dba7ba8d450da481ed6830cc9d9d", + "LastSeen": "2021-08-23T04:59:48Z", + "LocalIP": "10.128.0.21", + "MacAddress": "42-01-0a-80-00-15", + "OS": "Windows Server 2019", + "Status": "normal" + }, + { + "ExternalIP": "35.224.136.145", + "FirstSeen": "2020-02-10T12:40:18Z", + "Hostname": "FALCON-CROWDSTR", + "ID": "15dbb9d8f06b45fe9f61eb46e829d986", + "LastSeen": "2021-08-25T07:42:47Z", + "LocalIP": "10.128.0.7", + "MacAddress": "42-01-0a-80-00-07", + "OS": "Windows Server 2019", + "Status": "contained" + }, + { + "ExternalIP": "35.224.136.145", + "FirstSeen": "2021-08-23T05:04:41Z", + "Hostname": "INSTANCE-1", + "ID": "046761c46ec84f40b27b6f79ce7cd32c", + "LastSeen": "2021-08-25T07:49:06Z", + "LocalIP": "10.128.0.20", + "MacAddress": "42-01-0a-80-00-14", + "OS": "Windows Server 2019", + "Status": "normal" + }, + { + "ExternalIP": "35.224.136.145", + "FirstSeen": "2021-08-11T13:57:29Z", + "Hostname": "INSTANCE-1", + "ID": "07007dd3f95c4d628fb097072bf7f7f3", + "LastSeen": "2021-08-23T04:45:37Z", + "LocalIP": "10.128.0.20", + "MacAddress": "42-01-0a-80-00-14", + "OS": "Windows Server 2019", + "Status": "normal" + }, + { + "ExternalIP": "35.224.136.145", + "FirstSeen": "2021-08-08T11:33:21Z", + "Hostname": "falcon-crowdstrike-sensor-centos7", + "ID": "0bde2c4645294245aca522971ccc44c4", + "LastSeen": "2021-08-25T07:50:47Z", + "LocalIP": "10.128.0.19", + "MacAddress": "42-01-0a-80-00-13", + "OS": "CentOS 7.9", + "Status": "normal" + } + ] + } +} +``` + +#### Human Readable Output + +>### Devices +>|ID|External IP|Local IP|Hostname|OS|Mac Address|First Seen|Last Seen|Status| +>|---|---|---|---|---|---|---|---|---| +>| 0bde2c4645294245aca522971ccc44c4 | 35.224.136.145 | 10.128.0.19 | falcon-crowdstrike-sensor-centos7 | CentOS 7.9 | 42-01-0a-80-00-13 | 2021-08-08T11:33:21Z | 2021-08-25T07:50:47Z | normal | + +### cs-falcon-add-host-group-members +*** +Add host group members. + + +#### Base Command + +`cs-falcon-add-host-group-members` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host_group_id | The ID of the host group. | Required | +| host_ids | A comma-separated list of host agent IDs to run commands.(The list of host agent IDs can be retrieved by running the 'cs-falcon-search-device' command.) | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CrowdStrike.HostGroup.id | String | The ID of the host group. | +| CrowdStrike.HostGroup.group_type | String | The group type of the host group. | +| CrowdStrike.HostGroup.name | String | The name of the host group. | +| CrowdStrike.HostGroup.description | String | The description of the host group. | +| CrowdStrike.HostGroup.created_by | String | The client that created the host group. | +| CrowdStrike.HostGroup.created_timestamp | Date | 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' | +| CrowdStrike.HostGroup.modified_by | String | The client that modified the host group. | +| CrowdStrike.HostGroup.modified_timestamp | Date | 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' | + + +#### Command Example +```!cs-falcon-add-host-group-members host_group_id="4902d5686bed41ba88a37439f38913ba" host_ids="0bde2c4645294245aca522971ccc44c4"``` + +#### Context Example +```json +{ + "CrowdStrike": { + "HostGroup": { + "assignment_rule": "device_id:[''],hostname:['falcon-crowdstrike-sensor-centos7','']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-22T07:48:35.111070562Z", + "description": "test_description_update", + "group_type": "static", + "id": "4902d5686bed41ba88a37439f38913ba", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-25T08:02:05.295663156Z", + "name": "test_name_update_1" + } + } +} +``` + +#### Human Readable Output + +>### Results +>|assignment_rule|created_by|created_timestamp|description|group_type|id|modified_by|modified_timestamp|name| +>|---|---|---|---|---|---|---|---|---| +>| device_id:[''],hostname:['falcon-crowdstrike-sensor-centos7',''] | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-22T07:48:35.111070562Z | test_description_update | static | 4902d5686bed41ba88a37439f38913ba | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-25T08:02:05.295663156Z | test_name_update_1 | + +### cs-falcon-remove-host-group-members +*** +Remove host group members. + + +#### Base Command + +`cs-falcon-remove-host-group-members` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host_group_id | The ID of the host group. | Required | +| host_ids | A comma-separated list of host agent IDs to run commands. (The list of host agent IDs can be retrieved by running the 'cs-falcon-search-device' command.)| Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CrowdStrike.HostGroup.id | String | The ID of the host group. | +| CrowdStrike.HostGroup.group_type | String | The group type of the host group. | +| CrowdStrike.HostGroup.name | String | The name of the host group. | +| CrowdStrike.HostGroup.description | String | The description of the host group. | +| CrowdStrike.HostGroup.created_by | String | The client that created the host group. | +| CrowdStrike.HostGroup.created_timestamp | Date | 'The datetime when the host group was created in ISO time format. For + example: 2019-10-17T13:41:48.487520845Z.' | +| CrowdStrike.HostGroup.modified_by | String | The client that modified the host group. | +| CrowdStrike.HostGroup.modified_timestamp | Date | 'The datetime when the host group was last modified in ISO time format. + For example: 2019-10-17T13:41:48.487520845Z.' | + + +#### Command Example +```!cs-falcon-remove-host-group-members host_group_id="4902d5686bed41ba88a37439f38913ba" host_ids="0bde2c4645294245aca522971ccc44c4"``` + +#### Context Example +```json +{ + "CrowdStrike": { + "HostGroup": { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-22T07:48:35.111070562Z", + "description": "test_description_update", + "group_type": "static", + "id": "4902d5686bed41ba88a37439f38913ba", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-25T08:02:05.295663156Z", + "name": "test_name_update_1" + } + } +} +``` + +#### Human Readable Output + +>### Results +>|assignment_rule|created_by|created_timestamp|description|group_type|id|modified_by|modified_timestamp|name| +>|---|---|---|---|---|---|---|---|---| +>| device_id:[''],hostname:[''] | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-22T07:48:35.111070562Z | test_description_update | static | 4902d5686bed41ba88a37439f38913ba | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-25T08:02:05.295663156Z | test_name_update_1 | + +### cs-falcon-resolve-incident +*** +Resolve incidents + + +#### Base Command + +`cs-falcon-resolve-incident` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| ids | A comma-separated list of incident IDs. | Required | +| status | The new status of the incident. Can be "New", "In Progress", "Reopened", "Closed". Possible values are: New, In Progress, Reopened, Closed. | Required | + + +#### Context Output + +There is no context output for this command. + +#### Command Example +```!cs-falcon-resolve-incident ids="inc:0bde2c4645294245aca522971ccc44c4:f3825bf7df684237a1eb62b39124ebef,inc:07007dd3f95c4d628fb097072bf7f7f3:ecd5c5acd4f042e59be2f990e9ada258" status="Closed"``` + +#### Human Readable Output + +>inc:0bde2c4645294245aca522971ccc44c4:f3825bf7df684237a1eb62b39124ebef changed successfully to Closed +>inc:07007dd3f95c4d628fb097072bf7f7f3:ecd5c5acd4f042e59be2f990e9ada258 changed successfully to Closed +### cs-falcon-list-host-groups +*** +List the available host groups. + + +#### Base Command + +`cs-falcon-list-host-groups` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| filter | The query by which to filter the devices that belong to the host group. | Optional | +| offset | Page offset. | Optional | +| limit | Maximum number of results on a page. Default is 50. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| CrowdStrike.HostGroup.id | String | The ID of the host group. | +| CrowdStrike.HostGroup.group_type | String | The group type of the host group. | +| CrowdStrike.HostGroup.name | String | The name of the host group. | +| CrowdStrike.HostGroup.description | String | The description of the host group. | +| CrowdStrike.HostGroup.created_by | String | The client that created the host group. | +| CrowdStrike.HostGroup.created_timestamp | Date | The datetime when the host group was created in ISO time format. For example: 2019-10-17T13:41:48.487520845Z. | +| CrowdStrike.HostGroup.modified_by | String | The client that modified the host group. | +| CrowdStrike.HostGroup.modified_timestamp | Date | The datetime when the host group was last modified in ISO time format. For example: 2019-10-17T13:41:48.487520845Z. | + + +#### Command Example +```!cs-falcon-list-host-groups``` + +#### Context Example +```json +{ + "CrowdStrike": { + "HostGroup": [ + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T14:35:23.765624811Z", + "description": "description", + "group_type": "static", + "id": "d70fa742d28a4e6cb0d33b7af599783d", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T14:35:23.765624811Z", + "name": "InnerServicesModuleMon Aug 23 2021" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T14:35:25.506030441Z", + "description": "description", + "group_type": "static", + "id": "d0ff99dfd3884fba87424c03686e45b6", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T14:35:25.506030441Z", + "name": "Rasterize_default_instanceMon Aug 23 2021" + }, + { + "assignment_rule": "device_id:[''],hostname:['','FALCON-CROWDSTR']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-07-27T12:34:59.13917402Z", + "description": "", + "group_type": "static", + "id": "1fc2e6e1e9c24c5d8d9ce52a9fa8e507", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-07-27T12:34:59.13917402Z", + "name": "Static by id group test" + }, + { + "assignment_rule": "device_id:[],hostname:[]", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-07-27T12:24:18.364057533Z", + "description": "Group test", + "group_type": "static", + "id": "11dbab2a65054041b4e949768aaed0df", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-07-27T12:24:18.364057533Z", + "name": "Static group test" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T14:35:26.069515348Z", + "description": "description", + "group_type": "static", + "id": "09c88625e1ab49e4bbd525f836f610a7", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T14:35:26.069515348Z", + "name": "ad-loginMon Aug 23 2021" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T14:35:25.556897468Z", + "description": "description", + "group_type": "static", + "id": "af0e040d7bb04af7bb00da83e4c0e8f2", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T14:35:25.556897468Z", + "name": "ad-queryMon Aug 23 2021" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T14:35:23.737307612Z", + "description": "description", + "group_type": "static", + "id": "09d2a0d3db384021906db6d3c3a2afcb", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T14:35:23.737307612Z", + "name": "d2Mon Aug 23 2021" + }, + { + "created_by": "akrupnik@paloaltonetworks.com", + "created_timestamp": "2021-07-27T12:27:43.503021999Z", + "description": "dhfh", + "group_type": "staticByID", + "id": "79843d26a16c4530becc218a791f642c", + "modified_by": "akrupnik@paloaltonetworks.com", + "modified_timestamp": "2021-07-27T12:27:43.503021999Z", + "name": "ddfxgh" + }, + { + "assignment_rule": "device.hostname:'FALCON-CROWDSTR'", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-07-27T12:46:39.058352326Z", + "description": "", + "group_type": "dynamic", + "id": "5d88a39652d24de2be42b14b427cc9e3", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-07-27T12:46:39.058352326Z", + "name": "dynamic 1 group test" + }, + { + "assignment_rule": "lkjlk:'FalconGroupingTags/example_tag'", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T13:12:56.338590022Z", + "description": "", + "group_type": "dynamic", + "id": "2f2d825c1bdb42338531c1679557aa1e", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T13:12:56.338590022Z", + "name": "dynamic 13523 group test" + }, + { + "assignment_rule": "lkjlk:'FalconGroupingTags/example_tag'", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-07-27T14:02:05.538065349Z", + "description": "", + "group_type": "dynamic", + "id": "cefe41dfa96a4e60bb1f08b98e1ba232", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-07-27T14:02:05.538065349Z", + "name": "dynamic 1353 group test" + }, + { + "assignment_rule": "tags:'FalconGroupingTags/example_tag'", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-07-27T12:41:33.127997409Z", + "description": "", + "group_type": "dynamic", + "id": "9e9c3cf9a9664d0c8c5c7d8b38546635", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-07-27T12:41:33.127997409Z", + "name": "dynamic 2 group test" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T14:35:23.7402217Z", + "description": "description", + "group_type": "static", + "id": "f43a275267d74157bbb33bf69d640c4d", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T14:35:23.7402217Z", + "name": "fcm_default_instanceMon Aug 23 2021" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-11T09:55:23.801049103Z", + "description": "ilan test", + "group_type": "dynamic", + "id": "370322c647374bb298a6a14374bbdfd5", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-11T09:55:23.801049103Z", + "name": "ilan" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-12T11:24:51.434863056Z", + "description": "ilan test", + "group_type": "dynamic", + "id": "545f5d385b494f3ebf355adefed8ed4a", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-12T11:24:51.434863056Z", + "name": "ilan 2" + }, + { + "assignment_rule": "device_id:[''],hostname:['FALCON-CROWDSTR']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-12T11:55:57.943490809Z", + "description": "ilan test", + "group_type": "dynamic", + "id": "d99b77530ef34a6a8718a60817d72a8f", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-12T11:55:57.943490809Z", + "name": "ilan 23" + }, + { + "assignment_rule": "", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-17T11:28:39.855075106Z", + "description": "after change", + "group_type": "dynamic", + "id": "8a3c2cdeb7524a109bbb44f64b3da814", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T09:26:15.351650252Z", + "name": "ilan 2345" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-17T11:58:42.453661998Z", + "description": "ilan test", + "group_type": "static", + "id": "b1a0cd73ecab411581cbe467fc3319f5", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-17T11:58:42.453661998Z", + "name": "ilan 23e" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-11T13:54:59.695821727Z", + "description": "", + "group_type": "static", + "id": "d3fd5d87d317419db20f17dcf6f0d81e", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-11T13:54:59.695821727Z", + "name": "ilan test 2" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-12T10:56:49.2127345Z", + "description": "ilan test", + "group_type": "dynamic", + "id": "c2c49a308ed446589222b4e30131bee0", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-12T11:35:35.76509212Z", + "name": "ilan2" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T14:35:23.766284685Z", + "description": "description", + "group_type": "static", + "id": "39def881ea5846f2a2f763bad8ee3468", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T14:35:23.766284685Z", + "name": "splunkMon Aug 23 2021" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:09:15.36414377Z", + "description": "description", + "group_type": "static", + "id": "7fb5e2b9f1af477f985d4760a92affe4", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:09:15.36414377Z", + "name": "test_1629731353498" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:12:20.69203954Z", + "description": "description", + "group_type": "static", + "id": "5a47bfc13dc34576a9ba7134744855a7", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:12:20.69203954Z", + "name": "test_1629731538458" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:14:20.650781714Z", + "description": "description2", + "group_type": "static", + "id": "be91aa4837614069a7452023f19164af", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:14:23.026511269Z", + "name": "test_16297316587261629731658726" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:18:53.896505566Z", + "description": "description2", + "group_type": "static", + "id": "f2f7132beb0743b4889921149a97ca6b", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:18:56.2598933Z", + "name": "test_16297319320381629731932038" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:19:51.91067257Z", + "description": "description2", + "group_type": "static", + "id": "055de83f2f704b5f85d7ddbc2a163697", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:19:54.269898808Z", + "name": "test_16297319902371629731990237" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:25:42.99601887Z", + "description": "description", + "group_type": "static", + "id": "9b22f3c6b5864d17b54740a067a0ed17", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:25:42.99601887Z", + "name": "test_1629732339973" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:26:12.280379354Z", + "description": "description2", + "group_type": "static", + "id": "c929e5f5b5fd4b8ab71ceb4af853cbc0", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:26:14.973676462Z", + "name": "test_16297323698941629732369894" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:26:58.717706381Z", + "description": "description2", + "group_type": "static", + "id": "d9539d6a273b4f3dbfb1746e7e0c2ec6", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:27:01.648623079Z", + "name": "test_16297324168771629732416877" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:28:18.674512647Z", + "description": "description2", + "group_type": "static", + "id": "bc4572145fe148059d4a709206232dbc", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:28:21.781563212Z", + "name": "test_16297324965761629732496576" + }, + { + "assignment_rule": "device_id:[''],hostname:['FALCON-CROWDSTR','INSTANCE-1','falcon-crowdstrike-sensor-centos7']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:31:41.142748214Z", + "description": "description2", + "group_type": "static", + "id": "af60190df8d4437c96ae8d1ef946f3cf", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:31:43.800147323Z", + "name": "test_16297326990981629732699098" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:34:20.195778795Z", + "description": "description2", + "group_type": "static", + "id": "b0fe6af9bad34688844daf3cec6acef0", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:34:23.212828317Z", + "name": "test_16297328579781629732857978" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:34:55.837119719Z", + "description": "description2", + "group_type": "static", + "id": "9dd1ecf3cdb540a48a82660be22f1039", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:34:58.490114093Z", + "name": "test_16297328938791629732893879" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-23T15:37:42.911344704Z", + "description": "description2", + "group_type": "static", + "id": "1bcd536b2b4545b9b9373aa29e8ee676", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-23T15:37:45.620464598Z", + "name": "test_16297330605301629733060530" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-24T07:05:55.813475476Z", + "description": "description2", + "group_type": "static", + "id": "9333f3df1b2b4905ae4abc532a438cdb", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-24T07:05:58.805702883Z", + "name": "test_16297887501421629788750142" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-24T07:07:30.422517324Z", + "description": "description2", + "group_type": "static", + "id": "d193ffdeac4f45afbdeb2f0b3ebcb78c", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-24T07:07:34.291988227Z", + "name": "test_16297888481381629788848138" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-24T08:03:15.522772079Z", + "description": "description2", + "group_type": "static", + "id": "ee2bbca82b44413dab8ddb112e34454a", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-24T08:03:18.622015517Z", + "name": "test_16297921932741629792193274" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:09:52.379925975Z", + "description": "description", + "group_type": "static", + "id": "ba4f6fd641784dc787f4a19f0488e400", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:09:52.379925975Z", + "name": "test_1629967211800" + }, + { + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T12:34:36.934507422Z", + "description": "description", + "group_type": "static", + "id": "beabe1b9a09d4591bff9d080a96e46e3", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T12:34:36.934507422Z", + "name": "test_162996721180000" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T08:46:09.996065663Z", + "description": "description2", + "group_type": "static", + "id": "a853d878f8e94093b42cd49e04e7f7f6", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T08:46:11.572092204Z", + "name": "test_16299675695531629967569553" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T08:53:15.35181954Z", + "description": "description2", + "group_type": "static", + "id": "95dd4fd340054a108e8363d2bf5d6e5e", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T08:53:17.041535905Z", + "name": "test_16299679949831629967994983" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T08:59:52.639696743Z", + "description": "description2", + "group_type": "static", + "id": "e512275c2dc1450ea6133d7c6e77cae5", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T08:59:54.538170036Z", + "name": "test_16299683923121629968392312" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:06:21.891707157Z", + "description": "description2", + "group_type": "static", + "id": "724cf2a7106241b4a3d4139d2a264f11", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:06:23.846219163Z", + "name": "test_16299687814871629968781487" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:12:53.982989Z", + "description": "description2", + "group_type": "static", + "id": "e8f2ec25841e4d93bb07dbe6aa326742", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:12:55.571265187Z", + "name": "test_16299691732871629969173287" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:17:58.206157753Z", + "description": "description2", + "group_type": "static", + "id": "25141ce104e445849d05a4149ea019ea", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:17:59.659515838Z", + "name": "test_16299694779051629969477905" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:19:23.276267291Z", + "description": "description2", + "group_type": "static", + "id": "09bfcc12e3b046ddaea45a5d216f9581", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:19:25.318976241Z", + "name": "test_16299695623981629969562398" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:26:22.538367707Z", + "description": "description2", + "group_type": "static", + "id": "62e4b5a4764e4313b540664b5be3fea2", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:26:25.085214782Z", + "name": "test_16299699813871629969981387" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:33:46.303790983Z", + "description": "description2", + "group_type": "static", + "id": "b214e5c58229462b96e580c5934c20db", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:33:48.288311235Z", + "name": "test_16299704254441629970425444" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T09:55:09.157561612Z", + "description": "description2", + "group_type": "static", + "id": "9a7291431c3046ccb7b750240f924854", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T09:55:10.741852436Z", + "name": "test_16299717065381629971706538" + }, + { + "assignment_rule": "device_id:[''],hostname:['']", + "created_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "created_timestamp": "2021-08-26T10:02:50.175530821Z", + "description": "description2", + "group_type": "static", + "id": "29ae859b9a01409d83bf7fb7f7a04c69", + "modified_by": "api-client-id:2bf188d347e44e08946f2e61ef590c24", + "modified_timestamp": "2021-08-26T10:02:52.026307768Z", + "name": "test_16299721694081629972169408" + } + ] + } +} +``` + +#### Human Readable Output + +>### Results +>|assignment_rule|created_by|created_timestamp|description|group_type|id|modified_by|modified_timestamp|name| +>|---|---|---|---|---|---|---|---|---| +>| device_id:[''],hostname:[''] | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-26T10:02:50.175530821Z | description2 | static | 29ae859b9a01409d83bf7fb7f7a04c69 | api-client-id:2bf188d347e44e08946f2e61ef590c24 | 2021-08-26T10:02:52.026307768Z | test_16299721694081629972169408 | + +### cs-falcon-delete-host-groups +*** +Delete the requested host groups. + + +#### Base Command + +`cs-falcon-delete-host-groups` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| host_group_id | A comma-separated list of the IDs of the host groups to be deleted. | Required | + + +#### Context Output + +There is no context output for this command. + +#### Command Example +```!cs-falcon-delete-host-groups host_group_id=29ae859b9a01409d83bf7fb7f7a04c69,9a7291431c3046ccb7b750240f924854``` + +#### Human Readable Output +>host group id 29ae859b9a01409d83bf7fb7f7a04c69 deleted successfully +>host group id 9a7291431c3046ccb7b750240f924854 deleted successfully diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/expected_list_hostgroup_members_results.json b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/expected_list_hostgroup_members_results.json new file mode 100644 index 000000000000..8e708d7c8805 --- /dev/null +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/expected_list_hostgroup_members_results.json @@ -0,0 +1,57 @@ +[ + { + "ID": "75b2dba7ba8d450da481ed6830cc9d9d", + "ExternalIP": "35.224.136.145", + "MacAddress": "42-01-0a-80-00-15", + "Hostname": "FALCON-CROWDSTR", + "FirstSeen": "2021-08-12T16:13:26Z", + "LastSeen": "2021-08-23T04:59:48Z", + "LocalIP": "10.128.0.21", + "OS": "Windows Server 2019", + "Status": "normal" + }, + { + "ID": "15dbb9d8f06b45fe9f61eb46e829d986", + "ExternalIP": "35.224.136.145", + "MacAddress": "42-01-0a-80-00-07", + "Hostname": "FALCON-CROWDSTR", + "FirstSeen": "2020-02-10T12:40:18Z", + "LastSeen": "2021-08-23T11:32:27Z", + "LocalIP": "10.128.0.7", + "OS": "Windows Server 2019", + "Status": "contained" + }, + { + "ID": "046761c46ec84f40b27b6f79ce7cd32c", + "ExternalIP": "35.224.136.145", + "MacAddress": "42-01-0a-80-00-14", + "Hostname": "INSTANCE-1", + "FirstSeen": "2021-08-23T05:04:41Z", + "LastSeen": "2021-08-23T11:16:44Z", + "LocalIP": "10.128.0.20", + "OS": "Windows Server 2019", + "Status": "normal" + }, + { + "ID": "07007dd3f95c4d628fb097072bf7f7f3", + "ExternalIP": "35.224.136.145", + "MacAddress": "42-01-0a-80-00-14", + "Hostname": "INSTANCE-1", + "FirstSeen": "2021-08-11T13:57:29Z", + "LastSeen": "2021-08-23T04:45:37Z", + "LocalIP": "10.128.0.20", + "OS": "Windows Server 2019", + "Status": "normal" + }, + { + "ID": "0bde2c4645294245aca522971ccc44c4", + "ExternalIP": "35.224.136.145", + "MacAddress": "42-01-0a-80-00-13", + "Hostname": "falcon-crowdstrike-sensor-centos7", + "FirstSeen": "2021-08-08T11:33:21Z", + "LastSeen": "2021-08-23T11:14:36Z", + "LocalIP": "10.128.0.19", + "OS": "CentOS 7.9", + "Status": "normal" + } +] \ No newline at end of file diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_create_hostgroup_invalid_data.json b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_create_hostgroup_invalid_data.json new file mode 100644 index 000000000000..1fd084440681 --- /dev/null +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_create_hostgroup_invalid_data.json @@ -0,0 +1,13 @@ +{ + "meta": { + "query_time": 1.21e-7, + "trace_id": "4355b65a-bcec-4169-914f-200f469445dc" + }, + "errors": [ + { + "code": 400, + "message": "May not specify 'assignment_rule' if 'group_type' is 'static'", + "id": "dem test" + } + ] +} \ No newline at end of file diff --git a/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_list_hostgroup_members_data.json b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_list_hostgroup_members_data.json new file mode 100644 index 000000000000..9a43fb736108 --- /dev/null +++ b/Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/test_data/test_list_hostgroup_members_data.json @@ -0,0 +1,568 @@ +{ + "meta": { + "query_time": 1.95e-7, + "pagination": { + "offset": 5, + "limit": 100, + "total": 5 + }, + "trace_id": "1aeb689a-fdd0-462c-a28b-1e9235542265" + }, + "errors": [], + "resources": [ + { + "device_id": "75b2dba7ba8d450da481ed6830cc9d9d", + "cid": "20879a8064904ecfbb62c118a6a19411", + "agent_load_flags": "1", + "agent_local_time": "2021-08-13T03:58:16.323Z", + "agent_version": "6.26.14003.0", + "bios_manufacturer": "Google", + "bios_version": "Google", + "build_number": "17763", + "config_id_base": "65994753", + "config_id_build": "14003", + "config_id_platform": "3", + "cpu_signature": "198384", + "external_ip": "35.224.136.145", + "mac_address": "42-01-0a-80-00-15", + "instance_id": "3293846594733507761", + "service_provider": "GCP", + "service_provider_account_id": "564609343865", + "hostname": "FALCON-CROWDSTR", + "first_seen": "2021-08-12T16:13:26Z", + "last_seen": "2021-08-23T04:59:48Z", + "local_ip": "10.128.0.21", + "major_version": "10", + "minor_version": "0", + "os_version": "Windows Server 2019", + "platform_id": "0", + "platform_name": "Windows", + "policies": [ + { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-08-12T16:14:43.184607522Z", + "applied_date": "2021-08-12T16:14:52.303842766Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + } + ], + "reduced_functionality_mode": "no", + "device_policies": { + "prevention": { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-08-12T16:14:43.184607522Z", + "applied_date": "2021-08-12T16:14:52.303842766Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + }, + "sensor_update": { + "policy_type": "sensor-update", + "policy_id": "d3af78bb65be44abb97484a4a6dde15d", + "applied": true, + "settings_hash": "tagged|1;101", + "assigned_date": "2021-08-12T16:20:35.080426796Z", + "applied_date": "2021-08-12T16:22:14.695391866Z", + "uninstall_protection": "ENABLED" + }, + "device_control": { + "policy_type": "device-control", + "policy_id": "2eb87e60c3604b769c4fbfac20321011", + "applied": true, + "assigned_date": "2021-08-12T16:14:43.184591112Z", + "applied_date": "2021-08-12T16:14:52.77093029Z" + }, + "global_config": { + "policy_type": "globalconfig", + "policy_id": "e37c8333d2a24a02b787eba7d6015880", + "applied": true, + "settings_hash": "219a232d", + "assigned_date": "2021-08-13T04:01:55.772597513Z", + "applied_date": "2021-08-13T04:03:34.828121272Z" + }, + "remote_response": { + "policy_type": "remote-response", + "policy_id": "f825fe39c38444d6aaef4a506a6b30ad", + "applied": true, + "settings_hash": "5aa2f5b", + "assigned_date": "2021-08-12T16:14:43.18461434Z", + "applied_date": "2021-08-12T16:14:51.89583608Z" + }, + "firewall": { + "policy_type": "firewall", + "policy_id": "ce93c24ff59143259c55ba090680091d", + "applied": true, + "assigned_date": "2021-08-12T16:14:43.184630588Z", + "applied_date": "2021-08-12T16:14:52.115637247Z", + "rule_set_id": "ce93c24ff59143259c55ba090680091d" + } + }, + "groups": [ + "1fc2e6e1e9c24c5d8d9ce52a9fa8e507", + "d99b77530ef34a6a8718a60817d72a8f" + ], + "group_hash": "44bc233980a9e500d7ea8eb61064d60fe68bc46699f206d6f5ad6df44c461486", + "product_type": "3", + "product_type_desc": "Server", + "provision_status": "Provisioned", + "serial_number": "GoogleCloud-4BFE83AC0B49D497BC94B053718181C9", + "service_pack_major": "0", + "service_pack_minor": "0", + "pointer_size": "8", + "status": "normal", + "system_manufacturer": "Google", + "system_product_name": "Google Compute Engine", + "tags": [], + "modified_timestamp": "2021-08-23T04:59:49Z", + "slow_changing_modified_timestamp": "2021-08-23T04:59:49Z", + "meta": { + "version": "828" + }, + "zone_group": "projects/564609343865/zones/us-central1-a" + }, + { + "device_id": "15dbb9d8f06b45fe9f61eb46e829d986", + "cid": "20879a8064904ecfbb62c118a6a19411", + "agent_load_flags": "0", + "agent_local_time": "2021-08-11T22:32:57.642Z", + "agent_version": "6.26.14003.0", + "bios_manufacturer": "Google", + "bios_version": "Google", + "build_number": "17763", + "config_id_base": "65994753", + "config_id_build": "14003", + "config_id_platform": "3", + "cpu_signature": "198384", + "external_ip": "35.224.136.145", + "mac_address": "42-01-0a-80-00-07", + "instance_id": "5278723767695872635", + "service_provider": "GCP", + "service_provider_account_id": "564609343865", + "hostname": "FALCON-CROWDSTR", + "first_seen": "2020-02-10T12:40:18Z", + "last_seen": "2021-08-23T11:32:27Z", + "local_ip": "10.128.0.7", + "major_version": "10", + "minor_version": "0", + "os_version": "Windows Server 2019", + "platform_id": "0", + "platform_name": "Windows", + "policies": [ + { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-01-18T15:53:42.071042118Z", + "applied_date": "2021-01-18T15:58:42.399432715Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + } + ], + "reduced_functionality_mode": "no", + "device_policies": { + "prevention": { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-01-18T15:53:42.071042118Z", + "applied_date": "2021-01-18T15:58:42.399432715Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + }, + "sensor_update": { + "policy_type": "sensor-update", + "policy_id": "d3af78bb65be44abb97484a4a6dde15d", + "applied": true, + "settings_hash": "tagged|1;101", + "assigned_date": "2021-08-11T22:28:18.83940543Z", + "applied_date": "2021-08-11T22:35:55.091473402Z", + "uninstall_protection": "ENABLED" + }, + "device_control": { + "policy_type": "device-control", + "policy_id": "2eb87e60c3604b769c4fbfac20321011", + "applied": true, + "assigned_date": "2021-02-12T20:57:52.928820495Z", + "applied_date": "2021-02-12T21:03:08.554730017Z" + }, + "global_config": { + "policy_type": "globalconfig", + "policy_id": "e37c8333d2a24a02b787eba7d6015880", + "applied": true, + "settings_hash": "219a232d", + "assigned_date": "2021-08-11T22:39:44.144986671Z", + "applied_date": "2021-08-11T22:44:01.027213412Z" + }, + "remote_response": { + "policy_type": "remote-response", + "policy_id": "f825fe39c38444d6aaef4a506a6b30ad", + "applied": true, + "settings_hash": "5aa2f5b", + "assigned_date": "2020-11-14T20:38:27.150769027Z", + "applied_date": "2020-11-14T20:39:37.923730468Z" + }, + "firewall": { + "policy_type": "firewall", + "policy_id": "ce93c24ff59143259c55ba090680091d", + "applied": true, + "assigned_date": "2021-03-09T15:32:08.370445318Z", + "applied_date": "2021-03-09T15:37:32.98065256Z", + "rule_set_id": "ce93c24ff59143259c55ba090680091d" + } + }, + "groups": [ + "1fc2e6e1e9c24c5d8d9ce52a9fa8e507", + "d99b77530ef34a6a8718a60817d72a8f" + ], + "group_hash": "44bc233980a9e500d7ea8eb61064d60fe68bc46699f206d6f5ad6df44c461486", + "product_type": "3", + "product_type_desc": "Server", + "provision_status": "Provisioned", + "serial_number": "GoogleCloud-2B07BF97E8ED43183F868AFBA20C6C3D", + "service_pack_major": "0", + "service_pack_minor": "0", + "pointer_size": "8", + "status": "contained", + "system_manufacturer": "Google", + "system_product_name": "Google Compute Engine", + "tags": [], + "modified_timestamp": "2021-08-23T11:33:08Z", + "slow_changing_modified_timestamp": "2021-08-23T10:35:20Z", + "meta": { + "version": "34499" + }, + "zone_group": "projects/564609343865/zones/us-central1-a" + }, + { + "device_id": "046761c46ec84f40b27b6f79ce7cd32c", + "cid": "20879a8064904ecfbb62c118a6a19411", + "agent_load_flags": "1", + "agent_local_time": "2021-08-23T05:04:28.938Z", + "agent_version": "6.26.14003.0", + "bios_manufacturer": "Google", + "bios_version": "Google", + "build_number": "17763", + "config_id_base": "65994753", + "config_id_build": "14003", + "config_id_platform": "3", + "cpu_signature": "198384", + "external_ip": "35.224.136.145", + "mac_address": "42-01-0a-80-00-14", + "instance_id": "8415755636796452136", + "service_provider": "GCP", + "service_provider_account_id": "564609343865", + "hostname": "INSTANCE-1", + "first_seen": "2021-08-23T05:04:41Z", + "last_seen": "2021-08-23T11:16:44Z", + "local_ip": "10.128.0.20", + "major_version": "10", + "minor_version": "0", + "os_version": "Windows Server 2019", + "platform_id": "0", + "platform_name": "Windows", + "policies": [ + { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-08-23T05:06:25.129722104Z", + "applied_date": "2021-08-23T05:07:33.124138927Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + } + ], + "reduced_functionality_mode": "no", + "device_policies": { + "prevention": { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-08-23T05:06:25.129722104Z", + "applied_date": "2021-08-23T05:07:33.124138927Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + }, + "sensor_update": { + "policy_type": "sensor-update", + "policy_id": "d3af78bb65be44abb97484a4a6dde15d", + "applied": true, + "settings_hash": "tagged|1;101", + "assigned_date": "2021-08-23T05:06:25.129701756Z", + "applied_date": "2021-08-23T05:07:33.146402665Z", + "uninstall_protection": "ENABLED" + }, + "device_control": { + "policy_type": "device-control", + "policy_id": "2eb87e60c3604b769c4fbfac20321011", + "applied": true, + "assigned_date": "2021-08-23T05:06:25.129710899Z", + "applied_date": "2021-08-23T05:07:33.170314944Z" + }, + "global_config": { + "policy_type": "globalconfig", + "policy_id": "e37c8333d2a24a02b787eba7d6015880", + "applied": true, + "settings_hash": "219a232d", + "assigned_date": "2021-08-23T05:06:25.129706746Z", + "applied_date": "2021-08-23T05:07:33.194740562Z" + }, + "remote_response": { + "policy_type": "remote-response", + "policy_id": "f825fe39c38444d6aaef4a506a6b30ad", + "applied": true, + "settings_hash": "5aa2f5b", + "assigned_date": "2021-08-23T05:06:25.129715982Z", + "applied_date": "2021-08-23T05:07:33.225464657Z" + }, + "firewall": { + "policy_type": "firewall", + "policy_id": "ce93c24ff59143259c55ba090680091d", + "applied": true, + "assigned_date": "2021-08-23T05:12:18.115770613Z", + "applied_date": "2021-08-23T05:14:22.543995665Z", + "rule_set_id": "ce93c24ff59143259c55ba090680091d" + } + }, + "groups": [], + "group_hash": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "product_type": "3", + "product_type_desc": "Server", + "provision_status": "Provisioned", + "serial_number": "GoogleCloud-B207E56B4AE91D3C50828DFBE750825D", + "service_pack_major": "0", + "service_pack_minor": "0", + "pointer_size": "8", + "status": "normal", + "system_manufacturer": "Google", + "system_product_name": "Google Compute Engine", + "tags": [], + "modified_timestamp": "2021-08-23T11:17:40Z", + "slow_changing_modified_timestamp": "2021-08-23T11:04:46Z", + "meta": { + "version": "29" + }, + "zone_group": "projects/564609343865/zones/us-central1-a" + }, + { + "device_id": "07007dd3f95c4d628fb097072bf7f7f3", + "cid": "20879a8064904ecfbb62c118a6a19411", + "agent_load_flags": "1", + "agent_local_time": "2021-08-12T19:23:19.338Z", + "agent_version": "6.26.14003.0", + "bios_manufacturer": "Google", + "bios_version": "Google", + "build_number": "17763", + "config_id_base": "65994753", + "config_id_build": "14003", + "config_id_platform": "3", + "cpu_signature": "198384", + "external_ip": "35.224.136.145", + "mac_address": "42-01-0a-80-00-14", + "instance_id": "8415755636796452136", + "service_provider": "GCP", + "service_provider_account_id": "564609343865", + "hostname": "INSTANCE-1", + "first_seen": "2021-08-11T13:57:29Z", + "last_seen": "2021-08-23T04:45:37Z", + "local_ip": "10.128.0.20", + "major_version": "10", + "minor_version": "0", + "os_version": "Windows Server 2019", + "platform_id": "0", + "platform_name": "Windows", + "policies": [ + { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-08-11T13:58:38.025840385Z", + "applied_date": "2021-08-11T13:59:17.075917556Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + } + ], + "reduced_functionality_mode": "no", + "device_policies": { + "prevention": { + "policy_type": "prevention", + "policy_id": "599b3a36b08c4dd4ba2668ccf15f4ed9", + "applied": true, + "settings_hash": "eb3f349c", + "assigned_date": "2021-08-11T13:58:38.025840385Z", + "applied_date": "2021-08-11T13:59:17.075917556Z", + "rule_groups": [ + "834ec379b09248cb857a13fd5d647cf0" + ] + }, + "sensor_update": { + "policy_type": "sensor-update", + "policy_id": "d3af78bb65be44abb97484a4a6dde15d", + "applied": true, + "settings_hash": "tagged|1;101", + "assigned_date": "2021-08-11T22:27:03.576170277Z", + "applied_date": "2021-08-11T22:31:58.94139593Z", + "uninstall_protection": "ENABLED" + }, + "device_control": { + "policy_type": "device-control", + "policy_id": "2eb87e60c3604b769c4fbfac20321011", + "applied": true, + "assigned_date": "2021-08-11T13:58:38.025852467Z", + "applied_date": "2021-08-11T13:59:17.297078504Z" + }, + "global_config": { + "policy_type": "globalconfig", + "policy_id": "e37c8333d2a24a02b787eba7d6015880", + "applied": true, + "settings_hash": "219a232d", + "assigned_date": "2021-08-12T19:26:57.868322866Z", + "applied_date": "2021-08-12T19:28:41.189760681Z" + }, + "remote_response": { + "policy_type": "remote-response", + "policy_id": "f825fe39c38444d6aaef4a506a6b30ad", + "applied": true, + "settings_hash": "5aa2f5b", + "assigned_date": "2021-08-11T13:58:38.025833245Z", + "applied_date": "2021-08-11T13:59:17.8723749Z" + }, + "firewall": { + "policy_type": "firewall", + "policy_id": "ce93c24ff59143259c55ba090680091d", + "applied": true, + "assigned_date": "2021-08-11T13:58:38.025845223Z", + "applied_date": "2021-08-11T13:59:16.896699093Z", + "rule_set_id": "ce93c24ff59143259c55ba090680091d" + } + }, + "groups": [], + "group_hash": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "product_type": "3", + "product_type_desc": "Server", + "provision_status": "Provisioned", + "serial_number": "GoogleCloud-02EC25D26444FEF5AFE5F7D3B016AC47", + "service_pack_major": "0", + "service_pack_minor": "0", + "pointer_size": "8", + "status": "normal", + "system_manufacturer": "Google", + "system_product_name": "Google Compute Engine", + "tags": [], + "modified_timestamp": "2021-08-23T04:45:40Z", + "slow_changing_modified_timestamp": "2021-08-23T04:24:33Z", + "meta": { + "version": "956" + }, + "zone_group": "projects/564609343865/zones/us-central1-a" + }, + { + "device_id": "0bde2c4645294245aca522971ccc44c4", + "cid": "20879a8064904ecfbb62c118a6a19411", + "agent_load_flags": "0", + "agent_local_time": "2021-08-08T11:35:05.989Z", + "agent_version": "6.25.12207.0", + "bios_manufacturer": "Google", + "bios_version": "Google", + "config_id_base": "65994753", + "config_id_build": "12207", + "config_id_platform": "8", + "cpu_signature": "198384", + "external_ip": "35.224.136.145", + "mac_address": "42-01-0a-80-00-13", + "instance_id": "7439962612154109441", + "service_provider": "GCP", + "service_provider_account_id": "564609343865", + "hostname": "falcon-crowdstrike-sensor-centos7", + "first_seen": "2021-08-08T11:33:21Z", + "last_seen": "2021-08-23T11:14:36Z", + "local_ip": "10.128.0.19", + "major_version": "3", + "minor_version": "10", + "os_version": "CentOS 7.9", + "platform_id": "3", + "platform_name": "Linux", + "policies": [ + { + "policy_type": "prevention", + "policy_id": "2a47e83404424e4fa4204160efcaab5e", + "applied": true, + "settings_hash": "d4cbb29", + "assigned_date": "2021-08-08T11:34:32.474354135Z", + "applied_date": "2021-08-08T11:34:53.617741661Z", + "rule_groups": [] + } + ], + "reduced_functionality_mode": "no", + "device_policies": { + "prevention": { + "policy_type": "prevention", + "policy_id": "2a47e83404424e4fa4204160efcaab5e", + "applied": true, + "settings_hash": "d4cbb29", + "assigned_date": "2021-08-08T11:34:32.474354135Z", + "applied_date": "2021-08-08T11:34:53.617741661Z", + "rule_groups": [] + }, + "sensor_update": { + "policy_type": "sensor-update", + "policy_id": "c87b0bd84441408e967c7190d083b34e", + "applied": true, + "settings_hash": "tagged|5;", + "assigned_date": "2021-08-08T11:34:32.474362525Z", + "applied_date": "2021-08-08T11:36:48.61203446Z", + "uninstall_protection": "UNKNOWN" + }, + "global_config": { + "policy_type": "globalconfig", + "policy_id": "b0ed04f7097f48c8875df57c58c4c5b6", + "applied": true, + "settings_hash": "77690c0d", + "assigned_date": "2021-08-08T11:35:06.584871631Z", + "applied_date": "2021-08-08T11:36:48.460140604Z" + }, + "remote_response": { + "policy_type": "remote-response", + "policy_id": "255d4887829941268c9f2e5e6877657e", + "applied": true, + "settings_hash": "17550b92", + "assigned_date": "2021-08-08T11:34:32.474343173Z", + "applied_date": "2021-08-08T11:34:53.507401792Z" + } + }, + "groups": [ + "4902d5686bed41ba88a37439f38913ba" + ], + "group_hash": "f52d90fab48ceb18186cc9e804152a682102f1878579faaee298d6900faaf4d8", + "product_type_desc": "Server", + "provision_status": "NotProvisioned", + "serial_number": "GoogleCloud-A08065CD718B9821F8CDA1989A8D65AE", + "status": "normal", + "system_manufacturer": "Google", + "system_product_name": "Google Compute Engine", + "tags": [], + "modified_timestamp": "2021-08-23T11:15:08Z", + "slow_changing_modified_timestamp": "2021-08-23T10:36:38Z", + "meta": { + "version": "1195" + }, + "zone_group": "projects/564609343865/zones/us-central1-a" + } + ] +} \ No newline at end of file diff --git a/Packs/CrowdStrikeFalcon/ReleaseNotes/1_3_0.md b/Packs/CrowdStrikeFalcon/ReleaseNotes/1_3_0.md new file mode 100644 index 000000000000..cceda6db624e --- /dev/null +++ b/Packs/CrowdStrikeFalcon/ReleaseNotes/1_3_0.md @@ -0,0 +1,12 @@ + +#### Integrations +##### CrowdStrike Falcon +- Added the following commands: + - ***cs-falcon-create-host-group*** + - ***cs-falcon-update-host-group*** + - ***cs-falcon-list-host-group-members*** + - ***cs-falcon-add-host-group-members*** + - ***cs-falcon-remove-host-group-members*** + - ***cs-falcon-list-host-groups*** + - ***cs-falcon-delete-host-groups*** +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/CrowdStrikeFalcon/TestPlaybooks/playbook-CrowdStrikeFalcon-Test.yml b/Packs/CrowdStrikeFalcon/TestPlaybooks/playbook-CrowdStrikeFalcon-Test.yml index 8f1a168dd95b..5f7d8ddae8c4 100644 --- a/Packs/CrowdStrikeFalcon/TestPlaybooks/playbook-CrowdStrikeFalcon-Test.yml +++ b/Packs/CrowdStrikeFalcon/TestPlaybooks/playbook-CrowdStrikeFalcon-Test.yml @@ -6,10 +6,10 @@ starttaskid: "0" tasks: "0": id: "0" - taskid: 7f626c1d-c310-48dc-89dc-7074d8a81cdd + taskid: 929c28a3-d610-423d-886c-df8cd8dbca86 type: start task: - id: 7f626c1d-c310-48dc-89dc-7074d8a81cdd + id: 929c28a3-d610-423d-886c-df8cd8dbca86 version: -1 name: "" iscommand: false @@ -30,12 +30,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "1": id: "1" - taskid: 981c10d0-b2c8-4f40-8635-d2853246ef79 + taskid: ace12164-8f6f-40eb-80b0-d43a436c4d2b type: regular task: - id: 981c10d0-b2c8-4f40-8635-d2853246ef79 + id: ace12164-8f6f-40eb-80b0-d43a436c4d2b version: -1 name: Fetch from instance script: FetchFromInstance @@ -61,12 +63,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "2": id: "2" - taskid: 86c2d93d-2f50-4c2b-8fa3-bf5b05aec533 + taskid: faa52890-4ee6-4c22-8a91-b85a619e33c5 type: regular task: - id: 86c2d93d-2f50-4c2b-8fa3-bf5b05aec533 + id: faa52890-4ee6-4c22-8a91-b85a619e33c5 version: -1 name: Get detections by filter script: '|||cs-falcon-search-detection' @@ -79,7 +83,6 @@ tasks: scriptarguments: filter: simple: created_timestamp:>'2020-03-05T15:25:00Z' - ids: {} separatecontext: false view: |- { @@ -93,12 +96,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "3": id: "3" - taskid: 9c7d67c9-3ff3-4466-8687-9e20d34e651d + taskid: 32401695-0cef-4a2f-8674-09c481aa3a54 type: condition task: - id: 9c7d67c9-3ff3-4466-8687-9e20d34e651d + id: 32401695-0cef-4a2f-8674-09c481aa3a54 version: -1 name: Assert detections were fetched type: condition @@ -135,12 +140,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "4": id: "4" - taskid: cd4bdd31-6169-48d3-8080-2c11a3e016db + taskid: 070843ff-54d1-4aca-839b-fad2b4899252 type: regular task: - id: cd4bdd31-6169-48d3-8080-2c11a3e016db + id: 070843ff-54d1-4aca-839b-fad2b4899252 version: -1 name: Get behavior script: '|||cs-falcon-get-behavior' @@ -166,12 +173,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "5": id: "5" - taskid: 980fac84-6552-4071-8ff1-0e0ad85201e4 + taskid: 0defa1db-c611-4bd9-8bcf-b03bcfa44cba type: condition task: - id: 980fac84-6552-4071-8ff1-0e0ad85201e4 + id: 0defa1db-c611-4bd9-8bcf-b03bcfa44cba version: -1 name: Assert 'suspicious_activity' scenario type: condition @@ -206,12 +215,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "6": id: "6" - taskid: f5a0d080-8aef-4b7b-813e-999c1df7cee8 + taskid: 1312f697-ef54-460e-8c9b-74f54c8ae33b type: regular task: - id: f5a0d080-8aef-4b7b-813e-999c1df7cee8 + id: 1312f697-ef54-460e-8c9b-74f54c8ae33b version: -1 name: Get multiple devices script: '|||cs-falcon-search-device' @@ -222,14 +233,8 @@ tasks: '#none#': - "7" scriptarguments: - filter: {} - hostname: {} ids: simple: c1a4575cd124419db5ed3c1e8ddc2c04,15dbb9d8f06b45fe9f61eb46e829d986 - platform_name: {} - platfrom_name: {} - site_name: {} - status: {} separatecontext: false view: |- { @@ -243,12 +248,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "7": id: "7" - taskid: aad3d39a-98c2-4ac0-8691-0351144fddf1 + taskid: 5ed3db8c-72d7-48bc-8e3e-678ce0027699 type: condition task: - id: aad3d39a-98c2-4ac0-8691-0351144fddf1 + id: 5ed3db8c-72d7-48bc-8e3e-678ce0027699 version: -1 name: Assert devices were fetched type: condition @@ -285,36 +292,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 - "8": - id: "8" - taskid: 5867ab54-f582-4730-847d-a07c4106658e - type: title - task: - id: 5867ab54-f582-4730-847d-a07c4106658e - version: -1 - name: Done - type: title - iscommand: false - brand: "" - separatecontext: false - view: |- - { - "position": { - "x": 480, - "y": 3870 - } - } - note: false - timertriggers: [] - ignoreworker: false - skipunavailable: false - quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "9": id: "9" - taskid: 7fac9423-394a-4a33-820e-2b1862a170ec + taskid: 1a99f57b-cf9f-4252-85e3-a71b72056f6e type: regular task: - id: 7fac9423-394a-4a33-820e-2b1862a170ec + id: 1a99f57b-cf9f-4252-85e3-a71b72056f6e version: -1 name: Clear context scriptName: DeleteContext @@ -328,10 +313,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -345,12 +326,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "10": id: "10" - taskid: 86cec3a0-2361-4359-869d-905bae0cef69 + taskid: 8d67e0ed-d015-4ff6-8877-e34815e0df38 type: regular task: - id: 86cec3a0-2361-4359-869d-905bae0cef69 + id: 8d67e0ed-d015-4ff6-8877-e34815e0df38 version: -1 name: Search for domain IOCs description: Returns a list of your uploaded IOCs that match the search criteria @@ -362,17 +345,8 @@ tasks: '#none#': - "11" scriptarguments: - from_expiration_date: {} - limit: {} - offset: {} - policies: {} - share_levels: {} - sort: {} - sources: {} - to_expiration_date: {} types: simple: domain - values: {} separatecontext: false view: |- { @@ -386,12 +360,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "11": id: "11" - taskid: 291463a9-3efa-4db3-8854-63cf7450ca7c + taskid: e5d6b276-ec26-4129-8ec0-ffdac943a955 type: condition task: - id: 291463a9-3efa-4db3-8854-63cf7450ca7c + id: e5d6b276-ec26-4129-8ec0-ffdac943a955 version: -1 name: Assert domains were fetched type: condition @@ -448,12 +424,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "12": id: "12" - taskid: bab409ec-480f-4ea0-8b1d-5221863ffed7 + taskid: a795cb8a-af4b-4a66-8512-77c2a67ab6b1 type: regular task: - id: bab409ec-480f-4ea0-8b1d-5221863ffed7 + id: a795cb8a-af4b-4a66-8512-77c2a67ab6b1 version: -1 name: Create test IOC description: Uploads an indicator for CrowdStrike to monitor. @@ -467,7 +445,6 @@ tasks: scriptarguments: description: simple: Test ioc - expiration_days: {} ioc_type: simple: domain policy: @@ -491,12 +468,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "13": id: "13" - taskid: 860cdb12-9c18-4010-8d54-fa5d3a4c87a7 + taskid: afbdac8b-1598-4b18-8588-8a572d605711 type: condition task: - id: 860cdb12-9c18-4010-8d54-fa5d3a4c87a7 + id: afbdac8b-1598-4b18-8588-8a572d605711 version: -1 name: Assert IOC was created type: condition @@ -545,12 +524,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "14": id: "14" - taskid: b84b5dc0-a635-40b4-8c0e-e93e250291a6 + taskid: cbdb76ad-2c44-442d-8fb6-cf6ef58c8e4e type: regular task: - id: b84b5dc0-a635-40b4-8c0e-e93e250291a6 + id: cbdb76ad-2c44-442d-8fb6-cf6ef58c8e4e version: -1 name: Update IOC description: Updates an indicator for CrowdStrike to monitor. @@ -564,13 +545,10 @@ tasks: scriptarguments: description: simple: Benign domain IOC - expiration_days: {} ioc_type: simple: domain policy: simple: detect - share_level: {} - source: {} value: simple: test.domain.com separatecontext: false @@ -586,12 +564,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "15": id: "15" - taskid: a987cff3-c13c-438e-8bef-d632c56df11c + taskid: b17d2d3a-d0bd-4eda-8018-65da13fad2db type: condition task: - id: a987cff3-c13c-438e-8bef-d632c56df11c + id: b17d2d3a-d0bd-4eda-8018-65da13fad2db version: -1 name: Assert IOC was updated type: condition @@ -632,12 +612,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "16": id: "16" - taskid: da45f510-4219-4df3-8c3d-77227f71d370 + taskid: c348e32a-86a0-4890-8d99-d90ff76d82cf type: regular task: - id: da45f510-4219-4df3-8c3d-77227f71d370 + id: c348e32a-86a0-4890-8d99-d90ff76d82cf version: -1 name: Delete test IOC description: Deletes a monitored indicator. @@ -666,12 +648,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "17": id: "17" - taskid: 0928dc08-30ab-44ec-82ae-06440880b4b5 + taskid: 211ab03e-100b-47b5-817d-c6c6619879b0 type: regular task: - id: 0928dc08-30ab-44ec-82ae-06440880b4b5 + id: 211ab03e-100b-47b5-817d-c6c6619879b0 version: -1 name: Clear context description: Delete field from context @@ -685,10 +669,6 @@ tasks: scriptarguments: all: simple: "yes" - index: {} - key: {} - keysToKeep: {} - subplaybook: {} separatecontext: false view: |- { @@ -702,12 +682,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "18": id: "18" - taskid: 35a5c904-9db2-4ab8-8a8c-c0b786eb31de + taskid: 3301e6e6-03b3-418b-8856-924fb713f816 type: regular task: - id: 35a5c904-9db2-4ab8-8a8c-c0b786eb31de + id: 3301e6e6-03b3-418b-8856-924fb713f816 version: -1 name: Get just created test IOC description: Get the full definition of one or more indicators that you are @@ -737,12 +719,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "19": id: "19" - taskid: e3350f2e-8233-48f5-859d-1cb1bdc9c9aa + taskid: 29d18f25-b149-4965-85d9-3fd0662167f2 type: condition task: - id: e3350f2e-8233-48f5-859d-1cb1bdc9c9aa + id: 29d18f25-b149-4965-85d9-3fd0662167f2 version: -1 name: Assert IOC was fetched type: condition @@ -791,12 +775,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "20": id: "20" - taskid: defc81d2-4911-4853-84c3-2e4715d805c7 + taskid: a10896fc-b18a-4bb8-84e1-81b61f00e14c type: regular task: - id: defc81d2-4911-4853-84c3-2e4715d805c7 + id: a10896fc-b18a-4bb8-84e1-81b61f00e14c version: -1 name: Check device count for IOC description: Number of hosts that observed the given IOC. @@ -825,12 +811,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "21": id: "21" - taskid: dad735d7-42b8-420f-89e3-a931e236266d + taskid: 695c66a6-4536-4501-8146-e4e48032a1e3 type: condition task: - id: dad735d7-42b8-420f-89e3-a931e236266d + id: 695c66a6-4536-4501-8146-e4e48032a1e3 version: -1 name: Assert Device ID was fetched correctly type: condition @@ -838,7 +826,7 @@ tasks: brand: "" nexttasks: "yes": - - "22" + - "25" separatecontext: false conditions: - label: "yes" @@ -887,12 +875,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "22": id: "22" - taskid: f8d891b7-fc00-47f2-8281-a2f75d9186dc + taskid: 95e0816a-4d03-4596-8d81-4d5772255406 type: regular task: - id: f8d891b7-fc00-47f2-8281-a2f75d9186dc + id: 95e0816a-4d03-4596-8d81-4d5772255406 version: -1 name: Run Script description: Runs a script on the agent host. @@ -908,7 +898,6 @@ tasks: simple: "400" host_ids: simple: 15dbb9d8f06b45fe9f61eb46e829d986 - raw: {} script_name: simple: 301Seconds timeout: @@ -918,7 +907,7 @@ tasks: { "position": { "x": 480, - "y": 3520 + "y": 8040 } } note: false @@ -926,12 +915,14 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false "23": id: "23" - taskid: 32608aa6-24b4-474d-8383-159a3433d45a + taskid: 471771e2-d08f-4ebe-80d4-98fa4a9a6b37 type: condition task: - id: 32608aa6-24b4-474d-8383-159a3433d45a + id: 471771e2-d08f-4ebe-80d4-98fa4a9a6b37 version: -1 name: Verify script results type: condition @@ -939,7 +930,7 @@ tasks: brand: "" nexttasks: "yes": - - "8" + - "42" separatecontext: false conditions: - label: "yes" @@ -956,7 +947,1419 @@ tasks: { "position": { "x": 480, - "y": 3695 + "y": 8215 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "25": + id: "25" + taskid: b80ba3fb-d25a-4ff5-8503-ab067b921a6b + type: regular + task: + id: b80ba3fb-d25a-4ff5-8503-ab067b921a6b + version: -1 + name: DeleteContext + script: DeleteContext + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "55" + scriptarguments: + all: + simple: "yes" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 3520 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "26": + id: "26" + taskid: 36e47f3c-5480-485b-8ec7-1a7bc9dfb25a + type: regular + task: + id: 36e47f3c-5480-485b-8ec7-1a7bc9dfb25a + version: -1 + name: cs-falcon-create-host-group + script: CrowdstrikeFalcon|||cs-falcon-create-host-group + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "29" + scriptarguments: + description: + simple: description + group_type: + simple: static + name: + simple: test_tes + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 4540 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "29": + id: "29" + taskid: 05bf782b-8fd9-43dd-84bf-37060fed57a5 + type: condition + task: + id: 05bf782b-8fd9-43dd-84bf-37060fed57a5 + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "30" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.id + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.group_type + iscontext: true + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_tes + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.description + iscontext: true + right: + value: + simple: description + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_timestamp + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_timestamp + iscontext: true + view: |- + { + "position": { + "x": 480, + "y": 4715 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "30": + id: "30" + taskid: d3e82edc-bbe6-4543-8afb-26f2a87bcf9b + type: regular + task: + id: d3e82edc-bbe6-4543-8afb-26f2a87bcf9b + version: -1 + name: cs-falcon-update-host-group + script: CrowdstrikeFalcon|||cs-falcon-update-host-group + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "31" + scriptarguments: + description: + simple: description2 + host_group_id: + simple: ${CrowdStrike.HostGroup.id} + name: + simple: test_test + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 4890 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "31": + id: "31" + taskid: dcbf17b1-0619-4769-897b-901f377ca745 + type: condition + task: + id: dcbf17b1-0619-4769-897b-901f377ca745 + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "32" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.id + iscontext: true + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.group_type + iscontext: true + right: + value: + simple: static + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.description + iscontext: true + right: + value: + simple: description2 + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_timestamp + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_timestamp + iscontext: true + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_test + view: |- + { + "position": { + "x": 480, + "y": 5065 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "32": + id: "32" + taskid: 460937d5-676f-46d4-8e3c-9117a9c24086 + type: regular + task: + id: 460937d5-676f-46d4-8e3c-9117a9c24086 + version: -1 + name: cs-falcon-list-host-group-members + script: CrowdstrikeFalcon|||cs-falcon-list-host-group-members + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "33" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 5240 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "33": + id: "33" + taskid: a4cc1b35-fd29-4b1b-8e43-8fd37174d866 + type: condition + task: + id: a4cc1b35-fd29-4b1b-8e43-8fd37174d866 + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "34" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.ID + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.LocalIP + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.ExternalIP + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.Hostname + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.OS + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.MacAddress + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.FirstSeen + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.LastSeen + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.Device.Status + iscontext: true + view: |- + { + "position": { + "x": 480, + "y": 5415 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "34": + id: "34" + taskid: 48249d5c-48b9-4c7f-8204-dffa10fd78d9 + type: regular + task: + id: 48249d5c-48b9-4c7f-8204-dffa10fd78d9 + version: -1 + name: cs-falcon-add-host-group-members + script: CrowdstrikeFalcon|||cs-falcon-add-host-group-members + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "35" + scriptarguments: + host_group_id: + simple: ${CrowdStrike.HostGroup.id} + host_ids: + simple: ${CrowdStrike.Device.ID} + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 5590 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "35": + id: "35" + taskid: 640c7c25-791a-489e-8bbb-46057b9541fd + type: condition + task: + id: 640c7c25-791a-489e-8bbb-46057b9541fd + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "36" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.id + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.group_type + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.description + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_timestamp + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_timestamp + iscontext: true + view: |- + { + "position": { + "x": 480, + "y": 5765 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "36": + id: "36" + taskid: 6e51fedb-a4b1-43ae-8c33-f57595e444a7 + type: regular + task: + id: 6e51fedb-a4b1-43ae-8c33-f57595e444a7 + version: -1 + name: cs-falcon-remove-host-group-members + script: CrowdstrikeFalcon|||cs-falcon-remove-host-group-members + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "37" + scriptarguments: + host_group_id: + simple: ${CrowdStrike.HostGroup.id} + host_ids: + simple: ${CrowdStrike.Device.ID} + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 5940 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "37": + id: "37" + taskid: 26762a38-6ee6-48bc-8c51-9d05b652d49e + type: regular + task: + id: 26762a38-6ee6-48bc-8c51-9d05b652d49e + version: -1 + name: delete context + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "38" + scriptarguments: + key: + simple: CrowdStrike.Device + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 6115 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "38": + id: "38" + taskid: 087daee3-8996-4f9f-85cd-5e7622fe8882 + type: regular + task: + id: 087daee3-8996-4f9f-85cd-5e7622fe8882 + version: -1 + name: list-host-group-members + description: Get the list of host group members + script: '|||cs-falcon-list-host-group-members' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "39" + scriptarguments: + host_group_id: + simple: ${CrowdStrike.HostGroup.id} + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 6290 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "39": + id: "39" + taskid: af0dc1de-a6e7-401a-89e8-b27800c18e5b + type: condition + task: + id: af0dc1de-a6e7-401a-89e8-b27800c18e5b + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "46" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.id + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.group_type + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.description + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_timestamp + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_timestamp + iscontext: true + - - operator: isEmpty + left: + value: + simple: CrowdStrike.Device + iscontext: true + view: |- + { + "position": { + "x": 480, + "y": 6465 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "40": + id: "40" + taskid: 92a254b8-76d1-4184-87ee-29fbf4c6e7f5 + type: regular + task: + id: 92a254b8-76d1-4184-87ee-29fbf4c6e7f5 + version: -1 + name: get incidents + description: Lists incident summaries. + script: '|||cs-falcon-list-incident-summaries' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "41" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 7690 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "41": + id: "41" + taskid: b1181869-29b1-4677-8c80-ed1a7a07744c + type: regular + task: + id: b1181869-29b1-4677-8c80-ed1a7a07744c + version: -1 + name: cs-falcon-resolve-incident + script: CrowdstrikeFalcon|||cs-falcon-resolve-incident + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "56" + scriptarguments: + ids: + simple: ${CrowdStrike.Incidents.incident_id} + status: + simple: New + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 7865 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "42": + id: "42" + taskid: 5a6d8b0c-418d-4543-8078-c9ef3b550fed + type: title + task: + id: 5a6d8b0c-418d-4543-8078-c9ef3b550fed + version: -1 + name: Test Done + type: title + iscommand: false + brand: "" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 8390 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 2 + isoversize: false + isautoswitchedtoquietmode: false + "43": + id: "43" + taskid: 5d658c13-5d71-4a01-801a-a51268a3e1ee + type: regular + task: + id: 5d658c13-5d71-4a01-801a-a51268a3e1ee + version: -1 + name: list hostgroups (for resetting) + description: List the host groups availible + script: CrowdstrikeFalcon|||cs-falcon-list-host-groups + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "52" + - "54" + scriptarguments: + limit: + simple: "100" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 3840 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "44": + id: "44" + taskid: d239d89a-6c23-474b-8ed5-e19f527d1c30 + type: regular + task: + id: d239d89a-6c23-474b-8ed5-e19f527d1c30 + version: -1 + name: delete host groups test_tes (for resetting) + description: Delete the requested host groups + script: CrowdstrikeFalcon|||cs-falcon-delete-host-groups + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "45" + scriptarguments: + host_group_id: + complex: + root: CrowdStrike.HostGroup + filters: + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_tes + accessor: id + separatecontext: false + view: |- + { + "position": { + "x": 142.5, + "y": 4190 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "45": + id: "45" + taskid: 70217ffc-f75a-4c5e-8fdb-824cf40beecb + type: regular + task: + id: 70217ffc-f75a-4c5e-8fdb-824cf40beecb + version: -1 + name: delete context + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "26" + scriptarguments: + key: + simple: CrowdStrike.HostGroup + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 4365 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "46": + id: "46" + taskid: 95a06edc-a77e-4325-80fb-bd5354bc4eb7 + type: regular + task: + id: 95a06edc-a77e-4325-80fb-bd5354bc4eb7 + version: -1 + name: cs-falcon-list-host-groups + description: List the host groups availible + script: CrowdstrikeFalcon|||cs-falcon-list-host-groups + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "47" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 6640 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "47": + id: "47" + taskid: 1c49d759-e53b-48ba-86fc-1cfc75169c56 + type: condition + task: + id: 1c49d759-e53b-48ba-86fc-1cfc75169c56 + version: -1 + name: Verify Outputs + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "48" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.id + iscontext: true + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.group_type + iscontext: true + right: + value: + simple: static + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_test + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.description + iscontext: true + right: + value: + simple: description2 + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.created_timestamp + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_by + iscontext: true + - - operator: isNotEmpty + left: + value: + simple: CrowdStrike.HostGroup.modified_timestamp + iscontext: true + view: |- + { + "position": { + "x": 480, + "y": 6815 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "48": + id: "48" + taskid: 76e69d39-e830-4512-8bbe-fd1721e93d94 + type: regular + task: + id: 76e69d39-e830-4512-8bbe-fd1721e93d94 + version: -1 + name: cs-falcon-delete-host-groups + description: Delete the requested host groups + script: CrowdstrikeFalcon|||cs-falcon-delete-host-groups + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "49" + scriptarguments: + host_group_id: + complex: + root: CrowdStrike.HostGroup + filters: + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_test + accessor: id + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 6990 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "49": + id: "49" + taskid: d37abb7e-8d46-4057-8ea0-05280ddbba49 + type: regular + task: + id: d37abb7e-8d46-4057-8ea0-05280ddbba49 + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "50" + scriptarguments: + key: + simple: CrowdStrike.HostGroup + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 7165 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "50": + id: "50" + taskid: 4f195b11-63b4-4db0-8092-cfb01bbc6e7e + type: regular + task: + id: 4f195b11-63b4-4db0-8092-cfb01bbc6e7e + version: -1 + name: list host groups + description: List the host groups availible + script: CrowdstrikeFalcon|||cs-falcon-list-host-groups + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "51" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 7340 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "51": + id: "51" + taskid: 8f3b678c-e2d2-4e5b-877f-d2db8b4824cb + type: condition + task: + id: 8f3b678c-e2d2-4e5b-877f-d2db8b4824cb + version: -1 + name: Verify Deleted + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "40" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEmpty + left: + value: + complex: + root: CrowdStrike.HostGroup.name + filters: + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_test + iscontext: true + view: |- + { + "position": { + "x": 480, + "y": 7515 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "52": + id: "52" + taskid: 6c3d0750-dc07-42cc-8219-66dc707d484e + type: condition + task: + id: 6c3d0750-dc07-42cc-8219-66dc707d484e + version: -1 + name: check if test_tes in the list + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "45" + "yes": + - "44" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + complex: + root: CrowdStrike.HostGroup.name + filters: + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_tes + iscontext: true + view: |- + { + "position": { + "x": 255, + "y": 4015 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "53": + id: "53" + taskid: 99be55d4-3cfd-4b6f-820e-26a597dd2ac5 + type: regular + task: + id: 99be55d4-3cfd-4b6f-820e-26a597dd2ac5 + version: -1 + name: delete host_group test_test (for resetting) + description: Delete the requested host groups. + script: CrowdstrikeFalcon|||cs-falcon-delete-host-groups + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "45" + scriptarguments: + host_group_id: + complex: + root: CrowdStrike.HostGroup + filters: + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_test + accessor: id + separatecontext: false + view: |- + { + "position": { + "x": 592.5, + "y": 4190 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "54": + id: "54" + taskid: 141e9705-9c65-4fa5-853a-202f9daddd4a + type: condition + task: + id: 141e9705-9c65-4fa5-853a-202f9daddd4a + version: -1 + name: check if test_test in the list + type: condition + iscommand: false + brand: "" + nexttasks: + '#default#': + - "45" + "yes": + - "53" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + complex: + root: CrowdStrike.HostGroup.name + filters: + - - operator: isEqualString + left: + value: + simple: CrowdStrike.HostGroup.name + iscontext: true + right: + value: + simple: test_test + iscontext: true + view: |- + { + "position": { + "x": 705, + "y": 4015 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "55": + id: "55" + taskid: 74664873-13fe-402a-8974-9c1717188590 + type: title + task: + id: 74664873-13fe-402a-8974-9c1717188590 + version: -1 + name: Delete Test Host Groups + type: title + iscommand: false + brand: "" + nexttasks: + '#none#': + - "43" + separatecontext: false + view: |- + { + "position": { + "x": 480, + "y": 3695 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "56": + id: "56" + taskid: 30245878-91b1-40eb-8170-ed997cba6cae + type: regular + task: + id: 30245878-91b1-40eb-8170-ed997cba6cae + version: -1 + name: DeleteContext + description: Delete field from context + scriptName: DeleteContext + type: regular + iscommand: false + brand: "" + nexttasks: + '#none#': + - "57" + scriptarguments: + key: + simple: CrowdStrike.Incidents + separatecontext: false + view: |- + { + "position": { + "x": 820, + "y": 7900 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "57": + id: "57" + taskid: 682c9853-06ac-4306-8f23-961b7279c1d5 + type: regular + task: + id: 682c9853-06ac-4306-8f23-961b7279c1d5 + version: -1 + name: Get Incidents + description: Lists incident summaries. + script: CrowdstrikeFalcon|||cs-falcon-list-incident-summaries + type: regular + iscommand: true + brand: CrowdstrikeFalcon + nexttasks: + '#none#': + - "58" + separatecontext: false + view: |- + { + "position": { + "x": 830, + "y": 8070 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false + "58": + id: "58" + taskid: 5b229b9e-e812-4ee9-87b5-cdd085f56be9 + type: condition + task: + id: 5b229b9e-e812-4ee9-87b5-cdd085f56be9 + version: -1 + name: Verify Resolved + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "22" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isEqualString + left: + value: + simple: CrowdStrike.Incidents.status + iscontext: true + right: + value: + simple: "20" + view: |- + { + "position": { + "x": 840, + "y": 8230 } } note: false @@ -964,17 +2367,20 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + isoversize: false + isautoswitchedtoquietmode: false view: |- { "linkLabelsPosition": {}, "paper": { "dimensions": { - "height": 3885, - "width": 810, + "height": 8405, + "width": 1170, "x": 50, "y": 50 } } } + inputs: [] outputs: [] diff --git a/Packs/CrowdStrikeFalcon/pack_metadata.json b/Packs/CrowdStrikeFalcon/pack_metadata.json index 52fe28f85ddb..d2d3561be6a7 100644 --- a/Packs/CrowdStrikeFalcon/pack_metadata.json +++ b/Packs/CrowdStrikeFalcon/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CrowdStrike Falcon", "description": "The CrowdStrike Falcon OAuth 2 API (formerly the Falcon Firehose API), enables fetching and resolving detections, searching devices, getting behaviors by ID, containing hosts, and lifting host containment.", "support": "xsoar", - "currentVersion": "1.2.20", + "currentVersion": "1.3.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 1759d3e29061f2903aecae47344ab88ae49a6f67 Mon Sep 17 00:00:00 2001 From: Adi Daud <46249224+adi88d@users.noreply.github.com> Date: Tue, 31 Aug 2021 09:11:25 +0300 Subject: [PATCH 075/173] Active Directory Query v2 - fixed an issue where group name includes parentheses (#14451) --- .../Active_Directory_Query.py | 1 + .../Active_Directory_Query.yml | 2 +- .../Active_Directory_Query/connection_test.py | 30 ++++++++++++++++++- .../ReleaseNotes/1_3_1.md | 5 ++++ .../Active_Directory_Query/pack_metadata.json | 2 +- 5 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 Packs/Active_Directory_Query/ReleaseNotes/1_3_1.md diff --git a/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py b/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py index 20a0485f25da..c3e2992f33cd 100644 --- a/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py +++ b/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py @@ -448,6 +448,7 @@ def computer_dn(compuer_name, search_base): def group_dn(group_name, search_base): + group_name = escape_filter_chars(group_name) search_filter = '(&(objectClass=group)(cn={}))'.format(group_name) entries = search( search_filter, diff --git a/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.yml b/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.yml index f990794b294a..adfd59392ef3 100644 --- a/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.yml +++ b/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.yml @@ -685,7 +685,7 @@ script: Used for outgoing-mapping through the Get Schema option. execution: false name: get-mapping-fields - dockerimage: demisto/ldap:1.0.0.23433 + dockerimage: demisto/ldap:1.0.0.23980 runonce: false ismappable: true isremotesyncout: true diff --git a/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/connection_test.py b/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/connection_test.py index 670b1baa44ab..615f3ffe3767 100644 --- a/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/connection_test.py +++ b/Packs/Active_Directory_Query/Integrations/Active_Directory_Query/connection_test.py @@ -1,5 +1,5 @@ import demistomock as demisto -from Active_Directory_Query import main +from Active_Directory_Query import main, group_dn import socket import ssl from threading import Thread @@ -365,3 +365,31 @@ def search(self, *args, **kwargs): with patch('logging.Logger.info') as mock: Active_Directory_Query.search_group_members('dc', 1) mock.assert_called_with(expected_results) + + +def test_group_dn_escape_characters(): + """ + Given: + Group name with parentheses + When: + Running the function group_dn + Then: + The function search gets the group name after escape special characters. + + """ + import Active_Directory_Query + + class EntryMocker: + def entry_to_json(self): + return '{"dn": "dn","attributes": {"memberOf": ["memberOf"], "name": ["name"]}}' + + class ConnectionMocker: + entries = [EntryMocker()] + result = {'controls': {'1.2.840.113556.1.4.319': {'value': {'cookie': ''}}}} + + Active_Directory_Query.conn = ConnectionMocker() + + with patch('Active_Directory_Query.search', return_value=[EntryMocker()]) as mock: + group_dn('group(group)', '') + + mock.assert_called_with('(&(objectClass=group)(cn=group\\28group\\29))', '') diff --git a/Packs/Active_Directory_Query/ReleaseNotes/1_3_1.md b/Packs/Active_Directory_Query/ReleaseNotes/1_3_1.md new file mode 100644 index 000000000000..a15d7aebaf2e --- /dev/null +++ b/Packs/Active_Directory_Query/ReleaseNotes/1_3_1.md @@ -0,0 +1,5 @@ + +#### Integrations +##### Active Directory Query v2 +- Fixed an issue where group name included parentheses in the ***ad-add-to-group***, ***ad-remove-from-group***, ***iam-disable-user***, ***iam-update-user*** and ***iam-create-user*** commands commands. +- Updated the Docker image to: *demisto/ldap:1.0.0.23980*. diff --git a/Packs/Active_Directory_Query/pack_metadata.json b/Packs/Active_Directory_Query/pack_metadata.json index e757158f2c52..ec5e13224c61 100644 --- a/Packs/Active_Directory_Query/pack_metadata.json +++ b/Packs/Active_Directory_Query/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Active Directory Query", "description": "Active Directory Query integration enables you to access and manage Active Directory objects (users, contacts, and computers).", "support": "xsoar", - "currentVersion": "1.3.0", + "currentVersion": "1.3.1", "author": "Cortex XSOAR", "url": "", "email": "", From 804d2b70d2244bf775d8e662c1630ef65c8273dc Mon Sep 17 00:00:00 2001 From: Adi Daud <46249224+adi88d@users.noreply.github.com> Date: Tue, 31 Aug 2021 09:50:45 +0300 Subject: [PATCH 076/173] unskip LogRhythm REST test (#14596) --- Tests/conf.json | 1 - 1 file changed, 1 deletion(-) diff --git a/Tests/conf.json b/Tests/conf.json index 2b32d27dfc74..9d8dc5c572e8 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -4604,7 +4604,6 @@ "Microsoft Teams Management - Test": "Issue 33410", "RedLockTest": "Issue 24600", "MicrosoftGraphMail-Test_prod": "Issue 40125", - "LogRhythm REST test": "Issue 40654", "Cisco Umbrella Test": "Issue 24338", "Detonate URL - WildFire v2.1 - Test": "Issue 40834" }, From 1f275433e5957984bab2f18cb33983a45c92f3e5 Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Tue, 31 Aug 2021 10:02:57 +0300 Subject: [PATCH 077/173] ArcSight ESM - add the eventFieldsToStringify arg to get-case cmd (#14553) * add the eventFieldsToStringify arg to get-case cmd * fix W293 * rm fieldstostringify and cast to str every large int * fix notes and docs * bump docker image * fix docker image --- .../ArcSightESMv2/ArcSightESMv2.py | 6 +++ .../ArcSightESMv2/ArcSightESMv2.yml | 2 +- .../ArcSightESMv2/ArcSightESMv2_test.py | 38 +++++++++++++++++++ .../Integrations/ArcSightESMv2/README.md | 1 - Packs/ArcSightESM/ReleaseNotes/1_1_2.md | 4 ++ Packs/ArcSightESM/pack_metadata.json | 2 +- 6 files changed, 50 insertions(+), 3 deletions(-) create mode 100644 Packs/ArcSightESM/ReleaseNotes/1_1_2.md diff --git a/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.py b/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.py index ccf52db580fa..79968d148481 100644 --- a/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.py +++ b/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.py @@ -127,6 +127,10 @@ def decode_arcsight_output(d, depth=0, remove_nones=True): d[key] = parse_timestamp_to_datestring(value) elif key in ['eventId', 'baseEventIds']: d[key] = str(value) + elif isinstance(value, int) and value > 10000000000000000: + # the platform rounds number larger than 10000000000000000 + # so we cast them to string to keep as is + d[key] = str(value) return d @@ -478,6 +482,8 @@ def get_case_command(): case['events'] = raw_case.get('events') contents = decode_arcsight_output(raw_case) + if contents.get('events'): + contents['events'] = decode_arcsight_output(contents['events']) human_readable = tableToMarkdown(name='Case {}'.format(resource_id), t=case, removeNull=True) outputs = {'ArcSightESM.Cases(val.resourceid===obj.resourceid)': contents} return_outputs(readable_output=human_readable, outputs=outputs, raw_response=contents) diff --git a/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.yml b/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.yml index 07e246902c05..c67ca6682955 100644 --- a/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.yml +++ b/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2.yml @@ -448,7 +448,7 @@ script: runonce: false script: '-' subtype: python2 - dockerimage: demisto/python:2.7.18.20958 + dockerimage: demisto/python:2.7.18.24019 type: python tests: - ArcSight ESM v2 Test diff --git a/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2_test.py b/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2_test.py index 5f41493de4f6..a955b85a64e0 100644 --- a/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2_test.py +++ b/Packs/ArcSightESM/Integrations/ArcSightESMv2/ArcSightESMv2_test.py @@ -145,3 +145,41 @@ def test_filtered(): ] filtered_entries = ArcSightESMv2.filter_entries(entries, entry_filter) assert filtered_entries == expected_output + + +def test_get_case(mocker, requests_mock): + """ + Given: + - Case with nested event field of type int with large value in it (larger than 10000000000000000) + + When: + - Running get-case command + + Then: + - Ensure the the value of the test_big_int_number field is a string + """ + mocker.patch.object(demisto, 'getIntegrationContext', return_value={'auth_token': 'token'}) + mocker.patch.object(demisto, 'results') + mocker.patch.object(demisto, 'params', return_value=PARAMS) + requests_mock.get( + PARAMS['server'] + '/www/manager-service/rest/CaseService/getResourceById', + json={ + 'cas.getResourceByIdResponse': { + 'cas.return': { + 'createdTimestamp': 1629097454417, + 'events': [ + { + 'test_object': { + 'test_big_int_number': 10000000000000001, + } + } + ] + } + } + }, + ) + import ArcSightESMv2 + ArcSightESMv2.get_case_command() + results = demisto.results.call_args[0][0] + events = results['Contents']['events'] + assert events[0]['test_object']['test_big_int_number'] == '10000000000000001' diff --git a/Packs/ArcSightESM/Integrations/ArcSightESMv2/README.md b/Packs/ArcSightESM/Integrations/ArcSightESMv2/README.md index 177f6b4fb58c..16989df3d57c 100644 --- a/Packs/ArcSightESM/Integrations/ArcSightESMv2/README.md +++ b/Packs/ArcSightESM/Integrations/ArcSightESMv2/README.md @@ -156,7 +156,6 @@ Gets information about a single case. | resourceId | Resource ID of the case to get information for | Required | | withBaseEvents | If "true", then will return case and base events of that case | Optional | - #### Context Output | **Path** | **Type** | **Description** | diff --git a/Packs/ArcSightESM/ReleaseNotes/1_1_2.md b/Packs/ArcSightESM/ReleaseNotes/1_1_2.md new file mode 100644 index 000000000000..ffa73fcf32a6 --- /dev/null +++ b/Packs/ArcSightESM/ReleaseNotes/1_1_2.md @@ -0,0 +1,4 @@ +#### Integrations +##### ArcSight ESM v2 +- Fixed an issue where case event fields which contain large numbers were rounded in the integration outputs. +- Updated the Docker image to: *demisto/python:2.7.18.24019*. diff --git a/Packs/ArcSightESM/pack_metadata.json b/Packs/ArcSightESM/pack_metadata.json index a9ef799ff7c4..519cf435ca5e 100644 --- a/Packs/ArcSightESM/pack_metadata.json +++ b/Packs/ArcSightESM/pack_metadata.json @@ -2,7 +2,7 @@ "name": "ArcSight ESM", "description": "ArcSight ESM SIEM by Micro Focus (Formerly HPE Software).", "support": "xsoar", - "currentVersion": "1.1.1", + "currentVersion": "1.1.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 6527979e362e3e37aab9b582af7723359023d784 Mon Sep 17 00:00:00 2001 From: Darya Koval <72339940+daryakoval@users.noreply.github.com> Date: Tue, 31 Aug 2021 10:56:05 +0300 Subject: [PATCH 078/173] [Bug] Maltiverse returns error when file command has no proccess_list (#14517) * adding test that fails * replace [] with get * added rn * Update Packs/Maltiverse/ReleaseNotes/1_0_7.md Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * fixed typo in rn * added given when then to test Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> --- .../Integrations/Maltiverse/Maltiverse.py | 4 +-- .../Maltiverse/Maltiverse_test.py | 27 ++++++++++++-- .../test_data/response_constants.py | 36 +++++++++++++++++++ .../Maltiverse/test_data/result_constants.py | 33 +++++++++++++++-- Packs/Maltiverse/ReleaseNotes/1_0_7.md | 4 +++ Packs/Maltiverse/pack_metadata.json | 2 +- 6 files changed, 99 insertions(+), 7 deletions(-) create mode 100644 Packs/Maltiverse/ReleaseNotes/1_0_7.md diff --git a/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse.py b/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse.py index 95313892a6ba..da31a1d4da93 100644 --- a/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse.py +++ b/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse.py @@ -458,7 +458,7 @@ def file_command(client: Client, args: Dict[str, str]) -> Tuple[str, dict, Any]: 'Size': report.get('size', ''), 'Type': report.get('type', ''), 'Extension': (report['filename'][0]).split('.')[-1], - 'Path': report['process_list'][0]['normalizedpath'], + 'Path': report.get('process_list', [{}])[0].get('normalizedpath'), 'Tags': create_tags(report.get('tag', '')), 'ThreatTypes': {'threatcategory': [blacklist_context['Blacklist'][i]['Description'] for i in range(len(report.get('blacklist', [])))]} @@ -470,7 +470,7 @@ def file_command(client: Client, args: Dict[str, str]) -> Tuple[str, dict, Any]: process_list = { 'ProcessList': { - string_to_context_key(field): report['process_list'][0][field] for field in + string_to_context_key(field): report.get('process_list', [{}])[0].get(field) for field in ['name', 'normalizedpath', 'sha256', 'uid'] } } diff --git a/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse_test.py b/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse_test.py index 13d0dbae4e02..c5173657070c 100644 --- a/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse_test.py +++ b/Packs/Maltiverse/Integrations/Maltiverse/Maltiverse_test.py @@ -1,7 +1,8 @@ from Maltiverse import Client, ip_command, url_command, domain_command, file_command -from test_data.response_constants import IP_RESPONSE, URL_RESPONSE, DOMAIN_RESPONSE, FILE_RESPONSE +from test_data.response_constants import IP_RESPONSE, URL_RESPONSE, DOMAIN_RESPONSE, FILE_RESPONSE, \ + FILE_RESPONSE_NO_PROCCESS_LIST from test_data.result_constants import EXPECTED_IP_RESULT, EXPECTED_URL_RESULT, EXPECTED_DOMAIN_RESULT, \ - EXPECTED_FILE_RESULT + EXPECTED_FILE_RESULT, EXPECTED_FILE_RESULT_NO_PROCESS_LIST SERVER_URL = 'https://api.maltiverse.com' @@ -58,3 +59,25 @@ def test_file(requests_mock): _, outputs, _ = file_command(client, args) assert outputs == EXPECTED_FILE_RESULT + + +def test_file_command_missing_process_list_field_in_response(requests_mock): + """ + Given: + - File hash input to file command, that Maltiverse has no process list in response. + + When: + - Running file command. + + Then: + - Returns expected result and terminated without errors. + """ + requests_mock.get(f'{SERVER_URL}/sample/{MOCK_FILE}', json=FILE_RESPONSE_NO_PROCCESS_LIST) + + client = Client(url=SERVER_URL, use_ssl=True, use_proxy=True, reliability='C - Fairly reliable') + args = { + 'file': MOCK_FILE + } + _, outputs, _ = file_command(client, args) + + assert outputs == EXPECTED_FILE_RESULT_NO_PROCESS_LIST diff --git a/Packs/Maltiverse/Integrations/Maltiverse/test_data/response_constants.py b/Packs/Maltiverse/Integrations/Maltiverse/test_data/response_constants.py index 7eca5334ce3e..123953372b18 100644 --- a/Packs/Maltiverse/Integrations/Maltiverse/test_data/response_constants.py +++ b/Packs/Maltiverse/Integrations/Maltiverse/test_data/response_constants.py @@ -171,3 +171,39 @@ 'type': 'sample', 'visits': 3 } + +FILE_RESPONSE_NO_PROCCESS_LIST = { + 'antivirus': [ + { + 'description': 'Trojan.InstallCore.3953', + 'name': 'DrWeb' + }, + { + 'description': 'PUA.Win32.FusionCore.UKJAL', + 'name': 'TrendMicro-HouseCall' + } + ], + 'av_ratio': 15, + 'blacklist': [ + { + 'description': 'PUA.FusionCore', + 'first_seen': '2020-03-11 15:00:52', + 'last_seen': '2020-03-11 15:00:52', + 'source': 'Hybrid-Analysis' + } + ], + 'classification': 'malicious', + 'contacted_host': ['136.243.154.86', '52.84.125.27'], + 'creation_time': '2020-03-11 15:00:52', + 'dns_request': ['cloud.nitehe-nutete.com', 'isrg.trustid.ocsp.identrust.com', 'offers.filezilla-project.org'], + 'filename': ['FileZilla_3.47.2.1_win64_sponsored-setup.exe'], + 'filetype': 'PE32 executable (GUI) Intel 80386, for MS Windows, ...', + 'md5': 'f13b929e6bf9c07a90d7da493b2825e3', + 'modification_time': '2020-03-11 15:00:52', + 'score': 10.0, + 'sha1': 'a17ddc7c691cc66f0e76233172051ab4cd69dd45', + 'sha256': 'edb2f88c29844117cd74acf8bb357edf92487a1b142fe6f60b6ac5e15d2d718f', + 'size': 10032728, + 'type': 'sample', + 'visits': 3 +} diff --git a/Packs/Maltiverse/Integrations/Maltiverse/test_data/result_constants.py b/Packs/Maltiverse/Integrations/Maltiverse/test_data/result_constants.py index 6b50a4c2a3b4..b42285b95eb5 100644 --- a/Packs/Maltiverse/Integrations/Maltiverse/test_data/result_constants.py +++ b/Packs/Maltiverse/Integrations/Maltiverse/test_data/result_constants.py @@ -47,7 +47,7 @@ 'Data': 'https://dv-expert.org', 'PositiveDetections': 1, 'Tags': ['phishing'], - 'ThreatTypes':{ + 'ThreatTypes': { 'threatcategory': ['Phishing Aetna Health Plans & Dental Coverage'] }, 'Malicious': { @@ -190,7 +190,8 @@ 'CreationTime': '2020-03-11 15:00:52', 'Size': 10032728, 'ContactedHost': ['136.243.154.86', '52.84.125.27'], - 'DnsRequest': ['cloud.nitehe-nutete.com', 'isrg.trustid.ocsp.identrust.com', 'offers.filezilla-project.org'], + 'DnsRequest': ['cloud.nitehe-nutete.com', 'isrg.trustid.ocsp.identrust.com', + 'offers.filezilla-project.org'], 'PositiveDetections': 1, 'Name': 'FileZilla_3.47.2.1_win64_sponsored-setup.exe', 'Tags': [], @@ -215,3 +216,31 @@ } ] } + +EXPECTED_FILE_RESULT_NO_PROCESS_LIST = \ + {'File(val.MD5 && val.MD5 == obj.MD5 || val.SHA1 && val.SHA1 == obj.SHA1 || val.SHA256 &&' + ' val.SHA256 == obj.SHA256 || val.SHA512 && val.SHA512 == obj.SHA512 || val.CRC32 && val.CRC32 == obj.CRC32' + ' || val.CTPH && val.CTPH == obj.CTPH || val.SSDeep && val.SSDeep == obj.SSDeep)': [{ + 'Name': 'FileZilla_3.47.2.1_win64_sponsored-setup.exe', 'MD5': 'f13b929e6bf9c07a90d7da493b2825e3', + 'SHA1': 'a17ddc7c691cc66f0e76233172051ab4cd69dd45', + 'SHA256': 'edb2f88c29844117cd74acf8bb357edf92487a1b142fe6f60b6ac5e15d2d718f', 'Size': 10032728, + 'Type': 'sample', 'Extension': 'exe', 'Path': None, 'Tags': [], + 'ThreatTypes': {'threatcategory': ['PUA.FusionCore']}} + ], + 'DBotScore(val.Indicator == obj.Indicator && val.Vendor == obj.Vendor)': [ + {'Indicator': 'edb2f88c29844117cd74acf8bb357edf92487a1b142fe6f60b6ac5e15d2d718f', 'Type': 'File', + 'Vendor': 'Maltiverse', 'Score': 3, 'Reliability': 'C - Fairly reliable' + }], + 'Maltiverse.File(val.MD5 && val.MD5 == obj.MD5 || val.SHA1 && val.SHA1 == obj.SHA1 || ' + 'val.SHA256 && val.SHA256 == obj.SHA256 || val.SHA512 && val.SHA512 == obj.SHA512 || val.CRC32 && ' + 'val.CRC32 == obj.CRC32 || val.CTPH && val.CTPH == obj.CTPH || val.SSDeep && val.SSDeep == obj.SSDeep)': [ + {'Score': 10.0, 'Classification': 'malicious', 'ModificationTime': '2020-03-11 15:00:52', + 'CreationTime': '2020-03-11 15:00:52', 'Size': 10032728, + 'ContactedHost': ['136.243.154.86', '52.84.125.27'], + 'DnsRequest': ['cloud.nitehe-nutete.com', 'isrg.trustid.ocsp.identrust.com', + 'offers.filezilla-project.org'], + 'PositiveDetections': 1, 'Name': 'FileZilla_3.47.2.1_win64_sponsored-setup.exe', 'Tags': [], + 'ProcessList': {'Name': None, 'Normalizedpath': None, 'Sha256': None, 'Uid': None}, 'Blacklist': [ + {'Description': 'PUA.FusionCore', 'FirstSeen': '2020-03-11 15:00:52', 'LastSeen': '2020-03-11 15:00:52', + 'Source': 'Hybrid-Analysis'}], + 'Malicious': {'Vendor': 'Maltiverse', 'Description': ['PUA.FusionCore']}}]} diff --git a/Packs/Maltiverse/ReleaseNotes/1_0_7.md b/Packs/Maltiverse/ReleaseNotes/1_0_7.md new file mode 100644 index 000000000000..d30f2a6adc4a --- /dev/null +++ b/Packs/Maltiverse/ReleaseNotes/1_0_7.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Maltiverse +- Fixed an issue where the **file** command would fail when some fields were missing from the data returned by Maltiverse. diff --git a/Packs/Maltiverse/pack_metadata.json b/Packs/Maltiverse/pack_metadata.json index 2ed898568b6d..49582ad993b3 100644 --- a/Packs/Maltiverse/pack_metadata.json +++ b/Packs/Maltiverse/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Maltiverse", "description": "Maltiverse helps you to analyze suspicious hashes, URLs, domains, and IP addresses.", "support": "xsoar", - "currentVersion": "1.0.6", + "currentVersion": "1.0.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From d208fa5c3664cd7e73aaa498225f490d18d3b869 Mon Sep 17 00:00:00 2001 From: David Binyamin <47333909+davidbinyamin@users.noreply.github.com> Date: Tue, 31 Aug 2021 11:01:52 +0300 Subject: [PATCH 079/173] Add markdown images support in sanePdfReport (#14508) * Add markdown images support in sanePdfReport * Verify server object before closing the server * Start markdown server only if demisto version is ge 6.5 * Add markdown server unit test * update sane-pdf-reports image version in RN * Update 1_13_28.md Co-authored-by: yaron-libman <43783884+yaron-libman@users.noreply.github.com> --- Packs/Base/ReleaseNotes/1_13_28.md | 6 ++ .../Scripts/SanePdfReport/SanePdfReport.py | 88 +++++++++++++++++- .../Scripts/SanePdfReport/SanePdfReport.yml | 2 +- .../SanePdfReport/SanePdfReport_test.py | 33 +++++++ .../TestData/1234-5678-9012-3456.png | Bin 0 -> 2674 bytes Packs/Base/pack_metadata.json | 2 +- 6 files changed, 126 insertions(+), 5 deletions(-) create mode 100644 Packs/Base/ReleaseNotes/1_13_28.md create mode 100644 Packs/Base/Scripts/SanePdfReport/TestData/1234-5678-9012-3456.png diff --git a/Packs/Base/ReleaseNotes/1_13_28.md b/Packs/Base/ReleaseNotes/1_13_28.md new file mode 100644 index 000000000000..d8b685664a7f --- /dev/null +++ b/Packs/Base/ReleaseNotes/1_13_28.md @@ -0,0 +1,6 @@ + +#### Scripts +##### SanePdfReports +- Docker image has been updated to: *demisto/sane-pdf-reports:1.0.0.24026*. +- Add support of markdown images +- Fix CSV report with script based table diff --git a/Packs/Base/Scripts/SanePdfReport/SanePdfReport.py b/Packs/Base/Scripts/SanePdfReport/SanePdfReport.py index dc14450f8c3c..82e8eaf4bceb 100644 --- a/Packs/Base/Scripts/SanePdfReport/SanePdfReport.py +++ b/Packs/Base/Scripts/SanePdfReport/SanePdfReport.py @@ -9,11 +9,19 @@ import string import subprocess from pathlib import Path +import threading +import time +import http +from http.server import HTTPServer WORKING_DIR = Path("/app") INPUT_FILE_PATH = 'sample.json' OUTPUT_FILE_PATH = 'out{id}.pdf' DISABLE_LOGOS = True # Bugfix before sane-reports can work with image files. +MD_IMAGE_PATH = '/markdown/image' +MD_HTTP_PORT = 10888 +SERVER_OBJECT = None +MD_IMAGE_SUPPORT_MIN_VER = '6.5' def random_string(size=10): @@ -39,8 +47,15 @@ def find_zombie_processes(): return zombies, ps_out -def quit_driver_and_reap_children(): +def quit_driver_and_reap_children(killMarkdownServer): try: + if killMarkdownServer: + # Kill Markdown artifacts server + global SERVER_OBJECT + if SERVER_OBJECT: + demisto.debug("Shutting down markdown artifacts server") + SERVER_OBJECT.shutdown() + zombies, ps_out = find_zombie_processes() if zombies: demisto.info(f'Found zombie processes will waitpid: {ps_out}') @@ -49,10 +64,55 @@ def quit_driver_and_reap_children(): demisto.info(f'waitpid result: {waitres}') else: demisto.debug(f'No zombie processes found for ps output: {ps_out}') + except Exception as e: demisto.error(f'Failed checking for zombie processes: {e}. Trace: {traceback.format_exc()}') +def startServer(): + class fileHandler(http.server.BaseHTTPRequestHandler): + def do_GET(self): + demisto.debug(f'Handling MD Image request {self.path}') + if not self.path.startswith(MD_IMAGE_PATH): + # not a standard xsoar markdown image endpoint + self.send_response(400) + self.flush_headers() + return + fileID = os.path.split(self.path)[1] + try: + res = demisto.getFilePath(fileID) + file_path = res.get('path') + if file_path == '': + demisto.debug(f'Failed to get markdown file {fileID}, empty filepath returned from xsoar') + self.send_response(404) + self.flush_headers() + return + name = res.get('name') + try: + self.send_response(200) + self.send_header("Content-type", "application/octet-stream") + self.send_header("Content-Disposition", f'attachment; filename={name}') + self.end_headers() + # Open the file + with open(f'{file_path}', 'rb') as file: + self.wfile.write(file.read()) # Read the file and send the contents + self.flush_headers() + except BrokenPipeError: # ignore broken pipe as socket might have been closed + pass + except Exception as ex: + demisto.debug(f'Failed to get markdown file {fileID}. Error: {ex}') + self.send_response(404) + self.flush_headers() + + # Make sure the server is created at current directory + os.chdir('.') + # Create server object listening the port 10888 + global SERVER_OBJECT + SERVER_OBJECT = HTTPServer(server_address=('', MD_HTTP_PORT), RequestHandlerClass=fileHandler) + # Start the web server + SERVER_OBJECT.serve_forever() + + def main(): try: sane_json_b64 = demisto.args().get('sane_pdf_report_base64', '').encode( @@ -70,6 +130,24 @@ def main(): f'"{headerLeftImage}" "{headerRightImage}" "" ' + \ f'"{pageSize}" "{disableHeaders}"' + isMDImagesSupported = is_demisto_version_ge(MD_IMAGE_SUPPORT_MIN_VER) + if isMDImagesSupported: + # start the server in a background thread + demisto.debug('Starting markdown artifacts http server...') + threading.Thread(target=startServer).start() + time.sleep(5) + + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + result = sock.connect_ex(('localhost', MD_HTTP_PORT)) + if result == 0: + demisto.debug('Server is running') + sock.close() + else: + demisto.error('Markdown artifacts server is not responding') + # add md server address + mdServerAddress = f'http://localhost:{MD_HTTP_PORT}' + extra_cmd += f' "" "" "{mdServerAddress}"' + # Generate a random input file so we won't override on concurrent usage input_id = random_string() input_file = INPUT_FILE_PATH.format(id=input_id) @@ -89,7 +167,11 @@ def main(): f' resourceTimeout="{resourceTimeout}",' \ f' reportType="{reportType}", headerLeftImage="{headerLeftImage}",' \ f' headerRightImage="{headerRightImage}", pageSize="{pageSize}",' \ - f' disableHeaders="{disableHeaders}" ' + f' disableHeaders="{disableHeaders}"' + + if isMDImagesSupported: + params += f', mdServerAddress="{mdServerAddress}"' + LOG(f"Sane-pdf parameters: {params}]") cmd_string = " ".join(cmd) LOG(f"Sane-pdf cmd: {cmd_string}") @@ -121,7 +203,7 @@ def main(): return_error(f'[SanePdfReports Automation Error - Exception] - {err}') finally: - quit_driver_and_reap_children() + quit_driver_and_reap_children(isMDImagesSupported) if __name__ in ['__main__', '__builtin__', 'builtins']: diff --git a/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml b/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml index e0f921d19bea..adbf50139005 100644 --- a/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml +++ b/Packs/Base/Scripts/SanePdfReport/SanePdfReport.yml @@ -67,7 +67,7 @@ tags: - pdf timeout: '0' type: python -dockerimage: demisto/sane-pdf-reports:1.0.0.23912 +dockerimage: demisto/sane-pdf-reports:1.0.0.24026 runas: DBotWeakRole runonce: false tests: diff --git a/Packs/Base/Scripts/SanePdfReport/SanePdfReport_test.py b/Packs/Base/Scripts/SanePdfReport/SanePdfReport_test.py index eb050328e9c8..ce482595b316 100644 --- a/Packs/Base/Scripts/SanePdfReport/SanePdfReport_test.py +++ b/Packs/Base/Scripts/SanePdfReport/SanePdfReport_test.py @@ -2,6 +2,7 @@ from SanePdfReport import * import subprocess import os +import http.client def test_find_zombie_processes(mocker): @@ -44,3 +45,35 @@ def test_sane_pdf_report(mocker): zombies, output = find_zombie_processes() assert len(zombies) == 0 + + +def test_markdown_image_server(mocker, capfd): + with capfd.disabled(): + mocker.patch.object(demisto, 'results') + fileName = '1234-5678-9012-3456.png' + path = f'./TestData/{fileName}' + mocker.patch.object(demisto, 'getFilePath', return_value={'path': path, 'name': fileName}) + + serverThread = threading.Thread(target=startServer) + serverThread.daemon = True + serverThread.start() + time.sleep(5) + + # wrong path + conn = http.client.HTTPConnection("localhost", 10888) + conn.request("GET", "/wrong/path") + res1 = conn.getresponse() + assert res1.status == 400 + + # correct markdown image pat + conn.request("GET", "/markdown/image/1234-5678-9012-3456.png") + res2 = conn.getresponse() + assert res2.status == 200 + + # correct markdown image path with missing file + mocker.patch.object(demisto, 'getFilePath', return_value={'path': '', 'name': ''}) + conn.request("GET", "/markdown/image/dummyFile.png") + res3 = conn.getresponse() + assert res3.status == 404 + + conn.close() diff --git a/Packs/Base/Scripts/SanePdfReport/TestData/1234-5678-9012-3456.png b/Packs/Base/Scripts/SanePdfReport/TestData/1234-5678-9012-3456.png new file mode 100644 index 0000000000000000000000000000000000000000..9914f9680b1bbc8b3e32f113e36d4177aa1ff7f2 GIT binary patch literal 2674 zcmZ`*4LFnQ8-GWZ=3A1lG=vql;V2f%$L6aM<}<~{hOwC#n;c=4CEp7vDM^QlNGMTF zX(!27q^)%5P@Uwfd`z5jrux^p{{QR$Uf2EJ_jBL(@BTf{@44RVdNVxSo#Y@I5C8z= zT%0jpV!w0Mq`~6%1O1QJ0RUu2ad7Z(ad3co#L~kkR5Ad-@aoXDb0q4+Qw8r7 z7c>-iuDgc@eAg?F$&!LW^-^4OWqj&{p>319GM9x?){I05=(H)rix0)j{B$ZLyV;1h9@t_VK z&p1snQ|jZhhvvwcc%An4aEaTbHeO8K73ejX(iFg_8$Y1%9Tm5W62Ra=%F0TLd^myd zj6_&W`n<9-{9Pz-_33GD;wuxhD0K}mHYs3*q zY#L$%07-5-uvYAq#fB-9_)*!IYNTP?3;VfFrDg>}*p~NAL%pgKpG-`Alie;nwwF4!NSJMbx=+_oTl#Q;x zn+Mc^9!rK=z<+@wb#yzqQ}{{v4d@d` zj&-2Z#5e}}r@Y_6|1SPF@GE1$|6}}D;XBY8v3l-*>F`bDuUWCmXoxl9$Bm&OCIt7B z006%1g0b_Ckeb{pL-oe0*ep|8dTH;b2A`-#WWLhV`PJKAM@O2ilE;NQSHL`xV75W8 zH2;wy1SC}xk)P_Si;>2#!2_wvQHAt1)t<{rOE11eP?*a?nrNkUwu#G(kvh(f6MZOFjxbs zaN<>I7A7k=R<=D@ef~F$mYb{7oG9)7ojG9a%?kZ_<4&cS2q;3)vlySkX6O zEd6U#ZJJ32en7hnhqp>|4y+n2^v#9buRQ1dQNhUEHLzk9Am0^kF;&ME`41d8h~* z5>IE}GxfHTn@V$~LSA?5anuo&E2-CLy-{9FVpO*-I@s)!mltnpi%@8JV}Skmf)CQK zH_|n*#u}G%O2)!DSalRHdR!ZIV3Mr_H^PGFk~z7u4okOKI5)3PW1>ngvpTj}qno^U z{zU`*D(n25-oZ~@x@EiGjj8N8tJqIzoO=Aehu+b)bfLgIc}qZ9g;&$v*u#Y7orlw& z?}`xGHsVs|A$yzdnyXcPURy|Bj^7?eIq@q>eh}Zyj4g-ktu?1Z_dcW7JzJr)IdN`# zRWQybTVpe8j6%yuZBYO>m>_3hXr@r$aGo2Qyaa2HDp=%}7X)sUwX}a%kezu!QgNG< z-j|5@2`;Exbz_l9ZX5o@(_%~4qc%}awl2|UW=)QUsl09wz^prA_Jf}mv}X7?njd<)K`MeTe4ovljnMavhG7 zzuydqnErb~hUyaN&Rl3;;GKS*^QWQgYeTzWI;ZoseN>@bIzIuc5jlYz5VAHEv!|zw z4s+`_UJ1%_fF*X^$(^qgyu9>Gbv$VaBR3v7$qLDkziwD{UONBPlb%VtL)+7QJVrJ< zoqekLQKtG*TUs6w((V|qMZyJ6B=!)d4@~rvbW~fS_ioB;J~7~5s?imkGFH@Za4Ef4 z-*51JhG3EL%VzEFlJ!UVAu`7!smMU9fj5oNL_Sg>WzW%^=L_vG2es{>C6B6GTMpJ@ z!N>QjKZtaAZrPIJ(?{Ou^x=II?ZKwvakt5{io5noZ3w`Zg@?)C|AZGE$T3Exvy+N& z!KaN)1sS89@;{r_4G%}&<5Kcl;l?xFmAC35^pzPpF?qUXA4^nkT~;|Zd#mn=XKD~` zGD&2e)n|HMLPo_N{uJLI;?>HHeD(N++6!PuGq5TMWZtO-GtHgO*2Fa?yX# zu%O9j!%D|ic#oL-P5mVC%^R4}+ljvQN##B8hqqX@EnT6@C_q$8=7c+*gSFYqI z7Ys_php6pSmA}-VG=1-H-h|n$U5sX4yGd|K4-Mttt?rfsFQ+D)>^VqxOfJnf57_sI z&o_l+l;=Ha5}pyV6YFD;I752NxOGNw*g#0d9!9O*PY=R4?!!KFc_c<57`x89|~ zs963&A1h0>?oJ+zAWTho^dab?9%*Y$y*ccf$ Date: Tue, 31 Aug 2021 11:04:57 +0300 Subject: [PATCH 080/173] Update Docker Image To demisto/carbon-black-cloud (#14605) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update --- .../CarbonBlackLiveResponseCloud.yml | 2 +- Packs/CarbonBlackDefense/ReleaseNotes/3_0_5.md | 3 +++ Packs/CarbonBlackDefense/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/CarbonBlackDefense/ReleaseNotes/3_0_5.md diff --git a/Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml b/Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml index 578ec54e4c21..975c70e1d13a 100644 --- a/Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml +++ b/Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml @@ -303,6 +303,6 @@ script: description: Performs a memory dump operation on the remote machine. execution: true outputs: - dockerimage: demisto/carbon-black-cloud:1.0.0.23151 + dockerimage: demisto/carbon-black-cloud:1.0.0.24037 runonce: false subtype: python3 diff --git a/Packs/CarbonBlackDefense/ReleaseNotes/3_0_5.md b/Packs/CarbonBlackDefense/ReleaseNotes/3_0_5.md new file mode 100644 index 000000000000..1785c661db28 --- /dev/null +++ b/Packs/CarbonBlackDefense/ReleaseNotes/3_0_5.md @@ -0,0 +1,3 @@ +#### Integrations +##### Carbon Black Live Response Cloud +- Updated the Docker image to: *demisto/carbon-black-cloud:1.0.0.24037*. diff --git a/Packs/CarbonBlackDefense/pack_metadata.json b/Packs/CarbonBlackDefense/pack_metadata.json index e732953e1f79..4ec85fbbaa0b 100644 --- a/Packs/CarbonBlackDefense/pack_metadata.json +++ b/Packs/CarbonBlackDefense/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Carbon Black Endpoint Standard", "description": "Next-generation antivirus + EDR in one cloud-delivered platform that stops commodity malware, advanced malware, non-malware attacks and ransomware.", "support": "xsoar", - "currentVersion": "3.0.4", + "currentVersion": "3.0.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 6f101ef8540a1708aff36fae01594d93b5463a67 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 11:07:00 +0300 Subject: [PATCH 081/173] Update Docker Image To demisto/boto3py3 (#14609) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update --- .../SecurityIntelligenceServicesFeed.yml | 2 +- Packs/SecurityIntelligenceServicesFeed/ReleaseNotes/1_0_4.md | 3 +++ Packs/SecurityIntelligenceServicesFeed/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/SecurityIntelligenceServicesFeed/ReleaseNotes/1_0_4.md diff --git a/Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml b/Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml index 074d482d0ab7..6f1a66933bac 100644 --- a/Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml +++ b/Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml @@ -150,7 +150,7 @@ script: will fetch from the latest found object. execution: false name: sis-get-indicators - dockerimage: demisto/boto3py3:1.0.0.23735 + dockerimage: demisto/boto3py3:1.0.0.24037 feed: true isfetch: false longRunning: false diff --git a/Packs/SecurityIntelligenceServicesFeed/ReleaseNotes/1_0_4.md b/Packs/SecurityIntelligenceServicesFeed/ReleaseNotes/1_0_4.md new file mode 100644 index 000000000000..8489fb63f24a --- /dev/null +++ b/Packs/SecurityIntelligenceServicesFeed/ReleaseNotes/1_0_4.md @@ -0,0 +1,3 @@ +#### Integrations +##### Security Intelligence Services Feed +- Updated the Docker image to: *demisto/boto3py3:1.0.0.24037*. diff --git a/Packs/SecurityIntelligenceServicesFeed/pack_metadata.json b/Packs/SecurityIntelligenceServicesFeed/pack_metadata.json index 95d634e86ef5..e8fd209de1ca 100644 --- a/Packs/SecurityIntelligenceServicesFeed/pack_metadata.json +++ b/Packs/SecurityIntelligenceServicesFeed/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Security Intelligence Services Feed", "description": "A PassiveTotal with Security Intelligence Services Feed can provide you newly observed Domain, Malware, Phishing, Content and Scam Blacklist.", "support": "partner", - "currentVersion": "1.0.3", + "currentVersion": "1.0.4", "author": "RiskIQ", "url": "https://www.riskiq.com/resources/support/", "email": "paloaltonetworks@riskiq.net", From 95d0d47f78059375bd6daa3b5c46c2928a66abc8 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 11:10:00 +0300 Subject: [PATCH 082/173] Update Docker Image To demisto/cyjax (#14607) * Updated Metadata Of Pack FeedCyjax * Added release notes to pack FeedCyjax * Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml Docker image update --- Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml | 2 +- Packs/FeedCyjax/ReleaseNotes/1_0_2.md | 3 +++ Packs/FeedCyjax/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/FeedCyjax/ReleaseNotes/1_0_2.md diff --git a/Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml b/Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml index 42d48b4930fc..e654339b28ac 100644 --- a/Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml +++ b/Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml @@ -156,7 +156,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/cyjax:1.0.0.23151 + dockerimage: demisto/cyjax:1.0.0.24037 fromversion: 5.5.0 tests: - No tests (auto formatted) diff --git a/Packs/FeedCyjax/ReleaseNotes/1_0_2.md b/Packs/FeedCyjax/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..7025548e772c --- /dev/null +++ b/Packs/FeedCyjax/ReleaseNotes/1_0_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cyjax Feed +- Updated the Docker image to: *demisto/cyjax:1.0.0.24037*. diff --git a/Packs/FeedCyjax/pack_metadata.json b/Packs/FeedCyjax/pack_metadata.json index 774d74dc04a7..f70853ea6f92 100644 --- a/Packs/FeedCyjax/pack_metadata.json +++ b/Packs/FeedCyjax/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cyjax Feed", "description": "This pack is used to pull indicators of compromise from the Cyjax Threat Intelligence Platform.", "support": "partner", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "Cyjax", "url": "https://cyjax.com", "email": "devs@cyjax.com", From d7fa376b90894f0c27bab42bbd8bf919359e2306 Mon Sep 17 00:00:00 2001 From: Jasmine Beilin <71636766+JasBeilin@users.noreply.github.com> Date: Tue, 31 Aug 2021 11:17:37 +0300 Subject: [PATCH 083/173] Fixed fetch to include max fetch + time range as part of api query (#14599) --- .../CarbonBlackResponseV2.py | 51 ++++++++++++++----- .../CarbonBlackResponseV2.yml | 2 +- .../CarbonBlackResponseV2_test.py | 32 +++++++++++- .../ReleaseNotes/2_1_4.md | 4 ++ .../pack_metadata.json | 2 +- 5 files changed, 73 insertions(+), 18 deletions(-) create mode 100644 Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_4.md diff --git a/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.py b/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.py index c3dd7d5decee..29a3397d3ac2 100644 --- a/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.py +++ b/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.py @@ -9,6 +9,7 @@ ''' CONSTANTS ''' INTEGRATION_NAME = 'Carbon Black EDR' +DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ' ''' PARSING PROCESS EVENT COMPLEX FIELDS CLASS''' @@ -267,6 +268,17 @@ def _create_query_string(params: dict, allow_empty_params: bool = False) -> str: return current_query +def _add_to_current_query(current_query: str = '', params: dict = None) -> str: + new_query = '' + if not params: + return current_query + if current_query: + new_query += f'({current_query}) AND ' + current_query_params = [f"{query_field}:{params[query_field]}" for query_field in params] + new_query += ' AND '.join(current_query_params) + return new_query + + def _get_sensor_isolation_change_body(client: Client, sensor_id: str, new_isolation: bool) -> dict: new_sensor_data = client.get_sensors(sensor_id)[1][0] # returns (length, [sensor_data]) new_sensor_data['network_isolation_enabled'] = new_isolation @@ -728,7 +740,7 @@ def endpoint_command(client: Client, id: str = None, ip: str = None, hostname: s def fetch_incidents(client: Client, max_results: int, last_run: dict, first_fetch_time: str, status: str = None, - feedname: str = None, query: str = None): + feedname: str = None, query: str = ''): if (status or feedname) and query: raise Exception(f'{INTEGRATION_NAME} - Search is not permitted with both query and filter parameters.') @@ -736,41 +748,52 @@ def fetch_incidents(client: Client, max_results: int, last_run: dict, first_fetc # How much time before the first fetch to retrieve incidents first_fetch_time = dateparser.parse(first_fetch_time) - first_fetch_timestamp_ms = int(first_fetch_time.timestamp()) if first_fetch_time else None - last_fetch = last_run.get('last_fetch', None) + last_fetch = last_run.get('last_fetch', None) # {last_fetch: timestamp} + demisto.debug(f'{INTEGRATION_NAME} - last fetch: {last_fetch}') + # Handle first fetch time if last_fetch is None: - last_fetch = first_fetch_timestamp_ms + last_fetch = first_fetch_time else: - last_fetch = int(last_fetch) + last_fetch = datetime.fromtimestamp(last_fetch) + + latest_created_time = last_fetch.timestamp() + + date_range = f'[{last_fetch.strftime("%Y-%m-%dT%H:%M:%S")} TO *]' - latest_created_time = last_fetch - demisto.debug(f'{INTEGRATION_NAME} - last fetch: {last_fetch}') incidents: List[Dict[str, Any]] = [] + alerts = [] + # multiple statuses are not supported by api. If multiple statuses provided, gets the incidents for each status. # Otherwise will run without status. - alerts = [] + query_params = {'created_time': date_range} + if feedname: + query_params['feedname'] = feedname + if status: for current_status in argToList(status): demisto.debug(f'{INTEGRATION_NAME} - Fetching incident from Server with status: {current_status}') - res = client.get_alerts(status=current_status, feedname=feedname) + query_params['status'] = current_status + # we create a new query containing params since we do not allow both query and params. + res = client.get_alerts(query=_create_query_string(query_params), limit=max_results) alerts += res.get('results', []) demisto.debug(f'{INTEGRATION_NAME} - fetched {len(alerts)} so far.') else: + query = _add_to_current_query(query, query_params) demisto.debug(f'{INTEGRATION_NAME} - Fetching incident from Server with status: {status}') - res = client.get_alerts(feedname=feedname, query=query) + res = client.get_alerts(query=query, limit=max_results) alerts += res.get('results', []) demisto.debug(f'{INTEGRATION_NAME} - Got total of {len(alerts)} alerts from CB server.') - for alert in alerts[:max_results]: + for alert in alerts: incident_created_time = dateparser.parse(alert.get('created_time')) - incident_created_time_ms = int(incident_created_time.timestamp()) if incident_created_time else '0' + incident_created_time_ms = incident_created_time.timestamp() # to prevent duplicates, adding incidents with creation_time > last fetched incident if last_fetch: - if incident_created_time_ms <= last_fetch: - demisto.debug(f'{INTEGRATION_NAME} - alert {str(alert)} created at {incident_created_time_ms}.' + if incident_created_time_ms <= last_fetch.timestamp(): + demisto.debug(f'{INTEGRATION_NAME} - alert {str(alert)} was created at {incident_created_time_ms}.' f' Skipping.') continue diff --git a/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.yml b/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.yml index 18dfb4270d51..afe0185d854e 100644 --- a/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.yml +++ b/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.yml @@ -2076,7 +2076,7 @@ script: - contextPath: Endpoint.Processor description: The model of the processor. type: String - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: true longRunning: false diff --git a/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2_test.py b/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2_test.py index f4c2c7e0eb41..18825dd79061 100644 --- a/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2_test.py +++ b/Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2_test.py @@ -49,6 +49,33 @@ def test_create_query_string(params, empty, expected_results): assert query_string == expected_results +QUERY_STRING_ADD_CASES = [ + ( + 'chrome.exe', # one param in query + {'test': 'example'}, # adding param + '(chrome.exe) AND test:example' # expected + ), + ( + '', # no query + {'test': 'example'}, # adding param + 'test:example' # expected + ), + ( + 'chrome.exe', # one param in query + {}, # adding empty param + 'chrome.exe' # expected + ), + +] + + +@pytest.mark.parametrize('query, params, expected_results', QUERY_STRING_ADD_CASES) +def test_add_to_current_query(query, params, expected_results): + from CarbonBlackResponseV2 import _add_to_current_query + query_string = _add_to_current_query(query, params) + assert query_string == expected_results + + QUERY_STRING_CASES_FAILS = [ ( {'hostname': 'ec2amaz-l4c2okc', 'query': 'chrome.exe'}, False, # case both query and params @@ -305,7 +332,8 @@ def test_fetch_incidents(mocker): client = Client(base_url="url", apitoken="api_key", use_ssl=True, use_proxy=False) mocker.patch.object(Client, 'get_alerts', return_value=alerts) first_fetch_time = '7 days' - last_fetch, incidents = fetch_incidents(client, last_run=last_run, first_fetch_time=first_fetch_time, max_results='3') + last_fetch, incidents = fetch_incidents(client, last_run=last_run, first_fetch_time=first_fetch_time, + max_results='3') assert len(incidents) == 1 assert incidents[0].get('name') == 'Carbon Black EDR: 2 svchost.exe' - assert last_fetch == {'last_fetch': 1615648046} + assert last_fetch == {'last_fetch': 1615648046.79} diff --git a/Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_4.md b/Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_4.md new file mode 100644 index 000000000000..fe5c03d16d77 --- /dev/null +++ b/Packs/Carbon_Black_Enterprise_Response/ReleaseNotes/2_1_4.md @@ -0,0 +1,4 @@ + +#### Integrations +##### VMware Carbon Black EDR v2 +- Fixed an issue with parameters not sent correctly in **fetch-incidents** diff --git a/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json b/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json index a39019aeb59b..cec031428331 100644 --- a/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json +++ b/Packs/Carbon_Black_Enterprise_Response/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Carbon Black Enterprise Response", "description": "Query and respond with Carbon Black endpoint detection and response.", "support": "xsoar", - "currentVersion": "2.1.3", + "currentVersion": "2.1.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From bf627fc2ab82b33fd323b97427c0601a9e0a5f32 Mon Sep 17 00:00:00 2001 From: tomneeman151293 <70005542+tomneeman151293@users.noreply.github.com> Date: Tue, 31 Aug 2021 11:27:43 +0300 Subject: [PATCH 084/173] GitHub Releases List Command (#14480) * added command, yml, unit test * added test file data * added task of new command to TPB * added rn * add README command entry * removed dor username from test data * validation fix * dan cr notes * lint fixes --- Packs/GitHub/Integrations/GitHub/GitHub.py | 51 +++- Packs/GitHub/Integrations/GitHub/GitHub.yml | 138 +++++++++ .../GitHub/Integrations/GitHub/GitHub_test.py | 32 +- Packs/GitHub/Integrations/GitHub/README.md | 115 +++++++ .../Integrations/GitHub/command_examples | 3 +- .../test_data/releases_get_response.json | 162 ++++++++++ Packs/GitHub/ReleaseNotes/1_3_7.md | 4 + .../TestPlaybooks/Git_Integration-Test.yml | 289 +++++++++++------- Packs/GitHub/pack_metadata.json | 2 +- 9 files changed, 683 insertions(+), 113 deletions(-) create mode 100644 Packs/GitHub/Integrations/GitHub/test_data/releases_get_response.json create mode 100644 Packs/GitHub/ReleaseNotes/1_3_7.md diff --git a/Packs/GitHub/Integrations/GitHub/GitHub.py b/Packs/GitHub/Integrations/GitHub/GitHub.py index 2cd5ba249419..b00b67ada484 100644 --- a/Packs/GitHub/Integrations/GitHub/GitHub.py +++ b/Packs/GitHub/Integrations/GitHub/GitHub.py @@ -41,6 +41,8 @@ MEDIA_TYPE_INTEGRATION_PREVIEW = "application/vnd.github.machine-man-preview+json" PROJECTS_PREVIEW = 'application/vnd.github.inertia-preview+json' +DEFAULT_PAGE_SIZE = 50 +DEFAULT_PAGE_NUMBER = 1 ''' HELPER FUNCTIONS ''' @@ -1885,6 +1887,52 @@ def get_path_data(): return_results(results) +def github_releases_list_command(): + """ + Gets releases data of given repository in given organization. + Returns: + CommandResults data. + """ + args: Dict[str, Any] = demisto.args() + + repo: str = args.get('repository') or REPOSITORY + organization: str = args.get('organization') or USER + page_number: Optional[int] = arg_to_number(args.get('page')) + page_size: Optional[int] = arg_to_number(args.get('page_size')) + limit = arg_to_number(args.get('limit')) + if (page_number or page_size) and limit: + raise DemistoException('page_number and page_size arguments cannot be given with limit argument.\n' + 'If limit is given, please do not use page or page_size arguments.') + + results: List[Dict] = [] + if limit: + page_number = 1 + page_size = 100 + while len(results) < limit: + url_suffix: str = f'/repos/{organization}/{repo}/releases?per_page={page_size}&page={page_number}' + response = http_request(method='GET', url_suffix=url_suffix) + # No more releases to bring from GitHub services. + if not response: + break + results.extend(response) + page_number += 1 + + results = results[:limit] + else: + page_size = page_size if page_size else DEFAULT_PAGE_SIZE + page_number = page_number if page_number else DEFAULT_PAGE_NUMBER + url_suffix = f'/repos/{organization}/{repo}/releases?per_page={page_size}&page={page_number}' + results = http_request(method='GET', url_suffix=url_suffix) + + result: CommandResults = CommandResults( + outputs_prefix='GitHub.Release', + outputs_key_field='id', + outputs=results, + readable_output=tableToMarkdown(f'Releases Data Of {repo}', results, removeNull=True) + ) + return_results(result) + + def fetch_incidents_command(): last_run = demisto.getLastRun() if last_run and 'start_time' in last_run: @@ -1940,7 +1988,8 @@ def fetch_incidents_command(): 'GitHub-create-release': create_release_command, 'Github-list-issue-events': get_issue_events_command, 'GitHub-add-issue-to-project-board': add_issue_to_project_board_command, - 'GitHub-get-path-data': get_path_data + 'GitHub-get-path-data': get_path_data, + 'GitHub-releases-list': github_releases_list_command, } diff --git a/Packs/GitHub/Integrations/GitHub/GitHub.yml b/Packs/GitHub/Integrations/GitHub/GitHub.yml index 09f06375806b..617e7cd5d4dc 100644 --- a/Packs/GitHub/Integrations/GitHub/GitHub.yml +++ b/Packs/GitHub/Integrations/GitHub/GitHub.yml @@ -3920,6 +3920,144 @@ script: - contextPath: GitHub.PathData.entries.type description: If dir was given in file_path, type of the dir entry. type: String + - arguments: + - default: false + description: Page number to retrieve releases from. If limit argument is not given, defaults to 1. + isArray: false + name: page + required: false + secret: false + - default: false + description: Size of the page. If limit argument is not given, defaults to 50. + isArray: false + name: page_size + required: false + secret: false + - default: false + description: Maximum number of releases data to retrieve. Will get results of the first pages. Cannot be given with page_size or page arguments. + isArray: false + name: limit + required: false + secret: false + - default: false + description: The name of the organization containing the repository. Defaults to organization instance parameter if not given. + isArray: false + name: organization + required: false + secret: false + - default: false + description: The repository containing the releases. Defaults to repository instance parameter if not given. + isArray: false + name: repository + required: false + secret: false + deprecated: false + description: Gets releases data from a given repository and organization. + execution: false + name: GitHub-releases-list + outputs: + - contextPath: GitHub.Release.url + description: Release URL. + type: String + - contextPath: GitHub.Release.assets_url + description: Release assets URL. + type: String + - contextPath: GitHub.Release.upload_url + description: Upload URL. + type: String + - contextPath: GitHub.Release.html_url + description: HTML URL. + type: String + - contextPath: GitHub.Release.id + description: Release ID. + type: Number + - contextPath: GitHub.Release.author.login + description: The release author login username. + type: String + - contextPath: GitHub.Release.author.id + description: The release author user ID. + type: Number + - contextPath: GitHub.Release.author.node_id + description: The release author node ID. + type: String + - contextPath: GitHub.Release.author.avatar_url + description: The release author avatar URL. + type: String + - contextPath: GitHub.Release.author.gravatar_id + description: The release author gravatar ID. + type: String + - contextPath: GitHub.Release.author.url + description: The release author URL. + type: String + - contextPath: GitHub.Release.author.html_url + description: The release author HTML URL. + type: String + - contextPath: GitHub.Release.author.followers_url + description: The release author followers URL. + type: String + - contextPath: GitHub.Release.author.following_url + description: The release author following URL. + type: String + - contextPath: GitHub.Release.author.gists_url + description: The release author gists URL. + type: String + - contextPath: GitHub.Release.author.starred_url + description: The release author starred URL. + type: String + - contextPath: GitHub.Release.author.subscriptions_url + description: The release author subscriptions URL. + type: String + - contextPath: GitHub.Release.author.organizations_url + description: The release author organizations URL. + type: String + - contextPath: GitHub.Release.author.repos_url + description: The release author repos URL. + type: String + - contextPath: GitHub.Release.author.events_url + description: The release author events URL. + type: String + - contextPath: GitHub.Release.author.received_events_url + description: The release author received events URL. + type: String + - contextPath: GitHub.Release.author.type + description: The release author type. (E.g, "User"). + type: String + - contextPath: GitHub.Release.author.site_admin + description: Whether the release author is site admin. + type: Boolean + - contextPath: GitHub.Release.node_id + description: Release Node ID. + type: String + - contextPath: GitHub.Release.tag_name + description: Release tag name. + type: String + - contextPath: GitHub.Release.target_commitish + description: Release target commit. + type: String + - contextPath: GitHub.Release.name + description: Release name. + type: String + - contextPath: GitHub.Release.draft + description: Whether release is draft. + type: Boolean + - contextPath: GitHub.Release.prerelease + description: Whether release is pre release. + type: Boolean + - contextPath: GitHub.Release.created_at + description: Date when release was created. + type: Date + - contextPath: GitHub.Release.published_at + description: Date when release was published. + type: Date + - contextPath: GitHub.Release.tarball_url + description: Release tar URL download. + type: String + - contextPath: GitHub.Release.zipball_url + description: Release zip URL download. + type: String + - contextPath: GitHub.Release.body + description: Release body. + type: String dockerimage: demisto/pyjwt3:1.0.0.23674 feed: false isfetch: true diff --git a/Packs/GitHub/Integrations/GitHub/GitHub_test.py b/Packs/GitHub/Integrations/GitHub/GitHub_test.py index 6f7cd24958c4..d767d40a3d59 100644 --- a/Packs/GitHub/Integrations/GitHub/GitHub_test.py +++ b/Packs/GitHub/Integrations/GitHub/GitHub_test.py @@ -5,7 +5,7 @@ import demistomock as demisto from CommonServerPython import CommandResults from GitHub import main, list_branch_pull_requests, list_all_projects_command, \ - add_issue_to_project_board_command, get_path_data + add_issue_to_project_board_command, get_path_data, github_releases_list_command import GitHub REGULAR_BASE_URL = 'https://api.github.com' @@ -261,6 +261,36 @@ def test_get_path_data_command(requests_mock, mocker): assert command_results.outputs == test_get_file_data_command_response['expected'] +def test_releases_list_command(requests_mock, mocker): + """ + Given: + - Demisto args + + When: + - Calling 'GitHub-releases_list' command. + + Then: + - Ensure expected CommandResults object is returned. + + """ + mocker.patch.object(demisto, 'args', return_value={'repository': 'demisto-sdk', 'organization': 'demisto', + 'limit': 2}) + GitHub.TOKEN, GitHub.USE_SSL = '', '' + GitHub.HEADERS = dict() + GitHub.BASE_URL = 'https://api.github.com/' + test_releases_list_command_data = load_test_data( + './test_data/releases_get_response.json') + requests_mock.get(f'{GitHub.BASE_URL}/repos/demisto/demisto-sdk/releases?per_page=100&page=1', + json=test_releases_list_command_data['response']) + mocker_results = mocker.patch('GitHub.return_results') + github_releases_list_command() + + command_results: CommandResults = mocker_results.call_args[0][0] + assert command_results.outputs_prefix == 'GitHub.Release' + assert command_results.outputs_key_field == 'id' + assert command_results.outputs == test_releases_list_command_data['expected'] + + @pytest.mark.parametrize('mock_params, expected_url', [ ({'url': 'example.com', 'token': 'testtoken'}, 'example.com'), ({'token': 'testtoken'}, 'https://api.github.com'), diff --git a/Packs/GitHub/Integrations/GitHub/README.md b/Packs/GitHub/Integrations/GitHub/README.md index 2010c9e1c5d8..31469f9d1762 100644 --- a/Packs/GitHub/Integrations/GitHub/README.md +++ b/Packs/GitHub/Integrations/GitHub/README.md @@ -2575,3 +2575,118 @@ Gets the data of the a given path. >|---|---|---|---|---|---|---|---|---| >| {'name': 'BitcoinAbuse.py', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.py', 'sha': '23b55cb33aadaa6753e3df1e1d90d3cdc951c745', 'size': 14395, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.py?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.py', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/23b55cb33aadaa6753e3df1e1d90d3cdc951c745', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.py', 'type': 'file'},
{'name': 'BitcoinAbuse.yml', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml', 'sha': '17bbcfd9270570727c2e0f48591fcb9a98a0711e', 'size': 3929, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/17bbcfd9270570727c2e0f48591fcb9a98a0711e', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml', 'type': 'file'},
{'name': 'BitcoinAbuse_description.md', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_description.md', 'sha': '7d969d68833e2424ba8411c93fb8110face60414', 'size': 1305, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_description.md?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_description.md', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/7d969d68833e2424ba8411c93fb8110face60414', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_description.md', 'type': 'file'},
{'name': 'BitcoinAbuse_image.png', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_image.png', 'sha': '52bef504f8dc4b58ddc6f200cdd135bcdfe9719a', 'size': 3212, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_image.png?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_image.png', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/52bef504f8dc4b58ddc6f200cdd135bcdfe9719a', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_image.png', 'type': 'file'},
{'name': 'BitcoinAbuse_test.py', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_test.py', 'sha': 'dc2c4106cc3589461c7470a5c26e6e8927192d7f', 'size': 7150, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_test.py?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_test.py', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/dc2c4106cc3589461c7470a5c26e6e8927192d7f', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse_test.py', 'type': 'file'},
{'name': 'Pipfile', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile', 'sha': '3523d3b6b93bd611859c23e1f63a774d78a0363a', 'size': 257, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/3523d3b6b93bd611859c23e1f63a774d78a0363a', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile', 'type': 'file'},
{'name': 'Pipfile.lock', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile.lock', 'sha': '6bdb9313414e337e128df3715f17d372f5691608', 'size': 15993, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile.lock?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile.lock', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/6bdb9313414e337e128df3715f17d372f5691608', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/Pipfile.lock', 'type': 'file'},
{'name': 'README.md', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/README.md', 'sha': 'fba823cddcc3637b2989598b7ae08731002f8feb', 'size': 7188, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/README.md?ref=master', 'html_url': 'https://github.com/demisto/content/blob/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/README.md', 'git_url': 'https://api.github.com/repos/demisto/content/git/blobs/fba823cddcc3637b2989598b7ae08731002f8feb', 'download_url': 'https://raw.githubusercontent.com/demisto/content/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/README.md', 'type': 'file'},
{'name': 'test_data', 'path': 'Packs/BitcoinAbuse/Integrations/BitcoinAbuse/test_data', 'sha': 'ed2025b734667dfde3b405f8a131b785e9d8fc9d', 'size': 0, 'url': 'https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/test_data?ref=master', 'html_url': 'https://github.com/demisto/content/tree/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/test_data', 'git_url': 'https://api.github.com/repos/demisto/content/git/trees/ed2025b734667dfde3b405f8a131b785e9d8fc9d', 'download_url': None, 'type': 'dir'} | https://api.github.com/repos/demisto/content/git/trees/1a0c49c84e7bcd02af5587082b6ed48634a20402 | https://github.com/demisto/content/tree/master/Packs/BitcoinAbuse/Integrations/BitcoinAbuse | BitcoinAbuse | Packs/BitcoinAbuse/Integrations/BitcoinAbuse | 1a0c49c84e7bcd02af5587082b6ed48634a20402 | 0 | dir | https://api.github.com/repos/demisto/content/contents/Packs/BitcoinAbuse/Integrations/BitcoinAbuse?ref=master | +### GitHub-releases-list +*** +Get releases data from given repository and organization. + + +#### Base Command + +`GitHub-releases-list` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| page | Page number to retrieve releases from. If limit argument is not given, defaults to 1. | Optional | +| page_size | Size of the page. If limit argument is not given, defaults to 50. | Optional | +| limit | Maximum number of releases data to retrieve. Will get results of the first pages. Cannot be given with page_size or page arguments. | Optional | +| organization | The name of the organization containing the repository. Defaults to organization instance parameter if not given. | Optional | +| repository | The repository containing the releases. Defaults to repository instance parameter if not given. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitHub.Release.url | String | Release URL. | +| GitHub.Release.assets_url | String | Release assets URL. | +| GitHub.Release.upload_url | String | Upload URL. | +| GitHub.Release.html_url | String | HTML URL. | +| GitHub.Release.id | Number | Release ID. | +| GitHub.Release.author.login | String | The release author login username. | +| GitHub.Release.author.id | Number | The release author user ID. | +| GitHub.Release.author.node_id | String | The release author node ID. | +| GitHub.Release.author.avatar_url | String | The release author avatar URL. | +| GitHub.Release.author.gravatar_id | String | The release author gravatar ID. | +| GitHub.Release.author.url | String | The release author URL. | +| GitHub.Release.author.html_url | String | The release author HTML URL. | +| GitHub.Release.author.followers_url | String | The release author followers URL. | +| GitHub.Release.author.following_url | String | The release author following URL. | +| GitHub.Release.author.gists_url | String | The release author gists URL. | +| GitHub.Release.author.starred_url | String | The release author starred URL. | +| GitHub.Release.author.subscriptions_url | String | The release author subscriptions URL. | +| GitHub.Release.author.organizations_url | String | The release author organizations URL. | +| GitHub.Release.author.repos_url | String | The release author repos URL. | +| GitHub.Release.author.events_url | String | The release author events URL. | +| GitHub.Release.author.received_events_url | String | The release author received events URL. | +| GitHub.Release.author.type | String | The release author type. \(E.g, "User"\). | +| GitHub.Release.author.site_admin | Boolean | Whether the release author is site admin. | +| GitHub.Release.node_id | String | Release Node ID. | +| GitHub.Release.tag_name | String | Release tag name. | +| GitHub.Release.target_commitish | String | Release target commit. | +| GitHub.Release.name | String | Release name. | +| GitHub.Release.draft | Boolean | Whether release is draft. | +| GitHub.Release.prerelease | Boolean | Whether release is pre release. | +| GitHub.Release.created_at | Date | Date when release was created. | +| GitHub.Release.published_at | Date | Date when release was published. | +| GitHub.Release.tarball_url | String | Release tar URL download. | +| GitHub.Release.zipball_url | String | Release zip URL download. | +| GitHub.Release.body | String | Release body. | + + +#### Command Example +```!GitHub-releases-list limit=1``` + +#### Context Example +```json +{ + "GitHub": { + "Release": { + "assets": [], + "assets_url": "https://api.github.com/repos/content-bot/hello-world/releases/48262112/assets", + "author": { + "avatar_url": "https://avatars.githubusercontent.com/u/55035720?v=4", + "events_url": "https://api.github.com/users/content-bot/events{/privacy}", + "followers_url": "https://api.github.com/users/content-bot/followers", + "following_url": "https://api.github.com/users/content-bot/following{/other_user}", + "gists_url": "https://api.github.com/users/content-bot/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/content-bot", + "id": 55035720, + "login": "content-bot", + "node_id": "MDQ6VXNlcjU1MDM1NzIw", + "organizations_url": "https://api.github.com/users/content-bot/orgs", + "received_events_url": "https://api.github.com/users/content-bot/received_events", + "repos_url": "https://api.github.com/users/content-bot/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/content-bot/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/content-bot/subscriptions", + "type": "User", + "url": "https://api.github.com/users/content-bot" + }, + "body": "test", + "created_at": "2021-08-23T07:54:37Z", + "draft": true, + "html_url": "https://github.com/content-bot/hello-world/releases/tag/untagged-e106615f0216817665d8", + "id": 48262112, + "name": "1.0.0", + "node_id": "MDc6UmVsZWFzZTQ4MjYyMTEy", + "prerelease": false, + "published_at": null, + "tag_name": "1.0.0", + "tarball_url": null, + "target_commitish": "master", + "upload_url": "https://uploads.github.com/repos/content-bot/hello-world/releases/48262112/assets{?name,label}", + "url": "https://api.github.com/repos/content-bot/hello-world/releases/48262112", + "zipball_url": null + } + } +} +``` + +#### Human Readable Output + +>### Releases Data Of hello-world +>|assets_url|author|body|created_at|draft|html_url|id|name|node_id|prerelease|tag_name|target_commitish|upload_url|url| +>|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +>| https://api.github.com/repos/content-bot/hello-world/releases/48262112/assets | login: content-bot
id: 55035720
node_id: MDQ6VXNlcjU1MDM1NzIw
avatar_url: https://avatars.githubusercontent.com/u/55035720?v=4
gravatar_id:
url: https://api.github.com/users/content-bot
html_url: https://github.com/content-bot
followers_url: https://api.github.com/users/content-bot/followers
following_url: https://api.github.com/users/content-bot/following{/other_user}
gists_url: https://api.github.com/users/content-bot/gists{/gist_id}
starred_url: https://api.github.com/users/content-bot/starred{/owner}{/repo}
subscriptions_url: https://api.github.com/users/content-bot/subscriptions
organizations_url: https://api.github.com/users/content-bot/orgs
repos_url: https://api.github.com/users/content-bot/repos
events_url: https://api.github.com/users/content-bot/events{/privacy}
received_events_url: https://api.github.com/users/content-bot/received_events
type: User
site_admin: false | test | 2021-08-23T07:54:37Z | true | https://github.com/content-bot/hello-world/releases/tag/untagged-e106615f0216817665d8 | 48262112 | 1.0.0 | MDc6UmVsZWFzZTQ4MjYyMTEy | false | 1.0.0 | master | https://uploads.github.com/repos/content-bot/hello-world/releases/48262112/assets{?name,label} | https://api.github.com/repos/content-bot/hello-world/releases/48262112 | diff --git a/Packs/GitHub/Integrations/GitHub/command_examples b/Packs/GitHub/Integrations/GitHub/command_examples index 7c0cf488ee7c..509210b389af 100644 --- a/Packs/GitHub/Integrations/GitHub/command_examples +++ b/Packs/GitHub/Integrations/GitHub/command_examples @@ -1,3 +1,4 @@ !GitHub-search-code query="create_artifacts+repo:demisto/demisto-sdk" page_size="2" limit="5" !GitHub-list-branch-pull-requests branch_name=Update-Docker-Image -!GitHub-get-path-data organization=demisto repository=content relative_path=Packs/BitcoinAbuse/Integrations/BitcoinAbuse \ No newline at end of file +!GitHub-get-path-data organization=demisto repository=content relative_path=Packs/BitcoinAbuse/Integrations/BitcoinAbuse +!GitHub-releases-list limit=1 \ No newline at end of file diff --git a/Packs/GitHub/Integrations/GitHub/test_data/releases_get_response.json b/Packs/GitHub/Integrations/GitHub/test_data/releases_get_response.json new file mode 100644 index 000000000000..0a3e060ab51b --- /dev/null +++ b/Packs/GitHub/Integrations/GitHub/test_data/releases_get_response.json @@ -0,0 +1,162 @@ +{ + "response": [ + { + "url": "https://api.github.com/repos/demisto/demisto-sdk/releases/48121851", + "assets_url": "https://api.github.com/repos/demisto/demisto-sdk/releases/48121851/assets", + "upload_url": "https://uploads.github.com/repos/demisto/demisto-sdk/releases/48121851/assets{?name,label}", + "html_url": "https://github.com/demisto/demisto-sdk/releases/tag/v1.4.8", + "id": 48121851, + "author": { + "login": "user-bot", + "id": 81086590, + "node_id": "MDQ6VXNlcjgxMDg2NTkw", + "avatar_url": "https://avatars.githubusercontent.com/u/81086590?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/user-bot", + "html_url": "https://github.com/user-bot", + "followers_url": "https://api.github.com/users/user-bot/followers", + "following_url": "https://api.github.com/users/user-bot/following{/other_user}", + "gists_url": "https://api.github.com/users/user-bot/gists{/gist_id}", + "starred_url": "https://api.github.com/users/user-bot/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/user-bot/subscriptions", + "organizations_url": "https://api.github.com/users/user-bot/orgs", + "repos_url": "https://api.github.com/users/user-bot/repos", + "events_url": "https://api.github.com/users/user-bot/events{/privacy}", + "received_events_url": "https://api.github.com/users/user-bot/received_events", + "type": "User", + "site_admin": false + }, + "node_id": "MDc6UmVsZWFzZTQ4MTIxODUx", + "tag_name": "v1.4.8", + "target_commitish": "master", + "name": "v1.4.8", + "draft": false, + "prerelease": false, + "created_at": "2021-08-19T11:57:06Z", + "published_at": "2021-08-19T15:05:17Z", + "assets": [], + "tarball_url": "https://api.github.com/repos/demisto/demisto-sdk/tarball/v1.4.8", + "zipball_url": "https://api.github.com/repos/demisto/demisto-sdk/zipball/v1.4.8", + "body": "* Fixed an issue where yml files with `!reference` failed to load properly.\r\n* Fixed an issue when `View Integration Documentation` button was added twice during the download and re-upload.\r\n* Fixed an issue when `(Partner Contribution)` was added twice to the display name during the download and re-upload.\r\n* Added the following enhancements in the **generate-test-playbook** command:\r\n * Added the *--commands* argument to generate tasks for specific commands.\r\n * Added the *--examples* argument to get the command examples file path and generate tasks from the commands and arguments specified there.\r\n * Added the *--upload* flag to specify whether to upload the test playbook after the generation.\r\n * Fixed the output condition generation for outputs of type `Boolean`.\r\n" + }, + { + "url": "https://api.github.com/repos/demisto/demisto-sdk/releases/47721812", + "assets_url": "https://api.github.com/repos/demisto/demisto-sdk/releases/47721812/assets", + "upload_url": "https://uploads.github.com/repos/demisto/demisto-sdk/releases/47721812/assets{?name,label}", + "html_url": "https://github.com/demisto/demisto-sdk/releases/tag/v1.4.7", + "id": 47721812, + "author": { + "login": "roysagi", + "id": 50295826, + "node_id": "MDQ6VXNlcjUwMjk1ODI2", + "avatar_url": "https://avatars.githubusercontent.com/u/50295826?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/roysagi", + "html_url": "https://github.com/roysagi", + "followers_url": "https://api.github.com/users/roysagi/followers", + "following_url": "https://api.github.com/users/roysagi/following{/other_user}", + "gists_url": "https://api.github.com/users/roysagi/gists{/gist_id}", + "starred_url": "https://api.github.com/users/roysagi/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/roysagi/subscriptions", + "organizations_url": "https://api.github.com/users/roysagi/orgs", + "repos_url": "https://api.github.com/users/roysagi/repos", + "events_url": "https://api.github.com/users/roysagi/events{/privacy}", + "received_events_url": "https://api.github.com/users/roysagi/received_events", + "type": "User", + "site_admin": false + }, + "node_id": "MDc6UmVsZWFzZTQ3NzIxODEy", + "tag_name": "v1.4.7", + "target_commitish": "1.4.7", + "name": "v1.4.7", + "draft": false, + "prerelease": false, + "created_at": "2021-08-12T04:55:48Z", + "published_at": "2021-08-12T06:26:55Z", + "assets": [], + "tarball_url": "https://api.github.com/repos/demisto/demisto-sdk/tarball/v1.4.7", + "zipball_url": "https://api.github.com/repos/demisto/demisto-sdk/zipball/v1.4.7", + "body": "* Fixed an issue where the **format** command has incorrectly recognized on which files to run when running using git.\r\n* Fixed an issue where author image validations were not checked properly.\r\n* Fixed an issue where new old-formatted scripts and integrations were not validated.\r\n* Fixed an issue where the wording in the from version validation error for subplaybooks was incorrect.\r\n* Fixed an issue where the **update-release-notes** command used the old docker image version instead of the new when detecting a docker change.\r\n* Fixed an issue where the **generate-test-playbook** command used an incorrect argument name as default\r\n* Fixed an issue where the **json-to-outputs** command used an incorrect argument name as default when using `-d`.\r\n* Fixed an issue where validations failed while trying to validate non content files.\r\n* Fixed an issue where README validations did not work post VS Code formatting.\r\n* Fixed an issue where the description validations were inconsistent when running through an integration file or a description file." + } + ], + "expected": [ + { + "url": "https://api.github.com/repos/demisto/demisto-sdk/releases/48121851", + "assets_url": "https://api.github.com/repos/demisto/demisto-sdk/releases/48121851/assets", + "upload_url": "https://uploads.github.com/repos/demisto/demisto-sdk/releases/48121851/assets{?name,label}", + "html_url": "https://github.com/demisto/demisto-sdk/releases/tag/v1.4.8", + "id": 48121851, + "author": { + "login": "user-bot", + "id": 81086590, + "node_id": "MDQ6VXNlcjgxMDg2NTkw", + "avatar_url": "https://avatars.githubusercontent.com/u/81086590?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/user-bot", + "html_url": "https://github.com/user-bot", + "followers_url": "https://api.github.com/users/user-bot/followers", + "following_url": "https://api.github.com/users/user-bot/following{/other_user}", + "gists_url": "https://api.github.com/users/user-bot/gists{/gist_id}", + "starred_url": "https://api.github.com/users/user-bot/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/user-bot/subscriptions", + "organizations_url": "https://api.github.com/users/user-bot/orgs", + "repos_url": "https://api.github.com/users/user-bot/repos", + "events_url": "https://api.github.com/users/user-bot/events{/privacy}", + "received_events_url": "https://api.github.com/users/user-bot/received_events", + "type": "User", + "site_admin": false + }, + "node_id": "MDc6UmVsZWFzZTQ4MTIxODUx", + "tag_name": "v1.4.8", + "target_commitish": "master", + "name": "v1.4.8", + "draft": false, + "prerelease": false, + "created_at": "2021-08-19T11:57:06Z", + "published_at": "2021-08-19T15:05:17Z", + "assets": [], + "tarball_url": "https://api.github.com/repos/demisto/demisto-sdk/tarball/v1.4.8", + "zipball_url": "https://api.github.com/repos/demisto/demisto-sdk/zipball/v1.4.8", + "body": "* Fixed an issue where yml files with `!reference` failed to load properly.\r\n* Fixed an issue when `View Integration Documentation` button was added twice during the download and re-upload.\r\n* Fixed an issue when `(Partner Contribution)` was added twice to the display name during the download and re-upload.\r\n* Added the following enhancements in the **generate-test-playbook** command:\r\n * Added the *--commands* argument to generate tasks for specific commands.\r\n * Added the *--examples* argument to get the command examples file path and generate tasks from the commands and arguments specified there.\r\n * Added the *--upload* flag to specify whether to upload the test playbook after the generation.\r\n * Fixed the output condition generation for outputs of type `Boolean`.\r\n" + }, + { + "url": "https://api.github.com/repos/demisto/demisto-sdk/releases/47721812", + "assets_url": "https://api.github.com/repos/demisto/demisto-sdk/releases/47721812/assets", + "upload_url": "https://uploads.github.com/repos/demisto/demisto-sdk/releases/47721812/assets{?name,label}", + "html_url": "https://github.com/demisto/demisto-sdk/releases/tag/v1.4.7", + "id": 47721812, + "author": { + "login": "roysagi", + "id": 50295826, + "node_id": "MDQ6VXNlcjUwMjk1ODI2", + "avatar_url": "https://avatars.githubusercontent.com/u/50295826?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/roysagi", + "html_url": "https://github.com/roysagi", + "followers_url": "https://api.github.com/users/roysagi/followers", + "following_url": "https://api.github.com/users/roysagi/following{/other_user}", + "gists_url": "https://api.github.com/users/roysagi/gists{/gist_id}", + "starred_url": "https://api.github.com/users/roysagi/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/roysagi/subscriptions", + "organizations_url": "https://api.github.com/users/roysagi/orgs", + "repos_url": "https://api.github.com/users/roysagi/repos", + "events_url": "https://api.github.com/users/roysagi/events{/privacy}", + "received_events_url": "https://api.github.com/users/roysagi/received_events", + "type": "User", + "site_admin": false + }, + "node_id": "MDc6UmVsZWFzZTQ3NzIxODEy", + "tag_name": "v1.4.7", + "target_commitish": "1.4.7", + "name": "v1.4.7", + "draft": false, + "prerelease": false, + "created_at": "2021-08-12T04:55:48Z", + "published_at": "2021-08-12T06:26:55Z", + "assets": [], + "tarball_url": "https://api.github.com/repos/demisto/demisto-sdk/tarball/v1.4.7", + "zipball_url": "https://api.github.com/repos/demisto/demisto-sdk/zipball/v1.4.7", + "body": "* Fixed an issue where the **format** command has incorrectly recognized on which files to run when running using git.\r\n* Fixed an issue where author image validations were not checked properly.\r\n* Fixed an issue where new old-formatted scripts and integrations were not validated.\r\n* Fixed an issue where the wording in the from version validation error for subplaybooks was incorrect.\r\n* Fixed an issue where the **update-release-notes** command used the old docker image version instead of the new when detecting a docker change.\r\n* Fixed an issue where the **generate-test-playbook** command used an incorrect argument name as default\r\n* Fixed an issue where the **json-to-outputs** command used an incorrect argument name as default when using `-d`.\r\n* Fixed an issue where validations failed while trying to validate non content files.\r\n* Fixed an issue where README validations did not work post VS Code formatting.\r\n* Fixed an issue where the description validations were inconsistent when running through an integration file or a description file." + } + ] +} \ No newline at end of file diff --git a/Packs/GitHub/ReleaseNotes/1_3_7.md b/Packs/GitHub/ReleaseNotes/1_3_7.md new file mode 100644 index 000000000000..948fab11220a --- /dev/null +++ b/Packs/GitHub/ReleaseNotes/1_3_7.md @@ -0,0 +1,4 @@ + +#### Integrations +##### GitHub +- Added the ***GitHub-releases-list*** command. diff --git a/Packs/GitHub/TestPlaybooks/Git_Integration-Test.yml b/Packs/GitHub/TestPlaybooks/Git_Integration-Test.yml index 1e13d872afb7..90a152c9f158 100644 --- a/Packs/GitHub/TestPlaybooks/Git_Integration-Test.yml +++ b/Packs/GitHub/TestPlaybooks/Git_Integration-Test.yml @@ -6,10 +6,10 @@ starttaskid: "0" tasks: "0": id: "0" - taskid: 4eeafebe-7f41-4ac5-895a-e006ba9405e2 + taskid: 29bc109d-6954-4c7b-8e0d-489c6650cf51 type: start task: - id: 4eeafebe-7f41-4ac5-895a-e006ba9405e2 + id: 29bc109d-6954-4c7b-8e0d-489c6650cf51 version: -1 name: "" iscommand: false @@ -33,10 +33,10 @@ tasks: quietmode: 0 "1": id: "1" - taskid: 92548f10-5fb3-4633-800b-99387f8ad7ec + taskid: c41fca09-19fa-4033-8928-e4fcb21e4490 type: regular task: - id: 92548f10-5fb3-4633-800b-99387f8ad7ec + id: c41fca09-19fa-4033-8928-e4fcb21e4490 version: -1 name: DeleteContext description: Delete field from context @@ -67,10 +67,10 @@ tasks: quietmode: 0 "3": id: "3" - taskid: db06ade7-4d31-43d1-80cc-8ba3fdcaeac6 + taskid: eb4ca1ca-5128-4aea-8a1c-8da6ea5f0e17 type: condition task: - id: db06ade7-4d31-43d1-80cc-8ba3fdcaeac6 + id: eb4ca1ca-5128-4aea-8a1c-8da6ea5f0e17 version: -1 name: Verify Results - create type: condition @@ -122,10 +122,10 @@ tasks: quietmode: 0 "7": id: "7" - taskid: f99adad6-c62b-40f7-8f86-af3293768fde + taskid: 4817f58f-8356-4fd2-8d3d-4bc71aedd8fd type: condition task: - id: f99adad6-c62b-40f7-8f86-af3293768fde + id: 4817f58f-8356-4fd2-8d3d-4bc71aedd8fd version: -1 name: Verify Results - search type: condition @@ -177,10 +177,10 @@ tasks: quietmode: 0 "10": id: "10" - taskid: 976806e8-7a42-4bfb-88db-f93285e899d6 + taskid: c637a1f3-9dad-4340-8af6-a870d27ca012 type: condition task: - id: 976806e8-7a42-4bfb-88db-f93285e899d6 + id: c637a1f3-9dad-4340-8af6-a870d27ca012 version: -1 name: Verify Results - list all type: condition @@ -224,10 +224,10 @@ tasks: quietmode: 0 "15": id: "15" - taskid: 7a999690-422b-45a3-8ecf-c5273d3ef37a + taskid: 9b3e40f4-ee0f-4d80-85d2-3216dd112768 type: title task: - id: 7a999690-422b-45a3-8ecf-c5273d3ef37a + id: 9b3e40f4-ee0f-4d80-85d2-3216dd112768 version: -1 name: Done description: Done @@ -239,7 +239,7 @@ tasks: { "position": { "x": 807.5, - "y": 5445 + "y": 5795 } } note: false @@ -249,10 +249,10 @@ tasks: quietmode: 0 "16": id: "16" - taskid: 44027e31-511f-4943-8db3-892a612a0af9 + taskid: e46ccfae-f596-47b4-8d13-2e262cc6a48f type: regular task: - id: 44027e31-511f-4943-8db3-892a612a0af9 + id: e46ccfae-f596-47b4-8d13-2e262cc6a48f version: -1 name: GitHub-create-issue description: Creates an issue in GitHub. @@ -283,10 +283,10 @@ tasks: quietmode: 0 "17": id: "17" - taskid: 298018fe-08b0-4e26-86bb-44f0fe36ee7c + taskid: 31db9c3c-e1c8-40f9-826b-67349789d174 type: regular task: - id: 298018fe-08b0-4e26-86bb-44f0fe36ee7c + id: 31db9c3c-e1c8-40f9-826b-67349789d174 version: -1 name: GitHub-search-issues description: Searches issues matching a given query @@ -315,10 +315,10 @@ tasks: quietmode: 0 "18": id: "18" - taskid: 8e8b95cb-842d-4024-89a8-10a00d1082bf + taskid: 550c0cc3-a41f-4a73-8a76-097771003058 type: regular task: - id: 8e8b95cb-842d-4024-89a8-10a00d1082bf + id: 550c0cc3-a41f-4a73-8a76-097771003058 version: -1 name: GitHub-update-issue description: Updates the parameters of a given issue @@ -349,10 +349,10 @@ tasks: quietmode: 0 "19": id: "19" - taskid: 996e383c-6883-480c-8a0a-28ca7a0ff591 + taskid: f9ba3a3a-34ec-4a85-8b8e-2cde62224230 type: regular task: - id: 996e383c-6883-480c-8a0a-28ca7a0ff591 + id: f9ba3a3a-34ec-4a85-8b8e-2cde62224230 version: -1 name: GitHub-list-all-issues description: Lists all issues that the user can see @@ -381,10 +381,10 @@ tasks: quietmode: 0 "20": id: "20" - taskid: 138dff20-0e45-48d3-8df3-ea2a50bb5769 + taskid: c46995c7-f324-4486-8291-a90795e0c17d type: regular task: - id: 138dff20-0e45-48d3-8df3-ea2a50bb5769 + id: c46995c7-f324-4486-8291-a90795e0c17d version: -1 name: GitHub-close-issue description: closes an existing issue @@ -423,10 +423,10 @@ tasks: quietmode: 0 "21": id: "21" - taskid: bf5d0eac-a8bc-4d18-8f11-9a301aa63c58 + taskid: 97d0defb-5838-42fa-8dc1-e70df9790e9d type: regular task: - id: bf5d0eac-a8bc-4d18-8f11-9a301aa63c58 + id: 97d0defb-5838-42fa-8dc1-e70df9790e9d version: -1 name: GitHub-get-download-count description: Returns the total amount of downloads over all the releases of @@ -453,10 +453,10 @@ tasks: quietmode: 0 "22": id: "22" - taskid: 17ff0d1d-2e70-4a25-8431-9ac1d1118368 + taskid: 7be864d4-6c93-4de4-82cc-309c0507ea47 type: condition task: - id: 17ff0d1d-2e70-4a25-8431-9ac1d1118368 + id: 7be864d4-6c93-4de4-82cc-309c0507ea47 version: -1 name: Verify Results - count type: condition @@ -496,10 +496,10 @@ tasks: quietmode: 0 "23": id: "23" - taskid: 1dfb9f5b-d4d5-458a-8e9a-438320a6a841 + taskid: 35f938ac-821d-49cc-8000-6fc5fdc97fc1 type: condition task: - id: 1dfb9f5b-d4d5-458a-8e9a-438320a6a841 + id: 35f938ac-821d-49cc-8000-6fc5fdc97fc1 version: -1 name: Verify Results - update type: condition @@ -551,10 +551,10 @@ tasks: quietmode: 0 "24": id: "24" - taskid: 6934a004-8756-479e-82d8-b95c99cb486d + taskid: 302945c5-0e04-412d-885a-2cb900b88704 type: condition task: - id: 6934a004-8756-479e-82d8-b95c99cb486d + id: 302945c5-0e04-412d-885a-2cb900b88704 version: -1 name: Verify Results - closed type: condition @@ -598,10 +598,10 @@ tasks: quietmode: 0 "25": id: "25" - taskid: 62b0ffde-e086-4593-8836-16723144bcf2 + taskid: ed919b26-b7e5-40cf-8cc7-a1a93b919c7b type: regular task: - id: 62b0ffde-e086-4593-8836-16723144bcf2 + id: ed919b26-b7e5-40cf-8cc7-a1a93b919c7b version: -1 name: Store ID description: Sets a value into the context with the given context key @@ -632,10 +632,10 @@ tasks: quietmode: 0 "26": id: "26" - taskid: 4005dc6f-905a-492a-8a20-e81ad0c849a7 + taskid: 2e5f5cf8-876f-4bc5-88e9-a9b61f80a5bd type: regular task: - id: 4005dc6f-905a-492a-8a20-e81ad0c849a7 + id: 2e5f5cf8-876f-4bc5-88e9-a9b61f80a5bd version: -1 name: GitHub-get-branch description: Get a branch @@ -664,10 +664,10 @@ tasks: quietmode: 0 "27": id: "27" - taskid: 00a0209b-bb26-4c89-82af-c71f5c474085 + taskid: 83796405-0d42-4f54-8e7a-bf62c457833e type: regular task: - id: 00a0209b-bb26-4c89-82af-c71f5c474085 + id: 83796405-0d42-4f54-8e7a-bf62c457833e version: -1 name: GitHub-create-branch description: Create a new branch @@ -700,10 +700,10 @@ tasks: quietmode: 0 "28": id: "28" - taskid: 53049bf5-9997-426a-88b0-6a7d169200ef + taskid: bac38880-7a17-43d3-8acc-e601d0e8e23f type: regular task: - id: 53049bf5-9997-426a-88b0-6a7d169200ef + id: bac38880-7a17-43d3-8acc-e601d0e8e23f version: -1 name: GitHub-delete-branch description: Delete a branch @@ -732,10 +732,10 @@ tasks: quietmode: 0 "29": id: "29" - taskid: 8c68c667-7f3a-4a61-8c19-765d2977c7f8 + taskid: ba8c07b1-44a6-494c-8607-06d5af9cc209 type: regular task: - id: 8c68c667-7f3a-4a61-8c19-765d2977c7f8 + id: ba8c07b1-44a6-494c-8607-06d5af9cc209 version: -1 name: GitHub-get-stale-prs description: Get inactive pull requests @@ -764,10 +764,10 @@ tasks: quietmode: 0 "30": id: "30" - taskid: 5efc1973-5719-4c06-88b2-d47ba88c7bd3 + taskid: c920ddf4-5a1f-4529-821d-65a599cafe97 type: condition task: - id: 5efc1973-5719-4c06-88b2-d47ba88c7bd3 + id: c920ddf4-5a1f-4529-821d-65a599cafe97 version: -1 name: Verify Results - get stale prs type: condition @@ -806,10 +806,10 @@ tasks: quietmode: 0 "34": id: "34" - taskid: 68d430e7-4676-485d-8bb5-e00d8dbfc7be + taskid: 6d455412-9542-47cf-8d14-8593365dc17f type: regular task: - id: 68d430e7-4676-485d-8bb5-e00d8dbfc7be + id: 6d455412-9542-47cf-8d14-8593365dc17f version: -1 name: GitHub-request-review description: Request reviews from GitHub users for a given Pull Request @@ -840,10 +840,10 @@ tasks: quietmode: 0 "35": id: "35" - taskid: edaacdf8-32f0-4b97-8076-61ee120446fd + taskid: 42ac72fa-3350-476d-8522-e8932482e86c type: regular task: - id: edaacdf8-32f0-4b97-8076-61ee120446fd + id: 42ac72fa-3350-476d-8522-e8932482e86c version: -1 name: GitHub-create-comment description: Create a comment for a given issue @@ -874,10 +874,10 @@ tasks: quietmode: 0 "36": id: "36" - taskid: efc7aa71-d4f0-4b25-854e-5a2e930aa27f + taskid: 367c8998-09bc-4493-82ea-b7f221ccbc5d type: regular task: - id: efc7aa71-d4f0-4b25-854e-5a2e930aa27f + id: 367c8998-09bc-4493-82ea-b7f221ccbc5d version: -1 name: GitHub-add-label description: Add labels to an issue @@ -908,10 +908,10 @@ tasks: quietmode: 0 "37": id: "37" - taskid: 42139248-9802-4ee9-890f-1b06a5c08cfb + taskid: d56cfd7b-0ecd-4bc6-8b63-5f2fffa80bc5 type: regular task: - id: 42139248-9802-4ee9-890f-1b06a5c08cfb + id: d56cfd7b-0ecd-4bc6-8b63-5f2fffa80bc5 version: -1 name: GitHub-list-issue-comments description: List comments on an issue @@ -940,10 +940,10 @@ tasks: quietmode: 0 "38": id: "38" - taskid: 4d6594d4-9dc7-4004-8d49-6405f32e9d1e + taskid: 79131f6f-dd3a-4efd-83ac-6ca3a3d126b0 type: condition task: - id: 4d6594d4-9dc7-4004-8d49-6405f32e9d1e + id: 79131f6f-dd3a-4efd-83ac-6ca3a3d126b0 version: -1 name: Verify Results - list issue comments type: condition @@ -990,10 +990,10 @@ tasks: quietmode: 0 "39": id: "39" - taskid: 0a9c93e2-6beb-4d39-8cb6-d43148ef8221 + taskid: e65779d2-54e9-42a3-8800-a8e2fcf33943 type: regular task: - id: 0a9c93e2-6beb-4d39-8cb6-d43148ef8221 + id: e65779d2-54e9-42a3-8800-a8e2fcf33943 version: -1 name: GitHub-list-pr-files description: List pull request files @@ -1022,10 +1022,10 @@ tasks: quietmode: 0 "40": id: "40" - taskid: d4a9ce47-7f42-468b-830a-53599bbc327b + taskid: b2cca3aa-4e1b-47e8-88e8-fedccd5fc54e type: regular task: - id: d4a9ce47-7f42-468b-830a-53599bbc327b + id: b2cca3aa-4e1b-47e8-88e8-fedccd5fc54e version: -1 name: GitHub-list-pr-reviews description: List reviews on a pull request @@ -1054,10 +1054,10 @@ tasks: quietmode: 0 "41": id: "41" - taskid: 2a1b94d0-4baf-4007-8546-f74ecd04adea + taskid: a7706f35-a1c1-44ea-8f22-634c08bbed2c type: condition task: - id: 2a1b94d0-4baf-4007-8546-f74ecd04adea + id: a7706f35-a1c1-44ea-8f22-634c08bbed2c version: -1 name: Verify Results - list pr files type: condition @@ -1094,10 +1094,10 @@ tasks: quietmode: 0 "42": id: "42" - taskid: 5c2ebd58-2620-4e22-8776-360b5f3e3ef7 + taskid: 2241bbfc-bc3c-4f9c-801e-df6bac1ca7a4 type: condition task: - id: 5c2ebd58-2620-4e22-8776-360b5f3e3ef7 + id: 2241bbfc-bc3c-4f9c-801e-df6bac1ca7a4 version: -1 name: Verify Results - list pr reviews type: condition @@ -1131,10 +1131,10 @@ tasks: quietmode: 0 "43": id: "43" - taskid: eb9609c8-4fcd-410d-8337-dc380d015d71 + taskid: dfa755fb-37e3-45ef-8da7-e466f2f0775f type: regular task: - id: eb9609c8-4fcd-410d-8337-dc380d015d71 + id: dfa755fb-37e3-45ef-8da7-e466f2f0775f version: -1 name: GitHub-get-commit description: Get a commit @@ -1165,10 +1165,10 @@ tasks: quietmode: 0 "44": id: "44" - taskid: f01640af-07db-43ce-84a3-51f08409c708 + taskid: 4d6cabcb-aacd-4aa7-8086-5b0412e68c6e type: regular task: - id: f01640af-07db-43ce-84a3-51f08409c708 + id: 4d6cabcb-aacd-4aa7-8086-5b0412e68c6e version: -1 name: GitHub-get-pull-request description: Get a pull request @@ -1197,10 +1197,10 @@ tasks: quietmode: 0 "45": id: "45" - taskid: 971d3173-9486-4bfb-834e-e19e1a21b43a + taskid: b73c673f-5ed0-4d5b-80c4-94778cf1131d type: condition task: - id: 971d3173-9486-4bfb-834e-e19e1a21b43a + id: b73c673f-5ed0-4d5b-80c4-94778cf1131d version: -1 name: Verify Results - get pull request type: condition @@ -1246,10 +1246,10 @@ tasks: quietmode: 0 "46": id: "46" - taskid: 91e2f0b7-002f-4335-8ef0-a0c78e59c8bb + taskid: f10c18a5-dd42-42a3-830b-b2c04612e223 type: condition task: - id: 91e2f0b7-002f-4335-8ef0-a0c78e59c8bb + id: f10c18a5-dd42-42a3-830b-b2c04612e223 version: -1 name: Verify Results - get commit type: condition @@ -1286,10 +1286,10 @@ tasks: quietmode: 0 "47": id: "47" - taskid: 30b0c3c2-486d-4fa8-8fa4-b2131e9cccfe + taskid: e0267bbf-6eef-4b6a-850e-85e9ed7556d0 type: regular task: - id: 30b0c3c2-486d-4fa8-8fa4-b2131e9cccfe + id: e0267bbf-6eef-4b6a-850e-85e9ed7556d0 version: -1 name: Set description: Sets a value into the context with the given context key @@ -1322,10 +1322,10 @@ tasks: quietmode: 0 "48": id: "48" - taskid: 46155de4-5c7b-408f-86b5-1454594c4a53 + taskid: 4f641760-1dcc-44cb-8d93-c79cc021dad3 type: regular task: - id: 46155de4-5c7b-408f-86b5-1454594c4a53 + id: 4f641760-1dcc-44cb-8d93-c79cc021dad3 version: -1 name: GitHub-is-pr-merged description: 'Get if a pull request has been merged. If the pull request has @@ -1356,10 +1356,10 @@ tasks: quietmode: 0 "49": id: "49" - taskid: 5759e3be-8b87-43dd-85e3-327bd36d1926 + taskid: 29377ade-f384-4fdd-81c9-5d11132b0643 type: regular task: - id: 5759e3be-8b87-43dd-85e3-327bd36d1926 + id: 29377ade-f384-4fdd-81c9-5d11132b0643 version: -1 name: GitHub-create-pull-request description: Create a new pull request @@ -1394,10 +1394,10 @@ tasks: quietmode: 0 "50": id: "50" - taskid: 11fbcd0c-9ab4-40e0-87b2-62575d9b1876 + taskid: 45474e25-519f-4afc-89fa-51bdb51d9047 type: regular task: - id: 11fbcd0c-9ab4-40e0-87b2-62575d9b1876 + id: 45474e25-519f-4afc-89fa-51bdb51d9047 version: -1 name: GitHub-update-pull-request description: Update a pull request @@ -1432,10 +1432,10 @@ tasks: quietmode: 0 "51": id: "51" - taskid: 4fd9b6af-6d66-43a7-815d-a300cf0a9ed7 + taskid: 9dc40e34-8a73-4b8a-83a8-a36669facd31 type: regular task: - id: 4fd9b6af-6d66-43a7-815d-a300cf0a9ed7 + id: 9dc40e34-8a73-4b8a-83a8-a36669facd31 version: -1 name: GitHub-close-issue description: Closes an existing issue. @@ -1466,10 +1466,10 @@ tasks: quietmode: 0 "52": id: "52" - taskid: e7098065-2c14-484d-8896-691c424776c1 + taskid: e9c4b3fd-3452-4cd5-8019-f83d54a771ed type: condition task: - id: e7098065-2c14-484d-8896-691c424776c1 + id: e9c4b3fd-3452-4cd5-8019-f83d54a771ed version: -1 name: Verify Results - create pull request type: condition @@ -1506,10 +1506,10 @@ tasks: quietmode: 0 "53": id: "53" - taskid: cc5376f9-6530-4243-8c23-3f03cf30fd1e + taskid: 45846a87-a807-4549-8329-8f550f09ee3f type: condition task: - id: cc5376f9-6530-4243-8c23-3f03cf30fd1e + id: 45846a87-a807-4549-8329-8f550f09ee3f version: -1 name: Verify Results - update pull request type: condition @@ -1546,10 +1546,10 @@ tasks: quietmode: 0 "54": id: "54" - taskid: d37b3a02-c470-4af0-8d74-1a634d28ec58 + taskid: d8377dad-f792-426a-86f7-dadf523d6cc2 type: regular task: - id: d37b3a02-c470-4af0-8d74-1a634d28ec58 + id: d8377dad-f792-426a-86f7-dadf523d6cc2 version: -1 name: DeleteContext description: Delete field from context @@ -1578,10 +1578,10 @@ tasks: quietmode: 0 "55": id: "55" - taskid: d28ca802-1332-46c6-88a0-0b6aacd2f433 + taskid: aa857fc9-86a8-4591-803f-22010613d079 type: regular task: - id: d28ca802-1332-46c6-88a0-0b6aacd2f433 + id: aa857fc9-86a8-4591-803f-22010613d079 version: -1 name: GitHub-get-file-content description: Gets the content of a file from GitHub. @@ -1614,10 +1614,10 @@ tasks: quietmode: 0 "56": id: "56" - taskid: 3a812bf7-fd38-4c2a-893d-fa9c14db5b7a + taskid: cdb648cb-8840-4f5a-854d-eb1f34e3fa47 type: condition task: - id: 3a812bf7-fd38-4c2a-893d-fa9c14db5b7a + id: cdb648cb-8840-4f5a-854d-eb1f34e3fa47 version: -1 name: Verify Results - get file content type: condition @@ -1654,10 +1654,10 @@ tasks: quietmode: 0 "57": id: "57" - taskid: 136a3e38-ef8d-46e3-8c55-c9fb9d557b76 + taskid: ec1158c1-5d10-4b32-8d2a-e88b9f3430a4 type: regular task: - id: 136a3e38-ef8d-46e3-8c55-c9fb9d557b76 + id: ec1158c1-5d10-4b32-8d2a-e88b9f3430a4 version: -1 name: Github-list-files description: Get list of files from the given path in the repository. @@ -1686,10 +1686,10 @@ tasks: quietmode: 0 "58": id: "58" - taskid: 1ba7464d-75b9-424d-8bed-fed85d789193 + taskid: 2e19596e-481b-4c16-81f3-79b462f53a42 type: condition task: - id: 1ba7464d-75b9-424d-8bed-fed85d789193 + id: 2e19596e-481b-4c16-81f3-79b462f53a42 version: -1 name: Verify Results - list files type: condition @@ -1736,10 +1736,10 @@ tasks: quietmode: 0 "59": id: "59" - taskid: c2f24e21-d0c1-4ada-8312-a86188fc0068 + taskid: df3183d8-bec4-4f44-8380-fba3eefc0439 type: regular task: - id: c2f24e21-d0c1-4ada-8312-a86188fc0068 + id: df3183d8-bec4-4f44-8380-fba3eefc0439 version: -1 name: GitHub-commit-file script: '|||Github-commit-file' @@ -1788,10 +1788,10 @@ tasks: quietmode: 0 "60": id: "60" - taskid: e14fcfdd-a81d-492e-803c-87f98f6d7195 + taskid: b3ba7060-35b9-43de-8540-9ec20c3f079a type: regular task: - id: e14fcfdd-a81d-492e-803c-87f98f6d7195 + id: b3ba7060-35b9-43de-8540-9ec20c3f079a version: -1 name: FileCreateAndUpload description: | @@ -1823,10 +1823,10 @@ tasks: quietmode: 0 "61": id: "61" - taskid: 18b0f18f-a74a-49da-82ba-65cd2c775f95 + taskid: 01b7fcc0-5e69-4fea-88c5-bef7fa44c01a type: regular task: - id: 18b0f18f-a74a-49da-82ba-65cd2c775f95 + id: 01b7fcc0-5e69-4fea-88c5-bef7fa44c01a version: -1 name: GitHub-create-release description: Create a release. @@ -1859,10 +1859,10 @@ tasks: quietmode: 0 "62": id: "62" - taskid: eec79563-cc28-49b2-830b-658dd43bacdd + taskid: ee434081-aae3-4441-891e-4bf50b44dcaf type: regular task: - id: eec79563-cc28-49b2-830b-658dd43bacdd + id: ee434081-aae3-4441-891e-4bf50b44dcaf version: -1 name: GitHub-Get-Issue-Events description: Returns events corresponding to the given issue. @@ -1895,10 +1895,10 @@ tasks: quietmode: 0 "63": id: "63" - taskid: a7258f37-2c18-415d-829f-3dc8b157c6d9 + taskid: a5414983-2683-4358-8874-6282ac147982 type: condition task: - id: a7258f37-2c18-415d-829f-3dc8b157c6d9 + id: a5414983-2683-4358-8874-6282ac147982 version: -1 name: Are Get Issue Events Outputs Valid type: condition @@ -1933,10 +1933,10 @@ tasks: quietmode: 0 "64": id: "64" - taskid: 9714d7a1-5884-48f6-827f-b058b41b4989 + taskid: fb489f9e-3abe-478d-8292-bd750970d6b0 type: regular task: - id: 9714d7a1-5884-48f6-827f-b058b41b4989 + id: fb489f9e-3abe-478d-8292-bd750970d6b0 version: -1 name: GitHub Get Path Data description: Gets the data of the a given path. @@ -1965,10 +1965,10 @@ tasks: quietmode: 0 "65": id: "65" - taskid: b1e24817-9267-4a8f-818a-4672ef738c43 + taskid: 2037ea7d-d459-46f2-848d-2af0672236fe type: condition task: - id: b1e24817-9267-4a8f-818a-4672ef738c43 + id: 2037ea7d-d459-46f2-848d-2af0672236fe version: -1 name: Were Get Path Data Outputs Valid type: condition @@ -1976,7 +1976,7 @@ tasks: brand: "" nexttasks: "yes": - - "15" + - "66" separatecontext: false conditions: - label: "yes" @@ -2001,12 +2001,83 @@ tasks: ignoreworker: false skipunavailable: false quietmode: 0 + "66": + id: "66" + taskid: f12854b4-8fbb-42cd-85b8-5ceb7b02ff1e + type: regular + task: + id: f12854b4-8fbb-42cd-85b8-5ceb7b02ff1e + version: -1 + name: GitHub Get Releases + description: Gets the data of the a given path. + script: '|||GitHub-releases-list' + type: regular + iscommand: true + brand: "" + nexttasks: + '#none#': + - "67" + scriptarguments: + limit: + simple: "2" + organization: + simple: demisto + repository: + simple: demisto-sdk + separatecontext: false + view: |- + { + "position": { + "x": 807.5, + "y": 5445 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "67": + id: "67" + taskid: 67cb6940-43a2-42e3-87af-52f4bd7c1f0c + type: condition + task: + id: 67cb6940-43a2-42e3-87af-52f4bd7c1f0c + version: -1 + name: Check Releases Outputs Exists + type: condition + iscommand: false + brand: "" + nexttasks: + "yes": + - "15" + separatecontext: false + conditions: + - label: "yes" + condition: + - - operator: isNotEmpty + left: + value: + simple: GitHub.Release.id + iscontext: true + view: |- + { + "position": { + "x": 807.5, + "y": 5620 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 view: |- { "linkLabelsPosition": {}, "paper": { "dimensions": { - "height": 5460, + "height": 5810, "width": 2427.5, "x": 50, "y": 50 diff --git a/Packs/GitHub/pack_metadata.json b/Packs/GitHub/pack_metadata.json index 92b88500bc20..4f3a2bc689e8 100644 --- a/Packs/GitHub/pack_metadata.json +++ b/Packs/GitHub/pack_metadata.json @@ -2,7 +2,7 @@ "name": "GitHub", "description": "Manage GitHub issues and pull requests directly from Cortex XSOAR", "support": "xsoar", - "currentVersion": "1.3.6", + "currentVersion": "1.3.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 28bcacbbce9ea64a816dc0635976409e4ae14be1 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 12:03:22 +0300 Subject: [PATCH 085/173] Added extra check since some eml files where still passing (#14600) * Added extra check since some eml files where still passing (#14545) * Added extra check since some eml files where still passing * - Update metadata - Add releasenotes Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> * update RN * update RN Co-authored-by: Steven Goossens Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> Co-authored-by: abaumgarten --- ...act_Indicators_From_File_-_Generic_v2_4_5.yml | 16 ++++++++++++++++ Packs/CommonPlaybooks/ReleaseNotes/2_0_4.md | 4 ++++ Packs/CommonPlaybooks/pack_metadata.json | 4 ++-- 3 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 Packs/CommonPlaybooks/ReleaseNotes/2_0_4.md diff --git a/Packs/CommonPlaybooks/Playbooks/playbook-Extract_Indicators_From_File_-_Generic_v2_4_5.yml b/Packs/CommonPlaybooks/Playbooks/playbook-Extract_Indicators_From_File_-_Generic_v2_4_5.yml index 134aebeecccd..d660e928a88f 100644 --- a/Packs/CommonPlaybooks/Playbooks/playbook-Extract_Indicators_From_File_-_Generic_v2_4_5.yml +++ b/Packs/CommonPlaybooks/Playbooks/playbook-Extract_Indicators_From_File_-_Generic_v2_4_5.yml @@ -301,6 +301,14 @@ tasks: value: simple: text/rtf ignorecase: true + - - operator: isNotEqualString + left: + value: + simple: File.Info + iscontext: true + right: + value: + simple: message/rfc822 accessor: EntryID transformers: - operator: uniq @@ -431,6 +439,14 @@ tasks: value: simple: text/rtf ignorecase: true + - - operator: isNotEqualString + left: + value: + simple: File.Info + iscontext: true + right: + value: + simple: message/rfc822 accessor: EntryID transformers: - operator: uniq diff --git a/Packs/CommonPlaybooks/ReleaseNotes/2_0_4.md b/Packs/CommonPlaybooks/ReleaseNotes/2_0_4.md new file mode 100644 index 000000000000..e506513a0bc5 --- /dev/null +++ b/Packs/CommonPlaybooks/ReleaseNotes/2_0_4.md @@ -0,0 +1,4 @@ + +#### Playbooks +##### Extract Indicators From File - Generic v2 +Added a condition to the **Is there a text-based file** task to verify that the string 'message/rfc822' is not contained within `File.Info`. \ No newline at end of file diff --git a/Packs/CommonPlaybooks/pack_metadata.json b/Packs/CommonPlaybooks/pack_metadata.json index 5877eb5b06d2..50c89e5155b6 100644 --- a/Packs/CommonPlaybooks/pack_metadata.json +++ b/Packs/CommonPlaybooks/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Playbooks", "description": "Frequently used playbooks pack.", "support": "xsoar", - "currentVersion": "2.0.3", + "currentVersion": "2.0.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", @@ -309,4 +309,4 @@ "display_name": "Rapid7 Nexpose" } } -} \ No newline at end of file +} From c827f2a8dc383b0d3161d4b87ab1480e38c00636 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 12:06:39 +0300 Subject: [PATCH 086/173] Update Docker Image To demisto/google-api-py3 (#14608) * Updated Metadata Of Pack GoogleCloudSCC * Added release notes to pack GoogleCloudSCC * Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml Docker image update --- .../Integrations/GoogleCloudSCC/GoogleCloudSCC.yml | 2 +- Packs/GoogleCloudSCC/ReleaseNotes/1_1_2.md | 3 +++ Packs/GoogleCloudSCC/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/GoogleCloudSCC/ReleaseNotes/1_1_2.md diff --git a/Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml b/Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml index a5fb3acdf7d2..1b08d0ed5d8d 100644 --- a/Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml +++ b/Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml @@ -763,7 +763,7 @@ script: description: Specifies the identities that do not cause logging for this type of permission. type: String - dockerimage: demisto/google-api-py3:1.0.0.23530 + dockerimage: demisto/google-api-py3:1.0.0.24037 feed: false isfetch: true longRunning: false diff --git a/Packs/GoogleCloudSCC/ReleaseNotes/1_1_2.md b/Packs/GoogleCloudSCC/ReleaseNotes/1_1_2.md new file mode 100644 index 000000000000..38a8015456ee --- /dev/null +++ b/Packs/GoogleCloudSCC/ReleaseNotes/1_1_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### Google Cloud SCC +- Updated the Docker image to: *demisto/google-api-py3:1.0.0.24037*. diff --git a/Packs/GoogleCloudSCC/pack_metadata.json b/Packs/GoogleCloudSCC/pack_metadata.json index 3610e57aa7f7..fb683263260c 100644 --- a/Packs/GoogleCloudSCC/pack_metadata.json +++ b/Packs/GoogleCloudSCC/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Google Cloud SCC", "description": "Take control of your security with this content pack! This pack provides a unified set of capabilities that enables you consistent and continuous organization-wide detection and response by leveraging the best of Google Cloud Security.", "support": "xsoar", - "currentVersion": "1.1.1", + "currentVersion": "1.1.2", "author": "GoogleCloudSCC", "url": "https://cloud.google.com/security-command-center", "email": "", From 67c059718f5ac56801867d8593e610be05b7b7c4 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 13:07:18 +0300 Subject: [PATCH 087/173] Update Docker Image To demisto/crypto (#14604) * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Added test to script yml Co-authored-by: sberman --- .../Integrations/AzureSQLManagement/AzureSQLManagement.yml | 2 +- Packs/AzureSQLManagement/ReleaseNotes/1_0_7.md | 3 +++ Packs/AzureSQLManagement/pack_metadata.json | 2 +- Packs/X509Certificate/ReleaseNotes/1_0_8.md | 4 ++++ .../Scripts/CertificateExtract/CertificateExtract.yml | 4 +++- Packs/X509Certificate/pack_metadata.json | 2 +- 6 files changed, 13 insertions(+), 4 deletions(-) create mode 100644 Packs/AzureSQLManagement/ReleaseNotes/1_0_7.md create mode 100644 Packs/X509Certificate/ReleaseNotes/1_0_8.md diff --git a/Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml b/Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml index b9d913e1b631..99a54e3b9178 100644 --- a/Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml +++ b/Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml @@ -609,7 +609,7 @@ script: - contextPath: AzureSQL.DBThreatPolicy.serverName description: The name of server that the threat policy is related to. type: String - dockerimage: demisto/crypto:1.0.0.23151 + dockerimage: demisto/crypto:1.0.0.24037 feed: false isfetch: false longRunning: false diff --git a/Packs/AzureSQLManagement/ReleaseNotes/1_0_7.md b/Packs/AzureSQLManagement/ReleaseNotes/1_0_7.md new file mode 100644 index 000000000000..fb323341c1c7 --- /dev/null +++ b/Packs/AzureSQLManagement/ReleaseNotes/1_0_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### Azure SQL Management (Beta) +- Updated the Docker image to: *demisto/crypto:1.0.0.24037*. diff --git a/Packs/AzureSQLManagement/pack_metadata.json b/Packs/AzureSQLManagement/pack_metadata.json index e0a4dbac0d9a..4f25fe78ecfe 100644 --- a/Packs/AzureSQLManagement/pack_metadata.json +++ b/Packs/AzureSQLManagement/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Azure SQL Management (Beta)", "description": "Microsoft Azure SQL Database is a managed cloud database provided as part of Microsoft Azure", "support": "xsoar", - "currentVersion": "1.0.6", + "currentVersion": "1.0.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/X509Certificate/ReleaseNotes/1_0_8.md b/Packs/X509Certificate/ReleaseNotes/1_0_8.md new file mode 100644 index 000000000000..ba33f93b9fca --- /dev/null +++ b/Packs/X509Certificate/ReleaseNotes/1_0_8.md @@ -0,0 +1,4 @@ + +#### Scripts +##### CertificateExtract +- Updated the Docker image to: *demisto/crypto:1.0.0.24037*. \ No newline at end of file diff --git a/Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml b/Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml index 29c48436ec4e..ef4f4eced238 100644 --- a/Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml +++ b/Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml @@ -137,5 +137,7 @@ tags: [] timeout: '0' type: python subtype: python3 -dockerimage: demisto/crypto:1.0.0.23151 +dockerimage: demisto/crypto:1.0.0.24037 fromversion: 6.0.0 +tests: + - X509Certificate Test Playbook diff --git a/Packs/X509Certificate/pack_metadata.json b/Packs/X509Certificate/pack_metadata.json index 6e1bce6aaa3d..08193f99aa94 100644 --- a/Packs/X509Certificate/pack_metadata.json +++ b/Packs/X509Certificate/pack_metadata.json @@ -2,7 +2,7 @@ "name": "X509Certificate", "description": "The X509 Certificate Content Packs provides additional capabilities for handling, parsing and validating X509 Certificates in Cortex XSOAR.", "support": "xsoar", - "currentVersion": "1.0.7", + "currentVersion": "1.0.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From ea4d0256bf233ef970b1078ab0eb50315f4606d7 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 14:18:14 +0300 Subject: [PATCH 088/173] Microsoft Teams bug fixes and improvements (#14548) * Microsoft Teams bug fixes and improvements (#14543) * Add support for full width * Add support for Informational threshold * Fix bug with auto_notifications * Update release notes * Change default for 'auto_notifications' to false * changed parameter to be disable instead of enable * Update readme * possible test fixes * lint fixes for severity to float Co-authored-by: tneeman * cr fixes * added microsoft teams TPB to conf json, although skipepd (for validation) Co-authored-by: Paul D <88715381+nb-pdragoi@users.noreply.github.com> Co-authored-by: tneeman --- .../MicrosoftTeams/MicrosoftTeams.py | 31 ++++++++++++------- .../MicrosoftTeams/MicrosoftTeams.yml | 7 +++-- .../MicrosoftTeams/MicrosoftTeams_test.py | 21 +++++++++++++ .../Integrations/MicrosoftTeams/README.md | 2 +- Packs/MicrosoftTeams/ReleaseNotes/1_1_17.md | 6 ++++ Packs/MicrosoftTeams/pack_metadata.json | 2 +- 6 files changed, 53 insertions(+), 16 deletions(-) create mode 100644 Packs/MicrosoftTeams/ReleaseNotes/1_1_17.md diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py index 2adb452953dd..3bba18e49907 100644 --- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py +++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py @@ -85,20 +85,21 @@ def error_parser(resp_err: requests.Response, api: str = 'graph') -> str: return resp_err.text -def translate_severity(severity: str) -> int: +def translate_severity(severity: str) -> float: """ Translates Demisto text severity to int severity :param severity: Demisto text severity :return: Demisto integer severity """ severity_dictionary = { - 'Unknown': 0, - 'Low': 1, - 'Medium': 2, - 'High': 3, - 'Critical': 4 + 'Unknown': 0.0, + 'Informational': 0.5, + 'Low': 1.0, + 'Medium': 2.0, + 'High': 3.0, + 'Critical': 4.0 } - return severity_dictionary.get(severity, 0) + return severity_dictionary.get(severity, 0.0) def create_incidents(demisto_user: dict, incidents: list) -> dict: @@ -253,6 +254,9 @@ def create_adaptive_card(body: list, actions: list = None) -> dict: '$schema': 'http://adaptivecards.io/schemas/adaptive-card.json', 'version': '1.0', 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'body': body } } @@ -1158,11 +1162,16 @@ def send_message(): or channel_name == INCIDENT_NOTIFICATIONS_CHANNEL: # Got a notification from server channel_name = demisto.params().get('incident_notifications_channel', 'General') - severity: int = int(demisto.args().get('severity')) - auto_notifications: bool = argToBoolean(demisto.params().get('auto_notifications') or True) + severity: float = float(demisto.args().get('severity')) - if auto_notifications: - severity_threshold: int = translate_severity(demisto.params().get('min_incident_severity', 'Low')) + # Adding disable and not enable because of adding new boolean parameter always defaults to false value in server + if (disable_auto_notifications := demisto.params().get('auto_notifications')) is not None: + disable_auto_notifications = argToBoolean(disable_auto_notifications) + else: + disable_auto_notifications = False + + if not disable_auto_notifications: + severity_threshold: float = translate_severity(demisto.params().get('min_incident_severity', 'Low')) if severity < severity_threshold: return else: diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml index 866a8f9a9194..b4fbb398351c 100644 --- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml +++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml @@ -33,19 +33,20 @@ configuration: name: min_incident_severity options: - Unknown + - Informational - Low - Medium - High - Critical required: false type: 15 -- additionalinfo: Whether to send or not automatic notifications to the configured notifications channel. - display: Automatic Notifications +- additionalinfo: Whether to disable automatic notifications to the configured notifications channel. + display: Disable Automatic Notifications hidden: false name: auto_notifications required: false type: 8 - defaultvalue: true + defaultvalue: false - display: Allow external users to create incidents via direct message name: allow_external_incidents_creation required: false diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py index 97e83b401d20..5d58cf2f43a5 100644 --- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py +++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py @@ -542,6 +542,9 @@ def test_send_message(mocker, requests_mock): 'type': 'TextBlock' }], 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'version': '1.0' }, 'contentType': 'application/vnd.microsoft.card.adaptive' @@ -996,6 +999,9 @@ def test_create_adaptive_card(): '$schema': 'http://adaptivecards.io/schemas/adaptive-card.json', 'version': '1.0', 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'body': body } } @@ -1023,6 +1029,9 @@ def test_process_tasks_list(): '$schema': 'http://adaptivecards.io/schemas/adaptive-card.json', 'version': '1.0', 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'body': [{ 'type': 'FactSet', 'facts': [ @@ -1065,6 +1074,9 @@ def test_process_incidents_list(): '$schema': 'http://adaptivecards.io/schemas/adaptive-card.json', 'version': '1.0', 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'body': [ { 'type': 'FactSet', @@ -1148,6 +1160,9 @@ def test_process_mirror_or_unknown_message(): '$schema': 'http://adaptivecards.io/schemas/adaptive-card.json', 'version': '1.0', 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'body': [{ 'type': 'TextBlock', 'text': 'I can understand the following commands:\n\nlist incidents [page x]\n\nlist my incidents [page' @@ -1258,6 +1273,9 @@ def test_update_message(requests_mock): 'content': { '$schema': 'http://adaptivecards.io/schemas/adaptive-card.json', 'version': '1.0', 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'body': [{ 'type': 'TextBlock', 'text': 'OMG!' }] @@ -1388,6 +1406,9 @@ def test_direct_message_handler(mocker, requests_mock): 'type': 'FactSet' }], 'type': 'AdaptiveCard', + 'msteams': { + 'width': 'Full' + }, 'version': '1.0' }, 'contentType': 'application/vnd.microsoft.card.adaptive' diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md index caf7746fc084..aa903bcdedbf 100644 --- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md +++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md @@ -163,7 +163,7 @@ Before you can create an instance of the Microsoft Teams integration in Cortex X | certificate | Certificate (Required for HTTPS) | False | | key | Private Key (Required for HTTPS) | False | | min_incident_severity | Minimum incident severity to send notifications to Teams by | False | -| auto_notifications | Whether to send or not automatic notifications to the configured notifications channel. Default is true | False | +| auto_notifications | Disable Automatic Notifications | False | | allow_external_incidents_creation | Allow external users to create incidents via direct message | False | | insecure | Trust any certificate (not secure) | False | | proxy | Use system proxy settings | False | diff --git a/Packs/MicrosoftTeams/ReleaseNotes/1_1_17.md b/Packs/MicrosoftTeams/ReleaseNotes/1_1_17.md new file mode 100644 index 000000000000..d084083ef627 --- /dev/null +++ b/Packs/MicrosoftTeams/ReleaseNotes/1_1_17.md @@ -0,0 +1,6 @@ + +#### Integrations +##### Microsoft Teams +- Added support for *Informational* severity level. +- Cards sent from the integration now span the entire width of the message in Microsoft Teams. +- Changed **Auto Notifications** parameter to **Disable Auto Notifications**. \ No newline at end of file diff --git a/Packs/MicrosoftTeams/pack_metadata.json b/Packs/MicrosoftTeams/pack_metadata.json index b3513b4d8c69..2d75339f9809 100644 --- a/Packs/MicrosoftTeams/pack_metadata.json +++ b/Packs/MicrosoftTeams/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Microsoft Teams", "description": "Send messages and notifications to your team members.", "support": "xsoar", - "currentVersion": "1.1.16", + "currentVersion": "1.1.17", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From f5c71da0442681bc07864d0f8c6774dfc28c2094 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 14:50:32 +0300 Subject: [PATCH 089/173] Update Docker Image To demisto/python3 (#14602) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated Metadata Of Pack CiscoESAIronPortEmailAPI * Added release notes to pack CiscoESAIronPortEmailAPI * Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml Docker image update * Updated Metadata Of Pack CiscoEmailSecurity * Added release notes to pack CiscoEmailSecurity * Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml Docker image update * Updated Metadata Of Pack Claroty * Added release notes to pack Claroty * Packs/Claroty/Integrations/Claroty/Claroty.yml Docker image update * Updated Metadata Of Pack CloudConvert * Added release notes to pack CloudConvert * Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml Docker image update * Added dbotscore outputs to yml and readme * Updated Metadata Of Pack APIVoid * Added release notes to pack APIVoid * Packs/APIVoid/Integrations/APIVoid/APIVoid.yml Docker image update * Updated Metadata Of Pack AlienVault_OTX * Added release notes to pack AlienVault_OTX * Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml Docker image update * Updated Metadata Of Pack Anomali_Enterprise * Added release notes to pack Anomali_Enterprise * Packs/Anomali_Enterprise/Integrations/Anomali_Enterprise/Anomali_Enterprise.yml Docker image update * Updated Metadata Of Pack AnsibleTower * Added release notes to pack AnsibleTower * Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update Co-authored-by: sberman --- Packs/APIVoid/Integrations/APIVoid/APIVoid.yml | 2 +- Packs/APIVoid/ReleaseNotes/1_0_5.md | 3 +++ Packs/APIVoid/pack_metadata.json | 2 +- .../Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml | 2 +- Packs/AlienVault_OTX/ReleaseNotes/1_1_7.md | 3 +++ Packs/AlienVault_OTX/pack_metadata.json | 2 +- .../Integrations/Anomali_Enterprise/Anomali_Enterprise.yml | 2 +- Packs/Anomali_Enterprise/ReleaseNotes/1_0_6.md | 3 +++ Packs/Anomali_Enterprise/pack_metadata.json | 2 +- Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml | 2 +- Packs/AnsibleTower/ReleaseNotes/1_0_6.md | 3 +++ Packs/AnsibleTower/pack_metadata.json | 2 +- Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml | 2 +- Packs/AutoFocus/ReleaseNotes/1_3_7.md | 3 +++ Packs/AutoFocus/pack_metadata.json | 2 +- 15 files changed, 25 insertions(+), 10 deletions(-) create mode 100644 Packs/APIVoid/ReleaseNotes/1_0_5.md create mode 100644 Packs/AlienVault_OTX/ReleaseNotes/1_1_7.md create mode 100644 Packs/Anomali_Enterprise/ReleaseNotes/1_0_6.md create mode 100644 Packs/AnsibleTower/ReleaseNotes/1_0_6.md create mode 100644 Packs/AutoFocus/ReleaseNotes/1_3_7.md diff --git a/Packs/APIVoid/Integrations/APIVoid/APIVoid.yml b/Packs/APIVoid/Integrations/APIVoid/APIVoid.yml index e15c0af335a7..23e0b421a758 100644 --- a/Packs/APIVoid/Integrations/APIVoid/APIVoid.yml +++ b/Packs/APIVoid/Integrations/APIVoid/APIVoid.yml @@ -1599,7 +1599,7 @@ script: description: '' type: boolean description: A smart API that accurately checks a website's trustworthiness. - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 runonce: false subtype: python3 fromversion: 5.0.0 diff --git a/Packs/APIVoid/ReleaseNotes/1_0_5.md b/Packs/APIVoid/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..e86e406e74ce --- /dev/null +++ b/Packs/APIVoid/ReleaseNotes/1_0_5.md @@ -0,0 +1,3 @@ +#### Integrations +##### APIVoid +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/APIVoid/pack_metadata.json b/Packs/APIVoid/pack_metadata.json index ea8927defd8c..985003722098 100644 --- a/Packs/APIVoid/pack_metadata.json +++ b/Packs/APIVoid/pack_metadata.json @@ -2,7 +2,7 @@ "name": "APIVoid", "description": "APIVoid wraps up a number of services such as ipvoid & urlvoid", "support": "xsoar", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml index d133e5a15d90..0bc4659ff7dc 100644 --- a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml +++ b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml @@ -612,7 +612,7 @@ script: - contextPath: URL.Relationships.EntityBType description: The type of the destination of the relationship. type: string - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 isfetch: false longRunning: false longRunningPort: false diff --git a/Packs/AlienVault_OTX/ReleaseNotes/1_1_7.md b/Packs/AlienVault_OTX/ReleaseNotes/1_1_7.md new file mode 100644 index 000000000000..55a03f63aa71 --- /dev/null +++ b/Packs/AlienVault_OTX/ReleaseNotes/1_1_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### AlienVault OTX v2 +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/AlienVault_OTX/pack_metadata.json b/Packs/AlienVault_OTX/pack_metadata.json index 0a2e176bca3b..9ec84ce15e42 100644 --- a/Packs/AlienVault_OTX/pack_metadata.json +++ b/Packs/AlienVault_OTX/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AlienVault OTX", "description": "Query Indicators of Compromise in AlienVault OTX.", "support": "xsoar", - "currentVersion": "1.1.6", + "currentVersion": "1.1.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Anomali_Enterprise/Integrations/Anomali_Enterprise/Anomali_Enterprise.yml b/Packs/Anomali_Enterprise/Integrations/Anomali_Enterprise/Anomali_Enterprise.yml index f642674c1d05..3bd80d8834df 100644 --- a/Packs/Anomali_Enterprise/Integrations/Anomali_Enterprise/Anomali_Enterprise.yml +++ b/Packs/Anomali_Enterprise/Integrations/Anomali_Enterprise/Anomali_Enterprise.yml @@ -176,7 +176,7 @@ script: - contextPath: Domain.Malicious.Description description: A description of the malicious domain. type: String - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: false longRunning: false diff --git a/Packs/Anomali_Enterprise/ReleaseNotes/1_0_6.md b/Packs/Anomali_Enterprise/ReleaseNotes/1_0_6.md new file mode 100644 index 000000000000..692e712960c1 --- /dev/null +++ b/Packs/Anomali_Enterprise/ReleaseNotes/1_0_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### Anomali Match +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/Anomali_Enterprise/pack_metadata.json b/Packs/Anomali_Enterprise/pack_metadata.json index d660011f4a5a..5b6751056429 100644 --- a/Packs/Anomali_Enterprise/pack_metadata.json +++ b/Packs/Anomali_Enterprise/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Anomali Enterprise", "description": "Use Anomali Match to query IOCs and conduct forensic searches.", "support": "xsoar", - "currentVersion": "1.0.5", + "currentVersion": "1.0.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml b/Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml index 8dcafe79f31d..e1407db98471 100644 --- a/Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml +++ b/Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml @@ -1466,7 +1466,7 @@ script: - contextPath: AnsibleAWX.AdhocCommand.become_enabled description: Whether the ad hoc command become enabled. type: Boolean - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: false longRunning: false diff --git a/Packs/AnsibleTower/ReleaseNotes/1_0_6.md b/Packs/AnsibleTower/ReleaseNotes/1_0_6.md new file mode 100644 index 000000000000..fb0e5698f0f7 --- /dev/null +++ b/Packs/AnsibleTower/ReleaseNotes/1_0_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### Ansible Tower +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/AnsibleTower/pack_metadata.json b/Packs/AnsibleTower/pack_metadata.json index 8854bdf8f8c9..52d75a494e32 100644 --- a/Packs/AnsibleTower/pack_metadata.json +++ b/Packs/AnsibleTower/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Ansible Tower", "description": "Scale IT automation, manage complex deployments and speed productivity.", "support": "xsoar", - "currentVersion": "1.0.5", + "currentVersion": "1.0.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml b/Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml index 808f1f0f66f9..05f6a401793d 100644 --- a/Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml +++ b/Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml @@ -140,7 +140,7 @@ script: description: Gets the indicators from AutoFocus. execution: false name: autofocus-get-indicators - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 feed: true isfetch: false longRunning: false diff --git a/Packs/AutoFocus/ReleaseNotes/1_3_7.md b/Packs/AutoFocus/ReleaseNotes/1_3_7.md new file mode 100644 index 000000000000..311bb654aab4 --- /dev/null +++ b/Packs/AutoFocus/ReleaseNotes/1_3_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### AutoFocus Feed +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/AutoFocus/pack_metadata.json b/Packs/AutoFocus/pack_metadata.json index b3c11953fe42..e4b839ab2ada 100644 --- a/Packs/AutoFocus/pack_metadata.json +++ b/Packs/AutoFocus/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AutoFocus", "description": "Use the Palo Alto Networks AutoFocus integration to distinguish the most\n important threats from everyday commodity attacks.", "support": "xsoar", - "currentVersion": "1.3.6", + "currentVersion": "1.3.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From bd7a97b9e27b94e911f5d52531e762512d8c4f05 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 14:56:06 +0300 Subject: [PATCH 090/173] Update FortiAuthenticator with fixes and enhancements (#14590) * Update FortiAuthenticator with fixes and enhancements (#14430) * Create 1.0.1.md release notes for updates. * Update README.md updated for additional command arguments * Update FortiAuthenticator.yml updated with additional arguments to existing commands * Update FortiAuthenticator.py code update for adding additional arguments to existing commands * Update pack_metadata.json * Update FortiAuthenticator.py * Update FortiAuthenticator.yml * Update FortiAuthenticator.py * Create 1_0_1.md * Delete 1.0.1.md * Update Packs/FortiAuthenticator/Integrations/FortiAuthenticator/README.md Co-authored-by: yuvalbenshalom * Update Packs/FortiAuthenticator/ReleaseNotes/1_0_1.md Co-authored-by: yuvalbenshalom * Apply suggestions from code review Changes per docs-review Co-authored-by: yuvalbenshalom Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * update docker version * update RN Co-authored-by: Jason Lo <85333433+jasonlo82@users.noreply.github.com> Co-authored-by: yuvalbenshalom Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> --- .../FortiAuthenticator/FortiAuthenticator.py | 66 ++++++++++++------- .../FortiAuthenticator/FortiAuthenticator.yml | 17 +++-- .../Integrations/FortiAuthenticator/README.md | 49 +++++++++----- .../FortiAuthenticator/ReleaseNotes/1_0_1.md | 5 ++ Packs/FortiAuthenticator/pack_metadata.json | 4 +- 5 files changed, 94 insertions(+), 47 deletions(-) create mode 100644 Packs/FortiAuthenticator/ReleaseNotes/1_0_1.md diff --git a/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.py b/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.py index 84adb0f9aaf9..3f4691191278 100644 --- a/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.py +++ b/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.py @@ -45,20 +45,24 @@ def test_module(): @logger def get_user_command(): user_context = [] - email = demisto.args().get('email') userType = demisto.args().get('user_type') - userItems = get_addresses_request(email, userType) + userItems = get_user_request(userType) if userItems: + user_context.append({ + 'id': userItems["objects"][0]["id"], 'username': userItems["objects"][0]["username"], 'email': userItems["objects"][0]["email"], 'active': userItems["objects"][0]["active"], - 'id': userItems["objects"][0]["id"] + 'token_auth': userItems["objects"][0]["token_auth"], + 'token_type': userItems["objects"][0]["token_type"], + 'token_serial': userItems["objects"][0]["token_serial"] }) markdown = 'FortiAuthenticator\n' - markdown += tableToMarkdown('FortiAuthenticator User Info', user_context, headers=['id', 'username', 'email', 'active']) + markdown += tableToMarkdown('FortiAuthenticator User Info', user_context, + headers=['id', 'username', 'email', 'active', 'token_auth', 'token_type', 'token_serial']) results = CommandResults( readable_output=markdown, outputs_prefix='FortiAuthenticator.user', @@ -68,18 +72,34 @@ def get_user_command(): return_results(results) else: markdown = 'No such user.\n' - results = CommandResults( - readable_output=markdown - ) + results = CommandResults(readable_output=markdown) return_results(results) @logger -def get_addresses_request(email, userType): - params = { - 'format': 'json', - 'email': email - } +def get_user_request(userType): + email = demisto.args().get('email') + username = demisto.args().get('username') + token_serial = demisto.args().get('token_serial') + + if email: + params = { + 'format': 'json', + 'email': email + } + elif username: + params = { + 'format': 'json', + 'username': username + } + elif token_serial: + params = { + 'format': 'json', + 'token_serial': token_serial + } + else: + return False + res = requests.get(BASE_URL + userType, params=params, auth=(USER_NAME, PASSWORD), verify=USE_SSL) tmp = res.json() if tmp['meta']['total_count'] == 0: @@ -91,32 +111,34 @@ def get_addresses_request(email, userType): @logger def update_user_command(): user_context = [] - email = demisto.args().get('email') active = demisto.args().get('active') userType = demisto.args().get('user_type') - userItems = get_addresses_request(email, userType) + userItems = get_user_request(userType) if userItems: - userID = str(userItems["objects"][0]["id"]) + userURI = str(userItems["objects"][0]["resource_uri"]) userDict = { "active": active } jsonData = json.dumps(userDict) - res = requests.patch(BASE_URL + 'localusers/' + userID + '/', data=jsonData, auth=(USER_NAME, PASSWORD), verify=USE_SSL) + res = requests.patch(SERVER + userURI, data=jsonData, auth=(USER_NAME, PASSWORD), verify=USE_SSL) if res.status_code == 202: user_context.append({ + 'id': userItems["objects"][0]["id"], 'username': userItems["objects"][0]["username"], 'email': userItems["objects"][0]["email"], 'active': active, - 'id': userItems["objects"][0]["id"] + 'token_auth': userItems["objects"][0]["token_auth"], + 'token_type': userItems["objects"][0]["token_type"], + 'token_serial': userItems["objects"][0]["token_serial"] }) markdown = 'FortiAuthenticator\n' markdown += tableToMarkdown('Updated FortiAuthenticator User Info', user_context, - headers=['id', 'username', 'email', 'active']) + headers=['id', 'username', 'email', 'active', 'token_auth', 'token_type', 'token_serial']) results = CommandResults( readable_output=markdown, outputs_prefix='FortiAuthenticator.user', @@ -124,13 +146,9 @@ def update_user_command(): outputs=user_context ) else: - results = CommandResults( - readable_output='Fail to update user.\n' - ) + results = CommandResults(readable_output='Fail to update user.\n') else: - results = CommandResults( - readable_output='No such user for update.\n' - ) + results = CommandResults(readable_output='No such user for update.\n') return_results(results) diff --git a/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.yml b/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.yml index 52437bc9c354..e428a5bd16a5 100644 --- a/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.yml +++ b/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/FortiAuthenticator.yml @@ -27,8 +27,6 @@ name: FortiAuthenticator script: commands: - arguments: - - name: email - description: The user's email that defined in the User Information on FortiAuthenticator. - auto: PREDEFINED defaultValue: localusers description: 'The user type: localusers (Local Users), ldapuser (Remote Users)' @@ -37,12 +35,15 @@ script: - localusers - ldapusers required: true + - name: email + description: The user's email that is defined in the User Information on FortiAuthenticator. + - name: username + description: The username that is defined in the User Information on FortiAuthenticator. + - name: token_serial + description: The serial no. of the assigned Token on FortiAuthenticator. name: fortiauthenticator-get-user description: Get the user details for specific user by email. - arguments: - - name: email - description: The user's email that defined in the User Information on FortiAuthenticator. - required: true - auto: PREDEFINED defaultValue: "true" description: 'Define user''s active status: false = Disabled, true = enabled' @@ -59,9 +60,13 @@ script: - localusers - ldapusers required: true + - name: email + description: The user's email that is defined in the User Information on FortiAuthenticator. + - name: username + description: The username that is defined in the User Information on FortiAuthenticator. name: fortiauthenticator-update-user description: Update the active status for specific user by email - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 runonce: false script: '' subtype: python3 diff --git a/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/README.md b/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/README.md index 572666f93973..cc0599fc318a 100644 --- a/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/README.md +++ b/Packs/FortiAuthenticator/Integrations/FortiAuthenticator/README.md @@ -44,17 +44,24 @@ After you successfully execute a command, a DBot message appears in the War Room #### Input | **Argument Name** | **Description** | **Required** | | --- | --- | --- | -| email | The user's email that defined in the User Information on FortiAuthenticator | Required | | user_type | The user type: localusers (Local Users), ldapuser (Remote Users) | Required | +| email | The user's email that is defined in the User Information on FortiAuthenticator | Optional | +| username | The username that is defined in the User Information on FortiAuthenticator | Optional | +| token_serial | The serial no. of the assigned Token on FortiAuthenticator | Optional | +- Note: You need either an email, username, or token_serial input in order for the command to work. #### Context Output | **Path** | **Type** | **Description** | | --- | --- | --- | | FortiAuthenticator.user | Unknown | The user information | -| FortiAuthenticator.user.active | Unknown | The user's active status (true = enabled, false = disabled) | -| FortiAuthenticator.user.email | Unknown | The user's email address | | FortiAuthenticator.user.id | Unknown | The user's id on FortiAuthenticator | | FortiAuthenticator.user.username | Unknown | The user's username | +| FortiAuthenticator.user.email | Unknown | The user's email address | +| FortiAuthenticator.user.active | Unknown | The user's active status (true = enabled, false = disabled) | +| FortiAuthenticator.user.token_auth | Unknown | The token auth status | +| FortiAuthenticator.user.token_type | Unknown | The token type | +| FortiAuthenticator.user.token_serial | Unknown | The token serial number | + #### Command Example ```!fortiauthenticator-get-user user_type=localusers email=test_user@example.com``` @@ -67,7 +74,11 @@ After you successfully execute a command, a DBot message appears in the War Room "active": "true", "email": "test_user@example.com", "id": "7", - "username: "test_user" + "username": "test_user", + "token_auth": "true", + "token_type": "ftm", + "token_serial": "FTKMOB123456789A" + } } } @@ -76,26 +87,31 @@ After you successfully execute a command, a DBot message appears in the War Room #### Human Readable Output ### FortiAuthenticator User Info -|id|username|email|active| -|---|---|---|---| -| 7 | test_user | test_user@example.com | true | +|id|username|email|active|token_auth|token_type|token_serial| +|---|---|---|---|---|---|---| +| 7 | test_user | test_user@example.com | true | true | ftm | FTKMOB123456789A | ### fortiauthenticator-update-user #### Input | **Argument Name** | **Description** | **Required** | | --- | --- | --- | -| email | The user's email that defined in the User Information on FortiAuthenticator | Required | | user_type | The user type: localusers (Local Users), ldapuser (Remote Users) | Required | +| email | The user's email that is defined in the User Information on FortiAuthenticator | Optional | +| username | The username that is defined in the User Information on FortiAuthenticator | Optional | | active | Define user's active status: false = Disabled, true = enabled | Required | +- Note: You need either an email or username input in order for the command to work. #### Context Output | **Path** | **Type** | **Description** | | --- | --- | --- | | FortiAuthenticator.user | Unknown | The user information | -| FortiAuthenticator.user.active | Unknown | The user's active status (true = enabled, false = disabled) | -| FortiAuthenticator.user.email | Unknown | The user's email address | | FortiAuthenticator.user.id | Unknown | The user's id on FortiAuthenticator | | FortiAuthenticator.user.username | Unknown | The user's username | +| FortiAuthenticator.user.email | Unknown | The user's email address | +| FortiAuthenticator.user.active | Unknown | The user's active status (true = enabled, false = disabled) | +| FortiAuthenticator.user.token_auth | Unknown | The token auth status | +| FortiAuthenticator.user.token_type | Unknown | The token type | +| FortiAuthenticator.user.token_serial | Unknown | The token serial number | #### Command Example ```!fortiauthenticator-update-user active=false user_type=localusers email=test_user@example.com``` @@ -108,7 +124,10 @@ After you successfully execute a command, a DBot message appears in the War Room "active": "false", "email": "test_user@example.com", "id": "7", - "username: "test_user" + "username": "test_user", + "token_auth": "true", + "token_type": "ftm", + "token_auth": "FTKMOB123456789A" } } } @@ -116,10 +135,10 @@ After you successfully execute a command, a DBot message appears in the War Room #### Human Readable Output -### FortiAuthenticator User Info -|id|username|email|active| -|---|---|---|---| -| 7 | test_user | test_user@example.com | false | +### Updated FortiAuthenticator User Info +|id|username|email|active|token_auth|token_type|token_serial| +|---|---|---|---|---|---|---| +| 7 | test_user | test_user@example.com | false | true | ftm | FTKMOB123456789A | diff --git a/Packs/FortiAuthenticator/ReleaseNotes/1_0_1.md b/Packs/FortiAuthenticator/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..80b880445b98 --- /dev/null +++ b/Packs/FortiAuthenticator/ReleaseNotes/1_0_1.md @@ -0,0 +1,5 @@ +#### Integrations +##### FortiAuthenticator +- Fixed an issue where the ***fortiauthenticator-get-user*** command failed on LDAP user searches. +- Added the arguments **username* and **token_serial** to the following commands: ***fortiauthenticator-update-user*** and ***fortiauthenticator-update-user***. +- Upgraded the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/FortiAuthenticator/pack_metadata.json b/Packs/FortiAuthenticator/pack_metadata.json index a33d4da3ad5f..ca5ae8de8f16 100644 --- a/Packs/FortiAuthenticator/pack_metadata.json +++ b/Packs/FortiAuthenticator/pack_metadata.json @@ -2,11 +2,11 @@ "name": "FortiAuthenticator", "description": "Manage user configuration on FortiAuthenticator.", "support": "community", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "Jason Lo", "url": "", "email": "", - "created": "2021-07-29T15:11:11Z", + "created": "2021-08-19T18:20:50Z", "categories": [ "Authentication" ], From cdd4e89cab7cdd64525fe50f6d525329bfc42ec3 Mon Sep 17 00:00:00 2001 From: tomneeman151293 <70005542+tomneeman151293@users.noreply.github.com> Date: Tue, 31 Aug 2021 15:00:22 +0300 Subject: [PATCH 091/173] add hello world test (#14611) --- Tests/conf.json | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Tests/conf.json b/Tests/conf.json index 9d8dc5c572e8..e06d089afb6b 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -528,6 +528,11 @@ "fromversion": "5.0.0", "timeout": 400 }, + { + "integrations": "HelloWorldPremium", + "playbookID": "HelloWorldPremium-Test", + "fromversion": "5.0.0" + }, { "integrations": "ThreatQ v2", "playbookID": "ThreatQ - Test", @@ -4880,7 +4885,8 @@ "Create-Mock-Feed-Relationships" ], "private_tests": [ - "HelloWorldPremium_Scan-Test" + "HelloWorldPremium_Scan-Test", + "HelloWorldPremium-Test" ], "docker_thresholds": { "_comment": "Add here docker images which are specific to an integration and require a non-default threshold (such as rasterize or ews). That way there is no need to define this multiple times. You can specify full image name with version or without.", From d57cdc67586b382f3d7892cbe9928f46d4860f86 Mon Sep 17 00:00:00 2001 From: Guy Freund <53565845+guyfreund@users.noreply.github.com> Date: Tue, 31 Aug 2021 16:47:16 +0300 Subject: [PATCH 092/173] remove ownership (#14614) --- .github/CODEOWNERS | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index a6fc7fadfd79..18265e9313e3 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -4,20 +4,20 @@ /Tests/Marketplace/landingPage_sections.json @demisto/content-leaders @michalgold # Marketplace & Upload-Flow -/Tests/Marketplace/upload_git_snapshot.py @guyfreund @Noy-Maimon -/Tests/Marketplace/install_packs.sh @guyfreund @Noy-Maimon -/Tests/Marketplace/configure_and_install_packs.py @guyfreund @Noy-Maimon -/Tests/Marketplace/copy_and_upload_packs.py @guyfreund @Noy-Maimon -/Tests/Marketplace/marketplace_services.py @guyfreund @Noy-Maimon -/Tests/Marketplace/marketplace_statistics.py @guyfreund @Noy-Maimon -/Tests/Marketplace/marketplace_constants.py @guyfreund @Noy-Maimon -/Tests/Marketplace/zip_packs.py @guyfreund @Noy-Maimon -/Tests/Marketplace/upload_packs.py @guyfreund @Noy-Maimon -/Tests/Marketplace/packs_dependencies.py @guyfreund @Noy-Maimon -/Tests/Marketplace/search_and_install_packs.py @guyfreund @Noy-Maimon -/Tests/scripts/prepare_content_packs_for_testing.sh @guyfreund @Noy-Maimon -/Utils/trigger_test_upload_flow.sh @guyfreund @Noy-Maimon -/Utils/trigger_upload_packs_to_production.sh @guyfreund @Noy-Maimon +/Tests/Marketplace/upload_git_snapshot.py @Noy-Maimon +/Tests/Marketplace/install_packs.sh @Noy-Maimon +/Tests/Marketplace/configure_and_install_packs.py @Noy-Maimon +/Tests/Marketplace/copy_and_upload_packs.py @Noy-Maimon +/Tests/Marketplace/marketplace_services.py @Noy-Maimon +/Tests/Marketplace/marketplace_statistics.py @Noy-Maimon +/Tests/Marketplace/marketplace_constants.py @Noy-Maimon +/Tests/Marketplace/zip_packs.py @Noy-Maimon +/Tests/Marketplace/upload_packs.py @Noy-Maimon +/Tests/Marketplace/packs_dependencies.py @Noy-Maimon +/Tests/Marketplace/search_and_install_packs.py @Noy-Maimon +/Tests/scripts/prepare_content_packs_for_testing.sh @Noy-Maimon +/Utils/trigger_test_upload_flow.sh @Noy-Maimon +/Utils/trigger_upload_packs_to_production.sh @Noy-Maimon # Important Integrations /Packs/Jira/Integrations/JiraV2/* @demisto/content-leaders From 2acfc1f0182e8a5293d8cfd6a6567a319fbc1832 Mon Sep 17 00:00:00 2001 From: Guy Freund <53565845+guyfreund@users.noreply.github.com> Date: Tue, 31 Aug 2021 16:47:33 +0300 Subject: [PATCH 093/173] ironbank enhancements to GitLab integration (#14376) * ironbank enhancements to gitlab integration * cr fixes * changed 'in' arg name to 'scope' --- Packs/DevSecOps/Integrations/GitLab/GitLab.py | 274 ++- .../DevSecOps/Integrations/GitLab/GitLab.yml | 488 ++++- .../Integrations/GitLab/GitLab_test.py | 24 +- Packs/DevSecOps/Integrations/GitLab/README.md | 860 +++++++++ .../Integrations/GitLab/command_examples | 9 +- .../GitLab/test_data/commands_test_data.json | 1600 ++++++++++++++--- Packs/DevSecOps/ReleaseNotes/1_0_2.md | 12 + Packs/DevSecOps/pack_metadata.json | 2 +- 8 files changed, 2965 insertions(+), 304 deletions(-) create mode 100644 Packs/DevSecOps/ReleaseNotes/1_0_2.md diff --git a/Packs/DevSecOps/Integrations/GitLab/GitLab.py b/Packs/DevSecOps/Integrations/GitLab/GitLab.py index 3809295bcbd2..b384afbf1633 100644 --- a/Packs/DevSecOps/Integrations/GitLab/GitLab.py +++ b/Packs/DevSecOps/Integrations/GitLab/GitLab.py @@ -3,7 +3,7 @@ from CommonServerPython import * JOB_FIELDS_TO_EXTRACT = {'created_at', 'started_at', 'finished_at', 'duration', 'id', 'name', 'pipeline', 'ref', - 'stage', 'web_url'} + 'stage', 'web_url', 'status'} PIPELINE_SCHEDULE_FIELDS_TO_EXTRACT = {'id', 'description', 'ref', 'next_run_at', 'active', 'created_at', 'updated_at', 'last_pipeline'} PIPELINE_FIELDS_TO_EXTRACT = {'id', 'project_id', 'status', 'ref', 'sha', 'created_at', 'updated_at', 'started_at', @@ -115,6 +115,75 @@ def get_job_artifact_request(self, project_id: str, job_id: str, artifact_path_s response = self._http_request('get', suffix, headers=headers, resp_type='text') return response + def get_merge_requests_list_request(self, project_id: str, state: str, target_branch: str): + headers = self._headers + suffix = f'projects/{project_id}/merge_requests' + params = assign_params( + state=state, + target_branch=target_branch, + per_page=100 + ) + response = self._http_request('get', suffix, headers=headers, params=params) + return response + + def get_merge_request_request(self, project_id: str, merge_request_iid: str): + headers = self._headers + suffix = f'projects/{project_id}/merge_requests/{merge_request_iid}' + response = self._http_request('get', suffix, headers=headers) + return response + + def get_issues_list_request(self, project_id: str, labels: str, state: str, search: str, scope: str, + assignee_username: str): + headers = self._headers + suffix = f'projects/{project_id}/issues' + params = assign_params( + assignee_username=assignee_username, + state=state, + labels=labels, + search=search, + per_page=100 + ) + params['in'] = scope + response = self._http_request('get', suffix, headers=headers, params=params) + return response + + def create_issue_request(self, project_id: str, labels: str, title: str, description: str): + headers = self._headers + suffix = f'projects/{project_id}/issues' + params = assign_params( + labels=labels, + title=title, + description=description + ) + response = self._http_request('post', suffix, headers=headers, params=params) + return response + + def edit_issue_request(self, project_id: str, issue_id: str, add_labels: str, description: str, remove_labels: str): + headers = self._headers + suffix = f'projects/{project_id}/issues/{issue_id}' + params = assign_params( + description=description, + add_labels=add_labels, + remove_labels=remove_labels + ) + response = self._http_request('put', suffix, headers=headers, params=params) + return response + + def group_projects_list_request(self, group_id: str): + headers = self._headers + suffix = f'groups/{group_id}/projects' + params = {'per_page': 100} + response = self._http_request('get', suffix, headers=headers, params=params) + return response + + def get_raw_file_request(self, project_id: str, file_path: str, ref: str): + headers = self._headers + suffix = f'projects/{project_id}/repository/files/{file_path}/raw' + params = {'ref': ref} + response = self._http_request('get', suffix, headers=headers, params=params, resp_type='text') + response = response.strip("'").strip('"') + return response + def get_projects_command(client, args): repository_storage = str(args.get('repository_storage', '')) @@ -396,6 +465,200 @@ def gitlab_artifact_get_command(client: Client, args: Dict[str, Any]) -> Command ) +def gitlab_merge_requests_list_command(client: Client, args: Dict[str, Any]) -> CommandResults: + """ + Returns a list of merge requests. + Args: + client (Client): Client to perform calls to GitLab services. + args (Dict[str, Any]): XSOAR arguments: + - 'project_id' (Required): Project ID to retrieve merge requests from. + - 'state': The state of the merge request. + - 'target_branch': The target branch of the merge request. + + Returns: + (CommandResults). + """ + project_id = args.get('project_id', '') + state = args.get('state', '') + target_branch = args.get('target_branch', '') + response = client.get_merge_requests_list_request(project_id, state, target_branch) + human_readable = tableToMarkdown(f'Merge Request Lists to branch {target_branch} in state {state}', response) + return CommandResults( + outputs_prefix='GitLab.MergeRequest', + outputs_key_field=['iid', 'project_id'], + readable_output=human_readable, + outputs=response, + raw_response=response + ) + + +def gitlab_get_merge_request_command(client: Client, args: Dict[str, Any]) -> CommandResults: + """ + Returns a merge request. + Args: + client (Client): Client to perform calls to GitLab services. + args (Dict[str, Any]): XSOAR arguments: + - 'project_id' (Required): Project ID to retrieve merge requests from. + - 'merge_request_iid': The merge request IID. + + Returns: + (CommandResults). + """ + project_id = args.get('project_id', '') + merge_request_iid = args.get('merge_request_iid', '') + response = client.get_merge_request_request(project_id, merge_request_iid) + human_readable = tableToMarkdown(f'Merge Request {merge_request_iid}', response) + return CommandResults( + outputs_prefix='GitLab.MergeRequest', + outputs_key_field=['iid', 'project_id'], + readable_output=human_readable, + outputs=response, + raw_response=response + ) + + +def gitlab_issues_list_command(client: Client, args: Dict[str, Any]) -> CommandResults: + """ + Returns a list of issues. + Args: + client (Client): Client to perform calls to GitLab services. + args (Dict[str, Any]): XSOAR arguments: + - 'project_id' (Required): Project ID to retrieve issues from. + - 'state': The state of the issue. + - 'labels': Retrieve only issues with the given labels. + - 'assignee_username': Retrieve issues by assignee username. + + Returns: + (CommandResults). + """ + project_id = args.get('project_id', '') + labels = args.get('labels', '') + state = args.get('state', '') + assignee_username = args.get('assignee_username', '') + search = args.get('search', '') + scope = args.get('scope', '') + response = client.get_issues_list_request(project_id, labels, state, search, scope, assignee_username) + human_readable = tableToMarkdown('Issues Lists', response) + return CommandResults( + outputs_prefix='GitLab.Issue', + outputs_key_field=['iid', 'project_id'], + readable_output=human_readable, + outputs=response, + raw_response=response + ) + + +def gitlab_create_issue_command(client: Client, args: Dict[str, Any]) -> CommandResults: + """ + Creates an issue. + Args: + client (Client): Client to perform calls to GitLab services. + args (Dict[str, Any]): XSOAR arguments: + - 'project_id' (Required): Project ID to retrieve issues from. + - 'state': The state of the issue. + - 'labels': Retrieve only issues with the given labels. + - 'assignee_username': Retrieve issues by assignee username. + + Returns: + (CommandResults). + """ + project_id = args.get('project_id', '') + labels = args.get('labels', '') + title = args.get('title', '') + description = args.get('description', '') + response = client.create_issue_request(project_id, labels, title, description) + human_readable = tableToMarkdown('Create Issue', response) + return CommandResults( + outputs_prefix='GitLab.Issue', + outputs_key_field=['iid', 'project_id'], + readable_output=human_readable, + outputs=response, + raw_response=response + ) + + +def gitlab_edit_issue_command(client: Client, args: Dict[str, Any]) -> CommandResults: + """ + Returns a list of merge requests. + Args: + client (Client): Client to perform calls to GitLab services. + args (Dict[str, Any]): XSOAR arguments: + - 'project_id' (Required): Project ID to retrieve the issue from. + - 'issue_id' (Required): The issue ID. + - 'add_labels': The labels to add to the issue. + - 'remove_labels': The labels to remove from the issue. + - 'description': The description of the issue. + + Returns: + (CommandResults). + """ + project_id = args.get('project_id', '') + issue_id = args.get('issue_id', '') + add_labels = args.get('add_labels', '') + remove_labels = args.get('remove_labels', '') + description = args.get('description', '') + response = client.edit_issue_request(project_id, issue_id, add_labels, description, remove_labels) + human_readable = tableToMarkdown(f'Edit Issue {issue_id}', response) + return CommandResults( + outputs_prefix='GitLab.Issue', + outputs_key_field=['iid', 'project_id'], + readable_output=human_readable, + outputs=response, + raw_response=response + ) + + +def gitlab_group_projects_list_command(client: Client, args: Dict[str, Any]) -> CommandResults: + """ + Returns a list of projects within a group. + Args: + client (Client): Client to perform calls to GitLab services. + args (Dict[str, Any]): XSOAR arguments: + - 'group_id' (Required): group ID to retrieve the projects from. + + Returns: + (CommandResults). + """ + group_id = args.get('group_id', '') + response = client.group_projects_list_request(group_id) + human_readable = tableToMarkdown('List Group Projects', response) + return CommandResults( + outputs_prefix='GitLab.Project', + outputs_key_field=['path_with_namespace', 'id'], + readable_output=human_readable, + outputs=response, + raw_response=response + ) + + +def gitlab_get_raw_file_command(client: Client, args: Dict[str, Any]) -> CommandResults: + """ + Returns the content of a given file. + Args: + client (Client): Client to perform calls to GitLab services. + args (Dict[str, Any]): XSOAR arguments: + - 'project_id' (Required): Project ID to get the file from. + - 'file_path' (Required): The file path. + - 'ref' (Required): The branch to retrieve the file from. + + Returns: + (CommandResults). + """ + project_id = args.get('project_id', '') + ref = args.get('ref', '') + file_path = args.get('file_path', '') + response = client.get_raw_file_request(project_id, file_path, ref) + outputs = {'path': file_path, 'content': response, 'ref': ref} + human_readable = tableToMarkdown(f'Raw file {file_path} on branch {ref}', outputs) + return CommandResults( + outputs_prefix='GitLab.File', + outputs_key_field=['path', 'ref'], + readable_output=human_readable, + outputs=outputs, + raw_response=response + ) + + def test_module(client): # Test functions here response = client.get_version_request() @@ -434,7 +697,14 @@ def main(): 'gitlab-pipelines-schedules-list': gitlab_pipelines_schedules_list_command, 'gitlab-pipelines-list': gitlab_pipelines_list_command, 'gitlab-jobs-list': gitlab_jobs_list_command, - 'gitlab-artifact-get': gitlab_artifact_get_command + 'gitlab-artifact-get': gitlab_artifact_get_command, + 'gitlab-merge-requests-list': gitlab_merge_requests_list_command, + 'gitlab-merge-request-get': gitlab_get_merge_request_command, + 'gitlab-issues-list': gitlab_issues_list_command, + 'gitlab-issue-create': gitlab_create_issue_command, + 'gitlab-issue-edit': gitlab_edit_issue_command, + 'gitlab-group-projects-list': gitlab_group_projects_list_command, + 'gitlab-raw-file-get': gitlab_get_raw_file_command } if command == 'test-module': diff --git a/Packs/DevSecOps/Integrations/GitLab/GitLab.yml b/Packs/DevSecOps/Integrations/GitLab/GitLab.yml index c1d199dfe55c..a87a09fac17f 100644 --- a/Packs/DevSecOps/Integrations/GitLab/GitLab.yml +++ b/Packs/DevSecOps/Integrations/GitLab/GitLab.yml @@ -34,7 +34,8 @@ script: required: false secret: false - default: false - description: Limits the results to projects with last_activity before a specified time. + description: Limits the results to projects with last_activity before a specified + time. isArray: false name: last_activity_before required: false @@ -46,8 +47,8 @@ script: required: false secret: false - default: false - description: Returns only limited fields for each project. This is a no operation without - authentication as only simple fields are returned. + description: Returns only limited fields for each project. This is a no operation + without authentication as only simple fields are returned. isArray: false name: simple required: false @@ -83,13 +84,15 @@ script: required: false secret: false - default: false - description: Limits the results to projects with IDs that are less than the specified ID. + description: Limits the results to projects with IDs that are less than the + specified ID. isArray: false name: id_before required: false secret: false - default: false - description: Limits the results to projects with last_activity after a specified time. + description: Limits the results to projects with last_activity after a specified + time. isArray: false name: last_activity_after required: false @@ -101,7 +104,8 @@ script: required: false secret: false - default: false - description: Limits the results to projects with IDs greater than the specified ID. + description: Limits the results to projects with IDs greater than the specified + ID. isArray: false name: id_after required: false @@ -133,7 +137,8 @@ script: required: false secret: false - default: false - description: Includes the custom attributes in the response (administrators only). + description: Includes the custom attributes in the response (administrators + only). isArray: false name: with_custom_attributes required: false @@ -183,14 +188,15 @@ script: type: Unknown - arguments: - default: false - description: The ID or URL encoded path of the project that is owned by the authenticated - user. + description: The ID or URL encoded path of the project that is owned by the + authenticated user. isArray: false name: id required: true secret: false deprecated: false - description: Gets a list of the access requests viewable by the authenticated user. + description: Gets a list of the access requests viewable by the authenticated + user. execution: false name: gitlab-projects-get-access-requests outputs: @@ -208,8 +214,8 @@ script: type: Unknown - arguments: - default: false - description: The ID or URL encoded path of the project that is owned by the authenticated - user. + description: The ID or URL encoded path of the project that is owned by the + authenticated user. isArray: false name: id required: true @@ -270,8 +276,8 @@ script: type: Unknown - arguments: - default: false - description: The ID or URL encoded path of the project that is owned by the authenticated - user. + description: The ID or URL encoded path of the project that is owned by the + authenticated user. isArray: false name: id required: true @@ -295,21 +301,22 @@ script: type: Unknown - arguments: - default: false - description: The ID or URL encoded path of the project that is owned by the authenticated - user. + description: The ID or URL encoded path of the project that is owned by the + authenticated user. isArray: false name: id required: true secret: false - default: false - description: Returns a list of branches containing the search string. You can use - ^term and term$ to find branches that begin and end with term, respectively. + description: Returns a list of branches containing the search string. You can + use ^term and term$ to find branches that begin and end with term, respectively. isArray: false name: search required: false secret: false deprecated: false - description: Gets a list of repository branches from a project, sorted by name alphabetically. + description: Gets a list of repository branches from a project, sorted by name + alphabetically. execution: false name: gitlab-projects-get-repository-branches outputs: @@ -324,8 +331,8 @@ script: type: Unknown - arguments: - default: false - description: The ID or URL encoded path of the project that is owned by the authenticated - user. + description: The ID or URL encoded path of the project that is owned by the + authenticated user. isArray: false name: id required: true @@ -358,8 +365,8 @@ script: type: Unknown - arguments: - default: false - description: The ID or URL encoded path of the project that is owned by the authenticated - user. + description: The ID or URL encoded path of the project that is owned by the + authenticated user. isArray: false name: id required: true @@ -376,8 +383,8 @@ script: name: gitlab-projects-delete-repository-branch - arguments: - default: false - description: The ID or URL encoded path of the project that is owned by the authenticated - user. + description: The ID or URL encoded path of the project that is owned by the + authenticated user. isArray: false name: id required: true @@ -387,8 +394,8 @@ script: execution: false name: gitlab-projects-delete-repository-merged-branches - deprecated: false - description: Retrieves the version information for the GitLab instance, and responds 200 - OK for authenticated users. + description: Retrieves the version information for the GitLab instance, and responds + 200 OK for authenticated users. execution: false name: gitlab-get-version outputs: @@ -406,7 +413,8 @@ script: required: true secret: false - default: false - description: ID of the specific pipeline schedule from which to retrieve its details. + description: ID of the specific pipeline schedule from which to retrieve its + details. isArray: false name: pipeline_schedule_id required: false @@ -478,17 +486,17 @@ script: isArray: false name: status predefined: - - 'created' - - 'waiting_for_resource' - - 'preparing' - - 'pending' - - 'running' - - 'success' - - 'failed' - - 'canceled' - - 'skipped' - - 'manual' - - 'scheduled' + - 'created' + - 'waiting_for_resource' + - 'preparing' + - 'pending' + - 'running' + - 'success' + - 'failed' + - 'canceled' + - 'skipped' + - 'manual' + - 'scheduled' required: false secret: false deprecated: false @@ -566,6 +574,9 @@ script: execution: false name: gitlab-jobs-list outputs: + - contextPath: GitLab.Job.status + description: The status of the job. + type: String - contextPath: GitLab.Job.created_at description: Time the job was created. type: Date @@ -628,7 +639,8 @@ script: required: true secret: false deprecated: false - description: Gets an artifact from a given artifact path, corresponding to a given job ID. + description: Gets an artifact from a given artifact path, corresponding to a given + job ID. execution: false name: gitlab-artifact-get outputs: @@ -641,7 +653,401 @@ script: - contextPath: GitLab.Artifact.artifact_data description: Data of the artifact requested. type: String - dockerimage: demisto/python3:3.9.5.21272 + - arguments: + - defaultValue: master + name: target_branch + description: The target branch of the Merge Request. + - auto: PREDEFINED + defaultValue: opened + name: state + description: The state of the Merge Request. + predefined: + - opened + - closed + - locked + - merged + - default: false + description: Project ID from which to retrieve the Merge Requests. + isArray: false + name: project_id + required: true + secret: false + description: List all merge requests + name: gitlab-merge-requests-list + outputs: + - contextPath: GitLab.MergeRequest.id + description: The merge request ID. + type: Number + - contextPath: GitLab.MergeRequest.iid + description: The merge request IID. + type: Number + - contextPath: GitLab.MergeRequest.project_id + description: The project ID of the merge request. + type: Number + - contextPath: GitLab.MergeRequest.title + description: The merge request title. + type: String + - contextPath: GitLab.MergeRequest.description + description: The merge request description + type: String + - contextPath: GitLab.MergeRequest.state + description: The merge request state. + type: String + - contextPath: GitLab.MergeRequest.created_at + description: The time the merge request was created. + type: Date + - contextPath: GitLab.MergeRequest.updated_at + description: The time the merge request was updated. + type: Date + - contextPath: GitLab.MergeRequest.merged_at + description: The time the merge request was merged. + type: Date + - contextPath: GitLab.MergeRequest.closed_by + description: The user who closed the merge request. + type: String + - contextPath: GitLab.MergeRequest.closed_at + description: The time the merge request was closed. + type: Date + - contextPath: GitLab.MergeRequest.target_branch + description: The merge request target branch. + type: String + - contextPath: GitLab.MergeRequest.source_branch + description: The merge request source branch. + type: String + - contextPath: GitLab.MergeRequest.assignee + description: The merge request assignee. + type: String + - contextPath: GitLab.MergeRequest.sha + description: The merge request commit SHA. + type: String + - contextPath: GitLab.MergeRequest.merge_commit_sha + description: The merge request merge commit SHA. + type: String + - contextPath: GitLab.MergeRequest.squash_commit_sha + description: The merge request squash commit SHA. + type: String + - arguments: + - default: false + description: Project ID from which to retrieve the Merge Requests. + isArray: false + name: project_id + required: true + secret: false + - default: false + description: Merge Request IID. + isArray: false + name: merge_request_iid + required: true + secret: false + description: Get a Merge Request + name: gitlab-merge-request-get + outputs: + - contextPath: GitLab.MergeRequest.id + description: The merge request ID. + type: Number + - contextPath: GitLab.MergeRequest.iid + description: The merge request IID. + type: Number + - contextPath: GitLab.MergeRequest.project_id + description: The project ID of the merge request. + type: Number + - contextPath: GitLab.MergeRequest.title + description: The merge request title. + type: String + - contextPath: GitLab.MergeRequest.description + description: The merge request description + type: String + - contextPath: GitLab.MergeRequest.state + description: The merge request state. + type: String + - contextPath: GitLab.MergeRequest.created_at + description: The time the merge request was created. + type: Date + - contextPath: GitLab.MergeRequest.updated_at + description: The time the merge request was updated. + type: Date + - contextPath: GitLab.MergeRequest.merged_at + description: The time the merge request was merged. + type: Date + - contextPath: GitLab.MergeRequest.closed_by + description: The user who closed the merge request. + type: String + - contextPath: GitLab.MergeRequest.closed_at + description: The time the merge request was closed. + type: Date + - contextPath: GitLab.MergeRequest.target_branch + description: The merge request target branch. + type: String + - contextPath: GitLab.MergeRequest.source_branch + description: The merge request source branch. + type: String + - contextPath: GitLab.MergeRequest.assignee + description: The merge request assignee. + type: String + - contextPath: GitLab.MergeRequest.sha + description: The merge request commit SHA. + type: String + - contextPath: GitLab.MergeRequest.merge_commit_sha + description: The merge request merge commit SHA. + type: String + - contextPath: GitLab.MergeRequest.squash_commit_sha + description: The merge request squash commit SHA. + type: String + - arguments: + - name: labels + description: Comma seperated values of labels to search issues by. + - name: scope + defaultValue: title,description + description: On what scope to perform the search on. + predefined: + - title + - description + - title,description + auto: PREDEFINED + - name: search + description: The search clause. + - auto: PREDEFINED + defaultValue: all + name: state + description: The state of the issue. + predefined: + - opened + - closed + - all + - default: false + description: Project ID from which to retrieve the Merge Requests. + isArray: false + name: project_id + required: true + secret: false + - name: assignee_username + description: filter by assignee username + description: List all issues + name: gitlab-issues-list + outputs: + - contextPath: GitLab.Issue.id + description: The issue ID. + type: Number + - contextPath: GitLab.Issue.iid + description: The issue IID. + type: Number + - contextPath: GitLab.Issue.project_id + description: The project ID of the issue. + type: Number + - contextPath: GitLab.Issue.title + description: The issue title. + type: String + - contextPath: GitLab.Issue.description + description: The issue description. + type: String + - contextPath: GitLab.Issue.state + description: The issue state. + type: String + - contextPath: GitLab.Issue.created_at + description: The time the issue was created. + type: Date + - contextPath: GitLab.Issue.updated_at + description: The time the issue was updated. + type: Date + - contextPath: GitLab.Issue.closed_at + description: The time the issue was closed. + type: Date + - contextPath: GitLab.Issue.closed_by + description: The user who closed the issue. + type: String + - contextPath: GitLab.Issue.labels + description: Comma seperated values of the issue's labels. + type: String + - contextPath: GitLab.Issue.merge_requests_count + description: merge requests count + type: Number + - contextPath: GitLab.Issue.has_tasks + description: Whether the issue has tasks or not. + type: Boolean + - contextPath: GitLab.Issue.task_status + description: The status of the issue's tasks. + type: String + - arguments: + - name: labels + description: Comma separated values of labels to add to the issue. + - name: title + description: The issue title. + isArray: false + required: true + secret: false + default: false + - name: description + description: The issue description. + isArray: false + required: true + secret: false + default: false + - default: false + description: Project ID of the created issue. + isArray: false + name: project_id + required: true + secret: false + description: Create an issue + name: gitlab-issue-create + outputs: + - contextPath: GitLab.Issue.id + description: The issue ID. + type: Number + - contextPath: GitLab.Issue.iid + description: The issue IID. + type: Number + - contextPath: GitLab.Issue.project_id + description: The project ID of the issue. + type: Number + - contextPath: GitLab.Issue.title + description: The issue title. + type: String + - contextPath: GitLab.Issue.description + description: The issue description. + type: String + - contextPath: GitLab.Issue.state + description: The issue state. + type: String + - contextPath: GitLab.Issue.created_at + description: The time the issue was created. + type: Date + - contextPath: GitLab.Issue.updated_at + description: The time the issue was updated. + type: Date + - contextPath: GitLab.Issue.closed_at + description: The time the issue was closed. + type: Date + - contextPath: GitLab.Issue.closed_by + description: The user who closed the issue. + type: String + - contextPath: GitLab.Issue.labels + description: Comma seperated values of the issue's labels. + type: String + - contextPath: GitLab.Issue.merge_requests_count + description: merge requests count + type: Number + - contextPath: GitLab.Issue.has_tasks + description: Whether the issue has tasks or not. + type: Boolean + - contextPath: GitLab.Issue.task_status + description: The status of the issue's tasks. + type: String + - arguments: + - name: add_labels + description: The labels to add to the issue. + - name: remove_labels + description: The labels to remove from the issue. + - name: description + description: The description of the issue. + - default: false + description: Project ID from which to retrieve the issue. + isArray: false + name: project_id + required: true + secret: false + - default: false + description: Issue ID. + isArray: false + name: issue_id + required: true + secret: false + description: Edit an issue + name: gitlab-issue-edit + outputs: + - contextPath: GitLab.Issue.id + description: The issue ID. + type: Number + - contextPath: GitLab.Issue.iid + description: The issue IID. + type: Number + - contextPath: GitLab.Issue.project_id + description: The project ID of the issue. + type: Number + - contextPath: GitLab.Issue.title + description: The issue title. + type: String + - contextPath: GitLab.Issue.description + description: The issue description. + type: String + - contextPath: GitLab.Issue.state + description: The issue state. + type: String + - contextPath: GitLab.Issue.created_at + description: The time the issue was created. + type: Date + - contextPath: GitLab.Issue.updated_at + description: The time the issue was updated. + type: Date + - contextPath: GitLab.Issue.closed_at + description: The time the issue was closed. + type: Date + - contextPath: GitLab.Issue.closed_by + description: The user who closed the issue. + type: String + - contextPath: GitLab.Issue.labels + description: Comma seperated values of the issue's labels. + type: String + - contextPath: GitLab.Issue.merge_requests_count + description: Merge requests count + type: Number + - contextPath: GitLab.Issue.has_tasks + description: Whether the issue has tasks or not. + type: Boolean + - contextPath: GitLab.Issue.task_status + description: The status of the issue's tasks. + type: String + - arguments: + - default: false + description: Group ID from which to retrieve the projects. + isArray: false + name: group_id + required: true + secret: false + description: Get the list of projects of a given group. + name: gitlab-group-projects-list + outputs: + - contextPath: GitLab.Project.id + description: The project ID. + type: Number + - contextPath: GitLab.Project.name + description: The project name. + type: String + - contextPath: GitLab.Project.path_with_namespace + description: The project path with namespace. + type: String + - arguments: + - default: false + description: Project ID to get the file from. + isArray: false + name: project_id + required: true + secret: false + - default: false + description: The file path. + isArray: false + name: file_path + required: true + secret: false + - default: false + description: The branch to retrieve the file from. + isArray: false + name: ref + required: true + secret: false + description: Get raw file + name: gitlab-raw-file-get + outputs: + - contextPath: GitLab.File.ref + description: The branch the file's content was taken from. + type: String + - contextPath: GitLab.File.path + description: The file path. + type: String + - contextPath: GitLab.File.content + description: The file content. + type: String + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: false longRunning: false diff --git a/Packs/DevSecOps/Integrations/GitLab/GitLab_test.py b/Packs/DevSecOps/Integrations/GitLab/GitLab_test.py index 1e05c9b75422..25a24f23e320 100644 --- a/Packs/DevSecOps/Integrations/GitLab/GitLab_test.py +++ b/Packs/DevSecOps/Integrations/GitLab/GitLab_test.py @@ -6,7 +6,9 @@ from CommonServerPython import CommandResults from GitLab import Client, gitlab_pipelines_schedules_list_command, gitlab_pipelines_list_command, \ - gitlab_jobs_list_command, gitlab_artifact_get_command + gitlab_jobs_list_command, gitlab_artifact_get_command, gitlab_merge_requests_list_command, \ + gitlab_issues_list_command, gitlab_edit_issue_command, gitlab_group_projects_list_command, \ + gitlab_get_merge_request_command, gitlab_create_issue_command, gitlab_get_raw_file_command BASE_URL = 'https://gitlab.com/api/v4' mock_client = Client(BASE_URL, verify=False, proxy=False, headers=dict()) @@ -22,7 +24,14 @@ def util_load_json(path): TEST_GITLAB_COMMANDS_DATA = [(gitlab_pipelines_schedules_list_command, command_test_data['pipeline_schedule']), (gitlab_pipelines_list_command, command_test_data['pipeline']), (gitlab_jobs_list_command, command_test_data['jobs']), - (gitlab_artifact_get_command, command_test_data['artifact-get'])] + (gitlab_artifact_get_command, command_test_data['artifact-get']), + (gitlab_merge_requests_list_command, command_test_data['merge-requests-list']), + (gitlab_get_merge_request_command, command_test_data['get-merge-request']), + (gitlab_issues_list_command, command_test_data['issues-list']), + (gitlab_edit_issue_command, command_test_data['edit-issue']), + (gitlab_create_issue_command, command_test_data['create-issue']), + (gitlab_get_raw_file_command, command_test_data['get-raw-file']), + (gitlab_group_projects_list_command, command_test_data['group-projects-list'])] @pytest.mark.parametrize('command_func, test_data', TEST_GITLAB_COMMANDS_DATA) @@ -44,8 +53,15 @@ def test_gitlab_commands(requests_mock, command_func: Callable[[Client, Dict], C expected_url_mock_suffix: str = test_data['expected_url_mock_suffix'] expected_key_field: str = test_data['expected_key_field'] args: Dict[str, Any] = test_data['args'] - requests_mock.get(f'{BASE_URL}/{expected_url_mock_suffix}', - json=mock_response) + method: str = test_data.get('method', "GET") + if method.upper() == "GET": + requests_mock.get(f'{BASE_URL}/{expected_url_mock_suffix}', json=mock_response) + elif method.upper() == "PUT": + requests_mock.put(f'{BASE_URL}/{expected_url_mock_suffix}', json=mock_response) + elif method.upper() == "POST": + requests_mock.post(f'{BASE_URL}/{expected_url_mock_suffix}', json=mock_response) + else: + raise Exception command_result = command_func(mock_client, args) assert command_result.outputs_prefix == expected_prefix assert command_result.outputs == expected_outputs diff --git a/Packs/DevSecOps/Integrations/GitLab/README.md b/Packs/DevSecOps/Integrations/GitLab/README.md index dfb36f406974..df515ee6945c 100644 --- a/Packs/DevSecOps/Integrations/GitLab/README.md +++ b/Packs/DevSecOps/Integrations/GitLab/README.md @@ -1085,6 +1085,7 @@ Gets details of jobs. | GitLab.Job.ref | String | Reference name of the job. | | GitLab.Job.stage | String | Stage of the job. | | GitLab.Job.web_url | String | Web URL of the job. | +| GitLab.Job.status | String | The status of the job. | #### Command Example @@ -1200,3 +1201,862 @@ Gets an artifact from a given artifact path, corresponding to a given job ID. >|---|---|---| >| Carbon Black Response Test | artifacts/failed_tests.txt | 6063195 | +### gitlab-issue-edit +*** +Edit an issue + + +#### Base Command + +`gitlab-issue-edit` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| add_labels | The labels to add to the issue. | Optional | +| remove_labels | The labels to remove from the issue. | Optional | +| description | The description of the issue. | Optional | +| project_id | Project ID from which to retrieve the issue. | Required | +| issue_id | Issue ID. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitLab.Issue.id | Number | The issue ID. | +| GitLab.Issue.iid | Number | The issue IID. | +| GitLab.Issue.project_id | Number | The project ID of the issue. | +| GitLab.Issue.title | String | The issue title. | +| GitLab.Issue.description | String | The issue description. | +| GitLab.Issue.state | String | The issue state. | +| GitLab.Issue.created_at | Date | The time the issue was created. | +| GitLab.Issue.updated_at | Date | The time the issue was updated. | +| GitLab.Issue.closed_at | Date | The time the issue was closed. | +| GitLab.Issue.closed_by | String | The user who closed the issue. | +| GitLab.Issue.labels | String | Comma seperated values of the issue's labels. | +| GitLab.Issue.merge_requests_count | Number | | +| GitLab.Issue.has_tasks | Boolean | Whether the issue has tasks or not. | +| GitLab.Issue.task_status | String | The status of the issue's tasks. | + + +#### Command Example +```!gitlab-issue-edit project_id=123 issue_id=1 add_labels=label1,label2``` + +#### Context Example +```json +{ + "GitLab": { + "Issue": { + "_links": { + "award_emoji": "www.google.com", + "notes": "www.google.com", + "project": "www.google.com", + "self": "www.google.com" + }, + "assignee": { + "avatar_url": "www.google.com", + "id": 9831, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "assignees": [ + { + "avatar_url": "www.google.com", + "id": 9831, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + } + ], + "author": { + "avatar_url": "www.google.com", + "id": 7127, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "blocking_issues_count": 0, + "closed_at": null, + "closed_by": null, + "confidential": false, + "created_at": "2021-07-15T16:25:57.419Z", + "description": "Issue Description", + "discussion_locked": null, + "downvotes": 0, + "due_date": null, + "epic": null, + "epic_iid": null, + "has_tasks": true, + "health_status": null, + "id": 40572, + "iid": 1, + "labels": [ + "label1", + "label2" + ], + "merge_requests_count": 0, + "milestone": null, + "moved_to_id": null, + "project_id": 7959, + "references": { + "full": "wow", + "relative": "#1", + "short": "#1" + }, + "service_desk_reply_to": null, + "state": "opened", + "subscribed": true, + "task_completion_status": { + "completed_count": 9, + "count": 46 + }, + "task_status": "9 of 46 tasks completed", + "time_stats": { + "human_time_estimate": null, + "human_total_time_spent": null, + "time_estimate": 0, + "total_time_spent": 0 + }, + "title": "wow", + "updated_at": "2021-08-19T13:54:12.337Z", + "upvotes": 0, + "user_notes_count": 3, + "web_url": "www.google.com", + "weight": null + } + } +} +``` + +#### Human Readable Output + +### Edit Issue 1 +|_links|assignee|assignees|author|blocking_issues_count|closed_at|closed_by|confidential|created_at|description|discussion_locked|downvotes|due_date|epic|epic_iid|has_tasks|health_status|id|iid|labels|merge_requests_count|milestone|moved_to_id|project_id|references|service_desk_reply_to|state|subscribed|task_completion_status|task_status|time_stats|title|updated_at|upvotes|user_notes_count|web_url|weight| +|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +| award_emoji: www.google.com
notes: www.google.com
project: www.google.com
self: www.google.com | avatar_url: www.google.com
id: 9831
name: wow
state: active
username: wow
web_url: www.google.com | {'avatar_url': 'www.google.com', 'id': 9831, 'name': 'wow', 'state': 'active', 'username': 'wow', 'web_url': 'www.google.com'} | avatar_url: www.google.com
id: 7127
name: wow
state: active
username: wow
web_url: www.google.com | 0 | | | false | 2021-07-15T16:25:57.419Z | Issue Description | | 0 | | | | true | | 40572 | 1 | label1,
label2 | 0 | | | 7959 | full: wow
relative: #1
short: #1 | | opened | true | completed_count: 9
count: 46 | 9 of 46 tasks completed | human_time_estimate: null
human_total_time_spent: null
time_estimate: 0
total_time_spent: 0 | wow | 2021-08-19T13:54:12.337Z | 0 | 3 | www.google.com | | + +### gitlab-issue-create +*** +Create an issue + + +#### Base Command + +`gitlab-issue-create` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| labels | Comma separated values of labels to add to the issue. | Optional | +| title | The issue title. | Required | +| description | The issue description. | Required | +| project_id | Project ID of the created issue. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitLab.Issue.id | Number | The issue ID. | +| GitLab.Issue.iid | Number | The issue IID. | +| GitLab.Issue.project_id | Number | The project ID of the issue. | +| GitLab.Issue.title | String | The issue title. | +| GitLab.Issue.description | String | The issue description. | +| GitLab.Issue.state | String | The issue state. | +| GitLab.Issue.created_at | Date | The time the issue was created. | +| GitLab.Issue.updated_at | Date | The time the issue was updated. | +| GitLab.Issue.closed_at | Date | The time the issue was closed. | +| GitLab.Issue.closed_by | String | The user who closed the issue. | +| GitLab.Issue.labels | String | Comma seperated values of the issue's labels. | +| GitLab.Issue.merge_requests_count | Number | | +| GitLab.Issue.has_tasks | Boolean | Whether the issue has tasks or not. | +| GitLab.Issue.task_status | String | The status of the issue's tasks. | + + +#### Command Example +`gitlab-issue-create labels="a,b,c" title=wow description="bla bla" project_id=123` + +#### Context Example +```json +{ + "GitLab": { + "Issue": { + "_links": { + "award_emoji": "www.google.com", + "notes": "www.google.com", + "project": "www.google.com", + "self": "www.google.com" + }, + "assignee": { + "avatar_url": "www.google.com", + "id": 9831, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "assignees": [ + { + "avatar_url": "www.google.com", + "id": 9831, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + } + ], + "author": { + "avatar_url": "www.google.com", + "id": 7127, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "blocking_issues_count": 0, + "closed_at": null, + "closed_by": null, + "confidential": false, + "created_at": "2021-07-15T16:25:57.419Z", + "description": "Issue Description", + "discussion_locked": null, + "downvotes": 0, + "due_date": null, + "epic": null, + "epic_iid": null, + "has_tasks": true, + "health_status": null, + "id": 40572, + "iid": 1, + "labels": [ + "label1", + "label2" + ], + "merge_requests_count": 0, + "milestone": null, + "moved_to_id": null, + "project_id": 7959, + "references": { + "full": "wow", + "relative": "#1", + "short": "#1" + }, + "service_desk_reply_to": null, + "state": "opened", + "subscribed": true, + "task_completion_status": { + "completed_count": 9, + "count": 46 + }, + "task_status": "9 of 46 tasks completed", + "time_stats": { + "human_time_estimate": null, + "human_total_time_spent": null, + "time_estimate": 0, + "total_time_spent": 0 + }, + "title": "wow", + "updated_at": "2021-08-19T13:54:12.337Z", + "upvotes": 0, + "user_notes_count": 3, + "web_url": "www.google.com", + "weight": null + } + } +} +``` + +#### Human Readable Output + +### Create Issue +|_links|assignee|assignees|author|blocking_issues_count|closed_at|closed_by|confidential|created_at|description|discussion_locked|downvotes|due_date|epic|epic_iid|has_tasks|health_status|id|iid|labels|merge_requests_count|milestone|moved_to_id|project_id|references|service_desk_reply_to|state|subscribed|task_completion_status|task_status|time_stats|title|updated_at|upvotes|user_notes_count|web_url|weight| +|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +| award_emoji: www.google.com
notes: www.google.com
project: www.google.com
self: www.google.com | avatar_url: www.google.com
id: 9831
name: wow
state: active
username: wow
web_url: www.google.com | {'avatar_url': 'www.google.com', 'id': 9831, 'name': 'wow', 'state': 'active', 'username': 'wow', 'web_url': 'www.google.com'} | avatar_url: www.google.com
id: 7127
name: wow
state: active
username: wow
web_url: www.google.com | 0 | | | false | 2021-07-15T16:25:57.419Z | Issue Description | | 0 | | | | true | | 40572 | 1 | label1,
label2 | 0 | | | 7959 | full: wow
relative: #1
short: #1 | | opened | true | completed_count: 9
count: 46 | 9 of 46 tasks completed | human_time_estimate: null
human_total_time_spent: null
time_estimate: 0
total_time_spent: 0 | wow | 2021-08-19T13:54:12.337Z | 0 | 3 | www.google.com | | + + +### gitlab-issues-list +*** +List all issues + + +#### Base Command + +`gitlab-issues-list` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| labels | Comma seperated values of labels to search issues by. | Optional | +| scope | On what scope to perform the search on. Possible values are: title, description, title,description. Default is title,description. | Optional | +| search | The search clause. | Optional | +| state | The state of the issue. Possible values are: opened, closed, all. Default is all. | Optional | +| project_id | Project ID from which to retrieve the Merge Requests. | Required | +| assignee_username | filter by assignee username. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitLab.Issue.id | Number | The issue ID. | +| GitLab.Issue.iid | Number | The issue IID. | +| GitLab.Issue.project_id | Number | The project ID of the issue. | +| GitLab.Issue.title | String | The issue title. | +| GitLab.Issue.description | String | The issue description. | +| GitLab.Issue.state | String | The issue state. | +| GitLab.Issue.created_at | Date | The time the issue was created. | +| GitLab.Issue.updated_at | Date | The time the issue was updated. | +| GitLab.Issue.closed_at | Date | The time the issue was closed. | +| GitLab.Issue.closed_by | String | The user who closed the issue. | +| GitLab.Issue.labels | String | Comma seperated values of the issue's labels. | +| GitLab.Issue.merge_requests_count | Number | | +| GitLab.Issue.has_tasks | Boolean | Whether the issue has tasks or not. | +| GitLab.Issue.task_status | String | The status of the issue's tasks. | + + +#### Command Example +```!gitlab-issues-list project_id=123 state=opened search="Summary"``` + +#### Context Example +```json +{ + "GitLab": { + "Issue": { + "_links": { + "award_emoji": "www.google.com", + "notes": "www.google.com", + "project": "www.google.com", + "self": "www.google.com" + }, + "assignee": { + "avatar_url": "www.google.com", + "id": 9831, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "assignees": [ + { + "avatar_url": "www.google.com", + "id": 9831, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + } + ], + "author": { + "avatar_url": "www.google.com", + "id": 7127, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "blocking_issues_count": 0, + "closed_at": null, + "closed_by": null, + "confidential": false, + "created_at": "2021-07-15T16:25:57.419Z", + "description": "## Summary", + "discussion_locked": null, + "downvotes": 0, + "due_date": null, + "epic": null, + "epic_iid": null, + "has_tasks": true, + "health_status": null, + "id": 40572, + "iid": 1, + "labels": [], + "merge_requests_count": 0, + "milestone": null, + "moved_to_id": null, + "project_id": 7959, + "references": { + "full": "wow", + "relative": "#1", + "short": "#1" + }, + "service_desk_reply_to": null, + "state": "opened", + "task_completion_status": { + "completed_count": 9, + "count": 46 + }, + "task_status": "9 of 46 tasks completed", + "time_stats": { + "human_time_estimate": null, + "human_total_time_spent": null, + "time_estimate": 0, + "total_time_spent": 0 + }, + "title": "wow", + "updated_at": "2021-08-19T13:52:28.302Z", + "upvotes": 0, + "user_notes_count": 3, + "web_url": "www.google.com", + "weight": null + } + } +} +``` + +#### Human Readable Output + +### Issues Lists +|_links|assignee|assignees|author|blocking_issues_count|closed_at|closed_by|confidential|created_at|description|discussion_locked|downvotes|due_date|epic|epic_iid|has_tasks|health_status|id|iid|labels|merge_requests_count|milestone|moved_to_id|project_id|references|service_desk_reply_to|state|subscribed|task_completion_status|task_status|time_stats|title|updated_at|upvotes|user_notes_count|web_url|weight| +|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +| award_emoji: www.google.com
notes: www.google.com
project: www.google.com
self: www.google.com | avatar_url: www.google.com
id: 9831
name: wow
state: active
username: wow
web_url: www.google.com | {'avatar_url': 'www.google.com', 'id': 9831, 'name': 'wow', 'state': 'active', 'username': 'wow', 'web_url': 'www.google.com'} | avatar_url: www.google.com
id: 7127
name: wow
state: active
username: wow
web_url: www.google.com | 0 | | | false | 2021-07-15T16:25:57.419Z | Issue Description | | 0 | | | | true | | 40572 | 1 | | 0 | | | 7959 | full: wow
relative: #1
short: #1 | | opened | true | completed_count: 9
count: 46 | 9 of 46 tasks completed | human_time_estimate: null
human_total_time_spent: null
time_estimate: 0
total_time_spent: 0 | wow | 2021-08-19T13:54:12.337Z | 0 | 3 | www.google.com | | + +### gitlab-merge-requests-list +*** +List all merge requests + + +#### Base Command + +`gitlab-merge-requests-list` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| target_branch | The target branch of the Merge Request. Default is master. | Optional | +| state | The state of the Merge Request. Possible values are: opened, closed, locked, merged. Default is opened. | Optional | +| project_id | Project ID from which to retrieve the Merge Requests. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitLab.MergeRequest.id | Number | The merge request ID. | +| GitLab.MergeRequest.iid | Number | The merge request IID. | +| GitLab.MergeRequest.project_id | Number | The project ID of the merge request. | +| GitLab.MergeRequest.title | String | The merge request title. | +| GitLab.MergeRequest.description | String | The merge request description | +| GitLab.MergeRequest.state | String | The merge request state. | +| GitLab.MergeRequest.created_at | Date | The time the merge request was created. | +| GitLab.MergeRequest.updated_at | Date | The time the merge request was updated. | +| GitLab.MergeRequest.merged_at | Date | The time the merge request was merged. | +| GitLab.MergeRequest.closed_by | String | The user who closed the merge request. | +| GitLab.MergeRequest.closed_at | Date | The time the merge request was closed. | +| GitLab.MergeRequest.target_branch | String | The merge request target branch. | +| GitLab.MergeRequest.source_branch | String | The merge request source branch. | +| GitLab.MergeRequest.assignee | String | The merge request assignee. | +| GitLab.MergeRequest.sha | String | The merge request commit SHA. | +| GitLab.MergeRequest.merge_commit_sha | String | The merge request merge commit SHA. | +| GitLab.MergeRequest.squash_commit_sha | String | The merge request squash commit SHA. | + + +#### Command Example +```!gitlab-merge-requests-list target_branch=development project_id=123 state=merged``` + +#### Context Example +```json +{ + "GitLab": { + "MergeRequest": [ + { + "approvals_before_merge": null, + "assignee": null, + "assignees": [], + "author": { + "avatar_url": "www.google.com", + "id": 10582, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "blocking_discussions_resolved": true, + "closed_at": null, + "closed_by": null, + "created_at": "2021-08-16T12:16:06.143Z", + "description": null, + "discussion_locked": null, + "downvotes": 0, + "force_remove_source_branch": null, + "has_conflicts": false, + "id": 53852, + "iid": 18, + "labels": [], + "merge_commit_sha": "SHA", + "merge_status": "can_be_merged", + "merge_when_pipeline_succeeds": false, + "merged_at": "2021-08-16T19:07:14.962Z", + "merged_by": { + "avatar_url": "www.google.com", + "id": 9164, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "milestone": null, + "project_id": 7959, + "reference": "!18", + "references": { + "full": "wow", + "relative": "!18", + "short": "!18" + }, + "reviewers": [], + "sha": "SHA", + "should_remove_source_branch": null, + "source_branch": "1.0.1.23955-feature-branch", + "source_project_id": 7959, + "squash": false, + "squash_commit_sha": null, + "state": "merged", + "target_branch": "development", + "target_project_id": 7959, + "task_completion_status": { + "completed_count": 0, + "count": 0 + }, + "time_stats": { + "human_time_estimate": null, + "human_total_time_spent": null, + "time_estimate": 0, + "total_time_spent": 0 + }, + "title": "wow", + "updated_at": "2021-08-16T19:07:14.765Z", + "upvotes": 0, + "user_notes_count": 0, + "web_url": "www.google.com", + "work_in_progress": false + } + ] + } +} +``` + +#### Human Readable Output + +### Merge Request Lists to branch master in state opened +|approvals_before_merge|assignee|assignees|author|blocking_discussions_resolved|closed_at|closed_by|created_at|description|discussion_locked|downvotes|force_remove_source_branch|has_conflicts|id|iid|labels|merge_commit_sha|merge_status|merge_when_pipeline_succeeds|merged_at|merged_by|milestone|project_id|reference|references|reviewers|sha|should_remove_source_branch|source_branch|source_project_id|squash|squash_commit_sha|state|target_branch|target_project_id|task_completion_status|time_stats|title|updated_at|upvotes|user_notes_count|web_url|work_in_progress| +|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +| | | | avatar_url: www.google.com
id: 10582
name: wow
state: active
username: wow
web_url: www.google.com | true | | | 2021-08-16T12:16:06.143Z | | | 0 | | false | 53852 | 18 | | SHA | can_be_merged | false | 2021-08-16T19:07:14.962Z | avatar_url: www.google.com
id: 9164
name: wow
state: active
username: wow
web_url: www.google.com | | 7959 | !18 | full: wow
relative: !18
short: !18 | | SHA | | 1.0.1.23955-feature-branch | 7959 | false | | merged | development | 7959 | completed_count: 0
count: 0 | human_time_estimate: null
human_total_time_spent: null
time_estimate: 0
total_time_spent: 0 | wow | 2021-08-16T19:07:14.765Z | 0 | 0 | www.google.com | false | + + +### gitlab-merge-request-get +*** +Get a Merge Request + + +#### Base Command + +`gitlab-merge-request-get` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| project_id | Project ID from which to retrieve the Merge Requests. | Required | +| merge_request_iid | Merge Request IID. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitLab.MergeRequest.id | Number | The merge request ID. | +| GitLab.MergeRequest.iid | Number | The merge request IID. | +| GitLab.MergeRequest.project_id | Number | The project ID of the merge request. | +| GitLab.MergeRequest.title | String | The merge request title. | +| GitLab.MergeRequest.description | String | The merge request description | +| GitLab.MergeRequest.state | String | The merge request state. | +| GitLab.MergeRequest.created_at | Date | The time the merge request was created. | +| GitLab.MergeRequest.updated_at | Date | The time the merge request was updated. | +| GitLab.MergeRequest.merged_at | Date | The time the merge request was merged. | +| GitLab.MergeRequest.closed_by | String | The user who closed the merge request. | +| GitLab.MergeRequest.closed_at | Date | The time the merge request was closed. | +| GitLab.MergeRequest.target_branch | String | The merge request target branch. | +| GitLab.MergeRequest.source_branch | String | The merge request source branch. | +| GitLab.MergeRequest.assignee | String | The merge request assignee. | +| GitLab.MergeRequest.sha | String | The merge request commit SHA. | +| GitLab.MergeRequest.merge_commit_sha | String | The merge request merge commit SHA. | +| GitLab.MergeRequest.squash_commit_sha | String | The merge request squash commit SHA. | + + +#### Command Example +```!gitlab-merge-request-get project_id=123 merge_request_iid=18``` + +#### Context Example +```json +{ + "GitLab": { + "MergeRequest": { + "approvals_before_merge": null, + "assignee": null, + "assignees": [], + "author": { + "avatar_url": "www.google.com", + "id": 10582, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "blocking_discussions_resolved": true, + "closed_at": null, + "closed_by": null, + "created_at": "2021-08-16T12:16:06.143Z", + "description": null, + "discussion_locked": null, + "downvotes": 0, + "force_remove_source_branch": null, + "has_conflicts": false, + "id": 53852, + "iid": 18, + "labels": [], + "merge_commit_sha": "SHA", + "merge_status": "can_be_merged", + "merge_when_pipeline_succeeds": false, + "merged_at": "2021-08-16T19:07:14.962Z", + "merged_by": { + "avatar_url": "www.google.com", + "id": 9164, + "name": "wow", + "state": "active", + "username": "wow", + "web_url": "www.google.com" + }, + "milestone": null, + "project_id": 7959, + "reference": "!18", + "references": { + "full": "wow", + "relative": "!18", + "short": "!18" + }, + "reviewers": [], + "sha": "SHA", + "should_remove_source_branch": null, + "source_branch": "1.0.1.23955-feature-branch", + "source_project_id": 7959, + "squash": false, + "squash_commit_sha": null, + "state": "merged", + "target_branch": "development", + "target_project_id": 7959, + "task_completion_status": { + "completed_count": 0, + "count": 0 + }, + "time_stats": { + "human_time_estimate": null, + "human_total_time_spent": null, + "time_estimate": 0, + "total_time_spent": 0 + }, + "title": "wow", + "updated_at": "2021-08-16T19:07:14.765Z", + "upvotes": 0, + "user_notes_count": 0, + "web_url": "www.google.com", + "work_in_progress": false + } + } +} +``` + +#### Human Readable Output + +### Merge Request 18 +|approvals_before_merge|assignee|assignees|author|blocking_discussions_resolved|closed_at|closed_by|created_at|description|discussion_locked|downvotes|force_remove_source_branch|has_conflicts|id|iid|labels|merge_commit_sha|merge_status|merge_when_pipeline_succeeds|merged_at|merged_by|milestone|project_id|reference|references|reviewers|sha|should_remove_source_branch|source_branch|source_project_id|squash|squash_commit_sha|state|target_branch|target_project_id|task_completion_status|time_stats|title|updated_at|upvotes|user_notes_count|web_url|work_in_progress| +|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +| | | | avatar_url: www.google.com
id: 10582
name: wow
state: active
username: wow
web_url: www.google.com | true | | | 2021-08-16T12:16:06.143Z | | | 0 | | false | 53852 | 18 | | SHA | can_be_merged | false | 2021-08-16T19:07:14.962Z | avatar_url: www.google.com
id: 9164
name: wow
state: active
username: wow
web_url: www.google.com | | 7959 | !18 | full: wow
relative: !18
short: !18 | | SHA | | 1.0.1.23955-feature-branch | 7959 | false | | merged | development | 7959 | completed_count: 0
count: 0 | human_time_estimate: null
human_total_time_spent: null
time_estimate: 0
total_time_spent: 0 | wow | 2021-08-16T19:07:14.765Z | 0 | 0 | www.google.com | false | + + + +### gitlab-group-projects-list +*** +Get the list of projects of a given group. + + +#### Base Command + +`gitlab-group-projects-list` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| group_id | Group ID from which to retrieve the projects. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitLab.Project.id | Number | The project ID. | +| GitLab.Project.name | String | The project name. | +| GitLab.Project.path_with_namespace | String | The project path with namespace. | + + +#### Command Example +```!gitlab-group-projects-list group_id=1``` + +#### Context Example +```json +{ + "GitLab": { + "Project": { + "id": 7988, + "description": "", + "name": "wow", + "name_with_namespace": "a / b / c / wow", + "path": "wow", + "path_with_namespace": "x/a/b/c/wow", + "created_at": "2021-07-15T17:53:45.964Z", + "default_branch": "development", + "tag_list": [], + "ssh_url_to_repo": "wow", + "http_url_to_repo": "www.google.com", + "web_url": "www.google.com", + "readme_url": "www.google.com", + "avatar_url": null, + "forks_count": 0, + "star_count": 0, + "last_activity_at": "2021-08-12T03:05:08.722Z", + "namespace": { + "id": 10665, + "name": "wow", + "path": "wow", + "kind": "group", + "full_path": "a/b/c", + "parent_id": 10664, + "avatar_url": null, + "web_url": "www.google.com" + }, + "container_registry_image_prefix": "www.google.com", + "_links": { + "self": "www.google.com", + "issues": "www.google.com", + "merge_requests": "www.google.com", + "repo_branches": "www.google.com", + "labels": "www.google.com", + "events": "www.google.com", + "members": "www.google.com" + }, + "packages_enabled": false, + "empty_repo": false, + "archived": false, + "visibility": "public", + "resolve_outdated_diff_discussions": false, + "container_registry_enabled": false, + "container_expiration_policy": { + "cadence": "1d", + "enabled": false, + "keep_n": 10, + "older_than": "90d", + "name_regex": ".*", + "name_regex_keep": null, + "next_run_at": "2021-07-16T17:53:46.012Z" + }, + "issues_enabled": true, + "merge_requests_enabled": true, + "wiki_enabled": false, + "jobs_enabled": true, + "snippets_enabled": false, + "service_desk_enabled": false, + "service_desk_address": null, + "can_create_merge_request_in": false, + "issues_access_level": "enabled", + "repository_access_level": "enabled", + "merge_requests_access_level": "enabled", + "forking_access_level": "enabled", + "wiki_access_level": "disabled", + "builds_access_level": "enabled", + "snippets_access_level": "disabled", + "pages_access_level": "enabled", + "operations_access_level": "enabled", + "analytics_access_level": "enabled", + "emails_disabled": false, + "shared_runners_enabled": true, + "lfs_enabled": false, + "creator_id": 7127, + "import_status": "finished", + "open_issues_count": 1, + "ci_default_git_depth": 50, + "ci_forward_deployment_enabled": true, + "public_jobs": true, + "build_timeout": 3600, + "auto_cancel_pending_pipelines": "enabled", + "build_coverage_regex": null, + "ci_config_path": "wow", + "shared_with_groups": [], + "only_allow_merge_if_pipeline_succeeds": false, + "allow_merge_on_skipped_pipeline": false, + "restrict_user_defined_variables": true, + "request_access_enabled": true, + "only_allow_merge_if_all_discussions_are_resolved": true, + "remove_source_branch_after_merge": true, + "printing_merge_request_link_enabled": true, + "merge_method": "merge", + "suggestion_commit_message": "", + "auto_devops_enabled": false, + "auto_devops_deploy_strategy": "continuous", + "autoclose_referenced_issues": true, + "approvals_before_merge": 0, + "mirror": false, + "external_authorization_classification_label": null, + "marked_for_deletion_at": null, + "marked_for_deletion_on": null, + "requirements_enabled": true, + "security_and_compliance_enabled": null, + "compliance_frameworks": [], + "issues_template": "", + "merge_requests_template": "" + } + } +} +``` + +#### Human Readable Output +### List Group Projects +|_links|allow_merge_on_skipped_pipeline|analytics_access_level|approvals_before_merge|archived|auto_cancel_pending_pipelines|auto_devops_deploy_strategy|auto_devops_enabled|autoclose_referenced_issues|avatar_url|build_coverage_regex|build_timeout|builds_access_level|can_create_merge_request_in|ci_config_path|ci_default_git_depth|ci_forward_deployment_enabled|compliance_frameworks|container_expiration_policy|container_registry_enabled|container_registry_image_prefix|created_at|creator_id|default_branch|description|emails_disabled|empty_repo|external_authorization_classification_label|forking_access_level|forks_count|http_url_to_repo|id|import_status|issues_access_level|issues_enabled|issues_template|jobs_enabled|last_activity_at|lfs_enabled|marked_for_deletion_at|marked_for_deletion_on|merge_method|merge_requests_access_level|merge_requests_enabled|merge_requests_template|mirror|name|name_with_namespace|namespace|only_allow_merge_if_all_discussions_are_resolved|only_allow_merge_if_pipeline_succeeds|open_issues_count|operations_access_level|packages_enabled|pages_access_level|path|path_with_namespace|printing_merge_request_link_enabled|public_jobs|readme_url|remove_source_branch_after_merge|repository_access_level|request_access_enabled|requirements_enabled|resolve_outdated_diff_discussions|restrict_user_defined_variables|security_and_compliance_enabled|service_desk_address|service_desk_enabled|shared_runners_enabled|shared_with_groups|snippets_access_level|snippets_enabled|ssh_url_to_repo|star_count|suggestion_commit_message|tag_list|visibility|web_url|wiki_access_level|wiki_enabled| +|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---| +| self: www.google.com
issues: www.google.com
merge_requests: www.google.com
repo_branches: www.google.com
labels: www.google.com
events: www.google.com
members: www.google.com | false | enabled | 0 | false | enabled | continuous | false | true | | | 3600 | enabled | false | wow | 50 | true | | cadence: 1d
enabled: false
keep_n: 10
older_than: 90d
name_regex: .*
name_regex_keep: null
next_run_at: 2021-07-16T17:53:46.012Z | false | www.google.com | 2021-07-15T17:53:45.964Z | 7127 | development | | false | false | | enabled | 0 | www.google.com | 7988 | finished | enabled | true | | true | 2021-08-12T03:05:08.722Z | false | | | merge | enabled | true | | false | wow | a / b / c / wow | id: 10665
name: wow
path: wow
kind: group
full_path: a/b/c
parent_id: 10664
avatar_url: null
web_url: www.google.com | true | false | 1 | enabled | false | enabled | wow | x/a/b/c/wow | true | true | www.google.com | true | enabled | true | true | false | true | | | false | true | | disabled | false | wow | 0 | | | public | www.google.com | disabled | false | + +### gitlab-raw-file-get +*** +Get raw file + + +#### Base Command + +`gitlab-raw-file-get` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| project_id | Project ID to get the file from. | Required | +| file_path | The file path. | Required | +| ref | The branch to retrieve the file from. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| GitLab.File.ref | String | The branch the file's content was taken from. | +| GitLab.File.path | String | The file path. | +| GitLab.File.content | String | The file content. | + + +#### Command Example +```!gitlab-raw-file-get project_id=123 ref=master file=wow.py``` + +#### Human Readable Output +### Raw file wow.py on branch master +|content|path|ref| +|---|---|---| +| wow | wow.py | master | diff --git a/Packs/DevSecOps/Integrations/GitLab/command_examples b/Packs/DevSecOps/Integrations/GitLab/command_examples index 16174c6b486e..ef11a3795505 100644 --- a/Packs/DevSecOps/Integrations/GitLab/command_examples +++ b/Packs/DevSecOps/Integrations/GitLab/command_examples @@ -10,4 +10,11 @@ !gitlab-pipelines-schedules-list project_id=123 !gitlab-pipelines-list project_id=123 pipeline_id=1254426 !gitlab-jobs-list project_id=123 pipeline_id=1254426 -!gitlab-artifact-get project_id=123 job_id=6063195 artifact_path_suffix=artifacts/failed_tests.txt \ No newline at end of file +!gitlab-artifact-get project_id=123 job_id=6063195 artifact_path_suffix=artifacts/failed_tests.txt +!gitlab-issues-list project_id=123 state=opened search="Summary" +!gitlab-merge-requests-list target_branch=development project_id=123 state=merged +!gitlab-merge-request-get project_id=123 merge_request_iid=18 +!gitlab-issue-edit project_id=123 issue_id=1 add_labels="To Do" +!gitlab-group-projects-list group_id=1 +!gitlab-issue-create title=wow description=wow labels=a,b,c +!gitlab-raw-file-get project_id=123 ref=master file=wow.py \ No newline at end of file diff --git a/Packs/DevSecOps/Integrations/GitLab/test_data/commands_test_data.json b/Packs/DevSecOps/Integrations/GitLab/test_data/commands_test_data.json index 7372bf13c227..c42bdea08583 100644 --- a/Packs/DevSecOps/Integrations/GitLab/test_data/commands_test_data.json +++ b/Packs/DevSecOps/Integrations/GitLab/test_data/commands_test_data.json @@ -1,266 +1,1356 @@ { - "pipeline_schedule": { - "mock_response": [ - { - "id": 1, - "description": "Run the Build", - "ref": "master", - "cron": "* * * * *", - "cron_timezone": "UTC", - "next_run_at": "2021-06-16T00:05:00.000Z", - "active": true, - "created_at": "2021-05-23T14:00:34.105Z", - "updated_at": "2021-06-15T00:05:06.617Z", - "owner": { - "id": 11, - "name": "User Name 2", - "username": "user2", - "state": "active", - "avatar_url": "https://secure.gravatar.com/avatar/as52123asjklaslsajf?s=80&d=identicon", - "web_url": "https://gitlab_server/user2" + "pipeline_schedule": { + "mock_response": [ + { + "id": 1, + "description": "Run the Build", + "ref": "master", + "cron": "* * * * *", + "cron_timezone": "UTC", + "next_run_at": "2021-06-16T00:05:00.000Z", + "active": true, + "created_at": "2021-05-23T14:00:34.105Z", + "updated_at": "2021-06-15T00:05:06.617Z", + "owner": { + "id": 11, + "name": "User Name 2", + "username": "user2", + "state": "active", + "avatar_url": "https://secure.gravatar.com/avatar/as52123asjklaslsajf?s=80&d=identicon", + "web_url": "https://gitlab_server/user2" + } + }, + { + "id": 2, + "description": "Run the Expected Pipeline", + "ref": "upload_flow", + "cron": "* * * * *", + "cron_timezone": "UTC", + "next_run_at": "2021-05-24T02:05:00.000Z", + "active": false, + "created_at": "2021-05-12T11:57:47.436Z", + "updated_at": "2021-05-23T08:28:39.885Z", + "owner": { + "id": 22, + "name": "User Name", + "username": "user", + "state": "active", + "avatar_url": "https://secure.gravatar.com/avatar/as52123asjklaslsajf?s=80&d=identicon", + "web_url": "https://gitlab_server/user" + } + } + ], + "expected_outputs": [ + { + "id": 1, + "description": "Run the Build", + "ref": "master", + "next_run_at": "2021-06-16T00:05:00.000Z", + "active": true, + "created_at": "2021-05-23T14:00:34.105Z", + "updated_at": "2021-06-15T00:05:06.617Z" + }, + { + "id": 2, + "description": "Run the Expected Pipeline", + "ref": "upload_flow", + "next_run_at": "2021-05-24T02:05:00.000Z", + "active": false, + "created_at": "2021-05-12T11:57:47.436Z", + "updated_at": "2021-05-23T08:28:39.885Z" + } + ], + "expected_prefix": "GitLab.PipelineSchedule", + "expected_url_mock_suffix": "projects/1/pipeline_schedules", + "expected_key_field": "id", + "args": { + "project_id": 1 } - }, - { - "id": 2, - "description": "Run the Expected Pipeline", - "ref": "upload_flow", - "cron": "* * * * *", - "cron_timezone": "UTC", - "next_run_at": "2021-05-24T02:05:00.000Z", - "active": false, - "created_at": "2021-05-12T11:57:47.436Z", - "updated_at": "2021-05-23T08:28:39.885Z", - "owner": { - "id": 22, - "name": "User Name", - "username": "user", - "state": "active", - "avatar_url": "https://secure.gravatar.com/avatar/as52123asjklaslsajf?s=80&d=identicon", - "web_url": "https://gitlab_server/user" + }, + "pipeline": { + "mock_response": [ + { + "id": 1, + "project_id": 3, + "sha": "skd5h31245ljkasl4kj45l324", + "ref": "Pipeline 1", + "status": "running", + "created_at": "2021-06-15T14:31:29.607Z", + "updated_at": "2021-06-15T14:31:32.964Z", + "web_url": "https://server_url/project/-/pipelines/1" + }, + { + "id": 2, + "project_id": 3, + "sha": "zxfmle54j14jazskl4jqlk421l4", + "ref": "Pipeline 2", + "status": "running", + "created_at": "2021-06-15T14:26:00.460Z", + "updated_at": "2021-06-15T14:26:03.452Z", + "web_url": "https://server_url/project/-/pipelines/2" + } + ], + "expected_outputs": [ + { + "id": 1, + "project_id": 3, + "sha": "skd5h31245ljkasl4kj45l324", + "ref": "Pipeline 1", + "status": "running", + "created_at": "2021-06-15T14:31:29.607Z", + "updated_at": "2021-06-15T14:31:32.964Z", + "web_url": "https://server_url/project/-/pipelines/1" + }, + { + "id": 2, + "project_id": 3, + "sha": "zxfmle54j14jazskl4jqlk421l4", + "ref": "Pipeline 2", + "status": "running", + "created_at": "2021-06-15T14:26:00.460Z", + "updated_at": "2021-06-15T14:26:03.452Z", + "web_url": "https://server_url/project/-/pipelines/2" + } + ], + "expected_prefix": "GitLab.Pipeline", + "expected_url_mock_suffix": "projects/3/pipelines", + "expected_key_field": "id", + "args": { + "project_id": "3" } - } - ], - "expected_outputs": [ - { - "id": 1, - "description": "Run the Build", - "ref": "master", - "next_run_at": "2021-06-16T00:05:00.000Z", - "active": true, - "created_at": "2021-05-23T14:00:34.105Z", - "updated_at": "2021-06-15T00:05:06.617Z" - }, - { - "id": 2, - "description": "Run the Expected Pipeline", - "ref": "upload_flow", - "next_run_at": "2021-05-24T02:05:00.000Z", - "active": false, - "created_at": "2021-05-12T11:57:47.436Z", - "updated_at": "2021-05-23T08:28:39.885Z" - } - ], - "expected_prefix": "GitLab.PipelineSchedule", - "expected_url_mock_suffix": "projects/1/pipeline_schedules", - "expected_key_field": "id", - "args": { - "project_id": 1 - } - }, - "pipeline": { - "mock_response": [ - { - "id": 1, - "project_id": 3, - "sha": "skd5h31245ljkasl4kj45l324", - "ref": "Pipeline 1", - "status": "running", - "created_at": "2021-06-15T14:31:29.607Z", - "updated_at": "2021-06-15T14:31:32.964Z", - "web_url": "https://server_url/project/-/pipelines/1" - }, - { - "id": 2, - "project_id": 3, - "sha": "zxfmle54j14jazskl4jqlk421l4", - "ref": "Pipeline 2", - "status": "running", - "created_at": "2021-06-15T14:26:00.460Z", - "updated_at": "2021-06-15T14:26:03.452Z", - "web_url": "https://server_url/project/-/pipelines/2" - } - ], - "expected_outputs": [ - { - "id": 1, - "project_id": 3, - "sha": "skd5h31245ljkasl4kj45l324", - "ref": "Pipeline 1", - "status": "running", - "created_at": "2021-06-15T14:31:29.607Z", - "updated_at": "2021-06-15T14:31:32.964Z", - "web_url": "https://server_url/project/-/pipelines/1" - }, - { - "id": 2, - "project_id": 3, - "sha": "zxfmle54j14jazskl4jqlk421l4", - "ref": "Pipeline 2", - "status": "running", - "created_at": "2021-06-15T14:26:00.460Z", - "updated_at": "2021-06-15T14:26:03.452Z", - "web_url": "https://server_url/project/-/pipelines/2" - } - ], - "expected_prefix": "GitLab.Pipeline", - "expected_url_mock_suffix": "projects/3/pipelines", - "expected_key_field": "id", - "args": { - "project_id": "3" - } - }, - "jobs": { - "mock_response": [ - { - "id": 31, - "status": "failed", - "stage": "run-instances", - "name": "server_master", - "ref": "master", - "tag": false, - "coverage": null, - "allow_failure": false, - "created_at": "2021-06-15T00:05:09.139Z", - "started_at": "2021-06-15T00:35:52.125Z", - "finished_at": "2021-06-15T01:44:16.559Z", - "duration": 4104.433651, - "user": { - "id": 1, - "name": "User name", - "username": "user", - "state": "active", - "avatar_url": "https://server_url/uploads/-/system/user/avatar/1/avatar.png", - "web_url": "https://server_url/user", - "created_at": "2020-10-26T19:36:25.259Z", - "bio": "", - "bio_html": "", - "location": "", - "public_email": "", - "skype": "", - "linkedin": "", - "twitter": "", - "website_url": "", - "organization": "", - "job_title": "", - "bot": false, - "work_information": null, - "followers": 0, - "following": 0 + }, + "jobs": { + "mock_response": [ + { + "id": 31, + "status": "failed", + "stage": "run-instances", + "name": "server_master", + "ref": "master", + "tag": false, + "coverage": null, + "allow_failure": false, + "created_at": "2021-06-15T00:05:09.139Z", + "started_at": "2021-06-15T00:35:52.125Z", + "finished_at": "2021-06-15T01:44:16.559Z", + "duration": 4104.433651, + "user": { + "id": 1, + "name": "User name", + "username": "user", + "state": "active", + "avatar_url": "https://server_url/uploads/-/system/user/avatar/1/avatar.png", + "web_url": "https://server_url/user", + "created_at": "2020-10-26T19:36:25.259Z", + "bio": "", + "bio_html": "", + "location": "", + "public_email": "", + "skype": "", + "linkedin": "", + "twitter": "", + "website_url": "", + "organization": "", + "job_title": "", + "bot": false, + "work_information": null, + "followers": 0, + "following": 0 + }, + "commit": { + "id": "sdm45mk43214ask4la43kj12l3kj", + "short_id": "sd45123", + "created_at": "2021-06-14T18:57:03.000+03:00", + "parent_ids": [ + "as41p24aslkjrsklas412234jkas" + ], + "title": "Update Issue 1", + "message": "Updated issue 1 by user", + "author_name": "bot", + "author_email": "bot@gmail.com", + "authored_date": "2021-06-14T18:57:03.000+03:00", + "committer_name": "GitHub", + "committer_email": "noreply@github.com", + "committed_date": "2021-06-14T18:57:03.000+03:00", + "web_url": "https://server_url/-/commit/sdm45mk43214ask4la43kj12l3kj" + }, + "pipeline": { + "id": 12, + "project_id": 4, + "sha": "as5235knlsadjr5lsdk45jl1k2j3lsdr", + "ref": "master", + "status": "failed", + "created_at": "2021-06-15T00:05:09.041Z", + "updated_at": "2021-06-15T01:44:17.793Z", + "web_url": "https://server_url/-/pipelines/12" + }, + "web_url": "https://server_url/-/jobs/31", + "artifacts_file": { + "filename": "artifacts.zip", + "size": 136861712 + }, + "artifacts": [ + { + "file_type": "archive", + "size": 136861712, + "filename": "artifacts.zip", + "file_format": "zip" + }, + { + "file_type": "metadata", + "size": 1138, + "filename": "metadata.gz", + "file_format": "gzip" + }, + { + "file_type": "trace", + "size": 26318, + "filename": "job.log", + "file_format": null + } + ], + "artifacts_expire_at": "2021-07-15T01:44:11.659Z", + "tag_list": [] + } + ], + "expected_outputs": [ + { + "id": 31, + "stage": "run-instances", + "name": "server_master", + "ref": "master", + "created_at": "2021-06-15T00:05:09.139Z", + "started_at": "2021-06-15T00:35:52.125Z", + "finished_at": "2021-06-15T01:44:16.559Z", + "duration": 4104.433651, + "status": "failed", + "pipeline": { + "id": 12, + "project_id": 4, + "sha": "as5235knlsadjr5lsdk45jl1k2j3lsdr", + "ref": "master", + "status": "failed", + "created_at": "2021-06-15T00:05:09.041Z", + "updated_at": "2021-06-15T01:44:17.793Z", + "web_url": "https://server_url/-/pipelines/12" + }, + "web_url": "https://server_url/-/jobs/31" + } + ], + "expected_prefix": "GitLab.Job", + "expected_url_mock_suffix": "projects/4/pipelines/12/jobs", + "expected_key_field": "id", + "args": { + "project_id": "4", + "pipeline_id": "12" + } + }, + "artifact-get": { + "mock_response": "Failed Unit Test", + "expected_outputs": { + "job_id": "32", + "artifact_path_suffix": "artifacts/failed_tests.txt", + "artifact_data": "\"Failed Unit Test\"" + }, + "expected_prefix": "GitLab.Artifact", + "expected_url_mock_suffix": "projects/45/jobs/32/artifacts/artifacts/failed_tests.txt", + "expected_key_field": [ + "job_id", + "artifact_path_suffix" + ], + "args": { + "project_id": "45", + "job_id": "32", + "artifact_path_suffix": "artifacts/failed_tests.txt" + } + }, + "merge-requests-list": { + "mock_response": [ + { + "id": 53852, + "iid": 18, + "project_id": 7959, + "title": "wow", + "description": null, + "state": "merged", + "created_at": "2021-08-16T12:16:06.143Z", + "updated_at": "2021-08-16T19:07:14.765Z", + "merged_by": { + "id": 9164, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "merged_at": "2021-08-16T19:07:14.962Z", + "closed_by": null, + "closed_at": null, + "target_branch": "development", + "source_branch": "1.0.1.23955-feature-branch", + "user_notes_count": 0, + "upvotes": 0, + "downvotes": 0, + "author": { + "id": 10582, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignees": [], + "assignee": null, + "reviewers": [], + "source_project_id": 7959, + "target_project_id": 7959, + "labels": [], + "work_in_progress": false, + "milestone": null, + "merge_when_pipeline_succeeds": false, + "merge_status": "can_be_merged", + "sha": "SHA", + "merge_commit_sha": "SHA", + "squash_commit_sha": null, + "discussion_locked": null, + "should_remove_source_branch": null, + "force_remove_source_branch": null, + "reference": "!18", + "references": { + "short": "!18", + "relative": "!18", + "full": "www.google.com" + }, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "squash": false, + "task_completion_status": { + "count": 0, + "completed_count": 0 + }, + "has_conflicts": false, + "blocking_discussions_resolved": true, + "approvals_before_merge": null + } + ], + "expected_outputs": [ + { + "id": 53852, + "iid": 18, + "project_id": 7959, + "title": "wow", + "description": null, + "state": "merged", + "created_at": "2021-08-16T12:16:06.143Z", + "updated_at": "2021-08-16T19:07:14.765Z", + "merged_by": { + "id": 9164, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "merged_at": "2021-08-16T19:07:14.962Z", + "closed_by": null, + "closed_at": null, + "target_branch": "development", + "source_branch": "1.0.1.23955-feature-branch", + "user_notes_count": 0, + "upvotes": 0, + "downvotes": 0, + "author": { + "id": 10582, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignees": [], + "assignee": null, + "reviewers": [], + "source_project_id": 7959, + "target_project_id": 7959, + "labels": [], + "work_in_progress": false, + "milestone": null, + "merge_when_pipeline_succeeds": false, + "merge_status": "can_be_merged", + "sha": "SHA", + "merge_commit_sha": "SHA", + "squash_commit_sha": null, + "discussion_locked": null, + "should_remove_source_branch": null, + "force_remove_source_branch": null, + "reference": "!18", + "references": { + "short": "!18", + "relative": "!18", + "full": "www.google.com" + }, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "squash": false, + "task_completion_status": { + "count": 0, + "completed_count": 0 + }, + "has_conflicts": false, + "blocking_discussions_resolved": true, + "approvals_before_merge": null + } + ], + "expected_prefix": "GitLab.MergeRequest", + "expected_url_mock_suffix": "projects/1/merge_requests", + "expected_key_field": ["iid", "project_id"], + "args": { + "project_id": 1, + "state": "opened", + "target_branch": "wow" + } + }, + "get-merge-request": { + "mock_response": + { + "id": 53852, + "iid": 18, + "project_id": 7959, + "title": "wow", + "description": null, + "state": "merged", + "created_at": "2021-08-16T12:16:06.143Z", + "updated_at": "2021-08-16T19:07:14.765Z", + "merged_by": { + "id": 9164, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "merged_at": "2021-08-16T19:07:14.962Z", + "closed_by": null, + "closed_at": null, + "target_branch": "development", + "source_branch": "1.0.1.23955-feature-branch", + "user_notes_count": 0, + "upvotes": 0, + "downvotes": 0, + "author": { + "id": 10582, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignees": [], + "assignee": null, + "reviewers": [], + "source_project_id": 7959, + "target_project_id": 7959, + "labels": [], + "work_in_progress": false, + "milestone": null, + "merge_when_pipeline_succeeds": false, + "merge_status": "can_be_merged", + "sha": "SHA", + "merge_commit_sha": "SHA", + "squash_commit_sha": null, + "discussion_locked": null, + "should_remove_source_branch": null, + "force_remove_source_branch": null, + "reference": "!18", + "references": { + "short": "!18", + "relative": "!18", + "full": "www.google.com" + }, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "squash": false, + "task_completion_status": { + "count": 0, + "completed_count": 0 + }, + "has_conflicts": false, + "blocking_discussions_resolved": true, + "approvals_before_merge": null + }, + "expected_outputs": + { + "id": 53852, + "iid": 18, + "project_id": 7959, + "title": "wow", + "description": null, + "state": "merged", + "created_at": "2021-08-16T12:16:06.143Z", + "updated_at": "2021-08-16T19:07:14.765Z", + "merged_by": { + "id": 9164, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "merged_at": "2021-08-16T19:07:14.962Z", + "closed_by": null, + "closed_at": null, + "target_branch": "development", + "source_branch": "1.0.1.23955-feature-branch", + "user_notes_count": 0, + "upvotes": 0, + "downvotes": 0, + "author": { + "id": 10582, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignees": [], + "assignee": null, + "reviewers": [], + "source_project_id": 7959, + "target_project_id": 7959, + "labels": [], + "work_in_progress": false, + "milestone": null, + "merge_when_pipeline_succeeds": false, + "merge_status": "can_be_merged", + "sha": "SHA", + "merge_commit_sha": "SHA", + "squash_commit_sha": null, + "discussion_locked": null, + "should_remove_source_branch": null, + "force_remove_source_branch": null, + "reference": "!18", + "references": { + "short": "!18", + "relative": "!18", + "full": "www.google.com" + }, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "squash": false, + "task_completion_status": { + "count": 0, + "completed_count": 0 + }, + "has_conflicts": false, + "blocking_discussions_resolved": true, + "approvals_before_merge": null + }, + "expected_prefix": "GitLab.MergeRequest", + "expected_url_mock_suffix": "projects/1/merge_requests/18", + "expected_key_field": ["iid", "project_id"], + "args": { + "project_id": 1, + "merge_request_iid": 18 + } + }, + "issues-list": { + "mock_response": [ + { + "id": 40572, + "iid": 1, + "project_id": 7959, + "title": "wow", + "description": "wow", + "state": "opened", + "created_at": "2021-07-15T16:25:57.419Z", + "updated_at": "2021-08-18T09:17:02.093Z", + "closed_at": null, + "closed_by": null, + "labels": [ + "a", + "b", + "c", + "d" + ], + "milestone": null, + "assignees": [ + { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + } + ], + "author": { + "id": 7127, + "name": "wow", + "username": "wpw", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignee": { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "user_notes_count": 3, + "merge_requests_count": 0, + "upvotes": 0, + "downvotes": 0, + "due_date": null, + "confidential": false, + "discussion_locked": null, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "task_completion_status": { + "count": 46, + "completed_count": 9 + }, + "weight": null, + "blocking_issues_count": 0, + "has_tasks": true, + "task_status": "9 of 46 tasks completed", + "_links": { + "self": "www.google.com", + "notes": "www.google.com", + "award_emoji": "www.google.com", + "project": "www.google.com" + }, + "references": { + "short": "#1", + "relative": "#1", + "full": "wow" + }, + "moved_to_id": null, + "service_desk_reply_to": null, + "epic_iid": null, + "epic": null, + "health_status": null + } + ], + "expected_outputs": [ + { + "id": 40572, + "iid": 1, + "project_id": 7959, + "title": "wow", + "description": "wow", + "state": "opened", + "created_at": "2021-07-15T16:25:57.419Z", + "updated_at": "2021-08-18T09:17:02.093Z", + "closed_at": null, + "closed_by": null, + "labels": [ + "a", + "b", + "c", + "d" + ], + "milestone": null, + "assignees": [ + { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + } + ], + "author": { + "id": 7127, + "name": "wow", + "username": "wpw", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignee": { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "user_notes_count": 3, + "merge_requests_count": 0, + "upvotes": 0, + "downvotes": 0, + "due_date": null, + "confidential": false, + "discussion_locked": null, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "task_completion_status": { + "count": 46, + "completed_count": 9 + }, + "weight": null, + "blocking_issues_count": 0, + "has_tasks": true, + "task_status": "9 of 46 tasks completed", + "_links": { + "self": "www.google.com", + "notes": "www.google.com", + "award_emoji": "www.google.com", + "project": "www.google.com" + }, + "references": { + "short": "#1", + "relative": "#1", + "full": "wow" + }, + "moved_to_id": null, + "service_desk_reply_to": null, + "epic_iid": null, + "epic": null, + "health_status": null + } + ], + "expected_prefix": "GitLab.Issue", + "expected_url_mock_suffix": "projects/1/issues", + "expected_key_field": ["iid", "project_id"], + "args": { + "project_id": 1, + "labels": "a,b,c", + "state": "opened", + "assignee_username": "wow", + "in": "title" + } + }, + "create-issue": { + "mock_response": { + "id": 40572, + "iid": 1, + "project_id": 7959, + "title": "wow", + "description": "wow", + "state": "opened", + "created_at": "2021-07-15T16:25:57.419Z", + "updated_at": "2021-08-18T09:17:02.093Z", + "closed_at": null, + "closed_by": null, + "labels": [ + "a", + "b", + "c", + "d" + ], + "milestone": null, + "assignees": [ + { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + } + ], + "author": { + "id": 7127, + "name": "wow", + "username": "wpw", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignee": { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "user_notes_count": 3, + "merge_requests_count": 0, + "upvotes": 0, + "downvotes": 0, + "due_date": null, + "confidential": false, + "discussion_locked": null, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "task_completion_status": { + "count": 46, + "completed_count": 9 + }, + "weight": null, + "blocking_issues_count": 0, + "has_tasks": true, + "task_status": "9 of 46 tasks completed", + "_links": { + "self": "www.google.com", + "notes": "www.google.com", + "award_emoji": "www.google.com", + "project": "www.google.com" + }, + "references": { + "short": "#1", + "relative": "#1", + "full": "wow" + }, + "moved_to_id": null, + "service_desk_reply_to": null, + "epic_iid": null, + "epic": null, + "health_status": null }, - "commit": { - "id": "sdm45mk43214ask4la43kj12l3kj", - "short_id": "sd45123", - "created_at": "2021-06-14T18:57:03.000+03:00", - "parent_ids": [ - "as41p24aslkjrsklas412234jkas" - ], - "title": "Update Issue 1", - "message": "Updated issue 1 by user", - "author_name": "bot", - "author_email": "bot@gmail.com", - "authored_date": "2021-06-14T18:57:03.000+03:00", - "committer_name": "GitHub", - "committer_email": "noreply@github.com", - "committed_date": "2021-06-14T18:57:03.000+03:00", - "web_url": "https://server_url/-/commit/sdm45mk43214ask4la43kj12l3kj" + "expected_outputs": { + "id": 40572, + "iid": 1, + "project_id": 7959, + "title": "wow", + "description": "wow", + "state": "opened", + "created_at": "2021-07-15T16:25:57.419Z", + "updated_at": "2021-08-18T09:17:02.093Z", + "closed_at": null, + "closed_by": null, + "labels": [ + "a", + "b", + "c", + "d" + ], + "milestone": null, + "assignees": [ + { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + } + ], + "author": { + "id": 7127, + "name": "wow", + "username": "wpw", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignee": { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "user_notes_count": 3, + "merge_requests_count": 0, + "upvotes": 0, + "downvotes": 0, + "due_date": null, + "confidential": false, + "discussion_locked": null, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "task_completion_status": { + "count": 46, + "completed_count": 9 + }, + "weight": null, + "blocking_issues_count": 0, + "has_tasks": true, + "task_status": "9 of 46 tasks completed", + "_links": { + "self": "www.google.com", + "notes": "www.google.com", + "award_emoji": "www.google.com", + "project": "www.google.com" + }, + "references": { + "short": "#1", + "relative": "#1", + "full": "wow" + }, + "moved_to_id": null, + "service_desk_reply_to": null, + "epic_iid": null, + "epic": null, + "health_status": null }, - "pipeline": { - "id": 12, - "project_id": 4, - "sha": "as5235knlsadjr5lsdk45jl1k2j3lsdr", - "ref": "master", - "status": "failed", - "created_at": "2021-06-15T00:05:09.041Z", - "updated_at": "2021-06-15T01:44:17.793Z", - "web_url": "https://server_url/-/pipelines/12" + "expected_prefix": "GitLab.Issue", + "expected_url_mock_suffix": "projects/1/issues", + "expected_key_field": ["iid", "project_id"], + "args": { + "project_id": 1, + "title": "wow", + "description": "wow" }, - "web_url": "https://server_url/-/jobs/31", - "artifacts_file": { - "filename": "artifacts.zip", - "size": 136861712 + "method": "POST" +}, + "get-raw-file": { + "mock_response": "OMG", + "expected_outputs": { + "path": "wow", + "ref": "master", + "content": "OMG" }, - "artifacts": [ - { - "file_type": "archive", - "size": 136861712, - "filename": "artifacts.zip", - "file_format": "zip" - }, - { - "file_type": "metadata", - "size": 1138, - "filename": "metadata.gz", - "file_format": "gzip" - }, - { - "file_type": "trace", - "size": 26318, - "filename": "job.log", - "file_format": null - } - ], - "artifacts_expire_at": "2021-07-15T01:44:11.659Z", - "tag_list": [] - } - ], - "expected_outputs": [ - { - "id": 31, - "stage": "run-instances", - "name": "server_master", - "ref": "master", - "created_at": "2021-06-15T00:05:09.139Z", - "started_at": "2021-06-15T00:35:52.125Z", - "finished_at": "2021-06-15T01:44:16.559Z", - "duration": 4104.433651, - "pipeline": { - "id": 12, - "project_id": 4, - "sha": "as5235knlsadjr5lsdk45jl1k2j3lsdr", - "ref": "master", - "status": "failed", - "created_at": "2021-06-15T00:05:09.041Z", - "updated_at": "2021-06-15T01:44:17.793Z", - "web_url": "https://server_url/-/pipelines/12" + "expected_prefix": "GitLab.File", + "expected_url_mock_suffix": "projects/1/repository/files/wow/raw", + "expected_key_field": ["path", "ref"], + "args": { + "project_id": 1, + "file_path": "wow", + "ref": "master" }, - "web_url": "https://server_url/-/jobs/31" - } - ], - "expected_prefix": "GitLab.Job", - "expected_url_mock_suffix": "projects/4/pipelines/12/jobs", - "expected_key_field": "id", - "args": { - "project_id": "4", - "pipeline_id": "12" - } - }, - "artifact-get": { - "mock_response": "Failed Unit Test", - "expected_outputs": { - "job_id": "32", - "artifact_path_suffix": "artifacts/failed_tests.txt", - "artifact_data": "\"Failed Unit Test\"" + "method": "GET" +}, + "edit-issue": { + "mock_response": { + "id": 40572, + "iid": 1, + "project_id": 7959, + "title": "wow", + "description": "wow", + "state": "opened", + "created_at": "2021-07-15T16:25:57.419Z", + "updated_at": "2021-08-18T09:17:02.093Z", + "closed_at": null, + "closed_by": null, + "labels": [ + "a", + "b", + "c", + "d" + ], + "milestone": null, + "assignees": [ + { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + } + ], + "author": { + "id": 7127, + "name": "wow", + "username": "wpw", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignee": { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "user_notes_count": 3, + "merge_requests_count": 0, + "upvotes": 0, + "downvotes": 0, + "due_date": null, + "confidential": false, + "discussion_locked": null, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "task_completion_status": { + "count": 46, + "completed_count": 9 + }, + "weight": null, + "blocking_issues_count": 0, + "has_tasks": true, + "task_status": "9 of 46 tasks completed", + "_links": { + "self": "www.google.com", + "notes": "www.google.com", + "award_emoji": "www.google.com", + "project": "www.google.com" + }, + "references": { + "short": "#1", + "relative": "#1", + "full": "wow" + }, + "moved_to_id": null, + "service_desk_reply_to": null, + "epic_iid": null, + "epic": null, + "health_status": null + }, + "expected_outputs": { + "id": 40572, + "iid": 1, + "project_id": 7959, + "title": "wow", + "description": "wow", + "state": "opened", + "created_at": "2021-07-15T16:25:57.419Z", + "updated_at": "2021-08-18T09:17:02.093Z", + "closed_at": null, + "closed_by": null, + "labels": [ + "a", + "b", + "c", + "d" + ], + "milestone": null, + "assignees": [ + { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + } + ], + "author": { + "id": 7127, + "name": "wow", + "username": "wpw", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "assignee": { + "id": 9831, + "name": "wow", + "username": "wow", + "state": "active", + "avatar_url": "www.google.com", + "web_url": "www.google.com" + }, + "user_notes_count": 3, + "merge_requests_count": 0, + "upvotes": 0, + "downvotes": 0, + "due_date": null, + "confidential": false, + "discussion_locked": null, + "web_url": "www.google.com", + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "task_completion_status": { + "count": 46, + "completed_count": 9 + }, + "weight": null, + "blocking_issues_count": 0, + "has_tasks": true, + "task_status": "9 of 46 tasks completed", + "_links": { + "self": "www.google.com", + "notes": "www.google.com", + "award_emoji": "www.google.com", + "project": "www.google.com" + }, + "references": { + "short": "#1", + "relative": "#1", + "full": "wow" + }, + "moved_to_id": null, + "service_desk_reply_to": null, + "epic_iid": null, + "epic": null, + "health_status": null + }, + "expected_prefix": "GitLab.Issue", + "expected_url_mock_suffix": "projects/1/issues/2", + "expected_key_field": ["iid", "project_id"], + "args": { + "project_id": 1, + "issue_id": 2, + "add_labels": "d", + "remove_labels": "e", + "description": "wow" + }, + "method": "PUT" }, - "expected_prefix": "GitLab.Artifact", - "expected_url_mock_suffix": "projects/45/jobs/32/artifacts/artifacts/failed_tests.txt", - "expected_key_field": [ - "job_id", - "artifact_path_suffix" - ], - "args": { - "project_id": "45", - "job_id": "32", - "artifact_path_suffix": "artifacts/failed_tests.txt" + "group-projects-list": { + "mock_response": { + "id": 7988, + "description": "", + "name": "wow", + "name_with_namespace": "a / b / c / wow", + "path": "wow", + "path_with_namespace": "x/a/b/c/wow", + "created_at": "2021-07-15T17:53:45.964Z", + "default_branch": "development", + "tag_list": [], + "ssh_url_to_repo": "wow", + "http_url_to_repo": "www.google.com", + "web_url": "www.google.com", + "readme_url": "www.google.com", + "avatar_url": null, + "forks_count": 0, + "star_count": 0, + "last_activity_at": "2021-08-12T03:05:08.722Z", + "namespace": { + "id": 10665, + "name": "wow", + "path": "wow", + "kind": "group", + "full_path": "a/b/c", + "parent_id": 10664, + "avatar_url": null, + "web_url": "www.google.com" + }, + "container_registry_image_prefix": "www.google.com", + "_links": { + "self": "www.google.com", + "issues": "www.google.com", + "merge_requests": "www.google.com", + "repo_branches": "www.google.com", + "labels": "www.google.com", + "events": "www.google.com", + "members": "www.google.com" + }, + "packages_enabled": false, + "empty_repo": false, + "archived": false, + "visibility": "public", + "resolve_outdated_diff_discussions": false, + "container_registry_enabled": false, + "container_expiration_policy": { + "cadence": "1d", + "enabled": false, + "keep_n": 10, + "older_than": "90d", + "name_regex": ".*", + "name_regex_keep": null, + "next_run_at": "2021-07-16T17:53:46.012Z" + }, + "issues_enabled": true, + "merge_requests_enabled": true, + "wiki_enabled": false, + "jobs_enabled": true, + "snippets_enabled": false, + "service_desk_enabled": false, + "service_desk_address": null, + "can_create_merge_request_in": false, + "issues_access_level": "enabled", + "repository_access_level": "enabled", + "merge_requests_access_level": "enabled", + "forking_access_level": "enabled", + "wiki_access_level": "disabled", + "builds_access_level": "enabled", + "snippets_access_level": "disabled", + "pages_access_level": "enabled", + "operations_access_level": "enabled", + "analytics_access_level": "enabled", + "emails_disabled": false, + "shared_runners_enabled": true, + "lfs_enabled": false, + "creator_id": 7127, + "import_status": "finished", + "open_issues_count": 1, + "ci_default_git_depth": 50, + "ci_forward_deployment_enabled": true, + "public_jobs": true, + "build_timeout": 3600, + "auto_cancel_pending_pipelines": "enabled", + "build_coverage_regex": null, + "ci_config_path": "wow", + "shared_with_groups": [], + "only_allow_merge_if_pipeline_succeeds": false, + "allow_merge_on_skipped_pipeline": false, + "restrict_user_defined_variables": true, + "request_access_enabled": true, + "only_allow_merge_if_all_discussions_are_resolved": true, + "remove_source_branch_after_merge": true, + "printing_merge_request_link_enabled": true, + "merge_method": "merge", + "suggestion_commit_message": "", + "auto_devops_enabled": false, + "auto_devops_deploy_strategy": "continuous", + "autoclose_referenced_issues": true, + "approvals_before_merge": 0, + "mirror": false, + "external_authorization_classification_label": null, + "marked_for_deletion_at": null, + "marked_for_deletion_on": null, + "requirements_enabled": true, + "security_and_compliance_enabled": null, + "compliance_frameworks": [], + "issues_template": "", + "merge_requests_template": "" + }, + "expected_outputs": { + "id": 7988, + "description": "", + "name": "wow", + "name_with_namespace": "a / b / c / wow", + "path": "wow", + "path_with_namespace": "x/a/b/c/wow", + "created_at": "2021-07-15T17:53:45.964Z", + "default_branch": "development", + "tag_list": [], + "ssh_url_to_repo": "wow", + "http_url_to_repo": "www.google.com", + "web_url": "www.google.com", + "readme_url": "www.google.com", + "avatar_url": null, + "forks_count": 0, + "star_count": 0, + "last_activity_at": "2021-08-12T03:05:08.722Z", + "namespace": { + "id": 10665, + "name": "wow", + "path": "wow", + "kind": "group", + "full_path": "a/b/c", + "parent_id": 10664, + "avatar_url": null, + "web_url": "www.google.com" + }, + "container_registry_image_prefix": "www.google.com", + "_links": { + "self": "www.google.com", + "issues": "www.google.com", + "merge_requests": "www.google.com", + "repo_branches": "www.google.com", + "labels": "www.google.com", + "events": "www.google.com", + "members": "www.google.com" + }, + "packages_enabled": false, + "empty_repo": false, + "archived": false, + "visibility": "public", + "resolve_outdated_diff_discussions": false, + "container_registry_enabled": false, + "container_expiration_policy": { + "cadence": "1d", + "enabled": false, + "keep_n": 10, + "older_than": "90d", + "name_regex": ".*", + "name_regex_keep": null, + "next_run_at": "2021-07-16T17:53:46.012Z" + }, + "issues_enabled": true, + "merge_requests_enabled": true, + "wiki_enabled": false, + "jobs_enabled": true, + "snippets_enabled": false, + "service_desk_enabled": false, + "service_desk_address": null, + "can_create_merge_request_in": false, + "issues_access_level": "enabled", + "repository_access_level": "enabled", + "merge_requests_access_level": "enabled", + "forking_access_level": "enabled", + "wiki_access_level": "disabled", + "builds_access_level": "enabled", + "snippets_access_level": "disabled", + "pages_access_level": "enabled", + "operations_access_level": "enabled", + "analytics_access_level": "enabled", + "emails_disabled": false, + "shared_runners_enabled": true, + "lfs_enabled": false, + "creator_id": 7127, + "import_status": "finished", + "open_issues_count": 1, + "ci_default_git_depth": 50, + "ci_forward_deployment_enabled": true, + "public_jobs": true, + "build_timeout": 3600, + "auto_cancel_pending_pipelines": "enabled", + "build_coverage_regex": null, + "ci_config_path": "wow", + "shared_with_groups": [], + "only_allow_merge_if_pipeline_succeeds": false, + "allow_merge_on_skipped_pipeline": false, + "restrict_user_defined_variables": true, + "request_access_enabled": true, + "only_allow_merge_if_all_discussions_are_resolved": true, + "remove_source_branch_after_merge": true, + "printing_merge_request_link_enabled": true, + "merge_method": "merge", + "suggestion_commit_message": "", + "auto_devops_enabled": false, + "auto_devops_deploy_strategy": "continuous", + "autoclose_referenced_issues": true, + "approvals_before_merge": 0, + "mirror": false, + "external_authorization_classification_label": null, + "marked_for_deletion_at": null, + "marked_for_deletion_on": null, + "requirements_enabled": true, + "security_and_compliance_enabled": null, + "compliance_frameworks": [], + "issues_template": "", + "merge_requests_template": "" + }, + "expected_prefix": "GitLab.Project", + "expected_url_mock_suffix": "groups/1/projects", + "expected_key_field": ["path_with_namespace", "id"], + "args": { + "group_id": 1 + }, + "method": "GET" } - } } \ No newline at end of file diff --git a/Packs/DevSecOps/ReleaseNotes/1_0_2.md b/Packs/DevSecOps/ReleaseNotes/1_0_2.md new file mode 100644 index 000000000000..635476cf16d5 --- /dev/null +++ b/Packs/DevSecOps/ReleaseNotes/1_0_2.md @@ -0,0 +1,12 @@ + +#### Integrations +##### GitLab +- Added the following commands: + - ***gitlab-merge-requests-list*** + - ***gitlab-merge-request-get*** + - ***gitlab-issues-list*** + - ***gitlab-issue-create*** + - ***gitlab-issue-edit*** + - ***gitlab-group-projects-list*** + - ***gitlab-raw-file-get*** +- Upgraded the Docker image to demisto/python3:3.9.6.24019 \ No newline at end of file diff --git a/Packs/DevSecOps/pack_metadata.json b/Packs/DevSecOps/pack_metadata.json index b253f3e4db5d..8ed71e0f4472 100644 --- a/Packs/DevSecOps/pack_metadata.json +++ b/Packs/DevSecOps/pack_metadata.json @@ -2,7 +2,7 @@ "name": "DevSecOps", "description": "DevSecOps CI/CD Orchestration Integration Pack.", "support": "community", - "currentVersion": "1.0.1", + "currentVersion": "1.0.2", "author": "Ayman Mahmoud", "githubUser": [ "ayman-m" From 6a599a87f22c5935337ae7e276bac59620d82a52 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 16:49:38 +0300 Subject: [PATCH 094/173] Added pack adoption notice. (#14613) * Added pack adoption notice. (#14612) * Added pack adoption notice. * Apply suggestions from code review Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> * update RN Co-authored-by: Kaushal Shah Co-authored-by: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> Co-authored-by: abaumgarten --- Packs/SophosCentral/README.md | 4 +++- Packs/SophosCentral/ReleaseNotes/1_0_6.md | 1 + Packs/SophosCentral/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/SophosCentral/ReleaseNotes/1_0_6.md diff --git a/Packs/SophosCentral/README.md b/Packs/SophosCentral/README.md index c8b885dee3e8..46059b2b032a 100644 --- a/Packs/SophosCentral/README.md +++ b/Packs/SophosCentral/README.md @@ -1 +1,3 @@ -# content-sophos-central \ No newline at end of file +# content-sophos-central + +Note: Support for this pack will be moving to the partner around November 29, 2021. \ No newline at end of file diff --git a/Packs/SophosCentral/ReleaseNotes/1_0_6.md b/Packs/SophosCentral/ReleaseNotes/1_0_6.md new file mode 100644 index 000000000000..a370f2a1e3cc --- /dev/null +++ b/Packs/SophosCentral/ReleaseNotes/1_0_6.md @@ -0,0 +1 @@ +Note: Support for this pack will be moving to the partner around November 29, 2021. \ No newline at end of file diff --git a/Packs/SophosCentral/pack_metadata.json b/Packs/SophosCentral/pack_metadata.json index 65671441d84a..54847db47785 100644 --- a/Packs/SophosCentral/pack_metadata.json +++ b/Packs/SophosCentral/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Sophos Central", "description": "The unified console for managing Sophos products", "support": "xsoar", - "currentVersion": "1.0.5", + "currentVersion": "1.0.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 2b2f3b0395d7ad05b346e882d43c332215d35055 Mon Sep 17 00:00:00 2001 From: MosheGalitzky <57589449+moishce@users.noreply.github.com> Date: Tue, 31 Aug 2021 17:03:03 +0300 Subject: [PATCH 095/173] GetIndicatorDBotScoreFromCache - handle KeyError (#14531) * - Fixed an issue where the reliability of the indicator was not defined. * Updated the Docker image * added test playbook which reproduces the issue * fixed test playbook * fixed * update rn * update version * update docker * resolved conflicts * added to conf.json --- Packs/CommonScripts/ReleaseNotes/1_4_29.md | 4 + .../GetIndicatorDBotScoreFromCache.py | 4 +- .../GetIndicatorDBotScoreFromCache.yml | 4 +- .../GetIndicatorDBotScoreFromCache-Test.yml | 109 ++++++++++++++++++ Packs/CommonScripts/pack_metadata.json | 2 +- Tests/conf.json | 4 + 6 files changed, 122 insertions(+), 5 deletions(-) create mode 100644 Packs/CommonScripts/ReleaseNotes/1_4_29.md create mode 100644 Packs/CommonScripts/TestPlaybooks/GetIndicatorDBotScoreFromCache-Test.yml diff --git a/Packs/CommonScripts/ReleaseNotes/1_4_29.md b/Packs/CommonScripts/ReleaseNotes/1_4_29.md new file mode 100644 index 000000000000..729f44b937ae --- /dev/null +++ b/Packs/CommonScripts/ReleaseNotes/1_4_29.md @@ -0,0 +1,4 @@ +#### Scripts +##### GetIndicatorDBotScoreFromCache +- Fixed an issue where the automation script failed to run on indicators with a verdict of *Unknown*. +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. \ No newline at end of file diff --git a/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.py b/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.py index de93207a4599..7632d6088e90 100644 --- a/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.py +++ b/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.py @@ -11,9 +11,9 @@ def main(): data = res[0]["Contents"][0] score = data["score"] vendor = "XSOAR" - reliability = data["aggregatedReliability"] + reliability = data.get("aggregatedReliability") indicatorType = data["indicator_type"] - expirationStatus = False if data["expirationStatus"] == "active" else True + expirationStatus = False if data.get("expirationStatus") == "active" else True dbotscore = { "Indicator": value, diff --git a/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.yml b/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.yml index 435ca6fb1d52..7a705ad6d11b 100644 --- a/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.yml +++ b/Packs/CommonScripts/Scripts/GetIndicatorDBotScoreFromCache/GetIndicatorDBotScoreFromCache.yml @@ -6,7 +6,7 @@ comment: Get the overall score for the indicator as calculated by DBot. commonfields: id: GetIndicatorDBotScoreFromCache version: -1 -dockerimage: demisto/python3:3.9.5.20070 +dockerimage: demisto/python3:3.9.6.24019 enabled: true name: GetIndicatorDBotScoreFromCache runas: DBotWeakRole @@ -18,4 +18,4 @@ tags: [] type: python fromversion: 6.0.0 tests: -- No tests (auto formatted) +- GetIndicatorDBotScoreFromCache-Test diff --git a/Packs/CommonScripts/TestPlaybooks/GetIndicatorDBotScoreFromCache-Test.yml b/Packs/CommonScripts/TestPlaybooks/GetIndicatorDBotScoreFromCache-Test.yml new file mode 100644 index 000000000000..17495f735296 --- /dev/null +++ b/Packs/CommonScripts/TestPlaybooks/GetIndicatorDBotScoreFromCache-Test.yml @@ -0,0 +1,109 @@ +id: GetIndicatorDBotScoreFromCache-Test +version: -1 +name: GetIndicatorDBotScoreFromCache-Test +starttaskid: "0" +tasks: + "0": + id: "0" + taskid: 727c9873-7ea9-4910-84b7-02be828739c0 + type: start + task: + id: 727c9873-7ea9-4910-84b7-02be828739c0 + version: -1 + name: "" + iscommand: false + brand: "" + description: '' + nexttasks: + '#none#': + - "1" + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 50 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "1": + id: "1" + taskid: b7324baf-0672-487f-8bb0-a69fcfb04275 + type: regular + task: + id: b7324baf-0672-487f-8bb0-a69fcfb04275 + version: -1 + name: createNewIndicator + description: Change the properties of an indicator + script: Builtin|||createNewIndicator + type: regular + iscommand: true + brand: Builtin + nexttasks: + '#none#': + - "2" + scriptarguments: + value: + simple: GetIndicatorDBotScoreFromCache-Test.com + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 230 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 + "2": + id: "2" + taskid: 43717923-93a2-4528-82a4-3b67b33d6fc0 + type: regular + task: + id: 43717923-93a2-4528-82a4-3b67b33d6fc0 + version: -1 + name: GetIndicatorDBotScoreFromCache + description: Get the overall score for the indicator as calculated by DBot. + scriptName: GetIndicatorDBotScoreFromCache + type: regular + iscommand: false + brand: "" + scriptarguments: + value: + simple: GetIndicatorDBotScoreFromCache-Test.com + separatecontext: false + view: |- + { + "position": { + "x": 450, + "y": 410 + } + } + note: false + timertriggers: [] + ignoreworker: false + skipunavailable: false + quietmode: 0 +view: |- + { + "linkLabelsPosition": {}, + "paper": { + "dimensions": { + "height": 455, + "width": 380, + "x": 450, + "y": 50 + } + } + } +inputs: [] +outputs: [] +fromversion: 6.0.0 +description: '' diff --git a/Packs/CommonScripts/pack_metadata.json b/Packs/CommonScripts/pack_metadata.json index f3bf015b6a74..4a8a32040661 100644 --- a/Packs/CommonScripts/pack_metadata.json +++ b/Packs/CommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Scripts", "description": "Frequently used scripts pack.", "support": "xsoar", - "currentVersion": "1.4.28", + "currentVersion": "1.4.29", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index e06d089afb6b..0f5688727db3 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -2145,6 +2145,10 @@ "playbookID": "PowerShellCommon-Test", "fromversion": "5.5.0" }, + { + "playbookID": "GetIndicatorDBotScoreFromCache-Test", + "fromversion": "6.0.0" + }, { "playbookID": "Detonate URL - Generic Test", "timeout": 2000, From 24594eec8d3d2c74a1c51cdf3395ad607439a5fd Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Tue, 31 Aug 2021 17:31:12 +0300 Subject: [PATCH 096/173] TwitterSOARx Integration Addition (#14591) * TwitterSOARx Integration Addition (#13994) * Create README.md * Create pack-ignore * Rename pack-ignore to .pack-ignore * Add files via upload * Create .secrets-ignore * Add files via upload * Add files via upload * Add files via upload * Create TwitterSOARx_description.md * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Create delete * Add files via upload * Create delete * Delete delete * Delete delete * Update TwitterSOARx.yml Modified docker image now that the tweepy image has been uploaded * Rename TwitterSOARx.yml to integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update TwitterSOARx.py * Update integration-TwitterSOARx.yml * Update Packs/TwitterSOARx/Integrations/integration-TwitterSOARx.yml * Update Packs/TwitterSOARx/Integrations/integration-TwitterSOARx.yml * rm integration- prefix * mv py to dir * mv yml to dir * mv desc to dir * Rename Packs/TwitterSOARx/Integrations/command_examples.txt to Packs/TwitterSOARx/Integrations/Twitter/command_examples.txt * Update Packs/TwitterSOARx/pack_metadata.json * rm title from readme * import csp * handle E0211 and E0213 * Update Twitter.py Removed print statement * Update Twitter.yml * Delete LICENSE Deleted LICENSE file, as per requested by Itay4 * Update Twitter.py * Update Twitter.py * Delete TwitterSOARx_image.png * Add files via upload * Update README.md * Update Twitter.py Added test module, made a couple resolutions to flake errors * Update Twitter.py * Delete TwitterSOARx Testing Documentation.docx * Delete TwitterSOARx Design Document.docx * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py modified test results * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * Update Twitter.py * init client * rm `BaseClient` heritage and `self` from command calls * ignore attr-defined on urllib.parse.quote * rm title from detailed desc * add integration readme * clean pack readme Co-authored-by: Itay Keren * rename pack dir name Co-authored-by: Christian Brake <85197027+cbrake1@users.noreply.github.com> Co-authored-by: Itay Keren Co-authored-by: ikeren --- Packs/Twitter/.pack-ignore | 1 + Packs/Twitter/.secrets-ignore | 1 + Packs/Twitter/Integrations/Twitter/README.md | 92 +++++++ Packs/Twitter/Integrations/Twitter/Twitter.py | 236 ++++++++++++++++++ .../Twitter/Integrations/Twitter/Twitter.yml | 96 +++++++ .../Twitter/Twitter_description.md | 4 + .../Integrations/Twitter/Twitter_image.png | Bin 0 -> 7829 bytes .../Integrations/Twitter/command_examples.txt | 20 ++ Packs/Twitter/README.md | 4 + .../playbook-Remove_Excluded_Accounts.yml | 141 +++++++++++ Packs/Twitter/pack_metadata.json | 18 ++ 11 files changed, 613 insertions(+) create mode 100644 Packs/Twitter/.pack-ignore create mode 100644 Packs/Twitter/.secrets-ignore create mode 100644 Packs/Twitter/Integrations/Twitter/README.md create mode 100644 Packs/Twitter/Integrations/Twitter/Twitter.py create mode 100644 Packs/Twitter/Integrations/Twitter/Twitter.yml create mode 100644 Packs/Twitter/Integrations/Twitter/Twitter_description.md create mode 100644 Packs/Twitter/Integrations/Twitter/Twitter_image.png create mode 100644 Packs/Twitter/Integrations/Twitter/command_examples.txt create mode 100644 Packs/Twitter/README.md create mode 100644 Packs/Twitter/TestPlaybooks/playbook-Remove_Excluded_Accounts.yml create mode 100644 Packs/Twitter/pack_metadata.json diff --git a/Packs/Twitter/.pack-ignore b/Packs/Twitter/.pack-ignore new file mode 100644 index 000000000000..8b137891791f --- /dev/null +++ b/Packs/Twitter/.pack-ignore @@ -0,0 +1 @@ + diff --git a/Packs/Twitter/.secrets-ignore b/Packs/Twitter/.secrets-ignore new file mode 100644 index 000000000000..8b137891791f --- /dev/null +++ b/Packs/Twitter/.secrets-ignore @@ -0,0 +1 @@ + diff --git a/Packs/Twitter/Integrations/Twitter/README.md b/Packs/Twitter/Integrations/Twitter/README.md new file mode 100644 index 000000000000..1df22dcb6ac9 --- /dev/null +++ b/Packs/Twitter/Integrations/Twitter/README.md @@ -0,0 +1,92 @@ +## Definitions +Entities: Provide metadata about context posted on Twitter. Examples of entities include hashtags, user mentions, links, stock images, symbols, polls, and attached media. + +Relevant Result - A result that may be of interest to the person conducting the search; Any result that appears within the first 30 results of the customized search + +Non-Relevant Result - Any result that is does not classify as a Relevant-Result + +Public Account - A Twitter account that anyone can view. All of the information shared by the account is viewable by the general public. + +Public Metrics - Public information about the account. Includes Followers Count, Following Count, Listed Count, and Tweet count. + +Private Account - A Twitter account that only an approved list of people can view. All of the information shared by the account is viewable by only those who have sent requests to follow the private account and the owner of the account has accepted the request + +# Requirements +## Authentication +Twitter requires authentication for most of its endpoints. There are 5 main credentials within Twitter’s Authentication: + +API Key - Like a username, this allows you to make a request on behalf of your app when combined with API Key Secret. +API Key Secret - Like a password, this allows you to make a request on behalf of your app when combined with API Key. +Access Token - This token allows you to make a request on behalf of the Twitter account that owns the App when combined with the Access token secret. +Access Token Secret - This token allows you to make a request on behalf of the Twitter account that owns the App when combined with the Access token. +Bearer Token - A credential used to allow the app to authenticate requests that do not require the API Keys or Access tokens. + +Clients will need to provide their own API Key, API Key Secret, Access token, Access Token Secret, and Bearer Token. Since Twitter has a request limit, the customer will need to use their own keys. This allows each user to have their own rate limit rather than the community sharing a rate limit. In cases where API keys are not needed, just the Bearer Token will suffice. Tweepy has a built-in OAuth handler; and Twitter uses OAuth to authenticate its users. By storing the user’s API Key, API Secret Key, Access token, and Access Token Secret in an integration parameter and passing them to Tweepy’s OAuth Handler, the user’s requests can get authenticated automatically. The stored keys/tokens will be encrypted to protect the confidentiality of the user’s information. After installing the integration, the user can navigate to Settings > Integrations > Twitter Integration > Add Instance, and enter their keys/tokens in the corresponding text boxes under the “Instance Settings” tab on the left of the window. + +Clients can apply for a Twitter Developer Account to obtain these credentials here: https://developer.twitter.com/en/apply-for-access + +# Commands: + +## twitter-get-users +This command executes a search for users given a specified query. It will then return the results of the search in markdown format in the war room. This command uses Tweepy’s API to authenticate using OAuth 1.0 and then to perform the search function. + +## Arguments: + +### name **Required** +The name of accounts to search; Twitter will return accounts with similar names to the one enetered in this argument +### page +The search page to retrieve results from +### count +The maximum number of potential users to retrieve per page. The maximum value is 20. The default value is 15. +### include_entities +The entities node will not be displayed when set to false. The default value is false. + +Underlying design: +Makes an API call to Twitter API v1.1 GET users/search, which provides relevance-based search results of public user accounts. This search is performed through Tweepy using the api call API.search_users. The results are returned in JSON format. The JSON results will then be neatly displayed in the War Room in Markdown format. + +## Example +!twitter-get-users name=”Palo Alto Networks” page=”1” count=”5” include_entities=”True” +Returns user accounts with names matching or similar to “Palo Alto Networks” located on page 1 of Twitter’s search results, and a maximum of 5 accounts will be displayed. + +### twitter-get-user-info +This command returns detailed account information about specified accounts. + +## Arguments: + +### usernnames **Required** +The username of a given account to search for additional information. + +Underlying design: +Makes an API call to Twitter API v2 GET /2/users/ which provides information about a specified user. The information provided includes the user’s description, entities, date of creation, id, location, name, pinned tweet id, profile image url, protected status, public metrics, url, username, and verified status. + +## Example +!twitter-get-user-info usernames=”PaloAltoNtwks” +Returns the description, entities, date of creation, id, location, name, pinned tweet id, profile image url, protected status, public metrics, url, username, and verified status of the account whose username is “PaloAltoNtwks”. + +## twitter-get-tweets +This command executes a search for tweets given a specified query. It will then return the results of the search in markdown format in the war room. + +## Arguments: +### q **Required** +The tweet content to search; Twitter will return tweets containing strings matching or similar to the one entered in this argument. +### geocode +Returns tweets by users located within a specified radius of a specified latitude/longitude. +### lang +Only displays tweets of the specified language, given in ISO 639-1 code. +### result_type +Specifies which type of search results the user would like to display. Recent: Returns only the most recent results. Popular: Returns only the most popular results Mixed: Returns a mix of both recent and popular results. +### count +The number of tweets to return per page. Max: 100 +### include_entities +The entities node will not be displayed when set to false. The default value is true. +### from_user +The name of the user to search tweets by. All tweets returned will only have been made from the specified account. +### to_user +The name of the user to search replies by. All tweets returned will only have been made in reply to the specified account. + +Underlying design: +Makes an API call to Twitter API v1.1 search tweets, (https://api.twitter.com/1.1/search/tweets.json) which provides relevance-based search results of public tweets. The results are returned in JSON format. The JSON results will then be neatly displayed in the War Room in Markdown format. + +## Example +!twitter-get-tweets content=”xsoar” geocode=”28.738659 -111.193820 10mi” lang=”ru” result_type=”recent” count=”10” include_entities=”True” +Returns the 10 most recent tweets (in the russian language) containing the string “xsoar” that are located within 10 miles of 28.738659 -111.193820. diff --git a/Packs/Twitter/Integrations/Twitter/Twitter.py b/Packs/Twitter/Integrations/Twitter/Twitter.py new file mode 100644 index 000000000000..ee1dd9851e8d --- /dev/null +++ b/Packs/Twitter/Integrations/Twitter/Twitter.py @@ -0,0 +1,236 @@ +''' IMPORTS ''' +import demistomock as demisto +from CommonServerPython import * +from CommonServerUserPython import * +import tweepy +import urllib +import requests + + +class Client: + def auth(self): + auth = tweepy.OAuthHandler(demisto.params().get('apikey'), demisto.params().get('apikey_secret')) + auth.set_access_token(demisto.params().get('access_token'), demisto.params().get('access_token_secret')) + api = tweepy.API(auth) + return api + +# Build a search URL using the usernames argument and a preset list of all of the user fields of interest +# Link to Twitter reference under Apache 2.0: +# https://github.com/twitterdev/Twitter-API-v2-sample-code/blob/master/User-Lookup/get_users_with_bearer_token.py +# Changes made: changed function name to "create_users_info_url", added extra user fields and made user_fields a constant, +# usernames is no longer a static variable, removed the print statement from connect_to_endpoint + def create_users_info_url(self, usernames): + USER_FIELDS = "&user.fields=description,pinned_tweet_id,protected,\ + created_at,id,location,name,url,public_metrics,profile_image_url,username,verified,withheld" + TWITTER_APIV2_URL = "https://api.twitter.com/2/users/by?{}&{}" + url = TWITTER_APIV2_URL.format(usernames, USER_FIELDS) + return url + + def create_headers(self, bearer_token): + headers = {"Authorization": "Bearer {}".format(bearer_token)} + return headers + + def connect_to_endpoint(self, url, headers): + response = requests.request("GET", url, headers=headers) + if response.status_code != 200: + raise Exception( + "Request returned an error: {} {}".format( + response.status_code, response.text + ) + ) + return response.json() + + def get_tweets(self, q): + TWITTER_APIV1_TWEETS_URL = "https://api.twitter.com/1.1/search/tweets.json?q=" + search_url = TWITTER_APIV1_TWEETS_URL + q +# Query arguments are set to have no default value. If the user does not input a value, the integration will check for if +# a value for the argument exists and append it to the HTTP request if so. + if demisto.args().get('from_user'): + search_url += urllib.parse.quote(f" from:{demisto.args().get('from_user')}") # type: ignore[attr-defined] + if demisto.args().get('to_user'): + search_url += urllib.parse.quote(f" to:{demisto.args().get('to_user')}") # type: ignore[attr-defined] + if demisto.args().get('geocode'): + search_url += "&geocode=" + demisto.args().get('geocode') + geocode_check = demisto.args().get('geocode').split(',') + try: + float(geocode_check[0]) + float(geocode_check[1]) + float(geocode_check[2][:-2]) + except ValueError: + return_error('Incorrect geocode syntax. Geocode syntax is Lat,Long,RadiusUnits\ + - Where Units = mi or km. \nExample Syntax: 60,324321,-27.98789,400mi') + if geocode_check[2][-2:] != 'mi' and geocode_check[2][-2:] != 'km': + return_error('Incorrect geocode syntax. Geocode syntax is Lat,Long,RadiusUnits\ + - Where Units = mi or km. \nExample Syntax: 60,324321,-27.98789,400mi') + if demisto.args().get('lang'): + search_url += "&lang=" + demisto.args().get('lang') + SUPPORTED_LANGS = ['en', 'ar', 'bn', 'cs', 'da', 'de', 'el', 'es', 'fa', 'fi', 'fil', 'fr', + 'he', 'hi', 'hu', 'id', 'it', 'ja', 'ko', 'msa', 'nl', 'no', 'pl', 'pt', + 'ro', 'ru', 'sv', 'th', 'tr', 'uk', 'ur', 'vi', 'zh-cn', 'zh-tw'] + if demisto.args().get('lang') not in SUPPORTED_LANGS: + return_error('Language code is not supported. For a list of supported language codes, visit\ + https://developer.twitter.com/en/docs/twitter-for-websites/supported-languages') + if demisto.args().get('result_type'): + search_url += "&result_type=" + (demisto.args().get('result_type')).lower() + SUPPORTED_RESULT_TYPES = ['popular', 'recent', 'mixed'] + if demisto.args().get('result_type') not in SUPPORTED_RESULT_TYPES: + return_error("Entered result_type is not supported. Please use 'recent', 'popular', or 'mixed'.") + if demisto.args().get('count'): + try: + int(demisto.args().get('count')) + except ValueError: + return_error("Count must be an integer less than or equal to 100.") + if int(demisto.args().get('count')) < 100: + search_url += "&count=" + demisto.args().get('count') + else: + search_url += "&count=100" + search_url += "&tweet_mode=extended" + headers = Client.create_headers(self, demisto.params().get('bearer_token')) + json_response = Client.connect_to_endpoint(self, search_url, headers) + table = [] + + def get_entity(value, entity, subentity): + entity_list = [] + if value.get('entities').get(entity) != []: + for item in value.get('entities').get(entity): + entity_list.append(item[subentity]) + return entity_list + + for value in json_response.get('statuses'): + obj = { + 'Tweet Text': value.get('full_text'), + 'Post ID': value.get('id_str'), + 'User Full Name': value.get('user').get('name'), + 'Username': value.get('user').get('screen_name'), + 'Date of Creation': value.get('created_at'), + 'User Verified Status': value.get('user').get('verified'), + 'Post Retweet Count': value.get('retweet_count'), + 'Post Favorite Count': value.get('favorite_count') + } + if demisto.args().get('include_entities') == "True": + obj['Hashtags'] = get_entity(value, 'hashtags', 'text') + obj['User Mentions'] = get_entity(value, 'user_mentions', 'screen_name') + obj['Expanded URL'] = get_entity(value, 'urls', 'expanded_url') + obj['Media'] = get_entity(value, 'media', 'media_url_https') if 'media' in value.get('entities').keys() else None + table.append(obj) + if demisto.args().get('include_entities') == "True": + headers = ['Tweet Text', 'Post ID', 'User Full Name', 'Username', 'Date of Creation', 'User Verified Status', + 'Post Retweet Count', 'Post Favorite Count', 'Hashtags', 'User Mentions', 'Expanded URL', 'Media'] + else: + headers = ['Tweet Text', 'Post ID', 'User Full Name', 'Username', + 'Date of Creation', 'User Verified Status', 'Post Retweet Count', 'Post Favorite Count'] + name = "Twitter-get-tweets Search Results" + results_to_markdown(table, headers, name) + +# Documentation for the tweepy search_users api call: https://docs.tweepy.org/en/stable/api.html#API.search_users + + def get_users(self, name): + table = [] + try: + int(demisto.args().get('count')) + except ValueError: + return_error("Count must be an integer less than or equal to 20.") + try: + int(demisto.args().get('page')) + except ValueError: + return_error("Page must be an integer.") + for user in ((Client.auth(self).search_users(q=name, page=int(demisto.args().get('page')), + count=int(demisto.args().get('count')), include_entities=True))): + if 'url' in user.entities.keys(): + user_url = user.entities.get('url').get('urls')[0].get('expanded_url') + else: + user_url = None + obj = { + 'Username': user.screen_name, + 'User ID': user.id, + 'Follower Count': user.followers_count, + 'Verified Status': user.verified, + 'User URL': user_url + } + table.append(obj) + headers = ['Username', 'User ID', 'Follower Count', 'Verified Status', 'User URL'] + name = "Twitter-get-users Search Results" + results_to_markdown(table, headers, name) + +# Documentation on the user class used: https://developer.twitter.com/en/docs/twitter-api/data-dictionary/object-model/user + + def get_user_info(self, usernames): + url = Client.create_users_info_url(self, usernames) + headers = Client.create_headers(self, demisto.params().get('bearer_token')) + json_response = Client.connect_to_endpoint(self, url, headers) + table = [] + for value in json_response.get('data'): + obj = { + 'Name': value.get('name'), + 'Username': value.get('username'), + 'ID': value.get('id'), + 'Description': value.get('description'), + 'Verified': value.get('verified'), + 'Date of Creation': value.get('created_at'), + 'Follower Count': value.get('public_metrics').get('followers_count'), + 'Following Count': value.get('public_metrics').get('following_count'), + 'Listed Count': value.get('public_metrics').get('listed_count'), + 'Tweet Count': value.get('public_metrics').get('tweet_count'), + 'Location': value.get('location'), + 'Protected': value.get('protected'), + 'URL': value.get('url'), + 'Profile Image URL': value.get('profile_image_url') + } + table.append(obj) + headers = ['Name', 'Username', 'ID', 'Description', 'Verified', 'Date of Creation', + 'Follower Count', 'Following Count', 'Listed Count', 'Tweet Count', + 'Location', 'Protected', 'URL', 'Profile Image URL'] + name = "Twitter-get-user-info Search Results" + results_to_markdown(table, headers, name) + + +def results_to_markdown(table, headers, name): + markdown = tableToMarkdown(name, table, headers=headers) + results = CommandResults( + readable_output=markdown, + outputs_prefix='Twitter', + outputs_key_field="SearchResults", + outputs=table + ) + return_results(results) + + +def test_module(client): + """ + Returning 'ok' indicates that the integration works like it suppose to. Connection to the service is successful. + + Args: + client: HelloWorld client + + Returns: + 'ok' if test passed, anything else will fail the test + """ + + result = client.say_hello('DBot') + if 'Hello DBot' == result: + return 'ok' + else: + return 'Test failed because ......' + + +def main(): + client = Client() + if demisto.command() == 'test-module': + result = test_module(client) + return_results(result) + if demisto.command() == 'twitter-get-users': + name = demisto.args().get('name') + client.get_users(name) + if demisto.command() == 'twitter-get-user-info': + usernames = "usernames=" + demisto.args().get('usernames') + client.get_user_info(usernames) + if demisto.command() == 'twitter-get-tweets': + if demisto.args().get('q')[0] == '#': + q = urllib.parse.quote(' ') + demisto.args().get('q')[1:] # type: ignore[attr-defined] + else: + q = demisto.args().get('q') + client.get_tweets(q) + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/Twitter/Integrations/Twitter/Twitter.yml b/Packs/Twitter/Integrations/Twitter/Twitter.yml new file mode 100644 index 000000000000..15bcf69213f0 --- /dev/null +++ b/Packs/Twitter/Integrations/Twitter/Twitter.yml @@ -0,0 +1,96 @@ +commonfields: + id: Twitter + version: -1 +name: Twitter +display: Twitter +category: Utilities +description: 'The Twitter Integration allows users to parse Twitter for Users, + Tweets, and additional info about users. Perform enhanced searches with additional + search arguments. Search results are returned as a markdown table. ' +configuration: +- display: API Key + name: apikey + type: 4 + required: true +- display: API Key Secret + name: apikey_secret + type: 4 + required: true +- display: Access Token + name: access_token + type: 4 + required: true +- display: Access Token Secret + name: access_token_secret + type: 4 + required: true +- display: Bearer Token + name: bearer_token + type: 4 + required: true +script: + script: '-' + type: python + commands: + - name: twitter-get-users + arguments: + - name: name + required: true + description: The string to search for accounts with similar names + - name: count + description: 'Number of accounts to return. Note: The max is 20. Any number + greater than 20 will return 20 accounts.' + defaultValue: "15" + - name: page + description: Page to look for search results on + defaultValue: "1" + outputs: + - contextPath: TwitterSOARx + description: Results of the twitter-get-users command + type: string + description: Search for public users on Twitter + - name: twitter-get-user-info + arguments: + - name: usernames + description: 'The twitter usernames to search' + required: true + outputs: + - contextPath: TwitterSOARx + description: Results of the twitter-get-user-info command + type: string + description: 'Lookup users by name to display information about them. Search multiple + users simultaneously by separating them by commas. Ex: "name="user1,user2,user3"' + - name: twitter-get-tweets + arguments: + - name: q + required: true + description: The word or string of words to search for in tweets. + - name: result_type + description: Recent, Popular, Mixed + - name: geocode + description: 'GPS Coordinates: Latitude,Longitude,RadiusMi/KM. Ex: geocode="23.453987,-35.726374,100mi"' + - name: lang + description: 'The language code of tweets to search for. List of supported languages: https://developer.twitter.com/en/docs/twitter-for-websites/supported-languages' + - name: count + description: The number of tweets to return. The max is 100. Any number greater + than 100 will return 100. + - name: include_entities + description: Display entities (True/False), Defaults to True + defaultValue: "True" + - name: from_user + description: 'Search tweets from a given user. Ex: "from_user=PaloAltoNtwks" + returns only tweets from Palo Alto Networks' + - name: to_user + description: 'Search tweets to a given user. Ex: "to_user=PaloAltoNtwks" returns + only tweets in reply to Palo Alto Networks' + outputs: + - contextPath: TwitterSOARx + description: Results of the twitter-get-tweets command + type: string + description: Search for tweets on Twitter. + dockerimage: demisto/tweepy:1.0.0.23810 + runonce: false + subtype: python3 +fromversion: 6.0.0 +tests: +- No tests (auto formatted) diff --git a/Packs/Twitter/Integrations/Twitter/Twitter_description.md b/Packs/Twitter/Integrations/Twitter/Twitter_description.md new file mode 100644 index 000000000000..e178896856fd --- /dev/null +++ b/Packs/Twitter/Integrations/Twitter/Twitter_description.md @@ -0,0 +1,4 @@ +- You must create a developer account through Twitter to use this integratin (it's easy!) +- visit: https://developer.twitter.com/en/apply-for-access +- Once done, copy your consumer key & secret, access token & secret, and bearer token to the corresponding parameters in XSOAR +- You're ready to go! diff --git a/Packs/Twitter/Integrations/Twitter/Twitter_image.png b/Packs/Twitter/Integrations/Twitter/Twitter_image.png new file mode 100644 index 0000000000000000000000000000000000000000..d3f0bc1d15b995f3155ddedb1d0a788a7626b19a GIT binary patch literal 7829 zcma)hi9gie_rHA^+r-3R#xlKQ2+i1H$TEy|(pbwVnX!ZtvV`6tGh@w`XeLdJeT_1f zin5dN9*nXlBuf-ZD)OB^kKZ5gdpusRbD!tj=j)vNx{rI#>pt!)1?ONb29N`AadC;+ z+E_Yqaq)35uQMMn$1+~C@R-vGhuFA>adBxK`+IXom6}F!jOsY73&uJG3(f!f|8ub} zsImUW2zPRD=28RV%fH5(wX^24Lf*-!dvb9>_iQcAUBI#%?dfSgAKO&FelZ+(%iZBg zics+jmlGc}n0$7s)6pv3&cd(=c{kx3T(KZJLUSD>g05=UHt{-2HeDrHl#~!%5;~A^5j5vEbMut4Je@<}`9FzHyi%>a` zq?xgPDvnamy8Xi-drlE8^a2u9Ahm7^K~EHK-*PDZaaqWI&zk5^9VSB-+dW0=eI)=a z+nKv;ckteV8Wfkd+9qX2eRC+UGxCCqP~}8-j|O*QoBIZbbGXU3U-n|ZZ(3=2Qu^=Q zNRYLU&4fU%TKJSYUEX~u{&8Td4=AgqSJ63*t6>wxVDhEX<9k6uxvc`S<~|EJtZPOR zuCFdfRQYKLybRT6QL#{0a+Ge~*3TZm)m&m#q%oPN z?yHnuGTTnG>IdJ`AHK2b@ix_?UJ9{EH5(twV}JqC5zC8uK3616!-QeS5BYYswVpDQ z3VwrOrGnJ_CF7?JNtY_jOLlyhE1JnQpFbS62UgyrRo4P1C%R7j0#>@<2j5BccPn_7 zie)Fh>TNwu7H#dWhLUU+xtFyJGufUW^oGq#LbCW*1Z-BXw7PL2+w2Bm#UvQmA?NBF^ZKtk z7Fsh_|84A%|Ay4dG?pkoxFHQsL8PCav66SLz8ln1Gl-5rV>e^3ebOjv!m4o3d^~l& z<{eV)OXiFlxl+&eCI5{L-;TRNIcj<>wI*e5u-6I?U5Ov`5!ut;*Xq(MH|BlyTB?Q@ zpgnv0zYY7{u|XO4FD4X=JM*@2EvkeYadnrN=+jw?IGqP;j15%M$nY&jRZLq4a zrrc@J`YJS8zpRN=V8>(NFQYfo0T$Oa7?kC>DR8Hd*4RCccNP>sgxFK@X$7mDrv)q1 zJ(E9(vkfoEIG@-O(QD}qc2cbK1|JGpyZ5mpzlz9*44DM}BaE21jk2yH1ctT35|}!ydL@RHJvu zYe`+mykFU&)qRU-CT0=2=cYb)~wnpLbEL1PfBetr82NmYH_$1jm{kOu&L}E39Nqu z*|^JRQ#m+-s!vrM)7r7A9zfP~s_1ZhF(bo7+kn!v;)_!@LA1s5l+*jv$ds%pOa^Ca zyK84Y1DPeykVCjiaIV(?;f8Z zdjN!Cfohzgs<~_aem=y29?b zROJ|x2!4hyDyHuwkS-}wD2d{s5e2B|hxh-Tc#FJ1lUi%{iN)Tu1b;T8 zpL1^y(Rs+u^s3k1*a{L|Qv5Lf9LyN7{f?%ti{p!Bys{3&JQu-M6GJIOT^G`ry^f;u z2kGzJJB4msC))Bk|3n5oxy>Cru@Iq;7|>R|AzY?DCjDBnDPsP}+`O(8Z4nfRU_+Tb z>k}D2Zq31kkpr-DmI$E?gC~kif6eHg=~c19FX_&aX~Zezln~y-4(aB`_-wg{R+1f- z$MFk#7ygT@f4vcb#FLz#@kwnILiIzSoV*e=OdKIPlnd|wmADrN8C4=>WOZ|FO2 zAJ|P^58UyEugL$k{!*~c?*pqpoXhm0V({}9|6R!YgopG=_SUD3tqUUTu{#HV_``*; zGZ~*Gdma4%LEuu$9cbUV&0BXCs|gU_GDnhamF|1*GY&;EM2Et!S;MayEtkY(%Y2p zZXj_mG^z=`6MU+HCB|sed;U?hw>h7-r_X#>EO&B+pEd1( zIxdX3t*)~TUD@zM`6}d8XrHiVG`gdXcm7i~XeViYS!VUFzKWBtUlZED#^Jst)h2f` zT1u|iz6n87*I{x6<*wY7Q_<-X{m!!zs0tnJAP)?V3WPV3#48DCU%xdy|G>P>6)%nh zbwi2MLnF{?stav$O@QS@A6}tQT`01@#hL6P9XI3?K*O$_?$U^C8&Ikmapg77H|M`* z!vfkmKWkX@;)n>6-!GVVYSR2%4N(r+@WW_j*#X6wb2%~fuUfh~*48ydbuslUOV%6M zEK3BLt5?MmF3c5}txsLma7y`Nb^=M~nCXU9TPOUxi{;&rrM~LhTHhRtq)^Iby7rj6 zLR0WDVLj}XQ?9E5EKIJ}idWz%XIeV&!GyUC8_}pf9xeZ%B}cr4yqa6dy29$xh5`vO zFDgb~usShQb?G2=7qyf^5(amNfkzEPCb@U$`u$#DHMe; z=hR2ti-~6o{S|`V31<&OTz?-0xG^>YZ31WmZHdI(fM@nLS5A!^rJ^}dC}0-*{cgEq ziTZ|qCfkoniY4>71~hucvm=ob2SPp1QrtW+F$!TL7tw^sF+Zr!?Vl?G@BxjWNCkI) zgd&}b-@UBok(r7#Eyp3As4?bwz(u2ad!m#9q1n5?jyw%j4GS~2JR%)XtLd}kxBMw8 znMY&P&6a%Uvrk4wQvW4-Q;d|m8uDzP#nNMQ`v?o4p39Fpb`Me>D(SN>t$I=U`rAVK zBeO(lTAf4uzdcN+lV*u|v<8Rx3nLEJ*`@i^W`}s=5xe_Ym9oo^UyvaqR-6&2BjaX; zelpTCU>*u0tjsKV{EFn$w?5o=%d@2lc31iPr(kJW#^irp{0oZvXEf5bB9@BK>&)yn zs7C+E>?A;KL(1n3AIDgEbld-Mv<6l+{`yh;WhnsjJoOsixH@xK1$5p!^w)a|@hHAr zjNi|_q|Tz2L+0j>tj8THpiBRU2Q=R1aD%q}>0sQSv zhSHnwEh^A|q0#wP2R;mkT7j?-`xYmm=TFzHz%is_Wzqcja*^YBHd-}-=gd@@$Z;(v ziPskWo}{K#bc#`B+6^9`TJz~}Mz?6=$cy+pdj9!Z_r6wSUrOv}!-B>ra$4SqK9PC(j?az()I~rpg{GpG1<_phLq&jgvlQlKOJR_4D#bz5FajN?3)2aONOIf8{I>%f! z=;U!=O15EOIerF2_1@l+9y{?j)`H`ev!3ltbq;5MUD>R9(hFt68K!mvdp20h>wo4! zTpWi2;(Wnn2BLJ$f4F079NvU8hUL;(zb)clYm91p;691V!J@zMV~Mo9$#|6SgT?e$ z#D5!@g97X=4_%ut`S#$kYj{6iz|e?Bu(3Q5;`&!{4S4Y9zs*j6qX3#1+=X#FCetMI z2xreBkE?Vz7NOWC(&ge$6RQXpJTrbcd5Krl^37GV(u=y2b!Sa7H}nGTi^0cBChr#P z@9eaU$Zb3oF7*qzoohPVOujNWqLq&eRMi~0^mDA?zs0Zy<{OoJ+a65Y8z0Xe{<{`E zuQKH;6*x3vb(j`8Nyh7deod3{u~TZ>VT$x3#I-(nk}}M*M9fBe_xFiXdb1=rohO%;!~sDO*-|IVSgtbBwBo-~ z&2c4=_nCV!i!E?n$AVF5-+z{lKAYeF9|3SW2xc0agSKDqA0YrVZ;>HC&j6se$i~nz z)=0q8>tHAU6Z%gUuV7RNucNEO;!7r+ZRRM%31b`lU3U~5`;o+ zis$qGx1y#$yhU}b8M)$5U6*BI<%#ijSVoSRPxaslls$M}A3$ej*J{^|9%?mx;!NDr zl&iVX>554cZ_NSeHOD-BJ=b3gO+U9`WM*d70_t*%?`+&70)if5n$%l6a*i}T$wbSS zXV(Inw?g9O_aXon*;$&I)2j!vrzS9rG=85u(>J$y9^a6ssK9*gkc^|b-)*mhV$P#` ziQ?>AD&6CeJs`Z;+&!Ox7>f3(#S$JI_o=lcJOH{^S3atj2bpXTz%G-kRYT!grh2v?T!L?zZJUW zpyNDnS2ECXK@|~Fls_hkcwfK){Wji&@@Lrm35v3tS2&?T*)5zBrEEUO4HdIy1@2wJ z`Co$$Xgd3Edf*=0F`miYtH$|jCB%pU+W2w7H1w5QOJ0fSD<1u~IeQ%aZCp8Pvai3( z6F{e1DGY#6Mw!NYNJ=j!5i`)2ZY?eP0d7TPWdbNKr}}N_Xb(kY)thQeR||&$&=e}O zl?e|&s&w)V=)s!uDIL&*DfG2{D*Eht|9=q5qhXk-E8z5amLey2oyd@jB`n7TV^_6s zw)vx0D%v7wDKG}i1)&MG%^D4Gtm=+pZ^+@V`GhA1) z2zXQN+lV<*9rVk;SSbuNwFl;(v}L5rr8pr^Fe!c|2^Rlw~GC*(RngG&*WEY!! zV`jokgZ$U{FxN87ojvKWlb;H!?b2YX+)URDwd*6ddv|e5L@Crw3QXd1VWS}YI?y~= z0tbJWw7f3`stPi@@kbcYlVN_7(=-OM3gQybm0T)O@o0wl;8#6BggznpKK!1cnDf7C zWjG(u4l)pF_#Eu$qm@8tm4IvKkrBfinyJ{JcC)$PAa|6& zv5jDy&t-1E?Mx5t zeqoMuCRL-x!sx|jr@^)8OxQ6!|I3N9)&+eb&HvWfX4AN))UtgJW&Uf8-E;b%rd)RP&@;^0DrMX2I=oz4pkq_Ty-_G!Z zZ!^WAuJCOaQXU@k(-!R?kPS1HXN_rKVl&Lox~A@Hn4LYII`faR?osEZkCNeyR@wI( zSmPQPPuNP8U3QKM)3vDowaT~gqW->sm30`#B(Jc}2>y4@Bb}CrP`MrWbw|?h8pzNF zy>c}VCMeIs=fVVo&959yg;=sYNa$w@y3JU|jEe5LQru&KAy@c4k-`@O6rwz9PMbpP zD{NDz5RWiFIaZ95xYs~-L7iL;AiHs|cx{TEEf+5*pV9J&P7HuD+$m%P2c>$E0Tk3l zaFGLJ5GDHLKAOf4F2XYGOv!3^P%4vf#}|MJMD&VMQ&(!;G(Z4~bcRju?bsmfsSnvZ;fb?TFYknD=S$Lbl z^Zw-ZNB~pzOL;I%5L2d4ClB71e))5|?11pUHe?egEJ`s#x*=F0xNE=|Y2axC6Gu1|uy-3q= zr-_84`zk%(+z3fspfM3I!B@7(TKoDQLTUg#QIpdXei!(b%AgLbXgHNq2Y57`%BWT{ zZnR=*r*Vx_ikgZ{hgP#A_NqwURz4^P#XAitq2eUlQ8H>OV~MxykUf^tUW{9yoRvQI_Epp0v;QwYQ1A3gxXu6MOsqNTX?Tz2QgQ=2i)Y< zNCJ5qh`pG#KsuR{XZQ6|9hV6&?9zy2p|?hs$Qc31SKm}dU`WSlki|E2OZ%l_@KuFt zU*$l&njJ?MyKPJhXYXh$ky0{^W*!gc=PD^m zkGD#t={uZV=Kk;1M-D=vxlVL(ltgImF(mYxO83!H>y;u0p)JZWBt2YVA&jGzol-Vg zR7_bdO|?TzF1!1h1ZD^H7oEgwTs8%Drp zV~6JNJT2D_7sF?HW|m*=JEOjwF&N^kt0zZ03C*q6=DYXjYX%O3aTg*%8QYt;9xgba zZMU6kdtbPBL6v;-+Ch1N^M!0n#8g~I$+fm0Po#VFGCHsR{$*+yeJOq`>g1yfDQb^@ z7*RL*YN3i3>X{t@h9zvT6JSV(nJjn`~N^|<^x@|m->#x7o*D1kU*H}xhs zDcSufJ}A}<$#4)_=P+%8g?G2sK~gruT~@gQJ$rK$x}9cfXq$islv6Br^glNy5jFZO z&VN3diVWvDzrmfF{oKBO<`Ud$#k!szmq4uW;ojX@19cgT$wWn@b|@sstBa+Y|KWdJ zp$l*NaiXP|T{JN~9b#LF2`z5^kmr=P5YzYJ0VlU>7nL7|!OL2vwt(U&kn@F5V{(po z52(OMq0>j&i*KKWK@Gb|DKjYqUunxBEvkz>-`oHWSF=}}nw7cg9PS^0 z7qq|d&3-=#EZ9DDICq+Fi}HK5Wa$O)Ty%=~+Iz9k^l9(sW%8VrRIT~ERLX3okX>lc zInlV<_50ZDmUr^T&mUt)CCo*?Nzz$|aX^cI8!^8l@;E8Q4tVii0C+4au6$M@5!_|Z zJb%d3eg5TCNiE7A=)L{N#^^ws41RwEUvYRdIpuTks6JhYh@KN@ni*zPEpjiQc}M4B9;v@KW_yvPM z9(LnTo7mdo<&$Qh#gEn%ls~6 Date: Tue, 31 Aug 2021 20:16:57 +0300 Subject: [PATCH 097/173] Threat Intel Report - add fields and improve view (#14564) * add type, status fields and update dashboard * bump to 1.0.1 and add rn * fmt module and add dashboard rn * updated type and layout for test * revert threat actor type changes --- .../Dashboards/Threat_Intel_Dashboard.json | 235 +++++++++++++----- .../genericfield-Status.json | 37 +++ .../ThreatIntelReport/genericfield-Type.json | 38 +++ .../genericmodule-ThreatIntel.json | 163 ++++++++++-- .../layoutscontainer-ThreatReportLayout.json | 2 +- Packs/ThreatIntel/ReleaseNotes/1_0_1.md | 16 ++ Packs/ThreatIntel/pack_metadata.json | 2 +- 7 files changed, 401 insertions(+), 92 deletions(-) create mode 100644 Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Status.json create mode 100644 Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Type.json create mode 100644 Packs/ThreatIntel/ReleaseNotes/1_0_1.md diff --git a/Packs/ThreatIntel/Dashboards/Threat_Intel_Dashboard.json b/Packs/ThreatIntel/Dashboards/Threat_Intel_Dashboard.json index 8dfce65e2050..e5d7d9b0b24e 100644 --- a/Packs/ThreatIntel/Dashboards/Threat_Intel_Dashboard.json +++ b/Packs/ThreatIntel/Dashboards/Threat_Intel_Dashboard.json @@ -14,69 +14,178 @@ "fromDateLicense": "0001-01-01T00:00:00Z", "name": "Threat Intel Dashboard", "layout": [ - { - "id": "5e752270-034e-11ec-9c2a-fdb8cdc28b8e", - "forceRange": false, - "x": 0, - "y": 0, - "i": "5e752270-034e-11ec-9c2a-fdb8cdc28b8e", - "w": 5, - "h": 2, - "widget": { - "id": "incident-severity-by-types", - "version": 24, - "modified": "2020-10-01T17:37:32.220665+03:00", - "sortValues": null, - "packID": "CommonWidgets", - "itemVersion": "1.0.2", - "fromServerVersion": "5.0.0", - "toServerVersion": "", - "propagationLabels": [], - "packPropagationLabels": [ - "all" - ], - "vcShouldIgnore": false, - "vcShouldKeepItemLegacyProdMachine": false, - "commitMessage": "", - "shouldCommit": false, - "name": "Incident Severity by Type", - "prevName": "Incident Severity by Type", - "dataType": "incidents", - "widgetType": "bar", - "query": "-category:job and -status:archived and -status:closed", - "sort": [ - { - "field": "severity", - "fieldType": "", - "asc": true - } - ], - "isPredefined": true, - "dateRange": { - "fromDate": "0001-01-01T00:00:00Z", - "toDate": "0001-01-01T00:00:00Z", - "period": { - "by": "", - "byTo": "", - "byFrom": "days", - "toValue": null, - "fromValue": 7, - "field": "" - }, - "fromDateLicense": "0001-01-01T00:00:00Z" - }, - "params": { - "groupBy": [ - "severity", - "type" - ] - }, - "size": 0, - "category": "" - }, - "reflectDimensions": true - } - ], + { + "id": "2f7354b0-065f-11ec-ba99-5f74d3ffb017", + "forceRange": false, + "x": 0, + "y": 0, + "i": "2f7354b0-065f-11ec-ba99-5f74d3ffb017", + "w": 8, + "h": 3, + "widget": { + "id": "221c23c9-beff-4ccb-8ccc-dc920876c6fa", + "version": 1, + "modified": "2021-08-26T11:17:16.626236871Z", + "sortValues": null, + "packID": "", + "itemVersion": "", + "fromServerVersion": "", + "toServerVersion": "", + "propagationLabels": [ + "all" + ], + "vcShouldIgnore": false, + "vcShouldKeepItemLegacyProdMachine": false, + "commitMessage": "", + "shouldCommit": false, + "name": "Reports Published", + "prevName": "Reports Published", + "dataType": "generics", + "definitionId": "ThreatIntelReport", + "widgetType": "column", + "query": "", + "sort": [], + "isPredefined": false, + "dateRange": { + "fromDate": "0001-01-01T00:00:00Z", + "toDate": "0001-01-01T00:00:00Z", + "period": { + "by": "", + "byTo": "", + "byFrom": "days", + "toValue": null, + "fromValue": 7, + "field": "" + }, + "fromDateLicense": "0001-01-01T00:00:00Z" + }, + "params": { + "groupBy": [ + "published(m)", + "type" + ], + "showOthers": false, + "timeFrame": "months", + "valuesFormat": "abbreviated" + }, + "size": 0, + "category": "" + }, + "reflectDimensions": true + }, + { + "id": "9cb8f6b0-065f-11ec-ba99-5f74d3ffb017", + "forceRange": false, + "x": 8, + "y": 0, + "i": "9cb8f6b0-065f-11ec-ba99-5f74d3ffb017", + "w": 2, + "h": 3, + "widget": { + "id": "773ad9fb-064c-41e3-855e-fff8f97164e4", + "version": 1, + "modified": "2021-08-26T11:20:16.953712785Z", + "sortValues": null, + "packID": "", + "itemVersion": "", + "fromServerVersion": "", + "toServerVersion": "", + "propagationLabels": [ + "all" + ], + "vcShouldIgnore": false, + "vcShouldKeepItemLegacyProdMachine": false, + "commitMessage": "", + "shouldCommit": false, + "name": "Unpublished Reports by type", + "prevName": "Reports by type", + "dataType": "generics", + "definitionId": "ThreatIntelReport", + "widgetType": "pie", + "query": "status:Review,Done,Draft", + "sort": [], + "isPredefined": false, + "dateRange": { + "fromDate": "0001-01-01T00:00:00Z", + "toDate": "0001-01-01T00:00:00Z", + "period": { + "by": "", + "byTo": "", + "byFrom": "days", + "toValue": null, + "fromValue": 0, + "field": "" + }, + "fromDateLicense": "0001-01-01T00:00:00Z" + }, + "params": { + "groupBy": [ + "type" + ], + "valuesFormat": "abbreviated" + }, + "size": 0, + "category": "" + }, + "reflectDimensions": true + }, + { + "id": "c370c490-065f-11ec-ba99-5f74d3ffb017", + "forceRange": false, + "x": 0, + "y": 3, + "i": "c370c490-065f-11ec-ba99-5f74d3ffb017", + "w": 2, + "h": 3, + "widget": { + "id": "5f6fa3bd-ddde-404a-875e-46d137b5b0b1", + "version": 1, + "modified": "2021-08-26T11:21:25.122186055Z", + "sortValues": null, + "packID": "", + "itemVersion": "", + "fromServerVersion": "", + "toServerVersion": "", + "propagationLabels": [ + "all" + ], + "vcShouldIgnore": false, + "vcShouldKeepItemLegacyProdMachine": false, + "commitMessage": "", + "shouldCommit": false, + "name": "Report by Status", + "prevName": "Report by Status", + "dataType": "generics", + "definitionId": "ThreatIntelReport", + "widgetType": "pie", + "query": "", + "sort": [], + "isPredefined": false, + "dateRange": { + "fromDate": "0001-01-01T00:00:00Z", + "toDate": "0001-01-01T00:00:00Z", + "period": { + "by": "", + "byTo": "", + "byFrom": "days", + "toValue": null, + "fromValue": 30, + "field": "" + }, + "fromDateLicense": "0001-01-01T00:00:00Z" + }, + "params": { + "groupBy": [ + "status" + ], + "valuesFormat": "abbreviated" + }, + "size": 0, + "category": "" + }, + "reflectDimensions": true + } + ], "fromVersion": "6.5.0", "description": "", "isPredefined": true diff --git a/Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Status.json b/Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Status.json new file mode 100644 index 000000000000..c2b084947e07 --- /dev/null +++ b/Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Status.json @@ -0,0 +1,37 @@ +{ + "associatedToAll": false, + "associatedTypes": [ + "Threat Actor" + ], + "caseInsensitive": true, + "cliName": "status", + "id": "generic_ThreatIntelReport_status", + "name": "Status", + "closeForm": false, + "content": true, + "editForm": true, + "group": 4, + "definitionId": "ThreatIntelReport", + "genericModuleId": "threatIntel", + "hidden": false, + "isReadOnly": false, + "locked": false, + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "selectValues": [ + "Draft", + "Review", + "Done", + "Published" + ], + "sla": 0, + "system": false, + "threshold": 72, + "type": "singleSelect", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "6.5.0" +} diff --git a/Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Type.json b/Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Type.json new file mode 100644 index 000000000000..dcc60ab5b66f --- /dev/null +++ b/Packs/ThreatIntel/GenericFields/ThreatIntelReport/genericfield-Type.json @@ -0,0 +1,38 @@ +{ + "associatedToAll": false, + "associatedTypes": [ + "Threat Actor" + ], + "caseInsensitive": true, + "cliName": "type", + "id": "generic_ThreatIntelReport_type", + "name": "Type", + "closeForm": false, + "content": true, + "editForm": true, + "group": 4, + "definitionId": "ThreatIntelReport", + "genericModuleId": "threatIntel", + "hidden": false, + "isReadOnly": false, + "locked": false, + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "selectValues": [ + "Campaign", + "Threat Actor", + "Malware", + "Vulnerability", + "Brief" + ], + "sla": 0, + "system": false, + "threshold": 72, + "type": "singleSelect", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "6.5.0" +} diff --git a/Packs/ThreatIntel/GenericModules/genericmodule-ThreatIntel.json b/Packs/ThreatIntel/GenericModules/genericmodule-ThreatIntel.json index 82bb546071a1..646821620676 100644 --- a/Packs/ThreatIntel/GenericModules/genericmodule-ThreatIntel.json +++ b/Packs/ThreatIntel/GenericModules/genericmodule-ThreatIntel.json @@ -33,43 +33,37 @@ "name": "Threat Intel Dashboard", "layout": [ { - "id": "5e752270-034e-11ec-9c2a-fdb8cdc28b8e", + "id": "2f7354b0-065f-11ec-ba99-5f74d3ffb017", "forceRange": false, "x": 0, "y": 0, - "i": "5e752270-034e-11ec-9c2a-fdb8cdc28b8e", - "w": 5, - "h": 2, + "i": "2f7354b0-065f-11ec-ba99-5f74d3ffb017", + "w": 8, + "h": 3, "widget": { - "id": "incident-severity-by-types", - "version": 24, - "modified": "2020-10-01T17:37:32.220665+03:00", + "id": "221c23c9-beff-4ccb-8ccc-dc920876c6fa", + "version": 1, + "modified": "2021-08-26T11:17:16.626236871Z", "sortValues": null, - "packID": "CommonWidgets", - "itemVersion": "1.0.2", - "fromServerVersion": "5.0.0", + "packID": "", + "itemVersion": "", + "fromServerVersion": "", "toServerVersion": "", - "propagationLabels": [], - "packPropagationLabels": [ + "propagationLabels": [ "all" ], "vcShouldIgnore": false, "vcShouldKeepItemLegacyProdMachine": false, "commitMessage": "", "shouldCommit": false, - "name": "Incident Severity by Type", - "prevName": "Incident Severity by Type", - "dataType": "incidents", - "widgetType": "bar", - "query": "-category:job and -status:archived and -status:closed", - "sort": [ - { - "field": "severity", - "fieldType": "", - "asc": true - } - ], - "isPredefined": true, + "name": "Reports Published", + "prevName": "Reports Published", + "dataType": "generics", + "definitionId": "ThreatIntelReport", + "widgetType": "column", + "query": "", + "sort": [], + "isPredefined": false, "dateRange": { "fromDate": "0001-01-01T00:00:00Z", "toDate": "0001-01-01T00:00:00Z", @@ -85,9 +79,124 @@ }, "params": { "groupBy": [ - "severity", + "published(m)", + "type" + ], + "showOthers": false, + "timeFrame": "months", + "valuesFormat": "abbreviated" + }, + "size": 0, + "category": "" + }, + "reflectDimensions": true + }, + { + "id": "9cb8f6b0-065f-11ec-ba99-5f74d3ffb017", + "forceRange": false, + "x": 8, + "y": 0, + "i": "9cb8f6b0-065f-11ec-ba99-5f74d3ffb017", + "w": 2, + "h": 3, + "widget": { + "id": "773ad9fb-064c-41e3-855e-fff8f97164e4", + "version": 1, + "modified": "2021-08-26T11:20:16.953712785Z", + "sortValues": null, + "packID": "", + "itemVersion": "", + "fromServerVersion": "", + "toServerVersion": "", + "propagationLabels": [ + "all" + ], + "vcShouldIgnore": false, + "vcShouldKeepItemLegacyProdMachine": false, + "commitMessage": "", + "shouldCommit": false, + "name": "Unpublished Reports by type", + "prevName": "Reports by type", + "dataType": "generics", + "definitionId": "ThreatIntelReport", + "widgetType": "pie", + "query": "status:Review,Done,Draft", + "sort": [], + "isPredefined": false, + "dateRange": { + "fromDate": "0001-01-01T00:00:00Z", + "toDate": "0001-01-01T00:00:00Z", + "period": { + "by": "", + "byTo": "", + "byFrom": "days", + "toValue": null, + "fromValue": 0, + "field": "" + }, + "fromDateLicense": "0001-01-01T00:00:00Z" + }, + "params": { + "groupBy": [ "type" - ] + ], + "valuesFormat": "abbreviated" + }, + "size": 0, + "category": "" + }, + "reflectDimensions": true + }, + { + "id": "c370c490-065f-11ec-ba99-5f74d3ffb017", + "forceRange": false, + "x": 0, + "y": 3, + "i": "c370c490-065f-11ec-ba99-5f74d3ffb017", + "w": 2, + "h": 3, + "widget": { + "id": "5f6fa3bd-ddde-404a-875e-46d137b5b0b1", + "version": 1, + "modified": "2021-08-26T11:21:25.122186055Z", + "sortValues": null, + "packID": "", + "itemVersion": "", + "fromServerVersion": "", + "toServerVersion": "", + "propagationLabels": [ + "all" + ], + "vcShouldIgnore": false, + "vcShouldKeepItemLegacyProdMachine": false, + "commitMessage": "", + "shouldCommit": false, + "name": "Report by Status", + "prevName": "Report by Status", + "dataType": "generics", + "definitionId": "ThreatIntelReport", + "widgetType": "pie", + "query": "", + "sort": [], + "isPredefined": false, + "dateRange": { + "fromDate": "0001-01-01T00:00:00Z", + "toDate": "0001-01-01T00:00:00Z", + "period": { + "by": "", + "byTo": "", + "byFrom": "days", + "toValue": null, + "fromValue": 30, + "field": "" + }, + "fromDateLicense": "0001-01-01T00:00:00Z" + }, + "params": { + "groupBy": [ + "status" + ], + "valuesFormat": "abbreviated" }, "size": 0, "category": "" diff --git a/Packs/ThreatIntel/Layouts/layoutscontainer-ThreatReportLayout.json b/Packs/ThreatIntel/Layouts/layoutscontainer-ThreatReportLayout.json index 6d932a4f43b4..a4e057184f34 100644 --- a/Packs/ThreatIntel/Layouts/layoutscontainer-ThreatReportLayout.json +++ b/Packs/ThreatIntel/Layouts/layoutscontainer-ThreatReportLayout.json @@ -713,5 +713,5 @@ "system": false, "version": -1, "fromVersion": "6.5.0", - "description": "" + "description": "updated for test" } diff --git a/Packs/ThreatIntel/ReleaseNotes/1_0_1.md b/Packs/ThreatIntel/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..7d8aadaba155 --- /dev/null +++ b/Packs/ThreatIntel/ReleaseNotes/1_0_1.md @@ -0,0 +1,16 @@ + +#### Modules +##### Threat Intel +- Improved the Threat Intel Report view. + +#### Object Fields +- **(ThreatIntelReport) - Status** +- **(ThreatIntelReport) - Type** + +#### Dashboards +##### Threat Intel Dashboard +- Added Threat Intel Report related widgets. + +#### Layouts +##### Threat Report Layout + - Updated for test. diff --git a/Packs/ThreatIntel/pack_metadata.json b/Packs/ThreatIntel/pack_metadata.json index db48c4ae2603..7b2621bb0440 100644 --- a/Packs/ThreatIntel/pack_metadata.json +++ b/Packs/ThreatIntel/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Threat Intel", "description": "Threat Intel", "support": "xsoar", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "serverMinVersion": "6.5.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", From 8dcba27a735ecd52dd6e8c724b39853dfd505bad Mon Sep 17 00:00:00 2001 From: dorschw <81086590+dorschw@users.noreply.github.com> Date: Tue, 31 Aug 2021 21:29:28 +0300 Subject: [PATCH 098/173] sdk 1.4.9 (#14615) * Update dev-requirements-py3.txt * Update dev-requirements-py3.txt Co-authored-by: tomneeman151293 <70005542+tomneeman151293@users.noreply.github.com> --- dev-requirements-py3.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev-requirements-py3.txt b/dev-requirements-py3.txt index d8dddd9790b2..bf149aa1f855 100644 --- a/dev-requirements-py3.txt +++ b/dev-requirements-py3.txt @@ -1,7 +1,7 @@ flake8==3.9.2 bandit==1.7.0 demisto-py==3.0.2 -git+https://github.com/demisto/demisto-sdk.git@15ebcd5 +demisto-sdk==1.4.9 pytest==6.2.1 pytest-mock==3.4.0 requests-mock==1.8.0 From 0c974f601858a33b313f7116e8ac033beeacc851 Mon Sep 17 00:00:00 2001 From: tomneeman151293 <70005542+tomneeman151293@users.noreply.github.com> Date: Wed, 1 Sep 2021 10:35:23 +0300 Subject: [PATCH 099/173] Bc support content side (#13924) * added logic, and unit tests * added tests, added docs, moved bc func call * Update Tests/Marketplace/marketplace_services.py Co-authored-by: Guy Freund <53565845+guyfreund@users.noreply.github.com> * freund requests * fixed typos, fixed validate failures * flake8 fixes line too long * started re-adding BC logic * added tests * added the files to git * indents * fix failures * fixed another test failure * Update Tests/Marketplace/release_notes_bc_calculator.py Co-authored-by: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> * Update Tests/Marketplace/release_notes_bc_calculator.py Co-authored-by: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> * added renaming of var * filtered from modified the json files in ReleaseNotes * freund cr fixes * freund cr fixes * deleted added test file. test files were added to mp tests * fix all occurrences of changed naming * dan cr fixes * upload test: edited existing RN * reverted upload test 1 * upload test: new RN without BC * test case 2: RN with BC * added some logs for checks * using custom sdk version to add artifacts support * using custom sdk version to add artifacts support * validating against sdk create artifacts * test case 3: multipe rn, some bc, some not * fixing fraudwatch version * reverted all changes for tests * noy CR fixes Co-authored-by: Guy Freund <53565845+guyfreund@users.noreply.github.com> Co-authored-by: Noy-Maimon <72340690+Noy-Maimon@users.noreply.github.com> Co-authored-by: guyfreund --- .../Tests/marketplace_services_test.py | 323 ++++++++++++++++++ Tests/Marketplace/marketplace_services.py | 306 ++++++++++++++--- Tests/Marketplace/upload_packs.py | 4 +- 3 files changed, 585 insertions(+), 48 deletions(-) diff --git a/Tests/Marketplace/Tests/marketplace_services_test.py b/Tests/Marketplace/Tests/marketplace_services_test.py index a8ecf22017dd..c496ac79a88b 100644 --- a/Tests/Marketplace/Tests/marketplace_services_test.py +++ b/Tests/Marketplace/Tests/marketplace_services_test.py @@ -10,6 +10,7 @@ from distutils.version import LooseVersion from freezegun import freeze_time from datetime import datetime, timedelta +from typing import List, Dict, Optional, Tuple, Any from Tests.Marketplace.marketplace_services import Pack, input_to_list, get_valid_bool, convert_price, \ get_updated_server_version, load_json, \ @@ -1713,6 +1714,318 @@ def test_get_release_notes_lines_no_rn(self, mocker, dummy_pack): assert rn_lines == changelog_latest_rn assert new_versions == [] + CHANGELOG_ENTRY_CONTAINS_BC_VERSION_INPUTS = [(LooseVersion('0.0.0'), LooseVersion('1.0.0'), [], dict(), dict()), + ( + LooseVersion('0.0.0'), LooseVersion('1.0.0'), + [LooseVersion('1.0.1')], {'1.0.1': 'BC text'}, dict()), + ( + LooseVersion('0.0.0'), LooseVersion('1.0.0'), + [LooseVersion('1.0.0')], {'1.0.0': None}, + {'1.0.0': None}), + ( + LooseVersion('2.3.1'), LooseVersion('2.4.0'), + [LooseVersion('2.3.1')], {'2.3.1': 'BC text'}, + dict()), + (LooseVersion('2.3.1'), LooseVersion('2.4.0'), + [LooseVersion('2.3.1'), LooseVersion('2.3.2')], + {'2.3.1': None, '2.3.2': 'BC Text 232'}, {'2.3.2': 'BC Text 232'})] + + @pytest.mark.parametrize('predecessor_version, rn_version, bc_versions_list,bc_version_to_text, expected', + CHANGELOG_ENTRY_CONTAINS_BC_VERSION_INPUTS) + def test_changelog_entry_contains_bc_version(self, predecessor_version: LooseVersion, rn_version: LooseVersion, + bc_versions_list: List[LooseVersion], bc_version_to_text, expected): + """ + Given: + - predecessor_version: Predecessor version of the changelog entry. + - rn_version: RN version of the current processed changelog entry + When: + - Checking whether current 'rn_version' contains a BC version. + Case a: Pack does not contain any BC versions. + Case b: Pack contains BC versions, but not between 'predecessor_version' to 'rn_version' range. + Case c: Pack contains BC versions, and it is the exact 'rn_version'. + Case d: Pack contains BC versions, and it is the exact 'predecessor_version'. + Case e: Pack contains BC versions, and it is the between 'predecessor_version' to 'rn_version' range. + Then: + Validate expected bool is returned. + Case a: Validate false is returned. + Case b: Validate false is returned. + Case c: Validate true is returned, because there is a BC version that matches the + rule 'predecessor_version' < bc_version <= 'rn_version' (equals to 'rn_version'). + Case d: Validate false is returned, because there is no BC version that matches the + rule 'predecessor_version' < bc_version <= 'rn_version' (equals to 'predecessor_version' which is + outside range). + Case e: Validate true is returned, because there is a BC version that matches the + rule 'predecessor_version' < bc_version <= 'rn_version' (above 'predecessor_version', + below 'rn_version'). + """ + assert Pack._changelog_entry_bc_versions(predecessor_version, rn_version, bc_versions_list, + bc_version_to_text) == expected + + def test_breaking_changes_versions_to_text(self, tmpdir): + """ + Given: + - Release notes directory (class field) + + When: + - Creating dict of BC version to mapping. Including all possibilities: + 1) RN does not have corresponding config file. + 2) RN has corresponding config file, breakingChanges is set to true, text does not exist. + 3) RN has corresponding config file, breakingChanges is set to true, text exists. + 4) RN has corresponding config file, breakingChanges is set to false, text does not exist. + 5) RN has corresponding config file, breakingChanges is set to false, text exists. + + Then: + - Ensure expected mapping is done. + case 2 contains only breakingChanges: True entry. + case 3 contains both breakingChanges: True and text entries. + + """ + rn_dir = f'{tmpdir}/ReleaseNotes' + os.mkdir(rn_dir) + create_rn_file(rn_dir, '1_0_1', 'some RN to see it is filtered by its extension') + create_rn_config_file(rn_dir, '1_0_2', {'breakingChanges': True}) + create_rn_config_file(rn_dir, '1_0_3', {'breakingChanges': True, 'breakingChangesNotes': 'this is BC'}) + create_rn_config_file(rn_dir, '1_0_4', {'breakingChanges': False}) + create_rn_config_file(rn_dir, '1_0_5', {'breakingChanges': False, 'breakingChangesNotes': 'this is BC'}) + + expected: Dict[str, Optional[str]] = {'1.0.2': None, '1.0.3': 'this is BC'} + + assert Pack._breaking_changes_versions_to_text(rn_dir) == expected + + SPLIT_BC_VERSIONS_WITH_AND_WITHOUT_TEXT_INPUTS = [(dict(), ([], [])), + ({'1.0.2': 'bc text 1'}, (['bc text 1'], [])), + ({'1.0.2': None}, ([], ['1.0.2'])), + ({'1.0.2': None, '1.0.4': None, '1.0.5': 'txt1', '1.0.6': 'txt2'}, + (['txt1', 'txt2'], ['1.0.2', '1.0.4'])), + ] + + @pytest.mark.parametrize('bc_versions, expected', SPLIT_BC_VERSIONS_WITH_AND_WITHOUT_TEXT_INPUTS) + def test_split_bc_versions_with_and_without_text(self, bc_versions: Dict[str, Optional[str]], + expected: Tuple[List[str], List[str]]): + """ + Given: + - 'bc_versions': Dict of BC versions to text. + + When: + - Splitting 'bc_versions' to two lists of versions with/without text. + + Then: + - Ensure expected results are returned. + """ + assert Pack._split_bc_versions_with_and_without_text(bc_versions) == expected + + def test_get_release_notes_concat_str_non_empty(self, tmpdir): + """ + Given: + - 'bc_versions': Dict of BC versions to text. + + When: + - Splitting 'bc_versions' to two lists of versions with/without text. + + Then: + - Ensure expected results are returned. + """ + rn_dir: str = f'{tmpdir}/ReleaseNotes' + os.mkdir(rn_dir) + create_rn_file(rn_dir, '1_0_1', 'txt1') + create_rn_file(rn_dir, '1_0_2', 'txt2') + assert Pack._get_release_notes_concat_str(rn_dir, ['1_0_1.md', '1_0_2.md']) == '\ntxt1\ntxt2' + + def test_get_release_notes_concat_str_empty(self): + """ + Given: + - 'bc_versions': Empty dict of BC versions to text. + + When: + - Splitting 'bc_versions' to two lists of versions with/without text. + + Then: + - Ensure empty results are returned. + """ + assert Pack._get_release_notes_concat_str('', []) == '' + + def test_handle_many_bc_versions_some_with_text(self, dummy_pack, tmpdir): + """ + Given: + - 'text_of_bc_versions': Text of BC versions containing specific BC text. + - 'bc_versions_without_text': BC versions that do not contain specific BC text + + When: + - Handling a case were one aggregated changelog entry contains both BCs with text and without text. + + Then: + - Ensure expected test is returned + """ + rn_dir: str = f'{tmpdir}/ReleaseNotes' + os.mkdir(rn_dir) + create_rn_file(rn_dir, '1_0_2', 'no bc1') + create_rn_file(rn_dir, '1_0_6', 'no bc2') + text_of_bc_versions: List[str] = ['txt1', 'txt2'] + bc_versions_without_text: List[str] = ['1.0.2', '1.0.6'] + + expected_concat_str: str = 'txt1\ntxt2\nno bc1\nno bc2' + assert dummy_pack._handle_many_bc_versions_some_with_text(rn_dir, text_of_bc_versions, + bc_versions_without_text) == expected_concat_str + + CALCULATE_BC_TEXT_NON_MIXED_CASES_INPUTS = [(dict(), None), ({'1.0.2': None}, None), ({'1.0.2': 'txt1'}, 'txt1'), + ({'1.0.2': 'txt1', '1.0.4': 'txt5'}, 'txt1\ntxt5')] + + @pytest.mark.parametrize('bc_version_to_text, expected', CALCULATE_BC_TEXT_NON_MIXED_CASES_INPUTS) + def test_calculate_bc_text_non_mixed_cases(self, dummy_pack, bc_version_to_text: Dict[str, Optional[str]], + expected: Optional[str]): + """ + Given: + - 'text_of_bc_versions': Text of BC versions containing specific BC text. + + When: + - Calculating text for changelog entry + Case a: Only one BC in aggregated changelog entry: + Case b: More than one BC in aggregated entry, all of them containing text. + + Then: + - Ensure expected text is returned. + + """ + assert dummy_pack._calculate_bc_text('', bc_version_to_text) == expected + + def test_calculate_bc_text_mixed_case(self, dummy_pack, tmpdir): + """ + Given: + - 'text_of_bc_versions': Text of BC versions containing specific BC text. + + When: + - Handling a case were one aggregated changelog entry contains both BCs with text and without text. + + Then: + - Ensure expected text is returned + """ + rn_dir: str = f'{tmpdir}/ReleaseNotes' + os.mkdir(rn_dir) + create_rn_file(rn_dir, '1_0_2', 'bc notes without bc text') + create_rn_file(rn_dir, '1_0_6', 'RN for 1_0_6') + create_rn_config_file(rn_dir, '1_0_2', {'breakingChanges': True}) + create_rn_config_file(rn_dir, '1_0_6', {'breakingChanges': True, 'breakingChangesNotes': 'bc txt2'}) + + expected_text: str = 'bc txt2\nbc notes without bc text' + assert dummy_pack._calculate_bc_text(rn_dir, {'1_0_2': None, '1_0_6': 'bc txt2'}) == expected_text + + def test_add_bc_entries_if_needed(self, dummy_pack, tmpdir): + """ + Given: + - changelog: Changelog file data represented as a dictionary. + + When: + - Updating 'breakingChanges' entry for each changelog dict entry. + + Then: + - Validate changelog 'breakingChanges' field for each entries are updated as expected. This test includes + all four types of possible changes: + a) Entry without breaking changes, changes to entry with breaking changes. + b) Entry without breaking changes, changes to entry with breaking changes containing BC text. + c) Entry without breaking changes, does not change. + d) Entry with breaking changes, changes to entry without breaking changes. + e) Entry with breaking changes, changes to entry with BC text. + f) Entry with breaking changes, changes to entry without BC text. + """ + rn_dir = f'{tmpdir}/ReleaseNotes' + os.mkdir(rn_dir) + for i in range(17, 26): + create_rn_file(rn_dir, f'1.12.{i}', f'RN of 1.12.{i}') + create_rn_config_file(rn_dir, '1_12_20', {'breakingChanges': True}) + create_rn_config_file(rn_dir, '1_12_22', {'breakingChanges': True}) + create_rn_config_file(rn_dir, '1_12_24', {'breakingChanges': True, 'breakingChangesNotes': 'bc 24'}) + create_rn_config_file(rn_dir, '1_12_25', {'breakingChanges': True, 'breakingChangesNotes': 'bc 25'}) + changelog: Dict[str, Any] = { + '1.12.20': { + 'releaseNotes': 'RN of 1.12.20', + 'displayName': '1.12.18 - 392682', + 'released': '2021-07-05T02:00:02Z', + 'breakingChanges': True + }, + '1.12.17': { + 'releaseNotes': 'RN of 1.12.17', + 'displayName': '1.12.17 - 392184', + 'released': '2021-07-02T23:15:52Z', + 'breakingChanges': True + }, + '1.12.16': { + 'releaseNotes': 'RN of 1.12.16', + 'displayName': '1.12.16 - 391562', + 'released': '2021-06-30T23:32:59Z' + }, + '1.12.23': { + 'releaseNotes': 'RN of 1.12.23', + 'displayName': '1.12.23 - 393823', + 'released': '2021-07-06T23:27:59Z' + }, + '1.12.24': { + 'releaseNotes': 'RN of 1.12.23', + 'displayName': '1.12.23 - 393823', + 'released': '2021-07-06T23:27:59Z', + 'breakingChanges': True + }, + '1.12.25': { + 'releaseNotes': 'RN of 1.12.23', + 'displayName': '1.12.23 - 393823', + 'released': '2021-07-06T23:27:59Z', + } + } + expected_changelog: Dict[str, Any] = { + '1.12.20': { + 'releaseNotes': 'RN of 1.12.20', + 'displayName': '1.12.18 - 392682', + 'released': '2021-07-05T02:00:02Z', + 'breakingChanges': True + }, + '1.12.17': { + 'releaseNotes': 'RN of 1.12.17', + 'displayName': '1.12.17 - 392184', + 'released': '2021-07-02T23:15:52Z' + }, + '1.12.16': { + 'releaseNotes': 'RN of 1.12.16', + 'displayName': '1.12.16 - 391562', + 'released': '2021-06-30T23:32:59Z' + }, + '1.12.23': { + 'releaseNotes': 'RN of 1.12.23', + 'displayName': '1.12.23 - 393823', + 'released': '2021-07-06T23:27:59Z', + 'breakingChanges': True + }, + '1.12.24': { + 'releaseNotes': 'RN of 1.12.23', + 'displayName': '1.12.23 - 393823', + 'released': '2021-07-06T23:27:59Z', + 'breakingChanges': True, + 'breakingChangesNotes': 'bc 24' + }, + '1.12.25': { + 'releaseNotes': 'RN of 1.12.23', + 'displayName': '1.12.23 - 393823', + 'released': '2021-07-06T23:27:59Z', + 'breakingChanges': True, + 'breakingChangesNotes': 'bc 25' + } + } + dummy_pack.add_bc_entries_if_needed(rn_dir, changelog) + assert changelog == expected_changelog + + def test_add_bc_entries_if_needed_rn_dir_does_not_exist(self, dummy_pack): + """ + Given: + - Changelog + + When: + - Updating changelog entries with BC entries. RN dir does not exist + + Then: + - Ensure no modification is done to the changelog. + """ + changelog: Dict = {'a': 1} + dummy_pack.add_bc_entries_if_needed('not_real_path', changelog) + assert changelog == {'a': 1} + FAILED_PACKS_DICT = { 'TestPack': {'status': 'wow1'}, 'TestPack2': {'status': 'wow2'} @@ -2055,3 +2368,13 @@ def test_is_author_image(self, file_path, result, dummy_pack): - Validate that the answer is False """ assert dummy_pack.is_author_image(file_path) is result + + +def create_rn_config_file(rn_dir: str, version: str, data: Dict): + with open(f'{rn_dir}/{version}.json', 'w') as f: + f.write(json.dumps(data)) + + +def create_rn_file(rn_dir: str, version: str, text: str): + with open(f'{rn_dir}/{version}.md', 'w') as f: + f.write(text) diff --git a/Tests/Marketplace/marketplace_services.py b/Tests/Marketplace/marketplace_services.py index 1a785a300a38..7947ba62db2d 100644 --- a/Tests/Marketplace/marketplace_services.py +++ b/Tests/Marketplace/marketplace_services.py @@ -1,30 +1,30 @@ +import base64 +import fnmatch +import glob import json +import logging import os -import stat -import subprocess -import fnmatch import re -import glob -import git -import sys import shutil -import yaml -import google.auth -from google.cloud import storage -import base64 +import stat +import subprocess import urllib.parse -import logging import warnings +from datetime import datetime, timedelta from distutils.util import strtobool from distutils.version import LooseVersion -from datetime import datetime, timedelta +from typing import Tuple, Any, Union, List, Dict, Optional from zipfile import ZipFile, ZIP_DEFLATED -from typing import Tuple, Any, Union +import git +import google.auth +import sys +import yaml +from google.cloud import storage + +import Tests.Marketplace.marketplace_statistics as mp_statistics from Tests.Marketplace.marketplace_constants import PackFolders, Metadata, GCPConfig, BucketUploadFlow, PACKS_FOLDER, \ PackTags, PackIgnored, Changelog -import Tests.Marketplace.marketplace_statistics as mp_statistics - from Utils.release_notes_generator import aggregate_release_notes_for_marketplace @@ -69,7 +69,7 @@ def __init__(self, pack_name, pack_path): self._description = None # initialized in load_user_metadata function self._display_name = None # initialized in load_user_metadata function self._user_metadata = None # initialized in load_user_metadata function - self.eula_link = None # initialized in load_user_metadata function + self.eula_link = None # initialized in load_user_metadata function self._is_feed = False # a flag that specifies if pack is a feed pack self._downloads_count = 0 # number of pack downloads self._bucket_url = None # URL of where the pack was uploaded. @@ -362,6 +362,7 @@ def organize_integration_images(pack_integration_images: list, pack_dependencies list: list of sorted integration images """ + def sort_by_name(integration_image: dict): return integration_image.get('name', '') @@ -650,7 +651,8 @@ def _load_pack_dependencies(self, index_folder_path, pack_names): return dependencies_data_result, self._is_missing_dependencies - def _get_updated_changelog_entry(self, changelog: dict, version: str, release_notes: str = None, + @staticmethod + def _get_updated_changelog_entry(changelog: dict, version: str, release_notes: str = None, version_display_name: str = None, build_number_with_prefix: str = None, released_time: str = None): """ @@ -669,9 +671,11 @@ def _get_updated_changelog_entry(self, changelog: dict, version: str, release_no version_display_name = \ version_display_name if version_display_name else changelog_entry[Changelog.DISPLAY_NAME].split('-')[0] build_number_with_prefix = \ - build_number_with_prefix if build_number_with_prefix else changelog_entry[Changelog.DISPLAY_NAME].split('-')[1] + build_number_with_prefix if build_number_with_prefix else \ + changelog_entry[Changelog.DISPLAY_NAME].split('-')[1] - changelog_entry[Changelog.RELEASE_NOTES] = release_notes if release_notes else changelog_entry[Changelog.RELEASE_NOTES] + changelog_entry[Changelog.RELEASE_NOTES] = release_notes if release_notes else changelog_entry[ + Changelog.RELEASE_NOTES] changelog_entry[Changelog.DISPLAY_NAME] = f'{version_display_name} - {build_number_with_prefix}' changelog_entry[Changelog.RELEASED] = released_time if released_time else changelog_entry[Changelog.RELEASED] @@ -784,7 +788,7 @@ def encrypt_pack(zip_pack_path, pack_name, encryption_key, extract_destination_p pack_name (str): The name of the pack that should be encrypted. encryption_key (str): The key which we can decrypt the pack with. extract_destination_path (str): The path in which the pack resides. - private_artifacts_dir (str): The chosen name for the private artifacts diriectory. + private_artifacts_dir (str): The chosen name for the private artifacts directory. secondary_encryption_key (str) : A second key which we can decrypt the pack with. """ try: @@ -913,11 +917,11 @@ def detect_modified(self, content_repo, index_folder_path, current_commit_hash, Returns: bool: whether the operation succeeded. - list: list of files that were modified. + list: list of RN files that were modified. bool: whether pack was modified and override will be required. """ task_status = False - modified_files_paths = [] + modified_rn_files_paths = [] pack_was_modified = False try: @@ -944,18 +948,20 @@ def detect_modified(self, content_repo, index_folder_path, current_commit_hash, if not is_ignored_pack_file(modified_file_path_parts): logging.info(f"Detected modified files in {self._pack_name} pack") task_status, pack_was_modified = True, True - modified_files_paths.append(modified_file.a_path) + modified_rn_files_paths.append(modified_file.a_path) else: logging.debug(f'{modified_file.a_path} is an ignored file') task_status = True if pack_was_modified: # Make sure the modification is not only of release notes files, if so count that as not modified - pack_was_modified = not all(self.RELEASE_NOTES in path for path in modified_files_paths) + pack_was_modified = not all(self.RELEASE_NOTES in path for path in modified_rn_files_paths) + # Filter modifications in release notes config JSON file - they will be handled later on. + modified_rn_files_paths = [path_ for path_ in modified_rn_files_paths if path_.endswith('.md')] return except Exception: logging.exception(f"Failed in detecting modified files of {self._pack_name} pack") finally: - return task_status, modified_files_paths, pack_was_modified + return task_status, modified_rn_files_paths, pack_was_modified def upload_to_storage(self, zip_pack_path, latest_version, storage_bucket, override_pack, private_content=False, pack_artifacts_path=None): @@ -1014,7 +1020,8 @@ def upload_to_storage(self, zip_pack_path, latest_version, storage_bucket, overr blob.upload_from_file(pack_zip) print( - f"Copying {secondary_encryption_key_artifacts_path} to {_pack_artifacts_path}/packs/{self._pack_name}.zip") + f"Copying {secondary_encryption_key_artifacts_path} to {_pack_artifacts_path}/" + f"packs/{self._pack_name}.zip") shutil.copy(secondary_encryption_key_artifacts_path, f'{_pack_artifacts_path}/packs/{self._pack_name}.zip') @@ -1148,7 +1155,7 @@ def get_modified_release_notes_lines(self, release_notes_dir: str, new_release_n modified_versions_dict = {} for rn_filename in modified_rn_files: - version = release_notes_file_to_version(rn_filename) + version = underscore_file_name_to_dotted_version(rn_filename) # Should only apply on modified files that are not the last rn file if version in new_release_notes_versions: continue @@ -1193,8 +1200,8 @@ def get_same_block_versions(self, release_notes_dir: str, version: str, changelo higher_nearest_version = min(higher_versions) lower_versions = lower_versions + lowest_version # if the version is 1.0.0, ensure lower_versions is not empty lower_nearest_version = max(lower_versions) - for rn_filename in os.listdir(release_notes_dir): - current_version = release_notes_file_to_version(rn_filename) + for rn_filename in filter_dir_files_by_extension(release_notes_dir, '.md'): + current_version = underscore_file_name_to_dotted_version(rn_filename) # Catch all versions that are in the same block if lower_nearest_version < LooseVersion(current_version) <= higher_nearest_version: with open(os.path.join(release_notes_dir, rn_filename), 'r') as rn_file: @@ -1217,9 +1224,8 @@ def get_release_notes_lines(self, release_notes_dir: str, changelog_latest_rn_ve """ found_versions: list = list() pack_versions_dict: dict = dict() - - for filename in sorted(os.listdir(release_notes_dir)): - version = release_notes_file_to_version(filename) + for filename in sorted(filter_dir_files_by_extension(release_notes_dir, '.md')): + version = underscore_file_name_to_dotted_version(filename) # Aggregate all rn files that are bigger than what we have in the changelog file if LooseVersion(version) > changelog_latest_rn_version: @@ -1274,11 +1280,11 @@ def assert_upload_bucket_version_matches_release_notes_version(self, f'current branch version: {latest_release_notes}\n' \ 'Please Merge from master and rebuild' - def get_rn_files_names(self, modified_files_paths): + def get_rn_files_names(self, modified_rn_files_paths): """ Args: - modified_files_paths: a list containing all modified files in the current pack, generated + modified_rn_files_paths: a list containing all modified files in the current pack, generated by comparing the old and the new commit hash. Returns: The names of the modified release notes files out of the given list only, @@ -1286,14 +1292,14 @@ def get_rn_files_names(self, modified_files_paths): """ modified_rn_files = [] - for file_path in modified_files_paths: + for file_path in modified_rn_files_paths: modified_file_path_parts = os.path.normpath(file_path).split(os.sep) if self.RELEASE_NOTES in modified_file_path_parts: modified_rn_files.append(modified_file_path_parts[-1]) return modified_rn_files def prepare_release_notes(self, index_folder_path, build_number, pack_was_modified=False, - modified_files_paths=None): + modified_rn_files_paths=None): """ Handles the creation and update of the changelog.json files. @@ -1301,7 +1307,7 @@ def prepare_release_notes(self, index_folder_path, build_number, pack_was_modifi index_folder_path (str): Path to the unzipped index json. build_number (str): circleCI build number. pack_was_modified (bool): whether the pack modified or not. - modified_files_paths (list): list of paths of the pack's modified file + modified_rn_files_paths (list): list of paths of the pack's modified file Returns: bool: whether the operation succeeded. @@ -1309,9 +1315,9 @@ def prepare_release_notes(self, index_folder_path, build_number, pack_was_modifi """ task_status = False not_updated_build = False + release_notes_dir = os.path.join(self._pack_path, Pack.RELEASE_NOTES) - if not modified_files_paths: - modified_files_paths = [] + modified_rn_files_paths = modified_rn_files_paths if modified_rn_files_paths else [] try: # load changelog from downloaded index @@ -1320,7 +1326,6 @@ def prepare_release_notes(self, index_folder_path, build_number, pack_was_modifi if os.path.exists(changelog_index_path): changelog, changelog_latest_rn_version, changelog_latest_rn = \ self.get_changelog_latest_rn(changelog_index_path) - release_notes_dir = os.path.join(self._pack_path, Pack.RELEASE_NOTES) if os.path.exists(release_notes_dir): # Handling latest release notes files @@ -1330,7 +1335,7 @@ def prepare_release_notes(self, index_folder_path, build_number, pack_was_modifi self.assert_upload_bucket_version_matches_release_notes_version(changelog, latest_release_notes) # Handling modified old release notes files, if there are any - rn_files_names = self.get_rn_files_names(modified_files_paths) + rn_files_names = self.get_rn_files_names(modified_rn_files_paths) modified_release_notes_lines_dict = self.get_modified_release_notes_lines( release_notes_dir, new_release_notes_versions, changelog, rn_files_names) @@ -1404,6 +1409,9 @@ def prepare_release_notes(self, index_folder_path, build_number, pack_was_modifi task_status = False return task_status, not_updated_build + # Update change log entries with BC flag. + self.add_bc_entries_if_needed(release_notes_dir, changelog) + # write back changelog with changes to pack folder with open(os.path.join(self._pack_path, Pack.CHANGELOG_JSON), "w") as pack_changelog: json.dump(changelog, pack_changelog, indent=4) @@ -2408,6 +2416,186 @@ def is_unified_integration(self, file_path: str): os.path.basename(file_path).endswith('.yml') ]) + def add_bc_entries_if_needed(self, release_notes_dir: str, changelog: Dict[str, Any]) -> None: + """ + Receives changelog, checks if there exists a BC version in each changelog entry (as changelog entry might be + zipped into few RN versions, check if at least one of the versions is BC). + Check if RN is BC is done by doing the following: + 1) Check if RN has corresponding config file, e.g 1_0_1.md has corresponding 1_0_1.json file. + 2) If it does, check if `isBreakingChanges` field is true + If such version exists, adds a + true value to 'breakingChanges' field. + if JSON file also has breakingChangesNotes configures, adds `breakingChangesNotes` field to changelog file. + This function iterates every entry in changelog because it takes into consideration four scenarios: + a) Entry without breaking changes, changes to entry with breaking changes (because at least one of the + versions in the entry was marked as breaking changes). + b) Entry without breaking changes, does not change. + c) Entry with breaking changes, changes to entry without breaking changes (because all the BC versions + corresponding to the changelog entry were re-marked as not BC). + d) Entry with breaking changes, does not change. + Args: + release_notes_dir (str): RN dir path. + changelog (Dict[str, Any]): Changelog data represented as a dict. + + Returns: + (None): Modifies changelog, adds bool value to 'breakingChanges' and `breakingChangesNotes` fields to every + changelog entry, according to the logic described above. + """ + if not os.path.exists(release_notes_dir): + return + bc_version_to_text: Dict[str, Optional[str]] = self._breaking_changes_versions_to_text(release_notes_dir) + loose_versions: List[LooseVersion] = [LooseVersion(bc_ver) for bc_ver in bc_version_to_text.keys()] + predecessor_version: LooseVersion = LooseVersion('0.0.0') + for changelog_entry in sorted(changelog.keys(), key=LooseVersion): + rn_loose_version: LooseVersion = LooseVersion(changelog_entry) + if bc_versions := self._changelog_entry_bc_versions(predecessor_version, rn_loose_version, loose_versions, + bc_version_to_text): + logging.info(f'Changelog entry {changelog_entry} contains BC versions') + changelog[changelog_entry]['breakingChanges'] = True + if bc_text := self._calculate_bc_text(release_notes_dir, bc_versions): + changelog[changelog_entry]['breakingChangesNotes'] = bc_text + else: + changelog[changelog_entry].pop('breakingChangesNotes', None) + else: + logging.info('Version no BC!') + changelog[changelog_entry].pop('breakingChanges', None) + predecessor_version = rn_loose_version + + def _calculate_bc_text(self, release_notes_dir: str, bc_version_to_text: Dict[str, Optional[str]]) -> Optional[str]: + """ + Receives BC versions to text dict for current changelog entry. Calculates text for BC entry. + Args: + release_notes_dir (str): RN dir path. + bc_version_to_text (Dict[str, Optional[str]): {bc version, bc_text} + + Returns: + (Optional[str]): Text for entry if such was added. + If none is returned, server will list the full RN as the BC notes instead. + """ + # Handle cases of one BC version in entry. + if len(bc_version_to_text) == 1: + return list(bc_version_to_text.values())[0] + # Handle cases of two or more BC versions in entry. + text_of_bc_versions, bc_without_text = self._split_bc_versions_with_and_without_text(bc_version_to_text) + # Case one: Not even one BC version contains breaking text. + if len(text_of_bc_versions) == 0: + return None + # Case two: Only part of BC versions contains breaking text. + elif len(text_of_bc_versions) < len(bc_version_to_text): + return self._handle_many_bc_versions_some_with_text(release_notes_dir, text_of_bc_versions, bc_without_text) + # Case 3: All BC versions contains text. + else: + # Important: Currently, implementation of aggregating BCs was decided to concat between them + # In the future this might be needed to re-thought. + return '\n'.join(bc_version_to_text.values()) + + def _handle_many_bc_versions_some_with_text(self, release_notes_dir: str, text_of_bc_versions: List[str], + bc_versions_without_text: List[str], ) -> str: + """ + Calculates text for changelog entry where some BC versions contain text and some don't. + Important: Currently, implementation of aggregating BCs was decided to concat between them (and if BC version + does not have a BC text - concat the whole RN). In the future this might be needed to re-thought. + Args: + release_notes_dir (str): RN dir path. + text_of_bc_versions ([List[str]): List of text of BC versions with text. + bc_versions_without_text ([List[str]): List of BC versions without text. + + Returns: + (str): Text for BC entry. + """ + bc_with_text_str = '\n'.join(text_of_bc_versions) + rn_file_names_without_text = [f'''{bc_version.replace('.', '_')}.md''' for + bc_version in bc_versions_without_text] + other_rn_text: str = self._get_release_notes_concat_str(release_notes_dir, rn_file_names_without_text) + if not other_rn_text: + logging.error('No RN text, although text was expected to be found for versions' + f' {rn_file_names_without_text}.') + return f'{bc_with_text_str}{other_rn_text}' + + @staticmethod + def _get_release_notes_concat_str(release_notes_dir: str, rn_file_names: List[str]) -> str: + """ + Concat all RN data found in given `rn_file_names`. + Args: + release_notes_dir (str): RN dir path. + rn_file_names (List[str]): List of all RN files to concat their data. + + Returns: + (str): Concat RN data + """ + concat_str: str = '' + for rn_file_name in rn_file_names: + rn_file_path = os.path.join(release_notes_dir, rn_file_name) + with open(rn_file_path, 'r') as f: + # Will make the concat string start with new line on purpose. + concat_str = f'{concat_str}\n{f.read()}' + return concat_str + + @staticmethod + def _split_bc_versions_with_and_without_text(bc_versions: Dict[str, Optional[str]]) -> Tuple[List[str], List[str]]: + """ + Splits BCs to tuple of BCs text of BCs containing text, and BCs versions that do not contain BC text. + Args: + bc_versions (Dict[str, Optional[str]): BC versions mapped to text if exists. + + Returns: + (Tuple[List[str], List[str]]): (text of bc versions with text, bc_versions_without_text). + """ + text_of_bc_versions_with_tests: List[str] = [] + bc_versions_without_text: List[str] = [] + for bc_version, bc_text in bc_versions.items(): + if bc_text: + text_of_bc_versions_with_tests.append(bc_text) + else: + bc_versions_without_text.append(bc_version) + return text_of_bc_versions_with_tests, bc_versions_without_text + + @staticmethod + def _breaking_changes_versions_to_text(release_notes_dir: str) -> Dict[str, Optional[str]]: + """ + Calculates every BC version in given RN dir and maps it to text if exists. + Currently, text from a BC version is calculated in the following way: + - If RN has `breakingChangesNotes` entry in its corresponding config file, then use the value of that field + as the text of the BC to be represented. + - Else, use the whole RN text as BC text. + Args: + release_notes_dir (str): RN dir path. + + Returns: + (Dict[str, Optional[str]]): {dotted_version, text}. + """ + bc_version_to_text: Dict[str, Optional[str]] = dict() + # Get all config files in RN dir + rn_config_file_names = filter_dir_files_by_extension(release_notes_dir, '.json') + + for file_name in rn_config_file_names: + file_data: Dict = load_json(os.path.join(release_notes_dir, file_name)) + # Check if version is BC + if file_data.get('breakingChanges'): + # Processing name for easier calculations later on + processed_name: str = underscore_file_name_to_dotted_version(file_name) + bc_version_to_text[processed_name] = file_data.get('breakingChangesNotes') + return bc_version_to_text + + @staticmethod + def _changelog_entry_bc_versions(predecessor_version: LooseVersion, rn_version: LooseVersion, + breaking_changes_versions: List[LooseVersion], + bc_version_to_text: Dict[str, Optional[str]]) -> Dict[str, Optional[str]]: + """ + Gets all BC versions of given changelog entry, every BC s.t predecessor_version < BC version <= rn_version. + Args: + predecessor_version (LooseVersion): Predecessor version in numeric version order. + rn_version (LooseVersion): RN version of current processed changelog entry. + breaking_changes_versions (List[LooseVersion]): List of BC versions. + bc_version_to_text (Dict[str, Optional[str]): List of all BC to text in the given RN dir. + + Returns: + Dict[str, Optional[str]]: Partial list of `bc_version_to_text`, containing only relevant versions between + given versions. + """ + return {bc_ver.vstring: bc_version_to_text.get(bc_ver.vstring) for bc_ver in breaking_changes_versions if + predecessor_version < bc_ver <= rn_version} + # HELPER FUNCTIONS @@ -2535,7 +2723,7 @@ def init_storage_client(service_account=None): """Initialize google cloud storage client. In case of local dev usage the client will be initialized with user default credentials. - Otherwise, client will be initialized from service account json that is stored in CirlceCI. + Otherwise, client will be initialized from service account json that is stored in CircleCI. Args: service_account (str): full path to service account json. @@ -2773,6 +2961,21 @@ def is_ignored_pack_file(modified_file_path_parts): return False +def filter_dir_files_by_extension(release_notes_dir: str, extension: str) -> List[str]: + """ + Receives path to RN dir, filters only files in RN dir corresponding to the extension. + Needed because RN directory will be extended to contain JSON files for configurations, + see 'release_notes_bc_calculator.py' + Args: + release_notes_dir (str): Path to RN dir + extension (str): Extension to filter by. + + Returns: + (List[str]): List of all of the files in directory corresponding to the extension. + """ + return [file_name for file_name in os.listdir(release_notes_dir) if file_name.endswith(extension)] + + def is_the_only_rn_in_block(release_notes_dir: str, version: str, changelog: dict): """ Check if the given version is a key of an aggregated changelog block, as in its value in the changelog @@ -2801,8 +3004,8 @@ def is_the_only_rn_in_block(release_notes_dir: str, version: str, changelog: dic return False all_rn_versions = [] lowest_version = [LooseVersion('1.0.0')] - for filename in os.listdir(release_notes_dir): - current_version = release_notes_file_to_version(filename) + for filename in filter_dir_files_by_extension(release_notes_dir, '.md'): + current_version = underscore_file_name_to_dotted_version(filename) all_rn_versions.append(LooseVersion(current_version)) lower_versions_all_versions = [item for item in all_rn_versions if item < version] + lowest_version lower_versions_in_changelog = [LooseVersion(item) for item in changelog.keys() if @@ -2810,5 +3013,16 @@ def is_the_only_rn_in_block(release_notes_dir: str, version: str, changelog: dic return max(lower_versions_all_versions) == max(lower_versions_in_changelog) -def release_notes_file_to_version(rn_file_name): - return rn_file_name.replace('.md', '').replace('_', '.') +def underscore_file_name_to_dotted_version(file_name: str) -> str: + """ + Receives file name with expected format of x_x_x, and transforms it to dotted string. + Examples + - underscore_file_name_to_dotted_version(1_2_3.md) --> 1.2.3 + - underscore_file_name_to_dotted_version(1_4_2.json) --> 1.4.2 + Args: + file_name (str): File name. + + Returns: + (str): Dotted version of file name + """ + return os.path.splitext(file_name)[0].replace('_', '.') diff --git a/Tests/Marketplace/upload_packs.py b/Tests/Marketplace/upload_packs.py index ff32e21d7583..3cc0e688bed2 100644 --- a/Tests/Marketplace/upload_packs.py +++ b/Tests/Marketplace/upload_packs.py @@ -989,7 +989,7 @@ def main(): pack.cleanup() continue - task_status, modified_pack_files_paths, pack_was_modified = pack.detect_modified( + task_status, modified_rn_files_paths, pack_was_modified = pack.detect_modified( content_repo, index_folder_path, current_commit_hash, previous_commit_hash) if not task_status: @@ -1017,7 +1017,7 @@ def main(): continue task_status, not_updated_build = pack.prepare_release_notes(index_folder_path, build_number, pack_was_modified, - modified_pack_files_paths) + modified_rn_files_paths) if not task_status: pack.status = PackStatus.FAILED_RELEASE_NOTES.name pack.cleanup() From 0899a54bf759c6882e1b489f183e75a21843c5fd Mon Sep 17 00:00:00 2001 From: tkatzir Date: Wed, 1 Sep 2021 11:42:12 +0300 Subject: [PATCH 100/173] Azure ad graph fetch (#14352) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Hello Azure AD Pack * Initial commit for AzureADIP * list_risky_users works, list_risks broke? * renamed to AzureADIdentityProtection, added all commands to yml * corrected scope * yaml update * renamed command * code formatting * riskyUserHistory * confirm compromised * dismiss * Generic query_list, passes validation * prettier code * reverted MicrosoftApiModule.yml to master * removed redundant spaces * filter_arguments is optional * Update MicrosoftApiModule.yml added newline to pass validations (no idea why it was removed) * DT * limit default in yml * permission comment * permission comment * OData syntax comment * login instructions in description * country field description * filter description * filter description * removed header, added missing risky-user-list arguments * updated prefix, fixed nextLink parsing, added next_link_description * updated prefix * formatting * formatting * query_list docstrings * separated querying from parsing results, renamed client to AADClient * basic test * parametrized list test * risky users test * risky_users_history_list test * unit tests done * passes linter * moved comment * moved comment * removed resource group (unnecessary) * added first_headers to tableToMd * changed first_headers * first_headers RN * lint fix (e126) * lint fix (126) * redundant `or` * updated beta notice * updated description * fixed RM100 * changed prefix * updated permission notice * filter_arguments now a list * corrected context prefix * corrected context paths * yaml outputs, docs, example_commands * base rn * IPs * fixed tests,removed unused comment * ip * updated userPrincipalName, pack name * Confirm-compromised marked harmful * test playbook * readme * lint: indentations * Test playbook * Test playbook fromversion * CR: return_error message * CR: inherit MSClient * CR: inherit MSClient * docs fix * docs fix * test_list unit test * moved first_headers from CSP to AzureADGraph * reverted CSP changes * lint * lint * header orderˆ * val to obj * "1 results" -> "1 result", improved parse_list tests * corrected id * indentation change * moved @ part to constructor head * fixed name * added auth-complete human-readable to markdown * time argument parsing * time argument parsing * Update AzureADIdentityProtection_description.md * Update AzureADIdentityProtection.yml done * Update AzureADIdentityProtection_description.md done * Update README.md done * Update README.md done * fetch-incidents, initial add * extract method from azure_ad_identity_protection_risk_detection_list for fetch * Fetch configuration * Create incidents * Cleaner code * Fix incident occurred value * IncidentType, initial add * Mapper * Layout * Fixed mapper * incident name * Mapper * Removed test data * Update Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.yml Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Support fetch pagination * Updated Release Notes * New common incident fields * yml validations * Format * Format * Format * Updated Release Notes * Fixed package name * Align with Pack name * Align pack name * Fix json * Align pack name * Align Pack name * Align Pack name * Test fetch * Test same fetch time * Added missing import * Fix test * Missing var * Unit tests * Unit tests * Classifier keyTypeMap * Cleaner code * Remove unused command * A minor version update * Update Tests/conf.json Co-authored-by: Dean Arbel * Integration name * Short incident name * Fix test * Fix test * Release notes * Updated release notes * Format release notes Co-authored-by: dschwartz Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: shannon-holland <84771356+shannon-holland@users.noreply.github.com> Co-authored-by: Dean Arbel --- ...ectory_Identity_Protection_Classifier.json | 33 ++ ...y_Identity_Protection-Incoming_Mapper.json | 73 +++ .../incidentfield-Activity.json | 30 ++ .../incidentfield-Alert_Type.json | 29 ++ .../incidentfield-DetectedDateTime.json | 30 ++ .../incidentfield-DetectionTimingType.json | 30 ++ .../incidentfield-TokenIssuerType.json | 30 ++ ...pe-AADIdentityProtectionRiskDetection.json | 29 ++ .../AzureADIdentityProtection.py | 144 +++++- .../AzureADIdentityProtection.yml | 38 +- .../AzureADIdentityProtection_test.py | 49 ++ .../test_data/incidents.json | 99 ++++ ..._Directory_Identity_Protection_Layout.json | 433 ++++++++++++++++++ .../ReleaseNotes/1_1_0.md | 27 ++ Packs/AzureActiveDirectory/pack_metadata.json | 2 +- .../incidentfield-Last_Update_Time.json | 3 +- .../incidentfield-Location.json | 3 +- .../incidentfield-Location_Region.json | 3 +- .../incidentfield-Risk_Rating.json | 3 +- .../IncidentFields/incidentfield-Subtype.json | 3 +- .../incidentfield-Username.json | 3 +- Packs/CommonTypes/ReleaseNotes/3_1_12.md | 9 + Packs/CommonTypes/pack_metadata.json | 2 +- 23 files changed, 1082 insertions(+), 23 deletions(-) create mode 100644 Packs/AzureActiveDirectory/Classifiers/classifier-Azure_Active_Directory_Identity_Protection_Classifier.json create mode 100644 Packs/AzureActiveDirectory/Classifiers/classifier-mapping-incoming-Azure_Active_Directory_Identity_Protection-Incoming_Mapper.json create mode 100644 Packs/AzureActiveDirectory/IncidentFields/incidentfield-Activity.json create mode 100644 Packs/AzureActiveDirectory/IncidentFields/incidentfield-Alert_Type.json create mode 100644 Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectedDateTime.json create mode 100644 Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectionTimingType.json create mode 100644 Packs/AzureActiveDirectory/IncidentFields/incidentfield-TokenIssuerType.json create mode 100644 Packs/AzureActiveDirectory/IncidentTypes/incidenttype-AADIdentityProtectionRiskDetection.json create mode 100644 Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/test_data/incidents.json create mode 100644 Packs/AzureActiveDirectory/Layouts/layoutscontainer-Azure_Active_Directory_Identity_Protection_Layout.json create mode 100644 Packs/AzureActiveDirectory/ReleaseNotes/1_1_0.md create mode 100644 Packs/CommonTypes/ReleaseNotes/3_1_12.md diff --git a/Packs/AzureActiveDirectory/Classifiers/classifier-Azure_Active_Directory_Identity_Protection_Classifier.json b/Packs/AzureActiveDirectory/Classifiers/classifier-Azure_Active_Directory_Identity_Protection_Classifier.json new file mode 100644 index 000000000000..2898156ea906 --- /dev/null +++ b/Packs/AzureActiveDirectory/Classifiers/classifier-Azure_Active_Directory_Identity_Protection_Classifier.json @@ -0,0 +1,33 @@ +{ + "defaultIncidentType": "Azure Active Directory Identity and Access", + "description": "Classifies Azure Active Directory Identity and Access's alerts", + "feed": false, + "id": "Azure Active Directory Identity and Access", + "keyTypeMap": { + "unlikelyTravel": "Azure Active Directory Identity and Access", + "anonymizedIPAddress": "Azure Active Directory Identity and Access", + "maliciousIPAddress": "Azure Active Directory Identity and Access", + "unfamiliarFeatures": "Azure Active Directory Identity and Access", + "malwareInfectedIPAddress": "Azure Active Directory Identity and Access", + "suspiciousIPAddress": "Azure Active Directory Identity and Access", + "leakedCredentials": "Azure Active Directory Identity and Access", + "investigationsThreatIntelligence": "Azure Active Directory Identity and Access", + "generic,adminConfirmedUserCompromised": "Azure Active Directory Identity and Access", + "mcasImpossibleTravel": "Azure Active Directory Identity and Access", + "mcasSuspiciousInboxManipulationRules": "Azure Active Directory Identity and Access", + "investigationsThreatIntelligenceSigninLinked": "Azure Active Directory Identity and Access", + "maliciousIPAddressValidCredentialsBlockedIP": "Azure Active Directory Identity and Access", + "unknownFutureValue": "Azure Active Directory Identity and Access" + }, + "name": "Azure Active Directory Identity and Access Classifier", + "propagationLabels": [ + "all" + ], + "transformer": { + "complex": null, + "simple": "riskEventType" + }, + "type": "classification", + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/Classifiers/classifier-mapping-incoming-Azure_Active_Directory_Identity_Protection-Incoming_Mapper.json b/Packs/AzureActiveDirectory/Classifiers/classifier-mapping-incoming-Azure_Active_Directory_Identity_Protection-Incoming_Mapper.json new file mode 100644 index 000000000000..16a3babf173c --- /dev/null +++ b/Packs/AzureActiveDirectory/Classifiers/classifier-mapping-incoming-Azure_Active_Directory_Identity_Protection-Incoming_Mapper.json @@ -0,0 +1,73 @@ +{ + "description": "", + "feed": false, + "id": "Azure Active Directory Identity and Access Incoming Mapper", + "mapping": { + "Azure Active Directory Identity and Access": { + "dontMapEventToLabels": false, + "internalMapping": { + "Azure Active Directory Identity and Access Alert Type": { + "complex": null, + "simple": "riskEventType" + }, + "Azure Active Directory Identity and Access Activity": { + "complex": null, + "simple": "activity" + }, + "Azure Active Directory Identity and Access Detected Date Time": { + "complex": null, + "simple": "detectedDateTime" + }, + "Azure Active Directory Identity and Access Detection Timing Type": { + "complex": null, + "simple": "detectionTimingType" + }, + "Azure Active Directory Identity and Access Token Issuer Type": { + "complex": null, + "simple": "tokenIssuerType" + }, + "Last Update Time": { + "complex": null, + "simple": "lastUpdatedDateTime" + }, + "Location": { + "complex": { + "accessor": "geoCoordinates", + "filters": [], + "root": "location", + "transformers": [] + }, + "simple": "" + }, + "Location Region": { + "complex": null, + "simple": "location.countryOrRegion" + }, + "Risk Rating": { + "complex": null, + "simple": "riskLevel" + }, + "Source IP": { + "complex": null, + "simple": "ipAddress" + }, + "State": { + "complex": null, + "simple": "riskState" + }, + "Subtype": { + "complex": null, + "simple": "riskDetail" + }, + "Username": { + "complex": null, + "simple": "userPrincipalName" + } + } + } + }, + "name": "Azure Active Directory Identity and Access Incoming Mapper", + "type": "mapping-incoming", + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/IncidentFields/incidentfield-Activity.json b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-Activity.json new file mode 100644 index 000000000000..94ca8fb33659 --- /dev/null +++ b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-Activity.json @@ -0,0 +1,30 @@ +{ + "id": "incident_azureactivedirectoryidentityandaccessactivity", + "version": -1, + "modified": "2021-08-10T10:47:05.734048Z", + "name": "Azure Active Directory Identity and Access Activity", + "ownerOnly": false, + "cliName": "azureactivedirectoryidentityandaccessactivity", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "associatedTypes": [ + "Azure Active Directory Identity and Access" + ], + "associatedToAll": false, + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/IncidentFields/incidentfield-Alert_Type.json b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-Alert_Type.json new file mode 100644 index 000000000000..b974d6db08af --- /dev/null +++ b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-Alert_Type.json @@ -0,0 +1,29 @@ +{ + "id": "incident_azureactivedirectoryidentityandaccessalerttype", + "version": -1, + "name": "Azure Active Directory Identity and Access Alert Type", + "ownerOnly": false, + "cliName": "azureactivedirectoryidentityandaccessalerttype", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "associatedTypes": [ + "Azure Active Directory Identity and Access" + ], + "associatedToAll": false, + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectedDateTime.json b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectedDateTime.json new file mode 100644 index 000000000000..b1cd38615603 --- /dev/null +++ b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectedDateTime.json @@ -0,0 +1,30 @@ +{ + "id": "incident_azureactivedirectoryidentityandaccessdetecteddatetime", + "version": -1, + "modified": "2021-08-10T10:47:05.734048Z", + "name": "Azure Active Directory Identity and Access Detected Date Time", + "ownerOnly": false, + "cliName": "azureactivedirectoryidentityandaccessdetecteddatetime", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "associatedTypes": [ + "Azure Active Directory Identity and Access" + ], + "associatedToAll": false, + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectionTimingType.json b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectionTimingType.json new file mode 100644 index 000000000000..927bff311340 --- /dev/null +++ b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-DetectionTimingType.json @@ -0,0 +1,30 @@ +{ + "id": "incident_azureactivedirectoryidentityandaccessdetectiontimingtype", + "version": -1, + "modified": "2021-08-10T10:47:05.734048Z", + "name": "Azure Active Directory Identity and Access Detection Timing Type", + "ownerOnly": false, + "cliName": "azureactivedirectoryidentityandaccessdetectiontimingtype", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "associatedTypes": [ + "Azure Active Directory Identity and Access" + ], + "associatedToAll": false, + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/IncidentFields/incidentfield-TokenIssuerType.json b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-TokenIssuerType.json new file mode 100644 index 000000000000..38116c5ab5ce --- /dev/null +++ b/Packs/AzureActiveDirectory/IncidentFields/incidentfield-TokenIssuerType.json @@ -0,0 +1,30 @@ +{ + "id": "incident_azureactivedirectoryidentityandaccesstokenissuertype", + "version": -1, + "modified": "2021-08-10T10:47:05.734048Z", + "name": "Azure Active Directory Identity and Access Token Issuer Type", + "ownerOnly": false, + "cliName": "azureactivedirectoryidentityandaccesstokenissuertype", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "associatedTypes": [ + "Azure Active Directory Identity and Access" + ], + "associatedToAll": false, + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/IncidentTypes/incidenttype-AADIdentityProtectionRiskDetection.json b/Packs/AzureActiveDirectory/IncidentTypes/incidenttype-AADIdentityProtectionRiskDetection.json new file mode 100644 index 000000000000..bb105cd152f7 --- /dev/null +++ b/Packs/AzureActiveDirectory/IncidentTypes/incidenttype-AADIdentityProtectionRiskDetection.json @@ -0,0 +1,29 @@ +{ + "id": "Azure Active Directory Identity and Access", + "version": -1, + "vcShouldIgnore": false, + "locked": false, + "name": "Azure Active Directory Identity and Access", + "prevName": "Azure Active Directory Identity and Access", + "color": "#4B897A", + "hours": 0, + "days": 0, + "weeks": 0, + "hoursR": 0, + "daysR": 0, + "weeksR": 0, + "system": false, + "readonly": false, + "default": false, + "autorun": false, + "disabled": false, + "reputationCalc": 0, + "onChangeRepAlg": 0, + "layout": "Azure Active Directory Identity and Access Layout", + "detached": false, + "extractSettings": { + "mode": "Specific", + "fieldCliNameToExtractSettings": {} + }, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.py b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.py index c9304e461589..98df7fb37830 100644 --- a/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.py +++ b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.py @@ -1,8 +1,14 @@ +import demistomock as demisto + import urllib3 from MicrosoftApiModule import * urllib3.disable_warnings() +''' GLOBAL VARS ''' + +INTEGRATION_NAME = 'Azure Active Directory Identity and Access' + OUTPUTS_PREFIX = "AADIdentityProtection" BASE_URL = 'https://graph.microsoft.com/beta' REQUIRED_PERMISSIONS = ( @@ -32,6 +38,10 @@ def __json_list_to_headers(value_list: List[Dict[str, Any]]) -> List[str]: return headers +def get_next_link_url(raw_response: dict) -> str: + return raw_response.get('@odata.nextLink', '').replace(' ', '%20') + + def parse_list(raw_response: dict, human_readable_title: str, context_path: str) -> CommandResults: """ converts a response of Microsoft's graph search into a CommandResult object @@ -49,7 +59,7 @@ def parse_list(raw_response: dict, human_readable_title: str, context_path: str) outputs = {f'{OUTPUTS_PREFIX}.{context_path}(val.id === obj.id)': values} # removing whitespaces so they aren't mistakenly considered as argument separators in CLI - next_link = raw_response.get('@odata.nextLink', '').replace(' ', '%20') + next_link = get_next_link_url(raw_response) if next_link: next_link_key = f'{OUTPUTS_PREFIX}.NextLink(obj.Description === "{context_path}")' next_link_value = {'Description': context_path, 'URL': next_link} @@ -105,15 +115,27 @@ def query_list(self, params['$filter'] = filter_expression remove_nulls_from_dictionary(params) + # This could raise: + # { + # "error": { + # "code": "TooManyRequests", + # "message": "Too many requests.", + # "innerError": { + # "date": "2021-08-18T05:56:15", + # "request-id": "some-request-id", + # "client-request-id": "some-client-request-id" + # } + # } + # } return self.http_request(method='GET', url_suffix=url_suffix, params=params) - def azure_ad_identity_protection_risk_detection_list(self, - limit: int, - filter_expression: Optional[str] = None, - next_link: Optional[str] = None, - user_id: Optional[str] = None, - user_principal_name: Optional[str] = None, - country: Optional[str] = None) -> CommandResults: + def azure_ad_identity_protection_risk_detection_list_raw(self, + limit: int, + filter_expression: Optional[str] = None, + next_link: Optional[str] = None, + user_id: Optional[str] = None, + user_principal_name: Optional[str] = None, + country: Optional[str] = None) -> Dict: filter_arguments = [] if user_id: @@ -123,11 +145,25 @@ def azure_ad_identity_protection_risk_detection_list(self, if country: filter_arguments.append(f"location/countryOrRegion eq '{country}'") - raw_response = self.query_list(url_suffix='riskDetections', - filter_arguments=filter_arguments, - limit=limit, - filter_expression=filter_expression, - next_link=next_link) + return self.query_list(url_suffix='riskDetections', + filter_arguments=filter_arguments, + limit=limit, + filter_expression=filter_expression, + next_link=next_link) + + def azure_ad_identity_protection_risk_detection_list(self, + limit: int, + filter_expression: Optional[str] = None, + next_link: Optional[str] = None, + user_id: Optional[str] = None, + user_principal_name: Optional[str] = None, + country: Optional[str] = None) -> CommandResults: + raw_response = self.azure_ad_identity_protection_risk_detection_list_raw(limit=limit, + filter_expression=filter_expression, + next_link=next_link, + user_id=user_id, + user_principal_name=user_principal_name, + country=country) return parse_list(raw_response, human_readable_title="Risks", context_path="Risks") @@ -215,6 +251,86 @@ def azure_ad_identity_protection_risky_users_dismiss_command(client: AADClient, return client.azure_ad_identity_protection_risky_users_dismiss(**kwargs) +def create_incidents_from_input(input: List[Dict[str, str]], last_fetch_datetime: datetime) -> \ + Tuple[List[Dict[str, str]], datetime]: + + incidents: List[Dict[str, str]] = [] + last_fetch = last_fetch_datetime + + for current_input in input: + # 'activityDateTime': '2021-07-15T11:02:54Z' / 'activityDateTime': '2021-07-15T11:02:54.12345Z' + activity_date_time_str: str = current_input.get('activityDateTime', '') + + activity_datetime = dateparser.parse(activity_date_time_str) + # To prevent duplicates, adding incidents with creation_time > last fetched incident + if last_fetch: + if activity_datetime <= last_fetch: + demisto.debug(f'{INTEGRATION_NAME} - alert {str(current_input)} created at {activity_date_time_str}.' + f' Skipping.') + continue + + current_id: str = current_input.get('id', '') + current_risk_event_type: str = current_input.get('riskEventType', '') + current_risk_detail: str = current_input.get('riskDetail', '') + incident = { + 'name': f'Azure AD:' + f' {current_id} {current_risk_event_type} {current_risk_detail}', + 'occurred': activity_date_time_str, + 'rawJSON': json.dumps(current_input) + } + incidents.append(incident) + + timestamp = activity_datetime + if timestamp > last_fetch: + last_fetch = timestamp + + return incidents, last_fetch + + +def fetch_incidents(client: AADClient, params: Dict[str, str]): + + last_run: Dict[str, str] = demisto.getLastRun() + demisto.debug(f'last run: {last_run}') + + last_fetch = last_run.get('last_item_time', '') + if not last_fetch: + # handle first time fetch + first_fetch = params.get('first_fetch', '1 days') + default_fetch_datetime, _ = parse_date_range(date_range=first_fetch, utc=True, to_timestamp=False) + last_fetch = str(default_fetch_datetime.isoformat(timespec='seconds')) + 'Z' + + last_fetch_datetime: datetime = datetime.strptime(last_fetch, DATE_FORMAT) + demisto.debug(f'last_fetch_datetime: {last_fetch_datetime}') + + all_incidents: List = [] + do_fetch_call: bool = True + next_link: str = '' + filter_expression = params.get('fetch_filter_expression', f'lastUpdatedDateTime gt {last_fetch}') + while do_fetch_call: + risk_detection_list_raw: Dict = client.azure_ad_identity_protection_risk_detection_list_raw( + limit=int(params.get('max_fetch', '50')), + filter_expression=filter_expression, + next_link=next_link, + user_id=params.get('fetch_user_id', ''), + user_principal_name=params.get('fetch_user_principal_name', ''), + country='', + ) + + next_link = get_next_link_url(risk_detection_list_raw) + if not next_link: + do_fetch_call = False + values: list = risk_detection_list_raw.get('value', []) + demisto.debug('len(values): ' + str(len(values))) + + incidents, last_item_time = create_incidents_from_input(values, last_fetch_datetime=last_fetch_datetime) + all_incidents.extend(incidents) + + demisto.incidents(all_incidents) + demisto.setLastRun({ + 'last_item_time': last_item_time.strftime(DATE_FORMAT) + }) + + def start_auth(client: AADClient) -> CommandResults: result = client.start_auth('!azure-ad-auth-complete') return CommandResults(readable_output=result) @@ -273,6 +389,8 @@ def main() -> None: return_results(azure_ad_identity_protection_risky_users_confirm_compromised_command(client, **args)) elif command == 'azure-ad-identity-protection-risky-user-dismiss': return_results(azure_ad_identity_protection_risky_users_dismiss_command(client, **args)) + elif command == 'fetch-incidents': + return_results(fetch_incidents(client, params)) else: raise NotImplementedError(f'Command "{command}" is not implemented.') diff --git a/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.yml b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.yml index 139478093cd0..dfcb988fecb0 100644 --- a/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.yml +++ b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection.yml @@ -33,6 +33,40 @@ configuration: name: proxy required: false type: 8 +- name: isFetch + display: Fetch incidents + required: false + type: 8 +- display: Incident type + name: incidentType + required: false + type: 13 +- name: first_fetch + display: First Fetch Time Interval + required: false + defaultvalue: 1 days + type: 0 + additionalinfo: The time range to consider for the initial data fetch in the format + e.g., 1 hour, 2 hours, 6 hours, 12 hours, 24 hours, 48 hours. +- defaultvalue: '50' + display: Max fetch interval + additionalinfo: Maximum number of incidents per request from Azure Active Directory. Default is 50. + name: max_fetch + required: false + type: 0 +- display: Fetch filter expression + name: fetch_filter_expression + required: false + type: 0 +- display: Fetch User ID + additionalinfo: Comma separated of User IDs + name: fetch_user_id + required: false + type: 0 +- display: Fetch User Principal Name + name: fetch_user_principal_name + required: false + type: 0 description: Gets information from Azure Active Directory Identity Protection service. display: Azure Active Directory Identity Protection (Beta) name: Azure Active Directory Identity Protection @@ -425,9 +459,9 @@ script: the targeted user's risk level to none. execution: false name: azure-ad-identity-protection-risky-user-dismiss - dockerimage: demisto/crypto:1.0.0.14297 + dockerimage: demisto/crypto:1.0.0.23151 feed: false - isfetch: false + isfetch: true longRunning: false longRunningPort: false runonce: false diff --git a/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection_test.py b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection_test.py index ecb85a9386ff..ba886100380c 100644 --- a/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection_test.py +++ b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/AzureADIdentityProtection_test.py @@ -1,5 +1,9 @@ +import io import json +import dateparser +from datetime import datetime + import pytest from AzureADIdentityProtection import (AADClient, OUTPUTS_PREFIX, azure_ad_identity_protection_risk_detection_list_command, @@ -12,6 +16,11 @@ dummy_user_id = 'dummy_id' +def util_load_json(path): + with io.open(path, mode='r', encoding='utf-8') as f: + return json.loads(f.read()) + + @pytest.fixture() def client(mocker): mocker.patch('AzureADIdentityProtection.MicrosoftClient.get_access_token', return_value='token') @@ -146,3 +155,43 @@ def test_parse_list_empty(): assert outputs == {f'AADIdentityProtection.{context_path}(val.id === obj.id)': []} # no next_link assert f"{human_readable_title} (0 results)" in parsed.readable_output assert "**No entries.**" in parsed.readable_output + + +def test_fetch_all_incidents(mocker): + """ + Given + fetch incidents command running for the first time. + When + mock the Client's http_request. + Then + validate fetch incidents command using the Client gets all 3 relevant incidents + """ + from AzureADIdentityProtection import create_incidents_from_input + test_incidents = util_load_json('test_data/incidents.json') + last_fetch_datetime: datetime = dateparser.parse('2021-07-10T11:02:54Z') + incidents, last_item_time = create_incidents_from_input( + test_incidents.get('value', []), last_fetch_datetime=last_fetch_datetime) + assert len(incidents) == 3 + assert incidents[0].get( + 'name') == 'Azure AD: 17 newCountry adminDismissedAllRiskForUser' + assert last_item_time == dateparser.parse('2021-07-25T11:02:54Z') + + +def test_fetch_new_incidents(mocker): + """ + Given + fetch incidents command running for the first time. + When + mock the Client's http_request. + Then + validate fetch incidents command using the Client gets all 3 relevant incidents + """ + from AzureADIdentityProtection import create_incidents_from_input + test_incidents = util_load_json('test_data/incidents.json') + last_fetch_datetime: datetime = dateparser.parse('2021-07-20T11:02:54Z') + incidents, last_item_time = create_incidents_from_input( + test_incidents.get('value', []), last_fetch_datetime=last_fetch_datetime) + assert len(incidents) == 1 + assert incidents[0].get( + 'name') == 'Azure AD: 37 newCountry adminDismissedAllRiskForUser' + assert last_item_time == dateparser.parse('2021-07-25T11:02:54Z') diff --git a/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/test_data/incidents.json b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/test_data/incidents.json new file mode 100644 index 000000000000..717cb6f4cf19 --- /dev/null +++ b/Packs/AzureActiveDirectory/Integrations/AzureADIdentityProtection/test_data/incidents.json @@ -0,0 +1,99 @@ +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#riskyUsers", + "@odata.nextLink": "https://graph.microsoft.com/beta/RiskyUsers?$top=2&$skiptoken=dummy_skip_token", + "value": [ + { + "id": "17", + "requestId": "18", + "correlationId": "19", + "riskType": "NewCountry", + "riskEventType": "newCountry", + "riskState": "dismissed", + "riskLevel": "medium", + "riskDetail": "adminDismissedAllRiskForUser", + "source": "MicrosoftCloudAppSecurity", + "detectionTimingType": "offline", + "activity": "signin", + "tokenIssuerType": "AzureAD", + "ipAddress": "10.10.10.11", + "activityDateTime": "2021-07-15T11:02:54Z", + "detectedDateTime": "2021-07-15T11:08:54Z", + "lastUpdatedDateTime": "2021-07-15T13:56:42.4023143Z", + "userId": "21", + "userDisplayName": "John Doe", + "userPrincipalName": "johndoe@example.com", + "additionalInfo": "[{ 'Key': 'userAgent', 'Value': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36' }, { 'Key': 'alertUrl', 'Value': 'https: //portal.example.com/#/alerts/12345'}]", + "location": { + "city": "New York", + "state": "New York", + "countryOrRegion": "", + "geoCoordinates": { + "latitude": 40.7, + "longitude": -74.25 + } + } + }, + { + "id": "27", + "requestId": "28", + "correlationId": "29", + "riskType": "NewCountry", + "riskEventType": "newCountry", + "riskState": "dismissed", + "riskLevel": "medium", + "riskDetail": "adminDismissedAllRiskForUser", + "source": "MicrosoftCloudAppSecurity", + "detectionTimingType": "offline", + "activity": "signin", + "tokenIssuerType": "AzureAD", + "ipAddress": "10.10.10.11", + "activityDateTime": "2021-07-20T11:02:54Z", + "detectedDateTime": "2021-07-20T11:08:54Z", + "lastUpdatedDateTime": "2021-07-20T13:56:42.4023143Z", + "userId": "21", + "userDisplayName": "John Doe", + "userPrincipalName": "johndoe@example.com", + "additionalInfo": "[{ 'Key': 'userAgent', 'Value': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36' }, { 'Key': 'alertUrl', 'Value': 'https: //portal.example.com/#/alerts/12345'}]", + "location": { + "city": "New York", + "state": "New York", + "countryOrRegion": "", + "geoCoordinates": { + "latitude": 40.7, + "longitude": -74.25 + } + } + }, + { + "id": "37", + "requestId": "38", + "correlationId": "39", + "riskType": "NewCountry", + "riskEventType": "newCountry", + "riskState": "dismissed", + "riskLevel": "medium", + "riskDetail": "adminDismissedAllRiskForUser", + "source": "MicrosoftCloudAppSecurity", + "detectionTimingType": "offline", + "activity": "signin", + "tokenIssuerType": "AzureAD", + "ipAddress": "10.10.10.11", + "activityDateTime": "2021-07-25T11:02:54Z", + "detectedDateTime": "2021-07-25T11:08:54Z", + "lastUpdatedDateTime": "2021-07-25T13:56:42.4023143Z", + "userId": "21", + "userDisplayName": "John Doe", + "userPrincipalName": "johndoe@example.com", + "additionalInfo": "[{ 'Key': 'userAgent', 'Value': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36' }, { 'Key': 'alertUrl', 'Value': 'https: //portal.example.com/#/alerts/12345'}]", + "location": { + "city": "New York", + "state": "New York", + "countryOrRegion": "", + "geoCoordinates": { + "latitude": 40.7, + "longitude": -74.25 + } + } + } + ] +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/Layouts/layoutscontainer-Azure_Active_Directory_Identity_Protection_Layout.json b/Packs/AzureActiveDirectory/Layouts/layoutscontainer-Azure_Active_Directory_Identity_Protection_Layout.json new file mode 100644 index 000000000000..736afe5b422a --- /dev/null +++ b/Packs/AzureActiveDirectory/Layouts/layoutscontainer-Azure_Active_Directory_Identity_Protection_Layout.json @@ -0,0 +1,433 @@ +{ + "detailsV2": { + "tabs": [ + { + "id": "summary", + "name": "Legacy Summary", + "type": "summary" + }, + { + "id": "caseinfoid", + "name": "Incident Info", + "sections": [ + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-fce71720-98b0-11e9-97d7-ed26ef9e46c8", + "isVisible": true, + "items": [ + { + "endCol": 2, + "fieldId": "type", + "height": 22, + "id": "incident-type-field", + "index": 0, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "severity", + "height": 22, + "id": "incident-severity-field", + "index": 1, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "owner", + "height": 22, + "id": "incident-owner-field", + "index": 2, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "sourcebrand", + "height": 22, + "id": "incident-sourceBrand-field", + "index": 4, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "playbookid", + "height": 22, + "id": "incident-playbookId-field", + "index": 5, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "sourceinstance", + "height": 22, + "id": "incident-sourceInstance-field", + "index": 6, + "sectionItemType": "field", + "startCol": 0 + } + ], + "maxW": 3, + "name": "Case Details", + "w": 1, + "x": 0, + "y": 0 + }, + { + "h": 2, + "i": "caseinfoid-61263cc0-98b1-11e9-97d7-ed26ef9e46c8", + "maxW": 3, + "name": "Notes", + "type": "notes", + "w": 1, + "x": 2, + "y": 0 + }, + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-6aabad20-98b1-11e9-97d7-ed26ef9e46c8", + "maxW": 3, + "name": "Work Plan", + "type": "workplan", + "w": 1, + "x": 1, + "y": 0 + }, + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-770ec200-98b1-11e9-97d7-ed26ef9e46c8", + "isVisible": true, + "maxW": 3, + "name": "Linked Incidents", + "type": "linkedIncidents", + "w": 1, + "x": 1, + "y": 6 + }, + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-842632c0-98b1-11e9-97d7-ed26ef9e46c8", + "maxW": 3, + "name": "Child Incidents", + "type": "childInv", + "w": 1, + "x": 2, + "y": 4 + }, + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-4a31afa0-98ba-11e9-a519-93a53c759fe0", + "maxW": 3, + "name": "Evidence", + "type": "evidence", + "w": 1, + "x": 2, + "y": 2 + }, + { + "displayType": "ROW", + "h": 2, + "hideName": false, + "i": "caseinfoid-7717e580-9bed-11e9-9a3f-8b4b2158e260", + "maxW": 3, + "name": "Team Members", + "type": "team", + "w": 1, + "x": 2, + "y": 6 + }, + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-7ce69dd0-a07f-11e9-936c-5395a1acf11e", + "maxW": 3, + "name": "Indicators", + "query": "", + "queryType": "input", + "type": "indicators", + "w": 2, + "x": 0, + "y": 4 + }, + { + "displayType": "CARD", + "h": 2, + "i": "caseinfoid-ac32f620-a0b0-11e9-b27f-13ae1773d289", + "items": [ + { + "endCol": 1, + "fieldId": "occurred", + "height": 53, + "id": "incident-occurred-field", + "index": 0, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "dbotduedate", + "height": 53, + "id": "incident-dueDate-field", + "index": 1, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 1, + "fieldId": "dbotmodified", + "height": 53, + "id": "incident-modified-field", + "index": 2, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "azureactivedirectoryidentityandaccessdetecteddatetime", + "height": 22, + "id": "333322b0-fb65-11eb-9a44-1f2c7ba8ceab", + "index": 3, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "dbotcreated", + "height": 53, + "id": "incident-created-field", + "index": 0, + "sectionItemType": "field", + "startCol": 1 + }, + { + "endCol": 2, + "fieldId": "dbotclosed", + "height": 53, + "id": "incident-closed-field", + "index": 1, + "sectionItemType": "field", + "startCol": 1 + } + ], + "maxW": 3, + "name": "Timeline Information", + "w": 1, + "x": 0, + "y": 2 + }, + { + "displayType": "ROW", + "h": 2, + "i": "caseinfoid-88e6bf70-a0b1-11e9-b27f-13ae1773d289", + "isVisible": true, + "items": [ + { + "endCol": 2, + "fieldId": "dbotclosed", + "height": 22, + "id": "incident-dbotClosed-field", + "index": 0, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "closereason", + "height": 22, + "id": "incident-closeReason-field", + "index": 1, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "closenotes", + "height": 22, + "id": "incident-closeNotes-field", + "index": 2, + "sectionItemType": "field", + "startCol": 0 + } + ], + "maxW": 3, + "name": "Closing Information", + "w": 1, + "x": 0, + "y": 6 + }, + { + "displayType": "CARD", + "h": 2, + "i": "caseinfoid-e54b1770-a0b1-11e9-b27f-13ae1773d289", + "isVisible": true, + "items": [ + { + "endCol": 2, + "fieldId": "azureactivedirectoryidentityandaccessalerttype", + "height": 53, + "id": "protection-detection-alert-type-field", + "index": 0, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "state", + "height": 53, + "id": "state-field", + "index": 1, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "riskrating", + "height": 53, + "id": "riskrating-field", + "index": 2, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "subtype", + "height": 53, + "id": "subtype-field", + "index": 3, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "azureactivedirectoryidentityandaccessdetectiontimingtype", + "height": 53, + "id": "protection-detection-timing-type-field", + "index": 4, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "azureactivedirectoryidentityandaccessactivity", + "height": 53, + "id": "302e6e30-fb65-11eb-9a44-1f2c7ba8ceab", + "index": 5, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "azureactivedirectoryidentityandaccesstokenissuertype", + "height": 53, + "id": "3a90d110-fb65-11eb-9a44-1f2c7ba8ceab", + "index": 6, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "sourceip", + "height": 53, + "id": "source-ip-field", + "index": 7, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "location", + "height": 53, + "id": "location-field", + "index": 8, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "locationregion", + "height": 53, + "id": "location-region-field", + "index": 9, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "azureactivedirectoryidentityandaccessdetecteddatetime", + "height": 53, + "id": "37814720-fb65-11eb-9a44-1f2c7ba8ceab", + "index": 10, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "lastupdatetime", + "height": 53, + "id": "last-update-time-field", + "index": 11, + "sectionItemType": "field", + "startCol": 0 + }, + { + "endCol": 2, + "fieldId": "username", + "height": 53, + "id": "username-field", + "index": 12, + "sectionItemType": "field", + "startCol": 0 + } + ], + "maxW": 3, + "name": "Investigation Data", + "w": 1, + "x": 1, + "y": 2 + } + ], + "type": "custom" + }, + { + "id": "warRoom", + "name": "War Room", + "type": "warRoom" + }, + { + "id": "workPlan", + "name": "Work Plan", + "type": "workPlan" + }, + { + "id": "evidenceBoard", + "name": "Evidence Board", + "type": "evidenceBoard" + }, + { + "id": "relatedIncidents", + "name": "Related Incidents", + "type": "relatedIncidents" + }, + { + "id": "canvas", + "name": "Canvas", + "type": "canvas" + } + ] + }, + "group": "incident", + "id": "Azure Active Directory Identity and Access Layout", + "name": "Azure Active Directory Identity and Access Layout", + "system": false, + "version": -1, + "fromVersion": "6.0.0", + "description": "The Azure Active Directory Identity Protection Layout" +} \ No newline at end of file diff --git a/Packs/AzureActiveDirectory/ReleaseNotes/1_1_0.md b/Packs/AzureActiveDirectory/ReleaseNotes/1_1_0.md new file mode 100644 index 000000000000..e571104a4901 --- /dev/null +++ b/Packs/AzureActiveDirectory/ReleaseNotes/1_1_0.md @@ -0,0 +1,27 @@ + +#### Incident Fields +- **Azure Active Directory Identity and Access Alert Type** +- **Azure Active Directory Identity and Access Detection Timing Type** +- **Azure Active Directory Identity and Access Token Issuer Type** +- **Azure Active Directory Identity and Access Activity** +- **Azure Active Directory Identity and Access Detected Date Time** + +#### Incident Types +- **Azure Active Directory Identity and Access** + +#### Integrations +##### Azure Active Directory Identity Protection (Beta) +- Updated the Docker image to: *demisto/crypto:1.0.0.23151*. +- Added support for Fetch Incidents + +#### Layouts +##### New: Azure Active Directory Identity and Access Layout +- Layout for fetched incidents + +#### Mappers +##### New: Azure Active Directory Identity and Access Incoming Mapper +- Mapper for fetched incidents + +#### Classifiers +##### New: Azure Active Directory Identity and Access Classifier +- Classifies Azure Active Directory Identity and Access's alerts diff --git a/Packs/AzureActiveDirectory/pack_metadata.json b/Packs/AzureActiveDirectory/pack_metadata.json index 7edbae31bd17..53527b64872e 100644 --- a/Packs/AzureActiveDirectory/pack_metadata.json +++ b/Packs/AzureActiveDirectory/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Azure Active Directory Identity and Access", "description": "Use Microsoft Graph to query information from Azure Active Directory", "support": "xsoar", - "currentVersion": "1.0.0", + "currentVersion": "1.1.0", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json b/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json index 343a8c8480c2..4bb9dcc31bd1 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json @@ -2,7 +2,8 @@ "associatedToAll": false, "associatedTypes": [ "Qradar Generic", - "Carbon Black Endpoint Standard" + "Carbon Black Endpoint Standard", + "Azure Active Directory Identity and Access" ], "breachScript": "", "caseInsensitive": true, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Location.json b/Packs/CommonTypes/IncidentFields/incidentfield-Location.json index a8468056e0c3..b2aaa1e7477b 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Location.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Location.json @@ -24,7 +24,8 @@ "IAM - Update User", "User Profile", "IAM - Sync User", - "IAM - Rehire User" + "IAM - Rehire User", + "Azure Active Directory Identity and Access" ], "associatedToAll": false, "unmapped": false, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Location_Region.json b/Packs/CommonTypes/IncidentFields/incidentfield-Location_Region.json index 918c1772302e..e1ba2ede0684 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Location_Region.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Location_Region.json @@ -24,7 +24,8 @@ "IAM - Update User", "User Profile", "IAM - Sync User", - "IAM - Rehire User" + "IAM - Rehire User", + "Azure Active Directory Identity and Access" ], "associatedToAll": false, "unmapped": false, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Risk_Rating.json b/Packs/CommonTypes/IncidentFields/incidentfield-Risk_Rating.json index 356797a4132a..41d749297bec 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Risk_Rating.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Risk_Rating.json @@ -5,7 +5,8 @@ "GCP Compute Engine Misconfiguration", "AWS CloudTrail Misconfiguration", "AWS IAM Policy Misconfiguration", - "AWS EC2 Instance Misconfiguration" + "AWS EC2 Instance Misconfiguration", + "Azure Active Directory Identity and Access" ], "breachScript": "", "caseInsensitive": true, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Subtype.json b/Packs/CommonTypes/IncidentFields/incidentfield-Subtype.json index 7e14a0584324..e0d3379c393d 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Subtype.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Subtype.json @@ -1,7 +1,8 @@ { "associatedToAll": false, "associatedTypes": [ - "Traps" + "Traps", + "Azure Active Directory Identity and Access" ], "breachScript": "", "caseInsensitive": true, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Username.json b/Packs/CommonTypes/IncidentFields/incidentfield-Username.json index 1bbbfedafee0..52220a0d87a7 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Username.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Username.json @@ -12,7 +12,8 @@ "User Profile", "IAM - Sync User", "IAM - Rehire User", - "Carbon Black EDR" + "Carbon Black EDR", + "Azure Active Directory Identity and Access" ], "breachScript": "", "caseInsensitive": true, diff --git a/Packs/CommonTypes/ReleaseNotes/3_1_12.md b/Packs/CommonTypes/ReleaseNotes/3_1_12.md new file mode 100644 index 000000000000..14deac3a44b1 --- /dev/null +++ b/Packs/CommonTypes/ReleaseNotes/3_1_12.md @@ -0,0 +1,9 @@ + +#### Incident Fields +- **Alert Type** +- **Location** +- **Username** +- **Subtype** +- **Risk Rating** +- **Location Region** +- **Last Update Time** diff --git a/Packs/CommonTypes/pack_metadata.json b/Packs/CommonTypes/pack_metadata.json index e2581acaa60f..a2ea65dd48cb 100644 --- a/Packs/CommonTypes/pack_metadata.json +++ b/Packs/CommonTypes/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Types", "description": "This Content Pack will get you up and running in no-time and provide you with the most commonly used incident & indicator fields and types.", "support": "xsoar", - "currentVersion": "3.1.11", + "currentVersion": "3.1.12", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 9a9876519c351488ee23bc9d84470a88bd618be7 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 1 Sep 2021 11:58:07 +0300 Subject: [PATCH 101/173] Skipped the following tests: "Domain Enrichment - Generic v2 - Test" (#14626) --- Tests/conf.json | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Tests/conf.json b/Tests/conf.json index 0f5688727db3..7819d2fb32cf 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -4614,9 +4614,11 @@ "RedLockTest": "Issue 24600", "MicrosoftGraphMail-Test_prod": "Issue 40125", "Cisco Umbrella Test": "Issue 24338", - "Detonate URL - WildFire v2.1 - Test": "Issue 40834" + "Detonate URL - WildFire v2.1 - Test": "Issue 40834", + "Domain Enrichment - Generic v2 - Test": "Issue 40862" }, "skipped_integrations": { + "_comment1": "~~~ NO INSTANCE ~~~", "Ipstack": "Usage limit reached (Issue 38063)", "AnsibleAlibabaCloud": "No instance - issue 40447", @@ -4709,13 +4711,16 @@ "FraudWatch": "Issue 34299", "Cisco Stealthwatch": "No instance - developed by Qmasters", "Armis": "No instance - developed by SOAR Experts", + "_comment2": "~~~ UNSTABLE ~~~", "Tenable.sc": "unstable instance", "ThreatConnect v2": "unstable instance", + "_comment3": "~~~ QUOTA ISSUES ~~~", "Lastline": "issue 20323", "Google Resource Manager": "Cannot create projects because have reached allowed quota.", "Looker": "Warehouse 'DEMO_WH' cannot be resumed because resource monitor 'LIMITER' has exceeded its quota.", + "_comment4": "~~~ OTHER ~~~", "AlienVault OTX TAXII Feed": "Issue 29197", "EclecticIQ Platform": "Issue 8821", @@ -4893,6 +4898,7 @@ "HelloWorldPremium-Test" ], "docker_thresholds": { + "_comment": "Add here docker images which are specific to an integration and require a non-default threshold (such as rasterize or ews). That way there is no need to define this multiple times. You can specify full image name with version or without.", "images": { "demisto/chromium": { From 75cec43f7c6c3bce8094e83e41cd3688836e42db Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 1 Sep 2021 12:53:05 +0300 Subject: [PATCH 102/173] Update Docker Image To demisto/zabbix (#14635) * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update --- Packs/Zabbix/Integrations/Zabbix/Zabbix.yml | 2 +- Packs/Zabbix/ReleaseNotes/1_0_3.md | 3 +++ Packs/Zabbix/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/Zabbix/ReleaseNotes/1_0_3.md diff --git a/Packs/Zabbix/Integrations/Zabbix/Zabbix.yml b/Packs/Zabbix/Integrations/Zabbix/Zabbix.yml index 489fb5fd3919..9c596d6a4693 100644 --- a/Packs/Zabbix/Integrations/Zabbix/Zabbix.yml +++ b/Packs/Zabbix/Integrations/Zabbix/Zabbix.yml @@ -455,7 +455,7 @@ script: description: Whether the event is suppressed. type: number description: Get events - dockerimage: demisto/zabbix:1.0.0.23423 + dockerimage: demisto/zabbix:1.0.0.24041 isfetch: false longRunning: false longRunningPort: false diff --git a/Packs/Zabbix/ReleaseNotes/1_0_3.md b/Packs/Zabbix/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..bb9d0a41d05f --- /dev/null +++ b/Packs/Zabbix/ReleaseNotes/1_0_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### Zabbix +- Updated the Docker image to: *demisto/zabbix:1.0.0.24041*. diff --git a/Packs/Zabbix/pack_metadata.json b/Packs/Zabbix/pack_metadata.json index d647b7573e4f..9a2105b05c1b 100644 --- a/Packs/Zabbix/pack_metadata.json +++ b/Packs/Zabbix/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Zabbix", "description": "Allow integration with Zabbix api.", "support": "developer", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "Henrique Caires", "url": "https://support.zabbix.com/secure/Dashboard.jspa", "email": "henrique@caires.net.br", From 0b853477c046aaa50a01151503c156abd53b8332 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 1 Sep 2021 12:53:58 +0300 Subject: [PATCH 103/173] Update Docker Image To demisto/intezer (#14633) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update --- Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml | 2 +- Packs/Intezer/ReleaseNotes/1_2_2.md | 3 +++ Packs/Intezer/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/Intezer/ReleaseNotes/1_2_2.md diff --git a/Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml b/Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml index d7078bcbc12f..e6539f71c8e2 100644 --- a/Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml +++ b/Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml @@ -257,7 +257,7 @@ script: - contextPath: Intezer.Analysis.SubAnalyses.Metadata description: A Sub Analysis metadata type: Unknown - dockerimage: demisto/intezer:1.0.0.23290 + dockerimage: demisto/intezer:1.0.0.24037 isfetch: false runonce: false script: '-' diff --git a/Packs/Intezer/ReleaseNotes/1_2_2.md b/Packs/Intezer/ReleaseNotes/1_2_2.md new file mode 100644 index 000000000000..91153575c7ce --- /dev/null +++ b/Packs/Intezer/ReleaseNotes/1_2_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### Intezer v2 +- Updated the Docker image to: *demisto/intezer:1.0.0.24037*. diff --git a/Packs/Intezer/pack_metadata.json b/Packs/Intezer/pack_metadata.json index 0d7e71f6b91a..5264ffd57042 100644 --- a/Packs/Intezer/pack_metadata.json +++ b/Packs/Intezer/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Intezer", "description": "Malware detection and analysis based on code reuse", "support": "partner", - "currentVersion": "1.2.1", + "currentVersion": "1.2.2", "author": "Intezer", "url": "", "email": "support@intezer.com", From 748e8fb9b84a3b7e8fb0b132c70a57076cfd37b7 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 1 Sep 2021 12:54:37 +0300 Subject: [PATCH 104/173] Update Docker Image To demisto/tesseract (#14632) * Updated Metadata Of Pack ImageOCR * Added release notes to pack ImageOCR * Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml Docker image update --- Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml | 2 +- Packs/ImageOCR/ReleaseNotes/1_1_2.md | 3 +++ Packs/ImageOCR/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/ImageOCR/ReleaseNotes/1_1_2.md diff --git a/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml b/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml index 48e80fa58069..5ef47aa4e256 100644 --- a/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml +++ b/Packs/ImageOCR/Integrations/ImageOCR/ImageOCR.yml @@ -39,7 +39,7 @@ script: - contextPath: File.Text description: Extracted text from the passed image file. type: String - dockerimage: demisto/tesseract:1.0.0.22950 + dockerimage: demisto/tesseract:1.0.0.24037 isfetch: false runonce: false script: '-' diff --git a/Packs/ImageOCR/ReleaseNotes/1_1_2.md b/Packs/ImageOCR/ReleaseNotes/1_1_2.md new file mode 100644 index 000000000000..d5a88f9d8d07 --- /dev/null +++ b/Packs/ImageOCR/ReleaseNotes/1_1_2.md @@ -0,0 +1,3 @@ +#### Integrations +##### Image OCR +- Updated the Docker image to: *demisto/tesseract:1.0.0.24037*. diff --git a/Packs/ImageOCR/pack_metadata.json b/Packs/ImageOCR/pack_metadata.json index 625b0a141b8a..09281052d910 100644 --- a/Packs/ImageOCR/pack_metadata.json +++ b/Packs/ImageOCR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Image OCR", "description": "Extracts text from images.", "support": "xsoar", - "currentVersion": "1.1.1", + "currentVersion": "1.1.2", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 0a5b448a0dd939f32f219d7cfa932f35bdca2ead Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Wed, 1 Sep 2021 12:59:18 +0300 Subject: [PATCH 105/173] Fireeye ETP - handle unicode chars (#14622) * add test for unicode chars in alert * set system default encoding * Update Packs/FireEyeETP/ReleaseNotes/1_0_4.md Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> --- .../Integrations/FireEyeETP/FireEyeETP.py | 3 ++ .../FireEyeETP/FireEyeETP_test.py | 51 +++++++++++++++++++ Packs/FireEyeETP/ReleaseNotes/1_0_4.md | 3 ++ Packs/FireEyeETP/pack_metadata.json | 2 +- 4 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 Packs/FireEyeETP/ReleaseNotes/1_0_4.md diff --git a/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP.py b/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP.py index 0bdf2dd8c2c2..cd046ecb96e9 100644 --- a/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP.py +++ b/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP.py @@ -16,6 +16,9 @@ # disable insecure warnings requests.packages.urllib3.disable_warnings() +reload(sys) +sys.setdefaultencoding('utf8') # pylint: disable=no-member + ''' GLOBAL VARS ''' diff --git a/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP_test.py b/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP_test.py index 2b9e87b1b207..a0b51a891f8f 100644 --- a/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP_test.py +++ b/Packs/FireEyeETP/Integrations/FireEyeETP/FireEyeETP_test.py @@ -1,3 +1,6 @@ +import demistomock as demisto + + def test_malware_readable_data(): """ Given: @@ -12,3 +15,51 @@ def test_malware_readable_data(): malware_readable_data({'name': 'some-name'}) except KeyError: assert False, 'malware_readable_data method should not fail on dict with name key only' + + +def test_get_alert_command(mocker, requests_mock): + """ + Given: + - ID of alert to get + - The alert object contain unicode + + When: + - Running get-alert command + + Then: + - Ensure command runs successfully + - Ensure results are returned + """ + import FireEyeETP + base_url = 'https://server_url/api/v1' + mocker.patch('FireEyeETP.BASE_PATH', base_url) + mocker.patch.object(demisto, 'args', return_value={'alert_id': 'KgBdei7RQS4u4m8Jl7mG'}) + mocker.patch.object(demisto, 'results') + requests_mock.get( + base_url + '/alerts/KgBdei7RQS4u4m8Jl7mG?', + json={ + 'meta': { + 'total': 1 + }, + 'data': [ + { + 'alert': { + 'explanation': { + 'malware_detected': { + 'malware': {} + } + } + }, + 'email': { + 'headers': { + 'to': u'\u200b' + }, + 'timestamp': {} + } + } + ] + } + ) + FireEyeETP.get_alert_command() + results = demisto.results.call_args[0][0] + assert results diff --git a/Packs/FireEyeETP/ReleaseNotes/1_0_4.md b/Packs/FireEyeETP/ReleaseNotes/1_0_4.md new file mode 100644 index 000000000000..0a28ad6cc787 --- /dev/null +++ b/Packs/FireEyeETP/ReleaseNotes/1_0_4.md @@ -0,0 +1,3 @@ +#### Integrations +##### FireEye ETP +- Fixed an issue where the integration failed to execute commands on alerts with unicode characters. diff --git a/Packs/FireEyeETP/pack_metadata.json b/Packs/FireEyeETP/pack_metadata.json index bdd3692af172..1e30dc5fe8b9 100644 --- a/Packs/FireEyeETP/pack_metadata.json +++ b/Packs/FireEyeETP/pack_metadata.json @@ -2,7 +2,7 @@ "name": "FireEye ETP", "description": "FireEye Email Threat Prevention (ETP Cloud) is a cloud-based platform that protects against advanced email attacks.", "support": "xsoar", - "currentVersion": "1.0.3", + "currentVersion": "1.0.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From f84bed8892dba7728fed1c519e8c14bf97772d55 Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 1 Sep 2021 13:01:00 +0300 Subject: [PATCH 106/173] Update Docker Image To demisto/trustar (#14634) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Packs/TruSTAR/Integrations/TruSTAR_V2/TruSTAR_V2.yml Docker image update --- Packs/TruSTAR/Integrations/TruSTAR_V2/TruSTAR_V2.yml | 2 +- Packs/TruSTAR/ReleaseNotes/2_1_4.md | 3 +++ Packs/TruSTAR/pack_metadata.json | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 Packs/TruSTAR/ReleaseNotes/2_1_4.md diff --git a/Packs/TruSTAR/Integrations/TruSTAR_V2/TruSTAR_V2.yml b/Packs/TruSTAR/Integrations/TruSTAR_V2/TruSTAR_V2.yml index f268118a1554..eadb88ae621a 100644 --- a/Packs/TruSTAR/Integrations/TruSTAR_V2/TruSTAR_V2.yml +++ b/Packs/TruSTAR/Integrations/TruSTAR_V2/TruSTAR_V2.yml @@ -1022,7 +1022,7 @@ script: script: '' type: python subtype: python3 - dockerimage: demisto/trustar:20.2.0.23012 + dockerimage: demisto/trustar:20.2.0.24037 fromversion: 5.0.0 tests: - TruSTAR v2-Test diff --git a/Packs/TruSTAR/ReleaseNotes/2_1_4.md b/Packs/TruSTAR/ReleaseNotes/2_1_4.md new file mode 100644 index 000000000000..003fcf318be6 --- /dev/null +++ b/Packs/TruSTAR/ReleaseNotes/2_1_4.md @@ -0,0 +1,3 @@ +#### Integrations +##### TruSTAR v2 +- Updated the Docker image to: *demisto/trustar:20.2.0.24037*. diff --git a/Packs/TruSTAR/pack_metadata.json b/Packs/TruSTAR/pack_metadata.json index 5c77c1e56e0f..cc72c342dc02 100644 --- a/Packs/TruSTAR/pack_metadata.json +++ b/Packs/TruSTAR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "TruSTAR", "description": "TruSTAR's threat intelligence platform enriches every stage of the security operations workflow from the trusted and relevant data sources.", "support": "partner", - "currentVersion": "2.1.3", + "currentVersion": "2.1.4", "author": "TruSTAR", "url": "https://www.trustar.co", "email": "support@trustar.co", From fafc80df0b0f519a1aaa170bd9cdbbae8b2c6e69 Mon Sep 17 00:00:00 2001 From: tkatzir Date: Wed, 1 Sep 2021 13:03:12 +0300 Subject: [PATCH 107/173] Coverage enforce 2 (#14625) * git * Format code * Fix indentations --- Utils/upload_code_coverage_report.py | 50 +++++++++++++++------------- 1 file changed, 26 insertions(+), 24 deletions(-) diff --git a/Utils/upload_code_coverage_report.py b/Utils/upload_code_coverage_report.py index 808ffb4a7449..4eec3c966b2e 100644 --- a/Utils/upload_code_coverage_report.py +++ b/Utils/upload_code_coverage_report.py @@ -46,31 +46,32 @@ def create_minimal_report(source_file: str, destination_file: str) -> Tuple[bool return True, str_from_datetime -def upload_file_to_google_cloud_storage(service_account: str, - bucket_name: str, - minimal_file_name: str, - destination_blob_dir: str, - last_updated: str, - ): - """Uploads a file to the bucket.""" - json_dest = f'{destination_blob_dir}/coverage-min.json' +def upload_files_to_google_cloud_storage(service_account: str, + bucket_name: str, + source_file_name: str, + minimal_file_name: str, + destination_blob_dir: str, + last_updated: str, + ): + """Upload files to the bucket.""" + updated = datetime.strptime(last_updated, TIMESTAMP_FORMAT_SECONDS) updated_date = updated.strftime(DATE_FORMAT) - historic_data_dest = f'{destination_blob_dir}/history/coverage-min/{updated_date}.json' - upload_list = [json_dest, historic_data_dest] + files_to_upload = [ + (f'{destination_blob_dir}/coverage.json', source_file_name), + (f'{destination_blob_dir}/history/coverage/{updated_date}.json', source_file_name), + (f'{destination_blob_dir}/coverage-min.json', minimal_file_name), + (f'{destination_blob_dir}/history/coverage-min/{updated_date}.json', minimal_file_name), + ] + # google cloud storage client initialized storage_client = init_storage_client(service_account) bucket = storage_client.bucket(bucket_name) - for file_to_upload in upload_list: - upload_file_to_bucket(bucket, file_to_upload, minimal_file_name) - - print( - "File {} uploaded to {}.".format( - minimal_file_name, ', '.join(upload_list) - ) - ) + for path_in_bucket, local_path in files_to_upload: + upload_file_to_bucket(bucket_obj=bucket, path_in_bucket=path_in_bucket, local_path=local_path) + print("File {} uploaded to {}.".format(local_path, path_in_bucket)) def upload_file_to_bucket(bucket_obj, path_in_bucket, local_path): @@ -146,12 +147,13 @@ def main(): ) if success: - upload_file_to_google_cloud_storage(service_account=options.service_account, - bucket_name=options.bucket_name, - minimal_file_name=options.minimal_file_name, - destination_blob_dir=options.destination_blob_dir, - last_updated=last_updated - ) + upload_files_to_google_cloud_storage(service_account=options.service_account, + bucket_name=options.bucket_name, + source_file_name=options.source_file_name, + minimal_file_name=options.minimal_file_name, + destination_blob_dir=options.destination_blob_dir, + last_updated=last_updated + ) if __name__ == '__main__': From 807d684e6926a88ab578b23abd339b8a12d38f4b Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 1 Sep 2021 13:13:19 +0300 Subject: [PATCH 108/173] Update Docker Image To demisto/greynoise (#14631) * Updated Metadata Of Pack GreyNoise * Added release notes to pack GreyNoise * Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml Docker image update * Packs/GreyNoise/Integrations/GreyNoise_Community/GreyNoise_Community.yml Docker image update --- Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml | 2 +- .../Integrations/GreyNoise_Community/GreyNoise_Community.yml | 2 +- Packs/GreyNoise/ReleaseNotes/1_0_5.md | 5 +++++ Packs/GreyNoise/pack_metadata.json | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 Packs/GreyNoise/ReleaseNotes/1_0_5.md diff --git a/Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml b/Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml index 95f02e480f37..0cc965f912c1 100644 --- a/Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml +++ b/Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml @@ -453,7 +453,7 @@ script: - contextPath: GreyNoise.Riot.reference description: The reference of the IP if riot is "True". type: String - dockerimage: demisto/greynoise:1.0.0.23290 + dockerimage: demisto/greynoise:1.0.0.24037 feed: false isfetch: false longRunning: false diff --git a/Packs/GreyNoise/Integrations/GreyNoise_Community/GreyNoise_Community.yml b/Packs/GreyNoise/Integrations/GreyNoise_Community/GreyNoise_Community.yml index fc27bb5c81f8..c5af84a04a6b 100644 --- a/Packs/GreyNoise/Integrations/GreyNoise_Community/GreyNoise_Community.yml +++ b/Packs/GreyNoise/Integrations/GreyNoise_Community/GreyNoise_Community.yml @@ -81,7 +81,7 @@ script: - contextPath: IP.Address description: IP address. type: String - dockerimage: demisto/greynoise:1.0.0.23290 + dockerimage: demisto/greynoise:1.0.0.24037 feed: false isfetch: false longRunning: false diff --git a/Packs/GreyNoise/ReleaseNotes/1_0_5.md b/Packs/GreyNoise/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..2cd6603ebc5c --- /dev/null +++ b/Packs/GreyNoise/ReleaseNotes/1_0_5.md @@ -0,0 +1,5 @@ +#### Integrations +##### GreyNoise +- Updated the Docker image to: *demisto/greynoise:1.0.0.24037*. +##### GreyNoise Community +- Updated the Docker image to: *demisto/greynoise:1.0.0.24037*. diff --git a/Packs/GreyNoise/pack_metadata.json b/Packs/GreyNoise/pack_metadata.json index e7cbb544084b..d1981fdb4002 100644 --- a/Packs/GreyNoise/pack_metadata.json +++ b/Packs/GreyNoise/pack_metadata.json @@ -2,7 +2,7 @@ "name": "GreyNoise", "description": "GreyNoise is a threat intelligence service that collects and analyzes Internet-wide scan and attack traffic. With this integration, users can contextualize existing alerts, filter false-positives, identify compromised devices, and track emerging threats. The full integration code can be found here: https://github.com/demisto/content/tree/master/Packs/GreyNoise", "support": "partner", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "author": "GreyNoise", "url": "https://greynoise.io", "email": "support@greynoise.io", From 9e3356443b239edca4dc2e786bb8f98576eb8de7 Mon Sep 17 00:00:00 2001 From: avidan-H <46294017+avidan-H@users.noreply.github.com> Date: Wed, 1 Sep 2021 06:16:52 -0400 Subject: [PATCH 109/173] Improve stale branch deletion script (#14636) Co-authored-by: avidan-H <> --- .../delete_stale_non_contrib_branches.py | 53 ++++++++++++++----- 1 file changed, 41 insertions(+), 12 deletions(-) diff --git a/Utils/github_workflow_scripts/delete_stale_non_contrib_branches.py b/Utils/github_workflow_scripts/delete_stale_non_contrib_branches.py index 30b4bb420dca..1fb3fa62c397 100755 --- a/Utils/github_workflow_scripts/delete_stale_non_contrib_branches.py +++ b/Utils/github_workflow_scripts/delete_stale_non_contrib_branches.py @@ -48,6 +48,29 @@ def get_non_contributor_stale_branch_names(repo: Repository) -> List[str]: # no return branch_names +def is_suitable_for_pr(repo: Repository, head: str, base: str = 'master') -> bool: + """Checks if a PR can be created for a given head branch + + We compare the branch commits to determine if we should create a PR from the head branch. + Sometimes people create a branch but never push commits to the branch. In + those cases, there are no changes from which to create a PR against the base + branch, and therefore we should not try to create a PR from that branch. We + should simply delete it. + + Args: + repo (Repository): The repo to query. + head (str): The name of the head branch for a potential PR. + base (str, optional): The name of the base branch to merge the head branch into. Defaults to 'master'. + + Returns: + bool: True if the head branch is ahead of the base branch by one or more commits, False otherwise. + """ + comparison = repo.compare(base, head) + if comparison.ahead_by > 0: + return True + return False + + def main(): debug_mode = len(sys.argv) >= 2 and 'debug' in sys.argv[1].casefold() t = Terminal() @@ -61,19 +84,25 @@ def main(): stale_non_contrib_branches = get_non_contributor_stale_branch_names(content_repo) for branch_name in stale_non_contrib_branches: try: - print(f'Creating PR for {branch_name}') base_branch = 'master' - title = branch_name - body = (f'## Description\r\nPosterity PR Created for the branch "{branch_name}"' - ' so that it may be restored if necessary') - pr = content_repo.create_pull(title=title, body=body, base=base_branch, head=branch_name, draft=False) - print(f'{t.cyan}Posterity PR Created - {pr.html_url}{t.normal}') - pr.add_to_labels('stale-branch') - pr.edit(state='closed') - print(f'{t.cyan}Posterity PR Closed{t.normal}') - print(f'Deleting {branch_name}') - branch_ref = content_repo.get_git_ref(f'heads/{branch_name}') - branch_ref.delete() + if not is_suitable_for_pr(content_repo, branch_name): + print(f'Branch {branch_name} is not ahead of {base_branch} ' + 'and therefore not suited for a posterity PR') + print(f'Deleting stale branch {branch_name} without creating a postery PR') + content_repo.get_git_ref(f'heads/{branch_name}').delete() + else: + print(f'Creating PR for {branch_name}') + title = branch_name + body = (f'## Description\r\nPosterity PR Created for the branch "{branch_name}"' + ' so that it may be restored if necessary') + pr = content_repo.create_pull(title=title, body=body, base=base_branch, head=branch_name, draft=False) + print(f'{t.cyan}Posterity PR Created - {pr.html_url}{t.normal}') + pr.add_to_labels('stale-branch') + pr.edit(state='closed') + print(f'{t.cyan}Posterity PR Closed{t.normal}') + print(f'Deleting {branch_name}') + branch_ref = content_repo.get_git_ref(f'heads/{branch_name}') + branch_ref.delete() except Exception as e: print(f"{t.red}Deletion of {branch_name} encountered an issue: {str(e)}{t.normal}") From c927dc264bb4c34da52ca71bea05dd65419771ee Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Wed, 1 Sep 2021 13:31:03 +0300 Subject: [PATCH 110/173] AlienVault OTX v2 - handle non lower-case URLs and insecure err msg (#14598) * add test for HTTP * handle no status_code and lowercase url * fix url arg passed in the unit test * lowercase url protocol * adjust test * adjust readme * fix e731 * add type hints * fix W291 and E305 * fix raise * use non private ip in test * bump to 1.1.8 * Update Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/README.md Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * Update Packs/AlienVault_OTX/ReleaseNotes/1_1_8.md Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> * add unit test * fix W293 and W291 * fix W293 Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> --- .../AlienVault_OTX_v2/AlienVault_OTX_v2.py | 18 +++++++++---- .../AlienVault_OTX_v2_test.py | 26 ++++++++++++++++--- .../Integrations/AlienVault_OTX_v2/README.md | 3 +++ Packs/AlienVault_OTX/ReleaseNotes/1_1_8.md | 4 +++ .../playbook-Alienvault_OTX_v2-test.yml | 4 +-- Packs/AlienVault_OTX/pack_metadata.json | 2 +- 6 files changed, 46 insertions(+), 11 deletions(-) create mode 100644 Packs/AlienVault_OTX/ReleaseNotes/1_1_8.md diff --git a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.py b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.py index 3b98192969cc..b123c08e6a9f 100644 --- a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.py +++ b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.py @@ -71,11 +71,14 @@ def query(self, section: str, argument: str = None, sub_section: str = 'general' url_suffix=suffix, params=params) except DemistoException as e: - if e.res.status_code == 404: - result = 404 - elif e.res.status_code == 400: - demisto.debug(f'{e.res.text} response received from server when trying to get api:{e.res.url}') - raise Exception(f'The command could not be execute: {argument} is invalid.') + if hasattr(e.res, 'status_code'): + if e.res.status_code == 404: + result = 404 + elif e.res.status_code == 400: + demisto.debug(f'{e.res.text} response received from server when trying to get api:{e.res.url}') + raise Exception(f'The command could not be execute: {argument} is invalid.') + else: + raise else: raise return result @@ -172,6 +175,10 @@ def create_attack_pattern_relationships(client: Client, raw_response: dict, enti return relationships +def lowercase_protocol_callback(pattern: re.Match) -> str: + return pattern.group(0).lower() + + ''' COMMANDS ''' @@ -399,6 +406,7 @@ def url_command(client: Client, url: str) -> List[CommandResults]: raws: list = [] for url in urls_list: + url = re.sub(r'(\w+)://', lowercase_protocol_callback, url) raw_response = client.query(section='url', argument=url) if raw_response: if raw_response == 404: diff --git a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2_test.py b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2_test.py index 9e99dd00fbe4..a78a471e1b80 100644 --- a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2_test.py +++ b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2_test.py @@ -134,7 +134,7 @@ URL_RELATIONSHIPS = [{ 'name': 'hosted-on', 'reverseName': 'hosts', 'type': 'IndicatorToIndicator', - 'entityA': {'url': 'http://www.fotoidea.com/sport/4x4_san_ponso/slides/IMG_0068.html/url_list'}, + 'entityA': 'http://www.fotoidea.com/sport/4x4_san_ponso/slides/IMG_0068.html/url_list', 'entityAFamily': 'Indicator', 'entityAType': 'URL', 'entityB': 'fotoidea.com', 'entityBFamily': 'Indicator', 'entityBType': 'Domain', 'fields': {}, 'reliability': 'C - Fairly reliable', 'brand': 'AlienVault OTX v2' }] @@ -562,8 +562,7 @@ def test_url_command(mocker, raw_response, expected_ec, expected_relationships): - Validate that the proper relations were created """ mocker.patch.object(client, 'query', side_effect=[raw_response]) - command_results = url_command(client, { - 'url': 'http://www.fotoidea.com/sport/4x4_san_ponso/slides/IMG_0068.html/url_list'}) + command_results = url_command(client, 'http://www.fotoidea.com/sport/4x4_san_ponso/slides/IMG_0068.html/url_list') # results is CommandResults list all_context = command_results[0].to_context() @@ -597,6 +596,27 @@ def test_url_command_not_found(mocker): assert command_results[0].to_context()['HumanReadable'] == expected_result +def test_url_command_uppercase_protocol(requests_mock): + """ + Given: + - URL with uppercase protocol (HTTPS) + + When: + - Running the url command + + Then: + - Ensure the protocol is lowercased + """ + requests_mock.get( + 'base_url/indicators/url/https://www.google.com/general', + json={ + 'alexa': 'http://www.alexa.com/siteinfo/google.com', + } + ) + res = url_command(client, 'HTTPS://www.google.com') + assert res[0].indicator.to_context()['URL(val.Data && val.Data == obj.Data)']['Data'] == 'https://www.google.com' + + @pytest.mark.parametrize('raw_response,expected', [ (DOMAIN_RAW_RESPONSE, DOMAIN_EC) ]) diff --git a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/README.md b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/README.md index a2d9f130cc00..9fcfefeb87f5 100644 --- a/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/README.md +++ b/Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/README.md @@ -974,3 +974,6 @@ Queries a URL in AlienVault OTX. >|---|---|---|---|---| >| http://www.alexa.com/siteinfo/fotoidea.com | fotoidea.com | www.fotoidea.com | http://www.fotoidea.com/sport/4x4_san_ponso/slides/IMG_0068.html/url_list | http://whois.domaintools.com/fotoidea.com | + +## Additional Information + - AlienVault considers non lowercased URL protocol as invalid, e.g, HTTP://www.google.com. Hence such submissions will be lowercased to ensure a seamless usage of the integration. \ No newline at end of file diff --git a/Packs/AlienVault_OTX/ReleaseNotes/1_1_8.md b/Packs/AlienVault_OTX/ReleaseNotes/1_1_8.md new file mode 100644 index 000000000000..7b84092cab8b --- /dev/null +++ b/Packs/AlienVault_OTX/ReleaseNotes/1_1_8.md @@ -0,0 +1,4 @@ +#### Integrations +##### AlienVault OTX v2 +- Fixed an issue where the ***url*** command did not handle URLs with non lowercase protocol properly. +- Improved the error messages returned from the integration. diff --git a/Packs/AlienVault_OTX/TestPlaybooks/playbook-Alienvault_OTX_v2-test.yml b/Packs/AlienVault_OTX/TestPlaybooks/playbook-Alienvault_OTX_v2-test.yml index 7f98acd31733..b1a624d597fe 100644 --- a/Packs/AlienVault_OTX/TestPlaybooks/playbook-Alienvault_OTX_v2-test.yml +++ b/Packs/AlienVault_OTX/TestPlaybooks/playbook-Alienvault_OTX_v2-test.yml @@ -1022,7 +1022,7 @@ tasks: - "31" scriptarguments: indicator: - simple: 192.168.0.1 + simple: 8.8.8.8 indicator-type: simple: IPv4 indicator_type: @@ -1411,7 +1411,7 @@ tasks: submitWait: {} threshold: {} url: - simple: http://www.fotoidea.com/sport/4x4_san_ponso/slides/IMG_0068.html/url_list + simple: http://www.fotoidea.com/sport/4x4_san_ponso/slides/IMG_0068.html/url_list,HTTP://www.google.com wait: {} continueonerror: true separatecontext: false diff --git a/Packs/AlienVault_OTX/pack_metadata.json b/Packs/AlienVault_OTX/pack_metadata.json index 9ec84ce15e42..0e6349b87f9a 100644 --- a/Packs/AlienVault_OTX/pack_metadata.json +++ b/Packs/AlienVault_OTX/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AlienVault OTX", "description": "Query Indicators of Compromise in AlienVault OTX.", "support": "xsoar", - "currentVersion": "1.1.7", + "currentVersion": "1.1.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From e066db2355d5925cd9ad1365621c838c582a0309 Mon Sep 17 00:00:00 2001 From: merit-maita <49760643+merit-maita@users.noreply.github.com> Date: Wed, 1 Sep 2021 13:37:25 +0300 Subject: [PATCH 111/173] Exabeam enhance (#14381) * fixed the delete record command * updated RN updated docker image * edits after cr * added unittest * unskipped the TPB * updated docker image --- Packs/Exabeam/Integrations/Exabeam/Exabeam.py | 10 +++++++--- Packs/Exabeam/Integrations/Exabeam/Exabeam.yml | 2 +- Packs/Exabeam/Integrations/Exabeam/Exabeam_test.py | 12 ++++++++---- .../Exabeam/test_data/response_constants.py | 8 ++++++++ .../Exabeam/test_data/result_constants.py | 9 +++++++++ Packs/Exabeam/ReleaseNotes/2_1_4.md | 5 +++++ Packs/Exabeam/pack_metadata.json | 2 +- 7 files changed, 39 insertions(+), 9 deletions(-) create mode 100644 Packs/Exabeam/ReleaseNotes/2_1_4.md diff --git a/Packs/Exabeam/Integrations/Exabeam/Exabeam.py b/Packs/Exabeam/Integrations/Exabeam/Exabeam.py index fc55387f7dc4..4bca609171fd 100644 --- a/Packs/Exabeam/Integrations/Exabeam/Exabeam.py +++ b/Packs/Exabeam/Integrations/Exabeam/Exabeam.py @@ -1622,8 +1622,8 @@ def list_context_table_records(client: Client, args: Dict[str, str]) -> Tuple[An """ context_table_name = args.get('context_table_name') - page_size = int(args['limit']) - page_number = int(args['offset']) + page_size = int(args.get('limit', 50)) + page_number = int(args.get('offset', 1)) records_raw_data = client.list_context_table_records_request(context_table_name, page_size, page_number) records = records_raw_data.get('records', []) @@ -1692,7 +1692,11 @@ def delete_context_table_records(client: Client, args: Dict) -> Tuple[Any, Dict[ session_id = args.get('session_id') records = argToList(args.get('records')) - record_updates_raw_data = client.delete_context_table_records_request(context_table_name, records, session_id) + records_raw_data = client.list_context_table_records_request(context_table_name, 10000, 1) + all_records = records_raw_data.get('records', []) + ids = [record['id'] for record in all_records if record['key'] in records] + + record_updates_raw_data = client.delete_context_table_records_request(context_table_name, ids, session_id) human_readable, entry_context = create_context_table_updates_outputs(context_table_name, record_updates_raw_data) return human_readable, entry_context, record_updates_raw_data diff --git a/Packs/Exabeam/Integrations/Exabeam/Exabeam.yml b/Packs/Exabeam/Integrations/Exabeam/Exabeam.yml index e9bfb8d51c1b..7697a8d23233 100644 --- a/Packs/Exabeam/Integrations/Exabeam/Exabeam.yml +++ b/Packs/Exabeam/Integrations/Exabeam/Exabeam.yml @@ -1902,7 +1902,7 @@ script: - contextPath: Exabeam.SequenceEventTypes.sequenceId description: The sequence ID. type: String - dockerimage: demisto/python3:3.9.5.21272 + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: false longRunning: false diff --git a/Packs/Exabeam/Integrations/Exabeam/Exabeam_test.py b/Packs/Exabeam/Integrations/Exabeam/Exabeam_test.py index dc6f39edd138..2c1b302c6deb 100644 --- a/Packs/Exabeam/Integrations/Exabeam/Exabeam_test.py +++ b/Packs/Exabeam/Integrations/Exabeam/Exabeam_test.py @@ -2,13 +2,15 @@ from Exabeam import Client, contents_append_notable_user_info, contents_user_info, get_peer_groups, \ get_user_labels, get_watchlist, get_asset_data, get_session_info_by_id, get_rules_model_definition, \ parse_context_table_records_list, get_notable_assets, get_notable_session_details, get_notable_sequence_details, \ - get_notable_sequence_event_types + get_notable_sequence_event_types, delete_context_table_records from test_data.response_constants import RESPONSE_PEER_GROUPS, RESPONSE_USER_LABELS, RESPONSE_WATCHLISTS, \ RESPONSE_ASSET_DATA, RESPONSE_SESSION_INFO, RESPONSE_MODEL_DATA, RESPONSE_NOTABLE_ASSET_DATA, \ - RESPONSE_NOTABLE_SESSION_DETAILS, RESPONSE_NOTABLE_SEQUENCE_DETAILS, RESPONSE_NOTABLE_SEQUENCE_EVENTS + RESPONSE_NOTABLE_SESSION_DETAILS, RESPONSE_NOTABLE_SEQUENCE_DETAILS, RESPONSE_NOTABLE_SEQUENCE_EVENTS,\ + DELETE_RECORD_RESPONSE from test_data.result_constants import EXPECTED_PEER_GROUPS, EXPECTED_USER_LABELS, EXPECTED_WATCHLISTS, \ EXPECTED_ASSET_DATA, EXPECTED_SESSION_INFO, EXPECTED_MODEL_DATA, EXPECTED_NOTABLE_ASSET_DATA, \ - EXPECTED_NOTABLE_SESSION_DETAILS, EXPECTED_NOTABLE_SEQUENCE_DETAILS, EXPECTED_NOTABLE_SEQUENCE_EVENTS + EXPECTED_NOTABLE_SESSION_DETAILS, EXPECTED_NOTABLE_SEQUENCE_DETAILS, EXPECTED_NOTABLE_SEQUENCE_EVENTS, \ + EXPECTED_RESULT_AFTER_RECORD_DELETION def test_contents_append_notable_user_info(): @@ -101,7 +103,9 @@ def test_contents_user_info(): (get_notable_sequence_details, {'limit': 1, 'page': 0}, RESPONSE_NOTABLE_SEQUENCE_DETAILS, EXPECTED_NOTABLE_SEQUENCE_DETAILS), (get_notable_sequence_event_types, {'limit': 9, 'page': 0}, RESPONSE_NOTABLE_SEQUENCE_EVENTS, - EXPECTED_NOTABLE_SEQUENCE_EVENTS) + EXPECTED_NOTABLE_SEQUENCE_EVENTS), + (delete_context_table_records, {"records": "test_key", "context_table_name": "test_table"}, + DELETE_RECORD_RESPONSE, EXPECTED_RESULT_AFTER_RECORD_DELETION) ]) # noqa: E124 def test_commands(command, args, response, expected_result, mocker): import requests diff --git a/Packs/Exabeam/Integrations/Exabeam/test_data/response_constants.py b/Packs/Exabeam/Integrations/Exabeam/test_data/response_constants.py index 0c6588998626..1c344aad8538 100644 --- a/Packs/Exabeam/Integrations/Exabeam/test_data/response_constants.py +++ b/Packs/Exabeam/Integrations/Exabeam/test_data/response_constants.py @@ -225,3 +225,11 @@ 'displayName': 'dn9', 'count': 1} ] + +DELETE_RECORD_RESPONSE = {'sessionId': '56a5b19a-4193-4616-9978-0bbabb1e2d60', + 'recordChanges': [{ + 'changeType': 'removed', + 'changeId': '4aad5392-20e7-4423-abcb-a9680c566215', + 'record': {'key': '', 'id': 'test_key'} + }], + 'metadata': {'createdSize': 0, 'updatedSize': 0, 'removedSize': 1, 'duplicates': []}} diff --git a/Packs/Exabeam/Integrations/Exabeam/test_data/result_constants.py b/Packs/Exabeam/Integrations/Exabeam/test_data/result_constants.py index b46f31ae428b..72d9bec3c448 100644 --- a/Packs/Exabeam/Integrations/Exabeam/test_data/result_constants.py +++ b/Packs/Exabeam/Integrations/Exabeam/test_data/result_constants.py @@ -185,3 +185,12 @@ {'eventType': 'type8', 'displayName': 'dn8', 'count': 1, 'sequenceId': None}, {'eventType': 'type9', 'displayName': 'dn9', 'count': 1, 'sequenceId': None}] } + +EXPECTED_RESULT_AFTER_RECORD_DELETION = {'Exabeam.ContextTableUpdate(val.changeId && val.changeId === obj.changeId)': [ + {'contextTableName': 'test_table', + 'sessionId': '56a5b19a-4193-4616-9978-0bbabb1e2d60', + 'changeType': 'removed', + 'changeId': '4aad5392-20e7-4423-abcb-a9680c566215', + 'record': {'key': '', 'id': 'test_key'} + }] +} diff --git a/Packs/Exabeam/ReleaseNotes/2_1_4.md b/Packs/Exabeam/ReleaseNotes/2_1_4.md new file mode 100644 index 000000000000..2de793e41f99 --- /dev/null +++ b/Packs/Exabeam/ReleaseNotes/2_1_4.md @@ -0,0 +1,5 @@ + +#### Integrations +##### Exabeam +- Fixed the *exabeam-delete-context-table-records* command to delete records based on keys passed as arguments and not ids. +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Exabeam/pack_metadata.json b/Packs/Exabeam/pack_metadata.json index b49783cf757c..2a140a1efdd8 100644 --- a/Packs/Exabeam/pack_metadata.json +++ b/Packs/Exabeam/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Exabeam", "description": "The Exabeam Security Management Platform provides end-to-end detection, User Event Behavioral Analytics, and SOAR.", "support": "xsoar", - "currentVersion": "2.1.3", + "currentVersion": "2.1.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From eee9ade42cef32f1a8413cdb349cc9d57d361f5b Mon Sep 17 00:00:00 2001 From: content-bot <55035720+content-bot@users.noreply.github.com> Date: Wed, 1 Sep 2021 14:17:22 +0300 Subject: [PATCH 112/173] Update Docker Image To demisto/python3 (#14627) * Updated Metadata Of Pack C2sec * Added release notes to pack C2sec * Packs/C2sec/Integrations/C2sec/C2sec.yml Docker image update * Updated Metadata Of Pack CTIX * Added release notes to pack CTIX * Packs/CTIX/Integrations/CTIX/CTIX.yml Docker image update * Updated Metadata Of Pack CVESearch * Added release notes to pack CVESearch * Packs/CVESearch/Integrations/CVESearchV2/CVESearchV2.yml Docker image update * Updated Metadata Of Pack CarbonBlackProtect * Added release notes to pack CarbonBlackProtect * Packs/CarbonBlackProtect/Integrations/CarbonBlackProtect/CarbonBlackProtect.yml Docker image update * Updated Metadata Of Pack CentrifyVault * Added release notes to pack CentrifyVault * Packs/CentrifyVault/Integrations/CentrifyVault/CentrifyVault.yml Docker image update * Updated Metadata Of Pack Cherwell * Added release notes to pack Cherwell * Packs/Cherwell/Integrations/Cherwell/Cherwell.yml Docker image update * Updated Metadata Of Pack CiscoESAIronPortEmailAPI * Added release notes to pack CiscoESAIronPortEmailAPI * Packs/CiscoESAIronPortEmailAPI/Integrations/CiscoIronPortEMailAPI/CiscoIronPortEMailAPI.yml Docker image update * Updated Metadata Of Pack CiscoEmailSecurity * Added release notes to pack CiscoEmailSecurity * Packs/CiscoEmailSecurity/Integrations/CiscoEmailSecurity/CiscoEmailSecurity.yml Docker image update * Updated Metadata Of Pack Claroty * Added release notes to pack Claroty * Packs/Claroty/Integrations/Claroty/Claroty.yml Docker image update * Updated Metadata Of Pack CloudConvert * Added release notes to pack CloudConvert * Packs/CloudConvert/Integrations/CloudConvert/CloudConvert.yml Docker image update * Added dbotscore outputs to yml and readme * Updated Metadata Of Pack APIVoid * Added release notes to pack APIVoid * Packs/APIVoid/Integrations/APIVoid/APIVoid.yml Docker image update * Updated Metadata Of Pack AlienVault_OTX * Added release notes to pack AlienVault_OTX * Packs/AlienVault_OTX/Integrations/AlienVault_OTX_v2/AlienVault_OTX_v2.yml Docker image update * Updated Metadata Of Pack Anomali_Enterprise * Added release notes to pack Anomali_Enterprise * Packs/Anomali_Enterprise/Integrations/Anomali_Enterprise/Anomali_Enterprise.yml Docker image update * Updated Metadata Of Pack AnsibleTower * Added release notes to pack AnsibleTower * Packs/AnsibleTower/Integrations/AnsibleTower/AnsibleTower.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Updated Metadata Of Pack BeyondTrust_Password_Safe * Added release notes to pack BeyondTrust_Password_Safe * Packs/BeyondTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml Docker image update * Updated Metadata Of Pack BitcoinAbuse * Added release notes to pack BitcoinAbuse * Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml Docker image update * Updated Metadata Of Pack BluecatAddressManager * Added release notes to pack BluecatAddressManager * Packs/BluecatAddressManager/Integrations/BluecatAddressManager/BluecatAddressManager.yml Docker image update * Updated Metadata Of Pack CarbonBlackEnterpriseEDR * Added release notes to pack CarbonBlackEnterpriseEDR * Packs/CarbonBlackEnterpriseEDR/Integrations/CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml Docker image update * Updated Metadata Of Pack CircleCI * Added release notes to pack CircleCI * Packs/CircleCI/Integrations/CircleCI/CircleCI.yml Docker image update * Updated Metadata Of Pack Cisco-umbrella-enforcement * Added release notes to pack Cisco-umbrella-enforcement * Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml Docker image update * Updated Metadata Of Pack CiscoASA * Added release notes to pack CiscoASA * Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml Docker image update * Updated Metadata Of Pack CiscoFirepower * Added release notes to pack CiscoFirepower * Packs/CiscoFirepower/Integrations/CiscoFirepower/CiscoFirepower.yml Docker image update * Updated Metadata Of Pack CrowdStrikeMalquery * Added release notes to pack CrowdStrikeMalquery * Packs/CrowdStrikeMalquery/Integrations/CrowdStrikeMalquery/CrowdStrikeMalquery.yml Docker image update * Updated Metadata Of Pack CrowdStrikeOpenAPI * Added release notes to pack CrowdStrikeOpenAPI * Updated docker image Co-authored-by: sberman --- .../BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml | 2 +- Packs/BeyondTrust_Password_Safe/ReleaseNotes/1_0_7.md | 3 +++ Packs/BeyondTrust_Password_Safe/pack_metadata.json | 2 +- Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml | 2 +- Packs/BitcoinAbuse/ReleaseNotes/1_0_10.md | 3 +++ Packs/BitcoinAbuse/pack_metadata.json | 2 +- .../BluecatAddressManager/BluecatAddressManager.yml | 2 +- Packs/BluecatAddressManager/ReleaseNotes/1_0_5.md | 3 +++ Packs/BluecatAddressManager/pack_metadata.json | 2 +- .../CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml | 2 +- Packs/CarbonBlackEnterpriseEDR/ReleaseNotes/1_1_7.md | 3 +++ Packs/CarbonBlackEnterpriseEDR/pack_metadata.json | 2 +- Packs/CircleCI/Integrations/CircleCI/CircleCI.yml | 2 +- Packs/CircleCI/ReleaseNotes/1_0_3.md | 3 +++ Packs/CircleCI/pack_metadata.json | 2 +- .../CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml | 2 +- Packs/Cisco-umbrella-enforcement/ReleaseNotes/1_0_4.md | 3 +++ Packs/Cisco-umbrella-enforcement/pack_metadata.json | 2 +- Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml | 2 +- Packs/CiscoASA/ReleaseNotes/1_0_9.md | 3 +++ Packs/CiscoASA/pack_metadata.json | 2 +- .../Integrations/CiscoFirepower/CiscoFirepower.yml | 2 +- Packs/CiscoFirepower/ReleaseNotes/1_0_8.md | 3 +++ Packs/CiscoFirepower/pack_metadata.json | 2 +- .../Integrations/CrowdStrikeMalquery/CrowdStrikeMalquery.yml | 2 +- Packs/CrowdStrikeMalquery/ReleaseNotes/1_0_6.md | 3 +++ Packs/CrowdStrikeMalquery/pack_metadata.json | 2 +- .../Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml | 2 +- Packs/CrowdStrikeOpenAPI/ReleaseNotes/1_0_1.md | 3 +++ Packs/CrowdStrikeOpenAPI/pack_metadata.json | 2 +- 30 files changed, 50 insertions(+), 20 deletions(-) create mode 100644 Packs/BeyondTrust_Password_Safe/ReleaseNotes/1_0_7.md create mode 100644 Packs/BitcoinAbuse/ReleaseNotes/1_0_10.md create mode 100644 Packs/BluecatAddressManager/ReleaseNotes/1_0_5.md create mode 100644 Packs/CarbonBlackEnterpriseEDR/ReleaseNotes/1_1_7.md create mode 100644 Packs/CircleCI/ReleaseNotes/1_0_3.md create mode 100644 Packs/Cisco-umbrella-enforcement/ReleaseNotes/1_0_4.md create mode 100644 Packs/CiscoASA/ReleaseNotes/1_0_9.md create mode 100644 Packs/CiscoFirepower/ReleaseNotes/1_0_8.md create mode 100644 Packs/CrowdStrikeMalquery/ReleaseNotes/1_0_6.md create mode 100644 Packs/CrowdStrikeOpenAPI/ReleaseNotes/1_0_1.md diff --git a/Packs/BeyondTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml b/Packs/BeyondTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml index 7750281a88c6..285f748b5caa 100644 --- a/Packs/BeyondTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml +++ b/Packs/BeyondTrust_Password_Safe/Integrations/BeyondTrust_Password_Safe/BeyondTrust_Password_Safe.yml @@ -297,7 +297,7 @@ script: description: Updates the credentials for a Managed Account, optionally applying the change to the Managed System. execution: false name: beyondtrust-change-credentials - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 isfetch: false runonce: false script: '-' diff --git a/Packs/BeyondTrust_Password_Safe/ReleaseNotes/1_0_7.md b/Packs/BeyondTrust_Password_Safe/ReleaseNotes/1_0_7.md new file mode 100644 index 000000000000..f365507e1682 --- /dev/null +++ b/Packs/BeyondTrust_Password_Safe/ReleaseNotes/1_0_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### BeyondTrust Password Safe +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/BeyondTrust_Password_Safe/pack_metadata.json b/Packs/BeyondTrust_Password_Safe/pack_metadata.json index cec55f516849..9ebdf57da0d4 100644 --- a/Packs/BeyondTrust_Password_Safe/pack_metadata.json +++ b/Packs/BeyondTrust_Password_Safe/pack_metadata.json @@ -2,7 +2,7 @@ "name": "BeyondTrust Password Safe", "description": "Unified password and session management for seamless accountability and control over privileged accounts.", "support": "xsoar", - "currentVersion": "1.0.6", + "currentVersion": "1.0.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml b/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml index 17bbcfd92705..9178ec2fbe86 100644 --- a/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml +++ b/Packs/BitcoinAbuse/Integrations/BitcoinAbuse/BitcoinAbuse.yml @@ -136,7 +136,7 @@ script: name: limit description: Gets indicators from the feed. name: bitcoinabuse-get-indicators - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 feed: true isFetchSamples: true runonce: false diff --git a/Packs/BitcoinAbuse/ReleaseNotes/1_0_10.md b/Packs/BitcoinAbuse/ReleaseNotes/1_0_10.md new file mode 100644 index 000000000000..9f742a324a6f --- /dev/null +++ b/Packs/BitcoinAbuse/ReleaseNotes/1_0_10.md @@ -0,0 +1,3 @@ +#### Integrations +##### BitcoinAbuse Feed +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/BitcoinAbuse/pack_metadata.json b/Packs/BitcoinAbuse/pack_metadata.json index 9e9628cdd013..e727ae4df350 100644 --- a/Packs/BitcoinAbuse/pack_metadata.json +++ b/Packs/BitcoinAbuse/pack_metadata.json @@ -3,7 +3,7 @@ "description": "Use the integration to fetch Bitcoin Cryptocurrency Address indicators from BitcoinAbuse.com feed, a public database of bitcoin addresses used by hackers and criminals.", "serverMinVersion": "5.5.0", "support": "xsoar", - "currentVersion": "1.0.9", + "currentVersion": "1.0.10", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/BluecatAddressManager/Integrations/BluecatAddressManager/BluecatAddressManager.yml b/Packs/BluecatAddressManager/Integrations/BluecatAddressManager/BluecatAddressManager.yml index 11041f3a40d3..d4ee58d0e78f 100644 --- a/Packs/BluecatAddressManager/Integrations/BluecatAddressManager/BluecatAddressManager.yml +++ b/Packs/BluecatAddressManager/Integrations/BluecatAddressManager/BluecatAddressManager.yml @@ -200,7 +200,7 @@ script: - contextPath: BlueCat.AddressManager.Range.Parents.CIDR description: Classless Inter-Domain Routing. type: String - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 isfetch: false longRunning: false longRunningPort: false diff --git a/Packs/BluecatAddressManager/ReleaseNotes/1_0_5.md b/Packs/BluecatAddressManager/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..a3ee7aee7827 --- /dev/null +++ b/Packs/BluecatAddressManager/ReleaseNotes/1_0_5.md @@ -0,0 +1,3 @@ +#### Integrations +##### Bluecat Address Manager +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/BluecatAddressManager/pack_metadata.json b/Packs/BluecatAddressManager/pack_metadata.json index 9237daf6950c..247be915343f 100644 --- a/Packs/BluecatAddressManager/pack_metadata.json +++ b/Packs/BluecatAddressManager/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Bluecat Address Manager", "description": "Use the BlueCat Address Manager integration to enrich IP addresses and manage response policies.", "support": "xsoar", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CarbonBlackEnterpriseEDR/Integrations/CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml b/Packs/CarbonBlackEnterpriseEDR/Integrations/CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml index d9a921afc810..913c5f9520ea 100644 --- a/Packs/CarbonBlackEnterpriseEDR/Integrations/CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml +++ b/Packs/CarbonBlackEnterpriseEDR/Integrations/CarbonBlackEnterpriseEDR/CarbonBlackEnterpriseEDR.yml @@ -1815,7 +1815,7 @@ script: - contextPath: CarbonBlackEEDR.SearchProcess.results.scriptload_count description: The cumulative count of loaded scripts since process tracking started. type: Number - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: true longRunning: false diff --git a/Packs/CarbonBlackEnterpriseEDR/ReleaseNotes/1_1_7.md b/Packs/CarbonBlackEnterpriseEDR/ReleaseNotes/1_1_7.md new file mode 100644 index 000000000000..c713c6a28280 --- /dev/null +++ b/Packs/CarbonBlackEnterpriseEDR/ReleaseNotes/1_1_7.md @@ -0,0 +1,3 @@ +#### Integrations +##### VMware Carbon Black Enterprise EDR +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/CarbonBlackEnterpriseEDR/pack_metadata.json b/Packs/CarbonBlackEnterpriseEDR/pack_metadata.json index d50eb7768ff0..c38df0869517 100644 --- a/Packs/CarbonBlackEnterpriseEDR/pack_metadata.json +++ b/Packs/CarbonBlackEnterpriseEDR/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Carbon Black Cloud Enterprise EDR", "description": "Advanced threat hunting and incident response solution.", "support": "xsoar", - "currentVersion": "1.1.6", + "currentVersion": "1.1.7", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CircleCI/Integrations/CircleCI/CircleCI.yml b/Packs/CircleCI/Integrations/CircleCI/CircleCI.yml index ad5bedc3ca29..51dd0b5c336b 100644 --- a/Packs/CircleCI/Integrations/CircleCI/CircleCI.yml +++ b/Packs/CircleCI/Integrations/CircleCI/CircleCI.yml @@ -335,7 +335,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 fromversion: 5.5.0 tests: - No tests (auto formatted) diff --git a/Packs/CircleCI/ReleaseNotes/1_0_3.md b/Packs/CircleCI/ReleaseNotes/1_0_3.md new file mode 100644 index 000000000000..be7f327483dd --- /dev/null +++ b/Packs/CircleCI/ReleaseNotes/1_0_3.md @@ -0,0 +1,3 @@ +#### Integrations +##### CircleCI +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/CircleCI/pack_metadata.json b/Packs/CircleCI/pack_metadata.json index a10cb58e1cae..cd1c59071231 100644 --- a/Packs/CircleCI/pack_metadata.json +++ b/Packs/CircleCI/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CircleCI", "description": "CircleCI is a modern continuous integration and continuous delivery (CI/CD) platform. CircleCI automates the building, testing, and deployment of software.", "support": "xsoar", - "currentVersion": "1.0.2", + "currentVersion": "1.0.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml b/Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml index 2f51d9152d03..29dbdb383d22 100644 --- a/Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml +++ b/Packs/Cisco-umbrella-enforcement/Integrations/CiscoUmbrellaEnforcement/CiscoUmbrellaEnforcement.yml @@ -151,7 +151,7 @@ script: description: Delete domain. execution: false name: umbrella-domain-delete - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 feed: false isfetch: false longRunning: false diff --git a/Packs/Cisco-umbrella-enforcement/ReleaseNotes/1_0_4.md b/Packs/Cisco-umbrella-enforcement/ReleaseNotes/1_0_4.md new file mode 100644 index 000000000000..bb94d7ff832d --- /dev/null +++ b/Packs/Cisco-umbrella-enforcement/ReleaseNotes/1_0_4.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cisco Umbrella Enforcement +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/Cisco-umbrella-enforcement/pack_metadata.json b/Packs/Cisco-umbrella-enforcement/pack_metadata.json index 5f03ee3e5981..ce02b6ee47f6 100644 --- a/Packs/Cisco-umbrella-enforcement/pack_metadata.json +++ b/Packs/Cisco-umbrella-enforcement/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cisco Umbrella Enforcement", "description": "Cisco Umbrella Enforcement", "support": "xsoar", - "currentVersion": "1.0.3", + "currentVersion": "1.0.4", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml b/Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml index a8b4d4caa8cc..0e6b4e2276e9 100644 --- a/Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml +++ b/Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml @@ -518,7 +518,7 @@ script: - contextPath: CiscoASA.Interface.Type description: The type of interface. type: String - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 isfetch: false runonce: false script: '-' diff --git a/Packs/CiscoASA/ReleaseNotes/1_0_9.md b/Packs/CiscoASA/ReleaseNotes/1_0_9.md new file mode 100644 index 000000000000..e38235c1b93d --- /dev/null +++ b/Packs/CiscoASA/ReleaseNotes/1_0_9.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cisco ASA +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/CiscoASA/pack_metadata.json b/Packs/CiscoASA/pack_metadata.json index e8fa904ecd82..14647ad2e6e1 100644 --- a/Packs/CiscoASA/pack_metadata.json +++ b/Packs/CiscoASA/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cisco ASA", "description": "Cisco Adaptive Security Appliance Software is the core operating system for the Cisco ASA Family. It delivers enterprise-class firewall capabilities for ASA devices.", "support": "xsoar", - "currentVersion": "1.0.8", + "currentVersion": "1.0.9", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CiscoFirepower/Integrations/CiscoFirepower/CiscoFirepower.yml b/Packs/CiscoFirepower/Integrations/CiscoFirepower/CiscoFirepower.yml index 9cfd1f6f7ca7..19d557a050b3 100644 --- a/Packs/CiscoFirepower/Integrations/CiscoFirepower/CiscoFirepower.yml +++ b/Packs/CiscoFirepower/Integrations/CiscoFirepower/CiscoFirepower.yml @@ -1853,7 +1853,7 @@ script: - contextPath: CiscoFP.URLGroups.Overridable description: Boolean indicating whether objects can be overridden. type: string - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 runonce: false script: '' subtype: python3 diff --git a/Packs/CiscoFirepower/ReleaseNotes/1_0_8.md b/Packs/CiscoFirepower/ReleaseNotes/1_0_8.md new file mode 100644 index 000000000000..1152cb016972 --- /dev/null +++ b/Packs/CiscoFirepower/ReleaseNotes/1_0_8.md @@ -0,0 +1,3 @@ +#### Integrations +##### Cisco Firepower +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/CiscoFirepower/pack_metadata.json b/Packs/CiscoFirepower/pack_metadata.json index 4770dd16884e..cbaa9a9a8fce 100644 --- a/Packs/CiscoFirepower/pack_metadata.json +++ b/Packs/CiscoFirepower/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CiscoFirepower", "description": "Use the CiscoFirepower integration for unified management of firewalls, application control", "support": "xsoar", - "currentVersion": "1.0.7", + "currentVersion": "1.0.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CrowdStrikeMalquery/Integrations/CrowdStrikeMalquery/CrowdStrikeMalquery.yml b/Packs/CrowdStrikeMalquery/Integrations/CrowdStrikeMalquery/CrowdStrikeMalquery.yml index a29eee80e581..ad41a960634b 100644 --- a/Packs/CrowdStrikeMalquery/Integrations/CrowdStrikeMalquery/CrowdStrikeMalquery.yml +++ b/Packs/CrowdStrikeMalquery/Integrations/CrowdStrikeMalquery/CrowdStrikeMalquery.yml @@ -363,7 +363,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 fromversion: 5.0.0 tests: - CrowdStrikeMalquery-Test diff --git a/Packs/CrowdStrikeMalquery/ReleaseNotes/1_0_6.md b/Packs/CrowdStrikeMalquery/ReleaseNotes/1_0_6.md new file mode 100644 index 000000000000..2c2c3c983282 --- /dev/null +++ b/Packs/CrowdStrikeMalquery/ReleaseNotes/1_0_6.md @@ -0,0 +1,3 @@ +#### Integrations +##### CrowdStrike Malquery +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/CrowdStrikeMalquery/pack_metadata.json b/Packs/CrowdStrikeMalquery/pack_metadata.json index c28878f6cba2..99048b916660 100644 --- a/Packs/CrowdStrikeMalquery/pack_metadata.json +++ b/Packs/CrowdStrikeMalquery/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CrowdStrike Malquery", "description": "Use the MalQuery Pack to query the contents of over a half-billion binary files, both clean and malicious, that are part of Falcon MalQuery's corpus.", "support": "xsoar", - "currentVersion": "1.0.5", + "currentVersion": "1.0.6", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml index 8c4b38fbd620..fbb35c64d3dd 100644 --- a/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml +++ b/Packs/CrowdStrikeOpenAPI/Integrations/CrowdStrikeOpenAPI/CrowdStrikeOpenAPI.yml @@ -27909,7 +27909,7 @@ script: - contextPath: CrowdStrike.modelsVerifyAccessResponseV1.resources.successful description: '' type: Boolean - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 isfetch: false script: '' subtype: python3 diff --git a/Packs/CrowdStrikeOpenAPI/ReleaseNotes/1_0_1.md b/Packs/CrowdStrikeOpenAPI/ReleaseNotes/1_0_1.md new file mode 100644 index 000000000000..d0d5f384fbcc --- /dev/null +++ b/Packs/CrowdStrikeOpenAPI/ReleaseNotes/1_0_1.md @@ -0,0 +1,3 @@ +#### Integrations +##### CrowdStrike OpenAPI (Beta) +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/CrowdStrikeOpenAPI/pack_metadata.json b/Packs/CrowdStrikeOpenAPI/pack_metadata.json index 7dcb48fcf057..b332dfe6d557 100644 --- a/Packs/CrowdStrikeOpenAPI/pack_metadata.json +++ b/Packs/CrowdStrikeOpenAPI/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CrowdStrike OpenAPI", "description": "Use the CrowdStrike OpenAPI integration to interact with CrowdStrike APIs that do not have dedicated integrations in Cortex XSOAR, for example, CrowdStrike FalconX, etc.", "support": "xsoar", - "currentVersion": "1.0.0", + "currentVersion": "1.0.1", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From e231315dccc9e63fdf8abf0a8f3491bde6e8fe12 Mon Sep 17 00:00:00 2001 From: Aviya Baumgarten <71635916+abaumgarten@users.noreply.github.com> Date: Wed, 1 Sep 2021 14:21:25 +0300 Subject: [PATCH 113/173] update RN (#14624) --- Packs/SophosCentral/ReleaseNotes/1_0_6.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Packs/SophosCentral/ReleaseNotes/1_0_6.md b/Packs/SophosCentral/ReleaseNotes/1_0_6.md index a370f2a1e3cc..0326e6adfd01 100644 --- a/Packs/SophosCentral/ReleaseNotes/1_0_6.md +++ b/Packs/SophosCentral/ReleaseNotes/1_0_6.md @@ -1 +1,3 @@ + +##### Sophos Central Note: Support for this pack will be moving to the partner around November 29, 2021. \ No newline at end of file From 9fc328d6d090c4aedb21d0a38ff8f87782009700 Mon Sep 17 00:00:00 2001 From: ShahafBenYakir Date: Thu, 2 Sep 2021 10:35:05 +0300 Subject: [PATCH 114/173] Bumped docker --- .../Integrations/CortexDataLake/CortexDataLake.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/CortexDataLake/Integrations/CortexDataLake/CortexDataLake.yml b/Packs/CortexDataLake/Integrations/CortexDataLake/CortexDataLake.yml index 1bc5f8d56584..63be390eb197 100644 --- a/Packs/CortexDataLake/Integrations/CortexDataLake/CortexDataLake.yml +++ b/Packs/CortexDataLake/Integrations/CortexDataLake/CortexDataLake.yml @@ -2617,7 +2617,7 @@ script: description: Use this command in case your authentication calls fail due to internal call-limit, the command will reset the limit cache. execution: false - dockerimage: demisto/python_pancloud_v2:1.0.0.18452 + dockerimage: demisto/python_pancloud_v2:1.0.0.23674 feed: false isfetch: true longRunning: false From 281b9d07852d980267f77f289bed0d5cb6383a0e Mon Sep 17 00:00:00 2001 From: Itay Keren Date: Wed, 1 Sep 2021 16:01:57 +0300 Subject: [PATCH 115/173] associated desc field with malware,tool,report and threat actor (#14643) --- .../IndicatorFields/incidentfield-description.json | 6 +++++- Packs/CommonTypes/ReleaseNotes/3_1_13.md | 4 ++++ Packs/CommonTypes/pack_metadata.json | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 Packs/CommonTypes/ReleaseNotes/3_1_13.md diff --git a/Packs/CommonTypes/IndicatorFields/incidentfield-description.json b/Packs/CommonTypes/IndicatorFields/incidentfield-description.json index 523c4483cb52..0c1272f9052a 100644 --- a/Packs/CommonTypes/IndicatorFields/incidentfield-description.json +++ b/Packs/CommonTypes/IndicatorFields/incidentfield-description.json @@ -28,7 +28,11 @@ "Attack Pattern", "IP", "File", - "URL" + "URL", + "Malware", + "Tool", + "Report", + "Threat Actor" ], "caseInsensitive": true, "columns": null, diff --git a/Packs/CommonTypes/ReleaseNotes/3_1_13.md b/Packs/CommonTypes/ReleaseNotes/3_1_13.md new file mode 100644 index 000000000000..65648c5261e8 --- /dev/null +++ b/Packs/CommonTypes/ReleaseNotes/3_1_13.md @@ -0,0 +1,4 @@ + +#### Indicator Fields +##### Description +- Added an association between the **Description** field with the **Malware**, **Tool**, **Report**, and **Threat Actor** types. diff --git a/Packs/CommonTypes/pack_metadata.json b/Packs/CommonTypes/pack_metadata.json index a2ea65dd48cb..85646419df7e 100644 --- a/Packs/CommonTypes/pack_metadata.json +++ b/Packs/CommonTypes/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Types", "description": "This Content Pack will get you up and running in no-time and provide you with the most commonly used incident & indicator fields and types.", "support": "xsoar", - "currentVersion": "3.1.12", + "currentVersion": "3.1.13", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From c2d3c6ec9d8120f4efbc93d16008e8c861fc22e7 Mon Sep 17 00:00:00 2001 From: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Date: Wed, 1 Sep 2021 16:43:02 +0300 Subject: [PATCH 116/173] Added incident and indicator fields that are needed for IAM (#14620) * Added incident and indicator fields that are needed for IAM but can be used elsewhere too * formatted fields manually because format can't detect the fields * Added release notes * conflicts fix * reverted old RNs modifications Co-authored-by: Dan Tavori --- .../incidentfield-Country_Code.json | 26 +++++++ .../incidentfield-Country_Code_Number.json | 26 +++++++ .../IncidentFields/incidentfield-Email.json | 71 ++++++++++--------- .../incidentfield-Group_ID.json | 29 ++++++++ .../incidentfield-Org_Level_1.json | 26 +++++++ .../incidentfield-Org_Level_2.json | 26 +++++++ .../incidentfield-Org_Level_3.json | 26 +++++++ .../incidentfield-Org_Unit.json | 26 +++++++ .../incidentfield-applicationname.json | 63 ++++++++-------- .../incidentfield-errorcode.json | 3 +- .../incidentfield-errormessage.json | 3 +- .../IncidentFields/incidentfield-userid.json | 3 +- .../indicatorfield-Country_Code.json | 26 +++++++ .../indicatorfield-Country_Code_Number.json | 26 +++++++ .../indicatorfield-Org_Level_1.json | 26 +++++++ .../indicatorfield-Org_Level_2.json | 26 +++++++ .../indicatorfield-Org_Level_3.json | 26 +++++++ .../indicatorfield-Org_Unit.json | 26 +++++++ .../indicatorfield-Source_Priority.json | 29 ++++++++ Packs/CommonTypes/ReleaseNotes/3_1_14.md | 23 ++++++ Packs/CommonTypes/pack_metadata.json | 2 +- 21 files changed, 468 insertions(+), 70 deletions(-) create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Country_Code.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Country_Code_Number.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Group_ID.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_1.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_2.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_3.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Org_Unit.json create mode 100644 Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code.json create mode 100644 Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code_Number.json create mode 100644 Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_1.json create mode 100644 Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_2.json create mode 100644 Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_3.json create mode 100644 Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Unit.json create mode 100644 Packs/CommonTypes/IndicatorFields/indicatorfield-Source_Priority.json create mode 100644 Packs/CommonTypes/ReleaseNotes/3_1_14.md diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Country_Code.json b/Packs/CommonTypes/IncidentFields/incidentfield-Country_Code.json new file mode 100644 index 000000000000..ea237ff21a58 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Country_Code.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "countrycode", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_countrycode", + "isReadOnly": false, + "locked": false, + "name": "Country Code", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Country_Code_Number.json b/Packs/CommonTypes/IncidentFields/incidentfield-Country_Code_Number.json new file mode 100644 index 000000000000..236886744495 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Country_Code_Number.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "countrycodenumber", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_countrycodenumber", + "isReadOnly": false, + "locked": false, + "name": "Country Code Number", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Email.json b/Packs/CommonTypes/IncidentFields/incidentfield-Email.json index 22e36832a6cd..574c9944f6e6 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Email.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Email.json @@ -1,36 +1,37 @@ -{ - "associatedToAll": false, - "associatedTypes": [ - "IAM - New Hire", - "IAM - Terminate User", - "IAM - Update User", - "User Profile", - "IAM - Sync User", - "IAM - Rehire User", - "IAM - AD User Activation" - ], - "caseInsensitive": true, - "cliName": "email", - "closeForm": false, - "content": true, - "description": "Primary Email Address", - "editForm": true, - "group": 0, - "hidden": false, - "id": "incident_email", - "isReadOnly": false, - "locked": false, - "name": "Email", - "neverSetAsRequired": false, - "ownerOnly": false, - "required": false, - "sla": 0, - "system": false, - "threshold": 72, - "type": "shortText", - "unmapped": false, - "unsearchable": false, - "useAsKpi": false, - "version": -1, - "fromVersion": "5.0.0" +{ + "associatedToAll": false, + "associatedTypes": [ + "IAM - New Hire", + "IAM - Terminate User", + "IAM - Update User", + "User Profile", + "IAM - Sync User", + "IAM - Rehire User", + "IAM - AD User Activation", + "IAM - AD User Deactivation" + ], + "caseInsensitive": true, + "cliName": "email", + "closeForm": false, + "content": true, + "description": "Primary Email Address", + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_email", + "isReadOnly": false, + "locked": false, + "name": "Email", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.0.0" } \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Group_ID.json b/Packs/CommonTypes/IncidentFields/incidentfield-Group_ID.json new file mode 100644 index 000000000000..febc20f52961 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Group_ID.json @@ -0,0 +1,29 @@ +{ + "associatedToAll": false, + "associatedTypes": [ + "IAM - Group Membership Update" + ], + "caseInsensitive": true, + "cliName": "groupid", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_groupid", + "isReadOnly": false, + "locked": false, + "name": "Group ID", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_1.json b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_1.json new file mode 100644 index 000000000000..d88aea788761 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_1.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orglevel1", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_orglevel1", + "isReadOnly": false, + "locked": false, + "name": "Org Level 1", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_2.json b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_2.json new file mode 100644 index 000000000000..49967a107b3a --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_2.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orglevel2", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_orglevel2", + "isReadOnly": false, + "locked": false, + "name": "Org Level 2", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_3.json b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_3.json new file mode 100644 index 000000000000..74151037ed69 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Level_3.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orglevel3", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_orglevel3", + "isReadOnly": false, + "locked": false, + "name": "Org Level 3", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Org_Unit.json b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Unit.json new file mode 100644 index 000000000000..4c280868b937 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Org_Unit.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orgunit", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_orgunit", + "isReadOnly": false, + "locked": false, + "name": "Org Unit", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-applicationname.json b/Packs/CommonTypes/IncidentFields/incidentfield-applicationname.json index 34338239705c..e0eb606e4f9a 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-applicationname.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-applicationname.json @@ -1,32 +1,33 @@ -{ - "id": "incident_applicationname", - "version": -1, - "modified": "2020-11-16T16:43:52.626825863Z", - "name": "Application Name", - "ownerOnly": false, - "description": "Application Name", - "cliName": "applicationname", - "type": "shortText", - "closeForm": false, - "editForm": true, - "required": false, - "neverSetAsRequired": false, - "isReadOnly": false, - "useAsKpi": false, - "locked": false, - "system": false, - "content": true, - "group": 0, - "hidden": false, - "associatedTypes": [ - "IAM - App Add", - "IAM - App Remove" - ], - "associatedToAll": false, - "unmapped": false, - "unsearchable": false, - "caseInsensitive": true, - "sla": 0, - "threshold": 72, - "fromVersion": "5.0.0" +{ + "id": "incident_applicationname", + "version": -1, + "modified": "2020-11-16T16:43:52.626825863Z", + "name": "Application Name", + "ownerOnly": false, + "description": "Application Name", + "cliName": "applicationname", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "associatedTypes": [ + "IAM - App Add", + "IAM - App Remove", + "IAM - Group Membership Update" + ], + "associatedToAll": false, + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "5.0.0" } \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-errorcode.json b/Packs/CommonTypes/IncidentFields/incidentfield-errorcode.json index 80002d6b49ac..6793def26a5e 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-errorcode.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-errorcode.json @@ -19,7 +19,8 @@ "hidden": false, "associatedTypes": [ "IAM - App Add", - "IAM - App Remove" + "IAM - App Remove", + "IAM - Group Membership Update" ], "associatedToAll": false, "unmapped": false, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-errormessage.json b/Packs/CommonTypes/IncidentFields/incidentfield-errormessage.json index bc760accd879..d29fcf457eb0 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-errormessage.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-errormessage.json @@ -20,7 +20,8 @@ "hidden": false, "associatedTypes": [ "IAM - App Add", - "IAM - App Remove" + "IAM - App Remove", + "IAM - Group Membership Update" ], "associatedToAll": false, "unmapped": false, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-userid.json b/Packs/CommonTypes/IncidentFields/incidentfield-userid.json index 2bb43343aa71..df2fc9bcc5ff 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-userid.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-userid.json @@ -20,7 +20,8 @@ "hidden": false, "associatedTypes": [ "IAM - App Add", - "IAM - App Remove" + "IAM - App Remove", + "IAM - Group Membership Update" ], "associatedToAll": false, "unmapped": false, diff --git a/Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code.json b/Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code.json new file mode 100644 index 000000000000..4de999ae6032 --- /dev/null +++ b/Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "countrycode", + "closeForm": false, + "content": true, + "editForm": true, + "group": 2, + "hidden": false, + "id": "indicator_countrycode", + "isReadOnly": false, + "locked": false, + "name": "Country Code", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code_Number.json b/Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code_Number.json new file mode 100644 index 000000000000..70bddf34d59d --- /dev/null +++ b/Packs/CommonTypes/IndicatorFields/indicatorfield-Country_Code_Number.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "countrycodenumber", + "closeForm": false, + "content": true, + "editForm": true, + "group": 2, + "hidden": false, + "id": "indicator_countrycodenumber", + "isReadOnly": false, + "locked": false, + "name": "Country Code Number", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_1.json b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_1.json new file mode 100644 index 000000000000..079652e86d39 --- /dev/null +++ b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_1.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orglevel1", + "closeForm": false, + "content": true, + "editForm": true, + "group": 2, + "hidden": false, + "id": "indicator_orglevel1", + "isReadOnly": false, + "locked": false, + "name": "Org Level 1", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_2.json b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_2.json new file mode 100644 index 000000000000..090accc65093 --- /dev/null +++ b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_2.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orglevel2", + "closeForm": false, + "content": true, + "editForm": true, + "group": 2, + "hidden": false, + "id": "indicator_orglevel2", + "isReadOnly": false, + "locked": false, + "name": "Org Level 2", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_3.json b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_3.json new file mode 100644 index 000000000000..5d709fa534a2 --- /dev/null +++ b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Level_3.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orglevel3", + "closeForm": false, + "content": true, + "editForm": true, + "group": 2, + "hidden": false, + "id": "indicator_orglevel3", + "isReadOnly": false, + "locked": false, + "name": "Org Level 3", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Unit.json b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Unit.json new file mode 100644 index 000000000000..21be6e2a92b4 --- /dev/null +++ b/Packs/CommonTypes/IndicatorFields/indicatorfield-Org_Unit.json @@ -0,0 +1,26 @@ +{ + "associatedToAll": true, + "caseInsensitive": true, + "cliName": "orgunit", + "closeForm": false, + "content": true, + "editForm": true, + "group": 2, + "hidden": false, + "id": "indicator_orgunit", + "isReadOnly": false, + "locked": false, + "name": "Org Unit", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IndicatorFields/indicatorfield-Source_Priority.json b/Packs/CommonTypes/IndicatorFields/indicatorfield-Source_Priority.json new file mode 100644 index 000000000000..21c6202146a2 --- /dev/null +++ b/Packs/CommonTypes/IndicatorFields/indicatorfield-Source_Priority.json @@ -0,0 +1,29 @@ +{ + "associatedToAll": false, + "associatedTypes": [ + "User Profile" + ], + "caseInsensitive": true, + "cliName": "sourcepriority", + "closeForm": false, + "content": true, + "editForm": true, + "group": 2, + "hidden": false, + "id": "indicator_sourcepriority", + "isReadOnly": false, + "locked": false, + "name": "Source Priority", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "threshold": 72, + "type": "number", + "unmapped": false, + "unsearchable": false, + "useAsKpi": true, + "version": -1, + "fromVersion": "5.5.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/ReleaseNotes/3_1_14.md b/Packs/CommonTypes/ReleaseNotes/3_1_14.md new file mode 100644 index 000000000000..41e7e5c29fb0 --- /dev/null +++ b/Packs/CommonTypes/ReleaseNotes/3_1_14.md @@ -0,0 +1,23 @@ + +#### Incident Fields +- **Org Level 1** Added a new incident field. +- **Country Code Number** Added a new incident field. +- **Org Level 3** Added a new incident field. +- **Email** Associated the incident field with the **IAM - AD User Deactivation** incident type. +- **Org Unit** Added a new incident field. +- **Application Name** Associated the incident field with the **IAM - Group Membership Update** incident type. +- **Org Level 2** Added a new incident field. +- **Group ID** Added a new incident field. +- **Error Message** Associated the incident field with the **IAM - Group Membership Update** incident type. +- **User Id** Associated the incident field with the **IAM - Group Membership Update** incident type. +- **Error Code** Associated the incident field with the **IAM - Group Membership Update** incident type. +- **Country Code** Added a new incident field. + +#### Indicator Fields +- **Country Code Number** Added a new indicator field. +- **Org Level 2** Added a new indicator field. +- **Org Level 1** Added a new indicator field. +- **Org Unit** Added a new indicator field. +- **Country Code** Added a new indicator field. +- **Org Level 3** Added a new indicator field. +- **Source Priority** Added a new indicator field. \ No newline at end of file diff --git a/Packs/CommonTypes/pack_metadata.json b/Packs/CommonTypes/pack_metadata.json index 85646419df7e..7c500eba9ecc 100644 --- a/Packs/CommonTypes/pack_metadata.json +++ b/Packs/CommonTypes/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Types", "description": "This Content Pack will get you up and running in no-time and provide you with the most commonly used incident & indicator fields and types.", "support": "xsoar", - "currentVersion": "3.1.13", + "currentVersion": "3.1.14", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From deae5fd52446bbc133691cf133ba7720080e78f9 Mon Sep 17 00:00:00 2001 From: tomer-pan <81556849+tomer-pan@users.noreply.github.com> Date: Wed, 1 Sep 2021 17:35:24 +0300 Subject: [PATCH 117/173] Pop3 fix ssl default value (#14642) * set ssl defaultvalue to "true" * set ssl defaultvalue to "true" * typo fix * Update Packs/MailListener_-_POP3/ReleaseNotes/1_0_5.md * update docker image * Update Packs/MailListener_-_POP3/ReleaseNotes/1_0_5.md * removing "Breaking changes" from release notes. * removing "Breaking changes" from release notes. Co-authored-by: Bar Katzir <37335599+bakatzir@users.noreply.github.com> --- .../Integrations/MailListener_POP3/MailListener_POP3.yml | 4 ++-- Packs/MailListener_-_POP3/ReleaseNotes/1_0_5.md | 5 +++++ Packs/MailListener_-_POP3/pack_metadata.json | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 Packs/MailListener_-_POP3/ReleaseNotes/1_0_5.md diff --git a/Packs/MailListener_-_POP3/Integrations/MailListener_POP3/MailListener_POP3.yml b/Packs/MailListener_-_POP3/Integrations/MailListener_POP3/MailListener_POP3.yml index 115d787a8ad6..679c34cdbfa3 100644 --- a/Packs/MailListener_-_POP3/Integrations/MailListener_POP3/MailListener_POP3.yml +++ b/Packs/MailListener_-_POP3/Integrations/MailListener_POP3/MailListener_POP3.yml @@ -20,7 +20,7 @@ configuration: name: password required: true type: 4 -- defaultvalue: 'True' +- defaultvalue: true display: Use SSL connection name: ssl required: false @@ -51,7 +51,7 @@ script: script: '-' type: python subtype: python2 - dockerimage: demisto/python:2.7.18.22912 + dockerimage: demisto/python:2.7.18.24019 beta: true tests: - MailListener-POP3 - Test diff --git a/Packs/MailListener_-_POP3/ReleaseNotes/1_0_5.md b/Packs/MailListener_-_POP3/ReleaseNotes/1_0_5.md new file mode 100644 index 000000000000..877b3f90a473 --- /dev/null +++ b/Packs/MailListener_-_POP3/ReleaseNotes/1_0_5.md @@ -0,0 +1,5 @@ + +#### Integrations +##### MailListener - POP3 Beta +- Updated the **Use SSL connection** parameter default value to *true*. +- Updated the Docker image to: *demisto/python:2.7.18.24019*. diff --git a/Packs/MailListener_-_POP3/pack_metadata.json b/Packs/MailListener_-_POP3/pack_metadata.json index 858e9369f1e6..081af20b68a3 100644 --- a/Packs/MailListener_-_POP3/pack_metadata.json +++ b/Packs/MailListener_-_POP3/pack_metadata.json @@ -2,7 +2,7 @@ "name": "MailListener - POP3 (Beta)", "description": "Listen to a mailbox, enable incident triggering via e-mail", "support": "xsoar", - "currentVersion": "1.0.4", + "currentVersion": "1.0.5", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From c330b8c86524e467aca748e5454583edb8d43d30 Mon Sep 17 00:00:00 2001 From: merit-maita <49760643+merit-maita@users.noreply.github.com> Date: Wed, 1 Sep 2021 18:47:52 +0300 Subject: [PATCH 118/173] Autofocus url support and error suppression (#14462) * added support for url with non ascii characters * added RN * added RN * edits * edits after cr * edits after cr * added a case * edit * Update Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * Update Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2_test.py Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> * added a parameter to handle errors with 404 409 codes * edit * edit * edit * edit * removed Null entries in the markdown table * fixed unittest * added the parameter to rm and unskipped the tpb * fixed some lint issues * updated docker image * updated docker image * added rn * edits * edits Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> --- .../Integrations/AutofocusV2/AutofocusV2.py | 31 +++++++++++++-- .../Integrations/AutofocusV2/AutofocusV2.yml | 7 +++- .../AutofocusV2/AutofocusV2_test.py | 38 +++++++++++++++++++ .../Integrations/AutofocusV2/README.md | 1 + Packs/AutoFocus/ReleaseNotes/1_3_7.md | 6 ++- Packs/AutoFocus/ReleaseNotes/1_3_8.md | 4 ++ Packs/AutoFocus/pack_metadata.json | 2 +- Tests/conf.json | 3 +- 8 files changed, 82 insertions(+), 10 deletions(-) create mode 100644 Packs/AutoFocus/ReleaseNotes/1_3_8.md diff --git a/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.py b/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.py index 55a185d07f54..434948201a2d 100644 --- a/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.py +++ b/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.py @@ -317,6 +317,8 @@ def run_polling_command(args: dict, cmd: str, search_function: Callable, results def parse_response(resp, err_operation): try: # Handle error responses gracefully + if demisto.params().get('handle_error', True) and resp.status_code == 409: + raise Exception("Response status code: 409 \nRequested sample not found") res_json = resp.json() resp.raise_for_status() return res_json @@ -337,8 +339,8 @@ def parse_response(resp, err_operation): return return_error(err_msg) # Unexpected errors (where no json object was received) except Exception as err: - err_msg = f'{err_operation}: {err}' - return return_error(err_msg) + demisto.results(f'{err_operation}: {err}') + sys.exit(0) def http_request(url_suffix, method='POST', data={}, err_operation=None): @@ -603,8 +605,12 @@ def sample_analysis(sample_id, os, filter_data_flag): } if os: data['platforms'] = [os] # type: ignore + result = http_request(path, data=data, err_operation='Sample analysis failed') + if 'error' in result: + return demisto.results(result['error']) analysis_obj = parse_sample_analysis_response(result, filter_data_flag) + return analysis_obj @@ -954,6 +960,14 @@ def search_indicator(indicator_type, indicator_value): # Unexpected errors (where no json object was received) except Exception as err: try: + if demisto.params().get('handle_error', True) and result.status_code == 404: + return { + 'indicator': { + 'indicatorType': indicator_type, + 'indicatorValue': indicator_value, + 'latestPanVerdicts': {'PAN_DB': 'UNKNOWN'}, + } + } text_error = result.json() except ValueError: text_error = {} @@ -1118,6 +1132,14 @@ def resolve_ip_address(ip): return None +def convert_url_to_ascii_character(url_name): + def convert_non_ascii_chars(non_ascii): + # converts non-ASCII chars to IDNA notation + return str(non_ascii.group(0)).encode('idna').decode("utf-8") + + return re.sub('([^a-zA-Z\W]+)', convert_non_ascii_chars, url_name) + + ''' COMMANDS''' @@ -1502,12 +1524,12 @@ def search_url_command(url, reliability, create_relationships): relationships = [] for url_name in url_list: - - raw_res = search_indicator('url', url_name) + raw_res = search_indicator('url', convert_url_to_ascii_character(url_name)) if not raw_res.get('indicator'): raise ValueError('Invalid response for indicator') indicator = raw_res.get('indicator') + indicator['indicatorValue'] = url_name raw_tags = raw_res.get('tags') score = calculate_dbot_score(indicator, indicator_type) @@ -1532,6 +1554,7 @@ def search_url_command(url, reliability, create_relationships): ) autofocus_url_output = parse_indicator_response(indicator, raw_tags, indicator_type) + autofocus_url_output = {k: v for k, v in autofocus_url_output.items() if v} tags = autofocus_url_output.get('Tags') table_name = f'{VENDOR_NAME} {indicator_type} reputation for: {url_name}' diff --git a/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml b/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml index 66b2cc44dfa8..2fb5199965cd 100644 --- a/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml +++ b/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml @@ -30,6 +30,11 @@ configuration: name: proxy required: false type: 8 +- display: Suppress errors for non found indicators + name: handle_error + required: false + defaultvalue: false + type: 8 - display: Additional malicious verdicts name: mark_as_malicious required: false @@ -1380,7 +1385,7 @@ script: - contextPath: Domain.Name description: The domain name. type: String - dockerimage: demisto/python3:3.9.6.22912 + dockerimage: demisto/python3:3.9.6.24019 isfetch: false longRunning: false longRunningPort: false diff --git a/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2_test.py b/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2_test.py index 8311e70158e5..372be3016efc 100644 --- a/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2_test.py +++ b/Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2_test.py @@ -398,3 +398,41 @@ def test_create_relationships_list(): assert relation.get('entityA') == 'Test' assert relation.get('entityB') == expected_name_entity_b[i] assert relation.get('entityBType') == expected_entity_b_types[i] + + +URLS_LIST = [ + ("www.München.com", "www.Mxn--tdanchen.com"), + ("www.example.com", "www.example.com"), + ("www.Mününchen.com", "www.Mxn--tdanxn--tdanchen.com"), + ("www.Müünchen.com", "www.Mxn--tdaanchen.com"), + ("www.MükÖnchen.com", "www.Mxn--tdakxn--ndanchen.com"), + ("www.こんにちは.com", 'www.xn--28j2a3ar1p.com'), +] + + +@pytest.mark.parametrize("url, result", URLS_LIST) +def test_convert_url_to_ascii_character(url, result): + from AutofocusV2 import convert_url_to_ascii_character + converted = convert_url_to_ascii_character(url) + assert converted == result + + +def test_search_url_command(requests_mock): + from AutofocusV2 import search_url_command + + mock_response = { + 'indicator': { + 'indicatorValue': 'www.こんにちは.com', + 'indicatorType': 'URL', + 'latestPanVerdicts': {'PAN_DB': 'BENIGN'} + }, + 'tags': [] + } + + requests_mock.get('https://autofocus.paloaltonetworks.com/api/v1.0/tic?indicatorType=url&indicatorValue=www.xn' + '--28j2a3ar1p.com&includeTags=true', json=mock_response) + + result = search_url_command("www.こんにちは.com", 'B - Usually reliable', True) + + assert result[0].indicator.url == "www.こんにちは.com" + assert result[0].raw_response["indicator"]["indicatorValue"] == mock_response["indicator"]["indicatorValue"] diff --git a/Packs/AutoFocus/Integrations/AutofocusV2/README.md b/Packs/AutoFocus/Integrations/AutofocusV2/README.md index bf6c96222da2..93528f24661b 100644 --- a/Packs/AutoFocus/Integrations/AutofocusV2/README.md +++ b/Packs/AutoFocus/Integrations/AutofocusV2/README.md @@ -40,6 +40,7 @@ For more information on activating the license see [Activating AutoFocus License | Override default credentials | Whether to override the default AutoFocus API key given by the Cortex XSOAR platform. | False | | Trust any certificate (not secure) | When selected, certificates are not checked. | N/A | | Use System Proxy Settings | Runs the integration instance using the proxy server (HTTP or HTTPS) that you defined in the server configuration. | N/A | + | handle_error | Suppress errors for non found indicators. | N/A | 4. Click **Test** to validate the URLs, token, and connection. diff --git a/Packs/AutoFocus/ReleaseNotes/1_3_7.md b/Packs/AutoFocus/ReleaseNotes/1_3_7.md index 311bb654aab4..22614475fafd 100644 --- a/Packs/AutoFocus/ReleaseNotes/1_3_7.md +++ b/Packs/AutoFocus/ReleaseNotes/1_3_7.md @@ -1,3 +1,5 @@ + #### Integrations -##### AutoFocus Feed -- Updated the Docker image to: *demisto/python3:3.9.6.24019*. +##### Palo Alto Networks AutoFocus v2 +- Added support for URLs with non-ASCII characters in the ***url*** command. +- Added the parameter **Suppress errors for non found indicators** to have an option to handle errors with 404, 409 codes. \ No newline at end of file diff --git a/Packs/AutoFocus/ReleaseNotes/1_3_8.md b/Packs/AutoFocus/ReleaseNotes/1_3_8.md new file mode 100644 index 000000000000..4deea3cdecb2 --- /dev/null +++ b/Packs/AutoFocus/ReleaseNotes/1_3_8.md @@ -0,0 +1,4 @@ + +#### Integrations +##### Palo Alto Networks AutoFocus v2 +- Updated the Docker image to: *demisto/python3:3.9.6.24019*. diff --git a/Packs/AutoFocus/pack_metadata.json b/Packs/AutoFocus/pack_metadata.json index e4b839ab2ada..490f466e2c58 100644 --- a/Packs/AutoFocus/pack_metadata.json +++ b/Packs/AutoFocus/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AutoFocus", "description": "Use the Palo Alto Networks AutoFocus integration to distinguish the most\n important threats from everyday commodity attacks.", "support": "xsoar", - "currentVersion": "1.3.7", + "currentVersion": "1.3.8", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index 7819d2fb32cf..038d3ab96957 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -4732,8 +4732,7 @@ "Lastline v2": "Temporary skipping, due to quota issues, in order to merge a PR", "AttackIQFireDrill": "License issues #29774", "SentinelOne V2": "License expired issue #24933", - "G Suite Security Alert Center": "Developed by crest, need to add permissions to our instance", - "AutoFocus V2": "Nightly build troubleshooting" + "G Suite Security Alert Center": "Developed by crest, need to add permissions to our instance" }, "nightly_integrations": [ "Lastline v2", From d159bdc25913fbb02d2256bd19011456e64451bf Mon Sep 17 00:00:00 2001 From: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Date: Wed, 1 Sep 2021 20:15:45 +0300 Subject: [PATCH 119/173] Campaign incident owners section (#14472) * added campaign owners scripts * added campaign owners scripts * upgrade docker image * upgrade docker image * lint fix * update incident field * fix test * added test * bump version and added RN * added RN * CSS fix * Update Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.py Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * CR fixes * fix test * Update 3_0_1.md * dev comment fix Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com> --- ...ntfield-Actions_On_Campaign_Incidents.json | 3 +- Packs/Campaign/ReleaseNotes/3_0_1.md | 12 ++++ .../PerformActionOnCampaignIncidents.py | 35 ++++++++-- .../PerformActionOnCampaignIncidents.yml | 4 +- .../PerformActionOnCampaignIncidents_test.py | 8 ++- .../ShowCampaignIncidentsOwners.py | 68 +++++++++++++++++++ .../ShowCampaignIncidentsOwners.yml | 18 +++++ .../ShowCampaignIncidentsOwners_test.py | 27 ++++++++ Packs/Campaign/pack_metadata.json | 2 +- 9 files changed, 166 insertions(+), 11 deletions(-) create mode 100644 Packs/Campaign/ReleaseNotes/3_0_1.md create mode 100644 Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.py create mode 100644 Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml create mode 100644 Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners_test.py diff --git a/Packs/Campaign/IncidentFields/incidentfield-Actions_On_Campaign_Incidents.json b/Packs/Campaign/IncidentFields/incidentfield-Actions_On_Campaign_Incidents.json index 11cb9aac006a..3596d4ff60cf 100644 --- a/Packs/Campaign/IncidentFields/incidentfield-Actions_On_Campaign_Incidents.json +++ b/Packs/Campaign/IncidentFields/incidentfield-Actions_On_Campaign_Incidents.json @@ -19,7 +19,8 @@ "Link", "Link \u0026 Close", "Reopen", - "Unlink" + "Unlink", + "Take Ownership" ], "sla": 0, "system": false, diff --git a/Packs/Campaign/ReleaseNotes/3_0_1.md b/Packs/Campaign/ReleaseNotes/3_0_1.md new file mode 100644 index 000000000000..5b5ebe7e4b6f --- /dev/null +++ b/Packs/Campaign/ReleaseNotes/3_0_1.md @@ -0,0 +1,12 @@ + +#### Incident Fields +##### Actions On Campaign Incidents +- Added the *Take Ownership* option to the multi select field options. + +#### Scripts +##### New: ShowCampaignIncidentsOwners +- Displays all the campaign incident owners and their quantity (available from Cortex XSOAR version 6.0.0). + +##### PerformActionOnCampaignIncidents +- Added *Take Ownership* option to the possible actions of the interactive management section. +- Updated the Docker image to: *demisto/python3:3.9.6.22912*. diff --git a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.py b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.py index 8f3a630e77cd..322c2388d0a9 100644 --- a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.py +++ b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.py @@ -3,7 +3,8 @@ ALL_OPTION = 'All' NO_CAMPAIGN_INCIDENTS_MSG = 'There is no Campaign Incidents in the Context' -COMMAND_ERROR_MSG = 'Error occurred while trying to perform \"{action}\" on the selected incident ids: {ids}' +COMMAND_ERROR_MSG = 'Error occurred while trying to perform \"{action}\" on the selected incident ids: {ids}\n' \ + 'Error details: {error}' ACTION_ON_CAMPAIGN_FIELD_NAME = 'actionsoncampaignincidents' SELECT_CAMPAIGN_INCIDENTS_FIELD_NAME = 'selectcampaignincidents' @@ -47,7 +48,7 @@ def perform_link_unlink(ids, action): {"incidentId": demisto.incidents()[0]["id"], "linkedIncidentIDs": ids, "action": action}) if isError(res): - return_error(COMMAND_ERROR_MSG.format(action=action, ids=ids)) + return_error(COMMAND_ERROR_MSG.format(action=action, ids=ids, error=get_error(res))) return COMMAND_SUCCESS.format(action=f'{action}ed', ids=ids) @@ -57,7 +58,7 @@ def perform_close(ids, action): for incident_id in ids: res = demisto.executeCommand("closeInvestigation", {'id': incident_id, 'closeNotes': close_notes}) if isError(res): - return_error(COMMAND_ERROR_MSG.format(action=action, ids=','.join(ids))) + return_error(COMMAND_ERROR_MSG.format(action=action, ids=','.join(ids), error=get_error(res))) return COMMAND_SUCCESS.format(action='closed', ids=','.join(ids)) @@ -66,7 +67,7 @@ def perform_reopen(ids, action): for incident_id in ids: res = demisto.executeCommand("reopenInvestigation", {'id': incident_id}) if isError(res): - return_error(COMMAND_ERROR_MSG.format(action=action, ids=','.join(ids))) + return_error(COMMAND_ERROR_MSG.format(action=action, ids=','.join(ids), error=get_error(res))) return COMMAND_SUCCESS.format(action='reopened', ids=','.join(ids)) @@ -83,13 +84,37 @@ def perform_unlink_and_reopen(ids, action): return COMMAND_SUCCESS.format(action='unlinked & reopen', ids=','.join(ids)) +def set_incident_owners(incident_ids, action, user_name): + + incident_ids.append(demisto.incident()["id"]) + + for incident_id in incident_ids: + res = demisto.executeCommand("setIncident", {"id": incident_id, "owner": user_name}) + + if isError(res): + return_error(COMMAND_ERROR_MSG.format(action=action, ids=','.join(incident_ids), error=get_error(res))) + + +def perform_take_ownership(ids, action): + + current_user_name = demisto.callingContext.get("context", {}).get("ParentEntry", {}).get("user") + + if not current_user_name: + return_error("Could not find the current user.") + + set_incident_owners(ids, action, current_user_name) + + return COMMAND_SUCCESS.format(action=action, ids=','.join(ids)) + + ACTIONS_MAPPER = { 'link': perform_link_unlink, 'unlink': perform_link_unlink, 'close': perform_close, 'reopen': perform_reopen, 'link & close': perform_link_and_close, - 'unlink & reopen': perform_unlink_and_reopen + 'unlink & reopen': perform_unlink_and_reopen, + 'take ownership': perform_take_ownership } diff --git a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml index c845696d5041..e2cee0eb0ac4 100644 --- a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml +++ b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents.yml @@ -1,10 +1,10 @@ commonfields: id: PerformActionOnCampaignIncidents version: -1 -dockerimage: demisto/python3:3.9.5.20070 +dockerimage: demisto/python3:3.9.6.22912 enabled: true name: PerformActionOnCampaignIncidents -runas: DBotWeakRole +runas: DBotRole runonce: false script: '' comment: Perform user actions like Link, Close, etc., on selected incidents from a diff --git a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents_test.py b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents_test.py index c7ad7b8985ff..de1601f2f516 100644 --- a/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents_test.py +++ b/Packs/Campaign/Scripts/PerformActionOnCampaignIncidents/PerformActionOnCampaignIncidents_test.py @@ -9,7 +9,7 @@ SELECT_CAMPAIGN_INCIDENTS_FIELD_NAME: INCIDENT_IDS } MOCKED_INCIDENT = { - 'id': 100, + 'id': '100', 'CustomFields': CUSTOM_FIELDS } @@ -22,6 +22,7 @@ def prepare(mocker): mocker.patch.object(demisto, 'executeCommand') mocker.patch('PerformActionOnCampaignIncidents.get_campaign_incident_ids', return_value=INCIDENT_IDS) mocker.patch.object(demisto, 'results') + mocker.patch.object(demisto, 'callingContext', return_value='admin') @pytest.mark.parametrize('action', ACTIONS_MAPPER.keys()) @@ -90,6 +91,8 @@ def test_error_in_execute_command(mocker, action): prepare(mocker) mocker.patch('PerformActionOnCampaignIncidents.isError', return_value=True) + mocker.patch('PerformActionOnCampaignIncidents.get_error', return_value="Error message") + CUSTOM_FIELDS[ACTION_ON_CAMPAIGN_FIELD_NAME] = action # run try: @@ -102,7 +105,8 @@ def test_error_in_execute_command(mocker, action): action = 'link' # command failed on link elif action == 'unlink & reopen': action = 'unlink' # command failed on unlink - assert res['Contents'] == COMMAND_ERROR_MSG.format(action=action, ids=','.join(INCIDENT_IDS)) + assert res['Contents'] == COMMAND_ERROR_MSG.format(action=action, ids=','.join(INCIDENT_IDS), + error="Error message") def test_no_incidents_in_context(mocker): diff --git a/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.py b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.py new file mode 100644 index 000000000000..ee830fe003c8 --- /dev/null +++ b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.py @@ -0,0 +1,68 @@ +import demistomock as demisto +from CommonServerPython import * +from CommonServerUserPython import * + + +def get_incident_ids() -> list: + """ + Gets all the campaign incident ids. + + Returns: + List of all the ids. + """ + incidents = demisto.get(demisto.context(), "EmailCampaign.incidents") + return [incident["id"] for incident in incidents] + + +def get_incident_owners(incident_ids) -> list: + """ + Gets the campaign incident owners by their ids. + + Args: + incident_ids: All the campaign incident ids. + + Returns: + List of the incident owners. + """ + + res = demisto.executeCommand('GetIncidentsByQuery', { + 'query': "id:({})".format(' '.join(incident_ids)) + }) + + if isError(res): + return_error(f'Error occurred while trying to get incidents by query: {get_error(res)}') + + incidents_from_query = json.loads(res[0]['Contents']) + + incident_owners = set([incident['owner'] for incident in incidents_from_query]) + incident_owners.add(demisto.incident()["owner"]) # Add the campaign incident owner + incident_owners_res = list(filter(lambda x: x, incident_owners)) + + return incident_owners_res + + +def main(): + try: + incident_ids = get_incident_ids() + incident_owners = get_incident_owners(incident_ids) + + if incident_owners: + html_readable_output = f"

" + + else: + html_readable_output = "
Incident Owners" \ + "
No incident owners
" + + demisto.results({ + 'ContentsFormat': formats['html'], + 'Type': entryTypes['note'], + 'Contents': html_readable_output + }) + except Exception as err: + return_error(str(err)) + + +if __name__ in ('__main__', '__builtin__', 'builtins'): + main() diff --git a/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml new file mode 100644 index 000000000000..751cce87d068 --- /dev/null +++ b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners.yml @@ -0,0 +1,18 @@ +comment: Displays all the campaign incident owners and their quantity. +commonfields: + id: ShowCampaignIncidentsOwners + version: -1 +enabled: false +name: ShowCampaignIncidentsOwners +script: '-' +system: false +tags: +- dynamic-section +timeout: '0' +type: python +subtype: python3 +dockerimage: demisto/python3:3.9.6.22912 +runas: DBotRole +fromversion: 6.0.0 +tests: +- No tests (auto formatted) \ No newline at end of file diff --git a/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners_test.py b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners_test.py new file mode 100644 index 000000000000..034dced827fe --- /dev/null +++ b/Packs/Campaign/Scripts/ShowCampaignIncidentsOwners/ShowCampaignIncidentsOwners_test.py @@ -0,0 +1,27 @@ +import demistomock as demisto + +import ShowCampaignIncidentsOwners + + +def demisto_execute_command(command, args): + return [{'Contents': '[{"owner": "owner_1"}, {"owner": "owner_2"}]', 'Type': 3}] + + +def test_show_incident_owners(mocker): + """ + Given: + - Incident IDs. + When: + - Running the show owners script main function. + Then: + - Ensure all the owners appear in the html result. + """ + mocker.patch.object(ShowCampaignIncidentsOwners, 'get_incident_ids', return_value=['1', '2']) + mocker.patch.object(demisto, 'incident', return_value={'owner': 'admin'}) + mocker.patch.object(demisto, 'executeCommand', side_effect=demisto_execute_command) + mocker.patch.object(demisto, 'results') + + ShowCampaignIncidentsOwners.main() + res = demisto.results.call_args[0][0]['Contents'] + + assert 'admin' in res and 'owner_1' in res and 'owner_2' in res diff --git a/Packs/Campaign/pack_metadata.json b/Packs/Campaign/pack_metadata.json index aa77c540e5b0..6b14c0721b47 100644 --- a/Packs/Campaign/pack_metadata.json +++ b/Packs/Campaign/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Phishing Campaign", "description": "This pack can help you find related phishing, spam or other types of email incidents and characterize campaigns.", "support": "xsoar", - "currentVersion": "3.0.0", + "currentVersion": "3.0.1", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 38552ffe23a12ae2ea5eb20ece275319c3956bac Mon Sep 17 00:00:00 2001 From: Bargenish Date: Wed, 1 Sep 2021 20:28:39 +0300 Subject: [PATCH 120/173] Prisma Saas Security (#14617) * Created the SaasSecurity Pack Added SaasSecurity.py Added SaasSecurity.yml Added SaasSecurity_description.md * Added unit-tests Added TPB and added to conf.json Added remediation GP playbook * Added incident fields in CommonTypes Added incident type Added incoming mapper Added Layout * Added secrets * Added No tests to playbook * added release notes * CR changes * Add datetime import * Fixed conflicts * bumped commontypes version again * Converted tab to spaces * Update README.md Done * Update SaasSecurity_description.md Done * Update Saas_Security_-_Remediate_an_asset_README.md Done * Update README.md Done * Update SaasSecurity.yml Done * Update Saas_Security_-_Remediate_an_asset.yml Done Co-authored-by: yaakovi Co-authored-by: okaufman34 <88036406+okaufman34@users.noreply.github.com> --- .../incidentfield-Close_Time.json | 3 +- .../incidentfield-Exposure_Level.json | 31 ++ .../incidentfield-Item_Owner.json | 30 ++ .../incidentfield-Item_Owner_Email.json | 30 ++ .../incidentfield-Last_Update_Time.json | 3 +- .../incidentfield-Policy_Details.json | 3 +- .../incidentfield-Policy_ID.json | 8 +- .../incidentfield-Policy_URI.json | 32 ++ Packs/CommonTypes/ReleaseNotes/3_1_15.md | 10 + Packs/CommonTypes/pack_metadata.json | 2 +- Packs/PrismaSaasSecurity/.pack-ignore | 0 Packs/PrismaSaasSecurity/.secrets-ignore | 4 + ...ifier-Saas_Security_-_Incoming_Mapper.json | 80 +++ .../incidenttype-Saas_Security.json | 25 + .../Integrations/SaasSecurity/Pipfile | 18 + .../Integrations/SaasSecurity/Pipfile.lock | 369 +++++++++++++ .../Integrations/SaasSecurity/README.md | 489 +++++++++++++++++ .../Integrations/SaasSecurity/SaasSecurity.py | 492 ++++++++++++++++++ .../SaasSecurity/SaasSecurity.yml | 445 ++++++++++++++++ .../SaasSecurity/SaasSecurity_description.md | 26 + .../SaasSecurity/SaasSecurity_image.png | Bin 0 -> 5082 bytes .../SaasSecurity/SaasSecurity_test.py | 278 ++++++++++ .../SaasSecurity/command_examples | 6 + .../test_data/fech_incident_data.json | 42 ++ .../SaasSecurity/test_data/get-apps.json | 12 + .../get-asset-remediation-status.json | 8 + .../test_data/get-incident-by-id.json | 31 ++ .../SaasSecurity/test_data/get-incidents.json | 247 +++++++++ .../test_data/update-incident-status.json | 6 + ...layoutscontainer-Saas_Security_Layout.json | 424 +++++++++++++++ .../Saas_Security_-_Remediate_an_asset.yml | 224 ++++++++ ...as_Security_-_Remediate_an_asset_README.md | 42 ++ Packs/PrismaSaasSecurity/README.md | 17 + .../TestPlaybooks/SaasSecurity-Test.yml | 424 +++++++++++++++ .../Saas_Security_-_Remediate_an_asset.png | Bin 0 -> 41745 bytes .../doc_files/Sass_Security_layout.png | Bin 0 -> 150569 bytes Packs/PrismaSaasSecurity/pack_metadata.json | 15 + Tests/conf.json | 4 + 38 files changed, 3873 insertions(+), 7 deletions(-) create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Exposure_Level.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner_Email.json create mode 100644 Packs/CommonTypes/IncidentFields/incidentfield-Policy_URI.json create mode 100644 Packs/CommonTypes/ReleaseNotes/3_1_15.md create mode 100644 Packs/PrismaSaasSecurity/.pack-ignore create mode 100644 Packs/PrismaSaasSecurity/.secrets-ignore create mode 100644 Packs/PrismaSaasSecurity/Classifiers/classifier-Saas_Security_-_Incoming_Mapper.json create mode 100644 Packs/PrismaSaasSecurity/IncidentTypes/incidenttype-Saas_Security.json create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile.lock create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/README.md create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.py create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.yml create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity_description.md create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity_image.png create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity_test.py create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/command_examples create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/test_data/fech_incident_data.json create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/test_data/get-apps.json create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/test_data/get-asset-remediation-status.json create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/test_data/get-incident-by-id.json create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/test_data/get-incidents.json create mode 100644 Packs/PrismaSaasSecurity/Integrations/SaasSecurity/test_data/update-incident-status.json create mode 100644 Packs/PrismaSaasSecurity/Layouts/layoutscontainer-Saas_Security_Layout.json create mode 100644 Packs/PrismaSaasSecurity/Playbooks/Saas_Security_-_Remediate_an_asset.yml create mode 100644 Packs/PrismaSaasSecurity/Playbooks/Saas_Security_-_Remediate_an_asset_README.md create mode 100644 Packs/PrismaSaasSecurity/README.md create mode 100644 Packs/PrismaSaasSecurity/TestPlaybooks/SaasSecurity-Test.yml create mode 100644 Packs/PrismaSaasSecurity/doc_files/Saas_Security_-_Remediate_an_asset.png create mode 100644 Packs/PrismaSaasSecurity/doc_files/Sass_Security_layout.png create mode 100644 Packs/PrismaSaasSecurity/pack_metadata.json diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Close_Time.json b/Packs/CommonTypes/IncidentFields/incidentfield-Close_Time.json index ec1d23076a8e..9eb891c9ab9b 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Close_Time.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Close_Time.json @@ -1,7 +1,8 @@ { "associatedToAll": false, "associatedTypes": [ - "Qradar Generic" + "Qradar Generic", + "Saas Security Incident" ], "breachScript": "", "caseInsensitive": true, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Exposure_Level.json b/Packs/CommonTypes/IncidentFields/incidentfield-Exposure_Level.json new file mode 100644 index 000000000000..f2fec817dfd2 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Exposure_Level.json @@ -0,0 +1,31 @@ +{ + "id": "incident_exposurelevel", + "version": -1, + "modified": "2021-08-26T11:29:03.310374+03:00", + "name": "Exposure Level", + "ownerOnly": false, + "cliName": "exposurelevel", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "openEnded": false, + "associatedToAll": false, + "associatedTypes": [ + "Saas Security Incident" + ], + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner.json b/Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner.json new file mode 100644 index 000000000000..1b33638aa1d1 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner.json @@ -0,0 +1,30 @@ +{ + "id": "incident_itemowner", + "version": -1, + "name": "Item Owner", + "ownerOnly": false, + "cliName": "itemowner", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "openEnded": false, + "associatedToAll": false, + "associatedTypes": [ + "Saas Security Incident" + ], + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner_Email.json b/Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner_Email.json new file mode 100644 index 000000000000..0d5f93ab9c95 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Item_Owner_Email.json @@ -0,0 +1,30 @@ +{ + "id": "incident_itemowneremail", + "version": -1, + "name": "Item Owner Email", + "ownerOnly": false, + "cliName": "itemowneremail", + "type": "shortText", + "closeForm": false, + "editForm": true, + "required": false, + "neverSetAsRequired": false, + "isReadOnly": false, + "useAsKpi": false, + "locked": false, + "system": false, + "content": true, + "group": 0, + "hidden": false, + "openEnded": false, + "associatedToAll": false, + "associatedTypes": [ + "Saas Security Incident" + ], + "unmapped": false, + "unsearchable": false, + "caseInsensitive": true, + "sla": 0, + "threshold": 72, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json b/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json index 4bb9dcc31bd1..5b22a1d33f76 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json @@ -3,7 +3,8 @@ "associatedTypes": [ "Qradar Generic", "Carbon Black Endpoint Standard", - "Azure Active Directory Identity and Access" + "Azure Active Directory Identity and Access", + "Saas Security Incident" ], "breachScript": "", "caseInsensitive": true, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Policy_Details.json b/Packs/CommonTypes/IncidentFields/incidentfield-Policy_Details.json index f109bd916ad9..7fe2401289d6 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Policy_Details.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Policy_Details.json @@ -6,7 +6,8 @@ "AWS CloudTrail Misconfiguration", "AWS IAM Policy Misconfiguration", "AWS EC2 Instance Misconfiguration", - "Trend Micro CAS Event" + "Trend Micro CAS Event", + "Saas Security Incident" ], "breachScript": "", "caseInsensitive": true, diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Policy_ID.json b/Packs/CommonTypes/IncidentFields/incidentfield-Policy_ID.json index 8e6e97c692a1..8186003fbd2d 100644 --- a/Packs/CommonTypes/IncidentFields/incidentfield-Policy_ID.json +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Policy_ID.json @@ -6,8 +6,9 @@ "AWS CloudTrail Misconfiguration", "AWS IAM Policy Misconfiguration", "AWS EC2 Instance Misconfiguration", - "Tripwire File Change", - "Carbon Black Endpoint Standard" + "Tripwire File Change", + "Carbon Black Endpoint Standard", + "Saas Security Incident" ], "breachScript": "", "caseInsensitive": true, @@ -39,7 +40,8 @@ "AWS CloudTrail Misconfiguration", "AWS IAM Policy Misconfiguration", "AWS EC2 Instance Misconfiguration", - "Tripwire File Change" + "Tripwire File Change", + "Saas Security Incident" ], "threshold": 72, "type": "shortText", diff --git a/Packs/CommonTypes/IncidentFields/incidentfield-Policy_URI.json b/Packs/CommonTypes/IncidentFields/incidentfield-Policy_URI.json new file mode 100644 index 000000000000..8c26dc57dd25 --- /dev/null +++ b/Packs/CommonTypes/IncidentFields/incidentfield-Policy_URI.json @@ -0,0 +1,32 @@ +{ + "associatedToAll": false, + "associatedTypes": [ + "Saas Security Incident" + ], + "caseInsensitive": true, + "cliName": "policyuri", + "closeForm": false, + "content": true, + "editForm": true, + "group": 0, + "hidden": false, + "id": "incident_policyuri", + "isReadOnly": false, + "locked": false, + "name": "Policy URI", + "neverSetAsRequired": false, + "ownerOnly": false, + "required": false, + "sla": 0, + "system": false, + "systemAssociatedTypes": [ + "Saas Security Incident" + ], + "threshold": 72, + "type": "shortText", + "unmapped": false, + "unsearchable": false, + "useAsKpi": false, + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/CommonTypes/ReleaseNotes/3_1_15.md b/Packs/CommonTypes/ReleaseNotes/3_1_15.md new file mode 100644 index 000000000000..8941495f2b9a --- /dev/null +++ b/Packs/CommonTypes/ReleaseNotes/3_1_15.md @@ -0,0 +1,10 @@ + +#### Incident Fields +- **Exposure Level** +- **Policy ID** +- **Policy Details** +- **Last Update Time** +- **Policy URI** +- **Close Time** +- **Item Owner** +- **Item Owner Email** diff --git a/Packs/CommonTypes/pack_metadata.json b/Packs/CommonTypes/pack_metadata.json index 7c500eba9ecc..831109ed8284 100644 --- a/Packs/CommonTypes/pack_metadata.json +++ b/Packs/CommonTypes/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Common Types", "description": "This Content Pack will get you up and running in no-time and provide you with the most commonly used incident & indicator fields and types.", "support": "xsoar", - "currentVersion": "3.1.14", + "currentVersion": "3.1.15", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/PrismaSaasSecurity/.pack-ignore b/Packs/PrismaSaasSecurity/.pack-ignore new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/Packs/PrismaSaasSecurity/.secrets-ignore b/Packs/PrismaSaasSecurity/.secrets-ignore new file mode 100644 index 000000000000..1a8520f58aab --- /dev/null +++ b/Packs/PrismaSaasSecurity/.secrets-ignore @@ -0,0 +1,4 @@ +xsoartest@cirrotester.com +http://base_url +61099dd46b544e38fa3d2407 +61099dc26b544e38fa3ce06d \ No newline at end of file diff --git a/Packs/PrismaSaasSecurity/Classifiers/classifier-Saas_Security_-_Incoming_Mapper.json b/Packs/PrismaSaasSecurity/Classifiers/classifier-Saas_Security_-_Incoming_Mapper.json new file mode 100644 index 000000000000..afc71f23d4c6 --- /dev/null +++ b/Packs/PrismaSaasSecurity/Classifiers/classifier-Saas_Security_-_Incoming_Mapper.json @@ -0,0 +1,80 @@ +{ + "description": "Maps incoming Saas Security incidents fields.", + "feed": false, + "id": "Saas Security - Incoming Mapper", + "mapping": { + "Saas Security Incident": { + "dontMapEventToLabels": true, + "internalMapping": { + "Policy URI": { + "complex": null, + "simple": "policy_page_uri" + }, + "App": { + "complex": null, + "simple": "app_name" + }, + "Close Time": { + "complex": null, + "simple": "resolution_date" + }, + "Exposure Level": { + "complex": null, + "simple": "exposure_level" + }, + "Item Owner": { + "complex": null, + "simple": "asset_owner_name" + }, + "Item Owner Email": { + "complex": null, + "simple": "asset_owner_email" + }, + "Last Update Time": { + "complex": null, + "simple": "updated_at" + }, + "Policy Details": { + "complex": null, + "simple": "policy_name" + }, + "Policy ID": { + "complex": null, + "simple": "policy_id" + }, + "SHA256": { + "complex": null, + "simple": "asset_sha256" + }, + "State": { + "complex": null, + "simple": "state" + }, + "Tenant Name": { + "complex": null, + "simple": "tenant" + }, + "category": { + "complex": null, + "simple": "category" + }, + "name": { + "complex": null, + "simple": "asset_name" + }, + "occurred": { + "complex": null, + "simple": "created_at" + }, + "severity": { + "complex": null, + "simple": "severity" + } + } + } + }, + "name": "Saas Security - Incoming Mapper", + "type": "mapping-incoming", + "version": -1, + "fromVersion": "6.0.0" +} \ No newline at end of file diff --git a/Packs/PrismaSaasSecurity/IncidentTypes/incidenttype-Saas_Security.json b/Packs/PrismaSaasSecurity/IncidentTypes/incidenttype-Saas_Security.json new file mode 100644 index 000000000000..1eae8a591a93 --- /dev/null +++ b/Packs/PrismaSaasSecurity/IncidentTypes/incidenttype-Saas_Security.json @@ -0,0 +1,25 @@ +{ + "id": "Saas Security Incident", + "version": -1, + "vcShouldIgnore": false, + "locked": false, + "name": "Saas Security Incident", + "prevName": "Saas Security Incident", + "color": "#D4E8F1", + "hours": 0, + "days": 0, + "weeks": 0, + "hoursR": 0, + "daysR": 0, + "weeksR": 0, + "system": false, + "readonly": false, + "default": false, + "autorun": false, + "disabled": false, + "reputationCalc": 0, + "onChangeRepAlg": 0, + "detached": false, + "fromVersion": "6.0.0", + "layout": "Saas Security Layout" +} diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile new file mode 100644 index 000000000000..eeace5b7c0d4 --- /dev/null +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile @@ -0,0 +1,18 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] +pylint = "*" +pytest = "==5.0.1" +pytest-mock = "*" +requests-mock = "*" +pytest-asyncio = "*" + +[packages] +pytest = "*" +requests = "*" + +[requires] +python_version = "3.9" diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile.lock b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile.lock new file mode 100644 index 000000000000..6bdb9313414e --- /dev/null +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/Pipfile.lock @@ -0,0 +1,369 @@ +{ + "_meta": { + "hash": { + "sha256": "278db815bec49c11262633d34305f9b33f09432a223bedd5329a04f758f78b55" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.7" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "atomicwrites": { + "hashes": [ + "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4", + "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6" + ], + "version": "==1.3.0" + }, + "attrs": { + "hashes": [ + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" + ], + "version": "==19.1.0" + }, + "certifi": { + "hashes": [ + "sha256:e4f3620cfea4f83eedc95b24abd9cd56f3c4b146dd0177e83a21b4eb49e21e50", + "sha256:fd7c7c74727ddcf00e9acd26bba8da604ffec95bf1c2144e67aff7a8b50e6cef" + ], + "version": "==2019.9.11" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, + "importlib-metadata": { + "hashes": [ + "sha256:652234b6ab8f2506ae58e528b6fbcc668831d3cc758e1bc01ef438d328b68cdb", + "sha256:6f264986fb88042bc1f0535fa9a557e6a376cfe5679dc77caac7fe8b5d43d05f" + ], + "markers": "python_version < '3.8'", + "version": "==0.22" + }, + "more-itertools": { + "hashes": [ + "sha256:409cd48d4db7052af495b09dec721011634af3753ae1ef92d2b32f73a745f832", + "sha256:92b8c4b06dac4f0611c0729b2f2ede52b2e1bac1ab48f089c7ddc12e26bb60c4" + ], + "version": "==7.2.0" + }, + "packaging": { + "hashes": [ + "sha256:a7ac867b97fdc07ee80a8058fe4435ccd274ecc3b0ed61d852d7d53055528cf9", + "sha256:c491ca87294da7cc01902edbe30a5bc6c4c28172b5138ab4e4aa1b9d7bfaeafe" + ], + "version": "==19.1" + }, + "pluggy": { + "hashes": [ + "sha256:0db4b7601aae1d35b4a033282da476845aa19185c1e6964b25cf324b5e4ec3e6", + "sha256:fa5fa1622fa6dd5c030e9cad086fa19ef6a0cf6d7a2d12318e10cb49d6d68f34" + ], + "version": "==0.13.0" + }, + "py": { + "hashes": [ + "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa", + "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53" + ], + "version": "==1.8.0" + }, + "pyparsing": { + "hashes": [ + "sha256:6f98a7b9397e206d78cc01df10131398f1c8b8510a2f4d97d9abd82e1aacdd80", + "sha256:d9338df12903bbf5d65a0e4e87c2161968b10d2e489652bb47001d82a9b028b4" + ], + "version": "==2.4.2" + }, + "pytest": { + "hashes": [ + "sha256:95d13143cc14174ca1a01ec68e84d76ba5d9d493ac02716fd9706c949a505210", + "sha256:b78fe2881323bd44fd9bd76e5317173d4316577e7b1cddebae9136a4495ec865" + ], + "index": "pypi", + "version": "==5.1.2" + }, + "requests": { + "hashes": [ + "sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4", + "sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31" + ], + "index": "pypi", + "version": "==2.22.0" + }, + "six": { + "hashes": [ + "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", + "sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73" + ], + "version": "==1.12.0" + }, + "urllib3": { + "hashes": [ + "sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1", + "sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232" + ], + "version": "==1.25.3" + }, + "wcwidth": { + "hashes": [ + "sha256:3df37372226d6e63e1b1e1eda15c594bca98a22d33a23832a90998faa96bc65e", + "sha256:f4ebe71925af7b40a864553f761ed559b43544f8f71746c2d756c7fe788ade7c" + ], + "version": "==0.1.7" + }, + "zipp": { + "hashes": [ + "sha256:3718b1cbcd963c7d4c5511a8240812904164b7f381b647143a89d3b98f9bcd8e", + "sha256:f06903e9f1f43b12d371004b4ac7b06ab39a44adc747266928ae6debfa7b3335" + ], + "version": "==0.6.0" + } + }, + "develop": { + "astroid": { + "hashes": [ + "sha256:6560e1e1749f68c64a4b5dee4e091fce798d2f0d84ebe638cf0e0585a343acf4", + "sha256:b65db1bbaac9f9f4d190199bb8680af6f6f84fd3769a5ea883df8a91fe68b4c4" + ], + "version": "==2.2.5" + }, + "atomicwrites": { + "hashes": [ + "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4", + "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6" + ], + "version": "==1.3.0" + }, + "attrs": { + "hashes": [ + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" + ], + "version": "==19.1.0" + }, + "certifi": { + "hashes": [ + "sha256:e4f3620cfea4f83eedc95b24abd9cd56f3c4b146dd0177e83a21b4eb49e21e50", + "sha256:fd7c7c74727ddcf00e9acd26bba8da604ffec95bf1c2144e67aff7a8b50e6cef" + ], + "version": "==2019.9.11" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, + "importlib-metadata": { + "hashes": [ + "sha256:652234b6ab8f2506ae58e528b6fbcc668831d3cc758e1bc01ef438d328b68cdb", + "sha256:6f264986fb88042bc1f0535fa9a557e6a376cfe5679dc77caac7fe8b5d43d05f" + ], + "markers": "python_version < '3.8'", + "version": "==0.22" + }, + "isort": { + "hashes": [ + "sha256:54da7e92468955c4fceacd0c86bd0ec997b0e1ee80d97f67c35a78b719dccab1", + "sha256:6e811fcb295968434526407adb8796944f1988c5b65e8139058f2014cbe100fd" + ], + "version": "==4.3.21" + }, + "lazy-object-proxy": { + "hashes": [ + "sha256:02b260c8deb80db09325b99edf62ae344ce9bc64d68b7a634410b8e9a568edbf", + "sha256:18f9c401083a4ba6e162355873f906315332ea7035803d0fd8166051e3d402e3", + "sha256:1f2c6209a8917c525c1e2b55a716135ca4658a3042b5122d4e3413a4030c26ce", + "sha256:2f06d97f0ca0f414f6b707c974aaf8829c2292c1c497642f63824119d770226f", + "sha256:616c94f8176808f4018b39f9638080ed86f96b55370b5a9463b2ee5c926f6c5f", + "sha256:63b91e30ef47ef68a30f0c3c278fbfe9822319c15f34b7538a829515b84ca2a0", + "sha256:77b454f03860b844f758c5d5c6e5f18d27de899a3db367f4af06bec2e6013a8e", + "sha256:83fe27ba321e4cfac466178606147d3c0aa18e8087507caec78ed5a966a64905", + "sha256:84742532d39f72df959d237912344d8a1764c2d03fe58beba96a87bfa11a76d8", + "sha256:874ebf3caaf55a020aeb08acead813baf5a305927a71ce88c9377970fe7ad3c2", + "sha256:9f5caf2c7436d44f3cec97c2fa7791f8a675170badbfa86e1992ca1b84c37009", + "sha256:a0c8758d01fcdfe7ae8e4b4017b13552efa7f1197dd7358dc9da0576f9d0328a", + "sha256:a4def978d9d28cda2d960c279318d46b327632686d82b4917516c36d4c274512", + "sha256:ad4f4be843dace866af5fc142509e9b9817ca0c59342fdb176ab6ad552c927f5", + "sha256:ae33dd198f772f714420c5ab698ff05ff900150486c648d29951e9c70694338e", + "sha256:b4a2b782b8a8c5522ad35c93e04d60e2ba7f7dcb9271ec8e8c3e08239be6c7b4", + "sha256:c462eb33f6abca3b34cdedbe84d761f31a60b814e173b98ede3c81bb48967c4f", + "sha256:fd135b8d35dfdcdb984828c84d695937e58cc5f49e1c854eb311c4d6aa03f4f1" + ], + "version": "==1.4.2" + }, + "mccabe": { + "hashes": [ + "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42", + "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f" + ], + "version": "==0.6.1" + }, + "more-itertools": { + "hashes": [ + "sha256:409cd48d4db7052af495b09dec721011634af3753ae1ef92d2b32f73a745f832", + "sha256:92b8c4b06dac4f0611c0729b2f2ede52b2e1bac1ab48f089c7ddc12e26bb60c4" + ], + "version": "==7.2.0" + }, + "packaging": { + "hashes": [ + "sha256:a7ac867b97fdc07ee80a8058fe4435ccd274ecc3b0ed61d852d7d53055528cf9", + "sha256:c491ca87294da7cc01902edbe30a5bc6c4c28172b5138ab4e4aa1b9d7bfaeafe" + ], + "version": "==19.1" + }, + "pluggy": { + "hashes": [ + "sha256:0db4b7601aae1d35b4a033282da476845aa19185c1e6964b25cf324b5e4ec3e6", + "sha256:fa5fa1622fa6dd5c030e9cad086fa19ef6a0cf6d7a2d12318e10cb49d6d68f34" + ], + "version": "==0.13.0" + }, + "py": { + "hashes": [ + "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa", + "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53" + ], + "version": "==1.8.0" + }, + "pylint": { + "hashes": [ + "sha256:5d77031694a5fb97ea95e828c8d10fc770a1df6eb3906067aaed42201a8a6a09", + "sha256:723e3db49555abaf9bf79dc474c6b9e2935ad82230b10c1138a71ea41ac0fff1" + ], + "index": "pypi", + "version": "==2.3.1" + }, + "pyparsing": { + "hashes": [ + "sha256:6f98a7b9397e206d78cc01df10131398f1c8b8510a2f4d97d9abd82e1aacdd80", + "sha256:d9338df12903bbf5d65a0e4e87c2161968b10d2e489652bb47001d82a9b028b4" + ], + "version": "==2.4.2" + }, + "pytest": { + "hashes": [ + "sha256:95d13143cc14174ca1a01ec68e84d76ba5d9d493ac02716fd9706c949a505210", + "sha256:b78fe2881323bd44fd9bd76e5317173d4316577e7b1cddebae9136a4495ec865" + ], + "index": "pypi", + "version": "==5.1.2" + }, + "pytest-asyncio": { + "hashes": [ + "sha256:9fac5100fd716cbecf6ef89233e8590a4ad61d729d1732e0a96b84182df1daaf", + "sha256:d734718e25cfc32d2bf78d346e99d33724deeba774cc4afdf491530c6184b63b" + ], + "index": "pypi", + "version": "==0.10.0" + }, + "pytest-mock": { + "hashes": [ + "sha256:43ce4e9dd5074993e7c021bb1c22cbb5363e612a2b5a76bc6d956775b10758b7", + "sha256:5bf5771b1db93beac965a7347dc81c675ec4090cb841e49d9d34637a25c30568" + ], + "index": "pypi", + "version": "==1.10.4" + }, + "requests": { + "hashes": [ + "sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4", + "sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31" + ], + "index": "pypi", + "version": "==2.22.0" + }, + "requests-mock": { + "hashes": [ + "sha256:510df890afe08d36eca5bb16b4aa6308a6f85e3159ad3013bac8b9de7bd5a010", + "sha256:88d3402dd8b3c69a9e4f9d3a73ad11b15920c6efd36bc27bf1f701cf4a8e4646" + ], + "index": "pypi", + "version": "==1.7.0" + }, + "six": { + "hashes": [ + "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", + "sha256:d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73" + ], + "version": "==1.12.0" + }, + "typed-ast": { + "hashes": [ + "sha256:18511a0b3e7922276346bcb47e2ef9f38fb90fd31cb9223eed42c85d1312344e", + "sha256:262c247a82d005e43b5b7f69aff746370538e176131c32dda9cb0f324d27141e", + "sha256:2b907eb046d049bcd9892e3076c7a6456c93a25bebfe554e931620c90e6a25b0", + "sha256:354c16e5babd09f5cb0ee000d54cfa38401d8b8891eefa878ac772f827181a3c", + "sha256:4e0b70c6fc4d010f8107726af5fd37921b666f5b31d9331f0bd24ad9a088e631", + "sha256:630968c5cdee51a11c05a30453f8cd65e0cc1d2ad0d9192819df9978984529f4", + "sha256:66480f95b8167c9c5c5c87f32cf437d585937970f3fc24386f313a4c97b44e34", + "sha256:71211d26ffd12d63a83e079ff258ac9d56a1376a25bc80b1cdcdf601b855b90b", + "sha256:95bd11af7eafc16e829af2d3df510cecfd4387f6453355188342c3e79a2ec87a", + "sha256:bc6c7d3fa1325a0c6613512a093bc2a2a15aeec350451cbdf9e1d4bffe3e3233", + "sha256:cc34a6f5b426748a507dd5d1de4c1978f2eb5626d51326e43280941206c209e1", + "sha256:d755f03c1e4a51e9b24d899561fec4ccaf51f210d52abdf8c07ee2849b212a36", + "sha256:d7c45933b1bdfaf9f36c579671fec15d25b06c8398f113dab64c18ed1adda01d", + "sha256:d896919306dd0aa22d0132f62a1b78d11aaf4c9fc5b3410d3c666b818191630a", + "sha256:ffde2fbfad571af120fcbfbbc61c72469e72f550d676c3342492a9dfdefb8f12" + ], + "markers": "implementation_name == 'cpython'", + "version": "==1.4.0" + }, + "urllib3": { + "hashes": [ + "sha256:b246607a25ac80bedac05c6f282e3cdaf3afb65420fd024ac94435cabe6e18d1", + "sha256:dbe59173209418ae49d485b87d1681aefa36252ee85884c31346debd19463232" + ], + "version": "==1.25.3" + }, + "wcwidth": { + "hashes": [ + "sha256:3df37372226d6e63e1b1e1eda15c594bca98a22d33a23832a90998faa96bc65e", + "sha256:f4ebe71925af7b40a864553f761ed559b43544f8f71746c2d756c7fe788ade7c" + ], + "version": "==0.1.7" + }, + "wrapt": { + "hashes": [ + "sha256:565a021fd19419476b9362b05eeaa094178de64f8361e44468f9e9d7843901e1" + ], + "version": "==1.11.2" + }, + "zipp": { + "hashes": [ + "sha256:3718b1cbcd963c7d4c5511a8240812904164b7f381b647143a89d3b98f9bcd8e", + "sha256:f06903e9f1f43b12d371004b4ac7b06ab39a44adc747266928ae6debfa7b3335" + ], + "version": "==0.6.0" + } + } +} diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/README.md b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/README.md new file mode 100644 index 000000000000..a91101888fbe --- /dev/null +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/README.md @@ -0,0 +1,489 @@ +Use the SaaS Security integration to protect against cloud‑based threats by scanning and analyzing all your assets; applying Security policy to identify exposures, external collaborators, risky user behavior, and sensitive documents; and identifying the potential risks associated with each asset. + +## Configure SaaSSecurity on Cortex XSOAR + +1. Navigate to **Settings** > **Integrations** > **Servers & Services**. +2. Search for **SaaS Security**. +3. Click **Add instance** to create and configure a new integration instance. + + | **Parameter** | **Description** | **Required** | + | --- | --- | --- | + | Server URL | https://api.aperture.paloaltonetworks.com (US)
https://api.aperture-eu.paloaltonetworks.com (EU)
https://api.aperture-apac.paloaltonetworks.com (APAC) | True | + | Client ID | Saas Security Client ID | True | + | Client Secret | Saas Security Client Secret | True | + | Fetch incidents | Whether to fetch incidents from the SaaS Security platform | False | + | Incidents Fetch Interval | | False | + | Incident type | | False | + | Number of incidents per fetch | Minimum is 10 | True | + | First fetch timestamp | (<number> <time unit>, e.g., 12 hours, 7 days) | False | + | Fetch only incidents with matching state | | False | + | Fetch only incidents with matching severity | If nothing is selected, all severities will be used. | False | + | Fetch only incidents with matching status | If nothing is selected, all statuses will be used. | False | + | Fetch only incidents with matching App IDs | Comma-separated list of Application IDs. Run the 'saas-security-get-apps' + command to return the Application ID, Name, and Type for all applications. | False | + | Trust any certificate (not secure) | | False | + | Use system proxy settings | | False | + +4. Click **Test** to validate the URLs, token, and connection. +## Commands +You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. +After you successfully execute a command, a DBot message appears in the War Room with the command details. +### saas-security-incidents-get +*** +Retrieve incidents from the SaaS Security platform. + + +#### Base Command + +`saas-security-incidents-get` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| limit | The number of incidents to pull. Default is 50, maximum is 200, minimum is 10. Default is 50. | Optional | +| from | The start time of the query, filtered by the date the incident was updated, e.g., 2021-08-23T09:26:25.872Z. | Optional | +| to | The end time of the query, filtered by the date the incident was updated, e.g., 2021-08-23T09:26:25.872Z. | Optional | +| app_ids | Comma-separated list of application IDs. Run the 'saas-security-get-apps' command to return the Application ID, Name, and Type for all applications. | Optional | +| state | 'The state of the incidents. If empty, retrieves all states. Possible values: "All", "Open", and "Closed".' | Optional | +| severity | 'The severity of the incidents. In none is selected, all severities will be pulled. Possible values: "1", "2", "3", "4", and "5".' | Optional | +| status | 'The status of the incidents. Possible values:"New", "Assigned", " In Progress", "Pending", "No Reason", "Business Justified", "Misidentified", "In The Cloud", and "Dismiss".' | Optional | +| next_page | Get the next batch of incidents. No other argument is needed when providing this. | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| SaasSecurity.Incident.incident_id | Number | Incident ID. | +| SaasSecurity.Incident.tenant | String | Tenant associated with the incident. | +| SaasSecurity.Incident.app_id | String | Application ID. | +| SaasSecurity.Incident.app_name | String | Application name. | +| SaasSecurity.Incident.app_type | String | Application type. | +| SaasSecurity.Incident.cloud_id | String | Cloud ID. | +| SaasSecurity.Incident.asset_name | String | Asset name. | +| SaasSecurity.Incident.asset_sha256 | String | SHA256 hash value of the asset. | +| SaasSecurity.Incident.asset_id | String | Asset ID. | +| SaasSecurity.Incident.asset_page_uri | String | Asset page URI. | +| SaasSecurity.Incident.asset_cloud_uri | String | Asset cloud URI. | +| SaasSecurity.Incident.exposure_type | Number | Exposure type \(Internal/External\). | +| SaasSecurity.Incident.exposure_level | String | Exposure level. | +| SaasSecurity.Incident.policy_id | String | Policy ID. | +| SaasSecurity.Incident.policy_name | String | Policy name. | +| SaasSecurity.Incident.policy_version | Number | Policy version. | +| SaasSecurity.Incident.policy_page_uri | String | Policy page URI. | +| SaasSecurity.Incident.severity | String | Severity of the incident. | +| SaasSecurity.Incident.status | String | Incident status. | +| SaasSecurity.Incident.state | String | Incident state. | +| SaasSecurity.Incident.category | String | Incident category. | +| SaasSecurity.Incident.resolved_by | String | Name of the user who resolved the incident. | +| SaasSecurity.Incident.resolution_date | Date | Date the incident was resolved. | +| SaasSecurity.Incident.created_at | Date | Date the incident was created, e.g., \`2021-08-23T09:26:25.872Z\`. | +| SaasSecurity.Incident.updated_at | Date | Date the incident was last updated, e.g., \`2021-08-24T09:26:25.872Z\`. | +| SaasSecurity.Incident.asset_owner_id | String | ID of the asset owner. | +| SaasSecurity.Incident.asset_owner_name | String | Name of the asset owner. | +| SaasSecurity.Incident.asset_owner_email | String | Email of the asset owner. | +| SaasSecurity.NextResultsPage | String | URI for the next batch of incidents. | + + +#### Command Example +```!saas-security-incidents-get limit=11 app_ids=acf49b2389c09f26ad0ccd2b1a603328 from=2021-08-23T20:25:17.495Z state=open``` + +#### Context Example +```json +{ + "SaasSecurity": { + "Incident": [ + { + "app_id": "acf49b2389c09f26ad0ccd2b1a603328", + "app_name": "Box 1", + "app_type": "box", + "asset_cloud_uri": "https://www.box.com/files/0/f/114948778953/1/f_675197457403", + "asset_id": "61099dc26b544e38fa3ce06d", + "asset_name": "SP0605 copy 6.java", + "asset_owner_email": "xsoartest@cirrotester.com", + "asset_owner_id": "22FD054D362DC548A9C22F25782E1DAEED03C12F3898CD0F2E2A1B4CF728D04BD644B3CC010FDAC3D10EC0D408F4F79AC147E3D56415D1052BCFCD899A8E249F", + "asset_owner_name": "Xsoar test", + "asset_page_uri": "https://xsoartest.staging.cirrotester.com/cloud_assets/61099dc26b544e38fa3ce06d", + "asset_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "category": "business_justified", + "cloud_id": "675197457403", + "collaborators": [], + "created_at": "2021-08-03T20:25:15.417Z", + "data_patterns": [], + "exposure_level": "internal", + "exposure_type": 8, + "group_ids": [], + "incident_id": 4, + "policy_id": "6109a5d0e64152534b240f48", + "policy_page_uri": "https://xsoartest.staging.cirrotester.com/data_policies/6109a5d0e64152534b240f48", + "policy_version": 1, + "policy_name": "policy name", + "resolution_date": "2021-08-24T07:44:21.608Z", + "resolved_by": "api", + "severity": "Low", + "state": "closed", + "status": "Closed-Business Justified", + "tenant": "xsoartest", + "updated_at": "2021-08-24T07:44:21.608Z" + }, + { + "app_id": "acf49b2389c09f26ad0ccd2b1a603328", + "app_name": "Box 1", + "app_type": "box", + "asset_cloud_uri": "https://www.box.com/files/0/f/114948778953/1/f_675197556380", + "asset_id": "61099dbe6b544e38fa3cc9b8", + "asset_name": "SP0605 copy 2.java", + "asset_owner_email": "xsoartest@cirrotester.com", + "asset_owner_id": "22FD054D362DC548A9C22F25782E1DAEED03C12F3898CD0F2E2A1B4CF728D04BD644B3CC010FDAC3D10EC0D408F4F79AC147E3D56415D1052BCFCD899A8E249F", + "asset_owner_name": "Xsoar test", + "asset_page_uri": "https://xsoartest.staging.cirrotester.com/cloud_assets/61099dbe6b544e38fa3cc9b8", + "asset_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "category": "business_justified", + "cloud_id": "675197556380", + "collaborators": [], + "created_at": "2021-08-03T20:25:12.000Z", + "data_patterns": [], + "exposure_level": "internal", + "exposure_type": 8, + "group_ids": [], + "incident_id": 1, + "policy_id": "6109a5d0e64152534b240f48", + "policy_page_uri": "https://xsoartest.staging.cirrotester.com/data_policies/6109a5d0e64152534b240f48", + "policy_version": 1, + "resolution_date": "2021-08-24T08:19:57.429Z", + "resolved_by": "api", + "severity": "Low", + "status": "Closed-Business Justified", + "tenant": "xsoartest", + "updated_at": "2021-08-24T08:19:57.429Z" + } + ] + } +} +``` + +#### Human Readable Output + +>### Incidents +>|Incident Id|App Id|App Name|Asset Name|Exposure Level|Severity|Category|Created At|Updated At| +>|---|---|---|---|---|---|---|---|---| +>| 4 | acf49b2389c09f26ad0ccd2b1a603328 | Box 1 | SP0605 copy 6.java | internal | Low | business_justified | 2021-08-03T20:25:15.417Z | 2021-08-24T07:44:21.608Z | +>| 1 | acf49b2389c09f26ad0ccd2b1a603328 | Box 1 | SP0605 copy 2.java | internal | Low | business_justified | 2021-08-03T20:25:12.000Z | 2021-08-24T08:19:57.429Z | +>| 5 | acf49b2389c09f26ad0ccd2b1a603328 | Box 1 | SP0605 copy 7.java | internal | Low | aperture | 2021-08-03T20:25:16.842Z | 2021-08-24T17:08:51.022Z | +>| 8 | acf49b2389c09f26ad0ccd2b1a603328 | Box 1 | ml_file.java | internal | Low | aperture | 2021-08-03T20:25:17.043Z | 2021-08-24T17:10:37.433Z | +>| 3 | acf49b2389c09f26ad0ccd2b1a603328 | Box 1 | SP0605 copy 5.java | internal | Low | misidentified | 2021-08-03T20:25:13.770Z | 2021-08-25T14:29:42.288Z | + + +### saas-security-incident-get-by-id +*** +Gets an incident by its ID. + + +#### Base Command + +`saas-security-incident-get-by-id` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The incident ID. | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| SaasSecurity.Incident.incident_id | Number | Incident ID. | +| SaasSecurity.Incident.tenant | String | Tenant associated with the incident. | +| SaasSecurity.Incident.app_id | String | Application ID. | +| SaasSecurity.Incident.app_name | String | Application name. | +| SaasSecurity.Incident.app_type | String | Application type. | +| SaasSecurity.Incident.cloud_id | String | Cloud ID. | +| SaasSecurity.Incident.asset_name | String | Asset name. | +| SaasSecurity.Incident.asset_sha256 | String | SHA256 hash value of the asset. | +| SaasSecurity.Incident.asset_id | String | Asset ID. | +| SaasSecurity.Incident.asset_page_uri | String | Asset page URI. | +| SaasSecurity.Incident.asset_cloud_uri | String | Asset cloud URI. | +| SaasSecurity.Incident.exposure_type | Number | Exposure type \(Internal/External\). | +| SaasSecurity.Incident.exposure_level | String | Exposure level. | +| SaasSecurity.Incident.policy_id | String | Policy ID. | +| SaasSecurity.Incident.policy_name | String | Policy name. | +| SaasSecurity.Incident.policy_version | Number | Policy version. | +| SaasSecurity.Incident.policy_page_uri | String | Policy page URI. | +| SaasSecurity.Incident.severity | String | Severity of the incident. | +| SaasSecurity.Incident.status | String | Incident status. | +| SaasSecurity.Incident.state | String | Incident state. | +| SaasSecurity.Incident.category | String | Incident category. | +| SaasSecurity.Incident.resolved_by | String | Name of the user who resolved the incident. | +| SaasSecurity.Incident.resolution_date | Date | Date the incident was resolved. | +| SaasSecurity.Incident.created_at | Date | Date the incident was created, e.g., \`2021-08-23T09:26:25.872Z\`. | +| SaasSecurity.Incident.updated_at | Date | Date the incident was last updated, e.g., \`2021-08-24T09:26:25.872Z\`. | +| SaasSecurity.Incident.asset_owner_id | String | The ID of the asset owner. | +| SaasSecurity.Incident.asset_owner_name | String | The name of the asset owner. | +| SaasSecurity.Incident.asset_owner_email | String | The email address of the asset owner. | + + +#### Command Example +```!saas-security-incident-get-by-id id=4``` + +#### Context Example +```json +{ + "SaasSecurity": { + "Incident": { + "app_id": "acf49b2389c09f26ad0ccd2b1a603328", + "app_name": "Box 1", + "app_type": "box", + "asset_cloud_uri": "https://www.box.com/files/0/f/114948778953/1/f_675197457403", + "asset_id": "61099dc26b544e38fa3ce06d", + "asset_name": "SP0605 copy 6.java", + "asset_owner_email": "xsoartest@cirrotester.com", + "asset_owner_id": "22FD054D362DC548A9C22F25782E1DAEED03C12F3898CD0F2E2A1B4CF728D04BD644B3CC010FDAC3D10EC0D408F4F79AC147E3D56415D1052BCFCD899A8E249F", + "asset_owner_name": "Xsoar test", + "asset_page_uri": "https://xsoartest.staging.cirrotester.com/cloud_assets/61099dc26b544e38fa3ce06d", + "asset_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "category": "business_justified", + "cloud_id": "675197457403", + "collaborators": [], + "created_at": "2021-08-03T20:25:15.417Z", + "data_patterns": [], + "exposure_level": "internal", + "exposure_type": 8, + "group_ids": [], + "incident_id": 4, + "policy_id": "6109a5d0e64152534b240f48", + "policy_page_uri": "https://xsoartest.staging.cirrotester.com/data_policies/6109a5d0e64152534b240f48", + "policy_version": 1, + "resolution_date": "2021-08-26T07:04:14.598Z", + "resolved_by": "api", + "severity": "Low", + "state": "closed", + "tenant": "xsoartest", + "updated_at": "2021-08-26T07:04:14.598Z" + } + } +} +``` + +#### Human Readable Output + +>### Incident 4 details +>|Incident Id|App Id|App Name|Asset Name|Exposure Level|Severity|State|Category|Created At|Updated At| +>|---|---|---|---|---|---|---|---|---|---| +>| 4 | acf49b2389c09f26ad0ccd2b1a603328 | Box 1 | SP0605 copy 6.java | internal | 1.0 | closed | business_justified | 2021-08-03T20:25:15.417Z | 2021-08-26T07:04:14.598Z | + + + +### saas-security-incident-state-update +*** +Close an incident and update its category. + + +#### Base Command + +`saas-security-incident-state-update` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| id | The incident ID. | Required | +| category | 'Reason for closing the incident. Possible values: "Misidentified", "No Reason", and "Business Justified".' | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| SaasSecurity.IncidentState.incident_id | String | The incident ID. | +| SaasSecurity.IncidentState.state | String | Incident state \(open/closed\). | +| SaasSecurity.IncidentState.category | String | Incident category. | +| SaasSecurity.IncidentState.resolved_by | String | Name of the user who resolved the incident. | +| SaasSecurity.IncidentState.resolution_date | Date | Date when the incident was resolved. | + + +#### Command Example +```!saas-security-incident-state-update category="Business Justified" id=4``` + +#### Context Example +```json +{ + "SaasSecurity": { + "IncidentState": { + "category": "business_justified", + "incident_id": "4", + "resolution_date": "2021-08-26T07:04:14.598Z", + "resolved_by": "api", + "state": "closed" + } + } +} +``` + +#### Human Readable Output + +>### Incident 4 status details +>|Category|Incident Id|Resolution Date|Resolved By|State| +>|---|---|---|---|---| +>| business_justified | 4 | 2021-08-26T07:04:14.598Z | api | closed | + + +### saas-security-get-apps +*** +Returns the Application ID, Name, and Type for all applications. + + +#### Base Command + +`saas-security-get-apps` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| SaasSecurity.App.app_name | String | Application name. | +| SaasSecurity.App.app_id | String | Application ID. | +| SaasSecurity.App.app_type | String | Application type. | + + +#### Command Example +```!saas-security-get-apps``` + +#### Context Example +```json +{ + "SaasSecurity": { + "App": [ + { + "app_id": "acf49b2389c09f26ad0ccd2b1a603328", + "app_name": "Box 1", + "app_type": "box" + }, + { + "app_id": "2642aaa03dc6fc44496bdfffe5e1bc74", + "app_name": "Office 365 1", + "app_type": "office365" + } + ] + } +} +``` + +#### Human Readable Output + +>### Apps Info +>|App Id|App Name|App Type| +>|---|---|---| +>| acf49b2389c09f26ad0ccd2b1a603328 | Box 1 | box | +>| 2642aaa03dc6fc44496bdfffe5e1bc74 | Office 365 1 | office365 | + + +### saas-security-asset-remediate +*** +Remediate an asset. + + +#### Base Command + +`saas-security-asset-remediate` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| asset_id | The ID of the asset to remediate. | Required | +| remediation_type | 'The remediation action to take. Possible values: "Remove public sharing", "Quarantine", and "Restore".' | Required | +| remove_inherited_sharing | 'Used when the remediation type is “Remove public sharing”. When set + to true, all the parent folders with a shared URL will be removed. Possible values: "True" and "False"' | Optional | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| SaasSecurity.Remediation.asset_id | String | Asset ID. | +| SaasSecurity.Remediation.remediation_type | String | Remediation type. | +| SaasSecurity.Remediation.status | String | Remediation action status. | + + +#### Command Example +```!saas-security-asset-remediate asset_id=61099dc46b544e38fa3ce89a remediation_type=Quarantine``` + +#### Context Example +```json +{ + "SaasSecurity": { + "Remediation": { + "asset_id": "61099dc46b544e38fa3ce89a", + "remediation_type": "system_quarantine", + "status": "pending" + } + } +} +``` + +#### Human Readable Output + +>### Remediation details for asset: 61099dc46b544e38fa3ce89a +>|Asset Id|Remediation Type|Status| +>|---|---|---| +>| 61099dc46b544e38fa3ce89a | system_quarantine | pending | + + +### saas-security-remediation-status-get +*** +Get the remediation status for a given asset ID. + + +#### Base Command + +`saas-security-remediation-status-get` +#### Input + +| **Argument Name** | **Description** | **Required** | +| --- | --- | --- | +| asset_id | The asset ID. | Required | +| remediation_type | 'The remediation action that was taken. Possible values: "Remove public sharing", "Quarantine", and "Restore".' | Required | + + +#### Context Output + +| **Path** | **Type** | **Description** | +| --- | --- | --- | +| SaasSecurity.Remediation.asset_id | String | Asset ID. | +| SaasSecurity.Remediation.asset_name | String | Asset name. | +| SaasSecurity.Remediation.remediation_type | String | Remediation type. | +| SaasSecurity.Remediation.action_taker | String | Source of the remediation action, e.g., 'api'. | +| SaasSecurity.Remediation.action_date | Date | Date when the remediation action was taken. | +| SaasSecurity.Remediation.status | String | Remediation action status. | + + +#### Command Example +```!saas-security-remediation-status-get asset_id=61099dc46b544e38fa3ce89a remediation_type=Quarantine``` + +#### Context Example +```json +{ + "SaasSecurity": { + "Remediation": { + "action_date": "2021-08-25T21:18:37.148+0000", + "action_taker": "api", + "asset_id": "61099dc46b544e38fa3ce89a", + "asset_name": "SP0605 copy.java", + "remediation_type": "system_quarantine", + "status": "success" + } + } +} +``` + +#### Human Readable Output + +>### Asset 61099dc46b544e38fa3ce89a remediation details +>|Action Date|Action Taker|Asset Id|Asset Name|Remediation Type|Status| +>|---|---|---|---|---|---| +>| 2021-08-25T21:18:37.148+0000 | api | 61099dc46b544e38fa3ce89a | SP0605 copy.java | system_quarantine | success | + diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.py b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.py new file mode 100644 index 000000000000..25c7814ea834 --- /dev/null +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.py @@ -0,0 +1,492 @@ +import demistomock as demisto +from CommonServerPython import * # noqa # pylint: disable=unused-wildcard-import +from CommonServerUserPython import * # noqa + +import traceback + +# Disable insecure warnings +requests.packages.urllib3.disable_warnings() # pylint: disable=no-member + +''' CONSTANTS ''' + +DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ' # ISO8601 format with UTC, default in XSOAR +SAAS_SECURITY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ' + +CLIENT_CREDS = 'client_credentials' + +# Token life time is 119 minutes +TOKEN_LIFE_TIME = 117 + +# Actual value is 1000 but we don't want to allow it. +LIMIT_MAX = 200 +LIMIT_MIN = 10 +LIMIT_DEFAULT = 50 + +INC_HEADERS_SHORTEN = ['incident_id', 'app_id', 'app_name', 'asset_id', 'asset_name', 'exposure_level', 'severity', + 'state', 'status', 'category', 'created_at', 'updated_at', 'policy_name'] + +REMEDIATION_MAP = { + 'Remove public sharing': 'remove_public_sharing', + 'Quarantine': 'system_quarantine', + 'Restore': 'system_restore', +} + +STATUS_MAP = { + 'New': 'open-new', + 'Assigned': 'open-assigned', + 'In Progress': 'open-in progress', + 'Pending': 'open-pending', + 'No Reason': 'closed-no reason', + 'Business Justified': 'closed-business justified', + 'Misidentified': 'closed-misidentified', + 'In The Cloud': 'closed-in the cloud', + 'Dismiss': 'closed-dismiss', + 'All': '', +} + + +class Scopes: + api = 'api_access' + incidents = 'incident_api' + remediation = 'remediation_api' + + +''' CLIENT CLASS ''' + + +class Client(BaseClient): + """Client class to interact with the service API + + This Client implements API calls to the Saas Security platform, and does not contain any XSOAR logic. + Handles the token retrieval. + + :param base_url (str): Saas Security server url. + :param client_id (str): client ID. + :param client_secret (str): client secret. + :param verify (bool): specifies whether to verify the SSL certificate or not. + :param proxy (bool): specifies if to use XSOAR proxy settings. + """ + + def __init__(self, base_url: str, client_id: str, client_secret: str, verify: bool, proxy: bool, **kwargs): + self.client_id = client_id + self.client_secret = client_secret + + super().__init__(base_url=base_url, verify=verify, proxy=proxy, **kwargs) + + def http_request(self, *args, **kwargs): + """ + Overrides Base client request function, retrieves and adds to headers access token before sending the request. + + :return: The http response + """ + token = self.get_access_token() + headers = { + 'Authorization': f'Bearer {token}', + 'Content-Type': 'application/json', + } + return super()._http_request(*args, headers=headers, **kwargs) # type: ignore[misc] + + def get_access_token(self): + """ + Obtains access and refresh token from server. + Access token is used and stored in the integration context until expiration time. + After expiration, new refresh token and access token are obtained and stored in the + integration context. + + :return: Access token that will be added to authorization header. + :rtype: str + """ + now = datetime.now() + integration_context = get_integration_context() + access_token = integration_context.get('access_token') + time_issued = integration_context.get('time_issued') + + if access_token and get_passed_mins(now, time_issued) < TOKEN_LIFE_TIME: + return access_token + + # there's no token or it is expired + access_token = self.get_token_request() + integration_context = {'access_token': access_token, 'time_issued': date_to_timestamp(now) / 1000} + set_integration_context(integration_context) + return access_token + + def get_token_request(self): + """ + Sends request to retrieve token. + + :return: Access token. + :rtype: str + """ + base64_encoded_creds = b64_encode(f'{self.client_id}:{self.client_secret}') + headers = { + 'accept': 'application/json', + 'Content-Type': 'application/x-www-form-urlencoded; charset=ISO-8859-1', + 'Authorization': f'Basic {base64_encoded_creds}', + } + params = { + 'grant_type': CLIENT_CREDS, + 'scope': f'{Scopes.api} {Scopes.incidents} {Scopes.remediation}', + } + token_response = self._http_request('POST', url_suffix='/oauth/token', + params=params, headers=headers) + return token_response.get('access_token') + + def get_incidents(self, limit: int = None, from_time: str = None, to_time: str = None, app_ids: str = None, + state: str = None, severity: str = None, status: str = None, next_page: str = None): + """ + :param limit: The number of incidents to pull per page. Default is 50, max is 1000, min is 10. + :param from_time: The start time of query, filter by the incident's “updated-at” field. + :param to_time: The end time of query, filter by the incident's “updated-at” field. + :param app_ids: List of application id. Comma-separated. + :param state: The state of the incidents to pull. Default is open. + :param severity: The severity of the incidents to pull. + :param status: The status of the incidents to pull. + :param next_page: For pagination purposes. If provided, params should be None. + """ + url_suffix = next_page or '/incident/api/incidents/delta' + state = state if state != 'All' else None + + params = { + 'limit': limit, + 'from': from_time, + 'to': to_time, + 'app_ids': app_ids, + 'state': state, + 'severity': severity, + 'status': status, + } if not next_page else {} + remove_nulls_from_dictionary(params) + + return self.http_request('GET', url_suffix=url_suffix, params=params) + + def get_incident_by_id(self, inc_id: str): + """ + :param inc_id: The incident ID. + """ + return self.http_request('GET', url_suffix=f'/incident/api/incidents/{inc_id}') + + def update_incident_state(self, inc_id: str, category: str): + """ + :param inc_id: The incident ID. + :param category: Closing category. + """ + body = { + 'state': 'closed', + 'category': category, + } + return self.http_request('POST', url_suffix=f'/incident/api/incidents/{inc_id}/state', json_data=body) + + def get_apps(self): + return self.http_request('GET', url_suffix='/incident/api/apps') + + def remediate_asset(self, asset_id: str, remediation_type: str, remove_inherited_sharing: bool): + """ + :param asset_id: The asset ID. + :param remediation_type: The remediation action to take. + :param remove_inherited_sharing: Used when remediation type is “remove_public_sharing”, + when set to true, all the parent folder sharing url will be removed. + """ + body = assign_params( + remediation_type=remediation_type, + remove_inherited_sharing=remove_inherited_sharing, + asset_id=asset_id, + ) + + self.http_request('POST', url_suffix='/remediation/api/assets', json_data=body, resp_type='response') + + def asset_remediation_status(self, asset_id: str, remediation_type: str): + """ + :param asset_id: The asset ID. + :param remediation_type: The remediation action that was taken. + """ + + params = assign_params( + remediation_type=remediation_type, + asset_id=asset_id, + ) + + return self.http_request('GET', url_suffix='/remediation/api/assets', params=params) + + +''' HELPER FUNCTIONS ''' + + +def get_passed_mins(start_time, end_time_str, tz=None): + """ + Calculates the amount of minutes passed between 2 dates. + :param start_time: Start time in datetime + :param end_time_str: End time in str + + :return: The passed minutes. + :rtype: int + """ + time_delta = start_time - datetime.fromtimestamp(end_time_str, tz) + return time_delta.seconds / 60 + + +def convert_to_xsoar_incident(inc) -> dict: + occurred = inc.get('created_at') + return { + 'name': f'Saas Security: {inc.get("asset_name", "No asset name")}', + 'occurred': datetime.strptime(occurred, SAAS_SECURITY_DATE_FORMAT).strftime( + DATE_FORMAT) if occurred else None, + 'rawJSON': json.dumps(inc) + } + + +''' COMMAND FUNCTIONS ''' + + +def test_module(client: Client, is_fetch: bool = False, first_fetch_time: str = None, state: str = None, + severity: str = None, status: str = None, app_ids: str = None) -> str: + """Tests API connectivity and authentication' + + Returning 'ok' indicates that the integration works like it is supposed to. + Connection to the service is successful. + Raises exceptions if something goes wrong. + + When an instance was configured to fetch incident, the fetch params are tested as well. + """ + # test with fetch parameters + if is_fetch: + last_fetch = dateparser.parse(first_fetch_time, settings={'TIMEZONE': 'UTC'}) + last_fetch = last_fetch.strftime(SAAS_SECURITY_DATE_FORMAT)[:-4] + 'Z' + client.get_incidents(from_time=last_fetch, state=state, severity=severity, status=status, app_ids=app_ids) + else: + client.get_incidents() + return 'ok' + + +def get_incidents_command(client: Client, args: dict) -> CommandResults: + """ + List incidents with query. + """ + limit = arg_to_number(args.get('limit')) or LIMIT_DEFAULT + from_time = args.get('from') + to_time = args.get('to') + app_ids = ','.join(argToList(args.get('app_ids', []))) + state = args.get('state', 'open') + severity = ','.join(argToList(args.get('severity', []))) + status = ','.join(STATUS_MAP.get(x) for x in argToList(args.get('status', []))) # type: ignore[misc] + next_page = args.get('next_page') + + if limit > LIMIT_MAX or limit < LIMIT_MIN: + demisto.debug('SaaSSecurity: limit must be between 10 to 500. Setting limit to the default value of 50.') + limit = LIMIT_MIN + + raw_res = client.get_incidents(limit, from_time, to_time, app_ids, state, severity, status, next_page) + incidents = raw_res.get('resources', []) + + # The API always returns the nextPage field with value in it even if there are no more incidents to retrieve. + next_page = raw_res.get('nextPath') if len(incidents) == limit else None + metadata = 'Run the following command to retrieve the next batch of incidents:\n' \ + f'!saas-security-incidents-get next_page={next_page}' if next_page else None + + outputs = { + 'SaasSecurity.Incident(val.incident_id && val.incident_id == obj.incident_id)': incidents, + } + if next_page: + outputs['SaasSecurity.NextResultsPage'] = next_page + + human_readable = tableToMarkdown('Incidents', incidents, headers=INC_HEADERS_SHORTEN, + headerTransform=string_to_table_header, removeNull=True, + metadata=metadata) + + return CommandResults( + readable_output=human_readable, + outputs=outputs, + raw_response=raw_res) + + +def get_incident_by_id_command(client: Client, args: dict) -> CommandResults: + """ + Get incident by ID. + """ + inc_id = args['id'] + incident = client.get_incident_by_id(inc_id) + human_readable = tableToMarkdown(f'Incident {inc_id} details', incident, headers=INC_HEADERS_SHORTEN, + headerTransform=string_to_table_header, removeNull=True) + + return CommandResults( + outputs_prefix='SaasSecurity.Incident', + outputs_key_field='incident_id', + readable_output=human_readable, + outputs=incident, + raw_response=incident) + + +def update_incident_state_command(client: Client, args: dict) -> CommandResults: + """ + Changes an Incident status, can only closing due to an API limitation. + Category can be changed multiple times. + """ + inc_id = args['id'] + category = args.get('category', '').replace(' ', '_').lower() + + raw_res = client.update_incident_state(inc_id, category) + raw_res['incident_id'] = inc_id + human_readable = tableToMarkdown(f'Incident {inc_id} status details', raw_res, removeNull=True, + headerTransform=string_to_table_header) + + return CommandResults( + outputs_prefix='SaasSecurity.IncidentState', + outputs_key_field='incident_id', + readable_output=human_readable, + outputs=raw_res, + raw_response=raw_res) + + +def get_apps_command(client: Client, _) -> CommandResults: + """ + Gets Apps info. + """ + raw_res = client.get_apps() + human_readable = tableToMarkdown('Apps Info', raw_res, removeNull=True, + headerTransform=string_to_table_header) + + return CommandResults( + outputs_prefix='SaasSecurity.App', + outputs_key_field='app_id', + readable_output=human_readable, + outputs=raw_res, + raw_response=raw_res) + + +def remediate_asset_command(client: Client, args: dict) -> CommandResults: + """ + Remediate as asset. + """ + asset_id = args['asset_id'] + remediation_type = REMEDIATION_MAP.get(args.get('remediation_type')) # type: ignore + + if not remediation_type: + raise DemistoException(f'Invalid remediation type: {args.get("remediation_type")}.\n' + f'Must be one of the following: Remove public sharing, Quarantine, Restore') + + remove_inherited_sharing = argToBoolean( + args.get('remove_inherited_sharing', False)) if remediation_type == 'remove_public_sharing' else None + + client.remediate_asset(asset_id, remediation_type, remove_inherited_sharing) + outputs = { + 'asset_id': asset_id, + 'remediation_type': remediation_type, + 'status': 'pending', + } + return CommandResults( + outputs_prefix='SaasSecurity.Remediation', + outputs_key_field='asset_id', + readable_output=tableToMarkdown(f'Remediation details for asset: {asset_id}', outputs, removeNull=True, + headerTransform=string_to_table_header), + outputs=outputs) + + +def get_remediation_status_command(client: Client, args: dict) -> CommandResults: + """ + Get Remediation Status for a given asset ID. + """ + asset_id = args['asset_id'] + remediation_type = REMEDIATION_MAP.get(args.get('remediation_type')) # type: ignore + + if not remediation_type: + raise DemistoException(f'Invalid remediation type: {remediation_type}.\n' + f'Must be one of the following: Remove public sharing, Quarantine, Restore') + + raw_res = client.asset_remediation_status(asset_id, remediation_type) + human_readable = tableToMarkdown(f'Asset {asset_id} remediation details', raw_res, removeNull=True, + headerTransform=string_to_table_header) + + return CommandResults( + outputs_prefix='SaasSecurity.Remediation', + outputs_key_field='asset_id', + readable_output=human_readable, + outputs=raw_res, + raw_response=raw_res) + + +def fetch_incidents(client: Client, first_fetch_time, fetch_limit, fetch_state, fetch_severity, fetch_status, + fetch_app_ids): + last_run = demisto.getLastRun() + last_fetch = last_run.get('last_run_time') + + if last_fetch is None: + last_fetch = dateparser.parse(first_fetch_time, settings={'TIMEZONE': 'UTC'}) + last_fetch = last_fetch.strftime(SAAS_SECURITY_DATE_FORMAT)[:-4] + 'Z' # format ex: 2021-08-23T09:26:25.872Z + + current_fetch = last_fetch + results = client.get_incidents(limit=fetch_limit, from_time=last_fetch, state=fetch_state, severity=fetch_severity, + status=fetch_status, app_ids=fetch_app_ids).get('resources', []) + incidents = list() + for inc in results: + incident = convert_to_xsoar_incident(inc) + incidents.append(incident) + + date_updated = inc.get('updated_at') + date_updated_dt = datetime.strptime(date_updated, SAAS_SECURITY_DATE_FORMAT) + + if date_updated_dt > datetime.strptime(current_fetch, SAAS_SECURITY_DATE_FORMAT): + current_fetch = date_updated + + demisto.setLastRun({'last_run_time': current_fetch}) + demisto.incidents(incidents) + + +''' MAIN FUNCTION ''' + + +def main() -> None: + params = demisto.params() + client_id: str = params['credentials']['identifier'] + client_secret: str = params['credentials']['password'] + base_url: str = params['url'].rstrip('/') + verify_certificate = not params.get('insecure', False) + proxy = params.get('proxy', False) + + # Fetch incident related params: + first_fetch_time = params.get('first_fetch', '3 days') + fetch_limit = arg_to_number(params.get('max_fetch', LIMIT_DEFAULT)) + fetch_state = params.get('state') + fetch_severity = params.get('severity') + fetch_status = ','.join(STATUS_MAP.get(x) for x in argToList(params.get('status', []))) # type: ignore[misc] + fetch_app_ids = ','.join(argToList(params.get('app_ids', []))) + + commands = { + 'saas-security-incidents-get': get_incidents_command, + 'saas-security-incident-get-by-id': get_incident_by_id_command, + 'saas-security-incident-state-update': update_incident_state_command, + 'saas-security-get-apps': get_apps_command, + 'saas-security-asset-remediate': remediate_asset_command, + 'saas-security-remediation-status-get': get_remediation_status_command, + } + command = demisto.command() + demisto.debug(f'Command being called is {command}') + + try: + client = Client( + base_url=base_url, + client_id=client_id, + client_secret=client_secret, + verify=verify_certificate, + proxy=proxy, + ) + + if command == 'test-module': + return_results(test_module(client, params.get('isFetch'), first_fetch_time, fetch_state, fetch_severity, + fetch_status, fetch_app_ids)) + elif command == 'fetch-incidents': + fetch_incidents(client, first_fetch_time, fetch_limit, fetch_state, fetch_severity, fetch_status, + fetch_app_ids) + elif command in commands: + return_results(commands[command](client, demisto.args())) + + else: + raise NotImplementedError(f'Command "{command}" is not implemented.') + + except Exception as e: + demisto.error(traceback.format_exc()) # print the traceback + return_error(f'Failed to execute {command} command.\nError:\n{str(e)}') + + +''' ENTRY POINT ''' + +if __name__ in ('__main__', '__builtin__', 'builtins'): # pragma: no cover + main() diff --git a/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.yml b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.yml new file mode 100644 index 000000000000..58d8daa8a428 --- /dev/null +++ b/Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.yml @@ -0,0 +1,445 @@ +category: Network Security +commonfields: + id: SaasSecurity + version: -1 +configuration: +- display: Server URL + name: url + defaultvalue: https://api.aperture.paloaltonetworks.com + type: 0 + required: true +- display: Client ID + displaypassword: Client Secret + name: credentials + type: 9 + required: true +- display: Fetch incidents + name: isFetch + type: 8 + required: false +- display: Incidents Fetch Interval + name: incidentFetchInterval + defaultvalue: "1" + type: 19 + required: false +- display: Incident type + name: incidentType + type: 13 + required: false +- display: Number of incidents per fetch + name: max_fetch + defaultvalue: "20" + type: 0 + required: true + additionalinfo: Minimum is 10. +- display: First fetch timestamp (

42NNs{8l;&;9`KYk=n{0+5 zU4j&h0Pl&=r%l3X(Y4IrKQNZ&nl9k79l{A68M1q*<2rSkd`n2Fx-6bo4LboN4fn-N zR6G}1-2O(6VFT>kE(rlWGVzQCW7~X8Ba8 zGMa-8(P?Ux79OfDT0W4soP9c^3S$T$MRRWJ$%d0X*)kl|`Re&O@!u4YoqdZI;sIp$ zs_hSHj`tTtG!`?Fqa{XxGBNB!1>PW#&U$e$Id!HzTEso!;im#bR?{^GOcuY{6ZUyQ z+gRmPlW^@-F6SXT&icJQ^6d4QPL$(MI3DzbGIT_Wfczvm_ za<*0AWf@iRG^lky^s!H=jMq3B#6?SS^eIM~I+i=NkrLyGxA zgxw3a__3s8c3a#O-ahCnO-Upl)S0r)^s2b>W&A5T+&mP!>~8TM7AGdca$8k$-@>#j z=>?o?^yLxRku(}+%9*}$AUH`;OT0>eo=6L;hgX)8(4lnGdCBDRFV3X|k z>P)Mxrd}UnSKU7fB9EWlPI3C8=jach3jT|DO)|5!M-yKL+2>tU%>!m{{A}X97EbR_ zlGYNr{KQS<3BJs^L>WH5qET}?p;NfDSMJnh9A1RSNVv<+-E-nwt;yxo{ur{YFJ&eT zskZ}^gL!2$!}{0OaQm>)q55YR)cZVP0kgDn>@M|`YqNrwLLh`!K&?Ym9s+YJH%kpcDO^eqxBK!PU_)G z6<6f@w*^7LcI6ct3>>VNuN*a}&f2YOc=F<}#eba7CdkJT!kD^azB zi1SZ)1}#R-Inj9M0{=9Wu&cUKvh(re%gb3>xe*IQ|ESpc3Gz@IdZj(0`h4X#uiSr* zSr~ZduE|8LUP%4zDhw(TFV%CG9lznd7x`74{PS1Tz&qEGwjKNS`R~C*YENNC!0FKQ z`f~f<4m0TC>6-7Rs+pZS0lCtzD1Kaj>T&#oUgxF}c;&+%*YM|^z>z+PQibDACmgJ= zzC3Vz)%7p`1kfPpp#Pr`EB?=MKkU9=-7y*E2DR0a7SWz|SN-yZ-{VSamoHp)6#QZ- zSWc<^0vN!7GA?|Le08$FHo@a;iFZ3YJA*cHZqEfkBO?t66D+wZuuIs`+iuP+aXdDPnPW&4 zC{@D2?)3o%gW>pTniIh6AcCqXAbk4qV}(-V=hc=oSh`rUsFC~i zhnQ;fu`*fHfvnp&_~-a&Vgx`GF99=}H2Ya{4VWNGZI$$tAjw%xw;l}XmqoIu$br~_ z)w0di#Pb4wyczs?c-NV=!>-XOd|AT81L&GJ%KO(Vl|llb>r(!e|0F+x3(ilAgRX-+ z25y3uAX~v{#A<6}mVs84m$s$0X2lFP(<0z=t!SD?9M53)Lpb2^WWTF6PfrY34iq{r zokpCJyCrn{)BV?$d=Z3Ld13EwVA2EJE;Mky#aFLdcbw@Yds3je9V-*hD(d5L96!?< zKca2>^#cj3-nWapm{>~yx?d?a?$K4Nuu2|t*xNG6R))vO02D@@-I7+vbv@lI2~c5! zuh59M-1j~snd(D03&g4sg@q4qb|0T|LiMYxY#twA>w7C+(L_T(?}D7j7GRWx+ST#c z%x8xVKbLhkymhl|f{ykwg1!^vV+{VH->%mD`m>{7TL+eVKZ1O*M$3hKtu^IKVCgv8FPtk zm5R5(02-x2lJLp>@uf@on3cYw(3$4oMoO$XvLNG$Z4CcrJDWnvQ-Xb)!#z73mwsiu zL>veH0tRMTll|hTBp7WPC7R7-==oEt*z(aDg;v2~^lDPA5p;Tq%ZjPPatZu& z^@m5XJ5h^9h;-@u^~dX(1P!lO>in)VOMt`;AU&cl?!-^@I6N#Lb05G@;LQc;`n0IW9Ww)|$fEgMg08AHG9)>Onwk*FEJ^*u94%=8 z^w9E(!XQtUKSEBi#nU@<=y;6eG~%7U5M?5dZAv{!DjLFH#moTy`^e4Afxd+biVkf*6HW2|7#5Z{>*6ntD2M9X7|8@-S-BPY{(0y@#zS6Z27D;S)m=^|UER#Tjy&9{P<9P&DLGj~(?+#r=l7@!A!P!5a< z6w8Z&CBpLW#IwJ8%`F5>k>T@8M)R9pg5fY9H##zP7PVq_WjE^|iFCMq{_i_`!{K!a zE3f%&awK%n#IPh>pY~RsI{X6xktOU4VofR*V#ft2cfbn1URn_HHM&)X$9ZUR597JS;FfpqKnTm@;n|3B(4(*EBz1)@z89H;CqCDBa z`wXG^*8(!-M-a*`*5p(@UPRt}cEIq~PKxMP)VH z&!ARhoxUuQf1^JmxrWniLORwY9I(Djb*d9Bxz>KqwQZQjJMQdRT9^Kc#uGh%Jwm|6 zLRpFwxMl~$p2%s=@21b8WWUH~wU!jdsP@EF=EV(brl&O!Cvm$9v+6)KF389nlZN@d zq=MX=Y79VApmmCsn);dbxH^M%#}Y@GdSRGaq7ACbE;ybP1zcB|^fM|B=M%@uUbA~g z*Ky1^zcYij8q2$TIvnjxtKuY{T3sAK|BoXd8u}xZXun`0l7T2&tp4Lw;~c?i2bZ3m z`@#0mk(kzDx84jW-+q;_*Fj2u%`k4a0W+%Gps9?EtF(@>gOo%k@tD?p^Cy#nagASg zlRq1sZS|Kvd29tHYJ(dw$#5xUBwnO6Z!{r%Y{xi!C&7|y<6o{>DjoszS{@*8#?vaF z64hE}Er}LXJoP}Uge@oHo-`>08mR&zjA@%>;93LbYO@>ZBMkgB2|787l4{!{^lH`i z@%YhjVURxrf9E@hB+KjPLQDlbB#D=EIaqI!>7T!JlMi#BxHQ6+bD~ENn1#*E6A!C(!}C&YqXt7t_%N)jcNe9+X0z+s-LP=Q$zg%t*|Ec>&5ke;9TA zY2Ut9E`P)JiTRjXhYXJ<(AsDWW%oy-q3bE4Xcp8aaHN(JXCo{sCs2V4fSbT-gkc2p zu{ZIw$m{`%?)rK#@RIF}-hOE(rFH0P?B`fF*39zTdhcZ5f0}lLsffS%f9L?*F;m7t z#6Rc&oy~C#^MG9$!elmJwI8R4-g=%H(!VG>b}DaSuX|B;d#^}fd{Md!F)4NGkx{FL zk&a9tV4c8yxu-N_n#AEcnVsOe^ z<@^&9jVZG)@Bdg5CLehXx)SjLvMdxSZ$*;Oc@7?fmisJCsI@xdIM3^>4Hy>jkq%pq z^>|X5DQf}DouB@`nEdwwLoNB}A6M%CDv7V=f@!+0+x!i#A4l?!%M|$JXHzXk|MjPT zUHyOj;416{Ny2+6_SVahcujhl!V)?6`5%vn|0CWjQpb&^df)ZwuL8f}_~EYYq}s`h((OE! z+JE^yPtUVB?)y9Gf8nA3@riiyU3W} zU@m+y^<;4{JM_)lw?mYFx>kZ%J)@T)Z?)%<$vuzD$PAO98ke$)PRi&|%lQ@O?1 zYDE*yw)X=G1A2#F?)Q(`yLfO1SK_$o1Mm|#r*uKjWspoD2=@os-s)w>bN~hXn0n=1 zUp_>9?vNFEbnQWq&Y4R$UL*$IcytiZR0z5!5LDktk=R7=`!g>B{I&)h8*XDa=r*ev z#vCcZF*6L1;N|T@_hJA+?_#P~XTVsxt(&DT3^WzvtJ2*Q0_Opj`>D3utier_*PTG_ z(*k6lX(GOuG9=J2Hz)1m5fpgs!ykJK7LAO+EpZ*8y}$0^-uA|l z8EnLj%56)C;5;vS7&$$wq7Mv3daGo~aZ_zG7a4h4xtP1Mu^f?x9U9FkqJCPwM1cPQ zGO_{KR~`)J_02%0X0S!1r@s#KOLy}Pz|DD)MgKz2t`Nf0#%9Lyt%_zcg1KkZ&hA*= zD5Bf6rPn~A#E=lAKrh5Q+-SV%( z9tpi-5a?^ARs}7k=H)2v0r4_s17Xx21W2*1EH?8We2~C!vt*=xcTNM$8b7v232GfZ zf;87{4`{GD_dUQ7;_%NVhFP%GQG+D;ELWq?XcO8&*RS|F!x;1!4KQ&Ekv~Hi0?bZE zppOpKL4m-iQ6}R~wx3EM@0|w9t~8J;dDZryBJa=UZmZ;$K39pj$jPI2!*wNQMmS*EdqvS+uVSv2`q-Vbd~>$Wu!Ti1xAlbZ{DA3kFVe(R(1# zSrRKf7$nu$i9rnmOSbTETqNxGb69 zULXlc7O4-y%{-=Y40-w(VY%Gx&S>h~PKdnZ+w)wfAn|ouks!tyxV-{VWU3+k0BOh_ z(er%cxyS;^OT;-$Aka_n!0JUs(fW6LuO=#&_PYCEre}|mL7||h+BfIBq=8iu%AT-u zKI+64p#PgcR0nNiwpMN#AOh%AIV{tHPy~1rPR6n^)4>4ZjqJ8F<*RJb`r{+6Q)Qx9 z-GRKJjnA81BZW$*kWKB}K&Nn*cN+!%2~G?*=X6q~BKstC!M|JeY)+3>tlRJ3#qtYZ zM#9R_B9Z_mpXrE1T7U*VHjD}K%_mR@Ofdm&5`2bmsqHkeH6T5YQQBZed4}p5C*+)R z9xognp4D%UqPk~P5XWh*S+Ov;7l@hEs1LYB5C%qVQXu*d6#)d3BbR~g5h4Y#yl1$^ zq2#>}4O*(Vi6k7bNA)(n03*PuoHHfrk1F~UcV;+Nks8hD3t+-G>jm>jbSPleU~w%eNl&r+~3(7@)&f1t9JNs=`Gq zZ^rfE)fYA>Ksz6yB5c~;gaF@S@u=H|qNOg~;(yU7I$sBWEziIRS1QnKQC2h^OmA8) zO+hn#d84b{QuC#4c_L*%F+(0o7Dd9S+8~HbGOdqh=BOuN$D+pW`^ws7bH*q1nUJ)q z1c7Qbn!fP~C$)gvUa7HNrt-Ut4LO4+a0m$Wks9)t^tAafbp4MZF1y9(Al(0c@C7iP zPy_1Y2LP?V3ra_N0uBvljLe^SqTbc=iwyX`uo@u{{NC)h7{(E{q zyZ}P%b4FY$FU|jxrO~e)^NSqyWBi0EpPbFkn2eL@Wrfc+hxHYAH)g|I!|BIJRV&X% zIlFGmv}}L!d4Xxk*8v?PNxbqvb`8R`!`t`Ld%4gYM8Fbz+Axmd)IL{h6Rmz6z||K}ZX4aJP^0>2{@MP*8>=bKjXQA-YI;I;!-}{?6hMnng~k53 zQK5h#Xn{GKfyC8YYk7O2C>0~nP4_-CdYcb!vR3K14pV?jDUk~UJ7}D+TNeu*sT&g< zZ-eD1BN!SO~P?Yn!z5M$enu&2kVc8-mVz;82vm&>3!ui_U6}qVizx z_YT)@17rHjxyrRM0$@$u3gLl>4Ve$j^$F)ceSekJU`cVP#-zl!-$W+dt7-sOVRvk0 zsHEwBO|ky~#4&A8Z=HeZUA`f7WR(3p)yJ%(tt^ASq*CpI5`!_9#W1kG!`A5o6JO;M z0L45W8XsRms*F3$YpGT0z6Fe^Z_1jcFY>`SGom+tUpk~mMlx^N#q^vLOFkg{q#$NE zEqeP3R-Lzpm3H@XVKYJ57lCJemi|_ovG)dgOuIBO8u01b00U~4rvz;T7*S7k5P#i8 z{=T!I6NO(B@Ut1T>JOk9p-=KVSVtAN+_45FFN<&^_g<*$|{jKqg4ah0w{9%S?lM{>PT4%)_ zL+;B{nwUN*1YDuE=I5#R>`X1m+ev^)`{&@Ak8+dYD%zLI`QX_>n#Kc?{mSi%?PXlc z4ohKQqh+}BA-B!ifVI6}VmJI<)Gsdc zxnKat$x0VQ-GmF4qOun&t1-4XKX2rKLx5@JqFx|f`yZvTD}5Tao@=MGG3+Wc^BtFd zVaYdr{kJt}0~AjZ5AReX0Jm~VzWrxJYIn&lTO{A~=ZrLyD|7F8=5D)T&T1U8^N7!> zPtca1j2n#1==zaz4YTI;BjPA|2B}qpxaV3L4ClHMg)F_f@lA?MaU=tO+n0(ggghO!;r)FzG6O-7gU@==tNlL^0w5T5ap@W&2}^ z`-AK=GC&-)Pn+tsJ_FULvTSWCzX`-Siy;ntv_)884_W&%A3cJ&$t|K+$P;_zflV!0={#QwF% z5%X*a4LteVhY+08U3I`cf4V>L$m-uN1ohes+rQqY_dtEj)>CJ9k^lC2AeO_ipQA7P zevA6uX?dMh@NC%ha@8PSm1X)v*}HTXNS86RuYYw}(<>QIL_`dL@5{!~K9$7kxLca# zg!><=*jLkHAN9B$*OG7|P(YQYoGvQjc`;NxTkOy^K6s04@eyv`1WfdvRt5V1diekT zRf9LR@Z>IajbG1bBTPD?83^f6S8zQ+SAXs-P!0CPU8%25C{U3H%^Cd#*|ltFUsg|V zv8XgKUek-axB@D`UN9k|wIXp^&Ua_kZ=T=i5vP)BRm?VD%YJEWo3C1=%R1*v^`)(i zp{h~0)-pYtRKRxUSzchE<0K$c>mTkBUg6sO`QZF~E&p=y9ADs6j5V&i#jb+-@7h_z zZ9!RJ1~$jew*8}ue`?>bW}_y)>Ry?b&>%I2r5<5%M?gFGBEaelMC1fsAcd;+zkQ5O zN!ES>1w`Ip6&)uvv6!Sypsp--?jT$2POhau1Bk* zRkc1%Z{1|O3mq=qXdA68+v^1qz<@)L{}v8JQOzG05gnNF8SkURd(@ML#y4)cDpb|( zyl#(YYl>T@L0FuQb^bnH>!SY!h|J#;Tqfr*f8Y^i^~eFOiBt8uxC68!-H(7o$7x#$ z$4Un>>IucRf)eCKz<#Pb+>-)zgZ?;+O}ag5_&W;4gcD;Y&%bn$(MNJSpz{c9#3h++ z;){d=ikh}vmW4LH5X(0oIMqw!t8?JgJD zTboqpZCM{ryBH2@9hP5LE}%Nj@B z98yJzZA$NZ0CH0>hyfdPQR)J3xL-o%W6Lh2ORLQ0_(E8{h_CxpoZ%7EYPbm`vo)wo zD3pvNA*_7DNds{8m?vVe43)d)oq$4a$0+}ocl2-XtyeWkh0vzOII7<={`%FccR&De zd!4!-{ocW$Lu;&?^N27m^pw-JHJHt})MQK@ENl8mNR8uq%1*S299PsLZ%NdN61jNZ z;ulAFfbLbyzbWHJr<9{#@!X_Y&zijF@?ud_Yb!{V*I&y_j0v*K4r9^L_6fZ4@>Fc3 z%htniV{#d#QCM${lMS6_RuJJU0RNZ;?gJ`8wlN-0egvPx(d#~^B|6-syEa0OYOk%v z$r?TCM5ny+oQ=fnLeG-0*714{!DnmzF6OpKSP{6FtwuR0o+#l%4p(3& zRXA4ga`YCl=Mleq9HCfS7&8;xtiSA~IvCWY0jM6sonO};$^`?>EV4gQaIv>Cl#pb* zQkh23U|b%0>deK`WK-Y;06m>`CVv=sdYe&QXHN$6%;t3LZEt<9M2cFZ)7<8E+b9p` zL0`~zF0B3$?We2J{@TJ#6wWk#2{0JEYU}NMB3ELlEoT1FbRN<=?oNPGS5Ft5Frd2j z0q6uujxX6(A8B-B#hbEG9K;vR`b~w1@y#BXmDgfo^xGn26CRNyLE1fDbXQ}^?Oi%z zI67)CJE~v&-B7kcfZ&V9+syqe0GQJ|ZO+1D*>BNlWPBu~^0>kF4PV9xXJ2gn>5V2C zz6qZTI?jAz$}*FvpW62L=oD}c3k+dXkt641*0i-b6n9z6*AWlEk13?h4twx?)S|`w zi7;U>c*>Y~YYQyT=x7{fKh8M@GU>@7xHOgby>6M>Y#dxbcEHFnWugsnx~}`AefI+C zAhlHP*ta8gIo7l;YA}C&1WC6jL9{G=wXGpDKQzdZY>PE{4pKB+%@mIX54N%DE=0~$ zWSu5{C^u)Pd!f&WeFT)MBY@>v`y2I=rwoShcz&l|lHMW0_mh$1$1*lVfD>7g(HRsQ zjl@kj%V@2hJ2VE!ZhU!};N-@y|#c;q9U}queWXL;^d|oC7$L zxKhlBPrRHEP~NWY#6$P85=HaRxnnBl{U5vRrz(Y$oe(#ib}!h})UqAco_8h0Zf~xZ zzSHYR@qWWm777tO=sC=Zo+4gZq*_0{N_+}-BI1i+zh{4~!Nc3=)0>w5zcoo2%@uxq zjvsEC_d2_{F9NAJ)zA4UzF;+TDkU)5XKQDjIOL82J>-*PgO6XQtl8;AWmQwedCB~& zzC!6h2Rxzq!OO(TPWLv8!(Vll{efcWldvPAO!-`Q3Rk!gOLJUab9J@*Gi&+T&pFQ7 zsK4DHNqdzlmeE=mWGw6q_#hgmGp8W*tBSOWeD`>nP)8cex0al^WWvWby9Dn0cc=%+ zZO0-K1%2LVhPGw!DtX)~i$X&hN0u^px84wZDNS5PT1G9ZW5rfzdukHcO^QM2UytJF zIvm&$1{lc0Ma$P}Ew`5Lg?5mIIm2{fm&D=+IN90z3SKUbCi%>C+LpWRZ?lDe$_JQi zT{xH>zPUgeKOHYlc%%@6l@;QngN)`q>q{C&uFmyUGN|MizpSBzo!m7cj+ih*1U(ZH zLd!O-IxNSaN9@Sd^6>y0g+;&j3jxLm9XAv*;mS!<@=6HlRKPr@?b>5^1aOlT=k(5_ zW=c0Vwoy(o0rcFUrJQ6w%#K%wF!}J{VC&v*IePDiz3{I%`cy;W9R}D5AHd(fjX`Ee z0Qd76g`qsjEU!QpL{d{N&&w2_7icEwh&+3BH9~f{34HF8i0_JG5-%!KdDCPQi;ZN< z$dS)n>}!=H9AU4qg;AHDjRC9IosQ#^!~p9by-C#9NghhnZ%ArZ%wQ>iiP?n#T17bvE=f}QKy|pPw`;Ra2I#Rc5U!za*co>Z=&MV$6oEcp#<%8+a@3L!;E0>Ak!c+V zqZqVnq9~^4Iy6=+^63SQUmx}wnrcH$+Kr}Ep9Q%UAZV7=69M90hRq<4H=S%Yx2@mb z-KzqI1Z8-t-p8N83m2@+jhd!y`FyM|1};LeP| ztFy=9YKL~dC(a~VzdcYWX6chuvB5GaIhj(fyUmzPenMLuT`CADwJ}Xn23(zJR=XVY z@zNpXc(IG>G}==dQZ{B>kCep)UEOaz+JR@Ye&30y0 z5@Fbp?_F?qZ`@^dcw3yNBpdANAIXKZ6WEsR?Kze!%GmS+dsO&ZCM)IjE<%W%qUz)``pKW}lVK={*Z5Ec&Ls4CLrGkK36H_2|#*CU3iE(NST^)AYw zeHw!cnYqO=j4v_H8APvHVfBWF#$yo}Jt#(^OZng_XgRztkTox3zq1-tq~}pgVjryY z_$eVNliWRq2$+@Z>0A9p>+nMyc;#S1h<`oCP61BBMpA<6*o)^ictuMrx2)Ja%zg_* zbcW@J^_gmAZYX1G`)aFgSGqqH)MhIc^U4+=NLkcp_~C(jyMQpJunUl6laUO6!YVso zW#uIxPSe2Ah(z`=_VH?m2LMcZZ>Rpn3Zj5(w64c_T5*<9A=~@xGZDc2i)@1Yb%YX z@Klb0>|cjh46v$@WBmhlZhR)tjEe)Unq%nk(S5|edZliqS-JA;((k#?6)IkLfhUek z;{^!y1Id+CC&MRK@^AE6-TfXoWEya>WF+2?@1(z6Xmp3-1P?6!&|xFXZNZV<$~HzW zIU5%5*@n{)4JRt+kF{~9R+TAVUb0Oht8q#>&MH{WQ_C@XCWf@7*NI1Sf}u|j1*RK~ z$PT(MAAQH;sB+kS9NcYPA}FC zkJ{xDKv~e`{C@5Sn$kdwSF}r+A*y;s<8}6$?HSS`s%=+S*SIn4?7BO4Uhn}S&oqt9 zN4f>uZ(03;Xp*2#drHgm#)Acj(to)!!qih2M&lw`rvgK-{2MHG0+i7be>xZmMu3aGpN-dz``rtLJ725V6JGPsyXJpucYXk0fBwMh%N^m#Xw`ALZ|{Fz zre6)QRTs{t4m*05;wRR3ZnV<#e!cG%$MN0$PdESRFy23#1fX;=m~((`Nb1fl0g<1w zyQ?tI%z9s^uOuDWn~~E?3Yuqs9L_tgll7(J>-JFQUoL-_;hsmqP%wkWaf<=+tJHV4 z_~#!8Pu89P@)cXieSv>>dcy6{y!+-qplQO4r$>*QBe*QbRTI9x{B^Wg`pYU4jZwWA z?FqV0@qf775`}oLw#CcvFElj#Xdb;BufA(reTkp2zC~;Ek0#n(=fBKS4e`6&|7AgV zm)Wc0h*E4ax9Zg zf>v8}A6wfrce7~j|LHgQs&^3bZqL#XQUdM#P#G)Eey` z$x&?LmjKB_{;qf-T^SzmAJjG{n*FE2k?7`C^n7OGw=u5n3UqU2qFRP^Hv|QM3_#3oe~^1az;3JpjZLQ%m_h19 zN{rZ}(s7Q9uX^tyFAFYA=m2i>g7YDUZ?*Xn8-+gt5P=^!%hYBjMyP1JDFK_Msg?8C zEW}8GYGp56HuE#Ir#PJ5cu)d>0aL@Be|JlCe2CA!aCgP^;kYy!@6Q{5HBwj;P_fDz zAlH3_09|51F*OFWB)`O-O^oE5;Z&b@mrE3!E(_0epeY21qgt&q+!c%BV%-US%xcd6U@t^4d;iX4kKG053&@6?vf{IB5*0$(;!zD(08TFMDfU zxS~0sAU)Ma44Bi?@Etlx6^vGQbVli(80y!d80rf7fc?0ES)agc+-=ml0YozY->@kfTq>hGxZ74)f;$c7=@f+}0vrof~1A$de~Cz3CndPiU6! z0{ZL5^@^MJVr7ZY|E%J7&v?yfYg>1^iWlizByRM)`4i6#I&pfdI?O$DgLNWbcLZEF z4Z47zi((3C1sI~CYrh_i#O|wM*PXHm@L6;!&0YGeo@q>r`I`e*xtDW*Zyv^^F<{}~ zZinvcIglr1=K|2&6BlpJY-K}wC_W4R`ApRagMs@@Omy;hN2|g?x;s}7-rc1BvCxC-)J_%5 z-XLRAr}4FHU4XGn;g;`@BH$^F)%A(SQ5QdK1Dj=?>lE-9{j^B6%zn@pEpgahni2f= zL+4RiOUO_IBvfaH!2+Qu@HZ30f{k*XAF=#r z{gS}P+iT)HO#U?y{DLF9ejkX<{rRmcr-9?tMb3T~Fa#-??zLkDBNt|yxz2D9@-ql$ zh=i%q;Y`o85Qv)x!1MEIE|z_U(Re_s@1ZoqiQ~lDeb2y@9X#$M&u3}n&raj@24^T< z;9%c9rTdtU^ux91&#R=KfBK;MI8Bn+r1#p%#o8>}bUFo*)nw#x&3hNk&-XN+G;1|m z3euLB^HuX<$0TU??Z?eIOkU2js8YKeU3hI`B_pnCF;b`X+B>&xow!MK{#-v0!Emxk z*_0pbE#G3hV+*q}4utX8%mnpiL!!fIGi8(55(%3DPvWbd7Pc#tS&NrW``}0d+W}~C z`mBrAz{khfI|l@96gDv`7ADCeb1grRGSU0WcEfN=uabo-@44EHDLcICDzpW|^f&p! z&2mb9$L^1%Q0Co_)e#`JO>)&?9R9d_-;bn3h#Z|LVA89<5kg?BQ)R0b5}lX{uGklg z0rr-dar-h!5!fLJX7apT`R1%!4f^kwG*63?hiJ1K_N1AVQo5_D)FxL~WIW>T3 zS!00{Hw2jf0wxT{rqK~#BOp0x(3HV&!=nzW`|`oe@qCqQ%K6$*NZVWo`CSgPzQSdW zaMWOtP%{vvL6dT%W?MOLl-Z+r)rwr-w#V~zWzaYQQaRL(FvVh|Op7$?#3IccKi|=q z3DRXRg5SxS@3U16!DoMvXbQ%Wj6kY?jZjsL5uGURZEn!Ye`B^TT`IEpiTfD0MY(eAWZ<51Q#u-yH!(L89w8@oUJJmShJZRZ4=`OYCl3v?aB z34Z6$x|`wCwEh9u*0eNVp@B+`a0_x|{%1{ZfZ?;}dSi4R{3`DM`qgDxE5Nafec&qi zc{795sq(YHxrI7uz~mpB7&aih=u8IBTuvok>GKw~ACHw=dMRp)?N5S!aVzZrM$em8 zTh&HNvr^%*&v?F$ZF=q8{p&~nYLk9^bFg&yMCP z#Pdo*4}L1|k0toWAA*l<&|+gx){aA?qRxAJcgYgS@F?IADKgHeu z^G!IuNn^2_=0jsJBBlR9`OkNR(^d;k1}%MdTH47SWN zs5~vu30%BANc7{ek{HB$e^pXg*z>M@1f%+;t;UqEq6R;Xb<*%8f=JqQ?`2EM5RuKL zYepx#rjzI6Z8m-)gQIY~n~2fr(5?)wA@C;Mx!Ic;`Q^Rj_o-072FX9qoqGHNPEH}` z>(iRv7I{ytH%;4(a_^<~qvr%aj^dp{Lq8E4wnF#n*2fahOqj)yXm*p>&%lEbKl@5ARpLUooCTRH!a|G#D?C5MRCmq2jIoWQ73UnQUKalA z?OvA#{`Ln|+NJ;0L;hF)ItuRM|NX@O^|1f{aUCU|;Td(sg#*m81u$$^cjkcug&)vP z?gS+I68}7~avH1cB_&)m4nQJr_cp%q@o5EO1pTG}ir|6uNJ4Mli@`vk;L;xlC=WQf zc1@1-y+0pW301t41k2MKCcj>P#TQ2hyK~=qDNVYQy!2bcdMuxhqY&Z|%v$sUO{1WU)c;b~99@Do)vT$+r)9=YPZ0=syen`V3`t2j-Y}FmGYX<>KLCN=5?`bVt zIJ^WyUcjl0-RSY9k^oa})D)lq-Ud~6`0LXb#?e!$qaI^>+pM;Og;sWW?HyIP*r9z4 zi!>n4HbVWD{O`lEmP&pMl@3H+3;^`PYAPj`3~WghFuVk!Fn3`fJ2u~E=AyWpkiYYC zlzVec<@WxGD9%GLdEZEInuLNWJtoxn8RS%%-LjzJ1QMnqFXm6i1fb!!f|ULUNhh0OT@NsCdvRJFOk2?vkeX6DF7pcuNdfFr%=ib;Exhq-kt^jjC<&=j$ z)<4);R~Co(!J*jVn!YO8id}Y)Bo4(QdQ#Lev3+_Je0HFrH8?W=+=ySV8LO1Ckk_OkCgrc~hVSX`%#S3KL~b}vm<78Mm!=O;zsi#n)%(U2361kw6q<-eoftZ*-B{Z^r=euofLq+`H@DMwZ-Y=aG z6@ZT9&*AmkmU(%3Z2&{~=5p`4VD@ZC3xJQb_7~$chdZzPOWWC4)KZH0`uJb;Zv`pu zMFZn1B7IRmPB!*t=vxFiak?{-IK^4hNt(ib+rP^bFGol>o`+P|5*0$ zNiq(=1mk@Z%V)C{^{6++K)Odb4fAzNwTsh2cm9H%&^Pc(rZp~G4x;4wcf&4{ZRIc2 zq^R4Xw+AxnZww$^o&&IGuFkB&0EI9CE%w(B1>3+KCsHw6p+%Yn&iZMRzqhqiyu__N zYTYk4Amgy#_nR&IgVR4YV=J&h@m{U@iHZ}bQiH+rnQy$Yl?fmLoB?o#BcBoD-!jLG zP=RTZP}~cm5x>;q6al>V7D8eUm(7U_N6i#EBMP}D*&k%tna0E#<6M@27eZ^)YJK@O z5r9LeVv=SmON?fLUuQ`w4~~d^^5n^oduF6AYz$5t`XMZq+AYCsnPcLoe0k6I^Vkr} z`;~3_2T|F%z>-h&RP&GQz zg6}Xw^AaFk;Xp{>5-Qh4Tx^+`pE<#c(- zt0jYDZ;Lp)qynLh>;|GssCsGC^zq16GfiMCiA}0ib#$bZU#A9#`Jh#(1$St)OKu$~ zo)qiIAAPn6Y+bItLNg0aQ~K=(67z>ju&)i4XU1{}%zuE`ROf(yh&EvVYz2;+g`9^o1Am-?1)@Ul6k6_d~DsA-QsY5wXtU(WaxTv7v|LV z?T49QfYT=TDCv-b32bylFg^!VDQu6)rOcf3Sq{f? zY(d|-OJxDPuV3tKB|b%jFlm&Hp4rA(NwDxA*X&k39&3!toeLQ@v=!l894YVeC%h8D z8AWd59B{q8Q$EUxg^De^laxhUx9fN&RDN(+=;Pt|_{Bc1NM^kL<`&;xO+? zseC%uU#%i0E)FkjZ#YNX{8kC-L$or)?Ih31|7Q{YZ@?&U%2~DuXCx zQ3QJG?8U;|RTky;PP2m4$7X%!ma7+ifZtwg2}smg?z3F0a2u5MF5pd^i_~#9pt^?0 zK4E)g!^A5EX#=O6=t^>z?ggOz$;~0LY zL5b&M87HNfoHk~HPuM`@#Ce})#_^DIzUF{du@{U1_6N&^hmi6>bZi_TNf$4Vi6g7% ztC+GHK?S4VIa+D>bg3Tax5j6!EFO4`Nxd(h*6+`)c+$*^GhZXtxAyZM=gE^?lrlLW zlAF+xnbS*x&~Ygj6Zx8kz|mrYG~)IXHU;j(inL?@AX~v{q2rapPfulumebaR9MExN zw~8hd8t_Hq!Bv!CPs$;Bz9`X-8~qDlNA=hwx$R1!WS7Sbhl7XH7LS*f3q5lzM2Ev4Rh-@?)6EjSz{_-9_Qi8csYTgBu;&cJSPdxI zT)++?r)H0B@W%7TPGly>KMCb&`!~`2L4H zz)bmM(R&o1v5ABU6Pugw>`WJ&E$2tYa!U^8i=ak~J*4)5r%{^K>HG0+?30UI<#E%? zxq_pZ1)4za{?E0Bonb?mvAFQzuHN8+%=Q|zTn~@*_NbQ^7hYVBeywyd_OjwvaVWY%bkBt%CHF(S z07<3t$FJKLp2_;<8hn5A-d->tR(J5Z^KH(&J&T;Px&w<{PfvM&u2Lv=+zqL$Q(;`R zZ^8JdEJm3BN|sux4+R}?>wbbL=b;ATP5;ta-qlRf4*Z^-AtRLa7vFfCX%EtD&JRGK z;tY*GV?C~jo*3+SEP{WhtgCZKdsM&P>VpMB7$vy*LK9e}wri%nG%<=tC1`_fMLXJ( z6=Hnc*|PIIPxbi-ORv4@3%ju@JA0%q?O_4r(yfbaTfuEB@;_6nZh_S+;8!v?paWd% zF3oa=K)8S6K|P2y$Jy z9&#g4*!8f_Rcv;gla&25hkx$>Vec(~qF(#IVL=R31i?ZiR6@EzmNe*;?vU&heXe9Gz zt8Tv_M3fYnXebk+G$2}jdBLC;oLD|zeiB)1Kq*J15DN4Hi{uXNqxI!ud56V)RtxKo zf^2O)DpQl$x65pomqcCyhs{Bs7EC+}k=(fNGai=H-{8{Ag4N(j7#(*IK(dZ2|e`HTxh1sjL(1uwgP(^ zds_rs5H{~&<+!puAGyoA-Obt>>MDTXIIyN2RA!su&8lKE zlbH0iFOXSKf&(a4OKf}B0hkOmpnT-s@scpMym~T z3Uxl=<{50fLC%`=Xzw6K1c7Bc2{!Lh4yeCN_eb19lWS{xu2u}#_sMCMT5RA{bpTEv zCMxQT^U&%~bFwS_au@xD#X7eXI5k2p>q4_KDWVM)WIt^zg93)GJAPj{Fwx>v-qB?q zW_`PBk~O`!&^yuE#zQF1sr`dqFX5F8fu^k-!}aJ2n^)gUET<8ps;EQ$$E3_4^5can zf|j$zi30u5HSjH^5fk?_G)dTgn$4ngUOyL?e0xHQU7k|OfL$o`=GtDHEL!EnB5l52 zN9ZLzS%c*;^}y#7&daj7*@P4Jb-vwEJjWD3_?(FKz^GbyezP|=j-B5<>8t(=-Tn2o z6|VRP_PwslpxzB+4a#gP9__#^q32}R;={GO{!cvo>~GlLrMllQ*xQjZ#96R#(HvwD z(g5#-eC!;<*xeR-9_)cCAWjwm>~%GmQ2CRIU;9v!+Uuml_kbmNj}sZwZODYwV>KrD zovj$ezCpwHAdSu+IZa4(-X#?6TB)Yom_XPl*yiRY@? z!&)Me2{e+0)dv+ZQ65o}_Imd)zGQcxF-KYS9PI0WrNEb)#Op z8%yl=quwHj$%v{N80Xnz$2q-JvFO2J?O5)jEMQ+|oO6zgli*OJL#Q6*1@gcggQ{pN z8`>h$`oguFWiE+(0Zj@k&_(1J&n$q0p=k}1c9K|@THJ$6KV>&>dqay#tBoQzzuYdX zdRlB0PeHGita1A{NOpK3j5$VMHb&L`YpEDyXoS)cln<>Pxn3!9e!D`&Ezd&D%E|9> zGrI-k0@Upk7x>(AhdX-5=(py$^#XyJfUQvf*}8##hh#FGkDiN|;Ordh>4y%q5O>7| zNAl!Eo1o@&U0vRXGcie}h~5pK{rv!g^E_>T%}Xq5=3`}kLp*Tys}P^(UUzBVa542o zT1%brnWmD#9%y2^AmNy=)`Go)Whd2c2 z7+l&f1GLZgh5z9lu95&jID8KeI)@Pc!yodQT*X=U#^U$=uPHw~w?L5u&sO5R@bI6m zA@>nq4Kv$qj?3p``aj(F{wr74WXVAe%K!F5qc@21;JiS=0ztX>v?+p|Ju$5?TU^Hb4+NF3#jJq5@SE1n%iGo3o96_=`=WY*E~Qq|q)FksnR< zQ74TlWWU$Iud{o=mHC=maka%IMnSN%!yb5PW-lG)b!VxS&xC=bpyL+$218~5e^SLb zZRV1S1TTcn`>b{h&|=$rT`Pu6%!-D!o#G9cS>9&**L00TJ_*CdWIQYI{iQyJi+2 zUOAIn1~nbCoc>X|#BrTMBFdj!Jn~b2UmUU{f_ub!f0+V$svrrr-gGD@$+Q-LT_&y} z*CMq~Bp>i>BzVU#)S9V)-O~2LP>YGA8bG}b@+IUPDsmYHmUSf-wW||9ci6?sCJ0eF??KzQBHuZU`)QC4g+8EK zg=sgAk{tuOMMCW~)~w6UQp-Fry+2$jHX2BI9gpDgV>fxa=Cb~Ep|Q)8EUn0R3=j)d zh6~?vv?l6O1Gk}g?t0)VHPdqv(*#z!mH9)ndQVS}P*7BAPS1w=gX+I<{(N*8U{ef2 zjE2hhIHk)a2p!70n3+t6Z3e0w3Dq5TSW$cPm5$Hq%*R7rC~(9f6-rQ^!Fv(XEz<(l z{si$6+g4AO}hx-TrlCXMPJ5URFBNlTXcUf>YEdD59O3Pg)mu zpu@L^7{@wVm{8L{-w`S%o;M3G^PInTj%s4y2wgyr6z>#tH+|`GgDswly1CfB8VXyA z7xZoZG)=LB1ny!W%~nunDVXvM6I9^Ve}2*RfsnOy)zXQE3pZbL2t7r-fN#$87;rG- z=o9zPE5>3Hzt7tqeOl$DWvKfS$n#H6a1<(ufHNUqcLEb^Sk?ih3n;;?D7}Z}dwCW! zP($yC2DEkP_}X^SbE(XH^9l8X&GhU9=yI5jfA~EcAllz-aH*|~<{l3PWZlSuY{ZNg zklhv-)^#648q@)e5bL4sTEAS9IQ%i_OO|Xy3Rp&&ilr|;Vi7)`@WZDCS6x!7nq94rOSo_S0Ik^QuTPF^2=Tt%bm}O-mWl)a~mgd?Wr=Otlb`R z*-KG<>B_|-;6X(Y700A^^+=Zcre0r4cWc?4D?56VwX9-ZY1l)!Ttvj}D6)CGscjxk zMGV__^S;j^&0>(kpS?C*XsiqN&5a(!P9$SxwuJ+GpacmZ;=7Bz8(1o9;C9&2>Q`-* zI{Ff=Dc(k-U%J*9YtH>gCwWU!Y!0%r*cLVt^T0w*YpXm0X{~WXKirlSZumMGN;y5@^k`( zwN|#CK#K|oPBm-_@{&IKE`7LR zFKaw|vH2-7DZtDKObib=Y*)TulC0*t)dJS413#!)nx;yZ=3%ACrOWrRUb7s?8nczv zLb>hcLY=!nU2oK;6%?CCU}d(8k3kevAQ&pm7ZXLxmljn+l#}_r=4{6s|3EPh+01Sb zAX4sV81;!D;q*fiRVE-taK-BUJ$im7}u|6?1oA>hivHQkmN_w}DPxOU~PZ~f^} z5mPwH@iQz>=hcn+GbkH;iNn~%j1;kMS8j^DrF1?$UX|mbqX;CxGc%Hs61)f|PCGxW zP(u>dv^^S#Z6NVlboNk%%;zec@14}J(`{9EbTYC0FN|u#~vH{Cb7bJomA7b() zK^QJzHQTQ1z8E2`=spnrnZ04$SO9TyFrdNIvfe6PTOgz3?H?P1)4O2L zKQZ9Zf6nRrb1P52<`b;r)|PgWV2;1fX=4v43P<04HMbNG?ou;{cZD>FUy!>9f^3=d z;+`=35wWI1#c_lMzY5TR`i8q?gfdGWiE=%x0;VzO?KFC_XY1F;`ZNVdx*z7o6Bc&g z3i_rn68D6MHRXX^d2<-OxpZ@Av7tmcbd8QX>gfp=^Ry&HKS|bQQ|L@8FzC+bA?MFF-(#N${8{%=1W-*7(5PpOG(z}6(;P^h z_J;;N^u?wlKa^%2`)<`dNH_*bT{=JGzDrYoOHoaJ^Yifs-GlWz?IV%u@sI}bkTLm% zj`zO4+(3tHpgB@mzx`#kK@%T!6{v|g(| zZa^}7-n`o5k{GmL32bsqmWIH5(1?Pq=*pbmVM;A=g^l0VznwLmiZr%FcY(MVnFL1w zodG?w{xI9}2GFz8fK9g*p|T8i2b@{qgejg6=s<4`IPQJ8Mn0JFL|Gx@>UBqueZ-qb zKl4MVUj<%w47Rw3)?WuS_wAmj^7=)nE4lE*L6X#~Kat;|`=dTia&q<6Ns0W?!Ht63 zXE?*3j^`KLFvw!Jbat1uq>RKrL!FqVo@{j+V>$; zVspDkQuOpBCS0?J)S=p(xG9W2Ccmlmlal?Od#gC85rvgDp{A<_<%f&%QbQM_Ay*wXxfwW zQ7uTF2|CQe4B~t+7L7!nXwQgu#azKcFE$twdFTC|fjKWuXhwxFtjO z)_T+v%3_*%*&3kNhVwSuK$2A8a-f^Kp`lp>;yT#ma*FupJGW(RSS->*X@Q{DjLj#z zy;uokWGnQ6=O))x_rha9J!tQ6I{@T|evvIVTCah!hxKO>7Bm0vp`f)Z}QU zt!5^@#*5VHsCBv;PpE*Nbf)YiK640(H>8lS6Ya!!I;63Ac-tEpretiSUc4M789!3E zAoF6V6=SIVtv+Y=?>VUJ-ZT3J{{h3AC}+j(j&DT2e*?JZGQ2BbqfKrfLN1T4;Ol<* z0_%l4atvaER7RC4(nUtYDp)L#Cs^?5i6yy<&fxUNQrq21l)ki33qn3VMvin>#$Bdm z)l9bzcBBHEv4Le+TjTDQO@`;P%}i{PWS>pJt&6%wwvF2xtU{4AN_n2;!>>KcvYpK+ zK4i)WXZA7Xxqg-D=t=j@=`#)oCD3xEN{2u4%=nRLbHwU_KK}< z9!CO&gD5-UNDt!<#0b{VIf>6p3)S=lOrF>F*O}4GA@&kMn15l4 z6w~wZuIyrQoYj3vaPZK~54EDvqrDsaKCvPHabo(@f!|dF;6dA7EqqUYZ=?SC6$v>C zi;DZf^Sjai`PJk-@Q24!Or7VN(!U-ye-B>IPXI9cl9G%4-vFWg4;RoRt4nUMoJqd^ z`4YkRym<`3C~~8f-$dL$-Rz%nDQAFM_0ZE@^!a@`|NP4B3kos&^x%J*@;~*Z|7ps9 zT9^L(|Nf^}{_|9EJ~sbf4Div9HNfvp2Qge2mwi^}0Gjs_yjbG9cKuQ3kiMrV0NpK9 z+e&}U9iVEpAP!=j*@VIIh76pYFvl;R+t!n0VJvuj4`G={Oo z#fxfc_%N?s6N$a%WO9bAk*r<{9eKL<9Zq`_NNjjVsk8gYP-dQ?X=CoCHK%=D7y zZY=TK^!1wGWSwUyc;rfB)Y*iGTXcba2zPg9zULQS=DG&1@Sr`K`5Zs9qy$qRT_MMr zk0dO)Q0Wnv*bRwyX3WOG}>Qtpj){tNm`_d zi|IHGDqad4@+T5wqWwOc&7k`duFhZ9RyfYsCq4pQ-RI2L4bWu$dmppkKU5 z_Vj7vjssLD`7&n^sRRvZ>;T{-TUwNR-T_D~km%cWW)uET&S#koaT1a$)-Su~sO!da zl3YxKyL8fu-3bzeS*6GqFH~zKGGCrQBOFgPv_q}j<)*H)^}%hQ1T+edD%tRvoM1zm zwK)v885QSMS zc9U^9ZKpKuEUT|PzjOAs3vQ7Ztp?&)n&j*-YV+&I4CaX`zXg(yaNM00ZwqSUon5ah z-$TrLqZ*l!4EB*gL5gGLhcGFL^QIg{pbumB(4WzO{@OH{!X)xC!{nsTc&N`m?LRc) z-#hQ0XWrj;2VS||zXqP>qle}Hc)b1H7hPS~E`f5|$%9Vx^BeyUAL{uPY+>$y%l%!@ z{y+O7Nl1z!Ex@xcwc1Go&psDs;CudjNpHBl`UG^xe1R0AcQZTEk8@fSvcN`;rH_ygllc zPQQL>p@5Pr4JVhGphu72J=7W(d3`Ry@>C@uKhA0N`*HXD`MQ{C*|tu=&Pzh z&ZkDZd{=}Fzy9Y7hgx=9eiviT#`u&J$?$Q`GZTX3-^rEhG&tpGk{$D!v}c$6r#|)9 zeqkX9fXwk*@;Co$dDRkCUZo4>xbojVbMzLNg6-aixSvm$znkeVulQ6^JKF2I?f3_SOda&p3D3O|b z`0pR`*9-Xnq$%CXA5R`2*Q#59ySW-4Al-)m=1VgG+0~Yhw0;6I920UtL$|&$AkT4U z?WB`5dn5-$FLD5kXkaJxe67(S$#OmwTxo%GTg&%ns!$AMYwU^Eqv9oiBwD9;p)1dN zUZUD0K3U+vn0QD=Md^I3{cgusf+Qr65bg3+02%1+t#WI5h?53Bf?WpAAfC6WWS=T0 zFYOt+00=WXL$OK>mrR5-i2U@ahVwy4Z>pLKILqT_YLBJmjZa2Epb;QdQPc?I%0!xD z3BufFj6v6^Y53vxN?(ufo;|22cwh`P-JXRe~m zk;j>8fcXqUJ(Z)5Py7bM-WE#|qf8*S?UA&pz!o3@Q31z7`6U3vH}XW0gHk@@%YX+2 zx)jV}x*KH>BPBW~7ETI+_0-qaT0Yz5`K`2cd@ntpLC!}cTFhlG{k9W15N6`sBWJ(x z)gxhof>?B_o{_*+xkyZ@OItQu9g(CxvHBULy)}a3Ah4jn)^*Jugj|nY<^+*9I_t&m zq{36A#UsI-d8fdfi!Mk^%DVQ*!K#CMZ_pZ*u)O_4zxLgwwMLHf4q2aB14?eXU{e?n zEla%OxE&zqw2Q3P^Lb!};@!NC(@8L`7{glb&n||Q0q8)0dXfW#KN76;dJKSiERAsB zzJAQ=A37|ZKXh1eWkE2V0b#{|I9@uDO!l}YZ#j5;xu8jeceR%SQBBD8O8(31E5M>7 zBsto#I~6x`0J+*iamiMjt!K{?9* z>N|W#x9vflxI6B^t7royozrlEYrET_LLrxd*)vJi(J}EuRkiIF;+C(c(nn!{mAhl{ zg|}#HFn2nTQTvC5_*MgtRmtVe%m2Rid4A<<{V4TgT_*q$%A&+XfRUkTmdAbiZL28a zGB2FTu$$CjZs><}reh9^d6zWMkt0kt_siaV7cuNE2uBrO3)SX3j&?_CH+y@0RxH(x z#st_-4w75p>>d4Z9#~m=7F~hih&%+kifg8(WBw6~n688S^xeutwFbm)kqXp13+B5V zUKJWV7&$pcj?4mD=I|CF_k+8NN7`)~( zjHycLp`cJKY7%eYo$GmR5R0x>RSiuKr3KBSw4z{+acKIM>4a#iYomugO@5) zGu4eu$NEA_`3Rr?B0#SD@PST(l8fz9>ox}$-3k}8XjMwCm5{7H)$Ts+bT@XHnwI1V zIPFU}N0M;A-3jdM>=fdyh!#XX8dm6;D&WtTGC0k$oF>OrjZdoBS}nIFO|gz$h;A6_ z7_oNZwasWf(oGsejMTcD61Q>)$R0mVK8CE#&os#-IJ-BPj=*;gO9lM!wUG{G;$cv_ zLjd4~C>Jh&@wgC^cT732ddLAi>AV+N%z!WcE>ZpXGLy{$L%9P=S~i-&`%75{soL2c zv5idT$s-b#xyEi^@fAT}yVN@*b|<%kBg6rRF+(HMI?cH|JBE8e8+u9s7#VhbTIU8s zzX!s4p{oW4*VwJywd=X&JqhC48Xh;pg_MOrEj zVK@JLdHv*Io|s^p3%ECjPcRq1fB(L5eNA9+42&B(z#J)RG3-tVaMFvW5RXZ!ZNEw0 zSOP;%Y)XCqy!&H9;bK*&oBQQbiFEcf`7C8J;7MpGs4SZ){oTyEJrzw;Tp<*|>q9w~ z@dc&>?U(WMbzAhh=g0$rcC=}@a2dga;+oJ`?MrVL%4bF-5gxpne+}Q28Px9xB3f_3&Q{!hyR+?Z4(;VCXqr?f_BZbrWz51{T`x2R0(Wo>3d!i!-Fe_Nlv+MirB~0B7hy=kmKfd~3-W#Q zzHR5K6d6%MUi89Z+UK70!M@PDoE+gA5q%^uIa~lsaUpd7AB<@Cm22pwhm9sB-L;q5 zO&HMfF5zmSM877-mg?aQZh z+!2rh-d`)gOrBjRoC&)*a;$s=0tg5-_h)d= z1U;M4a5N#eVz-%kw-Q-=ukA<-7%CS&A-3sF8Yg+E9lhUS{4T9W3`apw2H0w>0dc7k z0mHG@${yQ#N<)dwVjv-Fj?pZY;c&vIZ3f9xu$=O@M-5R{wl!YYzuA$mUnk%SneTJW zD;}8rlX7YZsFJyi1#~i0?%j2T`Zk=Mt?KFB7Pff-#YE3#kKF)R&)Y2<@upm!Du{`* zjyIm{9Es~e_kPInZCBTsrMB)Q2Bt?$LM@jTT;J~y2N48OX<{yx#fv>F0Rob|y7`W; zk~I=wkKoBCKRt+xh!5&N;q9_!I*_yNNP|plk#ramz z0&8tdlGB-`9=WvblnN6jdypii3jEK^kT$Ggy`i8MB|K3DdpxUF#h5xKG zdYN;pCc0gL_o)15cVUZ<2?g*GDKZ`K_-RwW@a=<_PESnaD+J}gZz5f@FC9Ie1RnY9 zbRJP0d6ALSaFmHiF?&vyYUyKao^@9&TcboEPbywC-}xBeD=QYwRcbuZc-N*rDHOyC zjc6v*an?$xIZu81$TrDg-A{vZt)x+@Qr-L#a1ltSdfU{)-d(y@vb1#aV35;kCPy55 zet3Q2-Q^dj$9o#6*cPsJKErZ(bIlMcCF#%z0{6&blK_u4Px<5mX2hoK=6rQWR)3^5 zL^5dHrbjb56mT0x6bh|G_yR9PUNb8#eN@!reY2BA&!sdG+jfb6r>xDJ$g>^V6=|hx z^ZwoCeCRgy8Kf|k&1Z8+EWxWChMx9fE;fe+OA$v(?Ty_l zItBq}o5y?Fy72H_&AnB%U5nLtHNu@tSeC)= zyj|JuU^BaU2T0E$R{}#>QtPDshuF;~h#1i1#D$Y2)7TlTNfu?0hc-uu+w&j&eMxs@ zvs5eJ2-=a0hPFc8g_k*EcH;11i|Q=gLz$ngC6d+a_aLA7=DWEJ)tA{*=z$=rt4hyV z3M)_`d9)oWtYa3;uZIg~le+h7M|AX(BMW1^s*O|4)4G<_3I^< zqvp%r?-Z`qJ3Nkl@`hl$lKuFxel_V_ZMMpt`KZ+$T#B33F_$?e?BnCxE_dhroDQU2 zmWi{@G(Kg5d^ddC9K2UzYdvSvCq@!*C)p>!#`?*K&(6R1;~GM|66kG&FZ}R_+Y?hn%Itp6jfz14D{%d#gvU3kiK^YyzjzIa@d5qn7*HjA%j zYU?~3w&srOG4V`echc#rbFdMHr-PNxjyd2eJZaK7e2Q#%aP=vW%2p%?UA3n@I3*A^ znpi(OeE$j6S+{n}sgQLZ7J@BRgT)o(&I=ok$0d4$97=T)f zY~4F3b9mu0)A+hOtxwcyd*OAed}dk$OG)v_&3WcUq5e|x{h{MFcErJ`U-}cZLMLub zS5)-Jw1Jp;winV;=@;SL?LDPbyg<&P!ff!Rt$ERyDwu9p+;_G+%Yf8q;WnB^Kc9C0 z`#bjePjB|_n{V=0Khh3tK(Zj(y<|Ps2&ta{%6+424&uEnZpXh~^=RbU? zI;KtlN6Pqp?Gd|ipFxTxzj3R>qfKpAZmL`<)WOvb=2z1P3EtlB|PLgVX;OPuDtpx4b1 z2JMQ?Z}mb~6ZyC9A+YiQm#O6~?67gdHV&0VVvu>vG=M%ahm7Q7DJMoI^b6l@ioK+&H$}|$fA=kc?PVYRb^5Z>tWiu|0 zWlMiX&nt)}i0Va)ZNzNTctMTp@8KS!SO!t;|Oqf zA5(yb0h!6t)p}1u#hpPAca!h-5`Kjx4J>|?%%}P(u!u3kVwuyOfeC+BfGZTF%7C;= z@Af6m6Gw2!94a=Cf!E2#G*JZmbne~x3Pg)T&r(YJblVAICf>kt955pl z(VXKG#>H{=l}tV!CW5z<7>BAzUiu2tsk{uCML%0OUab~6-yb+9UU<@@k8js)^9a=A znxjYGA|Q%f8^}U1!u@vJv#rjW=Ik6#B7i<_vmSM^!NWDVNB&F) zb^*=h9;kV&DR}Pw0%L2&s3ygETV-mPC(SNx>{_bsc%ZT`ZLHUvp(uW&($I>0HeA%8wl;4t=>qdf3qyKXhI0#_OKoFWmrcA4xqxp5F39bS(1{wvs zTe1$d?+!MPtUJPY?T4EozaF3Gb(C>&b2V@=0{UZ8pl-0V6hQ&Un6i@qkjyhXc5Dh| zO$RPW^lnt^xqs>FZu?Jg*3hFLJwod4MUMeRwidySNKW%;9if=#&A|?x*?l|Ma~kul z0o{or!qHp~AY+EsYHCI}RjR6jRHBtnWqt~HjS6osgT)$!c8JBW$pN#9B@^HNWdO?p zQ;X(Y+;#8%PpSWs&GB*Jlz^Zy)WW+h%+^Ad9|b&3QWdhJ6T~C?%~ej=&H>{4|xV8qc|%rxE#XVm@(zC)oqQIZ0icRL3N8psc?eAe*;6g*Mj4|JQ&<)xzv zFcGFj!E&GPG~=yr-}Q0)OV4%1zT|Xwz4yW-yZhxKzpN+w(#ayU08$DDSTTQ7t|^i& zoWnY_z@$qR=s_-D%G8DSIawIt43h4nF|^lU04PN2HqQ2`S!4_W)>Jhx=zk* z8bzs-lX-I#T+<87@I9z2Nqbuu8M-6z6Bo}l9e~!sz!$@6m+g5euu>Saxgl>)!LT0r zd{_CD1y+V>Lm#SMIT1ko!~_u-Ifvpqt_haGz>L#bS%Kk~LOcEpuDUt(Ump0>47 zLe7(rUPI{-5BDgKqV1pY%=+yjO}O6^U&jkDIkw*CFgS#&mD@5_^X`r8q5MsZl8F1( zdL-N2b+Cm%qV_R&=J6wOEn-VJ4p|y%Znwu4;u%)AmG6;VIq1#3x{gn$x2!7WJ<R;ZE9KIU|zH@HP?Ls&( zO;{NzmPFZ0cYJYiXZc=u5?N%>^@78G-G7FyM;YUaLYQi)RTIh?1>iq@R9mhy@|kz{WN>SG%E%ZLzTlrF>sab|G0N&L9080G9|>yTSE4w zyI3QpX;2|g-VaS5jfvxkx$9ZaMetU&;nga$nUB-NY%f!AJMIP&|L_SCo%6H8vN_pR z8MHjyLCT_RQ{79zQ1TyNtDrvSMYd-39PiA<6hT2$#~~XC!;97u7`2)S=)P>!0>IhOOPnwgRY&L~B>;Cam+HItkmi9=Ooy!jV3ZI#J0j^;#`-YFYOf7bLK6 z6&rjW0qVA9KwC`&b~vMU`7MrhG~t-CMwVvZ77adtMJkd{fsJ#C&LMAxyrxt+O(C5; zvW-j5u_uGi?Z}o`azZ*u%uw(+lSLBExJK4|X;HicxjCC3e@Q>$APb%Oib!-U7n`DO zEe8J%_V&u0--4?vsZ|@s{JV68Am08AR`yHDL%bQ#=!~35mw7YDEFh1I)tJD;JMyDo z5Dxc)m(jTDd>11R6YPNHni|3OynuTYa3o@hXMQ=O#GJ-l;+RulewruT7S=6CpLYrN zn2Vg>9K+=e`e^%T+;A4|cdv#Ssb9=UAQ)zOno9OzarznHKIP~l@(uX5*MB~lOLD

;^J1oA|yRqDj0Y$s;k!Wer|pqa{@jW3VV<@ToyIORW{K%2RIKlzx_Oj z{5MmcK(Ss7rH&T8XJy5VB2tWe35mBQp~p$+`R!z|#P_X;DK5#?&P94?iLD@o-nSc zzK1VJJD3y09zqN?3N*{tfeYZN-D^U-kQp^Z!Sy?8)>9+2Pr}iD4rAIa>727=`A@Lt z!OI7~*KrOS&;-s#qy^(^z*-`u&ix_3sXFPWxNk|28dkFm`s9Xz!`zqTz{R8kXOK#^ zlY;~}hxj)h-?9QX`^b(rSmw7YpJG91+81(wS zX0p=`ue*rxUyO3vTPbgGSv|a1yr_QX4$EoDt<(Izqk^6bX(#vS2K&%@NuTIeqcaTCK7U1%|Gb~{&v}P_{&7d z>x2bL7>~M5u5mkg)MK}R5 zGj;7@x|_HOM-TPTD6qcF3+=OC0pQ_k-nN4L$0pqwv zPAL@nsfPFgeBIrC6!fc|05RbkS;&89P1CGyg!#XVsbg7tz`%Bvdw+wJL&NILy-n(! zmO}sAhZsyP@1m8o^H5~n@YdkG2u1S{#Z`m!t~{4}&-rpJ9{ z*!`KVg$c&J$Kr?0nnT%BpTB*w zr$MVWkYxJE2nz(Pmn$lS{3r}N)Jr**UDtb|-@xo$!&P)@)8yNrG(5OJ8E-4I+k@R2|G8Q%qF3Kfsqcbh8X}&UjfT-EKYAKe;O-akJa~Hew=$lH>9| zgc%1bC?d)-Z9kGUA#k-d{{Id{l={u54htXP81euucYS>R(lh!w zyWPoR?jvHY`H!UEHPjy}?TKAqKUDE8>OqR48Q_Qswah{Ai8zgx)6~?|=j6`quJ)^U zBj!#~ei_+#LiVuvHqf4STYl^p|E&3Tp9=NbaiTA``&dR}-ug|15Pl1VO`doRHsS4i zoD6-Lr*Ep=`@Zwop_{(Wc!fFgQ~UapxzgHDt%tBYFwl~BKTvUE$m3+#J2&t|XOfQA z?SjGO!j?H@Nq_&VFM4u!B}(rq#ZS$z@kv`;0bmT?B_I)h0#eC!F}Sy|wMXpK_Ox_bV@osARgmYR*_} z`uf)t9{*!}R{GF>+Wkjn{;01Yc4RPY5-lk@CyFmN(Y<)qf`x?;+1cAFK8mcU7(qKa zfV=T;nb9Fc=F`8kL<&=*0Tz$i~XWbBYw7b6N4-@kHmh`}$@Xr^u zP=!nb**~c*vM%8If7TSg4)afo!gxREe1-Ec@V46tIG3?%$`eMf-tQlT-#^{TmY#Ht zpH8~!cpbN9y4{D_*WKUqq^5nL-cXfT*W@bmrXgCS-}T4(#};q*bDo9eB_$=8@1m~b zboR)YkFQlQ-6oF(V`5@9rd#}2@$vC}L$yiDsQody6$8$xe&`?=@^Y+&5UR-9nh`Va zyY)(nrnvUq!xP(*CoLo5_*qO*7V(6V0%ajl&M#P2MHU@(9bPa&)+n)cTD=U-1dY%!^Vk3*q|^ z^b$pOst8UxW;Sp68ATEa93D(E#-!}0{0Ogbw&++XpJd$H**sO*N$h)^+<7R9Ur>h4 zwP5F9bX0d*%l}$X-I4}@kS(w#zDM{+*!wS~G?CEwPQo+i_J+`h!TYOq$wej90#^lw z(pKxHrmEAp`E!!# zPZMbCJ9S#7*&+kZv*V}jr9eO9;qU-NbX#2$%Ikk3yRn=@CJ`xnb&#c%Iq@Z|X?PB6 z8q)vK{-}D8r`ia+4$~X$NCoDXv@~QNF`oM4bHHxN`%IM5qNR7W-VP5wINnp565VDNLn`_)Y{+=cn$U`$qw(5U^0_?=JdB^xX#!Bnd#n*ds0RAn1fXkT@@)#l-%!S848t zFo9}ysobfc(-8JZ??a&#OSHYkpKb>-xXZX79NF2|K}3ZpzH^WcgtcbP*YJQnrVwzk z2=8}iBOjQ>I%;3eL1$Zs{EJ1-Kke}U8=VcnKYH4h{r`a9 z_y4D)2uOOT=`Q!mMWdE2iKa|psL8i)K;!)Q%67A8qr!taHor)F?!% z7u)KvU?G!0AEe1LhwfbaAK-RC)BV=yDJhqXG)V{%^pS&UhCydT(H> z`?%Wag3hMgHLj(0qqm#wv8w_=9#J|FM66Q$2_kNs(-$hJ8R}aP;A|>p11lJoJ#H38 zM<7QJt_@{{l6LCumhdcDLOFx_0tiH0lm7%F%#l;Mt{Brkx3%)vMTL}IA$dAq`xKk1 zPjne3+cB}Le-WXzuN0eDVD7C0#QSmcZS{jGuGrDe*&E<0+1)}CeveNP$S{vhDKL-^ ze{W8Twd}0jrIqhy8k*nzM!~DlF$g}(H=ST9!rxm&O#?-6-a%0%uj_vd5;c$_b<3nK zth6MTYut%shdXKIS1s$pTJXFkXJ{Q?nsvTmbkX4o4Tjv{IN&aQ9q{-gksTi7t%lyb zr(JU+qpCywc21@upmEr){-*&A&XB?hv#*B}!I6<6$GAC##7g#1=OFKEiXY-2#y@iq zSo~X*O@?`gln%0Ga<4#F>N}!@!7JDO`Aj}PxeC%{VD+@9UGp+J$a2`J!`b;fmZ$u& z{7Le^Y+W^!P(#+zU`;(jEP}#~}Mak+xPwG$>$qNo0#gsBZMjC9`4-e?| zzNN3w!vALok$@d#t?eA+Qa+%YE4Px>Ubzu>VEAc#!nk@fx2i^Rp;Z3fPGs?ZfnUos zF1X=ih$)DHCC>jZo8>!Hum4#Ku<->=kIJ4tSabuMar-1q0gCpfQG}DIRLN zWquufyH~k-&ro1*^#Jhhwj$+6P;_{=z02$r6sm+)1+Z*A9-m?R6^U?mCW?wP)l}I{dU9J0b@G;HysJfjHpKk&w5#YnK-~9Z+ z{QQl>tlKqpj8cBpK3|f(S;04cW_BuYfOI~M0T7j+QP3shVBYmCZwy4^W+x_!ogl9I zC3F%;_=rN^)m>1bagpu9xPi&N*?bSVNO6%qPm?^sn$3W1zQ{;6%O+8Ig|0F`6#_W; zhDKWz-Idn#K;l_2E5_-t0bd7YjNof{jG2f6^SS7xFf{tN69jWqUQjiZ=tHsZ_aObs zb!i!go$Y^+4)wrC-ulK)haPRUyO?I(go&L8E{4N*Jq_F#DYSKTI90^g9|>L&+Rm{A zjVd*tV~ENQ_b_$BezvP9^-1r;oq6-NNH%p{U29JseJIQGUJtx{f?+{S>W|6^1v*v6 z&)@Tz?hdz6pmR>iP}#9ws4BR@x|d+dCStGD>a1IHEf7Ap9$@`sp#IAj$*OEHq>QU` zw61O*)wrC`y)!m1DfiTzDrpH=?RG$L9baL@`2L6Y#&Bi*rG3s1nAc81N;~u5J#j4h z_L1^$-Pr!DpZx%~E#y3>#5d_WTNBKs>Y%Bq$tEi++bmYl@BK!rP>03HV+seP{0Lu@ ztU~1zcR_N1io&8J3b+zkU#>%%prT}*o9-9tLn_i2Hv$i?kausTrq9!{(ERGQU*76B zuX{e*7dtQ+f5DuO?^PPFy2kcBKQu;XhZyNIU*vTA>b4`~3X$0Y;IIn5d4=(vrkUSZ z(syw1XOpH{zt;x^oF}{IkQqvH-)kP{t6km-yx*q|5~xUEP5>o7;&mfc2jwYl?CDui zU1jo+TNl+kENkwU|45yblyt*LMS=}xUlBNsyXSiW1y1*c6P!-vpkw}z!Ki`Kad<`OGRJb zn&q)lMLX1?*K~PjlGYvujV=%qgDFa4DthF-yegrdL`dqJ(WLZO!!df>pA0Smk!Ap1 zqRT>qoY0>GWiS+fu+8|vixP%?+Z&}>AvH#Q>{65;&K?zRkm*C<$o}Y$;5hm&hD&{= z)>>@8q=d-`Qa1&w8D{Izh0!G+FwHJ;F{NKnMBp-RK?%SbFNOcXk~XIv9sj_=5MwVt zA6U@m>X_nq!`R)sX8qG*YdtU(ylwZ*!0tI4_ zV$BAiEgQ&Z{Sf>S5{WpY0dV3PT}RQcw1Y^w20{s6;vvi&100tLpZsI6{qKsE|4(vw zFWzZ-dsofO&dR&Fm6@5D-2w@9RyHxg%E)}JsAgi)YU+3#YfCwU#BDB^s0lu%siMM;3c5o~i2Q=rQxXd0xRvra{*mKu zg&xSuQ`B%67#_CT&ooz4Q!_j6ER0=k5Eo#N`eZLNgP|Bw!yzUyu`@L9s!Qk;*Qo`i zuTaH`Txsy#-;Lp?O45OF(0121IB4OMQ`bs=#l_0(q0`SL!B^h|ak)yTxrBw``~m`O zJUj*NEir>l?8c6GaKd4YSV~O*G}%r^9>=d1iWhM05aWm)NB1uvM#knBrh~OT ze_g!>cg_*Pl@I1!IXf3;qjSdLi{5i+na2SXcy0`mrsBnKzh{qg-I0rXf0t`cn%Nq6 zkwe;*_5PhZQR}BEJ9(*eGqbXsl#Kf`WayqwaS8Gw-JlHfo>%wp332^P#;cX;*J6nB z`}dHYuZ|D!J+PLe#)<7W7{%SzM80^lmXhS6e; z)}kDhZalg?$mP=NX()Q?BCzTZ2VPgT+hzSbJr+naHNfN%E@w>4ZpH3}k}u~SgX*2_ z(Gl&ryDy^kbfaPA{>woxI-6JtZphS=6!wFxy!mR8x|FaC%#}1{7+hG>L?Uex8?Y?$ z{nY+Zt)fPLxsj8~(9_@ZiPl@u2RvNFcgf&H`JX(M${4OPM3wf?3*U%Uq9c#0c!7tw zh2JUN?mZtvl-J3-xfjvhc<>pdqyy)h4OSr*RVmcr{M|71#p^U~C&?SW*L3`gAY$6m zdS;~DttDewtT2IlmJOdTK3JaYX;uKOy5|$k<&yuUz9x>)1D$_2j_UN&k9dAH7Qq@r zLL<6vCWf&-emnQ|=8YZjmd~u6$|1;KRzGE{{~)io8a3(*_-A!V1O}BL{E8hQn2DS3 z_Y5UXfmk^So7wJqa=*Z0B$1Eb^nQGS^X03!AE=o#g37G6npsdm$!siaK&&Dyw=|#$(??;0IySY!#A^H%|Y{Civ6z0j06 znu&3`fpvQwLA8s~r=KsrAbAXa2kO~Km?5PR#E$nbZ)ZM_r{S^v<*_e0x>{YVz|Qb0 zqL=G@G7&W*;Agsa3)DM7e$&4dDUu-qM6axc6g+A0n~(8&Js?!v>>zH8Co!c3D8O5yi0Io9kt(h2e{p7Zq(_ogI-n(;a5b!~BXv&QK1C3<+)> zyD$udHA}cGqCt-=z-PP+M3@OUodFkTn{;54OI+|4^{vJPy zS?&bQ+^{Ik!=v5^V_C3)vh?>t1kA>-!TCmVI)I1l`PQ7@R9|Q7q~(nx7T_iVr>9Osk${>Vim9ISpR8!FUIW(AnT!bT zKc38aBJa!C5Y%k96ECDsQ8V8q1p^_hBXBpp`-X|Hfd zC9_>VG8c&PL`AD+*n8~4yOEbnODWnlZlLrxs+nWrw6__!Qt=a9Y#54(f-;#ku$lUvMS3$ zAKU;oTE|HA&kE%50H8Y{0}ESpMHU-Cl;iiK`O@?R-CRgi&MU>|DS5!Ws#O2sas7aW zND{gV@G)EDUA8W9WvDRNdOrIXpAx|gRugAD+Wb?f14t#syC?O9f0Kg_zwHg)V4?yI z4j-YAU-BHrFGDzp{$^B;S2w_>|p zKF(lo-d!^KI6H4^^anPl>1szS2)+4$y%0nw5Ooyj`5`nZJJBaW_3t?!EN ze>PDY0xOz?_oWm|=ep)nc` znUWKqV})PQ>gI&ElN7DidgW5inztulzICh@(>%YNRUy-zXN~9&eF__6tT~!9Qm^ zhP?#LG}doB2*rwy*m~+5PTsp1-1P|)(A{xpF7{@Z7}Mw_WCviYUjGjnh$Ocw5-(?M7m5&))c4_Na+~N06ei?HK=)I@9REz$TS_P9Z8f))R z`u#`KSLj1$_ zQ^Z|dkfPGIo$yxB{Ul~4t^7E<{u;j4VsMxtE+_$-bM)7A?eYcbf;=K2lsbkxS@gO^ z7}Ev4Zz-#o8aNbd7dx^;nbi%3iZ|QEudKn`d1Ira&8)zw|B4z!fIf0yts!1^^!>aF zgw_9Bw_{LPGOj3?wR4d)N>(Uxgx=zSjMc23sAnCUebUk&{L<#Y?OdjIRC1y zj6mpZ+_#{XJW1D@7TX57sq||b@e1u?c%P*d!~|AH86SZLr-8Robf#*6hZRog_Y{|NpLiTq~}n+$}t`2OsH z`#T9i_PD-VCT3$X>tS<}FmD0}MaRj$BctY=FVs^ue*>fIYje@eePhzEE1uGH&0ii#o^FDk4+hW?SMjnFuG4 znT>gvAe)0ddMFucxc6@L=3-~&+9DdQ&+#=`L#|&r0+bIxj`hDLJaq|{MckAJ?+>#B z$(&iudu^>oA*&75G1@i799^h3mFkaFxs__sI|lY+8}9Dh(a!}NV0nJ}ptlfe(GVvj zzyl9_A^cAx+!}1H^JUeIn#P6ZooTc7>@(5y7vGp*2zBa~Ua;gQ|JqxLgz+u0MN zR!~sjH$Fu%?E3wA^~NENoQChfb2a|BR~!r}J87keia`Bu}=10$1z>Mh<}w6`;2)}dXl26w_7fj=>h(itr9SNXXI9 zO%Ye*Aj)G2Gc(tvgE5gxKt|Nwcz9X_}vyt%$9eJ-B2yM0?RVjY%i_8=;K=)1l znwdOxhXZh01zgJfEyXXr2O`2iZ&mfp4OI~ z%3;5KmfioyEN^RieiZ`?z9y*mkzw zGBYRBAlcJ7E^%nNwSGU5q{8NFw4|JdXn0)Y5zj7AseXkhI>8Y|gY$@1e6%Jkt zlEVWr4e=ihiW{>}YCpGb_^&OL&rVd?yPK_0h6DiC{37xneR>)1!Aj-b@|a?#$mZB9 zo}SY3) zHFyRFw@zIq~0UnImfWH0H%7C&Af!wwJ4S``RlaQ@W%Er>5?x%L28r#oN9pzG^GZOYdymR{MD429xAxFxLW3lkdHL0PW5vz z35}+n9sSz{PYn(b&4t%&<_cF=nj^DKouK0h;4$uxN_8+Ld%vS?I+5+PLps#X%k(4d z)sXc1DrEWFqjf}nlF=a^YFc&ETMs{y2?*5*v)2{_-7)RYifKY{YCSsiL)%EhBCE)r zR@4_!xwj?P?3qg13$oLzNh)2bt`JR-;itys1I}9ztq{fEj&C>F+JtM99n5m;IoDrM zC9Q&((<Sp@zqssz4ua zdrghy>`!V07~zyIDKOZ+lKiXjHR3;gG6Z)(lzK4<-om?5?KL$gl0LE53jCBUsuypk zbVa;Zt84Lfv$=)Y^}eCUj6W+}y7qVL^3TmS+Yt@16Fb4Kp(x#B&bLH^n5)e}^E?XdTZTxBgiRkXl+Jqg7K3@Be{TPwC-J z;aSwS0A5_`&qk+zI3f!yZw`zD?~fauA8@@LYt~;!k}OoKWbvG**hS)~+yP5sAJ*Q% z51jsf^D-h@BNT?dc02buFIImcza}k)1A8~XP+kx&$8?xAV`hoTsY`pSR=cwzHyhSd z7%R2EO2colb!(@paGzJ_$3#}g;8(GmAnmcgHLuc+Ve%eBeX}|3t8+M~m_ilS@^Rj9 z`>;UTG=auRBh@X83O^9oepI;Baev$C&n`G*RbHDI_PV8_6cmqPi`Fq+n0~NvBPsACtyQ)Id<7>#Mt|^*nfTZ047i} z`qsI8Y&(bd9OlQ`WG#y@Zyi$jJNQHh4ZzX;jkecbjof)R@!(pSC}lYSrVLfrq3${? zwF5$q;-$jNQLC$~Pc7sX6e3^JD2Efy9%niC&3^~t1gTZi28hwCA=ZKA+zGcls5I41{QO5@0v9(| zy3YdKT>8A!AOHMF(FsQta0 z6}78X}y=O+$1s&}_S1k5jgj#&j_ zL__fY0!sb4ea&w5b2-g^blh=>oFyXj*Z30gF^qv3L&l|HK0#>+v;9u<&VS0%^I=n z2cTA6KV6i6jlzB0V!tTu?OV)&*5c3{k{d7#tZ!oClGMRY)IsfLkh^}<&iT8$Pl1J<(vlkcDb!b4B-J>)5 zHK@7L0J#HDxUWPakYR0WvqV}r?3j7*>N?^IaFIsvI^O)v3Cg&2x;3)E#=p;#bD39> zQJe46pvc+3M~~bx!*RVomG)7y`OJV?XXYdLvoX8DthdtQ4`5A>Ew-?k4^QeiEzW`- zwRM^6_sW2sJks6)x~q@)OnM(bG$|)Ss(R;|5>dskt(Hr^DU+{srszSl&!RF~wQf7t~b0^}JRJCi<+ zuycJQ!Gw4JjCR$^)B6+d?O7l8PKjAIsOpG1Ybed#J>yOcGL;o{0Rz|&4r@t0VC>d+ zK-xgMD(?IvIN`WG_3IRlHWe_*YDQlO0O@7{8tHiag*E5IGBn6aJw8`=7*F`v)a-k1 zcQ_5LlyB`EJZ^55ycWAN0R!A*Niw;#-&Q=$<(ModjC?fJ9%5kGg?*PJ`5I|AgZT}xj##v$s^Yn%F>olRINa% z_wYqzJ4c4f5_e2PbXsosMDU&;@rxKS53s()U+E!B4lwsn}}S}`y)3^cF}un!WUxs{b5}16%-YtIy;r7VGY;EE~L&I?M@htA%1GfltF_mOy)M+;@=nzhD;!j(rCqZI-{wsPlbo-)q4T0^ zT6$WaeblUJ+TL%nE@EY8f5ytDShQQZE5ZbDsXhePV7zZ&oTqP`&A?#XTFN>l>0zS+ zvDxyQYy9`dj5%Aot~|)cIey}nvT`W7@eU*Gmd9-Klcz$^g*;<>V|`#a;{Qebv*z8> zm;oy;5aPXO%FzM7^bSYf6C%b&yPpOIU@pO2XHrIWGI3$s(-SO~W}B;~PHPJ~ucBG0 zlru9FtaIhm)$a_r-&MQd3{m71^+IenV73LTIHdA6WBnyl9@F-dZO@;{m@lv0ZR_ri z-QV|Nspp>zF<)(1+$oNevSHXirYZ_K3tkACL3E67Tti+}VKUb&+j6zjfea34u-z=w zy~M7ZTx7niO{%M}!BKUkAY{O$^P#i`h*+k#w;5x3-i~^0!aQ?A&vpHa?7jQ<1#$D- z%NPaS;M?@RF&Epo@)gufsGy4jWqJ6bVqzJ2G7JTy7R$}&bk&(RUx!3H&NfB9d}*^> zuiiqCfD?=He$$W?1!7*<)KYmpP;D{3E#3h9UAHM|)zrz*kuR7)9uGBt$lF%wE-dP0 zP;8+TL-XUim|P*^%lNNlZD7*Ei?o7-hqJur?f0BLxXa-8a++E-a zfBi_zg~d*X>;QKwKw4M9sVoDz*-TfaTi)KUGd%i2+zYcY@OA8u-rPy;@Q5?E^v?4T z=XBbxcI0>dqRPp^aT%AJ%5Z13wy5~rUj`nq2x%tA*}cP31hP<@xou!{N^keqvvfFc zLV8gjjaYs6yjMf}?YTc%2`|*o28j%J*o38Dv3`04^Esu$HDt!=N>1mc&nQ09d6tS$YDE;eGS2*^HX3G z%Ok~3WsB+JrHj5IzGb_8Rr&l4XJhoRZ%F6qotU^=y_cJD)yS^KEhw7uba+t_zv(>H zXU&pQ+SAxz7nmhB@rm6#^xJZE<$)=@^~HJFb*?~9@>?8;B&OvE75~rZnXw(>P;I!M zVePA0OqZEH{`K_ouoa2 zo2Wa{;ril*GDvYwe*gAr=NvzIg`!ey}HDUAp;Sah)@{R=Bkd=td%|a%J{u$M@ zm|Yh)H-+1`Lp0!EVr25975(X3R!yeRdlq2EkKv7q#IvF1Q6VhH2jVbdg&Nz7HE^FJ z0e8r)S46MGjRWxc6sr{ZRwg*9l5+8;v>3poYOcB;(mKKp~S zqw#8Fe+LM$(Oi%fw04!BS&;~ zb*Y0gRWw@sLf*u%2|Z~xaEY-3-fJYyK%4Dm#G`lF&_ap+0_Y=;sIIP_SOWt!?heHq z`et0m!sZk%ul*P=lRi_D=_eG1>z&N0QT3Q)L(AyRZSS}R4eC|q?gUm3RT`fXW9MAK92um?S;0Eb6rSk5gNif&`2(}S?&itsIU^*A4|S#DZg{#JrQ zFiC_l45Z;QYmXR-dCCP5C(IarIy8|l_N~+U4O%Im)Q@pDfOq;F%0`z&1`e}=JP`$V zb8{m1vSVra{x&DFQw#A6=LW!B#tb&u1!d;%&0Z6I|FZB)#aPr*V=C}LKtaJEw zo!@0amG-i60O-;c5{h9tPEq}X8xj?VsCp0=4>x!MxKoe%b~NGaBe>n7l+D1uPT&%x zz8prN0ZOsS5ud)%$GkQi=HN_rkyq*IM>#2Aogo6&-qBI+q?H1vO-*=f|GJF%@EeoJ zhzOHM@VP4FRsQgKDD^1KOpaIGnD>(AcKEZ|hi6Q5@^NtFfbAes=}XCU93-YeT_-*y zf&su?Pj|?qeI7<#H$8uIwGDI8XVQTS1$o`H^3XeG9xEVS>fbtn?Xm`*%o|k z!}W=xrS=*Xd>B*{dPZ|<;Py##5c@Ipgi$Mp%d-#^o+%y5@1O;^^N#^GQ^#=7<65s( zQeqjr!|19C#J|#hSvR|Cj30e8y5?4DO^xiRp5Ai;XKLza#S{G(cc2EnjPBYPP+NdOiCD*t6ovF6(P{uoZ7P1a!kxh;M@y z_w4OsR0ydS@e8$6e^V*2xoB84TmvdopZLbIl z6Z@sCZ<7FWyjGVq+nk+HFZRZB!{SPKB}%uF8 ziVNNWq$_C3mjlHMFlYptBZ$-oc@uLSIZAMx%@_4^a~5jo^4(dcp^mno1jQD-MO`6R ztRz0-N)09ErhUQUuJ0VUo}344N5C&xph!^PIQxY@cDmTqS;SB|edNl?OM&ps<~ESt z4$VorPVP_%g#M%0tphi}r6W9@-?0=8rMmnuZ*kFj`ao;)pa;&%CUm<`poqTeA`!M0 z8Ks|Enkg?THaerol)`3iZmzDbejz?SzS$80ybv%mPzGCf75)a-f5holnE_Fu-3wvm ztTTpe_X~Ai7y|D6$6%J!X8}8YFe+W!gQ+*-HC|B}mS&0yxpGlNoY?vr=5x473@d%3 zeH_9(@f>$rNFzQsKEa4w3diXGt)X40)=m{7Q^d5gLO2IXH5RWkn*ay>OjZo{duWL1 zOJiDWUc7z;m#YK}Jeh6@>##wuMwCxX^6H4}T!@@mZc@XB%L5>873yyv<7_nlT=E%= zuCRj4fly*4d3ioJFs5d`_lRSQ>cNz^j=_W1A#8@i?)ggW)e19i#aBqdYXz-v*{ndM zCDYZLQki7PV^MOv&G1F%K*=oR6hSAc}HhY7i zMh)(>M*~sk3AP9e=bp!WH68JsO_KL zKj+Sdzki)FSI>aFg`1tyqVPj{bejvYtIv7ROV+uT!7QaGDej_MiwPDYrusp~kKvYPi;U&;5WullBSF7F9 zpVNz|pCCEgOQ#R``jNFzFjnyqTv(eMY%H4X>&`PTZfSk)Xzp=7AOISKcqNtJ>^iUk z*)+s-plYB1=@O{y7zEwh5 z;lD%4$;%s;o_>J^wc#Ot-C;IESsk0GlFq=jw-e*m`?gI_=drTP#~-!ErLMjz_iu$W zQ*!krNZ>}!0vmB-{D+TxW#t`K36>5mUMgS1nD_5JUFmb@ZfIK0+LwW;&0U&?Gl&YwHh-5>Xe$y~vNHT~EG@M&~`P@ateuc`?X6B`oPg##{|5)bnldZ+P z_K{-tiLk{5NpzC@Ve|Sa|7sg1fx8Z9a@Rxa4cV=7yJE)e)l8KFeY5K0u-SqA0+!Fad9iMiOaj${ENu~~6u z;b3?DkzID;hkE2z_O`L1p;vaktO#V5lxP6MmsLRE!xp4b343#e6qKp zdakw2xkhd-{@uF@;!@x1_yXeA_iUqtg?%`BYRWR*3+7N0h&cDF#U`JwnX*TXIu3mJ zz&YnLx6f6tiqk(KL*;h>8inTe;ydf#FM52&gU8d}Q=c5>R@rwnuunRCz~FBR3+9}D zvW@((r5-F4HoGZV%PS-#d*!}_aVJ$a6IY44P`sT5&!RUM*`2vV$+TrdB1-)o=Wh}g zs$C4$4zuF2N$Bt@mZ@++YI*7u76y1~^qP&bL;x@3o z^DIMSM<|9pXII%D49NX8A~Xt0LOvVS89eG%j*zZ?0MjgqNxC}cI`Qsth4Ey4qcw_r zfuKhE^CL70;TEhjB1_GI+Hl`WjalCnLreSGiGe56$RkL(IsgdY&~MdI?V%U~c3Z|SrG166A%j1e0;z!4_)cmlp@ z8yYD>@whVnVJQn470~b5m-%nu0?o(f;H+~F3m4yU*TFclf!dahozQnsx6z_!I+Cd-F@k~T^y6)W!uYl@ez{g)2#}X8qtrqb%4!)! zL>;}Miiola1?g4^K>?{vg8~B5-7Oe&i?m3?rhC&;o9>d5Zls%Uotx{r zp7(wK`ksF-fA_7NtTk(9*32=-%mRXw+ASaccknE_Y>%rZnm#Q}YT<{sM+jITiCaad_5yf@}2fjQ(mxYe&KZko-SnjoUYljUC zJpKFAusQYKl;>S}-D!rH?DukL- zh(e9}q;j~Bo?gL(lsyX!wq%CE=6iLJ_p~M+g(ZXJJHTjtY* z(%JuHeX5gW;#0lTS|!DU182@q=QYtB025CzA|t1n<(K9+>j{g;S$c}*$7e+kV(q?T zL^~`koCy^@fOQw;B8WyNOi>mDg$bm97y{KLlazpTCX(q8ASf3$y&E z;^`%Wxw$6zU=xIWh&b+NWSUQ?sQ|kQgz?N+ENpf_p(A1AT|dwW>hUcQX!`kG%go3K zp%XkJH#T1m+3kosHzzzfsGc&ItEy^qkPQC*>-xiiZjY1Gf}2)Ks+?)AmbH@gO*=Gj`?Ycfcib%y#oNB{7B|#IQ+!P!U1R=EIlX$ zI~*_XX5|bETNbe1H}m@WSfJrpx-P8{J^$FN6&v(I4GuB_aNBxi;L*_$=cd&Bk#k!| zSD@>byTq2eMVOQEYco9y`9E$|6oR+s3=iBjuoYTl@wQo-NqT zN<{5%P;RsK3#f8>Y#uHX6xwX!G2FLl41(FcnEjl5)u1aP^pDxbc%qaKY<_h$w;^rN z#Np0n1i$sRX6+`oqTaXU5C?YUivya>i0_pW433Kxa|%oVD9A%i-{+`^wOC4P*9su_)M)-_a~T`sJ^|k69{!|-2>wFE4mbK1|FCa zuL)Sx<^g3!(iMLpa_~RHlK-#f5)p7w?_G>m5kKV1;@rIGp34Z8Na01jy&WPS6@vAd z#j9R7&dmFkcJ0Z*hDni$OUgRezO&EO(&5Pq=fL_0hS#M$L&WGsF(Z6GT6a+z|7>$w z5GqsW`cT5J60^|V<10gK}7z1npx|@NAcnLMJxn)kTY|S(lnzw5^{Ym9gkXOCOSK;)ME|>iv|zwo`~+{DFMPxx z)W@;S$|CeH7vQ^>=K(lCB+rB5Rt-!|tNGl&Ntc;5?G0euU0t$#AXmPjeb%z66CU^5 z_0dC?eJPkR8i@3y!OUfS-8b6%KnH1DsHCETny&W=oX$#061BFr4(O3~`}?m`ImBFv z@>&`4TH&(jv#fAso*}il=4AxTs)GOvYP5Uu9K9cs&v%m=V5FK{+}tRDD$jc@ssKEq zL_tZx4?R=aGZ@M)^mWC*{6;3B%Ez*RvVQgVXA}{sWh&o(DZ3#2oZqgZlas~W zye)ujtzSRzCMY4;hao8ixUZlTiP#Bfbbw;44LSigV$>C0%&M-|BBJJ{Z-<+O4^NIi zz!pyp3lGm$)-k%|N7{OIbrBhZoIwWgHb=>cL*JxGP;{3uGc$)Fk%9>pO~25&jVL{~ zmvSs|tA=4?whSBP1NbWjq_kJ4mMaSgE@$ggO-ex_V6>rC487mehhRkQ3LhM}k;28g zyGMJCu>0(JqTBdiPe%-nA^JU*EOh07!o+;huw2+o%l!2L5zX@Gw`QVT-!XQv4u{A1SM3xcj}5VS7F zxog7mZu|CLf}6j{eO@sEMXbY|_+fsF*Hj*~bvZ;_r{aDE_SjYRTG!s*-qURfDj5Oo zT*gCI&3oqXQfYU_@G2qVg!!wl7V=;UgR5@4O|*}&1t=AD%6uLAAG?!0PP9oiC(lT* zDX|*Ia9WA93xmr)baL`_U%KZ8ReCUC06o9Ap37QjsT~R5b=ITJ-eywE70*nS74-!l>A3Sb_2M z)p}ecfM=)X<}71H7w|6k%#DXUm=SZbdHxXjo$D=lxI!=BwdBHM+$E?{W3jyV17u0R zixys?H%*D3F^#&O2j*u7jAJ7%ENca;ZR6+WNTo2kEBh>!E`M>~Kd9scvVg;C;0lGX zt7G>dcsBA#C|OyBtjyP-28~tF>wc(aehI*KoP(%x?ICze$fOJ1 zs*#lGNug430WX)J3rX*_xT)U1ME{19}*6H zJ(8cJxE%(Tp-q7|hOQ4yt9i9%gZ5v$r6s(hiT>=L*)SRWuhK%}_LNXxAiZU>sELh_ zzJXmEQ(pW-pX12({I`t(8dzC|8dfEwoYx>v1qME2Pfj^YO{&(m@U{h5MOv@t6m%to zq%cg20gWam!hgLT0gO1^&!-tJ8b@XN(<~?mnT_(w=Glx+1(4xCe(FQNF*$T{qTfVK zWWsIji`(WoB~aoi%=$|`$qL%qY+zV|gi+I=$}93qSTBxTwR$gvMT80j%JRyvJXNUCTh_K%f&gcqPp(gTlmIPaF24sVSzf_l$NyG#eQj+mqO_Dd6M={d zXOctR$}^2Pla!@^Yh`BV0bm74-ce3e%ODj|O39H_#)8x@|N9E~*vv)sm@?dswzklm z9F|#sw4}hl%*KmOLqZNhx^MSn9`0beC411b@h-k}hBkD66b| zfZ4g!nYIk>RK$B90#X3UxHD$u%aVvq z@BDPqe6;v1e{OD0T3aks-|&-gQ#YELUq=Hj3t3|Tseqd==J5y5j#$BbrefwtkCvU% zz^n{MM5KUTgBp69B)H_NwN^#0e|B`DqM}sHbgium=VK%{qxp)`O#0tbu4sYt*$g6N z-SGp)%hT+of;L{Gha?o*C18R~TR2mop|;s?ccrMj$wxFaT4CXE-QQoO?`t$__vwQZ z5M}aWoAtp06&wJ7vhJi^kG5)brs^)H1jVDjg0Q_EUJ(%;++15q_!zovXqv~%m+maU z^xQJmeu9$6z8G1s%eOxE+NT;Cj$i#GS$q-@f47Gmd!Uhu;Pn!$hDO+42MjbLWFx?w zgLx&hYGjFX?HaFT!;-ZZ%2#t>5b2>3z3y}x?p<44PAgeqYyq^g$s>7*1Ip_|6VgTH?PrOT%ahs zIfr&0A(ft$q`Gj)DqGv)FUM+v89MA0VZa^#oT7slRz-eAWJlRYm}{-eG?7_6C&H3}Fipz`|^1Z;@sT!l^`{dFjB?rB4zqSmPQ9(+ico692chZSIQn=P?n z;@)TNVU4Gu>Fe!f(~76*o0u@5etS4A%<)#=gMvFr6~uCZupEF=Ihzw0O;SDvZzc?o z!_^rHyNS@(5$?#nBuwDDmI0B04`0cK~=J3=>rOumglB142_6)V5 z3xfo^vNAQhO52cY9cSg5{o$$oXNr9v8uQ$b^S0YGETmWOtWlc+3`RFtq*@L{ zg^?qlSubrUpGCJO^MfBe6eFr~8-U*Rhab$$xN3;vO{2oospfZM9`N;#Fb8&;^$kt3 z#m7%9R=+fB_XW#WRcEz+`VY#!1X}DdYIgzzlP41 z-UfJ*n4-lFXNbe{M79{+jUmeEwUwPWkO+8gE;R$nsw*;DZmHfZdpe}LnYD`JnfWr+ z9T$E&Z<8plcJ6(yQ*7s{BJ<9YpH_sw-k0h&_S?XG-}=*=X%E%b_Qd=m9f43N!&34f zs?C!2RsKM=(~e}MFS|D2_MpcdZJ)Kcg1bwK+YVEMBIU>RA|8@8$BZDr?P!0s>od)K zYb8z*v>(IbCHza#hi}A4;=ZSR$eG_^$t>8R;K6;Bb*FY^v*WCIg*R|7u1>F=TiV9u z6KtIs)gIZc#WNUbV|CMm;3J|O^(5hC>N%AYwz8urX^qw)XHLhoe|FBP5PS*h4fOOB z2GTeVAZ4`!wSJVEP7neBQ<3L-QpD&(6l5b|t>ds@yyGq-X6LJXIF)T~RT9~P0}o#i zI%|H<=bSYeIYfk5VoXGa!4R7DM6E9y8ksmF6fU@G2Wln#l(AGWVyJCzL9q~^O?$)E z{Q|BDK({{$%cni4#&6*l7IYc;XweIP#IKD^qL3Fq5omzr1!vK&YZScA%bBnmiEQoy z(=^ClQO%<&c)wg=-@BS&RCZ2qA)xpXmUAk?vvfI9F9B1vwd9h%+~^qOP@A6P7l#1#>ZTjn#|K2oK>D?E_#GDso@(7uz=W24Kkz!JNh zQP;9%GB;tW%rOuQZs2pStTAY^9)1m4HgIqx>uyhHF)v_3r+fwT7_a<>rnsL{Z^TV( zoiF-$h?{tSH@|=YANo@a)OYcZuP0qxdL?=iT(3QW;MT&yD(dxByP_7$sK%`UIy4ZF)nqsamc4A1bLOk>rC@e`<5Te92pjwILkEbT^5Wx7_I3uc*|5uhPOFsAG}^;1hvtGF_FjiKO_bae+>69goSLtx(- z;hIi%e#`xA-Y~c3uTk&8t-;K>5l4C%*kh5jey%G$8{BRX&@dA^=!}+)z+*TbcYZ~L z&JNJKnilcW_s%ZRlNhzn7O`8c0}WdTAK@zAd5*{6HI3L<^MlXRC^M_BbaW>_gM`b! z67~WQCxNLVC^KUnr&L7o@zN>YM-}5BoGLWM4U(4FjaCp9x+c0Vc{E*b1cfzvk@I>H zl)sF2^)$D)O0)Mg>g&z%Um$&a=T1+e1ICw7pqWz8y0GL$C%CstN~#px7b2b02Dvy} ztX=A^bkS7)_qxze=8)y-4`Tyu+rd*81--7`*-Db3XKN4?|2$Oh5R5WKb*IQo{VQHC zEX-90+R&2mV5!$y;f&cp4>@dHQ(xs}6&DLpp)Ka}oOSVm9=e@u?rfg2$`)PFPXlVhA%qz>1r2=Brn@`#-&=&`^!b}3#-lEC#ngPtOzErNQ!8>C zc}?E9BO;=mB6|CqarcY0q~*iI>* z{pm-+v)}LdoU$Zp_Bv}Lwmdvs=3U6K)Iv|n%F5dFJWf1M=O(9q%`d8WxyQwC?0=a? zX<2lop&Lu|B>ew9EQ}UxRVhB%4!r-QQHKX+?IVdmlf&MPZTAyZ3nz~Nqqpy&y{&eS z{`Yfo`1v9Kll?$0(ge83+)u&H;}7ec+a+ER&C7uQLx%_!{}1wnfz@|Q_ikhYoy&iU zfU603Fikn4^!MwW{bRt$Z}1cE|AFO!UDaV@vi$sZ`+v;rl3RiLYfGwIox0lEYhDJW z`C$u!|NawC3Gfq7DOtY%*RXDMZ)>iIy_Ki-OzX8eRaMNz-;_-hP2$PV{j;R2F}HN9 zBSA}2&L`j>X=h)+{@WfLh@}G6+4i4UL~)U2@8f?T$FLhu4Y$yp=CYLABL3Ikuyt@~ zAMsy&3C2~Go^`ghMa9!0VZPYdWBXoyhT5KcDhn;1WR74iB5Hj0IT%%lX02So7{&$- z({s^sxlg-J0_8fRy^)&3<8^rdtrqL_(N?_2akAj)VgH!@h9X_9n)^{W-G^~^$_+vw zQ;UGBxm#eIPNYMNU(|mZO>rYbxc?zBvUrI1AX=D1@%Z3To0I_W{|s~Tyuh;G9A%2u zaqustaWQLC}tcG6i475rjodgu~?TwKh4s>Jy{zK1zSrt6c%4uQB-F5Z_ z#?<}|RYPHn!}LG1L$=cEHfbGIYc5g}jfN{cj=Ol~S9SU?D741vPx9-r;KI~OmHOZn z*vQ;CYBXYs4vKVi&$<{2P50PR7=}A(Vg1?6dz-g~{*@0%1S0BcFV<@3;1_O*>0`I^ zo_HJ$vbQ>1oLdwdvlH$CNH?;q<7F98j-*&jZi4rNM+q&pw){)womFQQ>)W8=WgX8*l!++7;#w+uZPHTA9codd9t z-+K$D|EXd+HZ%tX99l#df-NP!f^T#?P_8RFF3wc0EVlW-QvjHiyat?!Sn#l%#oZ~! zwcPBJA^)2v`3h-W-&jS?&Uy6ZFYvpI{rwKX_#zbDtQ313gsXK$G5lvnV|bTP#kh@j zmBlv!SvFcBsj8YD-G2||3Pv>+pcBux7R-WhKeWJaabZr%{B0(SyGL+wiG#HG=DP~L z8QZq*_BPd6-hvBYRHr;?yR8s6*+qyCT`7Prx}=i2ly+`Z^2*rG@#A;$bVnV7ip3k` zf&a%`MS2Ra70$pP?mXsZn<3DR-txm3JR=#~ad(8w>l^TkuZaFHlo>j~>;K-^KXb}O zSH7zU)~;%)KP(|+E!16k7$abON8w+YLjGT3THh>15I_msq}rry>jddCZ-r-+bsu>8 z&@h%;lSDs1c?RS}-Y5kS)Jya6+QlNG7GVgkEp6j%-HQ$ghffj+>FD;xF{>S)cO}#& za`@z+^j)5s4c|q6Lx4#07f=hVY zUtSI1W}>)h^uah8T{-AIM*8il;P3Bi_f{Qsbx%Udub(;M-R-sQchRUNw}m{Adywbot$9vYgYeF2IH7Sv4NF zwXoH;9@@-3TZ!S}Y2Rq%YOXzN>a_VuJfm#gWBNbOgMm|9b|%#}3t1SlpY_pnVEZoX zn7a4*ed%A2OYAMKO@at&`}|JtB}E13Ox+DHID9jLP#~DHg;rjhIkDpSPePN!+%svd z$i2C3;<;bT*Yr+&ZL;*oM(Tr#{V#{IUkYMc+>4Wtb-Sl;FL^8LXAb~*tnR|Kovd<@ zlMjI8f=Slfivb9dCh58JpZc;9Pzx!uTbPf)Rw`6hxD5Zu$M86PygfI+TYP`)SyoB4 zqKerh`=$lq1h>3aa_WBW8hpW;m=~P`Kxzpj6LTX&h)SEQq*O-jrPmGZ$lD8sX;0#m zHGl$}eG2lcf}-}DPtz~!0zfM`9_3$*P>edP6|eCrFbo<}2BuwK*Ljbnl5#Ctr>EGF zAhTLhjtXNad4*rE777SlbuB2gM&ZpwnXURfeCR<(|NQD8f&s2ll#k5tmr9se-XF}_ zQZGjFkMN+zlO-(R%_v`0{`m~flOc!tzwus{I-)`>>Ta0Dr3K;xX0HYk2R(=rco_ik zM~IM8v$q{LWB_)s({d!B$jkP-^c9#~#?M@o+VWf6AS`#XMDRmQ;xeEaVGTn3@G6KiNf)Cmryq zr@UFaZCqZ}k|r-EoQ*I3a#|xF?B+W|Uw{@QokY(LcaFR*rDnC%ep;k1n9Xw$=9F3) zqHs6rc-L4cqTh^dnlL*&8Y)ffgMDnl~fy^OQcP zCfKDSkoS5eM+(~Dtf%N7<8-e!$*-t^kQWF|Jyn<1S3!=4lsXl0^ zfT#tAouR)E(+7izpvGn!s=>jgA|@g(Ocpy6vCDJ8`mUkuSkhH~BKk%w!D>Fzc?iai z^#d<|@}2g-;kc(b#@=#FdXxu!i`*x3JYKUkU0}4l(H+&LUrQs6)Xx*nP1djx6^IcX% zColzw5+cgDH^LR|UN?VV(~H*8KX}AT3misBlxQ}7p0+m3E-+W&TOthDMq{}iF*{ZR zwyMPwI+D-eMaZV>Vs+ki+jcJcd!^6A5@YpTvx3Jl)kXDgp?8-H;zMI0*Qel=NVZDq zdKLG!f33!XNk57UvXtho`Di40nh|4fXZbu@$&s|ODYMc{*D3EFJ6C9_zAA|H{BS(` zT|hX3+IjxsDkp2c)$ki|9m%Fp&{f<1ctzbS(*OF;>7|nMvei99S-q2m6rMiB&$DuS zMb5&_h+`1J8oRzXqyD>))j%+Wxks8mwFI(5CL z*D@Mh?V8>TPo43h=H|`l9Oy;*iVw#|vv=$M(O6vXD+HPJ0UT}+8)=tJwP-ybSz}%n zK}y~VH~-G)RKe%$@Og;A({mGROrUD+yl4}aS#_8(er=z176qFkw8f`+R~?B-S%n44 zoy_u$uMNXVM+!GTvZz(OmbkvckXYd?U07B0&peGWkVf>`FB$QIosm5Bl8iQscs^JH zRhq!yK!c=XS;HHmqQn?`$ws8w@y13^FzxNe>%JDg6QY!Z(SYcE{the7{ukh1<*tR9 z^D-oD#MS`E4!vt$;rO&H!BQe71&u;Ez5#al9|H0MKf~}ww&Bg}MUtr+OG;758!=(? zS5?j*_$xaOvVd5v+3YIJ`Ifemb-w0@+pDb6Nqm8&zy*vE(GWVQCmp{^0s5*wOa9fu z)w%}s^9Z;}2VFis?P&-U-|78BBXk}kN{wO1*vOu!{wQ8c3j{;U9OXaA(N@L;fX(MK zgUiS7XN4Y+YVR=&>n3^s%LPDg}QJ{;08e`rG#54@l)c+7GmqwZ^<%lrf@j)D51 zt{QI@s@KNK^3v%e9{?3GVR+_(c02F>3u-&!pS~h{MT31C$QKj^H_Ss%$nuDM;iGEc zewO=UI4;u|2Z=F`RdOFnf<&4_wMXdl9p||pZQ5;M#0U^4gxxZv)VDR5N|0O6)L}9I zE>iDTWQF_BuVo}r!K6ge1BALXCb zy;MVfhy_heO%sY*D7Stj9*4VQ?fve$g-g=_Kt2D`L_x9v`hSw+%a?s41v|y@0^1Dz zUiqL+VP8kKc>99tQvW(I>?Ej!8KSs0gfR_P-|fV1TS+&s<~ zau8toHMf$8j?JZ(Ng%)a}D&M?AHK7 z6m!fRh1RKiG(GKCPO*29TK zXuqzn;>rI_&7&&_?fv4e*unVNOF<9GCc(!~@G|x|w#c*cZPZChlq&%qB8*2bSQkKz z*e1y3Tyd{0xpjc~ia+H>QxvxXuh{kQJbx((jKoV6SH2AMNr&xCFHyYHnfVgyKekJy zUf_EVBF|8mgBSF+QPa%0DX-}I!8WBOgWcR#XI1ls{`#j|?ltQ$n#&0f z^a|iG;{M;m$YLbY-Uodb2@FP;pRd(GB1OGFW zouaqP3lpWW9g0pthsPr@(TT$0@DxDG=fOHZ+~((V=SCi%+V$%jc_5J6&8NrP#tgF#WH`omAx1Ljqk3*P5EtJ~pZT>hFg!(d3UpXk0)z}ztBAKj| zxG$4(;9ggf{sTXrfzx^qfLAQ>>EOJa@L8^8Se~%Qgc8MAt%H2!#;Q9YPdPg-$Dw-! z=&f<9v4=oEoklse>io!~2Ef08)ko?` zgt_xV9D)dzmc3#$019AAQ2L5j5hyAwoJ-kZYW;ZQte>Aq;4(RxP6G<_+N|rctcL)q zrzN%zvRzODDYmVq1}TTz{`W^9IiRbxWwks5Nc8WJ{+av0%)+qrY|gL;ek}Srl#Y#s z#O@q5 z_Fym;O59X7(h0-P1y6apzq*gPkZA>#EkO2qvD7Pu?wvY1E+CNv8o2xaYM`a!^bDM* zH8ea~Qpa^+&%RA{FZ+r>@%JKI0 zvQIcrM%fi>Q#n8!bb1k$J2`I@i-;9cNrNl%I};J1E!k6)8JwEZz{q90pCaZ!?yEK% zZ4ffQoDKy`o+*NZAtzb>1_QbcFs#jU*hA1!U!OZOk8;!#W#AFz3#8@+g|x+% z$u0tUoOqsv>&N(51w;yEyYYEq#(Z|LhYYVp6mQ_Zn~-jLWOO1}X_`Wvh2W|@YXeBw zk~Am`bptPVnFWg~)GHrierl3U`xLap#IV&|DOBiulB{q4(rJ8j_7f_SQz9KHB5*I{ zk=GVBiGT7^iYQITz}g&g8DAc!pH%;X9`_LX)!vV7&PF9yqM#dd6gJ&bX^{BJ2OpWvS zbg^ZM%dPj{*ixL3Zt-&KCYKixA^tuyNE)sWxJ{o0!E}ZBUaw@egd0+KG-Je+;qd5> z9x)zt=Y9!>&f?EWK9d}-?`(qc-BmC)@gt}05{-p&Yc^SL(Mrtsj}6$I3yX>vPuovV zY`ar-&IiQeC4)<2!8$;Rs2BTG6)dB}UIaMw)5l+T>+vu|hFF>6yxlvtwpM20pqCkJ zKkg>jJ~bKT{9P~bn9SjibkK$a2w^`{Q^f}oJL{xLUzce8xELEXqhxBj`(wBd_lqDKcy=;$p!eh=C%PcTP_kB=`5Jo`=k1k`)1ZEVEP;_(Z- zskPtWn8oR1h}^b&JblY^!$rG}-7chZ{wOo;_0>#`vFoISgc+VXD=MO&x+Bd+&c`0` zS)K-1AvDNeg=HmcI?dy|-ekI4E{*B``s$;Q$K?ueHHb&1r4?UXTJrME+vG|ICHjIT z=w0w>4G_=)_5nA@^Z->x7fWrW`@Q4*cumXlH|MJ%{C9qZrgww5ninH+Kx{>2`aK(s z#1*e3{KKE-*mj4%R}PM52E`S)iW4=`7X&ZK!v!ysu-}1MoauW?MuTHxAF$w{7aH#= zSv-XCow8YO_1t~L^6)XD5HJx}Dvp^y!?oVvoC%LFgXNx*Y1i5wPyzjb`uQ2@)KsPxReFpmbu;BcGWM-WoMZsLm)8v{3 zGt3p<6M&u8oO5SB&Qs|`bVrZ?> z+qFLr|C|OnI5zwx^)k)-f0W*0%CTLD?$Z$Z!g+MK-#j4EHn4Rk(KLui3^$=i%k?R| zKC)7ozCQ9=%FA28pM&z;KtnpBbg2Bb>E>j$i#KfNYjzSge4zd*)9otg-usTXq>j@$ z{k1Z6^kWJ%L|F7YX5~=s)2hx5V_dt_u36ycydRA;1o0zOt{P_wV zeYHIFSm=KaeffTp3C;cTch{h8)ZgwYF~_zkMh>o~gN`njppOmNu?un`{t`E}D}B{~#!V@4NwxxP9261wEAJ#Q6eQc-lB$DMIg78yERncL7sfq2apFhy!aD2eJS#e(S z+TO(c2!E-|mk%C({eN-VpG8pc`S6Y7M^T9N-?I30Ux`iUBU4RjInuab2AWp=_#$?cj(R?VTIO) z+Td&Y3u%2kmTj&NP|i*cG*N4WDamA_P|lNKlyPe^T2RDA6L7NLiFU>SgmKu6Xs7Dr(mSyUMQc6Aax2%w~H2Ay4OvxSXo5)7( z9s=enp-oF$Qwq+gI}wqiEGX=b{+~rZ(cmitbl$KUh*9rFPXM$K58*9nvMd0?Q8m%w zO47L}JI+&yF00QWw6V8im7Rh~v6)1hkLx{%H`=T`OiT?Vw-tk__=5M*2lKrDNopF1T;AE3 zr5h%?snEJEy*(P0^SGzi9Pq_u(q;3^*L0-(jl0!mH|P!dUBYesL-$fjyYXcMtZpqq zQ4G`AV2M%WYevuCd67?!GLP?nYRHDLdVnFmE52U}Ed;t*rqwO?`l`kab`oasLPaTtj zjUzy0_-wcq$>U5|$?ma$XB(>=Hlu3KhRO^YKH_b&PhBM3CL>E5yT1RNJ`Kpb=L@j; z`7R!OyLKAGE^kjAY};H7cN$`m{naLi(zc;9re`yQYs@h!O_6Z>KyVsbVbm>omsm&<1LaDN);V|UrURkzIMszi6OBXX|w zzB|Fpzm^X3Nxzbp{;}fJd)?c@ydGz8o#*aG{GLAbv%-?W%^IDXqxLeKl)y3ZGl%{2!tvgO3L;1=?m4o`;NY2}t+Rbk}3xE$wzRPpVZm8zX zoKzd|#yIh~2#|MlB@C3No2M?2S>zds^q&=*KRG#o>s(xzYLtzO;8XXqLZ_o49M?kY z)dVYR`*Z?!{0~dTg@}491!S(Sm_277p-pEoGRg9^>Um7w&t0dnqDp%PQ6foT{dq+`)(g5E5 z2OAz*rp}$WUHPsalhxx>K|707OK%B?JG(j+hAfudT2^Y@IYn%5)ChA7Z%Q{4!`E(V zrt-9$m6jpw+AU^DKAy9vm1vc&5l*~ZtyI%9IOc80wrz=@W(JwmL6s+%CEuV_Mxay{ zFSV-x{YludD|7be)3>H8t$`<)?Rp0i&))b z@TalSw5T{rp&;nuIIC_wnz*4mbIaO(g-~=QX=mpfzfq!9PRJt~y$NqvYRs$H_5MYv zn47>6K+C@aE&pH%>F&Q@|8e&zvVsTDVOtm#bNfon4N(3&X-p*UR5K=qfsqs+;l^HI zTTLxp7$lZLY4Ev0j)nB!H5b*JsOCVbz-+e$ zi}qXVLpTdg4OfEzDVws}`*C;V5}9Wxu^91%uPT>{P=Bi{BY)Hwo4UsNGTp@ta-8Bt z)n5GA@LJyS4$tN})tBq0KUk$Z#D~ah53%*=?5Ywi$6x5(T0fbfW*;=)J07OH7{^Y0 z9L%j<5ci|xjalr{5NVtH9|7y27qlWn)Kwc}Ci4deQ*?Xwp))%vX=%;hG(zD?;#Ilt z=T3vDZ4hKTDyeUQA`ml80Y&gjP<%miy_1W5xL(!kb+H^GoASodOpp;qv{Q%2SugQ? z@+Z0*JKP<;E4n#TGWYVneqFe;Y46vjX+`R83adSFTxH_VeJPHe9!=0}*C*&TBZfPu88};rU(P>X zW4H%O%vV8)S^s`{-?IDi0(;TdC)?3ImSaX`#Mg<11~^mhU5E_D-d(VVhWwZyYF3ai z(+(ZYPMwHOJ;9wdo90MSFepeU`Sl@tzKSp_^(x^#(ks4+-Kc^N`xvp{mG;`xX<7n|pcyH?n@R$Q~rR(VXJAyY>)LLwpC+tzxYa{^xHScGrMnP!>&@HLttNZ2Bg zC|UF+*AZmL;<#XQO@6occ4whxM(;-MM6WsBog=?@IehQc#e)>*c)y)|!h!c5C!cRj z>YNrD3f`NNnwI9+jC@EYoczS<7-;u&1@V&?1UE8#Jf?Q){a+2$>m$mgACxQ5wc>f$ zun!g8&%FjOSjnv%6By&94<|(AoKMbHCoUB~B!zA;yVc)DMeYP{p6o`eW%_y7f=b_W zTus~}X8z_uu3gs9n6<^_pg*Bd#4&c>yQ0mpCp>n7zl?BEJaTFio+JSwjMMXAm7mO8 zC>H_!e)EQGrL&GR04R8h8^epJqJF_t92|KW={ zQ~Nnfq=jEQM`uLu%$iELKDS0pe_r){$nEpx)fZ*!pUGVB?+~~a`+9%)6c1EAutIf~ z)Qsg_N$*PRyMVhT0mgJ=#prcrP(7qB7ONM`kkl zf_8jU#I|};giLq?3xu~eQ+NaQ1XHH*kKaC%i|^K_2~dgc_&Zi=Hts~X^zuQu^H%aF z_QS{WIj~F~)88YCESabq(k1d0HOnibvMF9;EIjkz?~rmPk|}gj?)83GF%)w2o5zW`d8KY{ zMg&#`QQ}lOH{Xfj@`B}sDT63lC1Bm>K}f;0wAkuCGP`v=Ph4B;*7}iT!DIw6F@1#i zA=96CXMJY#(SKjmE6?RlG%&dq)+;0R#7~+8w5Lf|1M~IWy@E;OUbt{}UN3HF{MKr5 zt_p7zXS?<%P)0u%NDwvRSH^z2Puz=`{EB4MJ1nXkNbjDFXD^&mnN%v>#%ocnPvxH? z-Z)Cm(9rXnQeiL>38?PV0V0GlgdXM01%LjLcbYNO6u1V3L=sgrp_F;5WqUFUDqf-R z0*#}5Nu&mGa}~4j_M!=LT3RcWp|{pb{5s)%sg57 zl*7oHx%_L6aofO&>bjiW#A=ruyz5T{kX8F5;-FPTU3Rtu$}b)u8K9ltVE<$C2Dj)= z(G5*wVb7;iR)Dd2`*Wub^WYBO02Skc*;dEm(-*WHf~t?N!ggNMm6*-3?xIEZwn!Tf z@lL4d`5w<$?nVbs%e}n!G7IE~M#=KUhHSpUa!5nnU(SuP>vWS{Aas6D*TF4O)#6;7 zX;vzr9n0X8WkitDdX~#_o1t-RYhS#I&J};^``SAYWG0f_v$)cn_zH-}rt*)QXCu4a z5`_T&l+IYq{0E$9Hr4rE!r4dYkArk2wB{dknngWe~i6Q1@Zn#@Y{JZ zw`CR;FtA^mMy7hB<|KA8P@_28{Kv$*hTo4Sz`N)zsF4@4h*nrc!-de$&X0Rjbpd-@ z$6MpHYHET_v4^3Hysn4&f8T$YBZY^yNZo$wtMjPb^~m}Q(oT2oTqQv{a!DmL;rJS{ zrJm~H$7@r8JXbP(iU>_sl6Ez*soeeRUJZ-cxo4LZ1S*?^S3ElE{4{4wD9f4p<1yX9zRJUO>)nLP6smG87lz0|r2i2jcxv4ljjH7N>p-O8 zs0H$ac{})6bX;BH@LHIi00^uift08lU^1Q{ar`#&unv;~5AlpRbxL1wk$Ey3@CJk( z)^AhDYkx1et6&j!o0RnB+qW}LW}i>7IfiT^8XUgvH@k6IjKo-sT&ES}oj26101|e* zE0HtaBR)yl*2S|1octV?Klx1wT6PuO+nskOIT3%V|E4WK1iu%P8p0gq9AqCv$|dh@ zmeFQ=6fF3R+V8!}DVuU{84(iv7_e3}8k8a#yf5f~pQ1m&&Bx{s0TvLKRGd3NZw_}7 z5)B9Hmq2HjEsfHm184bH6;S?3YCd&i8QYQ6JNwL3{^PLe)@3*o$h=xs8)~eW-h4J8 zwCz$yyvj4k1ao-!X549>0zOlgB)4!i_U}f|&2A*o5WM5M$H#;V)OYO^YCfrAs zPD%SE+8D_R2_C$-S^eN&04j8PCDoyfs=G{j_qg@n5pMRf|8>+bD&KZ4@kkgu9m%zB01Fw6AmrG?$DPJ%>wXz>CjPwD{7`Hws#4qb=N4 zEdqD4^lB>JHDOQ5(YbDUv8d+P6>J(1nQD3Z%C(}FA=SJvKYf)<1srn1jx& zZzg2kPf%skrWI}w{^@qA-BSaqTxOLda@T8kcs+`198`_EaJ*sJ3Z~>r7{fj=Qq@eJ zwVTySx~YKPkNhDN%QVE~!jS0yGht$f@3T)=WTzD7+9M6c;dGd^2-e&%G zfk-GYsM$D1!RHw0D(VlXEGFYm)7J*vRfI=#O8tk0VQ}A=Ya+)pLfe1-Fy34r)t%{1 z;0QJreyrsytaJK@Jiy%#hxto_O{kISt9Dh3B;W3)tt%2|)s;etl#87jrMtUKLyfD0 zxtJmcqunTv(?ySc>OPduR7#*rj-jpi_sm@oBzzn>v4 zgU{}bcDpz8S{zz63JunJ%ybE`mlyUDOkIeXTqQ{C`7CgBjoxlcZMG3-MVw~$JCU%WcHCRuw77cgQC7_EkIyBZA630OXS=n2z+5zx;k51V z;z7IP5Z5}D*RhkW?sB&0&vy7k){?Xs6{YE6m+Lc-yVDZ07rO@?S6S=kw$W;uqX}gZ znYf0Ac(!jFXb^u+f3awy6Mk{DZZSI~l)XB+#Z~daWp2ki7vU0qvfMhP4Iw;EgW>k6 z?D?(}v})DsAy!G)ijr-=Uurs$%77suXGhI9PFbfvSf-xr2%ZX&E@@?9syw6L8Trys zqBLITjyu9wSD5!^?q4oI1JnKG0V>Y{v8wmXEf9k(?grZA<6?-ZNxf{b!_G*gDi`%G zrU7hM=FOu}zw(!A^`P}c1F#F`6(v!~myJHyx&>ueaI)kPmV79)!8QP(>q!Yucn_5!-$J+*lQ(RIY>E>1C*Z?G*4&l+%nlHucbaGHTMK^G z+moMgz;B2M<*?wGQJ%}VrFnF5;z^sv1dxT)_8q~#S^Z6Vz}&&M8aNv_Bopoe0fg9v z`&1902Wt>Cf7#~Nl`e!%Csbd>?LpM&dh3BHU(T3d224e4JyLo1UI&7KppX* zMe2ZTMZL_{A^mI!dvdH?PQ{Fm1V4|B_U;Zl?OQj)M2nY}^E()6F2lAKm?GRA&jRaLepCu=4U--XEnex5V}rn_CjdPG z@ZGBq5b*g8tS(nKh^$)ssNUVFiU~<+E_lG)%I=*_A1v(l&l_@P5U%El-WGnVQhF@3 zEhQ)%sVBWf2@pJ72&931OA*hDtjp@enah2Bay#8mo&&3mK*(E6ESl zT<=2=F5}uAszdGRYGPtkEY&{vlD}V@w{eQ=)M6_D^svoamo3A!+d*Iw7-g&1wLI)w^x z!=b4<(9h$e@mqy&+)yzW_fP_j-_FNAl0p+Cegb${!yxeCJpix z&VIFd$b04Z9Rq18kAQ)v;LGw%t+e}@prgzJx)d^vTEQ)Xh`Q745b#wi z;Wat(DBry0#?j7qt>(LiukYN0ci+)loDs5P@rKC};spLp0t%0VGWyH(%ao0b!CLt9mh-RkFLl&a@m}cRJ>0UX@r3m#P^J# z>H^rt4+i+4SIef~V2}x8!D-{aKZR(AmS~v5avrrieIHu?BDCKGpPyn0w?^_;GmwCc zr}GJ@YeKC3(^fs88MIU+-ytftzJjMOG5G2t-6B-z;$TIC@~GX88HleZ`X2gDOz)qZ zN<7owc1lqRgn59C83BN#!CV5XaT&|`?3tgOL;$Mh^F-Z6S3l5_TjqB#hKR+wpDraA z)Vp{GT9-RGW!AHw##U)q-0Q**@{nbXyl1;$97B9?1I#=7RVQ;-wm%RW8-ut2^fhu2 zLV_-{$DO>;fZS;{w1Gz&rr#!noCq~^KkRzQ1U-xa3Qr$`K(CE?BGk|W9I~h!bgBts#r)xzu?Mu#(JE#< z-yi3G$Y+VuifmgLu{QUHY24xa91MyOu7c&Zgh1?4Dro5y+W4(Qs}+HYO?ZgYrv%Fc z(B`2y-k|!E>6bb_FIJb}_OPOv!GQuFgI?-t=uF@9{BI2_ooQ>P=2jtKw9V32Lg%^M ziM_uMb&6iJe4~XNX%u>kY6&ct{k!s)X3*Fs6%7f101`ie7T|rp!#ADqc&6>jbX)s1 z1*a6ERzEIE{a=zs-QILoRmvOwpqjh!OvBQ{F=l;(wl6BjR|DA$=l8lZ-F!2T6698w%B(zjFvWcyqdUNJjXt@>>z9ZPuEoj~`p8WT3Xz(`n!(`c9=PK^Q?(2~^O zZ|z^uztTPN`rvfF4$fgo%(_wY|6}jH!>RuNhw+Fa6_Jr$M43g%)*`#&I5s7bz4tn4 zDWeD}tAseV?AbuJY?;}6?|DC7Cwlk(+@Jft?%$uk>-zpxIOjPYdq0a1GPxtdLZ(+5 z+?Qy-P}G>c@cC2usgiM}v#;G8H7oRufHL-BRzbLg6GMW)Z3JOu7le1GjzWywr3S6( z18fBPlSUX`ZEv@p{jfQfOzQVlkx~4H1f(K#o;Yk?BtZL9*y7g`(jQ4_j$hPl^-vb6 zf7m!i1LvRN)8u91$C9n@)SPCFyi3l5Jd-+snX;b8W1qeqv zEJY14M-wQ*hzCPf!YTyyMlT7HTg&{!*q zHJ&aCR5{<>I$(1SxfI?pDv4#pjwy~oe%eCd=77L$YnYQ8kp-}iFFn2k$)t##T%=C= z5Qt1ENbh}~R%!QuXJa~Lg`?{U=!sLB*=yeRbngi9prF0bE>_hR{sYMQUt$`{vHD$%&*wl>2vsyr|e6`b;O%6cQgf==D7CB{M1 z3dw9S&jPw85p-d8)bQaZ7m$2e9G&*foC^_Y7vK?Le8l)Wv{{PR_qr5HI_DSZ-ewV{ z!f2tl2k6_`@v{%2E5*L&=vU>O_N*DHkD0WveDSy}RI9%>HDBcrTd(qOd$_vHO zcg7FeS}8x^JZLTaiI>0($b*}WR&V2#;p;$b)QicUfx6D(t8OyG%0oJuDU3?80 zRCEZV&jF)9bi3sa&h>XkWH5X*;s(FSk6kH@Swi5N2)v%Gx>4;xq)yrHxcEuTS+MZU zx%VYqlb;a)Wupf-4>+3tSv11=E@N7Me-EtMI zsuILcOX><7TsAO8=oN#66Fx9%-#obX7yLUCC7g@3)$~|q>w|c^P zGYb@`hm&O9TE=tM>f|8yi=>}}Wez;J=cHDe-Iuu4M}A*pp*}>Ec4|#6nQ2q?r-OK- ztuKhSmxa2Gr~>h6YZ9Za>+_Ghjn}$xvXq$&ak0m7nSXc#PD;uXK{W^bEWfiRhilVE zGXGD!-r^rrZmxnXu9x}QEMZc|;fd#}cLge0}ue19fCJ;;PLc&M&mk?h0mWh7*5irq zD528aHiO@Bh!RYSdw3(wvIwkiR|YqBtC=RujGH9(S9^w9bxtoI7zjgmPc2#J)K<-K z#|jm{oOLpTU4e%5{y>@M{{m&HID(^5NkKBYP%L8bM2!Y=Z7`1ex-FEVe5sQaAW!4Y zP26cxcsb1@ufzL#)sxlpOB=a`>5vKM0JBC%>Dvu-_e9M4aG_VJ;a2 zxKQJRr12)h3F#4Iu0aOuhS-2}+)G$oGe$!rkn+9jdU;T(t4#`Av?)?B8mfbzO^B}S zGPx|?3r`_|o~F@bXfgeObtrf!xstdmG(y%ZlkvIFrz6FyFK+BY_S~<Nx%C;P&jnwMOca zGbj{F+|zS$^k&}9_C{=af~?%L=R?(c+ZjkacFZ;t=LN)ph<)L}VY%cWwSqG~8-!XkacWn2|u{bHUWFYV=ILyqtW!xMxSz=4~7mn}du9 z=~N0Q1-}ux0*5f65JtYvQuyW!p>v*(gZxAd9n&VG6*k0sQ29?JDgQEH_mR+t5x<+I?2e6Wb18?|e-G?|KPwK9o_H)$J@*wCn~ zuUEFAN=F_9?L!h+)#4}X9(vhhg0d8Cpj)8)C=`T02hzD+Y>Uv&Qu^&`{X=lWv&E{G zLNB{r3twq(<(|h^v~)*_C_nbNuI?=C{I+x!8~3Htrb$r<9VH0x>7gPfWXHSGi=-w=An2hcOy zb6!YGNa;N#X-tzBIY5V$2G1gnWHmPO6A1jr6SXYz%Es?^ATJDje~RREToVz3;)M~`;;KtQ%E?B9T5p0*c}WEV z+g%!O&BG`eZc%AqR~xPc_FgoD>Z%hEh_^62>`TF-e`>lPtCpYZd+eizAZ3ZOdfW4%ep(0T5rJLE0W#(S-x!X7g$nXeDd-a1 zRKRb)3oSR?QDG6kdA+HWYoM%FfF&C7%__; z2t5jJLiqQfBs%#hvg(W9iqv3Akad5DSqRCe#1nx zuuh(0w0v)FIE+O!+fBD9VpLl##RjUfEl(bW;d(q!hLxjzuiuX71J{kt_ERP9+uBaC zU|~ah;r!eeN7meoM=!ls)k|OY$vN9cYVy|3^hBJ4*6^GvI@`BH*ko1XSPSmg;A#Zl z*2uAluntyD)h!y#YSRs(v&cPp+bWhyB0zjQcTS8n%W`n1pwUVR3E6xAxm^(n-A52< z;do>z;Q--bWyH~HI+F50H>ZY_MGc;H*>qm;<;-b*!s{dv!(PmNAD(yq1|ejN^B;*u zS#PwpbL=c^x=IH7TqA@3(M0@rfc41K63UDB_c^oGgkMu-vAu$2Sojew5S$dma zG&M6_pbS&aVm)`Z=UWP<0~;G}$uB(iLkwI6B@N_(U>tqDi1pi;fmge{V2VkJOsa_tqDghTB{(;Tx#J>Xs3n6~gp!7>YO?e(D8% zCK;+|y{st@)t@Vpyp7$4enOmD^U__X)(j+O#!+gmv=wTIX4*mcx4d~8Nk46G=)RKy z;f%ynpv*UF;iWF(H2WY9rO$d<2}>Ue18-oj)n-E5UPe^@JjW8^kYHmJ3JOm_z}?Ux z_us*Xa&G(rh&_0!hzpnDj&HE{!mkTk*|S%Xe=UY5@GMA&b; zWhU^;hkTGf$EoQKB4gydyp=-1d&j8bqLi!Ch~4?$3t)YVH)Nt?ldpIzEy~4Q@m^2l zOl6asxix|4GS6ZBf6dG@K8pmL<*I$;W026mTjaX%+KJ-6qey7am<^8B=o>bCicBRs z3swXNkhVRi8Ri%;J%{BeDM%o&0ke{EZ+l@F@oaxJ!F#s5FZVop^autOvq0m1Ihstj z5Rc~J&A0$Sb?GCV(xA#b0krl{kbR4zp|$61iPJbkj4QN6U+Wf3D@5P?GEJ_1n)Qyi z7YQqFZg*^PvF<#{p%3pZd%bLbAn);(_TmqJiI0hiVb6s*u|#%OkPll4k9S10XfDY9 zb7HygEzZXyu{#8OOh&-PwBMnVSuXU zDvS=KwbWEoRsGt60;5-<)=hm+g~vjBp-{Lq0hn-Wo!ugxZ8Ft zSJM7Q#m$)7AJ7;IbH?A3tR@5CUXOVki?%=twx4w4dtkL3Hmt-53fc4@t5EyVGYi#5 zL9QYT@4a{=71A{HoQYC3EJ_6JsiyZ(Es{}-mYNNzQy&~na6u~^KraRc=$)@bh6fT% zlAWWL9Dl~SWTp$oAbJ(Mo4?mXb>XSS6kk_M` zQf(ORWIWW$-TvS_D>N-&U>tU3KEsoUi;IL6;pZ)$a=jL5#2u=U^4$J}S>@@3w5miX=HcgHlTRlU!k#mye46jS(HQ51zY!1-5?@C}93LxT zKXms54D}mpvT`FZqds>faW;+PBUO6%x%ExHw17-2Brj4qOgUfV^+TbeTuykh&R%w$%BQQC$> zUq-DCX%Tvq+(kzEb-2`g_g;eDywt9X)jw>ltO&x%iAWQOlHPNw9E^D5PTzI}wx+8J zzhZ>Dc}N|9V75xm>-|LEsAmnj@6;Td%`9E8bU)Kc8u@B>-VKbLtM^vyH9K}4YQ`L3 z*q2s0#v7)qd5j#>fa0haqkM~H^)Ox37_Ju(#)aLAWtU@6s1GRWhQ_^oquQ`Vaw1KT z7-IsG-d&pGYAiYq9HG`sHzGWSvAX4lMOCt?#~bu9EQDl&T5d;iFqar40FYwQQ_x+B`@sUB z`DaF%1<|H+EssXdz|$If$*Zjvl4jw7eN{)C>)!3n!&jlYsMf?x%B|D8(3Sm)^mzJy zg`YBewE!{e-1@{_eU_(&9|_#sxD#D`Ck+~m_6U_?mW+Pqwu$qvh~#DZ$;q1*#V~k+=0|U_uA$pRTsX{lIr}7A67R?fuat9zXmHtKf@2(hLui$UV9F-Y=Wv zV_E%k&YW2Hq2T<+apC@IaEw>hi9uHH4a^LDHyeUQ+f82n*zGrZK%6mA2 zm{~svuFrNIr_7mO+{9%2E9H4sY9^SPo&Win5`BW3IsF+`^s9c*2--OAD zg`P%ngc$G$>ZtWkmiZ$8BWt*(zw(mSdDyR(Z+H5e-F?9+B!Eapl(ugoc^|2SP7ah5 z8T$D6Jvftgx5c3&V=Z?D&e3T>s`6z<=3l!=l3s1SUisYdK?u<|! zU8=^!eV9%SI3R;zJWxC|X3Gais5DMDk0wyVl?4f(X-Yg${iOqi85hM}l}yU((Q#Yk z7*bNy7!V*Q5kUe4CzTHpV*YPO)bC*zhiO{HbCqjgxHDWm@Oxr3rF{$M3kWnBL zj;mt0Hi&G zNk9M?jV$J}I#x&si;-M6BiBacC_K{10<-nXiyB+Rn|9}QkrBX!5jsai#whomI{n{f z{va2Yh70RIe&Zj9Os_aaUqC3MKadiWvA7i>{UjAq;tD6ea_{%%UtdJVoe`w~t`V9= zaBW9+5jvg4pyRpqzQ|!Ja~$F1N_j0&1>x^`Ra`_LUE{E>@z}ODi%1qQGq@+q*nTt2 zC}-(qx!&}cA^6d&mvGM+%@=lTw9+_d|Dm@)VFyRCZfr1s)M&q)qZv%L%ZPZje;u{k zY$+hUvfV!{-1ua+D)owD3GUNZA3i$Xgrl9(=lC*8t<_&sQ-t0K!eptn_91HL^srCF z2x0BR?t2)hSXDoD?&$vzKyCfI$q;V?Q$U66wSv?%_Us31kFMCSI&)Hd1+^RE4+2)$p_D zELLzPbf=;xLQ2D-Z3VN_Qf%kA#AA=f7PNfK!aQVUO}{QJt*=pTCV1Wf-yrbfw=jO$ zy4PGvY(eeB)_g(Vjz;=K$QB+vc=$7B-veer%(*Yo40l;i5}OxYA6L}T(b?b|(OnDC zL!paYQ1&y}mFbN_+i|;u@t&RewXI_#%jlh*t>v%040NwIsXbDQHy_Y+oxd@B|1BLJ zJ^|6EXs?3_R9yLIDVU|AFA@4jUZl`-?W?@rV;bxhXq48blP>9!FG6eg?eR6Qeei`u z5~rSw%S5WwWZD`h3Dm%R_@Q#&%YL-|hRaGeX1m>Sd)TR?FZ*Jy(FTX69SO1pnK2h0 z=`BALY0OC}FDWcB47`0l*K8Z#e^5rLJe|5euBk+SM2c3Op}i=pqSAmvGs1;ZPzCC>zT(n7cDSGAr*XvGL{kc>!^LA@A-^ zq1c_5eMiuf&$F|$*AbG8OMjRbu#=GID#4xhMpjhg_F^J*-319a*l>E;`_U6 zie$LY1(U$r1=r9rGIsXaGH4^2btV;7Pm9S3B}al8QBV29W}^uSzk(&MpZ5H*+WbRh z%#$H%)AQG0v)y{Ae`QpV3jcXwaRz?=Oo64TQwY46Uu^EQa2^eh+TKCKB#z&k@DV31 zI%5@Vg{bkfh=@{5ZrU8dP!h48Yz=!kM?-refZs@Ooqxl_&Bla~JMR?&L!v?6G@}YB zT74a>o?%Eywahaw4gLsvNk6o>xWHS!!2V=`DT#_0mXB`67uShMzkfyf@M6hguzN{D z3H#O#2NUivH`FkikvUZ&jti%5JooBLq&nS(I}r}7%pE^oO z^)-r;j9{#I<(}fyu{K6B?P%6xRX3R^ew{(mU9fm-_MOw{!TS2{(9P2Weg2pWhdU)2 zBy%P>JLX!JMnp>j8E#7;FaQJ~cOWyi$NP-JrtVwNQ3fR1n_nj^ z-kF?RUH4Wl^Lh6&_wJ1Us!v;q*w)&Yg9$s^Sx@?XzOoy1N_lqKwLBWj`WHx;(`@iQ zw^Y@3{m{gJfNf38>A=w|fUEAKol*zgad{xTp4!THMh=Ke@6t;a*patF%jILg(sS3|gqAIZ>ZQ4{r2KUs zFYh7l9Q*7`UJ05f{t=Pv8J=w+t6@ULf#f)P+57e&9HI*ECPge2nRak~A)CzZch$qB z=6SG#5o*CvLM6+Ax$}kvYOOD@2pjCJE~S4Hc6)RwIv;$2Lm;$%-|jWV>o<`;J0k;* zWs5Zm>zQ@_%d5Sft;RFEX6Y_jyztF- z%nz+sDC)7e{v6%&RP--;2Xy?`-Jk01SoS_Gj!aR#<7UHA&KB1=vym?vQ-I~)^00H` z^Y|5S`Qf*S-doI+j7&QjuRfXkBy+Bb58qqXUHItV$0)l^)%VYRWj8q`l56BzxbQ^p zW>Xf=slA&bpupH7Vvi7nAXH>L+`}((#=-cZGahr@Lfno%e^?Q>qZB0oZRir1jYs~# zl8fa=bqZ%eG8fA(3EKw#u}{tZJ6 z)p4ikK`Xblo{E9l^mnLQkNP@{Q&ZMKgSKoxY<{oezhpcLk@0Fhg{G8b+ASPIFe~pj zNy!p0IOBX53M^Z(89nzA5mB|=6lrp25OBMXGtwf zJZnXhsgwjdoR>0lbO+i?+0^$x{tMBi>mcG=OAbgkv;%>Zrv&`iBRU(3)mdsL^(E2d z5W1`Lb=Z|In~}9UdXAc#IhR9IePb7`M*08x zWqT^8@jR8e-s1W0eBb`~UME8!8&jS2M&iGZ{pKbd+ZV+@>;igiJRzAE2ko?nrIV9f zboh^myR3Uj`=@1&Qnq>+er?lpxYV_o7}^rc3)7FJw6wHL_rLxF1*s-j;!U>Q0bO<= zgNSJR-};$@ki$Dsvp8NxpBtZPtlKAQN6P|sX?C^=zL4VSlvTPOTNL$#+USSOO#Yvpoh%!fF)=KGeHjc#Uwv%75Jktb(lME2XBTwRPXNY{?XPJ3i+_b z51&!<3sw8D^O0&R{GNaIEeClapsVQnF&$*hu8F-5Lr%;^rGENS%lGfs*9Fd>e|bPn z@}eD|KfNeJg@2Tf%Ga3l7sO}>D1y!lEK%dB`KT*Ag5wGhv;I;sGICwCb1W-;+|!<) z&g(GQe!Rfp@V7?=LhMPrO>yuat?@AktV5-S{QH^! z^`?-zQXJG@5^^}Io$e(iC9N21if@V@Z*H&>Tm1gRX?1L*KkO^}aNJy@UQ)Jv$aaX}3NyQ#B24mBSq5j3={>!XMONg7A5ch*md?mb%v zY>8x`$E-v7C5WiVK(}uqA~Bi=U&A)Qs4PsDg!p^TNXLES>mR0XlF6 zjq`G(UgGnQ6%fR;SHxhkEIq4l* z#e3G`LgQr)On2q+3!1gRm@XvOZ5bZr_`}z3V7{!mm?XOa4Ch;#eQ{_ziXSYR3{@^` zPTSv}&;3$%=R7LuIbYvv*rN61=I8_DkRcSW!|COF-Lp(9hF5)<^7tI4+R44Wy~pY} zf3?`Sc3V(*@0~G-kGw%Jd4ICYY!IRnZ zh#iC}KX%N$r-p8{a8)ZhJ&6wU{VTTdLJu2>t1V(QGX449stUUWxy)L~mz`jqxI zz{CHq9w8^$cYh*!5aQ72U7o|ZdC6_On)HLrezt;SH{22C2m@L62X&)!3a1-EGKi-e z)ko6M(7Yx|4TQ(nbp$*Z{9f$RQ9})!{T_7jwp{_}lN!1sH> zG{O_*(skcXZ`3`{*_@5F{!B>y4TNl?4mu(t!vAnhsFvw2Ch+h{fEhvv{bb5Q6N6=Uaamu*$pMN(z5xN{i-S&uQ%6#tqIF#^O?DRuxwyJE z&2qT51+(mbo0j%iVb|O>#s@m0I9^HCh605SwZH5L8QvrN?w}PRY|GYdzSQZt$v#)} zi{eL#HS;NY_Ljo}7a%J}6wY~$g5~R#^o>Hy>X=rFLI6ouwz-ze-Dn+j>+hHp0`QlB zg;VxfItO5v6N$!0k$c^EEj46;{rZHoVn3;5#B}!f_?TZxO3#<|mU9STkMo`r7N!as zFc?e0a`G_x!ke?5_9(Fe#^1z=htCbRu*ur#eflTB8#?{lVNE2uTaYX*E!}8GGoabqB4ibQa`7aa6DUeq>%r_p~xC95@mhUqNWmoiEUB5AUM?(m^ZgXn7;| zMz+6@0$gitYH-&N@#%a;Xb5q?{U}AQt*ESA;X}dRpI}5i(6&Xjzm97*lxk3}7On+a6_Bt#rRd(*xW5ja0t8w@lazWZl%%W^oc6Jv6 zSG2a4nRaBwTnC$@m?+wbST5k)w(nP%g?X&n>ip(ZEM2axM`F3PvOiQ1f^#6kbBj*E-SP%;20ASd<>@cXvd ze04Lq#LoQi(WB)c+TN$8@{04M6%}<`V@@Y#CHy%%IJqrEsB@2{!E+F>vG?^u&fbb* zb}d1XYj$sRv-h*)xQn{D2wjyiYRmVRA3^qiky^UgeAhQ1!jGwBY~E?;wCkPTV)q4q zlEp}@TTzzu9?k!^c$bts_%J9cZSk$ernyI!n;LFQS^?5K<+aCtv<9-Vfti7sKU7ox zeRj-gDR`s*F?PA^8nw=GIzhAR0VI>7qt_j^iBqez+;NvhNTwMui?X!d5_k&))xmME z5INxuY7AHIo7b3frhIycYp@f8FK5zu8)KRubAOa&ma(5<&mX7ZEl_y8bc2<6f z4vdmq`H^$G=}l)!7KWAHW$m;00#C_8XTZ0at+|M?`d0qC8s=6@wvzTLU5n$@RHs*a z2A&M`Znqkl4xJs$k5#aAYAKuRiQ0U(y6ml7vqsIg&ySor%>qBhsQ#OO^444mQ=S++ zSWl*vZ5Bq70zA=O^&T2VamSQ83u-5p3oAQx20Zm+Dk?aDF#^D785#Wt8PGe+jwNI< z1}ccSo|V0KQnvBO6Nxo;>o)g*SoeGHl&NMf*jk}Zl%BSA9SLwqaf{xo1<<9I^jK(_ z`!d%wr|dB`@Q9AL1=DBJJ!-F@-%VI9^CTv|fTd?6gwtSWdn?_2WBEcZya9FSb4z|` z#lAfV#*%{zn;6cf;sxm3r>ckxfG?2T{oDdJ_W-E70KGNksOMoF{-a}4ymmI6#4&0% z<~`oJ6aLsopHY0pE!klsT_Jq653&lTw~86i&JRqVOYKLP;;NQH*@j0y3Q=blX9^b@ zp+B+!+7YDe`Ht_w<^<>g!;kNUkDmo?a|_*xz^367qLRhM8DQ+|GlL5MvXa%>dTApg zN4up(N|AUobjzL3bzl5BuY?5b)LT{*^lXl|=R03<=}2fYqIRD_QI*2;;^-ot&ZU;l zCV@8dq1RL-VHw#$bRjM)sH`>arGiHlB#h46&B6s4RJ#0v62duJ+;6KZsh^B=hpzeg zE7okerT2~N?QA)g^{r`*%%QVO8thD5;_PO&IqZIzhD&)9DfkDJHv`Xait16q$U}df z0*7mQdV2W-@U}FId;Q;5hZtPZ`HV>nqPh9dZCwcD^;_^Ytn9&%$?HqRvJ3MiI<}a% z+8B@rnssJa_Z-8>cZWXWaxdy0JFU06?l=GpG7`>0n7Khs@|bFZw;+X&SuaB&9W;-sSYJ#(1R(j6Od9M*AonoSsbJ5+Y`X zDAWUB!&&ww-SPD@kH|+tl1|Hy^1M#pH~Li{ddQhd&FQuk%Cs-LDC}zk3bXAFqg{&QM*)HDuRS*^7iFhI)T3b8v1=7;-Bh^6ST7AR+(0y z`m@gER(*+x<;pa`Gwr_gN@t}ZroNmqbXxJP&UlepushG;@{pgzA+@)E6~uCMCLT`Y z=)ICP%bAc1|18o4@+wtJtX2akwoK@2uN^~Pha&5uLvMZt`e>ebdBS<6v6p$s#Q9n}tP zcG`V+KDXTZd@K3n&o2+|@*vcF-n(+7NOJ9p^?cc{RrZqQxx8v>#-P`mcg{A&_T*%> z-?{!JbHTw(SCEy0>rs}ap7AP_N4Q*}9-Yq8S* zotCUs@L`uJg4>PBZ55s+Thj=vh@~R z7}I^nKsKdlEi1I5WIZ4%vh$>Xh~Rml?6NO8j|!p#O?#Gx(eYogg^qxX^3YFjCnu}$ z(}RoSlV;04?8hfCfg3XTPfss9%>?M3a9x@9L)>`L6ausWMgE?9A{8wSMMEDdRc{_dpy;dBT)HF!+Sq6-TK%J|V zM(Gh(E9*mDBvq++>>WPU*Rlvt&(sw#`31PGr{qO(J9IZa38?TUm86JT{UUxpH>=$> zfr{h}$LEkkDS@ULuGGa$90lv7tl2cAv4B``}e=&mqkBpNc;@TVJ?dTz!F>C$ej%mhF)=rx#I4$pc*9IAi;ZQ5x6C$=mV3t1o+ux22$@#r^O zT?5f);^rn6={y{^+KyOCk#0Qef@Z_G1kCBHof;EI_b8~b5LtHE5=Wv!k$Qmgfu#fDAS~Vz;U~Zc6Zy&A< zxy$0BUHC=oQ%6#_YiB%!;W5n^VBuA~Q4C@=kF%YV5F~F>p_psyak+*V-qYO$O?`>+ z@$4cZB8?3kYq;10!faqd??&ifX@F829)E+YU`Uc>CQc3P8=vgRoSV$7FQ4(8e``IO z*94}bzT#AV7_tkkJeZ<4!b{w*6mG>mZ|YWqkdoi__V(!XbRcO9U(sv-IV9|sF@@!x-Xc-; zGhfnE2-B=&vmvzKiqYKE0jOh!c)Qo-zWHZ>YVw!U!? zGbxU)w8m7rrZBn=_*&PyR||hciH~5rZdMHn^(3IXc1PFVEX`j9S;} zwu^$krRDt0D$h&~$06N3t(a9qSk<+QGSg zU3!lvHGQw3fL0w0hSIY0pB_WvRN(4~!?=hVEsB{qC1cj)&Ye@@JhR&~;tZZ{8}2`T zv`~om*tdL)<>vv?RHdY0V)7fSoXZ`uKR7VIf26F~ePh@`%ihtk{*fB+%A>4T2>5YF zp9iHpG?9=s4}sDuvJ_qQcO%Zl%gaert{YasY@tGCD*hUmo1+yFZ+kPHq#?4 zaQy5!etrf67Nh?6;++G-6Dx5A$q=M}S=@te5KldE@Pq~1XGHS0eUPv!$ zhI}VPK-w^lPvWQp%JW?e?>EbxIU$34aopg?XN$aCLyCYB2oR?u*__Q|T!ts0TQsMP zkXri%7(#D@Ab0SP?tc$7AL4W=Fb?ha^QF76) zYnz>P*VPu98T1VYI_GBHRGMcX#*u#)dg467B;kd-iJ*Bo#~| z`s_O|faw%>HW-65om@z2YHF^|3kVCJK-`OwC{GCq$C0mdeKAkoW8;PL^Ih6ppRVJg zMI87+K?diAC8$CfF7jHq4NZgbfu8Kjvz>lgnv#;T__TDe8pnJ%{7Bt|ZQkF_(n2yv z8XWf-aTJ{^<#4wT#F&DD!nbsTivHEPfw}a0Ng8D);g{3-at?aGqt^q(tOZGd-D<9N zo%E9HZ`{X3lR?Znr=lFL>dVN;e9Fp-)%&ZE;~6+@l&7)X8DO+k-I86vS#0@4cV!OT z`-Pe>#!|2=ePi0HpZR86p-hrGev2>yC`jKBV)t3L6XoDjFPFj4+dK7<;`fb%A?o%} ztx}2eT}zdj&Oe6de=8Izr6ok9Klt_Y0)m26vQGAk?Fp+)dg~Uny2651e%~zsa8myG z9dllyIp)upoTnb8+g8URtm8)~6epVO;^K0OI5{wN5X{$OdN@xQN7>JT47d*O)=S|e zw)#7OoIczoAt8YV{AA$rlkPJu>?QM7Vz!HSUGD1J*hS-FyGc<}HW&0WIyoTas@OK= z196>iNSJp2{{6P^P)0^0UC7#k+;x#G&B^6DBNd3=yYeV+pyFrOtEtoOMwo z$q5Fj;hA2zuzrkMfIP{nhOE+}XKcpyY+5s@3~oQ`F~M~Z-w{V(KJ^%w;| zRO`Eu56k39(g_v9kmarMFT|9mx_ zAy*uzqtvPhg0v}yLSo{e>Ymz3-Q4( zx-OfEd5qo_TWq(TYyK59_8qMCm?D-n`R0_-QH9G~qUq!6eDKy?!z=vE^Wp-ODk?$e z`Nb(AyF13UJk>)Us*}sV9NEUSwY4>N6pO)N@(l1YWAHj5^}CkQlz8^JB~HmB9#kW6 ztelD*#aVDMQDjN?a5mKvLB=e{8b5^l_nF$*@I8L~xRF5}%!9f9S!1#7!Aht8Q6D>M zwPokA+{8g%ROhL{8=Pw+gRV%G-KY1ZHD)z6b<#C;-)d^iuGV}gNX$^qC@|Ss(}Gwn zroFi>qPWDQI)wYaelP*55{*W;y)Q_jCvAU5QWcJDk7$;?Jg2MyFd}Uxk2KC4RpfZF z6>CDJ%Y8U4Fajr-+g4Yd*6l}Ejp-%r1(k{}lJiC~1Z2igoIfvoqNyo!VLLEeR`xKG zX2X(S{}Su(pAEX(*Uw%2d_x-pOb0FVuXRs%)vDJ%mv#H=<3;t-!Ftw@RmB_ugf$Kt zr}rPzOirY?_)|>u9V!KaS>od4kl>J^h9WM|+o~09vx1u6T3lT0LT8Y0u7MCeeMxQJ zh+O})qr@o6)V7uC?$kx|RbVNwRq#ZLZ5EzeJ15N^KaStn)^fsgCnj8Jek3b+CU;t zJ9ne3;p(eLw<@DL(DNIQZo^#1YgA9}?{Uc+RZzqq9`R4+!+zt^$+&7OV|z>$S>pVe z&s@=(lSW^#YI*`|H9K_&BYj;*Aw}=rWt;?ASTr!D>i%gy7j$w)J_{cuuq-%X+BTCoiBe5=S z5W1i0&B|ib8H;&Dz~TK-v)J+^?H_$kW_%eyK|xjfVgf3!5;=3~aM&sBhY0|m_?}Vy zDO_>LG>?|-S!ta(G<9WwfDf-AF^O;&m5>4gX&_)a&L5OF812SZA5zAJZ!S}s2n9_b)bSy~n17}#Wy`ZOC9dc#TTM|tT zbkr;w`|0g}kSpmj?Vc@(+&u{noT1iQI1j3K=yU?Z-rXq<{aq{;_rsEIG{BUX!Pk_B zF=@<&daoSnH>TZ?O3weRt$Z3EDN3o#C`>7%bhs?x-4B|G*K(-!d{Ki5DZRrMOi%ZF zYYlwS(E{(}A5?gi(t=VnEwwe3N0RaHYuIFeUj~w0P&F6qocHFRt3!kds^$_=RrbjM zK$DiLw?eyMiGJpF@ND&On#RclJp3{uryh=S6n5wsD4qC_dwX@K-xW)}RV`l8{*BI3 zF}!*$s(&RxVU<35D0!#CW#@L+BzSggwh-luRjUS##-YqzyO%6~@fHr-bw*$>DuCP& z;|!(eTtt7HQt<0iVSL69T!;3siNhNU)XCGJlS2?sEK>8$UX2#B5bU3K(*((V?;;-$ ze}O>E^4~czWGh<&vFjSg|9lAkb4I#!LG65sCU*cxO0ld9Pz8cRosJ2uN~cykY)$giVm0QhCOCRt)Yne)w!3VWZ;BX)XG<#+4K z-`9H0-sfEX;O{^VaTFkS59y-kqC z&ncHKgb@BGIbW11^?r2?=j!fV^9}%?av-r~9A=LkosQ-VJsA}9+ojL*ES{2=GS3Cy_l;eAQ zorbpaq9R22X)TL>WuR7mA>}-K0+@*GDO7b3{$14p_SAC{vGtm{+^M$#-xe1YP(J?t z%T5y$JkRAVGG70>yiMWdP3ccB%r8xCZD zTUGlo;h=nlFPX%B0?pnS()w-hyjbd4<}4S{e*l+o%n(i#G$a@N%_#l6<1 zwA|9I00tjdCUJ81C(87Vls!BB)z!Y2@d0H< z(=M#g57~Ah1{xNfI*){w8E!bHBrpi=#j+7-MF#^2lU2=ab^IWPDqu3bXL4LfkRsP~ zU#BA-5n0dab;_INK;QKH%l^25WQ)VFrWVcsi}@SP2Yy>{QqjZ&fdhCu;Nr9uHktfV z4T?ZZx=slAA2E9%p#StQHccvl4Yy473H+cj!DMos1_?tUM`9Mjkb2HxP$f+!d6!sc z3SH{C(Y%gf|7s+P9s(ZaE+N>*1%`6Q)jhm(Gh6K#$n-yVl++znu*}=m*S4M0f9GzD z1eE`5T?+=I$?_pu&mTZF?;mCDmAe}6!}R7&MP3xXaBK8>_L0SkjUE@B|EDj|2;R#wD6Vg3FJ^fQNwAk)4Gbv_}!Thht?l^=x663Rr_nIW` zAtzL)##DL9sb}$=ZW!YrEOx>5N027ZPX~89Y{gQ4qtji=2<{#v~Z8aZHB}c@bF!4#!!5Mi z*b;%lQ!4FFzx~}y5n2@}@ZK0iEzS+7<>9!ZCFqtLqE_v^MJDxV~9rI=V+`c>n`f0<5HZ2YAHAqP;fWiP~e{J#&N#;U-ei8LsF`EtYC$47kD z8O9S_6GG8hol%%0#fJo%({NWSx~k2&lQgJkn_J4Vm|ZTm3;M?-i9Zl3s>}3*Zkcz> zF7qNRl5UXifvTOH*7)e?%X+x>)+OkvdMV~uH2=1eV|j(7p$Q>&8s82ciVqRoVu6PD zu&}U~(b3WLQ6Zj%-Q5G@>_!O83a8!L+hIIIb}wcC19eA=RR5{8=|q`Ee!6YWa$5j- zOvV*;AJqi~yv)xlil^v4H?u70`1A4e`&iN(DdgC4`&91l8ZPNo$63SEYfNDN1KVfAWH303kV3X9;ywUFUp4QK*tw%%}fv&t)QKK z{$|@i8YJA12D;CjdDtY1zu;X3gg-Jd!FU7P^Qtw!MTADL4jQlm3tBna&6}IM7=L7$ zYu(Q~f>%%FG?%Pr4alP|2NdR6HO9$8GwVQQ@qja`3d{L>=oe47KjJSD3acApu{nr} zC{83y)h7s8(lV?dv|E~oNvl}6q60cp{h&J_g5ii%kNKr@=Uzcoq}x7lBKwdIzdX0k z?{Q=(JyimH5?J3){7-9jzc+mAYPh|Yzn!JyaO+!JJ`(^t32C8LyT0_-LNq~Zc%pa}e=-;7%)!xc zK?Kx4^5LB?E-*uNX3ly$BxbpERu2Xlp z^8p^WNUk;M?|`G51K5$#=p?`GL}CP@v-eZQ-?f6$LtshZbmA+2{E!4cq{d9{*iik! z8f19jG^T_P97o{)v1dP#BB{7yDWXvtwCXdpcKU!`sfQWgU*;eK8h<7~_iumqk2kP$ zh?k6TlnTvFt4WFr(?8?#lRC=t;6|UTkM3HtD;=Ho1I7E~xd%S1_wI8QVtP1Tvb=C` zbFD4c)|AnqiO6joAXo`EdA)6JdeNZYRR0}!b)z9Y%!pPcOMZ&t-Cb7gD3b^Zi( zw)T(0bD=p$Hz#{me$3R{7v9$%jZ@z4ccR#awpbH6Da`}dc2HX!jvjS>$VO^h3Ig#i0JRc6cmK;rOWFMQ->RD~Myx>@8szbfC9_)Gsy692pA6G5Zxw5a= zj;gGeu5Ib8M-*)ol`XXD7L8h@+93@q_dDA1AKlj;M+q)h_adzc+GnfSFwI@|J&Z-m zew)_oKV0WraaG0{{r8#Oka3p`_MB(ir~Y5(iS)_{#EDRxq{*q*1*!#ckq>{qSf*oM z4jxIt=B$oB+*)(JU54e%IZlSjXl#q?5ybZ$rr|AIfOK@SJ<&YgxKpqx+_1_B`^w>d@98uL zDXV`2+z9jEvVFzIF7~ z{GCNHixe6Nyk{J%K9HYhDGq zXGjzMQwAfZobF2Hcl2`P*e7V~Wz6S=^>Q$bwNB>WpNv3-wto8{`HScYCk58u-c*%X z&&xyB>(SjgG{>vj$prGF;nTVl&pHV}qtLRap4m>P9}xk9{v&?w=`*Ch@Zb@-FT!Ol zVl22`j)t!$LZ2}nZuNI=-^_>*^&%40_&Pf}h6^Y2R(;9Kn$Z^@ZUi2F;(3o=FI{Q|+!b5V)kWPh3IAlGkWijnM+tMk)3ZC5I_xD%1 z?o_C9Z}8B&Eqrf-T7 zPYLt%KE6JTFnaMz;CjxVHr8a|#Av1r$Khisy8)5RC#!LoFntAkj84=S|j_M;^9n3g;uQ}1ofb1lG5}xpr<)i@LocMY}E#tYp}hQ z>O^HxYH?^FQ}r*O6}DQuh$&xdC-{O)Ai_A z1U&tMDsM^FYS6eYO?0Zg!H-Gk$`VhkW`}O}eX~!Gjc>CDq30T0MuPQ?joA^!nDgoE zP^wC=igZz60FE`gTJ${**6Cc!rM+Kevh1}r%v{m4A?PaTZ~un1bz>B_sp+)!sp5{6 z)%4p4Q?jwFwr`Kyv7eIas$CW*e%RLwVh_2?yAJWqm6rQ&aDILubqewfisxmK*1wutRbXe<^oCMZ z!{TJu(XC;+t=suOX>jqEvlGd0>CA<-))Jj)CyuLErpI$2w9 zZaE6j5(FZxxcHVrgskuWlqx?UzH1#?NFUz|Bue;_1ncjH9g0AWQEAdVNmK;PTyO() zkiIn74q)95fo_#jxS`ArRaI4X9Dd~f9RtzJ{aCdlI;6>A)(iB|99oCCO+%v$c()1J z5vdl`DRZ9GW(F==%^nLx@P0)7T_w_KFJ;_ZO!nm~cudK#TY4=2c|1+PkrP9zfr-b6 z8y_R&;d*%-?`5y<2WNtt4z_E_+H_zOdAIF9ZfCQaz_nAAH+Sa$0P8VejA{{LD#VKj zJ;B75az?90$2KG0Y9bN~{hogUuKur%7|JT+T>c?V8YMZT*!gZpw>X}6{@2u(9xK5D zIdsNB&jTqIKLV+@0Vo)|i@UphHcmL3WT<*Re@lSKyKeZhgVz|Y9a&KAd_OGsk6S6QhzIo;qJ}7tFI1+|AKw1L z1Ng%Cz^11*pdtpz6E7nt`)g|fwv?SGLr9RK1V@!BL-&}#H`OrND|nAJ75-xQ0*&mZ z1Qe0dPz%`Bv=`n20sExxh)_U4Zj$nZ{s6M~-wX<@seTZabci3@F64f7fYn+sISe=% zaOru^q7WBdgbcV=^Ic^eXlgfcI9|}-;-iQV{B=R0MUoG^@~|9-a(r*F2Yi12?Phk^ z?Fe!O#WX9g$Tr=Oe&ks854R3O%94W;)rcJI>s#1$C@EYKcH8y>qyDHCk$1E}Hf|~G zJwy0EC#t6t30MByV*~KCK!BBD)K#}#k5%~74$*1`YZ_rfW)LKa^ub?BU)Ul@+BFmi zn=4#_bw{L3L@&b;Y>1oj&5#!$%apicYD|pa=s!|ili zdvody9%Q%ed9Lle*Acj0s@aP5{5xXgN(J@n*gTP5yHP2u&a+GZAW9*v=Un z3&GN3&7IyTpqyrCF#ZmqcSL|YZUqBn$O9Cg07k6&Td@0YItjQh1t0xTAhV;(hZtD4 zx$iJwMCr}9Q~LpbG@h7yc-e(gU$^F{K`?1;R0 zZGDqOM+=koS`SqhU4dZ7z5^|Ge)xzNCZ?WXR2y^tMp1eos~8%+oOI-hA8rl10Hoc( z%>=PY{Rf@Ton~758um5stc&G5dS;V9qYs}+`;W5lD0Jl|K2N7ec(iYBDmkV0N^nYGgYBC3*Tx1BxE=n zFILA19ucA%*(UwI2|K&i%Dt_(^)~Mc{{ZWF`%bhDbYRO7e+#N@#px{{yCeGkvb7gB!u%mIH>_t-Cs_vGcoeqtXGicqf)v&D^wh)?@@wg@& zg(QArR7T{^AfA$4K`*(axsq`TJMysDm$6lRYs_`+ZRp#LYF*#ZMnAQP+csu;TXoE5 z6s{vu`N`LUJAlpCwXi(UD(yLo&s-wNC zkG^nXfxoNAdB*X>ua`@$50br*6YD(!)|-{U{s9&wFb||-;+ZCU7OdR4z>n{NQuin} z0lV&5oTlr7suQw!*kAG9d5(1s8|5^_cOFR7++7}iZL+dBECY=wuHBbS{WpP8JBs${ z+HwnV8V%t0Nk}$THgg(__=VQ0Iqw!IV5_|x@Xb+n;yOy!{XUXN&_tS}-g^j`BWwZS zLiZ$0DiF77HzKwNYe0;5vBk-fPG^TjTsitVtLyN2LFLBjEA~CdoN*gVbJz%m%SY}) zr*zn4R9<|t5Jhpv6@jGjYk0j2JsD3pz5b6fu11ZPy|&g)pZ6=O_iT}(VA!`3d_3{dMV zBD^*qfl3Rwo2c`nrQq_#!a+<;<}XC^{%0e|{|g#Ix2(;-jLXROkL0Yo`b^erwxqVU zKwGhSOtR3$jV}e;D*~K*|H3&2idS>%2>o?^B&(KpO#Vo}iCBZ!sK(xl!l&s=x|*o&^deU1Vwr%Ca9dVB>i30G|L z1OxMtA^ANVq=|8UJpnGVjCpKEa>7RfrwYQhWr46SzBnud4X%yb&QS-1`Yii^UI#qG z*fU^*ra^wZBckqutovH9o3ZiiHMFw5xpsJc`>l-W0@PhgS834j2?+&=(gS^vFrtZX z!z%s`?27r@?DStHjQX#HVVL9x9dT-a!jY7*(kSn4Qg$`#>(|#8iWXac!rVt>t6fG< z@vxloAAN$*8`mH~Y=>%t5wF(q5WOdnT zt!}{RZpW0`*8*t}B?S~5TRX@0?=b)N03C7>N;AnIT!9QqnGuny7xgB7WM(~1_skyl zODgxi#%gHJN7TX`yfT z2ZhyFEHIvJ({X;1YsDorOB!Po&{58KFl79FM~;3){$nXCRZPqnKuip4@u^hNZ)=M> z#8cTk5_bI)7_B?bzo*S)*;61t6gs*r#_au~;#&H9jk_?wpSKjOKN~9F>SVc8Hsuq^ z*{wUbfXO*WiuK2#3Px357mS%KO?KUvC51cNM&Zu3Bao+Vjt@MKjMd=Pbq){~>3ko6 zJ*#_EypVtXIzV6wDplr-3uV!Q)KoqFux~p?EO+x{tphA zxcERMn5nBw_kC?L?<}rLdDy>c9pHHg8YvGUuSjv+A^ZpbKq z=TI^?3zEq>$0~>`pWKK|tRT*`HGer^YBW%pnp!pUxS-YL9gkpgYKhYVM%QNyo5xfC z_A>QBmtTT2`dQs!n;bvxEewC~tM_pfb9G(sY}h~}P5hg~ADDg0Tu?A=YsiKmfTRhT z)4OZcwe4eXo8pNuFv0xFIrtU`O>x9in>*qTqxhlqHLfG*(RcgwiqJ@*{a0aW!D`3f#L>;Cikj z3r))?i1n%Ovh>WXr=Ylf2T7|K69I)eRoahj3(SADFa}l`2O7VzBKorlY(^qgwc&5R z2kp9DirS@Rll~3*-f;oAsVd*E;spi1uw8EN+P;wx@AK^pEdMV(dcaRJheaVk^6(Z5 z8TK?Ao4%eN3(Un(78DeG`}U0r=08V*cU;Pp0T^uI7~V_;7O&R1J%<=XnEO^CM)mji zBlXPT$&nWmKQfcExdrgZog=|dxi+D#nj0HWW}8GFI&x;)h-{C;qW{dt;={%x$^Zy{ z<^x+FDHOgLI|x~?qxXw{4>{zJAS0&Fo>93KSe~Bf<)zRhsdt3ji=ocftq9oT&_01upo}yVB?E9B;VEa zcg0bJTqiTJ+f#7Hh{UmL!n7dV_f+L-D}3={kPEBp>(F&pqlXo@zO8p4V^z*XMtA$i zD{t0ruE_lu=u&H6ONPC+tk$=bgt3Z%q=@i{_K10g<&aXLL2Ivz63J9PZ=2) zZf))L7>5!KJkrES9TJ}YZxieP#EdlDSA_L{hg^@hq-`jN{mM%QcPChAdQE;emDm@MLCfstCfw$*-|clY2D<4yU3M;Bke7F4o|K3 zp_<_CNJtyA;IGrFLS@!)tXv~Y_BX|6o_@!01FT>nq?H5>X<%pqu!p~svQqpVZ@v^k z(l~}UJ+YO_EJx<%N$xXNzue`^oO^`P!8t{va4T4&DqRb*fjUNn_NMA&zEo-AIOp1m z=9;zeAFc$xkOCfB*u_INz{M)GYVG$7t1g5WH#S7P^n(eGT=F$-%j^@2Q-9h++>D9{WT7RYcKX4(!1Gl?j##5_3R8HC+UhZn>riMPF{S(%3f9JYS78+&De1uKm zjfmk*))WpYjqT~!Jp?ZRr&s>PsmN^tf}~Po{n$gD4nquZv&2+u zsW|?Hr3Q>d5cTYu8l9Dj9&*|CpERSUMDJ%^Cl=^e;xH(5v^(&{(IO}JRp#FcJQDr6 z@xqs@Rb=m^ z@%X@=O_tcbK082y%|u8D)*o>ap5n32fai2DKN^PcZ}o^$#amhgbMKR@d0t@>la(d# z=D1>!QT4JSZ_yoZ?_)ts3pt^bZY2QY;U%J-*k#f4{>QbOw>(fI0-iA$e5;d6jfa0P z;i8IaP56(*JGAN)o!?X2S$VVazdnxOWhHQ>8J@SRY0&MC*(h&i)*_(TwccZq!$c(5 z_nuWMzK7u{90RTP!^rPNE)ZriUOhQx&*)XIq8On+lYU20*NO6+RPP-z%+v}@X}LV!fKpI9T089#n3Na!1x93Whn*N_^nT^Nr( z?RV6$eU-hon?SOmxr(_b$7xI0p^=<{kK;%8(f1BJsUlJ=3MQemh@Q5NEAm}^?uR35DX=WSg#Maq`}m; zxem|E0s9BbFSFkE9#Yx`M%X2 z;`MiBWDj-Z5v=z<(Ofm~beBdP&0*w`S{6MTH|B!r$oa)Z&Dgic$CkhE^*VL=%s1K$ zr5GW?NZmZidbHV_@Sz|n$B(G)t?3wAO?cS(AVS`M7Z(`-l)gU7>z)RD^|njb4*&Gm zJF(&|R~B1xe&-3&lB-Nknbva4T~0 zzU|MK$|$wb!x=l_d)x(Zjdx!k6#yBpHoiUd8?O-{o)el9B~<&={=d&|Y*9#m0|-YoqsPrtD&2WhR3 zN!?EBaxE8(i?&7te@R)`Y4-55H3(Er^%SmGX6i9_ThqvRP90>O9?Fzz*VahZ=H*}$ zW74@ekvJuzRWuf2CiqYyZ_zDQ*-*5^$_kI?e|6*oV3-jReNPMkhHkdFi03QHmjIaR z%eqH#d7};+y-0YL0Uezt$NNOoFj71P2mYAe}y^OX{nXA*Qs`nf#bqD_sekZM5w-J zD(=m)Ry0ZBPCaMe$<0Pw(mh*I-&|GpOl=~|OTy@$Tl4bz+gH(%ni;aAVI3J`MT^6> zhv-_jZrrY@q#Ey0-U8*Mf#6^(R9V)80lv!>QNWhN9|z2bbE zX|57&3d}Z3VgsKpKdcB#J-@^Kg@GXFUm&=JLEb4oEV{s!U>!>Z#!xt>f(Fsn)5AC#H^N6SK}fIm7?@Y0&^vN zqICS(gbKSkyMt*IZ<9;tJr+@ONR3x^iS@{N{{(YWSlDHzpm58D$<_GN!$Z$qYV~5q z&NJa{<@O&|FF~A?uT)+0M&wf}=nY8pN?lt91;X-D==# z^fw$IzOC5P5OCJKNmOqEZjkr7k=%gCz_t@XDWYc#)S09tdKbe8^gY(Wv50H^HL7c(6RloOnNvkm=wMOnA96_{y;i#GcV8)J=C z7HQbxL@!&@cuu)K(38-#sqCZi+yCIpgz1><`ud>k_mPQ~#o`U)F*T*DJ9#7od28*^ zg_<@s&^ejOAFS|1WPQi9@sR*yzOTX9_0cu1lj275Twe(|7h-==TUf<1EupU2#Uyp< zG%tmSWLRXE1QxZ(_gqG;-D96BIKlq4@pkzQtzO-&Y>f`Vf{t|EY}e?RkEg^PNr%M# zJw5z%3~>}f)KaP3L1M|D7;578?kDQFl0Q4UdN4L_bN1w(yFo)W{K^$3Y{@59)Q@LN zEuN|zt$Us!$#h`hc=pSfMsJ_E;w|Tey%X9tqjO+sJ(r6<8@H6Bcgf-7K-eLviNfU5 zdmukeo~SJT*T+fMXS$qi=FK9=8>9kQ`O2%loIfdggl_yq+7nJ&B~yo6Iz<%(t36&B zTMuP#PUW1)-rpiyXc@O{>CCGddiZox84EX4qs2RuM2ovtD;YPM{Sqj6~}?#T{J&t7!D5>8Xn;% z!+Q`nr1j)gGm_dh6J+gMf9_9UXJSZB$aqvrfqkF*FeHEqucYEgt`?Z&HC@cOXX@;* zg08BQ;xp8y{pr1CPnuWDk~>2S%EIAX>vBg#Y@G>R}Hd z$&@{WsFJ74*9c08A|E+FN1GWp^Q<>9-ZvOXneTPaCfJrrym7H|1KN;<)zY2>(R}IY zSAt*Jh-_Tg`nsCsl~ZMpJ`Vt|Q)oo?R#U2-wv8@!E&QZxGOC##;res2o%agcXOI16 z$otrTZ58G4SrMx;#$7&n=AmVf>A`^&;vDC`8=)7EH@xa_oiBC#{^N&fW#_lZdFg{( z-@60K_U*y!U!SbgwwY8)Q|qp;8&+PCdHJv30zb9Ei<#92wBMJjgE=Wvips!it&2eJ>0ihiz-N6yfoUdO`Q15@XBxI3Pn4=wZmcwt9 z>A>4;787%fD`Ga&PSdIv$c&1;lkXi|V6L74HQ#!$=aTkI$%A6Mm7f*j)r@J@Kl=>6 z{eEiin%_PX)g`A<|D+D5n+^_6Vm$FoblK}+HlY{nZm5v0)s0TrBz)pdyf1M-wKm;g zCC_n48jVI@_-M#ONKUuhpSLzJ+HfL<!;*>@->2azDElitmxD)*e0O`ozdB!vzhitljdj6ygRm9lQ%G_%PTJB zWy7t?T(;9){D%N)sb~h)ntVBk8EmB3+V{b3y$Wv8a@q{G9UQN0>>jtv;! z3!GvVU)&5!JHygx*aX?kW0$y@nJ_OxZNz8THO}SSlo&Mll0-}^QB302Dtw7+ZF9D# zrOS&mCjVg!Rn0lJomPhht|*80l=LT}TpXZIzLhJ`BEK%yB_bBIH7vh}aT6MzU93z9 zBTg_k3BXP=ebySdCG)B;G=bMhB{Sxc>P)Eti$|HlbI2m$J$d z>5_H@6y?Cp43@R~7s1M=+Hb`p?tqm?aj`PWC^FNA=v?@XVgdrwEY<_cdAVx!#^q zX7kPzQGK%`asUaup$ks_YFzCw7XW^DA)pH(g)a@sRa+XbMm1j#LwyqUn|fWoA5#0L zHIm=|pp|(u!up6d(N}2~6S@rpLd7dyYrKWnX|S_9l@GL4u_D4CFMal<3w7O}FaUmk z`eCuch*G3CwHTPAs>S_odQ=ZDPR1x`P|SUoVz?v)ia~M0fDe+IXokntZ}2)3QWvh{ z-qwa{gh{7UZZ}x3=xyCgPJ-~Ldi({E8s}?=T`=wGB3R#eW^si$_XaG+>SGiRi#%o| zl6#8_?*BD9h&B&s6375=4fR99#9z`TRVkK5K)Rf6pc0}+K?}byDiJ*rHy=m&>Nsb% z49=iBp4T~p9uM(m=P$$hQUZ_OINJWy4XhLKPhNh!WL(2X#1(z_m0Fua6f)e?NPFBy76B&pMSm0Wa}Z+7PlL=4i- zEt&3cddA!vJ_t{^6Gdv}X)OsRKlv1Iuj4#F6k5X5zXtd`=~f`wP;*qv*O;aO$L=4S zcDgOzK?-?7_+L)D0T~Fgof!xgBZ54RhN=$pVCD_Ore8ykVtFx1#qlGdbbAQzu%v7~ z^g*IUtw$D*qPfDg54m%wAKJMdZA309)u?cKfJi9-JF@QEco; zWZ>y2jccu6`9t8z+*-Oz4`-hwIc>eloCYbdY3x**^U@RF0U)J_$a6UCfeX*F5vfw0 zFiNvH1OsojjdtxA3cNT3cW-`uQ_T#HTlwH%NGh!t3nj>cL;N{9|b<(}fa$n=%x ztwzw=rvi+y*rWg)8bP=u^{3Ye!eSn z=23Ud35_e^OT8ga>P{%qkdUX4q!E8izM{;DGi$>+--iT3XQtjA6~|(Oonr7$#y?e!u8{UtLLX{`2R6$S|m7|pCMVVW5R35>~S)6;9I!S?*qv0p;04p zNys5h!5+S5hn3r$uD>>M6qI0)Ag$a>qoW~YyRhz=_)m$d%H_~nM34`dacJ2TJ{FFj zU2!_JJhzHsifUR`{m+WV)JM?;HQ7*)w*nfq{(| zmtVPTtG>sLegCObr*0}K`Ct4{(f=AILluiYigJ}=N}}a;jSt&~DLYqtNmhgLdf!GB zw_7mYL(oFQC~0Jk1zx%DSW|zD;~l{n+iK)ydYJKyNyA7hDJwOleK?k@pXmY0I$Pyk z778Bm$|#m{W@TeDy&klhBb;xOQ2Xk~HOEi45Q)k&`jdaTy?ZY%RycKnoq{(Jkd~|M zu#{-83BhKg8b|u*_;?d^td@fNh&a2)xU5!d8E)N@Ymw84jf-21DE!&f+#K#QsT2S% zY)zl)Jwd35V!B;cf$~1Y zT_IVI3AlIwhcm>AOav}_w)6>_*OJ%$NM)qtPG|qbM>fZJ-a&71-06v~XBrwB9SNKZ zg`8V2I7>0nmXFC6xM!JN3y^5{QMVRI>?y8iy^vJgTmJ0Ry6rJbVoG@ zLtE{Q>1chbgDNb-sGKNKyUhhL;^q<7r28UzPKLAHvyq6vopS*j5EMlFg!7|7#0Fw& zPaL90ugIelme3H(**i8}%&cm}WSP2uKa^|u)AM1@!vr;_!tUwQFMl?lsjA|&lZmbk z=TjEEUa`xA?K}?j@x7KNy#eQ0oq*y&0{jqXlSYr6fnkrURWtl&|MO+9l&)js#zxe@ zucFoDw}OvUdI*Vqls59WA_WKLT-VN@;f&Dx$|1AM6;nfU+fr=tpA%tCwFz?DqAQhby`z5u7#HHIsFRPeO>I)Z@Oy^ z5169cqotcXAA3UFaumVcBm@;Nlcs)|@>J?atvX(Qkj;_$Lgv`U!Kk&E^*I410c-J~ zU6RHJ@>Sbp#4QMJd;2HTrg13{2UKQ+ERs%jp345I=(cL{?D^(UTB`M&nzOt9rP1d- zTR~1gEt!086LBGLy#J-ye|qK5`(g28J$Ei552KTF6u;oy5Gcn*x~LUyxigPNu{=Ae ztgK{E^GvwLv$OAf(v#Sorz|D`Ku)TJHo|=%D7n$oj@Id*c0T;58A2=y28l9?E)VHA zV%}n|;as24`#G(9MFrr5Ha+N3CA0qm1sPg%5C~&0-YDqJ#lCG(TWQR~B1u8jh1q8}E`9%)JVR%R%OzrpA8x7T_N`-*c^ zKKux_@p8fE@dlVpLHXWeJ&Gh9N@1h@UYMz$IOnmo+0H55Z^%;J>N8JdqOP=y(kSlV zfp(G`5J}J^u=GcOzz@zJNE5C=7$Yz6N2YlI&b2=(U6xBdMWk@4YwD(y)XM?^!#fMO z{Mnc5i|svC@-FKq&zw1P-r6uolw}b>Sap~l#BB*Y8u7ycE}|7No6AYHk(ayvFE*v8 zLKke7+-|o|IvxLwk&LaXiS&cJP6d%WSyO9kO)&G;%g*~t+BRDoOP^!F#gy82L<~uU z#o_{C+fI7KWc=l&{|sKb#R((`Q4!i*v!%I0HqnK)H>(C>ZakVVAAv;q$)TSd#mlX_ zse;2s;_ThYDKB5v-hlR zQl}c$1YKJpBBPxbls&vmpDX0JI4>0WRao-Yty?{9ZhmcK`4Y`b9o2!(tp|dVVHcb%6~MM z?f_TWuU__LL|PyQ?Xj#NDt<=9BCGrbXuvQ~{+A7(tq*+9O-?ev>_?i-LTesM< z{3~fn&rqQBwNtK_ zL4qx%>EBr(O@j2B;Rci9Z8Ok;cg7k1Evvt1;Q!}$B(f4apMY>~wnwCqELe6{Y^z>DyXDd)T6J({tg2@B854pLk zFLP$+=GHunP3pAs?4{Mzg4UPV3VZ0tiHMCh^^EjF1`fKeudOUsY!1EDt97M5K!c_r z_g$aUE;6_k^&!`&%#?F&kx%`f*hMAuRW;0U|6ZwPrwnDiy`~G{P6L~3tD;%2wm$cZ z5^@1`V{xQLgsAAJO3`S(rURtFU{Q+yN-BxE1_(%XSM)_rkRXj{vL>X$F0l`lNGMo1 z#i4G+-=;rB+|NXxi{>6?pbuKctu1C1K5AAlNO?SH5?#|=8d;perT+DTib7nu%T!*^ z>o;%SaMELG(JQ7$=zA%gvOG6MOi;pIfp`k)#Woj^dDJp+v%S=NLd;$5!FSwBzis*wTyE zu|VDR(NNBAcX7b0tM?9LTwH}%x=9{KuV-LME*uWsyN4RYnOO1w+ds1ny$3H6^a#+@ zzreUnIVjB$7b@S=)8jptJ^NhSq_enD-rc!jytmp_$~>ilAu(((^M_07D1sg~{^@TX zZU|)i$;;M{cQ%WPQ*SmJk`kVPq|kRsdO0ipPY*efo0A;v@#kK5V>a5Vs|HhCaJ14+{E*M3J#C`x(mWcGI^nrsVP z{E{}s0z+T`k6-sCNTePTi|=fchO9ew@lyUxcg`)IjX8|&)_7Hv$<&9`A1^R~!UKyu zm}ogPMYFl9-ta-3H#wGIZ2I}jr>OGHtjh6n@CHZHDA=-xWoou*T0-d@^T^ zXCgvI4$RD2^1kAtJ?Zf07EALV2j6B|7&C zhBciWDEDS)Jo`9Tv+ex!8^6_sa-XRhQ%=<4Cql;x)pt>e!dByYeraB|Roj-AzSR^jRIs8n5SXVHp$&nq%Io=W+s_0V|J4Q3{4Y zPFtlBf@6cv`#L9+uw{p-U+H@(e$k@i#6jor`#%r9zse+EWC{`(K&Rs%o|>AP{*GgM z?QH(MNzVv}t5x9Z$ZpI0-+F^#X+?gOSj)I+6crhu!560)e?n?!WzOv;?0bU7AiohILig>(U-YnL zMY_Ka;!WNLt>IDDY(KNLI#X0#w7#Z{U#o?}@}}bLLJyAjhj%8zJfR1NL+N_Cpf(_3 zgwe=#JM<($fC>V=td4f3!@2ZxuZ+_bCR(P5OMtv9*_pf4oM=`ch7WD~_arx@VJS`j z+I|&)=A&JZ^JNf&YHMyoG5C;BS=k{Qq>f9SR~>l_{$a2(GxZF>&k_%iDZIz%On*7(%2DJrD!d?1 z+5g%y*+JtpO2*rohRbiKbNvmJ|I1AFxy!Nu(LF{(VP6_Ry_sn{66>Cefeki~#v~VL zTjX!-x%_C=d-K+v3$tWVTW_4!#&mtZjdJY@ZY3a+VMwUyltU8TqIB)54OjTAXw+KI4nBKco8L+kXqEeuad*#j=zLfthTP_Je=`g zb}IO$&Enneuk6oyo?lt>XDTZ$Uj0v@;C5|s>@Juk0cJrvpRhWJ;(3+BGblYFOTa;J z^%;`bzKE1@tmj0zod1-wwVgjhVF34@{mX0g?$j21JypLozFh{^gVYvCNU=UU z01D}tC!9wG&U$}eViG!QX?FR&Pqxd@LydEfWavNS9Nx)t<4A|ZM+-$$F8KPL==v~{ zVIc8$xX&CxA#`Y?4jA9@)LNcyd$cmQFZeSC=_4pTqc3)>%5c}Y*pPGCdTHt-%s^(_ za$`H)j7ZA?gl$BqKev?@_VdrK4t?(MH2vroAg)Y`EA8#y+0JJMUpMr+sAxbAf_}%d z;XBDwBqixf+lt_)9!V0(ofYep=8y%K)+-Khyrb&zJ zRHu8k>-iQ)!_b*p$X)+wAKZ(u&u<>(UgbwcBnP6p3y$g3g{rU%)F01(S;)(WZ?pQX z1ND62>zC`3?&tz2Ym2_s+K|Z}OnsK74cyZUQv#^Y{Vs0$zeWcRPK`IZT*f4cSVW@s z?`m9b1HYsCnd}DxWuUmspwW54c`}GG7wod6>=y*T-@o^K`N)A6xQVy(4&fPh`mcr_ zic({l`CQF<`^&LgwYnVEFGf}cN^io3|G2?yEw=Qh&3ah{W^53O^d@U>6~oSE)t|k; z9@);agBsga1o`c<0tx*oy&G18riuR84-H;R1N&d==o$xBlzDwzX1c}kNaknSa&UKa zv^CNj`3|b3QbiHUl9AB8cDBIza(>vw}zvFWkn=qcjC12 zalIIkbaza>v%C~)(DEe5<%IEm|Emi#oXY||NxFJsT^$Y<_-G**Ea>SwAqtKYI+ za;Bk?J&lkb3t;@jW``AzkonA(YB{D`q7M7L$)iO*-j$cR2-2E*J%If@(ra^m@UAtX zD4nN-RkL!QbcgUmv_swzG2Kf~Is5%nS#A3Q{9g%jKE>qVo3>ewA+A+=r~O2zm(T2a zM@?UI%%_tBk)~{U2i+KVbZ_eM0mFpzd)vrDikUa!EfLjMHp+Wev2vOj1xumv&($`& z;-@(#az9>r6pJgs2P9Y!Q;q#1FRc+1FuI3p9XMXlC?X&5zRX%ksa=E&M8*VuM>j3=G*X&)O5;&DZGzi@) ziC`Z5%979-?Z6_61kZsH-GCVXidF3&W9F}eR9ihRT>C@vSJ=T5c%JPAB$xPP|4fCd zuF*f9~)q>kBX_?FEqSA;SvvmN;D8`@O!yr%7hn1GB86Ibm_f5{~>j7bL`{I zRJQX^7#Mc-0ewS+B<}S6%fD5jp}gce@L zTs`mBMjXf0dEgns9b9MYyTdf`(9;2;8`!eQQ`Jz{REkMI?AJX)zpJpKh$NX0ooc+K z2AKVnY^X0s4M+8u3lSL%wChs#KX*q?I5%_Y8t2Tt75{TK*i+sioDkj*9;Wppd(gpH z=>qPc8t~00fBW*>g}RB^HCxBngk)ujgAK3tVWT)k5^mME9m_+CXMgm@|LmKi41FBg zn`pkF|Gm-b+<*t))DN2P8QRZXSR?kiULMFG{mgM{;@K~;Fh4K+5?Dw)mvvDkh=@r) z&!1n^Q55z)7Q}OqD}n=t0A9=0Jlx(1+4C!Sc(K&Jx3P%5mc_KkcM;9QEhLy=DNB_8 zO)b>Ngzwlj+pngM1>7BiIER8dF`c8qZ@3xk3#lJm7fF_C-oIXc+!EH+B-yYA>a;SR@Z`eM_Cm1&Szx$X>f;F>I2F*j#Ci<8f zm1!Jc{?hE;ls^n&$U{@#DZ!IaReW|gt|QK6|IT=t6sRgUe8TY@VmfYW4@t1R1b)O= zL1G5>c#;??{UZZ6>Gh+m^`SaJkK>?FhSC)~C$<>vnfT&YA<$GpNJ)ZtJa0V7N)H=P z4Ev+HyUsRe)OF-xnR0K3EiQ{(`&WH|ssEn_{2g1iiPl!g{DouWw>atp9+llnbek$L z(Z2t2xuf3Wf^KQb{#$u{D}VJD2H|^q`r}`_M*@-lG3fPU72>}|hLboTEpX?|&`#gQ z4RI(t50Q}L)zFj2vV_1EjCqliQ!h}qQ|I7*g}%3$N@Nb@U2JF4LBDboP(DA>kuBu7RBfKs z-60@pXc&8Sj(O{N)an3RY*JFv)RKUCHy1`N`MZk{JW0GVe)rl*28MMa?Y3od;Naih zj9u5Ah;9pwPc!e{#$$t_n!%l4eKd09%D#)<+tCnoo*ofaV)reK( zJN}4nvReSKvSmarfn$y?ORpNLPUhb_cDY1DPR%YMYEDMzl#F{wys*2*8(a6O9N@IM ze;&Ug!MG=c&QB`Xp$UC5GV z<6fO2`As#vKixwG-dH?YktrFfD9cyXv@WvRq;oRFtG|Xe7JhW$#j6AAuR=Fwd`3B5 z8eILdg#~E&OvC=0RQnYP;^w!HRE!dL==sjIo$!&Xg+ik%Q^gP5J@`t`abPTj6p+ZM z^KSijd5>Zy{%0@0f&pEj5_`KvcX58=^SxJbuj8bOc7#r96|!Nw`PkZQCvETOu0&yU$%H;Wa1{Z zV!!uWxI_}J4|tKl&!hId6!+F{qknHeK)}G7%1hIk*O%A6YdPliK5pQ%94i8|5#Ryt zNJU~{d^~1~HRK+*uw{wow4arzOzdz%KAXx1}xbYk%j#+HVt5V2<~Uy!_&$r&L*TaqHY0=9ya z*9v?qg&b<0=U+=Q5sVd-{-Ae$L{GB5T0yf65(2m|_l%bUbd`ab@_Nl%YY(lEAh2V% zI>aA~L!R8FTcGMpi?#&CA_m9bsbj;x`lO5G!Ktk8dS|AOxBO~|B8%937~JwBA-L*2 z50-amzBygW&7_6~Fa+#f9P9JwMXkoKmDoNgCV~$sA(m!Ela@jD&=QoTQ+jpk-uC@|?K<9MCammQb6AUo2~S&b?JO4;!pZJ={v{%!q@H z$+x0^0GcTiID`Rmg)nplxN|lM2)2@@efG}-tSpn-NJ8S$m>t63fO}dQk)V!ChwMmx zs46@kjjA*ot7z&J|HBH6DmPmoa;4=ifmhJXh_r(n3=u+>q6T;Updl}N0K!yjtImY5 zpo4=$bk+qY0>Lp4Z-iC4*OM*SA$-D0>00H%~{L~M?E>a{rN3^s_j)H}UV5H!t zX&kBc=m)sDd15@co>Nm(v&WzRpWD&64&~l5X>QYB>stCPHG^TFzbQNr@7g=?e`Zv8 z;s9HxPjL;q5)^b`LTT-C;%_D8AI#iBrR?pZFmeff0Kn7l>Wp6$=C)}m!L3de%(|TS zW%60UUi5J&4$tMIU@PllnYAsA0vX!p;czaN= z^-9vzOvML?iHV8VUKs%L=T=;j7mF2^0Za{JK*de$&KS)lh*G9HJIoU{s^K&GEE6;? z>6BHU_D*Tw6A^h7DYD@mHbbj5m8Ho&LjK5XSW)4mDc+@Ad@ zHDDdjTkB*)IXmf3AK9mr=Uo%t@ofN<=|m>u%}d5L=%(4pNpKYPS$*tegghze{D*#ggAhXtQa)?{ z03Z`3*M~(Ka4C`O^Vx^+sN8JJH#}phFz))cnwqI`vCG3130esf!j+rTqFlO|iqCu; zs`K@*xsccvF}*3g*t}Y|D9HPoF`1P0wjud8txW#zTs>q&Q@JSt-Odkf9y!s@iIc6}=nzatKqMmJPeuW^7OLT2Ss9 zy^Y3TjxRpwy@gqK5Llws#{hzC?Mq+%nv7_jl>cO+Y#<%a@zW53%;;(KQ0ruP4&zJe z4jq8AUmmU#+aLK-fp7}FV{CW)8I{)Uwah92xWpl5IUt*jFon$Trghz&^30^!>wyY@ zGE0|M;^WR`%>wMY!uM(FbA&G$pFnqGT4n)5829=Q;r)MT7XQL3K}Lt2)-ASeuO3TU352v)xG4;3*6j)Ppr}a|@ z)YqX`6n&3d$TBzp9t+r1HPLN{42#AYj7zqb#Al1Ojs1g(BM9{kcKk+Gz!NDfWdF^{ zlbxB%7uGM>q*V1^shYh!U@lN|bn5|NO`i+ldu~5h{o*SQp_=vH^FSsHxR@K2U+TIo zrobS`(C?FksvxEfE4qcakMpr^%5s zQosdprqYg1!9ZmUkFqjNoiKi9!Stse?z=d@$#mZyPbE1R4}^yl0S-bnn{Fb(d3aO~ z<|G8zNKnF37v2kaZxdPQZfO}_-daovV?+SANJZ*^CNU!V1QmGD39UP?lz;#uJ6-aj zOklePn3qLmx`r6op*W-7_M&sH6KnTCE0Jdur0?@W5mhYj_}5+sZYL-*eW7^)oZCGN zcuv|k=1pr2x|3{V_4^TwDYxD0VneD7z#un6dIc?f!G^_OTD*{H^8cR{zTVKwXa%uo z#la!MiV0?PYm?wKGnhCxYP?KTIx8p&CAjv%}=R1nW)fi>gVrdjrVG-LuJd}D|`Gfj&`fL%-Tk2uPxMpx z0XAU$gLHS=inC$7v@#A9)a;%3G{+9q3fnJey1k zNdz0m=BZtFwq`ogv`hR21}c%kav1iCU_ASls{c>Z z#7+k>?QH~m?={HC=VMeZgV2=k@pEOu;uxpnS$n#eQ-Ma;I1Vxa<%RF!V?3^$;ubIBr5byyBu zk7mPc=xVk05Wtx)V~4_*%|vs;oL}g^mOKnaBp-C;%BVD?&rN?GQS!t9uEz*fRtPQK z4djU$A{~IhI=E!0#@O|8@bB7-uo?G}l=*bPjqnhCTQ4;3&YXLdUmqsr)qD6ry2{FEbZ9gb6LZq_y%>j>pk8)kNM2=~c~X+4Y$6Be3j;PR(L5joi=&{$ z`z;2f33agj>!4?rD+(!WhxQE$RJ-jLB zwYnCU7H_W*?fq4_!+&9-ks^C}Y& z-nVSI8?p^clK=7@GavZ4#g2kHWUjZ|%h1Skrgb1HwdB402^60B{FXNP4aQM;z{i#J z_#L7hQ_dkcf%+u)p_VXp;vc;(=%pnIg}~s5`}bWy+n3P7LJ5DmXSPNexsG!i?hmtH zBa6&$W-YjkR>**a+gnt-@qH*jg^2==9uSA$Fuo5rZO6hA^Hr^E%U0iP41w(M*liz5 zf|2}<<36co&7%uHgNL? zz7r;6lmS|heCX;gS$(rG(8O}qb5#CbRJv8zr`8~TagC@5_JhJNTc;K&($l)FQv=F? zQ5<)d+boF?&l+ef;jiM1$tl*)K(7?Dp=UXb4UMuNe*ZR6`t5Yp&g|C}t@0mWrhare ze}4Jj4**%X<}pg~DJjkpZ0brr64?Cp!SKk=42tw`_S~6jW#Id613L?4JD!4vlLSST zb4*Rjq)V%+dk%&(R)dCHpr9Z^P69G)n~W#oMf`g-$>Bi<^iFfv>)k9PlM7Zk!Y|J0 zh)+l*teu~pL6Zs8g^{;I2hHCOA%yeke|})8l0y;RZc{!w<{rqXB{z4lY~N3h2K>oF z5jJ@Hh1;L-Be1T6(U<~fmWcutRloxo8&}H!=Z>M|r){kxviyYAKJ*%&Vc5m@M3C7N z0SbfUm1a9y?CiG2J{>TF15x45&aB*pqQ_$9Z$UP`BwT|4EZFr6-H`gs{#2S$5}pD) zxv}InQ(zrKEA)tSRXbJz9}TO=bqiVui(9=M(m+p^{?qPA1Y-H$S!@c9j}SVxY_1%X zYjU$Dq78vefAxxqj%hq=1X$M|^Utgu>+0D^q9Ei*ZcsLH=(=++mB|0}BRZxj_^0t0 z`G~%d{9jDe!@&jqt!*(Fzh$Yil7_F{~0zgV^lD2ge*xNh#wM6xuor~Xl1Kr;;Kl>@1 zy|MEvr;O3mQ(BO^D%WUtlLf19OTJ^lw}wMl3F<@B{~%D^(v2OUg_4<%h}JnMgWxJ{ zc9nQATiQzaHwId$=L87Vu8+(vAoKWCk$TD3!)UcYQSA9_j>M*3|NGlORsG!B!1N6! zVGBnfkje9%5DUnfZI6wO5(YX-7^Qw`y(z}&O3NW6ls-k{OM=kYV@`P$RG0w%?AFe1 zC`4bzAAqfEA&k6l`6pi`w_TmSe;T-0@gnS|py`3sE%Z^EQ&7(|bwe& zf6d#kBFmz%HX*+govg;@ZXO5bv#LrFHoe;=wCKmo@N z0onSij~Qum|K3^*>+PMt;7)sbJDs zpY)>UROxS!CAo+Cv`AwY2qtTyUv-68Scr#8QoEhD=^#$qq(R6XjH)`+^ket&PLO~e zVJHyyQ{&u0-0xw&j3gv{{{P>^kwCp42xRvcJIL-zKr3`dbHsOlClg--=%F*bsyu1C z)#ph0!gGWn$JyE#V?h7zvqcvc7Cwi8f@)ao$K4GJ+Y1=_0-Q%Sc(Ai}Kn6Y3)5$(0 zBp#VPiXrqhttV|R!6zct|}c4ps9sSoqM`+mec!_{{H^7tgOQ8taP-rmjHcB z*zDAF+j@^!=fmxmd_=PRXR9ufz~1wE>n3=OkB^5fEI5q}4>x$F%k$4`yn^>KU3`2) z6F~v>rfiZ|r$6a28YG!MYnJnga!E}$g%$n?6Bfpil9JMiu(!`V$#N*lY^+V<2u zg+)S;*33*F%2-;ueoo0Mb`VE~gg)bAzhbKR{gJ?th*;bM9lj5WN=i-T+D{WyP4`o0 zH8VVMVP&YmJh;uGxck9@UWcK%vCZ`c`ug!%SsGNSqc8PMdtTj?beS!UI%m*zc6!z* z?URy+N7OZB=?AP4Hue`(0{zC*J4O%cvez=yJjx9nS@L?SDnyngHO0-tlw&0H?M0jN z*sR+#uZKK)_KH+@A1go8#Ps9d>L+J8-M3?DqD{b?!_Y}-&FmY^RebbdMGvw_33n|- zKdtUR)0y6!WyX&mvT!8S99+mcy!TB`yX^3K9 zU#tEU^b~aFhNyZlfsK-^)uc?JjoY{Ht`~&&R*!$rVcA{w?{gk&!db$rZw_Ap;pxO73=$6%2qqV22)kKyfL4wsNTXTWtr z%n(Z4r!?_NWlEWqUA!!6z5)iPG|Ul)6;xG&7>rYm-JCAf)wlqBTm>wu05rXP#TvORn5OlbJT{M7ajRy%delZzk+g_`)GF`C;JCCOJQzC73F zC=iO_0UUl&w>irRR$9>E!P02`>OZ3*9EFWu2Gwk&HR`VOsx6r+?Xl9$nrf$xUq($}{PeSvqk_8=?)C9c`Kw9G2eFT6ft`+^q z@vTfte%=bMrNw?GZ~yGK$Ab3xiIc)p*@_}5wBdxsVp7D9O*DM>#GE~8Fj;2x;^z}4 zE>cp`&MNG+cl@BUjnwV~&%7_!D}@s>Eaiz1LWT5{+DqnY0wu8G-$XC9(x@k;H;?cG znt;cc_Jk+G)z#JW2i(KMqdj;(2WT&CM;oyxb62mY=eQ zYjW=A*F=f?_{f<6uMl8%=FN7YbkXY0(ZBQ=OYog3GTP*Hgjm6HC< z+tsOT$>UB))Qca(o;i|WXYf|A=m|ku#-UKPZ(>&;&t93ChosZ zCPdh#%olPN7A12oQUmD;TBg6_PaY974~&nGxBP+GKp`$li$3kGzR8@xva1XtPxi{% zfG!tl(fPmUS;ebUa`HmLpK+e7VC5d5<;sVMFYU^BZW}?B5LrGYmSWcz3x)U}?;lzR zQ&SH>p+jA#O3|)6Dsh2rI=7`G$HHu}BDB+rU(Nop%Xwba_LJ_ATp{^;=bauE9u_c$Qnq72x?fzB?!C%YQ3LsEM;tg!j{;u9k1jiMVl+R=q@-^uMA!k<#DW}D>37xT57IeitIuIo_4RG4DA)5Wf~Ccs?&%OV zLA{z7dh%CZK;#B|7OHe`2MYV`x88ECw>pKZQjUZ?eLDQpCg&_9fM;OR(%p?6-%qxE zVG^dYps!h)>E{##YaSBvTNSn6?}FXH3xoTFu2BD4YvcV;Pn52%uFGXTqix>pJW2H} z8v`Qf*5qe=1dsG2qk1q^?Xk!c2fs;NcCT;Ay#5}n4Hp-e;rtym=%!pE2GJq5lx6eN z>c+z4+Szo`xBW{NgSDQY7FQ&k`o3Lbct-{+At|NtQa+WkWJAP=KatTx% zbWPRfn!o#}Ce%+Kg@6{m6>%t`h6yJ|LB?x#@DXhF(yqREvgqC+4}Lm*=Jgi6wH1EW zYF6@^Sr_cBL}jRfO0o_578lO+hGMWxA>7$^Qs?&VsWf}^$1k8~XzGN8U&pR;sjjn^ zPG7R3I1qZ3@)m@}OkjBa_3kaCQAaCwt60c#RN^!ik5mq$z+q*{k%-#74*UcdA~{bNbQOB zMdzII<-9umw_aty)E_1%8Fv8Em}-+3xdT)GcZ0FYc*!2VXV)x&Ywf*}v+ro}xmU)8 z>G5LAlkXRYzoNPZvcBc~R^VuI0~B_*sm~)J3u^t)y5lH6ByqKL9&QXhXahGgiamPl z*sltBmP2~`9XM8v^4G3@oiQm%R4*SxKvmS8`Ej-H>gS(5lV#!^v5e{+Z7w71N z=6?vbCXef>vT{vAV9YuIBu!50xVx7yBbPm7e6jlOOwWb?r5w;wVz`WbvA4vrSy>|c z4;~z=-j&G~ktR?qVOk954!1r~3EVvp1Yo7wtT+(;meuJ?AC zOG{T%uIE#ba4}Q%UN|f4b=|hdyYGVZ5=L-&ai}CCp64{wgEZ^{TXZ0QsKQ9()OTEZ zx{#xj6CV?Gr&PK?O?G_|pN9rtCUt;3RAf0{1x0k^OP1r6Tg&*%vYqznrizEXi1 zX%C~mb=#()e2sN%==SmK%D($b56nmcx`#**d*32V`n8s)t;?g4gKKr3sO9o}+rZJt zo({7`$+Hstyp)9HGCOoFiB6H5E(h?#crMw&$=r+o?I{oh^d-6WO}jH^mF?dpe;v!x zlS+L2K>1g4ocq*tik=z8kbCSu5QkiM0;Xy=f3>Hm=KCEpp`8BeFiO+PmYYVX zPrK>`o{us4XK(6s6u(6QkiZOE&Yz;OsGg?up~Z6SVo=nVj6^znPp6sG7|+QTczHE7 zbb2p&gUnM5F&Ki#NF?i`6%V9S)-2ZTPolgqUyfF%qDYT=YL!(1zb-q_k_1`$xK)t;9XOjr zRIVm|j&2OeLVSoiMQg~fT>Wu9MNFT6SWH)rQDr^#sCfd6 zs)kaCtFTyuEk8GM24c^~Ws^2m6^cfN0a13k{6+%^jQuCLnedS}y9R%8PCz+t-nb!u z@#4kbKO8c6&ze-Rl4B140D?jhN_me*?CHn*8UaO%SNeH)_YgLppJP*3$~TsraC$jc z03M3+fjmIZWeX??MOe3fMv4t?94_5$ZNR^wMS*393otbG_QtLMPP)w-^Z7GtU|8zcbD(7)i6Q^>*bL#Bvrp`QT$eEI3V~eflF6gQY!iwVd5&Dc0tLEle zD@Oy_cCOITsj0RY#DUTFq8duSW77m5B3T~2)Lhtl^<|#BMJ%{CE6&f4OsY^+3bO2W z6_K>N+9a$3o+4c|GVn{RY(~L%+4PO&=`eX3I%J*9km;GafGh$4?=T(VG?KD4db2V) z-1_OsF?#}e8#0!j-`9KZ zuU0$~sJXX!$q7BVY0eSOei6_41(xm-oPnpO=fbj1g|WI}M#1p1j(H~u0-m{~Obk}| zE3xPnj$RVPU=;SpkL#YTvT<+M+V;)5tS_l|j^UqOh-O_xKH6P4juc-l+&*Ri&^Jg=Jh|ZtYnAvBA$Mu~HgZedG)~;cL3j z@qx;b_?Rzb()LENAc|~mY!t;R$8}8zbsm;VXW*(uZLb0Gr_4au7fD1SGEQ=6blBgk zY^jsRb#1R}8QN^zKapS&ss*2_a)+sM%}sw%DYijjTX6;!5fs!UwLLT6UF!=(`#B2v z7H@uK-BrBFKl3tLI-yW+y-@e=-E&(XxOcShe4={1q2`RY|3Lx^8Tf`jPcy$%x3G?8 zaW^h|{WZC>vvbxAxLPj?l-Vla2^oU@yIVpT(YWd0sIxag)ZSsA4%+s(rBAPI~%%RqZSw1OK>0w zHIai`^?G}rrGCG&L8LfEx=a4cI%KJlpKb%b{#ldrZVh7N&1bf=P1$X-XzAk z-zAl1t{$`h$k#N}5in%rVVZ1_&vnE@8`~xglZ5B<+FyZ8Nht8hne_!t3qaV#i+Gg3 ztG6a+d;wO3R2@`IY68Aw6Y$w`r|@@}r6t)iWZ5##X2v-cQb5P7u^CC@$oj?7GZFPoWl%LCRo}-tb$qV^vz(#le z>eN6n9nW$`MRp@L4=X-3{CKu#39h*7*xWS2eL@Te`kQ^pvsWb159f@iF*7>rPJ`@L zek8klfd(ByCBeBbdb&Ew`HZOOYsU34I#jv1stbIUK5id0hZ&fvWlQVfuVHv>OgS)^~@Na`#-if63C~SAy=U&;^ecZ6d8Vgm2<4O*QyU> z@Ej|w9X<_##lQLbXt8ACic}AF7pU4iaeRE`&Erca7gYJ*_6XDIN7fvOXUOb&+&jv^ za6gy`i~Uzfff1jj1e2(9MMNrJ$Tz8OJ%I$@tHp_rQ%<-@z* z(#arl)~Ba1$>7P8C!@o|>cGCqy-k$l3`ndc^CprodTKR?v@VJG38 zh@rqSIHbdW4D-_K#^l8_{HQ0lIv^pn;Hon?WfEJTWI%zdZ3h?K<;!~z z_dOzdu_BK;lVPM-hO`AH+hwW){Z)bY|dtu@31jfd9)h9VQmd7MTCiX`)RPQ3xv z`>yD9HLr`#0h8UWDSmcxI2;ZfZ&4Oz^87=}{8~rtL?YjgX)tt= zg<)hPIy5x&C^K`*hY$C^Adk1aGGRP(*YVxDZ*%`l)x=C^0?Fpy383&{uv)XmYEw;7 zZ${_*R;#YW1GtGtJhcAFAdThd=(r%n?+}U7QIc-DImttj9$s$iv7=YSwuCAQfawm{ zOGZvtkC)rS(!ePjeT1ncDM@&2H9^Duv`~bBZHO_Oia@KN*U@&XLh=Z^u&n=@+aIM!hs}}3&d$11rdD>vLL&u`UFRz{`^5Y zy1xRnJqFj&CnL<@aCM<=^In;s=X;jMJq7N znk}4>>NTqc%h3?9Qau1xbY#HXJU%kYzUYX8q&ouhOSA;r>U26aBgxS5Lae73+{EM! zvu;&P zg5#N$UlrOC$Mb7oFJifp?bF|7`+O1N7mFJp$BjFgQ<~%&yx?QqHTDKhmLk7;;Y#&t zOr80!h>iy!vRbJo(Hl&n$gFiAl%aEqjQACraYd;_C$Hgmz>2J(0r^dNG`DlN231;Z z7Bx)uv#BrluWW%Dp$!WsL}ZB1;Nm+JoGVRqQ6fT%)=pA!-bfU#XMg&wU2fr1XOgE6r@aeHy)i{&2p?-w|L)4Xv=jw8hiiwcI^UXX zz1Ou;-N+cN{TBaiPpa<7+jonzuR?0z_Q!p(A#_c9cNH1(FePK#M+0+GJu3r88P~Lv z@DFNCM2C==ezPwH`duB`LFvP9{75L3)&zep+BY0RVlGC?5UapncUlhk0X!6iC&$mU zjL4SRUwcE>#2M}2;CW5Wdn_ho;X*&T1S~o>5!fZ`6v@z?xU zG`*KZ2idziAQFA-cvJ7^`=7Y_9w&(|Jol9eeldFQaegyaxHH}{T7_Rmhs;Ng6ChOJ z@AyvrNB(1LH))VFhjuY)L@TZhG9d8F0{iZ5eP#E}1OSvH|MzbI?4mFBu`U_ee}q?m z-U%8qh;8W~(J+VxsZIluD)d>@)c=v)|Fc(s?`N^CD7$@%I|(2ld^e6TZL?ecwP(-} j{_kA{zae*-d{vl%R66zefu&D-z#oOns+ZE`jeY+gqD>^s literal 283065 zcmeFaXHe7K);H{hV!;AR?kxnS0mmm;|B1Ni74^4Ur0i*<^ zib!ut5C|n0TIhLqJm<{w&V8S`&Ha3M=lyV)VJ72{|NigQ_HV8A+sp6=+UjR%*l3O% zIdb;i-P;e39H9|Ea^#fi$>ZQ(W*Zj6j~wASa__dPzOTjdq>pc!ouBeAQ@Bxj8Ekaz zW!g{YFwNI=Wj@VkP;ZRyn{KPVO)E@D(6zsAlc4zeO{@yj+haGkrg|-=2njZ4oeqlU zCDl73c)PY_*ZK+b=wgq1O8$KkN__%58LM8?Hi6*h$0e1gNB*KZc9M?g&mWeLg@~(S z(%!k=r|=8lp*-|-)*C#OJpG@4Bd?_r>z>=6l0@-q(Sa4t{QqNxH*Zv+Q0Tptc3U9O z2lgRlWo0*Y#AdgjA>`wyXDN}gJin-DjZEsQkEc=wpUTrFdnOhZ6OLXYZ>gaw=G6nK z6BH;*#e(|y38sNYkJaoFMMcHY0u)N#9}X`s;g_7-JbC8M)23_md4+|DwY9a5z@ogo zmkie3=&#<#N%BOC_tpFzM)r@e^c2{`td^yvkr=auCRAQtKC`GuXfN5~dTUZKgB8d2 z+j^l^6|iBJ7gV)02%Hm*q=BKKy1BXe*8S;R;#VijckbWqXew<~F*iT6B~qYk9ycme z8quoiYP%n88)G%@Feb|Y$Noj5IxF)+qgth*iYj#tC%C8Uas)mK-ETOQSiQ;e5fS%$z!YOjLf;^z+^`P8d~(TK=d@+8o?zs@55M|ncSTTzgg{vIA{X@i#Hd*YhN*Q#B2ira z!d$_&##M1;3QsuCO>d55yk5URj!7Xaj0-qi^c22$0YAlpbNkipK#xtjwe_-A z;%eJSDXd%tMk6&x6@_zqjITs{%qj78)MP$W(xD)l#Ttf~y%d8yGHVP9EVMw&85A2c z8&22oaQQ!RmokKCx#&X%^Xiif{hk9o@toRFGc>gG^zydm*z0kLz{X5ST#a&j`8kfy z4ya_1)u%!{lP8leh5{3QXMgN?D2v`xF^E+?HpFhGlbst;T%4YlhYU|nX0Q|#NtQG{ z36yYO@13+9@TlAZ2_%w#CX1ICerwAmI-H)*HUz_9%VC!04(B|^T5Z@nPf6TfJ^tcouvie=_J%vQ?_3mrERPQ%4f8Blj0h0Xob zy1K@kl9ikCfl*9kMVlMHE6)`2uam~$d*ZN?eE5{gq;zqc`v_Kvs|DRPypQgvV$63w zm-+np&`~*m@=RfCO~B5YQG=t){_=2j`^?XROk|D}66qLe8K3amY0S+z`v*tQYsIy< zJ88>`=16J3#0})y#k2Zc?!MNsFiOdhIO0H6O9yjvb1O6|y<|{q#yZ{Tt4B5}%|RA( zvTPnGQ04Q(kiALG2sgQdCVOXRL{3i5p(xDHZ%3;7Et9oi`g-MsKX0i?_)07YQHwZS z_+Wuyd$Od{OjzPXa%CKo)kHQIb;=bL%QvTHn-S%?(wHUfDPgH(!Gn0#frQS^ z&d^E;Rm>x?+HeZYlV_UhdI#{zs)`Ehcovb`t%jPV_jVO=z0wr~@{W##n5E#JZ>4kP za-n@R)8r%z$h%`?WPDZ7Et8s0%^H?D%k}3S9SNzYnKijzU0vP&HCqF_wU-eMg$6^1 z?#n@7p1|Xtst`_RF%9I)Ve{2{B6s$*V&>-NSfpLef|JA`)*RXpU=K6OP6C(z90A{? zsvujFEV>d!V$?Je+lPam+}hYmP}4HM^?7A5l)R@-s+E-@U1Ki7mIrP4+kqU+25ulT zC+8{>i7Z1RaFvxBvF=VcgS06OD;l_=p&`Kz-%me%Ft>DsqsMkjbuBDj4cCH07ii!G zBiX;At2RsfmM3Srv0LG+61J^>pP~nA#mC3DIEo2%7>!7X%TaLbGy!#J;Pj)!D&I8B z|FD~}OPpe2gh=Y@>9t3Ym3`;Eik%&N!_x~>%g4!b0xzp*+ndT-Sy^dJ7UP6Tq=PC( z*LNX7^UqsjDWa-%L@W)L^dZH9h#yjBcG?Ou8y-2|c19m8*iTk_fyn=^g4#c`sPamV z4lB2t%t})sdL!#zTp80qOMd6I4x=%hut~CR|6qm@cPuR>F>R5|?SZG$yO3fAgWv8z zATIrd12@T$&T^c(u1@YlK{;z(hh-4B7cG`d~W=}MG>NMJ+%P!uru zgGU&lBE#5HU+w<;e^I_a%4{v3Hj(geSZkEc+x zG7Fh7G@>_O)$HbkWmXkm>=fYlS?kpNeMs)mkXJ3jP(~y>w zYF*M9RkrO*pPaU+D=S;OGOlr2JfRaeP648Q_mcXFDux{Y$PokD;04jwH&EAd2|Qmi z_Vu@6m{QBhkA296!}fQUXd`O}a@6$n^nhvDtYmj}bybg8n8do9#!pfL4?gyg!{FHc zTso{dtrFurG)Vp1x9ISQPNWN0*NK0a2DN`3>O(o~R;pL?q5F5P0jr@xG@X4BNwMa6O_l$$4beB=00LlrD=taciZcq zPWKdx-$b*&=Q(=FJ%U=L&6txF;z)>xFcbXE$13BV3QqXi3VvX>$=eD${0 z`vMOPsf`!12(TFe(yyVKnb5r%=EmAg9uH@iFB5FSXncCjb~38U8&2xui{>tGV=6s* zVx*>2-eg?P;z{=n45|-qGjZ^x+`Yvm<_sL)?~AP_{WK>m=xNLpDAzdN5S~sx#hUF64Y9BqSldCbP9TA}eUoAl&?@BSQ-_BOm7bC_{jyrBXwt-KeV zS5UE&O zt`4>@>5NIwb-$&jzpA-FE1r;;SkO^(v`Xnd1@8Beld6^n=H%ogXkK@tVH@rA0i7xD zxX4xotKi(bE8O9GAVk|*klSmy6O=Et%5@;R|1ebbJq*tb6q=hpw`9xSsCDV|WG*+|>gnDO3TZrn7p z7^yJjy`?G!-&zL1sQVcL0)brYNNNx3eDLS!_7_zPeFrt`aFHo9`Ct#;8H(>8H#{#{ z8SF?^ZKmir}3oq@QcIJKTGH_^$shHLFPDkA@oiHBM zOwG9_A`q#bVNqx9f!1wUrOXuj`eu&@6)#Wyn*mchQI zpx)?Q;=BLWru0eA?xSGaJa!+?k~B^iU5g?1)u6%sBr(_>&9~xLPK$#q`Ly`l&%e*y zq(t*tAXJSE4A46b6^1hk7_@>tM&uP1MCl4mxs>ws|Xagzf@4*$+oyF~wU(qY=R>pY0(7Q81EGAW3=U3%nQdNT z6!u&Oa~z*!Yv*85X;4cBN028$>)=x{PLB`cq@yS}*PD8wXeG^fVePfkYBV07e&{#t zH6?&0*d<_ibp)e_)4hF{s|`I;gGY0nj=5qZV69$UKIVjhF; zn9JLNV+iUi?BsL zMcmIlo4$#r0#LJ<@|tpYU!RO=KN=(49aLe8t?`|72y2H(E5$-&IeRw~JS@@`BTpw5 zbM>y6qV3eTl8>)0I>+GCi?<_(IW7$3Xhnj|Bd?&Ki(lM8U*BE`JxKrfCblX0ANDcoLgGviLvvo~Kh8+$#}a-$pTj^KS7x_MxGgw|N@e*M#uA<(G7f$%Sv8OB zE~hidXo6&wrT+Wcc-eQ|I*VY;dH1bT>sTzbhUaws&*FR_4`!u9%r>sXHG0X_uSU6} z#^1#$OJ#tQR)KNJRQ^)Y6>6pvq5K0Zd#jSXhtu-fQI$e2#!1LJqTQ0eux8#)IZPL6S({y-d-MQ*gD_nXB_<0O+yv)eCsVMchE4-_=uZj zjr%ohB8~VQhP3HLZ2hdh%B`bFx>^6R?n+P)PUtO+=81)SOCTXq*&s`E1xdmm%(qrt zr=Qt1<&KVbGAZxtNgYahAwOJQ)n0PQavY8|R>wG$$Xs)++am}D_|EPtmVNw@Q*NA? z)?T;iQaYX9LwN6#&eSJl!CE~@)L)i`J94;xnK1hG?e+E=$zrsz$a5;c4vLI5+-mQH zH#P>U3R*N=?Ug0O3QqWr2kO}V=-=4!gKPHjJLEjJ$KQYS*+VDDSZY|2R+$~!KBSIJ zNW7U!t5o$M)?KDCZ~Spz6Az50DSa#AD7N=RMl{T#%IDjlflc2{VV)ZJ`fQRc8U)^f z(ao(b+ebe(II^6k6?5zw`5IAys#~k4u#4q{ht$Ii+KRqY-FMCBr7OIw`^@}>wdMRt zNs4H(f~=&VJ`1F{H4Qa!YjdmQN_E=?s$srxa%R8FZQOa-p<%QqYIFi8x7y7+Q(dia zpwAR5YU}L&>wZye1n+IEniz*HHStnTY26ad% zfyN)~X-uOp!38Qq4`%qLI1(*_boI#XDF5N~aFC~0p+)t@ zy#N~Pz^z*)k)081+arw`+>?rEV>&!k`H6+WCZU`Zc+cRJxVavCdz+ooMqMH27ITA# z-aD?0b zM%^}6y?XbyvrtD8W@kzysM`2v+r-4t=ZNdKcdA#Fcuz~^5C`JQFJ)5+)bpnSMR?Eo#ai-*5bG*-e>L zZtpamM9ri3WwSpwq1CW47~<`UOIC1q-rsAVW}#JXxEt$Up!2nAQdG1`Cz-bxLexk%{AFwdagpX*6u%H@Eo?EmO(xB8@~Q9ey%kkS4$vw=!X4`)c~ zp|%-VC9wC&@i!dCIb}8!%W2EbH3_n$G{16LNqdE?$%%DF7MmCwb4Af(FwNNoRW%_D z&(L$Uw0E3L+ijJVvGFI=mO^`(AzPY_E&2R7(!QtOW@)|wC+y{;jEh70*EX?O?q4KY3<`{oAjB0etHJ7khBS4tn28*;O^b5;55 zZ{`Mlo2J^yT$Pn5z;6*mQm46(?|(Z1jiY||pC%w zk=uVBN63sM(MeBKE*0J`V!cG)Re%C=TC1d`n5+ zO=Iqz{l4<*6USMDJ+Ma!I>GCUWPGhe>e1LEil??)I;mn#a6`Xw%XCLoXCGwvFaJeI z@Q8^H-tSZ^wI9tGn+-b5bn7tD%za>7_wf6&2X~Npuvgbal3Q?3se9`u53HNg0d~1a zUueB$RYCD^#Wb-ErX#X4eV^v$VP7su;q;xkXHK~KfxV3VuP=;6#eA|w$M31HG6!$w zbGr;h>^?=?-IkjVCT;yR_9dLP<63Z>E^v;iE1(2D<9{BW)y_hcs=d;mJv}`3UH-ASGUdJxQ zq+;GgBbO#RpJpL@c$z&Qxu{`|bL%S5krfoKw^~O=;tm-e2LyfY6pWSm<(N7Wdtkn^ z8&eX6Pfx%29D(!5SKD(73Jwl-!lhLXPjDS$4cj?_ilV?YEUk}4h;<}2-_3V4M!MGI z*xWK0U9PTH0&&rq>yCdu54PJOZly^w{2tc>TP2`8#8_)lGbT6(J*YrGsN&TeR+-~W*>kU z$mJ6TTpYb|WtBYGCS+tSp{jy}p1;vH-AI}!ykJg~m@V+)G-;iCI-xT8ur1!ldNtcI zetLUZeumaZkxRLDHs|n4(3(i!XQXHleyOo@s;f4esrfpc)UW$4d83tq)yz5ltge-Mo; z)En&n<|ub?&h`3)&tmC`JM)<0!sH)S$5{uq!#G9xPOBHYjK)GB93xYT)hQc3m#A~x z8cF%gF2CNu&UFkWJK3e7E>?chb}4EM{B(BI^cKWgQ<+;k*8TEUvS}j^wo186iIRfH z1Cs)8z?iDa_EW$XQQg(L-DA^5LO!&@0GQ z4qwioFB5_b8%68E?A4Qd*845cG+*-4Ul@)u@=;t{nLDgHZ$0#_9Hfa-Shssb+uNC++-oLH|RW>b9{>7k4s)MzfA=W91ap0ld#feXAEV^Cy4|}YU4Kn9MaifAs7`yQsrO8aSqL}fa*M@yir@q>fpg4{wr^u{4x;%a-Y^7h!s6c2XdEvij9`1_!HzZ?E# zms?Fq@V*)Q!l$BCy^h7K#8qzY{pA=e@2Zl-n4AztoHbMUyF=`-#YH+=OisQ)!u zC4c%C7vQ=v`?BZHp)bSC#+&Wx>1G_HgfW@Mk5?PE(*!~T@9fZs=bX}WT0Yovj4r#@ zWfG)}{`I0}HW>xm>GVn|;)CdG!p$4Xt~?Z&`gUipb6Sy(R=G5f)R4$sX2(ReN4O$w z1Cb7^v*7R8?j7c4E>WH-e9_&Z%Y?nHBQvgeNQiDjt zZVMgFWjG&cMfRnkYP+KE&|r`%qoMmsPFjJB0_R>T+G?%1*#*sX5xbfj3=duPPWtbD z3omsIG+)WU|3mhm^-qKkq3J%_Twt&Y) z0qh&YV69n{r&qA;iC&z&1^bztP_u*QEA!KPDh(0rsm#)bWjPkoDpZN0lpz@$IP|#* zOG7)jC(*MFZsGMCGTh~1wsv-K z2+!6?#LPE(KsL4@w?P3i#5Mr;$md3fZ?o=RTSnv7$f0+C?b|1xK7CTf==ZOHBA7=2 zv6=l+rKdI{y~oPy0XvV2%>}LjJi;~mRfjKfe@!JS?abM)E<`l$t-UbLuJT-M4Bn42 z{`pCSv>Jav%wg&xZIw#j_Ve=#m^saCt(s?My7VceOFx^i&MhnARJlh+S5dD_Th3N1 zUQn*{)r*`nvwvdAzFfp<(C`eQcQq_1GWijgh6hzO3C}m)5k+x&Wh(qEd!_q8W4<|m4ogFMKP@a2lUu#{-`V0N#ZWg zk+vO_cdK77l{u(+zWW@ZrH8R&RMLA)C=N@H|69%?nt=U;M4mUtoN0kXWg9t3^# zg!E8FMH^!yN+d^}&Q*8V{vNyMOJJhq6pI+R?t`CVkG44etH zYcF(&B77DxPomDL^8P6RaEe(5X@Pxa4#gc~iuV(js_?nZKR7ftblzzgkTpssHY5kTX|4@IevHbkRERI;`0rPRrzhh~mriREbiB1^WFmpv-B-e;M zotHb2GUpn!WgMq{*J_!|?&q7LzD~c~U^D6ml#_>F#9yT9eR01mYRO6i&0BN&(1w$3t~}d0>2;9aNo5?fXA$Z@mb9 znJqA+KABWX{njl{wOXejxCPclxB}OE=B!DD6`lUp1^P|jRULefumN}F6{S`}Q zh04q1LdUpOte7FE*bCZ5k56Y)ghZGx?SE2}wuLb0K`K479i5aLwsUF@4tokv*%{f$ zST~vVmx8|l@8<44p)L639+N`j=*V?_BBneB@D-90U!;89{I)J~8(Efwq@ODWrH>qy zAM;B4yM@oJk(X;L1)!>!8-07z{tr3)esPH;i&N7D2Z6fQI9kV6xeL<45dbsv(E$OY z#n@?TVl$$J7%rXaXU!z1VTd$)i@Eo{YBsI-J*b{rCLl@K360k)lGF4|?aTrPp1->J zu2!Iu?{KL)Efung+Lf3#FKh*0AF5S zM$BgfD}mtKYxJwTERS6xNZ&p?p)~*N=vw^J?y#w@1y_F0av9^2Q~_O0_Suz2Lyv%E zv|XEFLoh_)*TUSRmQTdoSaW|N^HSHy!S7FqxpWU`y1l#rxk9q&mR!!4Nl+;&2DMVzBA-x|$FyU{$ly6S+^dRg5#H&SRdxkuUw6LU8U+#i^(mkaXSOe1vA zN0u9W`fRiIcc{#K)-9`&$&|AD$$f%mrK1UYs8uAgb6LS7o~63&a&>|}qX;BqAEw*D zd{*p{nZGL%)WMWr+^M$VBF;fA0kWQX3i=LTmsWd7-%VLc>+1!{q?LFlDadKg&rVrH zIbXLG_MtYep17IW%(+%B`0{yddraRmME<2r9_(GEQ*)HCAUena5s%0FZjIVu>r9zj zS66)%7TH00xo|fA5HHdfjtM_YAc&ZW&Ok=*@Z#I2;I;<1H7Dh|Ikm3f`K6f1-x$PN zVLkptJFZ0G+Tq-QvcGQ9uZ6@F#$ZAY{S36x-9dq{T-M)V*>mhpsS32BvN*D3D}z;? zOH^@d!lTdL-oE1*xq1E!k-2Rxl=f$56?LS37%PSbzm*9M#8-CMW`Wg++a#4=c#J1;k0Z zk)V)tKyF$dq04QwvRIb3t0s4|0qG@28IUk?9fi;b4NCVYX#)Ii|LExG6q;1>Gl^Jm zK)0th|H-i#7qcP+&yu?zes&z^*->@anS#{_fIr@CGn-!)&=e|H-c6UV0%f35D=!T} z;|8e$`_UVI0TaISFhaS8+vn!+K}b9yq&nlm3A}{FklVsbJLaO7bz_T360rLUYoLPp z3GB0A*yY-5bK~P7=Ia0A@}%_2if$$ShFxVmFfA=DeSLlFi)1R#yx&K?KeI$s`cGzw z!a)0O+m`_W>03~Wrh!P+0sObZyWoAKvKzi`uPR)-hb?ojq zSJYTt=(UnO!SCInWZquLs|)|?y)V8qb{`2EAot$;zkH$d^77J!Kp21i{3(LOBn@5d zka@^wO#!E-NmvkcXUQC|2u6V!+&pvJaIilN@Yrrcv?hfGVN0N`c8xQn7%;mQ7ZK8F z4Z+>XN|MPbDSPAh4ar^7gkIh8Q-8)lmYy_OpfrZ|)X)IdQg&H*yJr$~#{>>XEb5#+ zT|1HFPV4s=s=!xc_xqgLm~%NLrOC9DsHmuv%6M%?)@slEj)jYq#1@wGA^P!R)U0}N z+>6u9n1dK4?#7zM^gLvK6cRah-uU@FGH`zK*ZXW}& zh}m`ma9YU(3Vh&fZOy_W{KE(2RY%9g`_{Qtpe7MwuJNwCT+zQy4*Ly8jP@(P+Foc} zzFQy$8ivF$7HU?XqWNZ53L4#N*Z*lLWUeX_k!ZH3BIs*t{B0;EYHcmzgITp2nWxi~ zKn?8pL#9jMa{mMiABU0zFqX{HQnAIQB{DyXUqB$N5R-HV@~VG8je;O0YDM+DKs<*B z`ypGT)kmaG(jVUSA*c9J>yXtYvQ|diL$&|}6O8elytfCsEpb*D1go(IP~#Yjwj`#4 zN)^MYe1eyPKK@DP=S@vWL{U+ZaU@Qj+h4f2!9n#Obdduo#GJwJ)r_e?^R<5fEf$@k z%(pcO(|h^b>kSPPU$BJfMTr%e$GY34z4N0$o~Vy1fCiXl2!4PK|M0({kmBO#g~jEUf%AAKb#56Ukdj(;zPWxNlwAPmW(i;acXTtK5VJ^J zdV2Z@u$zCe5ScB!f)%Q*AqMec5W9bp=}u+w1Ea(u^66*Z@Y-T#KgX5xzyS3>SOW(L zo!3CDv@k`1Ea>X&JSEL{>hm3yNxd&v69tVg6c`jmtOu{F2%3&wkgW7-Mo_B0mG-DRc3+?Hufq4A-`(YLjmEA zhwgl>D7L8+0pgHtPjU^uDt9KNompK?%?8+%n%_cN`-K4tvUy*o)v1h5~e5aSoDG*NWc9B<2Soc?n-dfG%s^}GeaF71kl7cj&C z&hX4(djjUHkJ9|GHpw9XL(m?La$ z_Oo%U*zkS17l3{3u6`5YaPJwSMUF+90!rdZ#NR5y-6J5ko1B~+bvoGHEcM@9vtdnllAZhD-Ech@m?HO$~Jcc1|z0)S6p>o%c_q!eb{9+94s2FlO(7t9Mhg zNjs0w=?Iz7(<;>prkhvrk6RlX`!U%9qJBg~CxfGYzPo371B9MO^a)j9e;hRib?F7m z-mZUnzMWPI-HBx}$sEZc4B(+y0r*3<-b1OcwFY0WHzmc;!M3F9MGk(FuPyvJ)L*+4 zVwNNp$Z3>T3Q$l%can)Vnd&<>v<0&9LBh8gh;ck-A|5GuCo5LV_%@AfPH^rjnKC`X zNbSG(L0XM^&p)$TTJ1Qz95f#UAkfs>@$C`VTn&q$u8n%fVsq?BWuopC%T#vb@}F5ou5b%FXOnJ!4fy z!$Yh^F6=Ovq2Y$-rW*9EKa^UIzvTkYgIOw@KpWr#Ob|$X{{ur#?2?n!{&roGT>ixz z?Yz#L5x97M(Huj^D`{}I$4|u!Ux>NLa$m$ab1-$L}?48 zj)f?{IHyM^W)6s|#;67TK+sQD+6%I@FD)w*NAVHwzi$gE2}lO~2fYC!$|63CQJNUD zv*wRhGb4A)8nHmoFv>sch2PtdB-TC?{PGTkXxbT`;$AVI`2IR<8H!Ik+wJOxGAD_1^dt6-ak z226K@zT4fWX|eT=Xi{s0UrQ)9QNHA%c?q}K6ZiwXOqSNLefvhk7(LHDr|&q0xINhRz5-n9h@`|G$i8|! z1fF4ZVR&k1Rw}@1+)eT4FGXxDI>&AAMBuZgYYgDDc@bv&nX;!Xn}uYU!=Zu}{SRZ+ zZs@QwyD8cPsbZwAg;;?H31ak0uTrp6pw$Qy%hAQ5?azb6+fZmw;#-sb!%>H@+XGpl z`{$f*P^k%m)2B5I=0MqNF_biA_7%OB?U%soIGSUs`3vs3m(=h z^|k5pcB%C1tdYTeQLK!c5?18qrv?vuD5D0aBt`=!eeUUrz1G(?d!=oqb=iSNPH%4% zE1jFP^XDiV-gq>*dX*}hA8ZoI=LDrpTFVR}c8SH|x!^Zjz|?AUcWYr`xpPR@RF5$Z zGt^e`83w~w+$-Iy2$#1Byn5w2#FY(@BO0fQ|IDCRF$o5bkT4J1LY2_ni^- zG1kaU>%sz~W8lNj%Z1PXT$Uo&1zwZw{WGjGUx5Z}?)(5nY*-)w7GT*6Z+S#3z#jSj zrf99dsHn+{@f5$;xCu6SIlBKU1u+<`bji)0? zUGo-2I1t2`kH8%5{^N50$MpU$U2dE)?E1gB0RM5ne^Udx_8<5A?{VWl?)P6U<^R(C z{^N50Rgh#D@E@1^kIVfVyZA3)@INm1-vQ)*K<2;6+5SHTnX|gzBTTs?Po1qi;GNq4 z?lDSi=a4~>(3MN$*uu>DpY8^?&aU!wP2-eG+83;`~Q+$t_C`=HS4 zzf(VAH#B=`Jme=Giyr{(ucW1UDa(4U2>wEMtwunETyEh%x(5W-?-jP(H~KVm@(dJ= zN7^>PQ&3nUduNjY^+O1zVAc1MoRqg4VJdmCQ|90$8UmX@X0dxSf_F0inY9u}SporS zNl5-oM+C3;nX7D9$l{rOCrIIU`*~xL;uc=*^!>7VJ|AVgo$ETcuT0Vx{8Dt4_o9{K(05Tkwb39yG-Hin)(_`j69*E8Urq=1QD~*ecdu>V*d@(scO$9>E zgB*)6Cl|PFA0h2}T27 zxmMUwW&KNzNUNEVx}+%?;W^C=7L>GBH?}bJlBhqBt@`Syu`FeqRJ;6mm0n{ey*;57 znNanp2nlFS9CbP#-P2BEAMrl)ArHx!=U`l=2xZE;bDLbpt2xB;!3YrvE6F9~O4rU8 zMc86i=*n(A?Rl0Jvhf`pE6SkEaMP~-TJR8rZU zZ8>%ar0rOH1xY6g#wr1gf$CWn9X4B9q+?00SJ8VqNm?UGtR(NafIo1k56YKLQ|6uT zMvf(vxJGe916R)(T5;5u=)WbbhPbkEqjHz90Kv6<0o#l*CYld|>kR9!=hE zoK}*#N(I=|A3%@kEByMm?T6&CO=&(BwiI~OvN(C-22zyFU#d$; z5bQ8A)uXrh`4fc*i2@7(OGCParIo0y=x8vi46)eRnU|mc`B~KUFG;5*&Uw>;d1&cp z;1qb=^6d~aNely+NVSaE6cXy6DD0fjR=A)?o?i2v>NK;^7=sbG*k4yycescECk+@| z^9w8b*Pk_SIn2}nfh{jCMkFL86kZwz6bm001{82ymGIMrX0_s{OA-^~)d1(>+t3go z6bM0V7_0>eVV|}ra7lSn9%@#&zkiwcS1^GmrW1*@Prcz_C(^Y~J{Z7FBuIfl+wNKR zOa5@!@<^#M1oO?R4%~1k_$u@3g0W#?H3IN4_0Q$<^GD$bKbe8)BJ0-GL2r&Z}kgPSy1bPFq zWpI!!qv_=-YgNqVQYNZE029SN%x&Ebv1YL5D9sc-Pm$bNSggT-v6pArrGSl(#r!=< z&+{?zWEKw=*ip|j1Q>U8P?QbGQLj#XlA?gjBX4R6F6Tn53ybsnP5kY+5j)^Z4=l;` z)}!p{f0m<)r7sn@wb=KW+|a%z3BLDGUU!dzqBY_n_*-57#|fZ?9l{AJ^AoBn+>}KA zju=pI4&sOc<03-(ukv)rjA?iKQ?S!3o6Hcb!MMok)p;n!ezQMa|$G`VD26-WkP$7uLkXf9xfAm0ocM3tO%o&gcuT7I+X~s1V|9QG0vy>Q zDUmaZ`c7G;Cym&-GvYK7uEf$E9`G98MgZ7_ojUu+6Z23R?!#pc@j9g4*5Wz!x2pBS zV~o13r_?JZu_4 z2JhDM{a{dFMT2p46n}ji(2iu4Pwf zbl$1{rFut%JSXwr3F`kXIu-4cg83*pTwV6k7jO*+^EXSu^(R-l z0hcB?Qh6%CgN@0w=JBI~V;I+l9UZ~~ET#>LN9PWu^rt^ZBtpH7m&>|(aX|)vcon0x zYrj9Y=w!9A0Gs(68`Jly@vmCFJ5L5T6N#hJy|R1qVvgVPlAEXemx^xG8waLsl>`T> zDXcAI5;|IFe|qwLo_Gbh7YK}S>g=Djb|fT~&OW>#JLQ5^A*SPnD0YY0j4p6@BmBI4 z)XOg6Mg@H1s)&;rHs$ZG*TR0EHyhjQ9NM{N#*UR{DznQoI!1{s# z3MkHN;NF+jm3whB=k(upBiD|YF~w(EPQz{*>`1~FYPk@-YgMJh(b)E z;qCKE)fx;;OhXEZ$C{K5HU>PG>;2Xrwj<*qr7ORFNG1%@Htyk34(;t)QlnY60cESR z=z9};#8vLkm7{vO+EE_8iXzcUyLsEqcvSBEn`Ng>olSYd_oKmHXix2Zfw7=SI&0@f zyWA&#R+);$DQo$T5kTyebT$oTjZ+!@p&lS4eE5SF*3Rkk^42*;!Cq~-Sw;HmPzfZ4JPbYXgD6H2H+L=8* z^uw+4=>$n@%k9k8Y~(73ryOp#Cy8O7drr-wm43d7!{+hE6cSgRtO$qS@*RW*GprBA zV3=00m+_;`vVz=ss4PE@^MR*BK5yegf>ND zq2E>wR_E@~Fhg@cwH}|(taxI4383v|4&dK>mK^q()O5rUNubrlG$^n~>; zVV$FI?@fM2ZGY3#X$OH^cVP6%=H}vQ@vA?&2O0zY19rOL?dsft9L&%s_by*7I&tV9 z%r;cGqz8?4ckuJ$c+vr8owx-ka(cJL8)m=9ER{4C=d{>t)?Vgh71_sAi&=NXR@}nA zU=9>n@$@5_``jVoCkF^`fwBFv`C2P>>Uz5094le4B;d-5=-Xokh6fYA16uCWfy8W1 zp%b)R%hNZgdM*H`WXkyTN9B=W$Au1qSg{lUJJ6MCNrY67zNptTualpC4=)lfo_deED>u{gpZwYkSa=sTbE| zTjKsTw4+SzP5(h1FH3xk^rX>}<4l~k(v`E^Q-19$IPATqmG@y>+Vb01F19W9)y}6g z3-AkIr47yB2F3qPwD8AeZ*P_aGs-(R2KIQojfSGPL!Tk;F?WK1C*IkW*w#&Jhk>q= zoB}oo>V$Ep60PUK!GYgHYIYZ$W^|-UVp3DSScC;`7kp`Z^~aR>2|o3!vcS&T$p^pF@##|#eM(&?bRoN2?1uEq5jcA{gd&*6?c zzIOhbC!zatM^g9B6kHFxO|SjZqfb`;P83_^ogNTkOj6-fI}VSZOb03#w1la6fFfW@ zrX3|UK$W3mW#_G(!|7m~$4w==lg#`AT8E<%aXNC>8+HdvvaSSd^sB%6`*`DeTKUZP z=jV{_P{jv{`mseZF$$?cUY~qK5VaojtqZW|d`Xf-pAx%UqvCZudLF;ASJw=W zVr}#%oTX+p43s(rzdCHmXMRq4(sN+L@H6CVZmPct`8LWqxnE5cPO|`seEE(thsF{< z0GA3Rj^^4fPm>OP%?=}>t*dS|7emiY7WT?6ofa?l_ww45f84zw=04_-iy4lVxs+BQ z*HN=udwKXJw}pfyXx`ZRmy+>tv!!94$ z9+^I58aDHAL9ltLXq|k#`Kgx6Iu(p63|J=x3TTtIsy*`x^2a0;=J@ees?5by=Op? z97_N_z14T)RhUz+_e721z^dU{@u2M=VPbPj(|1wcK?h5)p^@Mx)IJUlI5t~Z0&V!E zv22hAq7F}heVs7)XgIg)*#IAZx`%E9Wuegz?!}x2Q;gES8^;~Ij0rnx7 zbm-nQ*my745P0l!TBW-s7qo9W=cfDLcdqym`s&!X^uu;#vUVb8W@hA|ALQ}%5{JLS z*s*W)w4+5<(LQVjOOq%cYc^|5Iku}y!T?6~Dy$<$ytjWDRoLt9ufMgkBKECv-3oPn zU2OUf^I@J&<-yt{Lb(JC^f9lX@|TXEWn&;6tOoPqH2s?X+N(~9Mtqj#_L(RZd;C0v z&>Sgp`+_xx>=SFVCj?rjJaQJ|-c?kcGpw~*JsspQ-#r^hPEa`fJ1)96pUUvEE(HHm z#VuMz!69x@9$|2v;x@;^HP+rL1^TBxo&nTSJZd;uo^+^ImN^6pD9&0gPLz~ZzX`;y z01JEI(Ts38Z>8x7ptQtS?WfWtLXKR~Yk?TjZqreR-2aEN_l~Ff|NF<^Z!MB2MK;MO zt7B&KE+i`rWX2KM$=;o&I7Vd82#JX7S>f1wW)`wX$KL1nc==qP>vr9)-}S-w&$>C! z*K<7fxId~qw>LWJjFpe7#Y%_<`M*}=s2;torF9O3j!yJ;%$KQBsw*T6v7jX;dq(X> z-x&DbRug3#VMg};*ufUlM_XJH6!9{V!Q_rICc69aA=) zLC`DNUg>*N@~U>6)SyR_x9HFJoW=Wkak|qrfHzro)~j&7Oi(Z~dQocAU9@SZ$tmIe z`}fIPM@XrltFDBTT_y6ZXFfP9ZA}rTuyncGQfu{aU0Q|@0H4^Gy<&7{ zhW0-yXj*)Y=x)a!F5_$K&0b>$f<*TqG1YK9aksm2zhHVKSIcQx-23F@=QMqnDtmM* zHgFsatKbXM9Xe)xldDH#XtDO*g#o%?-WPOMIflWR6#99V_Zp%_1;}()CR!6)`z+?x zaJ=F6Z`N?fl=|uM(KTy2)s?Kq7Na51;P;-=^p;n5hTe3vlxQCW7LxR+f>oo) zJVLqe-5P2AV%i+35Zv-ZY&!k+^c3E5riz|H6CzO~v86EwV5i47;**|YYuV{2O&ank z(5ejCM%lbKheC$#8Pq&Ktc_Iv9C8`mY?j zE2svmxOmDRU^~Rdit$MxoFm9y(7ZVJ#Xd0E>@G%u(L-=&Yg`ABJk;O@n|0>$$TRDJ zGyNk-ko+KK{FlSph|18?3|IHgx~E`z8GaPW#$40GE%odG;e*53Y%SXG%7b?+u>W9x zh{-NOd@9}yHlSiBunRT6k0ZfcPxOh#Sowz9cWf;O3I7HX-jeBq^6k8s(vX8}K;zWI zS!Pyu#AB)X_qF~XF|z*|`auF+Vn}@LmDiEKD41JhA)_fi@vTpI{|jU82JK`wd#wXX z(=lDZ4VDb1X$SZmaXQotw{jtYSpSP~yQt=Yj02oblmm)t?GzH2;dnU^h()Je);UNh z_P!OofCc4(8~koG1%Brlo2GXFf!7;@s2g$qBS4VMT(HJHL%{=dem{}1gDZ^UdME)m z*o%B`Q$hsV$^L(l%K!a83#u}KsCoYmWZXjF8~B~PGUGw|zaN?b1BFrvOT+gb--b0r zn&s~9Z!%y`!hQDq^6!5McOM94^scA&AgErcrv#5tyJ?*_GVu&~|w zg2<5l!=^IvZ-~VBg-=^G<};SACXkH3JlA#jEqv> z|CoOh-J@!GgQ|~DhDJddafC`ajwLA{z^N}Iou~<)=dkpGk9^Ppij6u5;$0vm9B-@= z#fj9Ke}ev(o~co)1LS=uJ}Aj3$j=`^*fAMyvs%Kb_y8Hf(P$YZM`PVWBir=wW#v0f zG}Lz&hx|XXG2!ZbgsK&?UP_icmz8}<;LX$ToV{y5IS1|S&#d%we?i6WcKWhI z%vCs|NoM~`{tIJy+_;!^B>S}{ZlN|`Fs*X<-4Hg&s>!;G{wTsTG8Mphg9oYJfM95i zh63(ADSExYH}Ua~&b=R+Df&8cVKJWR;%E&)6-3?$0c)0?JqXo+J?-a@4Y4!uP2!7V z;0oibnTkE`)BQT5Sf3_lV};y|1(P72Px*q@79{EtNTy|Jy8Rxq`Xu}7ZPew3*zP{P~k3qGfR-3NL?SFF2$%`$~{@8kUeVTfXp`bT9wRz(T_~b+j z$>Qt;?m9-Ah}O0LdZVU^d*p~5{n`t++HF00kk%252E{{j1>ES3$tpFb2-_C}D@EeR zyML5)EuL*>@?Wr}HkGO#TrDyZL-UYBMmydRQW!P|OkoJ-vZB}1r2T!&$c=MeJxyS2 z_2{s(kcg_yZA&|OiPrt0{STJKpJ@3i7i8QS15!2ejIqS(0HXP^O8i9z8tLNGt^wX! z5v`75BbM&iXP9Nhjik$j_ch#?(A*8lV+vYDX^m^GnDUh8?8mgqh=T zWZRo8BV3~TP8~UaM!9j{Vxn_(a{6 z3G@FIVVlGV(nY2k1l!CNQ>&B%yl^zt!y5`XoGw?4Wtsh`Uu){TYA$`KgqP8o(39S( z9tzh|JXz0^@SC(HwJx`bZi`*?{|n=I0VJ9KNu|^StnUu%2O_ko@Ovwt-(=Eu!h%M! zcxx7h$mop5ky9GMVt!|CTxb*QZ9G%iMm7eGo8511#C_ zVdwpb(PWKu`tpyEvk$V?@Z0DIRS8GqcsTVrikSX1Xpb-M@{%CZ_C@r0S2@=z$ z-gc;lhgRQa(}_J@r4wD!WhyX<3s=2$^PJ>Kn*6SH3DD*kcWNzg;ft!kGi0~A8+F(^ZoIc)lZ1X^^pE=`@xn4H&MzX8d5C26LOjgfh4GK?WHcy2w z<2g{aZSS24&&bWsN;P>2CSfS?hr+ zZ3NHp(p2?4XWNaTC~}(9#j^!h<@IQf&@9fdWijk82xZ*P{!i-YeGDo}NQ}pEO8oo{ zg`IaMTf^1l-k`rs1PwrX%TI>Q)%;7$FdH16BlHa!&6TVR_0hDHdto;g1}6!gqp2zA zE{?dZd8g^+0ChL7mExCD|84K>M^YHDm~RATZFMp!ROK9t)HSFLO}U1r;z${xYxhIB zls)|OuJysIh9VK+q^~dplJnxl*H525)he<#v!Cr18Zm=Hp7Z#bj?~*Yw8V8FiChwF z)MXa^n9EsRXpb&E5yw8WYQXKrmD1XcH>NFbGQ6^(6o&xt&kopP@G4@G9&n5QB^zLi z-FlhWrbA`n{stiJ+tZQ-w(V)~?VP=To+vZfEZOA`I_l6njJ|;+!6|a-tw;18ORbai zNUqOz1Xr~NIp_*~_NX36A<%8JpmGdx|N<&~VSWPlSO4?*;0&>ZA252tW_I z%$GW^{Lacv)++5Ap3+p(lr9<1i1TfHbt2WtMHV*}jm_Hs6~K(71WG~OD@pBEqRtTD zE}C`F)FuRtt6}RzGmT5aLQ6DUA%KB$oau4iE+_cS<_!psHN?=>*VT`Z8m#?eS++hV zB($^P!)4U*_py${yFeY%o9oRZeJL?i;I7s>^X*DGTZnCg=p?H5b2m+__T&D`g_b-FD`0jLY*4 zetiNY9WDV-l1mHq_#{406q(@4Y@f(Wn=dM#o(xX`PNzw;|9jt&A4BV^%8`N>Jsex& zWq)ut>K-PxzmF*@;#ryK;t^&P{J{QR%RmA5_x5J>2flf|%vfghG0!Z^13=6LDiNuW z@w2;W3IFoZ+L`<0*Q@$pZXfa8GB#_GI*#m7zv2dv@CHs=GN%tBhY|4~Iaj7D@VU9zoa?0b6}ix2}3#?-)7 zbTC59fh^?iRUZg|iVPVC_t@p@O`kn$yp(+q=?x0V4k95(L$~bg?=*RFjg;CmExV_u zYn?&NfDu%TtJT>ggCfb1@u-EL&tFrbXX^Q?gOZfcr90ar+h*-XEnhKN%~G2k#|1JV zMl9xF-fue|W2S&>YiqkM5uBE+CcfOEQ=gCgZZi?CqH3fbC z;y7WQ6KR^a16zG}Ezo^v0vwV?xMEFZK9`+JtwQ&2+N-wE0VwQmS4t^sCk+=VvG1!jDCv6Ujud zkP+vCFyF9e_mbcz2`DJr0JfeOa2x4uVY@4XXfHUWp?`I>^7tp)e!5S0?>Mf&_y->BNURBx}uZm5h zdJMG`)sPLOeevRj?a=mWb$Dx{g{KEZLvi0INOs~xkmZAqsTx|Q` zCots=aB}&Pf{vaC<1yVu3gmEu%#@hl^l#8q_6^tA@2u(-9w{1$aM>mB;8`EX_7j-nliF9c z|4lTj8_)I(I~y&(4qRMg0nv~WDgCGe>^g@D{&vMq;}X;n$_Ru1^(ED87wBrANDAhE z_~tpt_Z&UkeGX7QIf_(I?nEcW0C~luz$f=>T{uuy*Ow%n)>s#U*>6KaX z%fyS-XaOiBs7?Iv#2u}39-Avxm`>$g1g^sKmrdvTIdyV40g(?Xix?rN`ThGpvN&DQ z3l4irom~@0%tz+5iSko!WRlv0vuDjdKd6v>CRVqy+Y-cZ>;49oMqTSB1(!zp^=DW; zsMGHx8voLIOHWr(uexr4x%Zv-FKDYBnDedNUpGnU#TiM6>2 z%iH(#tZv7qF&0m4IW&gNj!*Tf*{v9s5lX+PxRCd@WiIdJ-Fq$5N1C4g(T7bbESWIJ z2PHp6PVa+P6J0QSX|n0Ws6ConR@N;Rf^F88nKYsjt-hjOfSGq9?Q6n`cC#QGFkt1fzrMC?YH*7rG zUSw@>kf0pr`d$1$iiRAaiJG@LdJwsjOMJ)af%13kDt_O#qo^Mh?i1n z1Syinj%Bm?=FaiY8=i~Hg}Tz+eR1cQe%EWJS*F}d58Zd;^F?& zKRsWaHs4_R>#kIkXLaK-9Ah7ubx1BZAWRc={#`Y78GTw;cR6Kav#1LSE;7pS`ycOb zA{x>=$Ihlz_==%Sl*hl(p9)`TEh$)yc>U>CV|Q7Bie<@8(WmTCIb!46@nSgz=FVAV z79+t>U+^W>=0I`@dst((S!6v0w@LrBMGA}U1CKYUXX z4hY8dSo>$9TK#ZWwSiv<*B2d=w$3@a%~^`+)w$S#*NyVbuRyxntvz~s5MvLN!QAl@ zNh?Q*rD2_WJb&T`^07R^b77sLD)P+T$U@uCJ9dZ7?t4g?rsEe3ajyu=8ehZ(sLouY zUvpu>MN2+>k^2Euf$zeu`rCIEBucV2(JqHy;<{}#7X3n{cj~LBBzitZ*e=FCciFs|@_R6#eIkL*IKT-_tcn zr-H8dspW%E2v{eYMCAn|h4#|a*g@9Jl?MWlA_UstQA9F>2k@L_;!i^SGxG@MC7i01 zW&hhov?|3zsQboIRSG%i69YI>6{>ePN3;JI3!&2?JdGnULl?7VKz zB;3;OJ(9RuQ+2xY8c@?=n!YXKGY5K$Co*Nnm19vNI~!Ych^ilF5a2h+H#7KuN)f}= z+${epjZ=B8$=-;~V3V`O{VINU{@)M1`+obAhW7QJb158^IRWEx<@y7|J=;#^@9ruq z#d|>FC2xN5w&cOq5#|1~`D%w@vAzzyNVbV%Va>1mbt6PReip8_uW7LEVDtuN{@Vz< zkuuYv>rQJ)46iDibWYTb4D`}sl94>nK-2XDD0yVV9bAu^r8z1$zlgp;`8?AWs6Ci7aK4FK2FSe&)NPCJcD?@ zBO0@~f>zhk;fd0Gs}Ub=HD)J7M6O!i*Pu6txhh@xfbJVXy7fEaH68{!B_BGu@jW!FN`9N4X-1KVK^aLsFci%0kLs&J>1>LN zUfb+(N^oEINmdC=Qja-KYE<5A#n@+=tsiP4NCx$*RL&3D8rG@{E>7mqEzO=X7;<`L z$!91<;af9CH3)Zen zA<=_#;U0Mbm~GcFdp{r6zADlQj@Q3`oBmxqpE| zjRGdirpep1TCH*NlZSO08M=8^q;`__tO9e~k-^9nMTxE9zTCWmW%lW+zl+K0$F2J4 zFzJx5HwkGs-j_pVq(~%|zU$x}{q?!@W@lU{-Caj!l1fRo(EV=_qS1b^I^D_RKj4+J zl6Q9b^uyb*ZQT+!C$VxYaDauF(H zr||v~qf4Pd)cKYma2a`0Ev)yyY(3Kcozb;$Q8z=?`FCo~ZC5-yyrVPJZ4WOf-v2hd zfUts5ufk$?PbdXiDki5i2g#OOnCtAX@E>ZzCT6D!&M3uK9ZB|*kd9>(VKZqqpa+gh z%>MY%M1=)MHJ&fS2!t_)|J6&ouM};Ofa@Atr%{32Ev{UgYX@b0BmG0Vk7sF7k|Ayi z0D*UR_yTsQ^Fe2S0Emaw$PS0Y&nUtUch;xe@NxOl*Smi_enfDd-c~d3I%8yM>q%<= z7ku{QqnbQOIqb7XL6!SfvN+zV7<6@`h_}cf;R4m$kZ$fm@}Y4c=DP|LyKDO2cJ z_S^UojfI6&N2NV~*EKoFme*&$J)y3B+K!t0wUbH1Yc*;fJ&Ru+uAw-5qI~+YD8!js zoH6SUl-kqYr!;H{GL%$1J{u|Q9?Fck?wy5CmPZO20$beU#Xi{38f|S~C1l*Y?u`;3Ghw-j06Xd(K-_k)1}X-k zXf_%%XTlv--RG85vp{+zbvLuWOR4)9LUV*Bpx3QWE6-g{;?Gu;pA@MqPCl5X<=c^< zatqQ>Zr>Na_2^&253-oIzeq?$>V)n%EnMWe=)-etRW0)cQ%}C>*0BG$dB^i};%lVF zn>^>?>dvRL@9&Fsu?OmYk}&-?EO`Bn_{|*d(7WkceSe}iJlY)aX~idfr#DE+2x;k*#dV4ln_s!Ku6H`N7hSB9V7khSA8b%-PfL~Fuvgco z0k~CN3eJmD^peFP*P5;M+N9m=dHm;+YU9|l@EfJ(A)J-rq#VgF{h8s;PO1K2+>hL3 z=#C?O@jF7cuF4VXW}oispI%e?$1_RKCoxA!{cY$Oh5XTGUODxS!rOEjTjfatrP^XN zD9gk$+dtHKK3*kaZ2B&4CXE+h>lSlv7e9W~=yEsE?5>3@W`}Y9ClMddX-D5PnuFnq7%l26Umzgch+5_fd!?tz?%mZW{LU(^<}!gtvL+$gi*rM3GjPwfR1C#>5s zrL2WF3Jo%?Ma#cIGm+cd(8|n=%iqNbw5QLZ*?S;JI&jTfMSt~)eNP|ZvTvdu=gZy&!80ah7GR$@iK?P zZ0$mRDqel6fnus^l4Eo91dr9kwRtzDs_#|5v(yRtwqM6zRjt*28UBI4O=nDLY-wW? z;%awK#v2u;reL)WRSez(r8Ni z$SH+ZEt6wa${B%`XC#fZu3vbgGcK_*#w`pFv=~yZx%w7}j=jS+g=bYpX zrM3*L1?gptOpcmxG8a30d-#(7&e0w(9nipe%OqO+qSlPQ{yIJHc_x6c8DlSUY_9Bq zC5QpX@-JN{`Gt=t2WDL~$5E`sJ)ua<$3RpR7Tu=#u&>U{al@Pqxog{=m|6KWdtt5Z zbDgD5oqQEht1G_ zkIw8%k`& zv3q;@w=P$jhGaF<J&dbld(cd#r6+%v~XfZi+<}56n9`< zOmY3;lI7elEnCD9Iqxa$)!KID=c10F`Jk@HTB_!tpXSi|Wsdqj^GAepAskJjBoZRfMpdWcAB;+m`Z?G<($5(5e%FliqdB&oj_*b(* zTrCdasgRZ7|FvOZl=IgjQT2fH#G~0yDA2rd z{=LNRfR8buvcIK4%NA(=U~99SqnmDu>*5@}!H)-vB@?)UOAQ>0b;EcsHUE2d)IxP! zedMdNojfajE)P#YptSFHRDjGN3B23Do8FtT2!i+Ix88k$gB~hkUKa6>>4@Mu8LCwx zX)?j!9^-yk!1W++yL+}(2yzeGYyBE@CT`}7r)vH!wdxR$MnY1nZ{JdCo{KjPG;!{; zIIXbX{YR9HR<%9#7 zSmG29QBX3$KjtQaqpCpiU-u}1kZ6-$6X!&N6iHLp*)4_JOOlL+eVx*y5x*sZ+Y(bO zW(kxA-MDTS>e!YAWFg+=(#Nyk9%?>*{isLdfNr?-sTKl-@8Q8&ze%Vvzk&tqCN95) z8ri*<=#7$T3&DS*9=uU6!s;CY(d{@flJByw-Q|v% z`l}U!aSwNlO@P>BSdTnEM@KSdOC*X!(4W0ZxUk<6;DxqJMKaAdZU{<6f4MxyqfM(6 z_UU^4tah8I>ni7e$8RB$^m{?LL;i^jBO))pvGfvQyrJfhcK@g-4GA_*f(r)(2h3DE zu`VU4gibL$gx-92h~IS(F$^AJ;Tq975=zYZNcd>e{m#A-_FmneBM|dXwVlT`{2-0G zQy=d+T{$RjMLWGbH~1cp)Dhly_?tz3{xD_>8krk17jx+Ly^Fh;{FG+@R|f9l8X3Aj z(p^YNj~jK&=~PnDEn9R+Am!9D-mT&?%mjGs#d+n~ed*0uj+q1{1>u8x5oxYL&&ob0 zT}ErjsmRBpf%qNM7xVi3SrNCXsaJJhI~GS&>(G`jv7`M(9Fam;&T6PXt3nA+f`q`&4SHb)lB;W59 zWa2~rTk@)h0I`g$sk3U^lLb>Ux9q^a`Uo_=e`A#42?W#^PVCKW*%v-P{$0o2XiQ7Q z!}@1OVR1OtOZj0$t!C8nhtfPhzwY_YOBPVCB77KHFSAj8qWp-}Kv9Q2ydVPw-{dD- zsrC{l6g85Vy9mBpp_A05j|M*@G>3c%${X=_y&VUQZo1pPV)?I(-u+IQ#7Ai12LzEY zirqF3nG8f|Pt|_dGw6bGym*sATX_d^je6Gdtqiw*Hl^qXMA%W~)eRn7*5mNsS;+gZ zFEEqvWo!gD@U(YE@mp;$l*!W=g*flwo`Y?3a9Ot@c&>Lw#hyd z{2~3(qpmhswkItk5|jl8RYOSaFQ8`RBy*uPs0C;+RA<(j`0LR7TkNuCA$?Dpn4 zDr|_lN}LlTlcE}f0OIh(fB3*D<}^oN>!kQWJv_^0{Cs7Pgf!%!O+iVmxVxI~S&6}H zdN_y~-S)z^%I9p>{a@b&YkHCp3?ovzWce3}Ad^`oOs%>FmqNC96419==vKUz2UPJ3WXj^A-YEB}K>~R)gB_53eHZF_#u)U{rZJ8qK95}~y>5|c} z?=Q?0GRizQ^IRErdu1?Pl;HxVsF-u5!lAXHx(myuOQ2(w4fLfH!u6(2yhB&9}D^!o7TZgMo-Mx!I z&*X5SA6MDK%eC?PNm)=+80i+j;UKm@1K;(3+_ti(6C~qHe8+%G56H4U$RdfF$0uRf z2vTyb!WWUdQ(z|H=jG<|{dktEjT!x~nwR&fpnwkLCGU%TJQjD}Jaz&Fqe%#wSrasyJP{im-##gbC-rk^#Qfp=-_YAwijpjb0>T&_fPT{`ZR7 zUUn5YJ%wcBpm`w8$>djnLxZD-|UVM43`;?xlBttKK_KD)vo>2z)%r5g!q^Mj4y zoi~wpt#JTaeW?b~!|tK`%cpjcAo|6~JNM?wro-CeHER&YOl_H~5V1DBRfm+Ac|sRz zmsc#6;;!`1k^Xf`Xu2sV2&4u9hRt$7OM>>WzZur_R+J`^mO~ zZGUm2N>x?_Rm@^}nNIsNiZ{RC)xt8nmL0V~YEVaek&kSr-X2-$v$0rSK!C8WYj?j(pn|ENc z0MrL}WIQe`L{iuGcL*KC= zTKOVaAfKFW3mxuF1g>zC5E9z6zba6G2uh0U>*^8;-e1^&p3)gwsJ+tQ3nDedWudEa z2nG;u`Al}tgRq#W9Kw|7(G%w=pq4Gm@<%qP2uE%M{Znppg$nNT2_W9bo5-3<-Pae^ zzL9&L)3MBwqX!TLm5+%+$9P}{b4JP3$LmCoB;8i9-vEDUX|f#+n#XqdHAiKu0z*h> zd-zxVylHCVbRGL;K#E!Ir}WxcB{!|P@n?ctPbLE{o=ATvRP+L(&}XhfVbRIASL`QR&WYK7acxd{cX@O&CGJ$n z-4NSthwh}2U<&oNiiJUs&W4^pfO6oPwZ8J`=hw*Gpf9x2p6;#=b_CCD zG!&crGfKL4Y)R1s+dtJcjd2(ra2itaf=&*`XGh6y#3>eC^`{fzg^{+WS>_Y%jd5aB zpO*M|>{Fwltzr@5pyM>pBqN7vbhzVHWz%k7fI1T=^r z!YT%Gk)(S7IuE{8fvJ;j3c>xcuM_{D&~QbK019@v9y+urIpXYZ%@mF^POd86w_g6* z3z(#*q|0X()~bGoRW*svM;|4N1N2aP@!EMW#o3ptV9tP9L0YEoJx(X1&7^$PZJbRbJzQ*gdkr7JtJs`cQX)Y{KM1HnWPnzZ5iqniMo{wLyFw_*N&HpM z7vQJlxs-Tix*_6>x>o1k|82|aX)@YOQG3ygojq{4=_>R}g++p4N>?WqQ z`RGIAUk!)k)K5_#4!cvs*4klmDU7)>J-tMlJLXAN$w{Hd zt<55m3yv1B6hEn97e97|``Agsw968`sHLgf&}vEjcwxpWQIkvT=K8kODw$?m*rvaO zkPyJ}?PwNh1jk${$1@RVUNJa6+$#6l?q2%wGDe^oa0v^>rqU9D-rqbICQL^SDPK+Z z+8C)QZZKF_E-xQ$x81^5r^u>m;z{0`Bid!HE8CxV^ch$HQVsj~Fq~Q#k)!XI+f<5BOP95Xv^?GnzpvgtXk4P4t=E4f!V zw7PSV@aubRliA{{sH-^m$_i@N#E*5&0jIB(6E0L3>H?+~kxOu~oq-176ElIX0F+j{bf3=j* z@MZXYu&Vi+<|ZgsaH=7XbctL#n9xAjg z{k96#7dqD8ElQVkgBW#;zWi&jU}R+|S+@M;w68&lSe|ts)evFOVKOX8DrkV*Ycr~k z_E0RHu;ulD`<_FagLDM<+1yY3Ry}X5=J0W3rXh2RO6#63)TplvJ2Wj5 zqlDK+`5Ov~nbD6eZ6CYiQPuR6O!OkWzy^A5{V|tQ3k|Uh<03x{=O+>a{C#)kC?`)f zlWATJ#IFqP2p>I3-(svdL$9UePrI`uy@kGjDa>M8lPMDaS%!dCnFiTNE!40Ag{~V+ z`oCtC$383}e2FXO4?@RyxsQ;k;I0#S1xW8)YjAN;ZHQPjr|sEXO3CyN(0%mHI?VF) zNoCg?jy{%iy`nYYGh%BI&7QnuDE8u0bI#j;6r_EM=gT;D{`@>N+2qYb2BilpeeHU@ z!C&5w>DM_My#r!j4Jwqb>YoAiULu_Zy3Gg!2Qf*(D|E_}s;@<^Ua=QXWr_ z`phdW0z6|LNk^Rp|2bI9W6Jy*pi-*jgTpW)19PNYEFW}x*>)leh0 zTLj78%_}#N=_fX7eX;&8Vg=1^^?Oz`OyWywQ7r~rDQUx%ltU5=&f{r@SYypf2zn&F z0~Fe?efS*&GIqQx(|}3wCf^TPJ`&+rTO5t;GBqL9cJ=E3gZLIaUsZQG-cJwAU&8mh zlW*$DfGZf>2?S3Ha*01O^iDHbllVFq0`HgUu}x>Y4x+!BujEnwHoIZ|g%b`yy+39) zhD1NFhLuY&5_WPkg?{j48wOr@9ySvgKI3}jVM{#KF&eKw&zNv}PD2c#9Jt+k)eI|>Z`e;kq7xx)|0J`wYe!je^pE4olszs;+WA&DyxF}*>f3%D{<`% z!gT%&LoWURcSrDbn=cjdzcM^KaLy^(+iSfo?AEKS5vg-b8!ayQAII?0%+bO`Pr=E_~^83NyN*l2^BYvuu0Trh17+ zppAh5eXHg5(IO%^fASpRnw~#1U7vJDFvpm%7jm4ML`|#5GfVilHQd11zPXqjW$i!j zIWBJ7p{|fT!p4%aDD5umK6N{6K3mD~Do^*&BXqyZc#LfYS$FlXidXZ?t6!TirJ{CY zl_@(rJ_Re0X(J5+&6W!@4uFISQi8nd8F@bw%)P)@R=&oEWV+|p&ONU^RBIhkn-SsV zzV;5F(`Igl)2D0?4Q*v!0oX#?YD=goO0}7S_UmHt`Rh)Y{`O7?Um^EA2&$A?vE@&4 z+|GMjj^>#00z)!3Oh?5@am#!*j`HeY)~~O~#5t`Cb~e~oXD-$hfQxoriq+{#MiDdN z$?YZmBRAMU;7o`>pra5X3k@%_o%W0@+{_`00OpX1I3X}5RvF$=UQA&$d|P8>DFWSokat0o1Jd2IY&*LB@8vlU`<^`WUX*V7tT+lghtguEf8OCuzrJE>yPW!0=2Y_ z?ldViFSfjRVz?A)Br^3GYE_?CydqbtcqTq46*03GPOsii!PzhRIgH+F`xmKH(9xNo zzaCWNLabmZe9Z6|!KVQXW59q_{d8-8*C;3>Dq2grp)43 z-9f4F2o1D5$8FDy8$p!PwtBYQ>V(FeMD=9r5aCY%G@c(D{>bNU7$8KbkoIIZf%pL> zZisTA$ibq7@5d>-;YyAXH7|GPFwYSS{*A%&-N&Xv>!*D>m}>$ zWgduMJkg`Nn)eh-*p?0%xBm04ve(6k;r7*{ah^rXyVbptHb@|o|jKb{CVQ+FxOuI zZXp^DY<4BPs7S1AF=jql;TmD1JO5e$qvWmPSB$P#f(Dxa#(wS3I+Kqdod_<#Ya!Sf z-fDzHx(o$q0-=Lp&!>V~&~Z{8!}HS1sS{nLI{luTvsuQqZ3vzt8V~@Qy}YVYAac+R zE<`34tbACxQwDXp9{R(|>>OyAK(yCOu>lh;EymCy<(3&BGUk7)~( zGeVEj=$J=hR{=e_3W4Kfk|Jzg$gE2>Kg3&Di;Xnsy%vvZCjabkzX6FO}Nf!D+lpmr^M11If}PQJmGd`ez%`Jcj{Xayi^Sh<^%d_KGvgG)C?BJtj9+<9 zBYp|^t<;Vf^+Wwncm5#lYQKOKSsR-s5+NatBe<7r4y4RE@*tSCGuOlEMg;hNJ7s=5*k9R^S&rG<3Prx?$7J+ZF7HgnW%$f{5eUQS0?qyK=!H&=kwW+Zpi4EWb>m)z#|*9$EM{6u z-mL!Dy#{v0U@-oYxRXET+0o=*%@=M)%vic0I&Yn6<0j=QVzL!1cl8YqL(4qCTXJse zKPK>bEvFSMHVq{i_Kn_X;45AVVpnkFm|nv%5w4VSh`!v!wyOnHD9|%XZ?rBKgF+6R zseDa2q9DB`D`tS$0%QNO1@3_@faH(dV;OSy%$o+T68!+Rq>|6p(DQ}`SE_QyD95-q z=tJfZ;Eitfk}cD7g7<}T0|Ky=Q2Yix{Vl8q#O4nRsj&9RYe zvWZKw7hC6b7YZfUx&`NkuFW*@nT`613|@Bv?d2cj;KwT{7u{VTg zvfwNW>B1m9$G~$Fi!9`?e|JzV-X2o-N=|bQdqOJ996g*3(yuORZNUQHQJ*=Rdy55k zLis%la8Jt(j1ejSaa7*pzYAji!eD`~Oy0KN-_vY<8;P{KzaAg_4uFwKdBaOe&}2k> z<~F!cC{B?`auTC^jHXZhqXLqX zWqwBVg5LOyQNz!FE}wypR3ueHoG81uNO8gh5gc=UGdGQuAgp#w*-@J}ILpt~0&rUN3A{~Aw zjA-`+6~(kc_KUkzv>WNQKaKf^1nyot6DANLsYRBCAlkk2+&b`yl9=7vU*3!j_z>di3|%QlBn7&Q}=|5#FQYl zb;TEVVG19g4{Sz`9?ktX9}7YRPq8$Wf~RD$M)k-7;tYqkv;BMkYy?QRsAu6X_l}n@9d?B9ZhATvQre-6 zFa6=7Z~jBHPK6NPyQ-ACL~>Byr1d=bBimkQIQ*F7z5=fQo*N|`bwQCi?kNa~^&I|= zf1b$b0P*!DjO_#4QNng#L0$a|E>l2&rgAgCN{QHz|HE2RCcii zROOuwPV{WVe#q3L@0;#Q@(6L5JN3JBQ_f}nmwKz0y*=&L9OrZg4~L}NE?Vq0`)jcE z);ef7)ItvKV6rT?=f+hJXJ@gZJsP8X7N)G!S9{mIXP0@V6VoNcn6B_%A}_mK=f>EU zZQ8%PiWOCj10v-cZ~vAhI(!_;ezN{zSA4w(YXB}wrcAPvalgcJQ4jy7=B#@^={k{yke9S!>h*SWH+8kevgI<2P0 z_M&qZj;0OX$%u^poFFR7Xkg2c&r19&naT0>=T+l33GJX2F( z^?NZ3ACYFX8JbJOQ=FddWG{&?`Y_?7EMF~j4k3nXqvva`n2jZ@Eskp5o@@4;c>f_| z3XAj%$brDudfWc-;(vZIbX9i_;LeJ;_6g>Y~E%0+9U$I~+{VZ3lsJX-xbM&-R znef(nqI$XGn7;T8|A-8!*{&0gR-DLYAtrCzx)52g9KiR!W?p=!#krd083yEP{0D@f zTwR6stT&X&JJS1wb!058oK9z~zb)Z(ntvHP(9!4GQlQ`JjZIav*2R!l`t)}dJm1N! z7VT!@BdOu5cujIiCMC@b-_}?2)TZ=Kj~1&6p21Zf0a#nDpOhbVfu{dsorjo4{3mgU zVBN5B9(_thJv58$ODyR&RGG`vd1PZ5xfK!`fR7!Lb5X;DQ#~tu1M9k-0)QdgmG2?8 zt0S4$2+-Nw_C+D$5ZuAr=Rk&v%3s*`)>)x4IzZThzb$}mBzZ2SrP~Eecs7j`_xA;% zlbqZ?EVe8r)Mr6hS$tqu__!g6M)*OFlNnBPI@R6OKV6_FPcXF~ED!m+hDviv9=TJ08R4f` zwGu(;*w`Xw`I8Li#!IIEw0-M99MkOQ= zKCnONlESBQW-`*B-BwVjdeZvlFpW;OQsPKbpFm$MRFZt{BZ@f5Z#|$9H-{@Q*~VR& zA5f@d*<7wb<~as|Nyi~DZM#;=&5MU3g={w<8=mz(S?9|h z-vhO;9S;C}%d6$$c{ZtL>KAMMeLGXOa(=kwcYg{XBab-?j5NDEm|Zv6x;>*1#n4QK zEce+7@tO^yzg%E+wRXf_c_ichbM(|2^2WD71G5PYMDE!$$J|b21-OaDn+4uIg9*1j z%DanQA}>$);ii*KhZehjPi|@L=X;ZCyF+jeAHDnap*&{3At51F=0feVxYvA*0V&D6 z-XjVpUbp)*bR|bh0Lf$iK?Y2BMBEnH^M+kmkWmlI7e(ac2yP(DA9RhscYL232M>iYGk zzI__XH>7pK)OM)m8uj-4i!16_DD|b(j1PUIr!&H8n zpce1MIa>J6IUr`8kKE4;i1>!2bqnSRIRE^5W!z>kcxR(bTJp3~D39Bw+q0uM(Rr6e zH@9Mb*y8$*V%B3TEBA$l5u^KY`A+>-87GIp3X?&Bw4$oup4zk28FP{n7{|8#ZKm9S z#cEFB*vC_G{&f|Z*W+v&t+BP+F|T5&_58OVM-2`1KZ_E!@_}3tC(ML|K$$!YmWXnz zTm{+4%D_}4lzZsZ|g*D&bSUcw3_`f zn_Q&Z*=k+-Fd3@tw+O%F@&KzNdA&3qR4z}~9t2hM+o!Dc~a%oh;q+ysR zW`HG!Nz2ImF+cQ>!|DLasy7E`Kt3@fol!8{7@v%kGtZvV$~U~)zx6n<&-03f(MqP@?8>1tq`HZ$lI|EK{aJrQ7SoVN&B*0nC-$Esec`FP-UC42apt1w>DKO$BPW;$E)H7IXb;^#aYp zG$sIfu-5%zq9U<5^94Vw#FzB0@+_AoZcHW0 z2<9Q%_87hrI=LJ(?}-eHWHq$PJE}0EklQpZ9dEbW574HfA8*hjNXx6TI2N02nIUF!uZbjA+OveKKd6G zEf=HYujQ}y)BKhkl4>jLAf47mBHec)DHXV~y#v!hN%~!oIQUK-x0M$4Y%zj@JU*>L7ju@ieWV3ZL z=%$^ODS`SRUS0qI6#?>LwImK0bVYl^E#j>HnKXH3>&KSmHlSc9n@dZ$ePhEqs8M;B zK7j}{>$G6+TYVOYEx7k^nZx9seQtIj=(NedSZW!-oLhDcgszX=_cn%jE5p~wv_wD6 z&DoV}1+Y6dieiY5So{nV?md2PefS1NUEn*Re1J>0X_EXtJQEk+L@|`@bEf;&hoKT9 z*MKh-iJKA@dD?`e6#Q8Yohn-t#QkZLBU6W?w$rW3X^28_&c(p|o&-M!Lz?F`gdXn% z)E4e%e?&j!L^S>e|$*bCEu_rsFW|~_Lh&E@}mT(L|sgjEUfQPpM%ZO1&&z;}0#PB3hx95TA!zB@&jR@mh{}t_lRn_+!p&`<9 z&qXGt#)-mkV7B-UlC>~9c8*;U;D~i=W6NKwIYh|wjN?b@dF->Sjq^3}f`Y?CRfe)v z)APx_$?p;mm-MDV^FlxK+!}tU(r8#kwbvi;sjEZ#&I{AQ{OnTX4k}@(^tDH}axN}r z)1ZBn8h<%xYF;)NvFLPiw;p5GDPE)IxQ zl?x7AWnVPcobdq zL}BE_PF1f!Db#r4uq?gA37ZbL2|R$C+{kr9^RFMQLROzvU|-RmojJ8z{;Ps>aaoN@ z8AMqB#iLlwQqqQ0tt?{3u4c##uFBMb%^ZB5F*e9Ii%x4 za6rp**0u%E!IQZI>Zjg>4L2BU$lx&MUhNpVr;7Vf(01>ueJSF#E-1nhVM__5LkvJQ z786b6za=)Dp=3x!z+@e*aS*rA+0cN5)#6~=osjSe-BOlgNAQkZwmp<4+?-XmD9Pi` z*9x@oJ8&pNgLa|79Z0$B54K5r1S*}@t_oEYBRc_yxhh%-^|!bQH6Ei5AN`&92MAgK z4pP?rpa^17B;=@C8%q!T1O5RrY*z6ppB54QSNz}tS{6h}hrPiEWH1BS?R9^H9sX_qtY?`n` z*_3cHXxTWUSpe|5LWYh+eazoxGla^+$)5+t@>mCNFAYl1wY1C+mRfV`nOi`Moqq_Y zZPF;T(y_?N3iw_yH8T@D2d1|m{{OgW_F%v=B&}4>?Q=$sOItPg3Bx65)+j0Ye?2GY z5W19r(*SXBZ~%&zl5$H(y0~nuP1YvMZ0JJMHo@!sBbZ^w6%P59qb0z>D-8?Huc~?w z%60*%EA~{>2D0f6K3Vks?U7>P-1z_^2@Sz}%rDPn!7N!8F}QO}7tj12E(j>#x#_CPjgR4KU^2{%xA7s1H5oA1y$Q;L{{LGTCmCzJ z7h%|~X#^OyOW(F{t0YG|`ST(9{kTY6laxByJQlx|W|WSf%TVol5tppLMH zW)H3y8k*j!ep@AYTqr#JBL8z3D8J&c*p~`R;jtbjnLHU+R#F{i6!t_`j_74Wt(@*X z1jLHQ{Rqn6`1gwe$&w_Fr`1)j^v3d}iO?m^3@sRd>Z%FVIs%>|==YjI*rEXEBNEET8At@W%CsHt48j94DsFQ|pK<(fF0S}UziPyVF4u}uV z_AO&XTu*A9JJX+!vU@>r>|PgiUqbG`FUL$ZiAwU!AM>-M0Nd>7<%~2w_~7f@U;)b5 zkugi+eI!~MIl+bHUI7{yv6m&i`yp#J~bi$r@<9i7oH90!(1)1zF?3_QZXD zdnI8Q9we0{isrHYDO{t(wHlU!VUG-#e=2GOxE#l{2_(0Eb0dIY>`^#$wJGot;u5-R z5W&P(d_cd?WEe@H=$lJzuI`d!oApIRU6tAoYzNYBTZ)f^;Y>;aQmaJA{MUQ_KB2!l z6*|YnVc(V`D2udQzXuP)Ce*(%k@B{X`=VSFuaMCV4T`iXm`R*{{hyXZf6;)k89=R4 z#8i~D&i66?ZT0YMblOHa5q1}a8(O-(sZPs0NybO*>EdMc<8(sU1X*=Q*R!UBrS*ap z2)@`X3@5*J+Rbek$%NXJb!CI~7fM+DJE4A`92X9ePBRB#V`j|ARrnU5(`4^8!bURw zGRfUaKhcbf7DGkXSC2MZ^DWxFo#%Y1Z4UB3%A`0z$%YRhGQE2KHvr+=pSqaf`?Bhd zRSj9N^_Cb7okBKltBe5Of_bfB#)GY8lEa-P;tMOI^xmtzX{yr|(O}lGldU#q!wJ&- zlRDk?mmI;t8yf}pO?48%0S*Beo&4grUaeC;UL^ZTyHqGa*mLDYT8TLsHXZ{Sd@hwW zurVQ#G$Nj9>KR9{zx(0tjTa@`P*0j_fIzgU{)3hP53U4cH`*}w85j4CBS-agCuMBn{QT&q0~j3EJTQPz`ncoAp(vOw!9Pd` z&hP&QLBVi!x?p8Dv4JJ-&W8ZJiA!u)%i}j$oIAUfboz-&p_`}zsb?mP->?4P=nmL+ zpr-JIi9P`j9ya2@PIUX(9NU`ic-TX(Ct#Qc>LX-J{rBHPf9hfZWbU}`Qs#@MmOYL$ zO|K9#qp?6+#cS2pG*4fzQO}Xf1*|Vn=BOH9=Wm@_r>`&rx^&Tp>Tm*cu(g4UY+96H z8WYeA66EJV#=U=+-KT%rVR&z2r*rgaS1}F5Q+-grdxZ+;O6#D7FM6{=ps8=ZcA$Wv z#MaURuW10}yKw_YP{jTFErL1W+!$3A&ZswX5o$%i-K1(_$zM*WSZ?ZA90s z*c=0KVEJu1pvys10(g`=7D00VwN!uIPpqsRA;x-|I66!MjS+K+DqF{9p>-3euW+XK z{CZ)k@|GYm)CMLcp(ntm#R;8*8aM~dYmi#~AEUeB?j7r;BC-P1B*Dc(d_(LCgC?9u zJg`?^wH^4rU+JKc01TM}uGunTlk7h)8i!|6gi$RwC+PX^3MnQ3%AISdGWQ=2$6&I( zx$A3Vu(dK=OnZ|Pa$A%D^im?({(q>l+Gmv+K-wrms$JUOD1c3gn?}hKcnSUrPov}@ z2WPs%JDv!5sjaS0p!tG$(+)b=_B zD6MLFz)6|bxadF%dkC&s)RW{B8`BA zf%&mwtl<6MB8#A>gP&E0Xm?nDJ}ELjG-29^6#yJfj029_l1WMr7c#fm-aMj5aMts( zyE?7iJ}orE4%PG#lN0|hjtJMsA1cWauCY6;M+^k>n%s+X@A;~4p{j@)bMb~wF$<6; z6y{;m?_Ln)V1acQK%NBiqVvDi$e}BK!TSDD@9Vv8olZ_}_V-Sudo!BJmulI_aZIFu zFqjs0uWZx+Ob2?zO;ACm0TaysWN4SP9~#PAjy;)tM<@RP=-e;H!xzzuL?14+lsf8< zy=UB67^MO9d!-sc8x+1$Km$pZ5c{#){C)TmSObF@yn)$lY7o1&YY3*PSmCt`9bumTq!4#;{!l?dLD?)U4PRG7mTju}b=L~A_G$42st9Wbks{!aLJ4g-=V;R^V z7#u|jP|ps4#AR_T4LVyeDaSR}5x;KSZ{c5H%`Gb+^y_yI7~H}MDutVel^~D%BiJJl zro|)8)Dm1bMZm@OXljf6b|6i%acSmqRa-hV(0h<}Ep;l5e>-gW`#Q>mcmmeyiXx?? zw^cW4Oz07~x>r(qU2*lvL~LBM&By#e=#RaT9_ae{t>#L*uj_v-^r>ht>Z*&r7Nj6d zkAnJtsB2v0EbnD~*MV>-98m})7iPNzj@1A%OFAxc{WcyJJgbx&Um>6RSVI;GIuq!1 z7eGm_+(PThdIc_NO->)bTwi8=k^tm`?>yk**9!CGfyQ~-ci31;=eN6uNLv=A)_o>L z<0~Qt(Ji1F-YDWO;mamF=G{&M3gQXITuuRBdUydGX6tVqpAcz;ht}m$dI(?5(-<7e z$AO{Cd-#=Bn7GIXCIbFyJ*E$iRu5wY6nr|Zj%BT&^4sV%h_e=4`xz#mC?bAiU3jk zJRwy?#j%Sd+RI}Z*K#X9&FEWd>Yp*=lS7f2NNg#CAU zw=P|{Bw&IaKo`8}FiPTst8bB)Ifo$$L|Wz7axMNpWCDTfxY58IQX9*>L}1s z+x4#Q3UMVj@4g_q8Fl}Pv-|J}#G9*4WiJzVF@vl7%)4+u`Uy}f|8M3UNK#p2RNXQL zW#7k^>1ZS3nWr!)g^BUtZwZ|_>UnQ+TV%?L2TmgbeXVqu18S@xYjP41;H&|Uu5SN! zxnSh$thZcd-#Qy?WXY3d@~hX+0kr918IB@)%22fW03v`}zaXl-$oBff*wRbj0Rq`r zH-cUIptj`yU@Y)B42#@RlFirI!C$g?>Jc{`^4;AWWf%f{Syba;qIru%{AG&vIg4@e zgv4jTzM_9(2nwuh@3mrV#@OHMFIRqo{J6&SDK}gp$q-aCylH29YLn6gLOsz~+VY>1 zf@N&nd#JNA>+HJt>`rj@lJ8Rbqr>{U(iAw=l}-!3gKqRcRtl)xdE?9Awf$vhbWm!N zlaWCd1!F=34-|F?8EJQb6mT|fJ_W$?G<&$AUS|S%ayug8RHw48i zLggnpNzEWR`5T*+h`ftLudH+oixe z+*ykr1Z83&eto(ZQ94uzK!Wg1Yj%~vOojDw>}qDbkEG8`%o3x8*R&h0BZN zu*N`8%w~yL8PXNCK+NNiEwd8@j(&{x?E}MIxN%xFg{R9SUEN)esVf)iGuDV=ex240 zwZtkbgtmTf@oj{>_kvbGpYZORun~?TV|0A4x{hy3ZvpaDB;F$fkfwnxq~iabiYk-~ zZcrK!jj^$*vEZHRgSCoB$g9h5ZeCaSg9OQ$A)s5fmJz)^($g=0>5BgHkjwhc7*w#d zV*pxjF^Nc92B;x)*I!Gj0q2!-SYC z7?Fb#a|#4Xr4HKsat^9kYO>0z;VFuFQWgYytfO`Gy>h8Tm$ucwR#hLC=UFxN==dsF_g~VkK`rrTyihwr} zHd&tlf?r{T38KbsVDh@U(q|U81ku*>t^%}_QlKoh^VS5SEE7m%y3qWutW^e6@bq3K zc(nguEA~(8FbX5;J*cLg1RFn=7-3-r245-c^2`G7^8Osd$iUQf_n#>Rys`69CPs+ z>6RI>q5){LH#N!eUO_eoZHrkbBorU2*ud8Img4N)pD_TXq;e2BQ8Z}dvqGBJrgs&X z-p#V#W!j|yKgJ|5X%?h2um*g@CVMX%VLo8(Z@L-D<>7t;ukJZ1EGbZytOBkdek0pJ z4LkJ$+4dCU5UW-0pUhjpGXQ=SC{0&QlEI-(SY4BG!+) z8oN}|06*OF14bfV1^$l+Z{SG)jhO%{T59`Wl6jh3T&w~)Ibm4_b-3rVts zAI%_b+TJ{$PQyczTv!|A=@8oXg{-pj6*37fjw4GTZ5Na?0$QyLFz-U}QNWAar-N4+5dYq7YlN&jykj9Q%l0 ze*b$423|NIACIY`q5GvbfnAs$af$8f7#UL(Ak`HR{%R4DVEp42&#oaHXk^a#ob}@6Or+U>bx4VMK zsVc-8C2zV@)ea)YC<3%zyl(r$(g`r-4K1Z!BHag?%A*>Z1p@o%G&>>M6duCIS{vAI zNRW3CVx+)0j61|v4_pBnz{{we$H4+U%b7QTUMLj&U!5)V2ffUMK`XvnO;~+W7FBED zKq4VHl_X}fDBz7yq!T0@T`c7xHMqgb9FWDr%SYkvVI>z`T-Lt=!g*ra&i&v=d^kg8 z*7(5wW72iZdKQ``b_JpRHT3YbHeQFz=yC+cb|W!e*C zrHzd7t$~o(rMFf~CCgVI+M`@&30`q6SjzG>?KE@8j$H$DcaHUAO>i;%EHgA1UL$mWa;GFHtu zU&Hu;9x%@8e>2V|LF$9nKOg!ft%utcL2PcHTOi*W1U8?oO0J{&i+y@kDAf?N9jpJi zmSVvw5SSO!EV)pLomSU@r(j|)#Xue5MD8FONFq%8Dp4`MloOMS?!+hetbD5|^(9(( zgNIO7vR>Ze{AjZImV)qjr9>iyPO`G33ru#&oTqVnS1=X{;L;1;UNftJZ>d0kI0m)v4Kj@z@%G%YFoD#-^DU##~X%9%jFa1%RFs12M(r1Apd&j*>dbQQ- zOR-Ci;|}=+c9LXV7KyyzU7IGYzxGM6w%wXo<+m-eKb#xB_=B3rY2N2L+Erw^*lwri z`g`tuLMK=DEyZnm14-bSTAHwvtEavIkURtwiq$cYApQN;PCwvh*8%%-!@15jxsc%1 z`@@V_M12BSV`)y8Cp|?;bir>!HQ}Ik1}QRRP#Y3wIq9Z1-cf_Hc(pEXo4b45vN-pT z-G}*-rz2cir}F3KR*M-ycwI+%_m2l;OG8y3MQUu_%=*nJ6DV`C$5~5vmkVrS{e=~I2xv!zDCHpgRUpG^sBepC zK{0`k>1tlKpHE_J^&mfB1@Tg6*7ccaP|7Yr-q+Ul+SkP?Rbad*N*~oqq@X|kOIgYr zkJI+{8f3m{asx80D)AcHKhY2-%4E&Tx(RRSPBxxTnwS&-^TUKq2BGVzZYLukB;#OZ zG}-9m>>Wo7!NYeSr&(Fs0{8;dQX3UR$oOx8X4o2I`}3`A*3FC6+)PbT#}1#)!cwF0 z(lf@%cxoKt>^m1T_ll<9arl_Ot0K6gFhnF`qh&F!MhRSPJi@$2UO2Fcj@KW+k%mI+ z9E)|M`Q;V?06GuXrf?O0o&6wE*rlOtdga5=dGQb&lPpoX=Yax)@26Qfq2P-+=lVap zD-UBUv#mx7xF|erbRlk9n1aF1Ejt56mz^>@xZssLNb1g@=|uUgh2b0~VWCwo!3;TK zpie-)lA#)R*aP5zmvq_DH8FsG#J~$y^(>Yh?FSC14Y1r|$)QBb42xY_DK>XklO(ml3-tsondviU57uk%o zNB8!@CBBVd^O)MQr$^A%M*%D3U65FuDoqaEAt`i+(U(pu2Y;s|h#^+uL6Xqsq?e=D z+I?>;c`E5IcTqsuu+v=J9?&FJyH8O3JL?RUg%^`@H-t=HV%u39xGrQ_Cz&*KDhu(v zhyvVWwxQ6*K;R%T^6LJl6H>GUl_WTvLcmCZ%%kq9MKz)f_2M$9`P#klV^dUJ!obwC zv+q)I3q;ScCAhUTrN766JyJ-`gw&dIU=L(eZvRwIySU*1el)l%w)?&mzW^fW`Kv6S zJNrXUm9d>PLKv`!uTap(p1TbE3&Jk5Hp5R|LT(XA=y$Ftlb%k&{w zi@NaU8E#bJW5YmCTUU!wKyCDmcN6*9fzb;i^Fjmk5=5=+Pom6jbwO0-GQI|s6cTz08&TcCblx8`_TXw1dMF>w0NazB(;BX)H9ew7>yPUrE6XpK zVIS&E^K(4hNc07F!)e|=@XeP{e_jI4t&1OA!+=Y9?9XHbk=V;RSZ8Mt#(s3DJ zVZ3mM;#f$0u9Tr@eVuLXASOR{RV)3Z09nWXCaR_yz=d{#s;N&<9nskmTqVLIhyB=2 zjASICK^4JdM{$Izzd90t6RqrIA^PR=z3#{DuI`36^a_PvP3vC(aTXpf?G-^bJC#_h ze59CoO&8!$K#8D;n~iXIfh?vp87D)Bu&J}|K9kdFNI(-K@x=p`}|j3M*vi%Jz;MB|{c7$*S6!e~5>R%Q_GQ zSnmZo0t7M@-9b(N7)B5HFot?PaH00%z&5b&cLL1_d3TT+u)PA%X(|d$Mf{(fI)|`q zzvga!L8@aO_Rf+jd1Sm$#rAVIkkAu&5rk#nL5Z5cz7z9ueMI1ni;HHQ=g3Po`$XXt z@|I0-3xD6$$W2g>+v@f?{G__Uw91A>aHz=STAD0m(`B0Q2k6NChXC8}Ad9FA!F$iI)+T9a})gpxi zim+JET;idimxI=Y6o&V9zUx&^luG`WT_HCR{4x|teX-}(**Z@r6+J}TDPc|?CmLNd zM@5Oohb$&lyvBF4H7a-GRXFxL46h*#aXUim!iJKiy80E=TA2|GPqzn)I!$HFE2Yh^` z#e@fe62*J{XW~ezM^)?ZL&)#S%T!*~zmea}`q>ef37t2Jfhz!h16W#(h=;!Z^Jte) z9Va5Xtpam4?Rb6>wg!5Ti;VUJhqe4*Cp);clQ{l3()Ao1>uOZ_LrJ+ij{28@h3u<} zGt{%zA1XG-kfy5q>+nhM(HzI1(O(EfW}aO?1f@a5nf~%%AwLW7j+HPDbXtK>0+?-_ zy)7{8K@J>{q6x_!@&2e^hlFBOUg;16jXoim4Jh+$Pfn04B%L3B{T3A-3iIFqqJ6iv z9530^ITBq7hX1TC*i+GNJ`@QO#b_|zSa6+kemE2YJLJU(nK^zMBiz5P)XGiJavNkj z-;8*@{i}t~1^A<*8pD!{vY~AVTAU!)|5ElMD)hE|2nGo+1Im>j>mR@?`<*eK@}?(O zAmd7#b`?Ja2EUev6ZN~8tpSXE zZszm|WOe2=$ghpOGdFU>5KfHoy3wmtp$!O}FA+&jVE!2?V1(uAnD}R~?XuXX{ow%E zMq2|20W6V}0_?jn{qtc1n-7*%_p#MK=pCd}I>yh31|r)YqsXe~ghBbeLSk(E zaFV(1qX4Vu^;^wapdyWE0%Vt1sAo9Svrfqa_|AhpsS`3NK+pqqTNI<*^e@a&6mT`v z6oy+u`#x#bEA_m9G$9gAX-YDNj%l6>a8#^kyITJ^Gk*{@p+#BiI=??OF_A;$^g-6q zsA}H5k>98SpD-ff4Br6e^ay~e%g;%2sZe9Qh_L4=rxD;z>gyRH`>-U4o7a#C%OLo5 ze9-ImN0g)?3Jd%wBX?@)aTlc4ztZQ_qjKanWpdn>-jH_K-A{a4ee@b z5IH$hR1SBqXrS*TQ;iE+^smGE+Z&CmU&H`0{iJCC$pk#GRDOO!V1Aj~pJor~8d_pT zvUf)Ej2#|0cFbqjeEjs&+XZC!d-5^O*k zfyH>qT&K^39GDh{;Cs41%$DD#m63di?CG~@Ow{YRTS*vaqjGsXO;KUu3#3c^M2LHU zbY6(~@S9Wv{Ik?9cp3^g3^I1xa`U=>zQ237P)19wS);TFw46~w6rxEz7A(j$6*p;@-tEbOL@Udv1 zkc$NLd`_vnsRD4H0l(^BUfMq6d)VXr>mr?4H{Kdbo5_V1(J*(?D4EM zHCI->vqyEje6wU`E`=sp`HY5MFn>j4Zm+kBRJp_z;lMt3B)4eO1N6Yp>IB`b=qeN) zV7vmE_-Uq6nN+d^T^$OBVlmQC+n4L#1vHj*!!r zN{J)zOy1Nn1I^)BvHi}P@R&m2O%=P-2*VkWC(fqcGx0<30T&C$!XIMG9>UR;^BAjg zvFjTcNCn~ZK+k#rTs@7({O|4aSa9KqBDeUA-we^JI5ul0`%5U0?o)NWKL^`@;hI4u zVnFwl)Wn&&=D}B;!Egk5VzUoL-%qp(q7oras8?N#cN(H1c{}j6H2TFVc56*wTa2Yf zT)BYdi_NQ0foh}^0FI8~24D^!Vp#is5$UQZl^D0I#>&_*S?LmQYL~qG6QNF+>wmp< z5V1k9q`!R-q*UkuvzWL~s9oCExKpr_bzo)LEstQsxp{$57RMIeVQYS1fsCx0as?5WhlRas-LR!&tw6r*G*0&x$ z$8=uf4G!ZSy&J>XZgwIc!zsVWZQ4_GH=fgUinn)kox9{u(#uiRkvODp;D4aw+&-6c zvU&JdMBXi;Ah*1Z@;Ube=@9fdJCDh=C8xH{qWzge4hm$Wl1~7(JJr)aP%eJ^=aUp1 z7Gb=d##1uX(|h=C{x4GcvV2T4sU&ffO00;bVy+iE(O3A6?MJyj3Tz4T(477f=hC0g z0^i&-!bHUp{o~K?|0I#39?`SL=&7r#FSSK;aF;n}W@-uSzRvj6#YPaJQl#cYZ33eU zki2u{r9bD%@KFo~`03ZTqILl>+FI{k8*%Z(-rIHSHN$MI3!G@_Tu6HTeDXMFH#-N zh2qBop`|{KdU}E{WhYS-U1fq2IGc!eA;fgLgJ#5SJ}QU*gBL;aTLNg*R_`-V+I;6c*hdHg)8O<>^*iB(d@HSG0Hc5+YZ> ztZAjKFm0cmu~)6AW`pMOetSR|k+SmEr`vRF-Y2=epF70AXw}n738S7KVB|#{1N&wv zCA#l7b9&NU6n~yD27>%-?m81XwwOPrTjURywn9T7%e7- zq38XDw%8+LnuxUY?PWk-N*}Sx}8=^1i^(ZtpOc3)atP!cX^!Qorqv ze0L){o8#rsN*%^7x_aL9M61|lo1WaUJN{DO-~?%bok2WSKI`n*FH+%5pw!?bM}KhM zS=Iy@IEynG9IkefaK}~F{PxEB24*_C;O2nO$BbR%C>QMmL<2}j7W?n%8LLyijLj|Y z^+{LkGyuIRhQY1&5=XZU-6U;zdp0};9=O$f%rqV5_nQyPujbq=s-@rqtGZs_6bXmu z_Y(@BLY5&~8HqC*1fO!D?Qs4n#o=djyd$nvr0+vQ5`#~GmsZA$_b{+(Bx}zOI&e4( zI%if*jjlZAw!fcWPnD@Smrea2+pFWF=Sk$F)_WELb+m$guKYybpZrn0i1vA_7=Q{H zP^kbBpr|vrwaX#y?=ZeU0%$2;-#-O4DTjvA{rxXN$vi2gCFau|;yd&6QDvx-Qc^A& zz5`%jcozmI4^Ku-joMB5AQB#nr&o13RD@i&?t!v^mhT0bm|BpJ+wA9ey$Q}%QAK^v zwLr#Gv#OsvHv0A3kegATf)EQmyDY3TW%-)3DaxG9*9PCO=C zg0Q=mVpYlA3;w~(O#Es#>wdbkZ=AsTlSa`Nm(2S5oOSu4Gb#=bUheoVfQnp9jEv0+ zMzn21E7}r&o?Xu)hA!^Q98>}R|BAO*z!kj3>Nd(nrDf5BYcS9A~S)5VVMTiZU9JI82$ zJGIB&e~3vLFP~FAdyvp4a@?;kh+<=79j5Bh;{{#rhX{F6*PEo?iZKm*aJtEkE4P%1 z+wGD3-Sa%a0ve10RvQ#JT;woItRgMhmnTzb&a%dKw-;`_Tj?s!Sfhg?fJN53w8WyI52QE?hZQt1&f{FLqPbPf2sm7FC@Uny$xTv5WIkSJCGXRnDO)pKEwd8r{va}G_;N%FAas^lfZqD zPOfHXXsA`XlBDZuo+TtRA_trKw%(ejeEK7D#&IIBD7wI=`)X>hUAN}DNsKu0h@)HP zkKEtgJ{!#VB7S0e51yR9J;LaoWE1K|Ht)cg7pHUGW&jYyYv{&{ANL4t-Cng$PM=c* zlzL`jVIDj=a*2+KrNNI39qU)$6g*|L7tzejvp}P;Y{fCQyXQC#m^nC#iGBQe{2!;A6b3Fs0KE~Gd({LF#A@Wlrs3(^Z+qYW zwlz|~P@mwOy>Vy)3}^+hrh&6}7TPPZ7S8O)J}Q(O6EFU z+MTIArQH<<0tlZ-C24Z?tAa#eaZ24=0~D-4cc65u=Ts)%zkNnzIAv9J-P6WfGYvS? zbsj?7S8fMBVWPkpDyfCmVJvXHejbjQCJ8aJWWdOTD%OjFzAph<%<7e|i3pAR_uuBA zNiTCEqRN~b>gy}ht}sbLn{`eU6&H^uSzKCHL3Hm&w=_2^-M;-yUtd3}rD^w!aXhWN z4v7@nDh433$ifEocx>W|2u04ho=RM5AaU_V<-&g2Jk=+oKPNd6pq#?OP(JLSSJu3E z?QuEoE7v>zkL}F+PFZcz)&7L6`wD85<1XVD-Ky*XJOQgnPfs7XMRV_`v7B{4pYOri zKdg5qx$C2HV^guW=}>h}0iN@1K#TMx(R4r4VqH55UDHrs-#Z}H$c44uCJL9Ru(1KU zmwjxf{cY;UN=a{O)G#r(4`$-SI88*o+1c6gDXmji5kt3N5~yz+gs+}GO=}GNh{OS9 zYs=D$!^dt5$fZVCQm<7Z>h}(w(O2~Z6h54oxODo>T&AwRzVw3;v-X(KEP#i?V`H=G>m?cx zh!O?EszuqdKYzT9Kj60rsOpJQNoBPu86X72tHUD?!=*{QeERJ7AYOGMlq!C<1He1; zpRQ>vjErbSgon?UcINbS_b3yFL^#^OzKOjqsXCCsJi(*6t1BYI$H$k`C@U>3ZCAxP zdFcmDKQ%@J&0HOqgvR#<+zqv=9wl-SiTifm0G&D7V zv|txHTH?VcAkQk>lThCl%Rjwg${V0Jb8;$T^WaD*EIc|oV{6O)IxX$cbP5d(4WDid z_QfCDuCqgtZc$t^4G!BGt8uG-bb>QI^w&bg%e#TPC$#gF;Co-gfq+o7w|KhrT*eSkOA#*fmXQ?Gldu*6KtrAN18aG>9>w z|3thHP(YLO?Itu31f5Q<)>g{44iYf2m8b2C%#mq1?7r?7DfV%FM{9QS5@u$)FrlSU zeT?$_{JV^d3{B})rqPpoPuJR(2W8RM^ZD=D3)WfBI$Q*q$C6zA#+(jvB}T!m1E2nS z4sP`w=tBznObz=5dJ&JBH@ly$!Rji&r?cb9I~|uShSf8#lY;J3(e*=`k_qCcVzm;S zTIm|q_BWLY+$8v^=+LFTXMuB_iIM2+!rP1ISA;cEy=d_aE+YwuiQi-+t0M*kB)<@- zG6{H$oM(=I;(jo}7sKIDCVaRunUSBLA)dk#B_sv&#_F<8&`K?wTjbwb{$dsE@2}Ds zz8n09wUt%L8W+4e_<_;I(K%s3bxch8gJV5)`x&LivDjDmd2!jC@mU$_N~SMjVn#`h z_D;sFEs@)Vtd834dWU^MB*MJPi6H^o%#pj2RQ-;OhK$hQr_e+S_Q7bQCe-e&i?bB z?XRqQJxH1_@i*UW^Klq{)vK{}irtMOo6q3r*D5y6)Acm23|#1E;kf>FZt^$^Q`FjGccgVBOb;0nGSOCd7mtYC%CxzPP4dT*rAHdu??kR<1K zy_U{pzw<>0ogLBGkgk|#5b-*3ae2csVH1sbQmb0lykt2ty353(@iJ-paF~zTTn+B= zE-Wvre1B1yMP7%l&$S|xj;i>@)b(T^tS)uod{KvOOztw1U<(D`fbQ^omkO(ci^rc{ z5<0w_d3W;#6^y~riwlMNVX7kwNC(4{#x&ck0IiXoz+h^`nc-wLP%TsOCi|iGK zY3X=B_!M|kg7lv-*c15dqyRc|-5U((8^cX0+uIFh#ya1!-24%UVG-e4nbv_-t3ruM zVIljs1x!S(=V#(`#1Pg(nFuV3&t#z}N4irO?83(*{ME>g67IZ{E_r2#*0J>iBn>Ms zH~t7g$b9;pCI49~?VDwwiz7}Q%0k6vN^Fr+GVen_LC{yJ)L z4C!28|8c3ppdzKtJ94*xyo%T8dt-LfDnVp%rfFC)u;}(HeaPN(?L{A5IHb&+byLq9 zZFQHAxLS_5Xt3TK?=!mgCffe>h(Lp|=isyE7=CU=qn=^qyxd}ksP|pt7<8>|pC;Rr|CQx#{_> z>hem`Y!+_KFq;=WIutuJo+UEdOmtUQP>bOr36DsPsn{Ix+=~JVL?Na|bZfTFX7ThE z=qzQLX4(Hcu5yS)**ndeH&7mPz^pa#xZT8kIXL>@qn^6ienl3gqz7nw!>4wb@FL7G_0x4k z=`p$7PR=7&;22@t zVcL(l9YhqDVnb7a&aS&X>1;jm^?BZS@^WC`z-;^OPO@ID{>i3@$7gQL&Q|BOPOR`n z>62Zvv?P*6^L}S!6-9;9TL8Jj6B2U0yif&RvN19FC#MLcw1}Tkh{9D~6-Sv)-OFsV zMq2|u7uon-D${R@0vvh{wb}d>Ab(H*ma`#CM$DfzLea8|Ky(3b4Z{6wD3X4bcR zFR6t07LBUN-r_jFl8f5O;a<<~3&auOTJ)=QPvoco0kvs!Wo39Ae%exM@I7U_!kX~5V+U-LXf_}FJ=N-?vXr#6-&(%)U&_0)MZX^i5JJuafYR6^br z8iyR{^2(8;S|68pGsG&Qcr~s!x`S_eG+-v;$A#iT7 zo~6{Ft{ovs?yoK>O97PCy2^-|g*R)0sR%@BmPcMB2K&z9OK^Z2@iKD0z5bXlGIKKu z{~8FasowHbtj^gU#VV=U#TM~s+S$))oHQ#O=&U`=$MC3i$=Tj*#3D5bsmjgG7_5xl z9hpqzwtA0g7sHqUiFNgyNYbk7kLQl=vWp-g5Rl;PQha=KbIosmx8;PrF(WoHSQiu1 z!7M$mSKO%_?$0jw`i#aw`C5AYlfbbyYtR^Ac+ zj8ZSs!&fh{lYB%gY@DYlRVam5=p6bNJNGMCPTHxY(w(%*RdIx!J6TBUEKv}UyX!v) z_F+?9VG)qvX_s6*?)9Xtul`_jP5$t(BXafq$v%CpJF9`wv*(3rmrEZtdLoDQ`X95Q z65^4kKvJ^Jpm9xPLw`xB!H6lD4^fs|^H=UP22G4>`_^r}>e=BokLv9%k>gc=X$3vT zCSK#k$D^LolTP5(F8n12Ym-^au||HqtExIUG9n+1J;C0JdgW*PI@Xz zqCc73&Lr@V7LSGHx7RnYy02lY7jc@?HZ(4fiadF%b0VY5(q!@>G^}xE@j^(IiFo*| ze?ZVcY0cwGOcms`VuDrtrQr#xiET|Qt2dT6n>^yf1k0xZ9)DC5KioFzv7pDj1( z%zC24{QU!q!d8$+QS=C~tR+3Vj=GH7DS@-Bax!7}(Xg z7MG$K=Cdd}c?eswLDby({IT{)vjY8=juF$;pon`iCSFasZ6iS`()N*r-6s87v?V=y z%%@My%EqjRM;E}R03NIlImg8_k%LgMYq-LmZn z|GeWn4_*=e72-$dUY+cP884$s+37I)I&V5m+fTOlZavqlN^jX9-u@m7@LaMnuMDp4 ziX14Pc36{F-d;%*&g$7vj&!e~5ku@$bprLxVKy$lVrXpat+MKzisMw#gl?fWL0aZ$ zpG|p&R}Cr4u5n_S+v`~c%8V9{xguNfH?Q-ULp58SbQqiF3#&Mr<}r9ZK3CRS$3Hfm zFbsB1;4)1Yy7WZUm9haLHR^siy~$i`VfmNg&Ds+ur&cn7Rgv-a=g6GOB9Y0`?JaZj z?E`@|av`gUmm|!YBF8)DEQ9~DvJPEG@WC8Ta(cI|PYw%q$b|<|X`cnI?zyq`sm8#P z3ERvL^)gF%noQ`*4}ue|tj7TiV{Z6aHzeTI(8`!&@g~}2Kb+US9cVQ!v$*p@D_~9ug%r zN9+4cOj%tU4sHgivO5dW?>wF7Ut?cp_gIH7aXE}VJZ|4bcDcUWzVPRRk;=8vgI5k8@*WJGWc>JbSi?5JtlNFBDF{NZWI;GB*k}d{8W?|19XTiCMLSi!79ciDyjL74TD*D!dBZ7W0#yn4ze%p zL@tU@>h#TymT@*Yuk?LB06oOEj$%o-H?%E7#Eq}PN{@@D=3j^$eqLIZ=#gbT0f+W1 zFpGPoKUtA=?Vcy*cCneDr*2}kTNOJ8N5nTk2&`V9@}bNXqZ=$gTd7&_fg$6AeDVwn zINW7+YSzMom?lfG{w%#~PG~;>F-^z_Y zS1Ih$X(14iFC>QOn`k}=sXcigKVve{YfBB7J>D{#+Uy2+4P>L^ePd%JES%M>aY9m* z<(A%0q@|p=nxeY%B0cun54Vn{f?Qn|+}_kKO#94ZV7DFCQ6-~`2_FTyMZ^*1QJ&1I zlHbg-*tCoi{haH5ojq)&&7s^he0G$*QTgOJB*DV2Z(Dq~Ga}=2<;n4bCHsz(gR~GP z7H%y)WTZ%m2dPo!G>}VSm#`y>6%05VV^5X_SNjtH1n54g9?=S0KU$4kQ#mP0I5={m zz*wx+s~Xcm!7vKxK3CfAtk=B)3_j~EBsX=-lf^Ly2m2Xr2OVs!OmjV~`(t}$RNc?d z4>%C0n}(?GT0zF&Z-(l}uj=4EGRND%vGg49dWzsM$DW;gvZ1KlS6|Ps09HRrKVxi$ z45t>;@*DhiPdLKhEqpX)T|oUl2y~ktn3`rFH+N-KwFlG7yk?RdNXQ8?tUY#& z1ROfasH>~LrU#RY@0tz27Z9v?<>a(j_tN${eS`Uj zCNam!1XqWgacR3~^bq&Mtu7#}#Z>!?Eo*XUt`i(AkuIs~DCcP^doLUi)BJyQeRn+7 z@Bep%NJB>U-U`_wv+PwNJA3bJvPwoy_R8LSW^a{H*?W^Mt3rz8zTW2?qtEwu|IdUqx9zQYjue51PpgShLw_rWY` zJ*ZBqU+0)?e25Fh4uGp^GKI;Bu~9;()-?LZ^JmJ;zI4L4LZChH=ZeN_M*jXS{CF1x z2yVT$oj%%Mx|(8jd9AAYHwa4uBlY!dLc7^)i!Vqqmg5m)aaO5?9h~MV5*h4LGaq_; zF2CbGe5>K<*i)I2^oVAc3dhd(m51!kPZMz%O2Fa^xaQMm2N|vP>Nt#lg5*W03~?iq zlZBu>fPj#2?I`(i-WxpA=&&f}b^ND`_ zb69rB?-AIr4mQI?OLDFJ%Es8p$i)3{jgcE-Z78drj=-q$7)WP#?%Z_%epY`*&&`pv z3_|g2oum%4X%1ugfSq-$ zP-4r#jzULtqA9IE+yGII^%isNv)z-gwn5l~u!utGfbqVIcy2@v&epAe7 z*Xmq;rBLUziS`U8b~y1NiM@Hp)qMLfp7Lm|`*);~*HbmqkZ9hX;bg&rifODm(`mcK zg@s(D6ycYlq194yQj(HSDk=m;sPj*x`pylzmOobqrpJsAC=;XeJ&MT}HLywcLI60J z@0IUL>7qb7Oe?DhuaParm_k3*o=WFP= zcm}(nx-|-8#CcVOTtR()Ifv|A;eGNZ+_6}mM=K*Gx!FIT26&VRxk$Rb_T=`KEXKG> zQ3$5@j#Fj4?vM^Ed!KmcG_u_L3iUvaW#UM$K8NrW zPBEksolIAudLsm404hCFv&e~rX!|E>Ax zubZ-g4=f%i>=G-G@Q4mbnVNTmQOhbSR*AK(te8E6+5A>N6QvXd={(E^rc!;SvKVV& zGp!VUZe_k(L4Cm~C_?b)r{e< z5)$obmKxK+&?)TDQMjD!->!2M4G?=)zdkoV7cID6(boM~;nn5*62Y7oT-!Vr(*8o4 z0?f>LJRN4)eeslRXU>~=v$VNJyr-nbE^#LeC9lroO1q4pTXQb!EhzLe-=T%L8W6YV zJH1`#ClI$MG_ta=cqk$9LRMCGhqBp2?m=JK%U~r(v!N&`dkzYmfIZ0Cl_`6bTzID- zGN;?Qc6Gmwgoh`2gwd9~2$XLa8ySsK8ER`Mrl+S{1%^`@#=dq#IfZpN=syY6R?x*^ zV)#o#iVz-Y)k$N3@4gx&fgRVnAMl<0HdxVByv2`LA?*8Pt%HF3POjI{I}!p)!3@7l zisY3Pc-FE6a}Z=fj|ShnyH{y=_x^#1)qV=Yi6_}&i5YAxXDEzTe2r)g;Drz_WQiM1^)necFPgY>F22t4;` zS?)0*Qjk}Q6Z_#;I(`G0f>a>oy00v0%*@B9_VMFKS!wC}^71emTH4obqmSh`;YlMn zcVgDIG|ff2>wf_G^uIpbQ#__d9hQ1xXyUA;O{wai+5L$aFMsaejl>A3LmNhXjA|Wh z&wnbWALr~X`9%Uf0o5TvQDD6XWnSN72>{Aame&^Nuasp6HUs1yq0nLP{gMM)vaI#a zzu>h43!z5>P?jgdwD}UrN#G}uy>x3urm-{vCu7^?<;C;NK)}M{8xSJpy9eD4&wp-* z@D?6%*Y|!<0mZ_~I;31;3vxG%Y!vL|U%q{1z6$aG>~nNYqmXEdxM^kVoMj8h2r4L8 zI}}#D?&vsEmf{K_9u&rRZ5A!J$S;UWj!D-l{-|tX zk`28d>t0xa#Q}r%qb}QFS z=@AlthX%xKXh{_k&U!?%k5TZ9c3u$oq==M6MBsuxqI*4!wHgmV4nJ7V&elN%Dj#rF zPXz^OpeQb0#4u2D;is~*v-27^NK}jt0%thh_^^x{^5WYiMWyPEj>5NS~XV!v}>f+>*kC zr^-$W3;%l3pj?6TM7+Oo&T5DTEx9V?2P&LPAVvB1{vy&()CPrew7M8)B?i%5Mbz55GMy&gY3nj=R9|%{#w8-X(5R5mP{IMC z--@T!C6VF2x}!LI5lgA@<THJh|2@MC@5gzs+5|Rrg(YRi6nVK zX$01F-`%|q&b^tAK(`4!9RFi?DmYZVQ&8d4moZN#!APQd4>@%aG*n9$%AuD<0qe4n z0atq)g50Rpqv?^?2<~L&_yCCA&C;OETpLhOP!RC`+n|`ppBBle^mUc5YE|0&Mbam; zY_2Ep)%cZKG;>K>3i3lk_u-<(N{=Hab?kk zos3cFPELtUv;TZ%y@QClAUD_^`Or&iLUEX~|J7b?aafwKDFK4d=&l(paGjtD_}6JO z%nBNe6Pny)WmN^nGWn@zeMnN_L+z)i`jW95%!@QWqQ9_ziNnkrBSGnx)$Zzm6kufD z))m2rfGfJ_B*kH0j)Z!tkNIHM5%8 z@%r^^fM;xyT0zAaD}W$`VvxQ(%#xJEtjCS+d7!rNYhOmdWsbHFA3pjKc|!S5=b6W4rzK%N zDs~GskKJ5Cv#44-2)_{c^3=bq=qEHF;}CUVTyV>B+DFRR1Aqd_E6MTUnD7MRROo`b z%AJ%>vv)A4?6SY|LWQSo5I`vec(JJ+9oWiE2v!lN?VX&=^xxM6HJTQ#HX>a_Q_VcB zaZyn_O)@Zs7U@6^ZjbjYr|LGAkct1Pc1hvS7eoiERhIsDUx_EuJfNv&ofP(3Mu zZ8E$>4Nf9Vzn0DS?YmzAdhP&)vupC=Fkibx^6u;E<>k^hs&)Al<8d;|_g;R5FVp~4 zq>&!T$DSS&pzAi&zxt9~Nqv6AT`Fw=Y2?mzY7|Y{-SY?zk$ZVxUOUmiKt7d&1}0&4 z860utitlwE?!khzrpFJ1F-)^8KE*li%D+_8)QrE(xgQe2OD&0~2dY!a4_f0-mx%?{ zKnn@q(t+(`-xNR~X?`70q&DCZxDVgk@gKg*on`aTs$EeD4oXSa6Y(xA0*!kr!_KFiz10Ge67Q( zow|=MhlH9fS%3k5GaPRe{#oB!*S=ll+DCn5B9Ot}>$*94o195Fi~JyT)z1FKh5!vs zzdvzCh9N$IwfHM}i%XF`zPzA{#0-_y;*IZjjMq4ZK(*;G3ueUnU;SF(dx#4aEKN6h z6i9_q6tznqfa^p7N=0mf>@n;_SM;Lz>I8(Y@qj0Ue2A+3pF@6Uhi{$D9qKl_Q8jl2 zUt9%f=1WqV{<(wF#`oRF|WJL{%Yvz z+IqiK8V1b^4gyYflBO14RdpO5FO!lC4)&(U1n!9o7C%c>2ggVaM!m**4TvAW?G+Jt z218sNib5U?Ohu;8IQLsCF$lWQB)1L0oxhcs2|eQIZ(@dJ(}}}$CW$CcLE%b-=md_T z_Y|k0dhB%jd(0X!z1?nF&C0_-)@YmzQfC+mJa_||48o3^3{EIFi-mHu3R@Zh2Czuv z)lc<7NkJfXB$gHyMj>gu&8C}NU!)v<|6LXF?Zk8CCbsi6jok>Fp{n<3o;iA9(mNHf z6oU1Yq+wDJwW&7^izfaCXfdE5w9aN{U|<;6Jy6o&{vzQJy48MX>u8?*w!o>Hu!97T zaq}V%y4LIzxs;Jtr$ivf=y(HE9SHguxkz_kDcvjByzzGF?1d|o zHr&m;An|^wa%*HMrD>UL<|ev;=IlrM36+Unq6iW^gY@0--}B;ct_S;7`(RPUi>3qo z>%AX<@7cUeskw8QY`dS%-eMLN_l{_K=Hk=|tgyiub<5QbW}{#f5~yyrF~Q9st$IaL z51KT}f_?5FuqxmY;2z;5Wc@3Ao47UFseMN)tDg_Yk6v%)Cpf*AnypzA9g>pzpL2H@!pR&M`9Iq=~`A^+4`NjW5JIq{pCoYm%@Q@x|7Ax%pQCGif2EWX=GcT@j_-N=J#xHP z`M`8U*r2evS*Rw{hF1MT;7edD=8jzq+AINWd$Xdo3|?V^V)S# zr9zVW%Rf8&XRciBA}>nZnWokVmS~`zrIfeoDQTp=n{%q36|axlmui>j0*Js+(riQ1 zy0Wm5UIm)c3@+i&l^~oKs#c)>?q2GCa{4jwlaDg`pYt%qqVT#&)^95Xq^cUKc!Lc4 zJJN%uwn=1zJg&DCStwnm|ayU}s|L5Dk;kiEj_$WFt_u@;L zM>7=rD}TO=x$&`|$`+(=CuvF#TR0laHs|QtK<%wLNhHzK8<)W`Hz*+wdoUK?Mc3AC z_=64s45vUVR$0QV#`WV99HTAvi)00b!znY9g)uQL&Xm`vJ)eHLm$fHzWj)x9^cYma zl{o;?$929q8Ntq>4+U=kc`1K#CjhQ&e9D1KAYdtyi}9Z&d`k&O9Txl^dsS1VdQN+F zVP5W8CGBu|Bs=_KOq_RG*~hE59(^-AE&4xctBy*uW^tt0%eytO7c^tR{4` z`9`+NyI`adX)lzw-)C^tiO!x!dt@V62*Bk!ITt3!k0Jy^;#`Mfiw30T@Sdl$sCN%u z6|C?gE59(`Tn#Tz2$#oPJ*I8hv|`N*(Rg!AHnexDpp>R&^QNa~7$mYwD^^_wxU`f= zM6C}{7st)2@PCm5bg1T*FNQgexjRv^H}XN5(xb{{QaTAHYF^Do4>~5U%77Q)nY z^ABig5(7GsFSQ)W)@Qc(e;V%w#!@HU*Vk=FO-U(JQqs_se>4V&wkPAMmu-X%Zwgo( zB;OX0DsNkI?e_6UN~H^gVw&FXAh`O(j{5k>0eevAIL}0SmcO4dfOw8sMZ@S@)EiY4 z{o_->?Hhr8EE7RAgaN4Q1rgg;Y4x;v9zk*6Qc&+qbbUe^@5~{naHxD)4`eHi-g_PJ zGH_sEMvw46o=qwWs0ab^qrD(hJVl6@xRxNSp)vZC-TRcb|ygdJcvcay|R~- zi0AqhnMi$qf+(0(Gl2`j`r?2g|HSY030MCOgaIpk3zUKo`6tNAo!w)vJ|GD>!@Tb; z91s)0NPssLfs1my4`_4YZ4LR^3xZ3PI4xjD?(V`fT`cENy9q|$RIAAGKIT_+e}_zB zEN@1L0F$p6pwgU*0!JMLzlOJjEd-Nz7^Jw`7hF>|YG*pNLNV zF+3oDf{GzckVNQet&rwS&Qc9tf**C0N15Z(yOEIK*map z`)k-QH{O>6S-cXSgHTy^wLtV@ZK)PdOQn&DCIl69eX3?L7FbyV0^0|yVx1)o8)Io+ z={;NPIvj&U?wfKWN+g%?QT5qDizdG`my~IMXAgHElK;0rD@}*mzrY?^BLwf)Q1F^# zRrd6-L|C8w#9gtojDmv(7)4BUF*<}0MCX68ri&sjRGa~@gVEqkzf*@o#~#d-#J4snY*{ z+7FY`cR6Nj@NNI6VSfPbdZzoa5T8KoxVtQ#lIR87`zNr5F@;=--q?# z!@Yv0v_2Nl@wU<~I&tRe{c0f(?c2?+1Q2BCtWNw%cg^4=^5hHZV2qCIV9v68JLaE} zfr7!&!NRiV1C;<>Xo0X!yVcbf2zEj+uc!|i?50>J&Y{IfZj;=OA!Wgk7$LByP*@&9T{8xlQ9J_^bX0-6fCyNjFq`q42b@fBW z!j`6^W8@!Q@r6z=WRORBwUfvA*SRkGRwBg-Id(OiTT;0R%$Z9xtsSPvza9%(pE_Lr zms6+MzKwqs8h83tQ)Kuy>glVV9zf8Idhs*e$v|0~`CdlQ?GrIe$O`x80v zcn*r163ROvueX;KD9id6NfHQEd}7J~VHiu@K=X#pr0voC!WWHrKKs%`9z5dT{~!yh zL^Ke$le*M9iABapu6Q8F9!u!zF@R!yb4LMm*mk%aA4KgsILOHVaS(?48mbvmx>IH& zJ(OYD^-D0TBG6+|ZHcjh695xS*L>Ebv zRHrtG@Rfb=An2w~nEPM-54tH6ZLJ1-k~ORam0-brv0JbEBz>teE{I&zJjqRi;KC)y zomK{ia*{W=^j;@BOAh*nk&vDtZlHDPkT+*X066+74f1cNsu1Ui@5_9WLjYtY%YTX7 zxwY)c1DuWDRi#vCg%eF(&-3jA)|n?AP0^r;*xoJ45CYiFmQ2Vfm=y3R9d~|$$=?52 z;S1w^6)#Dp#>%3~vd=Gwx+rmtE;Tpi(4OJO2D(z4y$6luy9R;w3!*xF!Xt7U0|ioG z0e8oFbA-kBJqPvepQ9-`Lvo}k|A~c9cDq<@ddko?1VGRkZ=;_Cl%NV)SQ*}jeS$2P zu|PDhE4*&WOot8aosQmW_W5ybb%Tio{#Cmf>wRQi?i*mR^R}Nz|A)b5IZ+cX${8_m z#ob`x6rZU%`ULvFuL9V0_9!@Z8Nl)8+a%#}QPo>*I~;GQ9&Bopr%V!fqNk?&@fa1) zasXmbOxTV87f+`O0?;Z_$RilM-p|n&zCZ3+UaW~B)>eRP|4*`kUmohl;q`kWP6IVQ zQmZLT0oM)dPB7B;m_V4q>aO`e>KnR=9ITsTrMg-_b>cqZP?8pvObV9k(1YnQgm`>s ztt)8i2M8^nVB*S{MRq7z?rk#0jj*INnBK*T%N$GQUjtFzYKOQWSzeR~>a?8i%Hlag zRQR>mY0XBvV1szCA1f`h@FU$i5BGXGnvPK$7Mru?*4GAVZYJZo@6fjB>>zP7RP-BU z+-Kql5XAcy0cDw`WqI_I)Mrj&2cO{YO&=q7SdL^veSL{K&L+^Sb&QeXvkHu=aw~O3ENpU0?0D ziv*O|fE)D7UUC0d-}pG7c{Q6wDkch>V#_Ki^gYLBbj;^}21_!Sr#^etnBfq_Yy&Q| z39ez_f=0F=xIX6`VM_#oz|arC4IbXB{|pfUSL+*g@z2uYu7Hk?=}711jNG2CNY%g^ zp3yot`PH*mEgA;Sa9N)Xi_r?1idM8*W-3;3W;+xooQU!ph{H-Z>3-f;$$&Rc|bpE&x0r z6FVZHs`uUBbG)vkGlnk~Cqub9s1C7^T_s=(HCxILXH_q>((EPQBR8AMuibp(29n6g zW9_YHFdc>k^t0*-M-OtUJNw4sKhU+E!`>EPya-gpvO?#85d(*SeL^l0v5i2=?eKa( z@)W0EF?HkHOix3Be;b2VYpcFSoqqqU4?cJUo(k6RPcwW4va)}~iLecpF_ zH4j<03zk2=-E1F`_eFl=tRi59%}Kt~(j(-Jwp>FM@wCW_kJn=ROXzkxo`;uF&*_@c zB_ewEvjD}H?PB4y{k;Nbkh1bUZ1${ECkds+;r9Kowr9Tf7rR}i2SOxfy$wW2;V6XM zM#MCmv;4FY)uNQFofd;lED5sIr3{y`*Hth8+l^nR_-DCu*bVjbft{hX#l(?@AVY`g z;tSmH0bY<5YwAM!a6TE3d9x5?`fp?c#Rc=1xPSJzmg$udkjg-P%>Tc>(@H8xqg{Ds z@1c$flIw~jg&$G=QnLA@<0>FU4Wws58DC-);aPTt$b{2`%Hy=W8@xPH#p^oLz(Eo< zEy#2k^zB}}@lPnn*BK-#tQhgDUqk~L;vmXl_anI8b^Pt3(6>iL#-3G;$ZucF$=_`s z;hVsqrStreE%S9kkl76SeiBypGsgLxZvkfEI3Nj_va;1`2%;=PRbMI)-iQyF#mFgO zb(iUXlr-bT>|A_+t@N^qh@M?@@-?+HeeHA0WCi|oH zFnp;n4!X{p$A}2dqF$)h;C(V~2S;9EOut4zo6;Er5@faxOw%LQDO14z*9`>mnLW%x zcBbJUtQR)s`W}Su?+2K^D8zXNqs}n-M~Q`1JUP%WGEZui4h#={M+zmLLBwYmh}E=N z;&I%z#U89eUQLhxU+=|-3vGJLT^iIeRDNiclv*v=)4}V12h>nh!Uv=fL2%(4Jj9Cd zStOObuRb3}5nryYd>*P^6-@-9*a2b&Q_vK!01V&PX<^)ubr%{|0 zJqX^^Y0Q3zuCLr%kx3fac3uc(zi7ai zc?KZ%tK=7F5YRV2$iQ^hh{Y=g_Te3D?lOR;)1ytC*>Ej`}}fays7-2|lB?afU$zhrEAWN6I?XkLbO7fq6GnFZ|&kX8C z_;C?`P~Aj-WF?eYS?@{RrmaB9bL-|oCNtU}^vAkdx#Sli9IJXaz~M>Nj4J=-aM2DlukU|A!joro_szjx z|KUjJ<*{)!tw4}9^FvI?LTYuKl|VqQ@8jQV<0S*jXrE55Jp`cuwkiHk2+h>;94sMJ zvs&?w%>~Eux%TUKd4cLouNeo1>29CUNQg83C2%6^3m?v$Xx0LJTk*8;%dO0obeYGZ=punR|;KK>0fSpIvw!PlBrC+cnI{M zjU3b2Af4L9n=?S1*(n%7m4%uOwSb(~|pbE230px)P&LXCf-E6~DH zn17a)Z-D%zfh94bU0pD}SS}a{U59lV(;1=DrZ0W^nYxIb-@>xVM!YyXglHvypZU6P zH)cas_WgRq@FilgWF*h|ZbIP*@~?&eqv`mt{w#bXu&52wAFK#JZ=4;@zf04xGMJPG z{7LW?fH+Cz`Zsc65l10 zRgo0UzPeGT`E72e%yZnm#7AAk- z13G{e2r+Y*Eg!xi*s8--`KWq2r)U|8Z>g+X}+7_}d7#E2)MNt`2@wlDs zMVY>a2nB&ml8bn9HmIBxOxXIOsH;^jRey!N8Wl_luq2}fWoVa?WoSMCoO0GV%;b_B zvn%pye4VkP9wiRxPEQ(ay#k#9I^|Lpc8@ITlQ%XKz*X#BDHT2=g`40>;oqse>$P@? z+|-hL82^2g6{3z?AoUe&g(H zG}q|a#tCLiQ$L*VMMjbc5iY+xA&o=Vc%d-mZjBM5Ih4i_G4 zg0~({8+Vb|0E0XZ>oKM86X(f>rM-|0en)pkx# zfg+jUufjmuGK53}EGEModlJqa#|1V){9|SFFvI-}5OOZ+pQ(|6iM^To?~$cn0YWAv#05ADRNVG}pt-xAEY4PP5^L(c6IhN#%qmBjtP{(zq&5ABSv@KMPvglC|p; zq(W25EVFmz`*Unxz9LO!8jI0GKa+O`@r7#a#76@GGD#@Pymn>^Ep_@s90_*Pd9YoGrvS;QZU^;51f_Vdh3|G3= zcj{enP^vK-8uCRwUb2xfdJgQQkwmuBNmj3uJ0anjXgj1)Ct-|dt`5GFl}El(f9oVG zcQ04@r-8EA<@N9>O{LQ7j2%Qbk+u8?x$vn6I=arXIhXg}5`57XXs*Xpxthv9J)z)K zK3+dN>jh>;jp!wpcSpJg0$vnd1dKSPNpe~}E}A-pD#yDy5;F`XT}N&BZ5%6Gpr!ic%_rWtM4SQ;v3@9NA^VH>>5Fb~^){c)k7EJA3w#fy=#{s5 zyaHXa`#fAHgr@ehsN1wmE)6g-aJcU$q`D!lvVrZ}(OCV}mHd}QzVm`u%yc``nKE0L zEV6_TnEM4^qOUim343@{<*2`Xc3DE~o{T7dJyF(EDi&!b*{!57KYYxY_}WQ1+=n*J z4x7JIDz$rJ6S+*6_#Da|?g)BF8&w=!)cbSh(jjJ%#A@KOeZ8*K)$5u6Ag>TspV|1} z5ZlC5+UQa?@7|fH1eGHyc1&@sh|(j2hF^(o{V{ZHy$TpES6-fzfr;raF(AKJj{^ml zn3Y%G5kBVW#2$!J-9c~C`59U`^+t`8(_!aa!cYOrc>%twJ#Xu7v)~d>`OR^kQK>g? zisELxU<@txpbzty^P^iFQ;e5|J?40F4T)6z(#{3J^!f8H{Rf@4ke~|wBoAMRPB8ks zc{d`#L)=AxlT%!vx|ngfve5FC7+Ps89VZ4(Z1x#)-V*hplRVGh%Z8>ZDs;g3H=bs# zdUIfJ!{srT`BP(8SqN^Vx?>9y}1>EhsvQ zrELZ`TZnmv81Iy+Y;ou5mwCf^O(R-~lDWEa6H!Cx+J@eEO?VyBM-XX{9y1k~ph3s^ zh6U%_b068q+VxH;Z0A#)cT^+@M7S0Htq8zCeefV0SBphfwp~JQtiSAGntY-Pi<&0b z1Rh2P_9PBqz(iKov#u-)N(9ke`X0}_^mcdl{OH14iCDZgkB#JYT&nOs@kj}^F1%k( zizbJ$${ts;YXx#x@&^kZi?Kv8vo3yaT_ucK#GBh`ZvPO)X^XRi^o!Wh1D`*BXAhr5 z<}(2fP^a(#(QJV@mb&V55yjHUy=8Q<;i)1}rLlZJbcj+Z5>1&TW*w(2; zX)?%7UUTg0=G3^Bz0%HvX9iRUKW zfxsK4Es&h|9$v)oIWlln?9+(Wq}ibO$YwO_!qoC4Lx226=0@c?D}K!gB5VHDOUJSJ zr_kXUh1seyTIQOoJKl-#t)`6>KUC~CxA*5RRvrt%hrxff#UHg*j8swJF66I*sjoDK znBQx8&VYX}{Epbx(Y&Av8};|0MFaS#OITzgUT<*ce;(F3#3s+k$B&elJeFEL7DFn% zFu*Ms3K%*Zy0gDS2|oozPOVQD`zB7zUD_5@xQY<6Z;|KhdzHet;WbaQRp1jg%Jwv8 zmTkNEw9>VxaI#cuujHx>tgRc5d^@G3Y`!)kvntY=fy3E`p=&L?bwxy96RDAW?FgvC zIkZhFxVFc;r)lqzueckSF@l<${2tRN}NEbVVftE4HpR)yhh&=O<=n60F&$!`xk7+0x@} z6-8fAZSlO|z$uJn5zlJl?JWGT>-3^z6(di%pu&z8IzUl{_{;kzJ~a?)Q`Bw3qG(l8 z@@OI%gPqQh@*?Kc2qL^l#~z$GJ=k&XLT!mL+Ti=P^^~LG!;Q(h zdL}ouLUY4n>w}N9%XpdD~nGbmbt4m_g2{v zBooHMx!^fBZvbauN}vySu7!O*qfRk>TVjKUKh1Q@!ss~s^)PCTOVOW%EXwwm&~ac) zBpnCrV8#y7rj=v z5WPwFZ^=#F`Xtt@_wF&o@XV^{1HdT5@D3=^TyUgIyO->cK{&YTpCtVCq>tpc$2^56 ziVSSC-agw2T?N+=^siaj0sb^+>-zera?@w!I0it4V*vJg_YTVBw6?EdyTf9Zl6UkZ z9-||Vq-u2d|3yA6u)Xr-fax>jo5hdYn;_9>{0Pviye4lh#uZe3R#99-&=mU|$-}-l z&?VBi+E_NVq#UhBq05cPCFL&~%WqXJxx`T*!_!hIbE%XZ=I|>07E7?P#_ajCwN%d- z!uW#9j(&G#N_a*PJ@@ZwC)4tQXuxS|5&8CWK%x1HpMw^s^omU_tn05W5^uGPR3*L55=%PcZ3^(f(lTG*zCgteNDzv!>Lk8zbakP!7gqQ+>ZJ9cMxV^t6BTB0k$>5QA0j& zgZMo(F&};+G$R{00>7Vr?tAV%8pSi=45|fG2XBS&s4fpD5w?vBR_IQ}HKgi776t&yF#~fZw4C&SkR~tLnD=a7SRHwViGt7PD7x2T)ux~U|m^mjrqKIdNs~?9iMJ9$b4k3 z!!^9;mw`(w19R3whaJPkXOPM(&8!WjM|)ZDSBytePM$gmo(cH|&bV@(A{Nd^zZ862 z7x-jJ&H&Vw5>%Py><$vR7Cn3^XDE3wm#(dK0e>trl8DwwFLsHJgXFfd<8iObI|%@j z>|V>XeIZ0qJ)B?5TB9!zRh7)=*nbg=C~mm~bPtKJm?PAoTN-rkdj|tv*R4}UcauJq zrN3xwZdB17sY+wwMFiGrecaXJe%+9PC4aU@KQ?l+jew5R6ZXb&7x5n*KDU7B3yfWY zw+zp61C|Mf7tQ{kEQ7fqXRzL{9Y16&Xg)0IioHT7sTyQIA{GP-3`0>dxU_|3>Uhj7 zFtA9QJUTgtM5^BI)qIY4POcreuAw4AZGEf9 z({no~)8R4CLxx5Vmsng6E&0GT&Bk>u&c?SEr3j(J^hyDqnf;h%2{HUDaGAXER{p2X zr5>y$QTNg3x}t8nw(I>BY#%6KugL^(aR7Wh|4#PA>-A{|$8(o&L;u23YCa-1Rx_Wv zKAOUEK{@nOUm;mIW;iHRd03`xo~K%y$epYD;Oj^(Q85|}&NMA;5Rg+6z6)WKOSn`N z#N5P=#}PmPJYrDYK--lQkm=E~PcdsPiq9WyosS%J?ytWp1M-lUQgJhqvQx^CD%nRL z?1Y4u+L7@W>W$&8utiIk4&T8`)i#f7wHqAGG_}TgidTn!CnDmdJ|Dr_k){Dnkfr*0 zjf!H-w3ztVG{F59I*xcjzMY%5P+5XFfTL2CC~u%LA;V`NxZ0vOz;YrI{(xI;sO)83 zFRlxOG0d{|F#7Q{qi3vx$%jRucZ3lSm=B91KJDyH39`0xWCWgpj8%`^I~ zC*X}^dCY-ZW&H)&*_MW6;?dvNJth$l@=tI4(rAE%ZYW&;w@2bB@-MiP3 zm6RY;UZ?758CZajZOrs@_O}8@C*g`BRT^dP+9`?vYjUAAsn=)@+fL*NzIX07>BMTp zEQDZIE&!30H!l3lK5Yx90;)I&MvrSRUW1hzYYf!WFDLc$b=-`v`%2Qe;SpLKCUCA) zBXhX^Yrz9HgHbc_*r@^hB{~b1`&C^yQ>8njXIFi_zeX{-WeOH^?UpDN?G332MH@yP z7M6#Df=!Y@z1`w+JgIiWp$-pM)w|(4b)nyA{29TMcOwsB=z}W8ZT5uKrU~X+MGP3w zI_gS3{AP`}GuolW_%GswzO#Qse43W?Awd7Z$Way5=9DXK`oS%;XA|4VXlccO5sWOw zjc(1YiWH8dliWkOeVpRO!Guf}3P!eDIa;>&L4egv0!f(SP_d?B+fN(9uqtz;lz9W} zdYC4Sa2=b#x=#rf&PK(b68?JnW#&g{0i+a~g8QGX!r95K(rU^fj!trbG59YMD*0Fg z(pGE?PT0sE&!k~{zb?|a3iQ7x-7FxG|6@#vd87y>6m85IK{MX;08a1eE?Q;Xq1 znF}@l0gx2f)(l7LUaCDpMK)Zcy5gSE#sk;Qf3H(f{ML&4dCZMq!Ef@j+bKse-c?&8 zguu0VO>U~COeMsn6%nDVsA{l2F5X=zft$f&8u=LM1B=#R|Dq57-Wr7WWwZ6yO*Tkr z{N4$O79;);h^;AiNJ8-Z3A@cR9}zTA+wi9kRy09%W!!zAmBV!|l|DO2(O;S>agORc z)4kxpi8@x%J5Lf`;#o7{D1PtoA7~Fluzo2F;^a-%tOpyPVpavoC0a;*8)RU8Sv1Ca zvDf><09s?JJwa=jFMXtfU~amw?-4hdw%;rKq5C$lMY?b_Y_qLw`GL>Dc|f3lzR+K+ zmXJ@ZB?Z+@H}N}ek)6g|s)!nyHM%l@Eb`Wy#;PbcK8VeQtEv$nGEkIZ;4o>l$bQdV z=(B^PaloN*bhi$cn-^yyqlp5XZJ9v~!mNL%H})JR(!5tKmxi?xozsg)6ifhWqEgL1 zqRH5nc)dT%ldZeYgQ=NM5dmxXm=ttB?z$zY5m+RLYFV%lhpj`9`SeBTmNCxa8HW($0{9`yZw zbCZ+v;g7%bf9gv1%6{y&ia~JNnV>uHVaA{Tq@)&N}vmK=GKZ(p>G2^?0H>P7zWRc_(6#?e(QZd(K3kC zG2|j%+Ti(u#g)E{;(S;xjUIvTkyg2aV&b>->S=BKYt*KE1sfl_YS4UpvF=Go$bjJo zo1%`66;UjzvV$Wk4>OV?iG!Y}X+=(sH3K_x%?C6OIZVzXreXcpuRWTGVMt4*piGY!N4g{;FU`!89n)Aq2pSf zP6CU=Pi+PmaQ)Y5N}VQnrQW&U^NV8B8COl}3sEKB{_wW&=Iw}hS+a`H7kuq$e1O)I zhdpnlonVu~0KJ{O*Kcu9jJXOB2_Woi3_ev*U&Mf9jwcTI;ldrZlZx0&xJ$84(?wm7pLk9R}Wf0Nu^)`LOP zs`pYsX3!hs&tLOl7Qw6FjU}C|KE(h|pytfmh;M*jq%trdqoXL}gs%AjD~>31oevv^ zjKf=A?A*7{vYK?e@8ad!Gu-cE?NoF-d}rL+mllL-qY`N*_HIWIU2w5x-nCG%J8)M# z(Iz;zmCIn!Sr?Suck-%Vgq+voqHd@usu_d1 z6Hcl|6>^-k_Ptwj!5GkX392r+w zAB|-xtAmUmh7zI9NyusvLA~^cK`?W3a}cZi@DVDe@~K1zZt44gtHI-nwNHQlD846Y zDj``<&xw1Xs4;m}2-;_!kGXv>m>YKIha2s|McT@Fn=VxtLGudQdZ&Q~kPBdo=`lPIp3IVa9f#H~@!0f==%Rm?V z_Fm-IjWaeit!Lqk=!na^froeDZar_UAXpL%ycw9&dwWlE?!m1`D0_e)XyWX8ns+WX zVhTZjfj*v&CVZ%$Wi{?}-#dX$ayW<_?IG72x{sAfj?C0SeOJo6iH^lr5!HsC^I>?O zqTDlpp?#9jUGM6}n#6zDBCfUxoGI6xP9lz}$rUdOZ z4Ex)=P7ZXs5WlC){m}NQ=-_KUkd8s&gG61N4LaRzO!DK?4WOC){T6FA?Ii8(i6#Rp z#3985ei$tH0ThRsk)(K7C9+Sx*60?T%=-`YNC zHrlq4f&!)*e0{}L>w=U@zy+8G8jAqr$(Bm zmLv;X>cSQJk<(%>1Dn#41tGUXH|+7#Xv8gffDzv__-#UxlZHS0;`QB>*6{nq;+xRh zS$>Kw6~IDYoYI`_2H!8rgf1T}l~yr3jl9cQoQ{N6{(P{K94@UKZ72Gb9AnwJ66QCS zN7tCiwPZ0|Ea{!{W3aa$aNR-P3D|u#F7d#?0KEW%|4UdQGy{sN6V8}=RX;9mzv%u3 z-8Bs)jIFdWkQb(>1P&Z7Wa|3>fiU$#fC^gbL>Iye@liC8R}9y=079GQtoUsySrF3j3|N5w<=>=1W7eRn zRRBRhC|oBL6$6L{<{wo@jjQIic6>szDr5mc5QwN7yumFJg>jigdW22q4vCJ9P4U9Q zf;5=mA~j$g-G5yzy{V=!6luMj;A&AUmlel9s6o{(mKtSElx&Cfr59%$msknCik z!j|0*vR}}GO+m4Akl`CZ0MklogNhH6T++uBX<^2x zxYza@gu?S*)yqX~P2}ZOSg1F)Za?#U7m+1r{QJ#fggc!o36BMxsmmQL@Kzn^x=oE! z^WQ`EXq&0}&#fMt&TCJXW%wptGpwfS6im8*WwtJ$Dv|tMO0ZpMdHei{`O#l5>yb#| zUr#mx(lPqEoFeyh)wOn~|8Eob;&x@gRmzy(+szRQ34C%NE)ryFY@76FIhZo5=128d zd-S)YO9U^z4WNkl%-$?t+%R`hiEUB)J)C7yMd?CtE}V!#Wnjg=rJFz5dkXHr)=*?O@7NFH29fmn8QT zxpIIompLUu$)6jJ?)blV7_)6YWUw45j(i?)MJD)q*J6WWQs$GzPtzH8^r-$oFNIz* zPS--Pm|rF2#$ZoCN;F{C6@>VqNQ7JEIzv$S2L$+r7*VsO=w4ez1$R);tLRVBEN-u& zqdnz?fB#h)bGX$w%4=XKyV`uS;89;a;lg8=(m3p+gPno&eAH-QeWuo57S z+pMoS9J0BsMn!>3DB*eK=hh5+maN1_g8AaG2N{y?opW+DhR)7acYe*@?Jv~es@?xu zaHpwy`x(7lOo!**kyNth67lWj#PZ$P@;7f5B7{A v$#pkDe_W|;0pkxg-%<`pSl z1Y?Tpo7Psj62aCNl0ephF#V3b&|^I9tzAeKI+$B+J;4?#^4+gcxB0QfU@o<4zDl_F zUk!E+j{>JFR{D;HIL~xS?*CC~~qP@7p(c8(-&3}A!@s@eiU1l(* zikl&8q9XGuP1s9DF(!c0>t0(3G3|W2Zc#O-3Ol~Y(I4!OLg59voN>;s2^~a%_PJku zx0?2nD=bG8!PKM0TGJG)R%_JpYUiWnmwNE%Lz3VV4Ugkm zfK_=T?QgqkU^r)nl4{T`+lJrS#aI6P+3t~Pze0Ye?lpT5jAAM`E;3loh)l>mO53B0 zr?@~>^-}>lGLPrJfD+Sz{tzx}WeVfhv+^fR}@ zs!#l=URKJqc_TYsahyWx58X!DE|VN9|+PgEjQaOdB02Zbt6$W%wfM}w@UZPj$H5`2YUIdLG+wH;#Qs=|Msv-7C`&1)*LHDlNz3*ljF@Y2dn{#@6+=!yrLqA? z*{5kRs`_)3$qOr~+=z23^g%@vRWe;9Jd1_p1i6j81cRt94v`=sD4y zBv=m`G$gc>BGRkHt%lxY4d$zU-W7^&=>zX(*RB-{8h?&q6+kI@m?isUvvwJT1dYP) z-e1m-70Vw_*_M`(=_9~YjYwp)zFpF6I(IM0air|7l-tsnX=O&f)#{x=-tdWPTahBA ze45Psn#{IplP;1x%}UKCS?PS1!KJPQXjEJA2CM4P;Pua+#4CTdQ+j`ul~XMcs48|e zwYlhgPt}{`j#2L9lkKiIU$<1MW&`V}5_&;6eRT3R#q2OIRPcMlJN@X5-4BH5VAR#JgxptCv0Vrr5lHH$27{Q79af z-l?BIee+C`DqFj>r@wfc>`G~v+N4Ttcv@M?w8HnNFt+o9N!;U;jOy(=p@8g_dzX!N z=2`h));BargA>;6eBa>*`|x7VMZL3TdDwQiz~tDp>iBXMxMs}btE=A0PHycig5M#@ za|GBW0EK!;AmC0t}ZQ(R{w!+swJmx=s^HhA>Rz!^8Seg=NcBnDSR?tQByV z?HGKr`q-peddl?-2(QzG;8{=2>)`@dKZ(79v$=4+9(|Rj<2_V!@t|%hGfMERy|BPy zkd1F8tI(eNDU#t}U{u9qe|5NmKg6{q0so0r#gYUur*mG79xbQi+5n6*@MY@{eb4TL z4v-rFm!`G!qC7I5=lsCGs;X_&6o7PC8EpIU0cYGwW?Z})LCpWUY+_l4)&lRop!m9C zKkf0J-QMra+}f~(Shw>c;q(In%svx(v#vKijx6TQB6>FQHnh55~iD?|)gY z-FeoZnOl>he_FNML!+CYm{iV){S4;mvfB;38Ph_0&W{yMKD{YYG5o3c4ADE>=gXNU z@`efW+bY+CTHR+q-L^g38!Z2-KA1_Q*q@<>w5~mor`Kdi1-?`pmjX(Cc`#Rh_LQL( zo3OQQCAXRmj0Alan>x_kmRrRHMhb?H6q~nn=vLYnq>gxw9AV_7aX)tLdw#aP8Z1c` zMmAnqx&BQrA@IJCMD38u%CO7X*})_|(cbzR|3;K`O|ZJ23oPK}%VkWt;u@Gh2ACy2 zTB<!|$4si+ClGa(}v4<3GT~lLY zGkm>PWK!+xvopP(Y&WMt4_MUl!a!lC5dE^#WkU7B0!~_{j4y&Gt6Vu5x-Rf#m(XV3 zvzb7Xc?9umcFTAFnL{yFjF!D%`0zpb>*lT(J@K9%F26sZkcTSIh2B*kk63UztqU@$ zmt+|)7`JWBl-vH|CfHs}i8t)pT_SI*CZJz7bw<8Pn+}uy0^jjx+&-RVEHL3g1p-s}eE;Tf2@fpr6~Hzqr<(tU#}i9DeaY~c zNKp!5E?`z16_-)Zo8`uwE=DU6m5crHFQx_S6TpgbFrP%YZ=b~#EEu@v+r^iJscFk* zW~V%LNK2}>$gR|)*KydGkW(i&x3Oi;tnyH1XXtZOH;wZs@hs0_YG>7}5+`%nRVrT_ z&`#E`tvR-bNhNty?)QBAsmaf%Nb8wy+)&j|8!cs+;i{CYN3>{}4Kg9SM;Z7ZGM;}c z5hCF*EIS|R6k-1&;oo5oqgQV6St2IpG;Y2{>~v&uT*EH!Dn(BvAIVwX#T2|8odD!b zc_d!!ouIi)ajG6!diZl+yPB?k*7dR-Hr?CXA5byUI;!j+`r7Cgw$@4~Tl_-lS_lF~ z*mNuG_j!YrXqy=`QDgA9Of4VjUC8Wc8!aaftdG0dE2n3Oa=+R%04IXb@r?WlBked+ zhB0r{tjP1BPInxBEG0>?`%3qz&cJ-rg&nKKv@FdSO*X`Ce zcB1k=WNLvDVWva?2_-Poj76VkPRQLU3SWBAbqenk6`A)-(-UOWOTf-nf0~gmVs<7B zM0|}4PLz;=ocC@?GMl|;Fpa9Cd2M^nY^|9Ow452?7Nz5!mGV!@ou-8@4Or)s}Gi28bDtx`E8`Yh>f-RMFC+I(btM&TOkR3sX4Pw{3F5DKhj`CS4>$Lgtr0UuO#L za2azL9JgIPv~f8~mipkRUmZ>I=vCeg(#NWex}N32O_4MMH68*kzu_o5n7JzZhAONk zfRw*kML|fD#z)$CwJSeSaDOpfylC<+YsfV+XGMBk9rvwgAM~_Ue|Yg&rau^S8Pvsp zK#&w|crKza@WJEP zUHx=BWF2cg*lKPpuf9Z|W>)R(kGe*2AxSbaT+^8-Vc}EWTU+d2-Sy=BNaEysAdof!UIT`n5ONy+P3k7 zF>0rAhty2lLIGby$BI?e@2kYZ?h)D|KR|R*wfRGj^VO8-*-7lzn|s&p%7n2YD>o|I z_9Pjt#@~msFr(9RbNbSP;V$QhRLtyCof6;($Ba3htd+LZUAp}FY&aqIL*Gu+@#Xp| zI8Cy!q`IC%v3NKWtx9T5_UIcrs+xm!ft-xPi~`Tvb8x}aClz?}ykH->Z~B799(S>v z!^DcrXVX~0POG6jrACE_HzQWJCWJe+_OEe}4ub3wb;@6`0|q?+FxkA`a8#}|FaKK@ zhvOTyw*Y)PVG)Pdd$xbcYpmJZSejIc%Re)4D^1R)i)rPbUxXkjw6R2s1ga*L_4PDI zh8-kINXkY8S$1ifa#OwAM(Eke!BXy=kmvD{sb=BJ?Dk{(l$ACnF*ZIvP33{CVBm$f z=)=!wNd+A3El+g%N~#$d8Et3ec!;79X;umN#5h)!X(g#-LNBw%oM&*4O8Qzy)t&IK z_8qMkIc!de5kGc+uj8~<+>_c#d;EBrA2wc)7OqG@KfxUJ*!u1sXG^(50X@4X_DXH4 zUFhIbScUs;e$(vUpdON|gZC+1hW1e!Q|LzRL2O^9x;i{N?MQi2Mf-i`8f&Vor*53K zDme@(u~%&x>!PI|%CxS?KCO!1*sfsOLJmLu#{4Kld|0d4d}%p=XWZRSzD6)no>ZNy zDS$M5Ar?&dteU}#`J|*12TPbcygpb~67FclJPvY5x*nN%9GP~<`z!Q9uDe~Mg@lgo zr!Dl`6K)$T%M8K60hWFJ`8K_D)!Czxl=%h+g7N7|;Zyoq(e1I~S2I zkS8~#N-PXy3f66iwi>Tko^(=$y;uOc+UUFGSJ<|%G#N3sdD8j#x3mb&O{ZuD;mB_U zr#N&WcMjeal!-T14W_sL$oMgk7EBGKwd2y+u*}S#Sm8r1ZfqL~o1-(E3cQYc{WJ5P zozr*IwYQl+k64mI?!gRQCuWKV^~2d~BB=G@-1-}_Q?kY^_X1UEQGg(=g`I*k6=O%& zG(W)XSr}towgt6;yGD=7{vI8dvRkhXFe*c9mFz6T@^T3<;Jp$H}qzsLbLt;~+ z%SuwxdaQ1E$uduL5I0u3r8Cs2Kq0~IUvm1tOHNl}d*g8cHvgF-amKj)rZ8j#VISpqSYC*xMciRhrE`}~S$&sh03xIfL}GR&sO#d&)=HH}8hX(1&(6;v==5FbdHlr~$La~K?J`gr;s z+s&h_kk8BOkra6<1--Q1qmTnY5g6L+wryYk9L`l#3$E3E_(S9 zmy~I|!hso7A9Wvrbcyl;g1a3=IaEFL?a%> zxJ%$_lVp>&yB|DJ=O^pEaX0~8P{H80wHENByExeE#U#g+ntGB^^am48ae}B*yPUG6 z4c0(h#e3V1W|!V2=E6A-NHp{tSw0@MzFVf- zUkW(t+f$!rn7Uqi=8H^m2|Q3mgz{Mpxni+x(w>cl$99pQZ-(zKWtM8G!QA`=qT!#y zcpme2s>6AcnI7;HO!`S1S53EOCQ0}&AK??LpKke#xh&{@u#(e#7@Th)xHIcgk|r); z9cQ|BKpxo@rh$49V;qItV>hQS&Q$d6Mnrxi^2P_wt#3=FNiHZnm@=p9 z1=BQ&y8IpA22%Ji?;u*vWmfK5luSW^%!n4hn8bnkgP!bUoG6{*UsE0jbFed)h@}h0+JAQpRT6^>0!houQa`PV*@gDI;pKmNJgr&#HB`b@)47=8)>NtU_|?CM;GpeFq=$ z97XZYV9liWOr6kJ3BcwxuwXAylkKYcTk_5TH*$K zLF6@6*vXNfm;*9aY}Gm;$iQss}il!ku0YaY%&P)U*s zrHj20Z1;`bW!yU%C(PomqIs+q}Z!z z^x@T_HD6K5Y1lu#rGZN76m*GYWeV<&S{M!y;fsDz0hLef*^mE>sO`rT1~;h<+kiF= z6Qbf!EgB9jOYEgwAB=0tTr?bf4Z-yq$DmI#(ChCGcrm{Fr=|Xl?E| z)k}njbQ6^Xn^T^es8z4>?zDgGDYKbz*M*JV%UHXi@3sar8&3G(e!RpIx!w4nf=RD4 zRtTGPV0AdoZ=`1#B<{*fj08b0A3^LE2@Fwgy|_d%?cU~X>ODVK7-?=Ab)PT7Jd>xt z(;~N8Lc(7VnU-+8BI~81edi{zpawn8xZ}y1?NpsuOg#}1QMk3n@(I)R1c#M@?H{OE zCy$L7r%7a>@Yi)US|-3y@pCstP8k#gkCJ2~IW@m>|I)|pJL*}9NmogJ@$>34x>){9 zmI>#dxSZ~X4?X;V35Lxzt_e6cw-d+R`O0E@xcMUTU@n}~w*HelVXEqfKoFKlt*B)? zaLXVcB`{fsvFqyzJ5L6`(i~D!rb={G;x*sB=Q6$3H0#eZ@dYH+&*@r4|()5JWhBX0D=S(ZBdPB^&j(nwNXKEM+X z*7=IPX7g>El#pbmY1BvD`^`A)rwVW(Md1E9&!5h)D#V)hYc%RPmLqD9&C6E{@^jAJ zb_6Xp;%0wyxb{vfIj3=AUocNQgeXC{#1nld0A)&zc`yoxVe;gv_3YUHn(+W`EQp4) zL%&E(&2miF5Psrl&Xj#$jeV<1G$vlpIjuf(ZM3v4Ib4rvZL~P_{d;F!+=m>DQun#} zRrJ0-l2W%<)PA0BNf<~b#8f)r>Q`houBE#7fgFA;#UD4RSt~nS<>IH~(hsXpp7`|p zr$Z%_Ywwde#50Y7O%L>#M=#fy?}6CHX+Z;G5#NP^^+KaWl>N>##Okoamj+?sLd zSuCCONL>&;nj3#v3E9W_6a#v4*TWZ@m5wp;EUKe2^Fog6W9gv^{cW^+AuW-8>gmd~ zkq^(!m9$MW%_+>=-oQAFN3LyDh7iEW;U{Z6F{>E^qO!7C?))n%njoMmKieNQp7Of% zfz5PpdjAM@rU2Ckfp!gkWI3V=DnbmCo;%qS)2ETCabb2HeA@b%Bd#DnooqcR%)g~X zOPE3P14zw^F}}l>FU@HkAm?34%f&2{tAMX#cymydzin0fHa= z#$T+zJxyWLwac3(d@U9jiREf2TCv8>W@5=?>R&#%gnT37+(i-jkP`k(0v4&>&^1zQ zv6NBEw3Vn`nsa>fNpuqqdldr?5!;tQ;bXouer0YFhYNu`+!d&+8$@xP@GC3Bt~tnq#JP z-OLgi)bb}&rhUQf&2;Da^_?u~dJ;kBPkm{cD(jU_3Fp)zdy)u{2i^{yIEG@86+cdl zzmjpd7)4lMGx;na7jt@K*~%kch~Sh zH70FD5qUJ>x?&l_kdBAEVY35x0F>BwQ8yickHi)c8%()TeIoyjYkN5}w}r@VevwA3 zn6)6|j`C12?*a~^dQNm2YxxGM^Kyba41nhB6=8Tjxa7Y9=F)sLrrc&*lJRg8T``~dn*pbw;j?-tjo^%mj<%6YbwG zqR#fp$~2Y+bK^j|%Aen*D@MFAx8__c)@|KI7i6n<+uZIrRA)3ME7o+Wq>$_ad`|5)4=zt3z5gtV!Ra-)yw@%G8W(s1+9AbMHINfBAgzROvTJi)4_v zZ+IN6)Vnx5vKUaMrxo7ar0!W7v)iHN^xPkQUB2DQJnPSB{d_r?I%hIdwRoaR`y-oH zkp{>O+n7yMmCL$zD`{rtP1>jmx~#0Fhk(0EW)S>+8zAowppP$THv&aKOElKi$HEN| zPK3Yso(tPf6;)z?TpRW|!&fePC3-ggxVAPVD|0p5DlL>R5|@;$lt)3pfV~zKd&5e8 zRn92@AP5F@D(~1*r(4lsYjd1TioBDe*O$rk&PD&r zo!2_m#wz_7nQGa~85Ca*NcPS=PWB14vb)9uGQz)_uQ2xCL^j`B_mP$zDzS`G&DGOY zwT&*7l(L(VtL#XsxpuxoUJgtmqC7e+i^5n?9lf9|}Lfs^59Ns7Bz#1~j2_ z{p-Ilcx$NXgT1z_x-Ux>KhZit$FidC{3mfpL^Rb2UaB92l1*IVl0aR6s6e6I4)bkT zb6N-yl-HYPSpVeDMw`g~n!2AUj6>2lmO>HXCD4x>6HZio#$AUM0hI-tWHF%%_N!K= zRC1706zxX8((O#bOI%kzXDq&YX}yFbguqN{kCHksl8zBnpp~DIOHAY~?bLHa9o7>( zQ-IcHv0uN4c_1`YFjTEyVAo>Ke7w#UoMWAu(v$IG55IE;6I1p!Xu16o8BczG3&K!w z+=5cP@GQjACF@_I?zD-|B*D`z-GPW+ty5P26^(hpZ4jR-bFPD;8s? z=2Thu(BNwohe?5Ij?Qo_7J@$>5H8URFRbw*;fkf=ZKf|n!Oi&>3y>S6do5tG+rJW= zrh&lH!x*!Vb9Z=!eDjM{8Od+{-@7fzKm+LFZ6bOI!}XgLI-}DNUi^ub=x&HFo?XPR zSukL60O}Z6E4L1e#6RQ8+`QeT5aC7P_mQoxllRoA3@&+l`1C@6y}pv34E&i-vDwL- zQi!_|d=>wQ6G0D05#Q<`zIgEk_jof3pKGwtZiGrY*w)_1JF`aH+oDIuI!Uahu7-^*g&8E&fom=B}{D4iX4nYH#AP6 z(JgQ5Zwuc6Jmn<>7z|+8+;W~uKwvshh>iF=j^~X61jHr`kEZQsM%rvV>3C9?fZ=vC zStcZ-KH@9o+_aI&;g#%UTfUOel12L-%ZqIR(qMsxFaLe`ci^O|1Q zmqr3L)$vzQUY9Ejta*WI@3CS9IQ$S7GSBal9llr0sPZ z&gr)U%IPd%?nex!)xSAY@ACm}^o3yg4d`;SO?0Y{17A{5moFNs#J%?c=;I*gJ7g=L zl_0XkLIrfeHIaos*h3=kgIX;%FtcIhx8CpqOS%NDM5S!CWmEZrVg=2dlp%?Wm_<5J zV3vcIFJJWYKnj2o-~=gD(ZK(_G)PMmNKSuxM)YtTVn+8n=$CYlR%C;|!2)r~!u&#L@%(D{}SLg8OtoDj!z+|y}UT|E+ z{Cr1oG?kt%wfQ^fx1e?_4#PGXlK)EkPa{%H!2z3`Sxfst{BDAVLo$iT(`i@)Cp|b%ssiDHme^Ou0dd)H_UoI1cj-h0wX!Cet^T zDRuwM+yh62MGrMQnms0lZhxCfgsA966L44-R0hqp$V)@7W!(Kiyc7~na!9)iqAHENdR=W^_NFb+n|O%#DaV@Huc9Ak+-2wCoT{j z6YW%k(60kPWs+&?e?fl+_EA|^xf9-2bJ0QIq@eXs9~!A4#a|v%lu?()#1WQ?pLj$d z`Dele*q9$qQ1h#;>q#dN$wVNMb%E95GC!lwV&!7B0ZjpPm*-|GltPI!N@Tr|m@J0P z_3$>6$=~+l4xl>5`)+qw1!|lF>62%8$)x?G&jVNcC0gn8Vv14&(EJST8Ems0@O*3( zy3hAk31kLjS$(NrRMr#U1D`5pp=nqD76N3iLZH%u1(t{A7fX_0Y_=B}xeZ?As>#fjFzX~Yc$UK9s`;+iOZfZ;)A__TPr{if9qpA>ji5*RHgt`63KLB;fZF? z9x$hqHb}%be-~6uG~nC{0{=TjtS<~xj#NhWvIteW;CyjKbX$2A3#1}fl`gflW=7ON zqA_s+I-BUERfiOe8c;A~n!_RJ&j6jW>jd=KLeFxbkr1vc%?<;%ha4#6Lgdv9vouPI zCgdx01f>uIkz%g@+Gv5o81+S{CSV6%H-*%`s0~EkMa4^gozV3bXz(({R&(r15E{M= zy5MpR)cL?eS0wah{Sa^mnEIF0o^d$r~q8B@$KWpf$8CBp%ljF~S<|vW-LR za!P|fz9Tb3GpOG#F9Kp%L-)U9m2$77bZFCEi$)I-841S8rp~iKfy1+B;?Oc3Sp3(H z3r3V%(Sue6jw&Jy^xTs#kbJLrVQaXP{r_#wkQii2-=C8v<0J2_JzOgxo9Q?M#f_VB zvW6rcFSHp|_!|f4Zv1H-fylM{XQ|!LXE(vKy+xrU0j2DfEYaLYBajAezfj2SI`q3x zZ!K04cqfLgndCo>=ucQ5I!vHiy!#R>9sss?eOv~Ah^dO7I3mxFq-ivGbJ4wiLF$_j z{dU!#H4-%S%nfzK%^udwg}A-)pMAL+M8GF$A5NXnCT;9)>6_K1nvh}tMVY%&Mm!z! z=EtAuXx6TQ0=sWS&Da|CV)|+fgAmVp1J4n7Z5RTR=nmcp$X;;v`+8pZ*HbsWOBc@L zNCc;44F$ECkj!g=FU>ArGP*(nn#pOog=BIMx~oT|F_8ECW7zrsS;Zl_x-~F&gqd?b z<(zsL<;lVqMet01wqk+gHe>hRRq6IfBbovo>Vur$ENJe?g)~<@j`$Up>G;965U3#U z9e?4(iAA|uLAvxFEwnLgpN>B|ND}SF#j+w>L+TeL^}cc{P8C7uXXz&-qf!reVfO#h za(UU1Ox36ww`*}r6$~ouT<1&K;`Oz3@KLaQ1DO&p(JeI3A68=AwFy#yE(JHh1&RX* z+WnP}|6B*MBR6-n;{a6cbtvk{E#G|&S?BA$PslMC@<0Ma>bPIimqSlNf9N9^0q@%T zXErlf!pjNb6IT_0xQJ`jIsZf=QZ!OIL0HC=@dU?rW%FJ?@mYct)Kvn8NdftbILt)v z1scy}zSsDw9Ju(PSKzG2_vvUUpWbOsWre9uw-dv+s{caLHojtN&5#& zT46SRjnV~S^zmQ(C}RbhEisjlIB-LsQj%zrlD^<(Be%@5opLF-OUWrVPXRweLt{u}@ry4;x+6w0?oE}6=F;7qQz^252E_f`~KFvL+kDs2XA-b067^fVQ){;dl> zi3NOeXp^NqDkTY9V%XB16vh=f^HBMuP1z-bfv`1=u-hP1&6n6TwQ+qjJ` zp%(Ss>CybFFu_0rz%v!v!5kL-G%b1}zgXLc9v?gh!m}OYMnx~zGwNiaQpJlKlRqB01pGt2Xo2@yUNnu0 zo&O#Db31QsszE~S1jL`>UsT6E6yPAqr7Hr(yCvOo{I zQmlg1uJD9f9Tnd8btp2;V!iMj-Go5H3Gf`X0cQu7&P@Gr;bm_*bJ?Vm$anVXmRr^F zDaT49=wxv`u;T0XtJ6aws+>jZlKCt$!&C3qtc+#T~75y?yz z9xbO|)?fK)u|PQm^`p1L!Bl&xis;!OIg8EOxPrTVrX6~&!w}@K2lyV80AcG&At(6= zLaP@S-tC89J%$v3pk9)YcN@sx*>b_&_h>+5FBU4M{uYGzMv4*TkX;632R}sry8`qx zOFGqzuhCM-^nzwK1rb??K@s2*mZMAXZ6YHx$ zwk<7#^cgK@g-UYpTJqDX&t;(5^SwW`J(VSBdj>=9H|}A9b{7rw_6oKPjTeC`wSb72 zP5;GKGzgVp|59$Mx(f5T4yjIJlsZm}7&i)ueF z28jGUU#P?ANE9-zknax+Z&q!}J*eAy${+G|qB!0_-L>H3Z=l}9ac6mq>kG!{K1o=; zKB*J}=74V`;OiTJZ4zFF9tnbGyZWGP;NEcj4%*gUVm?uZ_4vKVV4vl1K)@aG^-*P{!C_q7Vy5asZBK# z%ttB?41fRN(EOl`Y~hNu;9!h7q9XXyb4GzzF1~9vP^9g0}h0cJj0Tbv83-QPB7z{&JOTat3<_HB|*-WyNf#0;%EOZFAcf z!D0*8J-4o7+|9Uuq`1Irw8R~2Z>29-O)g6M*K+?@BV};67$H;&iXW8;A%Ls_{*@nm z;6SCLJ<-tu;x^WTv+)g1(u<%o9-4%sdDoHP0^2}K%_V6~?=k#rjpi$83}n6B_;1q2 z`)sdCd}5(t<-*k|!UTMxzzyvb6kmx`L^)x1O zKTmzi6@b~JW)2Oakh}l53sqzFQ$k8cVGuQu^x`SsM%KO+%#0?uJO6o=6x8QGd=2p% z9QziABY*@@&xBKwLNuz!+xleoCs(HG-J;JDR+Jb(YMxgAYMG^*9gYq9XS39ROaQk_ zLGS-Ie~SJQiQpL@<+1z9;`YP6OsoLC4H;2K-ME_gIN+zg$*fMp{zY4}(DcV(iI!ox zpZBX5pr$AX-1@J2So3f{N!o(f{We}J~b;Nwg*UtEi0Hj!>R9-$eeHYkD;N}mC@x-k+G zn%T!K{of15VzD79vTK+LDO|!)*x29~DLLB1?_K3TLkXofrga47h-gfYRH|2ZN8!DE z`BECRWQv1HIso~a3>r49ctXMWfZRFAl{sb1bDxtw@|eqTms88pQ0iED6Lvn503e9x z@2>55pt1(Clb)^&G&mZeyf25i9_HmRDc88WNL`E`@csO`N91z9h$AohZAV_1Jd^;A z#Irg!AOv6F4M*ELVWFYa-QC?OEH92h?(PMZLAdiBy55F|Xyx?dITYm5gHVMIAKQW!hl}9P_$m)vMuPPO;^H0%2&m5)1{rh(j=SjcMYbZ9!gtt zudUx6+>-JYPK>Keb#tHaA@`u6mPFjz+qPIAE9W%tV;FC&@i;L)+Me5Pii5XyQ9exq z9driaUEZiQMDBS%lM*av7Jk(hKC4R^vachq|~+reUI!=Tp>O~Lqp?TFB!ja z!>{5JK539L`mSQ5*wEmzGapkTc!lU%g_WVJ@g$w;i1lILhvCbI>8BVh1NSNY#AN@$NY5K*@3^X;Xg2IXeObJVMudQn8apV+9I4p_qx`gCQJ z65>f;mTDELq-o3G{ywHPI~@X?o~O>kpj4BkSFOcXu}C%k15|d6e>VDuL`Spy^uY~H zk&CL(@;pMSCutAn^wfB`fzou0JBMk&n1D@!kJCH^Q<<{&b^ryzPQUQk6N&HUexP;8 zF?OuFx4b9m#ZM~DVXYCd894v}+f*e1xD)3Zac$%nYA#&A^%u{iEH{g18l{(4Cx+wa zclC*&t$B{9G&JpbNhn?tpC#IQqFLy@8YK1R_a>||i8X7| zX>=Ywl`%fG^(UDuZMQ^OzAplpzwYKz(ObDw_N@>YS-oqa!X}iBadDCM^0fD z<8sEY`-{>oPL_UX(Fb>bn}(?J5KdyBlRGx1!$ZL8YU)b`eBiyJ{4O4{E`NI?4jrP2ynpuT|k~-=$E@)341DQOAKvaFMZ@t%gVUne($Z z_N(qEexlj^N*g>UZ@IL(^~o)qF3M2V zNf1p;R(%@4@qtR5xP(N+=nL0>*#KZ;;vk}=9e*h{4>8V-n^!vcqiBNK=K`O1gwd4d z`kM*L8)}dL-and%F0)&Z*96$eifKbb<&fyX^ia@e&8n{g+9lS9@}Iu^^_7-bGH|(- zoM+rQQU2{L#K7)^hc4ZQnx!@~X1`|TltCv%zSO&`J!e(&&m6tQC9e6GLb|1wfVls0 z{6e%{K#|q>$Y65k9_09d!$x-n?M?`WpKUdfZ^PTdTDS@5%I+%@-tQ+*FMieiRsp&= z0py@#rh^p}buI=ydIe(Sdel7Ud~Ud_6x^0ggD&++76wS|Nt?`W`+-_d&uO>%AD0nq zauV}2wmGdLbZh1wpC?1ZS}bx2Z|JXR|22^}qRKbP2d)p9w>7+fkLl~@*E`A~ zAuhfMUwv~J!uy0ou=t6st?ldPR__G97V5spmQf@@DHCfl+t~W1XFf$DV|*J7Q=j#(C` zxi$M=b-D^ui$EKpI04#S`%J(a63fPgzoVWDlR^OZDTogD!LrPtqX(mSojYKh_gX-MA zHh%C|1Fkf=q;6n~~`hekL|8WDSFle35Uc#WUoVwfs! zam;Rm>GcnwxhHV<|6D%cXX&4{z31y0BIdxNF=(T}7+@4JJ^&EmBT{)GW;t6(rJss;3bnsiS$ zD3>eK4wqYmgINx86%H$E)A#tGM9&*ZQOh&Ijgt)%)c2>LRnAulX58+U_8F1EnaIzi zo<(uywigl+5n&hwtkw6K!1~*jO=8^Vah~UzkF6(I)DaIBItu1VfU>Bw{6j9<-)nZm z>*JMk@6394H$*{uLMU@?*^>;_^yz)A8EA4%JTLfHYBeZ+1f2K%4pahb>)J_r1cI^I z1wG1JysW-kA%!$lm}gUA7p@SRun`oupxI9U6{^XFtnT%?-?x^XvB4i*#)})l+HYtI zBp>t*FlRPLE;d7@;X{@9DVf5A5l0?hC0zxo#HZc*zSNF^U}W4z5p?VDojZ9?0mmPi zjx$TbX!V7{ZP0RX7kJ~_rNnC&QJUfxs3{n?^7_U6x|SZ`Q?!=Jye)hXGagNRF=QL_ z;LVS}SODmiyc{s!hBT+~syZ~T!bQTOfB90;+l~`_{`6(h^)l^zJBL{Ik43!&UT8Y# z!>6J!U7cdb>`eZ|LUktZd{}Qvg;rwaHD3fCBb*)>!*N}2^kg+>wp$%gICGrEySF+M<0n`|xjg%8@HHn=#z~o+C9K^*v z!eCv|sV@+aBc@c)hDA4E?NlmYLz}JKXJC;vSz(r>dlIx3>>Xt&K7dJc41P?Zc2OE%&CJwY}_l~lSVMhh)i(Iar zyFw>M-I*J=&ZtDa{_~c{S{*KB2d(z%F1ElW<9Pji5OrYJ)De^KHkk9=ijbJYQ2Yil zC(Ttn5{+_LiF&RcQs3lIikf$tgym;Pz61v5eMZH4yDpc$W>OO?3`{J0h4@bkN(VGm z&%FM-gn`M=-bGn|xWsIvh^mQ!4~JsfGANQ73ZAsT*t+%v!MBNgjvUz!3)(gf)5!|MF%>>7L@o7zQG8t(obR zd0v|Oi2l3je*Yf&9Xu4*%4-SiCy4e^?TdjC-0#6GYtqHgik=vn0@q?B_g1PS!486G zy|ZE@H4Bt*pdHZB6gG8U{3rUzeE zyzjj~`B1?9@XZZ!VZo0#i19C9!$Syr9E<1bRWsGLZc_6qe`M3929FkIK$FZk9K2|J zG}uC5>+qFKI_TgZT{%B$QfT=8Gn=x}8h+e*Z_2L6%=Ur6Wen@;Law_!#bv%6m#Y;q z{*cT|wB(BX17ktwO@r0(N}l7r4RX_f`^dHav;c?zt~82g4_;DBAkr|2uidz(xC}0R z%ahb@Z3852Mgo$42Y=aNP}i2q2Y*=%27gH;V{L>!21h{S4L{%N;dMTIH79bmU#;Hg z<>^6uo1v&KD$21jgr?qk_7#F$h^6LD@7R;v!D;9_XpX_!6`%Sd)(E=spUv^K@2~j@ zSGzTVVT^8^;ZA6-n85%ODstZs29ogEPD?b>G!Fr&oAN~SB1!wG8B>+sNI=l_;$Zu#`_yU(8>TI3Ku%#@A4w?0J8 z+q57w85sIQ{FPk?9BJln4K&TX zuZQyPJ$j|MyD^EX_eYq#wZRKZA03bedr7@+Mlg7 ziUi&>O#uxx2a~z)hi;MzY8)lmZ!;fFo_d}g$CL%<(}m6%2i5=J8`|5c6j)F^5g0#1 zk@pDSls`ww$WQ$6|0=TPVz;diGr>>u6%FeIl67$I+2hj3)P<~NUtcfp89xwSJw@f! z^v~ALUZo5o@MejVE{BgsIuA8b-}KW};qVpUbl$MAY)>{{Xyb!V#AH!Q^J z{=AL*j6%p;ujQkhr|aHlz&PsXrNYc zkKhg7K<9|;5q|SezD2>-!C2+B^efSlj#%C|iJE`9BsrmvAifd|CZ3f!j>N zx@&Wz?p0bWRl8$l4Ht2RJ>qWqP2J=!&ri;(LJPen#Ll80F@?d4^bL`z$vz=ji;Ivy z=RQKZJMv%Wr0XmaiTdV%%=toq>Z-JyTk|mUVHnXzrCo*hRiM^>o7hZs1@n6L=q6M% z9eg-HU$BQ)b3L#yK-Fx0P-tIkPmHAuy6!y-Cl85oJlS1RIYQWPThw`7Lc-+$C+iCw z!Jl#}Ig@?{FL$Y2Lgmg{w7@vuI!RV{BgYMI=`fL#h4>u?5$%4Lz7b})epsAPX3r|t z>~F!=fG}yajId)oLAWe^;kTg8dugQoX=^b*;-Rav`*{jq@%<6re{6{7^sesyWVAW^{JoCRn0H_2<%NzUxekfW0VmJPb% z82LIEdwxoIbvuR&Z(!>fxdlC>`EqbhX9B-6@$}G&z+J%cbjl%gC3huqF#qWFkoWhR zZUlBtGSo+8US$e{)EoLW2{2M`aMBT~p;9!rADFJyW;{jEPnHDvA{pO`BI^ipv;4!= ztg`%Cs&?q>6J$~bOxQwiEvAdQiRPd2{0f;e+{@iZRi*CC9(gPn#8#&6J6>9duNIy9 zd1c!kk3VpAnhJ|I@N?HQi|0=%6c&{3ukfH{;Euu+Ieh4jParnO-P}U8T_p^Q$LpUO zL>znDVT4Dz|1PYxKhTHmdi3L~vRe z>&|mt_twHL^0}M&)6b;Zcgt9P!GP82YyN%8DU#RkEBJQkf_xw|TdJEp5em3_AJe-R z&{mNDj7d-oQZFWV4{wUR&UjxQ5?5QbvAj4~>J-VBRgH;}$+P~6_6dS^v55AcLhO4Q zuL24sPcnY`y+!Q33gk0q+!P^qr*vHRtPOkWX^^G#^IDU-byVCk$yNHGFj0qBN?uz( zkumSg)`VvUp4Rbc+%&P9)dUm)OxP(Px7I=J=2e#tXhyblAw0aAkVaHL&?ogc!QvR9 zZMd6;$01L`B`CaL*VABC)_?o2a!z9FN~V~Rgi-fJxW>sUUiLQ0eB6-OnVa+dIk`~1 zKTd~Vd2drHzt8vUeafN+`H#PLd>`SxPpbedskd{Kj;oOnkgAiZ|8Z@zIj+BVj2E9TMRN^@sBakJNSV94&9XCa%5a7^Z|4V zngoYF*I<_>x+!%fiIrppX9N znI?8(3^|@2o}6=c>goBU$-vuL~1s}nzl4Lw< z>`?vPO$$j}gVb00)eQPSlIAC+^MSV|Bj~(;JFfD(9HN-;@%_KtDH?eNlelf{EF{O{ zsKPSe*i1%F9lii7G@Sp!!A;t0a3Nl}fXw$Z8fnlXip?8X!88wUDMr&wbRYBl_caBz zA380aPQrE$yG!E&ZqG74iQ+=$;FB4{|7c52MbZ39`-?KgkzC=mSo5W=Ux;d;-vx4_ z8S6D#b&b2h6Pt6r>>k!utMGvhex{ic1lQwbqiGDxb5z|VYO00Tk*eNV4lI-T8goFK z)0?KgtSr5}V1qt}n@V_vt}$fozc$*xCO^#wT$U*G+Iw>M zxCE`rcB}5K*!7HW@8Cn^c%)XxH>3eC1g@o*Xr|Xrv;1G?oK*l9XTpV4Y&tR3EQiSa zqO{)Mb8B3*{NJmk5&{>HHTc?Rw!GK{a<( zkSy#<^gGSlN}d&zS5~fP(5BBvGFnEya*$6 z!U~6j%!y#eEMM^N`vFGu0X!sxx$A0!Ibh|U#0A z%YbkDeC5zPj=A-Q%mJf?`tKV2Sf}F$afq2U9u91d0kN?={%8+wAt}^D#ATIuD>6`j zY%!!=;g16c-gXnb?FZ}pD~{@Q))5Zs9d6L06fpsR-mZ8B?Y+6yYli_PRD^MHI20%h z_`w-{0_)Fv@SS0cgz%_)JCmx+yvbg-5^Jzq~U!{5{JJ2T&|8U z;(oR_THqo2uo<{~f#eUY8T7Vp(qqGycj9r*EhFr@kL}T-7N7FV@h2PzjOIrYDK3@= zChaW_7U$in?_q-;P~71mU=8VC(R088M;qS=Ayt9}o=j!meIHG)|GcZPi%=*-sWY(O zXTPZ$s~nZbV+b|20P(5nhcwwb|LM$IY2|>se@WqL+yReP`y#J(4ceQ%B;aFG?hQy8 ziDm;UQGAyha;Krk$J;@%Snb(ZLPzy1BL?4Hjr^KDy2jZiIRu|oQqNy~f@#Z2(Hya| z&nPSho*b5vlMj7Du>y`V%jvlXcoc(=*G?LVM~U>sb1AfeejQ%+G4CPL$oJG{u`*AW zePpsqY=dfImxn8JL3{Z_xXnwK#3Z8L)=6R=;&N%fgZ|peGDX5-caR+eei^>~hRh_D zh>7yz3!mBF2vVJ|yD3C#q($BHo3vv_0JbD?k{E+m-%9jA8@-D+Q-V$~gvWaR3OK=e z?IclXXU~JL!V$TptHP+OVFQBp%R*cYA}935Nc zC!NtrP&T?hl0%}O4sHI!-CM>i_HL{>^cbkE$+*v#eFEy^JeFJUJ&Lzh__)o6CUJ8N z&|glhDi6VL*o+j-8qFnIcP@w@!~xa|YytySTBKpsuFpJPhr;#A7xP@`!>4#_S%bgDph-y$>@-~Qzw zDjfU&N7i=-QoaBG-$ao_$jqvQkdT#i;zlK-R8|N@5;C&so?A*fMoad{2-$m6ag@x= z>}zL+2pPZU>wQ!{-`{`T>zw!N{d&HhujhC?AJ6C6ExPDizC0;$$|x;&Zz83TalUYn zkag1P&!j;WqG!AD-w!sW0FT1&rlb@zkES~NA)!JfQlGQVDxYYrQ|t4knP{GU`VyvZ z_~+!|_XOUuVIf!1A;|xEkJ2Jbi5^pQ==S8&?9xvLbd8;;8r~P~qcg3wo?z7YwIj$? zPZH^mf1xktYy3Xm=`y~sU^ndjY;gSXYbRSeThbEYyQFtIbV^@`$3|a;9Z^^%4sR+> z$X;ouNte|%T75;no?@N!B`YaW^8~3~XEdX)_vE=$s1v?!V-NYgB^)hyHFwIfg@Iiq zMdl8x<6mBgI@AOg%qQzr8796UEl0ce_MT2Abi9ES@OFP}AFhe~1Q_@qzUAwLhBM5m z)ot@9@q2iP*{UG9@dLkarZ3z~-N|)*Ls|;2x#D)SI%33ZrcCod7WLtU+sD(fBf)!6N$;F*6=_A# zf)BjmsmWxCO|#)gFYPv|yZW9s^hooMuRVfggNKPKx$jEuFrv^**8N&H_|OyMVOX4j zStMLL82I9m;jd4rQoa-%gjJBDlhXqd-!T05~7wl7~zm&+bQ^u4-ddF zNv=fi+O!TEU>%UPb2N;;KGo*ZpVSt{;>}V#JxW9R08*0$xLzsw1rk1~eG1?Lwf)HZplQuf@L`;3t^rxErnf;mazD=%Kjib70`a?sVyc zv;*Z~g~^4#Pho%g2UkW8IR(rQ^Dn12t<~9nsY@8|&qF+KH*<&C$!fpIrgYJVwT$7L zD{f)JugMheX31PGE0sTb!ud+K{g-7KL+>o?Bym6BI`ufrGa-HWeg)oW^nuFeZK@IE zuGH=Aed#*Pp+p!|ttxHbB^uglwKaX;CC*X8c9b1SJY8+@o6Si5>+N&u9B&)W0#@2@rd#CQ&D zi4xcnrdNJUo0hpnum9Tdo)71wWA#;<#M{;V|ab-rZN{^~Ya#6Fk7RN>kFX2Bx?)S^z8>l{euie5j9 z51d_TWFr3{S-Hzi*W>9u`bl%PiuwG5tw#bd1#5xOP}e{+7M(IAIOMETbeoEc8-*}e z)^_;g041d;)9aU)|JVjxU=t^I<0-u7Pui*g&bz{SrTOV|BYhr=p<}IYbeL6VrLmX( z@ESZul&7`?{MQ^DQgC~HQW#0C6Z0!#4yq1Dbyw=zI?YSyLNetty>xyy$x7tb?NbRT zV~wLv=3wV}tSCkNLxxoP8~=-))l{@u3wPWo^BfQX6hx|2`^FCnqq|mWt65VHpGP%V_C>7( z)0zE{CV6;8bvkgs$}dwzCGZ@@ z&%#*ma+$Bb`I+ut=6Ro0d%F~Jxs=z=g2PX8;z#byn-M;L%|Lk5lqEi?c>5lt*=1`w z+0M5<(EH}*@hlU{YdZZ4Qu&o4QF`YEzI9Vs5ML`u$`)586MpRvl=>(Y{BZoEPwxS= z&2ad!uG`(>F<`D@qEd{()-{I$!|$nuhMHM*)e(>Z>B9_28OV2qXuf%?=LBwl`}SmM zluPlFfETV@Vb&VL3&{(uhV*o%lk_hi{<#A~8n{4F2qA7WQS|mayU%K1I#KK{IJ`FO zse|lomTqz=GFJcK>L{G1&%A>bL*KJuL5)&i)8WnKC_S{I&3rO#J%08Iitgnvsj#xO zdGxT;##GMsU5H&k7z=fu12xL$u*2bxf_GhZv#AoGI%GmTRGAqsTpR2`jJ>O9LVR98 zqlP}l${;P%GPA!{_ug}55J~thO0kg~yBd;hCcnUdAoA7u^87wX5Q5oq@Z!ARI>W*S zV=OLTz6mDtq7@^24O&TTIg>T(4k)$F$1@K4|g5AAE3%xAted{@4EDoPfTwlaREBn|D zgdmtoo~7>1Z}kD?&;!YS>N#(46qa@8Mrhwi-m$?b1hID*2aCR}yLcQu+fff9=<8x4 zNXiugU;?da(F-A&zro${5nUdw`>5!=s2n{;mY(`$KdpS16GJSWSyPua3XL~U06PrG z64FX{9+A3W-JAJZY=smq;(|pfZYpD@YzM`W(W}~Ow|c+0?b)?pk#XiMRDN(8u%yFh zeza#KvZP&pY*P;vY@Z?^h;ns6F zpG@=TJ5VudQ{;l++OFiPWx6tSl+Ij*FkfM>`D(L!n$O$q-mLR&sw4ybgWPGxsx%~1 z9`t205~ez0(ZNZgm~&qzNzd`)bY^o^QA3{;y(k$CVVNtrFVX6vUmf}#<77uS|&LJw#-1LrRZkb)dXjs78rZwAiBOv*cDcFMjU6##iX*8zW7Qkrj% z$xiDs{s--T|Bcn=*Mgt8yibP?m3Us|1MA`=oOd1D-?1oM1E+!HuC)t) zsJ0;Py^M?AZmt1y;)UaVNH-g4K+kNVT{p$_0kUm|D^a^tC(BIqiFrp@9*aDJUKsMJk21Pc3;9v^oP`N{mDc31FQ8ET z|72*lpW^0zeB2m*-EeWe`K^s}KPSf^s=+`xHxlQy_4as%uER zdCG)n+g*69p3XdlH!~A$o%=l*-@}!Nd#pA=pW(k7aj=~o17V@0Yn1pHjELQbiuGB( zA6JZCx~eNhKOqxI_u}JpwYe03pY@qawPE{}#t-(jo4y$>j8g$U5&uki{kb+bI9bq> ziTo0sZA&X0)TTojCx5&|2-A;vt?~8`PY3 zVlZppSNcQ>rBxqe2h-jF%9YQV{BqOIz{5h(-5O^L!|_2)xB6*9kZ!w^_+YzD6j$s6 z+UcP#PEr!Q%(T=mQ^2i43q|eyClc>^sQHK*&|FYI zLdKy?FdImFV-YVFfPuN2<_)k%ZZj|U*K_|;?U#0pgX>>ZH*@*&Vr$n(b;!Z{tkiAh zpD-H`KzBoaXP8;f$PfL7w_T&vAxdkDs9Jnh1e9?__%G7)7&XAI-4@P`)}RzJ$Q9u9 z^tv(Uq6+mwdrJpGWj}<$%l4i~Fd{vv|00=tuOiDvLqk-m+`wTK_jnO`qt@-ME0}($_3rg{XH#UywsULhR-VT`) z$6E3HuvfOwkuGu{CbTD?`38!1qRJt^O_N4YwEYkY&JfYi(yP zZh{v%U~@XDt~0t=4ks+-LP%<0`zIuY;yOSf2NgsZPV4mFrXRR*^O027JA!eMs}X^N zw>CJfs0qo4TafHw!2ZWo>UAJX+Yn|m@0IM&oOj?a|2L+2S~2apbFloVSDsi=!9!iaupP~CZJK`#;kyy@HntvMhe+W)waoeV6*8!J2_>E`#K)`g7P`cWADZBJ{W_scuU zd94qz^VPo<@iMg`IP7V|wb3D+LQ(Oedz{jy+TJ58{=wn1QM6Q8V@zk7qg;awZjgon z-=AH62UF6VEg^;v-37rZC}bjqNQPA(e#w?kiLiYzU|K(TJQ`6^BmU|H-hp1CahshK8yM-aZbu)KV>_m%CQCQ~m0Hun2!<#q8i-MfU-kn05M@ zZEAeDXb<@O@I>K05+Wl<4X3EOo0X-H(X`ei?{++DEj zm+63UT=MGvHkDVOEydOGR@d zb0_{_55X4l@VM+CyCZn!%eM&CMpv|5E7b{$7)=S2$u_cFdN5xv;_N7o^NihJ`*Fh^t zmJt1MNEwn0F3$_R_y9&}&b=rvtXhF<(zh}D*v$7>EC+TkdFgdmuQ{aLD2~xhEdSdt z{~~w~9`GK%k_LycB|gMgxVtY_-@V(ve0IvlwDvmnz8)GpbC4};2`cSUVpwU? zxFfRop}l0Tbf<01uK)xe-|{oPTsnc^Aa2IFk^o#VxCws$IAo9VKf}lazwh3|h;gZSJg7PZo?xdO! zf2I}lCq&ANwJz@_na-?38F5LxLHXV*GsWw#f=|@T1jnx@qL{8{FWt3C|4`>mB|T07 z{^Q_78sBtk(S(oIlLX3=3=d_w#m`|cZr*1R|IB!O^EHt+AlPDC*v&J;OfFX~)pByY zS!YV8Uj-ko)t#m>SwNo%`A6$63FKfj0>%6$oQKr{xB~^@&`|awLGR+V{J>@PZy&o` z-A+{mHose2v=Z_^aLG9bDH*l;@$sKxulKao)F^mPdE3=5ou{}G&x>VTP#>ck&liUs zXzhpSZs7Z8jBxP}t{1ZMFI*e3fS16rxl6V7>A|w~XI(Ke*5;1&;jXnQHL;M3@qc^# zI!JZCv+da6>$K8i_4~|gufBZ#H@c9PRC3>1=5AQZ?(|-1z95MT44=XAp6lz_jp;lz zp2J$bTpNST4LY3rC2nbX)Q!ez28=xFrk3l=;^8!ITao!n{o2pZ0K%)Ek@}bcB-w=& zs7jfaDvuuo7r4iS7*OZ$z!(1IUQ-F^I;=Ct+c>+w%;hKb-x7}V5O;x;N)0mmOCb;H52>RQMj813hK~$vE1|H&D zSZtKp#*gXm{%iPAeaT8&0CeOmZgsmY?>6#!N*8&Z7Q`)-wn%%;5&@qw69I;%?xxCgnd*(3<&Vz$WJZ1;xfxxNU1wW8W5i^7>nioRt!WN~wXvzV==)@}^2K6C2F*<7 zB{whEh99WaeP@03BfJuSDqL?%16y#rLt0>JAF6AU5XKKlu*%PYyYfq>@heRScU0?i zR|Yq094Qt=!fcuo`gLaT#+Go-3BtEL$XNF+wPp(rwu0XQpHI-!uCKWfUqd>#TxJ*- zI>R`gE}yX%bVchRh=T1T+h*lVI=*7@$70pS%5`@iyVD-Sd1{XUXTv?D8!Q|g2>Rrq zQS?ncpJaHj^J9hct97~eT$NiL|1ipcH9f@!&TmoBf=Hq5&D#835_2ur)NqN425VY0 z@UjZ$02M7Goj&W$rD z41m(IM~m%CPw{&F>UP&Yanr?|OkUfd83g{?#xCj_{OSjK-;Lnr&6j9#w#WNkt; zNDto23_)Rx^-WSxNJY8OPWky5eC_l}I5&!m7z74~v2PoX3VRHJtf6GqNp98`LTvY~ zA@&?MJpAF&q$fBIa!yyTOC=@A3+6-vk*K}Qk%Q*M6B%LuA{`Vvz}*t{M1>#aCwwU5 zr6;{0pfm=3UCbNBm_a_L+!3tD2+4`5P77vaH$RjMYPSYx9~E9T%9!KRW$WbCzWggr zURNBarB7g=i9SxIv=(of>rKxch%{lpgjy2z2W~!Cpoe+mXAHAoYovtzX^-U~HHQm@ zVpNXC{UK6q)j&T>-3=7p9_R0Wa0IxU5WOc%SUHjvGPr#AZq2-P-70u?sD=#t+eK3RUv|DDd{k^Xz5d?=F6?t!Oxt4Cvm84CBiHkVo$js5ifXZ6i<^ zZ(N>n*hrrQs=kp*=D|hFp>X_b?hBGX$sy01>}KB>)d89fCzJp^fHiD+o?S{AOa<%B z2grh9mlmWwmIIP_og{Y}NZK6l2vC(Q9HkZya^TZN6`L9X7?ItZbJeXj#LG#BCj~(~ zG!S0iqARh)VnWzH{@g?v7uBQo-cO4JXr$Xyp zw(C)ed0>1(IcMb#T1n_CQZuMsJtq=dVNH>_V zG*IVIeB%Bn)sO}f;i={~6G!ee>@}@5+(5NQq~n;Hyn)Lc0m6Do4!*6|$m4E>ZJX*5t&n3hngN z#|iECStfSa9N1g~Ep~wcf-%3g3UXh;MxI*fAK|*k)Pge$dh#$nA#fj8_Lq3|%7_{# z_8ms}*i8^bQWIM+_M(g$sG7GJ@_v9;;lIPgcM@OzRp8F}o_puX>RGQ54K6OJqtXEw zFYVXi*$aY#bhQbDyklnDx^A68uk&p$ z7{5GJ9{danajw06Gy9w&3(K4Fzw16UTqAa$WxiK^!TB;&d}dc?;a32no=vAjjQ-vX z;0<|jd-HzAo**lvgT-=ZYuP6RbB!E6wiK8y4qa(UML-B>I5k*4eSS9NJh+a6wp(n< zg9}3s72R|_{!1v#pky?P{@QwHwq;`C$V9kcrS6iK0rxMp`wO3iU?Mtsh8*cK6$T*ckn_o5vU6GP|iu6geq}+B2$ZX zFT^P(u~HsKRbS~D*xkJ_7WVGF%~;GxT2spkzN!D1Edck3BGTiIwcMK9L>)oLSdKTX zI3Km<4zkZ`9w%#tCULm9cGO&>>}HPkDXnt-4&9(l7^5ToZL zPeqkNm0Sl#{``^UHAA>06C4+~@ZnS!H2_#QoaiO z+1Vad<1|KDlkdQx1p;1^^rgkqpn_27-z*=ZRiK~aUxLidpbJz(r>=grnmDlhV)csa ze?tW;14*s|h9u7yT}{?n{+7F?&rD-G9Gg9?_0;ySPoz@#B{E=4m_4W-wf!z*$sV^v z)_V8qXLUl=O#YUTmcJM@;*0Y?;6%;K|bTC{kYE~ly=oSyMwt>ipJx4^K2+YtZ(7St!e*v)1~@`c~sIY<=@rR4U9zk!|} zT&^^S#VDScHicWt7~t(mUg-y90<0FA{#N%_iUYo?gF8WFwVFHwtN=O`LzT-;$DFL$5Wl)bZs>=3a><~_+i@U2qNYLFE;Uhy2` zzdbRarS+g9cXmi|;Inoeih6r`{gCBc_U*RH0;g%2>+u<=$Bm9Z2J!={FdN7fTKbSWw6SVIQzmu55>VoQ<0eiyBGljlTkW87cDg7L$hS{@`Pewh>U1j)TlYJ zNV4J@x_^yY_;Iarc3<|+UC$V}0~z3e!;ha0!LDYs3Pdat{~kY=hTN}(hR?((mFP$^ z-uE{J8lG+rQj>^14#+XkVDgrymJHp4o1%_R358*%60oz6G}Iq$FC0>&HrF6b++U&o ztoI2nB&xz4zlb{eK!vjeGQ2*y&)(}R(HE#!Cw!TFl6+Gna5ZLQh<1Zdao(H7iuM-9 zn%z7vdtPu?Z=3{zaCYR$?+GvKgXy?_BoPLVw_`v_e-2#MHLuu#93xJ6#S(bM;i=LW z$hzSQQ9S{`xV=%!OI5>U8J!n)9lG10xIDW3V?a9d3wvr^l9rNI`W5USKi6LvL^BJ{ z@A62L^ZHVO$+|1eo2p8ZoO;2VEHFuNL81fbPOVvc3+Z|l9R? zN07j4bp`V+fi(C#2EC8D@;o&%r${H8i!A*T%3=-QLd zo}UJGL4!yiT|jvYRA|D#T2!l3Cop?{Y$M$q4a$psT0$+hW?(s^VFiKS@=Z!RFNJWn~pIwSq+% z{LYgjC)08&`aMlmb9FVeV7&QMg2gdy;J>qbc@{`G*fbSXg8gL=PM5C_Ow$YrlgZGZ zF8dJZ5yC^dK~n9&Exs9bVT;};qU3@jQ2pdTxKVN=-7--W?+%-o5bHx+F|v;DLBO3z zklJrj14#)FWH>?FOl-B$o9E)Ed_)DU&#Tsul^ZUaA2Pmn+Uq`xHc?WJKa<*)`&Xb4|?c??VOH32+;&S6l|?qlRwUr;b?Z$hkX$I3Ale64V0QvW@!GSHikO1$I!WxeU z2sge$O;D;T-B{Orj30>7&+N3jLq-ZOf zw^<#Vg(`riJa9anBf?m;ha??U$T^J{&E@*Ac+EUcpl0*(V*a=pHWgwMFhKd-034;X zduK<%)GiaE{S4(B@V9VFjr21`y?UI)W7&N_wYtCI#r6L{;@ghB`iJrggP9U`MJChQ zy9ZOF)lk*-*+6GubJ6#*Eo>)n;woTf#GHCUsfJEp{gSLcJ2nqwp!!I+%iT`Hwfirn zlhCV1ar_=BMoo71{9Ow_cDHmv)V@iS!iZmVW8BD3IxT)E0EKfpO-0Um_iG)(d27xx z8yy3)eGufD_rG#Q;n22MJb*~(pitm#OZI@13DNPb9~Mf7&~FwR4HElkszS#7OyPsZ z5CnOekqGU-`;LPUPWaOBn1I6J%HUzAB)>lw8c%@3Hc#QH;X&+l7GN2J6%1(AV*K9HF8x$m84sp!T~-CY%nKk**BN(wD4R)5+Wr!&qRCVDJtwHh+J zOvXzMdguNB6k2ldN1fY2Fe?4StuvJe8*(48ZdOPIrE&#Htqb2TMk^=Y9oMsa$nNWY zcH9%_n+O-UcUa&F_SWHtK#p=2tBFhBbD6~s0E@QTNS{GOs83h#HJ#aiUDkNappw$9 zI4D&G)2Bdads?;s1+4iVj0h_fom;c3Ieu{g40Wi*6AoHq$N1qD?oQ&}w&$XD54G+x zb;TWqHeaNw%IB0xs(J!=lx^F-Foqy+eMOCND@daOh6f{v^JiDQv68G#k2KWd2^O_< z?7mY+aeXAi3G@FUXoZm>QM=br25|akn4bS7n47{CYlLER2ioE#pmSNXQ-N;^1p4E` zLIeo3N@Dh%FOZT&%CBA!3KdVC7jgdsJ0P*ZYl(G20dwdAQk3<$rr9$l#4C&EQO^>0 zqx?20M(2h)1Ngfp=m)e4VGY60wXY(2_OrfHBfSzjGnpSaR-Lsl=Jv|RP#XIJ5gByk zUGLu6wl#O10zBEu!txMYVWDrGz#Y;8QeiV+B&)MXsNv|Yb0q7}#s?v=w7WP1x0WK@ zo)x{YN7&&xf*$|oh)zyx^&SjlNBIPVnopAolMG|FoE_bVWRS~c+1R77yOi17zP+!TzTCt7RF~p0d2t1(mH#SG zI2uL6Ps}_Rs4sSX3bqmiKN72%jA4lOyHa|Af$nyoaxCiO3kT-swyjEkimW7y`9~ml zMiO;(?kf~mWPnNi+VkDvQ`X8@jL}AJWX*k?B^Qw7Z&Ly zx9zV8S9Sf9Ds03Ps?K;D=A$`drW z0bI@+ITSaf7~30q&OvB`ihGL*Do8U>Nl`b~#C>)0(MZi3B|^{M?;4!I%%1O%kl2zi z2U@^ok#p7r$S3>)bdIz^330+AfiFP*pu)VJiHZSsur(<9z-%!i5JodU^yEsS4^QM( zJ&hNBk%hRD@(W1MaGDhQZ8m<;4oS0698>T*v=^uYd*PV{FK`WbS$;yBLbkQjA8Lp-o@Q}10lZ74%A(fb0;PJ_1pW1C7^Qr^ncE-Zb zr=j=undEs^?Bpn~oxz%Cpx~e;d>;5qhVZpXvLIEGto@Kr8`Wgvh+;HN$;|jKiyv5& z(h`6y*fV{)$gpL(tu#75>J;5_VWxa{1m;=5?@Jo%P>>w0eSsewm1nmFQcHQ3w1O6cm6plg5N6__%J5PQ&rH@lBNU|FE z77Rqx3oiYdUoD$7j^nmI7~-g)58wl@q1w+lCo8B0< z8@-LphTrC|A_4H(Pe9`XmP$5r3L&kvAG^g5`}r3`8R*jkqYqK&40*K&eZPPKDLBxC6w3<>!Blaqv!xT5e5y3?It?gWU? zxFHpL3>zPeaglZfC%8c2CrGR%A4eYiiX%W=S9~%x<`OoEaM%_rc7hK@G{3U~88_ei z*YMfibeB-%G=-iMM%R?#r_i^PyPBH7PzoU*-jAKEDd+3T}}C+ujItAh{6OC4|ac zvcp)j`y?=Q2A4|St#w84%piD&1dwKE5s|d*RHPXgkqz4FRUoeOvbj|9naOmuBiz#N z3k5W_-zetYTC%i*1qo88T>+X9%s7E@b@t1<2@(C-*bp&mOVJW`OG5jXw4hwcj?h2s zOCCLWx>-33s0Gk5)i06*0E5ZzO1xWjG7%+DTmUzeLT3!(TB8mmX{({er8(hug!n$j zzmVrVfNx{>H5eGnG!wOHXuW3$Xu0H>%<5U_@48IHv!-0Y zpi>+-2mVk?xipn{QH(Ul)mVB!b3rCH&90jv-UVo|*dY*$+%yE_rvC{+jyR~0VUEn) z<~_(lXmd|*BH=Im32GFC@>bd{eK>DIJkb?~F&WrIG7^Mq#~ut2e<)FqQ?7zFZn7bL zIhXlY|C-ph6alk=JyN1=oL_uG7+jVLU(D8w*S#o8i*VNv3YQRdkT~LlNquwO>i`c4 z{oIoQ9RMdN5#4J(^r8QLKdhW<6Q)V}>~odql?Maauxn!{WjjkZ+ZggJ)H%~ypNNh8 znLE;$xyTn&ATs2uhCbsEwLI_*%tWUIaRXRAO_If zChBh4|8NhNpZG&sD3%|s4eqf?!Wu$u3WIMzkn3OgNVvDZ`q3Z-$IW-9&OU}R1tbyv zg21JHGJrT=>0z+Z+YDy2VK&}dmK?ea<|#i_8!G&kh}H%)FFT+`vPgK`_D~NNRktz2 zq7)+ek(hP9upX`O%rgFmI953SPaSux(8a(XM*#}+Ie9@FX47-`z67%}Kxb^YvxZRc zSBKB6R!{7IpC$aG5lXI258!y9?=~g1yS9TKMlU^j@_t8E`;2Y{DGPqC!Y#A&Zm*Z} ztk2uo)-Je>p(6(T_}wUhNn|~XnelF5LyqL#*)@Yl%Cq7+TIs<<+$2u^-rfR~l2Zb* z^}uH)Rdm*2w*$>VG3$t4dT`84LpJFa(zG%E3Lw~4HAHy;#L)A0eh-iw&^JkCLR@qu znQcj~1gD3a>nUjP@yl1&f_@BGXdaI$h*`4A7x6JFWixmNlo0*^`2Mek zd@Xl8bkx%Wd*qeaw@FKjDrk#MSv#b12zq%RM(VMqmwsU~E&1LZtf=fGY9@REcJNyW z1fSRvCz&tt-CID*Kki0_OLr=rVAwYKU}+r61>#0TR#D z;&PK(XeM`0?rt)m)nEHftN*fZjKy?6d%mIQLDZmx^FtcI1-N3tMW0NStOr{SJ$SC#=Ia$W`RI!e77MI(2&~P4 zJI(r#FB@*M)n~Y*_me2XamUQY$FQ~&d@Us!#{ewGaySGatt-4EgnSK9qGSYIG}Fg0 z7qUZmgf?)B)D6unE|GXIP~n!URg@Zum~r^5H}#@utD4_F0(Sf-vg3w~rxnr*Vf4i! zhxC5soiskSJ@8u$r<4M)d*x4oN*{`AhE~C%g)vJLpa2SK|KN7P8wfsT zeGK|KM6X@lSbFAupOw9BHv=Yt9*W*CnS5TKnauYG-DkBmrdwMn3dx-IJI3>SVgZ(F zO6+x+s;irA6c-dUGlbC(4BGdu8KWd~aCP1^EsQ0*@A#JD3UG{$!@FbCZ``;u?7F6* zSMCax_#RH^zxf_1=yohrhZJ5y@oA=;U2%D8f)DxuS2)fDXKI!)#pr`;L$e3IF7jhu zMhu}kC1c^4c8{Scsc|1~obWej;vDb;_`~+fZKK+VX_$=`#{R1j7&8NZ%3Ls~j5t*c z9YoWv8&`L;HKHbc4yd$jrq!RBu40*+t{sFw{u97@+ z2f6RJCe#Vc5#mQ}3RhQ6kG3RJUZetA_?|zv9U=jAVeH(kuEQhFUu|9lrZVK673-dZ z4T_%EIV?~e7CwI?rJ~LGM^*X8VlIOe@i(Xuq-Ae$`qFyWVZ{y zGfJP+Hl;`3bs)jJ*{t4Gi6FUqtC90X{Wm%O`m{iM*ymzV9Z5Rx!~gl&_CcNGfn?*AG%R(4?(k^)V`l!uW-)b(uxH~<&kLklc89AUe?O+HT_bR_NUlF z;mV~)-pzybzz^Dza&PVI#H*0Jr*I~)y2twRHCL-VbtJO(J78HKz6hvwz#Cl3Y&ZS! zGZn-=s9{2?tL)lr9KuZY_tOAgg$@2UdigRDe02bSY4|~i`F>M;HiOx*7!Vijwo*U` z@w5ybCE{>nd7Y-@;qELxDrYp$Igc)3^xtH%&NBgA^6TS|*nOWhoTFuHO#hoK2zY;~ z2;AYd+>bW*|2e1{P}=6EY*()EB8+t>wK&GVuYsD3 zZkm??)-LT)04`i~InHLz(om7y_b9q(%USb++l)vx-Cq&B)-AB+ra#(&QVzX9LC~+2 z!~67@Y80$13(3&550;!mx7V5AjfVlHZUYYnY!90d@iyiu7PPgexM#p1xXwhcpnDIE zSXiTzWies`LbluRxMI7ea6nM5f#5I@nc}T}HSLkiSp#T?yUh(mV+y};74^YJg{0kQ zh1m=<9wTg~NVRZ4%qj*Z)0xCf-zhhk6u$g%I3<%CO`8lIl=G9MVMo%kt(Um?o?`V^lhj zt|(X={40Yi63lS#d%N`3*2wS2;&ecnr~Z3_@=id`+MC_UYasR4O|U`SI)Fmb3 z5ir5@(u<87^{!CNQQ)(__Z;=A&d$vbzH)#>k=#0eYXOZi9P;rTR(LTjKD_nJ6lx#I zgzjV1J-+I9%q(I^9fMEwP_Lp@aOT2;fnF@K$Zlkop!tZ)X*ni8_57VULgCKP-N&y4VD|DTwAE3f*)BcOJoFf!9j2YKueaN12^ za*)lqS5bDTb}39pqg!iL)tO2>C}yVZG|c(?m(cTK9wQeIoreG-z);&k6A&TyBVz!0 z|Jf^}Duf!+r8zJU$^KA=XZueyF6-%Cb+7f6?DoHHO^EyNXeFV~H!@(&l{0H6sKm>- z&OF};b2emp|F9q=lP{r{SL-6E%qyohEE?&*hQAI~nplyX-b!ibm8Al^x2}PRI|7I8 z%WC)EaWJoCUzz^QdjWf*4Yt3N6BfD=h_gRv2BDa}vf12x1dM?4bSn<>sE;E))j8|4Q2lqEU#+N(wKl`c>SwJW1D6Tag2 z#2U}5E}ZGHmUs3EiXqLZ0j@Pk{+|q!14S?Y+(K1Q2vGccFriPCf+I8TxqIjPR5LsL z^bHcbcg4E0>cG!{G7og$dkc@L?A~WCbZTDsDRk^XGXmAHDEi!oR50l_2Cu(yQi5%( zCwytHAAftpXiIe(-u4ypd-2cOpdM(0G1>vC@n&`CI_ZstDw^bb_Mf2dbN~JVIn2R& zZ#zgLG*6eRMQgz+d*6Irg|w{V48jRuVn_h62yO&C$8j$!)%l_@q1@j5%CSp6ng92G zIi7{1*FMJy#WP$Hne30r^zPb%g`UzEkJjhP-n=sIQ~0WJ(-Bjaz`gi;4+Drm_*nis zabp5PRY;w#$DM%2gvQfw@+#wD*vy8{&?Z(zTv~W+bwnGQwgs#wg#bYccCT8QdI7Tw zvs+km|J*XbMt+S>0R5ty$@6B-hjxYym`v~rI`36Bha>Ua9{bR=G=1UYIpTT&jCSH+UcF-G$2nM)BlD0#MRcmrmarBY;!-m%w{7FCM6*p77SI#5stLZeFNqC1 z#$Oix0|EA6t{;P@c&r+sAu7=L%nJdj_A)J?_ZXPS|E!|Pta`AI(}>BS^F1NIEnH z|L^L*izs-)uF1}qC>fubyg?(r{^fO=&&lm8*K_nqUH$k@=*04pTbF?D=^m}s7tn`# z!-Uv*fZY$b2kxmu;~@<9s<5Q^T|_TjhO<~u;PccMryVi?yVtj-{d=4Xk~|xP03H0U z^N_AZGeGkl^qO~Y{^{YDJvoYzQu+VE&9P?P^<0YY=;kypS@_K2Nem=QsilX+Fa?BX z5if_O2YUNlOrVtpDw2Z3bx|@rX;IELm(?yY<3lMA-Q^cve*cBf#ybJX$Koo=>q8+UiWhz|&sx*b@YO}rcS4e}~>L14W zGe+0$LEzB!r`bQ#U-%dnt{>OsUaoZnV{2SC{8`#6E{v7Eo4%RhcW()Lq5v{&z?&J3 zc=k@{!J$A7JWM^VhB4Gokx-3KEKV!qHb2K15kYooOUo8~F9f~1$74qD129$iP;D@n zA3FnJ@b#?>T^Duy_Lm&G04ToUcu$xgNO_{HmhD8%t92O+PL@+I^uVENCdNzo1aq-U zuZ~m}XkY_;)+{L$=uAsS{tXsA<1?Fc8yGgfw+@T#fmK26y0_&dL&5?_&OT|Mfx%Mm`FTu(i z4$n`cDOQO$fPT+#sj7TTo?8531gl3 z*A_f6_>KD&&RniCk~X%bF-wo78XnsLG%)t~08AQ(?C?RdD2gVzg;5iw9>ZW!A;9WE zxpvtw5Q62IqGM?hko{pG-Pq$JNP@ri9;gG7D{<230i;|1Y9AiFT9<(Vocg9CZ8^+@ z4VD?l>}MDI;01NXO{(XJO?JpH?;N}zBMwsF0>nJK4Ancs-22*8(DEt- zqq)N=MSDxf{tZ@W8jYL!-+MoXdS8D`m4M~OKiCz%-+YxAK|M%-IR!M(6*|2(&uuZ%;HUU%m;ZL}R+05tA+$$I^qGk9SKAx*92Kl>>!DiJjE zDq%{~k=EYQ8&2n-;I`+8&i@pneh)xlhqKo>_-!5k9!>mA>6>YSR4{R5eAe{L|Vi8&Ic-`fmk6c{95q5B)*<%zl>YT zTs#YOySb8hJS5?_t0fxz;sU_JCjk8Ja23=93&j15>?bW}ng{Vzu;{a?^Vp!gmXrNI zVPzP0Dem=Of()vA9Fmn?R{n=Ph}6v zNkKn^D^@Rt#jrQnYAyR6Ax{xqe%3hAX=A?HIW-UcYj0n>*BO&2q~4GOi+jO%WYLqs zna4_V1MMNK3M$^Xys?q(%r$+vXEb8WcwbB480FtHrPOp!wPs57o~jK<=MCn3Jk&fL zWoI$cTPUt^*jnt&VY>mctV3#9muShh(ZAw!W8eb_<2J+&^|Zj~uPspnrpAt#W2Annk{y9z4!=D$gQ#$+lqCCYzk z(0I3~f>zQi;;#vv@dBDIPrpTM>KOc~Hy8VrM+jH;>#t1l1l5hg+)!^yaHQ4{ZsNh9~Ao zsA&A&rP216Xus?~GzjbM(86K9#3mdLSMooVWFFYS@tlg1;jqD}D)wehbHZ1yeD?@P zCnf zA`RHnsONLozDmjOvv#Sq6_Jl4TA{IRF=jzuQr8-m$@I!_nC|aVw26{tVa6*_gV#S` zE+J99a?@wl%Gv)h56rNOEF9UoTp)BTnYA%wD8g!;XTbC_e61s}CoA4styk6_SV?Qo zYqkj@h1tstOHC7MW`m10;Ks@=ly;A`^4^6Jy?^1;LGF$?^jH|rVDXS;XXO;b&fyp# z3A!6nfPXl}=90Koza;K~=pTcKCr3uTU*78gG_ZZQ)!3-Nr~OJt%7jQ3aK#GUxNj7A zuF}lol9z4yz1AbCM74sOSa}*zuuda^b#z7tk~zGz_ID1tXvF6^-?7aujLwW_G$qNH z+C#K*X)KWl3Qtk@%*f zyaZMchb|;}o*j!$;%0_BuZojdBRa$ONUXdaT?c4@_2C@cJt~jcm#?Bqtvq&@#aP|D z6GP%`{?f1;D6Lb82uHs5_Fl4Tjc~#jbwSgfHu7|FQ_Ol zE1ayQscPtvSJ<(z_|lF>;ll7s%x~OlJB;*#|J!s{U6bR=VWQpkfjlZBzKHjt0!a^G zo`PMQtYG~rJxo`lu@ff!K*z81W(Fj|<>a|C;6mYv%+iq$Si^w)q50X|YXbkVNi{fg zcITVz=q?sq#b>`GIQs>hv|%c|Dr*du`x8|1jY{ z^FuWt!beZNe2=KYXt~IXYjd3>GR3CZ#O4f2(6*wxWk{hBF3p-fa=f}zxb@iJ+Ot=h z0UA?9ud9&X`Ue+D?zK9SrJJ8>ubj!QGIt#E9O-;emS-52xxnP&{59c*zCM*`ub2(4 z7K-qts#nWTP_L@^G|?>HiTr2k*Iu!u`=RG5HX9BBCV7NQ>%pZ~hp9fPKM$Yki+o4m zmEF;aHk3r+wc0kPs{;`Nc1b*oUUVwYlh2`M#L=&b$dOes1ZO*HAKEw+Wk94MgfQ%2 zNTtO`M@mEN7F1sx z8U)KbD^4B3+J(B^x6x2=>4;CpXdft z2Y0H>1<>LTz&H;k*CMz7N%se#2T^i*63sfnOHzlQxCB%O$KctCALo3wm9CE52{RGK z#6olMTXX))>d>3PvtMP2#Eh~Y_5>$ydVX{#SrbxJK_b@#8*?1BOAI_Ca_G$RvNPO0 z$^G}I_Er{@+B3vP?QE;=If|X_FWY_F3$E5Y`|=JD`Yz$y;}r{pczfjy6Rptp^kFRzt8n`&Hu+iZdl&LXlM_YbOaB=>UkR!uGG_BXw zv7p|s;3ns({0WX%^?#3-1f$0ABf6X(CE(C$oh5=jE6c@vl@+}(UBh(GBE~ekMeem& z?<+3FsCegR2MZK{>$oS+_MNg9Q`Rkl`H7&uQM573P7&(jqf2dOW zjpeCZo$HqRPmIm$KVE%~U4h?ww*ZI5u>+})^ufSYmBkv6X<>17b#$-cS4;`E zHG3rwt5Ax!J?>Q?uZO0Pv8&hxPo?P9%Mu-lEPG`4F1p})_doi!Ch}y3Fukz0RhsdC zd0fU2sg1dyuT|JmmK?LVe%!V*WWBH4X|#al^J{iq(*0q>>!H~uZpyO^;?^fZIOI9ALEONlXC4^=%H^+{3;zi8 z1GSKxc0$%+n!;;+x<)tie6Z+`dl$HofzEkcF$r0j>)~4I6DoVgz8w9j`y8Aglvo{= z&|{)6lL;#m^3_=wrC^Ti<(#&UNicx3`oQuGP)0pMFE7>oJgib42}ZlwPT=>C3t<90 z0NvK2NcMP$j^s>w+ONsVM+G%ymwN1payG8pdrsL>M&)J0b301ln2^#tqVJHcaMV8#25>dLXXxn@qW7w zFHnzeAZ5-a;G3lW8)Nbg6{1HCJ^l}qvm9DVF= z*Rpg)QA42R;WeaNYoot6%z0An=V}{xHCtK$XWhm^x4r`IExbClq}CMD5qS!u(EKAo zsQ?x(Ra%>wLOI*r-T*`YpyO(w`$eXQGF+p8Zm}aoXn((@R3q>TWVZKpG9MCid4(Pi z@ytClBBV)+I{C^$WKmoSOenHfm4%-z>MOc?;X8D++8y$na4M^<+bgaGX4 zPxF_nKQDA?|I26Y@Bd`GTTqDd3_55nF+B5Vn(uHcyDwLv>oo#L_nT{EoxGd#TDp)+ zJVked)wIOybAQ1ZpG-=#*7rKVxITf9=Rdlo#R!-1)wv5?@P89yD?ZJn`o~WkF(Fpl za&W}%0FU>i?=t#AU}l9HXh0U2u>ZnTiP9!S0-xzm@HAqZo(4Askh_)b%_Og60W*nQj$7I`iQMdkuRQ+mY?ERwmZVJEe zNznQ?!V^&&fDG8}{BPEmgNWBHu(47@r~2zov736$t6Ivy1eQ-1Tbd%tfbHV^2^|Y`iPp{y(~|J08pSefN5)&=6${4OB9c zJpHLV zI>&Jwr!4%R$~}74aOS)my(XW>5`PxHNT-m_X2Fw}2nn(M(8Tv!f|FmL!o|O{nx3K8 zYpZ}zAKM;G6eNinIa9;MiBORdFO8&Lb`sJm%|9=+pll*MZ-Dsjwy>W! zx$Iqr2(0?W6;OE5h;ZeTN$oWth?*~oS?z=aIeRW0FKo-By$#@^0> z*4g31)A?(aB}2(`N=&pt_vT*Nk!9>BY8w&5$(MHvhglPS?;gpFQ|LHYq(ynbqEENm zmz^*!ar|I1opHrN{i8ombrP_zER(_qu+2I`25Enuew`7@$AK!Hn_+0ht*r_PdH$5n|kNTLsMcH@gXC!RFrHd2RuA z!jE>5fd;VtnpZjBg!n>R3Au@WTo%4q7+*;WO zJIejk9N054k>x)5LZy?Uj9wQQQLF43Ayx}J0ny()J*MpLJgwE{jwe}?mZpA}Ak42% zy$eJ%B$4LMmA`_cR#Y02R7=8=oq^qOq;uPpD3q~BJW_;3BXkK~l2>GENI{p?wMkf0 zI-7oSc-HO{-651s#aj|GcIm zstQ66dp7ho(PJb>KjBX@I}BuEAbnGAh*O*g`q=sPLiu~|H%nE+_qs$9#{sz^AMO^v z!}rks#d;5#Bh;TC6t)1byeDU87k$TFdb{K7e-*&i)f9Nqr;F^LXuQYNledR8b}fhM z-fb-NxJ2XJdwV9;@X|N09&wKC{$Ye^UM8Fexh{ZSd&&405JH}UeWLYadg@D8q+`u4 z_xk>its~OTB2a_Uv@y;-kiYcVuO<%^OIR@I$}g+rN`bTEVxD3L4>#q3&*Cb2u)(F6 z)GTU!f%37rW1C*J5kC1h)UX!gz=&W#FD*C{0lF0N*`^*s5Xud3i6Q)ZFSZLsjk>0{| z?dDl)Cpa;VoEfNnbd1i~>O-qmnwgGviM#5(V$+nMsv8^>mkprEH9M0o2LI&uSv!t! zT)kDw-{8-<@P%!@!UU)b)_GWmiEvr(6_4i2yF%2p3Rmf_+$mhNEbwgg1plX~+XMT5 zj4L3}$8#eK;0{~>=$N4rxAqU))+P5kuj0P1?q`Rhho-iUh@W$bn4Xo4Dvk}&r|xoh zzG^>g@8Gh@o~XU{>rL`cLQFJ?78|F#HTRvfNrfbkV))=CfR*n1feRzBf8R&katOhM zJa;q}w{!SG_SH;pcL9xH)83C=uFt4UECwa&qDi2B>oNY|Rn3eTJ9v|LBYQdRhN?v`jf)Zw2}79@=NCo5PPLjx7%XemrI!iA>e?<;D>J?`s);@fD&b#!_9@ ze#_sPE^9HsMG8a**z~8TK!xbs&Vc6bN{oyTMKgs~OT7#G2?P0Q8N|gZ( zYjRSq^5QDGGAEdPnqK&CP5W6f_m|w#^R~|c)P(G%eyuI`ABCdeFIl#s&Ho%BQ&+1r zIaaH5MXxjoUpk7H!rn2Oo8+hs7wvc6^7@&DU)homOdMVoOx5yE)sk(f)T9Up=+yE2 zxxxCu>!a%Re?DXr&JLnWG2);Z1)QjY@Tn=4sce__n^{&Lqjei!abd>yWiN@6f>3cz z`Riw^lmG6|j;L9Ody6)?9}64* z>r%Wavlk5M2OpUrvaZ4qirgGayW>Y&LRXg^l=a(+;$dy3sDEaR(s9xi)!8hrgb|a zp5JrOmM6T8+O&eMzkf*kdD@uAA8)9{WNY3(R>LHB(aP_W2 zna54!{!DT3*({u%obB0u<)SrLRhxZ%9nwJ`ePv+<`<#}7N^-zX;j{75TRB<*IJ{7noScl@fpIV*VoG*aL6+AgMp+lfZGM+Tg z)w%eF+RR?o_6dihxjq_ZO_Ui8wE^eiyK)1T1Y@<1Tt^ho$`VXYF$}wWnaWbu2NzL1T@IVDs_7Nu7=t!4tm(eGx_}Br&muy zg}|IQ+Q@;7a!gF+Hl*6;QJLiYqa)&kis~BhwU41wn1bfkh34=d`h#sk%7|+7CpO2T zo-UP$PV}YFNx}p7-bfI5h#=x10t!Dq*6D?SJ9fJYQwQ%DwHbHyghJyhHj~oL$q=J4 zYIlEgNiZH-WVy0)XUFkv;M)!)kPOs*;<|jP17hbv})cGoGh-#nB`hWyncpydY zaT|4Rap1r6!wW!=a@^&pZqeV@ScT~ zzb0Mc8R0!(DMrZcvrd}hw1*d62^RgxHIaF0Hy>5S8~ z*wE&%=hy$ZR6%I$S9B-S{hX9Gxt%e^^9_%?SaE;w(ryUh%fJgY^&_~m-nOSkI_F$;Yrejfm&I%9 zolp3d^k*@abnAb2*kVkuO}|U+?Ag#b->?K3=bdMHy&uBlcE6Uc#7-eDg<9*awHvCv z3~6!%4ARVz3yAS;M>x*zf7PTA=o;Mzef1+)S#bX*A3}+jyLulv(5{!CC*V< zHctTz;$;)_6pBfW;q|xB3I!GVjwj>4F*(IqY~|0mU;AnMK7{uOqYq+YNKr&eMV5gz zhkgs)BhSJJJkZpC?!}p+H5MuOWzGd6*77ON&V?Z$crTt}3KEPe?-pErP2Lh5KTtue8T{rkp} z$$<+i<46kDq+_$dor1G$0X@^8wtaiEUDO&6wh(y}^-6{dUJ;W}yd3hN@tXDDV#9bo zGtcTjNGxxm#1d7ATRFZQE5gdFcq)@N8OaDYoL*w|Jc~@U7W`!K z(|BvN1l`OeP;T*UqE*uuh*-X>Fh$4vE4nH@!WOjYnH$V_P8e?xSOWSZxBu$QtN8Kp#q5n0W46Jh}345LH`G3;hvQ|3mV- z$HeuxuqU0hkTS6~SA2!CwNJniZ1KO))IQFAYonCM z`aR_iA3$+6*0X>rlg{Z_8^Hqle(4NDL z0N*C70L@OF2#sTJJp-J3GWbPbo+Zc5M6?u1f^;j3v|Bv28MDCP;8J5$^wpoKW%djTb)aJ>W-wkAatsdT=EK`+rKskJ89iIQzf|4E|fvys~+QA3FD zJmatf)dCVyMyO!9Q{am={`%rL_~Iv1ZCJkimR9S%hg+^h%GA>#qm}n1bszB;1BzDB zYM(m|`crd70bSa`VMe{||Sv}XGE8^1sNAno42nbPu7k!1DvDWj3EsHFZwYlm;J7kv}1I)*+ z37Cjq*TII~T<3V>(H1%1Bz(k(0PTt*==k-)=+j3?U!kI|2_&;-s8B^k!>TjF`tkC~ z+f*i!^`j4BQSa+x4)SxJ6GhX50Py`LKe9nC8m)g7IxR#+bhdrLR?WM3D&?7m+PbF@>2Ax_@XT_g`F-{2?5o)(d5BO0W>%SpWwqGXt8JSt$yL}q&YUKP< z{C4(ufG7~bKh3G}jK&h@vLVfyTsF)9vzbf!9m(dYSh-<=Ycg4|4Ln{0NFa;$zA5Aa z{jT~xsF4IfUdv@?o8_07L7bLw$l)`wx|`I;^*08M6x1Z<>CyHaa~ryePePYKvynK z2jN*H+?wWR+pAiU8OX3{f^w!OU>vTo+t!1O z)euCWo)x0PSBgvdc`m98Ry1c~X9CK1)c;%-)P$eTX1r$%`OQs~9bt{VlX$Yw*R=U( z4VNOTjWty5Mic->eAorB1u-;##W%#EiO6rj8yrL3SLWs%1qsi&JBq`pXpT4>y7f-H{78f7UcG4q@+ zQnGyl-AQr2$A9LyLr^!~>R7@n?e2CevE{A!?}YaSJHhFxN!N!mC3po` z`IcBfN_mKOZMb65`nMo%wz-Wtw)vZIkHZ{`M?@>H#Qy8*a6bj)bqnhs$)kUlPTl<8 z!gKkP1#4XS_WWl$67D6#kybW)FppMj;f|+`-gRG`A z;sRuJ&8uf-9BQ}hJYABI>@5v}rU!d`w@DMmuK8(*fQbc5+$391f|fijrLe3r$JkNz zU`6xVV%4Od8)pVecd-aT6yC-S-X;NVCB3>ZhP;Qor~f_deCTH@>oS7Y4?=ses*?tXzVW`37?uisWm_Q3-i|Ns~6#edqTMLBO(2mFGT9vERae+l!1rKqeCk zXm@vsh!=?n!7J#8b{;xOWWSFDBZvv7p67^FMw{|k z*RY|#0~Nu-eZ2D}#fvk?!XCLOQ4rsEhFX5rc-|8-JAeb-j~}O}W4XgHTx`(l4z?xk z>Id1o91&$?os_S<=*UhGy6&3$59wic!k$zpLJvASU?LTpL&K^62)}L?rhs`yU@#K| zT!Y&-V%2f&m1;bKZB6RTQ3~jjMxlW*H)U>9qWawG7#-^iJp>Jm%r>#K&su)FdHn2x z3!DXjO^0aOI`fxAn?<>;UuUG!d5U~HiErMw_R<}Zf z6b?TXz}rP~UWqElf%J1v=2(<&U{xB?l~(b-F@b3@2E35>tfY)HSGSAuBvYA5NQc{` zp{|3vB@lE#3qab#!X+`GvuJ*r1;7mkDM37wwp^!%+Z;WE^CeBz22MYRM(eI)_*nWp zjz88S`X(3z8T0F41GI6uek={wt<~Xk6DfHu_ zVA1?(mCDbu7q9*{Nn%*64Od0;S&;zDjo{E3^Bi6)Dpjq?X>*ty1=Xks#JU0jg2H5# zorJFZX^-%;AMujn$XT^~otoM-n8pKN;$V~kjT17e`N^aY z{9(}2{|nK!bvI~|r8)~V>_P_ukAovFN(x~k}HtGjKqEy-Qz z?O|Lv015g{smlKPa6z!4ME;lGu;sr&Vv)%qECBL7G@QMFQYAR;g^Ehop)W`O zJn0n%MF8gxCubj9ohS`s`@>g*10;h&GxukjC=%P=bD9Yzy}ZMaV~-z~xM7k( z)HaaE03s_#iinu&@_*BVHYSOk+9XPz?)@SH;nQ{+xrz_no)TCH0XHqbMV5)9B>wb;V zq1#aFSqA`a_*yFV&x5TEax4@H%D$H64pcxj#-W(5TgX9j#8FInEs(SbW!Z zxu|roVWxGyRj>DXuexSmwrTn|fK~99d^*nvL>VwFvyaww+sHCTT3O%0Fq^NWmVZTo z-vLsfC2b*&1!DI}AGYy7WKClgb=>#f;XOzG+RHEoh2tJc;P9fS5$E83!Sceb;}y>C zO%}Z^;w7g_5+F13htNE>kLB-Xp{ z%f(wHh2Rar4>0RC>F52&t^-=4+S~_AiWwmY()b9gWlgSxt!4{WYQJ z!d?`*_KMiY{B3G!zgx^;_6CRE*t!9i)Q(x|aK+$D?1V2MIwj-UkGlsdocFl`3rD=9 z*r7@HqSRKFOl|NK4fcB>{gWY)c6GmUV6EfW0yJJPztLW}fIBJvz@U`j1 zKih!e67bAOc(NG3<=}@%&V^`d-6r)YW&z4 zmHVn{Pcu<3z?Ada;NaxEZ_AI~&o!9M?RPn4Hehj=;a!;gsuQhg#Ts5s{w4sk&~;wm zc5>TDN9=5v)&m)T03`e@TfjE0+cj<*1QG&8nS$s~9;rru+c|ibq1F-qoS zFNUDCCy>iFDLU;kAX0&VIrN2t{vEz-&u3VGKxO(zxhwD-sU zl3Ign3sAiYp*h*~_W^=zjuiVdwto>RZaI3j`)iEtXoF@EtEAxm+lMWQnCZ8>M6Qqg zw_H3j*Yo8;?-g%;*vn^fu&{{JzybGYP@(k7)iVd4CHH~yYg}narY1XKs!D(0&*yDS zUOvkkmM6n`EPNJIGx_>RPe2r{S;ghu8OUyN+erQQO7HTNvhZL&Yuz>EtS;e{$!D_J zBdz#!*zLug|HsU%R|djg6eY>grYHwReV7zDK1&TSA!=CUgGr3hRQE zZA1mnWv{|Uy(JUqTYz_}RA=ewl5iI|i2cMlMj#fd5TdGGdEFly#)A*Ab5ioQj%Wuk z>A%}MQ# za7vJ2w&-(?UfcMc=vVz}7sEz|W4dBn77=hoQ_t3AS;vSFt|-TVed$hIP`q;S8fYHe z1H9wFSR|DsMC2!;h9#k%g7lTc^IRBzSSN8SOT^)DkLR+bK0>#N=|6_dQp(kSNNew=h*dA3N5}$Oeizy5WQebc0wiZps0x1* zna{;mG^qIZ*V93>+?oAsJ~44dvRDj3VGMID63m+RS=_55Ejq)$;=fsvwUu~i4+v^H z$QuZBsG|D3sTz*WL~a7k0g$s+C)0~lFE!=cy8}VUB;(ru<2J&fZci+&z>;65uu3xOaRrWeBqT-N-05(7!dHcKi-6+grFyv>R=bqgc!D>+{R2e z$y)^mW0&*h9A91eAt3PbV=#6W*u-&lMuddqEQ$O`2nF@S^!OdCpe4vp;}`~_c{@nf zCR*>MIy9}?f3xWn=3kr{Y2T5f^$=!uKZM|q^66>+y#dKhdMpKV&1uWK<1y^sZ!4E! z3xRkso7wj{cJ5?O8J?y_k&v6T_<@SSbJ%5kh|EJ|IIr1rLLQ0TnGy6sJ5X%PEqp9v zrWyHeqyhLQrlC0mXs=KY=tWV)C`1uUP=nq$&=P&jwGHJwNM#goEN-yLP;V>e$vd$6 zsmZ4NEwdXIA>!UsE?;Y0hKF9$ZFxp*Hqud9iFaTj1H-$#e6e<)4EKCAQrRM7t_HE)>Z(7~Vf5*@!vxO=~xiyH$1c4G@QfN;sFKRSG6N-G4Z$ zVXqXeMgmoj5Cg|6H+nnof5ekT<+GW5*petoLbeBWc-8=S|7rLI!W^r^NFd%L zOPzZs`v5!pOIy871-!*Z4kJ#n4tRJ~T!E*lAYwblrLXHyz z&;t&&F3e~U%EtGQk%iK$P*Lb^;*DHI3+>k*(~p%(*A%7JCYdseV{7sLM3kR=H_(dS zD)8P<=@PH8(j<$>V>3CiCE+N1^?X+fw@-ldF2GAWr$fIX-&gyC=lr78gFB+XfJ3WO@XZ77WUquuyHwhDMe284 zOlyH0*6R5p`#D{RyLzfL%m-*;*_#)h&UfxtJ^!akgVSzB`n?=dJBbI!l1!>43i+`d zDJU^VMKOfvIbO*)^(%Gk=Jm|yLv4SaGoSD@&!Obx(B7dj3ZRPS&X0|t>`RMoW+HKL z$st{3HX3B5NX}i z*E?J9&abn_l)GQo;Z*cic)+R9=X-hN4E3NM;G|Img@%~Z1O70A$T~N)#Qpb(`Slq0 znm*jgKd2Y5vL)4JW>l$iQ??svRwWl$9eS5Zc+3JjE<&Sr2rW?>e5=6?X~*$|b|A(# zYgCRz(V13wY(5NIBTTm1#49E8qboa~$VnAb1ZLYC>*2`Ih66=fgX}~~+wU{f2NhHP zEwbl`kA~R}Q0$NQ{BVt%$*&d4fBR6Hhr)Vi8P`g_JX+3Lq|8oe z#c3a!!-~TfKa#T(+N;lQ9FqV~jFv~Wqo;BD*n0q#WR_Ke`rSaHw-u5nT%D{FK!uMt zKfn0$!r?C|9ilv5(?c3hJDKv%0}VL}G}MmgqZH#_+? z_^Gq!j0lQyUtTMbG3XTcv!i{U$mA_xh3crH<`N>9yTS;iQf-bDU`qn_fYt{y}n;KPt9&IDJdzfvWJuu-^ptZYgPR*Ljqu(E@dnsWI zKcqZBuR}%N9VYBe2=nH#=1A=^<{rD_FnbEsPwxX2y9WxWw(d>-lM(kI#rZn`i_V8d zpP9)(dKXZOSL=q%jvuizI}p(o^5#RyIsIjd7H@yGiPk(WoxibMI>gu8Oy8R6CYhPp zbPD1c{R5#XfWoA~y_3ZY$35dg?Ku!+D6OVYjsw~9IwpDdzw8S-nyBuXnYDubg$x17 zP5_a)JlXxqL1<& z_`aF*2kr$FL)>)qBfjoAl%GPh{u@TGd`<}G z={)lZ8K0C(TPQtyMQ8$`%R>`vxxC=3R~L)#rn+?vT=4|81(tUN?X3quTm~w-Xa5&p z3(7h0gE2;2M8|5%KC$q?Wa#L&FsB<&t=HTFlzfw$$bnu$>4vpfApF7-2~CiM;Iw9< z*$>qih9XhNJ*E|vT)R(3zd^^S%YB|O_|>8IZbUlaFp2qH`W!u`f*;+xkN>&caMkNV z*wt^m&4>8?EfmbK*23zah$zxwsF{qajX;YFOmO#nNfT{Ju-;Pb(Wp>SM0&kgJvusb z5RQdEfOcqYc|d zd@-5B*X9Q&r+JSHSs_kj-syO`IpwBbIsCkIfi5%aXyP3P)+l%bSQRNZ7%6=^dJ|-J zsJkZUYCqfMP9bjT7fX^L)ynd&>*B8Xeb1dTEqdDkvwiFjV?+5nl>7QE*~)$eCy+P^ z)-h#{E0u#v+UiN(a+hW-F!|0qp@IrfK<1K0q*uu=mH3&ck10;OO)D;Rbt0#tDQy68 z%bJAM1SXIIHz-R+)dlDo9uel}U}cxPw_!*e(T60!LDT0%GgIKb0v{AUfTT^dGIg@| zDsUiS1?f_>$}cnjEE%mX%p5cakG4)^WKc6IM?^Wu*AmSkRICA1gKuYg?&gAl!Z<1rUhQOL!*f2g4Rr-U?$r4g3MpE$;fZQ?OW ziGP&5!6^rb4Mrin7`L`Iv$sTR1NCHS54($r2|&us2evK5ziks_48w9(`@y#7qj3 z@7=`GP1(MQpv>SB6xWPONtl@8nR?6!t`+)3;hl53h$H~M$GVA}pVp~WOab6!t$W@L zKmm3Xg22CR`SNjCXSuLYS7MGRM^d5^u4rSXtGV44sBy=)wqd@@3~&){E{QD{$OWX1 zoBW4otrdT#UG_GW&Ez6Sk_riE{X=youO#jilvi8#>+oyBHxl6-zdsSJ=>`HbtXv{? z9d;O52^K*&TE$07Qta_#*)Fu>=T73H^55-iypbk8x(o=_qC23FHR`er@;=q3R%FO@ z@8}RNCU!dod}fu{Qo78KIK9b}GaLkfU-|-t`qqGpTKJfwSV4CMCrfX1EodN z3hS#B`-A)AR`sPF?Yy_4~Dfj%(KQkyXh`gg9tWznqb0MKw= zoBqlV`rG}BfY#+qXTyD@SY8-eNKJ92>4nbCUcKbJ*KhK!;$`-I$+b1lok*sNsoR*o zA;-8IlTm$Fk7fH*FLMe3YOpW+!T0H5!MhB@QY1{6EfGjckII)?$(IgbOdTM%HeNpf z2-EsBT3ioI7NB*?5EIWNB8X1n{kLE)_qQ3H;{$`ewOvgda|}S_jaNQZ5ecX*t7MS4 zB8ry0ug}?rQF%9kt9r-zL)KB z2Dw1TPXxDH%na~=XP38=6jRTCt?u+)iPE$-UcSv4cbXG`5f+8-7q+h> zW=6qk(0wmln{RQOYys#VMD@Loi>)-wN%x`s2Sl~{t5XG$5xrq^N_~H4XH;BBNz>?b z0!CnD3(PC5?$Tp8^4f@CK1L53WAC4A&}UgE$wQSgnaKKvCFVm*Z1#weeZvypp=Yu* zEc=7D1gB^NT?6f|!NG~1oFgVKP(;DdG+kqbL_4}ds;~1#h&HJuc-E~67^+rje7(in z3_#f^?M8@tX**xqP2Z<_8cd|d*#ze*_ZE7agISbqSW9gy|; zdHN__jQa=aMWfAUPrV}gt@<;+#0ok_jW_m znKhJ+Lx=72#k*zf=XBu2wz_Knm1I&~Rs{b`2oHNrJSei1xyzm3wcbOm=mx;r`L9Ov znaJ)`n?$Q}?L3JMk2dR%FqL}@TZ-|i|MGlaIOcvaFjcXx@d(ZbX3+*gI@U+G^3Y&j zK?*pHZPPQvadE$wG!1of_Y(gfr%38C2@ksfxf@ZyCbX2<5+lsEY|Wkd>g8-xe0r!q zQ;B)EFr`4G9Tfzg;VL=Qpy9Q)RGKT|Jb(Fp9!#rvddqznbYhAylxFAfi{Vlmj5)o* zeAvukeMOnPiSu)0o*=yd*1St+yqw4z;mQJsH9zp~y@`r5-yrNUU>iaDCT6_MpaS{Uwg= z`K1H08A9FDMp&r(S*9DL2~9euDu=2BIJeOYonY6fea&Em$NqvtLsDtA2a!}8q&=)EGk7j06CZD z4|!a~puZOA$EGF~dK%;conjt_ivcQtajZGRcJ2l$qE~C(Gp9s+&4-yZ2ciHlL9m0% z`%j${_*OPx2iQ}sZzm9%-y163$ch7%$WH=tge>-t_-uMS*3OIOS*OAZ#kzGI^DwN~ zZKik>WXZ2DTb^VSfCcV_1%3d{p|#37fgVPf5-vo^)N~p_m$&QnX6FFGkkut;!|GzU zxF2emY*oFmA3OD2_d$E3k?>rwt=5|LDPqkH={>AUCpI$n^>cSTS`E4ZoM$#OWqLJN zTEMoj{06$k;JA={7to?6~SD^B-WAyP4h-Aolhrf}l4TQ#UuzezvSf z-oU2&AHfehLAGM-9OwL^$&T6n$oj`tr}PsZ*mBfvj4cCj(rZ92V1L+Znc zP<2pteR>3RtaA?yLp2&Bj{InPu@?Wq{eAH}C;xvp3}eMSHk|Vv@O>pezc041#fb2g zA1HO%iK>|L6zC=Wmh*HaG_TqMaep*bX{-s7@D=af@<54Ojq-FC-oYvvDfNT1x}8~* zl3)K(6t8e30)q!ib@W&Oe^vOuJy?2#Z60xb9f0GU$dvB4Zc)B_fY&zM16;|vlCdZu z36AYZj!Kp&M@86!{KI79Jt&7MnJkvD1eMXjms_^~NVtv=BgXa|WiSX_E93s~-wlGx zDC5^5lfcWZZl0`^Y=Y@+0j z(YB)i?bUs@)PV8vHl7a0LN-=*cw+T+(qzIM1O-GcvJWfl9QW{*Ca2#L zD(jR@HEUz$Mj#g)Epq0+k^lF7LbdgT+`aXabD0a**YLFTh)_^VUhb`q31$~sBIdf@p7HH&HW?dy816>r%!eZlR|Jtn{xE!^1}~rJUV)Z+VYfJ z`H7{l4L&^$$><1Pja>f=(7zb|w0*MEC!khrEF46O0sz=_gNp*a9qv7OTJFLS#Uo2%#1#Vf#r5`JYUbaK}-tC z>x3Q`v1Y7WyA?G9h+Wv`FN44a^I!&TrJxM{OaDb>IemX4XEP-Hoz9fIU0zVl5VtlJ zBWgSC45^pr;z$xg!%(y*HE#V6h+reTR63+KQ*Jo=#4nX$0@G=`IdGmBhq1ZgGNs$8 zKtWHSQ|ijK3M#V-4=(7-VV{VuClo-~7wjW`<0JS+C6cv;({?>tfY~;$?nIMEGfL|| zEzn_`lJN%aO%RwX3d$shcK_AC+x?_dK#dKZBYzb@ToI9!Us56C9a6UED(J<#bF1fx z!627UA#mb*zk%PKnvk;XO6zH_;QFlfNcDBVPhC#&5D1Fw{-PH_6ZMZy9oso`q9h{V zf~{ya7gzQII!S`04PDbRUcdOOM?#M;1An!3Vq3zijz&1z@6xDovsCld(pP-|LKdg6 z)?$}Q*b@Q@$8I7z0@5U`iJi0sKzZ`m{QQ4*OS7xFw;0T8{Q45&8tIx*g1g z@y))dc*HCkeOiLQZukYSehrX5H~J;mI$jXTw-+P+DX98@j0F8S1kaiNtn{VQzgVQ@ z!XtPPzEf<#xpHks8aw)1Qwp0wDV^*IiX6C zTX5B4`8&X~G`_n0DR%(Nc9a};onjAO=l}z_hGyJ#D zn^_(%b*cxVTlh|wKjbcbYgt-074^m~F5WGU({au|pzV73^)~gg`!Bpn>~^SclJAr0 z3-3)_>L9sjcyiBoFJ1{P1&fycyn&IG5j*ayL*KF~&G3E)fq(i=K=LtG3^FIvux#Gt zr}T}l_c4uJQ3S&_0g7Xev%BY|aAoAnVV;&gs_`nElpbrT#WhOasn@eK&c+ssvJ=X^ z2(_m?l*Jz3zJLkFZ!nlZCRojO`~{402DGera*4Srugk6$dQ&0&)$}w?mATBsp8;W? zvhCtA&t8cR&6Q1l>aAK(J=T!JW)eq;ZDt0g+Z_b@uJ%^VH(i3y+|zrnM2~?2KC^Kw zy!n2iIr>ap+IZ!tGplby=p%ymZ4GBKW~QCvd8&OU<8MVNNL6#d*LI-J33f~XO;TNu z!ycS>(c_72XBxllCvGExc2*mvcw5Up(FsLS-s=3Y-2%N+Uv1}ZS>}Sz3HARG;{!FQ z4rw0Wx+KKi&k%XPC_2=$*Xx%3YFSz3WPL(HkafHt6THT5WA4v`>p}7FgZTo%7RY|W z7TC@);pjR$sH#2a&6rt)D;N#J{6>j(et~UbwO?;idevE|LWFxvKXCP$7n=#i4u5Kj zBiEF@Cnt+*(iK8JYG2N!=kMLC^b-p}l9JfWtdgezQ^Q$>xyJw)MCf)PM&=t{0&X~d z!5ElLk1fVIO7s%+)%n>%Emz0tYixThH?GAS*B@i^1Je0HyMyiq!aImn`5pG*oN$uX zr;V?E?M8gtRrwI5v~A9Rb%V*uMxB&3`Hh`Hv22 z$Q5~?mGa*jt4hqYKD}c|_}1c_n)UfdEpTD~aDssbVAIP0R3iRq;lS3k?E?A&m(<#C z`0>U3i#dqmU0O>YBIo1dyObFt9b3L+In|`83GsdoElcG(Ttecx)O*P`ZswpIjI`US zZNW;Bn+uO!G4i%`ZqGBMVEOZb$iIm}sk4#1GlTd{m^-Y0wS~SqS04;*w(o&$dHDSq z-m_#xE0iM{mTIPvzOr3FInVMkw~|rlc>oXH`yfQRug3-etZ8QSz4uhO@AJ?th+f&U zADhD#nKHIvWwASY1RiN-V|I95ne#B$#D(%W=l+?gYVXRY6347Tiz7NY7X1|4D9Lc< znBUrJz0R2@s)QYWOSJLBm*h?m(xTXAzMbl}S^L@|Qr8MH1^RKX1FC5*Ga<2nueKo} z^eps$f2&LfoMI?Y|7>xBRC)F#RS9>n*ej;(Vol}vnaKMqsNew%QKpPhKj1C4@bw02 zy}#`G;v2ir2|{bczv6o|yGJCCkS`D3KWKYidzDqj_Vn`~hbhxmsy#LFtb3g*=j>|L zIWi^w+FOuS2X8!TJjG6YEtr*OWzd)9+7oNrmV3s<=AtLI#NDzuzqYyJ0M9kEsREU~ z0tZ~4@NYNbfN1uSj00H}Fz`a2QrS7=WVk*cYt8@c`ECBIE%fdm1l;b#DmB0FIou;y z<+xwXQ&Q0AD)WIOZ;=p0Vy2vX+?viTv5Rj6Ymx}kHK(~7EX#)R_0|^GJy(b@Fau=Q z0{ zJn&g7K-I8%-`3o>*X<-47Uy!iTrZ!P9&5?lYBii%NHTDTo)hmazA}(Y616$$@09Th zlpqv`P3wse&8>i%vI?C%yLM2squ&td&){JL3i~6LdJ9%En9agPT(3HCSA^yo2Rg%$}yCF2H%3M!n@ZVfCSa!4p9U_StzVI4;n?}D|;;nED6(~tGd z!f89+H%g&^ak#XN7i{EqS!Ol3bx!@KbHOv3*Kl-U!UWbXB=N}q1(aHTKNpTm;4bhV z_-$vO5dRb!ANo4!2R+uxmP!elx>6Ej+H4hCONW{R$1wU`dQ+urSEFa7%*H8F?jq5-wU&VB(Ls<^fIv$KYC#sF6yYw z{oomK<4N^i6erob@PJdDKDxG=m{%bwp<QiN7cK1x&!@SY%Q-%ZipC+R`CePN6W$pSm$dh%XA;#4Ry!i8QZg&mU z?!H%brFk806PG2NSMZ@CSFZ_Xz7vA_Lhi&E!Fjgw9XsKHZCm?&hgU@O8fIs|44)2i zGv}|4`Rh@`ZZ$aQwq?!irPUVe2II5ujm6s6`2cC&dknlxwr8fsZ#SUGjP{$_(7UH3 z78xV{QBpsYb;Ys_mWM{)z0Q7|PF{bi`>vC4(L0-Dh1p0!xE^2(PKapp|Kt&0E`kA8 zQ7o<>#dGqwObr`9gMzHXL+(?d?6zyvMud}lNtM7oMMneQmi7MHzyL32hk?-Y!@f%d zUpL2;EC^DH&m7f~!M$6fs!D^HH_tbhL%(o;;Bas?IluB=hRmu-YLnzG$)bNAcbWAG zJ}K+dVsKX}AYM>rlsvFEOF1<4X=fv*f@@DcB6{t>>Ub2Gy$P6o-VtUnd&Q;-^&ll& zTxMgj-MFQjVy>Lqt^2qJ($0(Tj(RM7EHhoX zAG5jSHjMkx*xvRL{dJ%iAWZ`ZYb_iVT8mGHr1D(VUMQa+`0#1J=q8bNSsc}x`w;2e z{hopU%5?WFi_5_6t}b{7QFc1dm0|_FOX$n>mc)j4xCBK|PU1v$aB2VGoEoit4WtZq z2q@Ewa_xQp)rTVSDiJmpxE;50&%b!BX2STw$Y5QAh3YxBOE z#!YZGzKNTcyurEG=_P&#VTNcc@6_p!mxp4{dv5e~#C4wn$W; z!8F?5(>r|b-DOba+j9`@7EB=C!7N3)wp0LPukXzU#QMgc?ovj{q=lg5Qs2eyuGP9J z5sx0V8v|eO*1S8NDUta)Gn^93qOQ7w1PcGar^Y{JAK-)01k98EdUflopHAB9#lQ=G zP2zg*AaIgo4#U=CQD;N?Bw;CJ{g1D%quN1mJhwFpGm81N;P+I=m6*-HY# zTmGsi#|~RhQJd@~yx#Jcd4oVBc$ghOr(Q*WB&i(ED5;Lpd5|bJR*Rc_$!Bu+?omwV z_zJCveV_BPO%iC%$S#(+`|?UuaNT^|eo5i>Q@jf;J})mRWe zI`ATb_U~r`0R}KofL~hgOFPhsa8`&I8%nqag+TDQ8w(y~DoLS;y=!fF%~`6&rZ3PV z)xKtWuq(coSAfE>!O~QyEcK?_qu#Hy(diH<#q`Ft^iqCFr~NBJgPAqZ_TuhucUUJl z*ULm-TA7`1nS$FZWP8DZy*Uf78Gnf)?!W;ZrKn(S;5tZ)d{{9a>bb%nt&*~159iGW zb{)Ef&!Xiw;Z|3mm`+B7P+nmxAplYb6DD|_N37!gPqriMDdU~>3(v~hxfXCii0WIKLU%Y-ZyF?I+`Rl5lvUU)hV>#W@!nuS8WR%}k1)g{DD%l07B8~Y zG=o%*fTfItZFz;|?&P!Bj=;$RC>WtYoXL#2UKquMA!!1zrRunUw4P7EmVOP8>EG1q zML(d##3BrwaceJ%|M^H=z@YcueYvn+>z0YWO>zW;*9dX2zA^WQ=`lM8#fDG$l7CoIw0c%QIP7o;@9tB8yv({ z1l%*ZhSlfbFN*hQWgD3v7ZNOa;!Q7@=DA#&q)A67i&0Xc+|&z#0|hH*L@Pur4ZE^z zCe!GhBl%)BX?*p+@0GyTy;mKydDVAac6D=?n44WR9d)TA6m5UUlTs!{`**{CE0uga z1SDbu&kqxgnJu0qL1+x`6&EaG*RP0Ytd(Bv0}-Tfe{CJ~sS}4tKySc*ZGls%)PORku11dA_!uoVfoW`6C)E-#Y>OA2pzNcTy z>GH((+*)T8#etjO+NogNty{f|>=8B1=%FNs$#!w3he~(o6D+JSeaa1y$4!~1a7gPU zh?6N{v9qD)qq=a3P#0fa6nlHAII2_XNG8CTunoGQ+g(2-Fln=DdvVH>=PpACPbBSa z>4RWQ-$s5vQw6RY*9?vSu_03++4Eb_sPYo;fIuePoY1HbA+De6uBhC$?{o&avZ4IK zpBk{@M7U=3^s&jVl`Lj6?v;w^{lfYT?yfT;18yW*1DB>j`DxF!fGUN)e;ueHQ4N>U_(KA49!f#gdfqkuhvH)eB{xeen+)JOV;ITJ_Z-twRe~eqp=V$&OY4076_51ySOO&Wkwv6gsWQLI0-9S;1viGda zkUer&l&v8vQYwUu?5xTPku5T^x9rvUo!8Ah#P9L=eZIdxK99%!>0Q_By3Td3GoR-i z{jyf|10}5nr}glsTjSO~0L=-cJZhp}yG=24la>PqzfkmXXD)Bx$3J6y24&T|E`30@ z1OCSTHQduzfZP0xNWGR|W+ zvXM<`-~y18Ds@Z!I33u*_EV=u75phu7?}OM7}_ld@2uVwUJ9*F*EXqNUMp7=Jg7u2 zB*JIy10~(1-CGKJ6CG1C_@6)7*8f%g{_?2B z-c+OOkkU0o+XtPX{qhXrDm-+0_8MFx%2<7jm+YuK@BtfEr^jLbbPqa{ZOjKA$#I9C zD?3NJBnlmZj>g7f$WuzS_?vsO+&nQ0G4)ClxkWiHK%t(|d|ndL|JYtTxlI~|odA1eVi+0J5ruZyA-Pi4=JY&wpP}~6 zev{8dzcx5rAUidHX;-Hx!4}v{iAS@Z=$cyiAiAp9gTDM3h0tp!O$?|TEx+Se-*9#; z&CrPzx!^SA^yanUK)QdU|1QFppq=BNJ4*jTgkhQme1ehbiSn9TWk{aXl_$y+5dkIn zhumFDTS9BN58r)@{8vC2StoZg6?xb+-TMvxjOi>>@@=3YtrG82F2-+u_K@%Q%ZwBM zG74~i4Kz`4lHPx76=x2%GBH{?EX~GQVIMS7*)}^)dkbnNZYOYJ#QhtXv)z}lSX<;I zJkKH?VX?nLo%i}E-ReM_i;6)Iib=`iq0@ynCDFt2tCc5fSA=}}A1|Eq}Zz3{DcP?ODi4GAbd~~`3bi39G zO3ZiA4p60#6C)aQ3I*}?P+XW<2xEn z{oZ-^y04AGX7qUcqs)XP8T)wGNG4Zl9z4T0)#x_ zV+!W?Z3c4GkA70{FO{aw`!}9MrVaBHdcAU&=+=%M^OpG4QKMm#veVFkpv%v-L{I8y z(c8J!)h;4eG-GDp)xUZc%J-YvI4R@poG*wf^_SOM3R|w~>h0yvw2&7mv>M0>gQ3kU z`&UCjgzqYNFTDAuJC#=(v6==C?1+EO+eHOXx-_)Gt5sjGVk{!!)4vczKa&;+#@S04f(a@g>{9Tume+co43S1q6tfim{ZQo3cBYdjw9Eylrv7u3+faH6u z%jZGIt~fm)R`#E#vvX>CtS#gM1AyH9w^oC!5$QPW-MWVICLz0`pg&Xd8<8x4rIdPK zt_QxTUmM0LQaZh5OA?b|J6ARsuU2wep=Hq?mKTude0nyOk&diB27XGYuuxWTR67aH zfHhA&=l> za}ZB|lo?36%R=N{*taRpkHi2G#$BOg@r&+wU+Tz8Z910!h8AH7K>HG_&pphxjs~Jg zUU=tG0RCF%QFFKINRd2`($)>oHf$G!#Mi4F1%oIbW5P|HjziaGhdPB}xX6nGc0(AM zBgg}r{_*38lrU`CO!mRIQ_(I!kosk0oOd`&?8gnSE&=kx=Mf;$+KGm8ikrc$uF^8> z`Vd=Jpw+V28T-+nMQs*?`i;-_BvLKl(Elq*mLumJX87C1X(Y303S!{rwusg+vDp=r zs23S*JVdY^@&G8+T~|2?kg!=3d_~nc*)*nOZHEdMT6=m7S3C9y9)S~lPCFuQ0w<{4 z_VBrF4YYt^WwVQeB-_rlmcuwR8GfLvk;I3UG0s!T(9>_9xKjsBI)ct*zt!nkf$E3y znRCd!K?0CS6%v3j?mI_LjKPpa(`lp$wqMyC3e&enk8aVzz98J|^+oz(<%f^1mgi7$ zh81T?Z3nM)Vc+pRI`6e%!4Eeo6%8Y*OYZ#mi9=eIE# z=3k$`8zy9bMTA`K&;~(^dJQ}&Bqd#n4Y#*(q`E7DaHN7%wK1DNqF4q1}X?zOA%3dR7<4W)zA5(IY_W%A9(lpif z=F7Q5U@?9`Jtkxi%q}?NLEoL+o?^L5kC;~IQy8LW`u!VJME%&S@WStyQ5vP!1Z*n! z6i5`B-7@FG!T%N%O^=}awW8J;)S_y6Za&|nrX&nvcNZ42R}V)hScuT?5G!U4yNtvo zU(qu%L%HtrGu`(fIm)La`9=L}Zw#`9m&$O05Ti?1%0LGA?@IFSCl_d@YFEXHS=^67 zNVrJyKcK|Q7SIh4b%hvbeeH$NKfk(HGr+$@l7x_xRXhe_BN_O|Sb zG1ue2?-6=vLC&{1cdt?Ne-OteHC5Q~ZpdyTV*HN2^jcVgsv@>{;Nva^UHh8UCEG0jFZA2L+IqS4q{xj1D_Wl(hlVuLZWA=sDzf)CFlP&YlV4Hi0GJqu_tttR~mgRrux{p%6Qz zDErX2{;b?bJtOBrRh{Lkuul*7?g2Se1WdD%?1t&i41XT%x@OE-w0FR4MdM4eLlY)t z-zjwwmjRO7M5>V7PC5^K9?qoJ7vL6C^FSGm>F%9 z{MS?yiv@U};1<00d2ojcwg<@?T~@H@aA&{1+)l~w5AAYF#fZegcR|Sm{gnmDOpG;) zr7C9^#dUsJ>v`~ZI!)d&j%tUGhM)3}68X0)KfC~xJxH3wUNe=|x8;c%Ae|5S2nwX< zjt=A|^-g54^G$q{nsL955g_RYLDocRBpfRMS>tl`@^~dgBX}*`*Zwu0RA_m`OeYsb(fk}H_(qUWC^eO27eQpE>4a|JxDXL!lvVBnQnXc4y z(@RVve)bTAo1h_);9=k<3w>Hnwfkwr_n%;w!@scjT)2oYP^z^iH7lZv|9mQc7|NJE z_Wc>n-!Iz-1KUp$Jg{`1j_a4t>KzA^P4xurs9!_ zsI)e`Yavdmibut0aDTzc?*+T{#4^lHy zeQKaiDIU)XZ>0NbV+SaCU8NV=pM0OBEe}(Krr}H=#Q1JG|IMsRajf-sh_yie@mWNt zwsE{H~*EdyCDWOtM;)68S(R@`1xIqIp27X*|^|H?soA+5FGr9K&Bf19`jG!sd9+fk&nc zVD+%u`&S(;ghhnWr{x0WK21Mq%_!Js`pa)+pwv^kAidceQ@qLE5A;967CbGuAMVxg zJiT@wbP%NlKQO{g@BY+nM)&pOb`Z+2lY+cI!f<;JmaQ~sj^E7qCD@C+C_R{o zQltC@IRT=zH92D6@_=yAh)^vzlj11J(U;e@$qi+YI6Sn;39f^FJ>PJwaTN#zqCKqm zM=ZyS=Lt)nj`o7L8lbSO`!tR3F~;tIw0yBVq~${nft*liFuRou>0L+uusuR|8QOye zAFbUaMis8IY6AFL=W)H3VEMq}A4VL&o}w1*ku<*t7it2~zoA4;=p=$QV=n;m3`Yf2 zrXK|ITvZ)UzH&dUKv{bIG(_Yp!G}OL^IT9!Ui&2aG5J0Kw!F0l%`zUHD-d6F)JVP@ z)4>lCtwh|AXuakOYMh30kXU}D$uF^Iyh-bkb!Wj1vuXy>F=Evzq^&moS*`AV7$Ows zyUt(1#@Q=gqV||-ckUU@exhgkYedS<@W$WH@G+S>%$9b8bhuf4lJ*-NNC&B+tfs#s zUMf@b5w`cIqP;E~_bDMcuqGo{I4CB3INuN;$>qZmZ&8+KTe^oj!AMR>V?D%xR`r_OQV*UmlyE2o<_1UNj`8+=4)Uy6Ma zmjG^L33=<rNi~Ke16*5&5VflF(pmR(O ze9Wqu*m+zy3LrmXkWpN7joH}t5$xqi&9g6r7b!pa>lNBL>||~gEoU*u6h3kB!U3*d z8l}Ai2bgHA-6e3*55Rz5a092;UF;23ut?-^QH~fhj6V+aw)hq`HuVZ}c{dEo-Z*O^ zcDVCi(2MP7<}Oo0pptbYs_UKQeVgGI*9BDWr_ID;G2;X~Kbr~i@=bZ{@ik^b&68ey z%2QCicqwek&#^j?`c8gz*zeCHh>&Wcrz(C^n8q^A54>(&R^;YklK(F2mtDOAy`o=& zQ9(&q!I3v>-T?k$Q8BSV8W!4_)y7(gzS@oP(?S{5tijV+EN#D9djG?3@%%u3gq=|^ z%{$ds*t$biu2||#pn0aMB?vW0S%g6|a9*=fxF!OLiM-sG=OM~!vh@-+@4}u!%%K={ zQP)(vz*()n2Z_$}(VA9|=FCBU3GGWprmu3h?f@y6ZRvJI9#g+6ow6|qwz299$Skyf z)(?TY>m>hJ72JPl+mD1fMKViPApOVx-ND{}Uwsiv*X-(4uNNTDsN>!a%0nPLgf6+p zWzd@;uKaP@={N5lsBE1pqEMo|KadJdE6!9evBY<`X+a*LX43=?cRrm>{^Pt9vGMpm{a_# z_-RdVo`L_ObOi|W;-YR>2&C7!5}bdS|F&52y{5rm;`HM-79T@E_+VsgYQCcSD)JCs z;!g5k7S0M8&=KN>tvqDHP$r}#sa&JiGY!FmlEfsI85Uz=eS!w(XVB@mT^ z7GXA@XTy$}p8c`&7zCuzFLsdW)4~w5WN%N`E4!L%bwTBpB2+>V3Krt(t7+L*Vt7dWptS;Q9$n*Vc;~s7; zJ!rg^6!ks|$F{g1{{U9ll^9@JcdB5g)h?k<0K=VU95pHXxKl3{8cSS65hdO@*m8pw zo*!3?N9Ds){+Tven^XgNAVFXWt*EugD0Ei*nMkiz+Mbww_&2YPB=74$mWX!f;||n- znj3vu=Vh0a$FSccpKEpFpb!9{o#AfXb?|s>JTB%f4>|m!V&HZvkiNwevTycd$t^(Q z@w?}ZQ=)LS6CmpZ#sv+^4A1L^!nPrHoCruI^Gw*b*=O0OKKIK&ZbZKIw>h{?)%rB| zCJuWAB9j8|C1QOVR3~Z84k5m$Obunbs$8pW{`S zzUr_+o6!Iw^ljueExOy1eStd8%|cge&YZsNM`hH1JsIl`;z^^VkE~0nw^mO=gw99s z>751o^3^$RPP&>6ND~io#FQGEGA}#@_N5oQR_M~1`%?pnJ?TGm4U>}6n{a%A`{4_d z@6<~YMzP`K;M3@?!e6@iQ@Rjpcu#lUhx;z0-Ek9MYIdb#h=9AGUDQMc0xoWOimJC) zRFBpOr1N%*O{DWFkj`{2zaj{vGk|~rwcJ}db#S^V262?3(a4sh+q<;itAIz&^~q(q zI{cc&3=)G5vB~_m@h(Elb+I!~)LRmdh3S>4Wmm0-(Gxiiw%Woc!vxf}HbbW)FNle7 zHRcFwfv*!kllqFv=u`R=C+mh9<1`MdT&}X6@R_L4P2J8QBqfPW8WTZ%_pd)83%!{t zP&v(<Ee?s@2VVuENGhsXXYRQX#HX!!f9m77+eXFhiIRhd zD8V%_v&LyKzkwQX-if_UA(4+$e`$L%0u%-}<)sXFC;(0G0e6y6rjP52>DJ)l| z03vbh7-9~d;P~B_EMzpRbb_P9=3Ezc4cua2On3lK&ucCHhy5l>mK5?3_W9{Az(3}- zJ6tyQ8M>phyn^}J>ogaO(Qji&Kru*V+$yJ=y1vQQNyGsW)M_AzMl< z5}V%Y9RUhWi4!P&DnRR<3Q)R@(skqtr1&Ep59uvG(n>*Q(v5GQ#pDD2*?SbwWsD>m zGu8)ljm8Sy!!6AvRoo(nWV+nG+|7{<6VTdv1!mNFfeXU*y+T-<6xh%`9xU-dh{>LN z2DuzCm6>`DmCX+?{aapzaC!|qABWDbYGqTp<~j} z;&t6Cs;Si^7Z8C97-^>JMPLQ8>e>3Rx!wghq%SPVT_uu?|;AQHgI|!Dh2YhXdp1ZTQg!@iRne5pI@KAldpFge!6Y80C-rl&2 za=qyT>IJWU?diohLM%KbVc+h&y|ICV(A9`>>2a3{xBnskVt{1_(BEa0I6d?p4jLZ; zt2bTa)n?zaF!bn?H1yC%7@ui>8F2>*G67}%%O`sYrOE>1dzIO6+}=bQ?QUn8|I=#e z>gyDM>Okq7)|`|j<{u7%IVE27KoOal;d=A!*K(LNkngVQ|8r08Qs9FkY_y!m@t7~X4$hCX#=uVslzZ22I#I6S9jQs?`XtWDCnSRsdu1;r= z=#`HoJ%A`#OJc+PodObo*oq7l7{!#$;kgiz2M`N}%+`rhyKutciZTXv{ZvM$FDoQxu=%7{+zcQj#D4SBuEL=|rM4C*4N)9Ve7+IZD0pE!^fK)tU>pHoK%@N-^<8n;JmL!KgOAP24 za+*0-cgd1P1j&4qUm$uRe-R^=@Owmv0U#R)rz&(7;>ZwA#reDB=5X9=gkxSlLKNR(3T^h7@PD|+j^z6|eK!%k7Sh`+tkNx`9SD6~%jnL5# z|7g)OWVp)E1oOBcpV5@Urx^bh;I{W6C!gB(LZ4XXy&ULg!BifINfuK0F*gdyzZ2f-^QK@7t%39h-y3uw z!G{`R89*C{x6O;uaaKx+JLIpH{XH{H#@faBo9%<~n*y~BO{?v35q>Wv)pc?-l3W>R zGw#T}ELR@z&Wn*d(BdR=vE(#|JWaYu-W*Z7>v|J{iPw03KfP&we~Q~tZ|~`Ci{Qsc zbDM8s*2ZT5AHI@F#<|*%h*~XJ;=IQ=c%Fq;^h;AQR&Z-IPc zO*GUcf(ecZXSz#IJUvKhrY9mJnL4+d=GsEG9a&Qd3^CII-(e?jM9b_NK5Bq3WUC&(=b1YG_5}y zh3bT?(^gfb{Up;jgQOV^pEBQB*3-T(W`<2o5*z`X9&qEN4SwU;wefs+2yJ9Nd(qpnCOUXmq;4^6jOBI3zbxo9M;p=kedHqGvHFdEb6d zdvx*&6WVu&@o&};=#5_$VFai#9}qI7f!JoNcVDn-qD!gf>UEflBPGWMCt#6R9{T3dAPO~!%vj7bgx1J@K#x5U42}I|&R|XJF0qBJ_R(9< zlr#`PO^dnHB7$WmlqHF-9@HVWFquBJS^Aly6_zIQ(_ue~ot{_&WIVCn-dyU69x3sg zvrflEGTj#K>h<)vO2Q(yCJPx{bGSMXI4nd$y0TYi@x(a$1sf+V(bMg^TlvC!%Esg&n4LISt57=u3 zGkq)6)~!Ho-L&iHi{PXCxq300$5>Gilce(nXA-G47c@OnMDujSD&A$7jHKVX3^LL! z`n(Q~v+?^q4vpIDdQsQMRAYb@vA)+{`Z#RB{T>;;dM z7*|-AV2mxSqw$x4A>%L4vyX2{dTev#UU3}x%O%X)f=}i`tC!FPJ!TLQQN|mLYjBH@ z+MB*sVQgZWJ$M^B%b@I>k$1_~kN(#g{Fp$VJwQclRX<{=OpdOlJv%D3$MEKjO*9hK zHSjcsBne0!OHd65wPi?+nSD}OGaUMCC`xmy`mnO{E_5yZ*Y0$Dqi$MchF8-8bCxWsQC0^P(l1NS+*l~Tj}W* zy$5N#kt8mY`{ny-!3DgaM2{iP-7Rl%oFJ%pj%q*J3-z(Rbx?d1 z_DR4T+|n7cMhQ<76v;HZQY|d~HSHQ0Nt6yD&_dqj2GqhgNl_-b;Fcix0a=~f{*cwd z_x}PsdPY(^>j`uB@Tqj_&=Mn29hHPv$>0{C&yzI@d4}v@m)Ude9;#ph+yV*j-h=pa zV_zs-4H&*dNAZk)HVsv^%rf<^pZA=X(LKFAL0vr6VLdiSAhbwM(a7zo@6tTLO zXOr=B5;ON80H!kqKs$eNqX?W=jwgr`pvcPPIW_T~A1VZCO7q|@vHUG4?x#|OqHT@u zpfz5ejA`DIbZjZ@JlE$v;64aG@AvAcaAn*g($I5 zr!5M)Mwr8EI_ml{|zo}?%2Lpo?l?#_nG0f{#baj!>juTa|K^jp@o@y0J@qT z7P1-c_Lz#xu6;A&K?hM;OvT5cZyiuA z)SrkmzSX`4D#7Mejok4B)3N#4!(*u+m<># z_F9zKlJt#z5GV)?CXsO42ywVzinIE;3+4nQPb*%DbdUiz@u|4GIFt!8>*X0a1aPOa zz+ZpEp_ELdI>(hIh@RbXrI&SF%IUwQm7sV0$iM}ex>(niS>coeo3J~HATpXFd~JF! zX8Xl)6!}HDvw}tnPbKZ)Lu2qEX#KANMiU!x6PbShX<2%bHh!gH*Ng=e)DP5tcuBUu zY`*p*$7bqj(E=1m90BX^CQ(H){p#dGyO~=#3f%^U#fIde@QX$#rXC{ft|LWZ#3A`| z2v+gW4pAq$)$6P6j#0De*st2Q(8V8CHO&d@4p6Afd-%$%yUu#Fv2j zPHOnMI;s`_?-6>#2wa#O&XlE!qnP!Flwp%i-Gri6PV>V)fk9 zbyVoxK6bQj|k;VL{A_*{GD2~50Snf0~)K4?-_6M?jgXrdiDOO%)wq8^2EAZ>F+ zyp#GajE zQI=5E67m<`aDDA0QdRLwJ&yLL$QWcDZ-Zhwk@6b%dylMcEtWhSvV9QBASCV5k2CA> zM*@&GrcIhUUT8(px8}I(?NL4MHhX4vv_t3*0RJ&KrWh{b@g4dqCPsdHDjpOsP1HfO z_=Jn$Iqm;S!eaNvY=({dH~$W7^s!35*AoZrKujB8zP`I^8x%}t| zm>P>Te^f8eFBqz8I=`_B7kMRf;0Yzg6&B#x_T`xkbxf~~1uNN=K#`Og*6J;UP%kb@ zX#$$-*9=?N1-e^{-rR=2Do%!ctKcFO95^x!-GzN|{B*;&6h%doWMz0WF2IoP0+*Y9 z)+h3hDvl3(As`emjBi|%zZivTcg>jmS_i$(Is-el2bLiDgAe{`35jYaH~R?9WsrYi zb}g9k)tIY7E7G>6&!CR+SqDNV4w>4Cjvk31G9hu;W1}McWsiA>njrYfYzo9;n#!UC zoU4O#ZhfBpbu3{c$P(U?Ajt2qC2BJQ(PBa>-D=Mcc;NcP3sQNG0h7|{@#)O!2&!-# z$ZEmyIEZ?2ANt+G5CtH|ZvAZ+eF3$nQ(o<+rBKXigEP2rl!6}{%Cx|141!V7+g}(s zD~w4v9do%k%GBk4B}_o7;nEIt4|pkbSDVF?ql>?}-u&|T($q-h7XjDliX12c8L_-( zf`7dPWYhM9szTD3C47n-eSplOLkEH=lbC9%P^hNz^ZS~`x&z!`xV_aR*3$wxKp{{< zkV&yq9J*q$1b_3O*(4LRi9<;hf4?}ZV|(oW9YU-=Ryyxtsw<3hAWM>g`h`&V!22+_ z`w&k>zCao99$JdH^oEpd`X++Kfejl2&JeIc{h?IL+7D1|BDFp6Obee*&-NfF#Wg?m zWH#8x_ zSQ$}Zf{i7`OycD@XK-;~!96I4?#%pqLz{;Bgv)duv3-gP1Pu{PnYqnM|0U>UmuFfT zpR*LP!`b4J;$|e-5N{_!Ya)$?p3L)lF)BQlMVizoU56Wy_tQ+dPkeQu25|x4inr^WM|j)<7Eb*+d@68+Sq_^uPDPaeHhWq^#|r6`Dt8daX6thT-I4s$O9ZHIP3Vn)v ztyZ)dD%~ay`n`~IL|SKUyRbLj6SCZ-RJ@m*V8NeqL?BynJ6ZbyAq+UT;d#g$Vuf=s z3)B!n=EkZWWZINO5RX69x0=LlfhvJuCOCDY|Ec|qfU_5rlzfGMGq_W81_QCt-pTM< zuzZ%e2WglvE!Ybl??c`qD8Li8e_okw4xpDK3D(y5e}((!ByA8S zY}GyTjDR39r-@f~vj%wgLl8hsta`Bps)e8@*yL9x>GPO~YpO3qT-9U&0Y->;#_kB# zj(-dLw0BR&%ix%=uqNbYe#OAdm*jhNXRLva&vty-J9HoDD3{^(1iZ@}xr>Asirb_H zf{Fb2xDg*CWdB5r6bA!v9$Lpy^4;$&fauhZ2V7Cm1c@ZoOx7}XAFL+E`nH*1S6DLk z!E|8(xlfG*S|)>h?1UQ+G=8b7`F+l(%T3>7HaAC3vq}YeavY(C>X6Uuj~`rz>X3%s z%Nv?#0-tC`}lYIk9n-#WOOEXF{le;d8h-q+^cLMkCb!nmes)jEBx7?f-^sa zB6vqIaQlv2Ajb)zg6rjl#$DFmZ&}Vl@6F+z7P9Qz04&uAe=Od>1I1L%;${S_f#qXJ zLwd5uzQb)9?1L|)i2b??@U0E=P)FrH^WxSsUE!2Z-r(|T!4^AaF6oE>7}28oT*xL{ z^hMHEvwLH1;hEHa&ssqcQkKON1qlptq2}u_+b~!j82d_~%q2#o$W-KLKQ7mWKjA+m ztH{Q$Qy~rlK+cee34YQ!WPyNx)33U0WRf#!h?+;H#KD{Fo82u=s!8svtJ zzqS#)Wsu{T<`fpKS)xa#YA2(Zx31_sZMJQa@kH$ckh0l*%f#=1u*qdfF2i31Zi{_L zCQYrk5tm5=zz_L8F;$oFsaU8{nuub)0~JJK=T-K`#~`vsfLBEwWKC*p%kj-*4N}Ez zrtOR8z+gROf3t$U%gMkrMGm!385)ZmJ(!yz9td@@#o|a^?C}&p(GbFsu#W_`xuHS} zu8osopOl9nQ>3P0NAurj1uKE+qg<0^f3Nw<7C3%3d!k}dRj{BdP|DCCf&T9<$}>27 zN`aH#M*T>i@PENdd&qccjJ~zzFl*U9`tH~FqBGgFDZGy6ce7ai&Vw51ufI#!)k-}Z z6;|jCx10Bv9~5)_v;5XQ>*e3Sb%}~TKkj%jO0khla{)%DrAEtfKj~QPDKjR&%_OfO z0)6>Rce4yL z2GrAaiULn+rD)>0T^9tdPEdfjpww};^=E=qd~`<^7x8vL-%J}*4dr>dH`<>*h~plD zA20>yWLXb$B)0e)_!fPUeC*;!{~5Znhr*E!)Y4A<=LB4aJTC?gh(LDmFi@; zD5yN<8?gyd-gZ)S&csiI7e7f5ju9V|1P+wmcBHwDL?$g0o_E_{ypL?|V%1 zXYVqcsQ>J5QmrN#HH)*iW@`L`{LX#! zkKRih4sWm0je<9Z1Wvo>8opE&w>kK695i9CfsZ!fH&l^1<1gF|%0~GkSRR${{31UL zNyct=;6hdkVjcR_pggN<|4v)P=vH6w=GEPdgb3*RHGtS|fY)E9Y9YGX>9^NAqiJ=6 zGOIpOTJ&we6w*F!&=&)av2Amz+AKCL0GHt}d_I?8%lmY@pEy$({U|)zE5Y}a1%@?J z1`UuCAL0bjb^F34?|YyD@@OArHkCaTcqxw2t9!3O!Aq)Bjv1?Z&sn;ZrH^ zyIaG=t<;zJ+sJo34hLQd7jCq5Ia4e>LhbNq6D`gD^(5?X_w8JQM~)sN`@a13g_D6^ z*wpwS8?#&>y=nEug)8#xr--U9qhdyh=P$MF3ixMd81_I-A#ea|3mixtw&|jTV6)q1 zf_$#`-doTYetj4fa}X|qrOuWYeFtP#^iI4~!c!?7@dv&567c>Y(e>@J*;p(9ns3Li z`5*MXORq*71l~$bhJ}fogl;1-R)@b{fW1r%p4+T8emVAF zZge}Fvp{qQy{TK3m|VHP58(Y>hMI( zc{yF*tD#8>Ex!lsOiQbM4%%JS2e1b_hGiH51JPU3{rX$M42nz zA^C3Mt6%&z9?A8Ge`?$D7%6J_oO$LXBTZ_MVC%6%n~CM;AeMJWT74$i*sqh_f#te^ zae5k&f4VQgg0Wz|u#(8j!oG|(p9k**&SSKSuE)nW@%zH~CttFz5b))0zOPW=JQpt1 z6Luu_5-^o4jJnLbAXJ(u>}4HiVvt|S7+*nw^>o$H;5f;Ziz*^I8T1|SBnxm z7)Wa>xi7qHFJ~T{v(D!NbX;8F+&ALVeqX3_{68eh}GMKckT0{1px% zI@xAU5^)ZwDijlSq`t{d_O%q zEU;1`&>@oTLq^rAha#%ld-8vM`GSXUwA@zf`5ZbAK+NOrF8esD!_szhWov`MQu*pp zbKN75B#I-En0A%8ZLI!4&qK^2ORaKs2KXvX`{cVPNK;Dof-w;K%;Czu6P6Zlo2}DG zC&8U+OvWs4cBiL-*Vx>%KuO`gB)IPAYIEU=s-fC0!shDR|8!33gU_vAeUJzWla3hmfvIWyW!vyrV|ngumUEhsHaJ z|Fyq}_XmZ|XdY&}*-4R7<+y-sOmmC1hbw;g#^hcfOOG0y*~Py*-Q6LpU4`$EaXu%c@!npLG7Y>XVW40?O)kK9J( zf<_E6znYvV0YYS=QDm*9=6VvY1|^@a;4T9A@l~KarM$UhYs zy>Iol_$Emucg8i9r@kfN73s;v zBQ|9MkVS0e5H?W+YtdEevdu6s->a6ro0V0w|8xOVf#Nzp4rVwMH&pdJ7*uh5vz!1s9}iX&J&lTe7~h-5;(#Dg9JC zz6&P3e(yUz3I^G}%r0d=P+=-0S56OH1evT;#k&b=4s{q_o6t8A83Hw;^oH2(nFbwY z=3U0CioWkm6}g&}n`C18KwZlh%8*xkdb&SGA0~)Q6KoHZH5E>Az>k<>WGz-osccD> zxv_7L>iHpJEe>TZO*TS~;M5gMPoF3J`&ii$ObT`w&&_iI1m`rqsNean>fn;R^k?qZ zkJK)#;L6-{BZ@!3gRNahXDo+o_FxZV*hA96@F{n7*k@_3yg`t`E;XIi{lI4-iu}o& zl^uvd==_PDV=}=QU^FZJSzUpsd^7Q-r#96k$0waQgyx+t(*!fZGp){$e}0Gu*1KW% zc#~HE#W@hOx<}w8Zy}bUa~jH}6<7#28Rm&&b3gO+*2l*OYOgsF_wR?RWOdK*jRxD= zrMYX2fG#-tWgz)F_ls|FD0C12s8AAC4=Wi-&g#}fr$q-5p1mcN-SZK|hnJ}E0Rl@4 zx1tvy%Xsn=s0oGX4JGuwXL{6>(golqHke+xPjT_7ye|=26hc+gPXB8-U<+|Fagbz@ zAghzh_2s{DH4#+wpLqljaj2K6{FUY~LAJ z&gg$%F8^Y89ldJVmE+oTZ^g!K{96{ay_ zc@Lo}kgi-;opFKU|IZ2cDR-xNCHDN`2z^;};`(w<4rr|mutdPL>A&Uf^1VXSz6m-eH zu5bfE&qPG{PFx5}LuGh>jt3bo%N#fMa8GKG{2LZuf+!ePa-h1YK>e}qBK*|j;Nsgd ziM^d1baAvSj(uS{0INH6B}$p>W(q90;1ZcE3Ho_@EK!9(#bK2+rznUb+tK(r+&crL zwKKY0Pn%@{CIEyj$!elPK{n={zeYrCz~+o^GDN@yn;Dq49AK&*cO41Kncm4EG%&G0 zRUa4(x(6VkU7|WdF9r8$8f1>@P|0CJ`lAL(qMfc^_+HQ*GCN=t7Z{jW6IPdt{w@O@ z3jn%q`7~WY9$caX2Tn|r4T4=EtDsNA=Uk2v{;ASO#BwV?&&Z`1lx$8lv%G#rq8 zr&*3RIRw=#-V>?|ES)Nzf*Kysd`)OVOdtN)S7qMwcF9%IRMKTS-l;)DXhv4QKn&@u zdA*nSeGC|aC&hMcDjpwzmEcEWP5`U{@SQS@!VQintMrA7Qx$(zqYP$-e6GZ%Nr4y{ zh#9W4SJD1tl5^8-Id*@lu4f{(Kjt;jArC4;&c)avmY2n1$0{6wUSQ-s36|eT>%7WA=e`SjHl3tW;Fw^b&}j{w^bK!mqC>UL~YUeE(M& za{{hlcOxpUs ztKj`VA)(p(o=1&>QX?~%5oV`uzhVOJREVWHFCGPeGXzi?5D$H#BEd_*ap?RVlJA{# zz86j!m&G358I&F6c)pV?Dcc{GtIWxL(rgJE%Dxnd>x+VW(ZHm9KzoNRwFH4ii2akI z!EN_zXZyAiF$}?!^2|XBp(m&G8X*e0CFw0Q6WY_gkCE_P*!{6n0Kqhd9x|;{aSZ6e zCrLr=tj+=jBNbDhdLYe*N@XufMb5mLnZJQCfWCQ#19W|eI z1JSxP1f}sC4_c82FS1!8-h+_)_Obu`m9EyCP01^NOWb7at5dnxJ4Wh?m++nrx4$0R z1Ac&f(*DX#C2I^KS=WW99zQRpsL~D40zu6Y#K_d52koN0E%{as?a&W#_v1}v22<7w zC9QQLODA9)nk*2$Ya3NhqSToz4UXV~APQqM3vT^;^@ z!C2NnHt3uxERSqj5x^+T;;%cEA^s$v#%)GuY+|x(_{as-} z==oB*!nfD7`rE67+p zd)W&A34wd$PqarsUcTzwKWB0hoSyZ5I(B=2>WaNeAYHZ)i_tncH@yxMTJXAN*16Zn zo6?^WK*qD@I6F)z^h2zyuRLJ^uTi2v`N&3t89K*6VL2k-arggcz&A-mE6C5c~`5-q;o4YMn>2G6~-^MCwzLI+;x^pk}7- z^!AeNDKw_DF^|3BDz48Woe&{I18GA-3u^6n6@DNBbj2;B2x;fE6Gil!+ zb>J{4gBpi}YR~Ee-bMNrvmplWuK(HKMGcTVdE2o^wAOvUgXpo+pC^C!#9Hq$t=8UK z6{Ei;N$}c>L$f)MAMNFZE<*(SzzUhQek}^v|Bvi6SPnWzhCQuT@A}H{Y1>>tP{DAc zq@cPTB}9NRn9@nrI0HUG>rUOYoo)83UpdAZ2kKSKR7eOOS_tTJ8 z=a8PFGbpRk%u8{Hr#EhAON$l-*FlmE&m8z2ZOS|HXY@{{)VLSFl*ghNXxua*`AXaH$84+Y_j1cg4)Fr!hc@0~hRKwrRv%(GUN05% zgu=lcLi58c&+?l;`%85^vW)<+`qRAYyi$ks+2$VSI}-{4?1})$VmFe@&?da*EyO8% z)e8)?zDq869jk6lc`g2DZ2YS70VOK9mfJ^}{u=~SvWAVQ3Xkx^F1I%S^%!>k>ncNW znxLDQvtMxtS#_zfxtqV~y$mtF?{BLc4||4$s~*X?3+~|_tH63f(qUJ;2CO|xQ0@mD z0R8!!!Gf`Bhs9jfN}uUDs-7$pJ_{Y$Qm5Npx%r=hYCo=Ua1&>fT}cw?*Yk~OU8*>D z@7YfXcp@um?oz{hE@|HCu=iJEf+^^Vxn90bo8|)XnmN-<5dXwJ6KF&YT_ZYh%tL2-mg<7WGZ|Viux;bvQC5Y1P39B8OUcHLqM~lugGwB}aWY87bqKIcoV#!1(ORyWvgP!)ShonW<85Afv z5|R8YApo?@Wa-o;s+H&!uH*-PpJ)R?tltlUSc?WMIL@SPn@9yD4h%T$ZNlqR6j^>6 z#)xw?uxQKTF8KM#TH+u`n}C4gQA9D*{LhM+2=X=}RvnDl)mk*?;sutp9Y3TA*ndBI zkz^kFdrhPMcb|)7_kq+{2gmOVeGk=h#+qic2U$;u)kvBi;D!(;peMHdujmORu}&sA z{ma*>d)Q={Rw$5xdhpqCVeg$opZrl|`Vc+3sRQCV?>Y5mSIvnGdfMQ$-=lU)@GOhR zVgXF%Ugu2u97;2BwVWNj%p$}Q=pX(_w(RbMJKy@%A^uzbC42TZ+&*dSF{Ih`hVOvc zX3PU-+qxGS^P4zjJYM0GKYvPFt4jm42G%+q(4-PF&Q={_f&{1OEHm!2f+6aXv*qm_TypW9z$P>i-k+|{z2VKjYxe*pqui*q~?<K{dES8p#s4!u>0<&u!*z_-j7(p!U_rNsSI?%roC3_((!+zOM3B)LQAJa?PyM2e@ai(3aQ83%An!Y z$d~avgSN#VHsed>8Kau?)D`c6@}19!MmM9`F8Gqg?7wLIm@!gKVzql(@oE>?E>=wL z_yrz*T?1A=;cg#(Yz9I>Uidz;jKM3iaRLL~CsRuRqbNuR7{!0Kj3EilIS{sIQ@#HY z1(2`4k#m_bs;t%KvSXhX1Q@!0XS=NDGR%H7sNp5c$2FcKaLz$O*|PtXjT00P5ZF%X zd58{~P}BW#+a_UrWb)B%e;JhUzpYTdI-~DISGIEZP)tgv%-qR)gt~~Z-v4)mCBnbo zNq0MN#WpZh6^u5k{a*ycNs`@?AyX8SHcUn*^>;m#fZO_>`Th1fD`EBE#!!$Z@W}Eq z9+ioa)121mtT@4okw+yFfa0`nY7;f*L*R!8`n%RUcdK`UIthoQsJwpkA4)^3bLeRD z@Yuy@u!$udyV^F}fgJ2$W4Mmf9Bne1RZG!re$u{YLdTiU^a^xi$f-0My0 zd!*O9tWV%{RojOiB-s>Y}fFXbwHyy+K7ehefR0o8FGz zqa2|JJP;elKH)5#miPBj(QvGp@9yTCJpmRV>e#IOKLZ_Nk`Ql*dO`A!d{Sp>^5sz` z2*_&xKkU7CRFhfPK0Fq5(7}dCFDgZ)Ntcd;h;$GsQk8(9G$U0YAUaA5MUf^|5JJaD zuh9V#5CrKRl+b(VJ->6KIDz5$zVCg1Ykhw`&swvd2;sg@*=L_!u6^xCvpF=9Rx+q5 zCrVK53}PW~Yg+%QNcts$ENft(9n){AwvGEA_8w@n$E8~?i-70%}JwLBoaCZZb=-=Lwq9F_D?H7^%KF+LcCF=IyNHQuR-9j+5P$iCx zJ>pCtA`@NhbXkCk3PUH8b0g(Fo$3YI4FZK!!`h1BH?(c}9 zIw_L<*Ln5=wx2{)P~UDVhm3NWV5n9(M$vUd*r>}B8^~~ax^(`pc%-%Z{@c(M{9w3w zFAv%nEZ@ple#_2_%ae)Hd2BEjKD-|0Cq^_wF;PMLn`}oDB@+r3C%c(@M*#QdZd7Ff zad&sMh4`3BG*_HHS((%L)Ak%|9gSfIV1K&JtDsIh9D7Dt1)Y!3qD1XoX8?NM3N&cj z=?oI6GPFPTksm)e==Wo$5qbJU#hdXRpkVu}O+*drK}9Hc+${c1YLAC)wd*ATL=vz(T&`85%1Q?Qd3jo+qjl={fSmco+#Ie?k?vPMu?KAY&-VMd4{?$JIhhNYID|VIz z6pe@EdK`r4!VCAPHTumn1{}``QC9)d;~AH{-&)N`xvUQjleg+A5~AR->Bu`D<9gqk z%b;h&*-|K|I(y-33CEkI37_^RhA&?flGl!-TG$!n zk&JZmDs)uxYV?dC?j0zFSgrW>=^5T35&I`vhp5E!nS9lL`zqbs}uVFilFRI_Br3!MC@X~H>j zUTya8a!`TziIH>}O--1fi10NSe(J{NAvGES!MZE%ipsHq=MEiX2tPy@d@kK@0YCp0(5hwt3ZtF2SeHG6^v3|`yCVD`O>i&`v+KS4-HRWy8@_%$9nvDCp&5LThEo^X5*ZD$ zHwk5BQg7(S5{ioWdBhMdQG%9#{=q0FNFfM9q2R?__e8;^-Ym37x?!tR!M`-kSK0mC zXR+Xa?K$@~t-A8KZOVotbZ5F7=UWEaak5DSQF3 zd}n#2U0wd56TEOekSY354JRjOQwLe}T)TW{xg1aT%z3*?{pN zf+8amFR<3G?^lxcRIfciflnqqI!h{&ib`>l3dr%ctiXjxBR}T8b>(jA*Lm>NN+4 z*v3n`LSWyjQe45syCym#8Pc2w59V~-8yX9wO2 z`o+Z^zN?Rnk~g}rP*m8e{RF*;4RV_3V(ZN(`kYVHzhR56MNytbG=xtynvYzdY;G0? ztMER_cds_Q^)gIOPENx}fV)aptp152scPKzAg%y9<^&SnFL3&3DR2CVtVV&GL)f;L zK|jyRhgdNBecl1|yP&m90wD9M5E-R#cz^p{cuyiODJxvH%w=h+2V|Z0H>T-iJuL(- z2C`9RkJN2l<4)?JOkG`2!1bv93cD9#BQ6~5-)@0E!u54lakR6u zQ@7aBT4HtnRl!OOs!>OQ1I4$xrENx!vVu9OnwQMi(!%@G34HGB%QS)(>XzYrqA$_v zDE=e-p__AYf09b#_PuxxBQ~^XL?8HrIV)RX5iWv5sNxq5krvG(Kti$sZYi zZaK*6`o-rjxeDP9_dR;Vz~^X>q!;0N@Bq>oVv-?zE0-#OlY7D!`|q0nlS5bz8&& zNzJ|G@9KL}D?+K<8ZlH3+>F)_49e$o#)OIW&iavRCuzzvYYU=!`= z29(;PF&hWEdlM~bb8j7htvH_Nvb}MnQgS66Xq(}uq$6SD0XIX`AzGabfT5LI|FfHK zX=S9zN#@oq?GWd|Eut3B#oq;mgsvkd1Fj5LfC>acu*v7w7aOvSF(W<2PU9)aN!sB% zZ9pcq>ky=G+ZGgih_A=#LFA5-IL6Z!k2CD8t*z6IO2sxe!t7v!Z@AZtID0;QGS~v9 zuyF>J7`fC|?SuDJ;ws)L1nU{|8fs~^B(^CXYxGJNFj(1Ob_%Dn3?Eb9?b}pQ;FTwxUJPw zchX>M+_z6yJh1X!EsBP>JkIVf7{$Z-D}2^Ujf#M5N9(;{fuY(#Nj~XD{dgfLQ~?VO z5)h=@`_;&kwW9r$sX>|B<8IOEl>%Y|bwb~hPbV7+Wt3cpr>Y!+0o8d@(vWVUqn*6X z_-t;1*Kyyg2i7WUYFZs0r{AQHLn$kLxhi>ZmhC-<<77J>>PrlbIioaRfW&OoNFTO^3RY_Z4g|@?i6((F(A|z_j6yx0y&XCWxC#xF^7N7 zW|?411l|oI)^lU6;vM0<$#CYXF8ZFPppeM4$VwY=%n*$*H*_0}#Eh23pX)#07EL`I zEi53lu0xDDB-OPxs;SAivD%tr6w@8q+y|nEy=Q&h4b>vfAnpQW@;3^y2TnHr_bFfC zsD>G+G*PPlo(B$JkCj5ir=}_bMD89*)+aKzp;&-}D>q3jz?17J>%L;(xFx5h`DvwT zS7J6NJayN`@b|;@D5S$E8SC2m7j$H*bZjr@IfqjxQ_Bp19T`$?Ub+F*6 zh8d}+U7BdK1iI%t1C}>ne*JlCF}~QOjq*1=`+M)bdKRIrrG=FJ0<~cYi z05r$9-#pzBt|;jat>WT4!nxx4xT?Dw{Y8G}m9H;qnp6dy%>Zo5zDGFt&nS29dC|Xy z%(WDUYm%fp)Xwqslxa8ca?%Zph08We#S`)}`5vquyHM1CZsMqj^_cmPoMwCDnV+9d z2^|DOXvQaD$-vln`<5eh%Uoc3^4iakeZ;{7=zANXBZh`ln(Rm#4NW4P6e#g^NcpEDyxD%odSUj)M3$fR#En~0~^1`IJ@8O z7F{aT&2d%k{7c+`0J1?mDg6{T zNw2IGDhqOc8{o*bW*IXZZ!B6jl%V(@tj=>@Qq(e&Tc0#GVh*9ABD8o!P(~Veq5Is< zzc_~U*U!t}2ob)sf2WAE?R1UNtZZ?ur(~s{^1SF5^oI}pl0q{{;%BaD&TVGhXA*I-FmUa- z$hYAA5}lAI6=RsgZ&Nf*0RCjBZ6+&C&Qg)a%M$I!1m6XCQ*&hIWja z+j7yI$wCn~Ax(UUIcG6cM~RuM%DIIMhg;BzW-?w!8Dl@^M(R&X6GjwX7AON>(5NSe zo5^{ivh{>!jU1{jhAu2tMEp7h^XnH;F$lO>_u?9=Ns~Lcept%Ij7#r>u)AxY=32`F zZo2G(a9Q4Y_s46n3~A}hRm-7Ds=lx!HSf`2T!pVtq{;ZAA-ec2pUwJr!%<0vDuQ)b z^r>K6ptqqzF+Rj>yno0w=EnHUS*VEKc+)Q*SAj0qKdiVoOVL-xwm~EkaBUT}DKO$p zaiwMdi|Ovp6b1S*%LMq+)bg?eM`b%22CEI{YXJ7o{59;r^n)yLlSxdqd3;#> zxa3&hIBDtqKN{N};?i?ch}?1>wtoyRL?E`kC68@`2>KZRu{Q%$2?(((H*q|~;3Xpl zg$vVo;_zD5QEDcucdYhd&2RpqXtQpoOKY&2^Pth7<3=?Ck4*8uN?Yr?+w3lWz3N;4LU288N82;Vsy-}lO@l|;qZgdz(cO(rcb zs!ge6iC?bLy?y(n@p3{MY~K45VUXTdu{`APT8Tyw;r#R!X~~y_CgaVl*58JNsH17x zjNBhc%r`}z_?lPx9=HifBJCLzM+X-nV}-A*QA+j3Mj#<;@sg4 z5%M@So5xp}9?yp4Ac@PXID7+&8i(0jj@kIUI?P+ftDV(%%9xnnm$$k8kp(YA9ZQ2# zrjM0h9idcyR<~Cv<50%6@nS#L~;j zS0qWbmdlMe6wnyeu#L6mis8*gj!C`8r;3#Rw(r}hoYt3ht*-VK*<3i>p9o~rlE}}& zh$>3uFI!x3sz{5>L%ppuMN|(Dz&PY*6^B`?mi`9Ojq$S8j`4Uk6$iIbY+p`Urx>{+ zdseB9==T}0UTb}hs!^_==a;)|`(}%DuIC$8d0xd1Jjp(fJr;;JS5a1b;`Z>95@Ex5 zU8>Y(#k|<~-K+ z$KNi7O+HBW1B@|LG<^1VRz+AI=i19lRrfuw@0$rehA}B(t8(tl>E$C5%=>-JV*(k) zgWFV=6onn-6)j2^1&j;%Ha6*v*KeVwYztF7i0<(3kIiulZDpc7g;k>ghJV}dc}-+N zG!E({o{LP}H8Ph=RpAFuh}iTpRi}k@&56#;e++fCS*~$PdRq}HV|wbevg&Os`U0g) zmHmEwtC7dC+)GjsF?SrhYkdeEfd(g~O9#If;6Irkzx`(y3;r>x?uPNj=qShVD3|5y zv7s#Z#b}3y=4J+=(zJNn*xrWj5{@av!1H;Bc5%z`rn9||7ii&x+w!>B%>|Ds>LbcV zu^TIah9PBA!lGvhj5^V0bc`SVxtcnRi(QkgdT-5Gd4#_%27Ya|a}3xR%Ip1kIHRRY z(~I+8LBNB-;9Hbt5)PM%xq~rga_;Q+%nG$BTrMUeJZcSRZhBehKSeIB4~c8szD-3H z($bK2&WCT&EeJjNCl6-e=`zM+P8!zT&c~=1>qqL}{c`jkUVsqwJMeCbw;)+IUY*Y! zwR|f**Ft;{R{QoTQsJv@mN=e&}zJZ3U)@vZ~wq-yFRlOhrKm^H^#sk9pF1%Cuzd?Ql~Qll*aJ zhT&K#0ZBL^Nt}8@#Q4;SC^7ggiPDFa?$TMAnaXN6tjI61p>h#Z2|AT8DdiKhzLXIg z%1+{#B(qCv>>w`rZN2@^hdl}ze2&cD3L>cW z+QFk7*IyD)9vjRW`uS_`#U?5E%Qj{;@o)Uplw}sl(Qrxd1OzK3@wHer(tWSF^ z%YnGoV9;FtLE8MuWPhN|Dv&AoMjd_PH=W}pcfVwLn5)s3_4N{a32%6n z3op;N9X(+i3iR3ENy;%a`91T&G!hnfyjn+h1h0P`ItHjOMZ~sGxaG|H9ATg_U7r=P z^-Jw7O(;sT)!;0fLEa{OvaI(fmQ6MkOm3o%i|e>PLz>52;g%vy`Sp8=eDQZ>cK;rP zk8xq>`4L6A*D-I*8c>ZKjP8@h!xb@-9tDD;3zy*vQoy^DCe8+)0};@awHgn? zVlqIGLS~*E48NI`WkWl72V6Q%koEksq<@vThRrf*DJr#;GFyDToV{dB=OnRgwLTx} zb^NxS%5*BI7bxhPmfm<<16v*7yB~geWgSm+w`FbH=;&KFAAb`d`oPU?@w^V!PpOSb zxax}Q>R-#D4cILR^EKz~Ydg;v%4%~7Gi$7FBTA4@O z$+2Ykjev1}(c(c`k4H7-aP!F0PNsOs8h`Jq(=9UW3LJGtDk`mpw0Ip>B0#TB()K&F zxeWmVFzGccwRB6$T9;i@X+H7NJ=NIO7$w8KJW8<9AWY|SnN&@v$3wm_hzwS|5wh%` z_IT*j+$wZkrEi~Hmh(_EnlQ{PlGTjGZJW2BEmRl?;_l-tC>az{pB#Wa&M zdqzSjSk2BfUWv24@WK0p5lugQU15FFz6x-us~vdOw^liwkdh+GIM-RD<|AV4b`xkw zIWe_Ur<8}Hh40&U&qV7tU4|(I5z0LlrZc`{-%SnJ=ZHES<{+mm*e&-m?|(vSjwhwsd}EZf>rPe;&V8Sl&Q@6Y5>{GgXF=#4Svv~Z_-iE z>MIbE{7!%Y12M*+Ktl31{|YNgnH{Afb%j{zJdmQ(U!{6+!uMhj zwNeMROXSUj0Rekp#;p-orsn6dAgr%W*Q~6Xu%6&#bOL{!!as8Q@ww2f-f(wfS$-51 zVr@R4o;ax%50Aayz)VMZ;)1N_N!i0mYni~fQ1k-R7|M^!KX=~|N zVpnY5p|UO|P2=M8j+32CcDBUty(};@t<}!eo5%Uxhk`v$8!u19<~l`W?p0Fp1VRSW zN}m2l<%2R%4Nunew(f3*V#i5eC`#buzIi9T=RKemW^U)E;@B5+ymX^GoX^3Eu2o4& z;l{LxlO)q|=@msw3Py5%c9Ce;G2}ee*8^)y3b-3j9Rnp+6kQs>)pf4Un^%8=g~cGO zN+v&OHp&>yD(pvK3O3M!GOrmvJHH1Zd&5&S5*y3sn}Vr=zxH{?%97Crj{~z}6h63u z!{u*|PlXd}d)xFlEIrn!P*^r|MoO(U2FIz?K=C1|$V2SG_2lwuiU;1{<&RrO^N`H;Dk+7ogF1|ye+pS&i4xDbYN`1xL?Kk)k%o;u7zgzuY_si zq}_>&t$e{OBMv%Ip{uNiJRX;;B>;Q0WL(9(BKvYxY^Gb@o$_iC8H{y)$)-SemwdyN6%T&BXt#P|W+(k=!ih@50#TPo| zgG9x;-0YsuW_~>fyJJnd0oymqY0y3sUG?z=DX>MxoJ{X2a$#WsZBpqA&d?m}d!qx0 z;(n_;){(OI>S1@ghAiYIX1py?rLg~~qVPVesOS=fd|p(A^S1&8XY+aQtD`B;=>e8z zTBzxH^4s&UoGZ;OA{9w(dCWPXP>hD-qK&&X?rO#>N*;L%W(J3aVtlT3aqq*`PY2c# z&sJ8TfIv#JqvUN|tmVh=`&Ul~e>7`EF&2-(YFZg3AGDm*X*+en!PC^3gQHZHL0p1c zNYsaq{8s)3D+fP2hX8vlm8D1}pb03kNd_3K6kAAlJQ7RcY=VmLqWd^E5;@*)R`$K>!wLSAMn)8blnT-0d6;3r=|1h(PnrZqC)!ScWg5cji z?j!VT&M6jo`R;Xe;&MP}P^nltmE@N!I4DfIq6kcgw8U7qySLZZ^T@zO<#9_}YgiWx zk%4^`*k7IE7ZxpEykL(Fz4YogeDrat$e7ml4mC}fY;)Tra(JkZk-n8jg;)oYA3$6j zrAjsk0uC_jxzbUz~vN9Y)3%l;` z8%rD;+Q?k1)v-|~5{VlND7>|88GoI`OV$AP$lm{6M6ed>8>}JW}SdFm= zZZ;$h-zGv_q@ch2@Y@q-LdxU89@aDx>HH-y03QNyk%K}zc!rC3f}*OzL4u+y&l-L2 z%bVqn$v`4;qQ@!RP^(aS#_1-z72~7j6Xi7XBWZ7H2?p zaNmm0)8q?J8?U}ee&T&Xub}a{`hn3>1(rtLBl=Si5LJdW*S za=y?T!=G#Rd4Nc-Dz-sC8jD$2(1hUwZD{aID~&hVLY^X-Y4fh+b-QI3jMsbk%lVzb zq4GQU*-IB)CY)wYzWi&*X?4O8J~&8?T@dM}Q!-Jgp{bW7-ZWSxW*Ut0lhKM}jv{}# zivN57RYhRk`u4Q~x!pc{GDBpqo+zBsRxsk-=(NnL46ZMuYugw_kMy8y=cjr^<`y`& zVC~vmU%$S;Om~JG=@ZyZui5LC(qfr7es0Bh)@Jl(5WMeMp!XW{x_sobTxwH^$tTt@ zqHF*X(@Ru$@xZtv@a6RB)Rasfmp1G!RuwF|z(5DK`yqPlRRxL$Jfykr?Qz8c@bC4m z9ac0g^@UO+F;KW0B`P2pLKur=_G#m&M{XWCEO#vsnI-dh>wM(N*wx00i{Gn{Iu*D+ zc)TIoe0roIdtPs}h_#&NWXMr|8%&K6VPcLq@3t>Xf+R_Xar@OzWSpRME~>1MSBrHwL-wD7T+pgFALHeY#;4rXPXj-tS;xFKSr2`H@?Leth9Y8^YGs@i#89wk+a+q-H3kgW}8NOS!%#{lCWgh2@xveX8N zR|+R-s`?TMQDFX@mUNk~{dDQ|7A%y_b7&|@_lk#VZOp2+#Oz0v3{{x25l2tLpdfZ& z73}Hl($ZsB1esix8|KFspCU13GxUTn*{VJSykkI0Qxc9!$BZW-WnypPVdbo2WBM2q;C3+p~?(T&X|4+ZS}ELgA_`KS}eCD(5p z?JrrGgY4}MJJ+k&qxDk4r8c#167cV3k0E8t3e=R>`^-)1H_BecjOiZXcQ@?O6bTIcba8aO~d9H}9_=HVW)TtX`k)McC!gC4yvW zob!GPilYg48~$#;)1!fIk(bB8QPGqF=3f+Kk=D`J@ZYu0RV`=FsRj-l#5J0a1fAt0 zyj<%ap{(_>vx(pDPF&00i-APX5!889Hd%JnAl$_8_&+WmIw{Njc&a zlohlD_#5r28R{J0$J>0Aq;I%1A8yiesu`!z~NA*iZ${ePSJ1J#&h}e z#b=LlR2mfr`h72dk>ue{NDRa0WD%X{tdyk`k_n${cnzjDt8Foqu>9`3iBW*lrptPa zR5$$8aY51`7QViqTuCD6rwu^Xiai#jf!o_@{LXOuiu5|4XIG1+73me=1OGoL)I`>I z9+*5bc?T7atL)weeuu;LCWhZ~ZYI zC8yOSi9jQDaJnpwQUmpx{x(D(YTWUG7sB^Z_<{VLCd}&nRC2pXd5iv^$ODJ|xFNgc z0988T`+?M@<;7+G&VP(a@Inlt-!nDi(?^m``K4}}p+e8erS>Bv2Q2xnr&&4DkD50i zMH7Y1x!(j1b+7Ll)8n&r^pOeX(^3G166-ypQBD^M5DtLDK@b-&=LcO)^J6XN^Oi?C z(Y>zPes{}XR3>XA#2aJWM=>}BZ!`crpz*^?{=-JjDG#1I$pyiqbK88qriwEjSYE!o zZ8-e8F2RRfh!uQIGLIAi_P`*{0pPt&$$N3alJW+sHU;l74HSf>?62bYU!quUghuocHS#iHXduaz^Q^LYY z(so0&KBG-29C$juvMmXhKy=~mbuo8rZfODGriF%V9mtH(*=NrM5pK6oTG%{5CShM# zSQ#)>V=66?G^gni4;OUJ7d-hMe)~ux<>m}wIVmo)OIKe+R;vXvNj7=}5+CBN;oTR_ zwK6_}Esr5aXXE|WrVVq2X!c;@{LQlykO!u3FzJ(mEy+$=Fy7-LqYG}LRr16F3{9m{ zR=u|muWEpfQEX^xbISrq`b1jLlSQcnn`JNm(p3-qfz2JF!!!OOiT6ujZpuZHa3 z<;oxTq39Lo?-fY(_=Dy$%Zp=-bk7bSw-NP3&tDp4{iu6{j~#@yvPZSWvHHP%QxD}h zi_x7|v2SI)D)1f{afDXh4jPMJ7o!-&-lrkDM0!23JcE{c79?3{>FMYI;xkxBl~?yY z%e^|o6TGT#n0QP1xFr+O^DAn}?BpHIa;#@@1NGI@2=Gw#Yo0@F4JD=u6|aUYY>ZBw z{4$#2m#7AE`eF%Q6-BT^xH$I(2>1k@bh)4io(;?Mb3^7BrcC}WF;I;F7} zi3=I2zw3xsEl1l%oirA8CZ;yqkaTalb)c(|F*X_UQ>L>K%rOD;fob%Kk{4%L1wZebKz zJstVxjh;JQQ(L@n5=wymEp}yYSbmmnY@m3ch;=>OO%anP<(ban7JB=x=lE14O~$bg zX)_~A$HPo3%HH=}*NQIxRtZ+(STKvp>?k;et3@LN^Oc($YbcB@V$1~8He_Dhc&%z| zuy`7qcd&jPTS%xeHrChZen3XM)Mp;J{QYrXx<$sJJzcs2a6&65OG8MGuljGmz!C_3 z>aTDGeOlX!(MH)l_8@I=n|hdg>^h)u`OP3ySI)Dqcf*v+!Xmx@kLhDQSx#B)9$tYC z)duV-)}E|x;RjCzpMWGU$Yiv*^=)ONQ(_afz87_u*mE>@>9|b+8&AnHv9c!EDC2jV z#AnFq+m>Ihe7E!h(5U%6?oD9PC4zgOlkGkOsf}o=8j&h1zPtaa9?}wjzk|91N5qDm{qtJ4kU8a)0aLi;qvr7__328WW8|k9h^qL4xlzD z@3gS}b#Z_XfIKt9_+-y&OB4C0`nk6HZ7jfttau(o+iKf>joS~NlWi_m)bM>@5xFGs zpsU=vs5iXb5$^yExw%Yc`~>VnXPyyNsg*O@-tdfl9cIY(J}rvzz4e*T8auFkzlPBX zNCR^Ce*F_V%IcnGvi@u@s1U~L>@}G|AKz6A^cStgWPY{aWF9)&Wlb}l&X=P!#IFE9 zs27{ATQ{A3?tE2vh-&fUK5P5kJ$rm8cAP0`>MuXUE3Z1uLJ-FX`3U z=p!x&>zbR&;RIsodw=g6$OYrN(QIv?NAy$jhcNtCBmGzR{$p?f z%kck2IRx2y;$p&S>M_eVYhxr)TWBy`S#`osfcl*3wzc9O@aFN z2_uhe5|47ruHgjcYmSgF%S?uy2Td4peawJ&LFw=m`42^@Hgf+K|Oc68JGQ*0#dx>}#+Y}17Spx3HJto-$bu=#ByhjR)fXs4j zz+z!xdHU*|>7-XNM?|!!gd6|F^>eyZpOh9%)0YUn0;6z`Ry!RsW*c=s5>w%00n8 zX#y^PoV;AM@(oVSpt`IQC z9gh|(6zj%CvA_@rgxlndY-n2guZ(ETe`SQz0m|XZ=)CPakImLLHGja+dl%U^ ztYlrckgeoSqi<7oyL(|6g9Slcd{dVdZLpE6ST2!ZHR zC|`{0W@5oS(Xg=b*b)BDZ@X4$%MY~I2Ai7wbZWO~rGkCarP6+OPx+44Q{)&|U3TRK&O!u$UK znsJ0q`^jCZ=GP^0iR=BPt5{xU_@5Hr3rv{lu!FyjC;O%D*W6v6Q zbFgnt3!sPHjTO`!xX5UwKa8T{Q$~B5=*;UQx~6=|{;#I~ON`Rvx>;bOLtn5q3?jx$ zHCINy!uoqL-F={1(zO)Lot4JplmgmU{F{3aig9{UL17>I|Gdg^ARVx=w&Yio?Drqi zlz$_3v5x-SzcdhRD0pC$xjX7o1lk><{o+)bGWMsPGL@Kmo!$RZK2|riSESdCQ}QY( zfrrlp2Kt{55Oqiacou7yD96UO{_HMW`aZEGFG8S)s&|XLKN1$Ou1IIp?dU}y)V)pt zsM8GTVtqj&;aucPWOOb11CXp@hocd@*n6O{$*2IyYQ09!y#o#b)Cm;oom^=44W-r% zVS(wp|0`!`EKaB`*r;>G*J=j%mpU?2mwQpDWIg_WP8()Wn&xEhWj&05PO>m_vK|uj z$d($p1=^~hFQp&)5-uZp6{{FpGBhF-5Aw}P%F){ByJWPS*YC6J5>Du{e-7?vE~|0w zT{AX?2-UhaGz`rS7Kv5qMx=%@$pxY5Qn7o4bN*8_%my3?yQWLe9sdL)qja{}6`9$R zp16D9OO`u(oI=xipalLVZ}q;A^--&$mH+?_BAA3#Ol^&|xtwo_F`&tUj#GY|m$6cFwhYb8Y z@4Ci8?DSlsv+3WIg$7gCnOD@iAJ0ucx?LQZd(1((4uzh>vfAeR)-!J>dlIp$1unG9%K%O+T45d>wS3{3)F_jZ?XKki%34K01Kv8KK9lw3cw>A;CTh1`VX(IuMH}| z8xnOYrispW?2?NN#KJ3!$>k;+$IGOH7cTnln$wmJbc5o<*|w>>G?frE$T{x3k0HO; zhKmXSILUYC&F5hztrMb*d2eRA=|@W=Go_QtVSg|QUY1(+T&ir|h! zU@h_mXJm3m>nyOmziyUC?B7H`-!6Z>2U}kp)Eb7&y2Na!AbF+(wqCPR*|C~uPlhiX z-_@64+n{`kT--hFAO%45t(+&PAxb&JFqnS#^Bza~2Q{T|?}wcNC({aO)<1v_AcI#w z+P(JL(K7j;odUR-En(Uo1CXDeJ#gZaqsW~D9{r1Tb?a|0Bm+6VN^iT1x`t&O1Xpi^ zCc(2TV2NaRbO-%4H6ZDdzap(aKLC&PH_l*djazjGCFDi-?qGTv%234Z>|hFp9Rzhb zN_V<}czgmZ(XPH!+b;!f6cfpD`{8r}n)i_EybG7i_s1ke?d-+9eVUGdw65+~to|-0 zB+yX^bbk?lS0?ehbHMD*ey_i#22SC>V#L7G`}i4H{UHMT>NV=oMPu~i z%RhK6|4rU`8{&F*@oEk`43>y#XD{MkQv=8I9~u6k9KrDfjjus;;Q!C#N$%OjQXjq@+h;?jOb(9t=g}_x@KStNKgk z(ItE|(e3OR9viFd7^#I)lVP>=VL`02z0%3Y5bdkdzi3~fJ^MjVG=*u|r52UR(ivYXoos9k#Gi`9j&0EJHBkC(F+g^F06Hk%CyPcq*i=Jj` zX7+Tjq|Su!AI(_)M`}8hOfUBHh#;2BNzod}zG*Fx{XM;F;GJ49Z!4zllMq39L)ENg z)YH7N2x~j{U6&|%o?j>7>Hl0v{%gB_g9j4kePO zqGwD>_{@Dcsgj{Zo--9p^5z3blusJQL&Go(SAISq|xEl@H!!@f~$TPjFIzc~;5&U&eBZ0GM}k`DHQ z31^ng5p)|n5@^D1Ydzw}e-gLu7ix+a%QN`^DXr%`$-6gV>qhxcA*jlO?siL*1nlb$ zD*CJi8QAq>0SBDg3ogOvU&|PQklox)MxO0U>q00PB6`(&S7B*f7wG5tJ)>a!C3UJ8 zF@TwP$7=mk0|du8I16!kqij-kad|_BLk2Vir1b;cWp+h(3@^>h=`;J^&mPussQdnG z4fhr=oHoXAh$HBKs4s+A-xlP8Eg(LSP8UJXkPsyeWhy~O(&aO#9uOO z2gk<7F7YWx!hYx12AzUPHssd{zNHTAnWy0|c2IBSlIa~j^PD;@!+Kru$oe4K19!f@ z)TsKb&XrbNn=z-9hmhFQDUHB~^{*)e?4ktA})z5m~dJeX;sU^Y1V9(!EXbO4O*shv$>2|B< z67-LEXO%fI@NH6Vy~|!Z?({7#G8)(Uk&_u7ihWM@Ojof1p9^<0;crP_Ch%1z6s_$@ zp>}tu$n?Bu0MN^X&|itZ^XX}*Can(qN*Lvcu%~CRN1HSW6DEk z_V;jn%{H$GM09FLA@(qU4dr|_{Yo9S#Vgg*rn!Tfb=$O2hw!K?+L@$ogG?Ay!!&UE zN9}>DBc16)7fP*pVWeR&H+-vzB$ea+yF$@3JO+TYaKU%gs1#IANZo(WM=lupHW+0~oyuEHr8(B*n2v_-BI%Hy(i8k>MdTa@|-U z9&8;SgMh8vC;`X$TR=t(Y!2+ztM&ratMtiIFH0g8}&Q}$r znq=-e-CN@aWQJh1WP74WW^=+qJ`PmDfC{sD(@fUp#^N%gpoTiI)-wJ-cC8m|8;ykX zLx83R%v^e^rUosS6IfvWwlp=np-^B2)XxL|PN?xl4J3&_ryB==;b8x-VOguLI8A{* z51kLtEs)Wp;t76Y*_sa3wzX*MXRrbG&6gTM4SQ2mo&j5JiB4-JL5G9(iF$`=se#-8 zGFeK~T7(Wa^w!CvImh@zRe_l0+t#Edg7~C}{hpmgS3rWI*0}x_374+SzJs9@pq`Vz zb!ime(nvN^3Je`}D^F1O0!|J$2Vf^Wr5M>kChKtmS; zc&+xkVj_F41`ND{VP{La=1dtKGFp8v8l^W1&|@5zLPJin1X+V`S}n;t>^T@vd4(3s zyuRaFK^-hQSJkfVjlPw08HVcAS%{2vUmab>l^@4#u1!({^ndcI+vA9DpAIu4hhsg? zmaPxU&ffeWM$QEyLKd38W=irw{Tdj=ImeziBsWV{iA?S@B4ZMS zJAgt=IsQ#wDZFEk5MY1SZ4l)YY7gWoV6nk$1QZNU73;ky8IEzq$GA@UP#e2kyzWm& zb(rbBhgEKicF3E?D+ez@oNxaDK^AlXT5Lguty->a(NntvsQ5rBM?#reERB?vE{g9n zIbSGy_04cNsEtDp8@ZwqqwO1g&^2}9PMz_k`vSyPN1O*kbWCc)b3xUsPjxT{4%B%y zoxl@tjP&AD1u$3HTZ7X&r$Kyv8IM2eI?dQ+m9646YzS)8CQ53C8{T}Nd@uw}z|wD3761~NtTBZ0Q>24~ zWPhWQ`>VQ;c{Xz47}wsVM&qo_K`lO)`H|E%^u$4HGFnjZg3lJ8py7yi{u40ZW|j+q z!qBy8j4{JzOO~T^)Kmc+tYXRIIg_#G6m*@~_`5-6P-U^$V@qte%#y@g$}{&cvb_nG zDF&+gKc$Z7fDMuUDM{}X$(6N2os3OO6hCFcrEu?Tt@GG@ROQU~a#*&Ch~G4VxJJN9 z8!&@f0i)E8dWkvZ^unPxqf0~pZRl^&G4`)_8xqhkHjXt4`>Qj?<$(!nmfB{Oyi}A? z@rU{kSFw$`OPee8gy?BEkvfSvWINo8QSXI??fSbcH3`DClGRR2z6S%z?GMWXxg5s6 z`|+01NV+Z}9oh`@&1wf?Ou5g?2Uv-cLldu!5Wo+H83zQbO0g{hKCO0_w2XMDbY*jO z9EHyjv9){#@_nHX)|N2F0UBw6zW&194-0i{Fbk~%;ZlgsM;t8dORTX=rPDpR>>El? z-^#xDL%~%9-rqE;;2UYX=`+%hfP0kTvNoBIuSUfvt`%2$b?paNG z*IPd=Ealh@_qsCG4x1w$e@@j5fjCw2TH^Q8;d>No9wNKMXgZaXyLK7QC{7&g{h0FMpKV%ltRoahPSrW2iSV7>7&22>Z6wO zMciR9Sk$Aj`-FjDH7qFqWvqVlO7nF6#*`B*!CzPzxBU67SK`^)qrA%+N-9vLQM6+( z+cAlmCs!uE$~H}hQSfihqryND!C-4F>+B%Ul zl`qIb!S|(LGh#e?LQ7;e^e{kDll$*FJh2vxghdrTi4-l7xz2 zc)tQiB^t*>={kj$XT4j>y1Z0lY{aOu**|>${re0x{i|438t2YY6i%RCf?lL|1~<}# zQoD`s17Z&ET`G$$JGBN%6rEiZ`@#0n$F4T#adTXE6s!twejPRB+}vR7hYt`JcIjk6!`4;s)-8`DEZ42LPm}qiRe$n=*yya|AxUor=YOlJW-=!9w|bUyOO1Z?zuW8 zV`fBsj}vzr=weqMc!ghz;Ga=Y5`IUi2jnfI+dE`a^_8%FeAs?>)%($8{1BVNdW`d34x$f zwc6O=!!d=$)H!di^w|~)i;mjn6Y#KD#G(%`^P?M)`sc{`%jW7{&o4Arn>W7G=}$q$ z__8UTD|2bTiw0!)Nqu1gn-n6wG}MOna07=yUXy5t*86s40f%UVKfTfsVg}!X&nj?W z0V%y6mKUsPrvz^)WlG6Tqcl zixtAGIMB6nA>8dhk-^s{opNYRm7j)X-}~YlYvee3bIEk0Z~p?78n85+CG$=8%6^e&<1jh3}r<^SUX!{bD?jSO;+56>bqeTj>PDksa~0U1X*Irm%12R* z#@K*pG!)(g<~`WX*|Z6j zIL_S$To{sA-_DHBL7y-!_1Il-spgoLj|WdxH(|mVyh(^GwI0FczTx(5X-gJN-Ar?) zA{VA^kfgRGdpVA2p?>TYG+fM1gI;>xW?uaBu3U{ur$szfFI)Px`@5rt6!U5a7RvLK zm!R>*6?oZn#J@_(8L*MZgz{ONu1vHV)yeJlSx)P6TE5iZ=TobAnjzE>Dw$Aif$6h7 z<MnRKwmM5WvN$T7gsx3LS6YY^3qvO|_@}G$@DPZ^&P>Gr;m^ywq}56)F$^keegnM< zj4rJ$5Ng)+6rpNgGO#qH3wGG*wOiIzP9e(u+lyn;>+x~4T1%^g)^1)-mf@G?v%AzH zI-!O$5?%Wv!b71&S!H1{4RB5jH1@!I~0F~aV3k&|ksJnyiJmtwh=ihAM#b2AR0_|J#t1dHBJ1vBw#wVS!+he>H({_PbrElt-iV`eZ z99)+Uvc(K1g2InX_q*s+TX*|sBIjT!Lny)YK($w>`dp|`=eej5azX~^s?uR6UM}{6 zkp7CVQ5Qpw%=z0&ya7-jmtNyo{>@#FQ zVkCuD!J}QQ)6UZ>U9S77Z7xh?F30z`2ISOc&!(>Zp!1do_doWbh#D>tyn|dp1F|sK zd2FHmdznB7-ip4yK}NBTQf9QXdFk1yQ4KXJEsXnJDT}VvIWJj&?-h}(URup2+DoS4 zygECRS~(h*u1;xH|8L@)eJ7#V&&f`~E|M2iOK%{wWtJ=l9<@*B8M>S^#+I{e39eAK zD9YRGJh|NEg~3EN4<52FRyK+wlIEYi6Ey8%hKbL1iiakZ%n3P6@!)T3&UX|SOYx1L zlonjIG`s+Vu$sY+_J01hW^t-FcfOONYjGlT*eKOUQHvq;`Sa(^T3-BG9yQ^;?sd}Q z8j8Uca-jT3G^D)QGuM^}LuuyQEzBsb`ud@nv*F`b$D>urA-Mj?X zY=SI*onwDE)_iFpj18&o?)?-K?+UOqSd+i)XRl3 z#k`<>*UfTMH}L! z>?*4=N3iY$dv2p|?I-hL=Ofe|^E|F~dz!tNGB8BRrk~BJbD-*`dZoiR51vQ{R!>S^ z^JfqQ8X!@(p<5f=FX+;Drnt{%&qP|YrrV{dr@boblDT7Nki#$v3An`W*gxyEJWe4> z>11Q4V&BW~u27t9+2G3ZSh9h$Pj#b;8IfKHN`(BmgaBd_>#8qZeC2b*r+ObnEX`n$ zirQHYUWTPzXm zZP5!Em+@vN8w9Hjw%N({%7(w) zL(7DZO|Al^R;4SaMcjvm?o6Eit^=N&nuy6MTrYwXw|y23g}**iif1d7jOax8kcpxH zXI_sBcrxal;kJ3Lmbb$Ku3|o zLGL3+z<5+h1fDji4cA?-Bo&?z-xg(qMK447u$ag0FEvIlgdf+6n_wJ;F1KtzR@>p% zm$9Ndn=w^f6@h5{gO)np?B{r)uL5-I7}{uc*#Xg`X2&^QY)!gh@saTBG9v5MofX)! zuJjHGzNKy;3X>rI=qD3kl5A*f zGsY$uBa%d7p(g=4gbl#rM)48ESP|;K#C{}12Ir|mo4E~)rUnev+|UDaBpwNI!;h0| z_RDXO7khi~df!tK85=d>#^RX+uK~uUMC=1Cx@l!B;Crs7+lR1IWq%(Xb{I~D!&`M* zccpk@I6gzvG;Eue0)E^w^n?kUpnt_=NEv<{Kg&&ly`wTnX|cGK-T*p8^TPK5Mj!WL z^TFR+o(wWSne66y?97djBH|;ZW-P+fynj#fy-I{l(7yz?jDsIH*#&z1eGg<+or5Vv z+OaSw5t@^{vC2o@U5GXm_P@BjiQV5tjt?OToWYfLY}^j|(}7F>BEVFL&_bItn4H~p zYA?2`-P}K}`lDc?2QXV@1MQ0b55V2V>x3a^5O|T zPU4uw`bdZfxFP0|;Z5uVw^S&2=^jjEDF|or3&s-pSLgj6Z?xm!&{ZG-538y>u*n+j z`iPJ$=Bpvn+yXm2u;aJ8@Z>@EV(~uF{nk74sibay`vUxCf$w*BF~9(!jiFX0$h;td zZXxJPfp)) zGVw#^l_y!$HTJ<%vg>QR-xqfudu{C%gX}%*8ypu^qy^6A3A`XJ6{zXg8{>|CzpBtU z{+*@km>bd>$K5nCvgGc~(pF}D&NWA|S^qC1hq=I`Zj5DdVNu50 z7JVzY#6Re3#)Gds?+pg>nUV%Vgas%ac~*Vv$e7<790wA!0FYB(@qY*n+y9STz*#A6 zX;7g}^=w zFRibAW1`k%`EvF?X01*2hc>2S@(f6kHxDR;94m=j92{}r4uZQT*gm06=-J-O_NRJR zmXETGTGb+_zM8(+V%|`_Jnd9-Wi<0mJdbXDNQFlc90tq7^*9{GT`;;4 zunn!YqgeKiwhk{Cp!hX)B!xXB@#l>k9R=(R>+{ziMZ~MsUf>z%%#yr2-{cH^ppt*Q z)KMGV@MH9m@hy(0ansr!jxV)Iju}hYhV9#P8AdL_G&$ROr+3EaU2Pf^{0b^&A4e(F zbI%e>U5Z*^7qAFcl<91&uVSLoAAce zQEqa6;)Em5Il%=b1=NNO+!%@dztBPCOk^Iw0X;VRryMIo41GYUfJPve{`RA3C&UBF zmG30fwB5*;Ueo_*6gZeqG(EARdUrlu^-k02Bi9>e$v+#;X9ge)?F)83 z5Z9i|1lmE)UFaIlX$>8}i~3&0lKqO`>p5lB8rdIRd@$2B(cwc`PTq`IPTJ34 zn!+VRBQW7g&U8Ac=60~ zSEa73wp&bJE!sCJGjpptuad%~T=VB*2`98!0?Tmbg*OZ9u=q2Y3hfE?XZ;Pe zPv&f{yz17hs~4>c#hmjJnT{PiwU{?!U^DBhbm>P>l1#30)`n*%qlE`MJjM@yzdq?4 z#Y}POo>1(3o>g6!;QFMW)fiE^HytW)rH5{M zqt+bvU$3jsD`QHDpAYMoQXb>gOdiUwtX7@~wH}PGxw2lFgc;@S6RvU2HY&?%+;F~# z(1M*PQHenIWF6jcQ4d#C=&Hohpvq(>Pp92ru=Tp>tStM)#r4JPH;y=KA~!5jJpv$L zeb@lEpG_ey$rTcP?0$%5{UK+Lx$ujo&Ou>Ok=1>oALbLvpo!jWZdbPGOvi_uItsqq z-Cv&_3J1K7tfC^xAz~I67~pB8O*#*Yg=yju(o4A)(+lL*+rVG~4_0ofK&ScdPm48M z-N~T+VzURgyCg)BBDf?11^9KV1Bgluykg?gl#$kBOLOBCkmQqCKO*6z&~LHE6h@!Dt~DUdnH$$9Y)qt$ZBB;*XAKI5`hxC zJ^aCO>s)DNZsS?O@T#sP?#3&Y=7n=6R!RDfoo=!9G57(i=02*#eIS^W6|3HUW!oE*1KRqcEL zHg4?9&&Cvksg=(^_#D$m4cxNTS=G1}UiW&rJvnyef!F(Z-?=25w+2s882!yw_E_34 ztb6YWgmSp$n?@rjQYntdN#(Oz-JS1=(i(l$#KB$GpIXbT5bN^e+l%51NVa@_C#+Rk z8v#|K&o2#s@agG(ax6Z6N>6azHpqG+lW#9sj8kTMmrjn@ZlIftFl{Ec-PgWg>9|VH zl1nxPk48qLtY0vd49VjFI0=PO0+*F1j?Q80%`b=Qxk@rj8rl-)hP~?ToZqa*yXXq% z$u8HCo_^mzW-St)ww_a)+2}Uek3K@dT?oSgdm8S4LvkyUyFG&WtUc+T>=%ua3jP!d zBab7qG7lVY_A8i>QZcUkBtJ9Wk$w3?Mie2Lz2!LhV6ZKQ+V8k_yIT=$`l!aSE1bg4|HE?HKC{-RNC zo0cZ_l?~e{`9^nPKAUmcjh+vz;IK7M!Qon6>9jb z-*xCu9&S(<*#?FuQZj z`(TB&p=Tu5&5z862tZ#~!XhP({Z5`uTag zO3NE{-2bi^tMHhGo-ehkt@K*DUnQ*>d$$A>5hbK-WjPJ&87J}vLo#}PmB%=*PHU{3 zQh*7$fjnkX32KrUhyHR6Pfsd7Os7+NwFf!kxHuj-qbMjiGgFsnx#()C4O6GhPia+3 z!+*>Wjgw7otBiC)O>*P4XPG1ePace0w*{~Mf)YIBfRptNjH46K?l5nB4C+=dy zrNi!lk(~sAdYv?hjw-s@AN5a4E~}Hi*{>GTBu9FYxrz~(^5kBdOw#eQNs zc;P7Z1zP?%_Bv>=8+jXp^EhrHdZS*_9?NeD)81o#LOb?rOP-F2@!NG(#6+aU`M*{_ zm+Lq^GSgH_ROg{Q=PEM3|9Wqgs3_=@>o(eR{)uns+=AG)m1U`51keq{wO7ehH>-*M_z_#OL-uvs~a|6U^lHBEwNZ z2nV>)2k%Xr<~H(3(E44)R4`rGsEi~>E}C@paX7Pd!k~k=E%(Q6%hGi~;LnZ~(VroB z@xJG)^V+zur2Eg4(B=rDVV=%`O3AvCoN=-4QdE4p+-OaXoP#Z%q|{ z;$9iR6(i@3YREb=^J&EM8{ZxZrIqhO8>of`o1*V@!|;)?cb<5=7&3n6{;{ z*3$O2rq*Q0h7SRVkKIIgqr^x?9DP>Y_rs4_R+Y3np^yt9qu?^UGfGItP^nCCEN4cS z)1aL(&uLgJHMS7(8#Xt;`JoSR4(!g23Ro8Hkx<;8R~LF4<5aXDquOvEvuZaV-$1z! z38@I74pszkF&|-tI|R2$>vd>a{XQuv38FQvV*^D~7ke5GCcl@TE?ej+DsCFU?K}O4 zlHY(tU&nySD1Lr~qBgW|QY`xH!A#?>@;gLaPJZs;h5tLhhU4;3Nfb_Vbje!Q>bCKw)CT_*dx^H(yT#& zPH&`SqRD9E%%s@&nioRs2i!w13#Lu7ItCU=-nn!AFn_ctu^uN8y8YmtGi=7cK1RFH zO9m8Xr5e@!)GYU9t?RZU(3HrN#>jhBeh#9brXW1z8|S&(&eFvzi2Ka9sKdA%rAI<* z;3-X;ncl!YRBaX+A_a-B?(&Kf49?I6IkgTZ%aHjvd|IopG2flc^x3FDzsc!!>*V~? z^eD%!nFasm&j#YgUHvRIt}{8`ot@@pmn8xkbCSdy#>P%_kQp9EKR$kQZP`00r41N; zhJ3g$>Ta^`aHyCI`=XkOuzM+_Y^{}I@8+L7I@)x)N+8Yo>X`fqTx@o{85z+wzb)Od zmqo@3rVuDeJa&_Z-nh=vPM@4K3RGms(RaE-NIG2>#T5o`go_Sxqozt<4Ct`B9WQw< z)L`I-jLQ-G>Q*Y|UfLCN%{}!9M|{WUb572aKbzAW?St$J(WtSo&KAZ7N}M|>*{JnX zlEfZEfgU?pfA}Ij8uKYMfDWk%tZtLYJYjRc-JNu`vAta)uRKn6`nyxQ?oKOOZ8lE{Y=T{Quh0;U!#p%FRk^Tp8RO`HUv9}u_@9*QgCt>Wk%-P zPEIszV75knm&lKzvF3oYf_N86SiJZ`1HJu<1k6XEje4%IdSlW7v@!mjXT(O&NsR0X zwB-5oGnX5b@=+F)IU0it-S)>yb>9wP%kkDTp&XkmS;`Ozk8Mf5RG6-ftT(%Lm2QNMn~9DDpYo<>~6`5>v%{ z`Esh!+n86Cxa~+RlI(d_a|Y{y$MuzVy~8}8O}EpZ7Xn(>AR6IE2>58k(JANIK3xVQAUAJvqcP&_w&LXW0R5O_CS>6RkH zrqadwpo72_F_r07*pvfXWQN{b-dO12~y$&abrtRqv{@4sqQB0 zTmlMilb4OGOudIls5C5RnQ=B8|AiQ?|Fwwv7tmrCNs4!~Nmq<4k>u#fK$Y*=7>fXR zp~QnL!{~n#H7l3&+oMmN=XcbfnP`n~P771tzQx~xx-z70U4p`_4f`A*dO)`qH2jkU ziP-s4cQAvfwU@h}ky0eRZ9IPfogM0YI_AnMCtN6Z>dxyJ$uXwNGwJp2huN9J0fN5ezX0~)4n%N4Ky~!lhDkE*Fg19Jj3#o+L6KE*DgF>Wxby<|COH0kCedAsG zV;YN>Bm+;sKc#$!`{hv+mFv|~CcTeBs5I9ns9aI@hV%fiG-*4vHkn36hoSeNC@Su< zzHT}EooRIRcNx}}-2D;2OeF7-`gw5&W1}x0yc5hZUs*04UpGyCN~R1C?k;ZY+2awG zZXOgou7{+_Pp;ZoG4->yZOa?}UH>e?uwN@vxwgNnOa+`&Q9FO?;O%?mX(m(CtnRe`*Chdr2SoLk2&Hh%c=WdxIpWv1(^?991*YTE_Op6aAOQcKduq?xIT$wYyUX2|?q zm+=HB4+4V^CYu^@;{*COMBQ0ZJzJ&K_HrAy66EK_=(wJcRN}CtaTE} zgnmiAes#ybgrIDCh@bZORQ&PY(ifOr{7*@9clJ@*P|~lF9J|46o#`g+H$Di79fe{fMB;#m+UxT}Ov`c0^KCyuq6eLIn8`Ym!{od4VHLv$hud$82t=6gjTWhWz4 zX*)zo<|$rp#A8xRP2cskj`T%+7YR`a3AC{AKN4}3~!@=li@BFq^6(}i)LO#y!p{`yYQGs zQy0N@!BbrNt$o4AwG`*))s{1T@q0a3-wL}S*zUGmu&csT>W0v`!}d^x!&4q=dT#Z93HAWyP8c% zMv=$ER1#m%LuAxz=H-5iAx=U{^NN=K%ve2rwwpf=MGbVhfz(+&m6YSy!Qe#bSw!_r zIB|7U4U1Bp6g@U1pUZ`W!jl}&;JNuFc;xdhRUhw-&^zowea&4RXN!3l&hgk?ea|-0 z0iWdRo;1@oVnM{zjqkR9=zc8pvQ5-wQ1~BMi7U|sU;B-EXuLe7^rWOTPij`|N;-#= zaSVZR-kXN@Z2wXSg&*4nnsm7eZVg8fRXW+~LaT+EQ)u8jG)AtOGgk4gCN6yRLoNfh zKyPwOG+;u895?^>&xc=3pTQ4XsM~$Ij?1TRc&-1{{MbWBh~1?XY4RRd`fO>{{&T^f zYSOL_gKByE;zs(>IE&A(aPFH{rXAs(4#AymO5PJh+g?^1C4MvY%+0e)YZbx=4a!9m zr!F`Tk7Oi@xJefaRQ#ayO(^=M8|wc)c9--~&T z6XLZCQDQO|Ut=S!fH!Z+c2|A=?^p06I<1E#jpM&q$N znH-tYKVUxN+*LX=FZ1)hobsW$#MGKA2O;}^ zX?fSH-Oo@LHJd4tYi}R>b4iaYhb#iu+x_H1_Zq(vq1x(t>)r%%nGh(3+FPcW-fj8k zjndBH1HT!*2x(!HlPkx&Lo3`wN2%NMiR5#!#f|%4&FxJ&eKb}s7)mZRr)8-3>Yi7k zP8XcE%hDv!%o$h-50|%~!(2%#xV@d)zmMXz3mnBu&RT9Pvx>YP-GM7BBYienOJ7r7 z&mSHRT&ss-d?iKR>VDyS7`V?B^U+}j-bf;h{L;5Fa6rqzXgfFl*>YGPST6DS2<{zR zMlRCb2{DIr7QT^gp%44esEUHlS*GjWiRup2RqqOBY|DGA1`$6OEThGj#Nki@T)PLi z3c=`PW!mm+A{R~f0O+g*^d9E?vZ>R7-oP@q>-Or0Lg^zV&>ONLGSBH_-r;982p3ttq4;M>fykOOtl#vad z?2}?q9Uqaqs$cHld;vyj*#EDwY_;u9KRWin%Ho%Q6CGxkEaQ&_b6h$)(!kC)-+5eK^jyXofM^ zH55DXAN9)JgX#GvRnknwLzfGez1&TyRGREO9r>XNDH~mW^^1bnE#f_$BwZ4IhUzVx zdB1)T{z{DH+Of~yj3lD~>RPA4G;l}2c$Tm^N5^QT$J4J)3}VbD6(PQ8sbBZr$!Fq+ z0mQFA2c!_=A;HJ_TtZD_S$GOdq0%9K;qB(?Pvpis6NF(vL1c#mn?$UX>?EgZJ^8sl z%vQ$-3DtzlyOjmK1sJw_VB1?6HG(LW62RR0wwVcX6AQ6zsNNr<#dnxXC zcoVJ(M7!`7kw#x$$@1IZN=O#JLiO`0Q)gWVW&5V1alN3AIn0*fPbpHLb)N9QWFdQn zvG9Kl_{J(iov_tuDbuSvwo3WuoHBatI@E*PFhrAlR}!8b;uv_7Jw{@0fq8E;M8v@E zyXyAO<^>h&19~6q)cE*Aw;hM~mDvA+$$i9iRo3pB81DsFZy@&`_zXUN7j(g^@T@wH5F*@Wbe61s3`}u}F+AAU%LLu!H5TMYUU>%jQ&78L zk`!0pJVXxqC1^e5>JbHK`TeBEukvexvmBWu~Qg-HVkg?SBM+1w0A~tOYZJD z&?n!W$zG>bSlBWgAbfO$n(cTRl%sODq$BV`)D-0}rXu3ou37H1hMrOC4Ru#I+e zMXV2dk&9{fk=xW*{|2Nfc~L-kIZ!>NGvgBF86EvP#95crJv_u`cu) z+$D)`G2DvsOq3faCOmEZlvIT)!JSRr!C~0AN@}|>{5dn3LeNk*+OI@x=O6Uaf%aeZ z8UD%oI+u$+ic*pmA01H(9Zp({rPXQ_E4RA_w^P&n%I!b;{o*p+u;SiM+Wzf#AGGR$ zmDL*AME%89%aLTyVG_}q$+vDgBV19mTDc2XRE3d9-Be#mdYxHN;ZVa4rSqGAg?=FZ zox1d$9cI~_>1XkNk-{=AidwEJ{`*3dc0%bv@rq5Qd&x$b1~UWj!n*=Uq;uz_ToP~S zI82>t60;Y^O$~k6`?JOqv)i>Hni79yU_w!A6;oLgEqg=N2AWoMWm_CojOnTe<2*fW zSr}bv(K{?FC+DgF_nCv+PwJ0coJ6`be@PR$zg-wuH2wf^v1lA7 z>1xvLm&aJWpS%SH`AAtruJJH?nyD1$5u3khy3d?8ImP{|y4vX1zgcVcvF zLwAv;4 zer8`sBYlaIC9Bcr$1fmOg~Y7X@~zy;7QWsn=22oL#)4X5n}=4&ls9%(5N>CguzP#y zD^)3vKpn+#K@>J^SUe7;$EUf!R!H}C0+zzNbh%oyaQpdK*L_s!JeF?@Eri#RDH zgCiCp!|JUHfT+?>N~sTpjXTo#^*AKSd0ZdH1wt^!1POrfsuUOQ8DYL)I`Y`YVL@e> zbN7%kqL0{B&+9>;_E4R^)D>&RzcV5G+VyF#aE$yb!j@u3qhkFl1Gd={AMR9t#p`#Ygf?+prW{Y-)&H0#(?1u~bn> zc0qk+dC$ZkL!V=Z1j))mi|BRGLmX75lyGrqU#~6nzhZ>C+;r{*&GBNYBn^cD)(>JZ z0r4Zn5sh;3UcEwQLfwdG2iUnC1n>NHHLzF)NNfy%YF)WH?CFtx*Sq5f=?hbA%gs5g zx#_9QW#$(OQ2X_?m@JN$-0b$$)9@mj_KSjUE+b)=422ThLzvU9BH_8j_J-x21+pna zE0;uD2e@rnr2D_cdK;`K(@uibuw_Wcb~#c{G-ud~uZ&bF8cyHrEapxyCeT>?`O;RS z>2d$L2X%y6TAi=thX=Zx+rO~SgiV}1L|3Ae6c^WkQK#fNt?n2;az=y>qx^#m3*(4& zh^N47WO*fWZtGx$GVv>vGftV>+c|tOTZj9tr>BVuu|qIEizzx^U`3hbZsvKw_w?it z?kfyi%_g3IJ|~+?t0k7s6JD8n!Bpfhp=L!%8LnvnfMrSsHe$Dy9^X3NGNF4t6*s23 z%YE>jqWpqwmByM<)xI=+g!my6AlI7B@{n!$fC{qjDF90;H)Tryt!yvZ#ivX)_p7~v zslRmv1y97Q#SBc{Z4&d-k21m0Uld;V1YmRUus9oE`A-}NU$A7M=HhdaP}A{4t+!D{ z%sul3(c+OSt_@ zI5=iAslww`t^UARz%LzVFUma!I3K~PyTeqlVkhVdc=W||j--@5^i@hHkL6jA8~Dw| zf&STd9fE=4Mn22UU`+3(@^y?Qhes8ai1A%>A4i^afZexC{9f_axoj!<*AeiXyJ;Pf zTReNx3;tm&QwWmn%qkCpsvz6)FkjrpaNk$QA*{q~LaMk9E5jx_U?( zps0&KcWV|n1^2QY^Kc(;vo?+rjpCk4oTs905(F_(Nfi)SM4t|S|Nay)t44C2lg8T% z%)SZgG?h$&g$$j}*Oyj6m%O)4j;u*gEGFeendWfZ9}w`^LpCp_4H?E)F(0~uG8rK= zPE17fZ^&00Fc&)GVEU=Yo$c!DNx3pd&R~eA-X8Ki=jGA1BQx|@r`!RnZ%4NED#sc1 z(a@WWHIU1rTHQt!Vq70=jOJch3X+6yGNzeyQ6I~@a&C1HdO1S;#s<~y-Z3#By(_mT z_r*AkbB39XadXO9s=74!WB>!ml3TVniF%_nt~urNq2-NuFo73|F$*6LX%+<>8TLME zqWpml1Hd9idrk<~I`0i3pMB^aa)qr!f4T9RdqfwC54*?TCRY?pAmT%Y#fc|Vgn*Z{ zcbCp)=Uz_t2n->mKzP=uN|1hStt470$y_Zf-*GRQG-W#j; zqyqOb{l2t z8+c3CUXR*J#?rWnga7Rmf^m7@Zxl1{3$+;!^>gdgHJluE&j`wgPEe^7Bk7sk>=f}( zsyR%oKc^9@bfNj?w*#C;t!G+O42extCKf&}*@Fl7UOIj5h}@ljW0??%|D^L4Fjadl z?idmCXNx+}nptU|WEvLkOdd~6->fVs0<=Pa;cJWsQ|$%$V7>Gme)tlioil(NT_;;*3@L?m7&npI1WS`uh|Nf$?N9X6JDl?1|{ zcSf^rT`R+W>>)m{LCEGAc%p8ARov|+p0i_is@D@cEB9TFS)8i($zoLlX|*`i2(&2$ zt*+VyXjV!?-PUEZyCdGigA2mTh4wGzJTy9HZyC4dSS5HJfbIft|WRa=^iQ59dLCAS{#Y!~)>*^egs=+#z zzv}Qf<4M@awc)2&-NUu-cKb3E7X=kD*WFDJm>e3aPt);LEUC6^Im|)-qfkvyKI-Y& zCX-NG%lzhi`(^#s52(w=ODp~Vt~i0wS#FP|?G<==m{!IJR#x^QYTxa3G?X$yTFt+) zA1;(eUXO9@gI4AO65FW5f3_7LCW;T{&bS8mS^?cfOOsycdJx_4dBgzF^F#`+H`pa3%j${`2gyE zYuB5kg%1TG2rdQ-adJzd8&h0dxDpZ5``L-VXH09EWOV}SA@iPb3x!ny1*{^CzVD}T zvNF$M&)slT_nAB|+VV579wT!G{`^KQqs~@*v*h~Ud{VeYwlAt7GXk~L@ZqjoFWQe@ zH)(YrmBr%S7dIx)kCUhDb0cKr0#fyi4t-0IaOKfuxpio=9D+nc|66WfknXj2WqcM=+^@$V_=CX%ZV?33`K=+fe|7snI248 z3Po%!iFIs@rU*4ALPriBpXX-h{fhhUi`wf9r} z8-c~oyL%Rd=VN+Vo-H=#0H;J27oXHco%o?V{Mf|ft1HyrC;p^ZC@3e?x(zodc~uaN zXBsK^IJrb9tQ%PHQ2bf^t@O0_+k$TiQl4{hfr`gMz%H?RMoyH3CR|^yGsJ84LX-Rkn3x-&AX1?eO&S zxZb%#gak|TnzYnNPktOrCsb= z{u;=xBh_G48`mp0NO`yIoI5TsA;Ki~fWDnE-_mM~=ID;#GNq$Y?8LThucaRe?E@u8 zM%#bCgr68tUy(%HGKJTXisyB3-wZQGl0Rt;)`III z62YTqFwe&yH*7u)ORLbzP{RxK*XU($`XY=dWNr-zkN?E4uk+LdyXQt#d-&4$@%EG< zfzKaV4)Yd-nj<+n2D>^g1O7TgD(gqUeVxA>!8Tk6Uc)F}Ei%p);>~B52@7>cU0E{r z+fyc1;M_zW*@mRGBjulw@}+r7=d71JKUcUDz4_;+A;S$@)u}V2*gR`SE;QL8-(qkT zwK{9%6CE0s5VZUC8`s^+B5U56xDB;@G@<;SEIihgEBw)jMg# zul!euZk#jvz*P~mtvNdAQ-q`!b=2JhuCV#WDf`LxgSmDO-#6p>ZF#;#KLn9dj3k-2;0$Q0g+Mq&qwHE=Jbg%?kxpxw65%}8 z<2&=`VFi0%9q&cZ=!S1df;eybv&X!rKP^N{0z1x>>9DP83$^9f%_GztYsoZm7;}6v z=p@U$C05%HKn-z92(~tluXOK65*O-Qua>60qnBp;?D~N_cM9L=(fkM)#+%564)rdu z_i>d6%NKjK1|Aa)pF(b(%uh)z4w>$pi}**1nxTX++;1y`EVSzok`zFa15!+58|47L zKI!IMVd%TP_qZya1>tvWvWx@NOn!C7firJsEF`Y>v z<+YVkf9gs0ollDYSHVU(P0Pt>GX0aL6_Lh2D$bVp=c;dHD5n9dhh$p3LfAR&eFFbO z5DwJK0f|E%QU4J&e7P{D6#tdG(@_^<kIzGdW7r z3~x2U*xSmE@P)!y%oQ_RbJdEwIlY&M^Ez6KBd)o(pt*1k6@ea4l29{e^qT&UOM`zS zj430-q%AFaQEt}pc2phNp$L_cW}gC@NtzR*JSJ6#WI$m}wH)%QM5rmFf&LVxDgP)D z`f18eM~y5m#rH0LMLI({)0jG$8&|01oF>h8oVb!e$mBU*MJG!-kiC zi*VTey@t<8(@i_b1G!CHXGfb9L(7^!H{1;t8raCEjJI8+(cn)ye@y;PA^UFohWqSZ z$Mr9vk?L$69UWyMDD?{$^P&IO!S5;gGct;Jwiflf-ic1{!Sk`VbP<;#)Qk;{j@nf8 z*hWT(RuRzyuejKLTZiwoFk*$B_ZbSx+Y-$iK5>>b=iE(>)~}DgI+DnU{7s+8z2!8M zMCdf8U;jbu4z~dTR7r|I@em73WUBBFd{Y^Kz>ugE7Xtj&Q-1pB69j7^=8Os;R z@E?2F=!L?N_Q#rdv!OqMi+;TKxd(;T>?iq}7(cmzU;SoO@N~|n1!KGx5BD@OGr>3+ z;)bY;m)|7PW&OL#1zBZXyNwV&z{&n#P%}&k{|C+W_Z<4ffD@#@`~HbLo3qJSk@rGx zM=hu_9e#=A+NxH+DjlmxHc zR$L+K7&R1SI1HVn!?ZHnZL65u(wV=YyPdxoYV=R8ip? z%T{Cl$+Hq0S%xD3>}g4wL5AAwgRZ9ZFw`bfGYd*rhtGKk6d|1#v)4Kn7X1D5Ek#`t zH4>yyQ|DeZn&O4yCiNqs-Qa6+AJ5VG{XKdN|Bf1SE=a)dIX5Xux4qf3D|C_8dtVMh z`=7p(olu~PRN>djkp*%YDL9@AzW@aju?l-3d{QNUv9LKGuqs2^beM`+_y5pa&!J$( zc<887=JM`$1OubnPLCjCaopZ}*t5W3o37RDABpUV_gXwh zKOE~!uyBxZL3Qbi;Cj*qwEzX7Dt_{h@~ppcuZb3^pw~&(jrWZ|6sZSWl(~*453SAv zx#dGk7y*}Zq+JwdciZn@D%J|u0z*0+263#yXADP}f(P2RHDla*zwIun&@etU?X$Eu z(gPASBM~!$d>UAC!mRRmZ-IbX4;~$+cFph0#MS~>`h%OG2F zHb~M>mISletp<;aSiOCKBQHCjOW6IzSQl3nAL^b#{vOE6?;bHnAjuS-vWU!-#NHbEmW_qjsGi~2*8IKw=erG-7KU?Wm+rK z`EYX`BMc(MBpIexZukl4S_C-N(b-A{x)Xs^D78+$pzZZsTbqR?KQI;A+)KYSXak4j zG(C>Aar<9R?nj0nJMpJ${U*UHqz=C{t@R|bAY4Z>q~E`%rY#|zYI-4B^y&?ANPp6) zBv#TyJL(KJx!@rzI+XiIRBjD~Cr9gDOXIQ^{WA8m*OS|3z^mT(}8*Lf4)s zx#2zauOdV7)8Rw&FDISJamo>e7tap(&P$D%SwTdsZrJ?G4GiHZTNFFb@swOr`O!Xn=`%vpUtKg=xM(7~4 zaIf8N)TE(~RU_{Tw^=78sL{B!3I0i5_Pm)QHeI7qyXt9}S5X`#INh@F!+C{PN?@_i zuG%l=Ah&5d>EwC=Zw(A^7^?p$cjgNw(_%0(uOrLKjb^pUStQ@-2q9;Snm1~0tYs>6 zeKvey%4^LiYHhHrIA;&}EjaIYebdRNy!*(Eo|AeFbzQ6?(5$E~*Zq%+ioOgS+rIwv zOTU@kn-#4JP5xUU!AF=bz$L(K+L_dJ+Xo5&bS18NJeygZOV1~ii;{HXGhNrqNc0{N zH_Ti|@9*);Uy*OO>^)KwqnL1wIUy_L6K$`KpChNh^ssbPmsxAdIeMue(yoYH{3#UB)4&fMHRJ4^B7xEvK4znHkDiuKHh7o=ri4`SM8$^LyzF1yj3$ z5kq&+5o=4}*&v-`ps@ue&@7J(=^J&i>e6W@X6Cv_ok0J(^tnMusdxTMRdtmeQwJ;!W4^CGSkoCByn?rR;}ll#Vm9 zHSdI9@TcingVp{bxV*^L^A7gW)KFErhVgRd=g(ztvAzurWqx%+-x+S*$`C5GY)g+X zPmaYslnN1x$Dgc?7?oyx5Yq4PNv|F4lg{|k;k1bD1}>k__ecF%scs6emy z=_)U2=YcwyL*;KXRYVf5<3@~HU!5-s_u?mR(pYa&N;QAb#wsz;n{{JPa7zjag-PyX7{(}fx@=b-q|J%|0ytC2&S z^IK1B<*m*fbDHnUCxOl!Zoepy5$i2o{8)Ui9s=eQm(H2 zWk3SDa2#}^AH6fqx9He2>#;sxNy=lYIx}3ypb)EcVxtOrZOTil#QV#~^=C9Wj4%#| zxz{Ij;kwm1=$G#9yxf@H6D63-?I|!4J+lnSXUH&|aAqKCQI~ej+vh zXT>0=5688p@=}>LV>(+-BI4j@LH4%sM&-rdLjC_Z`|fzE`}hC*uGHNSrR>#0NwW87 zNM)r$vdYfP-lQd4$;ggSW@K}m1_vcGBkPo7@9l7Ke%BjGefa+IyC0AH@i^hU$Ln>y zuGjUtuIKf9Lg3pa4D>MTJne{B{!QV0ZQ*>Q0&;NzRQ8P8h4(hQ5%B{m=&-2ykZq)a z%*f#Zm%>vmt8hhDo+xwQLdA6f_f$PO!Z`_~Q0|S%Xf0fgaOk1wf8&WIejuxR|I=l* zBXIjJDvp~6LR_aZ5vC?wm~onXGy{*ViS=;ZG1LWN)m~u6^TrZ?l8w)z7x~2AWH?Or zWLS28&YSqGPy$*2R3PBu7XR~o*Yz@U7lKIbn`>pfcS9q#y>NcUth2vGCW=s%iw=6s z5U4OgI9i_P`sp#g+(Uw1MRRU^YTHK;DBF>7_vc66tXX35czXYxKn2k`U3I5ng?bAu z{KsCq)&emgrT?e1Ox#tE-uW&OKUeJ7FnU{9z{9eLk11u=%i2un-H6Z$SNBBv*d2_p&`#ED*s z_{K}-aP$ounFP^~C*fuVTsCrBf9Q6mCC>;-ya-3#bt}{>y*0=ZxE{sJs!pTsY$;#T%)TSYE;9+?fD=o`t^&FKtH7swR zXicYKv%!>I+W3IFOtbIO;aWBq3|ORE8x| z!WrMVPvzVEwgKeGY5wtkRLr*rK5mY8byMtFOYDKP#bRLJSs#+cvnMu=Vz*gB@Egi= zlVTN}K6jv8I)LkY^}{>6aZhiHXnij%blEHPR?Ybb{@=Ny&BHfgl|?y!K0f}HIO}UC z7H;oHD<+KbW1y=~tbVdH9nBcdZ|*0}Rg=p}p^ z63ID!{$U5+jC!uc*a8C*VspLGR3OIJaR=2-LW7<&$9lnf0#&$fgNqkJOTVo zyiU_YFQPK>u$yB%StH1?gbs8f>sgj)-D)Pm-ZsIX4=Fld%|_(as}u8nVyI95_< zD-P5=78zmvV%vF6LE?fS=$ynFR7W-7tPTQ%!PVI@-o`T0+7e}FIiYVU98c!1jT|Q$ ztMruZj_;r$PQ5R`k)aPM76h3Y0k!`ZFR7*es7Cw_Q~o5&0J_Fq9OZ)eduA3@J4)Fm|MW=fjGfzFT+f^%-^TZEZ;0Hgc*Q|0X%j59sDf&D|yk?NC()sL`RR6N7Gq z9)Wsn1AjSw=v{TG+ftKTDa5zwOJAC_VXYGYBhX|FyJ@t1)6#@WG3{h;wLjg`_^jdg zOuc!H{a1?mI?1GFN800LLaIiSh;Kjb^-fMNII$?cQ@_KOFg#v<#6O`r67)mIeccuv zX}u~T$)IWn!K%e1M{Wry_AphDwlfi$%jyQvF8>`ssOq?EIVQto_{wkal-Mu4bm{E+ zG*e9vOjN&zZSBMaAFkX-j?2y0)mE~H-E0BC8|Rok1aBpJ)?$T7h zD{!o{lxhC%9vbeWu6QO1V2-j?_g{P$y(r4)*6ArsLStO)4+1@&OvG8@E7pHlRBp0H zgG~|_ov{ALuO*ZW=e8Hr4;DGkO=J}trxgpQ%vuU8i%YJkCEs#U$FUBY(Uh-T9bux+VjaI{pK`Pnxs+&IqW6 zVbCsvYKoIaLvXrbPb(amwIG=0N;Rcv*jlzv8})~g95Y_%o*%@y?_iWo$BK7959CQ| zV&3uyDOz4^FL&jLr`BD7=4k|fl?)!j8R#BfNV9U~7=e((ftqrH&X5E-cgO-Mft~X8ZE@}~J1=_7A#X;%mxW5F*ym@06 z=2d1zb!>iN0Yo%+wSJ3ZuPanqCDmd zm+{OHz5<5m8Np}P7I+}f{!~)Yq8MyUl^GNqd%snur2OeP=$V1cf&W^I!tJ8zfTt(*`nQ7K4Fny6b%D=DhZ5x*Bs zo)$}66kQJ6BTbJ0wFmKA%ZuN<>V`7omq06g@?Sa z4%tEN$~Pf$TpRnL(=p(OwthCZSn*Ra>Dw}Cbk#Gh<=P6yzN3PL4O;R5mp6p+8?63U z48+m0+aXZ2=vKlm$Mmc$h{bc=>3oQ4YzJ_85>HF$_SOF1&wSk~$F z2K~??%r_m`83^h=*Iz_T*|(bJmJwkq%h3O7{GkofHd97JUzUcl-^P)-I|Fd0GM8ac z74-;C2vwwRPYRk8v_(hWF5;Snt~qYM&AU+o4km#OQ3u$9y*0d?w0GCuSFQ}wWS52W zuL|eibX17WII_KzpdcigbmGhI`=aBr@&_XXEwml?=A|66C_`t}zwvkPN)r1uNQCO{G{UIoBR+3REAVeE}ay z$LLisEZ2X5!402v<8Ha@Bh;OO4S~1dTu@NT8X^gkUfJ~A+bGH*Ilq&WpPGKUj4TD-QpcIg&x#c+mbB%FCWhOJX*vIY!U`KLPoV& zO{n@;_2XE8FEcKcOq@<87-hRS5+!ax&m+qQYLh86OZmpa2trMsSnD2nwdm)9)x3gkckd7YS zheeJ1!V^Y`i1qB|qMVUQ+9Yw=hd>_0Z}YBZ`cKy&%Nn({5l*S^-@}n~uaA>kY8V7w zGcz-I#9B>BzaFnXKB-?)^gVFi`?K)I?m?0{9p-=1k#Jx&`)dtlV@E0^fQf)RJVK4m z?bkIiHTNfuP-=_XEd9%6*I4qggT8%rPX4~CyEvlTbx!sdZ_ZZ89Sh!_QHJ8ldr7$T z-dCyFM3$t?2DQe%M$b&0?L6PaNL$X;cB?*s0lJ(-|O8u=ADK}IWrrW_- zA^^#^b`nj%znVI1p_faJYxR$!k)~%ZxzTJMzi}mFRj%m@AM1)S)F9nIiz|)cT}Z=~ zyveynukvnY9V=sF=g|bI4Ae`ZVIqV13mT8F5<3WagOzq~NM2JHuAF zWcwuGpG)s@5M6Ogq%av`8#iiPQ3^+R?V^buDMg~=lW`v%{WAJPm}0Cm&&C)8Nkya+ zx53tUg%b4usD9}D97(N$nSaX)H~8o(VF|qW*l+u>=wkrIe>G;n=yZ!dli2*RW80>) z?}|8u9lA2BtLQtT&s3ao5H1?v4TGGY$L^wX?G!|06j1se>;%5F?`4eCJ9cu-wCitH z`S(J!#a`!XO)lG7%w0&_>^9)E0frd&C@}n)^Xx=S&*cCMCmpMW7_}$k5xI;9cE~dX zy2YH>7~1jg79pgCFpe(n-JpwmEQ+2z(0rb!VoZPK6I{!4vJ)%Pm@{) zSQxupTc}QF8rj8FOu#?T2`0xCnKKmwu& z7yRgVE<5CvvW$Sh;q52N^Yqko7W#4o&ieGCOyw&>yNK5g%(NzKVzSf-pR@b7T>h0| zs4>_A5e&~|3Ro7*>F_R-Mum>*Lz3HQ1XvGYu%h(7UsLa(M#U`TWuw_jnsHwz;nn{3 zEXzOXLy%}>YdAqm6_E4FFBCX|6yf+0oWvWEF{@d-0E_y@$9QZjWB)F$D7U(oT&5qN zxO-gr4F~)4^8d4AgFIQrP?k6puihdjzuV}2i%<-{(L^p$yy#1gBVlEtCHMn)a!5ed zZo}tf4q!*jJ(FT!HF-F537(Wt(t8`;s|%53>oC)}@Mu;gz~Y>Si@FOTP6K!h?LXh< z(rX*@G2;D=I{IrQn(bg@T?BZyuDn6ORv6hzceyKD;NRONB?Bz}sUcWYEd9rA)_j!- zp0?J|=#HF7Vc)k;Iup&e7n|ebVJ-fT*)IR&%!Sd_n_VG?tDbyf`VHX*bOdkPtdm*f z$lQ7cV-ucR#)ozpf3zs=ZakckZl3zi0$grI;HF?A@ zXWBc?Ws;{>6U{ArGbf?%*uitLS+-Z7?~P{Ai|du1dzdSAX^xq0nFVSQ&XLUuHCwY} z`5*WU@|*e_kJuk6!Mo=&(NIW}(ZtAetf7AYdND6Gc!0cFt=SdNacf(q#bF(%_T9A$ zoqV;K3y+`p%~Ymbz8t4LP#9~8kx~?%x>p&+wG6>^L}Uex3ySPdgQPrPcuuLpsC^M2 zFeQW*%R^6Je!|76xl3vj&w2*-Im)gaqZKUgfoMss=yGUO53gNV@SoY4Y1wm3k*_z9 z!0X|GR7Y=BgQYxLe5`w<97u=UEX#Ci+v~3c2eraYJhd zjf#0QtpsXv+|bNLtOQ?`&t+EfL$vnF?{>fyJNq@TZ0cZsAKTR;S2noV{e9jPG_Cxi z`$>08&@g;eoBx*f%JRlH`pK_sbT+!tRV!`Hfa^OslpDkOz$cmC#5dYzH<#;}j{}!J zKIY^0Z=1Xuc{vjBh<;ydJaD3HZla(G45S_$Ei9@&=M$;KdK=S%OSk5Zqj~{`>w?&6 zS&R_Bh878pN*b0{g4j+6i^{fVftoLczpOxM@1O6owhY)b;ZB|HPLa#$M)&*sksA$; z76<}Q+?Na0{w+B4EKA`qy6|*Mu4tijeOFk2OJLe5HoLFL^u>VN+2Ob&v(QxwG?7wT z_e-FSFJ%?EMox7beD!~N?h*C7LM#1^iwWSs;gm7-BBXZJxBKlH`r_#$CsR!GwVKEl zSCzDvV12zR&(I@-fumKs^=p~Ilyi5bOsr8AD-W&lG8w~=2CVwg3v;5{S`U2E(^~hV z`zV2n^SgBElS6!Svay>$Cz-DVfZdVgr-rR0s7hIDT48wE<8!eNu9#a7D}h65H4{G+i^~r9)FIwYA@3EYQ=IYX?aaJV#$pc7%uJsjn)A5a)~Cn1 zA2`lLEKk%J3$hAak2_N6Iy-#r!FP+v#7<9>*6c6 zI2MLHgo#6UqoMj#zR%9&U-LaKr?4Qyi@s~qRDIc)^}_W%o--WPBNiP4b6S30i;mRy zD)X*x1^019ba_CU;OKrz3w1mV)mvd`>NG5I72oIN=Xs_98Ij=4Mr0R)1ShvuBwMk* z_op8C91Mcafv)oQfvK*W{kqR!efeb8PTGd1FBOwX-5Gw!Mkglm8B^(hv^=!pxNlm> zOdUAE7<1Uu2^cOFgZ@haD65x#Wk&K`%^PRNQQTk|fBnEZSpQwY*BRZ@3x&v0Eon;&oHazJCdQTb&7aJY0t>~Tu!(`^WYty zbg`r5H^@1oSpFmL3woc#XRK54t{NkgUR>~LlAsVpZ>3-Dw-bla7fol@!CZF`x(nw| zDixC_TJ1#ZtZdW_)3Jr=M`cnDz;dT)mKD1(7zmV=plxgE;6E$2vFlunz!^-GI)_+S zoAlwGr*cxYp1WqJsT~+ri}LO2jg0=~koLV!j$a07yKkYmD6i!__EWkuKVGK3YC9S2 zfp-ZCGH5rm{!BzGV16;Bzh37<+Yuh&c*TH>_nOZlTM%ptgkB3{O=NZ&tc!1U`+HwK z1dE!+dPAhzzgtL#X;Q%nP=Q3d59@CIk0D*Tq2)WUx{Zp}_e0zLOU_wn+GD*G7}vnC61B z!(lM0iA6JoVjwp+%kmtH#%ctNI|(du@tc}n3@21dv3A)7CT+HzY*XhLW>{TYD+7s< zE32#!r7ai@?7ZGaL z_tGiC^%KTdF;`FKXrkC&I{uT}Nofx>G&J<1bt=&A6(I^syM|7b+vBz>l<|CNikEX4 zi=5Q1d~#;4HRkii)&YCXbqJk*(a3_$g4YFy84M0{PIFevs!|}%`J-q5WUHIqZN~=d zgy?}e;(>#N$QS)%jQ#{H6H&0k?gL3}T^(dot*@!u|9sR>KiHJ+U+PU&hCnZRQN3ao z@BiKLO2XXS+`rY0&}u)FQC2r<08)BTD`?dj`|&|cvlZ#WXjZ*7I5TX~4pq>{q)roW zQc`?oqpfBb(?cnBhdd3JeA|V}@%Xxi@$g60@xJtS&EEuVtG+E5UoPErJ%%GEy8|n~ zhLhbC@U+wxh~>09p9Oc2zGr*1jn?z)dzRznrQ$C<(Q&VM;b-R0pBs#BgTh(CiBp9` znf6cy#=S|5x_r*FqPIIl%MVcqTAal)^+Gv>%V}n4s<$E!5YVMG1`+!_yE)TQ{4BDe z!w3MTTm|xJj(M zxut^P?gp)2IVI7^zs`?mQyIB;+hNv}uY*A=mK6LALt& z`eiYJZefm1*x8qcYG^hcf{7+O3bMFJ*0?hR678SJL{2uEH3o=F6!jUr=rp2D8H&7PFd)~b9LJQ7vJZjI|bf;J*)&Bn2IAr-~bRbF69Q1x{ zI7?e6cgJTRSKo83^ZhkVY1Siy3OYJEqQr&CaS(R2sPkk^aL3ff zNteB}>M41x7*`P73Qjw%aMZ6MS*47ig??6$KFG@ivb@LMCf8GX?4dnyja6Y}*YS~& z^O&7FW#AB^GSyBaAxDVt1E1b#d&7m!5!TpOM>|~-=^3wK_OcIQY&LOQ+q`69lP~92 zFI+aVm@6cXbh@&lVZqKkVbMfIe?ud`IsNAff?TvzZijAa7IWbY*bOxID_M!Z7{_<) zQ3p`cNmu;OsghDUvm!1^dMjBU1`%72H!}xx+n}oJJcwQ5IJHHrMcSON;4@yXcP1X_i&F0*xo40w3YFp5oZ&(#}s`u zySd3xS~BK8WP`X{pS=R6+ogC*3ljU%iyBl?tv!i62{g`)F159pd^uR#3z+KXaNaRe zC=kYtqiFCY&yJ1Pe0-#cts%#OvkeL6^sfkHDZP^znR71G0?=nUIXU({SbCe3fD zc@3{zS5c8xRaJfd{P`;_@j3Py8r_o|9G){XeuBfVw{}8mb29f(&_+ai%Nt%H(wnHg zygXo&IrKIiaP(gN^Mq6Wemxvc(`*dKUP}@T$;BBY!lvvC3sTN)0V7rdh0; z8*Pu!k9%7?5n;xn(fhl#`)Xb)Dk|1Cw5Gur{j7GKd1q*L$5UeN{f>ujGxIFekSIym zqK44bb-cy(XJ2|^(KvO73q%O5!+L{H`NIF+O2$nir-vVn3bQ^ler-1k)Uwu86ISX5 z0bFm26Os;#yLQ}PFgd@jWqKukTZw2P##rXzVP5lTL&gDIXAE1%F7lpS=+gY;6SPB} z{vgk(Dm*XdDCkK@Y48t}yJi%3H>%;v0l(-;!HNk|(WD8{a-9or1dkeuUz}($)|pI@ zv*?cx86kHZ3W?=73oQq`hn!JUZRdJRiq4U>zZ@-95Zy;6k@0HKz^PDKn5NID|D&r- z!48^UStcq2`geqSq1|d{H?^_1U}L+T+*X&7*M%6)`#w9BLCp@=iN@mi>LEjMc+MzY zD_;fMCEP#YpjA14$)|mH{`^2PuFb02x2~=(Z>C_dv(x+3!2Gm8@!Z$f$;sYOAe(Aw z(5=)0c-MGmUA)C2)Q+JK2P%peI$t=SawHOP0q6F9H;&$pEFAMK6%Ew_SO){(dl6y? z0~+Fp^5(_B2v7^J40XQXOU-ByX?b~mvBG9sI<}tn{7vuGq4@KGceX)Ii1BY zk<6bcZ&tOee`bDRa#Ertaqo#0-;l3hWsm6GJUaT;3f2)yk5*eYib}UKRiKL%jaPCW zlqjZ4FDjUQOO(7WetV%A5B{0n&9ZiGYeo^@rW^e-hxsZGFGy1L4KnN8e-=^Iye?f6 z@jG3!=(tNqzmx_rEbeXO7v(k7Cx+f>B=XoQ2W_M7t&EC{Y7FfM*wD2%L;i%y-r@rQ z2+jVk^_omM??;hUrFElL0nSBYqDDOniZ*pS~EiYSAa&lZs%E@gso$|l10GBUcuH%dz z+U-0rT1?%vFjO$a`OSm9Xtv#;6iplqA>6(2tI+blQ;Guk&roVa@9GOg>@U|3;7X)b z+Jh|AApisjj&YXwyG?w-SM~w{<|od@=<1U05KYmsCnwf&BY%C6Lg-h!IPc9Y&!OZ? zBo+NxegNsf6r;GCZCzcI$u(b2l86b*9?ayjY3zk}GZdX5h{P5YoES7#-2`t0p%n@` zIdfM#IobY$py7V=1v!|Jm@+uAh_MXT?{Kwf_Z?S>UXpMTHgHpzX>eO`RtJk(M5Rps z>41Jurn?z@S#!069YRM~;@Wh4z$oR;xZ8R=joQtdh`;1AtciJ@mgWb?Dz@XtFQJ_? zS;w9#IP<&O)Th78m6WJl@T->x9Br@K;@fA(HoaFna+VcX9c{2)MqLvlBQNNdl9JNX z^Pv^WWS*~I7F!v*8RHaS(fs!Ioq&v_q{{&r(VC%w9S)kJgtpy_SvPHiUu0stZrIOq ze1FlF^1t)CYM&S2)o8eAR$GX=3M35zGEgWn&<~s$R#d)88z=2wHC@-R92O9m--4tx zZ&61}OAFNJ_ahsW&0(B)p8kB_)7|pEe8x?B!lJBYqzv3gqa3D|B2wfw=5c}fxB;W+ zt(Q2x!ddPm$-I*%Cp%lp%F0S5)B;@*=pAFlf#d}2Ni<#Ox_Pretk7c*&3-;UK9B?b z4tF2_Jf+YpeNymPW10q5!dvf7(4lkN%ij5m2gHAu+bos)pDxnA>-lUI^6(8NR*{cJSwip+k?{^oO3$J&=w1dEd;>;y_jFm_AM3e`4CX}N1qZ z@#x`#$xgS|UPo)Bw=fJ3XP}D3pScmj!^7&>;{($N1_oZge%&YhG{Zlb=c^eKq0??U z4S%_b2=cxnO<|!R_MNBsd3j&`8u@ngpnH8mNhTXPeCmcm@|=0!cE4vc2S6=3w!BVwbWQ?pO& z-+wlFm>30kRKmkwVr-IW|5-mi7o-%?MowRqfFSDixAddD3dqv41U%7sCfK)>nM*ydJ_8=+}1><7Zq1@{_A=uIWc<9 zvd#>`9YPh!uPsK&mq^NRe(#|F@{bO@knDZqbLke> z&QrEgRiVz&&NfTMR-% zPJZ7daT-5J9NpcIMdRlb%JzAD^|aF%ODr_`;Y6HEw-{3EDT5R>Ygkwqt_0`r+nruS zOQmTkHP3WB!gb)%_=8bbc2|eRuObn;gdrfmWrJd4@ zz#;|+Q*L9kteos&)R@_kZ8T0LdK;3L!!juMf(nT8n#g09m*nhNEYw7Xyo9+A<_!c( zWn`p@*Z)M(3RoJNszWJ2Q*7|imaQB$Vp(kO1y2{&GM&NX((?(V5&OwHyX>NN;q zjD#o2%M0$k*KYK5%92#L?-SzIm5%%1L236D4Sf@7^%S$#(E6#Tw=k0sT^e&Hd)$rK zjl}^p*gLqfkzrtH4>#jda9~{av@ZpXfN4ijlWRnIp333nG~}PgxV-sDuBbqo{EEk6 zxuK}?=5zfqUJxHf-y&0xr{&>2B|iKlrP36L5xmaDu%5w0N>vs1W!jIula-zegQAB(3v9CopQJq3%sk))|+qdW9SSW}(_&tF5lb#O2)HC1ep0F5P)WO8AGhfblVI`gKsQk75u6WVD0Sasbs29XCo9+ggN zkb1PZsngzQ>eNnl27}s9^HwQQ!Rg*~O!kggmhb)jRvnI4 z=ml+LqpR*fCy}lB)}z%Oa<*S;JJN~KS~$JbmFZs^X@_k(xNN{p zHVrRE9&aiZ4bKE}q`(AN-B|hCq0h_0e%dibNSvM1#XNiVOpwqFij4#l1KIO2c_j0o zg`%cLaZGW4#ZJG-=zX6&$|&55*u^J2t1-U0Z9r1lmi}^N-oRU1K^eGUt$M;$<133<4AJ`>;s$@*x9heb`6W5}>B~Ce7dt6dZQ4flW zfkO#CIIahCkclw07p;Z9t>fI2Ef(>5y(*Ya z0~HLWKtP_gwSHUN<3_+R1a>}oLE)I?_W{PSIUHGHg<*rufz@6i!RTk(X(XTnqv%e# zw8UJl#h|Gj2J1S2v*;+S_EJ0|{YppE-a^&6XObAYoi0#eztO@6JM?ryuS&Wqot3|s zslO>0w`s`Y1}bjL&#Ma(8(aj;a_|4jf(tn49-?gSrN=H%`kB-w<4xKj+Ay`lu}6(g ze9QV!yAy!+Oz z;omj_$#{evF}+_DDsiiS!JNCT*!3&w&Y9@^zK3lmWcdJZmm=x5gXZ18$ARKn$!gJrsL7~Q z;8||Yet$o(%BPzX9o8hOQ|99*P1W(DNsMi?k?bmjcPbu@ng4CRMX)^klpvNwlbl-m zA>Eng#MC#cN3cfe_(f4QEp`!HgcB=%+sC>mLl)Qn{bplK*!&a46V=41rbU+toJvWe z#Q4*qku&4#$9c`=Bdk4;AeeO7(eS%V`UiNn3+aHoSmYS{oXp&g`)* z4NxXGGKx=ixDEWwz&76&y8hxSpkS@tAq!m=ud<+2G}f6}WN7o*H4wK0yQoah>!h#w zEqT+%i9Rr@N5!A!*MO&NwC-wD2$4~Iq+1ja8ML@ruy9L~y<91s3%WZcj z%`M|%+OJz+MC5%r-G08~G8+nwNV{gS$pplN!uWgN$(>%)hrUv?1+6t<*+#_6aGB4% z64dMPxj&+01$dpb_bzBRHdohSQi~=rvJxO=u!^nu`ROsV?$Faw74=34jz7%pIWM=d zdM+|>9e|6Q;{R=+Y~=2&A*sGAwsNj$QBGCp8$ynGH5-=8i3@ zQN~v^Zn6$Wxp?@kJ}w7eYwCYqT3R|{Hs_o+ z=9S`NW*Q=u3SHFcT2|)5(*~!652?w7uH?9XKjfN`mH!J{IDPZBW50jb$L=mdiJ~Tx z$URI7-EbF}z<+chM7ZLkQ7yk$@b53c#Uy)RW?!fw1&3c=tCxhou^};$n?E;8D2S`q z4xx7)0@@u5^Rp|6-VJ7N*EvXNpPo^q`u)3tZ6glWs-jch*yZ)6}NH5*B<4M4_DM-6iTzP z1;3frxZMXw9Jn=aWE>ivkLzWmcwltGTUHWE1OFd$$4Qb_H0KWi_My~8^HZXyK3|rZ z%p{YdV7}sv+&8yZcw_jbdnaVPPgc1!@%?&t5Vf;@?EWlA0y4|5-z2ed|2w>&Ilv#T zGM8s;wDDCS;RH~Mq5K!DYaZ{vuK4$E>V#Y01hQXcyWu0^bnrh0iiXbB!d|#coIaE- zzp-gTXa&x|iD6*zePcfoG<~PHH&T#QUzT3=;jWu3lFUu;3RW&2-!`iQ&0hdxF{l6fTUn8LbekCw zH#y!nnOs*;?Ko#bpLV1^$%v^K@DfNtxBQ3Q0jGWza^Df5WqA)T`_ zn(`#_5{~-xuJ0cnZmbao+$(ZGHWrCx{PnkMUt0OF9wWPQHOY?uPCDvKEsXr6s&`Zn zwFK;bO;^zy4L~)lXb6v{Z(6SdKG!(Ab<&LPQ(paDN&Q_`LlMU<+HMoB0fhYhJ;+4t z#Z$8VT6Al}yZT|u8)gN4TJ7O4KXp%XWcNwc0v0n3yvfbJg{`cm6;=jauC*tQO2#1g zuicJLe4CAX0qirVJ?o6cdZ#GLS)*<0eSJTcERsvSV=h?L8iw)oEijy|7tC*OGEf^t zTlt)03(0hy^G?ySyCcQ)WFzu#***^m>T&&vJlQfOtCmU*L@Qi$*nNag14sD3E>2^ zZb?sR-!C9OW^H0_=;s;dk-*C1M}0N0RVvx<9{}2cA9y|dZ8;(RKTijtJm6&4v-?4r zdRK}%n$K)$u|C5=O~;3kpG`he;z)uIojlT}u?Q)`X3k2=RhF*beqr_6TOphj{Gk@J z?xdQ}@z%C}Ca?R0fp&Y(a@sVpGJ2mh{pmxw-pWwZCP7>~dF$(q89)IZtb(}fKMt6Z zmZ&KW|C7Fnnm5C>D<$q)Mu^%8Q^TC<0!JWMa?ys0=g9a89f5_yqxN#0mR~;S+p!9j z&W^I+_(xTtg52^^0!J?Fc~i0YQR(76Nln0+_H^eQ-z+AaLTGi$bQyoo6Nt}prZkh= zi52kzoa9N%fS2Ii&!K{M2SP(d^>0{w>WlivT^w<%R#z!DJ1|6m_pYokRYW+2Ru_L8 zWpidK7s_ZpU!~FRU;**rK8=@{&l8z#W|B6rwIJNCnkIpVH}P@r#bG&)@Vs0n6nP;1 z{pV?$@u>;q|7=BU^Ru&i=&m#1F6{L?l&!>-m2=`TX_~xS@Pev_s%Fs*Vb)(|f=z+r zIJ>USqzibz6s80++Mg}LglufTC)Stz{C?r*)) z2=a>`eY~SJYL&h~6#H_}3A8tx4@<3oj&-Byo&r;(AKCoNa(|gH5U3*=DT(>7pZWtT zbUaF>5*edhIf3VH#_usX1+ zVSm$JHt%pp!1iQj8WB}@Ve=X%9OF#H+M&%HnG$A~$rU$x$ACE4Lxc*rKL3TdEM*(( z{OoHn+%6NFlEvH7(t2$R2+cWDOl`tXREqR&%NC}p{5etqJGL}o3D-r51M_K@NoXc- z)j$88f><}sFc>p{Ewx}86J0xAtxo9_>isp&RNrtnqHI$MWbe&QF8q0qwW$w~fp^Kz zqBHt?4z9YJYoSl)@bM;McXK-)-)uSFhPkGkS^B%V5Q4<53Mc)$*g>|GF*)H6@>D>f|noSU0D~$Ogg=v3% zResmd@bwFcTs>Vm$2TT1hm&0(0cinL6~zRl#s;!$32+?a<>!;2i4y3aVU)3wHcn$ z2~sj`>`(t)|Fm#25p%T}{^9Wx&Hxa1g=)qV#4 zC2qLx{pVOZx4)qNg#`d}G#5$G{PQh9o*^=kTi7?_BENe0Ur)I@%2%>r9Z3~V)Bg36 z`NziU2IMkKx)W~XzdXg?z<1u|n#|2xrb@8oK|M>F)b|dBbP1sRx|Dw={k;a)7R3x4 zhb*G;qJKM*q2%{SHKepU&BxbfnnsS#$k4PhTQV78&Hgt%3@ z+h0!Q%G)i;0%qPKRA_Sc#)j#nvP(LTF>faKKCw8mV|HMfSNqqW{$6d!Px8T0htd&Z zcKtPO*SA!k)S?ntTL50@r4 z2&{GX&SWpWUBGFbXs@u}?9PAM`&2ZnKBDU1%zg(@@56jsJEe2Q_A?M158&jVRaE$d z03DTag7*^X)<0is?cwIw;Qjmy6ILNRzXl;7af=FZ2J&)gr`Q`5{;2n?P2C?KK*aRE z&-ZtHJnQTaxk-)OkJ?_9(qT7e@njZr2_t=aE~~T3O{X{3W<2v zOBLy8k518h+PSZf@n&Tgq4Q}i(i!~M`@v6Ukd_`S>DTpB?q0O7S?F!(0&3ErA{wyS z{VK-B##yXe7 z4hoXmuRFAGd7JH$Q*ZSyEoqMpZVuTlq%*YGg7*(vY)b&G+{oZ53SIdA?c0Ir>FIue z6ztcQ6$ddr0*_F8MCZiWA3JhSjpSZ2*?)rYgJyE#qtw&6Lp2UtbS4b;8>IkP8fw#1 z>~rFCsuK-jHO-4J7W%FRZTJM#g75_H?{c}<4^QT)x5@wLoI7`pR#Ub(EIhpaADnl( znUB(74wOvPbn0^+ziw?Lm;1_5+tS9!aEw7Uy&f6daw+#`e$Uv_Px>Z(_M#SkE&P}) z&9fG~??bM0I>eoyVv~|ika9ORHYR9Yddnr0VbOaNj3g3oq>J~E+*j~l9 ztbg|MSjpKys=(1)(^g7^7wLg__&`qSvtH%W`Y+05U)cGrmBw$@un4K99F2X&dpQuz ziY35S7DG+aA`**=I}#fw*3ueyWtJ|nfrXwRN4<|H(a-k*88y|B$9ud0kwT4t#27^d zNqI+{NwZJua220-+$b}~jI_e-!%G&1S%}miK zwH)E$*GG4<2M0+zI7mGY3SpI~h?5V3pv~Q#yzfa)W22#|spm{iV_%=4f_G>>v01S5 zeFc}*=e{Xx%+F6AiSC$*i3x_ZDA!@ECb4mENtJ5gU#kyU-0p2iX`>ybh%no(*}LP( znnmbU#9(;ehXT}b8}+E#g0thi_WqdToasJwz}+7FkZM`;C?`sIV%_dpo<-Iv3!K|o^7 zZz)2sVFXgJwLUK+ zb1jRPFF}T$*VH+}y7FHx%jO@{Vvg3dhHZ1!7g%}p%>^p|-VKo(O1eVQxu?nX%^&Tu zg$Mc=wPm;XR9y0Lvv*c)a~y?^wmM3^gG!1@0A!Tei3E6($|NmuZ{8elxfuqJb5h>* zOG>CyO&2wn_IY^qk3J&NRiO=*vhu&Y|N1v~7ez=h9>`riyngIwj@Hm? z*U->tyW5M)Fs#U&8tC&%3S;Boc(5GUFS6BibWqC4k=E8W(t1=!(I=v9l=mzq%xfVrQsnJPVJaS{LL&+KtY1-7Gs z)XTYVRSH9+6#tyYo={qWiKAJnral=;w5AY_#a`UmtYX;GekhM+5USAGQSU$o_9 z{QAH+rVth2s$yI>!)T$){r33CH8S7v zIFGUtPm20LnnyHNw;nuSKc>H4XX8ww7*!ugedp$u71#`FFV0VoFAi$%=3+@a&63Ck z(nc_yBmW&uuOY4R`?in^4~I%j=Jla8L%SNXz{?U^2j1GmUoPrQ}fU5x$d7 z3S%-M88aEye-7|X_5P7Gu$sI<`yl={27r})qA$3}ZYus^gKIA~kF+RMv&pTGl--AR zTLZYZriMIOIn~R9QH@rhZO+g!$l8)NZW(yfRV)dhTT5Zwo!$CnPj|?9fvQ1i&C7Fz zAAKr3edP5j7hSHe(2B1u_LUDVKuOYU7p%Yjy#O=w3=n1MKIV8xF#*A*GrOlC2z2vmeU)WRXN`WZ_^N54p1OBVKMia=1)WCjwmS1;0fFzSw z*#v&sP`Q(P6?EE~wgzvfadVtxLcC3Ef$hcT!NJ`wZb;Qil4~by?ov97jiG#cCJ}Qv z-?EvpISZFuTH}JfO!_pxq*J zZUf&UnStPczsL`+^ZD*YlzpPU7Qp+}f5!()=w2M3@bXm@vA=je&y_b_Kn3dS2Qnm` zzL_U`@6_?Y5IS6MIHIP?pB{nr4U$YH>5m#WSk?y+9r%4_1;OinSI+4^lE{^IBjYfm zi=%@ht&WtE&GqZodsTRnkb;*x!#0R|;^N#!e4^xunti0L zgW3bHo{o=DkX=p>VO*IgfJv%^?%P;Lco#xl6JV!ezRqY4Jd^~s9b;o}@X94J=_ya# z7MB>nM;$z<#79ya4Q-grSBAE5fIF_MI}lRrq&Xzva8@?-^r58Wz-xBwb*FVMdDb{) zppVS|b=E`fapivs>wsz)C247Gh4$Ix^kQ1H)7YE5;U(6%0{y$sgM)fq%$Mt@?oV=Z z8V!w_Da#myIQ)d1jby|5IgE^r<6v12UcVr}?)iUPKbtNL<=GAm)Vc@?sv8Vea4YW9$$t=rXzYUbUrsI;8&0lt~ z_p3M3ZGs=i#U&)Lpfn4zvc65%bs)+5-*2+Ily)I3G%>jV#?&(UPj7&TR7&5(a4?N`)y%R zM4QUcyYxL5oEbaL1$2?iy-7++QV3WVggD~tHj;pLKMSGR$#0Pj>k}^yoY2H%VrJ%d zv>aa_PNY`g&^XBV06hPUxSn1-mq|IDib|6JuawR;nHfsn z)6^#__#Zm=_`Hpc&GV2D$kMISg#GES{-jG<`CULYh{_;9c3L_*T!V@hkj?d@GK@?$ zzU`rX){rw3Eh@b9lN0;y6D?h?iT}Z50n9X7gI-2UGrVD14gw%|XY$vnZ)Crum>Z6~ zv!u&0_vJcbj6)^T9{}YWZwOiKNN8kaWI)2hpzfEl&+i$9sby}0f}NGA^tbgM&%KER zI`0s2YS45kZAvc?qoq}gOVYoq>ReE*%@M^k$!ZGnDYyR8dKlG9<#m z5Nx0Cf-h~*b{h5*C(c5G#ZYX+kkSt+IpDV+U%^x_8>V~b!M;79dzg8w5#k-du$xg`Lp&&u;BV%U+~!_gADNGy>_V zF6tZ7!R5`pt83vmX`!6uaO7WH!q2_a`Szq~OV2E)H(F2g2nz`(-`DjNv_KvPEXHuS&A3yaa3j}D!+D(8 zzP~#tNKsL#-XpolAqiRu1D{^H(Q6#-s&!H;|IpI7glqPvPZXHF{#FX%O!YH#6db9h z;|ns$xEAaJ*FX-RwJ#m_YhiKcpO^YQ{Y;04$NebwdVjBHEt#25$eWHT)Bbscv*=CC z5wa-S#9|wHSw@M&jb^U_3ovG)a*r*U94XgtSu|<4yOB+3t>u6i(>Dy<0m?Xr3iLZ`=20~?Zj&^n>L;>!9 zw$cDHh_&Y4${4NVl8a$OOpZ>#%$cJcADw$%O3AX+&_-Dd8ZTujmrCLj%Wm(G_at)} zNisAxRxlRQ?difN%U~J92M2H;q&1&>_R17ATN;|O(^{G#1x4)ODMFXgfVuNX=Zzv= z)ygpbLs5>mrFi+WOSq&N$%77dkI$JeaBFIyGLq5n6vVkZtmYLn#%ihRZgtgq$oY2} zHEAu)lUYn^`0F=(KxD}-ZtHMqDVjONxPP^`i{^7=<$(`XB#ODi zb>Zdscef=~+AFeKo@gzFPsX88M~bJ2Y5v2ca{ZLPbbP$Uc+W}g@9cw}#>B;zeqCfE zP|GP3Koi65^%@>e^-hvSQZf+&>pL+bO!5lGvf{{U<#g#Rnlcb*8^7C>qvc$cVX>h2 z4wsI$v`J4l=LojD7!8T*@b`WD&egejJWGy;zHg{yE4WODF%sz-Xml59@}(14xmmOz z>a1v}14@yKz0`k|=$0LfWHEC7YxR4x4rk>ayRW%hc&`JN`LcdO)_mozi?D$2@n2(Kw;>(~mQ34D z!znbIC+P6u!+4WcJ_|^5P#Q$ppO0|E)Q*?Bp~Zty1!f*{_Jc*L<1c3;sj>6Xt(~=r z!K3`;p`zB^M3g9_!$ds3nhE=~YFr=$#gm{wL+3BHII-7C`TFxxMGtxZj)xC-4U*Qv ziQ_vZbb7lIEUavAus{$qJj>Z%;3`}Xl)pSd+<%;sRv+>&@{JX{BRPVw@>OeEDAS%U z>YT*-`}sYYlqV8f3nzaFR?qMKA#umi#f!+q1hY!*?m! zWc?RDOwA|Sy{NLDmv*OVkyjHw*J^EettDXRu|4h&)wf-|yhVr}ceLs!Id(_RNwwf( z>9*MeqPvqn`<-*C_>P;bDtZ?_O%NZQB#4go`B&PxR_j>|w`x(i%{1kfREZstp3|Bc zu)^iKO()?$%3=LH8cl`YFyj(k2MccGyy7gLd=OVCs?0R@X6vQH`jWkwUIJ^W+8&I!1BA~Lg^@q(`>1StkZ8aO=3W`!OdyP^XoX7K!?&??iWr? zhUkU9*3MDlVw(L>#aC$!t@g+B)x;UJPHWoFz+K!+^E*2BqwxiNWuzCYj^FzLvHcj2 z`=G=^qka7`s-kio+l%Az_kGAfXB6O_cJiMyZ-hRn>(W&x7JKX5y?Z+Nr0V`TXL0D0 zIviL5X_+sVe0w)0X8eYn!B8pB9o7YkHP%}im~oKT8fwXAUmA!;AMEaz&9bwudQ&Px zLPIq@TQcg}8Ah$16|?_T+q=)0suTP~)$sjb8dhCIxppZv1e^kUJF3<>!`*x zxd!ipL+YJvNoOz_85zy_RtC-^-m@hoPp|&JzMecD>aG2vjeDoun`B=SLRpezS6R9> zn2>#`86r!JEo*btON&ACyJ5(7$u90(WjBNw5n(LND3VExWhA>1@0p5*pWgZFd}h9L zzRz>cvz_NW%hTb?;jT1($K~hLw#KFGQhnna_Za(U@QjV}!HC{XoOSfRh8qy3CMa&1%3#Gs~gV+bmf!5Y`gsdo&b zkoDO`F@DC^qfyHwO{JRE6;HgZ{j;DW*BNsa0gm;*C|;6l+?gMzyLyYhFq$0Gl6#xE z(+chC@>=uRBC4E+!g)mkJ|qMTV4P)ZYG|Zi1`Xr!hkBAKXL80?20B&rdLxz`qw5+h zpFVp=lCC@U2e<@I>qo6WYBpH-k?HQ+ z;D{*7Ay`>G^O}D11WA>#FqAKU&(}Q0lwz*dr;c2J{W|lJ`o+^`|8SCz(ah|u9thQS za-((i_4JVXzcn-4WHRtG+l^kdFt=loy#xZa6r4PYro$2nslmg%%4Jm2GS| zDMy8|A_NoZ2!m*m0FBrtXKNb-Eqy2QF%12l{SG{6$xI)~bgCHHrzySTL49s=Ll8(S z&8@ln5u-0oG0q9`nK~1F-TRaUQy1$z6txrsN&6n13Q>3^G!Dw@TOJrrzG2^zs$Bz4 zLqebjpK)R*gaxv7InspzY$$XrE|--JZ2=o1a?S38wlj^I`>vxWS3Xfj#z7yRxQ}(P zV*n_7{V+s5T3$J}lS5G-+PFY|UiP8R3Aw0u78f)-Izp!xf~aRofhhH5*^02?|Ff-t z`SuoA$*-z$QtN<#!N9{EpnG95NRB9pv!Cz!ShhH40Q~T>$0={6qiB*$6XcX%SeM^a zqDoOR?UkjF^iJN%3e?$58)~kwX(pUIS}^)X)%)c#uUS%a4+;3glui@7rofhE=Z$Hx zSTO5i)D_(7;Cd`xEU$mFhs(t}%=H1%)m0|q&K=M}NeCD?)hfp+B`%XA?$!sx0p$z~ z@$il$A7l@mmgyvyuENFzRDF9*Wd!+Ra!HQMy}|PLpFe+YS>bz4;sv?CUpN7p^*fx~ zQN!aZJ1e$ps{&)jhbUJlWNk3J4?n0wOTP$M`1GF4Ea@@Tvl}qMZOr88_OBi}$YBL! zzzLrD8w5X3)f!S1uC!DI2q%z_~nO8 zmPom+oVAUOA420I^z~MjG%Ow<=vVG8$wCM^#e2+dqccsU=jeR`+Wi%pTC16pdUCIY z%jZIh6>^x)E66d}QK&A?@~%VRa5xU`h5Qu)X?2%PZoRsbPatUaz*cwsIv{*;Mwk`r zG~!MZ1LD)_8KzcwTdsr;Y0SV~d)c4rA>U_0Emi@|xA$-@EV6ZCN@DHtjyJ2QpFz9p z#m^&?liIE}v@T4?kFf8x9b-BX^qDO&KeQDuQMYZ|H}Z$>X|wK20$`!m))pf6pyGIz zD5BRs2pmyyE3_xbm!-myw!sD;yoDeaGY)|V+Y8tTgP0>c(GAKLNg_p-s$8-bg$3@i zeI1w;;xJI4Wb+CuhrM6@S?kV-Zv&S@K+#BAyR*8~VX1806Pc#isoF61*g~|*%`flC zc!rLze_Q09hWc1f_NGV^UM{4uJ~IpwLy@ zjn@truY&V`m?RGt%Nq&3psMB7EsLPl;hDCA(*;^|baZ&Sy}5Aj7;>0hK>RO{$hqiOOR~*qpfub6!xk=1RlJmlR;lrK zs&c)Al4u~mc_XkGg8v=f6@}w);FMsQa7{tEcr#yy+Wv4ok{-B6LpdJ496INWvqWPs z7;>?*@!OT^DBMcI1jcRhu5Dokp7Xd3pym?^I=Fzt_rt|;SG&^#sQK~4|C6`?XOfJ~ z`C;$!<~S0~mzCYtStQL0xNIIdWp@9_EcsLC>>jgHY)WF{{idcSa^(%r@i(QwR_$3L z|LapmidFP;{yLY=1jl1JbglrkJ$(_`I%d&OTdM;kDTSh1oarn1*FA6{(@a}mO4b38 zDxf*;%k%lH&hLoda;_`dL6qo#`+-QOW~txguAGn34>qvJ;;xw60K@#meI4b7Q|)hr zCh>4RpzR6m?J$W3%RUpea9&d>eKDfGm7m{MXnLgsDwUEM+7KDjbytV;c$PTuX=R#l zbB2>~2!rwd8=`pswg__dWSU2oo8uEGv#iD+X%)#cb$EK&D3Cc`&#QO^1<`amJ;4Y~ zaX$$(A?TIRFYrU8tjm@ii69*ZM=`gp{_z#)tgPb~N%JnZg&IW0Bt8$LA*A9IUUe2Q+Mld{^J5munUcEvzQZ%BIi$r_ulGwNui4 z9aYZoGtdLSU|LIv2a4=}J9sozBs4S>=hBh>Vt6{XrV)6$VvW$()USyVO_BcJ)5+I3 z=^L#@F^eCc%g^Ou*_uR?%l=qEz|bqiu2>}KM57q;3HEmNQ(S=mnDL=>3Gays%*#w2 z#0699ud(4iQVK!@xY+&hGrG{mz_VYFlwJwNntbtHyLQQ(CXSkuq#Lko=rd@aQhxod zLJHFGU@gYns#`W(TsI!biQs!V)lS(#B;slLQuAo{BUW985^ zs2y)7rMEY4KlNH!C9{0`X5t7V0`==&Fl)xVcwAG2hDR0DTPz_bvgqh;9V&44QWq!0 zaaTI&aq^?+!otFliHWF`l#~RI$N4sYWHV`o<8&7ux&cx0Fo;rC z8>Npgk^s+CLiBnE!QqGYq756ejxnfDjkK*ofdqY=~@#;)q0-4w-GJ3bFYxy=eK*<(+(i_rW>9NB!(SmI??Wtd6pyDMU$Fz(r6%AhIi2F_echytzE|oh~pk1;uw0 zsRIFGM4}YpUrTiEpf9v^*}*0IdCo)N7!OO8Z9m@kdxGtS58jlKSEYpIS94fxZ4vhA zY24GIP{|yunnIS6heYzN$Znsxlca7rbnL2_RKrN?mf0h<7Xftkdp1CqQ#(#a(->V{ zT`g95?vd7czRu9UiBnTk=ib1w-;w;Jm$A{K!{d7$Ai+4{X23QaA#-dA;x%Nq;wUwFgJy^LUEpck^689`r6JW z1=2+V2F(jue6oM)^l`M%Us*yq#0^HnO`|*SeCWpdPQ(3 zl>36SlhLB>NiFYL`J`Cqz;lRS9&dwl9?s%IEF}q<6s(+7e`@*VNpC2Q|1$J^g~G|X z%JdDAeN6-!fiTjkndP@E1}$hp$#u#;4LR4-*~rjhq*NRs9d@%GkbM_;$R8r2ChKF{ zt1YkfsVDMPbFs!_)g5_a4Kr2{>8v(tsCEe>eH+53N<5Dhtu_1yW&o!fx3%@Ha}*fl z$c9mDbldua)D9rW&AYnaT}Aa=!b#egvb_sl4iA{22mwsvZ56mZ%LBTt0^{zSz}Jp* zA@b$|Z1hAt$6U4(i6|Abt>VOM6F|1OhEJS6>rI%B9fzQRYk|>9=FOt~L1@Xx9VO$! z_iX6Fg9R;Pw=L|shmX=UW!pYK`1l)E2&#dZY!%M{RV>y-0Lvf=B-c@C0{krLV8GHB zQ&6uZbM2H)|G4A&0#O`?@(nQ>?tb0L_qt}D#3ULHvz@+nGjeO|zhUBm7NGP&f02yM zzplpARt)BqET0jN?^(}>;Sp=O0d#+RZm*-b-3o+^`2lNpcTjr|>_G6a_b z{6jBKo*Ge7N34!4aB$4b`w}IJc<)EHIRu?~y`{ka`i2}2Fki2|Nbx4YW+?to;QYC& ze|!%6?~Nh87}147dBoEtK6_9`CYl;Aql^pq$D?8|1U(|^{=I2^)>b}^4{+n7E3w^M z@y^;q8|A#K88FuL4-%hlpxTYkZ2U<_iD|~x%j9FWo^j*TU!Up90dAZqIrO#7r27** znCB!AgXSJ_$^0h`|JG^w#~|k-SXX{v1+dD7{|#a*$gL*-nqTmtRXaX~b zd1h8V$?Bw|&iV7ay$7E@x>s}YEF%YpY6IHd?Otkt-2|URq{qmqZnT43Q5ZQUH97Rk z5!s{Cv5{OQrzKB>9cH}DD0OQnv!`o*YAS7z>}S1rRzU$i&@s@V(9w~ulHK~nw3586 z(Kg{%w(_uQV$C@zB_-vc3@sfan~+v0jE2fD358nEV4Z}P{=fJx)F0-G7OeT)-}DT= zQ^QA3M;d3GI7?*`|L%?vt-SAV=baG>>*O2m*P*_|KfTjPI#B)Qk0&+1eqHBpX)pz{ zGuov!FfhpWeoBkV#twZru(vePIm{gU^Tao{jMv@;)6&HkY1ww;o>q6A*N5S`n$pfu z8=HwPDhx3-wBf+c&Mv2-!eei5FQ=iARtc}a6UfMhnx++V>FDoIskE@L$jHr=+6vfI zW3?L#k>UPge)<9pA^fR=G_{>RedJS^soziWokUt>SXh{xnwr|m)pSnlXAch7-AVZ~ zNc}nd>gwv`?Chi1*x1SW`81|mocr^c$Y!TC|89)+Ct5i_I~GS9Pga_&i^EIxXb2P5 z%6#Rlzw0q!jU%6GjDE8otY5f( zj*iaArClwx&5vom+x3-;-|{Y)cse=xD=4wG5R3YkPC%;tNqm39M?7|)sAyyMr6M;= z&Ivd5lhy%)o2Wv9DD!nGn<}+hkE`ngRNy#nj=DVv>*V zA%lW~%oe5>CsrGR;;PsTHLGRHGjcK&m=By$tmff}xMg=4Qk3sZS8jIf6BTK&b8(Rr zX>5Fl_i<4@DP4}%PYD?Bm5eBK>cB}p!Uh*}A?llg*UrKxd~#v&8G6)|3@2%XT5-B{ z>vXJudQu_Jm0G;J`hpi?4wsXoY~I(Gk(;T09*Y+zhYka6xI+tRqQ(*XlPBerl@D8- zB}6G&`rl0{c6IH1dV6KM!z{W^Edq`@>|BMQMJ;oBX;Rq_w$p5%J|J_Z;Y`+l)*N$J!S9bsY{UZUanu0ci8+rtNTlOTh^*oG^Vh=S=E=1mPc8*o7rc{({-;>IB>3N5$4i0)>Sh(|cWoG*V&^(3i zD{<7uY~Th9{qW&~$K=;nO2ON{{i`bvM=84Laq;m*larI*oJfmt7|tU?M(&V|)zmmf zM>9O8oQpoPbfs}uR#tj69CLW?a#`uc6f?R-yG5NEB)-%VVzo(C@;GsbPl;`3XJ@fT zCP*_a$Z;qRXYKtj)&723R>l7W{z0MZ_oR{yDPqi6^9u(o$=}~U%lt@dA^$5_r(-`V zPGoN@fT@=;LTxzhQg%FkUJ3~uFAA{ls`}90-or1II~N`D1ObV1Kig43-pFD0uzcIO zsC89MZ;zCGe?OQ05;^?+j^17#DJdzr7i{q`#6G@5`qV`E{p90^#D>O3`=P2Jk6)jj ztpBpfUg&r-IXT^G&gy>{G}qc;e1o|E;ey!xLbYJZgJ`=B96aCgdlo>kFXvG$EiDCy zY!9G2+9*i}s3@r92@FS-9+9J}sqYY_SSDD}S+%>p<78lA#OgQG18gXBTH*szY-1uX zvazjdXJK4`MEWNt*~r%eQg-SsHe{$cbrCnYFYUUZPNwKXXoE!lI;hA z#bG9NM|*G*B-y=Oq94UtgZ{Sx;NG3<bXy{! z3GK0>>8nD-V4!7(i4{wF+dmh%M+G4T_a# zrF-+mid_5R;k8cg?&(ZuEHgMd@cCK2JqH5DqK?*Y1&_gCx{KXyw%7Wq*xM>@3zhlD z%h+=2i-N5gWjx4Fj&n^$G#I#-37vHx{fY%W@R2-PL$Oqpx`vkN4Xks0 z-FJ4VTGM*4QjxO$%qIF@I&E2#&65Pl!$}yzIh}`wA7zHT{8CCCg8+sLtEhe_Zxl)1 z&!k1<-mUZ8Luk-PFOSn3&(!AU=lf1&z8DD!S^HcvlP0L+v$hm5KK{Uxs10BT{rQiw zp+mNRWjZv%U${ih^%d(H8X9&!kR{%OH(jJB2>TdICQ#X$yVFSceq=xt4Ybs zX>&fDq?|gO9r(&K@j|engKppZfRccrCyrq^LUtX9(KEp#+e&h3Jn5SwLm$dkQVDr#X`nY14+G}^C3wXT<@mkAZQ4e&U3<)t#A6%-YLe8t|(P&r+pT1P(Z zLjgxPKV+A(KAFBtJj#<85gR+7v~P@tkexQ*$#J!<&Ugxx8H;4Xpxf)fQ*x*IUEdQtr4jIk*nIzd5}OOhHmd($f!VJG!Iz zpvbfJ;V5dsofk&}v5uX>ItTQNDaq%j;eHj!B?HC-C4pp$Y(#5_v2*5BLH9UfX zacZF}!skZv86}(;6*?W#DQ?#fJ zpP_)sp4lfkV`%@(mwoJQbBX4=?z@ZJS2t}x@AIhFJZC@3zBpDM!WObqJ>OP^`(0*N zY!@BqzRIV>(^f%pcamXRd(~Z#VzB7FM)}#JM4n~o3Dl%)l#ebt+})~|jj6FafVLt9 znOJ&%R`yu)5!4i}z;==d+45D3sf{Cx4nDeNt1Zatv#SD=c%}P=-TP4XCqFDokT*SG zcsyPLAKLNl+iUt)L$JM!C!{Rsv$WwfgnbN$E;6ADz26{ASKu`Gr!a(oi2wZ9j)~O4 z<*il0*=V(k&lzqnIhmItgXh#))v)j$@q?b6`|mAnMeoztmD-{hKT`HyIyB=jfZpYEXx#=v2>({hQ^HD?yt|Ul{#d%MR%Dx4HT5-{qX-Lk08#b zGJWQJFdEA**tD80dm5|OrW!E%+_N;)IzK?8jpL>SXJ~Ru+c)FVBH2*vJ^e0gKkHe| zAA%Du>L*VgJ*sxtXD;v*vwG!9Z?xU$F^Ph<@4;C}+squ(a9nn|z4$@`PRr^JCD9Ca zyZJ$f$FQG87RrR}pYR;FlKGLzx!{$x?_O~Hw}KaIcT) zf~np!@v7}Wk`JyvN-^Ha`4Kdhmab;(D@hcBPkCpa_jKg1Pv=I8Ht%zq>K*xMId8P> zSE}rIPN{q-yq<<&syyAj$llXtV10QyXJYMU?uId=c=+4k^&b*F)zKdeztfY9Z{WOk zi=>yfhgu>!>^Om8bCQ9vQu#J;hLYdHj;)#tK0sPr=*uJNDVP&aWE_`W=0PJ{PNkLr3#^e)@E+ICfX z%-T=?)17(w)Xc=d7rkrsoTTw1HF`I5>^fccp{A-#wP$ept&zaz$!RjL4=~ExL6^B5 zmq25g&{Dt6C+<)HdHH%=fSR5f>AV!!hpHb=Gd7XoPWt>oN%Vnkw)ug0W?jw)4+a;< zo3A=)CZw5NrYETNn_PxDX9*ek-xRpiw9jFKPerx&p9h#)_V&JkWA&K#Q-^#Nz|55E z=eV2UySQIvQ~gX`XG~zuD@}trJJJrvL*c15VI7R^LV0d42yiRz1)`5UuYu+G5W{rXf~ExIVWsC_8G4MUsQ z&ed4R{*}T#;5kzwM&gg3F<_QnngoZGJ~p)7DwmMaP%W<@u?%_DW{$l4aYc&Jrrdtn z^p;Z=*L??ql^i@54ov|Bji0LT@1_Q+Rz@rsT zN=mxQQ|9>3&Wk#Tx7^!!oECe`K#Jv4KC-n&jtkjZBwjpIEY$=a+m_Mas=|Wu zg8@4-c%iL9bk}L(xk>3yV}b6eX_s_d*_rQ!j$h+KDD%GCi38W9Zy}r>8K+~Jld!5I z9S6~4_M8@+ngK;!{2D5^jn{L1E2hpHWB0E$l^#I1%)b}~nmv)?r?VRRd-)$ZIXTV- zz4Wnj*`^&*K`(+ej5%}MhjvZh)WC<=rhGam7k2XfwGBZme$##&^R|xjjUK|mUHzm+ zz?S-VX~}R>k(;@^cMEH}|JWNLq(GS-_nYNJ+}%th)AdXw=wa|TZpGZ8*i*Agg`OnR zs5?TgUiOB_7l<|U^6}BNutm&(1jK}%)k%vzmp8d2z9vZsj_(ZG z;gyaESx$Fr%X$%)PbhYtmi(2TYu?VTyBTX3{>v$No%c6J?2T!Ey!)#cNv#IEHD52= z;=+S(^6YvMyz^#w1Oy(fc1GB2CPv#WkGGh?B;YkiYLf78x2U+C=*!G+U)*=plnmL zIAP@d-IaHjT=L&O{cqZ4=2tRoiI+(WW^_vx_xTMyGZW58q(x0_8e@pp zH*>er)Ex8tLi29Rm@qe)z7iuEBbGl5y<{bLpB5`TQnA{!oF#s%<7r{1b81`fgNLz= z)10Xu%PSN0ow*kF17+UrJw1tqLN0D@o%e2Ql*|iLi7qom!4cZez+m5%XSKMYN{((! z8xpiqZ;q$a5!f!Bz+?kdEjh)d`A|FSaYuuKI{~ROl42k+nu|>5cSsMqOE51KXGUi-0Zw;W{lGjFZtrobF~ZPvbaZt` z>$z#I zS}?LDU~8@)JoLMsliMw_%cexE$bCql`GrgyEh;xRmljp<&P#5O@&9}j5y4TTM}~-r zF)VVVw$VDGEo6fNxX_sR_|6Asjdz?@`z-Qq*biuqkJknbRj+nXe9T*z(D)ppay4+xOE=j zqWNL^RA^gF_+h|zL`Fs)J$5XT+uHZ|-C*+6`evo!#eXqF;eKzgL0Q6=MG&j6)GbJ? zzU^#zw|28T-(FYJqDZo=tn4+&-6bU_8|DOKMNWsp`&^gKP_ZPa`yeWH2DIer`~a`a zd@p;*CbueY8O!jAei0Ku*Vk0gEv<%;DO1e$%@4fuy=OXeR>S^i)bclPYAG_{TAI?} zNi4%Q!5bLg)y%N=j)K6?eK3ekJ^6>S%jJ!4WN}wg1(aQ&-c~L6_78n}f=+jkGqs?T zp8FD<1c(VQuQS%c8)LqckuOG=Z8n0vyu5VvEw=7y4(YY&wCdEVC<*O^Y zfVbIio|6g1bW;Zo@@sO~mgI0&k*@T;zm|Q+eL&)^8CQzg9 z#)Tf!qWl=0eSMXz{iia0f8|&$B7K51dsWI_D_jr9|GO3-H`o49Mp-zdh*yhiCMRz{ zI>cIUK^#0h;bx@{-@*OM!^o~ff;@9TwpuzBUFWLQ5~$(f<&8e68+#p2s#@=OIJ!8o zrtP!#4zQEj)jG^zV``orNl1vOt+me&TAnVU;Bw7Y@baxnCqd|yk&$r{FiY9F!B~Q6 zjk&RCgB`Whwg#;qC*j9~+h8XlZk#yVBUns{BR71!=;`IP^2NdTPZmxqh8}>vuE}@b z?O8)BAXUPnT#I5IcXxNMyLWX!-ulgISk4l>bQwi}g}QD0*i!TFBaO z3|q4MP^R80WZCz<_nTeYq0$oWTdNSkc!D+~L)6Y|{bI%9Qo%@}12GaL7(N0D4bba3 zD`?>k;t?#Y^N6x+{GZh79{SV4o&bdQ`zoAth+l;Rf;Sm*pqhaH5_WQOHa5OtI+g*S8whhhH&W z%V32vvrT4a7*JZ_T!!ULkm4E^Nj|bSP%{3g*0PnT8y+5pI9opDJEtg1y8%k80<&?k zd2YuEn?pMCr?k+K2P$}~cpiD<{YM<~G~}I?6UwSJmnDmaHfe!R$4$8+>(L}kF5 zj*X2?;398aqkh04-G3!~NB&6lUkOo=D7fy*Fmz{Z9987fb9opK%+F~;Alz|XT3 zfv6w;3)=;45qKH%^l%~opvOBsJw3m#YB}}ExzYI@kltV(@uqLoLWlXTg-^B z4)~t2J6mgwAg46?N_6exz?wS0z5O#y+=Gs5FPvq?z~E<+Aml-;;0g=H@~VD)QF5P& zLgm|Ob5%{x&&QgsI8_bfuZx6s+!Af{r{b{we9y@7fMl#dc=F_llGo%{Jh{q#F?Y-Q zQMPrjpn-uDFse{4Kl?_S0GK^Shx@1?f8>)V!wD&TadXLCAK~2Y5uEC&`Ti@@sPen6 zh!t^Gn@k+iGdB>c3RvXL$afl4Oyb)_ErGfua8`jQG#fPAoiBMGO9>nw`{1!_FVmQ| zv(x_L2Vd^oTzluYJO$g9yPv`s*>0gA>GKOl=0ACokdgvYDlh8mC-UN4X96;^vqhP$ zGvmX=e6fQNZKu6m;#+pU#7K;8 z7j)Kl%3Hh2mE3GeLY3YbGp)xL6%|SPVuQO7Cj+rNhtjW9Z~V!v?&%g`a0h-JC;WC` zV*GWE@FQN9K7Vs_(+;ZrICQYSK!z{UVU4c|XE#RtktIvN?{(=^hvuJ7g^ayx6B52q zuFTOdBXM^NU3Z$40%n#_ogHc6xd;O4+F4(C_Z?D>BL#z`k$m`!in(Hx4Art`72Zj# zqYXbtFg+|$czkfhQ8bDi%0qRzVxzZt>Ik@MS@Mo z#u|qujuW)~8K-ac+LUayCxveqmyAv1RlkizxQj=d39;&DYJOLx&of@YfwT?e<&~GK zZuu}-jFCA?nua!lHqtxZv(@0Tvht~%tx&B4m^vqvpO6GG3XbB(li;?vr`TQ9Y6fY{ z2GjN!QZVXOd;Z2DllC1e*W5*B_saLLovkjSMKEe!SXy|_JGj6*y>o=RmvHMb9H|#> zJBc%g6PYF?LKVKxZ=_M%E7Qv_P1z*euO;jzBCGU5xb_oGt8w2%Bo}Qd)5&oSX%`xu zUXwgp-mUj2=7hr8XN8v@8$&*xM99SPT;q;Bt`ol40%o+-lYO@msmR<&lQ!HISH~6Z z_@G{jIhvT84o~=O$I-nJHZh9HzT0tq8kth8oEI?Aqu>|+@JyAKZ75C&4d?qJUUm1C zHyw$~ynCI>5L##+%pDquT8YM+$LXy515Q=lUdv#X`z>Zq>0jZlFJi$vElIMPsnCwq z!3z&raYlier!G5WQt6h&NcWz{k}moEr)=Mu)V0Q8N-e!r{q)$tB8Hb}`PJcQik39# z@f^LxHLe=m#m@>ZCXBd!-;-PU(u3_7qKS&bC$*6WfdJAY1&!y%L8h<1l%NcjHtC5TQQ)&a2hkI zUDj+9?iR=nIToFlgP<&QI_Tk-IO@HSv}ncddpD{ZeknhKzy+?vI=6CHnZFGB$0djv zENYFC!2cJEI!AA;T1V7exH7BqRWp0S#kyE+@J{_9SB8l<6InWJY&A~zt={jaVs{|N zT8&;H(BDUG;n%!Uzb2~v68?oxBPX$k<3(zD&g&Vgi!ZN%rSW(>h2k0XJrq@7S`W6!0CVvVHnRm4TT|2&Se#XE#A{^0Ab=Jg+k#sj6Nu&fHogobLgp5 z89z`D}0&VQ)@$kQCa{{#C)CoI70&VuW=Vksyn{f%DPz9TFYl>x{O$M2? z@;7acgEp*c#nK08Xb8gjEnL(h0dQm!l0kWKe}8|W7f|^4R%;8fztFNya99gOJU<*^ zXR9%{<8`CvB131thmjH8qSIWce@zSKEH+=JK*isLge}eitO;Aw4SfV?^VzL3{4d(v ziNW}ZvomklB+xZqD>YjTg@FU#w#*Hp=0;|LU9|r_or^T$D~stmrbkhxG-*C(xR8t#Za38*qooI zFjF{mPVg9sP00-0_lW$9iL)tPerd@m*+Jyvpv?yUhB7C0&xeLKoAEjBUgjn??EFtt z8XC#$dw(-K4$O!+3TLByicSys0LsVyW*}kU<3lTY%ywD|z}fY`Qb7(tVY+Q4H@+jg zZGP@*aBj8KkAh)NfQjn<%|u@kYIHTr<+tX;$fdD>nh^%JgpYY|aQHJXjM)FiGq^eA zU07WI-#r6yCpyN9_hIq&)D??Oh>caFQdPkBjt}3wAmNhz%F=wvh(hwnJ5NQpS7kKg z860F%=Lz0_VN%7}x&wTLswg$``7>G}^vHDo&*R?Bqf*G(2o`+6gjaPkqvTy+ZR@MT z#to_JJX=CW4ZDm$gzCKC2@z4z38gxGv4Vm^y=tDaX6sOqoAqc(VvQXzdghPHZ?;n3 zZHyn&n}v?Kq2R!@jFiAFRbr(UBOdp9zr{gt4x?>fe0f4$%Z#)!KkhDk_fc0OHzDgy zKztuO^`QCvNy3QrF&qW*Uqj-)JpPM*;Fz|+6$VI5@Ww9;eHCtg6>GUfi^usadM^c_ zemsz0sFm^p1Ok3Aw0%|nL-NdLHt`>-{*S{1OiixOpy0zT2JYXNA@`NRt>VtPblcms zE08}XqiQQaMZ%=F^kA2`SGEm;9T_V~YnQgGhkW0NMDGN+S1Gmjl5iqzOKh|qY`2`8 zlD^B*qCD+9sRbUAH!yW1?9UEkjRVo{b3@w{PmiHz#2?p3kd-&}E2fq_p-}C(kpZSo z2qFARl7`?k%}dS0<}nvywaCFP zXaBO^z7fH}-|SH6%9cRX5+F5&LA>y_^;S)p6+Rlm#&kI~o}b71rEDOSX9I-2oYEN% z_R-PvNS5lYn8KQ^G+$x6cRJ2aQ6J9I_N+}!+~ zETR;;XyH8z5v_YVuq={~DY}8+W{%HpzP$&bS~Fh8M!=w@g{8tt9}r+Q-`EpU5+W!R z%H;f1WM_OlxW*Czu8INXZ7>t6dzY&8w5#7kX3$5n%uwZfcQ@+MqemYpJ6oeEo~?=X zjM7jh7*j8@(C^uH<6PhG=|2}Ya!w#}#6fO0+SRA!#olwLa}o!s7;tgUtgqH|2UnUS z)|qEz@m<;XD754sh@U@e!#wPKm6A@phNwQ<%)9sfB+dZ>W<=E)gq zg}W$YT0bbI2Bna|JvSdOMzmCp2|6Ee#oB;7SLqxQ%-L~q(oVpky}i7yz-z=0f^vMR zdUm@ODv~yO0wswA1wnGTF_xdb26w3yiW*V<;ND5cP}hsXbgO*3dQ%u4)U_C|>%p8o z$iyBh0fANw9n(IP=+%@63Al|FlU?jachh-ST!NGwMo!V-(=t9N9p}Zg% zc5A)@rP$zyK`g_Rac++tfIb5ED}i)Y*wH&cI&d(4X4!J50Trc&gKz{Vo?Qz%Al(AC zm#YPlczVxc0Mw-bSV47iY$>pU=wYZ)YbUj=Bk4Z)Ui{aa7UH0DCh$8S0~HYn8PS6^ zhzs#RZbY;Z2+0n+C5chnft>?CR6!N6geE0J^AWf^Ayc`}2>^&>0$9wwb{=Zk z*Z8M3=NU*@%r;}K=TT#ZDKJFP_L<;W`;a5WLms+;zga0kmfjuk<)j}$YXjVZ+qoeE zduw~C-z^(u%M;t9HoJu-8{^5`oB0jICt%}aUaC`LwsPI_lb7~ z{F!W_TX(^09|R*s(|ljw#AX|Roeo$V5Uk!(6^v?aZOyrWB!gO;>fQD15X92MH>Ndj zmA-n8Cpt8w2hM7K#KG}bc{2J-#%Q%RRx+zXR(l*q(oD7=^}Y z2wl~bmF(HIsZCdtK*~}&=1ltbmGR{~9mYAY-0z--Ahy4Ag31XB)#9Y%5)V~KUVv9U z@;_jkS=0JZb19(by>!69jFWNZEjb2~xZ{(Ahc8<-cekIN*Y&%NQ~F^d?i(Kmup-Lj zyv2r6Cao2yJ%kVI=H@*-?L%P_O?~*TGu=bSAXsFYhj30rG_*sA*O8h(e%qg(>qMx+ ziv@U|5$kb+>D=kcB3D&;xAL9Xr<_T+O6M3pQ0{7w^Ob1Yjk6phf=u^E_x>eAs3I?$ zuC&TyO|ihXINh`LGR<)sLZYFwFb$!f;{C!JtWJLFb;)^{^EH=em#JJ0)v9DRRSi{0 zUx2%Lt6V_&efpK^err4>t-APvat<||F46*Z- zYlE{}cU)J$`D~zM!1pif3KJQz_vHK-XRCLLcLg8~ybEeFz3X$g^x%lr=OO>D1&G(n zJrpt%R(&jFppR!K>%(O&?mBC$#P3w8v4S{&4N>oYdM&RI@e)Unsp+L`7xIn0Q{|n4ZJ@-P`NLnVq%Nja0z!ja{S`0%61%P31%3F+gG7dRMvE0#f|5-Bp#>3p1;|2fR(vxgWemEiLMptrbj0H~j7C5w-*5?`1q^Mnd*12lvwh<#K8(;m6kFwU9YI5#f zovgV4hj?0`@T-)>P8;0$POs5;W?9bt9ZXWu{Ces#R?GRC8`UFg8cV~c3w6h6QDSV! zqa+E1V!MJn%e!$Qn+~G%8+vn|wrHa4BsTq7U5zDBkigyM)at-_ECJ6{9eePaJ!Hbd z0{Ey{gELuLg|w)SgEnK|vQOTJ^Ia6<6iCYBw8#-{QN{FL4aW^TXbhoKA;aS7Zcg-!s8-20}P<-sUQ+t8cpsy)^J!ylEbVyJG z+{0*=xWY-yeTp_)q&#Ova}p(nW=6hR5Bq|(VP`!{3y{*L@qCmq_uc4{X&gQ)%g9YC zlQwipB$t7A*(byt3qy>~=VGaZZCWh!xWhH(5ex9EM$K%99Q4&3v~j6clUHq8h1Gym z@wU$AfmBd$FS~6rPZ@#1p;A?GxZ{o>Vvh922-*vO{C5J)7lQ+#nS zfGoAqU&rMKB<3fS^8+SD{GmecYwYLq7)40gH+gHs)ePn5%E`PJv|xC-)pl_z7U}01W`Hl)c;gs0MD7Qq1_reEG=m#$hLxzvHvtIWb*S;;Zntrx>4M(wlM;4}F; zX{fO(n3eWy{8?4`LLGBK<5lhianAdCm~34Ezf*bT^JQi&jRxQ$=Rsi@uES+xX^DybuVY=`UWO3a+3W{^?}kc~mw? z>LcOe2XP$fk2owhApA0$yaC+y8_*R6wS(T|%C)O31)#8RJ(ra-Zpw!H@wqundaB%~ zYLwrs1P@B1H+(nLmP4{h-`Xex)x6c~(c~75q#Qf=pfu@rFgbXwtx=|$90cm={F>f7 z@DLXs7)v{(`HhRc$_Y&ST)w^%7qZheGM?-%tsG}eL#WGNs`wL5s6$r06!TweoCh_DslkEW; zsdpdj%0Ok$bKtgKaLul#qHr}+N8Z9=61hZKX!NqX{hq*OUjUR}{4=WDAx_As8Qg$$ zW3mO6|7bsGmNio#$E6aqns$Xs490TGXa;2W+RgsFY)}Xm{CZI18I{5~j6W0=zDSj2 z1v32svRwG0!8B?w{ji9G{OC(wXEPA#CY%GT^*G*>$Or-Ha8}|! z)POV{2z+NQ@)!`qOD+&S6&kG`q_Xw5e1W_1V91UcJf@&^8PLZJVN@s$MpLi?JX6F2 zNY*DH>hpf`%_eGLe+Zb)O0nq8i-1ru2a#FF`5t*HApCL|teYn|S_OOrdTKyJw9*HUa_=&%Pc_qy<4EknZi|5TWv@= zVHiCia`9_-Sg4#Ea3;~m0Zq5l_VH6edQ3aFdvrp|TNl=(qzu--~5%iaRP!*tm zCH6PmR!39dbxx4BSLLvM`@8XXxL9Xd2r!`JBGX@J^f+&g9+tSjdIf`fNL zwo1v-vC(chljhuiOve|9a^fwennC+=TDA*@a8mc(p3zhsUEiQrcc%oNAu5sI%;?&b zoxG~H@T#fNx0(C>2?DA)90(u*9LnYce}Vc5&ajz}VSIO;bpZ<4Oy;~sU(f{Q)K@T#iY1h!hx)ndqcvB2sQWT!I$ zzNh>JzC+{O{2nZ8kiQjEtkc{paW!e~XK}D_Qn{i|bD2cOjXCTS5SyCTe|tb;N_K;^ z@b9vaI3Zb38UJ&D9J!bghur>sgX~Xw?W~)&E+edrR$)u4wr| zNnvVW42&gOnudUpsT32@-4yrt$GLUvG#GyIo%=PZ1qoeF+25ttIk^{kk=$3UJnAd` z2e_snX|VmB)MIzrBtUKw^xa6m>+n8(m(`)7=;<`FN64Thf0nE!`~SJq@Iz?t>cvig zsP&iS4Lb6^;d63*rk63Q#N_wrjQ zjek0A|J>;bn6257YhSzmrfs=vQs3tz05{Wir}sjHf0fcFKqW^yC%E@iI!HYe=|SH- z6Wo#ppV^I$cjId3Ad`ST z0MX7EgQAO6b`RzI|2{G;es`?g*HMrGySuySUZLuI88wApZW@X!%5^9HUNW;;!C2R!Dkr~sC>WbwHT+M@b(b2G%I*v)FYi9v%6syMD@0Po4M7Z37)t0GEc zesNQrmy@ znrx^Sl-#*~{Zv&@o4UuGLf1#=861W~0*{>Ys#KV5)OUV=Ut}f+`@AnMZgedkh>!9A zZlI`LHX)84b!^HiM*{lVf^57jz4Yt5+Q#ajyPC~1)oN9Dx~x2=gkPi>*NekT zHb3STH^jJy1aOhSMXCZnwU z-M0}}Vg;f{eJXQD0wC9Apev+kWM<-yEzZsxC~w-GncYRonj!pM(+9W&l90e;nG>qO z?Yaj1S5_!&ATf`Fv%aUJ6m5;Jq9OczC&((MNEmxw#nA zkAT|&z>EbTvs1*}H7W-2YYF7j2q!LHU~Ty7*2TxK1*` zDVTG43?KN<(Du0EXp;o-k$q!q{RLJ{KFy#HEImm1LeVR5qK3yzuE)`X_VNtFZ#jRabKvlgkygmz$P>hr!uiwrBvb&y$Bv?J3YpeG_1< z9Ouj7|0|WWy*oR=?3Fs^C%UQoRJiAz)F>~SSN7<>@nCs2p%Tn}5wTN_-_LU2`X}*} z)ts^`@*uF!n?*fQlJ1u+zEuSct@SxO_Iw&zt0FH440fC8@2*t+w=FTU#W?LJiC36@fG}2z z9_X@ogyZSG_l@ln5d@yW0mM7BbV~q{uw)9J+IkrqJ+yVuDV;-(GThhktAcm%F{U$h7a_>!g|!M!2@ZHgb~ z>HQ@CfB^f3N5|y6r+}R_@bFoP6nMUP&+dWx*waPP5I}9oC0bO# z+FW$}_;`Z6!yze1VxLGg;6Xw=8y}zFtG_P-ZXSf)rKR9`g%3eU9x7+S^qkNETkxoa zHh7lrl;|s$p(=GQDRa~C#Djm}HRc3~lKJ9wWv&!--}8I6VVsyr)HEZ|--%C+5buc3h_!+=gs4T{h`mvt?wz<%#RHNr=P-DB^W=u!)q1^qX7!H|x%Z^Z zyb;J1`l`jSY`YLc_Z88o2r<`OkL5ON(`Thu&ZA$`)}!G|&PU$sT`dO>O3DOs5(U70 zZe@``>=$q)=~@u^e?80pP2gJN^ieeUU+?j!?!ymS3s)OfMTMmKG16yQ{|sPN7fdcD z=UnDrzG)c8O8HW%kl1{RPW-shL0jQ-_+R*=AN7K5D*SIxP9Z;6fMDgT;(jXna@`tz zn^EF`9cT6ahs2an?1t;(Oo$I`>6_Y?NpD4+JiCa*fY{>ox;x4}msFi)g#dr7r5I$X4s@Yz!2xY1=y zZP(#LhiuZW%pKrZleR&2@Z?pycvuEDY~xx%!626F zw5SW*=_(CD&!^7!zk%TY7Emzzxz`&i4eMtt%5m?S=si_O$7f`4P2Ky2zeWK3is|Nb z2DXlhHZq!CLpR4(f_t_I?My>A{i|%7-Q_Z|><$L_k!f&4DIdhrJa|FG1*#pfy^XAy zX0aGu6|6LBFC7e7>B+x7+#eO|C`%gy*pH4$eyUedA%MryJ!R|UkIPG2xQzPz8A&d8 zid=wWH?Ma$0DN_trJ(+2<}m(M(wTqP0{lm1e2Js|?0tVN*OHs)KF8Cg#yozvK~=_T zwzt+}%1?|L2+C~oH4jx(rJ-f#Ko#CKAy^iO-SzT*q3{hTL& zJJZpMqgF@>hLSymK^DzEdZ9S?$e^#>&Y_FaJ>>aTw&{7%Ww`=Ry)Wql$Ff_}k7cJR zdGcihglnyWO?cO3!bv5{fVNs(WMN_`utc_V!p$6!FUN9GNFQ3_be8#FERhp3VX|+B z{{a*(wlrRx8kB)9jg$c`++@ZhmJEjJnZ@J&W*8_P!I*LGAHYgthsVXK)eJ%sy9S1d zWb)UXfmTB%ZSFbD(QD|LyrBFWjcMI|1ME8wS&?vjPL5cXfnzlL&8y&_0e;$YKL}B@ zGJ#~pg&k7}z>wc4ESTQ&z@RT;9J<^iMQ!>y+-LhOxN~~sRYso5k2lskv=W=QML@-v zRw#c8~A04-mM*6r^I!A-0bo>bH7GRl#iPn)R!n{KmF?gDoz`q zH=0yaJ9uHSo~&lR4(;jwhcL_$(0392f7E#Bq?R7OREHd@+U@ZzxSDOv!l3TC`F#Cr z;Y8yj$MdMto<~f=kB?w}C3O;mLvGjtu2#%3=|-m|@CL?ziGZxie+G@0*0e+50qh6L z8%}R)FE_SDBoBJqR^Ivo$`3G4X=fDYBFGx+mcwmyB$p$92(sC|39>uK7rtytd901f zob}4>vVM13+TxD!1!DUMa8_Q_;0lvR2FGTYv_W`*U&Be+fEfl#81CtoJ+{MyY!{32 z&QI6AN|DdH8f&vvGbV;8@}i}CC-RsM`3&Z~1iWT*pAHi-pj3L7c^>}f<$_f`;Os7Q zwh3I>lHk1?6vn;U?qhXSR8aFIr*q*Y(52Mvw?xgV^;F#qVs*9ATNt8fE4OSB#1}C` zt;u_W_?wGDEM2TzVnZH_uS>RFy4bR=JDZ7Mt}sj5?3jZ)k^1`-n9w)M2BMNf0b@$H zP_gIp1zIX}0zq!}+Y5fTl$N=)Sm597;w&c%C5(Nd}~xqgW}!#;`x9qQp%d8$Ibqo_2}>+ zX0(FdLqbM7WPEZ@cJ66>wCbUd;HncyYyBhsHRz>c)$htirjE+FeiOT%@a%^4kmcdJ z5N7m^_ft(tBp}KA2Uzyf@KCJ`uzL#r4+(MLy#==J_pXM4I}CUxedXm}%8ScgDJJWc z;PR(eBM%R_%!7YYZtuG1Hk)32nF8x9%}!_ zjQ`D@c#Lz|U~p}YN4>JBuD++qaB13LRf$i1nJ;BbQ78A`8z8Wv%nD%PFCYaCI($X~?C)qaV`QB)5^>zFn3!P5e z`_IPja@|8_wO@hKY`^`gTg2DwGM5|W? zrsD>yswT;rDe~C#cnh_a>C6^Y``VP&d)MypAQt7#Vfb~*``Fd)s`7wtJd-Cg;WjPZ zwDi~ihrRa>$GY$1hh3tSM2TcXS!G1&v_(@9Do%SvMouGSug*ecmO3?LB^jr^_a2dv zoxLf0@A169y1MTBx^KGg`#7HGc>ehP{&N(c?`ORCc)f*Eb14pM-kUAxZ7PCI&%#k z(4!oqLeS=31BJPrd-~(bn-8x!AtnJScA@$D87Cu$2iEk<92?H|k`C`Jip+IYAHfS| zh`zrB1VPWQQSlqLSw8qJ%|T0ax(GAfAuUcu!7A<;EFQrp8z8`^Z)1IV^y83WV57wV ze(>{TK!CK?C7fbrqWXn5jc?xXw_L9;O^jIWIm52(ZB5vGGi*Srh*VZQag4&BlcXW* zOH6=-HM~huyBZFC6&U!e&(+`MxW3*btiV0GK4r8_8ea;k*t{d9;sud|Uk`c)mtLz3 zNTnE}benPUk(I&{lNj(`1Jkwc8*zzYF2pF$+9Trl>cEkL%JvBb9&8zsfnPhOa>ofa zFfwXp{X6cYI`aMeSGsPyo>p7k;TQPbJgTBRaiWv2uF2+Ajz%0LR91R#Y0=A3oXzNB zUcwKrYxO!hK%yUsNSK<%#GFB7XBfHS@1PDsbheba^5%-qo2J%-UrvjnYDDd1OUqgOQVD2B1TlHS{})lAwJY*Vz>va~8A-&ivf( zhC*Q7DQtTxUh4p)=m(SA(vIJ=W-aYHwWF>o2tPz2La@R3TN0=9+FIG0=DK5MBEthT zYgJtnkM-Q*{VotE(Du1VQ3K>26J)U3u?3&ugVw*xLu0*2L~~6oJ7!DTE}|y0SH=V# zdON%n_@~d7(H6X0^6F>2K!91Z?qZP$5r(yz%uzjCRUD!N%2VBQjj*X?~) z4kA38slUl5SM-mV!~i=aOLqkh>+s(kc0Y;Z>V|<%vA@Q2S9;*lVIJW#yQt7`dy!2!%p*7Vt>Oenp`~zaW)-)(Pje(r0A1!=O|fOqmWUKU6(G6fg`zS_v06@KzL& zJ(;UUzsU)Fb}cBD%cmE2-e}7B?qxTf{5tT(vv(XCB>^IfrQ#dyl~UwtxaspVHKcv7 zD1GpVlMB@dw(w$QVMBqUd*K67?MA<8*?a!xoD$PbYe z9O8MUL{2BM0Y|0!ME}MlWtt__%EMeS?(P)R2?Qxz5@D+R&dxKDdTCQ^Nj)d!Ub(Us zzG4>fbE{jlwn9f>#U{dAcwhOFYzKuumAWlWzp3JRZiI!9Saz`OnF9;-94e9y?H_Gx z2MvVRqg`bev0Y0GP;=6}JKN)aSxUupD5h3?#Hd2S?6xPn1d}|l(p#elo#?HyO@&Lp z)4h>t1=k|9h1QMkt~>3q@9TD6(*OzN1!s!#hpV`)4hQQL$0EISZe9L*o zj3^G2TGVe8N9#eFiNjnGTDb21h!ztc@YNL38xr(of)5=D77{-VVtLtf0Zd||5oC*d z9>{-^f|o>(Cm}5Hw`kcvI|brYC$0ARH^i6aUF!OlDUfE|P3f?>czLt8SeH?IzuCDf z@;3tNsoAUEQA7BQu{huu;tH+b1doUXhr(Da*r!{;K{LgX(wY{r#%;ao;1;9QjYFFz{7xk{^(!R^`kTotF3)7Pii ziJy|^tiKl=eI;~r>vtutASQL?y@dUUTbvLj^&7Vs#0R6-Fupq)IdUxVnut8cd^TJL zK5oL0thw{Yu^ps2NqPo3Irj{V+q$SkvKPuXg1R16yh>|+(<;O|R6F6-FjVU$FZcef z1LxLo0bX->{%3Tw$J>F*S|{R1c0L!;S(XH&@lVQ``toDnM^59TRRS5zf2hp%_wfzA zp3iym^OWHJajic3FLcT7Bj1vA%{tO8G;;D%G3uNeyy<*hc0c+A&6`uqb0=AmQ+`fI z#OP}LN*&zYRe>3zoh1VSHfwK8R|0Cn_JI}sc}Lre7>MwDENY~(_;bA%2{q5zV$NmA z0#$0&qDA@P*ok&_TLXD^II=`Fksq{Zi`$2On9bcBNp?%%;4ng}qV9q^;#?I|>@5Le zWE&bb+4(_`=D}-m3~Oy-cs9qGrmv-}?01~TI*(-gByec(A;K@|6bPs4yy$2PcmQ1T zx!=JfVmug_JB!bVsSQK zobD+aNII^Rg%6&e5ZZdhL|DQnAbu_h?yFK~hGM5zd`^rlenM^#x*v5{y$8oF(yuk) zlE#L12D7HWkU`r^ zwwhA<MYvPmK)& zS{@@IWCjJ^dVD82BB4*@fyG0@iDnJG=6pM{A>nMpL>2W+zNy2Bg~hq%k9m;Bn8q+> zP&m~4 zl^rUI_DZ}(vL9+UlGsVSAPTAXWJl5emg1T-MKDpkUwoXHgN~e%5`w=fZ)wRkBEQAr z^alky07+Xzqwb8A(G5rrK_53vJ>+yv@Z(WB*mjDD1B!OgcJj>n(163Kwyv;KW#{K` ziRn4~r6&iF1X~WYQ6?JJeNb0DiSWJML1cK=z6)= z%ng+|azXTj%0h;DhcJ*UL0ei-eu9-b^~jQUOe^&mBAkzueJ&$5ok2HRgArb6B_jYO z2F M)KR`Gr8I7$eXr15gIQ8SJEF<%Ae3{ie-xh_Mo(q_|_O@fFn6ByoctdM*cF zb6n79nn%LJP&=oU%1zVj3MGQMzq_V#+= zJ6)f|UN~&~{||?av?3UltTjCu(>F4EWMmJb4jOO4rhS$^)da$(CsgBl&VZHVeXy#3 z$Ia{RZ9MxBdYpIfNpMY|#qcPD3|K}?JEeTInileCD*?IFa3{3+l8RfUrQ0p#h4hR! z_e`P9g{~7wlYCi#K)uATcXNb23?@%TpZ-rFa*JqZ+{c<9AN68s+mS8)Dwxsy&j z8$U2wzMC7bT@FSBJKN**Pl=6TckSsT-~3MMCcaiIzT|i#NHp`)tnWFM%+n$^6JE6) zGa}}7Zb!eNpg_X&pKwIR z!IfD#dCTsUVNg&BY5ODQMUhfzy=#Jxsl^$t6hOAka>Yfb4px%UqII4Bh^dbbCsYPR zW8d2KE*E;+UJuSV!;G)0sD*3C$`5ZjH|jiar}h;A0^Gm|_kO&x+L;lEqmLGFusfpF z6_{NUJPKcmZzhX-e>t6PtS+K&Xd5p0+3P4@~xMkD)A3N)HHnyP?SdMTPj zd6Ghrb(iv`$MV+`2F>#3(xdh&cFnCfTV$|8b$xBX!995EO;`k55h~t`vWR24 zv0@GVb{U@%I;#CY3=<{XZsd}d$%Ts^QHy-Y0XL66`fX}Ef6X& z3r88p!Tu5TLTsRO1^n=)+ODeq+H^JK#Y*i-U^|q@QQyeviiQEuBSyI|;)v-_m7qs1 zN3#3JKkZ)aFzBz{SmQa7X^~*-p%C@;%hyq|_>4XeEbpx|?`H$@r(KTFh%Y*9CQf0d zM~aC_sY@6)>W=KQWC;$9K(lspS~>L@Dlz%6zUNc_8cEaF23Xy9OfJQrzLBToI3&KF zzgc^$<&wY1klFf>S&2It-4`VC#mPBQ9=iK_b;U4c@RH5+TQz5P80#o_yg`R-b5L$W zFmGYrZ2z3$eV3PeukO<(8`ro!`Bg%FdcAN|BV+2-LAi8V>4Lbz4Ws1uXAw(MVul2} z4{irdQqTJq?2bxf4Ao8@STo0ORzQ_Pk&eQ! zJR31d2&PPmVd;hS-!2pP$-TBm*uQ zU45(fWp~^&E@9lh9M)N%)coZoIzBZtWV7(W(f5pjIm;$|o0m;e>moXwj zQDfwrJ+o)Pz$!w!%Rv$Ftz4Qo|K62zg7m14^E9U7nh$#2c4-z9H~87)&!ul#YI_$4 zD)86u)z=m3G)~#nSeh*ZO>9(^r;O$YVV=~gghtE487=&;?&v^|Fx`9xFiG&(9;)sM z?jm{|LgSH*IH&M7^aySKK<4d;{obq((fiw2bji+#M`yT85hqA#WGascXW#95wmZR{ zl$=$UJoVHfQA}@K6(^)~h@h{Cxyh+g3$gpDw;-e}w zmPd@!P0U3XhDH~*l;Dik?(4p?w+39Pf%VV}L4~0Su+iPV8uT_P6tY60p9-zWV{KUQ zp)QK11Q;$Qi36HyQO_HD#2M*B=%7$+Ah7Sc%HTU$mWOCjmDt7&j)|s$TEB+k^Baj; zM>G5qmewF8Q}{<*p_1;W6&?{!ab%k?1xy6!s!b)}R3Kvgj0J2{+4v`wneA0L@esEk z?Jb{RWVeF8U2NDJr4ynLL)cm6LOBe)3hB%skY6}S-6DJrGGed7EaI8CQvK@)l`HJa zEMzn?BUD-Y{a45C*OHOZ;V7x;CWvA}T~uB{%XZ6y3@6^XbMcAqAEIolnSng~Hv}bY zf_(7{xiNEUH_qMNoXwuN_iO6m^7agK-L+=3jj}UJEo5<+@AuS8#ig6qz7~^{zo%B@ z=uvRAnWC>y-58Q~p>x?VaG`yzVXbl}qtAW_2He~))tc#WS`?><&)-N~_-Tk@~V6j~J+}5nJpia(RtBRZ3%$1&9VX1}W$1 zd?QetZVjDe6Wa{eS}R?`X=P?kU4vw(h0M!kKP#s(B~zcxxz$Y}j|1V4%t}+qCf0kL z1Z?x22ACOrTo$K&%Lgi6l6Ie-m@Hf!9yiO+N{Dy2Cl`>@*i1TW_g6-~7_8D(dZMck z-A=l+y^x3ajRL6x^F!Q2FLqaS?G!pXz;GHA0u3Zkngze+Tm(*lgs$tXswpT^iv}aN z9gI1w@jeC4hd4uTR%pq_Rj-G0z^tNQ{Ptgmn<5h>U}WI+Q-iJvuJJ}44;sLOWjX;y z+%CdY2w6o3roOF5!eBLdDlm3wd&M>7FOj-Sx#AqN8?0e`1#ubv^mD2sz$`nz8aFZn z`k^v?1_?xOdo5od5~h-9v+BJ@dec!o?g=d5i6Z`0fFftgA8--0A$$G5eubMM>pbQO zkaF8Q%~vUrE_Idi9%#64G7Ov^hOhl)gKI-Eg#WsP_Fcq}L^?9J-O9C83GQ9Wdle29 zNu9q=@MSA8F#w73J`upHR;E@Dd4-(W{&LxcCWUjoV%3W0?wl098pHEcTUw`g6kUF3#Q&jw0*M+pS?f_wRuLqXz-^YLyaY@p~(6t!wGfuE|DO_ddHfB zC+!_j<4IJ8G}G&!AMeM2OxL&&Vhs{CHJM*t7zAg1s{kHpRoZr&U56qs6X4BOqrYwTtM%Qlo$$!w zPpy7>$}AhDs;{M9XHK@|rb4-i^&i+a#J{g;yYU0u94UkDm>pA6w$j=k!1^D+Pe`8E zn4Ur>Ubs$z?|P-{8m!P z3(P=N)(dtL1xO&{Z~K*1M8j7UMewJ0P=e1XvC|Mg!S7k@T>PTPDU&lSk zKYpxbBsPCUXQp&;Pg9|t9HT0%*SbQOc+!t%r$>5W7JH!xxT3odcbcjdu8uL=QK1nkd0uE0^;?%+h)iSv${?aY~?b!>w9I z#|54+gHD0nc`Y4h#6MWs&rNFb^<}(#y>UGy$njFErNb7AG=gN_dh~z&V420b_F0*7 z)FuVDz8BJSFUY5-&h>TrZG8csB_jyg`buv`;gb-}HFQv)1{v7GdTG>Z{dBWwTopwjUBl zdNvgQi+m`fENF9R5kdGkY5&WHSmC(k)my<^MBF)RX`W$I`?MBe?|TBGf+M!a5Ka0k z<@P^Vw+IzDY%GQ!e6srGtg-lNOPEPTy!VQ+P=prM?t4Z)Kg9Db8mC3KM9!b7!~f;w zp-~d{{lxIC<&Rrk759`XBBHF?3Kkc;GL0J>;(c;hwkl60LXa|e+|6^lu`|d6Sk5Ro zBM;E-fZOQ-ZXgeUf-1m>&7$aQgi22Biih(Km}nea&u+Oqv)&hB)6Zb8JvjVj<^k~? zl^e%E>=#7BN5T%-J(MVgk8oVQ7vhDKM5H8E?iA6nJ4hq9C96J|wUFu^M5W4#58cK4 z3rUCdzsqN|b?Fupxa_j{DX9!2G%@x)VD>=#(?8kX*V7Du!wVE zNWatG7ZA3-*3F$G4wWi?!)kKtZf_jT?IQHN9k7~6uHXP1!Q$&(R(>y#RK+Pp7ip2y z*abRW1mo$KRrR+YBcaFfz_s+H_mWsoNG3yDbJe552Xm&F&WCEo)1~^y4>|e5WVHr=JP-d-3hgb7?n8 zFYN~mzNv15Kr2PZIcCOZFq!R4?IbbWMk69r73+tNQyhP&cZ7ll8Jlom$1=^^+`K^q z&ApdabtVJ9oH(%Pi(j}WaQ=`?Y{Lh$_R8)#{UmXztr(=h%8Z_GiygG&m!=p^h+@pidw{Bh$TbHy9E6KcdB6OzuTm9*HC0pagj z$W3ANWZn!ez9esABCOf6-&^1Sq+cI4i@S`fxow^fLWZ|%ZO&`yLc8@Dv#y*Z%rp}S z=n?2@MNb}hBQ6I7YB!RmS`OYJ>KJPBZ}0cdI-iW0w+j-$Em_}ex_NvvebPz=Bv+U7 zMHU+3Pw0$@FPRfpde=6rZ z^Rh^J@PmU7QpW-Yfp=Gl5R!qs(|{9Y1D$fl+-|4p1`5M-TS`#)zFp9roD2%)Tn+T^ukrE0?e8%Vm?O2IPD}`+2R^K2&_xc2IJ#$lBO^- z-4!TT#`VvVKKAKs#BY%Bf-cy4w7dKz_ufDdx*t8%tjz&AG^7@T0FrG-w$Duf4J+YL z=m1O1E>3arJ}Xz?Xy)aS$*yx8Mi%2e1Je07U%rg@@U)vM+@t%WK0MK&Hpq76twEm{ zfOquzda!H7swC@ccgl+hZ((a7cpl8YqKACNr!V)`4%GzG{i2zxv30v(6Ol-KMr^)1 zPypyS$4Wg{7eW=Z_&38l+T`wsA_4eaxv_BA)H^73^IRxx`~M4OJ^&lK%g7dwsBBh$ z@4T;8(z`Je15g20y?Z{4&jlFSkD%>5XAgrINCJxrmm3rvX%4!NHeEomnFgNRyKWDD zTX~MigR)aMy$KY}Pa$^Pr2s~+JQL0^mzI&DrpHel77uR-W_l!K>N=leOlMIYQm1`6 zl*lEWO<;evUx`YHzQ|BjW?k zLeV7-%f@jW1-p#8hjVMb4gyqm>JtYGpvXXNs6jdH{_(viNT94k_PXl%^wxFoD!vUdV zqjamL2O2$cR~N2GTUtV-8)k|8i6-zZ%|vZ%bi$`ADCqmx7(H|b2nawYot1oKwhjKk{WZPq_z!t+QBqI`P!se0$B$SJcvq!&h>#KhBJh4%FGJ84ZD>G&>BZa5YfDRePBmQ)&6NuQKiA*n!hZd6vU8jtsp$+KQ~hywraXii3PlqWe$rhqs4+!U5d% z7&3Jw;Ej)|!IySV&2wJKcR2^iqBFxgf%xD~jq(%Ba+cm|ezwrm&h z_XYkYQa}_dnth{9-~8_8;j_7cuk~Ri9aemBdM%Qm0mv474C)`rNPXsJvjq zH&Iv?7-1TQXLmfLXfe~Y8mD@~5uGY~6frtmksGQ-Z5;Vk3t(!7Ry+#Zs}!U~N(FbI z(TA`-D0!Sz%RH^w-G+)2qOKbEveC@?mioBAes-(Q8R7}M{zEtsS^nc??WQ)FM2qTA zP-3jn>|tPKT@r3k?dw_lMyq)iaVcRJNZ0uo>3^sSLUwzbZK~2gaC+ubVB$RorLnO# z##M&{R2*;W`A_Lv%RXC97U@q}=0ggOKgFE=f+$h!RS-T#C2`8~%pi?Ww*_K;ckBW| zqBU(tdPB{vu7f0`dY>P+#}Yv@Xei_S&3iJ55IXY)1!_hkhMo7xp6<6-$2?FdKhRsu zkR$yaU3pz9ATKM&4pAYGaZ;@ypHENTjyD2CiI7Q7(oTjJTt*Ue&z}C)AK_B4Iv`wZ z1m64q^q4d3U)x(4>AJsB0r*E)M0)%PLF`Lao#wey<}-WwKIB^6ZW`wM0~F*^p>0rh zJfaU3wBR&N0{oYFu`GKCR-(X!<}raXVU7;Q7Z zOv=1Ga~uhTso9KsZXpTq0;9e8$!I=E&X@W3k`?;OVqBag9T!7~Y15LR0qfB4dwa*? zxY{C;kJq)=KQT;q?(tol)F9xL2~1W*xa(Iz;R;eTT;3V813x36ANK?+q6EEH-gea; z+ia=Ts*C)Re3~%o5CY=Sk?p8)ry9vQ1|m5}rvKI&Z8~Ior#Qg8+*eTvv*h9Ju&(Ec zbd)F=i|#u38DG%pn@alv8rpW zJEqYoDVs}Kki>(?nh;tLA5Aw=`u;%1NsTf)&1FU=kS38qSB!Q)U3Q<^qL}>2IWeX8 zN4J{X7okRHGIt+Hpqu1yaQnyrJ{ef{-iUwd4)GoAU$uRQNgptN_vUe$OuR^JCbIZS z*}6AsSD`eFsSs$chZR9BL#n=mUK&FJOS>CBMzB4$GY|hVB8g~av>VdIrso-BIJicu zUJjSkYFWzmE;{pe83raDgZIBH4brA{B*N%dhrv#}%-Z*gvS4M(>PQI!*ir5>V}!IN z?`{@ZTCEU>7aSfiyk{yL9rR}tcZs`zHC5hb6rF$B*inXEwMbiTp3~+FeBIU6wPqg8 zqw;NPk`7hDluQ%{e_;@4o3B;fo9-R0VO;9=W%O!4fxPTZnLjpb6y#gJset2OdGSco zwg(0wwtFw^Pt~@_+`JfPP`VJezUxj@Xt%>EaYR{tGIfauDxQ(5p4KbSHNH(vZ8xFH zaFF#y_526sz%3}G_4L*%%s=9Iv4^B&XxyPMG(ywI+sy44kNE1xjF}uax6N@Xac5pr z#D#n)fkK3+jE1hk1z;Xh4TW7h2~n1tvILxVYY25n%f6*sj8i^Ro4;0eW>ZWRLMV6e zw`C3$Bw6i!MSV@y&*7h-2zo>R35q}(zRSL4;rtKZg`zmXBM^6X?mxq><4s+_k>`?- z&XecZ;$c1y=8?LwX64fYY|tg71^HXrIqWQIA@&j zjO!>ZU6QkKGJO8k>t?^Tm+ zT;%4Cjc~f2^wV-6pO-Y#(wbXjG>ts_QXZzj1sug_c2XmfyJK@e+N~kMuhtNfe{ToY zq3!<6$_jaTzqp+h02I(g8+smpPKd3E8h`QrY`SgX81!v~Ie`Uo?zqdAO-p%jYO?C` zTuuN|86x^X1rS2E;}b9eUkgk=9f(dKGaK^|upWzT6K$f+u=Unf!$^nvn00Sf6)0RM z81=A}_3~Ym`9xJ|{?phhl9Y5=k00{wVaffUm8KUPMB4hH zxtLBq(3$r<+i7wnjZi=X^ul+Q*LN5SIXP{(w^}T>*^|OW?e+<$=@P&Qu;gJ7;^tUp z34OL~Dcql8$ERy;Aeka-KBw_HMBc&_JWDgB^-xzQ#L9B)2Gh!tF3^ft8d}s+&;6572e09 zw2!S2Kgg3qy~lyP)VzTW5Z7vWkVdAfOJ1mlICbWXfmfO4lO9&Pplinp{s|qkE-%2v zy|(bhCYACL#deRD!Y1p;T#UhZx@EJjuDF0vksA)6MyL%=%!2Cy~l|^T`D@ zJpU34B~d~`qmLToL`Sj;2O48IYlJfI`!$357L4{KXpX#mjOnI7^2g`lkHyYsjCCkG z){iB1P5kUsAGMbVm;wNt#L}xU+%+tVj*E5ldsM5w??c?0IKN zYa8yrRaM}Fc4aj?Q=ox0wC7kMvyAbN-O6)rRFJ;ze$zL+;& zCFoN3jOu7|+vBxTaq&Y>$Qk1n&QTrR{L{u!c#*jOBGV+H)@Gr6;ypE`oM8{X{znZB z(~IaXhfmIMMIRA(0Pet~8ha!`BHfjMj1e^fM;Wsg)>63Ig%O{Li5M>Ll%XGMGn^71 zx5l=;>w&#WZM*d2b$@wnKJAgfGd#`g!i^lrz!K1HF`*_yA z@BaQJMCQ*4$}`txDxdH z(=uigo9bFx#QUWDFeGL<7T4cfRlXOFw;lMAZ_xrpG}+mAS_E^$#GKc6y_STI-Qu`9 za6oQ>`4zXcLLTJdQvoQP^G6t{IAnCinr|Q{{Z+s1@oOhX|Lyc!_tB`_1H$y_c$lld zel6tAIulaLIO$d&jB0it>vs6QoS3g1CSaNYTLRY)^{)CH(G2TUKI8KBoTZU8WiW}R zdu=qI$M>P3YUbB;SNsJ&7I4r*^*MHM?b+C#zkg)4NXb)H7<7qskC9ox;mORkDtGbq z=!_+HOU`W_B_oLM{Mnx>ZK)+>FG4y6(*HKud3k+(n2vO(L|&PTNZ=*@z!nL+Co|PAQSJS0^eX4)G_Ck&!=pI^QM#DGzq!=Wc>dU zP2y&dM3j6&z3ocVS0e}eRUL2`bR3jy=IBQ_$#n_kQe};vsWe2CRDeZ&YCM*brUDO; zDoQ;yl1k-rns&)kD*)EV-*qQvD*`QqM9P+T-`x0BPOwEB|7P0Eu<_0vjyV_Xj7#r| zdQAZB*9+s5&s+ck2m!h3C3pQ3Ns0#AC7W#m* zZgqpQ7;M#Ec}G8*>f!}Wc5#kC=@EhR?aVQ+U|Bvyd54ZgC# zeFw=jw{Pi!yuE|LAQ1^Y=Y1B}`HRNwP6NV4wa#6d&D6!!R#7pzNO@HT3e6%u8ZZmi3im;)AET#l&rM|nzyaJH6MA#R|xdR zgd@DD9AzAE1x&t>37|(SGc57B3{ZKG1wPOGU8wzfxsVk?By5Yr@R$0;O(d}e0D#i# zAe1-~y;Z4oK%g_dSrT$bV_zm%GYIV+wGp?MIVZ9g|3dXH;!hh2B7Pv|88HeHNs5nA zB^En;#+p#gddz!OG0w9k-P#*dkKnupf{+A+R=So|O?W(sTm&+8T-@<^+P*tYc;X=t zkrL5h9^P&`?HT(RmS^}Xvjh0Z{1N5cJD85??<0baOH;1Y4ULV50dn;^mx`dx#eUnj z$h%StvboN`zmJyF0Lig{lsHO47t`$zNdMmn zAxPJscA@3q#uHz4N^aRAT80`*SpV}2IKR)k*hX^@VBVh9(%bD6K|J4+5~Ku(=fiVs z3@S{ZADA3ysQWR@X|^1gT9fpm+h)>WGst9EZFJSZ z3<8=QQ*YxpPo_;w;IA)Z{O8L=;&UU}bm@@65~+s;&$wF2q?{9Iv5?Y5ToDO(c+#_t zT;cqefsc-lu_2o9->Dyam1J#d+GKiumA~b|2!^Md;z)32)+bAv_sFUg6h+Z)(PzM7 zc#gz49OvpdewJpbF>hZrB~eMVF_N~*yqBhN#^Ab{P0n!E7b79JL?lYWhs||bH~*sH zTQYIv0B*>3vsQzW8?HY3Xa*Mf!a?|g*Ey-TWRSivqRD-R*eU$oH$xa0c}DZs5%Z;w26K{!nHrqhF;;76b!XiNH2(AJ`A13cKUN4ab;y`LLAr@RBo5oo5l|woO5?~*MXt;SFc`` z%9kyTK9qB(FWxL$d}Ys*krQ=IUDWxGoqARP=e>O7T9IOPb#-`mb8|C-QL*kcGd#$o zxID>Dsz0bzu@A$_3=2g~GVJv6n8n=ncZL{~xU#Qh2+07L8)V%--l{Z4gk|w}nJpXa z@0=V$Lr6&+k6_PNm>tTKlFgJNRF*SsrE9mI^zC#wP?Gm}z0M{@9;kZ@c3hx7NFXc38@W6^ucxoJ>GB-Cj%m)KJjvoTc-8lBUfM#w! ztl(13?w+7|4C1Iw!JnTZ+juSokEW1z<>`ntV$71xl4EMTLo6q*T?Hcj9RK-je5Fh zjR@unm*zM5eRt;<7Rrj;NTpk-*zUwUlP%Se(moA}%<|Uk0ifF%gl>J$t6mugxnX30 zx%;o?ImiPysz}j!j=d1+!LP3_zJ8=c7u<1hQEcvk=tg6WpPalj<`m1<4o9w&6m<&9 z0;Hh13#y2G{AJ1M85n$edwT_i&#K#-6t4`LPiJEKtK|LtA1Qkt;W_P==(m}s803Lo zF*AF)*<4fACf`pCN-EaI#48YpeWPx*Yl4L<8_6DB0gIC3;_F!R^FVR4b+g-+(?gkc zkbP5kHzQBZ)Wsjsg)Fx7fs^8z!sF3VQ9`OfOtIl&MW>XkkpW{v?7YIXmzW=)5f!9? zn=5O>dG<$>%6TR?^Kffi&$wIRS5M^zWIy;!c{bo%`xPo0#-bJP^nB4a4N2w3aczj( zA4WthlXqH`5R`jVzlEazZM3u3k&{p2{p8~jD9F_{Qm5%A5rMKx0qIvQaQGla=-KNc?zLWGSb1G(OAd5|>I!$l)R>*%A&d={M@rst0tMLiS&xmgsTY zwQeq5iijU#!z@++SOt`in2YJ%eFh-pP`g-sx09i~xe`K-ICaldC^ZqZozm`D?T_eN z5MlHR4XraA{qB{P=JR9EPeiIJHElyfCimSwFq*+~tr6m_tiy5MZlp)bJg7K7#Kw-7 z;@7_r;6QjH$8I z>9*IwRHW2gPY1uema}EO^B9kEx=O4mXv<=nIr`$;DOX(G0S+WH$p>2H-P@ND9-Od= zjxM!rMmA%kNnRBzN&3(~>&&*1)Y8&g8&`6skQ2?GErkLO{8?Y5WkN#Rlux+7|2Xq=&>{g;KWlxJT#eN*`Z(2c??Lgtt%4gyB6Co_%fzECo{&A#?HLGxrDX z$EatWbRI$-DVbr-O*CqXuD`Av8yj0!Uw;T}Q`0*mp3)bU)4S%cjoD7K#Avy+fB6s= zi<-CM+^Toi|5I5|A+f29+;o_G@^2J7dkE+il!VT3O<`(j&y7^VHWp5Zu^t~xlZf*!uUx8k0%GfCBz9%T}Y?$|enkhzuk{CT~)x(Sw; zOl5my-}eycAbEjCzn@UUSCC}WpCoC0D@pQKEx=#@c>6S9`dpQil#b9G@5~0kXzx9J zK$;fg+Lf!HkkMHzgoC3bJc1aRoCQ6DvLwAPI#6Axdpu_5x^fCh6&hgMna!oIkc^7w zz(!8FqLgHjgD_FSWkeZ1K5-j5gm8UBC$|ALlb|K8R3cwkTr6K0Z|@J<6Xd0qw;cA9 zNo&se$7}&M)3EcNd%yxrT9T?1%y1+)o2@xUg%aw;;1QtO2TwBo#*UQaPIbUn1Q_oc z4wPbaTj(2PbY*zLDJk#?;8Ol^2MD$5W1$;ozy=0kCt8)qElmdJF<+GokX9mJ*-HJ7 zk+3Koh6^i{ANu zvH^?kt1|FG*-C)eIvoDT2Bnk^){xX(N?0D4 zx8lBavl8)gnkfeV{gV{e@Dj@-g`lIpWm#d?mg2_f-r;x>H8nNq77Bh83hi>6nOatY1b?499qJe@fYEWu z?y9m)z;Mx9sONu?^{*e6k#C}eg=y8&jGr-@II?Xld|A9KDQN>LY1ph#5u*24!o7%6 zDk$j9n7|E}F4HNNugs51M`)*}r~48k)?3PPqYQ=PF|>WONS7B1!6!YF(8~wbAa0pj z^;Qyt8JX(7ta;RvbV>GXC6iN26^4}Co4MZBQN`^<3$A! znr07nwD@s2#^0YhLc2*lUzu`_LHJO5hEIaBOgaG4S|B!zC%@|DpCimLhTGh*-9gAA zF*7qKVp`&CP1}8zK6g7Zw+Rb}#m4gSNT(n`TZdJ(4ZmO8Pe%U?z~EWUD@Ujjt;gHG zkKNc1=~mo#N9Ygy*Y>ax&qV;gfTp?@cZ~knF&~3qC;q(kT*-dCjW~U0XYRr3YII<^Hu8&KnLyzQ zI%e?1Wlp7Jtc7Es9irxGP*6}k%5_jafmY$|Jt)9&g#sK^C{W8paw{enZU7R7g3U+g zwn=tibN0Q8XB52;2F6NZ{#ud7bcfG+T~jJkymT7UjCS~TNdBgFjA*7v*UHH2SF!~h zT9>}HwT;jgU7UE@#!HCCfH~c{r&^2a3zw4ww&~@U9N$Owc`^OLZ z+&2$skGCdA94=T1+ngtlV|<_b;Rqb>xifYK!+M+Zxy4O%8`|oB?Y7`Adv0O zyUty8*Ujn4p1$VnW6w++G;@4zl5oCsQh>tHWh6%C;v0M48BRJoJIntsA`Bt14pOLe zeevQ2QrNoI6UyFiW|l1=oJD-4mjsqOQ?5t4d-)mU}0f$Z6ec*2?XT{{F)_UYGb2A~&%=K%{)4oT>FhaMBb4{pkJcLv&^gvvQi|$cD zBV5Av0M{?~z1pR`4im8SzW6U?w@-LV26Y_O5F?F3-R!wE>7o{+nV6wan796E^PHO<9fDp0F@{#3y`CZv>C0K+ebqLz8>w?*vKmn|X^bmnaztyS&?Db~zzZ z)FAvzTHtEmF2-d?qbSxV^bv+{iEuIZI8U|Alb&YnFqNYKpaxW-x6)>Q}S zCrkI6GeOfhxJ;lEofb(GmwyE6DjiYOLep>mu+D(mD;yUJF@?n&g(v$PFXxM{C%~tVQ zk#lP=u%Ub98sBk{2(;!C_G2<;yJV&Xv@&Kh%FD(1>el$8EY}2axzYRKqVoGZEX$1E zM1Fd-#%c1F=o1xalj6s_rXglGOrWTwqy&gWpq`W{WI4Y>l$?Hy5iGXZrxc2)Ti%e2 z#R`GZRei7q;|5){95?XXNbv4oL`K0FF~=_DY@10RxZUO#>Q|aFC==k7tgOD1IU7Hsl#Z)By=m(yUzl@sT( zMPp91JR?-UZpd-wRJ)vl!`Tf5EB{fcAkO&ovzK4TM9r+{^3Zb~y}{oywpl&38@qXkiW?1pFJMan0^gp?tkMg&+t4iBWS*hjb>?-KhXb5 zgzuIz$Ff2HW)6MVsXbO4A^}A1{yZAz^a$>Kn5t8_6a2OrRd*oZ@~$F;7@EmJaw zsRNAIm4c4(Z zrq_Qf;r923)aEC=N2)FJ;6&5q-iR4mcGAsPyOiY4r*m!$P--0&`2+KTp!vowk^V~; znj$eDG`+PN6lQN6<_h>>UsfyD)bwbOcExx9F`G8Uvsaf{qT45zZgtG1uCjMHQwF|5 zsRYWq4RY)W9$U{;#|s9y7>G(U{Tz0s?K~>};4W|8D|N|}uDEVCHOMtafjuT=<#6~l zAz0ss&t2I2_nmIp|MeVSzY{28q-Xb@v+2tIk%5{0w2#S~oXnds#!;_FAv7q8P^7qJML1L zbrO%=l#TWTyl)6CaT~8KlYloOS(^>JcoPh{skOD7Ko{8A+TyqE{DCT!kUE&w8`P#L z9BLFD{Ns^qg9iGwml*o#y)~TE;4(GO2+UX{FJ(XPAZgr@!>w;g*nA`IYk+aJCCu^G ztQG8ro=T-w?cPUm^-W$P3uC@E`GfD?d?!kr9*x|8A6NV!S?CYUCwAq%+SSWi4m{Mz zWUC%Jrd?me9q*nr-KZ&+Evl4=e|7DlL>@@knI<`WR350bc^U6*@|sKng#EjeU6zK^ zB{2}zNwsQz;LS(Y%5vp~O;fi@L@bA!D_i!)>7%;QP}pHBY*zg4#H z!xx1)F^~zvNz}=d4|t#f>8KH%>FzCO>bbblftMQeAATFTkYuSRR$&RJ8*fYAbR9jw zIehq+jFy05;m7EoF0NHw*$NAoflT^GztEuVyuUvcRK(ARPm0p3fk8FZy;g;*Ywvu4 zn`wfq5B3HKD7_>TkGL>6Aw#0fHeD%97=&H&oK|&O;xwj1<<>4;wp7yx$DYhW2I|kA zWOK+pe>XN4-3lzC+H!eS&k;)F^phl7E+790|90p#mGqI)YOU-|*V|<+XI|cHy*nBt zL%@0JE*tyPz1n)?`TQd?o^TFfMAgiF^3(ySwM3m#50E83X=(g_#H5_N&cKQ--gRj@ zT!ir%clP4zjm3PsSvUr>tDXbmIw*qDN%cdSY9jAde|_}dd`yU(@4{LTU^X|_6D@~p zmKx-onOF8mhJ}S??@nHyeV)AcqzoWtp4It(NPF*itk*w&yhK(*36(_Iga%pRZYnZL z_D*Fdd%L@f2B8Sq8um`eyrmG5?Cc_Y@6GRZ-Rg5br|xrppYQkk*Ex@Hy|3}wEs;$$Wj4 zeM!5NgG+^f4!VMmv}9=Q23Wad01&Pk-S<`j6%x zeHMkc`kn#%Sg}`MnKeoft27nAm4+Suko@Yth4TvC!~!0l{X^ikavk>U)(8U#puex_ z*gKKZ6v=Gbn8Zz%=0}?bP1|kLTLhA^dR#Z@iz{xC2gu*XtQWfSWgb5Tq`hOX7y7$@ zS3Hk*ASDcLAOL2k!*t|%uWC0=J4q~;Sgw;v?j4w_>vyVBKdj=#+=$e!&YZED+6MOk zXu+xm4DcU@4%cjoho~#xB~=(656e9$ubb^sx-luZUTDYUnT<)4)&aKcSd~3SJW|Kt z_zMeG0vehjWfj4n*d6s;ww7mHpct;pb`b{i^SE8Ro?|{+n{6wTlqcd-hshjmg9AAO zgGpN+1W?O5Eq+xJ@4~K*2$Q9mELz09n>uv(3zjSJ(BLCR9b1(o&20WaK23TQg5sqJ z4Gq;k`K+(k(8e5M@F@>EK!yZ_UE;ZpVo^HCap;<|LikuzU#`g#xf6&*Spl-l_xI_x zLyhyp=5r;i3L~B=5gyh|M+3&>?8x+ayp&O6r3u#;Y(FNfaPigK*}=N5H+Aw}C0-0c zz|fRx&{pg&Je^PKvt?VET&J7Euvjs6rI+{W6Pm{Siv^IIz)iqTW=V1JARdX&e&V15 z>kaZYUBQMC4^uk}j*RAyrT6QkaUBe?Vg(S#P!$aTpPt$&viJV>QD0fz*T+*_$_G*B zJPJ z#DRhCJT&Qx37l0v&8!dGnH|L>otIW>YBE_gG&HPP5Bz5nG`sig@xiU$g~%+7mWe2Q zVMBsqqiP#qreZmr`_%Z1$q1Qynu&!OIFG-gu?wGI3paXyaQ|)$0hM~}g2SUgB;eJh z!z|tTZv5(vH@0j|mu!1W&uoC6s5dY$tM|aKAeexby<3u2&QS;$C{gLz+Sq`*C(8{X z#l-^<*TOL<6g#E3>}(88d2p6`aw?d;YSx4m!_o*p{*xG3Vvzy>e|Gq5I%`C8u7u<)e(Y1bkh`dPcH#1MFH3$dQv9xbPL%ZRNIjFYUaIOv01hsdz3NC|}xw#Ugqyy^FYv*eKgBLy_k zbT}-{bw4zmJEN*#VaE_nh+FTb?U$-&7*d%nHBA-cgIBjMp1BLZ?nZI#lHM%`w!-=3 z3jZ{IUw?X=>z3RmPyvfU0C9UOEGD<0L}Ang86vFz#R!eH0f{ImxT{)XPU}S4K=b^v z)G`bBdoQDt3u=0T3B%EV?v4uX-n8j{cWkQUvCkSL2~*%>x73VO=GGS*71-ImwUtf=Qv>hLtsN*kJmIYcZUmLt*;_de8FNs(ql^D zPtyo+@Up5q+y)z$t`2=J>>pHrmfpY>gf5JS5E-Q7v@c`Sb#p=tppv9^#BN0or8n^= zCMI{zvDA@VpcwM%bQ6haUpQsVbV@DwW^5NFjnQrR@TMKg~^_p z_I3!QFx5a9YdW#`rq43Ji^H`yHcZd`0RhHr%xk&@b$H;>T&}Ep5f)os+yVxrMiW!go@(^y50R!yX53pCmNf=7L>)ip)8RQhLtnnR0^}L} zVyh<+>*euQT!m5^ikhIP?Gm%w@j|DjQlp{sg=u4-N>5!urraIsEnAr$B7clFC~R+E zxSbUW)1!b*EsW)ExGRt6ncvJ^G^s$LuWj#mXn?Mm2Q$P6^E&?rClzB$3K6w@eO5xEKe+%YZ zdLp@hU1|snF50rck`T!j zTv3gh_xU2m9`1y0B=g#?-_Ki6lMobdlHK%2-erRCi^ZA(y z5EDPgG?~YkAv-z4A_2t7@5K5=5m%8&LB4tO)z&O?lsbDmF^1hIK0AF@S~Z(S<+S)U zB)7u2ZXI&56$#`Ueb}VyDl<^=?#JLei0h`02PBe@gdL=MRJgm?sTb;41a$4y!w$JC ze@ND=BBi(pL2fW|pFu?%af}nlAaCatMSdJ-w5Az^kP=`Q*9QXeMqt6*naPD$N-WSBkXo#g{; zF!ZU|svg`YTpQI-DvdTJ*L7_UQG0vqJAB{A$0zQ@g3LTmw&uIym>s(%oWO1}wA+{G zGal6GpdOb0(boMqDqPqJ5zwXE{}KVUrsuk!#-mW&l4ET+Ju_1xJnDGRZMna(R@t42 zNgG1#))8fdjQwHqpSfjt2y1!G{i>1p7rP2Ia;&Zoq=G$J)6t`gK|H16l1N8SM3>Bwi*oZPwl-u9B_(apZA06m6tRs2SUuB zK%(G0m{#X5?&kp{SruHU#lYY1hOngsZpCf--abC1U|kH%72!5P4s)`ps(QqGiP@1q zYi!Uf2JjZmEqt>A?Nn)1GAK(S#Q2Ql<;x?2M|Z!!d)IQh-w0CUhxtXU&nD@nvp6|9 z$pCCY1(bjUEOV%C(9BB)2@sIqY0Ji7%*3!y{w{?G zaw%g6(7qp@Vny7r>&Jm|K(@j5|-c2f4wKOc!ah4blIT`4yI&+(4!myzWcU1#aw;dOv%x}>k zy}_fnr+BeMSZi;kJXBj=962Ekb6b!yt&vV#$D|`VX)7v?Nl&bz=AZMRJ2%MqKC4`2?0ufN6?5NX2#_ zJ}@u_6stFxHd9S&!+y^2dWbOCmL#w<5qLI{Uo9C%mA;oR7 zPzmSeU!=S>eDlg>SO`sUge%1^2o3e&JZ=o~*&b1qs{m&TB}sXT!r4lvD)?!3L6SFBTBlz)^n1 zJuwOSFAl3W&ht{2Nrg^C^Wxu;*su1-&#xM24qYyZHcWn~s%4|0-Fx)HDn#I~bZ=7W zzN_9HS%vqZ+i4V5WO*Q|Nq2801GT13V_MO*jlAy? zw+IWBL`!8D=(?=>+#kIBy;aB7ElD@$Ex&c}D-jZZk3{zr&kXV;L06JUeD^ztK`39q zexC{YFj+!ftNO|l`IcmGI3AY02bFP&vSFJpVE9cH-uYhSWnUORCxJ%+5>O zn%+#a7qm}A4Dlxp!1y~w`dbB21(>J_sQdFC!%@NAp~){J-c^syVR^GTg&87u2VXx- zjboN9{ZV{vLu~a;Bs2arFXCy-@g?ZR{+~|onoj@7keS;)=rfh&hao>ngfE) zua8k&gsQK98kmN8PAWMy!(7tX?kc1{6>_~`;js<+6s<((NhPpi^nNCJ z?N*U<+G)T`#9@Qmz)|6toVS<8;uqh?%?1ROE8iM(8YxM)Dktec$5K?pb)Qm8&0|xU z$5WEEQwGYhVBseMN(BbyYVUB)RI|2~DJY^qj9=1v=265Pp~PjE(zkhxu&P4qH1K>68p^T(yopa zHCHQ(uq-Fbuv{xkJNoF$h~SLkZi6Ka?#FFR05ZEsji0q4vnwl;o`~6n9(9Ut{A`^I zSpgxq^^m~LI{SDP>~;o*pS+F9B6Z>a{O=wpdh4SHzj?)=B6URbw-L>2rxu8)Q0iZg zGKDBY)S++I=>-@)lYhg=zX)q^XcEFS3EWUYEhh&ZNQw#@BfW;=%~KA+DXyoRqA&$9 zO3bC0e-Y3B3C(>4=7G@0{VphskTtd2sq$RIBAxUo-#2T^nAX^NF{H#c0*Ws2*Oc3+ zEBMoW!L)#NU)ym2TB#1}6!l$o{f7|>FK{=B_zXA`&pYI7^m%?+Nq~&`agXpeDNaRnZ zM*nh69gd|XXpv#hRQ!iHN}bF$wh7;Pe$Z}knTOe;@&`EYrT`@Z~%OE_J9AZ(bFP1d&zyF z*(Y>ER&{lp^^>%-;x0u$Ly@ZQ*6DKpJB#cE7HK%|YE8?c$PLW3@_+D`e7CeHhJ+YO zTYBV+O>7iCDL@6kBm+bGP~!3k_W8n2X4M0bP_% zZIR@Dgoz*n;X1 zf;|ijdnF*Ex&|WupnYcxrJ#IKUsq{!s3;>)b#uQz50S76>?LX=NuiO+hForf^GCP` zw*8&2W2eK0C}Mk%!=VgJ`j+a!y^o;fR8m?^Es382y1;Y=e~^h_M7JZ zU>?eA%5bnGJNfn*2q-25y+Nf_e_knu#TpJ)p;fsHC0~juT?WK`KNy@+^BBq_qXmYk zE}5Yh)@=l}^1AWJ43SP2BzM|LU23ifn-Hopi%yWbr}g6clu1Z$uzj7UKs+< zTpku_qHGZiMs;btbAgaur5S1uciRFKwfpsU+y9*W{oYQ{hji=%(E|kU86-KlBf(Q531h z&o&5+djsw%Wt&w~sl#-0dvpSLkUMxYHviwn>LdqLn`ZlHY{xAk`eHWBxQ6H}uRw`NO9k3V zy&8P?m+dEb=38Ul@zR({TldrxQu3MwuMXHgd%6KP3~Pmj>%_k~0wT%VQka+c8Gtbu zKp|oa^*%0N0^b5_FG{nF5P{B)o#MUI}>C$t0B5 z3r?Uu91=qOuOR|hXp}$=8E^ROsCOjUZuSPqxrnD~+Hw5to*2%@myu|1*?m3w99*kV zvLYHQOoZNF$-z|^4?S=qETn?2A`*&WEK3L3*DbJXib#kYmn*jg=1btsE+?`GI)N+_ zhL^MJ2_dd2IuU;N8UMbrJ*FViOb1_w63&I1Emm*keSvRD(YJAT>JcLg?5{0uPUcyI+r_;d%-d!t)mMbZh9}3)vK+N|cB&EO-*7@H;)ziOaL?73f#= zoN%q99lLz<(GDA@bs|_EucH{$X_!DFM44LI;2#w94KfaKvdRI~VDtE5#EMa#h?G8i z9c$uG?&`mH5W|uThczB~lv{fcN`3?7;|MOOFC+u_HG`aB+^)csB01QT*{oax@xO)|tXTVDuh^^+FZ1fTlET8( ze&&5VRkhHC?B$$yb*8+)vSqNuaG zEKe429V%xE&Kl(i(L>fE5mS{_FADOn>LGDR0I+??39%<(JYEz!^h4{c8V?P5tLo++ zP~lfU96MLAzVIZ+cmUQ(aKD?0p|QF}VQ(9-`E^Il7c(?mui(B9wBD@AKny|#xc9`a z8^a<+5*pFW1VJOEeG*PKI$n_2_Z-r-lMl=2VE8n3XPPi8>c=?@#d=+g0nqsIP5FWhuT&H&Ag#n3p?9SVb<} zkCt}|*qQrNk_#p$G$0v}r{fG=q12h7hY0>w%ucX^q$qwMa89X$H-77QlnrsjN#yZm zT(!%Jbh@p*u3Um-eu|t4)Ed zQ(m`3leS8o=$3U`_caIHVeV>AUun)z&~i7z5$xD;zM!a1e72--b>dxa z{laWyE{nW2A#Ci95h4u<2}wBe=m;?8;pn1~PG`aWPLt4V2l*jtoEa)ANz_e9Mktyq zRaL|)RqIFs^dUHXG5htc66_GULaD3o&G^b(0V!wm{7Jt$loX)2q7-%X0sB*BIdv4J zq8E{Lx0Mgea}(Y7A9#N5^yhHlTYH3w*neQxJ$}4^by|!WjTHL&|`{y48=~(qL!oar_}5=1G*qoLKK`H zG)1udFU27q{3o^Sq2VG=fue+$liACCVmo#pe_Uk!bzQzKIfiN+a{73&T^|WhHr=T5NX{mOF)nq5)3w`xFQ{u z6U{CrE+(^PZeecj4UHW}#>U(p>F#L>24=fRNPQUQm&PRaZkNo-n7$8(Cr5E`JroBw zMFTLpoui1kE%Ef{3m+)lQ7yOV#BH*SN)>Q&c77S3BidlgOVGzRIB!9h&En$Xi@aD) z4NZ*~FJH1kO%7z}e>5q(XG~2)OVu%2^ksVZ^2_Non#NC`PMnR}0Z;3#C~WwvfRu=` zjmy9+OeaFA0jfzuoiPKkkve@m7YXe?GrJrn%QfDbr&_^wvj^QAK;1nE15CpM|+KwAJsD4dSnA6GI+6Y@Fe1 zhM~f~J-Z*oJb=jq+#YFw&Rq%Jpe}3*uwlJkWE>0YxXS1Mc++zX+YHuHJ*x5U{lM|@ zE!=4-W1I^Sg38>*r7H!W3(%5nXzbX}DWHD2lG__HxEo2f(mS|~b%;28!?3Lh>wPcw zsA*^rvZH%$O2OE+ua5R(P7!qJWOTE~CVyP;0e6kyx|Q~wZD4mJPaDTcZi1Tq)^8Rd{bkg!{<3n2P_Cd_)V`v0U738V)lk(asFw;bR@r= zx}$(^8SpNK8(}Z~CKE9daAAYb%}`J4D+SQDt`e63@uG~>XS;ql9Ya{*&aE3sY*D0) z_KopTz(ojXZsbO|KfkYI4tHZRWNL%fL8yqy;g)1M#7T{| zIW&kkjyMgJG&$Aq4DAi+%|+)|r$8c8QXEYhxb~|SK);z1?Avuwbscs0hPo;dL-`3o z2MwH$3BBp5;JSz{lU|*EZ&|v>u-@+IOH_YO4^);>G|2_hgn_2m#DRL3A`Mu}cLZCG z_CbhV$WTmx2&I3_#_*A-Wn;%`9Qw<{>x!WtHKTjEPW9rFRv`0k<{~kxALm`hx33;P zZr%d3M*K=U>^og2TGz_3p2FH#*ZeV8{1d-~rzfLk;q#fo#{to}0ZJeeQeeEpMQ9|v zuKRDLWv6f&q-mQs-|sH9kfh0*WeT}m@UlRtV`4C<6jIff>%y%tgAvZ7dlCnpD#<^T zTI$E5I{50`&*e}GKaZU(TNC2PFHhD!E4QBOu*bTL&tV0`#KmL74PS`)2l138?YqV? zBx5qq%)B&DX=D#2ZY0T=lHUU98qGE_RG+3WQ_=Yl1I^NgUZ!R)6REqCm5xC zaL>PU5BQBM!}#iAHSg7Cs5MUzTMjia+M?v&cXNJfCrPbE?110-nYw4U(%P3GCs5k_^NvD&I{ z#q`}q3d&N;ZQZ?BFPu7)-L}}1aL*%w30iSN+$QN#pVinp_VjhGq+o?cE?n_%5W95P z+$A-}*&bRr<%3M7Hw#PQEMY%ckf~A!*bs}k5q=ry`kIgmN|@Y-6L#hS|UM5K#Ih3aK_ z8#(<2_jD@(t?MG~Dbv+;|MBs0IaDqqg=O8+zT%XoDQ+FChe3P^$kN&Vq1rL=l*kX*$Ewvy3V|`s$6CD1G?R)|bMT>r68D7j{-d6|?0bSIi9@X;Sa$Pu~5eBNl9%B#Yh45VW`_~VJyv2OyU9CJ?K zzN_ER=1SEXA!v$d54h8P_d=b7lv~d+iIXM=)1ga_gGxD|Y~NaSFJlo8c`8rp&V9@q zLKQaf#^(*YKtICMz)OYn=^NL?Lj8)8V8t6HJ^BQX%pC@%aUYq1myWl1Lc$1&q~T|F z{P#Q3AcH&N(LOm}#aveO%|?}G_Jg>NtN!U!masU59-8XNYw7P}{I;hMoD}b&tV4gU*H=fk2(4>B=`5{i-2~UU4 zCAaRkWgH>cgu2|)>PuemTL7B)t1ER=M$oa-xbinF)temdj!Tg7~SH zTCu<{#~ZP$U$CM#KRrBkHiJ@1&aUF}LiO58>WWF*t@m3EuJ}tt)=!LxkL^n| zKQ8oW?ERUsz;M5zH6A%X`?6|@;7%6+%JsneiLI5DN$!sgv#L;&o65O!I9_0Z`~G(h zaoa?dB?#vCg6%HEEHSo|<*^;)hu_$rcQpn}NygN$K7bw`=Z(!Nrr#(Bz0PG0#Y*U3 z%?H@Lx)s2K1KEEsl1eQSa_fv%PD_ zI#MPhgWfClNQD|zO~LTD?m*{&c}}Sd5<`v2UcRo&)qOApv9vYc(b_mkrfI+_=$>oJ zW|D_Uw1dCVK@cKY2lyo`ZQUKma%O(Dd3{8+gM~|`#EKSs4=E;YP_gRKvzpPfBKv+t zs*+)jz#=wpvOha+opG}~-n7_|cYF#QRy|Z`ax7qSA5x+7iz}hs_kGQI`MwJUnLm() z*lwGAX46UV{kDCK`G{f|P@?1TyVQbv&7_Sx3v)5GVXz%k6*nkIqw-840q-6!hWeX0 zq21~m5;w=)gF+($>@2770ia88qfKb?jgKMVit;S(TpvWTAC40PusB3ne-NPj#h+rWjZ3RCC z2D7!WVN~ry+2yuasU1!E!xf(zQ^$Yx#iT%EzY1gk*5lrPyXF5Nu>v6}qMF@=OM4$| z!0ni%9rc$-5$!%&=okZXuwlFG|bN|vrdwj|z%LOnq zDs&Z+<8t9S8fFCd{$WZ$g9?1PCnkU%az8kAbP1l7@8JU%zxl4tS9euQO_V=UcDfWm} z-&WQJ?pk*DS;$`yvKHuW6ma3;&zmpK+5SzABm?L^g#B3=HF7`S25KU}*}vZbbQhp4 zekxajAACd|l^tRx5`c_LwcLwcT$#_S#&S<_WxK5^SvIqyO44ih=z$KN-{8*tE9&vb zn$yUu#!K@6S77*%+Iwztk>sxslPO%D`p`3{A+X4lEi92d{5?SP@d0e*+}>#TGm3R& z@2Gpwb*l`28EQV4K|8F;O7<7Mjp_6r3=J#pZib9~uvL$Ta-3iUHrH1(cT^GaU z9!@D*=GFc(POXmlBcr)X5e`dv9hy$F$rd^MlGEhO4?t9u6*!N7c|Kn>hUF@}HD#{k z2da`!JVC_v|4wE&(mw-8151Y<)6Sy@%51=nacRiAb#nRs+}h2y8HG6?vXsK*fYbmI ztsdxy$5uDOkm{_f5s|4NYoSOr(jM3%-~Q|3Z?B8q`_m=J&HCIz19mZ`K=DUAFg*a0 zAB~X!4MeG0^&>c*{^0HFFPqS`@s6(E$`H8vMzI()59W6U{}ug#A3Qz^pL{BGMid@M zIcopLB-50_gR4u@tJc#@A|eBn8UQF}p7?GMOj~90Yf9G;qI%tk5|N5tTnmt3!{^42 z@V)aH@bQqmmoR~>msimjfH=CPS1ZZ8nJlofTefa3DO>IGpZMSQ`98si>*jhF4<|hHFDn$h}6-zV2+rm+XP~se>};r zl4-<2*5F`-(1t?6_QwYpRuZ-AAr`JPy|tYj&%s%FWVZV{gr@YGxBN@S^Jf`4kjfDt z70+h-L=MGWxO3!bP7M4H*2Y&my#siI%I>dz+ceRW>S8{uQQSOTMCYDSGifFSdrWw4 z^ymaIe@{+cBaymlz5OTxz{DiE>wPPpj@7x4`K5rFXU+T8uKq8$%b9ZK)Gu?KZ3QE3 z+6yRA{W`Kj(L!DIznZrm*VB{D;ocFUPXa>|+WKc2Tl^lZ>@~6FDL9 zGROY?r;Z5(*+B6LRD>y^x{75JNd~1}IFcVKHcjnwA6h$SI?^%9nwqVa)hDtR%8{x& zYhhu*eM@gCLDaV86+n%oB#W@A8*H*kf&|lzi6~Yay8!Z`4h&$P=;|BJf2I5&eQ&7OzjL8h1h5^BVn z{xo*X)zan`R+-n#M0c0As;i)eeBs-K?)AL!LBO$qB-JE1p8Osk)r6ZRMK2nbQ?+pc}k6{SqvTp-N05oH~UP}U&=jQRDd zxx@evmTT1=?YEoN8|}N+sxIE(2+n`uY;UCS7}Sg=}WwhIe~+oTMQ=;J$(CqZiwGk{{mrpV)#g z+*ob0F22C&Uk;^D)23 zfkZ7YGGEdua>eSb^YDog|C%FX6`M-8O^-ZasuYOpU+^Jge)w4_CEh6MB!T2|;YRz< zoda#4i>vM&_qA--UAA=-9zWM38M16&^ zNG4_faN*Ehx-pAM@l|e(*hq(>`NGWXvXp=(70EJoU3)tH5{=EUcft^A3n*tfORttQ zIN{K_HuGJ}Vxm6#kSASsyWfxmm*je@POxVk@=lvtP5#D9>l9_hs%XB!v?*ce#aM}j z@|)_w+4v(plg``sYL?I3y~}JOwYqX-;!(vWO*%S5)UOhP##LQlv}h#_IsZ*NXw7MP zI{ry&?&qUr*aZbV!&-Hj+p$Xagyh?B*<@x3d=2RLW5PH<^Zw4viu-UTBx;+Sa}CNS zsaZEK^4@uNxUcJ(%_vT_XnHQmca&}{xqo5hu7-x}$&^4!|FYSz8gznNkHJd{y0Zah z0=RUy+J7j+u5Gu@smihT@gyJ1Vdc2^>~ZBHUAQjj=H*%Wo&n&X=x#H@Fx=l5G>0~h z<95SbEmQi?6R8A;)bLo>qhh_HzALXFgV)++?^_xac~l7R&7~WSgwUF2Fi5v1l{|qkjVN8Ekb916 z1C#_~N+W&Z#hSc{pIdVqTvAmQ%$gg(`?f2%x_wADzt88H z;$@LwBzYGJF}#CF|9lbGxieQ~VaO4#Z0x62Y^6*l3Xya>xO zeaY0m8_f5;_~!(q+TW-F5L81pH2R41d*V8h=^WW&HEp%WJua0YwgWow#ubjR`j`(q z+pol*XIQ_m1wABTDtbN?gbRii8ThUV7Fta;8I*+Em-X_c8s1pS@D&r|Uum!}ja+$G z1|U@u$85P@iJ}Y07_-yPfj#x8oFgIwjCjyRwBlV=K47qC<-@&J&20`XhhHjFv079% z_6ux$wrI*L9bUZwNv++W5Gxr0xbqnGa#u-ax_);||5)nqF>{F|$kB8MFhR#~h^v0u zl)MCgV3?DZMBq`*|M4}P$kTH9-yUeW5pIjwQ*NwUt{}VgbOnnySnzlm;g&ge0JOH# z;2dls4pmd{WH*3EQN-fNBh+Z6oUY0lKcA8pg^xlT4Az!+pA2j?Z+&t-5*mMheDoUc zsjko#?X9G9SL(#`_!TvDc>6wG9c~^!KW*X4;fEJkn@%o(KHdDR7u#~~q#fiyG;lZp zgkRj5%|Hz-LhxlRMk%M|l3J&}a4WMzq9gP5jaf9fcZf{L34@OviI$k{R)NP?scu&- z?P!WjIR7Tvb?_voW@eSfK5YgU{k5rfUVg9D2wS?UCcCdM`g7-FJWKZyeB}F}-zM$Q z$2Cz&@t|~u3hV8Lr10!98AR{_M~Qg67=KDQXG`W_Zol({rn0Q)!e zcx3TY;K^4ekCwM%-u`JFb`|L;t!&lwKA+*x?SQ#$ z3HS~;=nVaFsXuQQ7ltl((0Rb;>&!=H<$~@DeLBpvy;@hC3YW-LpQf-SO&k7_EjIJd z%3SSBJi#%plc`R2Tb^*3iw+80UBEG~i3AGh>MZs(XBd{1r4)+ATnxUvIL9Pz_krQ& z+XH}CbnDAlsn%^MmuGqG2LvwjB@o#yyJ7ZVU8ZH{plj0(Dt+%A)#H{Rl)OW~kP;f= z9qyVF>KGAE|HYP=Op*r3Th7{)`SdWH+cK@1IsCM8%qwt~JKes!qCaPBu%ge%*qb}3 zlaY^>Lv{7j?sI_HRJyYL1WjM0y-t#P2FG!;w%vUNBjyvs8P$O#YRtJ^o-mhyYsGrf zz8udfCERHxdkEUh1?|Si{L0 z=~STT2RmoAY&vJ&rSmf|O{IE%R+2h0TbFw9>Lk0aZ=>;4S^kaa?QHK70MWnvf=Y&A z6;HUC&~#s;riFL2^u8m*18U{m8qoWH!N~NjA#ZYt2(WZL!F?_6g{rKgd9uw=y6ak* zZu#6lt<=}#-VR`id=}Dkh-dEo?Wuoiq{B&=ObF?}ZdcG@E~s{My!hJxbAcqsryMT3 z~lx!vZ!7WzYpPU&dh!*p=d zysIkvdm-FpQW(*CgvdR5l9tjI$OSVL=YJPT?Vaqnn zUD^ztS0?67Hgj<5@aYyVM@g?$NlQ6>xu8=1_5OY*E=jwYhUg-d$+4g035l}JoyS0_ zAfb9-m>$ZGFv=w4_tJbGQbRkT@|44aA|oKcmy`>x8SvIZON@GJe@au*Z3hl_KqQ<_ zzuHx`3^Uev$y+lva+iOnW#uz~mI6(t&CsUUlt^Cb5tPbwV)Siy*DCq`2UFGJsk;*P zE@mJ!!9j1~($~?lviRJYtky2!lw2NQ_?>sL!a$6dUs}w8moj01x+c6a}_Y@M?hfUv`rjFom9L}*DH`QIzSZ=gfQQ7A< z|J`zmFZ-!{x!9Pw1+TZ9o37*z-hg606b$5nJtbhKkOJC!Xxu+m$J1G51n_CX{Cyv0 z14_VK))Gyf4T%mCnJ-(Q1fij^&Wy<2Qn8{EggZ~d+%rvkGFf$`zt&0$`AMxv44s>i zO<@XiXta$Fb5Z8+g}RD|P)va)K^V+*`#yw+er_x0Uhg>~M2*A|(tmLQ{-bD&f7=M}1mAMBOsNMV^?cd~4W19li0C zTE|ljpn(RBdY7{(`>G*5LYVULn<(`rHK8lw3CdV1A9^|0Ea01%`_qZo)3k3t>RSGf zDMRxy74o8P&OtL3kQ9IhVayRLaGf`os#)W2km(Jvpo}0zu>6oeuNyx~1*V;h7Q>o2CiywvYLqn1bll z%2t>la@~WRC<>L+f|F=ZH(Ze*$ban0KyAa_O|Gr7c=?orW+Net$@lplWvLsMxQjBJ zt#mJ+X^jg;HuAR((AX`28hR%M#>eaMkMfw??U}x(hPhnSnr;;C!z$T*f%dDUdy|?c z$dO?G*{SrGCL)L@!BbHY8jx0Nz9&{H=TC~dXZFik*6iWD zR&Z_RI<)%pzOTBZ!2tw!v}QB0VelU#V3Ap;7YBiPUO}26;NEK?q=bBmSQYU5q#ULf zYOmrUJ-f~6q$*^6jSS2aZ@>nHUJ9ZaNPmCg4Y;cyujmpZ?M}mM{+IQ!K;!TuIH;SP z*8^Z(l803wnAP49cWAwf^e)eDtDtqS$-~yI`7R-E>oO=28IR_J@U`>GdOgPk%Cs%q z(?07=$GnB2<@iMg{UaNb4%*c0A4Cx~1#M{g{Vx^1F4sS%7k%5%INF|PurxbTQ`5ZX zesx%Iw>CGy5jjT-K#@@5dUbJn;E3bo4+Km9v%Gc%Va34E09vSS(XD=c1;7{sbDsyU zH{0`?9Q@-$ERO*)XG0<$FXacO{OBl*7xPxnxN$v7j2)>P7@~OmX4~#|35lAfRz@g! zXk}gp*-T)_bp%Rz>{kTIR1XVJuj&&Aq67H+*WI<660*}45H4TypUKE=X& zhegTQMag(6_1UGMo@gvWBKlS!GxVQ1EH9`Ybd0T=H#RnYSl7!GP{neG)KpThJV;u~tGG>teJz+Y*{?1Iye3&J%Ck{@}xES?ue;voP5ZFTl3dvf3k@;j4w#q ztSic8)9_43EmI69lxhY*xKr0`xBE`SZ`ZMr*=Jw>=!oQX5h(xNQs{H**5Sm704Og7 z+8X3zaaXqZ?ousqJ78=zz7RDI&Io4_tN%Pjxn-L+r5;^Erd)ckK*z*+vyMikrh?C5 zjdXa|=C0fneJhfgox5GCqIk)NqRmi7<(lfZ^uETjIkzshq+z=_%K%C}q0b!^3s5#! zAsvZu7?B+OZ*B(^&N~3S>D#rLGRetKyKQ0I+E&Q1sd=jV5t;Q+?!9u#dJW9igvJ-W zD8u7MrXrOssY0ROlZ~@Y(AtnFpBBUS2yRMW!|udr5i$i?1r>Uyk^S zI?cX$JE(2JG-bX2m(aO(0bXR$zrpH<_2EP6-BvO(2K8|Xz7UL9g(c2La3*+3BUs76cb=aCo^a5a1E(sJ`+9$j4>vW_gC)oN%NbvECniiUp zC)Q38KyYA11{`MumVLFydx)Z1#PVi7DmpRNt{McC_C3)LsdzxYeJO1rg71rVbcH`{ zu-P_!GT1iVQB&dU_9~!0!*D_2&uWLWUrcQNb;wEn@ekCgFn@b~s`j`$w2@b(HwoMp zvOA_A7zE^DJ=1#gAKs7@$DrH16R(!d-e}%JubDOSD7?T~<|U`?#Rq%pI7-^y$CiZl zeSXmG8}jZ~0oxZF5{3M6ljX|0)lX-`NozW7XP0A+88vRD))O-A8_By2)FTu9h)7@* zhzJ)$3+>i*nQiyhH-x)H8sYN2Vcv&ErLKTel0jIz(%j(@(47J4F(T#Xh)6=Dp`Ev? z&Q$zo;{*?b!z4p$sl8kN7+X>{|1(;=)9jrJ=Ho|$0C1oW;OpffNy>ZHO!n7p{fz?= zj=xLI(^R+kp8z1|6~4vd9fU?{ie!M-=?Mw(YmB-CebXjS^KE|~ z3X&W8J)HK;oKs!06_b4}1=!uHfxm=Eyc4l|2rMF_)T;4w`#@|O83%6S z*WzpKA~mU|HGCRfKuvRB(e?GZytbx6;hjN zvMKc&HXqxR0iXpq4z2@r@YYD8|HB$j5T(2-%=}3y`G9NIQ*d`p17BTIG7ueJ57i=x zk}1TRf)MwRAjqc;a&Hh~E4)4Qgeau8(`2sz0P0rrQ(Niha^7x!5W|J4%AU8HS`&ZN z!~5Y;y``%&e*PHeN>ZH!t5E6pEZRbYf76JP3l*G#n?>{2%l#()Cjl2I#^pb)yqHZ=Z$Yuof_MoBl+$$uD41MSt=qD@6NVpX zuetJn)~?(Y_8Kk+OpJe!Ps<3RL#p61H2k3JdCZL4bXrZi)cLanw^WI+aWsf1<8Jf3 zt03e&F-tFMo+1gB=dDL7`ombE|KrAJ8w}N{(n$;F-Tg*+i~4nXG^ZQ zB5QoxuFgY|?(FUX<@`%pVdYs|Jg0$tkR3~GAB3njz)Yw}T_HGPFa=2UTTYO0i7@u< zm{@Uk{=&z%pDw5cn`Bj&1fzPO^{ytapMv0b5_)|AXwhu?B;ER1G1ee^uV+_FG8kqH z^Hko0D>=RxMMeBdps`&be6rQ0J9jSTaZG4BWp=X7uAKfa{Z*1t_n zY6uonAA3x!rU&u0K9Ul<3p{=<#=+pA-`+dl=RE6?CNH`A;H?%#;&Tgk5P?0}4%?6j zB;E>#M4$l@TK|<5-U-g=a6UQQPb>pZc?`Orr5D5|62g6cyp8VX3n{_Rg$I`d^EtqK z79QDKGVWj=oS}Kdn}E&m%ijEpEu-F{Gu+yANa5$t9z4)Z>fEP`Z-w3zmpv~0H$e(c zvHXAR{dZi=|NlRZlZ?zLq>Tm*S!rpI3Ta4tC!|h8CGC!kqDdOGNu^zy+N2^XrJ;@X zJlgZr_jW(0qUY;8eO~X+@1NiIdwKt*i*wH7aUZumt~ap$TuBzkBl@C65PL4k8cUP0 zZagaFsWSs(AJQ7Q-3-=ea&dF_eHEyIbV0v&La8}tfXO9jU;UHrmk8!1B9!C438xm< z^XdXvjz^>IJVxGRF~)Xrp~S-DY(pMWzlF%mB@mjmzF(KH51h?61kv};#equxq5OBpLT^$a| ziZ{>_t1%{Pz~3jeAuEJ`rDY4Khs2Lxse>7h`C*=_53tX%8Sx#b!rVD89*ug2GJ|hs zCzigqbR3Is-@kF{#m7w$!X&)oLt&S^>*#DH`y|1^fcMuj8S_u!LvssC3suq!B7+NYP5oDOiA&7%%JM$KhUNJb4+s zrt|ZC)f-_Qoc@Od1l0Sov{Nq(TAHWcY!r!uGKN^?ihohp@-{$uJM)WAKy@g3B(?na z+mv-jAYS$|xun)G%)PX@`v)8Nm_~Qln)Z=ilOj9pr?2_s(gdgLX@%b@>mHVVcDpLQ zOG4V6S~=Zu_)V6&Kqap`umM`slDb*BMcvOpy0pihp;R1!*Pm^l>U2pk{~9uzxS#qR zt&WDnA;z$$w<+D9Vu-1HaM)E2=hl{Qd<0FUCR~;?{l@sFEbe^41NYKze*9R~#S(u} z=-_Q$j>oHI03yB?hDi+k1E8eGjh?**wCT+ z9Z2d01V_t)tV?MI=7Gw?J{5CIT7 z$T-2Sx1}DIG}bE3xj2oNRKG4F+M0{HS(lQ7os^_*Tv|F6S{9Uw>M243?Z~MO{o$r) zVQc@73sWZ(mqXiBAE{e9u9rN&%Ay8`J7F&PY1N_=ptdt0V~6b7*k$z-e4wJ=82XWF z(|~6)%b>Y78rZSaYM)R3!SqNtm3JmA2?^#$uM0VYtltL|%w9LFwUw&ma$I+l;YU6j z)E&(oRX=2n9*%i-hqR<%<_579$!fARfmG}SxpqtL{&{n_(B5fwso8sV#?|zw*Zarx& zNsq1ZI9`^rq&#kmt$}yG-akLA)5=eQ8Tzc6edS`B+;xl?YlE5ss>+u?cLEsdb;E8Y z(yqCf8(Cba)^5%)wcSCP&{uC@Ej+t*I9-6`~8@qCsEWC5HzOJsWCTC_^+WXlG4Vq2f zLBff)Ckap)NGv=OcCOF3S-LPC;1~JMhf>*sK~IWGTk61VzdY+p62w_N%Xa#IkmClH zA8}1X*w`peZei?WN@W=dnPrLYQs`2j(~iYPzY&MAXAL&Hl^$yW=M79qUL`Gs<<}#$ zprm+J-k~Q+F8=<(_r`xnSKeUIW3an+eo=;rMWF0|>q&!aTp;0%%rH0AViF*hOPhY* z0wQTJ`TAfGX|p1hDr>l+^k?UmrdWF$-)Jug)g{{1YxEz@Jhx20w466|H((^WG%PH> z-b)4+njKOTo<&wJ>EZNn9^sM%06HraLWbpnrrwMwq5vj|g z8KLGCM@QO^MOziu2Jj^I)3QNj1aaR0PG6EB48sr^5AICnxtD%Gu!;S6VmP((uEO)H z8+H&|W@f3EjPgGWA7(l-fE#HzaAqgDB$3_HnNB`-t4bA6wI>Du^vKdF0ih@^!o6Ya8 z+Wqr~fzz||!vmV%yiAFd2NvlW)F5c}G6a{bWHm z+a3O^l()C(+Q&wMwZhF?zAUnqjsb3_kgPLVX(a6K0=3Pj4CTYlK?MbZNVWQDF$iPS z9eP5d3HgZ{1!fAZE%Q%41KyCd9`TJ;(u zl@lZYMfpDn4PsWEg-Tc~cJutD`PnO%zh&(F;+B4H1gK;UJ)nqr-t0TGjWm=B^gVf#m2P2EQ#35#tU}AD4B{g+y zAw%xz;k^L-1LN)!s7rRdi}g$)1mnW9ki}feV5N#U;W=1Rg%Gv-Yru|LnR$Aj2!%E) zHp8Tiu?Z4`(EBYRjlt+m8tWsaF6j*8@X+k_n=+yFRE>=<0P00hQ1JZT_zv&54MD>R z$p(nUY1|9DOoZB9I=2Nd9#jWehv722lTr>5fLaf&Ou|?GpjdPRJ2(2u6*L0m&lnVG zVUqH8u?OEceP51_Act(JZD6j>c|aU8`1$@JjE}L{=YJ`A!Y|w(#wtNVxZozVP0lD`q@_Ox^2Yf~ zKP9vg9%V~5Z!h_lZf~7-=6%PN&`|>q0?=W|x_O=C@;~$uizK>b z(z8290qeyt#pM90LJNP$KyG7;)?uwzNVmTE{>L$cYcXdCSqU*u;Eq;$p$s$cj)iSc z1+9!O1RghBP`a16H~vUQFM*tr3HQlptIGAs7Ty+@oD}O>dlpP$$wyI3_Q)UGgVBXV z^r0MU+@ZC}f`US8VI<`BS@>!pn$Df>*pzWLF-#_L-v!yXFs`H-O9qIMDnyG!k?q%v zSIF?TOsIZ2j6UaRu*raP~0E_-Yj)uWE z)g?ss8$`>6<%`1j>$+X%rp~X5qtGVPKyf$cK#JUaeU-T)6VZd^0rwEjQ;uL0<^)!q zib59*kC0q=X=l1+9|`z;c?0LSt6>7#tzsBR1;9AQrglJnS55(>$oa%D?)Awimkkk` z9xqzLeR-20@-X`-7H+Ixss0lB|N$rka#+a5v^LH6EtWWM3e2v`*@Pm?N#RR3E*^n z)_^s|&Es5mjvx>O$Z9U--hRtM1W^sUl*C*{yCimNU4-^z@(mrDx*C&-Q*+@2@9Xl& zd#}&9^Q$;VxfOKpf*7Z5UiE3o_$BOtxYG|%9;>V@6oFC@H7Y3yJ5vLWNF7f~e${nK-W{>?g7~m|e+)>~58|Z4sp4bVqzb zpRame7C|a0nYxpB&IfN;j}s9ArUoKiasGi_`v_O;M=|iNfet&FuwMEuNKwWAAE)oR`-26dsbQS!#zkO_SELG#ix9BJOvT;G_fL3o z1^Yrh zgom5~fHZ2Qv`Xl=16Ec-* z9kz+i-I#M-mf zsK4culAsxDd&%otwguwi(ykW#HBRsnd#_{(jEH3dRysZ(De(%_ApjnCyS_j0eRc-vUbV*P~Z?jgIgtZwSP6i!(tePJQU_}vlmU>DyK)s%cenzI+`Kzjl zC->LwOOab^?~Y7)J52Fy6+B|pbIjF(YkiQ9D!dSvFOPom#&>cpWss^ejZF7bpXJru!VT#R9Nt?O6rDb0T)-;N1xrVCq2F|LM zcz5tOp7evJx*+|maj8J-9vlGU?f2$?@&4%4&7_Vt*G;-x^0ub<^zV{7Hfc|`qI^uO zlT2J(RXTvn%}^`EPfkAKF%jeBP&!Z!PT9_?Nj=h>PqndD&cwMvSK zAt1N?C%*j?R&?rR(nTK!r@~0ETL&s`gSvO~s zuY;OYTPC8g&mgzEHCf!|6an*_YgFy#KOQl$$VPJ1IFBm!;~yoENcH}fCZHN9Us zZ0Nvf+fT%|vB__)ucYAF*3pa(tg=UJG=3VlCc@D}5Ji%gj{ zeKTKFBfyr7(9R5eSygvqb+%+~K^@CsWnlXhw>?D00CjF@tut522Qd6w!)QPGzoY}3 zI~MEx*Z5f<+at+UoCie+ct$tU!a8W*fte{erwIMUZxY|u(=jf?-e(KG=ic|0jO&% zGavOO5u*$b1x{Ru6$1HSYb?Obn)3Ze+VwZ#uB(ZL}sU@4{gB{Lt-7l|BV@^o(?N zM(V-~LdK@h_6q$9oZSM1RYLoaR-XM&?A+*@$omkv^*^LW{q@oY(2=zTnaYd6FVV;b z{3o?oQJn=?sO&qx5=-^1aj+U$FHk&oMM=!`y>7WLw|CyIzB4`A{@9PRU3B3G6a9_I zR@F7CMQiBXtJIk+-jOoF- z_M({cbQ48Tuf_ z@qM5s{1hy?pJ)I{HD}2F_|H9%_i@VOfC#gp_Wc}$Q^P7ID2AU~hwhU4{8XWBi}zvs z$hXf~JbcN`eK?2nM?-M$6Ea(z#J+UNkJ9&1$30hRWM$pDWwqaeBYtLlzl$A5i})M= zOdT7&-g^meMT;OZE$qzsEV`Q31yg*TU6-}eLs9z8gn(t2@60jtpZRg>pb2l(?_>mc zE1LoRI2G?kSJ8ze>~`$3 zGAZ-Q%b||neEmobiL(6B@5hEaHYIswFHDBoD+F7-dmP~v*M0l^9dYr}&AYz~D2nyS zV?}RPSgh&+o$vNmh2B3*2MMbi7hys{n}f8&PpSf)jdV&>zO;6pm*0eX12gYtnkrmB z@r0?bv6$u2M3FtNh3Q1>`(b&}9_EO%@;FDsipn9(F1xmo0S zEd5dSoLhtQN1v>!-KjFy_BeRPcW!g$#Ph_rbo3J(a;nqC-KKrzJQWw$=vAljiD+;YD#4r6z{ICciu`A|Q+<2(q)HA%j#u#c?OOy`CPq>Y+p@ z`(4cWMU-JGT73N5uzy@lls*k(D4Tvp39M^X^w+h?0r|L9W z@2Ja1(cB*|0|%h*gw2EPU@`~}=O7G*gnTI3k1!W(`i8lXh4gYixL97PN<=*?Og=L) z;MxCaZ~Pu8c67g7QZtMqeSKBjmb=cuyU(_y?Is~N|L}Yt?S~7X=ar5jyjhpV*$xF) zbB+Gm!2?F`Zd5{E4wcZg!H$_2^o|4mVr`-GS@RfC4wJqId%*jpuRI3^T(O<#Kok+g zly^VD$onlDP^92A6nXD_;dug5|ISCihVXp$c@1GPFpJB6Vxm-M;gZQ|c+NB9loyNe zGY6JZzke7HVtl(!Vd?`=w2kGHeeuk>#~dA$L=t zbz4q68e3#1Bu64;@@G*S|4Y;?i6fF9saCQ&0sYEx7f0$y2{q!xkh8WxFRz}!qnGR0jvhFCm~yx`2*<5-0%NDb zrDb8!E9yEAsQ$^e=gWNIt5J>5iT2paYi$5itxT3j5w)ltM-rzdgIH;NJ-1NojKfTn z2Z?1yLo7_Z8 zkCsh-t6GS|+;;P6+fCbEiLZ*&GfBB2i*mNrBmqXxqPLis_XD{>@&VE;J&TP)5SeWe zvTwI+vrA4JxF2000R5gvW~CwImP1$fiHKxH62s^qtSyqLRRZx2v&h~ZM&-JbI{!g)EKO(W<F)z5_Dp@!gAQ#LD}HNFY!rR-Y4= z4f8J`VmaUzNR->zWJ$PhJ9Y4_u{{m7yH)Z>$Fh27=`tq$uLOO_`U!uo+eV7+?(nEu69{CsOnN-i|lI+*p6ak16NAxNrs*dVe zWZXdIhR$TLvz=LQGKhJ~k^{febHX0%t~YB~@Lg3$vwDjeEgW`~VY(*?5kwP&aJBGF zq3*5SW^VbsnW%kSSza2G#+1ng_!@f>zILfhcw9tOB#+WWwKo}w6{7d4P~+0ioNaiA zg?#YH>o3#A0@SdwC$kKx^ul$r^sTysP9rltjuW5SFZZebdfaoeGtj*JhaMu)C2$6U z-1c2-H#y+R(~@#D!wScN_gm#}eHU7Rz?R-jf}F`+2w>3y<3{ym7=2v7T!@NQ+v&HJB!>Zq#Ch=TO^VKEQIuyFLd>b|c$#s_hgG~sGqpOM_ z!6!`BcM37(vaPertW$gwsc&~daB}9l(40qL1%@zo@Bx^?yA~<#?pjEIJH$J5b^bR` zA6}R2^CZb`C?~t?N1R2xKL=?uZq6I)6h5W`w6uk+2*qBG{fB%+R7fwcu6e>#;?*VhknGI|oqw12T69majbLu;f zS>q%&6NpRZ@5HqdRYxI&h^nK*bU35H!0~31jhRFxj;W?veWOMCg{LPox;+Rj$ag^j z4LRdKjTq09CAv5G0zyA8uUylhn%4?9g#g*|NTHf>(8PSCR4 z-xw{qP-h?+Y`p|;u>v|LG5mDNQZ2w@Nc%A45Izb07eFO2_~Qli&{LYERtW0iLuW;H z!TVmAO#Hkal+F+C9&7aFH!fe?p@hS^5j8KCRB;iB13AzVeNlNeAhF}1qLnCmR*<3m zsz1PRVt)es%|fhO$%F`gGG#WV(wjd6WI+{B`p$9!DAERcNM3wuTCAAe4EHu7yHfhB zP#lHH2wLM-v-!o%W2Ombj|;TK_TS<05WE#`CWWqN^Oy;fxv_NV*i(xJ;fM+Yg8cFT z`>J!xVj2>)h1#-jSn+==NDf5IA0Rd_{yPvG!h8Ok)sJu0wbHsFo>nf{e>?rj*F>K% zfCZUda01Sh62=>~iIb^nUj;_1ISnVg%Wbg;0*2QVawv-q{@nxlFF|Pb$*E8(zrTWb zUlPun*6#x$m%ih7tcvqCHJX1A4qOWTiM*A?+dW0I*Jj z>Q-7~c~c3o5<*=%J42$KUX0D5$#^B1Obhc*Z6vQoUsciyUk`!>a=EbdFINaz+tp6$fDAdLphwv?|Y*|l2v2HhP1AEHAe^y?tM59>!uAw>Xl-rHT5w+fb8fW49r6S3T|DX9 zb2IZ2sPpY68VuUSRW!E))UkPgLZ<&UtqkLa2L*IR)h=LsFk68hsrkrFtUW!75PGL~ z9ZW``Lt9L5cP)UyPGZt5aB_6$ zmDX_^3JqP;_hxS76VxWW75(_l9+$`0x-dT(K&Iw5pZL?07T)SijgALwE#mPYWP%FX zsOB0_vkL5)%!L14acvOP`UC#uh}mldx?$VLUg9*Pbml^SM}L)|$^6s$_%Z0#R?5G1 z7>tmKc(oMWw|DL`$~k5JNUuN7uDb=lr`OuAP7h_Ls|oWa8fXbO!K?#2pY97V`ij7E z+nU`-+>gaxr0^P=7d7n3C`VbaJpg^}#kcek?+CL&lbxbXDc|>3*_QF{^iH~_yQA>@ ze6VfTv*DJVoIl6D%DO|)lKyZl6b1a;#Mew2pmVF?)Q|YbPAW3Op&+8fgkkf2F&O0V zfj=MzH-x&NdXd**V8TlH-<1aXn;kR&)ZcJ@2?WZf^3tIKo^>-BQj>0z%5xW*^xR(n z+#d&{PI+NRM{MV(0H(2?g6STq$@K})``_NBVfwHrN=~$AEbjLz^3W={jfsQL9*M## z=Eg4+_k!$<>^I>hwTkTkI>`CPEx9{CPCwkb|CPPzB7x`&;$y)?y9rWHD~XY7w|4%m zUs>&5?z2ob%oU=zTmr6<`jk=41TAd80{L=vhdT+j@e+NUNrdHCw1^awa(2QH63e-( ze@9}uD0=(UG0~Zxh)B-$(Xt`5)-6^lx!uAzm_=3gBkoF%Yhu=A>;cZ{$;VCs=c{(1 zi|_+tPy`l+DQu`JK?LS6Gtw=h-iatb%B|vVoW!bK8G%mg4eWv?h zy$5FNHgtG@Mh?Yv!MFCezO&;0Rz4C;d8<{NYAh>ZQa)y;NzR&odZFLy7ZYlyq-HJ& z?sd2goL6yw3zD!Xs*t_N8uBgve0;i+clA!13tK2lwAPl=!_;Zx}4xD*Dj6)}<(mn5(1Y_~3X zqx&^fEq35G$ePuG*EbQq5?%s7=UvCE^#iDHW4!_$(OX{mb2_+<#eNN2RQjP&T0^X% zUUHB-P^_U1e+e1zzeOg&d~wbO{;l<_dk-Hh0`f=j6TbBY4Pk=*qvKMr1OX#|1rk#C zC4y>*%1B27fdRfgFm{@i@CIg1_>o%gJ;B$1b&S_R4i?wS(3ENB?Nw31@6h#moys*^ z^!iuPVgk2o>+5%ajh6HN_=H``z`!6aJzYXtTDsSpiMWmMH*hF{ac#GRZo#`#f=G=P z7Q3{;ca16@j|Z&9TQ{v?jsOOgs~wy$djfB{uI%hd$0unmCpR`eQIcl(bz(gK!!meHA0Yw^}I~Ps06^Ho!5%kq#aIJY&O-*zk&m9OlVd6$5%kNC6 z0i{;`KD}G}0U-RN(R>#|1bNwH0;xgk&B_&W{HinYB-m$^{P%$1Rqpa)7x1)>?IO}nVrE<9+-x#cIDe}4W#F#i!$=IB7C?3`iDNw}QbV)x;8cAnl- z2b14bQSUDad+Knu*fbi52Shp2v6O$<9wLo?Rd?Lfo{SX{kQYDs4~z zsmM;CY`DV~y=jhjEjiXwBkTe@IVrCBiK`o~)d);neM0k?GhM-?>cGHYT!X`Ynd31L z!ih7rnNiD#8|UYbQK+*t5rUQUGlF!TLoIkDF`CVzG@?+QtZZt>SkI%i34?Fc$wZPDxqbbC4s%EONsm-TM zeb-+3P0kj83!=`7Ejtz85%x)C8)%nZ)r)5GG}wJ*25pKVC^v6cr%Zy4A8DYxAIk%! z`D6SJ0Q20Ok!iTGz(J z1#+F6{IazViszJcbW%y^r2`&f0=m3YWv8CUy-UkHc;a;zbQg@JLbC*6=sAW7!`0@ZfoLFNZaA2N1XTtaOLsOns6aw0JmMznA0sSQ-oIDvSlMwvmlZX+`zNutnLsYXEPB`<@71Z+eVWdBhazv1{|*t*;u zE>Bx9QkL|SUOgmqjHoEbyQzmY`v)_RK?(nZh-~I$@2v1ynBVCCCYCx!{;{QY=;;5NHTAn?1tuegxo@gI+w=-00$Q%i zEH|?dk80_?wx~U@Rp{07d|(*qIHjq%Ny3sEz-{9`w50QqCSsZZ=z1|beha;`0#+M~d&1q-|RzDCJfl6Q{h7$9BQ|_PJEX+bZ{)a>e zRv_V7)Mwy_caB$|=wkyG=2NFye&mYx0{%I);{!%(7;yz)>Fom4lls$D^b$~o!(m}P zxTszKd>#632`hA9nh)D9*U^SE!w+}Ae4KF+jl{{W3S9nVC2x)#f*KJOIBRuavR_h@R&A;tGM-MN3EOrWhcMg=|seEom+n*IbD*Tn@{j=Ve>=gH&?JeKG*FB9X%e+u*Ge1oe4c+=rAEws& zo1F8HkLz|csyjH-d?=u=F2TNEu~s13$(lQ1LvL_i0e&_kSUqkYgL?tnj_LVx+lZPB zVDQ6HU{XKQgC7uiaKk~zu!`_3Q>ibaUmqCe)(G@ldqRE9@+T|lw+iT2aqJKJWkzBl zRsOgn>RT^s*24VD)%qh?gB@W3%i`ud5=7@{4fmLUATpv$a9;joNgxpD4si4VSH|uS zLG%a_liC5=h|h3ASBDbQN%N?fH2l!$AsTwLxCK^3zAT<;9vR?2qS{|7FL2W5+@ta?^Z$`*^Lq%kv>-PPpMRoQ`d4-LzCp8a~iX^yB3Cu>?MfU0B<1TDt8SDZHxy#>#&FI4tFy9(MEQ&TOsU>In6 zyyJ9IxGMy#9Ea*(iv50|8ibmz{+|V-^p2@fo@R#1A<^bvAyoAq#rBEWSI)KD{ibR$ zq7D;Iw?;_?s7U#JHB2nffCv+QxN&D%;UbH|LMb#}f8a$8RId;mM0 zlk;4=FEojzVQ;CDo9$qwyLoswPN@hm2)5Ztsh0q zspW5Mgt!b~?;Xt1hcz=qoFIXIi{v2nIc9;i{Vrw>1qvg)Np=^5E&FEn`6c}^#|@2H zyDDiI?gL>pzqAzpfAMA#5Ib9m?_WLCS^!s6(A6@C@jV0-8)&2g6QKcc>8yJ@P z2^ERVGiv+`GzHhb8#u2J^Gb0cecbyWQSo)2-o?e;#$KB$8=GrJ8Grlf@zpOTH(r}nDDR1iYw=C1z*R7K~mbA+%=Y4SF zJD*D%4Mc(H+Dc0yNQ~T17A1^&^`I8lY zeA$H>)(f)6Tm9woW5Elg=+`pK`eJp@q&M)?vLehz1&lI|mb=l&&kb4%Ba z2*2k#8+@ce$$bM8(|-DO%O*7QmvcxG8U@8Y0P2?*2n<|a@rujTRU>06m>&8jWNxE| zJ26|GJ)B~Ls|`3lo7MgMdyC`M6?6kYa%4BJB2_GR;BH}xerZ|qX3T*%h5B+h_kx+S zNx|1;Vc2q8M7j*mKCzI$ri82gbeRT?#Y7j+3h@CBLw#<}W3brI2ev@@z%ubH{t?bc z9$Tb*M*uC=juRZpv_mC+K*lc*sa z9QO@>$#E9RIy2*SBxGGA<=G~jS3+c$VhDC|Tx(No5m@~~`BdCeEx_vd3bh~-KxSfkYpV-u zo0~Ni7tSx7RD1drns!=456;P%P2Hk@7C7|54l#R@=4iFo=c_x&5;neE9e3QOwylk+ zwxC+n%!(1WC_0MKftlhITlc_$RqzLqs$zxoZIMc9YU&YTVFp)k`iE~C)F2FYE1hps z0cO^Fzn9hZLC5U@rb2JTpFDFBJ3)qDv*w84QH5!<+3(+V(V)Jyxk#V^ zv5RnsZjAy~)}VdjE>(B^j`S>xF?o6C4)-Y*8^5_g{u|6&FI;#(HDxn4KDqm*L>Zw> z!;Y-9tLyUR%lk@{6FuHKJJamh^YF)yALlo4PIq#go+Wk{k0k=(<0e|mf{>A4L6~g$ z57s8PQ(%T%{k3asQBhHs>l3xiXL_S2U*4C16AD)$XSD5jeE!Rc={*b#3D7f4l@ffX zmQ$!ukU;%~!@vu-);gn%!!44-WHxPNLGxnYl)?0hUKPBfV~P{r?lKY!@|T?v7I)Rh zk3H@W{5VyVPpd*PX|K{fR_*M_MQykV#2utFX~CIlfcZYlieUKMW2G6(v;>s zev+O&QA3K5;yTauYoImH{8yp#*?DYXUu~RzvD?m3mF?Ls$?rWgj}wUZix|{uOfY|e zWZ0*zByK<~JWN62*QHyCbVz9Umd(UGnxW zG{p>{fmdU<#b68`^q{X%g$YP|Z`ZCV&pbmoh2-0?!i2vr6kbG!?7uuDnS&fNjfls0 z78X7K*W-gHd!iEZR$%VFav1YSIECvh%(t&%DX)Xuan*JCCja`v`xPcxxGUO3Ap}4ZCUi+eeCVaTa zKL=ik36ZHjxpZv!S<{fa*6dbZ#XWl%Ju(X>=J*WNqPtm?I3Wc74Xf8EIIfIO~w zyczbeq?FX|gmG8VIX#D-q5`S{{M!ZI3jTHviLlBM=WE@v^)p?3c?T17hVYe~dNA^5 zc)s6>H_>)9=w~A)NjNdL5<5RS95&zM-M!#Y9>_af)wYn=UKi-~YfKskQq{z(sR~q-`az-Lirp{IO?K8nnLn zW?|aiPJIr*d4KGE=CX6Cqd6P@WSx5KUBOQ=F%6V87A4vPA!xhmJSWrTS7DxuDG4f@ z+=vnEP~@qpxv;9grz&C?Cpz}yTfXD$=xOcVFm}e;w^_wT7wm&XCVe&?ve90}Jv^Jf zZ4O5Lbp|l)z92mq)WYsw`}&cJiOj>Vo_sCT>6JXuuI__O*ftHsN3~{gtb}EjgB<6L z=y;|LtlQT)qydwq|GZbEk(}3&4MKnOB{o7|^P!0+n&PO6bTI7NU0(Ov2ICDzDdzs8 zljRj5@#8Q&TC_AuCWzx}&88!@p|}0Wo%8M69Jk2n$6A*u?l>@$(_|((O54(+);JMg9vANP+J~We1~^a z$aP;AeIF_}M(o_fGDC@4(OzC`?T=TpLpezno;r4U%>d-V$<8y_R)C$awTqUF+#4Z; z%N@xx3H}ymm|J7zP$H{!YG0%=&HRQ%W9(0PH|la{Y}++E`!ccE$gD%jo=o|u zcAi~8W6_o1#(v6vty2x<*t=ar@gR!~^2&*s1vh5!g6#HG=1N)x)x zE5J(?_GU2uTRKi&{Qh!Fv?=~LRea2rcQuJzYuNw1G|sKid(I!45(LaqP z(Cv@Joo}sA_F=^}S|1h}?VQ!Ou#0*wwj&?%zUOG-=tK>_N8cJ6^NnTs?mKsUV}8xN zW8SK|)6r*@DuZ0~wQp3Pd#o*0-*Y}^tmWDr(RAKKjm$%>*p?(o+PRqBg+^@6inA96 z`P0XFb`=_3t1wEv=1|?ed!ufoeR$PJ`Ev52z!=B9Nu5x{(EHMU(VkXo=ks=ftyRRCBZo&cC|$eE0!|Xl>^HXIeR-*4%pI z>V4(ULdpEKYgHM%G-OxxKV%Q(H;v=Ibzkq;sXXOef2u;GC|ARlbmw=ba~j7CL{QSN zYP}Lc_dA~iE!`PIXY>&YHkBE3Uae!vGHk&U=D#gxyz!gjLke?)|;rFs_1(ZQDUrxHFAhO@%@H|*d>kxk-+eQ$rNw_ zv6`oBn(#*i(!cGz#|iFHUU<)K?-3bdC6`ad6QAA+G(*jbGQwnKSi)zfS|ytkEj zzFe|jtCxpa-9H$sOr~o1pa8WTgU8g^Zsd5h8Yew*f?e-@QbiUrIaP8I2t~dYr}#+cIrl-KeCMiaAmE zB=o3nu%gu`?#z=o>Zq4f_e<0c_+Fx8IbZT>i*Dq?Y)o{hn`rL*HUtD>6%wdbbox}n zOaCN?ag1Mzj%DZ0N+E`rs-0NFr_qAB8S>Y;%%{G%V%aN1`s4X+dcNF&_Gw-g%lVeU z%u*@r!sI^T&VyPu2^vPebB@(PFyUwIq(aUbRl~uyJY0S@-l#(fxAC1_v^{sUYb|rS zeLQC2*M(+YbWv47#28}-v`uqnCR|h{HezkKN}$e_vhPEX7(6u7q5rwf_s0giv?l0u zoMdyS#&&bfXbLf1XUhd1&SS1TeJbw$eD1B!$7w9PL##`J+5og|D0@=HKP11vq$y+i z_Qer{u<6eR?Q58(($9atp7JC>q2T^Ip<0!i+E9-)`3=U;pZL;-G%DG5{yeQ0bF%{Q zorOR{o27eTcyK59X9TsO)yew@{SxkJRX~`{JJ5px&muiGK3sJ zYkWD;q!>Za;H8PL4$2`R(dVL0!lmjs8y*4*%m#opcFmrPsGU*n z0(Lr#lbsI_CP1a@3m=28ld(k#wfd|$HofpX`^l0d$M5y+Ex4KD?hr0NkH;<+K5a>A zsZl#lWDl1FaYVjc9p5ooyE-PV;!0~~-r(+iZz>YALpvsWo735^@n**+pNLoNzo><= z%1dWgMDi!+PSVAN{_&{BoQam>X^QynaoO%z>&BYPv&qlGwa01F(_iAXJ|IbBqfMbU zc342bq|}RHczykX-T)|7Cx`lNhw26`7V=__Y$Qf72Ojr(& z{&v&~caS&k1eb~aLL%dZL}ueL%j!nI;fZ=}%Kb%mrC&8hkh`&e>DgHNGeNTWD&lzY z-3iVFH}48~A$|$bRb_~I@VxX5JP%`C!&R z>0ghh>|u3o7-Py##G>Wnb45>To}{P!^|Ij+p?WP>1{ zuNams8f#>#8S9BmA&y~e*>e>W)cLH=96Y(kKo0fJL~lxc

C1rv=af=tG@x(;&70{rY0#A>-8{;IlkW;2?h}v3aTwpa*V=3 z4{;64QAnhSi@~+&Tp^4KH;V(NY4CCk&0fdY&jI#$WK8&yUU66|*66Cd{KB8pYoBr! z5jvXP8@a6dM~x0WS9Ip56+P;-JyVQ&U0l@aynj1;xX^uuEi$yqe?~agAh-^Sv3gps*CP zA6-h!q3gC0=d+)zsFxl8lGBKKqN#cEE6KZMev2pbPOVF{xk+$vB+K*_^V1?|B+*r5 zm^H}u$=V04OL^WaHXEg_ovP&D3_KW5GJ$#yB>Sw5Dln~^FZbKp1E@iGZ zDodt@4MszG%)EP=l5cxiF?ZTcPmSXaZ?raXkGPCoJ;Rn{BJH_7<})dyj4Wn~AF$nD z#wIFPpz+_LsZD$ygCf^eu>_5vDD7=q$mJG~U-cbuchUEG-6^bm~{et&D%^-=lznA(g$-D0CkQI|=? zadk;*>)Hw30Q%!Xk>vXBM2+XS()BxV5sI!|53i1QGy70Qctb*mF59*S_w%krF%{Y`NUI_USB&+o7$ok{1j*24IqNsHak z1|OgP3WI7dOI8Vg2WGRwVORFeOX@ta5j&dD>-agk0Sl0cOG_Fw&5xu_QLAddxC zOkQKg@}(}Pu`z}>_td9wKitdh-ECQSQqEkbK%R_>xWr6uo@PGlJgFbVpk}Dh=?CqsUBZ`oqy z_!3J^7`>spYCYq@Zmj-e>qCp(X#7+3e%#V&&%m(#ZC+p3cvO5AvTL{(hG$Z4KWobo z-@s=XXPfXKGzivqTBx&E_iH@|qi)O2geo&&q!#vrD8&@V#7C#4LW+=#B8&-4Kf0^v zERW7xuR2_UZ5F=kIE{fY^09e78yaO8@Xk9rzUz3@o-7l1FTt;CrBXoO57Po-9+I)_ z5!UBNn!P>wa$+N6E`eR{GgmqmsXzUpMLeI?UyBE4XTKKOfhq|<&mIivgZL^kC$0i8 z@GWn(xn}13?0GE5hndGmjbnsIK`0UFrR0M?l#BWq)nUukPvu+tQml07hTX*F)y=So zJ}8$<)6SMeX##6LtG8CMtBdMr26RN`zKjMVN*X2mRjrhOB)Wq)n%K%Uue>yj^TN^)!9nW z27z!FIH!Xjt@vMW?OevwG~f>egz@udW6KJ|poDzY!2?xVp2K&V=GQ(vb~QPv7O-$v z)|d5~tJB_kquDH!SZu&zel&7t1r^8HwFLE5ynAr4v$e;8PD5zNVaD1nhsNM%;jo1$ z>QAn-VL8tOdPc_UYJ$q*qiiN`VUsB-)4dsRTRSTc5FOYE zWTqLD`C(u6%9tAOTz6(8zh0T+#-*>69wsfkjOHghmn?ga)VD;?^);yL6hi@X&9=y- z)XUk5^iM^iN-N7=+hAg3Lf zpHSRPIB*>Ki~uj|6ExP8Lw@10tk=mH4Y=P;;tcYYPqb_}MFuq@S2z;v3q%m-(J%)= zvx-}RC`1esjVolW;9yZRj$ifWW!Yzs(|iYBNzm@jSBiW>t@YZn!_Qg9Nq1{svdM!b zuVN8@m2+dVcVc47Ox-Mbu>G^|);TJ1saHo&7H9cCbisbE-xPHnNswsJjqlDw`C9Aj zNa|-kunY=BTK133)ORes>r17%bUBSZ$t)1Z07Y4eZH3{|=#x%YXAGK4Z$S2yZS%IW z^Qwhb>Ua!3ke4t(YIx!T3H_;>;b;)$%nT|;C2PGqnhc}LCd}gZp1v02@LQv?*W#5~ zTV2imPYz=hd>W(Xx>q)&aW~*TDM0TZA^OVCZlAMe0GI_OV$M=;B8iCn90M?l>T4l1 zex(G4YD4WRI)lPUwFQWO-mMFtq&E)k&!Jj==d@hw&4>E9NN8MR%RC*(4b)EL85)=w z|DdE6XKAeXVfDmSX06~+A1Zhw+@KkNpx-J2n4f8P47KG z|MqU(tA?FCuf$je<6iIDo?-JI`*z%sKSMY=K)RZ-Y0B4rc5Siv$cxA9U?X^JbfWM) zC^?GZfX!}b)PD44OF8x~_COlbet#|}`1rNNrjGm~DxE#^@MpdK4?c>7Cd?FOZc2wb zqV;st95L`=t!8XZs`WQs!ee_FYud{FI1~HV*AYcHb@NWuK@7)q@;UQ3%o)ZES}Alh ze};LvBvluyXz(J#R$^_2r*5&yG%HU2XsY|1bzFVifvOmCVRSmFFFhdmd#pQVHI*aW zvp2P-adqC*pNNmFN2hk;M3L;0a(U{^bowWd-$TJ)m4#*Hqki&~7bIQk;u#G%pw@_3 zbMfa%ESvaQTcdATHoSMKYrS37iJugurfUvluSNL>rz&KOBt0Kg)GUtlmOJz!>J~B{ z5_8>4Gep>x+_@Gl!@mg7q7Gkln3^PAy^|y!)p{bBE+7+abXx#|&!{}Q$BRKmhL)Wy zG|n|b8-+Fv4s>M~7hZ|+v5NA=Wwi&N{LZT*lrPN@9p@#Kyd;F+s{bh@437*`?o)qF zOE@}Znfv%q6*I`;bDve(@o~U>St~AXbRkCM?hPW0J1`I4IbB{}-!#5Y+mQ^hHerSR z!2j(Om-<-cE_U(ECOU-X$YN{u&EvZfqas1(Q}r)kCT<<+fvN{n$}`shq#*j{z1S2xG3GL6~Wa656%?Q5Zt^+c)xF$N(_^~=M3urj20?CXZVw@KLLuVNBR5SNm zCaC;%yu+{huQU!5KspPrwf|*V%am|98>M{|c)%AXB>#IX&c~tivokP&D?0jxd@hYR zZ#m$z^?c_~;IR2u@cxEE?$hQ{JRXPs)^sMX9iR&smK)V#WeMOoGm=$SAjoIIwf3Nx zHz@)dh=apAKeR?su}pfYYT3B1S2s{7!b4iylt@s7{Ud~n@AkFVV$jp!X4tfI%=%9^ zkUx*;JMT1q zlYo;sjy$fUd7t{M9>*BSZO8$r75o6S8K4^D>lg=0PxrPdnw)8088YeYr5 zn)<0uo&FTx(&q@&ke5E;ibqTQaP!RAg5hM*_XabGk%sX%{U+qegr4ItOa znS7*q@WQr1bBpIYrQtst1^DB8lGeqyPCE8*NKhx$c+Fy)8DM9AJKql#5?RzR?T3vI z+&q=qI|=s;{1^ianijPZg}Dy5G*+f9Qn?NdKJ1t3=&`2*4gy%%P5qi{xA?_>>D%X@ z+XTtfhO4w>hH(w=DVyB-uhY4&@TkDq912Ti#KR>H4)ex&goiqaCb3HPHJ7@-f*>|g?JBUucHD+8_%5C%JyIk#pY8J_6D_2XUVWdC$XhMQD{sf{I!*ehG#PqOF z(>2O1Hx7|o+PpVw(Bg1kmgkVA%3%Ysi`8=DQ7oKyHQL*;N>}d5WC9V(8=dA4+(0Tt z*ZPp7(`}Nt0V6Ww^8mWz9CPw&KyPHj4E>{Lg>DWDfhjf(Wc7eVt^*x#B4ocjziQ0B zY8*@p9hc>g4@hno?vs8V6fifZIu{)Li>iP8>Ekn^!x(Vy8Czz@q_I_P$Jg&5IUs!a zdDDE{S(_tF^HxO8gI(ez9iQrrop%X1*%cO(IZLRHW?5`-~=8fW@@5D}fi?j+o&UH%* z+Inf2`UFeraO}x?%_DrNdiq^SBgtyy;(n=JfdGI!z77G$73c@Y*w@;f zN)_X3O(3VkC=*U6H#XPSN7|w$|8+h1*-0b~Kx3QkR&Rdh` z8S-&~TRTgj_Js9abHvO7m)W16n2(9i>Y15wBvA1x!ZZ3x4}P6}hfKJsGf-JtDtz(H zJ~g>cYY zgehFo+dI@hBTQH_4@yL6ent|3TX*L1>w|q@^2AI#V6DO!unRKQj+>a>>+$=_7*Nn$ zIrc5rqBF-&J+yzh=x&a;*S*y&>g91iV5Jfp*`b;;XWruOj2<%)W+Cjty&njtMxlaM zD!|p9D*)*=1}n36V>T5LmV=4N3{qzPcyJWs`gp0JbXE!{7|wCB-M4FtWP`}zM;rS> zvH10xI?Gv|Gkz#9TdhTb;KR~KYQ%IUsTrq$xN&@(50cZAk(y86(v#$B7!zcUej0A& zV<7@WFu4_9gq_*EYMW8TiC^yJLwt~eyw4c6oJyvN?P*?Kq2B@!0?MiR`W)|ha6Q~Hk*TOsFiKmD~ zEzQ+0I1c{OruCbc>Zb<!+@_^a~9VU|QGU%7Fh!nd-*8n?o#IA!Yu$aXJn}D5Hc6anYSsi(2IX4zt zUW=OueyyUFS3AWPe3I8@xjIxR>bpH(PzL%45D|XyFZz@GB&k*ToCP(z#Kc5md+Ve- zc={^abTgoDZ0tQmr9rsxn{Pn;Qoy9nE zOP2;vLdC|~=9Jc4ag{$Vkhr&1t?Ckap51&v3Qw%*T|&QbA_gVcpesiV&x@@*@tDZh zwwh7F$KT2@-}o}HEU8o8_%wT1N7N;7`?@W*L3yG7knh2LQ&If3c@P7Okz~GQkz?Iz z-g!(?tJ#?Msd>Obl)VA>xK0I*jjd6ff5$a=XVakZxsHkd8h3dRCU19yEj<@xj!kdS z3dnTt)mhkVJrdCzb2nA#dE6^l+I~dW#h7PYuDVLW%FDnbO zeJz%s`Qp*ZY^rADL(Q_tvH)CzM>A0T@}uiCIZ8vh{b7@v$EJdQHr4^#flE%}{PFEJ zL_9lqp{G{3**ZdA-%^;c7cq$`IINtzbH4Wx6b-Ink_pUq>iBo1h^Qrky6t+z{q+w25$P(EfVGovrlDY38C4r*)Rb=B%Cs70bCx znSTC)0qgZ3^{p|%)v!-(Qg-q92Vl>Z1$H_=mS3nlEafA%cvPS)%XL=koyeXDBI05u zJc{Ny=Z3nEYR?^=N-eoMoGn9o1X)bZD!da+~~+wSujIZu%T5-1NF z<~Wt;sFIB>Ownd|d`t!-O*7F)wT`0wr2@3Gf~~Aw;U~m2H`63=RI=@kzZ+EcKFie!3ot>{fX9~k^fmj=F30W>;oz#LP+)DZjW}R*CfgZJ(k?t+uugIZMXjxI z>dd6K57}yuR zg>QZ!cflWNqG|P~zTD36@q2hR;_%S`9UUS%at9@SeX-9eGNRSX+R179ZWatcGj3zX~EA{K2 z$LirAlR!R|B53|$SF7F<6&BY@M@*jpM%?I}baLNpZXPXR><8U6*4v(HX`bJUlkYg{ zMY73(baQ^k7j#zel6739Kz?JrWW!l%g}ULns!50_Z+WI#bgT5La%A))9j>?hK2y8tvc1yq%T|3G`D-lNS9Cw*cs+X2vp4>d^cEzwE$bcu~9A~7=KuIiqFR^ z`Uf%Y?d4pr80V^_zVsj71xun{ zII(@hkm%kL(Hxj=n)^vHk<9des|?UV0A!ey6>C=U>LHQRZietM0$=es_lcl+%U$-v z>596Oqw_fi#W5x=w?FM$loJpBCHEi77i^!x9rN`Ri3AKNi}p|&ZDV5=z#gRPvJ!(k zS5S2Mq>_X-bLA?a%>YV66zG3_;YvwKnTsph1oaZ*oYLp>SEgcb5Sf4qPqQp{@{;ei zK>FlXUfMZ1MRvyXDc`?;AJF0?c;kC*&RRDKlSpkmif{*ABG)=m$e1BU$czcvI{WP( z(qR6^e-y{`U((GeUV3&-4IpX-fHeJwmDoys^L;IwOn+ymWD<}k-p2pKA_n|V zfZ56|I>HSO+AHd2`}nxc)yT-J+w2?n?*VeybAf+&=^79>8&)yL0JThrJdwczhGYQG z5m3{4E5_Hm5mvOUity*h;bYfG06^9S$W%bzL^bzGv3VbDu`l!c^jUJLWs%2a}0`DFBj*u!?h6ewWn~{a1hnDabfrHpJD{ z^>3YSZf+V>J3MuosuK=#IUalw{aFhVE_di|vPfO9472#|YhiN2GERk&uSR^3&0L%k=|8s8`%|aI! z7wdK#lymG&9j~sfKD2)O)xGKgFg&3UMoX~`(dSP0)BL{&iQ4oe6GI~rt8`cacYi&# z_cA|k{4%I18e`v+hT=;P99pNgaMECb8W_YWHmbg*SLPZ9NbI0PRQ;g52I6+->E& zjDh^F8IdhyY%Z^=S%`7Z71P;t9B5M!>Hc6cVu(Q$4q%6iV08IyyR4RaNcuwRf4i^_)Zh1FXKaG70biPUCHce|VFFyiw8O(HV(K zR-ivUz!-n?ZyF~Z7)YS%qy!%LJw+EKh7mbJf{^eGO;?~qWZp7=05f1Q!$tbaV2W(Y z168@TJof?E69`xlKWuRFoN~Nii$ym9=@sPK3EjEUb|asppMRStPT~O1muC+CA7EB~ zA_}s0P!w+E_)4s7@r;)%DX_+u^W-(rT^^pE9VvGlEij0vtsgo?piKy6lb3J)4^epP zjKJ+1L|@?~1U$?`F!|!(AO`#HxF2!GHZraF=tuqB93>Y*yssE2TtG6Ft2?6TuuVF_1q=uZvMgc$nZc+b< z1L?(|h-=eYEZ{^D6m+}~fa^3@149fC-E73*y8$s_yEQ*hi`HvfKeRT=zGjPF@$*`)EPFbUXAcfK?wFbMhPI z{QL#_rJq}|%6hx4Lwz5BOZ|xp9?Pwq#|57+E-X|*IY~CEiozc}(6YJG%1E3+`uDr` zdio#P=4-=2#AA_iiKJqYd|+#9d$%!LhTT8!Cg_bqnoW6e7Gs=AC1Fm&NhenNNwdT$ zKT7w1<^-FrVONE4pN^+pyOO2t7Tc3W3n5^b)Dn!{5gnAob)84o%??i@f?eI~r)lF= z2ybz`!G~<50TN&6!R?AGQ_;<1PF&gC)Mz7)ZS;fL7M4lbxpC{>t@W3v1E8~+88>uw6rB*j{4G#+9l6{uI=Y6(xkdqt`G-0VguCY&Y!l4hT;y6P-ISx4gg9e{OrS!LW_-;w10FBiaSe&?{I65s$ZWa-9>i32ob-PX;| z`B^=s7aK@1@pOTb3xu>mLh)OoY98^1bvw;8$xKX6=76a>`FK>^1$8&QGW8mhs3FRa z8^)`gbaf|*NDJ58us9p!n|wCeALN3z1s8W?zVe{?o+tD0=m4-z9Mdp2&&11xA$3s> z4|oq#Oa=*4>6gLSsm`DYDXi()g$ug(Zv$1R2<9`uYQ+Jb~HH^RYL&l66&V5(bM&d?} zqrZ+khp+b4;&z(3xcMuk5~fK)wWQPz!E?d68qRjJ&y%6+7x801C(4!eWn6Rv1Aa#- zWBdJ+(?Av&thP9;MU&urXJ|T}1m2toS2*c?mRA_(5XYJ0In1_f;(XD`a-K0WZS&;k zB3@?oJoBX;Ax-{$WlZ^O(8=06%Y}v!`HEwEI^_72WK#Cv* zfcZP}6iKIWj+x(DyZf6n>b7DuSjf^3J60(RoQ9Jm*=qv@5EP-TV7QYc9|Y-4t8s&5 z>Cr}fqi3V5?8+}`J3?5ar$#)@wRN&rVy{mr42c6}q`-$9G>@{y^wE1(;A9hT!8CJP z@SLKBSR-P2mFpHKzxV@=G;0!!4-(DmZH~g=+nTz=5L=6di4py(W}?#I%DrKo7^SA{ zHPZ*r3NC?XO!oNfPDybzVlvAA`{$rY`x(vVD=bEn=c^jGa#k?~zJqhW>vhga%y5#m zJq4PpgBTu@WRMG>k~1MosVSD7mwLCpAC1_#Y=lN{K6zl3U8+TAsXW{F z30uECRw8s|%=1r0xT%!H8PX{8gQd)=j2Y14_M0|q$eAQ2MX$u}ulX7Zk>(qq zDgro5`5dji)Cxd$e>{5ouLl+XxiplQfiS*pu@+nWz6i`<#@5oBG-mK8nK8wME}t70 znwnl_MN0ieB3Jk92l3GzxU%)fvN+&xipa4fsb&*Bh@1!~f8~x%=~yi}x%Ga@l5;I- zBoV?T1g`Waj?511Ss?7@m+K6qS@=(~MrB|PIO!DY1ETWKwvM)>Svll6AK3Cbdm+_^ z4cPKDrGqR<93Suw@?ho4C8yrIcY&1OBHgPlk!Izu5H7H==3SfADWa53zq;Qf&E0$X zbq2f~HQqS0DY;AB@{D+;1*x_y0Je;R__1(g0bBm#BPEGK*%hC?v!K;;YWwW$Yhz#` zFQ6Pnq*{6z=nvz``Fk69xS1=Y5d@$!aszv_V*l`_djJ9c#6f8-i0jvY})6+Hlkhp|hX1@<8xkXe#WiUDIF zjJN4v%U}FINmiu-`|uJkSoz-pGX$s{jxEF5lR$kEPZdUK7+!EetoYT%?2a-|-SsEN zxh4LWN=KR<(o2RXjBMA~hs)^nr;GHQ9ZQUuj9{Fh#<~ieT#=xJ$TpYUAxmkaG7vltRKxzKapGqH8JTqoN^fbOi&HBvFfGTFMDmvX>!kwxGOS0k zo*8^W?+i+dR92lxe}#XrV#dbNA1pjE12+^UjZ4aEyLcgC<%_Z_h6()8dFAonFL;nZ z9A8ryukcqcqP|`O_=(VtVHkER#M(W zT(#_QF}6brqDE+${*AwbT@*2)ZFH8a8s7Z&{X*3zaF)a&Nk)Vv*v)(E) zXNoGJKSRWv*P4nGNn;d0XUScHoGf~T%ygGp{Qq;b)fc>yYFQBQp-ti&IsZEz>VNi+ z6^a;=_xsmI>!{eG=>vOsB1JXFD-=n~8{M_Nd6E}(>sN6#jdD=~$^>M^<2^ed$ox7{&~layf} zS@s>28>{F^ZzF$(q;jNQbB|!m72jLeyN2;%878Ytd8IH(3r<$k*X=+GN)R|1o8I3i zn+PC1j7Gd55igxTRU=oIz97bvAT8r<9+^&B&JKhW4*5^4WxjX_g^<(UARHAigzc z6bF*%`x9TjIu6=)e6r6(OwB!H+Q_yY{XXVk*E;6*0v)+ZPh(d`j81Ev6D0DFSyUGT zwuZkSbbn&nT3Me{DhWEBF}3W`du@@& zKV6b5cN(u4p3v6Q(+dc0RJVwy@-Nflcui6Dkm$I!hKm1wW#-@Cy`O#Lakt@Ms=QIf zd+)VtfO>&ie7M61137tD)f=4(B@+29IfjFiqBpSP!FbE@io9tna4go7beeLFnCg_8 zau;%=av(^(0BO=RhAv!LzCh*;*)a-`ZLBk_nJDufmHuUHEUD_MPEn-<1X!}ATO39r z&#y?Hr$!LW@by%x+}xiurj8amk8>W8k>LAjL=<9T{Flol65{!*bt~mzTTi#LZKi!u zrEf%CaN51H?-t38B7pQp+(=X$P0@NbUSX|1rY=C%%l-RXu`dj}<0_%KLs)IV^|e{% zc#gWn)~nsix=CJ9QNcW{l%!P7@=ducn9H&ua~ ztXJ>_PP`16?;errn@Fg_juttt*LE`qi6yCAkjPb_yV7oZu>-KZ84<9~go0+jkFo;Bd?t086 zR;29cap_Xi(LSG$l%<}YQ?p8IVk%0FJVk+1j*m~4{_3aJjr#if*rX&z85tS-I<>%$ zVj$o7!;B>Lk)Ls7Dqj?6dEx`YRUc=6s*`T;Sc!W}>2tyA))&FSd!FPMibX;DuK3d@ zo{JIT*QNOQE?&HN9SVh>Hfusu3VMQ}WY!~NFgPh#O&26gI4R;)AoTR~z)v%n2OU~d zvPyrMjfy1V*bqtX+u;4W<%w#?h8c}?+1!s}KrHrIJ;Cp~Kv)(>I*{Z!0nUNjM4RCk z5s8_Li~A8CI@9c*!$thQm*8#i=$L_#ULt;xk)9rW-`CeSHa%TPD~~O+v4jLcS>gPZ zM`YHw1O#%5iv`0YBDjH^{dSl8|MYT+02gw(j?BIF=oUj_!l#cGrVSoped%)ftps2d zWY)5q)n7>Q=#1SOnaX>G?ZVHWiR|&b5V5mo&jJu|^vwtgoPr+Ld-AS?tBlGIA3pTh zn79)j9zK93tgo+2Xz?EELJhm)2s%FhK8O;fttX&2tU`AkdOcryq9ki0)$`? z7{a5K=kx6qQA6P6pkeZ^`T6+^35J1YY^3<|*AyB9h?Y%f+>P=Vv-d*892fa}9)tZb z&=*`zxG5k|M3JyERHy?s)Ngs4B?iga{|Elr@>tmvLdenpf8G=E+qlb&q}`pM7(s~ z$scUDKv^LxvWO&|%88Faz+OHDHJ}+8LJ4GI_3{%*S`bxth(L0qy*LSk3UzKEczae) zqTl$}v9#oIR_+;Vvj9w+2Vs&5i~h_iNPOCuO&w&W%5tz{A{+f*ek9~F*Uz{RF_q+= z?GUkh*0SyNl`3T9MukKW>32JkB=rhC<*ZyX>qP4KLNixder{bGPYsj-Fh&V8a1P8y zB;e%z+hY*RK3O-&tXD6_7oMZJRk>Y6Bpmvzp`c2@@dqe^mG!p!|Q_I#GWnBYl6Fack_QIq2sm_$C`gg?m%#sw2_I;O4N!j{?kWoFea!otGQ zd>KAsHItjc7O$x!?Gk1^M@>084NXoa(IfRUZzWEbR7E<*Z8Pc4vw1vY^;-T&#WXQj z9UQa>Kj=2kh$3>BW!HAYh>tkd5D-#E0c^ZZ?7+l(F`otgrM3P2-wkredYSm+Rg%^A z7L9cZ)KpYdPJSyxHIlpr!uSxSjX`DOsAaeo)-)WgKD6YJ1BJaNXlv=#q0`2|Y8 zzt$D~<47cTqh?Y#Xgl6=pcbG8Sa0W@pXM^m3qNmM9o;8r}mV6JeDo*~$@bj-Z3*tbSv& zuo>SagofPaSV3jLX8jW8+dKB~%=93m;#T}o)T*}pGLTVBw{YwA{TYx`()B$VJyq@7 ztC@6(k>5X11mT-I!*8|Fhj2 z;5xu`tDX&;4QrSTe{9ql>bsnmq3d6MbRB7)^xUVGXAQ1f{XF*k9ot-!JF1Y$ob8Iv zv=l}BA+D7G9$oV@3^-g!f=ySC4qg19vdR%W7iLiR;`zxeP9I^D>Z~_dbQ9p!Q?lY& ziq(eT+}vDI+rFt~ba0!8C%|)If&0@Ui0EnY=+hO=(cj_f=&QtX{ylB#|5u>;Kk^Pg zyU0_xwem!tiwz5waOo~q4Qj?@$onHka+EqAwjMg)eL)E9FEOq);=_#?yLR}kl_a$U z@AOJxa$+FSrd~{RhlhvurnD_vN8qR*=;`h2R9b^hSMMIS6M&tCPP#P8^J>Cr8O?qd zRS6e@TU?zZtHn!^a#K(+a@0InezEWLR?U=Kgsi`?Q58RxnaU#C2NQ*HG(R>f@m=am zXX&*4@t#ZD#DrC(dDm?hT@dUf=3!@~|MV%nPQFGIHRR;>G@2pRl^sCMy_pHZ<)Ff% z+Y~QlerLV5oOG^@GRMy~(LXM&Uz{MU@2nO%j2N4v4|kT3`17pSUZ1Cq7AUK0%F};B zSS>0;$gY*LmTI`}FdYj8jS;ka>BwsYE>5X1_brvU@=3E<&d#_TWdOFjp) z?*(Fkn(`F6a)!xEzoZ7vaeE(NOfa~bAo=@;ZVgBEqj8|)M z2@2&dZCG8EII#lH)oN>LU1>e-eOTVXU_2BVh>0qM;md;P!3&ZBycBNZzDuqMIF#V4 z{__#-lpAiEZs1o6ou;e|)q9!U_xI;sp4r#Duhd5vJ}c@xQDxvg?TNv}K%*63pX(?S zY2x(5ZJI8r_W_hFdv$5G2!AEjrD5e_VBE8$=KUGIAZafrR`03u6`a7De_NDPo`2nG z4MF|B;per?z|Hz0s}mY!#7cfT1NyM9b`ZOIG2sviHH$PieW5tNu&9*jIilj&vK8ez z#N-pdTQJim4|vp>5JI{1+PeFbQFTcsW-0UuQo@H%CKVER)J`>OUVHC?_8uZ%Gm}P{ z-BXvx_GrU3P#`dUw-pmDhgq-eBd$IB7$sBhFBdZ|lc$-D~~Rog)K>Y4MDp>&#exu{H3zCSbrp`DOqx{J7GL5c&l-er zCQ*l?k~yi?dj1j-5b|GNhVayk+pInMZWp&z*0lXN&3{H@?f?@V1#DT9Q-jvTZQ65G zxy-D2ZaF79oXu+t5|~+h`YB#BEN*VD%69wIAKRStwv=+hM=LFG-_UbrU5(7Tv~I4; zXTDzt&GeZIlNeg6Wi)3k zYmpVDN>l0kQmOzyrIx-eU&+IILrO}@rZ?q7(CVefg(6yu3rXhDAS5E~^D}7IiYqmy z{Lz82OyL8|E8uBK5mU{me6`Su+e|fLuBB1L$r3E z72tW40MGtPx$r^eFhM7qvz1f0VR>{#48NOy9<%CL8g`6rlo|mlXKv&f;ue8IT@Eq5 z{muTk6daP>JK(C+@Yc)H;|MN>O-)Vj5+qnY*$=l)Io4^=M81ZwrNnW14;&*wfFLnk*}4f^@rxJhb`c|riE(Q zpTnCzLG*goYw9qN7)gBL@zrDC*I^5C-#4^HB#T-)5Ec3nD3os?nD1ES)eAg;NI4Z1 z*W>UiK0N>rCkH{Ff0u`yQc1Nl7(3DUZ`LaZST=5~QuY*@Sq6rPaWoNvrhJ#!s!jGM z2`{fnKT|OAnLX>7vDXF26rO!5ZM&Nrb(U#C6NS}B=I$GwFmxa;_oJ*zftJqME|B@G z#gccKc#Y?ZT67DsoUm9btPxwJekep2De625Ie>3)!ZA&RxBB4aHcum$mcvEZ0)5hG zfWCeK^3~Z(7N~M)BuJa2Kt!#+m-z{K0K=@Vqkk&ERfU@+z-)Ngoe;5iY!Kl^0OVMl zhl1bWAHI1A>wnm)fgYugjBC=|KmEZSLj=J_OGkYN<0y;fy%FQt#t&y(br}H=RJZ@y zeFleSl=s^;_^9l5zIA6B+d()%)oexV^r^O*8={pt0tJN|Pqyp!Cmb!}Ki+p-O`=Y? z2`XP;+k$T?nP`!$?jGxv*r00QBo$R|_cr6EQt{)JwkYYtPw^I$&dQ_pgtz2ftUf=# z^#`|6rSfPkwxVPVO@Mx+rUTrW@jJgV*+Vy{8>PU-J41bP)1__;;d4~T$8suX`D~3? z(UC=Ud?tm&zdBGzJj_z7c*%%9xP2nS_GP8ftf$qCuTEIY9bzT55Wxh`h zWyQ^ib5XIYWE|a-_afk_Ep~d}ApyMkqS$RVtpKm=gYe~Pq%-5t-mdct3&V2W;6%g! z7khshSJk?;0pnY25m8Z6z@P*H=?+Ceq@|>l4gryp-b+NJr8@)#q`O0B7bdG}ae(~|bti3*a73843y+J-q^jkR zWqlofy`ScX^}oPD21cc4GdymON^pNIuh{V0aC?c>RKE7(DyMjn8fcs^L>u-D=w* z2Zif=dp<myMqTf`SOLWTKxi$kC`OK+&^hi)$pDv_9^|ebN*8kTp^1b4|ky z?tkXNy}#CJ(xdwL@#Wq5GVSLj6NDVk#4IYe4X!y3En5PJuf2DgBD_agQL(1Y#a2uz zmX$gbKln4|KuI?H#jkHqOfw2tD~ZkxzD4q}mNLp%A$cIB`Vov`ZK#pHMBmx*jJ2VZ z^3_jS%kFNK`h}ul!nv$bi<8yPn}b4l?@DIzt7NOv03QLmk*HR9d!FK2{oZ(Z-wQXq zG3X5SHjHy-s`IBLg80-Xwhi$HTqCa(uGw@2EN5uiN>s~0-QW`B&Z+L*K-W=T@+M^T zLi_V^a*jH!KD;j$dpM`9TXxvbbn3#j_pR#MRpVulA<*2L=r=^aTSn{FliT^s&!>m; z+rJ#2oa`oh90Wa09lI?>Bahsq5I6(q>lw?drJq|%)%fTQzQuQ&BT*z%F^)3Ni-v7E zIJ=$Ogbu@I%KU{6xM^gfi4~H{33Y8pcv`v9h6S(fW^scfcvknh$G+c6gjx%Y98JV# zGh3UN$ORs5F<;WFl3`3ho>zWb%W1i`7`-u=C>uAz5G`+t3ki5;SvUVWpMD-MZ^^Mp z(=1QB(HIJ@kryH@sKzwiA}K9vw%9LD#yT!~!du)7bS#Bi?Yzm1DxT)5@|}ux zWXi0VoF!&Al5=y>zEWfkpfF?CDc$er*+)obK0*S_K+$xWl;+4YK@vSq^EvgRGYO)W zO_Uayoy+(tn&kL`TTi8mcNf`Te5@3X&|88eAlfcW<8o(m+e1fvL&JK2(dh9Y86QYg z^z;jzb>*4p>g>pA$m`W|td;fS;YGu5HScY&qH~+F9=gc~{t+@x!ViG`#olsGzd_We zLoL;KsmqV7AVE-Hu{j*}Hl0c~ccdDh?~d*8x}!}dUnlZd9}>2)9WwKG4ME9W=@wf{ z&n){scp!XwChJ*?>I+394s*4C`f_?9SrESY?CNu-0M}`5mydZdpnr)|d_EhjnyV)< zWH}YH{6hp^94IaZ(i}GzEyvE%*7)&d_LT`1Ax2sd5?{rut$ZdKQ(xRJ_#Kd$6BB8@ zx))>6P{F;Dk~oG0#+CaS78z?AOeJd_uMW1W>d^iIYMl%vj@2Ic{*9@ruhzR&Oj~D= z(C3!8UpmJWM7x(%H0<@M4Am8%5brLQS)3=%mXCIBEde(;TjnZ}x9YOogoNxJcRxvU z4d=HC*!OdSzt3;6$}_=65SaZKHF+jjg66ptob$OL<4lIfki!AX?(4GOgjcVIHV9p;Ng>KQvgXo)L?wla?F>#May z+BLlcU!4M&+ z-%%6`ml`Z%ldc$pYAKSAMhd4ZtE*9^&Si6U-#>WN_EsINZ#A%p7nN1?%QYcAW~vr> zSSTk$(ejd!C*1X0HtvmQf{X)hah`>5n*~sZ*7+BG3jg;1LfO*&c#L8_JG}CN^_$+n zFa2CRJPe?);;S1?SXwp9QLmDe!B~l&!vK8(ewBn(9Zo@0v#Cj`XMJv0ZAv90T z=@bky#!^x?L@4ntAZBxfjf^)5l+e$9(N_9DGi(3!TMHT>2|l5xgK%QP z0-zQec-ZhEKQ161sam7}F3lM|DAm&(r=rG+7&72m7@N`>RKQ;|A_bX9qf?NjTz?nE zo%VB=`KuS;Z_$vE5=cU=+w#eI_{(ZiAR=%1D6Fh;$%l!6h|oMv0^|<|!OuO`q&=|B z=->E)zxg+j58*Wl?wJ6wJc^SB3A@O{e-rxs&F}r4;Ql~KA*}=nACbcRf-F2_mrsEY zD?NNSTQ`dn5OT#e@JWRxXsls8u*Z|LP}smbol>9>d3q zEv~ewgwBLbjglQL`V%&u^WR(ohMkSZ*GR9HINSN84<&>S7Ds@t{rC!&!Fmbz>F(cN z*}qrZAA%>55@_lxvET|jm0;Jc7d5%5%|CNnXab9=R0O;1;6&bo)-U_9i*J*@fG>5?3akOK6CV24MxrbNBSzA zf)f9&P$^z!`l+gJsz*G-T)r~u`>eTT7fb?OA`ws{Y=%7X1h$@diB5sX?$I5W?T=5C z3*#l+b63hlr`p5BW!f%D52&yqGJLlMl~h-unL}9VUkCI+N=BEb*SIZz@YRjPQx6PEf$ib$xq?q^ z3uH>TN%~#4ZZ{4ZJ+~$eu>V84&KG%s_~QV#X8!arZ^DLQIXFp5K$n-Ezz$qWB4AW} z{(QOX!p7@gnXYWsouDd@)HQswZZ|f{xEbfZ^d{w$;Xs6%4p67=6G-Fe3b-H_&w^r| zpcJ|!NfR5ABldMNS@fW8w>MRLr;b{l6WtnV*Y7?jI&R~cda_e_pr|ti_m+j*sZ;HG z<&WJ#1k>Db9=xrpgV-1ex4w?5JJEP2;-yQl>(bM@NA828S9mH4QEvY$P0*I?**h9MASv^ zq%}TF{AnsKen2Chky|()Gp9Q<*qf2dl$)E_6dRNH^eLdf=X&?(}R2lU`n6GQ#Zi+~bL|R<6k%6l)si<9mM!mt75CuMK0d z8OY!I86<16V41ky>;Fu|Lu}M$N3Yxt#Y&=Z8!Ii6X5z@5!KEC%9U8*;-6%-2PR5f; zIO%0;&6)y>qmCkDIAO!?Z1P^BxNgHoE4JCNkWt2-frTuRZh8Q;!j6~d7#O_6XkybouuI{~Px7UmFB7 zS>(mNW1)F(sw$@4AaA9#1~f^nfTu!C^w$PgPdS6LLs5#_nyT3T%Tfzc_tA2;L^V;k zRYuG>t_~{=;d~Y@Ew(!wGX!NAR+{}yT~~Wf1Ly6DL+2uyxIX7**Gl#NTXF_U_bX|! zVVul<8z;%6Xvzsn{=VtqNqpYx=ibIe`Y|6)w?AQ>8S-(QFk|QB_5EHhh^{-VdI3G> zNMn$ys%p-w<*{if-AH@aq~_+bLIGy(xjGDuKo=NZ%wqu%r85298DB1)6*2|W?lld^ zg+AM~fSIx|8fm|h)yeK1m+_@%Io(UY7#0}h>T0o)Y4~4TO98fa*vPjvk=cK!lJ65* zGH#G7l~AgwSS4AW=)uUTGJTEFAKwNs#kV&49WiuSDeuH7?5Q>e?M72zsv!ArZ)yt~ z2V)MLmwtX-jfl^7e~3f|8qBBPjwW)?Y)m)SSk1qUPLTcu2;vCt-g&*O`#knL8c1__w^<+ zu7+6A)B>t99J$57*E6t>2?$XS-VQ&dJmR$4!eTyDyfq#qJNCOkq63e4@4wlvPS$!$5I09zAf;_Wi67q}ldZdJ z;dG0$UoS{4Bk)W3RGh0I($J~9G2d^wVAETxY8XobgDS}66OqQNXVKPUo=6+a+dKD= zO-RZYUm16dhx3}LWo$yx>O2`Qd*QH&UPUV8TDY+S6n~>7BtUo+H=OqM=C<2~cdvgX zi%mpJ#X%hfr$y3nT+A(Mp^lx)uNZ-g1@_JnEo z>|{#H%dcs>?nh>amzo3~bKYI^9JV7-$VwL`3ByY9DPIIt2Nl07lF3?x`kfXQ?;j!2 zi1}!YPQ%C51Tg5V6j4H3Kk0~VAJ?t>-j0TXf>b0wkL{>g(W|WhaUEz?&XI`|EKmyx z4z9VXqDA6CY5Qbtu9q1v)*ebQ=y$jLQa+dMM4IX($Jlxy9Yicmcae+-2ac=b%*3nB z{Y{mNs)BctpsaP{_^BGdLBC8Dg?JxttZXM8`0!=+L?hL;zZ^hLvszizMF^%7)@C%> zD1tioP35;*%2+ckq<%r!;SzJz-pe~`<=i`Ki{zBfdzNbpgItxX3l{afbLl~a=_x7i zghpOUu3<)noa6YR)69HtJHl|RFYX}UU_cUD43S33^Tc=KStMEh@r??j5roXrvE{EH z(x6zu!I4yRlBi`R36l_EWndCcuNyD;Gkq+Dw-)zJ@Xb#?$=DWskk4Oz1J0tH?r=Il zsfYHY>h^HLi`}T-LB%YYdOmoHt$Lw@OGt2ubb!8rvZwQAKW(Y)0x2>!$W4uDY-&Qs zAIJAePfxc_MLG`(dNqj*<7|}m3=NYv7{(- zuVr+7G9y9aF6FE1lWkE%9uy8nNOMT!Y-(DT-(kP)AhJFg+8h{`cjmI{1H>sxN}E^^ z_wxD6sFnlIi1Xn-sc%5FN3C+TM{h^OS{)h7w(n;S%-i$C7x~Qj96r4UgLD^51_^r0 zXr3YGElCqY6tX&+sdAekOOh%sRWvT+F>CT}Z$hW?l(=p0y|i?*)Yp8NQii(45<@t% zdT7wUc>3B4;enlQPXhGU)095Ym6?)~^6a$iJCUB;9ldM&mpZT1+5)iOy0R9MOlQ(2S42sp7u4Qbtis0P3uQZP2FB#+8Y`> z;B?}Q^&hCi3n8B^nj+pdP@zvYTL0;-iwr>?HE#T|d;+pkG?&sr@cL|vUMu*Ne(&^2 z5)4GO4h3$y{y@@UFW%|~LjVx3d$yd<%0McHlX0>&O4}4I@xD3xgNW|;FDMc>Sg#ZQ z2rG0wMtnFekV>l9)t|sk99yjtotXEOFL{P?m>lX|iMj1>W%HKd_>xJ4h`xX&p0y^i=+^ zL^6{@c|};6HLZu}dtmw304V|ipbM&Q{ivt=8@DgWK~9&CUr`;2S5Cn*ScM;BrF<|D z3B`y)Tb&+Bh*y)4xiNOX(j#jm68tJtXFJ6=1B^<9LF*OVa|wq26d5Klgixq}f*}Jk z3Jb{Te-en$>-r8l0KPXiJ`(Dd?a3WKB&5K`Q47a+<0_tRR8&%e6h&TkK6`FnZh{?V zB*SHa@FDUdzC;Mo6XH}Gn;H{Ldo!W`vA@3`>ZENZR7Z~Q5bv{!BatGdudg2*5+Vx0 zPIC+&7qlo9PZAlNMDG5N=Qx;_Xp)oL+b}3>F`#UX5meCkIOYZF!{kU4L>uQ>t2 z`1FibGW3ooHIQi~bab#kg|Yl(>G`iW&syuD2HGjfRlkj}U3!R90|WFop}9SjN%b;} zN6#d~01q;>|64$;D8=7Lc~k?YmL?3{bWZg2^a+r$zzdOxrFxQ-n{X2^YWboO1I}SA z3qxqZ51qW+o1CM?7Pu`2q%e#6J|u>`1hBW78fgrl9Wn*SE=2>Q<#-Vdjg6NUXoD@f;XaG|#Gs)%U{CJU{FT_Y3tX(u}!Li%hE_m`-dE}<#d~_VqX(z`f z!iXlS6Ur*_ymU0%Y-jx%nwpU2nYExd4akYcjqe^pf_!^jThkSd1rG!jo^y()>yR`3 zz}kI}wfhEJ_h`{{f|OYNB^=kC!6+6}bBSAGoK6o%wKT^(_@4JHp~Nme5y9z(fBuW5 z`zvch6--`s-i0j{rqeH^zziH+>m${kZp%f$G4A9!g-fm2;iG!)EEV+%y}ONZ8MrBV zjpw8Ge0Hta?@bx$nZh=5QZ`0Xm#^pTC0E{!&>KnDciC6z9esrj1CT9tBK6ksR1rOx z(p9~M%X%Ai>YNj|sn*bD(PzAC-Nh>vwxopny_#i~ZoW6OPn}Gy)(yoE_A`%M%Im7NQY?Ce3VY*!fbbA74*o(fj_*ao?Uu8D$F?O(K{JrMv_d*yAoF(PqD3wTHMog%m4!Nx*GY%-=fs)j0JBARWgc{_S8 z(mU4PWfM~=w5hu@8ukZ@_sYdP3LaaTnW0~5W>(S5u5Bqj5wn6$UB{ett6a*IH^ZmS zc6}CB`ld^7Di<#mli4zHRMYVnbg~oVygkXt)O7AakxT}UYC^ZL)nx8-GJ~NK&D&p7j z!v?_$av^JPF4d)rE*DKD8(0s?UduI{Z%LyzX$ciEQvfLBjyhx+KCzgz>2=YWR$qfD_&m+okhc5fY%<1LvEfN+Bc~#%Kxt`B9 z*R}&Hb0l{|Ie0M_QTL&&rZ7#`g{!^?LLp;Sfsc1o=I@u^n$tGnbNVo0 zti8YPmnzTL<6lZamV?dC8MI(!IRI2XPUB$iXb@VoX%nu71=r^0cIP+@@4Pd**b>F* zXPXgKpGmGJo~1b`+Qzgn`!!$ex||~vG7GpAQP?m!0OGET<5UsvN;!0%Onf^rE!KOH z?hZV_y?_~8dttrQKqcg}MwgVJO-tb_IwOy z@XVRuhc=epyt3#&ZP~GeTAoVQmW5jM=gLHaT4bX%_r`OqG^>E+yLXPCwEkGVBsw}w|HrkOfB1BLVBK;dPFsqSXCwYtjvYpmo`MLt=5A!`f?8s4 z4So5gzHCbc4f{@08O@}vIi!^v8`CM3}B_-^Te4eQC}Ln=f=2P z_f=~9h;=22S)PNvXZd?t z)K(?8N@tDaiBEAKycbCAek&YdVrgG|2GG!zUmdQN>XjP5Ya{fY5R{LvrGgF=nN8hAoQtlGsE)(?0 zu+oMJ?ve;+^T6t5xqz#&!}<+3hmS%W`*49jM_bh*lFBcDg`>LNwz^?j@{g#*6wy0^Nhat25n{WCP5nHW$?9H~}6< z%Ap*X;Jad(`(FLWy6{iM22|q(ZsbE})YY8^hKCTIh3^{;@xT$jBIbe_vdQUQ;m`(v*p`Se@IWA+z)?e?%kqpi9DvNcZR?bkR zlqTi!Qt%t1EzP$GS%$;Yi&p&VfDB*6GInue>F_jgo7FW4HxJMSPl{Z0^XZH)C;AO> z4HTINgdk6JS88{lf+tcicG6+(iRB!w#(NVHy}F%AE$vDA644G_KaKj!jeEc(2XUym z&w0XSaL9eAi={B@CF9+Rn9Z@TL?aKg7W$IdWp?|18V!7uR|c~jq@-0lhg?2~><727 z_dMge*RSR$W@ZXB`SQIw1uM1LzuzPHjZwW`gCAA+G1tkDC7s#CK_|C()7H01F)vn1 z4ibZoj;EhRvGOF^%A-I(Z~v$@j=}~$=u&*Tu!Fa}@mfE}sK4<^g}L+d5sl7Ae1g5# zZ$66T@RTuAd(f7-kYJxj(_iwiJNjHXyS@y+z|6v0tKjfJy+rk9>&!mLpm8A=2PP>M z{*>%w#fA)0JimA;nWAeO@^m|VPIB;Q&9S*T*m=5bE>f7Ohjx{Q;@I3;+B40&xh)~+ zxHf$yj$5xSnhSaerpB4>+y%6IvheN#Hjp(c@{Cke1viELOv{rp7ZGVc!+EJhF+BA2 zhkc!=S(>cM3Ll2fAOd-1+!(!C;pb2Aq1%NL39Bn@OR$ z=u$ZET*a%O+gv6u*-Z`o1hZY|JCh}QW*MSYQJ^nA%bk;-L^m;2rcf%eFkns*gQ{fr zmlY#rr118!lGO$2)~8wXJ7<&|`Kwe)Qn@SMm#JMdV!H zU-?pD>;KEmvHNxapmSJ<9pd!ZIDb?RbBN-vzq?79OUHZtF}cd}n?H*O7! zpjRV*=KJIMY4R1e&QW+5lnbT$(4->Mi$f~~oq_pU`TEdi=UtG=E*t(0b@5Wdk~VqSb1?<4J!d-#Kq#(WeKDzK=VjHLoB)Q)3Up+P+-B% zITg+L=Mw|$QU;3&6YU=@6NxRC{+zCItOs$lgE(HEScrU$AdT#_PHt>iu)drx43c+PmKP_ZBs}@J4kRX4Y@ec7?aN4gClD9S zulj})8wp+EBmjweYWWABR!a^NYP4F1uf<5&;UJgQ`y@{bGsYIy@8rP4WqYK(%Um;DeG6 z@5|9A+18@X+T}L~icBa3O7p#UW1R&?w6dRj%t0o+tjMlzh?+%rBrsgiP9j~aOmLvU zghG6NlyAp+?tK{z>kHUZb^bcNd=?U4%&n7RqYv0iHJ%>DT5-sHcXG0-;u?c;hOZbN zSxpJ;HR84^P6otJ?JV@%zzg1<&}^$qVkFQn{8QRxv|JTUyt~D4b=1~)ls@oB1OzAx zFHVBh+$>R|v7vThRd z7Awh>LuNTxPCP!-=|943P*ui%z_Xk|+*KxdtyI?kA&vp3`GCeJ;fNrA;wy7p&%LSy zR~-trPc|w>rFR@p>&^71Zc?cY%st%Qu5x8oFDV?`ZZ(rk99<+&95p9Tv?}Xp*3dYu z1TsHX%7FU_%*DM7$-JZAitBREaVXQZh&re4_~}!o`%$s$bw{orZchyy?y;SH`FSDP zqUZw4*w15@)y~Yd#+0MXG}3XDkmrsIT_{rb*c#79S)%uuYXM_0WIo!VKb-GRRJi8) zJ(k6$$8i}FGRVCdC>(csdm@s{G;lHd5WZ+LbAe5Yn zLL@Zf33;cDTEFLCy#P~8o)N2|HPM@)Q+hjXlzFaHH&|i@3w)v$U3oaocVy+H?cf8*5%DNzeGNe{|*v#;)CPK`Vyu7 zb-tuM3^)IwMGddvL+-@WV`Z6z$<1u1iO8+`H$`JDJl;jTBhF!k?TM0ubd1KNi~#xx zsT*WF*W#qfxCR!L?D#o9H-2D}xZdpPv2ayZI-CSO60Rbj$1gV-=@{ql8^x*ORP_w) ziep%~$8L17-LUt9<z+~u!v;qV$jr1uY1{m^ZSOMwt zXPcvo*eM*AeV^o+iv+WqU7NVUdfXNhe5$@{Tp7=mMEOHDW! zW{d+Tr`f@wa0K~!(21sKb|(z`+N3K*M0R!0$;K|dyjo}AAF{-ZuJJ+gGSBLkEH;8k zRQfr@9s0y^GFRwgM#^d+LG>W2BT#KLB274=BQPoFWlL$sj)2agV0)SRZt(=l74rh} z&;?pn?Fc}zX5f0k0Txn`pc##YODcRl2xsCKu|$h5KI!{Yje4^|4Z;yr#0H&{Emt$l z2Cm5$zLd^?KEmG0bMWUY{km_j)-&8^?1uS@d@oUwUkplOewR#JQBiFP-ri)eRzW;o zYI%O(BL@MzDH~VvkzFfNBF{K!?rN=b=Sl9(46DVnB8k$*5*eoEs@H>H@_=*W>#U9C zzV=~=%W#J7+!p4BbAnY_XnXcOH}+SPAtbnCpO@Kmbp!eH-25SXm03>bbvF367YA7` zA$U#`)D+!+>MZ}S>{C8}AwV0{yy2QkuCLnp?3R%K(O6p2Y*WJqa#)u3XfeD*C2s=| zWs8iPULytujLvS4r9zspc*AU9_IG_Pg5dxD!T;2q$1CF?@PmJCEI+@lLHxW|tmZ&> z>d3~0DPFlG8WFIHo@$nH&|p2Z%eCJMS~NfO9V-vMo`_Q<#LGf>NA(izwNk_L(<8SN z3ySW*HapY&bG-=92ycy@%{?Rle8*voZ2mdw=gxY63AP*YKCS)g*2Zi}c+kXY;)}Fdylc5}b81p7#5<@R z`n$S|fm=;%S>j+pxHsQ?P^Gl`7PX4@v}DV5ku_r?F0^RlHhQ`_5d5O>uY|rjviJcq z{8)+lx}<(m5{!De%Epj+oSzLi(A&*}YJTyr%CKB#>5SPpo1yp9KT1V2Ot>{P;KRL4 zN0TxtK^tbHc(5|qol3Rz!@D!VtSQjTFu6_j8m6L(b!V~XhOKcg>;Az$eoxIix6_KB zwWKK=_D0!s#@4nucp}%?jyo;{cK7EA{)s#L031?Gc3J+PNDcT$Za(lE9a%ZuZ{0Q9 zNO-kWYn)?=P9oMbBfROSN@BiHif1`^i$G`lv}x|+sw7eMV0KS7zY!rd zn1t`V+Xd)n86_ zmGLW><5FDJv!$@;%f9EdQ?=m-wnKjkM`^AA&dZ@ft6EskkG7|6tUtgF>XgSYlz2uI)ww7BQJ5SSPIi# zv%cA12GV5p?IOGNe=d^SX;I(Vg*t3XYOe1An7f!W_3kn_hg~Hhe#v&cmFkC=;%&wxA!=6 z#SP4-PG2sGDZ+!s>ClRmi06>tm2OYMtDo+lbL_1a9+E=nRZp2KKHpxUuyBq?IzASu zVkUcYDA&O~(ertX4ZK6AjG~g7v}luUncj-ywwC?CN^(^xy%M<`%u(#(g~*d6l{K+& zIq1%zko@Q%Wz5AWE<@X)Q+T8`Gms#FYz%9jyV5PWpP)JCoKOR82uE@{LD@gKmjCc_ z&gOlIfsC!acT+Cwn0bs^eaiog1DsO=)%jp9Gg<;5GKj%=6AP*%TtN`d?d-yTfFV(Z zJuIi!kX~|w^$WFUuLQy;-5&_mn!68=)l4Z1`a8$Tm1M1m5mqBs3g73|~_A ziQ?p$X2&w7>hmK;qG+2b@p`Ox$C|Bjfa8bZxB4nh}7on0`tl2MN_erK66jeZsM4o|DkzS)%Kn zRJk~(t5xuFnhnuCppmux=$m?W&vAArRUjOd9QcRd4M*!HVQT6#<1+Ej62;^@(p7hg zD&Y6pKS~4{b*0FYGATsK!LV7$;D@Ml3UD``ElT$u>BQi`&naI&OZf1$USM4ARR$eV zRn>fxZhAbDr5kces1_yXA66&MbVUeXzEY@D>t!UbM(Rt(;RTF6qMb?7omHC+vanJv z2oejCDLe{NV3WLz2Mvx|=#{I-0V2SaJfJvyQe>`KzB%HEY{=$aY+Oga_PsO;){!%) z6`99q$v=J^__mSVe25#CB}kzmMG!{mz(FF1a9T&=+5YD*NC?BM~I zN!P=8sm0!3bvKbAlM|AhH;;P7oi09neIhUpxnMxO46EZo7tRJZcuY(qlQ*hYfU#IP zIHdM19$A9TTn`MHMjq@#JoSu}E@)42Y8B~k_Sc3EU>iUCP~mpuibX1s1s~DC3lEv)g zvHekV<6Qw?LSY27C*2d4`NOp&U-(u4>hb-PFyvTEZRY5qH1_Dx{dg&+qMw;MNFGLN zkn^atnaI!}9Wpcs+pdMl5eqKjq(bxwJ}E(??88w%X&j+pU2GYKL2r~3=uQy6`VSEn z1hyubMIE(C@qb?zS^12tJ?^?undXg@Y2`DAe;oDBzJ#$Kn$1ab$QcL=f`T=8Fiw96 zM{*mTg)K+TZT#=+f`H|a!u{;U(QZ*>A2waDxzW+w=P{fTq$A$ZiVFbpbxL^S@oK^~ zIjmV#51f(6=#!A9XiRywS;*z~lO+;W-JA z`X(7^^SKdRe~(NutUNudMn?}YN3_7a`lt~=3Li@2WFxp$1wk`}JveF67Gr>O!V6ha zj+86@k06f(jOiYsG$46ENTcA#sF<|UYmV4pm;D{O+qXY+VJ5~Kg3z@@hgTEDVh|=Y zp18RYq5a#B)Pw7C>M4R&%j~S5*=QUrc^rBI*+O0Rvuak>YTyW?R2Y4As}+`j`E)6K z%tkb`r_x$|3qka*9yCXWfERK4F9i3?hfDFuRlaGw^CbIvtjkUWv7plv;2J0p+hxd- zcPW+#qG_*m-i3`uuJfgHnM#@4pO{^#CtD*3T=&qL?Ya6*^l@oTr)gy(uSjq=0{d8k zT^2O)91}^9jT5}eNR46wLQ|2U{dyrWATE75GD{M7c;9-ykHuxZiQ%QorXN$fUz24$ zIc4=*e1F_JpVsf^RWzM#__uzFERPfTt8_U!HwJIP#^pt(;ZmQTm%TVUE#Ge#|`(-O(S^1ScavKz)#h?L8`ymNqS*xIT&Qh>qbWdpT6<#>)s zcWUuUW7=3la;z7p*}#LgSOMLhbX8=*FS1i9`eoyH>yg;@LmwwTk12-5&#|2@(I&&;TcAMPWDShmEPKhyeCauQDV^!9fD-cyQPk56<6f0 zt3%TJY|w4P&vSASQm5edJVFo_P?(C}Jd5GhAOFrh6`i-bB%NX}3GABqW25N0TCP?; zW-%Y`!h|2%2Rpq+T8|NmF{vFWC^q`0pQCMAOP_Mj3N5aPtDdY0IV4 zCa{_QYId!&?Ojq!WG!P=15DXA?uTzq3BLIAVL{(dznYWk65yOdVOrDy;C3aE1R%3EM@M z$Gi`{C0< z=&X}fu`%$AkJn}I4Y7cMl+$vw)mX5C*y2(@`N`zwNDhW1sTfk~mPa~2zo3ANEIGr3 zS`bLw{J@Hc0<%snX2f}O_({Hzyh9RCy;OvWc#ZZKsu6r z`$shJv`QJ80vY6a3Vv?$Ds*cxY*QO+prshiY`}MUCEpw;B;;Z@$7pk~`RI5A)N_MW zWxLPJ17kpQ>zh4f`__?E9p!UI4=R0}&sZmpcPqj6m}hrE6P@A7g}JF(WNG1ijNM1Wpz8r;i#xg+wllJ0QB$rAfpYKL;w;6Y z9cELu4)9%wG3EQVL))%x=6%^WDg_**NKbVnif;n1(FBw_>b7R|!)oL2IVP_MW(O#M zU&yLDaPT4H65Mxwyt=nqMY6xM;frxTJRR`n6V(S!v%x~&Q4KpYQo%r{K)FzctWw^C z^(Ipqu;s|V>%a&F>zN_^8P+$}@JXNJDjj#5WX%q5Az59xd6-b){ovMJJa^bGrWI->DIBRDlhiL-DIRS6JUbC$E zwOoNgnz>AZN22Cwwl@Vfh%W+ZXxZAxM_cd&=*cK^spHP6x@wE8v%v~uvaSbK4i=Z= zgSz$?-HGa!epS;?W=kqZ^Bjn#K0DVkt@k5GOHRd-Rlg+W`hicCle3 z)@kMQniLX8TS@eNpXD$e8*g)>5!@{4)S2nfw`{K^O5Ue=#;7ai%D1rVNgMmnG{(9k zdCXLM-^79Q>;s9{nu6;MvZ9!gijEx>Eqf*Y?JkAoqFs!nVb;9W29LHBrs{yJcVSI4 z^N!r)CQ!=R4OtpGO}%EZ?2;G%bc|c#Ve|0jP|&Fbr?o^%={Z=PKG`$6&y*3-ywM;V zON>X#4y#(7*?~^Hm*vIJFAK0t@&;2J-@Xqq@7kZlY!23>(}DA=3Er+(rkwXp5njbl z6;x#suk9dN863Ho+r(tqRkCihl?lVN5AxPDBYCV0NMCmq$&PM)#jlJL z@E-yX*Y-nnso3wWx z&lmK@<`^stgmYQI`kdZfonK|RXfD{h2un|8OhZn4MqAd+EN`>5_N5*GK5(tTRBo+j zW%-UCF7`~rjz$nHidEzS@nxaXtue3B(U(mbmQ#H>mbJ_-6e4fWOH|3)9(WSS_)vYJ zI@{PkGL=y@;s;0Ut_C8g~a*S5!D)6d# zV_Y$gSEqswDql=S7-zR;6b%KsXm<-obf>8#a|Edd2}d#t8G^PO|7_easGR6gM_af$ zUSBNP^;dUKc5++`@5^>^*05^nHZIZQ0+p6@(`t0H4OI0ztT~IQTb=vpwoHLklV+fU z1h@3I;kP$u1BUi9R@?m1{)e*R(z$5HVPrRts#SaWtJ==SMmeQ+;uSbOMU%gz?AWE4GZ?5q3N z9KPSUdgEpYV@Y{kXqD+;q1ikzG+ORV$#??;y5ipK;c?|fuhtko3nlYG;fT#qSE0(i zkgU4Xluqy8di!v1^iB6<3@RHI;*m+XY>z9*)_w}pBCIM|9OyIk{t`g-R1ZL@<*GE7 znUXFT&*e3?wwmS$Hr<^y5+H@Ps4LOl)A6~s-T!EGCP;8U!a7NNZ*L{0a&_=jBf=71 zxl@pp{ESr`roPl;4qMiH>$MM7dS7i}@R5vO+BLe>x_sm135W%lh}n4kcqYR$Ocud@ zyvAq{dlNDH$tOqWc9&2!8#H!(UQTwzNK}p5a!ugJvCei)52vXh487f~!#$t&UR-|6 zHdc(*9XAvrn~L47U7Itrp<@t1Oi8Cd?alM=SO5p7Pql}p=g80#VmIw`ok?j>BBM48Cp4#%_}HQ8|` zSeOP!Ki1JqxqN9LJ-u187Z#7oq3isCh_sS+-_YX%`I!1t93>o)+^5yh(~W!6W8Q%7 z{2xHJuR}PvQE(9VvP5jgoqVdZLEGqIyZUN;q03F7jNaAwhgpcF3=R(dIKhA$ygem! zNFr1@PD^<%czbet)JrK%SsB*YV!m?p?(rTRELATD>~H!XzrcMxW?fw9z%tsoN7Zun zb0U4rjn6@EvWF~p59h592U~XmSbtp4Djp+Z8NWr@Kf4#BTVKamG(@V4DQAOaua75$ zBYfOT3VAH2f12*cVyYRLq{HVVqfPx+$8d-H}u(p95c@y*6@ zd;$*E7%gazQtDi&I8Da+{9U5p#xgf>@{UD~a%XjrYp>2}*8_+UK7XxP<%z~FA)MxlnbN=7 z7i5kUo0YygS@ypSpWTGc^-_Xq))|M=BxR3@s6cfJudC-+1{}{ z+PG`lI~^tJ-9rdv=M^^lmGQ04ip`G&g`1yEfLTPkXp;h2f+%RWL$chRf}*EU+fo-`(^E(|NUP zl)Xh+6O3Ya2EW900tm}kKct*GB7!=G!*}(&V!YJL_SLMGN3N{P4L0FY9aezBJ!Rca z;n9mZEEF_Yj&N085~`Tb<=*<~Cdh75h@)S)aI0i%aFl|aGF^j2BK+Y>Kj(9*?aWjZ zt5ErLLO6%1?Oq$Dd0P1Gvp=?nW|A>?#c8yBPS7X-0(@u+*7KpK!US?WFIexqmqtsHB7DdYWrt7@0TN(vSvz# zk8$6;`Yqma4A?pX8kuxp6U@;OC4C*#b;nL3R(kQ#&X8Hr@EC+u2^}izcy%Sqbz8si zT`r1Wv)r=PMyH-?RP0_m)ckGTRfeKY><#hQKIav;f6`pY7t3j;<}}l!?Fnq9OqDhV z+k*={XZs~$_Xqbkf5&uILI=y#%guRhbwRTH2Osi0^#KsEF307O+S3Ejl_g5da6niw zM>2b!9@UAhNFuGH4SH=AFaVGOZcOt{1673u*(o-V;nv7zC8c4srNem=R;s}GpeWE) z{=>ahOQ0nd2ZS$}-~9Y!qsGB%Ts>$v8Zav_p6Kt5;0P3~r*M4kv`RMh$+?S0Zqfo) z6RT+2*pMc%zFMkWo;A&?#p4UomPTq#o8zY zbSBj;Y7y52Bqn>DM66pBR3t$>kv&vTiND6?`K_v-+fZNG#t)nXATVHEAuv0 z+tPd6ZLXdHw}i;*uQ^-a(JJS5+1wq}neFLma}ZS1%uH?f8hjGs*zQt-Ydu%^>@ITUfc>0pu?%zYq~xVOuMFTFbkyjU z*m+99^p54+t8|DFEB;j%)gc$GXV@?Wq|Q+Bat@Sd z*uPVsO)Xi=jjLO(CoigoiH}8yY^V|Iyxhu{*Rcw9Cuuk1Iv)yhaz0zBU3K6bj$W;` z>U-x0H|pfpms?*v86Iwg1NoD#7F!2b1PlHok+f7)RgSyiCl=gQ$pRDb}Ff zkc(#|zVGAQ&pw6vW9$>o>pm04bY1m=j45}4`n+`5?O@w&(@K`s;jNa@=b%XE^-{&# zOXD@wxf@TvQQvqY{1E3XYKSJH83qyu{ArDK0wV-=SDHuKR{Kp`bXa#?cb#1hg_x`O zZ0Gs)0k7r(HF|xR`Q9!Sd&=FSr3f}d+r6Tyoirr%vx3n%uJ6Ucc%pId=V>7yq5V!F z&#e8`UL8!Ob9-MOF~(_%5AEtSTP1F4Iw$X8aWGd^*TOY=nR5HPtEbR@kdVZI*3#BS zQ5C^x)j}cFTFO$y-Dmfm*4hs4WR|Z~h)<2!^lCPc)BD`+t3t0d=^nh^MquH@8{r7# z#1ED!4{sl=Fdy7JJGtC|@M}KbP*N&DER?MyTJNY9ij`W<7gmPJ-TuHTLPFE2t$-^w zSY+WpGEy1NyPj`kVnUkB_W~G0`U=g|rDFMcAZx6&Y;^@k>D)bfbiF^b@xr%lB5MDPTPMLHoN&CwCdu3#oP~&Ys)R^tiv@($Ye^HeF<;?O9lOsbMe3 z*}=hKEJQ_1VzCWavv(FOpT*r)ND8*bmrBJ)!p?TuZ3}>L@izoFmS?Y z0(ynCXRI8<{2mAyDG7M-#xHCk!e`-!N5X7J9-l;g#Z`oD-!CF{?(4s4IA3XD0LA8b z4fvdibCI%7U%+EdP3f~A88uL!Q-m4O7wHGcV}kp*JCWKtqEoELq-pOygy*@PV2eI- zYOv!(2f)whc|C-m_|aU1Dx5>g8+gnkIyE=pW%wGeBGw~!=A&3obes#meQmi9p_|rc zZ&8GdrXteHc=96Sy{8uup`rATK6UX4H~NlT(x(Cr8XrpSorL}7J8v4V2)YZCP$C&r zVqTD%h@r)l6F}|;!%?N9Qr}*;LFFIUf6V;jEuy_I9>bq!I)$=^>g~rlGp?g0ZK3js zB!UNf7^43`MMEEP!}duzmsyb1W7?vlZq-NqUkRXC7ytP0OaE8W|36#uU-kH>5d6Ov z@t?c3{;MAUAF2leHZU*5uZ}o^&ut6y0av&c6Jb zm~*|uh`1-VjV1+YViAFcKZ7$r%py#|EtQy8jU6>5_>mUDpCc7yiF5Ai3A>-lZtggE zGbDXriEJz7RBNpiBo%LCGWU~5e4$(}K#0H@DJnT6-U{rKI`UxK(`=lO3&A}3i*?fu z2ZL?`b(U!LNhc~bBG=S(4k>8(`U7`ESIPYZi%?Yx7?J4{dK9)MeWJkFN+y2!fPID$*j-4R1w2 zMM^*#R2oD;x_uj{qzWhvf^-dc^*%3o zd2e+Gv+hoUucVbS^_alifQ__l_%)^E@e3sI+@u z9BAkv;rt!I#^-}`H-C9D3S`u^3l}qiI#M#vLXnBOWv2Qb&KPbZosP4S zgXG@qfi?Cc=8_ZH31c(ULA1S{71FDN?w3`U|B%X*99WU6l}Io5M=bzsBC1A!t`OgS z3=4>=`n7L5D6Zsp(T=(n*Y>+oj_e+#;_lrIoR=L5E2$5d_u7b=)Z6JE?kpZIgr_N+ zTs(wOd)29kmeB8~mcS2a7L4_q`|M0H)&Vw2&R}POz)0L{@%vJ?alF zTvGRvCLa+aMTkg+MS1OE*K>8$!TWvEN-Gcg=kzJ6UV zy6B+2miW&)EgRG3qFb9Ib&NV&k0yIumRqX?3!@oYB{+WxZU1-b?O1au`)B6`WMkWq z?c<|Jk(ZZS=GPvC!l(7LMLp{{oEo_r`_B{c?#uMDz4`ig)dUpv-1^oJa_vfh|B(Au zLlkfE6;BlwnMuBt6q}otK9l5H=g7NV-a=JTghgc3_SYu*{fuqkH;q>x6u#IpXXYzJ z>)0O=U*{ybwj%O#rgM|NSHS6JzP^{e>NL%-)yv7qNLnY-OUU&8(g7#5+ghLLVz1$t ztnN+bBK9>z8@Yhl7dA&k3bWn49r~P2emc%iJKvW16n5OT{lUR3vtI_~Cm57E;*-x1 zip`;77HwH5QxQ%gwAz>1TOi_Unn@%@#=X3Ew>n3^#Z!_*a;xA#y{wFpzuVpvww?xT z7uKK1!O@Y0vM@hCL_PI)r~0Rx{TFWSzs>5O?(xPsoOY6sUsgP#_-8TmisQWUF5ru$ z$-%Y3GKtO7HDV73EZ;#|_$3%qyuzwN=8jB5#z;fgvEmbu7?(Q}Bg~Ve6t3qm3mJnX zzGoO&sNqz9*m?@Jg*$RuD)qG56IAfV{9*+O$i_z57%<#CSc)Kf~gTunu-MuMVkblGT zLlU)-x4it)R-bm>@cZQ!zn3px9#EiW=Vy9;0GAUOhNSo?DzvhO8B#~y8C=&UxUSo( zDa4->;4M?qDd5laBip`aAx*fgEWm%Dw1CqF;>wChA6f#J;r);;By^fU) z^m*n-r9zQe`+WJSjkOBtD(S-cuEp3v#c(=J!^PhD%`N;8noA$oa5<4=V{XiK^uL+{ z`PB|t8+r~ll?le*UUmy#oPMFqwp{j~Tb?ZVk5TvXXeHX)!$wC(xAyd$ASNcZgB;{> zAP#T5I){|5QBrDEI9W^NIQ83EDIFI+dsffQYpEzSJ@$#dO{Ht!+60d_ox-a#Ki24Q zOgMX3{m72Pa=NB_7Z3fVp#CYb|KML#2oN0Uc)BE+m#sri?OQ-aJIz6hF4>^d{i1L71;T`cefL`_IisdDJNp=mCoqovv24Ew5&Qw@<8InckonNH$EgOE`CWf zq-V3;eNmg^(C{L`yKHS@t$vkWTuG(Wp}Y6iT!waX8*myUeu+O%LX$23=@}uky-?4j zk#{A$5^W_#-5)uBTtI6i%(ZnlP&e51@bzuipXIwQtyTgp#b{}e z&}z4L_%LxV-(yup(JZeC%49uV*h?(Gk73OfVwm$u{~z>xzB@q6 z$>>O=o3=yNZserb#$5bFVbjK?{Ik32ts@FF#hzQMT01r52(ekK?>tD4l#Xx&voRL6 zHQ<;4w^kW;x5uLOYad-umLAO`+lal*r^*+NjEp$y&pigKBag?RQ^F}!zCKKFs@|tI zic`fD7Ps2{c=Smrl|!XYmU$oD_!x96d?Asr_53;GRcKy?C|~8AXRF;{sBDYHiL!G& zXRAsk7ZZ=@l{r~wK;6rKAk=mB`rbv(v3WSP!dVQxjC`_uZ+Uc7ZHe%c{hvGh(M230^K)k1a zS<8;Hz`Z?_lQ4=iBb?W{Bg44KM=|mi;-a?#>FZNH*L$pPsk?7+u;4Wo8}DcI(g&QH zUQ3psoo##ap(CLd;hr)Av7Ryr3{)L>bS|9i(;fdLf(c5&%D(f`n~Oms+)%~}bzy#y zcS<>=b{B(U-;T}$@4P&d*XlT_66HQu()#5KX_ePZPVwIE)=0MW&X1A%=8ck(8(=dv zhhB%K-}>Ok!+aIF8pz(Daxp!jfmr-5H# zVIjMV*W?36{~zCyHK(*XPGXoQaP;-{?dEsZ>a&EM*^b$pefBNMGi6B5z4^^A=jOMh zQ5*8QfPnPu;!`?0I-8;3ESCKex7+Z5MNzsV0|N4YjOD-iFB=po>TykE6*ALz{Ie#i z^r=igMFm})9##%5kn0IPN+d`mJArw1e*V%Kxxm{&sy0dMgQ{4CAzDU$g@?RmzYDE)rIPs19q1 zbdDxv6%a&0r%_!dD!-11Dib9nIa1H{K7@M`WCMUct}~3GLHZgO4{@R0=z_^a?jlr4 zg^Ow8oel<(Z!TvvgWCNwBn;Va!zK&;gzg`r1^k?{qIEF_Fl zbO~|+zGTdD7Znr~5R(bC{f@`(%g4bSu_ay`Hz`8ylNr ztlzr3X`Qfl}wh|$SUu&Rvpya%CLi!?0}HGklO%H0PCy2tKq-=A?hJQ5V?3# zg$JjqyI6Abn%Hd!E~4yLEjVUPX>mfy%*}86-&9m=ZEc0?^M3-K1sd8Qk|GG_=$n4u zazi?{YV5mlqgj@rR99*p`A1|_iC(_;^S>13f1$&c@^P@X{M)zSZHfyfB=lk-+YZjo zZ0GsqFPIVTt(;W(gfqDFBe=D@J-U%hK3}Mwc-~Ec)4ls4rUXa+{w=~iZrpkSVPU8+ zvRYEZ54NzhyyA5QS`4GWqnFV0Nl(LT=MLOlL7Qnz;l(mzc`GU^E~hj-X9{ON$uD1- zons_Uf+fej<30JKtJ2DllTVE;(D&#W!;nS;p_32}Gr#7Oe{U3s`-x(=zpE?kVFQ?s zhxvl|`(@}Hu|_f`gzxy|y#k4YIkx9y;$Gr0xJ}h+<=xcfl$Y?H%h&Rn^H*QZCBWXr z3&gFZBM9KY{YbZ^rWAJd`)%YwN1uRRxR%HZ#$s4OUyXA!ebG`!DqCPQi~=8iq@!h3 z+e&u6fJ4S(?ahD3-CUoOg0b}W<*U-xw|~7L3tr&EdOF%u_NQ%=+B|U^LpaS03=q?m z_-zX9xIL8w5Dyc=dhyk@6Ovg*WFksKkJYeiuSa07{h zID{{af24tN&FQ)wpM62JGaRnbqZMtw(@a{dGM}4VIILm@sifU+8)>9_tm#hF=#F2_ zoMND2Q?bBac~l=YqX$uKKlikWBIH{;#L^hhf-uA?Y7C9XO3~;V4(f(VCM%wx7cQUX z*3j;a$DKkZDOET%mwZDeDZR}1MD4i19w@#F^vQoifcQsN#EK5sFT!~gX_ss??*+*oenS_IOz!=~W z4*3?neUKR@+hbV478}3z>7qJX_oGx}{9X>aXQG|mqJ$@Y#@EqaWNLvgUF!2Jphm{1 z9cMAx2hq6)rGk+~RWy->Rb;(}gVZ)N;>V*Omj-M26baR@t1{o3s%ho5nko+Cb<`tB zkG#MXi~NReXASB<2uJjfdk>?HbN^i9Fn>7a)DV3MKJF%<#Sx!<_`|8 zQrM7x&pG7BDrXiBhzsXEbAtWQ4;BA=O#Zh*{7-(Vy5~IVLpo`Q)FSMQx?ej+`tbR& zd}}`LA$pV23g7g5px=Z{I`>gw=l?+OBd2ZS^294Wwi=DQ5CHeZc95LOmJlvI>(GA6 z3?BBCVK05rz+R*=8_=JRaXeAG8nBjGj!LVwD{UL_N`99_cXyTP3ett&8fVY}y zpbfy_CsvaZ%nS_D3~n||O-{{;y1`yrnYJUnrbr12Yfs7(P9(K(Dk~9fEf(Slsy`@O z2Wlu+(Jdz{`%V}Pgx`axp9en#+4|@p&cBQ-yqBD-!-a=CSd)Rz!TtQ!#1ur%I4P7c6)E=Oe5dmg?MoqN_LU5WcfB2333DH>aoJ-b zk|FgGKOg6DU_Qk|hRYb~T`t^87egm~zoh*5DQxJpK_F#SH{FO_z>}l;m8a|c>CS>$ zx!vr&jZ`vSm)1~o1>+PdT!4019CG5Q-i>dC!o!D;W+_le+5U(RleE6DRL0~VWq4#v z^J2Al8h(N-A2RLc!)J~Cm|*;d=k4ANO^=m8jfT2UEzxA3s1&8$@XsIrvGyUbn|vWK zw^NN$0~vN@BAJP{ssT|_QL4%5X}_wiHOi;e_i2JhJZ)mVqkNeB=?qB{HLt?=9Z!73 zhcxgd1ZYtGdIEIH{f6tyw{NtD+XKuENx^l6^^eaQ9-C#>2^4?Gr#G7y!kPrBxt|ai^(cJ-r}>R2e#RG$q#VoF zI)ucqZ&R=A$B{pANgU||z1QC*H24J92V8w`To=S(_w^wD`%Bq8PK{ZBFZu`4GWZaD zF=9@+51R4ub@e-${zYYJy>N9YlkJbitHXG_PNNMUj0uf!Z;md!U@sX4G*)|=JB%09 zgT^Z5?mnO~CVFh(1O3HN@#`#+iqYpdvr1gf`&%#$%#Ytc_w`4BelCJY%Bs@10PI}d z@VSmocz$7OY!tzaxGnqcMzbM{My!;b!!cI=(o9DT-udGPkI`UmU=GZiV@@5s3#OHI zf*J!v4r(ZVP6R8tB|b9kyeAg!Q1^!Sa#+(xGHzM!Q}_w&tPk*iaslpV+E3hn3U8p# z`CO%4i&4WQKii(r)g(_BJD@m30r@@@^2bO6@|`}vkI0w(!i~40HARV?&8l#@nJ*w5YRrnCa9SuBpN zWg~<0dy3b7_VKf^-sB4iAU0u!%tGWB99&%fl7qO1pgwX0{Tx}um>b~=Rc)Gj>`_|< zS2aZ%;0J3TCmu6vI6X}eV%Lrz!ZSo4YGeNBHqwOUU6*ZUQ;0cfTe!8(Az9YVRS=S&){JKPNNTK<7Nb%HrR}Bs| zQaKGR?g)N3&x}}eE)Lw|FU>@6P(Qw?w&$7mFJp8S;;?AQ;8+|mK_>fU@Zd8m2+MQJ zu)vLmmU~Xig43vQXcXNC1Rghx({g8kY)xWQFLzGVES9Qjudsx2aHIdYy3V%C*yfvu_GZcfYuf`+X|I^^6Q*i}K4Jj^JYeO@ zIRnnvWHJ0I>WJw8&Iil`AN7y{duo~@e#3hobOVUh#TDHV>U6_P zt8UZx`G=R5O%rqHb0PuCMfds8P%H%Ub*ZyxAZzhtMY;C_lNYcrbme8&9JCT*k$3NX z&p-0DsEO`{5#jse$DATf0hBi)?HYCNR-9 zsPm+9+Vh#>3`r=+W%&vNile=5F9%zdEU$V*b06 zQ+g0vEgur|YDY+o=&nQPtt!*Ar0NICmB*{ROcip+mh8=Ha%Bt1Sk*+}GX-q!SLAZS zXBOm5rG>y}Ub(D;l-{8|)kkj#%O+H7)Kc*x3K3KPB5n!$k1Y-}2XJq;sf*JkDdCkT zh*?J&B_l&U1TAUNQmGI?Urs9r@2b9vdkqiOHUdQ*URGo;4!7^N7i zh)g4z8WloIJ|g;Yg|Kfeop`a0D4SKmAm`_dmRPnB1acGP4^s{@YvrG6H+?mcF7wl(voK6lZsdQp2Oa>m( z^y8%UemJZ#{JyP8`^Bbl`i5ikUei%7pQ2L7&b(^WJAWKXa88fFXV%eXl;^@{hA5iv z!&j1C(jAI1l%j2^%;)c3T^keUICzm0SEztL-4nA=<|s&K7xv?E%A2q|W&^PLH;MnbfE?pgKhQE7Tw z!|u={WlQf}b6mzlut{xgYxmDtrqPqY{)Yk8XrbmDHP|o~e4-!#eSnOKqr);v6rUBc zc4yWeo+@eydc@EADzEQZ6Xio*s3QLy252Y8hckH?Nq8t(p5G6x%&)dSnh`)P2gn5d5XTjQ)ziZ?|vX9*lsrDoDU`g2Lwr4Xu*6GBitLMIW zKTNnn3Q86 zwIZ2bf@SgtPbJQSSOT%k=4*(GaGEjfgN~?c43$ZH@)cH83U`l`j``hcrXf!&H9X-* z^!}1eH-k1cBq5)(ogAQOGAJNS_V9U9;r|2@T%lTjRmSMo zzjah@`EAnr0|n~ZpB&wQ?uLMF-tY~(G?W7TC*MBupE8^a1!Z28?&2h}R-fL&hBN=m zMm|3!+WYiK_tDo#We8mZQ&=+kfQy~{e@+C#@!?4Wuz zQlxZ7(8?84-DxjC4C?b!I)lfTNV|(QDYYxBU@l7R{ zGcmYGDmSj1QB8qcoqy+Y)!QlK&0M&T{{gS+p^(^<^cpt`h z$2e(PvQXsw@e+%I3+e1b^crNHU&E2TE>DFx_krbJIk}KHFL~^-yPHv83fbbW0#)6c zoY@t-1;XfSq;fz#2U~#*b; z^Fyo5qcfTC6Pizq7YlO0?HcRSrTHMYtHMu*dLS0E;ph*(=duODzZ6jOJXuUwhA2A4 zkW`M!ra0m&)k5G`sv^S*VAE2I0!4Yyf9cevxa1E5LDFty%{#nF#QJ?o@oGFCuj%N* z`HW{3ukW8jn6yMl7be==sozAF8X4}~)%mMO6}_PH_K#YCe+QM?9#y}d`>=SlNHQX7 z<>%9c;Rrvfy2;g!QW1B-qa64N5v3i?eqi=rDW&JBLpYz<7``9Ajg3;oB}IJq$78PG z`6Q^`gM=lMTmdB5T=3s7nEwxQq*!%4F|o2?uA=NKs}lB0VNm?*c~K$FEM@F7gn@UR zqcRP^IJx}@u_pt zdYO{510b6_uzwtaN?~ew9*(=yZOL-E1w9k;|vIxt*VTpePB!C`TUMa~7bO zTFqdC_grb?Hbb8-!4MOcm(1Vr7>TKW5&Rh;E`Vgq7a|H4)lP@&9l~>ZQwj)aD$9f< z3K``R^3M9-NYT3YOy5S4zD6j|LU`p#Px;Mfl{S}|m^|5@Jn>C=qNqLPo*l9FD&(b! z_V51?K5;m8>MH>*4#7!+lMkOgdlvZY;mvM1Eo|vgvWit|?J8hON zIANBxG5zYV&E>UYT@`z_+mqOdyq9&vjL#l5IL!8OBvMWH_%ZpH-WAJ;$5~B@f6(ca z4)8WVqVecHfX$%?IAyE!zKnaO+N+x6az~op8;dzl;iuw(CWWE|F%KiQTebJjW0A%)35Bq{ZkDM43)X+v4j8SpKQ zd>oGGYg^)&aC)5?{bQx_CDKj5rkuAMkyT5OIee2ZlLnGO9qb##*q3-SoOnShuY z><0~$uXCd}>)>MEV@>0#SUxvfkKy>#%-xQo%(ypQ@Ng}u-^v%zik(C@*ITq`I-~WS zkd%q6ei^+rQYe4jbV5{6fY_mI+P{m=)vH`PtPZZ@e^GmNE9&-|*eIwvcMnghl# znPC-e=KRDN+{yHLZH^*K~KLk1QC7m6)+ANmrEc4jg8Z{LpA zqd(xT9<4o{?+FL?OpJ5=73TPNPkNf;t=mYT%ZEvxE_ z;?Agwj=yOf2MB2qQxUljS9%=kzKZH)6go^+qJ$ld^@KFTt}=XpDE4t0e>&@ppfn-7 zokFBJLAMtD5~c$z12Pk(o${s}{8D+InyV22 zbAh^UZuI7i{Y`alLGN&@Nw!IW{y9$vJ&CQT3mxHCRPUd=7XC&mg5yR|MC$w;A5yUY zA*2oMj4sd$I^36)xq=MdH)Wib9`V=J$mZ3J+WIj|voqm;aA#5}yC<2}|AoK;EX-y1 z%2L!rO72y2;KjJRDoEtqGFr8v{!B+s-Auvy?MX7EKgb&AE`b^*O5NOPM@G3^KMy6w zXp=5+#yEb4J#@+y>u%RqYV%s25+wzl)jmAN4XIaGv*e{={H}!IrVA{!$R5(Bk`&*+ z#who(lcp}BmHb;uRPS=P zRn)O;*Khkn`Ra>M=Z$i^oEyI9!cCjN%J8@Khev>wv5wzNEdmJY<|nofSr$BUm+eQy zIX^=)wKX(j#HE^}CE{;TUQebwf4n`sKxvu$t^7u}m?$xVDVkKN(JP@yVs*kN13we1 zB9lF*_H6=Qo3FOl6u~XEUi8ppW4;mef+kV!F4Fl#o`H-UL3y8FZet(6$_g5r9{AW; zZ2GPyjNeWxPa$o42SVaK+~3;HS2MI9XeGOhsGwVU1ZowGOT#(Jtxe6i_j|g{&}XuswI{pukNU| zEnb#*^gX5{HV-hfU`3r|*xn%3PqQ0Sfhdpr4eLuF@z%vUW1yIMdeexAt=`|xO!I17 z*DT?C_EiscO%hPRK+)7(S8%)$X2`--v^vqIF|?a(_!PXoshNTIyO1y`r%U=R&RVk& z4O$92;2dxtB_=i3hDHx+^o<^n7@pJpc{ihf`+7$MF}2du)CtH~4{PDwq_E?(0M7>RKFc&Sj>y>*sjo z%(Swhm?W$J@vi1zkB&=#v;*3lG}CZa+1neY(hWdF;fm?di>Sb*A&8OcAXdujm9p>l zKQ8Qnd2q)`F%uC{%Ab;0eD_hx{gcsS1lu#tT(^3459j*YRC<{D(|1%|Z0FJ-^%2JG zy9dNvz>)SecfCF6d2V_#PqWG2-iI)lqt^xM0IY9KamRy346C=Pp9YPPjquSytL-pa z@dP$jV*SEQ*Ot?2c5Kz%>;6(@jOoV+f!X-}B}7jI3{3HJ_LLj&dW1rxW2ij@X6OTs z^zP@}u7Y`$)y^V4L2)_aA4I8d;O(x6iI`Adsb-+Gr1Ry71D}gSB6}INK_gwa!7}b_ zZghDL*{;SG8A!6p9hp0rT!S1aA(2Qe2M3x`5OSozf%i$|kPQSVz2N%y9R;KLcg!?3 z)Y;+W9}YvBaw{DI!Bv8^DtvGd_-ZOL&yhL@S20WU9xxY2y4dFOjI@J*n8PHgVX3Lo z5&EvOTq+L1v-r%37E_7ZaHRIq9Je2QVD8l`(WpOAU2bS=O^W*PQAR%{dht5sBh8LZ zYJ?A{*+41K6nTdsGek?wA^obRAf_fUF+He(#U-U7cV}tZ$AOjP`eM%hy4f+bGMllX zdO;d@E|JQGCTFj?LB`4LvKX5N9GR+g-4OLxhA0h{Idcax*9XcMosAypurjTWtAr&L z!ZrL9XYiQ|o=zpxz|GQ3&7BE`o8?nf$V7eSX|9E6@z_A4`awU2{?Z!itQh)(TR*QB zc5(_ssdMAEPWKA9*^1NA!D(=$I$JsqYHNChd0|$Zs&;WrsYbiM%=9MTj{6$B;w+(c zB=mL`x^4(!)d;$n=kH@afdwevhuR|n)gj#?Y0CL%7iqV(87jmAY_3cV)L8087r~L` zkD?9n!00^Un9iYsw=9_4*oS_uSqc~FQYj2M0!~r zL{4=gWr^kRk&WWwp{Qdum222FrE(w)?dO|J^~8g9*I-vP<8(0p2xB3bCk)y?02 z3B!GGY2t`DV|f<-q^sw`6@dn=!M z^%|oq(pjd^QG!}#N!OoM=ZwtPInQ~pZuOq`Y-xON?B+E8KJ@}vSWbc4nd6YlxSQZ; zdkXIM7|k0Y)b^FVu==@C{Rn7hvoGD(Dou|$-|*Ii$aCShlrwkRfyb>%B~NFA1d6ad zeGxK4qPKh-8A*@wQ?02)9DYWx5A?T~4ieLU5tnkWZJHb?u#aq6Jih@EYKXUwn0e(r zNz2_M>MFNEbZcXRrqF+EN%gxA^}}FrUpex6sKl<%jPWN}y;5SCzp^n)32~f(=pfm8 z!ad2Q6Z@85#3?=Ag?m0SCX}1h#Dog~5_K$Z#y5>DQq-(SsKuLcRq-J-+ zvqnfBSVOHc&)!rIJdhuLyvFm{jn>nts(2%prZqMAT=?n7{XR*MB|h*;nIH<>wd)C7 z9mqJ0JVNWJq29Y0r|c+QAc7BO+U$K+gIe^Yn8lnXRVH-lH01!nnnXoJ_<;cX3X!c) zAhOiT8jpS+$rbLmR)eqC7j0geNcz)CF(D}S+FHW;CMao2cJjA0$c?3mI_no9eaO?9 z+o(4n9l+rxL?GVw=sW7%!K=r4&q;ayaJYrLdl3>jhxb2`gL!~kI4^Y^fwE4$Z&V)) z2U9CsefgZl5ex{{)>u6NI0H(pU@kQBL7 zZf87unc_A2{Rop&92QWOcvClUD z@nw!Qg*yLH3-EVF5>mN!v+g6!^_nIHpXr1JvUEjKpE+`-X~Et43Lb3_0ctAL{!ZGR zD1aq(+GS7w?hpM_WR1OuYv69A+_$pzD))}5@^LCgNt;`zqAi$hKqp;^#H$DadJ(F1 z7;%I3v20!DMlC*}a?H=Dqg_0F4|5Rrx^)-XQK>SaGK=p&TkRTV>`&OH zb6o>B`FzTFrTx+Y_qI#c&Y`McRcVrw&}Yj|oO*kAXVt~Lp>!sT$jm>`&y*n80^j5P zD^N<8VjZh6P|D*4epe6%;LQUyp})PWf0~!vApC>GacYn^4Q$w*IEvK)?9s+K>5fCT z`jKn@=vu~OT7^!!5~VW*Gd4Uij!Jsxj0Bi*9LXS%rIvfFt_K|B_5t%fe^9{YOQVNT zT5s6LclpK-F5QtuY9V88Lq7N0XQHIiuFOsgnt{fP9u%)U1{#0NsKb~T(fI0R4%ByP zK_IcV^wQ;4ZCysH!i0aoaxy{iWvlm}=b&!*0>|0FefLe6pqIJKytB3=e4@JZs#ta`u$r-n!C!&%3m(^V zl>Misqw4(5(KRy8T}zyK#DmRilqmEtKSq6 zLtVg$J%%rlZ>*o8S0$PLbCZa*{%4Nat2j%Rq|;3Qqx@Cd>4hQt?7Fnhfu`p5^+#&A zdPHR`#ailddzhh2b^l9Wu%mbkTIE95ZTg49m} zTfSyJ0(vMg&=>G`PxE&&@_(dSK;=&oM|i-cwJl6SC+zCM4gHmqp!qSl`&|--y+VYP zqGa@!bMdc_)_%JM^;w~-Up$sUMg_bNak5u|R_q;de3lI|N-qQ!;&bcm)X%($x z&a5gM@&V~U*Y)O#p2AQNfQ#}&I0az4dx)c-6~cj#-w{V^Nkb`$r=PwWF0gjb9k3~N zkn?Bcje9{7aW)3Rnc>eDWygTH9g7V2rA1muat7|8PU}Kx)*m#^oe~Iyd7X;Sg-12e z4N zUU_{1&1we0&cWGQq?mb|CiU4rmc_pb(y`a^`&K_TcIDc8uYPLL7v-vp>d&S$+#tZ# zA(^U-qTa6*Z{;nTH8fYCr%O#*fem$^<(JdY^jLnXa8~SDzt<;?JfpT}m5OOK1xPmG z;rB?0(^_a119yoMNn_Mzc|OinsQlSl!h8G1ya$hi7*-4-)0Bhp%$z(o zf)MUM3Z{_yv!UjUF+XsnBy@N=kXz#)F@@3&{G7(Xpbt(n&!F@G&TJr z|0jIm8(}qi)UT*B1SzS2io-$1lDoBz%eO9h-{iY|R3c{__vUFKm01B<(2Pg@i7ZIL zef&)h)VmVe@w{vYUvzm-n%6C~2Sw99*oxM0Jht=dDmdVVLrHxXpbF+fpsXq$a$wv| zcJvo0Q(%=Yx~ifY#nyV^sZeck!~ximqW{&9HAB|Aq;F}T>T;fYFUt!jwQP|ee| zk;o$H(3LNF?yuH+R+bZh6HJ`Dyof7x2C_Ag`<|^)A;dZlij#SJ*T-jc7)X}Z85&4S zmpaet`Sws=j^hT9(-S{dgsa4TBdGkye$`Byr&Wss^XOf?{3F9h%FNL(+iRw8vO_lP zs@mh>r9MCcqjJ+jgg~?s66>bVg8BJ&R)`U;+`P7cWC4^*H>#Q<9rR8GF<(UPZq@WJLP(x%}w zqcY&5t`rvvFRDW@W`?T+1v=2Pu}`Q@Kz*qCb;2Ug8h67S-PgU0^~Qqbc%*59nEw8! z2v#t+7C+A_U8-ha5xAN;3aNNj>g$hD2g$aaSWg?qr`|j5UuR;$JyRN1Ix(>0gu+N) z)l@qxA+`hVAy91?3^i84P3(ebAwgUhjynlmp!e3wvi9>2hgSjt_!M>Fr3Ye2;8yQq z9F51opNz?6eHVgEjshda_I@^?rLNiSi*N#n@0 zUHAq~H{ayr?%fBrfn)t%2-?!vxEUPrwMzQE#UUbX+614U0lHZc`l~P7l;iplW1u)8 zgR=*APvX#i8H10CL!bK(k4Q7>#6(M*npds&QRdw(`}7XCkqN}+h}t!yR`|qLwl|fg z2%!Sh1KRFfCRMEPfEelCN*SfLv(e*~ph%wBaP#DzQ(xRbBQuMZ6mXIu%o^CYn5Rwu z#&q+};xf{26UfNRbO!>v{&`y_EFV(+G}6|lCjdS=|7l9HIk*yp0sNa-<{!IJ_LAyx z`mNzrdBdjCFp;}AJf>d!V41(Pfjh+pm+JLWDGjnKX>&7<17cw3GVPbpcT(t_T-aQ# zSo8zxrYcIpO{LGJHUGND7#nUHlI#%6>#*>G0zGM6wq#^rZ-D3&+TLT#H$0*895$~F zpl-yH0%_=kJ&Y~CSzY@L8xKqad(Xu-H95G}y42K?=WwkjQfJSi1zS%EGX_h==e+JZ zcJ%+uks013N;=(>T8Q6dsjX11h>GU5@B31G=lh$8 z=4D=N2zaYE68aT_P{by9rAN{PnVQkjkcxKt66OG|L3civ*UHa`j2GSHKDF{Kky`iC zLNIZ~p!~k#w4tH$K){(@=d=!lgvWSs8R{V92cChKr`h&qxMr@@xDp+MCQq2kW{d!a z>3>APVSNe9^KZ&;k9QYnuPw6@2c?e_1*cA`eQ~0NOU);1Y9WZa0MtL#eo_BlSh3WG z?)+X`ed*o8%gO%!T;l;&-`2dY#x=s7rb&2KbSgkPK;f%sDtL{{j=7s?hv+_gQ0?p3 zJL0U+X~GsO?5M6Mc2LGqsZ*UeaGP` z-;|SB+TNTQc=S!ao+Yov!iD(kX%#0hs3x&-n|{!9hZM?FKt1=>=gA2|Xf+X!%w;z; zbFqtvHrMiO6ff)92*D(#P>u(f5+p%xWst_51VC263Z}+9HZmLELj{E9=za-}tq#^q()FLwI>LmLsmacszO_Z_Y#!f}c9*&Em4I19WNv1r|J zif{EiusAHh;>;T4-MG~hE|S5SIUS6V0Vx%D*v;}3(#JK2Gb$ng`nO%3{0*&ISl~+( z&J?(K%@$^a|EFt2F@aZ~l>He94i2#lMNM zw#Es7L|Lndm2e_t9uYe}g$zEE3RFVzgnVtKBsrqc(-SItirnGcP+L?#fBuE#-x z(>!*+8=R_RVP0O_r^Tt4MY&aF8%yE5PFmgkA{{BQ7CSHI zgDL`tZk1NNIj>ue8H0u5T+8;FO}@M`Ta*>XD`b}tdh;%Gy9znPisWDPwK>5*C7yV7 z3vHQLzVgtkDsK)15^t?9LlJPR8BwrB?3?WW5js767KohmTi+tx^UhY;w$B_FePc6B zZxw{GLsBWuLY!Pd;DK8*)O!#Q{MpW#3$4uf{7K|Eb!KX|JSBUuB`|963R+7n!G0SY z+Gn;A^9avtb-}l*a2mt9P-`__w{X6KE912zPAw_q7yLz2;`<<9-M6gfxeMXNlCaZ3 z)E`K+{qyx$j_2CDnE_xNgndXzS-&luEPhta0sg{;YQIN8P*NbHHJ;GB4>XJIH99U2 z&+Jxkro@@x{LcvEyX1e8ILlR=Irc`jRlf)O`1$&v7rmc7&O_VI>c_}^f;N~_IMQxI z8_1}Xj?YMH^U%s{_$9L*re}d**&Iw$gU2DuINn`WLI-cy$jgR$IgYvNpDa$*Mo;}j zeYF%6iqPQ5A{=~8YD(&D5SrWMYBmYr@&$DIJW=58UunXrGYbz4xu5RXFn(6rsUs$e z_nv2PtbAvOi{GXIR|-8GY9JnP8=t|(RMXg-F=sfr-aIaU{kW{kFxnY`f;uzC2B+j5yq1P4#$tihmRU814 z(}O=gfmU)NSQavSscYTYl#Dy~1|!ctVd#I@AYer`$MOYX$Yw*A>9Nv;UCi0oeQE<@ zAzd%)jqzO@^p=Kddt^$|bWaJc2G{f7ut$L)TVTa+J9{Gt`i(F2z$YTrq9}umD`#zo zcMuXsGSsoPM6G_k7rrtpT0FFzYm7W43+{EQ*wskJP_c$J;tv+B3b76v}*U~ z`^m1?GAm3DSDDU(01=RAC=i2c0&{b-0n{Yq_KilAQ^a8G@j~m!qOvnjbHq%0g4Om) zGF4Ll+c|u7geR{(l+~{XNbYO~i6XLU@4|;RLUg78Q-U`jwWPGYEZJhJ_;aqCdv_{$ z;#Jwnc5oruGk-LcAvT+6N1DTci*@`=zlcTJ8leW8LowQgO~ z#YqN67ZBF|&_xkv-pMtw-urHe42ptBjU0Qa+@<@?oJxiiuW)8 zcAQmRCPsIszhT7)W<+gI@6L8Amg?;Y^=9`|ij)6YYc0 zCQE5p;$+|&sVaH^Clkt!S}i%HPuuE1Z-L!D^%lgv!?BqYJ-)ZmJJy}~;m~RzkEg?( z2VAx=_w6$W~sZ%Vg2y#q+j;|BcD~j7Jc6I zoyQw5e#3r6xT4uf3Iita$xw}x_zZjpp(vFsN?!cU>4nWm_Yvx#%toCP;u+q39ve*| zJ>Q59;8;VP(|YKPG>h#C5F3kq5*sFYEV0eZQ^Vce#2KH(4~J_MUw!_#C?rqLq~ZY9 z25Bj3gluu+ITk@7q)3K;r5|N}`dNPUrghoK9NTp>NhLbbb5f2CKi_P%!{~oAPz*a$ z<|-yz)&uSitS9#j9N`@`ybo-mUij3@Tog6gVU z&9WM`z)q{dV61;S_--#Kdh1^9a>iV3MKX1}D!rq&er}&}NpJB8Nu2}!vl~pOUt#9( z&Mr*E;^GTG`>llF(K5 zQdB|ni{ll8TXQ=z^P#UahyQL0%11Kn*tBz9MV0PL2Y!>LA(w9~YW8pVtx1`_Xu|_W zQ~s2|;;((w#SGPegqEW&8U4z>uvALVYt_7DTyJ6YxaKpp^5v1a!c!QgUdS{UZ{fDb z65!0KvR*w;9FA<03`R{aU^9+s<(j%nEcE%l8UHcjQx`z3)SR|Ssc;X|37~P(&4_KZ z@}7Ih7JtXh2|yVR%`M;1BI9G&+VrAY8GB9EDrtKUM?LR%r}^M-ipU`YuErL0x(23g(!eHpED0_((!O0| z6E5{l%U30om+H!T&U<5gefEC)a6$+{dP;XU=ScsRuwmfTqBl%$1$S0};YwWtLiOn%c z?Uve7GfE8pQ4HJd*I66ILi?hWN7U%*(h59PH8c>u7op^~BA_#@mRvF=70H1CqBdv; zvSOWJ5}moVM3IA0?ow`EU7c)l(4Bg+3K{(eH?EI2SKG9Ft*SzLX0cMGsNIH@P(uVncP-{x?=>Z zM&UBlO_^gnyE>Xmdp3%~%s*YKmi`Rjm+EOG!Qn(YSq|6gDkDCM^r-Zq&u}Q6ztIsj zwg^7Cfm~Q$KvYTEdXhuJ8tIc%I?IGVGAehSR3!YKy93`z@0fXj082Z>Ur=s##GJC7 zpE1et_|QDMR;0(r0_8pz5Q@eEiKU#b(T=|c&+%BMbBO~gxkXvd`k{<8?y3&WnHdCz z(mJzbR&0Dt<#qizq<33Q85iI99*EA7iwz#IVT8?mJ0UVjZ5If9&5srjXZe}Am(s;(40_DcMFYP#0Zg($d zbmy{(j%U7#Wf+k^GBd?I3pvLake!dq)R-*`GTWf9@6Chh5L@@*Lp#bv-5`|P!$mx` zrPl7jcs6CX-27>el;LpxQ41jT8#RbgsUBeDSLEVMM{)ZSB#!4&iNhk0BsC8PlvCtB z$|1c@bhL%@3Rk@AHOy+drqXWTmiY`<{2H$K3|+(vekHhKm_x??0U(HR7bZjoT`lgH z0vurZi3$oQVTh(TBV0@QtnSEV-FHwSL5Kfa@t-NR z9Qr&93+0-(TGKN1y;a1OCp*g|23*_2A;st_9{bk+zdx*mdm*}PLhkeT%{L7}tLr2QqX`R_ma|As3}ez@a2gA`Tz zZ(098*4{gw>i+*9zfu}XvQj9D5FtDJl#mdz6Us<-60$oDdzFz*$R637hLK(NCbP`! z&F}GYUDx~FIOqL!U7z27ZpS&V*Yo)p_s4ubo`Z}hxneYn)`BzHQ(16-OxQ#g;%-i+ zjt<%X;7>-|IB%TnlJCB{a7Na}Gu;TkF>^#Gk_1lc9<52gW4`f+w}Gen`Ow z84Sg4E0p*Ts|(a0_H53*BGc{)-+f%E<@2yzzteHHtVAoZw)hJ_&}4s%T7QJYOyPyb zc0Z#vGSgxP#_Fq$_D?q;a`Qp*WSswF9lSluTH~WuVdHGg&)6SBUn~T27eqfSJTvfuXASZ_a-qi?> z7tLf0cdZCu3xRX$usj4_=2veX{f8$Id>U}}9d4`4oemF~+4C}tmzyP6h;MLQf%?b& zG@kmN9U(}}%* za19Q(R9a0{t)qe@8(`qM43)1pO(Vw->#(N%-svd5HdM&s8TJ0X0MRGLT{s<(m!*Lg z^C>B!d*1B&~J9HhlNuU;A&{((%h+2?QLC&>$6uS zAt4!h^)vv=7RUszjtg8|dcoj_>J!V!#3EDgprijEUKES=fKG1T^k}(bKW}tCDto58 z(Nm%l0NjnB_kqbti!?=?J@=9RGZra10zqcbh50?95#Nwy+g}>{r@DYlE zR5+f1z_hl?M7BL>pRq^iF;Sdwi z(H_KiWg=_KP%hf&3oA(>v!5>x5hZ!e{XWHvoQjX|Y zTl45&A$@(oESSMR(9wt!cIyA^gvH233ZmJyofXTw(gIKRl}@j;TfJf7Esn`MFSI&x za3JBCq4vy}v001946NTrB~!OSt|g^Ak4b4`$&u1}T({}P`Jm>lYq-^++(xKo%0zeY zRP7qQ_Ed-ZeZ=_zjxsJ&FHB!{*C3^pZ;3mdDxh~$>KN~NNj_ORkQgr*K=dVr`V*4z znRBxIh+G+y|IZJY`-q_zApz%Q+h;L~xOD@cN0raSH3V`B)JO0!mRR)_-8C_hz|nQW zpCA^tfAGaDiQ;+-)8?|1`QT`&I^}roq+}}z8EHlTX0g`z)NcC8E0MJluIGNRpVS|4 zH7IDCz%YlhmGIS5DxWB3yvk8zGYo19X=8|#PyL@GwPAq?Za!{+X_eoqg8Wki@H}|6?3)0G}^&Kf( zqVnqD+S=Hd?u*;pU|KldoHo03k$o^JIyolKIq|_c;6NjcWuqw$x2%x?AQm1?9shF* zoWK8%K>h`k&E70t;pF5N)s{D(H58FI=j7%Vl{Y^qh)Bdo z4m80{VHzcqZc=biD-<~@%9p0>g@S`ah@UA$N-=Vdq{h9>Nr>50eZER?RzBkW`^Q%V zHRY6uGRe~1U$#wN+3XnjF}y+B9l3&Ad1y@YcvHn;iN`u_cn9ZR84H5zDh?c(z1x0c zk{txA=B{xl4ZzI(e^6jUPm!t=TF5{BWhH#VwAlz;zuaHkZxAFx!j@c-sup4=bJwe+B5(sZ=zFQu^mlrCu(5rJBIK1 zST|z;SC;k%$ebklswhV;l4L{QcX7kEJkr6R4IB-Uqa<15*6xVm_Jkc}m>C$_vQrfxWE^=3#TP?f{CrVvmLfzM#pZAG>>rn-J4WMUF# zpQlSjOSkNAzuNkPE_z=Q;#XwJM~=wa+l_|jPu@H+L(daV;Xiz4rpI0I?m5pt;md0eh*!@vPsc zWJIn3usw*#_PwtR(Oyr-*f~MqS>xbcvK{X4$VW4@!hRIvm5~))is+J8XIGb4ypQ`j z(O+awNZY2;kn`Jwz17|K-o<=vN;>B-)AiB|=PGXXA&Pc-ht;p|EkC?&EuAhfA83ArP1fD?S%s+J1cZ zs!|z6Js&fjC%KH4u-Ud9pTA`Ko}1-bgZ1iZ9OOx8ckv8wmAd+L}yO&H_b8yDfSg zfTEMR89ScuIV=00xrrhuC}p6`)N z{WyHr>WmjUJ>kJ0W*`!K@hHgG9xRyD$KOxF+8}+<4ITWvR^Tai!|C|~F-U*3<#q1( zMA?1Rt;yEnnHqYHt9CTY6Ce> zrv~u~y}W_c(D&?rAR9@KqswuP>9Sg_vJxrMv8d95uKiK_DaDoO5#>9y+Ng@G^;=MruNZBz9GPG8 z-9|c=F3BWTPL|(E%>YQ-bEvVE)9oS7IgOD*Qe_;mF{|(7|#U zDi=rpedQwZ1kRFh;c2i~rfT_68fkZY!vbZByIl=SCz9PmSc1E~dd?x$UT}F-N*wgM z*9vuyw~b}Nk=_yaIGvm7ct3=Ff4OMO&=Y&eboal{##}r7M(aa;;KGF4T>}H5FV#^| z@AFoo&O&K{I`&WU6FxNg=Je3!bAiX_V}e4!BW7`tQBu zyUuS3^y<8OxSVD3?%yh{&fAC$nryEl+U6BK8p5Rt?Kx!xI=yoQH?m%teR$?85+LR6 z_3q2|YJc!t(U!<5NHSm1J=eg3TVMRAayzSWtK2CJu^3TPR|d_PtFO8buFlaT=bmPJ z@wP>elIhKsthzv{k^DK;LP0N1P79{bkiAEeSP=ibQERaHO`0E}Dv^YDcfIeP8@Syx z(>Q2ikmebupH%LD$u-(#`AhOjdf~`-Gv>XENgiFM!Bu|_91c~u)l|QczJyZeN zzt_6nu5P{@f8#Gw1Q9Nr#d?JQqXUv55EeNxj}#y0IAkv(!yBq5R^oSjQ&oW+2!;C0 zry_sYEgNrka@K`ZVaMxICk5jvlI~$WMd(uldU4;nz-F8UVwJ*}Fy9m~D;XB|$A0td zu_KDmI5Ipz63v<00w@_p-3=PpifEJT1#M56DG z&i^;1hWItzvZl8^qmXW~wOP#AUgYw{%cA-c3JWPNUv{rm=zmDkGO|$YRojI%BIZNp zRhT=3)A>L`uV~+%Ysk%}6hCCC{+9yp!m(!hKER|l@QhSVOQ!CNhOl^9?E6=JB zTdHqi)AU;YS#^wJGd35R8aml-Bb{t*g7CVf3;btnk)rlL8P6R@{l>WA-E!53gHf-C zNlqG6Ho{gPZb8oK)2`yK^v-QlhDoyifADiU_aGr|dr@Yr-uac;0Z(~XEXNqMdbK?a`5l|4JJZ?gQR?L{T3jh;CVyRt&r7fXv-c;0uVq3scSp8s7`ZGUlp?|Dhh<{kE%Hd62$ZCx-hsgeD0~MQ3RStB(&B44-oz%0*qgc+p|^*YICoz3mLE!lX7Dcjvfy4+tmN;l{5j zWbEc~zGJ#rmHtQmebhxO@B5fFx|DD9DmRrZZ}78dx~{Tx8x;xRhkZ+)OE=AxazlrG z)(Ib4Je0C^h!AGy!`NMivP5`apP#^&2@+Qu>}&uLSELjYasBu@tc19Ky+8XMTf$b) zYUaqu$lbelT`DRnz;nG?lBN;iOC3DMji#y%rm_$xFBmRzYkZNnF%r~sKS1QZCN=3v zc@>pFJ9l^Y=$IJV75lN#ly~eYrH;jsLEXxYm`AE*AmQL*om6=c5)SrCDfp>^sInWL zOx#gdrjI#J%DeL^yVw&n<#(|=6Hs}ruCC^oj_IXo_&z?u=xd%P;>|fvwbbApV8X{s zI))_Px}@WH>8SQ-P*BR>xIsQVJS?ZAbd;2oR8B$Rfx^dH!w+|6-(B&>NUV?Ch=0S) zws0p3WXx4wPM!|2`7!$OI~tOSI(&eV^~%VnS0c|>W8dpQSr)SYEg_3#tzm20qp7>o zmu?w1Qzm<^(%^r77{hx5uYhSUt#g0&rAMf1`$@7$E}QA!_VW+8+@~=N#ck0;MUHCibBcd<5_%eK?DpV& zL?Ro|~V~YhYk7@D{z>Z0O_jb~W?!0mMufGSDZ3DuU}>6R+mJ*UZe)#%tc>N~FYd+xtr_?45j?U~^kG2QuSY_h_fwvMAmr3P3PR9X z2VySiT#sl@OS#CtwlppCSSKK*VsV12k989h6JOj5Qizut3&9(|id#eL zxU{*Hmj5jpbDyD(Go%_P0(}`d)F9Oe&T{G~*u;6LaqoZ?upat7*H5vh^mTT2w&$8^ zQVQ8!IPk)HLcjLxU(KD}mu6v6BcKev(NaKqSe0;tNYjsPAQ>^qS zyXLZM!-oD9yP~2ZA|-ojNRA%G^RLQ%DN>3_adkq0!X6Z^k27R}!qDxK4^2_kNK@2~ zY{O7E$`FQB%F9o5W-}c=DR6A=XqxA~aEG(xXL#Q_GktYL;4!Z{dIM6 znwk{S()ebrL(k26&iF=IP4}|teDndvdqhP=4XMe>`qc2~w=jd?KflS5_wDx0><*5X>9gB-2`OIw5ym>ExL+!`8#ER1t$5 zj1m!1=WK2(5B#!wFefQa6ktL7>!();#4)h29A)&?-z|@^ZetCj=V(mDQa-bg-19Ct z($>n0%$}pKh(EBS_4P0z>(kVv;87OY;A@p1lIO4B*g>UUfeX%GzA5K#`)M-r}#AKXVvqb zRvJ8lfJj=)-@nLdXoNql23-*YPiDKD9)l}`PDSn{TBx}8(H@FqOM1y4>cPl;3yp}| z*$Vwpj8b$9038$E`5cIO5VsPfNaC4r$#BznuQNMl{0S-oW(Ak4lIY=Hs={djVEhqDfYg4hfcE%EFHB zg+e*u#lV$vAtBn+y~XKz4dHof>7s0oRhX&zAnjfYZhY+usqLv+_bfM~(OdC)_G zW}v{GzM}u#6YWot7mZ)BgH?kwPK=na=EzrMgnrMX371f?t@jREJC)^@l3{QSiwB&N^;k zK%-UWLijn?w2xLHHa?!=fS-gtHq{+R>Vsh^VRJ}XD?)WVOB+;|Z)D``j#R^%9{QCi z6Q*;FyR_zVPR!Ir2oToQJ(E-V%rt$DQwq$n(b4!cK@wbC=@~Rn1O<)LVXx;j;$o_* zs(yZcmv7&`ja}-HDMuDLmi1I1b&hvZn!FIH3k-?Fj6pvk3N)(uBkns9U8dvKW_z}w zayRezib{roq=M3->k$DT<>|+Fpn+urhgnUPV=z<9QsSDsL@S%Ox!&3 z6&Y+G=ra8^6ynMIcl^k|ody?OeUG6UM(+P=Z1Smn@ci@*4BTKmd|3r^*8o@wmA_Dg zB`aAH7?GH{54SL-kK3r^!PoAIv7gdj_6XIIvQ|9EU{PKaz z>>F=fxpk9x#q!KxH29|A8V18qiPbeB@qKB`nBHb{9U@AZF@An!aH4Jo#RwH#h4@#w zs`DiVTlbr0paKqNWo2DvlpTSfCf$B*ad|WCPGyDhT69#DRe)8j9rDVD*(l@5ckw4x zj++*)&L88wuXBjZrWD3kMKc`vc1n4SnR4rI?i3a0_hIvUq-q53W@5Z}3trjeQH0D68J)2Sc zoA~&6mlrRH(CoZ|)^(U-yHE0vHnF+do1ae$tZd|5Xe0$z7F=ox$0(J*%Kv>7H7P?= zb2Eurj*%-_K(cE@T`<`&X>s(M_zU|Ans5*TX8|v{#MCF><;~#B4|=$M(5?++lT%ea z4%QxgQ!o~|Z+_eB_S>nEew{`a{iGsj5udf3CpV1)NVB}8iiNyCFPS=G51>YZskXLu zvSz8!$*{Tm0=!nD3X4-@gpYA;#?%>DnOrmDyj(Z!nY1@X)YFX?0>T;3Xg5rD6`oGq zx8z>ewOH}0bJZh7{`MYr$;dN@sk*5~BiQ&@_{THef)ZYRIF(oCjnj_=u4N2 zKKq;|quX^nfe*T7MYXl%UxtU^hs3?7+-#ulJNdzR-upwgxYi1cFRh~zZXAA1aJ-$z zi6F)8iSwA&hkzclm{;jF4HLDy$QlBVQCYY7&v;S^9AQoAZVpNjkfcuAV?c1i(Gy34&*Eccoda{q80z8d@E-RrET~=^`jhlvg=WP4)Cj$qmN+$z37N>+sGBs6> z6A0up7>s*8(8mudSjqb=GLR;0X}G?=nLpDn?|z!Jq^Z5RTX%SIQk^ijbYu2{;n>$4 z4rrGfOvtYptXFN&HG1QL3SzN6V-$K3$Dj1I1Xsenga`Ixh6LqrH-~2+^r(oJi`GIs zKlGoTUn8zD6~?VxeoB2PZP&jm7NeZ^+}N$VINi4$cQ`J8p^>wVIa6KD$d{#QOJ#uX zXKh#C7?|1b&%ns&;ZV$^y*l)K#%YeOvL=bUlE-2B7AH?`mQ_uts?~V*sMy$ALfZN{ z%Spjc!}j)5(Ya-1=`Cgr+N@;*!xX-%QXv;ko0QB>EZ2RQ8+;W_3vUBQW-nAM;HOi*n6et!JvgMR0XEsCXUBI!c@Hr*&0u}V) z#S1voa`pxR#ymm)F|cGBc>nJFEaZ2x_Et}HWYSwsc9Lpt*6${Kc1G^{_1;$-oolj& zk+lue5flVM*@iQDGZ23brOF1*NF9cUVC*jyEtQ?rVZ zTq75Vl(C!4oc79hSE|f)TwRva!%rSNVY_(3t(pIYE7hN^;}&9(8Bv_Q<~8MJ-)beQ zxC@s~dgzU$U2$;isI7Wl;G57evBEUywKh`rrPFI;1M$e2rNsvpc_N5EIN?i{B%p#C z8=useg}afp%`+bcIUH@w*T1$k zl=+&!JY(Opxmcq;+-aOX?=NlEwJ=&f?@BYMwNdu|Qqv8?0!)7hdn!t;>Sk*}%Zp#~PZ`LB`@Fa1ScFmJQ zkT!AOg1fpcLD`3fA`)}5&CQ}#8NG3v$xppo0g{8sXQO@lU0y01d&Q0fEN_O%T&{c9 z$-uziGS0$Jb0^&F#vy@CiUgBuJlE0d}U_S?S3P?-Z94f+-8Y?Rsy%0v$dttxo_1O6@+-CXV1DKDVAw+ z%ph{)iZ^)j^A|eLl)@pc_3+Xu85U~U5#)gFujUt%+5E^4m4s>}_%2yaTN0O0wf5dy z9rOO`X60I{tLf(QbCov_)Y*LmBNu{P#IMt^#<@LeQJ_T!W zoOo+|kwSY`zh&m@bO0@j^3C&Hd*Mi*=Gx}&bi0Lsp?6C~-v;t#-zQW}Tz|!~J88Ad zpG?Y=i^8hx<<>&DWlIp=AFD~;J>~OQbw|vr3FbN4ZBmqa(BON5iKtOB zmMFSD`nolOSNB0Pr2u8bdUXSlFcnS*wNF7(!gP{wf~`Ykv3ciI%hxZC`$Hr)zE6p3 zUMY!NMI;3hUg9Ppga9G#V`F2Gjw4|(PxNWUh^)}?1ebH5bq=6?p>s=v@E;Ad=s$** zg1`uTpa#34kz;b|q!F8AVd-0Mzr>6v+^g|H+iNc#WE$Kj?3j__O(>EyAh|V{0w(0( zKyT&ItPKHDgIUD-&~Ht7(R#e*lD*RttByDtl(vghS6h|*URJ!^oXuf4%i<+tzd*2y zmbl`OXA4D6?z5yA9Ocb#TU*g8tJNdRqf~<3me=&g`FfdFO4L|glURiWHz(2@NwO`( zUz}0axWFuQuM1edRO?#lkQ+0ZzEnKin710GKhrW@Z*UNdzMsUi)b%>yExMekcB}V1 zjsPZN=me;0x$!gk+q&Lrzvd=y9 z?mLR_DQ$e4ZTISu*JGFV;^|vmbEbt~*7H`XGktBYpW;Ypa2;F!SeWYJULSN!bL-u1 zfK%Z;%k!z{yq`Fad)Wvn)|9S~(wKd{XFof)R02Y@*!XQGd%7>8w#FG1d+<==7_sJR zO)lNLYjLx@H*IN!7FzgEFN`PHfzcOQ4=@Ka+MF8|b^5BLWHjV(@UD|}VL3(Ah&1*v zdvI5oL#Cub^N-001=O!6Eq+Ol`~Vz2jyQrR7&7no5-6S%4@afRDq6^7+=aJ7sKmk1>{@N2_wtZ&T&@5@ z*1PE@WsY?zA2vEnpbuNE0XFp-LrCecCIxtKvVDn>m9-L zH|neweZ8b+ABOcRhDT+jFEJm612csugQ!aF7l(63w?+m{T?QtTZD z_YssyGHo56F zAhh;bO{+TZcBS9S6HS5RnWJd}uV>**57Eo=pF@(r*z(m60RGyHbs*|A)T{{qS90@OJjH9x{xuS0>7s5r0xCLj zr8asK-SWPazIb>zi?e_C0_-c8@0KuYZT`%bVT1AuI4Ul8`}X=WPv)TOr~}pYIU5Tv z3NG5sRaO(}$Bx%`q0*MDi$^QHPri7%wLUb}S3YPSkP~NYxPLzWt!?iEv!a>CZ{jV; z=^*httgif1VdhsC4q_i0@#!qMXJG?#=g}~KVfOStn=@0nfBwOLebX3U>*D@^hOL#5 z7jIwCkFxMjot!(G;+h>|8Gc@Nq%p{MKx8`abjiw~xYoNy3%MKDDI=B#$F<%EzM83> ztI^(+G}PV*=$UaPC}M;7%|JO)%66Pj<8vCm-&qzGw`u#8Co}IGv!CM?TThPGY>gYs zUB5{gvEt0{D?BC@DK*|}Z{uG{CTylQKc#q*Y9ndO<^B8j%bQy(w~RW{S&y>z-Mcxi zDs#?5#Cd#hA|ZNEd%BRD+o*uS4yBm7)UXB;MQl~DYR@eer>V_7f;~|QZ}sMFxjvhz**AJ3duoy=l!`~)+R|=n zywoLyf3e(CIh1rdZ|3pxY-uks;!~=vbqE*d_rRHol<|kSrQEV~*&|624tkXOMjoY` zrKLh+&*4n!axUwJ**SY%c_J6z)fgK1Qp2QasQ?SV>HYQLms?DWEtFoRTYb|W8I3QN zhx&R50s1PlueHpjX|AJ^Zx%9deiJ7^I&d>sNCTeZl_7prC2>Qs-FrSYy@lmW)=HVF z;Ee(fNW8pOZXW4j`2NaDgYacI|F=M5%@arGY|!jTR4lx_;v1)6%m^0-rwR!@=;}c7 zK|^YCa)kfQyToNhU`8nF@2lWi6rK2&jm9U4?&AA(6k3@=_L^pM%9cQsBtSqE)^kn3KCtvd2wJXYW+HHCHr9>)h`ub$V3J7o!E`acHWT45nKNv*%M4L^!&*qH3Ofk)rjgCY2T>Il3F0ydJQ$nlZ zNu8t&zBUZm;$Tl_O1C!a%W@Zd@d~aKXC`=~f)1-&6X-_1rC{Z!fsj(PQlT{*41S+& zLh07EVP8nq>hlp%*)?^r*)4xR#`oYZ)DXoaBwQhZkIo9fn7N!p<}@CrmE0eS;FH@w z#U~`H?kg3}G3`64x#e9MwRlC+&tLIDLhE1o6=nyAt?q~46GZ6+#}~jEAaIynq|oYo zN@&(+s_C)9nj(GaHl1gR*F{D9fi?o+h>0F@h9)@7?%kkDZcdis+u!f?+(=6Jl zEZ1T7?yS+6IV2|N`u2t2B#{v=-OjM(-n2FGICg^+Jg6)t+1O%>6KOMpxYY_uesrgp zprSC7xfbr}sb*D)gte1A8b?BMCp|&WQ?D!ptQKi}s-CI08HbRTSvib2BzM|#lq}5^ zob`(Dr#5IvT{v#ne##r{<(>IBai%Idg)8Qgy2H%dZk2pXHLXCrzK$GoM}gdXibR*^ zQdoz-uACh%spjXB z9>&v8%yYH)drI6=F5K2m+V55!`PfAysl9!VtkcV5dqt>yT%{CWy&#`UHP2HFdm3}y zdSo=TA+t4;D6zi7c1x(V_yg5wvgrd0i}FOpq=BTqHT7hTC50>t52hrgv%7U~1c#hH zAjbRUnX}mJ($JiOjA^&sc(K_B)~Tyowijeagr{xJ(@B4I5h3VZ`Zk_3Uy++y%(Xc# zL*U&UvL~WwIBT#m(vOz&Qm&a#;okU_47S7v=OvYBf%ji-u%gHraXE}pq`^E z_-b!j*4wW7 zfFBEj+ochPE4MDl#>U0bpLATG$y=p&*RIOo`ph=cSvGTmtt69KDYb{h^Bb4j(4v3J5vSoQTpBH@vy-C9hq|+thfb*QRo}+4u=b zE0rmCGG-StRvW$tBcJ`p2jn$ZW)9!JuAO3BBj01zFXTH|rafA@zA~p>?RQo`Qc6?y)@V-=VHs{_r7JJ2INciUtijio$1lYC(@q~FJo5B5#}NjNx4ewKpZ0ekBh)50 z6EO?ZFHbtobhNhJJMGp^PYKlfm;)!$vvY+vRw1UR z_Qrv_o0qCQ-$3(AN|LpyLQ@17`1tt&7%XUI>AYDCFninE_vJ~p=2;Wn^O|io&OVBi zqXuH)jvj|9JgA( zPWOYp21385RsdO#Mr z6pNkaQ(qqiK+HgyHi6rdQEAVWxzS3b&mlUR=7yS@_hE68va*QRa9{G=+{;xk|D-lDqd-ran2SX*>K=Gz+jbOS?$Jp12&?BGQ zRVrIl`CyUv8P0Q(2nzPhB>DLGN*rNf$Rt_INEavFwD6qLan65P(oVV`m z=<@1S#oh5^FYWh`Lhlu|2u`tDxSNyHy9<-A8@yDT=qih>=d{+BXFm7#o`iW-fY>Bp zW4^Uv(->CJnE6<-+6d5?((t5*)6kMR5%w|(W7+Okl^(iIeZcQHIk_7ejczZpHcwVb zKRva)b<#7$RGo;~SmKY1wk+x-Fw7opL;UqGqjIK!pE{hw@y0~qbP1dF?9kVV36Iv+ zR_KiPs;CgV&A!m8GLEsbo(fr#X2rsDIbr~dIbWN?TM}esNfq%|p{*`M$9`r0UGBZS^JfEWhw#T(GGD`v5Z<|c*==c%X zY~!vR(b*G}lpZA|B`W#%b&b07*h-c%3$<5>$D>lTZ*p>F57mnzC?3BL{qEi7*PdC0 zT8ObU7S}hlz=dP8n(77(FD@1YJ&I09fJSZd#y_W*{7xo6B&b?3@(iWgHOe4dtfYS% z@Dk7592rT9QS*Kj0Q5~faF0YpMA*)sKT=#=JX1z2Q|5$EF_0KC<*F!SDXJzOCmVEg z>X0a0bWnpM<6JdgHh*?-AVz!1y~>xqvSe+F0w9UvfG^VUu+97I?kk3v=6F$afWosk zU45n?_m(&DbVz5Dhx$p(doha+@N*2q1Zx>jDCK2|0D zxwZGWbX`hz`mH1cJL_@x?puwrG9;qo5V|H{=>Q!AEQ=j_5rG%X1`gk5mzI`JP=IaM zm;1?J)cjdQ^Gnl@XR!8D>XueAp1TH%HFKESndbAOX%#^8@$p~3Vn@0q6_b?8W2Hj| zI^oJQaphF+fSg4*4A2nf`55*tD~YqQp%z_gWr)bYH5E=C{O15s^;ZI=)YR0Vr4cF? z+T^q}Qn3LAdd!%3s-p@b5Kx$ubM?RlasL??Lb zLBVvJg|V+=V{V%3U%upxqANlE&UAM2ohGM9%DXO)7*A&$5s}Ybg=hBeThsos9%MFg zJ5%fZ(*ta_ixcw=i;Ih3;-xo%6(WWaGC@Q@_Od@aiu-@NpM#pvKvqA**>+A!RpH=z7Y?6f1+2u znORYpXExYK9RzN3%tiJp8ygVO`A*_T@nHhnvCE*BVVu?MhBpB6zAdWU#E0J81T>w>c4Ogh67vgO zqtERJ#iVtld&U0Y9XkXo`fq9hMYL)HnA6SX0v;}Z#-I5Pb(Z1a)aQ*9UAl2s|Hns}aWXC&qf%Zg=JXX$y;?a1?li_o6ym>- z*!I=LO3Kq}_hXiA*?1`VT^jBd?=Qs-r71+e{R&oQ;s~Z)|FVm1`S5vKMH?~HK)Zfx z?N-p{=H}O_scWSOGJ@0b74(=?#>ADLM}U-qd$BAwytlo(iOhaugRQ-kIfqL?FdR81 zGfVgBP0Fd@8{|>1U-MR2WmUw~)1Hr|iIo|1;g#iaRfL3(6cNi@v%Cz1jxvbgZP1lUUb_2Y`g`$#j(b<6y_WrMXrT=qEKC&` zgBhwOE^L?{W;Mfgs!4jgc(bAu<% z3-d?_R0^_(Y%diVL1Yi@T!yI#T3s~=+0k@M*n`uPTR8*)67RK~o@iSh4*E7eF8Sn+ zlZajpfqxZY$n_fP?>%Z$UMU;9b&stCiCAWFR#IGBPjai(eKB$Hkn=~{FXzFnqItyz znX<)qY*l^EjsffW<}S7O&Py+rD?mgIO#GQ}f1p>9K#Iyfqq_6xJuiboVI^gIh*Vmp z(WL(`<=B4MN0?^!SocN5nJd0vR@~gONX@|H|5urQyo2j0eu@i`9UWhvtXd?5%EuRP&GCN z@z3rcOG-Qel9b(akZEU`O>q0!53J9;qaO$;C-B#wk8>8B`TAraf8VrxEAJt!nUUsF zz{S<+S9powC@PljQ<6mz)QBWQ7?KcjZT|0G0L&8d>t@an<;{*dx>ZI@Fn+$vf0)Cn zqU_x$&?O=WmMp*KVkN5ud(8NmNkK&s42*r=)0>!lA9g&P zT&EC$>^Rd@X~$Qt;o{N0Vi(?QI0G9-?_Tfgf(UD%nT&;mPM$Kl5X<6GQxLrlK{|!y z$s==xy$T|CkaR$7XTmXT^!XL@j=8^0TnHI_X(dGBoi<5cGu)7OXUfBMrZM`ko2q;z z*@My$Y`}tEN1Rd9X+;e_(60vpV%4z#??#J?SjTAminr(YqJ@Q)FL&q9yQ=iHa5yE= z#7a+iL?5m7q#+3Bh#gnQ=#Oo4t{nmlC&7!658>4hMQC)8J0Eh^k}x_wm^N_i$y=Hv z?y?Me?lR)>0xglYfcC~VDnk6vpF1h#=`72Hn&>Ll?PJS!WyX2j=7hV^vB{1lq&hxK zQOgzq1BzY|W+2zmbZsc^_--f?>VDj2oKM{t(`Lw4JtW?myRfn4yS$CZseg`t>DB{4 z5zF5Pnf*%KzZcvt@%CVR4%Q=UvMjqAPF0^V>=uAX&3Y{7#zEvBJ(plxOjN@}1?nao z4OHC&TT*}*j7pWr*w1@eaYZ_u5YhoOo(f_ekPPzkY<-InwK2RxHVxj8@;`#dczf7` zL8-Ws${MKOl-M2t=Z{xt{N)ru;u6>C z(slzIEI!dnVxFS#J0;N7cn^1FXY}5|l!`z|XHE2-^0Z8kl41Uy(CGVBH@bK_$$$wW!L70no1gNy@t_fBHRzcg(TNW62^YSf) zU85iOo;nXFCXe&)=(PQ|@J!J5<0`0Ot)nr#d^CDw_yw0qIFLxdLM`PPL@#GA*9q=a zlzjAeu}0o0D0aif1Vz&Clu^Lm1{cU&J{Mz*HUcJ8iy7Y9DWJwH!y8%+N0UP^Ys3EL z64*m_9}QEoJxJ1`tBIq3{t&+8d%Jfo0p&G&tcRIx)|y;}Zdu z6dioq(16T*cVC>rYO;TM62$BvN~)%rSVRde0Fv}P&Lk=OCTLu~j%NrdsDtXa7`~rH z5(^DLq9b)cshN+zMq~Q{It(=K&6)iq;Kq=e-hFC>48F5;RKx}|zdZ+cKTzop&RneO zqYVnDB_+jj`aFyeFF5`D)>WWI=jL)+W-lLX*K^jHQ+6kd?hdI@lkBx>a3 zPDSZs)*~`mjvkG2Y)nYRdw5t5*sFK>EpIh~P29i)-Ds}!zoQT4Pnwh94ddD7t=QZY z15MaN=k#;Z))J7UHNlMckS6m>fHWBvkK{LoNA5)=>4|hYEtYNj5CV9!H(t?IPy~;S zv9xL&1-ASIXBE+oUy*^>hveLj-$dX~sYZn(*e##ia)Sjl?q)_sog1h_@`LLqev$g$ z7XLSEW!XWg13Vg0*naT#8faWQ5hOV7dAad$Udlmcuoaf>_$n1N4g%eO1gl}$!XIch zP&hU^Ix@mzK&Fg~|ENa-*#u;zDlC*JB^|l4DL7}a00@H#q!Gi1)M3Uacs$jb@>7xsP_i_Cgc5rGa75)2$ zEU3ZJI2^3wy5m=!_uL*0+J6aL0&!-S>L{nL4QVh>;y( z(1yEIe_Jc&PXPLh9vMht{r)fjcNC(>zF?#gBXk6C?^%5Qj&fs&xUn;X(=C;&Y=(si zk%_*MA3NoQQ% z@hg%+l$geixv~7f2azPC+a*8}T610|n`J`R3msFK0&<5D79jXp-TkCMsn0}n{yxO} zukXF_1&zzugC2nL>;S%}4{{Yt$5h(bj-Cz@6!`~G>FA>o%p*SF3%8_z*B-7_qI<-E zOh!j=qQTKfN9JVxP3Zsq2SC3DD*Ft!@1ySnaLa)nk4S)#MvRaP;NGR??jLUq`JdDZ zItosAY}fXs7nl|$s|ZX$*z2+Xf;fUr)pUSKMp=8Y;pDHJLEDhR8;ULKvE4z2nmh=5 zK&*c!*thLKOC8wIvcSXtKUe<4i<%=rk__LR4Zs%Cv!4d=79&saNQ7*e;xLc(38XOb zgiiJJPG6y*1ft}>z)gYW2OkkhLL%InGyRnQ(5j`1+{o*HEfG_t4dXMe(t%RHkR!)B zj~HTY^Zja%Q8VE2%{YmD%mG##Eh)p@qnH@?yL`z$0xBIung4W|+>gIKPY1lNC>uJB z6AfhI-jDta7Oou{j(7Ha6hJ>~WG4}}@1yboxEVl?=V+nN05L+B0ryTBOkoZ9et9t* zfPA=%t7%dZsdWDGzwJ*TA{jk`uvZKsI0Tz?p$ko(`^Ii8IQiRSP{l~_qrtD&gYo&G z@Qa9}fmr`ZXmH#Pv{Hc$W2+%yKSK|8k{QT?ByqKqNMdWRI8F$mI+Dsz1XN0#4JkSd zu6^@G-*eA*`U*xS5T$CH5NsC$3?W$`B*GnrenKQYlML!mb(OvaYq;_2cFqukQdcqH zV^g^O5Nq>3W&ZamGzJt<2{$qy>!i+Oh{9=W-6urLL4}Uu=|8H_f$#wIlgS!m9WfVq z6M)5UP&8uNndn)}_>9+>h>W8^t3$B6>Da^NaW~XL7T-E1A4_X^&3u2(s=O!I@Sy!m%LT=!C51^by z8~ef3H{e&`Jqf{PK7P|O$fg~PM?4a2bcCpp_cG#$8$z&X zB0BRA(=Yv+VTjIh$0gmXj0WeifEz^77mu+;KYspqF8~rzGeU2%VnxTf1*CT7V5>Kb zZL$Bg+kXn>8!{X?%k5>_XQvFCCgbt^(uiz(e7M0AO32<{46v6^t)aE<`O=BV&FcXF zuVp#K0+7UMexU)j`pmCuLKC8yOjqOuN^+9^Kla`;D#|Pi7j6k6BBFwVL={9N=bRK3 z5d@4VS)xj^$hpLX5|x}mQ9wx|N=_0kYRM-b}KlPEaCjV2;W*S z^&0wsUMdQGbs4_0)6R8uFCPaAR?uQHFLd2=I;ex(1`9McqnUH(6Z1i|MyxJPLl5+tJpzF zSvJ@EHTK9|DzZ8nktdPlLFc|CxArn?EiF}xe?(JtH+1Y7DjE%g7Pvh`W!raa+AVCOsd#=KW`KDFgvB{dBp|nd2$l^$cSf!sXVLMh0uAcsj2x4h6yM`cXM7K(pUJ4!$iaiN*2fH z{%!$~hWjxI1sl@mo18C|m!F4ph2N;SP34iX-JD_Uej2NM+)W}S^(zhz4z_*_w6$lU zYrkb*YHI38@qDEic`%-EsOIq*db>EHUp$%OfHpX#RzlH{iKkj>CFrIEQ2juKq{)+rRhp9g+YX01?j2 z&HZCm6{u7?tPlbk{VOn}G%`7g3@O0~hk*}+7%!{__$vTD>vzJ)AAK~EzCw;g=_?P` zknGp2A=&S9x5DZP`T1Iqzd*wf41~h0j83HJNf_r+i4eZQrk=2|9XprO3D)>I5f(7( z7L%$p2-A^vHDL(qU>2C>r?w+}cblxb$yiHjhSRhOj3|$!A%k?UU67T*T+tKxa2U0K zi=NgW_i^L!c8$}D(8m=R8Mgzv(XzQ>P2%a8sQS+jfsQnz>&?FCw25{5`_c-8&y zmhs15ahw4;N5<|RBV|~kUrJlYksR;=@;F&|M1Lmk6`?|X+!SmVrjvg}ln9YTu}0qcr6Qd@TqqeL zX8Qor?>N=&aEVYESKSFLc(9n5;T+U_$7e5|e1SB)XsX2%bl5*CO_B?opk42AQg}?< z0r*UskxMv&ci}m(%`m;P3qfe8dvf;JFLlaELF$}w5aju>8axA$PeQ&j2~psx$VdSf zuqSiQubzE|4B=>MVgum-=!bV{Dg-Z)XZ4f_zODWkKHq8UBADTN6as{LMyrt}BI`pH z2?u_qkII7ysWt2ZxvfCJon7a2nhDA9MO_eKNbJI7z*M`)Tsn6Hq%o+a@j9U||3#xm zb-~9tX*u?~&6inZuO6(Eo~9JA?8>oy1K0q=IGjJ2f+!l9j0|op zLy-InSlz`l9nypz(~r!7_c+{MQidU{;NuN+SCLWwfyq~!mC3(bm;4r@fo(y#_^cPG z-Z#xI+OANhY z#-VN!MGmvgFqi3L>*G)`jWZ}S^e=1H(A$f}`14)w>Q9KYT5|%(r-P~z1O3m+k2-E4 z?a8qos9LDCa+k86pBZU1EM6TfTU*A(ZhhA@WeQ`6_yFFN>@$Ew7|-UjwK5mX*ED6^iVVnCJL?mQpOUYB!BLM2K)nc61ufMu=n>SBHcN8lNdx*1>sU{pHg3h2&O?AQNbw zvMWy<=RVxWhh!JznzY`yMp6#f$0poo(g;RfaI1EQADU~3KqHucRU@i)a|EiqHu*T1 zGfF#u!fL%FsSieQ_HYK?tG>8Aov&r(>+jkhk1vPgvZ-@269#0PKAQ=<)-rJZQF9%w zle2pq_HtwMWXx8n^_TsySnD_L=_NF_l?gJMac!A@e5(w_lk3LSFk7!_fkkV)|jxQNoF2~)?TK1K!&P$_6|2=a$ z*F34-YDa6|XmT;F+|pMnWXv}|+7jG5{*wY#*@ycSh5%7AnLE^jKz(p)=NyQcO);Ig z)tg3S9Kwedc6P}wKj_IA@ZhENR0S(O)yhqZ^1@>2VHP!9EbtH|ndN->Kw;SN_6BO^ z*-3n*nwzBi!d){181G`Wv4Zhq06)R|(8Ek-Uwgf~Jw$!w0f&_h25Z7c92PR2rUz|h z$QWydalg)ex=6$^tL-_pN=Gu>}jXq?B zSuEphcPX-}9eQC`R?>^tJ#D*t7w57K`br;3`D}p1peqBeTbcPQP{|0J)J0`{#AWN5 zf;e}fFwqSS4a|znPDTK_kk~4_G#rnrmzgi^asz}IW~Y9k7V$2BG8Si!2U|V+zI~)p zcF9;B0(DnQ&0cq!%6vWt1IUV>dtGq(VlbE&v2~DbuoKPfzVNlFC_YnYr(2zk!Q6QJ zKu<^ck=F?Rf#}x%N(@uApCeGd+p+U=j#c}pOhoj|9a2=AN9LTPjs#!MWZoF|GoS0h z9+w^`)ac8^ar;+fEUp|q?vuIrmh7U#X~k;~VE*lFF-$9>mPQgWy@k_Etn-s#6z;Mt z-I9J|epTCPz~K;iqSJuV5jn#&ik|r*@sZ~mlh%|Y6SWiwWO4;yR8EE&cpLxlum|!|cMnQ*t&IDMu81bmVKfds2xdC=sL@#=T}{{61=cjkB-reU9lX} z?Y6-c;uq`n=wa&7d!#Wj@l@sF!my$&BcF4F_o+dNfuIZ69IU@T1)pQ@PB|AWLoXeb z^f&pHIfr6p1)~7FBOZdWOHD@<)0R70i(@p|56V`G00WnwL(w!7s>4iAt1i{ToG70L zLMy}X{M#Su9Vdu{hFJ3ubGYC}DtBJcUUdP64}Qu?7@djh`rb)2r~cDPR4u$(v;>C@ z;vi*E=Cv0e5L&=iCyup44co*_`^@ejt5S)Pmf&^lT||v%U=p?*ULUfF^^dg7J1V=} zUSIkw-tP>q^8%oRo!xV48m}z7TRDXL5l(k8dZs8OB;>ledDn}Rdr|^OQnbKahAHmXtV)u<-NgN)hy5}$98`WV|yT4mmzC!)JLs)4y`wS;~KqtdeTx%C+I%Agp2pt^{Lf|l0@85`f9 zj#enZ*9c)PtfY=GO{$^uq)ckUm~DpYQag&oQ0_>!0JR1}GYxTX5Rn+O$TEj~qlooYb)EaQsh5T7}JWyz&pPOd|m{$!K9N0fEx7Z&D zAwf)F%eS?8y{I*J@tlG2%z7`eShu+f8E;xXKMKA)aY}Uwun-PO*M`h+In#AHU+z#~ zz4caFneI3gtw!TY#fleksOfr3ufajnIqSFb;YJ@cVr;D$ZE6JYYU>LP!c7Cs=;a7; z072=y%d${XAsOhl9FkomLiuj7d>|C}x{hmYf&o>sh3vVU@&`jz*?}hEPXpfTOZT5F zqrZJ*DGx2Oz3Te)voaPOL1*fse_EkvHsH3dWLAA0^>_MnDbK~w*| zD`@?6Qcj3}xJQeMQ~Vg#U)%bRNv)Jz#aGdCw_)uDiu6~PW>KrNVx{j|b!e3;YR2@? zr=phUvJ)G3f>?az=99vgGKEad+4Sx{d)60ZmRA|AJ1QSe$sk&KBe9sbXKij>Ox1aS zt5M=|s^;Fxf_w_j+;1Pe`<@I`V|$BGPKXyTOnfXKj?;0wR1+m(^SlSAYj;T-RVIeL zL(xO)OXYqFV65VNePceyW5pgxeVv#QDrG@bisUR8+k1xjGJQvUA5eot^b zst~w1pUkUoc%bnadcwJo)Cs!7{&7o2C=L3P)qi}{Lldwt&DT=IN7_aqsu7bQ4_y4@ zDYs|72RvehH3+B=J;(I?`nNR4o700ieO_o~PY%1d8hCS-Q1`DC`CWGv83BTNX|aCd zTRwyP3U*;-h|d=ZQ!|E>;!nA2T#2jM$ahoF^vwH8EmSEWd*Rz}nuFito(+|GaSj`^=)<;sYuq<3Lh(AtddZC^7?CL$K* z(d(C8@p{F(Jei%ZYgS(&HjZ(fsuW+fGxZ^N3^;HCD zOl39ySr|-jb6kMwZGzBTqk52CuFk8IHbWQVt6pNRB&3=2T{lbe&(%~=9%o3ZQrcfj zq%94|G<1sb-*gj7^zjyp`liv)(xHv=Y+x@~ohw5%l+j|yh9Q(W!GM)VFOp7I*c-zCCRB z9#3*d>*6j9*haD|IoPeKHecx*8+L^hmv{XpHkzC35K52R|CiEnkgt=n37vk0aA!3)kh8 zhsEnta;2p$El+=Y7PXs_P5n1GFj9G8!nHqZ7~OwD9B`226cD^I?j~Y|3ojI5tgpXl zDjmD}I3TG!RAEJ3IG14^(^9ZQsemTkvJ&sYsS(H+^EkSU2E1S)$%AqE{CE zQiSBtz018UnI;nfsW-maK>}1R!Lsh?I#R$_J_hm9xWB(kCmyx%)sr&Wcx1K}vpA%u z{u(w<59l=>%;9T+^)ns4%7FSft856EVG<1Vr{i`ZHOQye2@f#<-sd($TUOR>KI~tZ zecAix-$7|Op+)WX5}_L0U+iYViMTcoL9wnL=6Sg_&vV`Wve&P1M`TwgVZB5SP^$-! zD>@B^oA%{k{k&J_y2UiLj+9!VT}-uYCf;QL!Xu`5b?iQn_p;pe5WJA6>f5L$#WUAF zB=UsZHusy}Iu8(=Vk0$HH0J7S%pg_WHxxbpVxg6S?;(!R5SE6j^f-F*;KgyRQU{c9fhsQ}g3m0Y=n_f%Lp-aL*Xr?R~nV`(;7@f9Q~2)rbN z`&2Z}U5q!k-wY4g)RBEWn!@JeMa$!Xl&OouigNoVsN@(Eqvt|1=5<}l)Ixc@K^M8e z)doYPZSontl!&gAbts2q?Wrd-{VcGU&UZT?tP%wyXFYMRb>PKtaHem*%9zFIP)|_3 zGaafFkDV{$D^0nY`5>lnBtdPZC-0A5fXKe;^>6-2cwa8H-pBVW*-Y7W!Ys7Buy|QV z+ZwNtS#PAPL~LC2t&Fd{aDI(9e+?>M*rDvMJ?o3H>w9%{bV$jA7Aw^(eOPpC&PKT} z-N28^%=;v2qMEY1LVaYKh@{LOpDBp=*6L(y_f- zSM+VO-B?T6epB}Y01S%7h-t@CTDPBzQyH9JAEF*AXZ4p3aGL|%G9Rkw+4t8DL)@xp z&^TC&_f6L;Qt(=zXQ4&PicCmZ0;|BXcFU-xr(sM{W1XK}EryXwW=7q0NhsErR?k%+ zKV4y`lY;Al0*jYJjN|z_NZbkwQDu93eQ<8;%TMst1%lVO(Ti*Imr|K8j?}{VSef;e zX;h!m5sYV@B$ui*J{sR;Q(vaRSHy-ySHmMCm9mlK9~Wy9<(Q@iYkB7IqH-P+Q2G_8 zAsF#+AY7}T#kCH11F2u$a&jK@tQiL|MEu;n%_|bGy&ThBOTPFC<6`gB?m|}Q+K3K% zoTNeQ^&6Hc9IXhbC4k5o)I~`EcA>Dj6{tk)YK>_hfUQ16;yeI_GJsl@RLVi>yeT+3 zqmK$;&FnQz6KKP8on4muAp0zPXh?BCxV;n5F%3d>>>uH=m?0Sp1W9pq=2aN~HCKpi zg>X)%ocXcSHA4HxLc#=pXKf%mu!D|>pelP+q472>6)SYPX5*F}y zxQhczM@Wd}QnSKDcG$qUH0HyTj{OzAo|NV!TdpJ(Tsj#15r)Cc% z58gl0{JDt^Cpje|U^ZI%N|0$s(Be#@++M}P#o9~n93tV0wImLvwM_|c`3u0{Jx6bv z{9LO<=8OaSQm8gWvDOMg1lRpz9DF)hUVzBhGN({x61_qdFUjQg>BALatI%_pOC5l6 z65O(T`Jns(7O(}2Nlp(4=0AqeDI{Poq_)fPyXq6gA*-BZg2!i$AW6JD@K_r**z)=V zTjZ!=qkn4NS-%E;xm;xssV6>1Pz*UclC}|g$}4$@f%ghm?&H!ek$JVSuU$VJx%SE3 z5<;k~@Z&iiP`^PWg<#&_cr?oL1}`Kil`E(*T8z8 zMzUPnpPh**N3f}DjF^#YOir*K&!72v5wibr+o99w;;}&Uj6Qgbm(>%>5Rea*a0Y!R zLc8#nlM6;hrans=$bnvgDFUKFaV^4g4R`pXw*2p1{&z0_ld=El%m3`y|7`OAP5wo_ zMn2r5=WIj%V92nGyVFeZg8Gb=E)%g#bh}K8$XTx?a+_!FRUfX0Ww6nkve4W4rW*DX zlOfLVfE*Hgh?>Nmh}uokFLOULg4%h+?J^rVkLj7ALw2uT(y@lEs-&#_F-|179S1HE-QONGf^!tk3qi{+>AJ=pkfppZ=Y=9$(P_%A z<*RUIM{e>xz9P>j7_e>okDtFSXhbXfP*xX8b%(7LN77lH>3%x&r~3{3ZpC-%%r;2V zA3A=$Pip`SsSVxTOn@ir2hiyVaRbr@0r~vg#3lm}l`yEmCMHY_+)4Wn@V|lV;mFTn zJ$YOsf)c`#6tiz_c8u;f{_yu_O^zG0Gg@DTU1^m-Vm1y)M#6~bwDK2!qRA(L^7=*~A*w%#(DsoefaITo z8FfNS*Txdjimzt#=03j4RFxx(gEBqTJl=JcH&TvmC=@_yg*W*65DJ5D%O8X|nC5r` z<2&9j%*{*W>g(5GXHHR1x%^ZZEW-ZSDozEBiO;yv{z$^?UC~JXIXS2IukkW!I0m;dtTue1)tZdlh0)CdFX)+HOxBGlYhfwee_2fh=%1?-~Tj<%}x zRFtoh>$f&GiDdarNW>%6OMNL2hMj~9*8gdR%azF3Ii~1f-sF;b-ANDUo`bCH9xmo=aJn?+pG65=15vyZV#x}K1!jTbfWIlsir4Z@3lAZ z8!8FcXzvM^4_~V_GidZ>^(+&fus`n8iL;SNx7hFi<5wWX4XOPwXZU7FLdMX`BskmW2uMk?=LdM68GXGuq2ZUoc zH14$xqR;=GA|)K5s4n^nSmuh#r`O5@!fsW(i1%X}Zl{a1l$PA;EUCz-)haE)&TLbi zG`)XAr2oyehB`f1q8F&FGkK5&BS|(G=&B6^{S)f%agn^AnxkQ*#3A(carLuno{y3B@PkRm0zU8e$@a-dL!C6ix_heFl<;ELaV;_$Z+ zy*vC^Ev{xTwpa?hBL9)3yaXj=d(F*1`WzPc`dHc1J!_=g@ELk~G-}W+?2U$s_{yuO za(d`r_ISH(eOHMoRE?y9rXZR%De1(&^abY(kgLq zG4WJ&pPErD&S^AnSaU5mYUmGlfwhTQKyS5&0TbX=YHDsS3*pg1$ZZrZ7^T2rWES@} zBm+Yqv?iA4J;#H@(4Es?gg)o)`EEJ$nwgguuwRJh>et5S1{^SXvtypC?(1dVeYeZJ z6{9rbeC`q~*!_QDuwoL^{nPT-*sVPAWIA-dnN-!X#eaCiA^Pn8g6qy@0uuf#V*ZK9 zbnGsfkBoXj@VB6s7()-2VN7G6%i*x}r9A3@EW{J~=0t05a;Fat4m!4W`gzyHO1S`4 zk9SfALA|O#F5K7bW7zmPAa9`f#k}EP{`TN*Vq&Kos?u{UNoEmrZuNZr5H-duGuq7x z;M??0=@^<#*88CP2SW9j6Qk`l5sEVR^%7!yNW7m{s#bP+x@A7kPN$Cy(1R`zqKkH$ zn`e<6OBo-hbsONqcMwzgKobJL`|6mUX{;1>MxaTgT!votw*164=>luxl|H}T9bAsT zA2DdbOk%Y`txdg!r}gl$bZ^q>!3i2=fMAbe4JL%Hsjdqqd0;l%S&{@y^31utWeDJn zw3ZM-9r#hPlg=PgEqLEPb>aAoG-@`?EG@QxU$b{6dfX<`N``eQrkHC;BEnwkVEM#+ zZWPAf_{-Al7&c3Vt_Fu@alsWj7~R3>fZO z7=>m9Q@QDIxFvcBBsStWWj!w&*|`j8*{-^hrOypfRTg!Q+hR8g?Xvtjc8H!M6HKc3 z!tGUuSDfnQ9t2w_CUd>LDz;C<*2b?bOdw3JxufG@mE$xhOc zHQTExPLsLUiX)pk=+iswTA#iSWAd$(=67jH5udAIwddqgFMs-9d-JW=##U)h&9iFw zR2r@vqdkQk|M<*oaVUQ1rJ0R;mXrVdiRx!I*37Z>B}mucR6fqn&|iW*EqAU%d^ql| zK`7kmCM>O?*BwOVO`zWxPm6O@R0$V6%ph$u6zx#H-!w`*1YJz#iH#^e4N-XTIFEe|1#7{Mdizje(MkIAd`L=T}6_ zQqykKmyumAuV!kVhaZlLz43>m!3+s~Lt4G1CUaOtt=jiwn$-Cu#<)u|Fis;{u4CVB ze7(x2)yjRja{)RL_p`_iMInStUAEJ;s5wtLY2m>?pLJ}iBXZ58Kr}Dc#GDPiX7-12 zNvgohu4P=Wzc1BH!-0(>IGyyL-pHLshyd}|&5LGd=!SdvUn#Hl-)~q-z@2EFs#mPP z(CQ~CD-@UJWUV6J{|2dyG%mQ3SwKTBj0@l8J z5&E&A^*JkS3bYv_E%nK?dW`7l_WDyWU^+81Q|hF*bY9e)T__ac;0oAgYuQ25n`^RA z92(9a4i>EZj??s;3vyuXqzk4h4r1&7=mo%EneMXr7$P~akX`n?r6rn|Pn})KRGJ_L zghv-t1NtqE**v1ja}?{gdOU&PQ~cmhsr73ryB19#@FJzy~Cb(?!60o}UBp*s7ZJ6q?v zhxzrIDQG|J7)$e3LyulShLaZjy?MP_SzK?81DiNLvUi1jvT(jf94>1EEiu!u(2DIV zeREQMUok8!pWD#*XX5(!zH5@zxO~3JBHY^3Se`H`v7Istal1)LtHkvQzS)0zk-Z%n zHMjg;Fye(s>{g zAlKASvy1_k_~u4LAHu7(Z>*&_EEphBbh*RC9KxzTaZ z=gbuH)Bb2ASWgl360h*Wl~4qHh8_A#jGFeH$$@{(Uu(p_vcm!=qmAAY52F1hK=T1!%r z-(UJDRp6!F__{kJcw0IMmq=-lOXV%Q&Yqiw!>(o7@>@I{HtNJr9rZ5gysMGl--IZW zdM=y*XSSFJRA+vqSP_e<*~Fjs!;&3cG$R{_Ns-1m6ze*Fx%( zdy(e&K1~CH>FV=~@G@r@l2Zb<=O`W?$hxu@vZ$9I650g`R;7PseyH6bzd_fZ^w{G198%Ik+=~f|j@$NHxz`S(eR!ry7Cb>g~vI_3M~TxfzhB z{8OYJZ}(71Qb8~Z92^vZQ!7O)n|H7_GSsVsW}{dowa?Lfpb8p~{CawN!h~;}N7~<^ zi!dH0KNvW$o7B?pBiTEhVrEkohQZ;z1?wPns&2KzA0@BOi2de|I#0oKXcpV%*yG_pS#jv<^TS42Hwp zOphBwgKUJ`{LGBeU6ZW}rh;ha-AP7(IFxrJFVE%7n=*XuS=8vc@DtQ8IF(`eff$*q*(3~Tf10>)kDe3bBhVv{-n@3@ac8}8kw zf_J|P+^s$95E>SSRZ8Mz04OzZPjI(9gt$Yn@EXt>s^Db3WkDP z1UrlFSF-J$lO||v?Ez-)W98p#kvfo3qOV`0|F97-!6K>g#T8;>gF3zjsC__wM4pa8WmqR$af0H5of7#lrK&r&Dcqka!5=?ov>Y zWEK`B|CIC|hDNi=m7t;l7v`>Vq((<~wnT>hYz58?igqfgvA@m!RDA<_;!Xjm(nyTs z;G*BNi&Ca0T2V`bZr*~~N(A2)w$H;BF+>`2mo6}a&PY#QPGyFjZ*Jt0`YA(%`~nG4 zebJ}=y#=U~J9e;z8Ik$7G@o3-WskG)MT%y;rrs2kch~6`5Y=7;y4Ax_*EqAoGWQiy z%(3IiyhbR%BqRwH8eg6sX)S-3Efa>rO1Vy2pyx*0rY{LmNG4Vi`aWXhJ!Zg~owl;N zbXgMK*tX^JD^=u;+r{z;0f+opLfZHRX;Q(bf~~7d@9F3&Z0@W(rKF|t`njyed@u?S zaE^eGh|u9SA)SvAX1RB~4}4+XyQMkkLBN+^Db}l$B&SZrxPrc0OtWFr@kK8;#_K1d=zgv=j&x^sa z%QF)d-HsrOP~23oqDWkKKA{dgMskVlrphTI(bxZRTM8XJ4kk{caHV+Ld zBeFxF_NfWT>(dD0x_<;xY})K^zWc8O&Bz;!ZjR6#bg5)$m+?Th;~98D5WtC_L=;k3 zllmvE&u#g4+ZTv#zO%0@+Qi<-4^S*HKAUne@(hONmrL&cb0Z*Ki`WtD}opTYJg5NtLZ^20Z_nKqj*dKe| z=8GHj7~B+*_rQ@Yu?qdAM!P(ABlmRoe(9bL9`J1soP!BsA%Sp=bp z;7`sU0<}hz&3NxE|Eel0JSQ@BNqY9p$xRmZ7hUH_g^dbn>Abngd&h-+VE+mI6VM;E<>0UMM<7dD{#^rAt_FP6)Xc- z!O0^3c7B4u63_F%8@&8ClucJj;S?^rdncZNkpv~+7ZZlK<7B*uz$S0}7o&bL8P55# z+0giAWOy(gQGbxLSkeB059(ulA&@%#d76O9U(CW=!x4iUC|2jssXZ*hz5f1&IDLf1{? z{GWl>|3cS)ZpEe_lAJuotgQTxQe!A3y6k%c+l$xR`!pz5$IEE6p$72<^ z&k&STqpsKnx3XJ)=~fo*FdB&_)KYz4WM?bt>8(H9=}S2a4|FO2pi!4}gRgAUG^-LW zYuKizg*|+rSD*2hdiB9Xi2&I7=X?Vl%;0XO1htr5iA(9LnlNbLr`$x5PUsib{sP(S%8Y1j-Lc!;0kO=#l$k9#T?FSoiFXlhIWhk^+t2}zoL$Gg=&^jOr0-`-gEjNou zAda$mcyl7kO(OupB&F`xp=SWi?!qITj3YlQvK%ia-~O7@f02AgSu{1S3&oSw+ZSqMvUw&A)Q3P(CR8ruC+ zx5gm6@>@tROTUo}$xip9l@uKk9-GM`N0oe#$iOjY+R$5VN?a-bFDTA8(q}UpvA1V$7Bp~nX*SU-i zLcz!qu0D_}mouzin1i9)uo=l6on1_aHe2A2(K7$mjVt4b8QkBb(ff6vMOMZ%p6) zxH%gu7U6;mN)xU0Z$!`yL0T$&i4&T-p1(=;+T479@1;E~NO`rKH3~jumUpz=8SG=5&le`)pFg{pvKfnCiay?h2=DvgKr#&q08sDp- zIp3m9@W9&uo%_LsV+V4fHwpS?M-Uurz`*$_swsH`kN4lgYGON!sMXAghz{>rn5&&H z7aEg1^QI$ezXd*xb^hq@i%@~TMbKI79Q&8|RyHUB;+0)iWcNSPeK7D$;!CLa0{sn?E1PL&pUi?kt zKeexdgu>{Kks!{mu5NgI_@PoDyRpL7f^Ger{Ex@vu`nDNDbLQ4l9?&Q{x<6rbV$5? z`}PEk;mq|e*GN%wZrWmkL>uDDLd|Jlv+@fyoGc-nv$hc=JYxBST*{v%H~Iief}WP) z$w@zGv__g69xlkV_RDoWf1VXm?a)7{NblI&XeW> z=(&JhtqvFXid0+8=tU@{RBF`O5c=|8_V_&aWAZ>~eej2#_2J=hpS*`*5;i7YT$eX$ zbSXOdqFMG1rt7s<78bS8ODZCA(#@?d3hh2|94n9NiSM?Yj^?g{!3 zmb~x1nLN)%@6FQEGnj^wl$3l1#5M_MBQGoegSMoWJjLbf{kFFD{o(6m2rj}Ob`dVvit0}RupcNlMBe3f< zAhfX}<8_ci{`N~Ln6k{0B5@`9&WzRq=P-|0pb#VI3So6+LYD%JHPO9cblksLUJ;fsAU(2I=e{s zC1g0)o|m7Fqp`bNhK553nuB4az3DGvhMaWVYf$CwV>hxo;F9zv&~?-yEe?~HPyJK` znM4lWOQgZ%Bz*h7I1367d3iI@0M`3B69U}-PDd$>V-iD$n@0x{%}2Uvi2UI&|Ewl2 z0I2C41lkE|kkaU>UAlM$)^>kZcr#k=?*coIR|u5#EYC&c7pIVR1KLQ>@73-1XYreW zh8VI>{|2aHU96sWe(5ss0r2>u4j_UU337y-DWQt*f7T_aJ_|qn>URnjUHCj@FikjF z05F|xh6u>f>u4yJsQ*&2q=X-KcP9)#lH9xiQfaXX*+&pU_AyeM8YT<3U2Z`3aSfS$ zZfP|Cv)TCWB>sG~uMouA=4|yX@a+m^_^fNrOfddKNOP|Fgx3(0tRc9jCi9N-R4YP4 zl`5i-NFH5bK5=J{@*UZ8X6J6+XlUutyqonlt0V8zsKLv%aVZ_{lM~AE9k1rzE3h0o z-OFE-N^;+5SQ& zXQx!rb4~n1wE^q{-l8R+b?8N8sjp#8-Sm=M!RxVTAJO@ z0^``)Z2C~2uUPNHW(_TwQ+|y5BduheUmoVZ>M#(j;kUlvFJhSbuEh)39bc5oEsq!X z0nnvav_sF)fQ(r8THyRB_jTdV>RGbM7>qC*e4|sprvd>^Cv$TjU@jI?R;Z|euJ zf&t5<<9SGKkzZ{8QcL3Y4s zm&48o6|vmiO6jGmOyaqNQJ8}_e$ddP;^jNb&-p!t&SlGu31usb(}rJ4JWwkR#SEQR#X9*DdTz5Ks4Mzil{W5lbF)w6cN!MhF)mO~mUGrt{vtsRR&U53rU0J4$=`c}Q)>@1@Z4Uo~4`hjbcQKVK zEl1F@80(kQH&rdTtfX6=962-IhAj%j=ZusyJVURqh2xdtYA&eB>{Ym|BO<$W-B}wD z!Y!VPR8s^k0&>3LhkK^+FqYe*Wp%=bPT<)mjFuabGUA>&2)ccBMkFvsi7NjC;h=TW z8ksE3f4ZHJ3I9ttcmA+?1r&5|c2Nf!^qJutZe}fq%^LQnDikO{;>ro>w zLd)*}&(5c~WBB)EETy0tq2$VogV{xeaO49a_sU#n&6dl<<(AI*Fw1bxEmmn@7hv|U zXy%1X=Y#bTHL5bFq1fUkY;s!O&915CNTK)qE)#`njLyRcQEg8>vwW3_F00B+%!scS z*cevxWY-kLk^s3zbt-;3c2!ta9RFP9w#rluJUgfz(=NAq)nrv^0tAEW0Tl~#F>sz3 z1Yf#*)uc0XM1!4s(2EN@Rn6;5Db{uCrKHm9>Z0Wd7CjiLU8r;Lt9I=<*A4i;iG6Py z)%*k1Bn9TWrl}L3uT!m0SfP4yhf3Sx{roPdNgTHCwhOH>t==Bw1PH^xq_li>X1sxQ zE7ksh{h76*o!mm-5*`ofSb(0xMFXKzrBMXOjEbuL9gyi=KFl3f^;;$p5&ru3LI5Ba zG?MBj*9>jCroI&$bok^l<%u-SKO}bOVB1PHt|8dla^Q&-dRZ%@Vb53A*u@&tX9)@H z`*^kKJXugiJD4Pe-R<7T< zXV7HpJTu&|k0X%ex$Cu|Xl&fwoj$sS&c?FEgB@muO(v0L!wvC5>i`VCBI1s!lbE=p z9)or_U_^f)&j65aljF)uGb7X&5>y^h$*%CPO=reV+?q6g+Jjyv-ms;G^Ic4ZF7tkY zYHPYCZRzfI$2z~U%^YsOFgAveh^~yT>(I%`ERVODM5g95a@ZiIxr!^Du~&L9tVT9K z<4rGuK5kMU5lr5yB#WMH))0Ei^|6(SS#ISkRfrS&8}gvs;b-1L*W}R7x3rsDTlq3o z_dFK@+oZB^c4{=q((HEK+VTW#@5-RShN1(EZXW;!SKh-(&o(upu$0BsVZ2=GgK>9@ zW5_F&>eQ@x5oV-CWoO*UxG*?lua_1C>rSt(!Xb+|^!7|2hS)&)eDqt0zLd;NCpPKD z|K3>0i;-?;0>TTk4j&0rwO*|E{j;@9X@cZ|O2>@@ZiSyO(7byhL}XrXeQHSMo6?js z@El=-E~t5DqNlKqGZ`4*!fNe{NKW?x)vXzF=yr3^b{;VfSAPNoo3pc3T!GkOL%&Do z;zhmnbZ#AEk4uOLlm#3$q733QpA-Z?7EO0!vE2^6zP-J!7XU?zd%9tuwlL-Wk!V+I z;U=+CiJ_IgK)YT$2W|JVy(r8C`k@Cg8SiX`CyRR+dE;W&Wi5c0j*3|<5Yaz;6?@H- zxnpj_h$hC^JF`DG-cV)qGLu6o_?htb`b3PZjJs=;b=6B$yK!h1#Z)dnA+j&KcvVMw zCXr0&J(qHk=5lkkRqrr3pL~C-{Mist{5KDPuL`5%(37D(YUMuG2_W!YD#ZaBrpH9` zCyEpiS_il@Tu7-|U{fEAal!eLVO9kYQmlm~v7MDO7UONKp+Ge?V>gp@4%KqiG^8&q zGEg3vaQAx>#t<$;Mw}Q;Gk?brp5S$Wz&MxT)n97kKLjlsRsf*X%0L84{^_Cf|Ky=} zT&LV4G0}9v5KM@LSlO%Ow2sMQG-wpQ>4KUm(Iwz1c-D43-nT;*$E`l-)2QZ+OpL$e z0a`PDgsQ+1|01;S-O=o$_0n zPSEk&m#n4Y;(-u^F^~ZmsS1-)7ukZ2I2EpykD;b(i}g6e5@)Ad+z*@Sm`1n> z(^Ca(0)th>z0kKsl9WLb*qOEg3cc$Z=&l?xtQU|AG+$<*@3hF**}+m|scnltj3gVS ze84FLY;OCPT?dj;-+jvovyMH|d=IUj?X~>+$^7*-;Q9h? zu<3el9?{-{iOfmTsxJDwWa*zTvtGrx&3CgfSiJoz*lM$MBeCpea%xtSDHCb&+nq&o z9bVTD~>EiN;u(t|W| zalT?Zp)2dto{$OH&NT2seK8j=UXUG>*Xg10~>k0rSg0dI7w39J)mU;)3JL{d`yF zIEdOe9yv1i)@oSssXL}xFQBcKN-%_F?j?H{4*@{Q_$AMj|j!L^Ehv<{A%9bmDSY(;!vLnP{2w5KP7Cxitre z?+P*3Yo8ed&F~Q_TEC0LE8giqDRuq@3wi~=@YTQ0eBMdXEEVPfNed1g1@G8s!@!H^b9%c-vQ991T*ddu5Ck=^@9Pxscbf`vYB)bv@ga?a!x zy-%uHJIi+ur$N>`S>;6dx<&`e@C_n-@#Ngle`n46%Xtc{X;(O#3Ojl5$Z+$gOhv|= zX?6ie{o(*S4&=O0a%+`pkj3}-jHTy`rWMZR^tHC?u_$=%tW9wPJrX*25J|0k z7$x3V$o&z;ier5m4MX`{pH8eI{1UwRD^oesew|2o8a}V3so7U@cjrbCpp(d0Rcdv{ zac%JtemT<03!D%tT(vrKx$$nGe3aXKryMZ8B&qDGNz_X(TDs{YGdjFbhr*O;6unVn z8^SJ7t3LFXjo96)<8pRpwAt+CbmkbXgEy>L90{&EW%Jisi~WF8P9j-89Iigf#ENGp z7Cwj0`2?y;3yiHnDq^&%$S5H?SRV_ZMNTKBvJpx$2au&6G_DXRBDFf_vI_E$anXB? z<{4%C@R_kOz@BMLTE)f!Y(n!$WEKNn-yV=WBW~Wj*%71WywnYxeR?Y^LmADN4d3(> zdyrTIO>tmy+z=t%JMcIfly5xB=g_AoP_}X1^{ZtYvVWCrn*UX{xzG5Co((vimNDPH zehiJcnQxKp3p4|!$4|ODtvQA3KVb{%|MYREzevlKcpmkE`?R_b4gHr@$KPW81nkG3 zWH_QqKRrz@pCU3w>Juu6Zi>xyI`ldM@Jk;+Vfa6Ho0z)?rm=U;FT= z*kYlmAYl-SfONw#Q6xoLLFq=Mq{T!+l#&KT>5%SFy1PqhI0DiQ@7fH`_p2V}VP>A^ zkKcREA9Gz^%sJ=t*?X_G_KJJ0o0i~8T)ph_z5)_+ZOUxbPjMB%T(Q7YKATs;^o0VQ zrnd(Ehm=v6wBg7isi5h<_2_-ki1e{y{igS?b0d@52(R8Q2EvhQx}#L4>Tz(3kn))2 zju!aub&kp+o+y{-xUqqB_ceNhCq$fA_E7IP|mmf+OzKk5f^JBFf@ilMm|^b zGo=Ja`3TqW%&bZxk2lbKe6-H`29T)c0fxJuv)RXNbChyz_l=@li6dLvf#^(5igM0z z{+P*nxumix+39aNyGtB==h|yMCaT|+&eel?0vy5TkB?gN>0xBaK!X@RneXDf?HMd|$F$TE4Cr;q=Worm&S8srZ-@h#nNHSBU^xc}|+6Yfq;0(BS?kZ<#|(OmH} zG5Sy+K2XqfW_7$#TFFX9;OXffV~sW95gf{;`|fw%^^tdn&+E2=VMkpt(eqiT#|0xKHFE|zceA*+uQ4*be93|nPGANMm~O7Y;eG?NPuWE`IDqk=6-CU1v(NN}h#}zAq_q$%bdYtb-#1eLEfTH4D?29|t z2!cR1GLm_#AuZ3(ej-`!aA`WAu%xSfepm|#;x^iTpKGQx+?wLa2uTS=pSugAF(7fY z2LA0QMX6BoAaBC1-%)lbWLYc zq#GMszj#3yNeoFy4dzUrgrG-6Po)P)LC z{m07l5KmCd}lS}@*mSa3_W_ZPt;DI$I z=70Jz!u%HQM+TJF#Sa_qU9*w*s;pi z)}u^n)^?D$w6so6g>$U~|bl$zvt7z9RK@Cy-q|2%3Ci|Tt_`%bwdd&^QV81aa^YS7Gxf4jDV2_nl|uZFRLprndACWz<#(bZk&G| z5z`6+d~f9Cq?;^kcPQ6wE1dDw&#$V2xJgQh6ggnKshz>GJbum_R|ht#ojw+u!|*6l_P1*`q3%8orywsA9m z77<;GB<~I8M{@v+Pqd!CR@+?=6AGAIvM%|G2%G8J8s8$N;$uQiw~rFX+#*&+46f}5Q^U=RUs7x(@4ax2te_t*-&LsAgd zqP0H2ODdwo!>am$gkgwa*WSIcpTcP_DUi8*Oedq10u7)&?Z>b*39$O>CfN%=y*Un> z0!t_sgtzi!$-RdZ5mCu4us+kfWfVf;U|mx;^{$B^{O?m1RfV@I zjyUFi0dNb)(NXP>*ZA)beBZ+mGY|s_YrNmO&t>xzZ+g2w6hZC=r<#xATKvyjX%hvq zIgsi}1wZ|A3oK2e|1HnYij2M_x*crJ={MKvrH29blwwjiCjdq#sFvg`-@2Z|i2B=A z@nepH={Rr|j_Or_5G?JN?_%lz9Tzfp;y3a=@Ep>;ZqS>I@w}1L(2HyFznCpUm? zBT7}@^Ya;^J-qP{Y>q&`GmCo~Ai;)7Vl%J9!JabOTDmT0BcK#C(^cle8AOZq@71&Z zs|Q6yglrX#y`k1lmw?9I-IM-ONxF%We$Cg?<634>dlM`roth6eIHkHJ*^*vJa`Gaz zOv~JW?%oHOB-nJrwT6%P$HIxyq2c4#SB8%VD1m&gmz-e;55_UpFlyan&YYW9H|uJ* z&7*C4-cWnFB4NsI&S;Na^HNUS?<4;9_9ucU>(-dQ{8bs@FSqtX&WD2T(e^Xqkn=hF zS93m@usy=*XNeS2j#2f@?R$1Hr;xxP?8_abDu0rBu<1l&@?XTstd7YyevRN5t@sk( z^$(Yc`a?&7L(>8>U8P<}cjo&av{%i1dB{KYAe)1{_wq^2`8^facrGDh5|Dvn1>B9l z|1{%23kVNp%k!nyW4Y3;Gy3v6nuA*}jxZd$+$In>CM(5&)^9u0AL!HxnZy?`3l#;W z6GJU*W|M;ljf{-M#Km1^$8lnnep{Va3Ux!oUh)?s9^msu8#7Ky;yr!Vv;Gq08%E2- z3_94B-`PtF17V}N6;It88q;ch&G@;ppW}*Q=McG)bq`+#1oKYfgO1;_EgBT`EE*xCf{rOHH zAkBtxC#4UGP;`f{+a;ljgKs?kjWqJKvB^;GSD-x!k%Lm5p2`EbaU;`Tx zavp4xM5Cb`PBh|4cp-sLy49{Qv+$Hw$WS-BquZ|@T&oM~haDDe+SmpM)ymD*%l+Y2 zZl`+$Yll*QU*NRIa)YjRNqQ*5^qaOgvrHXPAstGOpdkK^C>}LtbS0jlfIQe6oCf0` z=fO-is(7^%9op%)bgq6kzPHc*Ni1ot?!u=&dfWUWwxkTH7PSOhKbngr1umQsEn4>e z{1q%|hcCKJ3gE-4F_Yk#g!;+1;Ov%r52RIMvet3I7XXLKPd4=SF8BaD)WX*{#?$UV zzi>e5!|iJPHCPk1j1Jxw`9nrDdhNOk>HJQ1&Ab-^b$e*v>blV$-wqPT#?s4Mt1m71 z`+=61n(1yr?$7Nec%;uRWTbxCzkiBiFr*SyZ9lQK;H@XU^3aD*yacgCEi=`1G2imS zIgiREbv~`?8)s9Ks31pAmj)8jwPW*Qouu^0^# zF1RG56Y*hsro7+?a&BFBGPAO(8cQoEbVT|BQy1YHaN|l9Fp{?r-1z+p+!#}Uju!Vg z++Pm68DUO>DiRwmwH13O`NwGp_hxCCO=+21gNe-R3~KT<;SUh(LrfPhWo<%7MC_kK z)dQ=S)u!vD6&-Wg;imQCVNT_{_2!WJWLbm6q!1c)E(=?bQockzOL!Yez;V?-k3;f) zdA)6W)u}3dF`gXOt;Y!2tbE+Mcgzdg=79yTdM2W_w&0Q6x zVe+dd8b_psK+V<1E1@w)gq!J@ydNV)+wxPT#3bE_r%C?s!BCjY6H>hA!H@}Lkb=b5+5UUuH3qB-T#uq~Jt|6y zvhYa3QsP=1Bjrr(`{RZZbVkZ7)t%Hmr*$PK2PIq2&RHz=MttWnX`TH1h`}}XG(+d8q3p7FF(fg3Hw{rR{`O}TDKC$3NH8V0x`Eim=PG3wrt#i zc+1PzAnf|tSrnC6vD0V2d{sAF9MQzcig4KjbDFUus!w?95a z+zkLg^5Cy z`%BG59IPpWDmevmFlZ^%Z(GTl0A zx;WWTfN19d2x`1A|Kt$kM~0E~abYNhFpcKXTQTg9hB7P@AmjFP4J9i*^EcAh%zp^vbx|Mydi=OvtUkzUKLh(PC<EI zkV8M`0uzIN^*iIkfa^e3u~Bops^kfOakO!i1+CAfhhi@+etQ&nr)wnd z?Vf^ybp8V4f!R#1HqwN}XC?!l+FPlLjuM~7IUNzH=6ICx+Fm5adPiCDF-!SnFWKE zi0@}re!a{|Nd)pVZc}*; zWwk3o%FtE0FvphlJfU8eW_&4FfyA=jcXEY14DoS? zkG7F8TQ4o#2c)fH_Ja)!7BkqE3$!zuy# zX2Ro#Wb^o0^WoOy$@Zz`EWuC8^~8z75p3GhTLyYgiFft@Sguy1ruhxYhlbZmAi1x1 z0!7RboXOvR?9)ZrFmBI(J3yeg_2 zt;vnrH9|-Zov=}9bonnxyia)^Zqx7cWiZHhVE_6d2UYoW#Em9oqOhZA()4~CYwl6y z^o3?Eox_1_q|o+~uFvH&3Ru7jZoZhIjLCW#s>BXW!DkQPY;m_p{!@Rx`-CXv1{Ax3 z?lFPf>ZkA`*QGmJr9I7;s6I0J&P4M9l~{}Q{a~eWme0K%%e+(2E&=cfM|4Z<=AHR0 zIDi;&hJhvrCb>I7%ZgyO;27t(>`jO?resmO`!aElmc}3?q4PF6Iy#PK=jrFp=uMfnuW zg1p`=-BJwrPtSC*(`yZn{K2UpC)qf=!&ReBdNqOIb9Zpn-h@7V23OrnN*js`D(*>1 z+BwS3eK5~|;Bn*5UmOeYZF*1>l~03{**(ptX|kv}rQv%lF|hU^+2B zi6y3)7@Aw=+gz-?K?gTW?HH8!PC$tYN^s^kP(_gnc5}V+h9KHu6y37Y8|u0;dvwUr z4cG1bk`6+ufx+N5*UM1ZaZHn;K@$OcCW-~tRXR9u2|g|6Ap|2jY+_MW#F#c_CD{Gh z>|Td)&L`eGCPco45f+zvSYyCKM02;iQH8Bgy*xAJlg6>9=RS5#~Y#@soU&RXm5o1>d&H zPogDv2{g{GSSNM|>c+JZic?;fs6RO{V;E5S3A#=IcOuqNxt9i?=tiMN9de0n_V0|} zf|}*?ps(nyUPmU3IoSJunMIAXVT6vOS9ryxo?L92TAHZc%8`!#{7V&5dm*-!R$} z(xQk#9j?QHn&5&DcXF=Buz4eSvQgQY&Z#26T-(484nf3+Pdlp8Oh%BI1tKEB00%^? z^@~-38L_BU#pZolF6px;RVE3MJsjb~ft#lr<4x_vtjow3cdoL5~!DR3U3e`s!& zg^HZct0r7(^-mEj6!3~Ct;@>Fs$ky3cDJkYS3i`#g`20*;gF5MzWcgkwbD1=<<-|- z)Q%mlJYJ?sv~hM{NNA)ZDbTk-yFq_jnh9WscSLkst^WaWh}h*oSpxco)Au(`fLw(cXwc!(RwMURVaw< zlh~@1bCBw81K$#fcyI+>aq6?E^z#-fX^wV`udiuKA z;!5}mAI*RN_KGks0|5C8^WWS@;f?;g-L5`VkzM8`p>$bDJ7jZ@aHb$j-f261mbfd$ z3wgcCM%|hO`<3@PT}gDHhKR@ouh3#n#6vLZlON7Zes(Ov;2rsU1(BC=7_HlaTDGOZ zIm-9wqM*#bEuF#Wa_f@Q^GhD56gx;R=gWrgK2v;?^4LoeoBD4aBF_rrx0H7qkS45g zdgo#E4u%}yAk>iWUmXmcz=c!8f7V%30(E@%t2?abI>uR{H+u*5-9<8gJ15mL`p>)e zJ(`<-eqy@uZGZu_aDXW6qtm{V;?ycexD=E8+w%wHyQpk12q!T7^z^My>9Tbpm*C%%S6U|7zf}fX9f!(#&bD!LElxl73c5puH#2cd}=cepuxGpEQ z);|8j3lt<9vwP!+B{P?S7 zC6r;cg`b1M+2N)?*Z>ur@Avc1Ud2zMV>7%XeIkFWen%I*@${$)?{rTj9|3Vhf`Gi% z={4ba?-0kjnYor)9sykCYC1v1=qmTLjMH3ekAC*R`-3q1Pa7;-XB~!=Q(X2kucWv* zfx=wtmQTv}lqOc{H$O`#$WI6-9IiyeJz}~C;Hvy~gF+l?Jd_ec@#~&+UwHX*hEs2D zP8U@H7g=es>dbW|NjT!K>9gMsGlnQ6`Ay>;++J)nskh@{ue$q>ema}~(vWLt-~i>{ z8#sXWUS?bRQoF9=Q2Mag?;jK`EZViNb{FNloF2m`D;k94=$K44a-e~op8K2n+$MOCysxsSWNRQJ{ zKH6r8$d}3SI04Vp^?1#X|M>HuzZ7^2zx@ff#}10m=C^Ssx@zXiP8nE8zQR92BV#B}f9y-E~AvraY#N_fCQ{QSB&|8iO)dygnhf> z`Ev8+t8moLW8Uc-0j_cb<8o%*t2#FK^+MByynDA%oy zpReX!g66di*!NS}wZ{u8zYQ6x;R5vg@2AwhuliVMPn)W1gVL59dZ)EENr&eBeuj7`)LfJ?XvhK zrDZ`S-cPb|;go+Ir|J6U0a<|i9q}{Ie-VP;b>!VeP>E9-?{r*mKvWLeM}q$bN@GCh0+Ma3Tr@+thqK|>j4?`(Cey$hYjV+m zG)(V(f%mU@{nxzWP_!R!gMZEI|F}i}n%DI?9NYdiuj`N{fQvaEDpc*y9E8`fBkD}*C9*)npzyu!+&JxyHx$ZVrthk zuiuuNQpV5Hl+0Ow_V=_oV*FA9j}4Duv-rszg%oddW*0j_Z)Y2fMQU^3|Ci0(`6-Cv&KKcC4L zU18Zpb~j@s48&k}%xn#b#OkoD;TVYuZd@XL>j5O1?!fmZD^Q=Vfw*7Yg~R?zkVh8K z>sWnpts~5qg=Zj6Jm}SOP5T=Zj?5Rb`7krQP?o&HP~kl0Y(#J0vds4X^F?-82; zI=oMim)HSxj*W?sU1_fG7+mA6evH6ik)jVaE^W}G%<;3>GE;_u0U5Ddw`x8Y?pArP|Cz2O_gmQ<leQzM(VhdkH^QarNmn?BlYX=eO}{RbbHBQ(P3UtB|Te!Vm>7fa0y z}42gl_G8=$EsF3J)HI{GZD z;)R4;I1`1`f1RTAw%V295V!;={sXk25pH3%6oa<*OE9;;7j>s^<&Ivrm6^k%6gH#l zrI+_R6(LeV$FP)LH9&Ly60V1#x5s#c+^94ChXbtoIILavaow6sKtCU7rTk{q3=VqI z`-AUGr}i`%wH(gW=$MkVvs|-?v6&j+a=!ry=@96nrU`A_7fGlN)f9hr$AxUdWn67O z9s0IMbSId4oRhubV4K4qWIa=l_Kh1k4<5jdP~xfUwy>}rF*H+a%h*qrJo5Cnd~3p7 z>9vU!BODObAmPIyZ zLKP-H+Nz0mO&R=Y+1+BFpEQl+*UF6KKeK1{r5mUo6N5F3L@ZOHj&a`!zfSd2SjTF;n zd5=Y1?l~tZ?^$Ex=%MN7cVcor*fim@t|=VUvarxgEoM*pfFQc~L{R8;piiK5(~&@! z*mViB#f{JIaL0lABvA_>^;tLrb@z1vQ1)Jsnyx0;`sko?GQ5&bGAFP}J}7^t{j?y&)>wh&a>je8a9 zXe0#X?IQxWH$h=C@La$h(BJhA5Rln!!OVU6rJ$tpmV>t0T@_h`6=i0@62{}tzdTZM z61yO)LTkUbFgTkZk%4uKuR#VT4LA`*2KGB5iD?xI6wZnJg@3Z496M{D7MxsO>=!8~ z0BknR_SVUMzAoQcdpVVabC%}0jh4LarxEiO?`9Y)>9lmxV5fUg@P`zfC;ANm+kCcc zM6+d5h`qiKORHO>)c2!c6kZKr#RS1PZQeQYc~eGHozH^8J54FIK1ECG=(JR8<%i{L#|a_(&1Me0+P1&R?3I$pFd@phg( z$5>R+NpVfFs57q$#(oPHK6r*n+^7{xq7Fl9bSPiqJ)xC}J(+4aL_|_t{PykJ=rTA4; zR7!oh*q-h>a{b2dlwdL2OFfyW0FwIZRGN6Ou&1c!ZW2!AjVh0e5432A(&Ks^+EZ|C zPyi>`83>1CfD^0?+3}kkBkPi{D>0b;l;Qw@l8}&yxnJZ={oEF&FTYP#e2>1Koo+g= zD50X#Td@#zD^2yh3a9bc!|&g}2VnaiTsyO^TMUd3DT9ziJiJU*qWl*bL;$nD_$alA#TgEXa=?K71tuylt*QfJqS{N>@h`J>R zOQfD|-UJM=7{G?wjUi6EEI-wCNpIya419{8Cp?XuqB5B3S96Ay9;aCdD1wW?OR#tI zMl6JIyEofBg>SMSTbD#^tA*rP7Y24KfE~VdK&?Xp7j_JTh3Q)Amj59+b48sYv+E@} zGe!dx+kWTMQg??fQ;jjjjmHrJ$F@qDk$$f zNzsXCN?Oe?3s}B@@St<%s~TU6dPb3#2=D9-?abNUm=ZcAA`%7aO`7i%};|z50FP6mD~6qYYL^IZ$~Q=xFN+s>hfduq5l9sxi1d{$fCBSaF?x zgR6CZ>*f-o+9>Lgy-L&VymNXJ);2^sO@62iyPRuT4t48*zb2+fLp(W5f(DOEwwPlh zlRDqp)4jMxpK)@_F7>u-AMJ*yNF$)^8nyTDASB^3j*x13qcEcgOkl(M&7mC;)3e=0 zdkSD&G%;{m#Y}#<6LS}cmOjZN8mNxN@+S=Hl>w=v;gXSdi+tu7S2wr3TshtH$G#R5 zR~_2#cR8Zb>m*z(*CVCr8+Ky0AP&j6aZ-ZTjJC}&Zd_r378sBV@6Slk% z9H_3h_F0F&gY|ZSiM}tZBX)>-YLbP z@A5tW>1M48_MUE+K&fbX+G_jrcN3m1K$5V?DNqKdURQd6cIH2}5DCx+M^OL72|GDZ z9sOyANu0|3Q;Y$6p#B^hC|{+_zWekY3y`wYJ^z-q7h!mqBwL8z<05FVx|%E~$Cq%7 zrek@jXSB%IM0d(q{{Cnl44!A|dY!a<92l!wznXfDD<*0+)Hj2R%id|5(-orMHAtJ3 ziSa~p!poQIH+$Z88M%4?j^RKx#d!I|08?kn@;F~rsCckoSx--oXN6YI4QH0bBfQ+e z1h93oz7S|8I0E@!kQ_1}j^SUK_6vQ%tcfkgExq63=eQEK@ROQeL=&TlZ(4tRxS3%% zgr0xIk<|`Zy3Vk+XvdW{&W`t~mAc&al+#_3(N5`cH!?VB!?=$E2yPnGc;!;=sc_Hr z`*-Gh>)OE#bmfN+PcN|@KBbVMZiLyH7y<^Ku!n^Mm;Zt{h$eyUT5Wt`zOc%G7q-4D zQQ5|QhwD{VMy2w3hFMP;$6<}`mm5Z#7;=b78mcz|c@JV_fH**W*O4*nkEB;$7KBG< z5^dVL+o8BP3=w~IsP zkvOs9SPwnfL6cT}H8j^6*`>ku5;(=s$!_sXPnqej2IY<-R`>eYXWzLDM)CoTSx8uz zY@h8(o~wgqBN@|-U(TGk>=42RgdiNA9ea*2z8fBg8Rhv%N5HKtWzU-Jm5Zt1HE-D5 zWAW|d*3k-$nzzs|*QlE|qzH5e#N1vmVB)4xUES#C5o@xfRttlSI5$C`$7LsNIJt&D zTsV1$KcS-8hB3jvVREWJI#kd}Sb7<($ zi=X<>eL}HSnSgq{#((L|aK=cc$NiGBn1LW~)kGHy_s2G^OZNV1=Ovu)x;XL952uM( zU>C-rB@_t8fSo}rI)xL6GH5#amS;sAn)M3=uM`>qe}oGq&jARTs(@8E^_xq0bSmSx z%+Pq@32O(f=nPiLDA|LEjmmVqHxD+F@Q~#+*XX34Px8lv2IKI^$wWD-{FFXlvcStj zhx_~tgxfwOY*NvjwrbTUP;70C!Nwos;4e68plx_&C=3dOjkjz@8mn(x77;IZsX zXppy;)AN-+!ig+2W-6iZzWXAhl1kp7*9cbt<%le}D4W(md8LZoHg_ zjd$F0vC~T{+Hrnl`4;z5qpO)Y-$1uGV^-Eusuq@)uRq{XS8|tA$>UJ&*>0Dr_Xd6U zKihO%l97?&{`UEiehxmH>iLI~QPTTL-07X*7JNKYeJCrrJ$4mFZ9z z;pST!6;Z6duqSU*RvI6QdymAu0V;zu#Ie;|?n^w~x(EaD6ekDk^m}F03gR_t6vxZh z?4cL&65P@^jR)Q{+*4i@^>a^m>D841KZh2pWsEbHs6}logsW{V>Q7f2Ati8*dimMx zfO||!LLC=&�B9$DhIEW9*h`NwM~0`NJ8O6CELPE?R{RJHbX%`OP>s>bB@$h2~?N zEYA?!cE)=QbaY*a(sHzmZ1F6C;+R{Y({mWSNJnt`Is|N4^KF~-a~#?7Y1x*~Ao9WO z#|MDS=T?AVmerzShvn3B{jU7W!NR_b9m`*Py_E`pSP4eJt5_}f2U^>e&}DHG7&_xQ zo~%G7y|zZ!9=4XHoMZlLKZIu}m(XkZ?VQCu;Ci`ft`pcS>+3xDp?yfr1I0~uLOkcbno7t%&$&V@Bvbr+^u-jI~M z%*bl$tl)20T~w8F?RD~(IV_`}5Wed`b%NHerh6sqL-FD#2Ba7Z?CF=7g!#H01bGyI z7OYezd4AZuGtqyUTi2JJfgnA0%0+0U6`QG@-;wwb0i}aNw9bBI#M0KlwFiH5ac#Z# z#BmO#g!#h6L)HsjWL;xGT0wAk{JDt5aV0L5VkOTwDS3InXc{#?R#d;q$Nzw)S^Q`s zz>Hi%W1G}vBP$7k!CH22Lv1LU?`_9=8u!r7pMC(dgeS`hW_zG@^R=!hJ|TMviE!f9 z`}-+f9v7ed!l*M^`!pg#Z-|d)u0Sy4${6=_tAYL$M_+#4Axkzti@{J2roPFUCJ{Zm z>gwv!>FG9W>zn37Mx!My)~~j^hFYptSh2j|`|`L^zksB(0H_Wr4d1`%ds#u|wVjTm z*CUWAM|ie3bQA_a<@=f}K+fWH{ruq5dU^A^I+1K`_b+I}bPoN_t5l$}&yt6mwHPln z>~>8Vk4o$8_11e1gf5AV+HppY#GOraQwM@ay*rjzfxRLLktL+=bwL`9rq(cZh?w=i znW>}Kb3z1t2dSBKn&a6g<7>KrbHrBX=^iKO7M}TZDC>ava0(`2aAk9n()X>ZFb7ahGFFIrO}PrQxPGL!+WSZF485Y}`SJmEt$XQv4zY=v?>i zdwBNfroWjajm2m|x3{+!L*JsuLTSY1X|{WX4`#l4d~tlC^?U=^3}n?|yh;I<7UB)! zhWSO6*9xRyy$w*jk=#2Nu9!BI7(SmFgYg`%-~whEy(}YvE1&rN%mzd65A?k5n&gNs zh##m?3Kk3OobSlucIG9y``HGpyZOb~EPNhNvQT`@*@jY2{js9p+@vhab6+zWgjY^#VtUub@INErISsUvYSp z-64eqwN~?rHtgduL4V#8hzSYE-@3Yh%{1IQ38VnlDCc8P-efdF1-1sfC6!W-nc84p z3B9bWg}P|P#>zKG(h~e-A5{gK6xS|RQF(>~QR*m&Yd%8(Ck%f$CFt#29y9@#uS>v3#p zgVxsKlm0vtmEAK%Zc-~(5=_SNyAK{Q>tSlh61!|q1Qy?qX4u6d5v!xfscSQ#k&1E{ z?V`Hak!jfl9D)&tSZlg5o^2*h2Iairy2HrX?c1|>{^ZB=K%9LG!e_lKOToigx(b^3 zi0??Sux!pxS#ZCkLFKuv`A35NGus)ivJ39tZ_pA+pac?fs+#- z_rkNo;QHJODDBL%@A{DAWb128bnx{pvjNT$YjDp|K&CcjGJ2__%pwco!0vS4Zf$r})IONvivq4d#xhNB^J)=`KIn zqPSpsPp@EQ1;4*mbQ&+3D>##r;}QsA(r~zoFfYY8ur{V84#(x1CM9fCVO&B!UWZk; z8MZ@|4??P|?Td44!VbCLQ0Pv=8DYNU#I^Kz29&>xEh{s8cpmQUlV2`?b93;-Wo;=F z<9h?hyE|#af0eqzW-F<*31w`i^cKPh2nrtRI6C4=VZLO9Oeu``z1Iu?CQSlk`@|C{ z%N8P&xMoTCheQ_3%7wlC)m13Yh5*pV+Ks0?G0c8g7!HC`wN2dsqN0-}H!0EVTk+tjy%$ zIc!(E`S1%Mky7IoIWO)k`Vt6y+WPOb1j(Bo7@AU>NZ&ea#l`=PYm}4x9=W4z1!<(#-tBKgC zl4x##zXry?!ffxAv1lCIiHw~-u^goRjH0(SmK)6CZWx8A5*ckgFc{~g7I^R{kIHn;H0H+y~2DEn`y`H=#B0?OPw&n!cmGG>L7|I&Qk(*!i*F$qE>>gtS}Z5n`~z>Lnke z1RuejUcqlW`;p~@=sfTU6=8&(5&Z9DWLEZAPXykF>@A}Kj1b~@LBvM)0(|)X$~QS% z8syW0kSKIHi#prWEwyvPcTBE6Cq$xv+eOB_~)cyW9MTq}hxpxrC`d_C#7a2D&Xl<>B6eE4sLdU$@;|i3XXHYJo zW%_ur=*VJ!O|5*X2g3>7bO>mwuhFYaxp4y(U~uOG*j>6?sSyp$&xS<6uFPXSNpM+; zN?s^n#8+fC8QlTz?@8UBv{T$5Do+{+xNsIce)b3}gErDah-C7yI$5hYURok0_2b-} zUM)-h@Zx9)^|Ib!0WUvrXwIUsRgbprc>zLw`P#Mfe9q*r&OO?~!pZ7sUgZ29vQdwi z-cV}s3EfJo+T1|&(#Jcg!-^}_WP~)sY*KR&tHa7WP!Ow9qV(-^z9VsSH}Vc1?ddHD zIOnZg*AjHVr;+jwok@qKiH~_Xhi9cvqM2lb^u7@|v5Aomz8Wo&R0xIMh5Ls=Rrlv5 zU;^&K9vsls`x>zbWx}CgDdT2Vs6HS#)vvA+j=$`X44{B?!73B0Mt^93BjixxR&ppG z=Nb>&B<{WP@FqkD4)AP0(wzv+qiH0kNqdK`osPo!2}%M3>rq7)Ui|o z)-)$ZxyX6f$K)6#NQO}!IPuI&4!M#$1H7Dn**LV7STu=CdUYH`jIXgW=*mRp1ZF$!gX*5F{haCJEW@FwUj;Z(;jeFq3vIv%k zWtV$`^P6COH~ihjWP^)QOmq6J$Vj`8U&&7NT9pX;5brPFgp&+2kcI7FzC793C;Rz%^^OZx%mcGz8n2fbpJ^`t!wB1;`z zB#!XYn}u$`VgHZ22aJpeV-p;N&}aWH=-(6iSLFWHp?{6S|C?r;IhN_$=hZF-tBI?vGk_Lg2Juf)S!%$Kd>$1pfrNv!*MXzcYwl2J+?$EsHI(68qjcaAPDJBkZbIji5_CNi| z?+;RUMj$Z#BZ9Xx00j2vuY$nFpm3>~?Y{C^9yI1;9{tP=5{{kM1 z`a)7+2Akoulu-)!bVY5IyKuhb&)}Bp6fdJ!mY-i7+VOnw3DbC|c)eCje|*g)v1TQ8 z`Cg{&$hWCQWMUWpI}!Is&=FvS_Wwnk#3~P8*eYSX>d%k*(V1L59K^#1SmFxnW0Kqk zW)Yz`U8TI8$NZ{HOWnlk)e6$fwHT3WWs8!KN)V`u$;cc5l!F7noKdy)ZA8Qw0RaI< zK2qEcSm7=3*oL2~0?RJPCOo3QFeXq`guLPRjTxh&>gEv)GIqHdBKZ22-t%hG3q~u! zz!)`ne@-4jxIOw!$fMu$cb#Ai&;pc@@tqDkRIY8<7MmFuSQ5n+&7|9;#DBT$tqgvq z0y?GGJ`%^MJ1bkM47f{5bD9&l(5d7v?LkIvPNZM^oCTukg855*9+P;829KqyIK;=& zT=MO~7Jrf+ImhrUo)#)!KBI}4<$ul8Ir zIDkklWQPWnCu-<>Z#os z=dU!978qYp`JD!j7@heVGE_DHo$AVOg=} z3uVy)+TD)AT&iRkm&x2M5ZDH6L(tnhHEx1`DA0fYf$>IoXvm2N2?DR1%mp_W6Ubbc zQn4IcS9~!=Tj_)GWC?$rSA8|@QbcG`*v#%t(+=fIR@e2k%f_Y^n@((1p0sKUaIO|S zD|Gc)l#qFaI?@|yh~*qE;GU;k57BTHXSw7mEm9aAdL;ylUzc?a!}9`!`(%B$^la;9 z8Lk`J*2b=SEK%(<5;fKb+@jmXre!o<3mu28^STsAe=V>pNNCsFBD3I??Ya+v z-vNi=)xVLUZ(ToW+%)M< zjZG8J7%lPVrV~ip<$%;Kq64zUDw^(Dhe}8_*v|xY5k9*dOhR93rt>=u-Xc754H~?E zYMIe#_BfFptlO!kI#jt>c_@}hZgxyWsqPvZ3wvTjLt>Rm1y`)s?=*Ogs3kiX_W+7W zgpn}viFAfh?bL0H606i!%s45~f8INr8{3(I{%PQXd9GLSB^eHMJ>N3UNU4g^3Ukko z<=<_~B5{rAsND5-rc{!di-F_6_c8woY`BsWOrvZ;)9C?V5vy)fs9U9<@iP$=(IfX?BSnXy1%?B0Co+5ehaRL*i5cE zg*Z)(-f8e@>MS!2t94_7G_Q8G0mnr$;s$*u`8i{{FW*5XuG2B8BTA}^5V(+RzvL)= zey}9dKqpG6b$Ug#eqK2FOBb->J~Qcp6kWm2mLDyf7I7aT?w54uLW2Kp3irFu(? zTx%n>8XC`-lK!cR>ON9ci&#oT*>U4BFI6NIA}e#(LLTsAMEM(wVovs*^^8 zlV1|r%#&KN_tHyCOO9nV$(2&1<7I#)` z7A)c`GXA&&NpOR;E=pPc>3#Q;I$^|Cw5ez3A^tkzX||S7i+(XNhOvm!c?rEGUP_;ZC%@Utf4Lqo?` zXWVU&AMSt}{4u@xFSc|u%OEk6(BnBk<3Dfg(hz3(X551&FejUbG3(Y;<14W^b;)`I zBO=SIhOHCX5d~~UpXse9!x2g;P;+wdJ`}{2zP{qWEF>hvJyyV%4>&@`EK*i&X$w{0 z$}^uH_I%*U$2+HR*iQMI6a6?2O-4j_esZU%d}2^BV)9Y5HbZ} zRQlSt`$cyau^Bk;mujVPdWy`b8aY0celwx{#Vtj}JfZn7K?K z#p(kmkKK{Zs3yEH>#2sdWYFxkZPWlbUj^l&hCn)-$uKAV2yd@T%;d{s#L5S$yK-^W zoz#~`OAI=e>P-|0x4YTY~?6#e(*JS(8%a%>KWz#MsoJ6Zpa??E=vAl1?E813Ra zLW$I5W;bp)aMOhGc@UNO`&7Q0P8+r~foQS$ok=W-&*Oshsb(!`49%Es=aRP=&FgPS z(xbc?1bvc|L8f0v3zUYT;0Y9oGSjnfFWIl4k-6uB`BcuU^Dd1#sinoEsYi_g+3)y- zo=^9dM^0N#N8M5y|M&>|NwJ=d()7;lx;BivNpX6JkfewHCw4iCHt2s! zoexiK1@E(4SA7dk9r)Q;hwfL`4G?_zVKpkHG&LkOP%%85%pc)1=Nn=+{xPD1cGdOA zj+PynX*VCqs|5jmw43`ZDX21nb?xf!$ZEfF&Hc>t@Tg4A%&EHQeBcZm%uJj2GgqvS zkYTv{IeVt_Q087#6)Pu9zW_OSvyIkPbDsBmCL0>WX4R!jpKer1Y`<61X!)9f_yEZ7 zhyNS-y}40kzip3`ll|ZmdKI1Op#UnBnvk9<+#r*+5)(tTCF7)5o{ji(m@2plN~9ue zmlo&py!A5Nwm+LKwVFrVLX6^3@)?}E8AFMU7UN}1{?Usk-7A(BM@C;~El@y_bOLI* z7Yq_RN#G1>x0l{GmE>Mr7{}TIo;|K4M2rC-B*eAA`WWzkv`T=b6J{Za-K%x_5X<28 zW`p~NZP*65^iAFlmTe^_@!v&#YUBvGcoYKWyUH{z47Nr}#~ep6#(sb#BL+dMMemMW zgfHYVn<&J~IVoJE1_**tH+pLh2*&HvZh-l==u7KxM8tbBMU>vmCS0hG7jyY`QLM@+ zcI)7>spsP&Z64(k@F8B7dVovuT&g#nbfnBzPGqR?0`H-=G~>2_cc94*IOB|es>#4M z=yLme)*W6uRAyBBgK2f=e7r^z`f7=&)Eh>907jul3g7hI?cc9SjN2karWE;Pt^ zoV{~iwK%um&wRx3$xgytfN&C{hAKHtK#|0#L-$#CITt^a#S!X+bYXF%3)QZHVX`Nc zVgyRo$MBi8x~YN^1vdx@HHM26JS$!JS+9 zr+u@t0EfgNF`x;SKU}v{p*cY0YQgZUh1xULNn$y%@-3Hxed+8V(Lqe&9lgP%)l}{1 z+-!x~!#l%Z&DaM+0vW}Zfu$BTdLftz>Z_)_O=${jgv5_nn@$d=Eic`lA4+1{z*scx z&)5AD^`49+(2heYuY04Ln;U~hv8zYc?K_thvBxgJe{%KWrYhyw(PC(6shHEQrP_WbB3)WwFs!V(Q|16FGWPs)&={Pf)2&<9jAxpP4YtLA4fV)i$@t|@h-9RG` z#Ljlr@;QMKBmMnn?@m(>R7!m3>Z2%e&#Qi4!gwOh2uswK#=2M`0*%`kVw}ia8*a#l z6mEKZ$_~}5=T7_%lk@dL)nxe)zwHK1$m@iODKGoXZh?B~C0N~HBqO8J#bYPT1qJEO*JQ}=c zWu_ARQ!w(&T2?|%Swubr8vG>&&?87nC%U4y};fPes97XeIf1L0i(#K*n(^&;TGANsc* zylIRKSS@Hvk`89}`0D33-jPblfC%{Y^q<=`*4+selp*)*u#^Cc87DX#p^nG{dYZNTMLABiHV6wa~PX$m9J83JhFx0 zB z)1P*D<$cD8(T#6DG4%-_-_VzOL57>-*N#KaN?2d3QKP!&BR}!)_K+Q`3(hG%24P!j~!m;8z6|6{5DbHZU7K7cc_d__9HGOAP(T?iaq1 z5kBjCt49MY?ir@{9^(t`E@B*#qJlo@VyIB1-}~~MQ;Bw+<`a7)Ik{1%=Ly$`r`Cp~ z@nRhxomEvPTxe$)I%LS*a&nx~HF0t>;lulvS;igW(4Ei8!}IPQ`||R#QI(9ca-c}) z&THM0Cxx$ z8*S5~=D<70^q$+urV{ieFQq)V^N|&eks@RbD?gnICUyIZ9)LSn(~?n9Q6XXU$MdUx zRyVv;Jg9X>%?78WU^Db~uG8|PWXIlw^A_#Rjwh-B>8^_9%}#~|5CPG!XN6Nn zJVpj}ofLES69ww<9?!`t&C)A115HP|kbbV2z4miy;E=wkfh*3NtGLHr9sQGVeR9Pl zK8<0*RMG-kKDZW3F8+sgS^Q5{sZbG}@yGL$#L?y6IqF}n(z%V1r8;3*#4-LSB0E5= zo#*0J*e*J_+X^xl zf~teHH2clA#$3WnMG!#134EV2_n>y1hLddChL#bi?yCnQzkEAz^kSNYohMc3?+m2D z7&*us41F5Gkzv+vWFzK=Pfd^#rVVP3L!U7?kM)k$7|*+$vD+#?XwgH>x;*4&PBB^b z#MWo~oj2<^*&({70i4e|8>+2#7^%=%43=YtH1Bcg%7KX38Qk?vDbQMq6Z|5WukatY zA~pXt?yp{epVEW0AbER63*q7>^DwR0Zp^JWZArxynyH z@OB?EYySZTTT!SerF}YeZl9d<2V^mF7*ZDDj^bH+t% zv4>!#?cfA=k{fd;V#i94>ylaxFDP z?V46NPQxqw-?e(cC!apK*9)df3w=Z+Z;FfU^MGv{C3;4xJvWf%8=3OWoVIQv5Ey3# zOC(4HLjA%qzx+k_ZYf?us9EYDmQRZ)929s#&sb8;0UnCp+gCO8Az&dMHlbhcQx`8;+33jInl)eEy77sU<*JlH~Y-&XJnTzPpJu zJG0)O#VS9$xYAVy&u$-A%ZxItVZ?X{`b4;Bu@N47ad?6!=S|{2p#k^rDF{ULV%|{@ zX|?|X4Y-5|1j3~gc)SvE2&5$v&kt^dM`BQt7++IL9wg#o=NV~is+RcFJlO?mFC}pW z@U`CnlI1brrGTsd0?G2wEqKI!nCrkyCMtPJP#j92Fz(Xt8%vPSsHk^`LnK?>B*#cr z3_RRq4gxX5Befr^Sq;avJAP04e{*#aQf^RvJJ>1|lZUyfAKr635H7n&`{5~9)1$l+ z+(%qZ!Ba~Y-NiE)ui)orO7-CgS(wN75$*mv96*8o&d@DCu+Nfxw~RI68kWTB1@}rL zUn3AW{rn<#Y+HuJ2tjEiY|%ElfyetwoH14lN!f@SV_Zs!>0Igz-WMhRmk*9|P9KC4VD|PyTH{<)B`!gPJ4aEt0SQgU$%1-ReAaFAO z1>qzC@ixGE5<_Ib{`I=v85wX`KN;dzcB>sKP65yGY56p#hF z_#~(0!acZ8nPXnhgMrrcR}qQO!j8MDdkuIAF%4pb5Z~08|6qq5EsBR^Gp=D{joo>M zbGP9U$CGogEp8OKh$s$3VY~(_1on=H31OzMlGYgB7lUdAD^!9DGB-evk12Kgld>kX z->y7mzDkAKH%5;VrPf83$YpQtaZ@!g)A$o`EH@vGp2c?P7!|neCHHEv1KAAU$hxQw zWJ5GwaeS|qdLIs`|9x#i7>|dX0AQ`JTzjqSr78)Thl>EnIkxeu-wyHYW@$}wv2gu5w`nOGyZ4WLl~!lg@K zsK3s=B0P)i!L-<}zp&}1?Y|ynoCgGAg*49fSDo_5 zUtH_Ku}r)8zok?VQaYam->NDW@64*U~@o$E5DJH_;#0ZH(L+W!K=E~N=HLbx=j7%qAP(5(lNL`ONyo?|y{qLqd2$o=rnO z7UmO~zypCmxb!QeXQU7eb~SLA%Kr@pdkjc~bQ(htHZ#h80eA^94R0WTK*C01;3bA9 zw0AJ>K;L}?gnf=B!y^v2_n2V%PlOfxKyf4>3PT?BH`u#yLO8^oiMM>%cw;wH#ta~i zrFp<1Y|-KYh`Px>2mNnpbL44DSHZD#7O}+J{pi1pSQ8UmwnO>w1)QEU54=rI;`Bh- zLg&S9xxzvMh@|S_2=}G2e*PKa8AA~Ifd*m}B!^NA*D&D`=D1fHQMG`;)mu3dVq44z zd7mrSzB}9tdVY z?v6fY6pdZKkHnj&&wxbWa+mvIIkt#6@KP0G8kB%e5H_;z2VT-^qLHS-;Jy5Hd4K;e zS62|a$x?@KOr>JvjgPuy>h|p`m4pR66|Y`(pmfQaA|2rq@>yY?Otl zJ4&?k^#7i8)i|PtLNBs8T~}-jMA_ZHu`!l2Q()X^o|GAlqKgRMtAeX6<9A^E< zz5ickDq;o?vJ|=KUoyXwBm3gjm$0F&mg9+b{{@%N1?g#DwB!L?zAG6g{%snMkahlZ zZ=6N#7uJdmd~(%~h6$-&ipRUCS0XqQ2mcE$-#UWJ*VxzxxO`((LR9}YzIAhxPK_q6 zRc$wI)*en9jpce+8iog~dMpUF!b$_IwFW zu!b;4P)>4Bna-c*JBR&z8;Hd&xlHo*GlUjL2Y#y=K+=per}Hq$HAYcn6#MqKLmE}% zFK1cQoOdjX@)uV=>dJ@3?EdD81H4LqIqf^s@8IgXaWk=>04-zxEidpt-thm&KQibZ zOe}Ng*w^NNO#72tYcyUlVzpoHv{11(T%v98g)G=>ea1K{pzP7l_vQCWTY8nBLTNnf z$fCZ(@6*k+(yOPG7o^>XO&~>Zq54G+1%sPi;2+iOo2AmqTKFZx*UU(%5s-DlPKBqV6CdQp0x4D z>?{c-F{pEu@2Yd{QxC4jVm5wrokj#xLr$4<9;czXG(0@L5XmR2lq3i3e&Vle`^R54 z6uvDG5tYTVUUDO3o^s%tta@E<@hyr#yQ0;iD8C;o<|3GWq{K$>ziWHuBbV-`)6Uv0 z#f6l7jFS^05I^CSLz(O7Nz9fjw_1QzS`*ZuT_v!`F>p2dk!33?NW3N<WCkkEpKDNngC)% zrkmsDep_CB0R*RXuc*oZf?xU<@O(|w^R+!uZcxfTdV&4kQWNi78Sz2lo)~NwCX$VS zTENyR25*RG$!s%&kOlBRCISQZns^qWJV=4ExZ1l?CGA{TV4D+ZHQyS-X00~IVnc{g zr@|%3rz2(i?B%0#5+K)lT|4sC3t^j)S9Fx4irEj8QE9xTbI8UsR=u}?`36MMR{gNawDsLx#T13{9CCp>%e z4Y0P zh|kaG+iq`f7l-z@jj`cXwKSR8MpeA9>SDj67}-T0as6si4Q{D9AYsUInY)xU!Yj*P z?(c~`b#G7+9rMTYmD~wGP?fBj!_wW|?ND58PO9lI0+@TfHuO?gh4b#|Tb*dClT4_5 zAt(6Ykv@m)#UmyZWQv-al+g9q+|+aux>pqx6*DEP>PGKz1Zuq%$7sp}!lBjZ;Z(?S z&>Ik7clGr6n}9c^DAkvSH7)&*izhzadDFKJ`f;h(Y45Q|Mn)Qi)YUHDD*GIlq&<<* zmi|!I_+zq>S2q4kbNXwh{G>yShiF9SrOt~`5#T8IDJ!UIlH)I1vsuaOOmpTkh%{UnVA`xBhd{3J?zzT#jWd>GtaA*h ziHWq(ic6iC6q}!)NLHJz4@6xm5K&RFy{4iwO#Qnsm=Y)X5A5~liF8VHh=!f z*GHkRMPF3-o)>+Soz0COEcqB30#`N%k73ClJ41tFGaWb2sZJzzIRCF=2Pj+6oM*45 zTQ_I9uHTlZY~)*KnR>}RRIc&molK&*4yCr%;!_Ut>ZH&>Tg|$ieHixYBR^kBj6aQIW}i=WshN{Y~%111{@ zm{r%vd2lBMHgp5yn4yMbgGx?W1GV8ku%Bsn6oBb2seEx=X|B<(LMyLVhbBr8W;%lp zRrhX=d$8H=`~dV5@9vF_grxUA2`LTN`rP3sMVb#Fa&0MUWzu=FuTP!LVtSs}q$H<| zqQKi7wlJ2vouYn|mzPI(n-8RF^>h3i zqI%CyP*P-NWf`TxPS-5?P^liWNlaMtF~eYZ1JtB1B^(2T#BLIH@dSdsvu}hO;|Rb% zm>v8{@JEL~>+vU!4rR&#+*{%6x4plftxv#9GBp4fd=I1}3CQP{iFB=de;^?UQ zG3SF%e*PryPLtr^qX`0?D&O;L`gI`*NlDTG=UNk>HFOD+AL#0itX@}u)$6WMhr{_q z!p#AUz}_PD41)~+${XkGT-8F5X5~wo#RBaq>ZBdL3zZ@3OVbJO-+MfN9`80e>8cq* z3~E@u8b@8dxxJkvGIAz;Ac|mUIA`V*vW_#-w*N|4cz7(*v3yHeIZl%jqaHj76~(LP zpj{)|1oDtw(@BXN$Wl@C9TH5(`nzrU$-yFG2tC_VH7TWoS-gURf^w&yOAL+VNxw;X z%{Dnn!c-%Q%&5|Hxvs1%H}_`?*^mpfH}Ks{J;!Hdh-^zegimq?uKjmCsSo$sF{Ow_ z%AqATA>BJA`}1N12ZyPA+3^K#+qtR54i28 z@V)946jg=O@YqR_Q<*5lWa@}Q2R)IF1ipuDk@G;OeOc2v9y2xQQpXESH^BHbc^V*| z*kc~kc(`SmEJe11NI@6+Dfi?BR%IaX2IlxIs|FdemYx#Lg6n^W7+)4%O)+@nM;l<; zxn>ZIPn-B;x6>%;8y3zDJ8Q4ae`j;qS~D~;krDklAOUc;+Z&kqO5{7Z=x6#nk9C20 z$QaNe90mV@R#?~;vl{q^7j@)h0=+AZ40QJ2gJF=Lx4Sl>e4?z@GWeQk3)MY#!YtA= z(vL*0;1-@@%;cu^B0V*C#UlC~oAxzNa(?c~si_wEP(al9NCtC-t;)t2#aRvBF94cI z3Ic$FHz%KG1-t=qzB%pAg*`vt`2VQ!%}R z=m6g%RyHPX*~?Sf1A??=)e?Htlts(~aJY^d7!TKglgjw6 zgK-A1pF@lD@;r9ksB_FB6!e3lFLXnVA6a%{p*r}S@ z2&dXVcni{cdAE3XaUesNvEp9t8(~e8Oprw3815(n)2q-cr^8tzy4i zd;hS8NK73hC|>P}c6V?=D5`T}W2r|QqbX5N-?P?6vQCJriz>FZaRn$dpOr=kZGPlq zPL7zPs&RzHbboqBKsuZKk72|6QakFY9v~Q;^5O}eeHcS?*UzB!=slAZn4}>Smh6&b zQwc@o>D*9$jK}$f@dAMHTEMAGE!lCnq?&!n#j4zSq5E-1tWlG%`$PFlz}y+MP5Cy~ zp5%h`{f>jhY&O%K=L8+BV9@0n_#Xgjj2BRS_e&c_m0XRyTL~;T=bSwq4uYs$)!}2$NT&nqrD@#QREO2olIIpCkvO1ezIF=yV%TWXc(uEfQ)Q}o-tJKIbCq$9L1b~{#}`n z%jdD^q)1XsiPZpNm(sg!r7WP)%O4T6uAY%2VRJYJ9 z%r;c!$FJkQM1kL#Pvin8z{!5TtzB3tr_b7ru zeKN6PPh~paeTX$h91_^+?jy7x96n1RP>3W z*t|hbSumS#3{H}Sv$Jz+YwI-tiMxc6%}$O>z+G;;86~(w``gbnRvhq|#_xHUcN^>? zBDA*sN9Wds66ExuO?sD`@R|keZeKfcw)3mTIgb0ckCA>o!&;nApI^XaloMe4!90`~ zQXU0^S+6%5EjF9MnwJqa&bt%b&7QfA#gc2#NPkeu2$x%H0gisGX?Tp>fgpa*5&xMpjl< zv%W3;igabfbYv$>3PxUqa5**~?<GU0qDv{dg%COl!o|=@%I2b#}&r&p3 zsnYAen(xk5>U-6T&37b>?b1Lk!`oz zp(kFHA0*Nw%+yrPFSj0c$T!=5Zm3@J+R&KG!sg)Jjuh`cy5m0n1KEx;Q36+Nx{cm} zU+M{&8%QGqo93)CV#-5keFN$pE6gL#qyuf3`i^lD!PefMGQv8a^?&^qLBl;wBUH_nHjJp92z z>lHs&h2xD7ih}73X-^WaL@;yt`FCSv4z0ezSeB=c0<}HZ6@G;uTo@aN_kQ3r1TcWl zuqO@-$N~;TG9?Hqz*>7;j`-B`S+K&4hU%h+dCG-R8xiB<<1$Z_HSF~6d7k5@Ki+RH zMP~nvVj*izlOVM)`)!Qz_|&&`SX%lA!)o`xA$-+2wpsnmr`H0_VS(0Rh4od|$4Gn0 zHm9$!c?;P!+O5Q`TQtYd#7z-vQTdVc2}J#W~R0!AtQ4B-n+KLYUTsTa*$cow|Z`* zSWzh{F-vfGTF~DAD5c|QTkdl4yP@@9qG4rwRaIloR&l5KkIp(^7tIY0L&y|nj=&_W1f1NuqOUFaJGp%^so5OoR zn5A%S(hq;Ex-vF9o3?o8#Ms+?=g?cx9Tn~!0B+J-_5F#?dX4b*t)s5&bd*`H*FyeuUPuW#qw zH*GBP!nd~g{N1tgBg2q(um!b_y0L1VlY@<#b5Cq@TU(!HpQOYLX{-%NL_exs@^Jb2 z&6%@4!W@V{>bexB@a09>9XiT0=3RPLt!=cH%rBG7!ihbCQl!vAMD&(BW2`UVdhcI} zis)Y)O!62UQ|Tj0>PQ*5FIc@HCuk!My5-AHj4 zFu0?i(sH!KqAy6O=O|^Uke-v%3hND@XbpRFFl&|*Gh@+~GIe1^^ilQ}8WGktpVAv! zUoIp~QMkQ`a=Nlz(7sISK;}2)Z%rd!jq)#Xv}hR2U0JEr?yBLzL2+wrzUHv;i9O!W zAwJ8=OD>F?CpmlNyIaxF{I;#nsV|4hDK+hwSqfHMJDd8O6>orZNXD%rMV8h$9Kva) z)Y`68nXE!o&YGGh+@9Q%KhiUhEw>eIOL0m#??+Vb=IgPXf*09m>HVMDMOgp%#Acdf z(cIhW>p;iV5S3%}t#Zw4zL`$q^f9xcK~0oX3vI~>^4>FJg+snp z!r8V~<^GNJUdl-w<(qQC$*=*%Xih`@jGO>JU4y{)N1cv7FWYL%SSM^KP|)@j}=YD|b9-_(0?z|o|4vubf+-aqxN@am{q+?d{)@7nV6i82O> z66>VRZFM?|bB=P6Cl%>@yz=mZD-+v3H23$P8rbamAZUE9Wbwwrtp9QMKAWy9+*Vd) z9+^btggnBhnT_u{rVz6yunDagRK7EKTb#{(L)Zn~sn_ea7EGxY-cZy?K`Ko5yw@3@cmtbx8#ucO7i%+%GnAY7d!P0boAyL@dQP^a}>({ zs?$(O%3RB&zeuR}vgtx|Ci)D0OKa;H&`J5MQ z2Bwd?ieEA9EjWxQtw7d$uz2AWqeNS|IM0Gi;X38b&o#KmG2ME%k33VehqF*;NSx;C zIn9mXg0InL=r1j7xp{2fSFG-mkSwgvZPB);7)wLCO6MGRE<==^joBr&4F{QUb|HP4 z=rcUM>({nc;$JvEm%+IgU#w?R=b)!hXx+`SFwT)$VaZzWBN6Swh5vS~^@W_|ez~3b zagTH}XH~NN0oaCQs3+%p{UQ3*;hE4wRmbj|xxF)}_b9T7KIvcKBU72XHikOd)afKj zZc*C0*1759;lYx}78St1wb*GJ~5{OP3m}l!v z57v+s&Y3N!P}(_?jKA^>b@G!B3?9AY{ZdEb+Sg4YjXURTg}0pQGz;0c3uumwC7~^> z9ZXOEw%8agM0YDY*~5{-MW{&V&Q#K3aJgJcu7Q6R-M)*8HhotpobTJ*4>{1(i|+Jj zZtEj2kRu^LLR)>A0j>&finBTWo2|63xyGXGuaVhyE?Id=hSXMl7ahzMeOJkp%KS3b z86EZ^s#-3>_IDaCm+5GiLgi>L^ZuK#11YC?tJ*g1D!ZhYaeG$WKG7kYeukaR4%-S* zxx!wKvay}PrE|jic3bt&N;-9ADTP060H|Xhgij()lEr60-XHPLY_%$%yrqK zH_8_W!+Iz^awyYn3k7T~F5T((n+=^%q%AWLa=5>>=I;2_Wkg7Fr&>&tmsKOQfCfK+ zp;GR2mA@0uPMvz10O<$r_HJL06b;Nq)}ooAY*o&>7NeKjSC>r!EIbw%EM9J27?M zzvpA#Y+3}nxtsB5f=_lrbzj%xU$scP^5C9flBc~>g?J)!!rSwZD04T^h@i~b{yt&% zBQMYBL3KqmO&T?>$@-vJiR^wkKe^M4i$$y`Dzn_Fm$^SiCB6>$`G#GrRT1lX?j6;G zo=EK{Ca5^(Q?gYfN6lk$+Sg*~e9PD0JXp~^fkxwEKi(&Oc$vDreWkfmo|MRGF7bBy zebWs`Xbx;`Z!g=(URgq0uF`#?FUjBe6tzrym4cx1xQ~yE#ne8!o}&TwJAu!P&dIV+ zjTLhExDojD(iLyVlHQDFb_V_4(kV|Az1=y%c5ixqt&Ybf^3W@qXqo`su~(u)#S#YP z7lQ|~s(r%`r_hK?e$YgJw>FxW`SBidGhtzqQNIPN2}(Y?ep;<1-$m4+?-|P0hQwu| zN-?zzg`R9^<;C63U1Os3Y-mVX>q*^_YwVR=lTyBR3FR!?Xg+6OdER2ff@6>gy;H!c zt1lf*BVs78BMPz{ygaFE&HxH4?uy|+P8om<_HoFaw)(Ly7jY_9;@HbZ=P90a{XSAh zGYK3$A&XgDiz*kzK~=P~GfB#i=jvsL2b^_51T~zG2T1Wo_v-11k%p_<8($;D z78=p^rW-x{-d(Kyw%xB6;^s6?r828E>nuK#iy-#$vR)XO(+J&Z@3G9H-V`L#UfR~| zjam^}m6Y*+@P_8VBp6vi#oqw|HfncuU)!W^OCtrei_>4;`Y>r|hR@da(&0`@;yC$T4h@y7pKWuYkMj`6r}T>o9gW{0zuTVQj=ykX zAor3VdbWxV0CAgb=b`~DcL0{rB&4PynAJ-WoBzzo{FQGIK|`i)oKhlIDH}2rUE3<# zE0Ccu8K@%M6)YoOm2Elop2lV<6aO8WdjN)8UGeEOsiyCNHm7gu=F z%pD8Lxe4SZoZM zluTJKE%5OqI6g2X`{3qA^0KWgJ1!jd?FNc?TiKH4F?*#EI3dMB9Yv9+H_kVo+YGqu&t z$|2jFIvJGoN||kmoyOK^#fzc%f@qml5%b12@9EVK2LZ29h+${;%R3~rFo)2>GCUdG z%i(kVOWe*vc!@XU6dZ8$qN2E1i!H0Y%H7}5;%j#*L)Q^(J6&&o>o3s}A5;euer%g-32@6jX- zA=E}?GkqWw#FcH($|cSa==bnEJop!jV&=R*e$3UKfZirX=C}avC*Jk(oC;itX>!=- zGO*L^wXju-rwyj8GFW&$#SWBM`rtBG_>w`6x{dcne%RV38vpC{ormD{4~{>1S01HU zQNGs9FQ#m*Oro@i_%CN!>;;QZ#`}ohQ50wvuC|J{lzIn`v2;ypbarn`HkDtQPdFZC}8W_8>&++P)T>o9Dc&U#G5>!kM zDRMY2eiW#|T4685yLXYpk@FUK;L~Zo@s?9Jp}3fPrsuDCQ8jt{afu)kzLezW$A9u& z{?_xuzzpcz>XXzqBxLA~XO=BmuW7XC*Ovf?vcsRr+@2<-U}!+fj_~RZq^1-| zVwAk2)e;&ijOPGf_rt0nd9b=8`gkC-y#9+^HH<^NuFxrZZ@7F+ALl(7Vd{Ttgaf2v zWX$dr%<<6{uLT=aaIiM`%&9%pnHIGE-Dx!T9TGjBT|B$Z5JF?S-ED1Zu^lP*7VWsg zaJZ7Va*mQCI*fc(ctyMLN4FpEO4Gzb3c-nKSDxb^gA3t757{sAweMCZuTjKvq7OoVmwvDLm$yLM;Gvxt~1+D4)ZHCRLH(_l$$A!GWlayFxZ!noWU?@AmD)NK0pTTB(n#R=1W z5{Cfvr4MR?PH;-b1x4MdFNL`3QmLdI4-K6bGv|B^G{YzdHs(mV?|cSLw=%pv z+v0XzJC5G0qtz|7hwJM6N-C%6Thfb}g&wwhA}tXcruXmvth2s<{}QUKp8Rf`%RQ&3l#7YU`gtz&Ae3h_Q(c(UVPd0S4a3%JqO zg)}!eSIat^`ODuGuL!3*%xo~X+xOmcEPv6!$6mbiWoq!5%GnjQMO32@qqm@ygVPRw z$xDblsE}+Y4OD@xe~hP$L@QY?{wfVbblTR523WI`pDU;H{sqkG53>~ZkV)hw9Ma=&8ahHZB)3J7614~!$qEz&>rO<34c+>=sRsKS$&puWBy z_F6(-JjX2sQ(57W2o&J%{Vc#`pNGu>6#r^-0Hk~KM1D3MAQ;5_!g+#sd90uir1%JPA$@ESu;Ooo@EVvanr;dV{<)Pze}}Y zp_UC1nT?qpe8$7g{R68-jRnH#onLqAC+#NJmD62@Rzf%|Zx&7rhqB!-OM|GX|0_{0 z+f)MXLYI#^F;j=xOVYX9WX3#Z9_g{qE3Yh$m6?_}u(zAve>vnGN`_i!t{r->moym9 zPb8skYOQ8BS{Q=*+^nFkZhZ}!PCv~RT3uDM|8A77J5iH6TII&c{ z&1Pn0NizC1U&nT%sNd1JJdD|*h1^5CGG&F=;8TQ^m#yHM70o^JqRPB?l))=PxMGrz zHTd0`T`BgzY=v+u+BPOa9El3;$aQ(f8I)Sp7Gg{ zfGZaneo=Qu@mJP!R-{6QKwxNUK=-fF%XEy4Ga|UXm`~b54{jZ(HGHP>9?qUocql) zuUR1ZJpSYL;e%=;TH)vv z3DvE8M%UnJtCmki>qAN0Cn&g3x0uvYywmqC#cOV7I>!P{-AJCD%oh8+{6)XD83~J` zqIzId!97dqUZ+)^S5JeND9o=cuI0`qW)9|!7!O7lFV_~&(RDblg)M4-?i^imB#%_L zs1@|7oGH2Mcj(A6h2-Vt=tA_H>yPjH>8RE=tnDzLD0lmg|LVYq(|8FgcCL3=D1Ym* z;!vW;n8fLr)|N~jd>MPK=8U!BWpk$MU~beF(L0r!I(CZAPRoZ^%idgMEvZ-l)ji!oA{qY)jh58p)S~geO+k+w(`l5x-$+4(+1pnniB zWF&L9#+<_WJbrpN8Z=mmf$S%fUb>q6M5 z#l1)Z57j^i2h6|c#N%NM=O5UCKR0_4=Lu1o&!K<2pH@o*xeFMTNY^fRhaytkLg^sU z8;ediw}f*|AuLcn6e&K4aE_XF^VXUNYE8kU^K01L#8LL0Pp{cic_y?z>t0x?NFirt zL-n`XwG>uc)Uj1wgHZ_*dPQ}0X8CxkNba8~ox2lRBQ(&K9|6PtPPm;C>;HB^qOT}a zA!*lPY3Svch8L+BigS|mxtN}^^>G9CGmy(TL?;hh(JN&rDd{NqnOOu^%k0J% zMiwH&Dad+b#O#)@;Ek4D1ltxbM`Bqz=|>e>K;gvavN(>nU&C6?R%N=Yh?+&v*rqP> z%6VunKLw4S&aUjBMqfFRVRo&3N#QE;EI6g?@j4|&`cQ2p>CjBW!~O8ko-!-YRg51n zF+1xm8_r#xZ#^|QS7L46+S(=o5AL$35Bbe?kPuopc7DjE+z?Hpa2YJ;l!=ecOtK>q zs0#EV=Mn(7Fv>f_-dNS7zn#146g40J>NSJSsI@1xa&8EyQvieFSCLSpQ8Y18>I?LO z91H9E4dYS90l(tAKGkKreVc~!|8@`bp-a9`Ibd5oOs^Ql)a9U79whg7p2f%ia!4Q^ z4;mqSja_NRb+0M4PE;0DpA3dYmEp3=qo|O8+ zX!p4vXK#xfIxroJ3@q8hGC+S7jVBmeFLu+P-qaN#9q=p67~IY=Q{Ng7_9^#Z;+7Cq zv@{~pUqPU*m!8gc-x%p)X2cJ$*sU4yrG4JBxBFS zu4KD6sSxABp}Q{q;I0ivb{^Q%J4&e_Tkt0)Bt`YI&H6~DI#PY+cAPAdyP8PA z8cOF}WAPNc! zuUxR%9!JFX@Nj9bgFPMTuq0glIWtrkA^XeC?s`GQtBASumnMX^VZe(jL#%4Efl5VW z$sH0dYsufPI^W5s4+HYV(KdDE(ed@HmW9jl^LaUX`DdtA%? zCEvgl7QVlv5SF!eRnZ_kTU{i1P9Qu#CbFas!$vE8Ewhxp>TLjo^crsI>jO9r@^rJl z{LW%$$KD5(ez((Yq@lq>Oj%jBD-Vo1kd&&aua6jRzan6PdeDzY)<+>$yc{vsmqY)U zobZB-UP3~`b>aU%UbaCgyX&uB04n()MC#?_tovioH(a7lER&yHlJlE2D#-C2kdvtVk|7Tqw z@6Gq_?(XbFib5D&wI4{X99^MbRs6^~V4EW80RpCUXl(30CIY*lBwW*m`zV5+#D;4Hfp5c#Ae-KnTkeBT0i4(LzrK|O zQX@@B>gwd6^NoBxFNbPRMrC1AlfHVO3hvCNbRWH_MM)^tEfB{DdS40q66=3zi0AS# zJWBBe1^oDdU0KE|CY@>L@2aW}MM-G5ztgx4dWZ`qrA{i`x$=~W3xPzak&k&t*WF_) zVQXtZ#-rmDVgLE*IUy%InFwCC?Ym$|krC1m1Wo30D0`t;0H(@PX%n>VpSz37G!QKn zsu8DDekBadu%5}aH~1+TJTfxImi~SUQXVtUnVy_Vzp;+;ZI56Hm5%;|_eoHX&zDi9 zM>d0&Uuf#;qKKSve3PGlp+UgNp)QpBg1G0oSI?`#>4UlYNT91x5XRN4^4Y+#HL&WT z5jZwL6ej&{!Uz>@Pa^%ExZv5TPT`+)h3r9$YMwg26$PIYs*-KuS971^PKOG4$3l5@s4h{})0QPA6V^&t&Yxe36 zA{A3FiD*^ADei2rS9(ev?c%b^rq}fJ?l>?YCgKXg_{7VGS?}@5aknBzNA1DR?-qm8 zxE8HX?=`o!1{|tBMkyqK?(#D))7rOLC3yAQ zJP2MdW@loz4|wF*T`jbHC|F)jC1ipk+kAjRHOI_L&~c?qIw_~Tg*C-TMa5ilEGeOz z$OK|V@<3(fYTH9a$M=I+QT5|c5gs=gpuz|l5pxY0lfE8%DKp{VbnF{5pK?MZSh-;M_~#JE zFU0?+R0595V-fJiesJLiPT&VkjE`S`qIdW1UG3G`zI5lxSv#YVY&)ZRaKzKIQkUG_ zov$8NxI-Km_*pOGfn0*?Z?2#4mX@Zy;ATJ#br$3ln3ulPc~Pn0FJ9rvP|sHQnj7DT zm`%HE>QFU|bb!z19Q`S^?#Ms+;jdS^EDsuHf1o9~D;n6U7yrOjl4QNR#W#+%)iet)!6A`V&E6ae@1yJYyDR%eS4<3jAa ziE?#yO-b<6Cdk7X6J+%JhOrMS-uFJ}@^GL$r#+Mjkp)A86VC!M zS>b;Y6kfIJqlo!+nVY&lrurK{p^MO~jwsfa%kH%WrK!sLtGC^!ga4h|Be`M9Uj-BMD6 z8+T8lyoG6A^cQUtbLqhGHzhH zqbzQvJm%_Ts;ahQ)+x>PUJI{kiH5C@KOq<=>=c%Hjv1ToNC1Lb^>s41?d&^<*&>|N z69*C4DuJT3y^X^n*X3VIP}@<_=b>5GGQRn|$nJYGul34sVZ*%#*hDC135;!k%L(Pn zOE@ddO|Y5C9ofue@ozRWN#F?QPF3H|%;S=XCFiXRu&B4_D}OhvXYvFiQzC-VgG{H+}YE3En@SJ{jRm$p1sx|DOc8C^yJ*|$>3W`*POn6ZP6Ya zzn4eeX}C+${=+>Yv~XhGj1TUNX+USK2Q7ifQYb&;(1UwQA%Vp%6*(C6q4SI|dgiOE zhD+5{ih!dTnQd!sgtyUUY;>k707opNM>UY}21Jk%S)o#jKxU(r`k!;kd(jnIk8mUt z>R2i6k~pp&fA9#MoBZa@g%sW?-h1p%bgZxeebMuS+0*NIcyR10c&Ymn&vRUa%?*k( zO2>9PPT1ao>}Bc32mZnSN)1o0@Vh?4OC1p$dTRfNw!aLE^485zEv?vZbm297voHHmFTF*>!hLb;vVcDlm)~s121wyES%S+YAXT&fKkOIa#Xu_e zn0qUCn|bG|tLduGFZB+6BfUWMO-`L6E}ZP~TIf_LyMqEb%%byx&(x*AG2X3W9y*BK z|NS7B-P~N=_)l<#{MBTO-xyuK>i4?-KIVDGM^uF(IOJdofzSV97&rNiQL5OYzweQ8 z!reidUB7wSEf-NT4V5qJEwNX0ynnB0bgYF0odFK7(+KE~FARWRV#LkUc4X!~C*KJt>Q5QZ~< z{l`6B@SISMfKkFcbf7)wMvP=3e}wVid$iU;Zx(bA+)dU2OFQ z3nscYl8sx0uNufu4z*s0{QK$*duLz}m(Ks+3ZIaHKDbmc`6YgJKUsQKF@!0SBC#pD z^Z(!9xYM2HUlZJ|Ijaa}yj^4%|08Gp&Cm%5CQZNLE8hb2i_cDbQ5=|wse6Hu|4-o@ z^nChP+q#AbkG5;eJxdYWLF$@{q*Ucosi64BLCPcTY%m7yQ3|x11%0cG2ql-i~iXx9I%+3dMc>2Pn0O z#ihwfd&(w1zDucwYG(iG8GpQj9J>S}Xed@}2c|$GMO#VT9>lD#czCY=X@k+fa_N1A zrgunfKw}SpWbW>NCpxREB5LY1-z^@eKON1xJwa+wQ}Xm~fze-gysV8yFYg77A*C88?L5Pdlu)YqL67Xbu)WaX`)I zmpzqxe97^J3pg~dkbux)hVAF_w2z<71d z-g397Y(#i_B5vHrp#$IHFdY`PI=&a<=R08gvD~$OHhVl!HDKni!9FI686?RgdMwl{ zR{$a={l7!Rz)Tt?3}c@B>Qj`w+;6Z;R|PT5Ho8=Me`W; z_wqU~b%qM&6{hZkkz#-0`Z*amLCxsChBWmB00d$GuYe%%kzph%SuTi@A{X_N5?f=F z{<3v9$3#D>3(Lhb6W6)z^@sB8XTpfG4CIX+n?t8+Lb-MBfc_YM18GvLs&U@G&V@Rj z(Q2nStpsA_w8U?pp%H5cnBoO=;(>>U)CQ)uqsIUB+sZ4Cfp}l$OBE91 z>`E+8&q!O^7Gyzhf56eeF>$VgV?Ou}yy#ajnHxY34G`pTJdvm_6uyRkSz9xo`GDSD zz}D`Lp|Tyy|8hV^lqTo^7@~l|5Vw?aEz#J7f3bOT_QWL7e7pIDRug18b`>LZcaxiEM-I^MC0TLAsJE&Q2Sur*bf56KvjjS zvpavSyBBQ;-UzmbgVoVsd-y9L8)wE%g4>~8gGHs;mOlfR*gIHSs`<=HsUyUU+$R2b z>PPE|ok36dg8#W>iTrQ@4BYhlE^YH|uwc1kdp-db%I$JzVRpugb!bPfXn2CgS5^xl z)6x_DvN31T$iG{2@mrqNNYAi#zMbu)lh7%2%Jl|@q}Pq;codd2E?(txKkl<~tQQUe zj>u&*jK4(~m)=%P1xIB)nVqwrn#6NXxiYLm5>U&Xh`(LK$+HzNNmt*_b@Y}k>W1up zn-KQs8AkDzb&awM>KXq%Q)xw~u^~fzGq^I^aO=?t48Uj5_anexjM#FP7KUY|ncAfe z7QmEDpLhmGAy8sMI#Vx!_U2p`_+W7&yYS@+t>J+Yy z&8oXmZ8K=}3WwnG%L?~2fyZ4n!S?&FxBzk;4KcH0TE_R4Ric=U;v}`0Ex;|RuK_Ek z!mmRS&jj#G%k9)s0tml+Z*qK?SQD&wG0(OGfZ@aghVwLt-7XonL{L_e%{O%4`HuFh ze;@efNBDdTY&BP%I9{H+yQ?auWWMRPj5&H}^qfkpsWL)vf1v>~-PS(1aURtO7GCx% zb4EY=nQop3acK27?3A0Ppobx6&v0`WENBmK)xCABboxxsj$Mr}0I)2U>cwj#pXxTM zh|d0(W2RQ*<$>Em+DtNZ6y0)URES#ASDJ3<_YA%{g(Oij^}`M+xuULS7r&gKaWFM* z1sbXV$tA!6MU%{zQi1D&b`7mTu!Z*Lnq%m$L2LA|RvS#fP!cz_Q7oBermLCAYSuT$ z_?yu`ey&#+?`fq%0c}DDo_VUba2ZPaRd~N3+J~wutSDkOwWxHKy(?~L7s+StSh712 zXC>ru64a3+ft~oO8bMzS9K0TLd!7n?8jl=XScqwIUi6*o1zaswEwaCX@ zK64}U>0Zmu)}nuWw(n&nDyq`84UA@!D`<133E9zCiV@>e*fElH_VW=_RrhP9nnv`* zXyMcu0BTxmFkayRHmu>}w+8Y|0C1h`DEx(BKYM~qUy9yH9L!x9BqWLCzeU^<<%NC{ z@&6D898PE6Zzo@XQr3`+tK{n8iq|Ww@IKD}`HNqV4qmA%uZU~xu5$J-ztjwd?;H@F zjY~-8I0^^{MV&|hht%;Uooti?!D3|sW1%+C5>)l1-tl8rkewCWo2w~Ue6MfOS@qUp zQC-Gy{A}c3ccYb@+#~(f3vkS3z6&b(@yum*(}c4sx?-F)n<30~^#!NVf)${2vcIxK zljSHcsgd(YDU#dJlAXC(4TpgDHV{E^oJmd$4=7Hc{Es-HE~^4>8%D&~ZSJ2R#ZD&^ z$;VzBNA|Z(j=y}_d74Z|d1LT}bR8pCcs|n$ZEWqv{tMxL>pS(E`$!<&wFmy?UG1aL8U!Mh>!vb1uJ@g+bnLDNwnw4>nRQgrUI;k`@uONj2;DC#@yhi88P1L|kG zpZu4Z_jTdFBk*7@ozBdigZ!xA+>2-@H-c?IkOYD3-i2%kh8TYl5`BfR_FST<8{88r zL}j_Fnmqu8sJnf{-VE13LUOnBoa8a}CA3G8G#ORbThqPd4P?C}iCb6>o-6zFm4>j~9`bgh^7-NZo0 zP%Kc4GYzJneZbjBO;bNxg8mpj1aO3xjUqmPETbPYhFo&S@kE=$!s}f{GJZ z(b|Rd@31X2hhQEQ?~9T-SOnG!cx_R=CtD^s{`s5)yegyBUFu_r_<|8Gh`F5$t7YCY z?r3Z5$fh&){xsQXiYj4HjijT7Q6Lf6JsCc{U=eU0Qj_H4$zsT_xKQS(D>NEi=AQh!P)&#q5_~(dm~woN-3Hv?4=vU#kYLKOsGAyt~6@v_`UjQd6FQQpC|(SGTo>6z(y{KJl@NQgGq(kecq zVcfs)R89>;QrW~yd*AkH(M%kjpVxNDWK}yug%R4^lMRlXfCUQ>GyB^DzR9)eV|s~$ zjCgh9tAvCyFmgk~st!6JD!x?H$MlmBaCfZpAxnbC1Ujdj@m~hkU6L8?Q|7KR#TSl| z;k87Uc8U?9n%jQHe-s|{M<7<=j`D#!qlEWCd`>1p~E z$JrK}+^*H`j_Inbj@t8_&+{I!MFZl7U4&eLOmecZpDCUya{r1qgL zv+^@B$YSMWH86Yv7E8`7ASf1Ctczge`tdha(>?oSJVY&lwsz$Cpf=3dFZg5djuoL96 zJ(Agfz7Gt@=H(qK{1-9#oc*KW_TQfBf9L=umzMM^J7_97`@7dC(D6>+{5Co>g70 zqE8y_B-o#S3+yJCMK6fj4=-5G3Tgj3MF|rEHKBq9q9kbe{GXgT2d_Xdoq}88BCkQC zv>QCaBz?AYuDP~0tE0xC{0Y?e`R_#d zw=bcV#Q>wt{Ip@Kmi(v^Qo^y%xBQzsq}K)>pDm%qWya3t0~ z)fZ40Ntzjw?qCo|LNvL*Z?2x+8h`Q${l#T7~I|4T_j+eZzra3hqJT0 z>eG~as9*x0ffOZ?xGcHi=_?Zd+z1GuW=coLyZckKM6+Rq(L#uo7gvyIp$bxh z6-vp|;h!)ujzE_|Wg7g^3IMi7@qFJvd)NDxGLDz$AO&#+vz$x?xAyyc`-|pZ8-Py1 z%j^D87eR($eP>$Wzl`9YytxvQsO9Sstr`~WGPh7~vHDeYvMv_AnyHDPiiis7tY_} zs;4;GBU^T{9AT!YrnPoTfF;sZN=Z_Y1T821?g5b&ubQ}lK?9)JxElio-|o_aW(-wP zro}pCf9h;P!N=SW1?&{+rs@W^hGh|WSS6gk-QHy6rjXrn%E$!6TF}8&dEt$0P z_|pu&SjdkvCpI_T({Dhl5ET``{Bf}HC||fq1mei}cKUfH13;?KVqMc}YS7zwx#$tz zu`>WOqVT`F91g_uX-)@CHxV%e$Uk_2*7yB7i<}q6w$Ro?!0~YF*~Hc;;^`RvxJ!+h z=y^6F1qj3kwgn?UKq+-jT2|&oD5d_S8q9wKN~vECeLOx2J+4V_(e*OKG+~zA@^BV_W{%d*r=fMKKDnRdn4_$DEbO@rRWERRBLmJxC0?>-L!v!GTS}J%F zv4BfD5SKn-0t^ZA3?vGmI4)8s4Hg$bED!upfxqO!(QRVX+}NJzW9&E2B1FTgOBRUs zbAKy)HPf@&Wv$nVT52&YtEq$uwS08A0rXQYsy|jW{1&$3UtV3Pn?^9n*K*bF0ml_8 z7XAwImS3NF|E+TS=naM}i#CZJvzAcZgY&MtG-nNK>9gr3p-vC9GV$xQv7wk|t`oZu z0yF!rg>Uu~@BGU+ucr>(=x4ZJ1$1hBlNk|M@dljd@(uvr9o72pt8I zTA)@t8l>Qbzq$PT7tyQ0qQ95pF?7W`vrE~SYtBax+J8QmOIiyduM*acA()=Cxi8pq zSh$0T@f?>ty#wg42_RAW(WO#xh_NSZy?&yl^nnCMx#Rw%%KrY`b0&xHS@K|4sR6Mb zO8`M#e8nOD#OIx7EFnrYfA0wjEUswA7b0Oz?T_Tpc-G&fVn5hvN%uhb590-=1UBLw zwt^_}o!HprEOH*M7U3=g6V}tz`<4uE;;KUO<$ zD93J})L64Ql69@M5JJAcxU-E2t_p8X!wPe0=$+ar^_F3&)1bZjMiMz8GI$uHXYz%k z@Dlf5#@z!QpeDoMIY9M64VgKiXQ!zMfd_f#`&Hr3#9NLN3NXRthq@C#DBYQLeXNuu zinAi9$fu$WS8odDJ-{zQF@XC27_fCC2sHGwjFx5 z>f@h|y@^%k()a;%Sg5|qOe5D6>wx0z@hcsltMG8>@E}le0cim)w$ac^*g)3cWzKNQuj}`W1P|3 zgq{Jb#8WCr6_oX$)W;9Fk_nu4Hb~x9Vt}-~oCo*Fz%c#ZT!h_*wcXjb7IA@r6=V9w z?lSp^uO|6 z2nK*QM-yAjf-=j5YJfyBb;_R#eUl#qmyij4;)e0c$)9GI=jbfZ(+ZhFlTVnRwjr1kssc8zkC0WAI_~S}iC2q<7 zTI09D!N}-`+S)N-m4UJ{7~OnZe^B7J1^LfkkZYHAz6{Ai5zN!okSGU}rU>@;f>#y( z1pD78Lup1(&nR>Z31n(X?KQcCo93+E3|En$yi#N5va8}l)pyBtWowrv$5N68>^1>) z+H7t@K&6J;)D8qaU!d z5cE)4fJKch<&q=_k-*)!n*rc%9I$z@PMGgJo|V?OEG{lSjgP z2kTc;2fJ(-p#@lAWx~OF`RC6ZU~s`dl@|a-_6I2ZYeB`J{dR`S`YJmpOD>S4-Tos9 z0Zs{W?B61w3ss^FZ-RiqZ#Xw=s<(CyXYgpJG0VPh?pOVt^wT|DOiR$QPP?5T267B| z-Gjlc&4AKPCwPkpotD#Mh zp$zgf@lFdXmA~)6)~ouG^%4gtv;Vv$C-?_<;D^Bbzx!Dxh`o&Ud5zK=9`?ATI5jB{ z)68L|(B7qMs$ii>S9jP4H$KPOmAb6hJo_z?c?Lh%R4bfSv?; z4xq5$pcxtXNDi~Vmu}z=I8J+8wU0ZtqMl~;M7rJv;9Qa58RcWd=U?(t&`oCVuYYe> z8nog-zP|y%1j5_}Vh)SbnEXXWAE5DBME57`dCBUioFh+_tzxB2ku}V#ql0;wXIG8A3 z;L-e}V*r2wAQr#CRrwG&H#zvR{c_{+P2!+ifhzsVJ*M8?Q&fbB6aq9>oAj^Y>5v1F zXy=7YCIMwtAujaBXbe>c0_Er-`M-6eQo|oT!Wh}99_#JS6DZwrCW#`Kul2v&3rBZF zkqr)P>N$cIXblQ5?LTd5mHC}UDh^~UfaIe#1tt!;8r1ao<4(IJ z?Wl-G%S}9hW+LBRtZR5t@a}d#*!Bbt`7cuPn_d+JXZ9OgNvgLf5bZ=7cJ=h^`X=iH z={22yzG0F9L=BdUB}JeHWOsa~!DYQoe1%Z}1NqcytB^sNH%W`IL2PA#A6ykeCB3;B zp%#=^7gng#*;)($5)RM8)teO2$SPFB|10-^fFOaUoU9bdSH)dpf1NK2K^#==6%ewy#I^85jW(@5YKN;$ZW|`g|u~n10%$2GV zYyepBpXAlQ38=+kQuGddG{FT`2miaVJ_BL!BP)L;5RQ%AVtqE43Vw2 zg2C&c-QXjg)6C+!?qD6Q#-GQ-bXNc&hiHR2RNX%p_S1LV(#wD2DXB2J1xf*iT73j@ z9z0dxDgnFLxfIrK5=;^B?+~WY(hp(UbtUktR8=%O;J!!$*e$!i7!Sw5^irW_#2@nt z?QQ>q9>0$u3a-j^5Na1YJXjda2J8jMXI1D0U(q~DbelD2h*l`Q5fDfOc3%B(6M@qQ zDRW3%Cbc4dm(8li+3IC}b1iV?uBqa*B@vPXWMc9Lc*@Yuq&0fEPuLcF9`zgD0hrJs z4efkE{DSNu0cybu`&+LpI4Q4OEGXFj2+O;M!Sp2}=pIAWr|)>7XrAlRE8vB_KHw39 zbOHJNtllJy7#RL?8!43!7~mpAEw~U7nSMAJU|0o8GC@yhf~8}jYjJ1H&BOrh^^{@> z@W;**(RQ3=P?%cD@4nS4NQf`If3IZOxts({F$pWhClYgmfB#{NS1b+w4zpd#r~rWf zP7Nz@^%B^{nJo2HkGSTw&SrJ-BgQ}bo@>xxhMQbzBZCoKYg5mk%S#$*{Q?95R zcc*%eFsof^3}N*Lw~2X|ddJ&^z?g5!XTx8{XnvvKg$-)lEy$kAW!FqfF;{lrj!{LFIcUK7?WF8*f9V2HD+j!rRBYW z%b!TjH#(kPybO&1DVWk+26w2vPPrg<*GR^*YAL<#O2+3z%d{;&hZI^lp%)@b<^rBaQ)`<@9rW?1%AGpTs+$lL&G;c(_ST5U( zE*NhS7>_wzb){lc&cbeRI+#DYC|va2yP8=ty|cs&R`|XDmE4BnbYBVjQ4u0 zK*sX+I}cm!gK1a4n1h8W&Qv;FTh&5KeUp(g*zj8L*|Aok-FmQ8X+hw~u6$2(zdBKv zFo0It%XP0MA8dD>a&s77ZLzC%n2sWe+1ZIH(}_8pi94dva+nM%7=6AzekK{4C4sasL=HeBq5}s2A^qEe|#=hHRD* zmGe<@l)!-lH!I~Zn2}6g0AHpg75KoOE;zk&uMG6J&BOq4JapjuaRc-G^*0&V76-Ti zvzl62;I=;!OnY85uT4sfzQ{bFK1Ox;eRL7(@S_Vfm;6d%SW5a;+KRGaW#Fpe%)*>!QUBadWh050?g3Kx(~FCL#Acw6 z4Z?4Y1-`?A4@aVo=Fe*1t9%&kFx6Kum&~ZWo__yGoN17#^b4!q{@T_jff_R(VM*RDW zigu=W4&$E{7%&(e2ehBeZ+VkFKB>bYI(VYPPz+%425L!A)4{n?xDaI(-VNaMK3u-7 ze>jjRM5J5es#&EYdUxVI$t;EF1FzR!A0A;pP$-H@#wfGRa?`AMF7a)f_4TzbG4TfvFcm&B zO7q_f8oo$qMk-z&?=F|FjGz{{2spl#9KfS#!_7ST}kNBqU`Bjrt*)2_ahKphK><2|l*(@0AyoT`Jr&+l$7%!#*G2Sa{{;Eth@F=1@NQN{`ZvEed`E9AEY4e!r8su0aK~?@4uH+B$LAy{UGcr`<@{W@h=|D6;o`uN61bP1HqL&Ku2Fbf zIzlVCJzlbJJ3D2P&yE1lrzwI*mbG->3$;0)Vw*n{tV0PyZ03zevbjWFyLN41PjwS9 zQFp;+)-goNvNph`0i$nVD^P)5)@~V940oH93<3I?omj$X;AN4jiiBHbvuD^ zl67?UMZw_9`j0GPF76GXqVEKjOfpWgmc)WFi~Xk(#8I0a%=tO@^OgH^3h%-kx7yYw z8FLvn>Kkb(telD|OO5`7JA` z09nEJ5$0v|VD_Qwks+tk4h~{QAA?`2png=ueCC5Ui$t+qS8|u*ZjiD`s3&d=`*&t$ zb*(tVz3u#Qju2eEFkXvycmef zZzbbN)-P~)NL#t?fAfn+_(wa=)zjHj;`Iz9gkd#&JU!uaSxAbVot?CZQ-qgxVRFlM zu`}PCYR|=JrashPe16stHDKd_N=j^Bvf+|TKx|VckHnT~%33{B%6g1dy0X9i^k8AA zSUIZLx|xmE>IARLATO{z-KXVbR1am=nfc!R94S-B;ek#i7h=l<5n5o_N{QIn8LL2Y-@KXK7z7XNGz@1C&5A^X z#cU#$OJ#Mw>s)~`OtLLG9k6JX+>sSt_n~xMc#!)v;Pa7H5wU@p^B(L&oVb577((8k zYn&(%#1s!gn)p|pk+7Bv*Tv@m?Q^lildf`~Jd)(cKN)FB5aMyi+V=zo4mA)0v_E!o zD!%AiT)Bk^d-v`gkt&-M%=~HcN@id=+0<=x+E<~B^-1@BIY(#KM5*ey#FEnYH9UrP?qS8q9|ypLM0E%T~JM=Tm()o|BN8@nOsroId|G2u`{#wT|pC z@Jn!?88luREOgw=?b%$DWSwhZ%*Zj1$rw4>o4Kwot0y#3c>C3vyi(jib_3eW232+V z8>=(llI5;Wp31#-Ht_ypob_ybo=pAAWx<_C%Tn|4Qoik_+e79fh*9L8^JdS5@wLxx z@^dOcb=GRWTew_>hx%wU5x&>}_n`FmpJZKT0Aw7U$A}huy?!TDDp}d(65L%0yjC%2%Q!QM>hoO3PxzAO<{1Cbl z0!a5zS7^72GF2g6gT6AD%~Z<)>@?84YX^ zZ#wMg>{-g3(r+p&Sn4_oHDv?zYtnMbGI4yt-z6&=p;NFA?n zHaHb5HMg}~&f3k@qYo1&+@f~ZUhAd-1$LV16lJ8}{c3KoMqY{&8Oej1obLE-u zu6+((!@W|}#$saKYaBdM4&KGwmoG7MOE;Blo{WfWkGN_lAeu4D!92EZq3MN2%nF|z z`tmr1T%)d>e8)`}IdOl=u8*FC3&wF`{@ok1w>EYs?$4fA1FLK9N8P{I2288*K>U{7 za_RO=8Dd#_-hB46zT;Yb;(|!PePWqXAu=AB7^k(QDW^T@1Q9wAfz9PS<&K>IK}ym5 z62jz-A0K%G6A1OboAl@0*LL014;Hp6rEYF!m zh!sN?z?2%l1F0C-)mI5JyZtS?VC>agcd3UKIj9Ubs6 zThoFvA|9DmYW|30qkDd6BWCho_mVBCtJUjZ$FMtdF8+ca?1o(=@yNKF*rF9)fT4If zFXubO0_dc3z6;Wx9Jrz5imJb?m>kGnP?y7_b2~uzXmBa}B8@~Ok6cYo`Rr7;5pd;N zjux@%#yagq&F_;)SvRGh*4TLcC< zhZSd}>-m_r#1W?aQ_SS5@X~&6#b?hNM($feLB}8d2H4HctdH7Pe`SSeK`rOWTa@r#WVGWN?vQndbl!cViiS43;cwL>+JUwaNsVlqq$AC{ z+-WZ3h11%ZR7=J}sYTzbNfL8ya)C0i$Dc00BQBoU6%op9=*qjk$uszAsyU<0jYO-? zS|(8@>N6LWsak$FfV>O_B3b2XI&DK8qrgnMdT<_1zjZ0v>{f5xGp=zWSf8j5*!+%7Wq|rJSavAjwK^H~(`VEd!)~`8(gB}w zlty}e3qbPv`?^t=X&|3Lf)UO8y3w00OhM4xy@6cFNyRR2IW`)Gn3+1FAXo&!28bV8 zo{j2Y=%*LWC0lG4)?Lbxvbosn=y0Ad7r^G`R!zS%K1jsip@0DYRYZh6nsay4O88p!W z;itPqzOkIxZ8}gUJzguD`JIJ`L7|RqD-a%*gfiGN*^8d7#cXpz)ze8x3F-y}W1lCF zO;OLuTrNk=8LMSJdtY{7U|S@bkuAWzeThXw<+}K}eAYzwq)>%1{#;|@=KkEdj>L>y zldjM4n%Q8f_yAYKT+z`Xw!-_zSg_5Bavd64xtf>Lp{r4dFg{m710TG!LI6s247Y&t z>5*Y{_hyfFjBPnCo@0TmHrY-2_xt71w9XE75$1E>js!n|$(MSUWs{M7)+uVa5=GnQ zPdmiEeEAYCr0ec}-dXv&JHC9A>U+2$kIUYo9j8?{Q*$(z{Dlh_rtt#VMegwo+6SnO zI9c_7e=O58)~cAYQAH@*Uuy8&J-v8ItvGL5E5?OiN!w}l6>wXhKs>Qqy(~j_uALs+ zLPq866gtuV{aOJ-=JcqAGq>R@Q%VX&IheUA!v{T$t~iQ6)xph;6-TaiZJ9x?_T4&v zaExno28p&~y-TcRycZGk)VA<`tWKr-d;mLD3JCaS^LDdzYZtIb!yN;Av=Cg2rIDu_ zLg7KU|VK1ei zeOq^j^+KBnxEBA}w1wnm07|5@Rd^c=3O3Ro7=VY(e0WOLU^?i5++ zL5rO9E{btaWN>PFt8Y5G2W%t(tGXqJ+NX%SGPGGMdu5^plc1DhYjL^rU|aw2{b1P& z;x+q(|FL4k98}6X%et|Vj;IrgO^^e{h|CUd!UQ&?&hF&-u|v)0N%D!arQ0K|*3wrv zpTuqtQ-p6t;{`tb_BDYpQ43i3T>4u5#$d&yhcve~bWtCa~hrrS4hL8B4*w>?loZaWTee12AS_KbsSO5@t?uXyI zeQ&9F*#&wOe4$=-3IQ7#pjlG^vYfUHhTNkGcRVkWq9i3G+I@M3Qd2U_-b0znatzty z$6AQR&7RHam=sPBk`!&1?RDim?O-~k59Wm$;2&`mpCM+71@TVWbF8xorKKQ+gYC3c z&h=)!D1xoPiw1xHjWbRDvJ>im&XLn%W`^X=OUr0&+Wi*}#xdIwgPXJ;t901;kW zymW*Ce+Y=-dLO+fiFVZj`BK2s2)YX-GQ z{XR|Uh^0aS(bx5j86_V88;zT4;}lEmS91m|uiVTwomcV|rjx6Igt*qRY&4`ZZ>rMA zpGr7AE5_yBtVU0&YMhYs-t1eK1M30P{C@7~dAk~)Fh|1~xp|L!fKX)Y(fF}JB;W2&LhQm$IJG$z=r&W=b`%G`4nv}X5ZmJPLWttPVhCLZ%tr^#Lm}N`kGN(;Hr?Zg5Lp2-;10=^(0(X9n;)~Opn<(Rq$tS&q zc!3T}yCgY|n?_`v7m103C$qE91m1T(D5r9HRQX7wv;`QbZ78Wags2jZsIDP0`}!Vdi&!+Xa=P z6U6HxEnwXfK>v!0?s{7~oPwgJ9dgE1F+bgDjrJ48(GWSXCA~Uq^T+H9qyvIzO#e9AKer82~Aae z3L!pc;E@U47Czd~cHExR7e43M(4(F7(aXG#xisENG1+C$l?5=&jzChmhJ zC8{9AR6t^2?a;i2^Pf!Y%p$m1S##bRMBy0D*le!mpuJ%nPd^$7h=BRpE%E%=xez*0 z{SpdVtCdla+~u|hpl3!d(T}1d&Bch{Y(&V}dT){bDxE4;gCHnTp&-D|Enctw9n12E zo)LS|^=a0&Cen_MSD|`DC)T?M%p1u~n#1`jg~r!g%iFN2TtZpMX|g>GyG8)U)wTD< z!@7~#bfY)UzesSY2}8fB8I%=Y-oAZ1M{l#FCP>h!dQjn4w0>Zmg2u697k7AUr*38dN>A!nBFy!I^ z!KJL_`|q4vF{7Oht4UBRFYw#Xcea$x)+a`{$GE0{UP}7TNt=Z7q>Hfz%Xx)_hTY3R zSUBGyTT`&GAQ9^`yD+pp+ymydb1ocgUm_$7NOujmVR|uM{2W#AmX^{%_zM`}e#giA zgr%s4#-|4p*33=IA+fQsIeUbJgf<<`XNEPEb~a`aP$8*!wtbUDv;CtdD9`EdT`f!MN!Kjyj5B2IN>P>- zJ&iAcfTg&AJEbxE#tqz-E#XP{ct|oA|LMRhC%V_-zUeQTU zIZ|_v`cR8RN^)mz+f)XHn=v|F0yayJPd#?WM~sw(D8@DcsD2Zkzm%+)oj~a{BchnB z@}SsmxqGlsI2o~Rb_O56)ml7k<8i>_LGTEgc8j^(FXQZ2$1DL>Pp)P&KP+ltVKLW} z?+>DkNBECi!g*wsHC*nh@k%Higo)sht|hpH3Mj*h?3BHUnJXG8OvG7#%c8j#7Ri30^h=``i`5-qY)$RTHKIc}eEw;?~uZ zAt{S#rX9`sj=4slfFBC1c-85?(CH!j%1yOW1K%M5+Gf~Oh$H9iB!lMg{%kw{?xWn{r59i}{s3DTK)Q=_ zi4B}lTl0xi%AEOoi2&daXSYhgTjWE?hK`76E*GiODj1BtT%E-TB0rqx8A+T5afXwJ z-U+mVehg2-DbJYnIp5Q6Q8$f|`}`!3vY^m{Qph*`0=hy#9pdDi%0r(d-FgR##ufTZOP_Z* z)v`rllJ+_Yi(cW=8(P`u)KbLJ+ax>)lst3xZ1y&6d;e^Io=plEpC7V>UG*c(PSybE z;eCP#N?9wbf;sKNP-QE@%H-8<#iU?-iW1yx;a*_X~`d_4Wh-=>&D4 z$AvTx2a4(3YB2?!2@FpMN63Zk;{>qlE`h}C@%R|$)cCis{`0^E$tOsC1MrC=Fw4N; zHZ{|dPc-Kbe|~>$ii5tQIh?CQ*Z)wQMk25-$CdDKZ3m=Eh~_RZ(I2+)$UFqR0Y=L^ z5%qp~E=1cUON3=ASvA|8a<-?H(l%_~34}n@#-MDru}h*|_YxV}=(CO7Th9MZ7p4i^ zPG}y~rH~*U6Ma>#ro`~J?Xc6lY1kb@!W)l$q+;vG{b5GsG0va}qT7F5PLT*ka?qCO zjeWe20uFZJWOrfD^H*oN9#z0$1LfsSR#S&Nx(Vw}7NhXoCl*0|lrW>pXWbdv<^x?x z@&l(w&t2a65UyqEDGAOc6yODWJaLbL-@0x~KJ(GZT(coHPzaZE7nNQwOF?oZr1ePx z>)Lt9dQSXTF8~PVt${BdaNS*->^f`_NR>CpOUek_Oa~zE6)v-nTXw@qZ{85(_k7(q z3%fNf;LLBE3Jc{5;mZUKIzM86wQ_?In}tqQ!;2R;cBcarW8p}t9ybygD~Q8+TN~RT z5ba;w#lOchqhuHnwv?Sc>pi_+0$GUT_sp(I)$k~}KS1}E2{Fidz~)pwMs{X}o(LW2 zA4=~|GtaZ(2-5^XURzQ}A{5%#02w#vPXOW9(_B#yv~?FRmm1byARSAy_ ze07oq@Cv)&VWZU&Tmym%f4J0_o!Ah>7?D2T>C)_-ATteG z3*@>O6s;F?(*W|UtiMvn0Kk?THp}1SLHH>RoITa)gD)OOxm=P7=j$}4Uie7EWO9uZ zJ5bRaHp#=TuAz>b3(yg!rj)U^`Q<9;ZJ00{c%NBu#G7E@1k?w=K8<6q0HoaCvYiyr zjG!08!Ggf>&Jb=;eFj@tN&iW(Y@h>q3R|&kAB*LcUT7|x2%}-k4FGIHhpOY9mPbXq&jE!HtQIG6>)z`kh zK^9z|!y3bc5U2)Lab5gJCc}_;0_UI1JU)v2m-2A04Ocp#e~-gWfGZDwe^~p@ zN}W(a*GPZ?;D6sm9jw~b&5RvBBZ6@)*+qDGhV5TOyUZmmgirVF(K;Cd(&Qb+fk-c` zTZpukL%(67@A6EqD^}#g+S{={M@u4NOVKBEIF<@6NH7X7fM#(X$3bsM6yL~DXPh5v z614>5`*PSw^GGqus2{b*9<9&la;Hvh4GhpveZ7q3ftg~Prsn12v+?RGhr81y@YEVY z7uTMkMaGXqdTLqBZqtzr((=@7=McsRDt04nY_id!iDw}rO@=j;H7s5MR~g&ZCI?dbM%)hF^CziC1Nn(D^f4Y~b5wIec=b7)34d^*V0XMl z9&#(AB zBr5<4v^!aAh1Mq>`zd4zfl9VbjKRTH$Rg_bySvssn*inZp0X{IBmJsJo*y6j#{W!c%%-TvdHQSDZohr|R)}B1eNy^IZq?yqh!&px zWp*6sGmRRxoU@<2aK7{E;kP-p(|#g!UB{YIuA)HkJ}eQ^TAg%&b} z!n%e9XnFrDR7k*ZHR+Gz^XBQ_W(f9Enl{D_&`CjO2YKb)_=yeE8MC2C^E2VkI(c6j z=ki`LknzK^=RPC2;O-2s4pG=CAmXFfF^2hH-|Bz~Kxd-rJ8|w5$o`cewx29^lOjjQ z!sFM-uV+54G;=Pu4v3PSO?60KM_iA$`}blGh0Ii@&}92!69vr7jdIQxVX_5Vn& zC9L4|k$9>Q(>w}AdSxk!^rVz%DwT&@a|dcEFn@~z)9AW z)3DRhWTg_Xj6=agf;1b|G@=voR?rJ3Ip9W?sf6pmx?tk$M1zBr<2dP5?13$2tK&fjj|~cr@Hts5;PU_OZ4L6RGS>a~~9; z%mq+tM3QrPjJo^QwCBjs3eGk#1{STp#Smp&Nq%bDVHqK*YckNZ1uRS_W#F(!G|9x= z!C7{qz*$`K_0C;}2=y9b(|=8#Nibcs3Kh#UhIC>SiXYMs_3z(i6$}zbt6`(+0QTAG zc4WH(M503drva@|7jU1RhzG}UNRk}EnE<8ButBnRNb%h&jxc#&>oP(ghNOpNxIzPF z@K4PXhqP?w)k@4-As1<_bSB%2CcXF%xv^?~c*$XKHgWzhFfd^l- z!W7u)!Gv)!aGVoJE1*%jvi}RxTw57mYgR+`um}t~DmKncH5%glWX%3m;6yB~GRB;gOJ4p0XikFs7 zEH%o4_+d>x#_;+ZD?l4dvl@yY+*QSSMo`-gsV{~+IXzh@Bo^ld+`xD zz*Pt|c^d_G;7J>!P;W@7(4I!?0;d^c~Pd+S#X*!Lqu*p@8xyGxa9C8a}KOR$%7M!K_=IjqU z_`~$=67j!)IQW|_|M6Sx*(TMJ2d*X(xB*WU<}ow}KDv)jH({dXY@H`?34Gr^Fhep! zeoU80*z87F37<~cJDMOLKZSuQ_ALPtU}-#nNj}Vy@wo^Q@hoJLABSDO0lm}WM?^&K zeje?YK-_{3%Y#*R;QZonu%u^rsKC}C*GOZiIl2ISX?z;;4uiS+27uHRyO=*h>T`R8 zR6xsDJrp1N;OH^KW6u?XpaQ75E(XB5ect_WoaGmx>_GedEtUTu%fJ5fS!%_?-T7R{ zMqyi*kj|u7<130*3mRdU(J=M|2;D(oc^ta$WE{6OjleG7yiO-YE2k9hz^@AIFwVoH2u%Ku&K&+5 z8VmdE+cm8MZhE=o=_kZ?_Tm8Ba}s2?|M!XyWr(l@{?E|&$b+DAa@!xSs#86d4ss;KaJg&+pf^gk}D53^}^jV)`a zsI{n+D>+_EM~9g6nDu}!8UWQhy@_^%X9-!oz@ig1GYcK$^U@A}P}=hr0B^GRrw ze1=ex7`+CxM@Ujy3OwHnU@zk|EjgdbSpK{mOgvtk zoH_O*&KH3v)JtuL{3HknD5g#A#)cM6KoC0;u46wjXAC?~ba`nLqVpeb?i4E$O}E9>dlkcH~Whr?8wGh4fU1n(35gr)0d7D=;$jT9#jbk*0OlG zmJ!GJm0HCJzm@I~vWq~ET~QVS^w`-MFWikm-E6%{^((?eMqoMo^-;>khF0TMmL=ewE$+y_Qw4O_fNI^W%on za%w}4VZD>Do*ttIqm@wDU+lm35IR`igLO0TmU+1fUj@XBlpE8yXd_@iv6i1LxBC2$LL{Ov{{4!X_78_e#b6lHP@15@>-%jg!YAsa7R19@X`QD-x<3rZ_ zCr@TAZqTsH-Cw*C_im-ZH+?FBdGoVd`e^aF5$a5#?BHqFB7%A3e%^5d(7qM@eQ zUls>tLi#_-C8HdYyzAc-7pJrOr%h!^txz8O8A@6Z3ys2FqG}j^f`eGdujN2K`2tFz z&}H9ZZaxFfRU{t|DwFW6A3<%WmjPDoX(lH_os6@jG{v6RrW%Ze6X_)SNNpz&LXSbL zLf*wl_pd(p0j3-OgTkUY5#tN?_BH0_E`}Hngu={@^+lt6XszAg#=NgD?5VHC2YjUU zvxCByG05T|N7MUl3mmDVjy7sq1R=3Q~D=Kd;N@z7pVOf3Cj~$i%;&DmC<| zI)S*&GF425YxQoW9h9fi&;W?=CSV}ka&s$>Pe=d*j7b0rVxpsyfSBOEP%QkTF2Ld2 zUsG=Nmrmv;-R(<_jO@H9=i`2?PxUGTdRxp~=MEXOC(Z$?`(ya&zQ{K3j zDppZ-y^Emk8wDfvCed$`o1ozOi5D?Q{ehlpAh8%@NSK--82gTx$)z01q|r;<%gxVD zL+(-m0%4*Fdwlr+Qu=!>V!G{*Fkd1fs=ImY_LjsEgFShcYJ-oc zfxUg{=QKvg!?ZjI#Du*&e4=KGK;$zkmgwcoAbWFs=S&VcwY$(-Kkjwj`bVnU)PhJQ z|DQ`ayNu#xy%z+pOiyjE3|~;;l6=wQ*Sb!|g_5eZE|kS&w?>2=xUgdtzze)skKxB= zO3|Y5od=~0FUid{R~|*%!!3?Knol%AI|5;>GD7*R+P7yk^XcOu`ork0!!)AHs-|ZD z^3sI&mQ2_$QrCf`URKlug`=fX`2BNV6>_N4H~o!t$!!s*6q(9h!tJbr2^FS3G%@Rz zik43ZGbt@9hxfNb#{{Qwg#ws~sH)cSdpLAv{G<_l8@ThEld12%`y_MQEBim>U-T9{ z_7LDSkD(Zb4SoB+V1(VsLaZ0gfNQqo$kiAV}6}#ev+gS$RnJjW7 zqe~w*#*pff=@I#|NG4Ed={4*AW?St24fEo`S3W3t-$uD-?!UTcp{wj)o{GM))t8BA zk`M1z*_$yD-oxBJwpyVvz!=Oi>Pzh{q0(_k2>58iL=HtCy~Fthy*^eUiI-=Ck$n2~ z^(qI6fl;OHMK7-vV7E5=VX1?mqmTHo^tisWtXMPE03ax1lY_l%X1=Uif9 z!mRF04HtGsy8;G9DK&iTVI7wQ@YOJYA%o(#*iMe@FBZG3WU#xzTxjv*+KzX3c$fN6 zy2mXVq<5ze6@(cjwn#2R%Io|!HtT0{}OmCCcd?=ZdpM)LZ5o(Kj;E+(^$ zHdH-9^BCpcwT@Tn10PhS3LC4?P8&L{Qf=I?qbGIkmW*q<#rE}MgB9WjR`IR6m)4h( z0&XOi3+(s`gw6Tih1`>q_F+xvI*C5Kf*Fie&TUqU84WD?j4KQh9|-vilppBlBC=Fv zV{M(!V2}%?EzRh*7mB`{x%%+|dF;BD^*0O^O+$JrUC&_;93E$RLt@+W5@X9Z??EgL zbilR&xQyAy2&n2iF8_f3?OQ1PVLsPF8F9buQn9%x zn5C{H8jsn{kCCh@SsU{|39*b1Qjs?X@815p&gjsxRdc60{f+8-pOZQsJZDj1jDr+7 zSjyRBYk#l=)DFK%(py7v zzI*Ozr1ZEu4HsR!VMOHI>=eG8fDbJV-i?aK{(p_fju-?jbmqGoo_9yS5MpCvtCVHj zQA=>cax5DYIbI>HuUEZ0@UksWhE*d$S;Rq%64nudmt%$Wa=|m?Kr0-SBSC<+P6(>4 z1Ia2IyVw@b@lJP_On~T2JFS=ukMg(B3nl|R{9nB9Ob%v#^B$YDq9CHq63d!28Mts3 zWmYYyCR+F3%p1>IYSeC*On&nV?z|{LMvws^gQ`XsE8~KK#vs6+kJChcJnNi*q$e-O z0!vnjW;Au~#6v4GK?!t3xJ272B^Vqwo-` zuV!afNBCD|<+c^q3JM04vAj|wR5N0wGKms1@Rf7SjdGlv#YHEfe(|~adMhfx% zC0c`I@I#Ek=fn&9pAiW**k`f2=QX-+g+BZU>-VldwnQ4eiuQI!Gnwn9aYI%?CBW^6 zpP?Qs2r`evRD8yEv7aVh_mzl*JYG<%^Hvha4Jt12Tl!6@cnBML z0{P*j?0gS$Pd3!f?p@Ptnnv{qr=5A_GL`-77lgvQXhtbp^)oaqBIZk~3^1 z5lj*TgFd&i()U(;u4>y~;_2QmQ3q3lnabi%o<21bvx%?VghWx6wLiBnIWmzzG4wYmp^$9y+NXCG9wy|0mKPgc#gyH{9J6uLKw6m9By z<-W7;o+Ed!@LuTh@D?lBE#X)9>Vg9;|d6{ zgK5NU%!UI*Z=aIsC1hZCdR7m|E^VBN(c-BZuQ>4E*>4?7#(r=M+0TSv6EOmQ7fp0mtXFV^PrGeWN91qkCx_2Plf*cT0(A`7?GcNaSJNt#sdY=zXTML4Fpbx&@3Wmcw&-Uo&R6kMO zKP^tk!D+E>nWa;r0_gaF3>mplK6Vb+z~t(8l)T!pCmx=)V+MvF z4v&a~TcDnW)E=wp2YzBS1-29TVW!bJ!(M3NP5h;5doy1bCe`ww*cKndnXCw51|et8%a_6V^P&Z(p7gUQDQRA$r`Ajc6_@TJEu-d>{w58jyCJh1 z-*U&N+7i05w0Y+N1>2%KyYM~4`)pqxZ?qrt=WTETllU4;y2*Z8g_ieRe=O`Q7J{)* z3K2qba%jrB|8X(ULQ0XC2_Oo%3*xMH(bVLP$`sc;3r^374B?%1lQ@gE zIhC$-^{cWfAnsfJO>}msF&&K+_1O>gPQ(E$ae_J7DJnNs78avo7V39VKK}RrEO~or z+p}O@R+-T>mdUgA;Li&9h)G9BcX#s{zRJUVts?UzUvjQb{AV1Y^O=PDPX!@ zcQ8>o`#Ec%cI4DxLZ)(eJEJ@Ewo#3N+~?})jud;7m5FrK6ot}kxzA0CqI-!VxT2Q0 zqr>O9KJAwPY6ibEofSx8z@b4ln9-A?*wX^2ZXou|=GXe?yPX2JT`zYWn+hMgon1|X z*7sxE+mqbSg^6=6DPwf*&ulZ{Q%%=#-kCa9#C+ma^M{7mNlD9>6+lmH04|Kg#=>eF z7Iy6{mL>$Pf^yDc&}!v?8vQ%&*W={YCEwg+3yNlW$9)gcRC)5>U^PupC@|HzvnZ<% z{8zQs`kk-Z!tNGgTM-D0V2A3J zF8bm@8e4D~nyrdnpl={_gugk}sp};-XOCLC@Xr^3HJ;@_0C2dj&)!ryw zA99v=CuXDk(mBn+cC0Vkm8sej2=jj)GjOra)?SOs7p=F{J|kHn%2bqct0T|IzMeiD zT(vkB^ZqO_S|o_K?X2$#ME|1#l@$7C0om$$k3tv2&;~a?H>DoEIzQ8qDU=|p5RX>|2OWOiW zyPJ1sA{#bICQie7U`*VoUq37Z-6 zFZhMKg4|#WCi7xhaq-wx6SZsvW3JJN zG6jPz)4tzx;sB)`iGS*`yhqrVVq0^O@=_2(#N~Ez(B3iwU;KGF*!sFMMvpYTu!{}cPWQ#@u90Dc{Uil0u))5!TMk(-Sm+C;XLv2hR_Zu z6aYd|FKcTwe?nlLpECHz`Pm7Mv=%}Jg-)YDk@RQJFv(gWemU;?LKYY#D&r(tfXdT$ zboC#FdX-o8UtRwIX5$;lxmDf?6c%*SDf#%LaJWC@P6~v*MH{)vS9MZ4zMHAV-%LCk ze1+gv)x8d5kz);Zvk)lImBz{YRE+}ZKUgXuH3)wNMCoMxtp7>v?yLn z0R@0AZLC@jM4h_+rR{n7!w?8bPJ37856wye${CY@fEKrT=Vx%GR9Bjj6!8@miPx`R z^Dx$yhXn=2l`WRaLhzz8G~61*JJMOOx5LcD)KFpC9>ZqUueLVZLwO1BPo?G-gt_M2!A2*3J2-2I!JjD0@M7TYk#ISnAId<)61-p3P_xPBD%j> z;}N$^4@T$!jW3{=Rt^9M%Zh-MI5&?4G?4MLHr-{}2l86rYJlbu?IJ5`6wm|JeqfFv zooF5vk@AT@&0mjphJSreEKoAlW{EonIYG^}?B_AIwnbwcXXPT~Bnn<*UupZCv|eJx z1+ouax3(Kh`W5A1#w2NBsBD1Mzb#zfJ&E=y?rg=*f~uybW~r1r7&!z~u~hY|+A|;i zA#_>X+gMu?$4!IyeN+S+P(HD}_4Y=8uDwO11eC^YMpvbqWT@ZUO7FU7We!q(l5lRp z9BOdm#vd&6AklqZHKBXjDnhOr38pp4O=^rU;UxcX)lF#%bw0NI0gV=DcIweWcV6_n z(@jq==|8NeFHOCE(sP8|?*ix@gT{T>3L82ExhuQdod+$dscLo>^j$fS{fcU{`#=E1 zWv6)#`LW$lAYQGGMzsA(NNsmFA_QFbAk^4Mga`q27L_K=^ z8004UX%;=%MYHs>;pPn?R{)>B2gzw>S>;zE;JA?KVm~|c=>;u0uSfaUuU|tVBJMsm ziR7`GNi%H21(;4T96;ozEioC7pQ@^Sv$&O!tkspCtO`^y1E}I1eP-p%)c!Z-CZ1+7 ziJ{R>X_f-6AaL)!Uy z6aBfO`Bfoj|)lr1@jRgMz_mf3gWjhD5ne{VWj)!Q5k7lbgqGh{n1I z>}c*ZcyN^`L?0|x2h5k&{k86!Si#@JxLU8%ScAK3u%Zi1lff6jU*UZF2#zBzxb?$K z(<^5gpseKid!TTUEy?t={39-7hu`>o~R#wnUc_OXsCy&Gumfb3ZAPup8RQ0`A zGlmb}B1I)tDFj<;e0SqAf|8+2}nDxysbSD6UEl7?`mc!exhm7CT|26xzx z?GaL{wJixb=1E7(CO>G)te_|>j%7vccD5)ev#G=h7 zAl388lREGY`9qwLuXZkJ$1EECNnH`7^^50KXLTr%-Vb2i| zrcQmxU7;Q#@ff-duz5G+B7FjFSCO;dUdt2k_;2bE`w9D@C<+9O1kGg2Q{Y>nPQpVx z(uj<@%s(T7m~sei?H_HKBi#e_8ceEcFL2fx_JVR zZwIu1r#l2Zc8jZVh?M^M`thW}x*XJ!#?(P{J}w4#XWWpI0?C351~!q>&7032J$f`p z3V1NbMjX_7gGL}WZ3e%uYPE5?K44?&=(1Hl{jhTU`O}bsAoUFvs15yDl;of*>`{(o z%WntZ2CPr>03OW;vSU?k!-IB9BM2=kF_8`lM-t}cVV}cRNmEJ6FALp3eLtwVe(di( z7j#y^`u?3sCGn@!sV71xp4U&hKDd?Ph-b@*TR!JKupT%HJ!fF&bJK~Q zj&5r7{bLBo5I1XlgE~0Bs)?)GYBWMRW-ZamV7`qQAOH2zlJygB?_T(y()5ER(}-fI zTMlL|hFj)~r{2m-ykEw_Ao{eX;CLxlJqAlgP4hrfKJ1TqP zc8kTt#qGB{uYlLJ_vJtxZ59?efZ70GJl)S>`5!Gk5<7bIrChg~`+K=ufcE2%q*7YA z^+W+lzVh?$zpA%%XI}1Eyd@|G@4D`l3%jIrfw|SOd8&}gR$4g*&pl@W7=j6)vT@l$ zD^O0oe6x!312Tuxtc4Mp+iUEyi0SMTqh)zSzR$exP&xy2|63@$&DC zuMl9y>CvOd#N-6=y}g<@BqSI)INE*cy`MfE2too(5AY|FXP8*!Z?rs!r`n7EgFjeW2lz-0^3-^a!{iJ@^E^9{!R!l`MkY{#}3o zNe&AOZhfJb>MXbutA4F}$@d%}viX|a2?8)b@YQv!R|!#MLq!^Hc97E4`+)1$>JxpM z5-VaoX#pv{m|b0>AuPBa(v1pQ>vh9utT5?40YSOiT_g^gK1sxnI-aW| zxsA-?mTDR0*`=w^|932MGvNOY;@<(y_Cai0R3!a_mK8HE?etS^JCCcoy6%~q*sB(3 zEjWCH=pM&>U{nei|7P2rYn?0@>*SG zz9Ique{kd~6hNRM9dHzDN(*!BWT|*drxEk6xU;^_8Sgkc*EM=n$MZjyFSAfT^16(n zQe)I|?uE2)>dH6UslRKIf@z2#is#hVN{A=7_oo}vslpAeAg zN3=H0K>G8MyK#D3*4)$)XYp9P*vm^CShmen^{G#9%9ZO>0F*!t%73^+$VxJJb2K0l zMZXno_5-QPL@5U|`tB{D{+_!0wWv(4eFLOGWo52VA{XK+rrsy zN$BR3@hNU6tNwXms82?-<}S5bZ3B5aMEYBVYh=`R#fX?p97n=Ksr0Bd#1^iolEVc& z1K{#AvjG3DpgXvaW)!?i(Ih(mWz$h5w=8F{_?mFrvgIN22T(?0BDx`WaoW(UdY^)a zzzD!XvQ+H1h{9n$65GUGBR2p9-4XIm(bkNPJ-FX&USKp4bypa;}I z6WnWxBc#AUHhMmV;xk;nJewtrV^R_RFM2c0C=RG?H>;W0q3j*XF9FBd_B`)ck3Gjf zuS-fm`e)ZTZV!eg&tBU2OU?>x89lQKOym?g=>l^}x<=gf^=mqs#rqF`SSlKNH1lYi zKp6839>dsRR&~=ZG>|E(TU_8H53az^x+#22NCROeNywv#1hB4;wL@A(9&gW4`P!z95Zt)b1*qP-It9_P z^QiXcv3~kU2d6PSbc$}v_AKVJ>FMRXjN}C!5aDB+)sV-;I}c@}wE~=tRUq-K_3Qx^ z#}8dW$pCm9FciYO%q?z*BCkq-4XjglcMm-++!?(_CE}oRd5n+_~5EM<}Z3IDJ!d*IBwR+qt_G91eoC_E$ z?{NRobb|BbnTMy)*rmJ@BP5vc;w8p!HZ+9wD4&}Zo-H00e!H$dRJsv8B-%1Dy5>Ul zW?dkYZXh2%ZYdoH3ub&y7r}Y+TQq`faE9SDEP|ag;xp&oJQERP?vA@>W$S!_sotee6gI^`^GShUd@xo8kXGt)tLR_xQx3k+jdP#M5QiOM6j#%n!Wl zcZUcIIYdY&oC;r;HtaS*@Vurju>Fi2ytTvJ4K9YYBqs7Y%=ga!p8czG9cUd3)6&<| zr&qs!IaN@)#yoj#{?p2OUJDB!b8J|$!zq`jMb z{RAQvXeuGG`l%y&7+A8{a5l5z$e;HI+4Tzor!RYZ{qBivlncqXYzxf|ofCabkLN_A zHt|x%i=1il^br?eBag1@VY^>5`sRM&{v!%Q4$mJFS-S}dOika-#qC44kdRK?gnSNx zNmA<37%+jD7wIxqo*dD!vwcVMr!i1QOpXlX2urp4)DOCi3uWmjnYPJX`LmWHHgT3j z!Zvfzh-vV$PmEN4Y4|w7S8aS}tceBq9;n?DKihcJ%{1Ud)B7}F`TpMD(kM_o-hs8g zD^qk0FHT=ICPl08%qna5uGe(5N(J0m zF_7>vaIvlbB$cu65RLdVMu zhL2R`R{U6XHEs0#J|!SnsE~t6_vFN)c)gV>7q}P-!6@UInugYjuJ&Ev2iylAK zIrqhmp1yXkWc-`ZR7d7p7a*Yr@~J?k$qe9qVV%2tKgY<<6Y_Nprs-F1zt|d~6STea z*I<5xp?u~Cz=jt##zaTQ1iwIa|8wI7N_Kk8kT2eUJcffmjJCrPUcPd64LtYC zoZGQ$TiLANU& zRF-mYjLD8n%kr|4s&>lW<;dm=tdP8+>q%Rc(58;5wf1Hfav?dH8wnQrfp}c zjUUAs9p8vUIi^~4zt8I_BmGAE8)um(?#i2B0Qy*v0g%}T&-ap2QfnKEoeiP_>D81u zJZc)q*go(ngfYa^xUK$Dzbb~KE+hSCNos13rtvyX_ae^~e0utzT#QrJHcOYi>!Mc`2DIXh zM1aFo>^B9RfaO6;x8};J1gkVp66*=<0Yde=RCT`DKRG{nBb`{|!|FIiDL$4;7qM+<901_VVy$CkJ1NJbu zyqjD5mF8$wGz2iA?UEwa;khoJERLl73yZKr?w(hmJT!~}7zf)roUR4kFbG4-u z-y(mMye?JoH6=m-8Y~tgSiKvGKUjS+Co@>R6j=Sik0^7cdr=i|GG(p5NIadfMcLLh z=hRcF)vVLmp>;8l61wf!f7R*}u-7=N=g!)<_G~~$RH3L)3&vJnO`o3o7aQF>3VTjnu;u<%twipez&TjXV&cU_} zw!u7^kIrP$pQ*0?(J>wT0q+%D@kbDkRdz>OvO-dcYN4T3lBs+n&I9&}$4wQozp$olLW|y11w=I>ccaRTxkM^W>@lSac;T?0MVzXs&#%B*m%l?-S+0$v%51*p>;NgzA2 z_ckXXI2l=xDq3Wn?m84P9ERm)H|3`{{P1(;Cg)og4QJ&dy#a@tg6E>U`|d3NbYO*E0)xrGy-NIu2JUscwh3rJHyClP z?VlC5KlIfG*Ae^g4fkdjhdG(cY`S!GOLE;Z8-%4O)^=TY3awpU^XO@qyq~#(^~?GH zrVb#oOo6v8Z$ue#_*)4#v@G4N>6Zy5HkC5tkUUDz(Z%pKQ${SiKj*S})846^b)?o} z)-acuyKD+f_LuK##O|cBXfIe?h*BEaS_JR8`c4FND;SVPIIpyYIMB$M%D7R2sbT3$ zK-*rj&{-X6*Bm;Gt$Q+Ld=^0wCKs{kB>wc3n^E{fj`r1$W$N|K^3-|S=S_dw?5__! zT*I>{xVA zoWzC%vs{U{VbfQtNB2#nenq}2&~dw+TR3(f2iy5HnpS^%(C@!WXv7t+SVqX%O64r) zw>PsRU+y+dDKs3_0ABDQSRIAn>bKdlM}vYMWmcKloz-MFzB79ve=|B3+NHS(_jJKw zyX(T?E*E@Fuv0+Vjwuax5LEnV7!>GnX}zEoX$js^=XaI_Npkpk8V=Zd@A~tcWLTdi z305=jIlJ85YyTwI!ub124-f4q?bcKpl`wj$H{@^=yyM)XNQ0uARmBEO|B~o1$s8P6 zRS~R?ynn5e;(~UCCvC`sHaVCHOQjOguUElJD906;!P%_%J4QDzjR~hnvq}K;jh2mxtzN)O15$xN2F5!MhO{|0#BIz3};m`P+EJB zJM}jL{HO{{(yQ#d;KoFNUQ#k2_t%xEG6BkSds`_vC(ogwzf^*j&dOxS@nX%G3&etR zAO(GCL^XXBNaGpVNf^e0DmFgZPq2+K4EX7P1^Sm0iql}X61u`L5L5a0ztA(`I&|LE+$47V!g#5CSVkZ#apdM^Vckul~G164SV!iA6R?Py{ zqALAxOa+J9lOW9><_Z_FZG1Rxl62bk{LXLs^82p__Yms~9xGUBQVMU8_SxDz+8S)H z?oUTv0kT6qXAa!P;Pim@0GJz&besIwx*Xl!fqYJuPGb;QW>IF zt|>FBW}C83^`N_guz7~!yt;>aX?IR^LdiHrSbFfCBLzdOU_8PKL5jXpy0@U_?pADA z{bhw2`9xa{HUE3>r)>FK7ScU^1(B;7p7aFaNOG4GbA zndDmmcYHPSHdo*MUE$y2-%HH%XbTT4MKfzAVS^drEh_VMbxjK@(Y4|)u!5yuCMBOm zX9dBpsZ;S>wQ=(OPnbX!gODsXw%d=cy7#_<=X8C+j&F5{z1rCCo}lZg)y}93jhpl% zFZ<|AS0bMns@E9)KlcAY&*1I{UXn|;b8}zt|{=^4wGM0T%|frTtfg=CcdDl@5#c zw@f3NUT>>&Dw(doakF1LH}y}Cqr4V3f+Lt94>iSgA9c z?#S8*tO4!3d?SYo)Yjnur8hMr`U)>;X-`EtLu`J!TFVV%&f53%i=vEx+Sia;G z02x8}n0LK*&Zifka6S!u!CY>`>XFmFjw6Q|>};K-qEd|;j3u|d|0>vJCm~_N(_?F) ztD#i^x0Koe)!zxy65M&SC{eI|`e~Oa-@}E1?~{gWxMwY#KH!2x^Vg*v{R$^SZx?30 z8lh)!s=nz;V_@}}Gd}@134NMgII_fKtKUgCbbk+t%f-$WpEF#br9GoCUGq4l`O;;a zkSlBr-DdZ1XUD!P7MGtFzQ`*XC-=#i@<7B#`l6{o6LG@vL8NRbr|&KPf}0SC0TLaa z9dnRu5sC7xx49TF*_f0KCSc?c1Uthd>cf9A<4si>lcNzt7kLRzH>W7QOqUe||~3}aX;;x!^Gl`#rW z{Xn6h-L)WKI?T-Vbqwtaz9xy!uTk-(SX?Iiz?m1QhFYR`d*UuL&4FEmZ5Az? zld*c2pPux9{5)`&eo<~CgEk+^uRqx3dB-PJkTPB$HNnFc=OldJ+le0+l$Ey9q zASS}I=CvRRLMP_a8A&D`9?1cP0H|-d6X<%%t@Ev2UXW4N96@crEdA#u3`Eh!PJMTD zjQ#v&Tb=vOnje}R^QV{iyHzK#<{TA1UxU5I1~5#I>H{~*RYU!9+fZl!ZBg^0yB{{B z@%-=^ZCB-XyibsgH8bzGwc*sZ$T?bcRX<#*aXQhJqu1x$wpV+h7!=zi%`DiZ3I}fB ze>!zj4uN=$zt>p8PUdL-yh1)g?hY&6Em}M@NQI>6h_<5-O7bxu9}ns3AU_rVm~0 zY)HviIz~gok`A7j5juEH&``3YhyV%K3w)2Yz5(?q#|QIa--ALMtFc1M}3BK#0`oUjf z`{4#}b?oH4cri!mn^l;h7-cSs6}nX*m92{Xnj>Th>sZ}HU+g2E_dK@OZaGK#{ zKQq|lbKf28Gv@-Q-VI%Tle7@>k5Y8_J&_;-j~fVgm;XV0({iwtGh2nRUP6w%tAgvi zBp@ii-U^gAmo3IO2pKp_NKl(21vO&L?IZZRh$sS&!FGiEVc8v!@mJlSol$M}RzjL5 z@x>JB;6wr+=!&!Zt;CAMgMoaYhbLQEK{E2)^(pG#!tXD?=9WOMhF2~tM%;xP5d<2n zEW9E~N7^{^qsRMCp$^+}(GcQVP#&w#nw)R{Q5sD9%k7>AR zJDZ+99Vz+_F6!(M<#O7GbpQrpWj1@=uV_IxDZ8GahbZW{D|Ef3rje`N&X9b9DWMOx z-bev9v}YSc23+PA0F9*gxs##$0-%%OQ=}ONY{!TFrQ3yR4mpt^9cOdj_+p-vjK@@i z1?tRoe5dVsVFA1JF3Zgfif%?;;3jr5MPmL+7$7Cx9MUecFRqZ^>eJJ$bSs+BAc8}k zJ2`2Zmk5rJ&PdYE<%4!3*-AyMeWPiHxkFw#b$ChacQ4|xMSm}3JrB%;f$;0%Q96f` zE8+tYJ1nFUYTbN?Qe03Of6%#^E=hw8a!eiaPwI^AbX)r^K9ef%x-qwy$(-x`c7B)x;bslU3G+7+`_|_{&xY7mc3u)* z`HLz2bY({lViK!->kGbBmLNUwD%7PmX${x~*PsG4nFY^0t|{blNXYowr^O4m7ORv# z*Wfb}auEyuDmg4#gL2m0w<#mMv+|B9GZfzSbWQ!rjIcbw4xjki;9dXW>zol}V7?#; zaJYSM`-s2dPQVZxFIuv}@0V{{MW81Brow?k4 zzw24+1Cf~dnU5X8MH=MCUcvIyP%#xo6U5C{!TC(Icr&4!)#`zO77Z5yo-)JotKRM$ zj+DRAuSvu#_UbzB^oWNit6c3^JMTheZRtl9(8c+11Lz-4A6D=`jcK0}K{4iObi!9-WCx%!H?_J1y^B-7djvj_7ybBTazn&^7B%^_07S zO9OYr=?2GJ8R*ul{~X5u{_Q&EdE85z)3yVheS&eQ?s5Ecnt(e{e}sk)^7yuQej7PN ze8O5?#hpGq3Fw*B;rjrf|MZ1}047ZbikS}|L45c};l36aM{9&YR%BA#QB(3+7<}|& zp&<7SPs{h0VkZ49J`HX=?+YK6slDJ1!z|#bpM*OKTL?R(yTkq@3dLt%V6$|gOWkBVlRiS`= zq!WimU0e=#9EpR{)TWs7d#roY?mciQH0uB!4pLDQGx$psG$-&38vbsxF;P4GSnjhb z%?Ll{8~OvelGD`TH<-$t$f$%*rl$=Fk}$1go$hH6PxVXc@%sv-$c0ES>tBoF6;%ga zlM$Cut)xUgaSE?@znJSUz7TRZFBL`)Du&azbT>;wlP;oXUi>^flygC}tc(1kPV)2C z;UcjP?0gpe%NW0!38s#gfm?)}WTf_wv5Jf@kcpuR&D-SF#+wY#oM8NA5YtvI$&Pv% zUs;0gf;&W5Y1K?YOM$$<6galo_ZH(eNwv3wr@=ZApD+)NH)(t&WxBg-g_e^s;jemy zNtX!+SlRx{lX;;a8bghsYW$mL5Epj$-PcxeZx?Bfy=ED4FYeD@Q$DzPQ6;T|{)h|k zGgwu9gXz9|ylvQgdLqEPUT)zdHMmO*pHV#G%*bg-QQknfei8fFAsG>_18~Yz;cOyz zlNxeo;q2m0Fmx9Kj-?O6feT)9jJN^mmtcir^#qTBKBxe!wW3VXzAnOcRq(8}|j356a~Sv`guXu({Iv>6wEL~^FASOkOA)#P_?o+uW{eB zzxQ=nAXmfYmO6ii=GN`$i5|hy9s8a_-)gc~zqzDCrT&=$63C72&PttDC`vC$kg{!9 z=FXz=ot45WdKKaekB8vs*}B&Ig_b3;W$sU8R$BMZ82{!aZ?d3`4Nv_5*mxd^zd3&H zGq0GFCYZr_pQLYsB?hfRo^6kygXTa!>jV+!8Eliv?=5(rVpmDGfIRcqzD3A_bdy)K zw;twmFh-h-z8-rw%tn0aS*vH?n5t@Y>1-r;Pc3e6SyyYv{!uA?If$ zLNVzws!qEq&Sb?%UF{j}@-@2)V2H2`-$%bXXmkeBsVTD0fjm~%9GjM1R@Yo}B6n%l zp>J!!>g84fV<;6EP({=WG0g-mOb>x?1S5{$llo%SwehkXHOWU$>(PtBncq?^(*RA; zW;T2#!g0cXzJMe(9wzF3KT4}?n^n*hRFZ*1_9haOChWhT!mq2cz_#A|6gew)3$ype zXjj(L)i3Wm!tObKpCcHuZx(Cp6up03a-jVJ z#S`FRG)3STK6FPN^`Jm{jUfFDas|#18rmVMB;;34OO25@5M!q8WW#S)#ST0Am*30Y zB&x}TY!4GwtID81{7~tnI4!Ag1IVT3ElBQu@vFv@G|~9$UJw$*qua{y*_8IQK|-*D z0&jRAGJU$#aBI#f{Qd54J25;|xmRa{>sywl0(td_YZ)m)N6LXTS3B;EA%}zL*ff~z z{0dN1IiXJE5jp4*6BICI9d*;1=x~Cu4D2_~rkm=dHvK4GG&f14*RWQQP&{)AsBR;s z&cc;o41PUMOus)?{wTGo5`pQ6=C^8fT!E<*-@QBAR^*jubceTSOzA`4B=54{aOL9T3soR_Z> z5;KPH3}_@@BW8cavDF^-n4FRv$(~aelRnVH5@b_AdDI90*F*jl=e^v4)*Htb0!nfw zEBn_KP%_EJygRwPwX4kBGi}FoxhCP>lfLC*m3SW9lfQAfL8~JxLtoVSeg?lZ$lNQ6 zY~<}O8{2`x%^a-^y#d@`-Np$*CjJ zkxXq$ZnmFjW~p7j99yadT%Y!;LNIUv#V}IW2IE8R|H^Y?{I@gz?N>t_>pezGfpfn_ zZK z!t*U6^BbU(S$vJ!N0Fm#AI zav*{?O)hGtS?1J*DM3=~7l<)m;M)1I{Z8XbV=_sR5ZYaGu%+`qLh2t;=1`Z-HlWWv zI@;QAF7W8rOY~K12{)xV&i#x_|BG?(H|SadJF8B>XEW>SzcaIclYB=9yJ`_1s$VDri(Q3D&#3g(67hn@9Njao z?;+A-W?^}tA=VDbQ-$B;|B{e&KlNLqQfbPXCvvZHnnccp%>qsYm3 z|9tK;xbIg}gXXs9mwUQ4OuvP)gCKGw!OW{wYqSe8_AoI45|no!tCELrUvzzpUe8Nm$g zQ`1ffo)j|yhIbYrm?t8Q1QQIbOxBsNbpg!;TtpDwU$zafS{D99ySK8=ebY?LpStJr zg_@a~#Zl9ON2~ocf`9|7It3%u5hW+*DVx}Sah4?ZsJHm948L5gfc3gbR}a!=B|G6hDx<5_~_AWti?Wo+mKc26S*>X~Zq zv7<=)%pX4b#0KQau_g8;53zzvSjzF43hvp)C~!GM?6}+4kT>12P3Hh=98C!M`q=^8 zw2BgDmf+=h%b{}fS2D|-H3F}|eA>Un_n-A=0-K}#7gOUGwb9Xv%X=p!itAnf&1tPy z7X*b05Ls8zU($mt1348#3yBR=4vfhl)36^39qwI1-r!C|6UVq|vXoV}F?sO=Yt1P0 zx~C19wX8^z2tB;q+^UMPW|#FL0sjDntea13Ub}X)w#Sp*P^EZw{M$i(?%*pE@DRnz zoZv3y-^C0?e853~C~Zx&*tX@{1cn?Jr}CHqI71tB29mRP!7?Ru1K%LdUX(wVVB z|4C(he2ks_Z)JIeAdi^KL>@<>FffOmwHn&a2^ZlyeWj`XbNGT5cOe=-L z84!{X(&&C%`#)T^#Qg&TBs&|vSWnr$%~F!~FqNqLf6_V-Ah_PFO_8!KDtWVA_y;&X zU0%s!+R1Z_*2#t1l}=lLfuMZfr^4wn$a;iur^paam~;>0{O}o8a22~7zdBx!~CO; z^DrBN&8`eVK;t70?Q8VSUqfn#Ntsxl`pGvrR^guoQ~_u?Z98mAM--$$-3dCP&s(am zG5uGO0A0G;*s^H!jjz{7bOKa9?HhA51kxNG=%srK(0%fdN#*)gd9x#uUG;nxcj|V*I@EJr;Ew#`&5p>LppUA|9J>t{;AIY`3aCHE>H_WO}pn! z2I1$Q%t|Sbn^^z%6ICQIKo41M)NqJ=M>1(Lh2xl+e`ACTz-8U|H$OmrFw=Hl391$G zAWrXl#yoI&2TIu`bZM4ge2ueh;=HW%OLWy=4;9AZF0YiwTsHHqAn{Z=ZzS0{G;QqN z)eth|2cgwbM`{{xRf0ZdX$= z*O2)@r5@r67M&JKNdkeAOkTM4D~jC>-ECNEA#QT8gI-B5Kr>@m8wL8o(*u~Lpm5eN zot4phQ|I&QHt3b1(I(EM@rndUdrJ29X114uxj?%A8Rc<5eZe~4lMw5|$McO)D13Npe1#Tty zGIn{%*t4PqLE_+38V8)RI~=6Jz1me@ta~ZEej_p*Ntk9D0~C_0vXniiMtW@|2JYDJ zrRIyxYJki%8|Qv-eTj#0@RMZuqyPQzXtXh-%@^8pP8xD-A-8wunXTG*` zxl!WX@Bv-)RIpzq8efEHT^wEV%{vJF%JmltypA6eYx3hQg9AfMQ6|u*O)2pp8o^Mk?t5HfDp4gzz$$e0 zH?Q0)25~O@M)b+F?|CGPNJaQv?T%r<&&`Klg31M>an5J`kQ&y5G#5GeO!)A;0Tc~7 z_+-?=)-?pg6L@zCFeYTrNvF!O6efuFZ1JK|{Gi&599isHTFRA_l>D}`)r5N=Ghjcm z*Tg4QVEMPwvXc%#XF-=@pxsnM!fHv10i zW#+a&+!#ief1)Rlzphk8d{9d1c_Rd(Hgp(r@+m&HE}&D`J(N)$yXkYGM^4Sv+6i7*oc!^|^vqjL(NhW8}sIGv40b=Hlby zTQ_vG+7+p_^KS6|r^S#E9fH@c35NSo@KriZGO3?HJj05?vyx{*M?5(4sT)+3>Bhp9-h=7EmfFK|x4I?Uu zbazP!NJux1iWr2_9ZGk12~tDK(5-Y!%M1hW{h)r=(ckB+_aB!m@_Fuk@3{80ubt9# z{zva(g%y7;^Bu|dWrrmqeMv(4U}moCAd681*!rKYHB=3%Q%axR@QJ(`GpGNkT8ilm zPVOZD(8*&ZDu+YKi#{YrqDb`XJ6~mir3XCoiO$7e$&*eY_~YOR_RH!Psuk{=4n=fu zFE1~1?~5k95=p)1!i2rE6)a;#2PgXT_7i#DBOv5tI54efVnR`*6@1vuNzg@dkmtziK#FK<`KTmR0BA93y2TcLGX ze?G|14_{RPOZZlY1v!}4H$WzI*HGO0?`S-;jm1hUy8C&xrYix!!;b-=nnR#{8pd)G zt`9&L_ysq(%s*T&{ceU|Cd4+JTQEyqR$IN0BgD=8nS4Z?7VB4FkeIX}IXN8H%DyVe zN2|tTfsGv)2S3Z`+hAm1V6d{WG1S-hZmh<$6x~QONN?Ns8Z}fjdMTJvI6<*vIUKqC z3PyDf>dRfNe>yG6eu&}qjSLP(wbI5)a4PLsUdXXFe7#-F+x0YNZSAqSx%qVgfx&Z8 zJkQKp{jS#I(*Hk6-l_Y6U4hE&_gW!ipyGP~As+qK${-E?^Q+aUg{A<&-s|5HPGzwg zVrL++cbf*11bUVHlnR3TUe93hQG)L>J_Ay!8-@7cKNI(-^w=yfJJhp;LK@F=|D z3lz${Tq=(rXLbSZb(X4>d2Z=li&ud~G)ZS~^Cl!DSiF;;e2;58?xT+vd@C9)q^jEc zl0isqUS5``{$Z9O8!q^rg^7)sM-oZi$K*kQfsY0RA4UrKX%efkx^PZiu{J@@tXL-sArwZse1S6L;vy5)f`|6p)TgjU_>nUGL*sRp4IsC@j>WM zY}|TDB7WG)wKKEb^w%m zWZkev){C1oa*6*iOMre<0AiwCDh)>`GI!AKUXWk5nV(;Sh=|C*@USIrM{NlvS#h8O zyaESoWcpN%pXAB3}Y(B@@;tObBC6Owtp$ph$_va+H>?VXS7acVBop=#l_Cm zyPlWJ#a3K>^N#Ybo;gC267-8tTi>nEEktDY=#n zR88g{Kb}8$}yGsmNOQ{4b%3x9Tyq%=nXs%*G1MP)VTwg@7YzzT<3Dr zUo|`3Nuz_~-3;2@v;#|-N)aV;WydQXh~5tVJLcQl+u^aX*0`NQ35rtYp?g=8|7u?S zy7@O)z?r_~#Ghw+`g9#a%4)7c93DZP2e5%P;x(DoNHew_?*5^- zwUw2Ml2Se`_lF33bOf{?syc0M+0q|f_?;r&Aw~3$ruWQ|NK-f*Vb#q6h)pe^@rtRZxFPeR~MlXoc@!VyBIn zzSl5lGboG_YN%b|x&x&xp9t5)+@%X1i(g#ZP#Nduo6H+8&`lOLKU9f(4i7T|G=W>( z90qitjur#3kjEhASYqUu`bu*7jksDgrmwcTcafwhFPk7=Bkm0?-+MPlAY|W&&8qA4m85BtI)d{^_#? zm^_6U6N2azi^UM|H>OCI-uM-1i<)F~jg#qR>wsp4$QSNkf=v3eA(J5lSA6!(i-8D7 zucAN&w-st>2!7s7d}BFg&(jobBIhyThdJNP$*SI}`ZkoQ1)$zcL{txBTDb|JjtCe* z-D&?hrVvjiV{%}OjU{*%?JXg2>sEGMok57CE!Yj!8MdME;0;H#$p}O;gfU5DNlX{w zqJgJ-Ebcvietv#FD>ql(%F43xu|sb&0fkL)F`HxVkU}T?9e8GJ`<6uL|DSP! z1)Y~boB5viL>5W(#*^i@Zn^5|!+e7&LQ~QZXbK#5wh%W`dXm*Ihx!F#qE?=&$y-C0(miy{@Mq!E;5f9a8Du3SG7;=&F()x>!VwptY2XuY6P^wfGpT0 zqKGFV3D}6ci3#NYv+;l56GAwDHbt)%LD`4<6RW?PQA`_H0g7cS%M}OFE?qaek0T9` z-%jnAfADrrJ@B;fCc6gz`t=MkDalf#%?0aw;OcjFMkFNI0tu_s)Mz+w>wkOeK=6#u zR30({185wBa?E{{@-NB-#^;aT7(QfRJK@x+TCrf;J$yb>VGP@nEg^*d~d+eRmBr&9EV zd*?t>Xn<_<98>2gC-dwd;$-1@&pFF?u# z;K4fyR_np0IAKb4j}5cz^h%7k=|`I*L0>l)@Re;d^RLRczO?-GLpdhEzFLY85Fu7? z+)U)Mnjo7P9nFf2ydb_cp}8*MtZQf=dG|X^JN**0wc@iv2 zj1P#3-;eGxGlOO+t^#%k6q;n8hCMwGQBc^RXl!o$5~{}lvbNdloxD+hTkb5x0K^P) zpIS5{h-}|x?OJpM2ZyYtUt5%v{vL_ePB*vVwZpw70gwcBBclQXw9<-J+*DL&7*|xM z>1g%!(}orpv2SjEPRp=1EG~FMb8tenJ61q$dAYUMB}!FQwF^cgWiIp|ct1#g^d-Md zK+Y^w2?VH)igah_<^8K@Ak%|mSam_OaX8-DRi~bz7JeYo;))XuZuy66WZkfs5)p zMa~K_q`^E7IPe~qG)NT}yo}%fz?X>DB){awj)^#3nOdauv9|zcIzo7tLwNyU+Iil` zDnMSNCiS#$t_>OpG@YCTIH1RD0BI<6K44W!0>CG#!%46EB_T*TRvrMvh$T#nL##|O zaZ*2{8kX6GN{bZ$v9;swS*565G)4rhByk<0A1+A3z!*Zbu5%rj1?>E!yI;8QotV_h zp-{=q$SCdFPA9+9f_z#=M(4U~2oA7k5+XO4)xS>;@~}S-l8h9XaLb(pVaOy$@Ih$$ z*F^oVuX(4B)%x5%2ycdVe4^NUviD9&m<@axRH>9fFq#HG^^+fzCcN>0DF}Y7B}llw z%0n;e8{p5$$Iryvx&h~O$=D4b4T)~M0Omvz%cP?N1#^pp*gSBc(Oj3dxGr2q{RZ_C zf{3cMhj@uxqe$e()>dhZRySJ2Jy&*_X0*dAv=0)7FlL4yPjPkM=tZ`!QfJlH>f_+x zY`cp+kd>t&iYOw-%lkWR`uU(hH37grSg#Gh;lZ&lfMf%Un<4ElmcVEIM)#S#tr@Z-DP^`4pNS*Q?V*M;8sI3JhH{_ZatdyKiIc9 z_#$0`%+_hqZFm^W+dp}0DgHt;x%>Vk7>~SwAEEPM6uI3@(|V!pq98VuTL}m(&n@F( zFtY_6^Ri)`5f*Qctsvds`>wyE&<>rJwY1J_c6RpgNQgkZ^I$eA@QJwn6gCd+qMztv(Etk5#)^bV!$i##tOqhgwI)8E9%sP5f9Z?$%V6e zPYho!L{dc?^>#l{oA3HYfWy_@cYXmDQ-@^HLhj-G_s&U zxm520bUp0evjM`^6&A8AC||i!e)SyWCa)$yhEb8q4?cK(<)%)ue05t|fvx^W(5i_g zBiWfjU0Y$i#N#K-+wcLFq+2m^g#Mz$YdHXlGH_eu-)InZx-@T(ia4el&`)9jY^@2f zz~j|4`jutI>KoKx7TEFDz49Kl?u0S7S{<|^e~!JewujELZi8cR%u3fwSRvL6guWrd zy*l;D9S1kJ3R*h4J;*_t-O1=j@;$$1AqlxMI5yeR=BA1jT#Iy~R2%FuWoKi1*EXwS zZJiBXmxIvxWTFTEi=zU*QyX#?7Z6>i5Q`Cr5L-rP+5hb!fgu;>Ly1YFS9-1ZPs4iWm*ZcYwClz-+I* zmW|f5c5>G==0J2iL@AtR7%9kDsmaJ7l;`G3PlvX?_as^jPOxHJwE-F=c}6@kptUcHVuu5*54+y|#DQF9Y!S#e|XzrYckc3<(tPWBZZFdB-XsgC-lA@V`@H zUnnI$p+!Q#y)k%wuXg?wP{8W~Klm-tMbdHK<2uZOQBMKeK*o^9Z74ClTGyz4nmwS@ zUf@Em`Z_eJVJ?LWz3?Uqd=}-_xP|`VTl#5Gh5o}iZll^FMO8I^OkK}ygZe5CYM{EM zT0J?i`D-5-r_ZSXaxb>%l{;MFU`V^;hF>EdA?B50-jdB6LL>sF=^tVxVzQup|GTqKpQKM()U{reG!1#=N7?0=hZw&wgXJ%s>mocpzvM}3JT>Oe^Qbl4f#Rw;Q&y`GuZ_1 zaM%060E?*1_jo(NdU;8}Cduf@E#-v(0mgRsGh`!yQ)kEXY!+;m*UsB!iKeaNtqcm@ zj3@I^Gh4$!5S5fYvUpF!0^r)h%VgK#1S!0$7i+YBXXgnz7{d;nHNnibf`Wh|2 zAI1%}F~Xtv7b-_Qv{a)%#^*ZIiwz}zQ95>`&QjyQ+!kY?l1iRr#M)cRVuqm%0=zis z!C_>UfSl!0EJwP{#zYmOt1G;1mWC+&vU;n8<=Ow;A#=D6Y|-D>4%}g9K1eVt2YR>c z9JlHJdbfax?vtv*UE45y18VQ(5&+m3wuaqA3^CDMZ9dCGXZrzIW7rbMeGJfy2=(c!uLM1-E5yF*LGH!@bY#<@Dn zM~Y2H{tf<g=k(?sA%&;ms35+z{P&d+BZF(=RxIBZM!Z8W!P0!RS)Fk)PNH` zvLrPw(mepnR~<^8y&v9HjR z+tKgUlf1$Y{6?JXliBvQyL(N!f&5hlSu8Pr&g%3AJ`2r!TxDq<`iT1n(ZfYAUvk&t zS_VeN#(voEDIryTc&9NRWI)BM2&5o%7ymE&gH%5l8Le(IHrhTWvZS;&b)mWsKL0ci zyNMuNn2tq_Bgs$QUl^*icqM;bPzN56zYBpakWAOHMZEBK7lN5Z9E#1QB>5gVcE3Ak zAFD^h5LIi{8lXpG#Z{%M_H7JJ>U&b}i3)g@{dEB-={cHI`5u2G0dhov^c48vhl^kY z*61JXTg>hYN8MmhCv-Fo1b=55`}~uZPR8tymNUgWz1KU3&kEik$d*1ORtPPM#SH!aNfW^W#^Kubq< zYD6D%_71B1t={ee+RG)zOY)=P_&iHAg7{MjJK^4m?@qlO$;n67seu|%lGd^YIR(23 zd9PUk4OHgF3tBxE+<6>2Hq(hxH1|ob<^0a!UiZl!5plr9c2n7lZ={&sV71cW1?F+L z`(@y%A&mVB2py5TjS3O55mw>^B$qszHVS{Du=H?zTyI~&eF-){!Rs^seh<-mI5(C`ezd*Y zIlkLJUc+_q+qhA!K_`c0pwDFG&_LfrR>*!rU;41CJ{heOx|(CReNrpO6@3OX*CDBY zb4pOsFULZIa=FG2!$H)pf`#=7f~ka9_y6XxF{#5tNClT#NCBbl-k7!l%?jBX#9z2t z3(JJ_S~i;n9)zL*ssG1d1{BelZb6-s))*b|-!}lx8{Y+LG0+4xzgsreWnQ8T>X zA248*v7siDmqEk@`3j><`I(n9Jw1w0R&DQ#dV>m(p5IChkfPbHAB|Z?tx9?+Gc!ww zqgw;U{N@5ZJ}#}8J89He!;e>{t)1u0)Y@lTzdg;GAiIPg&SMujS-skHvYGJs5nod3 zqn11-K{daVsF0Ou->ukkU$LTnV?em74|E|BT`iv`D?l)zXrQcqyPW?!(;`a zqbOCyd6bHAd7yI$O_$%UddVB2;=T0-R9YZi5rr)umU$1q%hGaGg`u*io@K!b-FSC_ zmQfWfMBKeDcD#D8D`(tgO@F%eEJ>g;{p{s)t<4u(?WL2uLJ#Lrag34$1L2erlnaki zwr+l;+8G$>PxC{K$}LR5Il-9IMALRd{fQU7_^6l(82&oHzE*5s2Rz8;81gSF9qci- zD-ivY1FV4y-E951pz1x_3q&Q2h2hGlO{Ix#6{t%OW;8+7^qE%$^w;zs%~6Cc02 z!{L7o%;Fbn;~>mZs|H1H@_(9xa=n-#ySm!>8S^|ax%f)$^%e5_LU8J7$>fj_{%9Bb zS}+7i}w<4o4R~A=D8c{Z~LKV7t0oBM!l5JTY)1c zxg`G4&;2M(E;1o;VQBi;C?qq(P1z6goYv)lByfGzL1=eSW@t5*YG+qa($mn3)aRiw zHbT9d1F3bg*~S{^)6%qz8ltvG!aowDBu};`My6@tya!Xo4?qTixH#;d+43U@7IRmm zWKD--IApDA;!|dMUw$7KaWprYw@nw~CQ?B|+O@Jm4-_e|CSBIA z)Ya`|k_=WL7U?twb01<()+PzO!w2h5w(Ko<`9|;DDn5G#>xBz*PhPYh6 z?C(!|t=Eqa4sEQjm#x~`cNn}B4>!oPY{;=_%e+{R9x0&F9D*yOUVSLV!!q|z>hoq9?NoNH>_}wiwuY{ut$<$ zEFm-x6G}E6vW^dTR}=+n6UB=*un~bB-TlN`A;Tq|w;r9mH%+L%D0oF~XEAU%baALu z(x6E6mO;12PCi!MVl08@Mp=+1hJJkMYs}CAgNI#Ey3)mTo~jrGeQ5f#P(qEQTrDT3 zw+uhpa)z!;o}lo|6WI>Y0g=lKHmo*luWtB@((5+tB`11bGnyJ2+RyI}V_Bt(9jogW z>>A!@;2K;=kSSdn>!6(#^&7t}URJtuNFo!x&~q_Q7%8p0(UzmA+hF-)OfpH=d=>WL zt>M}wvSO?QpDj(|2TImSCmYYNp_Y>pD~>UANmV)@U#2&p>&~{ItODr1c|EhhGS{W0 z-OJLOCJuic7#Q9;ABtQqwad)--!%m65mBMv+%$%HdT>9Y#y;HR?S7P>k8H!?zD%iy zCH(k!Gh&_k<0uijH^k6y>a7zpxY-l4o`6tP8bDL`^x4?k4o4c`thcdzmRSv}Fv_dA zwKh1WfX*vula^URx^*ENqVmH;#qUusQ9Ng*mT2vqJ5B#4w>b`O3ap-=4=^`;hW}IaZVah0<28hx#`fy-7pv4q%iibJ~ z17EEl%&-XBRSg7UwU0~QAZ&8CPG;+nRE+dr?92358tVX3h&EQY)Uorj?UdUVojrbd)xhAq7yuc98~fe%tykelIPF`DMJx4JFA&bPmn#8; zC;0>O*3sh%N=&&GyME%pzh$U9(@(!xKOi{LtxEpvw-37sC)F*e`l>?#7IrBuBOV0d z>%#?Z#^J1L=~b@y%yKkrwL=e(i0629nO)n3h zPsLz97I4A93KO_IBCj3ku~!PVFD!bUjDyav4J8Aogpe?%7onfd8@6w&||KW-$5 zO&5Py(zfzku)8$T?$NW`UEP@rvai$AgV*^OV=ZyYC(t>pxlHGg@|j&{r!kp^-liqT zb{i3~sSok)!^57eBW?{4)zU8v{< zd#Q(A3T=Kq-@5lRL}CSaebyvZv(YEt_0eAqa1hRm-lpH%&=UFU=r_AL4fSSwR(5Lw zN||D=wbBhgI^UkzItac(zQpz}p3G))hJk8%gIwOgC#-%Od5za^KlKpHTw%! zw!?|wtC&A}%mDL$_~ zqu+_s+q}9mM$GXj*GX_RjHZP2V1Ogz;JbI;g8K7dO8Sc9y*8tI13S0M`t2~8>a|7F zx0W^=fnQK7N{mGeswQLpKzxsRVo0K2G>){?>j##3S2OL0D-%O!*%OWGv&0KAYcLv$ z9@G8eL|=hv!m%xZ3XWRw7c8lMLN`4c2ta@pw8s6bTEtg5v!lGGHJn5eMk8*PYzNxY zcMGu7!B87L4kBA|`NVK4IsD8Q)aRfC#z^a6X8D(^r(%c6f}l&bOneUo+)e|*8el!D z*>4oK#tGOJ?hy_wY{FvXo?KC0P#q8gL=;cuT<-_gD4>>0yjaa9Pr74bQ>*#pxlAoN^bBNc3)zHG6Y#HY#3qSb!vHGf|{649{bG& z@MEmkl>D)d6mc%q7cW}2?y<-hzD40 ziI07XuLn!}v|!(X#DT=>ZEQ*OG_^>O4@j0vzsJ5t4b+k9qMa9Q0D`?{nlM?u!PQrA zQa*s%-mLe_KyWDPq74noT8PrEzm$dLeW#sHoC0<#FX@Nrm>hG zL4Bpr%BUzZZ`xiV>Sm0xj>`hz+f0&=7-^?uXm0d<@4Cua?M6^6*^z6K= z@Ln2;$u$-Svz}5FTHzZ8G}q5kF5s6uv#vkvY|CT496O}J)D<)=--ibLA;NpY%F09Y zv2HHMO;r>wXs`6uDI@We52hN6;?tm>8F{`TnV?Qlk@h>j;+-kj~iS zeD}tHXm~P35tnbhA7n43YrRT4W>0uLx2|Q=^p3nUr8MmM~V7nP(hf^B806c`d#itpXm_2$kPQgYi%2zKrV@0^e3iWLdq;t~iV6ef$c8bT;LG7` z=sapIpaA*(au%u|Ls~J+N~^<{XJf^#+!Ai7JO|14Q+l$nox)XtuBm>a~We zZF5Ozsk`E$vs}&40|UT={((h*$K0;kF+4(oA+VbZw5=ZpkSY$=B^jjBqu=DRUJmZ) z9?+63Qy$;Hq+wz;FDz%ASpK8wP501nHwC$UqM+>IIEhtvtB;6#sr<11`wYGOr2ae@ z&Gg~)@m|;>eWzfhBnULxNvK8vT1o475+}_8bA)cXf{pdNtrudF36P!-or*x*ncI1P z(9<8~SA3Th^qfs@+2@bvu^M_FESQL5BceT~z1OeWD4c-IWuIOm-D=j6|0MefD(S@Q zUYsifL2E;L*Y$Rs`mLC_Jl0m%$DsDKo(*PRH{n?nZM|gQRPKw)SoFGj_y5Q2mL|b= zw>8G@IAL8-qPa#5kJ%sBtH-(3(b1YR6n?Mk>RuFI(*v*8Wb~}d zK?Or8L+EK#mL^dc7L;@gX5|n!_DPma^sUszX_VZ7CSLj;)uNL2<(;}40_Rleeevj zr=_CCH$ix1zHTWC@?Bp7zl;tYzUbJEeot{47Px?v_PHp0EPU+1Mw>&t(kJ%sErRGC z*J0Ih>XhH}pC2qwY#m*WEa!@Zq=MM6MP4FqfJOJM*e01>qk`De2Q^WY3}4@OQhl+v z`SI3%B4ubu(+4;jE0})x-rd$cJ<^qf6VJTP*q0Wh18$pDErc{4$9oFvZ80V%kNnzQT~ISUeqve?z1+O)q>zX80_PZ zaqZ^4i511{aDbQp-eYWeG|yC9UJK5fBe*8MNKinX(}ImC<>z17XrYKmOth=J!psaP zWb@7<=80l*e{+<7hE{mr1>=)nRun@P{^G|YpLNR+*Xr*du1pS{#hV)ShWYtA`|s5` zWHb|ofj_)M?CRIGn~@Wjt%jQEL|$e`@ARvF+d~%k!j$S_3lAMHhe$pWKkv`Jm% z!;(bz!^wbi(VLhx8^(8S>)^W7-UZMM1I8azM_uvDA9FD|e&RLK1$AYZ_+z9h?h>n! zN5idkv0S|4Eo<}vHznK7VF-8M=h{!GV;5Et~D= z%Zp%h8ZJMn&rMSEO4J(_)ZlY&JXgx0HtCQ9!k?S+gLJl6Wu zCxuMS*c6hgAhyord3V=A#dTp%ec;jtqT|(@%&OB`Z=e1EaX{Qp&v8K|$+5lz0M*63|v zwi8<$-6^1`vE>yE^4*d->F-b@UTldKH7%7WcQ5zd&VWGL~JoM7tYAZ&AlOwe@UNW2}i0_xpo=?!^ju7S``|wuuG_xZaJdcRUF41lZsnBHK2h z{$QuTuTM9Q@pvOf(dgvg@wdUZ-qg$SxS)RTGN(b6MyF|GgWN>gd>z!)Td>Gguaq?Q3;nsHQQe{K5hs&lJaERp(wG(yX+Wobf3>1EPYM%p}a_4(}#& z(xmG7+1|g3`Kca+i!he3Cr@98umqOUOCz)A8= zKc|A=P7Sj*Dq^dZg0`( zMxN?ICZ7N%-13P)G8S;DFB>B<*F4Q9CCt-4uihC}T56@)mrVWP9(267VljTfdh(|8 zs(eg_P|Ca6hP9cF&E#=T_q8%bArGYkE;v`GzC3O}4#tSR2KtrD<%^ zGRvc@07fd`^>Lq;9Sp%B_JA z6wO)fT3o)yUMMBk)%_u?jpWO#%T}7&L0c<;1n4xIM_?yhL(iGtH`ScBZgfkqUXf99 zz!Ph(q*E}F;?fs-I;4)4fZHX%kz_ck$8Yi>PV)^f8!t5Sx=&j)U93X1+?OJDP7l|h zSiM>iWn~MW8dmttC_1*CMmNdqZA6&oau8>>(35`JhWZp8jlqn8fuoJ?Iv>|FNFJ=Z z8^*qgnC&<>=aoTkd}EhmhP<9>8y}zj0rFUYYE%I(dKq@ zkCQ+p76Gb6DOB|`6NE2wG5sa0`OAlqVg0mo)5sd`gOL0raZN@;=d_KJW~Z@XlaO|| zm>6Yhij9ZQ46>DmmZy5_wF2HE_7I4kuO|y$3w7oJ%<>ICQ1owJ2Sb773+N2++a4(s zcPOg3>V_s7Mo!n`h5zBgJq$89MA`fElDy|JLwBed{Fdq0#nrRh@hez@7#^>8=S|i& zbT$w`I3#NvrjFa&8%|3bw>PmJG&D8SI49H{$D_*}kgn(D+si#YV0DRt&6MHU_X^f2 zFkGqZiTGz#yQH_w);{IisL8Ah(WUEr67?dX z%S%6MVGsY=~WZaRVBxgJQMwa9(zQxxS3t~Pd)Ufu$%aEn_T^?bfns9G=lsJ zn=w3BE~d9!g7Q#9>JiUmb-C%$oUS>c$tRQ8O=g}3(Ilrpqc^~t9XJ7z1crZO+5yIr z;@b1#QuoC$dNKjGjCQE{I+pU9I^s2TE(b};au2@{G$Xl00XJVgutC;8%-N)~3>+9q z`9#ic3TRulwi*fwL4bm>*ASA|U-U+8`>yoCYg07$v5ASU!=R9XPYYYxHPUw;j>%R4 zb;`>?uS+Lp~C8r5P?yPCdyDi!w5LiHqs zP*s!f#Wi^AUo&UTo#mp;f4EZVJEWb%?WC4#B~Z3Eq)^H-@hNbe4$f=vwZ7Uq4)|JE zbcK(S82{=nfQg4*$5uNjt_LdsH!R;KdGyT|>NX7f?PmsS48-#dK?U15F*0wD_kt06 zlv%U#t>jsAsCg2?ndqZv%Q9ne7)!tC<7t^>*yS7yQ(B#ao^n1lH=O7d*tNgU~?skc2OH zVm{iREP4stysnsZ^0grsk1l=^l=<556P89W0W(O*Bxy8WRG0ij=boI_9-DACv`cDO05At z`+0mWC1<@!EJ$hJA-@))ZrsQl=ohR&)ROwT^1*olysu+)%g~%kV5phw*1FIKjYF>< z;bVa8X30LOKH=D`*vD#cK4~7RD*8gMTWcJfA0KZc-q=(+R*fsZeWY9GlISUgX2mJl zw1GM#y3xmf0o~6Gj4>Nhc_Z$9u?s&;tg62fHkm#1>4uio>Q^_;a+EJS$VMzEFr))` zHngHlqhm`&m*1;&kM-wh3w#QQA*EMbT?V)mN_}Q@u%_$}!9TX@HQy6hU@(0_d7`GfE1!}9ztRP+56-R&8-Bp;D1oO|*jB%E^!=b;rE(3SNUxb!YQOX7P;S)w_8v&+{bX zs)`QB0sfTed(CK}^-)OMH3}b-#6CCBwh9-$s&IhWr=b_qUFa>oNCfY^a8t<>(`soq zl)QU2r(p2VD~~KE*mi&5{W>Eh8(UVN(#dY^%1WH4m@6hLj5d}BHr(5#qNo^r{`~n| z7)?~?Jy3872ty;*r(n~+|AEhdI)CYCmG(YbCf^|gq`i4~XXEXa@>sR<2{dKpXp#{W zWg;FcO4-G?A?O*ptr6g75`7H>H;_9I4IszmG2Gml63KlGkr znEl@J{g!w8RbRty668*6WKzZ9hY_R;m~#P?-VF;>GP=c&-+s8FZ~b`tJPXooU>BPH zXJUE{qu~M^)xxyKxAvP~o<_ggA1kL9O9u&oX0-fKOhHnnZC_Iiv#pMw(wi~2-O5D6 zvJ%#e-Q^;l_jZ#KZt?P&=O9xleBM}mgc&QX7-63m*9z>bG=bBz&w}io7%P-}CKsktqcyZ3?LIFpe_ENju4)u@VzIP-1UZc|JSdL7%uO zw)Y0gHt)rVE-bhCxhr~+M(yXC21^5#EX!%i2@TmO3Kr(Fto(9awN|s`H#{`7w;o4- z`}QptY`gsK0C;K+^vYO&!Vb_QgCyOR41g{qIb@y!`aCAl$Fsp6nom2SItl*F)Y{HU zL&0|P8cuFNA`>5pG`LsKo@m7UwQB)pM3g(Oktx^%WKS<9=Hnop(4O~E(CiDA?o1hY z6O|R(ERQGG$U&#W3M5iPN&G*p!cz}GY*QD~0F$EfFzT5E&SXZDoY;}K2Lp!7{yx>*)MdA3bH+=E&&-KU;^{v6Ht)}h{3i2HydYQ6ySXQ=@z>l&CH~~+rkeC656A~lB zb*gbCPQG-J-L$EI1^ZEE;O0x?g5jL)ZO4f4@Fh!9Frh?oIf~;0>(xtiPqA3YHc1bB z^cmbLNhrgYmE$<-vb>+1NSFg*p&w=ZDlJ4^ zzX+747o_nJXKK_#-QG@up2bumjNi|bOa1icQj@zoA8Jxv5;dW}7kw`3RC3~}B5Y=VLncu7E=OXbCB1ylV%Qn=ql2+-%LZoYjGmmLo575);+% zwzTjU7q7KS?>~rghU$^svc_#a*S@Vqt(=8{pLW1zD{QPn(^W)>)arPUc zS?%r7uy_)I17#)V-{nm1%zIg!_P{Lh?o{ z{eZcuANkuJYkjW%v`6k7KgHAbE51BDIE9y`Wg;~OPnS;+yP~{2J1a{zfRu3vv4<}8 zUbnk_b1St=NL1bcy+x=fA! zV`%DWBWTs{hg4ERc`XyQ@d;Zyb@cL|+>?~cg|0GiO*`So3a+YlFY}XbiSe`a+yK8C z-bvZ8#dpI=Zgv#RJeW35SGala}wg}=1)2+YIz2Lu3W3Qc+ZZ`syAZ^cdMRs`lC z;-Tm5flm3}zp-gxiP+VRH^C0e zXNMJ;}+G9|sUb-~dsEGke5% z;SCw>wC$;}an3t1>ji=^!vd|r!9n)x*S~z^w(mP;Zlj{1r@oI&22zgTZ{)&WQ5s|u zi^2R(z zVi)GfX{v*7#uytpE(H98RmapfHkNKAQH@yXm?azzSX8s zaKDS!;K+a@D$2sG((c!tzawz&RAI+h5I!u(pnSZ+m%^(SVAKDqksyLcDTW`;+uhwQ z;<=kyzQ)x@At#8KeI1INFQ*gOJ3WnESmXFaYHO=VcT!9a`SY;wu&|HO(HHOCz1u$T zr~~IUF)s!r91Fo6W*_i0d`5Eilb*|(GGWiEi9VR2W0U|b}$mXk40Ml zuHa3qNKQ}c54OoNhwOEmblB-HI3cL5-%8$gqt-ne8}1b5%7EWJLAD0ubj{7vpdzk! zaVTd=JLt+s)3YXo1E;gaef}_zQa(_4)8C|X2WUg34-BZ^lacA1-O@Gz6LQaCH2DmF z{PDjdDVdNANCLSC!6%vA0eypTs?6NtPirqEsx4c8)z!%lW&UMQ=D!;WYXci{np5tT z?1aZf4CqZFf6=!mfhuA8xcVjVM`5lNf>ggZf6AQrWGYA6#>~~xFXB}H{~xSdRN6&b z$wO!<^YnAbx%V-*@^&YSyNEy4$33H?qtj4UPPX-WyF150H@|%sF~2?HOG0`2m=5_c zC#R3GbgM3yuCIu0MRkxoKYaL*l7{Ab#rPxx3&n*CxZv;m>oWfQuum3xP<-e?g`fxR zaWU8Y<11lo_|E6TVnle=cGAxg`CIYHfUlh?#>NN2p%Oox>XJD)K2MtP4G%KX=rG$b8-$MJIk$y zQ%phdh`2;jqXb8tT9gQ3X?b@3M(Rs*7VC}D$DoR|nrVbX5eCejxx2f2C7=80;Qsi7 zf5lp0sNbp~yL=`OvLYru<@7&?cwYoJuH?y-TA;~on$%>>t*6YuJdovH3{Wf5&;G}R zH;TQ@)_B8GSB60sX#8DKWKIhWsAv?5q3CO0on!^9+I+l_K5Vz6dzJNlnz_@Yrtwx@5} z5<51IZeU_0IfsSx%ToMRfWKQcK0Wg@rO)7S!;b2QoXsp{DhGRLtQ-+P#3xLCek>)2S1hUp*A4 z0j+xvWe^dnJ%-qVXu};n=%1XfgoY{O*H#_A1L-V_x<$XTLT8D6W}pWm)x)FC5KLBN zrKa9xRgCX5m8)2~|HNPH{TD|OgWE-1@=zGSzjdadLMLc1BV72V;ZDKD)E6(X%`Gf+ zO?ZF7O(F@rCk+n`e^qw>jxDEuXtF4LX@!s#)_}ai)#&od9j101`RFbu`}LJUomgxcDRa+= z@E-7s;ZLcc`lSDh!h>pqxT@m*-tpTjFIKf;DNUDq-+{sFr>#lzW(t*M72X z`~L`g?|7{L?|-~Rg^EZ*sJ!e#Ms`M}VP@|Uva&ZBmq^K|?2*0q-dmBqDKbjtMPzTk z^StWy`o5~y=l%Pq8{xXH=i_l6=W)*c+|T_??JUL(qKicJ=jP_*Wo6@aN%}$Z#gs`< z^NRG%ps3Gg{2|hk$XmR}bx@1w`=AY-95#Dx=V{;FVy2VSBOnNE z_?+vZ2P+)^&VcEc&-wQ!-c+fbr_6KvYGCse@y9G8@QC8V6K8(gJ6F=5?qd7;4w-H~ zmw~8M&EQSMXSt8y@Od?Z!WJj9beYOsJJ!e_x1cC8lZQ~lA=yvZ4gb-oQoPdOBD$A- zO1icG?Wfi2lutS^jv4E=_GCzdYDGdVlS9W_fW_aKwtjKp#&NFFEGjHa&CZr;@~4yo zz*|$zSy*l3Z1b#5^ThL@^QY80Q1OVZ$C4PDD(LD~RgOONYavSw*OeoopvWjJ#sA13%7m{KT|L2ucTLW9UH5iH1r%+VD_3NWy`Mq-~H=q^}2IG-z(TrF! z-J?bwo)^~{{V_75k$51Q+UpeukOKTY3nCHm1-@`S?XcwaSfQ_PZT17)Fy-jvG#9?3 zZ!o$H*dev)SG?DXS>+$r6Qcdh`HKt8@ys4Ql2=g)mx|(vyW)JW@WI}7Sb*lq=Pz3) z^Cr%uBC^@X`A}0+VqDzU7z6|)IGPB0p3OVFYid%{VTXbyNJT)-Ig-wC@z=eBzeA4e zJWcKXE0>?rs4;-0sN?@;5GbbH2NNP$V=jCW52wOJ%6(w&lg7O{NI-?~Z14gtc?u2f zqOA&E?teEf8TL}^RFv$&d00~QAu~< zI}nZqUp0Rm$z8kffp7H8{F+mLUtc0zlD#=|fvQFO&(_ZdF`}92t33)54{7aWE4K*OAwvGAnA+`5k(ZEfqrpnqL090XYq z!f-}%y7SW{Y}~P3gfq-2f5u`LuBSO;MhS2)FLzZ_J>5S&exyPD$Z_nj+Vm{%HAtv3 zj8~3sw&ks#3O0h;jkx%WH9p7XL=q<5{ZDR%vRnKC>4}+QIy$Gkpk~24^19))HnV6M zaIN8hI3X0_3&Kcj&HN8^C*gH3!g5^rQt3C>(y2mHn?_ z5r?qq=*IDbbq*LlD28mo>n?z^&fg=te*xKRsub%P264xA#|FTS8BOypbD@9#y z=AqU2;APk8sP>R9qwPjnACP=*cU6jDm;qvlY*qDQ3GUaxTR9t`Ql^WehT#qi2`0 zubID47>->%OwRS!t&c|%Ak2(=`}XF^b8NMEuPh@8SwqpQoiL<-=anxkJw63b3YY%xj5oSObyI8JZ z+>0ovqKCg!nX{&Mva|4Ad`N7a=;-rmD>i@Y!kew}d`DY>>z*IOoLG+wY>HOTMMgNs zrM$2|J!?0c9ht1TE9@^EOMyiv(D>OxnRTU3XXWsNmCh-2wKmz9kUa@!ub&PN_F?Q@ z23W?^Ssz{Bl3Nax)(y1!w{JK{Z1rwbgl`FErKL6Fg#bvV=;Bf()i;0^770FeMjhSibAi(=578T*-6*h}O6}T5Dxx4ICU47dZ~&-x2rkA74G(((EhuC~+7s z;CVp6BKw_2&*rE_=n?OH_TPGF!WV*&3_Gd+VK&hFS>cH7(zf&bVqJ%@_Rr3oqtl(< znc7>ZcYvSOdSO>)nQr$dWMtleN$F?XJ76>~(a-1+I|xqN;Ue`axlGn`$rFCGQ%7uU zZEcMoJ$mH!W?x1_ZKu^2RNfXdMN&7GH$ty%E~v6o&+oqVlM{UtwY3pn`?2n-S&16N zW&_9kXlQ8kugiS8sy8*C8?JfTD;tu4P?!y7cN4VY-i)1J+~kjfh11RT#l;eUv$>X@ zl~p8qxP8&qs|jseITw^J)t6SDeZR<7(%9H6q@+yJRL8XHuRGkxdCf9}0Rc_oh^3ang^45cc<5F%Zrtp-bB1(xlw(apdA0GJAH2I(w8a?7a9N_<xWGgAGoVmIVu~h~Vw!hig&uC%D#aan<^(e$p2rjPF>1JQX zo@edim4EoMjbh5qbQ&Lzvu0w;L$~8p_|=+~@K`df8Q(?w8xOrINxqM<9*Olyrh=*3~C&EYjZiBo2Q&wd|H*_Csq0doG>_lu8=)Uy5e~E!@Gl%5i zZ*q1&E(GCNBok#|CfT)R0qWz){UISMZ?r!e4*7mYix7w2!F!<&Uj(NAXX)VJ3;j)5 zFsaRGB1%M(x8MAI(q(Hqyz775!q8azJ_qH`{bJKYFFhk8 z>q5B3G4bG`3W zti4b4y}hr}LK*Z3r}eMD{!;$TUQIx^bKUpR-u%f4gN4a#tZ5oJG$zHA-E*e5Gg;ax zrl$O?`Ab$t&ONGr=(@;}<9{%}v*ADe!O^Vm>^Ur?eU_Gleoyw1lWeA0#Z!8TZ5;la zM|sEO=-L;Js>k~I_Blk@FIwGa`+bhUk0``L7=dt<-yVvo4`eRRNbC{XxlMLAuRM4! z;ZV(kd4=n6&!`flW3sycciEKMpdeK4opPa7JfYx1 z@2oVIIUX7L)^4wxn^rKf=x%UOvFKdAWh2n}%{uYAGhXJW$9E{!&u%4^GSaYf89eYu z0)TPSnR9c4-|gAQgeXued)Z>=w3oCf+WvF!5lS0)ybQ{U>`PPMr>33^m2N;c$WD2l zTi;-PTtBQ`T+wLT*`MJoCZ;7k{t(t`p?7L8r9p2>;#@oknqse5L4kyDh8E&BC*0R& zm|uJZ^Cx^4LK5xqmR*!fi;DV@z{!W0%SnHd#dJ(7F_$gnlUYC%i~Zt>JFFO!euG`v z4$j_KUM*6|k=F>gk)=cvP`C+)v>yrzYIOj_ChRq|5MFWzl^P%dx19@wxCV}H5jC<>4x?DV0>R5HJ-kCWb<)WKwKBeIzh>45-eTx2x z$gl$;5UDGSSdVFa^_ofW`_r2BfJP&Wp+h?fGCIPLr<{>#y_NUdpBms+=9|S77kW2; zeg6qx8k6vp=7QO%U&Q=o-DQ9U3A3|VB^uFdbDQ5M;Hv8{hY5u}EvCk1X2D4DvX$7A z!{8qLy89jiZS{Zpa3Qoc&JhavUn?)aYiwlV;!=PzCte6>@VKJIZXG{|Dk&i~>>p@2 z+X$5E2#%{3qWXN<+D#OmDk|99qT@MGXU$K}W-T{crc}w=y|^cp((4o+ zDP4M)_G`}BLyzc|*8QQ3V#O!lSQ%$Fstk?W!UibG9iO5{d;8b*%Up*nBwN~NdaoiQ z!GHVw|Nb`C9(y;>jnhpvn{Fz3L#l4|H-C#*3U(>%?cr+opdU11Mo4zM;-Oot{oY)t z>N!M&6nR#Jx09o{6Q`vWCUN7&6VQECkdsTGWi{(Ud9arWoVF^vv>nIv6jRV#!u?rD zd&2R$aC4~J=fw*|>?b}UfrN@mD)mGt9)kE+BnUHidbUVVzsWLzai+8P?kl?egKQ*v zwgvIHY;Hey>EZrwg{FUueATbE0m}5iKJ&vZUK~6CxLs7Lwd*XS? z&eo^EKLWV#5`wQh$J{@j2)-hc-&4&N4%&*r!NF;j>0$&zJN`cY3N6H^X$?yG?>ubb zL|(4;>{2mjT3(!#QS4WS1sM^RT)U?GS)Z)lM@+6(Ue@3+ zGJM$y1<)=IR8Nbl;A)FlQPJ9b=kNo+J5}-7&4;C@r>~ZzNQ6lQ3%t6I0GMpz$;j(t2e=OoXEr(! zGZCi{Tt1h9;Flm#e(6#@Ua%!_A&~qIlBkD=geJknnhyq+sc+9>P}Q;$yEWr0 zFCI=B^^FH<#D2Tv;E(z7D+}!cim3%21{;1e z<=!am#k?fTW#Oh&Zb=>i3AD0+7v2<{aFnWCAPOcG{q=CDrE zfKE1E)Tv)ifD#Mt{gnXfiHowx1;Khj3iKbC;g*t zaCGWsDmm&p5gRv-P|d^8j$QK>+JFc9JN7HV34pEZiAZ72#Q*iI^B21^;4#Hc)9D82 zCn0sWUl(P@02EzD6DYkAW)PL}$gtEO4mpki9I|^(Ic^Yw4gfd{8Sq-0iCR$2-b;bg z_pP2*9C>VqobKb;CGI6jcl}P$(P|oDd^-AO2!Y`Xy0_+{loNrvBY&Eh>|tY zB3ys`8sP^l*6J!X{!_s!fovQ3kcm0gzQhWY(dc-Sz_T*mWX=3xE{! z2$^(qNaD%)k3Skx$~@`pqo5);m}T|)OFXB(UNZPed$hyf!y5k&`#gRbE)Fb{s?=X& z31sW$>6hvwMur?W0ap*wiQs$925RI)B%o|Nf~{H!5v*=TW`2|uA>{FqNvoe;!KFr4Q3UWEy z$q(=9_}F+eUu2ObyKC9fe5dPWA+}nd_~}3P>X$8bVFvQb*me*9FOfUOKcpaaVC%*5 zGVeDS1l&RgLa0(vj7^Jb!1Eod!WtSH$^<=M;Om2?UjW?7!yBZ`OiYTG94-he1?K~x zuZN?mrl4dmOLH{I@N+*6QojEBRS$4jBx=Ic=`Xf6ygi*;fFy~{H0(AbeV^@ELWc-* zy=pr{GYjW7hrFjg#8dhFc9eemc18;}aeFYP`;Qx=b|0&=rbw;AKS;$(lUqNG4%GDz zZY799OlXgiLJH_VkOtYB!CMG`4JT_;4#YX#j5m6e>7afEYRmHS@`+i_{&SzF2U;ed zg96KJ()}5Pl`UKw1Ax1qv03I|`=D?4jE)gGyWX=)H0>Zd4L~Glo2U8;DS74*&Q#ZK zYj~+b{n!>Oj(x;_;(ZqhNO*N=I6p+>Yk&9n|LjqeG!(Y8|DM3~uZITK()8$1(#Y+W ztRrnlWZDJMoQS)DlF{D{9FY1OK}vwNbdODk9n6pq;52_~q3jxgGS%BJq#4-xt{pPC z(TsWT>!@ux`rr_vtPL$8DVS*hBEzpR)oG+y2@ogK@ej&Bxx#! z9BRy6uwThoZ$$O2IBfPfMfD$*%Lny$Vu65qCw}eH|Gfzi`L+X|mH*L0=1)Ks=BFXd z=O$nSnU>N`64B|t@QMQ_LT(X6V#S(NJ{T82a}2g(`|zIC(^ao#$hGD^%f$Ja-Rd&gB*xzUCudFNiaZ#mX@}8;`{qqn_};l4~gtt|KnM5 z%ivM2X$^8RoH9{UA1UnHVytDhAdZ z)ImX3+sS%_sw&^fJ3ju)U)~9wjfuLLcNW4hH?qYF=qC+_K3qOYaZRGTyBm55K>p%M z%!aG_iKn7a>by43*aOtW%u`4+JeH_F3uPe36Dc?rPt5Ly|6fDfFgswO0+^J>S!(*< zL@M6@j3{^wmuhTlENH^f$xMB14n#t}{pGL5 zlvlD8_4FhTwR^~7Tp|mdjFwhLVIsqb-NHGbBmhh7E>*zo&!0al#!4tFe|T3uz60>! z5rkMc;hi-5lv(UUEYm$Yxr0G>y#HZWNVoO*D;WbcIi`6nTRCb5Of3`n;zoUd z8UAi-n+oHz!Tg0ex%K3Lz}NI}oP$UPNk|V@Is{={;Wz?O?$&?ee*&@`;IPbaT6Slo z#epsKe$r>=&EXkLf(S!Ce^ffVQb?s0LG&6FiAjJegb?k0uP8pd1TOawc-oRL@4HSr zj5l)`8ya^DmUPJf#f|OVQO_awKWs~QTmUPlvOrqxRFLvm*+e-mw7v!W#_>j;jL-^8 zI_p#1oabfJsx)CPl1an*6Q{3Uwm#2%Up0_X z2^Yl5BcBQN0=LjftxrZPgJSxtk@^oW2DmC*nJ_la%gak66CcSgt`U6z8aW`oB~0W$ zx{vC``tRdm?UOpp1WPid@uUT`#iaUvo12~z0Xoh<`) z^T@TL`)$eH4rH_vL*ZFX7h#>?S4Yuk`p);yNXZf|?rZWh@Qk1Gy3#%4wJu zB?nL>hEEi5J^H}*?(N(66W%x$a#qFZk7LKz;+xo+ zOn+v-62&X4YbATc60Z-_yYRb*`{zNr#IXnjwu;FkBC3z%uSd4JCBZ7hAzU{_F9PQ9(Aob%>b03$o! z0IMzUc^wGoag=dd$OH~UMzQE18c0Y9o=jliUR9ZQ4P?&ZS( z>IW6uh-Cc#a2~a8ST&Dr6n3hFZ}bqYLZNt>Zz7rRv81 z9Bz>VzjtFBh!|eCS&=|`*;NnoQ>u;To^Y9aVy*8X_Bbo8?3Q%Z>zpL!l4!ZD7}rhQ zvidjW8-voRg_Y&K8ct2Qf8btDy65Kw!Z8UsG+z~17=|y zn$(p>VxjtOpp>NGNO!pjyXx`R5S0i)eNTy*S2+tpRuTt0@6k*-0w2?;$I9(?c02X-X3)_tvi(y%$-4Rg(Ru=vw3*I;?Bkrqa|^dnsdq~H)in0Jj`%pS z>ml88C!ckh4o)%h^Q$#CH!q+toYL@UZL7^kmaaDr%hmX2Hc-G&7LVWT^b`^@4HI zg@6C%kGnjU8)tuS3i=ri;cjtAAl}l=}V+O zXypP|22>0b6cv+Wgf`RXB8R?yzqvkp;>&|ewg;i+O5!h+I%}%$I-d$r7GdnAJ5eAi z;JUhFV7p|f5;I_t_GUvY)|YGt+Rvhiv3nI_+vd|~Yz7yU)I{j$V!vAGl!3mR(P&#Y zqTVs^=##zF(lgwk=S!u9j!G!km5rn~$-}*%-|?26j=Pn-7kj^QePCUD5?!(a9ohs! zC1OeX^c`usgLOn`Cr%yqv8w5_`bo5NMO^$rpe;E^9>Hm>{Pb*RjIm(Z%(R;$^nnDF zY<$KKas+)w)e6U&wl!0a*V)n6?ma&ezXrM^+Z#P=ZyHxYi)lREeD}*$F3xNA+t*R- zdvk&Krj*m29(Jc3+7ljOwero*eaa z&N;{Sj*}vH7A1^z_l_vh>zAIZtdn$!gU;qwH|{2JQ|S5}e)8(-xQCzL;4Kc z8W$64M^C-W8STDPZM&VS1$vy*^Ly1bE?vcX?Hrw74Hx+NhuedrBeZc+u;)I5t}Frc z9i_&RZ4aO3VkgC7t!MU%c?^aog)` z5!Q%4g%w#o%|F*S~_NVcsHw4w*Ik8EXif;8gh2L^qE#F?U#{A+zL7K@m@g~^6T z9#paLT%(iaW(}t&zM${_rH84i$f#t^V1(Au@O+B6T&9XKy0uN_w_w*YXOT;Y~Z^ z*kB34|1hu|oMVI17Vnw)%fnF z(N+=%m)X}tw|LGExovtw0p4cTbk6@X_}ZCnvX z+xv^r#iNc*=b;IojQ6h_V>@3I20k>d1rA>Bf);M-;KDraX?5H0s~p)AK3tJSi%Ym8 z7VjP<(Y-^vQ9EXhI4VU6-O_z(Fk3=U^8b{}O&hTpg0Y%+cw1$QO49Fl z4=lGW(Omd8pFdd-d9B)j#80-Qxc?w)wc`{2snGYHA018+GZ2#!r!6@98_mY2ZLjCV z7?LL1BnyXM{J59tJn%R(%LEh|=nI$oukfjmmmZdQv)|c{n}sE`KWBBaV|#`|idb0B z<5`>Kn1(o~or5B}tYV#daL-MnpGJ_Fp;uWcr}Odws9Vv|iAkl%o$|gxm+Er_K)@@) zslHW%0dvmuKogZnl`t0dHLG|Ov9{s($4u>C!W>lB>CJXs^X8Gh%*0Ydmv8ARiWBG( z>S8LIg5JXU%I|ScL{k1RQ$ixFg?hayzy8g*y&Li75eVMwL<58(^VQOy03~$gMt;IE zJ)#e6xz&UNSCNiXLqys|`!)4gK^tBd+hLkx0mYTfZQ=f)^5b&wEh8&MQ={g__q=XC z^L1tBzZyL)XtH5=Z6RPM@A64K|v8b~u9FELT&xLP5HEQxn}qNBFQWS7L!z zCibrGF{2f4@1P1+=}7zY`5uzh+iBwc{yfg(_FVAu`#_Vt1^R9C6xV^vH$<;Cwnu=zLOrqZZOh(D8`A9>z-b{)B zbk$5l4VO#nw&(4sUk{HE9k<@LTznI%w&%KDK~Vg3I!rh`O0r^YeP?I&Nkz^;jZ&rQ zR(JwGik+MFO$x7^*bKAKR>^Ck2dfo}qw!6Orl3G!YJQ~wJ4&51XOC5_EtJAwKf}UDE91aJ{P->oJh6~7gd_}}&;_2$( z>n+_Ql@D5O)H-8WN_h^(Sl{mW>H}i;nw6;`utgE+rm70Aag9vwCr|ftZ%V5 z?)j^zD`R`@f$5pq1<~wr>~6btSx%q*vYfV){062a?nvrbmd#O+tFa!8lIFmyc%SN} zhMHE6Ok7VD9+S*v{MOYcV?tMy5{CK4$Ub*T*Vw&@Pq?(2Aap(B^>T<7%QFj4Q1^%{ zcM4q_i$-fXnp99}tVx+v32n_4k%xuHcRt>@$Q4b#vf96b9k9FBJy>M9BeJ(UidKNc zZRcRQ(snK!OW$>U4GsNBan5f0hThx_rmbgZJb0&PC^m$Qy;j3ONUyTOw1(u`gA?@r zREg&M%U7A*Q!)^cJ0DB$`Ul&a1aI)JY<&*RzAtB8;JQ3L&6nAP{pRs{BmQcD!D!Er zy;asqIR%4tG8g-V&6+Du6%V+1H^u5KkNSK&=|z6oR8V$kkK$C}8p$WLoQ@%}>wE!Lz2urs|s!GXw@lXPWOVUwtFw9A&2E zn*Hqn&9pG&_Q`2~RhVo-=UY|G!KCBD^_S*vpwEiVo2Ig1C#wPH%X4?4nb6m<;8@h5 zsedFrBe_^)WAxxzThq7m5L9%kbM)f{T@655??4U~Sc)4Y(0_^TU0dw3_f!Up^nH@NxE^Fh;4$p(ad`#&rb8#~(BBxU`)pph-#UoO5&0gQf?2 zHr=bIBd*f%W6K*N^M8MR1rL>R7>GMF{+%e}9qme^@p&Egy2?+h5Kd|mU65!L|2a~c za2b%y4`0vDz|_?noNOEl;w(|=WW?Uhr>U|h= z>A$idFRAQ1Jfes5C~B5XgsVhTa12j%t3`T0Yq^CS%_)7MP5Qvu3pDw* zO1~X578^P?H2N9ODZ6HcpP(3jxzzMyS-Eycsa+gP3c(j#Do5zAUmHjsQ5>@$bIRM_ z&EXm<+>0g2w_fRS{QJtbMbgQ;Z!TvQikk89gWf-8{0N((igc?2Ys@14b*$HDj=2Z3`xq=q?Iv@9EsPPl8xB_bC^O{Yk#;+FFd@1009l znP~liX}8TCgUpxl2V30>LlMr(2OA$$(JRDFCwc}KOC?ydc7);biMCy|1{3liOR$|@ zn=Ub#f(_88ik_&h2r-;r$_(JzttB>RFz5|$2;l310VzD+D9VKqZ{)^kHUHA)3axx{ zhE0@#_2Ev|6Vm5jrL{f`D0bw=6it5xzW#mtT3kcf+f#K%su8H9B+@s{%7sb`P0X6W z01m&hrp)PVK{t=51b1-$ED|E}7=b1wXl>Utg&lCkTxNIN)Ye71;l1%PmG7yu9uLjBX64QN7{V#vsABYSoHUUo#RjT^yR1 zMD|E#ZDve_oD&s>v289#@ha+y=@|(-<=59YWX49AA8g}Jl7^^E+nzaYy|oo+yEj=d z?3Ev7M8;pf?}MK_Q{MV;wxY&S){$Pd`l8St4`?q4n0qL0C(+Fe*Eoqzcbrd<)+~sH zVeJPy%j~rDjdRg4`xOlpbN=X#f^4qoAcaEg>B5siR}Wm)-t}fJMN{v7Gh)vDYOtZ1 z;~lM{3M;PitQGcc+Ggwz0{it9PT$*2sVmk;`B?{ZMP|20 z&0}PZ9Bt7nf-rJPurQ@!imQ)Q{f2;HO9?vX@@YUf%@G~&HuG*h_8 z1PjDfttwqt-b7|uM0-a+?j=tt5Dr(%QHjN$j@I>RIulbKFnqKn>}sR`Iqebr1BawFgt^Vqi#Mil$VmoIwQ9-`XA`&d=GX5yQDVRf_R#&xB!GcV`}c_M`!72ZTES7;;! z7e&~1TzDg-e-5Dq{R1-o`IQKRjIv@``;{SMl-pmp ztj~}VlX)@~A`=yVeW|+3UDu!x`8m~b;yxziL>1tN4F>G5e?O1@Yb9bL3BS>(ua@)g z@#C@H;NDgVJH|qBAdpE}e076;b%gbDzqj)WCbis6edIF1p=7x8ErCx_X8CILT!d4W zYDNF{?y|UnadUhc;(ta*^OcVIpPk$NIFWfFI2%CgY;F+-gNRm+vXUeENA;6tn>H@@ z5@(Fb>Dy*~tK8qUL$SxyY>Bo<2#9KJejZa$8?S@=SPYkq4u|D z&_hf6)pnhZG&0Hj8x6C!oZ&KFO+kR0ZZcm$thC$QbI){Z$-+drExh9@X;^L+ zLh~cUY{gEhjR-RMpr-XI45~7 z`taG`H~N=-hZ4}dpq*@I_OOxd8LG3%&gOh2;v<4fyJEre1FF-mMqBFdZt_;xP}2Vg zSn6^GQrd@gJbskG{L#w6T>)0iI6h~2Q*S*@ywfv|TNDr!9_(*qP!8ycUUOYa z%2-SrOh{lSQUej^W**va-> zQS*ohRZ)dD%fa>+oX*R~UFOu>O!m}oH$uGMQD_J0=+&_kyI<6}8R|cGRSCJ>q_bUK zoyd+nYt+&AYP)VRX5iJtl|@CHVob8Rnviq3H-vy-HsHV^$+naOrzJ6kZU#J}IZl6A z5&Hzi0SDz>+`RJX^>^d~7bNWuW@0Fxo?QEQ@LuARK8oL*M+-kWVE@CGX~P3PyrAZf zmA455_QgV{+36#M!yC(;M#>)f~x{a1!=b1 z!%HWLLtckRXXfm$jzRd(pD>SO-O-H%*8qZQRuFtGiMHNZwzl1$w?vYD8CRX~wJrbp zdx$(NsOrXIFs=iQw5b4g=}dPVUE5-GPN}v}cEzKR>YYgXVEZo#T8f5hxhXZrVjN&- z!glJ0XQ|=dvKqJQpx^n|-7Kl^c4_-Pec#^Xw?!ba?{Y3-mI;?=KxfRVM zgW%9+^}b;QTigO)TC{z2MPRj$FU#3{kW5nYeS5u%?&>7)Udd`2^YkmUc~`$3?)dY zdeJsFAO9eyy#try<~OPg2T}d`vZwMRE+_@_#h#8EUIShud$+!P>ueMM)d)6$hQTBbWFYl#H)|ISie7Up z`v%UH9Hk25I$m;)Qmuf-&zHd5p$7@7LP`C}81)8F8YN_yF#k@~F^wC<$jUnSoS1$U z?X9I?dZQpd{(%$EgXz#)JoRg95UG@&K2iuX?ObwqQt|LwIh`Cr9!gVX2PHb}4IX56 z)g{~-(5Bmb>lu5VS2Ht3b0~GfD`^grB%I#cXfN*K^w?B&-P{AY=uGF__gP7)^L7|egiQMg)fG!)`|6A60PPWnY$(@B+Z_rcA$s!55{vkHlP zTNRSR88xeCOq=h2xk_@jWH;Y~x6$u>EUVix5wpbC;HU*Yi^4l(M$c6t2S)DXzcZC3 ze#pu`(+lnPuzPu>H6WU2YryH(!{4$lPA8g(nS3!y=U2YZ+t@6={OX*Zk$wqz zPEL-3-pvBDsz)CA1qE5c;gGU|B`3WHOIFj~L4hSpwGM{fKe96$;WhoC;$r&kSYp)N z(9v*vJqD(X;*Q-$N&KuDeCyvW@K=NUAU$p`of(?ZZAxM`nuNp6nw{Ywuf1^s}!vafP;Z;aE4S=upuepK9N*Gn%dz7_r{@!UB;J zX^5tPn+I12?i}0gTMAjxkG~5tf2wOkX9$yd)2IvW4HdQAlipX3^-ZHm(0YBnXjk3u zd;}x0(*t8h9+hNzrJ9s0)KuH&tZzeb^_D-IUmCKGUY*#s&HG2z{5sXmaN;Vfb*9M{ zy`;75qt8M{vg5i|`mJikiuvobL{l%TY2QjtjXBQFCzsY+5mp_9Xij3Wl|>SBX2y$R zkcHQ@!s`xYe?|qnQ32uvH1+c0Z+#JP*@0)`qZ&&F8Xv z3(vV#8$us%3tf4#BR}3j(NQ9rFVJLda;;Thh)PLIKx67Nuhq51?jr#;-3#S&CKo2r>!QEqe;Ba~h{ zB14-B2pI>}Xd?$7uxPM#I4zvO2yB5bcaR2}FS+au7Q0yvh|@TrS&i>@W0}vIb6|p(G_HDx=t? zQUZm^%3?Q(7g}zC~L}J^*2oYI$u{j9LKD0Hd!5hdK!)2-^ zmH`hY0wtovq@R8z$M(2a3!tfeb*_BF(PVT{iBMnhCmKFYWxAB!xZV0u?=RRSXWLir zjjzgt`yWM1hWYkoMxEG=5w{Jn{&aG;-dKq+!zqFYb zNRkC7y)f`!zMI!1tvEBev94+^Gj8FDj-RFBbkqxxo_c^81M=%ajX%N)s98syiZOH? z>48IL(pMY8%{GO3ry1o~jWAytb@Azd2{b)7jJ82e#&zhAX}p~~N;QDp5_VfxH^HBh zKY7ERs%IjDn~{%B^RxePbLl3B;~!)%@U^5-kFNs z{D6i3(071#TB>h6b6sd2dINJRi!^v6*H=qXboL2z#u>+t2JX@hI2$sPI%hNEYUw;U(9cxXPRkSGmaGhEm?R=6S)$JN=Ecf_`?@bmRI zfpr+0`2|!(6=MZdt)u*-@B&qeEh@!`=o(HU_mK?~)TB~wM*X<{+?9~Ki793A=n7^Y zEObvX3JGb|I4p7TCd5zLi0zm?5EH9?iUrqqi-ff7Bb!9L7t9LsvN{bc3?Esrpw8LH z%2mg-p?5b)Dx|n_Ske4cXoeINKt^0A5nUZ7D7Hg29YnK0!lYjBc+jjL+u$W_EffJk zbQeB_o!ZG0)GyObI_c#bt26FSYMf@s%Ix=vQb$G$rns$b<5-CmVjr{m55M=Xka9K4 zeQTpNbaaHqUamml&OK4z>jiqrS}&Y_q*$?BDUQ1S_$hueR-(RICfe+O_~YY(C_5eY zX}`hu^Xuk{=bbLuAY3#Xmj72?W~eXa^PV{I<1d{c^Oj&;+I2|-%{vs*(4rXI*3fCz zl~;ccsBb$JXQnWxeko4a)HIk~_Cev-Pp`;%EMgI^BdD6ZfB$|!n2cJgvkSP0<5<*G zm-}ETR1}Dqh{s>ta@0J{7RL@Q$@YtUYMbC-r;?s$1G6s2fAISL6~hQ`;0&03%%MDn zub{SQT;+h^sc(d`cb+(Y_Hl81r&=-T-d4l>PK=++&Z1mG@JMf9B^%$3|5(=r$W@y! z3z>V6ShZq!pcZyW|Gd9U6m!qrR9`JpRP!(9{;TV_ zkO-68jMwU)j7v{&mCbAmcXx5guR{0X1yxN|NY$xv3F#(il%HZ4;GlX0 z@SV+JMj5H^*e#sbuBFGu3VW|CuT8t<1adH`N*UP12HmB^tVEmD!O4*Sq3ysZ|t}6`?^fyE}1Go_X0uP&sl~u{rwVKM= zvH;31X!72_$JQ4!Kx~1SsQ_*9YFSD#*8@7L z#cC@pZ$D5EB9hE~z1Hn{@sj1OUr!ffhB=MY!2w6d~~ctMtB>KG->1-^KCt)ckTRAt_%SFUNO zyO@=FOfzoBm0Ddb7TQLc)P17|iFiOoh?$R16&hI~kF1G$haBKS61E!bt=(;nft06u z$umbq^-D!O)MG2l!KAE$wLTFstt3ra>yI7|1kwcNl?jjQA6~If5WFpIJeK!>M5)h{ z9jEG#`^udZyDf*#)7y)=XEwKfkN81C&}+hkcLidOIyMIcmZh;0(CV9>nszXwTeM~U zW=_NGfb^{|kj8}%f*kxPUT5p5FtWQ%{T4aAq;j;4^d|{XJ2R-k*1aA59P^>Z=Me_4 z_YZePcn%I4b|arn86H3#eSLafEkQv+sc_s5)XVNW(lebQ4(*z>(aN@d7irMW|KlfGzRwb7#mS}$2griBuA98hk0s@qNz?*6fdi8C? z?wFT0ApBrkdWTustK~$;odG{mBBlmEqEA>P{cEaat||U8nT6z4&L7p$IK9aE{oytk zj-PL1?SD$?ZJU`|Z_It=sv=Fk9G9!|)1JTyQItCsW}%%fz~GxBoGch%^ti*}f|{zT ziQMJQeTMNtA1utT%wLoN?Ap|6H#mJsC5LoRrxE>a*2rR2 z(k;D@FwLrq9Au41jSKf|b~qV|0?^42(FGYwO1g?U0w4y)pxfXDK@sA}3k&6uW)r*i zV=aOXqIr3^vJRyuE8_LwS1)+tL`1+1V^p<-_6UCx6ds3!SxX#TFn*uQ=doFN+mIS-oaG6Ux$h1E)e=+&70SirmtdZPlSe8&H*GQd+QBZ zb?gO=C;KXKZ=9L6!B$QCO>)LTWBe7Dn%daR^wV2`oPTkAL|e06Kn(B^oHFcTpB{{G zEX+wk7C`|deWyOd&@ijApwQ41-7PPt@mc%6zBAdW=SEQjPh0OnD;i-v)*7fW;9H}I zUNkb&Tv2&)^rY_b6-!a8M z7Ig}Auu6F`YvXZ$Tz6;qgWMQ3@76xUxxvV2%ztky##YC5;{|^##07LYZ(6^ zKFUSyT*0qy?fRL`&WNlQW@E>K8})jRkGCTcnmn>9{Z>7gECZ@LuqwUpU{&BQ105rI z==DYN3`uIL?pEG1E3xoH9)^*2VjscKg$;2_)orc%2WLMS-LUP*T_m8@P#!`}T`ggTC&qWM;&` zQSQVaoHLct#Z>a3B`ZcSmjdt={kU=BuZ-?m3dFCNRa(48l388lM&tx}s6qr3tEm}* ziE*Ky3yR~K!pH<4mQe9`@7{ruLeHFS*--ILSbV(h4B3Cy9{**F4JwcHH zjXVGG{c@>#C*WYE8}(*@>*(H^ZR$p_13kM5)&Da z)G6?}zd!VYB_dky_4S#@5a-@Sj2gKOu9g$B@tY%$zXwI1XyAg`uC<;mnc!CP;;k~K zDzcH9lHqWlbll$`y*3=Xc%gN$b#b96T9w@`s`2FAV|YJKkQAICKH4wX7~e;MS2!{j z(m|b)_t;IZK_L-wbI>S;KhNtV+gVlAYdq2OF@ekIX7Y$yyesBsfB#cUw7J2oX1gmN z)+R|RIS{*l_dUiQZ7zWpK*`Vi1;q-<(|As|3iJOvLLhsCbhtvhwcz%bV@y0Maj9X- z(C1m*h>$<(=(~vMA!oz?KZOO$*n=MdPtzQH2vQ1Mk$5&sARm)ov$oa#p0Op@nDL6QzTb5j)0F(@!b8%(gY%r#! zEd)u`e96NFrfaMxu6YkH6pQMEW=&8`Ob+q8NvCi93$P^FsWZyFmoAx(GEO2stM30} z?Y-lv{@?%c2#FLSE2Bi&n`{xX_ukor?2Ln>q9G%DlfC!IIFu-RXRqwN$+5nV=b`uK z{rUa={k;D0%FS_{=i~9XuE+hlU-#>}?oESkp)kitl&b07l?hvHSN8_J+Pb1ger zVA?zh3pg+SX^u7E2}Fo50?NUG@qDz?+pg_&YRGabdg;a?bb9rc@m=UJdAlt$(-AVx z+Pby;YYj_{?foiSnXRr~?h+7*#K7;Nu3Uc=P~A+b6?x%ZMTE4oNqE=#E&(~sYy1pnA9PB>{%E*7yXNjm?eu#0J|mw6TD|50-aSWQGegH zZ6i4y*V0Vy9;c3uP64X7Cb*Enaj7PLAQ2M;8;WZqzi$8_)*=PYPu8vxTN02EXE9L#W*@{=Z_59tFUaogj8TG8N?6BVLta zWfIc&D~Kxs%zzJZf*2%;QK(ga!2%Ng1<{*ne?X0gebpFFWDe+~0rFw$Dk`a3QzJ#U z4(3{CUIPCs1$xGQF0_WAGbl_}3tw5a1!F(C-L!o>6GKxkJ04S~fmSeNWY!=SxqA~d z$1Kf{c<)Dvc|gTfiOvh;(g4od8wd>s+bMIQ8{Emxakn;CEDTO~R95)axm7;nHeN++1#dsP;b8RDE$J@sEkDiE zEui&*(-6M=8o&4R;ZQq}Tr06A<#v?6p;--eyEISKQK1=zcnR-6e;B|FvKt3c%g}(2 zC8$=rp5E-r#WJ6;f(4pth4IZSr*iJ^?=vzpL#vO!_1cIua z&8mTJFR%JS8=0&^(0ZCp%zyM{OErx(cGvd10;PG()uUKr`EyrEoaiAxAodKm*!Rue zPCpd5I_N2C)8&xx7>>%79g9PpeaPuoKD`mc}8z zv!HBd7IC-h8Jkw)OVpv2YFxKbmXN5Ai=QA5OU#TVy9KszXcc>Fca1O^du<_;Do%sEwmg>(scedMqAhBx{{^K>k|UFov0`Q0NlLE zNib0+CIsfo{ah@U6M}Wo2^Ws%#e*KVM=7o5z+ z(ZPU@&bU)65gueto9Mb=w9p1lIc~V)8{6d*M{=I6wB&29?m}JvJl{FMc(bCm4V`n> zBdu+0Q~{N|pPipyE^glO6DBQJZoQ~7PonvVnOUD8EX+yZe#X|zhQVJ?p*>c{;pSX}p>G{cGpYCFdCtVIYQzkF%b#r4EPqK60_&Qi=)qz&Tn z!6n{Q&TZseMn8J3ajry4G`cI^r%S}suhpR}3eaIr+dOLPfV6`JAb}5N=x7~N-Q8|a zAAfgk9xnl@^yI3{i^~g*0vx&FSKE&$QSMd(_$2$w^ai?C<63_n?^;xRvMJWaeHB!L z@_+YLg2r?*TYZuLXW7*Ry*o;SerjmHi&4Ad0`>KAzf2_^fD_j;xjK|%)F<&z3t+Nu zCt-fkv&ZSHIwXh6dBl)mrHEB-_lBL_<0wCXB| zfDyY-UAfL$>SEA!};X28GG)r(bO1!=Wv$7Ny`d@$u{%ET^x-vT@y^V1_{9_hlIA~O@Pj3TyVq75v zhT3@N%_YgPlnP=D;WuUN=Af_3-G#L4qE-~lv*2{;=vWH_I503goQ*_!QVQzig=Y*h zvgE0FDAecLkPl2dwXWM}I%~JTf@lZOhw2SaVC&3{@P4w?zn}?fb6jH#>Au_t6-}E6 zpw}wEFZ}!W)oNI1C{0%X2=d*#ccItAIBq#7fr|LRMbm5#Xb1=B`F%D^2gN3ZQcw#n zu!vOJn5uZ_hIg{vzZQ6%r94z$D7Ds1x!_?SgX$SVxAbzKDo@v*aBL1ju!bF>u5)x{ z0HUsty#0(?Xit{Lv){JjSf~I+tP$Lr{UT}R#{YcX*T5K^ZAebS%zv_T)J}M&gjT0=_XO0<8V1l6QmWqKv;y!zKEI#?} zmcDJZ&^?}e;?nUV_^+JS-4fdbcD^mG2Xe%& zXg~Y}!d6c|$}pikUjeYl@f)arVq<`TaxT+_c#;22yo!0jD@{00k{+QvRSyryVAL%9 z(7E`HVM&nxuFa1iS=qz*R*o0NVZxC#9n&viK~7GdpF*azBtNE1#um|pe~)=`Q>Hk1e}>tLig{ zFxf$qM4|nboAV@E$mV-YEKi1#M8B~)bI4d>zxr-0bdQ6cy=8X`qbq^xe*ZySkMb8e zfHKR(#*|}yWE_!u#Qp2zH!Em+a>UYVWk9?L#p=JC)y&Uswq77Y@NxDc8<#gXD2T~Y zFFH%=Li zfBCLv!dYd+t8jWfd>MW}8fEOD*|`mqVgqW^Q}2VQGdq8e47vB_M@&{nvT#WMdF}e5 zaQ9nwiUO}E#uL9^kJdfx#-()?`LWkKqWjofd-0(Y7P;|gI0tGCY=3)qI6wSgKCVBpWy?3VDFP)*<}&zEf7_nq`r8~uXrnZJ7T*Swf|3rU{dEkPfcq?k#WwLisLOMVZ^k#^`kk9UDOGwOh z{~8%ZnkQKJK%GA3ceJ4hYtO(yzU9--tW#@t{9pGB+~`)(Ush2am~O&g+Po8o*%Sb{>M zH}&3HP2wm-LlTlGskjNGa*qEC*1+;Mc$+2iZ1Xu74)bBMGoc=d1yCn1zP=zr1@b-b zuN+hShv;Bx6rrsC-=lHf#5IB#DK9&SJyu!I9VvMQJ_&M&{eq%}sQG|mjWn!G+O^O8{LfFtx5bhCUvq7()KLljH_EZfwb#T;rYwhG+4TVG0q(dI3j!-d zn^!$Amya5q{*}k>#w=q__Hv(#_4|@I5qdo}DRb9lZ$;FH!BzzQ=BD+vYM}2xH@s7p zfz2zZ5wG~zW&qiV8B*H(mtu#e9CI|VwL`ffeYgiJ)eAa!xWLF<(B7+EJT>-hU}XMg z_du*Ih(i>izHG$ipyFKSo_7m397N9wu{qn5lrfhhEwD}CO_=5Y&4(+;;v>Mb>{|}4 z4@{aqEcoqE_p%hr5}%Rq!y%gR1t&etgtl8&GQ_*N>Ns6`T^(VCd}hAI#csqxFbnMp z8UwfyL;tltuO~A0U8SRmzWh}H^sTA?aB@RO6zo3g%bqTji3BiLnH&VoyyhTi#`b}? zNLBe9|M1LHk$zPj#Y&n5cx3+uM*$SF6Qg+w^?vMqn`MWAE@?b8bH6}8d3DeUMGi{z z)eF$0#;Ag~_XC9&9S8%xO;soFa*JIvS^^^IVp5ok@8q#P?lo)C6-Pq?4v@}vAU zY&?-)JF0T_qAb4)Qmu5mKW)~GeeNtAYnWm|i@XV}3h9HFjdJsi$Kbl3fUVu9mm?6pTB_K9v({a*!zn-lQVYY^&^UVKdu1b{&=y~=KwPx&UjvR zW&P5(YM>=!Ftd?LX9sC%z5fRNVk04-3F~-LQMVI(61TWve=_vq7RTR;ymDM#WJU%+ z!T%Ub-My_I+<2GLx)$;kV8M($94!=0oLFFq@CP73x4+YO_hP*$LBP<|32slcd&{r1?#>?$j*qVmasu*jueDk2Xe35UgAB^E zVBZCX)2M^Xh+6h75Fo`LGXE=6cEF99nm-gkn1`dMD$%Lv8jTnX>msUVk?s?iggne2 zmBH{ErWKU!i_s`UF2^?HYNX(5D+a4CAd?akTXs?A!3!n{6wiE7K^0JlWq}iyc-!%E z&@_zxlJW1JBrPoaaxL@WiiJ<`2pM7bg}GgrnAkNiJ+fG)d7h<+583fKR`#BJfEU#B z4CEfzV-?>&MnmmBJOu>J^x4tT3;4xFjj8^sltPBNv(3by;z{Q- z3_Oa^(Pf_hXbM1A?*gyg{kE2Rk>+Z%g-8C;FvgB)$Y#%hk)1en1)-iFL1OH?ThGCD z;V*jB&~^h}+VXC!F3%g(1Sgxiy?-D6KSvjIZRSQr&)YeCMfCCkV-VB06bB5=!1)jJ z#Tob40iNF2(7;oI<{gI5(Jz6#c!$Y4_IEX3h%a8S#s=WAe4~`B!Ry=4)Ao+?K#SD# z+`cE4=uAV4Ho)1emfLnGr_8)*bCJ5-Brw`MXPu4r2&)Ew=V)lfQf?fAVM4>=Ab!weCX__|u{YVEUERH!t$ULP zyQ|KTUO--Y0-8LL+V!2`)8H zK5Q-8X=ymi4g21eJ^>Eo5BJNxZ_!sa#(px{Xa4PQUmBz*{Rtjvq-+%wo#xe36ujcXQ zqtuO93%7sE6c-Y2p&nPP4&*{8e>hM%=c>9Hpe=_EkWs9mIa&l*4*4*&4A& z#u}qOHI&Tz@otDLM2}hqlV$H_;T^W?%lrHBVU8kbn#S0=jL)|gWI3Wlp~IQesqaR- zH4mDV(XTnc5#j?wVE|wqVxcGEzS%kZ{WVy)%Q(66r+~`*PoRF|Pf<8S@-Ga-1$-Gr zf6j@NgYj79r@wj;LR`TS9`Q3k+pREt6g`t6aQ9%OrG{r0H2BRL?bm~CQJIiB3lgepmYz_@H zoi;^JA~B8$v7=VLXG{W@Hk!z+3n%tr;Hx$I0zns}h3B_1>KKd--}N4tv~1WF-#8BB z(|T8e6bE4d+dyo;Jvw4o6nz3flpd{jNC84{!OOo}B(OR%{53X3J+lHJn)Uf(u8*4- zR0d@V9?j71H~PG<2}?Fb+H;VN{C_C~@PR-wccaE8>h|^U8I+V*S_#eFQ6SqXSGI`s+ z_dq@1v`G%Pi5rt$lWK-hp{@sU z85)on2c$=CX{KR`isD3l0>JIM=gRB*Z}DpPXTA|?9&53XW^ugkmx%O7K*y`-dJM_) z7!uhyX-V@8MkdCH&`{&IH(t{8XrPHUSG!c)h5D0lVaKEtx3$SOw=^?+pHWsKL(64+>dChF3$lZ7y$XC4$3WOngXwx6%e7q>1j$ZnBwLm4vt=O zW&wdwoJf%FE(XO<|!^Z*WY!GPyTIeAh zEunGaDQuX-S;wl$Ur`1P4zo7UEye9O;>Lrz2l)%ljl5ZLrJNCj3?MnfHaXqZ3rY>7 zsz3^My|0fH{TtoZQr?&gz#x2vk7dAQiPw4jH5d0I%{xqhnL(bs;wGkMLz$l7&4l74 zqYIsZG^%Mx$~E+bx1^8)^s9bucD{N{`ko6S^T6-39JKUf*hIv{pt0pQWE?dKiRIh2 z$DnI!V4ypbGB5&OIYmgv;HQOASK|9B1E2cl_d{usALdq&U5a6foA}}?BkiM`MJ6uU zq8Dt9B6i1g>6dpqJ~lfV(1ug#SE!h4xN4dMcs-1+0(8e1`M~zkYPpF}X*e(y4;odV z-2Q|E7(p0doyRFq=m>jQYx-}iY=M4*8qlwl1`VT{P35PHB5gK(-5V{?Pht;=cKQwg9U@kcEMRJ01)2fA~vsAY?@hSlWYS zK%r<}w5nPefI@S4A)6qIXrH`4PdV)$u zz75`;xPXE9=;%kyk-A|L+49)TJS>$2ueK9~M}1NnksXn{Eh~3{lvEV_WjHHt42j9B z$&o4qViKkHzptFx?w%=?SrICGbELH4H^j2S{bg3;YA82S_HR02>UVZzO}#+`r3KMbv>7 zb;4(aJK|yi#XzaUMOXopAVl*)JwR=32}&Kv;2YQLK*_A#)YNT8=jL$^a#7|qud6Si z@CpA5xagk)kq_v`2Rsz;i+hGCb|9o-LE9A%`mh5|J1gi0UV+v2_--(0iVSkVzhM$p zU{Ayx4nxF9=8n_;S*|xN{@QW8!@!9s<8k?UXDp;(#m0bW32jUp)DD9$wYb%aZ(Ad@ z26YO?>t7T;PfK)j_=tq;IvMnkpLKptfALD1CFnY@q06|3;jcA)O9@fnsg)+;KFAD) zNW&QUI1Y-Ml6MeUKVPXkYU{hb9ki z-vOlwGgwh3TB2jM$gNiYEzUmM!o-=4~-oClPB0GUWuCdou>nv_8bH`|}z2qEf+M3EZ) zuWn*kJtbuhT;3Xq_i69eEP4WcQB6d|1RlIHl{31NEbV<0SB)c27Gxi(4;yhg#2q@9 zp=wWd^m^DmtmA8kP=Jjehh9G+if-`f0+m6hW(phQ_-uiK=RBlMWZl=<0-{dPpZLK9 z@HOH8#u_yiLegI0aeDa$x%NfI0Cuuk)`zaNety)DRnqdRU3ywG$kUGa_uWMQ#;mNZ zo6*ovEvXVlP;**pE&Ji)%>}n*R72w{Ac%bQD5nq5vy6GU;auNSivT?_u&Ut9g3i`Z zr8Raiujh++abTrzH|+XFR_Gdf9sX-QC{DvxfKMXuU!T%)Z&IMLn4Y!17&SDKcjiL~oYs@(1hrG6u8 ztpS~N?pcfVqqZL#<0HgL6jL$8BRlRQ?@%>ZO3K%W|*5XGn#t{gjUSN z1{HJinIY4$7wQ!t!~t0D*PRGAd~8fOhw@vs_QqyPHxm++( zCwS{6?6d{*UJnmTKuu%Zr{le|$=N$i&0NwpE7@qNisI+sT!`gC4`T6u_aN8cqn^=c zXMgT^d^g+pYLB>|cvCP!@e}l?lEK{1{;U)Ei}@mAJrE*sk&~6ceiPi7R%GAb``rm_ z#*hMuV(E8tNKy?J08+iZ%@~Bz(sYp(K>gKU&zEF-iBIxJ%9S=Z`H301KzqSpdiBhY zE)Yz4!U~+6zc<`^^SsQRx<^Ibj`Zi$g9q>)y(`OXYyY(zgaV5*{mS;6mTU(2(u(kBA*?e_YkYuQpyKJSl1)6Q;}?duND4ni zk-~(S^y-yjkt_i1<5nl@!<2(t*L$n;*Hez2a0ed`vYZiJc3$Oj& zVzB-+3e#b#{4naRm>u-?PErnP-(z&Ae~jSXE)+L^&i0`pIr)Y)(1GTVB(z$Ck-+ES z4GwSGgw)Ft)E}w`FhQOYpZEDo0>~-+CPF(h+2^x1`kI6HZg1 zl@0M7W_utsR>~JUQAWb z5OC=?fI>Ft$sK=_OBcim4zPS>iu^USyzA*VBCU06{clFkTx>PCafqv_7zyuXna=*` z?p6x8%{W{8vGo__ooD2X{nb)BIVvUDP2KYlUEUak{^AGwY%b?R@C}VAnkCJv z1*nh_{H*Kut+aUMsUU=S5JcC$4DlOTjrST5nqqVv-Cfv&96#w3KLNWp8pfB|b{b=K zG-CSQ{Za*|v*&eG_rY!$FtmVZMG8nZTCAA9zq;Iw5U?8yI&v2Ne&(2;1KKdInTH*G z%Dc^II+6!}kD^UuB*osgG3!&_%Tmt{dUs=8d5T%hlnOhYq4;?})d-QtGttRxPn{f{ z_sV3fz_An;UZLRNY&alcGmMy?Hr_r24cbM(q`!`MJ|lA87mw!Kquae-3qkv~pe9Vx=!zP{*32ypyzj*D;6zmIav(AEA=|GZ;fP%R?pRzSsCyU^Y{1vToG0} zahKou+56jc=`J~{pSdi%xEFORY+}?4^^c-{E_NmtB^#AV;T08-P|{A@U7TY3!jzHK zz^bCbAY{n<_hEE$(QRk2V>&9i!yFCqQu|(@}%z97z(0YhpHt$L^91U^_r^IX>%Av z=V=vf{8BUU>>71lHQQT?p8vX-6v>(>SX;gx@kwQNqD^kr9yrumv`G5P@V{{pv&$$b zdRg?8g@mMP|*97(=n;N9*@NLCI4sN{O+dXrg1^{Km$+EcC@Yo5H1zL-&MN0|wik z6$k>Rf0(Y(g+NT~>39hNtu?8g=PxNQr6+H*>bRe$&$UM@m1YjFCGZ)E99iuI-lnEz zOEaQMz@L*8>LMbQ` zy^_FcgkTQgvCfsSc3Nz6ZRg)?I8P#CbP;}PwcKaEGc(uvg||xUk&$6n%a3=X@?ZRI z4ao$hKHOok@kJCE@Z8}Mtte4_dyIjF)mGLmL`x}9u5{Nv9DVv)E*3JXgJRgH5f9?(N)V}P!AIrTgaf*1J@qu`Lsl?O? zOb^I0YCzne=2aIL7Z>6oQu)TasdOSXT5ipzkZJ_!^R83f%*D?!$;>=*ECvg&i?N4*uVNeOSa%-|mX7etmwb zh{m|fu>9p5lv~*2alDs}?~p z=az$YL9@MfHo4#VI`i>l{jM}20;;xJm~Gy>omHOlK>8i7)e>BBXc=$YmB622H^%Ep zC36eiJOMFh)rfI)|T2(lQe@u6q)UGz*FDQ{hHFN0L}K zme^RReaA&kBGz-AtL(<;HxY-3Nn`%`ex=WE+p@)CB?52CiHZ4nA9voMWVI9oC9QiJ zGm~e)4R25;?iQ#`c{d<(ic3fg*I2;Ojv6wANnTUUm8f^iL9(a#`W~MKs$4Z!|GS{o zpD9yebNH-dgfy0Y#%_^qW6TOp?o44N)NF|f&ZM`SiRz66f%Rio-Ok3aLk?lb&fLZo zUb``wNJfph0=}u@DJ8qfIvvfz69p_ha;s6_hgmINe{j-nY2hem8RW=7!e%I5o?b;? z{KMKFl+4@yR&Lvq5gf(vE9Vi^{L`ytW+&i9eye~8aI9xwK><||1+0Jw`K3Ad0R!fX zR8AWw1zRmJsV5?@BOP^E^B=rqq*wf|CH<>42G?^`VswbmSM=;#tL%^;@gj0;%4@y| z$e{5y7+4N9K#k9bAv9;H#$5D`(RZmr?rXyIazoM<&nPrAL%DMdIGT3HVg70GD}wGD z5x`F6dcR2ShpJ+=>DRc(+@unEWNPH0;kyG{R7~9SAZAoAzLuV?97QSU_6u=(JRdB$ z(F13N!{G-ENdm621JwHopn5{5%Dz5=Swq!V)!ybOxY}r8$b)d5sm_ShrhsaTo7x_|96x*!BHM)IeGKujUIyd0};a)BRvhj zkGVQFgob^lo0Ij(B7hG{e02tuH4fD&H7b|{kbXjY%BEg0A&;H(7Za5Vg@#}6yHB`A z*Zb1!>?kcBMVlZDQFIrlDAK0KVl#v&s_}Tz9GqzU}&J(t@VVZ z_WW4sb`ia-wsxfY&w?B0qtzqSV8l$y_X z32w?Cn*R#>&e@L9`<;vul{NKGXnM>#KH&x6l|4;6p8b2UW17%5%;*>9tTS>yU@ zL5INzQ74Zy{!-6E{3xxZ*5@?2uiBB;BUOv-*wh-c4M19HP?+#Q@7cSX-tEEB5T~5Q(vcx7E)NKkuajMrY&e8+cQ$_tYSiyB6 zv9ZVsU*B@G*4rtYP3o@>f+^3J4!QC)@oMKMS(oXM0B-K|$&9LW{AJtK~6?AouCg`?-p@zUC5=bp#8)s3~W6Cn9AVXz4qSv z%6m~0&fpnH;;0R(X36B(M8hwt02*h3eZNXbxJe+^sD=)-E3$Dumv>cAW6tnnooWGb z#e{kS#wJlA53D4^I>xQBh58+>A5Vk>knYh@qwXLo7{p9<2A5lmpCI4!Y?%kJZkl=- zvU};jd&T@B;%};9wdET%7y|I)+U{cMbNp%YX%X*>244HRY&@jRZ29P#cA-AM$L#*L zYVq_w9*hyg{CEDy4)U)fr|~q63dJ3Db}%o;Svm-R9;{Ys*}v$CGd+W4&DA}7jNcz3h;Rs=mC-+pAe>v?vx z(U%H4){D~|G6M*Oj{T8xrq5A^k5IkaU`xkuyHVK*0at)tS2rrZGKS2seF|L}%xm2; zX7ZU*816Lspko}HdDO!dd-dle5LUo-$FAYKt<@Y3$pR`KIOJk zPaJ&YJnFc;tA&tDv=D0J^gTmAvYY>4mbJIhuXTPp8$v(UP-wHXE1VSFa6ZZGd$Jw) z#;l!wW(Ie!<#6jQ?tHkC$RNcct3ll(l0SdawThB<_SBRzj_mfI<~`iU@*0#5zRPdV z-yIewWPkE%1OW@2tS5N%xz*~I!qj*o_jA>yiC_( zqB9f|1r8ReMZC4IA##$@)H}6AuV#-@5fP7lV73j9V&mZrI;#y08MwmNlDwlIaex1!$w16kyReM7O-2{8+-#; z?ivmoUytpNymlA#(9H)-m4qjB9qhFZIaVe!d>eeK#-npe_-w|Xxou9ecpa<_7Huwe zCr8^1ZiG1&)mu!771<2$6=lgC-&{8bF*$NI*Dzk`f%N3QE2 z7>YG7$nHlNWZ9*;&%ru62H0F1($F<d9-Y)#D%Ou384&D?WOs@+lin)DS;kP&9Rm zp5G6Ds1zj^%_fKNKH7ts1J^n~sMVsoA>y>Z!h>AoCJv?2%?@3gYA{;)U0_?q-fl~| zTdmv`er*cb4AD6pF%e0eAp)V{4{_WMJD(@DpEN=>xpt|(#V3LOlm_0{X~ja0&F_clev=oOG+xdCrSjy`ue zOpLmE&id?Hbee5VKdHhus(Yp4xwl4l?H1JlMf+H#T^ipzOBdiD%4`N1J@zXcce>tG zWmt5^mv)f=+*;R?NtxuLzP62w0&tx6;_i-AF`BJ85jt-Za=iRu={S0}qPODUDlVNnY*me3O z6Lwm0lb%6`bKk41`6EfY*QU~d345+4k6qt`k%v8&>fy(?NV8v0OnT3{8qlgg8yVIz z4Ey!V*Bm+2??S05t?TNsIr)h4&+nT3eoxcnTHzNR!XnRvNRciD=BH-p={8dZ& zb6`a3@ssN7wPRscZ>?Nh0^xX*=VysJ0e< zS)6wn)I1Ab<9AWkwfT8=+WVzThWsGPur}8s7&fo5u3775H<1n;f;PK)OP!EzjoW%= zlewWUtj>qoJS7OH&3de`UZ_9ywaezDLULLmS_N9URqyIO?z=6-Am$@=w-}O^g6*y& zGkM7xge-#UPJinm_qo$(E5yj8ZC|JDE4}?CbgVCZ9gpQvQ3!RBgk%V{XzHel`lBTP z2V}IhiI0^@Sag}gMUl_GlXOG_fYLhsO=8bIMuw} z=d=4HOzT=$u9t)!o*LW^;Lp&RrU2PkPV+gywe0l03#-BM5%r3KzSCf|k(biK4~ds) zT-)ztwv|jgSQoH6)@cXWeNZ?iZC?(vEgukARG!%-dp_Her<0R~2DN5?x1!UZwtnV3 zYLc<`!40B5ugTZ`syftqus$YJU*oCfR$0~U{RUDVjm$Klm*PpZHxuz>YWf97N$8bWSDnz8I=w@}`c^sCJYcbCUW zIM=m&2fViKE&%p0-U}9cnWM%wW5#!$`Ru*BYvC2s(Q~lhhu7RuE!hRdr}I;Ro)K*B1V1IP;PbleEECUs>eur%6|yNc%@qd-d#oR)o94IUe&;kbQ}oY1r!h;=6F4UM9y7NXG05?Df(!_ z!t{^n-^~F1gA={oVuFjIoIG5}>-bQ3fL^fTi4r9PA7$qLatVu`NGjh|5X-hr4zwu5 zn=SR2cuKhU`9(P(PBjr{o;4>Y{hX)mTa^lgi2|+>U5Nr2?Ij?zREeh&J>4VBQ7`!d zadY8H!Uavr0}n^WZjPN$RiFFl)Y>ObCisH4JF;1c_Uw0Wld#J@KiOrQTQu?s0|mA9 zy$I8vi%*3`3!3hn+`fA^pHGxt*pNzC_T1^*z09JO#K=2`ZzcLsm}jDfiNI8MEUjoq zVwwaxCr$(zhf~Dln^azd+$LTvV)iuNH+93cRTvm%VIlOs+0;s8kJ5OXrKO}+IC4sy zX^b&1sYgRPiy~^72I_&;-4jgQx!vx}XMk+nmk74ct{UuVOreQA7*wxs?RMK+9#ax8 zH4nc|I9chdFqrgHuQGzSVC)&Vp88KJ^~)?id7m{$-=?H2uvIFvP;gb2={ry>XroI9E|26#$$zLh)Hc@DI&3Wh5$2$VkQk1bd?Yj%zL;KDqf6-6NUgx$e#PRljbGUl# zM)4t+)s}I+%68&)!o49xf`G;yR{aOgh-4O>GK-32zE{7LzkUu)dHqLK@J0NohVmyI zlQK#`n^y&n3hgYJs#e)klI`xa=Ttf__t6Qrq(5<9ev6$QH?sPcBmU1Td{$qnxg1m7T%1iXlvyxUp7O3mbS9nFdmkJv z?(COaTL*;E)nlnmj@flQwR>592HPLxRyp*_b;}*H7~39m$eXKhoV5qx-u}JEkF+Pf zcky5=bsoF(vq~bphf*H93l*Y9pXv=yJvqIHi_NAqPmza1haRG5?0hjT zr~1SeX*L}x@T(b;ANM5MvpJ-E=bw8Q;;`Sp4w*U}oJcrMGrjyPexz_RS(&y{wg&)TCxRu8QPXFeP{4|YGq zy~7-Ow7W2}d8lsORn#868do50sp=K-)uG|c>F<`wk^Mqd4#Ltp&{9hPJ(y1_h+ z@DkIXq%(ByIbJFI39LVPfht3RaDUVF9|;Wv^v?WGLhP&pkxsituW#__V?lkLNTopJ z(8P>+^+IRW=ma7MZTr?(c952$QE!P`?aD{7x*bd}k>ip&)t*^*MJ2L>JhWnCGl>39 zMLjxl&SFu|Oczp~M@q>+z5!%@l7`=O9u7nQF=X1P0A7 zv6lj(AAFUemXG)%`EjLR4L70$Godqax1Q*cGL24I_u*0w-|C3}uNQ!L%Wd~MlxnR3 zw7tWC;rn;P8KU=2`;|nZK-ys0Z7{2Ms1P>A0_OzzlL&~!O6CG=w$sj>%yJI`R$2l9 zo>H#+;@7UHyAAsrA@?>|bkH3FcIG?7rB{ZEiju$hF92@W@>Yz@NEhITUF_5;9(wJs z;jGi5@`p;{P^4hj`=xp3?8p1%N!te~3pdZ?eXRQgRzUYp z3vezKM9Scm_T}kdXgU-~fYt9U`YG%w#HJ9>-J3-%?5Pf*p{pFWR$Ix~=-FI91E>3j zzD}jf`^jRTvVhL0o*w^$dq0|+Wy%&<(hbHc`^qd=4&4Vx(;A+0h-l$}@Zf7-TfCi0 z7OYk=uU8N$VqviojT13KLQKbH=@Y-UqYfWUlll||#RnU;n+O*+gZ;_bqJ}d@a3wGS zNE(rAVzL7c*NQTkR$X%523f7^CadYsI%cr11BXx7N8LkfTvvu)%Y(=|+c}QcHnUra zjK(rPC~|{#Fu`sH?mh*p654($w{D4hw!L6W2&**$R_cim7C&#ke=RoTPmib z_~y|0L?DWLrhx(VLbdos_%GHN4>1F3$v_+1n1*f>KKwz!Ywux*mosgQ^g{*93qmnQ zd%EN6$J+=2@!(|sB1`^a1%vAyPR>`$-)D6VFf#)*kg2FGqvDH_2XNt#+R;iy_PtGC zJ|(Ufw*wdW4CCQoZsY=K0`Rr*^w2foJ`w2|+9uZ&*iPv_9=4F#5b;_y`AZ(}-P})s zIh0TmM7?&A>NM2OhsQ=ex@yW(4jmocZ1UuY(_=?^r)9OM{q%51ame6pYmkpe(2FUA z0U{2W5y2QKn!(rEAmmxjZL?>b3%g0lEAPv=>3_7lH%nG=JkVc| zA%3)Tps>aO$XSY_hV6hCW0eMoQ;PtXm2pX%!CdoO5h@{ho%g4@5^|b62DaC@x_^~* zi_AvahA9$ky}3yG@@ciM?Mrm-^<~KQ73jHB*6n<|M!0TbzQQ5RH<0J7Hg-~o{w>LB zKb?qGUmNF+Jk{ElB((|~jpfOL_@=2l5T6E;CqpKTHf2cys<;sLmHMg%r<0Nl_i+`Pp$1x0SNd_uMzF+k`)%7*-%?p|EzN@3cE+`xCf9 z|Hgt{sp^-@aczO)~bi z{&;UN^(9xPZ({B&M4vJy6o63LQ!PoL&vxj}uraQ^+G5s?h>-?SU5A*pv8<|_U`kX$ z)j9~!z4y5~z{9&5CywgtG{ zO)@I+i^^?=0l_{uBTYq2oNa?Un%-jO(!5n23z6p?rEY+#E9{T;pyuM*X9B~j_3#&l zOH9*EUSr*aQDk%Y2$+93*=h=bqAe&rUBg@Z=X88yB02hb^T$>u)1Pf!iGq?7S#)^g zie!(Rq2%@coZ60j;LW~zua(0enzbS7AG3eEb{#tJ`D(3ud@&E|>J%69B8dU-puM zLa=d!-{?yb+aq4DZ27bmbGpY%3t6UTjhngNJ#|qqzp=+d& zNL9iRqTf1>dZg2^>$kB9XQa!p*AO=s3Q&>;3;+k3(u*HGn*{m8^wG0L>4HT)bt4(D z+1mPpGx$Svv={OBMB;aHK!X0BLP$BULb~_&h0b{Mp6Pp>W?RO9zfCwbsW^IKm+lQN zuzj|{JlcvQ1CVNWI6!#vsDKO%Pm_|%MDYw8*;${QwS7;=qrZ}$BF_7IIZU6Mx>HSIF-r>;DYho`G0tL2bCzx~f?o+)+ig~PgNWyyG2Cxth z>cbQ$nKTO{wr7o$?mTin`Fnl2uOjcJCO-^WPQnn?KOVn^?)R;GNc-sl|$if@jq zIIBvxiIMH|xZ0g;`ksdaE@Z`+Pp|q(8(Ma<<>aefmew%gTKV{c$R_8-|DUNHk{67X zN0JZbWs&`e+_U)~Lp!scZBZz-GN}gHhv8Z!7UfLeb2KM@5ktVAhOT`%Jz6v}d-AHf z|<5)l>S^md9tK-(nGLkf`dI z$pwb>A0sUADjrzT(uH$=Bw>p>oJ@XXkmRu4;+VrNFqE_A%5vl-(cTo zV{Nk`dbvNV9r)+@)uOESP2ZE$O=&yS61Zw?4tk}hNr%X~4r?MpgkEih*6nW8-Xo0TMj3Ag@^ssBi8?^v1$oBljZdVEPo>_rW*=hr3Ho0x zdv+X{`@!?PQ7Dw?{L?EBlz^Aqlc4pLguW@hPoo->lxyk}LOK?b(jg$-peP+mN(d-j(p`5<(0%rE?!C`* zfBT+471m;Y^BXB-@=9TgcPlT0_Y;_7}oDWQPvPj?9DvQ^nxIIq>hJJVM5{e z{Vz37;L|^tY>5clNScCj%P+%(uWwZ=#e*m!kUBWtWwx2GUO5_tb0rq$sGIU)?(Pk| zqfPrecqw`x(G|;AwKqX3-N({}`sN#wo;~Sl2vL0>AAH$mW3`X=K`nNf${!VNHQ3zM z&n99@l+XlC|Kcpe?7xooFq?DoAwSz!+^?m>}@C6c=z078t! zBhVcR@&!wWo>`6UU@|-jhyc&M=@T9j49AtJJUVc_antx}(Ifwk`otq{eTXE7m>qH0qaf70P<$;$8<9`(*-7cZZ8;oaU zkrGxMYKwzQsa82d5(b~#c-Mvu)ua<@4(|O}%Ghg5Oia|QId?cvt^{4fYk_3EvYXMY z@2>rvu)NuN}}-5VW@QJt9@%2eJ87Z{;qpU!EAqR z?O{3nY^R2?bGrcrFJ?x!*1s^(wBFq?CN$k{$9U+sy|>d$@X0WzXul1HP+|!{e{lrj z|DyKUhyjV88jJAS)m#JClf0aZ<0tL0Iu7r`Y4!)(b8)YeqUdSB z4H6Z9;E;+G**jw=j&7tp)2t*{8X3cF-ZG;=W1X}!o1QSah(k0H=R_ybeucXWdQWm! zp-cp^sEjcbW$h-KlJ1`BdFg+N^`S(u>+g_-fxGuC)39~R7{RIK)w1<}rK*MOb&b9MT+ybO(iT z2D7;}S^UAqT<_v^I?}1_|Da^T=doW_WHF$K)sm67vDhy+*O!@n&^y(2-~Y1zpdR0o z1rpQmiQc!_Zx4#qng0b8@pJVDNfI+lLYTQeRq1_t*Z(@sC@!nIyks~7b%`8GEw7$D z!BrL7QLMUh32ZnxIHByiLcY+%NpEvn?9*lnXJ==x+I|+!prdu3Qiuf*lHtF9@@qdTgxP`Fuq)4+GV@_^R)*fGUgJ2dISCYJs*-!PjbUM} z%dcmcKasxQ;6!G6e2=~`)6?IDox)Ldbt2A3)mtg*AKq;WSuECU4rcF~BRy@AKV0CyV>< z^FNUWcS=^M7eMqvEyjc$ez*?TG|uor_Z zg%-ShE_2}t#ltCYO-$LwhUU^*i*gFO@g@4ZgT2p>XV>e{Aj`fg^6TOW+6&s|5NJ>& zr_sQKPmC9Cghqvs;+ur>L}Ak^m4lYh+j|>w0aJey_faDGBu+fFrSRnR&iRj9)(2h~ zSjH>WuWvlU;G|w|EO9Te5-;))TWtA~dMKD_J=J$d;oG}?OS-2<$qlEopTUwcdQa?jNobDJbcIUc2)msDt+&kKse z`dzEr^Kylht0sicetJ&VP0e>u>wB@(Wz)f;*N2rf-kfGiTTm>XjQC)X3Mk!D`Olv} zH$f4dHArwX1KLE_e~6G4hv;ISxoOq|G?X{Bg3RaCx($1?RP26z#`#fFTU#rz{`Kza zoxJ!=k88R7jo%Brf{lzU|42SG3zJy*Q81Hfr>!tC`XWq3eBNKQUe4cWk944F~#HspG z=``;}QvA9@)yb?smlg8Jua2C>27u<+4f}Bf7)Pw{8Fw*LGrXcxiaFlL6DpT8~zV%W)rd?<&#OJh1m3T=wkOcADil z*yz{g@1dJaLU(f6T%ZmT*w6QnIA~iw{EWZ;vh4Hcdk4jXs&U#+Idy#)x9=)fqCaqih8%zYx83yL#En6oKRm1* z)h1h@GH{uc(;-7pJ`IYbcGPULNY>bE9o9_g&H@=;)Ig!}?3Gk>BVd4;FnjbamupUb z!*1eLRH%>TpqV;Eb(6l7o;_RoC9bzs44yxK4tbKH)h+}ejQ}6##`y25Hyawe=0|b+!x@StW z&8tK?5zd}EFZ379BsK~pf4cLRE<+si>+-2?@wz#5$km&2h&3Hyd9VB>)6uf5f1k#< z_=?Z-0RqMQ);+zBu`77sWq9tIas#hgn8IzQe3v014ObfFsT!~iXi1!Jx@;-HE~wXO zlW{1QE#wdn-K(Yy9wCh3tt_&3EA_~$>&Guvc<3%^(U-$}*P++=`OM7eP(jyMBX!a1 z@?<%^#y-Kp7MpUF-0wc3xJ>T(bZ6vWCNBClch_?Bs=(7%3xR%JNvD|@8Z>?Ww z#rSajjRUW$i@DpnzZdgKrQ7C*S#+vLhKudbJF$n#P9|>vvB&4Us+^|duTrh@b{^{N z5ysonF5Cl~Zp1IcXvC+Ee*9_*Ne-o#v#S2UK1m3OY^YF0h~Wz{1PQF>pI1;4K8?&9 z2<%LA9+iUoEKGD_lK9?EV!Qfks~YQ!y%|4C&GI-%%DHz2j$NbqJP2>tYu7?jI;LRy$n^ z!@`MJ>5}})3Kw*zj+~4mGS@$xT%nQkDurkv=>?6s7tgWqUk|G134IfyrWWlySS%e0 zeOUavIQ(?jeSiZVj{`h4OPy)#$3#F=2%@u*(wbVE-zgGsA~TGci74I?Hz^9&1rFyG z9~~W(F|gXVq4u6%1x(qNZn>S&&USLM4k=#T?wjLrJFe8@VYLLAx+Vx10(wYtRdk7< zA-Yz)Az@zCV_KMF*sun(p9VD6aiW1+kyXWesj`}`2Pnal6B}Q;WxM&zZEIfjlVMv` zQyYw|4I?9Kn(C$(|G?+9fG8-yp9{~{UCPOuieCSu_t1(^p6qv;yP)=?M~|-Gys6BlRYoN$D%zDM zV{ST>7P!5$Q=Y0TPFDSN_*+Uj7TI) zo;F|D*`1$V9SE1B^*r3Cz)ERAFq_s&;OG{4G|q0_oGbbXT&t&Bqz__l{3M5E9g#uU zjSfRDDSbD%N0Nslmjd`Lccf1JA*h#Tv=Njx_ScdvWAfHOH`IH}pB76WhD5GftnfCo z@0ms^G2867Ict0{4Z3=Z!oXVHr!^eAoi)iB zrp4|!ulGMceR_TLWcLsJ$!G*+FSR{~&F99ciXSXbYLH8mZ1=uyko;Q#_~9Rq1O4u& z+Mc^(q{S?44%K)oG@eIgn$ep`>Cpi9Rwd!{UHvvkBW2`Bm55mUrbsAUR2q#Xp4dVD z&l>46?o4G3^P9~TX{d%eBh~;#lqhS`;SaX_xXV}f9o=lS&8f9i2R{twY%tpUc@o#U z0HhId;}yXF&S+r2{EHGK1zx`}YC?MW=3dMmGQ&#z_)xI*ev&#*z9c;}#ihkbVzk1` z#A#=px*2_c&;^s^PXDohPUJGcauR-KIvs1rpE7OG07+7M0S@@ zS$g;IJi@@lk~(zT(L1KKyz$|rOGa07EBXrPcJPUPDEnvQxMg?7zR#|4O8GQvm1hY* zE(erzu3qXnn0)bqBVJNBOhZOT;aIO>s)pm+BTk@vv#Awn^O3R}QxC{E5~IAGeY+~w z=8KUiS621cD!vrA57793r0~gTxHe_|SfKT&(TJG}ZDd|tbfI*ojJBvSRd(AswWPt`gClF77(vUD&CS99Hl zD|jjkflp!efY63n;OZOUHlNmqiqvLK%}wrxlTw+N{_zanaxaX-aV+3++;GCqIii2) zQR>qY&VCJlRC9#<$5%S!$rTYX4G%*|pwSXefX?+Mkulx~5R46h<&`}F*oI?0m(MItVj5T?;u`WiQ^`AYcxT|rn6 zJjsSm2b)hzX+@&jEI+IupF?DNxd2Y5qjRbP!LBRfX6T`0LVOLkJ}PbcUg>9G=4QHt zc}(yFKh>f-?ud;rV#$4;>(hDqOQ@Oj!ossiQ*@L;2lrnr0NOZi&e62jehs%I{&KwC z{fUr=FIq^Pib-Gz0RtS?h8$6>|ADFNu_u^sV)^L{)hr@jFu#7$Jj`~j6ZAj|M(hom zjZC^gMnO=c5kfyD7Md_PEf?-*t+MOpC5utuu-Dg-5CH6@B!vB3vQd10=5rOi!NL;S zE#C|H9VJg1wAzh|!suHPpsKYlr(m*oD!;bM06cIHaS*B~ag6V;e!jXejr^r4qLVpt zw|)#Rnj#iO4pu$0A|X|D-Ro5DMqOz^oUZy z1E*Y+*XJyZw1(a*5v`_8;=22sNAU4oT_t!WSH?uyrk&h*c6lqRaURwM`A<5Hp-yO} zkq!bp>A;B+bnhUZP?g}8$5a)IHYH1n3w_f&83DXe&jEWubq;P*d9dhb9M5KdY{^CH3=l?v>wxZrvvfulU*}EYq*zO*S;Dq> zb&DaJXQ?-CtuWQ8&r1hR4mfl($fto+ zw-`d}51YGO2w5^5sSODWQL16(AjY$pfL37#x$REkgn71bCL>&wM~5`QNdzf}JtL2T z@TKkp$q((IM)L>pS2YB`al2EEaeJpEajHmO4o%x4QlBaQl4yWIP<9`rOzR?|9o#2L zZT^&F{V@^_8Cb&1v=-B)Mrb0i%fu0DC}!`^EE#`^T>=5T5&{Y*d+d$&WNF71vNHpF_$*?el`yk)C^v? zx*shqW-NfPiZCE}qw^=H5vj94B+l|a3YI>q-x-@XdONX=!c(NrNja?l8>r+GmObSY zMJ5phMt|uvzvX&sekGk4<17;bG_uQ-H$4=gef}m~AFe+F%$HiOr6XLUbZX- z`CI0=$U$<&{@FoX(6Qb$HpPIv-^0OgfnaHT%#JnjqxOYBBu5YaBFo%&Fo;*iy5}kgCFNuDb;=q3+`5 z6nQq{k|Q>_<3}7fFj%fZaO}@=vm22ZMeO5f;v+5erLonO5H<-1?zy+$)LyM1&+wZN zftLowOlzjfx{kzBAdf)g% zU<9y&Z~c8vH$}vtY4MyvuK$&EOr^FVAK49?NrwAqHy<@}_!N3sIPpjOZ z&iwf?LH--$0EK;RNX{w2bgU&<{Y3xy0T}a-zH6Xdp%$nnk-zTpOX#l?h2ReDy6oTQ zOF(Ke=}|!+fvKYxBQnQ7T!61&&NSgoH3Q*Zkks!54Wuji#1H9i7Va@W41BqBg3%wl zbR5GvzF4^JB33&3-dUy@7-uwdOnYvjKe%he6v;rvIGeiYXwNtdJW1@e@p58x5-8mg`&+>2*(I7;PrZEwEon>yqf~BSnc~ow@nWXnH zbqB9B9@I6*mOSxWR|Ah`2~`<%MB+1mA>BL5KZ#mT5eRjtWK^+XzGYqw%gdtHWXHuJ;-; z*}*sDPHcm~H5;jwP z03j-kJ4KHIaA@Uc)+e34+bi)~^E?mIZ?oyL)D~rVMonXh2Ek1{fLl_x8$cnO1Ay+j zA4C!CxFt@sI}PQQc&Vet@^LaTeLNlS;cX@D#cvrIVMqbLB{Bu13#heU$2|HVDZnPQ z>-D+3*0Mivx;aF}1q?RD;zC1O6{r%TuwyutNQTZ_XqNMR!caF9~&V-M#7D66x1r^1E_2{j}r zphAB4|34_mVa?xKHr>(hJs$}Ezc>%m7y?=pvYE&exK;$)YUucI^_f&g%;b30K)rwd)go*|2 zP3!YS9pQ}BHcEP}p5hZx=lbs&wG4;I#al^aob3l$FOx$`s22>5!nOrRAACBr2{C{D z=G;i9F1l1ncwzzhXJIwI#`yY^iDMioe9O&@cR_mDxzTD^*C_S{z&f@hT_W>2bY|R zi!ERjw^U!m3sUEA)Y7c3K?>F7G!fPZvEZ{fA%grAuWY#P5e|i4PMtO_oEdK7IJul( zGkKl@CKdE-_oPl|F}+1y>!{;BIH%BG5=fMV zGT`+uT-?aSpPSiMcVvXR40Yd2(K0zIjST6Ks;=FSH?|zbT0wL)(9|qHO9ULqu~}YW zR_pxj@Y+Zuz9qD{A^TTCcC6H3^6|PD?}_!s)R3ny`&d3f#RuQN!R zMvFHcQWBU|k#rd;MP(yJRT_>>;n#b~m96!L7V}AWjPA_2Gai<=XgI!(Mw(s_BpuVz z4HvN7JjP7uAi?!Ij^aPzrBlDFxAifM^Jpv1rQnafdCy^Mj4Xh;#R%p*%uC>S1tuIp zniewB%*e22Q2YVRO>#jR1>er5pGqI>=r-SJRmD>Mq7P+dkYAl@p>vw(q)lCFVot@K z=Dv-&_9ySQ0lo$js|O^(SQsTsf=sP_N7=4S3JgI-<{yBR=69*d#N5Dq zt$f%Bp?qT6i=Mq-kxFbi7WA(uR=)n613F64gNGWv|g{?p3V(k*ncr|-_Ep~q;cr6fZD!&g#EVL$qHo&&0~x% zel8p0wPKD-)!7RFL<6GLzz3y3LYPUfenalb?49TU=gV(VkdjLw)IyB(fq!%5e=Ex0 zh^osypf~(Bh+Y1qz1(?cXXk-Ge?*Gn>t`L@pa0d-(D#P+_Acc*5D|3>xCLb-@}9?N zW67tPgUZL{%yjh}J*(N}4S`b>>H-Y z(}37vA#`_H)1Xh8ovJ^tFd05SjmCwyPvj^a3Cs%$)RIinuaR85jNE%@;FaxS3npJ} zSxr;%J>QBp#R<`7)x875X}SjT5IkXC$C;hYu>F0<8-co!3n*6#lVkqN;cF)e>}6t* z$p0tbSBPa-2A&oFAZ^Q%B{_YAXjJ68)XxsNQJF0 zZAj7Q3heLir;I1}rpVV^&9#UuIW`Q?H6r)^Y~H_~exHD;-sll6V$_{3HqmwpL2Wdm zFQNR}7!z{j5F5Qrt-)I@KdCX)$eBcqZePEBw7Tg;dsvIw%-iuDroIrZbiv?SH(;IH z`)Tu^(mj8Cm4cBTNsRmc#H9TFxLk-=4Lzw0J@`i|&gT6Jk=#K1>ulk?z7E%<8?^A+ zEZ~rq0H`PnjC_fdU=U@xhs0@*IZzPMMBmk$%F~?q`dYnII_>dCt<|=Aiy22ew!o8g zJ@}>9?)|Ri>q(r8logtOzEcf&Xi9hs!%kY4@_wXFt6%q&bq0@@7SA3AuAm=pxZ}U% zoI+Znnw>ULB+ziW@nEHD+xKFK7dkg>qMnR`H|J|x@rh5Jv%X(2BF$(uvIA|)tpBJz z$T>{U;O8Pslm0Wc7pHnOYOCQe?zGtBi{%92r88ZlG;)=^(Bv2w)A}+#|C)-JK!aHmi4f+9ha;N~yO{|LI zyEZ0-TtDH~5SQJ?f~+rAL}9P7Z%5$h21@Hqbm;GLG-oEMrsrJbWh7hU+*7dX)_-srQluynAOiq3YqEH02_I_hS)`3lGRK)6>KoXoBJFQ;{+Zn0nXuwv@J(2?qzt1EBS{LMn; z<>JYvu>XO`d<*k%z)34I=SM2N;w@d-*==?1(S(a!h$stCfeXh9hVbIpK>b%7lR}$# zxDtOFEg3emyNFHY4F3+%FEPDH2T{w0gs#IgfV6<7YkfOwiM*+o1mL9zTI;9;7zjQb zyJ}|N-zrUfiI}srt8OOjI9WYh_4eaV?sQQ!X@*bZ zw|AsE=y{CXC`^#Aq`UkoD5#(7EG}-vdlWy?MYq*l5I_Ql)E zgN@jxtDU?7f@Mo&SkLu<#GMHeR0HhLpBGkWy;XpfvGy9ii(%82Dhu7Y?5LHKw}2UX zrj>wmTvB5Yimq~aNU5jto!pGo5Kk5pgsm&<1T*+(LAVQpo_8*dz%G;aw|Du8n8p=6 z`R~?UMmRBOQbwXK$R~<%#+c(wZ;V3X{k_)1!`8h#(uU384!RL1&o3ZWzVW^;#Guhg z+%RR~cJzLAyW$tW2N8b6sS-)@zSCCgBBXP^^-|5RL2N}{qKjowlAiBtrMK~%n8Zv( zdL~pv=sl&#~(Mi+{G^W(0=l>*n@!A7dIS- zLI|pXF!ai}ysL+3IjwjhJV`4OS$Sz-^rUa+?ztB3S32dzE4~2^o;#?n-J>JmWS(Z% z`g)|BBu!dg>%xtLi`!x|H-a6WD5P64;FkT{eEpfmD-UC&q$AQLho=RR{MJiXn1LyOzQrWv+=^q{pT3o5;&N zp;b9~nGcW}_CwZ&m^80N%4s4ZBHGym@QEdLq$Gqlvg%BJl1)5vdnW!e3X%qwlAOtq z8rUjjf@$H+Q9?xu!%7c!8#f(I_I@5CNO&FNnQI%4ZBPJQF*~MjX|SsIr14dt=$ejte>~WXaNfFhr|?! zIn-j-`@H*ekhG$P`*)C*wWL3CAK9RvxtBKLHr?`M)gptjOm@%Tph5h!7Ie*?pk0$W zHn{MMQvb?-hAJQxaNZ1Y)#_pkM1E|Hkh3o^x9uOlL-1`szzZW#n;$?`Bi&*#GVm7* zFaA{Fzk>scQF9DEH|cny91Z^4-?dlJ6>+go7;>EP4!2<*Ghfv ziyyV)k?ud;899!GsZMX&B1Ny^ue5sJ}tC zyqjU+%jDv&JaA~dp;HLm`22KO>M6K4m90`JS17kPr}KycOl}Y?(euc@8qm7P>Ay;3TRa-Db9yRySjsjhlIHTh^$xfw^ zT8E!&mW-nPS0!9?o-P4l^N*8E{4oyVzX#H&%eoFBK>e8QqS1iF?~}NO#zwQ_ z>@_#*C9>>Dmd2&|js(^YV!6ma0((=!DN}TynNzdvH5&gb6D@YFU_Y` zfsB0i0L9f#V3OPj>_i`a-FC>3%qB$&h2O1?@?Bb=xP6Gj z%C-~cdDUszc{LABO-%>$ZIe4Fgli06?(e$^Ztbsiy(YRMXdK|OIiv5GsZU+B(OhuOf~) zV}kp7V2mt}n%diYyR2(_fs(y_t49ckXYD=9f9}q=s|p^pab4lFOL5s)$g~_PnXL~J z>LM>4?WjGE7|4Ef)e+$;wvJ9BP$Cu^=e!`Mq0s=+j`hLj&P4+kXnmA{Ce@QIh&uO< zru(9nrd6i%hxVc)7Q3s0G~z0~?BO*M!TLtIaFUY?JB5CDiGiH1yTDdkn9mc99y z6qx3?Pe;c1H{@f1E%pKTuYBapqSxD(ugS=0+Mmn|Xp`;@?kTe!pOa}gDT0>}+z^Um z;$`pLxAt&wC?aJdqM)$yFyr**EO|`r4@>88Vco#bO`ErMecD(z_l9JcnD~=+9nI!~ zrZ=3(&^E5Yf-H=zHL8~!DjjoJ5w!-Y5!!d>o+z%*Y_+WwMC~j1V5vS85Pv%Kz;Dhy zuW>w^a~T2ZZ&of9>DQkD#gP&F`fTOYOG0${s|0JcokB`LL%x}ko^4(0LF>)=rQdlq zGyUezSbOa7Ok4p2SfF>u+lX0>k%KX_jYRIW(FK0TuCW^Tj$58L(2a&GJTLO+K%4YIv>&E;XQ-}iL)LOHU+Wg%mgB_U925hL`4?g*R} z_me=1V7XKTbp!RiqT&$??ET>}@qiD%gc!7AhDPPD7jy)S;|E!G^#|M-0hBFdwO?bS zqS6Bb&fdRwF9TR6d!zsC3SYQpv;38sytOU-0~Uga2g`o*XwO=p=T2gPc106EyoPJu zT}hmmgCyklF6|$&It3JBmZXvQETobFRN=|n%=6w%c*(W~(Vf$^ z#A?6xsM~YYP3d57i(bA#NeeN<#h5~{P-Av)GlH*H)}d&y$U@`7C8ZIP@fXG)KE&L5 z(ngv`o+Cn9x=1N@`VEC(7DDwt@4VKQSP(BLcZfb;I_i;KJl{9_%b%?a=sSvOxK+Z~ z%Toro@QzdeFNo^ojL_;(#x2Mjf#M8~3OFwsZtQu%>M3a2eILykh!V;5b06GuuPD=n zZCI-vlMk`W?!xLya`!aJlY7Zw%73C+F?E>VtEH3uy&?u`T`HPiDnP3qA=4B&)GU9h zI2czEWIxT|Ovg1pPbytyWy8bOXhH@eQql*B0k^HOvcM`{#v$?MM3Is*F)+wWO9#A5 zPHsOs^nLLn+MDx5OWBNZqB6!+mgSv->y{D&=BiJ>y|SA7`Y!2tcIr)x6iZ`pL&TSe zGj$djv|SHRsly{oqW8KJ)a$j%xJf!|j^>2wwTsFz<_t(o=2Xe;+!o&09)7i*eGzq| zeSD>tG&(*$HzHfr^jG<`*=Blz+1Er-vkPSAXIPH*%BLM>Cz^rwCL*nN^NKfTFWMA< zdNT^@-WjzP)6z~Btx5WRiDi^eGpKxWh2!a0(mYbQ7~Vz7FWZ!E+ex9Jp*=YoTwDTa zzzI853UdVSgM<#%2L=XOnw!6!;~h@?-Vm7WmSBT);FqP)n3pJ3moDW6dHnv0(xFr- zs&(ESY@XXfJ9ay``L!B_?A}_$dqqxr4zoJ&3Y%_6nNyFQ2P@{Zj$%3~w&cGPnZ1GP zlbM@cVu{9}U2$H7 z3}LqG8LMk+Dy3FGLPbztzsjQwRgX_PDVXzNC$ctiB9VilDrX zI+(pS-&vh(5%L&zi}sw()t-8OWCEO(lxjKhW@cHW*9@+XvT0|*ZiDc2v0$wGZ(qXqkaI@Q&ksxPTvaV&%SIq}=%n(%M zUhd3>!u`FWDEn!b^+Co{?*KQ`WK6uo_Y%-4(_p^h zH925g=}GQF4<&;o78Io7!+_}xsN9t)KFNS!fgYsJ==1HpZVd7x_!BfVG`%n#PpRXR zdHl&7I{B*%25#>RZ4(1lMDV;hRp&3xLuo}9yGyVX9PAOrATx!%X7Vh^KCp?h_PDbrbk9P?F1WR_S>SOrd2Bj#>Bht;V>Y?=l!9rSvT`cm0@0yUDx^4yag6rzV zY=Qo=id(CgO2P{+g8Y!W%^$uuU1!BelQsWq0nkjWb)4g$V|$GhvZ6;mZMgfSsH-5V= z&8CrAE4RmRN1#xdjYk{oGS!<8?J0jDiAWVO?NV-?FvAH*J*~ny~r5#xjk^0}%<|?Sov+)iUcYwzP;1i&b&@4X*04zKfSERt3Xy$AJC+`9&BI+O=FE@}PZ z5sTKTdl29V|5lv32StDd>)*eH_lmamZY~*A?2S@qiPw#S%{shf451ZrtpqnPBz>EU zEFbDdy*S&Rx0&LR;1cjx_!u*2K-fSk z*?^dbZN)mjJzw_uwMMNfp;fKocL(ij8YD>JPFdUQ;QgGjEZ=kY!8O?eIajMM5@7G& zgF&zsM4hbl1O>v)8QBf1IkbJd^QEMHZoW$a5U)Wv$<$L>%-bQ4?`i7t7lrq%5?}WpE8z4-|cYIu?o?Exu-MxFKZPX{odf+ST zq!K-R9KIA*(_TbO)2EL6?nunbei3zCG)VyA*qkS22GcZ(7mgFbm+jAAO0C?m)zbEu z*1JbgyiFc8ypP@+a27U75-}O19_C-d*ry)r#Nychpfh#ssFoq4I&I{pL|u6Nm$vWL z4IR`|ny*gAf{drq*&`~tNoccsXq+IcT&1{an(h$F5AVl23nyPrt=<36&EAsH>y1pf zxuhH|t+jTh0%`}{k||)KMC#bV*KPYmJowYHI|a1_NDaeZp{XKdLRoS8+K6m>A}G~7 z_Cknr+`&k+#5$>7c7&q{wHu`NUie&$_O^ zRzZ4vHJ1?2w~4Ro^kN6OKv(Rim7eO=lAEww?A7t|+e73WQR z<~xY1t@now2?N9tHCAS?0yYQP2fMjMO?+|%@L=$aAFP+OYV9Cq^~5^`fAfS8DKH&G zok30SH@;>uL3cWcj=tN%BvT3?9Z5y7r}E8szNVi4E`d2#uz|& zuJ+105#LSx8zzc;0NEMFgI6!2fmlx>UkBCxk{2yDLANxiEJqdG-I$c=I0d9jr73}A>Dlng*X(6UEKNH?N zkLA_Yzf~=91plA$q#~OH-DrPk2?#n^HA}SAv^eg=Lh7k6xOjLG2?==_84O1{u>;vG z!J(n=P?TAq+eaMd_Iemyn(|h~#?#cUEeqYy;@*}2p)i7Gx_tH5>LVeB}Ok*CfsK`?L zH1Lj#4BjjtN-pqKg1446|y{d&FIQ(6n`Tl?82`YWq!7=r)!Q5T@T70`EYV^ z_9orM+E{|kRzoH4`#6QRm+w|DfAV($+N6tQL*HY^E9R}`2XnPuma3gpDxWMewZDZV z7Fg`eKfn5E2K;uW(;fomk&nn4&1U2&Fy3ES$ov?_UM&rA1nlX|_;vg9eAODAs>zkw zcqKRdi@GTa$zqUPMZgX>1EGtLHtOH*jm{MhSh|Cae{YZjvjph0%e_IG#m43p&gJ%4 zPKu>Z`u2``MKo;4ov;^#f|G(S$DNJ9!N=<@l5%GK`KCiDRTIN+bc>ORDU^`Go`qS8 zn%gYHc06oJ!RA;`Zz<^=9Ueg5r?unk?DzULBThI_Uu7yHYsWR@ZF-1J{W5>LB$wt*DI)qR^hBM9g(YzX~@|Og1mx*uU z+}6N?uA~|0^@g00v8AP>Po;JzFt=ikSEa_m*_)HScHd9YDQzwZi}I#0Vc#vF*^jS@ zy{#sMCf-pj7)Ymxn4Y#v4NbWBum zwW;2$>$5Yysx{D@c~(8i0_J_8bCg0=oNp4{Yqu$GxX5!cNxE(=cEds%m0Az?A9ic) z#@~Y@f>wWfGUxR-o72cQH2+8i>04Gs;*J*|(gQg!@Eh;F;52M z{qv$Hq0*#+5wPWfC?=H4pvFrs@Khc+y;M-oJ{&tV9-{B@u{lkzu(<>(fuJl)qc9DY zQ?+d+oA+e=RN!8qq~PE{0FgG~UhJFr+0UUu@%N&ty~s9sN3$_a#5QM7?6e3~G(?#n zd!`4EzZ)Av7O{zLtuJHlMN5w@mjma^cVt16W@*ruV{i`W{%J7fwt7lG6hnp4jm}oO z`v%SaaGno;t1C|p*`>jY7LuQwABB)C-gT*3PEE(wC%0x7e~P`2OsG(3=UxN-2OYbW zFDg2Z;GQOBR$=Yr%v$I4Og+A_>eE0ySk9zVDCT*%rn}zv_DH2Qk~P~xe}l-_b2l^I zW0$o0pzp2Ow|729QG2bfb!Fm#`3WZR&Z^m}c|3QG*s7M%TXPe9G>|^;A4|oJi3E+R z)(6d6!!JbR!U?9ULJpu;kcbEh7^n6xwO(^k-J?9tw2e`V(-TUOM<$*vb*oju~+315}zJ-eu&a7e|b0 z0$5WYUti|y*Ha|DITt8-YN^$0vN694YyCK6y1dkSklb<^e;KDr2=~UVsJnHI5c>-iB;HZC*0ZOPHMwnTfg)k6ee%GpHO^1QVqg(J;RHOH4tRk0< zD{D%vx1R*4xw%#GT^Do@0+#IzH63@Atzr98KJjXojW#`07ljyhC&KXSX7@t>+xz)h z>upkdGLPow<}4+8G2l&7l$MrmR+Q{C$#Gq*aOAh!eg(T|lpZ1b1rC5ZIZGuw?acYB zk3A}Wvj;6KSis6pSuvT0hZPR9b`9}Y4)&IlgKpYSVO1>Exb|k~*M}Zn+8R`E-5Nd8 z>)>#h(V(?YO-nO_;<}$-0PKJG0S3OT&CyLoZY9N}0xMwSU^I{y(!ln!Ul=XTV#!`P zUK;JxEVWcp&=09_lDowko4$UatJMws*1c8E_G|H+HMK&v)mLsl1}^3^(FrkaKPe%u z*dK4nfslX&2_hPf@~#|>ws?Dm0m#0kM;worftg+|iJE&os@0dTT+8fk9XI-yr2~>B zeUiN9!2ZkzeT>$Nmo7%@b6v&$eqZm$rbFBxD)ig3RNp@|jt*Ek%p~MAsPZ)5UzyN5TE6$1;|ZbOQNC2Vx=B8UTe&Aj_8Gan z*2AgHi{lGab%(~jY#$o*aLY_R@zM&}^V)?LrDUdXOX?~tXK}v{MNhd3{x8bjI;zU` ziyxFDNSZWK%9U;@rFZTSuiAFsAs~p4T!{ zQhVRkF0mYOg}C(f&N!zgKI@SxIkbF2w)oz}R;=i*^7PD1tY?tIAK1nE-m2oD>Wy6+ zVR+?kV!hcN=>U^@|)^Npg8R8Pm->!@snE%5$YKhP;i_%Y2C#1vu;D`zIpxMUVuqL6Q?$)#TuRprqC03 z=AP)eJT{ZDKt?B(cUElU)trUMHG_5@mknmS+G(8dVUTFe_x5I#D-Y;A-|g?7jjrYI z+Y0p*ONXLFCIHL2EEajj@*O}XeWU)+-Ndh)!h%Qa`c!OAL0?*wJZDTB`DVDThUAvl z`S*6aG*5qWc_ya6Bvu%0^wylM+Fak+hY=$tp&9 z5zzR~X#hm_7GTVxMS1%kW4G>2(RmhZ)YB1VCW7bOYc~a5eKtuAXtpvli09frc2V}< zAK5V$*&4y-%yC*tG5lk5|LyybS(bm^`B}k`qw&)d(?Y5ZPVOc(CVU4J1$r{|Q3lu@ zB=zD(dl4tG*a+LV&4WW`r*Vy5@-cjLnBLaKsw5-7(V*o$nM^TNAY~J@rfY6w^lqma z(2Yi|uO2v2F)G*4{yu9h+_iUa6->UZ-BZKe(GT58V?XU+K*HS+E?x z!okx{I%yyy;rqRLr`;UBR{Wmb=+_ffPpDT6pP&bjA`Gqj!-ykZhA8#(%ry>;2upd% z=pe4!NW6Ij3M3?#aP$#+{W~E3i~W3kmIT|vii`pU5-Xj0Iqv?&tR$g9c-`SVq9j`N zj$efUv)fijcvC1XEzJxzbyh9Dm+8&3KzH{kQ=d~R&=nnVT+qAbw5q@Eoy(NuqN(S$ z=1c3jSM(-1vK5vfwFLWD(7J4&e>_-nZv_OPCUK4MFzuvL0Qr4tMqY>c(s|9!!R5ML z+Rfz=Eh!3_HQTnNbTf3m&Y#`X&`jkF`BvB^=e{*o@a`SQpOuRRaT9b+wx1*F)qv+W zKh@I;&SW@2M&k=xrSP^tlSPi0~&)Vhp zcNeT{Qp(2?Q-%&*;y`nodc57uDUe6+UNxP6?N9gp)umf*N?lym4FN#fL9Pm$H%OO+ z&eIW<^&W}5?n2E%eQ!pEy4$Czt|>Y?mK|Js91ATx1KFQNto?KnC_74I;G_Q z=_u&H)k<`kH{;MQxyx0zT0=?oX~Gpa!p*uh2n>R@w=;-FZ%0%@2(iU< zYi`Wp@}5*OE0%Jw|F&v%Bp2kU&u0xu{F_N|+b9k#YtY(z``Oxo`>Cv&L8b3c?D|Jk zHx54I7!TcN=;u>)bpKu6`h2@i2fKf4@jFW&B@vduvh@d>-_3jj8T%=%@gL4@JAFHq zMhBY*_51DQ76=O!wCeBV9-|jn<9H0mr(4VWw%D7GXpj>vO)iDU!@wXQfPr7BUJ`Tp zZ$EMqlDw*Lw$iJrKWR*)H)ZhY>1>{|mB$U=VX5e#^Q?x?+prh7KdR|E!_5P-+WG`5 zgV%I+jz{VxAKWPREJ33mAw$;a0n<>fovQQ6wrf|SqHkRGgzX&b3yIjR6jMQkVSr{k zk2sndF1FEkC4GXp<0mCzNZHh)Z?KmiOmhis4dY+QSQ;uZr?2@5DO~z zE-aDB+g+|MAD$CW?l-R)arY?P*M`&{Lt>Cd3!W4*nbv~R03h|;`o@rO$w`g`?LF446D z&j`0?1>Y73nRMQrXYgBCu3l!1>Du0!+w$D@p%h#n+?W%~nvDv~V^(aUaP53<$EV+L zLevJ7f2K@fpIPqb3ezCZB(a43mpk{qG})$0#MJHoiLu}mi{#LPjU9Db<%gREe|if# z^H;|R>mG;#uV&98T@~ZH&;>m_K z9J0_b8t#eWqSVMVY8?I59uLsGy7GIj|7N3W+37E(6?mvo0*bQ+6nEAdVXu?yoOmyO z7>h3Pu7CN+gc}=Pp{GU)VeW?j)WNWLu7>p-UlAs%>4Ihv0caMPlEM;Lv6i0`*ey{O znp+kk%ai*yuS};gX^ju1jdJewT_sS_QL*g^NCAW}e9)59VsAB~F-y#7*dbNK3gKux zgrkub_=FhX0VHgdC#F~Qi~CrH@&>FXn+suE=AFOZNhee_^L@MSBcv+SId<|4jnKP+ zV)5Qw1u>pRdCvMhUZfDS{{HhNhNq*>{!O75)lFE?^0o3QDVJQ)Ar-`e%n~LmMc{gehVE1hnv5J?Z+Fiba;%V zV_X2;Ha9qqKY^ztqoNMn{^gn}$6&fcJEvFY57s>eMveShf@p-(+Z_@;Cve>N*4W*7 zX6>%to|fGT%-Gy}-$IJhN^$9~>ES$eg0R7}gI`hNahD{$bxof<2>_l-{}FBkR_Vdq z+#JwlwztyGv^e}KPAd@|&rQ$TrM@>$wxHbDmZ6<;F~43nj7e{D#dBKcy0|xQzNN4v zBs!x|>*`kM)^}lNxsyccbw!1*tv`{Hztb>?f(AH$LgI*+1lM1OrBK;(Y}BAZ(c+Qd zHj&iRsR+q7`E*l0llY3Gv_;*AOGte3eMk!faZkG0zL$1jApN+E_vC8y_e;E=&zh@j z2`$p~Mofw1ApDm`oZHxnI_MYA)h;OFKgu+!GBzBj#he?vGd}xOPOnbvBOf<})84i- ztOvw*<-~K(lHts_x69mdR9{Hn+*2pI$}rA^B~W)}llV&a(P#z03eX9p&BgV$%(w`Z zo8_)|%|DDOEjouJzgm%=jY{F%zcr9^+YcbFT|PBL0ObV66dhtY3hF(Hm`Oh>1KzE@ zCEYyOYJBMYxN5NMv6ew{d$7PrZmwbT#-D{lo(u>A+r9QYG1qdVL{c_&^O@bN#(Sj(jedXDOU$SMd3a|( z`&28eF3}4W`SU17BBtZsJ(qEBTvcf2`<8kq%Pyl+bF~A-p?6SQDK#aid;)P@Q?Ki} z-Dd>tBW}JC4INkYhmE~LPOHiAvUafw_IZ!?_g6wAcULTY;dgjvHA@~9Eqjh*i5_el zB7S(xjtT4sN>}id`~2bBXy1C;R<0VSW9jdQy9+nq*Viy!>54d9eKD%-{=EDF+ zjd3422@W;CcS422ZHEg!3j}4QiLZ*K>jlRQ zdm=@_Vq@qCK~&VUORJ6P*Eo>sY?_>5!kuVY?!g8=m|yinU5BE`ZzzgH`1?KoxtF3t zGWI^@G@HTSytbFuI+Dim2&K_7pa-~d8nN`Jvjxglx;K17iZ)aEjAa!hrJg^4o(npU zo~5V5Db*`gGT_8zaVyTeX^F}PHR7_Jg4;p$jD~sr+a0=v%Go4zQ2ChB`bqkIQKf(een*R2ty}m`{duamvi*J~ZD;eDY>3xcY&RO(skt}(;vx|bwF@EX^K1kw z-&)mMe~C_QlUbL1Hx9{D2S7hp1^GE=-txULE zVxcLQf(aKmFEC$ZB+h}t$l}|17FaEDF0&4dRd4x}>=7Hla0CT7PuRB-EdJbX81v?p zdJ%-l#HrZd_VYJu?WYaM(;H%PP&IwSRkx=^GguDE7q^&hJ?Bl;+TCT>D=8GPSg^ZP zIb*(4*a{8(I5JK78bvqD_ctANJVzX=HomvaphZuIJ8!Ibq9;GgYz!QVao}sR6!-;v zydAU_##z-*Wa$ja(~jWkSH5oBPD$5^L7rFi*Uwa!>FFrh z?n#@l`VqTOsZd%~-ep*>)eD;h-N=})LMF#$EiG!JZ9&CRLFI}fqqw+Ul&)hXD3_d! zMCjI;A0F1$5t}A}4jDBCG234YroULuB<`3mM;S-*n{QCa)&00IV$--e&AB7H)c|h0 z@$;&U1$4nbUztIttn3jYAo2UogC%bqJYi?2%j8QY{P3*B8N%;dkR!h!5(Q%b&3Nn@ zl{##19OE`u8;T4Er7w}of0o}eL)az#k#3*yTrb&HbS6Dx*)KEC;j z@d?@>mqk%XHr--KLyj66|M-MIXM+(jM~p}wLoP0`4JH|%sqG~Z(;7@+a39MPxAnMd zDMC%$K#}RnC%!EE`1(^6H|Wtio<2xx+$F^OsPy&$5UnF|W-`iXq=-wL~ z+1is6R#LiV*fexy`mfs)E3~N@d{MZM$kFU;@&~hNH9p0r=<%XvS~PlnX09qr*`e>j zt?(*4xXNEF>r{vCQx1|+QmlM@s!vB8$|;2mvENY87SssojCt(lje0C_d~V|J13j|| ze#$$Z)H@5Y7WsWIiD84LTo*<3uQrL8w{I`&IPQ>?T8(ISA8as9PfweH!xX#znLK>~ zt=GY~u*vV0mYgi1uD5>2*wl1kCeBJFlvXqx+HI`KIC~!4>QvGO+!5&bv@=J*Av$yMeDUK*F^Q7V^Q7^opb#jQF8qr ztg96$*jc@G7W#F|ew0Y$t$*;R{XST_(7qsG+5dIJV=DNNm5Iq;g3@!}zpc#~KYZ=N zt8OG*x<{z?7#+}&antyZgW^g^hwTk0mik`}wU~LfDHI!F*tav==Eur@?bA0tWu%Ob zc)S4JkzPKN&pVd%Yx;hw-$q>VZl;;fxUcT+d)gU{)5{D^K_6%^*k%9 z{4|MI(5ZbaA4mLG17IjkG7|D<6Ol~cU#~h)<`Mcf@u{cTz<#(Cmskt-XB{}SD-?IP zRs^_Au@k`6R72|tsKV}-tMzKsPES7IkUxS|4KO_rwX?~oQ}uJSek2ukbVagnj(_m^ zGgYeGArZzk(O$S!yv58`kEkz2QbyswXf>=ymZZ7+}g;cF))ihZ!1y79;&7s>OkNeJa z%Q!hh`;Ukyy`Xrl zT=AYPxH!RKyEK@kFeZk0?F6S!i{^+brmdI{D3;9A~?(my=1?Iz5ZYV`CRt# zD0i1f3=}<`yCc4Zh+evGrCu^!LOJ;_5exP=!0{1f1vl;5O8_B~?nJ3K6xvCWC z>h$J5=q7J7IU|m=k^_r;iiwP*LB+ZuM)q_N|g^+h%TF^&>JWA)ya*GWfXy z>i=Gz8-lxCAQ{7@k5tNeZW;w~Q!=Qezh!_v2j!;UikADo8s$)aik}Hdaa)HWc}^v6 zrA^vpf?#;)pN4cn?l)XDP%WM3w@n=0dklx0kX=i+cHLa+`FQ>FeSFk39(70Sx7~Hm zGZ8!8KZ;4t%V!b^5F#%L6@Nr^?XZ=bZ5;%e>(oe2Q3Njy-H@Z|Ul46IC&kQ4o#5B{i z_Qw&IAw57#5HN?vMR~3$Xr^dL0k2Z9q$nKHCO62T#k@PC_K$nPWJ}kDep(envZfz zEybeMhtfAwFl|&4$+x}sec~{1kPR=P94f!a%7tIcS;VCLZ6v^EM?hSBV?QWmGfKctzZwb*TBsyk*ii!(WN-=9Gk*HZ zRkx=F&l6`HBxq^c#^mBdU6)!oF=K0{pf@FGY9{`9>vmA&ON>@>qhIY84(xbv;DYnv ztJt^^0iw6~famhf_TdA>V20NZ!6)TVS%@#BL*!t5_TIOxi_rDI5u$v^`MkCNodbJuEb75^XP2j= zLNu*k_)RP3CO>3TQtEaL2p*>t#_*vr>8KC>oJ|-oT3nS}9>Q9#;BgLjTd-o@zc2~f zYxZ550**7a0HJ`#K2)eI14-SDM`J4WfH86UafTGMICw)`A|`>M4o2<6+zECoGI!E! z=M71u%a<9D4%sdygMTm_yoB`M=(K5Y!)X+e?uaj=wp7p^ak~1;o1Dw9pfC?9;NB0) zDZB!@*ECAs!T?>sC76qXXS;DV_)ydd7{j+pG@OQuu=>f%hg`%mFhR$(8=zn?|q!^PrFcW|H^c%h89m#D=4@Qg(OC)DQ zFIhy$<)4Gvksy>GvQf#*Yi!mC4S%<$p^J5ubB zS!lH>K>uujdc#G=(@IOR&s$ZzUmeAsVkFQdNC!ama9`t>A%8*67pH_=06BhPeP!lA zI0my_Ul_(+hDw8Qj(bE-ph8HuIc+l{6A8lRdQ)PW!07brDpNr4g1|bDx$s{6R~7LA zS#x1Ra|-FIqgBRq$l8R%&mrbapMe!mV*|)Y%JfCYST>r`oP<+Q2=K`-x^0d9JrPVhi(v**Xtg_<_dI6t!K`KVTyAa2OGJ5V`#wP^F#L%0u@cBIS)hUY#bRze= z$O#l55&i-WP(uhxrf>P{`$@%^#HDMQT5Q6RA7an1YS0TD8fCU0FfiRR&abygp6?0R z*mgU0lmZ+l#G?JQ>U-G^v0cEuhc?IDYvThie6dP4_~?a6;e{<`HIDb;zzb7*uUt?r zwb#jh04azWDs;V%T|nvuL>@ws_dXw$_1}9V7$+$vh2h!Ad-HKgAr~co9$fJw?OGTo zF{c<~AUb4jQ{Lyu=Dm4Y@rrlN-p!6}7rA?x?GEHbDzeuAYx<@Uh$>u)IznSoIws^X z`3Q|4FR;K&?Kztgc;(a~8C%RN^OHOM@v%1E(_V^fxkW-rYqD;xA@=v;y}U-S>$H-x z(-st3U`33fol%9`~H*Md+fhgD}(3MKv&qo#Yztt^6aeEMFs}=}XN!#RLXwFTc9_BTO1} zK)v`kO$+a(bX{%B8wT~>gB72Wp41u!*rN@Uhvv?0E?j(hD z@I`V{-r02x#Qpc*O|O~AMQwek{9XJ)i;1U zVjrfCL}u<`UXHc9HrUVJdMb91r6&R9>nrJ!BbzDf*_)%&oj{?2!4o}q&im7k+Sp=| zdutpQ&A%gMOh$6V-$nY2cm4NW@8V#-GJ~+N-d6pHLG&MccST(>yVa^2yfAj7b}CNG zwJ7)R+H;`(dBlXKiag{i1hCS1jzr)D^Rn5Mh24@PmzN9c{Frm zw}@sy6Ch&Bi^;6N_Lca=9(9>w+p%cF8fJKy6xaoRb21r>tyJtdiRsAE2#(dssrg0@aPCYq`oJeuxC$rHJ!B+2j?Kd(op2Bc{zbqWV6t+cwXQJZU-S>*rU|>GkYi_QyssV0b#JqPs?;zLVoxmBMa=c61JMpZo}H z#>{D>oqt&?3e24o{+GEAP^DvZ`mId~B*a6m>$sV*VGd<{)A)j>1&9atrSV7J#7sth zt&7*g&H9`-KY5sgqy0BI0@2P<9^#+ReW86TopTra1MT=QEHFe+=-FT9z>erPiDVQc zMXb(Zeu2GsY4zZlgY<~q?OCGv%w=1-rJ_e_f3d}Y%h^CKEPFZ00K0(f0=)dq4tP*WI@C66&0o;x3frP0Rovp=vFSK3ak}td`A9Jp2720!P@B_ra3v-mp2Y( z+HN2xhCshwIHN$_&K3jjiuk1Be|^&7 ze<0_OZl#RDSoIpgAs`6c7&K*TPhOl59WqlaS99cgx%sa%f~Rp?zh#g{vupxJETST* zdcpMzEb%i23HS_wZjqCZ2J9X@(i`U_Ks}*ebfmelfmJ`AKq?GG?q-f;0m2Od0=Fpe z$;CgPbL~(?O7sXe3F4w}-$j}>T&4n5XDp*a=Tcw- zc;}HxI!1LN?uh@fJL2Vv1a?ENte6m{u%Kb^@m%a~qgt^SG=OB%F2xO&Q>Y<84#&C; z-}}1(@5!o?p1U87*uRmJL15iS{-vc2T};P$m7I#|!rOI!$NSL6+ovbUb`)bFSG$TF z!^6P%y9AP7!86WBa(x;KaBB;j&qkhV=5jDd6(9 z3wb`3r~BMju(TbE;V6lQa#R!37E~WAopGd(5_rFsaH286MZ;^*W+9erlE`E8$-yVz z=Qx2mfmbk2-Ghi+I)RKBQdz`A^@Y5*G(i1le%ZX#F<0`IcoO|U3dJnmeF4C_O;}Djnz93HD@sP z9s#cKZ@egrNsP(BWoZvOwH{f{@CN81E_L6!RGec(S*d4>Ic^fLWg@@voSWuCQ`ytzRtv>c$DZXf5_TNfE~JZ z)s*xe-!ZY_DIUZcHT;ro0*kz}bUmdJe(MH~9>pdPLA^vmK+-wS)O*CD@X9KDwRU_)lvNwzK*y*RA_eYbC2w%+TenNjO;LPJOOyH?lCwd5ieCRI(hrMCF<9dJ=A5Rh+qfBa+}ddG>09G%3wM z?%TyA`^)0p>{(JyG`>CNDX&}-NCq>LKE?(s1{Xf^jA}zbO-`UPz$#3rA#AaDMc+;H z#ah;-rf>B!GQqIHQunk`Y3~K6*@aT+AEdkRlwW~Lcv!}n@gTM76#tEYL%BwzW ze$cwadoU^}wPjY|k)S15q>Y5DAo;I>e?#eGFi2<(yvSe`-$|n&`k2%Q*Jr9OH#S}~ zb5bw0QtIMeF#4<5#}g!^{}{M~>K@s>+WwO2Q;*UDqXQ|r##^Z5(a(_||6;vED8h^= zB%kWiKJJf3)V+EEpy3XYO(f!4CjT0hcm$*c+H*b%?VV><4lj~(9vZvvF>g6{`?YB{ z-%XOy8I)v6{mn}}G$O+O_c0Xdg#{DogZA;ruo<>o!*l66{28`rI=`2doE&`PSoqJ~bX7~8;JG2)qD>1e zn_hNIevrN&80W+C2{cCauKIeNr#7T+s&m}X2np~plJ24bGqf*Mssd(JPy63$8{{>> zIePS9QvR`=a3+jEMC5X^U%TDp`fk%4tuiurKU-Z`8Ul;<`p^KpVhz%NaW{ZdlaN^$ za7;8p%MNO&?GSbgL9_x--aAApFgCcM0MQB&Q7!u{;|mfo!=Ez3%Qxi;BB{@NMqDON zcjm*zgkE?m?68dBDH5RQDZy$$(#l??$NFU62on;}?2v<42ld{y-Z0 z$vQ#F%H2rEWl^PHy1k=~&C(w^eQp>(|56f=m$4mry0_|HtvirW1oYv>9K?^`5 zSfbDqf<&)gI3thwI^msmakq|)T0Kq> zZkamc68|kO9|wv8-yrnuriJ9H(o|^VEz@l7Q#HD+Q5gBj;n>}6xQuE#%rP>VWn~an zk9oj!sJXXQxr0OY;7S|90iEpnZU8V*oD^B)(3}6jJri@}>`R3<4gnthC2b;hcW+)i zz4R@es@MkbTj|Hez}*~1+p+#DZ8b=6e^IpabhZ~4%9!A6e&5=3xBcanA52ZV^O@)G ztMlQCrhWCRb?3XXj?tO%7Xsi(D&{&Mv$@)NOoj5soDxgTTLyvh1^I;o5uQi*Q@0(ez9l|?a zx4<8P%;w#^*q$qbO_Utzm=p^ah#$Bl5U;?MD^C(ifyoU>kM0RFM3a=+p z%$4f-Q#glt5Rzl)j{FC}m>|?*u1{9n@s(scG(TYZKG8lkSh@1TaYtynb|R!O&#T;<7n%G9 zOs*vV77`yS7?t;vQ-_i7As{?rb^<_7HHz3EcMM$_v4H0WwE5WdEyIv7cnMu+PRvb( zb&&x2ieh-nGJ^b_1Tpux$fl3|gDt4-w~J=}IPaSLQJ^KY@%( zI+l(mEHQ~BAUwT>HjY8|57|5iLml#nK@z^{98#S{31I{i^JdftZotXdpM4i(HO{JEeDiSIEJ*Kl9b!w-0z|b}ggt%-;E=m-gkk8EvrfIfNad6AT-s z{y*U%e8Gtlx03G`$a&K-{d>7zdkV&7Wfn9t$Wh>Ta$fAd^%yT=?Pi!VXand2sS)r@ z0LA*Y|IarhDe!OseWvr~QLf7?518RNj>PMi_i}G?O)rciQuwlgye+Im%((!Zj*V)3 zcNGDlRz^0{7|dxtkmw)crHi2vEf&w!AU3r}s|+}*{|SBnE&6@^^q{jbEp1#q<5qcm zxu#mK?D3cxb}T@5bL!mIxiLk7#mcJL=vOD;Z3{< zk(`M^Hwz>jsJRLs+QmXWoqqvJcCu5u&BApi1h@5P1Qtpe_95YmFyQ0jKgpN_XlU!t zjxxA_qP!|=a@>2K z4Ls~^2$}y@mnBMQ(2Km%S)8D;)7L!id=(5TZqeQXdv&UhcI}QClZi<)DTaKH9?;SLsjIH`*2@Ho@aHmZaAQfe?9HE-x*LX z${)CB8+Un7@4kuK@*htY>!F}G1>l);`l9cD`}U4tHh6yP#YZhwo)=A15xkh}NhtXD z%X54YP_Wy@R{LkE?^y&S^IaStr56JT-I(0?#{d~fl=1T3u;_Tl}A(13Y=w`M$Qgkr!;X3KhdM4Mp5Tw({L#l{r5 z#!fPgm=dk^z+1+H0=)w#g^%+%NW1l3_oeR1$=CSi3YkP(07Fi%f8AT4P9qImW3!LR z^3pFX9#(D^(PK_%0ZBEDVy;|dg_}*liCqW^?)`gTh&3C({kJLFe3V(Lo_4J50CO}Oop%`bogued3fDd3R}4B-8UJbZ{z!^i`?BuF8a%0iLd%DbYNAQ7`@ zov$+SI+&JR$@IH6f2RNDpn8i0<@EaJy&-mT0k#exI@=9JeGMa3c8uUP%!AST3+J%N z(I95Ha!~Ydoetq@n>vXb2Cox$#zUz@KfTK~7O|3y?=fV#^;^Kd{{TE$471g?IT;OX{0wXYq6%1xJJPecAi68mqawA?Zi5+o1)e;nGsA!^L}Th)>)QWrbDGSEpQseA?A z0fFJb6n-HGupoB=b7Dk_iLW#v7lCl{b2ze4U=c}kFQ#Fe7=kMo9L(3-FMGPo(8Hq;e zG*gFGQHQqcRt1#f74K;EeRz95GXUyflnf;ecwFPipCecsvu$rw3LI5hBn8rzyP+=t z@nNAwx}$)uMI_(O-~Pl!(|zXvr`LWV#^Kzd7C=Z@51aOPiMxb7*VV zGsdxWti)OcWs_R_d&Qm}oj=|HUh8?A6a*#ke(h9G5^Q7{#R-QLVlPl4UC10k);l5u z{dg9LcA_*-=M&VyneZ$=%c`3fH#wBIUhWyrh@32{1@_%LI+`nVGBClkx|0 zJ>3s7gpBj%%J2nVjK(+%e(KtZmwz)8@I+k%*8~cXxXQ^w-n`9XbXfqSC#va~a4*Lg z`wI!JhQR?#fBjAHRgK(gx4#^_FsVD{w|i8V?8sfNMczPeOd0#vuU{pWz2<<0$1jsj zLz5R`yVPDk_9p(V;e!V=V^4zuyT`?9Nr8RL=D@p?{)F6TgDrIJ?7b^cx4gP=l=p-r za0R3CS2GkH*J$!%Gq4Pt6n&}*(EY=SST_{oDrBeaxf!ZIF7V}Q$*3m{ap_x3-o#vK zA0+7uJwi1Q!=P^preFAJXz71RD0s^_Y^VL>Y&QuEDTGmuFv&x;bYcc0D@b+WZ^;Ei zSSJ?H4pCn5v?AWn;b`P(=L-;OzaD)9#HOFOJxpSXK8GPIfWprD1dQ;od;aj`Udh%Ipf?%id2sO!eyD zZY0YZ-*iJVbT;V?^LgTP3v>#Awr7F9JqrzO?NZ9Bl->^l1s+-0X10IjoZmQH9Kp3G z>7_jd_}MA`v0t_B-epcvpR0X3CpY(Og_A6`Rx}nIji=E+#|+U+P~qwBwQHNd-~yU zX?tT%`5)CjbTg*ul~7rVFYmJZqplld|tIR8-l#c2Hv8$3khxr?bQLk$MZeR zIwddu40P_}+RToMhM@zW|G4w*)vHH=rpZCH?#s8}{Tf7ZWN#Wj*-q&c{;)itSQdbi zLba78Hq5b=_bSXswfKxL5=Bhl+(bS~i~1%i%KNzW-A|2-XwmEsc9)Q6*%X~I zbYMXU7k#3cl6-+%Eeb;$3=M!xs~T9HV12zOs@eNJxrZ%fR3%J+RSz-w#eJB{G zY{{`M%3=|GlJ+v-EqXY013Am_-xiVRC(E)=I7Lt4JS1i&wsk(8xV-yMUxb2^IrRmj z+{_Tql1d!igNy0axt~5u(Hry$Rc)2qH($4#ed}Co^1|tWnoT|bb{iRo%6aIc{aClZ zYYXrX*UW|~yuH2s-U2phFknnhv~*|Ojbx`BEU^j(cwsFU^JN7%^Eih$ZYZt6T-7Gt z*|X($n}>!jax9>I_5`wny?M!AKQTqF)r!gH=Z1r2zpG{`oAnv-9^=fQp-rBP8)Xf@ z>gC6KrqL<9o2}Rk3XbBu7zUJ}Cj8RPfCdIMo#>M54F4jGWght@IN5S;vf>nbB8G6< z_r0e4*?vHP2htCVzW~9OQ%@@J>2kavsTh5k((!V8}jf*Aztgv%iQTU%T?z6q9_i)aHEl z^R_6isgIun`>PysAai!+41c(Yb1O+Wvo1A2xHbbae2;B{@Pn_MgbQCr;ElS@3py-Q z9}Jfcz55_}^H=JlyDuh8a}N8TF9=xI`6{KT-23r+EA&Djm@zw=qBP{>Zz1_KBgDVx zOv4(+J(z-+K4e8*EnFRD@}~D@eJwHolawguOLPcxdbTFj5{!=!N3s zXjp4Zs}7CGfKQEYpr}pb>jE`y{Eu8BKT3P83+UnjZG{Ob{99Bw$h@&DM57 zr<1K~(lYObnMcn*`TEa|j=iB-8L9SPx^T*FPw>}t8!o=4)9*#f)(8%Z3$#}qhXs4` zRohmJVcy1IzQl||$Ovz;IW+Xe3%nqT>lfU2H*RFBWU*(Vw$k7%tC0Xv^T@v7KU&#ADd});3k@OU%`b(QZ3& z;aq+OXmvLL~ zuC|ZXx_*N>+eVMD4A~o>14v(US&#Os_%s8}NVxI#D(%SS6T}ZAUqA?`;>}xWH*?$f zd)nI`qhunkYZy-8CKGg+^)b`=KYE$6OG-DstaQPC z&lP+AS11yjXs_o^_oAaLPq$7>D)!l*$strgbeC zT?Fm-Nh-Km(ASI4oAOm%t?3%lpW{J!D zhQ(7bMNk9-r6L}`us!PPD(rW7c}?11Q1#|8xc?CdBw)a8jTdqtxX5qy$zRlkLSEQp zQRA9b58idVnIJh;Cn7{1eHx0saxaS5jB}h9_2x|rB)M@gp3KY#`AouKjC#IINPXS) z8kGud|FZq7av;@zA$L zg^TvZO>fGPcgB{djufhXwCwPo_xArI>F%KQzRiBBjaO_Kl!%Gi>Kb3uOIT&y8>7&g zjo`&=VdXkzKI5R>wlixr%9qV5=T?8=e=YU2eCqP+2R`6}`-QV8U#6!&K}gPVGjOJ3 zVrt3<8~*}DKrl74-9jISYy$u3BqACDE-o(ca`ZoadHoYzUcef75uu?4Hm!)ub6+;u zF|I4JjOCv4U@X)nlZ2k0$>>aI-i#BFlka_d!~GrD^w#dHicPVJ6GaHu467ru{It*h zkp^eME`KCPD!6PpWl5h}4sRNpN45u}Dk)eS0}(Un#evN^T;actUY;0C*sXYah@U7D zcw!RkUJdc(QiTgf(hENEF-i<~{Cdg+Y1-h~@LB@r$G0aKXKUm%$<#5G~m60y3Y){F@G>BR{)1uU(Y+E>oT`Ni@d}4 zZC%|=J^r((;&-LiSDY}G=&uCao%zgmZyJ`zkdqYhD@w)gO?KW88R!*gQlwn*>bo1A z!$-TXs}&Xgyamw-Yu#jhrS+x4c@L_|dI&$P$zxc{-YpYNH=y9})R6R7Eblj05hyH#kx2URuFqLil~fQT1l%G8+Sa+ZMI!pp<`mGj^DANQ z$^RQ|qd_4A4!m$h6bO?(HKTIsZF&M;*``gQ*L>i&Q(tc2rt~jdfA^Pw@VWcokNZXW zwGs4RR+OST{B=MnG9pgIb#R?BO|s@W3;m(4SRGla`kspO>x!SVz{D?X^|Y3_tqGFQ+KTmdd8GxOMBLJO!s;AO!-qcJvTwUJ|kmoj1w5H zYaEaO{V;A+7f2aXg zigIDkspKS%B`I?%-^8(%$|iHhExYx0&pnT|aTGUj3cy6ir=|>7l-J!r_HglTpNV*x z-Qv<{^uy^?t5bt-BO~(ALZ$JamGwnd>d~xMxMeiq)LpF?oCR^>^+2xEUDhN>2-<({ zMVOpMjv?qR0s2y-bm|}7+V}aq5IEhc<^6!yIb)%7LnIcX3AJy6pDklg%yth^q{cYl zXIr9+CjW;!;AQ;rYZB{yZ!Ui>Gnv|w?fbc=L7+&_iQTs%=F4EJ=ik!99&-`riSdiT z?m}6FP*zO9WaSG={4f61wiUi7P8tuty(n6IzU)l+`Oly+>Gu}hZfk2})wpDx!e!W1NmV zgw(=Y0(}SMti-Rba8O-UX-X}?RWRF&rAZO=m`FFbDxJh)rjBk=j_q_rDEK16Yxqa? zlid~#nv1F^vdF8H2wO`Rc7_zdj zj(=kiaofII%I*Bi=NVD|;i$8?O3ROEFpQ+B50k@lse;I4*A=5aTag`?lZ z_D;R(=WH@UiPytK5w>-@4};;oOwVoaF5hZD*iY_N2nre|bAD!2P38MqOzw&4BgTaz zbuy`XspXAqQ|>AhzsBqay9h6L>)Z)Tm5 ze;ku%13Y@E0+KB|AvmU>PE_GdlK^0VUum6MmV_13|E~ZF|Frp>=lpHIsN>iRt zbTAKFp`$uQNP=M|5!YGdX*1Yo66!)uyDBuZ$Zt-1Gm}K~$aj7Ci21IDIuy0|;zCC; za{H^-fL#;&rYyPs_ZWz61$H&>DjFq8mas=HI3|4jW(Q7A_?epr@kC)0q(~M-A{4yq z4Q5-qzwZx(xI+j*$v4r4^=3^k?|&l}ZR8)EBks8($hY|8Q;T~N1CM2|@0v>cJf&ov zDy$oSxdeuXRk`vmCkbJvWqsJXEOOp>4gIEh_X@j1+xR~2JOzjmwAlaup2RVxK20_t z#9>=BEJv3C+yre1O=Q#M=jeYJMhE3MTw0I;wz&)Uapu{q+5g-JJ0gLfjYJwAU{f$p zv5S6iK`si~Z%-QkrJoIxH!-=@!_5##S6siEexqA@XC%uRguk7DVr=7n)(i0fT+*w=aAm9|HF^kgM?-g6}h&m;3PqcLj;# z_}3`@-bFiPIhxoSNwF8Ndrr+h&$p2*3~53xb!Jn4uaFhId=t9&eV};^u_2R0@iZ~w zKM92|A_{+*a53}=3TsLt1|r6Z4?ei7^5J-9-S2Fl4Hgk#r8y(Xd#>9b%V8J_DqdWW1O>-_n7r%u%^1y zEcdSyHlNk{P15#0!%L?*bew&D#nFnyhR?f#T6{y(CjJ}S=lyuOhWsg_S(eVe{oGJ_ zEK`dAi?z27$};MrM+HF%2?1#dNs$ncZje$^x;vypq(NGxrKD53ySr1QyQRDPo(J{& zzB_m3-ucbk{~YEO-se2$?7j9{>+EgxK{2A{E@y-Dnj{4Hil<`JZO`GiIHA>%azrV7 z#|TyoyCk$^O9$Ye(|GOWzJ*m<1w9_FDSH z)QGN7MwS@B%#8VfLU|6X&kb@!mJBu3o8NsKFnNZUOM?70O-h&QBA1rxasCGHKqAGy zvc^@ioD23(nWJI0f6RsH#Io#+b3*ek~-wef<8%eP1)R}jEnAy)bIZt?DZ$TdBfHoH4b))M41b<~p z5X*XMD=WefJEPt*Xx8#OIIx2j%T}xXPtPt7vjU|?C38`sRf$E4{Q3mzZS9R1{`H$ z*1m^WM)g?A6=JacFZ&DSpj~qpE#kr2m6zy?2VtJ+tPpWK8fNT9pK&BFamE;xD}#OL z-$m%u7!$9jlI*vl`YnpT@5rqJ@wMz;ZiZV0C?? zkh{g8k_zxf#LO0!0z6zi+uIayEankmsTgLPv$v@f> z?L}{XO?GJ_q>f;S%?K;J=7bNhJcwxMTPgY8A)PS4;*X>KIY8?5&TlMOXQ2Yv0?mmG z`u)XZ2P?zNIDeyL;4fdcJ#PJik#+j<{E-N+Z78}HP>bI3IWL^)qz36QqT&>;o{=^f zwXwUg*AA$_^uU?%xUKPUb>P*#n;w{e-{R>11lG8LP??Vz1VW>6yt^m_mI-)w4%wzu zipe{m{np;0FlW1Bt{7U$5l;~ zgdv+HnP?k$+oV@Q2HY8kdB#~T56A?VRDUjcU7ji=6?i|gO8uk>!_`)~mWO%@fJ!fd zn9MkU`ysDXn2tFlQeJ-$y*s_pv@Z!>9!lJDK)6eg$~~ zCmvKKn#5REZZM*O%>4{4_-$tK4q6wDtz{D&B5OOkH&C_fa^X;p3F3mz$16NEIxtpD%Gcd@BKvo zkWuazM-N8=)CF+|Zw-fU4pgr%UDzqQj+G;*IZ#eEqyoXZJlJr>jPtW;s78TST@V%xw%B$ zKP%l13tF9e1qTP4=$PGi<#78C$o(wXh`r>esUF1a^rMm(iZ7>+LBw0)H8DfHi@`FD z`ye@T)T1fihmP6__WV`f>>^{L<#CWqT&0!VwsM0R5uDLs;5o^Tz}?B#{{Dyo_P@sx z#vUDj1+JqMzY2lN;`NoDsEy|nsv!XF^n2Wujms8 z{)B5}7&>_oXZ&((TC&@@o}RZnPp5uS=})C-{?#3(MM;i+(dABme8)naqxA-g^RD4&_@u&!Yk4476hXZBm^bzJ8%JE_eNKM9r`PS@zo$53%nVtS`f;D zcJGhgy`?%3`AaGsj#imb!`{oVqIrU7ul}@k5`0qX1*qgQw(%7M!0Y^rj~fL6rd390 zpNW?PHKzzR`}^AfP^G%trhZ~ZHsf)Dc_^h(_V$VYa(}=9yzTgkIyWMG?vtOMx}`sH z5knYnI$q+L`Z(UDYw{S(&ncO)RKY+P$KyB_;q*j!naX&Sjg zpHpVg_TLw>q+`E}@6ba`i#8@K1zctpQT%6tQY%rM*gJ)@Z0{2Ea6KVap_*SvrDwAZ1y_IHY(3A20AO( zu6);!iBaqg-okq~b+;B~&y##QaQ!;hG+On0oC<0Gyb&#r!nYMgx>JZFjkIph2eVBC zPR(i6L_BVRu*K!&m7(d^4V{*5Z0$30h9EZBcG7z2ka{qE!JyCujA=Ci_{s`M3HItBZI0meCy zdFMy_D6~7kQxU#sJdf48cKir^JO~3EA=!iURTi*6l<664m?hddIDN~&=i)R0)|Q$R z&L#PC_U`tR4@hf8=m9lc4WGb4U}3qL>({a!4S{V8V7at9y;)-aA+{8T^>h=W(jtSs@6&7w_-M6^B?%(=!hxbRJ ztRR7c>DpOC3%QKIRjbwk1_;S}^Dy@fjs~q6pf62N2bN;?_EZZ}hz+{Kefgt7$2K)A z5Mf(>Fx*#!WX4Zzu%qDENO#_a*SnKa2e-x2Um1n329-t7%H%>P<#=@h+Dq(^IwsoH zz_FVR$OXrR^b434eZo27To|x9IANs|gtZsH#b-C~*VW2ELB>#glM_W-@@~8SSyyUp z5l}zX(sB!aYGNW9?6Vl`^vWpES(;_Go{ThUyD!83QZ6pR%SWzp6!uYYQ5kj5A0F{L zoRmg=;FBq-?2zu>dR}9VJQ)eUJv*ez+E3P*5?L-2G6~5{^m7^I#-H{B>!lNU+gkk4 z@Tm2Wl_Q}T*VqMLO5h3(5(?Nam{cM_r~|3l(Wt};df8^w+S>p?(!^yz5a{lRylvE6 z3UJOUV)=JOkiZd9c29_hRxK5zW83hn&BOdjqOV~%fB*tCRImU-&^9Xc0V`6FVJc;e zin9OyXJ{d@5kWQijD81_Hb{2hf17iA=Tz);bbYDB<&;uZq5ijhENDoQnO;=HxArI% zgglQ&o0K=o42b>65^F$S`2JR93#}&G?H!Y)qC9nY7%vfhBY`W=9evLa6a1v`L_{ly zn8kFc+HiXkFs7DAD`yMQV<>8nM%FmFFH}Hs2c3eU)ptf5H;uDq zU@7;#JE=gh1f(S4=0FLQazRT7uw6s7s;+B4JYhw;EVaG<|Ny2~Ni#?C9)T&wfiP z12HQ&dVAV1rX6T?AO6%V(E9FBXct(w*A0*3-<>;9%|i7^F5jK@+9(TB`h?ajsP)Bt zTsqrc;$7Oq4gl?^G7W;&#Z$`f|NO7J6om|rORYzWYY$;UZ3Y;`kbHWAe_ntHl|O9g zPQV=-YVV0hsrQsD_@AStu?3!7-f#sxVUr9VS_1}m&Ut$>Q`@1w00qcNqwsrLrjDrv zq93^kpjUJ6?wP!B9z$<;0ITrh)z6%EYl!!`qoXuoPwiXeP+TpVse z%TGuFBCP9*k_Fe7pKmLM#bf0=g8|7kUIEK}C-C4r0aCmFN5Y){(Mh$7?%g+_rCfr6 ze!&)%)zXfT*`)geCCi!M5pm|rizJi5duh^P+=?BCB>!Cx4>nk%{OP8z=2ZKOD{uA1 zVqv#Uuqe@h20ripuwTb=?a4^LZd0@@;A<)@nF)+(puH&k|I=PP35#-`Xud%XbF9#H zJ2TS#9&ml+NC|dz1dt?`y6ZZs?~vl31yZH~(EV*&B_Fh04-x)X59v=BrF#DLfq_VJ zV?g!Es?`7N;0w5Z^}73x**%9i456fwHl;Z#ujf3b{bA{8_Zqxb3s09fW$>bn3Z? zw2dL^`*c&T{J+$<42cs66MIN^5JC_Z$6~tW-1O9HyWe%X<`xdruJ>AnFm~a@w!`3} ze_fCmr4M(8l9nNteN}*jU$Ae$ug#|bj9M5VXG=jiG_@l!C3xXM_i#W5O~^pkV0Gi+ z#HGmGwkQKlF~E=-@j=JX)(55YpELKPCh^Ynfo^(t=%{}GAB04@ofRcBE(n{9e2Gy+ z66g<5=R!Z-;0ChOJSqf-{516m{(eblwP>FJ?EFJ_IuQz0n1}%h4GJTMGC2oQ@-Gy9 z{sb)WM3oJV6FK&zTD^Sk`xxtTRHB!v!qW|dX2~7MW*iPg&Qh9+sKPczf+M;xM3#$) z_fBdDm74Vf?i+wI0#ONf3Y>iQoKIzJ5YQV2>MB7)Tg?3 zywi7jrhmU+&=UY;if;Z;zoLkMB&s;*x#jebi^8MCtmvkNl9wnHBlQZ3CI4rKIRVlz zRrJdxv_XKV2^ih?9fhj@KH%W}$-5h1df3Mdn#~M$Hnklxc)?Juy`1RRuXp+d@QFV6 znUhtmeY-0!S#$~rTmxJ5U&$ecgZi;XOUDcpG4r{9UzLh;8uP-{8X;jNv zI)S@sy6R9S*MSj>UcU1JRs|M3+vC5_cFceoM4Uh8X9fdLNP34j`l0a8vFoRF94@ir5${s&V6hs!kwI_Z7Nxsl$J^{y~e7hv)x4uF#?ahV5al5Nx&U9^lkzs0( zCj9Sd7_U~=53*Ii#0%_F5j4oxY6#-Hoi-^y{YEb7`QUhy%V1!(#vUy&w$>l@>8$7! zt9e{;Q0NQ0y`QAsKEBDXzbx*Zp1SAs`=LG+F*c@-VRgj;bJEyq>Bly^BVH`5JRt@h zJz1`<=G<@FV#-Xd_nU>&BqER;J-uY})m6yFLP*}AZ4>_f*qOk?^(KnmzyT^+$LsYT z3QGGfp2Tw@Aaweq2!Cy!<1-4ki^8d`tqoz66VdO9K~X6&l)dFUDA!pM5xbr<{{;uK zBD3T9(K_>ZgF7ESi^=ELUoh4;rhv&!8?a66Zdcyb?<<|kOpFIps=lP=dsc=`AuBtl zGIRv9MIm&cU0zqWzH%Ecpe*7V0?i(a?B{s7D{t??z`#&z*5cYMcRsFZR^Osl`C06+ zZz(%kZ85_smcU)LaGax5pnICY!|r6QqbD+J$^Xd+4&^1FdqBf=V&{{cHZa3tcn(3M<^$v9 zX`sKIO87__NY9&%*1k&tv!-p4mm0MWk1tQQJJy*qLg_U)v1pXh!RBL*6TIQw{Z;nj z0osl7b-ekm`SjVoa-9va)hyIjxZnwGn{&~lYzz{5$ahxMmZ=tEv#i^tfP1k%iC z{zPk%et=w-uITz1n3$=oA_ovxN|NW?=aTA&zR^*$BN)s&KFpGv;=7kJ^>D^|<-mYe zy|QuHw!CtU_}pT1C%(qeKj>;^4)8;Tu9v9Z@klL)s|;X4yx;wJ^9)P_uzYH%o^Sum zQorw;aG&Y*)z$2zQmn0EXNV?zgUBp-_%RrMovDx$X#vY|OYCme9L;PL!dpkIT4v&7 zW6-m~J3I7o`Ks@P$AXY@sMZEXe;}m$gi7ZNbP}dzKs9GEo@IvdFYkc8-v(84-vb`r z1wSGv_(^LOQvT=Ql>Z5S7z+bhBpTiNYcis9i%bKGdYc*=^93z9g@5)}BC`=fM5ypAF&dHQtM|W1tkd>_hTs3v{?&>oj5fg($EfGTMgN(SC6hQ zPlaYU?IbkSige-I-T7d8BI$uIk#X*&!`3+C(I(%$2pR>!*;>a!+YYHR+y=RhAY(A7 zQcklWH+%^$w{9?MsUx<2=}f0#lRbUE#f_!tN`g!@@SXo-pu%Kf3#hZZ69p6TiPV&v z59VvADa?aIy??%{r43GzSR!xT3YGODnZ8TDN)9Wi^L@j4c`ZjifWPd^TA)#bib*Nu z4OhK_`lyxf_68YIB!uy(WT7R5!`856U$ttH#=WI$PWblf5DkM;;xlWWS}NEwlrXlF zyEy^3C2rAKC(N_>EEb+fPiT^)cQvbDJp}LSZ4^VQRQ#mF#qx8-0+rODu;M=W$u*kc zF8g9|wx+m)m_b0-d{I6wonPUDjHA;&z(=Oj42OV#Aiqm>Fe_K@;`rz(lQO(&)w`tL z@T{Rivk9i-*-ERXtBU3q<_p+zcrLra;-3p*F@fkIxNcOG7^N9lcQ!3UP)@>kGw3y|KQlC(J?kfCBAGLf z=W#}@U;kC7aM&Nug$JuC702!|&~SzUEYa_pCJ$7mCrXSI<^x^$s27;qW5buFdM;FJN3L5pqd_<(A=XMbb@42jR45x^+%8%isw5sxu%r$@9E6xZ$uhE$r z{q*CGgpq`xhhakz(DMFdC2-`*aX>EGmQ;BLoyZ!fh_)E!zNN}F7qz8_XiFNwEA-#+tmB-;{G2kG$;NhTBxh{6ug-S0 zR}p!;tnU{;URD7&JTrh6zD%HxHQMg$FE6h%h&2{$44-ZT;v%q~kZ<+_Hb_0{l}_zw zm&2_GC0AwU1imN)L8E!9$)IJciEP6aDxF%rx=(uTRN5CB`Gnl*0xkF6XdYyhV*R44 z*HSLt<&8p~6SYt!x_xc^g871Y+w!69 z%A2I#I1bwg%kzVky@|aA-^2F}1sEs4Y8{zJsM=$HcranWl1s-$3coBipRC0r6A6$< zwl8fUh^ti7RbYWiUn<}`uol@Z)Ahf`X1GC-OP3P9zBnExd?w%tmpv}zhpIPqVt!UA zigtXfK_MgJ=B`?5=JV#s3*Etj2Hjt2Upk}M3g|LvX}or?v8}CFZz0|aJ?{ zka>=ei}O0HFS?&9X#3N^hXjJbhb;!;Amykb163!lCMxib{Q3jJ3S|IH#rCwehxUCx zIVcp3Hc&?YTT<5f3Eqi`i5D5>2c?3D zRG}Gr?~#L7+QrYKxa=*&sz6Ka_INIP*-ROMnv2fvpJWg0q1?mFeRzL`ysp7EZ zPxPmpwZY})ldqi}-z0Tq$z@od&T7Cdcl*?aVm|>U0YpTMR;ASlPB6U|VZU}U`St!{ z2mzBpSO&t)_32!8eW;hVzHC{kfTq6*kVkkG^E3m+F{zT?m;5%wQ5Quu2n`9Jb-hT@ z^+CerKGPE#v?(#po3xVw9kh?OhdNTUByE#fLXpQo<8vn)T`&l55Df9G=#HY&{@QWn zXd4QIu454T4Eb9O1+~)Mg7*<& zL+&xS-?I5*EvxdnU9r2kx`y()I@#6kkGlYBe`~r5dBRp-2^mvA4E;MaKP3aLXUGN_ zn>r~WpJ3#qC74flp;=hDdYSDBudYRn+w}we>GS=J#Jw&mq0rd@X&&n_c4d(byQ6VN zZnq=crY3)q1g2{4DKAz#|0Ru0NBNCmHq^&Qs2h%@9J< zzNxK{u-_W@NKSOghJ8=|U8H=id!&82NUvT9{PK~T$z4;Bzl+W)=H%HW!HjB@5mp>( zvSSRibFL1CI%2_tRkkY)tg5=jsj9b1E;kca;S5@{bPqA15J637#NLmq^}?E?|LStL z!FVQ}4qTPU!G;m35C(mwhn!0(Y+vW0vRO>aEQB8rX=cih_C|A|0RuxvIv=ZunzZBX zZJ`mvu_mY0Pf==>;#M{Pxqy!98vEVsy*Q-;&1d9k_rU06$?masY&>QuU*E;)3ER#{ zx)%ql1H{{MyXUh7r%!_~@sI)Gm<&ifP$xkd33L7`5J)6_bESuC=Lua7M2;X!5ORG~ zccoWK;{PmO*Z>#VxysSh)U=@kD;h+oFn8H$WO*D-K*Z|b9mixn_zU}#-Y$Tp=^-*$yV0H z?wVjrvpkpF#aR-+2dt%Q5RTl;vkGbHq~5drIlYx^h3_{*(v*oEZ&WZ?$pkWeke_&R zuL(`1(2VUxYu1!IfLY|jJCkuGlCh&9rn<|YA5&{ohbPn8dN4)0^iy4SpB8|vB3zKb zbNr#GW4q-%*1S3n1Sf0#=O8$(B7)#_co9eUk23@n;%7~W)fa?Ts4}y0DdX|?(hpP^ zpvQ25{halnV&UX}GJ4}R98hxNT1!5!iUEi3(@kvK29aW6tk2}ygy`Sq_;^gBoa(+u z#%>~yUx;X#f+!^^>eIc30>^H1L@g3T_#;6gic%8)SgUIA!+1s_iC%j^HeT^rtw4*2 z@m&4WS<|^$tK_Yj8XPa)3*6L(b9`|3NQp11trv_UYM}zxM0y^Rjp$ldA-=<|cRxH< zqE;?UT5v$L!DGE*2FCq2GlVqA`38(<^{$txDB+>8S{*?I!5TFmo2Z15YGH?q=+w&j zqx$1fR(hV9s~9t|b@zYYFH!BJvkR4pBX<98s2oS{k4Z891C)rA4RDi!yMiyN$|{fA4ywipp~N7Vg7s5?|BtEW)V6-J3K=yY^t zxPch{7)_<|d}>h(MVk8+z4KoXQh#>E9R5N{st!w|3In51yGgLjK?4~fBv!A)u&RbA>>OEB>rAQy}Hwby;xa*Ku#%F{R>DISwa-85`tRUN(Dh~u9x2f zWWk_mp;h{Lg?rsv?$Z{$Bd{p7uVbvV!vBJ)|6Of<%|`)K*OT%pB`(-T%B`rMAE zBF~^G_W+7=B@rES!S z&e|FjX-jx8L6`>2$|l*h1K_CzjKMBC8x!8RR-a0{QfcTF>`|m+G#xcN=B2lj2qA%a z;C}U(MlsiTT&X>>TY)CWHj&3!Dv%2!lE!urlnKrHjOj(hbC<{UOV)gP5Y;3Pai~zp zYy1er2LRp+&SNR_R-Gx&Yu`0%y0{K41oN?G?S?KNzB;ep+$<0wHR>Pp7@Fjkt`|}% z(*1FfD}K|pswElADtwAI%MC|zVA*Gs=$`MHnIVyYrFRz4OOPQEon1fWe6fs3#N!qK z#;#@WT9!&~&^Gm-AFgz?iiZtfN$_@D?Psi?ozA)M^+*iO1NvudVQRO&rMAjezOj_h zec{RxP#$A4>2ROjuKSETPs28*r4ygkN8!|;|2BPMLKd4)Eo@Pfz#mLTbJB zRhOv>OF!;XonHI76mU7B+NnsUsArC{;0a<@+R5}(Riyiz>n7`0uIA1fdAD+| zka3LHwJQ=L5B?T4z~bY<1lg#dA8gTB?YHwOm!2d1k&`s}c*5@Fk3Y5FCtC#dN;k9@ z;C@QU-YQUy;o>*yQQ^UL4}0u!>n)7(r&UQY-x-XYhM)Jz;MuQPs?DyM`U5_4_;E6m z6D-W~`tkN;nGy^MnTSi4MSZx>sF&X(S^we;spwqnb(Lae8SH~D$+Y#M3?<~#<*rYl z$dzwmZu^SO;>e^`Fk5F0%D^Yu?<%cy>`Io8@R;|eEZ?Spuz0=v8%!<7&&jy=rXlz# z7iui4WqbFN9uzjE?!I&kPD~68PmlW-Ih@zk4vcOW?>RwX;fYNblSBUv{v2%LcKbOu z(=(P30v0a2ofL~!I+fzI2`x004|Dm~&Sxi6gW2XKtG!L2z%4Xe#|UfNQ>FHwehp=D z8h%k&djQN16srJZ*8aU{DTLKr^_Au9qcYQxuQmdy`%O-;2D8q$uH@2@gkhADucn9` zCsVidYWH}mZ9uX6bs^C;s6Zs}b=JFr#BbCX`mz>h?4HX8==U5AL3#^@?&Vy+v{W{50soHM)>%oeapRc&F)STP({``$A3vbUR z(~bB~CI0+-LdN3DS|b2?XQG#ZYs;DUnD7e7#d;mWglRCinGH7NC2rS6pKw#IhMhW{ z*YM8{5eyduqw#GeyOpmD@G+VUD;bX`!BpGdHp+z4UP#B#;$49odVnk$`A)i$t94tW ziaa zs`PzHHRUtE>FtRUrE5ucZGQLRY?UG3-SK{fa7f%3wTfF{*DG-BPU{LQ((ihgt5q>- z_Bm~z#gtw~WEaANtzeM3c4MPQ=DVt5C+X1BZGfhAhLyC01VvJj!$aquIx-Zflso{m zIs)SB?U|YZH4lzS?pO9Z(`Uv%`OhvdbEsO~xg9B(-yfYev8yB*;k(5gf?fJYs}){+*wAToaEU}$14 z7FOEv{(@O#HeqvIm4y4=R?3=Awib@_!`A2ic+TYaL-qwH zYf%*q)}^odg_jP~==r`eNH4bVM11~@X%t*fKEbVwFvLFeQ2FIVkD&JF((&Kbyaf_e z%UcgfjPOU=LazJT_ptvNxKTg+;_#w})Z$-og=%9mtA%zRphsaywlCzpi;Zl8eD0ROIJ5Wq_45kT3N#WJR%D!B zrHoLj-c#b2GIaQs7dxA=qy}Na?m+n<05^22HpM-yI6rQrC0HmIY73P4e=Nz4lXLb= z^tahAMfQ?dIPy;JPvK z4XjscBp;3N@v80@?KDXE3Z8m0+jX%tMJFp=pz0vU#dHjNF3dMHVU z4C}c%E^y-b7n>h=(w=CQ8b1cHz_1dJWAgr4N(bUU<>XNZ+A1Ds7U+0>K;d+<5eV{7 zCP_GuUb3Rd)n8jC1$ft$SIvq%@t$KdlWC&I(EbHj<4)xabEbO0b|Tsu4!rYVnmk$X2*{z5ij$G%j0A8p0>oF@wb|5%iyhLR0M(H> z25x22s?`%>QcAd(Hc2fzbv=td<@)e?{oRk3AYhf)*+&tp0-ulFJo}-@*CmPRAZB8B zZd{!VsjQHm@2nu1InAZgMU!=3t^;E6rTeUUSV*k(QitC02Fu`sZbA+lxVpSt?|7=$p(95Z{b$;ITSN*#>=LYD=c%CR1vT6YA4U+@DICemLU&zC}~ z0(Y+&HDq08;vl7Y<3GwI7qH|2RkD3Idij$69Mz=h%8?T1a)58Z+a;3Cd6Z$pnb$ml zYR(;uKAR~laCtDgJY&BPX0gr>N%MX=!1;Z3en>;&G*^GUcW@vWZ9m)Oyjzz+w3B2` ze6n?i`vJ}Nh%ap5;U=5$Cqv2D1;7@`@kMdI4LQI)cgd3>ZK+2i=9NFJ21BIhuTM31 zUnH(~ttubHCwmVYcMv@6HrDwO+Mx8xB4D;!_(8~Sd8-uivk}cG^j{y%r?Ll@oLt5+ zT`x}ruAPp1FW%36!Q+#8R?UxhE+NB9FkCM^@;h#(+D`b;uy5EjXDnCNW9*>H7~uZ8 z#6xj|%cJd#`qYR4^s<3S^V9rwUJC0Q?8|!fi&g8mDksq=KeJT@^!Fw4E}I?5A%Kkr z3DghmSYzM(Ra^fb0=1Af@W-(`T;R`kC88K0*E$w|vK&ht@G!ruxJBH!bo63hE%*Dn7jNlMc7s$VLBK8eBI~Z5R{TF zd`40MgdBp~RBQ$HQ>A#56{Z;$+7a8=r(7gy{0RCBI`XkwVHBp=kMPe7lgr?`J5yYi zK4H;?3wMVSh!3Sn`nz3U#169@a4f6NmKX)A>bvdDla_T}UG6VI>Q2eXVE?{OFp*fu zOAnpI;jDMbF6UzltTtX2{QRFtwJB``K(3cXwMosME~HWW;K8JdF0dS{C-+0br=TAH zM^KdM)@WbsciwBNd7&tX{j#$e4bRJfHnLAWDc~w!+##A<(vko6 zhEn)V(j-+PDzoFeV%m!+>t6NDFX3gkjWC3q9}rdt;+0^S2AW%nfK;fk10d)i;IzZ| z@f=O81(_)-G9&3aUlm$RktL_i1@2K2Y2 zW*9oQwPuyc6Hu929>_0tu5=E4H_+*vWXVx@DG6%OVrmg=cd@z7^y_*P0pt$pxKG{! zE(cvQ@>%LCft&9dc3KXCn;d zaWs=%jMMH=0_wo2TiveJGy^A8?ry>VDY<|h^pD(j64UUdbapp7<)YrSqdy*(^9a-B zdW1ThR^=BuHQ8ao#z=PbmF|c2NtFF1XCNRvXS`_^a|rA$VYRpt>T4q}R3TDM>LXY= zEMPL|{vJ-&#OeV9vtj#uBCQ`ohHUOW(5i7Se*N%2Gx#lW4Cc8WTn{RTC9QXwYZhvg zx?QbP9nT{zk;vwmz1_gB;>EbK*`4L{-9;!H`@sWre+9Hp#<#PVYtvPjs%2*HM=k#_ zL*Y*If?4l=4D$}ccS|HP3b{TY;4oGN^IZKR&doMi%}0!!uP=|=J_8c$G@04xCbxU^ zl4A}?zzRvdU>2r?r>kx)0=Lz}{yE*T^|v?NK_%d-WNE%40=Q19tArkWcezFf_@4F) zQH^Z>$JqPN27YH3u|>G5KBtD7CrtkE3gKIgrE1|2-Bw2ax56N7-L+IvI3Qnp*T8N~ zJ%0jQBdy*J{6aY&e|PQpIYCCJ?08^Qn>>Z#>&9Xb|kepy>U$e)*L184#^ZJe-#E z0P~b7pM?Q28%Olm;Y=y2ou@P38PDc!%W+{1D5c`kuwx3;i>8;qxPziFEwSO&4R$nN z%`ZjxYm&qMB8}Bb$pD{dM$l6Q^dK|Y8SSZbb1waX$Ug9TF9DaphJcJB$EK@U?}E2I z+3;{FLq_DJ%4z|&bznM@-TE1=S~V8%5-T#8Ces!xU)P;%j|?muP5@OrCqv}TOzKp* z*@P!x-QBDMd%HE++?s422;+4a@EJl;h^ti#)1 zi82X@K50Q4KkA?a2}6U9`}}YqZ)4X_y~+mATI7~xW#UVenKBD@FJt$y<@Wry086j= zB$ra!HIg%C>H#W#8ukUPR=Io~pZh&OOgbW-88&GZw6uKFCwVnMaw*@yM(gseitbCDb`EvCQ{n9ZD4}@!OGhwARa0F zW?gEtlI;^Rh|5&0dq8fifIRlq#B31z5bvS(L7moa4dJQ(8{i~=m(AH@>JECS=(PCi{T^T*Uj2N47h{&%;CQGazYIz=KA0DZxsASaW59vn zZK=x>}!pw!(m9JJI6^@n?Vuc&6WMckpDdmL{tPYTJvIHf|Y=?6d z)O?cPBn6n6j^--NwMYWmfmZX1Kq`Uz{V#VX-c_|?{Vb%#bJuH59*v#BORF10$5U`E z!iJd$^4s$R-m7KvKMxI^dq!}bn$nQ$?#fZ)IvlyHIxl-fIhUu2~`{`{)iI9a@GIqPE}KAV6a>Tare zEGv!oYit;Nz7Y-7pV)7DP!cdUp2g1c<86z3wo7k>ErFT0v=_%p5{bO`^*RCs#Khd} zW+4)!&9|s-P)V)zW+<3X8=zF>;tyFig9#4ARda^@SMbQ#^zzBfh#2HAYh54$O-irU zVOo8>2jt?BXO?uOROy>3&cSFSfz`$A(|~T4F`O(VCi%#mehcUBep~T1n%e-$?b004 zP$Ci4{Wfmnc&$5vK&L>n&Q};2C$kWD;u+}FGC(O66To+Sg*j9GQNe#YRW-?RrCR~G z4D2_2#~p1~8^^|!BF>k)Fo8^u4a|l0PfRew2((TK|JdvIf2)GaiYiGG;PPiNLcLlA z8v4N71VZi!{n}6>Frk-0R6;TC(YR>Lg0j0mh=d(cz=z0U}rCAGEh@oo*?2d)CS)zM}w-nCJbz8IDf zb94|Au*m(DV^}Pc6Hu?)Ruk(K%CGu{YK7k(x9V<#6`BFS<^dX>$w5U>6@N5noR+L{ zc>?vQ8!b=^z9J>11V~R9NY2R#H{3dluR)K$4t-)3T5{>c{z$r53rwY%K`0v3{EY?% ztNj|dOdm44U`sRehd@KI$Xe0Oc(U#?2INIx1o#4)vV51PNav3RDrmNk|NVCQ<8J$g!i&Cd`yfbg z5uGw)Lw+B-f1Cfm07T`0M^1i$7EqnOE|ipW=J0TEufa0UCBr{_sMi{$rF?`;rbB)Z zpMb5dTA}HRMUCzWlm-zsDS&GySDl%pO@E~oA!XsQTiwf6$}yy7KG?^|WCAqeU+)K_ zvqhbqzl#-whnV)ad|`{IrlxtxV+R>U?i| zZ7`d2GH!@nMr1a)`s3yUzJ?@INbfk*ZMXK z?$KT!;`VFS<+zQfJCW+YSxs%Yw{zEY#S3!6H^mR6|0^E>b*>B<9Q-RQnV}MA75(SC zPUt#acAE`{=#T%!5gx|y^w-yDidQ%^VN5EzAIuwN@HClr7z$UHp8zMd6w52>SO)y? zl|Y63(arMeL8VFa9vM7mzb>)sV>no2Hmx_*Z<;*eQD&|;3;Y@FCSSSmxe+eE_gqv> zHKZ%Eat3Ta{z>fq;lOt;`vfQ5BmmzhQ*2dg>HI6pwiny{9d@r#eP0sTjwQh@K&iUK z=vvo7rCDsU+!SY%AMbglP=^#yp5dej`8<;5wLjd>OV&LbOVzkM4dIZZbU7ZO4vW&a zPW9f$qLsO)<+5MpM3*fSndlaiFZiBPGVW8Y<6*YXDtP|_hrjzIEJPwm@KmfUT=d>A zU#uYlc~V5J%))E2?dw7hLxT)*TiN!;NX~}g7^t6PxnY>HZOZsbmVBb$MOFb(%4`zg z8#s9QEc9nf{CHL60Yc7Tj)$*iopTOBD1{mSR9XN~u_`CkFg8s^|3-=Q641f{n;J7} z$3BorTwlYsp?!0- zK$JgU9pTZVSB@%b>d%&9;L636zrguO#_iSNYn7U>{gk#k>wH{R3E?{5#JBf6OGRO4 zzEMhMyIEKa-hyg!Fv}JvY>#!qzO_@9rqOK4cW$KUz?rUz89-T~Xr^6$Y(-qZ#xCB4 zg$0@;3Sf8me%vE5v#aVP2%q-S(dHmqAt&4;;J7`OTf<=_d*nO!`;>*U%3>!-_u4UY*nQiu@+?E&2frh4`<27AE$x>GvyS$}~~q2t&Z*|0AY^ zdFRCOxf30(_OVofaitT;2iHL^{lB-juMHDU_eC=`>#B9;0RN#gpA9} zti{G?o|k;qyXZKf-ygvBWVu9v?yI-FEmL*Q!JJ0bAJ$W@R{Q}GkNS-yuCP!Bs4|3e zZkO>fm+#RSLdM958PLc=s$aXE`B=jrjndit0O{52{7|}+yWBL29x_ymKaOR)Mbiqx zO@^(fSW}zojkp9oZv!qiOwFdsC0&U!T-!~+@9*ZYSw^@x+V;~G_RrS-9?k5o*tU5c zCw=02wnzGnYE_6|5C1v1F)zM$ylJydcYVm-uL;_t@G{rEg8y#ibypqm}q z)%A6e(XOUM0=KY_BcO3BlXIL-cf1PaGJY26JzVaI#c?;A^saM06-YQEisi>!&!N|- zS?G@FSsN+IK+5N^+jvDO9i5Uee|mGdn+y<*Awxt&j-t+V<-Q4N73~=pa80C3#iv`O zZH*`22R+Ju1o>|mDj>3TCD0K7JB7}>o8pz85tNeCotc*KuCPbQsANilYMryd{XU#0 zx0=TZ6+*r~!NnxJ*)rJHmQ(pWz%s*VaG-y6bNQfbj~AF$GF4I^czW6_UHKr7SL%=j z5pktAo4$#BNxTQJjR;M(%Q=$7cXrtbGHKV|5K=GI&*y+jc?Mu9E|=k>V*M^N<1od1 z>>%6o1B1@M4#52iMs!E)?{^SK)9$gqa_)6S$*E`WkPO~C5`coxo}r+h&aZzBagJMmeKlK>4<4(v-W4Z7uN zRV#n)&1OGgcRH#tk=UKi!laSUyvI=Bz-~2v4})CnGq|l#cid01JAxrdhO7W$v0t+f z5-CtOLy{_=yim$!lz?3)FWmw*%C&tRX%e*sN@=XC{V)Lyi8R5^nEO5Go(8Z?q>3#x zha^HR0SVY{JV4}2db`^1Yiqm$3>rj0R+V?hjOTJE+8oUn6122*x#*GsX`;2z9kl;^ z7exD}+VL>Gn)l*p=SNUzgKPqyyN99VoPxAXB>eLhUw2>NS&jAXFSQuL1_nj#8}1Tm z^^g0cEom3f&0}yY9n@YO+`@9GD99~I0>oK9ZcJ?5K#ctT=AfSJunruPERGpqGbEAD z-2J)WT52)!rp{0GfGE#CsM37uqu9NGUV&xx1I=2OHYA{La^C9&QP%qti(^Gr43!Jh zhfcKy6PqozRMDj=OVJ!*yGdm#+D7>g?TW-5<}d3$Ai1LzhWKQ?)+ z8$lBR?%Us&h~^aT6Lr7X7cC*RuzC6aYK;g!kNq*n+;ytK^>K?IkY^*SoS+nKU!23v zag1=;AxpgNOo#XDHuA#=kSo-N>8xrGyw!y72Po|AHQNED2P4G6&tZ108k3$M=AdIl z515Zv4lXm(w$w7dL?`}mdvBuHunkxr3f~VI9^)k`x&g#CdH(^qH;1be-=oVTxiFJx zt{Z=b25-0@<(6Zpz^&cx_3(7WrBLu3DN`o-Dwf0ik)8jv8)!IsF#A$>Sxn49V#t0@ z_{WWEtXmGP7zph8~p(b1YlO-NDL=UbhenS#gogB5CLrK_AKp8AvvIuc7~$>jTCpu zAdzk!*xdO&5)JN)N)Xhd5$jX+?Z;o=;=e+M4bUpqtC9A-_}{DNfBEg#q)6+tYSWTq+U#r+|KGxE3I7AS8pd|)jY3K@=QSc%zl zCZoAbIbZ2#2J{?N``q8Jopze+2!-5MoezY`EZJRbNTc1NyWeO~2ltJ;K7?IEX&mW@Te^zBNrSX41KhfTt) z7x=4xF0(C3;#gl5a?4QCx1+85Nyf6pUeAO!vf*I@->w$qhw}FE$-4IR@)~YNMnrfn zTU(jWkB1l)3vMB}Y1Asyg-6kWt2}FaHRjeZNc^B>{JNK*e zH~KGcr0dvv>gGMU=qo(}k?F$6A9yus-zO#Ihh2y340EJ3_;%_#>O|S~Xjg*715T_N z?%h2v@Arssx;?ms266#D&b!6>$Mkik#3~~6--15$yq_zH#L?chJ(*2(&E>nCwRJzW ztv*dCNO(uk=XX5?d%xH3%KdOWRnhtI_Q~zdF5gi8OikXc)Z4d1JX+UZvFX(v-b5K8 z1Kvymp?67|`~7iZT%4KD6aZl|Xna?lUHo`M{cwofhZ%hFjDdhw-PEeTbq&NHxgbS4 z6bLDo;X0h_>JnEi)b=>O<)l2DKWeea{KQd^k|K!4ckm)lwd@TG3(M$_2PpVy6l}9r z2Q9qjW0o}*Q|<&f%!-&yMxG}U;d>Ov*Sj6G0sb{#Bvd^F&2uBYQWIsTr~u)0j`c$CO$wq*vZReehdpg9%)bL$*xxsn3v`=? zJ!jdv*U9%iS)A3MCJp0>wx!Ebw>2F7lu`H8)K;D>@EQQy{$3T&`e zW1;?>KI=Hw%q7$!l+zzz?HW01^~b$J>upcuN86g7_k{3QIT`oa;3aq|uBJH;9j$-Y z0^Gbr1il7!(b%<(6L*c;=!c%YYI~MSy*ROq9f5Nsef6AoQ^z6PSl?pk#evw{<@tDG zZ*_OCfOjt4gPA+`!0LMD=!D!<95Wt=g+jkeB$fhwF6GVqac1?dg}M!%65`^E;#?*I zUw!+cgs*N-FRk60<0n+=0lw{8+<^Wl0^!D>XjACGD9$K2GI$d><{(Y5y|n38qv_5OajPc zVbW{Y9t`G@Z`eQRl3i@-BPFcW%Qq9mChTnXxc}?;kfIydSNON)hSC>galBH6!3T4u zgmaPap3iZ8i#cIpt6yAPl)21ej`Y(ITDcO=YpA-^?$j6Ey(BeC-gyMG!42Wn9`+Ty za)Y_?;)1!?&;iMKyg5~-^p?s6S(%oIY#+hB{a8=@yO?z5v@%36_l+6 zl3Dc~W);@1t2NAePpAzdI?V54&6~4;?iigy!pTb}&48Ce{(!3*oQ%AJ=pv#}UN0KS8dyL1P-F?@R zUhW&eH^1A?!t0%{kFUNC7tX{(h%LPYML2z-PxGqX^GQD=rpb{ZPqr35hAtw@Ea1Ng zLlb{2#7-j0-@hm5!VZ74Q!8cq5~qqqpCgc1w_tOog`Sg9#ZWACjd_8x$M7NoE|N## zgv?}fN;7rlL|c*?+T~z$l3CmMbBA1m3~w?nT+2en;)D;E*=HnpB0}TcN-^7xzBhR2s_Hy{m9bLGsYdwA zKxclm+$t8%I|=4m_tDdQb(0;z*tB(#^+t{k59SuN`nGzc#A8Y3T>#`$M!Fvey&iLS zX1)tnHF8}9Dy2+aJwn3{TO4>_m9i;xQl&u3Y1y4qP?t_>t(IFb2CJZNA0L}4Tw-P)v`8JdEVxzs z<;#~fj+<~19X6ghiASRiW}R`v@`){=c>w-7Ox7H9tq-`gZ?2#0oh-e;H5P?EaJc^p z2>DF~lNE^{`E}Iohs`%#wS>`qTAE zuugKmPF`C(FCzg#QMa{}lbxAac)|61u~GHmTFn@bo>+g@xx)%JR~fvpgP;A1{h`bx z$JD5`T3{_!(HGIX|Ck0|uyoxo7TQB+TP3Uw`*^%u<(wna=npAY-2 zVXyFMq}QT9GO9Kd(_F{(D1;{+mpkQfytBvJ?YSH&wQ-#4!Ta*5(1OJfFKz^-REs;8 z3Jg~FfwAT>EiLUp1&8M}ZUrqT=YTsQPV?)I3fdTdU3)t_bPN0oVvN&oA(>DRx~0L5 z=PZe|J^9JO$+^_vbs$-{JF;wUZLKm{4|4=vy_ZS&)pU=y$f_4o0&m6p9#knRC>S7x zo|>Cye>B9gn@=9Vt8wZhsZl7kAWZ6XSl3b8-1?3{uAd}*B}bOo+1v9890clCixBI$ zB-cBw3yd${yOeh@OmRUpRQryGV~gQ~OVHk1pej^x3%%^&Ta|XUKZY8RD<(pN2?Fjr zw#2#@3c=zBfsLuXoje;)5fG5IPm9#WQdUu+-rl~;$2VG_xPz=6YKX7?d^xzo?Rh`V zh-+aV;w6)(XEtIs_3&6w?**i(xS@5r{&xmZTIp0ZRiE==eb{h5N(d~v(@07#630V2 zmT|Ovf)zV_CkoRR(76CDi#t_)Kc%y&B3<-$9~LZ&0>l-dXw ziQC^jl!=BsqzC`Jy&{EJL5J=$A9bH1U^Uqh6@DJ?3=@a(>4rJ)67-eHICzFLxUfcA zz@>?;v0do3h2~*S@z`MpJ@XmaOkghBc+5^9*vCx>R*xCtw%GoWWDG5O;iMpoNIxG+ zZ{cptwj6V~>BJ!oNxd`fq%HoA`-_9K#b(|On7b4Vsyd&jLCI!ad;1!@4_*aX-!jc3 zBR{-vKi*5y82n=OF%?*_NFNte@?$269LK(d1vaVCoXTzEIIGkRK-EHwM?g!GWIfGb;c&D&9%?!lr`%%KLJW!ZIb#omhGXd1K2q%k`wIAJ_W=E%LsIa$TY750n| zuRNh6$U^(Yvt|tn&jd%XOlEzqsFVz2R zYC|I&($&g8dT~ctX^@tK=i#IpKfNBh6xVBX08>&2Cq@mVVME@x#zixOa;#sL2rR@# zg{O|`)ZJl~A*3_B0w!dl79vl@oytv|CZ8K>5AHSWGS4AUDbSLCZ585TFC5XF&V9+? z;Zv@e$^}~91i45C$-D&6)?h4_b9-XCpl>U;qht>g*cK_}%}f%?aHAQu1RKSdwsn9n z^L6iBczq82A>q*TB+;(Ax*su4V&?DH>eiZ)t}^TX))PQ~V+DMVaK58NO-1`~veri~ zT6hv4E&Avy-<8FFXH5|!zum5Zj!5Z?-`dB8I!uKYmOZbEf$zn}5IJSXPnEJ!VA11k z+iKxVcys>!|8|nw3x^feeqwc%fb}SNtr^fDwtEAyoz6ADc7Zu9QGeNP3|fdes``2p zuw4>{;IOM2Q^Bxh2M-sUvNK~GdFBC|`tS3c^HD*2WK>D`;(p=tuljXc*2|uzrVW|NpVDaCv&+%br5UI;9xkO7{6-G9Z4Pc57pdpW{k=o z%T>zw;PbzU4A2U4XIh~#5uILWD9f2^wTzl8*DJ)j+A>9mrY-jrw?VH~O=Y{G_6nZI z;oIgA7~DcmJXE^;TBUY7izAQ{R#LiRA0{Ap*9I>U3szU>8AJ}QU?J;NKHTWKpw-FV z6_}6)Fp>R_RQY+Fm!AL774z{(?{(@D+iE*DoUrFhy`NT{Q#a6iNTPnG-+Y42P;K=e;NR316imer3ng`M8k~ zeO1Kh!d^!YgKrymxi$a7@(lqp=yF3YqByMi$LvRYh@n_~1{@YA*j(Z$Ib^%CHtf009q$bXXClVdWWPfu|$@ zOwbbcy(Q_Ya3d3XL0!dTppc$Pn>4-lj1jUA(oJvS|4Wdj``v;{)GU-Tlj^K|L8|i# z*p-S&rhD>rrPbeVjwK0#W~+ehaUQwE&;TqLtiDkSTG+fGd@AW<8sMqI%qWWVqmb+W zw@!XI(hz+cWBakb`xT0c%5@EHu*pL)E+qp}K#hvPGjK7ly7Az*oOpZtgMH4M8$Veb z!1a_j1~?1$r)xjS6_+AqdkWy?;3%QN&flY7CE`|6NUnWxCqj83KrZ^Vg8g%19FOYx zO!!nV&jomAU!E!f9pUQi^utNhz+MVS7OwcnQS797RvMC#V1nQAtxz=CL;<`1K$Bvx zoO~;}0(BlM4imIr>R z=?JZ7O0+|}pED4>f!#CQbjjzmn?a~O$&--X#x_T}r-|9GtJW;r9Fu9ScOMMS`8|fm_5)(cgcFUA`;bzS0?GTf&0hdK|C*ELNxVI*BS~- z0bqn84)z?ZITt({5*Y1=OF`PSBaoMJOz;}`K9M&|&U_zrfGRr?y?{+_PlbEy?%7aF zQ5PgVJq!s~FV(HvMK`(%xXcR0Wh@YR%JqKZcSs|sLgX>$i3U4{E9H|?YsKg%XnT_1 zOHk3YSR8}%@Z28^7BTwA6(uL+R?sjL$kcme^wYr5@uY``JQl6_and0;7DextSGix? z&Uf)aVj!UrwsK&%Q z2;(oGZlhBxQ8y$#r6S@82oC;nUUJ^eQ%35XPd-LD#r+@KHa4X(@DB08NbHEkfZVTM z01gPG&xk@-*n3K@jh!tv7w~)1R}>r|`;S)VsN5?j7bI6YMx5_R%_Tf0)=0!X-Icwd z;msVKA8d+(v4HRpPp5)&y(wiLd~(jG@uElJYSM&Og|>7@$5L2402MpS5#(xk)R3w< z1+(}(J|Dm4gsT>cQ_X^7z4>weJ9fmII8Ifkz{ZgCRBmekJP+HCvv|d5`pxA$-$*Jb z_z>0#{cSlWN|^LxWBef5DnQ8+%YU>%p1=k%lWa>39Dkg>J})q+o!PF`1a@guKya;= zN;oR0Vj%Fx-~H?Rs@}pRC;1F)z=OiVJTCI|AAnVN-Tbt#4|7}$zbYXq?qDnG5d7y@ zQ_emEa?y7p!d2<1sm1WXX5>986VLZf2mvhNUUseA_k<+)^0iG~_>eU9%qCJx`@FxJ`{W*uL#2>V9MAua}B1cjl!Us$>T3OclGLMd*z@ zBp7ncRPsVTvB;FNR>@w|VitJX8@jIr6!_224iGO?Dx3;azLv^`SKxP1El8N0z5k;l zDzq|5m%W^8Qn*VTsTl;hHe5d-*G3+=Hca_94IxkIREKSp0N2J-M|;li9J)N=kaMY2 z;+kN#?A|S9N2`~1tO^c`eOG~&;4(K%`ZsVAB)qvvH=D=UQ&en@`^&uopRPH6+RJC$ zKV+HdWdB=?skJdU*3(R>N|ks(BC1wL6p3(7jjQHzhbf9gI4Bam{EsApL&mk0{(g@S zp*|}V_3BY1i2n&;(f=Ft5f;Y44#)ZSh)o*orEd_18TPi~M{8qA$~rN-J+;y1HS#U) z32UCDRfU$hpDFZ4KjG)iBe?XZyW)*PsaB@9&HxIeIPxM-UA^ZmH&nN@NWR_ zLoex*x`u|~Mkl8_nOU688==~totv#POLL5r6HkLr&OMcu>8?zMaafyDTwaME?#<_h zP$v)(=!Z`sPTWK@+h%*JI8o|$irUA} zsJ~59JN4&`@<1WE8mDTJZ(F6=n;ViC7`x=Oy@?b1-PLwZZUOan4B%#%pZt6{Ik#n% zJ$W2-(`jCufm4_M%^T&W?#B}Rd)L1hhg>p}h(l=#y)##y^R3wnAiVo>knl$SS6=vn zj6G-?u6-fR>yitXw5>04xt@60cIg6&C*mMqSd;Za&>wAy&kXTI`IHpb5qcUC$4K>h zRQb9P^>#AHl@pwMRG;bD7{sH^TH7Qf72G7=vnmkgd0kmeTy4N%`$wR4ac6HbbtDv~rm_B6E{{Oi*I-?B`o{4`1p=KSaY?@Wm9K;SasN665cSD$ z!hvBa07eTbIe(v#^Exwz2SeeBX;s4UA=bdHlAibQ{>Q#;JI_8f!;@_64>6eDWKEZ>zOjt{!YJ&oEU}CxRuY&EC0`VwKPraTIgNr4zJZLKZU{{Ni|UT zW1Nh56(ua-KNzA7u1&fmz8Qt!^y^IT$X%N`Hp;oc>MP_qg;Mpd%@5MQYe9t2&iZiJib?{hJ@9>zQu69nbe}IdQhec<8=lekS@$gNy)KH>Zr*SeA z$3s6Vr6CyTiW%#$;}XG9dT5jIv6B0d(O9`m5KS!%&{S18xBVzaXG$zLw86OtVWnKN^1p6{W+lya>W{L$|J=R0sHA zqn~%po=t7nGeaDd4DCE^q(9_pdgfMI8|Mp-p@!aHcG=D4;O6pVMeq#=J&z<;1a*0tkRt7Xj-KktDU_0%l9gh-TkNBa%?BhZ;g2RHx;;1a?wZqu@0%F z97=OFTwU_~Ai|}~*+QJ+eQ-VN#1;0^F(Rn%-nctiGV3_yW%#Ks&~a29YJN5{2k^4O zykI`yi}C2|Rwxoz2={n1vAh zG^}ICYzY9*Y(Fn78;>0!E-T(Qn4dVjYJmaw1)hGM=dub1*<>G;uGaeE02ZUHQ1)?= zQioA2pMVgfd#wT!topm4De5T@{)g1SZl2k1_W+?k*hJ_^Z2~^0pJ?DLZ3f|_p{u~* zDPp@ma`tlG0%)=;KrUJ*40 zC*eXN#p~#21Z<+2ibs;Jv%RwEuOa|vy=GM+FKRkkZ#d9cU+hMkUzXU9}5wc7`D@DHx_ zp;8dHyWao-xD@#N)u#zJ29AUGqMItVv~WQ1f^ll#6!r}{Y^i72FjYMj$MJ2&KzbS- z1169KfYx266bf^k@qc45FcFo{m2ZUQU`!nAWlT(#4&LmQj+E&uMB~Z7N%8X3um1f9 zZgjSYmjobsr}+lwxj@~mdCDmqpSx+w2xQKy0X4-i!kyqRCHySb85f3ov0xTlM@pA# zbP73EqI@rG z*&`~AOoO0A=N~PBj~$2#zz(H~P(=*D_jlt93+=8(;@%R_Nt-;EJKWmfm>AAv_d5%HgS|%TQ~Y zJ2Rty?w?PB>%E83MrV;{GtHx$3}N zxg}7Gjg#wgDh&{V71-ml<>UTc_V?5RnV;=#c+z0wUmN6*GCZvNtou(I_*sc*72Y|ONC5AFq{i**gy-;a(V%+qsolX9UjBo3h zbFU>82w?Z+J%sSm|1CnG8$iMRFuJpMNr zn8;xZjNqU3cglDISw!fiL5x-H+}RsqCwlMg0w{2;zJFc6yQv&TNXtwK6F|XCAIwDE>quC%0@LgifzfJc*J@vXP<= zg#tRDxIy}{$Uju&rvxy7=EIwZyp$UQeq#=&ovDi?l3E%0XG!e5sQyDGL4E;AiLVSrq8@Q@ zaM4o=%IsaGGd$P>qz@p@fYjgsli8Sn#I3`A#?b*UMAT9M`D$^zfkDJ`ZT-PjR9tUg zE2+MIB1Rv8;85e6s1h3TB74ZBPgQ#N!kZbr_m-sMSo1YaoZU*H`T`I7sR-VgQA|C9 z)1z_Uo~nb80FP~KH%JOs$~AsJta!g=z8qNEJ}=z<9K>e>0)risSw$cdI7S0vZ-)cE zSO2*i{43yYnv%b9@G}*m$B*UipKe$JQ0rr38AD^(Qh z>5(%-I!isWXe{8NQ*Bq26tVcGoPp)Ts*STb4^D3A^U^=mbY`w&1k5s`ExE<%Qb-*{ z@(~S*7)hubJ#UmrQ6BjoWj`a)t+Oe#uk4DRUtd+k4lk-Hhc4*^$EB!q--ama>M8v@ zaa?Rp#FB#SopA;3dVBYxdk!^_0dF?J(HyKB(p%K}($c~$EqMZN)SCuFDyseN_rc7^ z#V;!J&7@kV3myXCkj z$)L?!oVR9lIwnYS{%RRuD2zNCR!xVt-<#ulJzI8Td800&yHTE3&JI!a=#E}Jm0bto z@<_3vKS$b5DSI$E%NSyhfzK(sI2%rS<4Nd^WOc=i`z%GvCyDlV2&qr5F$Y?rFeeFL;8jME!ryt**~VJ$6k})G4bgx#JKi>Vdu3T3y z+|iF^sm;Xb9tS*;78T8#kRW(oRXbkF;Z<=v`sHw8XEo*bRWk6jZa z!hCu*&ud_KS~Ter{9}&tbQiEyJ{uP+i#&(oljnD7d1fNqT6@owRwFUGPCi?`+Bxde z$i25D27iUu42(K*jOP+SSShqqpoAX8MVE0)0={cBJe&SxWKSd#CB<%Y7Xj#r2Q1ah z^cTa0f9_)l$~jYC>v%z_SMM{Hs+hR?twW+e9ycB9{0sH}>A0+7fN)m?2>Bm|f?SNp zDk55fM#<0p^E^7W6u7hHzV4xCFpK{4-(Qf>^@ja{tP7iD@42^BsH8m_c^mY*B(oWg z-mO|tU8>P(Ra~j4fK3x#wy>~>2oHZI;Gv?Z_%S^Enr0+(h_tkHKxk-1e}Wh!J=#7^ zp+W}gfvbguLwaER~|*WSd`5PJA8Jh z`AFT+@FM{M!O8>yO3PW|R07Czv-Tbk>+AHcZFs9P1*5CHqZtk=Ce`CtX&`09iCL>- zVkr~$n{D(&8r=`M<|j;+mK+~Vm=r&6{sGcE)ePXWH7%mrsfi-XJTLtEWV9{%L8`(A zQwC7b8&p~ncE2(i`FqnopxT1kRF=brW<)I^E(&* zRLY`w8$0z3CBpzb0@Xf`j8YR0k_Uxv8b~E@l}B%(yAPm_iOQ_fWYrT;dp(`<&*hPuf7hh@l?MSu~{%z zYPcsYL(2dRpJKJTuIp6?YU=qpxVV<#4M=GU*v>onI_OF2QC8K-3JMBZbCPxk!Z&rv zCm@@S!3)koAC$`X#K0isgSLBcyAU659Eg2uAekx79gI$%^_}caBOY1hZ`k3#dC)vC{#Kermr=>FhePFAC#x;mnBRN+GYdeu|dVAoMF}Uhv z0*Iq*0y^RHWjU>QhgB0N>KwZS_8e+#z)hoJ$PjOc#Oo`cg|=>cpihi8JU)S?cb07< z7<}O+qqmXHwC1xbQE;4pu{gc@I_DoV2RMeD(DZTyZBPA2qk(TY5t~EktYhRjQCM$1 zYYg(1NMmxhU+$h$kR?Y2w`T)f6(sFL+k1)g6{H?j#{}Ri*DWy~4!(Y)jA)7ocq3cl zCBvmDxcQl|8Z97%mEebv;|w7WT!|4v!yLh*N|!C&HGrCukVdAbccs=BbU zpxNy%p@MoOVsYy`{fH#I={rV8v}q;4;}vQjM+Imd;Vv z@>#dlMxULP*WVLsGgp8PE)l=jI~Ekgw8A|SSqBj(@Pu2*tBNYL)Pi=&dJz3oOxlmU z_6{dC-LDh+nq47G8Brh7l5OV(QL`67Y4H-aM;H#A%8IC1()?k?RBcz^Fk~3+*z4LU zW8j+-Z8RTSeE}))-u!{RPcL>KVC}I$4-Np%X!62yMu?JUsB8kNYjU?}d42Z*ggfeX zk5&5nxikc*s9KhnaK$XzdFt+tu|+}`^xKF40K=r$#IdD9Y&Q80;4b(48oB5!@ihwW zyP~%-e6mN}kh^JJkBrE*IAvK_D7CspG5`?QWvd&xETr6=Ph2g~JCw^JQM1xD;0n1U zikrNngHLZb)xFO+`sQ@F#{PhTp?}GF;s*_wIS!lZ!C;8O@{q=E1OuP)B(X^IKp;r(H|$-bvdtMC%C|?j&Hmd3e$4uG{!W+M=D*nX}yfO9cY(v^9ZGBl;9+^IX5i&c3orLUhH5D?%nYE_}`Wx3SNbUY)p(@b$B+}hfD6buQ? zBLZ7{(1gUYOPi4nD3I(FAAjPKLj{Q?$sfV3Vqh9+dVi#>v+ zjy$z2bI)MU1=3f;|3t>8>;X>n02N9FCJ^k&Fr4ilXsuGus&gYaoZr)&)>Y_u}K<3t*}5d}8B0k1Ps*Ru+0#e#$8yNi)vXk(<) z+E^Cx_Ev6E6x3H_+#dCO0CZv0!as!E63k7Lj2u~wfhu%Bz=VFnMG-5s)N|Qj^xeA; z>B%p#5-$bvXp;6i2~XB*>{or~t1VXqHY$h07_F_X&0(RN5{V4v%1tV64Wn6Z1S6Y! z6Hjsv8xFNCg0pjS;M=-Kk94aJtuNnT_HH18p79jjI-kOcrbRGKIXed?@x-y^s2+!o z6pZvWH#hIgkfi|AS^~RSYq)L$zy%5rh5AT7Kn1uE*_&t@j~RB5nuq;Uu=I`bSSZYO zk7<3fd{roY_T=cZMvG)dP(Dunj{GZRf>7fC4Q?xY z6Fnqkvqaa_iM83CYg;ZYl1*Hxy!p>Z0q}nAvozvnG1+&WZo3~WjsU&*p#^l!>k>(z z#IM2CEN^K^))y>4%o!Sr%9q*RN!;53!nIf(jF;uPtT-Oy)zI!s{aciBj~I9M>)gozs-nOFc;Yh>$A)@K(K3^Gx8s&O%>r+|L-g-x0S zZi^(T$B$nfH=H1tUO)ym{^OP=*I}{|~{m9NulP?kGq1NC~{L%lBgbs6;>lMM%i13#I5Cd=dppdaA$eSw|BizEnc$`?ux<9}_{_ zrZ&|1ln#_#ex0!TVyj>rt>U98HlGoM7?Sz~7VQ-?bDU4LPqWXV zmZNmA^Ig4d1VF}0aD)e6M;_<%VE|qid&@`nQm4OCc;z}z!c_Y?IF?2;LU&ijEnpib z+4Kc{BaX|Z?t9ksqAj;_a4&+n0nE~|oU6b5k4Z^M;lI{BOgiQvc@uNfxwBq;@`&Y0U&-7JC zdz7FynDrgO!oEs+^XAU0QENphDJfb1Pf+=9BP}|SvNFPcB1?!#I;wr)YBPu1XY8ES z4`h6$Mqg#f`0aj$+eb21tB{zPkp=LQ-6!-#=sz+Xp`aF?`+Bl#1A2tr*=?s96^~cG z{rKp%QuKA_r593l30nvYxWms-z%k4)v4^gISTGIL;A<_@2qCl9jTsHJ-z6(R~ zJ+S1|Gn4HBgf$_S_XRyunhS?q6DAiYk>4V~|5rj|TAKttPQ7e49+{=TM91yEJez%% zT9}La18tD)Xl8)&>VG5#qszS8Zdkj!Wbt8;2=uLj7Fqi$zC!n&-`^#+`d_QGGsSQlbX=t6=HgqRZK? zd-aSWMg&hLvVHAsl>3*rt;Y319iGvgNWk}agB)09u#V>}QM{0AG1RdP#7xV1+;LEy z>0qBw))Y*?iQzYUPei>vw%xVtVwP3Elg30#NlDqKZz~8+VH?mWG+3L%046IP)nyUV zn2vmYlTk{0v~QSq;xf}ZNh;t`$(X=Vq9~qm-spv#5U15hDv%>>mrs}=Pp=GM#+I&| z_{kP>ot~CfeAIcR`y%)E}gidrYCllZzTUOQS;crNkR<@%kKp!99QYNgn!@@5p?wyxK>j)U9bAsNrSOwaVj%kRMWjh`O;jONQDbyXAQW z6Ms^4qaz(52}#MaqgTYGz>%P$q0w~wS^YTBVZwDjD?MGz%VmjHSxM~7KwJf@2Pm_4?_ZJ)6>sM%*Jg9iZAs|O z_&PWR)lL4z^`MHL!!fu`w@$nUugo*)ApaFxA3fU_rd~sG>^S8lkfI8$-%rS1zL_g@ z()oT^LTUrlmR15ktvP3O|LszRAW_eF_$kz2O0}?M1@AgV5nx(9)48XbKN8d*%B9xVZVP9Z9_f2+>&Hf>1Pr*Tja|A%*U7`3<8*esSe}BKZ zsi~Z?aeDjV1e6;W=EkhmGHF_DEIWOD>}t>}bm%N>0)DC{Lp?d&Ftmb|$%*00Czuqg zJqwg|j^ksSXD$H1@nw}D7F={zv}l^p0adQH!^RGp8k zh6K=9#PdLziD(D}eg0UJMjP}pcyJrNDFq#yHYn{!a!Sv=1ZrC)Q)k_< zLE%v?Q+N|Hso}RicVc<^!19> zSgrb33C(8Y$Q8nSZ2IjtKoqg5{Pie0D&QJ|3b{HMMuP8*2)+P^*c_}tnc8MF3A7zY%x z_bC?Gymbwui}OEdDIYC}N%5@fX?9i5hq8o!MczdL6!1eLKbWjwaRmC3^0gir@mGDg zG*T}Nk`v^xO#$Wp0ZkexFBcxSfRu}V%D*t0KGLI>*7DLOC#zDfeT)i$wqXEZD zwlVmyf(%PyXKa+TUx=$2(S89{wb3{X(lyha|Iq!MPYDkG{btzJ`#u>b$3CFjFZ5d+ z7Q7X-T*Ohlv#^){pCV;}?g+R9l&)!GL6{xYWK&Ow`w!Tsj9^Cd* zmk^g&7~mKi;C_#XsJ6-vLe94Xp5Jci+& z6dboxV7AZy=fUXF9WMj+-+!Pq_Z>Gq%ULBx)vt^D>cTs3SLOlVHl+mYh=Z2PCE-ic zawOzCt3Rw7#lac8=T9^3(+8T~s8ogk0d%BQXo$dnY1>#sj`EQ@=S+PZkKyrrJr^%D zmSqMN%-){T0AVSu8um;7#-&uDxKx0V9{vyf)3{VYh^cB-G;o!tcV6#)`f_F{&xD%k ztkPtaU(NjTVaP#mA5E+r2~!@W;c9dvSZK0WA{YIoBs?ary9AfV<2oLKxAvR^$mn5n z-#g8f`d<&RhQ87t)hOiuUt72Kj#uG(6-&)lSdL$U-o>z*Cn@$qC4|C_5ujwK(oP-f zf&C+H`2^TJaxJw(T|VBUm`-GL{kkWc&z1aKdyNP=a=m1f5GjNhO_cbAgoGjAZ7=^r zGu~^NHl_-w&eX~$=rkM4#FL7T9pgFH3z!nJ0C?*n0cGd&AA-=JScCpq?py7HPayQ@ z1VR+&G5^ON$FakT`H6{4AW#m?RD=#|jXE-53_f%>gHRt=HI=^b-xGlv>Lg7c*41W1 z?Dx-S-B>fPU`*&Vh*)r~2L^NnvAlF_?YkonBA?B5qEJSivzy7SNx4QP*Hv6`>llT0wwgjEc@&npr(iMywONQlnwcj)nUJ&QaXce3n82F zTc2w#57uG*eO#hOYqW205KAezDLusTxAC)uHT9%4Uk4osKRwiSs<-0qV?lxS(`ykf zgrH~mAfwV;U}9pnr*9j^GBx&sB}Iq3?5uKLGV7ie=pzugPS@MlmkK7jaImw35xj;s zSqwylRo|OIqVNfSsNT^3Jpp0=&`@Sj(51B0)cY(f^3R_?S4j$rZ?1I~MHb$DObW@X z5c+f`g%ii$?u;k5V;ozA%-hfUTjrsz?FLX13{V6}W^?b^00@CtpPwjt@k}b|5@d1k z9nc7=x4&(1n7_M5Oq%l;K)YX4V@V~ev?zYd>?cneZY3Vzn zeur(6=oUibOl484cGp6pZgkw>yMK}F2PXP7;p^Z)MLUJ}@Dc$*K^+_%oB@B470(&l zeX%Cs$(?CHj2E{-dE}NVu^A{+wW!vub;|}IAFrt|+OQE*YRU>UfTr1Yfn_?;A69U# zmZ-8*_Rf`k8X3{(AL!4j&ThMSgZWVW3TXAI@UC0HbMEr_@mMw~Ia%I_Xm+G>J97eQ z>Q4}+82&aq*Vk9{OUoBcFaiiCyvY2i;>VjempIHsDdM^AJptZw!2Ialj}@6azQTBz znG^!PxC>@;>MyneE-nkCSC43l=1hCP5e+Ix~n3KTB=z8;@^%<4{6&aGI&owpxONF=g%2g-`9>za$>ALtkNoV%*m{v^SY0V z?{U%GVUI>8#ahE%H_j%Y{f$iS(envB2EBd)HLt&S23R9s|46kztda7bz6~lwq%6S% z90g_N2n7X&@R%6$SFQJ`sWm9s#&PbISab+}0X_V+xADh$?@IGJdlReOxQkAM8JEen zaTd2e4g7Syr{`hX_^~S@f2g3d?RK$%khftjD9IiD-B5!SC;}l?wd#58Q|B;4MOe*s zTLb!AL4wR|tL}mi1uW~O^o*P;zODPF&!aE?V-K%hUtpG-+acZvy~UGq^{$wx3%3^3 zPYs5V_>l2A-DhL#z4<7WV#m=gVdtODr7LIMK30dJ>gN$n%8I#oB=)yKL(}B1hJqQ8 zL9Dl1#cbOJjWL=Vr8p5;IXNYsKskKF=qRoGV0zr@;~k5ca6F2Yon`a74PTLf&|x`Z z{z+Pa9B&q|vX7>OCqoJhKG8!bo7G{CmjetCf;g zUmnjT&b>SVBB`?Akol=Mol#Cmt9pU*3caZiUy6p%djf}LqO}4F%85sDYlJ>e`|)b{ zQQbxMHNr~EK~HvRt##R2h{@10mZcnw#hFeuDTW9L)-Vt7V3!0f9S0BMytI`(Fb;V) z){w_Al2O6A(*5h*d5337BQ|-M>Z5zM9^0(YAqh z0tMKmco9{HF(hrRPoKlPN6`)2mtRreNMd-J&TubjwM$z7=Yqd?>MXs`k54}XGSx0E z#3z5*?hKUBeYcPb#*Aq0k(Iod+$Cq^8~#%D(rqyXM%$bJo3^>d9T1bj5Leu`A>a_~=qcBB*fpx4vHu_Z7akVuh7`aJM*h{k@QsV8-VWE9u2tQEVwfHqGq?f*23rM>Ldt-Mf2=#Ui*8a@6;K+FN6OcuIHE`M`E}2` zo49!yw4d`~#P9^t9HG*umbX@I?C0isU#SJ-dnwYKg4*yn{yZ8NZtjt7rg~Vq9KLB#fv}>3@Us$<1(;b5+o8 zY{_mdb-LR2Xv)-4R!E+}6gSk2;trwt5Ig*?MBsdn_0dMj-5B^xx+L{d-0?7@wzS_X z;jifL0Ai>^&3Tzu@i84B5n59mtIiLiuSJ&`h~DV*JssIwL%bEx-!%gZczcS#zpT7){lpj1%`?WeaFN-Ixh3uJICWIU)^mG^)(ga&zk?x}mCrU}=N4f8Js+ z#fWO86iISvxM+h6m+iJW1v#Pl+xA75zR<>TnGC6+WuPAAg+TlmZbUH{s&{gE<7DNo zy3op!Jk-h78I1lTlg)E7qw={niQ+!Sn4C!y7is?Qdis^gO03!k_`yih0z$WgEBY(b zV-2uUEt>fux3l@#{Y*&sz0w{1A+* z-#>hOxU=g=Ho%N{ma!N!Jd>NK{UlV?Z19r;QKWKKc|FUE<{)`6@OtC|Ya(r<~8{=|%kegyP!ykd+3reT4t#Y#$H0 z?y;T}kjb{o(%6^bF`Cf{@FE#asXxSmRb_5a3Hz!+yeiP)sZnL7xo*>V! z3TcqP3&dLrGs8^5oMwKgMvedd7Iiljn8tP(cz0$bV!l!z#^K&12XB*F%%=4ME!$Uc zOHYRNUu1&p`vjZ58?Y8O2!A6O=KRD{oq8bLve+uS+@ z9iPCko97)$!OkxqjZDE!3A;c8v_kKy{^Rw594cr6m<~bdGj3Ypq)S}q|8SPKCPq6~ z_iPzR+3!}h-t38#BdN&6n|U4ANXS&sTT~26E|@wJ)9ZcPM6blsV`)I)`Qv#w+}sR@ zNkl3Lnyi!URj{+6Gc>Duc)&(aWZXvH!Oh7jwrvvf12l8HI|$N%i9!yTp1bW5IULWymzyC!oUb-*lIw_O?^8B3WQK0w9#qZ=U|dl`-RnOQ>oHXI{vVAF zi1xcz6sk|@jt23lF^V%i1LVq@0KnG+U;t|?hHhR5JzpAREd=5|H2;ULw~ni7>%NC2 zC8fJTx{pXI9V#u-C5_S`(s3juMY^OURl2)71?g_-?)a^v-g|xC&-eZBhQi)^%{61p zG3U_N%UiXTu^olAO&q$2q}#)588Z+>`2Cc2@T=_}J%KV^22#HH_Xf_20AAM_}n zboHI4(VN*l&wNrmFlhoUL3ieU!9aU#)XyLKm{H@{rvdNRZ#E+ee3FbhFYI>-8;$wz zSp!Q&B>`ZsK>X8W>4Fl6A3*gY_4Q(oq4L#Bhr=+~oQ}>c4)*E;f0(QqjCc&g4SIu-%5tWBhHXo*0@{nvLi9)H_Gv*qd0#g@_cwAk z#)6gN3+Wuh5bwtac<8%kKVi?B_qA%*n)ua{xlfXcU~2mmw{{tX17-$krWfkJ@YpL*a|`0z%D zjlnFWbKM6Y7A$3hH%a>VYdy~I5Dzv!9H0f20=C2#k~E0!tNk@koU<8LKS9@8F!y)z zB|FEf0HZ-J)P;JU1qvo(TuW>d0UEnIREZ4G*tM)s4CB4wU48bEi0`8*D%L`vv4_#-|oJsJog3> z(<+n(tN<&VyN9A?g2CRDefo!hLy5`1RPdJOby>>NI6AYXuoV+IN>UPO4%7_>}~V zpmfkoYQY6kiqTl>5b~tWuqJM_zup#mFB)9jdMyP8*a|6M2GLYGbI+vzN-t~|=+zIY zi#MmrU+Bb5Xm{nYcCf*^9E#0GrgwCOn@YKFDVcsijaFFL3zX$Od_EIr-fw4Rd?1D3 z@Zh2Q%P{}r0n~flnx+?kx_rD)?vu}3={{MdwvGkR6K9Fk%uFef+hG=q!n%_0rJWLK z5YyffESqVw5Ll$y%L5B6zp!>x{(Y*{=76R3u6(hVPX}K0;j!zopVPM<-QP=bi1TF~ zC}7s<2%jC$r2`vY1yj$}j)s53muFHSRyBORe+awA&D7w1iLtBx5Vm0spcMv1PQRIG zZS+bNS)6|}j|QDq&HLazaS@y$60-ngfKJL6V+(t;vSisO688B^ULHVx2`BvKH&C2mH#h$#vG>^OKgw|NB$X}Np!{i7^ul-+@F znhn_d0LxhPuUxoTWZdR8Kkl^+a1JVA}%I5c26q9gDodYUDgWKNVj z_Ag+u9t=@eTM}&}@7A4u0z#76K?i7|u6l7!WR8|h7ipWbszb?iCVHa$0ef17Z_H zIm!|%4xrrSzu0X+LBkL?eu2-T{#J%!PSDoD!DHcUYl)PYIJMTu<%MnT9U>yLKrfNG zlk0OvFr72_%|bnjNtw1|xT$H(Znc->&Cb<5IeB^XQemkzAY^BF?T-ocl5jUh_B}GW z?S9XtU7UQFp?jCitX zK;Jmk2mVSh!zZzu{;wYnbRz_r8&l@q*lSnih+}tlcD6>{*}fOUiHLj;s1L5c2LeAw z#u-&|{|Kr94KXzH9PdeZlaDIj3s-m11D)|x82xhJ3g+w zccam2teBcJE#l!0o?f30RqS4ps${2sP{)kYthB`e3Zha#o-X1+JCgbLGmroRM z2nhUAJSoG`i8vZ(XDL_6$!*#BiF0#vi3b}*fD~3d9f~x!b!HGj#HUYTZl}9+?ChA7 zl$4MoX~ZLA8!AjP|J2kk#1Bk)1WRpFma4vKR~WYUYL3^wqWk*on|_z)?TuHVOAn#D zur*s!a zOEi9|9&HoNkCAN8N#y@`yfEdCK`gkNt1PO^UR6Rl>c@0=DkKalTs$XPcaTceybT~) zHI8ga@G#X5*w=?08C`0*CMKQZQ zd=~-vC{~Oakh~xt?$gmB0D(jH9bEmmTSo+wldV}K6_sI~G5S$q%QM^QS{FQhk8^^n ztAtKZTI$s?W|bm9HF3ZA`Q*%LrOAz&B7@`96+hH6xE3=2&CU{}PxrG7 zZ&r;C%+Mqd5Z)Xdz6&T}5ZX5UhYOHwO4PUU=QRI3Lo%L{MQX@k4f(;HnlSx7qT=dA zgh}3`-U@wXCyh#T9C-Lq!{K(!!lI%sr)pncM3NX>5)xD=CnskYmpWTH9Uby~U36*Z zGpi_8eM(1n4+G;PwnvQ2%&21p`Z7QAR85@wfX40$anK&&{wdfEP|1bH+w$B#Fnl3=-Y2P%{Rhb?JX%1b1&k( z@dTm;)fkize4q~B3KSTXi;bV2U-h(mT%B=W)Lv3Pdi03Pq5aK@2Cb6xIE9EOyiM&8 z8Wko*p8Jjo6w-V-U3K{6=~J<27E1fx*s`1)rs*0d#S4~czsQJ)v^V$z!9~xAqeOvf z{L5Fb;&-_HX z)|=bYIWH#dayD{u^5vy;;eBNw&ePi7z6fOCax`*j^IT1@y>P^2VmbBO`wF@E1qIVh zLrJ-KdHbC(w?yGwJf&plcp0Q`^g-|SBUHiE)bwB)AF8$J6Z-cxOkgQI99O*}x)6;S zE33kqPCn~Vm!DxBRdt4EJ^9p9mks)N+CN0w?19^Oq#Gs)hqg@rK|eLb=bK+G%3^Eu z6t)3&5W_6-#*R57RYf_EkGj+)QI^Zq{io*-bssTvd_H=^jDTlEHys|<5}k~%^a9{8IuqdQWiKCpWfcI`w4HNbhzh)onbdcqXm{)4qy4#B!T z_w5~pCvX&mz}f|Ct8}!WNZ-Fd;F2d{Frx7xuw*aE7cj_xg%t}RVLenvvEur-Ij7da zzs8Efc~KLl+qRNTF$S7qX7j;}sdY{F{VpWru?A)RK_anB{j?&o)ttFvK6 zY$#XevuJT3l&V$s`aNgEnYcf9U~0I4!WbSu)^g))Q$_d`($>@~TV78MDOixFcV}r~J$v*|%mKEQg>H-${qy_u z-Dnb)jGx-=7ieOz6eL{jhjOmYO z>#HqfX~80XOwHE%$R>WTYrP`%C9PTHZBm!!>E6%d76x#Cysj=GKb1Syr2-PsB`*83 zgjA~*76@A+xaNbN(B%=HUY*+loz6<(zEUqS9XKRC3F?RJ2*YC(5p?5I8l7WjR>Ta4 zr0I{Mz@ImU^Y1c0*eT@wJ5^dw5iLUOzMuWspl^-{d!I>I(M|=A?#MI4-@PfPQVY;S zF;GykuwvnuAG@7=5MvzR!`V3Sob$}lZ=h`VJc-A+FJQNbSbx3a7IL<1^k)47fixZb zi`Qd$NI>(76e(Q9loN+#qZw8&UcO#>T#Gr#oF(21(j(nyI}&l}@?N)iLDS z5(D_^LhEZ+HoaO&t<#Mkhnd-_C{{nGb`h>FHjROT;@uwgucD%jT9&h=$|Tj1@$v7Y zqRfc+0*(AJZ;6uy9a}qE0(y$jahXb9Hi<_us~}4RV2G8NYBoJyydr++iUF39n%I7D zzG)97gIH!4yP3FOAFH<=&jlX7j<|zhQfgkJ!SbKAH_9Rv-<=2w9%*aau*4s9ghpTX zv+l;s)R{N}oNydwZ}^#_o=}M4&T5&?!j5sk+}lqvnSpl#u_iATE0WEy2@+E=qT-8J zxgf=i-Nvl$k`?XzPTL&!^lNk7M)W-6z3ki+6!owLZpGIg#ms->lPsl zvwS}`LrJebEk49>Vfy_l)SS>^F{i@YEzD5yjmcWl>11M-4CTaTL#916_zF71!qo!w zgSsmtH?z7qVD=YG9};51er|?!X9|sLq~d|>f1hVQfjN~AezBeZkdG>$GCM2{3dI=A z>pkV%=(}-9`*V?gS^c0S)DSfa2OB5+)5|`6BASmChp!jqacEyi`}W|g2L}hYq)P=C zIn4=w&dO>Y9>(*ytPgJwC1sY?Dt^NZhHk)g409KE!n<5SK)S84T+7}y;U%K z^K+U6%!NdI;6oum->P|pS!Fr6GyT17qLZML*i5w}_sv?0p5P~xs9co_4$re2A(Ip^ z!m!j+P~W_^)Sf1vSmE$k4d=?x#3VCG<;~IFUgPppycKSnx*23oPx-xVzPV*V>F3XJ zf!c8Rz3nNZ-ngM+MLj4)y+E&RFx=muHBfQzJlV>pHcDS zW+t+*#e+|wNokPTJzI{9 z$j#++rVqN*W;t>XXTdn*T_h%@&+vJO-BFMS?H?2{3%5H7rYp%pPeLCVn45cB$-tXf z(H_bBHq@~xN!RiU=gHuaS7W2uDa(kFA()`CwBO(l-h&>6V8~&1RtM)+de6=&9*Udb z69om5&bfWzCGXLAeV60Q=U+w3H|$C>67+piZ*yJk7d|y~oID)8p+ffi3^#S|U$_F; zqKaBK6O$9`oDsf?lO*}TY9d%5(V*VCG5R{=rM!grEP+(Q_pVkH&rs#01~y1LsvF<4 zF7P`GBQmu6pOw1d{lGF-L|gwL`s}r!=~pjO1|ti&TL!(t@{!t9XA0W2=S-qdL;RO< za@>m!umASYO7ofUZG=p8EY*J!Zzs3B8i7^;$b#u#^YRtq6%LoJNI@jaY z4^2KRrAxxMRJ3$-L)lKdp}F1*h>Y*O5y;8>2dumVm7 zg(T`rCXim7&8<0uanPs^BxGd6@x5@9%C0FJ5x1*z$6(QT)4oKb>G6Rm#mCNjcj{bE zn+n5)#etZtedcq-2KPtq{2?JJNN3|3+8LT9UtfYyUz29P(%tPHzjhZ4iHcY3JRU5O z!NQ;rloU=@PYt0(T-hwBZzZ#-rMc`8C1JIYi`xtSeqtbr7{jI+GE?JZv{Cx=Phq@r z2nT0TWIIGV@>LUWw{{7ufkFNNL%{_&=)OUvuUci0j*qUVE=1P(`NSeOYq6j7s65B1 z`Z@ZE`QCml4o8W?N#m&Un+AW7wBhJYQEs7Rh7scj2|3q=&!r_E@+@FC-58NQZZLt|EwgBf(-cdd)+uEv0wjsgSQ z4p)uxQ*v6Wj-EUMCPIZJ&pk#5lxp=%KM8c*k6&Dl!#b=bHF#TnsIh6o zvaiKCr3AJUcK^yvfJtlJFSMT%m<|mY?hLZ1jFm`4R^=(? zB?JgV4nyJ69JNjr2^_1#1C0HGf=RJ0DL4w;CkpZ%z1aqk6-)NPt^u-9!U5~quM)B= zz?k9CI!^_9=iJE`ld=4fk@rr)-7^#F{&REwNyVAo!hHiSadpG{ZD^2)l5~+a*dV=W zQ{M(=UH7KG)91X%#TDKXxkD?L`8+d-(=yM6*};UrJ72ek+vdidUoZwNXy{X_Di$*B zO+o^2*Oj14@gp@7ro*<|z0pJ)mJT7?J!;Rh1sU)^aDk-t<@ZR&3Q-cAx5J=Di-!Lf zW9Xo|*=K~vnVlDl*n5Dv&6}2vl#s?w96IC5U~?CwZp*oPgyAg34j{I!^y7g=cnVe& zDte6{9Kzkj$nby+oS_xIn+kO>vfkj8ZQRzwYj?AFZ@ z5wN~+eg#Z6k#A*oZM3&nuE=GWAuj&0+t48h`e)|jwntkN2nZLa19los2qy3^ZS>Uy z06bJu2=s5y&Xzr8Sa2kl*Vi?+Qr>8Io1$|mNtc`k{P+tm!`Bhjsr6)Du7C6)4T5yK zgfq!pxG`{8dC0~3BFp0NwXM@)a(9^nqvk^-9&OPdq9hIv@Xi^2YGYB-u|G!8zNfFu zA&0|sc=e32K=`wJj^uk>^ZD&}7kd3%ygVOlYK85YG3-#g&f&S081!l1rh2QPf6g|0 zxiLv+k9jh>dJwu^p80SoKg%nn3i?2Ow{wzI{mY#O(&*C3gf~G7k@}F}7(j0n*=bLNpvnd`H@-1=>T(&h^zn zLIXJ2by7`oB&I!k=$un>Q%lFbEt?AIZk=lI3;aP==yDWK@AO`Qj)Q=DdPxPh%r4*S=8@JX8J3El z9{CO2o{G31uf&?qTwuB%AM;hZpF?=R>fbdoTGFw=L_=#XT%a=AOBGxH@g=)hajyP) zUa6mEPBeag{v`~701|HE0rx2MHk6~l6(?kC1*52iZ@LUCtE%dhTBcnN0irC;rdx~% zz=4DFT6hyl=U$*TSj77>6eAdC`&^V{e|$^8!ESF}41)rKxa4)d;wMTXMYFKrw6__> zjDmsDnitKgRK8WxNFbHcj1hHyeJWDOKz#?4T0Rj&B@R41M+^)K3BES5y#G)g5q zGt*#wFkGp*@eWXi?;Fy8Bw{;HO`J$a30ydf}TU)dp-Ym^V1{PpJ;O&^c@$9=~Xx8zB2c(4FJXCiGlX8%gcf1#SV$ z$oO10;WD)tZ`V2Fn_E{kb80Sp9&&f!h4z?TKtVQM%(igw-SAILv7dpbc4Cklz&`!i z{hHQ!_1x6b*!y+<%HUuJlC(dvM$subrO4Cn$N(rL!S$q&0}cO^_nA94JE-zhY{s<+ zy>fc1uVZZwZ|JH9^9Xv15p?@KXZz+OISc4=ek4r86?1oO?ccQeqBbnY$!uAyap)?SNMl}|Enyv00r7Ri znTul$F0XosCF7+SkeF?03yv*x=y+=~-V0{z_b0}SSdhAP>RbsVL`eO^D1=@f&j?Hd_TZC@wnxv2TLa90<9DNz6)0+QP<8Ala!*^f zU;%lXZK!JiU2PR3(go=mr8ww`KpPJYAd3!^b19ifWF5GFWiU*sX7FvGD%~7c)w$>K zfzz?Z|5MKD>Ia*K^bKlw9ZAsulxIK3i|Algy~E*iewPFMa_cE%fb8}raqIf$eFn~? zu~F>FlP8UVio(*Nqz|dZm2L!V@5qz#MZnQkSkH(zUzEYi!`t#lKd zU5xhgDM^2Im^#^x6ZSyXDmAB(kOqU?g|{i!PvoAo78+1J4FX1rvt%<-Oi*GvAnkK; zJOt#(qgd7N#d6*T_yrR-jgJ!#XDRrVltkKVgW4UBXrz)T9pWdf=>5|}|4@@I!(4gau0W-Dh99hpo=14+rvN}0YMjc{ z*jV`d>nT#T;TiL%+nWy4Y@LcFexR8Y9co~+M3;yGsLjzLt*tNtc=MMNJ0)#g4ozA3 zL{Y)$Jrn=re9j)wceU;37bSI*DACDVgPBzWUnqJrVD%4yM&oV zkYLmFLx*B8KfbYM0-3{tl(EJ5x3u90XWIyNpCYrxKo&8)yw=$*0h? z$Uz{G6)g*qyk9x4@`3uAsjx=zH9iFLAbP;W7`|x#=|R8lHko=`+F@Fy zCnMU=pYeP7#^Evb*5kJG5Rmw-RVg8N<6pZpk}#z{g-^f+O++Kf)DWqsct=)C!FPx3 z4(7@;Wz+S^^ohwxUgMHj0K)(e$&U9#Ubcg(W?)fShqjvcRIJUOSEG8Vv{tl8Q(m3t z$iR7G(=r$3op!yVN6U6=Nr5M8ENTmJH0YM(O%q{sVTmP!=$1k@4M!H-B)2gylMs7 z$2xY=a0_<3vyY99jk`t3BqX-oCGrg^K&uF1yRMpuGFRmxL=L(cQEN10NH1W0`Ml>_ zGXFhcY9G9tBJxu6v70?AMdAxT^|r;!Dy>8c&6>BU0P?^Ay~v*QHr>WYtb51s+mm8y zvT%KPOueGWEZ;LtQTKqV_tZw~NS8tXHf zgi3}*pK?c@3Jo=Bs5mYtsoRp|JC@BMa_s}?nX=q+Ss$DQFaUgG01uHf?Xe4VTO}qX z?wpfRds{wS$f9}gU;F=c6`*GDuhFA${*R>1Hlb-N@p_ND2^Z&SPa_#@?d<#` zB5?9vqrgu*l7d~TfOgdd-S=sbi{jIZ+J47do#sBb@cU3_ z1a(#a?)5`3yst7}hJ=R8bT}Ca$Mt~w-PyI6rT9m8qnNyJQMuff&tiQubYE2pPNqH= zAXCLM5dj@vS)}K~54b$GaWw1BJTj`m8suvy^Z?Fj-{1F$^%h?qu{ThO9FKxPkd_K?Y7^+$XZ+roD8~$xY>=qLfZp5+``RQ^ z>KN>UAKC?0uyM&r7bqfeeERkK|9l)RdcY`%*X_t(v|smex0`%;B>9jp!2Pnw#}pOd zUj&<@HjMx>GBKE)osAPRD>o(RdJQ6qI{<7VIdO#kf*saB+>tPOWB#BDKN@ND)&Vt5 zQNl!!cmJJwTQLh&PZ;d(7o+D0DP115b9343zz6%oK!gm8HzUx=G1 z+?{Ej2fE!fLO=VLNISYFCtVs9#F-V=e3-7}s6DeomW$QzoYC9^* zev`qf_*3*_>qpKcd^?go9e17buq@F1yYb(skT9tzai3)W{)FZY;1ia5VO7DSnSX4Y z>E!=9?WCXy2W}ef5JcV5NRX&^o3vl++y~oz0;4GOl+s@4y*6sR|M? zLq@JpOZ8vY1wP0X;s_yAq&|(i9v>nu9$v(U4|l-&BVuCW_4f2iG_-YCqv6QBqzXGj zy7V6|z>B}4D|6wlF;~BS1LN&%eFUSs4vBq_io_`rFL`CihZ;?yct=Ye0=?)hN3S6r z8UWy~!%vbjWq4!TytdNKhJd^mZN?t~l#B^9|G@Z$TUKoIyK6{fJs8y0bbul}e2f{y5m~xQCxAx{tOc zmH0%nmaJtW_{ID=7m1gM4FEuxzY7TPgS!S@#B~;y%Zf}PYPEQ0`6qDwb6%xlz`slu z%66Bjh zbKdLV{4M5V<-SmZm`5(Z$_;8Ss4NXu;pLg?1a|}1^766Ka;W-5uZ9A3 z|JvJpm*+SJls9v)A(b{sdDBQ5wZZ<8E9|n)1wr%jEC1s_a zMRDEvNzvkLm)&lSht6sYXD3#&D4uo2@r-pjR{$VmphC4c)t4N*B2rK?JRV7`}uqWYueyEiXB7cjGkYW$CZEWlRr;lm$fAuj5 zdqm^i-;YD#UlUHfqBJm>xPKdPIz$y{i!o@je!b z;xHK5Ab}7F8WLhbd!WwQkcFfkx0db5Ig9k zn6i`v*Tm{qk=Pk*FqyPv8lTmW0cSoGB0;E)7zRut+KA8uZm#ODm8N>U$>Gx9{Kz`SEbQo zz~E8$S6w4wT6$5=GwV@8cr)(7+cBGi)-6h+nmHc+`x|{|@CM#Dvp0nMvkHQxkUbLL zj!aww)C2RR;Tf(x5pX5hK0C|$BMy&2R`C)-DGC+G!JgX; z{xA@CcK;EfmoSbO!{S>>jMf2*AO=r82glO3hS*|H{YBj_N(xeS_9#+*6eJ#HYF=Ry z&`|l1Sv9WRb;rr!0pLF@>J>rg%Ko}gs=>G`| zp612iUwB-celsM0pQN`S;>{xu-B}u?(sIl%snyy7j&eN$OiEwj6S4Hg_O?5-*B-Y- z1vx(87eFd~B0BAOc&ZCR+G4G&s?JF61N234UgrYB}?QHlBW^**6KdMXF4tkfJr!_|pNTmpHl-LcyJcP(@@?WS%XP){p&yY094 z)0c38SHui1PZoET9+k=jq_!(}8gX|5c0kvB-<5lif{aX09me_UbqF1iO?PV57SZQb zbqWNN1H8qyMzbX zSp<>z`_XbSf){Hp1(%8a1kY2k5#L^s-RJZiiEc-K;Ap~Fbq}pphnoH&#e-3*Xo}W0 z%0-2DqcQa8k|%-&kf8VJhPZ{t=BWpZCERrh&4b>c#WIQV7MAp;X2366w0=*{UfFmS zPr9^}AByIfNvp%aK|@l6+7%c)aG|n)x;#=Uo-7-C7mp~cL302B^(k|u^HTjmnPibE zsNX8`RKix~!U91Xf`f?)&j7;yx~4h%Bf`h$!?q_Ix=Co&?40ET1^a6;|I(gvRH%<; z>3nCrd<*Y}?^9pA7tB`M)LAuUfH9jE-I#Gc(s^d5n*&I54ZZv3LhL;*{b1u1(s5mq zfu%XMzRF{JW;sv&c4=VbS>CxtIBb3L%GEDM0~U8g>u!O08uKi`%I0y<*C2p-%zu5~ z-Uh5da}=U{3jUku8Y~@g(C$Y1t9wAw(;iH~nco^{$eZSi1RaH#>35WPd8HET$Gvc15AYY}IC$ty;5M+Z zANl!Fw$tzQ@da~)2l&_z(E@LmhDU*tZWMt55Irqq?*j;#HC*=d4DU0ovUPA=C@(ga z*XSi|e*tpq>E0NT6ZY_n^n!o~eEzV$xFnf_BiiD3$K;=*J9+{VN!QW|9T@)z)DWPk zO2LL*(0`71kP+ITFb6Bomp{(s??Mxzdp3s;s?;76jKAf<7Bc{-`=j0CrTd+|YvK>D zmF8LWWkjc=orarkKYWb25o|HyhGo`;58eBU??5>9$$4I_4N!}cISqGJ`Q(nw6E3`^kwaJ+f@+Z+I?{9V+bjirD^x8v(hFmC{LClhz2>9h` zf}V*YG6hn{t3WFvk`nF#1mjH2E=mltC^4la25;i7LqT1C1H4$0QT*?I!5SGxHveF6 zE6VlMnACh9%9R7heMMdn{iihBT#v;7D~|&7h@xf7D!N>)hT5N(HNN)PTOf6mod@U? zp^XSV5q-09>$%=XkSUgR>0knn0#Kv>k7H93RfiD}7KCbc2SjivC_?ofyRop!D=Nyo ze$CR`+dHD=;qLyZx3BMqAR{B-zK*a0KY8rx@HgYHkLc{O7c;4e znTCr^{NA~m2iAyT+;f8i!cC2d79-;ODqpqJ93q2-4sIL;iJj<{NX$NsMF zm$is8BIZwrz(z)vwel*XnuO%*91V3R%TXMWx&eSEZVVsfEhL3U6z%oB4Cn2Yo9cN& zZ_kz1$Xf|e6WpwKoDX z-8ZVD{#};BP`NvRxUjywhJ-`e1zhCcIf5t=4Dj&Q1)Ojy%Ezw0_b4V?nw!(_$ke-z z71ZA#^GQe)z5elRg&Nkf+MBAt!7h}xa%9se#NOny1kA2TrR=cXFP!TH;qC{^s9{th zP>ZIfz_6fqCBYA7T@U2};k$k@@DWHdJLO>*5$8V_4VH+5v=2IR?L8#6nst+M4mo>p8NgfczRV)4(U0uZ_PiZoI(T&UB}q0UbEw8qz7Nq< z6~9wL)VI_47F(BuE%KH*GAY47e)Be(qD0)Jc4g*ANkuw<*?Z|`VjZHt7d&)QYtJPxX(@lh z%=1O_De}TAH&%cw(oZSU(5dKnCj5XvpyOxvU2tAswyWB$yEEm_y%%?NWvFGH$jB@p z`;A5nxj-OF(o+MF(E?fc34K{MGYe);9- z_VxJk>-+{YkTHc}f2e^rYapd=NFic*ASdm_m&6LAlm8RXyeZKDCf+6=9vmzYn?GZ` ztDNE)^mcnP&v|*%v4>sBbfH-arG~&i#q$cs-`~$I0Q8Hl(A`dU+D4cgR+-%YXU^w` zTXx3b8W09(eeZm>N0XGC^wP>GbbfyGiK1dhAWlju=sF>Z*Lz&@!niCURJRYv$;r{) zunDP%j=?;_rcm$k-(fVb@#X=a?ZpO#3xCT)J=KVgSBZ`NMq+22N3U|^X1a59{n8+l zQr>dX(#XYLOqA+JL+xcnrhNo~igHlrj91TJYo+0zkLA9+pPfn6t#OX|{Cg|0 z#MS27SSY}4=@9Xu+(FbN2nYzqw@Q!laoS$n;<)&A=g`SXiyfXl{aCxFqtnYV8E749 z(9XARu@~R+9ro#J>l+(lZ5BG)675slf3P$bNN0{wMbXt3iy9zzg8_geaSGZ>b;L7L z64F$F(mU5oW<=!{Z4prCM15P3=9Db@>l5hM@k-Z`p-96EHm|URx1@4mya0YF( zja>1D25Y}tV*lDj0_;F&&j3Yfe`>cOe=WfpszyMOS z|M6y!J!y2uJyg`D)Fz4fjg26{!M~@VplMV6R93d-BfYG0gXiP33&O2_*|q+Zj`bm< zLc?=NS-?_Gt?k>-qTHxlN?CF90)KH@ywy;)MBEUveE^k~AhC@WUH;`-(HC&~Q1Sv8 zsBV%Ymo|}Sl)7aAp-mD1Gb*U>-*-Myj1_wTpbJ8%%Hn20b^in|y%J|^ut-^3kmE+S zH#Ci=S5AIq?JXT09WfbM4;gNtEs1}3&Rd0LLa+p3>gh_;(glx-RqEIl!Qp*W?QrBp z&lgGLKO^%)l@5OTtriIIVEs-QF!7Xtv*>=kvKclF|AgnOaWZFiDiq=eX9z~0NJ!#= z<7VEowIY2HL6lwc$Et(0=0PI@awb=*AYZFgW;l`l>ABSs(S4;Xt{_~Zr9@IP8eW>G zE3rZVSs*?j_kk~9{1BHEG(i^LB_^4w#wcPF#mnbWCk8fj^1PsCVStl$g2+irR0NoS zU*HG2i1FgcE4IHP%fAQN{_BE&BN4JD-`d(zDzMg-i{nQn1!(y`^ zdSFnHGCCJp%@_A zE&i6xL)u`upOE6rF6-Xf-bMqKoYl8SU6(xz)kj2UdkZIxMQ}-2cn576faJ}syVB3% z6I(h5v9q$WU^6!@*}l9YS@sW~X4T~(7E(d1^Jkb-v|;IAt$apN;Rg8F`b z(K~U(BbO!j>g>`*3{j$3S(FHg)(Cemkyb9N788_OO(XZ$9OPMHoled??+|ej3=Z zy_+23uv`)kNwz}rM>uA%N{WkztMT(wJQJqwHrZG%qjou8fB$s3c!<5QomiLCoTm?i zd_w1q)l`|6n9-J5N}6s>dGV^t;i{39s5gX5dV0wDBuM}?%>ponz)u4%0E3+C&STd% z>S6R@x>fcB^*0-`U~I{GLeaMnCFLm|W2$LiLe-AAvortf?iAK;!zty(=`Gh>a(8EE zV^Wm^prb3ejLD;;qm%g3!F!nY$8k`RT?}ynKGDMt4H)ZP-*ey3-Ey1xMqmJ}j?SinB9(q5qumYQm~rGgDi!RAqf&z&pnw+7n7q)eq5vJ{fv1z=Gb zP9Bl)dtUKB)7BE#@uiua2K^{b3`(9SlqIi!yk@)J=0p6di3ujBR`_vnu!c(1Ihjsq z^-3py8j0o)k1tD3(%+EN^Q`sRplDbdA20k=Ms=Nd7Py@LwEptW7U z4BR#@@aRp`@*O5a3ML?-;$wSu@KA7jQcCShp6K$D^Hup~$kq-ReoDToefheVi$wJr zh8zxZz>zSNocq@1%j!5W!Y{E1O}!eU)%YvS!Ll(ZJdB!v#D)_``%b0YdLjhGOT*r{ zfn{Y{ru%MqP)HXuGi)+j(8*J#UfJn%=kb|iH-7D(Id?qT zL6iMOdW{-uiuT(pJW@XEB%``}_wGTsvH^n%keA5YJ#Iu`Q$=`;3Z0HbVU&-93L4G{ z@jOYw{V~b%3RN1@+k%yA)Y#81F1l;1Z_d~B&rF&Tdy^lK0e_24!>?U#*;adgSY*6U z%P%C<4RN#xR8gM}grgAA+7|roloA^5X zUX<+&?Pp7;b0*2n4My1t&bMGd9?a_r#PA1HzuAH3<5PFx9w>b^ybow5RQN&3F< z$Lka5R7aZur?YPARkNXFdV3$X0SAerpo z9l?+Ch+pNX`B%}#IU>8wCL>LK7?&llGi8Y9RSBhVSjVm+=cnP%)t?G7<$YKH)7{6} z<2%4`YERYJmQW_#dv<3~(6enj_^xFrUJ@bE1r}=56Fux71%r zJ$T!5n63M%7$3!Pb3Np41ANNP*+gEe_FoL*Yr*mHaV8mTu&p%lVH=n!S|N69?Tn~& zSj)#i#F5A8$1OB{DA^g5p8VL2&`6jp_|J6ffdQB+?N1Uw$6jD_&3?gq9lH%_hHXK`vH++k-yKievbHo1 z0lD&WmFcaMV2^j4=k*247??FA|Ef_hhuqCH35fWjxgY7dT@LQA7%jd_RJgfWAF8`6 ze6@!_(mLFAOF?o*`%YhSbK(o%#nI1Dk_V=SGn02*4En(c0nLd=)0NBK(NS+%{f7@q z7{vV86D_ZNZvg?n$bEvU+ekX>3Lj8vAfE$5;icF?t1X>y_3W=eT7BPkUIzuBcs=x> ze-`^T#-dC142^x&R zs#&S^<~(qT7$vsbLeX30aa-5C_JzohyO$ewCt8f9-&llblHEk#jV>vRaxy9_=j!qL zAihI0JHi6A7$1d1(|H{!AZWxu*q1f=L1Pc35;+p{;WK79`|IzMp6UEQs;)a6%f1a~ zXN9r}QT8T#CX^5vDSOM_duC=T-m>@lu1D|teSQDDN5^~cc<%fD z-Pbs;^E@wnR(2edAFO`Ov%Fp7al5;^(VF{je$Jug77tKMyUWmz`&99Dj2MrVg#IH9 zSBgUp4eN}+!R0K{G$bV_C!F6P=NecR@1Z+c>KP?hR$`Y1tn1E72R4X5R6|rWn z*A)EA1qex9IMh`9T8bE{45EMgRy1zfBZH)U4O}*&#GO-Kb=o_WNCOc8A-PtVcZaW= z4p^`&_rEXup9=4Y8E&mI9rW$jPI{cv`yZS+Fbfdu(7}YIFbg| zY~Qwtv@;a%joGF}1$`_&*>(V#dF5tMx>HK>rd4+v-s1QZvlS135VDZ%28r$*RyCTh|DaMDb z&8;26tn0&vta>sc$?x8U)5%8Ca57$gf8%|H>(bTbgCm3KX3Q-Cf{)vtso|~;P9x51 z-!t{4c%Sv%lobVmT!8Fc#{n$qnw_B&zYbl30obx!#;fy3h+0R=t)wTssr4kz&k&R@ zR^38m3VzGxH*ARx)%S&kgvc@Qt~Wx6#i#VV4jVO_K=}1N`|(4;y`>+YxSU59;`m*z zR99E03Y-Tx0Go7ocbjl9R|ZiR5+thp6<8Jn08WYrj3!g_=Y58O7HLGO>c!x1cLrcV z*sygb!o5XUADC9t(ECZ%s?#GIgKZ2jN9}}Lo+Azpwl`q^Nj8^fjV6R%uIPqx*G>_H4AOlsYodn z&OSKF%j47@pJ9;c^;Ns^sOGC*C%~gCu>57;6)%b{CMISt21D8_R3ZWEJ_ks3XF_C7 zEB)|?e)_eo!* zExW?Eoo_ha-r)AwTWv`3Ic3B3iRVNjTO#9jHG!P9^=%lzMHP|Js^@W-XI&kx(F_{t z&wh;O?Cjj96n^}>$}8q{+-u#dAK2K*C?na;HN+feG0cynyqW|Vw8<2 zkpZYxo~-|(^bV(*?d?F{AntCK(8@IT7kaE&{DbX&r+3)3EYub{okY0R+KeA1kpZaR z*>NOeyhcLOCP9WfO#KE?grsJo66UXma(c6{uo$O?zkh!NW}*^3Z1OVSMNKoq(>)!Y z*+KEZU<|9YBEMqAlEGw6ecnXciP=u;PqBR04{%dydvo%x2MJ%RJj1F+il61xe}ABl zPn|H#`XK%T&>)|T1LJ43;#x$}0CDED!6(*3J1yE_{_e`pgcrU$@I7ddg`>0soyur_ zT9l`4Y;0b0^K)|(ejpf==auw@f-DT=-6R3`bG;yPZ`>bj1=|Ltm1>|N95Leq-hy48 z6w{f10Da?4kVNk~_8vNkhj>3X_9$vJ8chjmCj|&|VLu7`qi-$NSI+ov3@e{R3=DOaOQl-9yG{Kl|yP;{Aq2<&^owFD~n1mcI}bJM^!x4@3v**zKMfyOU8zhl-g!7u|GW zl;i2~bZ5RT3oA~s$v4%3V<;c-OKap(yC9Zv+V<*&pRV$hSPb$7e+wt$F}CeU9;=$w z=Flx0M^LQ-*~cpPC4ef;<<{3s;=Ft)5uch$gF|t~g^ouapi|?{e7wIlf_G((atkNs z)$w5AHS_+=NZr<`p6wj`_aah3-T^?(zJq#2ElY!d+WP>hS+G!V>Q0Vsxq9Sn&mm67 z)gj5qQs*%tvLYU;;00LPaSC8Rq+OHJfqo?r6o0y)Pu8>@?C2`Ihko*`8Ns;1T?UC!B&`T`=pi^b(YK=0CGO<1o7s7ZhEHc57*E?*_a8qbI!Ns4_oilS4o<>$o(m5Ofw&db)Ay!o5S!&HX5u1BCbvfU00Z#6~!$%neO=9v zs1N$onC-yeiH2ivCIHXh>(|+=>Q3h^!q1JLYkADbL||>5CwMV!bRbtxPR1^|()^u` zK%JK%ZN=Yj3VeMmQT&6I9jA9*)V0trxqNw}zH@_|t;{>>z;2GwQyfafLh6P;^M+ zjpr_s+s%tVPWYleDY#H$cfn22`H6)C*>8OtL!FxrcD;=x|2mtT)#nR-upyEKB13rQ zP=JVRQ89BM(%MSxyrsw=1Fjuqy`{(>?uSnFV1L!Q_fFbfOkZeOjG=iyin=5>?e{Z5 zYP6k4e`cwmtydYBsogV0UOzdi#4G zqK7aJ_dok#2dkKK07!oG=7~#o2b8EC+LT#GT)idt)%MNk9sRwv zkzmYg4DVrQEVtGzCMJR~VzyQQatm!6JS(cI7BtrXSp2BvS#|V(K3GUW8Tw*){J`Y~ z7Z)sq@McEw6mnV(sdQTTApeWI!uwQ6Jx>dbK(E;Chm6|^C}(=t{qdlPciCASzwYvT zwBdi!E_HxTeDKZ>u2p}}A_9*f8eK|8-CD}Vrl#-U1EjjSQ7_vhb_X=uqct8RKIb*M zdpxijX5bL)jBMAI)kMNQL)J!;1J^w_rh@IOOZrtoyZ`8y&p%qR+QTCYGIqz!zFS=> zb(athUm(fZgaX2z6k+&+FDYr@!)G=6l5SKsMNHBzcbQ}o4P%*qA^h*&?$%2l)mEb2 z8ZAc)KbW}N6a1NsyUU9GD3Q6vo7JimKP{#V==7*?{UM_4AdI@CJE1mqy7NvByOVdb%v|>^XjXhAL z{`bt|xhVt{yfRN13WVBaTammt)S|l9$MUyk;|7|3T>**Wx&yZZGd>PqK|uVA*u1mM<-760MuCudP*De$#|X*voJ)c9{L<5eufJ0=)q}u`j@=~QB!tUQ5^1j+rmgG6h!W{u$ zwmIAiJ8u{qd@LA5`);lYPpm#Df`WjA1OvK)66-PYG+8e!l^>=y^g@7`)}Bwvs^&f= z0=aUuA>d?m&(#nzJiys*u(7Q~(9zzM3166>53(4{lSHjR#n650aNDx?lBmZn030dv zpcyU=2Sb+U{>8t``fEH~aE{H)@_>@&M!?MDG7htW){e98?ru`yJ)ZtdozuYGTDjD4 z(z`jPOMMdsrt3N)-tU~+r1e$X21)2-JdrUlFy^!z7QQtBE&&928h_in8l5cy`@SIl4Z>( zEykGo4B-onx5W3$Mm`Fe$!~d{4mh(Uyb#EGii)5&)qlY+?TQ_| zS*u3*z0%s)_-(qdA{{f|jX|mAeU#~AN?y@SmX&eQuFwjw&>=apAxdy}kMT)q6i{ z_BYwUP}bFHAJxxS#Xg^E3I6 zvu3l(jCh04XBir=*B=D_ zI>(Rmrf#l+af+DN@z+cE1fKTWCRenywX-ZMq5C81eES~e9`_U#gZ%wb$obVh-+#L7 z*51_>qt8}KL{MwLIV}yf%T-uXo%=}i_AdA8swLRJ?%MFZpipGjt_=9_!Jy>X3_4g= zl2;M!syt$cby9MB+3ohb%W9*QPT1`1?A)u;$^=tFOG`^diVAZe=YtSl>6lA8O&3Xk zB)GIhW^4CMdyY$Oo?$N#-XeYe+p#>RJ$F#ay})^DvA-~lS$j(ZtN*?)KV|=mu-Ly^ zFGi)@`eYSM0Z01#V%3lqxDtN=2PUl!rt%E!vJ=Ou@S%hA-@(kI=x34bkuf)9NeaAdZ*G@&3B}*Q2j(+CTHt7e&_7@3zHl(tXk` z@v1(3hxO!3>CXDJ7_B^g&h@UWFL?gX5y2Tp8(2g+m~B=PVuLU01#AYZsM)O-w`UIi zzKf7l`eh|7{J3vDSx~l};vl5YL$PLYdlmSCiFGu%sn0@0K5^`{B02B48sC&tB^$o)Bxod<IqU)bPJH1nFE}oh|P9$agZY{9`d&9~qXJt&s z3$KfV_4(!47Z2HRW8LhPOa+FxR5NOmMG&xzgf?3DC!@*!BpNb1%k7K^PMUrSt0Wc- z-~LkVfkAO3I|ny8cVcU!h4+~n?H0+)T(~MK*LbZg(Ke5z=~%+dH8n~$8M%w>SwyXE zMo1sxUCEWr7YX>&Stvd6U5I}a#WH9^OUF|#7n1mNKMb>XsN-tnH>=t8*Q}7>oKf?} zzc$z;J^VEk*p zw*12k{I`AK%Xx0B3N~`w@d^ZcG}pM7xA_=X?sl#W~BRl3usEeKnuJGC*5SI9|s!3 zCG_8V>3m9mRy9{)+1*ykE8hx1jC*;@SorAHOZ(f{VdY7zW9!yzT-CC|Av7w)h=|b2 z2wkC}mRdK=u;Fd__qHm%^_4*}mMiL>87O?hSZk-wHgmfe+t+CUPj9$OlWpyD)hmXx z?VG==*2Uz#yyYSkY(`5k&rjFSH#&R78^*_V#+vjz(3$ZG2ws$rds9HxclB&U-T6J% zDPh{EPf>KqMu2nn=giPwFX4`w-uephV3DE z%Ayu~;Et*U3W|gMv4qElO=paEZ|O*Dc;JoZXH2y3(yL}w#sxc)Pm zl=05eLbM@plyFpN_SJ7RGYoz*ou{E=AsH;*vSky-`}O6}{toR&dGvPI(&w>(U-T7U zr}1g{NmE31crk_6z=O;Usu%HZnXJF~vJz{^B0ZT&F}RS8-Dzy+h80fM*ZVlhbj#n6 zw%X!~Y7kwKR6%Zk%(FRIrsA^ip#cgvIJhd~mTw`9<^s+42}R^c`3?W+px{#fa+dX< zKi0AeT>h@}5ZA{`%&79t4%sbOr)BNAd};S!b02X;<+s3iFNV^x&en_Pbg9C5jU1#S z%1TO?pzVdZQ$1KIfU+3DtI&nl?0?TQRbmWnFG;c958};owO{FPx+wy}-sC^IBZF7| zvt}xVyOUXVO*e(>L!6jrlN7!`fF?wq0~KeM?$Hi~;DOUN*Wpt3LtHHBFq4S>vWItv z>hZGiI`$ADCrmZ*mqvE3moWu1;d}1mG}{|<2_i;)O-a33(kjMyrlN?;bLV&&8y)qL zh2K`}77G717ESVgXy}7kAM7wWB@M0c*RMy&Q-ae2$tYJX@h7Jk{f!Rp?~yZ@V*I>} zcm*oGl()W5iK0v{47^tV=h8|sH$>9-%kNxhauisP}_?Bu92Mp zPARsQd}s6PHJ2u%iiw|!UFh%>MX!PqoQe%S_^SHR ziSS?#c*bK>6F66oxap)H;Ev$f{S+|y>xoGbWKuHEL>~K(;um4^-MDF}ZQc#Y&?N{5)+m2n8{(fGm}WPX==UcuArh1g5X6<@NY5l=XZ3gf5+uGA z&vl#1#)QPT)r(|s7=z`{pWQ;l#_`bGf4$#~O4NQ{1TO^eUoqnSDNPvlR*{LCVk*lV zq*4?Cn%ha>QIh%5m|%78bAEi?YQ#PDF~>N*Mv|kV;uWA;@mAqmCLyCULOs(GMt?`$ zd(07s-+EqObzQ=>YRJOKDLbeGH8nmWR^}+{^Y`i3BO2xVmTs9{GkDH-SKfRp5xe4i z4-q_w{C2u1DI?`%j7DR(Of0Q(rsj>p_#&On#!CoTyA<^Gt<{f=)sN0`+?A!1+Q^?v zG|sJr)Hz;%%UxtE%7W*180d@H`?U}GTjK3I7RM%LBb9<8PjB-FEZK%%oJ+8A5$Rd{ z_1snf?*CKNy8=ronh!h5PR6ct=3q1#^&@x6>^!1b>cB;Kz(pzqFth_cLdk@I(926W zA=no5l;ucq@d+JJt~~x$jgfg|_6zyHq502SJ%*Jj3feq-b}R#*$L8wlYoDM>@l3BQ z$F`ZCZ%vlFZnMOLsV(f4h0g$B4r<0an6AHEZL5w}R{xHgOiADoib zK}qGYsvH*|AIpEsdwd{Y7f(fn2kZ|&o*Xyo{h0p-9ybBGN!N!DkJC(hIKi1d+p5bl z1bH99JKRhTsdB_+aglEPRm(&#)_*^Zf?+`&X+Br%<}v;$F5VA?%y3uhr&ar`2GKmT z8uTK)1ngJfC@)SI+riUhL#9QQM{TEkQ5ka5Xu$i-2$Mj5dEN~B6R|>n9|pyH-y2x( zLTUmGx!&5cu{{1fHNtNZ-tEo4xHyxe>ZN{Bl=ua))o;r;>G*UfBe$~tN#n6W?IjK_ z^-3^L*tX|C_;O3tOKrV~1mj)=$o; z^4f_?P?$=^-Iwq5O+)`c`J>aukGK_1mKj@CJGw|eOvdE~O{FhlL8cCjeMYbU{UN=P z5-qk7$Ns}KIW^uv0S?iyQR9~#*0Vte zbIP*VbivkL8@#spBZuOJ)rVpYduzgAB9Bdw^BSKz>fNZ8e1ZT$G`&K9KX-rC*b#ci z$yTQ)t9BUg)AF5=6INtoq}kkTfJ0#+BP(n3kB6dx zz&KOIdd_4q*fe$>7GmG4@g$R$mfqOheD$86HuaN%oA1~o9q%=a*wm<{%f&ZM zX!1SAYI*|J`(T(E`cN!B;<(Z|wymYPS#Nmd$E&w*8IrcPw_nA?1e8%x#oe}`9~~X- z=dlccMlGW6TNe^4ZgAGfae}uq7w9B}#9qzY5WdNCYDvH*1t3#;^E{YA>-MFsl zTn4+jBLzX3Sc|%+|8fDS2j93BWb<3*uW?L+IWR>=fEW!rEq;zh{Co1nWNel79><} z?+IVVUb#U{jKrnuc}P@dJr;U?T=$sMbEsge={N2p0w-879sxrGau}>19Dbr^3G9F- zFec^!Cl60kiqFXv3W~(7vVPcn@dE9^{re3w*BJD>7QYWw*wLxy>!3a8?BHi-!HW3> z+bzVBPcbv(<5{EFSb9XZS^M&IT5RgrpV!pXoH&De=&|-z&C;nc;S)lMZ}@oV0$qvIchCd}`fhj&*vj zCFa(5i)U2f3HdEHXAjxZ$a(h_F-uopp&D+|9asJOPu;_KZPG2s1NH%Mn)ro1i`TGc zkf$%mr9*cyjSJ_>cacibgw&@|%X5eOph{RzBgz>!DPSAQ!f*`$d}OLC-u>eYiKsN- zJftckm7;ZwvUfCmi>UD(xh01?H2Q^u-08UT(b(%z)!7rCd!J`IS>oe5^vJJmSCOO- z<{}MTSe5v3Lvpg^xTqceDOx4KSAzCh;rdRJQhYu1Tn$oHD0()8y?*r#Jokq@vUpW9 zic_$UTud^&oK7l;$pksTCA_5IX=V|^9Th8)Q_H6yLLl7usu6*J2*b> z+(_8iXtEzQo?@Fm=K#zH)=&@<5z#R+;sd%f=K%ah2na1D&+-AV$0T?~0K{Ch-(b=g zRHFKr5G{FB(*>9z2a`=v8(W*+1#&U;-KfwcV9hit8Qd2M0)`}H7Fyjoma{c+^^YwG{wM3#nn}!$%M(r0VX{XscCj^_I_f)HY=B&K62 zG|Fa5a!C6JF#Ri6&T6uTWxtUVW~NBoS$1MQFNaxsQWZ)Nw|s{8OOa4G%a?(PP1?+D z_ww&-mFk;}mC2@*u`z8jDs&Xt_oKvI{Q4W68J3?tQ3qGi7D(Ru^px0H)PG=-dk?+L=TL!yZQ=1)yeEV{wN|KB($;RA7tUVmb#&o;u^&#E^Jyn>1W zd}~F$l2j8S$}nSme4{p(i>6=G(Cc<{&}}kCIuU;Aa7m++*r(4hoVKN2ep1QZ<$a>R zHtd8j0oxeP&hPMzN|3vI_omp%B3+0?9Qe^9Ru_S%c?;y5TmD*5Ky5UE30j5SHDLdI z2aY$H&Q(Ifn<#3{`*&YNh(;~YKWyEf@Cxe@OY!e~%R%>1g`q2cTM(?DIepHMbDq|a zgLhRyS(%KwI;L`)l?qXo(O_LN|`AMHg#Oxz(6-y?QhGR(wyjd8oXYQ4Sw zT`bF+rj9K0%m%Q2+}K=wxG{yX4h2(kQGUX3Qk@Qcg|nb;8Bk^=)c#HlVrrZa`q*l>fdd)4P?>SeDJ1C~^Hi zfZ9u^=IVgxx;koNwj&~9Vq*LTc1ZGZ=bb$TrKP!cYbkE?Pf*M8T3I;ia0s&C&xP)f zdzJTb5naEV*&DO)sj;C!GOtFXGt{{Gt8!6~o46;(J|;F=$t^_x&^P_u-A@1XtB&7> zUFqO}{a0`1ppKF$R73|C<$%pM&vFQDAPy~X{S3E z*)1)lVk#;S8TZL#M`_~0Y05S3RMjNN`l!)V%c!4-JtICSJ}yHP_4U1|uE|^_L^H0i z7O3*_O|9C&zUPMYMVkOPguH0+XA2{_R03(2Q^+{)U?DE2IFXD`dB>e$y zLX#`+fsT6X%jd6$pXLilFH$nE%2Msc!M=n>2>!)E!v6m|)_@Ze2$04H)Xc$((#4cH~4yALYzZd9b0w*jUaRsCZEB zfXS(`L`NJ~nsIM?jdVbz{JS00O6RrbOZj!|DEDFh2u!SF*TZxYE~9(TNFy#QE%g`D z-MMqe$hRE~{x{n{rF2Zb^c7xvgVqsJ@CpMRr~Y7b#>h52^L!yCtZ;Eqm+SD$0;l_q zA$Neu`gjeHO9R3lJX?ebSbO`o7SQl;KAWDw=Rf_Hbd2k~HXf1U{SL#&r-dYd8BTNx zL(1K2iS!3k!RthM+6D$!?eP|1gwDqd@O{36-$3e5uFobW2#=PP5NO3yA~%@E0EM^BFu=?MfUA_53WtN|pHn z>os!uluh*RB;jC}2{($<xAs#PWXLfdF16HXb}+pE-dc93R10#!qjl+=A6i;jbsiHEftZ|gVY_FR3r}o^v$4@#Z{A~_$#Mn=i5J-#hbsKp4;?tS zSTQeNyl8;PH$C@Ow-I5Q4q@2PbWkg(E9B){fMGFoyAHLwHI-AtH?WubF^f%@NXT`y zVFcURcgv?;iCo#>=l|5V;hGXwe%$>0yA6QIrk8X*4fWjc%ou1u_Yl(8P*Y?vopCQE) zE6+MFj?2s4?K%PDHBx*frrC@xN!6>{R{AzkgF1=y`!9zcgoYkG5djbFH*C6*P)Ikz z^2iBq9ulbI6UKjA*7;qaK8-zx77v%UzaLcHP_7)Jjg>M^Xb;m#dCzow2woBiAG*s{~<#5)vMTSWsGB!h|Qgs zN)dYvt$(Hn;%KhP-+P>owTX+xV9%VfiY^p6lSi21?DbG z-haa9>8@J^N{x5XJVAx=&&g7{k2s;fEQC?YAH+f(O*aCusF_Jx(pM`J|;o}lnLQ!)c-{|MI)Swj%%f(e-R~O0IBLQl>v%s2stS1oXAtCCo4cc54wgPqPpv<$ zY~4rixJgexwPc#y06n)a$i1e1^oZrdXGan=@IrKddrtJ8CBNo~8PsJNw&6~gF>apI zH!I4YfxKG&&K+R-Nw*9SV?o*uDlK)o70i$v7jQ1J8E^tv>G}-pvg}g{ugWO07-UDF zRAj$-EapA3&Qpuguo&^d=XKiZJqNU{jz{FoJXtO@)!GLyB0UXYP*uWFV06rc7+aud zSAT~&dn-DP4qc%V(1NeB>$Ytr5j-WEU-WK(5xW+PSK&2KqSQknef^tR4sNn3uS{pq zPsY@5+g)+qYg6MLiVa;hWs z85yt^pDQRRP!bq`-93l^D6+p=ObP{>ThjgLWM37QPft;d4Gax8M`xMh_J*@bxsC3X zQYFAv2axy`SRUHL=DkY@@1<@=G>q_Gr=-YJ2L#a1g`l=H%6=yU8dFv*G!=nr2=5FUuDw7TFhIE zf<4OHPSu6CO#Q^eRXZ`?RYlxpBR`vJW#y6HAc9cx`6Rh6qxDBi50Td$QiEJ3-Lh;! zzfk^@mF0OKICSN;mQRY2pNjSzY&TuytxB-eRzW_pP5$0L8eTXyG>en-ONE@C4p~lG zi3u@xn)I|sSD*N`juXu_pf+C(y%jfN@WDq(O9yhiQIh{VVKCT6EV7MHOgx%&mdtpR zW-hdade>Lp?nwDi&2g7ej@yu?R#zP>ns0KTFkY_I)Zkedy}t|7Kcf%QFbPRXq$^b7 zehzka_HqiAmXjU}GARyrn-%fVbam@1OD}%kNP_jDPgeRN2C@+RnPL5lLs=kCnQ|EH zxA!TwE}a`JkSp(_Vb{DnGoo5zlI=+NEMaBBF?r7 zq_wG`6YCJy8v2iolA32{6yrKN0PlS6?|@wq1xD?UPJnKVSR4Yb-y1)A#2;hfe<>e< zrFt{Lu#Uuh4y(lM`yDZ@M~|M{%`l`YP?W=&1TcAXXpswSj2j+`cV|1R!N9V|DEZiFjZ$ ziHO-T!NVm0-$IOC(~y7D1+J_P9}UsQqphE zLpm_`n-o*35=;|9`GacVa4MTDywSm7k%I}{ECUOlm1TN#QVn9{v>wnAzDRZn=ITOZ z7{WkyAWyE}ba-2Ey66VpmIi=-GNZ(dP3rEsXRg*U^LL>$rrz>HSkv4ReZW%lrNlDh zO^R?X&YL8q)aSkj$C51^n=i|r8@nb?sq;D_StXllX$~8#`tAiOwr=u+Q~*G6nsPZ6 zF&D1u7W>JuRsjcPt-df~$wck&-+h{D;QHty!~Om=I5RhisOK`lc!W%C$CdT}J958e zG=#VB@wzMFM98C#;pPua)+8p6vn-$!hwhy5T&G*yU-`Ai{m*+{tHbZ@ChB6cI^_@t z9xQHm->`kH@J{m->W+*g7DF29I9neJ%!BoF&~O4TV71Y=^lC)2080Ni4I+ zsRo(ynJ{qybz~KG{kS8olC#SDMUkOmB6R2NpX~xTUsMz@I#jDStLZ;Uj-BAoE`8*Y zBbel#JNyjB_&`gR{uFs#-|z=12QsyzwEs8>o4~rP2M&R*IM63JI^GMGD@>@udcb z-%Yv>J^+F|K&fBlo5sbo__G0J40$ATR%MU;9x96ZNfs%y3NdQxBUzC+WOBj-<1zhN zB0}?m;3@_FqLTXADNpSWM3&AUiX@)s$^TL~n_d?ns_UrDx0k)mTfZGn@ARvz47J2P zxv;2yR$rvY%);tdlsO_8D_f!Ct}n)gEonR^rk`1Oj+9hGPK9hbs)uU8kzx2P>6Crk zfoQ#^2ywDF)e$J_N{7A9|Ak^-vCDv>&JVo6Q;sXh7!5v96H8PMI(aQn(Da8G_JxrZ2o{rAkzp)m(`9DGTo z<_J}xin@)fK6!Wb7MPmqM5d6m{q!P3V6E1C6Nn~Ca;cMH_J!|j>AJHZ?JDP~<)7L1 zqth8_NGRx&hfLANnfIR{HjC6IA4lNu5b(bbot~MAfVz>)&(CjbVjGO368UXjHSn-K zEvZKg7Jm?YdIh_uRa3*w5Q~H3#C`m5atKunA_q8O$N>ahdmtV$VOc}^<>W-C*ENGL~Xus%|4?~W5JyjDf6Xl`qJ zi_sBMS9AWwwGihEtO|T(_2Twn-D4fe^>MWk;;3wv3tuaZ3nh$}@-ylf1+(>9uQ)*m z;&Ja4Ht64d;n3baW%D_Y5Ok=m4=4M<1^j&iGO`ybK4)kP28PNS8tzh=mw(4|yV;j+ zXYB@u0@NRH38qbSOR!y>G*>LJ!&1=k3W43*Thj#v&Kou=03f}v`pS$r4l%?-t~BJP z*ZMX#ylTzX)ec>h(kYOXHtEl&rwtB|A6x5C$%Tf^8L|>`68h17XEKnoFs-1cU!3;g zzo#mkR73)s?DWh{&@JF-jKY>#_VYLTCMNXf-DxoSOEy*2Oq_P2r1z&K_!=AL6C^z)>f z<__lYU4iw3fe6WD5Wkc59~;JeF;=&;P#eB zKjb|4`wOmNQbtyWXfsS32UiOydi-9!UyjVs^T}XkN<%QDzD$vHG%2MbV>Q%_S&9Av zys{%dM3cUKrR9G`uW@irEI8ol%9@yDoKWOdEM->G-Z6Xh=+Wflq;G~oqWWigs)r9B zzFq4t54m0Gxb&Jb_;Sp5HG(O@^;-UG06^gb5GD1v=_S8^dPc^FkF#YsB?SBdWKsm{ z*R`r$2|)Pg4U3t8~kyoJols|+o4fO(Te^g?`4`TV=WDa^%X5kuEU zl@xZW(`uGOx=?Z60hWmCk~QaQJTf_P$bGps7*QE>G$iM879{2ec^F-o?m99c$Pxik z)z;iRw_7&gxI5>bPlP$~U)%e?T_M2e@IfSZhbl%4e*QgV>$l$a7TOP@Z+Pe%d`E3r zYI|9=Pd10g&m|52OV7YM?S#uI=Zo2QT9MP8AHXngjW0Ic?DfaHGs;_FbMC!^gB_jX zPAjISE+V#jxG)zeH+^Tb=ygoYO=_RbKoaw6<@b?I22K~p=N;_C{Vg>WYeM}eD$Y%e zRCr-L`q7tlIYw*w`M+F%-QUjCo}!}Jv4*MgC}XPc`2JU$_)1;|(o<{RH9PwpoLH`q zTQf92X>6B0na{plW4`uh{Ga_^ZN}yf0F$(LWiD0^C4|NX3bx{!0a-&KoO<}4$pLiG zLk0S2CtzYuB|14j&wM_=w$d4<5@Ga0FajNDZ9vY-U57fdALz(hPx+cQlGl1azKT_J zUKbDUnd(36QzF}}dV6p^JP^@i(xZBx9}BSSR=sGWUJe-8Q}d^cT`FEJjj9ln@+6gg z`jlM6!j(fcp6|&Y-tUek4LiFcdU>dUl@*(maq|QhumLKipsf48UQ_=ap{MT+@a5~_ zNg%B&EOX<#flGmRw{yv9(?xpX<#N8?ZFQ9H?5Tekh3QlG8+39xH^gdn2W{0;c+w@B zuEFZpCQXO#xWC6CguM~I!=QTIut_?=55%-s7P+RPDL%BL$sE-=cFY?3BZ_$}D6s9G zhD*X{$J0tx!W4}vAUVAgbU=q3f-i|pdrwA7V|`usa6YzJSs9Q43?28)7CG&hn3zc@ z^f_U@5iBA6neH)wAoZpyO->fhfWH3oPF#^6x1_iC;<(_)r%zx+{^Kvh040e!G?-fb zsZ(uEsW@e2k#1jpS8Ge=6PyywR=RE5tQ6GIpOpptn{OC~_+&om1GWF1I%-JPp#p>) zJjbFw-IxBrUJnTgDQ>@M|LFF;$RHRAs3A)97dSVRWWuY>GvzNO@D{-)nA^&ds7EjK z#Ff!q_GR@ngTPij-s(~6d+d{HcFHG$hjAh~ES8BHgJDwDdjx|zruZ&c?%nB)}b~cA_6D2u%N&fh9^M2ggIHbSA#M_=>imFc#O;B#f9Y# z^kTS)SKb7*J6bJ-iY1W(DaB&^M?8(V#Ge-R)1?pX?6|P7uwKT-qCI%fxn&`^{FCON z2UtUbpYLI9Vk-3x1vmzwfSk22_`to1KvvF( zqWl}%R%$)cD#9`29Wk13CQwrf#N{4w$_EL<@&!)kKM+8<4T?!d1}W9RmGQj2RxzvY zzho0|cT<5a1mrb3lULM&Bxr?ogU{|Dh|ymhs7HnPumkU}#EK2{nO@C#uA^4z?Zpf> zbJIhcGo;+EoCCSKQPyLX4egu1KW*e{e7Oo1d9YKsl`c)Dp}RZp5kEEwTcekD6|I0k zh1l3ODWYglLv^MW32@llRIAnHV$GrC25t3s=IPXePk{U?IK=BOX8{wUD*De)}vFXy3JUY24({FV$0 zG`(rsPZj@v@j|a5QYno_HX#! zULhVruMu)3UDFce!g{B0uc;LUD0qtS)8s)25y7>{k?CX!6&1H{QRUfQO>rWof1KwK zpLcQb62Zvim@!Q4LQ$hNJ%F2;vUz}2# z^!9Bq@R-{9Q=qmhbo|8~ew|0gyYl`MGx=Y>EuVD0xu1Ih4GHUMxiwqeb!zG;206c`mNZzR)v|=bbrbv z^4Z9=UAaCvJ^efon`AoPH2IZ6GWdqYKY4=CFagXr4aI~8Sbregsx>qvw>}&<1uiG~`?LHMBqs2iA$T=6v28U%TmulF@@pXY zn*IGeI7R#bofvY<;Z>Cx9b&THFnaG>h^>0^kuRu2Roe=^gY@{}rG<;2RCvk8ReALT z;)U7Qj8%$HMk**Q>u-PQOj+e?$i-B&j!|`xnuZ4pzl!izV?h0oy1dO}v%~-4Tm9#Y zH`)KseOC#V*8fKzfp{YbUVV0AzG!`tIO7pa<8Xa$^Ic=Zqg%H0XIOmK!(aJd^|2uG zaWIC|$EcSBBvr0~*g1fc|L&)x2zoVA!!I$yo1ocd^5H;6wUmmUSm8#koIS@+a}yJi zODo;f^(FBxxlTXT^fz^V5ClDLUK22NjpNjRZg~VPpGJ)dE`rhGE3d3fAcI34Szlkj zmFEJy5*WOQa6Nln8Pw#A__O!?0Nt=0Ekq$3wE60D?C#z;SZsAG3BYCn5)y_w(}~e5 zQb+s2>BiqkK6B}m5|>xv{8wyNlPlS@;9>bi)WA{pHeN(m`A;;`F*CH z_dAzt5EkHavT* z!h9H^Kr*|8$RFD>=ja9Z1unSVSg0ktmB9;S*07$=7a3PYLKE7l&zjpg51VzsK77GA zovPvYRv4(Un4yG3O9V=APG_eZ6r%rO>#O6c+LyPFgmei=N=mALbc3Lvbb~Zf(jeU_ zC?P5!-O}A1f`D{)gLKEH#{8*;^U^axkpd&m4AjimUkkv`Im z3^y7X@LMB8TjnVts|Xebf+3<#QrN)zkXYllB@UpAO%pYXR}`Q{j2{)U79ngfg>Np1 zN8NTGuI8CF*G*v1$FGcz4NV+*3l{MkyN2+Znkz|)Jh?J_Xh%XFVwIjx#%t;eP15}@Tiomw6}qlDaBMHe?|dQG~jFp?t_K$ zm_YnLVK;!+v8^{v_q-qNjX6~9fP?fdRWhXEE{Lx_=f9e+2lW^;fh#{yIY3F~7*xao ziSRZxq*Tli+1`j}#katE#`5f<4ajaDnw&WviGa3?yWRpfcunwk&+>_}zvl^Ebwkany9^hW-TYf#{S31M{&n=7@#eN%?C z=w*cbKa=#+x7Ybiz8&A!1AFK!7MpO2d_n-J1QJ85sHjP6j9+ti6evVZ)kagBahkmH zP3N@tyfR1%zSEcc7Zgl@AoB#p@^_aYAv6lKFV^8!n9}vPW=e`Fdq*DazD}eVCgGU7 zi#NUd%ES;6P|=_}sgUyCgx(=qNO)+#BIROhILUi!ozWU{g&x+}*}V4uBmmz(HX#x# zO24x)iwi`m447Y-zoR8zL7N03V3UBb&?~#Qx3+)Qiy%=HEL+oq@x@J0N^PRrle>92 z4E2VDoxA8`2#0RrQCEhGMN%-sbvu8{JBpP1n7 zU0s|iFcQOp-#f>h)Vhw4@Ji``0&Kl3p@Vei z4>PidHk!3c)j(7LI6+W>wEiH78idfykVL?bzP5&=d&R6b`3W@hpuS_5T=eY*fww+p(@>vt96>uBJ`4^M5j*U*r2})TADG^Ngx-f-_COtH55BS6{dcG7LQ&5 z4isC#4Yc2Zl>F;&C8vmt_q|E9ioMD$4_BPUmeO9qLtheI0ea=W-{l9Bp0O02Xndwe zr&GaYjP2L(4qH(yg2_ZlLEYb-&9n;rU(n1Y(V7204**FG_!7X(FJ@bA9t}O` zH}Eg5b649#3$^!@hX9ABhr#PWV)Ug#oDAN(!l#6;)R2C|1# z0gzaQk>Dm=rkf9fG4DodL2VB36BhBthq~FkL`}(T1Vt-KCQ(weG6|~#J<4>8x*2$V z{=b*p9@GG^Cg=BYB%lhC5ZkyyqWhn$ap1!;wUR~v*y_T~z}UEXpab>jk^0aKmD$aE z_xgq!j@SV@GEE~RcR4vZ3yX_=qN9nxq4%EzH?itJ>Y?idhtI5n`fFvAQQs-&2hON6 z#r6P4?iA#$TH7)8&$;5Dcrj#OQ78z>co7>4xuf!s*3aHM!(%KtR)PSq5o_Z!@YB!% zgq`z%#Z)gQDB)fXxvJI_7(Tz6z4j2FEGGjiWRdG3L?&oFJUsiCF7A&y^7RZ1?n4BM zdy8$#F`@OnvO3c|Ou`xkuAo7*Ii0>~8?M)@P}YCoti~Z^7z&oR{3|hgCnnU#Mb%{6 zZp_3fhIdW-qWk&9*7I-=N^NAAWB&~rp_Ec?Pt;T7QnRn1B$Bh*kQ`DrJ7|;}UswY6 zxc)YgJDHEcsmiYiRC3EkGMG}*QlNn@m(ltX(j}5@cIOn$r@!hI^WEM8Tzat$}|K78DEgTN-fQq+>8B`Fpcs z=-L8Q7WiO1WXOq3iU4tnj+sLs*Q+z?H<|gE<%Hu8utRdY>{$=pGjOdbSYI678=1Lx zj8wH@KngNzygpAz;W%tkua|wn*s($3!OSnvW_DRZ`2(sFel7X*iGg0cybi6SepcEUPTpn+=**OA=kD z7q)iWqzZ|&9icc}#RY0b#TT=$1Rc7!`dYg&uC8EM@hT1&E&LuAdvp&qs_{O2NE?mM zGV^$K@2T^yH&Vxn;|`h0&=2CHqeuP8qOR-~6G}9aWVz(OOiXGRw(RV`5@Dfqa^g$mIAULh@#i9Gn#@cfTf=@!DF zf@!k(_t=z$6dzD2M1M>Kqr?L)XLOZlcqrKGQos=`Ea)1VyiZA?a(=7~&>3Je1%-{R zgpr_$=tnrW)PFtDUOI3zZrTr63tkRaF$b z4HdXEkm*PwH_r0e73r#z`2gxG03P(_p9x5=hpXPu62L6}D7X9n!Ex@NWn?6}pz61M z$U3}od|5-by}hrVHPjio;cqS#w(zGufB_U<~(VTr&1ZzJKxlWVIP<3Fi3l zj2Tk4E6GeNzjNw4l=V;bqJqyf$3J_Zk_tJZOm;RKX!bKdt+-`&mi1j8BTRqP*piVdTNzb$pzDkeHc5|`?YHs!h(?kyY8JX+{g zNzVjY^2^K1KN{@OKpfcb1f&rFU$ei!Xj6p$Kat=B4oq=wkn7@n&53x%!rtl#zrmq~ zk5rK~f;}56MGXn*o5@iiy~I%T;;N}Z9KHJt}DsHt|r2Hv;fZj1wullmSl#u|UHcd|b9k^^Z7k6zIxbgI@F_f-g& z<%AzkqNhKghsrcVHW&XL^Sh>7mYmb~#Xy#`hvgw5fl8LhjiN6W+6tf@MPMRwN@+9! z0+~*k#rG>ys5_gUoZI{h`*}Zu4-oW##Ezt6h^O~9z4b#{M7|GNAK7*mb^`0s!%Vzt zycE+RkQx|Y{S8tB0gVOIn;5vASe*r`_rU28F;WL2e_>!^{7evEC|J+U4J>P+FMR7caN29TNw+*CnE8eBl*&8&h4L&I zaf!*_?YuZutF|LjDNuh8NN`6dv;ctsx+K_&3y6#)m?+CRb4&)CZgG4BK|g;6yi2CeV3ogSVo(W$UXcbbv#h0#e*{kh5%F?N)JxV z_7eB&Y~-`ej=_5-1c;%NlaskgtK}~hG(J*()5)UqU?rYBA(1uhqG%m(Iv>BsrCZ`q z`wzVHwt}K!npJd-HNYN(eOR#R|METyrP^VQN{BSKS^?lUG8+IKs>o?i2fFZ3D<*u% zFoB7RnmwcmsG=__GBS+QI5r0>u+r;}hygf&a$AISYI+h7u@?>yGopsevo{p`n@w;X z_sEY66WPRBlLHJWnfu|Veb^mNunyK*W;WW_I(_fklP3{J&Ur#oxuEW|sN0@*Uf$l{ z=T~&jIp9w{5!Z>6?uD-Gj_evKIjPh~^Yx}zM^AN&F?g~I1 z*fczh4+yH?^qihn%x!FF7>@Nne!PFoFlp4?SMTl$I!Y?p)E53ZQf z!szC14`hJ`E{3-)#4S{dOM4(pU}d+j7bPXCcI?mFCZWd)K-Cq4)1xvN!+r;#CCXFZ{M=MPTves+|vP+ zEG3NqvHwX`E;E9X6Rd9eA%z_K-_N5c#?37(7!?Jp3rYr2?-jBB7_9@I5sjwSAi zxc}|~u>NmvmU5e`4mIMvl+OvfseCn<^{BR$`#S)a@r%HCB7$E4J2Pmg;A> z4w!odBS&$&0flIeO2L;Mo**pN_KuDwG{uZpLz$oUodB9+giY#${?3ehv6aoE&&c7Y znEENBM)h?6xAnZTITo zTU%wkCaPtcxbNMEL3b}1XD10pt$BEPUtKW^saB!X<<7^z8Qx`5zYlK+?R!t2ZlCXf z3x4VsHMZhuHg&rTlF$~}N&Ut7D-3vFIGY2b54AShYO^3zP*PGt$-vL6JJ0$x@!Vyj z-EEmww7@3g$AKU6p-G+%9#N0=tI>O%*OpX2Mn|JKIywSlYEDjr2L}jU+090z!i0*= zHJ<%zk0N`(9tZbJGNkyL1Y%qocWYXJyU>Aiu-4;Bj?o%*rhmZoe_Q*hcQj=+4iK1*MFvhO7`*1AgK&XD17& zk{ja06!moL&2j=*0C}0kZ%l%#KxAv|ha5{MIRxCq@jmfw%s)^ed%gwz~r~P6sL?ga!K8uG-zHZ=ElIi>dbnUBYmi(Zake&wW5wbyDd%Suw6|nNT zxcvITY)x@7`)K>~mJInI*|fV$_5W}k0)hjX5$|{f;aLPwJC7WOT!C#ba4-{ZAb(}( zIbDKA+YOhBw4GQS0Nz?n0YCcX7K46k@Ruia$9HkoS#1VzS0~EQ(i^U-(eI;RVYNZ% zl%+`R?;k1C^w_C{(-hl2uo6D4HLkUoba2~W%V3qdKPOXT$mPPv%{>R!6IlQ^EDkT9mI(I6>~M^z>ivpRKpgA>Gi7X2QouYU>l+q^ z`=vn58xifU#0G%M(VORh$-T|iXjIXnoSK{$C=xpKH;C!ObmY9CA_LqD`8fYXqx|BL zRZ8N?$s#u8KPmJi^r>C-RgOLY_rstO8L90if19K``T+6!1UT|UzHj7?V~tJbK?wXt z|9CGepNh<{{zO#`8Go4VrkCra! zT}I@NJ@EBEynp|xVFiF%G?p4t%_nM!AToT9b9)?qe*TUCR`5xm!on2En$qdzmSJmy z;7+kG5G9=_Gj6gexK`BE=ncPgdib+l(Fs;Ix;r4r{A%dOCssM*mcWRUt%mCeN{8)j zi*VN_gFF|M*Bktb1>cB%JgJdwrM@sXiRu#7a_{>VtH*k~*pAdl0O5C6cK^A5`w;xc z0AO_B%stqtdn@WjR)_o)k6d$k%hXEFc24)t(FCvqb|ok^MUWVeO{G#wUr=pfA=H*K8PcrN6QWsKFcf`*HMhgWNtt5=i!qI2j=w#5;vat}+sX1r?rpQs)_|dVY zY?J@tl=V}YC;lCWn0^s&Ekz75<6rnVHOS!2XzKl_3DnQo}Upit_Iy*{7 zGg31Pv1dKbrOOUT1z&xwO+I~3N88Q|EYER$2uH{LG|jEyC7uoL@w-o{*u=zv$&FG^PsdO8gLTG2zT{YZfLc;=UcevgwBi=X8mtNK0v zrt(g(eAIp39DpGzFaH=+%S9IFoTP$o2nDjS{@;9&+9AsuEK!xM(#G%XEU5JXL^^6^ zZ{A*%gK*xl9qUS`2GDw=I_?ajVZ|j@3m0z>)T-V@pfh26KLZRYUnrk69e7?}<|&MM zE1-Rs;KlD7*&s_WW@KjTWdla%n1I8#bUb^VSa<$UXtub(EikpVQhJ zZ%;+L?Hug>6KyMd8W+pM7VSDyYw928zI)}mOkC!;qdon2L*}xfjeK->zPW>$mRhsL zX)|PWMYXa~+hwi61z6Z&N9Q%0=tPIMF`3tu{7EQVIiN zMBc1o(F|d9s=WT=Sp1o*ne>-S%$`i1Q%>%VgC~12yoT8xC(Q##+_luYqr8jpGw1aq z%$!@pXW^no;`NU9#<2CVspI$*BxI)-a~t8JXKsonQRtKt+9K)d2-w!a|LC!Ph(_i0 z`3DY}!t38ZDrw{_l7i*UAP53d8i9X%%mA-M=Tu@$lDX-yEp9zl8vb0CU zPa4DE4Cfyc`2Pr>K3QpZ$V9t^fGzyb??2+`3JrH2Khmlh+$2n9?TICK`FYQ~nQoBd zI;`7hshebEIB&M5i4Ws6Nd=sI_mT+%U&9L?VQg37^u8L#L+i#N_4TIcL(*=o&2YJB zU-dodY@UP%HRU5e>TSNXwzeZv%+127BqnZ+ty&>lO}lE6=TFN&a_Frzs`e0$H0^Y* zX^dtwF16N6nYo^Ww^ckiTpP4I)^d#QzPcc2VE27$8T~j_gi9q?E%|3SUR}xD)_wsA z<^3F$JcW*{+!BLZ0^-4lbcR&sxmHHU|Rh;a!itMtxfWzhRbxAG2 zur+vJowNysPbTo&h}f>wX95DGbt~E4{_~xP+fjsVu~zkID>_b3>RgXUy17C}!O1Gn z!e*?YWg?(2VdhXiSZPq14=1YVQql~-blGp8RdsQW063WwT`9ZL1>V-^+raNId1j`2 zvl8?s%lDUDJIkQm1=Dt{$f$46@)0^JU8Xhp8?)gIJ35FPBKVf2ET~zz1J$$4D8%C+RvbwE>WL}{evSof9x%y}s-p>1=^6WD0aO%} z5zhqo@(E)+SE0d&F}lY)W~X9E~md z9w2hUnu3^PZrOk}_ZkEAR@+b&)G7u2X;T-bVwvYR& zj6LdY3hHOHiD_*whvSFCScq0+?h2GV)J32px+T&2Br4cYh7qWI02(&!;x0;x>mRlR z)ENzq39%!5Sn=*d{fp}+&ze5WXV|+{jkPo+cC-SMIhU{1nAIJFw|0g(Gf8h*p=c74 ziGB>O2+tz;!;n@`H3=C9v+Sv*2}hc%;?sTGZOru$q z#ctu~&rJ{U$u32nWqek0v#bd$3C;XU(M)PBr>2D{UZG&^%Y(9O1@e z$m-(D`-PH4*``_gj={*D&CIWz|7^0Y6rla<*sbyboUDNSY88`6j}hGatoaG|?)?V_ zEb+&jqC)41*O}m_h&k<|78d!|cdkz|CQ4268m^X@m#db5=2;wGEp#%&YGwtJ!GG*s zpS|8cmQlJ(ukSZ470uh7CLA65#Uu0GyLS@IKhKSYbp6*rEp*N3?lxI&5p&t-d$#9` z6*JG&DzBW>mGUeIb{NNV*6W#|Jj#@2>t>VGb#;kk*OvRzMfd0uEK?4UUmvcZg2h`N zF_vyX#bj|coheU!d6*o)ZawEEajq679KCZrr&4A%Sv~>4l3}##z-2R0>$a@w8wSw9 z87}w4W}F`AFq1bt@Mg`|<{~(*$`&TlXKSztAx!3^q>O0T=CND-s2wY$qvN)h_7Zk% z+%t6CAT)R^`|&VI;#SSfF)#{u%3@#};aZg7I02iEzLEn#GOu19&#)y1g)F`S5}vmJ z=OLoNijp=sqgCW@Y-qIJaP8i{WGwk$bYtnvoW1_dFr&cH*y7oaTE42HlLF7~ zJ1_3*!QJszfr-M)LY{}zuLqH*ehO2_A&$_I4-u?**1w37O6p-<6!{0Bdz%a@@BY{4 zgMadF#LkpYk}?#fRikBL@|$1@l&<-(8dl)wYM(i(O;qrJx9rfAMCpT91|o9kUMW3{ z@;||cVy*#>;A&*+WF&&q930p4h zIBOxE6G+gs2jH5&ntM*jElFODi;l7K!UZTgK@ZrmbwXhGAmi4730%Ja)ew#p~<5D>+j=I zbww8%OG^YQFDBSI#n{A-Rh~L!rml__T&p*nEHT4kb*|M%HQ6SnzSr4rs6eqqf{TSD zezxAd1_~3~)dw=tz{$JuSIoG?f}4vf7D-*;{Ds}<^zo{(ko$Acg{{dA;DR?yaNTyU zgB?xAa2-Db{U@z~0OJIAm7Usy{N?WWoXSefW1x4*Rr>XkTUhr6q`91Bzln%=`tQhYI$5X=S6cfq2%BuaBR? z2-Xm3rmD1a)=T!(^z@RU#0eY$Zb!Cc^U)=9{;3B=hW#(hWCuQoJ5k@<3+nfa!6vKL z8e!|SQMzEw~u2ymGWw z8>CA+E-eb9O?=bY@B9KD4u1m)4zLVmw8HtcH{?Klz3rxX9w;q;tRE{K{kb(+m6pFI zd!k99WfqKhOBGU8SJ%`A94dXkc93o<-^0;MjKhaqWB*-TB#xO>P-{Znfd^vAyB-)mg)}s|cXTTDs(RJ1N|* z-LRy&e}9$P^Gfk_l$n5D|Agqn@vLWJ)yvw=%!hKc;Ns=%^|!qBfwZ9dtFsNr5yM>O znO(+<4RgpY_CmWu7CUEa&$7KVMAS?zo%I)Sjk! zvo`y$tq6I3t-bdDR=UP!_bgEm%5h?K9BJfQhc}jA(E}|e=zSqC|0%ygFPB!T^5yZ2 zZD>J#yvZoyFE{MQMU=~i&nz_(9Y|I&<4~hsW}YQg0iylylDf* z=(5@chVCeyz!4-J3MLITyIs$5WKkhiF7B<*-5A8EDYIF@DM8ama*)SrGH~O$SGr~B zT{ekn+QOAaIS%hqI$SujRX0U7Obzs@9+yI@)$yn__}`5GCiiy|^%5qs%2deENBj`q zK9tkRnf>*9i55EQXAf&F9S*D2n%M9Bd{m~Qe=B!pH=KrI=teUKpOnuBpyGFuS<6n} zWOC?pc~~BHh?8{hahhPKlAqaR24}z-1`awt;99f6kC#09VUInKR6})sDf10B#Uzu`t7;hH{~3}dsI1&rmw3CL4Z-@zjzUI^3ksJr|qII9NsRWcOO zLaK^iVf)DPK1)TW(2ey1+h$f^``Cl&)rH&F>P7!sTH)BExz(?8gHqb zsxQeKFmx5@T%U1OZ_}qkw>D@72o7t*I)& zsI%+iEI`z@-zzw{<9Yq{N^r#lwmm(0p>DWnyHs68*f9;VA51c*-6t4C{NFcS>s(-^ zulHVc$Mebl&S197c3v`;GwF_=lZ`|VRK1GNx`;81XRseHF%C7Fc8>HoDoHe*8Y_y_ zy9)XRV0-`{VP)CKAR!+NnOUc+K4Dyp)%c*L{SRKv6OQ1T(bBG}Cf?yBb1 zY}adm8__ZLZTHrvYa+)-;u@}--L&@BA27#y>bNo*kxv~xo(tDkvN|4BA{EmvIRO8Z794D6Ye6b#Ug?iTo(}jF*2EpV6jo&7?RMOc zvn^sddEfke_l5adssv2-U1V*^m?qC49FDNjc|VL2)jR7+5ae@u`|oy5ITk?vI^?pXX~%O z-cikP!kbI~Ha%1}oyK+QREop+KlUixDCTXE)mHZPp;Ee`sBJ0(5}Y@a^@Vx5wzfL3 zm`aae5BBmz9n5inG<%l8#bCT8%GfS@koiQ;$^98dRO&}DRi{$zU!VFB94$`;1E8gq zl^k$2Jn;Q{c>{y5A|fJqcz6a^Ss?+Cm9pC^WOn&)1;9YINNc-ua<_UL+|`ELi_w=t zR-)B~osP$nTvlug~K^to*1^axPBUUe~pTvxOjLu$J_qM1Wd& zImRr%zwUU-!apYb-bzpW;Gpf5rGGR4*2L;;4>4#9dF(!ct@bxxT(k8G=3ohFn%?du zq@;4ZSQS5W=&S&WTq+5=Cij9OANHd$*S@|zLMT3%F3kaoZ+5#?xr6H&%<#t(ES!bC zo|pEv@YObiPgsF*4`?|~r-7rBs!@^PaujO~SRct2JwK{mj_D`nG#{g}b*cipUqfSR zi80`4H+>kOk{?~}4(2&+5A`&+Bre$8RZa@-j}*EFrA({GBD8!&bVt{3 z<33%6<{f%A`w6AAujZrRPE_|k7`+b^c)}#vKBjN7| zi$J4_gkGQD^P$F3k+#PY{yjd2+>5g)PK#{kI$Lgy#{7`0T((&)q+GTLPuaqrALt7% z0J8(z=0jtwouS9os4|TJ^!PTHXQ~YYWuw~q{w15!HLAY1G1+~0K-q(bgOkj+eex+? zDnS!d3lvufUFK7j@?w3lHg+2$(xI0}@@(|mZvrw3M#1blcqLH7$YWMhHoA9pG=Hvvd+}JPJ5Q z*i<*J<$`lHy*k;@nyB5#93Knut;yElYckmUl!32nnH)5f$u?rdpXM;$JPoOr@e`A-II3jZR9z9*eX^d&~mzig_`*mwCdrE|Mi6sz{^J4H#2pM=OouO{2#YckI;-I;*GmFZhh07b}_K!#A~#Dp2~ zSbHPjt^bKZC5Z#+i1CZG*h^P?^ZXsH>2bQtBzXkvLe)mF?NGsaMzVu4t9F&Qzc0yk ztiAo3m?V`b)%5`t|B!a2sXCwQQ7#e7XtweLHsPf=0Y#rqLG#f__xW_SJu`z5zsLFz zLkXE9mi~tiq&%;Vn!)1_>-nuf)%RiDj#h@w#l=efx<7g-;8Mx11PWF9SmZj+g>Y0} zMWtN5!olJy#EglWS`m=3C92nIX(*pO>0DUI=hLW`Iqc3G<@kL|Oi3#=Q zmrU*@HSALUI<0GiSxGh|2=x;#!a4QR#^vlR$$9=qrdFak?B3wjpNM&}5Y1K&GXB}P zq|gljZ^MCp(4YDyh1vf)&FjWGop)7csvtXh7^DgsB~!eKVSgs`P%^WNq;g-I14j`);Km{FUmyoqGB5qj6n_ zTIs@KIe;UF!qOYYCP73By${H*{;N0R(`Fc+r>V&0vaAgzZf$BR; zHsdZ+LuNK(*6_Xq#IIo+V9=y4>BbsuJtn|Q|@sT9+BOY=_MJ|aF%i7`z+cuIr$wKBU}_Pv4$HwSbc@b`%?$`phoyp`HWdsVqwawLY7LZ0U6^4X-o1rjFe>IbLc~-ag9>^* z%%FV%6ARz11BpWLj=1^(*+Z=wMUA5btT3VpEv*Umd}o?CZ?8n;+?isXR`Nx{@IDz) zm$HMfgh6TOOD}_50r0P}{jJKLxD;}&vqr&JF4DTQMI{mfZ&bu(GB(UzKD^mSyN}4g z$gflcOBpJb7qEX#lylUrUpIopDE4~b%afWA_@wsVQ$9ps^{ogwK~ z6andyxDWs_Vq*}WK(O<@s3H&z_>Kralat5{dmKkKhI=m(GR z=FOY%`1riBF*QWMvRP;Q54@IeqZQ)j#A+|^VnyV;UcMe)+f#;i&-|VAB(`sN{IqltK|G&vG;w>PXRmBL6)4$Z^vio_ zW;fI0jd=J_6<7;+wJrtTNN`955@4d8;Ev5!?7WhCxwg8(Sxg&pL^MCulVr;Jaf1ev zQ5<)WXqGTfPjU@cKGD)5K}Z83t^n!>l=ROQq{sG90rMflEi_9N+6Zn-4-SOXrs2lQ z>B4Eu%FQ&^QA#>-{b6z$BOw=A=ZE;-#3;FE4vE11Hu49sL=*SR6W&6&kONLvD2~1Q z@4~T?0hn{Fb==((I29{hG&f4In^*te2rWl~sBo0nmol6N(0(yoeWmhsrquBI`G#=D ztZ&#I`$v~EH%8wNO=Dt3*wBHUd=|;*pnw-NElk~(uY*1X67Sl*Ep8bXk0{%`9ofUo zjE84_dl2Dm>(C~@1XRu<>!i6ZXTsD%+OZ|j38t{(iOm5Y1o|W`Cxh!X5L2&@GLko@H9?=Mv2Z zw3s`|Cn^B&+&R_X8-td6;gC3jO{-|j-2({_50uf&86h$^U*bO*i6t5~{UYZ*y4%%W z!z5#H(*b*bbT^@|JEZL$eo0sM+CC7aFaIUHG>LSk)K(p_Y449-qo1oSAQr%0QQ7yN zvDVtQmwVKmq{OX1X!$vd@aFoyR|?uYL?_A+0qTiZ!8~R{^&*nB?bRIo$jLd?_y>0hpB3LkhgEuJ1Ur&~E(g^2vv@PGe*?95@f z$>T(&g;O~q{nRx(5kpfLOitsrCli}0^Zk6T01akdk>e@1GU|Zs9{k2) zI+s<=x9r=h$!hanv;{)eMOJh7a9DAd)&21p6>`lEzcVHW9phj!kRcX8Vj6sl ztD5%u+#6gIq&DZyr_p1TNn|@)sc#IlQYdqnd{W{=SvO%OC!%ruU{MNuO5;3m@Z4@b zt7L!qqB$Di4Qdf2%dVIqXLL=Vi||(}3|@=UBi*Uzuczc*llpa7mkr(ZF7473@Dx-^ zx3u%ywg==Rd?eb%LWx-^w(U%^`qL<}nvAgxm(ELR{HliIA8$|N3%se9gvsB;#<_h^ zd@5NsuLx|rkH+yvrbP-$F?!|+f$=Zk$eqsVT6j6T&66HFvc+z;HkDpvNj5S4DkKgJ zlw`0A&n`B5&dKP4V+C(aL+!WwDRW*hhaOM|5mWdi266ma zhutZSk+F(pOjYbsMz0G1b6!;NGkF>De{Ru16Skk@$yR?ow3j24|K~H8ofknCcj2^Z zcMpo}e=1WXBKRd)Z&ySOp-vLf=%K@@CMwlj0o>Y4XBW$P-jZ|slqUOGzgr)O1A%~8 zBZK8$c*IC9B7;d;zo<@bIg~#Xf0<7D>=Vq`dHe0CYJ8E7k_I{A&9BM63k>ZIIq=cf zd@Dbz9$p@U(Dn%h73D}ev+IjMTj`-&rWA0k?0RZg$4ITw!1W;C%IWRhuHCWu-nfPU zy<;z$U(QG^hE@g&$rmb(`Sz_@!sNM9BR#$=%?4seN&$C^WVRSDMH-8R-?Bu{Y;hEd zYjoNx+=6@=6ujbi*$)4jzhf7QgW%;FXVQX&m^;(B93YzB`Iqc~!c@{&>t#x9q{Hmd zz)c9AH=jLG3=CG*gvbF8_V=g$8&~gpP$F!Mn+DT9By~7V3L&9cQavZ9N)2inAQ?^|nTfo<^f-{QhLfTNGif&-nz40~E zKR&sqDgKWXW`L_~<;x!;{^ur!{R8I@dFuc8bm;wb!tr4yC@f?fM1()jiyaz$GYoq=KJeP|7sG9EWa;- z5*JT=klEYB^t$R;4sJK6>9G!q!4ztiG2%v^o%wpTAqdWvs_H}rwA=N0ky-GoaN$Ft zO9q#v+2C$I+s+b|RI5pesOR6Nb&h}>Uep`&< z+P2T_U%eXQ$@e|oiFZ|uh>kG4sc;A5#wK6 zG$ltMrH9%A)W{JwCU+S8yqcjjs^*}+O%K5i334lq7{3g)@-a^wv^ay{1v&Vz%$dtq zIY*>C`VJ;%tJ@SJD1b zv^fpn;@vi6H!$xOy1>W!28fOREpL#g#0bBYi*ALn+oC74YB#69YC|?yTHc60mJl^e zp=vtx3jHO;%hN}Uypao^O~B+o0?$B+o@Ai1Atj(*?W!!-P+vLD{d?M(2(g{w;g3-* zMoCKWY!q?`GaA)O8NCS)$Yp{+*K9kcfBBlgvszPJHtuA*$Vi&Q(r!&(`5p)h`5-I| zYw_d@c>woOV}!wOXdsJ-gjA*NjU;I~=_n#uKVdmCmi#PtoB$Z`F7t1Px5rHBa-$$} zph*f9rIlCEtD9he7MSp+9qY%k>wvd2(j3&Vh#7H|7+pnzBO^F5U(~kXCZ}bql||B$ zjtXuI$-=&c5JxQ>6>PiglklgZLcs?ZGfIgtIVl4aCB-oVW&S4xqtNvQt)j3>#%C=w zG^XQ~3H7p>!5Hi8^Jd2b+)w=cNXM#$14M9w3?KB>l9DKve*UCqWb8;|L~jGA-2=@V zFBS&(LZkfk;+H)9Y;!!49Pi7s7#)qUQh6Zpyj`c+1eEpBlJ!P(DCMUS+}Zm%{2-n? zGVR(u%0Oj(LoWKJO#x!b`EpSVZ=f7eZx3e~<($^PqTPO%c@y~>F@LG(*yGqzs9VA< z3&j!?YMtHFyJ=*PE{T3V8a-4o1HO~x(cw2qxI~(*e*b#`-4meqc87Hs^xpIlK=wP* z>7+w)hctIjw3-1_@@3@l;$P=99`fQr zwRqgbFSJpz#was6|3>T6rDs7Qr@j`G&Y(|0{ZUN1bbPi?lL!qht!eAw8h-Xzg;ioO zD=wXs9AGe1Qd0UFDs=i3P`s*up)r_zre-OoX95Op4vUz5;L;mu;D}znbg^0!H_}y> z{s0c2c2};65qautL*blAa3`xhVp)A0*SO@cA&mfVRGrT028X^nrwSYDAF^Gz6Y|D7~j$(W!3?_vEJaux+`7e~e#r8{b1+ZK$B zGnKbLJ~QO|LBFTHRLw-b~y`i_6kPPu|p+bk#$a@;y-;oy*o;*0mlVS6xxKEc0T z1_f{#r0hg?Eia+hU_0`972~fT08ab}ZIjnd{e8}7Wq`rEJSkme^Paj8xjcw3=sId{ z7C8)K@U_?p0-7#?S`rT8l#;@xisweKMpjZGFC%Zn*Ug9$%>rtAHT%{)Il0%t8!JPF zKWm*2?Aq=*0FC{GE~oP6&w2QKm6giM&f+`t ziaZ#J$4)DJdte#k(rQhtm#I#6k|mI^4^dU6#Xz$M`S&Ov)W zcmaP4w9<`I_ofM>)5QcD%wP~o05!Unp3kaZyJxCU=s&j)F z;MU!WUdbmM)$eQBmU(rP6lGAgCkT~(0VnKG9rRz5;MN4mR)8$_^g%q7h`Np1s{fzn z3J+WjR{ThlG6N$clgfdZz5Ry0DtCtMA;K+Yl%Gok>*R*XtjUyT?Mi@NVQPB!bIlqG z{-$d~E8{m<4ZYD&?6ULtgB_**EDWYmoSR;OQ`gcy2ZIw}<<7fWe_%0LE)C}SA8|@` z{aOg0JO%(*jvVz;ry>y%5xdP*dDzD6EP8m=$#a<({rgLuu*S`C4wHmp@DRdjaAu!5 zO*cN=!zZ)lkfTkOB*54lJuWT=u3iSX`k8a1T5cty^&bgSI^5P;P!>|N zo9NkvTX*PvBlSMRnE$C0p)9ZlE0L4S@$Oyx9OvfhYM3i%ZM{iZ4Hrk;M+-bWM$GBv zZ59zd{1}qVx^3yiATyhnyQFBkiA^S?h$BF*(w}wTupmx3^*~>YSsHz}`zmSw11b~G@ zaQ`fZlD*EgY z4Io2*4-M27ZpkvS{}np;CofMF(CE-PcxGjR2W2WDT4@ab>-+F0I^n#Kpzn!g>QmW+Gt+_oQ(cUlbk-y4U)ilk>mHXxTMXFwe=FADFbguY2 zRx9J6U{z_(#QT67!O8=zA;eq`xp#r%Z}hrlI#QYi_VHl_p4S?R8B+291HtY%Q!5Fu zTeSxt95%<2?>@0sM&7-=?QYHYer!${!YqR9kS?*lN21+5zm zpP__j#rgNT)?Q0H-3(5v`^_`84sOTr7DxK{)XrKOKHB7V>Oe1H*TyO{)s$sxJKU2N ze+_0#*^tXIUvif%i%-4LQ7`@9?aDDpuMbcXq77x>d+QX8S#DQ!vGykh)u-?Ff`o!~ z{%P_SPC|9NfH7Ij*bkA;JcoLbF;Fiuj(|eSU-B08M*kaG8}Wh9*OX6@%7cWjk@r-; z@2|H5e!CK7;mR)2Bh851rj%D4L3yc@`E*MDXtcYCsHj04D_hFT!k|kJD_NVtiYTg{ zr#U~+P_kocS!&N>vrGeZN;uSS>qRl?)9R;QsevS~QEuK3Mwb!sVX5iTF{_Q=e2uuf z?Dbn$H!w&_J+D33p0;uWoNn6D)?|)OgNG^D#&ovzU#f;}l)Y*}g%&FDh>6!_RJox< znx0^++C5;z{2|6n<*qf2oRRKqy~OIoQgO_0k8|V(uYCvH&xv#kXGo0)rF)>H#89z~ zmb+&c{t-nVD0qgRL#}4{Sb$^w;oBQmLkjlbp*DM)6wf_qK4%VzyU14VKxihnIRoT0 z!8#{;7YkT7>t2hnno?&+5Q8)8?+rJY%)7 z2U5y%b);6Wo8R}xE3tmkh#c_(NZSWUI|N7@RLxI9sIHiF{pbZQRX~Hy+WI3|g5Xe& zXmRy?+OM&q!V3@evP<;**=L}Yu4Fl|$jJRs&B8fV7@Edo#pleq>@h_+R>;Z7d{D_# zPXlyy4+I6Zt?FT4(q&`Q!DgEYSR3SZ-PUv-o(0Deh&XM*{?$5oM{j9^f`VWt*XN$q z#|f@O#fFlOHOL6nhI$NTn`(@+8x^YznnUe8aXll z0`D!1uU766Sx+fNE0+;z1Ki^?P$yZx`15T5ZH}Gs&5HHpqD2q9zIw%v`WB=KtUa7W~(J&Tzrqg{CgW> z81OE)^(v{gMR%w>_)6k}WxA&~dl5(G>)QMC0qcV`73yWCX;ro>rX#s8BaUphYn`k2 zJ01+zs4~;g(LH!1prxu~AK~Nc8xbD<_4~7+!yKI}1#nk@DI`n;h(lNzPAC6mPJC9@ z(zCOp|3}$ZMn&0n;mSBD9RdP^fFhmJ4FZZHT|$d< zBHaSgaP9|vzfb+nk8}RGSc_-j%>C@R_O-9QZv~acWO25{*Jb7}1?)$3Ps+Qmiagvy zVQ4l%fQK+;_w(Vg_Du~&t${n5brq{CU28JgT`H6_uG(8b_PxA&FghY;cg`j&53WH2l`AqqkUOYIsiGHUj;wGUm7bv)`9&sUtFt4bHlSU2{ z;~hh*p9H-^<0hyliZc#et!B452PDCQsh5wP81b zHmurK@@dl&dQUyk=gsKbXM77qAAK9uLEg3Q@XSLU4I2$VOK=c)YBK4wYtWS_T-u+< zg%>FddghZ}r#@FjTt4ExVqs_h)HTzV50XXl(&Zg+>Kx<{Iq-G1!}VZASUnw30l@fk zQr`iq2LRN@w@}sgd`(FMb5!D*v%9!EehZ?lCu~nH6K`~Hm1a-w za!dX+afV+eUc^|D5JL7sy74r3c3F4+${TGH`;?n+a&wgf7oxJ9?2xrh>140%MRT7YV zkl@vy2@_}-s`V#|z%>i=B+Tm7*8$@Gj&`jtGPUH{f#iH7qk>_BpH#&SBuAPVcBuuL z*dw}B;ghKBS?|}I@ymQbaBr(4L%8TcAFD} zay|R&7EKJ-wJ>rqH%6Ia@3QuS;o&r%JF&A6)MsW_i@0!e&S8EIeEcaK&@lMXdYH@; z{(l|R@D^e&D0-5i$5M5R9JDEldoMSWkzSe6Q_uwrINUn?Cu?Hece_Oe_%#yuh!xZE zUoF6y!shwO6k&wRcl~Icb5m+V^*XluBqf;zW0{=T||0k$*Iw_YTgaVtxSzyap z=kketqYg1gA+>7w%eNnAP%g=$h+$wNEUnNhEWziRLMySlG!ys>FV9$i38y4^`8Tho zjYDYr6*mj19>2Yv_gA_0|6*e0Qoyus3b@aak;XT2^z0QrrpAKTpwdXJJdXz)I!&$! z9=lkLeV~{5(HcM=<`OJ_c7S!PDhWUh8&YdwAeQWDnyK^s3#E*Km<$d9&ZBB}%zSc3 zwH$@T!%(wXGSbb4jDy?^I0PLJ9@hc4`ev7uab!@eeZ|=$TaPS!<5i}J5GC|xQmuam zeMbh!$;#ECBs);E6>ZzQSY}%~D(Xw>8!yHgK?zUoY8 z5jkb(!x2JV788}cKZS+XxsWxue5G{Tfk=k@224O;|6YfI@PT>`I}A-8Y#L-icW`Mm zd-lcO&cP$U%R#hfv8&3V*VsY5_>1m{mRnuK=ZY4U#XJk16EI2&z830)xiPFW`Qa9 zM8Z;A?K2%nzok!_3CKPEgFQ3iI}OfG*|7n1IA;YU<2XR!^Y5}5ELZ)b8^ zVryVURPz`jTmUn!!z=3mj4J}56%VzDn!o&n1GK1Dll|@(J%@@^)SsRPo<+vvu86v6 zy~tPVRBWeP{r>Ov$vM~>E=7VU zd6B%9eZ$*oUU~Nkm(0T`Cq|erUCCjuRej}ygzHVxe9j8A00zvs6?2VmypD;<4i3h9 zE+?C#+8kg%-2US1IJ?Q2$2QbdR8pZrf|2nKxW^TYQmU$`yxMO|2|ZJSST8yxx}y8) zebhs!J`J)=Y>xQ~f!$3grx_o)phw?vG`JYmc7wsC6%JhNB5UrD^;FjMNgi&+fnI}t zq2Aq@6ASLn7P%qI0nNmU4D^=FgIYGv4@cHxsb|r`e;JD3l?~nF>FLfag9O2@S-RJ8 zpioi)4K!$9{j~LBIVw8NM#~vUAT+rco2;V}!$2K{FokLV%uT6003K9v5>*954(I}+)6RB zG>NmsWkShr#90B`smrC=pVQvG(iR{Dr?LMC`@!}y^Sur;ux3hU*5GqUSY|gZ^_#q23KVqg#CGG==j@=w86AM@qUR#4& zfo=N$EIxrkRiW*6&zOkZeyyQXT8x@(u^j2-W;BlZeH@;sYLA@z^MUR)ip1EGPCvU{ zfNcQuB~bJz>^R@T1_wb$1hv!)K8sg6CIxrRwVE8^HSg(M0Dzm-_^8wV@FZexqo_77 z!jpuNBuBlgibzU|XLxs>WH|SYEDkoo(B8EP(y1C^f!`euityT?yWPrjjSQX#og{4V zIVj4`UgdxOG0sLIXXeW`Kxg7uB)ld;g;I3is>1@wyEqbm+Aat@t@l&7_+Z2Bf-!M! zfqGIhG8S;T9wsIxq}B$S;qjs{5-63!6S+z(*9~t!3(NRK^xZDhH3 zUWfWekr^H`Oz4B@LBMMKYNwxsc6RWVBrmV88#vvkP_fGGt5tanED$Nu7z}#vtYBiS znG9;W{FWW36@e|*<=&t0<$xMejWl9O5SIHrMWAlMpc1KB8zjM{Hrb`MO@wfcy9*{p z56(|zAkDyr#8ns9T>*Q9y{#t;C#OKO8MxFvDj_C&rGTB+m`>=%hgDBuVhs2S@ka3i zp_jtL+3&DB{@R{*0;FYRqGA&AV`C|{l+DcEG&MDmQd6&haVk-Q#QrAD_R!?-2>~wZ z!xf6u6LNlwBP|ypU;bS0FwdH(R<%Xqw zEH*h2a#Ed;tn$8L*Fc&8CqG|gMoV8!;8)W|?dqL0pr#>v+~Q!sseB9i(#Q@-A~Ut> zYB95}QF3}dChL`JD+41AWL9TEpo%xga>^*bGtqlXW5)7wYY(Roq|Td}Z*J{*5i;Y2 zaMvmh?K z-b9F&#JFH%EW;AquMV~ut@8-xQY8#dh@*kUUcSr2hYgtXe5p9) zhRH%O5bJTbO>}Vkg+tm+gzI;u+47Ph`t1Il(YA!H@Ix_;IkTEe2!;fzvUK|9PJG?g zU80L1eHxxwwe2<+OQ+i0R}-}tHtT`Xdchi>{Il8c8iWpWfJQ}y_f;wpZ!9A-Uya4Q z>J`Y&rY}Lju(rIL)GWG)_t9z~MFFq=G%!*BEy%LLrMs4sMm86wue7baINz0`<48x8 z1N*5w0W&E}M?9RsqnM>)@epTPmH%3||5dpy3f~5xQu4UytvJzb5isD#eTgy$~Ziy8=jR zbF}mdj5lt4IGS-Vp>W_l)w&a#8WAR-xNOtPU!OF7yKy-I00Dv&9%*y6$nd1>oPW3{ zB%S=9fYwp1O%Q>o(Z9zmw3qfs@Tk>1@gKu5W>654q37)$%kS6D$M|sw)nt-tAt2dz zf#AE-2pk*rX1XgeUh6L&YQv^uK#`jEW_j@R*0WiEsPxW2&8SfSCbWq_(uL>@q5f$nSv!^OeIl&zgl-!9zl*YFPQhHK1<=o8q9IlT zu!4)&G{u8`>=mK*wGCiUq_~hwltrU;p`!`t7{kA$)%bmt0y4kBp4DvvcV~Rb(3Zt@>hJqFNP$E_I(|C_5HN{88af?$1TV2|Bvr!^M?G*g_+fqL(oeqRtFaQYJtNG^-hHGsiBM?^@w@`1878@K; z4&3;q91^ZuzUZRWQ#FSa(P(`ROc`A2%nAGL{GgK*1(LG2>IoG`@@JwJer=JzQJFt2 zHnm8&h5Z`nY%j^)UTDBZ9ICD_vcd*&>kelHR)xKF1@RZNitG|J{G`bkI6>@qVvau1 z2RED@omq0ho<)klnwaf<@{P`4x|qN#M~`2{C*B6jF>;KArYw75b!(P zLf?N}gnoDJEs*v-_+8ouV3@l@QuXcI^J@CZ5<`?Rxy+Do_cJ4eX3_p9``rk17Z=}4 z38BZYf>C-9Wscfwfz^VGI6p0#>jQCjILLeYmwwN5AcDIA{i|uE(CU5&1Q(7hQe8-Y zw@&DEB}s)`z5}ojO3X@9bjXOe(X85Q4re9T-d~j{9PyMwxI1Kg@e$FsV8sn)8N+f0 z%X4SZx#uvb-~hYlV;b3(r!iQe|ACj=(Ab>$KNBXp$&?c>oCP;=(@fOu)9uvYtLSd~ zW~($FP*FujN9Avn5OpOBsic9v-ytmB-4}?tw>;bh4lFq-(_SC(#RLPf7Gk@XJfA~P z?Nx4pxggk?k%4{(>L3lvmHELTxwG$p%!ArF>ysk9`V9MvoQl_$gYPSlLiCU=)Jo2^ zH$K(gi29BL8V$Z;=C7_dVMXM22e%y~rt7&Xt#-c*%$>8R=)Db~<&iu0HZ}O0Id@Wl z%CSCpH}O9+PJ&HPiS-|MhJGprOzVuMA?vOsR3YqdeO?s(17Lt-KcO>zh6ZHk+#eF>v(R`eYN)>e z#9$dHmD)QswR4DBc~Ovc!waw>V2~7YLP@(FAs=M0MLM~&X5BI8;Ai-lrAJdw z>DIM8udRTk4pkWVzF3Y(Ad_)^2IyD&kWT=I*%$Jz@ACUD&GlCS|9+4T&4Z|zV)*G; z=3V(bMP8ugdn;V$8v=Ct%IQdX124R{2OtoCE|*J%K`b_^=8-84;UvRqz55V)ly1^ zNW(*q(rzHxKFAl%w``j;9Jr?4YE!1MVuJj4-9^<<(4c{rd0o-Mr~Z696=7KN<&E8q zShN@rtZr+5ZQRksi?YgLp(pVch@G+I>Ds+I&*MyX~Sv_bNjLz_P#h7_K<#8eyN&x;O8f)q~I#I~x8Tw6Znji2_ zPeAp3seGoFVrC8Ia-o3Bq{8Ujjs-ZAYBNLkCPqpOFjFfK>xZLkui`XHKxxD!iu1GB z;2b0;os@EI^<7ibIRm=L>#tH$iutJot>!1|=Uy#+_>kkQe{pL{bT^BYm#yQ-9kk`} zSG=Bs@+bdlO~iR~o)|pDy#^b}O5>zlw>%c81k+%f?panaf9iEmsL9ICDnJXh(=Aee zrn_!(z492y4GbYSAO{q0GsE9?i4F9+#LojI5)@a2-HcuE{t7+FbEHDvtOhUgfwnMs z8sF5J=^`|U<;FX!2{vWOru26SP-A_vKtk<-rFS8$`<#+Z^whU*^%E8?=g;9Ud;H|s zY@k;~QM|K8;}<2d@9F;BF&0=oNYObhAT<4wMsIE6rtm6dnp^pxua!PMt|{Xg9R!uxYwT2*q(z_82mKniE4}rZ{LW_3>J?wGu4l(X4XeUvM`pUWD2e)5%gG zKzUM1cJMt}Y9n0C0*i0P^MgzOb{j`^pe+*oBE+!)aq*Y;q=SL}@y~}Wv8jclik^cE zXQQ?d!hk$(>s~DEY2aVxwr5}JuXvGpAVi6jBKmwbMqXQi{dsV6lCLVErefx>Lz4@A zZQ2eA&H4Ta++9osn;aH18K^qf_`vdpvEudonCKgeE}m|WQ#;ii3N$v&)pBSO#qK7! z(e$AmcB2S$T?Y z^{cO%CYAA78wi?)k4EF)goyb3uzlWk__O(%Z{`Zf=e5?UT;tP=_C}YHRoxnu7pg;A z0B5GMjCtgfRP6{$@pR4%>IrN=vOQ3N@a(}pCY>YZW$%XDxpMc7&WBQc(gZgJVvo05 zm|@YSf*9&L$0Y%D8@Nzz`z@EFVnD&Pr~cnXq0!-D)vLbPDAcMFg9Z<~txu&Ukyimifkw&)!!bQYYyO_CGTbcL5XaGl!>XxlhZ#CTQ4w z_N{8o0K&&sGaBJ9z3qJUC+&h31`S}O`N>NO?Qq)*6qIe}L0V$H-bp|6<`UfcQPj^XC`^)5c1B#tvR56ei$0zxvlevWbH)@~y+;^%DGp>QY2GqP zyF^05Z+hTDMn<+cqb$(}_PT3oYv+K8;D<|*EY^d0Q9AXTd#?#4`Dh6V2*BQrL`LQK zH(;|$ynym!aGa@6r0!@%PwE|nQ(9<7G<%%HISqtpN)QSQs|2{t)w*WY@aHfNW10i% z2Kf>bW|G80HDENQt$O0T7HEm5SrV?_ft2#csXN}kyb20MDa#lWpfhNJbOu0Y_6G(K zx(ED@sq2D|QzQgusre~Hp8oLwLV0ptV8#$6p77*O@Ahgs?FjaH=jbo0dtw zb4ZNm`=_tJT-0?q1hF&=WD-mI(Ie$xJHhwYS&UcT&vG&RPvF4PFs3 z`v*`<W2#^uo8qlw{s{ZOvRED6ANg>JwIX@&Oqj0fVDDSi!drOK%@mV zh?9IOw(R*{%yAY_nU5b2KX2Q>K;%2?kDDjB182N<%VJT4e)p2&c`E>_@!vi2apDBQ zk_c-#_~uLV^%uc@l02r&#m&`a=XIwGdnz8DzAc@j2uVG)Uro5M?LkQm1S0mJt8Tq} z#OwK||GfbIC*-8H5J7*|HU8&TFT|bxTRWfqWS#p<9B!pk9fXBD7?zEfmw5?KR0VE$ z`i+W`Dko&-ef!hSk{dwM{pvpx%=Iq3ey(yEo_$NhnNbHW)~W`oG=Sx!#jd)-OhQ6g z1T_WDxAo+f&5rj9s_LR5@mZzSTKdTC)Rk-ys}aY=P!6ExVE8;FUUSIS>`g zWequ|L6&ol6ZUkt{pfLQA7E(6u2RkoZmJ8zkk`-37??R;?XU4Rev4mXBEFsu!^hb{ zN_LLbq5n>^#T4IrUuxN7y@N2a0@^GKieR7{sLA zYsQq6;PrVzukV=Q+@H=ieHS1WYGDo+G?-5WQs*X$h4bLA|KYRcI;jtG6#fAPn4{gC z@d^gr#(0w}kG&KRfju{YKejm*4cTY+l>)V}#KG`^MUjN$jKm|@y<0&zgqpVX%;mNk z%2#z;^FU`Ytm3{o$k2~55P&y{E?yi~^{FlE@3=3xv^UcEy&GJ)b!7V9nv5(a(r*GQ zxq1%^7hg*{a1J!yLZoG$063&55)-F4ivnQ(sBXBdRfeg5`yhKNHoN6)!sL>*?(;Tu zw)xyrJ=vJc_oF){hfD;oh&?_4l%|P$MyyK3echfw>q=y{4v_r6NKs#UUcmWR3-G5b zl?6BGcm3%tUT8t+iwLG2upN4_jZh*dGLp2^7Tk1U1}}1g&Qt5ZqEy9+Sc-C+i5fBX ztam)E*c|Z!gH<+nj4E)I2qS@1HWNr?Z4@XTE-O$o#j3lgso^*V8@Gpg zOHR%jyTOg}V5~LH6b{px?wXy7M^1yynF=T+-t#i&kXumbW%=_pVhL%2(3{)2>LMFWg?}RTws!&{3|heka|ChM7Y>_@Mg@xRJSeTY$AX0CE)h5qIen zhf%#*A?(P_1M_LM^B|huv?uj*Xwga%N-+O%+<<*vg9%Jw#4x^=F4saWE%UpdH^DoD<*4GMa_xkr1lcREtLz97_nIC)CTE+PfHfkTD5@C1(W!|>eY9cgTp7&`_f z{Y#=skFGLxiwo|CP1QFx`pz4QzPP_qb=Pg>!@C;Uy!+9z;l}G^aNN%*9GL9-ta~zs z)YD72C8DLGrH9GRj%F`;d$x`nl8G(JMYl#ymHl?Q99TIxx>D4HEJV{L5qMr?Xfk~5N2APu5uF^UZ>l?hXk^rLmLzC(aFbB>68r(*<)KGi>HxDL~ z1(Ev6KV2G=m$0@k2spUjFaQ15kS9N@L}kX`DdZ5heUARnD!VND4E=2PiJX-C)Zy`+ zWu#=O&+bdMZ!d#_{EMuJk?(Og4kzC0y=8*glazpkgCm0OIkoGaRtGC<;Y$g+{QRN@ zHqpw%0rgC-NBZS8HJ%#WR*`G5DH(_%T8)f339gb=|N4;nrYX|4vLyK2>XrbFCbk zIM~Xm(qJg`&}xVrzXh(kQR3j>0Ozi0ZJh^ta?pz5C0u36!pO+TWtzFlqNfuR2Vf(y zpI+Kcuq^JNaq2MnWM1+(VyCg|$BJ{0Rr}W#aK&JBX z!4O>hVR>W;Ayqt0RQ_<>R70a2c|H}N7n)+C(QH&@%)$>YM!#`H`y=-qmqOMXW~0YI zu3)js47l0=PN~?=-Y%iPDi^vvfSlk{iIn2ki5Bo}X{;i6{`T>ID3FsXaXfKbTSwJP|14zEpFv=I+eK!*;`ZZ!7EfOT=jH4zGhHh zRYKjM^G=qfee;%}i8OqilW1YNTnZ#?WyB6mx$SYc9qo^>4xc-3)ss~R4hac@2A{Rx z;5la4k_7jYjvEf{kLue#gs0ufS?mEd!r=vP&~t`(-x6oP}On zipK+|d$jU*@Aek^9@~V_N`h7IkF&2(QSCI-9^dslE_7f4R?z!e2-KZKz1eydOAGB0 z!#C!7;&U-munR_Ar~Tb%g*@z1tRk3f2H#~?e%bwZR&MF1A z@jjsr`^y8_ArEBe5=$n5Jg|pf;r-tpDC>{P%n#8;=w{{PKSRr+9?8kRoboftsHycT zFg*PNHs=4>zn<<8FFWl9JM!IilRgrLt&vg41A5)y#)lSW34uF1U4=`F^=~HK=%JT$ zZ3KEbU3OPJ&5v&_C$x3_2zlKiuegTK^#G)KL!^{Z@dz=q>C!@xWYLhpX;_VQhkXs7 z>f2^>-)LbAt$@LEauQQ+%JDCC&OD z2g`W{1!XWZ5mC{dyZ2sLbjF$-Ken?gJXv;cRCjhRt*NOgFpdL@Wydrx&wwiJ8E#o+ z<#HidgSs=Qd;fv1QYdh(2Bq1DE%&Y#=9HWm9DF49Tqvpqo95i_3v*$jw+$^rbAitX zRV{a}7TqE~Nx8U6?+=#L7}j>zRp%<0XXk5xk>%)~MB}IDWay?PkW)TYi21xFP}XL? zPWM)%QjQHi)OryF;wmRVvn#L7puv;hN)4nj77;TEp84Fy8>v*mlE?3?g8uHF(!t=I zMs}Y@8&oJs8cd{xJ`-)cLrFHOjX2XT`2SB83fQ$Ku= zZTav)=%%>ob$=;1uJ;d<(*#vK0fkoT^>V4WyN%uBYgb6$pFRdcPOQ&#(^1QvQKO8< zOGyUb_tUorFOsuzF!TkiQNl3Xv5$r?dbys+*L$m~vN9^P8oZR@2eGggz>SIs9=bnr zi@$#}RK?+SZcLIvroHZ_H2b${KWp^Ij?w{^9UpM{_F?)qp^-N6iQ<5XHttc!%gm*f z>l%y&Gh4pOYsQxS zpkybTj_M1-xysIk*clvM9u>UB!@KpJkAumwm)#IQ@{0)X0)vGdFc0I8F#E=C+i`b! zJ%S|F_it1^AMS5o+ik#yl=&dYUp+d#Ha z3qnHgQlMo%xT~*WOC$V&sl;j5)|U}sgKHa)fw6VyAi?ep1)_hj;Z9ouz8ZNA9=p_n zF%+BS)hrrW^%?iMd>&2f=5!i~)!n5JBw;1lWMVmov%M1!R!<&x^bd@@>Be0ibTyBu zu?fqm-LLZ$xl$k*8g!M@NG;l%{yS;XTa}xp2o_exII=VO7R56u8TE)OR0##*f%x}_ zHom2u9xu*< zRy>UnKd;$f?64)H#+<%py=L<;t?rvLQfYJP3Oa=q9HbOzNARe$l1Y)CvHXrQNJp$l z6RWcvJzeh|JH$}OPsMZ~a9MdhVSchT7Y{=ce$Z@|?xV`e$=dtL78Y@2{EY}q zkNg7}mB7yS-9CvFvh=8qDK8owar9qvm2@fr&gYN`Sn&V5W)mNSgtfG&Okq$fCwM!| zNPjV;Dfbe1{AfB;(Rv*>YQHuchfFR9Z(bgbbF}ufUc^1quxFeXp%ceK%q-P`<$;)9 z7-91?oiRZO8rze0C%jr*y24U~K!FT1r`K+Du;^V@S|5cGyBF{4J_FLsnnD< z5@wRO*#sf#e)bEiU zY6w@UjlC&PKx-Hb+lCxZHG;Y8)sJ`-8c5o@x_hfv4Tci^cFoehKFD|~A{lXw$QtQh z5xs2O!XRE^7H^?QNwV}P7DyTcm^Ze{$25mOiG0X-QtBnIR@boq@%6MqD|-c274WkB zS~)JCIwMQ2-RI~6ot$kAX>(hhhZi;zp_AB3ZJduzd;*yOP_X&-o?6^?N_uNvO#ufV zcO%h%VmPkrqH?~=sTBtYMRAlflUMiCC&X3ZD2K_h!u$LoK`(yfRxuk@>nut^B((`! zFBM~{!JPPmvL2?b=jW?Oj_Sz)3t;+(+epQNW;IC`?tMKZF0c%}X)EO>)7n)V`|wnOjmE zv`Yai3Y-$<)*;81SCQA{S?kG9PHEOJ9}|}-P7AKD4Q1woz;OXB1>&$ZNb&mhVx)n8 zh6rvrKw$y?Ek)trKf|{T&%6!9J%1j?vp`f-jYT1wIQy1z>G2FXf|)f)J8naJ;^WF! zxnf%_8!w}rPLd8XTDcqrvt;b>;hnUIn4KTd^h1Il#48@%`G(PZ6J|oU(LMC&YC+Yv zJS7VSnnM1L@A{e~EqI302P$zc;ti~2!xu?do#)gF2T=$b{nSq4XJ|ZM{t;ekIP6%= zclzmxot>Ta!-p#R-gW&0{Y}U~nlp>GzutSA>L(``2!@)Y0H?dR=W$z3POq`8eA&HP z-%<$DM-ZFX9dSCme=?G@-YCc+>lG)=r}kA zqG}jzR@Qx;o_hn)(^{whdlCu?)~%^z?IO6e`IEpNg=-{L+5@Rm4V7)4uU2|!V|!!{ zuIXVj-l5}03JTJyj^uVA@gEHI?UV5CIGQvlX53WB0k`KC48EjYugpq$O$LsUTym6) z#Kp8i($5ij2WVIF)So_J@a>g-aXE^kbMiXg*77R`0^{=b&Vd}dQ~7g6vKK%zPBSrGV)oHSKq*ugJ3hqMMxrsx~_WtPoF})0^?$om&irsUPDmw_G_~GKUL-+_}Rk- zce()Bx0s-?tXTIodG6hi<7gA%d;RWoTd}?BeZ9cJ%_)fng%_J|i9d-K-pNCWg7s1* zUteFIGhgh+RKFgDY#`pKL;ZLs5BXwu(b}u+OC+o6UkYC6s&Px)*y7DSh82Op?$M~A zXu*5!Va6ST(nhO0vS2R6&6@_S_W+pu)8u4PXefau0>Q?_)b@Nr?Gp4w{0(4CtgNK8 zS0Jf3~#$c?kURy63*ti5ARl92LO*=Q#rB z1$n15jpuaZIav^+Mr$pu{Oom&fC##NI4jri;=bgHy1s4Mj{nI&CNIM8NHttLL3SXfBiet!eRo<{%rKH8Jv_u-R7+!zmb@bRHl-Fi0puOlJ~Q=UD8 zx3spR=eL9}F*m!mQq5n~yzWSkQN)`_E<^12Rm9XcWhVn6pm&RhQ6&H$gA3U7(XyO zJ>9IlQO10fpGVDIkYn91-`B*#lb)V397~@YBCzRceC!?f`m5HFX#=Edrn$(Y zEcp%#h29|Hh`KSXC{TJ$!MrDD1PwmZK7{Ejym~n@PQ<$Po#~>>cWH;5&Y1O-?3-52 z&A#{#x!++PG=4eiq185i?y+AQCq=n6Ffx++0Vz z-ikCab3rxC5VzteohqncQM*&y`Y=VA;r2cn$f_Q&w*CdOr05nP-X$p!yZ$-~ztvEO zW$EuHP&&x?gUf|uF4{50KLXH4#{;*6u4%ODxZH8qm}V-r(^R*q+=Hhgj~iOA9}OJN zS=ow!T~i_{Ij#?3#lD_*nYuNX-$wDmJcXLYzV!_bnjgoi#8p%XEN5qAG~>iC5+>a| zHIqSg!5R;Zi*-l6&KoC9UYdEZ(^>DFlpL^0Tyi^AlDYM00Nw^JfM%7Dm^`>?!UGok z4~6YJGYJ&&D&_E4FvFjCCcOw7689OlMSPMa24^b9hVK3oMEGlpRoeu^Q;53HwI{V22SUFl~G76 z_`T_J{6Lp4@-iwGR0%i7ahxAOc6>~DxEt8EeX%3a~M5XVuwRYgJ9|}ZYNy@L{0^N?l{zu z(3y1nzjOtP3K*h?X;Kak95!xD4Rgu*A46<`rQk+A&Qp1NvyZbVwx6h~9HneDmDhTr z5+@hKDhw`k>W^~-LZg{+% zs+5@jR{k`?Yu;M_4%&Fsm=-R^P_omjWB1uz?PZqba_GJ=#-IeZMyuGy)G05wLhF%( z0DPRi#AJ$PRl<{#nV~x+Iy1_d5!0NL@fMv5@+39(B=A_#zY|5v)NFQOGcQ82!1}0; z3bM2Ij(+rrzU6qy+9yXZ45ngU+EtM>gW36C6p!QKgU{zN$iYd?5e)K`F<;}n1J&Vt zZf|h&(&4~lP?X3??zmN+_5E}oP(jSH35rg{wNrqlAb*+@5fmn+y|dgZfx*>!`Q#A% z{e%iuEcX-F1hh+TR$u(ddNQj9HQ1G+jWbtv&)7Jpvy#Rj&jetc8y(#CBtpJLy2U=8 zA6ad7>Zm!od))M1d;+X50XEnbBU54`w33U9C_KkgI%|=+{8p1!dNi}zK5jW?B)QtM z=p7Gs6!zj1?&?)opps$#m>xPxP(p@*4U8}}N^)nNrkx^9crXaN&tbuDO>ej4dpoPlXPdNe;i*%SlWy#0(q*hU*SXxmQa+PT ztZcmp-jF;NAe`3LW)aUHK{WdD*>S=dcEvFm#3g#uF%D}bPxcGB;{av$Rs8A1hhPAq zIWK_?OSfO%0vBWa0hU9d(o5(jiHD{?Rd9XHqfdXc7{K4lLpXHxMCdf;+NE1s?ud%A zWYABiq8c0DD&lw94dG3Bn!N~MXb}~nlA$LOK^6vfTQ@gEXki%nJq+(xyCj3a;{~;2 zFMO|#>ES1nn|-cnJR^&qw&wrHmeHykcd?KRp_Cf*`))Sj-cbkECb80pjLS9`r(&X0RF>FIl7M|opo z4~3E^W)fq#!<5-tF-}jf5d|+Rc*?(SK)W(hbhJ|wV10g^WVO8Tsd#FHVXNd|z`c7& zRyvwm`({9y`ZW2n+ehyU_DyE;K{!H|s~^nSL0U=rt#+3W`W}^#v{oa+0zsnRvhq2M zT4-n;!$89QBqBR5qxPKWXDCQpur_+Ime{etp^%IQHfN&V|O42=bz( zS!Dukl7xhhGFMr*4gzFEhG*D7IuWwagZt?%;49dqGaO0 z=NcI2y8DRzPh{vH0}gDn-&)m11+(hCP|mo**;wpv*6BYF_mnY50~Xl#w1Tbrvuo(~qAos5xmL`mh~F$Dx-9yn0*b9k4U zy-<5SBR-CwN$+TiTsp8|BPx*8m>W~(M0m3!jT5=Bp5>oQ*?qQ*7MY4k0Cc3|u&v@W z2JO5u%)(JWHKX)?qpxMmj^aXCadIxpOh0u>1U8XlEvf~evH8Q=!2wf;OjXtXlu1D& z)Bb=FQSOX0)t!ets(M)=vcY>wEM!h(CU*<@Ackz@|&KW#@{Bxe?29F2QH z0cQFDsC;;xMMA6P_Wn^3i@&`~lT!GY}@4Mm3j{e+`5%G)LZo3W~woOP=b7|-=I9wilCi&t>pxAwI=QrRO7 zs_(RO+p%xO$5|0!C8Gud0OZri0yNFg8^5hRp16dp5kO%aL2>J7h%fdkK3-H@d{U7d zq8n>&J0-!!ZqXzvrTW3~VfK1_SLK~R7yj6BPGtXab{Qa7$P}(*21YAa+Gw}lLJh#= zln^@Wh?Q~R9{fHJvXW$YE}xZYa+uWB-K4WN2k;_Z8gT~ZF^hkTXI%;BCqWj##`nBZa@D(X||MvbNF z1{30*OWiv0AB0yIciwm$!aJK!9PBwu8-zt)aj>$=6LO^}#ey52sG+f-XKDV0!*NZE z&)T1T5thDxf}L37s0p}lDL|e!e4mD8X5KguB$B)KpCkkTDZ_2dE0U~(??)&gl!a9& zWuTq_UUb6FA(^ue=NXOf`S9ffx4(im{0Tcas#ovhx<#R*N-9rR`}>J;I^%}HhZ9-N zB7T|gS?3+Vf!zT8?GnCE)7dDlsqwUYe2$?$Kb<;ldaS5T_1Deg>?%{^j9bPh`)oT} zaZ_|s?Oh$W?Lc22H81Y_)~VML&e}b^5VgYzcI0X>Zk@{+Nv<)CW`wrQL=26=QdWw3 zL+PWg@L$(ao)8}M%n1SGD{o%%ha5Z{c1p@$@@eGx#KFdU+nwv<;6j;+jCkbn87F;R z%70k_&d$SeK{GYC+((v!>Rdj;r@^+HG%V+q;No?ZhPr{~oWEo#1bM6Y0liVhn?hRid`|P|@ z=N6TMQ1sbKy`ZFgum4FMdsmW(o62G7*Nwp#wCN3R}tIAXS zdJQ?uhZihwz-@{47MJw~Klc}X`ydoWI>+Xvk%ylFusEpyl>pT-Ud^cijkEoRmx!(a zu0wjJyMTrWtPmn(zjU@2X#p zcb=fe9B4Z7KUbk7PvVH=(Linu;(IP;99yri^k3b2RK_gnl_OIk2{YkxT>7e+B<80% zpTF!{-f){^_3G>NNDA_daF!QWVv^I_XYN?{$A+6Y+3@L3dOH zoJ?|!b46<=VOZka;wKWAKc_M1u|UZcBjD72E`%7uf&iUBzc*flgy^jjK} zq5uX&()#kg4HDb&sgtoU_20-6^m;&z3lS5;w5(eTYRhAjpc|Wqa&}nNaGerNBVnBx z)O@oxhVA0MyD+45JO?9&g6#(mVSGX@e?r-d zY%RWjJpc+ZdSolGiV2M@XU&} zSo*m({h%CQE{y=x+5(bcped980E-0a=VkXYUQd)yjKvU?W@z-ctx#?q-BCbKQ(-|# z8lkKl_Nz9FnTm2Q`u*)genST{7s4j0dU1~SpGVez{}POZz<_K>SI=_~>S&6;`%q&N zh7Shw09j_hBX~Dq)rOEm!xM+l-4pVYAsB=pNak${lAxw&2yGM&fKMJ8(1FxA(lC$d zGj;AX*{YYy08{FYespyO)XiqM!DhXl4gc#5*Fk@ED|PIC%F6I;zT(hf$k%jl^U%8i zI2dqyI@B_?67E^lXTq%N7Rv4T{Dn>h5XG*H3Rw+0fO8#C2Nx8oN!tpQ-61r&{;S^z zR6fi`I?v_<+tK|OU|8dKp~lwFKl57#vF8MfSS&BX1c|55t199D_M4w6yF>={3>`}) z&juQAU$COy%0%6iX4zPFcWWPKwyP*E{Mmt$uBPc+O+?vH5iEL`m-D|@2O0LwP5PvS z;Bc_+>?VM=PQlSgh9n_G213$RHK+5eabZ@dcuy7ioe^j_Uo0v9;`K|L*ay@u6>i0; zP&yPbXo|9dZ*S>C3AJYaaRDX~?t7v4v=GjzXTlSxsXq0f9>K!dIbV87i4uX0hZn)Z zf*uwEeVK9zQjj}-;6Qeut{g_Xy48MEACr(|zkVb5e_(tdbf3h=SJj$Qm^a;00awPK z7rcOAcMrnt5S)#Q0dN*{KDWv?nhpsGblqMd zTRxR&@XX2zzJLBA23(90Bv%?eZo+6Uz_aZE-$V^CMSlLLt4GHYf|^zb%z+_l2M zcH#|0YE8okjwQcIG<{%#N}PAd72(dQFG2*!64Gf`C2dYNMF`6l5l@TE#Al`w#bE0L zq6*X45U^IvB#i2j#bu;Vb`2^Nhz+{K3`Yuvekf($Xwx&11A7g(7p1nap4Fcz2zIu& z!DYuk@)duE*#8EF6KMFfn7ZwGJ@AZx<4Xf{e@4!8uv=sgt?epl0z}8aO3 zTWzh&zIBA=$=5*h8*ciS3x=G!~?yoP!Cfd2J(V z)v?dkm>WxO7xRq_8Ks%WM8E5M)0Anh=l`8PBrf{~_$Fqq@$U zwiQ7MDG?Enl9g0IxR5{iTfC?z4?AlHdm%E008u?wz zJD8Tpe*tw;$DB+37wmwa&#_f7?4^k zr1jsiFMUqpvb@_~I=OAC337e&w`bngBoj^WOu*qyYe~sw$Vhm2`L({?;$Zj*Wj{ zvb#m1wi^ESQ}a<$#cvyRuE3Sh-WS5ORTGC+6C<=6%dv(B8y9BG`abK8TLs_|l%eV> zp$C`n0ie|Jjb22*84Fya0a|Buu_AQyO0$`SxE|_g6m}UzD9V;$mfcdCc}~$>w1ara zb9l)x(IRWU{_D9R!%ZsCVa^6zF8MH6)#eeZ>8Hgap(AD2+7{aAU<2td{|Og`E}+NZ z!WB@aELc(L%=B>vz5?kloJ`yM@M1reJ4j{~PNv^^XO3BRZ}I}Gg@P-T-57K?eD}y2 zT@6Za;@Sh{e(scV@9*suj|@ClbMZIP3_%?5$Ud_bJrTHQqfYwgu8aTnMzBau2BQsk z$n1h&D;6=cdtB}$9^;+!~g_T z*4hb&(h=hm9@06>?|EWx3bWkbVU0_z!XoV;X}n0tJXsb%go6yeqCPw`PqeCa7bo@CdXQ|q%5Y)^$UQ$3rUti0E2aWx-|Sg z1y}^EZ3EeWY^&FA)l(NG#V*YdIlAbG0^$dJb;N~m1+314b_-&{Ov3`TV%m1?q$ zsE#VArB_O!Y|Yvd9wFkvTzaAt|i1WV~pJOs8|gZ zKYlQHEQr&w@&?Fhtp6fbP!Hg251oQaw6Oopx*#5Lx~Vh&{02Y?YvOfC-J04a>isRN7l81d=_zlAbNa z?Bgjm0p5jKiEaoxqD9rgFjJ!yGLJW1o%^jjNru$`HJ))z z$+-CT58Fb#Xwm-ah-4S2wnZfya5&X95gMPrSBDQp!EnaH{>);qw46-O;K0pIeNMbP zb)G2wh<+FMMjA6OlPQkP&jDyB7Ye_9Mh)h=lF0Or!ga~7b*%(61nE|my%m7x-6fuh z#Ujl+kIT>pe~g`aG4ae!u@6Cf1|l(GBXL^p73YV32cq&1e3;Zwr74IwgVvjVJ zQwJOjLL`+R>eUcGZSnKcKtJB|Rj{{r{DK_@7;rAMaa4f}ViRnbf{cb_uHRoQ0pT#q z=86P)kr#_4ay?}T|J(n(gwP=R2wrrAV%4k;YGe6%_zcg#FwhY0j`_RV=OP6!DC^P+ z;Q#wPrHSmbL2bD*6;)^VL>uk3y=00O>i)?W1qN)%D({ghxoRPjTCy!`HoIE}s(h#D zb-Jgc$GY31b%tko{98wV6?cW@`hMcnylA-YiR`nveawu)11_&E8|Db>qhi$vtWoep zWx9k62tdIUM?s7I2w+!VuYN>;zZP-5@a(18gwx_BvOYs#&>nl&fW~EB$+Wi2E-@k@Qlqy6e-09 z&c)NUvELR}x#81_{-dQHriN;+Smltw`I<9m+Jw8tgILQ_vtEAIFYA-zE!%JX+P`0GKd6_ z;&IW@0~p?t&c@$EH|AY$#N+Z|wCo)`&+ezDJO7H^1PP)bZ5w#|cD~OyYv6&7R-rs8 z{Oswi-x4o79pfJ;IRjAoCb#lF%Z8LO@uq({p|!N`Vq)QN{%SJU@rU`L3Vn}YecRh0 zS-B{SWVx-1R&(grh4TpOTVMD{0&PDe|A&nc58EX7ENuU3CVxrnAiZ+d2m`KQIcjlmJC~roR?)pdj%G=?JHE=Jo``M2_)sNXYz7mFOWa6Y+D5#rmXY>%FDpS_sruN? z69>HP+va~qbFg6WbNN%;#x~jlJ!2r>pOc>xFTU1h_PlQOBwx-5E27}e8=6s;{KCUn z;c@#0Cfnm8n+jLG+!3i%Ve|%Vs3RIYUJ4CP7PK-$=+VovBzpF=Ay};3{bQP#Kr6)h zl~|E`IB6h8Zr#$gJi&-ohqTak5bOjYS|_Y2aMM#X_-@@fw5pE3MOKryQ80jFvY5yb zEli^bToPqg+%v*8IcSNh!|W1LPb~`h@a@RR|MegnNTbPsrHgf(A+di_!jfXGWVW>Q9A^`Z>urVARI z2O--T87W$Fa0*C!oztS?@V*1U^P-q=s6*3Yp6G>t5ZfZ?NmC9h4MK&&nYWjM;pKL-&`%(?TNWc zYE~)eCsOnsFZp)a9>L45!B(Dn9)-&Az%mn%Z+KA2Ykl65HEN$=Eg5OBxfd;#btv~AD0`|H2CQhm&gwR)s#(W*{T%I58H;CL>d@`q>98VOBCWM^?g#ER9Mzai^+T-)@e>y(?}?;Ry32s*H{&J z^1+qrZq%Dk&lxXe8tVvoSOpch^8PTBM*4m)e5S*2Z`B`->_)bFw&Jf2#N zb6!{XP!6M-2@}iBd~b$R*3SyRHVcoFu(;6RwmvF0kdVfi1_YXaB7keg^Fv zVq13qhizQ~SDYESBo~`k(7JyrZyaXhiFj}e^WwwFzjcqdL4*7<_`MLFF69$$8c9Qr ziBu!73-NYyAlV|lu)@?zGj8VJ5w{nVg|9HhDvD|!~7LR4pVxI?iVI3mx{Qj{Kdeq#1cDV5x;Z7>g(fK94d8C zm&u9cP?ItW#LqiFe;(C|8F^-nM-o3PD{BN>j=dJ=yJK-Ioh9Mi%1ZZ+&R64zFuvziq>`?<}af1KW0zg2aT1pIFDz!Ob zwBU1UBC9mszI!X4uRGNF>gBU(7}C6pi!fr+puFeyNJY1|Z^$apmNMWXcwgQz8dm_b*5DIINtv(F!)t!W_N{y34 zu?*z^fLygClC=M^E>R2pERVezyhU3|?*s}l!+%|I*+=Y5>Hn~^%SgzV{E|(s({4!V zLK!BT9!NeI5PhD04UvXIaa^xg@GcF5Ma!bkYJALMiwzOw!3cBm?qj)~yFW2~BZu)>eHbr{gev`Y`|pC;aW3IlrEC1l?QT z1;$?DF)2*w{sSeTVt}7*Y(c>|MA=V2#otdfK-ZmVZAd;!q}nR335xT9=?}SgFsnWu zCqP&Cv8%BApgFVob6k}5<@8*u0qA8FsekE^R<`+Ohbt9;->fo^b+#FOo3b(i-{G3A zxf{n?^{Z6VmA-=Dj`~T=QRzA$Y-8|Z-|pQWS&t$DvD~Fs{%}R4O}rOMrK(l7kf19h z#0*xjv?xwfI-mxrdt)zx7sA3q%!?OU*!0-x9@7eOwZtdF#JU{jwXCWSgFKtQrO}8S z?A|>>x~Z3+UU^;5!w(}hd>?Pph!ytID<$n7`gIl1D8A5gA^UBSGG-zGOqxH9OdWBo zr-CX6{r@G!cwvXi&9y|DTT>DJS3bp$3dl{d`$_QQ9JxN8tdNfqFf#jo6-ei**l-UV zR7I-Fk=wF^89vc@L(1WY6mPwtk8@F>&WAn9nvTA7GyD(t_?O#=Lj*2k#g4s z0~z}vSc?+{X3b-*hc0XF5v@$5G^$4dlVxpOQsJjA255mk@NjSYwvGy|hZtOMVAdm~rrK z^@WCXAz1Kk%~t}S{r(*M}od?ha$vqP%=$)Q>A@ zAnlNz^u?+v>z~;y&9V}9x(~&o+KrpP29pXsFr8F%ClBy8_|5l`mOy1Bp*HVM@!ef4 zQJCxUsw04y&%f39jz>cxh`ToAdYSGE@1+$k)H;W1QArVxbW_y~Pu|ff#Z>2&*KJZA zPYA@x+x|qr+}2{?S@cSz|4RAwpl#>irQZ$^g<|Dp-Mut}f4Uy@aTvP#$CB(*{PTQU z1#MR~4S-y#k4XOEff^JRN``2db8^r}QOId>Gm$-(;u~WZR8>?}qX$7X_u&Uc4D<^N_*F}qf4i^Rmd0&P{~on zXZTwI)Z8Y&dQ;!=bKBeJMnwgzN`?>XopO*#g~3L&a}$n&n!H+jL=w(rR{12S~Q8agZZBEo!*(^8t3*-ghe^; z!L1AO!tB~GqOt!^)?@nvvYsD|(uV#4WL#*`Fkq>FHU+#&F<`R1$U!kG_hI95O-Crkz~vAPbx*=O4qL@_&aE_a3|JhFKZV?}u>^(K=P9 zTeru+IE|p1`F465{l6nO^(MlDd*G(mr9e3|)#IB8>doKkzp_L`QnF?7O5#AwpvJEA znt@U32VWq=wI|@U07HWWUXgFAM{oqkm)4pYmHO7<=*L#h01NZ1^gs{k6vf#^{MYj< zD+6`$$DUSn%lNT2$!CDGJCBOb8_RvWjYodJ;)vj-O~L;CmhU60pD7Woukkc-bz#bA zw28WdAEoA7$Fb}q)a|1??85PK=REgMsbZ@IJVI%HL++kVb#>t z?NFG#oi=Iu(Ou8#O-i_?2(atWXNnCz7qvG!keOS(H4_3sUmiSy;tvFWv=6*gXk`+X zHmA)JvpMKOdZGlzr(psMKsNUC{*Zqn@PSshfyGfrTW)xcYM^6-j( z?R>P&AZDPM&lwJ?C~|Uq9h`^Pm73)4 z;%)ed!W>UEvx+}OwQY?>o$kl((QeoH*skW z3F!GSuT~%RN{s;Klx5ss0sb%9mX>S&CTh$!jn*T={V-8Xgz z|5kGWHLC0X+J62LfLv&x2&;eaE8vtp0>XQ6rJ8+N*pV^ReT zWX$_JJSA$CPYt&HS}w|6m-Z{9bHl)kugEUtrYa!g%$pY>Zz8LC-y21Ou0A5Ll~jXR zZ=Rvy4)y&u{BSg2m>50@rnNSW=Bn*3&aZ(D44BC}r<;nigD;ER_6 z#=xCWm@sc(+7EKpQvS{k>0)mjzZ*^W63}l+1k@!ezT0x}jFg7zzl@VrK|M_lAG4^) zeh#ML3YcJ-;yIlAumh4HA4;IJM8L9~;+FsXQ3AkApPBx-Zy3OQpI+0Re_nD2j1zjJ ztCtoT%$YVq+6;(j^{UYIj|6kv+2}C*`qRzBt^cA-3)CFP#^+HUD41)}KA7JHjdV0FNq-21yrkI#FBv&FLeT>$x(0|VW$~n7y zMvgoUIMWIu5L;gLK^znRW)w1ucJVud!yRfngs$OtHAL1;fc|gfYo<>2A~g2&Ht3}3 z_)v(0krrdn{mqb&{aNM5lQ(^uK8+edZN47yCU)}edOCtO^R>VsM;?;?zK|5<1v(0> z$k%5ZK&x-nU~lm6s{1qHW1#NWIh0izVb?%Mg}+(axz5?sdNq;#TSXt?*gNORS)@+` zGh#P(9e1^)*WGXH$)$p99r>ECQ zWG^TvSl@FixzKtwfI@<4t7QcQ{N;+x^W*n?TFVYECst`-UUZwVIeB9eEd$f&uU;W# z^ru(iCh*XrFVIcN)Hj!61hR)@K38FdJq!rJeZ(dG%4-Ad0yE3}`y5CKGsTt8xTo2& zZFTPi5RVGqjN{QKUwF##Thot_&iMbb#{#+$Fn^?vL;Kt(39+H6%$|Q;`3t4bhaq|i zB-YnJK?quGXH2_m+-N{^&3~RBf1TW{(jjl@;PQ3zJ}u_vukMwwi#E>sN4r69#PfcN(#qG^ZaR|vCb2fcXKP8S8HIg$BA6d}w%h<>_PUAe`uDo){G=yZY}tv<39HVAiAV@_u_aUp~?iO2-Q z>>w-B(DGIOaQ~mV5cL3&WGJY{)mSk@R4Tpk)B9Z6!A4q5gfe=Kv(eN9{nJ!m6<)Qt?4lvDwI}galh+ z@;(}(UruAu?AO9cHNK<$cH+Siid{=fOC>>CT>Ko0-NWn|HT=>iDbB)`NFCKQ80k$( zP1VK;e;FL?z$xE^iS%AV;O$|RLDGe{(i?c!BCfBI{-qWl-=WyK+1g)~F~ufUrwp;^ zd**b)RRkqGMSGXWy&wXGdb^0TW;8J!5eYfPN0-Q}z)YO?Yl$43nMvQe6q|MB-U=0-5 zj7HcwII+`P~V%Z7At!XG|(AkPL%m3vl_X1Dy`H{Z(ts~@#G`G^rMo)BQ?RGcr! z7lPzTWiRbuTI;-W9q^V!@|HZ7X0}P6)dYm)7MP8^w-*ouH*u8~>#I88RGi11RVxug z8BWh(-m&V}Y^1aOQF{4kK>!Tq$w#us3ZY_rgn~?myKTLV9P$%HlKt%4z|&f5qj%ioiMLi3^7=ia|R?GZIOb|!-Ya=kBHfu+{yI|AqBtl z&?Pqf?C1-s2p5U8H1&v2Ne|5Tb+E4mMmSuv(NdqLK(%tayQYiy&o)fnoB2CmG2HW$ zSf%M$r5sr!zpn*e45^#MAd4Q^Tpet9s-UbHE*IH0x%U<7Izc#I6L^6n=*@3d0W<B46~C1gT6|QMRfJTb20R>M}Cz zvZdZQAKald8D#2h7lkmy+HPjE5gm(rDncloHv%Pnl7g~AWFDx;OT#7pFBuA`onZ4q zQq{#313=P0*B2iB>)Hh7sH~TK)CktkS?xJkD_Zmc zy}M%f(nDl2L`U|&EkQb=tw~G5?x$o9Wx2k`XINkRqt5DeXFRVYJ_%4%dqg+EE{x2| z@l-bb)W-Qd1Fp!@E75t&T~ICRaKDxN_~rnxG-z+OuLBi#yc;DBXmD=AD~VDC!G!X&}1MR9lv-CBTn z+cE6FEmb&!CJSwWsUo&1R~3k;f|Yic|2^3B{4%m=VmC7?`b`A)XWAj$vpZN9-O73e z@7{*VnS+4j>*#*e`AOLd@k@UX-S*L3+iTW>fblBmIpS`eI1n(*hjkLwdgwtgz`i-eIb^P&v5;E7z7|+@M#H$w$e*B z($bswzf@d4ExcZ>uTSyjfBk`e2YiN_n!}d|qwHr>%;Nq2|N6^cdI>g8RB37WVpq$! z)nm_J5SMEB%uMoW_OxNfq%8Rpvu`Rbf` z zAYnfZB-Gc?r4yvxwcg{!S0&^~urRaG+~G)jngz=74<9~c$IF|~a78=k7?%7J+<41} z*T-Uhz0S7g-n>vA211dlTT|?qXySyEHE$D*3y>cYw*LP;lPMEPU_q4He)=jm;Z>mB z|Mqg=U}kw(W4V^g2J~Z;cRy87sPwBKQ-N>3LnZl@T>%zzU%UfkERAjf^Y0&;^I1=R>40FD_ON3JMAc2~ky7kJg#`HQV9EgT8;x zV0dK2z93he98ZObj$4+4E~vZl-X0B3_-&U9vYLIB@c4>_y<2mwq~oF~lAx|%JKokG zc0BanqMtddx{<(4j#hseUQ5@Mg9LtN0J#AhT*z|6tTP*~vKt4o+~^Hzy0f8@?p2iy zrlD+6*4idk+YZHv_iEiXLXbJHJxLfniFx%9yo8Mb8Oiwcr|jP!{_kffQwMCK%8LKV zR{`RTSVrgQ@85we^#k5wre1c#iypzYS9h)HVIzaqy#>6@oj&wdYdpkLLK)fEOcxm#{py**E3wn7>vVb=b!>UCdzGA6o|u7p~O@K7&| z%-S`fLnn>#u_6aPS}Ae5iE($KyB<4Hb6~zltypB6#n4x1UT~=;Kkj)S7T*uff&(vcsKCD(}Y=4xlNPsllLmB9vgk%Loa_LA6d8OC2EZRYdt3vejM~6 z1J5Dn8q!2^8KaGSVJfZxCDl+Hmild|YZAV3bX#D+Ubrooq{=yxj+BP+hD+a{Sh`*l zK-@qZnPkgimKgi}ckQMP*3f~CZh0LlomjHp|C*X018vn(DDxaKNzOLVE`5d6Zu>yH zq&d$u2)fn#dBKssBOxvnySCaq`QTp6#Gy(Uya2Kh8z(1YT^ zMi6ROD2M81$3PO?(ole%Xf*f{e0J+^#>acenZh_&WaL0|>t{PuiRegktD8GCa4)yV zB~Jr2^>fA4C2d`Fg4HQakqKGRcU>+47@?dor>~}NDjipa^6k`r&~(|{#rnl^37Kq} zYfHrp_93Dxm}*e#-12RaCgV^5RgF(enSl+$CtM?hXCYKM|NF&OC=Gxv4UBs^#sbe` zsYA2y&jZy+BBh5Kp*7NK=u6D&Z$In;gS?W^s8)D$h1~HSh08eQIBYQ^Y%a&vTfjop zoj!mhRfQ><7v!`nEJ7@gtSn$9{&0b98rcGQcuY*zy;oOEd;V|~PFU{}$2XhKRNh}b z*&Q2k!5`II9e3w{_Tw{dNEENlhqt#hT$Vd4Dl3akHVi2k1wJtM_qVpc|A4VU!a#4d zJ{wHMo7*|t`_)FDOYaaph${Zp#)(L!``S1E%&e?lq7V^FU)77F!4v|yT9pp--4axf z+}sXd?=Md58HpT}YkN!+A5ENWcoyl_yVW+8b>DH_UQyl)eRfN`3b}t$5=5Sjskj&VHcD?t({z6sg!oGU0pB z$AoQ=6Rf;yHfU}z zXo1Xg^epN}2nMkdGep>oQ2MoR9aF=$n^pb0=cG0`U&%*(7QhnxYLif#=5Sp;HK$s! z_QV*7?d_FwRRQc4Q@b+M=$O@igmN)$RGDMb@AlTNXzpm-a>J9 zNNf~0+@p9Q31@m9(hb`0}>EO4o34i_2R5 z1y1A1I=6UaA@Pa(vV9Qw!TU^=oQ1bXoAVr;D+jAvp7T%Z<;41EN2KGXI-i$2atfz}UyP=;sB7$fB>714t?5fLdOTFxnX zQi8LGapzm5<2WDD(9mFP8@SX?bqGX6M`t!ux=VwX7i@E!z0G=ZAQH`P5U^6Ys*Ou3 z$h)&!h+;Qt<~qpLELS)=?qnV=GzuAapIvrKgvDHj2ip`(S`|gYCrgUHett8-%GXfr zEvFZbdryE-+x$e{^w;^ z@r!ezqIxLynRwJg#!3rfrb34e?W46tvaD6V;;e;*@f<<+NnLa|#@9O)Nw%8j>@E5~ zznivRIdf%g(}l*%#2C3vxF&^CW~|&&lwH%0N#|b}jAJ9MjeQW{pr$*Xc`G`Mh^{wB znbtnQY;wI|=>;_Xwki2@L+CHjO<5Q*FOfu!-DKLRwMviN?*pvsGI zvOdNuN|Nl(KmH#1PJE1Y-&VVqkL()NDT6!)z9WK%!nx!Wh@K(R?XC~S_MK4QhO|kx3FErehUb!zC73rh^$t4nKb~DbDPy#X>?gg|jFD!NDaB zW>;=LHV(4kuKIL%LLuN_+#b!<+9sG&R`$3*OOvwFWWt^B zigfV{%*oSkBUI0Iu!pT?+M-$4M-)EACpFOmZ{duA!^SMDe7tbA{eea4w1-0t+;ploA9|LOmX@Vf$Y9pC zVR5jtI@s}E;MPRpN>he(RL|R_z0p8rru1YNfMrkRP@qaF;-Q%S${&*PE@z zLBaRz?#4{JYU6!e;xWO4gHPxbH*VZuwBIo7&(ToL(I{51wqDzt9rNX?v7Kd!D);p4 zV-Pyt)yKxiQS8rD-oW@08GR}2O}K-gOm}xXF)68Y2OqqfMZZ#tBym>WEsc^)s|jJ1 z-QXyJ!WABi;bi#Hvn)oqGd0WC`Sc_03+?9FDfrzU;F5DHJ$T??9m1EY*Epd=E%oqW z_d>s!Qn{o-vFT6`KfT5`v|RMo$VcnPg;n>G*l-uFY3)vGkJ37S(GH4_p}sji!GC7VU%vSzKAdNPd7bw`z*5u@2*DR3ZEQ3Zm#QMfTc6p zNOwt~nDbv_s5bx>3^?!dLw0t#ZH@L`KzW)=nxHA&2Y_$N0qkgk-d=h$x+49$2%l9 zX>Z?t*eQ6BEln-$i%nc))JeIuGA0!wy#9jt@)K|2aks@=GLdUx-rn9y1yAlVU;TrH zr2|{(whl)O)|K+<0gbJu#k_eP)|zApaEvt;8r7RUuUgyM`VLk@dK~qe)oHFxw?-6- z-CL=e!qc+(B){lH#L!!;p_&!UXFH=l%Z;J~j!frdf7aR6`iA^WLGy_o#*EuR`=APD zD^;mUZ|Z#ctWFn)oJfl0ScMvujQid7TBL_ z#3v>UrHE9NPiPx0uU#0LjZ?IaV#mh8AB1aT{l#XgLPvdJ7~A{pr4tLwr4!w%`b`Ws zZwf4RY#PK$6SVqMc|66)kL9*IjMHU!KEeTTQ@8=?^oCvw+)d_mp$4i+;5%= znT?xh`&Qg25vwSdp^(D4ztO3jCTlU~)cb&0bh&e`@)}YF#Vq@)BCbDz)Aw#g-Xx@8SXZ13Mi^rx=*1;=?r|Hj-}zX05c7iBzrv*HZ?_~o%c+W#b)zrLc* z$5{7ky|{2K=SmRBc9%%;msV0)$I?HUm1@Xn_s~e@#2g=gaMg8`bv*uKa^Bt4>OyO* zWM|*IUKQic`YDp9xQrV22e(a9@=b}|n>@e&iN#F)6sian(bj%d{6cTpl|}5=}K5)BO^-aDUl)n)ZDCbmag`YU77W8Bi?1P zou}`*(I`Lyx-&n%*SK@J?G~$82M(QVbV@8Xh6wlMl#YJTYs~#9W-QGn@$_jjahx7E z(Xfr+Eg4l!8{gcM4SSWzrmVbURSu)}9s#RbxI;gOCIqD8-WQ#d%z#AVt(h3B%e+l9 z?HW(FZ-1kwL;qw>Lgu)=G~}|Lk+#)I5~tc6Op$XWlOUa=uIKWdDrB*V-0EY40fGw` z3%x<=6H?ZJEw$HKtD_RdZjgP3aHIJuNzr>&dBfwwJ=39&DU|yo&$03G2L~tIk{%@q z=V#}Y&n#@@-XR)(c7*HM{e`tQ*~ejdbKWT4q%AU!({jnNT#sqSl?k+Jju&m)C>+OA z>YuarYB`RZxK}fv*jH-~;)tuBjpUSOy6!AZQWgrYcuwA-5PJ3}HXeJt)o58a_K3-F zat5X6VF8+}wLwtK>nlWp8*t!b?)jrtjc+0|ZcVO39}Qe4>uXIuPu5o~<_hHGMHO#1 z;GFbLi~G$53s`mv<*CIGi-{8tl@%b!%xt`kH;n$o9HTz+HCf?6srk@#q9?Xv_O#Ci zL$MxIn11aKco|$W@O+Q*;Ab}NUXp3ZJ`3KuWv3)G4}LNjP%cp2kh)^qsOOmu^zW>0P6-N?Sh0hi@AQPxrriG&FZ0<}Numb0ktMU%IrpsVFzI!eKS; zCba)mf4|nBO6BDE-DRhxp~-hl%9%gndY7(3Z^qX)GH2q(5#$RJp`Rh1mwElLj;>nI zi{g^;%Hs>~dKGv2q8Uhk_Q%32pN*^J+Fbu~>M{M9{n@WciPqOYCxy&Uztb+-XMy@@ z_fx4w7Ja;1L&}Y3fYTJeM6%X?#=VBzWixp0|Col}^Q87fVD)Rf$9@#C@WxSD!9YO_ zw?&T(t<`{{oNxxEP({40ri#kjm6}=YD0>5Mc`-4uZ1;dm3>(`ctB)6_S$RfZ3mkvH zA+-sVg@&Gpvv`Q`!J+NZs%QM%Y)e=NdFuC8GAaSf*m0*R8TajZdXq2=7lm4TY0 z11`v1+18PTBg}a8mwI_W>6d*O(6&S`U5P-%Y}|t#uH7Ow{yr!DTDry@wWZN>CF@(91#Lgg%+A53jz&rxcH2%&;PhJ2s->v`S(FZGZr?n=Y zmDu0+cb-LGV%7D~&)jRzFeLxVs9q4%xTM2LeBGK7Mf!!?q&wPTAnj;aB11-rBAXyT z2&qA&uFE&+-mn_Lrhk$HVmpcnpqspiy;Usx1BX@A1;<03jYxC@}(&W6>_sE zen8mhoB`$D!AXWrtw(utj#}Y;$5H2Z#Fo!mZq#}ng}BFb1+NIX%zg7eetXcpGFEBd zUfgKkyj;4NnRTp0-4BLexl*NQ;O&XOmZ4IdS>f1;cfb65t4Ia_k@B+~p4W^|j*s?x zl^gB0^7Sf~OEhvqST8f!a-&cGY^GF>7k1A+$`OrXQr_zHta)u#>DWo>zE;m56V3VX z#Ccj7cnK{_>XyjcI`h>#6RL{?Ire+g;(f(Z?>5e-MV{>>VF-(U^PxLQq;s$b&=kW* z8-1aZL)%#`ZTN6O0qInU{!}guj#NYp`eItx*yW@``#A2KKbu`Pf(D6+h{9Z@ADuI( zA=^l4Xz(~uTX@A<+t*BWB8M-u$%7Gr-Ach@Z=2c1cXAb7QC^%xeF_7kHPTZh@=Ril z`@x(QzHp?~XC2QY<&cvptm?ycDM{nOj{P?En6b*mZ~mU8{I0J_&02a=)N9bhc8CnZ^5rRh}Bmk41Lwl9gTV%c_^0UVA{N|%JqEm)B3IkCb znHq&}au+3Dzm}u-33L5}&31_HR$KWB8*4{2iSZD@ni3NJE|kw!ohgA zcT^LrwUB(82FgIN%E